From 7c450da7b446c557e05f34a100b597800967d987 Mon Sep 17 00:00:00 2001 From: Stanislav Sedov Date: Wed, 5 Oct 2011 07:23:29 +0000 Subject: [PATCH] - Import Heimdal 1.5 distribution. --- ChangeLog | 1783 +- ChangeLog.2002 | 2 +- ChangeLog.2003 | 286 +- ChangeLog.2004 | 246 +- ChangeLog.2005 | 330 +- ChangeLog.2006 | 366 +- LICENSE | 5 +- Makefile.am | 14 +- Makefile.am.common | 2 +- Makefile.in | 340 +- NEWS | 159 + NTMakefile | 42 + README | 11 +- TODO | 30 + acinclude.m4 | 2 +- aclocal.m4 | 6923 +- admin/ChangeLog | 12 +- admin/Makefile.am | 7 +- admin/Makefile.in | 393 +- admin/NTMakefile | 74 + admin/add.c | 60 +- admin/change.c | 72 +- admin/copy.c | 106 +- admin/destroy.c | 52 + admin/get.c | 107 +- admin/ktutil-commands.in | 39 +- admin/ktutil-version.rc | 36 + admin/ktutil.8 | 178 +- admin/ktutil.c | 93 +- admin/ktutil.cat8 | 71 + admin/ktutil_locl.h | 59 +- admin/list.c | 80 +- admin/purge.c | 58 +- admin/remove.c | 54 +- admin/rename.c | 70 +- appl/Makefile.am | 4 +- appl/Makefile.in | 251 +- appl/NTMakefile | 35 + appl/afsutil/ChangeLog | 20 +- appl/afsutil/Makefile.am | 4 +- appl/afsutil/Makefile.in | 377 +- appl/afsutil/NTMakefile | 35 + appl/afsutil/afslog.1 | 113 +- appl/afsutil/afslog.c | 86 +- appl/afsutil/afslog.cat1 | 69 + appl/afsutil/pagsh.1 | 82 +- appl/afsutil/pagsh.c | 56 +- appl/afsutil/pagsh.cat1 | 47 + appl/dceutils/ChangeLog | 39 + appl/dceutils/Makefile.am | 37 + {lib/auth/pam => appl/dceutils}/Makefile.in | 458 +- appl/dceutils/NTMakefile | 35 + appl/dceutils/README.dcedfs | 59 + appl/dceutils/README.original | 335 + appl/dceutils/dfspag.exp | 3 + appl/dceutils/dpagaix.c | 23 + appl/dceutils/k5dce.h | 165 + appl/dceutils/k5dcecon.c | 792 + appl/dceutils/testpag.c | 150 + appl/ftp/ChangeLog | 108 +- appl/ftp/Makefile.am | 4 +- appl/ftp/Makefile.in | 251 +- appl/ftp/NTMakefile | 35 + appl/ftp/common/Makefile.am | 4 +- appl/ftp/common/Makefile.in | 213 +- appl/ftp/common/NTMakefile | 35 + appl/ftp/common/buffer.c | 14 +- appl/ftp/common/common.h | 14 +- appl/ftp/common/sockbuf.c | 36 +- appl/ftp/ftp/Makefile.am | 13 +- appl/ftp/ftp/Makefile.in | 401 +- appl/ftp/ftp/NTMakefile | 35 + appl/ftp/ftp/cmds.c | 33 +- appl/ftp/ftp/cmdtab.c | 24 +- appl/ftp/ftp/domacro.c | 2 +- appl/ftp/ftp/extern.h | 4 +- appl/ftp/ftp/ftp.1 | 8 +- appl/ftp/ftp/ftp.c | 84 +- appl/ftp/ftp/ftp.cat1 | 658 + appl/ftp/ftp/ftp_locl.h | 14 +- appl/ftp/ftp/globals.c | 4 +- appl/ftp/ftp/gssapi.c | 145 +- appl/ftp/ftp/kauth.c | 152 +- appl/ftp/ftp/krb4.c | 340 - appl/ftp/ftp/main.c | 11 +- appl/ftp/ftp/ruserpass.c | 12 +- appl/ftp/ftp/security.c | 78 +- appl/ftp/ftp/security.h | 65 +- appl/ftp/ftpd/Makefile.am | 13 +- appl/ftp/ftpd/Makefile.in | 476 +- appl/ftp/ftpd/NTMakefile | 35 + appl/ftp/ftpd/extern.h | 4 +- appl/ftp/ftpd/ftpcmd.c | 267 +- appl/ftp/ftpd/ftpcmd.y | 68 +- appl/ftp/ftpd/ftpd.8 | 16 +- appl/ftp/ftpd/ftpd.c | 164 +- appl/ftp/ftpd/ftpd.cat8 | 309 + appl/ftp/ftpd/ftpd_locl.h | 60 +- appl/ftp/ftpd/ftpusers.5 | 2 +- appl/ftp/ftpd/ftpusers.cat5 | 27 + appl/ftp/ftpd/gss_userok.c | 170 +- appl/ftp/ftpd/gssapi.c | 145 +- appl/ftp/ftpd/kauth.c | 242 +- appl/ftp/ftpd/klist.c | 22 +- appl/ftp/ftpd/krb4.c | 340 - appl/ftp/ftpd/logwtmp.c | 85 +- appl/ftp/ftpd/ls.c | 78 +- appl/ftp/ftpd/popen.c | 14 +- appl/ftp/ftpd/security.c | 78 +- appl/gssmask/Makefile.am | 5 +- appl/gssmask/Makefile.in | 231 +- appl/gssmask/NTMakefile | 35 + appl/gssmask/common.c | 28 +- appl/gssmask/common.h | 30 +- appl/gssmask/gssmaestro.c | 212 +- appl/gssmask/gssmask.c | 279 +- appl/gssmask/protocol.h | 81 +- appl/kf/Makefile.am | 4 +- appl/kf/Makefile.in | 505 +- appl/kf/NTMakefile | 35 + appl/kf/kf.1 | 72 +- appl/kf/kf.c | 83 +- appl/kf/kf.cat1 | 46 + appl/kf/kf_locl.h | 52 +- appl/kf/kfd.8 | 64 +- appl/kf/kfd.c | 65 +- appl/kf/kfd.cat8 | 31 + appl/kx/ChangeLog | 457 + appl/kx/Makefile.am | 70 + appl/kx/Makefile.in | 1142 + appl/kx/NTMakefile | 35 + appl/kx/common.c | 813 + appl/kx/context.c | 94 + appl/kx/krb5.c | 447 + .../krb5_expand_hostname.3 => appl/kx/kx.1 | 111 +- appl/kx/kx.c | 711 + appl/kx/kx.cat1 | 39 + appl/kx/kx.h | 249 + appl/kx/kxd.8 | 83 + appl/kx/kxd.c | 779 + appl/kx/kxd.cat8 | 37 + appl/kx/rxtelnet.1 | 128 + appl/kx/rxtelnet.cat1 | 52 + appl/kx/rxtelnet.in | 72 + appl/kx/rxterm.1 | 120 + appl/kx/rxterm.cat1 | 47 + appl/kx/rxterm.in | 45 + .../krb5_unparse_name.3 => appl/kx/tenletxr.1 | 83 +- appl/kx/tenletxr.cat1 | 37 + appl/kx/tenletxr.in | 37 + appl/kx/writeauth.c | 73 + appl/login/ChangeLog | 31 +- appl/login/Makefile.am | 15 +- appl/login/Makefile.in | 474 +- appl/login/NTMakefile | 35 + appl/login/conf.c | 24 +- appl/login/env.c | 69 +- appl/login/limits_conf.c | 60 +- appl/login/{login_protos.h => login-protos.h} | 2 +- appl/login/login.1 | 57 +- appl/login/login.access.5 | 11 +- appl/login/login.access.cat5 | 45 + appl/login/login.c | 240 +- appl/login/login.cat1 | 164 + appl/login/login_access.c | 6 +- appl/login/login_locl.h | 65 +- appl/login/loginpaths.h | 52 +- appl/login/osfc2.c | 66 +- appl/login/read_string.c | 62 +- appl/login/shadow.c | 56 +- appl/login/stty_default.c | 16 +- appl/login/tty.c | 16 +- appl/login/utmp_login.c | 26 +- appl/login/utmpx_login.c | 4 +- appl/otp/ChangeLog | 58 + appl/otp/Makefile.am | 17 + appl/otp/Makefile.in | 958 + appl/otp/NTMakefile | 35 + appl/otp/otp.1 | 90 + appl/otp/otp.c | 366 + appl/otp/otp.cat1 | 43 + lib/45/45_locl.h => appl/otp/otp_locl.h | 78 +- .../krb5_crypto_init.3 => appl/otp/otpprint.1 | 75 +- appl/otp/otpprint.c | 135 + appl/otp/otpprint.cat1 | 36 + appl/popper/ChangeLog | 269 + appl/popper/Makefile.am | 49 + appl/popper/Makefile.in | 1040 + appl/popper/NTMakefile | 35 + appl/popper/README | 381 + appl/popper/README-FIRST | 11 + appl/popper/auth_gssapi.c | 253 + appl/popper/maildir.c | 216 + appl/popper/pop3.rfc1081 | 898 + appl/popper/pop3e.rfc1082 | 619 + appl/popper/pop_auth.c | 183 + lib/sl/ss.h => appl/popper/pop_auth.h | 87 +- appl/popper/pop_debug.c | 230 + appl/popper/pop_dele.c | 107 + appl/popper/pop_dropcopy.c | 174 + appl/popper/pop_dropinfo.c | 231 + appl/popper/pop_get_command.c | 160 + appl/popper/pop_init.c | 364 + appl/popper/pop_last.c | 18 + appl/popper/pop_list.c | 59 + appl/popper/pop_log.c | 36 + appl/popper/pop_msg.c | 57 + appl/popper/pop_parse.c | 55 + appl/popper/pop_pass.c | 204 + appl/popper/pop_quit.c | 21 + appl/popper/pop_rset.c | 33 + appl/popper/pop_send.c | 176 + appl/popper/pop_stat.c | 26 + appl/popper/pop_uidl.c | 88 + appl/popper/pop_updt.c | 199 + appl/popper/pop_user.c | 35 + appl/popper/pop_xover.c | 37 + appl/popper/popper.8 | 103 + appl/popper/popper.README.release | 45 + appl/popper/popper.c | 120 + appl/popper/popper.cat8 | 56 + appl/popper/popper.h | 349 + appl/popper/version.h | 19 + appl/push/ChangeLog | 4 +- appl/push/Makefile.am | 7 +- appl/push/Makefile.in | 493 +- appl/push/NTMakefile | 35 + appl/push/pfrom.1 | 64 +- appl/push/pfrom.cat1 | 17 + appl/push/pfrom.in | 2 +- appl/push/push.8 | 34 +- appl/push/push.c | 175 +- appl/push/push.cat8 | 74 + appl/push/push_locl.h | 56 +- appl/rcp/ChangeLog | 23 +- appl/rcp/Makefile.am | 4 +- appl/rcp/Makefile.in | 377 +- appl/rcp/NTMakefile | 35 + appl/rcp/extern.h | 5 +- appl/rcp/rcp.1 | 21 +- appl/rcp/rcp.c | 69 +- appl/rcp/rcp.cat1 | 38 + appl/rcp/rcp_locl.h | 52 +- appl/rcp/util.c | 24 +- appl/rsh/ChangeLog | 36 +- appl/rsh/Makefile.am | 7 +- appl/rsh/Makefile.in | 517 +- appl/rsh/NTMakefile | 35 + appl/rsh/common.c | 74 +- appl/rsh/limits_conf.c | 60 +- appl/rsh/login_access.c | 6 +- appl/rsh/rsh.1 | 95 +- appl/rsh/rsh.c | 222 +- appl/rsh/rsh.cat1 | 139 + appl/rsh/rsh_locl.h | 71 +- appl/rsh/rshd.8 | 71 +- appl/rsh/rshd.c | 250 +- appl/rsh/rshd.cat8 | 79 + appl/su/ChangeLog | 22 +- appl/su/Makefile.am | 5 +- appl/su/Makefile.in | 380 +- appl/su/NTMakefile | 35 + appl/su/su.1 | 82 +- appl/su/su.c | 204 +- appl/su/su.cat1 | 44 + appl/su/supaths.h | 50 +- appl/telnet/ChangeLog | 95 +- appl/telnet/Makefile.am | 4 +- appl/telnet/Makefile.in | 252 +- appl/telnet/NTMakefile | 35 + appl/telnet/libtelnet/Makefile.am | 7 +- appl/telnet/libtelnet/Makefile.in | 223 +- appl/telnet/libtelnet/NTMakefile | 35 + appl/telnet/libtelnet/auth-proto.h | 27 +- appl/telnet/libtelnet/auth.c | 42 +- appl/telnet/libtelnet/auth.h | 4 +- appl/telnet/libtelnet/enc-proto.h | 10 +- appl/telnet/libtelnet/enc_des.c | 59 +- appl/telnet/libtelnet/encrypt.c | 27 +- appl/telnet/libtelnet/encrypt.h | 4 +- appl/telnet/libtelnet/genget.c | 9 +- appl/telnet/libtelnet/kerberos.c | 723 - appl/telnet/libtelnet/kerberos5.c | 69 +- appl/telnet/libtelnet/krb4encpwd.c | 436 - appl/telnet/libtelnet/misc-proto.h | 4 +- appl/telnet/libtelnet/misc.c | 2 +- appl/telnet/libtelnet/rsaencpwd.c | 9 +- appl/telnet/libtelnet/spx.c | 21 +- appl/telnet/telnet/Makefile.am | 7 +- appl/telnet/telnet/Makefile.in | 389 +- appl/telnet/telnet/NTMakefile | 35 + appl/telnet/telnet/authenc.c | 4 +- appl/telnet/telnet/commands.c | 33 +- appl/telnet/telnet/externs.h | 5 +- appl/telnet/telnet/main.c | 32 +- appl/telnet/telnet/network.c | 4 +- appl/telnet/telnet/ring.c | 2 +- appl/telnet/telnet/ring.h | 2 +- appl/telnet/telnet/sys_bsd.c | 12 +- appl/telnet/telnet/telnet.c | 12 +- appl/telnet/telnet/telnet.cat1 | 715 + appl/telnet/telnet/telnet_locl.h | 14 +- appl/telnet/telnet/terminal.c | 4 +- appl/telnet/telnet/utilities.c | 69 +- appl/telnet/telnetd/Makefile.am | 7 +- appl/telnet/telnetd/Makefile.in | 387 +- appl/telnet/telnetd/NTMakefile | 35 + appl/telnet/telnetd/authenc.c | 2 +- appl/telnet/telnetd/defs.h | 4 +- appl/telnet/telnetd/ext.h | 6 +- appl/telnet/telnetd/global.c | 2 +- appl/telnet/telnetd/slc.c | 8 +- appl/telnet/telnetd/state.c | 4 +- appl/telnet/telnetd/sys_term.c | 75 +- appl/telnet/telnetd/telnetd.c | 12 +- appl/telnet/telnetd/telnetd.cat8 | 298 + appl/telnet/telnetd/telnetd.h | 4 - appl/telnet/telnetd/termstat.c | 2 +- appl/telnet/telnetd/utility.c | 69 +- appl/test/Makefile.am | 4 +- appl/test/Makefile.in | 234 +- appl/test/NTMakefile | 35 + appl/test/common.c | 60 +- appl/test/gss_common.c | 58 +- appl/test/gss_common.h | 52 +- appl/test/gssapi_client.c | 85 +- appl/test/gssapi_server.c | 79 +- appl/test/http_client.c | 76 +- appl/test/nt_gss_client.c | 52 +- appl/test/nt_gss_common.c | 58 +- appl/test/nt_gss_common.h | 52 +- appl/test/nt_gss_server.c | 85 +- appl/test/tcp_client.c | 52 +- appl/test/tcp_server.c | 58 +- appl/test/test_locl.h | 52 +- appl/test/uu_client.c | 66 +- appl/test/uu_server.c | 92 +- appl/xnlock/ChangeLog | 159 + appl/xnlock/Makefile.am | 32 + {lib/auth/sia => appl/xnlock}/Makefile.in | 537 +- appl/xnlock/NTMakefile | 35 + appl/xnlock/README | 21 + appl/xnlock/nose.0.left | 38 + appl/xnlock/nose.0.right | 38 + appl/xnlock/nose.1.left | 38 + appl/xnlock/nose.1.right | 38 + appl/xnlock/nose.down | 38 + appl/xnlock/nose.front | 38 + appl/xnlock/nose.left.front | 38 + appl/xnlock/nose.right.front | 38 + appl/xnlock/xnlock.1 | 123 + appl/xnlock/xnlock.c | 1083 + appl/xnlock/xnlock.cat1 | 110 + autogen.sh | 1 + base/Makefile.am | 31 + {lib/auth/afskauthlib => base}/Makefile.in | 458 +- base/NTMakefile | 53 + base/array.c | 234 + base/baselocl.h | 129 + base/bool.c | 58 + base/dict.c | 282 + base/heimbase.c | 559 + base/heimbase.h | 188 + base/heimbasepriv.h | 91 + base/heimqueue.h | 167 + base/null.c | 52 + base/number.c | 127 + base/string.c | 115 + base/test_base.c | 151 + base/version-script.map | 28 + cf/ChangeLog | 203 +- cf/Makefile.am.common | 18 +- cf/aix.m4 | 15 +- cf/auth-modules.m4 | 2 +- cf/autobuild.m4 | 34 - cf/broken-getaddrinfo.m4 | 4 +- cf/broken-glob.m4 | 2 +- cf/broken-realloc.m4 | 2 +- cf/broken-snprintf.m4 | 2 +- cf/broken.m4 | 2 +- cf/broken2.m4 | 2 +- cf/c-attribute.m4 | 2 +- cf/c-function.m4 | 2 +- cf/capabilities.m4 | 2 +- cf/check-compile-et.m4 | 3 +- cf/check-getpwnam_r-posix.m4 | 2 +- cf/check-man.m4 | 7 +- cf/check-netinet-ip-and-tcp.m4 | 2 +- cf/check-type-extra.m4 | 2 +- cf/check-var.m4 | 5 +- cf/check-x.m4 | 2 +- cf/check-xau.m4 | 2 +- cf/crypto.m4 | 24 +- cf/db.m4 | 101 +- cf/destdirs.m4 | 2 +- cf/dispatch.m4 | 20 + cf/dlopen.m4 | 2 +- cf/find-func-no-libs.m4 | 2 +- cf/find-func-no-libs2.m4 | 2 +- cf/find-func.m4 | 2 +- cf/find-if-not-broken.m4 | 2 +- cf/have-pragma-weak.m4 | 2 +- cf/have-struct-field.m4 | 2 +- cf/have-type.m4 | 2 +- cf/have-types.m4 | 2 +- cf/install-catman.sh | 7 +- cf/irix.m4 | 13 +- cf/krb-bigendian.m4 | 4 +- cf/krb-func-getcwd-broken.m4 | 2 +- cf/krb-func-getlogin.m4 | 2 +- cf/krb-ipv6.m4 | 133 +- cf/krb-prog-ln-s.m4 | 2 +- cf/krb-prog-ranlib.m4 | 2 +- cf/krb-prog-yacc.m4 | 2 +- cf/krb-readline.m4 | 25 +- cf/krb-struct-spwd.m4 | 2 +- cf/krb-struct-winsize.m4 | 2 +- cf/krb-sys-aix.m4 | 2 +- cf/krb-sys-nextstep.m4 | 2 +- cf/krb-version.m4 | 2 +- cf/largefile.m4 | 2 +- cf/libtool.m4 | 7831 + cf/ltoptions.m4 | 369 + cf/ltsugar.m4 | 123 + cf/ltversion.m4 | 23 + cf/lt~obsolete.m4 | 98 + cf/make-proto.pl | 109 +- cf/mips-abi.m4 | 2 +- cf/misc.m4 | 2 +- cf/need-proto.m4 | 2 +- cf/osfc2.m4 | 2 +- cf/otp.m4 | 2 +- cf/pkg.m4 | 157 + cf/proto-compat.m4 | 2 +- cf/pthreads.m4 | 52 +- cf/resolv.m4 | 13 +- cf/retsigtype.m4 | 4 +- cf/roken-frag.m4 | 136 +- cf/roken.m4 | 2 +- cf/socket-wrapper.m4 | 2 +- cf/sunos.m4 | 7 +- cf/telnet.m4 | 5 +- cf/test-package.m4 | 6 +- cf/valgrind-suppressions | 2 +- cf/vararray.m4 | 2 +- cf/version-script.m4 | 7 +- cf/wflags.m4 | 3 +- cf/win32.m4 | 10 +- cf/with-all.m4 | 2 +- compile | 21 +- config.guess | 291 +- config.sub | 149 +- configure | 52114 ++----- configure.in => configure.ac | 232 +- depcomp | 630 + doc/Makefile.am | 105 +- doc/Makefile.in | 391 +- doc/NTMakefile | 119 + doc/ack.texi | 64 +- doc/apps.texi | 28 +- doc/copyright.texi | 518 + doc/doxyout/gssapi/html/doxygen.css | 473 + doc/doxyout/gssapi/html/doxygen.png | Bin 0 -> 1281 bytes doc/doxyout/gssapi/html/graph_legend.dot | 22 + doc/doxyout/gssapi/html/graph_legend.html | 88 + doc/doxyout/gssapi/html/graph_legend.png | Bin 0 -> 4256 bytes doc/doxyout/gssapi/html/group__gssapi.html | 892 + .../gssapi/html/gssapi_mechs_intro.html | 30 + .../gssapi/html/gssapi_services_intro.html | 43 + doc/doxyout/gssapi/html/index.html | 36 + .../gssapi/html/internalvsmechname.html | 36 + doc/doxyout/gssapi/html/modules.html | 29 + doc/doxyout/gssapi/html/pages.html | 34 + doc/doxyout/gssapi/html/tab_b.gif | Bin 0 -> 35 bytes doc/doxyout/gssapi/html/tab_l.gif | Bin 0 -> 706 bytes doc/doxyout/gssapi/html/tab_r.gif | Bin 0 -> 2585 bytes doc/doxyout/gssapi/html/tabs.css | 102 + .../man3/__gss_c_attr_stream_sizes_oid_desc.3 | 1 + .../gssapi/man/man3/gss_add_oid_set_member.3 | 1 + .../gssapi/man/man3/gss_canonicalize_name.3 | 1 + doc/doxyout/gssapi/man/man3/gss_import_name.3 | 1 + .../gssapi/man/man3/gss_init_sec_context.3 | 1 + .../man/man3/gss_inquire_attrs_for_mech.3 | 1 + .../man/man3/gss_inquire_saslname_for_mech.3 | 1 + doc/doxyout/gssapi/man/man3/gss_oid_equal.3 | 1 + .../gssapi/man/man3/gss_release_cred.3 | 1 + .../gssapi/man/man3/gss_release_iov_buffer.3 | 1 + .../gssapi/man/man3/gss_release_name.3 | 1 + doc/doxyout/gssapi/man/man3/gss_unwrap_iov.3 | 1 + doc/doxyout/gssapi/man/man3/gss_wrap.3 | 1 + doc/doxyout/gssapi/man/man3/gss_wrap_iov.3 | 1 + .../gssapi/man/man3/gss_wrap_iov_length.3 | 1 + doc/doxyout/gssapi/man/man3/gssapi.3 | 389 + .../gssapi/man/man3/gssapi_mechs_intro.3 | 15 + .../gssapi/man/man3/gssapi_services_intro.3 | 65 + .../gssapi/man/man3/internalvsmechname.3 | 20 + doc/doxyout/gssapi/manpages | 19 + doc/doxyout/hcrypto/html/doxygen.css | 473 + doc/doxyout/hcrypto/html/doxygen.png | Bin 0 -> 1281 bytes .../html/example__evp__cipher_8c-example.html | 173 + doc/doxyout/hcrypto/html/examples.html | 29 + doc/doxyout/hcrypto/html/graph_legend.dot | 22 + doc/doxyout/hcrypto/html/graph_legend.html | 88 + doc/doxyout/hcrypto/html/graph_legend.png | Bin 0 -> 4256 bytes .../hcrypto/html/group__hcrypto__core.html | 190 + .../hcrypto/html/group__hcrypto__des.html | 910 + .../hcrypto/html/group__hcrypto__dh.html | 581 + .../hcrypto/html/group__hcrypto__evp.html | 2366 + .../hcrypto/html/group__hcrypto__misc.html | 106 + .../hcrypto/html/group__hcrypto__rand.html | 425 + .../hcrypto/html/group__hcrypto__rsa.html | 278 + doc/doxyout/hcrypto/html/index.html | 47 + doc/doxyout/hcrypto/html/modules.html | 35 + doc/doxyout/hcrypto/html/page_des.html | 45 + doc/doxyout/hcrypto/html/page_dh.html | 30 + doc/doxyout/hcrypto/html/page_evp.html | 30 + doc/doxyout/hcrypto/html/page_rand.html | 28 + doc/doxyout/hcrypto/html/page_rsa.html | 31 + doc/doxyout/hcrypto/html/tab_b.gif | Bin 0 -> 35 bytes doc/doxyout/hcrypto/html/tab_l.gif | Bin 0 -> 706 bytes doc/doxyout/hcrypto/html/tab_r.gif | Bin 0 -> 2585 bytes doc/doxyout/hcrypto/html/tabs.css | 102 + doc/doxyout/hcrypto/man/man3/DES_cbc_cksum.3 | 1 + .../hcrypto/man/man3/DES_cbc_encrypt.3 | 1 + .../hcrypto/man/man3/DES_cfb64_encrypt.3 | 1 + .../hcrypto/man/man3/DES_check_key_parity.3 | 1 + .../hcrypto/man/man3/DES_ecb3_encrypt.3 | 1 + .../hcrypto/man/man3/DES_ecb_encrypt.3 | 1 + .../hcrypto/man/man3/DES_ede3_cbc_encrypt.3 | 1 + doc/doxyout/hcrypto/man/man3/DES_encrypt.3 | 1 + .../man3/DES_init_random_number_generator.3 | 1 + .../hcrypto/man/man3/DES_is_weak_key.3 | 1 + doc/doxyout/hcrypto/man/man3/DES_key_sched.3 | 1 + .../hcrypto/man/man3/DES_new_random_key.3 | 1 + .../hcrypto/man/man3/DES_pcbc_encrypt.3 | 1 + doc/doxyout/hcrypto/man/man3/DES_random_key.3 | 1 + doc/doxyout/hcrypto/man/man3/DES_set_key.3 | 1 + .../hcrypto/man/man3/DES_set_key_checked.3 | 1 + .../hcrypto/man/man3/DES_set_key_unchecked.3 | 1 + .../hcrypto/man/man3/DES_set_odd_parity.3 | 1 + .../hcrypto/man/man3/DES_string_to_key.3 | 1 + .../hcrypto/man/man3/DH_check_pubkey.3 | 1 + doc/doxyout/hcrypto/man/man3/DH_compute_key.3 | 1 + doc/doxyout/hcrypto/man/man3/DH_free.3 | 1 + .../hcrypto/man/man3/DH_generate_key.3 | 1 + .../man/man3/DH_generate_parameters_ex.3 | 1 + .../hcrypto/man/man3/DH_get_default_method.3 | 1 + doc/doxyout/hcrypto/man/man3/DH_get_ex_data.3 | 1 + doc/doxyout/hcrypto/man/man3/DH_ltm_method.3 | 1 + doc/doxyout/hcrypto/man/man3/DH_new.3 | 1 + doc/doxyout/hcrypto/man/man3/DH_new_method.3 | 1 + doc/doxyout/hcrypto/man/man3/DH_null_method.3 | 1 + .../hcrypto/man/man3/DH_set_default_method.3 | 1 + doc/doxyout/hcrypto/man/man3/DH_set_ex_data.3 | 1 + doc/doxyout/hcrypto/man/man3/DH_set_method.3 | 1 + doc/doxyout/hcrypto/man/man3/DH_size.3 | 1 + doc/doxyout/hcrypto/man/man3/DH_up_ref.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_BytesToKey.3 | 1 + .../man/man3/EVP_CIPHER_CTX_block_size.3 | 1 + .../hcrypto/man/man3/EVP_CIPHER_CTX_cipher.3 | 1 + .../hcrypto/man/man3/EVP_CIPHER_CTX_cleanup.3 | 1 + .../hcrypto/man/man3/EVP_CIPHER_CTX_ctrl.3 | 1 + .../hcrypto/man/man3/EVP_CIPHER_CTX_flags.3 | 1 + .../man/man3/EVP_CIPHER_CTX_get_app_data.3 | 1 + .../hcrypto/man/man3/EVP_CIPHER_CTX_init.3 | 1 + .../man/man3/EVP_CIPHER_CTX_iv_length.3 | 1 + .../man/man3/EVP_CIPHER_CTX_key_length.3 | 1 + .../hcrypto/man/man3/EVP_CIPHER_CTX_mode.3 | 1 + .../man/man3/EVP_CIPHER_CTX_rand_key.3 | 1 + .../man/man3/EVP_CIPHER_CTX_set_app_data.3 | 1 + .../man/man3/EVP_CIPHER_CTX_set_key_length.3 | 1 + .../hcrypto/man/man3/EVP_CIPHER_block_size.3 | 1 + .../hcrypto/man/man3/EVP_CIPHER_iv_length.3 | 1 + .../hcrypto/man/man3/EVP_CIPHER_key_length.3 | 1 + .../hcrypto/man/man3/EVP_CipherFinal_ex.3 | 1 + .../hcrypto/man/man3/EVP_CipherInit_ex.3 | 1 + .../hcrypto/man/man3/EVP_CipherUpdate.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_Digest.3 | 1 + .../hcrypto/man/man3/EVP_DigestFinal_ex.3 | 1 + .../hcrypto/man/man3/EVP_DigestInit_ex.3 | 1 + .../hcrypto/man/man3/EVP_DigestUpdate.3 | 1 + .../hcrypto/man/man3/EVP_MD_CTX_block_size.3 | 1 + .../hcrypto/man/man3/EVP_MD_CTX_cleanup.3 | 1 + .../hcrypto/man/man3/EVP_MD_CTX_create.3 | 1 + .../hcrypto/man/man3/EVP_MD_CTX_destroy.3 | 1 + .../hcrypto/man/man3/EVP_MD_CTX_init.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_md.3 | 1 + .../hcrypto/man/man3/EVP_MD_CTX_size.3 | 1 + .../hcrypto/man/man3/EVP_MD_block_size.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_MD_size.3 | 1 + .../hcrypto/man/man3/EVP_aes_128_cbc.3 | 1 + .../hcrypto/man/man3/EVP_aes_128_cfb8.3 | 1 + .../hcrypto/man/man3/EVP_aes_192_cbc.3 | 1 + .../hcrypto/man/man3/EVP_aes_192_cfb8.3 | 1 + .../hcrypto/man/man3/EVP_aes_256_cbc.3 | 1 + .../hcrypto/man/man3/EVP_aes_256_cfb8.3 | 1 + .../hcrypto/man/man3/EVP_camellia_128_cbc.3 | 1 + .../hcrypto/man/man3/EVP_camellia_192_cbc.3 | 1 + .../hcrypto/man/man3/EVP_camellia_256_cbc.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_des_cbc.3 | 1 + .../hcrypto/man/man3/EVP_des_ede3_cbc.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_enc_null.3 | 1 + .../hcrypto/man/man3/EVP_get_cipherbyname.3 | 1 + .../man/man3/EVP_hcrypto_aes_128_cbc.3 | 1 + .../man/man3/EVP_hcrypto_aes_128_cfb8.3 | 1 + .../man/man3/EVP_hcrypto_aes_192_cbc.3 | 1 + .../man/man3/EVP_hcrypto_aes_192_cfb8.3 | 1 + .../man/man3/EVP_hcrypto_aes_256_cbc.3 | 1 + .../man/man3/EVP_hcrypto_aes_256_cfb8.3 | 1 + .../man/man3/EVP_hcrypto_camellia_128_cbc.3 | 1 + .../man/man3/EVP_hcrypto_camellia_192_cbc.3 | 1 + .../man/man3/EVP_hcrypto_camellia_256_cbc.3 | 1 + .../hcrypto/man/man3/EVP_hcrypto_des_cbc.3 | 1 + .../man/man3/EVP_hcrypto_des_ede3_cbc.3 | 1 + .../hcrypto/man/man3/EVP_hcrypto_md2.3 | 1 + .../hcrypto/man/man3/EVP_hcrypto_md4.3 | 1 + .../hcrypto/man/man3/EVP_hcrypto_md5.3 | 1 + .../hcrypto/man/man3/EVP_hcrypto_rc2_40_cbc.3 | 1 + .../hcrypto/man/man3/EVP_hcrypto_rc2_64_cbc.3 | 1 + .../hcrypto/man/man3/EVP_hcrypto_rc2_cbc.3 | 1 + .../hcrypto/man/man3/EVP_hcrypto_sha1.3 | 1 + .../hcrypto/man/man3/EVP_hcrypto_sha256.3 | 1 + .../hcrypto/man/man3/EVP_hcrypto_sha384.3 | 1 + .../hcrypto/man/man3/EVP_hcrypto_sha512.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_md2.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_md4.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_md5.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_md_null.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_rc2_40_cbc.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_rc2_64_cbc.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_rc2_cbc.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_rc4.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_rc4_40.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_sha.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_sha1.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_sha256.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_sha384.3 | 1 + doc/doxyout/hcrypto/man/man3/EVP_sha512.3 | 1 + .../man/man3/EVP_wincrypt_des_ede3_cbc.3 | 1 + .../man/man3/OpenSSL_add_all_algorithms.3 | 1 + .../man3/OpenSSL_add_all_algorithms_conf.3 | 1 + .../man3/OpenSSL_add_all_algorithms_noconf.3 | 1 + .../hcrypto/man/man3/PKCS5_PBKDF2_HMAC_SHA1.3 | 1 + doc/doxyout/hcrypto/man/man3/RAND_add.3 | 1 + doc/doxyout/hcrypto/man/man3/RAND_bytes.3 | 1 + doc/doxyout/hcrypto/man/man3/RAND_cleanup.3 | 1 + doc/doxyout/hcrypto/man/man3/RAND_file_name.3 | 1 + .../hcrypto/man/man3/RAND_get_rand_method.3 | 1 + doc/doxyout/hcrypto/man/man3/RAND_load_file.3 | 1 + .../hcrypto/man/man3/RAND_pseudo_bytes.3 | 1 + doc/doxyout/hcrypto/man/man3/RAND_seed.3 | 1 + .../hcrypto/man/man3/RAND_set_rand_engine.3 | 1 + .../hcrypto/man/man3/RAND_set_rand_method.3 | 1 + doc/doxyout/hcrypto/man/man3/RAND_status.3 | 1 + .../hcrypto/man/man3/RAND_write_file.3 | 1 + doc/doxyout/hcrypto/man/man3/RSA_free.3 | 1 + .../hcrypto/man/man3/RSA_get_app_data.3 | 1 + doc/doxyout/hcrypto/man/man3/RSA_get_method.3 | 1 + doc/doxyout/hcrypto/man/man3/RSA_new.3 | 1 + doc/doxyout/hcrypto/man/man3/RSA_new_method.3 | 1 + .../hcrypto/man/man3/RSA_set_app_data.3 | 1 + doc/doxyout/hcrypto/man/man3/RSA_set_method.3 | 1 + doc/doxyout/hcrypto/man/man3/RSA_up_ref.3 | 1 + doc/doxyout/hcrypto/man/man3/hcrypto_core.3 | 76 + doc/doxyout/hcrypto/man/man3/hcrypto_des.3 | 392 + doc/doxyout/hcrypto/man/man3/hcrypto_dh.3 | 310 + doc/doxyout/hcrypto/man/man3/hcrypto_evp.3 | 1299 + doc/doxyout/hcrypto/man/man3/hcrypto_misc.3 | 44 + doc/doxyout/hcrypto/man/man3/hcrypto_rand.3 | 200 + doc/doxyout/hcrypto/man/man3/hcrypto_rsa.3 | 152 + doc/doxyout/hcrypto/man/man3/page_des.3 | 35 + doc/doxyout/hcrypto/man/man3/page_dh.3 | 10 + doc/doxyout/hcrypto/man/man3/page_evp.3 | 9 + doc/doxyout/hcrypto/man/man3/page_rand.3 | 6 + doc/doxyout/hcrypto/man/man3/page_rsa.3 | 12 + doc/doxyout/hcrypto/manpages | 153 + doc/doxyout/hdb/html/annotated.html | 35 + doc/doxyout/hdb/html/doxygen.css | 473 + doc/doxyout/hdb/html/doxygen.png | Bin 0 -> 1281 bytes doc/doxyout/hdb/html/functions.html | 85 + doc/doxyout/hdb/html/functions_vars.html | 85 + doc/doxyout/hdb/html/graph_legend.dot | 22 + doc/doxyout/hdb/html/graph_legend.html | 87 + doc/doxyout/hdb/html/graph_legend.png | Bin 0 -> 4256 bytes doc/doxyout/hdb/html/index.html | 33 + doc/doxyout/hdb/html/struct_h_d_b.html | 430 + .../hdb/html/structhdb__entry__ex.html | 39 + doc/doxyout/hdb/html/tab_b.gif | Bin 0 -> 35 bytes doc/doxyout/hdb/html/tab_l.gif | Bin 0 -> 706 bytes doc/doxyout/hdb/html/tab_r.gif | Bin 0 -> 2585 bytes doc/doxyout/hdb/html/tabs.css | 102 + doc/doxyout/hdb/man/man3/HDB.3 | 185 + doc/doxyout/hdb/man/man3/hdb__del.3 | 1 + doc/doxyout/hdb/man/man3/hdb__get.3 | 1 + doc/doxyout/hdb/man/man3/hdb__put.3 | 1 + doc/doxyout/hdb/man/man3/hdb_auth_status.3 | 1 + .../man3/hdb_check_constrained_delegation.3 | 1 + .../man/man3/hdb_check_pkinit_ms_upn_match.3 | 1 + doc/doxyout/hdb/man/man3/hdb_check_s4u2self.3 | 1 + doc/doxyout/hdb/man/man3/hdb_close.3 | 1 + doc/doxyout/hdb/man/man3/hdb_destroy.3 | 1 + doc/doxyout/hdb/man/man3/hdb_entry_ex.3 | 17 + doc/doxyout/hdb/man/man3/hdb_fetch_kvno.3 | 1 + doc/doxyout/hdb/man/man3/hdb_firstkey.3 | 1 + doc/doxyout/hdb/man/man3/hdb_free.3 | 1 + doc/doxyout/hdb/man/man3/hdb_get_realms.3 | 1 + doc/doxyout/hdb/man/man3/hdb_lock.3 | 1 + doc/doxyout/hdb/man/man3/hdb_name.3 | 1 + doc/doxyout/hdb/man/man3/hdb_nextkey.3 | 1 + doc/doxyout/hdb/man/man3/hdb_open.3 | 1 + doc/doxyout/hdb/man/man3/hdb_password.3 | 1 + doc/doxyout/hdb/man/man3/hdb_remove.3 | 1 + doc/doxyout/hdb/man/man3/hdb_rename.3 | 1 + doc/doxyout/hdb/man/man3/hdb_store.3 | 1 + doc/doxyout/hdb/man/man3/hdb_unlock.3 | 1 + doc/doxyout/hdb/manpages | 24 + doc/doxyout/hx509/html/doxygen.css | 473 + doc/doxyout/hx509/html/doxygen.png | Bin 0 -> 1281 bytes doc/doxyout/hx509/html/graph_legend.dot | 22 + doc/doxyout/hx509/html/graph_legend.html | 88 + doc/doxyout/hx509/html/graph_legend.png | Bin 0 -> 4256 bytes doc/doxyout/hx509/html/group__hx509.html | 89 + doc/doxyout/hx509/html/group__hx509__ca.html | 1179 + .../hx509/html/group__hx509__cert.html | 1425 + doc/doxyout/hx509/html/group__hx509__cms.html | 504 + .../hx509/html/group__hx509__crypto.html | 92 + doc/doxyout/hx509/html/group__hx509__env.html | 311 + .../hx509/html/group__hx509__error.html | 308 + .../hx509/html/group__hx509__keyset.html | 781 + .../hx509/html/group__hx509__lock.html | 29 + .../hx509/html/group__hx509__misc.html | 88 + .../hx509/html/group__hx509__name.html | 470 + .../hx509/html/group__hx509__peer.html | 237 + .../hx509/html/group__hx509__print.html | 452 + .../hx509/html/group__hx509__query.html | 29 + .../hx509/html/group__hx509__revoke.html | 378 + .../hx509/html/group__hx509__verify.html | 714 + doc/doxyout/hx509/html/index.html | 35 + doc/doxyout/hx509/html/modules.html | 44 + doc/doxyout/hx509/html/page_ca.html | 26 + doc/doxyout/hx509/html/page_cert.html | 28 + doc/doxyout/hx509/html/page_cms.html | 30 + doc/doxyout/hx509/html/page_env.html | 26 + doc/doxyout/hx509/html/page_error.html | 26 + doc/doxyout/hx509/html/page_keyset.html | 29 + doc/doxyout/hx509/html/page_lock.html | 26 + doc/doxyout/hx509/html/page_name.html | 32 + doc/doxyout/hx509/html/page_peer.html | 27 + doc/doxyout/hx509/html/page_print.html | 26 + doc/doxyout/hx509/html/page_revoke.html | 28 + doc/doxyout/hx509/html/pages.html | 50 + doc/doxyout/hx509/html/tab_b.gif | Bin 0 -> 35 bytes doc/doxyout/hx509/html/tab_l.gif | Bin 0 -> 706 bytes doc/doxyout/hx509/html/tab_r.gif | Bin 0 -> 2585 bytes doc/doxyout/hx509/html/tabs.css | 102 + doc/doxyout/hx509/man/man3/hx509.3 | 45 + .../hx509/man/man3/hx509_bitstring_print.3 | 1 + doc/doxyout/hx509/man/man3/hx509_ca.3 | 573 + doc/doxyout/hx509/man/man3/hx509_ca_sign.3 | 1 + .../hx509/man/man3/hx509_ca_sign_self.3 | 1 + .../man/man3/hx509_ca_tbs_add_crl_dp_uri.3 | 1 + .../hx509/man/man3/hx509_ca_tbs_add_eku.3 | 1 + .../man/man3/hx509_ca_tbs_add_san_hostname.3 | 1 + .../hx509/man/man3/hx509_ca_tbs_add_san_jid.3 | 1 + .../man/man3/hx509_ca_tbs_add_san_ms_upn.3 | 1 + .../man/man3/hx509_ca_tbs_add_san_otherName.3 | 1 + .../man/man3/hx509_ca_tbs_add_san_pkinit.3 | 1 + .../man3/hx509_ca_tbs_add_san_rfc822name.3 | 1 + .../hx509/man/man3/hx509_ca_tbs_free.3 | 1 + .../hx509/man/man3/hx509_ca_tbs_init.3 | 1 + .../hx509/man/man3/hx509_ca_tbs_set_ca.3 | 1 + .../man3/hx509_ca_tbs_set_domaincontroller.3 | 1 + .../man/man3/hx509_ca_tbs_set_notAfter.3 | 1 + .../man3/hx509_ca_tbs_set_notAfter_lifetime.3 | 1 + .../man/man3/hx509_ca_tbs_set_notBefore.3 | 1 + .../hx509/man/man3/hx509_ca_tbs_set_proxy.3 | 1 + .../man/man3/hx509_ca_tbs_set_serialnumber.3 | 1 + .../hx509/man/man3/hx509_ca_tbs_set_spki.3 | 1 + .../hx509/man/man3/hx509_ca_tbs_set_subject.3 | 1 + .../man/man3/hx509_ca_tbs_set_template.3 | 1 + .../hx509/man/man3/hx509_ca_tbs_set_unique.3 | 1 + .../man/man3/hx509_ca_tbs_subject_expand.3 | 1 + .../man/man3/hx509_ca_tbs_template_units.3 | 1 + doc/doxyout/hx509/man/man3/hx509_cert.3 | 700 + .../hx509/man/man3/hx509_cert_binary.3 | 1 + .../hx509/man/man3/hx509_cert_check_eku.3 | 1 + doc/doxyout/hx509/man/man3/hx509_cert_cmp.3 | 1 + ...hx509_cert_find_subjectAltName_otherName.3 | 1 + doc/doxyout/hx509/man/man3/hx509_cert_free.3 | 1 + .../hx509/man/man3/hx509_cert_get_SPKI.3 | 1 + .../hx509_cert_get_SPKI_AlgorithmIdentifier.3 | 1 + .../hx509/man/man3/hx509_cert_get_attribute.3 | 1 + .../man/man3/hx509_cert_get_base_subject.3 | 1 + .../man/man3/hx509_cert_get_friendly_name.3 | 1 + .../hx509/man/man3/hx509_cert_get_issuer.3 | 1 + .../man3/hx509_cert_get_issuer_unique_id.3 | 1 + .../hx509/man/man3/hx509_cert_get_notAfter.3 | 1 + .../hx509/man/man3/hx509_cert_get_notBefore.3 | 1 + .../man/man3/hx509_cert_get_serialnumber.3 | 1 + .../hx509/man/man3/hx509_cert_get_subject.3 | 1 + .../man3/hx509_cert_get_subject_unique_id.3 | 1 + doc/doxyout/hx509/man/man3/hx509_cert_init.3 | 1 + .../hx509/man/man3/hx509_cert_init_data.3 | 1 + .../man/man3/hx509_cert_keyusage_print.3 | 1 + doc/doxyout/hx509/man/man3/hx509_cert_ref.3 | 1 + .../man/man3/hx509_cert_set_friendly_name.3 | 1 + doc/doxyout/hx509/man/man3/hx509_certs_add.3 | 1 + .../hx509/man/man3/hx509_certs_append.3 | 1 + .../hx509/man/man3/hx509_certs_end_seq.3 | 1 + .../hx509/man/man3/hx509_certs_filter.3 | 1 + doc/doxyout/hx509/man/man3/hx509_certs_find.3 | 1 + doc/doxyout/hx509/man/man3/hx509_certs_free.3 | 1 + doc/doxyout/hx509/man/man3/hx509_certs_info.3 | 1 + doc/doxyout/hx509/man/man3/hx509_certs_init.3 | 1 + .../hx509/man/man3/hx509_certs_iter_f.3 | 1 + .../hx509/man/man3/hx509_certs_merge.3 | 1 + .../hx509/man/man3/hx509_certs_next_cert.3 | 1 + .../hx509/man/man3/hx509_certs_start_seq.3 | 1 + .../hx509/man/man3/hx509_certs_store.3 | 1 + .../hx509/man/man3/hx509_ci_print_names.3 | 1 + .../hx509/man/man3/hx509_clear_error_string.3 | 1 + doc/doxyout/hx509/man/man3/hx509_cms.3 | 206 + .../man/man3/hx509_cms_create_signed_1.3 | 1 + .../hx509/man/man3/hx509_cms_envelope_1.3 | 1 + .../hx509/man/man3/hx509_cms_unenvelope.3 | 1 + .../man/man3/hx509_cms_unwrap_ContentInfo.3 | 1 + .../hx509/man/man3/hx509_cms_verify_signed.3 | 1 + .../man/man3/hx509_cms_wrap_ContentInfo.3 | 1 + .../hx509/man/man3/hx509_context_free.3 | 1 + .../hx509/man/man3/hx509_context_init.3 | 1 + .../man3/hx509_context_set_missing_revoke.3 | 1 + .../man/man3/hx509_crl_add_revoked_certs.3 | 1 + doc/doxyout/hx509/man/man3/hx509_crl_alloc.3 | 1 + doc/doxyout/hx509/man/man3/hx509_crl_free.3 | 1 + .../hx509/man/man3/hx509_crl_lifetime.3 | 1 + doc/doxyout/hx509/man/man3/hx509_crl_sign.3 | 1 + doc/doxyout/hx509/man/man3/hx509_crypto.3 | 40 + doc/doxyout/hx509/man/man3/hx509_env.3 | 143 + doc/doxyout/hx509/man/man3/hx509_env_add.3 | 1 + .../hx509/man/man3/hx509_env_add_binding.3 | 1 + doc/doxyout/hx509/man/man3/hx509_env_find.3 | 1 + .../hx509/man/man3/hx509_env_find_binding.3 | 1 + doc/doxyout/hx509/man/man3/hx509_env_free.3 | 1 + doc/doxyout/hx509/man/man3/hx509_env_lfind.3 | 1 + doc/doxyout/hx509/man/man3/hx509_err.3 | 1 + doc/doxyout/hx509/man/man3/hx509_error.3 | 129 + .../hx509/man/man3/hx509_free_error_string.3 | 1 + .../man/man3/hx509_free_octet_string_list.3 | 1 + .../man/man3/hx509_general_name_unparse.3 | 1 + .../hx509/man/man3/hx509_get_error_string.3 | 1 + .../hx509/man/man3/hx509_get_one_cert.3 | 1 + doc/doxyout/hx509/man/man3/hx509_keyset.3 | 373 + doc/doxyout/hx509/man/man3/hx509_lock.3 | 5 + doc/doxyout/hx509/man/man3/hx509_misc.3 | 40 + doc/doxyout/hx509/man/man3/hx509_name.3 | 235 + .../hx509/man/man3/hx509_name_binary.3 | 1 + doc/doxyout/hx509/man/man3/hx509_name_cmp.3 | 1 + doc/doxyout/hx509/man/man3/hx509_name_copy.3 | 1 + .../hx509/man/man3/hx509_name_expand.3 | 1 + doc/doxyout/hx509/man/man3/hx509_name_free.3 | 1 + .../hx509/man/man3/hx509_name_is_null_p.3 | 1 + .../hx509/man/man3/hx509_name_to_Name.3 | 1 + .../hx509/man/man3/hx509_name_to_string.3 | 1 + .../hx509/man/man3/hx509_ocsp_request.3 | 1 + .../hx509/man/man3/hx509_ocsp_verify.3 | 1 + doc/doxyout/hx509/man/man3/hx509_oid_print.3 | 1 + doc/doxyout/hx509/man/man3/hx509_oid_sprint.3 | 1 + doc/doxyout/hx509/man/man3/hx509_parse_name.3 | 1 + doc/doxyout/hx509/man/man3/hx509_peer.3 | 113 + .../man/man3/hx509_peer_info_add_cms_alg.3 | 1 + .../hx509/man/man3/hx509_peer_info_alloc.3 | 1 + .../hx509/man/man3/hx509_peer_info_free.3 | 1 + .../hx509/man/man3/hx509_peer_info_set_cert.3 | 1 + .../man/man3/hx509_peer_info_set_cms_algs.3 | 1 + doc/doxyout/hx509/man/man3/hx509_print.3 | 211 + doc/doxyout/hx509/man/man3/hx509_print_cert.3 | 1 + .../hx509/man/man3/hx509_print_stdout.3 | 1 + doc/doxyout/hx509/man/man3/hx509_query.3 | 5 + .../hx509/man/man3/hx509_query_alloc.3 | 1 + doc/doxyout/hx509/man/man3/hx509_query_free.3 | 1 + .../man/man3/hx509_query_match_cmp_func.3 | 1 + .../hx509/man/man3/hx509_query_match_eku.3 | 1 + .../man3/hx509_query_match_friendly_name.3 | 1 + .../man3/hx509_query_match_issuer_serial.3 | 1 + .../hx509/man/man3/hx509_query_match_option.3 | 1 + .../man/man3/hx509_query_statistic_file.3 | 1 + .../man/man3/hx509_query_unparse_stats.3 | 1 + doc/doxyout/hx509/man/man3/hx509_revoke.3 | 171 + .../hx509/man/man3/hx509_revoke_add_crl.3 | 1 + .../hx509/man/man3/hx509_revoke_add_ocsp.3 | 1 + .../hx509/man/man3/hx509_revoke_free.3 | 1 + .../hx509/man/man3/hx509_revoke_init.3 | 1 + .../hx509/man/man3/hx509_revoke_ocsp_print.3 | 1 + .../hx509/man/man3/hx509_revoke_verify.3 | 1 + .../hx509/man/man3/hx509_set_error_string.3 | 1 + .../hx509/man/man3/hx509_set_error_stringv.3 | 1 + .../hx509/man/man3/hx509_unparse_der_name.3 | 1 + .../hx509/man/man3/hx509_validate_cert.3 | 1 + .../man/man3/hx509_validate_ctx_add_flags.3 | 1 + .../hx509/man/man3/hx509_validate_ctx_free.3 | 1 + .../hx509/man/man3/hx509_validate_ctx_init.3 | 1 + .../man/man3/hx509_validate_ctx_set_print.3 | 1 + doc/doxyout/hx509/man/man3/hx509_verify.3 | 309 + .../man/man3/hx509_verify_attach_anchors.3 | 1 + .../man/man3/hx509_verify_attach_revoke.3 | 1 + ..._verify_ctx_f_allow_default_trustanchors.3 | 1 + .../hx509/man/man3/hx509_verify_destroy_ctx.3 | 1 + .../hx509/man/man3/hx509_verify_hostname.3 | 1 + .../hx509/man/man3/hx509_verify_init_ctx.3 | 1 + .../hx509/man/man3/hx509_verify_path.3 | 1 + .../man/man3/hx509_verify_set_max_depth.3 | 1 + .../man3/hx509_verify_set_proxy_certificate.3 | 1 + ...9_verify_set_strict_rfc3280_verification.3 | 1 + .../hx509/man/man3/hx509_verify_set_time.3 | 1 + .../hx509/man/man3/hx509_verify_signature.3 | 1 + doc/doxyout/hx509/man/man3/hx509_xfree.3 | 1 + doc/doxyout/hx509/man/man3/page_ca.3 | 6 + doc/doxyout/hx509/man/man3/page_cert.3 | 10 + doc/doxyout/hx509/man/man3/page_cms.3 | 18 + doc/doxyout/hx509/man/man3/page_env.3 | 6 + doc/doxyout/hx509/man/man3/page_error.3 | 6 + doc/doxyout/hx509/man/man3/page_keyset.3 | 25 + doc/doxyout/hx509/man/man3/page_lock.3 | 6 + doc/doxyout/hx509/man/man3/page_name.3 | 18 + doc/doxyout/hx509/man/man3/page_peer.3 | 8 + doc/doxyout/hx509/man/man3/page_print.3 | 6 + doc/doxyout/hx509/man/man3/page_revoke.3 | 10 + doc/doxyout/hx509/manpages | 172 + doc/doxyout/krb5/html/annotated.html | 35 + doc/doxyout/krb5/html/doxygen.css | 473 + doc/doxyout/krb5/html/doxygen.png | Bin 0 -> 1281 bytes doc/doxyout/krb5/html/graph_legend.dot | 22 + doc/doxyout/krb5/html/graph_legend.html | 89 + doc/doxyout/krb5/html/graph_legend.png | Bin 0 -> 4256 bytes doc/doxyout/krb5/html/group__krb5.html | 2237 + .../krb5/html/group__krb5__address.html | 1003 + doc/doxyout/krb5/html/group__krb5__auth.html | 320 + .../krb5/html/group__krb5__ccache.html | 2264 + .../krb5/html/group__krb5__credential.html | 858 + .../krb5/html/group__krb5__crypto.html | 1262 + .../krb5/html/group__krb5__deprecated.html | 1289 + .../krb5/html/group__krb5__digest.html | 87 + doc/doxyout/krb5/html/group__krb5__error.html | 239 + .../krb5/html/group__krb5__keytab.html | 1055 + doc/doxyout/krb5/html/group__krb5__pac.html | 155 + .../krb5/html/group__krb5__principal.html | 1180 + .../krb5/html/group__krb5__storage.html | 2092 + .../krb5/html/group__krb5__support.html | 1320 + .../krb5/html/group__krb5__ticket.html | 73 + .../krb5/html/group__krb5__v4compat.html | 134 + doc/doxyout/krb5/html/index.html | 37 + doc/doxyout/krb5/html/krb5_ccache_intro.html | 74 + doc/doxyout/krb5/html/krb5_fileformats.html | 154 + .../krb5/html/krb5_init_creds_intro.html | 29 + doc/doxyout/krb5/html/krb5_introduction.html | 204 + doc/doxyout/krb5/html/krb5_keytab_intro.html | 82 + .../krb5/html/krb5_principal_intro.html | 32 + doc/doxyout/krb5/html/modules.html | 45 + doc/doxyout/krb5/html/pages.html | 41 + .../krb5/html/structkrb5__crypto__iov.html | 40 + doc/doxyout/krb5/html/tab_b.gif | Bin 0 -> 35 bytes doc/doxyout/krb5/html/tab_l.gif | Bin 0 -> 706 bytes doc/doxyout/krb5/html/tab_r.gif | Bin 0 -> 2585 bytes doc/doxyout/krb5/html/tabs.css | 102 + doc/doxyout/krb5/man/man3/krb5.3 | 1092 + .../krb5/man/man3/krb524_convert_creds_kdc.3 | 1 + .../man3/krb524_convert_creds_kdc_ccache.3 | 1 + doc/doxyout/krb5/man/man3/krb5_acc_ops.3 | 1 + .../krb5/man/man3/krb5_acl_match_file.3 | 1 + .../krb5/man/man3/krb5_acl_match_string.3 | 1 + doc/doxyout/krb5/man/man3/krb5_add_et_list.3 | 1 + .../krb5/man/man3/krb5_add_extra_addresses.3 | 1 + .../krb5/man/man3/krb5_add_ignore_addresses.3 | 1 + .../krb5/man/man3/krb5_addr2sockaddr.3 | 1 + doc/doxyout/krb5/man/man3/krb5_address.3 | 461 + .../krb5/man/man3/krb5_address_compare.3 | 1 + .../krb5/man/man3/krb5_address_order.3 | 1 + .../man3/krb5_address_prefixlen_boundary.3 | 1 + .../krb5/man/man3/krb5_address_search.3 | 1 + .../krb5/man/man3/krb5_allow_weak_crypto.3 | 1 + doc/doxyout/krb5/man/man3/krb5_anyaddr.3 | 1 + .../krb5/man/man3/krb5_append_addresses.3 | 1 + doc/doxyout/krb5/man/man3/krb5_auth.3 | 138 + .../man/man3/krb5_auth_getremoteseqnumber.3 | 1 + .../krb5/man/man3/krb5_build_principal.3 | 1 + .../krb5/man/man3/krb5_c_enctype_compare.3 | 1 + .../krb5/man/man3/krb5_cc_cache_end_seq_get.3 | 1 + .../krb5/man/man3/krb5_cc_cache_get_first.3 | 1 + .../krb5/man/man3/krb5_cc_cache_match.3 | 1 + .../krb5/man/man3/krb5_cc_cache_next.3 | 1 + .../krb5/man/man3/krb5_cc_clear_mcred.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_close.3 | 1 + .../krb5/man/man3/krb5_cc_copy_cache.3 | 1 + .../krb5/man/man3/krb5_cc_copy_creds.3 | 1 + .../krb5/man/man3/krb5_cc_copy_match_f.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_default.3 | 1 + .../krb5/man/man3/krb5_cc_default_name.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_destroy.3 | 1 + .../krb5/man/man3/krb5_cc_end_seq_get.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_gen_new.3 | 1 + .../krb5/man/man3/krb5_cc_get_config.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_get_flags.3 | 1 + .../krb5/man/man3/krb5_cc_get_friendly_name.3 | 1 + .../krb5/man/man3/krb5_cc_get_full_name.3 | 1 + .../krb5/man/man3/krb5_cc_get_kdc_offset.3 | 1 + .../krb5/man/man3/krb5_cc_get_lifetime.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_get_name.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_get_ops.3 | 1 + .../krb5/man/man3/krb5_cc_get_prefix_ops.3 | 1 + .../krb5/man/man3/krb5_cc_get_principal.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_get_type.3 | 1 + .../krb5/man/man3/krb5_cc_get_version.3 | 1 + .../krb5/man/man3/krb5_cc_initialize.3 | 1 + .../krb5/man/man3/krb5_cc_last_change_time.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_move.3 | 1 + .../krb5/man/man3/krb5_cc_new_unique.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_next_cred.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_register.3 | 1 + .../krb5/man/man3/krb5_cc_remove_cred.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_resolve.3 | 1 + .../krb5/man/man3/krb5_cc_retrieve_cred.3 | 1 + .../krb5/man/man3/krb5_cc_set_config.3 | 1 + .../krb5/man/man3/krb5_cc_set_default_name.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_set_flags.3 | 1 + .../krb5/man/man3/krb5_cc_set_friendly_name.3 | 1 + .../krb5/man/man3/krb5_cc_set_kdc_offset.3 | 1 + .../krb5/man/man3/krb5_cc_start_seq_get.3 | 1 + .../krb5/man/man3/krb5_cc_store_cred.3 | 1 + .../krb5/man/man3/krb5_cc_support_switch.3 | 1 + doc/doxyout/krb5/man/man3/krb5_cc_switch.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ccache.3 | 888 + doc/doxyout/krb5/man/man3/krb5_ccache_intro.3 | 69 + .../krb5/man/man3/krb5_cccol_cursor_free.3 | 1 + .../krb5/man/man3/krb5_cccol_cursor_new.3 | 1 + .../krb5/man/man3/krb5_cccol_cursor_next.3 | 1 + .../man/man3/krb5_cccol_last_change_time.3 | 1 + .../krb5/man/man3/krb5_change_password.3 | 1 + .../krb5/man/man3/krb5_cksumtype_to_enctype.3 | 1 + .../krb5/man/man3/krb5_clear_error_message.3 | 1 + .../krb5/man/man3/krb5_clear_error_string.3 | 1 + .../krb5/man/man3/krb5_compare_creds.3 | 1 + .../krb5/man/man3/krb5_config_file_free.3 | 1 + .../krb5/man/man3/krb5_config_free_strings.3 | 1 + .../krb5/man/man3/krb5_config_get_bool.3 | 1 + .../man/man3/krb5_config_get_bool_default.3 | 1 + .../krb5/man/man3/krb5_config_get_list.3 | 1 + .../krb5/man/man3/krb5_config_get_string.3 | 1 + .../man/man3/krb5_config_get_string_default.3 | 1 + .../krb5/man/man3/krb5_config_get_strings.3 | 1 + .../krb5/man/man3/krb5_config_get_time.3 | 1 + .../man/man3/krb5_config_get_time_default.3 | 1 + .../man/man3/krb5_config_parse_file_multi.3 | 1 + .../man/man3/krb5_config_parse_string_multi.3 | 1 + .../krb5/man/man3/krb5_config_vget_bool.3 | 1 + .../man/man3/krb5_config_vget_bool_default.3 | 1 + .../krb5/man/man3/krb5_config_vget_list.3 | 1 + .../krb5/man/man3/krb5_config_vget_string.3 | 1 + .../man3/krb5_config_vget_string_default.3 | 1 + .../krb5/man/man3/krb5_config_vget_strings.3 | 1 + .../krb5/man/man3/krb5_config_vget_time.3 | 1 + .../man/man3/krb5_config_vget_time_default.3 | 1 + doc/doxyout/krb5/man/man3/krb5_copy_address.3 | 1 + .../krb5/man/man3/krb5_copy_addresses.3 | 1 + doc/doxyout/krb5/man/man3/krb5_copy_context.3 | 1 + doc/doxyout/krb5/man/man3/krb5_copy_creds.3 | 1 + .../krb5/man/man3/krb5_copy_creds_contents.3 | 1 + doc/doxyout/krb5/man/man3/krb5_copy_data.3 | 1 + .../krb5/man/man3/krb5_copy_host_realm.3 | 1 + .../krb5/man/man3/krb5_copy_keyblock.3 | 1 + .../man/man3/krb5_copy_keyblock_contents.3 | 1 + .../krb5/man/man3/krb5_copy_principal.3 | 1 + doc/doxyout/krb5/man/man3/krb5_copy_ticket.3 | 1 + .../krb5/man/man3/krb5_create_checksum_iov.3 | 1 + doc/doxyout/krb5/man/man3/krb5_credential.3 | 279 + .../man/man3/krb5_creds_get_ticket_flags.3 | 1 + doc/doxyout/krb5/man/man3/krb5_crypto.3 | 550 + .../krb5/man/man3/krb5_crypto_destroy.3 | 1 + .../krb5/man/man3/krb5_crypto_fx_cf2.3 | 1 + .../krb5/man/man3/krb5_crypto_getblocksize.3 | 1 + .../man/man3/krb5_crypto_getconfoundersize.3 | 1 + .../krb5/man/man3/krb5_crypto_getenctype.3 | 1 + .../krb5/man/man3/krb5_crypto_getpadsize.3 | 1 + doc/doxyout/krb5/man/man3/krb5_crypto_init.3 | 1 + doc/doxyout/krb5/man/man3/krb5_crypto_iov.3 | 17 + doc/doxyout/krb5/man/man3/krb5_data_alloc.3 | 1 + doc/doxyout/krb5/man/man3/krb5_data_cmp.3 | 1 + doc/doxyout/krb5/man/man3/krb5_data_copy.3 | 1 + doc/doxyout/krb5/man/man3/krb5_data_ct_cmp.3 | 1 + doc/doxyout/krb5/man/man3/krb5_data_free.3 | 1 + doc/doxyout/krb5/man/man3/krb5_data_realloc.3 | 1 + doc/doxyout/krb5/man/man3/krb5_data_zero.3 | 1 + .../krb5/man/man3/krb5_decrypt_iov_ivec.3 | 1 + doc/doxyout/krb5/man/man3/krb5_deprecated.3 | 269 + doc/doxyout/krb5/man/man3/krb5_digest.3 | 38 + doc/doxyout/krb5/man/man3/krb5_digest_probe.3 | 1 + .../krb5/man/man3/krb5_eai_to_heim_errno.3 | 1 + .../krb5/man/man3/krb5_encrypt_iov_ivec.3 | 1 + .../krb5/man/man3/krb5_enctype_disable.3 | 1 + .../krb5/man/man3/krb5_enctype_enable.3 | 1 + .../krb5/man/man3/krb5_enctype_valid.3 | 1 + .../man/man3/krb5_enctypes_compatible_keys.3 | 1 + doc/doxyout/krb5/man/man3/krb5_error.3 | 105 + .../krb5/man/man3/krb5_expand_hostname.3 | 1 + .../man/man3/krb5_expand_hostname_realms.3 | 1 + doc/doxyout/krb5/man/man3/krb5_fcc_ops.3 | 1 + doc/doxyout/krb5/man/man3/krb5_fileformats.3 | 233 + doc/doxyout/krb5/man/man3/krb5_free_address.3 | 1 + .../krb5/man/man3/krb5_free_addresses.3 | 1 + .../krb5/man/man3/krb5_free_config_files.3 | 1 + doc/doxyout/krb5/man/man3/krb5_free_context.3 | 1 + .../krb5/man/man3/krb5_free_cred_contents.3 | 1 + doc/doxyout/krb5/man/man3/krb5_free_creds.3 | 1 + .../krb5/man/man3/krb5_free_creds_contents.3 | 1 + doc/doxyout/krb5/man/man3/krb5_free_data.3 | 1 + .../krb5/man/man3/krb5_free_data_contents.3 | 1 + .../krb5/man/man3/krb5_free_error_string.3 | 1 + .../krb5/man/man3/krb5_free_host_realm.3 | 1 + .../krb5/man/man3/krb5_free_keyblock.3 | 1 + .../man/man3/krb5_free_keyblock_contents.3 | 1 + .../krb5/man/man3/krb5_free_principal.3 | 1 + doc/doxyout/krb5/man/man3/krb5_free_ticket.3 | 1 + .../krb5/man/man3/krb5_free_unparsed_name.3 | 1 + .../krb5/man/man3/krb5_fwd_tgt_creds.3 | 1 + .../krb5/man/man3/krb5_generate_subkey.3 | 1 + .../man/man3/krb5_generate_subkey_extended.3 | 1 + .../krb5/man/man3/krb5_get_cred_from_kdc.3 | 1 + .../man/man3/krb5_get_cred_from_kdc_opt.3 | 1 + .../man/man3/krb5_get_default_config_files.3 | 1 + .../man/man3/krb5_get_default_in_tkt_etypes.3 | 1 + .../man3/krb5_get_dns_canonicalize_hostname.3 | 1 + .../krb5/man/man3/krb5_get_extra_addresses.3 | 1 + .../krb5/man/man3/krb5_get_fcache_version.3 | 1 + .../krb5/man/man3/krb5_get_forwarded_creds.3 | 1 + .../krb5/man/man3/krb5_get_ignore_addresses.3 | 1 + .../man/man3/krb5_get_in_tkt_with_keytab.3 | 1 + .../man/man3/krb5_get_in_tkt_with_password.3 | 1 + .../krb5/man/man3/krb5_get_in_tkt_with_skey.3 | 1 + .../man/man3/krb5_get_init_creds_keyblock.3 | 1 + .../man/man3/krb5_get_init_creds_keytab.3 | 1 + .../man/man3/krb5_get_init_creds_opt_alloc.3 | 1 + .../man/man3/krb5_get_init_creds_opt_free.3 | 1 + .../man3/krb5_get_init_creds_opt_get_error.3 | 1 + .../man/man3/krb5_get_init_creds_opt_init.3 | 1 + .../man/man3/krb5_get_init_creds_password.3 | 1 + .../krb5/man/man3/krb5_get_kdc_sec_offset.3 | 1 + .../krb5/man/man3/krb5_get_max_time_skew.3 | 1 + .../krb5/man/man3/krb5_get_use_admin_kdc.3 | 1 + .../krb5/man/man3/krb5_get_validated_creds.3 | 1 + doc/doxyout/krb5/man/man3/krb5_h_addr2addr.3 | 1 + .../krb5/man/man3/krb5_h_addr2sockaddr.3 | 1 + .../man/man3/krb5_h_errno_to_heim_errno.3 | 1 + doc/doxyout/krb5/man/man3/krb5_init_context.3 | 1 + .../krb5/man/man3/krb5_init_creds_free.3 | 1 + .../krb5/man/man3/krb5_init_creds_get.3 | 1 + .../krb5/man/man3/krb5_init_creds_get_error.3 | 1 + .../krb5/man/man3/krb5_init_creds_init.3 | 1 + .../krb5/man/man3/krb5_init_creds_intro.3 | 8 + .../man/man3/krb5_init_creds_set_keytab.3 | 1 + .../man/man3/krb5_init_creds_set_password.3 | 1 + .../man/man3/krb5_init_creds_set_service.3 | 1 + .../krb5/man/man3/krb5_init_creds_step.3 | 1 + doc/doxyout/krb5/man/man3/krb5_init_ets.3 | 1 + doc/doxyout/krb5/man/man3/krb5_introduction.3 | 259 + .../krb5/man/man3/krb5_is_config_principal.3 | 1 + .../krb5/man/man3/krb5_is_thread_safe.3 | 1 + .../krb5/man/man3/krb5_kerberos_enctypes.3 | 1 + .../krb5/man/man3/krb5_keyblock_get_enctype.3 | 1 + .../krb5/man/man3/krb5_keyblock_init.3 | 1 + .../krb5/man/man3/krb5_keyblock_zero.3 | 1 + doc/doxyout/krb5/man/man3/krb5_keytab.3 | 486 + doc/doxyout/krb5/man/man3/krb5_keytab_intro.3 | 74 + .../krb5/man/man3/krb5_keytab_key_proc.3 | 1 + .../krb5/man/man3/krb5_keytype_to_enctypes.3 | 1 + .../man3/krb5_keytype_to_enctypes_default.3 | 1 + .../krb5/man/man3/krb5_keytype_to_string.3 | 1 + .../krb5/man/man3/krb5_krbhst_get_addrinfo.3 | 1 + doc/doxyout/krb5/man/man3/krb5_kt_add_entry.3 | 1 + doc/doxyout/krb5/man/man3/krb5_kt_close.3 | 1 + doc/doxyout/krb5/man/man3/krb5_kt_compare.3 | 1 + .../man/man3/krb5_kt_copy_entry_contents.3 | 1 + doc/doxyout/krb5/man/man3/krb5_kt_default.3 | 1 + .../man/man3/krb5_kt_default_modify_name.3 | 1 + .../krb5/man/man3/krb5_kt_default_name.3 | 1 + doc/doxyout/krb5/man/man3/krb5_kt_destroy.3 | 1 + .../krb5/man/man3/krb5_kt_end_seq_get.3 | 1 + .../krb5/man/man3/krb5_kt_free_entry.3 | 1 + doc/doxyout/krb5/man/man3/krb5_kt_get_entry.3 | 1 + .../krb5/man/man3/krb5_kt_get_full_name.3 | 1 + doc/doxyout/krb5/man/man3/krb5_kt_get_name.3 | 1 + doc/doxyout/krb5/man/man3/krb5_kt_get_type.3 | 1 + .../krb5/man/man3/krb5_kt_have_content.3 | 1 + .../krb5/man/man3/krb5_kt_next_entry.3 | 1 + .../krb5/man/man3/krb5_kt_read_service_key.3 | 1 + doc/doxyout/krb5/man/man3/krb5_kt_register.3 | 1 + .../krb5/man/man3/krb5_kt_remove_entry.3 | 1 + doc/doxyout/krb5/man/man3/krb5_kt_resolve.3 | 1 + .../krb5/man/man3/krb5_kt_start_seq_get.3 | 1 + doc/doxyout/krb5/man/man3/krb5_kuserok.3 | 1 + .../krb5/man/man3/krb5_make_addrport.3 | 1 + .../krb5/man/man3/krb5_make_principal.3 | 1 + .../krb5/man/man3/krb5_max_sockaddr_size.3 | 1 + doc/doxyout/krb5/man/man3/krb5_mcc_ops.3 | 1 + doc/doxyout/krb5/man/man3/krb5_pac.3 | 66 + .../krb5/man/man3/krb5_pac_get_buffer.3 | 1 + doc/doxyout/krb5/man/man3/krb5_pac_verify.3 | 1 + .../krb5/man/man3/krb5_parse_address.3 | 1 + doc/doxyout/krb5/man/man3/krb5_parse_name.3 | 1 + .../krb5/man/man3/krb5_parse_name_flags.3 | 1 + .../krb5/man/man3/krb5_parse_nametype.3 | 1 + .../krb5/man/man3/krb5_password_key_proc.3 | 1 + .../krb5/man/man3/krb5_plugin_register.3 | 1 + .../man3/krb5_prepend_config_files_default.3 | 1 + doc/doxyout/krb5/man/man3/krb5_princ_realm.3 | 1 + .../krb5/man/man3/krb5_princ_set_realm.3 | 1 + doc/doxyout/krb5/man/man3/krb5_principal.3 | 519 + .../krb5/man/man3/krb5_principal_compare.3 | 1 + .../man3/krb5_principal_compare_any_realm.3 | 1 + .../man/man3/krb5_principal_get_num_comp.3 | 1 + .../krb5/man/man3/krb5_principal_get_realm.3 | 1 + .../krb5/man/man3/krb5_principal_get_type.3 | 1 + .../krb5/man/man3/krb5_principal_intro.3 | 17 + .../krb5/man/man3/krb5_principal_is_krbtgt.3 | 1 + .../krb5/man/man3/krb5_principal_match.3 | 1 + .../krb5/man/man3/krb5_principal_set_realm.3 | 1 + .../krb5/man/man3/krb5_principal_set_type.3 | 1 + .../krb5/man/man3/krb5_print_address.3 | 1 + .../krb5/man/man3/krb5_random_to_key.3 | 1 + doc/doxyout/krb5/man/man3/krb5_rd_req_ctx.3 | 1 + .../krb5/man/man3/krb5_rd_req_in_ctx_alloc.3 | 1 + .../krb5/man/man3/krb5_rd_req_in_set_keytab.3 | 1 + .../man/man3/krb5_rd_req_in_set_pac_check.3 | 1 + .../krb5/man/man3/krb5_rd_req_out_ctx_free.3 | 1 + .../man/man3/krb5_rd_req_out_get_server.3 | 1 + .../krb5/man/man3/krb5_realm_compare.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_address.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_addrs.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_authdata.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_creds.3 | 1 + .../krb5/man/man3/krb5_ret_creds_tag.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_data.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_int16.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_int32.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_int8.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_keyblock.3 | 1 + .../krb5/man/man3/krb5_ret_principal.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_string.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_stringz.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_times.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_uint16.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_uint32.3 | 1 + doc/doxyout/krb5/man/man3/krb5_ret_uint8.3 | 1 + .../krb5/man/man3/krb5_set_config_files.3 | 1 + .../man/man3/krb5_set_default_in_tkt_etypes.3 | 1 + .../man3/krb5_set_dns_canonicalize_hostname.3 | 1 + .../krb5/man/man3/krb5_set_error_message.3 | 1 + .../krb5/man/man3/krb5_set_error_string.3 | 1 + .../krb5/man/man3/krb5_set_extra_addresses.3 | 1 + .../krb5/man/man3/krb5_set_fcache_version.3 | 1 + .../krb5/man/man3/krb5_set_home_dir_access.3 | 1 + .../krb5/man/man3/krb5_set_ignore_addresses.3 | 1 + .../krb5/man/man3/krb5_set_kdc_sec_offset.3 | 1 + .../krb5/man/man3/krb5_set_max_time_skew.3 | 1 + doc/doxyout/krb5/man/man3/krb5_set_password.3 | 1 + .../krb5/man/man3/krb5_set_real_time.3 | 1 + .../krb5/man/man3/krb5_set_use_admin_kdc.3 | 1 + .../krb5/man/man3/krb5_sname_to_principal.3 | 1 + .../krb5/man/man3/krb5_sockaddr2address.3 | 1 + .../krb5/man/man3/krb5_sockaddr2port.3 | 1 + .../man/man3/krb5_sockaddr_uninteresting.3 | 1 + doc/doxyout/krb5/man/man3/krb5_storage.3 | 1055 + .../krb5/man/man3/krb5_storage_clear_flags.3 | 1 + doc/doxyout/krb5/man/man3/krb5_storage_emem.3 | 1 + doc/doxyout/krb5/man/man3/krb5_storage_free.3 | 1 + .../krb5/man/man3/krb5_storage_from_data.3 | 1 + .../krb5/man/man3/krb5_storage_from_fd.3 | 1 + .../krb5/man/man3/krb5_storage_from_mem.3 | 1 + .../man/man3/krb5_storage_from_readonly_mem.3 | 1 + .../man/man3/krb5_storage_get_byteorder.3 | 1 + .../krb5/man/man3/krb5_storage_get_eof_code.3 | 1 + .../krb5/man/man3/krb5_storage_is_flags.3 | 1 + doc/doxyout/krb5/man/man3/krb5_storage_read.3 | 1 + doc/doxyout/krb5/man/man3/krb5_storage_seek.3 | 1 + .../man/man3/krb5_storage_set_byteorder.3 | 1 + .../krb5/man/man3/krb5_storage_set_eof_code.3 | 1 + .../krb5/man/man3/krb5_storage_set_flags.3 | 1 + .../man/man3/krb5_storage_set_max_alloc.3 | 1 + .../krb5/man/man3/krb5_storage_to_data.3 | 1 + .../krb5/man/man3/krb5_storage_truncate.3 | 1 + .../krb5/man/man3/krb5_storage_write.3 | 1 + .../krb5/man/man3/krb5_store_address.3 | 1 + doc/doxyout/krb5/man/man3/krb5_store_addrs.3 | 1 + .../krb5/man/man3/krb5_store_authdata.3 | 1 + doc/doxyout/krb5/man/man3/krb5_store_creds.3 | 1 + .../krb5/man/man3/krb5_store_creds_tag.3 | 1 + doc/doxyout/krb5/man/man3/krb5_store_data.3 | 1 + doc/doxyout/krb5/man/man3/krb5_store_int16.3 | 1 + doc/doxyout/krb5/man/man3/krb5_store_int32.3 | 1 + doc/doxyout/krb5/man/man3/krb5_store_int8.3 | 1 + .../krb5/man/man3/krb5_store_keyblock.3 | 1 + .../krb5/man/man3/krb5_store_principal.3 | 1 + doc/doxyout/krb5/man/man3/krb5_store_string.3 | 1 + .../krb5/man/man3/krb5_store_stringz.3 | 1 + doc/doxyout/krb5/man/man3/krb5_store_times.3 | 1 + doc/doxyout/krb5/man/man3/krb5_store_uint16.3 | 1 + doc/doxyout/krb5/man/man3/krb5_store_uint32.3 | 1 + doc/doxyout/krb5/man/man3/krb5_store_uint8.3 | 1 + .../krb5/man/man3/krb5_string_to_keytype.3 | 1 + doc/doxyout/krb5/man/man3/krb5_support.3 | 650 + doc/doxyout/krb5/man/man3/krb5_ticket.3 | 34 + .../krb5_ticket_get_authorization_data_type.3 | 1 + .../krb5/man/man3/krb5_ticket_get_client.3 | 1 + .../krb5/man/man3/krb5_ticket_get_endtime.3 | 1 + .../krb5/man/man3/krb5_ticket_get_flags.3 | 1 + .../krb5/man/man3/krb5_ticket_get_server.3 | 1 + doc/doxyout/krb5/man/man3/krb5_unparse_name.3 | 1 + .../krb5/man/man3/krb5_unparse_name_fixed.3 | 1 + .../man/man3/krb5_unparse_name_fixed_flags.3 | 1 + .../man/man3/krb5_unparse_name_fixed_short.3 | 1 + .../krb5/man/man3/krb5_unparse_name_flags.3 | 1 + .../krb5/man/man3/krb5_unparse_name_short.3 | 1 + doc/doxyout/krb5/man/man3/krb5_v4compat.3 | 60 + .../krb5/man/man3/krb5_verify_checksum_iov.3 | 1 + .../krb5/man/man3/krb5_vset_error_string.3 | 1 + doc/doxyout/krb5/man/man3/krb5_vwarn.3 | 1 + doc/doxyout/krb5/manpages | 360 + doc/doxyout/ntlm/html/annotated.html | 39 + doc/doxyout/ntlm/html/doxygen.css | 473 + doc/doxyout/ntlm/html/doxygen.png | Bin 0 -> 1281 bytes doc/doxyout/ntlm/html/examples.html | 30 + doc/doxyout/ntlm/html/functions.html | 78 + doc/doxyout/ntlm/html/functions_vars.html | 78 + doc/doxyout/ntlm/html/graph_legend.dot | 22 + doc/doxyout/ntlm/html/graph_legend.html | 89 + doc/doxyout/ntlm/html/graph_legend.png | Bin 0 -> 4256 bytes doc/doxyout/ntlm/html/group__ntlm__core.html | 936 + doc/doxyout/ntlm/html/index.html | 37 + doc/doxyout/ntlm/html/modules.html | 30 + doc/doxyout/ntlm/html/structntlm__buf.html | 82 + doc/doxyout/ntlm/html/structntlm__type1.html | 118 + doc/doxyout/ntlm/html/structntlm__type2.html | 159 + .../html/structntlm__type2__coll__graph.map | 1 + .../html/structntlm__type2__coll__graph.md5 | 1 + .../html/structntlm__type2__coll__graph.png | Bin 0 -> 821 bytes doc/doxyout/ntlm/html/structntlm__type3.html | 194 + .../html/structntlm__type3__coll__graph.map | 1 + .../html/structntlm__type3__coll__graph.md5 | 1 + .../html/structntlm__type3__coll__graph.png | Bin 0 -> 951 bytes doc/doxyout/ntlm/html/tab_b.gif | Bin 0 -> 35 bytes doc/doxyout/ntlm/html/tab_l.gif | Bin 0 -> 706 bytes doc/doxyout/ntlm/html/tab_r.gif | Bin 0 -> 2585 bytes doc/doxyout/ntlm/html/tabs.css | 102 + .../ntlm/html/test__ntlm_8c-example.html | 408 + doc/doxyout/ntlm/man/man3/challenge.3 | 1 + doc/doxyout/ntlm/man/man3/context.3 | 1 + doc/doxyout/ntlm/man/man3/data.3 | 1 + doc/doxyout/ntlm/man/man3/domain.3 | 1 + doc/doxyout/ntlm/man/man3/flags.3 | 1 + .../man/man3/heim_ntlm_build_ntlm1_master.3 | 1 + .../man/man3/heim_ntlm_build_ntlm2_master.3 | 1 + .../ntlm/man/man3/heim_ntlm_calculate_lm2.3 | 1 + .../ntlm/man/man3/heim_ntlm_calculate_ntlm1.3 | 1 + .../ntlm/man/man3/heim_ntlm_calculate_ntlm2.3 | 1 + .../man/man3/heim_ntlm_decode_targetinfo.3 | 1 + .../man/man3/heim_ntlm_encode_targetinfo.3 | 1 + .../ntlm/man/man3/heim_ntlm_encode_type1.3 | 1 + .../ntlm/man/man3/heim_ntlm_encode_type2.3 | 1 + .../ntlm/man/man3/heim_ntlm_encode_type3.3 | 1 + .../ntlm/man/man3/heim_ntlm_free_buf.3 | 1 + .../ntlm/man/man3/heim_ntlm_free_targetinfo.3 | 1 + .../ntlm/man/man3/heim_ntlm_free_type1.3 | 1 + .../ntlm/man/man3/heim_ntlm_free_type2.3 | 1 + .../ntlm/man/man3/heim_ntlm_free_type3.3 | 1 + .../ntlm/man/man3/heim_ntlm_keyex_unwrap.3 | 1 + doc/doxyout/ntlm/man/man3/heim_ntlm_nt_key.3 | 1 + .../ntlm/man/man3/heim_ntlm_ntlmv2_key.3 | 1 + .../ntlm/man/man3/heim_ntlm_verify_ntlm2.3 | 1 + doc/doxyout/ntlm/man/man3/hostname.3 | 1 + doc/doxyout/ntlm/man/man3/length.3 | 1 + doc/doxyout/ntlm/man/man3/lm.3 | 1 + doc/doxyout/ntlm/man/man3/ntlm.3 | 1 + doc/doxyout/ntlm/man/man3/ntlm_buf.3 | 48 + doc/doxyout/ntlm/man/man3/ntlm_core.3 | 421 + doc/doxyout/ntlm/man/man3/ntlm_type1.3 | 68 + doc/doxyout/ntlm/man/man3/ntlm_type2.3 | 80 + doc/doxyout/ntlm/man/man3/ntlm_type3.3 | 96 + doc/doxyout/ntlm/man/man3/os.3 | 1 + doc/doxyout/ntlm/man/man3/sessionkey.3 | 1 + doc/doxyout/ntlm/man/man3/targetinfo.3 | 1 + doc/doxyout/ntlm/man/man3/targetname.3 | 1 + doc/doxyout/ntlm/man/man3/username.3 | 1 + doc/doxyout/ntlm/man/man3/ws.3 | 1 + doc/doxyout/ntlm/manpages | 39 + doc/doxyout/wind/html/doxygen.css | 473 + doc/doxyout/wind/html/doxygen.png | Bin 0 -> 1281 bytes doc/doxyout/wind/html/graph_legend.dot | 22 + doc/doxyout/wind/html/graph_legend.html | 87 + doc/doxyout/wind/html/graph_legend.png | Bin 0 -> 4256 bytes doc/doxyout/wind/html/group__wind.html | 680 + doc/doxyout/wind/html/index.html | 30 + doc/doxyout/wind/html/modules.html | 28 + doc/doxyout/wind/html/tab_b.gif | Bin 0 -> 35 bytes doc/doxyout/wind/html/tab_l.gif | Bin 0 -> 706 bytes doc/doxyout/wind/html/tab_r.gif | Bin 0 -> 2585 bytes doc/doxyout/wind/html/tabs.css | 102 + doc/doxyout/wind/man/man3/wind.3 | 326 + doc/doxyout/wind/man/man3/wind_profile.3 | 1 + .../man/man3/wind_punycode_label_toascii.3 | 1 + doc/doxyout/wind/man/man3/wind_stringprep.3 | 1 + doc/doxyout/wind/man/man3/wind_ucs2read.3 | 1 + doc/doxyout/wind/man/man3/wind_ucs2utf8.3 | 1 + .../wind/man/man3/wind_ucs2utf8_length.3 | 1 + doc/doxyout/wind/man/man3/wind_ucs2write.3 | 1 + doc/doxyout/wind/man/man3/wind_ucs4utf8.3 | 1 + .../wind/man/man3/wind_ucs4utf8_length.3 | 1 + doc/doxyout/wind/man/man3/wind_utf8ucs2.3 | 1 + .../wind/man/man3/wind_utf8ucs2_length.3 | 1 + doc/doxyout/wind/man/man3/wind_utf8ucs4.3 | 1 + .../wind/man/man3/wind_utf8ucs4_length.3 | 1 + doc/doxyout/wind/manpages | 14 + doc/doxytmpl.dxy | 1 - doc/footer.html | 4 + doc/gssapi.din | 16 + doc/hcrypto.din | 3 +- doc/hdb.din | 15 + doc/header.html | 10 + doc/heimdal.info | 3519 + doc/heimdal.texi | 245 +- doc/hx509.din | 2 +- doc/hx509.info | 617 + doc/hx509.texi | 424 +- doc/install.texi | 103 +- doc/intro.texi | 2 +- doc/kerberos4.texi | 24 +- doc/krb5.din | 2 +- doc/migration.texi | 12 +- doc/misc.texi | 2 +- doc/ntlm.din | 3 +- doc/programming.texi | 643 +- doc/setup.texi | 486 +- doc/vars.texi | 2 +- doc/whatis.texi | 2 +- doc/win2k.texi | 112 +- doc/wind.din | 15 + etc/Makefile.am | 4 +- etc/Makefile.in | 150 +- etc/NTMakefile | 35 + etc/services.append | 2 +- include/Makefile.am | 94 +- include/Makefile.in | 435 +- include/NTMakefile | 118 + include/bits.c | 117 +- include/config.h.in | 245 +- include/crypto-headers.h | 57 + include/gssapi/Makefile.am | 5 +- include/gssapi/Makefile.in | 151 +- include/gssapi/NTMakefile | 34 + include/hcrypto/Makefile.am | 9 +- include/hcrypto/Makefile.in | 154 +- include/hcrypto/NTMakefile | 34 + {lib/krb5 => include}/heim_threads.h | 82 +- include/kadm5/Makefile.am | 7 +- include/kadm5/Makefile.in | 152 +- include/kadm5/NTMakefile | 34 + include/krb5-types.cross | 61 + include/make_crypto.c | 111 - install-sh | 225 +- kadmin/ChangeLog | 130 +- kadmin/Makefile.am | 19 +- kadmin/Makefile.in | 558 +- kadmin/NTMakefile | 134 + kadmin/add-random-users.c | 59 +- kadmin/add_enctype.c | 53 +- kadmin/ank.c | 90 +- kadmin/check.c | 63 +- kadmin/cpw.c | 58 +- kadmin/del.c | 52 +- kadmin/del_enctype.c | 54 +- kadmin/dump.c | 58 +- kadmin/ext.c | 60 +- kadmin/get.c | 142 +- kadmin/init.c | 103 +- kadmin/kadm_conn.c | 193 +- kadmin/kadmin-commands.in | 14 +- kadmin/kadmin-version.rc | 36 + kadmin/kadmin.8 | 185 +- kadmin/kadmin.c | 126 +- kadmin/kadmin.cat8 | 180 + kadmin/kadmin_locl.h | 74 +- kadmin/kadmind-version.rc | 36 + kadmin/kadmind.8 | 102 +- kadmin/kadmind.c | 142 +- kadmin/kadmind.cat8 | 87 + kadmin/load.c | 92 +- kadmin/mod.c | 126 +- kadmin/pw_quality.c | 52 +- kadmin/random_password.c | 64 +- kadmin/rename.c | 52 +- kadmin/rpc.c | 1106 + kadmin/server.c | 371 +- kadmin/stash.c | 81 +- kadmin/test_util.c | 30 +- kadmin/util.c | 110 +- kcm/Makefile.am | 19 +- kcm/Makefile.in | 413 +- kcm/NTMakefile | 35 + kcm/acl.c | 61 +- kcm/acquire.c | 424 +- kcm/cache.c | 325 +- kcm/client.c | 32 +- kcm/config.c | 83 +- kcm/connect.c | 716 +- kcm/cursor.c | 151 - kcm/events.c | 11 +- kcm/glue.c | 3 +- kcm/headers.h | 21 +- kcm/{kcm_protos.h => kcm-protos.h} | 72 +- kcm/kcm.8 | 178 +- kcm/kcm.cat8 | 92 + kcm/kcm_locl.h | 45 +- kcm/log.c | 52 +- kcm/main.c | 70 +- kcm/protocol.c | 1026 +- kcm/renew.c | 2 +- kcm/sessions.c | 83 + kdc/524.c | 400 - kdc/Makefile.am | 45 +- kdc/Makefile.in | 762 +- kdc/NTMakefile | 161 + kdc/announce.c | 544 + kdc/config.c | 193 +- kdc/connect.c | 309 +- kdc/default_config.c | 312 +- kdc/digest-service.c | 282 + kdc/digest.c | 667 +- kdc/headers.h | 66 +- kdc/hprop-version.rc | 36 + kdc/hprop.8 | 162 +- kdc/hprop.c | 473 +- kdc/hprop.cat8 | 67 + kdc/hprop.h | 52 +- kdc/hpropd-version.rc | 36 + kdc/hpropd.8 | 95 +- kdc/hpropd.c | 132 +- kdc/hpropd.cat8 | 44 + kdc/kadb.h | 84 - kdc/kaserver.c | 951 - kdc/kdc-private.h | 148 +- kdc/kdc-protos.h | 25 + kdc/kdc-replay.c | 77 +- kdc/kdc-version.rc | 36 + kdc/kdc.8 | 151 +- kdc/kdc.cat8 | 176 + kdc/kdc.h | 97 +- kdc/kdc_locl.h | 70 +- kdc/kerberos4.c | 805 - kdc/kerberos5.c | 1080 +- kdc/krb5tgs.c | 1377 +- kdc/kstash-version.rc | 36 + kdc/kstash.8 | 90 +- kdc/kstash.c | 88 +- kdc/kstash.cat8 | 43 + kdc/kx509.c | 184 +- kdc/libkdc-exports.def | 14 + kdc/libkdc-version.rc | 36 + kdc/log.c | 76 +- kdc/main.c | 124 +- kdc/misc.c | 148 +- kdc/mit_dump.c | 112 +- kdc/pkinit.c | 1251 +- kdc/process.c | 285 +- kdc/rx.h | 52 +- kdc/set_dbinfo.c | 107 +- kdc/string2key-version.rc | 36 + kdc/string2key.8 | 111 +- kdc/string2key.c | 105 +- kdc/string2key.cat8 | 43 + kdc/v4_dump.c | 143 - kdc/version-script.map | 9 +- kdc/windc.c | 112 +- kdc/windc_plugin.h | 75 +- kpasswd/Makefile.am | 5 +- kpasswd/Makefile.in | 526 +- kpasswd/NTMakefile | 51 + kpasswd/kpasswd-generator.c | 65 +- kpasswd/kpasswd.1 | 60 +- kpasswd/kpasswd.c | 100 +- kpasswd/kpasswd.cat1 | 32 + kpasswd/kpasswd_locl.h | 52 +- kpasswd/kpasswdd.8 | 74 +- kpasswd/kpasswdd.c | 166 +- kpasswd/kpasswdd.cat8 | 59 + kuser/Makefile.am | 50 +- kuser/Makefile.in | 616 +- kuser/NTMakefile | 132 + kuser/copy_cred_cache.1 | 35 +- kuser/copy_cred_cache.c | 170 +- kuser/generate-requests.c | 80 +- kuser/kcc-commands.in | 239 + kuser/kcc-version.rc | 36 + kuser/kcc.c | 165 + kuser/kdecode_ticket.c | 61 +- kuser/kdestroy-version.rc | 36 + kuser/kdestroy.1 | 78 +- kuser/kdestroy.c | 166 +- kuser/kdestroy.cat1 | 37 + kuser/kdigest-commands.in | 4 +- kuser/kdigest-version.rc | 36 + kuser/kdigest.8 | 256 + kuser/kdigest.c | 213 +- kuser/kdigest.cat8 | 133 + kuser/kgetcred-version.rc | 36 + kuser/kgetcred.1 | 94 +- kuser/kgetcred.c | 95 +- kuser/kgetcred.cat1 | 38 + kuser/kimpersonate-version.rc | 36 + kuser/{kimpersonate.1 => kimpersonate.8} | 151 +- kuser/kimpersonate.c | 120 +- kuser/kimpersonate.cat8 | 71 + kuser/kinit-version.rc | 36 + kuser/kinit.1 | 230 +- kuser/kinit.c | 530 +- kuser/kinit.cat1 | 130 + kuser/klist.1 | 103 +- kuser/klist.c | 443 +- kuser/klist.cat1 | 90 + lib/krb5/krb5_context.3 => kuser/kswitch.1 | 75 +- kuser/kswitch.c | 169 + kuser/kswitch.cat1 | 32 + kuser/kuser_locl.h | 79 +- kuser/kverify.c | 68 +- lib/45/Makefile.am | 11 - lib/45/get_ad_tkt.c | 116 - lib/45/mk_req.c | 139 - lib/Makefile.am | 33 +- lib/Makefile.in | 280 +- lib/NTMakefile | 72 + lib/asn1/ChangeLog | 612 +- lib/asn1/Makefile.am | 592 +- lib/asn1/Makefile.in | 1372 +- lib/asn1/NTMakefile | 356 + lib/asn1/asn1-common.h | 19 +- lib/asn1/asn1-template.h | 141 + lib/asn1/asn1_compile-version.rc | 36 + lib/asn1/asn1_err.et | 6 +- lib/asn1/asn1_gen.c | 75 +- lib/asn1/asn1_print.c | 130 +- lib/asn1/asn1_queue.h | 2 +- lib/asn1/{parse.c => asn1parse.c} | 936 +- lib/asn1/{parse.h => asn1parse.h} | 4 +- lib/asn1/{parse.y => asn1parse.y} | 156 +- lib/asn1/canthandle.asn1 | 4 +- lib/asn1/check-ber.c | 279 + lib/asn1/check-common.c | 136 +- lib/asn1/check-common.h | 74 +- lib/asn1/check-der.c | 150 +- lib/asn1/check-gen.c | 500 +- lib/asn1/check-template.c | 255 + lib/asn1/check-timegm.c | 61 +- lib/asn1/{CMS.asn1 => cms.asn1} | 16 +- lib/asn1/cms.opt | 2 + lib/asn1/der-private.h | 82 + lib/asn1/der-protos.h | 67 +- lib/asn1/der.c | 52 +- lib/asn1/der.h | 56 +- lib/asn1/der_cmp.c | 70 +- lib/asn1/der_copy.c | 102 +- lib/asn1/der_format.c | 60 +- lib/asn1/der_free.c | 85 +- lib/asn1/der_get.c | 229 +- lib/asn1/der_length.c | 76 +- lib/asn1/der_locl.h | 59 +- lib/asn1/der_put.c | 114 +- lib/asn1/digest.asn1 | 19 +- lib/asn1/extra.c | 112 +- lib/asn1/gen.c | 479 +- lib/asn1/gen_copy.c | 96 +- lib/asn1/gen_decode.c | 295 +- lib/asn1/gen_encode.c | 139 +- lib/asn1/gen_free.c | 91 +- lib/asn1/gen_glue.c | 88 +- lib/asn1/gen_length.c | 102 +- lib/asn1/gen_locl.h | 73 +- lib/asn1/gen_seq.c | 72 +- lib/asn1/gen_template.c | 918 + lib/asn1/hash.c | 52 +- lib/asn1/hash.h | 54 +- lib/asn1/heim_asn1.h | 50 +- lib/asn1/{k5.asn1 => krb5.asn1} | 268 +- lib/asn1/krb5.opt | 6 + lib/asn1/kx509.asn1 | 13 +- lib/asn1/lex.c | 186 +- lib/asn1/lex.h | 54 +- lib/asn1/lex.l | 80 +- lib/asn1/libasn1-exports.def | 1578 + lib/asn1/main.c | 130 +- lib/asn1/pkcs12.asn1 | 4 +- lib/asn1/pkcs8.asn1 | 4 +- lib/asn1/pkcs9.asn1 | 2 +- lib/asn1/pkinit.asn1 | 34 +- lib/asn1/rfc2459.asn1 | 88 +- lib/asn1/setchgpw2.asn1 | 4 +- lib/asn1/symbol.c | 8 +- lib/asn1/symbol.h | 85 +- lib/asn1/template.c | 1119 + lib/asn1/test.asn1 | 61 +- lib/asn1/test.gen | 2 +- lib/asn1/timegm.c | 124 +- lib/asn1/version-script.map | 6 + lib/auth/ChangeLog | 206 - lib/auth/Makefile.am | 6 - lib/auth/afskauthlib/Makefile.am | 51 - lib/auth/afskauthlib/verify.c | 307 - lib/auth/pam/Makefile.am | 69 - lib/auth/pam/pam.c | 443 - lib/auth/pam/pam.conf.add | 97 - lib/auth/sia/Makefile.am | 116 - lib/auth/sia/krb5+c2_matrix.conf | 27 - lib/auth/sia/krb5_matrix.conf | 27 - lib/auth/sia/make-rpath | 34 - lib/auth/sia/posix_getpw.c | 78 - lib/auth/sia/security.patch | 11 - lib/auth/sia/sia.c | 703 - lib/com_err/ChangeLog | 22 +- lib/com_err/Makefile.am | 15 +- lib/com_err/Makefile.in | 373 +- lib/com_err/NTMakefile | 91 + lib/com_err/com_err.c | 91 +- lib/com_err/com_err.h | 80 +- lib/com_err/com_right.h | 86 +- lib/com_err/compile_et-version.rc | 36 + lib/com_err/compile_et.c | 96 +- lib/com_err/compile_et.h | 54 +- lib/com_err/error.c | 93 +- lib/com_err/lex.c | 237 +- lib/com_err/lex.h | 54 +- lib/com_err/lex.l | 59 +- lib/com_err/libcom_err-exports.def | 14 + lib/com_err/libcom_err-version.rc | 36 + lib/com_err/parse.c | 89 +- lib/com_err/parse.h | 2 +- lib/com_err/parse.y | 63 +- lib/com_err/roken_rename.h | 66 +- lib/com_err/version-script.map | 2 + lib/gssapi/ChangeLog | 513 +- lib/gssapi/Makefile.am | 99 +- lib/gssapi/Makefile.in | 1486 +- lib/gssapi/NTMakefile | 639 + lib/gssapi/gss-commands.in | 17 +- lib/gssapi/gss_acquire_cred.3 | 6 +- lib/gssapi/gss_acquire_cred.cat3 | 406 + lib/gssapi/gssapi.3 | 153 +- lib/gssapi/gssapi.cat3 | 115 + lib/gssapi/gssapi.h | 52 +- lib/gssapi/gssapi/gssapi.h | 555 +- lib/gssapi/gssapi/gssapi_krb5.h | 177 +- lib/gssapi/gssapi/gssapi_ntlm.h | 41 + lib/gssapi/gssapi/gssapi_oid.h | 245 + lib/gssapi/gssapi/gssapi_spnego.h | 63 +- lib/gssapi/gssapi_mech.h | 309 +- lib/gssapi/{gss.c => gsstool.c} | 184 +- lib/gssapi/krb5/8003.c | 127 +- lib/gssapi/krb5/accept_sec_context.c | 378 +- lib/gssapi/krb5/acquire_cred.c | 310 +- lib/gssapi/krb5/add_cred.c | 101 +- lib/gssapi/krb5/address_to_krb5addr.c | 70 +- lib/gssapi/krb5/aeap.c | 100 + lib/gssapi/krb5/arcfour.c | 190 +- lib/gssapi/krb5/authorize_localname.c | 66 + lib/gssapi/krb5/canonicalize_name.c | 72 +- lib/gssapi/krb5/ccache_name.c | 56 +- lib/gssapi/krb5/cfx.c | 1245 +- lib/gssapi/krb5/cfx.h | 2 +- lib/gssapi/krb5/compare_name.c | 56 +- lib/gssapi/krb5/compat.c | 67 +- lib/gssapi/krb5/context_time.c | 62 +- lib/gssapi/krb5/copy_ccache.c | 70 +- lib/gssapi/krb5/creds.c | 255 + lib/gssapi/krb5/decapsulate.c | 66 +- lib/gssapi/krb5/delete_sec_context.c | 61 +- lib/gssapi/krb5/display_name.c | 56 +- lib/gssapi/krb5/display_status.c | 97 +- lib/gssapi/krb5/duplicate_name.c | 63 +- lib/gssapi/krb5/encapsulate.c | 64 +- lib/gssapi/krb5/export_name.c | 56 +- lib/gssapi/krb5/export_sec_context.c | 56 +- lib/gssapi/krb5/external.c | 411 +- lib/gssapi/krb5/get_mic.c | 100 +- lib/gssapi/krb5/gkrb5_err.et | 2 +- lib/gssapi/krb5/gsskrb5-private.h | 297 +- lib/gssapi/krb5/gsskrb5_locl.h | 80 +- lib/gssapi/krb5/import_name.c | 142 +- lib/gssapi/krb5/import_sec_context.c | 70 +- lib/gssapi/krb5/indicate_mechs.c | 56 +- lib/gssapi/krb5/init.c | 54 +- lib/gssapi/krb5/init_sec_context.c | 744 +- lib/gssapi/krb5/inquire_context.c | 58 +- lib/gssapi/krb5/inquire_cred.c | 68 +- lib/gssapi/krb5/inquire_cred_by_mech.c | 60 +- lib/gssapi/krb5/inquire_cred_by_oid.c | 6 +- lib/gssapi/krb5/inquire_mechs_for_name.c | 56 +- lib/gssapi/krb5/inquire_names_for_mech.c | 75 +- lib/gssapi/krb5/inquire_sec_context_by_oid.c | 106 +- lib/gssapi/krb5/pname_to_uid.c | 85 + lib/gssapi/krb5/prf.c | 93 +- lib/gssapi/krb5/process_context_token.c | 64 +- lib/gssapi/krb5/release_buffer.c | 54 +- lib/gssapi/krb5/release_cred.c | 62 +- lib/gssapi/krb5/release_name.c | 56 +- lib/gssapi/krb5/sequence.c | 102 +- lib/gssapi/krb5/set_cred_option.c | 41 +- lib/gssapi/krb5/set_sec_context_option.c | 84 +- lib/gssapi/krb5/store_cred.c | 116 + lib/gssapi/krb5/test_cfx.c | 78 +- lib/gssapi/krb5/ticket_flags.c | 54 +- lib/gssapi/krb5/unwrap.c | 191 +- lib/gssapi/krb5/v1.c | 104 - lib/gssapi/krb5/verify_mic.c | 136 +- lib/gssapi/krb5/wrap.c | 191 +- lib/gssapi/libgssapi-exports.def | 189 + lib/gssapi/libgssapi-version.rc | 36 + lib/gssapi/mech/compat.h | 94 + lib/gssapi/mech/context.c | 163 + lib/gssapi/mech/context.h | 41 + lib/gssapi/mech/cred.h | 57 + lib/gssapi/mech/doxygen.c | 132 + lib/gssapi/mech/gss_accept_sec_context.c | 308 + lib/gssapi/mech/gss_acquire_cred.c | 168 + lib/gssapi/mech/gss_acquire_cred_ext.c | 193 + .../mech/gss_acquire_cred_with_password.c | 118 + lib/gssapi/mech/gss_add_cred.c | 186 + lib/gssapi/mech/gss_add_cred_with_password.c | 150 + lib/gssapi/mech/gss_add_oid_set_member.c | 84 + lib/gssapi/mech/gss_aeap.c | 216 + lib/gssapi/mech/gss_authorize_localname.c | 187 + lib/gssapi/mech/gss_buffer_set.c | 124 + lib/gssapi/mech/gss_canonicalize_name.c | 111 + lib/gssapi/mech/gss_compare_name.c | 76 + lib/gssapi/mech/gss_context_time.c | 40 + lib/gssapi/mech/gss_create_empty_oid_set.c | 51 + lib/gssapi/mech/gss_cred.c | 224 + lib/gssapi/mech/gss_decapsulate_token.c | 72 + lib/gssapi/mech/gss_delete_name_attribute.c | 65 + lib/gssapi/mech/gss_delete_sec_context.c | 57 + lib/gssapi/mech/gss_display_name.c | 82 + lib/gssapi/mech/gss_display_name_ext.c | 68 + lib/gssapi/mech/gss_display_status.c | 211 + lib/gssapi/mech/gss_duplicate_name.c | 95 + lib/gssapi/mech/gss_duplicate_oid.c | 68 + lib/gssapi/mech/gss_encapsulate_token.c | 66 + lib/gssapi/mech/gss_export_name.c | 54 + lib/gssapi/mech/gss_export_name_composite.c | 66 + lib/gssapi/mech/gss_export_sec_context.c | 77 + lib/gssapi/mech/gss_get_mic.c | 51 + lib/gssapi/mech/gss_get_name_attribute.c | 81 + lib/gssapi/mech/gss_import_name.c | 291 + lib/gssapi/mech/gss_import_sec_context.c | 82 + lib/gssapi/mech/gss_indicate_mechs.c | 64 + lib/gssapi/mech/gss_init_sec_context.c | 212 + lib/gssapi/mech/gss_inquire_context.c | 105 + lib/gssapi/mech/gss_inquire_cred.c | 195 + lib/gssapi/mech/gss_inquire_cred_by_mech.c | 92 + lib/gssapi/mech/gss_inquire_cred_by_oid.c | 86 + lib/gssapi/mech/gss_inquire_mechs_for_name.c | 76 + lib/gssapi/mech/gss_inquire_name.c | 79 + lib/gssapi/mech/gss_inquire_names_for_mech.c | 73 + .../mech/gss_inquire_sec_context_by_oid.c | 70 + lib/gssapi/mech/gss_krb5.c | 941 + lib/gssapi/mech/gss_mech_switch.c | 438 + lib/gssapi/mech/gss_mo.c | 635 + lib/gssapi/mech/gss_names.c | 110 + lib/gssapi/mech/gss_oid.c | 266 + lib/gssapi/mech/gss_oid_equal.c | 58 + lib/gssapi/mech/gss_oid_to_str.c | 98 + lib/gssapi/mech/gss_pname_to_uid.c | 167 + lib/gssapi/mech/gss_process_context_token.c | 41 + lib/gssapi/mech/gss_pseudo_random.c | 70 + lib/gssapi/mech/gss_release_buffer.c | 42 + lib/gssapi/mech/gss_release_cred.c | 73 + lib/gssapi/mech/gss_release_name.c | 74 + lib/gssapi/mech/gss_release_oid.c | 58 + lib/gssapi/mech/gss_release_oid_set.c | 44 + lib/gssapi/mech/gss_seal.c | 45 + lib/gssapi/mech/gss_set_cred_option.c | 118 + lib/gssapi/mech/gss_set_name_attribute.c | 69 + lib/gssapi/mech/gss_set_sec_context_option.c | 70 + lib/gssapi/mech/gss_sign.c | 41 + lib/gssapi/mech/gss_store_cred.c | 94 + lib/gssapi/mech/gss_test_oid_set_member.c | 46 + lib/gssapi/mech/gss_unseal.c | 43 + lib/gssapi/mech/gss_unwrap.c | 45 + lib/gssapi/mech/gss_utils.c | 78 + lib/gssapi/mech/gss_verify.c | 42 + lib/gssapi/mech/gss_verify_mic.c | 52 + lib/gssapi/mech/gss_wrap.c | 71 + lib/gssapi/mech/gss_wrap_size_limit.c | 52 + lib/gssapi/mech/gssapi.asn1 | 12 + lib/gssapi/mech/mech.5 | 94 + lib/gssapi/mech/mech.cat5 | 61 + .../make_cmds.h => gssapi/mech/mech_locl.h} | 117 +- lib/gssapi/mech/mech_switch.h | 43 + lib/gssapi/mech/mechqueue.h | 97 + lib/gssapi/mech/name.h | 48 + lib/gssapi/mech/utils.h | 33 + lib/gssapi/ntlm/accept_sec_context.c | 102 +- lib/gssapi/ntlm/acquire_cred.c | 75 +- lib/gssapi/ntlm/add_cred.c | 56 +- lib/gssapi/ntlm/canonicalize_name.c | 57 +- lib/gssapi/ntlm/compare_name.c | 56 +- lib/gssapi/ntlm/context_time.c | 56 +- lib/gssapi/ntlm/creds.c | 160 + lib/gssapi/ntlm/crypto.c | 135 +- lib/gssapi/ntlm/delete_sec_context.c | 56 +- lib/gssapi/ntlm/display_name.c | 63 +- lib/gssapi/ntlm/display_status.c | 57 +- lib/gssapi/ntlm/duplicate_name.c | 57 +- lib/gssapi/ntlm/export_name.c | 57 +- lib/gssapi/ntlm/export_sec_context.c | 56 +- lib/gssapi/ntlm/external.c | 113 +- lib/gssapi/ntlm/import_name.c | 84 +- lib/gssapi/ntlm/import_sec_context.c | 56 +- lib/gssapi/ntlm/indicate_mechs.c | 54 +- lib/gssapi/ntlm/init_sec_context.c | 187 +- lib/gssapi/ntlm/inquire_context.c | 57 +- lib/gssapi/ntlm/inquire_cred.c | 78 - lib/gssapi/ntlm/inquire_cred_by_mech.c | 57 +- lib/gssapi/ntlm/inquire_mechs_for_name.c | 57 +- lib/gssapi/ntlm/inquire_names_for_mech.c | 58 +- lib/gssapi/ntlm/inquire_sec_context_by_oid.c | 90 + lib/gssapi/ntlm/iter_cred.c | 99 + lib/gssapi/ntlm/{digest.c => kdc.c} | 107 +- lib/gssapi/ntlm/ntlm-private.h | 74 +- lib/gssapi/ntlm/ntlm.h | 66 +- lib/gssapi/ntlm/process_context_token.c | 56 +- lib/gssapi/ntlm/release_cred.c | 56 +- lib/gssapi/ntlm/release_name.c | 57 +- lib/gssapi/spnego/accept_sec_context.c | 337 +- lib/gssapi/spnego/compat.c | 31 +- lib/gssapi/spnego/context_stubs.c | 373 +- lib/gssapi/spnego/cred_stubs.c | 165 +- lib/gssapi/spnego/external.c | 82 +- lib/gssapi/spnego/init_sec_context.c | 165 +- lib/gssapi/spnego/spnego-private.h | 183 +- lib/gssapi/spnego/spnego.asn1 | 2 +- lib/gssapi/spnego/spnego.opt | 1 + lib/gssapi/spnego/spnego_locl.h | 20 +- lib/gssapi/test_acquire_cred.c | 142 +- lib/gssapi/test_common.c | 43 +- lib/gssapi/test_common.h | 24 +- lib/gssapi/test_context.c | 588 +- lib/gssapi/test_cred.c | 43 +- lib/gssapi/test_kcred.c | 38 +- lib/gssapi/test_names.c | 41 +- lib/gssapi/test_ntlm.c | 40 +- lib/gssapi/test_oid.c | 60 +- lib/gssapi/version-script.map | 245 +- lib/hcrypto/ChangeLog | 1227 + lib/hcrypto/DESperate.txt | 108 + lib/hcrypto/Makefile.am | 337 + lib/hcrypto/Makefile.in | 2858 + lib/hcrypto/NTMakefile | 248 + lib/hcrypto/aes.c | 144 + lib/hcrypto/aes.h | 83 + lib/hcrypto/bn.c | 531 + lib/hcrypto/bn.h | 132 + lib/hcrypto/camellia-ntt.c | 1469 + lib/hcrypto/camellia-ntt.h | 65 + lib/hcrypto/camellia.c | 116 + lib/hcrypto/camellia.h | 72 + lib/hcrypto/common.c | 69 + lib/hcrypto/common.h | 45 + lib/hcrypto/des-tables.h | 196 + lib/hcrypto/des.c | 1184 + lib/hcrypto/des.h | 146 + lib/hcrypto/destest.c | 623 + lib/hcrypto/dh-ltm.c | 240 + lib/hcrypto/dh.c | 554 + lib/hcrypto/dh.h | 146 + lib/hcrypto/dllmain.c | 49 + lib/hcrypto/doxygen.c | 102 + lib/hcrypto/dsa.c | 121 + lib/hcrypto/dsa.h | 140 + lib/hcrypto/ec.h | 93 + lib/hcrypto/ecdh.h | 47 + lib/hcrypto/ecdsa.h | 52 + lib/hcrypto/engine.c | 395 + lib/hcrypto/engine.h | 118 + lib/hcrypto/evp-cc.c | 856 + lib/hcrypto/evp-cc.h | 98 + lib/hcrypto/evp-hcrypto.c | 857 + lib/hcrypto/evp-hcrypto.h | 103 + lib/hcrypto/evp.c | 1495 + lib/hcrypto/evp.h | 329 + lib/hcrypto/example_evp_cipher.c | 146 + lib/hcrypto/gen-des.pl | 217 + lib/{auth/sia/sia_locl.h => hcrypto/hash.h} | 104 +- lib/hcrypto/hmac.c | 162 + lib/hcrypto/hmac.h | 82 + lib/hcrypto/libhcrypto-exports.def | 293 + lib/hcrypto/libtommath/bn_error.c | 47 + lib/hcrypto/libtommath/bn_fast_mp_invmod.c | 148 + .../libtommath/bn_fast_mp_montgomery_reduce.c | 172 + .../libtommath/bn_fast_s_mp_mul_digs.c | 107 + .../libtommath/bn_fast_s_mp_mul_high_digs.c | 98 + lib/hcrypto/libtommath/bn_fast_s_mp_sqr.c | 114 + lib/hcrypto/libtommath/bn_mp_2expt.c | 48 + lib/hcrypto/libtommath/bn_mp_abs.c | 43 + lib/hcrypto/libtommath/bn_mp_add.c | 53 + lib/hcrypto/libtommath/bn_mp_add_d.c | 112 + lib/hcrypto/libtommath/bn_mp_addmod.c | 41 + lib/hcrypto/libtommath/bn_mp_and.c | 57 + lib/hcrypto/libtommath/bn_mp_clamp.c | 44 + lib/hcrypto/libtommath/bn_mp_clear.c | 44 + lib/hcrypto/libtommath/bn_mp_clear_multi.c | 34 + lib/hcrypto/libtommath/bn_mp_cmp.c | 43 + lib/hcrypto/libtommath/bn_mp_cmp_d.c | 44 + lib/hcrypto/libtommath/bn_mp_cmp_mag.c | 55 + lib/hcrypto/libtommath/bn_mp_cnt_lsb.c | 53 + lib/hcrypto/libtommath/bn_mp_copy.c | 68 + lib/hcrypto/libtommath/bn_mp_count_bits.c | 45 + lib/hcrypto/libtommath/bn_mp_div.c | 292 + lib/hcrypto/libtommath/bn_mp_div_2.c | 68 + lib/hcrypto/libtommath/bn_mp_div_2d.c | 97 + lib/hcrypto/libtommath/bn_mp_div_3.c | 79 + lib/hcrypto/libtommath/bn_mp_div_d.c | 115 + lib/hcrypto/libtommath/bn_mp_dr_is_modulus.c | 43 + lib/hcrypto/libtommath/bn_mp_dr_reduce.c | 94 + lib/hcrypto/libtommath/bn_mp_dr_setup.c | 32 + lib/hcrypto/libtommath/bn_mp_exch.c | 34 + lib/hcrypto/libtommath/bn_mp_expt_d.c | 57 + lib/hcrypto/libtommath/bn_mp_exptmod.c | 112 + lib/hcrypto/libtommath/bn_mp_exptmod_fast.c | 321 + lib/hcrypto/libtommath/bn_mp_exteuclid.c | 82 + lib/hcrypto/libtommath/bn_mp_find_prime.c | 26 + lib/hcrypto/libtommath/bn_mp_fread.c | 67 + lib/hcrypto/libtommath/bn_mp_fwrite.c | 52 + lib/hcrypto/libtommath/bn_mp_gcd.c | 105 + lib/hcrypto/libtommath/bn_mp_get_int.c | 45 + lib/hcrypto/libtommath/bn_mp_grow.c | 57 + lib/hcrypto/libtommath/bn_mp_init.c | 46 + lib/hcrypto/libtommath/bn_mp_init_copy.c | 32 + lib/hcrypto/libtommath/bn_mp_init_multi.c | 59 + lib/hcrypto/libtommath/bn_mp_init_set.c | 32 + lib/hcrypto/libtommath/bn_mp_init_set_int.c | 31 + lib/hcrypto/libtommath/bn_mp_init_size.c | 48 + lib/hcrypto/libtommath/bn_mp_invmod.c | 43 + lib/hcrypto/libtommath/bn_mp_invmod_slow.c | 175 + lib/hcrypto/libtommath/bn_mp_is_square.c | 109 + lib/hcrypto/libtommath/bn_mp_isprime.c | 75 + lib/hcrypto/libtommath/bn_mp_jacobi.c | 105 + lib/hcrypto/libtommath/bn_mp_karatsuba_mul.c | 167 + lib/hcrypto/libtommath/bn_mp_karatsuba_sqr.c | 121 + lib/hcrypto/libtommath/bn_mp_lcm.c | 60 + lib/hcrypto/libtommath/bn_mp_lshd.c | 67 + lib/hcrypto/libtommath/bn_mp_mod.c | 48 + lib/hcrypto/libtommath/bn_mp_mod_2d.c | 55 + lib/hcrypto/libtommath/bn_mp_mod_d.c | 27 + .../bn_mp_montgomery_calc_normalization.c | 59 + .../libtommath/bn_mp_montgomery_reduce.c | 118 + .../libtommath/bn_mp_montgomery_setup.c | 59 + lib/hcrypto/libtommath/bn_mp_mul.c | 66 + lib/hcrypto/libtommath/bn_mp_mul_2.c | 82 + lib/hcrypto/libtommath/bn_mp_mul_2d.c | 85 + lib/hcrypto/libtommath/bn_mp_mul_d.c | 79 + lib/hcrypto/libtommath/bn_mp_mulmod.c | 40 + lib/hcrypto/libtommath/bn_mp_n_root.c | 132 + lib/hcrypto/libtommath/bn_mp_neg.c | 40 + lib/hcrypto/libtommath/bn_mp_or.c | 50 + lib/hcrypto/libtommath/bn_mp_prime_fermat.c | 62 + .../libtommath/bn_mp_prime_is_divisible.c | 50 + lib/hcrypto/libtommath/bn_mp_prime_is_prime.c | 83 + .../libtommath/bn_mp_prime_miller_rabin.c | 103 + .../libtommath/bn_mp_prime_next_prime.c | 170 + .../bn_mp_prime_rabin_miller_trials.c | 52 + .../libtommath/bn_mp_prime_random_ex.c | 125 + lib/hcrypto/libtommath/bn_mp_radix_size.c | 78 + lib/hcrypto/libtommath/bn_mp_radix_smap.c | 24 + lib/hcrypto/libtommath/bn_mp_rand.c | 55 + lib/hcrypto/libtommath/bn_mp_read_radix.c | 85 + .../libtommath/bn_mp_read_signed_bin.c | 41 + .../libtommath/bn_mp_read_unsigned_bin.c | 55 + lib/hcrypto/libtommath/bn_mp_reduce.c | 100 + lib/hcrypto/libtommath/bn_mp_reduce_2k.c | 61 + lib/hcrypto/libtommath/bn_mp_reduce_2k_l.c | 62 + .../libtommath/bn_mp_reduce_2k_setup.c | 47 + .../libtommath/bn_mp_reduce_2k_setup_l.c | 44 + lib/hcrypto/libtommath/bn_mp_reduce_is_2k.c | 52 + lib/hcrypto/libtommath/bn_mp_reduce_is_2k_l.c | 44 + lib/hcrypto/libtommath/bn_mp_reduce_setup.c | 34 + lib/hcrypto/libtommath/bn_mp_rshd.c | 72 + lib/hcrypto/libtommath/bn_mp_set.c | 29 + lib/hcrypto/libtommath/bn_mp_set_int.c | 48 + lib/hcrypto/libtommath/bn_mp_shrink.c | 35 + .../libtommath/bn_mp_signed_bin_size.c | 27 + lib/hcrypto/libtommath/bn_mp_sqr.c | 58 + lib/hcrypto/libtommath/bn_mp_sqrmod.c | 41 + lib/hcrypto/libtommath/bn_mp_sqrt.c | 81 + lib/hcrypto/libtommath/bn_mp_sub.c | 59 + lib/hcrypto/libtommath/bn_mp_sub_d.c | 93 + lib/hcrypto/libtommath/bn_mp_submod.c | 42 + lib/hcrypto/libtommath/bn_mp_to_signed_bin.c | 33 + .../libtommath/bn_mp_to_signed_bin_n.c | 31 + .../libtommath/bn_mp_to_unsigned_bin.c | 48 + .../libtommath/bn_mp_to_unsigned_bin_n.c | 31 + lib/hcrypto/libtommath/bn_mp_toom_mul.c | 284 + lib/hcrypto/libtommath/bn_mp_toom_sqr.c | 226 + lib/hcrypto/libtommath/bn_mp_toradix.c | 75 + lib/hcrypto/libtommath/bn_mp_toradix_n.c | 88 + .../libtommath/bn_mp_unsigned_bin_size.c | 28 + lib/hcrypto/libtommath/bn_mp_xor.c | 51 + lib/hcrypto/libtommath/bn_mp_zero.c | 36 + lib/hcrypto/libtommath/bn_mp_zero_multi.c | 35 + lib/hcrypto/libtommath/bn_prime_tab.c | 61 + lib/hcrypto/libtommath/bn_reverse.c | 39 + lib/hcrypto/libtommath/bn_s_mp_add.c | 109 + lib/hcrypto/libtommath/bn_s_mp_exptmod.c | 252 + lib/hcrypto/libtommath/bn_s_mp_mul_digs.c | 90 + .../libtommath/bn_s_mp_mul_high_digs.c | 81 + lib/hcrypto/libtommath/bn_s_mp_sqr.c | 84 + lib/hcrypto/libtommath/bn_s_mp_sub.c | 89 + lib/hcrypto/libtommath/bncore.c | 36 + lib/hcrypto/libtommath/tommath.h | 592 + lib/hcrypto/libtommath/tommath_class.h | 1000 + lib/hcrypto/libtommath/tommath_superclass.h | 76 + lib/hcrypto/md2.c | 134 + lib/hcrypto/md2.h | 63 + lib/hcrypto/md4.c | 246 + lib/hcrypto/md4.h | 62 + lib/hcrypto/md5.c | 270 + lib/hcrypto/md5.h | 62 + lib/hcrypto/md5crypt_test.c | 77 + lib/hcrypto/mdtest.c | 348 + lib/hcrypto/passwd_dialog.aps | Bin 0 -> 30428 bytes lib/hcrypto/passwd_dialog.clw | 34 + lib/hcrypto/passwd_dialog.rc | 143 + lib/hcrypto/passwd_dialog.res | Bin 0 -> 320 bytes lib/hcrypto/passwd_dlg.c | 89 + lib/hcrypto/passwd_dlg.h | 47 + lib/hcrypto/pkcs12.c | 162 + lib/hcrypto/pkcs12.h | 57 + lib/hcrypto/pkcs5.c | 128 + lib/hcrypto/rand-egd.c | 260 + lib/hcrypto/rand-fortuna.c | 655 + lib/hcrypto/rand-timer.c | 202 + lib/hcrypto/rand-unix.c | 165 + lib/hcrypto/rand.c | 403 + lib/hcrypto/rand.h | 109 + lib/hcrypto/randi.h | 50 + lib/hcrypto/rc2.c | 242 + lib/hcrypto/rc2.h | 71 + lib/hcrypto/rc2test.c | 169 + lib/hcrypto/rc4.c | 78 + lib/hcrypto/rc4.h | 46 + lib/hcrypto/rctest.c | 163 + lib/hcrypto/resource.h | 18 + lib/hcrypto/rijndael-alg-fst.c | 1224 + lib/hcrypto/rijndael-alg-fst.h | 46 + lib/hcrypto/rnd_keys.c | 139 + lib/hcrypto/rsa-gmp.c | 588 + lib/hcrypto/rsa-ltm.c | 632 + lib/hcrypto/rsa.c | 706 + lib/hcrypto/rsa.h | 181 + lib/hcrypto/rsakey.der | Bin 0 -> 609 bytes lib/hcrypto/rsakey2048.der | Bin 0 -> 1192 bytes lib/hcrypto/rsakey4096.der | Bin 0 -> 2349 bytes lib/hcrypto/sha.c | 296 + lib/hcrypto/sha.h | 115 + lib/hcrypto/sha256.c | 229 + lib/hcrypto/sha512.c | 294 + lib/hcrypto/test_bn.c | 397 + lib/hcrypto/test_cipher.c | 367 + lib/hcrypto/test_crypto.in | 119 + lib/hcrypto/test_dh.c | 476 + lib/hcrypto/test_engine_dso.c | 332 + lib/hcrypto/test_hmac.c | 76 + lib/hcrypto/test_pkcs12.c | 143 + lib/hcrypto/test_pkcs5.c | 152 + lib/hcrypto/test_rand.c | 189 + lib/hcrypto/test_rsa.c | 398 + lib/hcrypto/ui.c | 217 + lib/hcrypto/ui.h | 45 + lib/hcrypto/validate.c | 307 + lib/hcrypto/version-script.map | 299 + lib/hdb/Makefile.am | 63 +- lib/hdb/Makefile.in | 560 +- lib/hdb/NTMakefile | 184 + lib/hdb/common.c | 164 +- lib/hdb/data-mkey.mit.des3.be | Bin 0 -> 46 bytes lib/hdb/data-mkey.mit.des3.le | Bin 0 -> 30 bytes lib/hdb/db.c | 113 +- lib/hdb/db3.c | 97 +- lib/hdb/dbinfo.c | 74 +- lib/hdb/ext.c | 172 +- lib/hdb/hdb-keytab.c | 231 + lib/hdb/hdb-ldap.c | 553 +- lib/hdb/hdb-mitdb.c | 818 + lib/hdb/hdb-private.h | 9 +- lib/hdb/hdb-protos.h | 22 +- lib/hdb/hdb-sqlite.c | 879 + lib/hdb/hdb.asn1 | 18 +- lib/hdb/hdb.c | 211 +- lib/hdb/hdb.h | 297 +- lib/hdb/hdb.schema | 2 +- lib/hdb/hdb_err.et | 4 +- lib/hdb/hdb_locl.h | 52 +- lib/hdb/keys.c | 156 +- lib/hdb/keytab.c | 376 +- lib/hdb/libhdb-exports.def | 100 + lib/hdb/libhdb-version.rc | 36 + lib/hdb/mkey.c | 181 +- lib/hdb/ndbm.c | 208 +- lib/hdb/print.c | 61 +- lib/hdb/test_dbinfo.c | 70 +- lib/hdb/test_hdbkeys.c | 120 + lib/hdb/test_mkey.c | 55 + lib/hdb/version-script.map | 107 + lib/heimdal/NTMakefile | 92 + lib/heimdal/dllmain.c | 40 + lib/heimdal/heimdal-version.rc | 36 + lib/hx509/ChangeLog | 440 +- lib/hx509/Makefile.am | 104 +- lib/hx509/Makefile.in | 957 +- lib/hx509/NTMakefile | 215 + lib/hx509/TODO | 61 + lib/hx509/ca.c | 273 +- lib/hx509/cert.c | 1026 +- lib/hx509/char_map.h | 45 + lib/hx509/cms.c | 591 +- lib/hx509/collector.c | 83 +- lib/hx509/crmf.asn1 | 2 +- lib/hx509/crypto.c | 1743 +- lib/hx509/data/ca.crt | 26 +- lib/hx509/data/ca.key | 31 +- lib/hx509/data/crl1.crl | 10 +- lib/hx509/data/crl1.der | Bin 264 -> 264 bytes lib/hx509/data/gen-req.sh | 43 +- lib/hx509/data/kdc.crt | 70 +- lib/hx509/data/kdc.key | 31 +- lib/hx509/data/n0ll.pem | 47 + lib/hx509/data/nist-data | 2 +- lib/hx509/data/no-proxy-test.crt | 22 +- lib/hx509/data/no-proxy-test.key | 31 +- lib/hx509/data/ocsp-req1.der | Bin 105 -> 105 bytes lib/hx509/data/ocsp-req2.der | Bin 105 -> 105 bytes lib/hx509/data/ocsp-resp1-ca.der | Bin 999 -> 999 bytes lib/hx509/data/ocsp-resp1-keyhash.der | Bin 900 -> 900 bytes lib/hx509/data/ocsp-resp1-ocsp-no-cert.der | Bin 363 -> 363 bytes lib/hx509/data/ocsp-resp1-ocsp.der | Bin 918 -> 918 bytes lib/hx509/data/ocsp-resp2.der | Bin 935 -> 935 bytes lib/hx509/data/ocsp-responder.crt | 66 +- lib/hx509/data/ocsp-responder.key | 31 +- lib/hx509/data/openssl.cnf | 66 +- lib/hx509/data/pkinit-ec.crt | 51 + lib/hx509/data/pkinit-ec.key | 5 + lib/hx509/data/pkinit-proxy-chain.crt | 86 +- lib/hx509/data/pkinit-proxy.crt | 22 +- lib/hx509/data/pkinit-proxy.key | 31 +- lib/hx509/data/pkinit-pw.key | 28 +- lib/hx509/data/pkinit.crt | 64 +- lib/hx509/data/pkinit.key | 31 +- lib/hx509/data/proxy-level-test.crt | 24 +- lib/hx509/data/proxy-level-test.key | 31 +- lib/hx509/data/proxy-test.crt | 22 +- lib/hx509/data/proxy-test.key | 31 +- lib/hx509/data/proxy10-child-child-test.crt | 22 +- lib/hx509/data/proxy10-child-child-test.key | 31 +- lib/hx509/data/proxy10-child-test.crt | 22 +- lib/hx509/data/proxy10-child-test.key | 31 +- lib/hx509/data/proxy10-test.crt | 22 +- lib/hx509/data/proxy10-test.key | 31 +- lib/hx509/data/revoke.crt | 64 +- lib/hx509/data/revoke.key | 31 +- lib/hx509/data/secp160r1TestCA.cert.pem | 12 + lib/hx509/data/secp160r1TestCA.key.pem | 4 + lib/hx509/data/secp160r1TestCA.pem | 18 + lib/hx509/data/secp160r2TestClient.cert.pem | 9 + lib/hx509/data/secp160r2TestClient.key.pem | 4 + lib/hx509/data/secp160r2TestClient.pem | 15 + lib/hx509/data/secp160r2TestServer.cert.pem | 9 + lib/hx509/data/secp160r2TestServer.key.pem | 4 + lib/hx509/data/secp160r2TestServer.pem | 15 + lib/hx509/data/sub-ca.crt | 76 +- lib/hx509/data/sub-ca.key | 31 +- lib/hx509/data/sub-cert.crt | 66 +- lib/hx509/data/sub-cert.key | 31 +- lib/hx509/data/sub-cert.p12 | Bin 3008 -> 3008 bytes lib/hx509/data/test-ds-only.crt | 64 +- lib/hx509/data/test-ds-only.key | 31 +- lib/hx509/data/test-enveloped-aes-128 | Bin 3160 -> 3160 bytes lib/hx509/data/test-enveloped-aes-256 | Bin 3160 -> 3160 bytes lib/hx509/data/test-enveloped-des | Bin 3140 -> 3140 bytes lib/hx509/data/test-enveloped-des-ede3 | Bin 3143 -> 3143 bytes lib/hx509/data/test-enveloped-rc2-128 | Bin 3148 -> 3148 bytes lib/hx509/data/test-enveloped-rc2-40 | Bin 3149 -> 3149 bytes lib/hx509/data/test-enveloped-rc2-64 | Bin 3148 -> 3148 bytes lib/hx509/data/test-ke-only.crt | 64 +- lib/hx509/data/test-ke-only.key | 31 +- lib/hx509/data/test-nopw.p12 | Bin 2223 -> 2221 bytes lib/hx509/data/test-pw.key | 28 +- lib/hx509/data/test-signed-data | Bin 3838 -> 3899 bytes lib/hx509/data/test-signed-data-noattr | Bin 3656 -> 3656 bytes .../data/test-signed-data-noattr-nocerts | Bin 3142 -> 3142 bytes lib/hx509/data/test-signed-sha-1 | Bin 0 -> 3899 bytes lib/hx509/data/test-signed-sha-256 | Bin 0 -> 3919 bytes lib/hx509/data/test-signed-sha-512 | Bin 0 -> 3952 bytes lib/hx509/data/test.combined.crt | 95 +- lib/hx509/data/test.crt | 64 +- lib/hx509/data/test.key | 31 +- lib/hx509/data/test.p12 | Bin 2320 -> 2320 bytes lib/hx509/data/win-u16-in-printablestring.der | Bin 0 -> 772 bytes lib/hx509/doxygen.c | 54 +- lib/hx509/env.c | 254 +- lib/hx509/error.c | 68 +- lib/hx509/file.c | 156 +- lib/hx509/hx509-private.h | 146 +- lib/hx509/hx509-protos.h | 220 +- lib/hx509/hx509.h | 96 +- lib/hx509/hx509_err.et | 8 +- lib/hx509/hx_locl.h | 91 +- lib/hx509/hxtool-commands.in | 71 +- lib/hx509/hxtool-version.rc | 36 + lib/hx509/hxtool.c | 893 +- lib/hx509/keyset.c | 244 +- lib/hx509/ks_dir.c | 66 +- lib/hx509/ks_file.c | 281 +- lib/hx509/ks_keychain.c | 152 +- lib/hx509/ks_mem.c | 71 +- lib/hx509/ks_null.c | 53 +- lib/hx509/ks_p11.c | 216 +- lib/hx509/ks_p12.c | 163 +- lib/hx509/libhx509-exports.def | 235 + lib/hx509/lock.c | 73 +- lib/hx509/name.c | 488 +- lib/hx509/ocsp.asn1 | 2 +- lib/hx509/ocsp.opt | 2 + lib/hx509/peer.c | 87 +- lib/hx509/pkcs10.asn1 | 2 +- lib/hx509/pkcs10.opt | 1 + lib/hx509/print.c | 263 +- lib/hx509/quote.py | 101 + lib/hx509/req.c | 93 +- lib/hx509/revoke.c | 238 +- lib/{sl/parse.c => hx509/sel-gram.c} | 409 +- lib/{sl/parse.h => hx509/sel-gram.h} | 39 +- lib/hx509/sel-gram.y | 114 + lib/{sl/lex.c => hx509/sel-lex.c} | 429 +- lib/hx509/sel-lex.l | 139 + lib/hx509/sel.c | 233 + lib/hx509/sel.h | 82 + lib/hx509/softp11.c | 278 +- lib/hx509/test_ca.in | 4 +- lib/hx509/test_cert.in | 17 +- lib/hx509/test_chain.in | 18 +- lib/hx509/test_cms.in | 141 +- lib/hx509/test_crypto.in | 33 +- lib/hx509/test_expr.c | 87 + lib/hx509/test_java_pkcs11.in | 2 +- lib/hx509/test_name.c | 310 +- lib/hx509/test_nist.in | 6 +- lib/hx509/test_nist2.in | 26 +- lib/hx509/test_nist_cert.in | 4 +- lib/hx509/test_nist_pkcs12.in | 4 +- lib/hx509/test_pkcs11.in | 2 +- lib/hx509/test_query.in | 63 +- lib/hx509/test_req.in | 4 +- lib/hx509/test_soft_pkcs11.c | 68 +- lib/hx509/test_windows.in | 4 +- lib/hx509/tst-crypto-available2 | 3 +- lib/hx509/tst-crypto-select1 | 2 +- lib/hx509/tst-crypto-select2 | 2 +- lib/hx509/version-script.map | 107 +- lib/ipc/Makefile.am | 67 + lib/ipc/Makefile.in | 1073 + lib/ipc/client.c | 574 + lib/ipc/common.c | 204 + lib/ipc/heim-ipc.h | 130 + lib/ipc/heim_ipc.defs | 66 + lib/ipc/heim_ipc_async.defs | 56 + lib/ipc/heim_ipc_reply.defs | 51 + lib/ipc/heim_ipc_types.h | 44 + lib/ipc/hi_locl.h | 83 + lib/ipc/server.c | 1187 + lib/ipc/tc.c | 127 + lib/ipc/ts-http.c | 136 + lib/ipc/ts.c | 105 + lib/kadm5/ChangeLog | 200 +- lib/kadm5/Makefile.am | 21 +- lib/kadm5/Makefile.in | 667 +- lib/kadm5/NTMakefile | 273 + lib/kadm5/acl.c | 58 +- lib/kadm5/ad.c | 195 +- lib/kadm5/admin.h | 70 +- lib/kadm5/bump_pw_expire.c | 52 +- lib/kadm5/check-cracklib.pl | 14 +- lib/kadm5/chpass_c.c | 72 +- lib/kadm5/chpass_s.c | 130 +- lib/kadm5/client_glue.c | 52 +- lib/kadm5/common_glue.c | 52 +- lib/kadm5/context_s.c | 88 +- lib/kadm5/create_c.c | 62 +- lib/kadm5/create_s.c | 101 +- lib/kadm5/default_keys.c | 56 +- lib/kadm5/delete_c.c | 58 +- lib/kadm5/delete_s.c | 58 +- lib/kadm5/destroy_c.c | 54 +- lib/kadm5/destroy_s.c | 62 +- lib/kadm5/ent_setup.c | 79 +- lib/kadm5/error.c | 52 +- lib/kadm5/flush.c | 56 +- lib/kadm5/flush_c.c | 26 +- lib/kadm5/flush_s.c | 26 +- lib/kadm5/free.c | 64 +- lib/kadm5/get_c.c | 64 +- lib/kadm5/get_princs_c.c | 58 +- lib/kadm5/get_princs_s.c | 58 +- lib/kadm5/get_s.c | 136 +- lib/kadm5/init_c.c | 234 +- lib/kadm5/init_s.c | 130 +- lib/kadm5/iprop-commands.in | 4 +- lib/kadm5/iprop-log-version.rc | 36 + lib/kadm5/iprop-log.8 | 137 +- lib/kadm5/iprop-log.c | 91 +- lib/kadm5/iprop-log.cat8 | 82 + lib/kadm5/iprop.8 | 200 +- lib/kadm5/iprop.cat8 | 106 + lib/kadm5/iprop.h | 52 +- lib/kadm5/ipropd-master-version.rc | 36 + lib/kadm5/ipropd-slave-version.rc | 36 + lib/kadm5/ipropd_common.c | 54 +- lib/kadm5/ipropd_master.c | 219 +- lib/kadm5/ipropd_slave.c | 454 +- lib/kadm5/kadm5-private.h | 20 +- lib/kadm5/kadm5-pwcheck.h | 54 +- lib/kadm5/kadm5_err.et | 2 +- lib/kadm5/kadm5_locl.h | 56 +- lib/kadm5/kadm5_pwcheck.3 | 35 +- lib/kadm5/kadm5_pwcheck.cat3 | 88 + lib/kadm5/keys.c | 100 +- lib/kadm5/libkadm5srv-exports.def | 61 + lib/kadm5/libkadm5srv-version.rc | 36 + lib/kadm5/log.c | 211 +- lib/kadm5/marshall.c | 84 +- lib/kadm5/modify_c.c | 60 +- lib/kadm5/modify_s.c | 70 +- lib/kadm5/password_quality.c | 145 +- lib/kadm5/private.h | 64 +- lib/kadm5/privs_c.c | 58 +- lib/kadm5/privs_s.c | 52 +- lib/kadm5/randkey_c.c | 62 +- lib/kadm5/randkey_s.c | 62 +- lib/kadm5/rename_c.c | 54 +- lib/kadm5/rename_s.c | 63 +- lib/kadm5/sample_passwd_check.c | 24 +- lib/kadm5/send_recv.c | 70 +- lib/kadm5/server_glue.c | 52 +- lib/kadm5/set_keys.c | 78 +- lib/kadm5/set_modifier.c | 54 +- lib/kadm5/test_pw_quality.c | 54 +- lib/kafs/ChangeLog | 84 +- lib/kafs/Makefile.am | 26 +- lib/kafs/Makefile.in | 429 +- lib/kafs/NTMakefile | 35 + lib/kafs/README.dlfcn | 246 - lib/kafs/afskrb.c | 217 - lib/kafs/afskrb5.c | 83 +- lib/kafs/afslib.c | 18 +- lib/kafs/afssys.c | 58 +- lib/kafs/afssysdefs.h | 14 +- lib/kafs/common.c | 141 +- lib/kafs/dlfcn.c | 581 - lib/kafs/dlfcn.h | 46 - lib/kafs/kafs.3 | 68 +- lib/kafs/kafs.cat3 | 175 + lib/kafs/kafs.h | 22 +- lib/kafs/kafs_locl.h | 24 +- lib/kafs/roken_rename.h | 58 +- lib/kdfs/ChangeLog | 28 + lib/kdfs/Makefile.am | 12 + lib/{45 => kdfs}/Makefile.in | 323 +- lib/kdfs/NTMakefile | 35 + lib/kdfs/k5dfspag.c | 368 + lib/krb5/Makefile.am | 156 +- lib/krb5/Makefile.in | 2280 +- lib/krb5/NTMakefile | 485 + lib/krb5/acache.c | 447 +- lib/krb5/acl.c | 42 +- lib/krb5/add_et_list.c | 64 +- lib/krb5/addr_families.c | 398 +- lib/krb5/aes-test.c | 788 +- lib/krb5/aname_to_localname.c | 58 +- lib/krb5/appdefault.c | 130 +- lib/krb5/asn1_glue.c | 72 +- lib/krb5/auth_context.c | 165 +- lib/krb5/build_ap_req.c | 60 +- lib/krb5/build_auth.c | 170 +- lib/krb5/cache.c | 1218 +- lib/krb5/ccache_plugin.h | 39 + lib/krb5/changepw.c | 285 +- lib/krb5/codec.c | 102 +- lib/krb5/config_file.c | 866 +- lib/krb5/config_file_netinfo.c | 180 - lib/krb5/constants.c | 80 +- lib/krb5/context.c | 871 +- lib/krb5/convert_creds.c | 193 +- lib/krb5/copy_host_realm.c | 71 +- lib/krb5/crc.c | 56 +- lib/krb5/creds.c | 128 +- lib/krb5/crypto-aes.c | 170 + lib/krb5/crypto-algs.c | 87 + lib/krb5/crypto-arcfour.c | 325 + lib/krb5/crypto-des-common.c | 152 + lib/krb5/crypto-des.c | 377 + lib/krb5/crypto-des3.c | 226 + lib/krb5/crypto-evp.c | 182 + lib/krb5/crypto-null.c | 97 + lib/krb5/crypto-pk.c | 301 + lib/krb5/crypto-rand.c | 109 + lib/krb5/crypto-stubs.c | 102 + lib/krb5/crypto.c | 4367 +- lib/krb5/crypto.h | 179 + lib/krb5/data.c | 130 +- lib/krb5/deprecated.c | 609 + lib/krb5/derived-key-test.c | 26 +- lib/krb5/digest.c | 422 +- lib/krb5/doxygen.c | 697 +- lib/krb5/eai_to_heim_errno.c | 60 +- lib/krb5/error_string.c | 305 +- lib/krb5/expand_hostname.c | 97 +- lib/krb5/expand_path.c | 500 + lib/krb5/fcache.c | 595 +- lib/krb5/free.c | 56 +- lib/krb5/free_host_realm.c | 63 +- lib/krb5/generate_seq_number.c | 80 +- lib/krb5/generate_subkey.c | 77 +- lib/krb5/get_addrs.c | 132 +- lib/krb5/get_cred.c | 1071 +- lib/krb5/get_default_principal.c | 116 +- lib/krb5/get_default_realm.c | 61 +- lib/krb5/get_for_creds.c | 121 +- lib/krb5/get_host_realm.c | 99 +- lib/krb5/get_in_tkt.c | 456 +- lib/krb5/get_in_tkt_pw.c | 90 - lib/krb5/get_in_tkt_with_keytab.c | 99 - lib/krb5/get_in_tkt_with_skey.c | 82 - lib/krb5/get_port.c | 58 +- lib/krb5/heim_err.et | 5 +- lib/krb5/init_creds.c | 270 +- lib/krb5/init_creds_pw.c | 1702 +- lib/krb5/k524_err.et | 2 +- lib/krb5/kcm.c | 829 +- lib/krb5/kcm.h | 29 +- lib/krb5/kerberos.8 | 4 +- lib/krb5/kerberos.cat8 | 57 + lib/krb5/keyblock.c | 157 +- lib/krb5/keytab.c | 677 +- lib/krb5/keytab_any.c | 106 +- lib/krb5/keytab_file.c | 342 +- lib/krb5/keytab_keyfile.c | 194 +- lib/krb5/keytab_krb4.c | 448 - lib/krb5/keytab_memory.c | 110 +- lib/krb5/krb5-private.h | 503 +- lib/krb5/krb5-protos.h | 2055 +- lib/krb5/krb5-v4compat.h | 75 +- lib/krb5/krb5.3 | 526 - lib/krb5/krb5.conf.5 | 56 +- lib/krb5/krb5.conf.cat5 | 598 + lib/krb5/krb5.h | 452 +- lib/krb5/krb5.moduli | 2 +- lib/krb5/krb524_convert_creds_kdc.3 | 6 +- lib/krb5/krb524_convert_creds_kdc.cat3 | 43 + lib/krb5/krb5_425_conv_principal.3 | 4 +- lib/krb5/krb5_425_conv_principal.cat3 | 141 + lib/krb5/krb5_acl_match_file.3 | 4 +- lib/krb5/krb5_acl_match_file.cat3 | 61 + lib/krb5/krb5_address.3 | 359 - lib/krb5/krb5_aname_to_localname.3 | 4 +- lib/krb5/krb5_aname_to_localname.cat3 | 39 + lib/krb5/krb5_appdefault.3 | 4 +- lib/krb5/krb5_appdefault.cat3 | 57 + lib/krb5/krb5_auth_context.3 | 4 +- lib/krb5/krb5_auth_context.cat3 | 221 + lib/krb5/krb5_c_make_checksum.3 | 20 +- lib/krb5/krb5_c_make_checksum.cat3 | 142 + lib/krb5/krb5_ccache.3 | 517 - lib/krb5/krb5_ccapi.h | 75 +- lib/krb5/krb5_check_transited.3 | 6 +- lib/krb5/krb5_check_transited.cat3 | 49 + lib/krb5/krb5_compare_creds.3 | 104 - lib/krb5/krb5_config.3 | 307 - lib/krb5/krb5_create_checksum.3 | 6 +- lib/krb5/krb5_create_checksum.cat3 | 113 + lib/krb5/krb5_creds.3 | 6 +- lib/krb5/krb5_creds.cat3 | 58 + lib/krb5/krb5_data.3 | 159 - lib/krb5/krb5_digest.3 | 4 +- lib/krb5/krb5_digest.cat3 | 146 + lib/krb5/krb5_eai_to_heim_errno.3 | 4 +- lib/krb5/krb5_eai_to_heim_errno.cat3 | 29 + lib/krb5/krb5_encrypt.3 | 10 +- lib/krb5/krb5_encrypt.cat3 | 138 + lib/krb5/krb5_err.et | 14 +- lib/krb5/krb5_find_padata.3 | 4 +- lib/krb5/krb5_find_padata.cat3 | 33 + lib/krb5/krb5_generate_random_block.3 | 4 +- lib/krb5/krb5_generate_random_block.cat3 | 23 + lib/krb5/krb5_get_all_client_addrs.3 | 4 +- lib/krb5/krb5_get_all_client_addrs.cat3 | 39 + lib/krb5/krb5_get_credentials.3 | 35 +- lib/krb5/krb5_get_credentials.cat3 | 97 + lib/krb5/krb5_get_creds.3 | 4 +- lib/krb5/krb5_get_creds.cat3 | 92 + lib/krb5/krb5_get_forwarded_creds.3 | 4 +- lib/krb5/krb5_get_forwarded_creds.cat3 | 33 + lib/krb5/krb5_get_in_cred.3 | 6 +- lib/krb5/krb5_get_in_cred.cat3 | 132 + lib/krb5/krb5_get_init_creds.3 | 6 +- lib/krb5/krb5_get_init_creds.cat3 | 245 + lib/krb5/krb5_get_krbhst.3 | 4 +- lib/krb5/krb5_get_krbhst.cat3 | 56 + lib/krb5/krb5_getportbyname.3 | 4 +- lib/krb5/krb5_getportbyname.cat3 | 29 + lib/krb5/krb5_init_context.3 | 14 +- lib/krb5/krb5_init_context.cat3 | 185 + lib/krb5/krb5_is_thread_safe.3 | 6 +- lib/krb5/krb5_is_thread_safe.cat3 | 26 + lib/krb5/krb5_keyblock.3 | 218 - lib/krb5/krb5_keytab.3 | 482 - lib/krb5/krb5_krbhst_init.3 | 4 +- lib/krb5/krb5_krbhst_init.cat3 | 119 + lib/krb5/krb5_kuserok.3 | 103 - lib/krb5/krb5_locl.h | 164 +- lib/krb5/krb5_mk_req.3 | 6 +- lib/krb5/krb5_mk_req.cat3 | 89 + lib/krb5/krb5_mk_safe.3 | 4 +- lib/krb5/krb5_mk_safe.cat3 | 36 + lib/krb5/krb5_openlog.3 | 4 +- lib/krb5/krb5_openlog.cat3 | 159 + lib/krb5/krb5_parse_name.3 | 4 +- lib/krb5/krb5_parse_name.cat3 | 31 + lib/krb5/krb5_principal.3 | 24 +- lib/krb5/krb5_principal.cat3 | 260 + lib/krb5/krb5_rcache.3 | 4 +- lib/krb5/krb5_rcache.cat3 | 84 + lib/krb5/krb5_rd_error.3 | 4 +- lib/krb5/krb5_rd_error.cat3 | 52 + lib/krb5/krb5_rd_safe.3 | 4 +- lib/krb5/krb5_rd_safe.cat3 | 35 + lib/krb5/krb5_set_default_realm.3 | 4 +- lib/krb5/krb5_set_default_realm.cat3 | 70 + lib/krb5/krb5_set_password.3 | 4 +- lib/krb5/krb5_set_password.cat3 | 66 + lib/krb5/krb5_storage.3 | 427 - lib/krb5/krb5_string_to_key.3 | 6 +- lib/krb5/krb5_string_to_key.cat3 | 74 + lib/krb5/krb5_ticket.3 | 137 - lib/krb5/krb5_timeofday.3 | 6 +- lib/krb5/krb5_timeofday.cat3 | 55 + lib/krb5/krb5_verify_init_creds.3 | 4 +- lib/krb5/krb5_verify_init_creds.cat3 | 52 + lib/krb5/krb5_verify_user.3 | 4 +- lib/krb5/krb5_verify_user.cat3 | 141 + lib/krb5/krb5_warn.3 | 233 - lib/krb5/krbhst-test.c | 58 +- lib/krb5/krbhst.c | 355 +- lib/krb5/kuserok.c | 135 +- lib/krb5/locate_plugin.h | 58 +- lib/krb5/log.c | 165 +- lib/krb5/mcache.c | 161 +- lib/krb5/misc.c | 114 +- lib/krb5/mit_glue.c | 221 +- lib/krb5/mk_error.c | 64 +- lib/krb5/mk_priv.c | 70 +- lib/krb5/mk_rep.c | 72 +- lib/krb5/mk_req.c | 60 +- lib/krb5/mk_req_ext.c | 77 +- lib/krb5/mk_safe.c | 68 +- lib/krb5/n-fold-test.c | 24 +- lib/krb5/n-fold.c | 54 +- lib/krb5/name-45-test.c | 294 - lib/krb5/net_read.c | 59 +- lib/krb5/net_write.c | 97 +- lib/krb5/pac.c | 499 +- lib/krb5/padata.c | 67 +- lib/krb5/parse-name-test.c | 26 +- lib/krb5/pcache.c | 66 + lib/krb5/pkinit.c | 1735 +- lib/krb5/plugin.c | 641 +- lib/krb5/principal.c | 1110 +- lib/krb5/prog_setup.c | 62 +- lib/krb5/prompter_posix.c | 54 +- lib/krb5/rd_cred.c | 138 +- lib/krb5/rd_error.c | 104 +- lib/krb5/rd_priv.c | 99 +- lib/krb5/rd_rep.c | 89 +- lib/krb5/rd_req.c | 509 +- lib/krb5/rd_safe.c | 104 +- lib/krb5/read_message.c | 66 +- lib/krb5/recvauth.c | 93 +- lib/krb5/replay.c | 168 +- lib/krb5/salt-aes.c | 103 + lib/krb5/salt-arcfour.c | 112 + lib/krb5/salt-des.c | 224 + lib/krb5/salt-des3.c | 150 + lib/krb5/salt.c | 305 + lib/krb5/scache.c | 1451 + lib/krb5/send_to_kdc.c | 227 +- lib/krb5/send_to_kdc_plugin.h | 58 + lib/krb5/sendauth.c | 71 +- lib/krb5/set_default_realm.c | 64 +- lib/krb5/sock_principal.c | 62 +- lib/krb5/store-int.c | 58 + lib/krb5/store-int.h | 52 +- lib/krb5/store-test.c | 35 +- lib/krb5/store.c | 818 +- lib/krb5/store_emem.c | 122 +- lib/krb5/store_fd.c | 47 +- lib/krb5/store_mem.c | 125 +- lib/krb5/string-to-key-test.c | 50 +- lib/krb5/test_acl.c | 31 +- lib/krb5/test_addr.c | 97 +- lib/krb5/test_alname.c | 40 +- tests/kdc/ap-req.c => lib/krb5/test_ap-req.c | 56 +- lib/krb5/test_cc.c | 348 +- lib/krb5/test_config.c | 174 +- lib/krb5/test_config_strings.cfg | 12 + lib/krb5/test_crypto.c | 39 +- lib/krb5/test_crypto_wrapping.c | 32 +- lib/krb5/test_forward.c | 30 +- lib/krb5/test_fx.c | 210 + lib/krb5/test_get_addrs.c | 31 +- lib/krb5/test_gic.c | 148 + lib/krb5/test_hostname.c | 26 +- lib/krb5/test_keytab.c | 134 +- lib/krb5/test_kuserok.c | 28 +- lib/krb5/test_mem.c | 28 +- lib/krb5/test_pac.c | 174 +- lib/krb5/test_pkinit_dh2key.c | 30 +- lib/krb5/test_pknistkdf.c | 365 + lib/krb5/test_plugin.c | 58 +- lib/krb5/test_prf.c | 28 +- lib/krb5/test_princ.c | 57 +- lib/krb5/test_renew.c | 31 +- lib/krb5/test_rfc3961.c | 212 + lib/krb5/test_store.c | 133 +- lib/krb5/test_time.c | 26 +- lib/krb5/test_x500.c | 110 + lib/krb5/ticket.c | 692 +- lib/krb5/time.c | 95 +- lib/krb5/transited.c | 221 +- lib/krb5/v4_glue.c | 939 - lib/krb5/verify_init.c | 112 +- lib/krb5/verify_krb5_conf-version.rc | 36 + lib/krb5/verify_krb5_conf.8 | 8 +- lib/krb5/verify_krb5_conf.c | 105 +- lib/krb5/verify_krb5_conf.cat8 | 57 + lib/krb5/verify_user.c | 115 +- lib/krb5/version-script.map | 110 +- lib/krb5/version.c | 54 +- lib/krb5/warn.c | 262 +- lib/krb5/write_message.c | 60 +- lib/libedit/COPYING | 30 + lib/libedit/ChangeLog | 300 + lib/libedit/INSTALL | 229 + lib/libedit/Makefile.am | 9 + lib/libedit/Makefile.in | 734 + lib/libedit/THANKS | 1 + lib/libedit/acinclude.m4 | 85 + lib/libedit/aclocal.m4 | 9406 ++ lib/libedit/config.guess | 1501 + lib/libedit/config.h.in | 278 + lib/libedit/config.sub | 1705 + lib/libedit/configure | 15262 ++ lib/libedit/configure.ac | 92 + lib/libedit/depcomp | 630 + lib/libedit/install-sh | 520 + lib/libedit/ltmain.sh | 9636 ++ lib/libedit/missing | 376 + lib/libedit/src/Makefile.am | 58 + lib/libedit/src/Makefile.in | 639 + lib/libedit/src/chared.c | 796 + lib/libedit/src/chared.h | 171 + lib/libedit/src/chartype.c | 360 + lib/libedit/src/chartype.h | 249 + lib/libedit/src/common.c | 921 + lib/libedit/src/editline/readline.h | 221 + lib/libedit/src/el.c | 618 + lib/libedit/src/el.h | 163 + lib/libedit/src/el_term.h | 134 + lib/libedit/src/eln.c | 371 + lib/libedit/src/emacs.c | 508 + lib/libedit/src/fgetln.c | 107 + lib/libedit/src/filecomplete.c | 589 + lib/libedit/src/filecomplete.h | 44 + lib/libedit/src/hist.c | 223 + lib/libedit/src/hist.h | 87 + lib/libedit/src/histedit.h | 319 + lib/libedit/src/history.c | 1097 + lib/libedit/src/key.c | 665 + lib/libedit/src/key.h | 80 + lib/libedit/src/makelist | 258 + lib/libedit/src/map.c | 1421 + lib/libedit/src/map.h | 77 + lib/libedit/src/parse.c | 285 + lib/libedit/src/parse.h | 48 + lib/libedit/src/prompt.c | 199 + lib/libedit/src/prompt.h | 60 + lib/libedit/src/read.c | 718 + lib/libedit/src/read.h | 50 + lib/libedit/src/readline.c | 2243 + lib/libedit/src/refresh.c | 1183 + lib/libedit/src/refresh.h | 59 + lib/libedit/src/search.c | 639 + lib/libedit/src/search.h | 66 + lib/libedit/src/shlib_version | 5 + lib/libedit/src/sig.c | 200 + lib/libedit/src/sig.h | 72 + lib/libedit/src/strlcat.c | 74 + lib/libedit/src/strlcpy.c | 70 + lib/libedit/src/sys.h | 161 + lib/libedit/src/term.c | 1745 + lib/libedit/src/tokenizer.c | 453 + lib/libedit/src/tty.c | 1357 + lib/libedit/src/tty.h | 481 + lib/libedit/src/unvis.c | 514 + lib/libedit/src/vi.c | 1162 + lib/libedit/src/vis.c | 423 + lib/{roken => libedit/src}/vis.h | 76 +- lib/libedit/src/wcsdup.c | 43 + lib/ntlm/ChangeLog | 38 +- lib/ntlm/Makefile.am | 32 +- lib/ntlm/Makefile.in | 427 +- lib/ntlm/NTMakefile | 90 + lib/ntlm/heimntlm-protos.h | 71 +- lib/ntlm/heimntlm.h | 93 +- lib/ntlm/libheimntlm-exports.def | 24 + lib/ntlm/libheimntlm-version.rc | 36 + lib/ntlm/ntlm.c | 907 +- lib/ntlm/ntlm_err.et | 24 + lib/ntlm/test_ntlm.c | 115 +- lib/ntlm/version-script.map | 5 +- lib/otp/ChangeLog | 128 + lib/otp/Makefile.am | 87 + lib/otp/Makefile.in | 1016 + lib/otp/NTMakefile | 35 + lib/otp/otp.c | 63 + lib/otp/otp.h | 101 + lib/otp/otp_challenge.c | 68 + lib/otp/otp_db.c | 233 + .../make-print-version.c => otp/otp_locl.h} | 120 +- lib/otp/otp_md.c | 231 + lib/otp/otp_md.h | 46 + lib/otp/otp_parse.c | 2522 + lib/otp/otp_print.c | 99 + lib/otp/otp_verify.c | 78 + lib/otp/otptest.c | 142 + lib/otp/roken_rename.h | 73 + lib/otp/version-script.map | 25 + lib/roken/ChangeLog | 219 +- lib/roken/Makefile.am | 75 +- lib/roken/Makefile.in | 1227 +- lib/roken/NTMakefile | 274 + lib/roken/base64-test.c | 21 +- lib/roken/base64.c | 30 +- lib/roken/base64.h | 22 +- lib/roken/bswap.c | 20 +- lib/roken/chown.c | 17 +- lib/roken/cloexec.c | 66 + lib/roken/closefrom.c | 55 +- lib/roken/concat.c | 28 +- lib/roken/copyhostent.c | 17 +- lib/roken/ct.c | 64 + lib/roken/daemon.c | 6 +- lib/roken/doxygen.c | 44 + lib/roken/dumpdata.c | 61 +- lib/roken/ecalloc.3 | 58 +- lib/roken/ecalloc.c | 17 +- lib/roken/ecalloc.cat3 | 47 + lib/roken/emalloc.c | 17 +- lib/roken/environment.c | 27 +- lib/roken/eread.c | 20 +- lib/roken/erealloc.c | 17 +- lib/roken/err.c | 19 +- lib/roken/err.hin | 24 +- lib/roken/errx.c | 19 +- lib/roken/esetenv.c | 17 +- lib/roken/estrdup.c | 17 +- lib/roken/ewrite.c | 20 +- lib/roken/fchown.c | 17 +- lib/roken/flock.c | 93 +- lib/roken/fnmatch.c | 12 +- lib/roken/fnmatch.hin | 4 +- lib/roken/freeaddrinfo.c | 17 +- lib/roken/freehostent.c | 17 +- lib/roken/gai_strerror.c | 17 +- lib/roken/get_default_username.c | 61 +- lib/roken/get_window_size.c | 98 +- lib/roken/getaddrinfo-test.c | 57 +- lib/roken/getaddrinfo.c | 17 +- lib/roken/getaddrinfo_hostspec.c | 35 +- lib/roken/getarg.3 | 70 +- lib/roken/getarg.c | 186 +- lib/roken/getarg.cat3 | 231 + lib/roken/getarg.h | 80 +- lib/roken/getcap.c | 107 +- lib/roken/getcwd.c | 17 +- lib/roken/getdtablesize.c | 23 +- lib/roken/getegid.c | 19 +- lib/roken/geteuid.c | 19 +- lib/roken/getgid.c | 18 +- lib/roken/gethostname.c | 16 +- lib/roken/getifaddrs-test.c | 137 + lib/roken/getifaddrs.c | 171 +- lib/roken/getipnodebyaddr.c | 17 +- lib/roken/getipnodebyname.c | 17 +- lib/roken/getnameinfo.c | 17 +- lib/roken/getnameinfo_verified.c | 26 +- lib/roken/getopt.c | 20 +- lib/roken/getprogname.c | 19 +- lib/roken/gettimeofday.c | 45 +- lib/roken/getuid.c | 18 +- lib/roken/getusershell.c | 10 +- lib/roken/glob.c | 62 +- lib/roken/glob.hin | 4 +- lib/roken/h_errno.c | 15 +- lib/roken/hex-test.c | 18 +- lib/roken/hex.c | 29 +- lib/roken/hex.h | 22 +- lib/roken/hostent_find_fqdn.c | 17 +- lib/roken/hstrerror.c | 17 +- lib/roken/ifaddrs.hin | 8 +- lib/roken/inet_aton.c | 17 +- lib/roken/inet_ntop.c | 38 +- lib/roken/inet_pton.c | 87 +- lib/roken/initgroups.c | 17 +- lib/roken/innetgr.c | 30 +- lib/roken/iruserok.c | 5 +- lib/roken/issuid.c | 55 +- lib/roken/k_getpwnam.c | 17 +- lib/roken/k_getpwuid.c | 17 +- lib/roken/localtime_r.c | 25 +- lib/roken/lstat.c | 17 +- lib/roken/memmove.c | 21 +- lib/roken/mini_inetd.c | 127 +- lib/roken/mkstemp.c | 20 +- lib/roken/ndbm_wrap.c | 56 +- lib/roken/ndbm_wrap.h | 36 +- lib/roken/net_read.c | 82 +- lib/roken/net_write.c | 71 +- lib/roken/parse_bytes-test.c | 55 +- lib/roken/parse_bytes.c | 59 +- lib/roken/parse_bytes.h | 62 +- lib/roken/parse_reply-test.c | 53 +- lib/roken/parse_time-test.c | 71 +- lib/roken/parse_time.3 | 74 +- lib/roken/parse_time.c | 61 +- lib/roken/parse_time.cat3 | 112 + lib/roken/parse_time.h | 64 +- lib/roken/parse_units.c | 77 +- lib/roken/parse_units.h | 70 +- lib/roken/putenv.c | 21 +- lib/roken/qsort.c | 203 + lib/roken/rand.c | 48 + lib/roken/rcmd.c | 17 +- lib/roken/readv.c | 17 +- lib/roken/realloc.c | 20 +- lib/roken/recvmsg.c | 17 +- lib/roken/resolve-test.c | 58 +- lib/roken/resolve.c | 460 +- lib/roken/resolve.h | 165 +- lib/roken/rkpty.c | 381 + lib/roken/roken-common.h | 221 +- lib/roken/roken.awk | 11 +- lib/roken/roken.h.in | 705 +- lib/roken/roken_gethostby.c | 91 +- lib/roken/rtbl.3 | 6 +- lib/roken/rtbl.c | 64 +- lib/roken/rtbl.cat3 | 151 + lib/roken/rtbl.h | 50 +- lib/roken/search.hin | 44 + lib/roken/sendmsg.c | 105 +- lib/roken/setegid.c | 17 +- lib/roken/setenv.c | 36 +- lib/roken/seteuid.c | 17 +- lib/roken/setprogname.c | 52 +- lib/roken/signal.c | 17 +- lib/roken/simple_exec.c | 124 +- lib/roken/snprintf-test.c | 33 +- lib/roken/snprintf-test.h | 52 - lib/roken/snprintf.c | 78 +- lib/roken/socket.c | 152 +- lib/roken/socket_wrapper.c | 96 +- lib/roken/socket_wrapper.h | 10 +- lib/roken/strcasecmp.c | 55 +- lib/roken/strcollect.c | 57 +- lib/roken/strdup.c | 17 +- lib/roken/strerror.c | 17 +- lib/roken/strerror_r.c | 84 + lib/roken/strftime.c | 40 +- lib/roken/strlcat.c | 30 +- lib/roken/strlcpy.c | 25 +- lib/roken/strlwr.c | 17 +- lib/roken/strncasecmp.c | 57 +- lib/roken/strndup.c | 17 +- lib/roken/strnlen.c | 17 +- lib/roken/strpftime-test.c | 28 +- lib/roken/strpftime-test.h | 29 +- lib/roken/strpool.c | 64 +- lib/roken/strptime.c | 32 +- lib/roken/strsep.c | 55 +- lib/roken/strsep_copy.c | 57 +- lib/roken/strtok_r.c | 17 +- lib/roken/strupr.c | 17 +- lib/roken/swab.c | 18 +- lib/roken/test-mem.c | 93 +- lib/roken/test-mem.h | 54 +- lib/roken/test-readenv.c | 57 +- lib/roken/timegm.c | 65 +- lib/roken/timeval.c | 25 +- lib/roken/tm2time.c | 17 +- lib/roken/tsearch-test.c | 125 + lib/roken/tsearch.c | 180 + lib/roken/unsetenv.c | 21 +- lib/roken/unvis.c | 45 +- lib/roken/verify.c | 19 +- lib/roken/verr.c | 21 +- lib/roken/verrx.c | 21 +- lib/roken/version-script.map | 203 + lib/roken/vis.c | 417 +- lib/roken/vis.hin | 74 +- lib/roken/vsyslog.c | 22 +- lib/roken/vwarn.c | 21 +- lib/roken/vwarnx.c | 21 +- lib/roken/warn.c | 17 +- lib/roken/warnerr.c | 21 +- lib/roken/warnx.c | 19 +- lib/roken/write_pid.c | 69 +- lib/roken/writev.c | 17 +- lib/roken/xdbm.h | 14 +- lib/roken/xfree.c | 42 + lib/sl/ChangeLog | 44 +- lib/sl/Makefile.am | 28 +- lib/sl/Makefile.in | 570 +- lib/sl/NTMakefile | 74 + lib/sl/lex.l | 119 - lib/sl/make_cmds.c | 239 - lib/sl/parse.y | 169 - lib/sl/roken_rename.h | 70 +- lib/sl/sl.c | 35 +- lib/sl/sl.h | 20 +- lib/sl/sl_locl.h | 16 +- lib/sl/slc-gram.c | 163 +- lib/sl/slc-gram.h | 2 +- lib/sl/slc-gram.y | 143 +- lib/sl/slc-lex.c | 226 +- lib/sl/slc-lex.l | 68 +- lib/sl/slc.h | 52 +- lib/sl/ss.c | 162 - lib/sl/test_sl.c | 26 +- lib/sqlite/Makefile.am | 13 + lib/{auth => sqlite}/Makefile.in | 508 +- lib/sqlite/NTMakefile | 47 + lib/sqlite/sqlite3.c | 112444 +++++++++++++++ lib/sqlite/sqlite3.h | 5734 + lib/sqlite/sqlite3ext.h | 378 + lib/vers/ChangeLog | 16 +- lib/vers/Makefile.am | 25 +- lib/vers/Makefile.in | 270 +- lib/vers/NTMakefile | 56 + lib/vers/print_version.c | 71 +- lib/vers/vers.h | 14 +- lib/wind/ChangeLog | 136 + lib/wind/CompositionExclusions-3.2.0.txt | 176 + lib/wind/DerivedNormalizationProps.txt | 2574 + lib/wind/Makefile.am | 149 + lib/wind/Makefile.in | 1305 + lib/wind/NTMakefile | 159 + lib/wind/NormalizationCorrections.txt | 43 + lib/wind/NormalizationTest.txt | 17166 +++ .../UnicodeData.py} | 63 +- lib/wind/UnicodeData.txt | 15100 ++ lib/wind/bidi.c | 92 + lib/wind/bidi_table.c | 411 + lib/wind/bidi_table.h | 20 + lib/wind/combining.c | 62 + lib/wind/combining_table.c | 363 + lib/wind/combining_table.h | 17 + lib/wind/doxygen.c | 47 + lib/wind/errorlist.c | 77 + lib/wind/errorlist_table.c | 89 + lib/wind/errorlist_table.h | 19 + lib/wind/gen-bidi.py | 102 + lib/wind/gen-combining.py | 105 + lib/wind/gen-errorlist.py | 121 + lib/wind/gen-map.py | 158 + lib/wind/gen-normalize.py | 211 + lib/wind/gen-punycode-examples.py | 131 + lib/wind/generate.py | 81 + lib/wind/idn-lookup.c | 162 + lib/wind/ldap.c | 91 + lib/wind/libwind-exports.def | 26 + lib/wind/map.c | 85 + lib/wind/map_table.c | 2613 + lib/wind/map_table.h | 22 + lib/wind/normalize.c | 325 + lib/wind/normalize_table.c | 22977 +++ lib/wind/normalize_table.h | 33 + lib/wind/punycode.c | 168 + lib/wind/punycode_examples.c | 34 + lib/wind/punycode_examples.h | 21 + lib/wind/rfc3454.py | 60 + lib/wind/rfc3454.txt | 5099 + lib/wind/rfc3490.txt | 1235 + lib/wind/rfc3491.txt | 395 + lib/wind/rfc3492.txt | 1963 + lib/wind/rfc4013.txt | 339 + lib/wind/rfc4518.py | 150 + lib/wind/rfc4518.txt | 787 + lib/wind/stringprep.c | 145 + lib/wind/stringprep.py | 92 + lib/wind/test-bidi.c | 81 + lib/wind/test-ldap.c | 128 + lib/wind/test-map.c | 98 + lib/wind/test-normalize.c | 176 + lib/wind/test-prohibited.c | 138 + lib/wind/test-punycode.c | 83 + lib/wind/test-rw.c | 186 + lib/wind/test-utf8.c | 174 + lib/wind/utf8.c | 516 + lib/wind/util.py | 48 + lib/wind/version-script.map | 28 + lib/wind/wind.h | 86 + lib/wind/wind_err.et | 23 + lib/wind/windlocl.h | 67 + ltmain.sh | 10193 +- missing | 49 +- packages/ChangeLog | 8 +- packages/Makefile.am | 5 +- packages/Makefile.in | 253 +- packages/debian/Makefile.am | 91 - packages/debian/README | 15 - packages/debian/README.Debian | 120 - packages/debian/changelog | 1168 - packages/debian/compat | 1 - packages/debian/control | 276 - packages/debian/copyright | 195 - packages/debian/extras/default | 17 - packages/debian/extras/kadmind.acl | 1 - packages/debian/extras/kdc.conf | 91 - packages/debian/heimdal-clients-x.install | 10 - packages/debian/heimdal-clients.install | 43 - packages/debian/heimdal-clients.postinst | 10 - packages/debian/heimdal-clients.prerm | 13 - packages/debian/heimdal-dev.install | 8 - packages/debian/heimdal-docs.install | 2 - packages/debian/heimdal-kcm.init | 69 - packages/debian/heimdal-kcm.install | 2 - packages/debian/heimdal-kdc.dirs | 5 - packages/debian/heimdal-kdc.examples | 2 - packages/debian/heimdal-kdc.init | 124 - packages/debian/heimdal-kdc.install | 20 - packages/debian/heimdal-kdc.logrotate | 5 - packages/debian/heimdal-kdc.postinst | 98 - packages/debian/heimdal-kdc.postrm | 32 - packages/debian/heimdal-kdc.templates | 12 - packages/debian/heimdal-servers-x.dirs | 1 - packages/debian/heimdal-servers-x.install | 2 - packages/debian/heimdal-servers-x.postinst | 34 - packages/debian/heimdal-servers-x.postrm | 23 - packages/debian/heimdal-servers-x.prerm | 11 - packages/debian/heimdal-servers.dirs | 1 - packages/debian/heimdal-servers.install | 12 - packages/debian/heimdal-servers.postinst | 47 - packages/debian/heimdal-servers.postrm | 26 - packages/debian/heimdal-servers.prerm | 14 - packages/debian/libasn1-8-heimdal.install | 2 - .../libasn1-8-heimdal.postinst.debhelper | 5 - .../debian/libasn1-8-heimdal.postrm.debhelper | 5 - packages/debian/libasn1-8-heimdal.substvars | 1 - packages/debian/libgssapi2-heimdal.install | 2 - .../libgssapi2-heimdal.postinst.debhelper | 5 - .../libgssapi2-heimdal.postrm.debhelper | 5 - packages/debian/libgssapi2-heimdal.substvars | 1 - packages/debian/libhdb9-heimdal.install | 3 - .../debian/libhdb9-heimdal.postinst.debhelper | 5 - .../debian/libhdb9-heimdal.postrm.debhelper | 5 - packages/debian/libhdb9-heimdal.substvars | 1 - packages/debian/libkadm5clnt7-heimdal.install | 3 - .../libkadm5clnt7-heimdal.postinst.debhelper | 5 - .../libkadm5clnt7-heimdal.postrm.debhelper | 5 - .../debian/libkadm5clnt7-heimdal.substvars | 1 - packages/debian/libkadm5srv7-heimdal.install | 2 - packages/debian/libkadm5srv8-heimdal.install | 3 - packages/debian/libkafs0-heimdal.install | 2 - packages/debian/libkrb5-22-heimdal.install | 3 - .../libkrb5-22-heimdal.postinst.debhelper | 5 - .../libkrb5-22-heimdal.postrm.debhelper | 5 - packages/debian/libkrb5-22-heimdal.substvars | 1 - packages/debian/libotp0-heimdal.install | 1 - packages/debian/libroken18-heimdal.install | 2 - .../libroken18-heimdal.postinst.debhelper | 5 - .../libroken18-heimdal.postrm.debhelper | 5 - packages/debian/libroken18-heimdal.substvars | 1 - packages/debian/libsl0-heimdal.install | 2 - packages/debian/patches/021_debian | 204 - packages/debian/patches/022_ftp-roken-glob | 270 - packages/debian/patches/022_openafs | 15 - packages/debian/patches/025_pthreads | 13 - packages/debian/patches/026_posix_max | 293 - packages/debian/po/POTFILES.in | 1 - packages/debian/po/templates.pot | 54 - packages/debian/rules | 62 - packages/debian/scripts/convert_source | 17 - packages/mac/Makefile.am | 2 +- packages/mac/Makefile.in | 148 +- packages/mac/mac.sh | 8 +- packages/windows/NTMakefile | 40 + .../assembly/Heimdal.Application.manifest.in | 12 + .../assembly/Heimdal.Kerberos.manifest.in | 15 + packages/windows/assembly/NTMakefile | 164 + .../assembly/policy.Heimdal.Kerberos.in | 19 + packages/windows/installer/NTMakefile | 211 + .../windows/installer/heimdal-assemblies.wxs | 48 + .../windows/installer/heimdal-installer.wxs | 451 + packages/windows/installer/heimdal-policy.wxs | 50 + packages/windows/installer/lang/en-us.wxl | 15 + .../windows/installer/lang/license-en-us.rtf | Bin 0 -> 2007 bytes packages/windows/sdk/NTMakefile | 151 + po/Makefile.am | 76 + po/Makefile.in | 580 + po/gen-po.in | 39 + .../heim_com_err-1750206208.pot | 56 + .../heim_com_err-1765328384.pot | 979 + po/heim_com_err-1765328384/sv_SE.mo | Bin 0 -> 1549 bytes po/heim_com_err-1765328384/sv_SE.po | 980 + .../heim_com_err-1980176640.pot | 256 + .../heim_com_err-969269760.pot | 71 + .../heim_com_err1859794432.pot | 91 + .../heim_com_err35224064.pot | 225 + .../heim_com_err36150272.pot | 82 + .../heim_com_err39525376.pot | 274 + .../heim_com_err43787520.pot | 262 + po/heim_com_err569856/heim_com_err569856.pot | 419 + po/heimdal_krb5/heimdal_krb5.pot | 1793 + po/heimdal_krb5/sv_SE.mo | Bin 0 -> 1229 bytes po/heimdal_krb5/sv_SE.po | 1759 + po/heimdal_kuser/heimdal_kuser.pot | 416 + tests/ChangeLog | 263 +- tests/Makefile.am | 6 +- tests/Makefile.in | 255 +- tests/NTMakefile | 35 + tests/bin/Makefile.am | 22 + {packages/debian => tests/bin}/Makefile.in | 256 +- tests/bin/setup-env.in | 59 + tests/can/Makefile.am | 6 +- tests/can/Makefile.in | 204 +- tests/can/NTMakefile | 35 + tests/can/check-can.in | 25 +- tests/can/krb5.conf.in | 2 +- tests/can/mit-pkinit-20070607.xf | 2 +- tests/can/test_can.in | 2 +- tests/db/Makefile.am | 28 +- tests/db/Makefile.in | 225 +- tests/db/NTMakefile | 35 + tests/db/add-modify-delete.in | 4 +- tests/db/check-aliases.in | 110 + tests/db/check-dbinfo.in | 8 +- tests/db/have-db.in | 11 +- tests/db/krb5-mit.conf.in | 14 + tests/db/krb5.conf.in | 6 +- tests/db/loaddump-db.in | 14 +- tests/gss/Makefile.am | 5 +- tests/gss/Makefile.in | 202 +- tests/gss/NTMakefile | 35 + tests/gss/check-basic.in | 58 +- tests/gss/check-context.in | 341 +- tests/gss/check-gss.in | 17 +- tests/gss/check-gssmask.in | 6 +- tests/gss/check-ntlm.in | 8 +- tests/gss/check-spnego.in | 14 +- tests/gss/krb5.conf.in | 2 +- tests/gss/ntlm-user-file.txt | 2 +- tests/java/KerberosInit.java | 2 +- tests/java/Makefile.am | 1 + tests/java/Makefile.in | 198 +- tests/java/NTMakefile | 35 + tests/java/check-kinit.in | 2 +- tests/java/have-java.sh | 2 +- tests/java/krb5.conf.in | 2 - tests/kdc/Makefile.am | 81 +- tests/kdc/Makefile.in | 407 +- tests/kdc/NTMakefile | 35 + tests/kdc/check-cc.in | 155 + tests/kdc/check-delegation.in | 158 + tests/kdc/check-des.in | 161 + tests/kdc/check-digest.in | 69 +- tests/kdc/check-iprop.in | 132 +- tests/kdc/check-kadmin.in | 195 +- .../kdc/check-kdc-weak.in | 34 +- tests/kdc/check-kdc.in | 227 +- tests/kdc/check-keys.in | 19 +- tests/kdc/check-kpasswdd.in | 198 + tests/kdc/check-pkinit.in | 60 +- tests/kdc/check-referral.in | 103 +- tests/kdc/check-uu.in | 30 +- tests/kdc/heimdal.acl | 4 +- tests/kdc/iprop-acl | 2 +- tests/kdc/krb5-pkinit.conf.in | 3 +- tests/kdc/krb5.conf.in | 55 +- tests/kdc/krb5.conf.keys.in | 3 +- tests/kdc/leaks-kill.sh | 32 + tests/kdc/ntlm-user-file.txt | 1 - tests/kdc/pki-mapping | 1 - tests/kdc/wait-kdc.sh | 10 +- tests/ldap/Makefile.am | 3 +- tests/ldap/Makefile.in | 200 +- tests/ldap/NTMakefile | 35 + tests/ldap/check-ldap.in | 17 +- tests/ldap/init.ldif | 2 +- tests/ldap/krb5.conf.in | 2 +- tests/ldap/slapd-init.in | 2 +- tests/ldap/slapd-stop | 2 +- tests/plugin/Makefile.am | 3 +- tests/plugin/Makefile.in | 302 +- tests/plugin/NTMakefile | 35 + tests/plugin/check-pac.in | 15 +- tests/plugin/krb5.conf.in | 2 +- tests/plugin/windc.c | 24 +- tools/Makefile.am | 5 +- tools/Makefile.in | 330 +- tools/NTMakefile | 35 + tools/heimdal-build.sh | 295 - tools/heimdal-gssapi.pc.in | 4 +- tools/kdc-log-analyze.pl | 4 +- tools/krb5-config.1 | 68 +- tools/krb5-config.cat1 | 52 + tools/krb5-config.in | 38 +- windows/NTMakefile.config | 109 + windows/NTMakefile.w32 | 574 + windows/README | 147 + windows/maint.el | 34 + windows/version.rc | 147 + ylwrap | 222 + 3341 files changed, 568838 insertions(+), 130726 deletions(-) create mode 100644 NTMakefile create mode 100644 TODO create mode 100644 admin/NTMakefile create mode 100644 admin/destroy.c create mode 100644 admin/ktutil-version.rc create mode 100644 admin/ktutil.cat8 create mode 100644 appl/NTMakefile create mode 100644 appl/afsutil/NTMakefile create mode 100644 appl/afsutil/afslog.cat1 create mode 100644 appl/afsutil/pagsh.cat1 create mode 100644 appl/dceutils/ChangeLog create mode 100644 appl/dceutils/Makefile.am rename {lib/auth/pam => appl/dceutils}/Makefile.in (56%) create mode 100644 appl/dceutils/NTMakefile create mode 100644 appl/dceutils/README.dcedfs create mode 100644 appl/dceutils/README.original create mode 100644 appl/dceutils/dfspag.exp create mode 100644 appl/dceutils/dpagaix.c create mode 100644 appl/dceutils/k5dce.h create mode 100644 appl/dceutils/k5dcecon.c create mode 100644 appl/dceutils/testpag.c create mode 100644 appl/ftp/NTMakefile create mode 100644 appl/ftp/common/NTMakefile create mode 100644 appl/ftp/ftp/NTMakefile create mode 100644 appl/ftp/ftp/ftp.cat1 delete mode 100644 appl/ftp/ftp/krb4.c create mode 100644 appl/ftp/ftpd/NTMakefile create mode 100644 appl/ftp/ftpd/ftpd.cat8 create mode 100644 appl/ftp/ftpd/ftpusers.cat5 delete mode 100644 appl/ftp/ftpd/krb4.c create mode 100644 appl/gssmask/NTMakefile create mode 100644 appl/kf/NTMakefile create mode 100644 appl/kf/kf.cat1 create mode 100644 appl/kf/kfd.cat8 create mode 100644 appl/kx/ChangeLog create mode 100644 appl/kx/Makefile.am create mode 100644 appl/kx/Makefile.in create mode 100644 appl/kx/NTMakefile create mode 100644 appl/kx/common.c create mode 100644 appl/kx/context.c create mode 100644 appl/kx/krb5.c rename lib/krb5/krb5_expand_hostname.3 => appl/kx/kx.1 (56%) create mode 100644 appl/kx/kx.c create mode 100644 appl/kx/kx.cat1 create mode 100644 appl/kx/kx.h create mode 100644 appl/kx/kxd.8 create mode 100644 appl/kx/kxd.c create mode 100644 appl/kx/kxd.cat8 create mode 100644 appl/kx/rxtelnet.1 create mode 100644 appl/kx/rxtelnet.cat1 create mode 100644 appl/kx/rxtelnet.in create mode 100644 appl/kx/rxterm.1 create mode 100644 appl/kx/rxterm.cat1 create mode 100644 appl/kx/rxterm.in rename lib/krb5/krb5_unparse_name.3 => appl/kx/tenletxr.1 (62%) create mode 100644 appl/kx/tenletxr.cat1 create mode 100644 appl/kx/tenletxr.in create mode 100644 appl/kx/writeauth.c create mode 100644 appl/login/NTMakefile rename appl/login/{login_protos.h => login-protos.h} (99%) create mode 100644 appl/login/login.access.cat5 create mode 100644 appl/login/login.cat1 create mode 100644 appl/otp/ChangeLog create mode 100644 appl/otp/Makefile.am create mode 100644 appl/otp/Makefile.in create mode 100644 appl/otp/NTMakefile create mode 100644 appl/otp/otp.1 create mode 100644 appl/otp/otp.c create mode 100644 appl/otp/otp.cat1 rename lib/45/45_locl.h => appl/otp/otp_locl.h (65%) rename lib/krb5/krb5_crypto_init.3 => appl/otp/otpprint.1 (61%) create mode 100644 appl/otp/otpprint.c create mode 100644 appl/otp/otpprint.cat1 create mode 100644 appl/popper/ChangeLog create mode 100644 appl/popper/Makefile.am create mode 100644 appl/popper/Makefile.in create mode 100644 appl/popper/NTMakefile create mode 100644 appl/popper/README create mode 100644 appl/popper/README-FIRST create mode 100644 appl/popper/auth_gssapi.c create mode 100644 appl/popper/maildir.c create mode 100644 appl/popper/pop3.rfc1081 create mode 100644 appl/popper/pop3e.rfc1082 create mode 100644 appl/popper/pop_auth.c rename lib/sl/ss.h => appl/popper/pop_auth.h (55%) create mode 100644 appl/popper/pop_debug.c create mode 100644 appl/popper/pop_dele.c create mode 100644 appl/popper/pop_dropcopy.c create mode 100644 appl/popper/pop_dropinfo.c create mode 100644 appl/popper/pop_get_command.c create mode 100644 appl/popper/pop_init.c create mode 100644 appl/popper/pop_last.c create mode 100644 appl/popper/pop_list.c create mode 100644 appl/popper/pop_log.c create mode 100644 appl/popper/pop_msg.c create mode 100644 appl/popper/pop_parse.c create mode 100644 appl/popper/pop_pass.c create mode 100644 appl/popper/pop_quit.c create mode 100644 appl/popper/pop_rset.c create mode 100644 appl/popper/pop_send.c create mode 100644 appl/popper/pop_stat.c create mode 100644 appl/popper/pop_uidl.c create mode 100644 appl/popper/pop_updt.c create mode 100644 appl/popper/pop_user.c create mode 100644 appl/popper/pop_xover.c create mode 100644 appl/popper/popper.8 create mode 100644 appl/popper/popper.README.release create mode 100644 appl/popper/popper.c create mode 100644 appl/popper/popper.cat8 create mode 100644 appl/popper/popper.h create mode 100644 appl/popper/version.h create mode 100644 appl/push/NTMakefile create mode 100644 appl/push/pfrom.cat1 create mode 100644 appl/push/push.cat8 create mode 100644 appl/rcp/NTMakefile create mode 100644 appl/rcp/rcp.cat1 create mode 100644 appl/rsh/NTMakefile create mode 100644 appl/rsh/rsh.cat1 create mode 100644 appl/rsh/rshd.cat8 create mode 100644 appl/su/NTMakefile create mode 100644 appl/su/su.cat1 create mode 100644 appl/telnet/NTMakefile create mode 100644 appl/telnet/libtelnet/NTMakefile delete mode 100644 appl/telnet/libtelnet/kerberos.c delete mode 100644 appl/telnet/libtelnet/krb4encpwd.c create mode 100644 appl/telnet/telnet/NTMakefile create mode 100644 appl/telnet/telnet/telnet.cat1 create mode 100644 appl/telnet/telnetd/NTMakefile create mode 100644 appl/telnet/telnetd/telnetd.cat8 create mode 100644 appl/test/NTMakefile create mode 100644 appl/xnlock/ChangeLog create mode 100644 appl/xnlock/Makefile.am rename {lib/auth/sia => appl/xnlock}/Makefile.in (55%) create mode 100644 appl/xnlock/NTMakefile create mode 100644 appl/xnlock/README create mode 100644 appl/xnlock/nose.0.left create mode 100644 appl/xnlock/nose.0.right create mode 100644 appl/xnlock/nose.1.left create mode 100644 appl/xnlock/nose.1.right create mode 100644 appl/xnlock/nose.down create mode 100644 appl/xnlock/nose.front create mode 100644 appl/xnlock/nose.left.front create mode 100644 appl/xnlock/nose.right.front create mode 100644 appl/xnlock/xnlock.1 create mode 100644 appl/xnlock/xnlock.c create mode 100644 appl/xnlock/xnlock.cat1 create mode 100644 base/Makefile.am rename {lib/auth/afskauthlib => base}/Makefile.in (56%) create mode 100644 base/NTMakefile create mode 100644 base/array.c create mode 100644 base/baselocl.h create mode 100644 base/bool.c create mode 100644 base/dict.c create mode 100644 base/heimbase.c create mode 100644 base/heimbase.h create mode 100644 base/heimbasepriv.h create mode 100644 base/heimqueue.h create mode 100644 base/null.c create mode 100644 base/number.c create mode 100644 base/string.c create mode 100644 base/test_base.c create mode 100644 base/version-script.map delete mode 100644 cf/autobuild.m4 create mode 100644 cf/dispatch.m4 create mode 100644 cf/libtool.m4 create mode 100644 cf/ltoptions.m4 create mode 100644 cf/ltsugar.m4 create mode 100644 cf/ltversion.m4 create mode 100644 cf/lt~obsolete.m4 create mode 100644 cf/pkg.m4 rename configure.in => configure.ac (67%) create mode 100755 depcomp create mode 100644 doc/NTMakefile create mode 100644 doc/copyright.texi create mode 100644 doc/doxyout/gssapi/html/doxygen.css create mode 100644 doc/doxyout/gssapi/html/doxygen.png create mode 100644 doc/doxyout/gssapi/html/graph_legend.dot create mode 100644 doc/doxyout/gssapi/html/graph_legend.html create mode 100644 doc/doxyout/gssapi/html/graph_legend.png create mode 100644 doc/doxyout/gssapi/html/group__gssapi.html create mode 100644 doc/doxyout/gssapi/html/gssapi_mechs_intro.html create mode 100644 doc/doxyout/gssapi/html/gssapi_services_intro.html create mode 100644 doc/doxyout/gssapi/html/index.html create mode 100644 doc/doxyout/gssapi/html/internalvsmechname.html create mode 100644 doc/doxyout/gssapi/html/modules.html create mode 100644 doc/doxyout/gssapi/html/pages.html create mode 100644 doc/doxyout/gssapi/html/tab_b.gif create mode 100644 doc/doxyout/gssapi/html/tab_l.gif create mode 100644 doc/doxyout/gssapi/html/tab_r.gif create mode 100644 doc/doxyout/gssapi/html/tabs.css create mode 100644 doc/doxyout/gssapi/man/man3/__gss_c_attr_stream_sizes_oid_desc.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_add_oid_set_member.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_canonicalize_name.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_import_name.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_init_sec_context.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_inquire_attrs_for_mech.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_inquire_saslname_for_mech.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_oid_equal.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_release_cred.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_release_iov_buffer.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_release_name.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_unwrap_iov.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_wrap.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_wrap_iov.3 create mode 100644 doc/doxyout/gssapi/man/man3/gss_wrap_iov_length.3 create mode 100644 doc/doxyout/gssapi/man/man3/gssapi.3 create mode 100644 doc/doxyout/gssapi/man/man3/gssapi_mechs_intro.3 create mode 100644 doc/doxyout/gssapi/man/man3/gssapi_services_intro.3 create mode 100644 doc/doxyout/gssapi/man/man3/internalvsmechname.3 create mode 100644 doc/doxyout/gssapi/manpages create mode 100644 doc/doxyout/hcrypto/html/doxygen.css create mode 100644 doc/doxyout/hcrypto/html/doxygen.png create mode 100644 doc/doxyout/hcrypto/html/example__evp__cipher_8c-example.html create mode 100644 doc/doxyout/hcrypto/html/examples.html create mode 100644 doc/doxyout/hcrypto/html/graph_legend.dot create mode 100644 doc/doxyout/hcrypto/html/graph_legend.html create mode 100644 doc/doxyout/hcrypto/html/graph_legend.png create mode 100644 doc/doxyout/hcrypto/html/group__hcrypto__core.html create mode 100644 doc/doxyout/hcrypto/html/group__hcrypto__des.html create mode 100644 doc/doxyout/hcrypto/html/group__hcrypto__dh.html create mode 100644 doc/doxyout/hcrypto/html/group__hcrypto__evp.html create mode 100644 doc/doxyout/hcrypto/html/group__hcrypto__misc.html create mode 100644 doc/doxyout/hcrypto/html/group__hcrypto__rand.html create mode 100644 doc/doxyout/hcrypto/html/group__hcrypto__rsa.html create mode 100644 doc/doxyout/hcrypto/html/index.html create mode 100644 doc/doxyout/hcrypto/html/modules.html create mode 100644 doc/doxyout/hcrypto/html/page_des.html create mode 100644 doc/doxyout/hcrypto/html/page_dh.html create mode 100644 doc/doxyout/hcrypto/html/page_evp.html create mode 100644 doc/doxyout/hcrypto/html/page_rand.html create mode 100644 doc/doxyout/hcrypto/html/page_rsa.html create mode 100644 doc/doxyout/hcrypto/html/tab_b.gif create mode 100644 doc/doxyout/hcrypto/html/tab_l.gif create mode 100644 doc/doxyout/hcrypto/html/tab_r.gif create mode 100644 doc/doxyout/hcrypto/html/tabs.css create mode 100644 doc/doxyout/hcrypto/man/man3/DES_cbc_cksum.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_cbc_encrypt.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_cfb64_encrypt.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_check_key_parity.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_ecb3_encrypt.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_ecb_encrypt.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_ede3_cbc_encrypt.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_encrypt.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_init_random_number_generator.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_is_weak_key.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_key_sched.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_new_random_key.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_pcbc_encrypt.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_random_key.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_set_key.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_set_key_checked.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_set_key_unchecked.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_set_odd_parity.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DES_string_to_key.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_check_pubkey.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_compute_key.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_free.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_generate_key.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_generate_parameters_ex.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_get_default_method.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_get_ex_data.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_ltm_method.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_new.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_new_method.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_null_method.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_set_default_method.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_set_ex_data.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_set_method.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_size.3 create mode 100644 doc/doxyout/hcrypto/man/man3/DH_up_ref.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_BytesToKey.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_block_size.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_cipher.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_cleanup.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_ctrl.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_flags.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_get_app_data.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_init.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_iv_length.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_key_length.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_mode.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_rand_key.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_set_app_data.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_set_key_length.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_block_size.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_iv_length.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CIPHER_key_length.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CipherFinal_ex.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CipherInit_ex.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_CipherUpdate.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_Digest.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_DigestFinal_ex.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_DigestInit_ex.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_DigestUpdate.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_block_size.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_cleanup.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_create.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_destroy.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_init.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_md.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_size.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_MD_block_size.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_MD_size.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_aes_128_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_aes_128_cfb8.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_aes_192_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_aes_192_cfb8.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_aes_256_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_aes_256_cfb8.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_camellia_128_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_camellia_192_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_camellia_256_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_des_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_des_ede3_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_enc_null.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_get_cipherbyname.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_128_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_128_cfb8.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_192_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_192_cfb8.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_256_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_256_cfb8.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_camellia_128_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_camellia_192_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_camellia_256_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_des_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_des_ede3_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_md2.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_md4.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_md5.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_rc2_40_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_rc2_64_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_rc2_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha1.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha256.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha384.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha512.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_md2.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_md4.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_md5.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_md_null.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_rc2_40_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_rc2_64_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_rc2_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_rc4.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_rc4_40.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_sha.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_sha1.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_sha256.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_sha384.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_sha512.3 create mode 100644 doc/doxyout/hcrypto/man/man3/EVP_wincrypt_des_ede3_cbc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/OpenSSL_add_all_algorithms.3 create mode 100644 doc/doxyout/hcrypto/man/man3/OpenSSL_add_all_algorithms_conf.3 create mode 100644 doc/doxyout/hcrypto/man/man3/OpenSSL_add_all_algorithms_noconf.3 create mode 100644 doc/doxyout/hcrypto/man/man3/PKCS5_PBKDF2_HMAC_SHA1.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RAND_add.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RAND_bytes.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RAND_cleanup.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RAND_file_name.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RAND_get_rand_method.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RAND_load_file.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RAND_pseudo_bytes.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RAND_seed.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RAND_set_rand_engine.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RAND_set_rand_method.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RAND_status.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RAND_write_file.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RSA_free.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RSA_get_app_data.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RSA_get_method.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RSA_new.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RSA_new_method.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RSA_set_app_data.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RSA_set_method.3 create mode 100644 doc/doxyout/hcrypto/man/man3/RSA_up_ref.3 create mode 100644 doc/doxyout/hcrypto/man/man3/hcrypto_core.3 create mode 100644 doc/doxyout/hcrypto/man/man3/hcrypto_des.3 create mode 100644 doc/doxyout/hcrypto/man/man3/hcrypto_dh.3 create mode 100644 doc/doxyout/hcrypto/man/man3/hcrypto_evp.3 create mode 100644 doc/doxyout/hcrypto/man/man3/hcrypto_misc.3 create mode 100644 doc/doxyout/hcrypto/man/man3/hcrypto_rand.3 create mode 100644 doc/doxyout/hcrypto/man/man3/hcrypto_rsa.3 create mode 100644 doc/doxyout/hcrypto/man/man3/page_des.3 create mode 100644 doc/doxyout/hcrypto/man/man3/page_dh.3 create mode 100644 doc/doxyout/hcrypto/man/man3/page_evp.3 create mode 100644 doc/doxyout/hcrypto/man/man3/page_rand.3 create mode 100644 doc/doxyout/hcrypto/man/man3/page_rsa.3 create mode 100644 doc/doxyout/hcrypto/manpages create mode 100644 doc/doxyout/hdb/html/annotated.html create mode 100644 doc/doxyout/hdb/html/doxygen.css create mode 100644 doc/doxyout/hdb/html/doxygen.png create mode 100644 doc/doxyout/hdb/html/functions.html create mode 100644 doc/doxyout/hdb/html/functions_vars.html create mode 100644 doc/doxyout/hdb/html/graph_legend.dot create mode 100644 doc/doxyout/hdb/html/graph_legend.html create mode 100644 doc/doxyout/hdb/html/graph_legend.png create mode 100644 doc/doxyout/hdb/html/index.html create mode 100644 doc/doxyout/hdb/html/struct_h_d_b.html create mode 100644 doc/doxyout/hdb/html/structhdb__entry__ex.html create mode 100644 doc/doxyout/hdb/html/tab_b.gif create mode 100644 doc/doxyout/hdb/html/tab_l.gif create mode 100644 doc/doxyout/hdb/html/tab_r.gif create mode 100644 doc/doxyout/hdb/html/tabs.css create mode 100644 doc/doxyout/hdb/man/man3/HDB.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb__del.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb__get.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb__put.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_auth_status.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_check_constrained_delegation.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_check_pkinit_ms_upn_match.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_check_s4u2self.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_close.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_destroy.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_entry_ex.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_fetch_kvno.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_firstkey.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_free.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_get_realms.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_lock.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_name.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_nextkey.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_open.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_password.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_remove.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_rename.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_store.3 create mode 100644 doc/doxyout/hdb/man/man3/hdb_unlock.3 create mode 100644 doc/doxyout/hdb/manpages create mode 100644 doc/doxyout/hx509/html/doxygen.css create mode 100644 doc/doxyout/hx509/html/doxygen.png create mode 100644 doc/doxyout/hx509/html/graph_legend.dot create mode 100644 doc/doxyout/hx509/html/graph_legend.html create mode 100644 doc/doxyout/hx509/html/graph_legend.png create mode 100644 doc/doxyout/hx509/html/group__hx509.html create mode 100644 doc/doxyout/hx509/html/group__hx509__ca.html create mode 100644 doc/doxyout/hx509/html/group__hx509__cert.html create mode 100644 doc/doxyout/hx509/html/group__hx509__cms.html create mode 100644 doc/doxyout/hx509/html/group__hx509__crypto.html create mode 100644 doc/doxyout/hx509/html/group__hx509__env.html create mode 100644 doc/doxyout/hx509/html/group__hx509__error.html create mode 100644 doc/doxyout/hx509/html/group__hx509__keyset.html create mode 100644 doc/doxyout/hx509/html/group__hx509__lock.html create mode 100644 doc/doxyout/hx509/html/group__hx509__misc.html create mode 100644 doc/doxyout/hx509/html/group__hx509__name.html create mode 100644 doc/doxyout/hx509/html/group__hx509__peer.html create mode 100644 doc/doxyout/hx509/html/group__hx509__print.html create mode 100644 doc/doxyout/hx509/html/group__hx509__query.html create mode 100644 doc/doxyout/hx509/html/group__hx509__revoke.html create mode 100644 doc/doxyout/hx509/html/group__hx509__verify.html create mode 100644 doc/doxyout/hx509/html/index.html create mode 100644 doc/doxyout/hx509/html/modules.html create mode 100644 doc/doxyout/hx509/html/page_ca.html create mode 100644 doc/doxyout/hx509/html/page_cert.html create mode 100644 doc/doxyout/hx509/html/page_cms.html create mode 100644 doc/doxyout/hx509/html/page_env.html create mode 100644 doc/doxyout/hx509/html/page_error.html create mode 100644 doc/doxyout/hx509/html/page_keyset.html create mode 100644 doc/doxyout/hx509/html/page_lock.html create mode 100644 doc/doxyout/hx509/html/page_name.html create mode 100644 doc/doxyout/hx509/html/page_peer.html create mode 100644 doc/doxyout/hx509/html/page_print.html create mode 100644 doc/doxyout/hx509/html/page_revoke.html create mode 100644 doc/doxyout/hx509/html/pages.html create mode 100644 doc/doxyout/hx509/html/tab_b.gif create mode 100644 doc/doxyout/hx509/html/tab_l.gif create mode 100644 doc/doxyout/hx509/html/tab_r.gif create mode 100644 doc/doxyout/hx509/html/tabs.css create mode 100644 doc/doxyout/hx509/man/man3/hx509.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_bitstring_print.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_sign.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_sign_self.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_crl_dp_uri.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_eku.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_hostname.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_jid.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_ms_upn.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_otherName.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_pkinit.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_rfc822name.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_free.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_init.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_ca.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_domaincontroller.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_notAfter.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_notAfter_lifetime.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_notBefore.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_proxy.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_serialnumber.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_spki.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_subject.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_template.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_unique.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_subject_expand.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ca_tbs_template_units.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_binary.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_check_eku.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_cmp.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_find_subjectAltName_otherName.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_free.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_get_SPKI.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_get_SPKI_AlgorithmIdentifier.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_get_attribute.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_get_base_subject.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_get_friendly_name.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_get_issuer.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_get_issuer_unique_id.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_get_notAfter.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_get_notBefore.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_get_serialnumber.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_get_subject.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_get_subject_unique_id.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_init.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_init_data.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_keyusage_print.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_ref.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cert_set_friendly_name.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_add.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_append.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_end_seq.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_filter.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_find.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_free.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_info.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_init.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_iter_f.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_merge.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_next_cert.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_start_seq.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_certs_store.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ci_print_names.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_clear_error_string.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cms.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cms_create_signed_1.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cms_envelope_1.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cms_unenvelope.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cms_unwrap_ContentInfo.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cms_verify_signed.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_cms_wrap_ContentInfo.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_context_free.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_context_init.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_context_set_missing_revoke.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_crl_add_revoked_certs.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_crl_alloc.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_crl_free.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_crl_lifetime.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_crl_sign.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_crypto.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_env.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_env_add.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_env_add_binding.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_env_find.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_env_find_binding.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_env_free.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_env_lfind.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_err.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_error.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_free_error_string.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_free_octet_string_list.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_general_name_unparse.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_get_error_string.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_get_one_cert.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_keyset.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_lock.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_misc.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_name.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_name_binary.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_name_cmp.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_name_copy.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_name_expand.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_name_free.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_name_is_null_p.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_name_to_Name.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_name_to_string.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ocsp_request.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_ocsp_verify.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_oid_print.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_oid_sprint.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_parse_name.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_peer.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_peer_info_add_cms_alg.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_peer_info_alloc.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_peer_info_free.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_peer_info_set_cert.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_peer_info_set_cms_algs.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_print.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_print_cert.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_print_stdout.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_query.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_query_alloc.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_query_free.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_query_match_cmp_func.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_query_match_eku.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_query_match_friendly_name.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_query_match_issuer_serial.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_query_match_option.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_query_statistic_file.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_query_unparse_stats.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_revoke.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_revoke_add_crl.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_revoke_add_ocsp.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_revoke_free.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_revoke_init.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_revoke_ocsp_print.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_revoke_verify.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_set_error_string.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_set_error_stringv.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_unparse_der_name.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_validate_cert.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_validate_ctx_add_flags.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_validate_ctx_free.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_validate_ctx_init.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_validate_ctx_set_print.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify_attach_anchors.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify_attach_revoke.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify_ctx_f_allow_default_trustanchors.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify_destroy_ctx.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify_hostname.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify_init_ctx.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify_path.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify_set_max_depth.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify_set_proxy_certificate.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify_set_strict_rfc3280_verification.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify_set_time.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_verify_signature.3 create mode 100644 doc/doxyout/hx509/man/man3/hx509_xfree.3 create mode 100644 doc/doxyout/hx509/man/man3/page_ca.3 create mode 100644 doc/doxyout/hx509/man/man3/page_cert.3 create mode 100644 doc/doxyout/hx509/man/man3/page_cms.3 create mode 100644 doc/doxyout/hx509/man/man3/page_env.3 create mode 100644 doc/doxyout/hx509/man/man3/page_error.3 create mode 100644 doc/doxyout/hx509/man/man3/page_keyset.3 create mode 100644 doc/doxyout/hx509/man/man3/page_lock.3 create mode 100644 doc/doxyout/hx509/man/man3/page_name.3 create mode 100644 doc/doxyout/hx509/man/man3/page_peer.3 create mode 100644 doc/doxyout/hx509/man/man3/page_print.3 create mode 100644 doc/doxyout/hx509/man/man3/page_revoke.3 create mode 100644 doc/doxyout/hx509/manpages create mode 100644 doc/doxyout/krb5/html/annotated.html create mode 100644 doc/doxyout/krb5/html/doxygen.css create mode 100644 doc/doxyout/krb5/html/doxygen.png create mode 100644 doc/doxyout/krb5/html/graph_legend.dot create mode 100644 doc/doxyout/krb5/html/graph_legend.html create mode 100644 doc/doxyout/krb5/html/graph_legend.png create mode 100644 doc/doxyout/krb5/html/group__krb5.html create mode 100644 doc/doxyout/krb5/html/group__krb5__address.html create mode 100644 doc/doxyout/krb5/html/group__krb5__auth.html create mode 100644 doc/doxyout/krb5/html/group__krb5__ccache.html create mode 100644 doc/doxyout/krb5/html/group__krb5__credential.html create mode 100644 doc/doxyout/krb5/html/group__krb5__crypto.html create mode 100644 doc/doxyout/krb5/html/group__krb5__deprecated.html create mode 100644 doc/doxyout/krb5/html/group__krb5__digest.html create mode 100644 doc/doxyout/krb5/html/group__krb5__error.html create mode 100644 doc/doxyout/krb5/html/group__krb5__keytab.html create mode 100644 doc/doxyout/krb5/html/group__krb5__pac.html create mode 100644 doc/doxyout/krb5/html/group__krb5__principal.html create mode 100644 doc/doxyout/krb5/html/group__krb5__storage.html create mode 100644 doc/doxyout/krb5/html/group__krb5__support.html create mode 100644 doc/doxyout/krb5/html/group__krb5__ticket.html create mode 100644 doc/doxyout/krb5/html/group__krb5__v4compat.html create mode 100644 doc/doxyout/krb5/html/index.html create mode 100644 doc/doxyout/krb5/html/krb5_ccache_intro.html create mode 100644 doc/doxyout/krb5/html/krb5_fileformats.html create mode 100644 doc/doxyout/krb5/html/krb5_init_creds_intro.html create mode 100644 doc/doxyout/krb5/html/krb5_introduction.html create mode 100644 doc/doxyout/krb5/html/krb5_keytab_intro.html create mode 100644 doc/doxyout/krb5/html/krb5_principal_intro.html create mode 100644 doc/doxyout/krb5/html/modules.html create mode 100644 doc/doxyout/krb5/html/pages.html create mode 100644 doc/doxyout/krb5/html/structkrb5__crypto__iov.html create mode 100644 doc/doxyout/krb5/html/tab_b.gif create mode 100644 doc/doxyout/krb5/html/tab_l.gif create mode 100644 doc/doxyout/krb5/html/tab_r.gif create mode 100644 doc/doxyout/krb5/html/tabs.css create mode 100644 doc/doxyout/krb5/man/man3/krb5.3 create mode 100644 doc/doxyout/krb5/man/man3/krb524_convert_creds_kdc.3 create mode 100644 doc/doxyout/krb5/man/man3/krb524_convert_creds_kdc_ccache.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_acc_ops.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_acl_match_file.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_acl_match_string.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_add_et_list.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_add_extra_addresses.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_add_ignore_addresses.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_addr2sockaddr.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_address.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_address_compare.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_address_order.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_address_prefixlen_boundary.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_address_search.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_allow_weak_crypto.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_anyaddr.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_append_addresses.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_auth.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_auth_getremoteseqnumber.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_build_principal.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_c_enctype_compare.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_cache_end_seq_get.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_cache_get_first.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_cache_match.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_cache_next.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_clear_mcred.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_close.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_copy_cache.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_copy_creds.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_copy_match_f.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_default.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_default_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_destroy.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_end_seq_get.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_gen_new.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_get_config.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_get_flags.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_get_friendly_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_get_full_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_get_kdc_offset.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_get_lifetime.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_get_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_get_ops.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_get_prefix_ops.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_get_principal.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_get_type.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_get_version.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_initialize.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_last_change_time.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_move.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_new_unique.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_next_cred.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_register.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_remove_cred.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_resolve.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_retrieve_cred.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_set_config.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_set_default_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_set_flags.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_set_friendly_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_set_kdc_offset.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_start_seq_get.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_store_cred.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_support_switch.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cc_switch.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ccache.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ccache_intro.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cccol_cursor_free.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cccol_cursor_new.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cccol_cursor_next.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cccol_last_change_time.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_change_password.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_cksumtype_to_enctype.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_clear_error_message.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_clear_error_string.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_compare_creds.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_file_free.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_free_strings.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_get_bool.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_get_bool_default.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_get_list.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_get_string.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_get_string_default.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_get_strings.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_get_time.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_get_time_default.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_parse_file_multi.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_parse_string_multi.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_vget_bool.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_vget_bool_default.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_vget_list.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_vget_string.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_vget_string_default.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_vget_strings.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_vget_time.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_config_vget_time_default.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_copy_address.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_copy_addresses.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_copy_context.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_copy_creds.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_copy_creds_contents.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_copy_data.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_copy_host_realm.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_copy_keyblock.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_copy_keyblock_contents.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_copy_principal.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_copy_ticket.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_create_checksum_iov.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_credential.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_creds_get_ticket_flags.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_crypto.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_crypto_destroy.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_crypto_fx_cf2.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_crypto_getblocksize.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_crypto_getconfoundersize.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_crypto_getenctype.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_crypto_getpadsize.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_crypto_init.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_crypto_iov.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_data_alloc.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_data_cmp.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_data_copy.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_data_ct_cmp.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_data_free.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_data_realloc.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_data_zero.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_decrypt_iov_ivec.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_deprecated.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_digest.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_digest_probe.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_eai_to_heim_errno.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_encrypt_iov_ivec.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_enctype_disable.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_enctype_enable.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_enctype_valid.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_enctypes_compatible_keys.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_error.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_expand_hostname.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_expand_hostname_realms.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_fcc_ops.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_fileformats.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_address.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_addresses.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_config_files.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_context.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_cred_contents.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_creds.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_creds_contents.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_data.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_data_contents.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_error_string.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_host_realm.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_keyblock.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_keyblock_contents.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_principal.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_ticket.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_free_unparsed_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_fwd_tgt_creds.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_generate_subkey.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_generate_subkey_extended.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_cred_from_kdc.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_cred_from_kdc_opt.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_default_config_files.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_default_in_tkt_etypes.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_dns_canonicalize_hostname.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_extra_addresses.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_fcache_version.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_forwarded_creds.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_ignore_addresses.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_in_tkt_with_keytab.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_in_tkt_with_password.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_in_tkt_with_skey.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_init_creds_keyblock.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_init_creds_keytab.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_alloc.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_free.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_get_error.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_init.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_init_creds_password.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_kdc_sec_offset.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_max_time_skew.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_use_admin_kdc.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_get_validated_creds.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_h_addr2addr.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_h_addr2sockaddr.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_h_errno_to_heim_errno.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_init_context.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_init_creds_free.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_init_creds_get.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_init_creds_get_error.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_init_creds_init.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_init_creds_intro.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_init_creds_set_keytab.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_init_creds_set_password.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_init_creds_set_service.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_init_creds_step.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_init_ets.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_introduction.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_is_config_principal.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_is_thread_safe.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kerberos_enctypes.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_keyblock_get_enctype.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_keyblock_init.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_keyblock_zero.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_keytab.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_keytab_intro.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_keytab_key_proc.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_keytype_to_enctypes.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_keytype_to_enctypes_default.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_keytype_to_string.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_krbhst_get_addrinfo.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_add_entry.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_close.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_compare.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_copy_entry_contents.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_default.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_default_modify_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_default_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_destroy.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_end_seq_get.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_free_entry.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_get_entry.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_get_full_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_get_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_get_type.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_have_content.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_next_entry.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_read_service_key.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_register.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_remove_entry.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_resolve.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kt_start_seq_get.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_kuserok.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_make_addrport.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_make_principal.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_max_sockaddr_size.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_mcc_ops.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_pac.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_pac_get_buffer.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_pac_verify.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_parse_address.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_parse_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_parse_name_flags.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_parse_nametype.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_password_key_proc.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_plugin_register.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_prepend_config_files_default.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_princ_realm.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_princ_set_realm.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_principal.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_principal_compare.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_principal_compare_any_realm.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_principal_get_num_comp.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_principal_get_realm.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_principal_get_type.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_principal_intro.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_principal_is_krbtgt.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_principal_match.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_principal_set_realm.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_principal_set_type.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_print_address.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_random_to_key.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_rd_req_ctx.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_rd_req_in_ctx_alloc.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_rd_req_in_set_keytab.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_rd_req_in_set_pac_check.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_rd_req_out_ctx_free.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_rd_req_out_get_server.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_realm_compare.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_address.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_addrs.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_authdata.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_creds.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_creds_tag.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_data.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_int16.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_int32.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_int8.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_keyblock.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_principal.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_string.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_stringz.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_times.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_uint16.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_uint32.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ret_uint8.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_config_files.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_default_in_tkt_etypes.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_dns_canonicalize_hostname.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_error_message.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_error_string.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_extra_addresses.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_fcache_version.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_home_dir_access.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_ignore_addresses.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_kdc_sec_offset.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_max_time_skew.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_password.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_real_time.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_set_use_admin_kdc.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_sname_to_principal.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_sockaddr2address.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_sockaddr2port.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_sockaddr_uninteresting.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_clear_flags.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_emem.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_free.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_from_data.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_from_fd.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_from_mem.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_from_readonly_mem.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_get_byteorder.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_get_eof_code.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_is_flags.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_read.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_seek.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_set_byteorder.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_set_eof_code.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_set_flags.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_set_max_alloc.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_to_data.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_truncate.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_storage_write.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_address.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_addrs.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_authdata.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_creds.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_creds_tag.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_data.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_int16.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_int32.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_int8.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_keyblock.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_principal.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_string.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_stringz.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_times.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_uint16.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_uint32.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_store_uint8.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_string_to_keytype.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_support.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ticket.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ticket_get_authorization_data_type.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ticket_get_client.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ticket_get_endtime.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ticket_get_flags.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_ticket_get_server.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_unparse_name.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_unparse_name_fixed.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_unparse_name_fixed_flags.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_unparse_name_fixed_short.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_unparse_name_flags.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_unparse_name_short.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_v4compat.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_verify_checksum_iov.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_vset_error_string.3 create mode 100644 doc/doxyout/krb5/man/man3/krb5_vwarn.3 create mode 100644 doc/doxyout/krb5/manpages create mode 100644 doc/doxyout/ntlm/html/annotated.html create mode 100644 doc/doxyout/ntlm/html/doxygen.css create mode 100644 doc/doxyout/ntlm/html/doxygen.png create mode 100644 doc/doxyout/ntlm/html/examples.html create mode 100644 doc/doxyout/ntlm/html/functions.html create mode 100644 doc/doxyout/ntlm/html/functions_vars.html create mode 100644 doc/doxyout/ntlm/html/graph_legend.dot create mode 100644 doc/doxyout/ntlm/html/graph_legend.html create mode 100644 doc/doxyout/ntlm/html/graph_legend.png create mode 100644 doc/doxyout/ntlm/html/group__ntlm__core.html create mode 100644 doc/doxyout/ntlm/html/index.html create mode 100644 doc/doxyout/ntlm/html/modules.html create mode 100644 doc/doxyout/ntlm/html/structntlm__buf.html create mode 100644 doc/doxyout/ntlm/html/structntlm__type1.html create mode 100644 doc/doxyout/ntlm/html/structntlm__type2.html create mode 100644 doc/doxyout/ntlm/html/structntlm__type2__coll__graph.map create mode 100644 doc/doxyout/ntlm/html/structntlm__type2__coll__graph.md5 create mode 100644 doc/doxyout/ntlm/html/structntlm__type2__coll__graph.png create mode 100644 doc/doxyout/ntlm/html/structntlm__type3.html create mode 100644 doc/doxyout/ntlm/html/structntlm__type3__coll__graph.map create mode 100644 doc/doxyout/ntlm/html/structntlm__type3__coll__graph.md5 create mode 100644 doc/doxyout/ntlm/html/structntlm__type3__coll__graph.png create mode 100644 doc/doxyout/ntlm/html/tab_b.gif create mode 100644 doc/doxyout/ntlm/html/tab_l.gif create mode 100644 doc/doxyout/ntlm/html/tab_r.gif create mode 100644 doc/doxyout/ntlm/html/tabs.css create mode 100644 doc/doxyout/ntlm/html/test__ntlm_8c-example.html create mode 100644 doc/doxyout/ntlm/man/man3/challenge.3 create mode 100644 doc/doxyout/ntlm/man/man3/context.3 create mode 100644 doc/doxyout/ntlm/man/man3/data.3 create mode 100644 doc/doxyout/ntlm/man/man3/domain.3 create mode 100644 doc/doxyout/ntlm/man/man3/flags.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_build_ntlm1_master.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_build_ntlm2_master.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_calculate_lm2.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_calculate_ntlm1.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_calculate_ntlm2.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_decode_targetinfo.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_encode_targetinfo.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_encode_type1.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_encode_type2.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_encode_type3.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_free_buf.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_free_targetinfo.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_free_type1.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_free_type2.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_free_type3.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_keyex_unwrap.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_nt_key.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_ntlmv2_key.3 create mode 100644 doc/doxyout/ntlm/man/man3/heim_ntlm_verify_ntlm2.3 create mode 100644 doc/doxyout/ntlm/man/man3/hostname.3 create mode 100644 doc/doxyout/ntlm/man/man3/length.3 create mode 100644 doc/doxyout/ntlm/man/man3/lm.3 create mode 100644 doc/doxyout/ntlm/man/man3/ntlm.3 create mode 100644 doc/doxyout/ntlm/man/man3/ntlm_buf.3 create mode 100644 doc/doxyout/ntlm/man/man3/ntlm_core.3 create mode 100644 doc/doxyout/ntlm/man/man3/ntlm_type1.3 create mode 100644 doc/doxyout/ntlm/man/man3/ntlm_type2.3 create mode 100644 doc/doxyout/ntlm/man/man3/ntlm_type3.3 create mode 100644 doc/doxyout/ntlm/man/man3/os.3 create mode 100644 doc/doxyout/ntlm/man/man3/sessionkey.3 create mode 100644 doc/doxyout/ntlm/man/man3/targetinfo.3 create mode 100644 doc/doxyout/ntlm/man/man3/targetname.3 create mode 100644 doc/doxyout/ntlm/man/man3/username.3 create mode 100644 doc/doxyout/ntlm/man/man3/ws.3 create mode 100644 doc/doxyout/ntlm/manpages create mode 100644 doc/doxyout/wind/html/doxygen.css create mode 100644 doc/doxyout/wind/html/doxygen.png create mode 100644 doc/doxyout/wind/html/graph_legend.dot create mode 100644 doc/doxyout/wind/html/graph_legend.html create mode 100644 doc/doxyout/wind/html/graph_legend.png create mode 100644 doc/doxyout/wind/html/group__wind.html create mode 100644 doc/doxyout/wind/html/index.html create mode 100644 doc/doxyout/wind/html/modules.html create mode 100644 doc/doxyout/wind/html/tab_b.gif create mode 100644 doc/doxyout/wind/html/tab_l.gif create mode 100644 doc/doxyout/wind/html/tab_r.gif create mode 100644 doc/doxyout/wind/html/tabs.css create mode 100644 doc/doxyout/wind/man/man3/wind.3 create mode 100644 doc/doxyout/wind/man/man3/wind_profile.3 create mode 100644 doc/doxyout/wind/man/man3/wind_punycode_label_toascii.3 create mode 100644 doc/doxyout/wind/man/man3/wind_stringprep.3 create mode 100644 doc/doxyout/wind/man/man3/wind_ucs2read.3 create mode 100644 doc/doxyout/wind/man/man3/wind_ucs2utf8.3 create mode 100644 doc/doxyout/wind/man/man3/wind_ucs2utf8_length.3 create mode 100644 doc/doxyout/wind/man/man3/wind_ucs2write.3 create mode 100644 doc/doxyout/wind/man/man3/wind_ucs4utf8.3 create mode 100644 doc/doxyout/wind/man/man3/wind_ucs4utf8_length.3 create mode 100644 doc/doxyout/wind/man/man3/wind_utf8ucs2.3 create mode 100644 doc/doxyout/wind/man/man3/wind_utf8ucs2_length.3 create mode 100644 doc/doxyout/wind/man/man3/wind_utf8ucs4.3 create mode 100644 doc/doxyout/wind/man/man3/wind_utf8ucs4_length.3 create mode 100644 doc/doxyout/wind/manpages create mode 100644 doc/footer.html create mode 100644 doc/gssapi.din create mode 100644 doc/hdb.din create mode 100644 doc/header.html create mode 100644 doc/heimdal.info create mode 100644 doc/hx509.info create mode 100644 doc/wind.din create mode 100644 etc/NTMakefile create mode 100644 include/NTMakefile create mode 100644 include/crypto-headers.h create mode 100644 include/gssapi/NTMakefile create mode 100644 include/hcrypto/NTMakefile rename {lib/krb5 => include}/heim_threads.h (82%) create mode 100644 include/kadm5/NTMakefile create mode 100644 include/krb5-types.cross delete mode 100644 include/make_crypto.c create mode 100644 kadmin/NTMakefile create mode 100644 kadmin/kadmin-version.rc create mode 100644 kadmin/kadmin.cat8 create mode 100644 kadmin/kadmind-version.rc create mode 100644 kadmin/kadmind.cat8 create mode 100644 kadmin/rpc.c create mode 100644 kcm/NTMakefile delete mode 100644 kcm/cursor.c rename kcm/{kcm_protos.h => kcm-protos.h} (88%) create mode 100644 kcm/kcm.cat8 create mode 100644 kcm/sessions.c delete mode 100644 kdc/524.c create mode 100644 kdc/NTMakefile create mode 100644 kdc/announce.c create mode 100644 kdc/digest-service.c create mode 100644 kdc/hprop-version.rc create mode 100644 kdc/hprop.cat8 create mode 100644 kdc/hpropd-version.rc create mode 100644 kdc/hpropd.cat8 delete mode 100644 kdc/kadb.h delete mode 100644 kdc/kaserver.c create mode 100644 kdc/kdc-version.rc create mode 100644 kdc/kdc.cat8 delete mode 100644 kdc/kerberos4.c create mode 100644 kdc/kstash-version.rc create mode 100644 kdc/kstash.cat8 create mode 100644 kdc/libkdc-exports.def create mode 100644 kdc/libkdc-version.rc create mode 100644 kdc/string2key-version.rc create mode 100644 kdc/string2key.cat8 delete mode 100644 kdc/v4_dump.c create mode 100644 kpasswd/NTMakefile create mode 100644 kpasswd/kpasswd.cat1 create mode 100644 kpasswd/kpasswdd.cat8 create mode 100644 kuser/NTMakefile create mode 100644 kuser/kcc-commands.in create mode 100644 kuser/kcc-version.rc create mode 100644 kuser/kcc.c create mode 100644 kuser/kdestroy-version.rc create mode 100644 kuser/kdestroy.cat1 create mode 100644 kuser/kdigest-version.rc create mode 100644 kuser/kdigest.8 create mode 100644 kuser/kdigest.cat8 create mode 100644 kuser/kgetcred-version.rc create mode 100644 kuser/kgetcred.cat1 create mode 100644 kuser/kimpersonate-version.rc rename kuser/{kimpersonate.1 => kimpersonate.8} (56%) create mode 100644 kuser/kimpersonate.cat8 create mode 100644 kuser/kinit-version.rc create mode 100644 kuser/kinit.cat1 create mode 100644 kuser/klist.cat1 rename lib/krb5/krb5_context.3 => kuser/kswitch.1 (65%) create mode 100644 kuser/kswitch.c create mode 100644 kuser/kswitch.cat1 delete mode 100644 lib/45/Makefile.am delete mode 100644 lib/45/get_ad_tkt.c delete mode 100644 lib/45/mk_req.c create mode 100644 lib/NTMakefile create mode 100644 lib/asn1/NTMakefile create mode 100644 lib/asn1/asn1-template.h create mode 100644 lib/asn1/asn1_compile-version.rc rename lib/asn1/{parse.c => asn1parse.c} (75%) rename lib/asn1/{parse.h => asn1parse.h} (99%) rename lib/asn1/{parse.y => asn1parse.y} (87%) create mode 100644 lib/asn1/check-ber.c create mode 100644 lib/asn1/check-template.c rename lib/asn1/{CMS.asn1 => cms.asn1} (92%) create mode 100644 lib/asn1/cms.opt create mode 100644 lib/asn1/der-private.h create mode 100644 lib/asn1/gen_template.c rename lib/asn1/{k5.asn1 => krb5.asn1} (72%) create mode 100644 lib/asn1/krb5.opt create mode 100644 lib/asn1/libasn1-exports.def create mode 100644 lib/asn1/template.c create mode 100644 lib/asn1/version-script.map delete mode 100644 lib/auth/ChangeLog delete mode 100644 lib/auth/Makefile.am delete mode 100644 lib/auth/afskauthlib/Makefile.am delete mode 100644 lib/auth/afskauthlib/verify.c delete mode 100644 lib/auth/pam/Makefile.am delete mode 100644 lib/auth/pam/pam.c delete mode 100644 lib/auth/pam/pam.conf.add delete mode 100644 lib/auth/sia/Makefile.am delete mode 100644 lib/auth/sia/krb5+c2_matrix.conf delete mode 100644 lib/auth/sia/krb5_matrix.conf delete mode 100755 lib/auth/sia/make-rpath delete mode 100644 lib/auth/sia/posix_getpw.c delete mode 100644 lib/auth/sia/security.patch delete mode 100644 lib/auth/sia/sia.c create mode 100644 lib/com_err/NTMakefile create mode 100644 lib/com_err/compile_et-version.rc create mode 100644 lib/com_err/libcom_err-exports.def create mode 100644 lib/com_err/libcom_err-version.rc create mode 100644 lib/gssapi/NTMakefile create mode 100644 lib/gssapi/gss_acquire_cred.cat3 create mode 100644 lib/gssapi/gssapi.cat3 create mode 100644 lib/gssapi/gssapi/gssapi_ntlm.h create mode 100644 lib/gssapi/gssapi/gssapi_oid.h rename lib/gssapi/{gss.c => gsstool.c} (50%) create mode 100644 lib/gssapi/krb5/aeap.c create mode 100644 lib/gssapi/krb5/authorize_localname.c create mode 100644 lib/gssapi/krb5/creds.c create mode 100644 lib/gssapi/krb5/pname_to_uid.c create mode 100644 lib/gssapi/krb5/store_cred.c delete mode 100644 lib/gssapi/krb5/v1.c create mode 100644 lib/gssapi/libgssapi-exports.def create mode 100644 lib/gssapi/libgssapi-version.rc create mode 100644 lib/gssapi/mech/compat.h create mode 100644 lib/gssapi/mech/context.c create mode 100644 lib/gssapi/mech/context.h create mode 100644 lib/gssapi/mech/cred.h create mode 100644 lib/gssapi/mech/doxygen.c create mode 100644 lib/gssapi/mech/gss_accept_sec_context.c create mode 100644 lib/gssapi/mech/gss_acquire_cred.c create mode 100644 lib/gssapi/mech/gss_acquire_cred_ext.c create mode 100644 lib/gssapi/mech/gss_acquire_cred_with_password.c create mode 100644 lib/gssapi/mech/gss_add_cred.c create mode 100644 lib/gssapi/mech/gss_add_cred_with_password.c create mode 100644 lib/gssapi/mech/gss_add_oid_set_member.c create mode 100644 lib/gssapi/mech/gss_aeap.c create mode 100644 lib/gssapi/mech/gss_authorize_localname.c create mode 100644 lib/gssapi/mech/gss_buffer_set.c create mode 100644 lib/gssapi/mech/gss_canonicalize_name.c create mode 100644 lib/gssapi/mech/gss_compare_name.c create mode 100644 lib/gssapi/mech/gss_context_time.c create mode 100644 lib/gssapi/mech/gss_create_empty_oid_set.c create mode 100644 lib/gssapi/mech/gss_cred.c create mode 100644 lib/gssapi/mech/gss_decapsulate_token.c create mode 100644 lib/gssapi/mech/gss_delete_name_attribute.c create mode 100644 lib/gssapi/mech/gss_delete_sec_context.c create mode 100644 lib/gssapi/mech/gss_display_name.c create mode 100644 lib/gssapi/mech/gss_display_name_ext.c create mode 100644 lib/gssapi/mech/gss_display_status.c create mode 100644 lib/gssapi/mech/gss_duplicate_name.c create mode 100644 lib/gssapi/mech/gss_duplicate_oid.c create mode 100644 lib/gssapi/mech/gss_encapsulate_token.c create mode 100644 lib/gssapi/mech/gss_export_name.c create mode 100644 lib/gssapi/mech/gss_export_name_composite.c create mode 100644 lib/gssapi/mech/gss_export_sec_context.c create mode 100644 lib/gssapi/mech/gss_get_mic.c create mode 100644 lib/gssapi/mech/gss_get_name_attribute.c create mode 100644 lib/gssapi/mech/gss_import_name.c create mode 100644 lib/gssapi/mech/gss_import_sec_context.c create mode 100644 lib/gssapi/mech/gss_indicate_mechs.c create mode 100644 lib/gssapi/mech/gss_init_sec_context.c create mode 100644 lib/gssapi/mech/gss_inquire_context.c create mode 100644 lib/gssapi/mech/gss_inquire_cred.c create mode 100644 lib/gssapi/mech/gss_inquire_cred_by_mech.c create mode 100644 lib/gssapi/mech/gss_inquire_cred_by_oid.c create mode 100644 lib/gssapi/mech/gss_inquire_mechs_for_name.c create mode 100644 lib/gssapi/mech/gss_inquire_name.c create mode 100644 lib/gssapi/mech/gss_inquire_names_for_mech.c create mode 100644 lib/gssapi/mech/gss_inquire_sec_context_by_oid.c create mode 100644 lib/gssapi/mech/gss_krb5.c create mode 100644 lib/gssapi/mech/gss_mech_switch.c create mode 100644 lib/gssapi/mech/gss_mo.c create mode 100644 lib/gssapi/mech/gss_names.c create mode 100644 lib/gssapi/mech/gss_oid.c create mode 100644 lib/gssapi/mech/gss_oid_equal.c create mode 100644 lib/gssapi/mech/gss_oid_to_str.c create mode 100644 lib/gssapi/mech/gss_pname_to_uid.c create mode 100644 lib/gssapi/mech/gss_process_context_token.c create mode 100644 lib/gssapi/mech/gss_pseudo_random.c create mode 100644 lib/gssapi/mech/gss_release_buffer.c create mode 100644 lib/gssapi/mech/gss_release_cred.c create mode 100644 lib/gssapi/mech/gss_release_name.c create mode 100644 lib/gssapi/mech/gss_release_oid.c create mode 100644 lib/gssapi/mech/gss_release_oid_set.c create mode 100644 lib/gssapi/mech/gss_seal.c create mode 100644 lib/gssapi/mech/gss_set_cred_option.c create mode 100644 lib/gssapi/mech/gss_set_name_attribute.c create mode 100644 lib/gssapi/mech/gss_set_sec_context_option.c create mode 100644 lib/gssapi/mech/gss_sign.c create mode 100644 lib/gssapi/mech/gss_store_cred.c create mode 100644 lib/gssapi/mech/gss_test_oid_set_member.c create mode 100644 lib/gssapi/mech/gss_unseal.c create mode 100644 lib/gssapi/mech/gss_unwrap.c create mode 100644 lib/gssapi/mech/gss_utils.c create mode 100644 lib/gssapi/mech/gss_verify.c create mode 100644 lib/gssapi/mech/gss_verify_mic.c create mode 100644 lib/gssapi/mech/gss_wrap.c create mode 100644 lib/gssapi/mech/gss_wrap_size_limit.c create mode 100644 lib/gssapi/mech/gssapi.asn1 create mode 100644 lib/gssapi/mech/mech.5 create mode 100644 lib/gssapi/mech/mech.cat5 rename lib/{sl/make_cmds.h => gssapi/mech/mech_locl.h} (54%) create mode 100644 lib/gssapi/mech/mech_switch.h create mode 100644 lib/gssapi/mech/mechqueue.h create mode 100644 lib/gssapi/mech/name.h create mode 100644 lib/gssapi/mech/utils.h create mode 100644 lib/gssapi/ntlm/creds.c delete mode 100644 lib/gssapi/ntlm/inquire_cred.c create mode 100644 lib/gssapi/ntlm/inquire_sec_context_by_oid.c create mode 100644 lib/gssapi/ntlm/iter_cred.c rename lib/gssapi/ntlm/{digest.c => kdc.c} (87%) create mode 100644 lib/gssapi/spnego/spnego.opt create mode 100644 lib/hcrypto/ChangeLog create mode 100644 lib/hcrypto/DESperate.txt create mode 100644 lib/hcrypto/Makefile.am create mode 100644 lib/hcrypto/Makefile.in create mode 100644 lib/hcrypto/NTMakefile create mode 100644 lib/hcrypto/aes.c create mode 100644 lib/hcrypto/aes.h create mode 100644 lib/hcrypto/bn.c create mode 100644 lib/hcrypto/bn.h create mode 100644 lib/hcrypto/camellia-ntt.c create mode 100644 lib/hcrypto/camellia-ntt.h create mode 100644 lib/hcrypto/camellia.c create mode 100644 lib/hcrypto/camellia.h create mode 100644 lib/hcrypto/common.c create mode 100644 lib/hcrypto/common.h create mode 100644 lib/hcrypto/des-tables.h create mode 100644 lib/hcrypto/des.c create mode 100644 lib/hcrypto/des.h create mode 100644 lib/hcrypto/destest.c create mode 100644 lib/hcrypto/dh-ltm.c create mode 100644 lib/hcrypto/dh.c create mode 100644 lib/hcrypto/dh.h create mode 100644 lib/hcrypto/dllmain.c create mode 100644 lib/hcrypto/doxygen.c create mode 100644 lib/hcrypto/dsa.c create mode 100644 lib/hcrypto/dsa.h create mode 100644 lib/hcrypto/ec.h create mode 100644 lib/hcrypto/ecdh.h create mode 100644 lib/hcrypto/ecdsa.h create mode 100644 lib/hcrypto/engine.c create mode 100644 lib/hcrypto/engine.h create mode 100644 lib/hcrypto/evp-cc.c create mode 100644 lib/hcrypto/evp-cc.h create mode 100644 lib/hcrypto/evp-hcrypto.c create mode 100644 lib/hcrypto/evp-hcrypto.h create mode 100644 lib/hcrypto/evp.c create mode 100644 lib/hcrypto/evp.h create mode 100644 lib/hcrypto/example_evp_cipher.c create mode 100644 lib/hcrypto/gen-des.pl rename lib/{auth/sia/sia_locl.h => hcrypto/hash.h} (56%) create mode 100644 lib/hcrypto/hmac.c create mode 100644 lib/hcrypto/hmac.h create mode 100644 lib/hcrypto/libhcrypto-exports.def create mode 100644 lib/hcrypto/libtommath/bn_error.c create mode 100644 lib/hcrypto/libtommath/bn_fast_mp_invmod.c create mode 100644 lib/hcrypto/libtommath/bn_fast_mp_montgomery_reduce.c create mode 100644 lib/hcrypto/libtommath/bn_fast_s_mp_mul_digs.c create mode 100644 lib/hcrypto/libtommath/bn_fast_s_mp_mul_high_digs.c create mode 100644 lib/hcrypto/libtommath/bn_fast_s_mp_sqr.c create mode 100644 lib/hcrypto/libtommath/bn_mp_2expt.c create mode 100644 lib/hcrypto/libtommath/bn_mp_abs.c create mode 100644 lib/hcrypto/libtommath/bn_mp_add.c create mode 100644 lib/hcrypto/libtommath/bn_mp_add_d.c create mode 100644 lib/hcrypto/libtommath/bn_mp_addmod.c create mode 100644 lib/hcrypto/libtommath/bn_mp_and.c create mode 100644 lib/hcrypto/libtommath/bn_mp_clamp.c create mode 100644 lib/hcrypto/libtommath/bn_mp_clear.c create mode 100644 lib/hcrypto/libtommath/bn_mp_clear_multi.c create mode 100644 lib/hcrypto/libtommath/bn_mp_cmp.c create mode 100644 lib/hcrypto/libtommath/bn_mp_cmp_d.c create mode 100644 lib/hcrypto/libtommath/bn_mp_cmp_mag.c create mode 100644 lib/hcrypto/libtommath/bn_mp_cnt_lsb.c create mode 100644 lib/hcrypto/libtommath/bn_mp_copy.c create mode 100644 lib/hcrypto/libtommath/bn_mp_count_bits.c create mode 100644 lib/hcrypto/libtommath/bn_mp_div.c create mode 100644 lib/hcrypto/libtommath/bn_mp_div_2.c create mode 100644 lib/hcrypto/libtommath/bn_mp_div_2d.c create mode 100644 lib/hcrypto/libtommath/bn_mp_div_3.c create mode 100644 lib/hcrypto/libtommath/bn_mp_div_d.c create mode 100644 lib/hcrypto/libtommath/bn_mp_dr_is_modulus.c create mode 100644 lib/hcrypto/libtommath/bn_mp_dr_reduce.c create mode 100644 lib/hcrypto/libtommath/bn_mp_dr_setup.c create mode 100644 lib/hcrypto/libtommath/bn_mp_exch.c create mode 100644 lib/hcrypto/libtommath/bn_mp_expt_d.c create mode 100644 lib/hcrypto/libtommath/bn_mp_exptmod.c create mode 100644 lib/hcrypto/libtommath/bn_mp_exptmod_fast.c create mode 100644 lib/hcrypto/libtommath/bn_mp_exteuclid.c create mode 100644 lib/hcrypto/libtommath/bn_mp_find_prime.c create mode 100644 lib/hcrypto/libtommath/bn_mp_fread.c create mode 100644 lib/hcrypto/libtommath/bn_mp_fwrite.c create mode 100644 lib/hcrypto/libtommath/bn_mp_gcd.c create mode 100644 lib/hcrypto/libtommath/bn_mp_get_int.c create mode 100644 lib/hcrypto/libtommath/bn_mp_grow.c create mode 100644 lib/hcrypto/libtommath/bn_mp_init.c create mode 100644 lib/hcrypto/libtommath/bn_mp_init_copy.c create mode 100644 lib/hcrypto/libtommath/bn_mp_init_multi.c create mode 100644 lib/hcrypto/libtommath/bn_mp_init_set.c create mode 100644 lib/hcrypto/libtommath/bn_mp_init_set_int.c create mode 100644 lib/hcrypto/libtommath/bn_mp_init_size.c create mode 100644 lib/hcrypto/libtommath/bn_mp_invmod.c create mode 100644 lib/hcrypto/libtommath/bn_mp_invmod_slow.c create mode 100644 lib/hcrypto/libtommath/bn_mp_is_square.c create mode 100644 lib/hcrypto/libtommath/bn_mp_isprime.c create mode 100644 lib/hcrypto/libtommath/bn_mp_jacobi.c create mode 100644 lib/hcrypto/libtommath/bn_mp_karatsuba_mul.c create mode 100644 lib/hcrypto/libtommath/bn_mp_karatsuba_sqr.c create mode 100644 lib/hcrypto/libtommath/bn_mp_lcm.c create mode 100644 lib/hcrypto/libtommath/bn_mp_lshd.c create mode 100644 lib/hcrypto/libtommath/bn_mp_mod.c create mode 100644 lib/hcrypto/libtommath/bn_mp_mod_2d.c create mode 100644 lib/hcrypto/libtommath/bn_mp_mod_d.c create mode 100644 lib/hcrypto/libtommath/bn_mp_montgomery_calc_normalization.c create mode 100644 lib/hcrypto/libtommath/bn_mp_montgomery_reduce.c create mode 100644 lib/hcrypto/libtommath/bn_mp_montgomery_setup.c create mode 100644 lib/hcrypto/libtommath/bn_mp_mul.c create mode 100644 lib/hcrypto/libtommath/bn_mp_mul_2.c create mode 100644 lib/hcrypto/libtommath/bn_mp_mul_2d.c create mode 100644 lib/hcrypto/libtommath/bn_mp_mul_d.c create mode 100644 lib/hcrypto/libtommath/bn_mp_mulmod.c create mode 100644 lib/hcrypto/libtommath/bn_mp_n_root.c create mode 100644 lib/hcrypto/libtommath/bn_mp_neg.c create mode 100644 lib/hcrypto/libtommath/bn_mp_or.c create mode 100644 lib/hcrypto/libtommath/bn_mp_prime_fermat.c create mode 100644 lib/hcrypto/libtommath/bn_mp_prime_is_divisible.c create mode 100644 lib/hcrypto/libtommath/bn_mp_prime_is_prime.c create mode 100644 lib/hcrypto/libtommath/bn_mp_prime_miller_rabin.c create mode 100644 lib/hcrypto/libtommath/bn_mp_prime_next_prime.c create mode 100644 lib/hcrypto/libtommath/bn_mp_prime_rabin_miller_trials.c create mode 100644 lib/hcrypto/libtommath/bn_mp_prime_random_ex.c create mode 100644 lib/hcrypto/libtommath/bn_mp_radix_size.c create mode 100644 lib/hcrypto/libtommath/bn_mp_radix_smap.c create mode 100644 lib/hcrypto/libtommath/bn_mp_rand.c create mode 100644 lib/hcrypto/libtommath/bn_mp_read_radix.c create mode 100644 lib/hcrypto/libtommath/bn_mp_read_signed_bin.c create mode 100644 lib/hcrypto/libtommath/bn_mp_read_unsigned_bin.c create mode 100644 lib/hcrypto/libtommath/bn_mp_reduce.c create mode 100644 lib/hcrypto/libtommath/bn_mp_reduce_2k.c create mode 100644 lib/hcrypto/libtommath/bn_mp_reduce_2k_l.c create mode 100644 lib/hcrypto/libtommath/bn_mp_reduce_2k_setup.c create mode 100644 lib/hcrypto/libtommath/bn_mp_reduce_2k_setup_l.c create mode 100644 lib/hcrypto/libtommath/bn_mp_reduce_is_2k.c create mode 100644 lib/hcrypto/libtommath/bn_mp_reduce_is_2k_l.c create mode 100644 lib/hcrypto/libtommath/bn_mp_reduce_setup.c create mode 100644 lib/hcrypto/libtommath/bn_mp_rshd.c create mode 100644 lib/hcrypto/libtommath/bn_mp_set.c create mode 100644 lib/hcrypto/libtommath/bn_mp_set_int.c create mode 100644 lib/hcrypto/libtommath/bn_mp_shrink.c create mode 100644 lib/hcrypto/libtommath/bn_mp_signed_bin_size.c create mode 100644 lib/hcrypto/libtommath/bn_mp_sqr.c create mode 100644 lib/hcrypto/libtommath/bn_mp_sqrmod.c create mode 100644 lib/hcrypto/libtommath/bn_mp_sqrt.c create mode 100644 lib/hcrypto/libtommath/bn_mp_sub.c create mode 100644 lib/hcrypto/libtommath/bn_mp_sub_d.c create mode 100644 lib/hcrypto/libtommath/bn_mp_submod.c create mode 100644 lib/hcrypto/libtommath/bn_mp_to_signed_bin.c create mode 100644 lib/hcrypto/libtommath/bn_mp_to_signed_bin_n.c create mode 100644 lib/hcrypto/libtommath/bn_mp_to_unsigned_bin.c create mode 100644 lib/hcrypto/libtommath/bn_mp_to_unsigned_bin_n.c create mode 100644 lib/hcrypto/libtommath/bn_mp_toom_mul.c create mode 100644 lib/hcrypto/libtommath/bn_mp_toom_sqr.c create mode 100644 lib/hcrypto/libtommath/bn_mp_toradix.c create mode 100644 lib/hcrypto/libtommath/bn_mp_toradix_n.c create mode 100644 lib/hcrypto/libtommath/bn_mp_unsigned_bin_size.c create mode 100644 lib/hcrypto/libtommath/bn_mp_xor.c create mode 100644 lib/hcrypto/libtommath/bn_mp_zero.c create mode 100644 lib/hcrypto/libtommath/bn_mp_zero_multi.c create mode 100644 lib/hcrypto/libtommath/bn_prime_tab.c create mode 100644 lib/hcrypto/libtommath/bn_reverse.c create mode 100644 lib/hcrypto/libtommath/bn_s_mp_add.c create mode 100644 lib/hcrypto/libtommath/bn_s_mp_exptmod.c create mode 100644 lib/hcrypto/libtommath/bn_s_mp_mul_digs.c create mode 100644 lib/hcrypto/libtommath/bn_s_mp_mul_high_digs.c create mode 100644 lib/hcrypto/libtommath/bn_s_mp_sqr.c create mode 100644 lib/hcrypto/libtommath/bn_s_mp_sub.c create mode 100644 lib/hcrypto/libtommath/bncore.c create mode 100644 lib/hcrypto/libtommath/tommath.h create mode 100644 lib/hcrypto/libtommath/tommath_class.h create mode 100644 lib/hcrypto/libtommath/tommath_superclass.h create mode 100644 lib/hcrypto/md2.c create mode 100644 lib/hcrypto/md2.h create mode 100644 lib/hcrypto/md4.c create mode 100644 lib/hcrypto/md4.h create mode 100644 lib/hcrypto/md5.c create mode 100644 lib/hcrypto/md5.h create mode 100644 lib/hcrypto/md5crypt_test.c create mode 100644 lib/hcrypto/mdtest.c create mode 100644 lib/hcrypto/passwd_dialog.aps create mode 100644 lib/hcrypto/passwd_dialog.clw create mode 100644 lib/hcrypto/passwd_dialog.rc create mode 100644 lib/hcrypto/passwd_dialog.res create mode 100644 lib/hcrypto/passwd_dlg.c create mode 100644 lib/hcrypto/passwd_dlg.h create mode 100644 lib/hcrypto/pkcs12.c create mode 100644 lib/hcrypto/pkcs12.h create mode 100644 lib/hcrypto/pkcs5.c create mode 100644 lib/hcrypto/rand-egd.c create mode 100644 lib/hcrypto/rand-fortuna.c create mode 100644 lib/hcrypto/rand-timer.c create mode 100644 lib/hcrypto/rand-unix.c create mode 100644 lib/hcrypto/rand.c create mode 100644 lib/hcrypto/rand.h create mode 100644 lib/hcrypto/randi.h create mode 100644 lib/hcrypto/rc2.c create mode 100644 lib/hcrypto/rc2.h create mode 100644 lib/hcrypto/rc2test.c create mode 100644 lib/hcrypto/rc4.c create mode 100644 lib/hcrypto/rc4.h create mode 100644 lib/hcrypto/rctest.c create mode 100644 lib/hcrypto/resource.h create mode 100644 lib/hcrypto/rijndael-alg-fst.c create mode 100644 lib/hcrypto/rijndael-alg-fst.h create mode 100644 lib/hcrypto/rnd_keys.c create mode 100644 lib/hcrypto/rsa-gmp.c create mode 100644 lib/hcrypto/rsa-ltm.c create mode 100644 lib/hcrypto/rsa.c create mode 100644 lib/hcrypto/rsa.h create mode 100644 lib/hcrypto/rsakey.der create mode 100644 lib/hcrypto/rsakey2048.der create mode 100644 lib/hcrypto/rsakey4096.der create mode 100644 lib/hcrypto/sha.c create mode 100644 lib/hcrypto/sha.h create mode 100644 lib/hcrypto/sha256.c create mode 100644 lib/hcrypto/sha512.c create mode 100644 lib/hcrypto/test_bn.c create mode 100644 lib/hcrypto/test_cipher.c create mode 100644 lib/hcrypto/test_crypto.in create mode 100644 lib/hcrypto/test_dh.c create mode 100644 lib/hcrypto/test_engine_dso.c create mode 100644 lib/hcrypto/test_hmac.c create mode 100644 lib/hcrypto/test_pkcs12.c create mode 100644 lib/hcrypto/test_pkcs5.c create mode 100644 lib/hcrypto/test_rand.c create mode 100644 lib/hcrypto/test_rsa.c create mode 100644 lib/hcrypto/ui.c create mode 100644 lib/hcrypto/ui.h create mode 100644 lib/hcrypto/validate.c create mode 100644 lib/hcrypto/version-script.map create mode 100644 lib/hdb/NTMakefile create mode 100644 lib/hdb/data-mkey.mit.des3.be create mode 100644 lib/hdb/data-mkey.mit.des3.le create mode 100644 lib/hdb/hdb-keytab.c create mode 100644 lib/hdb/hdb-mitdb.c create mode 100644 lib/hdb/hdb-sqlite.c create mode 100644 lib/hdb/libhdb-exports.def create mode 100644 lib/hdb/libhdb-version.rc create mode 100644 lib/hdb/test_hdbkeys.c create mode 100644 lib/hdb/test_mkey.c create mode 100644 lib/hdb/version-script.map create mode 100644 lib/heimdal/NTMakefile create mode 100644 lib/heimdal/dllmain.c create mode 100644 lib/heimdal/heimdal-version.rc create mode 100644 lib/hx509/NTMakefile create mode 100644 lib/hx509/TODO create mode 100644 lib/hx509/char_map.h create mode 100644 lib/hx509/data/n0ll.pem create mode 100644 lib/hx509/data/pkinit-ec.crt create mode 100644 lib/hx509/data/pkinit-ec.key create mode 100644 lib/hx509/data/secp160r1TestCA.cert.pem create mode 100644 lib/hx509/data/secp160r1TestCA.key.pem create mode 100644 lib/hx509/data/secp160r1TestCA.pem create mode 100644 lib/hx509/data/secp160r2TestClient.cert.pem create mode 100644 lib/hx509/data/secp160r2TestClient.key.pem create mode 100644 lib/hx509/data/secp160r2TestClient.pem create mode 100644 lib/hx509/data/secp160r2TestServer.cert.pem create mode 100644 lib/hx509/data/secp160r2TestServer.key.pem create mode 100644 lib/hx509/data/secp160r2TestServer.pem create mode 100644 lib/hx509/data/test-signed-sha-1 create mode 100644 lib/hx509/data/test-signed-sha-256 create mode 100644 lib/hx509/data/test-signed-sha-512 create mode 100644 lib/hx509/data/win-u16-in-printablestring.der create mode 100644 lib/hx509/hxtool-version.rc create mode 100644 lib/hx509/libhx509-exports.def create mode 100644 lib/hx509/ocsp.opt create mode 100644 lib/hx509/pkcs10.opt create mode 100644 lib/hx509/quote.py rename lib/{sl/parse.c => hx509/sel-gram.c} (83%) rename lib/{sl/parse.h => hx509/sel-gram.h} (82%) create mode 100644 lib/hx509/sel-gram.y rename lib/{sl/lex.c => hx509/sel-lex.c} (85%) create mode 100644 lib/hx509/sel-lex.l create mode 100644 lib/hx509/sel.c create mode 100644 lib/hx509/sel.h create mode 100644 lib/hx509/test_expr.c create mode 100644 lib/ipc/Makefile.am create mode 100644 lib/ipc/Makefile.in create mode 100644 lib/ipc/client.c create mode 100644 lib/ipc/common.c create mode 100644 lib/ipc/heim-ipc.h create mode 100644 lib/ipc/heim_ipc.defs create mode 100644 lib/ipc/heim_ipc_async.defs create mode 100644 lib/ipc/heim_ipc_reply.defs create mode 100644 lib/ipc/heim_ipc_types.h create mode 100644 lib/ipc/hi_locl.h create mode 100644 lib/ipc/server.c create mode 100644 lib/ipc/tc.c create mode 100644 lib/ipc/ts-http.c create mode 100644 lib/ipc/ts.c create mode 100644 lib/kadm5/NTMakefile create mode 100644 lib/kadm5/iprop-log-version.rc create mode 100644 lib/kadm5/iprop-log.cat8 create mode 100644 lib/kadm5/iprop.cat8 create mode 100644 lib/kadm5/ipropd-master-version.rc create mode 100644 lib/kadm5/ipropd-slave-version.rc create mode 100644 lib/kadm5/kadm5_pwcheck.cat3 create mode 100644 lib/kadm5/libkadm5srv-exports.def create mode 100644 lib/kadm5/libkadm5srv-version.rc create mode 100644 lib/kafs/NTMakefile delete mode 100644 lib/kafs/README.dlfcn delete mode 100644 lib/kafs/afskrb.c delete mode 100644 lib/kafs/dlfcn.c delete mode 100644 lib/kafs/dlfcn.h create mode 100644 lib/kafs/kafs.cat3 create mode 100644 lib/kdfs/ChangeLog create mode 100644 lib/kdfs/Makefile.am rename lib/{45 => kdfs}/Makefile.in (70%) create mode 100644 lib/kdfs/NTMakefile create mode 100644 lib/kdfs/k5dfspag.c create mode 100644 lib/krb5/NTMakefile create mode 100644 lib/krb5/ccache_plugin.h delete mode 100644 lib/krb5/config_file_netinfo.c create mode 100644 lib/krb5/crypto-aes.c create mode 100644 lib/krb5/crypto-algs.c create mode 100644 lib/krb5/crypto-arcfour.c create mode 100644 lib/krb5/crypto-des-common.c create mode 100644 lib/krb5/crypto-des.c create mode 100644 lib/krb5/crypto-des3.c create mode 100644 lib/krb5/crypto-evp.c create mode 100644 lib/krb5/crypto-null.c create mode 100644 lib/krb5/crypto-pk.c create mode 100644 lib/krb5/crypto-rand.c create mode 100644 lib/krb5/crypto-stubs.c create mode 100644 lib/krb5/crypto.h create mode 100644 lib/krb5/deprecated.c create mode 100644 lib/krb5/expand_path.c delete mode 100644 lib/krb5/get_in_tkt_pw.c delete mode 100644 lib/krb5/get_in_tkt_with_keytab.c delete mode 100644 lib/krb5/get_in_tkt_with_skey.c create mode 100644 lib/krb5/kerberos.cat8 delete mode 100644 lib/krb5/keytab_krb4.c delete mode 100644 lib/krb5/krb5.3 create mode 100644 lib/krb5/krb5.conf.cat5 create mode 100644 lib/krb5/krb524_convert_creds_kdc.cat3 create mode 100644 lib/krb5/krb5_425_conv_principal.cat3 create mode 100644 lib/krb5/krb5_acl_match_file.cat3 delete mode 100644 lib/krb5/krb5_address.3 create mode 100644 lib/krb5/krb5_aname_to_localname.cat3 create mode 100644 lib/krb5/krb5_appdefault.cat3 create mode 100644 lib/krb5/krb5_auth_context.cat3 create mode 100644 lib/krb5/krb5_c_make_checksum.cat3 delete mode 100644 lib/krb5/krb5_ccache.3 create mode 100644 lib/krb5/krb5_check_transited.cat3 delete mode 100644 lib/krb5/krb5_compare_creds.3 delete mode 100644 lib/krb5/krb5_config.3 create mode 100644 lib/krb5/krb5_create_checksum.cat3 create mode 100644 lib/krb5/krb5_creds.cat3 delete mode 100644 lib/krb5/krb5_data.3 create mode 100644 lib/krb5/krb5_digest.cat3 create mode 100644 lib/krb5/krb5_eai_to_heim_errno.cat3 create mode 100644 lib/krb5/krb5_encrypt.cat3 create mode 100644 lib/krb5/krb5_find_padata.cat3 create mode 100644 lib/krb5/krb5_generate_random_block.cat3 create mode 100644 lib/krb5/krb5_get_all_client_addrs.cat3 create mode 100644 lib/krb5/krb5_get_credentials.cat3 create mode 100644 lib/krb5/krb5_get_creds.cat3 create mode 100644 lib/krb5/krb5_get_forwarded_creds.cat3 create mode 100644 lib/krb5/krb5_get_in_cred.cat3 create mode 100644 lib/krb5/krb5_get_init_creds.cat3 create mode 100644 lib/krb5/krb5_get_krbhst.cat3 create mode 100644 lib/krb5/krb5_getportbyname.cat3 create mode 100644 lib/krb5/krb5_init_context.cat3 create mode 100644 lib/krb5/krb5_is_thread_safe.cat3 delete mode 100644 lib/krb5/krb5_keyblock.3 delete mode 100644 lib/krb5/krb5_keytab.3 create mode 100644 lib/krb5/krb5_krbhst_init.cat3 delete mode 100644 lib/krb5/krb5_kuserok.3 create mode 100644 lib/krb5/krb5_mk_req.cat3 create mode 100644 lib/krb5/krb5_mk_safe.cat3 create mode 100644 lib/krb5/krb5_openlog.cat3 create mode 100644 lib/krb5/krb5_parse_name.cat3 create mode 100644 lib/krb5/krb5_principal.cat3 create mode 100644 lib/krb5/krb5_rcache.cat3 create mode 100644 lib/krb5/krb5_rd_error.cat3 create mode 100644 lib/krb5/krb5_rd_safe.cat3 create mode 100644 lib/krb5/krb5_set_default_realm.cat3 create mode 100644 lib/krb5/krb5_set_password.cat3 delete mode 100644 lib/krb5/krb5_storage.3 create mode 100644 lib/krb5/krb5_string_to_key.cat3 delete mode 100644 lib/krb5/krb5_ticket.3 create mode 100644 lib/krb5/krb5_timeofday.cat3 create mode 100644 lib/krb5/krb5_verify_init_creds.cat3 create mode 100644 lib/krb5/krb5_verify_user.cat3 delete mode 100644 lib/krb5/krb5_warn.3 delete mode 100644 lib/krb5/name-45-test.c create mode 100644 lib/krb5/pcache.c create mode 100644 lib/krb5/salt-aes.c create mode 100644 lib/krb5/salt-arcfour.c create mode 100644 lib/krb5/salt-des.c create mode 100644 lib/krb5/salt-des3.c create mode 100644 lib/krb5/salt.c create mode 100644 lib/krb5/scache.c create mode 100644 lib/krb5/send_to_kdc_plugin.h create mode 100644 lib/krb5/store-int.c rename tests/kdc/ap-req.c => lib/krb5/test_ap-req.c (86%) create mode 100644 lib/krb5/test_config_strings.cfg create mode 100644 lib/krb5/test_fx.c create mode 100644 lib/krb5/test_gic.c create mode 100644 lib/krb5/test_pknistkdf.c create mode 100644 lib/krb5/test_rfc3961.c create mode 100644 lib/krb5/test_x500.c delete mode 100644 lib/krb5/v4_glue.c create mode 100644 lib/krb5/verify_krb5_conf-version.rc create mode 100644 lib/krb5/verify_krb5_conf.cat8 create mode 100644 lib/libedit/COPYING create mode 100644 lib/libedit/ChangeLog create mode 100644 lib/libedit/INSTALL create mode 100644 lib/libedit/Makefile.am create mode 100644 lib/libedit/Makefile.in create mode 100644 lib/libedit/THANKS create mode 100644 lib/libedit/acinclude.m4 create mode 100644 lib/libedit/aclocal.m4 create mode 100755 lib/libedit/config.guess create mode 100644 lib/libedit/config.h.in create mode 100755 lib/libedit/config.sub create mode 100755 lib/libedit/configure create mode 100644 lib/libedit/configure.ac create mode 100755 lib/libedit/depcomp create mode 100755 lib/libedit/install-sh create mode 100755 lib/libedit/ltmain.sh create mode 100755 lib/libedit/missing create mode 100644 lib/libedit/src/Makefile.am create mode 100644 lib/libedit/src/Makefile.in create mode 100644 lib/libedit/src/chared.c create mode 100644 lib/libedit/src/chared.h create mode 100644 lib/libedit/src/chartype.c create mode 100644 lib/libedit/src/chartype.h create mode 100644 lib/libedit/src/common.c create mode 100644 lib/libedit/src/editline/readline.h create mode 100644 lib/libedit/src/el.c create mode 100644 lib/libedit/src/el.h create mode 100644 lib/libedit/src/el_term.h create mode 100644 lib/libedit/src/eln.c create mode 100644 lib/libedit/src/emacs.c create mode 100644 lib/libedit/src/fgetln.c create mode 100644 lib/libedit/src/filecomplete.c create mode 100644 lib/libedit/src/filecomplete.h create mode 100644 lib/libedit/src/hist.c create mode 100644 lib/libedit/src/hist.h create mode 100644 lib/libedit/src/histedit.h create mode 100644 lib/libedit/src/history.c create mode 100644 lib/libedit/src/key.c create mode 100644 lib/libedit/src/key.h create mode 100644 lib/libedit/src/makelist create mode 100644 lib/libedit/src/map.c create mode 100644 lib/libedit/src/map.h create mode 100644 lib/libedit/src/parse.c create mode 100644 lib/libedit/src/parse.h create mode 100644 lib/libedit/src/prompt.c create mode 100644 lib/libedit/src/prompt.h create mode 100644 lib/libedit/src/read.c create mode 100644 lib/libedit/src/read.h create mode 100644 lib/libedit/src/readline.c create mode 100644 lib/libedit/src/refresh.c create mode 100644 lib/libedit/src/refresh.h create mode 100644 lib/libedit/src/search.c create mode 100644 lib/libedit/src/search.h create mode 100644 lib/libedit/src/shlib_version create mode 100644 lib/libedit/src/sig.c create mode 100644 lib/libedit/src/sig.h create mode 100644 lib/libedit/src/strlcat.c create mode 100644 lib/libedit/src/strlcpy.c create mode 100644 lib/libedit/src/sys.h create mode 100644 lib/libedit/src/term.c create mode 100644 lib/libedit/src/tokenizer.c create mode 100644 lib/libedit/src/tty.c create mode 100644 lib/libedit/src/tty.h create mode 100644 lib/libedit/src/unvis.c create mode 100644 lib/libedit/src/vi.c create mode 100644 lib/libedit/src/vis.c rename lib/{roken => libedit/src}/vis.h (59%) create mode 100644 lib/libedit/src/wcsdup.c create mode 100644 lib/ntlm/NTMakefile create mode 100644 lib/ntlm/libheimntlm-exports.def create mode 100644 lib/ntlm/libheimntlm-version.rc create mode 100644 lib/ntlm/ntlm_err.et create mode 100644 lib/otp/ChangeLog create mode 100644 lib/otp/Makefile.am create mode 100644 lib/otp/Makefile.in create mode 100644 lib/otp/NTMakefile create mode 100644 lib/otp/otp.c create mode 100644 lib/otp/otp.h create mode 100644 lib/otp/otp_challenge.c create mode 100644 lib/otp/otp_db.c rename lib/{vers/make-print-version.c => otp/otp_locl.h} (54%) create mode 100644 lib/otp/otp_md.c create mode 100644 lib/otp/otp_md.h create mode 100644 lib/otp/otp_parse.c create mode 100644 lib/otp/otp_print.c create mode 100644 lib/otp/otp_verify.c create mode 100644 lib/otp/otptest.c create mode 100644 lib/otp/roken_rename.h create mode 100644 lib/otp/version-script.map create mode 100644 lib/roken/NTMakefile create mode 100644 lib/roken/cloexec.c create mode 100644 lib/roken/ct.c create mode 100644 lib/roken/doxygen.c create mode 100644 lib/roken/ecalloc.cat3 create mode 100644 lib/roken/getarg.cat3 create mode 100644 lib/roken/getifaddrs-test.c create mode 100644 lib/roken/parse_time.cat3 create mode 100644 lib/roken/qsort.c create mode 100644 lib/roken/rand.c create mode 100644 lib/roken/rkpty.c create mode 100644 lib/roken/rtbl.cat3 create mode 100644 lib/roken/search.hin delete mode 100644 lib/roken/snprintf-test.h create mode 100644 lib/roken/strerror_r.c create mode 100644 lib/roken/tsearch-test.c create mode 100644 lib/roken/tsearch.c create mode 100644 lib/roken/version-script.map create mode 100644 lib/roken/xfree.c create mode 100644 lib/sl/NTMakefile delete mode 100644 lib/sl/lex.l delete mode 100644 lib/sl/make_cmds.c delete mode 100644 lib/sl/parse.y delete mode 100644 lib/sl/ss.c create mode 100644 lib/sqlite/Makefile.am rename lib/{auth => sqlite}/Makefile.in (61%) create mode 100644 lib/sqlite/NTMakefile create mode 100644 lib/sqlite/sqlite3.c create mode 100644 lib/sqlite/sqlite3.h create mode 100644 lib/sqlite/sqlite3ext.h create mode 100644 lib/vers/NTMakefile create mode 100644 lib/wind/ChangeLog create mode 100644 lib/wind/CompositionExclusions-3.2.0.txt create mode 100644 lib/wind/DerivedNormalizationProps.txt create mode 100644 lib/wind/Makefile.am create mode 100644 lib/wind/Makefile.in create mode 100644 lib/wind/NTMakefile create mode 100644 lib/wind/NormalizationCorrections.txt create mode 100644 lib/wind/NormalizationTest.txt rename lib/{auth/sia/krb4+c2_matrix.conf => wind/UnicodeData.py} (50%) create mode 100644 lib/wind/UnicodeData.txt create mode 100644 lib/wind/bidi.c create mode 100644 lib/wind/bidi_table.c create mode 100644 lib/wind/bidi_table.h create mode 100644 lib/wind/combining.c create mode 100644 lib/wind/combining_table.c create mode 100644 lib/wind/combining_table.h create mode 100644 lib/wind/doxygen.c create mode 100644 lib/wind/errorlist.c create mode 100644 lib/wind/errorlist_table.c create mode 100644 lib/wind/errorlist_table.h create mode 100644 lib/wind/gen-bidi.py create mode 100644 lib/wind/gen-combining.py create mode 100644 lib/wind/gen-errorlist.py create mode 100644 lib/wind/gen-map.py create mode 100644 lib/wind/gen-normalize.py create mode 100644 lib/wind/gen-punycode-examples.py create mode 100644 lib/wind/generate.py create mode 100644 lib/wind/idn-lookup.c create mode 100644 lib/wind/ldap.c create mode 100644 lib/wind/libwind-exports.def create mode 100644 lib/wind/map.c create mode 100644 lib/wind/map_table.c create mode 100644 lib/wind/map_table.h create mode 100644 lib/wind/normalize.c create mode 100644 lib/wind/normalize_table.c create mode 100644 lib/wind/normalize_table.h create mode 100644 lib/wind/punycode.c create mode 100644 lib/wind/punycode_examples.c create mode 100644 lib/wind/punycode_examples.h create mode 100644 lib/wind/rfc3454.py create mode 100644 lib/wind/rfc3454.txt create mode 100644 lib/wind/rfc3490.txt create mode 100644 lib/wind/rfc3491.txt create mode 100644 lib/wind/rfc3492.txt create mode 100644 lib/wind/rfc4013.txt create mode 100644 lib/wind/rfc4518.py create mode 100644 lib/wind/rfc4518.txt create mode 100644 lib/wind/stringprep.c create mode 100644 lib/wind/stringprep.py create mode 100644 lib/wind/test-bidi.c create mode 100644 lib/wind/test-ldap.c create mode 100644 lib/wind/test-map.c create mode 100644 lib/wind/test-normalize.c create mode 100644 lib/wind/test-prohibited.c create mode 100644 lib/wind/test-punycode.c create mode 100644 lib/wind/test-rw.c create mode 100644 lib/wind/test-utf8.c create mode 100644 lib/wind/utf8.c create mode 100644 lib/wind/util.py create mode 100644 lib/wind/version-script.map create mode 100644 lib/wind/wind.h create mode 100644 lib/wind/wind_err.et create mode 100644 lib/wind/windlocl.h delete mode 100644 packages/debian/Makefile.am delete mode 100644 packages/debian/README delete mode 100644 packages/debian/README.Debian delete mode 100644 packages/debian/changelog delete mode 100644 packages/debian/compat delete mode 100644 packages/debian/control delete mode 100644 packages/debian/copyright delete mode 100644 packages/debian/extras/default delete mode 100644 packages/debian/extras/kadmind.acl delete mode 100644 packages/debian/extras/kdc.conf delete mode 100644 packages/debian/heimdal-clients-x.install delete mode 100644 packages/debian/heimdal-clients.install delete mode 100644 packages/debian/heimdal-clients.postinst delete mode 100644 packages/debian/heimdal-clients.prerm delete mode 100644 packages/debian/heimdal-dev.install delete mode 100644 packages/debian/heimdal-docs.install delete mode 100644 packages/debian/heimdal-kcm.init delete mode 100644 packages/debian/heimdal-kcm.install delete mode 100644 packages/debian/heimdal-kdc.dirs delete mode 100644 packages/debian/heimdal-kdc.examples delete mode 100644 packages/debian/heimdal-kdc.init delete mode 100644 packages/debian/heimdal-kdc.install delete mode 100644 packages/debian/heimdal-kdc.logrotate delete mode 100644 packages/debian/heimdal-kdc.postinst delete mode 100644 packages/debian/heimdal-kdc.postrm delete mode 100644 packages/debian/heimdal-kdc.templates delete mode 100644 packages/debian/heimdal-servers-x.dirs delete mode 100644 packages/debian/heimdal-servers-x.install delete mode 100644 packages/debian/heimdal-servers-x.postinst delete mode 100644 packages/debian/heimdal-servers-x.postrm delete mode 100644 packages/debian/heimdal-servers-x.prerm delete mode 100644 packages/debian/heimdal-servers.dirs delete mode 100644 packages/debian/heimdal-servers.install delete mode 100644 packages/debian/heimdal-servers.postinst delete mode 100644 packages/debian/heimdal-servers.postrm delete mode 100644 packages/debian/heimdal-servers.prerm delete mode 100644 packages/debian/libasn1-8-heimdal.install delete mode 100644 packages/debian/libasn1-8-heimdal.postinst.debhelper delete mode 100644 packages/debian/libasn1-8-heimdal.postrm.debhelper delete mode 100644 packages/debian/libasn1-8-heimdal.substvars delete mode 100644 packages/debian/libgssapi2-heimdal.install delete mode 100644 packages/debian/libgssapi2-heimdal.postinst.debhelper delete mode 100644 packages/debian/libgssapi2-heimdal.postrm.debhelper delete mode 100644 packages/debian/libgssapi2-heimdal.substvars delete mode 100644 packages/debian/libhdb9-heimdal.install delete mode 100644 packages/debian/libhdb9-heimdal.postinst.debhelper delete mode 100644 packages/debian/libhdb9-heimdal.postrm.debhelper delete mode 100644 packages/debian/libhdb9-heimdal.substvars delete mode 100644 packages/debian/libkadm5clnt7-heimdal.install delete mode 100644 packages/debian/libkadm5clnt7-heimdal.postinst.debhelper delete mode 100644 packages/debian/libkadm5clnt7-heimdal.postrm.debhelper delete mode 100644 packages/debian/libkadm5clnt7-heimdal.substvars delete mode 100644 packages/debian/libkadm5srv7-heimdal.install delete mode 100644 packages/debian/libkadm5srv8-heimdal.install delete mode 100644 packages/debian/libkafs0-heimdal.install delete mode 100644 packages/debian/libkrb5-22-heimdal.install delete mode 100644 packages/debian/libkrb5-22-heimdal.postinst.debhelper delete mode 100644 packages/debian/libkrb5-22-heimdal.postrm.debhelper delete mode 100644 packages/debian/libkrb5-22-heimdal.substvars delete mode 100644 packages/debian/libotp0-heimdal.install delete mode 100644 packages/debian/libroken18-heimdal.install delete mode 100644 packages/debian/libroken18-heimdal.postinst.debhelper delete mode 100644 packages/debian/libroken18-heimdal.postrm.debhelper delete mode 100644 packages/debian/libroken18-heimdal.substvars delete mode 100644 packages/debian/libsl0-heimdal.install delete mode 100644 packages/debian/patches/021_debian delete mode 100644 packages/debian/patches/022_ftp-roken-glob delete mode 100644 packages/debian/patches/022_openafs delete mode 100644 packages/debian/patches/025_pthreads delete mode 100644 packages/debian/patches/026_posix_max delete mode 100644 packages/debian/po/POTFILES.in delete mode 100644 packages/debian/po/templates.pot delete mode 100755 packages/debian/rules delete mode 100644 packages/debian/scripts/convert_source create mode 100644 packages/windows/NTMakefile create mode 100644 packages/windows/assembly/Heimdal.Application.manifest.in create mode 100644 packages/windows/assembly/Heimdal.Kerberos.manifest.in create mode 100644 packages/windows/assembly/NTMakefile create mode 100644 packages/windows/assembly/policy.Heimdal.Kerberos.in create mode 100644 packages/windows/installer/NTMakefile create mode 100644 packages/windows/installer/heimdal-assemblies.wxs create mode 100644 packages/windows/installer/heimdal-installer.wxs create mode 100644 packages/windows/installer/heimdal-policy.wxs create mode 100644 packages/windows/installer/lang/en-us.wxl create mode 100644 packages/windows/installer/lang/license-en-us.rtf create mode 100644 packages/windows/sdk/NTMakefile create mode 100644 po/Makefile.am create mode 100644 po/Makefile.in create mode 100644 po/gen-po.in create mode 100644 po/heim_com_err-1750206208/heim_com_err-1750206208.pot create mode 100644 po/heim_com_err-1765328384/heim_com_err-1765328384.pot create mode 100644 po/heim_com_err-1765328384/sv_SE.mo create mode 100644 po/heim_com_err-1765328384/sv_SE.po create mode 100644 po/heim_com_err-1980176640/heim_com_err-1980176640.pot create mode 100644 po/heim_com_err-969269760/heim_com_err-969269760.pot create mode 100644 po/heim_com_err1859794432/heim_com_err1859794432.pot create mode 100644 po/heim_com_err35224064/heim_com_err35224064.pot create mode 100644 po/heim_com_err36150272/heim_com_err36150272.pot create mode 100644 po/heim_com_err39525376/heim_com_err39525376.pot create mode 100644 po/heim_com_err43787520/heim_com_err43787520.pot create mode 100644 po/heim_com_err569856/heim_com_err569856.pot create mode 100644 po/heimdal_krb5/heimdal_krb5.pot create mode 100644 po/heimdal_krb5/sv_SE.mo create mode 100644 po/heimdal_krb5/sv_SE.po create mode 100644 po/heimdal_kuser/heimdal_kuser.pot create mode 100644 tests/NTMakefile create mode 100644 tests/bin/Makefile.am rename {packages/debian => tests/bin}/Makefile.in (81%) create mode 100644 tests/bin/setup-env.in create mode 100644 tests/can/NTMakefile create mode 100644 tests/db/NTMakefile create mode 100644 tests/db/check-aliases.in create mode 100644 tests/db/krb5-mit.conf.in create mode 100644 tests/gss/NTMakefile create mode 100644 tests/java/NTMakefile create mode 100644 tests/kdc/NTMakefile create mode 100644 tests/kdc/check-cc.in create mode 100644 tests/kdc/check-delegation.in create mode 100644 tests/kdc/check-des.in rename lib/auth/sia/krb4_matrix.conf => tests/kdc/check-kdc-weak.in (57%) create mode 100644 tests/kdc/check-kpasswdd.in create mode 100644 tests/kdc/leaks-kill.sh create mode 100644 tests/ldap/NTMakefile create mode 100644 tests/plugin/NTMakefile create mode 100644 tools/NTMakefile delete mode 100644 tools/heimdal-build.sh create mode 100644 tools/krb5-config.cat1 create mode 100644 windows/NTMakefile.config create mode 100644 windows/NTMakefile.w32 create mode 100644 windows/README create mode 100644 windows/maint.el create mode 100644 windows/version.rc create mode 100755 ylwrap diff --git a/ChangeLog b/ChangeLog index e167b09a8957..125740da3261 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,8 +1,457 @@ -2008-01-24 Love Hörnquist Åstrand - * Release 1.1 +We stop writing change logs, see the source code version control systems history log instead + +2008-07-28 Love Hornquist Astrand -2008-01-21 Love Hörnquist Åstrand + * lib/krb5/v4_glue.c: The "kaserver" part of Heimdal occasionally + issues invalid AFS tokens + (here "occasionally" means for certain users in certain realms). + + In lib/krb5/v4_glue.c, in the routine storage_to_etext the ticket + is padded to a multiple of 8 bytes. If it is already a multiple of + 8 bytes, 8 additional 0-bytes are added. + + This catches the AFS krb4 ticket decoder by surprise: unless the + ticket is exactly 56 bytes, it only supports the minimum necessary + padding. It detects the superfluous padding by comparing the + ticket length decoded to the advertised ticket length. + + Hence a 7-letter userid in "cern.ch" which resulted in a ticket of + 40 bytes, got "padded" to 48 bytes which the rxkad decoder + rejected. + + From Rainer Toebbicke. + +2008-07-25 Love Hörnquist Ã…strand + + * kuser/kinit.c: add --ok-as-delegate and --windows flags + + * kpasswd/kpasswd-generator.c: Switch to krb5_set_password. + + * kuser/kinit.c: Use krb5_cc_set_config. + + * lib/krb5/cache.c: Add krb5_cc_[gs]et_config. + +2008-07-22 Love Hörnquist Ã…strand + + * lib/krb5/crypto.c: Allow numbers to be enctypes to as long as + they are valid. + +2008-07-17 Love Hörnquist Ã…strand + + * lib/hdb/version-script.map: some random bits needed for libkadm + +2008-07-15 Love Hörnquist Ã…strand + + * lib/krb5/send_to_kdc_plugin.h: add name for send_to_kdc plugin. + + * lib/krb5/krbhst.c: handle KRB5_PLUGIN_NO_HANDLE for lookup + plugin. + + * lib/krb5/send_to_kdc.c: Add support for the send_to_kdc plugin + interface. + + * lib/krb5/Makefile.am: add send_to_kdc_plugin.h + + * lib/krb5/krb5_err.et: add plugin error codes + +2008-07-14 Love Hornquist Astrand + + * lib/hdb/Makefile.am: EXTRA_DIST += version-script.map + +2008-07-14 Love Hornquist Astrand + + * lib/krb5/krb5_{address,ccache}.3: spelling, from openbsd via janne + johansson + +2008-07-13 Love Hörnquist Ã…strand + + * lib/krb5/version-script.map: add krb5_free_error_message + +2008-06-21 Love Hörnquist Ã…strand + + * lib/krb5/init_creds_pw.c: switch to krb5_set_password(). + +2008-06-18 Love Hörnquist Ã…strand + + * lib/krb5/time.c (krb5_set_real_time): handle negative usec + +2008-05-31 Love Hörnquist Ã…strand + + * lib/krb5/krb5_locl.h: Add + + * lib/krb5/crypto.c: Use wind_utf8ucs2_length to convert the password to utf16. + +2008-05-30 Love Hörnquist Ã…strand + + * lib/krb5/kcm.c: Add back krb5_kcmcache argument to try_door(). + +2008-05-27 Love Hörnquist Ã…strand + + * lib/krb5/error_string.c (krb5_free_error_message): constify + + * lib/krb5/error_string.c: Add krb5_get_error_message(). + + * lib/krb5/doxygen.c: krb5_cc_new_unique() is name of the creation + function. + +2008-04-30 Love Hörnquist Ã…strand + + * lib/hdb/hdb-ldap.c: Use the _ext api for OpenLDAP, from Honza + Machacek (gentoo). + +2008-04-28 Love Hörnquist Ã…strand + + * lib/krb5/crypto.c: Use DES_set_key_unchecked(). + + * lib/krb5/krb5.conf.5: Document default_cc_type. + + * lib/krb5/cache.c: Pick up [libdefaults]default_cc_type + +2008-04-27 Love Hörnquist Ã…strand + + * kdc/kaserver.c: Use DES_set_key_unchecked(). + +2008-04-21 Love Hörnquist Ã…strand + + * doc/hx509.texi: About the pkcs11 module. + + * doc/hx509.texi: Pick up version from vars.texi + + * doc/hx509.texi: No MIT code in hx509. + + * hx509 now includes a pkcs11 implementation. + +2008-04-20 Love Hörnquist Ã…strand + + * lib/hdb/Makefile.am: Move OpenLDAP includes to AM_CPPFLAGS to + avoid dropping other defines for the library. + +2008-04-17 Love Hörnquist Ã…strand + + * lib/krb5: add __declspec() for windows. + + * configure.in: Update rk_WIN32_EXPORT, add gssapi to + rk_WIN32_EXPORT. + + * configure.in: Lets try dependency tracking for automake 1.10 and + later. + + * configure.in: Use at least libtool-2.2. + + * configure.in: Use LT_INIT the right way. + + * lib/krb5/Makefile.am: Update make-proto usage. + + * configure.in: Run autoupdate, use LT_INIT(). + +2008-04-15 Love Hörnquist Ã…strand + + * lib/krb5/test_forward.c: Don't print krb5_error_code since we + are using krb5_err(). + + * lib/krb5/ticket.c: Cast krb5_error_code to int to avoid warning. + + * lib/krb5/scache.c: Cast krb5_error_code to int to avoid warning. + + * lib/krb5/principal.c: Cast enum to int to avoid warning. + + * lib/krb5/pkinit.c: Cast krb5_error_code to int to avoid warning. + + * lib/krb5/pac.c: Cast size_t to unsigned long to avoid warning. + + * lib/krb5/error_string.c: Cast krb5_error_code to int to avoid + warning. + + * lib/krb5/keytab_keyfile.c: Make num_entries an uint32 to avoid + negative numbers and type warnings. + + * lib/krb5: cc_get_version returns an int, update. + +2008-04-10 Love Hörnquist Ã…strand + + * configure.in: Check for . + +2008-04-09 Love Hörnquist Ã…strand + + * lib/krb5/version-script.map: sort and export _krb5_pk_kdf + + * lib/krb5/crypto.c: Check kdf params. calculate the second half + of the key. + + * lib/krb5/Makefile.am: Add test_pknistkdf + + * lib/krb5/test_pknistkdf.c: Test the new pkinit nist kdf. + + * lib/krb5/crypto.c: Complete _krb5_pk_kdf. + + * lib/krb5/crypto.c: First version of KDF in + draft-ietf-krb-wg-pkinit-alg-agility-03.txt. + +2008-04-08 Love Hörnquist Ã…strand + + * doc/setup.texi: Add text about smbk5pwd overlay from Buchan + Milne. + + * lib/krb5/krb5_locl.h: Name the pkinit type enum. + + * kdc/pkinit.c: Rename constants to match global header. + + * lib/krb5/pkinit.c: Drop krb5_pk_identity and rename constants to + match global header. + + * kdc/pkinit.c: Pick up krb5_pk_identity from krb5_locl.h. + + * lib/krb5/scache.c (scc_alloc): %x is unsigned int. + +2008-04-07 Love Hörnquist Ã…strand + + * lib/krb5/version-script.map: Sort and add krb5_cc_switch. + + * lib/krb5/acache.c: Use unsigned where appropriate. + + * kcm/glue.c: Adapt to chenge to krb5_cc_ops. + + * kcm/acl.c: Add missing op. + + * kdc/connect.c: Use unsigned where appropriate. + + * lib/krb5/n-fold.c: Use size_t where appropriate. + + * lib/krb5/get_addrs.c: Use unsigned where appropriate. + + * lib/krb5/crypto.c: Use unsigned where appropriate. + + * lib/krb5/crc.c: Use unsigned where appropriate. + + * lib/krb5/changepw.c: simplify + + * lib/krb5/copy_host_realm.c: simplify + + * kuser/kswitch.c: Implement --principal. + +2008-04-05 Love Hörnquist Ã…strand + + * lib/krb5/cache.c: allow returning the default cc-type. + + * kuser/kswitch.c: Enable switching between existing caches. + + * lib/krb5/cache.c: Add krb5_cc_switch, to set the default + credential cache. + + * lib/krb5/acache.c: Implement set_default. + + * lib/krb5/krb5.h: Extend krb5_cc_ops and add set_default to set + the default cc name for a credential type. + +2008-04-04 Love Hörnquist Ã…strand + + * lib/krb5/test_cc.c: test remove + + * lib/krb5/fcache.c: Make the remove cred slight more atomic, now + it might lose creds, but there will be no empty cache at any time. + + * lib/krb5/scache.c: Do credential iteration by temporary table. + +2008-04-02 Love Hörnquist Ã…strand + + * lib/krb5/acache.c: Translate ccErrInvalidCCache. + + * lib/krb5/scache.c: implemetation of a sqlite3 backed credential + cache. + + * lib/krb5/test_cc.c: test acc and scc + + * lib/krb5/acache.c: Only release context if its in use. + +2008-04-01 Love Hörnquist Ã…strand + + * doc/setup.texi: No patching of OpenLDAP is needed, from Buchan + Milne. + +2008-03-30 Love Hörnquist Ã…strand + + * lib/krb5/Makefile.am: Add scache. + + * lib/krb5/scache.c: initial implementation + + * lib/Makefile.am: sqlite + + * configure.in: lib/sqlite/Makefile + +2008-03-26 Love Hörnquist Ã…strand + + * lib/krb5/fcache.c: Make the storing credential an atomic + write(2) to avoid signal races, bug traced by Harald Barth and Lars + Malinowsky. + +2008-03-25 Love Hörnquist Ã…strand + + * lib/krb5/fcache.c: Make erase_file() do locking too. + + * kcm/protocol.c: Make work when moving to a non-existant + cred-cache. + + * lib/krb5/test_cc.c: more verbose info. + + * lib/krb5/test_cc.c: test krb5_cc_move(). + +2008-03-23 Love Hörnquist Ã…strand + + * lib/krb5/get_cred.c: Try both kdc server referral and the old + client chasing mode. + + * lib/krb5/get_cred.c: Don't do canonicalize by default, make + add_cred() sane, make loop detection in credential fetching + better. + + * lib/krb5/krb5_locl.h: Add flag EXTRACT_TICKET_AS_REQ. + + * lib/krb5/init_creds_pw.c: Tell _krb5_extract_ticket that this is + an AS-REQ. + + * lib/krb5/get_in_tkt.c: Make server referral work. + +2008-03-22 Love Hörnquist Ã…strand + + * lib/krb5/get_in_tkt.c: check no server referral, don't use + stringent length tests since encryption layer does padding for + us... + + * kdc/kerberos5.c: Match name in ClientCanonicalizedNames with -10 + + * lib/krb5/principal.c (_krb5_principal_compare_PrincipalName): + new function to compare a principal to a PrincipalName. + + * lib/krb5/init_creds_pw.c: Move client referral checking to + _krb5_extract_ticket(). + + * lib/krb5/get_in_tkt.c: More bits for server referral. + + * lib/krb5/get_in_tkt.c: Make working with client referrals. + + * lib/krb5/get_cred.c: Try moving referrals checking into + _krb5_extract_ticket(). + + * lib/krb5/get_in_tkt.c: Try moving referrals checking into + _krb5_extract_ticket(). + +2008-03-21 Love Hörnquist Ã…strand + + * kdc/krb5tgs.c: Send SERVER-REFERRAL data in rep.padata instead + of auth_data in ticket. + +2008-03-20 Love Hörnquist Ã…strand + + * lib/krb5/init_creds_pw.c: remove lost bits from using + krb5_principal_set_realm + + * kdc/krb5tgs.c: Better referrals support, use canonicalize flag. + + * kdc/hprop.c: use krb5_principal_set_realm + + * lib/krb5/init_creds_pw.c: use krb5_principal_set_realm + + * lib/krb5/verify_user.c: use krb5_principal_set_realm + + * lib/krb5/version-script.map: add krb5_principal_set_realm + + * lib/krb5/principal.c: add krb5_principal_set_realm + + * lib/krb5/get_cred.c: Insecure tgs referrals. + + * lib/krb5/get_cred.c: Dont try key usage KRB5_KU_AP_REQ_AUTH for + TGS-REQ. This drop compatibility with pre 0.3d KDCs. + + * lib/krb5/get_cred.c: catch KRB5_GC_CANONICALIZE. + + * lib/krb5/krb5.h: set KRB5_GC_CANONICALIZE. + + * kuser/kgetcred.c: set KRB5_GC_CANONICALIZE. + + * kuser/kgetcred.c: Add stub --canonicalize implementation. + +2008-03-19 Love Hörnquist Ã…strand + + * doc/setup.texi: Fix sasl-regexp, from Howard Chu. + +2008-03-14 Love Hörnquist Ã…strand + + * kdc/kx509.c: Adapt to hx509_env changes. + +2008-03-10 Love Hörnquist Ã…strand + + * lib/krb5/pkinit.c: Try searchin the key by to use by first + looking for for PK-INIT EKU, then the Microsoft smart card EKU and + last, no special EKU at all. + +2008-03-09 Love Hörnquist Ã…strand + + * lib/krb5/acache.c: Create a new credential cache is ->get_name + is called, make acc_initialize() reset the existing credential + cache if needed. + + * lib/krb5/acache.c (acc_get_name): just return the cache_name + directly instead of trying to resolve it. + +2008-02-23 Love Hörnquist Ã…strand + + * include/Makefile.am (CLEANFILES): add wind.h and wind_err.h and + sort. + +2008-02-11 Love Hörnquist Ã…strand + + * lib/hdb/hdb-ldap.c: Use malloc() instead of static buffer. + + * lib/hdb/hdb-ldap.c: Use ldap_get_values_len, from LaMont Jones + via Brian May and Debian. + + * doc/Makefile.am: add libwind + +2008-02-05 Love Hörnquist Ã…strand + + * lib/krb5/test_renew.c: Remove extra ;, From Dennis Davis. + + * lib/krb5/store_emem.c: Make compile on-pre c99 compilers. From + Dennis Davis. + +2008-02-03 Love Hörnquist Ã…strand + + * tools/heimdal-gssapi.pc.in: Add wind. + + * tools/krb5-config.in: Add wind. + + * lib/krb5/pac.c: Use libwind. + +2008-02-01 Love Hörnquist Ã…strand + + * lib/Makefile.am: SUBDIRS: add wind + +2008-01-29 Love Hörnquist Ã…strand + + * doc/programming.texi: See the Kerberos 5 API introduction and + documentation on the Heimdal webpage. + +2008-01-27 Love Hörnquist Ã…strand + + * lib/krb5: better error strings for the keytab fetching functions + + * lib/krb5/verify_krb5_conf.c: Catch deprecated entries. + + * lib/krb5/get_cred.c: Remove support + for [libdefaults]capath (not [libdefaults] capaths though). + +2008-01-25 Love Hörnquist Ã…strand + + * tools/heimdal-gssapi.pc.in: Fix caps of prefix, from Joakim + Fallsjo. + +2008-01-24 Love Hörnquist Ã…strand + + * lib/krb5/fcache.c (fcc_move): more explict why the fcc_move + failes, handle cross device moves. + +2008-01-21 Love Hörnquist Ã…strand * lib/krb5/get_for_creds.c: Use on variable less. @@ -20,1337 +469,17 @@ * kdc/Makefile.am: drop CHECK_SYMBOLS -2008-01-18 Love Hörnquist Åstrand +2008-01-18 Love Hörnquist Ã…strand * lib/krb5/version-script.map: Add krb5_digest_probe. -2008-01-13 Love Hörnquist Åstrand +2008-01-13 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: Replace hx509_name_to_der_name with hx509_name_binary. -2008-01-12 Love Hörnquist Åstrand +2008-01-12 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: add missing files -2007-12-28 Love Hörnquist Åstrand - - * kdc/digest.c: Log probe message, add NTLM_TARGET_DOMAIN to the - type2 message. - -2007-12-14 Love Hörnquist Åstrand - - * lib/hdb/dbinfo.c: Add hdb_default_db(). - - * Makefile.am: Add some extra cf/*. - -2007-12-12 Love Hörnquist Åstrand - - * kuser/kgetcred.c: Fix type of name-type. From Andy Polyakov. - -2007-12-09 Love Hörnquist Åstrand - - * kdc/log.c: Use hdb_db_dir(). - - * kpasswd/kpasswdd.c: Use hdb_db_dir(). - -2007-12-08 Love Hörnquist Åstrand - - * kdc/config.c: Use hdb_db_dir(). - - * kdc/kdc_locl.h: add KDC_LOG_FILE - - * kdc/hpropd.c: Use hdb_default_db(). - - * kdc/kstash.c: Use hdb_db_dir(). - - * kdc/pkinit.c: Adapt to hx509 changes, use hdb_db_dir(). - - * lib/krb5/rd_req.c: Document krb5_rd_req_in_set_pac_check. - - * lib/krb5/verify_krb5_conf.c: Check check_pac. - - * lib/krb5/rd_req.c: use KRB5_CTX_F_CHECK_PAC to init check_pac - field in the krb5_rd_req_in_ctx - - * lib/krb5/expand_hostname.c: Adapt to changing - dns_canonicalize_hostname into flags field. - - * lib/krb5/context.c: Adapt to changing dns_canonicalize_hostname - into flags field, add check-pac as an libdefaults option. - - * lib/krb5/pkinit.c: Adapt to changes in hx509 interface. - - * doc: add doxygen documentation to hcrypto - - * doc/doxytmpl.dxy: generate links - -2007-12-07 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: build_HEADERZ += heim_threads.h - - * lib/hdb/dbinfo.c (hdb_db_dir): Return the directory where the - hdb database resides. - - * configure.in: Add --with-hdbdir to specify where the database is - stored. - - * lib/krb5/crypto.c: revert previous patch, the problem is located - in the RAND_file_name() function that will cause recursive nss - lookups, can't fix that here. - -2007-12-06 Love Hörnquist Åstrand - - * lib/krb5/crypto.c (krb5_generate_random_block): try to avoid the - dead-lock in by not holding the lock while running - RAND_file_name. Prompted by Hai Zaar. - - * lib/krb5/n-fold.c: spelling - -2007-12-04 Love Hörnquist Åstrand - - * kuser/kdigest.c (digest-probe): implement command. - - * kuser/kdigest-commands.in (digest-probe): new command - - * kdc/digest.c: Implement supportedMechs request. - - * lib/krb5/error_string.c: Make krb5_get_error_string return an - allocated string to make the function indempotent. From - Zeqing (Fred) Xia. - -2007-12-03 Love Hörnquist Åstrand - - * lib/krb5/krb5_locl.h (krb5_context_data): Flag if - default_cc_name was set by the user. - - * lib/krb5/fcache.c (fcc_move): make sure ->version is uptodate. - - * kcm/acquire.c: use krb5_free_cred_contents - - * kuser/kimpersonate.c: use krb5_free_cred_contents - - * kuser/kinit.c: Use krb5_cc_move to make an atomic switch of the - cred cache. - - * lib/krb5/cache.c: Put back code that was needed, move gen_new - into new_unique. - - * lib/krb5/mcache.c (mcc_default_name): Remove const - - * lib/krb5/krb5_locl.h: Add KRB5_DEFAULT_CCNAME_KCM, redefine - KRB5_DEFAULT_CCNAME to KRB5_DEFAULT_CCTYPE - - * lib/krb5/cache.c: Use krb5_cc_ops->default_name to get the - default name. - - * lib/krb5/kcm.c: Implement krb5_cc_ops->default_name. - - * lib/krb5/mcache.c: Implement krb5_cc_ops->default_name. - - * lib/krb5/fcache.c: Implement krb5_cc_ops->default_name. - - * lib/krb5/krb5.h: Add krb5_cc_ops->default_name. - - * lib/krb5/acache.c: Free context when done, implement - krb5_cc_ops->default_name. - - * lib/krb5/kcm.c: implement dummy kcm_move - - * lib/krb5/mcache.c: Implement the move operation. - - * lib/krb5/version-script.map: export krb5_cc_move - - * lib/krb5/cache.c: New function krb5_cc_move(). - - * lib/krb5/fcache.c: Implement the move operation. - - * lib/krb5/krb5.h: Add move to the krb5_cc_ops, causes major - version bump. - - * lib/krb5/acache.c: Implement the move operation. Avoid using - cc_set_principal() since it broken on Mac OS X 10.5.0. - -2007-12-02 Love Hörnquist Åstrand - - * lib/krb5/krb5_ccapi.h: Drop variable names to avoid -Wshadow. - -2007-11-14 Love Hörnquist Åstrand - - * kdc/krb5tgs.c: Should pass different key usage constants - depending on whether or not optional sub-session key was passed by - the client for the check of authorization data. The constant is - used to derive "specific key" and its values are specified in - 7.5.1 of RFC4120. - - Patch from Andy Polyakov. - - * kdc/krb5tgs.c: Don't send auth data in referrals, microsoft - clients have started to not like that. Thanks to Andy Polyakov for - excellent research. - -2007-11-11 Love Hörnquist Åstrand - - * lib/krb5/creds.c: use krb5_data_cmp - - * lib/krb5/acache.c: use krb5_free_cred_contents - - * lib/krb5/test_renew.c: use krb5_free_cred_contents - -2007-11-10 Love Hörnquist Åstrand - - * lib/krb5/acl.c: doxygen documentation - - * lib/krb5/addr_families.c: doxygen documentation - - * doc: add doxygen - - * lib/krb5/plugin.c: doxygen documentation - - * lib/krb5/kcm.c: doxygen documentation - - * lib/krb5/fcache.c: doxygen documentation - - * lib/krb5/cache.c: doxygen documentations - - * lib/krb5/doxygen.c: doxygen introduction - - * lib/krb5/error_string.c: Doxygen documentation. - -2007-11-03 Love Hörnquist Åstrand - - * lib/krb5/test_plugin.c: expose krb5_plugin_register - - * lib/krb5/plugin.c: expose krb5_plugin_register - - * lib/krb5/version-script.map: sort, expose krb5_plugin_register - -2007-10-24 Love Hörnquist Åstrand - - * kdc/kerberos5.c: Adding same enctype is enough one time. From - Andy Polyakov and Bjorn Sandell. - -2007-10-18 Love - - * lib/krb5/cache.c (krb5_cc_retrieve_cred): check return value - from krb5_cc_start_seq_get. From Zeqing (Fred) Xia - - * lib/krb5/fcache.c (init_fcc): provide better error codes - - * kdc/kerberos5.c (get_pa_etype_info2): more paranoia, avoid - sending warning about pruned etypes. - - * kdc/kerberos5.c (older_enctype): old windows enctypes (arcfour - based) "old", this to support windows 2000 clients (unjoined to a - domain). From Andy Polyakov. - -2007-10-07 Love Hörnquist Åstrand - - * doc/setup.texi: Spelling, from Mark Peoples via Bjorn Sandell. - -2007-10-04 Love Hörnquist Åstrand - - * kdc/krb5tgs.c: More prettier printing of enctype, from KAMADA - Ken'ichi. - - * lib/krb5/crypto.c (krb5_enctype_to_string): make sure string is - NULL on failure. - -2007-10-03 Love Hörnquist Åstrand - - * kdc/kdc-replay.c: Catch KRB5_PROG_ATYPE_NOSUPP from - krb5_addr2sockaddr and igore thte test is that case. - -2007-09-29 Love Hörnquist Åstrand - - * lib/krb5/context.c (krb5_free_context): free - default_cc_name_env, from Gunther Deschner. - -2007-08-27 Love Hörnquist Åstrand - - * lib/krb5/{krb5.h,pac.c,test_pac.c,send_to_kdc.c,rd_req.c}: Make - work with c++, reported by Hai Zaar - - * lib/krb5/{digest.c,krb5.h}: Make work with c++, reported by Hai Zaar - -2007-08-20 Love Hörnquist Åstrand - - * lib/hdb/Makefile.am: EXTRA_DIST += hdb.schema - -2007-07-31 Love Hörnquist Åstrand - - * check return value of alloc functions, from Charles Longeau - - * lib/krb5/principal.c: spelling. - - * kadmin/kadmin.8: spelling - - * lib/krb5/crypto.c: Check return values from alloc - functions. Prompted by patch of Charles Longeau. - - * lib/krb5/n-fold.c: Make _krb5_n_fold return a error - code. Prompted by patch of Charles Longeau. - -2007-07-27 Love Hörnquist Åstrand - - * lib/krb5/init_creds.c: Always set the ticket options, use - KRB5_ADDRESSLESS_DEFAULT as the default value, this make the unset - tri-state not so useful. - -2007-07-24 Love Hörnquist Åstrand - - * tools/heimdal-gssapi.pc.in: Add LIB_pkinit to the list of - libraries. - - * tools/heimdal-gssapi.pc.in: pkg-config file for libgssapi in - heimdal. - - * tools/Makefile.am: Add heimdal-gssapi.pc and install it into - $(libdir)/pkgconfig - -2007-07-23 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Add RFC3526 modp group14 as a default. - -2007-07-22 Love Hörnquist Åstrand - - * lib/hdb/dbinfo.c (get_dbinfo): use dbname instead of realm as - key if the entry is a correct entry. - - * lib/krb5/get_cred.c: Make krb5_get_renewed_creds work, from - Gunther Deschner. - - * lib/krb5/Makefile.am: Add test_renew to noinst_PROGRAMS. - - * lib/krb5/test_renew.c: Test for krb5_get_renewed_creds. - -2007-07-21 Love Hörnquist Åstrand - - * lib/hdb/keys.c: Make parse_key_set handle key set string "v5", - from Peter Meinecke. - - * kdc/kaserver.c: Don't ovewrite the error code, from Peter - Meinecke. - -2007-07-18 Love Hörnquist Åstrand - - * TODO-1.0: remove - - * Makefile.am: remove TODO-1.0 - -2007-07-17 Love Hörnquist Åstrand - - * Heimdal 1.0 release branch cut here - - * doc/hx509.texi: use version.texi - - * doc/heimdal.texi: use version.texi - - * doc/version.texi: version.texi - - * lib/hdb/db3.c: avoid type-punned pointer warning. - - * kdc/kx509.c: Use unsigned char * as argument to HMAC_Update to - please OpenSSL and gcc. - - * kdc/digest.c: Use unsigned char * as argument to MD5_Update to - please OpenSSL and gcc. - -2007-07-16 Love Hörnquist Åstrand - - * include/Makefile.am: Add krb_err.h. - - * kdc/set_dbinfo.c: Print acl file too. - - * kdc/kerberos4.c: Error codes are just fine, remove XXX now. - - * lib/krb5/krb5-v4compat.h: Drop duplicate error codes. - - * kdc/kerberos4.c: switch to ET errors. - - * lib/krb5/Makefile.am: Add krb_err.h to build_HEADERZ. - - * lib/krb5/v4_glue.c: If its a Kerberos 4 error-code, remove the - et BASE. - -2007-07-15 Love Hörnquist Åstrand - - * lib/krb5/krb5-v4compat.h: Include "krb_err.h". - - * lib/krb5/v4_glue.c: return more interesting error codes. - - * lib/krb5/plugin.c: Prefix enum plugin_type. - - * lib/krb5/krb5_locl.h: Expose plugin structures. - - * lib/krb5/krb5.h: Add plugin structures. - - * lib/krb5/krb_err.et: V4 errors. - - * lib/krb5/version-script.map: First version of version script. - -2007-07-13 Love Hörnquist Åstrand - - * kdc/kerberos5.c: Java 1.6 expects the name to be the same type, - lets allow that for uncomplicated name-types. - -2007-07-12 Love Hörnquist Åstrand - - * lib/krb5/v4_glue.c (_krb5_krb_rd_req): if ticket contains - address 0, its ticket less and don't really care about - from_addr. return better error codes. - - * kpasswd/kpasswdd.c: Fix pointer vs strict alias rules. - -2007-07-11 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: When using sambaNTPassword, avoid adding - more then one enctype 23 to krb5EncryptionType. - - * lib/krb5/cache.c: Spelling. - - * kdc/kerberos5.c: Don't send newer enctypes in ETYPE-INFO. - (get_pa_etype_info2): return the enctypes as sorted in the - database - -2007-07-10 Love Hörnquist Åstrand - - * kuser/kinit.c: krb5-v4compat.h defines prototypes for - v4 (semiprivate functions) in libkrb5, don't include - krb5-private.h any longer. - - * lib/krb5/krbhst.c: Set error string when there is no KDC for a - realm. - - * lib/krb5/Makefile.am: New library version. - - * kdc/Makefile.am: New library version. - - * lib/krb5/krb5_locl.h: Add default_cc_name_env. - - * lib/krb5/cache.c (enviroment_changed): return non-zero if - enviroment that will determine default krb5cc name has changed. - (krb5_cc_default_name): also check if cached value is uptodate. - - * lib/krb5/krb5_locl.h: Drop pkinit_flags. - -2007-07-05 Love Hörnquist Åstrand - - * configure.in: add tests/java/Makefile - - * lib/hdb/dbinfo.c: Add hdb_dbinfo_get_log_file. - -2007-07-04 Love Hörnquist Åstrand - - * kdc/kerberos5.c: Improve the default salt detection to avoid - returning v4 password salting to java that doesn't look at the - returning padata for salting. - - * kdc: Split out krb5_kdc_set_dbinfo, From Andrew Bartlett - -2007-07-02 Love Hörnquist Åstrand - - * kdc/digest.c: Try harder to provide better error message for - digest messages. - - * lib/krb5/Makefile.am: verify_krb5_conf_OBJECTS depends on - krb5-pr*.h, make -j finds this. - -2007-06-28 Love Hörnquist Åstrand - - * kdc/digest.c: On success, print username, not ip-adress. - -2007-06-26 Love Hörnquist Åstrand - - * lib/krb5/get_cred.c: Add krb5_get_renewed_creds. - - * lib/krb5/krb5_get_credentials.3: add krb5_get_renewed_creds - - * lib/krb5/pkinit.c: Use hx509_cms_unwrap_ContentInfo. - -2007-06-25 Love Hörnquist Åstrand - - * doc/setup.texi: Add example for pkinit_win2k_require_binding - in [kdc] section. - - * kdc/default_config.c: Rename require_binding to - win2k_require_binding to match client configuration. - - * kdc/default_config.c: Add [kdc]pkinit_require_binding option. - - * kdc/pkinit.c (pk_mk_pa_reply_enckey): only allow non-bound reply - if its not required. - - * kdc/default_config.c: rename pkinit_princ_in_cert and add - pkinit_require_binding - - * kdc/kdc.h: rename pkinit_princ_in_cert and add - pkinit_require_binding - - * kdc/pkinit.c: rename pkinit_princ_in_cert - -2007-06-24 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Adapt to hx509_verify_hostname change. - -2007-06-21 Love Hörnquist Åstrand - - * kdc/krb5tgs.c: Drop unused variable. - - * kdc/krb5tgs.c: disable anonyous tgs requests - - * kdc/krb5tgs.c: Don't check PAC on cross realm for now. - - * kuser/kgetcred.c: Set KRB5_GC_CONSTRAINED_DELEGATION and parse - nametypes. - - * lib/krb5/krb5_principal.3: Document krb5_parse_nametype. - - * lib/krb5/principal.c (krb5_parse_nametype): parse nametype and - return their integer values. - - * lib/krb5/krb5.h (krb5_get_creds): Add - KRB5_GC_CONSTRAINED_DELEGATION. - - * lib/krb5/get_cred.c (krb5_get_creds): if - KRB5_GC_CONSTRAINED_DELEGATION is set, set both request_anonymous - and constrained_delegation. - -2007-06-20 Love Hörnquist Åstrand - - * kdc/digest.c: Return an error message instead of dropping the - packet for more failure cases. - - * lib/krb5/krb5_principal.3: Add KRB5_PRINCIPAL_UNPARSE_DISPLAY. - - * appl/gssmask/gssmask.c (AcquirePKInitCreds): fail more - gracefully - -2007-06-18 Love Hörnquist Åstrand - - * lib/krb5/pac.c: make compile. - - * lib/krb5/pac.c (verify_checksum): memset cksum to avoid using - pointer from stack. - - * lib/krb5/plugin.c: Don't expose free pointer. - - * lib/krb5/pkinit.c (_krb5_pk_load_id): fail directoy for first - calloc. - - * lib/krb5/pkinit.c (get_reply_key*): don't expose freed memory - - * lib/krb5/krbhst.c: Host is static memory, don't free. - - * lib/krb5/crypto.c (decrypt_internal_derived): make sure length - is longer then confounder + checksum. - - * kdc: export get_dbinfo as krb5_kdc_set_dbinfo and call from - users. This to allows libkdc users to to specify their own - databases - - * lib/krb5/pkinit.c (pk_rd_pa_reply_enckey): simplify handling of - content data (and avoid leaking memory). - - * kdc/misc.c (_kdc_db_fetch): set error string for failures. - -2007-06-15 Love Hörnquist Åstrand - - * kdc/pkinit.c: Use KRB5_AUTHDATA_INITIAL_VERIFIED_CAS. - -2007-06-13 Love Hörnquist Åstrand - - * kdc/pkinit.c: tell user when they got a pk-init request with - pkinit disabled. - -2007-06-12 Love Hörnquist Åstrand - - * lib/krb5/principal.c: Rename UNPARSE_NO_QUOTE to - UNPARSE_DISPLAY. - - * lib/krb5/krb5.h: Rename UNPARSE_NO_QUOTE to UNPARSE_DISPLAY. - - * lib/krb5/principal.c: Make no-quote mean replace strange chars - with space. - - * lib/krb5/principal.c: Support KRB5_PRINCIPAL_UNPARSE_NO_QUOTE. - - * lib/krb5/krb5.h: Add KRB5_PRINCIPAL_UNPARSE_NO_QUOTE. - - * lib/krb5/test_princ.c: Test quoteing. - - * lib/krb5/pkinit.c: update (c) - - * lib/krb5/get_cred.c: use krb5_sendto_context to talk to the KDC. - - * lib/krb5/send_to_kdc.c (_krb5_kdc_retry): check if the whole - process needs to restart or just skip this KDC. - - * lib/krb5/init_creds_pw.c: Use krb5_sendto_context to talk to - KDC. - - * lib/krb5/krb5.h: Add sendto hooks and opaque structure. - - * lib/krb5/krb5_rd_error.3: Update prototype. - - * lib/krb5/send_to_kdc.c: Add hooks for processing the reply from - the server. - -2007-06-11 Love Hörnquist Åstrand - - * lib/krb5/krb5_err.et: Some new error codes from RFC 4120. - -2007-06-09 Love Hörnquist Åstrand - - * kdc/krb5tgs.c: Constify. - - * kdc/kerberos5.c: Constify. - - * kdc/pkinit.c: Check for KRB5-PADATA-PK-AS-09-BINDING. Constify. - -2007-06-08 Love Hörnquist Åstrand - - * include/Makefile.am: Make krb5-types.h nodist_include_HEADERS. - - * kdc/Makefile.am: EXTRA_DIST += version-script.map. - -2007-06-07 Love Hörnquist Åstrand - - * Makefile.am (print-distdir): print name of dist - - * kdc/pkinit.c: Break out loading of mappings file to a separate - function and remove warning that it can't open the mapping file, - there are now mappings in the db, maybe the users uses that - instead... - - * lib/krb5/crypto.c: Require the raw key have the correct size and - do away with the minsize. Minsize was a thing that originated - from RC2, but since RC2 is done in the x509/cms subsystem now - there is no need to keep that around. - - * lib/hdb/dbinfo.c: If there is no default dbname, also check for - unset mkey_file and set it default mkey name, make backward compat - stuff work. - - * kdc/version-script.map: add new symbols - - * kdc/kdc-replay.c: Also update krb5_context view of what the time - is. - - * configure.in: add tests/can/Makefile - - * kdc/kdc-replay.c: Add --[version|help]. - - * kdc/pkinit.c: Push down the kdc time into the x509 library. - - * kdc/connect.c: Move up krb5_kdc_save_request so we can catch the - reply data too. - - * kdc/kdc-replay.c: verify reply by checking asn1 class, type and - tag of the reply if there is one. - - * kdc/process.c: Save asn1 class, type and tag of the reply if - there is one. Used to verify the reply in kdc-replay. - -2007-06-06 Love Hörnquist Åstrand - - * kdc/kdc_locl.h: extern for request_log. - - * kdc/Makefile.am: Add kdc-replay. - - * kdc/kdc-replay.c: Replay kdc messages to the KDC library. - - * kdc/config.c: Pick up request_log from [kdc]kdc-request-log. - - * kdc/connect.c: Option to save the request to disk. - - * kdc/process.c (krb5_kdc_save_request): save request to file. - - * kdc/process.c (krb5_kdc_process*): dont update _kdc_time - automagicly. - (krb5_kdc_update_time): set or get current kdc-time. - - * kdc/pkinit.c (_kdc_pk_rd_padata): accept both pkcs-7 and - pkauthdata as the signeddata oid - - * kdc/pkinit.c (_kdc_pk_rd_padata): Try to log what went wrong. - -2007-06-05 Love Hörnquist Åstrand - - * kdc/pkinit.c: Use oid_id_pkcs7_data for pkinit-9 encKey reply to - match windows DC behavior better. - -2007-06-04 Love Hörnquist Åstrand - - * configure.in: use test for -framework Security - - * appl/test/uu_server.c: Print status to stdout. - - * kdc/digest.c (digest ntlm): provide log entires by setting ret - to an error. - -2007-06-03 Love Hörnquist Åstrand - - * doc/hx509.texi: Indent crl-sign. - - * doc/hx509.texi: One more crl-sign example. - - * lib/krb5/test_princ.c: plug memory leaks. - - * lib/krb5/pac.c: plug memory leaks. - - * lib/krb5/test_pac.c: plug memory leaks. - - * lib/krb5/test_prf.c: plug memory leak. - - * lib/krb5/test_cc.c: plug memory leaks. - - * doc/hx509.texi: Simple blob about publishing CRLs. - - * doc/win2k.texi: drop text about enctypes. - -2007-06-02 Love Hörnquist Åstrand - - * kdc/pkinit.c: In case of OCSP verification failure, referash - every 5 min. In case of success, refreash 2 min before expiring or - faster. - -2007-05-31 Love Hörnquist Åstrand - - * lib/krb5/krb5_err.et: add error 68, WRONG_REALM - - * kdc/pkinit.c: Handle the ms san in a propper way, still cheat - with the realm name. - - * kdc/kerberos5.c: If _kdc_pk_check_client failes, bail out - directly and hand the error back to the client. - - * lib/krb5/krb5_err.et: Add missing REVOCATION_STATUS_UNAVAILABLE - and fix error message for CLIENT_NAME_MISMATCH. - - * kdc/pkinit.c: More logging for pk-init client mismatch. - - * kdc/kerberos5.c: Also add a KRB5_PADATA_PK_AS_REQ_WIN for - windows pk-init (-9) to make MIT clients happy. - -2007-05-30 Love Hörnquist Åstrand - - * kdc/pkinit.c: Force des3 for win2k. - - * kdc/pkinit.c: Add wrapping to ContentInfo wrapping to - COMPAT_WIN2K. - - * lib/krb5/keytab_keyfile.c: Spelling. - - * kdc/pkinit.c: Allow matching by MS UPN SAN, note that this delta - doesn't deal with case of realm. - -2007-05-16 Love Hörnquist Åstrand - - * lib/krb5/crypto.c (krb5_crypto_overhead): return static overhead - of encryption. - -2007-05-10 Dave Love - - * doc/win2k.texi: Update some URLs. - -2007-05-13 Love Hörnquist Åstrand - - * kuser/kimpersonate.c: Fix version number of ticket, it should be - 5 not the kvno. - -2007-05-08 Love Hörnquist Åstrand - - * doc/setup.texi: Salting is really Encryption types and salting. - -2007-05-07 Love Hörnquist Åstrand - - * doc/setup.texi: spelling, from Ronny Blomme - - * doc/win2k.texi: Fix ksetup /SetComputerPassword, from Ronny - Blomme - -2007-05-02 Love Hörnquist Åstrand - - * lib/hdb/dbinfo.c (hdb_get_dbinfo) If there are no database - specified, create one and let it use the defaults. - -2007-04-27 Love Hörnquist Åstrand - - * lib/hdb/test_dbinfo.c: test acl file - - * lib/hdb/test_dbinfo.c: test acl file - - * lib/hdb/dbinfo.c: add acl file - - * etc: ignore Makefile.in - - * Makefile.am: SUBDIRS += etc - - * configure.in: Add etc/Makefile. - - * etc/Makefile.am: make sure services.append is distributed - -2007-04-24 Love Hörnquist Åstrand - - * kdc: rename windc_init to krb5_kdc_windc_init - - * kdc/version-script.map: version script for libkdc - - * kdc/Makefile.am: version script for libkdc - -2007-04-23 Love Hörnquist Åstrand - - * lib/krb5/init_creds.c (krb5_get_init_creds_opt_get_error): - correct the order of the arguments. - - * lib/hdb/Makefile.am: Add and test dbinfo. - - * lib/hdb/hdb.h: Forward declaration for struct hdb_dbinfo; - - * kdc/config.c: Use krb5_kdc_get_config and just fill in what the - users wanted differently. - - * kdc/default_config.c: Make the default configuration fetch info - from the krb5.conf. - -2007-04-22 Love Hörnquist Åstrand - - * lib/krb5/store.c (krb5_store_creds_tag): use session.keytype to - determine if to send the session-key, for the second place in the - function. - - * tools/krb5-config.in: rename des to hcrypto - - * kuser/Makefile.am: depend on libheimntlm - - * kuser/kinit.c: Add --ntlm-domain that store the ntlm cred for - this domain if the Kerberos password auth worked. - - * kuser/klist.c: add new option --hidden that doesn't display - principal that starts with @ - - * tools/krb5-config.in: Add heimntlm when we use gssapi. - - * lib/krb5/krb5_ccache.3 (krb5_cc_retrieve_cred): document what to - free 'cred' with. - - * lib/krb5/cache.c (krb5_cc_retrieve_cred): document what to free - 'cred' with. - -2007-04-21 Love Hörnquist Åstrand - - * lib/krb5/store.c (krb5_store_creds_tag): use session.keytype to - determine if to send the session-key. - - * kcm/client.c (kcm_ccache_new_client): make root be able to pass - the name constraints, not the opposite. From Bryan Jacobs. - -2007-04-20 Love Hörnquist Åstrand - - * kcm/acl.c: make compile again. - - * kcm/client.c: fix warning. - - * kcm: First, it allows root to ignore the naming conventions. - Second, it allows root to always perform any operation on any - ccache. Note that root could do this anyway with FILE ccaches. - From Bryan Jacobs. - - * Rename libdes to libhcrypto. - -2007-04-19 Love Hörnquist Åstrand - - * kinit: remove code that depend on kerberos 4 library - - * kdc: remove code that depend on kerberos 4 library - - * configure.in: Drop kerberos 4 support. - - * kdc/hpropd.c (main): free the message when done with it. - - * lib/krb5/pkinit.c (_krb5_get_init_creds_opt_free_pkinit): - remember to free memory too. - - * lib/krb5/pkinit.c (pk_rd_pa_reply_dh): free content-type when - done. - - * configure.in: test rk_VERSIONSCRIPT - -2007-04-18 Love Hörnquist Åstrand - - * fix-export: remove, all done by make dist now - -2007-04-15 Love Hörnquist Åstrand - - * lib/krb5/krb5_get_credentials.3: spelling, from Jason McIntyre - -2007-04-11 Love Hörnquist Åstrand - - * kdc/kstash.8: Spelling, from raga - via Bjorn Sandell. - - * lib/krb5/store_mem.c: indent. - - * lib/krb5/recvauth.c: Set error string. - - * lib/krb5/rd_req.c: clear error strings. - - * lib/krb5/rd_cred.c: clear error string. - - * lib/krb5/pkinit.c: Set error strings. - - * lib/krb5/get_cred.c: Tell what principal we are not finding for - all KRB5_CC_NOTFOUND. - -2007-02-22 Love Hörnquist Åstrand - - * kdc/kerberos5.c: Return the same error codes as a windows KDC. - - * kuser/kinit.c: KRB5KDC_ERR_PREAUTH_FAILED is also a password - failed. - - * kdc/kerberos5.c: Make handling of replying e_data more generic, - from metze. - - * kdc/kerberos5.c: Fix (string const and shadow) warnings, from - metze. - - * lib/krb5/pac.c: Create the PAC element in the same order as - w2k3, maybe there's some broken code in windows which relies on - this... From metze. - - * kdc/kerberos5.c: Select a session enctype from the list of the - crypto systems supported enctype, is supported by the client and - is one of the enctype of the enctype of the krbtgt. - - The later is used as a hint what enctype all KDC are supporting to - make sure a newer version of KDC wont generate a session enctype - that and older version of a KDC in the same realm can't decrypt. - - But if the KDC admin is paranoid and doesn't want to have "no the - best" enctypes on the krbtgt, lets save the best pick from the - client list and hope that that will work for any other KDCs. - - Reported by metze. - - * kdc/hprop.c (propagate_database): on any failure, drop the - connection to the peer and try next one. - -2007-02-18 Love Hörnquist Åstrand - - * lib/krb5/krb5_get_init_creds.3: document new options. - - * kdc/krb5tgs.c: Only check service key for cross realm PACs. - - * lib/krb5/init_creds.c: use the new merged flags field. - (krb5_get_init_creds_opt_set_win2k): new function, turn on all w2k - compat flags. - - * lib/krb5/init_creds_pw.c: use the new merged flags field. - - * lib/krb5/krb5_locl.h: merge all flags into one entity - -2007-02-11 Dave Love - - * lib/krb5/krb5_aname_to_localname.3: Small fixes - - * lib/krb5/krb5_digest.3: Small fixes - - * kuser/kimpersonate.1: Small fixes - -2007-02-17 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c (find_pa_data): if there is no list, - there is no entry. - - * kdc/krb5tgs.c: Don't check PACs on cross realm requests. - - * lib/krb5/krb5.h: add KRB5_KU_CANONICALIZED_NAMES. - - * lib/krb5/init_creds_pw.c: Verify client referral data. - - * kdc/kerberos5.c: switch some "return ret" to "goto out". - - * kdc/kerberos5.c: Pass down canonicalize request to hdb layer, - sign client referrals. - - * lib/hdb/hdb.h: Add HDB_F_CANON. - - * lib/hdb: add simple alias support to the database backends - -2007-02-16 Love Hörnquist Åstrand - - * kuser/kinit.c: Add canonicalize flag. - - * lib/krb5/init_creds_pw.c: Use EXTRACT_TICKET_* flags, support - canonicalize. - - * lib/krb5/init_creds.c (krb5_get_init_creds_opt_set_canonicalize): - new function. - - * lib/krb5/get_cred.c: Use EXTRACT_TICKET_* flags. - - * lib/krb5/get_in_tkt.c: Use EXTRACT_TICKET_* flags. - - * lib/krb5/krb5_locl.h: Add EXTRACT_TICKET_* flags. - -2007-02-15 Love Hörnquist Åstrand - - * lib/krb5/test_princ.c: test parsing enterprise-names. - - * lib/krb5/principal.c: Add support for parsing enterprise-names. - - * lib/krb5/krb5.h: Add KRB5_PRINCIPAL_PARSE_ENTERPRISE. - - * lib/hdb/hdb-ldap.c: Make work again. - -2007-02-11 Dave Love - - * kcm/client.c (kcm_ccache_new_client): Cast snprintf'ed value. - -2007-02-10 Love Hörnquist Åstrand - - * doc/setup.texi: prune trailing space - - * lib/hdb/db.c: Be better at setting and clearing error string. - - * lib/hdb/hdb.c: Be better at setting and clearing error string. - -2007-02-09 Love Hörnquist Åstrand - - * lib/krb5/keytab.c (krb5_kt_get_entry): Use krb5_kt_get_full_name - to print out the keytab name. - - * doc/setup.texi: Spelling, from Guido Guenther - -2007-02-08 Love Hörnquist Åstrand - - * lib/krb5/rd_cred.c: Plug memory leak, from Michael B Allen. - -2007-02-06 Love Hörnquist Åstrand - - * lib/krb5/test_store.c (test_uint16): unsigned ints can't be - negative - -2007-02-03 Love Hörnquist Åstrand - - * kdc/pkinit.c: pass extra flags for detached signatures. - - * lib/krb5/pkinit.c: pass extra flags for detached signatures. - - * kdc/digest.c: Remove debug output. - - * kuser/kdigest.c: Add support for ms-chap-v2 client. - -2007-02-02 Love Hörnquist Åstrand - - * kdc/digest.c: Fix ms-chap-v2 get_masterkey - - * kdc/digest.c: Fix ms-chap-v2 mutual response auth code. - - * kuser/kdigest.c: Print session key if there is one. - - * lib/krb5/digest.c: rename hash-a1 to session key - - * kdc/digest.c: Add get_master from RFC 3079 3.4 for MS-CHAP-V2 - - * kuser/kdigest.c: print rsp if there is one, from Klas. - - * kdc/digest.c: Use right size, from Klas Lindfors. - - * kuser/kdigest.c: Set client nonce if avaible, from Klas. - - * kdc/digest.c: First version from kllin. - - * kuser/kdigest.c: Don't restrict the type. - -2007-02-01 Love Hörnquist Åstrand - - * kuser/kdigest-commands.in: add --client-response - - * kuser/kdigest.c: Print status instead of response. - - * kdc/digest.c: Better logging and return status = FALSE when - checksum doesn't match. - - * kdc/digest.c: Check the digest response in the KDC. - - * lib/krb5/digest.c: New functions to send in requestResponse to - KDC and get status of the request. - - * kdc/digest.c: Add support for MS-CHAP v2. - - * lib/hdb/hdb-ldap.c: Set hdb->hdb_db for ldap. - -2007-01-31 Love Hörnquist Åstrand - - * fix-export: Make hx509.info too - - * kdc/digest.c: don't verify identifier in CHAP, its the client - that chooses it. - -2007-01-23 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: Basic test of prf. - - * lib/krb5/test_prf.c: Basic test of prf. - - * lib/krb5/mit_glue.c: Add MIT glue for Kerberos RFC 3961 PRF - functions. - - * lib/krb5/crypto.c: Add Kerberos RFC 3961 PRF functions. - - * lib/krb5/krb5_data.3: Document krb5_data_cmp. - - * lib/krb5/data.c: Add krb5_data_cmp. - -2007-01-20 Love Hörnquist Åstrand - - * kdc/kx509.c: Don't use C99 syntax. - -2007-01-17 Love Hörnquist Åstrand - - * configure.in: its LIBADD_roken (and shouldn't really exist, our - libtool usage it broken) - - * configure.in: Add an extra variable for roken, LIBADD, that - should be used for library depencies. - - * lib/krb5/send_to_kdc.c (krb5_sendto): zero out receive buffer. - - * lib/krb5/krb5_init_context.3: fix mdoc errors - - * Heimdal 0.8 branch cut today - - * doc/hx509.texi: Spelling and more about proxy certificates. - - * configure.in: check for arc4random - -2007-01-16 Love Hörnquist Åstrand - - * lib/krb5/send_to_kdc.c (krb5_sendto): zero receive krb5_data - before starting - - * tools/heimdal-build.sh: make cvs keep quiet - - * kuser/kverify.c: Use argument as principal if passed an - argument. Bug report from Douglas E. Engert - -2007-01-15 Love Hörnquist Åstrand - - * lib/krb5/rd_req.c (krb5_rd_req_ctx): The code failed to consider - the enc_tkt_in_skey case, from Douglas E. Engert. - - * kdc/kx509.c: Issue certificates. - - * kdc/config.c: Parse kx509/kca configuration. - - * kdc/kdc.h: add kx509 config - -2007-01-14 Love Hörnquist Åstrand - - * kdc/kerberos5.c (_kdc_find_padata): if there is not padata, - there is nothing find. - - * doc/hx509.texi: Examples for pk-init. - - * doc/hx509.texi: About extending ca lifetime and sub cas. - -2007-01-13 Love Hörnquist Åstrand - - * doc/hx509.texi: More about certificates. - -2007-01-12 Love Hörnquist Åstrand - - * doc/hx509.texi: add Application requirements and write about - xmpp/jabber. - -2007-01-11 Love Hörnquist Åstrand - - * doc/hx509.texi: More about issuing certificates. - - * doc/hx509.texi: Start of a x.509 manual. - - * include/Makefile.am: remove install headerfiles - - * lib/krb5/test_pac.c: Use more interesting data to cause more - errors. - - * include/Makefile.am: remove install headerfiles - - * lib/krb5/mcache.c: MCC_CURSOR not used, remove. - - * lib/krb5/crypto.c: macro kcrypto_oid_enc now longer used - - * lib/krb5/rd_safe.c (krb5_rd_safe): set length before trying to - allocate data - -2007-01-10 Love Hörnquist Åstrand - - * doc/setup.texi: Hint about hxtool validate. - - * appl/test/uu_server.c: print both "server" and "client" - - * kdc/krb5tgs.c: Rename keys to be more obvious what they do. - - * kdc/kerberos5.c: Use other keys to sign PAC with. From Andrew - Bartlett - - * kdc/windc.c: ident, spelling. - - * kdc/windc_plugin.h: indent. - - * kdc/krb5tgs.c: Pass down server entry to verify_pac function. - from Andrew Bartlett - - * kdc/windc.c: pass down server entry to verify_pac function, from - Andrew Bartlett - - * kdc/windc_plugin.h: pass down server entry to verify_pac - function, from Andrew Bartlett - - * configure.in: Provide a automake symbol ENABLE_SHARED if shared - libraries are built. - - * lib/krb5/rd_req.c (krb5_rd_req_ctx): Use the correct keyblock - when verifying the PAC. From Andrew Bartlett. - -2007-01-09 Love Hörnquist Åstrand - - * lib/krb5/test_pac.c: move around to code test on real PAC. - - * lib/krb5/pac.c: A tiny 2 char diffrence that make the code work - for real. - - * lib/krb5/test_pac.c: Test more PAC (note that the values used in - this test is wrong, they have to be fixed when the pac code is - fixed). - - * doc/setup.texi: Update to new hxtool issue-certificate usage - - * lib/krb5/init_creds_pw.c: Make sure we don't sent both ENC-TS - and PK-INIT pa data, no need to expose our password protecting our - PKCS12 key. - - * kuser/klist.c (print_cred_verbose): include ticket length in the - verbose output - -2007-01-08 Love Hörnquist Åstrand - - * lib/krb5/acache.c (loadlib): pass RTLD_LAZY to dlopen, without - it linux is unhappy. - - * lib/krb5/plugin.c (loadlib): pass RTLD_LAZY to dlopen, without - it linux is unhappy. - - * lib/krb5/name-45-test.c: One of the hosts I sometimes uses is - named "bar.domain", this make one of the tests pass when it - shouldn't. - -2007-01-05 Love Hörnquist Åstrand - - * doc/setup.texi: Change --key argument to --out-key. - - * kuser/kimpersonate.1: mangle my name - -2007-01-04 Love Hörnquist Åstrand - - * doc/setup.texi: describe how to use hx509 to create - certificates. - - * tools/heimdal-build.sh: Add --distcheck. - - * kdc/kerberos5.c: Check for KRB5_PADATA_PA_PAC_REQUEST to check - if we should include the PAC in the krbtgt. - - * kdc/pkinit.c (_kdc_as_rep): check if - krb5_generate_random_keyblock failes. - - * kdc/kerberos5.c (_kdc_as_rep): check if - krb5_generate_random_keyblock failes. - - * kdc/krb5tgs.c (tgs_build_reply): check if - krb5_generate_random_keyblock failes. - - * kdc/krb5tgs.c: Scope etype. - - * lib/krb5/rd_req.c: Make it possible to turn off PAC check, its - default on. - - * lib/krb5/rd_req.c (krb5_rd_req_ctx): If there is a PAC, verify - its server signature. - - * kdc/kerberos5.c (_kdc_as_rep): call windc client access hook. - (_kdc_tkt_add_if_relevant_ad): constify in data argument. - - * kdc/windc_plugin.h: More comments add a client_access hook. - - * kdc/windc.c: Add _kdc_windc_client_access. - - * kdc/krb5tgs.c: rename functions after export some more pac - functions. - - * lib/krb5/test_pac.c: export some more pac functions. - - * lib/krb5/pac.c: export some more pac functions. - - * kdc/krb5tgs.c: Resign the PAC in tgsreq if we have a PAC. - - * configure.in: add tests/plugin/Makefile - -2007-01-03 Love Hörnquist Åstrand - - * kdc/krb5tgs.c: Get right key for PAC krbtgt verification. - - * kdc/config.c: spelling - - * lib/krb5/krb5.h: typedef for krb5_pac. - - * kdc/headers.h: Include . - - * kdc/Makefile.am: Include windc.c and use windc_plugin.h - - * kdc/krb5tgs.c: Call callbacks for emulating a Windows Domain - Controller. - - * kdc/kerberos5.c: Call callbacks for emulating a Windows Domain - Controller. Move the some of the log related stuff to its own - function. - - * kdc/config.c: Init callbacks for emulating a Windows Domain - Controller. - - * kdc/windc.c: Rename the init function to windc instead of pac. - - * kdc/windc.c: Callbacks specific to emulating a Windows Domain - Controller. - - * kdc/windc_plugin.h: Callbacks specific to emulating a Windows - Domain Controller. - - * lib/krb5/Makefile.am: add krb5_HEADERS to build_HEADERZ - - * lib/krb5/pac.c: Support all keyed checksum types. - -2007-01-02 Love Hörnquist Åstrand - - * lib/krb5/pac.c (krb5_pac_get_types): Return list of types. - - * lib/krb5/test_pac.c: test krb5_pac_get_types - - * lib/krb5/krbhst.c: Add KRB5_KRBHST_KCA. - - * lib/krb5/krbhst.c: Add KRB5_KRBHST_KCA. - - * lib/krb5/krb5.h: Add KRB5_KRBHST_KCA. - - * lib/krb5/test_pac.c: test Add/remove pac buffer functions. - - * lib/krb5/pac.c: Add/remove pac buffer functions. - - * lib/krb5/pac.c: sprinkle const - - * lib/krb5/pac.c: rename DCHECK to CHECK - - * Happy New Year. + * Happy new year. diff --git a/ChangeLog.2002 b/ChangeLog.2002 index 37fda2e4940a..8101be14737b 100644 --- a/ChangeLog.2002 +++ b/ChangeLog.2002 @@ -663,7 +663,7 @@ * lib/krb5/keytab_keyfile.c (akf_add_entry): don't create the file before we need to write to it - (from Åke Sandgren) + (from Ã…ke Sandgren) 2002-02-14 Johan Danielsson diff --git a/ChangeLog.2003 b/ChangeLog.2003 index 82233515246e..1ffd9dec1889 100644 --- a/ChangeLog.2003 +++ b/ChangeLog.2003 @@ -1,4 +1,4 @@ -2003-12-19 Love Hörnquist Åstrand +2003-12-19 Love Hörnquist Ã…strand * lib/krb5/error_string.c: protect error_string with mutex @@ -6,28 +6,28 @@ * lib/krb5/krb5.h (krb5_context_data): add mutex for error_string -2003-12-18 Love Hörnquist Åstrand +2003-12-18 Love Hörnquist Ã…strand * kuser/kinit.c: make -9 work again -2003-12-17 Love Hörnquist Åstrand +2003-12-17 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c: try handle ts preauth better, still not good, but at least it work with older heimdal releases that doesn't send back KRB5KDC_ERR_PREAUTH_REQUIRED when preauth was sent -2003-12-16 Love Hörnquist Åstrand +2003-12-16 Love Hörnquist Ã…strand * lib/hdb/hdb.asn1: remove enforce-transited-policy, its no longer used -2003-12-11 Love Hörnquist Åstrand +2003-12-11 Love Hörnquist Ã…strand * lib/krb5/pkinit.c (_krb5_pk_create_sign): fill in NULL as parameters, required by CMS -2003-12-07 Love Hörnquist Åstrand +2003-12-07 Love Hörnquist Ã…strand * lib/krb5/get_in_tkt_with_keytab.c (krb5_get_in_tkt_with_keytab): avoid memory leak that snuck in when krb5_keytab_key_proc was @@ -49,12 +49,12 @@ * lib/krb5/auth_context.c: add krb5_auth_con_addflags and krb5_auth_con_removeflags -2003-12-03 Love Hörnquist Åstrand +2003-12-03 Love Hörnquist Ã…strand * lib/krb5/crypto.c (decrypt_internal_derived): move up padsize to avoid memory leak -2003-12-02 Love Hörnquist Åstrand +2003-12-02 Love Hörnquist Ã…strand * lib/krb5/crypto.c: require cipher-text to be padded to padsize @@ -65,7 +65,7 @@ EAI_NODATA, because its depricated in RFC3493 Pointed out by Hajimu UMEMOTO on heimdal-discuss -2003-12-01 Love Hörnquist Åstrand +2003-12-01 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: move test_crypto to noinst_PROGRAMS @@ -73,7 +73,7 @@ * kuser/kinit.c (main): return the return value from simple_execvp -2003-11-26 Love Hörnquist Åstrand +2003-11-26 Love Hörnquist Ã…strand * kuser/kinit.c: don't use PKINIT DH per default since its too slow @@ -86,13 +86,13 @@ * lib/krb5/pkinit.c: clean up error handling, make enc-type work again -2003-11-25 Love Hörnquist Åstrand +2003-11-25 Love Hörnquist Ã…strand * kuser/kinit.c: add flag to make it work with pkinit dh * lib/krb5/pkinit.c: make PKINIT DH support work -2003-11-24 Love Hörnquist Åstrand +2003-11-24 Love Hörnquist Ã…strand * lib/hdb/Makefile.am (LDADD): link with LIB_dlopen @@ -119,7 +119,7 @@ * lib/krb5/pkinit.c: fix bugs, improve error reporting -2003-11-23 Love Hörnquist Åstrand +2003-11-23 Love Hörnquist Ã…strand * kuser/kinit.c: add some "struct foo;" glue for pkinit structures that isn't used @@ -139,22 +139,22 @@ * lib/krb5/heim_threads.h: include pthread.h in the pthread case -2003-11-18 Love Hörnquist Åstrand +2003-11-18 Love Hörnquist Ã…strand * kpasswd/kpasswdd.c (main): parse kdc.conf From: Jeffrey Hutzelman -2003-11-15 Love Hörnquist Åstrand +2003-11-15 Love Hörnquist Ã…strand * lib/krb5/Makefile.am (TESTS): add test_crypto * lib/krb5/test_crypto.c: time crypto operations -2003-11-14 Love Hörnquist Åstrand +2003-11-14 Love Hörnquist Ã…strand * doc/init-creds: spelling, Bruno Rohee -2003-11-09 Love Hörnquist Åstrand +2003-11-09 Love Hörnquist Ã…strand * lib/krb5/rd_req.c (krb5_verify_ap_req2): krb5_free_ticket free the ticket now, rewrite error handling to handle that @@ -170,7 +170,7 @@ * lib/krb5/krb5_ticket.3: krb5_free_ticket free the whole ticket -2003-11-08 Love Hörnquist Åstrand +2003-11-08 Love Hörnquist Ã…strand * lib/krb5/padata.c: add krb5_padata_add @@ -195,7 +195,7 @@ implements -09 of the draft), verify that it conforms the new draft -2003-11-07 Love Hörnquist Åstrand +2003-11-07 Love Hörnquist Ã…strand * lib/asn1/der_copy.c (copy_oid): copy all components @@ -218,7 +218,7 @@ * kdc/config.c: change enforce_transited_policy to a tri-state variable -2003-10-22 Love Hörnquist Åstrand +2003-10-22 Love Hörnquist Ã…strand * lib/krb5/transited.c (krb5_domain_x500_encode): always zero out encoding to make sure it have a defined value on failure @@ -232,7 +232,7 @@ * kdc/kerberos5.c (fix_transited_encoding): always print cross-realm information -2003-10-21 Love Hörnquist Åstrand +2003-10-21 Love Hörnquist Ã…strand * doc/setup.texi: spelling, From: Tracy Di Marco White @@ -249,7 +249,7 @@ * lib/hdb/hdb.asn1: add flag to enforce transited policy -2003-10-21 Love Hörnquist Åstrand +2003-10-21 Love Hörnquist Ã…strand * lib/krb5/transited.c (krb5_domain_x500_decode): set *num_realms to zero not num_realms @@ -281,7 +281,7 @@ the cache at the same time, and there is no simple way to add a timeout to the lock. -2003-10-13 Love Hörnquist Åstrand +2003-10-13 Love Hörnquist Ã…strand * lib/krb5/verify_krb5_conf.c: print the error value krb5_init_context failed with @@ -302,13 +302,13 @@ * kuser/klist.c (print_tickets): bail out if krb5_cc_next_cred returns error other than KRB5_CC_END -2003-10-07 Love Hörnquist Åstrand +2003-10-07 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c: add some help function that is common between ENC_TS and SAM2, free the etype{,2}-infos on failure, move the pa counter into krb5_get_init_creds_ctx -2003-10-06 Love Hörnquist Åstrand +2003-10-06 Love Hörnquist Ã…strand * kdc/kaserver.c (do_getticket): if times data is shorter then 8 byte, request is malformed. @@ -323,13 +323,13 @@ * lib/krb5/verify_krb5_conf.c: parse [kdc]use_2b and [gssapi] -2003-10-04 Love Hörnquist Åstrand +2003-10-04 Love Hörnquist Ã…strand * lib/asn1/lex.l: add BOOLEAN * lib/asn1/parse.y: add BOOLEAN -2003-10-03 Love Hörnquist Åstrand +2003-10-03 Love Hörnquist Ã…strand * kuser/kinit.c: When running kinit in "fork mode" do pagsh independent of krb4, also always do krb4 setup of cc. Always try @@ -374,12 +374,12 @@ * lib/asn1: add boolean support -2003-10-02 Love Hörnquist Åstrand +2003-10-02 Love Hörnquist Ã…strand * lib/krb5/changepw.c (setpw_send_request): free ap_req_data on failure -2003-09-30 Love Hörnquist Åstrand +2003-09-30 Love Hörnquist Ã…strand * appl/test/http_client.c (do_connect): use ai_protocol 0 @@ -402,7 +402,7 @@ * lib/krb5/krb5.h: flags for krb5_krbhst_init_flags (and krb5_send_to_kdc_flags) -2003-09-23 Love Hörnquist Åstrand +2003-09-23 Love Hörnquist Ã…strand * lib/krb5/rd_req.c (krb5_rd_req): if we have a keyblock in auth context, use that @@ -411,7 +411,7 @@ * lib/asn1/asn1_print.c: decode IA5Stringa and UTF8String -2003-09-21 Love Hörnquist Åstrand +2003-09-21 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c: use _krb5_get_init_creds_opt_copy * lib/krb5/init_creds.c: don't export krb5_get_init_creds_opt_copy @@ -420,7 +420,7 @@ * kuser/kinit.c: don't get v4 tickets by default -2003-09-20 Love Hörnquist Åstrand +2003-09-20 Love Hörnquist Ã…strand * kpasswd/kpasswdd.c (process): remove a abort() @@ -432,7 +432,7 @@ defined by RFC3244 -- Microsoft Windows 2000 Kerberos Change Password and Set Password Protocols -2003-09-19 Love Hörnquist Åstrand +2003-09-19 Love Hörnquist Ã…strand * lib/hdb/db3.c: improve readability of ->open ifdef, check if version >= 4.1 @@ -444,7 +444,7 @@ keytab can still pass in the key of the service (matches behavior of MIT Kerberos). -2003-09-18 Love Hörnquist Åstrand +2003-09-18 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c: collect all init_creds context into a structure so it can easier be passed around, also, while here, @@ -460,12 +460,12 @@ * lib/krb5/log.c (log_realloc): increase len after realloc returns sucessfully -2003-09-12 Love Hörnquist Åstrand +2003-09-12 Love Hörnquist Ã…strand * lib/krb5/config_file.c: fix prototypes From: Fredrik Ljungberg -2003-09-10 Love Hörnquist Åstrand +2003-09-10 Love Hörnquist Ã…strand * appl/test/http_client.c: close socket when we are done, don't allow the server to restart gssapi negotiation @@ -486,7 +486,7 @@ * appl/test/Makefile.am: build http_client -2003-09-09 Love Hörnquist Åstrand +2003-09-09 Love Hörnquist Ã…strand * lib/asn1/asn1_print.c: add support for printing Enumerated @@ -502,7 +502,7 @@ * kdc/kerberos5.c (only_older_enctype_p): check request if the client only supports old enctypes, before it used the database -2003-09-08 Love Hörnquist Åstrand +2003-09-08 Love Hörnquist Ã…strand * **/*.c: add context argument to krb5_get_init_creds_opt_alloc @@ -511,7 +511,7 @@ * lib/krb5/krb5_get_init_creds.3: spelling -2003-09-04 Love Hörnquist Åstrand +2003-09-04 Love Hörnquist Ã…strand * lib/krb5/context.c (add_file): make len argument an pointer to an integer @@ -526,7 +526,7 @@ * lib/krb5/krb5.conf.5: document appdefaults/{forward,encrypt} -2003-09-03 Love Hörnquist Åstrand +2003-09-03 Love Hörnquist Ã…strand * lib/krb5/krb5.h: Add key usage for encryption of the SAM-NONCE-OR-SAD field. @@ -597,7 +597,7 @@ * lib/krb5/krb5_locl.h: add struct _krb5_get_init_creds_opt_private -2003-09-02 Love Hörnquist Åstrand +2003-09-02 Love Hörnquist Ã…strand * lib/krb5/krb5.h: add SAM keyusage numbers, add s2k proc typedef, add a pointer to a private part of krb5_get_init_creds_opt @@ -605,7 +605,7 @@ * kdc/string2key.c (main): avoid const warning by using a extra variable -2003-08-31 Love Hörnquist Åstrand +2003-08-31 Love Hörnquist Ã…strand * lib/krb5/ticket.c (krb5_ticket_get_authorization_data_type): reindent @@ -614,18 +614,18 @@ failing, copy data to right memory, the later pointed out by Luke Howard. -2003-08-30 Love Hörnquist Åstrand +2003-08-30 Love Hörnquist Ã…strand * lib/krb5/krb5.h: cfx-01 use diffrent usage numbers -2003-08-29 Love Hörnquist Åstrand +2003-08-29 Love Hörnquist Ã…strand * lib/hdb/db3.c: try to include more db headers * lib/hdb/db3.c: patch for working with DB4 on heimdal-discuss From: Luke Howard -2003-08-28 Love Hörnquist Åstrand +2003-08-28 Love Hörnquist Ã…strand * lib/krb5/krb5.h: add KEYTYPE_ARCFOUR_56 @@ -635,18 +635,18 @@ * lib/asn1/k5.asn1: add KRB5_NT_SMTP_NAME and KRB5_NT_ENTERPRISE -2003-08-27 Love Hörnquist Åstrand +2003-08-27 Love Hörnquist Ã…strand * appl/test/uu_client.c (proto): fill in client in the match cred -2003-08-26 Love Hörnquist Åstrand +2003-08-26 Love Hörnquist Ã…strand * lib/krb5/krb5.h: CFX uses slightly diffrent usage numbers * lib/krb5/crypto.c (usage2arcfour): simplify, only include special cases From: Luke Howard -2003-08-25 Love Hörnquist Åstrand +2003-08-25 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c: code rewrite from Luke Howard @@ -656,7 +656,7 @@ * doc/ack.texi: update Luke Howard email address -2003-08-24 Love Hörnquist Åstrand +2003-08-24 Love Hörnquist Ã…strand * lib/krb5/krb5_encrypt.3: document: krb5_crypto_getconfoundersize, krb5_crypto_getblocksize @@ -666,7 +666,7 @@ krb5_crypto_getconfoundersize): added From: Luke Howard -2003-08-23 Love Hörnquist Åstrand +2003-08-23 Love Hörnquist Ã…strand * kdc/connect.c (handle_tcp): handle recvfrom returning 0 (connection closed) @@ -689,7 +689,7 @@ * lib/asn1/gen.c: s/UTF8String/heim_utf8_string/ in generated code From: Luke Howard -2003-08-21 Love Hörnquist Åstrand +2003-08-21 Love Hörnquist Ã…strand * include/make_crypto.c: include aes.h inc in the local libdes case too @@ -700,7 +700,7 @@ * lib/asn1/gen_free.c: set free'd poiners to NULL -2003-08-20 Love Hörnquist Åstrand +2003-08-20 Love Hörnquist Ã…strand * lib/krb5/heim_threads.h: XXX don't use "plain" pthread support on netbsd @@ -709,7 +709,7 @@ krb5_create_checksum and krb5_verify_checksum, From: Luke Howard -2003-08-18 Love Hörnquist Åstrand +2003-08-18 Love Hörnquist Ã…strand * lib/krb5/test_config.c: check krb5_prepend_config_files_default and krb5_prepend_config_files @@ -717,7 +717,7 @@ * lib/krb5/context.c: add krb5_prepend_config_files and krb5_prepend_config_files_default -2003-08-17 Love Hörnquist Åstrand +2003-08-17 Love Hörnquist Ã…strand * lib/hdb/mkey.c (read_master_mit): krb5_ret_int16 takes a int16_t as argument @@ -743,7 +743,7 @@ with the mit implemtation, don't free `creds' argument when done, its up the the caller to do that, also allow a NULL ccache. -2003-08-16 Love Hörnquist Åstrand +2003-08-16 Love Hörnquist Ã…strand * lib/krb5/krb5.conf.5: document tgs_require_subkey @@ -766,35 +766,35 @@ * kdc/kerberos5.c (*): handle krb5_unparse_name returning non-zero -2003-08-15 Love Hörnquist Åstrand +2003-08-15 Love Hörnquist Ã…strand * lib/krb5/principal.c (unparse_name): len can't be zero, so, don't check for that -2003-08-13 Love Hörnquist Åstrand +2003-08-13 Love Hörnquist Ã…strand * lib/krb5/principal.c (unparse_name): make sure there are space for a NUL, set *name to NULL when there is a failure (so caller can't get hold of a freed pointer) -2003-07-26 Love Hörnquist Åstrand +2003-07-26 Love Hörnquist Ã…strand * lib/krb5/kerberos.8: remove duplicate manual, from cjep@netbsd.org -2003-07-25 Love Hörnquist Åstrand +2003-07-25 Love Hörnquist Ã…strand * lib/krb5/cache.c: indent * lib/krb5/cache.c (krb5_cc_set_default_name): only read KRB5CCNAME when not suid -2003-07-24 Love Hörnquist Åstrand +2003-07-24 Love Hörnquist Ã…strand * lib/krb5/keytab_krb4.c (read_v4_entry): the des key is 8 bytes, use a char array instead of des_cblock -2003-07-23 Love Hörnquist Åstrand +2003-07-23 Love Hörnquist Ã…strand * kdc/kerberos5.c: add support for KRB5_PADATA_ETYPE_INFO2 @@ -802,7 +802,7 @@ memory, update callsites to either return error or use krb5_abortx (krb5_hmac): expose hmac -2003-07-22 Love Hörnquist Åstrand +2003-07-22 Love Hörnquist Ã…strand * lib/krb5/keyblock.c (krb5_keyblock_get_enctype): return enctype of keyblock @@ -845,7 +845,7 @@ error string when there is a context (krb5_checksum_is_collision_proof): ditto -2003-07-21 Love Hörnquist Åstrand +2003-07-21 Love Hörnquist Ã…strand * lib/krb5/mit_glue.c (krb5_c_get_checksum): make type and data argument optional @@ -862,7 +862,7 @@ * lib/krb5/krb5.h: add krb5_enc_data -2003-07-19 Love Hörnquist Åstrand +2003-07-19 Love Hörnquist Ã…strand * lib/krb5/krb5.3: add krb5_c_ functions @@ -880,7 +880,7 @@ only matter for aes, for all other enctypes the key and unkeyed checksum have the same length. -2003-07-18 Love Hörnquist Åstrand +2003-07-18 Love Hörnquist Ã…strand * lib/krb5/mit_glue.c: first version of krb5_c encryption glue @@ -890,11 +890,11 @@ static to avoid warning from dynamic backend when using a known static backend -2003-07-16 Love Hörnquist Åstrand +2003-07-16 Love Hörnquist Ã…strand * lib/krb5/cache.c: don't return value in void function -2003-07-15 Love Hörnquist Åstrand +2003-07-15 Love Hörnquist Ã…strand * lib/krb5/creds.c (krb5_compare_creds): if client is specified in the mcreds, check that too @@ -904,11 +904,11 @@ * lib/asn1: prefix typedefs and structs with heim_ -2003-07-13 Love Hörnquist Åstrand +2003-07-13 Love Hörnquist Ã…strand * lib/hdb/hdb.c: avoid unnecessary setting of variable -2003-07-07 Love Hörnquist Åstrand +2003-07-07 Love Hörnquist Ã…strand * kuser/klist.c (check_for_tgt): use krb5_cc_clear_mcred @@ -923,12 +923,12 @@ * lib/krb5/cache.c (krb5_cc_clear_mcred): new function, clear a krb5_creds to use with krb5_cc_retrieve_cred -2003-06-30 Love Hörnquist Åstrand +2003-06-30 Love Hörnquist Ã…strand * lib/hdb/hdb.c (find_dynamic_method): if there isn't a prefix, don't load anything -2003-06-29 Love Hörnquist Åstrand +2003-06-29 Love Hörnquist Ã…strand * lib/hdb/hdb.c: Dynamic backend loading, based on patch from Luke Howard @@ -936,7 +936,7 @@ * lib/hdb/hdb.h: add struct hdb_so_method and HDB_INTERFACE_VERSION -2003-06-28 Love Hörnquist Åstrand +2003-06-28 Love Hörnquist Ã…strand * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): when using arcfour-hmac-md5, use an unkeyed checksum (rsa-md5), since @@ -956,12 +956,12 @@ * lib/krb5/krb5_kuserok.3: put Nd argument in double quotes since it contains more than 9 words; from wiz -2003-06-25 Love Hörnquist Åstrand +2003-06-25 Love Hörnquist Ã…strand * lib/krb5/verify_krb5_conf.c: add missing " within #if 0, from stefan sokoll -2003-06-24 Love Hörnquist Åstrand +2003-06-24 Love Hörnquist Ã…strand * lib/krb5/krb5_timeofday.3: improve krb5_set_real_time text @@ -973,7 +973,7 @@ * kuser/kinit.c: add -A as an alias for --no-addresses -2003-06-22 Love Hörnquist Åstrand +2003-06-22 Love Hörnquist Ã…strand * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): pass in a krb5_timestamp to krb5_us_timeofday @@ -993,7 +993,7 @@ * lib/asn1/k5.asn1: make the aes and sha1 checksum types match draft-ietf-krb-wg-crypto-05 -2003-06-21 Love Hörnquist Åstrand +2003-06-21 Love Hörnquist Ã…strand * lib/krb5/aes-test.c: add a test for aes kcrypto encrypted data @@ -1004,12 +1004,12 @@ (derive_key): always remove the key->schedule since its will contain the wrong (parent key) info -2003-06-18 Love Hörnquist Åstrand +2003-06-18 Love Hörnquist Ã…strand * lib/krb5/aes-test.c: add aes256 test vectors from Ken Raeburn * doc/setup.texi: add more kdc's to the example -2003-06-17 Love Hörnquist Åstrand +2003-06-17 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c: use int2HDBFlags/HDBFlags2int From: Alberto Patino , Luke Howard @@ -1028,13 +1028,13 @@ * lib/krb5/crypto.c: add _krb5_AES_string_to_default_iterator add krb5_string_to_key_salt_opaque() fix keylengh for keytype_aes256 -2003-06-06 Love Hörnquist Åstrand +2003-06-06 Love Hörnquist Ã…strand * doc/setup.texi: Point out that slave needs /var/heimdal directory and masterkey From: Mans Nilsson , Fix spelling while here -2003-06-02 Love Hörnquist Åstrand +2003-06-02 Love Hörnquist Ã…strand * lib/krb5/Makefile.am, krb5_get_in_cred.3, krb5.3: add manpage for: krb5_get_in_cred, krb5_get_in_tkt, @@ -1052,7 +1052,7 @@ "unsigned" integers. If MSB is set, we need to pad with a zero byte. -2003-05-27 Love Hörnquist Åstrand +2003-05-27 Love Hörnquist Ã…strand * lib/krb5/krb5_c_make_checksum.3: some more mdoc fixes @@ -1062,14 +1062,14 @@ From Alberto Patino -2003-05-26 Love Hörnquist Åstrand +2003-05-26 Love Hörnquist Ã…strand * lib/krb5/*.[0-9]: pacify mdoclink * lib/krb5/krb5_ccache.3: document diffrences between mit and heimdal krb5_cc_gen_new ccache -> credential cache s/[\t ]+$// -2003-05-21 Love Hörnquist Åstrand +2003-05-21 Love Hörnquist Ã…strand * appl/test/gssapi_server.c (proto): start to use gss_krb5_copy_ccache @@ -1077,14 +1077,14 @@ * appl/test/nt_gss_server.c (proto): comment out gss_ctx_id_t groveling for now -2003-05-20 Love Hörnquist Åstrand +2003-05-20 Love Hörnquist Ã…strand * lib/asn1: - add parser/generate glue for UTF8String and NULL (DER primitive encode/decode functions missing) - handle parsing of DEFAULT and, ... -2003-05-16 Love Hörnquist Åstrand +2003-05-16 Love Hörnquist Ã…strand * lib/krb5/heim_threads.h: add missing argument to mutex_init @@ -1097,7 +1097,7 @@ * lib/krb5/heim_threads.h: wrapper macros for thread synchronization primitives -2003-05-15 Love Hörnquist Åstrand +2003-05-15 Love Hörnquist Ã…strand * lib/krb5/krb5_principal.3 lib/krb5/Makefile.am: @@ -1109,7 +1109,7 @@ * lib/krb5/krb5_sname_to_principal.3: remove file * lib/krb5/krb5_principal_get_realm.3: remove file -2003-05-14 Love Hörnquist Åstrand +2003-05-14 Love Hörnquist Ã…strand * lib/krb5/verify_krb5_conf.8: sort sections, from netbsd @@ -1148,7 +1148,7 @@ * kuser/kinit.1: setup -> set up, new sentence, new line from Thomas Klausner -2003-05-13 Love Hörnquist Åstrand +2003-05-13 Love Hörnquist Ã…strand * kpasswd/kpasswd.1: handle setting passwords for multiple principals at the same time @@ -1160,7 +1160,7 @@ rfc3244 share the response packet sure more constants now that they exists -2003-05-12 Love Hörnquist Åstrand +2003-05-12 Love Hörnquist Ã…strand * lib/krb5/krb5.h: some define for rfc3244 @@ -1182,7 +1182,7 @@ * lib/asn1/k5.asn1: add ChangePasswdDataMS, for RFC3244 -2003-05-08 Love Hörnquist Åstrand +2003-05-08 Love Hörnquist Ã…strand * kuser/kdestroy.c: destroy tokens even if there isn't v4 support @@ -1199,7 +1199,7 @@ everything with hex-codes, and cast to unsigned char* to make some compilers happy -2003-05-06 Love Hörnquist Åstrand +2003-05-06 Love Hörnquist Ã…strand * lib/krb5/get_in_tkt.c (make_pa_enc_timestamp): make sure first argument to krb5_us_timeofday have correct type @@ -1208,12 +1208,12 @@ * include/make_crypto.c (main): include aes.h if ENABLE_AES -2003-05-05 Love Hörnquist Åstrand +2003-05-05 Love Hörnquist Ã…strand * make-release: when fixing a valid cvs tag from release name replace all number. to number- for all non-overlapping matches -2003-05-04 Love Hörnquist Åstrand +2003-05-04 Love Hörnquist Ã…strand * lib/asn1/Makefile.am: gen_files += asn1_ETYPE_INFO2.x and asn1_ETYPE_INFO2_ENTRY.x @@ -1231,20 +1231,20 @@ * doc/apps.texi: text about applications using kerberos move afs text here -2003-05-03 Love Hörnquist Åstrand +2003-05-03 Love Hörnquist Ã…strand * doc/setup.texi: add cross realm text -2003-04-29 Love Hörnquist Åstrand +2003-04-29 Love Hörnquist Ã…strand * lib/krb5/krb5_crypto_init.3: document krb5_enctype_to_string and krb5_string_to_enctype -2003-04-28 Love Hörnquist Åstrand +2003-04-28 Love Hörnquist Ã…strand * kdc/v4_dump.c (v4_prop_dump): limit strings length, from openbsd -2003-04-26 Love Hörnquist Åstrand +2003-04-26 Love Hörnquist Ã…strand * lib/krb5/aes-test.c: use _krb5_PKCS5_PBKDF2 * lib/krb5/crypto.c: unexport krb5_PKCS5_PBKDF2 @@ -1267,12 +1267,12 @@ * lib/krb5/krb5.h (krb5_replay_data): make usec signed (matching asn1) -2003-04-24 Love Hörnquist Åstrand +2003-04-24 Love Hörnquist Ã…strand * doc/programming.texi: s/managment/management/, from jmc -2003-04-23 Love Hörnquist Åstrand +2003-04-23 Love Hörnquist Ã…strand * lib/krb5/context.c (default_etypes): also advertise that we handle aes encryption types @@ -1287,11 +1287,11 @@ * lib/asn1/k5.asn1: add ETYPE-INFO2 and ETYPE-INFO2-ENTRY -2003-04-22 Love Hörnquist Åstrand +2003-04-22 Love Hörnquist Ã…strand * lib/krb5/krbhst.c: copy NUL too, from janj@wenf.org via openbsd -2003-04-17 Love Hörnquist Åstrand +2003-04-17 Love Hörnquist Ã…strand * lib/asn1/der_copy.c (copy_general_string): use strdup * lib/asn1/der_put.c: remove sprintf @@ -1303,7 +1303,7 @@ * lib/krb5/test_alname.c: add --version and --help -2003-04-16 Love Hörnquist Åstrand +2003-04-16 Love Hörnquist Ã…strand * lib/krb5/krb5_warn.3: add krb5_get_err_text @@ -1320,7 +1320,7 @@ needs to be defined on the command line, since lex likes to include stdio.h before we get to config.h -2003-04-16 Love Hörnquist Åstrand +2003-04-16 Love Hörnquist Ã…strand * lib/krb5/*.3: Change .Fd #include to .In header.h, from Thomas Klausner @@ -1328,19 +1328,19 @@ * lib/krb5/krb5.conf.5: spelling, from Thomas Klausner -2003-04-15 Love Hörnquist Åstrand +2003-04-15 Love Hörnquist Ã…strand * kdc/kerberos5.c: fix some more memory leaks -2003-04-11 Love Hörnquist Åstrand +2003-04-11 Love Hörnquist Ã…strand * appl/kf/kf.1: spelling, from jmc -2003-04-08 Love Hörnquist Åstrand +2003-04-08 Love Hörnquist Ã…strand * admin/ktutil.8: typos, from jmc -2003-04-06 Love Hörnquist Åstrand +2003-04-06 Love Hörnquist Ã…strand * lib/krb5/krb5.3: s/kerberos/Kerberos/ * lib/krb5/krb5_data.3: s/kerberos/Kerberos/ @@ -1350,7 +1350,7 @@ * kuser/kinit.1: s/kerberos/Kerberos/ * kdc/kdc.8: s/kerberos/Kerberos/ -2003-04-01 Love Hörnquist Åstrand +2003-04-01 Love Hörnquist Ã…strand * lib/krb5/test_alname.c: more krb5_aname_to_localname tests @@ -1372,21 +1372,21 @@ kvno the resulting kvno is going to be. Now two ktutil change in a row works. XXX fix the protocol to pass the kvno back. -2003-03-31 Love Hörnquist Åstrand +2003-03-31 Love Hörnquist Ã…strand * appl/kf/kf.1: afs->AFS, from jmc -2003-03-30 Love Hörnquist Åstrand +2003-03-30 Love Hörnquist Ã…strand * doc/setup.texi: add description on how to turn on v4, 524 and kaserver support -2003-03-29 Love Hörnquist Åstrand +2003-03-29 Love Hörnquist Ã…strand * lib/krb5/verify_krb5_conf.c (appdefaults_entries): add afslog and afs-use-524 -2003-03-28 Love Hörnquist Åstrand +2003-03-28 Love Hörnquist Ã…strand * kdc/kerberos5.c (as_rep): when the second enctype_to_string failes, remember to free memory from the first enctype_to_string @@ -1403,13 +1403,13 @@ * lib/krb5/crypto.c (krb5_enctype_keysize): return key size of encyption type, inspired by Aidan Cully -2003-03-27 Love Hörnquist Åstrand +2003-03-27 Love Hörnquist Ã…strand * lib/krb5/keytab.c (krb5_kt_get_entry): avoid printing 0 (wildcard kvno) after principal when the keytab entry isn't found, reported by Chris Chiappa -2003-03-26 Love Hörnquist Åstrand +2003-03-26 Love Hörnquist Ã…strand * doc/misc.texi: update 2b example to match reality (from mattiasa@e.kth.se) @@ -1417,7 +1417,7 @@ * doc/misc.texi: spelling and add `Configuring AFS clients' subsection -2003-03-25 Love Hörnquist Åstrand +2003-03-25 Love Hörnquist Ã…strand * lib/krb5/krb5.3: add krb5_free_data_contents.3 @@ -1438,15 +1438,15 @@ * kdc/string2key.c: print the used enctype for kerberos 5 keys -2003-03-25 Love Hörnquist Åstrand +2003-03-25 Love Hörnquist Ã…strand * lib/krb5/aes-test.c: add another arcfour test -2003-03-22 Love Hörnquist Åstrand +2003-03-22 Love Hörnquist Ã…strand * lib/krb5/aes-test.c: sneek in a test for arcfour-hmac-md5 -2003-03-20 Love Hörnquist Åstrand +2003-03-20 Love Hörnquist Ã…strand * lib/krb5/krb5_ccache.3: update .Dd @@ -1461,7 +1461,7 @@ change. reported by Iain Moffat @ ufl.edu via Howard Chu -2003-03-19 Love Hörnquist Åstrand +2003-03-19 Love Hörnquist Ã…strand * lib/krb5/krb5_keytab.3: spelling, from @@ -1474,7 +1474,7 @@ * lib/krb5/krb5_auth_context.3: spelling, from -2003-03-18 Love Hörnquist Åstrand +2003-03-18 Love Hörnquist Ã…strand * kuser/Makefile.am: INCLUDES: -I$(srcdir)/../lib/krb5 @@ -1498,7 +1498,7 @@ * kdc/config.c: add --enable-kerberos4-cross-realm option (default to off) -2003-03-17 Love Hörnquist Åstrand +2003-03-17 Love Hörnquist Ã…strand * lib/krb5/Makefile.am (man_MANS) += krb5_aname_to_localname.3 @@ -1507,7 +1507,7 @@ * lib/krb5/krb5_kuserok.3: s/KRB5_USEROK/KRB5_KUSEROK/ -2003-03-16 Love Hörnquist Åstrand +2003-03-16 Love Hörnquist Ã…strand * lib/krb5/Makefile.am (man_MANS): add krb5_set_default_realm.3 @@ -1533,14 +1533,14 @@ * lib/krb5/cache.c (krb5_cc_get_ops): new function, return ops for a id -2003-03-15 Love Hörnquist Åstrand +2003-03-15 Love Hörnquist Ã…strand * doc/intro.texi: add reference to source code, binaries and the manual * lib/krb5/krb5.3: krb5.h isn't in krb5 directory in heimdal -2003-03-14 Love Hörnquist Åstrand +2003-03-14 Love Hörnquist Ã…strand * kdc/kdc.8: better/difrent english @@ -1554,7 +1554,7 @@ * lib/krb5/krb5_ccache.3: add missing name of argument (krb5_context) to most functions -2003-03-13 Love Hörnquist Åstrand +2003-03-13 Love Hörnquist Ã…strand * lib/krb5/kuserok.c (krb5_kuserok): preserve old behviour of function and return FALSE when there isn't a local account for @@ -1563,12 +1563,12 @@ * lib/krb5/krb5_kuserok.3: fix prototype, spelling and more text describing the function -2003-03-12 Love Hörnquist Åstrand +2003-03-12 Love Hörnquist Ã…strand * lib/krb5/cache.c (krb5_cc_default): if krb5_cc_default_name returned memory, don't return ENOMEM -2003-03-11 Love Hörnquist Åstrand +2003-03-11 Love Hörnquist Ã…strand * lib/krb5/krb5.3: add krb5_address stuff and sort @@ -1579,7 +1579,7 @@ * lib/krb5/krb5_address.3: document types krb5_address and krb5_addresses and their helper functions -2003-03-10 Love Hörnquist Åstrand +2003-03-10 Love Hörnquist Ã…strand * lib/krb5/Makefile.am (man_MANS): += krb5_kuserok.3 @@ -1622,20 +1622,20 @@ * lib/krb5/krb5.h (krb5_context_data): add default_cc_name -2003-02-25 Love Hörnquist Åstrand +2003-02-25 Love Hörnquist Ã…strand * appl/kf/kf.1: s/securly/securely/ from NetBSD -2003-02-18 Love Hörnquist Åstrand +2003-02-18 Love Hörnquist Ã…strand * kdc/connect.c: s/intialize/initialize, from -2003-02-17 Love Hörnquist Åstrand +2003-02-17 Love Hörnquist Ã…strand * configure.in: add AM_MAINTAINER_MODE -2003-02-16 Love Hörnquist Åstrand +2003-02-16 Love Hörnquist Ã…strand * **/*.[0-9]: add copyright/licenses on all manpages @@ -1645,35 +1645,35 @@ PA-ENC-TIMESTAMP in the AS-REQ, using the first encryption type specified by the KDC. -2003-02-15 Love Hörnquist Åstrand +2003-02-15 Love Hörnquist Ã…strand * fix-export: some autoconf put their version number in autom4te.cache, so remove autom4te*.cache * fix-export: make sure $1 is a directory -2003-02-04 Love Hörnquist Åstrand +2003-02-04 Love Hörnquist Ã…strand * kpasswd/kpasswdd.8: spelling, from jmc * kdc/kdc.8: spelling, from jmc -2003-01-31 Love Hörnquist Åstrand +2003-01-31 Love Hörnquist Ã…strand * kdc/hpropd.8: s/databases/a database/ s/Not/not/ * kdc/hprop.8: add missing . -2003-01-30 Love Hörnquist Åstrand +2003-01-30 Love Hörnquist Ã…strand * lib/krb5/krb5.conf.5: documentation for of boolean, etypes, address, write out encryption type in sentences, s/Host/host -2003-01-26 Love Hörnquist Åstrand +2003-01-26 Love Hörnquist Ã…strand * lib/asn1/check-gen.c: add checks for Authenticator too -2003-01-25 Love Hörnquist Åstrand +2003-01-25 Love Hörnquist Ã…strand * doc/setup.texi: in the hprop example, use hprop and the first component, not host @@ -1682,7 +1682,7 @@ point-to-point might not have an address, just ignore those. Reported by Harald Barth. -2003-01-23 Love Hörnquist Åstrand +2003-01-23 Love Hörnquist Ã…strand * lib/krb5/verify_krb5_conf.c (check_section): when key isn't found, don't print out all known keys @@ -1713,7 +1713,7 @@ * lib/asn1/check-der.c: move out the generic asn1/der functions to a common file -2003-01-22 Love Hörnquist Åstrand +2003-01-22 Love Hörnquist Ã…strand * doc/misc.texi: more text about afs, how to get get your KeyFile, and how to start use 2b tokens @@ -1726,7 +1726,7 @@ * kuser/kuser_locl.h: include crypto-headers.h for des_read_pw_string prototype -2003-01-16 Love Hörnquist Åstrand +2003-01-16 Love Hörnquist Ã…strand * admin/ktutil.8: document -v, --verbose @@ -1736,7 +1736,7 @@ * admin/copy.c (kt_copy): remove adding verbose_flag to args struct, since it will overrun the args array (from Sumit Bose) -2003-01-15 Love Hörnquist Åstrand +2003-01-15 Love Hörnquist Ã…strand * lib/krb5/krb5.conf.5: write more about [realms] REALM = { kdc = ... } @@ -1770,7 +1770,7 @@ * lib/krb5/krb5.h (krb5_keytype): add KEYTYPE_AES128, KEYTYPE_AES256 -2003-01-14 Love Hörnquist Åstrand +2003-01-14 Love Hörnquist Ã…strand * lib/hdb/common.c (_hdb_fetch): handle error code from hdb_value2entry diff --git a/ChangeLog.2004 b/ChangeLog.2004 index 5e3934256828..47cd799e97fa 100644 --- a/ChangeLog.2004 +++ b/ChangeLog.2004 @@ -1,9 +1,9 @@ -2004-12-30 Love Hörnquist Åstrand +2004-12-30 Love Hörnquist Ã…strand * lib/krb5/Makefile.am (CHECK_SYMBOLS): add heim_ and pkcs7_ for now (used in pkinit) -2004-12-29 Love Hörnquist Åstrand +2004-12-29 Love Hörnquist Ã…strand * lib/hdb/Makefile.am: add CHECK_SYMBOLS @@ -32,7 +32,7 @@ * lib/krb5/krb5.h: add key usage for server referrals -2004-12-29 Love Hörnquist Åstrand +2004-12-29 Love Hörnquist Ã…strand * lib/krb5/principal.c: make default_v4_name_convert static @@ -40,7 +40,7 @@ * lib/krb5/acache.c: make default_acc_name static -2004-12-28 Love Hörnquist Åstrand +2004-12-28 Love Hörnquist Ã…strand * doc/setup.texi: add some text about samba, use example.com @@ -48,24 +48,24 @@ F. Hranicky . Add LDAP_addmod_integer and use it. -2004-12-27 Love Hörnquist Åstrand +2004-12-27 Love Hörnquist Ã…strand * doc/{Makefile.am,setup.texi,win2k.texi}: spelling and text fixes, from Dave Love -2004-12-18 Love Hörnquist Åstrand +2004-12-18 Love Hörnquist Ã…strand * lib/krb5/heim_threads.h: NetBSD 2.99.11 (any maybe 2.1) just needs pthread.h, threadlib is dead -2004-12-17 Love Hörnquist Åstrand +2004-12-17 Love Hörnquist Ã…strand * kdc/config.c (configure): check for deprecated enforce-transited-policy is set and fail if it is * lib/asn1/asn1_print.c: don't print garabage for octet strings -2004-12-13 Love Hörnquist Åstrand +2004-12-13 Love Hörnquist Ã…strand * kdc/main.c (main): catch sigpipe, we don't bother select()ing for errors @@ -81,7 +81,7 @@ * lib/hdb/hdb-ldap.c (pos): uppercase in character -2004-12-12 Love Hörnquist Åstrand +2004-12-12 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c (LDAP__bytes2hex,LDAP__hex2bytes): encode nibbels in the other order @@ -90,7 +90,7 @@ attribute exists before we try to delete it LDAP__bytes2hex encodes in strange byte order, is this really right ? -2004-12-11 Love Hörnquist Åstrand +2004-12-11 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c (LDAP_firstkey): When iterating over all entries, search for samba accounts too, From: "James F. Hranicky" @@ -103,13 +103,13 @@ both krb5PrincipalName and uid, it must be broken, ignore it and return it doesn't exists. -2004-12-10 Love Hörnquist Åstrand +2004-12-10 Love Hörnquist Ã…strand * kdc/hpropd.8: spelling, from OpenBSD * kdc/kdc.8: use keeps for options, From OpenBSD k -2004-12-09 Love Hörnquist Åstrand +2004-12-09 Love Hörnquist Ã…strand * doc/setup.texi: document --random-key and the need to do backup of the master key @@ -118,7 +118,7 @@ * kdc/kstash.c: add --random-key -2004-12-08 Love Hörnquist Åstrand +2004-12-08 Love Hörnquist Ã…strand * lib/krb5/verify_krb5_conf.8: spelling, from openbsd @@ -135,25 +135,25 @@ * kdc/hprop.8: use keeps around options, from OpenBSD -2004-11-30 Love Hörnquist Åstrand +2004-11-30 Love Hörnquist Ã…strand * lib/krb5/context.c (krb5_free_context): clear error string before destroying mutex (krb5_init_context): don't call krb5_free_context before there is a mutex initialized -2004-11-18 Love Hörnquist Åstrand +2004-11-18 Love Hörnquist Ã…strand * kuser/kinit.c (get_new_tickets): only complain about ticket renewable lifetime when the user asked for a specific renewable lifetime -2004-11-15 Love Hörnquist Åstrand +2004-11-15 Love Hörnquist Ã…strand * kdc/kerberos5.c (find_keys): log what principal is missing enctypes -2004-11-13 Love Hörnquist Åstrand +2004-11-13 Love Hörnquist Ã…strand * lib/krb5/get_in_tkt.c (krb5_get_in_cred): clear pointer after freeing data @@ -161,21 +161,21 @@ * lib/krb5/init_creds_pw.c (change_password): handle old_options being NULL From Guenther Deschner on samba-technical. -2004-11-12 Love Hörnquist Åstrand +2004-11-12 Love Hörnquist Ã…strand * lib/krb5/krb5_get_init_creds.3: add more text describing the krb5_get_init_creds functions -2004-11-11 Love Hörnquist Åstrand +2004-11-11 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c: make krb5_get_init_creds_keytab work again -2004-11-10 Love Hörnquist Åstrand +2004-11-10 Love Hörnquist Ã…strand * lib/hdb/hdb.asn1: use constrained integers -2004-11-09 Love Hörnquist Åstrand +2004-11-09 Love Hörnquist Ã…strand * lib/krb5/krb5_get_init_creds.3: add description for opt_init, opt_alloc, opt_free @@ -191,12 +191,12 @@ * lib/krb5/init_creds.c (_krb5_get_init_creds_opt_copy): if the in options NULL, just make a clean copy -2004-11-01 Love Hörnquist Åstrand +2004-11-01 Love Hörnquist Ã…strand * lib/krb5/sendauth.c (krb5_rd_rep): free ap_rep message earlier so we don't leak it on error -2004-10-31 Love Hörnquist Åstrand +2004-10-31 Love Hörnquist Ã…strand * lib/krb5/krb5.conf.5: unbreak 2b entry @@ -204,18 +204,18 @@ sockaddr but rather a kerberos address, deal with that. Based on bug report from Jakob Schlyter . -2004-10-30 Love Hörnquist Åstrand +2004-10-30 Love Hörnquist Ã…strand * kdc/connect.c: Make sure argument passed to ctype isn't signed char -2004-10-14 Love Hörnquist Åstrand +2004-10-14 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: match new error names * lib/krb5/krb5_err.et: make error messages sane again -2004-10-13 Love Hörnquist Åstrand +2004-10-13 Love Hörnquist Ã…strand * lib/krb5/keytab.c: use KRB5_KT_BADNAME @@ -238,7 +238,7 @@ * lib/asn1/lex.l: support hex numbers -2004-10-12 Love Hörnquist Åstrand +2004-10-12 Love Hörnquist Ã…strand * kdc/pkinit.c: use ETYPE_DES3_CBC_NONE_CMS @@ -250,7 +250,7 @@ Requested by Andrew Bartlett for hdb-ldb backend. -2004-10-07 Love Hörnquist Åstrand +2004-10-07 Love Hörnquist Ã…strand * kuser/kinit.c: adapt to new signature of krb5_get_init_creds_opt_set_pkinit @@ -266,7 +266,7 @@ * kuser/klist.c: use rtbl_set_separator -2004-10-03 Love Hörnquist Åstrand +2004-10-03 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: filter out dup openssl engine keys, parse user options first @@ -280,7 +280,7 @@ * kdc/pkinit.c: stop using AlgorithmIdentifierNonOpt -2004-09-30 Love Hörnquist Åstrand +2004-09-30 Love Hörnquist Ã…strand * lib/krb5/krb5.conf.5: assume minutes for time @@ -294,7 +294,7 @@ minute for compatibility with MIT Kerberos. -2004-09-28 Love Hörnquist Åstrand +2004-09-28 Love Hörnquist Ã…strand * lib/krb5/get_cred.c (get_cred_kdc_usage): retry using "large message safe" transport if we get back @@ -319,7 +319,7 @@ * kuser/kinit.c: make sure we don't always get renewable creds -2004-09-11 Love Hörnquist Åstrand +2004-09-11 Love Hörnquist Ã…strand * lib/krb5/acache.c: use krb5_ccapi.h @@ -329,12 +329,12 @@ * lib/krb5/Makefile.am: add AM_CPPFLAGS to libkrb5_la_CPPFLAGS since AM_CPPFLAGS overridden by target specific _CPPFLAGS -2004-09-08 Love Hörnquist Åstrand +2004-09-08 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: make variable shorter, make error messages from pkinit, make freeing easier -2004-09-06 Love Hörnquist Åstrand +2004-09-06 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: link libkrb5 with LIB_dlopen @@ -342,7 +342,7 @@ is uninitialized, make valgrind unhappy. Pointd out by abartlet@samba.org. While where, plug the fd leak. -2004-09-05 Love Hörnquist Åstrand +2004-09-05 Love Hörnquist Ã…strand * lib/asn1/der_get.c (decode_*): name all tag-length variables the same @@ -351,18 +351,18 @@ * lib/asn1/der_get.c (decode_boolean): fail if length of tag is larger then len -2004-08-31 Love Hörnquist Åstrand +2004-08-31 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c (krb5_get_init_creds): kdc_reply can be set in case of failure too, free unconditionally on exit to avoid memory leak -2004-08-23 Love Hörnquist Åstrand +2004-08-23 Love Hörnquist Ã…strand * lib/krb5/get_cred.c (set_auth_data): set pointer to NULL after free -2004-08-20 Love Hörnquist Åstrand +2004-08-20 Love Hörnquist Ã…strand * lib/krb5/context.c (krb5_get_err_text): if neither of com_right nor strerror finds the error-code, return Unknown error. @@ -374,7 +374,7 @@ * lib/krb5/kuserok.c: if a .k5login file exist, don't give implicit rights to anyone; also check owner/mode of .k5login -2004-08-15 Love Hörnquist Åstrand +2004-08-15 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: man_MANS = krb5_getportbyname.3 @@ -386,19 +386,19 @@ * lib/krb5/krb5_encrypt.3: document krb5_enctype_valid -2004-08-13 Love Hörnquist Åstrand +2004-08-13 Love Hörnquist Ã…strand * kdc/kerberos5.c (get_pa_etype_info{,2}): check for dup enctypes from the client and filter them out. * lib/krb5/krb5_string_to_key.3: document krb5_free_salt -2004-08-12 Love Hörnquist Åstrand +2004-08-12 Love Hörnquist Ã…strand * lib/krb5/krb5_ticket.3: data needs to be freed when using krb5_ticket_get_authorization_data_type -2004-08-11 Love Hörnquist Åstrand +2004-08-11 Love Hörnquist Ã…strand * lib/krb5/test_cc.c: test variables in default_cc_name @@ -416,7 +416,7 @@ * lib/krb5/cache.c (krb5_cc_set_default_name): s/libdefault/libdefaults/ -2004-08-06 Love Hörnquist Åstrand +2004-08-06 Love Hörnquist Ã…strand * lib/krb5/acache.c: replace magic 3 with ccapi_version_3 @@ -434,13 +434,13 @@ since its not possible to glue in user information (like uid), but for CCAPI it works just fine -2004-08-05 Love Hörnquist Åstrand +2004-08-05 Love Hörnquist Ã…strand * kuser/kgetcred.1: document --cache/-c * kuser/kgetcred.c: allow to specify what credential cache to use -2004-08-03 Love Hörnquist Åstrand +2004-08-03 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: add krb5_eai_to_heim_errno.3 @@ -450,7 +450,7 @@ * lib/krb5/krb5.3: add krb5_eai_to_heim_errno, krb5_h_errno_to_heim_errno -2004-07-26 Love Hörnquist Åstrand +2004-07-26 Love Hörnquist Ã…strand * lib/krb5/krb5_expand_hostname.3: krb5_expand_hostname_realms result should be free with krb5_free_host_realm drop @@ -483,39 +483,39 @@ * lib/krb5/krb5_get_credentials.3: krb5_get_credentials and friends -2004-07-23 Love Hörnquist Åstrand +2004-07-23 Love Hörnquist Ã…strand * kuser/klist.c (print_cred_verbose): keytypes are no longer, use enctype -2004-07-22 Love Hörnquist Åstrand +2004-07-22 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c (LDAP_entry2mods): allow for pre-c99 compilers, From metze at samba.org -2004-07-20 Love Hörnquist Åstrand +2004-07-20 Love Hörnquist Ã…strand * lib/krb5/test_cc.c: more cc tests * lib/krb5/krb5_check_transited.3: document krb5_check_transited -2004-07-19 Love Hörnquist Åstrand +2004-07-19 Love Hörnquist Ã…strand * kdc/pkinit.c (pk_principal_from_X509): reverse test, makes principal in cert work From: Mayur Patel -2004-07-18 Love Hörnquist Åstrand +2004-07-18 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: add krb5_verify_init_creds.3 * lib/krb5/krb5_verify_init_creds.3: add krb5_verify_init_creds -2004-07-15 Love Hörnquist Åstrand +2004-07-15 Love Hörnquist Ã…strand * lib/krb5/krb5_set_password.3: spelling from wiz@netbsd.org description for krb5_passwd_result_to_string -2004-07-14 Love Hörnquist Åstrand +2004-07-14 Love Hörnquist Ã…strand * lib/krb5/krb5_set_password.3: Remove superfluous comma; grammar fixes; split sentence in two for better understanding. From @@ -527,21 +527,21 @@ * lib/krb5/changepw.c (process_reply): cast ssize_t to long and print that From NetBSD via Havard Eidnes. -2004-07-09 Love Hörnquist Åstrand +2004-07-09 Love Hörnquist Ã…strand * configure.in: fix helpstring for hdb-openldap-module * lib/krb5/test_cc.c: don't use krb5_err on error code 0 -2004-07-08 Love Hörnquist Åstrand +2004-07-08 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c (LDAP_seq): try handling errors better -2004-07-02 Love Hörnquist Åstrand +2004-07-02 Love Hörnquist Ã…strand * lib/krb5/get_in_tkt.c (set_ptypes): make ptypes const -2004-07-01 Love Hörnquist Åstrand +2004-07-01 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c (LDAP__connect): call ldap_initialize with right argument @@ -572,27 +572,27 @@ OtherName of subjectAltName Based on patch from Mayur Patel -2004-06-21 Love Hörnquist Åstrand +2004-06-21 Love Hörnquist Ã…strand * lib/krb5/get_cred.c (init_tgs_req): if subkey not avaible, use session key for authorization-data -2004-06-15 Love Hörnquist Åstrand +2004-06-15 Love Hörnquist Ã…strand * kdc/connect.c (handle_tcp): note who is what that closed the connection on us -2004-06-09 Love Hörnquist Åstrand +2004-06-09 Love Hörnquist Ã…strand * admin/get.c (kt_get): catch errors from krb5_parse_name -2004-06-05 Love Hörnquist Åstrand +2004-06-05 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c: if its the entry just contains the structural object (no samba nor heimdal object), add an aux heimdal object on to it. -2004-06-02 Love Hörnquist Åstrand +2004-06-02 Love Hörnquist Ã…strand * kpasswd/kpasswd.c: use krb5_set_password_using_ccache @@ -611,7 +611,7 @@ * lib/hdb/hdb-ldap.c: indent like the rest of the code -2004-06-01 Love Hörnquist Åstrand +2004-06-01 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c: check return values from ldap operations and close it we get back LDAP_SERVER_DOWN. stupid ldap client lib, you @@ -620,19 +620,19 @@ * lib/hdb/hdb-ldap.c: require search base to be configured, create local context structure -2004-05-31 Love Hörnquist Åstrand +2004-05-31 Love Hörnquist Ã…strand * doc/setup.texi: more ldap text, partly from Tarjei Huse -2004-05-28 Love Hörnquist Åstrand +2004-05-28 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c: clean, indent * lib/hdb/hdb-ldap.c (LDAP_entry2mods): make sure krb5KeyVersionNumber is added on new entires -2004-05-27 Love Hörnquist Åstrand +2004-05-27 Love Hörnquist Ã…strand * doc/setup.texi: minor fixes, partly from Tarjei Huse @@ -642,15 +642,15 @@ * lib/krb5/krb5.conf.5: default value for hdb-ldap-structural-object is account -2004-05-26 Love Hörnquist Åstrand +2004-05-26 Love Hörnquist Ã…strand * tools/Makefile.am: use ! instead of , as sed delimiter -2004-05-25 Love Hörnquist Åstrand +2004-05-25 Love Hörnquist Ã…strand * lib/krb5/*.c: add KRB5_LIB_FUNCTION to all exported functions -2004-05-23 Love Hörnquist Åstrand +2004-05-23 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c: make samba_forwardable a krb5_boolean @@ -667,11 +667,11 @@ case, make sure ent->etypes are allocated, From: Andrew Bartlett -2004-05-14 Love Hörnquist Åstrand +2004-05-14 Love Hörnquist Ã…strand * kuser/kinit.c: move "setpag if (argc < 1)" to common path -2004-05-12 Love Hörnquist Åstrand +2004-05-12 Love Hörnquist Ã…strand * lib/krb5/verify_krb5_conf.c: pacify pre c99 compilers @@ -681,7 +681,7 @@ * kuser/kinit.c: print some diagnostics if the exec fails -2004-04-29 Love Hörnquist Åstrand +2004-04-29 Love Hörnquist Ã…strand * lib/krb5/pkinit.c (pk_rd_pa_reply_dh): use krb5_random_to_key From: Luke Howard @@ -689,11 +689,11 @@ * lib/krb5/rd_req.c (krb5_verify_ap_req2): clear the whole ticket, not just a pointer size of it From: Luke Howard -2004-04-28 Love Hörnquist Åstrand +2004-04-28 Love Hörnquist Ã…strand * fix-export: add -E flag where needed to make-proto -2004-04-26 Love Hörnquist Åstrand +2004-04-26 Love Hörnquist Ã…strand * lib/krb5/crypto.c: add set_param for RC2 @@ -772,7 +772,7 @@ * lib/krb5/store.c (krb5_store_creds): set is_skey flag if length of second ticket is > 0 -2004-04-25 Love Hörnquist Åstrand +2004-04-25 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: use the right oid for pkauthdata @@ -806,7 +806,7 @@ * lib/krb5/{krb5.h,store.c,fcache.c}: Fix the cache flags bitorder issue with a storage flag instead of a separate function. -2004-04-24 Love Hörnquist Åstrand +2004-04-24 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: move out the oid check from get_reply_key @@ -830,7 +830,7 @@ digestAlgorithm to sha1 (both for SignerInfo and SignedData, add new function _set_digest_alg to set it -2004-04-23 Love Hörnquist Åstrand +2004-04-23 Love Hörnquist Ã…strand * include/make_crypto.c: include rc2.h, and when I'm here, make aes mandatory @@ -852,7 +852,7 @@ * lib/krb5/string-to-key-test.c: comment out the "@"/"" test for now -2004-04-22 Love Hörnquist Åstrand +2004-04-22 Love Hörnquist Ã…strand * lib/krb5/krb5_string_to_key.3: document that krb5_string_to_key_derived is broken for non 3des enctypes and @@ -868,7 +868,7 @@ * lib/krb5/krb5_keyblock.3: document krb5_random_to_key -2004-04-21 Love Hörnquist Åstrand +2004-04-21 Love Hörnquist Ã…strand * kdc/pkinit.c: use the first proposed enable enctype @@ -877,28 +877,28 @@ * kdc/pkinit.c: at least try to handle diffrent enveloped enctypes -2004-04-21 Love Hörnquist Åstrand +2004-04-21 Love Hörnquist Ã…strand * lib/asn1/der_get.c: 1.28.2.16: (der_get_oid): handle all oid components being smaller then 127 and allocate one extra element since first byte is split to to elements. -2004-04-20 Love Hörnquist Åstrand +2004-04-20 Love Hörnquist Ã…strand * lib/asn1/k5.asn1: ETYPE_DIGEST_MD5_NONE, ETYPE_CRAM_MD5_NONE: private use, lukeh@padl.com -2004-04-19 Love Hörnquist Åstrand +2004-04-19 Love Hörnquist Ã…strand * lib/krb5/pkinit.c (build_auth_pack): use heim_integer to encode DH public key -2004-04-18 Love Hörnquist Åstrand +2004-04-18 Love Hörnquist Ã…strand * lib/krb5/krb5_init_context.3: add krb5_context to so its added as manpage-link too -2004-04-17 Love Hörnquist Åstrand +2004-04-17 Love Hörnquist Ã…strand * lib/krb5/fcache.c (fcc_remove_cred): simplistic implementation, XXX add locking @@ -913,7 +913,7 @@ * kdc/config.c: merge certificate/private_key to a user_id -2004-04-16 Love Hörnquist Åstrand +2004-04-16 Love Hörnquist Ã…strand * kdc/kdc_locl.h: update prototype for pk_initialize @@ -926,11 +926,11 @@ * kdc/pkinit.c: adapt to heim_integer changes, merge certificate/private_key to a user_id -2004-04-15 Love Hörnquist Åstrand +2004-04-15 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: use KRB5_PADATA_PK_AS_REQ_WIN free X509_STORE -2004-04-13 Love Hörnquist Åstrand +2004-04-13 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: define BUILD_KRB5_LIB when building libkrb5.la, add KRB5_LIB_FUNCTION proto @@ -957,25 +957,25 @@ * lib/krb5/krb5_ccache.3: add krb5_cc_get_prefix_ops -2004-04-05 Love Hörnquist Åstrand +2004-04-05 Love Hörnquist Ã…strand * appl/test/http_client.c: support GSS_C_DELEG_FLAG and GSS_C_MUTUAL_FLAG * appl/test/http_client.c: verbose logging -2004-04-02 Love Hörnquist Åstrand +2004-04-02 Love Hörnquist Ã…strand * kdc/connect.c: case size_t to unsigned long for LP64 platforms -2004-04-01 Love Hörnquist Åstrand +2004-04-01 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c (hdb_ldap_create): allow configuration of default structural object * tools/Makefile.am: handle sed expression breaking -2004-03-31 Love Hörnquist Åstrand +2004-03-31 Love Hörnquist Ã…strand * lib/krb5/krbhst.c: also lookup _kpasswd._tcp SRV-rr @@ -987,7 +987,7 @@ * lib/krb5/krb5_acl_match_file.3: try to pacify mdoc macros on osf/1 -2004-03-30 Love Hörnquist Åstrand +2004-03-30 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c (pa_data_add_pac_request): don't increase md->len, krb5_padata_add already does that @@ -999,11 +999,11 @@ * kdc/kerberos4.c: stop the client from renewing tickets into the future From: Jeffrey Hutzelman -2004-03-29 Love Hörnquist Åstrand +2004-03-29 Love Hörnquist Ã…strand * configure.in: try to handle sys/strtty.h needing sys/stream.h -2004-03-23 Love Hörnquist Åstrand +2004-03-23 Love Hörnquist Ã…strand * lib/krb5/send_to_kdc.c: remove function krb5_sendto_kdc2, its no longer used @@ -1018,11 +1018,11 @@ * lib/krb5/mk_req_ext.c: unexport krb5_mk_req_internal to external users by prefixing it with _ -2004-03-22 Love Hörnquist Åstrand +2004-03-22 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: add missing } -2004-03-21 Love Hörnquist Åstrand +2004-03-21 Love Hörnquist Ã…strand * kdc/pkinit.c: adapt to change of signature of _krb5_pk_load_openssl_id @@ -1076,7 +1076,7 @@ * lib/krb5/krb5_ticket.3: document krb5_ticket_get_authorization_data_type -2004-03-20 Love Hörnquist Åstrand +2004-03-20 Love Hörnquist Ã…strand * lib/krb5/aes-test.c: remove #if 0'ed code @@ -1157,7 +1157,7 @@ make it not fall over when no non matching acl, make fnmatch matching useful by switching arguments -2004-03-19 Love Hörnquist Åstrand +2004-03-19 Love Hörnquist Ã…strand * kdc/config.c: add --builtin-hdb command @@ -1176,7 +1176,7 @@ * lib/krb5/krb5.conf.5: add a bunch of Li and document [kadmin] password_lifetime; from Henry B. Hotz -2004-03-14 Love Hörnquist Åstrand +2004-03-14 Love Hörnquist Ã…strand * lib/krb5/mk_rep.c (krb5_mk_rep): if KRB5_AUTH_CONTEXT_USE_SUBKEY is set send subkey @@ -1184,13 +1184,13 @@ * lib/krb5/krb5.h: add KRB5_AUTH_CONTEXT_USE_SUBKEY -2004-03-14 Love Hörnquist Åstrand +2004-03-14 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c: clean up error handling, plug memory leaks, and free memory in error path, assume realloc(NULL, ...) works, factor out common code, indent -2004-03-12 Love Hörnquist Åstrand +2004-03-12 Love Hörnquist Ã…strand * lib/krb5/verify_krb5_conf.c: understand [password_quality] spelling @@ -1199,12 +1199,12 @@ * kuser/kgetcred.c: add --canonicalize -2004-03-10 Love Hörnquist Åstrand +2004-03-10 Love Hörnquist Ã…strand * lib/krb5/fcache.c (fcc_store_cred): NULL terminate krb5_config_get_bool_default' arglist -2004-03-09 Love Hörnquist Åstrand +2004-03-09 Love Hörnquist Ã…strand * kdc/kerberos5.c: add missing req argument to pk_mk_pa_reply @@ -1234,7 +1234,7 @@ * lib/krb5/store.c (krb5_ret_creds): Runtime detect the what is the higher bits of the bitfield -2004-03-08 Love Hörnquist Åstrand +2004-03-08 Love Hörnquist Ã…strand * lib/krb5/store.c (krb5_store_creds): add disabled code that store the ticket flags in reverse order @@ -1244,7 +1244,7 @@ are set, its a mit cache, reverse the bits, bug pointed out by Sergio Gelato -2004-03-07 Love Hörnquist Åstrand +2004-03-07 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c: use macro for HDB * -> LDAP * @@ -1280,7 +1280,7 @@ * lib/asn1/k5.asn1: drop SMTP_NAME -2004-03-06 Love Hörnquist Åstrand +2004-03-06 Love Hörnquist Ã…strand * lib/hdb/Makefile.am: support building ldap backend as module sort asn1 hdb files @@ -1300,7 +1300,7 @@ the original data test case from Ronnie Sahlberg -2004-03-03 Love Hörnquist Åstrand +2004-03-03 Love Hörnquist Ã…strand * lib/krb5/test_cc.c: more cc tests, mostly related to mcc behavior @@ -1312,7 +1312,7 @@ as dead since that doesn't always work. Based on patch from Jeffrey Hutzelman , tweeked by me -2004-02-22 Love Hörnquist Åstrand +2004-02-22 Love Hörnquist Ã…strand * kdc/pkinit.c: adapt to rename of oid_cmp to heim_oid_cmp @@ -1323,7 +1323,7 @@ * doc/setup.texi: add text about hostname to realm mapping using DNS -2004-02-20 Love Hörnquist Åstrand +2004-02-20 Love Hörnquist Ã…strand * kdc/pkinit.c: update error codes @@ -1331,7 +1331,7 @@ * lib/krb5/pkinit.c: update error codes -2004-02-19 Love Hörnquist Åstrand +2004-02-19 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: indent, use krb5_abortx() instead of abort() @@ -1342,7 +1342,7 @@ * lib/krb5/fcache.c (_krb5_xlock): handle that everything was ok, and don't put an error in the error strings then -2004-02-13 Love Hörnquist Åstrand +2004-02-13 Love Hörnquist Ã…strand * kdc/pkinit.c: s/heim_big_integer/heim_integer/ @@ -1355,18 +1355,18 @@ * lib/krb5/heim_err.et: add HEIM_PKINIT specific errors -2004-02-12 Love Hörnquist Åstrand +2004-02-12 Love Hörnquist Ã…strand * configure.in: rename AC_WFLAGS to rk_WFLAGS * acinclude.m4: use m4_define, over-quote string -2004-02-11 Love Hörnquist Åstrand +2004-02-11 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c (change_password): handle that printf("%.*s", 0, (void*)NULL); doesn't work on solaris -2004-02-10 Love Hörnquist Åstrand +2004-02-10 Love Hörnquist Ã…strand * kpasswd/kpasswd.c (change_password): handle that printf("%.*s", 0, (void*)NULL); doesn't work on solaris @@ -1375,7 +1375,7 @@ some locate.updatedb, use FILES section to describe where the file is instead. -2004-02-07 Love Hörnquist Åstrand +2004-02-07 Love Hörnquist Ã…strand * lib/asn1/check-der.c: test for "der_length.c: Fix len_unsigned for certain negative integers, it got the length wrong" , from @@ -1393,7 +1393,7 @@ * configure.in: Check for sys/socket.h, net/if.h. Modify term.h, security/pam_appl.h tests. -2004-02-03 Love Hörnquist Åstrand +2004-02-03 Love Hörnquist Ã…strand * lib/asn1/check-gen.c: test for: (length_type): TSequenceOf: add up the size of all the elements, don't use just the size of the @@ -1431,11 +1431,11 @@ * lib/krb5/build_ap_req.c (krb5_build_ap_req): abort on internal asn1 encode error -2004-01-30 Love Hörnquist Åstrand +2004-01-30 Love Hörnquist Ã…strand * doc/setup.texi: some text about order of [capaths] realms -2004-01-25 Love Hörnquist Åstrand +2004-01-25 Love Hörnquist Ã…strand * lib/krb5/context.c: register WRFILE ops @@ -1446,30 +1446,30 @@ * kpasswd/kpasswdd.c (change): use the right password when changing the password -2004-01-21 Love Hörnquist Åstrand +2004-01-21 Love Hörnquist Ã…strand * lib/krb5/fcache.c (_krb5_xlock): catch EINVAL and assume that it means that the filesystem doesn't support locking * lib/krb5/keytab.c: remove #if 0 out file locking code -2004-01-19 Love Hörnquist Åstrand +2004-01-19 Love Hörnquist Ã…strand * lib/asn1/gen_length.c (length_type): TSequenceOf: add up the size of all the elements, don't use just the size of the last element. -2004-01-13 Love Hörnquist Åstrand +2004-01-13 Love Hörnquist Ã…strand * kuser/kinit.c (renew_validate): if renewable_flag and not time specifed, use "1 month" -2004-01-08 Love Hörnquist Åstrand +2004-01-08 Love Hörnquist Ã…strand * lib/krb5/krb5_keyblock.3: add prototypes, describe krb5_keyblock_zero -2004-01-05 Love Hörnquist Åstrand +2004-01-05 Love Hörnquist Ã…strand * lib/krb5/get_for_creds.c (add_addrs): don't add same address multiple times diff --git a/ChangeLog.2005 b/ChangeLog.2005 index 8c84b1c5c385..a594d092404c 100644 --- a/ChangeLog.2005 +++ b/ChangeLog.2005 @@ -1,16 +1,16 @@ -2005-12-15 Love Hörnquist Åstrand +2005-12-15 Love Hörnquist Ã…strand * kdc/kerberos5.c (tgs_make_reply): less const on hdb_entry_ex to make samba happy * fix-export: Build kdc-private.h. -2005-12-14 Love Hörnquist Åstrand +2005-12-14 Love Hörnquist Ã…strand * kdc/kerberos5.c (tgs_rep2): also print the principal for which the enctype was missing -2005-12-13 Love Hörnquist Åstrand +2005-12-13 Love Hörnquist Ã…strand * kdc/kaserver.c: Finish up transition from hdb_entry to hdb_entry_ex. @@ -35,7 +35,7 @@ * lib/hdb/db.c: memset hdb_entry_ex before use -2005-12-12 Love Hörnquist Åstrand +2005-12-12 Love Hörnquist Ã…strand * lib/krb5/krb5.3: Add some more entrypoints. @@ -66,11 +66,11 @@ * Makefile.am: Split long line - * doc/apps.texi: Spelling, From Måns Nilsson. + * doc/apps.texi: Spelling, From MÃ¥ns Nilsson. - * doc/install.texi: spelling, From Måns Nilsson + * doc/install.texi: spelling, From MÃ¥ns Nilsson -2005-12-11 Love Hörnquist Åstrand +2005-12-11 Love Hörnquist Ã…strand * lib/krb5/krb5_principal.3: Constify principal argument to on krb5_principal_get_ functions. @@ -78,12 +78,12 @@ * lib/krb5/principal.c: Constify principal argument to on krb5_principal_get_ functions. -2005-12-08 Love Hörnquist Åstrand +2005-12-08 Love Hörnquist Ã…strand * lib/hdb: drop convert_db, 0.0 to 0.1 transition was a long long time ago -2005-12-05 Love Hörnquist Åstrand +2005-12-05 Love Hörnquist Ã…strand * lib/krb5/test_keytab.c: more tests, From Andrew Bartlet @@ -91,7 +91,7 @@ NULL on success in the case 0 entries are allocated, From Andrew Bartlet -2005-12-02 Love Hörnquist Åstrand +2005-12-02 Love Hörnquist Ã…strand * lib/krb5/acl.c (acl_parse_format): tmp needs to be freed too on failure to parse format specifier. @@ -105,9 +105,9 @@ * lib/krb5/derived-key-test.c: Free more of the allocated memory. -2005-12-01 Love Hörnquist Åstrand +2005-12-01 Love Hörnquist Ã…strand - * doc/setup.texi: spelling, From Måns Nilsson + * doc/setup.texi: spelling, From MÃ¥ns Nilsson * lib/krb5/krb5_keytab.3: Memory keytab are now named and refcounted. @@ -117,7 +117,7 @@ * lib/krb5/keytab_memory.c: Index by name and start reference counting on entries. -2005-11-30 Love Hörnquist Åstrand +2005-11-30 Love Hörnquist Ã…strand * lib/krb5/krb5.h (krb5_address_type): add KRB5_ADDRESS_NETBIOS (20) @@ -131,7 +131,7 @@ * kcm/connect.c (kcm_loop): Use HAVE_DOOR_CREATE, not HAVE_DOORS. -2005-11-29 Love Hörnquist Åstrand +2005-11-29 Love Hörnquist Ã…strand * lib/krb5/verify_krb5_conf.c (libdefaults_entries): add default_cc_name @@ -162,7 +162,7 @@ * lib/hdb/db.c (hdb_db_create): use calloc to allocate memory -2005-11-28 Love Hörnquist Åstrand +2005-11-28 Love Hörnquist Ã…strand * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): use session key for delegated credentials @@ -170,41 +170,41 @@ * kdc/kerberos5.c (_kdc_as_rep): add comment when we send ETYPE-INFO and ETYPE-INFO2, from Andrew Bartlett -2005-11-25 Love Hörnquist Åstrand +2005-11-25 Love Hörnquist Ã…strand * lib/krb5/keytab.c (krb5_kt_get_full_name): new function -2005-11-24 Love Hörnquist Åstrand +2005-11-24 Love Hörnquist Ã…strand * lib/krb5/test_crypto.c: Split encryption and s2k iterations to diffrent counters, 38seconds of aes256 s2k is way too long. * lib/krb5/test_crypto.c: Add timing code for s2k function. -2005-11-07 Love Hörnquist Åstrand +2005-11-07 Love Hörnquist Ã…strand * kdc/kerberos5.c: Print the time the principal expired, based on patch from Andrew Bartlett. -2005-11-01 Love Hörnquist Åstrand +2005-11-01 Love Hörnquist Ã…strand * lib/krb5/cache.c (krb5_cc_get_full_name): Add -2005-11-01 Love Hörnquist Åstrand +2005-11-01 Love Hörnquist Ã…strand * configure.in: Spelling, From Michael Banck -2005-10-30 Love Hörnquist Åstrand +2005-10-30 Love Hörnquist Ã…strand * kcm/headers.h: Maybe include . -2005-10-27 Love Hörnquist Åstrand +2005-10-27 Love Hörnquist Ã…strand * lib/krb5/ticket.c (krb5_ticket_get_authorization_data_type): understand KRB5_AUTHDATA_IF_RELEVANT and KRB5_AUTHDATA_AND_OR (but have KRB5_AUTHDATA_KDC_ISSUED commented out for now) -2005-10-26 Love Hörnquist Åstrand +2005-10-26 Love Hörnquist Ã…strand * kuser/klist.c: In the list caches view, rename the Status field to Expires. @@ -212,13 +212,13 @@ * lib/krb5/krb5_encrypt.3: Fix mdoc for krb5_encrypt_EncryptedData, Johnny Lam -2005-10-25 Love Hörnquist Åstrand +2005-10-25 Love Hörnquist Ã…strand * appl/test/gssapi_client.c: Check return value from asprintf instead of string != NULL since it undefined behavior on - Linux. From Björn Sandell + Linux. From Björn Sandell -2005-10-21 Love Hörnquist Åstrand +2005-10-21 Love Hörnquist Ã…strand * lib/krb5/pkinit.c (_krb5_dh_group_ok): if not enough bits are generated from the DH groups, fail. @@ -231,12 +231,12 @@ * kdc/kdc.h: Add pkinit_dh_min_bits to krb5_kdc_configuration. -2005-10-20 Love Hörnquist Åstrand +2005-10-20 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: Add option to require binding between reply and response for the win2k version of the protocol. -2005-10-19 Love Hörnquist Åstrand +2005-10-19 Love Hörnquist Ã…strand * doc/programming.texi: Text about Kerberos errors. @@ -258,17 +258,17 @@ * lib/krb5/krb5_ccache.3: Add krb5_cc_start_seq_get and an example. -2005-10-18 Love Hörnquist Åstrand +2005-10-18 Love Hörnquist Ã…strand * doc/programming.texi: Try to explain krb5_ccache, krb5_principal and errors. -2005-10-13 Love Hörnquist Åstrand +2005-10-13 Love Hörnquist Ã…strand * lib/krb5/krb5_get_credentials.3: Add example how to use krb5_get_credentials. -2005-10-12 Love Hörnquist Åstrand +2005-10-12 Love Hörnquist Ã…strand * lib/krb5/init_creds.c: Rename private to opt_private. @@ -280,7 +280,7 @@ * lib/krb5/krb5.h (krb5_get_init_creds_opt): rename element private to opt_private to make c++ picky compilers less upset. -2005-10-08 Love Hörnquist Åstrand +2005-10-08 Love Hörnquist Ã…strand * lib/krb5/krbhst.c (_krb5_krbhost_info_move): new function (_krb5_free_krbhst_info): expose to internal use @@ -292,7 +292,7 @@ rename COMPAT_27 to COMPAT_IETF, pass down a krb5_krbhst_info for verification of KDC info, and general cleaning up. -2005-10-07 Love Hörnquist Åstrand +2005-10-07 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: Install krb5.moduli in sysconfdir. @@ -324,14 +324,14 @@ * lib/krb5/pkinit.c: Add support for reading a moduli-file for DH parameters. -2005-10-06 Love Hörnquist Åstrand +2005-10-06 Love Hörnquist Ã…strand * kuser/klist.1: Document --list-caches * kuser/klist.c: Change short flag of --list-caches to -l (-v is already used). -2005-10-03 Love Hörnquist Åstrand +2005-10-03 Love Hörnquist Ã…strand * lib/krb5/kerberos.8: RFC 1510 was obsoleted by 4120. @@ -340,11 +340,11 @@ (acc_get_cache_first): don't leak memory or abort on malloc failure -2005-10-02 Love Hörnquist Åstrand +2005-10-02 Love Hörnquist Ã…strand * lib/krb5/kerberos.8: Update text about Kerberos RFC's. -2005-10-01 Love Hörnquist Åstrand +2005-10-01 Love Hörnquist Ã…strand * kuser/klist.c: Add option --list-caches that lists the avaible caches and their status. @@ -356,7 +356,7 @@ lha/root@SU.SE 0 Expired lha@N.L.NXS.SE Initial default ccache Expired -2005-09-30 Love Hörnquist Åstrand +2005-09-30 Love Hörnquist Ã…strand * lib/krb5/keytab_keyfile.c: Use all DES keys, not just des-cbc-md5, verify that they all are the same. @@ -372,7 +372,7 @@ * lib/krb5/krb5.h (krb5_cc_ops): add cache iteration functions -2005-09-25 Love Hörnquist Åstrand +2005-09-25 Love Hörnquist Ã…strand * lib/krb5/krb5_mk_req.3: Remove leftovers, remove extra space. @@ -385,18 +385,18 @@ store it though), don't check the oid of the DH signedData for now. -2005-09-22 Love Hörnquist Åstrand +2005-09-22 Love Hörnquist Ã…strand * lib/krb5/rd_cred.c (krb5_rd_cred): try both the session key and the sender subkey. Both RFC1510 and RFC4120 say that you have to use the session key, Heimdal uses subkey. -2005-09-21 Love Hörnquist Åstrand +2005-09-21 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: Don't check oid's too closely, they change in Windows Vista. -2005-09-20 Love Hörnquist Åstrand +2005-09-20 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: Disable sending -19, fix parsing -27 of the protocol. @@ -406,7 +406,7 @@ * lib/krb5/pkinit.c (pk_verify_chain_standard): set cert to NULL to make sure its not freed. -2005-09-19 Love Hörnquist Åstrand +2005-09-19 Love Hörnquist Ã…strand * lib/krb5/crypto.c (krb5_DES_string_to_key): If the opaque length it set to 1, and content is 0x01, use the afs3 string-to-key. @@ -417,17 +417,17 @@ * lib/krb5/kcm.c: Remove signedness warnings. -2005-09-15 Love Hörnquist Åstrand +2005-09-15 Love Hörnquist Ã…strand * configure.in: Use libtool's default values for building shared/static libaries, ie remove AC_ENABLE_SHARED(no), solves building problems users have on Mac OS X. -2005-09-08 Love Hörnquist Åstrand +2005-09-08 Love Hörnquist Ã…strand * lib/krb5/changepw.c: Constify password. -2005-09-05 Love Hörnquist Åstrand +2005-09-05 Love Hörnquist Ã…strand * lib/krb5/krb5_mk_req.3: Document krb5_rd_req. @@ -438,16 +438,16 @@ krb5_mk_rep, krb5_mk_rep_exact, krb5_mk_rep_extended, krb5_rd_rep, krb5_build_ap_req, krb5_verify_ap_req. -2005-09-01 Love Hörnquist Åstrand +2005-09-01 Love Hörnquist Ã…strand * kdc/kerberos5.c (make_etype_info_entry): Dont send salttype at all, use KRB5-PADATA-AFS3-SALT -2005-08-31 Love Hörnquist Åstrand +2005-08-31 Love Hörnquist Ã…strand * kdc/kerberos5.c (log_timestamp): endtime, not endtype -2005-08-30 Love Hörnquist Åstrand +2005-08-30 Love Hörnquist Ã…strand * configure.in: Check for . @@ -456,7 +456,7 @@ * kcm/headers.h: include -2005-08-27 Love Hörnquist Åstrand +2005-08-27 Love Hörnquist Ã…strand * lib/krb5/rd_req.c (check_transited): Allow empty content of type 0 because that is was Microsoft generates in their TGT. @@ -464,15 +464,15 @@ * kdc/kerberos5.c (fix_transited_encoding): Allow empty content of type 0 because that is was Microsoft enerates in their TGT. -2005-08-26 Love Hörnquist Åstrand +2005-08-26 Love Hörnquist Ã…strand * doc/intro.texi: RFC 4120 replaces RFC 1510 -2005-08-25 Love Hörnquist Åstrand +2005-08-25 Love Hörnquist Ã…strand * configure.in: Add --disable-afs-support. -2005-08-23 Love Hörnquist Åstrand +2005-08-23 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: Add test_hostname to check_PROGRAMS but not TESTS, I have no same dns to use. @@ -492,29 +492,29 @@ krb5_config_free_strings (nothing). Mdoc nit. -2005-08-22 Love Hörnquist Åstrand +2005-08-22 Love Hörnquist Ã…strand * kuser/klist.c (check_for_tgt): Re-order code so it only free the credential if one was returned. * lib/krb5/test_crypto_wrapping.c: Fix printing of size_t. -2005-08-19 Love Hörnquist Åstrand +2005-08-19 Love Hörnquist Ã…strand * lib/hdb/dbinfo.c: provide interface to find databases * lib/hdb/mkey.c: hdb_seal_key_mkey): dont double encrypt keys -2005-08-15 Love Hörnquist Åstrand +2005-08-15 Love Hörnquist Ã…strand * kdc/kdc_locl.h: Update prototype for _kdc_pk_mk_pa_reply. -2005-08-13 Love Hörnquist Åstrand +2005-08-13 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c: Save the request buffer so that pre-auth mechanism that needs it can verify the reply. -2005-08-12 Love Hörnquist Åstrand +2005-08-12 Love Hörnquist Ã…strand * lib/krb5/test_mem.c: Rename logf to avoid shadowing. @@ -548,7 +548,7 @@ * kdc/kerberos5.c (_kdc_as_rep): Pass down the request buffer to _kdc_pk_mk_pa_reply. -2005-08-11 Love Hörnquist Åstrand +2005-08-11 Love Hörnquist Ã…strand * lib/hdb/ext.c: HDB extensions access glue. @@ -570,7 +570,7 @@ * lib/hdb/hdb.asn1: Add support for HDB-extension. -2005-08-10 Love Hörnquist Åstrand +2005-08-10 Love Hörnquist Ã…strand * lib/krb5/test_pkinit_dh2key.c: add tests vectors from "Liqiang(Larry) Zhu" @@ -579,7 +579,7 @@ * lib/krb5/test_pkinit_dh2key.c: even more bits, not done yet -2005-08-09 Love Hörnquist Åstrand +2005-08-09 Love Hörnquist Ã…strand * kdc/kerberos5.c (_kdc_as_rep): preserve the error code in the ENC-TS case. From: Andrew Bartlett @@ -603,11 +603,11 @@ instead of letting them slip though to d->cursor. Bug repport from Andrew Bartlett -2005-07-29 Love Hörnquist Åstrand +2005-07-29 Love Hörnquist Ã…strand * kdc/Makefile.am (kdc_LDADD): add LDADD -2005-07-28 Love Hörnquist Åstrand +2005-07-28 Love Hörnquist Ã…strand * kdc/kerberos5.c (_kdc_as_rep): log what enctypes was using in ENC-TS preauth, both for failure and success. @@ -621,15 +621,15 @@ keyusage 0 in case the key was encrypted with MIT Kerberos (old patch from Johan) -2005-07-26 Love Hörnquist Åstrand +2005-07-26 Love Hörnquist Ã…strand * kdc/pkinit.c: update to pkinit-27 -2005-07-23 Love Hörnquist Åstrand +2005-07-23 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: Adapt to IMPLICIT changes in CMS module. -2005-07-20 Love Hörnquist Åstrand +2005-07-20 Love Hörnquist Ã…strand * lib/krb5/test_pkinit_dh2key.c: framework for testing _krb5_pk_octetstring2key @@ -643,18 +643,18 @@ * lib/krb5/crypto.c (_krb5_pk_octetstring2key): make sha1 output unsigned char to match openssl -2005-07-14 Love Hörnquist Åstrand +2005-07-14 Love Hörnquist Ã…strand * lib/hdb/common.c: Check encoder lengths from ASN1_MALLOC_ENCODE. -2005-07-13 Love Hörnquist Åstrand +2005-07-13 Love Hörnquist Ã…strand * lib/krb5/rd_cred.c (krb5_rd_cred): don't leak memory * lib/krb5/get_cred.c (krb5_get_credentials_with_flags): only call krb5_cc_retrieve_cred once, and plug memory leak. -2005-07-13 Love Hörnquist Åstrand +2005-07-13 Love Hörnquist Ã…strand * lib/hdb/Makefile.am: the new asn.1 compiler includes the modules name in the depend file @@ -667,7 +667,7 @@ * lib/krb5/crypto.c (_krb5_pk_octetstring2key): fix arguments -2005-07-12 Love Hörnquist Åstrand +2005-07-12 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: clean up pk-init DH support, not finished yet; improve error reporting @@ -684,11 +684,11 @@ support for tags. This compiler support most of what is needed for PK-INIT, LDAP, X.509, PKCS-12 and many other protocols. -2005-07-10 Love Hörnquist Åstrand +2005-07-10 Love Hörnquist Ã…strand * lib/asn1: make scope variables unique to avoid shadow warnings -2005-07-09 Love Hörnquist Åstrand +2005-07-09 Love Hörnquist Ã…strand * lib/krb5/krb5.h: comment out paramenter name in typedef functions to avoid shadow warnings @@ -711,7 +711,7 @@ * lib/krb5/test_crypto.c (time_encryption): free cleartext buffer -2005-07-08 Love Hörnquist Åstrand +2005-07-08 Love Hörnquist Ã…strand * configure.in: run AM_INIT_AUTOMAKE before AM_PROG_CC_C_O otherwise am_aux_dir will be expanded using ac_aux_dir before the @@ -724,7 +724,7 @@ * configure.in: add AM_PROG_CC_C_O for automake 1.9 -2005-07-06 Love Hörnquist Åstrand +2005-07-06 Love Hörnquist Ã…strand * lib/krb5/keytab.c (krb5_kt_get_entry): clear error string when returning a new error @@ -735,7 +735,7 @@ * lib/krb5/verify_init.c (krb5_verify_init_creds): `entry' unused, remove From: "Henry B. Hotz" -2005-07-05 Love Hörnquist Åstrand +2005-07-05 Love Hörnquist Ã…strand * doc/win2k.texi: arcfour-hmac-md5 support for windows cross was added in w2k3-sp1 From David Love @@ -747,7 +747,7 @@ * fix-export: build kdc-protos.h -2005-07-01 Love Hörnquist Åstrand +2005-07-01 Love Hörnquist Ã…strand * kdc: prefix pkinit symbols with _kdc @@ -757,7 +757,7 @@ * kdc: adapt pkinit code to libkdc split -2005-06-30 Love Hörnquist Åstrand +2005-06-30 Love Hörnquist Ã…strand * tools/Makefile.am: add depency on LIB_dlopen and LIB_door_create @@ -781,7 +781,7 @@ * configure.in: add --disable-afs-string-to-key to allow removal of support for afs string2key (and dependency on crypt) -2005-06-29 Love Hörnquist Åstrand +2005-06-29 Love Hörnquist Ã…strand * kdc/kerberos5.c: Add logging of all timestamps in AS-REQ and TGS-REQ, for auditing @@ -798,11 +798,11 @@ * kcm/connect.c: don't send socket address in msghdr, it returns an already connected error on Linux -2005-06-24 Love Hörnquist Åstrand +2005-06-24 Love Hörnquist Ã…strand * kdc/524.c: Always include . -2005-06-23 Love Hörnquist Åstrand +2005-06-23 Love Hörnquist Ã…strand * doc/intro.texi: no more libdes, gssapi lib is complete @@ -821,11 +821,11 @@ * lib/hdb/db.c (DB_open): in case of error, close database -2005-06-20 Love Hörnquist Åstrand +2005-06-20 Love Hörnquist Ã…strand * kcm/kcm.8: fix example -2005-06-17 Love Hörnquist Åstrand +2005-06-17 Love Hörnquist Ã…strand * lib/krb5/rd_rep.c: indent @@ -884,7 +884,7 @@ * lib/krb5/crypto.c: rename `encrypt' to avoid shadow warning -2005-06-16 Love Hörnquist Åstrand +2005-06-16 Love Hörnquist Ã…strand * lib/krb5/principal.c: rename index to idx @@ -944,11 +944,11 @@ * kdc/kerberos5.c (tgs_rep2): rename loop to nloop to avoid shadow warning -2005-06-15 Love Hörnquist Åstrand +2005-06-15 Love Hörnquist Ã…strand * Release 0.7, see branch -2005-06-14 Love Hörnquist Åstrand +2005-06-14 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: TESTS += test_mem libkrb5_la_SOURCES += kcm.h @@ -966,7 +966,7 @@ * lib/krb5/verify_krb5_conf.c: Add more missig entires, from Mathias Feiler -2005-06-11 Love Hörnquist Åstrand +2005-06-11 Love Hörnquist Ã…strand * kdc/pkinit.c (pk_principal_from_X509): remember to free KRB5PrincipalName @@ -974,7 +974,7 @@ * lib/krb5/log.c (krb5_closelog): free all content in krb5_log_facility -2005-06-08 Love Hörnquist Åstrand +2005-06-08 Love Hörnquist Ã…strand * kdc/524.c: init kvno to please gcc @@ -993,7 +993,7 @@ * kcm/kcm_locl.h (disallow_getting_krbtgt): Declare. -2005-06-02 Love Hörnquist Åstrand +2005-06-02 Love Hörnquist Ã…strand * kdc/mit_dump.c (mit_prop_dump): cast argument to krb5_parse_principal to avoid warning @@ -1002,7 +1002,7 @@ mit_KRB5_TL_MOD_PRINC to hint its a constant originating from mit codebase -2005-06-01 Love Hörnquist Åstrand +2005-06-01 Love Hörnquist Ã…strand * lib/krb5/store.c: If we are allocating 0 entires, avoid failing if ALLOC returns NULL @@ -1012,7 +1012,7 @@ * lib/krb5/cache.c: When returning a new error code, set error string. -2005-05-31 Love Hörnquist Åstrand +2005-05-31 Love Hörnquist Ã…strand * lib/krb5/keytab_file.c: Adapt to changed signature of _krb5_xunlock, clear more error string where needed. @@ -1020,7 +1020,7 @@ * lib/krb5/fcache.c (_krb5_xunlock): catch the error and turn it into something sensable -2005-05-30 Love Hörnquist Åstrand +2005-05-30 Love Hörnquist Ã…strand * kdc/kerberos5.c (tgs_make_reply): copy ok-as-delegate flag from server entry to encrypted ticket flags @@ -1036,7 +1036,7 @@ * kdc/main.c (sigterm): set exit_flag to signal causing exit; (main): trap SIGXCPU -2005-05-30 Love Hörnquist Åstrand +2005-05-30 Love Hörnquist Ã…strand * kcm/kcm.8: document --disallow-getting-krbtgt and --door-path @@ -1056,11 +1056,11 @@ * kcm/events.c: if credentials have expired when attempting to renew, attempt to reacquire them using initial creds -2005-05-29 Love Hörnquist Åstrand +2005-05-29 Love Hörnquist Ã…strand - * lib/krb5/krb5_principal.3: Spelling, from Björn Sandell + * lib/krb5/krb5_principal.3: Spelling, from Björn Sandell - * doc/setup.texi: spelling, from Björn Sandell + * doc/setup.texi: spelling, from Björn Sandell * lib/krb5/name-45-test.c: XXX don't run the test unless the machine is in kth.se or su.se because it depends on local resolver @@ -1124,15 +1124,15 @@ * kcm/connect.c: add LOCAL_PEERCRED and experimental doors support -2005-05-27 Love Hörnquist Åstrand +2005-05-27 Love Hörnquist Ã…strand * appl/kf/kfd.c: case uid_t to unsigned long in printf format -2005-05-25 Love Hörnquist Åstrand +2005-05-25 Love Hörnquist Ã…strand * lib/krb5/krb5_auth_context.3: remove trailing space -2005-05-24 Love Hörnquist Åstrand +2005-05-24 Love Hörnquist Ã…strand * kcm/connect.c (do_request): use sendmsg to send the reply @@ -1159,7 +1159,7 @@ * kcm/kcm.8: KRB5CCNAME needs an literal uid, not ${uid}, spelling -2005-05-23 Love Hörnquist Åstrand +2005-05-23 Love Hörnquist Ã…strand * kcm/protocol.c: Merge the description and function jumptables into one structure. Use the length of the array when checking if @@ -1180,11 +1180,11 @@ * kdc/main.c: Don't test HAVE_DAEMON since roken supplies it. -2005-05-23 Love Hörnquist Åstrand +2005-05-23 Love Hörnquist Ã…strand * lib/krb5/krb5_keytab.3: document WRFILE and JAVA14 -2005-05-20 Love Hörnquist Åstrand +2005-05-20 Love Hörnquist Ã…strand * lib/krb5/krbhst.c (srv_get_hosts): if srv_get_hosts failes, return and ignore the error @@ -1194,7 +1194,7 @@ * lib/krb5/test_keytab.c: tests all keytab format -2005-05-19 Love Hörnquist Åstrand +2005-05-19 Love Hörnquist Ã…strand * lib/krb5/pkinit.c (_krb5_pk_rd_pa_reply): non non asn1 decoding errors, fail. Make sure we free memory on error. @@ -1229,7 +1229,7 @@ krb5_kt_free_entry after each fkt_next_entry_int. From: Wynn Wilkes -2005-05-18 Love Hörnquist Åstrand +2005-05-18 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: TESTS += test_keytab @@ -1257,7 +1257,7 @@ * lib/krb5/krb5.3: add krb5_cc_new_unique -2005-05-17 Love Hörnquist Åstrand +2005-05-17 Love Hörnquist Ã…strand * lib/krb5/fcache.c (fcc_get_first): check return value from malloc, memset the structure, make sure cursor doesn't point to @@ -1285,13 +1285,13 @@ be unencrypted, for compatibility with mit kerberos and java kerberos. krb5_javakt_ops: export -2005-05-16 Love Hörnquist Åstrand +2005-05-16 Love Hörnquist Ã…strand * lib/krb5/keytab_file.c: Add new keytab file format JAVA14 that doesn't the use extended kvnos, as hinted, this is needed for Java's Kerberos implementation. -2005-05-10 Love Hörnquist Åstrand +2005-05-10 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: handle pkinit-9, pkinit-19, and pkinit-25 enckey, still no DH @@ -1309,32 +1309,32 @@ * lib/krb5/{krb5_compare_creds.3,krb5_get_init_creds.3, krb5_krbhst_init.3,krb5_storage.3}: - make more pretty, from Björn Sandell + make more pretty, from Björn Sandell 2005-05-09 Dave Love * doc/setup.texi: Fix and clarify password quality check examples. -2005-05-09 Love Hörnquist Åstrand +2005-05-09 Love Hörnquist Ã…strand * lib/krb5/kuserok.c (krb5_kuserok): use POSIX_GETPWNAM_R instead of HAVE_GETPWNAM_R From: Dave Love -2005-05-07 Love Hörnquist Åstrand +2005-05-07 Love Hörnquist Ã…strand * lib/krb5/addr_families.c (krb5_print_address): catch when the - unknown adress don't fit. From Björn Sandell + unknown adress don't fit. From Björn Sandell 2005-05-05 Dave Love * configure.in: fix type right test, include for sys/strtty.h, not sys/ptyvar.h -2005-05-05 Love Hörnquist Åstrand +2005-05-05 Love Hörnquist Ã…strand * lib/krb5/krb5.conf.5: spelling -2005-05-04 Love Hörnquist Åstrand +2005-05-04 Love Hörnquist Ã…strand * lib/krb5/krb5.conf.5: expand on what "trailing component" means @@ -1349,7 +1349,7 @@ * lib/krb5/kuserok.c: check the user's ~/.k5login.d directory for access files, all of which is handled like the regular ~/.k5login -2005-05-03 Love Hörnquist Åstrand +2005-05-03 Love Hörnquist Ã…strand * doc/ack.texi: Clearify what version of libdes we are using and who's code in it we are using. @@ -1367,7 +1367,7 @@ * configure.in: sys/tty.h (for sys/ptyvar.h) might need termios.h. -2005-05-02 Love Hörnquist Åstrand +2005-05-02 Love Hörnquist Ã…strand * tools/krb5-config.in: add com_err to required libs @@ -1384,7 +1384,7 @@ * lib/krb5/crypto.c: Don't declare des_salt &c as static with incomplete type (invalid in c89, at least). -2005-05-02 Love Hörnquist Åstrand +2005-05-02 Love Hörnquist Ã…strand * lib/krb5/krb5_locl.h: include @@ -1394,7 +1394,7 @@ namespace collision. (handle_stream): Cast arg of krb5_warnx. -2005-04-30 Love Hörnquist Åstrand +2005-04-30 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c: if we are using PKINIT, strip of the highest bit to make windows PK-INIT happy. Also make the nonces @@ -1418,11 +1418,11 @@ * lib/krb5/Makefile.am: use LIB_com_err for libkrb5.la -2005-04-29 Love Hörnquist Åstrand +2005-04-29 Love Hörnquist Ã…strand * lib/asn1/Makefile.am: use $(LIB_com_err) -2005-04-28 Love Hörnquist Åstrand +2005-04-28 Love Hörnquist Ã…strand * lib/krb5/context.c (krb5_set_config_files): ignore permission denied on configuration files, user might not be allowed to read @@ -1433,19 +1433,19 @@ * lib/krb5/krb5_locl.h: define _POSIX_PTHREAD_SEMANTICS so we get posix getpwnam_r -2005-04-25 Love Hörnquist Åstrand +2005-04-25 Love Hörnquist Ã…strand * lib/asn1/gen_glue.c: switch the units variable to a function. gcc-4.1 needs the size of the structure if its defined as extern struct units foo_units[] an we don't want to include in the generate headerfile -2005-04-25 Love Hörnquist Åstrand +2005-04-25 Love Hörnquist Ã…strand * lib/hdb/hdb.schema: add EQUALITY rule for krb5ValidStart, krb5ValidEnd, krb5PasswordEnd From Howard Chu -2005-04-24 Love Hörnquist Åstrand +2005-04-24 Love Hörnquist Ã…strand * doc/whatis.texi: comment out docbook stuff for now @@ -1488,22 +1488,22 @@ * doc/heimdal.texi: change the wrapping around the Top node to ifnottex, make html generation work - * lib/krb5/krb5_krbhst_init.3: spelling, from Björn Sandell + * lib/krb5/krb5_krbhst_init.3: spelling, from Björn Sandell - * lib/krb5/krb5_get_krbhst.3: spelling, from Björn Sandell + * lib/krb5/krb5_get_krbhst.3: spelling, from Björn Sandell - * lib/krb5/krb5_data.3: spelling, from Björn Sandell + * lib/krb5/krb5_data.3: spelling, from Björn Sandell - * lib/krb5/krb5_aname_to_localname.3: spelling, from Björn Sandell + * lib/krb5/krb5_aname_to_localname.3: spelling, from Björn Sandell - * lib/krb5/krb5_address.3: spelling, from Björn Sandell + * lib/krb5/krb5_address.3: spelling, from Björn Sandell -2005-04-23 Love Hörnquist Åstrand +2005-04-23 Love Hörnquist Ã…strand * kdc/config.c: Use the new Kerberos 4 functions in libkrb5 and so kerberos 4 is always compiled in (still default disabled) @@ -1521,19 +1521,19 @@ * lib/krb5/krb5-v4compat.h: add more v4 defines -2005-04-22 Love Hörnquist Åstrand +2005-04-22 Love Hörnquist Ã…strand * kpasswd/kpasswdd.c: Support multi-realms databases, requires that all the realms are configured on the KDC in krb5.conf with [libdefaults]default_realm stanzas. -2005-04-21 Love Hörnquist Åstrand +2005-04-21 Love Hörnquist Ã…strand * kdc/kerberos5.c: spell succeeded correctly, From Sean Chittenden * lib/krb5/addr_families.c: catch two more snprintf problems -2005-04-20 Love Hörnquist Åstrand +2005-04-20 Love Hörnquist Ã…strand * lib/hdb/Makefile.am: this lib include com_err, add -com_err to CHECK_SYMBOLS @@ -1541,7 +1541,7 @@ * appl/test/http_client.c: cast ssize_t to unsigned long, fix printf format -2005-04-19 Love Hörnquist Åstrand +2005-04-19 Love Hörnquist Ã…strand * lib/krb5/kuserok.c: use asprintf to avoid truncating pathnames @@ -1563,7 +1563,7 @@ * lib/krb5/test_kuserok.c: test program for krb5_kuserok -2005-04-18 Love Hörnquist Åstrand +2005-04-18 Love Hörnquist Ã…strand * lib/krb5/acache.c (acc_resolve): if open_default_ccache failed with ccErrCCacheNotFound try again with create_default_ccache, @@ -1580,7 +1580,7 @@ * include/make_crypto.c: cast to unsigned char to make sure its not negative when passing it to is* functions -2005-04-15 Love Hörnquist Åstrand +2005-04-15 Love Hörnquist Ã…strand * doc/programming.texi: remove manpage macro, add some more references to manpages @@ -1594,7 +1594,7 @@ * lib/krb5/krb5_keyblock.3: document krb5_keyblock_init -2005-04-14 Love Hörnquist Åstrand +2005-04-14 Love Hörnquist Ã…strand * kdc/kaserver.c: AUTHENTICATE and AUTHENTICATE_V2 is almost the same, and clients @@ -1604,25 +1604,25 @@ * lib/krb5/keyblock.c: Add krb5_keyblock_init to allocate an fill in a keyblock from key data. -2005-04-12 Love Hörnquist Åstrand +2005-04-12 Love Hörnquist Ã…strand * configure.in: rk_WIN32_EXPORT for roken -2005-04-10 Love Hörnquist Åstrand +2005-04-10 Love Hörnquist Ã…strand * appl/test/gssapi_server.c: print out client principla of delegated credential -2005-04-07 Love Hörnquist Åstrand +2005-04-07 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c (process_pa_data_to_key): also check for KRB5_PADATA_PK_AS_REP_19, From: Douglas Engert -2005-04-07 Love Hörnquist Åstrand +2005-04-07 Love Hörnquist Ã…strand * .cvsignore: ignore more generate files -2005-04-04 Love Hörnquist Åstrand +2005-04-04 Love Hörnquist Ã…strand * lib/asn1/check-der.c: use size_t, print size_t by casting to unsigned long @@ -1645,7 +1645,7 @@ between PA-PK-AS-REP-19 and PA-PK-AS-REQ-Win2k, try harder to verify both cases -2005-04-03 Love Hörnquist Åstrand +2005-04-03 Love Hörnquist Ã…strand * appl/test/uu_client.c: print size_t by casting to unsigned long @@ -1670,7 +1670,7 @@ * lib/asn1/gen.c: avoid const string warnings steming from writeable-string -2005-03-28 Love Hörnquist Åstrand +2005-03-28 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: TESTS += test_addr @@ -1683,13 +1683,13 @@ * lib/krb5/krb5_keytab.3: stop memory leak in example, expand on wildcards -2005-03-26 Love Hörnquist Åstrand +2005-03-26 Love Hörnquist Ã…strand * lib/krb5/krb5_principal.3: spelling, from Tomas Olsson * lib/krb5/krb5_warn.3: spelling, from Tomas Olsson -2005-03-19 Love Hörnquist Åstrand +2005-03-19 Love Hörnquist Ã…strand * lib/krb5/acache.c: add mutex for global variables, clean up returned error codes, implement storing addresses into the ccapi @@ -1708,7 +1708,7 @@ * appl/test/http_client.c: Make constent with rest of the gssapi test programs -2005-03-17 Love Hörnquist Åstrand +2005-03-17 Love Hörnquist Ã…strand * lib/hdb/keys.c: AES is enabled by default, remove ifdefs @@ -1719,11 +1719,11 @@ * kdc/kerberos5.c: AES is enabled by default, remove ifdefs -2005-03-16 Love Hörnquist Åstrand +2005-03-16 Love Hörnquist Ã…strand * doc/setup.texi: Add some text about modifying the database -2005-03-15 Love Hörnquist Åstrand +2005-03-15 Love Hörnquist Ã…strand * kuser/kinit.c: widen lifetime/renewal warning text field, also make use of unparse_time_approx, no need to be specific to the @@ -1737,12 +1737,12 @@ * lib/krb5/crypto.c: fix signedness issues, prompted by report of Magnus Ahltorp -2005-03-13 Love Hörnquist Åstrand +2005-03-13 Love Hörnquist Ã…strand * lib/krb5/krb5_keytab.3: more text about how to free returned resources -2005-03-10 Love Hörnquist Åstrand +2005-03-10 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: handle the -25 generation path @@ -1750,28 +1750,28 @@ * lib/krb5/pkinit.c: fold in pk-init-25 asn1 changes -2005-03-09 Love Hörnquist Åstrand +2005-03-09 Love Hörnquist Ã…strand * kdc/pkinit.c: use generated oid's * lib/krb5/pkinit.c: use generated oid's -2005-03-08 Love Hörnquist Åstrand +2005-03-08 Love Hörnquist Ã…strand * kdc/pkinit.c: update to the asn1 structures used in -25's * lib/krb5/pkinit.c: update to the asn1 structures used in -25's -2005-03-04 Love Hörnquist Åstrand +2005-03-04 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c: use the newly written hex function from roken and remove the old implementation -2005-03-01 Love Hörnquist Åstrand +2005-03-01 Love Hörnquist Ã…strand * appl/test/http_client.c: allow specifing port to connect to -2005-02-24 Love Hörnquist Åstrand +2005-02-24 Love Hörnquist Ã…strand * lib/krb5/Makefile.am: bump version to 21:0:4 @@ -1779,7 +1779,7 @@ * lib/asn1/Makefile.am: bump version to 7:0:1 -2005-02-23 Love Hörnquist Åstrand +2005-02-23 Love Hörnquist Ã…strand * lib/krb5/crypto.c (DES_string_to_key_int): must check for weak keys after doing the DES_cbc_cksum @@ -1790,17 +1790,17 @@ config_get_hosts() in kpasswd_get_next() From: Wynn Wilkes -2005-02-15 Love Hörnquist Åstrand +2005-02-15 Love Hörnquist Ã…strand * lib/hdb/db3.c (DB_open): correct the check for O_RDONLY From: Chaskiel M Grundman -2005-02-09 Love Hörnquist Åstrand +2005-02-09 Love Hörnquist Ã…strand * lib/krb5/crypto.c (krb5_random_to_key): cast size_t to int to make %d work -2005-02-08 Love Hörnquist Åstrand +2005-02-08 Love Hörnquist Ã…strand * lib/krb5/keytab.c (krb5_kt_get_entry): tell what enctype the caller requested to provide the user with a glue what the caller @@ -1816,7 +1816,7 @@ * kcm/config.c: allow KCM system ccache to be configured from krb5.conf, in the system_ccache stanza of [kcm] -2005-02-03 Love Hörnquist Åstrand +2005-02-03 Love Hörnquist Ã…strand * kcm/protocol.c: use -1 as the invalid pid number @@ -1849,7 +1849,7 @@ * kcm: add KCM daemon -2005-02-02 Love Hörnquist Åstrand +2005-02-02 Love Hörnquist Ã…strand * lib/krb5/send_to_kdc.c (send_and_recv_udp): make private again @@ -1889,17 +1889,17 @@ * kdc/kerberos5.c: don't crash when logging no server etype support if client == NULL -2005-01-17 Love Hörnquist Åstrand +2005-01-17 Love Hörnquist Ã…strand * kdc/kstash.c: s/random_key/random_key_flag/, From Dave Love -2005-01-12 Love Hörnquist Åstrand +2005-01-12 Love Hörnquist Ã…strand * doc/apps.texi: Texinfo fixes. Text about irix 6.5 using PAM. From: Dave Love -2005-01-08 Love Hörnquist Åstrand +2005-01-08 Love Hörnquist Ã…strand * lib/krb5/verify_krb5_conf.c: cast argument to isdigit to unsigned char @@ -1935,7 +1935,7 @@ krb5_enctype_valid, so use the later since its older and the api doesn't really need another entry point -2005-01-05 Love Hörnquist Åstrand +2005-01-05 Love Hörnquist Ã…strand * kpasswd/kpasswdd.8: document --addresses, controls what addresses kpasswd should listen too @@ -1993,12 +1993,12 @@ * lib/asn1/k5.asn1: add authorization data types for enctype negotiation implementation -2005-01-04 Love Hörnquist Åstrand +2005-01-04 Love Hörnquist Ã…strand * lib/krb5/changepw.c (change_password_loop): on failing to find a kdc, set result_code to KRB5_KPASSWD_HARDERROR -2005-01-01 Love Hörnquist Åstrand +2005-01-01 Love Hörnquist Ã…strand * doc/heimdal.texi: Happy New Year diff --git a/ChangeLog.2006 b/ChangeLog.2006 index f0e1ce9e966e..d48ea8aba659 100644 --- a/ChangeLog.2006 +++ b/ChangeLog.2006 @@ -1,4 +1,4 @@ -2006-12-28 Love Hörnquist Åstrand +2006-12-28 Love Hörnquist Ã…strand * kdc/process.c: Handle kx509 requests. @@ -26,13 +26,13 @@ * lib/krb5/digest.c (krb5_ntlm_rep_get_sessionkey): return value is krb5_error_code -2006-12-27 Love Hörnquist Åstrand +2006-12-27 Love Hörnquist Ã…strand * lib/krb5/mk_req_ext.c (_krb5_mk_req_internal): use md5 for des-cbc-md4 and des-cbc-md5. This is for (older) windows that will be unhappy anything else. From Inna Bort-Shatsky -2006-12-26 Love Hörnquist Åstrand +2006-12-26 Love Hörnquist Ã…strand * kdc/digest.c: Prefix internal symbol with _kdc_. @@ -48,11 +48,11 @@ * kdc/digest.c: Add digest acl's -2006-12-22 Love Hörnquist Åstrand +2006-12-22 Love Hörnquist Ã…strand * fix-export: build ntlm-private.h -2006-12-20 Love Hörnquist Åstrand +2006-12-20 Love Hörnquist Ã…strand * include/make_crypto.c: Include <.../hmac.h>. @@ -65,21 +65,21 @@ * kdc/digest.c: Add support for generating NTLM2 session security answer. -2006-12-19 Love Hörnquist Åstrand +2006-12-19 Love Hörnquist Ã…strand * lib/krb5/digest.c: Add sessionkey accessor functions. -2006-12-18 Love Hörnquist Åstrand +2006-12-18 Love Hörnquist Ã…strand * kdc/digest.c: Unwrap the NTLM session key and return it to the server. -2006-12-17 Love Hörnquist Åstrand +2006-12-17 Love Hörnquist Ã…strand * lib/krb5/store.c (krb5_ret_principal): Fix a bug in the malloc failure part, noticed by Arnaud Lacombe in NetBSD coverity scan. -2006-12-15 Love Hörnquist Åstrand +2006-12-15 Love Hörnquist Ã…strand * lib/krb5/fcache.c (fcc_get_cache_next): avoid const warning. @@ -111,12 +111,12 @@ * lib/krb5/krb5_locl.h: Expand the default root for some of the cc type names. -2006-12-14 Love Hörnquist Åstrand +2006-12-14 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c (free_paid): free the krb5_data structure too. Bug report from Stefan Metzmacher. -2006-12-12 Love Hörnquist Åstrand +2006-12-12 Love Hörnquist Ã…strand * kuser/kinit.c: Read the appdefault configration before we try to use the flags. Bug reported by Ingemar Nilsson. @@ -125,23 +125,23 @@ * kuser/kdigest-commands.in: prefix digest commands with digest- -2006-12-10 Love Hörnquist Åstrand +2006-12-10 Love Hörnquist Ã…strand * kdc/hprop.c: Return error codes on failure, improve error reporting. -2006-12-08 Love Hörnquist Åstrand +2006-12-08 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: sprinkle more _krb5_pk_copy_error * lib/krb5/pkinit.c: Copy more hx509 error strings to krb5 error strings -2006-12-07 Love Hörnquist Åstrand +2006-12-07 Love Hörnquist Ã…strand * include/Makefile.am: CLEANFILES += vis.h -2006-12-06 Love Hörnquist Åstrand +2006-12-06 Love Hörnquist Ã…strand * kdc/kerberos5.c (_kdc_as_rep): add AD-INITAL-VERIFIED-CAS to the encrypted ticket @@ -164,31 +164,31 @@ really should be the trust anchors of the client. * kuser/generate-requests.c: Use strcspn to remove \n from - string returned by fgets. From Björn Sandell + string returned by fgets. From Björn Sandell * kpasswd/kpasswd-generator.c: Use strcspn to remove \n from - string returned by fgets. From Björn Sandell + string returned by fgets. From Björn Sandell -2006-12-05 Love Hörnquist Åstrand +2006-12-05 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c: Clear errno before calling the strtol - functions. From Paul Stoeber to OpenBSD by Ray Lai and Björn + functions. From Paul Stoeber to OpenBSD by Ray Lai and Björn Sandell. * lib/krb5/config_file.c: Use strcspn to remove \n from fgets - result. Prompted by change by Ray Lai of OpenBSD via Björn + result. Prompted by change by Ray Lai of OpenBSD via Björn Sandell. * kdc/string2key.c: Use strcspn to remove \n from fgets - result. Prompted by change by Ray Lai of OpenBSD via Björn + result. Prompted by change by Ray Lai of OpenBSD via Björn Sandell. -2006-11-30 Love Hörnquist Åstrand +2006-11-30 Love Hörnquist Ã…strand * lib/krb5/krbhst.c (plugin_get_hosts): be more paranoid and pass in a NULLed plugin list -2006-11-29 Love Hörnquist Åstrand +2006-11-29 Love Hörnquist Ã…strand * lib/krb5/verify_krb5_conf.c: add more pkinit options. @@ -201,7 +201,7 @@ * lib/hdb/Makefile.am: Add LIB_com_err to pacify AIX -2006-11-28 Love Hörnquist Åstrand +2006-11-28 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c: Make build again from the hdb_entry wrapping. Patch from Andreas Hasenack. @@ -209,7 +209,7 @@ * kdc/pkinit.c: Need better code in the DH parameter rejection case, add comment to that effect. -2006-11-27 Love Hörnquist Åstrand +2006-11-27 Love Hörnquist Ã…strand * kdc/krb5tgs.c: Reply KRB5KRB_ERR_RESPONSE_TOO_BIG for too large packets when using datagram based transports. @@ -218,7 +218,7 @@ * lib/krb5/pkinit.c (build_auth_pack): set supportedCMSTypes. -2006-11-26 Love Hörnquist Åstrand +2006-11-26 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: Pass down hx509_peer_info. @@ -228,19 +228,19 @@ * kdc/pkinit.c (_kdc_pk_rd_padata): Pick up supportedCMSTypes and pass in into hx509_cms_create_signed_1 via hx509_peer_info blob. -2006-11-24 Love Hörnquist Åstrand +2006-11-24 Love Hörnquist Ã…strand * lib/krb5/send_to_kdc.c: Set the large_msg_size to 1400, lets not fragment packets and avoid stupid linklayers that doesn't allow fragmented packets (unix dgram sockets on Mac OS X) -2006-11-23 Love Hörnquist Åstrand +2006-11-23 Love Hörnquist Ã…strand * lib/krb5/pkinit.c (_krb5_pk_create_sign): stuff down the users certs in the pool to make sure a path is returned, without this proxy certificates wont work. -2006-11-21 Love Hörnquist Åstrand +2006-11-21 Love Hörnquist Ã…strand * kdc/config.c: Make all pkinit options prefixed with pkinit_ @@ -257,7 +257,7 @@ * lib/krb5/get_cred.c: Use KRB5_KU_OTHER_CKSUM for the impersonate checksum. -2006-11-20 Love Hörnquist Åstrand +2006-11-20 Love Hörnquist Ã…strand * lib/krb5/verify_user.c: Make krb5_get_init_creds_opt_free take a context argument. @@ -286,14 +286,14 @@ * appl/gssmask/gssmask.c: Make krb5_get_init_creds_opt_free take a context argument. -2006-11-19 Love Hörnquist Åstrand +2006-11-19 Love Hörnquist Ã…strand * doc/setup.texi: fix pkinit option (s/-/_/) * kdc/config.c: revert the enable-pkinit change, and make it consistant with all other other enable- options -2006-11-17 Love Hörnquist Åstrand +2006-11-17 Love Hörnquist Ã…strand * doc/setup.texi: Make all pkinit options prefixed with pkinit_ @@ -310,7 +310,7 @@ * lib/krb5/mit_glue.c (krb5_c_keylength): mit changed the api, deal. -2006-11-13 Love Hörnquist Åstrand +2006-11-13 Love Hörnquist Ã…strand * lib/krb5/pac.c (fill_zeros): stop using MIN. @@ -325,7 +325,7 @@ * lib/krb5/krbhst.c: Use plugin for the other realm locate types too. -2006-11-12 Love Hörnquist Åstrand +2006-11-12 Love Hörnquist Ã…strand * lib/krb5/krb5_locl.h: Add plugin api @@ -344,7 +344,7 @@ * lib/krb5/krb5.h: Add struct krb5_pac. -2006-11-09 Love Hörnquist Åstrand +2006-11-09 Love Hörnquist Ã…strand * lib/krb5/test_pac.c: PAC testing. @@ -362,7 +362,7 @@ * lib/krb5/mit_glue.c: Add krb5_c_keylength. -2006-11-08 Love Hörnquist Åstrand +2006-11-08 Love Hörnquist Ã…strand * lib/krb5/pac.c: Almost enough code to do PAC parsing and verification, missing in the unix2NTTIME and ucs2 corner. The @@ -372,7 +372,7 @@ * kdc/hpropd.c: Remove support dumping to a kerberos 4 database. -2006-11-07 Love Hörnquist Åstrand +2006-11-07 Love Hörnquist Ã…strand * lib/krb5/context.c: rename krb5_[gs]et_time_wrap to krb5_[gs]et_max_time_skew @@ -382,7 +382,7 @@ * lib/krb5/rd_req.c: Add more krb5_rd_req_out_get functions. -2006-11-06 Love Hörnquist Åstrand +2006-11-06 Love Hörnquist Ã…strand * lib/krb5/krb5.h: krb5_rd_req{,_in,_out}_ctx. @@ -390,11 +390,11 @@ dancing version of the krb5_rd_req and implement krb5_rd_req and krb5_rd_req_with_keyblock using it. -2006-11-04 Love Hörnquist Åstrand +2006-11-04 Love Hörnquist Ã…strand * kdc/kerberos5.c (_kdc_as_rep): More verbose time skew logging. -2006-11-03 Love Hörnquist Åstrand +2006-11-03 Love Hörnquist Ã…strand * lib/krb5/expand_hostname.c: Rename various routines and constants from canonize to canonicalize. From Andrew Bartlett @@ -407,12 +407,12 @@ * appl/gssmask/common.c (add_list): fix alloc statement. From Alex Deiter -2006-10-25 Love Hörnquist Åstrand +2006-10-25 Love Hörnquist Ã…strand * include/Makefile.am: Move version.h and version.h.in to DISTCLEANFILES. -2006-10-24 Love Hörnquist Åstrand +2006-10-24 Love Hörnquist Ã…strand * appl/gssmask/gssmask.c: Only log when there are resources left. @@ -421,11 +421,11 @@ * appl/gssmask/gssmask.c (AcquireCreds): free krb5_get_init_creds_opt -2006-10-23 Love Hörnquist Åstrand +2006-10-23 Love Hörnquist Ã…strand * configure.in: heimdal 0.8-RC1 -2006-10-22 Love Hörnquist Åstrand +2006-10-22 Love Hörnquist Ã…strand * lib/krb5/digest.c: Try to not leak memory. @@ -459,7 +459,7 @@ * lib/krb5/crypto.c (AES_string_to_key): Try to not leak memory. -2006-10-21 Love Hörnquist Åstrand +2006-10-21 Love Hörnquist Ã…strand * tools/heimdal-build.sh: Add --test-environment @@ -468,7 +468,7 @@ * lib/hdb/Makefile.am: remove dependency on et files covert_db that now is removed -2006-10-20 Love Hörnquist Åstrand +2006-10-20 Love Hörnquist Ã…strand * include/Makefile.am: add gssapi to subdirs @@ -507,7 +507,7 @@ * lib/krb5/Makefile.am: add more files -2006-10-19 Love Hörnquist Åstrand +2006-10-19 Love Hörnquist Ã…strand * tools/Makefile.am: Add heimdal-build.sh to EXTRA_DIST. @@ -521,7 +521,7 @@ * configure.in: make --disable-pk-init help text also negative -2006-10-18 Love Hörnquist Åstrand +2006-10-18 Love Hörnquist Ã…strand * kuser/kgetcred.c: Avoid memory leak. @@ -538,7 +538,7 @@ * lib/krb5/test_princ.c: Test principal parsing and unparsing. -2006-10-17 Love Hörnquist Åstrand +2006-10-17 Love Hörnquist Ã…strand * lib/krb5/get_host_realm.c (krb5_get_host_realm): make sure we don't recurse @@ -591,11 +591,11 @@ * kdc/kerberos5.c: Prefix asn1 primitives with der_. -2006-10-16 Love Hörnquist Åstrand +2006-10-16 Love Hörnquist Ã…strand * fix-export: Build lib/asn1/der-protos.h. -2006-10-14 Love Hörnquist Åstrand +2006-10-14 Love Hörnquist Ã…strand * appl/gssmask/Makefile.am: Add explit depenency on libroken. @@ -618,7 +618,7 @@ * lib/krb5/data.c: Prefix der primitives with der_. -2006-10-12 Love Hörnquist Åstrand +2006-10-12 Love Hörnquist Ã…strand * kdc/pkinit.c (pk_mk_pa_reply_enckey): add missing break. From Olga Kornievskaia. @@ -627,13 +627,13 @@ * include/bits.c: Include Xint64 types. -2006-10-10 Love Hörnquist Åstrand +2006-10-10 Love Hörnquist Ã…strand * tools/heimdal-build.sh: Add socketwrapper and cputime limit. * kdc/connect.c (loop): Log that the kdc have started. -2006-10-09 Love Hörnquist Åstrand +2006-10-09 Love Hörnquist Ã…strand * kdc/connect.c (do_request): tell krb5_kdc_process_request if its a datagram reply or not @@ -658,7 +658,7 @@ * kdc/krb5tgs.c (tgs_parse_request): set cusec, not csec from auth->cusec. -2006-10-08 Love Hörnquist Åstrand +2006-10-08 Love Hörnquist Ã…strand * fix-export: dist_-ify libkadm5clnt_la_SOURCES too @@ -677,7 +677,7 @@ checksum is done over the whole packet. Reported by Olga Kornievskaia -2006-10-07 Love Hörnquist Åstrand +2006-10-07 Love Hörnquist Ã…strand * include/Makefile.am: crypto-headers.h is a nodist header @@ -698,7 +698,7 @@ * kdc/kerberos5.c: Adapt to signature change of _krb5_principalname2krb5_principal. -2006-10-06 Love Hörnquist Åstrand +2006-10-06 Love Hörnquist Ã…strand * lib/krb5/krbhst.c (common_init): don't try DNS when there is realm w/o a dot. @@ -736,7 +736,7 @@ * appl/gssmask/common.h: Maybe include . -2006-10-05 Love Hörnquist Åstrand +2006-10-05 Love Hörnquist Ã…strand * appl/gssmask/common.h: disable ENABLE_PTHREAD_SUPPORT and explain why @@ -749,7 +749,7 @@ * tools/heimdal-build.sh: first cut -2006-10-04 Love Hörnquist Åstrand +2006-10-04 Love Hörnquist Ã…strand * configure.in: Call AB_INIT. @@ -762,11 +762,11 @@ * lib/krb5/krb5_digest.3: Add all protos -2006-10-03 Love Hörnquist Åstrand +2006-10-03 Love Hörnquist Ã…strand * lib/krb5/krb5_digest.3: Basic krb5_digest manpage. -2006-10-02 Love Hörnquist Åstrand +2006-10-02 Love Hörnquist Ã…strand * fix-export: build gssapi mech private files @@ -786,7 +786,7 @@ * fix-export: build gssapi mech private files -2006-09-26 Love Hörnquist Åstrand +2006-09-26 Love Hörnquist Ã…strand * appl/gssmask/gssmaestro.c: Handle FIRST_CALL in the context building, better error handling. @@ -799,18 +799,18 @@ * appl/gssmask/gssmaestro.c: Check that the pre-wrapped data is the same as afterward. -2006-09-25 Love Hörnquist Åstrand +2006-09-25 Love Hörnquist Ã…strand * appl/gssmask/gssmaestro.c: Remove stray GSS_C_DCE_STYLE. * appl/gssmask/gssmaestro.c: Add logsocket support. -2006-09-22 Love Hörnquist Åstrand +2006-09-22 Love Hörnquist Ã…strand * appl/gssmask/gssmaestro.c (build_context): print the step the context exchange. -2006-09-21 Love Hörnquist Åstrand +2006-09-21 Love Hörnquist Ã…strand * appl/gssmask/gssmaestro.c: Add GSS_C_INTEG_FLAG|GSS_C_CONF_FLAG to all context flags @@ -826,7 +826,7 @@ * lib/krb5/rd_req.c: disable ETypeList parsing usage for now, cfx seems broken and its not good to upgrade to a broken enctype. -2006-09-20 Love Hörnquist Åstrand +2006-09-20 Love Hörnquist Ã…strand * appl/gssmask/gssmask.c: Add wrap/unwrap ops @@ -842,7 +842,7 @@ * appl/gssmask/gssmaestro.c: test self context building and all permutation of clients -2006-09-19 Love Hörnquist Åstrand +2006-09-19 Love Hörnquist Ã…strand * appl/gssmask/gssmask.c: add --logfile option, use htons() on port number @@ -851,7 +851,7 @@ * configure.in: Make pk-init turned on by default. -2006-09-18 Love Hörnquist Åstrand +2006-09-18 Love Hörnquist Ã…strand * fix-export: Build lib/hx509/{hx509-protos.h,hx509-private.h}. @@ -864,20 +864,20 @@ * kdc/krb5tgs.c: Check the adtkt in the constrained delegation case too. -2006-09-16 Love Hörnquist Åstrand +2006-09-16 Love Hörnquist Ã…strand * kdc/main.c (sigterm): don't _exit, let loop() catch the signal instead. - * lib/krb5/krb5_timeofday.3: Fixes from Björn Sandell. + * lib/krb5/krb5_timeofday.3: Fixes from Björn Sandell. - * lib/krb5/krb5_get_init_creds.3: Fixes from Björn Sandell. + * lib/krb5/krb5_get_init_creds.3: Fixes from Björn Sandell. -2006-09-15 Love Hörnquist Åstrand +2006-09-15 Love Hörnquist Ã…strand * tools/krb5-config.in: Add "kafs" option. -2006-09-12 Love Hörnquist Åstrand +2006-09-12 Love Hörnquist Ã…strand * lib/hdb/db.c: By using full function calling conversion (*func) we avoid problem when close(fd) is overridden using a macro. @@ -886,7 +886,7 @@ conversion (*func) we avoid problem when close(fd) is overridden using a macro. -2006-09-11 Love Hörnquist Åstrand +2006-09-11 Love Hörnquist Ã…strand * kdc/kerberos5.c: Signing outgoing tickets. @@ -896,17 +896,17 @@ * lib/krb5/pkinit.c: Adapt to new signature of hx509_cms_unenvelope. -2006-09-09 Love Hörnquist Åstrand +2006-09-09 Love Hörnquist Ã…strand * lib/krb5/pkinit.c (pk_verify_host): set errorstrings in a sensable way -2006-09-08 Love Hörnquist Åstrand +2006-09-08 Love Hörnquist Ã…strand * lib/krb5/krb5_init_context.3: Prevent a font generation warning, from Jason McIntyre. -2006-09-06 Love Hörnquist Åstrand +2006-09-06 Love Hörnquist Ã…strand * lib/krb5/context.c (krb5_init_ets): Add the hx errortable @@ -915,7 +915,7 @@ * lib/krb5/pkinit.c (_krb5_pk_verify_sign): catch the error string from the hx509 lib -2006-09-04 Love Hörnquist Åstrand +2006-09-04 Love Hörnquist Ã…strand * lib/krb5/init_creds.c (krb5_get_init_creds_opt_set_default_flags): fix argument to krb5_get_init_creds_opt_set_addressless. @@ -945,14 +945,14 @@ instead of passing in the empty set of address into krb5_get_init_creds_opt_set_addresses. -2006-09-01 Love Hörnquist Åstrand +2006-09-01 Love Hörnquist Ã…strand * kuser/kinit.c (renew_validate): inherit the proxiable and forwardable from the orignal ticket, pointed out by Bernard Antoine of CERN. * doc/setup.texi: More text about the acl_file entry and - hdb-ldap-structural-object. From Rüdiger Ranft. + hdb-ldap-structural-object. From Rüdiger Ranft. * lib/krb5/krbhst.c (fallback_get_hosts): limit the fallback lookups to 5. Patch from Wesley Craig, umich.edu @@ -963,7 +963,7 @@ * appl/test/tcp_server.c (proto): use keytab for krb5_recvauth Patch from Ingemar Nilsson -2006-08-28 Love Hörnquist Åstrand +2006-08-28 Love Hörnquist Ã…strand * kuser/kdigest.c (help): use sl_slc_help(). @@ -971,7 +971,7 @@ * lib/krb5/digest.c: Catch more error. -2006-08-25 Love Hörnquist Åstrand +2006-08-25 Love Hörnquist Ã…strand * doc/setup.texi: language. @@ -984,7 +984,7 @@ * lib/krb5/digest.c: In the case where we get a DigestError back, save the error string and code. -2006-08-24 Love Hörnquist Åstrand +2006-08-24 Love Hörnquist Ã…strand * kdc/kerberos5.c: Remove _kdc_find_etype(), its no longer used. @@ -1027,7 +1027,7 @@ tgt etype, now the krbtgt can be a aes-only key without the need to support not-as-good etypes for the krbtgt. -2006-08-23 Love Hörnquist Åstrand +2006-08-23 Love Hörnquist Ã…strand * kdc/misc.c: Change _kdc_db_fetch() to return the database pointer to if needed by the consumer. @@ -1059,13 +1059,13 @@ * lib/krb5/digest.c: Add digest support to the client side. -2006-08-21 Love Hörnquist Åstrand +2006-08-21 Love Hörnquist Ã…strand * lib/krb5/rd_rep.c (krb5_rd_rep): free krb5_ap_rep_enc_part on error and set return pointer to NULL (krb5_free_ap_rep_enc_part): permit freeing of NULL -2006-08-18 Love Hörnquist Åstrand +2006-08-18 Love Hörnquist Ã…strand * kdc/{Makefile.am,kdigest.c,kdigest-commands.in}: Frontend for remote digest service in KDC @@ -1081,7 +1081,7 @@ * lib/krb5/init_creds.c (krb5_get_init_creds_opt_get_error): clear error string on error. -2006-07-20 Love Hörnquist Åstrand +2006-07-20 Love Hörnquist Ã…strand * lib/krb5/crypto.c: remove aes-192 (CMS) @@ -1089,7 +1089,7 @@ * lib/krb5/crypto.c: Remove CMS symmetric encryption support. -2006-07-13 Love Hörnquist Åstrand +2006-07-13 Love Hörnquist Ã…strand * kdc/pkinit.c (_kdc_pk_check_client): make it not crash when there are no acl @@ -1105,7 +1105,7 @@ * lib/hdb/ext.c: Add hdb_entry_get_pkinit_hash(). -2006-07-10 Love Hörnquist Åstrand +2006-07-10 Love Hörnquist Ã…strand * kuser/kinit.c: If --password-file gets STDIN, read the password from the standard input. @@ -1114,20 +1114,20 @@ * lib/krb5/krb5_string_to_key.3: Remove duplicate to. -2006-07-06 Love Hörnquist Åstrand +2006-07-06 Love Hörnquist Ã…strand * kdc/krb5tgs.c: (tgs_build_reply): when checking for removed principals, check the second component of the krbtgt, otherwise cross realm wont work. Prompted by report from Mattias Amnefelt. -2006-07-05 Love Hörnquist Åstrand +2006-07-05 Love Hörnquist Ã…strand * kdc/connect.c (handle_vanilla_tcp): use unsigned integer for for length (handle_tcp): if the high bit it set in the unknown case, send back a KRB_ERR_FIELD_TOOLONG -2006-07-03 Love Hörnquist Åstrand +2006-07-03 Love Hörnquist Ã…strand * appl/gssmask/gssmaestro.c: Add get_version_capa, cache target_name. @@ -1143,7 +1143,7 @@ * appl/gssmask/gssmaestro.c: break out out the build context function -2006-07-01 Love Hörnquist Åstrand +2006-07-01 Love Hörnquist Ã…strand * appl/gssmask/gssmaestro.c: externalize slave handling, add GetTargetName glue @@ -1160,7 +1160,7 @@ * appl/gssmask: break out common function; add gssmaestro (that only tests one context for now) -2006-06-30 Love Hörnquist Åstrand +2006-06-30 Love Hörnquist Ã…strand * lib/krb5/store_fd.c (krb5_storage_from_fd): don't leak fd on malloc failure @@ -1173,11 +1173,11 @@ * lib/krb5/cache.c (krb5_cc_new_unique): use KRB5_DEFAULT_CCNAME as the default prefix -2006-06-28 Love Hörnquist Åstrand +2006-06-28 Love Hörnquist Ã…strand * doc/heimdal.texi: Add Doug Rabson's license -2006-06-22 Love Hörnquist Åstrand +2006-06-22 Love Hörnquist Ã…strand * lib/krb5/init_creds.c: Add storing and getting KRB-ERROR in the krb5_get_init_creds_opt structure. @@ -1187,11 +1187,11 @@ * lib/krb5/krb5_locl.h (_krb5_get_init_creds_opt_private): add KRB-ERROR -2006-06-21 Love Hörnquist Åstrand +2006-06-21 Love Hörnquist Ã…strand * doc/setup.texi: section about verify_krb5_conf and kadmin check -2006-06-15 Love Hörnquist Åstrand +2006-06-15 Love Hörnquist Ã…strand * lib/krb5/init_creds_pw.c (get_init_creds_common): drop cred argument, its unused @@ -1200,7 +1200,7 @@ * lib/krb5/krb5_get_creds.3: new file -2006-06-14 Love Hörnquist Åstrand +2006-06-14 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c: don't use the sambaNTPassword if there is ARCFOUR key already. Idea from Andreas Hasenack. While here, set @@ -1211,7 +1211,7 @@ * kdc/kdc.h: Add enable_v4_per_principal -2006-06-12 Love Hörnquist Åstrand +2006-06-12 Love Hörnquist Ã…strand * kdc/kerberos5.c (_kdc_as_rep): if kdc_time + config->kdc_warn_pwexpire is past pw_end, add expiration @@ -1222,11 +1222,11 @@ * kdc/kerberos5.c: indent. -2006-06-07 Love Hörnquist Åstrand +2006-06-07 Love Hörnquist Ã…strand * kdc/kerberos5.c: constify -2006-06-06 Love Hörnquist Åstrand +2006-06-06 Love Hörnquist Ã…strand * lib/krb5/get_cred.c: Allow setting additional tickets in the tgs-req @@ -1252,7 +1252,7 @@ * lib/krb5/krb5.h: Add krb5_get_creds_opt_data and some more KRB5_GC flags. -2006-06-01 Love Hörnquist Åstrand +2006-06-01 Love Hörnquist Ã…strand * lib/hdb/ext.c (hdb_entry_get_ConstrainedDelegACL): new function. @@ -1271,13 +1271,13 @@ * kdc/kerberos5.c: split out krb5 tgs req to make it easier to reorganize the code. -2006-05-29 Love Hörnquist Åstrand +2006-05-29 Love Hörnquist Ã…strand - * lib/krb5/krb5_get_init_creds.3: spelling Björn Sandell + * lib/krb5/krb5_get_init_creds.3: spelling Björn Sandell - * lib/krb5/krb5_get_in_cred.3: spelling Björn Sandell + * lib/krb5/krb5_get_in_cred.3: spelling Björn Sandell -2006-05-13 Love Hörnquist Åstrand +2006-05-13 Love Hörnquist Ã…strand * kpasswd/kpasswdd.c (change): select the realm based on the target principal From Gabor Gombas @@ -1286,7 +1286,7 @@ * lib/krb5/krb5.h: Add KRB5_PROMPT_TYPE_INFO -2006-05-12 Love Hörnquist Åstrand +2006-05-12 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: Hidden field of hx509 prompter is removed. Fix a warning. @@ -1307,7 +1307,7 @@ * lib/krb5/krb5_acl_match_file.3: Various tweaks, from Jason McIntyre. -2006-05-11 Love Hörnquist Åstrand +2006-05-11 Love Hörnquist Ã…strand * kuser/kinit.c: Move parsing of the PK-INIT configuration file to the library so application doesn't need to deal with it. @@ -1322,7 +1322,7 @@ * lib/krb5/pkinit.c (hx_pass_prompter): return 0 on success and 1 on failure. Pointed out by Douglas E. Engert. -2006-05-08 Love Hörnquist Åstrand +2006-05-08 Love Hörnquist Ã…strand * lib/krb5/crypto.c: Catches both keyed checkout w/o crypto context cases and doesn't reset the string, and corrects the @@ -1331,7 +1331,7 @@ * lib/krb5/crypto.c: Drop aes-cbc, rc2 and CMS padding support, its all containted in libhcrypto and libhx509 now. -2006-05-07 Love Hörnquist Åstrand +2006-05-07 Love Hörnquist Ã…strand * lib/krb5/pkinit.c (_krb5_pk_verify_sign): Use hx509_get_one_cert. @@ -1339,7 +1339,7 @@ * lib/krb5/crypto.c (create_checksum): provide a error message that a key checksum needs a key. From Andew Bartlett. -2006-05-06 Love Hörnquist Åstrand +2006-05-06 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: Now that hcrypto supports DH, remove check for hx509 null DH. @@ -1357,21 +1357,21 @@ * kcm/acl.c: Multicache kcm interation isn't done yet, let wait with this enum. -2006-05-05 Love Hörnquist Åstrand +2006-05-05 Love Hörnquist Ã…strand - * lib/krb5/krb5_set_default_realm.3: Spelling/mdoc from Björn + * lib/krb5/krb5_set_default_realm.3: Spelling/mdoc from Björn Sandell - * lib/krb5/krb5_rcache.3: Spelling/mdoc from Björn Sandell + * lib/krb5/krb5_rcache.3: Spelling/mdoc from Björn Sandell - * lib/krb5/krb5_keytab.3: Spelling/mdoc from Björn Sandell + * lib/krb5/krb5_keytab.3: Spelling/mdoc from Björn Sandell - * lib/krb5/krb5_get_in_cred.3: Spelling/mdoc from Björn Sandell + * lib/krb5/krb5_get_in_cred.3: Spelling/mdoc from Björn Sandell - * lib/krb5/krb5_expand_hostname.3: Spelling/mdoc from Björn + * lib/krb5/krb5_expand_hostname.3: Spelling/mdoc from Björn Sandell - * lib/krb5/krb5_c_make_checksum.3: Spelling/mdoc from Björn + * lib/krb5/krb5_c_make_checksum.3: Spelling/mdoc from Björn Sandell * lib/krb5/keytab_file.c (fkt_next_entry_int): read the 32 bit @@ -1399,7 +1399,7 @@ * lib/krb5/store.c: Rewrite the krb5_ret_u as proposed by Johan. -2006-05-04 Love Hörnquist Åstrand +2006-05-04 Love Hörnquist Ã…strand * kdc/kerberos4.c: Use the new unsigned integer storage types. @@ -1417,7 +1417,7 @@ * lib/krb5/test_store.c: Test the integer storage types. -2006-05-03 Love Hörnquist Åstrand +2006-05-03 Love Hörnquist Ã…strand * lib/krb5/store.c (krb5_store_principal): make it take a krb5_const_principal, indent @@ -1432,79 +1432,79 @@ * kdc/config.c: read [kdc]pki-kdc-ocsp -2006-05-02 Love Hörnquist Åstrand +2006-05-02 Love Hörnquist Ã…strand * kdc/pkinit.c (_kdc_pk_mk_pa_reply): send back ocsp response if it seems to be valid, simplfy the pkinit-windows DH case (it doesn't exists). -2006-05-01 Love Hörnquist Åstrand +2006-05-01 Love Hörnquist Ã…strand - * lib/krb5/krb5_warn.3: Spelling/mdoc changes, from Björn Sandell. + * lib/krb5/krb5_warn.3: Spelling/mdoc changes, from Björn Sandell. - * lib/krb5/krb5_verify_user.3: Spelling/mdoc changes, from Björn + * lib/krb5/krb5_verify_user.3: Spelling/mdoc changes, from Björn Sandell. * lib/krb5/krb5_verify_init_creds.3: Spelling/mdoc changes, from - Björn Sandell. + Björn Sandell. - * lib/krb5/krb5_timeofday.3: Spelling/mdoc changes, from Björn + * lib/krb5/krb5_timeofday.3: Spelling/mdoc changes, from Björn Sandell. - * lib/krb5/krb5_ticket.3: Spelling/mdoc changes, from Björn + * lib/krb5/krb5_ticket.3: Spelling/mdoc changes, from Björn Sandell. - * lib/krb5/krb5_rd_safe.3: Spelling/mdoc changes, from Björn + * lib/krb5/krb5_rd_safe.3: Spelling/mdoc changes, from Björn Sandell. - * lib/krb5/krb5_rcache.3: Spelling/mdoc changes, from Björn + * lib/krb5/krb5_rcache.3: Spelling/mdoc changes, from Björn Sandell. - * lib/krb5/krb5_principal.3: Spelling/mdoc changes, from Björn + * lib/krb5/krb5_principal.3: Spelling/mdoc changes, from Björn Sandell. - * lib/krb5/krb5_parse_name.3: Spelling/mdoc changes, from Björn + * lib/krb5/krb5_parse_name.3: Spelling/mdoc changes, from Björn Sandell. - * lib/krb5/krb5_mk_safe.3: Spelling/mdoc changes, from Björn + * lib/krb5/krb5_mk_safe.3: Spelling/mdoc changes, from Björn Sandell. - * lib/krb5/krb5_keyblock.3: Spelling/mdoc changes, from Björn + * lib/krb5/krb5_keyblock.3: Spelling/mdoc changes, from Björn Sandell. * lib/krb5/krb5_is_thread_safe.3: Spelling/mdoc changes, from - Björn Sandell. + Björn Sandell. * lib/krb5/krb5_generate_random_block.3: Spelling/mdoc changes, - from Björn Sandell. + from Björn Sandell. * lib/krb5/krb5_generate_random_block.3: Spelling/mdoc changes, - from Björn Sandell. + from Björn Sandell. * lib/krb5/krb5_expand_hostname.3: Spelling/mdoc changes, from - Björn Sandell. + Björn Sandell. * lib/krb5/krb5_check_transited.3: Spelling/mdoc changes, from - Björn Sandell. + Björn Sandell. * lib/krb5/krb5_c_make_checksum.3: Spelling/mdoc changes, from - Björn Sandell. + Björn Sandell. * lib/krb5/krb5_address.3: Spelling/mdoc changes, from - Björn Sandell. + Björn Sandell. * lib/krb5/krb5_acl_match_file.3: Spelling/mdoc changes, from - Björn Sandell. + Björn Sandell. - * lib/krb5/krb5.3: Spelling, from Björn Sandell. + * lib/krb5/krb5.3: Spelling, from Björn Sandell. - * doc/ack.texi: add Björn + * doc/ack.texi: add Björn -2006-04-30 Love Hörnquist Åstrand +2006-04-30 Love Hörnquist Ã…strand * lib/krb5/pkinit.c (cert2epi): don't include subject if its null -2006-04-29 Love Hörnquist Åstrand +2006-04-29 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: Send over what trust anchors the client have configured. @@ -1516,7 +1516,7 @@ * kdc/pkinit.c (_kdc_pk_check_client): reorganize and make log when a SAN matches. -2006-04-28 Love Hörnquist Åstrand +2006-04-28 Love Hörnquist Ã…strand * doc/setup.texi: More options and some text about windows clients, certificate and KDCs. @@ -1529,7 +1529,7 @@ * lib/hdb/hdb.h: Bump hdb interface version to 4. -2006-04-27 Love Hörnquist Åstrand +2006-04-27 Love Hörnquist Ã…strand * kuser/kdestroy.1: Document --credential=principal. @@ -1556,7 +1556,7 @@ the entry and pass it in as a seprate argument. Add more flags to ->hdb_get(). Re-indent. -2006-04-26 Love Hörnquist Åstrand +2006-04-26 Love Hörnquist Ã…strand * doc/setup.texi: document pki-allow-proxy-certificate @@ -1576,7 +1576,7 @@ * kdc/kerberos5.c (find_keys): add client_name and server_name argument and use them, and adapt callers. -2006-04-25 Love Hörnquist Åstrand +2006-04-25 Love Hörnquist Ã…strand * kuser/kinit.1: document option password-file @@ -1594,7 +1594,7 @@ * lib/hdb/keys.c (parse_key_set): handle error case better (hdb_generate_key_set): return better error -2006-04-24 Love Hörnquist Åstrand +2006-04-24 Love Hörnquist Ã…strand * lib/hdb/hdb.c (hdb_create): print out what we don't support @@ -1619,7 +1619,7 @@ * lib/krb5/init_creds_pw.c: Pass down realm to _krb5_pk_rd_pa_reply -2006-04-23 Love Hörnquist Åstrand +2006-04-23 Love Hörnquist Ã…strand * lib/krb5/pkinit.c (pk_verify_host): Add begining of finding subjectAltName_otherName pk-init-san and verifing it. @@ -1639,13 +1639,13 @@ * tools/kdc-log-analyze.pl: count v5 cross realms too -2006-04-22 Love Hörnquist Åstrand +2006-04-22 Love Hörnquist Ã…strand * kdc/pkinit.c: Adapt to change in hx509_cms_create_signed_1. * lib/krb5/pkinit.c: Adapt to change in hx509_cms_create_signed_1. -2006-04-20 Love Hörnquist Åstrand +2006-04-20 Love Hörnquist Ã…strand * kdc/pkinit.c (_kdc_pk_rd_padata): use hx509_cms_unwrap_ContentInfo. @@ -1658,7 +1658,7 @@ * kdc/config.c: Rename pki-chain to pki-pool to match rest of code. -2006-04-12 Love Hörnquist Åstrand +2006-04-12 Love Hörnquist Ã…strand * lib/krb5/rd_priv.c: Fix argument to krb5_data_zero. @@ -1673,7 +1673,7 @@ * lib/krb5/pkinit.c (_krb5_pk_load_id): Added certificate revoke information, ie CRL's -2006-04-10 Love Hörnquist Åstrand +2006-04-10 Love Hörnquist Ã…strand * lib/krb5/replay.c (krb5_rc_resolve_full): make compile again. @@ -1718,15 +1718,15 @@ calloc. removed check that was never really used. Coverity NetBSD CID#2370 -2006-04-09 Love Hörnquist Åstrand +2006-04-09 Love Hörnquist Ã…strand - * lib/krb5/rd_req.c (krb5_verify_ap_req2): make sure `ticket´ + * lib/krb5/rd_req.c (krb5_verify_ap_req2): make sure `ticket´ points to NULL in case of error, add error handling, use calloc. * kpasswd/kpasswdd.c (doit): when done, close all fd in the sockets array and free it. Coverity NetBSD CID#1916 -2006-04-08 Love Hörnquist Åstrand +2006-04-08 Love Hörnquist Ã…strand * lib/krb5/store.c (krb5_ret_principal): fix memory leak Coverity, NetBSD CID#1695 @@ -1734,7 +1734,7 @@ * kdc/524.c (_kdc_do_524): Handle memory allocation failure Coverity, NetBSD CID#2752 -2006-04-07 Love Hörnquist Åstrand +2006-04-07 Love Hörnquist Ã…strand * lib/krb5/keytab_file.c (krb5_kt_ret_principal): plug a memory leak Coverity NetBSD CID#1890 @@ -1749,12 +1749,12 @@ * kdc/hprop.c (main): remove dead code. Coverity NetBSD CID#633 -2006-04-04 Love Hörnquist Åstrand +2006-04-04 Love Hörnquist Ã…strand * kpasswd/kpasswd-generator.c (read_words): catch empty file case, will cause PBE (division by zero) later. From Tobias Stoeckmann. -2006-04-02 Love Hörnquist Åstrand +2006-04-02 Love Hörnquist Ã…strand * lib/hdb/keytab.c: Remove a delta from last revision that should have gone in later. @@ -1832,7 +1832,7 @@ * lib/krb5/log.c (krb5_addlog_dest): make string length match strings in strcasecmp. Found by IBM checker. -2006-03-30 Love Hörnquist Åstrand +2006-03-30 Love Hörnquist Ã…strand * lib/hdb/hdb-ldap.c (LDAP_message2entry): in declaration set variable_name as "hdb_entry_ex" @@ -1846,7 +1846,7 @@ * kuser/kinit.c: Add pool of certificates to help certificate path building for clients sending incomplete path in the signedData. -2006-03-28 Love Hörnquist Åstrand +2006-03-28 Love Hörnquist Ã…strand * kdc/pkinit.c: Add pool of certificates to help certificate path building for clients sending incomplete path in the signedData. @@ -1855,7 +1855,7 @@ path building for clients sending incomplete path in the signedData. -2006-03-27 Love Hörnquist Åstrand +2006-03-27 Love Hörnquist Ã…strand * kdc/config.c: Allow passing in related certificates used to build the chain. @@ -1872,7 +1872,7 @@ * tools/Makefile.am: Add hx509 when using PK-INIT. -2006-03-26 Love Hörnquist Åstrand +2006-03-26 Love Hörnquist Ã…strand * lib/krb5/acache.c: Use ticket flags definition, might fix Mac OS X Kerberos.app problems. @@ -1896,30 +1896,30 @@ * lib/krb5/pkinit.c: Switch to hx509. -2006-03-24 Love Hörnquist Åstrand +2006-03-24 Love Hörnquist Ã…strand * kdc/kerberos5.c (log_patypes): log the patypes requested by the client -2006-03-23 Love Hörnquist Åstrand +2006-03-23 Love Hörnquist Ã…strand * lib/krb5/pkinit.c (_krb5_pk_rd_pa_reply): pass down the req_buffer in the w2k case too. From Douglas E. Engert. -2006-03-19 Love Hörnquist Åstrand +2006-03-19 Love Hörnquist Ã…strand * lib/krb5/mk_req_ext.c (_krb5_mk_req_internal): on failure, goto error handling. Fixes Coverity NetBSD CID 2591 by catching a failing krb5_copy_keyblock() -2006-03-17 Love Hörnquist Åstrand +2006-03-17 Love Hörnquist Ã…strand * lib/krb5/addr_families.c (krb5_free_addresses): reset val,len in address when free-ing. Fixes Coverity NetBSD bug #2605 (krb5_parse_address): reset val,len before possibly return errors Fixes Coverity NetBSD bug #2605 -2006-03-07 Love Hörnquist Åstrand +2006-03-07 Love Hörnquist Ã…strand * lib/krb5/send_to_kdc.c (recv_loop): it should never happen, but make sure nbytes > 0 @@ -1930,7 +1930,7 @@ * lib/krb5/crypto.c (decrypt_*): handle the case where the plaintext is 0 bytes long, realloc might then return NULL. -2006-02-28 Love Hörnquist Åstrand +2006-02-28 Love Hörnquist Ã…strand * lib/krb5/krb5_string_to_key.3: Drop krb5_string_to_key_derived. @@ -1949,24 +1949,24 @@ else, they should be around the example, not inside it, and probably shouldn't be used in html at all -2006-02-18 Love Hörnquist Åstrand +2006-02-18 Love Hörnquist Ã…strand * lib/krb5/krb5_warn.3: Document that applications want to use krb5_get_error_message, add example. -2006-02-16 Love Hörnquist Åstrand +2006-02-16 Love Hörnquist Ã…strand * lib/krb5/crypto.c (krb5_generate_random_block): check return value from RAND_bytes * lib/krb5/error_string.c: Change indentation, update (c) -2006-02-14 Love Hörnquist Åstrand +2006-02-14 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: Make struct krb5_dh_moduli available when compiling w/o pkinit. -2006-02-13 Love Hörnquist Åstrand +2006-02-13 Love Hörnquist Ã…strand * lib/krb5/pkinit.c: update to new paChecksum definition, update the dhgroup handling @@ -1974,14 +1974,14 @@ * kdc/pkinit.c: update to new paChecksum definition, use hdb_entry_ex -2006-02-09 Love Hörnquist Åstrand +2006-02-09 Love Hörnquist Ã…strand * lib/krb5/krb5_locl.h: Move Configurable options to last in the file. * lib/krb5/krb5_locl.h: Wrap KRB5_ADDRESSLESS_DEFAULT with #ifndef -2006-02-03 Love Hörnquist Åstrand +2006-02-03 Love Hörnquist Ã…strand * kpasswd/kpasswdd.c: Send back a better error-message to the client in case the password change was rejected. @@ -2011,23 +2011,23 @@ * lib/krb5/krb5_locl.h: Introduce KRB5_ADDRESSLESS_DEFAULT that controlls all address-less behavior. Defaults to false. -2006-02-01 Love Hörnquist Åstrand +2006-02-01 Love Hörnquist Ã…strand * lib/krb5/n-fold-test.c: main is not a KRB5_LIB_FUNCTION * lib/krb5/mk_priv.c (krb5_mk_priv): abort if ASN1_MALLOC_ENCODE failes to produce the matching lenghts. -2006-01-27 Love Hörnquist Åstrand +2006-01-27 Love Hörnquist Ã…strand * kcm/protocol.c (kcm_op_retrieve): remove unused variable -2006-01-15 Love Hörnquist Åstrand +2006-01-15 Love Hörnquist Ã…strand * tools/krb5-config.in: Move depenency on @LIB_dbopen@ to kadm-server, kerberos library doesn't depend on db-library. -2006-01-13 Love Hörnquist Åstrand +2006-01-13 Love Hörnquist Ã…strand * include/Makefile.am: Don't clean crypto headers, they now live in hcrypto/. Add hcrypto to SUBDIRS. @@ -2039,7 +2039,7 @@ * include/make_crypto.c: Include more crypto headerfiles. Remove support for old hash names. -2006-01-02 Love Hörnquist Åstrand +2006-01-02 Love Hörnquist Ã…strand * kdc/misc.c (_kdc_db_fetch): use calloc to allocate the entry, from Andrew Bartlet. diff --git a/LICENSE b/LICENSE index d61e65fecdb9..404347b4bda9 100644 --- a/LICENSE +++ b/LICENSE @@ -1,4 +1,4 @@ -Copyright (c) 1995 - 2007 Kungliga Tekniska Högskolan +Copyright (c) 1995 - 2011 Kungliga Tekniska Högskolan (Royal Institute of Technology, Stockholm, Sweden). All rights reserved. @@ -28,3 +28,6 @@ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +Please see info documentation for the complete list of licenses. diff --git a/Makefile.am b/Makefile.am index 693c23fe10da..250809631ff7 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 22497 2008-01-21 12:12:23Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -6,13 +6,21 @@ if KCM kcm_dir = kcm endif -SUBDIRS= include lib kuser kdc admin kadmin kpasswd -SUBDIRS+= $(kcm_dir) appl doc tools tests packages etc +SUBDIRS= include base lib kuser kdc admin kadmin kpasswd +SUBDIRS+= $(kcm_dir) appl tools tests packages etc po + +if HEIMDAL_DOCUMENTATION +SUBDIRS+= doc +endif + + ## ACLOCAL = @ACLOCAL@ -I cf ACLOCAL_AMFLAGS = -I cf EXTRA_DIST = \ + NTMakefile \ + windows \ TODO \ LICENSE \ README \ diff --git a/Makefile.am.common b/Makefile.am.common index b3bbf45088e4..7f10e71f2ef4 100644 --- a/Makefile.am.common +++ b/Makefile.am.common @@ -1,4 +1,4 @@ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ include $(top_srcdir)/cf/Makefile.am.common diff --git a/Makefile.in b/Makefile.in index 68a2ddf55e1b..35feeabad743 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +15,16 @@ @SET_MAKE@ -# $Id: Makefile.am 22497 2008-01-21 12:12:23Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -40,12 +42,13 @@ host_triplet = @host@ DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ $(top_srcdir)/cf/Makefile.am.common $(top_srcdir)/configure \ - ChangeLog NEWS TODO compile config.guess config.sub install-sh \ - ltmain.sh missing ylwrap + ChangeLog NEWS TODO compile config.guess config.sub depcomp \ + install-sh ltmain.sh missing ylwrap +@HEIMDAL_DOCUMENTATION_TRUE@am__append_1 = doc subdir = . ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -60,7 +63,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -74,9 +77,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -84,7 +90,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ @@ -92,8 +98,7 @@ am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = +CONFIG_CLEAN_VPATH_FILES = SOURCES = DIST_SOURCES = RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ @@ -105,17 +110,45 @@ RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ ps-recursive uninstall-recursive RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive +AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \ + $(RECURSIVE_CLEAN_TARGETS:-recursive=) tags TAGS ctags CTAGS \ + distdir dist dist-all distcheck ETAGS = etags CTAGS = ctags -DIST_SUBDIRS = include lib kuser kdc admin kadmin kpasswd kcm appl doc \ - tools tests packages etc +DIST_SUBDIRS = include base lib kuser kdc admin kadmin kpasswd kcm \ + appl tools tests packages etc po doc DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) top_distdir = $(distdir) am__remove_distdir = \ - { test ! -d $(distdir) \ - || { find $(distdir) -type d ! -perm -200 -exec chmod u+w {} ';' \ - && rm -fr $(distdir); }; } + { test ! -d "$(distdir)" \ + || { find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \ + && rm -fr "$(distdir)"; }; } +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" DIST_ARCHIVES = $(distdir).tar.gz GZIP_ENV = --best distuninstallcheck_listfiles = find . -type f -print @@ -124,49 +157,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -190,10 +232,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -210,6 +253,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -225,31 +270,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -264,10 +323,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -308,35 +369,42 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la @KCM_TRUE@kcm_dir = kcm -SUBDIRS = include lib kuser kdc admin kadmin kpasswd $(kcm_dir) appl \ - doc tools tests packages etc +SUBDIRS = include base lib kuser kdc admin kadmin kpasswd $(kcm_dir) \ + appl tools tests packages etc po $(am__append_1) ACLOCAL_AMFLAGS = -I cf EXTRA_DIST = \ + NTMakefile \ + windows \ TODO \ LICENSE \ README \ @@ -373,22 +441,22 @@ EXTRA_DIST = \ all: all-recursive .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c am--refresh: @: $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - echo ' cd $(srcdir) && $(AUTOMAKE) --foreign --ignore-deps'; \ - cd $(srcdir) && $(AUTOMAKE) --foreign --ignore-deps \ + echo ' cd $(srcdir) && $(AUTOMAKE) --foreign'; \ + $(am__cd) $(srcdir) && $(AUTOMAKE) --foreign \ && exit 0; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -404,9 +472,10 @@ $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENC $(SHELL) ./config.status --recheck $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(srcdir) && $(AUTOCONF) + $(am__cd) $(srcdir) && $(AUTOCONF) $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) + $(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) +$(am__aclocal_m4_deps): mostlyclean-libtool: -rm -f *.lo @@ -415,7 +484,7 @@ clean-libtool: -rm -rf .libs _libs distclean-libtool: - -rm -f libtool + -rm -f libtool config.lt # This directory's subdirectories are mostly independent; you can cd # into them and run `make' without going through this Makefile. @@ -424,7 +493,7 @@ distclean-libtool: # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. $(RECURSIVE_TARGETS): - @failcom='exit 1'; \ + @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ *=* | --[!k]*);; \ @@ -441,7 +510,7 @@ $(RECURSIVE_TARGETS): else \ local_target="$$target"; \ fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ @@ -449,7 +518,7 @@ $(RECURSIVE_TARGETS): fi; test -z "$$fail" $(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ + @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ *=* | --[!k]*);; \ @@ -475,16 +544,16 @@ $(RECURSIVE_CLEAN_TARGETS): else \ local_target="$$target"; \ fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ done ctags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ done ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) @@ -492,14 +561,14 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ include_option=--etags-include; \ @@ -511,46 +580,50 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) $(am__remove_distdir) - test -d $(distdir) || mkdir $(distdir) + test -d "$(distdir)" || mkdir "$(distdir)" @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -566,29 +639,44 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test -d "$(distdir)/$$subdir" \ || $(MKDIR_P) "$(distdir)/$$subdir" \ || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ am__remove_distdir=: \ am__skip_length_check=: \ + am__skip_mode_fix=: \ distdir) \ || exit 1; \ fi; \ @@ -596,11 +684,13 @@ distdir: $(DISTFILES) $(MAKE) $(AM_MAKEFLAGS) \ top_distdir="$(top_distdir)" distdir="$(distdir)" \ dist-hook - -find $(distdir) -type d ! -perm -777 -exec chmod a+rwx {} \; -o \ + -test -n "$(am__skip_mode_fix)" \ + || find "$(distdir)" -type d ! -perm -755 \ + -exec chmod u+rwx,go+rx {} \; -o \ ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \ - || chmod -R a+r $(distdir) + || chmod -R a+r "$(distdir)" dist-gzip: distdir tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz $(am__remove_distdir) @@ -609,6 +699,14 @@ dist-bzip2: distdir tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2 $(am__remove_distdir) +dist-lzma: distdir + tardir=$(distdir) && $(am__tar) | lzma -9 -c >$(distdir).tar.lzma + $(am__remove_distdir) + +dist-xz: distdir + tardir=$(distdir) && $(am__tar) | xz -c >$(distdir).tar.xz + $(am__remove_distdir) + dist-tarZ: distdir tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z $(am__remove_distdir) @@ -632,13 +730,17 @@ dist dist-all: distdir distcheck: dist case '$(DIST_ARCHIVES)' in \ *.tar.gz*) \ - GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(am__untar) ;;\ + GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\ *.tar.bz2*) \ - bunzip2 -c $(distdir).tar.bz2 | $(am__untar) ;;\ + bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\ + *.tar.lzma*) \ + lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\ + *.tar.xz*) \ + xz -dc $(distdir).tar.xz | $(am__untar) ;;\ *.tar.Z*) \ uncompress -c $(distdir).tar.Z | $(am__untar) ;;\ *.shar.gz*) \ - GZIP=$(GZIP_ENV) gunzip -c $(distdir).shar.gz | unshar ;;\ + GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\ *.zip*) \ unzip $(distdir).zip ;;\ esac @@ -646,9 +748,11 @@ distcheck: dist mkdir $(distdir)/_build mkdir $(distdir)/_inst chmod a-w $(distdir) + test -d $(distdir)/_build || exit 0; \ dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ - && cd $(distdir)/_build \ + && am__cwd=`pwd` \ + && $(am__cd) $(distdir)/_build \ && ../configure --srcdir=.. --prefix="$$dc_install_base" \ $(DISTCHECK_CONFIGURE_FLAGS) \ && $(MAKE) $(AM_MAKEFLAGS) \ @@ -670,13 +774,15 @@ distcheck: dist && rm -rf "$$dc_destdir" \ && $(MAKE) $(AM_MAKEFLAGS) dist \ && rm -rf $(DIST_ARCHIVES) \ - && $(MAKE) $(AM_MAKEFLAGS) distcleancheck + && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \ + && cd "$$am__cwd" \ + || exit 1 $(am__remove_distdir) @(echo "$(distdir) archives ready for distribution: "; \ list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x' distuninstallcheck: - @cd $(distuninstallcheck_dir) \ + @$(am__cd) '$(distuninstallcheck_dir)' \ && test `$(distuninstallcheck_listfiles) | wc -l` -le 1 \ || { echo "ERROR: files left after uninstall:" ; \ if test -n "$(DESTDIR)"; then \ @@ -719,6 +825,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -739,6 +846,8 @@ dvi-am: html: html-recursive +html-am: + info: info-recursive info-am: @@ -746,23 +855,31 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-recursive +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-recursive +install-html-am: + install-info: install-info-recursive +install-info-am: + install-man: install-pdf: install-pdf-recursive +install-pdf-am: + install-ps: install-ps-recursive +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-recursive @@ -786,26 +903,27 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am +.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) check-am \ + ctags-recursive install-am install-data-am install-exec-am \ + install-strip tags-recursive uninstall-am .PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ all all-am all-local am--refresh check check-am check-local \ clean clean-generic clean-libtool ctags ctags-recursive dist \ - dist-all dist-bzip2 dist-gzip dist-hook dist-shar dist-tarZ \ - dist-zip distcheck distclean distclean-generic \ - distclean-libtool distclean-tags distcleancheck distdir \ - distuninstallcheck dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am \ - install-data-hook install-dvi install-dvi-am install-exec \ - install-exec-am install-exec-hook install-html install-html-am \ - install-info install-info-am install-man install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs installdirs-am \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags tags-recursive uninstall uninstall-am uninstall-hook + dist-all dist-bzip2 dist-gzip dist-hook dist-lzma dist-shar \ + dist-tarZ dist-xz dist-zip distcheck distclean \ + distclean-generic distclean-libtool distclean-tags \ + distcleancheck distdir distuninstallcheck dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-data-hook install-dvi install-dvi-am \ + install-exec install-exec-am install-exec-hook install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + installdirs-am maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ + ps ps-am tags tags-recursive uninstall uninstall-am \ + uninstall-hook install-suid-programs: @@ -876,6 +994,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -961,7 +1082,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -977,6 +1098,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) print-distdir: @echo $(distdir) + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/NEWS b/NEWS index f0504274042f..585d7cf4af3f 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,162 @@ +Release Notes - Heimdal - Version Heimdal 1.5 + +New features + + - Support GSS name extensions/attributes + - SHA512 support + - No Kerberos 4 support + - Basic support for MIT Admin protocol (SECGSS flavor) + in kadmind (extract keytab) + - Replace editline with libedit + +Release Notes - Heimdal - Version Heimdal 1.4 + + New features + + - Support for reading MIT database file directly + - KCM is polished up and now used in production + - NTLM first class citizen, credentials stored in KCM + - Table driven ASN.1 compiler, smaller!, not enabled by default + - Native Windows client support + +Notes + + - Disabled write support NDBM hdb backend (read still in there) since + it can't handle large records, please migrate to a diffrent backend + (like BDB4) + +Release Notes - Heimdal - Version Heimdal 1.3.3 + + Bug fixes + - Check the GSS-API checksum exists before trying to use it [CVE-2010-1321] + - Check NULL pointers before dereference them [kdc] + +Release Notes - Heimdal - Version Heimdal 1.3.2 + + Bug fixes + + - Don't mix length when clearing hmac (could memset too much) + - More paranoid underrun checking when decrypting packets + - Check the password change requests and refuse to answer empty packets + - Build on OpenSolaris + - Renumber AD-SIGNED-TICKET since it was stolen from US + - Don't cache /dev/*random file descriptor, it doesn't get unloaded + - Make C++ safe + - Misc warnings + +Release Notes - Heimdal - Version Heimdal 1.3.1 + + Bug fixes + + - Store KDC offset in credentials + - Many many more bug fixes + +Release Notes - Heimdal - Version Heimdal 1.3.1 + + New features + + - Make work with OpenLDAPs krb5 overlay + +Release Notes - Heimdal - Version Heimdal 1.3 + + New features + + - Partial support for MIT kadmind rpc protocol in kadmind + - Better support for finding keytab entries when using SPN aliases in the KDC + - Support BER in ASN.1 library (needed for CMS) + - Support decryption in Keychain private keys + - Support for new sqlite based credential cache + - Try both KDC referals and the common DNS reverse lookup in GSS-API + - Fix the KCM to not leak resources on failure + - Add IPv6 support to iprop + - Support localization of error strings in + kinit/klist/kdestroy and Kerberos library + - Remove Kerberos 4 support in application (still in KDC) + - Deprecate DES + - Support i18n password in windows domains (using UTF-8) + - More complete API emulation of OpenSSL in hcrypto + - Support for ECDSA and ECDH when linking with OpenSSL + + API changes + + - Support for settin friendly name on credential caches + - Move to using doxygen to generate documentation. + - Sprinkling __attribute__((depricated)) for old function to be removed + - Support to export LAST-REQUST information in AS-REQ + - Support for client deferrals in in AS-REQ + - Add seek support for krb5_storage. + - Support for split AS-REQ, first step for IA-KERB + - Fix many memory leaks and bugs + - Improved regression test + - Support krb5_cccol + - Switch to krb5_set_error_message + - Support krb5_crypto_*_iov + - Switch to use EVP for most function + - Use SOCK_CLOEXEC and O_CLOEXEC (close on exec) + - Add support for GSS_C_DELEG_POLICY_FLAG + - Add krb5_cc_[gs]et_config to store data in the credential caches + - PTY testing application + +Bugfixes + - Make building on AIX6 possible. + - Bugfixes in LDAP KDC code to make it more stable + - Make ipropd-slave reconnect when master down gown + + +Release Notes - Heimdal - Version Heimdal 1.2.1 + +* Bug + + [HEIMDAL-147] - Heimdal 1.2 not compiling on Solaris + [HEIMDAL-151] - Make canned tests work again after cert expired + [HEIMDAL-152] - iprop test: use full hostname to avoid realm + resolving errors + [HEIMDAL-153] - ftp: Use the correct length for unmap, msync + +Release Notes - Heimdal - Version Heimdal 1.2 + +* Bug + + [HEIMDAL-10] - Follow-up on bug report for SEGFAULT in + gss_display_name/gss_export_name when using SPNEGO + [HEIMDAL-15] - Re: [Heimdal-bugs] potential bug in Heimdal 1.1 + [HEIMDAL-17] - Remove support for depricated [libdefaults]capath + [HEIMDAL-52] - hdb overwrite aliases for db databases + [HEIMDAL-54] - Two issues which affect credentials delegation + [HEIMDAL-58] - sockbuf.c calls setsockopt with bad args + [HEIMDAL-62] - Fix printing of sig_atomic_t + [HEIMDAL-87] - heimdal 1.1 not building under cygwin in hcrypto + [HEIMDAL-105] - rcp: sync rcp with upstream bsd rcp codebase + [HEIMDAL-117] - Use libtool to detect symbol versioning (Debian Bug#453241) + +* Improvement + [HEIMDAL-67] - Fix locking and store credential in atomic writes + in the FILE credential cache + [HEIMDAL-106] - make compile on cygwin again + [HEIMDAL-107] - Replace old random key generation in des module + and use it with RAND_ function instead + [HEIMDAL-115] - Better documentation and compatibility in hcrypto + in regards to OpenSSL + +* New Feature + [HEIMDAL-3] - pkinit alg agility PRF test vectors + [HEIMDAL-14] - Add libwind to Heimdal + [HEIMDAL-16] - Use libwind in hx509 + [HEIMDAL-55] - Add flag to krb5 to not add GSS-API INT|CONF to + the negotiation + [HEIMDAL-74] - Add support to report extended error message back + in AS-REQ to support windows clients + [HEIMDAL-116] - test pty based application (using rkpty) + [HEIMDAL-120] - Use new OpenLDAP API (older deprecated) + +* Task + [HEIMDAL-63] - Dont try key usage KRB5_KU_AP_REQ_AUTH for TGS-REQ. + This drop compatibility with pre 0.3d KDCs. + [HEIMDAL-64] - kcm: first implementation of kcm-move-cache + [HEIMDAL-65] - Failed to compile with --disable-pk-init + [HEIMDAL-80] - verify that [VU#162289]: gcc silently discards some + wraparound checks doesn't apply to Heimdal + Changes in release 1.1 * Read-only PKCS11 provider built-in to hx509. diff --git a/NTMakefile b/NTMakefile new file mode 100644 index 000000000000..fcd60a3d3cbd --- /dev/null +++ b/NTMakefile @@ -0,0 +1,42 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +!if exist(thirdparty/NTMakefile) +thirdparty=thirdparty +!endif + +SUBDIRS = include lib\roken base lib kuser kdc admin kadmin kpasswd appl doc \ + tools tests packages etc $(thirdparty) packages\windows\installer + +!include windows/NTMakefile.w32 + +all:: + @echo Build finished succesfully diff --git a/README b/README index 88ab7fd12135..d2c4eba8ce67 100644 --- a/README +++ b/README @@ -1,16 +1,15 @@ -$Id: README 8839 2000-07-27 02:33:54Z assar $ Heimdal is a Kerberos 5 implementation. -Please see the manual in doc, by default installed in -/usr/heimdal/info/heimdal.info for information on how to install. -There are also briefer man pages for most of the commands. +For information how to install see . + +There are briefer man pages for most of the commands. Bug reports and bugs are appreciated, see more under Bug reports in -the manual on how we prefer them. +the manual on how we prefer them: . For more information see the web-page at - or the mailing lists: + or the mailing lists: heimdal-announce@sics.se low-volume announcement heimdal-discuss@sics.se high-volume discussion diff --git a/TODO b/TODO new file mode 100644 index 000000000000..87c50b82b026 --- /dev/null +++ b/TODO @@ -0,0 +1,30 @@ +-*- indented-text -*- + +** lib/gssapi + +cache delegation credentials to avoid hitting the kdc ? require time +stampless tickets, and was supported in the recv'ing end with 0.6.1. + +make iov work for arcfour + +make iov work for ntlm + +interop test + +make TYPE_STREAM work + +** lib/kadm5 + +add policies? + +** lib/krb5 + +verify_user: handle non-secure verification failing because of +host->realm mapping + +* windows stuff + +-- drop all double negation #ifndef NO_ +-- got though windows specific ifdefs to minimized them +-- switch to use heim-ipc for services, like the kadmin change notification socket +-- Unify lib/krb5/expand_path_w32.c diff --git a/acinclude.m4 b/acinclude.m4 index eecf7cfb8bb1..7fd37ff051f1 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -1,4 +1,4 @@ -dnl $Id: acinclude.m4 13337 2004-02-12 14:19:16Z lha $ +dnl $Id$ dnl dnl Only put things that for some reason can't live in the `cf' dnl directory in this file. diff --git a/aclocal.m4 b/aclocal.m4 index e9dcb29715e2..005a99fb2c1d 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -1,7 +1,7 @@ -# generated automatically by aclocal 1.10 -*- Autoconf -*- +# generated automatically by aclocal 1.11.1 -*- Autoconf -*- # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, -# 2005, 2006 Free Software Foundation, Inc. +# 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc. # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -11,6389 +11,15 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -m4_if(m4_PACKAGE_VERSION, [2.61],, -[m4_fatal([this file was generated for autoconf 2.61. -You have another version of autoconf. If you want to use that, -you should regenerate the build system entirely.], [63])]) - -# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- - -# serial 48 AC_PROG_LIBTOOL - - -# AC_PROVIDE_IFELSE(MACRO-NAME, IF-PROVIDED, IF-NOT-PROVIDED) -# ----------------------------------------------------------- -# If this macro is not defined by Autoconf, define it here. -m4_ifdef([AC_PROVIDE_IFELSE], - [], - [m4_define([AC_PROVIDE_IFELSE], - [m4_ifdef([AC_PROVIDE_$1], - [$2], [$3])])]) - - -# AC_PROG_LIBTOOL -# --------------- -AC_DEFUN([AC_PROG_LIBTOOL], -[AC_REQUIRE([_AC_PROG_LIBTOOL])dnl -dnl If AC_PROG_CXX has already been expanded, run AC_LIBTOOL_CXX -dnl immediately, otherwise, hook it in at the end of AC_PROG_CXX. - AC_PROVIDE_IFELSE([AC_PROG_CXX], - [AC_LIBTOOL_CXX], - [define([AC_PROG_CXX], defn([AC_PROG_CXX])[AC_LIBTOOL_CXX - ])]) -dnl And a similar setup for Fortran 77 support - AC_PROVIDE_IFELSE([AC_PROG_F77], - [AC_LIBTOOL_F77], - [define([AC_PROG_F77], defn([AC_PROG_F77])[AC_LIBTOOL_F77 -])]) - -dnl Quote A][M_PROG_GCJ so that aclocal doesn't bring it in needlessly. -dnl If either AC_PROG_GCJ or A][M_PROG_GCJ have already been expanded, run -dnl AC_LIBTOOL_GCJ immediately, otherwise, hook it in at the end of both. - AC_PROVIDE_IFELSE([AC_PROG_GCJ], - [AC_LIBTOOL_GCJ], - [AC_PROVIDE_IFELSE([A][M_PROG_GCJ], - [AC_LIBTOOL_GCJ], - [AC_PROVIDE_IFELSE([LT_AC_PROG_GCJ], - [AC_LIBTOOL_GCJ], - [ifdef([AC_PROG_GCJ], - [define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[AC_LIBTOOL_GCJ])]) - ifdef([A][M_PROG_GCJ], - [define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[AC_LIBTOOL_GCJ])]) - ifdef([LT_AC_PROG_GCJ], - [define([LT_AC_PROG_GCJ], - defn([LT_AC_PROG_GCJ])[AC_LIBTOOL_GCJ])])])]) -])])# AC_PROG_LIBTOOL - - -# _AC_PROG_LIBTOOL -# ---------------- -AC_DEFUN([_AC_PROG_LIBTOOL], -[AC_REQUIRE([AC_LIBTOOL_SETUP])dnl -AC_BEFORE([$0],[AC_LIBTOOL_CXX])dnl -AC_BEFORE([$0],[AC_LIBTOOL_F77])dnl -AC_BEFORE([$0],[AC_LIBTOOL_GCJ])dnl - -# This can be used to rebuild libtool when needed -LIBTOOL_DEPS="$ac_aux_dir/ltmain.sh" - -# Always use our own libtool. -LIBTOOL='$(SHELL) $(top_builddir)/libtool' -AC_SUBST(LIBTOOL)dnl - -# Prevent multiple expansion -define([AC_PROG_LIBTOOL], []) -])# _AC_PROG_LIBTOOL - - -# AC_LIBTOOL_SETUP -# ---------------- -AC_DEFUN([AC_LIBTOOL_SETUP], -[AC_PREREQ(2.50)dnl -AC_REQUIRE([AC_ENABLE_SHARED])dnl -AC_REQUIRE([AC_ENABLE_STATIC])dnl -AC_REQUIRE([AC_ENABLE_FAST_INSTALL])dnl -AC_REQUIRE([AC_CANONICAL_HOST])dnl -AC_REQUIRE([AC_CANONICAL_BUILD])dnl -AC_REQUIRE([AC_PROG_CC])dnl -AC_REQUIRE([AC_PROG_LD])dnl -AC_REQUIRE([AC_PROG_LD_RELOAD_FLAG])dnl -AC_REQUIRE([AC_PROG_NM])dnl - -AC_REQUIRE([AC_PROG_LN_S])dnl -AC_REQUIRE([AC_DEPLIBS_CHECK_METHOD])dnl -# Autoconf 2.13's AC_OBJEXT and AC_EXEEXT macros only works for C compilers! -AC_REQUIRE([AC_OBJEXT])dnl -AC_REQUIRE([AC_EXEEXT])dnl -dnl - -AC_LIBTOOL_SYS_MAX_CMD_LEN -AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE -AC_LIBTOOL_OBJDIR - -AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl -_LT_AC_PROG_ECHO_BACKSLASH - -case $host_os in -aix3*) - # AIX sometimes has problems with the GCC collect2 program. For some - # reason, if we set the COLLECT_NAMES environment variable, the problems - # vanish in a puff of smoke. - if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES - fi - ;; -esac - -# Sed substitution that helps us do robust quoting. It backslashifies -# metacharacters that are still active within double-quoted strings. -Xsed='sed -e 1s/^X//' -[sed_quote_subst='s/\([\\"\\`$\\\\]\)/\\\1/g'] - -# Same as above, but do not quote variable references. -[double_quote_subst='s/\([\\"\\`\\\\]\)/\\\1/g'] - -# Sed substitution to delay expansion of an escaped shell variable in a -# double_quote_subst'ed string. -delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' - -# Sed substitution to avoid accidental globbing in evaled expressions -no_glob_subst='s/\*/\\\*/g' - -# Constants: -rm="rm -f" - -# Global variables: -default_ofile=libtool -can_build_shared=yes - -# All known linkers require a `.a' archive for static linking (except MSVC, -# which needs '.lib'). -libext=a -ltmain="$ac_aux_dir/ltmain.sh" -ofile="$default_ofile" -with_gnu_ld="$lt_cv_prog_gnu_ld" - -AC_CHECK_TOOL(AR, ar, false) -AC_CHECK_TOOL(RANLIB, ranlib, :) -AC_CHECK_TOOL(STRIP, strip, :) - -old_CC="$CC" -old_CFLAGS="$CFLAGS" - -# Set sane defaults for various variables -test -z "$AR" && AR=ar -test -z "$AR_FLAGS" && AR_FLAGS=cru -test -z "$AS" && AS=as -test -z "$CC" && CC=cc -test -z "$LTCC" && LTCC=$CC -test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS -test -z "$DLLTOOL" && DLLTOOL=dlltool -test -z "$LD" && LD=ld -test -z "$LN_S" && LN_S="ln -s" -test -z "$MAGIC_CMD" && MAGIC_CMD=file -test -z "$NM" && NM=nm -test -z "$SED" && SED=sed -test -z "$OBJDUMP" && OBJDUMP=objdump -test -z "$RANLIB" && RANLIB=: -test -z "$STRIP" && STRIP=: -test -z "$ac_objext" && ac_objext=o - -# Determine commands to create old-style static archives. -old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs' -old_postinstall_cmds='chmod 644 $oldlib' -old_postuninstall_cmds= - -if test -n "$RANLIB"; then - case $host_os in - openbsd*) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" - ;; - *) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" - ;; - esac - old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" -fi - -_LT_CC_BASENAME([$compiler]) - -# Only perform the check for file, if the check method requires it -case $deplibs_check_method in -file_magic*) - if test "$file_magic_cmd" = '$MAGIC_CMD'; then - AC_PATH_MAGIC - fi - ;; -esac - -AC_PROVIDE_IFELSE([AC_LIBTOOL_DLOPEN], enable_dlopen=yes, enable_dlopen=no) -AC_PROVIDE_IFELSE([AC_LIBTOOL_WIN32_DLL], -enable_win32_dll=yes, enable_win32_dll=no) - -AC_ARG_ENABLE([libtool-lock], - [AC_HELP_STRING([--disable-libtool-lock], - [avoid locking (might break parallel builds)])]) -test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes - -AC_ARG_WITH([pic], - [AC_HELP_STRING([--with-pic], - [try to use only PIC/non-PIC objects @<:@default=use both@:>@])], - [pic_mode="$withval"], - [pic_mode=default]) -test -z "$pic_mode" && pic_mode=default - -# Use C for the default configuration in the libtool script -tagname= -AC_LIBTOOL_LANG_C_CONFIG -_LT_AC_TAGCONFIG -])# AC_LIBTOOL_SETUP - - -# _LT_AC_SYS_COMPILER -# ------------------- -AC_DEFUN([_LT_AC_SYS_COMPILER], -[AC_REQUIRE([AC_PROG_CC])dnl - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC -])# _LT_AC_SYS_COMPILER - - -# _LT_CC_BASENAME(CC) -# ------------------- -# Calculate cc_basename. Skip known compiler wrappers and cross-prefix. -AC_DEFUN([_LT_CC_BASENAME], -[for cc_temp in $1""; do - case $cc_temp in - compile | *[[\\/]]compile | ccache | *[[\\/]]ccache ) ;; - distcc | *[[\\/]]distcc | purify | *[[\\/]]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` -]) - - -# _LT_COMPILER_BOILERPLATE -# ------------------------ -# Check for compiler boilerplate output or warnings with -# the simple compiler test code. -AC_DEFUN([_LT_COMPILER_BOILERPLATE], -[ac_outfile=conftest.$ac_objext -printf "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$rm conftest* -])# _LT_COMPILER_BOILERPLATE - - -# _LT_LINKER_BOILERPLATE -# ---------------------- -# Check for linker boilerplate output or warnings with -# the simple link test code. -AC_DEFUN([_LT_LINKER_BOILERPLATE], -[ac_outfile=conftest.$ac_objext -printf "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$rm conftest* -])# _LT_LINKER_BOILERPLATE - - -# _LT_AC_SYS_LIBPATH_AIX -# ---------------------- -# Links a minimal program and checks the executable -# for the system default hardcoded library path. In most cases, -# this is /usr/lib:/lib, but when the MPI compilers are used -# the location of the communication and MPI libs are included too. -# If we don't find anything, use the default library path according -# to the aix ld manual. -AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX], -[AC_LINK_IFELSE(AC_LANG_PROGRAM,[ -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi],[]) -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi -])# _LT_AC_SYS_LIBPATH_AIX - - -# _LT_AC_SHELL_INIT(ARG) -# ---------------------- -AC_DEFUN([_LT_AC_SHELL_INIT], -[ifdef([AC_DIVERSION_NOTICE], - [AC_DIVERT_PUSH(AC_DIVERSION_NOTICE)], - [AC_DIVERT_PUSH(NOTICE)]) -$1 -AC_DIVERT_POP -])# _LT_AC_SHELL_INIT - - -# _LT_AC_PROG_ECHO_BACKSLASH -# -------------------------- -# Add some code to the start of the generated configure script which -# will find an echo command which doesn't interpret backslashes. -AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH], -[_LT_AC_SHELL_INIT([ -# Check that we are running under the correct shell. -SHELL=${CONFIG_SHELL-/bin/sh} - -case X$ECHO in -X*--fallback-echo) - # Remove one level of quotation (which was required for Make). - ECHO=`echo "$ECHO" | sed 's,\\\\\[$]\\[$]0,'[$]0','` - ;; -esac - -echo=${ECHO-echo} -if test "X[$]1" = X--no-reexec; then - # Discard the --no-reexec flag, and continue. - shift -elif test "X[$]1" = X--fallback-echo; then - # Avoid inline document here, it may be left over - : -elif test "X`($echo '\t') 2>/dev/null`" = 'X\t' ; then - # Yippee, $echo works! - : -else - # Restart under the correct shell. - exec $SHELL "[$]0" --no-reexec ${1+"[$]@"} -fi - -if test "X[$]1" = X--fallback-echo; then - # used as fallback echo - shift - cat </dev/null 2>&1 && unset CDPATH - -if test -z "$ECHO"; then -if test "X${echo_test_string+set}" != Xset; then -# find a string as large as possible, as long as the shell can cope with it - for cmd in 'sed 50q "[$]0"' 'sed 20q "[$]0"' 'sed 10q "[$]0"' 'sed 2q "[$]0"' 'echo test'; do - # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ... - if (echo_test_string=`eval $cmd`) 2>/dev/null && - echo_test_string=`eval $cmd` && - (test "X$echo_test_string" = "X$echo_test_string") 2>/dev/null - then - break - fi - done -fi - -if test "X`($echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - : -else - # The Solaris, AIX, and Digital Unix default echo programs unquote - # backslashes. This makes it impossible to quote backslashes using - # echo "$something" | sed 's/\\/\\\\/g' - # - # So, first we look for a working echo in the user's PATH. - - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for dir in $PATH /usr/ucb; do - IFS="$lt_save_ifs" - if (test -f $dir/echo || test -f $dir/echo$ac_exeext) && - test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - echo="$dir/echo" - break - fi - done - IFS="$lt_save_ifs" - - if test "X$echo" = Xecho; then - # We didn't find a better echo, so look for alternatives. - if test "X`(print -r '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`(print -r "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - # This shell has a builtin print -r that does the trick. - echo='print -r' - elif (test -f /bin/ksh || test -f /bin/ksh$ac_exeext) && - test "X$CONFIG_SHELL" != X/bin/ksh; then - # If we have ksh, try running configure again with it. - ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh} - export ORIGINAL_CONFIG_SHELL - CONFIG_SHELL=/bin/ksh - export CONFIG_SHELL - exec $CONFIG_SHELL "[$]0" --no-reexec ${1+"[$]@"} - else - # Try using printf. - echo='printf %s\n' - if test "X`($echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - # Cool, printf works - : - elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` && - test "X$echo_testing_string" = 'X\t' && - echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL - export CONFIG_SHELL - SHELL="$CONFIG_SHELL" - export SHELL - echo="$CONFIG_SHELL [$]0 --fallback-echo" - elif echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` && - test "X$echo_testing_string" = 'X\t' && - echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - echo="$CONFIG_SHELL [$]0 --fallback-echo" - else - # maybe with a smaller string... - prev=: - - for cmd in 'echo test' 'sed 2q "[$]0"' 'sed 10q "[$]0"' 'sed 20q "[$]0"' 'sed 50q "[$]0"'; do - if (test "X$echo_test_string" = "X`eval $cmd`") 2>/dev/null - then - break - fi - prev="$cmd" - done - - if test "$prev" != 'sed 50q "[$]0"'; then - echo_test_string=`eval $prev` - export echo_test_string - exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "[$]0" ${1+"[$]@"} - else - # Oops. We lost completely, so just stick with echo. - echo=echo - fi - fi - fi - fi -fi -fi - -# Copy echo and quote the copy suitably for passing to libtool from -# the Makefile, instead of quoting the original, which is used later. -ECHO=$echo -if test "X$ECHO" = "X$CONFIG_SHELL [$]0 --fallback-echo"; then - ECHO="$CONFIG_SHELL \\\$\[$]0 --fallback-echo" -fi - -AC_SUBST(ECHO) -])])# _LT_AC_PROG_ECHO_BACKSLASH - - -# _LT_AC_LOCK -# ----------- -AC_DEFUN([_LT_AC_LOCK], -[AC_ARG_ENABLE([libtool-lock], - [AC_HELP_STRING([--disable-libtool-lock], - [avoid locking (might break parallel builds)])]) -test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes - -# Some flags need to be propagated to the compiler or linker for good -# libtool support. -case $host in -ia64-*-hpux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if AC_TRY_EVAL(ac_compile); then - case `/usr/bin/file conftest.$ac_objext` in - *ELF-32*) - HPUX_IA64_MODE="32" - ;; - *ELF-64*) - HPUX_IA64_MODE="64" - ;; - esac - fi - rm -rf conftest* - ;; -*-*-irix6*) - # Find out which ABI we are using. - echo '[#]line __oline__ "configure"' > conftest.$ac_ext - if AC_TRY_EVAL(ac_compile); then - if test "$lt_cv_prog_gnu_ld" = yes; then - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -melf32bsmip" - ;; - *N32*) - LD="${LD-ld} -melf32bmipn32" - ;; - *64-bit*) - LD="${LD-ld} -melf64bmip" - ;; - esac - else - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -32" - ;; - *N32*) - LD="${LD-ld} -n32" - ;; - *64-bit*) - LD="${LD-ld} -64" - ;; - esac - fi - fi - rm -rf conftest* - ;; - -x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*|s390*-*linux*|sparc*-*linux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if AC_TRY_EVAL(ac_compile); then - case `/usr/bin/file conftest.o` in - *32-bit*) - case $host in - x86_64-*linux*) - LD="${LD-ld} -m elf_i386" - ;; - ppc64-*linux*|powerpc64-*linux*) - LD="${LD-ld} -m elf32ppclinux" - ;; - s390x-*linux*) - LD="${LD-ld} -m elf_s390" - ;; - sparc64-*linux*) - LD="${LD-ld} -m elf32_sparc" - ;; - esac - ;; - *64-bit*) - case $host in - x86_64-*linux*) - LD="${LD-ld} -m elf_x86_64" - ;; - ppc*-*linux*|powerpc*-*linux*) - LD="${LD-ld} -m elf64ppc" - ;; - s390*-*linux*) - LD="${LD-ld} -m elf64_s390" - ;; - sparc*-*linux*) - LD="${LD-ld} -m elf64_sparc" - ;; - esac - ;; - esac - fi - rm -rf conftest* - ;; - -*-*-sco3.2v5*) - # On SCO OpenServer 5, we need -belf to get full-featured binaries. - SAVE_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -belf" - AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf, - [AC_LANG_PUSH(C) - AC_TRY_LINK([],[],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no]) - AC_LANG_POP]) - if test x"$lt_cv_cc_needs_belf" != x"yes"; then - # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf - CFLAGS="$SAVE_CFLAGS" - fi - ;; -sparc*-*solaris*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if AC_TRY_EVAL(ac_compile); then - case `/usr/bin/file conftest.o` in - *64-bit*) - case $lt_cv_prog_gnu_ld in - yes*) LD="${LD-ld} -m elf64_sparc" ;; - *) LD="${LD-ld} -64" ;; - esac - ;; - esac - fi - rm -rf conftest* - ;; - -AC_PROVIDE_IFELSE([AC_LIBTOOL_WIN32_DLL], -[*-*-cygwin* | *-*-mingw* | *-*-pw32*) - AC_CHECK_TOOL(DLLTOOL, dlltool, false) - AC_CHECK_TOOL(AS, as, false) - AC_CHECK_TOOL(OBJDUMP, objdump, false) - ;; - ]) -esac - -need_locks="$enable_libtool_lock" - -])# _LT_AC_LOCK - - -# AC_LIBTOOL_COMPILER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS, -# [OUTPUT-FILE], [ACTION-SUCCESS], [ACTION-FAILURE]) -# ---------------------------------------------------------------- -# Check whether the given compiler option works -AC_DEFUN([AC_LIBTOOL_COMPILER_OPTION], -[AC_REQUIRE([LT_AC_PROG_SED]) -AC_CACHE_CHECK([$1], [$2], - [$2=no - ifelse([$4], , [ac_outfile=conftest.$ac_objext], [ac_outfile=$4]) - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="$3" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&AS_MESSAGE_LOG_FD - echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - $2=yes - fi - fi - $rm conftest* -]) - -if test x"[$]$2" = xyes; then - ifelse([$5], , :, [$5]) -else - ifelse([$6], , :, [$6]) -fi -])# AC_LIBTOOL_COMPILER_OPTION - - -# AC_LIBTOOL_LINKER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS, -# [ACTION-SUCCESS], [ACTION-FAILURE]) -# ------------------------------------------------------------ -# Check whether the given compiler option works -AC_DEFUN([AC_LIBTOOL_LINKER_OPTION], -[AC_CACHE_CHECK([$1], [$2], - [$2=no - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $3" - printf "$lt_simple_link_test_code" > conftest.$ac_ext - if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then - # The linker can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - # Append any errors to the config.log. - cat conftest.err 1>&AS_MESSAGE_LOG_FD - $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if diff conftest.exp conftest.er2 >/dev/null; then - $2=yes - fi - else - $2=yes - fi - fi - $rm conftest* - LDFLAGS="$save_LDFLAGS" -]) - -if test x"[$]$2" = xyes; then - ifelse([$4], , :, [$4]) -else - ifelse([$5], , :, [$5]) -fi -])# AC_LIBTOOL_LINKER_OPTION - - -# AC_LIBTOOL_SYS_MAX_CMD_LEN -# -------------------------- -AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN], -[# find the maximum length of command line arguments -AC_MSG_CHECKING([the maximum length of command line arguments]) -AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl - i=0 - teststring="ABCD" - - case $build_os in - msdosdjgpp*) - # On DJGPP, this test can blow up pretty badly due to problems in libc - # (any single argument exceeding 2000 bytes causes a buffer overrun - # during glob expansion). Even if it were fixed, the result of this - # check would be larger than it should be. - lt_cv_sys_max_cmd_len=12288; # 12K is about right - ;; - - gnu*) - # Under GNU Hurd, this test is not required because there is - # no limit to the length of command line arguments. - # Libtool will interpret -1 as no limit whatsoever - lt_cv_sys_max_cmd_len=-1; - ;; - - cygwin* | mingw*) - # On Win9x/ME, this test blows up -- it succeeds, but takes - # about 5 minutes as the teststring grows exponentially. - # Worse, since 9x/ME are not pre-emptively multitasking, - # you end up with a "frozen" computer, even though with patience - # the test eventually succeeds (with a max line length of 256k). - # Instead, let's just punt: use the minimum linelength reported by - # all of the supported platforms: 8192 (on NT/2K/XP). - lt_cv_sys_max_cmd_len=8192; - ;; - - amigaos*) - # On AmigaOS with pdksh, this test takes hours, literally. - # So we just punt and use a minimum line length of 8192. - lt_cv_sys_max_cmd_len=8192; - ;; - - netbsd* | freebsd* | openbsd* | darwin* | dragonfly*) - # This has been around since 386BSD, at least. Likely further. - if test -x /sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` - elif test -x /usr/sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` - else - lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs - fi - # And add a safety zone - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` - ;; - - interix*) - # We know the value 262144 and hardcode it with a safety zone (like BSD) - lt_cv_sys_max_cmd_len=196608 - ;; - - osf*) - # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure - # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not - # nice to cause kernel panics so lets avoid the loop below. - # First set a reasonable default. - lt_cv_sys_max_cmd_len=16384 - # - if test -x /sbin/sysconfig; then - case `/sbin/sysconfig -q proc exec_disable_arg_limit` in - *1*) lt_cv_sys_max_cmd_len=-1 ;; - esac - fi - ;; - sco3.2v5*) - lt_cv_sys_max_cmd_len=102400 - ;; - sysv5* | sco5v6* | sysv4.2uw2*) - kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` - if test -n "$kargmax"; then - lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[[ ]]//'` - else - lt_cv_sys_max_cmd_len=32768 - fi - ;; - *) - # If test is not a shell built-in, we'll probably end up computing a - # maximum length that is only half of the actual maximum length, but - # we can't tell. - SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} - while (test "X"`$SHELL [$]0 --fallback-echo "X$teststring" 2>/dev/null` \ - = "XX$teststring") >/dev/null 2>&1 && - new_result=`expr "X$teststring" : ".*" 2>&1` && - lt_cv_sys_max_cmd_len=$new_result && - test $i != 17 # 1/2 MB should be enough - do - i=`expr $i + 1` - teststring=$teststring$teststring - done - teststring= - # Add a significant safety factor because C++ compilers can tack on massive - # amounts of additional arguments before passing them to the linker. - # It appears as though 1/2 is a usable value. - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` - ;; - esac -]) -if test -n $lt_cv_sys_max_cmd_len ; then - AC_MSG_RESULT($lt_cv_sys_max_cmd_len) -else - AC_MSG_RESULT(none) -fi -])# AC_LIBTOOL_SYS_MAX_CMD_LEN - - -# _LT_AC_CHECK_DLFCN -# ------------------ -AC_DEFUN([_LT_AC_CHECK_DLFCN], -[AC_CHECK_HEADERS(dlfcn.h)dnl -])# _LT_AC_CHECK_DLFCN - - -# _LT_AC_TRY_DLOPEN_SELF (ACTION-IF-TRUE, ACTION-IF-TRUE-W-USCORE, -# ACTION-IF-FALSE, ACTION-IF-CROSS-COMPILING) -# --------------------------------------------------------------------- -AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF], -[AC_REQUIRE([_LT_AC_CHECK_DLFCN])dnl -if test "$cross_compiling" = yes; then : - [$4] -else - lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 - lt_status=$lt_dlunknown - cat > conftest.$ac_ext < -#endif - -#include - -#ifdef RTLD_GLOBAL -# define LT_DLGLOBAL RTLD_GLOBAL -#else -# ifdef DL_GLOBAL -# define LT_DLGLOBAL DL_GLOBAL -# else -# define LT_DLGLOBAL 0 -# endif -#endif - -/* We may have to define LT_DLLAZY_OR_NOW in the command line if we - find out it does not work in some platform. */ -#ifndef LT_DLLAZY_OR_NOW -# ifdef RTLD_LAZY -# define LT_DLLAZY_OR_NOW RTLD_LAZY -# else -# ifdef DL_LAZY -# define LT_DLLAZY_OR_NOW DL_LAZY -# else -# ifdef RTLD_NOW -# define LT_DLLAZY_OR_NOW RTLD_NOW -# else -# ifdef DL_NOW -# define LT_DLLAZY_OR_NOW DL_NOW -# else -# define LT_DLLAZY_OR_NOW 0 -# endif -# endif -# endif -# endif -#endif - -#ifdef __cplusplus -extern "C" void exit (int); -#endif - -void fnord() { int i=42;} -int main () -{ - void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); - int status = $lt_dlunknown; - - if (self) - { - if (dlsym (self,"fnord")) status = $lt_dlno_uscore; - else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; - /* dlclose (self); */ - } - else - puts (dlerror ()); - - exit (status); -}] -EOF - if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext} 2>/dev/null; then - (./conftest; exit; ) >&AS_MESSAGE_LOG_FD 2>/dev/null - lt_status=$? - case x$lt_status in - x$lt_dlno_uscore) $1 ;; - x$lt_dlneed_uscore) $2 ;; - x$lt_dlunknown|x*) $3 ;; - esac - else : - # compilation failed - $3 - fi -fi -rm -fr conftest* -])# _LT_AC_TRY_DLOPEN_SELF - - -# AC_LIBTOOL_DLOPEN_SELF -# ---------------------- -AC_DEFUN([AC_LIBTOOL_DLOPEN_SELF], -[AC_REQUIRE([_LT_AC_CHECK_DLFCN])dnl -if test "x$enable_dlopen" != xyes; then - enable_dlopen=unknown - enable_dlopen_self=unknown - enable_dlopen_self_static=unknown -else - lt_cv_dlopen=no - lt_cv_dlopen_libs= - - case $host_os in - beos*) - lt_cv_dlopen="load_add_on" - lt_cv_dlopen_libs= - lt_cv_dlopen_self=yes - ;; - - mingw* | pw32*) - lt_cv_dlopen="LoadLibrary" - lt_cv_dlopen_libs= - ;; - - cygwin*) - lt_cv_dlopen="dlopen" - lt_cv_dlopen_libs= - ;; - - darwin*) - # if libdl is installed we need to link against it - AC_CHECK_LIB([dl], [dlopen], - [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],[ - lt_cv_dlopen="dyld" - lt_cv_dlopen_libs= - lt_cv_dlopen_self=yes - ]) - ;; - - *) - AC_CHECK_FUNC([shl_load], - [lt_cv_dlopen="shl_load"], - [AC_CHECK_LIB([dld], [shl_load], - [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-dld"], - [AC_CHECK_FUNC([dlopen], - [lt_cv_dlopen="dlopen"], - [AC_CHECK_LIB([dl], [dlopen], - [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"], - [AC_CHECK_LIB([svld], [dlopen], - [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"], - [AC_CHECK_LIB([dld], [dld_link], - [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld"]) - ]) - ]) - ]) - ]) - ]) - ;; - esac - - if test "x$lt_cv_dlopen" != xno; then - enable_dlopen=yes - else - enable_dlopen=no - fi - - case $lt_cv_dlopen in - dlopen) - save_CPPFLAGS="$CPPFLAGS" - test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H" - - save_LDFLAGS="$LDFLAGS" - wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\" - - save_LIBS="$LIBS" - LIBS="$lt_cv_dlopen_libs $LIBS" - - AC_CACHE_CHECK([whether a program can dlopen itself], - lt_cv_dlopen_self, [dnl - _LT_AC_TRY_DLOPEN_SELF( - lt_cv_dlopen_self=yes, lt_cv_dlopen_self=yes, - lt_cv_dlopen_self=no, lt_cv_dlopen_self=cross) - ]) - - if test "x$lt_cv_dlopen_self" = xyes; then - wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\" - AC_CACHE_CHECK([whether a statically linked program can dlopen itself], - lt_cv_dlopen_self_static, [dnl - _LT_AC_TRY_DLOPEN_SELF( - lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=yes, - lt_cv_dlopen_self_static=no, lt_cv_dlopen_self_static=cross) - ]) - fi - - CPPFLAGS="$save_CPPFLAGS" - LDFLAGS="$save_LDFLAGS" - LIBS="$save_LIBS" - ;; - esac - - case $lt_cv_dlopen_self in - yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;; - *) enable_dlopen_self=unknown ;; - esac - - case $lt_cv_dlopen_self_static in - yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;; - *) enable_dlopen_self_static=unknown ;; - esac -fi -])# AC_LIBTOOL_DLOPEN_SELF - - -# AC_LIBTOOL_PROG_CC_C_O([TAGNAME]) -# --------------------------------- -# Check to see if options -c and -o are simultaneously supported by compiler -AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O], -[AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl -AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext], - [_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)], - [_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)=no - $rm -r conftest 2>/dev/null - mkdir conftest - cd conftest - mkdir out - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - lt_compiler_flag="-o out/conftest2.$ac_objext" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD) - (eval "$lt_compile" 2>out/conftest.err) - ac_status=$? - cat out/conftest.err >&AS_MESSAGE_LOG_FD - echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD - if (exit $ac_status) && test -s out/conftest2.$ac_objext - then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp - $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 - if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then - _LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes - fi - fi - chmod u+w . 2>&AS_MESSAGE_LOG_FD - $rm conftest* - # SGI C++ compiler will create directory out/ii_files/ for - # template instantiation - test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files - $rm out/* && rmdir out - cd .. - rmdir conftest - $rm conftest* -]) -])# AC_LIBTOOL_PROG_CC_C_O - - -# AC_LIBTOOL_SYS_HARD_LINK_LOCKS([TAGNAME]) -# ----------------------------------------- -# Check to see if we can do hard links to lock some files if needed -AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS], -[AC_REQUIRE([_LT_AC_LOCK])dnl - -hard_links="nottested" -if test "$_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)" = no && test "$need_locks" != no; then - # do not overwrite the value of need_locks provided by the user - AC_MSG_CHECKING([if we can lock with hard links]) - hard_links=yes - $rm conftest* - ln conftest.a conftest.b 2>/dev/null && hard_links=no - touch conftest.a - ln conftest.a conftest.b 2>&5 || hard_links=no - ln conftest.a conftest.b 2>/dev/null && hard_links=no - AC_MSG_RESULT([$hard_links]) - if test "$hard_links" = no; then - AC_MSG_WARN([`$CC' does not support `-c -o', so `make -j' may be unsafe]) - need_locks=warn - fi -else - need_locks=no -fi -])# AC_LIBTOOL_SYS_HARD_LINK_LOCKS - - -# AC_LIBTOOL_OBJDIR -# ----------------- -AC_DEFUN([AC_LIBTOOL_OBJDIR], -[AC_CACHE_CHECK([for objdir], [lt_cv_objdir], -[rm -f .libs 2>/dev/null -mkdir .libs 2>/dev/null -if test -d .libs; then - lt_cv_objdir=.libs -else - # MS-DOS does not allow filenames that begin with a dot. - lt_cv_objdir=_libs -fi -rmdir .libs 2>/dev/null]) -objdir=$lt_cv_objdir -])# AC_LIBTOOL_OBJDIR - - -# AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH([TAGNAME]) -# ---------------------------------------------- -# Check hardcoding attributes. -AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH], -[AC_MSG_CHECKING([how to hardcode library paths into programs]) -_LT_AC_TAGVAR(hardcode_action, $1)= -if test -n "$_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)" || \ - test -n "$_LT_AC_TAGVAR(runpath_var, $1)" || \ - test "X$_LT_AC_TAGVAR(hardcode_automatic, $1)" = "Xyes" ; then - - # We can hardcode non-existant directories. - if test "$_LT_AC_TAGVAR(hardcode_direct, $1)" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, $1)" != no && - test "$_LT_AC_TAGVAR(hardcode_minus_L, $1)" != no; then - # Linking always hardcodes the temporary library directory. - _LT_AC_TAGVAR(hardcode_action, $1)=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - _LT_AC_TAGVAR(hardcode_action, $1)=immediate - fi -else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - _LT_AC_TAGVAR(hardcode_action, $1)=unsupported -fi -AC_MSG_RESULT([$_LT_AC_TAGVAR(hardcode_action, $1)]) - -if test "$_LT_AC_TAGVAR(hardcode_action, $1)" = relink; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless -fi -])# AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH - - -# AC_LIBTOOL_SYS_LIB_STRIP -# ------------------------ -AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP], -[striplib= -old_striplib= -AC_MSG_CHECKING([whether stripping libraries is possible]) -if test -n "$STRIP" && $STRIP -V 2>&1 | grep "GNU strip" >/dev/null; then - test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" - test -z "$striplib" && striplib="$STRIP --strip-unneeded" - AC_MSG_RESULT([yes]) -else -# FIXME - insert some real tests, host_os isn't really good enough - case $host_os in - darwin*) - if test -n "$STRIP" ; then - striplib="$STRIP -x" - AC_MSG_RESULT([yes]) - else - AC_MSG_RESULT([no]) -fi - ;; - *) - AC_MSG_RESULT([no]) - ;; - esac -fi -])# AC_LIBTOOL_SYS_LIB_STRIP - - -# AC_LIBTOOL_SYS_DYNAMIC_LINKER -# ----------------------------- -# PORTME Fill in your ld.so characteristics -AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER], -[AC_MSG_CHECKING([dynamic linker characteristics]) -library_names_spec= -libname_spec='lib$name' -soname_spec= -shrext_cmds=".so" -postinstall_cmds= -postuninstall_cmds= -finish_cmds= -finish_eval= -shlibpath_var= -shlibpath_overrides_runpath=unknown -version_type=none -dynamic_linker="$host_os ld.so" -sys_lib_dlsearch_path_spec="/lib /usr/lib" -if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then - # if the path contains ";" then we assume it to be the separator - # otherwise default to the standard path separator (i.e. ":") - it is - # assumed that no part of a normal pathname contains ";" but that should - # okay in the real world where ";" in dirpaths is itself problematic. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi -else - sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" -fi -need_lib_prefix=unknown -hardcode_into_libs=no - -# when you set need_version to no, make sure it does not cause -set_version -# flags to be left without arguments -need_version=unknown - -case $host_os in -aix3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' - shlibpath_var=LIBPATH - - # AIX 3 has no versioning support, so we append a major version to the name. - soname_spec='${libname}${release}${shared_ext}$major' - ;; - -aix4* | aix5*) - version_type=linux - need_lib_prefix=no - need_version=no - hardcode_into_libs=yes - if test "$host_cpu" = ia64; then - # AIX 5 supports IA64 - library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - else - # With GCC up to 2.95.x, collect2 would create an import file - # for dependence libraries. The import file would start with - # the line `#! .'. This would cause the generated library to - # depend on `.', always an invalid library. This was fixed in - # development snapshots of GCC prior to 3.0. - case $host_os in - aix4 | aix4.[[01]] | aix4.[[01]].*) - if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' - echo ' yes ' - echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then - : - else - can_build_shared=no - fi - ;; - esac - # AIX (on Power*) has no versioning support, so currently we can not hardcode correct - # soname into executable. Probably we can add versioning support to - # collect2, so additional links can be useful in future. - if test "$aix_use_runtimelinking" = yes; then - # If using run time linking (on AIX 4.2 or later) use lib.so - # instead of lib.a to let people know that these are not - # typical AIX shared libraries. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - else - # We preserve .a as extension for shared libraries through AIX4.2 - # and later when we are not doing run time linking. - library_names_spec='${libname}${release}.a $libname.a' - soname_spec='${libname}${release}${shared_ext}$major' - fi - shlibpath_var=LIBPATH - fi - ;; - -amigaos*) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' - ;; - -beos*) - library_names_spec='${libname}${shared_ext}' - dynamic_linker="$host_os ld.so" - shlibpath_var=LIBRARY_PATH - ;; - -bsdi[[45]]*) - version_type=linux - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" - sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" - # the default ld.so.conf also contains /usr/contrib/lib and - # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow - # libtool to hard-code these into programs - ;; - -cygwin* | mingw* | pw32*) - version_type=windows - shrext_cmds=".dll" - need_version=no - need_lib_prefix=no - - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32*) - library_names_spec='$libname.dll.a' - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname~ - chmod a+x \$dldir/$dlname' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $rm \$dlpath' - shlibpath_overrides_runpath=yes - - case $host_os in - cygwin*) - # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib" - ;; - mingw*) - # MinGW DLLs use traditional 'lib' prefix - soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | [grep ';[c-zC-Z]:/' >/dev/null]; then - # It is most probably a Windows format PATH printed by - # mingw gcc, but we are running on Cygwin. Gcc prints its search - # path with ; separators, and with drive letters. We can handle the - # drive letters (cygwin fileutils understands them), so leave them, - # especially as we might pass files found there to a mingw objdump, - # which wouldn't understand a cygwinified path. Ahh. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi - ;; - pw32*) - # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' - ;; - esac - ;; - - *) - library_names_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext} $libname.lib' - ;; - esac - dynamic_linker='Win32 ld.exe' - # FIXME: first we should search . and the directory the executable is in - shlibpath_var=PATH - ;; - -darwin* | rhapsody*) - dynamic_linker="$host_os dyld" - version_type=darwin - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' - soname_spec='${libname}${release}${major}$shared_ext' - shlibpath_overrides_runpath=yes - shlibpath_var=DYLD_LIBRARY_PATH - shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' - # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. - if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` - else - sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib' - fi - sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' - ;; - -dgux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -freebsd1*) - dynamic_linker=no - ;; - -kfreebsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -freebsd* | dragonfly*) - # DragonFly does not have aout. When/if they implement a new - # versioning mechanism, adjust this. - if test -x /usr/bin/objformat; then - objformat=`/usr/bin/objformat` - else - case $host_os in - freebsd[[123]]*) objformat=aout ;; - *) objformat=elf ;; - esac - fi - version_type=freebsd-$objformat - case $version_type in - freebsd-elf*) - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - need_version=no - need_lib_prefix=no - ;; - freebsd-*) - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' - need_version=yes - ;; - esac - shlibpath_var=LD_LIBRARY_PATH - case $host_os in - freebsd2*) - shlibpath_overrides_runpath=yes - ;; - freebsd3.[[01]]* | freebsdelf3.[[01]]*) - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - freebsd3.[[2-9]]* | freebsdelf3.[[2-9]]* | \ - freebsd4.[[0-5]] | freebsdelf4.[[0-5]] | freebsd4.1.1 | freebsdelf4.1.1) - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - freebsd*) # from 4.6 on - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - esac - ;; - -gnu*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - ;; - -hpux9* | hpux10* | hpux11*) - # Give a soname corresponding to the major version so that dld.sl refuses to - # link against other versions. - version_type=sunos - need_lib_prefix=no - need_version=no - case $host_cpu in - ia64*) - shrext_cmds='.so' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.so" - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - if test "X$HPUX_IA64_MODE" = X32; then - sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" - else - sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" - fi - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - hppa*64*) - shrext_cmds='.sl' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.sl" - shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - *) - shrext_cmds='.sl' - dynamic_linker="$host_os dld.sl" - shlibpath_var=SHLIB_PATH - shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - ;; - esac - # HP-UX runs *really* slowly unless shared libraries are mode 555. - postinstall_cmds='chmod 555 $lib' - ;; - -interix3*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -irix5* | irix6* | nonstopux*) - case $host_os in - nonstopux*) version_type=nonstopux ;; - *) - if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux - else - version_type=irix - fi ;; - esac - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' - case $host_os in - irix5* | nonstopux*) - libsuff= shlibsuff= - ;; - *) - case $LD in # libtool.m4 will add one of these switches to LD - *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") - libsuff= shlibsuff= libmagic=32-bit;; - *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") - libsuff=32 shlibsuff=N32 libmagic=N32;; - *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") - libsuff=64 shlibsuff=64 libmagic=64-bit;; - *) libsuff= shlibsuff= libmagic=never-match;; - esac - ;; - esac - shlibpath_var=LD_LIBRARY${shlibsuff}_PATH - shlibpath_overrides_runpath=no - sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" - sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" - hardcode_into_libs=yes - ;; - -# No shared lib support for Linux oldld, aout, or coff. -linux*oldld* | linux*aout* | linux*coff*) - dynamic_linker=no - ;; - -# This must be Linux ELF. -linux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - # This implies no fast_install, which is unacceptable. - # Some rework will be needed to allow for fast_install - # before this can be enabled. - hardcode_into_libs=yes - - # Append ld.so.conf contents to the search path - if test -f /etc/ld.so.conf; then - lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" - fi - - # We used to test for /lib/ld.so.1 and disable shared libraries on - # powerpc, because MkLinux only supported shared libraries with the - # GNU dynamic linker. Since this was broken with cross compilers, - # most powerpc-linux boxes support dynamic linking these days and - # people can always --disable-shared, the test was removed, and we - # assume the GNU/Linux dynamic linker is in use. - dynamic_linker='GNU/Linux ld.so' - ;; - -knetbsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -netbsd*) - version_type=sunos - need_lib_prefix=no - need_version=no - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - dynamic_linker='NetBSD (a.out) ld.so' - else - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='NetBSD ld.elf_so' - fi - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - -newsos6) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -nto-qnx*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -openbsd*) - version_type=sunos - sys_lib_dlsearch_path_spec="/usr/lib" - need_lib_prefix=no - # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. - case $host_os in - openbsd3.3 | openbsd3.3.*) need_version=yes ;; - *) need_version=no ;; - esac - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - shlibpath_var=LD_LIBRARY_PATH - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - case $host_os in - openbsd2.[[89]] | openbsd2.[[89]].*) - shlibpath_overrides_runpath=no - ;; - *) - shlibpath_overrides_runpath=yes - ;; - esac - else - shlibpath_overrides_runpath=yes - fi - ;; - -os2*) - libname_spec='$name' - shrext_cmds=".dll" - need_lib_prefix=no - library_names_spec='$libname${shared_ext} $libname.a' - dynamic_linker='OS/2 ld.exe' - shlibpath_var=LIBPATH - ;; - -osf3* | osf4* | osf5*) - version_type=osf - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" - sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" - ;; - -solaris*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - # ldd complains unless libraries are executable - postinstall_cmds='chmod +x $lib' - ;; - -sunos4*) - version_type=sunos - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - fi - need_version=yes - ;; - -sysv4 | sysv4.3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - case $host_vendor in - sni) - shlibpath_overrides_runpath=no - need_lib_prefix=no - export_dynamic_flag_spec='${wl}-Blargedynsym' - runpath_var=LD_RUN_PATH - ;; - siemens) - need_lib_prefix=no - ;; - motorola) - need_lib_prefix=no - need_version=no - shlibpath_overrides_runpath=no - sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' - ;; - esac - ;; - -sysv4*MP*) - if test -d /usr/nec ;then - version_type=linux - library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' - soname_spec='$libname${shared_ext}.$major' - shlibpath_var=LD_LIBRARY_PATH - fi - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - version_type=freebsd-elf - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - if test "$with_gnu_ld" = yes; then - sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' - shlibpath_overrides_runpath=no - else - sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' - shlibpath_overrides_runpath=yes - case $host_os in - sco3.2v5*) - sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" - ;; - esac - fi - sys_lib_dlsearch_path_spec='/usr/lib' - ;; - -uts4*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -*) - dynamic_linker=no - ;; -esac -AC_MSG_RESULT([$dynamic_linker]) -test "$dynamic_linker" = no && can_build_shared=no - -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$GCC" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi -])# AC_LIBTOOL_SYS_DYNAMIC_LINKER - - -# _LT_AC_TAGCONFIG -# ---------------- -AC_DEFUN([_LT_AC_TAGCONFIG], -[AC_ARG_WITH([tags], - [AC_HELP_STRING([--with-tags@<:@=TAGS@:>@], - [include additional configurations @<:@automatic@:>@])], - [tagnames="$withval"]) - -if test -f "$ltmain" && test -n "$tagnames"; then - if test ! -f "${ofile}"; then - AC_MSG_WARN([output file `$ofile' does not exist]) - fi - - if test -z "$LTCC"; then - eval "`$SHELL ${ofile} --config | grep '^LTCC='`" - if test -z "$LTCC"; then - AC_MSG_WARN([output file `$ofile' does not look like a libtool script]) - else - AC_MSG_WARN([using `LTCC=$LTCC', extracted from `$ofile']) - fi - fi - if test -z "$LTCFLAGS"; then - eval "`$SHELL ${ofile} --config | grep '^LTCFLAGS='`" - fi - - # Extract list of available tagged configurations in $ofile. - # Note that this assumes the entire list is on one line. - available_tags=`grep "^available_tags=" "${ofile}" | $SED -e 's/available_tags=\(.*$\)/\1/' -e 's/\"//g'` - - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for tagname in $tagnames; do - IFS="$lt_save_ifs" - # Check whether tagname contains only valid characters - case `$echo "X$tagname" | $Xsed -e 's:[[-_ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890,/]]::g'` in - "") ;; - *) AC_MSG_ERROR([invalid tag name: $tagname]) - ;; - esac - - if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$" < "${ofile}" > /dev/null - then - AC_MSG_ERROR([tag name \"$tagname\" already exists]) - fi - - # Update the list of available tags. - if test -n "$tagname"; then - echo appending configuration tag \"$tagname\" to $ofile - - case $tagname in - CXX) - if test -n "$CXX" && ( test "X$CXX" != "Xno" && - ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || - (test "X$CXX" != "Xg++"))) ; then - AC_LIBTOOL_LANG_CXX_CONFIG - else - tagname="" - fi - ;; - - F77) - if test -n "$F77" && test "X$F77" != "Xno"; then - AC_LIBTOOL_LANG_F77_CONFIG - else - tagname="" - fi - ;; - - GCJ) - if test -n "$GCJ" && test "X$GCJ" != "Xno"; then - AC_LIBTOOL_LANG_GCJ_CONFIG - else - tagname="" - fi - ;; - - RC) - AC_LIBTOOL_LANG_RC_CONFIG - ;; - - *) - AC_MSG_ERROR([Unsupported tag name: $tagname]) - ;; - esac - - # Append the new tag name to the list of available tags. - if test -n "$tagname" ; then - available_tags="$available_tags $tagname" - fi - fi - done - IFS="$lt_save_ifs" - - # Now substitute the updated list of available tags. - if eval "sed -e 's/^available_tags=.*\$/available_tags=\"$available_tags\"/' \"$ofile\" > \"${ofile}T\""; then - mv "${ofile}T" "$ofile" - chmod +x "$ofile" - else - rm -f "${ofile}T" - AC_MSG_ERROR([unable to update list of available tagged configurations.]) - fi -fi -])# _LT_AC_TAGCONFIG - - -# AC_LIBTOOL_DLOPEN -# ----------------- -# enable checks for dlopen support -AC_DEFUN([AC_LIBTOOL_DLOPEN], - [AC_BEFORE([$0],[AC_LIBTOOL_SETUP]) -])# AC_LIBTOOL_DLOPEN - - -# AC_LIBTOOL_WIN32_DLL -# -------------------- -# declare package support for building win32 DLLs -AC_DEFUN([AC_LIBTOOL_WIN32_DLL], -[AC_BEFORE([$0], [AC_LIBTOOL_SETUP]) -])# AC_LIBTOOL_WIN32_DLL - - -# AC_ENABLE_SHARED([DEFAULT]) -# --------------------------- -# implement the --enable-shared flag -# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. -AC_DEFUN([AC_ENABLE_SHARED], -[define([AC_ENABLE_SHARED_DEFAULT], ifelse($1, no, no, yes))dnl -AC_ARG_ENABLE([shared], - [AC_HELP_STRING([--enable-shared@<:@=PKGS@:>@], - [build shared libraries @<:@default=]AC_ENABLE_SHARED_DEFAULT[@:>@])], - [p=${PACKAGE-default} - case $enableval in - yes) enable_shared=yes ;; - no) enable_shared=no ;; - *) - enable_shared=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_shared=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac], - [enable_shared=]AC_ENABLE_SHARED_DEFAULT) -])# AC_ENABLE_SHARED - - -# AC_DISABLE_SHARED -# ----------------- -# set the default shared flag to --disable-shared -AC_DEFUN([AC_DISABLE_SHARED], -[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl -AC_ENABLE_SHARED(no) -])# AC_DISABLE_SHARED - - -# AC_ENABLE_STATIC([DEFAULT]) -# --------------------------- -# implement the --enable-static flag -# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. -AC_DEFUN([AC_ENABLE_STATIC], -[define([AC_ENABLE_STATIC_DEFAULT], ifelse($1, no, no, yes))dnl -AC_ARG_ENABLE([static], - [AC_HELP_STRING([--enable-static@<:@=PKGS@:>@], - [build static libraries @<:@default=]AC_ENABLE_STATIC_DEFAULT[@:>@])], - [p=${PACKAGE-default} - case $enableval in - yes) enable_static=yes ;; - no) enable_static=no ;; - *) - enable_static=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_static=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac], - [enable_static=]AC_ENABLE_STATIC_DEFAULT) -])# AC_ENABLE_STATIC - - -# AC_DISABLE_STATIC -# ----------------- -# set the default static flag to --disable-static -AC_DEFUN([AC_DISABLE_STATIC], -[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl -AC_ENABLE_STATIC(no) -])# AC_DISABLE_STATIC - - -# AC_ENABLE_FAST_INSTALL([DEFAULT]) -# --------------------------------- -# implement the --enable-fast-install flag -# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. -AC_DEFUN([AC_ENABLE_FAST_INSTALL], -[define([AC_ENABLE_FAST_INSTALL_DEFAULT], ifelse($1, no, no, yes))dnl -AC_ARG_ENABLE([fast-install], - [AC_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@], - [optimize for fast installation @<:@default=]AC_ENABLE_FAST_INSTALL_DEFAULT[@:>@])], - [p=${PACKAGE-default} - case $enableval in - yes) enable_fast_install=yes ;; - no) enable_fast_install=no ;; - *) - enable_fast_install=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_fast_install=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac], - [enable_fast_install=]AC_ENABLE_FAST_INSTALL_DEFAULT) -])# AC_ENABLE_FAST_INSTALL - - -# AC_DISABLE_FAST_INSTALL -# ----------------------- -# set the default to --disable-fast-install -AC_DEFUN([AC_DISABLE_FAST_INSTALL], -[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl -AC_ENABLE_FAST_INSTALL(no) -])# AC_DISABLE_FAST_INSTALL - - -# AC_LIBTOOL_PICMODE([MODE]) -# -------------------------- -# implement the --with-pic flag -# MODE is either `yes' or `no'. If omitted, it defaults to `both'. -AC_DEFUN([AC_LIBTOOL_PICMODE], -[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl -pic_mode=ifelse($#,1,$1,default) -])# AC_LIBTOOL_PICMODE - - -# AC_PROG_EGREP -# ------------- -# This is predefined starting with Autoconf 2.54, so this conditional -# definition can be removed once we require Autoconf 2.54 or later. -m4_ifndef([AC_PROG_EGREP], [AC_DEFUN([AC_PROG_EGREP], -[AC_CACHE_CHECK([for egrep], [ac_cv_prog_egrep], - [if echo a | (grep -E '(a|b)') >/dev/null 2>&1 - then ac_cv_prog_egrep='grep -E' - else ac_cv_prog_egrep='egrep' - fi]) - EGREP=$ac_cv_prog_egrep - AC_SUBST([EGREP]) -])]) - - -# AC_PATH_TOOL_PREFIX -# ------------------- -# find a file program which can recognise shared library -AC_DEFUN([AC_PATH_TOOL_PREFIX], -[AC_REQUIRE([AC_PROG_EGREP])dnl -AC_MSG_CHECKING([for $1]) -AC_CACHE_VAL(lt_cv_path_MAGIC_CMD, -[case $MAGIC_CMD in -[[\\/*] | ?:[\\/]*]) - lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path. - ;; -*) - lt_save_MAGIC_CMD="$MAGIC_CMD" - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR -dnl $ac_dummy forces splitting on constant user-supplied paths. -dnl POSIX.2 word splitting is done only on the output of word expansions, -dnl not every word. This closes a longstanding sh security hole. - ac_dummy="ifelse([$2], , $PATH, [$2])" - for ac_dir in $ac_dummy; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$1; then - lt_cv_path_MAGIC_CMD="$ac_dir/$1" - if test -n "$file_magic_test_file"; then - case $deplibs_check_method in - "file_magic "*) - file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"` - MAGIC_CMD="$lt_cv_path_MAGIC_CMD" - if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null | - $EGREP "$file_magic_regex" > /dev/null; then - : - else - cat <&2 - -*** Warning: the command libtool uses to detect shared libraries, -*** $file_magic_cmd, produces output that libtool cannot recognize. -*** The result is that libtool may fail to recognize shared libraries -*** as such. This will affect the creation of libtool libraries that -*** depend on shared libraries, but programs linked with such libtool -*** libraries will work regardless of this problem. Nevertheless, you -*** may want to report the problem to your system manager and/or to -*** bug-libtool@gnu.org - -EOF - fi ;; - esac - fi - break - fi - done - IFS="$lt_save_ifs" - MAGIC_CMD="$lt_save_MAGIC_CMD" - ;; -esac]) -MAGIC_CMD="$lt_cv_path_MAGIC_CMD" -if test -n "$MAGIC_CMD"; then - AC_MSG_RESULT($MAGIC_CMD) -else - AC_MSG_RESULT(no) -fi -])# AC_PATH_TOOL_PREFIX - - -# AC_PATH_MAGIC -# ------------- -# find a file program which can recognise a shared library -AC_DEFUN([AC_PATH_MAGIC], -[AC_PATH_TOOL_PREFIX(${ac_tool_prefix}file, /usr/bin$PATH_SEPARATOR$PATH) -if test -z "$lt_cv_path_MAGIC_CMD"; then - if test -n "$ac_tool_prefix"; then - AC_PATH_TOOL_PREFIX(file, /usr/bin$PATH_SEPARATOR$PATH) - else - MAGIC_CMD=: - fi -fi -])# AC_PATH_MAGIC - - -# AC_PROG_LD -# ---------- -# find the pathname to the GNU or non-GNU linker -AC_DEFUN([AC_PROG_LD], -[AC_ARG_WITH([gnu-ld], - [AC_HELP_STRING([--with-gnu-ld], - [assume the C compiler uses GNU ld @<:@default=no@:>@])], - [test "$withval" = no || with_gnu_ld=yes], - [with_gnu_ld=no]) -AC_REQUIRE([LT_AC_PROG_SED])dnl -AC_REQUIRE([AC_PROG_CC])dnl -AC_REQUIRE([AC_CANONICAL_HOST])dnl -AC_REQUIRE([AC_CANONICAL_BUILD])dnl -ac_prog=ld -if test "$GCC" = yes; then - # Check if gcc -print-prog-name=ld gives a path. - AC_MSG_CHECKING([for ld used by $CC]) - case $host in - *-*-mingw*) - # gcc leaves a trailing carriage return which upsets mingw - ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; - *) - ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; - esac - case $ac_prog in - # Accept absolute paths. - [[\\/]]* | ?:[[\\/]]*) - re_direlt='/[[^/]][[^/]]*/\.\./' - # Canonicalize the pathname of ld - ac_prog=`echo $ac_prog| $SED 's%\\\\%/%g'` - while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do - ac_prog=`echo $ac_prog| $SED "s%$re_direlt%/%"` - done - test -z "$LD" && LD="$ac_prog" - ;; - "") - # If it fails, then pretend we aren't using GCC. - ac_prog=ld - ;; - *) - # If it is relative, then search for the first ld in PATH. - with_gnu_ld=unknown - ;; - esac -elif test "$with_gnu_ld" = yes; then - AC_MSG_CHECKING([for GNU ld]) -else - AC_MSG_CHECKING([for non-GNU ld]) -fi -AC_CACHE_VAL(lt_cv_path_LD, -[if test -z "$LD"; then - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then - lt_cv_path_LD="$ac_dir/$ac_prog" - # Check to see if the program is GNU ld. I'd rather use --version, - # but apparently some variants of GNU ld only accept -v. - # Break only if it was the GNU/non-GNU ld that we prefer. - case `"$lt_cv_path_LD" -v 2>&1 &1 /dev/null; then - case $host_cpu in - i*86 ) - # Not sure whether the presence of OpenBSD here was a mistake. - # Let's accept both of them until this is cleared up. - lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` - ;; - esac - else - lt_cv_deplibs_check_method=pass_all - fi - ;; - -gnu*) - lt_cv_deplibs_check_method=pass_all - ;; - -hpux10.20* | hpux11*) - lt_cv_file_magic_cmd=/usr/bin/file - case $host_cpu in - ia64*) - lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64' - lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so - ;; - hppa*64*) - [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - PA-RISC [0-9].[0-9]'] - lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl - ;; - *) - lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]].[[0-9]]) shared library' - lt_cv_file_magic_test_file=/usr/lib/libc.sl - ;; - esac - ;; - -interix3*) - # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|\.a)$' - ;; - -irix5* | irix6* | nonstopux*) - case $LD in - *-32|*"-32 ") libmagic=32-bit;; - *-n32|*"-n32 ") libmagic=N32;; - *-64|*"-64 ") libmagic=64-bit;; - *) libmagic=never-match;; - esac - lt_cv_deplibs_check_method=pass_all - ;; - -# This must be Linux ELF. -linux*) - lt_cv_deplibs_check_method=pass_all - ;; - -netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|_pic\.a)$' - fi - ;; - -newos6*) - lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=/usr/lib/libnls.so - ;; - -nto-qnx*) - lt_cv_deplibs_check_method=unknown - ;; - -openbsd*) - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' - fi - ;; - -osf3* | osf4* | osf5*) - lt_cv_deplibs_check_method=pass_all - ;; - -solaris*) - lt_cv_deplibs_check_method=pass_all - ;; - -sysv4 | sysv4.3*) - case $host_vendor in - motorola) - lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib) M[[0-9]][[0-9]]* Version [[0-9]]' - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` - ;; - ncr) - lt_cv_deplibs_check_method=pass_all - ;; - sequent) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )' - ;; - sni) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method="file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB dynamic lib" - lt_cv_file_magic_test_file=/lib/libc.so - ;; - siemens) - lt_cv_deplibs_check_method=pass_all - ;; - pc) - lt_cv_deplibs_check_method=pass_all - ;; - esac - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - lt_cv_deplibs_check_method=pass_all - ;; -esac -]) -file_magic_cmd=$lt_cv_file_magic_cmd -deplibs_check_method=$lt_cv_deplibs_check_method -test -z "$deplibs_check_method" && deplibs_check_method=unknown -])# AC_DEPLIBS_CHECK_METHOD - - -# AC_PROG_NM -# ---------- -# find the pathname to a BSD-compatible name lister -AC_DEFUN([AC_PROG_NM], -[AC_CACHE_CHECK([for BSD-compatible nm], lt_cv_path_NM, -[if test -n "$NM"; then - # Let the user override the test. - lt_cv_path_NM="$NM" -else - lt_nm_to_check="${ac_tool_prefix}nm" - if test -n "$ac_tool_prefix" && test "$build" = "$host"; then - lt_nm_to_check="$lt_nm_to_check nm" - fi - for lt_tmp_nm in $lt_nm_to_check; do - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - tmp_nm="$ac_dir/$lt_tmp_nm" - if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then - # Check to see if the nm accepts a BSD-compat flag. - # Adding the `sed 1q' prevents false positives on HP-UX, which says: - # nm: unknown option "B" ignored - # Tru64's nm complains that /dev/null is an invalid object file - case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in - */dev/null* | *'Invalid file or object type'*) - lt_cv_path_NM="$tmp_nm -B" - break - ;; - *) - case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in - */dev/null*) - lt_cv_path_NM="$tmp_nm -p" - break - ;; - *) - lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but - continue # so that we can try to find one that supports BSD flags - ;; - esac - ;; - esac - fi - done - IFS="$lt_save_ifs" - done - test -z "$lt_cv_path_NM" && lt_cv_path_NM=nm -fi]) -NM="$lt_cv_path_NM" -])# AC_PROG_NM - - -# AC_CHECK_LIBM -# ------------- -# check for math library -AC_DEFUN([AC_CHECK_LIBM], -[AC_REQUIRE([AC_CANONICAL_HOST])dnl -LIBM= -case $host in -*-*-beos* | *-*-cygwin* | *-*-pw32* | *-*-darwin*) - # These system don't have libm, or don't need it - ;; -*-ncr-sysv4.3*) - AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM="-lmw") - AC_CHECK_LIB(m, cos, LIBM="$LIBM -lm") - ;; -*) - AC_CHECK_LIB(m, cos, LIBM="-lm") - ;; -esac -])# AC_CHECK_LIBM - - -# AC_LIBLTDL_CONVENIENCE([DIRECTORY]) -# ----------------------------------- -# sets LIBLTDL to the link flags for the libltdl convenience library and -# LTDLINCL to the include flags for the libltdl header and adds -# --enable-ltdl-convenience to the configure arguments. Note that -# AC_CONFIG_SUBDIRS is not called here. If DIRECTORY is not provided, -# it is assumed to be `libltdl'. LIBLTDL will be prefixed with -# '${top_builddir}/' and LTDLINCL will be prefixed with '${top_srcdir}/' -# (note the single quotes!). If your package is not flat and you're not -# using automake, define top_builddir and top_srcdir appropriately in -# the Makefiles. -AC_DEFUN([AC_LIBLTDL_CONVENIENCE], -[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl - case $enable_ltdl_convenience in - no) AC_MSG_ERROR([this package needs a convenience libltdl]) ;; - "") enable_ltdl_convenience=yes - ac_configure_args="$ac_configure_args --enable-ltdl-convenience" ;; - esac - LIBLTDL='${top_builddir}/'ifelse($#,1,[$1],['libltdl'])/libltdlc.la - LTDLINCL='-I${top_srcdir}/'ifelse($#,1,[$1],['libltdl']) - # For backwards non-gettext consistent compatibility... - INCLTDL="$LTDLINCL" -])# AC_LIBLTDL_CONVENIENCE - - -# AC_LIBLTDL_INSTALLABLE([DIRECTORY]) -# ----------------------------------- -# sets LIBLTDL to the link flags for the libltdl installable library and -# LTDLINCL to the include flags for the libltdl header and adds -# --enable-ltdl-install to the configure arguments. Note that -# AC_CONFIG_SUBDIRS is not called here. If DIRECTORY is not provided, -# and an installed libltdl is not found, it is assumed to be `libltdl'. -# LIBLTDL will be prefixed with '${top_builddir}/'# and LTDLINCL with -# '${top_srcdir}/' (note the single quotes!). If your package is not -# flat and you're not using automake, define top_builddir and top_srcdir -# appropriately in the Makefiles. -# In the future, this macro may have to be called after AC_PROG_LIBTOOL. -AC_DEFUN([AC_LIBLTDL_INSTALLABLE], -[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl - AC_CHECK_LIB(ltdl, lt_dlinit, - [test x"$enable_ltdl_install" != xyes && enable_ltdl_install=no], - [if test x"$enable_ltdl_install" = xno; then - AC_MSG_WARN([libltdl not installed, but installation disabled]) - else - enable_ltdl_install=yes - fi - ]) - if test x"$enable_ltdl_install" = x"yes"; then - ac_configure_args="$ac_configure_args --enable-ltdl-install" - LIBLTDL='${top_builddir}/'ifelse($#,1,[$1],['libltdl'])/libltdl.la - LTDLINCL='-I${top_srcdir}/'ifelse($#,1,[$1],['libltdl']) - else - ac_configure_args="$ac_configure_args --enable-ltdl-install=no" - LIBLTDL="-lltdl" - LTDLINCL= - fi - # For backwards non-gettext consistent compatibility... - INCLTDL="$LTDLINCL" -])# AC_LIBLTDL_INSTALLABLE - - -# AC_LIBTOOL_CXX -# -------------- -# enable support for C++ libraries -AC_DEFUN([AC_LIBTOOL_CXX], -[AC_REQUIRE([_LT_AC_LANG_CXX]) -])# AC_LIBTOOL_CXX - - -# _LT_AC_LANG_CXX -# --------------- -AC_DEFUN([_LT_AC_LANG_CXX], -[AC_REQUIRE([AC_PROG_CXX]) -AC_REQUIRE([_LT_AC_PROG_CXXCPP]) -_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}CXX]) -])# _LT_AC_LANG_CXX - -# _LT_AC_PROG_CXXCPP -# ------------------ -AC_DEFUN([_LT_AC_PROG_CXXCPP], -[ -AC_REQUIRE([AC_PROG_CXX]) -if test -n "$CXX" && ( test "X$CXX" != "Xno" && - ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || - (test "X$CXX" != "Xg++"))) ; then - AC_PROG_CXXCPP -fi -])# _LT_AC_PROG_CXXCPP - -# AC_LIBTOOL_F77 -# -------------- -# enable support for Fortran 77 libraries -AC_DEFUN([AC_LIBTOOL_F77], -[AC_REQUIRE([_LT_AC_LANG_F77]) -])# AC_LIBTOOL_F77 - - -# _LT_AC_LANG_F77 -# --------------- -AC_DEFUN([_LT_AC_LANG_F77], -[AC_REQUIRE([AC_PROG_F77]) -_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}F77]) -])# _LT_AC_LANG_F77 - - -# AC_LIBTOOL_GCJ -# -------------- -# enable support for GCJ libraries -AC_DEFUN([AC_LIBTOOL_GCJ], -[AC_REQUIRE([_LT_AC_LANG_GCJ]) -])# AC_LIBTOOL_GCJ - - -# _LT_AC_LANG_GCJ -# --------------- -AC_DEFUN([_LT_AC_LANG_GCJ], -[AC_PROVIDE_IFELSE([AC_PROG_GCJ],[], - [AC_PROVIDE_IFELSE([A][M_PROG_GCJ],[], - [AC_PROVIDE_IFELSE([LT_AC_PROG_GCJ],[], - [ifdef([AC_PROG_GCJ],[AC_REQUIRE([AC_PROG_GCJ])], - [ifdef([A][M_PROG_GCJ],[AC_REQUIRE([A][M_PROG_GCJ])], - [AC_REQUIRE([A][C_PROG_GCJ_OR_A][M_PROG_GCJ])])])])])]) -_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}GCJ]) -])# _LT_AC_LANG_GCJ - - -# AC_LIBTOOL_RC -# ------------- -# enable support for Windows resource files -AC_DEFUN([AC_LIBTOOL_RC], -[AC_REQUIRE([LT_AC_PROG_RC]) -_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}RC]) -])# AC_LIBTOOL_RC - - -# AC_LIBTOOL_LANG_C_CONFIG -# ------------------------ -# Ensure that the configuration vars for the C compiler are -# suitably defined. Those variables are subsequently used by -# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'. -AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG], [_LT_AC_LANG_C_CONFIG]) -AC_DEFUN([_LT_AC_LANG_C_CONFIG], -[lt_save_CC="$CC" -AC_LANG_PUSH(C) - -# Source file extension for C test sources. -ac_ext=c - -# Object file extension for compiled C test sources. -objext=o -_LT_AC_TAGVAR(objext, $1)=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="int some_variable = 0;\n" - -# Code to be used in simple link tests -lt_simple_link_test_code='int main(){return(0);}\n' - -_LT_AC_SYS_COMPILER - -# save warnings/boilerplate of simple test code -_LT_COMPILER_BOILERPLATE -_LT_LINKER_BOILERPLATE - -AC_LIBTOOL_PROG_COMPILER_NO_RTTI($1) -AC_LIBTOOL_PROG_COMPILER_PIC($1) -AC_LIBTOOL_PROG_CC_C_O($1) -AC_LIBTOOL_SYS_HARD_LINK_LOCKS($1) -AC_LIBTOOL_PROG_LD_SHLIBS($1) -AC_LIBTOOL_SYS_DYNAMIC_LINKER($1) -AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH($1) -AC_LIBTOOL_SYS_LIB_STRIP -AC_LIBTOOL_DLOPEN_SELF - -# Report which library types will actually be built -AC_MSG_CHECKING([if libtool supports shared libraries]) -AC_MSG_RESULT([$can_build_shared]) - -AC_MSG_CHECKING([whether to build shared libraries]) -test "$can_build_shared" = "no" && enable_shared=no - -# On AIX, shared libraries and static libraries use the same namespace, and -# are all built from PIC. -case $host_os in -aix3*) - test "$enable_shared" = yes && enable_static=no - if test -n "$RANLIB"; then - archive_cmds="$archive_cmds~\$RANLIB \$lib" - postinstall_cmds='$RANLIB $lib' - fi - ;; - -aix4* | aix5*) - if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then - test "$enable_shared" = yes && enable_static=no - fi - ;; -esac -AC_MSG_RESULT([$enable_shared]) - -AC_MSG_CHECKING([whether to build static libraries]) -# Make sure either enable_shared or enable_static is yes. -test "$enable_shared" = yes || enable_static=yes -AC_MSG_RESULT([$enable_static]) - -AC_LIBTOOL_CONFIG($1) - -AC_LANG_POP -CC="$lt_save_CC" -])# AC_LIBTOOL_LANG_C_CONFIG - - -# AC_LIBTOOL_LANG_CXX_CONFIG -# -------------------------- -# Ensure that the configuration vars for the C compiler are -# suitably defined. Those variables are subsequently used by -# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'. -AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG], [_LT_AC_LANG_CXX_CONFIG(CXX)]) -AC_DEFUN([_LT_AC_LANG_CXX_CONFIG], -[AC_LANG_PUSH(C++) -AC_REQUIRE([AC_PROG_CXX]) -AC_REQUIRE([_LT_AC_PROG_CXXCPP]) - -_LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no -_LT_AC_TAGVAR(allow_undefined_flag, $1)= -_LT_AC_TAGVAR(always_export_symbols, $1)=no -_LT_AC_TAGVAR(archive_expsym_cmds, $1)= -_LT_AC_TAGVAR(export_dynamic_flag_spec, $1)= -_LT_AC_TAGVAR(hardcode_direct, $1)=no -_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)= -_LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= -_LT_AC_TAGVAR(hardcode_libdir_separator, $1)= -_LT_AC_TAGVAR(hardcode_minus_L, $1)=no -_LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported -_LT_AC_TAGVAR(hardcode_automatic, $1)=no -_LT_AC_TAGVAR(module_cmds, $1)= -_LT_AC_TAGVAR(module_expsym_cmds, $1)= -_LT_AC_TAGVAR(link_all_deplibs, $1)=unknown -_LT_AC_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds -_LT_AC_TAGVAR(no_undefined_flag, $1)= -_LT_AC_TAGVAR(whole_archive_flag_spec, $1)= -_LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=no - -# Dependencies to place before and after the object being linked: -_LT_AC_TAGVAR(predep_objects, $1)= -_LT_AC_TAGVAR(postdep_objects, $1)= -_LT_AC_TAGVAR(predeps, $1)= -_LT_AC_TAGVAR(postdeps, $1)= -_LT_AC_TAGVAR(compiler_lib_search_path, $1)= - -# Source file extension for C++ test sources. -ac_ext=cpp - -# Object file extension for compiled C++ test sources. -objext=o -_LT_AC_TAGVAR(objext, $1)=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="int some_variable = 0;\n" - -# Code to be used in simple link tests -lt_simple_link_test_code='int main(int, char *[[]]) { return(0); }\n' - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. -_LT_AC_SYS_COMPILER - -# save warnings/boilerplate of simple test code -_LT_COMPILER_BOILERPLATE -_LT_LINKER_BOILERPLATE - -# Allow CC to be a program name with arguments. -lt_save_CC=$CC -lt_save_LD=$LD -lt_save_GCC=$GCC -GCC=$GXX -lt_save_with_gnu_ld=$with_gnu_ld -lt_save_path_LD=$lt_cv_path_LD -if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then - lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx -else - $as_unset lt_cv_prog_gnu_ld -fi -if test -n "${lt_cv_path_LDCXX+set}"; then - lt_cv_path_LD=$lt_cv_path_LDCXX -else - $as_unset lt_cv_path_LD -fi -test -z "${LDCXX+set}" || LD=$LDCXX -CC=${CXX-"c++"} -compiler=$CC -_LT_AC_TAGVAR(compiler, $1)=$CC -_LT_CC_BASENAME([$compiler]) - -# We don't want -fno-exception wen compiling C++ code, so set the -# no_builtin_flag separately -if test "$GXX" = yes; then - _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' -else - _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)= -fi - -if test "$GXX" = yes; then - # Set up default GNU C++ configuration - - AC_PROG_LD - - # Check if GNU C++ uses GNU ld as the underlying linker, since the - # archiving commands below assume that GNU ld is being used. - if test "$with_gnu_ld" = yes; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - - # If archive_cmds runs LD, not CC, wlarc should be empty - # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to - # investigate it a little bit more. (MM) - wlarc='${wl}' - - # ancient GNU ld didn't support --whole-archive et. al. - if eval "`$CC -print-prog-name=ld` --help 2>&1" | \ - grep 'no-whole-archive' > /dev/null; then - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)= - fi - else - with_gnu_ld=no - wlarc= - - # A generic and very simple default shared library creation - # command for GNU C++ for the case where it uses the native - # linker, instead of GNU ld. If possible, this setting should - # overridden to take advantage of the native linker features on - # the platform it is being used on. - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' - fi - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"' - -else - GXX=no - with_gnu_ld=no - wlarc= -fi - -# PORTME: fill in a description of your system's C++ link characteristics -AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) -_LT_AC_TAGVAR(ld_shlibs, $1)=yes -case $host_os in - aix3*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - aix4* | aix5*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[[23]]|aix4.[[23]].*|aix5*) - for ld_flag in $LDFLAGS; do - case $ld_flag in - *-brtl*) - aix_use_runtimelinking=yes - break - ;; - esac - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - _LT_AC_TAGVAR(archive_cmds, $1)='' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - - if test "$GXX" = yes; then - case $host_os in aix4.[[012]]|aix4.[[012]].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null - then - # We have reworked collect2 - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - else - # We have old collect2 - _LT_AC_TAGVAR(hardcode_direct, $1)=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - _LT_AC_TAGVAR(always_export_symbols, $1)=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-berok' - # Determine the default libpath from the value encoded in an empty executable. - _LT_AC_SYS_LIBPATH_AIX - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" - - _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib' - _LT_AC_TAGVAR(allow_undefined_flag, $1)="-z nodefs" - _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an empty executable. - _LT_AC_SYS_LIBPATH_AIX - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - _LT_AC_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok' - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok' - # Exported symbols can be pulled into shared objects from archives - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='$convenience' - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes - # This is similar to how AIX traditionally builds its shared libraries. - _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - chorus*) - case $cc_basename in - *) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - - cygwin* | mingw* | pw32*) - # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, - # as there is no search path for DLLs. - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_AC_TAGVAR(always_export_symbols, $1)=no - _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - darwin* | rhapsody*) - case $host_os in - rhapsody* | darwin1.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - ;; - 10.*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}dynamic_lookup' - ;; - esac - fi - ;; - esac - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_automatic, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - - if test "$GXX" = yes ; then - lt_int_apple_cc_single_mod=no - output_verbose_link_cmd='echo' - if $CC -dumpspecs 2>&1 | $EGREP 'single_module' >/dev/null ; then - lt_int_apple_cc_single_mod=yes - fi - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - fi - _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - case $cc_basename in - xlc*) - output_verbose_link_cmd='echo' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' - _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - ;; - *) - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - fi - ;; - - dgux*) - case $cc_basename in - ec++*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - ghcx*) - # Green Hills C++ Compiler - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - freebsd[[12]]*) - # C++ shared libraries reported to be fairly broken before switch to ELF - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - freebsd-elf*) - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - ;; - freebsd* | kfreebsd*-gnu | dragonfly*) - # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF - # conventions - _LT_AC_TAGVAR(ld_shlibs, $1)=yes - ;; - gnu*) - ;; - hpux9*) - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH, - # but as the default - # location of the library. - - case $cc_basename in - CC*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - aCC*) - _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "[[-]]L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes; then - _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$CC -shared -nostdlib -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - hpux10*|hpux11*) - if test $with_gnu_ld = no; then - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - case $host_cpu in - hppa*64*|ia64*) - _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir' - ;; - *) - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - ;; - esac - fi - case $host_cpu in - hppa*64*|ia64*) - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - *) - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH, - # but as the default - # location of the library. - ;; - esac - - case $cc_basename in - CC*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - aCC*) - case $host_cpu in - hppa*64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - ia64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - esac - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes; then - if test $with_gnu_ld = no; then - case $host_cpu in - hppa*64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - ia64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - esac - fi - else - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - interix3*) - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - irix5* | irix6*) - case $cc_basename in - CC*) - # SGI C++ - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - - # Archives containing C++ object files must be created using - # "CC -ar", where "CC" is the IRIX C++ compiler. This is - # necessary to make sure instantiated templates are included - # in the archive. - _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -ar -WR,-u -o $oldlib $oldobjs' - ;; - *) - if test "$GXX" = yes; then - if test "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` -o $lib' - fi - fi - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - ;; - esac - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - ;; - linux*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - _LT_AC_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib' - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | grep "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath,$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - - # Archives containing C++ object files must be created using - # "CC -Bstatic", where "CC" is the KAI C++ compiler. - _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' - ;; - icpc*) - # Intel C++ - with_gnu_ld=yes - # version 8.0 and above of icpc choke on multiply defined symbols - # if we add $predep_objects and $postdep_objects, however 7.1 and - # earlier do not add the objects themselves. - case `$CC -V 2>&1` in - *"Version 7."*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - ;; - *) # Version 8.0 or newer - tmp_idyn= - case $host_cpu in - ia64*) tmp_idyn=' -i_dynamic';; - esac - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - ;; - esac - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' - ;; - pgCC*) - # Portland Group C++ compiler - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - ;; - cxx*) - # Compaq C++ - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib ${wl}-retain-symbols-file $wl$export_symbols' - - runpath_var=LD_RUN_PATH - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - esac - ;; - lynxos*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - m88k*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - mvs*) - case $cc_basename in - cxx*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags' - wlarc= - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - fi - # Workaround some broken pre-1.5 toolchains - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"' - ;; - openbsd2*) - # C++ shared libraries are fairly broken - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - openbsd*) - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - fi - output_verbose_link_cmd='echo' - ;; - osf3*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - _LT_AC_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Archives containing C++ object files must be created using - # "CC -Bstatic", where "CC" is the KAI C++ compiler. - _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' - - ;; - RCC*) - # Rational C++ 2.4.1 - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - cxx*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && echo ${wl}-set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"' - - else - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - osf4* | osf5*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - _LT_AC_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Archives containing C++ object files must be created using - # the KAI C++ compiler. - _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -o $oldlib $oldobjs' - ;; - RCC*) - # Rational C++ 2.4.1 - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - cxx*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~ - echo "-hidden">> $lib.exp~ - $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname -Wl,-input -Wl,$lib.exp `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~ - $rm $lib.exp' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"' - - else - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - psos*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - sunos4*) - case $cc_basename in - CC*) - # Sun C++ 4.x - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - lcc*) - # Lucid - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - solaris*) - case $cc_basename in - CC*) - # Sun C++ 4.2, 5.x and Centerline C++ - _LT_AC_TAGVAR(archive_cmds_need_lc,$1)=yes - _LT_AC_TAGVAR(no_undefined_flag, $1)=' -zdefs' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - case $host_os in - solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; - *) - # The C++ compiler is used as linker so we must use $wl - # flag to pass the commands to the underlying system - # linker. We must also pass each convience library through - # to the system linker between allextract/defaultextract. - # The C++ compiler will combine linker options so we - # cannot just pass the convience library names through - # without $wl. - # Supported since Solaris 2.6 (maybe 2.5.1?) - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' - ;; - esac - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - - output_verbose_link_cmd='echo' - - # Archives containing C++ object files must be created using - # "CC -xar", where "CC" is the Sun C++ compiler. This is - # necessary to make sure instantiated templates are included - # in the archive. - _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs' - ;; - gcx*) - # Green Hills C++ Compiler - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - - # The C++ compiler must be used to create the archive. - _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC $LDFLAGS -archive -o $oldlib $oldobjs' - ;; - *) - # GNU C++ compiler with Solaris linker - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(no_undefined_flag, $1)=' ${wl}-z ${wl}defs' - if $CC --version | grep -v '^2\.7' > /dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -shared -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp' - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd="$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\"" - else - # g++ 2.7 appears to require `-G' NOT `-shared' on this - # platform. - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp' - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd="$CC -G $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\"" - fi - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $wl$libdir' - fi - ;; - esac - ;; - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*) - _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - runpath_var='LD_RUN_PATH' - - case $cc_basename in - CC*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - ;; - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - # For security reasons, it is highly recommended that you always - # use absolute paths for naming shared libraries, and exclude the - # DT_RUNPATH tag from executables and libraries. But doing so - # requires that you compile everything twice, which is a pain. - # So that behaviour is only enabled if SCOABSPATH is set to a - # non-empty value in the environment. Most likely only useful for - # creating official distributions of packages. - # This is a hack until libtool officially supports absolute path - # names for shared libraries. - _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs' - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - case $cc_basename in - CC*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - ;; - tandem*) - case $cc_basename in - NCC*) - # NonStop-UX NCC 3.20 - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - vxworks*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; -esac -AC_MSG_RESULT([$_LT_AC_TAGVAR(ld_shlibs, $1)]) -test "$_LT_AC_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no - -_LT_AC_TAGVAR(GCC, $1)="$GXX" -_LT_AC_TAGVAR(LD, $1)="$LD" - -AC_LIBTOOL_POSTDEP_PREDEP($1) -AC_LIBTOOL_PROG_COMPILER_PIC($1) -AC_LIBTOOL_PROG_CC_C_O($1) -AC_LIBTOOL_SYS_HARD_LINK_LOCKS($1) -AC_LIBTOOL_PROG_LD_SHLIBS($1) -AC_LIBTOOL_SYS_DYNAMIC_LINKER($1) -AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH($1) - -AC_LIBTOOL_CONFIG($1) - -AC_LANG_POP -CC=$lt_save_CC -LDCXX=$LD -LD=$lt_save_LD -GCC=$lt_save_GCC -with_gnu_ldcxx=$with_gnu_ld -with_gnu_ld=$lt_save_with_gnu_ld -lt_cv_path_LDCXX=$lt_cv_path_LD -lt_cv_path_LD=$lt_save_path_LD -lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld -lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld -])# AC_LIBTOOL_LANG_CXX_CONFIG - -# AC_LIBTOOL_POSTDEP_PREDEP([TAGNAME]) -# ------------------------------------ -# Figure out "hidden" library dependencies from verbose -# compiler output when linking a shared library. -# Parse the compiler output and extract the necessary -# objects, libraries and library flags. -AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP],[ -dnl we can't use the lt_simple_compile_test_code here, -dnl because it contains code intended for an executable, -dnl not a library. It's possible we should let each -dnl tag define a new lt_????_link_test_code variable, -dnl but it's only used here... -ifelse([$1],[],[cat > conftest.$ac_ext < conftest.$ac_ext < conftest.$ac_ext < conftest.$ac_ext <> "$cfgfile" -ifelse([$1], [], -[#! $SHELL - -# `$echo "$cfgfile" | sed 's%^.*/%%'` - Provide generalized library-building support services. -# Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP) -# NOTE: Changes made to this file will be lost: look at ltmain.sh. -# -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001 -# Free Software Foundation, Inc. -# -# This file is part of GNU Libtool: -# Originally by Gordon Matzigkeit , 1996 -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# A sed program that does not truncate output. -SED=$lt_SED - -# Sed that helps us avoid accidentally triggering echo(1) options like -n. -Xsed="$SED -e 1s/^X//" - -# The HP-UX ksh and POSIX shell print the target directory to stdout -# if CDPATH is set. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - -# The names of the tagged configurations supported by this script. -available_tags= - -# ### BEGIN LIBTOOL CONFIG], -[# ### BEGIN LIBTOOL TAG CONFIG: $tagname]) - -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$_LT_AC_TAGVAR(archive_cmds_need_lc, $1) - -# Whether or not to disallow shared libs when runtime libs are static -allow_libtool_libs_with_static_runtimes=$_LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1) - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# An echo program that does not interpret backslashes. -echo=$lt_echo - -# The archiver. -AR=$lt_AR -AR_FLAGS=$lt_AR_FLAGS - -# A C compiler. -LTCC=$lt_LTCC - -# LTCC compiler flags. -LTCFLAGS=$lt_LTCFLAGS - -# A language-specific compiler. -CC=$lt_[]_LT_AC_TAGVAR(compiler, $1) - -# Is the compiler the GNU C compiler? -with_gcc=$_LT_AC_TAGVAR(GCC, $1) - -# An ERE matcher. -EGREP=$lt_EGREP - -# The linker used to build libraries. -LD=$lt_[]_LT_AC_TAGVAR(LD, $1) - -# Whether we need hard or soft links. -LN_S=$lt_LN_S - -# A BSD-compatible nm program. -NM=$lt_NM - -# A symbol stripping program -STRIP=$lt_STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# How to pass a linker flag through the compiler. -wl=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_wl, $1) - -# Object file suffix (normally "o"). -objext="$ac_objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Shared library suffix (normally ".so"). -shrext_cmds='$shrext_cmds' - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$lt_cv_sys_max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_[]_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1) - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_static, $1) - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_[]_LT_AC_TAGVAR(export_dynamic_flag_spec, $1) - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_[]_LT_AC_TAGVAR(whole_archive_flag_spec, $1) - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$lt_[]_LT_AC_TAGVAR(thread_safe_flag_spec, $1) - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$lt_RANLIB -old_archive_cmds=$lt_[]_LT_AC_TAGVAR(old_archive_cmds, $1) -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_[]_LT_AC_TAGVAR(old_archive_from_new_cmds, $1) - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_[]_LT_AC_TAGVAR(old_archive_from_expsyms_cmds, $1) - -# Commands used to build and install a shared archive. -archive_cmds=$lt_[]_LT_AC_TAGVAR(archive_cmds, $1) -archive_expsym_cmds=$lt_[]_LT_AC_TAGVAR(archive_expsym_cmds, $1) -postinstall_cmds=$lt_postinstall_cmds -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to build a loadable module (assumed same as above if empty) -module_cmds=$lt_[]_LT_AC_TAGVAR(module_cmds, $1) -module_expsym_cmds=$lt_[]_LT_AC_TAGVAR(module_expsym_cmds, $1) - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$lt_[]_LT_AC_TAGVAR(predep_objects, $1) - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$lt_[]_LT_AC_TAGVAR(postdep_objects, $1) - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$lt_[]_LT_AC_TAGVAR(predeps, $1) - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$lt_[]_LT_AC_TAGVAR(postdeps, $1) - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$lt_[]_LT_AC_TAGVAR(compiler_lib_search_path, $1) - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$lt_file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_[]_LT_AC_TAGVAR(allow_undefined_flag, $1) - -# Flag that forces no undefined symbols. -no_undefined_flag=$lt_[]_LT_AC_TAGVAR(no_undefined_flag, $1) - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$lt_finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$_LT_AC_TAGVAR(hardcode_action, $1) - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$lt_[]_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) - -# If ld is used when linking, flag to hardcode \$libdir into -# a binary during linking. This must work even if \$libdir does -# not exist. -hardcode_libdir_flag_spec_ld=$lt_[]_LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1) - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$lt_[]_LT_AC_TAGVAR(hardcode_libdir_separator, $1) - -# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$_LT_AC_TAGVAR(hardcode_direct, $1) - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$_LT_AC_TAGVAR(hardcode_minus_L, $1) - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$_LT_AC_TAGVAR(hardcode_shlibpath_var, $1) - -# Set to yes if building a shared library automatically hardcodes DIR into the library -# and all subsequent libraries and executables linked against it. -hardcode_automatic=$_LT_AC_TAGVAR(hardcode_automatic, $1) - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$_LT_AC_TAGVAR(link_all_deplibs, $1) - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$_LT_AC_TAGVAR(fix_srcfile_path, $1)" - -# Set to yes if exported symbols are required. -always_export_symbols=$_LT_AC_TAGVAR(always_export_symbols, $1) - -# The commands to list exported symbols. -export_symbols_cmds=$lt_[]_LT_AC_TAGVAR(export_symbols_cmds, $1) - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_[]_LT_AC_TAGVAR(exclude_expsyms, $1) - -# Symbols that must always be exported. -include_expsyms=$lt_[]_LT_AC_TAGVAR(include_expsyms, $1) - -ifelse([$1],[], -[# ### END LIBTOOL CONFIG], -[# ### END LIBTOOL TAG CONFIG: $tagname]) - -__EOF__ - -ifelse([$1],[], [ - case $host_os in - aix3*) - cat <<\EOF >> "$cfgfile" - -# AIX sometimes has problems with the GCC collect2 program. For some -# reason, if we set the COLLECT_NAMES environment variable, the problems -# vanish in a puff of smoke. -if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES -fi -EOF - ;; - esac - - # We use sed instead of cat because bash on DJGPP gets confused if - # if finds mixed CR/LF and LF-only lines. Since sed operates in - # text mode, it properly converts lines to CR/LF. This bash problem - # is reportedly fixed, but why not run on old versions too? - sed '$q' "$ltmain" >> "$cfgfile" || (rm -f "$cfgfile"; exit 1) - - mv -f "$cfgfile" "$ofile" || \ - (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") - chmod +x "$ofile" -]) -else - # If there is no Makefile yet, we rely on a make rule to execute - # `config.status --recheck' to rerun these tests and create the - # libtool script then. - ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'` - if test -f "$ltmain_in"; then - test -f Makefile && make "$ltmain" - fi -fi -])# AC_LIBTOOL_CONFIG - - -# AC_LIBTOOL_PROG_COMPILER_NO_RTTI([TAGNAME]) -# ------------------------------------------- -AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI], -[AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl - -_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)= - -if test "$GCC" = yes; then - _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' - - AC_LIBTOOL_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions], - lt_cv_prog_compiler_rtti_exceptions, - [-fno-rtti -fno-exceptions], [], - [_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)="$_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) -fno-rtti -fno-exceptions"]) -fi -])# AC_LIBTOOL_PROG_COMPILER_NO_RTTI - - -# AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE -# --------------------------------- -AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE], -[AC_REQUIRE([AC_CANONICAL_HOST]) -AC_REQUIRE([AC_PROG_NM]) -AC_REQUIRE([AC_OBJEXT]) -# Check for command to grab the raw symbol name followed by C symbol from nm. -AC_MSG_CHECKING([command to parse $NM output from $compiler object]) -AC_CACHE_VAL([lt_cv_sys_global_symbol_pipe], -[ -# These are sane defaults that work on at least a few old systems. -# [They come from Ultrix. What could be older than Ultrix?!! ;)] - -# Character class describing NM global symbol codes. -symcode='[[BCDEGRST]]' - -# Regexp to match symbols that can be accessed directly from C. -sympat='\([[_A-Za-z]][[_A-Za-z0-9]]*\)' - -# Transform an extracted symbol line into a proper C declaration -lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^. .* \(.*\)$/extern int \1;/p'" - -# Transform an extracted symbol line into symbol name and symbol address -lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" - -# Define system-specific variables. -case $host_os in -aix*) - symcode='[[BCDT]]' - ;; -cygwin* | mingw* | pw32*) - symcode='[[ABCDGISTW]]' - ;; -hpux*) # Its linker distinguishes data from code symbols - if test "$host_cpu" = ia64; then - symcode='[[ABCDEGRST]]' - fi - lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" - lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" - ;; -linux*) - if test "$host_cpu" = ia64; then - symcode='[[ABCDGIRSTW]]' - lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" - lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" - fi - ;; -irix* | nonstopux*) - symcode='[[BCDEGRST]]' - ;; -osf*) - symcode='[[BCDEGQRST]]' - ;; -solaris*) - symcode='[[BDRT]]' - ;; -sco3.2v5*) - symcode='[[DT]]' - ;; -sysv4.2uw2*) - symcode='[[DT]]' - ;; -sysv5* | sco5v6* | unixware* | OpenUNIX*) - symcode='[[ABDT]]' - ;; -sysv4) - symcode='[[DFNSTU]]' - ;; -esac - -# Handle CRLF in mingw tool chain -opt_cr= -case $build_os in -mingw*) - opt_cr=`echo 'x\{0,1\}' | tr x '\015'` # option cr in regexp - ;; -esac - -# If we're using GNU nm, then use its standard symbol codes. -case `$NM -V 2>&1` in -*GNU* | *'with BFD'*) - symcode='[[ABCDGIRSTW]]' ;; -esac - -# Try without a prefix undercore, then with it. -for ac_symprfx in "" "_"; do - - # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol. - symxfrm="\\1 $ac_symprfx\\2 \\2" - - # Write the raw and C identifiers. - lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" - - # Check to see that the pipe works correctly. - pipe_works=no - - rm -f conftest* - cat > conftest.$ac_ext < $nlist) && test -s "$nlist"; then - # Try sorting and uniquifying the output. - if sort "$nlist" | uniq > "$nlist"T; then - mv -f "$nlist"T "$nlist" - else - rm -f "$nlist"T - fi - - # Make sure that we snagged all the symbols we need. - if grep ' nm_test_var$' "$nlist" >/dev/null; then - if grep ' nm_test_func$' "$nlist" >/dev/null; then - cat < conftest.$ac_ext -#ifdef __cplusplus -extern "C" { -#endif - -EOF - # Now generate the symbol file. - eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | grep -v main >> conftest.$ac_ext' - - cat <> conftest.$ac_ext -#if defined (__STDC__) && __STDC__ -# define lt_ptr_t void * -#else -# define lt_ptr_t char * -# define const -#endif - -/* The mapping between symbol names and symbols. */ -const struct { - const char *name; - lt_ptr_t address; -} -lt_preloaded_symbols[[]] = -{ -EOF - $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (lt_ptr_t) \&\2},/" < "$nlist" | grep -v main >> conftest.$ac_ext - cat <<\EOF >> conftest.$ac_ext - {0, (lt_ptr_t) 0} -}; - -#ifdef __cplusplus -} -#endif -EOF - # Now try linking the two files. - mv conftest.$ac_objext conftstm.$ac_objext - lt_save_LIBS="$LIBS" - lt_save_CFLAGS="$CFLAGS" - LIBS="conftstm.$ac_objext" - CFLAGS="$CFLAGS$_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)" - if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext}; then - pipe_works=yes - fi - LIBS="$lt_save_LIBS" - CFLAGS="$lt_save_CFLAGS" - else - echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD - fi - else - echo "cannot find nm_test_var in $nlist" >&AS_MESSAGE_LOG_FD - fi - else - echo "cannot run $lt_cv_sys_global_symbol_pipe" >&AS_MESSAGE_LOG_FD - fi - else - echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD - cat conftest.$ac_ext >&5 - fi - rm -f conftest* conftst* - - # Do not use the global_symbol_pipe unless it works. - if test "$pipe_works" = yes; then - break - else - lt_cv_sys_global_symbol_pipe= - fi -done -]) -if test -z "$lt_cv_sys_global_symbol_pipe"; then - lt_cv_sys_global_symbol_to_cdecl= -fi -if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then - AC_MSG_RESULT(failed) -else - AC_MSG_RESULT(ok) -fi -]) # AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE - - -# AC_LIBTOOL_PROG_COMPILER_PIC([TAGNAME]) -# --------------------------------------- -AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC], -[_LT_AC_TAGVAR(lt_prog_compiler_wl, $1)= -_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)= -_LT_AC_TAGVAR(lt_prog_compiler_static, $1)= - -AC_MSG_CHECKING([for $compiler option to produce PIC]) - ifelse([$1],[CXX],[ - # C++ specific cases for pic, static, wl, etc. - if test "$GXX" = yes; then - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - fi - ;; - amigaos*) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4' - ;; - beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - mingw* | os2* | pw32*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT' - ;; - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' - ;; - *djgpp*) - # DJGPP does not support shared libraries at all - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)= - ;; - interix3*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - sysv4*MP*) - if test -d /usr/nec; then - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic - fi - ;; - hpux*) - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - esac - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - esac - else - case $host_os in - aix4* | aix5*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - else - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' - fi - ;; - chorus*) - case $cc_basename in - cxch68*) - # Green Hills C++ Compiler - # _LT_AC_TAGVAR(lt_prog_compiler_static, $1)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a" - ;; - esac - ;; - darwin*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - case $cc_basename in - xlc*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-qnocommon' - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - ;; - esac - ;; - dgux*) - case $cc_basename in - ec++*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - ;; - ghcx*) - # Green Hills C++ Compiler - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - ;; - *) - ;; - esac - ;; - freebsd* | kfreebsd*-gnu | dragonfly*) - # FreeBSD uses GNU C++ - ;; - hpux9* | hpux10* | hpux11*) - case $cc_basename in - CC*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' - if test "$host_cpu" != ia64; then - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='+Z' - fi - ;; - aCC*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='+Z' - ;; - esac - ;; - *) - ;; - esac - ;; - interix*) - # This is c89, which is MS Visual C++ (no shared libs) - # Anyone wants to do a port? - ;; - irix5* | irix6* | nonstopux*) - case $cc_basename in - CC*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - # CC pic flag -KPIC is the default. - ;; - *) - ;; - esac - ;; - linux*) - case $cc_basename in - KCC*) - # KAI C++ Compiler - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - icpc* | ecpc*) - # Intel C++ - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static' - ;; - pgCC*) - # Portland Group C++ compiler. - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - cxx*) - # Compaq C++ - # Make sure the PIC flag is empty. It appears that all Alpha - # Linux and Compaq Tru64 Unix objects are PIC. - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)= - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - *) - ;; - esac - ;; - lynxos*) - ;; - m88k*) - ;; - mvs*) - case $cc_basename in - cxx*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-W c,exportall' - ;; - *) - ;; - esac - ;; - netbsd*) - ;; - osf3* | osf4* | osf5*) - case $cc_basename in - KCC*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,' - ;; - RCC*) - # Rational C++ 2.4.1 - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - ;; - cxx*) - # Digital/Compaq C++ - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # Make sure the PIC flag is empty. It appears that all Alpha - # Linux and Compaq Tru64 Unix objects are PIC. - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)= - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - *) - ;; - esac - ;; - psos*) - ;; - solaris*) - case $cc_basename in - CC*) - # Sun C++ 4.2, 5.x and Centerline C++ - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' - ;; - gcx*) - # Green Hills C++ Compiler - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' - ;; - *) - ;; - esac - ;; - sunos4*) - case $cc_basename in - CC*) - # Sun C++ 4.x - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - lcc*) - # Lucid - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - ;; - *) - ;; - esac - ;; - tandem*) - case $cc_basename in - NCC*) - # NonStop-UX NCC 3.20 - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - ;; - *) - ;; - esac - ;; - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - case $cc_basename in - CC*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - esac - ;; - vxworks*) - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no - ;; - esac - fi -], -[ - if test "$GCC" = yes; then - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - fi - ;; - - amigaos*) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4' - ;; - - beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT' - ;; - - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' - ;; - - interix3*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - - msdosdjgpp*) - # Just because we use GCC doesn't mean we suddenly get shared libraries - # on systems that don't support them. - _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no - enable_shared=no - ;; - - sysv4*MP*) - if test -d /usr/nec; then - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic - fi - ;; - - hpux*) - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - esac - ;; - - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - esac - else - # PORTME Check for flag to pass linker flags through the system compiler. - case $host_os in - aix*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - else - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' - fi - ;; - darwin*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - case $cc_basename in - xlc*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-qnocommon' - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - ;; - esac - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT' - ;; - - hpux9* | hpux10* | hpux11*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='+Z' - ;; - esac - # Is there a better lt_prog_compiler_static that works with the bundled CC? - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' - ;; - - irix5* | irix6* | nonstopux*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # PIC (with -KPIC) is the default. - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - - newsos6) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - linux*) - case $cc_basename in - icc* | ecc*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static' - ;; - pgcc* | pgf77* | pgf90* | pgf95*) - # Portland Group compilers (*not* the Pentium gcc compiler, - # which looks to be a dead project) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - ccc*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # All Alpha code is PIC. - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - esac - ;; - - osf3* | osf4* | osf5*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # All OSF/1 code is PIC. - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - - solaris*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - case $cc_basename in - f77* | f90* | f95*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';; - *) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';; - esac - ;; - - sunos4*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - sysv4 | sysv4.2uw2* | sysv4.3*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - sysv4*MP*) - if test -d /usr/nec ;then - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-Kconform_pic' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - fi - ;; - - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - unicos*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no - ;; - - uts4*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - *) - _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no - ;; - esac - fi -]) -AC_MSG_RESULT([$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)]) - -# -# Check to make sure the PIC flag actually works. -# -if test -n "$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)"; then - AC_LIBTOOL_COMPILER_OPTION([if $compiler PIC flag $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) works], - _LT_AC_TAGVAR(lt_prog_compiler_pic_works, $1), - [$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)ifelse([$1],[],[ -DPIC],[ifelse([$1],[CXX],[ -DPIC],[])])], [], - [case $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) in - "" | " "*) ;; - *) _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=" $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)" ;; - esac], - [_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)= - _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no]) -fi -case $host_os in - # For platforms which do not support PIC, -DPIC is meaningless: - *djgpp*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)= - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)ifelse([$1],[],[ -DPIC],[ifelse([$1],[CXX],[ -DPIC],[])])" - ;; -esac - -# -# Check to make sure the static flag actually works. -# -wl=$_LT_AC_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_AC_TAGVAR(lt_prog_compiler_static, $1)\" -AC_LIBTOOL_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works], - _LT_AC_TAGVAR(lt_prog_compiler_static_works, $1), - $lt_tmp_static_flag, - [], - [_LT_AC_TAGVAR(lt_prog_compiler_static, $1)=]) -]) - - -# AC_LIBTOOL_PROG_LD_SHLIBS([TAGNAME]) -# ------------------------------------ -# See if the linker supports building shared libraries. -AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS], -[AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) -ifelse([$1],[CXX],[ - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - case $host_os in - aix4* | aix5*) - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | grep 'GNU' > /dev/null; then - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols' - else - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols' - fi - ;; - pw32*) - _LT_AC_TAGVAR(export_symbols_cmds, $1)="$ltdll_cmds" - ;; - cygwin* | mingw*) - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]] /s/.* \([[^ ]]*\)/\1 DATA/;/^.* __nm__/s/^.* __nm__\([[^ ]]*\) [[^ ]]*/\1 DATA/;/^I /d;/^[[AITW]] /s/.* //'\'' | sort | uniq > $export_symbols' - ;; - *) - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - ;; - esac -],[ - runpath_var= - _LT_AC_TAGVAR(allow_undefined_flag, $1)= - _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=no - _LT_AC_TAGVAR(archive_cmds, $1)= - _LT_AC_TAGVAR(archive_expsym_cmds, $1)= - _LT_AC_TAGVAR(old_archive_From_new_cmds, $1)= - _LT_AC_TAGVAR(old_archive_from_expsyms_cmds, $1)= - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)= - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)= - _LT_AC_TAGVAR(thread_safe_flag_spec, $1)= - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)= - _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)= - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_minus_L, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported - _LT_AC_TAGVAR(link_all_deplibs, $1)=unknown - _LT_AC_TAGVAR(hardcode_automatic, $1)=no - _LT_AC_TAGVAR(module_cmds, $1)= - _LT_AC_TAGVAR(module_expsym_cmds, $1)= - _LT_AC_TAGVAR(always_export_symbols, $1)=no - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - # include_expsyms should be a list of space-separated symbols to be *always* - # included in the symbol list - _LT_AC_TAGVAR(include_expsyms, $1)= - # exclude_expsyms can be an extended regexp of symbols to exclude - # it will be wrapped by ` (' and `)$', so one must not match beginning or - # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', - # as well as any symbol that contains `d'. - _LT_AC_TAGVAR(exclude_expsyms, $1)="_GLOBAL_OFFSET_TABLE_" - # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out - # platforms (ab)use it in PIC code, but their linkers get confused if - # the symbol is explicitly referenced. Since portable code cannot - # rely on this symbol name, it's probably fine to never include it in - # preloaded symbol tables. - extract_expsyms_cmds= - # Just being paranoid about ensuring that cc_basename is set. - _LT_CC_BASENAME([$compiler]) - case $host_os in - cygwin* | mingw* | pw32*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - if test "$GCC" != yes; then - with_gnu_ld=no - fi - ;; - interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) - with_gnu_ld=yes - ;; - openbsd*) - with_gnu_ld=no - ;; - esac - - _LT_AC_TAGVAR(ld_shlibs, $1)=yes - if test "$with_gnu_ld" = yes; then - # If archive_cmds runs LD, not CC, wlarc should be empty - wlarc='${wl}' - - # Set some defaults for GNU ld with shared library support. These - # are reset later if shared libraries are not supported. Putting them - # here allows them to be overridden if necessary. - runpath_var=LD_RUN_PATH - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - # ancient GNU ld didn't support --whole-archive et. al. - if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)= - fi - supports_anon_versioning=no - case `$LD -v 2>/dev/null` in - *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11 - *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... - *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... - *\ 2.11.*) ;; # other 2.11 versions - *) supports_anon_versioning=yes ;; - esac - - # See if GNU ld supports shared libraries. - case $host_os in - aix3* | aix4* | aix5*) - # On AIX/PPC, the GNU linker is very broken - if test "$host_cpu" != ia64; then - _LT_AC_TAGVAR(ld_shlibs, $1)=no - cat <&2 - -*** Warning: the GNU linker, at least up to release 2.9.1, is reported -*** to be unable to reliably create shared libraries on AIX. -*** Therefore, libtool is disabling shared libraries support. If you -*** really care for shared libraries, you may want to modify your PATH -*** so that a non-GNU linker is found, and then restart. - -EOF - fi - ;; - - amigaos*) - _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - - # Samuel A. Falvo II reports - # that the semantics of dynamic libraries on AmigaOS, at least up - # to version 4, is to share data among multiple programs linked - # with the same dynamic library. Since this doesn't match the - # behavior of shared libraries on other platforms, we can't use - # them. - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - - beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - cygwin* | mingw* | pw32*) - # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, - # as there is no search path for DLLs. - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_AC_TAGVAR(always_export_symbols, $1)=no - _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]] /s/.* \([[^ ]]*\)/\1 DATA/'\'' | $SED -e '\''/^[[AITW]] /s/.* //'\'' | sort | uniq > $export_symbols' - - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - interix3*) - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - - linux*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - tmp_addflag= - case $cc_basename,$host_cpu in - pgcc*) # Portland Group C compiler - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag' - ;; - pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag -Mnomain' ;; - ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 - tmp_addflag=' -i_dynamic' ;; - efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 - tmp_addflag=' -i_dynamic -nofor_main' ;; - ifc* | ifort*) # Intel Fortran compiler - tmp_addflag=' -nofor_main' ;; - esac - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - - if test $supports_anon_versioning = yes; then - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - $echo "local: *; };" >> $output_objdir/$libname.ver~ - $CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' - fi - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' - wlarc= - else - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - fi - ;; - - solaris*) - if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then - _LT_AC_TAGVAR(ld_shlibs, $1)=no - cat <&2 - -*** Warning: The releases 2.8.* of the GNU linker cannot reliably -*** create shared libraries on Solaris systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.9.1 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -EOF - elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) - case `$LD -v 2>&1` in - *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*) - _LT_AC_TAGVAR(ld_shlibs, $1)=no - cat <<_LT_EOF 1>&2 - -*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not -*** reliably create shared libraries on SCO systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.16.91.0.3 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -_LT_EOF - ;; - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - - sunos4*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' - wlarc= - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - - if test "$_LT_AC_TAGVAR(ld_shlibs, $1)" = no; then - runpath_var= - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)= - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)= - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)= - fi - else - # PORTME fill in a description of your system's linker (not GNU ld) - case $host_os in - aix3*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_AC_TAGVAR(always_export_symbols, $1)=yes - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' - # Note: this linker hardcodes the directories in LIBPATH if there - # are no directories specified by -L. - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then - # Neither direct hardcoding nor static linking is supported with a - # broken collect2. - _LT_AC_TAGVAR(hardcode_direct, $1)=unsupported - fi - ;; - - aix4* | aix5*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | grep 'GNU' > /dev/null; then - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols' - else - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols' - fi - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[[23]]|aix4.[[23]].*|aix5*) - for ld_flag in $LDFLAGS; do - if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then - aix_use_runtimelinking=yes - break - fi - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - _LT_AC_TAGVAR(archive_cmds, $1)='' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - - if test "$GCC" = yes; then - case $host_os in aix4.[[012]]|aix4.[[012]].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null - then - # We have reworked collect2 - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - else - # We have old collect2 - _LT_AC_TAGVAR(hardcode_direct, $1)=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - _LT_AC_TAGVAR(always_export_symbols, $1)=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-berok' - # Determine the default libpath from the value encoded in an empty executable. - _LT_AC_SYS_LIBPATH_AIX - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" - _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib' - _LT_AC_TAGVAR(allow_undefined_flag, $1)="-z nodefs" - _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an empty executable. - _LT_AC_SYS_LIBPATH_AIX - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - _LT_AC_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok' - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok' - # Exported symbols can be pulled into shared objects from archives - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='$convenience' - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes - # This is similar to how AIX traditionally builds its shared libraries. - _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - amigaos*) - _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - # see comment about different semantics on the GNU ld section - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - - bsdi[[45]]*) - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic - ;; - - cygwin* | mingw* | pw32*) - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - # hardcode_libdir_flag_spec is actually meaningless, as there is - # no search path for DLLs. - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames=' - # The linker will automatically build a .lib file if we build a DLL. - _LT_AC_TAGVAR(old_archive_From_new_cmds, $1)='true' - # FIXME: Should let the user specify the lib program. - _LT_AC_TAGVAR(old_archive_cmds, $1)='lib /OUT:$oldlib$oldobjs$old_deplibs' - _LT_AC_TAGVAR(fix_srcfile_path, $1)='`cygpath -w "$srcfile"`' - _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - ;; - - darwin* | rhapsody*) - case $host_os in - rhapsody* | darwin1.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - ;; - 10.*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}dynamic_lookup' - ;; - esac - fi - ;; - esac - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_automatic, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - if test "$GCC" = yes ; then - output_verbose_link_cmd='echo' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - case $cc_basename in - xlc*) - output_verbose_link_cmd='echo' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' - _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - ;; - *) - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - fi - ;; - - dgux*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - freebsd1*) - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor - # support. Future versions do this automatically, but an explicit c++rt0.o - # does not break anything, and helps significantly (at the cost of a little - # extra space). - freebsd2.2*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | kfreebsd*-gnu | dragonfly*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - hpux9*) - if test "$GCC" = yes; then - _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - fi - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - ;; - - hpux10*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' - fi - if test "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - fi - ;; - - hpux11*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - case $host_cpu in - hppa*64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - else - case $host_cpu in - hppa*64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - fi - if test "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - case $host_cpu in - hppa*64*|ia64*) - _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir' - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - *) - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - ;; - esac - fi - ;; - - irix5* | irix6* | nonstopux*) - if test "$GCC" = yes; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir' - fi - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out - else - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF - fi - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - newsos6) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - openbsd*) - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - else - case $host_os in - openbsd[[01]].* | openbsd2.[[0-7]] | openbsd2.[[0-7]].*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - ;; - esac - fi - ;; - - os2*) - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_AC_TAGVAR(archive_cmds, $1)='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' - _LT_AC_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' - ;; - - osf3*) - if test "$GCC" = yes; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - fi - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - ;; - - osf4* | osf5*) # as osf3* with the addition of -msym flag - if test "$GCC" = yes; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - else - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~ - $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp' - - # Both c and cxx compiler support -rpath directly - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' - fi - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - ;; - - solaris*) - _LT_AC_TAGVAR(no_undefined_flag, $1)=' -z text' - if test "$GCC" = yes; then - wlarc='${wl}' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp' - else - wlarc='' - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp' - fi - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - case $host_os in - solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; - *) - # The compiler driver will combine linker options so we - # cannot just pass the convience library names through - # without $wl, iff we do not link with $LD. - # Luckily, gcc supports the same syntax we need for Sun Studio. - # Supported since Solaris 2.6 (maybe 2.5.1?) - case $wlarc in - '') - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract' ;; - *) - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' ;; - esac ;; - esac - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - ;; - - sunos4*) - if test "x$host_vendor" = xsequent; then - # Use $CC to link under sequent, because it throws in some extra .o - # files that make .init and .fini sections work. - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' - fi - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - sysv4) - case $host_vendor in - sni) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes # is this really true??? - ;; - siemens) - ## LD is ld it makes a PLAMLIB - ## CC just makes a GrossModule. - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(reload_cmds, $1)='$CC -r -o $output$reload_objs' - _LT_AC_TAGVAR(hardcode_direct, $1)=no - ;; - motorola) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_direct, $1)=no #Motorola manual says yes, but my tests say they lie - ;; - esac - runpath_var='LD_RUN_PATH' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - sysv4.3*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='-Bexport' - ;; - - sysv4*MP*) - if test -d /usr/nec; then - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - runpath_var=LD_RUN_PATH - hardcode_runpath_var=yes - _LT_AC_TAGVAR(ld_shlibs, $1)=yes - fi - ;; - - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7*) - _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs' - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - uts4*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - *) - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - fi -]) -AC_MSG_RESULT([$_LT_AC_TAGVAR(ld_shlibs, $1)]) -test "$_LT_AC_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no - -# -# Do we need to explicitly link libc? -# -case "x$_LT_AC_TAGVAR(archive_cmds_need_lc, $1)" in -x|xyes) - # Assume -lc should be added - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes - - if test "$enable_shared" = yes && test "$GCC" = yes; then - case $_LT_AC_TAGVAR(archive_cmds, $1) in - *'~'*) - # FIXME: we may have to deal with multi-command sequences. - ;; - '$CC '*) - # Test whether the compiler implicitly links with -lc since on some - # systems, -lgcc has to come before -lc. If gcc already passes -lc - # to ld, don't add -lc before -lgcc. - AC_MSG_CHECKING([whether -lc should be explicitly linked in]) - $rm conftest* - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - if AC_TRY_EVAL(ac_compile) 2>conftest.err; then - soname=conftest - lib=conftest - libobjs=conftest.$ac_objext - deplibs= - wl=$_LT_AC_TAGVAR(lt_prog_compiler_wl, $1) - pic_flag=$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) - compiler_flags=-v - linker_flags=-v - verstring= - output_objdir=. - libname=conftest - lt_save_allow_undefined_flag=$_LT_AC_TAGVAR(allow_undefined_flag, $1) - _LT_AC_TAGVAR(allow_undefined_flag, $1)= - if AC_TRY_EVAL(_LT_AC_TAGVAR(archive_cmds, $1) 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) - then - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - else - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes - fi - _LT_AC_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag - else - cat conftest.err 1>&5 - fi - $rm conftest* - AC_MSG_RESULT([$_LT_AC_TAGVAR(archive_cmds_need_lc, $1)]) - ;; - esac - fi - ;; -esac -])# AC_LIBTOOL_PROG_LD_SHLIBS - - -# _LT_AC_FILE_LTDLL_C -# ------------------- -# Be careful that the start marker always follows a newline. -AC_DEFUN([_LT_AC_FILE_LTDLL_C], [ -# /* ltdll.c starts here */ -# #define WIN32_LEAN_AND_MEAN -# #include -# #undef WIN32_LEAN_AND_MEAN -# #include -# -# #ifndef __CYGWIN__ -# # ifdef __CYGWIN32__ -# # define __CYGWIN__ __CYGWIN32__ -# # endif -# #endif -# -# #ifdef __cplusplus -# extern "C" { -# #endif -# BOOL APIENTRY DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved); -# #ifdef __cplusplus -# } -# #endif -# -# #ifdef __CYGWIN__ -# #include -# DECLARE_CYGWIN_DLL( DllMain ); -# #endif -# HINSTANCE __hDllInstance_base; -# -# BOOL APIENTRY -# DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved) -# { -# __hDllInstance_base = hInst; -# return TRUE; -# } -# /* ltdll.c ends here */ -])# _LT_AC_FILE_LTDLL_C - - -# _LT_AC_TAGVAR(VARNAME, [TAGNAME]) -# --------------------------------- -AC_DEFUN([_LT_AC_TAGVAR], [ifelse([$2], [], [$1], [$1_$2])]) - - -# old names -AC_DEFUN([AM_PROG_LIBTOOL], [AC_PROG_LIBTOOL]) -AC_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)]) -AC_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)]) -AC_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)]) -AC_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)]) -AC_DEFUN([AM_PROG_LD], [AC_PROG_LD]) -AC_DEFUN([AM_PROG_NM], [AC_PROG_NM]) - -# This is just to silence aclocal about the macro not being used -ifelse([AC_DISABLE_FAST_INSTALL]) - -AC_DEFUN([LT_AC_PROG_GCJ], -[AC_CHECK_TOOL(GCJ, gcj, no) - test "x${GCJFLAGS+set}" = xset || GCJFLAGS="-g -O2" - AC_SUBST(GCJFLAGS) -]) - -AC_DEFUN([LT_AC_PROG_RC], -[AC_CHECK_TOOL(RC, windres, no) -]) - -# NOTE: This macro has been submitted for inclusion into # -# GNU Autoconf as AC_PROG_SED. When it is available in # -# a released version of Autoconf we should remove this # -# macro and use it instead. # -# LT_AC_PROG_SED -# -------------- -# Check for a fully-functional sed program, that truncates -# as few characters as possible. Prefer GNU sed if found. -AC_DEFUN([LT_AC_PROG_SED], -[AC_MSG_CHECKING([for a sed that does not truncate output]) -AC_CACHE_VAL(lt_cv_path_SED, -[# Loop through the user's path and test for sed and gsed. -# Then use that list of sed's as ones to test for truncation. -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for lt_ac_prog in sed gsed; do - for ac_exec_ext in '' $ac_executable_extensions; do - if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then - lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext" - fi - done - done -done -lt_ac_max=0 -lt_ac_count=0 -# Add /usr/xpg4/bin/sed as it is typically found on Solaris -# along with /bin/sed that truncates output. -for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do - test ! -f $lt_ac_sed && continue - cat /dev/null > conftest.in - lt_ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >conftest.in - # Check for GNU sed and select it if it is found. - if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then - lt_cv_path_SED=$lt_ac_sed - break - fi - while true; do - cat conftest.in conftest.in >conftest.tmp - mv conftest.tmp conftest.in - cp conftest.in conftest.nl - echo >>conftest.nl - $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break - cmp -s conftest.out conftest.nl || break - # 10000 chars as input seems more than enough - test $lt_ac_count -gt 10 && break - lt_ac_count=`expr $lt_ac_count + 1` - if test $lt_ac_count -gt $lt_ac_max; then - lt_ac_max=$lt_ac_count - lt_cv_path_SED=$lt_ac_sed - fi - done -done -]) -SED=$lt_cv_path_SED -AC_MSG_RESULT([$SED]) -]) - -# Copyright (C) 2002, 2003, 2005, 2006 Free Software Foundation, Inc. +m4_ifndef([AC_AUTOCONF_VERSION], + [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl +m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.65],, +[m4_warning([this file was generated for autoconf 2.65. +You have another version of autoconf. It may work, but is not guaranteed to. +If you have problems, you may need to regenerate the build system entirely. +To do so, use the procedure documented by the package, typically `autoreconf'.])]) + +# Copyright (C) 2002, 2003, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -6405,10 +31,10 @@ AC_MSG_RESULT([$SED]) # generated from the m4 files accompanying Automake X.Y. # (This private macro should not be called outside this file.) AC_DEFUN([AM_AUTOMAKE_VERSION], -[am__api_version='1.10' +[am__api_version='1.11' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.10], [], +m4_if([$1], [1.11.1], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) @@ -6422,10 +48,12 @@ m4_define([_AM_AUTOCONF_VERSION], []) # AM_SET_CURRENT_AUTOMAKE_VERSION # ------------------------------- # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. -# This function is AC_REQUIREd by AC_INIT_AUTOMAKE. +# This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.10])dnl -_AM_AUTOCONF_VERSION(m4_PACKAGE_VERSION)]) +[AM_AUTOMAKE_VERSION([1.11.1])dnl +m4_ifndef([AC_AUTOCONF_VERSION], + [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl +_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) # AM_AUX_DIR_EXPAND -*- Autoconf -*- @@ -6482,14 +110,14 @@ am_aux_dir=`cd $ac_aux_dir && pwd` # AM_CONDITIONAL -*- Autoconf -*- -# Copyright (C) 1997, 2000, 2001, 2003, 2004, 2005, 2006 +# Copyright (C) 1997, 2000, 2001, 2003, 2004, 2005, 2006, 2008 # Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 8 +# serial 9 # AM_CONDITIONAL(NAME, SHELL-CONDITION) # ------------------------------------- @@ -6502,6 +130,7 @@ AC_SUBST([$1_TRUE])dnl AC_SUBST([$1_FALSE])dnl _AM_SUBST_NOTMAKE([$1_TRUE])dnl _AM_SUBST_NOTMAKE([$1_FALSE])dnl +m4_define([_AM_COND_VALUE_$1], [$2])dnl if $2; then $1_TRUE= $1_FALSE='#' @@ -6515,16 +144,278 @@ AC_CONFIG_COMMANDS_PRE( Usually this means the macro was only invoked conditionally.]]) fi])]) -# Do all the work for Automake. -*- Autoconf -*- - -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, -# 2005, 2006 Free Software Foundation, Inc. +# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2009 +# Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 12 +# serial 10 + +# There are a few dirty hacks below to avoid letting `AC_PROG_CC' be +# written in clear, in which case automake, when reading aclocal.m4, +# will think it sees a *use*, and therefore will trigger all it's +# C support machinery. Also note that it means that autoscan, seeing +# CC etc. in the Makefile, will ask for an AC_PROG_CC use... + + +# _AM_DEPENDENCIES(NAME) +# ---------------------- +# See how the compiler implements dependency checking. +# NAME is "CC", "CXX", "GCJ", or "OBJC". +# We try a few techniques and use that to set a single cache variable. +# +# We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was +# modified to invoke _AM_DEPENDENCIES(CC); we would have a circular +# dependency, and given that the user is not expected to run this macro, +# just rely on AC_PROG_CC. +AC_DEFUN([_AM_DEPENDENCIES], +[AC_REQUIRE([AM_SET_DEPDIR])dnl +AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl +AC_REQUIRE([AM_MAKE_INCLUDE])dnl +AC_REQUIRE([AM_DEP_TRACK])dnl + +ifelse([$1], CC, [depcc="$CC" am_compiler_list=], + [$1], CXX, [depcc="$CXX" am_compiler_list=], + [$1], OBJC, [depcc="$OBJC" am_compiler_list='gcc3 gcc'], + [$1], UPC, [depcc="$UPC" am_compiler_list=], + [$1], GCJ, [depcc="$GCJ" am_compiler_list='gcc3 gcc'], + [depcc="$$1" am_compiler_list=]) + +AC_CACHE_CHECK([dependency style of $depcc], + [am_cv_$1_dependencies_compiler_type], +[if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then + # We make a subdir and do the tests there. Otherwise we can end up + # making bogus files that we don't know about and never remove. For + # instance it was reported that on HP-UX the gcc test will end up + # making a dummy file named `D' -- because `-MD' means `put the output + # in D'. + mkdir conftest.dir + # Copy depcomp to subdir because otherwise we won't find it if we're + # using a relative directory. + cp "$am_depcomp" conftest.dir + cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub + + am_cv_$1_dependencies_compiler_type=none + if test "$am_compiler_list" = ""; then + am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp` + fi + am__universal=false + m4_case([$1], [CC], + [case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac], + [CXX], + [case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac]) + + for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # + # We need to recreate these files for each test, as the compiler may + # overwrite some of them when testing with obscure command lines. + # This happens at least with the AIX C compiler. + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with + # Solaris 8's {/usr,}/bin/sh. + touch sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf + + # We check with `-c' and `-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle `-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" + case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; + nosideeffect) + # after this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested + if test "x$enable_dependency_tracking" = xyes; then + continue + else + break + fi + ;; + msvisualcpp | msvcmsys) + # This compiler won't grok `-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; + none) break ;; + esac + if depmode=$depmode \ + source=sub/conftest.c object=$am__obj \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && + ${MAKE-make} -s -f confmf > /dev/null 2>&1; then + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_$1_dependencies_compiler_type=$depmode + break + fi + fi + done + + cd .. + rm -rf conftest.dir +else + am_cv_$1_dependencies_compiler_type=none +fi +]) +AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type]) +AM_CONDITIONAL([am__fastdep$1], [ + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_$1_dependencies_compiler_type" = gcc3]) +]) + + +# AM_SET_DEPDIR +# ------------- +# Choose a directory name for dependency files. +# This macro is AC_REQUIREd in _AM_DEPENDENCIES +AC_DEFUN([AM_SET_DEPDIR], +[AC_REQUIRE([AM_SET_LEADING_DOT])dnl +AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl +]) + + +# AM_DEP_TRACK +# ------------ +AC_DEFUN([AM_DEP_TRACK], +[AC_ARG_ENABLE(dependency-tracking, +[ --disable-dependency-tracking speeds up one-time build + --enable-dependency-tracking do not reject slow dependency extractors]) +if test "x$enable_dependency_tracking" != xno; then + am_depcomp="$ac_aux_dir/depcomp" + AMDEPBACKSLASH='\' +fi +AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno]) +AC_SUBST([AMDEPBACKSLASH])dnl +_AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl +]) + +# Generate code to set up dependency tracking. -*- Autoconf -*- + +# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2008 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +#serial 5 + +# _AM_OUTPUT_DEPENDENCY_COMMANDS +# ------------------------------ +AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], +[{ + # Autoconf 2.62 quotes --file arguments for eval, but not when files + # are listed without --file. Let's play safe and only enable the eval + # if we detect the quoting. + case $CONFIG_FILES in + *\'*) eval set x "$CONFIG_FILES" ;; + *) set x $CONFIG_FILES ;; + esac + shift + for mf + do + # Strip MF so we end up with the name of the file. + mf=`echo "$mf" | sed -e 's/:.*$//'` + # Check whether this is an Automake generated Makefile or not. + # We used to match only the files named `Makefile.in', but + # some people rename them; so instead we look at the file content. + # Grep'ing the first line is not enough: some people post-process + # each Makefile.in and add a new line on top of each file to say so. + # Grep'ing the whole file is not good either: AIX grep has a line + # limit of 2048, but all sed's we know have understand at least 4000. + if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then + dirpart=`AS_DIRNAME("$mf")` + else + continue + fi + # Extract the definition of DEPDIR, am__include, and am__quote + # from the Makefile without running `make'. + DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` + test -z "$DEPDIR" && continue + am__include=`sed -n 's/^am__include = //p' < "$mf"` + test -z "am__include" && continue + am__quote=`sed -n 's/^am__quote = //p' < "$mf"` + # When using ansi2knr, U may be empty or an underscore; expand it + U=`sed -n 's/^U = //p' < "$mf"` + # Find all dependency output files, they are included files with + # $(DEPDIR) in their names. We invoke sed twice because it is the + # simplest approach to changing $(DEPDIR) to its actual value in the + # expansion. + for file in `sed -n " + s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ + sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do + # Make sure the directory exists. + test -f "$dirpart/$file" && continue + fdir=`AS_DIRNAME(["$file"])` + AS_MKDIR_P([$dirpart/$fdir]) + # echo "creating $dirpart/$file" + echo '# dummy' > "$dirpart/$file" + done + done +} +])# _AM_OUTPUT_DEPENDENCY_COMMANDS + + +# AM_OUTPUT_DEPENDENCY_COMMANDS +# ----------------------------- +# This macro should only be invoked once -- use via AC_REQUIRE. +# +# This code is only required when automatic dependency tracking +# is enabled. FIXME. This creates each `.P' file that we will +# need in order to bootstrap the dependency handling code. +AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], +[AC_CONFIG_COMMANDS([depfiles], + [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS], + [AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"]) +]) + +# Do all the work for Automake. -*- Autoconf -*- + +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, +# 2005, 2006, 2008, 2009 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 16 # This macro actually does too much. Some checks are only needed if # your package does certain things. But this isn't really a big deal. @@ -6541,7 +432,7 @@ fi])]) # arguments mandatory, and then we can depend on a new Autoconf # release and drop the old call support. AC_DEFUN([AM_INIT_AUTOMAKE], -[AC_PREREQ([2.60])dnl +[AC_PREREQ([2.62])dnl dnl Autoconf wants to disallow AM_ names. We explicitly allow dnl the ones we care about. m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl @@ -6592,8 +483,8 @@ AM_MISSING_PROG(AUTOCONF, autoconf) AM_MISSING_PROG(AUTOMAKE, automake-${am__api_version}) AM_MISSING_PROG(AUTOHEADER, autoheader) AM_MISSING_PROG(MAKEINFO, makeinfo) -AM_PROG_INSTALL_SH -AM_PROG_INSTALL_STRIP +AC_REQUIRE([AM_PROG_INSTALL_SH])dnl +AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl AC_REQUIRE([AM_PROG_MKDIR_P])dnl # We need awk for the "check" target. The system "awk" is bad on # some platforms. @@ -6601,24 +492,37 @@ AC_REQUIRE([AC_PROG_AWK])dnl AC_REQUIRE([AC_PROG_MAKE_SET])dnl AC_REQUIRE([AM_SET_LEADING_DOT])dnl _AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])], - [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], - [_AM_PROG_TAR([v7])])]) + [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], + [_AM_PROG_TAR([v7])])]) _AM_IF_OPTION([no-dependencies],, [AC_PROVIDE_IFELSE([AC_PROG_CC], - [_AM_DEPENDENCIES(CC)], - [define([AC_PROG_CC], - defn([AC_PROG_CC])[_AM_DEPENDENCIES(CC)])])dnl + [_AM_DEPENDENCIES(CC)], + [define([AC_PROG_CC], + defn([AC_PROG_CC])[_AM_DEPENDENCIES(CC)])])dnl AC_PROVIDE_IFELSE([AC_PROG_CXX], - [_AM_DEPENDENCIES(CXX)], - [define([AC_PROG_CXX], - defn([AC_PROG_CXX])[_AM_DEPENDENCIES(CXX)])])dnl + [_AM_DEPENDENCIES(CXX)], + [define([AC_PROG_CXX], + defn([AC_PROG_CXX])[_AM_DEPENDENCIES(CXX)])])dnl AC_PROVIDE_IFELSE([AC_PROG_OBJC], - [_AM_DEPENDENCIES(OBJC)], - [define([AC_PROG_OBJC], - defn([AC_PROG_OBJC])[_AM_DEPENDENCIES(OBJC)])])dnl + [_AM_DEPENDENCIES(OBJC)], + [define([AC_PROG_OBJC], + defn([AC_PROG_OBJC])[_AM_DEPENDENCIES(OBJC)])])dnl ]) +_AM_IF_OPTION([silent-rules], [AC_REQUIRE([AM_SILENT_RULES])])dnl +dnl The `parallel-tests' driver may need to know about EXEEXT, so add the +dnl `am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This macro +dnl is hooked onto _AC_COMPILER_EXEEXT early, see below. +AC_CONFIG_COMMANDS_PRE(dnl +[m4_provide_if([_AM_COMPILER_EXEEXT], + [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl ]) +dnl Hook into `_AC_COMPILER_EXEEXT' early to learn its expansion. Do not +dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further +dnl mangled by Autoconf and run in a shell conditional statement. +m4_define([_AC_COMPILER_EXEEXT], +m4_defn([_AC_COMPILER_EXEEXT])[m4_provide([_AM_COMPILER_EXEEXT])]) + # When config.status generates a header, we must update the stamp-h file. # This file resides in the same directory as the config header @@ -6629,18 +533,19 @@ AC_PROVIDE_IFELSE([AC_PROG_OBJC], # our stamp files there. AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK], [# Compute $1's index in $config_headers. +_am_arg=$1 _am_stamp_count=1 for _am_header in $config_headers :; do case $_am_header in - $1 | $1:* ) + $_am_arg | $_am_arg:* ) break ;; * ) _am_stamp_count=`expr $_am_stamp_count + 1` ;; esac done -echo "timestamp for $1" >`AS_DIRNAME([$1])`/stamp-h[]$_am_stamp_count]) +echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) -# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +# Copyright (C) 2001, 2003, 2005, 2008 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -6651,7 +556,14 @@ echo "timestamp for $1" >`AS_DIRNAME([$1])`/stamp-h[]$_am_stamp_count]) # Define $install_sh. AC_DEFUN([AM_PROG_INSTALL_SH], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl -install_sh=${install_sh-"\$(SHELL) $am_aux_dir/install-sh"} +if test x"${install_sh}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; + *) + install_sh="\${SHELL} $am_aux_dir/install-sh" + esac +fi AC_SUBST(install_sh)]) # Copyright (C) 2003, 2005 Free Software Foundation, Inc. @@ -6699,33 +611,7 @@ fi]) # Add --enable-maintainer-mode option to configure. -*- Autoconf -*- # From Jim Meyering -# Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005 -# Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 4 - -AC_DEFUN([AM_MAINTAINER_MODE], -[AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles]) - dnl maintainer-mode is disabled by default - AC_ARG_ENABLE(maintainer-mode, -[ --enable-maintainer-mode enable make rules and dependencies not useful - (and sometimes confusing) to the casual installer], - USE_MAINTAINER_MODE=$enableval, - USE_MAINTAINER_MODE=no) - AC_MSG_RESULT([$USE_MAINTAINER_MODE]) - AM_CONDITIONAL(MAINTAINER_MODE, [test $USE_MAINTAINER_MODE = yes]) - MAINT=$MAINTAINER_MODE_TRUE - AC_SUBST(MAINT)dnl -] -) - -AU_DEFUN([jm_MAINTAINER_MODE], [AM_MAINTAINER_MODE]) - -# Copyright (C) 1999, 2000, 2001, 2003, 2004, 2005 +# Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005, 2008 # Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation @@ -6734,6 +620,95 @@ AU_DEFUN([jm_MAINTAINER_MODE], [AM_MAINTAINER_MODE]) # serial 5 +# AM_MAINTAINER_MODE([DEFAULT-MODE]) +# ---------------------------------- +# Control maintainer-specific portions of Makefiles. +# Default is to disable them, unless `enable' is passed literally. +# For symmetry, `disable' may be passed as well. Anyway, the user +# can override the default with the --enable/--disable switch. +AC_DEFUN([AM_MAINTAINER_MODE], +[m4_case(m4_default([$1], [disable]), + [enable], [m4_define([am_maintainer_other], [disable])], + [disable], [m4_define([am_maintainer_other], [enable])], + [m4_define([am_maintainer_other], [enable]) + m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])]) +AC_MSG_CHECKING([whether to am_maintainer_other maintainer-specific portions of Makefiles]) + dnl maintainer-mode's default is 'disable' unless 'enable' is passed + AC_ARG_ENABLE([maintainer-mode], +[ --][am_maintainer_other][-maintainer-mode am_maintainer_other make rules and dependencies not useful + (and sometimes confusing) to the casual installer], + [USE_MAINTAINER_MODE=$enableval], + [USE_MAINTAINER_MODE=]m4_if(am_maintainer_other, [enable], [no], [yes])) + AC_MSG_RESULT([$USE_MAINTAINER_MODE]) + AM_CONDITIONAL([MAINTAINER_MODE], [test $USE_MAINTAINER_MODE = yes]) + MAINT=$MAINTAINER_MODE_TRUE + AC_SUBST([MAINT])dnl +] +) + +AU_DEFUN([jm_MAINTAINER_MODE], [AM_MAINTAINER_MODE]) + +# Check to see how 'make' treats includes. -*- Autoconf -*- + +# Copyright (C) 2001, 2002, 2003, 2005, 2009 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 4 + +# AM_MAKE_INCLUDE() +# ----------------- +# Check to see how make treats includes. +AC_DEFUN([AM_MAKE_INCLUDE], +[am_make=${MAKE-make} +cat > confinc << 'END' +am__doit: + @echo this is the am__doit target +.PHONY: am__doit +END +# If we don't find an include directive, just comment out the code. +AC_MSG_CHECKING([for style of include used by $am_make]) +am__include="#" +am__quote= +_am_result=none +# First try GNU make style include. +echo "include confinc" > confmf +# Ignore all kinds of additional output from `make'. +case `$am_make -s -f confmf 2> /dev/null` in #( +*the\ am__doit\ target*) + am__include=include + am__quote= + _am_result=GNU + ;; +esac +# Now try BSD make style include. +if test "$am__include" = "#"; then + echo '.include "confinc"' > confmf + case `$am_make -s -f confmf 2> /dev/null` in #( + *the\ am__doit\ target*) + am__include=.include + am__quote="\"" + _am_result=BSD + ;; + esac +fi +AC_SUBST([am__include]) +AC_SUBST([am__quote]) +AC_MSG_RESULT([$_am_result]) +rm -f confinc confmf +]) + +# Copyright (C) 1999, 2000, 2001, 2003, 2004, 2005, 2008 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 6 + # AM_PROG_CC_C_O # -------------- # Like AC_PROG_CC_C_O, but changed for automake. @@ -6744,8 +719,9 @@ AC_REQUIRE_AUX_FILE([compile])dnl # FIXME: we rely on the cache variable name because # there is no other way. set dummy $CC -ac_cc=`echo $[2] | sed ['s/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/']` -if eval "test \"`echo '$ac_cv_prog_cc_'${ac_cc}_c_o`\" != yes"; then +am_cc=`echo $[2] | sed ['s/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/']` +eval am_t=\$ac_cv_prog_cc_${am_cc}_c_o +if test "$am_t" != yes; then # Losing compiler, so override with the script. # FIXME: It is wrong to rewrite CC. # But if we don't then we get into trouble of one sort or another. @@ -6761,14 +737,14 @@ m4_define([AC_PROG_CC], # Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- -# Copyright (C) 1997, 1999, 2000, 2001, 2003, 2004, 2005 +# Copyright (C) 1997, 1999, 2000, 2001, 2003, 2004, 2005, 2008 # Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 5 +# serial 6 # AM_MISSING_PROG(NAME, PROGRAM) # ------------------------------ @@ -6785,7 +761,14 @@ AC_SUBST($1)]) AC_DEFUN([AM_MISSING_HAS_RUN], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl AC_REQUIRE_AUX_FILE([missing])dnl -test x"${MISSING+set}" = xset || MISSING="\${SHELL} $am_aux_dir/missing" +if test x"${MISSING+set}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; + *) + MISSING="\${SHELL} $am_aux_dir/missing" ;; + esac +fi # Use eval to expand $SHELL if eval "$MISSING --run true"; then am_missing_run="$MISSING --run " @@ -6823,13 +806,13 @@ esac # Helper functions for option handling. -*- Autoconf -*- -# Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc. +# Copyright (C) 2001, 2002, 2003, 2005, 2008 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 3 +# serial 4 # _AM_MANGLE_OPTION(NAME) # ----------------------- @@ -6846,7 +829,7 @@ AC_DEFUN([_AM_SET_OPTION], # ---------------------------------- # OPTIONS is a space-separated list of Automake options. AC_DEFUN([_AM_SET_OPTIONS], -[AC_FOREACH([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) +[m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) # _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET]) # ------------------------------------------- @@ -6856,14 +839,14 @@ AC_DEFUN([_AM_IF_OPTION], # Check to make sure that the build environment is sane. -*- Autoconf -*- -# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005 +# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005, 2008 # Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 4 +# serial 5 # AM_SANITY_CHECK # --------------- @@ -6872,16 +855,29 @@ AC_DEFUN([AM_SANITY_CHECK], # Just in case sleep 1 echo timestamp > conftest.file +# Reject unsafe characters in $srcdir or the absolute working directory +# name. Accept space and tab only in the latter. +am_lf=' +' +case `pwd` in + *[[\\\"\#\$\&\'\`$am_lf]]*) + AC_MSG_ERROR([unsafe absolute working directory name]);; +esac +case $srcdir in + *[[\\\"\#\$\&\'\`$am_lf\ \ ]]*) + AC_MSG_ERROR([unsafe srcdir value: `$srcdir']);; +esac + # Do `set' in a subshell so we don't clobber the current shell's # arguments. Must try -L first in case configure is actually a # symlink; some systems play weird games with the mod time of symlinks # (eg FreeBSD returns the mod time of the symlink's containing # directory). if ( - set X `ls -Lt $srcdir/configure conftest.file 2> /dev/null` + set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` if test "$[*]" = "X"; then # -L didn't work. - set X `ls -t $srcdir/configure conftest.file` + set X `ls -t "$srcdir/configure" conftest.file` fi rm -f conftest.file if test "$[*]" != "X $srcdir/configure conftest.file" \ @@ -6934,18 +930,25 @@ fi INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" AC_SUBST([INSTALL_STRIP_PROGRAM])]) -# Copyright (C) 2006 Free Software Foundation, Inc. +# Copyright (C) 2006, 2008 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 2 + # _AM_SUBST_NOTMAKE(VARIABLE) # --------------------------- -# Prevent Automake from outputing VARIABLE = @VARIABLE@ in Makefile.in. +# Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. # This macro is traced by Automake. AC_DEFUN([_AM_SUBST_NOTMAKE]) +# AM_SUBST_NOTMAKE(VARIABLE) +# --------------------------- +# Public sister of _AM_SUBST_NOTMAKE. +AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)]) + # Check how to create a tarball. -*- Autoconf -*- # Copyright (C) 2004, 2005 Free Software Foundation, Inc. @@ -7044,7 +1047,6 @@ AC_SUBST([am__untar]) m4_include([cf/aix.m4]) m4_include([cf/auth-modules.m4]) -m4_include([cf/autobuild.m4]) m4_include([cf/broken-getaddrinfo.m4]) m4_include([cf/broken-glob.m4]) m4_include([cf/broken-realloc.m4]) @@ -7064,6 +1066,7 @@ m4_include([cf/check-xau.m4]) m4_include([cf/crypto.m4]) m4_include([cf/db.m4]) m4_include([cf/destdirs.m4]) +m4_include([cf/dispatch.m4]) m4_include([cf/dlopen.m4]) m4_include([cf/find-func-no-libs.m4]) m4_include([cf/find-func-no-libs2.m4]) @@ -7081,11 +1084,17 @@ m4_include([cf/krb-readline.m4]) m4_include([cf/krb-struct-spwd.m4]) m4_include([cf/krb-struct-winsize.m4]) m4_include([cf/largefile.m4]) +m4_include([cf/libtool.m4]) +m4_include([cf/ltoptions.m4]) +m4_include([cf/ltsugar.m4]) +m4_include([cf/ltversion.m4]) +m4_include([cf/lt~obsolete.m4]) m4_include([cf/mips-abi.m4]) m4_include([cf/misc.m4]) m4_include([cf/need-proto.m4]) m4_include([cf/osfc2.m4]) m4_include([cf/otp.m4]) +m4_include([cf/pkg.m4]) m4_include([cf/proto-compat.m4]) m4_include([cf/pthreads.m4]) m4_include([cf/resolv.m4]) diff --git a/admin/ChangeLog b/admin/ChangeLog index 6587240f60cd..1cdc1536bc8f 100644 --- a/admin/ChangeLog +++ b/admin/ChangeLog @@ -1,10 +1,10 @@ -2006-10-07 Love Hörnquist Åstrand +2006-10-07 Love Hörnquist Ã…strand * Makefile.am: Add man_MANS to EXTRA_DIST * Makefile.am: split build files into dist_ and noinst_ SOURCES -2005-07-07 Love Hörnquist Åstrand +2005-07-07 Love Hörnquist Ã…strand * ktutil.c: rename optind to optidx @@ -18,7 +18,7 @@ shadowing; make a copy of realm and admin_server to avoid un-consting. -2005-05-19 Love Hörnquist Åstrand +2005-05-19 Love Hörnquist Ã…strand * change.c (kt_change): plug memory leak from krb5_kt_remove_entry, print principal on error. @@ -27,11 +27,11 @@ * ktutil.c (help): Don't use non-constant initializer for `fake'. -2005-04-15 Love Hörnquist Åstrand +2005-04-15 Love Hörnquist Ã…strand * ktutil_locl.h: include -2005-04-14 Love Hörnquist Åstrand +2005-04-14 Love Hörnquist Ã…strand * add.c: add option -H --hex to the add command @@ -39,7 +39,7 @@ * ktutil.8: document option -H --hex to the add command -2004-09-29 Love Hörnquist Åstrand +2004-09-29 Love Hörnquist Ã…strand * list.c: un c99'ify, from Anders.Magnusson@ltu.se diff --git a/admin/Makefile.am b/admin/Makefile.am index 8c679e1d4635..7bb5ef505877 100644 --- a/admin/Makefile.am +++ b/admin/Makefile.am @@ -1,11 +1,9 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common AM_CPPFLAGS += $(INCLUDE_readline) $(INCLUDE_hcrypto) -SLC = $(top_builddir)/lib/sl/slc - man_MANS = ktutil.8 sbin_PROGRAMS = ktutil @@ -14,6 +12,7 @@ dist_ktutil_SOURCES = \ add.c \ change.c \ copy.c \ + destroy.c \ get.c \ ktutil.c \ ktutil_locl.h \ @@ -41,4 +40,4 @@ LDADD = \ $(LIB_readline) \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) ktutil-commands.in +EXTRA_DIST = NTMakefile ktutil-version.rc $(man_MANS) ktutil-commands.in diff --git a/admin/Makefile.in b/admin/Makefile.in index b8fc3fd728a7..04e75912c6bc 100644 --- a/admin/Makefile.in +++ b/admin/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,7 +47,7 @@ sbin_PROGRAMS = ktutil$(EXEEXT) subdir = admin ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -60,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -74,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -84,18 +89,19 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)" -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(sbin_PROGRAMS) dist_ktutil_OBJECTS = add.$(OBJEXT) change.$(OBJEXT) copy.$(OBJEXT) \ - get.$(OBJEXT) ktutil.$(OBJEXT) list.$(OBJEXT) purge.$(OBJEXT) \ - remove.$(OBJEXT) rename.$(OBJEXT) + destroy.$(OBJEXT) get.$(OBJEXT) ktutil.$(OBJEXT) \ + list.$(OBJEXT) purge.$(OBJEXT) remove.$(OBJEXT) \ + rename.$(OBJEXT) nodist_ktutil_OBJECTS = ktutil-commands.$(OBJEXT) ktutil_OBJECTS = $(dist_ktutil_OBJECTS) $(nodist_ktutil_OBJECTS) ktutil_LDADD = $(LDADD) @@ -105,9 +111,9 @@ ktutil_DEPENDENCIES = $(top_builddir)/lib/kadm5/libkadm5clnt.la \ $(top_builddir)/lib/asn1/libasn1.la \ $(top_builddir)/lib/sl/libsl.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -119,6 +125,27 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(dist_ktutil_SOURCES) $(nodist_ktutil_SOURCES) DIST_SOURCES = $(dist_ktutil_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man8dir = $(mandir)/man8 MANS = $(man_MANS) ETAGS = etags @@ -128,49 +155,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -194,10 +230,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -214,6 +251,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -229,31 +268,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -268,10 +321,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -312,37 +367,41 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_readline) $(INCLUDE_hcrypto) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_readline) $(INCLUDE_hcrypto) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SLC = $(top_builddir)/lib/sl/slc man_MANS = ktutil.8 dist_ktutil_SOURCES = \ add.c \ change.c \ copy.c \ + destroy.c \ get.c \ ktutil.c \ ktutil_locl.h \ @@ -364,23 +423,23 @@ LDADD = \ $(LIB_readline) \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) ktutil-commands.in +EXTRA_DIST = NTMakefile ktutil-version.rc $(man_MANS) ktutil-commands.in all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps admin/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps admin/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign admin/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign admin/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -398,34 +457,50 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-sbinPROGRAMS: $(sbin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(sbindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(sbindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-sbinPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done + @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(sbindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(sbindir)" && rm -f $$files clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(sbin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list ktutil$(EXEEXT): $(ktutil_OBJECTS) $(ktutil_DEPENDENCIES) @rm -f ktutil$(EXEEXT) $(LINK) $(ktutil_OBJECTS) $(ktutil_LDADD) $(LIBS) @@ -436,115 +511,149 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/add.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/change.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/copy.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/destroy.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/get.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ktutil-commands.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ktutil.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/list.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/purge.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/remove.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rename.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) +install-man8: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + uninstall-man8: @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -560,13 +669,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -602,6 +715,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -612,6 +726,7 @@ clean-am: clean-generic clean-libtool clean-sbinPROGRAMS \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -622,6 +737,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -629,26 +746,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-sbinPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -668,11 +794,10 @@ ps-am: uninstall-am: uninstall-man uninstall-sbinPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man8 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-generic clean-libtool clean-sbinPROGRAMS ctags \ @@ -759,6 +884,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -844,7 +972,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -862,6 +990,7 @@ $(ktutil_OBJECTS): ktutil-commands.h ktutil-commands.c ktutil-commands.h: ktutil-commands.in $(SLC) $(srcdir)/ktutil-commands.in + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/admin/NTMakefile b/admin/NTMakefile new file mode 100644 index 000000000000..06f90c9fdbf8 --- /dev/null +++ b/admin/NTMakefile @@ -0,0 +1,74 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=admin +cincdirs=$(cincdirs) -I$(OBJ) +!include ../windows/NTMakefile.w32 + +SBINPROGRAMS=$(SBINDIR)\ktutil.exe + +KTUTIL_OBJS= \ + $(OBJ)\add.obj \ + $(OBJ)\change.obj \ + $(OBJ)\copy.obj \ + $(OBJ)\destroy.obj \ + $(OBJ)\get.obj \ + $(OBJ)\ktutil.obj \ + $(OBJ)\ktutil-commands.obj \ + $(OBJ)\list.obj \ + $(OBJ)\purge.obj \ + $(OBJ)\remove.obj \ + $(OBJ)\rename.obj + +KTUTIL_LIBS= \ + $(LIBHEIMDAL) \ + $(LIBKADM5SRV) \ + $(LIBSL) \ + $(LIBROKEN) \ + $(LIBVERS) + +$(SBINDIR)\ktutil.exe: $(KTUTIL_OBJS) $(KTUTIL_LIBS) $(OBJ)\ktutil-version.res + $(EXECONLINK) + $(EXEPREP) + +$(OBJ)\ktutil-commands.c $(OBJ)\ktutil-commands.h: ktutil-commands.in + cd $(OBJ) + $(CP) $(SRCDIR)\ktutil-commands.in $(OBJ) + $(BINDIR)\slc.exe ktutil-commands.in + cd $(SRCDIR) + +INCFILES=\ + $(OBJ)\ktutil-commands.h + +all:: $(INCFILES) $(SBINPROGRAMS) + +clean:: + -$(RM) $(SBINPROGRAMS:.exe=.*) diff --git a/admin/add.c b/admin/add.c index 1c2032095149..3e8be9a8c404 100644 --- a/admin/add.c +++ b/admin/add.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "ktutil_locl.h" -RCSID("$Id: add.c 14793 2005-04-14 16:45:14Z lha $"); +RCSID("$Id$"); static char * readstring(const char *prompt, char *buf, size_t len) @@ -104,7 +104,7 @@ kt_add(struct add_options *opt, int argc, char **argv) if (opt->hex_flag) { size_t len; void *data; - + len = (strlen(opt->password_string) + 1) / 2; data = malloc(len); @@ -113,13 +113,13 @@ kt_add(struct add_options *opt, int argc, char **argv) goto out; } - if (hex_decode(opt->password_string, data, len) != len) { + if ((size_t)hex_decode(opt->password_string, data, len) != len) { free(data); krb5_warn(context, ENOMEM, "hex decode failed"); goto out; } - ret = krb5_keyblock_init(context, enctype, + ret = krb5_keyblock_init(context, enctype, data, len, &entry.keyblock); free(data); } else if (!opt->salt_flag) { @@ -134,7 +134,7 @@ kt_add(struct add_options *opt, int argc, char **argv) ret = krb5_string_to_key_data_salt(context, enctype, pw, salt, &entry.keyblock); } else { - ret = krb5_string_to_key(context, enctype, opt->password_string, + ret = krb5_string_to_key(context, enctype, opt->password_string, entry.principal, &entry.keyblock); } memset (opt->password_string, 0, strlen(opt->password_string)); diff --git a/admin/change.c b/admin/change.c index 01f69c41574c..c390441f23dc 100644 --- a/admin/change.c +++ b/admin/change.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "ktutil_locl.h" -RCSID("$Id: change.c 15578 2005-07-07 20:44:48Z lha $"); +RCSID("$Id$"); static krb5_error_code change_entry (krb5_keytab keytab, @@ -61,19 +61,19 @@ change_entry (krb5_keytab keytab, conf.realm = strdup(realm); if (conf.realm == NULL) { free (client_name); - krb5_set_error_string(context, "malloc failed"); + krb5_set_error_message(context, ENOMEM, "malloc failed"); return ENOMEM; } conf.mask |= KADM5_CONFIG_REALM; - + if (admin_server) { conf.admin_server = strdup(admin_server); if (conf.admin_server == NULL) { free(client_name); free(conf.realm); - krb5_set_error_string(context, "malloc failed"); + krb5_set_error_message(context, ENOMEM, "malloc failed"); return ENOMEM; - } + } conf.mask |= KADM5_CONFIG_ADMIN_SERVER; } @@ -140,7 +140,7 @@ kt_change (struct change_options *opt, int argc, char **argv) int i, j, max; struct change_set *changeset; int errors = 0; - + if((keytab = ktutil_open_keytab()) == NULL) return 1; @@ -222,20 +222,20 @@ kt_change (struct change_options *opt, int argc, char **argv) if (verbose_flag) { char *client_name; - ret = krb5_unparse_name (context, changeset[i].principal, + ret = krb5_unparse_name (context, changeset[i].principal, &client_name); if (ret) { krb5_warn (context, ret, "krb5_unparse_name"); } else { - printf("Changing %s kvno %d\n", + printf("Changing %s kvno %d\n", client_name, changeset[i].kvno); free(client_name); } } - ret = change_entry (keytab, + ret = change_entry (keytab, changeset[i].principal, changeset[i].kvno, - opt->realm_string, - opt->admin_server_string, + opt->realm_string, + opt->admin_server_string, opt->server_port_integer); if (ret != 0) errors = 1; diff --git a/admin/copy.c b/admin/copy.c index 83b65b61a0a3..7b50de1c3cb2 100644 --- a/admin/copy.c +++ b/admin/copy.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "ktutil_locl.h" -RCSID("$Id: copy.c 14260 2004-09-23 14:45:29Z joda $"); +RCSID("$Id$"); static krb5_boolean @@ -46,13 +46,15 @@ compare_keyblock(const krb5_keyblock *a, const krb5_keyblock *b) return TRUE; } -static int -kt_copy_int (const char *from, const char *to) +int +kt_copy (void *opt, int argc, char **argv) { krb5_error_code ret; krb5_keytab src_keytab, dst_keytab; krb5_kt_cursor cursor; krb5_keytab_entry entry, dummy; + const char *from = argv[0]; + const char *to = argv[1]; ret = krb5_kt_resolve (context, from, &src_keytab); if (ret) { @@ -90,9 +92,9 @@ kt_copy_int (const char *from, const char *to) krb5_warn(context, ret, "krb5_enctype_to_string"); etype_str = NULL; /* XXX */ } - ret = krb5_kt_get_entry(context, dst_keytab, - entry.principal, - entry.vno, + ret = krb5_kt_get_entry(context, dst_keytab, + entry.principal, + entry.vno, entry.keyblock.keytype, &dummy); if(ret == 0) { @@ -101,7 +103,7 @@ kt_copy_int (const char *from, const char *to) is weird, so complain about that */ if(!compare_keyblock(&entry.keyblock, &dummy.keyblock)) { krb5_warnx(context, "entry with different keyvalue " - "already exists for %s, keytype %s, kvno %d", + "already exists for %s, keytype %s, kvno %d", name_str, etype_str, entry.vno); } krb5_kt_free_entry(context, &dummy); @@ -110,7 +112,7 @@ kt_copy_int (const char *from, const char *to) free(etype_str); continue; } else if(ret != KRB5_KT_NOTFOUND) { - krb5_warn (context, ret, "%s: fetching %s/%s/%u", + krb5_warn (context, ret, "%s: fetching %s/%s/%u", to, name_str, etype_str, entry.vno); krb5_kt_free_entry (context, &entry); free(name_str); @@ -118,12 +120,12 @@ kt_copy_int (const char *from, const char *to) break; } if (verbose_flag) - fprintf (stderr, "copying %s, keytype %s, kvno %d\n", name_str, + fprintf (stderr, "copying %s, keytype %s, kvno %d\n", name_str, etype_str, entry.vno); ret = krb5_kt_add_entry (context, dst_keytab, &entry); krb5_kt_free_entry (context, &entry); if (ret) { - krb5_warn (context, ret, "%s: adding %s/%s/%u", + krb5_warn (context, ret, "%s: adding %s/%s/%u", to, name_str, etype_str, entry.vno); free(name_str); free(etype_str); @@ -139,37 +141,3 @@ kt_copy_int (const char *from, const char *to) krb5_kt_close (context, dst_keytab); return ret != 0; } - -int -kt_copy (void *opt, int argc, char **argv) -{ - return kt_copy_int(argv[0], argv[1]); -} - -int -srvconv(struct srvconvert_options *opt, int argc, char **argv) -{ - char kt4[1024], kt5[1024]; - - snprintf(kt4, sizeof(kt4), "krb4:%s", opt->srvtab_string); - - if(keytab_string != NULL) - return kt_copy_int(kt4, keytab_string); - - krb5_kt_default_modify_name(context, kt5, sizeof(kt5)); - return kt_copy_int(kt4, kt5); -} - -int -srvcreate(struct srvcreate_options *opt, int argc, char **argv) -{ - char kt4[1024], kt5[1024]; - - snprintf(kt4, sizeof(kt4), "krb4:%s", opt->srvtab_string); - - if(keytab_string != NULL) - return kt_copy_int(keytab_string, kt4); - - krb5_kt_default_name(context, kt5, sizeof(kt5)); - return kt_copy_int(kt5, kt4); -} diff --git a/admin/destroy.c b/admin/destroy.c new file mode 100644 index 000000000000..0e989d904fd0 --- /dev/null +++ b/admin/destroy.c @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "ktutil_locl.h" + +int +kt_destroy (void *opt, int argc, char **argv) +{ + krb5_error_code ret; + krb5_keytab keytab; + + if((keytab = ktutil_open_keytab()) == NULL) + return 1; + + ret = krb5_kt_destroy (context, keytab); + if (ret) { + krb5_warn (context, ret, "destroy keytab failed"); + return 1; + } + + return 0; +} diff --git a/admin/get.c b/admin/get.c index 7ad1fc4bc13f..df294324bccf 100644 --- a/admin/get.c +++ b/admin/get.c @@ -1,44 +1,44 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "ktutil_locl.h" -RCSID("$Id: get.c 15583 2005-07-07 21:44:37Z lha $"); +RCSID("$Id$"); static void* open_kadmin_connection(char *principal, - const char *realm, - char *admin_server, + const char *realm, + char *admin_server, int server_port) { static kadm5_config_params conf; @@ -49,12 +49,12 @@ open_kadmin_connection(char *principal, if(realm) { conf.realm = strdup(realm); if (conf.realm == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, 0, "malloc: out of memory"); return NULL; } conf.mask |= KADM5_CONFIG_REALM; } - + if (admin_server) { conf.admin_server = admin_server; conf.mask |= KADM5_CONFIG_ADMIN_SERVER; @@ -68,11 +68,11 @@ open_kadmin_connection(char *principal, /* should get realm from each principal, instead of doing everything with the same (local) realm */ - ret = kadm5_init_with_password_ctx(context, + ret = kadm5_init_with_password_ctx(context, principal, NULL, KADM5_ADMIN_SERVICE, - &conf, 0, 0, + &conf, 0, 0, &kadm_handle); free(conf.realm); if(ret) { @@ -90,9 +90,10 @@ kt_get(struct get_options *opt, int argc, char **argv) void *kadm_handle = NULL; krb5_enctype *etypes = NULL; size_t netypes = 0; - int i, j; + size_t i; + int a, j; unsigned int failed = 0; - + if((keytab = ktutil_open_keytab()) == NULL) return 1; @@ -108,8 +109,8 @@ kt_get(struct get_options *opt, int argc, char **argv) } netypes = opt->enctypes_strings.num_strings; for(i = 0; i < netypes; i++) { - ret = krb5_string_to_enctype(context, - opt->enctypes_strings.strings[i], + ret = krb5_string_to_enctype(context, + opt->enctypes_strings.strings[i], &etypes[i]); if(ret) { krb5_warnx(context, "unrecognized enctype: %s", @@ -119,8 +120,8 @@ kt_get(struct get_options *opt, int argc, char **argv) } } - - for(i = 0; i < argc; i++){ + + for(a = 0; a < argc; a++){ krb5_principal princ_ent; kadm5_principal_ent_rec princ; int mask = 0; @@ -129,9 +130,9 @@ kt_get(struct get_options *opt, int argc, char **argv) int created = 0; krb5_keytab_entry entry; - ret = krb5_parse_name(context, argv[i], &princ_ent); + ret = krb5_parse_name(context, argv[a], &princ_ent); if (ret) { - krb5_warn(context, ret, "can't parse principal %s", argv[i]); + krb5_warn(context, ret, "can't parse principal %s", argv[a]); failed++; continue; } @@ -149,35 +150,35 @@ kt_get(struct get_options *opt, int argc, char **argv) r = opt->realm_string; else r = krb5_principal_get_realm(context, princ_ent); - kadm_handle = open_kadmin_connection(opt->principal_string, - r, - opt->admin_server_string, + kadm_handle = open_kadmin_connection(opt->principal_string, + r, + opt->admin_server_string, opt->server_port_integer); if(kadm_handle == NULL) break; } - + ret = kadm5_create_principal(kadm_handle, &princ, mask, "x"); if(ret == 0) created = 1; else if(ret != KADM5_DUP) { - krb5_warn(context, ret, "kadm5_create_principal(%s)", argv[i]); + krb5_warn(context, ret, "kadm5_create_principal(%s)", argv[a]); krb5_free_principal(context, princ_ent); failed++; continue; } ret = kadm5_randkey_principal(kadm_handle, princ_ent, &keys, &n_keys); if (ret) { - krb5_warn(context, ret, "kadm5_randkey_principal(%s)", argv[i]); + krb5_warn(context, ret, "kadm5_randkey_principal(%s)", argv[a]); krb5_free_principal(context, princ_ent); failed++; continue; } - - ret = kadm5_get_principal(kadm_handle, princ_ent, &princ, + + ret = kadm5_get_principal(kadm_handle, princ_ent, &princ, KADM5_PRINCIPAL | KADM5_KVNO | KADM5_ATTRIBUTES); if (ret) { - krb5_warn(context, ret, "kadm5_get_principal(%s)", argv[i]); + krb5_warn(context, ret, "kadm5_get_principal(%s)", argv[a]); for (j = 0; j < n_keys; j++) krb5_free_keyblock_contents(context, &keys[j]); krb5_free_principal(context, princ_ent); @@ -185,7 +186,7 @@ kt_get(struct get_options *opt, int argc, char **argv) continue; } if(!created && (princ.attributes & KRB5_KDB_DISALLOW_ALL_TIX)) - krb5_warnx(context, "%s: disallow-all-tix flag set - clearing", argv[i]); + krb5_warnx(context, "%s: disallow-all-tix flag set - clearing", argv[a]); princ.attributes &= (~KRB5_KDB_DISALLOW_ALL_TIX); mask = KADM5_ATTRIBUTES; if(created) { @@ -194,7 +195,7 @@ kt_get(struct get_options *opt, int argc, char **argv) } ret = kadm5_modify_principal(kadm_handle, &princ, mask); if (ret) { - krb5_warn(context, ret, "kadm5_modify_principal(%s)", argv[i]); + krb5_warn(context, ret, "kadm5_modify_principal(%s)", argv[a]); for (j = 0; j < n_keys; j++) krb5_free_keyblock_contents(context, &keys[j]); krb5_free_principal(context, princ_ent); @@ -205,7 +206,7 @@ kt_get(struct get_options *opt, int argc, char **argv) int do_add = TRUE; if (netypes) { - int k; + size_t k; do_add = FALSE; for (k = 0; k < netypes; ++k) @@ -225,7 +226,7 @@ kt_get(struct get_options *opt, int argc, char **argv) } krb5_free_keyblock_contents(context, &keys[j]); } - + kadm5_free_principal_ent(kadm_handle, &princ); krb5_free_principal(context, princ_ent); } diff --git a/admin/ktutil-commands.in b/admin/ktutil-commands.in index fc5d1bf2e159..dffcb8c2dd16 100644 --- a/admin/ktutil-commands.in +++ b/admin/ktutil-commands.in @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan + * Copyright (c) 2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -30,7 +30,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ -/* $Id: ktutil-commands.in 14793 2005-04-14 16:45:14Z lha $ */ +/* $Id$ */ command = { name = "add" @@ -227,36 +227,17 @@ command = { min_args = "2" max_args = "2" help = "Renames an entry in the keytab." + option = { + long = "delete" + type = "-flag" + help = "don't delete orignal entry" + } } command = { - name = "srvconvert" - name = "srv2keytab" - option = { - long = "srvtab" - short = "s" - type = "string" - argument = "file" - help = "name of Kerberos 4 srvtab" - default = "/etc/srvtab" - } + name = "destroy" + function = "kt_destroy" max_args = "0" - function = "srvconv" - help = "Convert a Kerberos 4 srvtab to a keytab." -} -command = { - name = "srvcreate" - name = "key2srvtab" - option = { - long = "srvtab" - short = "s" - type = "string" - argument = "file" - help = "name of Kerberos 4 srvtab" - default = "/etc/srvtab" - } - max_args = "0" - function = "srvcreate" - help = "Convert a keytab to a Kerberos 4 srvtab." + help = "Destroy (remove) the keytab." } command = { name = "help" diff --git a/admin/ktutil-version.rc b/admin/ktutil-version.rc new file mode 100644 index 000000000000..e0e91c5ce2cd --- /dev/null +++ b/admin/ktutil-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Kerberos Keytab Tool" +#define RC_FILE_ORIG_0409 "ktutil.exe" + +#include "../windows/version.rc" diff --git a/admin/ktutil.8 b/admin/ktutil.8 index 15523b433721..72a6c8172506 100644 --- a/admin/ktutil.8 +++ b/admin/ktutil.8 @@ -1,35 +1,35 @@ -.\" Copyright (c) 1997-2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 1997-2004 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: ktutil.8 14792 2005-04-14 16:43:57Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd April 14, 2005 .Dt KTUTIL 8 @@ -40,12 +40,12 @@ .Sh SYNOPSIS .Nm .Oo Fl k Ar keytab \*(Ba Xo -.Fl -keytab= Ns Ar keytab +.Fl Fl keytab= Ns Ar keytab .Xc .Oc -.Op Fl v | Fl -verbose -.Op Fl -version -.Op Fl h | Fl -help +.Op Fl v | Fl Fl verbose +.Op Fl Fl version +.Op Fl h | Fl Fl help .Ar command .Op Ar args .Sh DESCRIPTION @@ -53,72 +53,43 @@ is a program for managing keytabs. Supported options: .Bl -tag -width Ds -.It Xo -.Fl v , -.Fl -verbose -.Xc +.It Fl v , Fl Fl verbose Verbose output. .El .Pp .Ar command can be one of the following: .Bl -tag -width srvconvert -.It add Xo -.Op Fl p Ar principal -.Op Fl -principal= Ns Ar principal -.Op Fl V Ar kvno -.Op Fl -kvno= Ns Ar kvno -.Op Fl e Ar enctype -.Op Fl -enctype= Ns Ar enctype -.Op Fl w Ar password -.Op Fl -password= Ns Ar password -.Op Fl r -.Op Fl -random -.Op Fl s -.Op Fl -no-salt -.Op Fl H -.Op Fl -hex -.Xc +.It add Oo Fl p Ar principal Oc Oo Fl Fl principal= Ns Ar principal Oc \ +Oo Fl V Ar kvno Oc Oo Fl Fl kvno= Ns Ar kvno Oc Oo Fl e Ar enctype Oc \ +Oo Fl Fl enctype= Ns Ar enctype Oc Oo Fl w Ar password Oc \ +Oo Fl Fl password= Ns Ar password Oc Oo Fl r Oc Oo Fl Fl random Oc \ +Oo Fl s Oc Oo Fl Fl no-salt Oc Oo Fl H Oc Op Fl Fl hex Adds a key to the keytab. Options that are not specified will be prompted for. This requires that you know the password or the hex key of the principal to add; if what you really want is to add a new principal to the keytab, you should consider the .Ar get command, which talks to the kadmin server. -.It change Xo -.Op Fl r Ar realm -.Op Fl -realm= Ns Ar realm -.Op Fl -a Ar host -.Op Fl -admin-server= Ns Ar host -.Op Fl -s Ar port -.Op Fl -server-port= Ns Ar port -.Xc +.It change Oo Fl r Ar realm Oc Oo Fl Fl realm= Ns Ar realm Oc \ +Oo Fl Fl a Ar host Oc Oo Fl Fl admin-server= Ns Ar host Oc \ +Oo Fl Fl s Ar port Oc Op Fl Fl server-port= Ns Ar port Update one or several keys to new versions. By default, use the admin server for the realm of a keytab entry. Otherwise it will use the values specified by the options. .Pp If no principals are given, all the ones in the keytab are updated. -.It copy Xo -.Ar keytab-src -.Ar keytab-dest -.Xc +.It copy Ar keytab-src Ar keytab-dest Copies all the entries from .Ar keytab-src to .Ar keytab-dest . -.It get Xo -.Op Fl p Ar admin principal -.Op Fl -principal= Ns Ar admin principal -.Op Fl e Ar enctype -.Op Fl -enctypes= Ns Ar enctype -.Op Fl r Ar realm -.Op Fl -realm= Ns Ar realm -.Op Fl a Ar admin server -.Op Fl -admin-server= Ns Ar admin server -.Op Fl s Ar server port -.Op Fl -server-port= Ns Ar server port -.Ar principal ... -.Xc +.It get Oo Fl p Ar admin principal Oc \ +Oo Fl Fl principal= Ns Ar admin principal Oc Oo Fl e Ar enctype Oc \ +Oo Fl Fl enctypes= Ns Ar enctype Oc Oo Fl r Ar realm Oc \ +Oo Fl Fl realm= Ns Ar realm Oc Oo Fl a Ar admin server Oc \ +Oo Fl Fl admin-server= Ns Ar admin server Oc Oo Fl s Ar server port Oc \ +Oo Fl Fl server-port= Ns Ar server port Oc Ar principal ... For each .Ar principal , generate a new key for it (creating it if it doesn't already exist), @@ -128,69 +99,26 @@ If no .Ar realm is specified, the realm to operate on is taken from the first principal. -.It list Xo -.Op Fl -keys -.Op Fl -timestamp -.Xc +.It list Oo Fl Fl keys Oc Op Fl Fl timestamp List the keys stored in the keytab. -.It remove Xo -.Op Fl p Ar principal -.Op Fl -principal= Ns Ar principal -.Op Fl V kvno -.Op Fl -kvno= Ns Ar kvno -.Op Fl e enctype -.Op Fl -enctype= Ns Ar enctype -.Xc +.It remove Oo Fl p Ar principal Oc Oo Fl Fl principal= Ns Ar principal Oc \ +Oo Fl V kvno Oc Oo Fl Fl kvno= Ns Ar kvno Oc Oo Fl e enctype Oc \ +Oo Fl Fl enctype= Ns Ar enctype Oc Removes the specified key or keys. Not specifying a .Ar kvno removes keys with any version number. Not specifying an .Ar enctype removes keys of any type. -.It rename Xo -.Ar from-principal -.Ar to-principal -.Xc +.It rename Ar from-principal Ar to-principal Renames all entries in the keytab that match the .Ar from-principal to .Ar to-principal . -.It purge Xo -.Op Fl -age= Ns Ar age -.Xc +.It purge Op Fl Fl age= Ns Ar age Removes all old versions of a key for which there is a newer version that is at least .Ar age (default one week) old. -.It srvconvert -.It srv2keytab Xo -.Op Fl s Ar srvtab -.Op Fl -srvtab= Ns Ar srvtab -.Xc -Converts the version 4 srvtab in -.Ar srvtab -to a version 5 keytab and stores it in -.Ar keytab . -Identical to: -.Bd -ragged -offset indent -.Li ktutil copy -.Li krb4: Ns Ar srvtab -.Ar keytab -.Ed -.It srvcreate -.It key2srvtab Xo -.Op Fl s Ar srvtab -.Op Fl -srvtab= Ns Ar srvtab -.Xc -Converts the version 5 keytab in -.Ar keytab -to a version 4 srvtab and stores it in -.Ar srvtab . -Identical to: -.Bd -ragged -offset indent -.Li ktutil copy -.Ar keytab -.Li krb4: Ns Ar srvtab -.Ed .El .Sh SEE ALSO .Xr kadmin 8 diff --git a/admin/ktutil.c b/admin/ktutil.c index dfcbbfd401fe..27d0d5870238 100644 --- a/admin/ktutil.c +++ b/admin/ktutil.c @@ -1,71 +1,71 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "ktutil_locl.h" #include -RCSID("$Id: ktutil.c 15585 2005-07-07 21:52:04Z lha $"); +RCSID("$Id$"); static int help_flag; static int version_flag; int verbose_flag; -char *keytab_string; +char *keytab_string; static char keytab_buf[256]; static struct getargs args[] = { - { + { "version", 0, arg_flag, &version_flag, NULL, - NULL - }, - { - "help", - 'h', - arg_flag, - &help_flag, - NULL, NULL }, - { - "keytab", - 'k', - arg_string, - &keytab_string, - "keytab", - "keytab to operate on" + { + "help", + 'h', + arg_flag, + &help_flag, + NULL, + NULL + }, + { + "keytab", + 'k', + arg_string, + &keytab_string, + "keytab", + "keytab to operate on" }, { "verbose", @@ -101,7 +101,7 @@ ktutil_open_keytab(void) } if (verbose_flag) fprintf (stderr, "Using keytab %s\n", keytab_string); - + return keytab; } @@ -118,8 +118,11 @@ help(void *opt, int argc, char **argv) argv[0]); } else { if(c->func) { - char *fake[] = { NULL, "--help", NULL }; + char shelp[] = "--help"; + char *fake[3]; fake[0] = argv[0]; + fake[1] = shelp; + fake[2] = NULL; (*c->func)(2, fake); fprintf(stderr, "\n"); } diff --git a/admin/ktutil.cat8 b/admin/ktutil.cat8 new file mode 100644 index 000000000000..0dd9b6150476 --- /dev/null +++ b/admin/ktutil.cat8 @@ -0,0 +1,71 @@ + +KTUTIL(8) BSD System Manager's Manual KTUTIL(8) + +NNAAMMEE + kkttuuttiill -- manage Kerberos keytabs + +SSYYNNOOPPSSIISS + kkttuuttiill [--kk _k_e_y_t_a_b | ----kkeeyyttaabb==_k_e_y_t_a_b] [--vv | ----vveerrbboossee] [----vveerrssiioonn] + [--hh | ----hheellpp] _c_o_m_m_a_n_d [_a_r_g_s] + +DDEESSCCRRIIPPTTIIOONN + kkttuuttiill is a program for managing keytabs. Supported options: + + --vv, ----vveerrbboossee + Verbose output. + + _c_o_m_m_a_n_d can be one of the following: + + add [--pp _p_r_i_n_c_i_p_a_l] [----pprriinncciippaall==_p_r_i_n_c_i_p_a_l] [--VV _k_v_n_o] [----kkvvnnoo==_k_v_n_o] [--ee + _e_n_c_t_y_p_e] [----eennccttyyppee==_e_n_c_t_y_p_e] [--ww _p_a_s_s_w_o_r_d] + [----ppaasssswwoorrdd==_p_a_s_s_w_o_r_d] [--rr] [----rraannddoomm] [--ss] [----nnoo--ssaalltt] [--HH] + [----hheexx] + Adds a key to the keytab. Options that are not specified will + be prompted for. This requires that you know the password or + the hex key of the principal to add; if what you really want + is to add a new principal to the keytab, you should consider + the _g_e_t command, which talks to the kadmin server. + + change [--rr _r_e_a_l_m] [----rreeaallmm==_r_e_a_l_m] [----aa _h_o_s_t] [----aaddmmiinn--sseerrvveerr==_h_o_s_t] [----ss + _p_o_r_t] [----sseerrvveerr--ppoorrtt==_p_o_r_t] + Update one or several keys to new versions. By default, use + the admin server for the realm of a keytab entry. Otherwise + it will use the values specified by the options. + + If no principals are given, all the ones in the keytab are + updated. + + copy _k_e_y_t_a_b_-_s_r_c _k_e_y_t_a_b_-_d_e_s_t + Copies all the entries from _k_e_y_t_a_b_-_s_r_c to _k_e_y_t_a_b_-_d_e_s_t. + + get [--pp _a_d_m_i_n _p_r_i_n_c_i_p_a_l] [----pprriinncciippaall==_a_d_m_i_n _p_r_i_n_c_i_p_a_l] [--ee _e_n_c_t_y_p_e] + [----eennccttyyppeess==_e_n_c_t_y_p_e] [--rr _r_e_a_l_m] [----rreeaallmm==_r_e_a_l_m] [--aa _a_d_m_i_n + _s_e_r_v_e_r] [----aaddmmiinn--sseerrvveerr==_a_d_m_i_n _s_e_r_v_e_r] [--ss _s_e_r_v_e_r _p_o_r_t] + [----sseerrvveerr--ppoorrtt==_s_e_r_v_e_r _p_o_r_t] _p_r_i_n_c_i_p_a_l _._._. + For each _p_r_i_n_c_i_p_a_l, generate a new key for it (creating it if + it doesn't already exist), and put that key in the keytab. + + If no _r_e_a_l_m is specified, the realm to operate on is taken + from the first principal. + + list [----kkeeyyss] [----ttiimmeessttaammpp] + List the keys stored in the keytab. + + remove [--pp _p_r_i_n_c_i_p_a_l] [----pprriinncciippaall==_p_r_i_n_c_i_p_a_l] [--VV --kkvvnnoo] [----kkvvnnoo==_k_v_n_o] + [--ee --eennccttyyppee] [----eennccttyyppee==_e_n_c_t_y_p_e] + Removes the specified key or keys. Not specifying a _k_v_n_o + removes keys with any version number. Not specifying an + _e_n_c_t_y_p_e removes keys of any type. + + rename _f_r_o_m_-_p_r_i_n_c_i_p_a_l _t_o_-_p_r_i_n_c_i_p_a_l + Renames all entries in the keytab that match the + _f_r_o_m_-_p_r_i_n_c_i_p_a_l to _t_o_-_p_r_i_n_c_i_p_a_l. + + purge [----aaggee==_a_g_e] + Removes all old versions of a key for which there is a newer + version that is at least _a_g_e (default one week) old. + +SSEEEE AALLSSOO + kadmin(8) + +HEIMDAL April 14, 2005 HEIMDAL diff --git a/admin/ktutil_locl.h b/admin/ktutil_locl.h index 676f27b5f377..9ecee3199be9 100644 --- a/admin/ktutil_locl.h +++ b/admin/ktutil_locl.h @@ -1,46 +1,45 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* - * $Id: ktutil_locl.h 14799 2005-04-15 05:02:39Z lha $ +/* + * $Id$ */ #ifndef __KTUTIL_LOCL_H__ #define __KTUTIL_LOCL_H__ -#ifdef HAVE_CONFIG_H #include -#endif + #include #include #include @@ -66,7 +65,7 @@ extern krb5_context context; extern int verbose_flag; -extern char *keytab_string; +extern char *keytab_string; krb5_keytab ktutil_open_keytab(void); diff --git a/admin/list.c b/admin/list.c index f305ab3a8036..5491aaa1a534 100644 --- a/admin/list.c +++ b/admin/list.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "ktutil_locl.h" #include -RCSID("$Id: list.c 21745 2007-07-31 16:11:25Z lha $"); +RCSID("$Id$"); static int do_list(struct list_options *opt, const char *keytab_str) @@ -51,7 +51,7 @@ do_list(struct list_options *opt, const char *keytab_str) char buf[1024]; keytab_str += 4; ret = 0; - while (strsep_copy((const char**)&keytab_str, ",", + while (strsep_copy((const char**)&keytab_str, ",", buf, sizeof(buf)) != -1) { if(flag) printf("\n"); @@ -76,7 +76,7 @@ do_list(struct list_options *opt, const char *keytab_str) } printf ("%s:\n\n", keytab_str); - + table = rtbl_create(); rtbl_add_column_by_id(table, 0, "Vno", RTBL_ALIGN_RIGHT); rtbl_add_column_by_id(table, 1, "Type", 0); @@ -85,15 +85,16 @@ do_list(struct list_options *opt, const char *keytab_str) rtbl_add_column_by_id(table, 3, "Date", 0); if(opt->keys_flag) rtbl_add_column_by_id(table, 4, "Key", 0); + rtbl_add_column_by_id(table, 5, "Aliases", 0); rtbl_set_separator(table, " "); - while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0){ + while(krb5_kt_next_entry(context, keytab, &entry, &cursor) == 0){ char buf[1024], *s; snprintf(buf, sizeof(buf), "%d", entry.vno); rtbl_add_column_entry_by_id(table, 0, buf); - ret = krb5_enctype_to_string(context, + ret = krb5_enctype_to_string(context, entry.keyblock.keytype, &s); if (ret != 0) { snprintf(buf, sizeof(buf), "unknown (%d)", entry.keyblock.keytype); @@ -107,12 +108,12 @@ do_list(struct list_options *opt, const char *keytab_str) rtbl_add_column_entry_by_id(table, 2, buf); if (opt->timestamp_flag) { - krb5_format_time(context, entry.timestamp, buf, + krb5_format_time(context, entry.timestamp, buf, sizeof(buf), FALSE); rtbl_add_column_entry_by_id(table, 3, buf); } if(opt->keys_flag) { - int i; + size_t i; s = malloc(2 * entry.keyblock.keyvalue.length + 1); if (s == NULL) { krb5_warnx(context, "malloc failed"); @@ -120,11 +121,24 @@ do_list(struct list_options *opt, const char *keytab_str) goto out; } for(i = 0; i < entry.keyblock.keyvalue.length; i++) - snprintf(s + 2 * i, 3, "%02x", + snprintf(s + 2 * i, 3, "%02x", ((unsigned char*)entry.keyblock.keyvalue.data)[i]); rtbl_add_column_entry_by_id(table, 4, s); free(s); } + if (entry.aliases) { + unsigned int i; + struct rk_strpool *p = NULL; + + for (i = 0; i< entry.aliases->len; i++) { + krb5_unparse_name_fixed(context, entry.principal, buf, sizeof(buf)); + rk_strpoolprintf(p, "%s%s", buf, + i + 1 < entry.aliases->len ? ", " : ""); + + } + rtbl_add_column_entry_by_id(table, 5, rk_strpoolcollect(p)); + } + krb5_kt_free_entry(context, &entry); } ret = krb5_kt_end_seq_get(context, keytab, &cursor); diff --git a/admin/purge.c b/admin/purge.c index e928c3e22d57..b4667b383441 100644 --- a/admin/purge.c +++ b/admin/purge.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "ktutil_locl.h" -RCSID("$Id: purge.c 14261 2004-09-23 14:46:43Z joda $"); +RCSID("$Id$"); /* * keep track of the highest version for every principal. @@ -125,11 +125,11 @@ kt_purge(struct purge_options *opt, int argc, char **argv) goto out; } - while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0) { + while(krb5_kt_next_entry(context, keytab, &entry, &cursor) == 0) { add_entry (entry.principal, entry.vno, entry.timestamp, &head); krb5_kt_free_entry(context, &entry); } - ret = krb5_kt_end_seq_get(context, keytab, &cursor); + krb5_kt_end_seq_get(context, keytab, &cursor); judgement_day = time (NULL); @@ -139,7 +139,7 @@ kt_purge(struct purge_options *opt, int argc, char **argv) goto out; } - while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0) { + while(krb5_kt_next_entry(context, keytab, &entry, &cursor) == 0) { struct e *e = get_entry (entry.principal, head); if (e == NULL) { diff --git a/admin/remove.c b/admin/remove.c index 15f88cfee663..7c30d8873056 100644 --- a/admin/remove.c +++ b/admin/remove.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "ktutil_locl.h" -RCSID("$Id: remove.c 17004 2006-04-07 13:06:37Z lha $"); +RCSID("$Id$"); int kt_remove(struct remove_options *opt, int argc, char **argv) @@ -66,7 +66,7 @@ kt_remove(struct remove_options *opt, int argc, char **argv) } } if (!principal && !enctype && !opt->kvno_integer) { - krb5_warnx(context, + krb5_warnx(context, "You must give at least one of " "principal, enctype or kvno."); ret = EINVAL; diff --git a/admin/rename.c b/admin/rename.c index aea02b07507a..390776dd1e19 100644 --- a/admin/rename.c +++ b/admin/rename.c @@ -1,42 +1,42 @@ /* - * Copyright (c) 2001-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2001-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "ktutil_locl.h" -RCSID("$Id: rename.c 14260 2004-09-23 14:45:29Z joda $"); +RCSID("$Id$"); int -kt_rename(void *opt, int argc, char **argv) +kt_rename(struct rename_options *opt, int argc, char **argv) { krb5_error_code ret = 0; krb5_keytab_entry entry; @@ -89,13 +89,15 @@ kt_rename(void *opt, int argc, char **argv) krb5_warn(context, ret, "adding entry"); break; } - entry.principal = from_princ; - ret = krb5_kt_remove_entry(context, keytab, &entry); - if(ret) { - entry.principal = NULL; - krb5_kt_free_entry(context, &entry); - krb5_warn(context, ret, "removing entry"); - break; + if (opt->delete_flag) { + entry.principal = from_princ; + ret = krb5_kt_remove_entry(context, keytab, &entry); + if(ret) { + entry.principal = NULL; + krb5_kt_free_entry(context, &entry); + krb5_warn(context, ret, "removing entry"); + break; + } } entry.principal = NULL; } diff --git a/appl/Makefile.am b/appl/Makefile.am index 8f2670353e02..5e4e320bcbae 100644 --- a/appl/Makefile.am +++ b/appl/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 17775 2006-06-30 20:26:15Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -25,3 +25,5 @@ SUBDIRS = \ kx \ kf \ $(dir_dce) + +EXTRA_DIST = NTMakefile \ No newline at end of file diff --git a/appl/Makefile.in b/appl/Makefile.in index 52834fa12dd1..ad6b3f977fb7 100644 --- a/appl/Makefile.in +++ b/appl/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +15,16 @@ @SET_MAKE@ -# $Id: Makefile.am 17775 2006-06-30 20:26:15Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -43,7 +45,7 @@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ subdir = appl ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -58,7 +60,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -72,9 +74,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -82,14 +87,13 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = +CONFIG_CLEAN_VPATH_FILES = SOURCES = DIST_SOURCES = RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ @@ -101,58 +105,95 @@ RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ ps-recursive uninstall-recursive RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive +AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \ + $(RECURSIVE_CLEAN_TARGETS:-recursive=) tags TAGS ctags CTAGS \ + distdir ETAGS = etags CTAGS = ctags DIST_SUBDIRS = afsutil ftp login otp gssmask popper push rsh rcp su \ xnlock telnet test kx kf dceutils DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -176,10 +217,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -196,6 +238,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -211,31 +255,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -250,10 +308,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -294,29 +354,34 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la @OTP_TRUE@dir_otp = otp @DCE_TRUE@dir_dce = dceutils @@ -338,22 +403,23 @@ SUBDIRS = \ kf \ $(dir_dce) +EXTRA_DIST = NTMakefile all: all-recursive .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -371,6 +437,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): mostlyclean-libtool: -rm -f *.lo @@ -385,7 +452,7 @@ clean-libtool: # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. $(RECURSIVE_TARGETS): - @failcom='exit 1'; \ + @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ *=* | --[!k]*);; \ @@ -402,7 +469,7 @@ $(RECURSIVE_TARGETS): else \ local_target="$$target"; \ fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ @@ -410,7 +477,7 @@ $(RECURSIVE_TARGETS): fi; test -z "$$fail" $(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ + @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ *=* | --[!k]*);; \ @@ -436,16 +503,16 @@ $(RECURSIVE_CLEAN_TARGETS): else \ local_target="$$target"; \ fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ done ctags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ done ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) @@ -453,14 +520,14 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ include_option=--etags-include; \ @@ -472,39 +539,43 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -525,29 +596,44 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test -d "$(distdir)/$$subdir" \ || $(MKDIR_P) "$(distdir)/$$subdir" \ || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ am__remove_distdir=: \ am__skip_length_check=: \ + am__skip_mode_fix=: \ distdir) \ || exit 1; \ fi; \ @@ -581,6 +667,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -599,6 +686,8 @@ dvi-am: html: html-recursive +html-am: + info: info-recursive info-am: @@ -606,23 +695,31 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-recursive +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-recursive +install-html-am: + install-info: install-info-recursive +install-info-am: + install-man: install-pdf: install-pdf-recursive +install-pdf-am: + install-ps: install-ps-recursive +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-recursive @@ -644,9 +741,9 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am +.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) check-am \ + ctags-recursive install-am install-data-am install-exec-am \ + install-strip tags-recursive uninstall-am .PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ all all-am all-local check check-am check-local clean \ @@ -732,6 +829,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -817,7 +917,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -830,6 +930,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/NTMakefile b/appl/NTMakefile new file mode 100644 index 000000000000..6bae479d0fa5 --- /dev/null +++ b/appl/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl + +!include ../windows/NTMakefile.w32 + diff --git a/appl/afsutil/ChangeLog b/appl/afsutil/ChangeLog index c6cfd39c04db..9825c55a6b9e 100644 --- a/appl/afsutil/ChangeLog +++ b/appl/afsutil/ChangeLog @@ -1,4 +1,4 @@ -2007-04-11 Love Hörnquist Åstrand +2007-04-11 Love Hörnquist Ã…strand * pagsh.1,afslog.1: - options must be lexicographically ordered; again, options without arguments must be placed before options @@ -8,11 +8,11 @@ From Igor Sobrado. -2006-10-07 Love Hörnquist Åstrand +2006-10-07 Love Hörnquist Ã…strand * Makefile.am: Add man_MANS to EXTRA_DIST -2006-01-03 Love Hörnquist Åstrand +2006-01-03 Love Hörnquist Ã…strand * afslog.1: Document options to allow select principal or credential cache when doing afslog. @@ -20,7 +20,7 @@ * afslog.c: Add options to allow select principal or credential cache when doing afslog. -2005-02-12 Love Hörnquist Åstrand +2005-02-12 Love Hörnquist Ã…strand * Makefile.am: man_MANS += pagsh.1 @@ -30,12 +30,12 @@ * pagsh.1: manpage for pagsh -2004-09-03 Love Hörnquist Åstrand +2004-09-03 Love Hörnquist Ã…strand * afslog.c: use negative string help string for arg_negative_flag Pointed out by Harald Barth -2004-07-27 Love Hörnquist Åstrand +2004-07-27 Love Hörnquist Ã…strand * pagsh.c: use setprogname, if we stripped off -c, try use the fallback code @@ -44,22 +44,22 @@ * pagsh.c: mkstemp formats must end in exactly six X's -2003-07-15 Love Hörnquist Åstrand +2003-07-15 Love Hörnquist Ã…strand * afslog.c (do_afslog): is cell is unset, set it "" for error printing * pagsh.c: unconditionally set KRBTKFILE -2003-04-23 Love Hörnquist Åstrand +2003-04-23 Love Hörnquist Ã…strand * afslog.c (log_func): drop the error number -2003-04-14 Love Hörnquist Åstrand +2003-04-14 Love Hörnquist Ã…strand * afslog.c: set kafs log function if verbose is turned on -2003-03-18 Love Hörnquist Åstrand +2003-03-18 Love Hörnquist Ã…strand * Makefile.am (LDADD): use LIB_kafs diff --git a/appl/afsutil/Makefile.am b/appl/afsutil/Makefile.am index 365897b84c04..c0ca0d50d6ca 100644 --- a/appl/afsutil/Makefile.am +++ b/appl/afsutil/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -19,4 +19,4 @@ LDADD = $(LIB_kafs) \ $(LIB_hcrypto) \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) diff --git a/appl/afsutil/Makefile.in b/appl/afsutil/Makefile.in index e50ac2ea319c..15968b13dba4 100644 --- a/appl/afsutil/Makefile.in +++ b/appl/afsutil/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,7 +47,7 @@ bin_PROGRAMS = afslog$(EXEEXT) pagsh$(EXEEXT) subdir = appl/afsutil ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -60,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -74,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -84,14 +89,14 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) am_afslog_OBJECTS = afslog.$(OBJEXT) afslog_OBJECTS = $(am_afslog_OBJECTS) @@ -110,9 +115,9 @@ pagsh_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -124,6 +129,27 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(afslog_SOURCES) $(pagsh_SOURCES) DIST_SOURCES = $(afslog_SOURCES) $(pagsh_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man1dir = $(mandir)/man1 MANS = $(man_MANS) ETAGS = etags @@ -133,49 +159,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -199,10 +234,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -219,6 +255,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -234,31 +272,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -273,10 +325,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -317,30 +371,34 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_krb4) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la afslog_SOURCES = afslog.c pagsh_SOURCES = pagsh.c @@ -352,23 +410,23 @@ LDADD = $(LIB_kafs) \ $(LIB_hcrypto) \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/afsutil/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/afsutil/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/afsutil/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/afsutil/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -386,34 +444,50 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list afslog$(EXEEXT): $(afslog_OBJECTS) $(afslog_DEPENDENCIES) @rm -f afslog$(EXEEXT) $(LINK) $(afslog_OBJECTS) $(afslog_LDADD) $(LIBS) @@ -427,115 +501,140 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/afslog.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pagsh.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) +install-man1: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + uninstall-man1: @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -551,13 +650,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -592,6 +695,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -601,6 +705,7 @@ clean: clean-am clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -611,6 +716,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -618,26 +725,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man1 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -657,11 +773,10 @@ ps-am: uninstall-am: uninstall-binPROGRAMS uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man1 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-binPROGRAMS clean-generic clean-libtool ctags \ @@ -748,6 +863,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -833,7 +951,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -846,6 +964,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/afsutil/NTMakefile b/appl/afsutil/NTMakefile new file mode 100644 index 000000000000..f1f696c02ad7 --- /dev/null +++ b/appl/afsutil/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\afsutil + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/afsutil/afslog.1 b/appl/afsutil/afslog.1 index aa4b9d685d60..891b29a61e0f 100644 --- a/appl/afsutil/afslog.1 +++ b/appl/afsutil/afslog.1 @@ -1,66 +1,65 @@ -.\" Copyright (c) 2002 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2002 - 2007 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: afslog.1 20310 2007-04-11 11:22:23Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd November 26, 2002 .Dt AFSLOG 1 .Os HEIMDAL .Sh NAME .Nm afslog -.Nd -obtain AFS tokens +.Nd obtain AFS tokens .Sh SYNOPSIS .Nm -.Op Fl h | Fl -help -.Op Fl -no-v4 -.Op Fl -no-v5 -.Op Fl u | Fl -unlog -.Op Fl v | Fl -verbose -.Op Fl -version +.Op Fl h | Fl Fl help +.Op Fl Fl no-v4 +.Op Fl Fl no-v5 +.Op Fl u | Fl Fl unlog +.Op Fl v | Fl Fl verbose +.Op Fl Fl version .Oo Fl c Ar cell \*(Ba Xo -.Fl -cell= Ns Ar cell +.Fl Fl cell= Ns Ar cell .Xc .Oc .Oo Fl k Ar realm \*(Ba Xo -.Fl -realm= Ns Ar realm +.Fl Fl realm= Ns Ar realm .Xc .Oc .Oo Fl P Ar principal \*(Ba Xo -.Fl -principal= Ns Ar principal +.Fl Fl principal= Ns Ar principal .Xc .Oc .Bk -words .Oo Fl p Ar path \*(Ba Xo -.Fl -file= Ns Ar path +.Fl Fl file= Ns Ar path .Xc .Oc .Ek @@ -71,57 +70,57 @@ obtains AFS tokens for a number of cells. What cells to get tokens for can either be specified as an explicit list, as file paths to get tokens for, or be left unspecified, in which case .Nm -will use whatever magic +will use whatever magic .Xr krb_afslog 3 decides upon. .Pp Supported options: .Bl -tag -width Ds -.It Fl -no-v4 +.It Fl Fl no-v4 This makes .Nm not try using Kerberos 4. -.It Fl -no-v5 +.It Fl Fl no-v5 This makes .Nm not try using Kerberos 5. .It Xo .Fl P Ar principal , -.Fl -principal Ar principal +.Fl Fl principal Ar principal .Xc select what Kerberos 5 principal to use. -.It Fl -cache Ar cache +.It Fl Fl cache Ar cache select what Kerberos 5 credential cache to use. -.Fl -principal +.Fl Fl principal overrides this option. .It Xo .Fl u , -.Fl -unlog +.Fl Fl unlog .Xc Destroy tokens instead of obtaining new. If this is specified, all other options are ignored (except for -.Fl -help +.Fl Fl help and -.Fl -version ) . +.Fl Fl version ) . .It Xo .Fl v , -.Fl -verbose +.Fl Fl verbose .Xc Adds more verbosity for what is actually going on. .It Xo .Fl c Ar cell, -.Fl -cell= Ns Ar cell +.Fl Fl cell= Ns Ar cell .Xc This specified one or more cell names to get tokens for. .It Xo .Fl k Ar realm , -.Fl -realm= Ns Ar realm +.Fl Fl realm= Ns Ar realm .Xc This is the Kerberos realm the AFS servers live in, this should normally not be specified. .It Xo .Fl p Ar path , -.Fl -file= Ns Ar path +.Fl Fl file= Ns Ar path .Xc This specified one or more file paths for which tokens should be obtained. @@ -132,22 +131,22 @@ Instead of using and .Fl p , you may also pass a list of cells and file paths after any other -options. These arguments are considered files if they are either +options. These arguments are considered files if they are either the strings .Do . Dc or -.Dq .. +.Dq .. or they contain a slash, or if there exists a file by that name. .Sh EXAMPLES -Assuming that there is no file called +Assuming that there is no file called .Dq openafs.org -in the current directory, and that +in the current directory, and that .Pa /afs/openafs.org points to that cell, the follwing should be identical: .Bd -literal -offset indent $ afslog -c openafs.org $ afslog openafs.org $ afslog /afs/openafs.org/some/file -.Ed +.Ed .Sh SEE ALSO .Xr krb_afslog 3 diff --git a/appl/afsutil/afslog.c b/appl/afsutil/afslog.c index 6ca5b2074991..bd6807d01864 100644 --- a/appl/afsutil/afslog.c +++ b/appl/afsutil/afslog.c @@ -1,47 +1,44 @@ /* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: afslog.c 16438 2006-01-03 09:27:54Z lha $"); +RCSID("$Id$"); #endif #include #ifdef KRB5 #include #endif -#ifdef KRB4 -#include -#endif #include #include #include @@ -54,9 +51,6 @@ static char *realm; static getarg_strings files; static int unlog_flag; static int verbose; -#ifdef KRB4 -static int use_krb4 = 1; -#endif #ifdef KRB5 static char *client_string; static char *cache_string; @@ -68,9 +62,6 @@ struct getargs args[] = { { "file", 'p', arg_strings, &files, "files to get tokens for", "path" }, { "realm", 'k', arg_string, &realm, "realm for afs cell", "realm" }, { "unlog", 'u', arg_flag, &unlog_flag, "remove tokens" }, -#ifdef KRB4 - { "v4", 0, arg_negative_flag, &use_krb4, "don't use Kerberos 4" }, -#endif #ifdef KRB5 { "principal",'P',arg_string,&client_string,"principal to use","principal"}, { "cache", 0, arg_string, &cache_string, "ccache to use", "cache"}, @@ -189,9 +180,9 @@ afslog_file(const char *path) static int do_afslog(const char *cell) { - int k5ret, k4ret; + int k5ret; - k5ret = k4ret = 0; + k5ret = 0; #ifdef KRB5 if(context != NULL && id != NULL && use_krb5) { @@ -199,25 +190,14 @@ do_afslog(const char *cell) if(k5ret == 0) return 0; } -#endif -#if KRB4 - if (use_krb4) { - k4ret = krb_afslog(cell, realm); - if(k4ret == 0) - return 0; - } #endif if (cell == NULL) cell = ""; #ifdef KRB5 if (k5ret) - warnx("krb5_afslog(%s): %s", cell, krb5_get_err_text(context, k5ret)); + krb5_warn(context, k5ret, "krb5_afslog(%s)", cell); #endif -#ifdef KRB4 - if (k4ret) - warnx("krb_afslog(%s): %s", cell, krb_get_err_text(k4ret)); -#endif - if (k5ret || k4ret) + if (k5ret) return 1; return 0; } @@ -237,7 +217,7 @@ main(int argc, char **argv) int ret = 0; int failed = 0; struct cell_list *p; - + setprogname(argv[0]); if(getarg(args, num_args, argc, argv, &optind)) @@ -266,7 +246,7 @@ main(int argc, char **argv) ret = krb5_parse_name(context, client_string, &client); if (ret == 0) - ret = krb5_cc_cache_match(context, client, NULL, &id); + ret = krb5_cc_cache_match(context, client, &id); if (ret) id = NULL; } @@ -306,7 +286,7 @@ main(int argc, char **argv) afslog_file(argv[i]); else afslog_cell(argv[i], 1); - } + } if(num == 0) { if(do_afslog(NULL)) failed++; diff --git a/appl/afsutil/afslog.cat1 b/appl/afsutil/afslog.cat1 new file mode 100644 index 000000000000..5716faeda254 --- /dev/null +++ b/appl/afsutil/afslog.cat1 @@ -0,0 +1,69 @@ + +AFSLOG(1) BSD General Commands Manual AFSLOG(1) + +NNAAMMEE + aaffsslloogg -- obtain AFS tokens + +SSYYNNOOPPSSIISS + aaffsslloogg [--hh | ----hheellpp] [----nnoo--vv44] [----nnoo--vv55] [--uu | ----uunnlloogg] [--vv | ----vveerrbboossee] + [----vveerrssiioonn] [--cc _c_e_l_l | ----cceellll==_c_e_l_l] [--kk _r_e_a_l_m | ----rreeaallmm==_r_e_a_l_m] [--PP + _p_r_i_n_c_i_p_a_l | ----pprriinncciippaall==_p_r_i_n_c_i_p_a_l] [--pp _p_a_t_h | ----ffiillee==_p_a_t_h] + [_c_e_l_l | _p_a_t_h _._._.] + +DDEESSCCRRIIPPTTIIOONN + aaffsslloogg obtains AFS tokens for a number of cells. What cells to get tokens + for can either be specified as an explicit list, as file paths to get + tokens for, or be left unspecified, in which case aaffsslloogg will use what- + ever magic krb_afslog(3) decides upon. + + Supported options: + + ----nnoo--vv44 + This makes aaffsslloogg not try using Kerberos 4. + + ----nnoo--vv55 + This makes aaffsslloogg not try using Kerberos 5. + + --PP _p_r_i_n_c_i_p_a_l, ----pprriinncciippaall _p_r_i_n_c_i_p_a_l + select what Kerberos 5 principal to use. + + ----ccaacchhee _c_a_c_h_e + select what Kerberos 5 credential cache to use. ----pprriinncciippaall + overrides this option. + + --uu, ----uunnlloogg + Destroy tokens instead of obtaining new. If this is specified, + all other options are ignored (except for ----hheellpp and ----vveerrssiioonn). + + --vv, ----vveerrbboossee + Adds more verbosity for what is actually going on. + + --cc _c_e_l_l_, ----cceellll==_c_e_l_l + This specified one or more cell names to get tokens for. + + --kk _r_e_a_l_m, ----rreeaallmm==_r_e_a_l_m + This is the Kerberos realm the AFS servers live in, this should + normally not be specified. + + --pp _p_a_t_h, ----ffiillee==_p_a_t_h + This specified one or more file paths for which tokens should be + obtained. + + Instead of using --cc and --pp, you may also pass a list of cells and file + paths after any other options. These arguments are considered files if + they are either the strings ``.'' or ``..'' or they contain a slash, or + if there exists a file by that name. + +EEXXAAMMPPLLEESS + Assuming that there is no file called ``openafs.org'' in the current + directory, and that _/_a_f_s_/_o_p_e_n_a_f_s_._o_r_g points to that cell, the follwing + should be identical: + + $ afslog -c openafs.org + $ afslog openafs.org + $ afslog /afs/openafs.org/some/file + +SSEEEE AALLSSOO + krb_afslog(3) + +HEIMDAL November 26, 2002 HEIMDAL diff --git a/appl/afsutil/pagsh.1 b/appl/afsutil/pagsh.1 index c3e93d440e7f..7d5ac81428b1 100644 --- a/appl/afsutil/pagsh.1 +++ b/appl/afsutil/pagsh.1 @@ -1,79 +1,80 @@ -.\" Copyright (c) 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2005 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: pagsh.1 20311 2007-04-11 11:27:51Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd February 12, 2005 .Dt PAGSH 1 .Os Heimdal .Sh NAME .Nm pagsh -.Nd -creates a new credential cache sandbox +.Nd creates a new credential cache sandbox .Sh SYNOPSIS .Nm -.Op Fl c -.Op Fl h | Fl -help -.Op Fl -version -.Op Fl -cache-type= Ns Ar string +.Op Fl c Ar command-string +.Op Fl h | Fl Fl help +.Op Fl Fl version +.Op Fl Fl cache-type= Ns Ar string .Ar command [args...] .Sh DESCRIPTION Supported options: .Bl -tag -width Ds .It Xo -.Fl c +.Fl c Ar command-string +Executes command(s) contained in +.Ar command-string . .Xc .It Xo -.Fl -cache-type= Ns Ar string +.Fl Fl cache-type= Ns Ar string .Xc .It Xo .Fl h , -.Fl -help +.Fl Fl help .Xc .It Xo -.Fl -version +.Fl Fl version .Xc .El .Pp .Nm creates a new credential cache sandbox for the user to live in. If AFS is installed on the computer, the user is put in a newly -created PAG. +created Process Authentication Group (PAG). .Pp For Kerberos 5, the credential cache type that is used is the same as the credential cache type that was used at the time of .Nm invocation. The credential cache type can be controlled by the option -.Fl -cache-type . +.Fl Fl cache-type . .Sh EXAMPLES Create a new sandbox where new credentials can be used, while the old credentials can be used by other processes. @@ -89,4 +90,5 @@ $ klist klist: No ticket file: /tmp/krb5cc_03014a .Ed .Sh SEE ALSO -.Xr afslog 1 +.Xr afslog 1 , +.Xr kinit 1 diff --git a/appl/afsutil/pagsh.c b/appl/afsutil/pagsh.c index d975fad11438..bfc5dce87f89 100644 --- a/appl/afsutil/pagsh.c +++ b/appl/afsutil/pagsh.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2005 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -35,7 +35,7 @@ #include #endif -RCSID("$Id: pagsh.c 14574 2005-02-12 14:23:28Z lha $"); +RCSID("$Id$"); #include #include @@ -55,9 +55,6 @@ RCSID("$Id: pagsh.c 14574 2005-02-12 14:23:28Z lha $"); #ifdef KRB5 #include #endif -#ifdef KRB4 -#include -#endif #include #include @@ -106,7 +103,7 @@ main(int argc, char **argv) char *path; char **args; - int i; + unsigned int i; int optind = 0; setprogname(argv[0]); @@ -124,7 +121,6 @@ main(int argc, char **argv) #ifdef KRB5 { - const krb5_cc_ops *type; krb5_error_code ret; krb5_context context; krb5_ccache id; @@ -134,29 +130,7 @@ main(int argc, char **argv) if (ret) /* XXX should this really call exit ? */ errx(1, "no kerberos 5 support"); - if (typename_arg == NULL) { - char *s; - - name = krb5_cc_default_name(context); - if (name == NULL) - krb5_errx(context, 1, "Failed getting default " - "credential cache type"); - - typename_arg = strdup(name); - if (typename_arg == NULL) - errx(1, "strdup"); - - s = strchr(typename_arg, ':'); - if (s) - *s = '\0'; - } - - type = krb5_cc_get_prefix_ops(context, typename_arg); - if (type == NULL) - krb5_err(context, 1, ret, "Failed getting ops for %s " - "credential cache", typename_arg); - - ret = krb5_cc_gen_new(context, type, &id); + ret = krb5_cc_new_unique(context, typename_arg, NULL, &id); if (ret) krb5_err(context, 1, ret, "Failed generating credential cache"); @@ -164,7 +138,7 @@ main(int argc, char **argv) if (name == NULL) krb5_errx(context, 1, "Generated credential cache have no name"); - snprintf(tf, sizeof(tf), "%s:%s", typename_arg, name); + snprintf(tf, sizeof(tf), "%s:%s", krb5_cc_get_type(context, id), name); ret = krb5_cc_close(context, id); if (ret) @@ -190,11 +164,13 @@ main(int argc, char **argv) if (args == NULL) errx (1, "Out of memory allocating %lu bytes", (unsigned long)((argc + 10)*sizeof(char *))); - + if(*argv == NULL) { path = getenv("SHELL"); if(path == NULL){ struct passwd *pw = k_getpwuid(geteuid()); + if (pw == NULL) + errx(1, "no such user: %d", (int)geteuid()); path = strdup(pw->pw_shell); } } else { @@ -202,7 +178,7 @@ main(int argc, char **argv) } if (path == NULL) errx (1, "Out of memory copying path"); - + p=strrchr(path, '/'); if(p) args[i] = strdup(p+1); @@ -211,7 +187,7 @@ main(int argc, char **argv) if (args[i++] == NULL) errx (1, "Out of memory copying arguments"); - + while(*argv) args[i++] = *argv++; @@ -224,7 +200,7 @@ main(int argc, char **argv) execvp(path, args); if (errno == ENOENT || c_flag) { char **sh_args = malloc ((i + 2) * sizeof(char *)); - int j; + unsigned int j; if (sh_args == NULL) errx (1, "Out of memory copying sh arguments"); diff --git a/appl/afsutil/pagsh.cat1 b/appl/afsutil/pagsh.cat1 new file mode 100644 index 000000000000..9493f6f30077 --- /dev/null +++ b/appl/afsutil/pagsh.cat1 @@ -0,0 +1,47 @@ + +PAGSH(1) BSD General Commands Manual PAGSH(1) + +NNAAMMEE + ppaaggsshh -- creates a new credential cache sandbox + +SSYYNNOOPPSSIISS + ppaaggsshh [--cc _c_o_m_m_a_n_d_-_s_t_r_i_n_g] [--hh | ----hheellpp] [----vveerrssiioonn] [----ccaacchhee--ttyyppee==_s_t_r_i_n_g] + _c_o_m_m_a_n_d _[_a_r_g_s_._._._] + +DDEESSCCRRIIPPTTIIOONN + Supported options: + + --cc _c_o_m_m_a_n_d_-_s_t_r_i_n_g Executes command(s) contained in _c_o_m_m_a_n_d_-_s_t_r_i_n_g. + + ----ccaacchhee--ttyyppee==_s_t_r_i_n_g + + --hh, ----hheellpp + + ----vveerrssiioonn + + ppaaggsshh creates a new credential cache sandbox for the user to live in. If + AFS is installed on the computer, the user is put in a newly created + Process Authentication Group (PAG). + + For Kerberos 5, the credential cache type that is used is the same as the + credential cache type that was used at the time of ppaaggsshh invocation. The + credential cache type can be controlled by the option ----ccaacchhee--ttyyppee. + +EEXXAAMMPPLLEESS + Create a new sandbox where new credentials can be used, while the old + credentials can be used by other processes. + + $ klist + Credentials cache: FILE:/tmp/krb5cc_913 + Principal: lha@E.KTH.SE + + Issued Expires Principal + Feb 12 10:08:31 Feb 12 20:06:36 krbtgt/E.KTH.SE@E.KTH.SE + $ pagsh + $ klist + klist: No ticket file: /tmp/krb5cc_03014a + +SSEEEE AALLSSOO + afslog(1), kinit(1) + +Heimdal February 12, 2005 Heimdal diff --git a/appl/dceutils/ChangeLog b/appl/dceutils/ChangeLog new file mode 100644 index 000000000000..f583aeb58b8d --- /dev/null +++ b/appl/dceutils/ChangeLog @@ -0,0 +1,39 @@ +2007-12-13 Love Hörnquist Ã…strand + + * Makefile.am: Add missing files, from Buchan Milne. + +2006-08-08 Love Hörnquist Ã…strand + + * k5dcecon.c: Check for seteuid failure, prompted by MIT advisory. + +2005-04-06 Love Hörnquist Ã…strand + + * testpag.c: use NULL as last argument to execl, not 0 + +2002-08-12 Johan Danielsson + + * Makefile.am: rename dpagaix_LDFLAGS etc to appease automake + +2001-08-24 Assar Westerlund + + * Makefile.am (dpagaix): make sure of using $(EXEEXT) just to + please automake (this is aix-only code) + +2001-02-07 Assar Westerlund + + * Makefile.am (dpagaix): needs to be linked with ld, add an + explicit command for it. from Ake Sandgren + +2000-10-02 Assar Westerlund + + * Makefile.am: link with roken on everything except irix, where + apperently it fails. reported by Ake Sandgren + +2000-07-17 Johan Danielsson + + * Makefile.am: set compiler flags + +2000-07-01 Assar Westerlund + + * imported stuff from Ake Sandgren + diff --git a/appl/dceutils/Makefile.am b/appl/dceutils/Makefile.am new file mode 100644 index 000000000000..6fa9d1a105ed --- /dev/null +++ b/appl/dceutils/Makefile.am @@ -0,0 +1,37 @@ +# $Id$ + +include $(top_srcdir)/Makefile.am.common + + +DFSPROGS = k5dcecon +if AIX +AIX_DFSPROGS = dpagaix +endif + +libexec_PROGRAMS = $(DFSPROGS) $(AIX_DFSPROGS) + +dpagaix_CFLAGS = $(dpagaix_cflags) +dpagaix_LDFLAGS = $(dpagaix_ldflags) +dpagaix_LDADD = $(dpagaix_ldadd) + +dpagaix$(EXEEXT): $(dpagaix_OBJECTS) + ld -edpagaix -o dpagaix$(EXEEXT) $(dpagaix_OBJECTS) $(srcdir)/dfspag.exp + +LIB_dce = -ldce + +k5dcecon_SOURCES = k5dcecon.c k5dce.h + +dpagaix_SOURCES = dpagaix.c + +EXTRA_DIST = \ + NTMakefile \ + dfspag.exp \ + README.dcedfs \ + README.original \ + testpag.c + +if IRIX +LDADD = $(LIB_dce) +else +LDADD = $(LIB_roken) $(LIB_dce) +endif diff --git a/lib/auth/pam/Makefile.in b/appl/dceutils/Makefile.in similarity index 56% rename from lib/auth/pam/Makefile.in rename to appl/dceutils/Makefile.in index 0f9e084267b5..f3c54657e571 100644 --- a/lib/auth/pam/Makefile.in +++ b/appl/dceutils/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 22299 2007-12-14 06:39:19Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -40,11 +42,12 @@ build_triplet = @build@ host_triplet = @host@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = lib/auth/pam + $(top_srcdir)/cf/Makefile.am.common ChangeLog +libexec_PROGRAMS = $(am__EXEEXT_1) $(am__EXEEXT_2) +subdir = appl/dceutils ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -59,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -73,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -83,73 +89,103 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(foodir)" -fooDATA_INSTALL = $(INSTALL_DATA) -DATA = $(foo_DATA) +CONFIG_CLEAN_VPATH_FILES = +am__EXEEXT_1 = k5dcecon$(EXEEXT) +@AIX_TRUE@am__EXEEXT_2 = dpagaix$(EXEEXT) +am__installdirs = "$(DESTDIR)$(libexecdir)" +PROGRAMS = $(libexec_PROGRAMS) +am_dpagaix_OBJECTS = dpagaix-dpagaix.$(OBJEXT) +dpagaix_OBJECTS = $(am_dpagaix_OBJECTS) +am__DEPENDENCIES_1 = +dpagaix_DEPENDENCIES = $(am__DEPENDENCIES_1) +dpagaix_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(dpagaix_CFLAGS) $(CFLAGS) \ + $(dpagaix_LDFLAGS) $(LDFLAGS) -o $@ +am_k5dcecon_OBJECTS = k5dcecon.$(OBJEXT) +k5dcecon_OBJECTS = $(am_k5dcecon_OBJECTS) +k5dcecon_LDADD = $(LDADD) +@IRIX_FALSE@k5dcecon_DEPENDENCIES = $(am__DEPENDENCIES_1) \ +@IRIX_FALSE@ $(am__DEPENDENCIES_1) +@IRIX_TRUE@k5dcecon_DEPENDENCIES = $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(dpagaix_SOURCES) $(k5dcecon_SOURCES) +DIST_SOURCES = $(dpagaix_SOURCES) $(k5dcecon_SOURCES) +ETAGS = etags +CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -173,10 +209,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -193,6 +230,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -208,32 +247,46 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ $(WFLAGS_NOIMPLICITINT) +WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ XMKMF = @XMKMF@ @@ -247,10 +300,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -291,71 +346,68 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .o -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -@KRB4_TRUE@KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a -@KRB4_TRUE@KAFS_S = $(top_builddir)/lib/kafs/.libs/libkafs.so -@KRB4_TRUE@L = \ -@KRB4_TRUE@ $(KAFS) \ -@KRB4_TRUE@ $(top_builddir)/lib/krb/.libs/libkrb.a \ -@KRB4_TRUE@ $(LIB_hcrypto_a) \ -@KRB4_TRUE@ $(top_builddir)/lib/roken/.libs/libroken.a \ -@KRB4_TRUE@ -lc +DFSPROGS = k5dcecon +@AIX_TRUE@AIX_DFSPROGS = dpagaix +dpagaix_CFLAGS = $(dpagaix_cflags) +dpagaix_LDFLAGS = $(dpagaix_ldflags) +dpagaix_LDADD = $(dpagaix_ldadd) +LIB_dce = -ldce +k5dcecon_SOURCES = k5dcecon.c k5dce.h +dpagaix_SOURCES = dpagaix.c +EXTRA_DIST = \ + NTMakefile \ + dfspag.exp \ + README.dcedfs \ + README.original \ + testpag.c -@KRB4_TRUE@L_shared = \ -@KRB4_TRUE@ $(KAFS_S) \ -@KRB4_TRUE@ $(top_builddir)/lib/krb/.libs/libkrb.so \ -@KRB4_TRUE@ $(LIB_hcrypto_so) \ -@KRB4_TRUE@ $(top_builddir)/lib/roken/.libs/libroken.so \ -@KRB4_TRUE@ $(LIB_getpwnam_r) \ -@KRB4_TRUE@ -lc - -@KRB4_TRUE@MOD = pam_krb4.so -foodir = $(libdir) -foo_DATA = $(MOD) -SRCS = pam.c -OBJS = pam.o -CLEANFILES = $(MOD) $(OBJS) -EXTRA_DIST = pam.conf.add $(SRCS) +@IRIX_FALSE@LDADD = $(LIB_roken) $(LIB_dce) +@IRIX_TRUE@LDADD = $(LIB_dce) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .o +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/auth/pam/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/auth/pam/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/dceutils/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/dceutils/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -373,35 +425,155 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-libexecPROGRAMS: $(libexec_PROGRAMS) + @$(NORMAL_INSTALL) + test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done + +uninstall-libexecPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files + +clean-libexecPROGRAMS: + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +k5dcecon$(EXEEXT): $(k5dcecon_OBJECTS) $(k5dcecon_DEPENDENCIES) + @rm -f k5dcecon$(EXEEXT) + $(LINK) $(k5dcecon_OBJECTS) $(k5dcecon_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dpagaix-dpagaix.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/k5dcecon.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +dpagaix-dpagaix.o: dpagaix.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(dpagaix_CFLAGS) $(CFLAGS) -MT dpagaix-dpagaix.o -MD -MP -MF $(DEPDIR)/dpagaix-dpagaix.Tpo -c -o dpagaix-dpagaix.o `test -f 'dpagaix.c' || echo '$(srcdir)/'`dpagaix.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/dpagaix-dpagaix.Tpo $(DEPDIR)/dpagaix-dpagaix.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='dpagaix.c' object='dpagaix-dpagaix.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(dpagaix_CFLAGS) $(CFLAGS) -c -o dpagaix-dpagaix.o `test -f 'dpagaix.c' || echo '$(srcdir)/'`dpagaix.c + +dpagaix-dpagaix.obj: dpagaix.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(dpagaix_CFLAGS) $(CFLAGS) -MT dpagaix-dpagaix.obj -MD -MP -MF $(DEPDIR)/dpagaix-dpagaix.Tpo -c -o dpagaix-dpagaix.obj `if test -f 'dpagaix.c'; then $(CYGPATH_W) 'dpagaix.c'; else $(CYGPATH_W) '$(srcdir)/dpagaix.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/dpagaix-dpagaix.Tpo $(DEPDIR)/dpagaix-dpagaix.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='dpagaix.c' object='dpagaix-dpagaix.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(dpagaix_CFLAGS) $(CFLAGS) -c -o dpagaix-dpagaix.obj `if test -f 'dpagaix.c'; then $(CYGPATH_W) 'dpagaix.c'; else $(CYGPATH_W) '$(srcdir)/dpagaix.c'; fi` mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-fooDATA: $(foo_DATA) - @$(NORMAL_INSTALL) - test -z "$(foodir)" || $(MKDIR_P) "$(DESTDIR)$(foodir)" - @list='$(foo_DATA)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(fooDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(foodir)/$$f'"; \ - $(fooDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(foodir)/$$f"; \ - done -uninstall-fooDATA: - @$(NORMAL_UNINSTALL) - @list='$(foo_DATA)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(foodir)/$$f'"; \ - rm -f "$(DESTDIR)$(foodir)/$$f"; \ - done +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique tags: TAGS -TAGS: +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi ctags: CTAGS -CTAGS: +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ @@ -419,13 +591,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -435,9 +611,9 @@ distdir: $(DISTFILES) check-am: all-am $(MAKE) $(AM_MAKEFLAGS) check-local check: check-am -all-am: Makefile $(DATA) all-local +all-am: Makefile $(PROGRAMS) all-local installdirs: - for dir in "$(DESTDIR)$(foodir)"; do \ + for dir in "$(DESTDIR)$(libexecdir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am @@ -457,21 +633,24 @@ install-strip: mostlyclean-generic: clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool mostlyclean-am +clean-am: clean-generic clean-libexecPROGRAMS clean-libtool \ + mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile -distclean-am: clean-am distclean-generic +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags dvi: dvi-am @@ -479,39 +658,51 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: -install-data-am: install-fooDATA +install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am -install-exec-am: +install-dvi-am: + +install-exec-am: install-libexecPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am -mostlyclean-am: mostlyclean-generic mostlyclean-libtool +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf: pdf-am @@ -521,26 +712,27 @@ ps: ps-am ps-am: -uninstall-am: uninstall-fooDATA +uninstall-am: uninstall-libexecPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ +.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ + clean clean-generic clean-libexecPROGRAMS clean-libtool ctags \ + dist-hook distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ html-am info info-am install install-am install-data \ install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-fooDATA \ - install-html install-html-am install-info install-info-am \ - install-man install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ - ps ps-am uninstall uninstall-am uninstall-fooDATA \ - uninstall-hook + install-exec install-exec-am install-exec-hook install-html \ + install-html-am install-info install-info-am \ + install-libexecPROGRAMS install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags uninstall uninstall-am uninstall-hook \ + uninstall-libexecPROGRAMS install-suid-programs: @@ -611,6 +803,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -696,7 +891,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -710,24 +905,9 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) fi ; \ done -pam_krb4.so: $(OBJS) - @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \ - echo "$(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \ - $(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ - elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \ - echo "$(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \ - $(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ - else \ - echo "missing libraries"; exit 1; \ - fi +dpagaix$(EXEEXT): $(dpagaix_OBJECTS) + ld -edpagaix -o dpagaix$(EXEEXT) $(dpagaix_OBJECTS) $(srcdir)/dfspag.exp -# XXX inline COMPILE since automake wont add it - -.c.o: - $(LIBTOOL) --mode=compile --tag=CC $(CC) \ - $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ - -c `test -f '$<' || echo '$(srcdir)/'`$< # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/dceutils/NTMakefile b/appl/dceutils/NTMakefile new file mode 100644 index 000000000000..eb27eb4f6cfb --- /dev/null +++ b/appl/dceutils/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\dceutils + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/dceutils/README.dcedfs b/appl/dceutils/README.dcedfs new file mode 100644 index 000000000000..5849ad624981 --- /dev/null +++ b/appl/dceutils/README.dcedfs @@ -0,0 +1,59 @@ +This is a set of patches and files to get a DFS ticket from a k5 ticket. +This code comes from Doug Engert, Argonne Nat. Lab (See dce/README.original +for more info) + +The files in dce are; +testpag: for testing if this is at all possible. +k5dfspag: included in libkrb5 +k5dcecon: Creates (or searches for) the actual DFSPAG ticketfile. +dpagaix: An AIX syscall stub. +README.original: Original README file from Doug Engert + + +Certain applications (rshd/telnetd) have been patched to call the +functions in k5dfspag when the situation is right. They are ifdef +with DCE. The patches are also originally from Doug but they +where against MIT krb5 code and have been merged into heimdal by me. +I will try to fix ftpd soon... + +There is also an ifdefs for DCE && AIX that can be used to make AIX +use DCE for getting group/passwd entries. This is needed if one is running +with a bare bones passwd/group file and AUTHSTATE set to DCE (This will be +more or less clear to people doing this...) I have forced this on for now. + +k5dfspag.c is in lib/krb5 +k5dfspag.c is dependent on DCE only. +It is also POSIX systems only. There are defines for the location of +k5dcecon and dpagaix that needs a correct configure setting. + +k5dcecon needs no special things for the compile except whatever is needed +on the target system to compile dce programs. +(On aix the dce compile flags are: -D_THREAD_SAFE -D_AIX32_THREADS=1 -D_AIX41 -D_AES_SOURCE or one can use xlc_r4 if it is version 3.6.4 or later) + +k5dcecon wants the following libs (on aix 4.3): +-ldce (and setenv from somewhere) + +dpagaix is only needed on AIX (see k5dfspag.c). +dpagaix needs dfspag.exp and is linked with +ld -edpagaix -o dpagaix dpagaix.o dfspag.exp + + +Hope to get this into heimdal soon :-) although I know that you will have to +change some things to get it cleanly into configure. Since I don't know the +structure of the code (heimdal), nor enough of configure, good enough I +just won't try it myself. + +One more thing, to get this to work one has to put fcache_version = x in +krb5.conf where x = whatever the DCE implementation understands, (usually +1 or 2). +Thanks for adding that... + + +Ã…ke Sandgren (ake@hpc2n.umu.se) +HPC2N +UmeÃ¥ University +Sweden + +PS +I have now added patches for configure.in and some Makefile.am's to get this +all cleanly (I hope) into heimdal. diff --git a/appl/dceutils/README.original b/appl/dceutils/README.original new file mode 100644 index 000000000000..088702307a38 --- /dev/null +++ b/appl/dceutils/README.original @@ -0,0 +1,335 @@ +KERBEROS and DCE INTEROPERABILITY ROUTINES + +WHAT'S NEW + +When k5dcecon was examining the ticket caches looking to +update one with a newer TGT, it might update the wrong +one for the correct user. This problem was reported by PNNL, +and is now fixed. + +Any Kerberized application can now use a forwarded TGT to establish a +DCE context, or can use a previously established DCE context. This is +both a functional improvement and a performance improvement. + +BACKGROUND + +The MIT Kerberos 5 Release 1.x and DCE 1.1 can interoperate in a +number of ways. This is possible because: + + o DCE used Kerberos 5 internally. Based on the MIT code as of beta 4 + or so, with additional changes. + + o The DCE security server can act as a K5 KDC, as defined in RFC 1510 + and responds on port 88. + + o On the clients, DCE and Kerberos use the same format for the ticket + cache, and then can share it. The KRB5CCNAME environment variable points + at the cache. + + o On the clients, DCE and Kerberos use the same format for the srvtab + file. DCE refers to is a /krb5/v5srvtab and Kerberos as + /etc/krb5.keytab. They can be symlinked. + + o MIT has added many options to the krb5.conf configuration file + which allows newer features of Release 1.0 to be turned off to match + the earlier version of Kerberos upon which DCE is based. + + o DCE will accept a externally obtained Kerberos TGT in place of a + password when establishing a DCE context. + +There are some areas where they differ, including the following: + + o Administration of the database and the keytab files is done by the + DCE routines, rather the the Kerberos kadmin. + + o User password changes must be done using the DCE commands. Kpasswd + does not work. (But there are mods to Kerberos to use the v5passwd + with DCE. + + o DCE goes beyond authentication only, and provides authorization via + the PAC, and the dce-ptgt tickets stored in the cache. Thus a + Kerberos KDC can not act as a DCE security server. + + o A DCE cell and Kerberos realm can cross-realm authenticate, but + there can be no intermediate realms. (There are other problems + in this area as well. But directly connected realms/cells do work.) + + o You can't link a module with the DCE library and the Kerberos + library. They have conflicting routines, static data and structures. + +One of the main features of DCE is the Distributed File System +DFS. Access to DFS requires authentication and authorization, and when +one uses a Kerberized network utility such as telnet, a forwarded +Kerberos ticket can be used to establish the DCE context to allow +access to DFS. + + +NEW TO THIS RELEASE + +This release introduces sharing of a DCE context, and PAG, and allows +any Kerberized application to establish or share the context. This is +made possible by using an undocumented feature of DCE which is on at +least the Transarc and IBM releases of DCE 1.1. + +I am in the process of trying to get this contributed to the general +DCE 1.2.2 release as a patch, so it could be included in other vendors +products. HP has expressed interest in doing this, as well as the +OpenGroup if the modification is contributed. You can help by +requesting Transarc and/or IBM to submit this modification to the +OpenGroup and ask your vendor to adopt this modification. + +The feature is a modification to the setpag() system call which will +allow an authorized process to set the PAG to a specific value, and +thus allow unrelated processes to share the same PAG. + +This then allows the Kerberized daemons such as kshd, to exec a DCE +module which established the DCE context. Kshd then sets the +KRB5CCNAME environment variable and then issues the setpag() to use +this context. This solves the linking problem. This is done via the +k5dfspag.c routine. + +The k5dfspag.c code is compiled with the lib/krb5/os routines and +included in the libkrb5. A daemon calls krb5_dfs_pag after the +krb5_kuserok has determined that the Kerberos principal and local +userid pair are acceptable. This should be done early so as to give +the daemon access to the home directory which may be located on DFS. +If the .k5login file is used by krb5_kuserok it will need to be +accessed by the daemon and will need special ACL handling. + +The krb5_dfs_pag routine will exec the k5dcecon module to do all the +real work. Upon return, if a PAG is obtained, krb5_dfs_pag with set +the PAG for the current process to the returned PAG value. It will +also set the KRB5CCNAME environment as well. Under DCE the PAG value +is the nnnnnnn part of the name of the cache: +FILE:/opt/dcelocal/var/security/creds/dcecred_nnnnnnnn. + +The k5dcecon routine will attempt to use TGT which may have been +forwarded, to convert it to a DCE context. If there is no TGT, an +attempt will be made to join an existing PAG for the local userid, and +Kerberos principal. If there are existing PAGs, and a forwarded TGT, +k5dcecon will check the lifetime of the forwarded TGT, and if it is +less than the lifetime of the PAG, it will just join the PAG. If it +is greater, it will refresh the PAG using the forwarded TGT. +This approach has the advantage of not requiring many new tickets from +having to be obtained, and allows one to refresh a DCE context, or use +an already established context. + +If the system also has AFS, the AFS krb5_afs_pag should be called +after the krb5_dfs_pag, since cache pointed at via the KRB5CCNAME may +have changed, such as if a DFS PAG has been joined. The AFS code does +not have the capability to join an existing AFS PAG, but can use the +same cache which might already had a +afsx/@ service ticket. + + +WHAT'S IN THIS RELEASE + +The k5prelogin, k5dcelogin, k5afslogin (with ak5log) were designed to +be slipped in between telnetd or klogind and login.krb5. They would +use a forwarded Kerberos ticket to establish a DCE context. They are +the older programs which are included here. They work on all DCE +platforms, and don't take advantage of the undocumented setpag +feature. (A version of k5dcelogin is being included with DCE 1.2.2) + +K5dcecon is the new program which can be used to create, update or +join a DCE context. k5dcecon returns KRB5CCNAME string which contains +the PAG. + +k5dfspag.c is to be built in the MIT Kerberos 5 release 1.0 patchlevel +1 and added to the libkrb5. It will exec k5dcecon and upon return set +the KRB5CCNAME and PAG. Mods to Kerberized klogind, rshd, telnetd, +ftpd are available to use the k5dfspag. + +Testpag.c is a test programs to see if the PAG can be set. + +The cpwkey.c routine can be used to change a key in the DCE registry, +by adding the key directly, or by setting the salt/pepper and password +or by providing the key and the pepper. This could be useful when +coping keys from a K4 or AFS database to DCE. It can also be used when +setting a DCE to K5 cross-cell key. This program is a test program +For mass inserts, it should be rewritten to read from stdin. + +K5dcelogin can also be called directly, much like dce_login. +I use the following commands in effect do the same thing as dce_login +and get a forwardable ticket, DCE context and an AFS token: + + #!/bin/csh + # simulate a dce_login using krb5 kinit and k5dcelogin + # + setenv KRB5CCNAME FILE:/tmp/krb5cc_p$$ + /krb5/bin/kinit -f + exec /krb5/sbin/k5dcelogin /krb5/sbin/k5afslogin /bin/csh + #exec /krb5/sbin/k5dcelogin /bin/csh + +This could be useful in a mixed cell where "AS_REQ" messages are +handled by a K5 KDC, but DCE RPCs are handled by the DCE security +server. + +TESTING THE SETPAG + +The krb5_dfs_pag routine relies on an undocumented feature which is +in the AIX and Transarc Solaris ports of DCE and has been recently +added to the SGI version. To test if this feature is present +on some other DFS implementation use the testpag routine. + +The testpag routine attempts to set a PAG value to one you supply. It +uses the afs_syscall with the afs_setpag, and passes the supplied +PAG value as the next parameter. On an unmodifed system, this +will be ignored, and a new will be set. You should also check that +if run as a user, you cannot join a PAG owned by another user. +When run as root, any PAG should be usable. + +On a machine with DFS running, do a dce_login to get a DCE context and +PAG. ECHO the KRB5CCNAME and look at the nnnnnnnn at the end. It +should look like an 8 char hex value, which may be 41ffxxxx on some +systems. + +Su to root and unsetenv KRB5CCNAME. Do a testpag -n nnnnnnnn where +nnnnnnnn is the PAG obtained for the above name. + +It should look like this example on an AIX 4.1.4 system: + + pembroke# ./testpag -n 63dc9997 + calling k5dcepag newpag=63dc9997 + PAG returned = 63dc9997 + +You will be running under a new shell with the PAG and KRB5CCNAME set. +If the PAG returned is the same as the newpag, then it worked. You can +further verify this by doing a DCE klist, cd to DFS and a DCE klist +again. The klist should show some tickets for DFS servers. + +If the PAG returned is not the same, and repeated attempts show a +returned PAG decremented by 1 from the previous returned PAG, then +this system does not have the modification For example: + + # ./testpag -n 41fffff9 + calling k5dcepag newpag=41fffff9 + PAG returned = 41fffff8 + # ./testpag -n 41fffff9 + calling k5dcepag newpag=41fffff9 + PAG returned = 41fffff7 + +In this case the syscall is ignoring the newpag parameter. + +Running it with -n 0 should get the next PAG value with or without +this modification. + +If the DFS kernel extensions are not installed, you would get +something like this: + + caliban.ctd.anl.gov% ./testpag -n 012345678 + calling k5dcepag newpag=012345678 + Setpag failed with a system error + PAG returned = ffffffff + Not a good pag value + +If you DFS implementation does not have this modification, you could +attempt to install it yourself. But this requires source and requires +modifications to the kernel extensions. At the end of this note is an +untested sample using the DCE 1.2.2 source code. You can also contact +your system vendor and ask for this modification. + +UNICOS has a similar function setppag(newpag) which can be used to set +the PAG of the parent. Contact me if you are interested. + +HOW TO INSTALL + +Examine the k5dfspag.c file to make sure the DFS syscalls are correct +for your platform. See the /opt/dcelocal/share/include/dcedfs/syscall.h +on Solaris for example. + +You should build the testpag routine and make sure it works before +adding all the other mods. If it fails you can still use the klogind +and telnetd with the k5prelogin and k5dcelogin code. + +If you intend to install with a prefix other than /krb5, change: +DPAGAIX and K5DCECON in k5dfspag.c; the three references in +k5prelogin.c; and the DESTDIR in the Makefile. + +Get k5101.cdiff.xxxxxx.tar file and install the mods for ANL_DFS_PAG +and ANL_DCE to the MIT Kerberos 5 source. These mods turn on some DCE +related changes and the calls to krb5_dfs_pag. + +Symlink or copy the k5dfspag.c to the src/lib/krb5/os directory. + +Add the -DANL_DFS_PAG and -DANL_DCE flags to the configuration. + +Configure and Build the Kerberos v5. + +Modify the k5dce Makefile for your system. + +Build the k5dcecon and related programs. + +Install both the MIT Kerberos v5 and the k5dcecon and dpagaix if AIX. + +The makefile can also build k5dcelogin and k5prelogin. The install +can install k5dcelogin, k5prelogin and update the links for login.krb5 +-> k5prelogin and moving login.krb5 to login.k5. If you will be using +the k5dcecon/k5dfspag with the Kerberos mods, you don't need +k5prelogin, or the links changed, and may not need k5dcelogin. + +Note that Transarc has obfuscated the entries to the lib, and +the 1.0.3a is different from the 1.1. You may need to build two +versions of the k5dcelogin and/or k5dcecon one for each. + +AIX ONLY + +The dpagaix routine is needed for AIX because of the way they do the +syscalls. + +The following fix.aix.libdce.mk is not needed if dce 2.1.0.21 +has been installed. This PTF exposed the needed entrypoints. + +The fix.aix.libdce.mk is a Makefile for AIX 4.x to add the required +external entry points to the libdce.a. These are needed by k5dcecon +and k5dcelogin. A bug report was submitted to IBM on this, and it was +rejected. But since DCE 1.2.2 will have a k5dcelogin, this should not +be needed with 1.2.2 + +Copy /usr/lib/libdce.a to /usr/libdce.a.orig before starting. Copy the +makefile to its own directory. It will create a new libdce.a which you +need to copy back to /usr/lib/libdce.a You will need to reboot the +machine. See the /usr/lpp/dce/examples/inst/README.AIX for a similar +procedure. IBM was not responsive in a request to have these added. + +UNTESTED KERNEL EXTENSION FOR SETPAG + +*** src/file/osi/,osi_pag.c Wed Oct 2 13:03:05 1996 +--- src/file/osi/osi_pag.c Mon Jul 28 13:53:13 1997 +*************** +*** 293,298 **** +--- 293,302 ---- + int code; + + osi_MakePreemptionRight(); ++ /* allow sharing of a PAG by non child processes DEE- 6/6/97 */ ++ if (unused && osi_GetUID(osi_getucred()) == 0) { ++ newpag = unused; ++ } else { + osi_mutex_enter(&osi_pagLock); + now = osi_Time(); + soonest = osi_firstPagTime + +*************** +*** 309,314 **** +--- 313,319 ---- + } + osi_mutex_exit(&osi_pagLock); + newpag = osi_genpag(); ++ } + osi_pcred_lock(p); + credp = crcopy(osi_getucred()); + code = osi_SetPagInCred(credp, newpag); + +Created 07/08/96 +Modified 09/30/96 +Modified 11/19/96 +Modified 12/19/96 +Modified 06/20/97 +Modified 07/28/97 +Modified 02/18/98 + + Douglas E. Engert + Argonne National Laboratory + 9700 South Cass Avenue + Argonne, Illinois 60439 + (630) 252-5444 diff --git a/appl/dceutils/dfspag.exp b/appl/dceutils/dfspag.exp new file mode 100644 index 000000000000..ed39788d5ed0 --- /dev/null +++ b/appl/dceutils/dfspag.exp @@ -0,0 +1,3 @@ +#!/unix +* kernel extentions used to get the pag +kafs_syscall syscall diff --git a/appl/dceutils/dpagaix.c b/appl/dceutils/dpagaix.c new file mode 100644 index 000000000000..304a9a230ee0 --- /dev/null +++ b/appl/dceutils/dpagaix.c @@ -0,0 +1,23 @@ +/* + * dpagaix.c + * On AIX we need to get the kernel extentions + * with the DFS kafs_syscall in it. + * We might be running on a system + * where DFS is not active. + * So we use this dummy routine which + * might not load to do the dirty work + * + * DCE does this with the /usr/lib/drivers/dfsloadobj + * + */ + + int dpagaix(parm1, parm2, parm3, parm4, parm5, parm6) + int parm1; + int parm2; + int parm3; + int parm4; + int parm5; + int parm6; + { + return(kafs_syscall(parm1, parm2, parm3, parm4, parm5, parm6)); + } diff --git a/appl/dceutils/k5dce.h b/appl/dceutils/k5dce.h new file mode 100644 index 000000000000..49036249f22a --- /dev/null +++ b/appl/dceutils/k5dce.h @@ -0,0 +1,165 @@ +/* dummy K5 routines which are needed to get this to + * compile without having access ti the DCE versions + * of the header files. + * Thiis is very crude, and OSF needs to expose the K5 + * API. + */ + +#ifdef sun +/* Transarc obfascates these routines */ +#ifdef DCE_1_1 + +#define krb5_init_ets _dce_PkjKqOaklP +#define krb5_copy_creds _dce_LuFxPiITzD +#define krb5_unparse_name _dce_LWHtAuNgRV +#define krb5_get_default_realm _dce_vDruhprWGh +#define krb5_build_principal _dce_qwAalSzTtF +#define krb5_build_principal_ext _dce_vhafIQlejW +#define krb5_build_principal_va _dce_alsqToMmuJ +#define krb5_cc_default _dce_KZRshhTXhE +#define krb5_cc_default_name _dce_bzJVAjHXVQ +#define sec_login_krb5_add_cred _dce_ePDtOJTZvU + +#else /* DCE 1.0.3a */ + +#define krb5_init_ets _dce_BmLRpOVsBo +#define krb5_copy_creds _dce_VGwSEBNwaf +#define krb5_unparse_name _dce_PgAOkJoMXA +#define krb5_get_default_realm _dce_plVOzStKyK +#define krb5_build_principal _dce_uAKSsluIFy +#define krb5_build_principal_ext _dce_tRMpPiRada +#define krb5_build_principal_va _dce_SxnLejZemH +#define krb5_cc_default _dce_SeKosWFnsv +#define krb5_cc_default_name _dce_qJeaphJWVc +#define sec_login_krb5_add_cred _dce_uHwRasumsN + +#endif +#endif + +/* Define the bare minimum k5 structures which are needed + * by this program. Since the krb5 includes are not supplied + * with DCE, these were based on the MIT Kerberos 5 beta 3 + * which should match the DCE as of 1.0.3 at least. + * The tricky one is the krb5_creds, since one is allocated + * by this program, and it needs access to the client principal + * in it. + * Note that there are no function prototypes, so there is no + * compile time checking. + * DEE 07/11/95 + */ +#define NPROTOTYPE(x) () +typedef int krb5_int32; /* assuming all DCE systems are 32 bit */ +typedef short krb5short; /* assuming short is 16 bit */ +typedef krb5_int32 krb5_error_code; +typedef unsigned char krb5_octet; +typedef krb5_octet krb5_boolean; +typedef krb5short krb5_keytype; /* in k5.2 it's a short */ +typedef krb5_int32 krb5_flags; +typedef krb5_int32 krb5_timestamp; /* is a time_t in krb5.h */ + +typedef char * krb5_pointer; /* pointer to unexposed data */ + +typedef struct _krb5_ccache { + struct _krb5_cc_ops *ops; + krb5_pointer data; +} *krb5_ccache; + +typedef struct _krb5_cc_ops { + char *prefix; + char *(*get_name) NPROTOTYPE((krb5_ccache)); + krb5_error_code (*resolve) NPROTOTYPE((krb5_ccache *, char *)); + krb5_error_code (*gen_new) NPROTOTYPE((krb5_ccache *)); + krb5_error_code (*init) NPROTOTYPE((krb5_ccache, krb5_principal)); + krb5_error_code (*destroy) NPROTOTYPE((krb5_ccache)); + krb5_error_code (*close) NPROTOTYPE((krb5_ccache)); + krb5_error_code (*store) NPROTOTYPE((krb5_ccache, krb5_creds *)); + krb5_error_code (*retrieve) NPROTOTYPE((krb5_ccache, krb5_flags, + krb5_creds *, krb5_creds *)); + krb5_error_code (*get_princ) NPROTOTYPE((krb5_ccache, + krb5_principal *)); + krb5_error_code (*get_first) NPROTOTYPE((krb5_ccache, + krb5_cc_cursor *)); + krb5_error_code (*get_next) NPROTOTYPE((krb5_ccache, krb5_cc_cursor *, + krb5_creds *)); + krb5_error_code (*end_get) NPROTOTYPE((krb5_ccache, krb5_cc_cursor *)); + krb5_error_code (*remove_cred) NPROTOTYPE((krb5_ccache, krb5_flags, + krb5_creds *)); + krb5_error_code (*set_flags) NPROTOTYPE((krb5_ccache, krb5_flags)); +} krb5_cc_ops; + +typedef struct _krb5_keyblock { + krb5_keytype keytype; + int length; + krb5_octet *contents; +} krb5_keyblock; + +typedef struct _krb5_ticket_times { + krb5_timestamp authtime; + krb5_timestamp starttime; + krb5_timestamp endtime; + krb5_timestamp renew_till; +} krb5_ticket_times; + +typedef krb5_pointer krb5_cc_cursor; + +typedef struct _krb5_data { + int length; + char *data; +} krb5_data; + +typedef struct _krb5_authdata { + int ad_type; + int length; + krb5_octet *contents; +} krb5_authdata; + +typedef struct _krb5_creds { + krb5_pointer client; + krb5_pointer server; + krb5_keyblock keyblock; + krb5_ticket_times times; + krb5_boolean is_skey; + krb5_flags ticket_flags; + krb5_pointer **addresses; + krb5_data ticket; + krb5_data second_ticket; + krb5_pointer **authdata; +} krb5_creds; + +typedef krb5_pointer krb5_principal; + +#define KRB5_CC_END 336760974 +#define KRB5_TC_OPENCLOSE 0x00000001 + +/* Ticket flags */ +/* flags are 32 bits; each host is responsible to put the 4 bytes + representing these bits into net order before transmission */ +/* #define TKT_FLG_RESERVED 0x80000000 */ +#define TKT_FLG_FORWARDABLE 0x40000000 +#define TKT_FLG_FORWARDED 0x20000000 +#define TKT_FLG_PROXIABLE 0x10000000 +#define TKT_FLG_PROXY 0x08000000 +#define TKT_FLG_MAY_POSTDATE 0x04000000 +#define TKT_FLG_POSTDATED 0x02000000 +#define TKT_FLG_INVALID 0x01000000 +#define TKT_FLG_RENEWABLE 0x00800000 +#define TKT_FLG_INITIAL 0x00400000 +#define TKT_FLG_PRE_AUTH 0x00200000 +#define TKT_FLG_HW_AUTH 0x00100000 +#ifdef PK_INIT +#define TKT_FLG_PUBKEY_PREAUTH 0x00080000 +#define TKT_FLG_DIGSIGN_PREAUTH 0x00040000 +#define TKT_FLG_PRIVKEY_PREAUTH 0x00020000 +#endif + + +#define krb5_cc_get_principal(cache, principal) (*(cache)->ops->get_princ)(cache, principal) +#define krb5_cc_set_flags(cache, flags) (*(cache)->ops->set_flags)(cache, flags) +#define krb5_cc_get_name(cache) (*(cache)->ops->get_name)(cache) +#define krb5_cc_start_seq_get(cache, cursor) (*(cache)->ops->get_first)(cache, cursor) +#define krb5_cc_next_cred(cache, cursor, creds) (*(cache)->ops->get_next)(cache, cursor, creds) +#define krb5_cc_destroy(cache) (*(cache)->ops->destroy)(cache) +#define krb5_cc_end_seq_get(cache, cursor) (*(cache)->ops->end_get)(cache, cursor) + +/* end of k5 dummy typedefs */ + diff --git a/appl/dceutils/k5dcecon.c b/appl/dceutils/k5dcecon.c new file mode 100644 index 000000000000..88cdf281fe71 --- /dev/null +++ b/appl/dceutils/k5dcecon.c @@ -0,0 +1,792 @@ +/* + * (c) Copyright 1995 HEWLETT-PACKARD COMPANY + * + * To anyone who acknowledges that this file is provided + * "AS IS" without any express or implied warranty: + * permission to use, copy, modify, and distribute this + * file for any purpose is hereby granted without fee, + * provided that the above copyright notice and this + * notice appears in all copies, and that the name of + * Hewlett-Packard Company not be used in advertising or + * publicity pertaining to distribution of the software + * without specific, written prior permission. Hewlett- + * Packard Company makes no representations about the + * suitability of this software for any purpose. + * + */ +/* + * k5dcecon - Program to convert a K5 TGT to a DCE context, + * for use with DFS and its PAG. + * + * The program is designed to be called as a sub process, + * and return via stdout the name of the cache which implies + * the PAG which should be used. This program itself does not + * use the cache or PAG itself, so the PAG in the kernel for + * this program may not be set. + * + * The calling program can then use the name of the cache + * to set the KRB5CCNAME and PAG for itself and its children. + * + * If no ticket was passed, an attemplt to join an existing + * PAG will be made. + * + * If a forwarded K5 TGT is passed in, either a new DCE + * context will be created, or an existing one will be updated. + * If the same ticket was already used to create an existing + * context, it will be joined instead. + * + * Parts of this program are based on k5dceauth,c which was + * given to me by HP and by the k5dcelogin.c which I developed. + * A slightly different version of k5dcelogin.c, was added to + * DCE 1.2.2 + * + * D. E. Engert 6/17/97 ANL + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include "k5dce.h" + +#include +#include +#include + +/* #define DEBUG */ +#if defined(DEBUG) +#define DEEDEBUG(A) fprintf(stderr,A); fflush(stderr) +#define DEEDEBUG2(A,B) fprintf(stderr,A,B); fflush(stderr) +#else +#define DEEDEBUG(A) +#define DEEDEBUG2(A,B) +#endif + +#ifdef __hpux +#define seteuid(A) setresuid(-1,A,-1) +#endif + + +int k5dcecreate (uid_t, char *, char*, krb5_creds **); +int k5dcecon (uid_t, char *, char *); +int k5dcegettgt (krb5_ccache *, char *, char *, krb5_creds **); +int k5dcematch (uid_t, char *, char *, off_t *, krb5_creds **); +int k5dcesession (uid_t, char *, krb5_creds **, int *,krb5_flags); + + +char *progname = "k5dcecon"; +static time_t now; + +#ifdef notdef +#ifdef _AIX +/*---------------------------------------------*/ + /* AIX with DCE 1.1 does not have the com_err in the libdce.a + * do a half hearted job of substituting for it. + */ +void com_err(char *p1, int code, ...) +{ + int lst; + dce_error_string_t err_string; + dce_error_inq_text(code, err_string, &lst); + fprintf(stderr,"Error %d in %s: %s\n", code, p1, err_string ); +} + +/*---------------------------------------------*/ +void krb5_init_ets() +{ + +} +#endif +#endif + + +/*------------------------------------------------*/ +/* find a cache to use for our new pag */ +/* Since there is no simple way to determine which + * caches are associated with a pag, we will have + * do look around and see what makes most sense on + * different systems. + * on a Solaris system, and in the DCE source, + * the pags always start with a 41. + * this is not true on the IBM, where there does not + * appear to be any pattern. + * + * But since we are always certifing our creds when + * they are received, we can us that fact, and look + * at the first word of the associated data file + * to see that it has a "5". If not don't use. + */ + +int k5dcesession(luid, pname, tgt, ppag, tflags) + uid_t luid; + char *pname; + krb5_creds **tgt; + int *ppag; + krb5_flags tflags; +{ + DIR *dirp; + struct dirent *direntp; + off_t size; + krb5_timestamp endtime; + int better = 0; + krb5_creds *xtgt; + + char prev_name[17] = ""; + krb5_timestamp prev_endtime; + off_t prev_size; + u_long prev_pag = 0; + + char ccname[64] = "FILE:/opt/dcelocal/var/security/creds/"; + + error_status_t st; + sec_login_handle_t lcontext = 0; + dce_error_string_t err_string; + int lst; + + DEEDEBUG2("k5dcesession looking for flags %8.8x\n",tflags); + + dirp = opendir("/opt/dcelocal/var/security/creds/"); + if (dirp == NULL) { + return 1; + } + + while ( (direntp = readdir( dirp )) != NULL ) { + +/* + * (but root has the ffffffff which we are not interested in) + */ + if (!strncmp(direntp->d_name,"dcecred_",8) + && (strlen(direntp->d_name) == 16)) { + + /* looks like a cache name, lets do the stat, etc */ + + strcpy(ccname+38,direntp->d_name); + if (!k5dcematch(luid, pname, ccname, &size, &xtgt)) { + + /* it's one of our caches, see if it is better + * i.e. the endtime is farther, and if the endtimes + * are the same, take the larger, as he who has the + * most tickets wins. + * it must also had the same set of flags at least + * i.e. if the forwarded TGT is forwardable, this one must + * be as well. + */ + + DEEDEBUG2("Cache:%s",direntp->d_name); + DEEDEBUG2(" size:%d",size); + DEEDEBUG2(" flags:%8.8x",xtgt->ticket_flags); + DEEDEBUG2(" %s",ctime((time_t *)&xtgt->times.endtime)); + + if ((xtgt->ticket_flags & tflags) == tflags ) { + if (prev_name[0]) { + if (xtgt->times.endtime > prev_endtime) { + better = 1; + } else if ((xtgt->times.endtime = prev_endtime) + && (size > prev_size)){ + better = 1; + } + } else { /* the first */ + if (xtgt->times.endtime >= now) { + better = 1; + } + } + if (better) { + strcpy(prev_name, direntp->d_name); + prev_endtime = xtgt->times.endtime; + prev_size = size; + sscanf(prev_name+8,"%8X",&prev_pag); + *tgt = xtgt; + better = 0; + } + } + } + } + } + (void)closedir( dirp ); + + if (!prev_name[0]) + return 1; /* failed to find one */ + + DEEDEBUG2("Best: %s\n",prev_name); + + if (ppag) + *ppag = prev_pag; + + strcpy(ccname+38,prev_name); + setenv("KRB5CCNAME",ccname,1); + + return(0); +} + + +/*----------------------------------------------*/ +/* see if this cache is for this this principal */ + +int k5dcematch(luid, pname, ccname, sizep, tgt) + uid_t luid; + char *pname; + char *ccname; + off_t *sizep; /* size of the file */ + krb5_creds **tgt; +{ + + krb5_ccache cache; + struct stat stbuf; + char ccdata[256]; + int fd; + int status; + + /* DEEDEBUG2("k5dcematch called: cache=%s\n",ccname+38); */ + + if (!strncmp(ccname,"FILE:",5)) { + + strcpy(ccdata,ccname+5); + strcat(ccdata,".data"); + + /* DEEDEBUG2("Checking the .data file for %s\n",ccdata); */ + + if (stat(ccdata, &stbuf)) + return(1); + + if (stbuf.st_uid != luid) + return(1); + + if ((fd = open(ccdata,O_RDONLY)) == -1) + return(1); + + if ((read(fd,&status,4)) != 4) { + close(fd); + return(1); + } + + /* DEEDEBUG2(".data file status = %d\n", status); */ + + if (status != 5) + return(1); + + if (stat(ccname+5, &stbuf)) + return(1); + + if (stbuf.st_uid != luid) + return(1); + + *sizep = stbuf.st_size; + } + + return(k5dcegettgt(&cache, ccname, pname, tgt)); +} + + +/*----------------------------------------*/ +/* k5dcegettgt - get the tgt from a cache */ + +int k5dcegettgt(pcache, ccname, pname, tgt) + krb5_ccache *pcache; + char *ccname; + char *pname; + krb5_creds **tgt; + +{ + krb5_ccache cache; + krb5_cc_cursor cur; + krb5_creds creds; + int code; + int found = 1; + krb5_principal princ; + char *kusername; + krb5_flags flags; + char *sname, *realm, *tgtname = NULL; + + /* Since DCE does not expose much of the Kerberos interface, + * we will have to use what we can. This means setting the + * KRB5CCNAME for each file we want to test + * We will also not worry about freeing extra cache structures + * as this this routine is also not exposed, and this should not + * effect this module. + * We should also free the creds contents, but that is not exposed + * either. + */ + + setenv("KRB5CCNAME",ccname,1); + cache = NULL; + *tgt = NULL; + + if (code = krb5_cc_default(pcache)) { + com_err(progname, code, "while getting ccache"); + goto return2; + } + + DEEDEBUG("Got cache\n"); + flags = 0; + if (code = krb5_cc_set_flags(*pcache, flags)) { + com_err(progname, code,"While setting flags"); + goto return2; + } + DEEDEBUG("Set flags\n"); + if (code = krb5_cc_get_principal(*pcache, &princ)) { + com_err(progname, code, "While getting princ"); + goto return1; + } + DEEDEBUG("Got principal\n"); + if (code = krb5_unparse_name(princ, &kusername)) { + com_err(progname, code, "While unparsing principal"); + goto return1; + } + + DEEDEBUG2("Unparsed to \"%s\"\n", kusername); + DEEDEBUG2("pname is \"%s\"\n", pname); + if (strcmp(kusername, pname)) { + DEEDEBUG("Principals not equal\n"); + goto return1; + } + DEEDEBUG("Principals equal\n"); + + realm = strchr(pname,'@'); + realm++; + + if ((tgtname = malloc(9 + 2 * strlen(realm))) == 0) { + fprintf(stderr,"Malloc failed for tgtname\n"); + goto return1; + } + + strcpy(tgtname,"krbtgt/"); + strcat(tgtname,realm); + strcat(tgtname,"@"); + strcat(tgtname,realm); + + DEEDEBUG2("Getting tgt %s\n", tgtname); + if (code = krb5_cc_start_seq_get(*pcache, &cur)) { + com_err(progname, code, "while starting to retrieve tickets"); + goto return1; + } + + while (!(code = krb5_cc_next_cred(*pcache, &cur, &creds))) { + krb5_creds *cred = &creds; + + if (code = krb5_unparse_name(cred->server, &sname)) { + com_err(progname, code, "while unparsing server name"); + continue; + } + + if (strncmp(sname, tgtname, strlen(tgtname)) == 0) { + DEEDEBUG("FOUND\n"); + if (code = krb5_copy_creds(&creds, tgt)) { + com_err(progname, code, "while copying TGT"); + goto return1; + } + found = 0; + break; + } + /* we should do a krb5_free_cred_contents(creds); */ + } + + if (code = krb5_cc_end_seq_get(*pcache, &cur)) { + com_err(progname, code, "while finishing retrieval"); + goto return2; + } + +return1: + flags = KRB5_TC_OPENCLOSE; + krb5_cc_set_flags(*pcache, flags); /* force a close */ + +return2: + if (tgtname) + free(tgtname); + + return(found); +} + + +/*------------------------------------------*/ +/* Convert a forwarded TGT to a DCE context */ +int k5dcecon(luid, luser, pname) + uid_t luid; + char *luser; + char *pname; +{ + + krb5_creds *ftgt = NULL; + krb5_creds *tgt = NULL; + unsigned32 dfspag; + boolean32 reset_passwd = 0; + int lst; + dce_error_string_t err_string; + char *shell_prog; + krb5_ccache fcache; + char *ccname; + char *kusername; + char *urealm; + char *cp; + int pag; + int code; + krb5_timestamp endtime; + + + /* If there is no cache to be converted, we should not be here */ + + if ((ccname = getenv("KRB5CCNAME")) == NULL) { + DEEDEBUG("No KRB5CCNAME\n"); + return(1); + } + + if (k5dcegettgt(&fcache, ccname, pname, &ftgt)) { + fprintf(stderr, "%s: Did not find TGT\n", progname); + return(1); + } + + + DEEDEBUG2("flags=%x\n",ftgt->ticket_flags); + if (!(ftgt->ticket_flags & TKT_FLG_FORWARDABLE)){ + fprintf(stderr,"Ticket not forwardable\n"); + return(0); /* but OK to continue */ + } + + setenv("KRB5CCNAME","",1); + +#define TKT_ACCEPTABLE (TKT_FLG_FORWARDABLE | TKT_FLG_PROXIABLE \ + | TKT_FLG_MAY_POSTDATE | TKT_FLG_RENEWABLE | TKT_FLG_HW_AUTH \ + | TKT_FLG_PRE_AUTH) + + if (!k5dcesession(luid, pname, &tgt, &pag, + (ftgt->ticket_flags & TKT_ACCEPTABLE))) { + if (ftgt->times.endtime > tgt->times.endtime) { + DEEDEBUG("Updating existing cache\n"); + return(k5dceupdate(&ftgt, pag)); + } else { + DEEDEBUG("Using existing cache\n"); + return(0); /* use the original one */ + } + } + /* see if the tgts match up */ + + if ((code = k5dcecreate(luid, luser, pname, &ftgt))) { + return (code); + } + + /* + * Destroy the Kerberos5 cred cache file. + * but dont care aout the return code. + */ + + DEEDEBUG("Destroying the old cache\n"); + if ((code = krb5_cc_destroy(fcache))) { + com_err(progname, code, "while destroying Kerberos5 ccache"); + } + return (0); +} + + +/*--------------------------------------------------*/ +/* k5dceupdate - update the cache with a new TGT */ +/* Assumed that the KRB5CCNAME has been set */ + +int k5dceupdate(krbtgt, pag) + krb5_creds **krbtgt; + int pag; +{ + + krb5_ccache ccache; + int code; + + if (code = krb5_cc_default(&ccache)) { + com_err(progname, code, "while opening cache for update"); + return(2); + } + + if (code = ccache->ops->init(ccache,(*krbtgt)->client)) { + com_err(progname, code, "while reinitilizing cache"); + return(3); + } + + /* krb5_cc_store_cred */ + if (code = ccache->ops->store(ccache, *krbtgt)) { + com_err(progname, code, "while updating cache"); + return(2); + } + + sec_login_pag_new_tgt(pag, (*krbtgt)->times.endtime); + return(0); +} +/*--------------------------------------------------*/ +/* k5dcecreate - create a new DCE context */ + +int k5dcecreate(luid, luser, pname, krbtgt) + uid_t luid; + char *luser; + char *pname; + krb5_creds **krbtgt; +{ + + char *cp; + char *urealm; + char *username; + char *defrealm; + uid_t uid; + + error_status_t st; + sec_login_handle_t lcontext = 0; + sec_login_auth_src_t auth_src = 0; + boolean32 reset_passwd = 0; + int lst; + dce_error_string_t err_string; + + setenv("KRB5CCNAME","",1); /* make sure it not misused */ + + uid = getuid(); + DEEDEBUG2("uid=%d\n",uid); + + /* if run as root, change to user, so as to have the + * cache created for the local user even if cross-cell + * If run as a user, let standard file protection work. + */ + + if (uid == 0) { + if (seteuid(luid) < 0) + goto abort; + } + + cp = strchr(pname,'@'); + *cp = '\0'; + urealm = ++cp; + + DEEDEBUG2("basename=%s\n",cp); + DEEDEBUG2("realm=%s\n",urealm); + + /* now build the username as a single string or a /.../cell/user + * if this is a cross cell + */ + + if ((username = malloc(7+strlen(pname)+strlen(urealm))) == 0) { + fprintf(stderr,"Malloc failed for username\n"); + goto abort; + } + if (krb5_get_default_realm(&defrealm)) { + DEEDEBUG("krb5_get_default_realm failed\n"); + goto abort; + } + + + if (!strcmp(urealm,defrealm)) { + strcpy(username,pname); + } else { + strcpy(username,"/.../"); + strcat(username,urealm); + strcat(username,"/"); + strcat(username,pname); + } + + /* + * Setup a DCE login context + */ + + if (sec_login_setup_identity((unsigned_char_p_t)username, + (sec_login_external_tgt|sec_login_proxy_cred), + &lcontext, &st)) { + /* + * Add our TGT. + */ + DEEDEBUG("Adding our new TGT\n"); + sec_login_krb5_add_cred(lcontext, *krbtgt, &st); + if (st) { + dce_error_inq_text(st, err_string, &lst); + fprintf(stderr, + "Error while adding credentials for %s because %s\n", + username, err_string); + goto abort; + } + DEEDEBUG("validating and certifying\n"); + /* + * Now "validate" and certify the identity, + * usually we would pass a password here, but... + * sec_login_valid_and_cert_ident + * sec_login_validate_identity + */ + + if (sec_login_validate_identity(lcontext, 0, &reset_passwd, + &auth_src, &st)) { + DEEDEBUG2("validate_identity st=%d\n",st); + if (st) { + dce_error_inq_text(st, err_string, &lst); + fprintf(stderr, "Validation error for %s because %s\n", + username, err_string); + goto abort; + } + if (!sec_login_certify_identity(lcontext,&st)) { + dce_error_inq_text(st, err_string, &lst); + fprintf(stderr, + "Credentials not certified because %s\n",err_string); + } + if (reset_passwd) { + fprintf(stderr, + "Password must be changed for %s\n", username); + } + if (auth_src == sec_login_auth_src_local) { + fprintf(stderr, + "Credentials obtained from local registry for %s\n", + username); + } + if (auth_src == sec_login_auth_src_overridden) { + fprintf(stderr, "Validated %s from local override entry, no network credentials obtained\n", username); + goto abort; + + } + /* + * Actually create the cred files. + */ + DEEDEBUG("Ceating new cred files.\n"); + sec_login_set_context(lcontext, &st); + if (st) { + dce_error_inq_text(st, err_string, &lst); + fprintf(stderr, + "Unable to set context for %s because %s\n", + username, err_string); + goto abort; + } + + /* + * Now free up the local context and leave the + * network context with its pag + */ +#if 0 + sec_login_release_context(&lcontext, &st); + if (st) { + dce_error_inq_text(st, err_string, &lst); + fprintf(stderr, + "Unable to release context for %s because %s\n", + username, err_string); + goto abort; + } +#endif + } + else { + DEEDEBUG2("validate failed %d\n",st); + dce_error_inq_text(st, err_string, &lst); + fprintf(stderr, + "Unable to validate %s because %s\n", username, + err_string); + goto abort; + } + } + else { + dce_error_inq_text(st, err_string, &lst); + fprintf(stderr, + "Unable to setup login entry for %s because %s\n", + username, err_string); + goto abort; + } + + done: + /* if we were root, get back to root */ + + DEEDEBUG2("sec_login_inq_pag %8.8x\n", + sec_login_inq_pag(lcontext, &st)); + + if (uid == 0) { + seteuid(0); + } + + DEEDEBUG("completed\n"); + return(0); + + abort: + if (uid == 0) { + seteuid(0); + } + + DEEDEBUG("Aborting\n"); + return(2); +} + + + +/*-------------------------------------------------*/ +main(argc, argv) + int argc; + char *argv[]; +{ + int status; + extern int optind; + extern char *optarg; + int rv; + + char *lusername = NULL; + char *pname = NULL; + int fflag = 0; + struct passwd *pw; + uid_t luid; + uid_t myuid; + char *ccname; + krb5_creds *tgt = NULL; + +#ifdef DEBUG + close(2); + open("/tmp/k5dce.debug",O_WRONLY|O_CREAT|O_APPEND, 0600); +#endif + + if (myuid = getuid()) { + DEEDEBUG2("UID = %d\n",myuid); + exit(33); /* must be root to run this, get out now */ + } + + while ((rv = getopt(argc,argv,"l:p:fs")) != -1) { + DEEDEBUG2("Arg = %c\n", rv); + switch(rv) { + case 'l': /* user name */ + lusername = optarg; + DEEDEBUG2("Optarg = %s\n", optarg); + break; + case 'p': /* principal name */ + pname = optarg; + DEEDEBUG2("Optarg = %s\n", optarg); + break; + case 'f': /* convert a forwarded TGT to a context */ + fflag++; + break; + case 's': /* old test parameter, ignore it */ + break; + } + } + + setlocale(LC_ALL, ""); + krb5_init_ets(); + time(&now); /* set time to check expired tickets */ + + /* if lusername == NULL, Then user is passed as the USER= variable */ + + if (!lusername) { + lusername = getenv("USER"); + if (!lusername) { + fprintf(stderr, "USER not in environment\n"); + return(3); + } + } + + if ((pw = getpwnam(lusername)) == NULL) { + fprintf(stderr, "Who are you?\n"); + return(44); + } + + luid = pw->pw_uid; + + if (fflag) { + status = k5dcecon(luid, lusername, pname); + } else { + status = k5dcesession(luid, pname, &tgt, NULL, 0); + } + + if (!status) { + printf("%s",getenv("KRB5CCNAME")); /* return via stdout to caller */ + DEEDEBUG2("KRB5CCNAME=%s\n",getenv("KRB5CCNAME")); + } + + DEEDEBUG2("Returning status %d\n",status); + return (status); +} diff --git a/appl/dceutils/testpag.c b/appl/dceutils/testpag.c new file mode 100644 index 000000000000..8c9bf4a653b5 --- /dev/null +++ b/appl/dceutils/testpag.c @@ -0,0 +1,150 @@ +/* Test the k5dcepag routine by setting a pag, and + * and execing a shell under this pag. + * + * This allows you to join a PAG which was created + * earlier by some other means. + * for example k5dcecon + * + * Must be run as root for testing only. + * + */ + +#include +#include +#include +#include +#include +#include +#include + +#define POSIX_SETJMP +#define POSIX_SIGNALS + +#ifdef POSIX_SIGNALS +typedef struct sigaction handler; +#define handler_init(H,F) (sigemptyset(&(H).sa_mask), \ + (H).sa_flags=0, \ + (H).sa_handler=(F)) +#define handler_swap(S,NEW,OLD) sigaction(S, &NEW, &OLD) +#define handler_set(S,OLD) sigaction(S, &OLD, NULL) +#else +typedef sigtype (*handler)(); +#define handler_init(H,F) ((H) = (F)) +#define handler_swap(S,NEW,OLD) ((OLD) = signal ((S), (NEW))) + +#define handler_set(S,OLD) (signal ((S), (OLD))) +#endif + +typedef void sigtype; + +/* + * We could include the dcedfs/syscall.h which should have these + * numbers, but it has extra baggage. So for + * simplicity sake now, we define these here. + */ + + +#define AFSCALL_SETPAG 2 +#define AFSCALL_GETPAG 11 + +#if defined(sun) +#define AFS_SYSCALL 72 + +#elif defined(hpux) +/* assume HPUX 10 + or is it 50 */ +#define AFS_SYSCALL 326 + +#elif defined(_AIX) +#define DPAGAIX "dpagaix" +/* #define DPAGAIX "/krb5/sbin/dpagaix" */ + +#elif defined(sgi) || defined(_sgi) +#define AFS_SYSCALL 206+1000 + +#else +#define AFS_SYSCALL (Unknown_DFS_AFS_SYSCALL) +#endif + +static sigjmp_buf setpag_buf; + +static sigtype mysig() +{ + siglongjmp(setpag_buf, 1); +} + + +int krb5_dfs_newpag(new_pag) + int new_pag; +{ + handler sa1, osa1; + handler sa2, osa2; + int pag = -1; + + handler_init (sa1, mysig); + handler_init (sa2, mysig); + handler_swap (SIGSYS, sa1, osa1); + handler_swap (SIGSEGV, sa2, osa2); + + if (sigsetjmp(setpag_buf, 1) == 0) { +#if defined(_AIX) + int (*dpagaix)(int, int, int, int, int, int); + + if (dpagaix = load(DPAGAIX, 0, 0)) + pag = (*dpagaix)(AFSCALL_SETPAG, new_pag, 0, 0, 0, 0); +#else + pag = syscall(AFS_SYSCALL,AFSCALL_SETPAG, new_pag, 0, 0, 0, 0); +#endif + handler_set (SIGSYS, osa1); + handler_set (SIGSEGV, osa2); + return(pag); + } + + fprintf(stderr,"Setpag failed with a system error\n"); + /* syscall failed! return 0 */ + handler_set (SIGSYS, osa1); + handler_set (SIGSEGV, osa2); + return(-1); +} + +main(argc, argv) + int argc; + char *argv[]; +{ + extern int optind; + extern char *optarg; + int rv; + int rc; + unsigned int pag; + unsigned int newpag = 0; + char ccname[256]; + int nflag = 0; + + while((rv = getopt(argc,argv,"n:")) != -1) { + switch(rv) { + case 'n': + nflag++; + sscanf(optarg,"%8x",&newpag); + break; + default: + printf("Usage: k5dcepagt -n pag \n"); + exit(1); + } + } + + if (nflag) { + fprintf (stderr,"calling k5dcepag newpag=%8.8x\n",newpag); + pag = krb5_dfs_newpag(newpag); + + fprintf (stderr,"PAG returned = %8.8x\n",pag); + if ((pag != 0) && (pag != -1)) { + sprintf (ccname, + "FILE:/opt/dcelocal/var/security/creds/dcecred_%8.8x", + pag); + esetenv("KRB5CCNAME",ccname,1); + execl("/bin/csh", "csh", NULL); + } + else { + fprintf(stderr," Not a good pag value\n"); + } + } +} diff --git a/appl/ftp/ChangeLog b/appl/ftp/ChangeLog index 139e193d0541..72df672d6987 100644 --- a/appl/ftp/ChangeLog +++ b/appl/ftp/ChangeLog @@ -1,8 +1,24 @@ -2007-07-12 Love Hörnquist Åstrand +2008-05-29 Love Hörnquist Ã…strand + + * ftp/ftp.c: use the correct length to munmap and use msync. + +2008-05-28 Love Hörnquist Ã…strand + + * ftp/ftp.c: Rewrite sliding window code so it doesn't have a + integer overrun. + + * ftp/ftp.c: Try sliding mmap window over memory file (10MB + window), works better with larger files (ie doesn't fail). + +2008-04-10 Love Hörnquist Ã…strand + + * ftpd/logwtmp.c: Use asl for logging ftpd wtmp messages. + +2007-07-12 Love Hörnquist Ã…strand * ftp/gssapi.c: Fix pointer vs strict alias rules. -2007-06-20 Love Hörnquist Åstrand +2007-06-20 Love Hörnquist Ã…strand * ftp/security.c: if no mech have no session, its ok, just don't call it. @@ -11,20 +27,20 @@ * move ksetpag after initgroups to make it work on Linux when its without syscall hooks to change sys_setgroups preserve the - pag. From Alexsander Boström. + pag. From Alexsander Boström. -2007-06-09 Love Hörnquist Åstrand +2007-06-09 Love Hörnquist Ã…strand * ftpd/Makefile.am: don't clean yacc/lex files in CLEANFILES, maintainers clean will do that for us. -2006-10-07 Love Hörnquist Åstrand +2006-10-07 Love Hörnquist Ã…strand * ftpd/Makefile.am: Add man_MANS to EXTRA_DIST * ftp/Makefile.am: Add man_MANS to EXTRA_DIST -2006-08-08 Love Hörnquist Åstrand +2006-08-08 Love Hörnquist Ã…strand * ftpd/ftpd.c: Add comment by seteuid call isn't not needed. @@ -32,16 +48,16 @@ advisory. Thanks to Tom Yu at MIT, and Michael Calmer and Marcus Meissner at SUSE. Either of CVE-2006-3083 or CVE-2006-3084. -2006-06-27 Love Hörnquist Åstrand +2006-06-27 Love Hörnquist Ã…strand * ftpd/gss_userok.c (gss_userok): create a local krb5_context and use that instead of the libgssapi context (that might not exist). -2006-05-05 Love Hörnquist Åstrand +2006-05-05 Love Hörnquist Ã…strand * Rename u_intXX_t to uintXX_t -2006-03-23 Love Hörnquist Åstrand +2006-03-23 Love Hörnquist Ã…strand * ftp/ftp.1: Add undocument flags and spelling, from Ted Percival @@ -51,7 +67,7 @@ * ftpd/ftpd.8: fix grammar in --no-insecure-oob option (partly from Thomas Klausner) -2006-01-24 Love Hörnquist Åstrand +2006-01-24 Love Hörnquist Ã…strand * ftp/ftp.c: Indent. @@ -59,20 +75,20 @@ * ftpd/ftpd.c (pass): remove unused variable in the !OTP case -2005-10-22 Love Hörnquist Åstrand +2005-10-22 Love Hörnquist Ã…strand * ftpd/ls.c: Check return value from asprintf instead of string != - NULL since it undefined behavior on Linux. From Björn Sandell + NULL since it undefined behavior on Linux. From Björn Sandell * ftpd/gss_userok.c: Check return value from asprintf instead of - string != NULL since it undefined behavior on Linux. From Björn + string != NULL since it undefined behavior on Linux. From Björn Sandell * ftpd/ftpd.c: Check return value from asprintf instead of string - != NULL since it undefined behavior on Linux. From Björn Sandell + != NULL since it undefined behavior on Linux. From Björn Sandell * ftp/gssapi.c: Check return value from asprintf instead of string - != NULL since it undefined behavior on Linux. From Björn Sandell + != NULL since it undefined behavior on Linux. From Björn Sandell 2005-10-12 Johan Danielsson @@ -95,7 +111,7 @@ * ftp/main.c: add -x (encrypt) option -2005-07-19 Love Hörnquist Åstrand +2005-07-19 Love Hörnquist Ã…strand * ftpd/ftpcmd.y: Fix shadow warning. @@ -108,11 +124,11 @@ * ftp/cmds.c: fix shadow warnings - * Add Kerberos 5 klist, old patch from Tomas Nyström (remove krb4 + * Add Kerberos 5 klist, old patch from Tomas Nyström (remove krb4 support). Support klist in client for kerberos 5 clase. Clean up delegation of gss tokens and do afslog. -2005-07-13 Love Hörnquist Åstrand +2005-07-13 Love Hörnquist Ã…strand * ftp/gssapi.c (gss_adat): avoid leaking memory (gss_auth): always try next kname if there is one, independant of @@ -121,7 +137,7 @@ * ftp/gssapi.c: avoid const warning, use sin4 instead of sin to avoid shadow warning, free target_name -2005-07-09 Love Hörnquist Åstrand +2005-07-09 Love Hörnquist Ã…strand * ftp/security.c: keep track of if CCC was passed @@ -130,12 +146,12 @@ * ftpd/ftpcmd.y: sprinkel check_secure, check if CCC was passed in check_secure -2005-06-02 Love Hörnquist Åstrand +2005-06-02 Love Hörnquist Ã…strand * ftpd/ftpd.c (filename_check): change signednes of p to avoid warning, move typecasts -2005-05-29 Love Hörnquist Åstrand +2005-05-29 Love Hörnquist Ã…strand * ftpd/ftpd.c: avoid 'unused variable' warnings @@ -143,45 +159,45 @@ * ftpd/pathnames.h: #ifdef protect _PATH_ISSUE -2005-04-25 Love Hörnquist Åstrand +2005-04-25 Love Hörnquist Ã…strand * ftp/domacro.c: handle string trunctions -2005-04-24 Love Hörnquist Åstrand +2005-04-24 Love Hörnquist Ã…strand * ftp/security.c: use strlcat * ftp/domacro.c: use strlcpy -2005-04-20 Love Hörnquist Åstrand +2005-04-20 Love Hörnquist Ã…strand * ftp/security.c: cast size_t to unsigned long -2005-04-18 Love Hörnquist Åstrand +2005-04-18 Love Hörnquist Ã…strand * ftpd/ftpd.c (statcmd): cast argument to isdigit to unsigned char * ftp/cmds.c (mget): cast char to unsigned char to make sure its not negative when passing it to tolower -2005-04-07 Love Hörnquist Åstrand +2005-04-07 Love Hörnquist Ã…strand * ftp/ftp.c: fix 3 'var' might be used uninitialized warnings -2005-04-04 Love Hörnquist Åstrand +2005-04-04 Love Hörnquist Ã…strand * ftp/cmds.c: MacOS is also a unix that doesn't define __unix__/unix While here, rewrite this part of the function to not modify that string, but rather take a copy of it and them modify is, all this just to pacify gcc -2005-01-09 Love Hörnquist Åstrand +2005-01-09 Love Hörnquist Ã…strand * ftp/domacro.c: cast argument to is* to unsigned char * ftp/ftp.c: cast argument to tolower to unsigned char -2004-08-20 Love Hörnquist Åstrand +2004-08-20 Love Hörnquist Ã…strand * ftp/ftp.c: send ABOR protect with security layer if its there @@ -200,16 +216,16 @@ * ftp/main.c: reverse help strings for --no-gss-bindings and --no-gss-delegate -2004-06-20 Love Hörnquist Åstrand +2004-06-20 Love Hörnquist Ã…strand * ftpd/ftpcmd.y: make cbuf 64k to handle lager tickets From: MAAAAA MOOOR -2004-03-14 Love Hörnquist Åstrand +2004-03-14 Love Hörnquist Ã…strand * ftpd/ftpd.c (main): setpag if there is krb4 OR krb5 support -2003-12-19 Love Hörnquist Åstrand +2003-12-19 Love Hörnquist Ã…strand * ftp/security.h: add ftp_do_gss_delegate @@ -217,13 +233,13 @@ * ftp/gssapi.c (ftp_do_gss_delegate): delegate creds (default on) -2003-09-03 Love Hörnquist Åstrand +2003-09-03 Love Hörnquist Ã…strand * ftp/ftp.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ * ftp/cmds.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ -2003-07-19 Love Hörnquist Åstrand +2003-07-19 Love Hörnquist Ã…strand * ftp/security.h: add ftp_do_gss_bindings @@ -246,7 +262,7 @@ * ftp/gssapi.c (gss_adat): fix name allocation bug -2003-05-21 Love Hörnquist Åstrand +2003-05-21 Love Hörnquist Ã…strand * ftpd/gss_userok.c (gss_userok): release delegated cred handle @@ -256,12 +272,12 @@ * ftpd/gss_userok.c (gss_userok): remove poking inside the delegated handle -2003-05-14 Love Hörnquist Åstrand +2003-05-14 Love Hörnquist Ã…strand * ftpd/ftpcmd.y: support afslog and afslog when compiled with krb5 -2003-05-07 Love Hörnquist Åstrand +2003-05-07 Love Hörnquist Ã…strand * ftp/cmdtab.c: include afslog in both the krb4 and krb5 case @@ -269,21 +285,21 @@ * ftp/Makefile.am: always include auth.c -2003-05-07 Love Hörnquist Åstrand +2003-05-07 Love Hörnquist Ã…strand * ftpd/Makefile.am: always include auth.c * ftpd/kauth.c: do afslog in the krb5 case too -2003-04-22 Love Hörnquist Åstrand +2003-04-22 Love Hörnquist Ã…strand * ftp/ftp.1: replace > with \*[Gt] -2003-04-16 Love Hörnquist Åstrand +2003-04-16 Love Hörnquist Ã…strand * ftpd/ftpd.c: make sure argument to is* functions are unsigned -2003-04-06 Love Hörnquist Åstrand +2003-04-06 Love Hörnquist Ã…strand * ftpd/ftpd.8: s/kerberos/Kerberos/ @@ -291,7 +307,7 @@ * ftpd/pathnames.h (_PATH_FTPUSERS): conditionalize -2003-03-18 Love Hörnquist Åstrand +2003-03-18 Love Hörnquist Ã…strand * ftpd/ftpd.c (krb5_verify): always do krb5_afslog, remove setpag (its done in main) @@ -305,17 +321,17 @@ * ftpd/ftpd_locl.h: always include kafs -2003-03-16 Love Hörnquist Åstrand +2003-03-16 Love Hörnquist Ã…strand * ftp/gssapi.c (gss_adat): now that gss_export_name exports a principal, bandaid with gss_display_name, and check that oid is GSS_KRB5_NT_PRINCIPAL_NAME, also free memory -2003-02-25 Love Hörnquist Åstrand +2003-02-25 Love Hörnquist Ã…strand * ftp/gssapi.c (gss_auth): print out the name we authenticated too -2003-02-25 Love Hörnquist Åstrand +2003-02-25 Love Hörnquist Ã…strand * ftpd/ls.c: use readlink with bufsize - 1, From NetBSD @@ -329,7 +345,7 @@ 2002-10-29 Johan Danielsson - * ftp/main.c: reinstate -n flag (from Torbjörn Granlund) + * ftp/main.c: reinstate -n flag (from Torbjörn Granlund) 2002-10-16 Johan Danielsson diff --git a/appl/ftp/Makefile.am b/appl/ftp/Makefile.am index 44116ee34a8d..efea85d0e59e 100644 --- a/appl/ftp/Makefile.am +++ b/appl/ftp/Makefile.am @@ -1,5 +1,7 @@ -# $Id: Makefile.am 5652 1999-03-20 13:58:20Z joda $ +# $Id$ include $(top_srcdir)/Makefile.am.common SUBDIRS = common ftp ftpd + +EXTRA_DIST = NTMakefile \ No newline at end of file diff --git a/appl/ftp/Makefile.in b/appl/ftp/Makefile.in index 3bb9eda715aa..9930a95bbd09 100644 --- a/appl/ftp/Makefile.in +++ b/appl/ftp/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +15,16 @@ @SET_MAKE@ -# $Id: Makefile.am 5652 1999-03-20 13:58:20Z joda $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -43,7 +45,7 @@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ subdir = appl/ftp ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -58,7 +60,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -72,9 +74,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -82,14 +87,13 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = +CONFIG_CLEAN_VPATH_FILES = SOURCES = DIST_SOURCES = RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ @@ -101,57 +105,94 @@ RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ ps-recursive uninstall-recursive RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive +AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \ + $(RECURSIVE_CLEAN_TARGETS:-recursive=) tags TAGS ctags CTAGS \ + distdir ETAGS = etags CTAGS = ctags DIST_SUBDIRS = $(SUBDIRS) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -175,10 +216,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -195,6 +237,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -210,31 +254,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -249,10 +307,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -293,47 +353,53 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la SUBDIRS = common ftp ftpd +EXTRA_DIST = NTMakefile all: all-recursive .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/ftp/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/ftp/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/ftp/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/ftp/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -351,6 +417,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): mostlyclean-libtool: -rm -f *.lo @@ -365,7 +432,7 @@ clean-libtool: # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. $(RECURSIVE_TARGETS): - @failcom='exit 1'; \ + @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ *=* | --[!k]*);; \ @@ -382,7 +449,7 @@ $(RECURSIVE_TARGETS): else \ local_target="$$target"; \ fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ @@ -390,7 +457,7 @@ $(RECURSIVE_TARGETS): fi; test -z "$$fail" $(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ + @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ *=* | --[!k]*);; \ @@ -416,16 +483,16 @@ $(RECURSIVE_CLEAN_TARGETS): else \ local_target="$$target"; \ fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ done ctags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ done ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) @@ -433,14 +500,14 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ include_option=--etags-include; \ @@ -452,39 +519,43 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -505,29 +576,44 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test -d "$(distdir)/$$subdir" \ || $(MKDIR_P) "$(distdir)/$$subdir" \ || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ am__remove_distdir=: \ am__skip_length_check=: \ + am__skip_mode_fix=: \ distdir) \ || exit 1; \ fi; \ @@ -561,6 +647,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -579,6 +666,8 @@ dvi-am: html: html-recursive +html-am: + info: info-recursive info-am: @@ -586,23 +675,31 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-recursive +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-recursive +install-html-am: + install-info: install-info-recursive +install-info-am: + install-man: install-pdf: install-pdf-recursive +install-pdf-am: + install-ps: install-ps-recursive +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-recursive @@ -624,9 +721,9 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am +.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) check-am \ + ctags-recursive install-am install-data-am install-exec-am \ + install-strip tags-recursive uninstall-am .PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ all all-am all-local check check-am check-local clean \ @@ -712,6 +809,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -797,7 +897,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -810,6 +910,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/ftp/NTMakefile b/appl/ftp/NTMakefile new file mode 100644 index 000000000000..097379d80bee --- /dev/null +++ b/appl/ftp/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\ftp + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/ftp/common/Makefile.am b/appl/ftp/common/Makefile.am index 304fcd15683b..1b0ebf2bfcb2 100644 --- a/appl/ftp/common/Makefile.am +++ b/appl/ftp/common/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 14164 2004-08-26 11:55:29Z joda $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -10,3 +10,5 @@ libcommon_a_SOURCES = \ sockbuf.c \ buffer.c \ common.h + +EXTRA_DIST = NTMakefile \ No newline at end of file diff --git a/appl/ftp/common/Makefile.in b/appl/ftp/common/Makefile.in index 1c5338a7b8ce..f3ec619cf3d1 100644 --- a/appl/ftp/common/Makefile.in +++ b/appl/ftp/common/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 14164 2004-08-26 11:55:29Z joda $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -44,7 +46,7 @@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ subdir = appl/ftp/common ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -59,7 +61,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -73,9 +75,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -83,21 +88,22 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = LIBRARIES = $(noinst_LIBRARIES) ARFLAGS = cru libcommon_a_AR = $(AR) $(ARFLAGS) libcommon_a_LIBADD = am_libcommon_a_OBJECTS = sockbuf.$(OBJEXT) buffer.$(OBJEXT) libcommon_a_OBJECTS = $(am_libcommon_a_OBJECTS) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -116,49 +122,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -182,10 +197,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -202,6 +218,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -217,31 +235,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -256,10 +288,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -300,30 +334,34 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_krb4) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la noinst_LIBRARIES = libcommon.a libcommon_a_SOURCES = \ @@ -331,22 +369,23 @@ libcommon_a_SOURCES = \ buffer.c \ common.h +EXTRA_DIST = NTMakefile all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/ftp/common/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/ftp/common/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/ftp/common/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/ftp/common/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -364,6 +403,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -378,14 +418,29 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/buffer.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sockbuf.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo @@ -398,45 +453,49 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -457,13 +516,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -495,6 +558,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -505,6 +569,7 @@ clean-am: clean-generic clean-libtool clean-noinstLIBRARIES \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -515,6 +580,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -522,26 +589,35 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -561,9 +637,8 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-generic clean-libtool clean-noinstLIBRARIES ctags \ @@ -648,6 +723,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -733,7 +811,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -746,6 +824,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/ftp/common/NTMakefile b/appl/ftp/common/NTMakefile new file mode 100644 index 000000000000..8f61c745f315 --- /dev/null +++ b/appl/ftp/common/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\ftp\common + +!include ../../../windows/NTMakefile.w32 + diff --git a/appl/ftp/common/buffer.c b/appl/ftp/common/buffer.c index 3bca113663ec..fca90ce31b01 100644 --- a/appl/ftp/common/buffer.c +++ b/appl/ftp/common/buffer.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995-2000 Kungliga Tekniska Högskolan + * Copyright (c) 1995-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -36,7 +36,7 @@ #include #include "roken.h" -RCSID("$Id: buffer.c 9129 2000-10-23 04:49:25Z joda $"); +RCSID("$Id$"); /* * Allocate a buffer enough to handle st->st_blksize, if diff --git a/appl/ftp/common/common.h b/appl/ftp/common/common.h index 76168596dce4..e6621dd685ff 100644 --- a/appl/ftp/common/common.h +++ b/appl/ftp/common/common.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: common.h 7463 1999-12-02 16:58:55Z joda $ */ +/* $Id$ */ #ifdef HAVE_CONFIG_H #include diff --git a/appl/ftp/common/sockbuf.c b/appl/ftp/common/sockbuf.c index bb9068afc0b7..bb2a5fd7905c 100644 --- a/appl/ftp/common/sockbuf.c +++ b/appl/ftp/common/sockbuf.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -39,16 +39,30 @@ #include #endif -RCSID("$Id: sockbuf.c 7463 1999-12-02 16:58:55Z joda $"); +RCSID("$Id$"); void set_buffer_size(int fd, int read) { #if defined(SO_RCVBUF) && defined(SO_SNDBUF) && defined(HAVE_SETSOCKOPT) - size_t size = 4194304; - while(size >= 131072 && - setsockopt(fd, SOL_SOCKET, read ? SO_RCVBUF : SO_SNDBUF, - (void *)&size, sizeof(size)) < 0) + int size = 4194304; + int optname = read ? SO_RCVBUF : SO_SNDBUF; + +#ifdef HAVE_GETSOCKOPT + int curr=0; + socklen_t optlen; + + optlen = sizeof(curr); + if(getsockopt(fd, SOL_SOCKET, optname, (void *)&curr, &optlen) == 0) { + if(curr >= size) { + /* Already large enough */ + return; + } + } +#endif /* HAVE_GETSOCKOPT */ + + while(size >= 131072 && + setsockopt(fd, SOL_SOCKET, optname, (void *)&size, sizeof(size)) < 0) size /= 2; #endif } diff --git a/appl/ftp/ftp/Makefile.am b/appl/ftp/ftp/Makefile.am index 24679dc5599f..e47580dfc182 100644 --- a/appl/ftp/ftp/Makefile.am +++ b/appl/ftp/ftp/Makefile.am @@ -1,16 +1,13 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -AM_CPPFLAGS += -I$(srcdir)/../common $(INCLUDE_readline) $(INCLUDE_krb4) $(INCLUDE_hcrypto) +AM_CPPFLAGS += -I$(srcdir)/../common $(INCLUDE_readline) $(INCLUDE_hcrypto) bin_PROGRAMS = ftp CHECK_LOCAL = -if KRB4 -krb4_sources = krb4.c -endif if KRB5 krb5_sources = gssapi.c endif @@ -30,10 +27,9 @@ ftp_SOURCES = \ security.c \ security.h \ kauth.c \ - $(krb4_sources) \ $(krb5_sources) -EXTRA_ftp_SOURCES = krb4.c gssapi.c +EXTRA_ftp_SOURCES = gssapi.c man_MANS = ftp.1 @@ -41,9 +37,8 @@ LDADD = \ ../common/libcommon.a \ $(LIB_gssapi) \ $(LIB_krb5) \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(LIB_roken) \ $(LIB_readline) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) diff --git a/appl/ftp/ftp/Makefile.in b/appl/ftp/ftp/Makefile.in index 431d087fec78..bd3810b36886 100644 --- a/appl/ftp/ftp/Makefile.in +++ b/appl/ftp/ftp/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,7 +47,7 @@ bin_PROGRAMS = ftp$(EXEEXT) subdir = appl/ftp/ftp ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -60,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -74,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -84,33 +89,32 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) am__ftp_SOURCES_DIST = cmds.c cmdtab.c extern.h ftp.c ftp_locl.h \ ftp_var.h main.c pathnames.h ruserpass.c domacro.c globals.c \ - security.c security.h kauth.c krb4.c gssapi.c -@KRB4_TRUE@am__objects_1 = krb4.$(OBJEXT) -@KRB5_TRUE@am__objects_2 = gssapi.$(OBJEXT) + security.c security.h kauth.c gssapi.c +@KRB5_TRUE@am__objects_1 = gssapi.$(OBJEXT) am_ftp_OBJECTS = cmds.$(OBJEXT) cmdtab.$(OBJEXT) ftp.$(OBJEXT) \ main.$(OBJEXT) ruserpass.$(OBJEXT) domacro.$(OBJEXT) \ globals.$(OBJEXT) security.$(OBJEXT) kauth.$(OBJEXT) \ - $(am__objects_1) $(am__objects_2) + $(am__objects_1) ftp_OBJECTS = $(am_ftp_OBJECTS) ftp_LDADD = $(LDADD) am__DEPENDENCIES_1 = ftp_DEPENDENCIES = ../common/libcommon.a $(LIB_gssapi) $(LIB_krb5) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = + $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -122,6 +126,27 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(ftp_SOURCES) $(EXTRA_ftp_SOURCES) DIST_SOURCES = $(am__ftp_SOURCES_DIST) $(EXTRA_ftp_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man1dir = $(mandir)/man1 MANS = $(man_MANS) ETAGS = etags @@ -131,49 +156,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -197,10 +231,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -217,6 +252,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -232,31 +269,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -271,10 +322,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -315,34 +368,37 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -I$(srcdir)/../common $(INCLUDE_readline) $(INCLUDE_krb4) \ - $(INCLUDE_hcrypto) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) -I$(srcdir)/../common \ + $(INCLUDE_readline) $(INCLUDE_hcrypto) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la CHECK_LOCAL = -@KRB4_TRUE@krb4_sources = krb4.c @KRB5_TRUE@krb5_sources = gssapi.c ftp_SOURCES = \ cmds.c \ @@ -359,37 +415,35 @@ ftp_SOURCES = \ security.c \ security.h \ kauth.c \ - $(krb4_sources) \ $(krb5_sources) -EXTRA_ftp_SOURCES = krb4.c gssapi.c +EXTRA_ftp_SOURCES = gssapi.c man_MANS = ftp.1 LDADD = \ ../common/libcommon.a \ $(LIB_gssapi) \ $(LIB_krb5) \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(LIB_roken) \ $(LIB_readline) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/ftp/ftp/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/ftp/ftp/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/ftp/ftp/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/ftp/ftp/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -407,34 +461,50 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list ftp$(EXEEXT): $(ftp_OBJECTS) $(ftp_DEPENDENCIES) @rm -f ftp$(EXEEXT) $(LINK) $(ftp_OBJECTS) $(ftp_LDADD) $(LIBS) @@ -445,115 +515,148 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cmds.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cmdtab.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/domacro.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ftp.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/globals.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gssapi.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kauth.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/main.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ruserpass.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/security.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) +install-man1: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + uninstall-man1: @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -569,13 +672,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -610,6 +717,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -619,6 +727,7 @@ clean: clean-am clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -629,6 +738,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -636,26 +747,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man1 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -675,11 +795,10 @@ ps-am: uninstall-am: uninstall-binPROGRAMS uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man1 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-binPROGRAMS clean-generic clean-libtool ctags \ @@ -766,6 +885,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -851,7 +973,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -864,6 +986,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/ftp/ftp/NTMakefile b/appl/ftp/ftp/NTMakefile new file mode 100644 index 000000000000..8bb7c982e0a4 --- /dev/null +++ b/appl/ftp/ftp/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\ftp\ftp + +!include ../../../windows/NTMakefile.w32 + diff --git a/appl/ftp/ftp/cmds.c b/appl/ftp/ftp/cmds.c index 86f4ff45a66b..dbd5d581ee3e 100644 --- a/appl/ftp/ftp/cmds.c +++ b/appl/ftp/ftp/cmds.c @@ -36,7 +36,7 @@ */ #include "ftp_locl.h" -RCSID("$Id: cmds.c 15673 2005-07-19 18:19:33Z lha $"); +RCSID("$Id$"); typedef void (*sighand)(int); @@ -189,7 +189,7 @@ setpeer(int argc, char **argv) unix_proxy = 0; else unix_server = 0; - if (overbose && + if (overbose && !strncmp(reply_string, "215 TOPS20", 10)) printf( "Remember to set tenex mode when transfering binary files from this machine.\n"); @@ -682,15 +682,15 @@ getit(int argc, char **argv, int restartit, char *filemode) tm->tm_year += 1900; if ((tm->tm_year > yy) || - (tm->tm_year == yy && + (tm->tm_year == yy && tm->tm_mon > mo) || - (tm->tm_mon == mo && + (tm->tm_mon == mo && tm->tm_mday > day) || - (tm->tm_mday == day && + (tm->tm_mday == day && tm->tm_hour > hour) || - (tm->tm_hour == hour && + (tm->tm_hour == hour && tm->tm_min > min) || - (tm->tm_min == min && + (tm->tm_min == min && tm->tm_sec > sec)) return (1); } @@ -868,7 +868,7 @@ status(int argc, char **argv) sec_status(); printf("Mode: %s; Type: %s; Form: %s; Structure: %s\n", modename, typename, formname, structname); - printf("Verbose: %s; Bell: %s; Prompting: %s; Globbing: %s\n", + printf("Verbose: %s; Bell: %s; Prompting: %s; Globbing: %s\n", onoff(verbose), onoff(bell), onoff(interactive), onoff(doglob)); printf("Store unique: %s; Receive unique: %s\n", onoff(sunique), @@ -987,7 +987,7 @@ setprompt(int argc, char **argv) void setglob(int argc, char **argv) { - + doglob = !doglob; printf("Globbing %s.\n", onoff(doglob)); code = doglob; @@ -1171,7 +1171,7 @@ ls(int argc, char **argv) return; } if (strcmp(argv[2], "-") && *argv[2] != '|') - if (!globulize(&argv[2]) || !confirm("output to local-file:", + if (!globulize(&argv[2]) || !confirm("output to local-file:", argv[2])) { code = -1; return; @@ -1237,7 +1237,7 @@ shell(int argc, char **argv) { pid_t pid; RETSIGTYPE (*old1)(int), (*old2)(int); - char shellnam[40], *shellpath, *namep; + char shellnam[40], *shellpath, *namep; int waitstatus; old1 = signal (SIGINT, SIG_IGN); @@ -1759,6 +1759,11 @@ setnmap(int argc, char **argv) mapflag = 1; code = 1; cp = strchr(altarg, ' '); + if (cp == NULL) { + printf("Usage: %s missing space\n",argv[0]); + code = -1; + return; + } if (proxy) { while(*++cp == ' ') continue; @@ -1833,7 +1838,7 @@ domap(char *name) break; case '[': LOOP: - if (*++cp2 == '$' && isdigit((unsigned char)*(cp2+1))) { + if (*++cp2 == '$' && isdigit((unsigned char)*(cp2+1))) { if (*++cp2 == '0') { char *cp3 = name; @@ -1852,7 +1857,7 @@ domap(char *name) } } else { - while (*cp2 && *cp2 != ',' && + while (*cp2 && *cp2 != ',' && *cp2 != ']') { if (*cp2 == '\\') { cp2++; @@ -2137,7 +2142,7 @@ klist(int argc, char **argv) code = -1; return; } - + ret = command("SITE KLIST"); code = (ret == COMPLETE); } diff --git a/appl/ftp/ftp/cmdtab.c b/appl/ftp/ftp/cmdtab.c index 1c65e715895d..7b4c32942536 100644 --- a/appl/ftp/ftp/cmdtab.c +++ b/appl/ftp/ftp/cmdtab.c @@ -106,17 +106,10 @@ char verbosehelp[] = "toggle verbose mode"; char prothelp[] = "set protection level"; char prothelp_c[] = "set command protection level"; -#ifdef KRB4 -char kauthhelp[] = "get remote tokens"; -#endif -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) char klisthelp[] = "show remote tickets"; #endif -#ifdef KRB4 -char kdestroyhelp[] = "destroy remote tickets"; -char krbtkfilehelp[] = "set filename of remote tickets"; -#endif -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) char afsloghelp[] = "obtain remote AFS tokens"; #endif @@ -197,20 +190,13 @@ struct cmd cmdtab[] = { { "protect", prothelp, 0, 1, 0, sec_prot }, /* what MIT uses */ { "cprotect", prothelp_c, 0, 1, 1, sec_prot_command }, -#ifdef KRB4 - { "kauth", kauthhelp, 0, 1, 0, kauth }, -#endif -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) { "klist", klisthelp, 0, 1, 0, klist }, #endif -#ifdef KRB4 - { "kdestroy", kdestroyhelp, 0, 1, 0, kdestroy }, - { "krbtkfile", krbtkfilehelp, 0, 1, 0, krbtkfile }, -#endif -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) { "afslog", afsloghelp, 0, 1, 0, afslog }, #endif - + { 0 }, }; diff --git a/appl/ftp/ftp/domacro.c b/appl/ftp/ftp/domacro.c index f0be87a05311..4311d69e02c1 100644 --- a/appl/ftp/ftp/domacro.c +++ b/appl/ftp/ftp/domacro.c @@ -32,7 +32,7 @@ */ #include "ftp_locl.h" -RCSID("$Id: domacro.c 14951 2005-04-25 13:09:26Z lha $"); +RCSID("$Id$"); void domacro(int argc, char **argv) diff --git a/appl/ftp/ftp/extern.h b/appl/ftp/ftp/extern.h index a38ccd9518d3..ee5184957fb1 100644 --- a/appl/ftp/ftp/extern.h +++ b/appl/ftp/ftp/extern.h @@ -33,7 +33,7 @@ * @(#)extern.h 8.3 (Berkeley) 10/9/94 */ -/* $Id: extern.h 9075 2000-09-19 13:15:12Z assar $ */ +/* $Id$ */ #include #include @@ -117,7 +117,7 @@ void reset (int, char **); void restart (int, char **); void rmthelp (int, char **); void rmtstatus (int, char **); -int ruserpass (char *, char **, char **, char **); +int ruserpassword (char *, char **, char **, char **); void sendrequest (char *, char *, char *, char *, int); void setascii (int, char **); void setbell (int, char **); diff --git a/appl/ftp/ftp/ftp.1 b/appl/ftp/ftp/ftp.1 index 5b8b8f6427cd..b0a837d863f5 100644 --- a/appl/ftp/ftp/ftp.1 +++ b/appl/ftp/ftp/ftp.1 @@ -53,8 +53,8 @@ file transfer program .Op Fl t .Op Fl v .Op Fl x -.Op Fl -no-gss-bindings -.Op Fl -no-gss-delegate +.Op Fl Fl no-gss-bindings +.Op Fl Fl no-gss-delegate .Op Ar host .Sh DESCRIPTION .Nm @@ -103,10 +103,10 @@ Turn on passive mode. Enables debugging. .It Fl g Disables file name globbing. - .It Fl -no-gss-bindings + .It Fl Fl no-gss-bindings Don't use GSS-API bindings when talking to peer. IP addresses will not be checked to ensure they match. -.It Fl -no-gss-delegate +.It Fl Fl no-gss-delegate Disable delegation of GSSAPI credentials. .It Fl l Disables command line editing. diff --git a/appl/ftp/ftp/ftp.c b/appl/ftp/ftp/ftp.c index 0a00bd245667..1cd2f46ebb43 100644 --- a/appl/ftp/ftp/ftp.c +++ b/appl/ftp/ftp/ftp.c @@ -32,7 +32,7 @@ */ #include "ftp_locl.h" -RCSID ("$Id: ftp.c 16650 2006-01-24 08:16:08Z lha $"); +RCSID ("$Id$"); struct sockaddr_storage hisctladdr_ss; struct sockaddr *hisctladdr = (struct sockaddr *)&hisctladdr_ss; @@ -89,7 +89,7 @@ hookup (const char *host, int port) strlcpy (hostnamebuf, a->ai_canonname, sizeof(hostnamebuf)); memcpy (hisctladdr, a->ai_addr, a->ai_addrlen); - + error = connect (s, a->ai_addr, a->ai_addrlen); if (error < 0) { char addrstr[256]; @@ -98,7 +98,7 @@ hookup (const char *host, int port) addrstr, sizeof(addrstr), NULL, 0, NI_NUMERICHOST) != 0) strlcpy (addrstr, "unknown address", sizeof(addrstr)); - + warn ("connect %s", addrstr); close (s); s = -1; @@ -167,6 +167,7 @@ login (char *host) char tmp[80]; char defaultpass[128]; char *userstr, *pass, *acctstr; + char *ruserstr, *rpass, *racctstr; int n, aflag = 0; char *myname = NULL; @@ -175,7 +176,7 @@ login (char *host) if (pw != NULL) myname = pw->pw_name; - userstr = pass = acctstr = 0; + ruserstr = rpass = racctstr = NULL; if(sec_login(host)) printf("\n*** Using plaintext user and password ***\n\n"); @@ -183,10 +184,14 @@ login (char *host) printf("Authentication successful.\n\n"); } - if (ruserpass (host, &userstr, &pass, &acctstr) < 0) { + if (ruserpassword (host, &ruserstr, &rpass, &racctstr) < 0) { code = -1; return (0); } + userstr = ruserstr; + pass = rpass; + acctstr = racctstr; + while (userstr == NULL) { if (myname) printf ("Name (%s:%s): ", host, myname); @@ -201,17 +206,20 @@ login (char *host) userstr = tmp; } strlcpy(username, userstr, sizeof(username)); + if (ruserstr) + free(ruserstr); + n = command("USER %s", userstr); - if (n == COMPLETE) + if (n == COMPLETE) n = command("PASS dummy"); /* DK: Compatibility with gssftp daemon */ else if(n == CONTINUE) { if (pass == NULL) { char prompt[128]; - if(myname && + if(myname && (!strcmp(userstr, "ftp") || !strcmp(userstr, "anonymous"))) { - snprintf(defaultpass, sizeof(defaultpass), + snprintf(defaultpass, sizeof(defaultpass), "%s@%s", myname, mydomain); - snprintf(prompt, sizeof(prompt), + snprintf(prompt, sizeof(prompt), "Password (%s): ", defaultpass); } else if (sec_complete) { pass = myname; @@ -227,19 +235,25 @@ login (char *host) } } n = command ("PASS %s", pass); + if (rpass) + free(rpass); } if (n == CONTINUE) { aflag++; + UI_UTIL_read_pw_string (tmp, sizeof(tmp), "Account:", 0); acctstr = tmp; - UI_UTIL_read_pw_string (acctstr, 128, "Account:", 0); n = command ("ACCT %s", acctstr); } if (n != COMPLETE) { + if (racctstr) + free(racctstr); warnx ("Login failed."); return (0); } if (!aflag && acctstr != NULL) command ("ACCT %s", acctstr); + if (racctstr) + free(racctstr); if (proxy) return (1); for (n = 0; n < macnum; ++n) { @@ -417,7 +431,7 @@ getreply (int expecteof) continue; default: if(p < buf + sizeof(buf) - 1) - *p++ = c; + *p++ = c; else if(long_warn == 0) { fprintf(stderr, "WARNING: incredibly long line received\n"); long_warn = 1; @@ -579,6 +593,9 @@ copy_stream (FILE * from, FILE * to) #if defined(HAVE_MMAP) && !defined(NO_MMAP) void *chunk; + size_t off; + +#define BLOCKSIZE (1024 * 1024 * 10) #ifndef MAP_FAILED #define MAP_FAILED (-1) @@ -590,17 +607,35 @@ copy_stream (FILE * from, FILE * to) */ if (st.st_size == 0) return 0; - chunk = mmap (0, st.st_size, PROT_READ, MAP_SHARED, fileno (from), 0); - if (chunk != (void *) MAP_FAILED) { - int res; + off = 0; + while (off != st.st_size) { + size_t len; + ssize_t res; - res = sec_write (fileno (to), chunk, st.st_size); - if (munmap (chunk, st.st_size) < 0) + len = st.st_size - off; + if (len > BLOCKSIZE) + len = BLOCKSIZE; + + chunk = mmap (0, len, PROT_READ, MAP_SHARED, fileno (from), off); + if (chunk == (void *) MAP_FAILED) { + if (off == 0) /* try read if mmap doesn't work */ + goto try_read; + break; + } + + res = sec_write (fileno (to), chunk, len); + if (msync (chunk, len, MS_ASYNC)) + warn ("msync"); + if (munmap (chunk, len) < 0) warn ("munmap"); sec_fflush (to); - return res; + if (res != len) + return off; + off += len; } + return off; } +try_read: #endif buf = alloc_buffer (buf, &bufsize, @@ -643,7 +678,7 @@ sendrequest (char *cmd, char *local, char *remote, char *lmode, int printnames) char *rmode = "w"; if (verbose && printnames) { - if (local && strcmp (local, "-") != 0) + if (strcmp (local, "-") != 0) printf ("local: %s ", local); if (remote) printf ("remote: %s\n", remote); @@ -696,8 +731,7 @@ sendrequest (char *cmd, char *local, char *remote, char *lmode, int printnames) return; } closefunc = fclose; - if (fstat (fileno (fin), &st) < 0 || - (st.st_mode & S_IFMT) != S_IFREG) { + if (fstat (fileno (fin), &st) < 0 || !S_ISREG(st.st_mode)) { fprintf (stdout, "%s: not a plain file.\n", local); signal (SIGINT, oldintr); fclose (fin); @@ -875,7 +909,7 @@ recvrequest (char *cmd, char *local, char *remote, is_retr = strcmp (cmd, "RETR") == 0; if (is_retr && verbose && printnames) { - if (local && strcmp (local, "-") != 0) + if (strcmp (local, "-") != 0) printf ("local: %s ", local); if (remote) printf ("remote: %s\n", remote); @@ -902,7 +936,7 @@ recvrequest (char *cmd, char *local, char *remote, return; } oldintr = signal (SIGINT, abortrecv); - if (!local_given || (strcmp (local, "-") && *local != '|')) { + if (!local_given || (strcmp(local, "-") && *local != '|')) { if (access (local, 2) < 0) { char *dir = strrchr (local, '/'); @@ -1317,7 +1351,7 @@ active_mode (void) verbose = -1; result = command ("EPRT |%d|%s|%d|", - inet_af, addr_str, + inet_af, addr_str, ntohs(socket_get_port (data_addr))); verbose = overbose; @@ -1332,7 +1366,7 @@ active_mode (void) goto bad; } - result = command("PORT %d,%d,%d,%d,%d,%d", + result = command("PORT %d,%d,%d,%d,%d,%d", (a >> 24) & 0xff, (a >> 16) & 0xff, (a >> 8) & 0xff, @@ -1371,7 +1405,7 @@ active_mode (void) int initconn (void) { - if (passivemode) + if (passivemode) return passive_mode (); else return active_mode (); diff --git a/appl/ftp/ftp/ftp.cat1 b/appl/ftp/ftp/ftp.cat1 new file mode 100644 index 000000000000..f36c0da359de --- /dev/null +++ b/appl/ftp/ftp/ftp.cat1 @@ -0,0 +1,658 @@ + +FTP(1) BSD General Commands Manual FTP(1) + +NNAAMMEE + ffttpp -- ARPANET file transfer program + +SSYYNNOOPPSSIISS + ffttpp [--KK] [--dd] [--gg] [--ii] [--ll] [--nn] [--pp] [--tt] [--vv] [--xx] [----nnoo--ggssss--bbiinnddiinnggss] + [----nnoo--ggssss--ddeelleeggaattee] [_h_o_s_t] + +DDEESSCCRRIIPPTTIIOONN + ffttpp is the user interface to the ARPANET standard File Transfer Protocol. + The program allows a user to transfer files to and from a remote network + site. + + Modifications have been made so that it almost follows the FTP Security + Extensions, RFC 2228. + + Options may be specified at the command line, or to the command inter- + preter. + + --KK Disable Kerberos authentication. + + --tt Enables packet tracing. + + --vv Verbose option forces ffttpp to show all responses from the remote + server, as well as report on data transfer statistics. + + --nn Restrains ffttpp from attempting ``auto-login'' upon initial connec- + tion. If auto-login is enabled, ffttpp will check the _._n_e_t_r_c (see + below) file in the user's home directory for an entry describing an + account on the remote machine. If no entry exists, ffttpp will prompt + for the remote machine login name (default is the user identity on + the local machine), and, if necessary, prompt for a password and an + account with which to login. + + --ii Turns off interactive prompting during multiple file transfers. + + --pp Turn on passive mode. + + --dd Enables debugging. + + --gg Disables file name globbing. + .It Fl Fl no-gss-bindings Don't use GSS-API bindings when talking + to peer. IP addresses will not be checked to ensure they match. + + ----nnoo--ggssss--ddeelleeggaattee + Disable delegation of GSSAPI credentials. + + --ll Disables command line editing. + + --xx Encrypt command and data channel. + + The client host with which ffttpp is to communicate may be specified on the + command line. If this is done, ffttpp will immediately attempt to establish + a connection to an FTP server on that host; otherwise, ffttpp will enter its + command interpreter and await instructions from the user. When ffttpp is + awaiting commands from the user the prompt `ftp>' is provided to the + user. The following commands are recognized by ffttpp: + + !! [_c_o_m_m_a_n_d [_a_r_g_s]] + Invoke an interactive shell on the local machine. If there + are arguments, the first is taken to be a command to execute + directly, with the rest of the arguments as its arguments. + + $$ _m_a_c_r_o_-_n_a_m_e [_a_r_g_s] + Execute the macro _m_a_c_r_o_-_n_a_m_e that was defined with the mmaaccddeeff + command. Arguments are passed to the macro unglobbed. + + aaccccoouunntt [_p_a_s_s_w_d] + Supply a supplemental password required by a remote system + for access to resources once a login has been successfully + completed. If no argument is included, the user will be + prompted for an account password in a non-echoing input mode. + + aappppeenndd _l_o_c_a_l_-_f_i_l_e [_r_e_m_o_t_e_-_f_i_l_e] + Append a local file to a file on the remote machine. If + _r_e_m_o_t_e_-_f_i_l_e is left unspecified, the local file name is used + in naming the remote file after being altered by any nnttrraannss + or nnmmaapp setting. File transfer uses the current settings for + ttyyppee, ffoorrmmaatt, mmooddee, and ssttrruuccttuurree. + + aasscciiii Set the file transfer ttyyppee to network ASCII. This is the + default type. + + bbeellll Arrange that a bell be sounded after each file transfer com- + mand is completed. + + bbiinnaarryy Set the file transfer ttyyppee to support binary image transfer. + + bbyyee Terminate the FTP session with the remote server and exit + ffttpp. An end of file will also terminate the session and + exit. + + ccaassee Toggle remote computer file name case mapping during mmggeett + commands. When ccaassee is on (default is off), remote computer + file names with all letters in upper case are written in the + local directory with the letters mapped to lower case. + + ccdd _r_e_m_o_t_e_-_d_i_r_e_c_t_o_r_y + Change the working directory on the remote machine to + _r_e_m_o_t_e_-_d_i_r_e_c_t_o_r_y. + + ccdduupp Change the remote machine working directory to the parent of + the current remote machine working directory. + + cchhmmoodd _m_o_d_e _f_i_l_e_-_n_a_m_e + Change the permission modes of the file _f_i_l_e_-_n_a_m_e on the + remote sytem to _m_o_d_e. + + cclloossee Terminate the FTP session with the remote server, and return + to the command interpreter. Any defined macros are erased. + + ccrr Toggle carriage return stripping during ascii type file + retrieval. Records are denoted by a carriage return/linefeed + sequence during ascii type file transfer. When ccrr is on (the + default), carriage returns are stripped from this sequence to + conform with the UNIX single linefeed record delimiter. + Records on non-UNIX remote systems may contain single line- + feeds; when an ascii type transfer is made, these linefeeds + may be distinguished from a record delimiter only when ccrr is + off. + + ddeelleettee _r_e_m_o_t_e_-_f_i_l_e + Delete the file _r_e_m_o_t_e_-_f_i_l_e on the remote machine. + + ddeebbuugg [_d_e_b_u_g_-_v_a_l_u_e] + Toggle debugging mode. If an optional _d_e_b_u_g_-_v_a_l_u_e is speci- + fied it is used to set the debugging level. When debugging + is on, ffttpp prints each command sent to the remote machine, + preceded by the string `-->' + + ddiirr [_r_e_m_o_t_e_-_d_i_r_e_c_t_o_r_y] [_l_o_c_a_l_-_f_i_l_e] + Print a listing of the directory contents in the directory, + _r_e_m_o_t_e_-_d_i_r_e_c_t_o_r_y, and, optionally, placing the output in + _l_o_c_a_l_-_f_i_l_e. If interactive prompting is on, ffttpp will prompt + the user to verify that the last argument is indeed the tar- + get local file for receiving ddiirr output. If no directory is + specified, the current working directory on the remote + machine is used. If no local file is specified, or + _l_o_c_a_l_-_f_i_l_e is --, output comes to the terminal. + + ddiissccoonnnneecctt A synonym for _c_l_o_s_e. + + ffoorrmm _f_o_r_m_a_t + Set the file transfer ffoorrmm to _f_o_r_m_a_t. The default format is + ``file''. + + ggeett _r_e_m_o_t_e_-_f_i_l_e [_l_o_c_a_l_-_f_i_l_e] + Retrieve the _r_e_m_o_t_e_-_f_i_l_e and store it on the local machine. + If the local file name is not specified, it is given the same + name it has on the remote machine, subject to alteration by + the current ccaassee, nnttrraannss, and nnmmaapp settings. The current + settings for ttyyppee, ffoorrmm, mmooddee, and ssttrruuccttuurree are used while + transferring the file. + + gglloobb Toggle filename expansion for mmddeelleettee, mmggeett and mmppuutt. If + globbing is turned off with gglloobb, the file name arguments are + taken literally and not expanded. Globbing for mmppuutt is done + as in csh(1). For mmddeelleettee and mmggeett, each remote file name is + expanded separately on the remote machine and the lists are + not merged. Expansion of a directory name is likely to be + different from expansion of the name of an ordinary file: the + exact result depends on the foreign operating system and ftp + server, and can be previewed by doing `mls remote-files -'. + As a security measure, remotely globbed files that starts + with `/' or contains `../', will not be automatically + received. If you have interactive prompting turned off, these + filenames will be ignored. Note: mmggeett and mmppuutt are not meant + to transfer entire directory subtrees of files. That can be + done by transferring a tar(1) archive of the subtree (in + binary mode). + + hhaasshh Toggle hash-sign (``#'') printing for each data block trans- + ferred. The size of a data block is 1024 bytes. + + hheellpp [_c_o_m_m_a_n_d] + Print an informative message about the meaning of _c_o_m_m_a_n_d. + If no argument is given, ffttpp prints a list of the known com- + mands. + + iiddllee [_s_e_c_o_n_d_s] + Set the inactivity timer on the remote server to _s_e_c_o_n_d_s sec- + onds. If _s_e_c_o_n_d_s is omitted, the current inactivity timer is + printed. + + llccdd [_d_i_r_e_c_t_o_r_y] + Change the working directory on the local machine. If no + _d_i_r_e_c_t_o_r_y is specified, the user's home directory is used. + + llss [_r_e_m_o_t_e_-_d_i_r_e_c_t_o_r_y] [_l_o_c_a_l_-_f_i_l_e] + Print a listing of the contents of a directory on the remote + machine. The listing includes any system-dependent informa- + tion that the server chooses to include; for example, most + UNIX systems will produce output from the command `ls -l'. + (See also nnlliisstt.) If _r_e_m_o_t_e_-_d_i_r_e_c_t_o_r_y is left unspecified, + the current working directory is used. If interactive + prompting is on, ffttpp will prompt the user to verify that the + last argument is indeed the target local file for receiving + llss output. If no local file is specified, or if _l_o_c_a_l_-_f_i_l_e + is `--', the output is sent to the terminal. + + mmaaccddeeff _m_a_c_r_o_-_n_a_m_e + Define a macro. Subsequent lines are stored as the macro + _m_a_c_r_o_-_n_a_m_e; a null line (consecutive newline characters in a + file or carriage returns from the terminal) terminates macro + input mode. There is a limit of 16 macros and 4096 total + characters in all defined macros. Macros remain defined + until a cclloossee command is executed. The macro processor + interprets `$' and `\' as special characters. A `$' followed + by a number (or numbers) is replaced by the corresponding + argument on the macro invocation command line. A `$' fol- + lowed by an `i' signals that macro processor that the execut- + ing macro is to be looped. On the first pass `$i' is + replaced by the first argument on the macro invocation com- + mand line, on the second pass it is replaced by the second + argument, and so on. A `\' followed by any character is + replaced by that character. Use the `\' to prevent special + treatment of the `$'. + + mmddeelleettee [_r_e_m_o_t_e_-_f_i_l_e_s] + Delete the _r_e_m_o_t_e_-_f_i_l_e_s on the remote machine. + + mmddiirr _r_e_m_o_t_e_-_f_i_l_e_s _l_o_c_a_l_-_f_i_l_e + Like ddiirr, except multiple remote files may be specified. If + interactive prompting is on, ffttpp will prompt the user to ver- + ify that the last argument is indeed the target local file + for receiving mmddiirr output. + + mmggeett _r_e_m_o_t_e_-_f_i_l_e_s + Expand the _r_e_m_o_t_e_-_f_i_l_e_s on the remote machine and do a ggeett + for each file name thus produced. See gglloobb for details on + the filename expansion. Resulting file names will then be + processed according to ccaassee, nnttrraannss, and nnmmaapp settings. + Files are transferred into the local working directory, which + can be changed with `lcd directory'; new local directories + can be created with `! mkdir directory'. + + mmkkddiirr _d_i_r_e_c_t_o_r_y_-_n_a_m_e + Make a directory on the remote machine. + + mmllss _r_e_m_o_t_e_-_f_i_l_e_s _l_o_c_a_l_-_f_i_l_e + Like nnlliisstt, except multiple remote files may be specified, + and the _l_o_c_a_l_-_f_i_l_e must be specified. If interactive prompt- + ing is on, ffttpp will prompt the user to verify that the last + argument is indeed the target local file for receiving mmllss + output. + + mmooddee [_m_o_d_e_-_n_a_m_e] + Set the file transfer mmooddee to _m_o_d_e_-_n_a_m_e. The default mode is + ``stream'' mode. + + mmooddttiimmee _f_i_l_e_-_n_a_m_e + Show the last modification time of the file on the remote + machine. + + mmppuutt _l_o_c_a_l_-_f_i_l_e_s + Expand wild cards in the list of local files given as argu- + ments and do a ppuutt for each file in the resulting list. See + gglloobb for details of filename expansion. Resulting file names + will then be processed according to nnttrraannss and nnmmaapp settings. + + nneewweerr _f_i_l_e_-_n_a_m_e + Get the file only if the modification time of the remote file + is more recent that the file on the current system. If the + file does not exist on the current system, the remote file is + considered nneewweerr. Otherwise, this command is identical to + _g_e_t. + + nnlliisstt [_r_e_m_o_t_e_-_d_i_r_e_c_t_o_r_y] [_l_o_c_a_l_-_f_i_l_e] + Print a list of the files in a directory on the remote + machine. If _r_e_m_o_t_e_-_d_i_r_e_c_t_o_r_y is left unspecified, the cur- + rent working directory is used. If interactive prompting is + on, ffttpp will prompt the user to verify that the last argument + is indeed the target local file for receiving nnlliisstt output. + If no local file is specified, or if _l_o_c_a_l_-_f_i_l_e is --, the + output is sent to the terminal. + + nnmmaapp [_i_n_p_a_t_t_e_r_n _o_u_t_p_a_t_t_e_r_n] + Set or unset the filename mapping mechanism. If no arguments + are specified, the filename mapping mechanism is unset. If + arguments are specified, remote filenames are mapped during + mmppuutt commands and ppuutt commands issued without a specified + remote target filename. If arguments are specified, local + filenames are mapped during mmggeett commands and ggeett commands + issued without a specified local target filename. This com- + mand is useful when connecting to a non-UNIX remote computer + with different file naming conventions or practices. The + mapping follows the pattern set by _i_n_p_a_t_t_e_r_n and _o_u_t_p_a_t_t_e_r_n. + [_I_n_p_a_t_t_e_r_n] is a template for incoming filenames (which may + have already been processed according to the nnttrraannss and ccaassee + settings). Variable templating is accomplished by including + the sequences `$1', `$2', ..., `$9' in _i_n_p_a_t_t_e_r_n. Use `\' to + prevent this special treatment of the `$' character. All + other characters are treated literally, and are used to + determine the nnmmaapp [_i_n_p_a_t_t_e_r_n] variable values. For example, + given _i_n_p_a_t_t_e_r_n $1.$2 and the remote file name "mydata.data", + $1 would have the value "mydata", and $2 would have the value + "data". The _o_u_t_p_a_t_t_e_r_n determines the resulting mapped file- + name. The sequences `$1', `$2', ...., `$9' are replaced by + any value resulting from the _i_n_p_a_t_t_e_r_n template. The + sequence `$0' is replace by the original filename. Addition- + ally, the sequence `[_s_e_q_1, _s_e_q_2]' is replaced by [_s_e_q_1] if + _s_e_q_1 is not a null string; otherwise it is replaced by _s_e_q_2. + For example, the command + + nmap $1.$2.$3 [$1,$2].[$2,file] + + would yield the output filename "myfile.data" for input file- + names "myfile.data" and "myfile.data.old", "myfile.file" for + the input filename "myfile", and "myfile.myfile" for the + input filename ".myfile". Spaces may be included in + _o_u_t_p_a_t_t_e_r_n, as in the example: `nmap $1 sed "s/ *$//" > $1' + . Use the `\' character to prevent special treatment of the + `$','[','[', and `,' characters. + + nnttrraannss [_i_n_c_h_a_r_s [_o_u_t_c_h_a_r_s]] + Set or unset the filename character translation mechanism. + If no arguments are specified, the filename character trans- + lation mechanism is unset. If arguments are specified, char- + acters in remote filenames are translated during mmppuutt com- + mands and ppuutt commands issued without a specified remote tar- + get filename. If arguments are specified, characters in + local filenames are translated during mmggeett commands and ggeett + commands issued without a specified local target filename. + This command is useful when connecting to a non-UNIX remote + computer with different file naming conventions or practices. + Characters in a filename matching a character in _i_n_c_h_a_r_s are + replaced with the corresponding character in _o_u_t_c_h_a_r_s. If + the character's position in _i_n_c_h_a_r_s is longer than the length + of _o_u_t_c_h_a_r_s, the character is deleted from the file name. + + ooppeenn _h_o_s_t [_p_o_r_t] + Establish a connection to the specified _h_o_s_t FTP server. An + optional port number may be supplied, in which case, ffttpp will + attempt to contact an FTP server at that port. If the + aauuttoo--llooggiinn option is on (default), ffttpp will also attempt to + automatically log the user in to the FTP server (see below). + + ppaassssiivvee Toggle passive mode. If passive mode is turned on (default + is off), the ftp client will send a PASV command for all data + connections instead of the usual PORT command. The PASV com- + mand requests that the remote server open a port for the data + connection and return the address of that port. The remote + server listens on that port and the client connects to it. + When using the more traditional PORT command, the client lis- + tens on a port and sends that address to the remote server, + who connects back to it. Passive mode is useful when using + ffttpp through a gateway router or host that controls the direc- + tionality of traffic. (Note that though ftp servers are + required to support the PASV command by RFC 1123, some do + not.) + + pprroommpptt Toggle interactive prompting. Interactive prompting occurs + during multiple file transfers to allow the user to selec- + tively retrieve or store files. If prompting is turned off + (default is on), any mmggeett or mmppuutt will transfer all files, + and any mmddeelleettee will delete all files. + + pprrooxxyy _f_t_p_-_c_o_m_m_a_n_d + Execute an ftp command on a secondary control connection. + This command allows simultaneous connection to two remote ftp + servers for transferring files between the two servers. The + first pprrooxxyy command should be an ooppeenn, to establish the sec- + ondary control connection. Enter the command "proxy ?" to + see other ftp commands executable on the secondary connec- + tion. The following commands behave differently when pref- + aced by pprrooxxyy: ooppeenn will not define new macros during the + auto-login process, cclloossee will not erase existing macro defi- + nitions, ggeett and mmggeett transfer files from the host on the + primary control connection to the host on the secondary con- + trol connection, and ppuutt, mmppuutt, and aappppeenndd transfer files + from the host on the secondary control connection to the host + on the primary control connection. Third party file trans- + fers depend upon support of the ftp protocol PASV command by + the server on the secondary control connection. + + ppuutt _l_o_c_a_l_-_f_i_l_e [_r_e_m_o_t_e_-_f_i_l_e] + Store a local file on the remote machine. If _r_e_m_o_t_e_-_f_i_l_e is + left unspecified, the local file name is used after process- + ing according to any nnttrraannss or nnmmaapp settings in naming the + remote file. File transfer uses the current settings for + ttyyppee, ffoorrmmaatt, mmooddee, and ssttrruuccttuurree. + + ppwwdd Print the name of the current working directory on the remote + machine. + + qquuiitt A synonym for bbyyee. + + qquuoottee _a_r_g_1 _a_r_g_2 _._._. + The arguments specified are sent, verbatim, to the remote FTP + server. + + rreeccvv _r_e_m_o_t_e_-_f_i_l_e [_l_o_c_a_l_-_f_i_l_e] + A synonym for get. + + rreeggeett _r_e_m_o_t_e_-_f_i_l_e [_l_o_c_a_l_-_f_i_l_e] + Reget acts like get, except that if _l_o_c_a_l_-_f_i_l_e exists and is + smaller than _r_e_m_o_t_e_-_f_i_l_e, _l_o_c_a_l_-_f_i_l_e is presumed to be a par- + tially transferred copy of _r_e_m_o_t_e_-_f_i_l_e and the transfer is + continued from the apparent point of failure. This command + is useful when transferring very large files over networks + that are prone to dropping connections. + + rreemmootteehheellpp [_c_o_m_m_a_n_d_-_n_a_m_e] + Request help from the remote FTP server. If a _c_o_m_m_a_n_d_-_n_a_m_e + is specified it is supplied to the server as well. + + rreemmootteessttaattuuss [_f_i_l_e_-_n_a_m_e] + With no arguments, show status of remote machine. If + _f_i_l_e_-_n_a_m_e is specified, show status of _f_i_l_e_-_n_a_m_e on remote + machine. + + rreennaammee [_f_r_o_m] [_t_o] + Rename the file _f_r_o_m on the remote machine, to the file _t_o. + + rreesseett Clear reply queue. This command re-synchronizes com- + mand/reply sequencing with the remote ftp server. Resynchro- + nization may be necessary following a violation of the ftp + protocol by the remote server. + + rreessttaarrtt _m_a_r_k_e_r + Restart the immediately following ggeett or ppuutt at the indicated + _m_a_r_k_e_r. On UNIX systems, marker is usually a byte offset + into the file. + + rrmmddiirr _d_i_r_e_c_t_o_r_y_-_n_a_m_e + Delete a directory on the remote machine. + + rruunniiqquuee Toggle storing of files on the local system with unique file- + names. If a file already exists with a name equal to the + target local filename for a ggeett or mmggeett command, a ".1" is + appended to the name. If the resulting name matches another + existing file, a ".2" is appended to the original name. If + this process continues up to ".99", an error message is + printed, and the transfer does not take place. The generated + unique filename will be reported. Note that rruunniiqquuee will not + affect local files generated from a shell command (see + below). The default value is off. + + sseenndd _l_o_c_a_l_-_f_i_l_e [_r_e_m_o_t_e_-_f_i_l_e] + A synonym for put. + + sseennddppoorrtt Toggle the use of PORT commands. By default, ffttpp will + attempt to use a PORT command when establishing a connection + for each data transfer. The use of PORT commands can prevent + delays when performing multiple file transfers. If the PORT + command fails, ffttpp will use the default data port. When the + use of PORT commands is disabled, no attempt will be made to + use PORT commands for each data transfer. This is useful for + certain FTP implementations which do ignore PORT commands + but, incorrectly, indicate they've been accepted. + + ssiittee _a_r_g_1 _a_r_g_2 _._._. + The arguments specified are sent, verbatim, to the remote FTP + server as a SITE command. + + ssiizzee _f_i_l_e_-_n_a_m_e + Return size of _f_i_l_e_-_n_a_m_e on remote machine. + + ssttaattuuss Show the current status of ffttpp. + + ssttrruucctt [_s_t_r_u_c_t_-_n_a_m_e] + Set the file transfer _s_t_r_u_c_t_u_r_e to _s_t_r_u_c_t_-_n_a_m_e. By default + ``stream'' structure is used. + + ssuunniiqquuee Toggle storing of files on remote machine under unique file + names. Remote ftp server must support ftp protocol STOU com- + mand for successful completion. The remote server will + report unique name. Default value is off. + + ssyysstteemm Show the type of operating system running on the remote + machine. + + tteenneexx Set the file transfer type to that needed to talk to TENEX + machines. + + ttrraaccee Toggle packet tracing. + + ttyyppee [_t_y_p_e_-_n_a_m_e] + Set the file transfer ttyyppee to _t_y_p_e_-_n_a_m_e. If no type is spec- + ified, the current type is printed. The default type is net- + work ASCII. + + uummaasskk [_n_e_w_m_a_s_k] + Set the default umask on the remote server to _n_e_w_m_a_s_k. If + _n_e_w_m_a_s_k is omitted, the current umask is printed. + + uusseerr _u_s_e_r_-_n_a_m_e [_p_a_s_s_w_o_r_d] [_a_c_c_o_u_n_t] + Identify yourself to the remote FTP server. If the _p_a_s_s_w_o_r_d + is not specified and the server requires it, ffttpp will prompt + the user for it (after disabling local echo). If an _a_c_c_o_u_n_t + field is not specified, and the FTP server requires it, the + user will be prompted for it. If an _a_c_c_o_u_n_t field is speci- + fied, an account command will be relayed to the remote server + after the login sequence is completed if the remote server + did not require it for logging in. Unless ffttpp is invoked + with ``auto-login'' disabled, this process is done automati- + cally on initial connection to the FTP server. + + vveerrbboossee Toggle verbose mode. In verbose mode, all responses from the + FTP server are displayed to the user. In addition, if ver- + bose is on, when a file transfer completes, statistics + regarding the efficiency of the transfer are reported. By + default, verbose is on. + + ?? [_c_o_m_m_a_n_d] + A synonym for help. + + The following command can be used with ftpsec-aware servers. + + pprroott _c_l_e_a_r | _s_a_f_e | _c_o_n_f_i_d_e_n_t_i_a_l | _p_r_i_v_a_t_e + Set the data protection level to the requested level. + + The following command can be used with ftp servers that has implemented + the KAUTH site command. + + kkaauutthh [_p_r_i_n_c_i_p_a_l] + Obtain remote tickets. + + Command arguments which have embedded spaces may be quoted with quote `"' + marks. + +AABBOORRTTIINNGG AA FFIILLEE TTRRAANNSSFFEERR + To abort a file transfer, use the terminal interrupt key (usually Ctrl- + C). Sending transfers will be immediately halted. Receiving transfers + will be halted by sending a ftp protocol ABOR command to the remote + server, and discarding any further data received. The speed at which + this is accomplished depends upon the remote server's support for ABOR + processing. If the remote server does not support the ABOR command, an + `ftp>' prompt will not appear until the remote server has completed send- + ing the requested file. + + The terminal interrupt key sequence will be ignored when ffttpp has com- + pleted any local processing and is awaiting a reply from the remote + server. A long delay in this mode may result from the ABOR processing + described above, or from unexpected behavior by the remote server, + including violations of the ftp protocol. If the delay results from + unexpected remote server behavior, the local ffttpp program must be killed + by hand. + +FFIILLEE NNAAMMIINNGG CCOONNVVEENNTTIIOONNSS + Files specified as arguments to ffttpp commands are processed according to + the following rules. + + 1. If the file name `--' is specified, the _s_t_d_i_n (for reading) or _s_t_d_o_u_t + (for writing) is used. + + 2. If the first character of the file name is `|', the remainder of the + argument is interpreted as a shell command. FFttpp then forks a shell, + using popen(3) with the argument supplied, and reads (writes) from + the stdout (stdin). If the shell command includes spaces, the argu- + ment must be quoted; e.g. ``" ls -lt"''. A particularly useful + example of this mechanism is: ``dir more''. + + 3. Failing the above checks, if ``globbing'' is enabled, local file + names are expanded according to the rules used in the csh(1); c.f. + the gglloobb command. If the ffttpp command expects a single local file + (.e.g. ppuutt), only the first filename generated by the "globbing" + operation is used. + + 4. For mmggeett commands and ggeett commands with unspecified local file + names, the local filename is the remote filename, which may be + altered by a ccaassee, nnttrraannss, or nnmmaapp setting. The resulting filename + may then be altered if rruunniiqquuee is on. + + 5. For mmppuutt commands and ppuutt commands with unspecified remote file + names, the remote filename is the local filename, which may be + altered by a nnttrraannss or nnmmaapp setting. The resulting filename may + then be altered by the remote server if ssuunniiqquuee is on. + +FFIILLEE TTRRAANNSSFFEERR PPAARRAAMMEETTEERRSS + The FTP specification specifies many parameters which may affect a file + transfer. The ttyyppee may be one of ``ascii'', ``image'' (binary), + ``ebcdic'', and ``local byte size'' (for PDP-10's and PDP-20's mostly). + FFttpp supports the ascii and image types of file transfer, plus local byte + size 8 for tteenneexx mode transfers. + + FFttpp supports only the default values for the remaining file transfer + parameters: mmooddee, ffoorrmm, and ssttrruucctt. + +TTHHEE ..nneettrrcc FFIILLEE + The _._n_e_t_r_c file contains login and initialization information used by the + auto-login process. It resides in the user's home directory. The fol- + lowing tokens are recognized; they may be separated by spaces, tabs, or + new-lines: + + mmaacchhiinnee _n_a_m_e + Identify a remote machine _n_a_m_e. The auto-login process + searches the _._n_e_t_r_c file for a mmaacchhiinnee token that matches the + remote machine specified on the ffttpp command line or as an ooppeenn + command argument. Once a match is made, the subsequent _._n_e_t_r_c + tokens are processed, stopping when the end of file is reached + or another mmaacchhiinnee or a ddeeffaauulltt token is encountered. + + ddeeffaauulltt This is the same as mmaacchhiinnee _n_a_m_e except that ddeeffaauulltt matches + any name. There can be only one ddeeffaauulltt token, and it must be + after all mmaacchhiinnee tokens. This is normally used as: + + default login anonymous password user@site + + thereby giving the user _a_u_t_o_m_a_t_i_c anonymous ftp login to + machines not specified in _._n_e_t_r_c. This can be overridden by + using the --nn flag to disable auto-login. + + llooggiinn _n_a_m_e + Identify a user on the remote machine. If this token is + present, the auto-login process will initiate a login using the + specified _n_a_m_e. + + ppaasssswwoorrdd _s_t_r_i_n_g + Supply a password. If this token is present, the auto-login + process will supply the specified string if the remote server + requires a password as part of the login process. Note that if + this token is present in the _._n_e_t_r_c file for any user other + than _a_n_o_n_y_m_o_u_s, ffttpp will abort the auto-login process if the + _._n_e_t_r_c is readable by anyone besides the user. + + aaccccoouunntt _s_t_r_i_n_g + Supply an additional account password. If this token is + present, the auto-login process will supply the specified + string if the remote server requires an additional account + password, or the auto-login process will initiate an ACCT com- + mand if it does not. + + mmaaccddeeff _n_a_m_e + Define a macro. This token functions like the ffttpp mmaaccddeeff com- + mand functions. A macro is defined with the specified name; + its contents begin with the next _._n_e_t_r_c line and continue until + a null line (consecutive new-line characters) is encountered. + If a macro named iinniitt is defined, it is automatically executed + as the last step in the auto-login process. + +EENNVVIIRROONNMMEENNTT + FFttpp uses the following environment variables. + + HOME For default location of a _._n_e_t_r_c file, if one exists. + + SHELL For default shell. + +SSEEEE AALLSSOO + ftpd(8) + + _R_F_C_2_2_2_8. + +HHIISSTTOORRYY + The ffttpp command appeared in 4.2BSD. + +BBUUGGSS + Correct execution of many commands depends upon proper behavior by the + remote server. + + An error in the treatment of carriage returns in the 4.2BSD ascii-mode + transfer code has been corrected. This correction may result in incor- + rect transfers of binary files to and from 4.2BSD servers using the ascii + type. Avoid this problem by using the binary image type. + +4.2 Berkeley Distribution March 23, 2006 4.2 Berkeley Distribution diff --git a/appl/ftp/ftp/ftp_locl.h b/appl/ftp/ftp/ftp_locl.h index 51808c14721b..cae845a93ce1 100644 --- a/appl/ftp/ftp/ftp_locl.h +++ b/appl/ftp/ftp/ftp_locl.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: ftp_locl.h 11444 2002-09-10 20:03:49Z joda $ */ +/* $Id$ */ #ifndef __FTP_LOCL_H__ #define __FTP_LOCL_H__ diff --git a/appl/ftp/ftp/globals.c b/appl/ftp/ftp/globals.c index 52f80488240f..4c195f6e9e58 100644 --- a/appl/ftp/ftp/globals.c +++ b/appl/ftp/ftp/globals.c @@ -1,5 +1,5 @@ #include "ftp_locl.h" -RCSID("$Id: globals.c 16160 2005-10-12 09:42:47Z joda $"); +RCSID("$Id$"); /* * Options and other state info. @@ -74,6 +74,6 @@ char macbuf[4096]; char username[32]; -/* these are set in ruserpass */ +/* these are set in ruserpassword */ char myhostname[MaxHostNameLen]; char *mydomain; diff --git a/appl/ftp/ftp/gssapi.c b/appl/ftp/ftp/gssapi.c index 9432feb8290e..29be7641c965 100644 --- a/appl/ftp/ftp/gssapi.c +++ b/appl/ftp/ftp/gssapi.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #ifdef FTP_SERVER @@ -36,17 +36,18 @@ #else #include "ftp_locl.h" #endif -#include +#include +#include #include -RCSID("$Id: gssapi.c 21513 2007-07-12 12:45:25Z lha $"); +RCSID("$Id$"); int ftp_do_gss_bindings = 0; int ftp_do_gss_delegate = 1; -struct gss_data { +struct gssapi_data { gss_ctx_id_t context_hdl; - char *client_name; + gss_name_t client_name; gss_cred_id_t delegated_cred_handle; void *mech_data; }; @@ -54,7 +55,7 @@ struct gss_data { static int gss_init(void *app_data) { - struct gss_data *d = app_data; + struct gssapi_data *d = app_data; d->context_hdl = GSS_C_NO_CONTEXT; d->delegated_cred_handle = GSS_C_NO_CREDENTIAL; #if defined(FTP_SERVER) @@ -84,7 +85,7 @@ gss_decode(void *app_data, void *buf, int len, int level) gss_buffer_desc input, output; gss_qop_t qop_state; int conf_state; - struct gss_data *d = app_data; + struct gssapi_data *d = app_data; size_t ret_len; input.length = len; @@ -116,7 +117,7 @@ gss_encode(void *app_data, void *from, int length, int level, void **to) OM_uint32 maj_stat, min_stat; gss_buffer_desc input, output; int conf_state; - struct gss_data *d = app_data; + struct gssapi_data *d = app_data; input.length = length; input.value = from; @@ -157,7 +158,7 @@ sockaddr_to_gss_address (struct sockaddr *sa, } default : errx (1, "unknown address family %d", sa->sa_family); - + } } @@ -172,7 +173,7 @@ gss_adat(void *app_data, void *buf, size_t len) gss_buffer_desc input_token, output_token; OM_uint32 maj_stat, min_stat; gss_name_t client_name; - struct gss_data *d = app_data; + struct gssapi_data *d = app_data; gss_channel_bindings_t bindings; if (ftp_do_gss_bindings) { @@ -186,7 +187,7 @@ gss_adat(void *app_data, void *buf, size_t len) sockaddr_to_gss_address (ctrl_addr, &bindings->acceptor_addrtype, &bindings->acceptor_address); - + bindings->application_data.length = 0; bindings->application_data.value = NULL; } else @@ -218,32 +219,8 @@ gss_adat(void *app_data, void *buf, size_t len) gss_release_buffer(&min_stat, &output_token); } if(maj_stat == GSS_S_COMPLETE){ - char *name; - gss_buffer_desc export_name; - gss_OID oid; - - maj_stat = gss_display_name(&min_stat, client_name, - &export_name, &oid); - if(maj_stat != 0) { - reply(500, "Error displaying name"); - goto out; - } - /* XXX kerberos */ - if(oid != GSS_KRB5_NT_PRINCIPAL_NAME) { - reply(500, "OID not kerberos principal name"); - gss_release_buffer(&min_stat, &export_name); - goto out; - } - name = malloc(export_name.length + 1); - if(name == NULL) { - reply(500, "Out of memory"); - gss_release_buffer(&min_stat, &export_name); - goto out; - } - memcpy(name, export_name.value, export_name.length); - name[export_name.length] = '\0'; - gss_release_buffer(&min_stat, &export_name); - d->client_name = name; + d->client_name = client_name; + client_name = GSS_C_NO_NAME; if(p) reply(235, "ADAT=%s", p); else @@ -265,24 +242,25 @@ gss_adat(void *app_data, void *buf, size_t len) GSS_C_NO_OID, &msg_ctx, &status_string); - syslog(LOG_ERR, "gss_accept_sec_context: %s", + syslog(LOG_ERR, "gss_accept_sec_context: %.*s", + (int)status_string.length, (char*)status_string.value); gss_release_buffer(&new_stat, &status_string); reply(431, "Security resource unavailable"); } - out: + if (client_name) gss_release_name(&min_stat, &client_name); free(p); return 0; } -int gss_userok(void*, char*); -int gss_session(void*, char*); +int gssapi_userok(void*, char*); +int gssapi_session(void*, char*); struct sec_server_mech gss_server_mech = { "GSSAPI", - sizeof(struct gss_data), + sizeof(struct gssapi_data), gss_init, /* init */ NULL, /* end */ gss_check_prot, @@ -294,8 +272,8 @@ struct sec_server_mech gss_server_mech = { gss_adat, NULL, /* pbsz */ NULL, /* ccc */ - gss_userok, - gss_session + gssapi_userok, + gssapi_session }; #else /* FTP_SERVER */ @@ -324,15 +302,17 @@ import_name(const char *kname, const char *host, gss_name_t *target_name) OM_uint32 new_stat; OM_uint32 msg_ctx = 0; gss_buffer_desc status_string; - + gss_display_status(&new_stat, min_stat, GSS_C_MECH_CODE, GSS_C_NO_OID, &msg_ctx, &status_string); - printf("Error importing name %s: %s\n", + printf("Error importing name %.*s: %.*s\n", + (int)name.length, (char *)name.value, + (int)status_string.length, (char *)status_string.value); free(name.value); gss_release_buffer(&new_stat, &status_string); @@ -345,7 +325,7 @@ import_name(const char *kname, const char *host, gss_name_t *target_name) static int gss_auth(void *app_data, char *host) { - + OM_uint32 maj_stat, min_stat; gss_name_t target_name; gss_buffer_desc input, output_token; @@ -353,12 +333,12 @@ gss_auth(void *app_data, char *host) char *p; int n; gss_channel_bindings_t bindings; - struct gss_data *d = app_data; + struct gssapi_data *d = app_data; OM_uint32 mech_flags = GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG; const char *knames[] = { "ftp", "host", NULL }, **kname = knames; - - + + if(import_name(*kname++, host, &target_name)) return AUTH_ERROR; @@ -369,14 +349,14 @@ gss_auth(void *app_data, char *host) bindings = malloc(sizeof(*bindings)); if (bindings == NULL) errx(1, "out of memory"); - + sockaddr_to_gss_address (myctladdr, &bindings->initiator_addrtype, &bindings->initiator_address); sockaddr_to_gss_address (hisctladdr, &bindings->acceptor_addrtype, &bindings->acceptor_address); - + bindings->application_data.length = 0; bindings->application_data.value = NULL; } else @@ -417,7 +397,7 @@ gss_auth(void *app_data, char *host) } continue; } - + if (bindings != GSS_C_NO_CHANNEL_BINDINGS) free(bindings); @@ -427,7 +407,8 @@ gss_auth(void *app_data, char *host) GSS_C_NO_OID, &msg_ctx, &status_string); - printf("Error initializing security context: %s\n", + printf("Error initializing security context: %.*s\n", + (int)status_string.length, (char*)status_string.value); gss_release_buffer(&new_stat, &status_string); return AUTH_CONTINUE; @@ -501,13 +482,15 @@ gss_auth(void *app_data, char *host) &name, NULL); if (GSS_ERROR(maj_stat) == 0) { - printf("Authenticated to <%s>\n", (char *)name.value); + printf("Authenticated to <%.*s>\n", + (int)name.length, + (char *)name.value); gss_release_buffer(&min_stat, &name); } gss_release_name(&min_stat, &targ_name); } else printf("Failed to get gss name of peer.\n"); - } + } return AUTH_OK; @@ -515,7 +498,7 @@ gss_auth(void *app_data, char *host) struct sec_client_mech gss_client_mech = { "GSSAPI", - sizeof(struct gss_data), + sizeof(struct gssapi_data), gss_init, gss_auth, NULL, /* end */ diff --git a/appl/ftp/ftp/kauth.c b/appl/ftp/ftp/kauth.c index 36305d2cd2e1..3af44aa7d6a4 100644 --- a/appl/ftp/ftp/kauth.c +++ b/appl/ftp/ftp/kauth.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -32,145 +32,9 @@ */ #include "ftp_locl.h" -RCSID("$Id: kauth.c 15666 2005-07-19 17:08:11Z lha $"); +RCSID("$Id$"); -#ifdef KRB4 -#include - -void -kauth(int argc, char **argv) -{ - int ret; - char buf[1024]; - des_cblock key; - des_key_schedule schedule; - KTEXT_ST tkt, tktcopy; - char *name; - char *p; - int overbose; - char passwd[100]; - int tmp; - - int save; - - if(argc > 2){ - printf("usage: %s [principal]\n", argv[0]); - code = -1; - return; - } - if(argc == 2) - name = argv[1]; - else - name = username; - - overbose = verbose; - verbose = 0; - - save = set_command_prot(prot_private); - ret = command("SITE KAUTH %s", name); - if(ret != CONTINUE){ - verbose = overbose; - set_command_prot(save); - code = -1; - return; - } - verbose = overbose; - p = strstr(reply_string, "T="); - if(!p){ - printf("Bad reply from server.\n"); - set_command_prot(save); - code = -1; - return; - } - p += 2; - tmp = base64_decode(p, &tkt.dat); - if(tmp < 0){ - printf("Failed to decode base64 in reply.\n"); - set_command_prot(save); - code = -1; - return; - } - tkt.length = tmp; - tktcopy.length = tkt.length; - - p = strstr(reply_string, "P="); - if(!p){ - printf("Bad reply from server.\n"); - verbose = overbose; - set_command_prot(save); - code = -1; - return; - } - name = p + 2; - for(; *p && *p != ' ' && *p != '\r' && *p != '\n'; p++); - *p = 0; - - snprintf(buf, sizeof(buf), "Password for %s:", name); - if (des_read_pw_string (passwd, sizeof(passwd)-1, buf, 0)) - *passwd = '\0'; - des_string_to_key (passwd, &key); - - des_key_sched(&key, schedule); - - des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat, - tkt.length, - schedule, &key, DES_DECRYPT); - if (strcmp ((char*)tktcopy.dat + 8, - KRB_TICKET_GRANTING_TICKET) != 0) { - afs_string_to_key (passwd, krb_realmofhost(hostname), &key); - des_key_sched (&key, schedule); - des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat, - tkt.length, - schedule, &key, DES_DECRYPT); - } - memset(key, 0, sizeof(key)); - memset(schedule, 0, sizeof(schedule)); - memset(passwd, 0, sizeof(passwd)); - if(base64_encode(tktcopy.dat, tktcopy.length, &p) < 0) { - printf("Out of memory base64-encoding.\n"); - set_command_prot(save); - code = -1; - return; - } - memset (tktcopy.dat, 0, tktcopy.length); - ret = command("SITE KAUTH %s %s", name, p); - free(p); - set_command_prot(save); - if(ret != COMPLETE){ - code = -1; - return; - } - code = 0; -} - -void -kdestroy(int argc, char **argv) -{ - int ret; - if (argc != 1) { - printf("usage: %s\n", argv[0]); - code = -1; - return; - } - ret = command("SITE KDESTROY"); - code = (ret == COMPLETE); -} - -void -krbtkfile(int argc, char **argv) -{ - int ret; - if(argc != 2) { - printf("usage: %s tktfile\n", argv[0]); - code = -1; - return; - } - ret = command("SITE KRBTKFILE %s", argv[1]); - code = (ret == COMPLETE); -} -#endif - -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) void afslog(int argc, char **argv) diff --git a/appl/ftp/ftp/krb4.c b/appl/ftp/ftp/krb4.c deleted file mode 100644 index 408b7fa73579..000000000000 --- a/appl/ftp/ftp/krb4.c +++ /dev/null @@ -1,340 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif -#include - -RCSID("$Id: krb4.c 17450 2006-05-05 11:11:43Z lha $"); - -#ifdef FTP_SERVER -#define LOCAL_ADDR ctrl_addr -#define REMOTE_ADDR his_addr -#else -#define LOCAL_ADDR myctladdr -#define REMOTE_ADDR hisctladdr -#endif - -extern struct sockaddr *LOCAL_ADDR, *REMOTE_ADDR; - -struct krb4_data { - des_cblock key; - des_key_schedule schedule; - char name[ANAME_SZ]; - char instance[INST_SZ]; - char realm[REALM_SZ]; -}; - -static int -krb4_check_prot(void *app_data, int level) -{ - if(level == prot_confidential) - return -1; - return 0; -} - -static int -krb4_decode(void *app_data, void *buf, int len, int level) -{ - MSG_DAT m; - int e; - struct krb4_data *d = app_data; - - if(level == prot_safe) - e = krb_rd_safe(buf, len, &d->key, - (struct sockaddr_in *)REMOTE_ADDR, - (struct sockaddr_in *)LOCAL_ADDR, &m); - else - e = krb_rd_priv(buf, len, d->schedule, &d->key, - (struct sockaddr_in *)REMOTE_ADDR, - (struct sockaddr_in *)LOCAL_ADDR, &m); - if(e){ - syslog(LOG_ERR, "krb4_decode: %s", krb_get_err_text(e)); - return -1; - } - memmove(buf, m.app_data, m.app_length); - return m.app_length; -} - -static int -krb4_overhead(void *app_data, int level, int len) -{ - return 31; -} - -static int -krb4_encode(void *app_data, void *from, int length, int level, void **to) -{ - struct krb4_data *d = app_data; - *to = malloc(length + 31); - if(level == prot_safe) - return krb_mk_safe(from, *to, length, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - else if(level == prot_private) - return krb_mk_priv(from, *to, length, d->schedule, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - else - return -1; -} - -#ifdef FTP_SERVER - -static int -krb4_adat(void *app_data, void *buf, size_t len) -{ - KTEXT_ST tkt; - AUTH_DAT auth_dat; - char *p; - int kerror; - uint32_t cs; - char msg[35]; /* size of encrypted block */ - int tmp_len; - struct krb4_data *d = app_data; - char inst[INST_SZ]; - struct sockaddr_in *his_addr_sin = (struct sockaddr_in *)his_addr; - - memcpy(tkt.dat, buf, len); - tkt.length = len; - - k_getsockinst(0, inst, sizeof(inst)); - kerror = krb_rd_req(&tkt, "ftp", inst, - his_addr_sin->sin_addr.s_addr, &auth_dat, ""); - if(kerror == RD_AP_UNDEC){ - k_getsockinst(0, inst, sizeof(inst)); - kerror = krb_rd_req(&tkt, "rcmd", inst, - his_addr_sin->sin_addr.s_addr, &auth_dat, ""); - } - - if(kerror){ - reply(535, "Error reading request: %s.", krb_get_err_text(kerror)); - return -1; - } - - memcpy(d->key, auth_dat.session, sizeof(d->key)); - des_set_key(&d->key, d->schedule); - - strlcpy(d->name, auth_dat.pname, sizeof(d->name)); - strlcpy(d->instance, auth_dat.pinst, sizeof(d->instance)); - strlcpy(d->realm, auth_dat.prealm, sizeof(d->instance)); - - cs = auth_dat.checksum + 1; - { - unsigned char tmp[4]; - KRB_PUT_INT(cs, tmp, 4, sizeof(tmp)); - tmp_len = krb_mk_safe(tmp, msg, 4, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - } - if(tmp_len < 0){ - reply(535, "Error creating reply: %s.", strerror(errno)); - return -1; - } - len = tmp_len; - if(base64_encode(msg, len, &p) < 0) { - reply(535, "Out of memory base64-encoding."); - return -1; - } - reply(235, "ADAT=%s", p); - sec_complete = 1; - free(p); - return 0; -} - -static int -krb4_userok(void *app_data, char *user) -{ - struct krb4_data *d = app_data; - return krb_kuserok(d->name, d->instance, d->realm, user); -} - -struct sec_server_mech krb4_server_mech = { - "KERBEROS_V4", - sizeof(struct krb4_data), - NULL, /* init */ - NULL, /* end */ - krb4_check_prot, - krb4_overhead, - krb4_encode, - krb4_decode, - /* */ - NULL, - krb4_adat, - NULL, /* pbsz */ - NULL, /* ccc */ - krb4_userok -}; - -#else /* FTP_SERVER */ - -static int -krb4_init(void *app_data) -{ - return !use_kerberos; -} - -static int -mk_auth(struct krb4_data *d, KTEXT adat, - char *service, char *host, int checksum) -{ - int ret; - CREDENTIALS cred; - char sname[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ]; - - strlcpy(sname, service, sizeof(sname)); - strlcpy(inst, krb_get_phost(host), sizeof(inst)); - strlcpy(realm, krb_realmofhost(host), sizeof(realm)); - ret = krb_mk_req(adat, sname, inst, realm, checksum); - if(ret) - return ret; - strlcpy(sname, service, sizeof(sname)); - strlcpy(inst, krb_get_phost(host), sizeof(inst)); - strlcpy(realm, krb_realmofhost(host), sizeof(realm)); - ret = krb_get_cred(sname, inst, realm, &cred); - memmove(&d->key, &cred.session, sizeof(des_cblock)); - des_key_sched(&d->key, d->schedule); - memset(&cred, 0, sizeof(cred)); - return ret; -} - -static int -krb4_auth(void *app_data, char *host) -{ - int ret; - char *p; - int len; - KTEXT_ST adat; - MSG_DAT msg_data; - int checksum; - uint32_t cs; - struct krb4_data *d = app_data; - struct sockaddr_in *localaddr = (struct sockaddr_in *)LOCAL_ADDR; - struct sockaddr_in *remoteaddr = (struct sockaddr_in *)REMOTE_ADDR; - - checksum = getpid(); - ret = mk_auth(d, &adat, "ftp", host, checksum); - if(ret == KDC_PR_UNKNOWN) - ret = mk_auth(d, &adat, "rcmd", host, checksum); - if(ret){ - printf("%s\n", krb_get_err_text(ret)); - return AUTH_CONTINUE; - } - -#ifdef HAVE_KRB_GET_OUR_IP_FOR_REALM - if (krb_get_config_bool("nat_in_use")) { - struct in_addr natAddr; - - if (krb_get_our_ip_for_realm(krb_realmofhost(host), - &natAddr) != KSUCCESS - && krb_get_our_ip_for_realm(NULL, &natAddr) != KSUCCESS) - printf("Can't get address for realm %s\n", - krb_realmofhost(host)); - else { - if (natAddr.s_addr != localaddr->sin_addr.s_addr) { - printf("Using NAT IP address (%s) for kerberos 4\n", - inet_ntoa(natAddr)); - localaddr->sin_addr = natAddr; - - /* - * This not the best place to do this, but it - * is here we know that (probably) NAT is in - * use! - */ - - passivemode = 1; - printf("Setting: Passive mode on.\n"); - } - } - } -#endif - - printf("Local address is %s\n", inet_ntoa(localaddr->sin_addr)); - printf("Remote address is %s\n", inet_ntoa(remoteaddr->sin_addr)); - - if(base64_encode(adat.dat, adat.length, &p) < 0) { - printf("Out of memory base64-encoding.\n"); - return AUTH_CONTINUE; - } - ret = command("ADAT %s", p); - free(p); - - if(ret != COMPLETE){ - printf("Server didn't accept auth data.\n"); - return AUTH_ERROR; - } - - p = strstr(reply_string, "ADAT="); - if(!p){ - printf("Remote host didn't send adat reply.\n"); - return AUTH_ERROR; - } - p += 5; - len = base64_decode(p, adat.dat); - if(len < 0){ - printf("Failed to decode base64 from server.\n"); - return AUTH_ERROR; - } - adat.length = len; - ret = krb_rd_safe(adat.dat, adat.length, &d->key, - (struct sockaddr_in *)hisctladdr, - (struct sockaddr_in *)myctladdr, &msg_data); - if(ret){ - printf("Error reading reply from server: %s.\n", - krb_get_err_text(ret)); - return AUTH_ERROR; - } - krb_get_int(msg_data.app_data, &cs, 4, 0); - if(cs - checksum != 1){ - printf("Bad checksum returned from server.\n"); - return AUTH_ERROR; - } - return AUTH_OK; -} - -struct sec_client_mech krb4_client_mech = { - "KERBEROS_V4", - sizeof(struct krb4_data), - krb4_init, /* init */ - krb4_auth, - NULL, /* end */ - krb4_check_prot, - krb4_overhead, - krb4_encode, - krb4_decode -}; - -#endif /* FTP_SERVER */ diff --git a/appl/ftp/ftp/main.c b/appl/ftp/ftp/main.c index c78cd4a64258..5876f51dc4dd 100644 --- a/appl/ftp/ftp/main.c +++ b/appl/ftp/ftp/main.c @@ -38,7 +38,7 @@ #include "ftp_locl.h" #include -RCSID("$Id: main.c 16160 2005-10-12 09:42:47Z joda $"); +RCSID("$Id$"); static int help_flag; static int version_flag; @@ -142,7 +142,7 @@ main(int argc, char **argv) } if (argc > 0) { char *xargv[5]; - + if (setjmp(toplevel)) exit(0); signal(SIGINT, intr); @@ -217,7 +217,7 @@ tail(filename) char *filename; { char *s; - + while (*filename) { s = strrchr(filename, '/'); if (s == NULL) @@ -555,10 +555,9 @@ help(int argc, char **argv) for (i = 0; i < lines; i++) { for (j = 0; j < columns; j++) { c = cmdtab + j * lines + i; - if (c->c_name && (!proxy || c->c_proxy)) { + if ((!proxy || c->c_proxy)) { printf("%s", c->c_name); - } - else if (c->c_name) { + } else { for (k=0; k < strlen(c->c_name); k++) { putchar(' '); } diff --git a/appl/ftp/ftp/ruserpass.c b/appl/ftp/ftp/ruserpass.c index 8c0cd8d6e90f..a8665b643c53 100644 --- a/appl/ftp/ftp/ruserpass.c +++ b/appl/ftp/ftp/ruserpass.c @@ -32,7 +32,7 @@ */ #include "ftp_locl.h" -RCSID("$Id: ruserpass.c 16161 2005-10-12 09:44:24Z joda $"); +RCSID("$Id$"); static int token (void); static FILE *cfile; @@ -59,7 +59,7 @@ static struct toktab { { "account", ACCOUNT }, { "machine", MACH }, { "macdef", MACDEF }, - { "prot", PROT }, + { "prot", PROT }, { NULL, 0 } }; @@ -105,7 +105,7 @@ guess_domain (char *hostname_str, size_t sz) } int -ruserpass(char *host, char **aname, char **apass, char **aacct) +ruserpassword(char *host, char **aname, char **apass, char **aacct) { char *hdir, buf[BUFSIZ], *tmp; int t, i, c, usedefault = 0; @@ -137,7 +137,7 @@ ruserpass(char *host, char **aname, char **apass, char **aacct) continue; /* * Allow match either for user's input host name - * or official hostname. Also allow match of + * or official hostname. Also allow match of * incompletely-specified host in local domain. */ if (strcasecmp(host, tokval) == 0) @@ -163,7 +163,7 @@ ruserpass(char *host, char **aname, char **apass, char **aacct) case LOGIN: if (token()) { - if (*aname == 0) { + if (*aname == 0) { *aname = strdup(tokval); } else { if (strcmp(*aname, tokval)) @@ -199,7 +199,7 @@ ruserpass(char *host, char **aname, char **apass, char **aacct) fclose(cfile); return (0); } - while ((c=getc(cfile)) != EOF && + while ((c=getc(cfile)) != EOF && (c == ' ' || c == '\t')); if (c == EOF || c == '\n') { printf("Missing macdef name argument.\n"); diff --git a/appl/ftp/ftp/security.c b/appl/ftp/ftp/security.c index 2a4803f90b18..86c73a168cea 100644 --- a/appl/ftp/ftp/security.c +++ b/appl/ftp/ftp/security.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1998-2002, 2005 Kungliga Tekniska Högskolan + * Copyright (c) 1998-2002, 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -37,7 +37,7 @@ #include "ftp_locl.h" #endif -RCSID("$Id: security.c 21225 2007-06-20 10:16:02Z lha $"); +RCSID("$Id$"); static enum protection_level command_prot; static enum protection_level data_prot; @@ -74,14 +74,14 @@ level_to_name(enum protection_level level) } #ifndef FTP_SERVER /* not used in server */ -static enum protection_level +static enum protection_level name_to_level(const char *name) { int i; for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++) if(!strncasecmp(level_names[i].name, name, strlen(name))) return level_names[i].level; - return (enum protection_level)-1; + return prot_invalid; } #endif @@ -90,9 +90,6 @@ name_to_level(const char *name) static struct sec_server_mech *mechs[] = { #ifdef KRB5 &gss_server_mech, -#endif -#ifdef KRB4 - &krb4_server_mech, #endif NULL }; @@ -104,9 +101,6 @@ static struct sec_server_mech *mech; static struct sec_client_mech *mechs[] = { #ifdef KRB5 &gss_client_mech, -#endif -#ifdef KRB4 - &krb4_client_mech, #endif NULL }; @@ -229,12 +223,12 @@ sec_read(int fd, void *dataptr, int length) in_buffer.eof_flag = 0; return 0; } - + len = buffer_read(&in_buffer, dataptr, length); length -= len; rx += len; dataptr = (char*)dataptr + len; - + while(length){ int ret; @@ -286,7 +280,7 @@ sec_write(int fd, char *dataptr, int length) { int len = buffer_size; int tx = 0; - + if(data_prot == prot_clear) return write(fd, dataptr, length); @@ -337,7 +331,7 @@ sec_putc(int c, FILE *F) char ch = c; if(data_prot == prot_clear) return putc(c, F); - + buffer_write(&out_buffer, &ch, 1); if(c == '\n' || out_buffer.index >= 1024 /* XXX */) { sec_write(fileno(F), out_buffer.data, out_buffer.index); @@ -352,14 +346,14 @@ sec_read_msg(char *s, int level) int len; char *buf; int return_code; - + buf = malloc(strlen(s)); len = base64_decode(s + 4, buf); /* XXX */ - + len = (*mech->decode)(app_data, buf, len, level); if(len < 0) return -1; - + buf[len] = '\0'; if(buf[3] == '-') @@ -381,7 +375,7 @@ sec_vfprintf(FILE *f, const char *fmt, va_list ap) int len; if(!sec_complete) return vfprintf(f, fmt, ap); - + if (vasprintf(&buf, fmt, ap) == -1) { printf("Failed to allocate command.\n"); return -1; @@ -520,10 +514,10 @@ prot(char *pl) reply(504, "Unrecognized protection level."); return; } - + if(sec_complete){ if((*mech->check_prot)(app_data, p)){ - reply(536, "%s does not support %s protection.", + reply(536, "%s does not support %s protection.", mech->name, level_to_name(p)); }else{ data_prot = (enum protection_level)p; @@ -556,14 +550,20 @@ void mec(char *msg, enum protection_level level) } buf_size = strlen(msg) + 2; buf = malloc(buf_size); + if (buf == NULL) { + reply(501, "Failed to allocate %lu", (unsigned long)buf_size); + return; + } len = base64_decode(msg, buf); command_prot = level; if(len == (size_t)-1) { + free(buf); reply(501, "Failed to base64-decode command"); return; } len = (*mech->decode)(app_data, buf, len, level); if(len == (size_t)-1) { + free(buf); reply(535, "Failed to decode command"); return; } @@ -628,7 +628,7 @@ sec_status(void) printf("Using %s command channel.\n", level_to_name(command_prot)); printf("Using %s data channel.\n", level_to_name(data_prot)); if(buffer_size > 0) - printf("Protection buffer size: %lu.\n", + printf("Protection buffer size: %lu.\n", (unsigned long)buffer_size); }else{ printf("Not using any security mechanism.\n"); @@ -669,7 +669,7 @@ sec_prot_internal(int level) printf("Failed to set protection level.\n"); return -1; } - + data_prot = (enum protection_level)level; return 0; } @@ -683,7 +683,7 @@ set_command_prot(enum protection_level level) ret = command("CCC"); if(ret != COMPLETE) { printf("Failed to clear command channel.\n"); - return -1; + return prot_invalid; } } command_prot = level; @@ -708,17 +708,17 @@ sec_prot(int argc, char **argv) return; } level = name_to_level(argv[argc - 1]); - + if(level == -1) goto usage; - + if((*mech->check_prot)(app_data, level)) { - printf("%s does not implement %s protection.\n", + printf("%s does not implement %s protection.\n", mech->name, level_to_name(level)); code = -1; return; } - + if(argc == 2 || strncasecmp(argv[1], "data", strlen(argv[1])) == 0) { if(sec_prot_internal(level) < 0){ code = -1; @@ -759,9 +759,9 @@ sec_prot_command(int argc, char **argv) level = name_to_level(argv[1]); if(level == -1) goto usage; - + if((*mech->check_prot)(app_data, level)) { - printf("%s does not implement %s protection.\n", + printf("%s does not implement %s protection.\n", mech->name, level_to_name(level)); code = -1; return; @@ -808,7 +808,7 @@ sec_login(char *host) verbose = -1; /* shut up all messages this will produce (they are usually not very user friendly) */ - + for(m = mechs; *m && (*m)->name; m++) { void *tmp; @@ -818,7 +818,7 @@ sec_login(char *host) return -1; } app_data = tmp; - + if((*m)->init && (*(*m)->init)(app_data) != 0) { printf("Skipping %s...\n", (*m)->name); continue; @@ -840,7 +840,7 @@ sec_login(char *host) } ret = (*(*m)->auth)(app_data, host); - + if(ret == AUTH_CONTINUE) continue; else if(ret != AUTH_OK){ @@ -852,13 +852,13 @@ sec_login(char *host) sec_complete = 1; if(doencrypt) { command_prot = prot_private; - request_data_prot = prot_private; + request_data_prot = prot_private; } else { command_prot = prot_safe; } break; } - + verbose = old_verbose; return *m == NULL; } diff --git a/appl/ftp/ftp/security.h b/appl/ftp/ftp/security.h index 85ba23eee0ba..553372e28bf4 100644 --- a/appl/ftp/ftp/security.h +++ b/appl/ftp/ftp/security.h @@ -1,46 +1,47 @@ /* - * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: security.h 21224 2007-06-20 10:15:13Z lha $ */ +/* $Id$ */ #ifndef __security_h__ #define __security_h__ -enum protection_level { - prot_clear, - prot_safe, - prot_confidential, - prot_private +enum protection_level { + prot_invalid = -1, + prot_clear = 0, + prot_safe = 1, + prot_confidential = 2, + prot_private = 3 }; struct sec_client_mech { @@ -137,4 +138,4 @@ enum protection_level set_command_prot(enum protection_level); #endif -#endif /* __security_h__ */ +#endif /* __security_h__ */ diff --git a/appl/ftp/ftpd/Makefile.am b/appl/ftp/ftpd/Makefile.am index b40487630409..355b8baae4e2 100644 --- a/appl/ftp/ftpd/Makefile.am +++ b/appl/ftp/ftpd/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 21031 2007-06-09 05:00:27Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -8,9 +8,6 @@ libexec_PROGRAMS = ftpd CHECK_LOCAL = -if KRB4 -krb4_sources = krb4.c -endif if KRB5 krb5_sources = gssapi.c gss_userok.c endif @@ -30,7 +27,7 @@ ftpd_SOURCES = \ $(krb4_sources) \ $(krb5_sources) -EXTRA_ftpd_SOURCES = krb4.c kauth.c gssapi.c gss_userok.c +EXTRA_ftpd_SOURCES = kauth.c gssapi.c gss_userok.c $(ftpd_OBJECTS): security.h @@ -38,12 +35,10 @@ security.c: @test -f security.c || $(LN_S) $(srcdir)/../ftp/security.c . security.h: @test -f security.h || $(LN_S) $(srcdir)/../ftp/security.h . -krb4.c: - @test -f krb4.c || $(LN_S) $(srcdir)/../ftp/krb4.c . gssapi.c: @test -f gssapi.c || $(LN_S) $(srcdir)/../ftp/gssapi.c . -CLEANFILES = security.c security.h krb4.c gssapi.c +CLEANFILES = security.c security.h gssapi.c man_MANS = ftpd.8 ftpusers.5 @@ -56,4 +51,4 @@ LDADD = ../common/libcommon.a \ $(LIB_hcrypto) \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) diff --git a/appl/ftp/ftpd/Makefile.in b/appl/ftp/ftpd/Makefile.in index c7a6a8fce070..afa961539a33 100644 --- a/appl/ftp/ftpd/Makefile.in +++ b/appl/ftp/ftpd/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 21031 2007-06-09 05:00:27Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,7 +47,7 @@ libexec_PROGRAMS = ftpd$(EXEEXT) subdir = appl/ftp/ftpd ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -60,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -74,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -84,25 +89,23 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man5dir)" \ "$(DESTDIR)$(man8dir)" -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(libexec_PROGRAMS) am__ftpd_SOURCES_DIST = extern.h ftpcmd.y ftpd.c ftpd_locl.h logwtmp.c \ - ls.c pathnames.h popen.c security.c kauth.c klist.c krb4.c \ - gssapi.c gss_userok.c -@KRB4_TRUE@am__objects_1 = krb4.$(OBJEXT) -@KRB5_TRUE@am__objects_2 = gssapi.$(OBJEXT) gss_userok.$(OBJEXT) + ls.c pathnames.h popen.c security.c kauth.c klist.c gssapi.c \ + gss_userok.c +@KRB5_TRUE@am__objects_1 = gssapi.$(OBJEXT) gss_userok.$(OBJEXT) am_ftpd_OBJECTS = ftpcmd.$(OBJEXT) ftpd.$(OBJEXT) logwtmp.$(OBJEXT) \ ls.$(OBJEXT) popen.$(OBJEXT) security.$(OBJEXT) \ - kauth.$(OBJEXT) klist.$(OBJEXT) $(am__objects_1) \ - $(am__objects_2) + kauth.$(OBJEXT) klist.$(OBJEXT) $(am__objects_1) ftpd_OBJECTS = $(am_ftpd_OBJECTS) ftpd_LDADD = $(LDADD) am__DEPENDENCIES_1 = @@ -112,9 +115,9 @@ ftpd_DEPENDENCIES = ../common/libcommon.a $(am__DEPENDENCIES_1) \ $(LIB_gssapi) $(LIB_krb5) $(am__DEPENDENCIES_2) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -131,6 +134,27 @@ LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ YLWRAP = $(top_srcdir)/ylwrap SOURCES = $(ftpd_SOURCES) $(EXTRA_ftpd_SOURCES) DIST_SOURCES = $(am__ftpd_SOURCES_DIST) $(EXTRA_ftpd_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man5dir = $(mandir)/man5 man8dir = $(mandir)/man8 MANS = $(man_MANS) @@ -141,49 +165,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -207,10 +240,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -227,6 +261,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -242,31 +278,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -281,10 +331,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -325,33 +377,37 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -I$(srcdir)/../common $(INCLUDE_krb4) -DFTP_SERVER +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) -I$(srcdir)/../common $(INCLUDE_krb4) \ + -DFTP_SERVER @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la CHECK_LOCAL = -@KRB4_TRUE@krb4_sources = krb4.c @KRB5_TRUE@krb5_sources = gssapi.c gss_userok.c ftpd_SOURCES = \ extern.h \ @@ -368,8 +424,8 @@ ftpd_SOURCES = \ $(krb4_sources) \ $(krb5_sources) -EXTRA_ftpd_SOURCES = krb4.c kauth.c gssapi.c gss_userok.c -CLEANFILES = security.c security.h krb4.c gssapi.c +EXTRA_ftpd_SOURCES = kauth.c gssapi.c gss_userok.c +CLEANFILES = security.c security.h gssapi.c man_MANS = ftpd.8 ftpusers.5 LDADD = ../common/libcommon.a \ $(LIB_otp) \ @@ -380,23 +436,23 @@ LDADD = ../common/libcommon.a \ $(LIB_hcrypto) \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj .y +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj .y $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/ftp/ftpd/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/ftp/ftpd/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/ftp/ftpd/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/ftp/ftpd/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -414,34 +470,50 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list ftpd$(EXEEXT): $(ftpd_OBJECTS) $(ftpd_DEPENDENCIES) @rm -f ftpd$(EXEEXT) $(LINK) $(ftpd_OBJECTS) $(ftpd_LDADD) $(LIBS) @@ -452,14 +524,37 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ftpcmd.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ftpd.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gss_userok.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gssapi.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kauth.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/klist.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/logwtmp.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ls.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/popen.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/security.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< .y.c: $(am__skipyacc) $(SHELL) $(YLWRAP) $< y.tab.c $@ y.tab.h $*.h y.output $*.output -- $(YACCCOMPILE) @@ -469,146 +564,149 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs -install-man5: $(man5_MANS) $(man_MANS) +install-man5: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)" - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man5dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.5[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ + done; } + uninstall-man5: @$(NORMAL_UNINSTALL) - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man5dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) + @list=''; test -n "$(man5dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.5[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man5dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man5dir)" && rm -f $$files; } +install-man8: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + uninstall-man8: @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -624,13 +722,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -666,6 +768,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -677,6 +780,7 @@ clean-am: clean-generic clean-libexecPROGRAMS clean-libtool \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -687,6 +791,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -694,26 +800,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-libexecPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man5 install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -733,11 +848,10 @@ ps-am: uninstall-am: uninstall-libexecPROGRAMS uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man5 uninstall-man8 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-generic clean-libexecPROGRAMS clean-libtool ctags \ @@ -825,6 +939,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -910,7 +1027,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -930,10 +1047,9 @@ security.c: @test -f security.c || $(LN_S) $(srcdir)/../ftp/security.c . security.h: @test -f security.h || $(LN_S) $(srcdir)/../ftp/security.h . -krb4.c: - @test -f krb4.c || $(LN_S) $(srcdir)/../ftp/krb4.c . gssapi.c: @test -f gssapi.c || $(LN_S) $(srcdir)/../ftp/gssapi.c . + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/ftp/ftpd/NTMakefile b/appl/ftp/ftpd/NTMakefile new file mode 100644 index 000000000000..3b88d326f818 --- /dev/null +++ b/appl/ftp/ftpd/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\ftp\ftpd + +!include ../../../windows/NTMakefile.w32 + diff --git a/appl/ftp/ftpd/extern.h b/appl/ftp/ftpd/extern.h index db40f2fdd21d..3f48ec66eb5f 100644 --- a/appl/ftp/ftpd/extern.h +++ b/appl/ftp/ftpd/extern.h @@ -63,7 +63,7 @@ void abor(void); void blkfree(char **); char **copyblk(char **); -void cwd(char *); +void cwd(const char *); void do_delete(char *); void dologout(int); void eprt(char *); @@ -129,6 +129,7 @@ extern struct sockaddr *data_dest; extern int logged_in; extern struct passwd *pw; extern int guest; +extern int dochroot; extern int logging; extern int type; extern off_t file_size; @@ -144,5 +145,6 @@ extern char hostname[], remotehost[]; extern char proctitle[]; extern int usedefault; extern char tmpline[]; +extern int paranoid; #endif /* _EXTERN_H_ */ diff --git a/appl/ftp/ftpd/ftpcmd.c b/appl/ftp/ftpd/ftpcmd.c index 94eadeeec92e..dab11bc952aa 100644 --- a/appl/ftp/ftpd/ftpcmd.c +++ b/appl/ftp/ftpd/ftpcmd.c @@ -242,7 +242,7 @@ #include "ftpd_locl.h" -RCSID("$Id: ftpcmd.y 15677 2005-07-19 18:33:08Z lha $"); +RCSID("$Id$"); off_t restart_point; @@ -665,16 +665,16 @@ static const yytype_int8 yyrhs[] = /* YYRLINE[YYN] -- source line where rule number YYN was defined. */ static const yytype_uint16 yyrline[] = { - 0, 129, 129, 131, 136, 140, 146, 153, 164, 170, - 175, 180, 186, 223, 237, 251, 257, 263, 272, 281, - 290, 295, 304, 309, 315, 322, 327, 334, 348, 353, - 358, 365, 370, 387, 392, 399, 406, 411, 416, 426, - 433, 438, 443, 451, 464, 478, 485, 502, 525, 530, - 539, 552, 563, 576, 583, 588, 595, 613, 630, 658, - 665, 671, 681, 691, 696, 701, 706, 711, 716, 721, - 726, 734, 739, 742, 746, 750, 763, 767, 771, 778, - 783, 788, 793, 798, 802, 807, 813, 821, 825, 829, - 836, 840, 844, 851, 879, 883, 909, 917, 928 + 0, 129, 129, 131, 136, 140, 146, 154, 175, 181, + 186, 191, 197, 234, 248, 262, 268, 274, 283, 292, + 301, 306, 315, 320, 326, 333, 338, 345, 359, 364, + 373, 380, 385, 402, 407, 414, 421, 426, 431, 441, + 448, 453, 458, 466, 479, 493, 500, 517, 521, 526, + 530, 534, 545, 558, 565, 570, 577, 595, 612, 640, + 647, 653, 663, 673, 678, 683, 688, 693, 698, 703, + 708, 716, 721, 724, 728, 732, 745, 749, 753, 760, + 765, 770, 775, 780, 784, 789, 795, 803, 807, 811, + 818, 822, 826, 833, 861, 865, 891, 899, 910 }; #endif @@ -1794,21 +1794,31 @@ yyparse () break; case 7: -#line 154 "ftpcmd.y" +#line 155 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) { - usedefault = 0; - if (pdata >= 0) { + if (paranoid && + (data_dest->sa_family != his_addr->sa_family || + (socket_get_port(data_dest) < IPPORT_RESERVED) || + memcmp(socket_get_address(data_dest), + socket_get_address(his_addr), + socket_addr_size(his_addr)) != 0)) { + usedefault = 1; + reply(500, "Illegal PORT range rejected."); + } else { + usedefault = 0; + if (pdata >= 0) { close(pdata); pdata = -1; + } + reply(200, "PORT command successful."); } - reply(200, "PORT command successful."); } } break; case 8: -#line 165 "ftpcmd.y" +#line 176 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) eprt ((yyvsp[(3) - (5)].s)); @@ -1817,7 +1827,7 @@ yyparse () break; case 9: -#line 171 "ftpcmd.y" +#line 182 "ftpcmd.y" { if((yyvsp[(3) - (3)].i)) pasv (); @@ -1825,7 +1835,7 @@ yyparse () break; case 10: -#line 176 "ftpcmd.y" +#line 187 "ftpcmd.y" { if((yyvsp[(3) - (3)].i)) epsv (NULL); @@ -1833,7 +1843,7 @@ yyparse () break; case 11: -#line 181 "ftpcmd.y" +#line 192 "ftpcmd.y" { if((yyvsp[(5) - (5)].i)) epsv ((yyvsp[(3) - (5)].s)); @@ -1842,7 +1852,7 @@ yyparse () break; case 12: -#line 187 "ftpcmd.y" +#line 198 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) { switch (cmd_type) { @@ -1882,7 +1892,7 @@ yyparse () break; case 13: -#line 224 "ftpcmd.y" +#line 235 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) { switch ((yyvsp[(3) - (5)].i)) { @@ -1899,7 +1909,7 @@ yyparse () break; case 14: -#line 238 "ftpcmd.y" +#line 249 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) { switch ((yyvsp[(3) - (5)].i)) { @@ -1916,7 +1926,7 @@ yyparse () break; case 15: -#line 252 "ftpcmd.y" +#line 263 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) { reply(202, "ALLO command ignored."); @@ -1925,7 +1935,7 @@ yyparse () break; case 16: -#line 258 "ftpcmd.y" +#line 269 "ftpcmd.y" { if ((yyvsp[(9) - (9)].i)) { reply(202, "ALLO command ignored."); @@ -1934,7 +1944,7 @@ yyparse () break; case 17: -#line 264 "ftpcmd.y" +#line 275 "ftpcmd.y" { char *name = (yyvsp[(3) - (5)].s); @@ -1946,7 +1956,7 @@ yyparse () break; case 18: -#line 273 "ftpcmd.y" +#line 284 "ftpcmd.y" { char *name = (yyvsp[(3) - (5)].s); @@ -1958,7 +1968,7 @@ yyparse () break; case 19: -#line 282 "ftpcmd.y" +#line 293 "ftpcmd.y" { char *name = (yyvsp[(3) - (5)].s); @@ -1970,7 +1980,7 @@ yyparse () break; case 20: -#line 291 "ftpcmd.y" +#line 302 "ftpcmd.y" { if ((yyvsp[(3) - (3)].i)) send_file_list("."); @@ -1978,7 +1988,7 @@ yyparse () break; case 21: -#line 296 "ftpcmd.y" +#line 307 "ftpcmd.y" { char *name = (yyvsp[(3) - (5)].s); @@ -1990,7 +2000,7 @@ yyparse () break; case 22: -#line 305 "ftpcmd.y" +#line 316 "ftpcmd.y" { if((yyvsp[(3) - (3)].i)) list_file("."); @@ -1998,7 +2008,7 @@ yyparse () break; case 23: -#line 310 "ftpcmd.y" +#line 321 "ftpcmd.y" { if((yyvsp[(5) - (5)].i)) list_file((yyvsp[(3) - (5)].s)); @@ -2007,7 +2017,7 @@ yyparse () break; case 24: -#line 316 "ftpcmd.y" +#line 327 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) statfilecmd((yyvsp[(3) - (5)].s)); @@ -2017,7 +2027,7 @@ yyparse () break; case 25: -#line 323 "ftpcmd.y" +#line 334 "ftpcmd.y" { if ((yyvsp[(3) - (3)].i)) statcmd(); @@ -2025,7 +2035,7 @@ yyparse () break; case 26: -#line 328 "ftpcmd.y" +#line 339 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) do_delete((yyvsp[(3) - (5)].s)); @@ -2035,7 +2045,7 @@ yyparse () break; case 27: -#line 335 "ftpcmd.y" +#line 346 "ftpcmd.y" { if((yyvsp[(5) - (5)].i)){ if (fromname) { @@ -2052,7 +2062,7 @@ yyparse () break; case 28: -#line 349 "ftpcmd.y" +#line 360 "ftpcmd.y" { if ((yyvsp[(3) - (3)].i)) reply(225, "ABOR command successful."); @@ -2060,15 +2070,19 @@ yyparse () break; case 29: -#line 354 "ftpcmd.y" +#line 365 "ftpcmd.y" { - if ((yyvsp[(3) - (3)].i)) - cwd(pw->pw_dir); + if ((yyvsp[(3) - (3)].i)) { + const char *path = pw->pw_dir; + if (dochroot || guest) + path = "/"; + cwd(path); + } } break; case 30: -#line 359 "ftpcmd.y" +#line 374 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) cwd((yyvsp[(3) - (5)].s)); @@ -2078,7 +2092,7 @@ yyparse () break; case 31: -#line 366 "ftpcmd.y" +#line 381 "ftpcmd.y" { if ((yyvsp[(3) - (3)].i)) help(cmdtab, (char *) 0); @@ -2086,7 +2100,7 @@ yyparse () break; case 32: -#line 371 "ftpcmd.y" +#line 386 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) { char *cp = (yyvsp[(3) - (5)].s); @@ -2106,7 +2120,7 @@ yyparse () break; case 33: -#line 388 "ftpcmd.y" +#line 403 "ftpcmd.y" { if ((yyvsp[(3) - (3)].i)) reply(200, "NOOP command successful."); @@ -2114,7 +2128,7 @@ yyparse () break; case 34: -#line 393 "ftpcmd.y" +#line 408 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) makedir((yyvsp[(3) - (5)].s)); @@ -2124,7 +2138,7 @@ yyparse () break; case 35: -#line 400 "ftpcmd.y" +#line 415 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) removedir((yyvsp[(3) - (5)].s)); @@ -2134,7 +2148,7 @@ yyparse () break; case 36: -#line 407 "ftpcmd.y" +#line 422 "ftpcmd.y" { if ((yyvsp[(3) - (3)].i)) pwd(); @@ -2142,7 +2156,7 @@ yyparse () break; case 37: -#line 412 "ftpcmd.y" +#line 427 "ftpcmd.y" { if ((yyvsp[(3) - (3)].i)) cwd(".."); @@ -2150,7 +2164,7 @@ yyparse () break; case 38: -#line 417 "ftpcmd.y" +#line 432 "ftpcmd.y" { if ((yyvsp[(3) - (3)].i)) { lreply(211, "Supported features:"); @@ -2163,7 +2177,7 @@ yyparse () break; case 39: -#line 427 "ftpcmd.y" +#line 442 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) reply(501, "Bad options"); @@ -2172,7 +2186,7 @@ yyparse () break; case 40: -#line 434 "ftpcmd.y" +#line 449 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) help(sitetab, (char *) 0); @@ -2180,7 +2194,7 @@ yyparse () break; case 41: -#line 439 "ftpcmd.y" +#line 454 "ftpcmd.y" { if ((yyvsp[(7) - (7)].i)) help(sitetab, (yyvsp[(5) - (7)].s)); @@ -2188,7 +2202,7 @@ yyparse () break; case 42: -#line 444 "ftpcmd.y" +#line 459 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) { int oldmask = umask(0); @@ -2199,7 +2213,7 @@ yyparse () break; case 43: -#line 452 "ftpcmd.y" +#line 467 "ftpcmd.y" { if ((yyvsp[(7) - (7)].i)) { if (((yyvsp[(5) - (7)].i) == -1) || ((yyvsp[(5) - (7)].i) > 0777)) { @@ -2215,7 +2229,7 @@ yyparse () break; case 44: -#line 465 "ftpcmd.y" +#line 480 "ftpcmd.y" { if ((yyvsp[(9) - (9)].i) && (yyvsp[(7) - (9)].s) != NULL) { if ((yyvsp[(5) - (9)].i) > 0777) @@ -2232,7 +2246,7 @@ yyparse () break; case 45: -#line 479 "ftpcmd.y" +#line 494 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) reply(200, @@ -2242,7 +2256,7 @@ yyparse () break; case 46: -#line 486 "ftpcmd.y" +#line 501 "ftpcmd.y" { if ((yyvsp[(7) - (7)].i)) { if ((yyvsp[(5) - (7)].i) < 30 || (yyvsp[(5) - (7)].i) > maxtimeout) { @@ -2261,33 +2275,14 @@ yyparse () break; case 47: -#line 503 "ftpcmd.y" +#line 518 "ftpcmd.y" { -#ifdef KRB4 - char *p; - - if(guest) - reply(500, "Can't be done as guest."); - else{ - if((yyvsp[(7) - (7)].i) && (yyvsp[(5) - (7)].s) != NULL){ - p = strpbrk((yyvsp[(5) - (7)].s), " \t"); - if(p){ - *p++ = 0; - kauth((yyvsp[(5) - (7)].s), p + strspn(p, " \t")); - }else - kauth((yyvsp[(5) - (7)].s), NULL); - } - } - if((yyvsp[(5) - (7)].s) != NULL) - free((yyvsp[(5) - (7)].s)); -#else reply(500, "Command not implemented."); -#endif } break; case 48: -#line 526 "ftpcmd.y" +#line 522 "ftpcmd.y" { if((yyvsp[(5) - (5)].i)) klist(); @@ -2295,37 +2290,23 @@ yyparse () break; case 49: -#line 531 "ftpcmd.y" +#line 527 "ftpcmd.y" { -#ifdef KRB4 - if((yyvsp[(5) - (5)].i)) - kdestroy(); -#else reply(500, "Command not implemented."); -#endif } break; case 50: -#line 540 "ftpcmd.y" +#line 531 "ftpcmd.y" { -#ifdef KRB4 - if(guest) - reply(500, "Can't be done as guest."); - else if((yyvsp[(7) - (7)].i) && (yyvsp[(5) - (7)].s)) - krbtkfile((yyvsp[(5) - (7)].s)); - if((yyvsp[(5) - (7)].s)) - free((yyvsp[(5) - (7)].s)); -#else reply(500, "Command not implemented."); -#endif } break; case 51: -#line 553 "ftpcmd.y" +#line 535 "ftpcmd.y" { -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) if(guest) reply(500, "Can't be done as guest."); else if((yyvsp[(5) - (5)].i)) @@ -2337,9 +2318,9 @@ yyparse () break; case 52: -#line 564 "ftpcmd.y" +#line 546 "ftpcmd.y" { -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) if(guest) reply(500, "Can't be done as guest."); else if((yyvsp[(7) - (7)].i)) @@ -2353,7 +2334,7 @@ yyparse () break; case 53: -#line 577 "ftpcmd.y" +#line 559 "ftpcmd.y" { if((yyvsp[(7) - (7)].i) && (yyvsp[(5) - (7)].s) != NULL) find((yyvsp[(5) - (7)].s)); @@ -2363,7 +2344,7 @@ yyparse () break; case 54: -#line 584 "ftpcmd.y" +#line 566 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) reply(200, "http://www.pdc.kth.se/heimdal/"); @@ -2371,7 +2352,7 @@ yyparse () break; case 55: -#line 589 "ftpcmd.y" +#line 571 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) do_store((yyvsp[(3) - (5)].s), "w", 1); @@ -2381,7 +2362,7 @@ yyparse () break; case 56: -#line 596 "ftpcmd.y" +#line 578 "ftpcmd.y" { if ((yyvsp[(3) - (3)].i)) { #if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__) @@ -2394,7 +2375,7 @@ yyparse () break; case 57: -#line 614 "ftpcmd.y" +#line 596 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) sizecmd((yyvsp[(3) - (5)].s)); @@ -2404,7 +2385,7 @@ yyparse () break; case 58: -#line 631 "ftpcmd.y" +#line 613 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) { struct stat stbuf; @@ -2435,7 +2416,7 @@ yyparse () break; case 59: -#line 659 "ftpcmd.y" +#line 641 "ftpcmd.y" { if ((yyvsp[(3) - (3)].i)) { reply(221, "Goodbye."); @@ -2445,14 +2426,14 @@ yyparse () break; case 60: -#line 666 "ftpcmd.y" +#line 648 "ftpcmd.y" { yyerrok; } break; case 61: -#line 672 "ftpcmd.y" +#line 654 "ftpcmd.y" { restart_point = (off_t) 0; if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s)) { @@ -2465,7 +2446,7 @@ yyparse () break; case 62: -#line 682 "ftpcmd.y" +#line 664 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) { fromname = (char *) 0; @@ -2478,7 +2459,7 @@ yyparse () break; case 63: -#line 692 "ftpcmd.y" +#line 674 "ftpcmd.y" { auth((yyvsp[(3) - (4)].s)); free((yyvsp[(3) - (4)].s)); @@ -2486,7 +2467,7 @@ yyparse () break; case 64: -#line 697 "ftpcmd.y" +#line 679 "ftpcmd.y" { adat((yyvsp[(3) - (4)].s)); free((yyvsp[(3) - (4)].s)); @@ -2494,7 +2475,7 @@ yyparse () break; case 65: -#line 702 "ftpcmd.y" +#line 684 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) pbsz((yyvsp[(3) - (5)].i)); @@ -2502,7 +2483,7 @@ yyparse () break; case 66: -#line 707 "ftpcmd.y" +#line 689 "ftpcmd.y" { if ((yyvsp[(5) - (5)].i)) prot((yyvsp[(3) - (5)].s)); @@ -2510,7 +2491,7 @@ yyparse () break; case 67: -#line 712 "ftpcmd.y" +#line 694 "ftpcmd.y" { if ((yyvsp[(3) - (3)].i)) ccc(); @@ -2518,7 +2499,7 @@ yyparse () break; case 68: -#line 717 "ftpcmd.y" +#line 699 "ftpcmd.y" { mec((yyvsp[(3) - (4)].s), prot_safe); free((yyvsp[(3) - (4)].s)); @@ -2526,7 +2507,7 @@ yyparse () break; case 69: -#line 722 "ftpcmd.y" +#line 704 "ftpcmd.y" { mec((yyvsp[(3) - (4)].s), prot_confidential); free((yyvsp[(3) - (4)].s)); @@ -2534,7 +2515,7 @@ yyparse () break; case 70: -#line 727 "ftpcmd.y" +#line 709 "ftpcmd.y" { mec((yyvsp[(3) - (4)].s), prot_private); free((yyvsp[(3) - (4)].s)); @@ -2542,47 +2523,47 @@ yyparse () break; case 72: -#line 739 "ftpcmd.y" +#line 721 "ftpcmd.y" { (yyval.s) = (char *)calloc(1, sizeof(char)); } break; case 75: -#line 752 "ftpcmd.y" +#line 734 "ftpcmd.y" { struct sockaddr_in *sin4 = (struct sockaddr_in *)data_dest; sin4->sin_family = AF_INET; sin4->sin_port = htons((yyvsp[(9) - (11)].i) * 256 + (yyvsp[(11) - (11)].i)); - sin4->sin_addr.s_addr = + sin4->sin_addr.s_addr = htonl(((yyvsp[(1) - (11)].i) << 24) | ((yyvsp[(3) - (11)].i) << 16) | ((yyvsp[(5) - (11)].i) << 8) | (yyvsp[(7) - (11)].i)); } break; case 76: -#line 764 "ftpcmd.y" +#line 746 "ftpcmd.y" { (yyval.i) = FORM_N; } break; case 77: -#line 768 "ftpcmd.y" +#line 750 "ftpcmd.y" { (yyval.i) = FORM_T; } break; case 78: -#line 772 "ftpcmd.y" +#line 754 "ftpcmd.y" { (yyval.i) = FORM_C; } break; case 79: -#line 779 "ftpcmd.y" +#line 761 "ftpcmd.y" { cmd_type = TYPE_A; cmd_form = FORM_N; @@ -2590,7 +2571,7 @@ yyparse () break; case 80: -#line 784 "ftpcmd.y" +#line 766 "ftpcmd.y" { cmd_type = TYPE_A; cmd_form = (yyvsp[(3) - (3)].i); @@ -2598,7 +2579,7 @@ yyparse () break; case 81: -#line 789 "ftpcmd.y" +#line 771 "ftpcmd.y" { cmd_type = TYPE_E; cmd_form = FORM_N; @@ -2606,7 +2587,7 @@ yyparse () break; case 82: -#line 794 "ftpcmd.y" +#line 776 "ftpcmd.y" { cmd_type = TYPE_E; cmd_form = (yyvsp[(3) - (3)].i); @@ -2614,14 +2595,14 @@ yyparse () break; case 83: -#line 799 "ftpcmd.y" +#line 781 "ftpcmd.y" { cmd_type = TYPE_I; } break; case 84: -#line 803 "ftpcmd.y" +#line 785 "ftpcmd.y" { cmd_type = TYPE_L; cmd_bytesz = NBBY; @@ -2629,7 +2610,7 @@ yyparse () break; case 85: -#line 808 "ftpcmd.y" +#line 790 "ftpcmd.y" { cmd_type = TYPE_L; cmd_bytesz = (yyvsp[(3) - (3)].i); @@ -2637,7 +2618,7 @@ yyparse () break; case 86: -#line 814 "ftpcmd.y" +#line 796 "ftpcmd.y" { cmd_type = TYPE_L; cmd_bytesz = (yyvsp[(2) - (2)].i); @@ -2645,49 +2626,49 @@ yyparse () break; case 87: -#line 822 "ftpcmd.y" +#line 804 "ftpcmd.y" { (yyval.i) = STRU_F; } break; case 88: -#line 826 "ftpcmd.y" +#line 808 "ftpcmd.y" { (yyval.i) = STRU_R; } break; case 89: -#line 830 "ftpcmd.y" +#line 812 "ftpcmd.y" { (yyval.i) = STRU_P; } break; case 90: -#line 837 "ftpcmd.y" +#line 819 "ftpcmd.y" { (yyval.i) = MODE_S; } break; case 91: -#line 841 "ftpcmd.y" +#line 823 "ftpcmd.y" { (yyval.i) = MODE_B; } break; case 92: -#line 845 "ftpcmd.y" +#line 827 "ftpcmd.y" { (yyval.i) = MODE_C; } break; case 93: -#line 852 "ftpcmd.y" +#line 834 "ftpcmd.y" { /* * Problem: this production is used for all pathname @@ -2715,7 +2696,7 @@ yyparse () break; case 95: -#line 884 "ftpcmd.y" +#line 866 "ftpcmd.y" { int ret, dec, multby, digit; @@ -2741,7 +2722,7 @@ yyparse () break; case 96: -#line 910 "ftpcmd.y" +#line 892 "ftpcmd.y" { (yyval.i) = (yyvsp[(1) - (1)].i) && !guest; if((yyvsp[(1) - (1)].i) && !(yyval.i)) @@ -2750,7 +2731,7 @@ yyparse () break; case 97: -#line 918 "ftpcmd.y" +#line 900 "ftpcmd.y" { if((yyvsp[(1) - (1)].i)) { if(((yyval.i) = logged_in) == 0) @@ -2761,7 +2742,7 @@ yyparse () break; case 98: -#line 928 "ftpcmd.y" +#line 910 "ftpcmd.y" { (yyval.i) = 1; if(sec_complete && !ccc_passed && !secure_command()) { @@ -2774,7 +2755,7 @@ yyparse () /* Line 1267 of yacc.c. */ -#line 2778 "ftpcmd.c" +#line 2759 "ftpcmd.c" default: break; } YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); @@ -2988,7 +2969,7 @@ yyparse () } -#line 938 "ftpcmd.y" +#line 920 "ftpcmd.y" #define CMD 0 /* beginning of command */ @@ -3085,7 +3066,7 @@ struct tab sitetab[] = { { "FIND", LOCATE, STR1, 1, " globexpr" }, { "URL", URL, ARGS, 1, "?" }, - + { NULL, 0, 0, 0, 0 } }; diff --git a/appl/ftp/ftpd/ftpcmd.y b/appl/ftp/ftpd/ftpcmd.y index 963a6a0f4590..05ae7366bb46 100644 --- a/appl/ftp/ftpd/ftpcmd.y +++ b/appl/ftp/ftpd/ftpcmd.y @@ -43,7 +43,7 @@ %{ #include "ftpd_locl.h" -RCSID("$Id: ftpcmd.y 15677 2005-07-19 18:33:08Z lha $"); +RCSID("$Id$"); off_t restart_point; @@ -150,15 +150,26 @@ cmd memset ($3, 0, strlen($3)); free($3); } + | PORT SP host_port CRLF check_secure { if ($5) { - usedefault = 0; - if (pdata >= 0) { + if (paranoid && + (data_dest->sa_family != his_addr->sa_family || + (socket_get_port(data_dest) < IPPORT_RESERVED) || + memcmp(socket_get_address(data_dest), + socket_get_address(his_addr), + socket_addr_size(his_addr)) != 0)) { + usedefault = 1; + reply(500, "Illegal PORT range rejected."); + } else { + usedefault = 0; + if (pdata >= 0) { close(pdata); pdata = -1; + } + reply(200, "PORT command successful."); } - reply(200, "PORT command successful."); } } | EPRT SP STRING CRLF check_secure @@ -352,8 +363,12 @@ cmd } | CWD CRLF check_login { - if ($3) - cwd(pw->pw_dir); + if ($3) { + const char *path = pw->pw_dir; + if (dochroot || guest) + path = "/"; + cwd(path); + } } | CWD SP pathname CRLF check_login { @@ -501,26 +516,7 @@ cmd | SITE SP KAUTH SP STRING CRLF check_login { -#ifdef KRB4 - char *p; - - if(guest) - reply(500, "Can't be done as guest."); - else{ - if($7 && $5 != NULL){ - p = strpbrk($5, " \t"); - if(p){ - *p++ = 0; - kauth($5, p + strspn(p, " \t")); - }else - kauth($5, NULL); - } - } - if($5 != NULL) - free($5); -#else reply(500, "Command not implemented."); -#endif } | SITE SP KLIST CRLF check_login { @@ -529,29 +525,15 @@ cmd } | SITE SP KDESTROY CRLF check_login { -#ifdef KRB4 - if($5) - kdestroy(); -#else reply(500, "Command not implemented."); -#endif } | SITE SP KRBTKFILE SP STRING CRLF check_login { -#ifdef KRB4 - if(guest) - reply(500, "Can't be done as guest."); - else if($7 && $5) - krbtkfile($5); - if($5) - free($5); -#else reply(500, "Command not implemented."); -#endif } | SITE SP AFSLOG CRLF check_login { -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) if(guest) reply(500, "Can't be done as guest."); else if($5) @@ -562,7 +544,7 @@ cmd } | SITE SP AFSLOG SP STRING CRLF check_login { -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) if(guest) reply(500, "Can't be done as guest."); else if($7) @@ -754,7 +736,7 @@ host_port sin4->sin_family = AF_INET; sin4->sin_port = htons($9 * 256 + $11); - sin4->sin_addr.s_addr = + sin4->sin_addr.s_addr = htonl(($1 << 24) | ($3 << 16) | ($5 << 8) | $7); } ; @@ -1031,7 +1013,7 @@ struct tab sitetab[] = { { "FIND", LOCATE, STR1, 1, " globexpr" }, { "URL", URL, ARGS, 1, "?" }, - + { NULL, 0, 0, 0, 0 } }; diff --git a/appl/ftp/ftpd/ftpd.8 b/appl/ftp/ftpd/ftpd.8 index 0dfed9f75430..b025b1ecdaaa 100644 --- a/appl/ftp/ftpd/ftpd.8 +++ b/appl/ftp/ftpd/ftpd.8 @@ -47,11 +47,11 @@ .Op Fl p Ar port .Op Fl T Ar maxtimeout .Op Fl t Ar timeout -.Op Fl -gss-bindings -.Op Fl I | Fl -no-insecure-oob +.Op Fl Fl gss-bindings +.Op Fl I | Fl Fl no-insecure-oob .Op Fl u Ar default umask -.Op Fl B | Fl -builtin-ls -.Op Fl -good-chars= Ns Ar string +.Op Fl B | Fl Fl builtin-ls +.Op Fl Fl good-chars= Ns Ar string .Sh DESCRIPTION .Nm Ftpd is the @@ -101,7 +101,7 @@ Debugging information is written to the syslog using LOG_FTP. .It Fl g Anonymous users will get a umask of .Ar umask . -.It Fl -gss-bindings +.It Fl Fl gss-bindings require the peer to use GSS-API bindings (ie make sure IP addresses match). .It Fl i Open a socket and wait for a connection. This is mainly used for @@ -144,16 +144,16 @@ revert to the old behavior. Verbose mode. .It Xo .Fl B , -.Fl -builtin-ls +.Fl Fl builtin-ls .Xc use built-in ls to list files .It Xo -.Fl -good-chars= Ns Ar string +.Fl Fl good-chars= Ns Ar string .Xc allowed anonymous upload filename chars .It Xo .Fl I -.Fl -no-insecure-oob +.Fl Fl no-insecure-oob .Xc don't allow insecure out of band. Heimdal ftp clients before 0.6.3 doesn't support secure oob, so turning diff --git a/appl/ftp/ftpd/ftpd.c b/appl/ftp/ftpd/ftpd.c index 2005a4fb3161..5be67c866232 100644 --- a/appl/ftp/ftpd/ftpd.c +++ b/appl/ftp/ftpd/ftpd.c @@ -38,7 +38,7 @@ #endif #include "getarg.h" -RCSID("$Id: ftpd.c 21222 2007-06-20 10:11:14Z lha $"); +RCSID("$Id$"); static char version[] = "Version 6.00"; @@ -91,6 +91,7 @@ char tmpline[10240]; char hostname[MaxHostNameLen]; char remotehost[MaxHostNameLen]; static char ttyline[20]; +int paranoid = 1; #define AUTH_PLAIN (1 << 0) /* allow sending passwords */ #define AUTH_OTP (1 << 1) /* passwords are one-time */ @@ -190,7 +191,7 @@ parse_auth_level(char *str) else warnx("bad value for -a: `%s'", p); } - return ret; + return ret; } /* @@ -225,7 +226,7 @@ struct getargs args[] = { { "builtin-ls", 'B', arg_flag, &use_builtin_ls, "use built-in ls to list files" }, { "good-chars", 0, arg_string, &good_chars, "allowed anonymous upload filename chars" }, { "insecure-oob", 'I', arg_negative_flag, &allow_insecure_oob, "don't allow insecure OOB ABOR/STAT" }, -#ifdef KRB5 +#ifdef KRB5 { "gss-bindings", 0, arg_flag, &ftp_do_gss_bindings, "Require GSS-API bindings", NULL}, #endif { "version", 0, arg_flag, &version_flag }, @@ -271,22 +272,12 @@ main(int argc, char **argv) setprogname (argv[0]); - /* detach from any tickets and tokens */ - { -#ifdef KRB4 - char tkfile[1024]; - snprintf(tkfile, sizeof(tkfile), - "/tmp/ftp_%u", (unsigned)getpid()); - krb_set_tkt_string(tkfile); -#endif - } - if(getarg(args, num_args, argc, argv, &optind)) usage(1); if(help_flag) usage(0); - + if(version_flag) { print_version(NULL); exit(0); @@ -297,7 +288,7 @@ main(int argc, char **argv) { char *p; long val = 0; - + if(guest_umask_string) { val = strtol(guest_umask_string, &p, 8); if (*p != '\0' || val < 0) @@ -328,7 +319,7 @@ main(int argc, char **argv) else warnx("bad value for -p"); } - + if (maxtimeout < ftpd_timeout) maxtimeout = ftpd_timeout; @@ -338,7 +329,7 @@ main(int argc, char **argv) #endif if(interactive_flag) - mini_inetd (port); + mini_inetd(port, NULL); /* * LOG_NDELAY sets up the logging connection immediately, @@ -355,14 +346,9 @@ main(int argc, char **argv) syslog(LOG_ERR, "getsockname (%s): %m",argv[0]); exit(1); } -#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - { - int tos = IPTOS_LOWDELAY; - - if (setsockopt(STDIN_FILENO, IPPROTO_IP, IP_TOS, - (void *)&tos, sizeof(int)) < 0) - syslog(LOG_WARNING, "setsockopt (IP_TOS): %m"); - } +#if defined(IP_TOS) + if (ctrl_addr->sa_family == AF_INET) + socket_set_tos(STDIN_FILENO, IP_TOS); #endif data_source->sa_family = ctrl_addr->sa_family; socket_set_port (data_source, @@ -410,20 +396,14 @@ main(int argc, char **argv) show_file(_PATH_FTPWELCOME, 220); /* reply(220,) must follow */ gethostname(hostname, sizeof(hostname)); - + reply(220, "%s FTP server (%s" #ifdef KRB5 "+%s" -#endif -#ifdef KRB4 - "+%s" #endif ") ready.", hostname, version #ifdef KRB5 ,heimdal_version -#endif -#ifdef KRB4 - ,krb4_version #endif ); @@ -528,7 +508,7 @@ user(char *name) guest = 0; if (strcmp(name, "ftp") == 0 || strcmp(name, "anonymous") == 0) { if ((auth_level & AUTH_FTP) == 0 || - checkaccess("ftp") || + checkaccess("ftp") || checkaccess("anonymous")) reply(530, "User %s access denied.", name); else if ((pw = sgetpwnam("ftp")) != NULL) { @@ -661,7 +641,7 @@ checkuser(char *fname, char *name) /* - * Determine whether a user has access, based on information in + * Determine whether a user has access, based on information in * _PATH_FTPUSERS. The users are listed one per line, with `allow' * or `deny' after the username. If anything other than `allow', or * just nothing, is given after the username, `deny' is assumed. @@ -689,9 +669,9 @@ checkaccess(char *name) int allowed = ALLOWED; char *user, *perm, line[BUFSIZ]; char *foo; - + fd = fopen(_PATH_FTPUSERS, "r"); - + if(fd == NULL) return allowed; @@ -724,7 +704,7 @@ int do_login(int code, char *passwd) return -1; } initgroups(pw->pw_name, pw->pw_gid); -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) if(k_hasafs()) k_setpag(); #endif @@ -799,7 +779,7 @@ int do_login(int code, char *passwd) sizeof(data_addr)); syslog(LOG_INFO, "ANONYMOUS FTP LOGIN FROM %s(%s), %s", - remotehost, + remotehost, data_addr, passwd); } @@ -850,11 +830,11 @@ end_login(void) static int krb5_verify(struct passwd *pwd, char *passwd) { - krb5_context context; + krb5_context context; krb5_ccache id; krb5_principal princ; krb5_error_code ret; - + ret = krb5_init_context(&context); if(ret) return ret; @@ -864,7 +844,7 @@ krb5_verify(struct passwd *pwd, char *passwd) krb5_free_context(context); return ret; } - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); + ret = krb5_cc_new_unique(context, "MEMORY", NULL, &id); if(ret){ krb5_free_principal(context, princ); krb5_free_context(context); @@ -882,7 +862,7 @@ krb5_verify(struct passwd *pwd, char *passwd) } krb5_cc_destroy(context, id); krb5_free_context (context); - if(ret) + if(ret) return ret; return 0; } @@ -916,21 +896,6 @@ pass(char *passwd) else if((auth_level & AUTH_OTP) == 0) { #ifdef KRB5 rval = krb5_verify(pw, passwd); -#endif -#ifdef KRB4 - if (rval) { - char realm[REALM_SZ]; - if((rval = krb_get_lrealm(realm, 1)) == KSUCCESS) - rval = krb_verify_user(pw->pw_name, - "", realm, - passwd, - KRB_VERIFY_SECURE, NULL); - if (rval == KSUCCESS ) { - chown (tkt_string(), pw->pw_uid, pw->pw_gid); - if(k_hasafs()) - krb_afslog(0, 0); - } - } #endif if (rval) rval = unix_verify_user(pw->pw_name, passwd); @@ -977,7 +942,7 @@ pass(char *passwd) } if(!do_login(230, passwd)) return; - + /* Forget all about it... */ end_login(); } @@ -1013,7 +978,7 @@ retrieve(const char *cmd, char *name) for(p = cmds; p->ext; p++){ char *tail = name + strlen(name) - strlen(p->ext); char c = *tail; - + if(strcmp(tail, p->ext) == 0 && (*tail = 0) == 0 && access(name, R_OK) == 0){ @@ -1037,7 +1002,7 @@ retrieve(const char *cmd, char *name) free(ext); } } - + } if(p->ext){ fin = ftpd_popen(line, "r", 0, 0); @@ -1106,7 +1071,7 @@ retrieve(const char *cmd, char *name) /* filename sanity check */ -int +int filename_check(char *filename) { char *p; @@ -1127,7 +1092,7 @@ filename_check(char *filename) lreply(553, "\"%s\" is not an acceptable filename.", filename); lreply(553, "The filename must start with an alphanumeric " "character and must only"); - reply(553, "consist of alphanumeric characters or any of the following: %s", + reply(553, "consist of alphanumeric characters or any of the following: %s", good_chars); return 1; } @@ -1141,10 +1106,14 @@ do_store(char *name, char *mode, int unique) if(guest && filename_check(name)) return; - if (unique && stat(name, &st) == 0 && - (name = gunique(name)) == NULL) { - LOGCMD(*mode == 'w' ? "put" : "append", name); - return; + if (unique) { + char *uname; + if (stat(name, &st) == 0) { + if ((uname = gunique(name)) == NULL) + return; + name = uname; + } + LOGCMD(*mode == 'w' ? "put" : "append", name); } if (restart_point) @@ -1252,7 +1221,7 @@ getdatasock(const char *mode, int domain) } static int -accept_with_timeout(int socket, +accept_with_timeout(int socket, struct sockaddr *address, socklen_t *address_len, struct timeval *timeout) @@ -1302,13 +1271,9 @@ dataconn(const char *name, off_t size, const char *mode) } close(pdata); pdata = s; -#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - { - int tos = IPTOS_THROUGHPUT; - - setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos, - sizeof(tos)); - } +#if defined(IPTOS_THROUGHPUT) + if (from->sa_family == AF_INET) + socket_set_tos(s, IPTOS_THROUGHPUT); #endif reply(150, "Opening %s mode data connection for '%s'%s.", type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf); @@ -1323,7 +1288,7 @@ dataconn(const char *name, off_t size, const char *mode) if (usedefault) data_dest = his_addr; usedefault = 1; - /* + /* * Default to using the same socket type as the ctrl address, * unless we know the type of the data address. */ @@ -1399,7 +1364,7 @@ send_data(FILE *instr, FILE *outstr) goto data_err; reply(226, "Transfer complete."); return; - + case TYPE_I: case TYPE_L: #if 0 /* XXX handle urg flag */ @@ -1411,7 +1376,7 @@ send_data(FILE *instr, FILE *outstr) struct stat st; char *chunk; int in = fileno(instr); - if(fstat(in, &st) == 0 && S_ISREG(st.st_mode) + if(fstat(in, &st) == 0 && S_ISREG(st.st_mode) && st.st_size > 0) { /* * mmap zero bytes has potential of loosing, don't do it. @@ -1505,7 +1470,7 @@ receive_data(FILE *instr, FILE *outstr) perror_reply(451, "Local resource failure: malloc"); return -1; } - + switch (type) { case TYPE_I: @@ -1534,7 +1499,7 @@ receive_data(FILE *instr, FILE *outstr) char *p, *q; int cr_flag = 0; while ((cnt = sec_read(fileno(instr), - buf + cr_flag, + buf + cr_flag, bufsize - cr_flag)) > 0){ if (urgflag && handleoobcmd()) return (-1); @@ -1583,13 +1548,13 @@ receive_data(FILE *instr, FILE *outstr) urgflag = 0; return (-1); } - + data_err: transflag = 0; urgflag = 0; perror_reply(426, "Data Connection"); return (-1); - + file_err: transflag = 0; urgflag = 0; @@ -1772,7 +1737,7 @@ do_delete(char *name) perror_reply(550, name); return; } - if ((st.st_mode&S_IFMT) == S_IFDIR) { + if (S_ISDIR(st.st_mode)) { if (rmdir(name) < 0) { perror_reply(550, name); return; @@ -1788,7 +1753,7 @@ do_delete(char *name) } void -cwd(char *path) +cwd(const char *path) { if (chdir(path) < 0) @@ -1831,7 +1796,7 @@ pwd(void) char *ret; /* SunOS has a broken getcwd that does popen(pwd) (!!!), this - * failes miserably when running chroot + * failes miserably when running chroot */ ret = getcwd(path, sizeof(path)); if (ret == NULL) @@ -1902,7 +1867,7 @@ dologout(int status) transflag = 0; urgflag = 0; if (logged_in) { -#if KRB4 || KRB5 +#if KRB5 cond_kdestroy(); #endif seteuid((uid_t)0); /* No need to check, we call exit() below */ @@ -1913,7 +1878,7 @@ dologout(int status) exit(status); #else _exit(status); -#endif +#endif } void abor(void) @@ -2017,8 +1982,8 @@ pasv(void) socket_set_address_and_port (pasv_addr, socket_get_address (ctrl_addr), 0); - socket_set_portrange(pdata, restricted_data_ports, - pasv_addr->sa_family); + socket_set_portrange(pdata, restricted_data_ports, + pasv_addr->sa_family); if (seteuid(0) < 0) fatal("Failed to seteuid"); if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) { @@ -2064,8 +2029,8 @@ epsv(char *proto) socket_set_address_and_port (pasv_addr, socket_get_address (ctrl_addr), 0); - socket_set_portrange(pdata, restricted_data_ports, - pasv_addr->sa_family); + socket_set_portrange(pdata, restricted_data_ports, + pasv_addr->sa_family); if (seteuid(0) < 0) fatal("Failed to seteuid"); if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) { @@ -2123,7 +2088,7 @@ eprt(char *str) case 2 : data_dest->sa_family = AF_INET6; break; -#endif +#endif case 1 : data_dest->sa_family = AF_INET; break; @@ -2154,7 +2119,18 @@ eprt(char *str) reply(500, "Bad port syntax in EPRT"); return; } + if (port < IPPORT_RESERVED) { + reply(500, "Bad port in invalid range in EPRT"); + return; + } socket_set_port (data_dest, htons(port)); + + if (paranoid && + (data_dest->sa_family != his_addr->sa_family || + memcmp(socket_get_address(data_dest), socket_get_address(his_addr), socket_sockaddr_size(data_dest)) != 0)) + { + reply(500, "Bad address in EPRT"); + } reply(200, "EPRT command successful."); } @@ -2353,15 +2329,13 @@ send_file_list(char *whichf) transflag = 0; if (dout != NULL){ sec_write(fileno(dout), buf, 0); /* XXX flush */ - + fclose(dout); } data = -1; pdata = -1; - if (freeglob) { - freeglob = 0; + if (freeglob) globfree(&gl); - } } diff --git a/appl/ftp/ftpd/ftpd.cat8 b/appl/ftp/ftpd/ftpd.cat8 new file mode 100644 index 000000000000..46530989b354 --- /dev/null +++ b/appl/ftp/ftpd/ftpd.cat8 @@ -0,0 +1,309 @@ + +FTPD(8) BSD System Manager's Manual FTPD(8) + +NNAAMMEE + ffttppdd -- Internet File Transfer Protocol server + +SSYYNNOOPPSSIISS + ffttppdd [--aa _a_u_t_h_m_o_d_e] [--ddiillvvUU] [--gg _u_m_a_s_k] [--pp _p_o_r_t] [--TT _m_a_x_t_i_m_e_o_u_t] + [--tt _t_i_m_e_o_u_t] [----ggssss--bbiinnddiinnggss] [--II | ----nnoo--iinnsseeccuurree--oooobb] + [--uu _d_e_f_a_u_l_t _u_m_a_s_k] [--BB | ----bbuuiillttiinn--llss] [----ggoooodd--cchhaarrss==_s_t_r_i_n_g] + +DDEESSCCRRIIPPTTIIOONN + FFttppdd is the Internet File Transfer Protocol server process. The server + uses the TCP protocol and listens at the port specified in the ``ftp'' + service specification; see services(5). + + Available options: + + --aa Select the level of authentication required. Kerberised login + can not be turned off. The default is to only allow kerberised + login. Other possibilities can be turned on by giving a string + of comma separated flags as argument to --aa. Recognised flags + are: + + _p_l_a_i_n Allow logging in with plaintext password. The password can + be a(n) OTP or an ordinary password. + + _o_t_p Same as _p_l_a_i_n, but only OTP is allowed. + + _f_t_p Allow anonymous login. + + The following combination modes exists for backwards compatibil- + ity: + + _n_o_n_e Same as _p_l_a_i_n_,_f_t_p. + + _s_a_f_e Same as _f_t_p. + + _u_s_e_r Ignored. + + --dd Debugging information is written to the syslog using LOG_FTP. + + --gg Anonymous users will get a umask of _u_m_a_s_k. + + ----ggssss--bbiinnddiinnggss + require the peer to use GSS-API bindings (ie make sure IP + addresses match). + + --ii Open a socket and wait for a connection. This is mainly used for + debugging when ftpd isn't started by inetd. + + --ll Each successful and failed ftp(1) session is logged using syslog + with a facility of LOG_FTP. If this option is specified twice, + the retrieve (get), store (put), append, delete, make directory, + remove directory and rename operations and their filename argu- + ments are also logged. + + --pp Use _p_o_r_t (a service name or number) instead of the default + _f_t_p_/_t_c_p. + + --TT A client may also request a different timeout period; the maximum + period allowed may be set to _t_i_m_e_o_u_t seconds with the --TT option. + The default limit is 2 hours. + + --tt The inactivity timeout period is set to _t_i_m_e_o_u_t seconds (the + default is 15 minutes). + + --uu Set the initial umask to something else than the default 027. + + --UU In previous versions of ffttppdd, when a passive mode client + requested a data connection to the server, the server would use + data ports in the range 1024..4999. Now, by default, if the sys- + tem supports the IP_PORTRANGE socket option, the server will use + data ports in the range 49152..65535. Specifying this option + will revert to the old behavior. + + --vv Verbose mode. + + --BB, ----bbuuiillttiinn--llss + use built-in ls to list files + + ----ggoooodd--cchhaarrss==_s_t_r_i_n_g + allowed anonymous upload filename chars + + --II ----nnoo--iinnsseeccuurree--oooobb + don't allow insecure out of band. Heimdal ftp clients before + 0.6.3 doesn't support secure oob, so turning on this option makes + them no longer work. + + The file _/_e_t_c_/_n_o_l_o_g_i_n can be used to disable ftp access. If the file + exists, ffttppdd displays it and exits. If the file _/_e_t_c_/_f_t_p_w_e_l_c_o_m_e exists, + ffttppdd prints it before issuing the ``ready'' message. If the file + _/_e_t_c_/_m_o_t_d exists, ffttppdd prints it after a successful login. + + The ftp server currently supports the following ftp requests. The case + of the requests is ignored. + + Request Description + ABOR abort previous command + ACCT specify account (ignored) + ALLO allocate storage (vacuously) + APPE append to a file + CDUP change to parent of current working directory + CWD change working directory + DELE delete a file + HELP give help information + LIST give list files in a directory (``ls -lgA'') + MKD make a directory + MDTM show last modification time of file + MODE specify data transfer _m_o_d_e + NLST give name list of files in directory + NOOP do nothing + PASS specify password + PASV prepare for server-to-server transfer + PORT specify data connection port + PWD print the current working directory + QUIT terminate session + REST restart incomplete transfer + RETR retrieve a file + RMD remove a directory + RNFR specify rename-from file name + RNTO specify rename-to file name + SITE non-standard commands (see next section) + SIZE return size of file + STAT return status of server + STOR store a file + STOU store a file with a unique name + STRU specify data transfer _s_t_r_u_c_t_u_r_e + SYST show operating system type of server system + TYPE specify data transfer _t_y_p_e + USER specify user name + XCUP change to parent of current working directory + (deprecated) + XCWD change working directory (deprecated) + XMKD make a directory (deprecated) + XPWD print the current working directory (deprecated) + XRMD remove a directory (deprecated) + + The following commands are specified by RFC2228. + + AUTH authentication/security mechanism + ADAT authentication/security data + PROT data channel protection level + PBSZ protection buffer size + MIC integrity protected command + CONF confidentiality protected command + ENC privacy protected command + CCC clear command channel + + The following non-standard or UNIX specific commands are supported by the + SITE request. + + UMASK change umask, (e.g. SSIITTEE UUMMAASSKK 000022) + IDLE set idle-timer, (e.g. SSIITTEE IIDDLLEE 6600) + CHMOD change mode of a file (e.g. SSIITTEE CCHHMMOODD 775555 ffiilleennaammee) + FIND quickly find a specific file with GNU locate(1). + HELP give help information. + + The following Kerberos related site commands are understood. + + KAUTH obtain remote tickets. + KLIST show remote tickets + + The remaining ftp requests specified in Internet RFC 959 are recognized, + but not implemented. MDTM and SIZE are not specified in RFC 959, but + will appear in the next updated FTP RFC. + + The ftp server will abort an active file transfer only when the ABOR com- + mand is preceded by a Telnet "Interrupt Process" (IP) signal and a Telnet + "Synch" signal in the command Telnet stream, as described in Internet RFC + 959. If a STAT command is received during a data transfer, preceded by a + Telnet IP and Synch, transfer status will be returned. + + FFttppdd interprets file names according to the ``globbing'' conventions used + by csh(1). This allows users to use the metacharacters ``*?[]{}~''. + + FFttppdd authenticates users according to these rules. + + 1. If Kerberos authentication is used, the user must pass valid + tickets and the principal must be allowed to login as the + remote user. + + 2. The login name must be in the password data base, and not have + a null password (if Kerberos is used the password field is not + checked). In this case a password must be provided by the + client before any file operations may be performed. If the + user has an OTP key, the response from a successful USER com- + mand will include an OTP challenge. The client may choose to + respond with a PASS command giving either a standard password + or an OTP one-time password. The server will automatically + determine which type of password it has been given and attempt + to authenticate accordingly. See otp(1) for more information + on OTP authentication. + + 3. The login name must not appear in the file _/_e_t_c_/_f_t_p_u_s_e_r_s. + + 4. The user must have a standard shell returned by + getusershell(3). + + 5. If the user name appears in the file _/_e_t_c_/_f_t_p_c_h_r_o_o_t the ses- + sion's root will be changed to the user's login directory by + chroot(2) as for an ``anonymous'' or ``ftp'' account (see next + item). However, the user must still supply a password. This + feature is intended as a compromise between a fully anonymous + account and a fully privileged account. The account should + also be set up as for an anonymous account. + + 6. If the user name is ``anonymous'' or ``ftp'', an anonymous ftp + account must be present in the password file (user ``ftp''). + In this case the user is allowed to log in by specifying any + password (by convention an email address for the user should + be used as the password). + + In the last case, ffttppdd takes special measures to restrict the client's + access privileges. The server performs a chroot(2) to the home directory + of the ``ftp'' user. In order that system security is not breached, it + is recommended that the ``ftp'' subtree be constructed with care, con- + sider following these guidelines for anonymous ftp. + + In general all files should be owned by ``root'', and have non-write per- + missions (644 or 755 depending on the kind of file). No files should be + owned or writable by ``ftp'' (possibly with exception for the + _~_f_t_p_/_i_n_c_o_m_i_n_g, as specified below). + + _~_f_t_p The ``ftp'' homedirectory should be owned by root. + + _~_f_t_p_/_b_i_n The directory for external programs (such as ls(1)). + These programs must either be statically linked, or you + must setup an environment for dynamic linking when run- + ning chrooted. These programs will be used if present: + + ls Used when listing files. + + compress + When retrieving a filename that ends in _._Z, + and that file isn't present, ffttppdd will try + to find the filename without _._Z and com- + press it on the fly. + + gzip Same as compress, just with files ending in + _._g_z. + + gtar Enables retrieval of whole directories as + files ending in _._t_a_r. Can also be combined + with compression. You must use GNU Tar (or + some other that supports the --zz and --ZZ + flags). + + locate Will enable ``fast find'' with the SSIITTEE + FFIINNDD command. You must also create a + _l_o_c_a_t_e_d_b file in _~_f_t_p_/_e_t_c. + + _~_f_t_p_/_e_t_c If you put copies of the passwd(5) and group(5) files + here, ls will be able to produce owner names rather than + numbers. Remember to remove any passwords from these + files. + + The file _m_o_t_d, if present, will be printed after a suc- + cessful login. + + _~_f_t_p_/_d_e_v Put a copy of /dev/null(7) here. + + _~_f_t_p_/_p_u_b Traditional place to put whatever you want to make pub- + lic. + + If you want guests to be able to upload files, create a _~_f_t_p_/_i_n_c_o_m_i_n_g + directory owned by ``root'', and group ``ftp'' with mode 730 (make sure + ``ftp'' is member of group ``ftp''). The following restrictions apply to + anonymous users: + + ++oo Directories created will have mode 700. + + ++oo Uploaded files will be created with an umask of 777, if not changed + with the --gg option. + + ++oo These command are not accessible: DDEELLEE, RRMMDD, RRNNTTOO, RRNNFFRR, SSIITTEE UUMMAASSKK, + and SSIITTEE CCHHMMOODD. + + ++oo Filenames must start with an alpha-numeric character, and consist of + alpha-numeric characters or any of the following: + (plus), - + (minus), = (equal), _ (underscore), . (period), and , (comma). + +FFIILLEESS + /etc/ftpusers Access list for users. + /etc/ftpchroot List of normal users who should be chroot'd. + /etc/ftpwelcome Welcome notice. + /etc/motd Welcome notice after login. + /etc/nologin Displayed and access refused. + ~/.klogin Login access for Kerberos. + +SSEEEE AALLSSOO + ftp(1), otp(1), getusershell(3), ftpusers(5), syslogd(8) + +SSTTAANNDDAARRDDSS + RRFFCC 995599 FTP PROTOCOL SPECIFICATION + RRFFCC 11993388 OTP Specification + RRFFCC 22222288 FTP Security Extensions. + +BBUUGGSS + The server must run as the super-user to create sockets with privileged + port numbers. It maintains an effective user id of the logged in user, + reverting to the super-user only when binding addresses to sockets. The + possible security holes have been extensively scrutinized, but are possi- + bly incomplete. + +HHIISSTTOORRYY + The ffttppdd command appeared in 4.2BSD. + +4.2 Berkeley Distribution July 19, 2003 4.2 Berkeley Distribution diff --git a/appl/ftp/ftpd/ftpd_locl.h b/appl/ftp/ftpd/ftpd_locl.h index f5574e970543..cff3ff3d46a5 100644 --- a/appl/ftp/ftpd/ftpd_locl.h +++ b/appl/ftp/ftpd/ftpd_locl.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: ftpd_locl.h 14933 2005-04-24 19:58:14Z lha $ */ +/* $Id$ */ #ifndef __ftpd_locl_h__ #define __ftpd_locl_h__ @@ -145,14 +145,10 @@ #include #endif /* KRB5 */ -#ifdef KRB4 -#include -#endif - -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) #include #endif - + #ifdef OTP #include #endif diff --git a/appl/ftp/ftpd/ftpusers.5 b/appl/ftp/ftpd/ftpusers.5 index 85b5f62b8a46..2e00a2b26ae3 100644 --- a/appl/ftp/ftpd/ftpusers.5 +++ b/appl/ftp/ftpd/ftpusers.5 @@ -1,4 +1,4 @@ -.\" $Id: ftpusers.5 11176 2002-08-20 17:07:29Z joda $ +.\" $Id$ .\" .Dd May 7, 1997 .Dt FTPUSERS 5 diff --git a/appl/ftp/ftpd/ftpusers.cat5 b/appl/ftp/ftpd/ftpusers.cat5 new file mode 100644 index 000000000000..533b2b0015d9 --- /dev/null +++ b/appl/ftp/ftpd/ftpusers.cat5 @@ -0,0 +1,27 @@ + +FTPUSERS(5) BSD File Formats Manual FTPUSERS(5) + +NNAAMMEE + _/_e_t_c_/_f_t_p_u_s_e_r_s -- FTP access list file + +DDEESSCCRRIIPPTTIIOONN + _/_e_t_c_/_f_t_p_u_s_e_r_s contains a list of users that should be allowed or denied + FTP access. Each line contains a user, optionally followed by ``allow'' + (anything but ``allow'' is ignored). The semi-user ``*'' matches any + user. Users that has an explicit ``allow'', or that does not match any + line, are allowed access. Anyone else is denied access. + + Note that this is compatible with the old format, where this file con- + tained a list of users that should be denied access. + +EEXXAAMMPPLLEESS + This will deny anyone but ``foo'' and ``bar'' to use FTP: + + foo allow + bar allow + * + +SSEEEE AALLSSOO + ftpd(8) + +KTH-KRB May 7, 1997 KTH-KRB diff --git a/appl/ftp/ftpd/gss_userok.c b/appl/ftp/ftpd/gss_userok.c index 6fa8f7e97571..6031b52a87e9 100644 --- a/appl/ftp/ftpd/gss_userok.c +++ b/appl/ftp/ftpd/gss_userok.c @@ -1,155 +1,75 @@ /* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "ftpd_locl.h" -#include -#include - -RCSID("$Id: gss_userok.c 21222 2007-06-20 10:11:14Z lha $"); - -/* XXX a bit too much of krb5 dependency here... - What is the correct way to do this? - */ - -struct gss_krb5_data { - krb5_context context; -}; +#include /* XXX sync with gssapi.c */ -struct gss_data { +struct gssapi_data { gss_ctx_id_t context_hdl; - char *client_name; + gss_name_t client_name; gss_cred_id_t delegated_cred_handle; void *mech_data; }; -int gss_userok(void*, char*); /* to keep gcc happy */ -int gss_session(void*, char*); /* to keep gcc happy */ +int gssapi_userok(void*, char*); /* to keep gcc happy */ +int gssapi_session(void*, char*); /* to keep gcc happy */ int -gss_userok(void *app_data, char *username) +gssapi_userok(void *app_data, char *username) { - struct gss_data *data = app_data; - krb5_error_code ret; - krb5_principal client; - struct gss_krb5_data *kdata; + struct gssapi_data *data = app_data; - kdata = calloc(1, sizeof(struct gss_krb5_data)); - if (kdata == NULL) - return 1; - data->mech_data = kdata; - - ret = krb5_init_context(&(kdata->context)); - if (ret) { - free(kdata); - return 1; - } - - ret = krb5_parse_name(kdata->context, data->client_name, &client); - if(ret) { - krb5_free_context(kdata->context); - free(kdata); - return 1; - } - ret = krb5_kuserok(kdata->context, client, username); - if (!ret) { - krb5_free_principal(kdata->context, client); - krb5_free_context(kdata->context); - free(kdata); - return 1; - } - - ret = 0; - krb5_free_principal(kdata->context, client); - return ret; + /* Yes, this logic really is inverted. */ + return !gss_userok(data->client_name, username); } int -gss_session(void *app_data, char *username) +gssapi_session(void *app_data, char *username) { - struct gss_data *data = app_data; - krb5_error_code ret; - OM_uint32 minor_status; - struct gss_krb5_data *kdata; + struct gssapi_data *data = app_data; + OM_uint32 major, minor; + int ret = 0; - ret = 0; - - kdata = (struct gss_krb5_data *)(data->mech_data); - - /* more of krb-depend stuff :-( */ - /* gss_add_cred() ? */ if (data->delegated_cred_handle != GSS_C_NO_CREDENTIAL) { - krb5_ccache ccache = NULL; - const char* ticketfile; - struct passwd *kpw; - - ret = krb5_cc_gen_new(kdata->context, &krb5_fcc_ops, &ccache); - if (ret) - goto fail; - - ticketfile = krb5_cc_get_name(kdata->context, ccache); - - ret = gss_krb5_copy_ccache(&minor_status, - data->delegated_cred_handle, - ccache); - if (ret) { - ret = 0; - goto fail; - } - - do_destroy_tickets = 1; - - kpw = getpwnam(username); - - if (kpw == NULL) { - unlink(ticketfile); - ret = 1; - goto fail; - } - - chown (ticketfile, kpw->pw_uid, kpw->pw_gid); - - if (asprintf(&k5ccname, "FILE:%s", ticketfile) != -1) { - esetenv ("KRB5CCNAME", k5ccname, 1); - } + major = gss_store_cred(&minor, data->delegated_cred_handle, + GSS_C_INITIATE, GSS_C_NO_OID, + 1, 1, NULL, NULL); + if (GSS_ERROR(major)) + ret = 1; afslog(NULL, 1); - fail: - if (ccache) - krb5_cc_close(kdata->context, ccache); } - - gss_release_cred(&minor_status, &data->delegated_cred_handle); - krb5_free_context(kdata->context); - free(kdata); + + gss_release_cred(&minor, &data->delegated_cred_handle); return ret; } diff --git a/appl/ftp/ftpd/gssapi.c b/appl/ftp/ftpd/gssapi.c index 9432feb8290e..29be7641c965 100644 --- a/appl/ftp/ftpd/gssapi.c +++ b/appl/ftp/ftpd/gssapi.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #ifdef FTP_SERVER @@ -36,17 +36,18 @@ #else #include "ftp_locl.h" #endif -#include +#include +#include #include -RCSID("$Id: gssapi.c 21513 2007-07-12 12:45:25Z lha $"); +RCSID("$Id$"); int ftp_do_gss_bindings = 0; int ftp_do_gss_delegate = 1; -struct gss_data { +struct gssapi_data { gss_ctx_id_t context_hdl; - char *client_name; + gss_name_t client_name; gss_cred_id_t delegated_cred_handle; void *mech_data; }; @@ -54,7 +55,7 @@ struct gss_data { static int gss_init(void *app_data) { - struct gss_data *d = app_data; + struct gssapi_data *d = app_data; d->context_hdl = GSS_C_NO_CONTEXT; d->delegated_cred_handle = GSS_C_NO_CREDENTIAL; #if defined(FTP_SERVER) @@ -84,7 +85,7 @@ gss_decode(void *app_data, void *buf, int len, int level) gss_buffer_desc input, output; gss_qop_t qop_state; int conf_state; - struct gss_data *d = app_data; + struct gssapi_data *d = app_data; size_t ret_len; input.length = len; @@ -116,7 +117,7 @@ gss_encode(void *app_data, void *from, int length, int level, void **to) OM_uint32 maj_stat, min_stat; gss_buffer_desc input, output; int conf_state; - struct gss_data *d = app_data; + struct gssapi_data *d = app_data; input.length = length; input.value = from; @@ -157,7 +158,7 @@ sockaddr_to_gss_address (struct sockaddr *sa, } default : errx (1, "unknown address family %d", sa->sa_family); - + } } @@ -172,7 +173,7 @@ gss_adat(void *app_data, void *buf, size_t len) gss_buffer_desc input_token, output_token; OM_uint32 maj_stat, min_stat; gss_name_t client_name; - struct gss_data *d = app_data; + struct gssapi_data *d = app_data; gss_channel_bindings_t bindings; if (ftp_do_gss_bindings) { @@ -186,7 +187,7 @@ gss_adat(void *app_data, void *buf, size_t len) sockaddr_to_gss_address (ctrl_addr, &bindings->acceptor_addrtype, &bindings->acceptor_address); - + bindings->application_data.length = 0; bindings->application_data.value = NULL; } else @@ -218,32 +219,8 @@ gss_adat(void *app_data, void *buf, size_t len) gss_release_buffer(&min_stat, &output_token); } if(maj_stat == GSS_S_COMPLETE){ - char *name; - gss_buffer_desc export_name; - gss_OID oid; - - maj_stat = gss_display_name(&min_stat, client_name, - &export_name, &oid); - if(maj_stat != 0) { - reply(500, "Error displaying name"); - goto out; - } - /* XXX kerberos */ - if(oid != GSS_KRB5_NT_PRINCIPAL_NAME) { - reply(500, "OID not kerberos principal name"); - gss_release_buffer(&min_stat, &export_name); - goto out; - } - name = malloc(export_name.length + 1); - if(name == NULL) { - reply(500, "Out of memory"); - gss_release_buffer(&min_stat, &export_name); - goto out; - } - memcpy(name, export_name.value, export_name.length); - name[export_name.length] = '\0'; - gss_release_buffer(&min_stat, &export_name); - d->client_name = name; + d->client_name = client_name; + client_name = GSS_C_NO_NAME; if(p) reply(235, "ADAT=%s", p); else @@ -265,24 +242,25 @@ gss_adat(void *app_data, void *buf, size_t len) GSS_C_NO_OID, &msg_ctx, &status_string); - syslog(LOG_ERR, "gss_accept_sec_context: %s", + syslog(LOG_ERR, "gss_accept_sec_context: %.*s", + (int)status_string.length, (char*)status_string.value); gss_release_buffer(&new_stat, &status_string); reply(431, "Security resource unavailable"); } - out: + if (client_name) gss_release_name(&min_stat, &client_name); free(p); return 0; } -int gss_userok(void*, char*); -int gss_session(void*, char*); +int gssapi_userok(void*, char*); +int gssapi_session(void*, char*); struct sec_server_mech gss_server_mech = { "GSSAPI", - sizeof(struct gss_data), + sizeof(struct gssapi_data), gss_init, /* init */ NULL, /* end */ gss_check_prot, @@ -294,8 +272,8 @@ struct sec_server_mech gss_server_mech = { gss_adat, NULL, /* pbsz */ NULL, /* ccc */ - gss_userok, - gss_session + gssapi_userok, + gssapi_session }; #else /* FTP_SERVER */ @@ -324,15 +302,17 @@ import_name(const char *kname, const char *host, gss_name_t *target_name) OM_uint32 new_stat; OM_uint32 msg_ctx = 0; gss_buffer_desc status_string; - + gss_display_status(&new_stat, min_stat, GSS_C_MECH_CODE, GSS_C_NO_OID, &msg_ctx, &status_string); - printf("Error importing name %s: %s\n", + printf("Error importing name %.*s: %.*s\n", + (int)name.length, (char *)name.value, + (int)status_string.length, (char *)status_string.value); free(name.value); gss_release_buffer(&new_stat, &status_string); @@ -345,7 +325,7 @@ import_name(const char *kname, const char *host, gss_name_t *target_name) static int gss_auth(void *app_data, char *host) { - + OM_uint32 maj_stat, min_stat; gss_name_t target_name; gss_buffer_desc input, output_token; @@ -353,12 +333,12 @@ gss_auth(void *app_data, char *host) char *p; int n; gss_channel_bindings_t bindings; - struct gss_data *d = app_data; + struct gssapi_data *d = app_data; OM_uint32 mech_flags = GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG; const char *knames[] = { "ftp", "host", NULL }, **kname = knames; - - + + if(import_name(*kname++, host, &target_name)) return AUTH_ERROR; @@ -369,14 +349,14 @@ gss_auth(void *app_data, char *host) bindings = malloc(sizeof(*bindings)); if (bindings == NULL) errx(1, "out of memory"); - + sockaddr_to_gss_address (myctladdr, &bindings->initiator_addrtype, &bindings->initiator_address); sockaddr_to_gss_address (hisctladdr, &bindings->acceptor_addrtype, &bindings->acceptor_address); - + bindings->application_data.length = 0; bindings->application_data.value = NULL; } else @@ -417,7 +397,7 @@ gss_auth(void *app_data, char *host) } continue; } - + if (bindings != GSS_C_NO_CHANNEL_BINDINGS) free(bindings); @@ -427,7 +407,8 @@ gss_auth(void *app_data, char *host) GSS_C_NO_OID, &msg_ctx, &status_string); - printf("Error initializing security context: %s\n", + printf("Error initializing security context: %.*s\n", + (int)status_string.length, (char*)status_string.value); gss_release_buffer(&new_stat, &status_string); return AUTH_CONTINUE; @@ -501,13 +482,15 @@ gss_auth(void *app_data, char *host) &name, NULL); if (GSS_ERROR(maj_stat) == 0) { - printf("Authenticated to <%s>\n", (char *)name.value); + printf("Authenticated to <%.*s>\n", + (int)name.length, + (char *)name.value); gss_release_buffer(&min_stat, &name); } gss_release_name(&min_stat, &targ_name); } else printf("Failed to get gss name of peer.\n"); - } + } return AUTH_OK; @@ -515,7 +498,7 @@ gss_auth(void *app_data, char *host) struct sec_client_mech gss_client_mech = { "GSSAPI", - sizeof(struct gss_data), + sizeof(struct gssapi_data), gss_init, gss_auth, NULL, /* end */ diff --git a/appl/ftp/ftpd/kauth.c b/appl/ftp/ftpd/kauth.c index 0f34092d1646..546461d9dbc2 100644 --- a/appl/ftp/ftpd/kauth.c +++ b/appl/ftp/ftpd/kauth.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 1999, 2003 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 1999, 2003 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -33,226 +33,15 @@ #include "ftpd_locl.h" -RCSID("$Id: kauth.c 15666 2005-07-19 17:08:11Z lha $"); +RCSID("$Id$"); -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) int do_destroy_tickets = 1; char *k5ccname; #endif -#ifdef KRB4 - -static KTEXT_ST cip; -static unsigned int lifetime; -static time_t local_time; - -static krb_principal pr; - -static int -save_tkt(const char *user, - const char *instance, - const char *realm, - const void *arg, - key_proc_t key_proc, - KTEXT *cipp) -{ - local_time = time(0); - memmove(&cip, *cipp, sizeof(cip)); - return -1; -} - -static int -store_ticket(KTEXT cip) -{ - char *ptr; - des_cblock session; - krb_principal sp; - unsigned char kvno; - KTEXT_ST tkt; - int left = cip->length; - int len; - int kerror; - - ptr = (char *) cip->dat; - - /* extract session key */ - memmove(session, ptr, 8); - ptr += 8; - left -= 8; - - len = strnlen(ptr, left); - if (len == left) - return(INTK_BADPW); - - /* extract server's name */ - strlcpy(sp.name, ptr, sizeof(sp.name)); - ptr += len + 1; - left -= len + 1; - - len = strnlen(ptr, left); - if (len == left) - return(INTK_BADPW); - - /* extract server's instance */ - strlcpy(sp.instance, ptr, sizeof(sp.instance)); - ptr += len + 1; - left -= len + 1; - - len = strnlen(ptr, left); - if (len == left) - return(INTK_BADPW); - - /* extract server's realm */ - strlcpy(sp.realm, ptr, sizeof(sp.realm)); - ptr += len + 1; - left -= len + 1; - - if(left < 3) - return INTK_BADPW; - /* extract ticket lifetime, server key version, ticket length */ - /* be sure to avoid sign extension on lifetime! */ - lifetime = (unsigned char) ptr[0]; - kvno = (unsigned char) ptr[1]; - tkt.length = (unsigned char) ptr[2]; - ptr += 3; - left -= 3; - - if (tkt.length > left) - return(INTK_BADPW); - - /* extract ticket itself */ - memmove(tkt.dat, ptr, tkt.length); - ptr += tkt.length; - left -= tkt.length; - - /* Here is where the time should be verified against the KDC. - * Unfortunately everything is sent in host byte order (receiver - * makes wrong) , and at this stage there is no way for us to know - * which byteorder the KDC has. So we simply ignore the time, - * there are no security risks with this, the only thing that can - * happen is that we might receive a replayed ticket, which could - * at most be useless. - */ - -#if 0 - /* check KDC time stamp */ - { - time_t kdc_time; - - memmove(&kdc_time, ptr, sizeof(kdc_time)); - if (swap_bytes) swap_u_long(kdc_time); - - ptr += 4; - - if (abs((int)(local_time - kdc_time)) > CLOCK_SKEW) { - return(RD_AP_TIME); /* XXX should probably be better - code */ - } - } -#endif - - /* initialize ticket cache */ - - if (tf_create(TKT_FILE) != KSUCCESS) - return(INTK_ERR); - - if (tf_put_pname(pr.name) != KSUCCESS || - tf_put_pinst(pr.instance) != KSUCCESS) { - tf_close(); - return(INTK_ERR); - } - - - kerror = tf_save_cred(sp.name, sp.instance, sp.realm, session, - lifetime, kvno, &tkt, local_time); - tf_close(); - - return(kerror); -} - -void -kauth(char *principal, char *ticket) -{ - char *p; - int ret; - - if(get_command_prot() != prot_private) { - reply(500, "Request denied (bad protection level)"); - return; - } - ret = krb_parse_name(principal, &pr); - if(ret){ - reply(500, "Bad principal: %s.", krb_get_err_text(ret)); - return; - } - if(pr.realm[0] == 0) - krb_get_lrealm(pr.realm, 1); - - if(ticket){ - cip.length = base64_decode(ticket, &cip.dat); - if(cip.length == -1){ - reply(500, "Failed to decode data."); - return; - } - ret = store_ticket(&cip); - if(ret){ - reply(500, "Kerberos error: %s.", krb_get_err_text(ret)); - memset(&cip, 0, sizeof(cip)); - return; - } - do_destroy_tickets = 1; - - if(k_hasafs()) - krb_afslog(0, 0); - reply(200, "Tickets will be destroyed on exit."); - return; - } - - ret = krb_get_in_tkt (pr.name, - pr.instance, - pr.realm, - KRB_TICKET_GRANTING_TICKET, - pr.realm, - DEFAULT_TKT_LIFE, - NULL, save_tkt, NULL); - if(ret != INTK_BADPW){ - reply(500, "Kerberos error: %s.", krb_get_err_text(ret)); - return; - } - if(base64_encode(cip.dat, cip.length, &p) < 0) { - reply(500, "Out of memory while base64-encoding."); - return; - } - reply(300, "P=%s T=%s", krb_unparse_name(&pr), p); - free(p); - memset(&cip, 0, sizeof(cip)); -} - - -static char * -short_date(int32_t dp) -{ - char *cp; - time_t t = (time_t)dp; - - if (t == (time_t)(-1L)) return "*** Never *** "; - cp = ctime(&t) + 4; - cp[15] = '\0'; - return (cp); -} - -void -krbtkfile(const char *tkfile) -{ - do_destroy_tickets = 0; - krb_set_tkt_string(tkfile); - reply(200, "Using ticket file %s", tkfile); -} - -#endif /* KRB4 */ - #ifdef KRB5 static void @@ -261,7 +50,7 @@ dest_cc(void) krb5_context context; krb5_error_code ret; krb5_ccache id; - + ret = krb5_init_context(&context); if (ret == 0) { if (k5ccname) @@ -278,7 +67,7 @@ dest_cc(void) } #endif -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) /* * Only destroy if we created the tickets @@ -288,9 +77,6 @@ void cond_kdestroy(void) { if (do_destroy_tickets) { -#if KRB4 - dest_tkt(); -#endif #if KRB5 dest_cc(); #endif @@ -302,9 +88,6 @@ cond_kdestroy(void) void kdestroy(void) { -#if KRB4 - dest_tkt(); -#endif #if KRB5 dest_cc(); #endif @@ -336,9 +119,6 @@ afslog(const char *cell, int quiet) krb5_cc_close (context, id); krb5_free_context (context); } -#endif -#ifdef KRB4 - krb_afslog(cell, 0); #endif if (!quiet) reply(200, "afslog done"); @@ -357,4 +137,4 @@ afsunlog(void) #else int ftpd_afslog_placeholder; -#endif /* KRB4 || KRB5 */ +#endif /* KRB5 */ diff --git a/appl/ftp/ftpd/klist.c b/appl/ftp/ftpd/klist.c index 4afa9b83ccc4..5da107d29b0f 100644 --- a/appl/ftp/ftpd/klist.c +++ b/appl/ftp/ftpd/klist.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2005 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -48,7 +48,7 @@ print_cred(krb5_context context, krb5_creds *cred) krb5_format_time(context, cred->times.starttime, t1, sizeof(t1), 1); else krb5_format_time(context, cred->times.authtime, t1, sizeof(t1), 1); - + if(cred->times.endtime > sec) krb5_format_time(context, cred->times.endtime, t2, sizeof(t2), 1); else @@ -81,7 +81,7 @@ print_tickets (krb5_context context, return 500; } - lreply(200, "%17s: %s:%s", + lreply(200, "%17s: %s:%s", "Credentials cache", krb5_cc_get_type(context, ccache), krb5_cc_get_name(context, ccache)); @@ -101,7 +101,7 @@ print_tickets (krb5_context context, &cursor, &cred)) == 0) { if (print_cred(context, &cred)) - return 500; + return 500; krb5_free_cred_contents (context, &cred); } if (ret != KRB5_CC_END) { @@ -137,7 +137,7 @@ klist5(void) else ret = krb5_cc_default (context, &ccache); if (ret) { - lreply(500, "krb5_cc_default: %d", ret); + lreply(500, "krb5_cc_default: %d", ret); return 500; } @@ -155,7 +155,7 @@ klist5(void) ret = krb5_cc_close (context, ccache); if (ret) { - lreply(500, "krb5_cc_close: %d", ret); + lreply(500, "krb5_cc_close: %d", ret); exit_status = 500; } diff --git a/appl/ftp/ftpd/krb4.c b/appl/ftp/ftpd/krb4.c deleted file mode 100644 index 408b7fa73579..000000000000 --- a/appl/ftp/ftpd/krb4.c +++ /dev/null @@ -1,340 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif -#include - -RCSID("$Id: krb4.c 17450 2006-05-05 11:11:43Z lha $"); - -#ifdef FTP_SERVER -#define LOCAL_ADDR ctrl_addr -#define REMOTE_ADDR his_addr -#else -#define LOCAL_ADDR myctladdr -#define REMOTE_ADDR hisctladdr -#endif - -extern struct sockaddr *LOCAL_ADDR, *REMOTE_ADDR; - -struct krb4_data { - des_cblock key; - des_key_schedule schedule; - char name[ANAME_SZ]; - char instance[INST_SZ]; - char realm[REALM_SZ]; -}; - -static int -krb4_check_prot(void *app_data, int level) -{ - if(level == prot_confidential) - return -1; - return 0; -} - -static int -krb4_decode(void *app_data, void *buf, int len, int level) -{ - MSG_DAT m; - int e; - struct krb4_data *d = app_data; - - if(level == prot_safe) - e = krb_rd_safe(buf, len, &d->key, - (struct sockaddr_in *)REMOTE_ADDR, - (struct sockaddr_in *)LOCAL_ADDR, &m); - else - e = krb_rd_priv(buf, len, d->schedule, &d->key, - (struct sockaddr_in *)REMOTE_ADDR, - (struct sockaddr_in *)LOCAL_ADDR, &m); - if(e){ - syslog(LOG_ERR, "krb4_decode: %s", krb_get_err_text(e)); - return -1; - } - memmove(buf, m.app_data, m.app_length); - return m.app_length; -} - -static int -krb4_overhead(void *app_data, int level, int len) -{ - return 31; -} - -static int -krb4_encode(void *app_data, void *from, int length, int level, void **to) -{ - struct krb4_data *d = app_data; - *to = malloc(length + 31); - if(level == prot_safe) - return krb_mk_safe(from, *to, length, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - else if(level == prot_private) - return krb_mk_priv(from, *to, length, d->schedule, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - else - return -1; -} - -#ifdef FTP_SERVER - -static int -krb4_adat(void *app_data, void *buf, size_t len) -{ - KTEXT_ST tkt; - AUTH_DAT auth_dat; - char *p; - int kerror; - uint32_t cs; - char msg[35]; /* size of encrypted block */ - int tmp_len; - struct krb4_data *d = app_data; - char inst[INST_SZ]; - struct sockaddr_in *his_addr_sin = (struct sockaddr_in *)his_addr; - - memcpy(tkt.dat, buf, len); - tkt.length = len; - - k_getsockinst(0, inst, sizeof(inst)); - kerror = krb_rd_req(&tkt, "ftp", inst, - his_addr_sin->sin_addr.s_addr, &auth_dat, ""); - if(kerror == RD_AP_UNDEC){ - k_getsockinst(0, inst, sizeof(inst)); - kerror = krb_rd_req(&tkt, "rcmd", inst, - his_addr_sin->sin_addr.s_addr, &auth_dat, ""); - } - - if(kerror){ - reply(535, "Error reading request: %s.", krb_get_err_text(kerror)); - return -1; - } - - memcpy(d->key, auth_dat.session, sizeof(d->key)); - des_set_key(&d->key, d->schedule); - - strlcpy(d->name, auth_dat.pname, sizeof(d->name)); - strlcpy(d->instance, auth_dat.pinst, sizeof(d->instance)); - strlcpy(d->realm, auth_dat.prealm, sizeof(d->instance)); - - cs = auth_dat.checksum + 1; - { - unsigned char tmp[4]; - KRB_PUT_INT(cs, tmp, 4, sizeof(tmp)); - tmp_len = krb_mk_safe(tmp, msg, 4, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - } - if(tmp_len < 0){ - reply(535, "Error creating reply: %s.", strerror(errno)); - return -1; - } - len = tmp_len; - if(base64_encode(msg, len, &p) < 0) { - reply(535, "Out of memory base64-encoding."); - return -1; - } - reply(235, "ADAT=%s", p); - sec_complete = 1; - free(p); - return 0; -} - -static int -krb4_userok(void *app_data, char *user) -{ - struct krb4_data *d = app_data; - return krb_kuserok(d->name, d->instance, d->realm, user); -} - -struct sec_server_mech krb4_server_mech = { - "KERBEROS_V4", - sizeof(struct krb4_data), - NULL, /* init */ - NULL, /* end */ - krb4_check_prot, - krb4_overhead, - krb4_encode, - krb4_decode, - /* */ - NULL, - krb4_adat, - NULL, /* pbsz */ - NULL, /* ccc */ - krb4_userok -}; - -#else /* FTP_SERVER */ - -static int -krb4_init(void *app_data) -{ - return !use_kerberos; -} - -static int -mk_auth(struct krb4_data *d, KTEXT adat, - char *service, char *host, int checksum) -{ - int ret; - CREDENTIALS cred; - char sname[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ]; - - strlcpy(sname, service, sizeof(sname)); - strlcpy(inst, krb_get_phost(host), sizeof(inst)); - strlcpy(realm, krb_realmofhost(host), sizeof(realm)); - ret = krb_mk_req(adat, sname, inst, realm, checksum); - if(ret) - return ret; - strlcpy(sname, service, sizeof(sname)); - strlcpy(inst, krb_get_phost(host), sizeof(inst)); - strlcpy(realm, krb_realmofhost(host), sizeof(realm)); - ret = krb_get_cred(sname, inst, realm, &cred); - memmove(&d->key, &cred.session, sizeof(des_cblock)); - des_key_sched(&d->key, d->schedule); - memset(&cred, 0, sizeof(cred)); - return ret; -} - -static int -krb4_auth(void *app_data, char *host) -{ - int ret; - char *p; - int len; - KTEXT_ST adat; - MSG_DAT msg_data; - int checksum; - uint32_t cs; - struct krb4_data *d = app_data; - struct sockaddr_in *localaddr = (struct sockaddr_in *)LOCAL_ADDR; - struct sockaddr_in *remoteaddr = (struct sockaddr_in *)REMOTE_ADDR; - - checksum = getpid(); - ret = mk_auth(d, &adat, "ftp", host, checksum); - if(ret == KDC_PR_UNKNOWN) - ret = mk_auth(d, &adat, "rcmd", host, checksum); - if(ret){ - printf("%s\n", krb_get_err_text(ret)); - return AUTH_CONTINUE; - } - -#ifdef HAVE_KRB_GET_OUR_IP_FOR_REALM - if (krb_get_config_bool("nat_in_use")) { - struct in_addr natAddr; - - if (krb_get_our_ip_for_realm(krb_realmofhost(host), - &natAddr) != KSUCCESS - && krb_get_our_ip_for_realm(NULL, &natAddr) != KSUCCESS) - printf("Can't get address for realm %s\n", - krb_realmofhost(host)); - else { - if (natAddr.s_addr != localaddr->sin_addr.s_addr) { - printf("Using NAT IP address (%s) for kerberos 4\n", - inet_ntoa(natAddr)); - localaddr->sin_addr = natAddr; - - /* - * This not the best place to do this, but it - * is here we know that (probably) NAT is in - * use! - */ - - passivemode = 1; - printf("Setting: Passive mode on.\n"); - } - } - } -#endif - - printf("Local address is %s\n", inet_ntoa(localaddr->sin_addr)); - printf("Remote address is %s\n", inet_ntoa(remoteaddr->sin_addr)); - - if(base64_encode(adat.dat, adat.length, &p) < 0) { - printf("Out of memory base64-encoding.\n"); - return AUTH_CONTINUE; - } - ret = command("ADAT %s", p); - free(p); - - if(ret != COMPLETE){ - printf("Server didn't accept auth data.\n"); - return AUTH_ERROR; - } - - p = strstr(reply_string, "ADAT="); - if(!p){ - printf("Remote host didn't send adat reply.\n"); - return AUTH_ERROR; - } - p += 5; - len = base64_decode(p, adat.dat); - if(len < 0){ - printf("Failed to decode base64 from server.\n"); - return AUTH_ERROR; - } - adat.length = len; - ret = krb_rd_safe(adat.dat, adat.length, &d->key, - (struct sockaddr_in *)hisctladdr, - (struct sockaddr_in *)myctladdr, &msg_data); - if(ret){ - printf("Error reading reply from server: %s.\n", - krb_get_err_text(ret)); - return AUTH_ERROR; - } - krb_get_int(msg_data.app_data, &cs, 4, 0); - if(cs - checksum != 1){ - printf("Bad checksum returned from server.\n"); - return AUTH_ERROR; - } - return AUTH_OK; -} - -struct sec_client_mech krb4_client_mech = { - "KERBEROS_V4", - sizeof(struct krb4_data), - krb4_init, /* init */ - krb4_auth, - NULL, /* end */ - krb4_check_prot, - krb4_overhead, - krb4_encode, - krb4_decode -}; - -#endif /* FTP_SERVER */ diff --git a/appl/ftp/ftpd/logwtmp.c b/appl/ftp/ftpd/logwtmp.c index ebf37e6b14f1..59f45b205d73 100644 --- a/appl/ftp/ftpd/logwtmp.c +++ b/appl/ftp/ftpd/logwtmp.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: logwtmp.c 9079 2000-09-19 13:17:20Z assar $"); +RCSID("$Id$"); #endif #include @@ -58,9 +58,13 @@ RCSID("$Id: logwtmp.c 9079 2000-09-19 13:17:20Z assar $"); #ifdef HAVE_UTMPX_H #include #endif +#ifdef HAVE_ASL_H +#include +#endif #include #include "extern.h" +#ifndef HAVE_UTMPX_H #ifndef WTMP_FILE #ifdef _PATH_WTMP #define WTMP_FILE _PATH_WTMP @@ -68,20 +72,56 @@ RCSID("$Id: logwtmp.c 9079 2000-09-19 13:17:20Z assar $"); #define WTMP_FILE "/var/adm/wtmp" #endif #endif +#endif -void -ftpd_logwtmp(char *line, char *name, char *host) +#ifdef HAVE_ASL_H + +#ifndef ASL_KEY_FACILITY +#define ASL_KEY_FACILITY "Facility" +#endif + +static void +ftpd_logwtmp_asl(char *line, char *name, char *host) +{ + static aslmsg m = NULL; + static int init = 0; + + if (!init) { + init = 1; + m = asl_new(ASL_TYPE_MSG); + if (m == NULL) + return; + asl_set(m, ASL_KEY_FACILITY, "org.h5l.ftpd"); + } + if (m) + asl_log(NULL, m, ASL_LEVEL_NOTICE, + "host %s/%s user %s%sconnected pid %d", + host, line, name, name[0] ? " " : "dis", (int)getpid()); +} + +#endif + +#ifndef HAVE_ASL_H + +static void +ftpd_logwtmp_wtmp(char *line, char *name, char *host) { static int init = 0; static int fd; #ifdef WTMPX_FILE static int fdx; #endif +#ifdef HAVE_UTMP_H struct utmp ut; -#ifdef WTMPX_FILE +#endif +#if defined(WTMPX_FILE) || defined(HAVE_UTMPX_H) struct utmpx utx; #endif +#ifdef HAVE_UTMPX_H + memset(&utx, 0, sizeof(struct utmpx)); +#endif +#ifdef HAVE_UTMP_H memset(&ut, 0, sizeof(struct utmp)); #ifdef HAVE_STRUCT_UTMP_UT_TYPE if(name[0]) @@ -98,8 +138,9 @@ ftpd_logwtmp(char *line, char *name, char *host) strncpy(ut.ut_host, host, sizeof(ut.ut_host)); #endif ut.ut_time = time(NULL); +#endif -#ifdef WTMPX_FILE +#if defined(WTMPX_FILE) || defined(HAVE_UTMPX_H) strncpy(utx.ut_line, line, sizeof(utx.ut_line)); strncpy(utx.ut_user, name, sizeof(utx.ut_user)); strncpy(utx.ut_host, host, sizeof(utx.ut_host)); @@ -122,17 +163,37 @@ ftpd_logwtmp(char *line, char *name, char *host) utx.ut_type = DEAD_PROCESS; #endif +#ifdef HAVE_UTMPX_H + pututxline(&utx); +#endif + if(!init){ +#ifdef WTMP_FILE fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0); +#endif #ifdef WTMPX_FILE fdx = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0); #endif init = 1; } if(fd >= 0) { +#ifdef WTMP_FILE write(fd, &ut, sizeof(struct utmp)); /* XXX */ +#endif #ifdef WTMPX_FILE write(fdx, &utx, sizeof(struct utmpx)); -#endif +#endif } } + +#endif /* !HAVE_ASL_H */ + +void +ftpd_logwtmp(char *line, char *name, char *host) +{ +#ifdef HAVE_ASL_H + ftpd_logwtmp_asl(line, name, host); +#else + ftpd_logwtmp_wtmp(line, name, host); +#endif +} diff --git a/appl/ftp/ftpd/ls.c b/appl/ftp/ftpd/ls.c index 9dcd84812b5a..a8366b91e773 100644 --- a/appl/ftp/ftpd/ls.c +++ b/appl/ftp/ftpd/ls.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -33,7 +33,7 @@ #ifndef TEST #include "ftpd_locl.h" -RCSID("$Id: ls.c 16216 2005-10-22 13:15:43Z lha $"); +RCSID("$Id$"); #else #include @@ -152,10 +152,10 @@ make_fileinfo(FILE *out, const char *filename, struct fileinfo *file, int flags) char buf[128]; int file_type = 0; struct stat *st = &file->st; - + file->inode = st->st_ino; file->bsize = block_convert(st->st_blocks); - + if(S_ISDIR(st->st_mode)) { file->mode[0] = 'd'; file_type = '/'; @@ -187,10 +187,10 @@ make_fileinfo(FILE *out, const char *filename, struct fileinfo *file, int flags) file_type = '%'; } #endif - else + else file->mode[0] = '?'; { - char *x[] = { "---", "--x", "-w-", "-wx", + char *x[] = { "---", "--x", "-w-", "-wx", "r--", "r-x", "rw-", "rwx" }; strcpy(file->mode + 1, x[(st->st_mode & S_IRWXU) >> 6]); strcpy(file->mode + 4, x[(st->st_mode & S_IRWXG) >> 3]); @@ -241,7 +241,7 @@ make_fileinfo(FILE *out, const char *filename, struct fileinfo *file, int flags) return -1; } } - + if(S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode)) { #if defined(major) && defined(minor) if (asprintf(&file->major, "%u", (unsigned)major(st->st_rdev)) == -1) @@ -405,16 +405,16 @@ find_log10(int num) * have to fetch them. */ -#ifdef KRB4 +#ifdef KRB5 static int do_the_afs_dance = 1; #endif static int lstat_file (const char *file, struct stat *sb) { -#ifdef KRB4 +#ifdef KRB5 if (do_the_afs_dance && - k_hasafs() + k_hasafs() && strcmp(file, ".") && strcmp(file, "..") && strcmp(file, "/")) @@ -425,19 +425,19 @@ lstat_file (const char *file, struct stat *sb) static ino_t ino_counter = 0, ino_last = 0; int ret; const int maxsize = 2048; - + path_bkp = strdup (file); if (path_bkp == NULL) return -1; - + a_params.out = malloc (maxsize); - if (a_params.out == NULL) { + if (a_params.out == NULL) { free (path_bkp); return -1; } - + /* If path contains more than the filename alone - split it */ - + last = strrchr (path_bkp, '/'); if (last != NULL) { if(last[1] == '\0') @@ -457,10 +457,10 @@ lstat_file (const char *file, struct stat *sb) dir = "."; a_params.in = path_bkp; } - + a_params.in_size = strlen (a_params.in) + 1; a_params.out_size = maxsize; - + ret = k_pioctl (dir, VIOC_AFS_STAT_MT_PT, &a_params, 0); free (a_params.out); if (ret < 0) { @@ -473,7 +473,7 @@ lstat_file (const char *file, struct stat *sb) return lstat (file, sb); } - /* + /* * wow this was a mountpoint, lets cook the struct stat * use . as a prototype */ @@ -494,7 +494,7 @@ lstat_file (const char *file, struct stat *sb) return 0; } -#endif /* KRB4 */ +#endif /* KRB5 */ return lstat (file, sb); } @@ -551,15 +551,15 @@ list_files(FILE *out, const char **files, int n_files, int flags) } switch(SORT_MODE(flags)) { case LS_SORT_NAME: - qsort(fi, n_files, sizeof(*fi), + qsort(fi, n_files, sizeof(*fi), (int (*)(const void*, const void*))compare_filename); break; case LS_SORT_MTIME: - qsort(fi, n_files, sizeof(*fi), + qsort(fi, n_files, sizeof(*fi), (int (*)(const void*, const void*))compare_mtime); break; case LS_SORT_SIZE: - qsort(fi, n_files, sizeof(*fi), + qsort(fi, n_files, sizeof(*fi), (int (*)(const void*, const void*))compare_size); break; } @@ -602,7 +602,7 @@ list_files(FILE *out, const char **files, int n_files, int flags) max_inode = find_log10(max_inode); max_bsize = find_log10(max_bsize); max_n_link = find_log10(max_n_link); - + if(n_print > 0) sec_fprintf2(out, "total %lu\r\n", (unsigned long)total_blocks); if(flags & LS_SORT_REVERSE) @@ -633,7 +633,7 @@ list_files(FILE *out, const char **files, int n_files, int flags) max_major, max_minor, max_date); - } else if(DISP_MODE(flags) == LS_DISP_COLUMN || + } else if(DISP_MODE(flags) == LS_DISP_COLUMN || DISP_MODE(flags) == LS_DISP_CROSS) { int max_len = 0; int size_len = 0; @@ -660,14 +660,14 @@ list_files(FILE *out, const char **files, int n_files, int flags) max_len = 80 / columns; } if(flags & LS_SIZE) - sec_fprintf2(out, "total %lu\r\n", + sec_fprintf2(out, "total %lu\r\n", (unsigned long)total_blocks); if(DISP_MODE(flags) == LS_DISP_CROSS) { for(i = 0, j = 0; i < n_files; i++) { if(fi[i].filename == NULL) continue; if(flags & LS_SIZE) - sec_fprintf2(out, "%*u %-*s", size_len, fi[i].bsize, + sec_fprintf2(out, "%*u %-*s", size_len, fi[i].bsize, max_len, fi[i].filename); else sec_fprintf2(out, "%-*s", max_len, fi[i].filename); @@ -681,13 +681,13 @@ list_files(FILE *out, const char **files, int n_files, int flags) sec_fprintf2(out, "\r\n"); } else { int skip = (num_files + columns - 1) / columns; - j = 0; + for(i = 0; i < skip; i++) { for(j = i; j < n_files;) { while(j < n_files && fi[j].filename == NULL) j++; if(flags & LS_SIZE) - sec_fprintf2(out, "%*u %-*s", size_len, fi[j].bsize, + sec_fprintf2(out, "%*u %-*s", size_len, fi[j].bsize, max_len, fi[j].filename); else sec_fprintf2(out, "%-*s", max_len, fi[j].filename); @@ -710,7 +710,7 @@ list_files(FILE *out, const char **files, int n_files, int flags) const char *p = strrchr(files[i], '/'); if(p == NULL) p = files[i]; - else + else p++; if(!(flags & LS_DIR_FLAG) || !IS_DOT_DOTDOT(p)) { if((flags & LS_SHOW_DIRNAME)) { diff --git a/appl/ftp/ftpd/popen.c b/appl/ftp/ftpd/popen.c index dc75fb45419b..5488472352ac 100644 --- a/appl/ftp/ftpd/popen.c +++ b/appl/ftp/ftpd/popen.c @@ -37,7 +37,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: popen.c 10900 2002-04-02 11:57:39Z joda $"); +RCSID("$Id$"); #endif #include @@ -65,7 +65,7 @@ RCSID("$Id: popen.c 10900 2002-04-02 11:57:39Z joda $"); #include "extern.h" -/* +/* * Special version of popen which avoids call to shell. This ensures * no one may create a pipe to a hidden program as a side effect of a * list or dir command. @@ -73,8 +73,6 @@ RCSID("$Id: popen.c 10900 2002-04-02 11:57:39Z joda $"); static int *pids; static int fds; -extern int dochroot; - /* return path prepended with ~ftp if that file exists, otherwise * return path unchanged */ @@ -148,8 +146,8 @@ ftpd_popen(char *program, char *type, int do_stderr, int no_glob) ; memset(&gl, 0, sizeof(gl)); - if (no_glob || - glob(argv[argc], flags, NULL, &gl) || + if (no_glob || + glob(argv[argc], flags, NULL, &gl) || gl.gl_pathc == 0) gargv[gargc++] = strdup(argv[argc]); else @@ -198,8 +196,8 @@ ftpd_popen(char *program, char *type, int do_stderr, int no_glob) close(pdes[0]); } pids[fileno(iop)] = pid; - -pfree: + +pfree: for (argc = 1; gargv[argc] != NULL; argc++) free(gargv[argc]); diff --git a/appl/ftp/ftpd/security.c b/appl/ftp/ftpd/security.c index 2a4803f90b18..86c73a168cea 100644 --- a/appl/ftp/ftpd/security.c +++ b/appl/ftp/ftpd/security.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1998-2002, 2005 Kungliga Tekniska Högskolan + * Copyright (c) 1998-2002, 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -37,7 +37,7 @@ #include "ftp_locl.h" #endif -RCSID("$Id: security.c 21225 2007-06-20 10:16:02Z lha $"); +RCSID("$Id$"); static enum protection_level command_prot; static enum protection_level data_prot; @@ -74,14 +74,14 @@ level_to_name(enum protection_level level) } #ifndef FTP_SERVER /* not used in server */ -static enum protection_level +static enum protection_level name_to_level(const char *name) { int i; for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++) if(!strncasecmp(level_names[i].name, name, strlen(name))) return level_names[i].level; - return (enum protection_level)-1; + return prot_invalid; } #endif @@ -90,9 +90,6 @@ name_to_level(const char *name) static struct sec_server_mech *mechs[] = { #ifdef KRB5 &gss_server_mech, -#endif -#ifdef KRB4 - &krb4_server_mech, #endif NULL }; @@ -104,9 +101,6 @@ static struct sec_server_mech *mech; static struct sec_client_mech *mechs[] = { #ifdef KRB5 &gss_client_mech, -#endif -#ifdef KRB4 - &krb4_client_mech, #endif NULL }; @@ -229,12 +223,12 @@ sec_read(int fd, void *dataptr, int length) in_buffer.eof_flag = 0; return 0; } - + len = buffer_read(&in_buffer, dataptr, length); length -= len; rx += len; dataptr = (char*)dataptr + len; - + while(length){ int ret; @@ -286,7 +280,7 @@ sec_write(int fd, char *dataptr, int length) { int len = buffer_size; int tx = 0; - + if(data_prot == prot_clear) return write(fd, dataptr, length); @@ -337,7 +331,7 @@ sec_putc(int c, FILE *F) char ch = c; if(data_prot == prot_clear) return putc(c, F); - + buffer_write(&out_buffer, &ch, 1); if(c == '\n' || out_buffer.index >= 1024 /* XXX */) { sec_write(fileno(F), out_buffer.data, out_buffer.index); @@ -352,14 +346,14 @@ sec_read_msg(char *s, int level) int len; char *buf; int return_code; - + buf = malloc(strlen(s)); len = base64_decode(s + 4, buf); /* XXX */ - + len = (*mech->decode)(app_data, buf, len, level); if(len < 0) return -1; - + buf[len] = '\0'; if(buf[3] == '-') @@ -381,7 +375,7 @@ sec_vfprintf(FILE *f, const char *fmt, va_list ap) int len; if(!sec_complete) return vfprintf(f, fmt, ap); - + if (vasprintf(&buf, fmt, ap) == -1) { printf("Failed to allocate command.\n"); return -1; @@ -520,10 +514,10 @@ prot(char *pl) reply(504, "Unrecognized protection level."); return; } - + if(sec_complete){ if((*mech->check_prot)(app_data, p)){ - reply(536, "%s does not support %s protection.", + reply(536, "%s does not support %s protection.", mech->name, level_to_name(p)); }else{ data_prot = (enum protection_level)p; @@ -556,14 +550,20 @@ void mec(char *msg, enum protection_level level) } buf_size = strlen(msg) + 2; buf = malloc(buf_size); + if (buf == NULL) { + reply(501, "Failed to allocate %lu", (unsigned long)buf_size); + return; + } len = base64_decode(msg, buf); command_prot = level; if(len == (size_t)-1) { + free(buf); reply(501, "Failed to base64-decode command"); return; } len = (*mech->decode)(app_data, buf, len, level); if(len == (size_t)-1) { + free(buf); reply(535, "Failed to decode command"); return; } @@ -628,7 +628,7 @@ sec_status(void) printf("Using %s command channel.\n", level_to_name(command_prot)); printf("Using %s data channel.\n", level_to_name(data_prot)); if(buffer_size > 0) - printf("Protection buffer size: %lu.\n", + printf("Protection buffer size: %lu.\n", (unsigned long)buffer_size); }else{ printf("Not using any security mechanism.\n"); @@ -669,7 +669,7 @@ sec_prot_internal(int level) printf("Failed to set protection level.\n"); return -1; } - + data_prot = (enum protection_level)level; return 0; } @@ -683,7 +683,7 @@ set_command_prot(enum protection_level level) ret = command("CCC"); if(ret != COMPLETE) { printf("Failed to clear command channel.\n"); - return -1; + return prot_invalid; } } command_prot = level; @@ -708,17 +708,17 @@ sec_prot(int argc, char **argv) return; } level = name_to_level(argv[argc - 1]); - + if(level == -1) goto usage; - + if((*mech->check_prot)(app_data, level)) { - printf("%s does not implement %s protection.\n", + printf("%s does not implement %s protection.\n", mech->name, level_to_name(level)); code = -1; return; } - + if(argc == 2 || strncasecmp(argv[1], "data", strlen(argv[1])) == 0) { if(sec_prot_internal(level) < 0){ code = -1; @@ -759,9 +759,9 @@ sec_prot_command(int argc, char **argv) level = name_to_level(argv[1]); if(level == -1) goto usage; - + if((*mech->check_prot)(app_data, level)) { - printf("%s does not implement %s protection.\n", + printf("%s does not implement %s protection.\n", mech->name, level_to_name(level)); code = -1; return; @@ -808,7 +808,7 @@ sec_login(char *host) verbose = -1; /* shut up all messages this will produce (they are usually not very user friendly) */ - + for(m = mechs; *m && (*m)->name; m++) { void *tmp; @@ -818,7 +818,7 @@ sec_login(char *host) return -1; } app_data = tmp; - + if((*m)->init && (*(*m)->init)(app_data) != 0) { printf("Skipping %s...\n", (*m)->name); continue; @@ -840,7 +840,7 @@ sec_login(char *host) } ret = (*(*m)->auth)(app_data, host); - + if(ret == AUTH_CONTINUE) continue; else if(ret != AUTH_OK){ @@ -852,13 +852,13 @@ sec_login(char *host) sec_complete = 1; if(doencrypt) { command_prot = prot_private; - request_data_prot = prot_private; + request_data_prot = prot_private; } else { command_prot = prot_safe; } break; } - + verbose = old_verbose; return *m == NULL; } diff --git a/appl/gssmask/Makefile.am b/appl/gssmask/Makefile.am index 347a27ec9290..55673a03999c 100644 --- a/appl/gssmask/Makefile.am +++ b/appl/gssmask/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 18468 2006-10-14 13:50:51Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -8,5 +8,6 @@ gssmask_SOURCES = gssmask.c common.c common.h protocol.h gssmaestro_SOURCES = gssmaestro.c common.c common.h protocol.h -LDADD = $(top_builddir)/lib/gssapi/libgssapi.la $(LIB_roken) +LDADD = $(top_builddir)/lib/gssapi/libgssapi.la $(LIB_roken) $(top_builddir)/lib/krb5/libkrb5.la +EXTRA_DIST = NTMakefile diff --git a/appl/gssmask/Makefile.in b/appl/gssmask/Makefile.in index a51092274cfe..e01b83ede203 100644 --- a/appl/gssmask/Makefile.in +++ b/appl/gssmask/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 18468 2006-10-14 13:50:51Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,7 +47,7 @@ noinst_PROGRAMS = gssmask$(EXEEXT) gssmaestro$(EXEEXT) subdir = appl/gssmask ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -60,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -74,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -84,27 +89,28 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = PROGRAMS = $(noinst_PROGRAMS) am_gssmaestro_OBJECTS = gssmaestro.$(OBJEXT) common.$(OBJEXT) gssmaestro_OBJECTS = $(am_gssmaestro_OBJECTS) gssmaestro_LDADD = $(LDADD) am__DEPENDENCIES_1 = gssmaestro_DEPENDENCIES = $(top_builddir)/lib/gssapi/libgssapi.la \ - $(am__DEPENDENCIES_1) + $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la am_gssmask_OBJECTS = gssmask.$(OBJEXT) common.$(OBJEXT) gssmask_OBJECTS = $(am_gssmask_OBJECTS) gssmask_LDADD = $(LDADD) gssmask_DEPENDENCIES = $(top_builddir)/lib/gssapi/libgssapi.la \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = + $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -123,49 +129,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -189,10 +204,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -209,6 +225,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -224,31 +242,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -263,10 +295,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -307,49 +341,55 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la gssmask_SOURCES = gssmask.c common.c common.h protocol.h gssmaestro_SOURCES = gssmaestro.c common.c common.h protocol.h -LDADD = $(top_builddir)/lib/gssapi/libgssapi.la $(LIB_roken) +LDADD = $(top_builddir)/lib/gssapi/libgssapi.la $(LIB_roken) $(top_builddir)/lib/krb5/libkrb5.la +EXTRA_DIST = NTMakefile all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/gssmask/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/gssmask/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/gssmask/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/gssmask/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -367,13 +407,16 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list gssmaestro$(EXEEXT): $(gssmaestro_OBJECTS) $(gssmaestro_DEPENDENCIES) @rm -f gssmaestro$(EXEEXT) $(LINK) $(gssmaestro_OBJECTS) $(gssmaestro_LDADD) $(LIBS) @@ -387,14 +430,30 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/common.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gssmaestro.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gssmask.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo @@ -407,45 +466,49 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -466,13 +529,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -504,6 +571,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -514,6 +582,7 @@ clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -524,6 +593,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -531,26 +602,35 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -570,9 +650,8 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-generic clean-libtool clean-noinstPROGRAMS ctags \ @@ -657,6 +736,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -742,7 +824,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -755,6 +837,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/gssmask/NTMakefile b/appl/gssmask/NTMakefile new file mode 100644 index 000000000000..4ad1dc4f753c --- /dev/null +++ b/appl/gssmask/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\gssmask + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/gssmask/common.c b/appl/gssmask/common.c index a57b803abafb..8d7d8fa2252b 100644 --- a/appl/gssmask/common.c +++ b/appl/gssmask/common.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,7 +32,7 @@ */ #include -RCSID("$Id: common.c 18900 2006-11-03 05:21:01Z lha $"); +RCSID("$Id$"); krb5_error_code store_string(krb5_storage *sp, const char *str) @@ -62,8 +62,8 @@ add_list(char ****list, size_t *listlen, char **str, size_t len) } static void -permute(char ****list, size_t *listlen, - char **str, const int start, const int len) +permute(char ****list, size_t *listlen, + char **str, const int start, const int len) { int i, j; diff --git a/appl/gssmask/common.h b/appl/gssmask/common.h index a44339e4596c..cd9b0817f55d 100644 --- a/appl/gssmask/common.h +++ b/appl/gssmask/common.h @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -31,13 +31,13 @@ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* $Id: common.h 18250 2006-10-06 07:22:00Z lha $ */ +/* $Id$ */ #ifdef HAVE_CONFIG_H #include #endif -/* +/* * pthread support is disable because the pthread * test have no "application pthread libflags" variable, * when this is fixed pthread support can be enabled again. @@ -55,7 +55,9 @@ #include #include -#include +#include +#include +#include #include #include diff --git a/appl/gssmask/gssmaestro.c b/appl/gssmask/gssmaestro.c index 610c53f5f59b..c972cada2621 100644 --- a/appl/gssmask/gssmaestro.c +++ b/appl/gssmask/gssmaestro.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,7 +32,7 @@ */ #include -RCSID("$Id: gssmaestro.c 21605 2007-07-17 06:51:57Z lha $"); +RCSID("$Id$"); static FILE *logfile; @@ -61,9 +61,9 @@ static struct client **clients; static int num_clients; static int -init_sec_context(struct client *client, +init_sec_context(struct client *client, int32_t *hContext, int32_t *hCred, - int32_t flags, + int32_t flags, const char *targetname, const krb5_data *itoken, krb5_data *otoken) { @@ -82,7 +82,7 @@ init_sec_context(struct client *client, } static int -accept_sec_context(struct client *client, +accept_sec_context(struct client *client, int32_t *hContext, int32_t flags, const krb5_data *itoken, @@ -103,7 +103,7 @@ accept_sec_context(struct client *client, } static int -acquire_cred(struct client *client, +acquire_cred(struct client *client, const char *username, const char *password, int32_t flags, @@ -120,7 +120,7 @@ acquire_cred(struct client *client, } static int -toast_resource(struct client *client, +toast_resource(struct client *client, int32_t hCred) { int32_t val; @@ -138,7 +138,7 @@ goodbye(struct client *client) } static int -get_targetname(struct client *client, +get_targetname(struct client *client, char **target) { put32(client, eGetTargetName); @@ -162,7 +162,7 @@ encrypt_token(struct client *client, int32_t hContext, int32_t flags, } static int32_t -decrypt_token(struct client *client, int32_t hContext, int flags, +decrypt_token(struct client *client, int32_t hContext, int flags, krb5_data *in, krb5_data *out) { int32_t val; @@ -176,6 +176,42 @@ decrypt_token(struct client *client, int32_t hContext, int flags, return val; } +static int32_t +wrap_token_ext(struct client *client, int32_t hContext, int32_t flags, + int32_t bflags, krb5_data *header, krb5_data *in, krb5_data *trailer, + krb5_data *out) +{ + int32_t val; + put32(client, eWrapExt); + put32(client, hContext); + put32(client, flags); + put32(client, bflags); + putdata(client, *header); + putdata(client, *in); + putdata(client, *trailer); + ret32(client, val); + retdata(client, *out); + return val; +} + +static int32_t +unwrap_token_ext(struct client *client, int32_t hContext, int32_t flags, + int32_t bflags, krb5_data *header, krb5_data *in, krb5_data *trailer, + krb5_data *out) +{ + int32_t val; + put32(client, eUnwrapExt); + put32(client, hContext); + put32(client, flags); + put32(client, bflags); + putdata(client, *header); + putdata(client, *in); + putdata(client, *trailer); + ret32(client, val); + retdata(client, *out); + return val; +} + static int32_t get_mic(struct client *client, int32_t hContext, krb5_data *in, krb5_data *mic) @@ -192,7 +228,7 @@ get_mic(struct client *client, int32_t hContext, } static int32_t -verify_mic(struct client *client, int32_t hContext, +verify_mic(struct client *client, int32_t hContext, krb5_data *in, krb5_data *mic) { int32_t val; @@ -208,7 +244,7 @@ verify_mic(struct client *client, int32_t hContext, static int32_t -get_version_capa(struct client *client, +get_version_capa(struct client *client, int32_t *version, int32_t *capa, char **version_str) { @@ -220,7 +256,7 @@ get_version_capa(struct client *client, } static int32_t -get_moniker(struct client *client, +get_moniker(struct client *client, char **moniker) { put32(client, eGetMoniker); @@ -291,7 +327,7 @@ build_context(struct client *ipeer, struct client *apeer, krb5_data_zero(&itoken); while (!iDone || !aDone) { - + if (iDone) { warnx("iPeer already done, aPeer want extra rtt"); val = GSMERR_ERROR; @@ -310,7 +346,7 @@ build_context(struct client *ipeer, struct client *apeer, case GSMERR_CONTINUE_NEEDED: break; default: - warnx("iPeer %s failed with %d (step %d)", + warnx("iPeer %s failed with %d (step %d)", ipeer->name, (int)val, step); goto out; } @@ -369,13 +405,13 @@ build_context(struct client *ipeer, struct client *apeer, out: return val; } - + static void test_mic(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2) { krb5_data msg, mic; int32_t val; - + msg.data = "foo"; msg.length = 3; @@ -392,12 +428,12 @@ test_mic(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2) } static int32_t -test_wrap(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2, +test_wrap(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2, int conf) { krb5_data msg, wrapped, out; int32_t val; - + msg.data = "foo"; msg.length = 3; @@ -431,22 +467,95 @@ test_wrap(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2, } static int32_t -test_token(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2) +test_wrap_ext(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2, + int conf, int bflags) +{ + krb5_data header, msg, trailer, wrapped, out; + int32_t val; + + header.data = "header"; + header.length = 6; + + msg.data = "0123456789abcdef"; /* padded for most enctypes */ + msg.length = 32; + + trailer.data = "trailer"; + trailer.length = 7; + + krb5_data_zero(&wrapped); + krb5_data_zero(&out); + + val = wrap_token_ext(c1, hc1, conf, bflags, &header, &msg, &trailer, &wrapped); + if (val) { + warnx("encrypt_token failed to host: %s", c1->moniker); + return val; + } + val = unwrap_token_ext(c2, hc2, conf, bflags, &header, &wrapped, &trailer, &out); + if (val) { + krb5_data_free(&wrapped); + warnx("decrypt_token failed to host: %s", c2->moniker); + return val; + } + + if (msg.length != out.length) { + warnx("decrypted'ed token have wrong length (%lu != %lu)", + (unsigned long)msg.length, (unsigned long)out.length); + val = GSMERR_ERROR; + } else if (memcmp(msg.data, out.data, msg.length) != 0) { + warnx("decryptd'ed token have wrong data"); + val = GSMERR_ERROR; + } + + krb5_data_free(&wrapped); + krb5_data_free(&out); + return val; +} + + +static int32_t +test_token(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2, int wrap_ext) { int32_t val; int i; for (i = 0; i < 10; i++) { + /* mic */ test_mic(c1, hc1, c2, hc2); test_mic(c2, hc2, c1, hc1); + + /* wrap */ val = test_wrap(c1, hc1, c2, hc2, 0); if (val) return val; val = test_wrap(c2, hc2, c1, hc1, 0); if (val) return val; + val = test_wrap(c1, hc1, c2, hc2, 1); if (val) return val; val = test_wrap(c2, hc2, c1, hc1, 1); if (val) return val; + + if (wrap_ext) { + /* wrap ext */ + val = test_wrap_ext(c1, hc1, c2, hc2, 1, 0); + if (val) return val; + val = test_wrap_ext(c2, hc2, c1, hc1, 1, 0); + if (val) return val; + + val = test_wrap_ext(c1, hc1, c2, hc2, 1, 1); + if (val) return val; + val = test_wrap_ext(c2, hc2, c1, hc1, 1, 1); + if (val) return val; + + val = test_wrap_ext(c1, hc1, c2, hc2, 0, 0); + if (val) return val; + val = test_wrap_ext(c2, hc2, c1, hc1, 0, 0); + if (val) return val; + + val = test_wrap_ext(c1, hc1, c2, hc2, 0, 1); + if (val) return val; + val = test_wrap_ext(c2, hc2, c1, hc1, 0, 1); + if (val) return val; + } } return GSMERR_OK; } @@ -476,9 +585,9 @@ log_function(void *ptr) goto out; if (krb5_ret_string(c->logsock, &string)) goto out; - printf("%s:%lu: %s\n", + printf("%s:%lu: %s\n", file, (unsigned long)line, string); - fprintf(logfile, "%s:%lu: %s\n", + fprintf(logfile, "%s:%lu: %s\n", file, (unsigned long)line, string); fflush(logfile); free(file); @@ -510,7 +619,7 @@ connect_client(const char *slave) *port++ = 0; c->name = estrdup(slave); - + memset(&hints, 0, sizeof(hints)); hints.ai_family = PF_UNSPEC; hints.ai_socktype = SOCK_STREAM; @@ -584,7 +693,7 @@ connect_client(const char *slave) clients = erealloc(clients, (num_clients + 1) * sizeof(*clients)); - + clients[num_clients] = c; num_clients++; @@ -607,6 +716,7 @@ get_client(const char *slave) static int version_flag; static int help_flag; +static int wrap_ext = 0; static char *logfile_str; static getarg_strings principals; static getarg_strings slaves; @@ -618,6 +728,8 @@ struct getargs args[] = { NULL }, { "log-file", 0, arg_string, &logfile_str, "Logfile", NULL }, + { "wrap-ext", 0, arg_flag, &wrap_ext, "test wrap extended", + NULL }, { "version", 0, arg_flag, &version_flag, "Print version", NULL }, { "help", 0, arg_flag, &help_flag, NULL, @@ -668,7 +780,7 @@ main(int argc, char **argv) if (password == NULL) errx(1, "password missing from %s", user); *password++ = 0; - + if (slaves.num_strings == 0) errx(1, "no principals"); @@ -703,7 +815,7 @@ main(int argc, char **argv) val = acquire_cred(clients[i], user, password, 1, &hCred); if (val != GSMERR_OK) { - warnx("Failed to acquire_cred on host %s: %d", + warnx("Failed to acquire_cred on host %s: %d", clients[i]->moniker, (int)val); failed = 1; } else @@ -713,7 +825,7 @@ main(int argc, char **argv) if (failed) goto out; - /* + /* * First test if all slaves can build context to them-self. */ @@ -722,7 +834,7 @@ main(int argc, char **argv) int32_t hCred, val, delegCred; int32_t clientC, serverC; struct client *c = clients[i]; - + if (c->target_name == NULL) continue; @@ -732,14 +844,14 @@ main(int argc, char **argv) val = acquire_cred(c, user, password, 1, &hCred); if (val != GSMERR_OK) errx(1, "failed to acquire_cred: %d", (int)val); - - val = build_context(c, c, + + val = build_context(c, c, GSS_C_REPLAY_FLAG|GSS_C_SEQUENCE_FLAG| GSS_C_INTEG_FLAG|GSS_C_CONF_FLAG| GSS_C_DELEG_FLAG|GSS_C_MUTUAL_FLAG, hCred, &clientC, &serverC, &delegCred); if (val == GSMERR_OK) { - test_token(c, clientC, c, serverC); + test_token(c, clientC, c, serverC, wrap_ext); toast_resource(c, clientC); toast_resource(c, serverC); if (delegCred) @@ -755,7 +867,7 @@ main(int argc, char **argv) GSS_C_INTEG_FLAG|GSS_C_CONF_FLAG, hCred, &clientC, &serverC, &delegCred); if (val == GSMERR_OK) { - test_token(c, clientC, c, serverC); + test_token(c, clientC, c, serverC, wrap_ext); toast_resource(c, clientC); toast_resource(c, serverC); if (delegCred) @@ -781,18 +893,18 @@ main(int argc, char **argv) int32_t hCred, val, delegCred = 0; int32_t clientC = 0, serverC = 0; struct client *client, *server; - + p = list[i]; - + client = get_client(p[0]); - + val = acquire_cred(client, user, password, 1, &hCred); if (val != GSMERR_OK) errx(1, "failed to acquire_cred: %d", (int)val); for (j = 1; j < num_clients + 1; j++) { server = get_client(p[j % num_clients]); - + if (server->target_name == NULL) break; @@ -809,11 +921,11 @@ main(int argc, char **argv) warnx("build_context failed: %d", (int)val); break; } - - val = test_token(client, clientC, server, serverC); + + val = test_token(client, clientC, server, serverC, wrap_ext); if (val) break; - + toast_resource(client, clientC); toast_resource(server, serverC); if (!delegCred) { @@ -827,11 +939,11 @@ main(int argc, char **argv) if (hCred) toast_resource(client, hCred); } - + /* * Close all connections to clients */ - + out: printf("sending goodbye and waiting for log sockets\n"); for (i = 0; i < num_clients; i++) { diff --git a/appl/gssmask/gssmask.c b/appl/gssmask/gssmask.c index 46b532b61f5a..916837b42de1 100644 --- a/appl/gssmask/gssmask.c +++ b/appl/gssmask/gssmask.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,7 +32,7 @@ */ #include "common.h" -RCSID("$Id: gssmask.c 21229 2007-06-20 10:19:19Z lha $"); +RCSID("$Id$"); /* * @@ -151,7 +151,7 @@ find_handle(struct handle *h, int32_t idx, enum handle_type type) { if (idx == 0) return NULL; - + while (h) { if (h->idx == idx) { if (type == h->type) @@ -160,7 +160,7 @@ find_handle(struct handle *h, int32_t idx, enum handle_type type) } h = h->next; } - return NULL; + return NULL; } @@ -229,7 +229,7 @@ acquire_cred(struct client *c, "krb5_get_init_creds failed: %d", ret); return convert_krb5_to_gsm(ret); } - + ret = krb5_cc_new_unique(context, "MEMORY", NULL, &id); if (ret) krb5_err (context, 1, ret, "krb5_cc_initialize"); @@ -237,7 +237,7 @@ acquire_cred(struct client *c, ret = krb5_cc_initialize (context, id, cred.client); if (ret) krb5_err (context, 1, ret, "krb5_cc_initialize"); - + ret = krb5_cc_store_cred (context, id, &cred); if (ret) krb5_err (context, 1, ret, "krb5_cc_store_cred"); @@ -284,14 +284,14 @@ static int HandleOP(GoodBye) { struct handle *h = c->handles; - int i = 0; + unsigned int i = 0; while (h) { h = h->next; i++; } - if (i != 0) + if (i) logmessage(c, __FILE__, __LINE__, 0, "Did not toast all resources: %d", i); return 1; @@ -358,7 +358,7 @@ HandleOP(InitContext) if (ctx) krb5_errx(context, 1, "initcreds, context not NULL, but first req"); } - + if ((flags & GSS_C_DELEG_FLAG) != 0) logmessage(c, __FILE__, __LINE__, 0, "init_sec_context delegating"); if ((flags & GSS_C_DCE_STYLE) != 0) @@ -370,7 +370,7 @@ HandleOP(InitContext) gss_target_name, oid, flags & 0x7f, - 0, + 0, NULL, input_token_ptr, NULL, @@ -382,7 +382,7 @@ HandleOP(InitContext) del_handle(&c->handles, hContext); new_context_id = 0; logmessage(c, __FILE__, __LINE__, 0, - "gss_init_sec_context returns code: %d/%d", + "gss_init_sec_context returns code: %d/%d", maj_stat, min_stat); } else { if (input_token.length == 0) @@ -461,7 +461,7 @@ HandleOP(AcceptContext) if (hContext != 0) del_handle(&c->handles, hContext); logmessage(c, __FILE__, __LINE__, 0, - "gss_accept_sec_context returns code: %d/%d", + "gss_accept_sec_context returns code: %d/%d", maj_stat, min_stat); new_context_id = 0; } else { @@ -484,8 +484,8 @@ HandleOP(AcceptContext) gss_release_cred(&min_stat, &deleg_cred); deleg_hcred = 0; } - - + + gsm_error = convert_gss_to_gsm(maj_stat); put32(c, new_context_id); @@ -534,11 +534,11 @@ HandleOP(AcquireCreds) gsm_error = convert_krb5_to_gsm(ret); goto out; } - + ret = krb5_get_init_creds_opt_alloc (context, &opt); if (ret) krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc"); - + krb5_get_init_creds_opt_set_pa_password(context, opt, password, NULL); gsm_error = acquire_cred(c, principal, opt, &handle); @@ -580,22 +580,22 @@ HandleOP(Sign) input_token.length = token.length; input_token.value = token.data; - + maj_stat = gss_get_mic(&min_stat, ctx, 0, &input_token, &output_token); if (maj_stat != GSS_S_COMPLETE) errx(1, "gss_get_mic failed"); - + krb5_data_free(&token); - + token.data = output_token.value; token.length = output_token.length; - + put32(c, 0); /* XXX fix gsm_error */ putdata(c, token); - + gss_release_buffer(&min_stat, &output_token); - + return 0; } @@ -621,7 +621,7 @@ HandleOP(Verify) msg_token.length = msg.length; msg_token.value = msg.data; - + retdata(c, mic); mic_token.length = mic.length; @@ -631,12 +631,12 @@ HandleOP(Verify) &mic_token, &qop); if (maj_stat != GSS_S_COMPLETE) errx(1, "gss_verify_mic failed"); - + krb5_data_free(&mic); krb5_data_free(&msg); - + put32(c, 0); /* XXX fix gsm_error */ - + return 0; } @@ -653,7 +653,7 @@ HandleOP(GetVersionAndCapabilities) { struct utsname ut; if (uname(&ut) == 0) { - snprintf(name, sizeof(name), "%s-%s-%s", + snprintf(name, sizeof(name), "%s-%s-%s", ut.sysname, ut.version, ut.machine); } } @@ -663,7 +663,7 @@ HandleOP(GetVersionAndCapabilities) put32(c, GSSMAGGOTPROTOCOL); put32(c, cap); - putstring(c, str); + putstring(c, str); free(str); return 0; @@ -711,12 +711,12 @@ HandleOP(SetLoggingSocket) krb5_store_int32(c->logging, eLogSetMoniker); store_string(c->logging, c->moniker); - + logmessage(c, __FILE__, __LINE__, 0, "logging turned on"); return 0; } - + static int HandleOP(ChangePassword) @@ -751,22 +751,22 @@ HandleOP(Wrap) input_token.length = token.length; input_token.value = token.data; - + maj_stat = gss_wrap(&min_stat, ctx, flags, 0, &input_token, &conf_state, &output_token); if (maj_stat != GSS_S_COMPLETE) errx(1, "gss_wrap failed"); - + krb5_data_free(&token); - + token.data = output_token.value; token.length = output_token.length; - + put32(c, 0); /* XXX fix gsm_error */ putdata(c, token); - + gss_release_buffer(&min_stat, &output_token); - + return 0; } @@ -793,13 +793,13 @@ HandleOP(Unwrap) input_token.length = token.length; input_token.value = token.data; - + maj_stat = gss_unwrap(&min_stat, ctx, &input_token, &output_token, &conf_state, &qop_state); - + if (maj_stat != GSS_S_COMPLETE) errx(1, "gss_unwrap failed: %d/%d", maj_stat, min_stat); - + krb5_data_free(&token); if (maj_stat == GSS_S_COMPLETE) { token.data = output_token.value; @@ -853,19 +853,180 @@ HandleOP(AcquirePKInitCreds) { int32_t flags; krb5_data pfxdata; + char fn[] = "FILE:/tmp/pkcs12-creds-XXXXXXX"; + krb5_principal principal = NULL; + int fd; ret32(c, flags); retdata(c, pfxdata); - /* get credentials */ + fd = mkstemp(fn + 5); + if (fd < 0) + errx(1, "mkstemp"); + net_write(fd, pfxdata.data, pfxdata.length); krb5_data_free(&pfxdata); + close(fd); + + if (principal) + krb5_free_principal(context, principal); put32(c, -1); /* hResource */ put32(c, GSMERR_NOT_SUPPORTED); return 0; } +static int +HandleOP(WrapExt) +{ + OM_uint32 maj_stat, min_stat; + int32_t hContext, flags, bflags; + krb5_data token, header, trailer; + gss_ctx_id_t ctx; + unsigned char *p; + int conf_state, iov_len; + gss_iov_buffer_desc iov[6]; + + ret32(c, hContext); + ret32(c, flags); + ret32(c, bflags); + retdata(c, header); + retdata(c, token); + retdata(c, trailer); + + ctx = find_handle(c->handles, hContext, handle_context); + if (ctx == NULL) + errx(1, "wrap: reference to unknown context"); + + memset(&iov, 0, sizeof(iov)); + + iov_len = sizeof(iov)/sizeof(iov[0]); + + if (bflags & WRAP_EXP_ONLY_HEADER) + iov_len -= 2; /* skip trailer and padding, aka dce-style */ + + iov[0].type = GSS_IOV_BUFFER_TYPE_HEADER | GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE; + if (header.length != 0) { + iov[1].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY; + iov[1].buffer.length = header.length; + iov[1].buffer.value = header.data; + } else { + iov[1].type = GSS_IOV_BUFFER_TYPE_EMPTY; + } + iov[2].type = GSS_IOV_BUFFER_TYPE_DATA; + iov[2].buffer.length = token.length; + iov[2].buffer.value = token.data; + if (trailer.length != 0) { + iov[3].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY; + iov[3].buffer.length = trailer.length; + iov[3].buffer.value = trailer.data; + } else { + iov[3].type = GSS_IOV_BUFFER_TYPE_EMPTY; + } + iov[4].type = GSS_IOV_BUFFER_TYPE_PADDING | GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE; + iov[5].type = GSS_IOV_BUFFER_TYPE_TRAILER | GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE; + + maj_stat = gss_wrap_iov_length(&min_stat, ctx, flags, 0, &conf_state, + iov, iov_len); + if (maj_stat != GSS_S_COMPLETE) + errx(1, "gss_wrap_iov_length failed"); + + maj_stat = gss_wrap_iov(&min_stat, ctx, flags, 0, &conf_state, + iov, iov_len); + if (maj_stat != GSS_S_COMPLETE) + errx(1, "gss_wrap_iov failed"); + + krb5_data_free(&token); + + token.length = iov[0].buffer.length + iov[2].buffer.length + iov[4].buffer.length + iov[5].buffer.length; + token.data = malloc(token.length); + + p = token.data; + memcpy(p, iov[0].buffer.value, iov[0].buffer.length); + p += iov[0].buffer.length; + memcpy(p, iov[2].buffer.value, iov[2].buffer.length); + p += iov[2].buffer.length; + memcpy(p, iov[4].buffer.value, iov[4].buffer.length); + p += iov[4].buffer.length; + memcpy(p, iov[5].buffer.value, iov[5].buffer.length); + p += iov[5].buffer.length; + + gss_release_iov_buffer(NULL, iov, iov_len); + + put32(c, 0); /* XXX fix gsm_error */ + putdata(c, token); + + free(token.data); + + return 0; +} + + +static int +HandleOP(UnwrapExt) +{ + OM_uint32 maj_stat, min_stat; + int32_t hContext, flags, bflags; + krb5_data token, header, trailer; + gss_ctx_id_t ctx; + gss_iov_buffer_desc iov[3]; + int conf_state, iov_len; + gss_qop_t qop_state; + + ret32(c, hContext); + ret32(c, flags); + ret32(c, bflags); + retdata(c, header); + retdata(c, token); + retdata(c, trailer); + + iov_len = sizeof(iov)/sizeof(iov[0]); + + if (bflags & WRAP_EXP_ONLY_HEADER) + iov_len -= 1; /* skip trailer and padding, aka dce-style */ + + ctx = find_handle(c->handles, hContext, handle_context); + if (ctx == NULL) + errx(1, "unwrap: reference to unknown context"); + + if (header.length != 0) { + iov[0].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY; + iov[0].buffer.length = header.length; + iov[0].buffer.value = header.data; + } else { + iov[0].type = GSS_IOV_BUFFER_TYPE_EMPTY; + } + iov[1].type = GSS_IOV_BUFFER_TYPE_DATA; + iov[1].buffer.length = token.length; + iov[1].buffer.value = token.data; + + if (trailer.length != 0) { + iov[2].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY; + iov[2].buffer.length = trailer.length; + iov[2].buffer.value = trailer.data; + } else { + iov[2].type = GSS_IOV_BUFFER_TYPE_EMPTY; + } + + maj_stat = gss_unwrap_iov(&min_stat, ctx, &conf_state, &qop_state, + iov, iov_len); + + if (maj_stat != GSS_S_COMPLETE) + errx(1, "gss_unwrap failed: %d/%d", maj_stat, min_stat); + + if (maj_stat == GSS_S_COMPLETE) { + token.data = iov[1].buffer.value; + token.length = iov[1].buffer.length; + } else { + token.data = NULL; + token.length = 0; + } + put32(c, 0); /* XXX fix gsm_error */ + putdata(c, token); + + return 0; +} + /* * */ @@ -899,7 +1060,9 @@ struct handler handlers[] = { S(ConnectLoggingService2), S(GetMoniker), S(CallExtension), - S(AcquirePKInitCreds) + S(AcquirePKInitCreds), + S(WrapExt), + S(UnwrapExt), }; #undef S @@ -937,16 +1100,16 @@ create_client(int fd, int port, const char *moniker) { c->salen = sizeof(c->sa); getpeername(fd, (struct sockaddr *)&c->sa, &c->salen); - - getnameinfo((struct sockaddr *)&c->sa, c->salen, - c->servername, sizeof(c->servername), + + getnameinfo((struct sockaddr *)&c->sa, c->salen, + c->servername, sizeof(c->servername), NULL, 0, NI_NUMERICHOST); } c->sock = krb5_storage_from_fd(fd); if (c->sock == NULL) errx(1, "krb5_storage_from_fd"); - + close(fd); return c; @@ -987,7 +1150,7 @@ handleServer(void *ptr) } logmessage(c, __FILE__, __LINE__, 0, - "---> Got op %s from server %s", + "---> Got op %s from server %s", handler->name, c->servername); if ((handler->func)(handler->op, c)) @@ -1072,11 +1235,11 @@ main(int argc, char **argv) err(1, "error opening %s", lf); } - mini_inetd(htons(port)); + mini_inetd(htons(port), NULL); fprintf(logfile, "connected\n"); { - struct client *c; + struct client *c; c = create_client(0, port, moniker_str); /* close(0); */ diff --git a/appl/gssmask/protocol.h b/appl/gssmask/protocol.h index 3683fa6edb1d..1e1f14102624 100644 --- a/appl/gssmask/protocol.h +++ b/appl/gssmask/protocol.h @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,7 +32,7 @@ */ /* - * $Id: protocol.h 18352 2006-10-08 13:53:28Z lha $ + * $Id$ */ /* missing from tests: @@ -63,9 +63,9 @@ enum gssMaggotErrorCodes { * int32: message OP (enum gssMaggotProtocol) * ... * - * return: -- on error + * return: -- on error * int32: not support (GSMERR_NOT_SUPPORTED) - * + * * return: -- on existing message OP * int32: support (GSMERR_OK) -- only sent for extensions * ... @@ -75,28 +75,28 @@ enum gssMaggotErrorCodes { enum gssMaggotOp { eGetVersionInfo = 0, - /* + /* * input: * none * return: - * int32: last version handled + * int32: last version handled */ eGoodBye, - /* + /* * input: * none * return: * close socket */ eInitContext, - /* + /* * input: * int32: hContext * int32: hCred * int32: Flags * the lowest 0x7f flags maps directly to GSS-API flags - * DELEGATE 0x001 - * MUTUAL_AUTH 0x002 + * DELEGATE 0x001 + * MUTUAL_AUTH 0x002 * REPLAY_DETECT 0x004 * SEQUENCE_DETECT 0x008 * CONFIDENTIALITY 0x010 @@ -115,7 +115,7 @@ enum gssMaggotOp { * length-encoded: output token */ eAcceptContext, - /* + /* * input: * int32: hContext * int32: Flags -- unused ? @@ -153,7 +153,7 @@ enum gssMaggotOp { /* * input: * int32: hContext - * int32: flags -- unused + * int32: flags * int32: seqno -- unused * length-encode: plaintext * return: @@ -164,7 +164,7 @@ enum gssMaggotOp { /* * input: * int32: hContext - * int32: flags -- unused + * int32: flags * int32: seqno -- unused * length-encode: ciphertext * return: @@ -177,7 +177,7 @@ enum gssMaggotOp { /* * input: * int32: hContext - * int32: flags -- unused + * int32: flags * int32: seqno -- unused * length-encode: message * length-encode: signature @@ -229,7 +229,7 @@ enum gssMaggotOp { * return1: * int16: log port number * int32: master log prototocol version (0) - * + * * wait for master to connect on the master log socket * * return2: @@ -259,9 +259,40 @@ enum gssMaggotOp { * int32: gsm status val (GSMERR_NOT_SUPPORTED) */ /* here ended version 7 of the protocol */ + eWrapExt, + /* + * input: + * int32: hContext + * int32: flags + * int32: bflags + * length-encode: protocol header + * length-encode: plaintext + * length-encode: protocol trailer + * return: + * int32: gsm status val + * length-encode: ciphertext + */ + eUnwrapExt, + /* + * input: + * int32: hContext + * int32: flags + * int32: bflags + * length-encode: protocol header + * length-encode: ciphertext + * length-encode: protocol trailer + * return: + * int32: gsm status val + * length-encode: plaintext + */ + /* here ended version 8 of the protocol */ + eLastProtocolMessage }; +/* bflags */ +#define WRAP_EXP_ONLY_HEADER 1 + enum gssMaggotLogOp{ eLogInfo = 0, /* diff --git a/appl/kf/Makefile.am b/appl/kf/Makefile.am index 10d4be6ca65b..0b38057ca6d1 100644 --- a/appl/kf/Makefile.am +++ b/appl/kf/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -17,4 +17,4 @@ LDADD = $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) diff --git a/appl/kf/Makefile.in b/appl/kf/Makefile.in index 1dc0684ead24..906abf7e532f 100644 --- a/appl/kf/Makefile.in +++ b/appl/kf/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -46,7 +48,7 @@ libexec_PROGRAMS = kfd$(EXEEXT) subdir = appl/kf ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -61,7 +63,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -75,9 +77,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -85,16 +90,15 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" \ "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) am_kf_OBJECTS = kf.$(OBJEXT) kf_OBJECTS = $(am_kf_OBJECTS) @@ -109,9 +113,9 @@ kfd_LDADD = $(LDADD) kfd_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -123,6 +127,27 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(kf_SOURCES) $(kfd_SOURCES) DIST_SOURCES = $(kf_SOURCES) $(kfd_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man1dir = $(mandir)/man1 man8dir = $(mandir)/man8 MANS = $(man_MANS) @@ -133,49 +158,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -199,10 +233,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -219,6 +254,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -234,31 +271,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -273,10 +324,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -317,29 +370,34 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la man_MANS = kf.1 kfd.8 kf_SOURCES = kf.c kf_locl.h @@ -349,23 +407,23 @@ LDADD = $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/kf/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/kf/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/kf/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/kf/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -383,62 +441,93 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list kf$(EXEEXT): $(kf_OBJECTS) $(kf_DEPENDENCIES) @rm -f kf$(EXEEXT) $(LINK) $(kf_OBJECTS) $(kf_LDADD) $(LIBS) @@ -452,160 +541,178 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kf.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kfd.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) +install-man1: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + uninstall-man1: @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } +install-man8: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + uninstall-man8: @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -621,13 +728,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -662,6 +773,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -672,6 +784,7 @@ clean-am: clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -682,6 +795,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -689,26 +804,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS install-libexecPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man1 install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -729,11 +853,10 @@ uninstall-am: uninstall-binPROGRAMS uninstall-libexecPROGRAMS \ uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man1 uninstall-man8 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ @@ -822,6 +945,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -907,7 +1033,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -920,6 +1046,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/kf/NTMakefile b/appl/kf/NTMakefile new file mode 100644 index 000000000000..6ade4ab9bfe3 --- /dev/null +++ b/appl/kf/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\kf + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/kf/kf.1 b/appl/kf/kf.1 index 97e408d0d927..c50349e015f4 100644 --- a/appl/kf/kf.1 +++ b/appl/kf/kf.1 @@ -1,35 +1,35 @@ -.\" Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kf.1 11986 2003-04-11 12:43:57Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd July 2, 2000 .Dt KF 1 @@ -41,20 +41,20 @@ .Nm .Oo .Fl p Ar port | -.Fl -port Ns = Ns Ar port +.Fl Fl port Ns = Ns Ar port .Oc .Oo .Fl l Ar login | -.Fl -login Ns = Ns Ar login +.Fl Fl login Ns = Ns Ar login .Oc .Oo .Fl c Ar ccache | -.Fl -ccache Ns = Ns Ar ccache +.Fl Fl ccache Ns = Ns Ar ccache .Oc .Op Fl F | -forwardable .Op Fl G | -no-forwardable .Op Fl h | -help -.Op Fl -version +.Op Fl Fl version .Ar host ... .Sh DESCRIPTION The @@ -65,17 +65,17 @@ Options supported are: .Bl -tag -width indent .It Xo .Fl p Ar port , -.Fl -port Ns = Ns Ar port +.Fl Fl port Ns = Ns Ar port .Xc port to connect to .It Xo .Fl l Ar login , -.Fl -login Ns = Ns Ar login +.Fl Fl login Ns = Ns Ar login .Xc remote login name .It Xo .Fl c Ar ccache , -.Fl -ccache Ns = Ns Ar ccache +.Fl Fl ccache Ns = Ns Ar ccache .Xc remote cred cache .It Fl F , -forwardable @@ -83,7 +83,7 @@ forward forwardable credentials .It Fl G , -no-forwardable do not forward forwardable credentials .It Fl h , -help -.It Fl -version +.It Fl Fl version .El .Pp .Nm @@ -94,7 +94,7 @@ In order for .Nm to work you will need to acquire your initial ticket with forwardable flag, i.e. -.Nm kinit Fl -forwardable . +.Nm kinit Fl Fl forwardable . .Pp .Nm telnet is able to forward tickets by itself. diff --git a/appl/kf/kf.c b/appl/kf/kf.c index 637796548fc0..e3e72ab06c5f 100644 --- a/appl/kf/kf.c +++ b/appl/kf/kf.c @@ -1,38 +1,38 @@ /* - * Copyright (c) 1997 - 2000, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000, 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kf_locl.h" -RCSID("$Id: kf.c 11400 2002-09-05 15:00:03Z joda $"); +RCSID("$Id$"); krb5_context context; static int help_flag; @@ -72,16 +72,16 @@ client_setup(krb5_context *context, int *argc, char **argv) int status; setprogname (argv[0]); - + status = krb5_init_context (context); if (status) errx(1, "krb5_init_context failed: %d", status); - + forwardable = krb5_config_get_bool (*context, NULL, "libdefaults", "forwardable", - NULL); - + NULL); + if (getarg (args, num_args, *argc, argv, &optind)) usage(1, args, num_args); @@ -91,7 +91,7 @@ client_setup(krb5_context *context, int *argc, char **argv) print_version(NULL); exit(0); } - + if(port_str) { struct servent *s = roken_getservbyname(port_str, "tcp"); if(s) @@ -108,7 +108,7 @@ client_setup(krb5_context *context, int *argc, char **argv) if (port == 0) port = krb5_getportbyname (*context, KF_PORT_NAME, "tcp", KF_PORT_NUM); - + if(*argc - optind < 1) usage(1, args, num_args); *argc = optind; @@ -146,6 +146,7 @@ proto (int sock, const char *hostname, const char *service, auth_context, &sock); if (status) { + krb5_auth_con_free(context, auth_context); krb5_warn (context, status, "krb5_auth_con_setaddr"); return 1; } @@ -156,6 +157,7 @@ proto (int sock, const char *hostname, const char *service, KRB5_NT_SRV_HST, &server); if (status) { + krb5_auth_con_free(context, auth_context); krb5_warn (context, status, "krb5_sname_to_principal"); return 1; } @@ -174,6 +176,7 @@ proto (int sock, const char *hostname, const char *service, NULL, NULL); if (status) { + krb5_auth_con_free(context, auth_context); krb5_warn(context, status, "krb5_sendauth"); return 1; } @@ -185,6 +188,7 @@ proto (int sock, const char *hostname, const char *service, data_send.length = strlen(remote_name) + 1; status = krb5_write_priv_message(context, auth_context, &sock, &data_send); if (status) { + krb5_auth_con_free(context, auth_context); krb5_warn (context, status, "krb5_write_message"); return 1; } @@ -192,6 +196,7 @@ proto (int sock, const char *hostname, const char *service, data_send.length = strlen(ccache_name)+1; status = krb5_write_priv_message(context, auth_context, &sock, &data_send); if (status) { + krb5_auth_con_free(context, auth_context); krb5_warn (context, status, "krb5_write_message"); return 1; } @@ -200,18 +205,20 @@ proto (int sock, const char *hostname, const char *service, status = krb5_cc_default (context, &ccache); if (status) { + krb5_auth_con_free(context, auth_context); krb5_warn (context, status, "krb5_cc_default"); return 1; } status = krb5_cc_get_principal (context, ccache, &principal); if (status) { + krb5_auth_con_free(context, auth_context); krb5_warn (context, status, "krb5_cc_get_principal"); return 1; } creds.client = principal; - + status = krb5_make_principal (context, &creds.server, principal->realm, @@ -220,6 +227,7 @@ proto (int sock, const char *hostname, const char *service, NULL); if (status) { + krb5_auth_con_free(context, auth_context); krb5_warn (context, status, "krb5_make_principal"); return 1; } @@ -238,6 +246,7 @@ proto (int sock, const char *hostname, const char *service, &creds, &data); if (status) { + krb5_auth_con_free(context, auth_context); krb5_warn (context, status, "krb5_get_forwarded_creds"); return 1; } @@ -245,13 +254,15 @@ proto (int sock, const char *hostname, const char *service, status = krb5_write_priv_message(context, auth_context, &sock, &data); if (status) { + krb5_auth_con_free(context, auth_context); krb5_warn (context, status, "krb5_mk_priv"); return 1; } - + krb5_data_free (&data); status = krb5_read_priv_message(context, auth_context, &sock, &data); + krb5_auth_con_free(context, auth_context); if (status) { krb5_warn (context, status, "krb5_mk_priv"); return 1; @@ -270,7 +281,7 @@ proto (int sock, const char *hostname, const char *service, } static int -doit (const char *hostname, int port, const char *service, +doit (const char *hostname, int port, const char *service, char *message, size_t len) { struct addrinfo *ai, *a; @@ -313,7 +324,7 @@ main(int argc, char **argv) { int argcc,port,i; int ret=0; - + argcc = argc; port = client_setup(&context, &argcc, argv); diff --git a/appl/kf/kf.cat1 b/appl/kf/kf.cat1 new file mode 100644 index 000000000000..073adedcb5b4 --- /dev/null +++ b/appl/kf/kf.cat1 @@ -0,0 +1,46 @@ + +KF(1) BSD General Commands Manual KF(1) + +NNAAMMEE + kkff -- securely forward tickets + +SSYYNNOOPPSSIISS + kkff [--pp _p_o_r_t | ----ppoorrtt=_p_o_r_t] [--ll _l_o_g_i_n | ----llooggiinn=_l_o_g_i_n] [--cc _c_c_a_c_h_e | + ----ccccaacchhee=_c_c_a_c_h_e] [--FF | ----ffoorrwwaarrddaabbllee] [--GG | ----nnoo--ffoorrwwaarrddaabbllee] + [--hh | ----hheellpp] [----vveerrssiioonn] _h_o_s_t _._._. + +DDEESSCCRRIIPPTTIIOONN + The kkff program forwards tickets to a remote host through an authenticated + and encrypted stream. Options supported are: + + --pp _p_o_r_t, ----ppoorrtt=_p_o_r_t + port to connect to + + --ll _l_o_g_i_n, ----llooggiinn=_l_o_g_i_n + remote login name + + --cc _c_c_a_c_h_e, ----ccccaacchhee=_c_c_a_c_h_e + remote cred cache + + --FF, ----ffoorrwwaarrddaabbllee + forward forwardable credentials + + --GG, ----nnoo--ffoorrwwaarrddaabbllee + do not forward forwardable credentials + + --hh, ----hheellpp + + ----vveerrssiioonn + + kkff is useful when you do not want to enter your password on a remote host + but want to have your tickets one for example AFS. + + In order for kkff to work you will need to acquire your initial ticket with + forwardable flag, i.e. kkiinniitt ----ffoorrwwaarrddaabbllee. + + tteellnneett is able to forward tickets by itself. + +SSEEEE AALLSSOO + kinit(1), telnet(1), kfd(8) + +Heimdal July 2, 2000 Heimdal diff --git a/appl/kf/kf_locl.h b/appl/kf/kf_locl.h index e4d9ee81d81d..3ddee48d692c 100644 --- a/appl/kf/kf_locl.h +++ b/appl/kf/kf_locl.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997 - 1999, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999, 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: kf_locl.h 11376 2002-09-04 20:29:04Z joda $ */ +/* $Id$ */ #ifdef HAVE_CONFIG_H #include diff --git a/appl/kf/kfd.8 b/appl/kf/kfd.8 index f6767498fe7b..8b98c2180bdd 100644 --- a/appl/kf/kfd.8 +++ b/appl/kf/kfd.8 @@ -1,35 +1,35 @@ -.\" Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kfd.8 11648 2003-02-16 21:10:32Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd July 2, 2000 .Dt KFD 8 @@ -41,15 +41,15 @@ .Nm .Oo .Fl p Ar port | -.Fl -port Ns = Ns Ar port +.Fl Fl port Ns = Ns Ar port .Oc .Op Fl i | -inetd .Oo .Fl R Ar regpag | -.Fl -regpag Ns = Ns Ar regpag +.Fl Fl regpag Ns = Ns Ar regpag .Oc .Op Fl h | -help -.Op Fl -version +.Op Fl Fl version .Sh DESCRIPTION This is the daemon for .Xr kf 1 . @@ -57,14 +57,14 @@ Supported options: .Bl -tag -width indent .It Xo .Fl p Ar port , -.Fl -port Ns = Ns Ar port +.Fl Fl port Ns = Ns Ar port .Xc port to listen to .It Fl i , -inetd not started from inetd .It Xo .Fl R Ar regpag , -.Fl -regpag= Ns Ar regpag +.Fl Fl regpag= Ns Ar regpag .Xc path to regpag binary .El diff --git a/appl/kf/kfd.c b/appl/kf/kfd.c index 9d8c84c39026..71f48c9350f8 100644 --- a/appl/kf/kfd.c +++ b/appl/kf/kfd.c @@ -1,38 +1,38 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kf_locl.h" -RCSID("$Id: kfd.c 15246 2005-05-27 13:47:20Z lha $"); +RCSID("$Id$"); krb5_context context; char krb5_tkfile[MAXPATHLEN]; @@ -76,7 +76,7 @@ server_setup(krb5_context *context, int argc, char **argv) print_version(NULL); exit(0); } - + if(port_str){ struct servent *s = roken_getservbyname(port_str, "tcp"); if(s) @@ -96,7 +96,7 @@ server_setup(krb5_context *context, int argc, char **argv) if(argv[local_argc] != NULL) usage(1, args, num_args); - + return port; } @@ -189,7 +189,7 @@ proto (int sock, const char *service) &sock, &remotename); if (status) krb5_err(context, 1, status, "krb5_read_message"); - status=krb5_read_priv_message (context, auth_context, + status=krb5_read_priv_message (context, auth_context, &sock, &tk_file); if (status) krb5_err(context, 1, status, "krb5_read_message"); @@ -274,14 +274,17 @@ proto (int sock, const char *service) data.data = ret_string; data.length = strlen(ret_string) + 1; - return krb5_write_priv_message(context, auth_context, &sock, &data); + status = krb5_write_priv_message(context, auth_context, &sock, &data); + krb5_auth_con_free(context, auth_context); + + return status; } static int doit (int port, const char *service) { if (do_inetd) - mini_inetd(port); + mini_inetd(port, NULL); return proto (STDIN_FILENO, service); } diff --git a/appl/kf/kfd.cat8 b/appl/kf/kfd.cat8 new file mode 100644 index 000000000000..1fb8700367fd --- /dev/null +++ b/appl/kf/kfd.cat8 @@ -0,0 +1,31 @@ + +KFD(8) BSD System Manager's Manual KFD(8) + +NNAAMMEE + kkffdd -- receive forwarded tickets + +SSYYNNOOPPSSIISS + kkffdd [--pp _p_o_r_t | ----ppoorrtt=_p_o_r_t] [--ii | ----iinneettdd] [--RR _r_e_g_p_a_g | ----rreeggppaagg=_r_e_g_p_a_g] + [--hh | ----hheellpp] [----vveerrssiioonn] + +DDEESSCCRRIIPPTTIIOONN + This is the daemon for kf(1). Supported options: + + --pp _p_o_r_t, ----ppoorrtt=_p_o_r_t + port to listen to + + --ii, ----iinneettdd + not started from inetd + + --RR _r_e_g_p_a_g, ----rreeggppaagg==_r_e_g_p_a_g + path to regpag binary + +EEXXAAMMPPLLEESS + Put the following in _/_e_t_c_/_i_n_e_t_d_._c_o_n_f: + + kf stream tcp nowait root /usr/heimdal/libexec/kfd kfd + +SSEEEE AALLSSOO + kf(1) + +Heimdal July 2, 2000 Heimdal diff --git a/appl/kx/ChangeLog b/appl/kx/ChangeLog new file mode 100644 index 000000000000..4784630276ea --- /dev/null +++ b/appl/kx/ChangeLog @@ -0,0 +1,457 @@ +2007-04-19 Love Hörnquist Ã…strand + + * make encoding function independent of krb4 and krb5, enable + removal of krb4 + +2006-10-07 Love Hörnquist Ã…strand + + * Makefile.am: Add man_MANS to EXTRA_DIST + +2006-05-05 Love Hörnquist Ã…strand + + * Rename u_intXX_t to uintXX_t + +2005-07-09 Love Hörquist Ã…strand + + * kxd.c (doit): only cleaup for active sockets, passive does it + own cleaning up + + * fix unconst and shadow warnings + +2005-07-07 Assar Westerlund + + * krb4.c: Do not assume that des_key_schedule is an + array. + +2005-06-07 Love Hörquist Ã…strand + + * (recv_conn): init variables to using them uninitialized + +2005-04-30 Love Hörquist Ã…strand + + * kx.c (connect_host): make sure s is initialized + +2005-04-20 Love Hörquist Ã…strand + + * krb5.c: cast size_t to unsigned long + +2004-03-15 Love Hörquist Ã…strand + + * krb5.c (krb5_destroy): free allocated memory, not something else + +2004-03-07 Love Hörquist Ã…strand + + * rxtelnet.1: document new behavior + + * rxtelnet.in: even if kx failes, start anyway From: Harald Barth + + +2004-02-18 Love Hörquist Ã…strand + + * krb4.c: remove dup on + +2004-01-08 Love Hörquist Ã…strand + + * krb5.c: clean up krb5 support, log to syslog instead of stdout + (very confusing for the other end tcp connection), patch + originally from joda + +2003-11-13 Johan Danielsson + + * rxtelnet.in: add telnet -F option + +2003-05-15 Love Hörquist Ã…strand + + * kxd.c (recv_conn): pass pointer to sockaddr, not pointer to + pointer + + * kxd.c (recv_conn): get sizeof of the sockaddr_storage, not the + sockaddr pointer + + * kxd.c (recv_conn): if getnameinfo failes, send error to client + (and syslog) + +2003-04-16 Johan Danielsson + + * kx.c (doit_{passive,active}): use kc->thataddr directly + + * kx.h: don't directly use sockaddr_storage, since we can't always + know what it looks like + +2003-04-11 Love Hörquist Ã…strand + + * rxterm.1: spelling, from jmc + * rxtelnet.1: spelling, from jmc + * kxd.8: spelling, from jmc + * kx.1: spelling, from jmc + +2003-02-25 Love Hörquist Ã…strand + + * krb4.c: remove \n from warnx, from NetBSD + +2002-12-11 Johan Danielsson + + * kx.c (connect_host): pass size of thisaddr_ss to getsockname + +2002-10-15 Johan Danielsson + + * some ipv6 support (from Love) + +2002-09-09 Johan Danielsson + + * krb5.c (krb5_authenticate): use subkey + +2002-08-22 Johan Danielsson + + * common.c: remove only reference to strndup + +2002-05-07 Johan Danielsson + + * krb5.c: use krb5_warn where appropriate + +2002-03-18 Johan Danielsson + + * rxtelnet.in, rxterm.in: add forward (-f) option + +2001-09-17 Assar Westerlund + + * kx.h: add a kludge to make it build on aix (that defines NOERROR + in both sys/stream.h and arpa/nameser.h and considers that a fatal + error) + +2001-07-12 Assar Westerlund + + * common.c (connect_local_xsocket): handle a tcp socket as last + resort + + * rxterm.in: add -K (send arguments to kx) + * rxtelnet.in: add -K (send arguments to kx) + +2001-06-21 Assar Westerlund + + * rxterm.in: add -b for pointing to the rsh program. from + + * rxtelnet.in: add -b for pointing to the telnet program. from + + +2001-01-17 Johan Danielsson + + * common.c: don't write to string constants + +2000-12-31 Assar Westerlund + + * krb5.c (krb5_make_context): handle krb5_init_context failure + consistently + +2000-10-08 Assar Westerlund + + * kxd.c (doit_passive): check that fds are not too large to select + on + * kx.c (doit_active): check that fds are not too large to select + on + * krb5.c (krb5_copy_encrypted): check that fds are not too large + to select on + * krb4.c (krb4_copy_encrypted): check that fds are not too large + to select on + +2000-07-17 Johan Danielsson + + * Makefile.am: use conditional for X + +2000-06-10 Assar Westerlund + + * Makefile.in: use INSTALL_SCRIPT for installing rxterm, rxtelnet, + tenletxr + +2000-04-19 Assar Westerlund + + * common.c: try hostname uncanonified if getaddrinfo() fails + +2000-02-06 Assar Westerlund + + * kx.h: remove old prorotypes + +2000-01-08 Assar Westerlund + + * common.c (match_local_auth): handle ai_canonname being set in + any of the addresses returnedby getaddrinfo. glibc apparently + returns the reverse lookup of every address in ai_canonname. + +1999-12-28 Assar Westerlund + + * kxd.c (main): call krb5_getportbyname with the default in + host-byte-order + +1999-12-17 Assar Westerlund + + * common.c (match_local_auth): remove extra brace. spotted by + Jakob Schlyter + +1999-12-16 Assar Westerlund + + * common.c (match_local_auth): handle ai_canonname not being set + +1999-12-06 Assar Westerlund + + * krb4.c (krb4_authenticate): the NAT address might not be the one + for the relevant realm, try anyway. + * kxd.c (recv_conn): type correctness + * kx.c (connect_host): typo + +1999-12-05 Assar Westerlund + + * common.c (INADDR_LOOPBACK): remove. now in roken. + + * kxd.c (recv_conn): use getnameinfo_verified + * kxd.c (recv_conn): replace inaddr2str with getnameinfo + +1999-12-04 Assar Westerlund + + * kx.c (connect_host): use getaddrinfo + * common.c (find_auth_cookie, match_local_auth): re-write to use + getaddrinfo + +1999-11-27 Assar Westerlund + + * kxd.c (recv_conn): better errors when getting unrecognized data + +1999-11-25 Assar Westerlund + + * krb4.c (krb4_authenticate): obtain the `local' address when + doing NAT. also turn on passive mode. From + +1999-11-18 Assar Westerlund + + * krb5.c (krb5_destroy): free the correct part of the context + +1999-11-02 Assar Westerlund + + * kx.c (main): redo the v4/v5 selection for consistency. -4 -> + try only v4 -5 -> try only v5 none, -45 -> try v5, v4 + +1999-10-10 Assar Westerlund + + * Makefile.am (CLEANFILES): add generated files so that they get + cleaned away + +1999-09-29 Assar Westerlund + + * common.c (match_local_auth): only look for FamilyLocal (and + FamilyWild) cookies. This will not work when we start talking tcp + to the local X-server but `connect_local_xsocket' and the rest of + the code doesn't handle it anyway and the old code could (and did) + pick up the wrong cookie sometimes. If we have to match + FamilyInternet cookies, the search order has to be changed anyway + +1999-09-02 Assar Westerlund + + * kxd.c (childhandler): watch for child `wait_on_pid' to die. + (recv_conn): set `wait_on_pid' instead of looping on waitpid here + also. This should solve the problem of kxd looping which was + caused by the signal handler getting invoked before this waitpid + and reaping the child leaving this poor loop without any child + +1999-08-19 Assar Westerlund + + * kxd.c (recv_conn): give better error message + (doit_active): don't die if fork gives EAGAIN + +1999-08-19 Johan Danielsson + + * kxd.c (recv_conn): call setjob on crays; + (doit_passive): if fork fails with EAGAIN, don't shutdown, just close + the connection re-implement `-t' flag + +1999-07-12 Assar Westerlund + + * Makefile.am: handle not building X programs + +1999-06-23 Assar Westerlund + + * kx.c: conditionalize krb_enable_debug + +1999-06-20 Assar Westerlund + + * kxd.c (main): hopefully do inetd confusion right + +1999-06-15 Assar Westerlund + + * krb4.c (krb4_authenticate): get rid of a warning + + * kx.h: const-pollution + + * kx.c: use get_default_username and resulting const pollution + + * context.c (context_set): const pollution + +1999-05-22 Assar Westerlund + + * kxd.c (recv_conn): fix syslog messages + (main): fix inetd_flag thinko + +1999-05-21 Assar Westerlund + + * kx.c (main): don't byte-swap the argument to krb5_getportbyname + + * kx.c (main): try to use $USERNAME + +1999-05-10 Assar Westerlund + + * Makefile.in (SOURCES*): update sources list + + * kx.c (main): forgot to conditionalize some KRB5 code + + * kxd.c (main): use getarg + (*): handle v4 and/or v5 + + * kx.h: update + + * kx.c (main): use getarg. + (*): handle v4 and/or v5 + + * common.c (do_enccopy, copy_encrypted): remove use + net_{read,write} instead of krb_net_{read,write} + (krb_get_int, krb_put_int): include fallback of these for when we + compile without krb4 + + * Makefile.am (*_SOURCES): remove encdata, add krb[45].c, + context.c + (LDADD): add krb5 + + * krb4.c, krb5.c, context.c: new files + +1999-05-08 Assar Westerlund + + * kxd.c (doit_passive): handle error code from + create_and_write_cookie + + * kx.c (doit_active): handle error code from + create_and_write_cookie + + * common.c (create_and_write_cookie): try to return better (and + correct) errors. Based on a patch from Love + + * common.c (try_pie): more braces + (match_local_auth): new function + (find_auth_cookie): new function + (replace_cookie): don't just take the first auth cookie. based on + patch from Ake Sandgren + +Wed Apr 7 23:39:23 1999 Assar Westerlund + + * common.c (get_xsockets): init local variable to get rid of a gcc + warning + +Thu Apr 1 21:11:36 1999 Johan Danielsson + + * Makefile.in: fix for writeauth.o + +Fri Mar 19 15:12:31 1999 Johan Danielsson + + * kx.c: add gcc-braces + +Thu Mar 18 11:18:20 1999 Johan Danielsson + + * Makefile.am: include Makefile.am.common + +Thu Mar 11 14:58:32 1999 Johan Danielsson + + * writeauth.c: protoize + + * common.c: fix some warnings + +Wed Mar 10 19:33:39 1999 Johan Danielsson + + * kxd.c: openlog -> roken_openlog + +Wed Feb 3 22:01:55 1999 Assar Westerlund + + * rxtelnet.in: print out what telnet program we are running. From + + + * tenletxr.in: add --version, [-h | --help], -v + + * rxterm.in: add --version, [-h | --help], -v + + * rxtelnet.in: add --version, [-h | --help], -v + + * Makefile.in (rxterm, rxtelnet, telnetxr): substitute VERSION and + PACKAGE + + * rxtelnet.in: update usage string + +Fri Jan 22 23:51:05 1999 Assar Westerlund + + * common.c (verify_and_remove_cookies): give back a meaningful + error message if we're using the wrong cookie + +Fri Dec 18 17:42:02 1998 Assar Westerlund + + * common.c (replace_cookie): try to handle the case of not finding + any cookies + +Sun Nov 22 10:31:53 1998 Assar Westerlund + + * Makefile.in (WFLAGS): set + +Wed Nov 18 20:25:37 1998 Assar Westerlund + + * rxtelnet.in: new argument -n for not starting any terminal + emulator + + * kx.c (doit_passive): parse $DISPLAY correctly + +Fri Oct 2 06:34:51 1998 Assar Westerlund + + * kx.c (doit_active): check DISPLAY to figure out what local + socket to connect to. From Ã…ke Sandgren + +Thu Oct 1 23:02:29 1998 Johan Danielsson + + * kx.h: case MAY_HAVE_X11_PIPES with Solaris + +Tue Sep 29 02:22:44 1998 Assar Westerlund + + * kx.c: fix from Ake Sandgren + +Mon Sep 28 18:04:03 1998 Johan Danielsson + + * common.c (try_pipe): return -1 if I_PUSH fails with ENOSYS + +Sat Sep 26 17:34:21 1998 Assar Westerlund + + * kxd.c: create sockets before setuid to handle Solaris' strange + permissions on /tmp/.X11-{unix,pipe} + + * common.c (chown_xsockets): new function + + * kx.h (chown_xsockets): new prototype + +Sun Aug 16 18:34:30 1998 Assar Westerlund + + * kxd.c (doit_passive): conditionalize stream pipe code + + * implement support for Solaris's named-pipe X transport + +Thu May 28 17:20:39 1998 Johan Danielsson + + * common.c: fix for (compiler?) bug in solaris 2.4 bind + + * kx.c: get_xsockets returns int, not unsigned + +Wed May 27 04:20:20 1998 Assar Westerlund + + * kxd.c (doit): better error reporting + +Tue May 26 17:41:23 1998 Johan Danielsson + + * kx.c: use krb_enable_debug + +Mon May 25 05:22:18 1998 Assar Westerlund + + * Makefile.in (clean): remove encdata.c + +Fri May 1 07:16:36 1998 Assar Westerlund + + * kx.c: unifdef -DHAVE_H_ERRNO + diff --git a/appl/kx/Makefile.am b/appl/kx/Makefile.am new file mode 100644 index 000000000000..37036bd58846 --- /dev/null +++ b/appl/kx/Makefile.am @@ -0,0 +1,70 @@ +# $Id$ + +include $(top_srcdir)/Makefile.am.common + +AM_CPPFLAGS += $(X_CFLAGS) + +WFLAGS += $(WFLAGS_NOIMPLICITINT) + +if HAVE_X + +bin_PROGRAMS = kx +bin_SCRIPTS = rxterm rxtelnet tenletxr +libexec_PROGRAMS = kxd + +else + +bin_PROGRAMS = +bin_SCRIPTS = +libexec_PROGRAMS = + +endif + +CLEANFILES = rxterm rxtelnet tenletxr + +if NEED_WRITEAUTH +XauWriteAuth_c = writeauth.c +endif + +kx_SOURCES = \ + kx.c \ + kx.h \ + common.c \ + context.c \ + krb5.c \ + $(XauWriteAuth_c) + +EXTRA_kx_SOURCES = writeauth.c + +kxd_SOURCES = \ + kxd.c \ + kx.h \ + common.c \ + context.c \ + krb5.c \ + $(XauWriteAuth_c) + +EXTRA_kxd_SOURCES = writeauth.c + +EXTRA_DIST = NTMakefile rxterm.in rxtelnet.in tenletxr.in $(man_MANS) + +man_MANS = kx.1 rxtelnet.1 rxterm.1 tenletxr.1 kxd.8 + +rxterm: rxterm.in + sed -e "s!%bindir%!$(bindir)!" $(srcdir)/rxterm.in > $@ + chmod +x $@ + +rxtelnet: rxtelnet.in + sed -e "s!%bindir%!$(bindir)!" $(srcdir)/rxtelnet.in > $@ + chmod +x $@ + +tenletxr: tenletxr.in + sed -e "s!%bindir%!$(bindir)!" $(srcdir)/tenletxr.in > $@ + chmod +x $@ + +LDADD = \ + $(LIB_kafs) \ + $(LIB_krb5) \ + $(LIB_hcrypto) \ + $(LIB_roken) \ + $(X_LIBS) $(LIB_XauReadAuth) $(X_PRE_LIBS) $(X_EXTRA_LIBS) diff --git a/appl/kx/Makefile.in b/appl/kx/Makefile.in new file mode 100644 index 000000000000..3b0d36798ddd --- /dev/null +++ b/appl/kx/Makefile.in @@ -0,0 +1,1142 @@ +# Makefile.in generated by automake 1.11.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# $Id$ + +# $Id$ + +# $Id$ + + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ + $(top_srcdir)/Makefile.am.common \ + $(top_srcdir)/cf/Makefile.am.common ChangeLog +@HAVE_X_TRUE@bin_PROGRAMS = kx$(EXEEXT) +@HAVE_X_TRUE@libexec_PROGRAMS = kxd$(EXEEXT) +subdir = appl/kx +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ + $(top_srcdir)/cf/broken-getaddrinfo.m4 \ + $(top_srcdir)/cf/broken-glob.m4 \ + $(top_srcdir)/cf/broken-realloc.m4 \ + $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ + $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ + $(top_srcdir)/cf/capabilities.m4 \ + $(top_srcdir)/cf/check-compile-et.m4 \ + $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ + $(top_srcdir)/cf/check-man.m4 \ + $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ + $(top_srcdir)/cf/check-type-extra.m4 \ + $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ + $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ + $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/find-func-no-libs.m4 \ + $(top_srcdir)/cf/find-func-no-libs2.m4 \ + $(top_srcdir)/cf/find-func.m4 \ + $(top_srcdir)/cf/find-if-not-broken.m4 \ + $(top_srcdir)/cf/framework-security.m4 \ + $(top_srcdir)/cf/have-struct-field.m4 \ + $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ + $(top_srcdir)/cf/krb-bigendian.m4 \ + $(top_srcdir)/cf/krb-func-getlogin.m4 \ + $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ + $(top_srcdir)/cf/krb-readline.m4 \ + $(top_srcdir)/cf/krb-struct-spwd.m4 \ + $(top_srcdir)/cf/krb-struct-winsize.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ + $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ + $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ + $(top_srcdir)/cf/roken-frag.m4 \ + $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ + $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ + $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ + $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/include/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" \ + "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" \ + "$(DESTDIR)$(man8dir)" +PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) +am__kx_SOURCES_DIST = kx.c kx.h common.c context.c krb5.c writeauth.c +@NEED_WRITEAUTH_TRUE@am__objects_1 = writeauth.$(OBJEXT) +am_kx_OBJECTS = kx.$(OBJEXT) common.$(OBJEXT) context.$(OBJEXT) \ + krb5.$(OBJEXT) $(am__objects_1) +kx_OBJECTS = $(am_kx_OBJECTS) +kx_LDADD = $(LDADD) +am__DEPENDENCIES_1 = +am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ + $(am__DEPENDENCIES_1) +kx_DEPENDENCIES = $(am__DEPENDENCIES_2) $(LIB_krb5) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +am__kxd_SOURCES_DIST = kxd.c kx.h common.c context.c krb5.c \ + writeauth.c +am_kxd_OBJECTS = kxd.$(OBJEXT) common.$(OBJEXT) context.$(OBJEXT) \ + krb5.$(OBJEXT) $(am__objects_1) +kxd_OBJECTS = $(am_kxd_OBJECTS) +kxd_LDADD = $(LDADD) +kxd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(LIB_krb5) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +SCRIPTS = $(bin_SCRIPTS) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(kx_SOURCES) $(EXTRA_kx_SOURCES) $(kxd_SOURCES) \ + $(EXTRA_kxd_SOURCES) +DIST_SOURCES = $(am__kx_SOURCES_DIST) $(EXTRA_kx_SOURCES) \ + $(am__kxd_SOURCES_DIST) $(EXTRA_kxd_SOURCES) +man1dir = $(mandir)/man1 +man8dir = $(mandir)/man8 +MANS = $(man_MANS) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMTAR = @AMTAR@ +AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +COMPILE_ET = @COMPILE_ET@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ +DBLIB = @DBLIB@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DIR_com_err = @DIR_com_err@ +DIR_hcrypto = @DIR_hcrypto@ +DIR_hdbdir = @DIR_hdbdir@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GREP = @GREP@ +GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ +INCLUDE_hcrypto = @INCLUDE_hcrypto@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ +INCLUDE_openldap = @INCLUDE_openldap@ +INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBADD_roken = @LIBADD_roken@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_NDBM = @LIB_NDBM@ +LIB_XauFileName = @LIB_XauFileName@ +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_XauWriteAuth = @LIB_XauWriteAuth@ +LIB_bswap16 = @LIB_bswap16@ +LIB_bswap32 = @LIB_bswap32@ +LIB_com_err = @LIB_com_err@ +LIB_com_err_a = @LIB_com_err_a@ +LIB_com_err_so = @LIB_com_err_so@ +LIB_crypt = @LIB_crypt@ +LIB_db_create = @LIB_db_create@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ +LIB_door_create = @LIB_door_create@ +LIB_freeaddrinfo = @LIB_freeaddrinfo@ +LIB_gai_strerror = @LIB_gai_strerror@ +LIB_getaddrinfo = @LIB_getaddrinfo@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_gethostbyname2 = @LIB_gethostbyname2@ +LIB_getnameinfo = @LIB_getnameinfo@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_hcrypto = @LIB_hcrypto@ +LIB_hcrypto_a = @LIB_hcrypto_a@ +LIB_hcrypto_appl = @LIB_hcrypto_appl@ +LIB_hcrypto_so = @LIB_hcrypto_so@ +LIB_hesiod = @LIB_hesiod@ +LIB_hstrerror = @LIB_hstrerror@ +LIB_kdb = @LIB_kdb@ +LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ +LIB_loadquery = @LIB_loadquery@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_openldap = @LIB_openldap@ +LIB_openpty = @LIB_openpty@ +LIB_otp = @LIB_otp@ +LIB_pidfile = @LIB_pidfile@ +LIB_readline = @LIB_readline@ +LIB_res_ndestroy = @LIB_res_ndestroy@ +LIB_res_nsearch = @LIB_res_nsearch@ +LIB_res_search = @LIB_res_search@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ +STRIP = @STRIP@ +VERSION = @VERSION@ +VERSIONING = @VERSIONING@ +WFLAGS = @WFLAGS@ $(WFLAGS_NOIMPLICITINT) +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +XMKMF = @XMKMF@ +X_CFLAGS = @X_CFLAGS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_LIBS = @X_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dpagaix_cflags = @dpagaix_cflags@ +dpagaix_ldadd = @dpagaix_ldadd@ +dpagaix_ldflags = @dpagaix_ldflags@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +subdirs = @subdirs@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(X_CFLAGS) +@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME +AM_CFLAGS = $(WFLAGS) +CP = cp +buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_setpcred = @LIB_setpcred@ +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal +NROFF_MAN = groff -mandoc -Tascii +LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la + +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la +@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la +@HAVE_X_FALSE@bin_SCRIPTS = +@HAVE_X_TRUE@bin_SCRIPTS = rxterm rxtelnet tenletxr +CLEANFILES = rxterm rxtelnet tenletxr +@NEED_WRITEAUTH_TRUE@XauWriteAuth_c = writeauth.c +kx_SOURCES = \ + kx.c \ + kx.h \ + common.c \ + context.c \ + krb5.c \ + $(XauWriteAuth_c) + +EXTRA_kx_SOURCES = writeauth.c +kxd_SOURCES = \ + kxd.c \ + kx.h \ + common.c \ + context.c \ + krb5.c \ + $(XauWriteAuth_c) + +EXTRA_kxd_SOURCES = writeauth.c +EXTRA_DIST = NTMakefile rxterm.in rxtelnet.in tenletxr.in $(man_MANS) +man_MANS = kx.1 rxtelnet.1 rxterm.1 tenletxr.1 kxd.8 +LDADD = \ + $(LIB_kafs) \ + $(LIB_krb5) \ + $(LIB_hcrypto) \ + $(LIB_roken) \ + $(X_LIBS) $(LIB_XauReadAuth) $(X_PRE_LIBS) $(X_EXTRA_LIBS) + +all: all-am + +.SUFFIXES: +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/kx/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/kx/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-binPROGRAMS: $(bin_PROGRAMS) + @$(NORMAL_INSTALL) + test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done + +uninstall-binPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files + +clean-binPROGRAMS: + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +install-libexecPROGRAMS: $(libexec_PROGRAMS) + @$(NORMAL_INSTALL) + test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done + +uninstall-libexecPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files + +clean-libexecPROGRAMS: + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +kx$(EXEEXT): $(kx_OBJECTS) $(kx_DEPENDENCIES) + @rm -f kx$(EXEEXT) + $(LINK) $(kx_OBJECTS) $(kx_LDADD) $(LIBS) +kxd$(EXEEXT): $(kxd_OBJECTS) $(kxd_DEPENDENCIES) + @rm -f kxd$(EXEEXT) + $(LINK) $(kxd_OBJECTS) $(kxd_LDADD) $(LIBS) +install-binSCRIPTS: $(bin_SCRIPTS) + @$(NORMAL_INSTALL) + test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" + @list='$(bin_SCRIPTS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n' \ + -e 'h;s|.*|.|' \ + -e 'p;x;s,.*/,,;$(transform)' | sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1; } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) { files[d] = files[d] " " $$1; \ + if (++n[d] == $(am__install_max)) { \ + print "f", d, files[d]; n[d] = 0; files[d] = "" } } \ + else { print "f", d "/" $$4, $$1 } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_SCRIPT) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_SCRIPT) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done + +uninstall-binSCRIPTS: + @$(NORMAL_UNINSTALL) + @list='$(bin_SCRIPTS)'; test -n "$(bindir)" || exit 0; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 's,.*/,,;$(transform)'`; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/common.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/context.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kx.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kxd.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/writeauth.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-man1: $(man_MANS) + @$(NORMAL_INSTALL) + test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + +uninstall-man1: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } +install-man8: $(man_MANS) + @$(NORMAL_INSTALL) + test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + +uninstall-man8: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$(top_distdir)" distdir="$(distdir)" \ + dist-hook +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +all-am: Makefile $(PROGRAMS) $(SCRIPTS) $(MANS) all-local +installdirs: + for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ + clean-libtool mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-man + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-data-hook +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: install-binPROGRAMS install-binSCRIPTS \ + install-libexecPROGRAMS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: install-man1 install-man8 + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-binPROGRAMS uninstall-binSCRIPTS \ + uninstall-libexecPROGRAMS uninstall-man + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) uninstall-hook +uninstall-man: uninstall-man1 uninstall-man8 + +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am + +.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ + clean clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ + clean-libtool ctags dist-hook distclean distclean-compile \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-binPROGRAMS install-binSCRIPTS install-data \ + install-data-am install-data-hook install-dvi install-dvi-am \ + install-exec install-exec-am install-exec-hook install-html \ + install-html-am install-info install-info-am \ + install-libexecPROGRAMS install-man install-man1 install-man8 \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-binPROGRAMS uninstall-binSCRIPTS uninstall-hook \ + uninstall-libexecPROGRAMS uninstall-man uninstall-man1 \ + uninstall-man8 + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) + @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done ; \ + foo='$(nobase_include_HEADERS)'; \ + for f in $$foo; do \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers + +check-local:: + @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ + foo=''; elif test '$(CHECK_LOCAL)'; then \ + foo='$(CHECK_LOCAL)'; else \ + foo='$(PROGRAMS)'; fi; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0 || exit 1; \ + fi + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +uninstall-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +install-data-hook: install-cat-mans +uninstall-hook: uninstall-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +# +# Useful target for debugging +# + +check-valgrind: + tobjdir=`cd $(top_builddir) && pwd` ; \ + tsrcdir=`cd $(top_srcdir) && pwd` ; \ + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check + +# +# Target to please samba build farm, builds distfiles in-tree. +# Will break when automake changes... +# + +distdir-in-tree: $(DISTFILES) $(INFO_DEPS) + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" != .; then \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ + fi ; \ + done + +rxterm: rxterm.in + sed -e "s!%bindir%!$(bindir)!" $(srcdir)/rxterm.in > $@ + chmod +x $@ + +rxtelnet: rxtelnet.in + sed -e "s!%bindir%!$(bindir)!" $(srcdir)/rxtelnet.in > $@ + chmod +x $@ + +tenletxr: tenletxr.in + sed -e "s!%bindir%!$(bindir)!" $(srcdir)/tenletxr.in > $@ + chmod +x $@ + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/appl/kx/NTMakefile b/appl/kx/NTMakefile new file mode 100644 index 000000000000..7d4b89a831e6 --- /dev/null +++ b/appl/kx/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\kx + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/kx/common.c b/appl/kx/common.c new file mode 100644 index 000000000000..b19b685f30b1 --- /dev/null +++ b/appl/kx/common.c @@ -0,0 +1,813 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kx.h" + +RCSID("$Id$"); + +char x_socket[MaxPathLen]; + +uint32_t display_num; +char display[MaxPathLen]; +int display_size = sizeof(display); +char xauthfile[MaxPathLen]; +int xauthfile_size = sizeof(xauthfile); +u_char cookie[16]; +size_t cookie_len = sizeof(cookie); + +#ifndef X_UNIX_PATH +#define X_UNIX_PATH "/tmp/.X11-unix/X" +#endif + +#ifndef X_PIPE_PATH +#define X_PIPE_PATH "/tmp/.X11-pipe/X" +#endif + +/* + * Allocate a unix domain socket in `s' for display `dpy' and with + * filename `pattern' + * + * 0 if all is OK + * -1 if bind failed badly + * 1 if dpy is already used */ + +static int +try_socket (struct x_socket *s, int dpy, const char *pattern) +{ + struct sockaddr_un addr; + int fd; + + fd = socket (AF_UNIX, SOCK_STREAM, 0); + if (fd < 0) + err (1, "socket AF_UNIX"); + memset (&addr, 0, sizeof(addr)); + addr.sun_family = AF_UNIX; + snprintf (addr.sun_path, sizeof(addr.sun_path), pattern, dpy); + if(bind(fd, + (struct sockaddr *)&addr, + sizeof(addr)) < 0) { + close (fd); + if (errno == EADDRINUSE || + errno == EACCES /* Cray return EACCESS */ +#ifdef ENOTUNIQ + || errno == ENOTUNIQ /* bug in Solaris 2.4 */ +#endif + ) + return 1; + else + return -1; + } + s->fd = fd; + s->pathname = strdup (addr.sun_path); + if (s->pathname == NULL) + errx (1, "strdup: out of memory"); + s->flags = UNIX_SOCKET; + return 0; +} + +#ifdef MAY_HAVE_X11_PIPES +/* + * Allocate a stream (masqueraded as a named pipe) + * + * 0 if all is OK + * -1 if bind failed badly + * 1 if dpy is already used + */ + +static int +try_pipe (struct x_socket *s, int dpy, const char *pattern) +{ + char path[MAXPATHLEN]; + int ret; + int fd; + int pipefd[2]; + + snprintf (path, sizeof(path), pattern, dpy); + fd = open (path, O_WRONLY | O_CREAT | O_EXCL, 0600); + if (fd < 0) { + if (errno == EEXIST) + return 1; + else + return -1; + } + + close (fd); + + ret = pipe (pipefd); + if (ret < 0) + err (1, "pipe"); + + ret = ioctl (pipefd[1], I_PUSH, "connld"); + if (ret < 0) { + if(errno == ENOSYS) + return -1; + err (1, "ioctl I_PUSH"); + } + + ret = fattach (pipefd[1], path); + if (ret < 0) + err (1, "fattach %s", path); + + s->fd = pipefd[0]; + close (pipefd[1]); + s->pathname = strdup (path); + if (s->pathname == NULL) + errx (1, "strdup: out of memory"); + s->flags = STREAM_PIPE; + return 0; +} +#endif /* MAY_HAVE_X11_PIPES */ + +/* + * Try to create a TCP socket in `s' corresponding to display `dpy'. + * + * 0 if all is OK + * -1 if bind failed badly + * 1 if dpy is already used + */ + +static int +try_tcp (struct x_socket *s, int dpy) +{ + struct sockaddr_in tcpaddr; + struct in_addr local; + int one = 1; + int fd; + + memset(&local, 0, sizeof(local)); + local.s_addr = htonl(INADDR_LOOPBACK); + + fd = socket (AF_INET, SOCK_STREAM, 0); + if (fd < 0) + err (1, "socket AF_INET"); +#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT) + setsockopt (fd, IPPROTO_TCP, TCP_NODELAY, (void *)&one, + sizeof(one)); +#endif + memset (&tcpaddr, 0, sizeof(tcpaddr)); + tcpaddr.sin_family = AF_INET; + tcpaddr.sin_addr = local; + tcpaddr.sin_port = htons(6000 + dpy); + if (bind (fd, (struct sockaddr *)&tcpaddr, + sizeof(tcpaddr)) < 0) { + close (fd); + if (errno == EADDRINUSE) + return 1; + else + return -1; + } + s->fd = fd; + s->pathname = NULL; + s->flags = TCP; + return 0; +} + +/* + * The potential places to create unix sockets. + */ + +static char *x_sockets[] = { +X_UNIX_PATH "%u", +"/var/X/.X11-unix/X" "%u", +"/usr/spool/sockets/X11/" "%u", +NULL +}; + +/* + * Dito for stream pipes. + */ + +#ifdef MAY_HAVE_X11_PIPES +static char *x_pipes[] = { +X_PIPE_PATH "%u", +"/var/X/.X11-pipe/X" "%u", +NULL +}; +#endif + +/* + * Create the directory corresponding to dirname of `path' or fail. + */ + +static void +try_mkdir (const char *path) +{ + char *dir; + char *p; + int oldmask; + + if((dir = strdup (path)) == NULL) + errx (1, "strdup: out of memory"); + p = strrchr (dir, '/'); + if (p) + *p = '\0'; + + oldmask = umask(0); + mkdir (dir, 01777); + umask (oldmask); + free (dir); +} + +/* + * Allocate a display, returning the number of sockets in `number' and + * all the corresponding sockets in `sockets'. If `tcp_socket' is + * true, also allcoaet a TCP socket. + * + * The return value is the display allocated or -1 if an error occurred. + */ + +int +get_xsockets (int *number, struct x_socket **sockets, int tcp_socket) +{ + int dpy; + struct x_socket *s; + int n; + int i; + + s = malloc (sizeof(*s) * 5); + if (s == NULL) + errx (1, "malloc: out of memory"); + + try_mkdir (X_UNIX_PATH); + try_mkdir (X_PIPE_PATH); + + for(dpy = 4; dpy < 256; ++dpy) { + char **path; + int tmp = 0; + + n = 0; + for (path = x_sockets; *path; ++path) { + tmp = try_socket (&s[n], dpy, *path); + if (tmp == -1) { + if (errno != ENOTDIR && errno != ENOENT) + err(1, "failed to open '%s'", *path); + } else if (tmp == 1) { + while(--n >= 0) { + close (s[n].fd); + free (s[n].pathname); + } + break; + } else if (tmp == 0) + ++n; + } + if (tmp == 1) + continue; + +#ifdef MAY_HAVE_X11_PIPES + for (path = x_pipes; *path; ++path) { + tmp = try_pipe (&s[n], dpy, *path); + if (tmp == -1) { + if (errno != ENOTDIR && errno != ENOENT && errno != ENOSYS) + err(1, "failed to open '%s'", *path); + } else if (tmp == 1) { + while (--n >= 0) { + close (s[n].fd); + free (s[n].pathname); + } + break; + } else if (tmp == 0) + ++n; + } + + if (tmp == 1) + continue; +#endif + + if (tcp_socket) { + tmp = try_tcp (&s[n], dpy); + if (tmp == -1) + err(1, "failed to open tcp stocket"); + else if (tmp == 1) { + while (--n >= 0) { + close (s[n].fd); + free (s[n].pathname); + } + break; + } else if (tmp == 0) + ++n; + } + break; + } + if (dpy == 256) + errx (1, "no free x-servers"); + for (i = 0; i < n; ++i) + if (s[i].flags & LISTENP + && listen (s[i].fd, SOMAXCONN) < 0) + err (1, "listen %s", s[i].pathname ? s[i].pathname : "tcp"); + *number = n; + *sockets = s; + return dpy; +} + +/* + * Change owner on the `n' sockets in `sockets' to `uid', `gid'. + * Return 0 is succesful or -1 if an error occurred. + */ + +int +chown_xsockets (int n, struct x_socket *sockets, uid_t uid, gid_t gid) +{ + int i; + + for (i = 0; i < n; ++i) + if (sockets[i].pathname != NULL) + if (chown (sockets[i].pathname, uid, gid) < 0) + return -1; + return 0; +} + +/* + * Connect to local display `dnr' with local transport or TCP. + * Return a file descriptor. + */ + +int +connect_local_xsocket (unsigned dnr) +{ + int fd; + char **path; + + for (path = x_sockets; *path; ++path) { + struct sockaddr_un addr; + + fd = socket (AF_UNIX, SOCK_STREAM, 0); + if (fd < 0) + break; + memset (&addr, 0, sizeof(addr)); + addr.sun_family = AF_UNIX; + snprintf (addr.sun_path, sizeof(addr.sun_path), *path, dnr); + if (connect (fd, (struct sockaddr *)&addr, sizeof(addr)) == 0) + return fd; + close(fd); + } + { + struct sockaddr_in addr; + + fd = socket(AF_INET, SOCK_STREAM, 0); + if (fd < 0) + err (1, "socket AF_INET"); + memset (&addr, 0, sizeof(addr)); + addr.sin_family = AF_INET; + addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + addr.sin_port = htons(6000 + dnr); + if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) == 0) + return fd; + close(fd); + } + err (1, "connecting to local display %u", dnr); +} + +/* + * Create a cookie file with a random cookie for the localhost. The + * file name will be stored in `xauthfile' (but not larger than + * `xauthfile_size'), and the cookie returned in `cookie', `cookie_sz'. + * Return 0 if succesful, or errno. + */ + +int +create_and_write_cookie (char *file, + size_t file_size, + u_char *cookie_buf, + size_t cookie_sz) +{ + Xauth auth; + char tmp[64]; + int fd; + FILE *f; + char hostname[MaxHostNameLen]; + int saved_errno; + + gethostname (hostname, sizeof(hostname)); + + auth.family = FamilyLocal; + auth.address = hostname; + auth.address_length = strlen(auth.address); + snprintf (tmp, sizeof(tmp), "%d", display_num); + auth.number_length = strlen(tmp); + auth.number = tmp; + auth.name = COOKIE_TYPE; + auth.name_length = strlen(auth.name); + auth.data_length = cookie_sz; + auth.data = (char*)cookie_buf; +#ifdef KRB5 + krb5_generate_random_block (cookie_buf, cookie_sz); +#else + krb_generate_random_block (cookie_buf, cookie_sz); +#endif + + strlcpy(file, "/tmp/AXXXXXX", file_size); + fd = mkstemp(file); + if(fd < 0) { + saved_errno = errno; + syslog(LOG_ERR, "create_and_write_cookie: mkstemp: %m"); + return saved_errno; + } + f = fdopen(fd, "r+"); + if(f == NULL){ + saved_errno = errno; + close(fd); + return errno; + } + if(XauWriteAuth(f, &auth) == 0) { + saved_errno = errno; + fclose(f); + return saved_errno; + } + + /* + * I would like to write a cookie for localhost:n here, but some + * stupid code in libX11 will not look for cookies of that type, + * so we are forced to use FamilyWild instead. + */ + + auth.family = FamilyWild; + auth.address_length = 0; + + if (XauWriteAuth(f, &auth) == 0) { + saved_errno = errno; + fclose (f); + return saved_errno; + } + + if(fclose(f)) + return errno; + return 0; +} + +/* + * Verify and remove cookies. Read and parse a X-connection from + * `fd'. Check the cookie used is the same as in `cookie'. Remove the + * cookie and copy the rest of it to `sock'. + * Expect cookies iff cookiesp. + * Return 0 iff ok. + * + * The protocol is as follows: + * + * C->S: [Bl] 1 + * unused 1 + * protocol major version 2 + * protocol minor version 2 + * length of auth protocol name(n) 2 + * length of auth protocol data 2 + * unused 2 + * authorization protocol name n + * pad pad(n) + * authorization protocol data d + * pad pad(d) + * + * S->C: Failed + * 0 1 + * length of reason 1 + * protocol major version 2 + * protocol minor version 2 + * length in 4 bytes unit of + * additional data (n+p)/4 2 + * reason n + * unused p = pad(n) + */ + +int +verify_and_remove_cookies (int fd, int sock, int cookiesp) +{ + u_char beg[12]; + int bigendianp; + unsigned n, d, npad, dpad; + char *protocol_name, *protocol_data; + u_char zeros[6] = {0, 0, 0, 0, 0, 0}; + u_char refused[20] = {0, 10, + 0, 0, /* protocol major version */ + 0, 0, /* protocol minor version */ + 0, 0, /* length of additional data / 4 */ + 'b', 'a', 'd', ' ', 'c', 'o', 'o', 'k', 'i', 'e', + 0, 0}; + + if (net_read (fd, beg, sizeof(beg)) != sizeof(beg)) + return 1; + if (net_write (sock, beg, 6) != 6) + return 1; + bigendianp = beg[0] == 'B'; + if (bigendianp) { + n = (beg[6] << 8) | beg[7]; + d = (beg[8] << 8) | beg[9]; + } else { + n = (beg[7] << 8) | beg[6]; + d = (beg[9] << 8) | beg[8]; + } + npad = (4 - (n % 4)) % 4; + dpad = (4 - (d % 4)) % 4; + protocol_name = malloc(n + npad); + if (n + npad != 0 && protocol_name == NULL) + return 1; + protocol_data = malloc(d + dpad); + if (d + dpad != 0 && protocol_data == NULL) { + free (protocol_name); + return 1; + } + if (net_read (fd, protocol_name, n + npad) != n + npad) + goto fail; + if (net_read (fd, protocol_data, d + dpad) != d + dpad) + goto fail; + if (cookiesp) { + if (strncmp (protocol_name, COOKIE_TYPE, strlen(COOKIE_TYPE)) != 0) + goto refused; + if (d != cookie_len || + memcmp (protocol_data, cookie, cookie_len) != 0) + goto refused; + } + free (protocol_name); + free (protocol_data); + if (net_write (sock, zeros, 6) != 6) + return 1; + return 0; +refused: + refused[2] = beg[2]; + refused[3] = beg[3]; + refused[4] = beg[4]; + refused[5] = beg[5]; + if (bigendianp) + refused[7] = 3; + else + refused[6] = 3; + + net_write (fd, refused, sizeof(refused)); +fail: + free (protocol_name); + free (protocol_data); + return 1; +} + +/* + * Return 0 iff `cookie' is compatible with the cookie for the + * localhost with name given in `ai' (or `hostname') and display + * number in `disp_nr'. + */ + +static int +match_local_auth (Xauth* auth, + struct addrinfo *ai, const char *hostname, int disp_nr) +{ + int auth_disp; + char *tmp_disp; + struct addrinfo *a; + + tmp_disp = malloc(auth->number_length + 1); + if (tmp_disp == NULL) + return -1; + memcpy(tmp_disp, auth->number, auth->number_length); + tmp_disp[auth->number_length] = '\0'; + auth_disp = atoi(tmp_disp); + free (tmp_disp); + if (auth_disp != disp_nr) + return 1; + for (a = ai; a != NULL; a = a->ai_next) { + if ((auth->family == FamilyLocal + || auth->family == FamilyWild) + && a->ai_canonname != NULL + && strncmp (auth->address, + a->ai_canonname, + auth->address_length) == 0) + return 0; + } + if (hostname != NULL + && (auth->family == FamilyLocal + || auth->family == FamilyWild) + && strncmp (auth->address, hostname, auth->address_length) == 0) + return 0; + return 1; +} + +/* + * Find `our' cookie from the cookie file `f' and return it or NULL. + */ + +static Xauth* +find_auth_cookie (FILE *f) +{ + Xauth *ret = NULL; + char local_hostname[MaxHostNameLen]; + char *display_str = getenv("DISPLAY"); + char d[MaxHostNameLen + 4]; + char *colon; + struct addrinfo *ai; + struct addrinfo hints; + int disp; + int error; + + if(display_str == NULL) + display_str = ":0"; + strlcpy(d, display_str, sizeof(d)); + display_str = d; + colon = strchr (display_str, ':'); + if (colon == NULL) + disp = 0; + else { + *colon = '\0'; + disp = atoi (colon + 1); + } + if (strcmp (display_str, "") == 0 + || strncmp (display_str, "unix", 4) == 0 + || strncmp (display_str, "localhost", 9) == 0) { + gethostname (local_hostname, sizeof(local_hostname)); + display_str = local_hostname; + } + memset (&hints, 0, sizeof(hints)); + hints.ai_flags = AI_CANONNAME; + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_TCP; + + error = getaddrinfo (display_str, NULL, &hints, &ai); + if (error) + ai = NULL; + + for (; (ret = XauReadAuth (f)) != NULL; XauDisposeAuth(ret)) { + if (match_local_auth (ret, ai, display_str, disp) == 0) { + if (ai != NULL) + freeaddrinfo (ai); + return ret; + } + } + if (ai != NULL) + freeaddrinfo (ai); + return NULL; +} + +/* + * Get rid of the cookie that we were sent and get the correct one + * from our own cookie file instead. + */ + +int +replace_cookie(int xserver, int fd, char *filename, int cookiesp) /* XXX */ +{ + u_char beg[12]; + int bigendianp; + unsigned n, d, npad, dpad; + FILE *f; + u_char zeros[6] = {0, 0, 0, 0, 0, 0}; + + if (net_read (fd, beg, sizeof(beg)) != sizeof(beg)) + return 1; + if (net_write (xserver, beg, 6) != 6) + return 1; + bigendianp = beg[0] == 'B'; + if (bigendianp) { + n = (beg[6] << 8) | beg[7]; + d = (beg[8] << 8) | beg[9]; + } else { + n = (beg[7] << 8) | beg[6]; + d = (beg[9] << 8) | beg[8]; + } + if (n != 0 || d != 0) + return 1; + f = fopen(filename, "r"); + if (f != NULL) { + Xauth *auth = find_auth_cookie (f); + u_char len[6] = {0, 0, 0, 0, 0, 0}; + + fclose (f); + + if (auth != NULL) { + n = auth->name_length; + d = auth->data_length; + } else { + n = 0; + d = 0; + } + if (bigendianp) { + len[0] = n >> 8; + len[1] = n & 0xFF; + len[2] = d >> 8; + len[3] = d & 0xFF; + } else { + len[0] = n & 0xFF; + len[1] = n >> 8; + len[2] = d & 0xFF; + len[3] = d >> 8; + } + if (net_write (xserver, len, 6) != 6) { + XauDisposeAuth(auth); + return 1; + } + if(n != 0 && net_write (xserver, auth->name, n) != n) { + XauDisposeAuth(auth); + return 1; + } + npad = (4 - (n % 4)) % 4; + if (npad && net_write (xserver, zeros, npad) != npad) { + XauDisposeAuth(auth); + return 1; + } + if (d != 0 && net_write (xserver, auth->data, d) != d) { + XauDisposeAuth(auth); + return 1; + } + XauDisposeAuth(auth); + dpad = (4 - (d % 4)) % 4; + if (dpad && net_write (xserver, zeros, dpad) != dpad) + return 1; + } else { + if(net_write(xserver, zeros, 6) != 6) + return 1; + } + return 0; +} + +/* + * Some simple controls on the address and corresponding socket + */ + +int +suspicious_address (int sock, struct sockaddr *addr) +{ + char data[40]; + socklen_t len = sizeof(data); + + switch (addr->sa_family) { + case AF_INET: + return ((struct sockaddr_in *)addr)->sin_addr.s_addr != + htonl(INADDR_LOOPBACK) +#if defined(IP_OPTIONS) && defined(HAVE_GETSOCKOPT) + || getsockopt (sock, IPPROTO_IP, IP_OPTIONS, data, &len) < 0 + || len != 0 +#endif + ; + break; +#ifdef HAVE_IPV6 + case AF_INET6: + /* XXX check route headers */ + return !IN6_IS_ADDR_LOOPBACK(&((struct sockaddr_in6*)addr)->sin6_addr); +#endif + default: + return 1; + } +} + +/* + * This really sucks, but these functions are used and if we're not + * linking against libkrb they don't exist. Using the heimdal storage + * functions will not work either cause we do not always link with + * libkrb5 either. + */ + +int +kx_get_int(void *f, uint32_t *to, int size, int lsb) +{ + int i; + unsigned char *from = (unsigned char *)f; + + *to = 0; + if(lsb){ + for(i = size-1; i >= 0; i--) + *to = (*to << 8) | from[i]; + }else{ + for(i = 0; i < size; i++) + *to = (*to << 8) | from[i]; + } + return size; +} + +int +kx_put_int(uint32_t from, void *to, size_t rem, int size) +{ + int i; + unsigned char *p = (unsigned char *)to; + + if (rem < size) + return -1; + + for(i = size - 1; i >= 0; i--){ + p[i] = from & 0xff; + from >>= 8; + } + return size; +} diff --git a/appl/kx/context.c b/appl/kx/context.c new file mode 100644 index 000000000000..a0520a3822d6 --- /dev/null +++ b/appl/kx/context.c @@ -0,0 +1,94 @@ +/* + * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kx.h" + +RCSID("$Id$"); + +/* + * Set the common part of the context `kc' + */ + +void +context_set (kx_context *kc, const char *host, const char *user, int port, + int debug_flag, int keepalive_flag, int tcp_flag) +{ + kc->thisaddr = (struct sockaddr*)&kc->__ss_this; + kc->thataddr = (struct sockaddr*)&kc->__ss_that; + kc->host = host; + kc->user = user; + kc->port = port; + kc->debug_flag = debug_flag; + kc->keepalive_flag = keepalive_flag; + kc->tcp_flag = tcp_flag; +} + +/* + * dispatch functions + */ + +void +context_destroy (kx_context *kc) +{ + (*kc->destroy)(kc); +} + +int +context_authenticate (kx_context *kc, int s) +{ + return (*kc->authenticate)(kc, s); +} + +int +context_userok (kx_context *kc, char *user) +{ + return (*kc->userok)(kc, user); +} + +ssize_t +kx_read (kx_context *kc, int fd, void *buf, size_t len) +{ + return (*kc->read)(kc, fd, buf, len); +} + +ssize_t +kx_write (kx_context *kc, int fd, const void *buf, size_t len) +{ + return (*kc->write)(kc, fd, buf, len); +} + +int +copy_encrypted (kx_context *kc, int fd1, int fd2) +{ + return (*kc->copy_encrypted)(kc, fd1, fd2); +} diff --git a/appl/kx/krb5.c b/appl/kx/krb5.c new file mode 100644 index 000000000000..eeb62a2d2694 --- /dev/null +++ b/appl/kx/krb5.c @@ -0,0 +1,447 @@ +/* + * Copyright (c) 1995 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kx.h" + +RCSID("$Id$"); + +#ifdef KRB5 + +struct krb5_kx_context { + krb5_context context; + krb5_keyblock *keyblock; + krb5_crypto crypto; + krb5_principal client; + krb5_log_facility *log; + +}; + +typedef struct krb5_kx_context krb5_kx_context; + +#define K5DATA(kc) ((krb5_kx_context*)kc->data) +#define CONTEXT(kc) (K5DATA(kc)->context) + +/* + * + */ + +static void +ksyslog(krb5_context context, krb5_error_code ret, const char *fmt, ...) + __attribute__((__format__(__printf__, 3, 0))); + +static void +ksyslog(krb5_context context, krb5_error_code ret, const char *fmt, ...) +{ + const char *msg; + char *str = NULL; + va_list va; + + msg = krb5_get_error_message(context, ret); + + va_start(va, fmt); + vasprintf(&str, fmt, va); + va_end(va); + + syslog(LOG_ERR, "%s: %s", str, msg); + + krb5_free_error_message(context, msg); + free(str); +} + +/* + * Destroy the krb5 context in `c'. + */ + +static void +krb5_destroy (kx_context *kc) +{ + if (K5DATA(kc)->keyblock) + krb5_free_keyblock (CONTEXT(kc), K5DATA(kc)->keyblock); + if (K5DATA(kc)->crypto) + krb5_crypto_destroy (CONTEXT(kc), K5DATA(kc)->crypto); + if (K5DATA(kc)->client) + krb5_free_principal (CONTEXT(kc), K5DATA(kc)->client); + if (CONTEXT(kc)) + krb5_free_context (CONTEXT(kc)); + memset (kc->data, 0, sizeof(krb5_kx_context)); + free (kc->data); +} + +/* + * Read the authentication information from `s' and return 0 if + * succesful, else -1. + */ + +static int +krb5_authenticate (kx_context *kc, int s) +{ + krb5_auth_context auth_context = NULL; + krb5_error_code ret; + krb5_principal server; + const char *host = kc->host; + + ret = krb5_sname_to_principal (CONTEXT(kc), + host, "host", KRB5_NT_SRV_HST, &server); + if (ret) { + krb5_warn (CONTEXT(kc), ret, "krb5_sname_to_principal: %s", host); + return 1; + } + + ret = krb5_sendauth (CONTEXT(kc), + &auth_context, + &s, + KX_VERSION, + NULL, + server, + AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL); + if (ret) { + if(ret != KRB5_SENDAUTH_BADRESPONSE) + krb5_warn (CONTEXT(kc), ret, "krb5_sendauth: %s", host); + return 1; + } + + ret = krb5_auth_con_getkey (CONTEXT(kc), auth_context, + &K5DATA(kc)->keyblock); + if (ret) { + krb5_warn (CONTEXT(kc), ret, "krb5_auth_con_getkey: %s", host); + krb5_auth_con_free (CONTEXT(kc), auth_context); + return 1; + } + + ret = krb5_crypto_init (CONTEXT(kc), K5DATA(kc)->keyblock, + 0, &K5DATA(kc)->crypto); + if (ret) { + krb5_warn (CONTEXT(kc), ret, "krb5_crypto_init"); + krb5_auth_con_free (CONTEXT(kc), auth_context); + return 1; + } + return 0; +} + +/* + * Read an encapsulated krb5 packet from `fd' into `buf' (of size + * `len'). Return the number of bytes read or 0 on EOF or -1 on + * error. + */ + +static ssize_t +krb5_read (kx_context *kc, + int fd, void *buf, size_t len) +{ + size_t data_len, outer_len; + krb5_error_code ret; + unsigned char tmp[4]; + krb5_data data; + int l; + + l = krb5_net_read (CONTEXT(kc), &fd, tmp, 4); + if (l == 0) + return l; + if (l != 4) + return -1; + data_len = (tmp[0] << 24) | (tmp[1] << 16) | (tmp[2] << 8) | tmp[3]; + outer_len = krb5_get_wrapped_length (CONTEXT(kc), + K5DATA(kc)->crypto, data_len); + if (outer_len > len) + return -1; + if (krb5_net_read (CONTEXT(kc), &fd, buf, outer_len) != outer_len) + return -1; + + ret = krb5_decrypt (CONTEXT(kc), K5DATA(kc)->crypto, + KRB5_KU_OTHER_ENCRYPTED, + buf, outer_len, &data); + if (ret) { + krb5_warn (CONTEXT(kc), ret, "krb5_decrypt"); + return -1; + } + if (data_len > data.length) { + krb5_data_free (&data); + return -1; + } + memmove (buf, data.data, data_len); + krb5_data_free (&data); + return data_len; +} + +/* + * Write an encapsulated krb5 packet on `fd' with the data in `buf, + * len'. Return len or -1 on error. + */ + +static ssize_t +krb5_write(kx_context *kc, + int fd, const void *buf, size_t len) +{ + krb5_data data; + krb5_error_code ret; + unsigned char tmp[4]; + size_t outlen; + + ret = krb5_encrypt (CONTEXT(kc), K5DATA(kc)->crypto, + KRB5_KU_OTHER_ENCRYPTED, + buf, len, &data); + if (ret){ + krb5_warn (CONTEXT(kc), ret, "krb5_write"); + return -1; + } + + outlen = data.length; + tmp[0] = (len >> 24) & 0xFF; + tmp[1] = (len >> 16) & 0xFF; + tmp[2] = (len >> 8) & 0xFF; + tmp[3] = (len >> 0) & 0xFF; + + if (krb5_net_write (CONTEXT(kc), &fd, tmp, 4) != 4 || + krb5_net_write (CONTEXT(kc), &fd, data.data, outlen) != outlen) { + krb5_data_free (&data); + return -1; + } + krb5_data_free (&data); + return len; +} + +/* + * Copy from the unix socket `from_fd' encrypting to `to_fd'. + * Return 0, -1 or len. + */ + +static int +copy_out (kx_context *kc, int from_fd, int to_fd) +{ + char buf[32768]; + ssize_t len; + + len = read (from_fd, buf, sizeof(buf)); + if (len == 0) + return 0; + if (len < 0) { + krb5_warn (CONTEXT(kc), errno, "read"); + return len; + } + return krb5_write (kc, to_fd, buf, len); +} + +/* + * Copy from the socket `from_fd' decrypting to `to_fd'. + * Return 0, -1 or len. + */ + +static int +copy_in (kx_context *kc, int from_fd, int to_fd) +{ + char buf[33000]; /* XXX */ + + ssize_t len; + + len = krb5_read (kc, from_fd, buf, sizeof(buf)); + if (len == 0) + return 0; + if (len < 0) { + krb5_warn (CONTEXT(kc), errno, "krb5_read"); + return len; + } + + return krb5_net_write (CONTEXT(kc), &to_fd, buf, len); +} + +/* + * Copy data between `fd1' and `fd2', encrypting in one direction and + * decrypting in the other. + */ + +static int +krb5_copy_encrypted (kx_context *kc, int fd1, int fd2) +{ + for (;;) { + fd_set fdset; + int ret; + + if (fd1 >= FD_SETSIZE || fd2 >= FD_SETSIZE) { + krb5_warnx (CONTEXT(kc), "fd too large"); + return 1; + } + + FD_ZERO(&fdset); + FD_SET(fd1, &fdset); + FD_SET(fd2, &fdset); + + ret = select (max(fd1, fd2)+1, &fdset, NULL, NULL, NULL); + if (ret < 0 && errno != EINTR) { + krb5_warn (CONTEXT(kc), errno, "select"); + return 1; + } + if (FD_ISSET(fd1, &fdset)) { + ret = copy_out (kc, fd1, fd2); + if (ret <= 0) + return ret; + } + if (FD_ISSET(fd2, &fdset)) { + ret = copy_in (kc, fd2, fd1); + if (ret <= 0) + return ret; + } + } +} + +/* + * Return 0 if the user authenticated on `kc' is allowed to login as + * `user'. + */ + +static int +krb5_userok (kx_context *kc, char *user) +{ + krb5_error_code ret; + char *tmp; + + ret = krb5_unparse_name (CONTEXT(kc), K5DATA(kc)->client, &tmp); + if (ret) + krb5_err (CONTEXT(kc), 1, ret, "krb5_unparse_name"); + kc->user = tmp; + + return !krb5_kuserok (CONTEXT(kc), K5DATA(kc)->client, user); +} + +/* + * Create an instance of an krb5 context. + */ + +void +krb5_make_context (kx_context *kc) +{ + krb5_kx_context *c; + krb5_error_code ret; + + kc->authenticate = krb5_authenticate; + kc->userok = krb5_userok; + kc->read = krb5_read; + kc->write = krb5_write; + kc->copy_encrypted = krb5_copy_encrypted; + kc->destroy = krb5_destroy; + kc->user = NULL; + kc->data = malloc(sizeof(krb5_kx_context)); + + if (kc->data == NULL) { + syslog (LOG_ERR, "failed to malloc %lu bytes", + (unsigned long)sizeof(krb5_kx_context)); + exit(1); + } + memset (kc->data, 0, sizeof(krb5_kx_context)); + c = (krb5_kx_context *)kc->data; + ret = krb5_init_context (&c->context); + if (ret) { + syslog (LOG_ERR, "failed initialise krb5 context"); + exit(1); + } +} + +/* + * Receive authentication information on `sock' (first four bytes + * in `buf'). + */ + +int +recv_v5_auth (kx_context *kc, int sock, u_char *buf) +{ + uint32_t len; + krb5_error_code ret; + krb5_principal server; + krb5_auth_context auth_context = NULL; + krb5_ticket *ticket; + + if (memcmp (buf, "\x00\x00\x00\x13", 4) != 0) + return 1; + len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | (buf[3]); + if (net_read(sock, buf, len) != len) { + syslog (LOG_ERR, "read: %m"); + exit (1); + } + if (len != sizeof(KRB5_SENDAUTH_VERSION) + || memcmp (buf, KRB5_SENDAUTH_VERSION, len) != 0) { + syslog (LOG_ERR, "bad sendauth version: %.8s", buf); + exit (1); + } + + krb5_make_context (kc); + krb5_openlog(CONTEXT(kc), "kxd", &K5DATA(kc)->log); + krb5_set_warn_dest(CONTEXT(kc), K5DATA(kc)->log); + + ret = krb5_sock_to_principal (CONTEXT(kc), sock, "host", + KRB5_NT_SRV_HST, &server); + if (ret) { + ksyslog (CONTEXT(kc), ret, "krb5_sock_to_principal"); + exit (1); + } + + ret = krb5_recvauth (CONTEXT(kc), + &auth_context, + &sock, + KX_VERSION, + server, + KRB5_RECVAUTH_IGNORE_VERSION, + NULL, + &ticket); + krb5_free_principal (CONTEXT(kc), server); + if (ret) { + ksyslog (CONTEXT(kc), ret, "krb5_recvauth"); + exit (1); + } + + ret = krb5_auth_con_getkey (CONTEXT(kc), auth_context, &K5DATA(kc)->keyblock); + if (ret) { + ksyslog (CONTEXT(kc), ret, "krb5_auth_con_getkey"); + exit (1); + } + + ret = krb5_crypto_init (CONTEXT(kc), K5DATA(kc)->keyblock, 0, &K5DATA(kc)->crypto); + if (ret) { + ksyslog (CONTEXT(kc), ret, "krb5_crypto_init"); + exit (1); + } + + K5DATA(kc)->client = ticket->client; + ticket->client = NULL; + krb5_free_ticket (CONTEXT(kc), ticket); + + krb5_auth_con_free(CONTEXT(kc), auth_context); + + return 0; +} + +#endif /* KRB5 */ diff --git a/lib/krb5/krb5_expand_hostname.3 b/appl/kx/kx.1 similarity index 56% rename from lib/krb5/krb5_expand_hostname.3 rename to appl/kx/kx.1 index ffd98dad1688..2f5e35cecdf9 100644 --- a/lib/krb5/krb5_expand_hostname.3 +++ b/appl/kx/kx.1 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan +.\" Copyright (c) 1996 - 1997 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,65 +29,64 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_expand_hostname.3 17461 2006-05-05 13:13:18Z lha $ +.\" $Id$ .\" -.Dd May 5, 2006 -.Dt KRB5_EXPAND_HOSTNAME 3 -.Os HEIMDAL +.Dd September 27, 1996 +.Dt KX 1 +.Os KTH-KRB .Sh NAME -.Nm krb5_expand_hostname , -.Nm krb5_expand_hostname_realms -.Nd Kerberos 5 host name canonicalization functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) +.Nm kx +.Nd securely forward X conections .Sh SYNOPSIS -.In krb5.h -.Pp -.Ft krb5_error_code -.Fo krb5_expand_hostname -.Fa "krb5_context context" -.Fa "const char *orig_hostname" -.Fa "char **new_hostname" -.Fc -.Ft krb5_error_code -.Fo krb5_expand_hostname_realms -.Fa "krb5_context context" -.Fa "const char *orig_hostname" -.Fa "char **new_hostname" -.Fa "char ***realms" -.Fc +.Ar kx +.Op Fl l Ar username +.Op Fl k +.Op Fl d +.Op Fl t +.Op Fl p Ar port +.Op Fl P +.Ar host .Sh DESCRIPTION -.Fn krb5_expand_hostname -tries to make -.Fa orig_hostname -into a more canonical one in the newly allocated space returned in -.Fa new_hostname . -Caller must free the hostname with -.Xr free 3 . +The +.Nm +program forwards an X connection from a remote client to a local screen +through an authenticated and encrypted stream. Options supported by +.Nm kx : +.Bl -tag -width Ds +.It Fl l +Log in on the remote the host as user +.Ar username . +.It Fl k +Do not enable keep-alives on the TCP connections. +.It Fl d +Do not fork. This is mainly useful for debugging. +.It Fl t +Listen not only on a UNIX-domain socket but on a TCP socket as well. +.It Fl p +Use the port +.Ar port . +.It Fl P +Force passive mode. +.El .Pp -.Fn krb5_expand_hostname_realms -expands -.Fa orig_hostname -to a name we believe to be a hostname in newly -allocated space in -.Fa new_hostname -and return the realms -.Fa new_hostname -is belive to belong to in -.Fa realms . -.Fa Realms -is a array terminated with -.Dv NULL . -Caller must free the -.Fa realms -with -.Fn krb5_free_host_realm +This program is used by +.Nm rxtelnet and -.Fa new_hostname -with -.Xr free 3 . +.Nm rxterm +and you should not need to run it directly. +.Pp +It connects to a +.Nm kxd +on the host +.Ar host +and then will relay the traffic from the remote X clients to the local +server. When started, it prints the display and Xauthority-file to be +used on host +.Ar host +and then goes to the background, waiting for connections from the +remote +.Nm kxd . .Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_free_host_realm 3 , -.Xr krb5_get_host_realm 3 , -.Xr kerberos 8 +.Xr rxtelnet 1 , +.Xr rxterm 1 , +.Xr kxd 8 diff --git a/appl/kx/kx.c b/appl/kx/kx.c new file mode 100644 index 000000000000..ffc2e85b58c1 --- /dev/null +++ b/appl/kx/kx.c @@ -0,0 +1,711 @@ +/* + * Copyright (c) 1995-2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kx.h" + +RCSID("$Id$"); + +static int nchild; +static int donep; + +/* + * Signal handler that justs waits for the children when they die. + */ + +static RETSIGTYPE +childhandler (int sig) +{ + pid_t pid; + int status; + + do { + pid = waitpid (-1, &status, WNOHANG|WUNTRACED); + if (pid > 0 && (WIFEXITED(status) || WIFSIGNALED(status))) + if (--nchild == 0 && donep) + exit (0); + } while(pid > 0); + signal (SIGCHLD, childhandler); + SIGRETURN(0); +} + +/* + * Handler for SIGUSR1. + * This signal means that we should wait until there are no children + * left and then exit. + */ + +static RETSIGTYPE +usr1handler (int sig) +{ + donep = 1; + + SIGRETURN(0); +} + +/* + * Almost the same as for SIGUSR1, except we should exit immediately + * if there are no active children. + */ + +static RETSIGTYPE +usr2handler (int sig) +{ + donep = 1; + if (nchild == 0) + exit (0); + + SIGRETURN(0); +} + +/* + * Establish authenticated connection. Return socket or -1. + */ + +static int +connect_host (kx_context *kc) +{ + struct addrinfo *ai, *a; + struct addrinfo hints; + int error; + char portstr[NI_MAXSERV]; + socklen_t addrlen; + int s = -1; + struct sockaddr_storage thisaddr_ss; + struct sockaddr *thisaddr = (struct sockaddr *)&thisaddr_ss; + + memset (&hints, 0, sizeof(hints)); + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_TCP; + + snprintf (portstr, sizeof(portstr), "%u", ntohs(kc->port)); + + error = getaddrinfo (kc->host, portstr, &hints, &ai); + if (error) { + warnx ("%s: %s", kc->host, gai_strerror(error)); + return -1; + } + + for (a = ai; a != NULL; a = a->ai_next) { + s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); + if (s < 0) + continue; + if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { + warn ("connect(%s)", kc->host); + close (s); + continue; + } + break; + } + + if (a == NULL) { + freeaddrinfo (ai); + return -1; + } + + addrlen = sizeof(thisaddr_ss); + if (getsockname (s, thisaddr, &addrlen) < 0 || + addrlen != a->ai_addrlen) + err(1, "getsockname(%s)", kc->host); + memcpy (&kc->__ss_this, thisaddr, sizeof(kc->__ss_this)); + kc->thisaddr_len = addrlen; + memcpy (&kc->__ss_that, a->ai_addr, sizeof(kc->__ss_that)); + kc->thataddr_len = a->ai_addrlen; + freeaddrinfo (ai); + if ((*kc->authenticate)(kc, s)) + return -1; + return s; +} + +/* + * Get rid of the cookie that we were sent and get the correct one + * from our own cookie file instead and then just copy data in both + * directions. + */ + +static int +passive_session (int xserver, int fd, kx_context *kc) +{ + if (replace_cookie (xserver, fd, XauFileName(), 1)) + return 1; + else + return copy_encrypted (kc, xserver, fd); +} + +static int +active_session (int xserver, int fd, kx_context *kc) +{ + if (verify_and_remove_cookies (xserver, fd, 1)) + return 1; + else + return copy_encrypted (kc, xserver, fd); +} + +/* + * fork (unless debugp) and print the output that will be used by the + * script to capture the display, xauth cookie and pid. + */ + +static void +status_output (int debugp) +{ + if(debugp) + printf ("%u\t%s\t%s\n", (unsigned)getpid(), display, xauthfile); + else { + pid_t pid; + + pid = fork(); + if (pid < 0) { + err(1, "fork"); + } else if (pid > 0) { + printf ("%u\t%s\t%s\n", (unsigned)pid, display, xauthfile); + exit (0); + } else { + fclose(stdout); + } + } +} + +/* + * Obtain an authenticated connection on `kc'. Send a kx message + * saying we are `kc->user' and want to use passive mode. Wait for + * answer on that connection and fork of a child for every new + * connection we have to make. + */ + +static int +doit_passive (kx_context *kc) +{ + int otherside; + u_char msg[1024], *p; + int len; + uint32_t tmp; + const char *host = kc->host; + + otherside = connect_host (kc); + + if (otherside < 0) + return 1; +#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) + if (kc->keepalive_flag) { + int one = 1; + + setsockopt (otherside, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, + sizeof(one)); + } +#endif + + p = msg; + *p++ = INIT; + len = strlen(kc->user); + p += kx_put_int (len, p, sizeof(msg) - 1, 4); + memcpy(p, kc->user, len); + p += len; + *p++ = PASSIVE | (kc->keepalive_flag ? KEEP_ALIVE : 0); + if (kx_write (kc, otherside, msg, p - msg) != p - msg) + err (1, "write to %s", host); + len = kx_read (kc, otherside, msg, sizeof(msg)); + if (len <= 0) + errx (1, + "error reading initial message from %s: " + "this probably means it's using an old version.", + host); + p = (u_char *)msg; + if (*p == ERROR) { + p++; + p += kx_get_int (p, &tmp, 4, 0); + errx (1, "%s: %.*s", host, (int)tmp, p); + } else if (*p != ACK) { + errx (1, "%s: strange msg %d", host, *p); + } else + p++; + p += kx_get_int (p, &tmp, 4, 0); + memcpy(display, p, tmp); + display[tmp] = '\0'; + p += tmp; + + p += kx_get_int (p, &tmp, 4, 0); + memcpy(xauthfile, p, tmp); + xauthfile[tmp] = '\0'; + p += tmp; + + status_output (kc->debug_flag); + for (;;) { + pid_t child; + + len = kx_read (kc, otherside, msg, sizeof(msg)); + if (len < 0) + err (1, "read from %s", host); + else if (len == 0) + return 0; + + p = (u_char *)msg; + if (*p == ERROR) { + p++; + p += kx_get_int (p, &tmp, 4, 0); + errx (1, "%s: %.*s", host, (int)tmp, p); + } else if(*p != NEW_CONN) { + errx (1, "%s: strange msg %d", host, *p); + } else { + p++; + p += kx_get_int (p, &tmp, 4, 0); + } + + ++nchild; + child = fork (); + if (child < 0) { + warn("fork"); + continue; + } else if (child == 0) { + int fd; + int xserver; + + close (otherside); + + socket_set_port(kc->thataddr, htons(tmp)); + + fd = socket (kc->thataddr->sa_family, SOCK_STREAM, 0); + if (fd < 0) + err(1, "socket"); +#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT) + { + int one = 1; + + setsockopt (fd, IPPROTO_TCP, TCP_NODELAY, (void *)&one, + sizeof(one)); + } +#endif +#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) + if (kc->keepalive_flag) { + int one = 1; + + setsockopt (fd, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, + sizeof(one)); + } +#endif + + if (connect (fd, kc->thataddr, kc->thataddr_len) < 0) + err(1, "connect(%s)", host); + { + int d = 0; + char *s; + + s = getenv ("DISPLAY"); + if (s != NULL) { + s = strchr (s, ':'); + if (s != NULL) + d = atoi (s + 1); + } + + xserver = connect_local_xsocket (d); + if (xserver < 0) + return 1; + } + return passive_session (xserver, fd, kc); + } else { + } + } +} + +/* + * Allocate a local pseudo-xserver and wait for connections + */ + +static int +doit_active (kx_context *kc) +{ + int otherside; + int nsockets; + struct x_socket *sockets; + u_char msg[1024], *p; + int len; + int tmp, tmp2; + char *str; + int i; + size_t rem; + uint32_t other_port; + int error; + const char *host = kc->host; + + otherside = connect_host (kc); + if (otherside < 0) + return 1; +#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) + if (kc->keepalive_flag) { + int one = 1; + + setsockopt (otherside, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, + sizeof(one)); + } +#endif + p = msg; + rem = sizeof(msg); + *p++ = INIT; + --rem; + len = strlen(kc->user); + tmp = kx_put_int (len, p, rem, 4); + if (tmp < 0) + return 1; + p += tmp; + rem -= tmp; + memcpy(p, kc->user, len); + p += len; + rem -= len; + *p++ = (kc->keepalive_flag ? KEEP_ALIVE : 0); + --rem; + + str = getenv("DISPLAY"); + if (str == NULL || (str = strchr(str, ':')) == NULL) + str = ":0"; + len = strlen (str); + tmp = kx_put_int (len, p, rem, 4); + if (tmp < 0) + return 1; + rem -= tmp; + p += tmp; + memcpy (p, str, len); + p += len; + rem -= len; + + str = getenv("XAUTHORITY"); + if (str == NULL) + str = ""; + len = strlen (str); + tmp = kx_put_int (len, p, rem, 4); + if (tmp < 0) + return 1; + p += len; + rem -= len; + memcpy (p, str, len); + p += len; + rem -= len; + + if (kx_write (kc, otherside, msg, p - msg) != p - msg) + err (1, "write to %s", host); + + len = kx_read (kc, otherside, msg, sizeof(msg)); + if (len < 0) + err (1, "read from %s", host); + p = (u_char *)msg; + if (*p == ERROR) { + uint32_t u32; + + p++; + p += kx_get_int (p, &u32, 4, 0); + errx (1, "%s: %.*s", host, (int)u32, p); + } else if (*p != ACK) { + errx (1, "%s: strange msg %d", host, *p); + } + + tmp2 = get_xsockets (&nsockets, &sockets, kc->tcp_flag); + if (tmp2 < 0) + errx(1, "Failed to open sockets"); + display_num = tmp2; + if (kc->tcp_flag) + snprintf (display, display_size, "localhost:%u", display_num); + else + snprintf (display, display_size, ":%u", display_num); + error = create_and_write_cookie (xauthfile, xauthfile_size, + cookie, cookie_len); + if (error) + errx(1, "failed creating cookie file: %s", strerror(error)); + + status_output (kc->debug_flag); + for (;;) { + fd_set fdset; + pid_t child; + int fd, thisfd = -1; + socklen_t zero = 0; + + FD_ZERO(&fdset); + for (i = 0; i < nsockets; ++i) { + if (sockets[i].fd >= FD_SETSIZE) + errx (1, "fd too large"); + FD_SET(sockets[i].fd, &fdset); + } + if (select(FD_SETSIZE, &fdset, NULL, NULL, NULL) <= 0) + continue; + for (i = 0; i < nsockets; ++i) + if (FD_ISSET(sockets[i].fd, &fdset)) { + thisfd = sockets[i].fd; + break; + } + fd = accept (thisfd, NULL, &zero); + if (fd < 0) { + if (errno == EINTR) + continue; + else + err(1, "accept"); + } + + p = msg; + *p++ = NEW_CONN; + if (kx_write (kc, otherside, msg, p - msg) != p - msg) + err (1, "write to %s", host); + len = kx_read (kc, otherside, msg, sizeof(msg)); + if (len < 0) + err (1, "read from %s", host); + p = (u_char *)msg; + if (*p == ERROR) { + uint32_t val; + + p++; + p += kx_get_int (p, &val, 4, 0); + errx (1, "%s: %.*s", host, (int)val, p); + } else if (*p != NEW_CONN) { + errx (1, "%s: strange msg %d", host, *p); + } else { + p++; + p += kx_get_int (p, &other_port, 4, 0); + } + + ++nchild; + child = fork (); + if (child < 0) { + warn("fork"); + continue; + } else if (child == 0) { + int s; + + for (i = 0; i < nsockets; ++i) + close (sockets[i].fd); + + close (otherside); + + socket_set_port(kc->thataddr, htons(tmp)); + + s = socket (kc->thataddr->sa_family, SOCK_STREAM, 0); + if (s < 0) + err(1, "socket"); +#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT) + { + int one = 1; + + setsockopt (s, IPPROTO_TCP, TCP_NODELAY, (void *)&one, + sizeof(one)); + } +#endif +#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) + if (kc->keepalive_flag) { + int one = 1; + + setsockopt (s, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, + sizeof(one)); + } +#endif + + if (connect (s, kc->thataddr, kc->thataddr_len) < 0) + err(1, "connect"); + + return active_session (fd, s, kc); + } else { + close (fd); + } + } +} + +/* + * Should we interpret `disp' as this being a passive call? + */ + +static int +check_for_passive (const char *disp) +{ + char local_hostname[MaxHostNameLen]; + + gethostname (local_hostname, sizeof(local_hostname)); + + return disp != NULL && + (*disp == ':' + || strncmp(disp, "unix", 4) == 0 + || strncmp(disp, "localhost", 9) == 0 + || strncmp(disp, local_hostname, strlen(local_hostname)) == 0); +} + +/* + * Set up signal handlers and then call the functions. + */ + +static int +doit (kx_context *kc, int passive_flag) +{ + signal (SIGCHLD, childhandler); + signal (SIGUSR1, usr1handler); + signal (SIGUSR2, usr2handler); + if (passive_flag) + return doit_passive (kc); + else + return doit_active (kc); +} + +#ifdef KRB5 + +/* + * Start a v5-authenticatated kx connection. + */ + +static int +doit_v5 (const char *host, int port, const char *user, + int passive_flag, int debug_flag, int keepalive_flag, int tcp_flag) +{ + int ret; + kx_context context; + + krb5_make_context (&context); + context_set (&context, + host, user, port, debug_flag, keepalive_flag, tcp_flag); + + ret = doit (&context, passive_flag); + context_destroy (&context); + return ret; +} +#endif /* KRB5 */ + +/* + * Variables set from the arguments + */ + +#ifdef KRB5 +static int use_v5 = -1; +#endif +static char *port_str = NULL; +static const char *user = NULL; +static int tcp_flag = 0; +static int passive_flag = 0; +static int keepalive_flag = 1; +static int debug_flag = 0; +static int version_flag = 0; +static int help_flag = 0; + +struct getargs args[] = { +#ifdef KRB5 + { "krb5", '5', arg_flag, &use_v5, "Use Kerberos V5", + NULL }, +#endif + { "port", 'p', arg_string, &port_str, "Use this port", + "number-of-service" }, + { "user", 'l', arg_string, &user, "Run as this user", + NULL }, + { "tcp", 't', arg_flag, &tcp_flag, + "Use a TCP connection for X11" }, + { "passive", 'P', arg_flag, &passive_flag, + "Force a passive connection" }, + { "keepalive", 'k', arg_negative_flag, &keepalive_flag, + "disable keep-alives" }, + { "debug", 'd', arg_flag, &debug_flag, + "Enable debug information" }, + { "version", 0, arg_flag, &version_flag, "Print version", + NULL }, + { "help", 0, arg_flag, &help_flag, NULL, + NULL } +}; + +static void +usage(int ret) +{ + arg_printusage (args, + sizeof(args) / sizeof(args[0]), + NULL, + "host"); + exit (ret); +} + +/* + * kx - forward an x-connection over a kerberos-encrypted channel. + */ + +int +main(int argc, char **argv) +{ + int port = 0; + int optidx = 0; + int ret = 1; + char *host = NULL; + + setprogname (argv[0]); + + if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, + &optidx)) + usage (1); + + if (help_flag) + usage (0); + + if (version_flag) { + print_version (NULL); + return 0; + } + + if (optidx != argc - 1) + usage (1); + + host = argv[optidx]; + + if (port_str) { + struct servent *s = roken_getservbyname (port_str, "tcp"); + + if (s) + port = s->s_port; + else { + char *ptr; + + port = strtol (port_str, &ptr, 10); + if (port == 0 && ptr == port_str) + errx (1, "Bad port `%s'", port_str); + port = htons(port); + } + } + + if (user == NULL) { + user = get_default_username (); + if (user == NULL) + errx (1, "who are you?"); + } + + if (!passive_flag) + passive_flag = check_for_passive (getenv("DISPLAY")); + +#if defined(HAVE_KERNEL_ENABLE_DEBUG) + if (krb_debug_flag) + krb_enable_debug (); +#endif + +#ifdef KRB5 + if (ret && use_v5) { + if (port == 0) + port = krb5_getportbyname(NULL, "kx", "tcp", KX_PORT); + ret = doit_v5 (host, port, user, + passive_flag, debug_flag, keepalive_flag, tcp_flag); + } +#endif + return ret; +} diff --git a/appl/kx/kx.cat1 b/appl/kx/kx.cat1 new file mode 100644 index 000000000000..7a03ee512daf --- /dev/null +++ b/appl/kx/kx.cat1 @@ -0,0 +1,39 @@ + +KX(1) BSD General Commands Manual KX(1) + +NNAAMMEE + kkxx -- securely forward X conections + +SSYYNNOOPPSSIISS + _k_x [--ll _u_s_e_r_n_a_m_e] [--kk] [--dd] [--tt] [--pp _p_o_r_t] [--PP] _h_o_s_t + +DDEESSCCRRIIPPTTIIOONN + The kkxx program forwards an X connection from a remote client to a local + screen through an authenticated and encrypted stream. Options supported + by kkxx: + + --ll Log in on the remote the host as user _u_s_e_r_n_a_m_e. + + --kk Do not enable keep-alives on the TCP connections. + + --dd Do not fork. This is mainly useful for debugging. + + --tt Listen not only on a UNIX-domain socket but on a TCP socket as + well. + + --pp Use the port _p_o_r_t. + + --PP Force passive mode. + + This program is used by rrxxtteellnneett and rrxxtteerrmm and you should not need to + run it directly. + + It connects to a kkxxdd on the host _h_o_s_t and then will relay the traffic + from the remote X clients to the local server. When started, it prints + the display and Xauthority-file to be used on host _h_o_s_t and then goes to + the background, waiting for connections from the remote kkxxdd. + +SSEEEE AALLSSOO + rxtelnet(1), rxterm(1), kxd(8) + +KTH-KRB September 27, 1996 KTH-KRB diff --git a/appl/kx/kx.h b/appl/kx/kx.h new file mode 100644 index 000000000000..dbc5c08ee512 --- /dev/null +++ b/appl/kx/kx.h @@ -0,0 +1,249 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif /* HAVE_CONFIG_H */ + +#include +#include +#include +#include +#include +#include +#ifdef HAVE_UNISTD_H +#include +#endif +#ifdef HAVE_PWD_H +#include +#endif +#ifdef HAVE_GRP_H +#include +#endif +#ifdef HAVE_SYSLOG_H +#include +#endif +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef TIME_WITH_SYS_TIME +#include +#include +#elif defined(HAVE_SYS_TIME_H) +#include +#else +#include +#endif +#ifdef HAVE_SYS_RESOURCE_H +#include +#endif +#ifdef HAVE_SYS_SELECT_H +#include +#endif +#ifdef HAVE_SYS_WAIT_H +#include +#endif +#ifdef HAVE_SYS_STAT_H +#include +#endif +#ifdef HAVE_SYS_SOCKET_H +#include +#endif +#ifdef HAVE_NETINET_IN_H +#include +#endif +#ifdef HAVE_NETINET_TCP_H +#include +#endif +#ifdef HAVE_ARPA_INET_H +#include +#endif +#ifdef HAVE_NETDB_H +#include +#endif +#ifdef HAVE_SYS_UN_H +#include +#endif +#include +#include +#include + +#ifdef HAVE_SYS_STREAM_H +#include +#endif +#ifdef HAVE_SYS_STROPTS_H +#include +#endif + +/* defined by aix's sys/stream.h and again by arpa/nameser.h */ + +#undef NOERROR + +/* as far as we know, this is only used with later versions of Slowlaris */ +#if SunOS >= 50 && defined(HAVE_SYS_STROPTS_H) && defined(HAVE_FATTACH) && defined(I_PUSH) +#define MAY_HAVE_X11_PIPES +#endif + +#ifdef SOCKS +#include +/* This doesn't belong here. */ +struct tm *localtime(const time_t *); +struct hostent *gethostbyname(const char *); +#endif + +#ifdef KRB5 +#include +#endif + +#include +#include +#include + +struct x_socket { + char *pathname; + int fd; + enum { + LISTENP = 0x80, + TCP = LISTENP | 1, + UNIX_SOCKET = LISTENP | 2, + STREAM_PIPE = 3 + } flags; +}; + +extern char x_socket[]; +extern uint32_t display_num; +extern char display[]; +extern int display_size; +extern char xauthfile[]; +extern int xauthfile_size; +extern u_char cookie[]; +extern size_t cookie_len; + +int get_xsockets (int *number, struct x_socket **sockets, int tcpp); +int chown_xsockets (int n, struct x_socket *sockets, uid_t uid, gid_t gid); + +int connect_local_xsocket (unsigned dnr); +int create_and_write_cookie (char *file, + size_t file_size, + u_char *cookie_buf, + size_t sz); +int verify_and_remove_cookies (int fd, int sock, int cookiesp); +int replace_cookie(int xserver, int fd, char *filename, int cookiesp); + +int suspicious_address (int sock, struct sockaddr *addr); + +#define KX_PORT 2111 + +#define KX_OLD_VERSION "KXSERV.1" +#define KX_VERSION "KXSERV.2" + +#define COOKIE_TYPE "MIT-MAGIC-COOKIE-1" + +enum { INIT = 0, ACK = 1, NEW_CONN = 2, ERROR = 3 }; + +enum kx_flags { PASSIVE = 1, KEEP_ALIVE = 2 }; + +typedef enum kx_flags kx_flags; + +struct kx_context { + int (*authenticate)(struct kx_context *kc, int s); + int (*userok)(struct kx_context *kc, char *user); + ssize_t (*read)(struct kx_context *kc, + int fd, void *buf, size_t len); + ssize_t (*write)(struct kx_context *kc, + int fd, const void *buf, size_t len); + int (*copy_encrypted)(struct kx_context *kc, + int fd1, int fd2); + void (*destroy)(struct kx_context *kc); + const char *host; + const char *user; + int port; + int debug_flag; + int keepalive_flag; + int tcp_flag; + struct sockaddr_storage __ss_this; + struct sockaddr_storage __ss_that; + struct sockaddr *thisaddr; + struct sockaddr *thataddr; + socklen_t thisaddr_len, thataddr_len; + void *data; +}; + +typedef struct kx_context kx_context; + +void +context_set (kx_context *kc, const char *host, const char *user, int port, + int debug_flag, int keepalive_flag, int tcp_flag); + +void +context_destroy (kx_context *kc); + +int +context_authenticate (kx_context *kc, int s); + +int +context_userok (kx_context *kc, char *user); + +ssize_t +kx_read (kx_context *kc, int fd, void *buf, size_t len); + +ssize_t +kx_write (kx_context *kc, int fd, const void *buf, size_t len); + +int +copy_encrypted (kx_context *kc, int fd1, int fd2); + +#ifdef KRB5 + +void +krb5_make_context (kx_context *c); + +int +recv_v5_auth (kx_context *kc, int sock, u_char *buf); + +#endif + +void +fatal (kx_context *kc, int fd, char *format, ...) +#ifdef __GNUC__ +__attribute__ ((format (printf, 3, 4))) +#endif +; + +int +kx_get_int(void *f, uint32_t *to, int size, int lsb); + +int +kx_put_int(uint32_t from, void *to, size_t rem, int size); diff --git a/appl/kx/kxd.8 b/appl/kx/kxd.8 new file mode 100644 index 000000000000..4a0101ec2d47 --- /dev/null +++ b/appl/kx/kxd.8 @@ -0,0 +1,83 @@ +.\" Copyright (c) 1996 - 1997, 2001 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd September 27, 1996 +.Dt KXD 8 +.Os KTH-KRB +.Sh NAME +.Nm kxd +.Nd securely forward X conections +.Sh SYNOPSIS +.Ar kxd +.Op Fl t +.Op Fl i +.Op Fl p Ar port +.Sh DESCRIPTION +This is the daemon for +.Nm kx . +.Pp +Options supported by +.Nm kxd : +.Bl -tag -width Ds +.It Fl t +TCP. Normally +.Nm kxd +will only listen for X connections on a UNIX socket, but some machines +(for example, Cray) have X libraries that are not able to use UNIX +sockets and thus you need to use TCP to talk to the pseudo-xserver +created by +.Nm kxd . +This option decreases the security significantly and should only be +used when it is necessary and you have considered the consequences of +doing so. +.It Fl i +Interactive. Do not expect to be started by +.Nm inetd , +but allocate and listen to the socket yourself. Handy for testing +and debugging. +.It Fl p +Port. Listen on the port +.Ar port . +Only usable with +.Fl i . +.El +.Sh EXAMPLES +Put the following in +.Pa /etc/inetd.conf : +.Bd -literal +kx stream tcp nowait root /usr/athena/libexec/kxd kxd +.Ed +.Sh SEE ALSO +.Xr kx 1 , +.Xr rxtelnet 1 , +.Xr rxterm 1 diff --git a/appl/kx/kxd.c b/appl/kx/kxd.c new file mode 100644 index 000000000000..8598fb1672a6 --- /dev/null +++ b/appl/kx/kxd.c @@ -0,0 +1,779 @@ +/* + * Copyright (c) 1995 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kx.h" + +RCSID("$Id$"); + +static pid_t wait_on_pid = -1; +static int done = 0; + +/* + * Signal handler that justs waits for the children when they die. + */ + +static RETSIGTYPE +childhandler (int sig) +{ + pid_t pid; + int status; + + do { + pid = waitpid (-1, &status, WNOHANG|WUNTRACED); + if (pid > 0 && pid == wait_on_pid) + done = 1; + } while(pid > 0); + signal (SIGCHLD, childhandler); + SIGRETURN(0); +} + +/* + * Print the error message `format' and `...' on fd and die. + */ + +void +fatal (kx_context *kc, int fd, char *format, ...) +{ + u_char msg[1024]; + u_char *p; + va_list args; + int len; + + va_start(args, format); + p = msg; + *p++ = ERROR; + vsnprintf ((char *)p + 4, sizeof(msg) - 5, format, args); + syslog (LOG_ERR, "%s", (char *)p + 4); + len = strlen ((char *)p + 4); + p += kx_put_int (len, p, 4, 4); + p += len; + kx_write (kc, fd, msg, p - msg); + va_end(args); + exit (1); +} + +/* + * Remove all sockets and cookie files. + */ + +static void +cleanup(int nsockets, struct x_socket *sockets) +{ + int i; + + if(xauthfile[0]) + unlink(xauthfile); + for (i = 0; i < nsockets; ++i) { + if (sockets[i].pathname != NULL) { + unlink (sockets[i].pathname); + free (sockets[i].pathname); + } + } + free(sockets); +} + +/* + * Prepare to receive a connection on `sock'. + */ + +static int +recv_conn (int sock, kx_context *kc, + int *dispnr, int *nsockets, struct x_socket **sockets, + int tcp_flag) +{ + u_char msg[1024], *p; + char user[256]; + socklen_t addrlen; + struct passwd *passwd; + char remotehost[MaxHostNameLen]; + char remoteaddr[INET6_ADDRSTRLEN]; + int ret = 1; + int flags; + int len; + uint32_t tmp32; + + memset(kc, 0, sizeof(*kc)); + *nsockets = 0; + *sockets = NULL; + *dispnr = 0; + + addrlen = sizeof(kc->__ss_this); + kc->thisaddr = (struct sockaddr*)&kc->__ss_this; + if (getsockname (sock, kc->thisaddr, &addrlen) < 0) { + syslog (LOG_ERR, "getsockname: %m"); + exit (1); + } + kc->thisaddr_len = addrlen; + addrlen = sizeof(kc->__ss_that); + kc->thataddr = (struct sockaddr*)&kc->__ss_that; + if (getpeername (sock, kc->thataddr, &addrlen) < 0) { + syslog (LOG_ERR, "getpeername: %m"); + exit (1); + } + kc->thataddr_len = addrlen; + + getnameinfo_verified (kc->thataddr, + kc->thataddr_len, + remotehost, sizeof(remotehost), + NULL, 0, 0); + + if (net_read (sock, msg, 4) != 4) { + syslog (LOG_ERR, "read: %m"); + exit (1); + } + +#ifdef KRB5 + if (ret && recv_v5_auth (kc, sock, msg) == 0) + ret = 0; +#endif + if (ret) { + syslog (LOG_ERR, "unrecognized auth protocol: %x %x %x %x", + msg[0], msg[1], msg[2], msg[3]); + exit (1); + } + + len = kx_read (kc, sock, msg, sizeof(msg)); + if (len < 0) { + syslog (LOG_ERR, "kx_read failed"); + exit (1); + } + p = (u_char *)msg; + if (*p != INIT) + fatal(kc, sock, "Bad message"); + p++; + if ((p - msg) < sizeof(msg)) + fatal(kc, sock, "user"); + + p += kx_get_int (p, &tmp32, 4, 0); + if (tmp32 >= sizeof(user) - 1) + fatal(kc, sock, "user name too long"); + if ((p - msg) + tmp32 >= sizeof(msg)) + fatal(kc, sock, "user too long"); + memcpy (user, p, tmp32); + p += tmp32; + user[tmp32] = '\0'; + + passwd = k_getpwnam (user); + if (passwd == NULL) + fatal (kc, sock, "cannot find uid for %s", user); + + if (context_userok (kc, user) != 0) + fatal (kc, sock, "%s not allowed to login as %s", + kc->user, user); + + if ((p - msg) >= sizeof(msg)) + fatal(kc, sock, "user too long"); + + flags = *p++; + + if (flags & PASSIVE) { + pid_t pid; + int tmp; + + tmp = get_xsockets (nsockets, sockets, tcp_flag); + if (tmp < 0) { + fatal (kc, sock, "Cannot create X socket(s): %s", + strerror(errno)); + } + *dispnr = tmp; + + if (chown_xsockets (*nsockets, *sockets, + passwd->pw_uid, passwd->pw_gid)) { + cleanup (*nsockets, *sockets); + fatal (kc, sock, "Cannot chown sockets: %s", + strerror(errno)); + } + + pid = fork(); + if (pid == -1) { + cleanup (*nsockets, *sockets); + fatal (kc, sock, "fork: %s", strerror(errno)); + } else if (pid != 0) { + wait_on_pid = pid; + while (!done) + pause (); + cleanup (*nsockets, *sockets); + exit (0); + } + } + + if (setgid (passwd->pw_gid) || + initgroups(passwd->pw_name, passwd->pw_gid) || +#ifdef HAVE_GETUDBNAM /* XXX this happens on crays */ + setjob(passwd->pw_uid, 0) == -1 || +#endif + setuid(passwd->pw_uid)) { + syslog(LOG_ERR, "setting uid/groups: %m"); + fatal (kc, sock, "cannot set uid"); + } + + ret = getnameinfo(kc->thataddr, kc->thataddr_len, + remoteaddr, sizeof(remoteaddr), + NULL, 0, NI_NUMERICHOST); + if (ret != 0) + fatal (kc, sock, "getnameinfo failed: %s", gai_strerror(ret)); + + syslog (LOG_INFO, "from %s(%s): %s -> %s", + remotehost, remoteaddr, + kc->user, user); + umask(077); + if (!(flags & PASSIVE)) { + p += kx_get_int (p, &tmp32, 4, 0); + if (tmp32 > display_size) + fatal(kc, sock, "display too large"); + if ((p - msg) + tmp32 + 8 >= sizeof(msg)) + fatal(kc, sock, "user too long"); + memcpy (display, p, tmp32); + display[tmp32] = '\0'; + p += tmp32; + p += kx_get_int (p, &tmp32, 4, 0); + len = min(tmp32, xauthfile_size); + memcpy (xauthfile, p, len); + xauthfile[len] = '\0'; + } +#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) + if (flags & KEEP_ALIVE) { + int one = 1; + + setsockopt (sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, + sizeof(one)); + } +#endif + return flags; +} + +/* + * + */ + +static int +passive_session (kx_context *kc, int fd, int sock, int cookiesp) +{ + if (verify_and_remove_cookies (fd, sock, cookiesp)) + return 1; + else + return copy_encrypted (kc, fd, sock); +} + +/* + * + */ + +static int +active_session (kx_context *kc, int fd, int sock, int cookiesp) +{ + fd = connect_local_xsocket(0); + + if (replace_cookie (fd, sock, xauthfile, cookiesp)) + return 1; + else + return copy_encrypted (kc, fd, sock); +} + +/* + * Handle a new connection. + */ + +static int +doit_conn (kx_context *kc, + int fd, int meta_sock, int flags, int cookiesp) +{ + int sock, sock2, port; + struct sockaddr_storage __ss_addr; + struct sockaddr *addr = (struct sockaddr*)&__ss_addr; + struct sockaddr_storage __ss_thisaddr; + struct sockaddr *thisaddr = (struct sockaddr*)&__ss_thisaddr; + socklen_t addrlen; + u_char msg[1024], *p; + + sock = socket (kc->thisaddr->sa_family, SOCK_STREAM, 0); + if (sock < 0) { + syslog (LOG_ERR, "socket: %m"); + return 1; + } +#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT) + { + int one = 1; + setsockopt (sock, IPPROTO_TCP, TCP_NODELAY, (void *)&one, sizeof(one)); + } +#endif +#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) + if (flags & KEEP_ALIVE) { + int one = 1; + + setsockopt (sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&one, + sizeof(one)); + } +#endif + memset (&__ss_addr, 0, sizeof(__ss_addr)); + addr->sa_family = kc->thisaddr->sa_family; + if (kc->thisaddr_len > sizeof(__ss_addr)) { + syslog(LOG_ERR, "error in af"); + return 1; + } + if (bind (sock, addr, kc->thisaddr_len) < 0) { + syslog (LOG_ERR, "bind: %m"); + return 1; + } + addrlen = sizeof(__ss_addr); + if (getsockname (sock, addr, &addrlen) < 0) { + syslog (LOG_ERR, "getsockname: %m"); + return 1; + } + if (listen (sock, SOMAXCONN) < 0) { + syslog (LOG_ERR, "listen: %m"); + return 1; + } + port = socket_get_port(addr); + + p = msg; + *p++ = NEW_CONN; + p += kx_put_int (ntohs(port), p, 4, 4); + + if (kx_write (kc, meta_sock, msg, p - msg) < 0) { + syslog (LOG_ERR, "write: %m"); + return 1; + } + + addrlen = sizeof(__ss_thisaddr); + sock2 = accept (sock, thisaddr, &addrlen); + if (sock2 < 0) { + syslog (LOG_ERR, "accept: %m"); + return 1; + } + close (sock); + close (meta_sock); + + if (flags & PASSIVE) + return passive_session (kc, fd, sock2, cookiesp); + else + return active_session (kc, fd, sock2, cookiesp); +} + +/* + * Is the current user the owner of the console? + */ + +static void +check_user_console (kx_context *kc, int fd) +{ + struct stat sb; + + if (stat ("/dev/console", &sb) < 0) + fatal (kc, fd, "Cannot stat /dev/console: %s", strerror(errno)); + if (getuid() != sb.st_uid) + fatal (kc, fd, "Permission denied"); +} + +/* close down the new connection with a reasonable error message */ +static void +close_connection(int fd, const char *message) +{ + char buf[264]; /* max message */ + char *p; + int lsb = 0; + size_t mlen; + + mlen = strlen(message); + if(mlen > 255) + mlen = 255; + + /* read first part of connection packet, to get byte order */ + if(read(fd, buf, 6) != 6) { + close(fd); + return; + } + if(buf[0] == 0x6c) + lsb++; + p = buf; + *p++ = 0; /* failed */ + *p++ = mlen; /* length of message */ + p += 4; /* skip protocol version */ + p += 2; /* skip additional length */ + memcpy(p, message, mlen); /* copy message */ + p += mlen; + while((p - buf) % 4) /* pad to multiple of 4 bytes */ + *p++ = 0; + + /* now fill in length of additional data */ + if(lsb) { + buf[6] = (p - buf - 8) / 4; + buf[7] = 0; + }else{ + buf[6] = 0; + buf[7] = (p - buf - 8) / 4; + } + write(fd, buf, p - buf); + close(fd); +} + + +/* + * Handle a passive session on `sock' + */ + +static int +doit_passive (kx_context *kc, + int sock, + int flags, + int dispnr, + int nsockets, + struct x_socket *sockets, + int tcp_flag) +{ + int tmp; + int len; + size_t rem; + u_char msg[1024], *p; + int error; + + display_num = dispnr; + if (tcp_flag) + snprintf (display, display_size, "localhost:%u", display_num); + else + snprintf (display, display_size, ":%u", display_num); + error = create_and_write_cookie (xauthfile, xauthfile_size, + cookie, cookie_len); + if (error) { + cleanup(nsockets, sockets); + fatal (kc, sock, "Cookie-creation failed: %s", strerror(error)); + return 1; + } + + p = msg; + rem = sizeof(msg); + *p++ = ACK; + --rem; + + len = strlen (display); + tmp = kx_put_int (len, p, rem, 4); + if (tmp < 0 || rem < len + 4) { + syslog (LOG_ERR, "doit: buffer too small"); + cleanup(nsockets, sockets); + return 1; + } + p += tmp; + rem -= tmp; + + memcpy (p, display, len); + p += len; + rem -= len; + + len = strlen (xauthfile); + tmp = kx_put_int (len, p, rem, 4); + if (tmp < 0 || rem < len + 4) { + syslog (LOG_ERR, "doit: buffer too small"); + cleanup(nsockets, sockets); + return 1; + } + p += tmp; + rem -= tmp; + + memcpy (p, xauthfile, len); + p += len; + rem -= len; + + if(kx_write (kc, sock, msg, p - msg) < 0) { + syslog (LOG_ERR, "write: %m"); + cleanup(nsockets, sockets); + return 1; + } + for (;;) { + pid_t child; + int fd = -1; + fd_set fds; + int i; + int ret; + int cookiesp = TRUE; + + FD_ZERO(&fds); + if (sock >= FD_SETSIZE) { + syslog (LOG_ERR, "fd too large"); + cleanup(nsockets, sockets); + return 1; + } + + FD_SET(sock, &fds); + for (i = 0; i < nsockets; ++i) { + if (sockets[i].fd >= FD_SETSIZE) { + syslog (LOG_ERR, "fd too large"); + cleanup(nsockets, sockets); + return 1; + } + FD_SET(sockets[i].fd, &fds); + } + ret = select(FD_SETSIZE, &fds, NULL, NULL, NULL); + if(ret <= 0) + continue; + if(FD_ISSET(sock, &fds)){ + /* there are no processes left on the remote side + */ + cleanup(nsockets, sockets); + exit(0); + } else if(ret) { + for (i = 0; i < nsockets; ++i) { + if (FD_ISSET(sockets[i].fd, &fds)) { + if (sockets[i].flags == TCP) { + struct sockaddr_storage __ss_peer; + struct sockaddr *peer = (struct sockaddr*)&__ss_peer; + socklen_t slen = sizeof(__ss_peer); + + fd = accept (sockets[i].fd, + peer, + &slen); + if (fd < 0 && errno != EINTR) + syslog (LOG_ERR, "accept: %m"); + + /* XXX */ + if (fd >= 0 && suspicious_address (fd, peer)) { + close (fd); + fd = -1; + errno = EINTR; + } + } else if(sockets[i].flags == UNIX_SOCKET) { + socklen_t zero = 0; + + fd = accept (sockets[i].fd, NULL, &zero); + + if (fd < 0 && errno != EINTR) + syslog (LOG_ERR, "accept: %m"); +#ifdef MAY_HAVE_X11_PIPES + } else if(sockets[i].flags == STREAM_PIPE) { + /* + * this code tries to handle the + * send fd-over-pipe stuff for + * solaris + */ + + struct strrecvfd strrecvfd; + + ret = ioctl (sockets[i].fd, + I_RECVFD, &strrecvfd); + if (ret < 0 && errno != EINTR) { + syslog (LOG_ERR, "ioctl I_RECVFD: %m"); + } + + /* XXX */ + if (ret == 0) { + if (strrecvfd.uid != getuid()) { + close (strrecvfd.fd); + fd = -1; + errno = EINTR; + } else { + fd = strrecvfd.fd; + cookiesp = FALSE; + } + } +#endif /* MAY_HAVE_X11_PIPES */ + } else + abort (); + break; + } + } + } + if (fd < 0) { + if (errno == EINTR) + continue; + else + return 1; + } + + child = fork (); + if (child < 0) { + syslog (LOG_ERR, "fork: %m"); + if(errno != EAGAIN) + return 1; + close_connection(fd, strerror(errno)); + } else if (child == 0) { + for (i = 0; i < nsockets; ++i) + close (sockets[i].fd); + return doit_conn (kc, fd, sock, flags, cookiesp); + } else { + close (fd); + } + } +} + +/* + * Handle an active session on `sock' + */ + +static int +doit_active (kx_context *kc, + int sock, + int flags, + int tcp_flag) +{ + u_char msg[1024], *p; + + check_user_console (kc, sock); + + p = msg; + *p++ = ACK; + + if(kx_write (kc, sock, msg, p - msg) < 0) { + syslog (LOG_ERR, "write: %m"); + return 1; + } + for (;;) { + pid_t child; + int len; + + len = kx_read (kc, sock, msg, sizeof(msg)); + if (len < 0) { + syslog (LOG_ERR, "read: %m"); + return 1; + } + p = (u_char *)msg; + if (*p != NEW_CONN) { + syslog (LOG_ERR, "bad_message: %d", *p); + return 1; + } + + child = fork (); + if (child < 0) { + syslog (LOG_ERR, "fork: %m"); + if (errno != EAGAIN) + return 1; + } else if (child == 0) { + return doit_conn (kc, sock, sock, flags, 1); + } else { + } + } +} + +/* + * Receive a connection on `sock' and process it. + */ + +static int +doit(int sock, int tcp_flag) +{ + int ret; + kx_context context; + int dispnr; + int nsockets; + struct x_socket *sockets; + int flags; + + flags = recv_conn (sock, &context, &dispnr, &nsockets, &sockets, tcp_flag); + + if (flags & PASSIVE) { + ret = doit_passive (&context, sock, flags, dispnr, + nsockets, sockets, tcp_flag); + } else { + ret = doit_active (&context, sock, flags, tcp_flag); + cleanup(nsockets, sockets); + } + context_destroy (&context); + return ret; +} + +static char *port_str = NULL; +static int inetd_flag = 1; +static int tcp_flag = 0; +static int version_flag = 0; +static int help_flag = 0; + +struct getargs args[] = { + { "inetd", 'i', arg_negative_flag, &inetd_flag, + "Not started from inetd" }, + { "tcp", 't', arg_flag, &tcp_flag, "Use TCP" }, + { "port", 'p', arg_string, &port_str, "Use this port", + "port" }, + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag, &help_flag } +}; + +static void +usage(int ret) +{ + arg_printusage (args, + sizeof(args) / sizeof(args[0]), + NULL, + "host"); + exit (ret); +} + +/* + * kxd - receive a forwarded X conncection + */ + +int +main (int argc, char **argv) +{ + int port; + int optidx = 0; + + setprogname (argv[0]); + roken_openlog ("kxd", LOG_ODELAY | LOG_PID, LOG_DAEMON); + + if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, + &optidx)) + usage (1); + + if (help_flag) + usage (0); + + if (version_flag) { + print_version (NULL); + return 0; + } + + if(port_str) { + struct servent *s = roken_getservbyname (port_str, "tcp"); + + if (s) + port = s->s_port; + else { + char *ptr; + + port = strtol (port_str, &ptr, 10); + if (port == 0 && ptr == port_str) + errx (1, "bad port `%s'", port_str); + port = htons(port); + } + } else { +#if defined(KRB5) + port = krb5_getportbyname(NULL, "kx", "tcp", KX_PORT); +#else +#error define KRB5 +#endif + } + + if (!inetd_flag) + mini_inetd (port, NULL); + + signal (SIGCHLD, childhandler); + return doit(STDIN_FILENO, tcp_flag); +} diff --git a/appl/kx/kxd.cat8 b/appl/kx/kxd.cat8 new file mode 100644 index 000000000000..41567cd5beb3 --- /dev/null +++ b/appl/kx/kxd.cat8 @@ -0,0 +1,37 @@ + +KXD(8) BSD System Manager's Manual KXD(8) + +NNAAMMEE + kkxxdd -- securely forward X conections + +SSYYNNOOPPSSIISS + _k_x_d [--tt] [--ii] [--pp _p_o_r_t] + +DDEESSCCRRIIPPTTIIOONN + This is the daemon for kkxx. + + Options supported by kkxxdd: + + --tt TCP. Normally kkxxdd will only listen for X connections on a UNIX + socket, but some machines (for example, Cray) have X libraries + that are not able to use UNIX sockets and thus you need to use + TCP to talk to the pseudo-xserver created by kkxxdd. This option + decreases the security significantly and should only be used when + it is necessary and you have considered the consequences of doing + so. + + --ii Interactive. Do not expect to be started by iinneettdd, but allocate + and listen to the socket yourself. Handy for testing and debug- + ging. + + --pp Port. Listen on the port _p_o_r_t. Only usable with --ii. + +EEXXAAMMPPLLEESS + Put the following in _/_e_t_c_/_i_n_e_t_d_._c_o_n_f: + + kx stream tcp nowait root /usr/athena/libexec/kxd kxd + +SSEEEE AALLSSOO + kx(1), rxtelnet(1), rxterm(1) + +KTH-KRB September 27, 1996 KTH-KRB diff --git a/appl/kx/rxtelnet.1 b/appl/kx/rxtelnet.1 new file mode 100644 index 000000000000..8cdb5ae8022d --- /dev/null +++ b/appl/kx/rxtelnet.1 @@ -0,0 +1,128 @@ +.\" Copyright (c) 1996 - 1998, 2001 - 2002 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd March 7, 2004 +.Dt RXTELNET 1 +.Os KTH_KRB +.Sh NAME +.Nm rxtelnet +.Nd start a telnet and forward X-connections. +.Sh SYNOPSIS +.Nm rxtelnet +.Op Fl l Ar username +.Op Fl k +.Op Fl t Ar telnet_args +.Op Fl x Ar xterm_args +.Op Fl K Ar kx_args +.Op Fl w Ar term_emulator +.Op Fl b Ar telnet_program +.Op Fl n +.Op Fl v +.Ar host +.Op Ar port +.Sh DESCRIPTION +The +.Nm +program starts an +.Nm xterm +window with a telnet to host +.Ar host . +From this window you will also be able to run X clients that will be +able to connect securely to your X server. If +.Ar port +is given, that port will be used instead of the default. +.Pp +If setting up the X forwarding failes, +.Nm +will still telnet in to the remote host, but without X forwarding. +.Pp +The supported options are: +.Bl -tag -width Ds +.It Fl l +Log in on the remote host as user +.Ar username . +.It Fl k +Disables keep-alives. +.It Fl t +Send +.Ar telnet_args +as arguments to +.Nm telnet . +.It Fl x +Send +.Ar xterm_args +as arguments to +.Nm xterm . +.It Fl X +Send +.Ar kx_args +as arguments to +.Nm kx . +.It Fl w +Use +.Ar term_emulator +instead of xterm. +.It Fl b +Use +.Ar telnet_program +instead of telnet. +.It Fl n +Do not start any terminal emulator. +.It Fl v +Be verbose. +.El +.Sh EXAMPLE +To login from host +.Va foo +(where your display is) +to host +.Va bar , +you might do the following. +.Bl -enum +.It +On foo: +.Nm +.Va bar +.It +You will get a new window with a +.Nm telnet +to +.Va bar . +In this window you will be able to start X clients. +.El +.Sh SEE ALSO +.Xr kx 1 , +.Xr rxterm 1 , +.Xr telnet 1 , +.Xr tenletxr 1 , +.Xr kxd 8 diff --git a/appl/kx/rxtelnet.cat1 b/appl/kx/rxtelnet.cat1 new file mode 100644 index 000000000000..f11e2b7140d8 --- /dev/null +++ b/appl/kx/rxtelnet.cat1 @@ -0,0 +1,52 @@ + +RXTELNET(1) BSD General Commands Manual RXTELNET(1) + +NNAAMMEE + rrxxtteellnneett -- start a telnet and forward X-connections. + +SSYYNNOOPPSSIISS + rrxxtteellnneett [--ll _u_s_e_r_n_a_m_e] [--kk] [--tt _t_e_l_n_e_t___a_r_g_s] [--xx _x_t_e_r_m___a_r_g_s] [--KK _k_x___a_r_g_s] + [--ww _t_e_r_m___e_m_u_l_a_t_o_r] [--bb _t_e_l_n_e_t___p_r_o_g_r_a_m] [--nn] [--vv] _h_o_s_t [_p_o_r_t] + +DDEESSCCRRIIPPTTIIOONN + The rrxxtteellnneett program starts an xxtteerrmm window with a telnet to host _h_o_s_t. + From this window you will also be able to run X clients that will be able + to connect securely to your X server. If _p_o_r_t is given, that port will be + used instead of the default. + + If setting up the X forwarding failes, rrxxtteellnneett will still telnet in to + the remote host, but without X forwarding. + + The supported options are: + + --ll Log in on the remote host as user _u_s_e_r_n_a_m_e. + + --kk Disables keep-alives. + + --tt Send _t_e_l_n_e_t___a_r_g_s as arguments to tteellnneett. + + --xx Send _x_t_e_r_m___a_r_g_s as arguments to xxtteerrmm. + + --XX Send _k_x___a_r_g_s as arguments to kkxx. + + --ww Use _t_e_r_m___e_m_u_l_a_t_o_r instead of xterm. + + --bb Use _t_e_l_n_e_t___p_r_o_g_r_a_m instead of telnet. + + --nn Do not start any terminal emulator. + + --vv Be verbose. + +EEXXAAMMPPLLEE + To login from host _f_o_o (where your display is) to host _b_a_r, you might do + the following. + + 1. On foo: rrxxtteellnneett _b_a_r + + 2. You will get a new window with a tteellnneett to _b_a_r. In this window you + will be able to start X clients. + +SSEEEE AALLSSOO + kx(1), rxterm(1), telnet(1), tenletxr(1), kxd(8) + +KTH_KRB March 7, 2004 KTH_KRB diff --git a/appl/kx/rxtelnet.in b/appl/kx/rxtelnet.in new file mode 100644 index 000000000000..d5cf010f2f65 --- /dev/null +++ b/appl/kx/rxtelnet.in @@ -0,0 +1,72 @@ +#!/bin/sh +# $Id$ +# +usage="Usage: $0 [-l username] [-k] [-fF] [-t args_to_telnet] [-x args_to_xterm] [-K args_to_kx] [-w term_emulator] [-b telnet_binary] [-n] [-v] [-h | --help] [--version] host [port]" +binary=telnet +term= +kx_args=-P +while true +do + case $1 in + -l) telnet_args="${telnet_args} -l $2 "; kx_args="${kx_args} -l $2"; title="${2}@"; shift 2;; + -t) telnet_args="${telnet_args} $2 "; shift 2;; + -x) xterm_args="${xterm_args} $2 "; shift 2;; + -f) telnet_args="${telnet_args} -f"; shift;; + -F) telnet_args="${telnet_args} -F"; shift;; + -k) kx_args="${kx_args} -k"; shift;; + -K) kx_args="${kx_args} $2 "; shift 2;; + -n) term=none; shift;; + -w) term=$2; shift 2;; + -b) binary=$2; shift 2;; + --version) echo "$0: %PACKAGE% %VERSION%"; exit 0;; + -h) echo $usage; exit 0;; + --help) echo $usage; exit 0;; + -v) set -x; verb=1; shift;; + -*) echo "$0: Bad option $1"; echo $usage; exit 1;; + *) break;; + esac +done +if test $# -lt 1; then + echo $usage + exit 1 +fi +host=$1 +port=$2 +title="${title}${host}" +bindir=%bindir% +pdc_trams=`dirname $0` +PATH=$pdc_trams:$bindir:$PATH +export PATH +set -- `kx $kx_args $host` +if test $# -ne 3; then + echo "Warning: Cound not setup X forwarding" + pid=NO + disp="" + auth="" +else + screen=`echo $DISPLAY | sed -ne 's/[^:]*:[0-9]*\(\.[0-9]*\)/\1/p'` + pid=$1 + disp=${2}${screen} + auth=$3 +fi +oldifs=$IFS +IFS=: +set -- $PATH +IFS=$oldifs +if test -z "$term"; then + for j in xterm dtterm aixterm dxterm hpterm; do + for i in $*; do + test -n "$i" || i="." + if test -x $i/$j; then + term=$j; break 2 + fi + done + done +fi +test "$verb" && echo "Telnet command used is `type $binary`." +if test -n "$term" -a "$term" != "none"; then + ($term -title $title -n $title $xterm_args -e env DISPLAY=$disp XAUTHORITY=$auth $binary -D $telnet_args $host $port; test x"$pid" != xNO && kill -USR2 $pid) & +else + env DISPLAY=$disp XAUTHORITY=$auth $binary -D $telnet_args $host $port + test x"$pid" != xNO && kill -USR2 $pid +fi diff --git a/appl/kx/rxterm.1 b/appl/kx/rxterm.1 new file mode 100644 index 000000000000..a7e848c6e6c1 --- /dev/null +++ b/appl/kx/rxterm.1 @@ -0,0 +1,120 @@ +.\" Copyright (c) 1996 - 1997, 2001 - 2003 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd April 11, 2003 +.Dt RXTERM 1 +.Os KTH_KRB +.Sh NAME +.Nm rxterm +.Nd start a secure remote xterm +.Sh SYNOPSIS +.Nm rxterm +.Op Fl l Ar username +.Op Fl k +.Op Fl r Ar rsh_args +.Op Fl x Ar xterm_args +.Op Fl K Ar kx_args +.Op Fl w Ar term_emulator +.Op Fl b Ar rsh_program +.Ar host +.Op Ar port +.Sh DESCRIPTION +The +.Nm +program starts an +.Nm xterm +window on host +.Ar host . +From this window you will also be able to run X clients that will be +able to connect securely to your X server. If +.Ar port +is given, that port will be used instead of the default. +.Pp +The supported options are: +.Bl -tag -width Ds +.It Fl l +Log in on the remote host as user +.Ar username . +.It Fl k +Disable keep-alives. +.It Fl r +Send +.Ar rsh_args +as arguments to +.Nm rsh . +.It Fl x +Send +.Ar xterm_args +as arguments to +.Nm xterm . +.It Fl X +Send +.Ar kx_args +as arguments to +.Nm kx . +.It Fl w +Use +.Ar term_emulator +instead of xterm. +.It Fl b +Use +.Ar rsh_program +instead of rsh. +.It Fl v +Be verbose. +.El +.Sh EXAMPLE +To login from host +.Va foo +(where your display is) +to host +.Va bar , +you might do the following. +.Bl -enum +.It +On foo: +.Nm +.Va bar +.It +You will get a new window running an +.Nm xterm +on host +.Va bar . +In this window you will be able to start X clients. +.El +.Sh SEE ALSO +.Xr kx 1 , +.Xr rsh 1 , +.Xr rxtelnet 1 , +.Xr tenletxr 1 , +.Xr kxd 8 diff --git a/appl/kx/rxterm.cat1 b/appl/kx/rxterm.cat1 new file mode 100644 index 000000000000..4d6ca6f0096c --- /dev/null +++ b/appl/kx/rxterm.cat1 @@ -0,0 +1,47 @@ + +RXTERM(1) BSD General Commands Manual RXTERM(1) + +NNAAMMEE + rrxxtteerrmm -- start a secure remote xterm + +SSYYNNOOPPSSIISS + rrxxtteerrmm [--ll _u_s_e_r_n_a_m_e] [--kk] [--rr _r_s_h___a_r_g_s] [--xx _x_t_e_r_m___a_r_g_s] [--KK _k_x___a_r_g_s] + [--ww _t_e_r_m___e_m_u_l_a_t_o_r] [--bb _r_s_h___p_r_o_g_r_a_m] _h_o_s_t [_p_o_r_t] + +DDEESSCCRRIIPPTTIIOONN + The rrxxtteerrmm program starts an xxtteerrmm window on host _h_o_s_t. From this window + you will also be able to run X clients that will be able to connect + securely to your X server. If _p_o_r_t is given, that port will be used + instead of the default. + + The supported options are: + + --ll Log in on the remote host as user _u_s_e_r_n_a_m_e. + + --kk Disable keep-alives. + + --rr Send _r_s_h___a_r_g_s as arguments to rrsshh. + + --xx Send _x_t_e_r_m___a_r_g_s as arguments to xxtteerrmm. + + --XX Send _k_x___a_r_g_s as arguments to kkxx. + + --ww Use _t_e_r_m___e_m_u_l_a_t_o_r instead of xterm. + + --bb Use _r_s_h___p_r_o_g_r_a_m instead of rsh. + + --vv Be verbose. + +EEXXAAMMPPLLEE + To login from host _f_o_o (where your display is) to host _b_a_r, you might do + the following. + + 1. On foo: rrxxtteerrmm _b_a_r + + 2. You will get a new window running an xxtteerrmm on host _b_a_r. In this + window you will be able to start X clients. + +SSEEEE AALLSSOO + kx(1), rsh(1), rxtelnet(1), tenletxr(1), kxd(8) + +KTH_KRB April 11, 2003 KTH_KRB diff --git a/appl/kx/rxterm.in b/appl/kx/rxterm.in new file mode 100644 index 000000000000..d0a409031bbd --- /dev/null +++ b/appl/kx/rxterm.in @@ -0,0 +1,45 @@ +#!/bin/sh +# $Id$ +# +usage="Usage: $0 [-l username] [-k] [-f] [-r rsh_args] [-x xterm_args] [-K kx_args] [-w term_emulator] [-b rsh_binary][-v] [-h | --help] [--version] host" +binary=rsh +term=xterm +while true +do + case $1 in + -l) rsh_args="${rsh_args} -l $2 "; kx_args="${kx_args} -l $2"; title="${2}@"; shift 2;; + -r) rsh_args="${rsh_args} $2 "; shift 2;; + -x) xterm_args="${xterm_args} $2 "; shift 2;; + -f) rsh_args="${rsh_args} -f"; shift;; + -k) kx_args="${kx_args} -k"; shift;; + -K) kx_args="${kx_args} $2 "; shift 2;; + -w) term=$2; shift 2;; + -b) binary=$2; shift 2;; + --version) echo "$0: %PACKAGE% %VERSION%"; exit 0;; + -h) echo $usage; exit 0;; + --help) echo $usage; exit 0;; + -v) set -x; shift;; + -*) echo "$0: Bad option $1"; echo $usage; exit 1;; + *) break;; + esac +done +if test $# -lt 1; then + echo "Usage: $0 host [arguments to $term]" + exit 1 +fi +host=$1 +title="${title}${host}" +bindir=%bindir% +pdc_trams=`dirname $0` +PATH=$pdc_trams:$bindir:$PATH +export PATH +set -- `kx $kx_args $host` +if test $# -ne 3; then + exit 1 +fi +screen=`echo $DISPLAY | sed -ne 's/[^:]*:[0-9]*\(\.[0-9]*\)/\1/p'` +pid=$1 +disp=${2}${screen} +auth=$3 +kill -USR1 $pid +$binary -n $rsh_args $host "/bin/sh -c 'DISPLAY=$disp XAUTHORITY=$auth $term -T $title -n $title $xterm_args /dev/null 2>/dev/null &'" diff --git a/lib/krb5/krb5_unparse_name.3 b/appl/kx/tenletxr.1 similarity index 62% rename from lib/krb5/krb5_unparse_name.3 rename to appl/kx/tenletxr.1 index 274d638d6694..e030d1534cd4 100644 --- a/lib/krb5/krb5_unparse_name.3 +++ b/appl/kx/tenletxr.1 @@ -1,4 +1,4 @@ -.\" Copyright (c) 1997 Kungliga Tekniska Högskolan +.\" Copyright (c) 1997, 2001 - 2002 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,34 +29,63 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_unparse_name.3 12329 2003-05-26 14:09:04Z lha $ +.\" $Id$ .\" -.Dd August 8, 1997 -.Dt KRB5_UNPARSE_NAME 3 -.Os HEIMDAL +.Dd March 31, 1997 +.Dt TENLETXR 1 +.Os KTH_KRB .Sh NAME -.Nm krb5_unparse_name -.\" .Nm krb5_unparse_name_ext -.Nd principal to string conversion -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) +.Nm tenletxr +.Nd forward X-connections backwards. .Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn krb5_unparse_name "krb5_context context" "krb5_principal principal" "char **name" -.\" .Ft krb5_error_code -.\" .Fn krb5_unparse_name_ext "krb5_context context" "krb5_const_principal principal" "char **name" "size_t *size" +.Nm tenletxr +.Op Fl l Ar username +.Op Fl k +.Ar host +.Op Ar port .Sh DESCRIPTION -This function takes a -.Fa principal , -and will convert in to a printable representation with the same syntax -as described in -.Xr krb5_parse_name 3 . -.Fa *name -will point to allocated data and should be freed by the caller. +The +.Nm +program +enables forwarding of X-connections from this machine to host +.Ar host . +If +.Ar port +is given, that port will be used instead of the default. +.Pp +The supported options are: +.Bl -tag -width Ds +.It Fl l +Log in on the remote host as user +.Ar username +.It Fl k +Disables keep-alives. +.El +.Sh EXAMPLE +To login from host +.Va foo +to host +.Va bar +(where your display is), +you might do the following. +.Bl -enum +.It +On foo: +.Nm +.Va bar +.It +You will get a new shell where you will be able to start X clients +that will show their windows on +.Va bar . +.El +.Sh BUGS +It currently checks if you have permission to run it by checking if +you own +.Pa /dev/console +on the remote host. .Sh SEE ALSO -.Xr krb5_425_conv_principal 3 , -.Xr krb5_build_principal 3 , -.Xr krb5_free_principal 3 , -.Xr krb5_parse_name 3 , -.Xr krb5_sname_to_principal 3 +.Xr kx 1 , +.Xr rxtelnet 1 , +.Xr rxterm 1 , +.Xr telnet 1 , +.Xr kxd 8 diff --git a/appl/kx/tenletxr.cat1 b/appl/kx/tenletxr.cat1 new file mode 100644 index 000000000000..da659754bc36 --- /dev/null +++ b/appl/kx/tenletxr.cat1 @@ -0,0 +1,37 @@ + +TENLETXR(1) BSD General Commands Manual TENLETXR(1) + +NNAAMMEE + tteennlleettxxrr -- forward X-connections backwards. + +SSYYNNOOPPSSIISS + tteennlleettxxrr [--ll _u_s_e_r_n_a_m_e] [--kk] _h_o_s_t [_p_o_r_t] + +DDEESSCCRRIIPPTTIIOONN + The tteennlleettxxrr program enables forwarding of X-connections from this + machine to host _h_o_s_t. If _p_o_r_t is given, that port will be used instead + of the default. + + The supported options are: + + --ll Log in on the remote host as user _u_s_e_r_n_a_m_e + + --kk Disables keep-alives. + +EEXXAAMMPPLLEE + To login from host _f_o_o to host _b_a_r (where your display is), you might do + the following. + + 1. On foo: tteennlleettxxrr _b_a_r + + 2. You will get a new shell where you will be able to start X clients + that will show their windows on _b_a_r. + +BBUUGGSS + It currently checks if you have permission to run it by checking if you + own _/_d_e_v_/_c_o_n_s_o_l_e on the remote host. + +SSEEEE AALLSSOO + kx(1), rxtelnet(1), rxterm(1), telnet(1), kxd(8) + +KTH_KRB March 31, 1997 KTH_KRB diff --git a/appl/kx/tenletxr.in b/appl/kx/tenletxr.in new file mode 100644 index 000000000000..e0b57ae8c32b --- /dev/null +++ b/appl/kx/tenletxr.in @@ -0,0 +1,37 @@ +#!/bin/sh +# $Id$ +# +usage="Usage: $0 [-l username] [-k] [-v] [-h | --help] [--version] host [port]" +while true +do + case $1 in + -l) kx_args="${kx_args} -l $2"; shift 2;; + -k) kx_args="${kx_args} -k"; shift;; + --version) echo "$0: %PACKAGE% %VERSION%"; exit 0;; + -h) echo $usage; exit 0;; + --help) echo $usage; exit 0;; + -v) set -x; shift;; + -*) echo "$0: Bad option $1"; echo $usage; exit 1;; + *) break;; + esac +done +if test $# -lt 1; then + echo $usage + exit 1 +fi +host=$1 +port=$2 +bindir=%bindir% +pdc_trams=`dirname $0` +PATH=$pdc_trams:$bindir:$PATH +export PATH +set -- `kx $kx_args $host` +if test $# -ne 3; then + exit 1 +fi +screen=`echo $DISPLAY | sed -ne 's/[^:]*:[0-9]*\(\.[0-9]*\)/\1/p'` +pid=$1 +disp=${2}${screen} +auth=$3 +env DISPLAY=$disp XAUTHORITY=$auth $SHELL +kill -USR2 $pid diff --git a/appl/kx/writeauth.c b/appl/kx/writeauth.c new file mode 100644 index 000000000000..d142278c914d --- /dev/null +++ b/appl/kx/writeauth.c @@ -0,0 +1,73 @@ +/* $XConsortium: AuWrite.c,v 1.6 94/04/17 20:15:45 gildea Exp $ */ + +/* + +Copyright (c) 1988 X Consortium + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of the X Consortium shall not be +used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization from the X Consortium. + +*/ + +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id$"); +#endif + +#include + +static int +write_short (unsigned short s, FILE *file) +{ + unsigned char file_short[2]; + + file_short[0] = (s & (unsigned)0xff00) >> 8; + file_short[1] = s & 0xff; + if (fwrite (file_short, sizeof (file_short), 1, file) != 1) + return 0; + return 1; +} + +static int +write_counted_string (unsigned short count, char *string, FILE *file) +{ + if (write_short (count, file) == 0) + return 0; + if (fwrite (string, (int) sizeof (char), (int) count, file) != count) + return 0; + return 1; +} + +int +XauWriteAuth (FILE *auth_file, Xauth *auth) +{ + if (write_short (auth->family, auth_file) == 0) + return 0; + if (write_counted_string (auth->address_length, auth->address, auth_file) == 0) + return 0; + if (write_counted_string (auth->number_length, auth->number, auth_file) == 0) + return 0; + if (write_counted_string (auth->name_length, auth->name, auth_file) == 0) + return 0; + if (write_counted_string (auth->data_length, auth->data, auth_file) == 0) + return 0; + return 1; +} diff --git a/appl/login/ChangeLog b/appl/login/ChangeLog index 2400808db410..68ab1d120a3b 100644 --- a/appl/login/ChangeLog +++ b/appl/login/ChangeLog @@ -1,24 +1,35 @@ -2006-12-05 Love Hörnquist Åstrand +2008-04-15 Love Hörnquist Ã…strand + * utmp_login.c: Reorder to avoid prototype. + + * login_locl.h: If cygwin doesnt have WTMPX_FILE, it uses wtmp for + wtmpx http://www.cygwin.com/ml/cygwin/2006-12/msg00630.html + +2008-04-10 Love Hörnquist Ã…strand + + * utmp_login.c: Remove utmp warning on mac os x + +2006-12-05 Love Hörnquist Ã…strand + * limits_conf.c: Clear errno before calling the strtol - functions. From Paul Stoeber to OpenBSD by Ray Lai and Björn + functions. From Paul Stoeber to OpenBSD by Ray Lai and Björn Sandell. * limits_conf.c: Report to syslog strings that start with NUL; - prevents negative index array access. Ray Lai of OpenBSD via Björn + prevents negative index array access. Ray Lai of OpenBSD via Björn Sandell. -2006-10-07 Love Hörnquist Åstrand +2006-10-07 Love Hörnquist Ã…strand * Makefile.am: Add man_MANS to EXTRA_DIST -2006-09-22 Love Hörnquist Åstrand +2006-09-22 Love Hörnquist Ã…strand * read_string.c: try to not call signaction for signal 0 and use NSIG if it exists to determin how many signals there exists, also, only restore those signalhandlers that we got out. -2006-04-27 Love Hörnquist Åstrand +2006-04-27 Love Hörnquist Ã…strand * login_locl.h: Include "loginpaths.h" @@ -28,7 +39,7 @@ * login.c: log successful logins -2005-08-08 Love Hörnquist Åstrand +2005-08-08 Love Hörnquist Ã…strand * login.c (do_login): only do krb4_get_afs_tokens if we have done v4 authentication or done a 5to4 conversion of tickets. This is to @@ -66,11 +77,11 @@ * login.c: use krb5_appdefault_boolean instead of krb5_config_get_bool -2003-09-03 Love Hörnquist Åstrand +2003-09-03 Love Hörnquist Ã…strand * login.c (krb5_to4): set client princ of the mcred -2003-07-07 Love Hörnquist Åstrand +2003-07-07 Love Hörnquist Ã…strand * login.c (krb5_to4): use krb5_cc_clear_mcred @@ -84,7 +95,7 @@ * login.access.5: login.access manual page -2003-03-18 Love Hörnquist Åstrand +2003-03-18 Love Hörnquist Ã…strand * login.c: also need pag_set * login.c: if there is kerberos 5, call krb5_afslog\* diff --git a/appl/login/Makefile.am b/appl/login/Makefile.am index b7c9f93010ab..c5a838d7ac99 100644 --- a/appl/login/Makefile.am +++ b/appl/login/Makefile.am @@ -1,9 +1,7 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -AM_CPPFLAGS += $(INCLUDE_krb4) - man_MANS = login.1 login.access.5 bin_PROGRAMS = login @@ -14,7 +12,7 @@ login_SOURCES = \ login.c \ login_access.c \ login_locl.h \ - login_protos.h \ + login-protos.h \ loginpaths.h \ limits_conf.c \ osfc2.c \ @@ -28,16 +26,15 @@ login_SOURCES = \ LDADD = $(LIB_otp) \ $(LIB_kafs) \ $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) \ $(LIB_security) \ $(DBLIB) -$(srcdir)/login_protos.h: - cd $(srcdir); perl ../../cf/make-proto.pl -o login_protos.h -q -P comment $(login_SOURCES) || rm -f login_protos.h +$(srcdir)/login-protos.h: + cd $(srcdir); perl ../../cf/make-proto.pl -o login-protos.h -q -P comment $(login_SOURCES) || rm -f login-protos.h -$(login_OBJECTS): $(srcdir)/login_protos.h +$(login_OBJECTS): $(srcdir)/login-protos.h -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) diff --git a/appl/login/Makefile.in b/appl/login/Makefile.in index faa632ab8cf5..570200c1cb19 100644 --- a/appl/login/Makefile.in +++ b/appl/login/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,7 +47,7 @@ bin_PROGRAMS = login$(EXEEXT) subdir = appl/login ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -60,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -74,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -84,15 +89,15 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" \ "$(DESTDIR)$(man5dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) am_login_OBJECTS = conf.$(OBJEXT) env.$(OBJEXT) login.$(OBJEXT) \ login_access.$(OBJEXT) limits_conf.$(OBJEXT) osfc2.$(OBJEXT) \ @@ -105,12 +110,11 @@ am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ $(am__DEPENDENCIES_1) login_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_2) \ $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = + $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -122,6 +126,27 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(login_SOURCES) DIST_SOURCES = $(login_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man1dir = $(mandir)/man1 man5dir = $(mandir)/man5 MANS = $(man_MANS) @@ -132,49 +157,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -198,10 +232,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -218,6 +253,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -233,31 +270,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -272,10 +323,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -316,30 +369,34 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la man_MANS = login.1 login.access.5 login_SOURCES = \ @@ -348,7 +405,7 @@ login_SOURCES = \ login.c \ login_access.c \ login_locl.h \ - login_protos.h \ + login-protos.h \ loginpaths.h \ limits_conf.c \ osfc2.c \ @@ -362,30 +419,29 @@ login_SOURCES = \ LDADD = $(LIB_otp) \ $(LIB_kafs) \ $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) \ $(LIB_security) \ $(DBLIB) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/login/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/login/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/login/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/login/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -403,34 +459,50 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list login$(EXEEXT): $(login_OBJECTS) $(login_DEPENDENCIES) @rm -f login$(EXEEXT) $(LINK) $(login_OBJECTS) $(login_LDADD) $(LIBS) @@ -441,160 +513,188 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/conf.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/env.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/limits_conf.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/login.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/login_access.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/osfc2.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/read_string.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/shadow.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/stty_default.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tty.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utmp_login.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utmpx_login.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) +install-man1: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + uninstall-man1: @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done -install-man5: $(man5_MANS) $(man_MANS) + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } +install-man5: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)" - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man5dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.5[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ + done; } + uninstall-man5: @$(NORMAL_UNINSTALL) - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man5dir)/$$inst"; \ - done + @list=''; test -n "$(man5dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.5[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man5dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man5dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -610,13 +710,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -651,6 +755,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -660,6 +765,7 @@ clean: clean-am clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -670,6 +776,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -677,26 +785,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man1 install-man5 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -716,11 +833,10 @@ ps-am: uninstall-am: uninstall-binPROGRAMS uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man1 uninstall-man5 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-binPROGRAMS clean-generic clean-libtool ctags \ @@ -807,6 +923,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -892,7 +1011,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -906,10 +1025,11 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) fi ; \ done -$(srcdir)/login_protos.h: - cd $(srcdir); perl ../../cf/make-proto.pl -o login_protos.h -q -P comment $(login_SOURCES) || rm -f login_protos.h +$(srcdir)/login-protos.h: + cd $(srcdir); perl ../../cf/make-proto.pl -o login-protos.h -q -P comment $(login_SOURCES) || rm -f login-protos.h + +$(login_OBJECTS): $(srcdir)/login-protos.h -$(login_OBJECTS): $(srcdir)/login_protos.h # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/login/NTMakefile b/appl/login/NTMakefile new file mode 100644 index 000000000000..b19ecfa8b9e1 --- /dev/null +++ b/appl/login/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\login + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/login/conf.c b/appl/login/conf.c index 81a3c744023c..2b141359c5ea 100644 --- a/appl/login/conf.c +++ b/appl/login/conf.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,7 +32,7 @@ #include "login_locl.h" -RCSID("$Id: conf.c 8302 2000-05-29 16:52:24Z assar $"); +RCSID("$Id$"); static char *confbuf; diff --git a/appl/login/env.c b/appl/login/env.c index e1b33ba23663..98ae93086ba5 100644 --- a/appl/login/env.c +++ b/appl/login/env.c @@ -1,38 +1,38 @@ /* - * Copyright (c) 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "login_locl.h" -RCSID("$Id: env.c 8476 2000-06-28 12:27:38Z joda $"); +RCSID("$Id$"); /* * the environment we will send to execle and the shell. @@ -59,16 +59,21 @@ add_env(const char *var, const char *value) if(str == NULL) errx(1, "Out of memory!"); for(i = 0; i < num_env; i++) - if(strncmp(env[i], var, strlen(var)) == 0 && + if(strncmp(env[i], var, strlen(var)) == 0 && env[i][strlen(var)] == '='){ free(env[i]); env[i] = str; return; } - + extend_env(str); } +#if !HAVE_DECL_ENVIRON +extern char **environ; +#endif + + void copy_env(void) { @@ -77,22 +82,24 @@ copy_env(void) extend_env(*p); } -int +void login_read_env(const char *file) { char **newenv; char *p; int i, j; - + newenv = NULL; i = read_environment(file, &newenv); for (j = 0; j < i; j++) { p = strchr(newenv[j], '='); + if (p == NULL) + errx(1, "%s: missing = in string %s", + file, newenv[j]); *p++ = 0; add_env(newenv[j], p); *--p = '='; free(newenv[j]); } free(newenv); - return 0; } diff --git a/appl/login/limits_conf.c b/appl/login/limits_conf.c index ac9837f1406b..1068b967014f 100644 --- a/appl/login/limits_conf.c +++ b/appl/login/limits_conf.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "login_locl.h" -RCSID("$Id: limits_conf.c 19215 2006-12-04 23:41:18Z lha $"); +RCSID("$Id$"); #include #include @@ -91,7 +91,7 @@ find_limit(const char *name) /* this function reads limits.conf files similar to pam_limits unimplemented features include: % maxlogins - "-" no limits, + "-" no limits, priorities etc that are not set via setrlimit XXX uses static storage, and clobbers getgr* */ @@ -131,7 +131,7 @@ read_limits_conf(const char *file, const struct passwd *pwd) int c; while((c = fgetc(f)) != EOF) { eof = 0; - if(c == '\n') + if(c == '\n') break; } if(!eof) { @@ -192,12 +192,12 @@ read_limits_conf(const char *file, const struct passwd *pwd) continue; l->has_limit = level; } - + /* XXX unclear: if you soft to more than default hard, should we set hard to soft? this code doesn't. */ if(strcasecmp(args[1], "soft") == 0 || strcmp(args[1], "-") == 0) l->limit.rlim_cur = value; - if(strcasecmp(args[1], "hard") == 0 || strcmp(args[1], "-") == 0) + if(strcasecmp(args[1], "hard") == 0 || strcmp(args[1], "-") == 0) l->limit.rlim_max = value; } fclose(f); diff --git a/appl/login/login_protos.h b/appl/login/login-protos.h similarity index 99% rename from appl/login/login_protos.h rename to appl/login/login-protos.h index 7fdbb35ca120..92b5b8721fad 100644 --- a/appl/login/login_protos.h +++ b/appl/login/login-protos.h @@ -38,7 +38,7 @@ login_access ( char * login_conf_get_string (const char */*str*/); -int +void login_read_env (const char */*file*/); char * diff --git a/appl/login/login.1 b/appl/login/login.1 index 1ae4f3e5a147..b01e7872a6d8 100644 --- a/appl/login/login.1 +++ b/appl/login/login.1 @@ -1,12 +1,11 @@ -.\" $Id: login.1 14891 2005-04-22 15:49:25Z joda $ -.\" +.\" $Id$ +.\" .Dd April 22, 2005 .Dt LOGIN 1 .Os HEIMDAL .Sh NAME .Nm login -.Nd -authenticate a user and start new session +.Nd authenticate a user and start new session .Sh SYNOPSIS .Nm .Op Fl fp @@ -14,8 +13,8 @@ authenticate a user and start new session .Op Fl h Ar hostname .Ar [username] .Sh DESCRIPTION -This manual page documents the -.Nm login +This manual page documents the +.Nm login program distributed with the Heimdal Kerberos 5 implementation, it may differ in important ways from your system version. .Pp @@ -23,7 +22,7 @@ The .Nm login programs logs users into the system. It is intended to be run by system daemons like -.Xr getty 8 +.Xr getty 8 or .Xr telnetd 8 . If you are already logged in, but want to change to another user, you @@ -33,16 +32,16 @@ should use A username can be given on the command line, else one will be prompted for. .Pp -A password is required to login, unless the +A password is required to login, unless the .Fl f option is given (indicating that the calling program has already done proper authentication). With .Fl f -the user will be logged in without further questions. +the user will be logged in without further questions. .Pp For password authentication Kerberos 5, Kerberos 4 (if compiled in), OTP (if compiled in) and local -.No ( Pa /etc/passwd ) +.No ( Pa /etc/passwd ) passwords are supported. OTP will be used if the the user is registered to use it, and .Nm login @@ -71,7 +70,7 @@ to preserve all environment variables. If not given, only the and .Dv TZ variables are preserved. It could be a security risk to pass random -variables to +variables to .Nm login or the user shell, so the calling daemon should make sure it only passes @@ -91,12 +90,12 @@ Then various system parameters are set up, like changing the owner of the tty to the user, setting up signals, setting the group list, and user and group id. Also various machine specific tasks are performed. .Pp -Next +Next .Nm login -changes to the users home directory, or if that fails, to +changes to the users home directory, or if that fails, to .Pa / . The environment is setup, by adding some required variables (such as -.Dv PATH ) , +.Dv PATH ) , and also authentication related ones (such as .Dv KRB5CCNAME ) . If an environment file exists @@ -108,31 +107,31 @@ If one or more login message files are configured, their contents is printed to the terminal. .Pp If a login time command is configured, it is executed. A logout time -command can also be configured, which makes +command can also be configured, which makes .Nm login fork, and wait for the user shell to exit, and then run the command. This can be used to clean up user credentials. .Pp Finally, the user's shell is executed. If the user logging in is root, -and root's login shell does not exist, a default shell (usually +and root's login shell does not exist, a default shell (usually .Pa /bin/sh ) is also tried before giving up. .Sh ENVIRONMENT -These environment variables are set by login (not including ones set by +These environment variables are set by login (not including ones set by .Pa /etc/environment ) : .Pp .Bl -tag -compact -width USERXXLOGNAME .It Dv PATH the default system path .It Dv HOME -the user's home directory (or possibly +the user's home directory (or possibly .Pa / ) .It Dv USER , Dv LOGNAME both set to the username .It Dv SHELL the user's shell .It Dv TERM , Dv TZ -set to whatever is passed to +set to whatever is passed to .Nm login .It Dv KRB5CCNAME if the password is verified via Kerberos 5, this will point to the @@ -145,7 +144,7 @@ ticket file .Bl -tag -compact -width Ds .It Pa /etc/environment Contains a set of environment variables that should be set in addition -to the ones above. It should contain sh-style assignments like +to the ones above. It should contain sh-style assignments like .Dq VARIABLE=value . Note that they are not parsed the way a shell would. No variable expansion is performed, and all strings are literal, and quotation @@ -161,7 +160,7 @@ FOO="this is a string" BAR= FOO='this is a string' .Ed .It Pa /etc/login.access -See +See .Xr login.access 5 . .It Pa /etc/login.conf This is a termcap style configuration file, that contains various @@ -205,14 +204,14 @@ programs typically print all sorts of information by default, such as last time you logged in, if you have mail, and system message files. This version of .Nm login -does not, so there is no reason for +does not, so there is no reason for .Pa .hushlogin files or similar. We feel that these tasks are best left to the user's -shell, but the +shell, but the .Li login_program facility allows for a shell independent solution, if that is desired. .Sh EXAMPLES -A +A .Pa login.conf file could look like: .Bd -literal -offset indent @@ -225,8 +224,8 @@ The .Pa limits.conf file consists of a table with four whitespace separated fields. First field is a username or a groupname (prefixed with -.Sq @ ) , -or +.Sq @ ) , +or .Sq * . Second field is .Sq soft , @@ -235,11 +234,11 @@ or .Sq - (the last meaning both soft and hard). Third field is a limit name (such as -.Sq cpu -or +.Sq cpu +or .Sq core ) . Last field is the limit value (a number or -.Sq - +.Sq - for unlimited). In the case of data sizes, the value is in kilobytes, and cputime is in minutes. .Sh SEE ALSO diff --git a/appl/login/login.access.5 b/appl/login/login.access.5 index 23290beb9cf6..7edefa2019f3 100644 --- a/appl/login/login.access.5 +++ b/appl/login/login.access.5 @@ -1,12 +1,11 @@ -.\" $Id: login.access.5 11902 2003-03-24 15:49:30Z joda $ -.\" +.\" $Id$ +.\" .Dd March 21, 2003 .Dt LOGIN.ACCESS 5 .Os HEIMDAL .Sh NAME .Nm login.access -.Nd -login access control table +.Nd login access control table .Sh DESCRIPTION The .Nm login.access @@ -14,7 +13,7 @@ file specifies on which ttys or from which hosts certain users are allowed to login. .Pp At login, the -.Pa /etc/login.access +.Pa /etc/login.access file is checked for the first entry that matches a specific user/host or user/tty combination. That entry can either allow or deny login access to that user. @@ -52,5 +51,5 @@ make the group match if the user also matches. .Sh AUTHORS The .Fn login_access -function was written by +function was written by Wietse Venema. This manual page was written for Heimdal. diff --git a/appl/login/login.access.cat5 b/appl/login/login.access.cat5 new file mode 100644 index 000000000000..1bcce6a91603 --- /dev/null +++ b/appl/login/login.access.cat5 @@ -0,0 +1,45 @@ + +LOGIN.ACCESS(5) BSD File Formats Manual LOGIN.ACCESS(5) + +NNAAMMEE + llooggiinn..aacccceessss -- login access control table + +DDEESSCCRRIIPPTTIIOONN + The llooggiinn..aacccceessss file specifies on which ttys or from which hosts certain + users are allowed to login. + + At login, the _/_e_t_c_/_l_o_g_i_n_._a_c_c_e_s_s file is checked for the first entry that + matches a specific user/host or user/tty combination. That entry can + either allow or deny login access to that user. + + Each entry have three fields separated by colon: + + ++oo The first field indicates the permission given if the entry matches. + It can be either ``+'' (allow access) or ``-'' (deny access) . + + ++oo The second field is a comma separated list of users or groups for + which the current entry applies. NIS netgroups can used (if config- + ured) if preceeded by @. The magic string ALL matches all users. A + group will match if the user is a member of that group, or it is the + user's primary group. + + ++oo The third field is a list of ttys, or network names. A network name + can be either a hostname, a domain (indicated by a starting period), + or a netgroup. As with the user list, ALL matches anything. LOCAL + matches a string not containing a period. + + If the string EXCEPT is found in either the user or from list, the rest + of the list are exceptions to the list before EXCEPT. + +BBUUGGSS + If there's a user and a group with the same name, there is no way to make + the group match if the user also matches. + +SSEEEE AALLSSOO + login(1) + +AAUUTTHHOORRSS + The llooggiinn__aacccceessss() function was written by Wietse Venema. This manual + page was written for Heimdal. + +HEIMDAL March 21, 2003 HEIMDAL diff --git a/appl/login/login.c b/appl/login/login.c index cc41097133bd..6b16f0b7157a 100644 --- a/appl/login/login.c +++ b/appl/login/login.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "login_locl.h" @@ -42,7 +42,7 @@ #include #endif -RCSID("$Id: login.c 16498 2006-01-09 16:26:25Z joda $"); +RCSID("$Id$"); static int login_timeout = 60; @@ -100,7 +100,7 @@ start_logout_process(void) execle(prog, argv0, NULL, env); err(1, "exec %s", prog); } - } else if(ret < 0) + } else if(ret < 0) err(1, "waitpid"); } } @@ -110,7 +110,7 @@ exec_shell(const char *shell, int fallback) { char *sh; const char *p; - + extend_env(NULL); if(start_login_process() < 0) warn("login process"); @@ -125,7 +125,7 @@ exec_shell(const char *shell, int fallback) errx(1, "Out of memory"); execle(shell, sh, NULL, env); if(fallback){ - warnx("Can't exec %s, trying %s", + warnx("Can't exec %s, trying %s", shell, _PATH_BSHELL); execle(_PATH_BSHELL, "-sh", NULL, env); err(1, "%s", _PATH_BSHELL); @@ -133,11 +133,7 @@ exec_shell(const char *shell, int fallback) err(1, "%s", shell); } -static enum { NONE = 0, AUTH_KRB4 = 1, AUTH_KRB5 = 2, AUTH_OTP = 3 } auth; - -#ifdef KRB4 -static krb5_boolean get_v4_tgt = FALSE; -#endif +static enum { NONE = 0, AUTH_KRB5 = 2, AUTH_OTP = 3 } auth; #ifdef OTP static OtpContext otp_ctx; @@ -165,88 +161,21 @@ krb5_verify(struct passwd *pwd, const char *password) ret = krb5_parse_name(context, pwd->pw_name, &princ); if(ret) return 1; - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); + ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, &id); if(ret) { krb5_free_principal(context, princ); return 1; } ret = krb5_verify_user_lrealm(context, - princ, + princ, id, - password, + password, 1, NULL); krb5_free_principal(context, princ); return ret; } -#ifdef KRB4 -static krb5_error_code -krb5_to4 (krb5_ccache id) -{ - krb5_error_code ret; - krb5_principal princ; - - ret = krb5_cc_get_principal(context, id, &princ); - if(ret == 0) { - krb5_appdefault_boolean(context, "login", - krb5_principal_get_realm(context, princ), - "krb4_get_tickets", FALSE, &get_v4_tgt); - krb5_free_principal(context, princ); - } else { - krb5_realm realm = NULL; - krb5_get_default_realm(context, &realm); - krb5_appdefault_boolean(context, "login", - realm, - "krb4_get_tickets", FALSE, &get_v4_tgt); - free(realm); - } - - if (get_v4_tgt) { - CREDENTIALS c; - krb5_creds mcred, cred; - char krb4tkfile[MAXPATHLEN]; - krb5_error_code ret; - krb5_principal princ; - - krb5_cc_clear_mcred(&mcred); - - ret = krb5_cc_get_principal (context, id, &princ); - if (ret) - return ret; - - ret = krb5_make_principal(context, &mcred.server, - princ->realm, - "krbtgt", - princ->realm, - NULL); - if (ret) { - krb5_free_principal(context, princ); - return ret; - } - mcred.client = princ; - - ret = krb5_cc_retrieve_cred(context, id, 0, &mcred, &cred); - if(ret == 0) { - ret = krb524_convert_creds_kdc_ccache(context, id, &cred, &c); - if(ret == 0) { - snprintf(krb4tkfile,sizeof(krb4tkfile),"%s%d",TKT_ROOT, - getuid()); - krb_set_tkt_string(krb4tkfile); - tf_setup(&c, c.pname, c.pinst); - } - memset(&c, 0, sizeof(c)); - krb5_free_cred_contents(context, &cred); - } - if (ret != 0) - get_v4_tgt = FALSE; - krb5_free_principal(context, mcred.server); - krb5_free_principal(context, mcred.client); - } - return 0; -} -#endif /* KRB4 */ - static int krb5_start_session (const struct passwd *pwd) { @@ -254,7 +183,7 @@ krb5_start_session (const struct passwd *pwd) char residual[64]; /* copy credentials to file cache */ - snprintf(residual, sizeof(residual), "FILE:/tmp/krb5cc_%u", + snprintf(residual, sizeof(residual), "FILE:/tmp/krb5cc_%u", (unsigned)pwd->pw_uid); krb5_cc_resolve(context, residual, &id2); ret = krb5_cc_copy_cache(context, id, id2); @@ -264,9 +193,6 @@ krb5_start_session (const struct passwd *pwd) krb5_cc_destroy (context, id2); return ret; } -#ifdef KRB4 - krb5_to4 (id2); -#endif krb5_cc_close(context, id2); krb5_cc_destroy(context, id); return 0; @@ -289,7 +215,7 @@ krb5_get_afs_tokens (const struct passwd *pwd) return; ret = krb5_cc_default(context, &id2); - + if (ret == 0) { pw_dir = pwd->pw_dir; @@ -309,63 +235,6 @@ krb5_get_afs_tokens (const struct passwd *pwd) #endif /* KRB5 */ -#ifdef KRB4 - -static int -krb4_verify(struct passwd *pwd, const char *password) -{ - char lrealm[REALM_SZ]; - int ret; - char ticket_file[MaxPathLen]; - - ret = krb_get_lrealm (lrealm, 1); - if (ret) - return 1; - - snprintf (ticket_file, sizeof(ticket_file), - "%s%u_%u", - TKT_ROOT, (unsigned)pwd->pw_uid, (unsigned)getpid()); - - krb_set_tkt_string (ticket_file); - - ret = krb_verify_user (pwd->pw_name, "", lrealm, (char *)password, - KRB_VERIFY_SECURE_FAIL, NULL); - if (ret) - return 1; - - if (chown (ticket_file, pwd->pw_uid, pwd->pw_gid) < 0) { - dest_tkt(); - return 1; - } - - add_env ("KRBTKFILE", ticket_file); - return 0; -} - -static void -krb4_get_afs_tokens (const struct passwd *pwd) -{ - char cell[64]; - char *pw_dir; - - if (!k_hasafs ()) - return; - - pw_dir = pwd->pw_dir; - - if (!pag_set) { - k_setpag(); - pag_set = 1; - } - - if(k_afs_cell_of_file(pw_dir, cell, sizeof(cell)) == 0) - krb_afslog_uid_home (cell, NULL, pwd->pw_uid, pwd->pw_dir); - - krb_afslog_uid_home (NULL, NULL, pwd->pw_uid, pwd->pw_dir); -} - -#endif /* KRB4 */ - static int f_flag; static int p_flag; #if 0 @@ -436,7 +305,7 @@ show_file(const char *file) fclose(f); } -/* +/* * Actually log in the user. `pwd' contains all the relevant * information about the user. `ttyn' is the complete name of the tty * and `tty' the short name. @@ -456,7 +325,7 @@ do_login(const struct passwd *pwd, char *tty, char *ttyn) if(!rootlogin) checknologin(); - + #ifdef HAVE_GETSPNAM sp = getspnam(pwd->pw_name); #endif @@ -496,7 +365,7 @@ do_login(const struct passwd *pwd, char *tty, char *ttyn) read_limits_conf(file, pwd); } - + #ifdef HAVE_SETPCRED if (setpcred (pwd->pw_name, NULL) == -1) warn("setpcred(%s)", pwd->pw_name); @@ -523,7 +392,7 @@ do_login(const struct passwd *pwd, char *tty, char *ttyn) /* make sure signals are set to default actions, apparently some OS:es like to ignore SIGINT, which is not very convenient */ - + for (i = 1; i < NSIG; ++i) signal(i, SIG_DFL); @@ -600,29 +469,12 @@ do_login(const struct passwd *pwd, char *tty, char *ttyn) if (auth == AUTH_KRB5) { krb5_start_session (pwd); } -#ifdef KRB4 - else if (auth == 0) { - krb5_error_code ret; - krb5_ccache id; - - ret = krb5_cc_default (context, &id); - if (ret == 0) { - krb5_to4 (id); - krb5_cc_close (context, id); - } - } -#endif /* KRB4 */ krb5_get_afs_tokens (pwd); krb5_finish (); #endif /* KRB5 */ -#ifdef KRB4 - if (auth == AUTH_KRB4 || get_v4_tgt) - krb4_get_afs_tokens (pwd); -#endif /* KRB4 */ - add_env("PATH", _PATH_DEFPATH); { @@ -682,12 +534,6 @@ check_password(struct passwd *pwd, const char *password) return 0; } #endif -#ifdef KRB4 - if (krb4_verify (pwd, password) == 0) { - auth = AUTH_KRB4; - return 0; - } -#endif #ifdef OTP if (otp_verify (pwd, password) == 0) { auth = AUTH_OTP; @@ -726,7 +572,7 @@ main(int argc, char **argv) int ask = 1; struct sigaction sa; - + setprogname(argv[0]); #ifdef KRB5 @@ -753,7 +599,7 @@ main(int argc, char **argv) print_version (NULL); return 0; } - + if (geteuid() != 0) errx(1, "only root may use login, use su"); @@ -841,7 +687,7 @@ main(int argc, char **argv) sig_handler(0); } } - + if(pwd == NULL){ fprintf(stderr, "Login incorrect.\n"); ask = 1; @@ -862,7 +708,7 @@ main(int argc, char **argv) tty = ttyn + strlen(_PATH_DEV); else tty = ttyn; - + if (login_access (pwd, remote_host ? remote_host : tty) == 0) { fprintf(stderr, "Permission denied\n"); if (remote_host) diff --git a/appl/login/login.cat1 b/appl/login/login.cat1 new file mode 100644 index 000000000000..155bd61b7bb1 --- /dev/null +++ b/appl/login/login.cat1 @@ -0,0 +1,164 @@ + +LOGIN(1) BSD General Commands Manual LOGIN(1) + +NNAAMMEE + llooggiinn -- authenticate a user and start new session + +SSYYNNOOPPSSIISS + llooggiinn [--ffpp] [--aa _l_e_v_e_l] [--hh _h_o_s_t_n_a_m_e] _[_u_s_e_r_n_a_m_e_] + +DDEESSCCRRIIPPTTIIOONN + This manual page documents the llooggiinn program distributed with the Heim- + dal Kerberos 5 implementation, it may differ in important ways from your + system version. + + The llooggiinn programs logs users into the system. It is intended to be run + by system daemons like getty(8) or telnetd(8). If you are already logged + in, but want to change to another user, you should use su(1). + + A username can be given on the command line, else one will be prompted + for. + + A password is required to login, unless the --ff option is given (indicat- + ing that the calling program has already done proper authentication). + With --ff the user will be logged in without further questions. + + For password authentication Kerberos 5, Kerberos 4 (if compiled in), OTP + (if compiled in) and local (_/_e_t_c_/_p_a_s_s_w_d) passwords are supported. OTP + will be used if the the user is registered to use it, and llooggiinn is given + the option --aa otp. When using OTP, a challenge is shown to the user. + + Further options are: + + --aa _s_t_r_i_n_g + Which authentication mode to use, the only supported value is + currently ``otp''. + + --ff Indicates that the user is already authenticated. This happens, + for instance, when login is started by telnetd, and the user has + proved authentic via Kerberos. + + --hh _h_o_s_t_n_a_m_e + Indicates which host the user is logging in from. This is passed + from telnetd, and is entered into the login database. + + --pp This tells llooggiinn to preserve all environment variables. If not + given, only the TERM and TZ variables are preserved. It could be + a security risk to pass random variables to llooggiinn or the user + shell, so the calling daemon should make sure it only passes + ``safe'' variables. + + The process of logging user in proceeds as follows. + + First a check is made that logins are allowed at all. This usually means + checking _/_e_t_c_/_n_o_l_o_g_i_n. If it exists, and the user trying to login is not + root, the contents is printed, and then login exits. + + Then various system parameters are set up, like changing the owner of the + tty to the user, setting up signals, setting the group list, and user and + group id. Also various machine specific tasks are performed. + + Next llooggiinn changes to the users home directory, or if that fails, to _/. + The environment is setup, by adding some required variables (such as + PATH), and also authentication related ones (such as KRB5CCNAME). If an + environment file exists (_/_e_t_c_/_e_n_v_i_r_o_n_m_e_n_t), variables are set according + to it. + + If one or more login message files are configured, their contents is + printed to the terminal. + + If a login time command is configured, it is executed. A logout time com- + mand can also be configured, which makes llooggiinn fork, and wait for the + user shell to exit, and then run the command. This can be used to clean + up user credentials. + + Finally, the user's shell is executed. If the user logging in is root, + and root's login shell does not exist, a default shell (usually _/_b_i_n_/_s_h) + is also tried before giving up. + +EENNVVIIRROONNMMEENNTT + These environment variables are set by login (not including ones set by + _/_e_t_c_/_e_n_v_i_r_o_n_m_e_n_t): + + PATH the default system path + HOME the user's home directory (or possibly _/) + USER, LOGNAME both set to the username + SHELL the user's shell + TERM, TZ set to whatever is passed to llooggiinn + KRB5CCNAME if the password is verified via Kerberos 5, this will + point to the credentials cache file + KRBTKFILE if the password is verified via Kerberos 4, this will + point to the ticket file + +FFIILLEESS + /etc/environment + Contains a set of environment variables that should be set in + addition to the ones above. It should contain sh-style assign- + ments like ``VARIABLE=value''. Note that they are not parsed the + way a shell would. No variable expansion is performed, and all + strings are literal, and quotation marks should not be used. + Everything after a hash mark is considered a comment. The follow- + ing are all different (the last will set the variable BAR, not + FOO). + + FOO=this is a string + FOO="this is a string" + BAR= FOO='this is a string' + /etc/login.access + See login.access(5). + /etc/login.conf + This is a termcap style configuration file, that contains various + settings used by llooggiinn. Currently only the ``default'' capabil- + ity record is used. The possible capability strings include: + + environment + This is a comma separated list of environment files that + are read in the order specified. If this is missing the + default _/_e_t_c_/_e_n_v_i_r_o_n_m_e_n_t is used. + login_program + This program will be executed just before the user's + shell is started. It will be called without arguments. + logout_program + This program will be executed just after the user's shell + has terminated. It will be called without arguments. This + program will be the parent process of the spawned shell. + motd A comma separated list of text files that will be printed + to the user's terminal before starting the shell. The + string welcome works similarly, but points to a single + file. + limits Points to a file containing ulimit settings for various + users. Syntax is inspired by what pam_limits uses, and + the default is _/_e_t_c_/_s_e_c_u_r_i_t_y_/_l_i_m_i_t_s_._c_o_n_f. + /etc/nologin + If it exists, login is denied to all but root. The contents of + this file is printed before login exits. + + Other llooggiinn programs typically print all sorts of information by default, + such as last time you logged in, if you have mail, and system message + files. This version of llooggiinn does not, so there is no reason for + _._h_u_s_h_l_o_g_i_n files or similar. We feel that these tasks are best left to + the user's shell, but the login_program facility allows for a shell inde- + pendent solution, if that is desired. + +EEXXAAMMPPLLEESS + A _l_o_g_i_n_._c_o_n_f file could look like: + + default:\ + :motd=/etc/motd,/etc/motd.local:\ + :limits=/etc/limits.conf: + + The _l_i_m_i_t_s_._c_o_n_f file consists of a table with four whitespace separated + fields. First field is a username or a groupname (prefixed with `@'), or + `*'. Second field is `soft', `hard', or `-' (the last meaning both soft + and hard). Third field is a limit name (such as `cpu' or `core'). Last + field is the limit value (a number or `-' for unlimited). In the case of + data sizes, the value is in kilobytes, and cputime is in minutes. + +SSEEEE AALLSSOO + su(1), login.access(5), getty(8), telnetd(8) + +AAUUTTHHOORRSS + This login program was written for the Heimdal Kerberos 5 implementation. + The login.access code was written by Wietse Venema. + +HEIMDAL April 22, 2005 HEIMDAL diff --git a/appl/login/login_access.c b/appl/login/login_access.c index e1bfe42ea1b8..71b1fb1aa274 100644 --- a/appl/login/login_access.c +++ b/appl/login/login_access.c @@ -25,7 +25,7 @@ #include "login_locl.h" -RCSID("$Id: login_access.c 10020 2001-06-04 14:10:19Z assar $"); +RCSID("$Id$"); /* Delimiters for fields and for lists of users, ttys or hosts. */ @@ -101,13 +101,13 @@ int login_access(struct passwd *user, char *from) || !(users = strtok_r(NULL, fs, &foo)) || !(froms = strtok_r(NULL, fs, &foo)) || strtok_r(NULL, fs, &foo)) { - syslog(LOG_ERR, "%s: line %d: bad field count", + syslog(LOG_ERR, "%s: line %d: bad field count", _PATH_LOGACCESS, lineno); continue; } if (perm[0] != '+' && perm[0] != '-') { - syslog(LOG_ERR, "%s: line %d: bad first field", + syslog(LOG_ERR, "%s: line %d: bad first field", _PATH_LOGACCESS, lineno); continue; diff --git a/appl/login/login_locl.h b/appl/login/login_locl.h index 08b960c9c719..020eac889d0e 100644 --- a/appl/login/login_locl.h +++ b/appl/login/login_locl.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: login_locl.h 17302 2006-04-27 09:17:01Z lha $ */ +/* $Id$ */ #ifndef __LOGIN_LOCL_H__ #define __LOGIN_LOCL_H__ @@ -84,9 +84,6 @@ #ifdef HAVE_RPCSVC_YPCLNT_H #include #endif -#ifdef KRB4 -#include -#endif #ifdef KRB5 #include #endif @@ -126,6 +123,14 @@ #endif #endif +/* if cygwin doesnt have WTMPX_FILE, it uses wtmp for wtmpx + * http://www.cygwin.com/ml/cygwin/2006-12/msg00630.html */ +#ifdef __CYGWIN__ +#ifndef WTMPX_FILE +#define WTMPX_FILE WTMP_FILE +#endif +#endif + #ifndef _PATH_LOGACCESS #define _PATH_LOGACCESS SYSCONFDIR "/login.access" #endif /* _PATH_LOGACCESS */ @@ -145,6 +150,6 @@ struct spwd; extern char **env; extern int num_env; -#include "login_protos.h" +#include "login-protos.h" #endif /* __LOGIN_LOCL_H__ */ diff --git a/appl/login/loginpaths.h b/appl/login/loginpaths.h index 141f81e2db5f..24ba2c0364ef 100644 --- a/appl/login/loginpaths.h +++ b/appl/login/loginpaths.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: loginpaths.h 17299 2006-04-27 09:14:20Z lha $ */ +/* $Id$ */ #ifndef __LOGIN_PATH_H #define __LOGIN_PATH_H diff --git a/appl/login/osfc2.c b/appl/login/osfc2.c index e9c367937d4c..d08b282e6b54 100644 --- a/appl/login/osfc2.c +++ b/appl/login/osfc2.c @@ -1,38 +1,38 @@ /* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "login_locl.h" -RCSID("$Id: osfc2.c 9704 2001-02-20 01:44:56Z assar $"); +RCSID("$Id$"); int do_osfc2_magic(uid_t uid) @@ -40,15 +40,15 @@ do_osfc2_magic(uid_t uid) #ifdef HAVE_OSFC2 struct es_passwd *epw; char *argv[2]; - + /* fake */ argv[0] = (char*)getprogname(); argv[1] = NULL; set_auth_parameters(1, argv); - + epw = getespwuid(uid); if(epw == NULL) { - syslog(LOG_AUTHPRIV|LOG_NOTICE, + syslog(LOG_AUTHPRIV|LOG_NOTICE, "getespwuid failed for %d", uid); printf("Sorry.\n"); return 1; @@ -59,17 +59,17 @@ do_osfc2_magic(uid_t uid) any other kind of serious C2 mumbo-jumbo. We do, however, call setluid, since failing to do so is not very good (take my word for it). */ - + if(!epw->uflg->fg_uid) { - syslog(LOG_AUTHPRIV|LOG_NOTICE, + syslog(LOG_AUTHPRIV|LOG_NOTICE, "attempted login by %s (has no uid)", epw->ufld->fd_name); printf("Sorry.\n"); return 1; } setluid(epw->ufld->fd_uid); if(getluid() != epw->ufld->fd_uid) { - syslog(LOG_AUTHPRIV|LOG_NOTICE, - "failed to set LUID for %s (%d)", + syslog(LOG_AUTHPRIV|LOG_NOTICE, + "failed to set LUID for %s (%d)", epw->ufld->fd_name, epw->ufld->fd_uid); printf("Sorry.\n"); return 1; diff --git a/appl/login/read_string.c b/appl/login/read_string.c index 925345e93098..eb61621a332b 100644 --- a/appl/login/read_string.c +++ b/appl/login/read_string.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "login_locl.h" -RCSID("$Id: read_string.c 18156 2006-09-22 15:42:39Z lha $"); +RCSID("$Id$"); static sig_atomic_t intr_flag; @@ -69,13 +69,13 @@ read_string(const char *prompt, char *buf, size_t len, int echo) sigemptyset(&sa.sa_mask); sa.sa_flags = 0; for(i = 1; i < sizeof(sigs) / sizeof(sigs[0]); i++) - if (i != SIGALRM) + if (i != SIGALRM) if (sigaction(i, &sa, &sigs[i]) == 0) oksigs[i] = 1; if((tty = fopen("/dev/tty", "r")) == NULL) tty = stdin; - + fprintf(stderr, "%s", prompt); fflush(stderr); @@ -103,19 +103,19 @@ read_string(const char *prompt, char *buf, size_t len, int echo) if(of) p--; *p = 0; - + if(echo == 0){ printf("\n"); tcsetattr(fileno(tty), TCSANOW, &t_old); } - + if(tty != stdin) fclose(tty); for(i = 1; i < sizeof(sigs) / sizeof(sigs[0]); i++) if (oksigs[i]) sigaction(i, &sigs[i], NULL); - + if(ret) return -3; if(intr_flag) diff --git a/appl/login/shadow.c b/appl/login/shadow.c index 081fe1cb7034..f8fb892eeaf1 100644 --- a/appl/login/shadow.c +++ b/appl/login/shadow.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "login_locl.h" -RCSID("$Id: shadow.c 7464 1999-12-02 17:05:13Z joda $"); +RCSID("$Id$"); #ifdef HAVE_SHADOW_H @@ -60,13 +60,13 @@ change_passwd(const struct passwd *who) } } -void +void check_shadow(const struct passwd *pw, const struct spwd *sp) { long today; today = time(0)/(24L * 60 * 60); - + if (sp == NULL) return; diff --git a/appl/login/stty_default.c b/appl/login/stty_default.c index df490489c974..286903f999bb 100644 --- a/appl/login/stty_default.c +++ b/appl/login/stty_default.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -33,7 +33,7 @@ #include "login_locl.h" -RCSID("$Id: stty_default.c 7464 1999-12-02 17:05:13Z joda $"); +RCSID("$Id$"); #include @@ -95,6 +95,6 @@ stty_default(void) termios.c_cc[VEOF] = Ctl('D'); termios.c_cc[VSUSP] = Ctl('Z'); - + tcsetattr(0, TCSANOW, &termios); } diff --git a/appl/login/tty.c b/appl/login/tty.c index 8dd68eece738..91873ec4fe4b 100644 --- a/appl/login/tty.c +++ b/appl/login/tty.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -33,7 +33,7 @@ #include "login_locl.h" -RCSID("$Id: tty.c 7464 1999-12-02 17:05:13Z joda $"); +RCSID("$Id$"); /* * Clean the tty name. Return a pointer to the cleaned version. @@ -61,7 +61,7 @@ char * make_id (char *tty) { char *res = tty; - + if (strncmp (res, "pts/", 4) == 0) res += 4; if (strncmp (res, "tty", 3) == 0) diff --git a/appl/login/utmp_login.c b/appl/login/utmp_login.c index 5f6c79c13979..da3d726da91e 100644 --- a/appl/login/utmp_login.c +++ b/appl/login/utmp_login.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -33,7 +33,7 @@ #include "login_locl.h" -RCSID("$Id: utmp_login.c 9661 2001-02-08 16:08:47Z assar $"); +RCSID("$Id$"); /* try to put something useful from hostname into dst, dst_sz: * full name, first component or address */ @@ -77,8 +77,12 @@ shrink_hostname (const char *hostname, } } +/* update utmp and wtmp - the BSD way */ + +#if !defined(HAVE_UTMPX_H) || (defined(WTMP_FILE) && !defined(WTMPX_FILE)) + void -prepare_utmp (struct utmp *utmp, char *tty, +prepare_utmp (struct utmp *utmp, char *tty, const char *username, const char *hostname) { char *ttyx = clean_ttyname (tty); @@ -117,16 +121,15 @@ prepare_utmp (struct utmp *utmp, char *tty, strncpy(utmp->ut_id, make_id(ttyx), sizeof(utmp->ut_id)); # endif } +#endif #ifdef HAVE_UTMPX_H void utmp_login(char *tty, const char *username, const char *hostname) -{ +{ return; } #else -/* update utmp and wtmp - the BSD way */ - void utmp_login(char *tty, const char *username, const char *hostname) { struct utmp utmp; @@ -159,4 +162,5 @@ void utmp_login(char *tty, const char *username, const char *hostname) close(fd); } } + #endif /* !HAVE_UTMPX_H */ diff --git a/appl/login/utmpx_login.c b/appl/login/utmpx_login.c index 5e25c09892dd..8a3f88b60d08 100644 --- a/appl/login/utmpx_login.c +++ b/appl/login/utmpx_login.c @@ -18,7 +18,7 @@ #include "login_locl.h" -RCSID("$Id: utmpx_login.c 10020 2001-06-04 14:10:19Z assar $"); +RCSID("$Id$"); /* utmpx_login - update utmp and wtmp after login */ @@ -51,7 +51,7 @@ utmpx_update(struct utmpx *ut, char *line, const char *user, const char *host) #ifdef WTMPX_FILE updwtmpx(WTMPX_FILE, ut); #elif defined(WTMP_FILE) - { + { /* XXX should be removed, just drop wtmp support */ struct utmp utmp; int fd; diff --git a/appl/otp/ChangeLog b/appl/otp/ChangeLog new file mode 100644 index 000000000000..76df17c6c1db --- /dev/null +++ b/appl/otp/ChangeLog @@ -0,0 +1,58 @@ +2006-10-07 Love Hörnquist Ã…strand + + * Makefile.am: Add man_MANS to EXTRA_DIST + +2005-05-29 Love Hörquist Ã…strand + + * Makefile.am: add LIB_roken as a explit dependency + +2003-09-03 Love Hörquist Ã…strand + + * otpprint.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ + + * otp.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ + +2003-02-25 Love Hörquist Ã…strand + + * otp.c: remove \n from errx, from NetBSD + +2000-11-29 Johan Danielsson + + * otpprint.1: sort parameters and close a list + + * otp.1: sort parameters and close a list + +1999-09-14 Assar Westerlund + + * otp.c (verify_user_otp): check return value from + des_read_pw_string + +Thu Apr 1 16:51:07 1999 Johan Danielsson + + * otpprint.c: use getarg + + * otp.c: use getarg + +Thu Mar 18 12:08:58 1999 Johan Danielsson + + * Makefile.am: include Makefile.am.common + +Thu Mar 4 19:45:40 1999 Johan Danielsson + + * Makefile.am: DESTDIR + +Sat Feb 27 19:44:25 1999 Johan Danielsson + + * Makefile.am: add + +Sun Nov 22 10:32:50 1998 Assar Westerlund + + * otpprint.c: more braces + + * Makefile.in (WFLAGS): set + +Sun Dec 21 09:31:30 1997 Assar Westerlund + + * otp.c (renew): don't set the OTP if the reading of the string + fails. + diff --git a/appl/otp/Makefile.am b/appl/otp/Makefile.am new file mode 100644 index 000000000000..07ab13882b25 --- /dev/null +++ b/appl/otp/Makefile.am @@ -0,0 +1,17 @@ +# $Id$ + +include $(top_srcdir)/Makefile.am.common + +AM_CPPFLAGS += $(INCLUDE_hcrypto) + +bin_PROGRAMS = otp otpprint +bin_SUIDS = otp +otp_SOURCES = otp.c otp_locl.h +otp_LDADD = $(LIB_hcrypto) $(LIB_roken) $(top_builddir)/lib/otp/libotp.la +otpprint_SOURCES = otpprint.c otp_locl.h + +otpprint_LDADD = $(LIB_hcrypto) $(LIB_roken) $(top_builddir)/lib/otp/libotp.la + +man_MANS = otp.1 otpprint.1 + +EXTRA_DIST = NTMakefile $(man_MANS) diff --git a/appl/otp/Makefile.in b/appl/otp/Makefile.in new file mode 100644 index 000000000000..85cc5e2a8af2 --- /dev/null +++ b/appl/otp/Makefile.in @@ -0,0 +1,958 @@ +# Makefile.in generated by automake 1.11.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# $Id$ + +# $Id$ + +# $Id$ + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ + $(top_srcdir)/Makefile.am.common \ + $(top_srcdir)/cf/Makefile.am.common ChangeLog +bin_PROGRAMS = otp$(EXEEXT) otpprint$(EXEEXT) +subdir = appl/otp +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ + $(top_srcdir)/cf/broken-getaddrinfo.m4 \ + $(top_srcdir)/cf/broken-glob.m4 \ + $(top_srcdir)/cf/broken-realloc.m4 \ + $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ + $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ + $(top_srcdir)/cf/capabilities.m4 \ + $(top_srcdir)/cf/check-compile-et.m4 \ + $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ + $(top_srcdir)/cf/check-man.m4 \ + $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ + $(top_srcdir)/cf/check-type-extra.m4 \ + $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ + $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ + $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/find-func-no-libs.m4 \ + $(top_srcdir)/cf/find-func-no-libs2.m4 \ + $(top_srcdir)/cf/find-func.m4 \ + $(top_srcdir)/cf/find-if-not-broken.m4 \ + $(top_srcdir)/cf/framework-security.m4 \ + $(top_srcdir)/cf/have-struct-field.m4 \ + $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ + $(top_srcdir)/cf/krb-bigendian.m4 \ + $(top_srcdir)/cf/krb-func-getlogin.m4 \ + $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ + $(top_srcdir)/cf/krb-readline.m4 \ + $(top_srcdir)/cf/krb-struct-spwd.m4 \ + $(top_srcdir)/cf/krb-struct-winsize.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ + $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ + $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ + $(top_srcdir)/cf/roken-frag.m4 \ + $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ + $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ + $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ + $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/include/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" +PROGRAMS = $(bin_PROGRAMS) +am_otp_OBJECTS = otp.$(OBJEXT) +otp_OBJECTS = $(am_otp_OBJECTS) +am__DEPENDENCIES_1 = +otp_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/otp/libotp.la +am_otpprint_OBJECTS = otpprint.$(OBJEXT) +otpprint_OBJECTS = $(am_otpprint_OBJECTS) +otpprint_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/otp/libotp.la +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(otp_SOURCES) $(otpprint_SOURCES) +DIST_SOURCES = $(otp_SOURCES) $(otpprint_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +man1dir = $(mandir)/man1 +MANS = $(man_MANS) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMTAR = @AMTAR@ +AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +COMPILE_ET = @COMPILE_ET@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ +DBLIB = @DBLIB@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DIR_com_err = @DIR_com_err@ +DIR_hcrypto = @DIR_hcrypto@ +DIR_hdbdir = @DIR_hdbdir@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GREP = @GREP@ +GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ +INCLUDE_hcrypto = @INCLUDE_hcrypto@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ +INCLUDE_openldap = @INCLUDE_openldap@ +INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBADD_roken = @LIBADD_roken@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_NDBM = @LIB_NDBM@ +LIB_XauFileName = @LIB_XauFileName@ +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_XauWriteAuth = @LIB_XauWriteAuth@ +LIB_bswap16 = @LIB_bswap16@ +LIB_bswap32 = @LIB_bswap32@ +LIB_com_err = @LIB_com_err@ +LIB_com_err_a = @LIB_com_err_a@ +LIB_com_err_so = @LIB_com_err_so@ +LIB_crypt = @LIB_crypt@ +LIB_db_create = @LIB_db_create@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ +LIB_door_create = @LIB_door_create@ +LIB_freeaddrinfo = @LIB_freeaddrinfo@ +LIB_gai_strerror = @LIB_gai_strerror@ +LIB_getaddrinfo = @LIB_getaddrinfo@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_gethostbyname2 = @LIB_gethostbyname2@ +LIB_getnameinfo = @LIB_getnameinfo@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_hcrypto = @LIB_hcrypto@ +LIB_hcrypto_a = @LIB_hcrypto_a@ +LIB_hcrypto_appl = @LIB_hcrypto_appl@ +LIB_hcrypto_so = @LIB_hcrypto_so@ +LIB_hesiod = @LIB_hesiod@ +LIB_hstrerror = @LIB_hstrerror@ +LIB_kdb = @LIB_kdb@ +LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ +LIB_loadquery = @LIB_loadquery@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_openldap = @LIB_openldap@ +LIB_openpty = @LIB_openpty@ +LIB_otp = @LIB_otp@ +LIB_pidfile = @LIB_pidfile@ +LIB_readline = @LIB_readline@ +LIB_res_ndestroy = @LIB_res_ndestroy@ +LIB_res_nsearch = @LIB_res_nsearch@ +LIB_res_search = @LIB_res_search@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ +STRIP = @STRIP@ +VERSION = @VERSION@ +VERSIONING = @VERSIONING@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +XMKMF = @XMKMF@ +X_CFLAGS = @X_CFLAGS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_LIBS = @X_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dpagaix_cflags = @dpagaix_cflags@ +dpagaix_ldadd = @dpagaix_ldadd@ +dpagaix_ldflags = @dpagaix_ldflags@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +subdirs = @subdirs@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_hcrypto) +@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME +AM_CFLAGS = $(WFLAGS) +CP = cp +buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_setpcred = @LIB_setpcred@ +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal +NROFF_MAN = groff -mandoc -Tascii +LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la + +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la +@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la +bin_SUIDS = otp +otp_SOURCES = otp.c otp_locl.h +otp_LDADD = $(LIB_hcrypto) $(LIB_roken) $(top_builddir)/lib/otp/libotp.la +otpprint_SOURCES = otpprint.c otp_locl.h +otpprint_LDADD = $(LIB_hcrypto) $(LIB_roken) $(top_builddir)/lib/otp/libotp.la +man_MANS = otp.1 otpprint.1 +EXTRA_DIST = NTMakefile $(man_MANS) +all: all-am + +.SUFFIXES: +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/otp/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/otp/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-binPROGRAMS: $(bin_PROGRAMS) + @$(NORMAL_INSTALL) + test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done + +uninstall-binPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files + +clean-binPROGRAMS: + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +otp$(EXEEXT): $(otp_OBJECTS) $(otp_DEPENDENCIES) + @rm -f otp$(EXEEXT) + $(LINK) $(otp_OBJECTS) $(otp_LDADD) $(LIBS) +otpprint$(EXEEXT): $(otpprint_OBJECTS) $(otpprint_DEPENDENCIES) + @rm -f otpprint$(EXEEXT) + $(LINK) $(otpprint_OBJECTS) $(otpprint_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otp.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otpprint.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-man1: $(man_MANS) + @$(NORMAL_INSTALL) + test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + +uninstall-man1: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$(top_distdir)" distdir="$(distdir)" \ + dist-hook +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +all-am: Makefile $(PROGRAMS) $(MANS) all-local +installdirs: + for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-man + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-data-hook +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: install-binPROGRAMS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: install-man1 + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-binPROGRAMS uninstall-man + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) uninstall-hook +uninstall-man: uninstall-man1 + +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am + +.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ + clean clean-binPROGRAMS clean-generic clean-libtool ctags \ + dist-hook distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-binPROGRAMS \ + install-data install-data-am install-data-hook install-dvi \ + install-dvi-am install-exec install-exec-am install-exec-hook \ + install-html install-html-am install-info install-info-am \ + install-man install-man1 install-pdf install-pdf-am install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-binPROGRAMS uninstall-hook \ + uninstall-man uninstall-man1 + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) + @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done ; \ + foo='$(nobase_include_HEADERS)'; \ + for f in $$foo; do \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers + +check-local:: + @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ + foo=''; elif test '$(CHECK_LOCAL)'; then \ + foo='$(CHECK_LOCAL)'; else \ + foo='$(PROGRAMS)'; fi; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0 || exit 1; \ + fi + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +uninstall-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +install-data-hook: install-cat-mans +uninstall-hook: uninstall-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +# +# Useful target for debugging +# + +check-valgrind: + tobjdir=`cd $(top_builddir) && pwd` ; \ + tsrcdir=`cd $(top_srcdir) && pwd` ; \ + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check + +# +# Target to please samba build farm, builds distfiles in-tree. +# Will break when automake changes... +# + +distdir-in-tree: $(DISTFILES) $(INFO_DEPS) + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" != .; then \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ + fi ; \ + done + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/appl/otp/NTMakefile b/appl/otp/NTMakefile new file mode 100644 index 000000000000..6256309938fc --- /dev/null +++ b/appl/otp/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\otp + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/otp/otp.1 b/appl/otp/otp.1 new file mode 100644 index 000000000000..86769486e223 --- /dev/null +++ b/appl/otp/otp.1 @@ -0,0 +1,90 @@ +.\" Copyright (c) 1996, 2000 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd November 17, 1996 +.Dt OTP 1 +.Os KTH-KRB +.Sh NAME +.Nm otp +.Nd manages one-time passwords +.Sh SYNOPSIS +.Nm otp +.Op Fl dhlor +.Op Fl f Ar algorithm +.Op Fl u Ar user +.Ar sequence-number +.Ar seed +.Sh DESCRIPTION +The +.Nm +program initializes and updates your current series of one-time +passwords (OTPs). +.Pp +Use this to set a new series of one-time passwords. Only perform this +on the console or over an encrypted link as you will have to supply +your pass-phrase. The other two parameters are +.Ar sequence-number +and +.Ar seed . +.Pp +Options are: +.Bl -tag -width Ds +.It Fl d +To delete a one-time password. +.It Fl f +Choose a different +.Ar algorithm +from the default md5. Pick any of: md4, md5, and sha. +.It Fl h +For getting a help message. +.It Fl l +List the current table of one-time passwords. +.It Fl o +To open (unlock) the otp-entry for a user. +.It Fl r +To renew a one-time password series. This operation can be performed +over an potentially eavesdropped link because you do not supply the +pass-phrase. First you need to supply the current one-time password +and then the new one corresponding to the supplied +.Ar sequence-number +and +.Ar seed . +.It Fl u +To choose a different +.Ar user +to set one-time passwords for. This only works when running +.Nm +as root. +.El +.Sh SEE ALSO +.Xr otpprint 1 diff --git a/appl/otp/otp.c b/appl/otp/otp.c new file mode 100644 index 000000000000..ef3e4ab1554f --- /dev/null +++ b/appl/otp/otp.c @@ -0,0 +1,366 @@ +/* + * Copyright (c) 1995-1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "otp_locl.h" +#include + +RCSID("$Id$"); + +static int listp; +static int deletep; +static int openp; +static int renewp; +static char* alg_string; +static char *user; +static int version_flag; +static int help_flag; + +struct getargs args[] = { + { "list", 'l', arg_flag, &listp, "list OTP status" }, + { "delete", 'd', arg_flag, &deletep, "delete OTP" }, + { "open", 'o', arg_flag, &openp, "open a locked OTP" }, + { "renew", 'r', arg_flag, &renewp, "securely renew OTP" }, + { "hash", 'f', arg_string, &alg_string, + "hash algorithm (md4, md5, or sha)", "algorithm"}, + { "user", 'u', arg_string, &user, + "user other than current user (root only)", "user" }, + { "version", 0, arg_flag, &version_flag }, + { "help", 'h', arg_flag, &help_flag } +}; + +int num_args = sizeof(args) / sizeof(args[0]); + +static void +usage(int code) +{ + arg_printusage(args, num_args, NULL, "[num seed]"); + exit(code); +} + +/* + * Renew the OTP for a user. + * The pass-phrase is not required (RFC 1938/8.0) + */ + +static int +renew (int argc, char **argv, OtpAlgorithm *alg, char *user) +{ + OtpContext newctx, *ctx; + char prompt[128]; + char pw[64]; + void *dbm; + int ret; + + newctx.alg = alg; + newctx.user = user; + newctx.n = atoi (argv[0]); + strlcpy (newctx.seed, argv[1], sizeof(newctx.seed)); + strlwr(newctx.seed); + snprintf (prompt, sizeof(prompt), + "[ otp-%s %u %s ]", + newctx.alg->name, + newctx.n, + newctx.seed); + if (UI_UTIL_read_pw_string (pw, sizeof(pw), prompt, 0) == 0 && + otp_parse (newctx.key, pw, alg) == 0) { + ctx = &newctx; + ret = 0; + } else + return 1; + + dbm = otp_db_open (); + if (dbm == NULL) { + warnx ("otp_db_open failed"); + return 1; + } + otp_put (dbm, ctx); + otp_db_close (dbm); + return ret; +} + +/* + * Return 0 if the user could enter the next OTP. + * I would rather have returned !=0 but it's shell-like here around. + */ + +static int +verify_user_otp(char *username) +{ + OtpContext ctx; + char passwd[OTP_MAX_PASSPHRASE + 1]; + char prompt[128], ss[256]; + + if (otp_challenge (&ctx, username, ss, sizeof(ss)) != 0) { + warnx("no otp challenge found for %s", username); + return 1; + } + + snprintf (prompt, sizeof(prompt), "%s's %s Password: ", username, ss); + if(UI_UTIL_read_pw_string(passwd, sizeof(passwd)-1, prompt, 0)) + return 1; + return otp_verify_user (&ctx, passwd); +} + +/* + * Set the OTP for a user + */ + +static int +set (int argc, char **argv, OtpAlgorithm *alg, char *user) +{ + void *db; + OtpContext ctx; + char pw[OTP_MAX_PASSPHRASE + 1]; + int ret; + int i; + + ctx.alg = alg; + ctx.user = strdup (user); + if (ctx.user == NULL) + err (1, "out of memory"); + + ctx.n = atoi (argv[0]); + strlcpy (ctx.seed, argv[1], sizeof(ctx.seed)); + strlwr(ctx.seed); + do { + if (UI_UTIL_read_pw_string (pw, sizeof(pw), "Pass-phrase: ", 1)) + return 1; + if (strlen (pw) < OTP_MIN_PASSPHRASE) + printf ("Too short pass-phrase. Use at least %d characters\n", + OTP_MIN_PASSPHRASE); + } while(strlen(pw) < OTP_MIN_PASSPHRASE); + ctx.alg->init (ctx.key, pw, ctx.seed); + for (i = 0; i < ctx.n; ++i) + ctx.alg->next (ctx.key); + db = otp_db_open (); + if(db == NULL) { + free (ctx.user); + err (1, "otp_db_open failed"); + } + ret = otp_put (db, &ctx); + otp_db_close (db); + free (ctx.user); + return ret; +} + +/* + * Delete otp of user from the database + */ + +static int +delete_otp (int argc, char **argv, char *user) +{ + void *db; + OtpContext ctx; + int ret; + + db = otp_db_open (); + if(db == NULL) + errx (1, "otp_db_open failed"); + + ctx.user = user; + ret = otp_delete(db, &ctx); + otp_db_close (db); + return ret; +} + +/* + * Tell whether the user has an otp + */ + +static int +has_an_otp(char *user) +{ + void *db; + OtpContext ctx; + int ret; + + db = otp_db_open (); + if(db == NULL) { + warnx ("otp_db_open failed"); + return 0; /* if no db no otp! */ + } + + ctx.user = user; + ret = otp_simple_get(db, &ctx); + + otp_db_close (db); + return !ret; +} + +/* + * Get and print out the otp entry for some user + */ + +static void +print_otp_entry_for_name (void *db, char *user) +{ + OtpContext ctx; + + ctx.user = user; + if (!otp_simple_get(db, &ctx)) { + fprintf(stdout, + "%s\totp-%s %d %s", + ctx.user, ctx.alg->name, ctx.n, ctx.seed); + if (ctx.lock_time) + fprintf(stdout, + "\tlocked since %s", + ctime(&ctx.lock_time)); + else + fprintf(stdout, "\n"); + } +} + +static int +open_otp (int argc, char **argv, char *user) +{ + void *db; + OtpContext ctx; + int ret; + + db = otp_db_open (); + if (db == NULL) + errx (1, "otp_db_open failed"); + + ctx.user = user; + ret = otp_simple_get (db, &ctx); + if (ret == 0) + ret = otp_put (db, &ctx); + otp_db_close (db); + return ret; +} + +/* + * Print otp entries for one or all users + */ + +static int +list_otps (int argc, char **argv, char *user) +{ + void *db; + struct passwd *pw; + + db = otp_db_open (); + if(db == NULL) + errx (1, "otp_db_open failed"); + + if (user) + print_otp_entry_for_name(db, user); + else + /* scans all users... so as to get a deterministic order */ + while ((pw = getpwent())) + print_otp_entry_for_name(db, pw->pw_name); + + otp_db_close (db); + return 0; +} + +int +main (int argc, char **argv) +{ + int defaultp = 0; + int uid = getuid(); + OtpAlgorithm *alg = otp_find_alg (OTP_ALG_DEFAULT); + int optind = 0; + + setprogname (argv[0]); + if(getarg(args, num_args, argc, argv, &optind)) + usage(1); + if(help_flag) + usage(0); + if(version_flag) { + print_version(NULL); + exit(0); + } + + if(deletep && uid != 0) + errx (1, "Only root can delete OTPs"); + if(alg_string) { + alg = otp_find_alg (alg_string); + if (alg == NULL) + errx (1, "Unknown algorithm: %s", alg_string); + } + if (user && uid != 0) + errx (1, "Only root can use `-u'"); + argc -= optind; + argv += optind; + + if (!(listp || deletep || renewp || openp)) + defaultp = 1; + + if ( listp + deletep + renewp + defaultp + openp != 1) + usage(1); /* one of -d or -l or -r or none */ + + if(deletep || openp || listp) { + if(argc != 0) + errx(1, "delete, open, and list requires no arguments"); + } else { + if(argc != 2) + errx(1, "setup, and renew requires `num', and `seed'"); + } + if (listp) + return list_otps (argc, argv, user); + + if (user == NULL) { + struct passwd *pwd; + + pwd = k_getpwuid(uid); + if (pwd == NULL) + err (1, "You don't exist"); + user = pwd->pw_name; + } + + /* + * users other that root must provide the next OTP to update the sequence. + * it avoids someone to use a pending session to change an OTP sequence. + * see RFC 1938/8.0. + */ + if (uid != 0 && (defaultp || renewp)) { + if (!has_an_otp(user)) { + errx (1, "Only root can set an initial OTP"); + } else { /* Check the next OTP (RFC 1938/8.0: SHOULD) */ + if (verify_user_otp(user) != 0) { + errx (1, "User authentification failed"); + } + } + } + + if (deletep) + return delete_otp (argc, argv, user); + else if (renewp) + return renew (argc, argv, alg, user); + else if (openp) + return open_otp (argc, argv, user); + else + return set (argc, argv, alg, user); +} diff --git a/appl/otp/otp.cat1 b/appl/otp/otp.cat1 new file mode 100644 index 000000000000..9e0a1de33b3a --- /dev/null +++ b/appl/otp/otp.cat1 @@ -0,0 +1,43 @@ + +OTP(1) BSD General Commands Manual OTP(1) + +NNAAMMEE + oottpp -- manages one-time passwords + +SSYYNNOOPPSSIISS + oottpp [--ddhhlloorr] [--ff _a_l_g_o_r_i_t_h_m] [--uu _u_s_e_r] _s_e_q_u_e_n_c_e_-_n_u_m_b_e_r _s_e_e_d + +DDEESSCCRRIIPPTTIIOONN + The oottpp program initializes and updates your current series of one-time + passwords (OTPs). + + Use this to set a new series of one-time passwords. Only perform this on + the console or over an encrypted link as you will have to supply your + pass-phrase. The other two parameters are _s_e_q_u_e_n_c_e_-_n_u_m_b_e_r and _s_e_e_d. + + Options are: + + --dd To delete a one-time password. + + --ff Choose a different _a_l_g_o_r_i_t_h_m from the default md5. Pick any of: + md4, md5, and sha. + + --hh For getting a help message. + + --ll List the current table of one-time passwords. + + --oo To open (unlock) the otp-entry for a user. + + --rr To renew a one-time password series. This operation can be per- + formed over an potentially eavesdropped link because you do not + supply the pass-phrase. First you need to supply the current + one-time password and then the new one corresponding to the sup- + plied _s_e_q_u_e_n_c_e_-_n_u_m_b_e_r and _s_e_e_d. + + --uu To choose a different _u_s_e_r to set one-time passwords for. This + only works when running oottpp as root. + +SSEEEE AALLSSOO + otpprint(1) + +KTH-KRB November 17, 1996 KTH-KRB diff --git a/lib/45/45_locl.h b/appl/otp/otp_locl.h similarity index 65% rename from lib/45/45_locl.h rename to appl/otp/otp_locl.h index 8104179d5bba..76f0ac4f47cc 100644 --- a/lib/45/45_locl.h +++ b/appl/otp/otp_locl.h @@ -1,52 +1,56 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifndef __45_LOCL_H__ -#define __45_LOCL_H__ +/* $Id$ */ #ifdef HAVE_CONFIG_H #include #endif -#include +#include #include - -#ifdef HAVE_SYS_TIME_H -#include +#include +#include +#ifdef HAVE_SYS_TYPES_H +#include #endif - -#include -#include -#include - -#endif /* __45_LOCL_H__ */ +#ifdef HAVE_UNISTD_H +#include +#endif +#ifdef HAVE_PWD_H +#include +#endif +#include +#include +#include "crypto-headers.h" /* for des_read_pw_string */ +#include diff --git a/lib/krb5/krb5_crypto_init.3 b/appl/otp/otpprint.1 similarity index 61% rename from lib/krb5/krb5_crypto_init.3 rename to appl/otp/otpprint.1 index 822006e08f4c..8045933980d7 100644 --- a/lib/krb5/krb5_crypto_init.3 +++ b/appl/otp/otpprint.1 @@ -1,4 +1,4 @@ -.\" Copyright (c) 1999 Kungliga Tekniska Högskolan +.\" Copyright (c) 1996, 2000 - 2001 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,39 +29,54 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_crypto_init.3 13563 2004-03-20 12:00:01Z lha $ +.\" $Id$ .\" -.Dd April 7, 1999 -.Dt NAME 3 -.Os HEIMDAL +.Dd November 17, 1996 +.Dt OTP 1 +.Os KTH-KRB .Sh NAME -.Nm krb5_crypto_destroy , -.Nm krb5_crypto_init -.Nd encryption support in krb5 -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) +.Nm otpprint +.Nd print lists of one-time passwords .Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn krb5_crypto_init "krb5_context context" "krb5_keyblock *key" "krb5_enctype enctype" "krb5_crypto *crypto" -.Ft krb5_error_code -.Fn krb5_crypto_destroy "krb5_context context" "krb5_crypto crypto" +.Nm otp +.Op Fl n Ar count +.Op Fl e +.Op Fl h +.Op Fl f Ar algorithm +.Ar sequence-number +.Ar seed .Sh DESCRIPTION -Heimdal exports parts of the Kerberos crypto interface for applications. +The +.Nm +program prints lists of OTPs. .Pp -Each kerberos encrytion/checksum function takes a crypto context. +Use this to print out a series of one-time passwords. You will have +to supply the +.Ar sequence number +and the +.Ar seed +as arguments and then the program will prompt you for your pass-phrase. .Pp -To setup and destroy crypto contextes there are two functions -.Fn krb5_crypto_init -and -.Fn krb5_crypto_destroy . -The encryption type to use is taken from the key, but can be overridden -with the -.Fa enctype parameter . -This can be useful for encryptions types which is compatiable (DES for -example). -.\" .Sh EXAMPLE -.\" .Sh BUGS +There are several different print formats. The default is to print +each password with six short english words. +.Pp +Options are: +.Bl -tag -width Ds +.It Fl e +Print the passwords in ``extended'' format. In this format a prefix +that says ``hex:'' or ``word:'' is included. +.It Fl f +To choose a different +.Ar algorithm +from the default md5. Pick any of: md4, md5, and sha. +.It Fl h +Print the passwords in hex. +.It Fl n +Print +.Ar count +one-time passwords, starting at +.Ar sequence-number +and going backwards. The default is 10. +.El .Sh SEE ALSO -.Xr krb5_create_checksum 3 , -.Xr krb5_encrypt 3 +.Xr otp 1 diff --git a/appl/otp/otpprint.c b/appl/otp/otpprint.c new file mode 100644 index 000000000000..662afeb467f0 --- /dev/null +++ b/appl/otp/otpprint.c @@ -0,0 +1,135 @@ +/* + * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "otp_locl.h" +#include + +RCSID("$Id$"); + +static int extendedp; +static int count = 10; +static int hexp; +static char* alg_string; +static int version_flag; +static int help_flag; + +struct getargs args[] = { + { "extended", 'e', arg_flag, &extendedp, "print keys in extended format" }, + { "count", 'n', arg_integer, &count, "number of keys to print" }, + { "hexadecimal", 'h', arg_flag, &hexp, "output in hexadecimal" }, + { "hash", 'f', arg_string, &alg_string, + "hash algorithm (md4, md5, or sha)", "algorithm"}, + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag, &help_flag } +}; + +int num_args = sizeof(args) / sizeof(args[0]); + +static void +usage(int code) +{ + arg_printusage(args, num_args, NULL, "num seed"); + exit(code); +} + +static int +print (int argc, + char **argv, + int count, + OtpAlgorithm *alg, + void (*print_fn)(OtpKey, char *, size_t)) +{ + char pw[64]; + OtpKey key; + int n; + int i; + char *seed; + + if (argc != 2) + usage (1); + n = atoi(argv[0]); + seed = argv[1]; + if (UI_UTIL_read_pw_string (pw, sizeof(pw), "Pass-phrase: ", 0)) + return 1; + alg->init (key, pw, seed); + for (i = 0; i < n; ++i) { + char s[64]; + + alg->next (key); + if (i >= n - count) { + (*print_fn)(key, s, sizeof(s)); + printf ("%d: %s\n", i + 1, s); + } + } + return 0; +} + +int +main (int argc, char **argv) +{ + int optind = 0; + void (*fn)(OtpKey, char *, size_t); + OtpAlgorithm *alg = otp_find_alg (OTP_ALG_DEFAULT); + + setprogname (argv[0]); + if(getarg(args, num_args, argc, argv, &optind)) + usage(1); + if(help_flag) + usage(0); + if(version_flag) { + print_version(NULL); + exit(0); + } + + if(alg_string) { + alg = otp_find_alg (alg_string); + if (alg == NULL) + errx(1, "Unknown algorithm: %s", alg_string); + } + argc -= optind; + argv += optind; + + if (hexp) { + if (extendedp) + fn = otp_print_hex_extended; + else + fn = otp_print_hex; + } else { + if (extendedp) + fn = otp_print_stddict_extended; + else + fn = otp_print_stddict; + } + + return print (argc, argv, count, alg, fn); +} diff --git a/appl/otp/otpprint.cat1 b/appl/otp/otpprint.cat1 new file mode 100644 index 000000000000..00479b0676e6 --- /dev/null +++ b/appl/otp/otpprint.cat1 @@ -0,0 +1,36 @@ + +OTP(1) BSD General Commands Manual OTP(1) + +NNAAMMEE + oottpppprriinntt -- print lists of one-time passwords + +SSYYNNOOPPSSIISS + oottpp [--nn _c_o_u_n_t] [--ee] [--hh] [--ff _a_l_g_o_r_i_t_h_m] _s_e_q_u_e_n_c_e_-_n_u_m_b_e_r _s_e_e_d + +DDEESSCCRRIIPPTTIIOONN + The oottpppprriinntt program prints lists of OTPs. + + Use this to print out a series of one-time passwords. You will have to + supply the _s_e_q_u_e_n_c_e _n_u_m_b_e_r and the _s_e_e_d as arguments and then the program + will prompt you for your pass-phrase. + + There are several different print formats. The default is to print each + password with six short english words. + + Options are: + + --ee Print the passwords in ``extended'' format. In this format a + prefix that says ``hex:'' or ``word:'' is included. + + --ff To choose a different _a_l_g_o_r_i_t_h_m from the default md5. Pick any + of: md4, md5, and sha. + + --hh Print the passwords in hex. + + --nn Print _c_o_u_n_t one-time passwords, starting at _s_e_q_u_e_n_c_e_-_n_u_m_b_e_r and + going backwards. The default is 10. + +SSEEEE AALLSSOO + otp(1) + +KTH-KRB November 17, 1996 KTH-KRB diff --git a/appl/popper/ChangeLog b/appl/popper/ChangeLog new file mode 100644 index 000000000000..b5d2d7571b21 --- /dev/null +++ b/appl/popper/ChangeLog @@ -0,0 +1,269 @@ +2006-11-20 Love Hörnquist Ã…strand + + * pop_pass.c: Make krb5_get_init_creds_opt_free take a context + argument. + +2006-10-07 Love Hörnquist Ã…strand + + * Makefile.am: Add man_MANS to EXTRA_DIST + +2006-05-05 Love Hörnquist Ã…strand + + * Rename u_intXX_t to uintXX_t + +2005-10-22 Love Hörnquist Ã…strand + + * pop_dropinfo.c: Check return value from asprintf instead of + string != NULL since it undefined behavior on Linux. From Björn + Sandell + +2005-05-29 Love Hörnquist Ã…strand + + * pop_user.c: avoid 'unused variable' warnings + +2005-05-10 Dave Love + + * pop_pass.c: Include . + +2004-08-27 Johan Danielsson + + * popper.c: add message to NOOP result to appease gcc + +2004-06-14 Johan Danielsson + + * Makefile.am: SASL + + * pop_auth.[ch], auth_gssapi.c, auth_krb4.c : improved SASL + support + + * pop_get_command.c: add SASL hooks + + * pop_user.c: if using SASL, don't allow plaintext USER/PASS + + * pop_init.c: recognise sasl auth level + + * popper.h: add AUTH_SASL flag + +2003-12-20 Love Hörnquist Ã…strand + + * popper.c (main): avoid warning by sending empty string as + formatstring instead of NULL (even though pop_msg handles that + too) + +2003-10-10 Johan Danielsson + + * pop_init.c (pop_init): change call to authentication function, + from a ?: construct (which toubles some versions of gcc) to if; + from Björn Grönvall + +2003-09-03 Love Hörnquist Ã…strand + + * pop_pass.c: use + krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free + +2003-09-02 Love Hörnquist Ã…strand + + * popper.c (tgets): avoid be clobbered by `longjmp' or `vfork' + warning + +2003-04-16 Love Hörnquist Ã…strand + + * popper.8: spelling, from jmc + +2002-07-04 Johan Danielsson + + * pop_dropcopy.c: use RESP-CODES + + * pop_get_command.c: implement CAPA + + * popper.c: don't print our version in the greeting string + + * popper.h: add a flags parameter to the pop context + +2002-05-02 Johan Danielsson + + * pop_debug.c: revert some accidentally commited code in previous + +2002-02-07 Johan Danielsson + + * pop_debug.c: only claim krb5 support if really present + +2001-09-10 Johan Danielsson + + * maildir.c: replace MAXDROPLEN with MAXPATHLEN + + * popper.h: replace MAXDROPLEN with MAXPATHLEN + +2001-08-13 Johan Danielsson + + * popper.8: rewritten man page + +2000-12-31 Assar Westerlund + + * pop_init.c (pop_init): handle krb5_init_context failure + consistently + * pop_debug.c (doit_v5): handle krb5_init_context failure + consistently + +2000-06-10 Assar Westerlund + + * pop_init.c (krb4_authenticate): do not exit on failure, just + return + (krb5_authenticate): log errors from krb5_recvauth + +2000-04-12 Assar Westerlund + + * *.c: replace all erroneous calls to pop_log with POP_FAILURE + with POP_PRIORITY. reported by Janne Johansson ' + +2000-01-27 Assar Westerlund + + * pop_debug.c (main): figure out port number + +1999-12-20 Assar Westerlund + + * pop_init.c (pop_init): use getnameinfo_verified + + * pop_debug.c (get_socket): use getaddrinfo + +1999-12-03 Johan Danielsson + + * pop_init.c: optionally trace connected addresses to a file + +1999-11-02 Assar Westerlund + + * pop_debug.c (main): redo the v4/v5 selection for consistency. + -4 -> try only v4 -5 -> try only v5 none, -45 -> try v5, v4 + +1999-10-16 Johan Danielsson + + * pop_init.c (krb5_authenticate): don't use the principal + associated with the socket for authentication, instead let + krb5_rd_req pick the correct one from the ticket; just check that + it actually was a pop-ticket + +1999-08-12 Johan Danielsson + + * pop_init.c (pop_init): don't freehostent if ch == NULL + + * pop_dele.c: implement XDELE to delete a range of messages + +1999-08-05 Assar Westerlund + + * pop_init.c: v6-ify + + * pop_debug.c: v6-ify + +1999-05-10 Assar Westerlund + + * pop_debug.c (doit_v5): call krb5_sendauth with ccache == NULL + +1999-04-11 Assar Westerlund + + * pop_debug.c (main): use print_version + +Thu Apr 8 15:07:11 1999 Johan Danielsson + + * pop_pass.c: remove definition of KRB_VERIFY_USER (moved to + config.h) + +Thu Mar 18 12:55:42 1999 Johan Danielsson + + * pop_pass.c: define KRB_VERIFY_SECURE if not defined + + * Makefile.am: include Makefile.am.common + +Wed Mar 17 23:36:21 1999 Assar Westerlund + + * pop_pass.c (krb4_verify_password): use KRB_VERIFY_SECURE instead + of 1 + +Tue Mar 16 22:28:52 1999 Assar Westerlund + + * pop_pass.c: krb_verify_user_multiple -> krb_verify_user + +Sat Mar 13 22:17:29 1999 Assar Westerlund + + * pop_parse.c (pop_parse): cast when calling is* to get rid of a + warning + +Mon Mar 8 11:50:06 1999 Johan Danielsson + + * pop_init.c: use print_version + +Fri Mar 5 15:14:29 1999 Johan Danielsson + + * pop_send.c: fix handling of messages w/o body + +Sun Nov 22 10:33:29 1998 Assar Westerlund + + * pop_pass.c (pop_pass): try to always log + + * Makefile.in (WFLAGS): set + +Fri Jul 10 01:14:25 1998 Assar Westerlund + + * pop_init.c: s/net_read/pop_net_read/ + +Tue Jun 2 17:33:54 1998 Johan Danielsson + + * pop_send.c: add missing newlines + +Sun May 24 20:59:45 1998 Johan Danielsson + + * maildir.c (make_path): fix reversed args + +Sat May 16 00:02:18 1998 Assar Westerlund + + * Makefile.am: link with DBLIB + +Sun Apr 26 11:47:58 1998 Assar Westerlund + + * pop_pass.c (pop_pass): check return value from changeuser + + * pop_dropcopy.c (changeuser): check that `setuid' and `setgid' + succeeded. + + * popper.h: changeuser now returns int + +Thu Apr 23 00:54:38 1998 Johan Danielsson + + * Add support for maildir spoolfiles. + + * popper.h (MsgInfoList): replace `del_flag' and `retr_flag' with + single `flags' + + * pop_dropcopy.c: Fix mismatched parenthesis. + +Sat Apr 4 15:13:56 1998 Assar Westerlund + + * pop_dropcopy.c (pop_dropcopy): first do mkstemp and then fdopen. + Originally from + + * popper.h: include + +Sat Feb 7 10:07:39 1998 Assar Westerlund + + * pop_pass.c(krb4_verify_password: Don't use REALM_SZ + 1, just + REALM_SZ + +Mon Dec 29 16:37:26 1997 Assar Westerlund + + * pop_updt.c (pop_updt): lseek before ftruncating the file. From + + +Sat Nov 22 13:46:39 1997 Johan Danielsson + + * pop_pass.c: Destroy tickets after verification. + +Sun Nov 9 09:11:14 1997 Assar Westerlund + + * pop_dropinfo.c: be careful with mails without msg-id, subject, + or from + +Wed Oct 29 02:09:24 1997 Assar Westerlund + + * pop_pass.c: conditionalize OTP-support + + * pop_init.c: conditionalize OTP-support + diff --git a/appl/popper/Makefile.am b/appl/popper/Makefile.am new file mode 100644 index 000000000000..2fb612dd62e3 --- /dev/null +++ b/appl/popper/Makefile.am @@ -0,0 +1,49 @@ +# $Id$ + +include $(top_srcdir)/Makefile.am.common + +noinst_PROGRAMS = pop_debug + +libexec_PROGRAMS = popper + +popper_SOURCES = \ + pop_auth.c \ + pop_auth.h \ + pop_dele.c \ + pop_dropcopy.c \ + pop_dropinfo.c \ + pop_get_command.c \ + pop_init.c \ + pop_last.c \ + pop_list.c \ + pop_log.c \ + pop_msg.c \ + pop_parse.c \ + pop_pass.c \ + pop_quit.c \ + pop_rset.c \ + pop_send.c \ + pop_stat.c \ + pop_uidl.c \ + pop_updt.c \ + pop_user.c \ + pop_xover.c \ + popper.c \ + maildir.c \ + auth_gssapi.c \ + popper.h \ + version.h + +LDADD = \ + $(LIB_otp) \ + $(top_builddir)/lib/gssapi/libgssapi.la \ + $(LIB_krb5) \ + $(LIB_hcrypto) \ + $(LIB_roken) \ + $(DBLIB) + +man_MANS = popper.8 + +EXTRA_DIST = NTMakefile pop3.rfc1081 pop3e.rfc1082 \ + popper.README.release README-FIRST \ + $(man_MANS) diff --git a/appl/popper/Makefile.in b/appl/popper/Makefile.in new file mode 100644 index 000000000000..66a833f280ee --- /dev/null +++ b/appl/popper/Makefile.in @@ -0,0 +1,1040 @@ +# Makefile.in generated by automake 1.11.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# $Id$ + +# $Id$ + +# $Id$ + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ + $(top_srcdir)/Makefile.am.common \ + $(top_srcdir)/cf/Makefile.am.common ChangeLog +noinst_PROGRAMS = pop_debug$(EXEEXT) +libexec_PROGRAMS = popper$(EXEEXT) +subdir = appl/popper +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ + $(top_srcdir)/cf/broken-getaddrinfo.m4 \ + $(top_srcdir)/cf/broken-glob.m4 \ + $(top_srcdir)/cf/broken-realloc.m4 \ + $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ + $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ + $(top_srcdir)/cf/capabilities.m4 \ + $(top_srcdir)/cf/check-compile-et.m4 \ + $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ + $(top_srcdir)/cf/check-man.m4 \ + $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ + $(top_srcdir)/cf/check-type-extra.m4 \ + $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ + $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ + $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/find-func-no-libs.m4 \ + $(top_srcdir)/cf/find-func-no-libs2.m4 \ + $(top_srcdir)/cf/find-func.m4 \ + $(top_srcdir)/cf/find-if-not-broken.m4 \ + $(top_srcdir)/cf/framework-security.m4 \ + $(top_srcdir)/cf/have-struct-field.m4 \ + $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ + $(top_srcdir)/cf/krb-bigendian.m4 \ + $(top_srcdir)/cf/krb-func-getlogin.m4 \ + $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ + $(top_srcdir)/cf/krb-readline.m4 \ + $(top_srcdir)/cf/krb-struct-spwd.m4 \ + $(top_srcdir)/cf/krb-struct-winsize.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ + $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ + $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ + $(top_srcdir)/cf/roken-frag.m4 \ + $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ + $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ + $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ + $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/include/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__installdirs = "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man8dir)" +PROGRAMS = $(libexec_PROGRAMS) $(noinst_PROGRAMS) +pop_debug_SOURCES = pop_debug.c +pop_debug_OBJECTS = pop_debug.$(OBJEXT) +pop_debug_LDADD = $(LDADD) +am__DEPENDENCIES_1 = +pop_debug_DEPENDENCIES = $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/gssapi/libgssapi.la $(LIB_krb5) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) +am_popper_OBJECTS = pop_auth.$(OBJEXT) pop_dele.$(OBJEXT) \ + pop_dropcopy.$(OBJEXT) pop_dropinfo.$(OBJEXT) \ + pop_get_command.$(OBJEXT) pop_init.$(OBJEXT) \ + pop_last.$(OBJEXT) pop_list.$(OBJEXT) pop_log.$(OBJEXT) \ + pop_msg.$(OBJEXT) pop_parse.$(OBJEXT) pop_pass.$(OBJEXT) \ + pop_quit.$(OBJEXT) pop_rset.$(OBJEXT) pop_send.$(OBJEXT) \ + pop_stat.$(OBJEXT) pop_uidl.$(OBJEXT) pop_updt.$(OBJEXT) \ + pop_user.$(OBJEXT) pop_xover.$(OBJEXT) popper.$(OBJEXT) \ + maildir.$(OBJEXT) auth_gssapi.$(OBJEXT) +popper_OBJECTS = $(am_popper_OBJECTS) +popper_LDADD = $(LDADD) +popper_DEPENDENCIES = $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/gssapi/libgssapi.la $(LIB_krb5) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = pop_debug.c $(popper_SOURCES) +DIST_SOURCES = pop_debug.c $(popper_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +man8dir = $(mandir)/man8 +MANS = $(man_MANS) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMTAR = @AMTAR@ +AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +COMPILE_ET = @COMPILE_ET@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ +DBLIB = @DBLIB@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DIR_com_err = @DIR_com_err@ +DIR_hcrypto = @DIR_hcrypto@ +DIR_hdbdir = @DIR_hdbdir@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GREP = @GREP@ +GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ +INCLUDE_hcrypto = @INCLUDE_hcrypto@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ +INCLUDE_openldap = @INCLUDE_openldap@ +INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBADD_roken = @LIBADD_roken@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_NDBM = @LIB_NDBM@ +LIB_XauFileName = @LIB_XauFileName@ +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_XauWriteAuth = @LIB_XauWriteAuth@ +LIB_bswap16 = @LIB_bswap16@ +LIB_bswap32 = @LIB_bswap32@ +LIB_com_err = @LIB_com_err@ +LIB_com_err_a = @LIB_com_err_a@ +LIB_com_err_so = @LIB_com_err_so@ +LIB_crypt = @LIB_crypt@ +LIB_db_create = @LIB_db_create@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ +LIB_door_create = @LIB_door_create@ +LIB_freeaddrinfo = @LIB_freeaddrinfo@ +LIB_gai_strerror = @LIB_gai_strerror@ +LIB_getaddrinfo = @LIB_getaddrinfo@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_gethostbyname2 = @LIB_gethostbyname2@ +LIB_getnameinfo = @LIB_getnameinfo@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_hcrypto = @LIB_hcrypto@ +LIB_hcrypto_a = @LIB_hcrypto_a@ +LIB_hcrypto_appl = @LIB_hcrypto_appl@ +LIB_hcrypto_so = @LIB_hcrypto_so@ +LIB_hesiod = @LIB_hesiod@ +LIB_hstrerror = @LIB_hstrerror@ +LIB_kdb = @LIB_kdb@ +LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ +LIB_loadquery = @LIB_loadquery@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_openldap = @LIB_openldap@ +LIB_openpty = @LIB_openpty@ +LIB_otp = @LIB_otp@ +LIB_pidfile = @LIB_pidfile@ +LIB_readline = @LIB_readline@ +LIB_res_ndestroy = @LIB_res_ndestroy@ +LIB_res_nsearch = @LIB_res_nsearch@ +LIB_res_search = @LIB_res_search@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ +STRIP = @STRIP@ +VERSION = @VERSION@ +VERSIONING = @VERSIONING@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +XMKMF = @XMKMF@ +X_CFLAGS = @X_CFLAGS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_LIBS = @X_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dpagaix_cflags = @dpagaix_cflags@ +dpagaix_ldadd = @dpagaix_ldadd@ +dpagaix_ldflags = @dpagaix_ldflags@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +subdirs = @subdirs@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) +@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME +AM_CFLAGS = $(WFLAGS) +CP = cp +buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_setpcred = @LIB_setpcred@ +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal +NROFF_MAN = groff -mandoc -Tascii +LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la + +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la +@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la +popper_SOURCES = \ + pop_auth.c \ + pop_auth.h \ + pop_dele.c \ + pop_dropcopy.c \ + pop_dropinfo.c \ + pop_get_command.c \ + pop_init.c \ + pop_last.c \ + pop_list.c \ + pop_log.c \ + pop_msg.c \ + pop_parse.c \ + pop_pass.c \ + pop_quit.c \ + pop_rset.c \ + pop_send.c \ + pop_stat.c \ + pop_uidl.c \ + pop_updt.c \ + pop_user.c \ + pop_xover.c \ + popper.c \ + maildir.c \ + auth_gssapi.c \ + popper.h \ + version.h + +LDADD = \ + $(LIB_otp) \ + $(top_builddir)/lib/gssapi/libgssapi.la \ + $(LIB_krb5) \ + $(LIB_hcrypto) \ + $(LIB_roken) \ + $(DBLIB) + +man_MANS = popper.8 +EXTRA_DIST = NTMakefile pop3.rfc1081 pop3e.rfc1082 \ + popper.README.release README-FIRST \ + $(man_MANS) + +all: all-am + +.SUFFIXES: +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/popper/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/popper/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-libexecPROGRAMS: $(libexec_PROGRAMS) + @$(NORMAL_INSTALL) + test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done + +uninstall-libexecPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files + +clean-libexecPROGRAMS: + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list + +clean-noinstPROGRAMS: + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +pop_debug$(EXEEXT): $(pop_debug_OBJECTS) $(pop_debug_DEPENDENCIES) + @rm -f pop_debug$(EXEEXT) + $(LINK) $(pop_debug_OBJECTS) $(pop_debug_LDADD) $(LIBS) +popper$(EXEEXT): $(popper_OBJECTS) $(popper_DEPENDENCIES) + @rm -f popper$(EXEEXT) + $(LINK) $(popper_OBJECTS) $(popper_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auth_gssapi.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/maildir.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_auth.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_debug.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_dele.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_dropcopy.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_dropinfo.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_get_command.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_init.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_last.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_list.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_log.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_msg.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_parse.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_pass.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_quit.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_rset.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_send.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_stat.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_uidl.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_updt.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_user.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pop_xover.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/popper.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-man8: $(man_MANS) + @$(NORMAL_INSTALL) + test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + +uninstall-man8: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$(top_distdir)" distdir="$(distdir)" \ + dist-hook +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +all-am: Makefile $(PROGRAMS) $(MANS) all-local +installdirs: + for dir in "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man8dir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libexecPROGRAMS clean-libtool \ + clean-noinstPROGRAMS mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-man + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-data-hook +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: install-libexecPROGRAMS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: install-man8 + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-libexecPROGRAMS uninstall-man + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) uninstall-hook +uninstall-man: uninstall-man8 + +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am + +.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ + clean clean-generic clean-libexecPROGRAMS clean-libtool \ + clean-noinstPROGRAMS ctags dist-hook distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am \ + install-data-hook install-dvi install-dvi-am install-exec \ + install-exec-am install-exec-hook install-html install-html-am \ + install-info install-info-am install-libexecPROGRAMS \ + install-man install-man8 install-pdf install-pdf-am install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-hook uninstall-libexecPROGRAMS \ + uninstall-man uninstall-man8 + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) + @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done ; \ + foo='$(nobase_include_HEADERS)'; \ + for f in $$foo; do \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers + +check-local:: + @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ + foo=''; elif test '$(CHECK_LOCAL)'; then \ + foo='$(CHECK_LOCAL)'; else \ + foo='$(PROGRAMS)'; fi; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0 || exit 1; \ + fi + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +uninstall-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +install-data-hook: install-cat-mans +uninstall-hook: uninstall-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +# +# Useful target for debugging +# + +check-valgrind: + tobjdir=`cd $(top_builddir) && pwd` ; \ + tsrcdir=`cd $(top_srcdir) && pwd` ; \ + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check + +# +# Target to please samba build farm, builds distfiles in-tree. +# Will break when automake changes... +# + +distdir-in-tree: $(DISTFILES) $(INFO_DEPS) + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" != .; then \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ + fi ; \ + done + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/appl/popper/NTMakefile b/appl/popper/NTMakefile new file mode 100644 index 000000000000..20f681bfdab0 --- /dev/null +++ b/appl/popper/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\popper + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/popper/README b/appl/popper/README new file mode 100644 index 000000000000..0735fdd56c39 --- /dev/null +++ b/appl/popper/README @@ -0,0 +1,381 @@ +@(#)@(#)README 2.6 2.6 4/2/91 + + +The Post Office Protocol Server: Installation Guide + + + +Introduction + +The Post Office Protocol server runs on a variety of Unix[1] computers +to manage electronic mail for Macintosh and MS-DOS computers. The +server was developed at the University of California at Berkeley and +conforms fully to the specifications in RFC 1081[2] and RFC 1082[3]. +The Berkeley server also has extensions to send electronic mail on +behalf of a client. + +This guide explains how to install the POP server on your Unix +computer. It assumes that you are not only familiar with Unix but also +capable of performing Unix system administration. + + +How to Obtain the Server + +The POP server is available via anonymous ftp from ftp.CC.Berkeley.EDU +(128.32.136.9, 128.32.206.12). It is in two files in the pub directory: +a compressed tar file popper-version.tar.Z and a Macintosh StuffIt archive +in BinHex format called MacPOP.sit.hqx. + + +Contents of the Distribution + +The distribution contains the following: + ++ All of the C source necessary to create the server program. + ++ A visual representation of how the POP system works. + ++ Reprints of RFC 1081 and RFC 1082. + ++ A HyperCard stack POP client implementation using MacTCP. + ++ A man page for the popper daemon. + ++ This guide. + + +Compatibility + +The Berkeley POP server has been successfully tested on the following +Unix operating systems: + ++ Berkeley Systems Distribution 4.3 + ++ Sun Microsystems Operating System versions 3.5 and 4.0 + ++ Ultrix version 2.3 + +The following POP clients operate correctly with the Berkeley POP server: + ++ The Berkeley HyperMail HyperCard stack for the Apple Macintosh + (distributed with the server). + ++ The Stanford University Macintosh Internet Protocol MacMH program. + ++ The Stanford University Personal Computer Internet Protocol MH + program. + ++ The mh version 6.0 programs for Unix. + + +Support + +The Berkeley POP server is not officially supported and is without any +warranty, explicit or implied. However, we are interested in your +experiences using the server. Bugs, comments and suggestions should be +sent electronically to netinfo@garnet.Berkeley.EDU. + + +Operational Characteristics + +The POP Transaction Cycle + +The Berkeley POP server is a single program (called popper) that is +launched by inetd when it gets a service request on the POP TCP port. +(The official port number specified in RFC 1081 for POP version 3 is +port 110. However, some POP3 clients attempt to contact the server at +port 109, the POP version 2 port. Unless you are running both POP2 and +POP3 servers, you can simply define both ports for use by the POP3 +server. This is explained in the installation instructions later on.) +The popper program initializes and verifies that the peer IP address is +registered in the local domain, logging a warning message when a +connection is made to a client whose IP address does not have a +canonical name. For systems using BSD 4.3 bind, it also checks to see +if a cannonical name lookup for the client returns the same peer IP +address, logging a warning message if it does not. The the server +enters the authorization state, during which the client must correctly +identify itself by providing a valid Unix userid and password on the +server's host machine. No other exchanges are allowed during this +state (other than a request to quit.) If authentication fails, a +warning message is logged and the session ends. Once the user is +identified, popper changes its user and group ids to match that of the +user and enters the transaction state. The server makes a temporary +copy of the user's maildrop (ordinarily in /usr/spool/mail) which is +used for all subsequent transactions. These include the bulk of POP +commands to retrieve mail, delete mail, undelete mail, and so forth. A +Berkeley extension also allows the user to submit a mail parcel to the +server who mails it using the sendmail program (this extension is +supported in the HyperMail client distributed with the server). When +the client quits, the server enters the final update state during which +the network connection is terminated and the user's maildrop is updated +with the (possibly) modified temporary maildrop. + + +Logging + +The POP server uses syslog to keep a record of its activities. On +systems with BSD 4.3 syslogging, the server logs (by default) to the +"local0" facility at priority "notice" for all messages except +debugging which is logged at priority "debug". The default log file is +/usr/spool/mqueue/POPlog. These can be changed, if desired. On +systems with 4.2 syslogging all messages are logged to the local log +file, usually /usr/spool/mqueue/syslog. + +Problems + +If the filesystem which holds the /usr/spool/mail fills up users will +experience difficulties. The filesystem must have enough space to hold +(approximately) two copies of the largest mail box. Popper (v1.81 and +above) is designed to be robust in the face of this problem, but you may +end up with a situation where some of the user's mail is in + + /usr/spool/mail/.userid.pop + +and some of the mail is in + + /usr/spool/mail/userid + +If this happens the System Administrator should clear enough disk space +so that the filesystem has at least as much free disk as both mailboxes +hold and probably a little more. Then the user should initiate a POP +session, and do nothing but quit. If the POP session ends without an +error the user can then use POP or another mail program to clean up his/her +mailbox. + +Alternatively, the System Administrator can combine the two files (but +popper will do this for you if there is enough disk space). + + +Debugging + +The popper program will log debugging information when the -d parameter +is specified after its invocation in the inetd.conf file. Care should +be exercised in using this option since it generates considerable +output in the syslog file. Alternatively, the "-t " option +will place debugging information into file "" using fprintf +instead of syslog. (To enable debugging, you must edit the Makefile +to add -DDEBUG to the compiler options.) + +For SunOS version 3.5, the popper program is launched by inetd from +/etc/servers. This file does not allow you to specify command line +arguments. Therefore, if you want to enable debugging, you can specify +a shell script in /etc/servers to be launched instead of popper and in +this script call popper with the desired arguments. + + +Installation + +1. Examine this file for the latest information, warnings, etc. + +2. Check the Makefile for conformity with your system. + +3. Issue the make command in the directory containing the popper + source. + +4. Issue the make install command in the directory containing the + popper source to copy the program to /usr/etc. + +5. Enable syslogging: + + + For systems with 4.3 syslogging: + + Add the following line to the /etc/syslog.conf file: + + local0.notice;local0.debug /usr/spool/mqueue/POPlog + + Create the empty file /usr/spool/mqueue/POPlog. + + Kill and restart the syslogd daemon. + + + For systems with 4.2 syslogging: + + Be sure that you are logging messages of priority 7 and higher. + For example: + + 7/usr/spool/mqueue/syslog + 9/dev/null + +6. Update /etc/services: + + Add the following line to the /etc/services file: + + pop 110/tcp + + Note: This is the official port number for version 3 of the + Post Office Protocol as defined in RFC 1081. However, some + POP3 clients use port 109, the port number for the previous + version (2) of POP. Therefore you may also want to add the + following line to the /etc/services file: + + pop2 109/tcp + + For Sun systems running yp, also do the following: + + + Change to the /var/yp directory. + + + Issue the make services command. + +7. Update the inetd daemon configuration. Include the second line ONLY if you + are running the server at both ports. + + + On BSD 4.3 and SunOS 4.0 systems, add the following line to the + /etc/inetd.conf file: + + pop stream tcp nowait root /usr/etc/popper popper + pop2 stream tcp nowait root /usr/etc/popper popper + + + On Ultrix systems, add the following line to the + /etc/inetd.conf file: + + pop stream tcp nowait /usr/etc/popper popper + pop2 stream tcp nowait /usr/etc/popper popper + + + On SunOS 3.5 systems, add the following line to the + /etc/servers file: + + pop tcp /usr/etc/popper + pop2 tcp /usr/etc/popper + + Kill and restart the inetd daemon. + +You can confirm that the POP server is running on Unix by telneting to +port 110 (or 109 if you set it up that way). For example: + +%telnet myhost 110 +Trying... +Connected to myhost.berkeley.edu. +Escape character is '^]'. ++OK UCB Pop server (version 1.6) at myhost starting. +quit +Connection closed by foreign host. + + +Release Notes + +1.83 Make sure that everything we do as root is non-destructive. + +1.82 Make the /usr/spool/mail/.userid.pop file owned by the user rather + than owned by root. + +1.81 There were two versions of 1.7 floating around, 1.7b4 and 1.7b5. + The difference is that 1.7b5 attempted to save disk space on + /usr/spool/mail by deleting the users permanent maildrop after + making the temporary copy. Unfortunately, if compiled with + -DDEBUG, this version could easily wipe out a users' mail file. + This is now fixed. + + This version also fixes a security hole for systems that have + /usr/spool/mail writeable by all users. + + With this version we go to all new SCCS IDs for all files. This + is unfortunate, and we hope it is not too much of a problem. + + Thanks to Steve Dorner of UIUC for pointing out the major problem. + +1.7 Extensive re-write of the maildrop processing code contributed by + Viktor Dukhovni that greatly reduces the + possibility that the maildrop can be corrupted as the result of + simultaneous access by two or more processes. + + Added "pop_dropcopy" module to create a temporary maildrop from + the existing, standard maildrop as root before the setuid and + setgid for the user is done. This allows the temporary maildrop + to be created in a mail spool area that is not world read-writable. + + This version does *not* send the sendmail "From " delimiter line + in response to a TOP or RETR command. + + Encased all debugging code in #ifdef DEBUG constructs. This code can + be included by specifying the DEGUG compiler flag. Note: You still + need to use the -d or -t option to obtain debugging output. + +1.6 Corrects a bug that causes the server to crash on SunOS + 4.0 systems. + + Uses varargs and vsprintf (if available) in pop_log and + pop_msg. This is enabled by the "HAVE_VSPRINTF" + compiler flag. + + For systems with BSD 4.3 bind, performs a cannonical + name lookup and searches the returned address(es) for + the client's address, logging a warning message if it + is not located. This is enabled by the "BIND43" + comiler flag. + + Removed all the includes from popper.h and distributed + them throughout the porgrams files, as needed. + + Reformatted the source to convert tabs to spaces and + shorten lines for display on 80-column terminals. + +1.5 Creates the temporary maildrop with mode "600" and + immediately unlinks it. + + Uses client's IP address in lieu of a canonical name if + the latter cannot be obtained. + + Added "-t " option. The presence of this + option causes debugging output to be placed in the file + "file-name" using fprintf instead of the system log + file using syslog. + + Corrected maildrop parsing problem. + +1.4 Copies user's mail into a temporary maildrop on which + all subsequent activity is performed. + + Added "pop_log" function and replaced "syslog" calls + throughout the code with it. + +1.3 Corrected updating of Status: header line. + + Added strncasecmp for systems that do not have one. + Used strncasecmp in all appropriate places. This is + enabled by the STRNCASECMP compiler flag. + +1.2 Support for version 4.2 syslogging added. This is + enabled by the SYSLOG42 compiler flag. + +1.1 Several bugs fixed. + +1.0 Original version. + + +Limitations + ++ The POP server copies the user's entire maildrop to /tmp and + then operates on that copy. If the maildrop is particularly + large, or inadequate space is available in /tmp, then the + server will refuse to continue and terminate the connection. + ++ Simultaneous modification of a single maildrop can result in + confusing results. For example, manipulating messages in a + maildrop using the Unix /usr/ucb/mail command while a copy of + it is being processed by the POP server can cause the changes + made by one program to be lost when the other terminates. This + problem is being worked on and will be fixed in a later + release. + + +Credits + +The POP server was written by Edward Moy and Austin Shelton with +contributions from Robert Campbell (U.C. Berkeley) and Viktor Dukhovni +(Princeton University). Edward Moy wrote the HyperMail stack and drew +the POP operation diagram. This installation guide was written by +Austin Shelton. + + +Footnotes + +[1] Copyright (c) 1990 Regents of the University of California. + All rights reserved. The Berkeley software License Agreement + specifies the terms and conditions for redistribution. Unix is + a registered trademark of AT&T corporation. HyperCard and + Macintosh are registered trademarks of Apple Corporation. + +[2] M. Rose, Post Office Protocol - Version 3. RFC 1081, NIC, + November 1988. + +[3] M. Rose, Post Office Protocol - Version 3 Extended Service + Offerings. RFC 1082, NIC, November 1988. diff --git a/appl/popper/README-FIRST b/appl/popper/README-FIRST new file mode 100644 index 000000000000..3d78fb644b62 --- /dev/null +++ b/appl/popper/README-FIRST @@ -0,0 +1,11 @@ +This kerberized popper was based on popper-1.831beta +which was later announced as "offical" and not beta. + +This program is able to talk both the pop3 and the kpop3 protocol. + +Please note that the server principal is pop.hostname and not +rcmd.hostname. I.e an additional entry is needed in your mailhub's +/etc/srvtab. Use ksrvutil to add the extra prinicpal. + +The server is usually started from inetd and there is already an entry +for that in inetd.conf.changes. diff --git a/appl/popper/auth_gssapi.c b/appl/popper/auth_gssapi.c new file mode 100644 index 000000000000..032efe7ee3c8 --- /dev/null +++ b/appl/popper/auth_gssapi.c @@ -0,0 +1,253 @@ +/* + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include +#include +RCSID("$Id$"); + + +#if defined(SASL) && defined(KRB5) +#include + +extern krb5_context gssapi_krb5_context; + +struct gss_state { + gss_ctx_id_t context_hdl; + gss_OID mech_oid; + gss_name_t client_name; + int stage; +}; + +static void +gss_set_error (struct gss_state *gs, int min_stat) +{ + OM_uint32 new_stat; + OM_uint32 msg_ctx = 0; + gss_buffer_desc status_string; + OM_uint32 ret; + + do { + char * cstr; + + ret = gss_display_status (&new_stat, + min_stat, + GSS_C_MECH_CODE, + gs->mech_oid, + &msg_ctx, + &status_string); + if (asprintf(&cstr, "%.*s", (int)status_string.length, + (const char *)status_string.value) >= 0) { + pop_auth_set_error(cstr); + free(cstr); + } else { + pop_auth_set_error("unknown error"); + } + gss_release_buffer (&new_stat, &status_string); + } while (!GSS_ERROR(ret) && msg_ctx != 0); +} + +static int +gss_loop(POP *p, void *state, + /* const */ void *input, size_t input_length, + void **output, size_t *output_length) +{ + struct gss_state *gs = state; + gss_buffer_desc real_input_token, real_output_token; + gss_buffer_t input_token = &real_input_token, + output_token = &real_output_token; + OM_uint32 maj_stat, min_stat; + gss_channel_bindings_t bindings = GSS_C_NO_CHANNEL_BINDINGS; + + if(gs->stage == 0) { + /* we require an initial response, so ask for one if not + present */ + gs->stage++; + if(input == NULL && input_length == 0) { + /* XXX this could be done better */ + fputs("+ \r\n", p->output); + fflush(p->output); + return POP_AUTH_CONTINUE; + } + } + if(gs->stage == 1) { + input_token->value = input; + input_token->length = input_length; + maj_stat = + gss_accept_sec_context (&min_stat, + &gs->context_hdl, + GSS_C_NO_CREDENTIAL, + input_token, + bindings, + &gs->client_name, + &gs->mech_oid, + output_token, + NULL, + NULL, + NULL); + if (GSS_ERROR(maj_stat)) { + gss_set_error(gs, min_stat); + return POP_AUTH_FAILURE; + } + if (output_token->length != 0) { + *output = output_token->value; + *output_length = output_token->length; + } + if(maj_stat == GSS_S_COMPLETE) + gs->stage++; + + return POP_AUTH_CONTINUE; + } + + if(gs->stage == 2) { + /* send wanted protection levels */ + unsigned char x[4] = { 1, 0, 0, 0 }; + + input_token->value = x; + input_token->length = 4; + + maj_stat = gss_wrap(&min_stat, + gs->context_hdl, + FALSE, + GSS_C_QOP_DEFAULT, + input_token, + NULL, + output_token); + if (GSS_ERROR(maj_stat)) { + gss_set_error(gs, min_stat); + return POP_AUTH_FAILURE; + } + *output = output_token->value; + *output_length = output_token->length; + gs->stage++; + return POP_AUTH_CONTINUE; + } + if(gs->stage == 3) { + /* receive protection levels and username */ + char *name; + krb5_principal principal; + gss_buffer_desc export_name; + gss_OID oid; + unsigned char *ptr; + + input_token->value = input; + input_token->length = input_length; + + maj_stat = gss_unwrap (&min_stat, + gs->context_hdl, + input_token, + output_token, + NULL, + NULL); + if (GSS_ERROR(maj_stat)) { + gss_set_error(gs, min_stat); + return POP_AUTH_FAILURE; + } + if(output_token->length < 5) { + pop_auth_set_error("response too short"); + return POP_AUTH_FAILURE; + } + ptr = output_token->value; + if(ptr[0] != 1) { + pop_auth_set_error("must use clear text"); + return POP_AUTH_FAILURE; + } + memmove(output_token->value, ptr + 4, output_token->length - 4); + ptr[output_token->length - 4] = '\0'; + + maj_stat = gss_display_name(&min_stat, gs->client_name, + &export_name, &oid); + if(maj_stat != GSS_S_COMPLETE) { + gss_set_error(gs, min_stat); + return POP_AUTH_FAILURE; + } + /* XXX kerberos */ + if(oid != GSS_KRB5_NT_PRINCIPAL_NAME) { + pop_auth_set_error("unexpected gss name type"); + gss_release_buffer(&min_stat, &export_name); + return POP_AUTH_FAILURE; + } + name = malloc(export_name.length + 1); + if(name == NULL) { + pop_auth_set_error("out of memory"); + gss_release_buffer(&min_stat, &export_name); + return POP_AUTH_FAILURE; + } + memcpy(name, export_name.value, export_name.length); + name[export_name.length] = '\0'; + gss_release_buffer(&min_stat, &export_name); + krb5_parse_name(gssapi_krb5_context, name, &principal); + + if(!krb5_kuserok(gssapi_krb5_context, principal, ptr)) { + pop_auth_set_error("Permission denied"); + return POP_AUTH_FAILURE; + } + + + strlcpy(p->user, ptr, sizeof(p->user)); + return POP_AUTH_COMPLETE; + } + return POP_AUTH_FAILURE; +} + + +static int +gss_init(POP *p, void **state) +{ + struct gss_state *gs = malloc(sizeof(*gs)); + if(gs == NULL) { + pop_auth_set_error("out of memory"); + return POP_AUTH_FAILURE; + } + gs->context_hdl = GSS_C_NO_CONTEXT; + gs->stage = 0; + *state = gs; + return POP_AUTH_CONTINUE; +} + +static int +gss_cleanup(POP *p, void *state) +{ + OM_uint32 min_stat; + struct gss_state *gs = state; + if(gs->context_hdl != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&min_stat, &gs->context_hdl, GSS_C_NO_BUFFER); + free(state); + return POP_AUTH_CONTINUE; +} + +struct auth_mech gssapi_mech = { + "GSSAPI", gss_init, gss_loop, gss_cleanup +}; + +#endif /* KRB5 */ diff --git a/appl/popper/maildir.c b/appl/popper/maildir.c new file mode 100644 index 000000000000..c82e4a873919 --- /dev/null +++ b/appl/popper/maildir.c @@ -0,0 +1,216 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include +RCSID("$Id$"); + +static void +make_path(POP *p, MsgInfoList *mp, int new, char *buf, size_t len) +{ + snprintf(buf, len, "%s/%s%s%s", p->drop_name, + new ? "new" : "cur", mp ? "/" : "", mp ? mp->name : ""); +} + +static int +scan_file(POP *p, MsgInfoList *mp) +{ + char path[MAXPATHLEN]; + FILE *f; + char buf[1024]; + int eoh = 0; + + make_path(p, mp, mp->flags & NEW_FLAG, path, sizeof(path)); + f = fopen(path, "r"); + + if(f == NULL) { +#ifdef DEBUG + if(p->debug) + pop_log(p, POP_DEBUG, + "Failed to open message file `%s': %s", + path, strerror(errno)); +#endif + return pop_msg (p, POP_FAILURE, + "Failed to open message file `%s'", path); + } + while(fgets(buf, sizeof(buf), f)) { + if(buf[strlen(buf) - 1] == '\n') + mp->lines++; + mp->length += strlen(buf); + if(eoh) + continue; + if(strcmp(buf, "\n") == 0) + eoh = 1; + parse_header(mp, buf); + } + fclose(f); + return add_missing_headers(p, mp); +} + +static int +scan_dir(POP *p, int new) +{ + char tmp[MAXPATHLEN]; + DIR *dir; + struct dirent *dent; + MsgInfoList *mp = p->mlp; + int n_mp = p->msg_count; + int e; + + make_path(p, NULL, new, tmp, sizeof(tmp)); + mkdir(tmp, 0700); + dir = opendir(tmp); + while((dent = readdir(dir)) != NULL) { + if(strcmp(dent->d_name, ".") == 0 || strcmp(dent->d_name, "..") == 0) + continue; + mp = realloc(mp, (n_mp + 1) * sizeof(*mp)); + if(mp == NULL) { + p->msg_count = 0; + return pop_msg (p, POP_FAILURE, + "Can't build message list for '%s': Out of memory", + p->user); + } + memset(mp + n_mp, 0, sizeof(*mp)); + mp[n_mp].name = strdup(dent->d_name); + if(mp[n_mp].name == NULL) { + p->msg_count = 0; + return pop_msg (p, POP_FAILURE, + "Can't build message list for '%s': Out of memory", + p->user); + } + mp[n_mp].number = n_mp + 1; + mp[n_mp].flags = 0; + if(new) + mp[n_mp].flags |= NEW_FLAG; + e = scan_file(p, &mp[n_mp]); + if(e != POP_SUCCESS) + return e; + p->drop_size += mp[n_mp].length; + n_mp++; + } + closedir(dir); + p->mlp = mp; + p->msg_count = n_mp; + return POP_SUCCESS; +} + +int +pop_maildir_info(POP *p) +{ + int e; + + p->temp_drop[0] = '\0'; + p->mlp = NULL; + p->msg_count = 0; + + e = scan_dir(p, 0); + if(e != POP_SUCCESS) return e; + + e = scan_dir(p, 1); + if(e != POP_SUCCESS) return e; + return POP_SUCCESS; +} + +int +pop_maildir_update(POP *p) +{ + int i; + char tmp1[MAXPATHLEN], tmp2[MAXPATHLEN]; + for(i = 0; i < p->msg_count; i++) { + make_path(p, &p->mlp[i], p->mlp[i].flags & NEW_FLAG, + tmp1, sizeof(tmp1)); + if(p->mlp[i].flags & DEL_FLAG) { +#ifdef DEBUG + if(p->debug) + pop_log(p, POP_DEBUG, "Removing `%s'", tmp1); +#endif + if(unlink(tmp1) < 0) { +#ifdef DEBUG + if(p->debug) + pop_log(p, POP_DEBUG, "Failed to remove `%s': %s", + tmp1, strerror(errno)); +#endif + /* return failure? */ + } + } else if((p->mlp[i].flags & NEW_FLAG) && + (p->mlp[i].flags & RETR_FLAG)) { + make_path(p, &p->mlp[i], 0, tmp2, sizeof(tmp2)); +#ifdef DEBUG + if(p->debug) + pop_log(p, POP_DEBUG, "Linking `%s' to `%s'", tmp1, tmp2); +#endif + if(link(tmp1, tmp2) == 0) { +#ifdef DEBUG + if(p->debug) + pop_log(p, POP_DEBUG, "Removing `%s'", tmp1); +#endif + if(unlink(tmp1) < 0) { +#ifdef DEBUG + if(p->debug) + pop_log(p, POP_DEBUG, "Failed to remove `%s'", tmp1); +#endif + /* return failure? */ + } + } else { + if(errno == EXDEV) { +#ifdef DEBUG + if(p->debug) + pop_log(p, POP_DEBUG, "Trying to rename `%s' to `%s'", + tmp1, tmp2); +#endif + if(rename(tmp1, tmp2) < 0) { +#ifdef DEBUG + if(p->debug) + pop_log(p, POP_DEBUG, "Failed to rename `%s' to `%s'", + tmp1, tmp2); +#endif + } + } + } + } + } + return(pop_quit(p)); +} + +int +pop_maildir_open(POP *p, MsgInfoList *mp) +{ + char tmp[MAXPATHLEN]; + make_path(p, mp, mp->flags & NEW_FLAG, tmp, sizeof(tmp)); + if(p->drop) + fclose(p->drop); + p->drop = fopen(tmp, "r"); + if(p->drop == NULL) + return pop_msg(p, POP_FAILURE, "Failed to open message file"); + return POP_SUCCESS; +} diff --git a/appl/popper/pop3.rfc1081 b/appl/popper/pop3.rfc1081 new file mode 100644 index 000000000000..08ea6dd1430b --- /dev/null +++ b/appl/popper/pop3.rfc1081 @@ -0,0 +1,898 @@ + + + + + + +Network Working Group M. Rose +Request for Comments: 1081 TWG + November 1988 + + Post Office Protocol - Version 3 + + +Status of this Memo + + This memo suggests a simple method for workstations to dynamically + access mail from a mailbox server. This RFC specifies a proposed + protocol for the Internet community, and requests discussion and + suggestions for improvements. Distribution of this memo is + unlimited. + + This memo is based on RFC 918 (since revised as RFC 937). Although + similar in form to the original Post Office Protocol (POP) proposed + for the Internet community, the protocol discussed in this memo is + similar in spirit to the ideas investigated by the MZnet project at + the University of California, Irvine. + + Further, substantial work was done on examining POP in a PC-based + environment. This work, which resulted in additional functionality + in this protocol, was performed by the ACIS Networking Systems Group + at Stanford University. The author gratefully acknowledges their + interest. + +Introduction + + On certain types of smaller nodes in the Internet it is often + impractical to maintain a message transport system (MTS). For + example, a workstation may not have sufficient resources (cycles, + disk space) in order to permit a SMTP server and associated local + mail delivery system to be kept resident and continuously running. + Similarly, it may be expensive (or impossible) to keep a personal + computer interconnected to an IP-style network for long amounts of + time (the node is lacking the resource known as "connectivity"). + + Despite this, it is often very useful to be able to manage mail on + these smaller nodes, and they often support a user agent (UA) to aid + the tasks of mail handling. To solve this problem, a node which can + support an MTS entity offers a maildrop service to these less endowed + nodes. The Post Office Protocol - Version 3 (POP3) is intended to + permit a workstation to dynamically access a maildrop on a server + host in a useful fashion. Usually, this means that the POP3 is used + to allow a workstation to retrieve mail that the server is holding + for it. + + + + +Rose [Page 1] + +RFC 1081 POP3 November 1988 + + + For the remainder of this memo, the term "client host" refers to a + host making use of the POP3 service, while the term "server host" + refers to a host which offers the POP3 service. + +A Short Digression + + This memo does not specify how a client host enters mail into the + transport system, although a method consistent with the philosophy of + this memo is presented here: + + When the user agent on a client host wishes to enter a message + into the transport system, it establishes an SMTP connection to + its relay host (this relay host could be, but need not be, the + POP3 server host for the client host). + + If this method is followed, then the client host appears to the MTS + as a user agent, and should NOT be regarded as a "trusted" MTS entity + in any sense whatsoever. This concept, along with the role of the + POP3 as a part of a split-UA model is discussed later in this memo. + + Initially, the server host starts the POP3 service by listening on + TCP port 110. When a client host wishes to make use of the service, + it establishes a TCP connection with the server host. When the + connection is established, the POP3 server sends a greeting. The + client and POP3 server then exchange commands and responses + (respectively) until the connection is closed or aborted. + + Commands in the POP3 consist of a keyword possibly followed by an + argument. All commands are terminated by a CRLF pair. + + Responses in the POP3 consist of a success indicator and a keyword + possibly followed by additional information. All responses are + terminated by a CRLF pair. There are currently two success + indicators: positive ("+OK") and negative ("-ERR"). + + Responses to certain commands are multi-line. In these cases, which + are clearly indicated below, after sending the first line of the + response and a CRLF, any additional lines are sent, each terminated + by a CRLF pair. When all lines of the response have been sent, a + final line is sent, consisting of a termination octet (decimal code + 046, ".") and a CRLF pair. If any line of the multi-line response + begins with the termination octet, the line is "byte-stuffed" by + pre-pending the termination octet to that line of the response. + Hence a multi-line response is terminated with the five octets + "CRLF.CRLF". When examining a multi-line response, the client checks + to see if the line begins with the termination octet. If so and if + octets other than CRLF follow, the the first octet of the line (the + termination octet) is stripped away. If so and if CRLF immediately + + + +Rose [Page 2] + +RFC 1081 POP3 November 1988 + + + follows the termination character, then the response from the POP + server is ended and the line containing ".CRLF" is not considered + part of the multi-line response. + + A POP3 session progresses through a number of states during its + lifetime. Once the TCP connection has been opened and the POP3 + server has sent the greeting, the session enters the AUTHORIZATION + state. In this state, the client must identify itself to the POP3 + server. Once the client has successfully done this, the server + acquires resources associated with the client's maildrop, and the + session enters the TRANSACTION state. In this state, the client + requests actions on the part of the POP3 server. When the client has + finished its transactions, the session enters the UPDATE state. In + this state, the POP3 server releases any resources acquired during + the TRANSACTION state and says goodbye. The TCP connection is then + closed. + +The AUTHORIZATION State + + Once the TCP connection has been opened by a POP3 client, the POP3 + server issues a one line greeting. This can be any string terminated + by CRLF. An example might be: + + S. +OK dewey POP3 server ready (Comments to: PostMaster@UDEL.EDU) + + Note that this greeting is a POP3 reply. The POP3 server should + always give a positive response as the greeting. + + The POP3 session is now in the AUTHORIZATION state. The client must + now issue the USER command. If the POP3 server responds with a + positive success indicator ("+OK"), then the client may issue either + the PASS command to complete the authorization, or the QUIT command + to terminate the POP3 session. If the POP3 server responds with a + negative success indicator ("-ERR") to the USER command, then the + client may either issue a new USER command or may issue the QUIT + command. + + When the client issues the PASS command, the POP3 server uses the + argument pair from the USER and PASS commands to determine if the + client should be given access to the appropriate maildrop. If so, + the POP3 server then acquires an exclusive-access lock on the + maildrop. If the lock is successfully acquired, the POP3 server + parses the maildrop into individual messages (read note below), + determines the last message (if any) present in the maildrop that was + referenced by the RETR command, and responds with a positive success + indicator. The POP3 session now enters the TRANSACTION state. If + the lock can not be acquired or the client should is denied access to + the appropriate maildrop or the maildrop can't be parsed for some + + + +Rose [Page 3] + +RFC 1081 POP3 November 1988 + + + reason, the POP3 server responds with a negative success indicator. + (If a lock was acquired but the POP3 server intends to respond with a + negative success indicator, the POP3 server must release the lock + prior to rejecting the command.) At this point, the client may + either issue a new USER command and start again, or the client may + issue the QUIT command. + + NOTE: Minimal implementations of the POP3 need only be + able to break a maildrop into its component messages; + they need NOT be able to parse individual messages. + More advanced implementations may wish to have this + capability, for reasons discussed later. + + After the POP3 server has parsed the maildrop into individual + messages, it assigns a message-id to each message, and notes the size + of the message in octets. The first message in the maildrop is + assigned a message-id of "1", the second is assigned "2", and so on, + so that the n'th message in a maildrop is assigned a message-id of + "n". In POP3 commands and responses, all message-id's and message + sizes are expressed in base-10 (i.e., decimal). + + It sets the "highest number accessed" to be that of the last message + referenced by the RETR command. + + Here are summaries for the three POP3 commands discussed thus far: + + USER name + Arguments: a server specific user-id (required) + Restrictions: may only be given in the AUTHORIZATION + state after the POP3 greeting or after an + unsuccessful USER or PASS command + Possible Responses: + +OK name is welcome here + -ERR never heard of name + Examples: + C: USER mrose + S: +OK mrose is a real hoopy frood + ... + C: USER frated + S: -ERR sorry, frated doesn't get his mail here + + PASS string + Arguments: a server/user-id specific password (required) + Restrictions: may only be given in the AUTHORIZATION + state after a successful USER command + Possible Responses: + +OK maildrop locked and ready + -ERR invalid password + + + +Rose [Page 4] + +RFC 1081 POP3 November 1988 + + + -ERR unable to lock maildrop + Examples: + C: USER mrose + S: +OK mrose is a real hoopy frood + C: PASS secret + S: +OK mrose's maildrop has 2 messages + (320 octets) + ... + C: USER mrose + S: +OK mrose is a real hoopy frood + C: PASS secret + S: -ERR unable to lock mrose's maildrop, file + already locked + + QUIT + Arguments: none + Restrictions: none + Possible Responses: + +OK + Examples: + C: QUIT + S: +OK dewey POP3 server signing off + + +The TRANSACTION State + + Once the client has successfully identified itself to the POP3 server + and the POP3 server has locked and burst the appropriate maildrop, + the POP3 session is now in the TRANSACTION state. The client may now + issue any of the following POP3 commands repeatedly. After each + command, the POP3 server issues a response. Eventually, the client + issues the QUIT command and the POP3 session enters the UPDATE state. + + Here are the POP3 commands valid in the TRANSACTION state: + + STAT + Arguments: none + Restrictions: may only be given in the TRANSACTION state. + Discussion: + + The POP3 server issues a positive response with a line + containing information for the maildrop. This line is + called a "drop listing" for that maildrop. + + In order to simplify parsing, all POP3 servers are + required to use a certain format for drop listings. + The first octets present must indicate the number of + messages in the maildrop. Following this is the size + + + +Rose [Page 5] + +RFC 1081 POP3 November 1988 + + + of the maildrop in octets. This memo makes no + requirement on what follows the maildrop size. + Minimal implementations should just end that line of + the response with a CRLF pair. More advanced + implementations may include other information. + + NOTE: This memo STRONGLY discourages + implementations from supplying additional + information in the drop listing. Other, + optional, facilities are discussed later on + which permit the client to parse the messages + in the maildrop. + + Note that messages marked as deleted are not counted in + either total. + + Possible Responses: + +OK nn mm + Examples: + C: STAT + S: +OK 2 320 + + LIST [msg] + Arguments: a message-id (optionally) If a message-id is + given, it may NOT refer to a message marked as + deleted. + Restrictions: may only be given in the TRANSACTION state. + Discussion: + + If an argument was given and the POP3 server issues a + positive response with a line containing information + for that message. This line is called a "scan listing" + for that message. + + If no argument was given and the POP3 server issues a + positive response, then the response given is + multi-line. After the initial +OK, for each message + in the maildrop, the POP3 server responds with a line + containing information for that message. This line + is called a "scan listing" for that message. + + In order to simplify parsing, all POP3 servers are + required to use a certain format for scan listings. + The first octets present must be the message-id of + the message. Following the message-id is the size of + the message in octets. This memo makes no requirement + on what follows the message size in the scan listing. + Minimal implementations should just end that line of + + + +Rose [Page 6] + +RFC 1081 POP3 November 1988 + + + the response with a CRLF pair. More advanced + implementations may include other information, as + parsed from the message. + + NOTE: This memo STRONGLY discourages + implementations from supplying additional + information in the scan listing. Other, optional, + facilities are discussed later on which permit + the client to parse the messages in the maildrop. + + Note that messages marked as deleted are not listed. + + Possible Responses: + +OK scan listing follows + -ERR no such message + Examples: + C: LIST + S: +OK 2 messages (320 octets) + S: 1 120 + S: 2 200 + S: . + ... + C: LIST 2 + S: +OK 2 200 + ... + C: LIST 3 + S: -ERR no such message, only 2 messages in + maildrop + + RETR msg + Arguments: a message-id (required) This message-id may + NOT refer to a message marked as deleted. + Restrictions: may only be given in the TRANSACTION state. + Discussion: + + If the POP3 server issues a positive response, then the + response given is multi-line. After the initial +OK, + the POP3 server sends the message corresponding to the + given message-id, being careful to byte-stuff the + termination character (as with all multi-line + responses). + + If the number associated with this message is higher + than the "highest number accessed" in the maildrop, the + POP3 server updates the "highest number accessed" to + the number associated with this message. + + + + + +Rose [Page 7] + +RFC 1081 POP3 November 1988 + + + Possible Responses: + +OK message follows + -ERR no such message + Examples: + C: RETR 1 + S: +OK 120 octets + S: + S: . + + DELE msg + Arguments: a message-id (required) This message-id + may NOT refer to a message marked as deleted. + Restrictions: may only be given in the TRANSACTION state. + Discussion: + + The POP3 server marks the message as deleted. Any + future reference to the message-id associated with the + message in a POP3 command generates an error. The POP3 + server does not actually delete the message until the + POP3 session enters the UPDATE state. + + If the number associated with this message is higher + than the "highest number accessed" in the maildrop, + the POP3 server updates the "highest number accessed" + to the number associated with this message. + + Possible Responses: + +OK message deleted + -ERR no such message + Examples: + C: DELE 1 + S: +OK message 1 deleted + ... + C: DELE 2 + S: -ERR message 2 already deleted + + NOOP + Arguments: none + Restrictions: may only be given in the TRANSACTION state. + Discussion: + + The POP3 server does nothing, it merely replies with a + positive response. + + Possible Responses: + +OK + + + + + +Rose [Page 8] + +RFC 1081 POP3 November 1988 + + + Examples: + C: NOOP + S: +OK + + LAST + Arguments: none + Restrictions: may only be issued in the TRANSACTION state. + Discussion: + + The POP3 server issues a positive response with a line + containing the highest message number which accessed. + Zero is returned in case no message in the maildrop has + been accessed during previous transactions. A client + may thereafter infer that messages, if any, numbered + greater than the response to the LAST command are + messages not yet accessed by the client. + + Possible Response: + +OK nn + + Examples: + C: STAT + S: +OK 4 320 + C: LAST + S: +OK 1 + C: RETR 3 + S: +OK 120 octets + S: + S: . + C: LAST + S: +OK 3 + C: DELE 2 + S: +OK message 2 deleted + C: LAST + S: +OK 3 + C: RSET + S: +OK + C: LAST + S: +OK 1 + + RSET + Arguments: none + Restrictions: may only be given in the TRANSACTION + state. + Discussion: + + If any messages have been marked as deleted by the POP3 + + + +Rose [Page 9] + +RFC 1081 POP3 November 1988 + + + server, they are unmarked. The POP3 server then + replies with a positive response. In addition, the + "highest number accessed" is also reset to the value + determined at the beginning of the POP3 session. + + Possible Responses: + +OK + Examples: + C: RSET + S: +OK maildrop has 2 messages (320 octets) + + + +The UPDATE State + + When the client issues the QUIT command from the TRANSACTION state, + the POP3 session enters the UPDATE state. (Note that if the client + issues the QUIT command from the AUTHORIZATION state, the POP3 + session terminates but does NOT enter the UPDATE state.) + + QUIT + Arguments: none + Restrictions: none + Discussion: + + The POP3 server removes all messages marked as deleted + from the maildrop. It then releases the + exclusive-access lock on the maildrop and replies as + to the success of + these operations. The TCP connection is then closed. + + Possible Responses: + +OK + Examples: + C: QUIT + S: +OK dewey POP3 server signing off (maildrop + empty) + ... + C: QUIT + S: +OK dewey POP3 server signing off (2 messages + left) + ... + + +Optional POP3 Commands + + The POP3 commands discussed above must be supported by all minimal + implementations of POP3 servers. + + + +Rose [Page 10] + +RFC 1081 POP3 November 1988 + + + The optional POP3 commands described below permit a POP3 client + greater freedom in message handling, while preserving a simple POP3 + server implementation. + + NOTE: This memo STRONGLY encourages implementations to + support these commands in lieu of developing augmented + drop and scan listings. In short, the philosophy of + this memo is to put intelligence in the part of the + POP3 client and not the POP3 server. + + TOP msg n + Arguments: a message-id (required) and a number. This + message-id may NOT refer to a message marked as + deleted. + Restrictions: may only be given in the TRANSACTION state. + Discussion: + + If the POP3 server issues a positive response, then + the response given is multi-line. After the initial + +OK, the POP3 server sends the headers of the message, + the blank line separating the headers from the body, + and then the number of lines indicated message's body, + being careful to byte-stuff the termination character + (as with all multi-line responses). + + Note that if the number of lines requested by the POP3 + client is greater than than the number of lines in the + body, then the POP3 server sends the entire message. + + Possible Responses: + +OK top of message follows + -ERR no such message + Examples: + C: TOP 10 + S: +OK + S: + S: . + ... + C: TOP 100 + S: -ERR no such message + + RPOP user + Arguments: a client specific user-id (required) + Restrictions: may only be given in the AUTHORIZATION + state after a successful USER command; in addition, + may only be given if the client used a reserved + + + +Rose [Page 11] + +RFC 1081 POP3 November 1988 + + + (privileged) TCP port to connect to the server. + Discussion: + + The RPOP command may be used instead of the PASS + command to authenticate access to the maildrop. In + order for this command to be successful, the POP3 + client must use a reserved TCP port (port < 1024) to + connect tothe server. The POP3 server uses the + argument pair from the USER and RPOP commands to + determine if the client should be given access to + the appropriate maildrop. Unlike the PASS command + however, the POP3 server considers if the remote user + specified by the RPOP command who resides on the POP3 + client host is allowed to access the maildrop for the + user specified by the USER command (e.g., on Berkeley + UNIX, the .rhosts mechanism is used). With the + exception of this differing in authentication, this + command is identical to the PASS command. + + Note that the use of this feature has allowed much wider + penetration into numerous hosts on local networks (and + sometimes remote networks) by those who gain illegal + access to computers by guessing passwords or otherwise + breaking into the system. + + Possible Responses: + +OK maildrop locked and ready + -ERR permission denied + Examples: + C: USER mrose + S: +OK mrose is a real hoopy frood + C: RPOP mrose + S: +OK mrose's maildrop has 2 messages (320 + octets) + + Minimal POP3 Commands: + USER name valid in the AUTHORIZATION state + PASS string + QUIT + + STAT valid in the TRANSACTION state + LIST [msg] + RETR msg + DELE msg + NOOP + LAST + RSET + + + + +Rose [Page 12] + +RFC 1081 POP3 November 1988 + + + QUIT valid in the UPDATE state + + Optional POP3 Commands: + RPOP user valid in the AUTHORIZATION state + + TOP msg n valid in the TRANSACTION state + + POP3 Replies: + +OK + -ERR + + Note that with the exception of the STAT command, the reply given + by the POP3 server to any command is significant only to "+OK" + and "-ERR". Any text occurring after this reply may be ignored + by the client. + +Example POP3 Session + + S: + ... + C: + S: +OK dewey POP3 server ready (Comments to: PostMaster@UDEL.EDU) + C: USER mrose + S: +OK mrose is a real hoopy frood + C: PASS secret + S: +OK mrose's maildrop has 2 messages (320 octets) + C: STAT + S: +OK 2 320 + C: LIST + S: +OK 2 messages (320 octets) + S: 1 120 + S: 2 200 + S: . + C: RETR 1 + S: +OK 120 octets + S: + S: . + C: DELE 1 + S: +OK message 1 deleted + C: RETR 2 + S: +OK 200 octets + S: + S: . + C: DELE 2 + S: +OK message 2 deleted + C: QUIT + + + + + +Rose [Page 13] + +RFC 1081 POP3 November 1988 + + + S: +OK dewey POP3 server signing off (maildrop empty) + C: + S: + +Message Format + + All messages transmitted during a POP3 session are assumed to conform + to the standard for the format of Internet text messages [RFC822]. + + It is important to note that the byte count for a message on the + server host may differ from the octet count assigned to that message + due to local conventions for designating end-of-line. Usually, + during the AUTHORIZATION state of the POP3 session, the POP3 client + can calculate the size of each message in octets when it parses the + maildrop into messages. For example, if the POP3 server host + internally represents end-of-line as a single character, then the + POP3 server simply counts each occurrence of this character in a + message as two octets. Note that lines in the message which start + with the termination octet need not be counted twice, since the POP3 + client will remove all byte-stuffed termination characters when it + receives a multi-line response. + +The POP and the Split-UA model + + The underlying paradigm in which the POP3 functions is that of a + split-UA model. The POP3 client host, being a remote PC based + workstation, acts solely as a client to the message transport system. + It does not provide delivery/authentication services to others. + Hence, it is acting as a UA, on behalf of the person using the + workstation. Furthermore, the workstation uses SMTP to enter mail + into the MTS. + + In this sense, we have two UA functions which interface to the + message transport system: Posting (SMTP) and Retrieval (POP3). The + entity which supports this type of environment is called a split-UA + (since the user agent is split between two hosts which must + interoperate to provide these functions). + + ASIDE: Others might term this a remote-UA instead. + There are arguments supporting the use of both terms. + + This memo has explicitly referenced TCP as the underlying transport + agent for the POP3. This need not be the case. In the MZnet split- + UA, for example, personal micro-computer systems are used which do + not have IP-style networking capability. To connect to the POP3 + server host, a PC establishes a terminal connection using some simple + protocol (PhoneNet). A program on the PC drives the connection, + first establishing a login session as a normal user. The login shell + + + +Rose [Page 14] + +RFC 1081 POP3 November 1988 + + + for this pseudo-user is a program which drives the other half of the + terminal protocol and communicates with one of two servers. Although + MZnet can support several PCs, a single pseudo-user login is present + on the server host. The user-id and password for this pseudo-user + login is known to all members of MZnet. Hence, the first action of + the login shell, after starting the terminal protocol, is to demand a + USER/PASS authorization pair from the PC. This second level of + authorization is used to ascertain who is interacting with the MTS. + Although the server host is deemed to support a "trusted" MTS entity, + PCs in MZnet are not. Naturally, the USER/PASS authorization pair + for a PC is known only to the owner of the PC (in theory, at least). + + After successfully verifying the identity of the client, a modified + SMTP server is started, and the PC posts mail with the server host. + After the QUIT command is given to the SMTP server and it terminates, + a modified POP3 server is started, and the PC retrieves mail from the + server host. After the QUIT command is given to the POP3 server and + it terminates, the login shell for the pseudo-user terminates the + terminal protocol and logs the job out. The PC then closes the + terminal connection to the server host. + + The SMTP server used by MZnet is modified in the sense that it knows + that it's talking to a user agent and not a "trusted" entity in the + message transport system. Hence, it does performs the validation + activities normally performed by an entity in the MTS when it accepts + a message from a UA. + + The POP3 server used by MZnet is modified in the sense that it does + not require a USER/PASS combination before entering the TRANSACTION + state. The reason for this (of course) is that the PC has already + identified itself during the second-level authorization step + described above. + + NOTE: Truth in advertising laws require that the author + of this memo state that MZnet has not actually been + fully implemented. The concepts presented and proven + by the project led to the notion of the MZnet + split-slot model. This notion has inspired the + split-UA concept described in this memo, led to the + author's interest in the POP, and heavily influenced + the the description of the POP3 herein. + + In fact, some UAs present in the Internet already support the notion + of posting directly to an SMTP server and retrieving mail directly + from a POP server, even if the POP server and client resided on the + same host! + + ASIDE: this discussion raises an issue which this memo + + + +Rose [Page 15] + +RFC 1081 POP3 November 1988 + + + purposedly avoids: how does SMTP know that it's talking + to a "trusted" MTS entity? + +References + + [MZnet] Stefferud, E., J. Sweet, and T. Domae, "MZnet: Mail + Service for Personal Micro-Computer Systems", + Proceedings, IFIP 6.5 International Conference on + Computer Message Systems, Nottingham, U.K., May 1984. + + [RFC821] Postel, J., "Simple Mail Transfer Protocol", + USC/Information Sciences Institute, August 1982. + + [RFC822] Crocker, D., "Standard for the Format of ARPA-Internet + Text Messages", University of Delaware, August 1982. + + [RFC937] Butler, M., J. Postel, D. Chase, J. Goldberger, and J. + Reynolds, "Post Office Protocol - Version 2", RFC 937, + USC/Information Sciences Institute, February 1985. + + [RFC1010] Reynolds, J., and J. Postel, "Assigned Numbers", RFC + 1010, USC/Information Sciences Institute, May 1987. + +Author's Address: + + + Marshall Rose + The Wollongong Group + 1129 San Antonio Rd. + Palo Alto, California 94303 + + Phone: (415) 962-7100 + + Email: MRose@TWG.COM + + + + + + + + + + + + + + + + + +Rose [Page 16] diff --git a/appl/popper/pop3e.rfc1082 b/appl/popper/pop3e.rfc1082 new file mode 100644 index 000000000000..ac49448b5e11 --- /dev/null +++ b/appl/popper/pop3e.rfc1082 @@ -0,0 +1,619 @@ + + + + + + +Network Working Group M. Rose +Request for Comments: 1082 TWG + November 1988 + + + + Post Office Protocol - Version 3 + Extended Service Offerings + +Status of This Memo + + This memo suggests a simple method for workstations to dynamically + access mail from a discussion group server, as an extension to an + earlier memo which dealt with dynamically accessing mail from a + mailbox server using the Post Office Protocol - Version 3 (POP3). + This RFC specifies a proposed protocol for the Internet community, + and requests discussion and suggestions for improvements. All of the + extensions described in this memo to the POP3 are OPTIONAL. + Distribution of this memo is unlimited. + +Introduction and Motivation + + It is assumed that the reader is familiar with RFC 1081 that + discusses the Post Office Protocol - Version 3 (POP3) [RFC1081]. + This memo describes extensions to the POP3 which enhance the service + it offers to clients. This additional service permits a client host + to access discussion group mail, which is often kept in a separate + spool area, using the general POP3 facilities. + + The next section describes the evolution of discussion groups and the + technologies currently used to implement them. To summarize: + + o An exploder is used to map from a single address to + a list of addresses which subscribe to the list, and redirects + any subsequent error reports associated with the delivery of + each message. This has two primary advantages: + - Subscribers need know only a single address + - Responsible parties get the error reports and not + the subscribers + + + + + + + + + + + + +Rose [Page 1] + +RFC 1082 POP3 Extended Service November 1988 + + + o Typically, each subscription address is not a person's private + maildrop, but a system-wide maildrop, which can be accessed + by more than one user. This has several advantages: + - Only a single copy of each message need traverse the + net for a given site (which may contain several local + hosts). This conserves bandwidth and cycles. + - Only a single copy of each message need reside on each + subscribing host. This conserves disk space. + - The private maildrop for each user is not cluttered + with discussion group mail. + + Despite this optimization of resources, further economy can be + achieved at sites with more than one host. Typically, sites with + more than one host either: + + 1. Replicate discussion group mail on each host. This + results in literally gigabytes of disk space committed to + unnecessarily store redundant information. + + 2. Keep discussion group mail on one host and give all users a + login on that host (in addition to any other logins they may + have). This is usually a gross inconvenience for users who + work on other hosts, or a burden to users who are forced to + work on that host. + + As discussed in [RFC1081], the problem of giving workstations dynamic + access to mail from a mailbox server has been explored in great + detail (originally there was [RFC918], this prompted the author to + write [RFC1081], independently of this [RFC918] was upgraded to + [RFC937]). A natural solution to the problem outlined above is to + keep discussion group mail on a mailbox server at each site and + permit different hosts at that site to employ the POP3 to access + discussion group mail. If implemented properly, this avoids the + problems of both strategies outlined above. + + ASIDE: It might be noted that a good distributed filesystem + could also solve this problem. Sadly, "good" + distributed filesystems, which do not suffer + unacceptable response time for interactive use, are + few and far between these days! + + Given this motivation, now let's consider discussion groups, both in + general and from the point of view of a user agent. Following this, + extensions to the POP3 defined in [RFC1081] are presented. Finally, + some additional policy details are discussed along with some initial + experiences. + + + + + +Rose [Page 2] + +RFC 1082 POP3 Extended Service November 1988 + + +What's in a Discussion Group + + Since mailers and user agents first crawled out of the primordial + ARPAnet, the value of discussion groups have been appreciated, + (though their implementation has not always been well-understood). + + Described simply, a discussion group is composed of a number of + subscribers with a common interest. These subscribers post mail to a + single address, known as a distribution address. From this + distribution address, a copy of the message is sent to each + subscriber. Each group has a moderator, which is the person that + administrates the group. The moderator can usually be reached at a + special address, known as a request address. Usually, the + responsibilities of the moderator are quite simple, since the mail + system handles the distribution to subscribers automatically. In + some cases, the interest group, instead of being distributed directly + to its subscribers, is put into a digest format by the moderator and + then sent to the subscribers. Although this requires more work on + the part of the moderator, such groups tend to be better organized. + + Unfortunately, there are a few problems with the scheme outlined + above. First, if two users on the same host subscribe to the same + interest group, two copies of the message get delivered. This is + wasteful of both processor and disk resources. + + Second, some of these groups carry a lot of traffic. Although + subscription to an group does indicate interest on the part of a + subscriber, it is usually not interesting to get 50 messages or so + delivered to the user's private maildrop each day, interspersed with + personal mail, that is likely to be of a much more important and + timely nature. + + Third, if a subscriber on the distribution list for a group becomes + "bad" somehow, the originator of the message and not the moderator of + the group is notified. It is not uncommon for a large list to have + 10 or so bogus addresses present. This results in the originator + being flooded with "error messages" from mailers across the Internet + stating that a given address on the list was bad. Needless to say, + the originator usually could not care less if the bogus addresses got + a copy of the message or not. The originator is merely interested in + posting a message to the group at large. Furthermore, the moderator + of the group does care if there are bogus addresses on the list, but + ironically does not receive notification. + + There are various approaches which can be used to solve some or all + of these problems. Usually these involve placing an exploder agent + at the distribution source of the discussion group, which expands the + name of the group into the list of subscription addresses for the + + + +Rose [Page 3] + +RFC 1082 POP3 Extended Service November 1988 + + + group. In the process, the exploder will also change the address + that receives error notifications to be the request address or other + responsible party. + + A complementary approach, used in order to cut down on resource + utilization of all kinds, replaces all the subscribers at a single + host (or group of hosts under a single administration) with a single + address at that host. This address maps to a file on the host, + usually in a spool area, which all users can access. (Advanced + implementations can also implement private discussion groups this + way, in which a single copy of each message is kept, but is + accessible to only a select number of users on the host.) + + The two approaches can be combined to avoid all of the problems + described above. + + Finally, a third approach can be taken, which can be used to aid user + agents processing mail for the discussion group: In order to speed + querying of the maildrop which contains the local host's copy of the + discussion group, two other items are usually associated with the + discussion group, on a local basis. These are the maxima and the + last-date. Each time a message is received for the group on the + local host, the maxima is increased by at least one. Furthermore, + when a new maxima is generated, the current date is determined. This + is called the last date. As the message is entered into the local + maildrop, it is given the current maxima and last-date. This permits + the user agent to quickly determine if new messages are present in + the maildrop. + + NOTE: The maxima may be characterized as a monotonically + increasing quanity. Although sucessive values of the + maxima need not be consecutive, any maxima assigned + is always greater than any previously assigned value. + +Definition of Terms + + To formalize these notions somewhat, consider the following 7 + parameters which describe a given discussion group from the + perspective of the user agent (the syntax given is from [RFC822]): + + + + + + + + + + + + +Rose [Page 4] + +RFC 1082 POP3 Extended Service November 1988 + + + NAME Meaning: the name of the discussion group + Syntax: TOKEN (ALPHA *[ ALPHA / DIGIT / "-" ]) + (case-insensitive recognition) + Example: unix-wizards + + ALIASES Meaning: alternates names for the group, which + are locally meaningful; these are + typically used to shorten user typein + Syntax: TOKEN (case-insensitive recognition) + Example: uwiz + + ADDRESS Meaning: the primary source of the group + Syntax: 822 address + Example: Unix-Wizards@BRL.MIL + + REQUEST Meaning: the primary moderator of the group + Syntax: 822 address + Example: Unix-Wizards-Request@BRL.MIL + + FLAGS Meaning: locally meaningful flags associated + with the discussion group; this memo + leaves interpretation of this + parameter to each POP3 implementation + Syntax: octal number + Example: 01 + + MAXIMA Meaning: the magic cookie associated with the + last message locally received for the + group; it is the property of the magic + cookie that it's value NEVER + decreases, and increases by at least + one each time a message is locally + received + Syntax: decimal number + Example: 1004 + + LASTDATE Meaning: the date that the last message was + locally received + Syntax: 822 date + Example: Thu, 19 Dec 85 10:26:48 -0800 + + Note that the last two values are locally determined for the maildrop + associated with the discussion group and with each message in that + maildrop. Note however that the last message in the maildrop have a + different MAXIMA and LASTDATE than the discussion group. This often + occurs when the maildrop has been archived. + + + + + +Rose [Page 5] + +RFC 1082 POP3 Extended Service November 1988 + + + Finally, some local systems provide mechanisms for automatically + archiving discussion group mail. In some cases, a two-level archive + scheme is used: current mail is kept in the standard maildrop, + recent mail is kept in an archive maildrop, and older mail is kept + off-line. With this scheme, in addition to having a "standard" + maildrop for each discussion group, an "archive" maildrop may also be + available. This permits a user agent to examine the most recent + archive using the same mechanisms as those used on the current mail. + +The XTND Command + + The following commands are valid only in the TRANSACTION state of the + POP3. This implies that the POP3 server has already opened the + user's maildrop (which may be empty). This maildrop is called the + "default maildrop". The phrase "closes the current maildrop" has two + meanings, depending on whether the current maildrop is the default + maildrop or is a maildrop associated with a discussion group. + + In the former context, when the current maildrop is closed any + messages marked as deleted are removed from the maildrop currently in + use. The exclusive-access lock on the maildrop is then released + along with any implementation-specific resources (e.g., file- + descriptors). + + In the latter context, a maildrop associated with a discussion group + is considered to be read-only to the POP3 client. In this case, the + phrase "closes the current maildrop" merely means that any + implementation-specific resources are released. (Hence, the POP3 + command DELE is a no-op.) + + All the new facilities are introduced via a single POP3 command, + XTND. All positive reponses to the XTND command are multi-line. + + The most common multi-line response to the commands contains a + "discussion group listing" which presents the name of the discussion + group along with it's maxima. In order to simplify parsing all POP3 + servers are required to use a certain format for discussion group + listings: + + NAME SP MAXIMA + + This memo makes no requirement on what follows the maxima in the + listing. Minimal implementations should just end that line of the + response with a CRLF pair. More advanced implementations may include + other information, as parsed from the message. + + NOTE: This memo STRONGLY discourages implementations from + supplying additional information in the listing. + + + +Rose [Page 6] + +RFC 1082 POP3 Extended Service November 1988 + + + XTND BBOARDS [name] + Arguments: the name of a discussion group (optionally) + Restrictions: may only be given in the TRANSACTION state. + Discussion: + + If an argument was given, the POP3 server closes the current + maildrop. The POP3 server then validates the argument as the name of + a discussion group. If this is successful, it opens the maildrop + associated with the group, and returns a multi-line response + containing the discussion group listing. If the discussion group + named is not valid, or the associated archive maildrop is not + readable by the user, then an error response is returned. + + If no argument was given, the POP3 server issues a multi-line + response. After the initial +OK, for each discussion group known, + the POP3 server responds with a line containing the listing for that + discussion group. Note that only world-readable discussion groups + are included in the multi-line response. + + In order to aid user agents, this memo requires an extension to the + scan listing when an "XTND BBOARDS" command has been given. + Normally, a scan listing, as generated by the LIST, takes the form: + + MSGNO SIZE + + where MSGNO is the number of the message being listed and SIZE is the + size of the message in octets. When reading a maildrop accessed via + "XTND BBOARDS", the scan listing takes the form + + MSGNO SIZE MAXIMA + + where MAXIMA is the maxima that was assigned to the message when it + was placed in the BBoard. + + Possible Responses: + +OK XTND + -ERR no such bboard + Examples: + C: XTND BBOARDS + S: +OK XTND + S: system 10 + S: mh-users 100 + S: . + C: XTND BBOARDS system + S: + OK XTND + S: system 10 + S: . + + + + +Rose [Page 7] + +RFC 1082 POP3 Extended Service November 1988 + + + XTND ARCHIVE name + Arguments: the name of a discussion group (required) + Restrictions: may only be given in the TRANSACTION state. + Discussion: + + The POP3 server closes the current maildrop. The POP3 server then + validates the argument as the name of a discussion group. If this is + successful, it opens the archive maildrop associated with the group, + and returns a multi-line response containing the discussion group + listing. If the discussion group named is not valid, or the + associated archive maildrop is not readable by the user, then an + error response is returned. + + In addition, the scan listing generated by the LIST command is + augmented (as described above). + + Possible Responses: + +OK XTND + -ERR no such bboard Examples: + C: XTND ARCHIVE system + S: + OK XTND + S: system 3 + S: . + + XTND X-BBOARDS name + Arguments: the name of a discussion group (required) + Restrictions: may only be given in the TRANSACTION state. + Discussion: + + The POP3 server validates the argument as the name of a + discussion group. If this is unsuccessful, then an error + response is returned. Otherwise a multi-line response is + returned. The first 14 lines of this response (after the + initial +OK) are defined in this memo. Minimal implementations + need not include other information (and may omit certain + information, outputing a bare CRLF pair). More advanced + implementations may include other information. + + Line Information (refer to "Definition of Terms") + ---- ----------- + 1 NAME + 2 ALIASES, separated by SP + 3 system-specific: maildrop + 4 system-specific: archive maildrop + 5 system-specific: information + 6 system-specific: maildrop map + 7 system-specific: encrypted password + 8 system-specific: local leaders, separated by SP + + + +Rose [Page 8] + +RFC 1082 POP3 Extended Service November 1988 + + + 9 ADDRESS + 10 REQUEST + 11 system-specific: incoming feed + 12 system-specific: outgoing feeds + 13 FLAGS SP MAXIMA + 14 LASTDATE + + Most of this information is entirely too specific to the UCI Version + of the Rand MH Message Handling System [MRose85]. Nevertheless, + lines 1, 2, 9, 10, 13, and 14 are of general interest, regardless of + the implementation. + + Possible Responses: + +OK XTND + -ERR no such bboard + Examples: + C: XTND X-BBOARDS system + S: + OK XTND + S: system + S: local general + S: /usr/bboards/system.mbox + S: /usr/bboards/archive/system.mbox + S: /usr/bboards/.system.cnt + S: /usr/bboards/.system.map + S: * + S: mother + S: system@nrtc.northrop.com + S: system-request@nrtc.northrop.com + S: + S: dist-system@nrtc-gremlin.northrop.com + S: 01 10 + S: Thu, 19 Dec 85 00:08:49 -0800 + S: . + +Policy Notes + + Depending on the particular entity administrating the POP3 service + host, two additional policies might be implemented: + + 1. Private Discussion Groups + + In the general case, discussion groups are world-readable, any user, + once logged in (via a terminal, terminal server, or POP3, etc.), is + able to read the maildrop for each discussion group known to the POP3 + service host. Nevertheless, it is desirable, usually for privacy + reasons, to implement private discussion groups as well. + + Support of this is consistent with the extensions outlined in this + + + +Rose [Page 9] + +RFC 1082 POP3 Extended Service November 1988 + + + memo. Once the AUTHORIZATION state has successfully concluded, the + POP3 server grants the user access to exactly those discussion groups + the POP3 service host permits the authenticated user to access. As a + "security" feature, discussion groups associated with unreadable + maildrops should not be listed in a positive response to the XTND + BBOARDS command. + + 2. Anonymous POP3 Users + + In order to minimize the authentication problem, a policy permitting + "anonymous" access to the world-readable maildrops for discussion + groups on the POP3 server may be implemented. + + Support of this is consistent with the extensions outlined in this + memo. The POP3 server can be modified to accept a USER command for a + well-known pseudonym (i.e., "anonymous") which is valid with any PASS + command. As a "security" feature, it is advisable to limit this kind + of access to only hosts at the local site, or to hosts named in an + access list. + +Experiences and Conclusions + + All of the facilities described in this memo and in [RFC1081] have + been implemented in MH #6.1. Initial experiences have been, on the + whole, very positive. + + After the first implementation, some performance tuning was required. + This consisted primarily of caching the datastructures which describe + discussion groups in the POP3 server. A second optimization + pertained to the client: the program most commonly used to read + BBoards in MH was modified to retrieve messages only when needed. + Two schemes are used: + + o If only the headers (and the first few lines of the body) of + the message are required (e.g., for a scan listing), then only + these are retrieved. The resulting output is then cached, on + a per-message basis. + + o If the entire message is required, then it is retrieved intact, + and cached locally. + + With these optimizations, response time is quite adequate when the + POP3 server and client are connected via a high-speed local area + network. In fact, the author uses this mechanism to access certain + private discussion groups over the Internet. In this case, response + is still good. When a 9.6Kbps modem is inserted in the path, + response went from good to almost tolerable (fortunately the author + only reads a few discussion groups in this fashion). + + + +Rose [Page 10] + +RFC 1082 POP3 Extended Service November 1988 + + + To conclude: the POP3 is a good thing, not only for personal mail but + for discussion group mail as well. + + +References + + [RFC1081] Rose, M., "Post Office Protocol - Verison 3 (POP3)", RFC + 1081, TWG, November 1988. + + [MRose85] Rose, M., and J. Romine, "The Rand MH Message Handling + System: User's Manual", University of California, Irvine, + November 1985. + + [RFC822] Crocker, D., "Standard for the Format of ARPA-Internet + Text Messages", RFC 822, University of Delaware, August + 1982. + + [RFC918] Reynolds, J., "Post Office Protocol", RFC 918, + USC/Information Sciences Institute, October 1984. + + [RFC937] Butler, M., J. Postel, D. Chase, J. Goldberger, and J. + Reynolds, "Post Office Protocol - Version 2", RFC 937, + USC/Information Sciences Institute, February 1985. + +Author's Address: + + + Marshall Rose + The Wollongong Group + 1129 San Antonio Rd. + Palo Alto, California 94303 + + Phone: (415) 962-7100 + + Email: MRose@TWG.COM + + + + + + + + + + + + + + + + +Rose [Page 11] + diff --git a/appl/popper/pop_auth.c b/appl/popper/pop_auth.c new file mode 100644 index 000000000000..2c352b1a9cc9 --- /dev/null +++ b/appl/popper/pop_auth.c @@ -0,0 +1,183 @@ +/* + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#ifdef SASL +#include +#include +RCSID("$Id$"); + +/* + * auth: RFC1734 + */ + +static char * +getline(POP *p) +{ + char *buf = NULL; + size_t size = 1024; + buf = malloc(size); + if(buf == NULL) + return NULL; + *buf = '\0'; + while(fgets(buf + strlen(buf), size - strlen(buf), p->input) != NULL) { + char *p; + if((p = strchr(buf, '\n')) != NULL) { + while(p > buf && p[-1] == '\r') + p--; + *p = '\0'; + return buf; + } + /* just assume we ran out of buffer space, we'll catch eof + next round */ + size += 1024; + p = realloc(buf, size); + if(p == NULL) + break; + buf = p; + } + free(buf); + return NULL; +} + +static char auth_msg[128]; +void +pop_auth_set_error(const char *message) +{ + strlcpy(auth_msg, message, sizeof(auth_msg)); +} + +static struct auth_mech *methods[] = { +#ifdef KRB5 + &gssapi_mech, +#endif + NULL +}; + +static int +auth_execute(POP *p, struct auth_mech *m, void *state, const char *line) +{ + void *input, *output; + size_t input_length, output_length; + int status; + + if(line == NULL) { + input = NULL; + input_length = 0; + } else { + input = strdup(line); + if(input == NULL) { + pop_auth_set_error("out of memory"); + return POP_AUTH_FAILURE; + } + input_length = base64_decode(line, input); + if(input_length == (size_t)-1) { + pop_auth_set_error("base64 decode error"); + return POP_AUTH_FAILURE; + } + } + output = NULL; output_length = 0; + status = (*m->loop)(p, state, input, input_length, &output, &output_length); + if(output_length > 0) { + char *s; + base64_encode(output, output_length, &s); + fprintf(p->output, "+ %s\r\n", s); + fflush(p->output); + free(output); + free(s); + } + return status; +} + +static int +auth_loop(POP *p, struct auth_mech *m) +{ + int status; + void *state = NULL; + char *line; + + status = (*m->init)(p, &state); + + status = auth_execute(p, m, state, p->pop_parm[2]); + + while(status == POP_AUTH_CONTINUE) { + line = getline(p); + if(line == NULL) { + (*m->cleanup)(p, state); + return pop_msg(p, POP_FAILURE, "error reading data"); + } + if(strcmp(line, "*") == 0) { + (*m->cleanup)(p, state); + return pop_msg(p, POP_FAILURE, "terminated by client"); + } + status = auth_execute(p, m, state, line); + free(line); + } + + + (*m->cleanup)(p, state); + if(status == POP_AUTH_FAILURE) + return pop_msg(p, POP_FAILURE, "%s", auth_msg); + + status = login_user(p); + if(status != POP_SUCCESS) + return status; + return pop_msg(p, POP_SUCCESS, "authentication complete"); +} + +int +pop_auth (POP *p) +{ + int i; + + for (i = 0; methods[i] != NULL; ++i) + if (strcasecmp(p->pop_parm[1], methods[i]->name) == 0) + return auth_loop(p, methods[i]); + return pop_msg(p, POP_FAILURE, + "Authentication method %s unknown", p->pop_parm[1]); +} + +void +pop_capa_sasl(POP *p) +{ + int i; + + if(methods[0] == NULL) + return; + + fprintf(p->output, "SASL"); + for (i = 0; methods[i] != NULL; ++i) + fprintf(p->output, " %s", methods[i]->name); + fprintf(p->output, "\r\n"); +} +#endif diff --git a/lib/sl/ss.h b/appl/popper/pop_auth.h similarity index 55% rename from lib/sl/ss.h rename to appl/popper/pop_auth.h index 15e1f88cb645..4d9cd673fbb1 100644 --- a/lib/sl/ss.h +++ b/appl/popper/pop_auth.h @@ -1,57 +1,60 @@ /* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: ss.h 8294 2000-05-25 00:15:21Z assar $ */ -/* SS compatibility for SL */ +/* $Id$ */ -#ifndef __ss_h__ -#define __ss_h__ +#ifndef __pop_auth_h__ +#define __pop_auth_h__ -#include +struct auth_mech { + const char *name; + int (*init)(POP*, void**); + int (*loop)(POP*, void*, void*, size_t, void**, size_t*); + int (*cleanup)(POP*, void*); +}; -typedef SL_cmd ss_request_table; +#define POP_AUTH_CONTINUE 0 +#define POP_AUTH_FAILURE 1 +#define POP_AUTH_COMPLETE 2 -int ss_create_invocation (const char *, const char *, const char*, - ss_request_table*, int*); +void pop_auth_set_error(const char *message); -void ss_error (int, long, const char*, ...); -int ss_execute_command (int, char**); -int ss_execute_line (int, const char*); -int ss_list_requests (int argc, char**); -int ss_listen (int); -void ss_perror (int, long, const char*); -int ss_quit (int argc, char**); +#ifdef KRB5 +extern struct auth_mech gssapi_mech; +#endif +#ifdef KRB4 +extern struct auth_mech krb4_mech; +#endif -#define SS_ET_COMMAND_NOT_FOUND (-1) -#endif /* __ss_h__ */ +#endif /* __pop_auth_h__ */ diff --git a/appl/popper/pop_debug.c b/appl/popper/pop_debug.c new file mode 100644 index 000000000000..c145aa448830 --- /dev/null +++ b/appl/popper/pop_debug.c @@ -0,0 +1,230 @@ +/* + * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* Tiny program to help debug popper */ + +#include "popper.h" +RCSID("$Id$"); + +static void +loop(int s) +{ + char cmd[1024]; + char buf[1024]; + fd_set fds; + while(1){ + FD_ZERO(&fds); + FD_SET(0, &fds); + FD_SET(s, &fds); + if(select(s+1, &fds, 0, 0, 0) < 0) + err(1, "select"); + if(FD_ISSET(0, &fds)){ + fgets(cmd, sizeof(cmd), stdin); + cmd[strlen(cmd) - 1] = '\0'; + strlcat (cmd, "\r\n", sizeof(cmd)); + write(s, cmd, strlen(cmd)); + } + if(FD_ISSET(s, &fds)){ + int n = read(s, buf, sizeof(buf)); + if(n == 0) + exit(0); + fwrite(buf, n, 1, stdout); + } + } +} + +static int +get_socket (const char *hostname, int port) +{ + int ret; + struct addrinfo *ai, *a; + struct addrinfo hints; + char portstr[NI_MAXSERV]; + + memset (&hints, 0, sizeof(hints)); + hints.ai_socktype = SOCK_STREAM; + snprintf (portstr, sizeof(portstr), "%d", ntohs(port)); + ret = getaddrinfo (hostname, portstr, &hints, &ai); + if (ret) + errx (1, "getaddrinfo %s: %s", hostname, gai_strerror (ret)); + + for (a = ai; a != NULL; a = a->ai_next) { + int s; + + s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); + if (s < 0) + continue; + if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { + close (s); + continue; + } + freeaddrinfo (ai); + return s; + } + err (1, "failed to connect to %s", hostname); +} + +#ifdef KRB5 +static int +doit_v5 (char *host, int port) +{ + krb5_error_code ret; + krb5_context context; + krb5_auth_context auth_context = NULL; + krb5_principal server; + int s = get_socket (host, port); + + ret = krb5_init_context (&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + ret = krb5_sname_to_principal (context, + host, + "pop", + KRB5_NT_SRV_HST, + &server); + if (ret) { + warnx ("krb5_sname_to_principal: %s", + krb5_get_err_text (context, ret)); + return 1; + } + ret = krb5_sendauth (context, + &auth_context, + &s, + "KPOPV1.0", + NULL, + server, + 0, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL); + if (ret) { + warnx ("krb5_sendauth: %s", + krb5_get_err_text (context, ret)); + return 1; + } + loop (s); + return 0; +} +#endif + + +#ifdef KRB5 +static int use_v5 = -1; +#endif +static char *port_str; +static int do_version; +static int do_help; + +struct getargs args[] = { +#ifdef KRB5 + { "krb5", '5', arg_flag, &use_v5, "Use Kerberos V5", + NULL }, +#endif + { "port", 'p', arg_string, &port_str, "Use this port", + "number-or-service" }, + { "version", 0, arg_flag, &do_version, "Print version", + NULL }, + { "help", 0, arg_flag, &do_help, NULL, + NULL } +}; + +static void +usage (int ret) +{ + arg_printusage (args, + sizeof(args) / sizeof(args[0]), + NULL, + "hostname"); + exit (ret); +} + +int +main(int argc, char **argv) +{ + int port = 0; + int ret = 1; + int optind = 0; + + setprogname(argv[0]); + + if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, + &optind)) + usage (1); + + argc -= optind; + argv += optind; + + if (do_help) + usage (0); + + if (do_version) { + print_version (NULL); + return 0; + } + + if (argc < 1) + usage (1); + + if (port_str) { + struct servent *s = roken_getservbyname (port_str, "tcp"); + + if (s) + port = s->s_port; + else { + char *ptr; + + port = strtol (port_str, &ptr, 10); + if (port == 0 && ptr == port_str) + errx (1, "Bad port `%s'", port_str); + port = htons(port); + } + } + if (port == 0) { +#ifdef KRB5 + port = krb5_getportbyname (NULL, "kpop", "tcp", 1109); +#else +#error must define KRB5 +#endif + } + +#ifdef KRB5 + if (ret && use_v5) { + ret = doit_v5 (argv[0], port); + } +#endif + return ret; +} diff --git a/appl/popper/pop_dele.c b/appl/popper/pop_dele.c new file mode 100644 index 000000000000..59551dce655c --- /dev/null +++ b/appl/popper/pop_dele.c @@ -0,0 +1,107 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * dele: Delete a message from the POP maildrop + */ +int +pop_dele (POP *p) +{ + MsgInfoList * mp; /* Pointer to message info list */ + int msg_num; + + /* Convert the message number parameter to an integer */ + msg_num = atoi(p->pop_parm[1]); + + /* Is requested message out of range? */ + if ((msg_num < 1) || (msg_num > p->msg_count)) + return (pop_msg (p,POP_FAILURE,"Message %d does not exist.",msg_num)); + + /* Get a pointer to the message in the message list */ + mp = &(p->mlp[msg_num-1]); + + /* Is the message already flagged for deletion? */ + if (mp->flags & DEL_FLAG) + return (pop_msg (p,POP_FAILURE,"Message %d has already been deleted.", + msg_num)); + + /* Flag the message for deletion */ + mp->flags |= DEL_FLAG; + +#ifdef DEBUG + if(p->debug) + pop_log(p, POP_DEBUG, + "Deleting message %u at offset %ld of length %ld\n", + mp->number, mp->offset, mp->length); +#endif /* DEBUG */ + + /* Update the messages_deleted and bytes_deleted counters */ + p->msgs_deleted++; + p->bytes_deleted += mp->length; + + /* Update the last-message-accessed number if it is lower than + the deleted message */ + if (p->last_msg < msg_num) p->last_msg = msg_num; + + return (pop_msg (p,POP_SUCCESS,"Message %d has been deleted.",msg_num)); +} + +#ifdef XDELE +/* delete a range of messages */ +int +pop_xdele(POP *p) +{ + MsgInfoList * mp; /* Pointer to message info list */ + + int msg_min, msg_max; + int i; + + + msg_min = atoi(p->pop_parm[1]); + if(p->parm_count == 1) + msg_max = msg_min; + else + msg_max = atoi(p->pop_parm[2]); + + if (msg_min < 1) + return (pop_msg (p,POP_FAILURE,"Message %d does not exist.",msg_min)); + if(msg_max > p->msg_count) + return (pop_msg (p,POP_FAILURE,"Message %d does not exist.",msg_max)); + for(i = msg_min; i <= msg_max; i++) { + + /* Get a pointer to the message in the message list */ + mp = &(p->mlp[i - 1]); + + /* Is the message already flagged for deletion? */ + if (mp->flags & DEL_FLAG) + continue; /* no point in returning error */ + /* Flag the message for deletion */ + mp->flags |= DEL_FLAG; + +#ifdef DEBUG + if(p->debug) + pop_log(p, POP_DEBUG, + "Deleting message %u at offset %ld of length %ld\n", + mp->number, mp->offset, mp->length); +#endif /* DEBUG */ + + /* Update the messages_deleted and bytes_deleted counters */ + p->msgs_deleted++; + p->bytes_deleted += mp->length; + } + + /* Update the last-message-accessed number if it is lower than + the deleted message */ + if (p->last_msg < msg_max) p->last_msg = msg_max; + + return (pop_msg (p,POP_SUCCESS,"Messages %d-%d has been deleted.", + msg_min, msg_max)); + +} +#endif /* XDELE */ diff --git a/appl/popper/pop_dropcopy.c b/appl/popper/pop_dropcopy.c new file mode 100644 index 000000000000..a9939bb30def --- /dev/null +++ b/appl/popper/pop_dropcopy.c @@ -0,0 +1,174 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * Run as the user in `pwd' + */ + +int +changeuser(POP *p, struct passwd *pwd) +{ + if(setgid(pwd->pw_gid) < 0) { + pop_log (p, POP_PRIORITY, + "Unable to change to gid %u: %s", + (unsigned)pwd->pw_gid, + strerror(errno)); + return pop_msg (p, POP_FAILURE, + "Unable to change gid"); + } + if(setuid(pwd->pw_uid) < 0) { + pop_log (p, POP_PRIORITY, + "Unable to change to uid %u: %s", + (unsigned)pwd->pw_uid, + strerror(errno)); + return pop_msg (p, POP_FAILURE, + "Unable to change uid"); + } +#ifdef DEBUG + if(p->debug) + pop_log(p, POP_DEBUG,"uid = %u, gid = %u", + (unsigned)getuid(), + (unsigned)getgid()); +#endif /* DEBUG */ + return POP_SUCCESS; +} + +/* + * dropcopy: Make a temporary copy of the user's mail drop and + * save a stream pointer for it. + */ + +int +pop_dropcopy(POP *p, struct passwd *pwp) +{ + int mfd; /* File descriptor for + the user's maildrop */ + int dfd; /* File descriptor for + the SERVER maildrop */ + FILE *tf; /* The temp file */ + char template[POP_TMPSIZE]; /* Temp name holder */ + char buffer[BUFSIZ]; /* Read buffer */ + long offset; /* Old/New boundary */ + int nchar; /* Bytes written/read */ + int tf_fd; /* fd for temp file */ + int ret; + + /* Create a temporary maildrop into which to copy the updated maildrop */ + snprintf(p->temp_drop, sizeof(p->temp_drop), POP_DROP,p->user); + +#ifdef DEBUG + if(p->debug) + pop_log(p,POP_DEBUG,"Creating temporary maildrop '%s'", + p->temp_drop); +#endif /* DEBUG */ + + /* Here we work to make sure the user doesn't cause us to remove or + * write over existing files by limiting how much work we do while + * running as root. + */ + + strlcpy(template, POP_TMPDROP, sizeof(template)); + if ((tf_fd = mkstemp(template)) < 0 || + (tf = fdopen(tf_fd, "w+")) == NULL) { + pop_log(p,POP_PRIORITY, + "Unable to create temporary temporary maildrop '%s': %s",template, + strerror(errno)); + return pop_msg(p,POP_FAILURE, + "System error, can't create temporary file."); + } + + /* Now give this file to the user */ + chown(template, pwp->pw_uid, pwp->pw_gid); + chmod(template, 0600); + + /* Now link this file to the temporary maildrop. If this fails it + * is probably because the temporary maildrop already exists. If so, + * this is ok. We can just go on our way, because by the time we try + * to write into the file we will be running as the user. + */ + link(template,p->temp_drop); + fclose(tf); + unlink(template); + + ret = changeuser(p, pwp); + if (ret != POP_SUCCESS) + return ret; + + /* Open for append, this solves the crash recovery problem */ + if ((dfd = open(p->temp_drop,O_RDWR|O_APPEND|O_CREAT,0600)) == -1){ + pop_log(p,POP_PRIORITY, + "Unable to open temporary maildrop '%s': %s",p->temp_drop, + strerror(errno)); + return pop_msg(p,POP_FAILURE, + "System error, can't open temporary file, do you own it?"); + } + + /* Lock the temporary maildrop */ + if ( flock (dfd, (LOCK_EX | LOCK_NB)) == -1 ) + switch(errno) { + case EWOULDBLOCK: + return pop_msg(p,POP_FAILURE, + "%sMaildrop lock busy! Is another session active?", + (p->flags & POP_FLAG_CAPA) ? "[IN-USE] " : ""); + /* NOTREACHED */ + default: + return pop_msg(p,POP_FAILURE,"flock: '%s': %s", p->temp_drop, + strerror(errno)); + /* NOTREACHED */ + } + + /* May have grown or shrunk between open and lock! */ + offset = lseek(dfd,0, SEEK_END); + + /* Open the user's maildrop, If this fails, no harm in assuming empty */ + if ((mfd = open(p->drop_name,O_RDWR)) > 0) { + + /* Lock the maildrop */ + if (flock (mfd, LOCK_EX) == -1) { + close(mfd) ; + return pop_msg(p,POP_FAILURE, "flock: '%s': %s", p->temp_drop, + strerror(errno)); + } + + /* Copy the actual mail drop into the temporary mail drop */ + while ( (nchar=read(mfd,buffer,BUFSIZ)) > 0 ) + if ( nchar != write(dfd,buffer,nchar) ) { + nchar = -1 ; + break ; + } + + if ( nchar != 0 ) { + /* Error adding new mail. Truncate to original size, + and leave the maildrop as is. The user will not + see the new mail until the error goes away. + Should let them process the current backlog, in case + the error is a quota problem requiring deletions! */ + ftruncate(dfd,(int)offset) ; + } else { + /* Mail transferred! Zero the mail drop NOW, that we + do not have to do gymnastics to figure out what's new + and what is old later */ + ftruncate(mfd,0) ; + } + + /* Close the actual mail drop */ + close (mfd); + } + + /* Acquire a stream pointer for the temporary maildrop */ + if ( (p->drop = fdopen(dfd,"a+")) == NULL ) { + close(dfd) ; + return pop_msg(p,POP_FAILURE,"Cannot assign stream for %s", + p->temp_drop); + } + + rewind (p->drop); + + return(POP_SUCCESS); +} diff --git a/appl/popper/pop_dropinfo.c b/appl/popper/pop_dropinfo.c new file mode 100644 index 000000000000..8ef477f4b3ee --- /dev/null +++ b/appl/popper/pop_dropinfo.c @@ -0,0 +1,231 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +#if defined(UIDL) || defined(XOVER) + +/* + * Copy the string found after after : into a malloced buffer. Stop + * copying at end of string or end of line. End of line delimiter is + * not part of the resulting copy. + */ +static +char * +find_value_after_colon(char *p) +{ + char *t, *tmp; + + for (; *p != 0 && *p != ':'; p++) /* Find : */ + ; + + if (*p == 0) + goto error; + + p++; /* Skip over : */ + + for(; *p == ' ' || *p == '\t'; p++) /* Remove white space */ + ; + + for (t = p; *t != 0 && *t != '\n' && *t != '\r'; t++) /* Find end of str */ + ; + + tmp = t = malloc(t - p + 1); + if (tmp == 0) + goto error; + + for (; *p != 0 && *p != '\n' && *p != '\r'; p++, t++) /* Copy characters */ + *t = *p; + *t = 0; /* Terminate string */ + return tmp; + +error: + return "ErrorUIDL"; +} +#endif + +void +parse_header(MsgInfoList *mp, char *buffer) +{ +#if defined(UIDL) || defined(XOVER) + if (strncasecmp("Message-Id:",buffer, 11) == 0) { + if (mp->msg_id == NULL) + mp->msg_id = find_value_after_colon(buffer); + } +#ifdef UIDL + else if (strncasecmp(buffer, "X-UIDL:", 7) == 0) { + /* Courtesy to Qualcomm, there really is no such + thing as X-UIDL */ + mp->msg_id = find_value_after_colon(buffer); + } +#endif +#endif +#ifdef XOVER + else if (strncasecmp("Subject:", buffer, 8) == 0) { + if(mp->subject == NULL){ + char *p; + mp->subject = find_value_after_colon(buffer); + for(p = mp->subject; *p; p++) + if(*p == '\t') *p = ' '; + } + } + else if (strncasecmp("From:", buffer, 5) == 0) { + if(mp->from == NULL){ + char *p; + mp->from = find_value_after_colon(buffer); + for(p = mp->from; *p; p++) + if(*p == '\t') *p = ' '; + } + } + else if (strncasecmp("Date:", buffer, 5) == 0) { + if(mp->date == NULL){ + char *p; + mp->date = find_value_after_colon(buffer); + for(p = mp->date; *p; p++) + if(*p == '\t') *p = ' '; + } + } +#endif +} + +int +add_missing_headers(POP *p, MsgInfoList *mp) +{ +#if defined(UIDL) || defined(XOVER) + if (mp->msg_id == NULL) { + if (asprintf(&mp->msg_id, "no-message-id-%d", mp->number) == -1) { + fclose (p->drop); + p->msg_count = 0; + return pop_msg (p,POP_FAILURE, + "Can't build message list for '%s': Out of memory", + p->user); + } + } +#endif +#ifdef XOVER + if (mp->subject == NULL) + mp->subject = ""; + if (mp->from == NULL) + mp->from = ""; + if (mp->date == NULL) + mp->date = ""; +#endif + return POP_SUCCESS; +} + +/* + * dropinfo: Extract information about the POP maildrop and store + * it for use by the other POP routines. + */ + +int +pop_dropinfo(POP *p) +{ + char buffer[BUFSIZ]; /* Read buffer */ + MsgInfoList * mp; /* Pointer to message + info list */ + int msg_num; /* Current message + counter */ + int nchar; /* Bytes written/read */ + int blank_line = 1; /* previous line was blank */ + int in_header = 0; /* if we are in a header block */ + + /* Initialize maildrop status variables in the POP parameter block */ + p->msg_count = 0; + p->msgs_deleted = 0; + p->last_msg = 0; + p->bytes_deleted = 0; + p->drop_size = 0; + + /* Allocate memory for message information structures */ + p->msg_count = ALLOC_MSGS; + p->mlp = (MsgInfoList *)calloc((unsigned)p->msg_count,sizeof(MsgInfoList)); + if (p->mlp == NULL){ + fclose (p->drop); + p->msg_count = 0; + return pop_msg (p,POP_FAILURE, + "Can't build message list for '%s': Out of memory", p->user); + } + + rewind (p->drop); + + /* Scan the file, loading the message information list with + information about each message */ + + for (msg_num = p->drop_size = 0, mp = p->mlp - 1; + fgets(buffer,MAXMSGLINELEN,p->drop);) { + + nchar = strlen(buffer); + + if (blank_line && strncmp(buffer,"From ",5) == 0) { + in_header = 1; + if (++msg_num > p->msg_count) { + p->mlp=(MsgInfoList *) realloc(p->mlp, + (p->msg_count+=ALLOC_MSGS)*sizeof(MsgInfoList)); + if (p->mlp == NULL){ + fclose (p->drop); + p->msg_count = 0; + return pop_msg (p,POP_FAILURE, + "Can't build message list for '%s': Out of memory", + p->user); + } + mp = p->mlp + msg_num - 2; + } + ++mp; + mp->number = msg_num; + mp->length = 0; + mp->lines = 0; + mp->offset = ftell(p->drop) - nchar; + mp->flags = 0; +#if defined(UIDL) || defined(XOVER) + mp->msg_id = 0; +#endif +#ifdef XOVER + mp->subject = 0; + mp->from = 0; + mp->date = 0; +#endif +#ifdef DEBUG + if(p->debug) + pop_log(p, POP_DEBUG, + "Msg %d at offset %ld being added to list", + mp->number, mp->offset); +#endif /* DEBUG */ + } else if(in_header) + parse_header(mp, buffer); + blank_line = (strncmp(buffer, "\n", nchar) == 0); + if(blank_line) { + int e; + in_header = 0; + e = add_missing_headers(p, mp); + if(e != POP_SUCCESS) + return e; + } + mp->length += nchar; + p->drop_size += nchar; + mp->lines++; + } + p->msg_count = msg_num; + +#ifdef DEBUG + if(p->debug && msg_num > 0) { + int i; + for (i = 0, mp = p->mlp; i < p->msg_count; i++, mp++) +#ifdef UIDL + pop_log(p,POP_DEBUG, + "Msg %d at offset %ld is %ld octets long and has %u lines and id %s.", + mp->number,mp->offset,mp->length,mp->lines, mp->msg_id); +#else + pop_log(p,POP_DEBUG, + "Msg %d at offset %d is %d octets long and has %u lines.", + mp->number,mp->offset,mp->length,mp->lines); +#endif + } +#endif /* DEBUG */ + + return(POP_SUCCESS); +} diff --git a/appl/popper/pop_get_command.c b/appl/popper/pop_get_command.c new file mode 100644 index 000000000000..df197f6426bb --- /dev/null +++ b/appl/popper/pop_get_command.c @@ -0,0 +1,160 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * get_command: Extract the command from an input line form a POP client + */ + +int pop_capa (POP *p); +static state_table states[] = { + {auth1, "user", 1, 1, pop_user, {auth1, auth2}}, + {auth2, "pass", 1, 99, pop_pass, {auth1, trans}}, +#ifdef RPOP + {auth2, "rpop", 1, 1, pop_rpop, {auth1, trans}}, +#endif /* RPOP */ +#ifdef SASL + {auth1, "auth", 1, 2, pop_auth, {auth1, trans}}, +#endif + {auth1, "quit", 0, 0, pop_quit, {halt, halt}}, + {auth2, "quit", 0, 0, pop_quit, {halt, halt}}, +#ifdef CAPA + {auth1, "capa", 0, 0, pop_capa, {auth1, auth1}}, + {auth2, "capa", 0, 0, pop_capa, {auth2, auth2}}, + {trans, "capa", 0, 0, pop_capa, {trans, trans}}, +#endif + {trans, "stat", 0, 0, pop_stat, {trans, trans}}, + {trans, "list", 0, 1, pop_list, {trans, trans}}, + {trans, "retr", 1, 1, pop_send, {trans, trans}}, + {trans, "dele", 1, 1, pop_dele, {trans, trans}}, + {trans, "noop", 0, 0, NULL, {trans, trans}}, + {trans, "rset", 0, 0, pop_rset, {trans, trans}}, + {trans, "top", 2, 2, pop_send, {trans, trans}}, + {trans, "last", 0, 0, pop_last, {trans, trans}}, + {trans, "quit", 0, 0, pop_updt, {halt, halt}}, + {trans, "help", 0, 0, pop_help, {trans, trans}}, +#ifdef UIDL + {trans, "uidl", 0, 1, pop_uidl, {trans, trans}}, +#endif +#ifdef XOVER + {trans, "xover", 0, 0, pop_xover, {trans, trans}}, +#endif +#ifdef XDELE + {trans, "xdele", 1, 2, pop_xdele, {trans, trans}}, +#endif + {(state) 0, NULL, 0, 0, NULL, {halt, halt}}, +}; + +int +pop_capa (POP *p) +{ + /* Search for the POP command in the command/state table */ + pop_msg (p,POP_SUCCESS, "Capability list follows"); + if(p->auth_level == AUTH_NONE || p->auth_level == AUTH_OTP) + fprintf(p->output, "USER\r\n"); + fprintf(p->output, "TOP\r\n"); + fprintf(p->output, "PIPELINING\r\n"); + fprintf(p->output, "EXPIRE NEVER\r\n"); + fprintf(p->output, "RESP-CODES\r\n"); +#ifdef SASL + pop_capa_sasl(p); +#endif +#ifdef UIDL + fprintf(p->output, "UIDL\r\n"); +#endif +#ifdef XOVER + fprintf(p->output, "XOVER\r\n"); +#endif +#ifdef XDELE + fprintf(p->output, "XDELE\r\n"); +#endif + if(p->CurrentState == trans) + fprintf(p->output, "IMPLEMENTATION %s-%s\r\n", PACKAGE, VERSION); + fprintf(p->output,".\r\n"); + fflush(p->output); + + p->flags |= POP_FLAG_CAPA; + + return(POP_SUCCESS); +} + +state_table * +pop_get_command(POP *p, char *mp) +{ + state_table * s; + char buf[MAXMSGLINELEN]; + + /* Save a copy of the original client line */ +#ifdef DEBUG + if(p->debug) strlcpy (buf, mp, sizeof(buf)); +#endif /* DEBUG */ + + /* Parse the message into the parameter array */ + if ((p->parm_count = pop_parse(p,mp)) < 0) return(NULL); + + /* Do not log cleartext passwords */ +#ifdef DEBUG + if(p->debug){ + if(strcmp(p->pop_command,"pass") == 0) + pop_log(p,POP_DEBUG,"Received: \"%s xxxxxxxxx\"",p->pop_command); + else { + /* Remove trailing */ + buf[strlen(buf)-2] = '\0'; + pop_log(p,POP_DEBUG,"Received: \"%s\"",buf); + } + } +#endif /* DEBUG */ + + /* Search for the POP command in the command/state table */ + for (s = states; s->command; s++) { + + /* Is this a valid command for the current operating state? */ + if (strcmp(s->command,p->pop_command) == 0 + && s->ValidCurrentState == p->CurrentState) { + + /* Were too few parameters passed to the command? */ + if (p->parm_count < s->min_parms) { + pop_msg(p,POP_FAILURE, + "Too few arguments for the %s command.", + p->pop_command); + return NULL; + } + + /* Were too many parameters passed to the command? */ + if (p->parm_count > s->max_parms) { + pop_msg(p,POP_FAILURE, + "Too many arguments for the %s command.", + p->pop_command); + return NULL; + } + + /* Return a pointer to the entry for this command in + the command/state table */ + return (s); + } + } + /* The client command was not located in the command/state table */ + pop_msg(p,POP_FAILURE, + "Unknown command: \"%s\".",p->pop_command); + return NULL; +} + +int +pop_help (POP *p) +{ + state_table *s; + + pop_msg(p, POP_SUCCESS, "help"); + + for (s = states; s->command; s++) { + fprintf (p->output, "%s\r\n", s->command); + } + fprintf (p->output, ".\r\n"); + fflush (p->output); + return POP_SUCCESS; +} diff --git a/appl/popper/pop_init.c b/appl/popper/pop_init.c new file mode 100644 index 000000000000..ee550bd7f723 --- /dev/null +++ b/appl/popper/pop_init.c @@ -0,0 +1,364 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + + +#if defined(KRB5) + +static int +pop_net_read(POP *p, int fd, void *buf, size_t len) +{ +#ifdef KRB5 + return krb5_net_read(p->context, &fd, buf, len); +#else +#error must define KRB5 +#endif +} +#endif + +static char *addr_log; + +static void +pop_write_addr(POP *p, struct sockaddr *addr) +{ + char ts[32]; + char as[128]; + time_t t; + FILE *f; + if(addr_log == NULL) + return; + t = time(NULL); + strftime(ts, sizeof(ts), "%Y%m%d%H%M%S", localtime(&t)); + if(inet_ntop (addr->sa_family, socket_get_address(addr), + as, sizeof(as)) == NULL) { + pop_log(p, POP_PRIORITY, "failed to print address"); + return; + } + + f = fopen(addr_log, "a"); + if(f == NULL) { + pop_log(p, POP_PRIORITY, "failed to open address log (%s)", addr_log); + return; + } + fprintf(f, "%s %s\n", as, ts); + fclose(f); +} + +#ifdef KRB5 +static int +krb5_authenticate (POP *p, int s, u_char *buf, struct sockaddr *addr) +{ + krb5_error_code ret; + krb5_auth_context auth_context = NULL; + uint32_t len; + krb5_ticket *ticket; + char *server; + + if (memcmp (buf, "\x00\x00\x00\x13", 4) != 0) + return -1; + len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | (buf[3]); + + if (krb5_net_read(p->context, &s, buf, len) != len) + return -1; + if (len != sizeof(KRB5_SENDAUTH_VERSION) + || memcmp (buf, KRB5_SENDAUTH_VERSION, len) != 0) + return -1; + + ret = krb5_recvauth (p->context, + &auth_context, + &s, + "KPOPV1.0", + NULL, /* let rd_req figure out what server to use */ + KRB5_RECVAUTH_IGNORE_VERSION, + NULL, + &ticket); + if (ret) { + pop_log(p, POP_PRIORITY, "krb5_recvauth: %s", + krb5_get_err_text(p->context, ret)); + return -1; + } + + + ret = krb5_unparse_name(p->context, ticket->server, &server); + if(ret) { + pop_log(p, POP_PRIORITY, "krb5_unparse_name: %s", + krb5_get_err_text(p->context, ret)); + ret = -1; + goto out; + } + /* does this make sense? */ + if(strncmp(server, "pop/", 4) != 0) { + pop_log(p, POP_PRIORITY, + "Got ticket for service `%s'", server); + ret = -1; + goto out; + } else if(p->debug) + pop_log(p, POP_DEBUG, + "Accepted ticket for service `%s'", server); + free(server); + out: + krb5_auth_con_free (p->context, auth_context); + krb5_copy_principal (p->context, ticket->client, &p->principal); + krb5_free_ticket (p->context, ticket); + + return ret; +} +#endif + +static int +krb_authenticate(POP *p, struct sockaddr *addr) +{ +#if defined(KRB5) + u_char buf[BUFSIZ]; + + if (pop_net_read (p, 0, buf, 4) != 4) { + pop_msg(p, POP_FAILURE, "Reading four bytes: %s", + strerror(errno)); + exit (1); + } + if (krb5_authenticate (p, 0, buf, addr) == 0){ + pop_write_addr(p, addr); + p->version = 5; + return POP_SUCCESS; + } +#endif + exit (1); + + return(POP_SUCCESS); +} + +static int +plain_authenticate (POP *p, struct sockaddr *addr) +{ + return(POP_SUCCESS); +} + +static int kerberos_flag; +static char *auth_str; +static int debug_flag; +static int interactive_flag; +static char *port_str; +static char *trace_file; +static int timeout; +static int help_flag; +static int version_flag; + +static struct getargs args[] = { +#if defined(KRB5) + { "kerberos", 'k', arg_flag, &kerberos_flag, "use kerberos" }, +#endif + { "auth-mode", 'a', arg_string, &auth_str, "required authentication", + "plaintext" +#ifdef OTP + "|otp" +#endif +#ifdef SASL + "|sasl" +#endif + }, + { "debug", 'd', arg_flag, &debug_flag }, + { "interactive", 'i', arg_flag, &interactive_flag, "create new socket" }, + { "port", 'p', arg_string, &port_str, "port to listen to", "port" }, + { "trace-file", 't', arg_string, &trace_file, "trace all command to file", "file" }, + { "timeout", 'T', arg_integer, &timeout, "timeout", "seconds" }, + { "address-log", 0, arg_string, &addr_log, "enable address log", "file" }, + { "help", 'h', arg_flag, &help_flag }, + { "version", 'v', arg_flag, &version_flag } +}; + +static int num_args = sizeof(args) / sizeof(args[0]); + +/* + * init: Start a Post Office Protocol session + */ + +static int +pop_getportbyname(POP *p, const char *service, + const char *proto, short def) +{ +#ifdef KRB5 + return krb5_getportbyname(p->context, service, proto, def); +#else + return htons(default); +#endif +} + +int +pop_init(POP *p,int argcount,char **argmessage) +{ + struct sockaddr_storage cs_ss; + struct sockaddr *cs = (struct sockaddr *)&cs_ss; + socklen_t len; + char * trace_file_name = "/tmp/popper-trace"; + int portnum = 0; + int optind = 0; + int error; + + /* Initialize the POP parameter block */ + memset (p, 0, sizeof(POP)); + + setprogname(argmessage[0]); + + /* Save my name in a global variable */ + p->myname = (char*)getprogname(); + + /* Get the name of our host */ + gethostname(p->myhost,MaxHostNameLen); + +#ifdef KRB5 + { + krb5_error_code ret; + + ret = krb5_init_context (&p->context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + krb5_openlog(p->context, p->myname, &p->logf); + krb5_set_warn_dest(p->context, p->logf); + } +#else + /* Open the log file */ + roken_openlog(p->myname,POP_LOGOPTS,POP_FACILITY); +#endif + + p->auth_level = AUTH_NONE; + + if(getarg(args, num_args, argcount, argmessage, &optind)){ + arg_printusage(args, num_args, NULL, ""); + exit(1); + } + if(help_flag){ + arg_printusage(args, num_args, NULL, ""); + exit(0); + } + if(version_flag){ + print_version(NULL); + exit(0); + } + + argcount -= optind; + argmessage += optind; + + if (argcount != 0) { + arg_printusage(args, num_args, NULL, ""); + exit(1); + } + + if(auth_str){ + if (strcasecmp (auth_str, "plaintext") == 0 || + strcasecmp (auth_str, "none") == 0) + p->auth_level = AUTH_NONE; + else if(strcasecmp(auth_str, "otp") == 0) { +#ifdef OTP + p->auth_level = AUTH_OTP; +#else + pop_log (p, POP_PRIORITY, "support for OTP not enabled"); + exit(1); +#endif + } else if(strcasecmp(auth_str, "sasl") == 0) { +#ifdef SASL + p->auth_level = AUTH_SASL; +#else + pop_log (p, POP_PRIORITY, "support for SASL not enabled"); + exit(1); +#endif + } else { + pop_log (p, POP_PRIORITY, "bad value for -a: %s", auth_str); + exit(1); + } + } + /* Debugging requested */ + p->debug = debug_flag; + + if(port_str) + portnum = htons(atoi(port_str)); + if(trace_file){ + p->debug++; + if ((p->trace = fopen(trace_file, "a+")) == NULL) { + pop_log(p, POP_PRIORITY, + "Unable to open trace file \"%s\", err = %d", + optarg,errno); + exit (1); + } + trace_file_name = trace_file; + } + +#if defined(KRB5) + p->kerberosp = kerberos_flag; +#endif + + if(timeout) + pop_timeout = timeout; + + /* Fake inetd */ + if (interactive_flag) { + if (portnum == 0) + portnum = p->kerberosp ? + pop_getportbyname(p, "kpop", "tcp", 1109) : + pop_getportbyname(p, "pop", "tcp", 110); + mini_inetd (portnum, NULL); + } + + /* Get the address and socket of the client to whom I am speaking */ + len = sizeof(cs_ss); + if (getpeername(STDIN_FILENO, cs, &len) < 0) { + pop_log(p,POP_PRIORITY, + "Unable to obtain socket and address of client, err = %d",errno); + exit (1); + } + + /* Save the dotted decimal form of the client's IP address + in the POP parameter block */ + inet_ntop (cs->sa_family, socket_get_address (cs), + p->ipaddr, sizeof(p->ipaddr)); + + /* Save the client's port */ + p->ipport = ntohs(socket_get_port (cs)); + + /* Get the canonical name of the host to whom I am speaking */ + error = getnameinfo_verified (cs, len, p->client, sizeof(p->client), + NULL, 0, 0); + if (error) { + pop_log (p, POP_PRIORITY, + "getnameinfo: %s", gai_strerror (error)); + strlcpy (p->client, p->ipaddr, sizeof(p->client)); + } + + /* Create input file stream for TCP/IP communication */ + if ((p->input = fdopen(STDIN_FILENO,"r")) == NULL){ + pop_log(p,POP_PRIORITY, + "Unable to open communication stream for input, err = %d",errno); + exit (1); + } + + /* Create output file stream for TCP/IP communication */ + if ((p->output = fdopen(STDOUT_FILENO,"w")) == NULL){ + pop_log(p,POP_PRIORITY, + "Unable to open communication stream for output, err = %d",errno); + exit (1); + } + + pop_log(p,POP_PRIORITY, + "(v%s) Servicing request from \"%s\" at %s\n", + VERSION,p->client,p->ipaddr); + +#ifdef DEBUG + if (p->trace) + pop_log(p,POP_PRIORITY, + "Tracing session and debugging information in file \"%s\"", + trace_file_name); + else if (p->debug) + pop_log(p,POP_PRIORITY,"Debugging turned on"); +#endif /* DEBUG */ + + + if(p->kerberosp) + return krb_authenticate(p, cs); + else + return plain_authenticate(p, cs); +} diff --git a/appl/popper/pop_last.c b/appl/popper/pop_last.c new file mode 100644 index 000000000000..8f159e664663 --- /dev/null +++ b/appl/popper/pop_last.c @@ -0,0 +1,18 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * last: Display the last message touched in a POP session + */ + +int +pop_last (POP *p) +{ + return (pop_msg(p,POP_SUCCESS,"%u is the last message seen.",p->last_msg)); +} diff --git a/appl/popper/pop_list.c b/appl/popper/pop_list.c new file mode 100644 index 000000000000..b7f0d1f99401 --- /dev/null +++ b/appl/popper/pop_list.c @@ -0,0 +1,59 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * list: List the contents of a POP maildrop + */ + +int +pop_list (POP *p) +{ + MsgInfoList * mp; /* Pointer to message info list */ + int i; + int msg_num; + + /* Was a message number provided? */ + if (p->parm_count > 0) { + msg_num = atoi(p->pop_parm[1]); + + /* Is requested message out of range? */ + if ((msg_num < 1) || (msg_num > p->msg_count)) + return (pop_msg (p,POP_FAILURE, + "Message %d does not exist.",msg_num)); + + /* Get a pointer to the message in the message list */ + mp = &p->mlp[msg_num-1]; + + /* Is the message already flagged for deletion? */ + if (mp->flags & DEL_FLAG) + return (pop_msg (p,POP_FAILURE, + "Message %d has been deleted.",msg_num)); + + /* Display message information */ + return (pop_msg(p,POP_SUCCESS,"%d %ld",msg_num,mp->length)); + } + + /* Display the entire list of messages */ + pop_msg(p,POP_SUCCESS, + "%d messages (%ld octets)", + p->msg_count-p->msgs_deleted, + p->drop_size-p->bytes_deleted); + + /* Loop through the message information list. Skip deleted messages */ + for (i = p->msg_count, mp = p->mlp; i > 0; i--, mp++) { + if (!(mp->flags & DEL_FLAG)) + fprintf(p->output,"%u %lu\r\n",mp->number,mp->length); + } + + /* "." signals the end of a multi-line transmission */ + fprintf(p->output,".\r\n"); + fflush(p->output); + + return(POP_SUCCESS); +} diff --git a/appl/popper/pop_log.c b/appl/popper/pop_log.c new file mode 100644 index 000000000000..3ae50196276b --- /dev/null +++ b/appl/popper/pop_log.c @@ -0,0 +1,36 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * log: Make a log entry + */ + +int +pop_log(POP *p, int stat, char *format, ...) +{ + char msgbuf[MAXLINELEN]; + va_list ap; + + va_start(ap, format); + vsnprintf(msgbuf, sizeof(msgbuf), format, ap); + + if (p->debug && p->trace) { + fprintf(p->trace,"%s\n",msgbuf); + fflush(p->trace); + } else { +#ifdef KRB5 + krb5_log(p->context, p->logf, stat, "%s", msgbuf); +#else + syslog (stat,"%s",msgbuf); +#endif + } + va_end(ap); + + return(stat); +} diff --git a/appl/popper/pop_msg.c b/appl/popper/pop_msg.c new file mode 100644 index 000000000000..a197a41db705 --- /dev/null +++ b/appl/popper/pop_msg.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * msg: Send a formatted line to the POP client + */ + +int +pop_msg(POP *p, int stat, const char *format, ...) +{ + char *mp; + char message[MAXLINELEN]; + va_list ap; + + va_start(ap, format); + + /* Point to the message buffer */ + mp = message; + + /* Format the POP status code at the beginning of the message */ + snprintf (mp, sizeof(message), "%s ", + (stat == POP_SUCCESS) ? POP_OK : POP_ERR); + + /* Point past the POP status indicator in the message message */ + mp += strlen(mp); + + /* Append the message (formatted, if necessary) */ + if (format) + vsnprintf (mp, sizeof(message) - strlen(message), + format, ap); + + /* Log the message if debugging is turned on */ +#ifdef DEBUG + if (p->debug && stat == POP_SUCCESS) + pop_log(p,POP_DEBUG,"%s",message); +#endif /* DEBUG */ + + /* Log the message if a failure occurred */ + if (stat != POP_SUCCESS) + pop_log(p,POP_PRIORITY,"%s",message); + + /* Append the */ + strlcat(message, "\r\n", sizeof(message)); + + /* Send the message to the client */ + fputs(message, p->output); + fflush(p->output); + + va_end(ap); + return(stat); +} diff --git a/appl/popper/pop_parse.c b/appl/popper/pop_parse.c new file mode 100644 index 000000000000..c4bbbc074ae3 --- /dev/null +++ b/appl/popper/pop_parse.c @@ -0,0 +1,55 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * parse: Parse a raw input line from a POP client + * into null-delimited tokens + */ + +int +pop_parse(POP *p, char *buf) +{ + char * mp; + int i; + + /* Loop through the POP command array */ + for (mp = buf, i = 0; ; i++) { + + /* Skip leading spaces and tabs in the message */ + while (isspace((unsigned char)*mp))mp++; + + /* Are we at the end of the message? */ + if (*mp == 0) break; + + /* Have we already obtained the maximum allowable parameters? */ + if (i >= MAXPARMCOUNT) { + pop_msg(p,POP_FAILURE,"Too many arguments supplied."); + return(-1); + } + + /* Point to the start of the token */ + p->pop_parm[i] = mp; + + /* Search for the first space character (end of the token) */ + while (!isspace((unsigned char)*mp) && *mp) mp++; + + /* Delimit the token with a null */ + if (*mp) *mp++ = 0; + } + + /* Were any parameters passed at all? */ + if (i == 0) return (-1); + + /* Convert the first token (POP command) to lower case */ + strlwr(p->pop_command); + + /* Return the number of tokens extracted minus the command itself */ + return (i-1); + +} diff --git a/appl/popper/pop_pass.c b/appl/popper/pop_pass.c new file mode 100644 index 000000000000..a89a99d0fdec --- /dev/null +++ b/appl/popper/pop_pass.c @@ -0,0 +1,204 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +#ifdef HAVE_CRYPT_H +#include +#endif + +RCSID("$Id$"); + +#ifdef KRB5 +static int +krb5_verify_password (POP *p) +{ + krb5_preauthtype pre_auth_types[] = {KRB5_PADATA_ENC_TIMESTAMP}; + krb5_get_init_creds_opt *get_options; + krb5_verify_init_creds_opt verify_options; + krb5_error_code ret; + krb5_principal client, server; + krb5_creds creds; + + ret = krb5_get_init_creds_opt_alloc (p->context, &get_options); + if (ret) { + pop_log(p, POP_PRIORITY, "krb5_get_init_creds_opt_alloc: %s", + krb5_get_err_text (p->context, ret)); + return 1; + } + + krb5_get_init_creds_opt_set_preauth_list (get_options, + pre_auth_types, + 1); + + krb5_verify_init_creds_opt_init (&verify_options); + + ret = krb5_parse_name (p->context, p->user, &client); + if (ret) { + krb5_get_init_creds_opt_free(p->context, get_options); + pop_log(p, POP_PRIORITY, "krb5_parse_name: %s", + krb5_get_err_text (p->context, ret)); + return 1; + } + + ret = krb5_get_init_creds_password (p->context, + &creds, + client, + p->pop_parm[1], + NULL, + NULL, + 0, + NULL, + get_options); + krb5_get_init_creds_opt_free(p->context, get_options); + if (ret) { + pop_log(p, POP_PRIORITY, + "krb5_get_init_creds_password: %s", + krb5_get_err_text (p->context, ret)); + return 1; + } + + ret = krb5_sname_to_principal (p->context, + p->myhost, + "pop", + KRB5_NT_SRV_HST, + &server); + if (ret) { + pop_log(p, POP_PRIORITY, + "krb5_get_init_creds_password: %s", + krb5_get_err_text (p->context, ret)); + return 1; + } + + ret = krb5_verify_init_creds (p->context, + &creds, + server, + NULL, + NULL, + &verify_options); + krb5_free_principal (p->context, client); + krb5_free_principal (p->context, server); + krb5_free_cred_contents (p->context, &creds); + return ret; +} +#endif +/* + * pass: Obtain the user password from a POP client + */ + +int +login_user(POP *p) +{ + struct stat st; + struct passwd *pw; + + /* Look for the user in the password file */ + if ((pw = k_getpwnam(p->user)) == NULL) { + pop_log(p, POP_PRIORITY, "user %s (from %s) not found", + p->user, p->ipaddr); + return pop_msg(p, POP_FAILURE, "Login incorrect."); + } + + pop_log(p, POP_INFO, "login from %s as %s", p->ipaddr, p->user); + + /* Build the name of the user's maildrop */ + snprintf(p->drop_name, sizeof(p->drop_name), "%s/%s", POP_MAILDIR, p->user); + if(stat(p->drop_name, &st) < 0 || !S_ISDIR(st.st_mode)){ + /* Make a temporary copy of the user's maildrop */ + /* and set the group and user id */ + if (pop_dropcopy(p, pw) != POP_SUCCESS) return (POP_FAILURE); + + /* Get information about the maildrop */ + if (pop_dropinfo(p) != POP_SUCCESS) return(POP_FAILURE); + } else { + if(changeuser(p, pw) != POP_SUCCESS) return POP_FAILURE; + if(pop_maildir_info(p) != POP_SUCCESS) return POP_FAILURE; + } + /* Initialize the last-message-accessed number */ + p->last_msg = 0; + return POP_SUCCESS; +} + +int +pop_pass (POP *p) +{ + struct passwd *pw; + int i; + int status; + + /* Make one string of all these parameters */ + + for (i = 1; i < p->parm_count; ++i) + p->pop_parm[i][strlen(p->pop_parm[i])] = ' '; + + /* Look for the user in the password file */ + if ((pw = k_getpwnam(p->user)) == NULL) + return (pop_msg(p,POP_FAILURE, + "Password supplied for \"%s\" is incorrect.", + p->user)); + + if (p->kerberosp) { +#ifdef KRB5 + if (p->version == 5) { + char *name; + + if (!krb5_kuserok (p->context, p->principal, p->user)) { + pop_log (p, POP_PRIORITY, + "krb5 permission denied"); + return pop_msg(p, POP_FAILURE, + "Popping not authorized"); + } + if(krb5_unparse_name (p->context, p->principal, &name) == 0) { + pop_log(p, POP_INFO, "%s: %s -> %s", + p->ipaddr, name, p->user); + free (name); + } + } else { + pop_log (p, POP_PRIORITY, "kerberos authentication failed"); + return pop_msg (p, POP_FAILURE, + "kerberos authentication failed"); + } +#endif + { } + } else { + /* We don't accept connections from users with null passwords */ + if (pw->pw_passwd == NULL) + return (pop_msg(p, + POP_FAILURE, + "Password supplied for \"%s\" is incorrect.", + p->user)); + +#ifdef OTP + if (otp_verify_user (&p->otp_ctx, p->pop_parm[1]) == 0) + /* pass OK */; + else +#endif + /* Compare the supplied password with the password file entry */ + if (p->auth_level != AUTH_NONE) + return pop_msg(p, POP_FAILURE, + "Password supplied for \"%s\" is incorrect.", + p->user); + else if (!strcmp(crypt(p->pop_parm[1], pw->pw_passwd), pw->pw_passwd)) + /* pass OK */; + else { + int ret = -1; +#ifdef KRB5 + if(ret) + ret = krb5_verify_password (p); +#endif + if(ret) + return pop_msg(p, POP_FAILURE, + "Password incorrect"); + } + } + status = login_user(p); + if(status != POP_SUCCESS) + return status; + + /* Authorization completed successfully */ + return (pop_msg (p, POP_SUCCESS, + "%s has %d message(s) (%ld octets).", + p->user, p->msg_count, p->drop_size)); +} diff --git a/appl/popper/pop_quit.c b/appl/popper/pop_quit.c new file mode 100644 index 000000000000..ebea91d3bec8 --- /dev/null +++ b/appl/popper/pop_quit.c @@ -0,0 +1,21 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * quit: Terminate a POP session + */ + +int +pop_quit (POP *p) +{ + /* Release the message information list */ + if (p->mlp) free (p->mlp); + + return(POP_SUCCESS); +} diff --git a/appl/popper/pop_rset.c b/appl/popper/pop_rset.c new file mode 100644 index 000000000000..78d2b5dcf78d --- /dev/null +++ b/appl/popper/pop_rset.c @@ -0,0 +1,33 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * rset: Unflag all messages flagged for deletion in a POP maildrop + */ + +int +pop_rset (POP *p) +{ + MsgInfoList * mp; /* Pointer to the message info list */ + int i; + + /* Unmark all the messages */ + for (i = p->msg_count, mp = p->mlp; i > 0; i--, mp++) + mp->flags &= ~DEL_FLAG; + + /* Reset the messages-deleted and bytes-deleted counters */ + p->msgs_deleted = 0; + p->bytes_deleted = 0; + + /* Reset the last-message-access flag */ + p->last_msg = 0; + + return (pop_msg(p,POP_SUCCESS,"Maildrop has %u messages (%ld octets)", + p->msg_count, p->drop_size)); +} diff --git a/appl/popper/pop_send.c b/appl/popper/pop_send.c new file mode 100644 index 000000000000..5054077b0a0f --- /dev/null +++ b/appl/popper/pop_send.c @@ -0,0 +1,176 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * sendline: Send a line of a multi-line response to a client. + */ +static int +pop_sendline(POP *p, char *buffer) +{ + char * bp; + + /* Byte stuff lines that begin with the termination octet */ + if (*buffer == POP_TERMINATE) + fputc(POP_TERMINATE,p->output); + + /* Look for a in the buffer */ + if ((bp = strchr(buffer, '\n'))) + *bp = 0; + + /* Send the line to the client */ + fputs(buffer,p->output); + +#ifdef DEBUG + if(p->debug) + pop_log(p,POP_DEBUG,"Sending line \"%s\"",buffer); +#endif /* DEBUG */ + + /* Put a if a newline was removed from the buffer */ + if (bp) + fputs ("\r\n",p->output); + return bp != NULL; +} + +/* + * send: Send the header and a specified number of lines + * from a mail message to a POP client. + */ + +int +pop_send(POP *p) +{ + MsgInfoList * mp; /* Pointer to message info list */ + int msg_num; + int msg_lines; + char buffer[MAXMSGLINELEN]; +#ifdef RETURN_PATH_HANDLING + char * return_path_adr; + char * return_path_end; + int return_path_sent; + int return_path_linlen; +#endif + int sent_nl = 0; + + /* Convert the first parameter into an integer */ + msg_num = atoi(p->pop_parm[1]); + + /* Is requested message out of range? */ + if ((msg_num < 1) || (msg_num > p->msg_count)) + return (pop_msg (p,POP_FAILURE,"Message %d does not exist.",msg_num)); + + /* Get a pointer to the message in the message list */ + mp = &p->mlp[msg_num-1]; + + /* Is the message flagged for deletion? */ + if (mp->flags & DEL_FLAG) + return (pop_msg (p,POP_FAILURE, + "Message %d has been deleted.",msg_num)); + + /* If this is a TOP command, get the number of lines to send */ + if (strcmp(p->pop_command, "top") == 0) { + /* Convert the second parameter into an integer */ + msg_lines = atoi(p->pop_parm[2]); + } + else { + /* Assume that a RETR (retrieve) command was issued */ + msg_lines = -1; + /* Flag the message as retreived */ + mp->flags |= RETR_FLAG; + } + + /* Display the number of bytes in the message */ + pop_msg(p, POP_SUCCESS, "%ld octets", mp->length); + + if(IS_MAILDIR(p)) { + int e = pop_maildir_open(p, mp); + if(e != POP_SUCCESS) + return e; + } + + /* Position to the start of the message */ + fseek(p->drop, mp->offset, 0); + + return_path_sent = 0; + + if(!IS_MAILDIR(p)) { + /* Skip the first line (the sendmail "From" line) */ + fgets (buffer,MAXMSGLINELEN,p->drop); + +#ifdef RETURN_PATH_HANDLING + if (strncmp(buffer,"From ",5) == 0) { + return_path_linlen = strlen(buffer); + for (return_path_adr = buffer+5; + (*return_path_adr == ' ' || *return_path_adr == '\t') && + return_path_adr < buffer + return_path_linlen; + return_path_adr++) + ; + if (return_path_adr < buffer + return_path_linlen) { + if ((return_path_end = strchr(return_path_adr, ' ')) != NULL) + *return_path_end = '\0'; + if (strlen(return_path_adr) != 0 && *return_path_adr != '\n') { + static char tmpbuf[MAXMSGLINELEN + 20]; + if (snprintf (tmpbuf, + sizeof(tmpbuf), + "Return-Path: %s\n", + return_path_adr) < MAXMSGLINELEN) { + pop_sendline (p,tmpbuf); + if (hangup) + return pop_msg (p, POP_FAILURE, + "SIGHUP or SIGPIPE flagged"); + return_path_sent++; + } + } + } + } +#endif + } + + /* Send the header of the message followed by a blank line */ + while (fgets(buffer,MAXMSGLINELEN,p->drop)) { +#ifdef RETURN_PATH_HANDLING + /* Don't send existing Return-Path-header if already sent own */ + if (!return_path_sent || strncasecmp(buffer, "Return-Path:", 12) != 0) +#endif + sent_nl = pop_sendline (p,buffer); + /* A single newline (blank line) signals the + end of the header. sendline() converts this to a NULL, + so that's what we look for. */ + if (*buffer == 0) break; + if (hangup) + return (pop_msg (p,POP_FAILURE,"SIGHUP or SIGPIPE flagged")); + } + /* Send the message body */ + { + int blank_line = 1; + while (fgets(buffer, MAXMSGLINELEN-1, p->drop)) { + /* Look for the start of the next message */ + if (!IS_MAILDIR(p) && blank_line && strncmp(buffer,"From ",5) == 0) + break; + blank_line = (strncmp(buffer, "\n", 1) == 0); + /* Decrement the lines sent (for a TOP command) */ + if (msg_lines >= 0 && msg_lines-- == 0) break; + sent_nl = pop_sendline(p,buffer); + if (hangup) + return (pop_msg (p,POP_FAILURE,"SIGHUP or SIGPIPE flagged")); + } + /* add missing newline at end */ + if(!sent_nl) + fputs("\r\n", p->output); + /* some pop-clients want a blank line at the end of the + message, we always add one here, but what the heck -- in + outer (white) space, no one can hear you scream */ + if(IS_MAILDIR(p)) + fputs("\r\n", p->output); + } + /* "." signals the end of a multi-line transmission */ + fputs(".\r\n",p->output); + fflush(p->output); + + return(POP_SUCCESS); +} diff --git a/appl/popper/pop_stat.c b/appl/popper/pop_stat.c new file mode 100644 index 000000000000..799245a27d62 --- /dev/null +++ b/appl/popper/pop_stat.c @@ -0,0 +1,26 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * stat: Display the status of a POP maildrop to its client + */ + +int +pop_stat (POP *p) +{ +#ifdef DEBUG + if (p->debug) pop_log(p,POP_DEBUG,"%d message(s) (%ld octets).", + p->msg_count-p->msgs_deleted, + p->drop_size-p->bytes_deleted); +#endif /* DEBUG */ + return (pop_msg (p,POP_SUCCESS, + "%d %ld", + p->msg_count-p->msgs_deleted, + p->drop_size-p->bytes_deleted)); +} diff --git a/appl/popper/pop_uidl.c b/appl/popper/pop_uidl.c new file mode 100644 index 000000000000..22beb829b1b5 --- /dev/null +++ b/appl/popper/pop_uidl.c @@ -0,0 +1,88 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +RCSID("$Id$"); + +#ifdef UIDL +/* + * uidl: Uidl the contents of a POP maildrop + */ + +int +pop_uidl (POP *p) +{ + MsgInfoList * mp; /* Pointer to message info list */ + int i; + int msg_num; + + /* Was a message number provided? */ + if (p->parm_count > 0) { + msg_num = atoi(p->pop_parm[1]); + + /* Is requested message out of range? */ + if ((msg_num < 1) || (msg_num > p->msg_count)) + return (pop_msg (p,POP_FAILURE, + "Message %d does not exist.",msg_num)); + + /* Get a pointer to the message in the message list */ + mp = &p->mlp[msg_num-1]; + + /* Is the message already flagged for deletion? */ + if (mp->flags & DEL_FLAG) + return (pop_msg (p,POP_FAILURE, + "Message %d has been deleted.",msg_num)); + + /* Display message information */ + return (pop_msg(p,POP_SUCCESS,"%u %s",msg_num,mp->msg_id)); + } + + /* Display the entire list of messages */ + pop_msg(p,POP_SUCCESS, + "%d messages (%ld octets)", + p->msg_count-p->msgs_deleted, + p->drop_size-p->bytes_deleted); + + /* Loop through the message information list. Skip deleted messages */ + for (i = p->msg_count, mp = p->mlp; i > 0; i--, mp++) { + if (!(mp->flags & DEL_FLAG)) + fprintf(p->output,"%u %s\r\n",mp->number,mp->msg_id); + } + + /* "." signals the end of a multi-line transmission */ + fprintf(p->output,".\r\n"); + fflush(p->output); + + return(POP_SUCCESS); +} +#endif /* UIDL */ diff --git a/appl/popper/pop_updt.c b/appl/popper/pop_updt.c new file mode 100644 index 000000000000..ac6bfe09c191 --- /dev/null +++ b/appl/popper/pop_updt.c @@ -0,0 +1,199 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +static const char standard_error[] = + "Error error updating primary drop. Mailbox unchanged"; + +/* + * updt: Apply changes to a user's POP maildrop + */ + +int +pop_updt (POP *p) +{ + FILE * md; /* Stream pointer for + the user's maildrop */ + int mfd; /* File descriptor for + above */ + char buffer[BUFSIZ]; /* Read buffer */ + + MsgInfoList * mp; /* Pointer to message + info list */ + int msg_num; /* Current message + counter */ + int status_written; /* Status header field + written */ + int nchar; /* Bytes read/written */ + + long offset; /* New mail offset */ + + int blank_line; + +#ifdef DEBUG + if (p->debug) { + pop_log(p,POP_DEBUG,"Performing maildrop update..."); + pop_log(p,POP_DEBUG,"Checking to see if all messages were deleted"); + } +#endif /* DEBUG */ + + if(IS_MAILDIR(p)) + return pop_maildir_update(p); + + if (p->msgs_deleted == p->msg_count) { + /* Truncate before close, to avoid race condition, DO NOT UNLINK! + Another process may have opened, and not yet tried to lock */ + ftruncate ((int)fileno(p->drop),0); + fclose(p->drop) ; + return (POP_SUCCESS); + } + +#ifdef DEBUG + if (p->debug) + pop_log(p,POP_DEBUG,"Opening mail drop \"%s\"",p->drop_name); +#endif /* DEBUG */ + + /* Open the user's real maildrop */ + if ((mfd = open(p->drop_name,O_RDWR|O_CREAT,0600)) == -1 || + (md = fdopen(mfd,"r+")) == NULL) { + return pop_msg(p,POP_FAILURE,standard_error); + } + + /* Lock the user's real mail drop */ + if ( flock(mfd, LOCK_EX) == -1 ) { + fclose(md) ; + return pop_msg(p,POP_FAILURE, "flock: '%s': %s", p->temp_drop, + strerror(errno)); + } + + /* Go to the right places */ + offset = lseek((int)fileno(p->drop),0,SEEK_END) ; + + /* Append any messages that may have arrived during the session + to the temporary maildrop */ + while ((nchar=read(mfd,buffer,BUFSIZ)) > 0) + if ( nchar != write((int)fileno(p->drop),buffer,nchar) ) { + nchar = -1; + break ; + } + if ( nchar != 0 ) { + fclose(md) ; + ftruncate((int)fileno(p->drop),(int)offset) ; + fclose(p->drop) ; + return pop_msg(p,POP_FAILURE,standard_error); + } + + rewind(md); + lseek(mfd,0,SEEK_SET); + ftruncate(mfd,0) ; + + /* Synch stdio and the kernel for the POP drop */ + rewind(p->drop); + lseek((int)fileno(p->drop),0,SEEK_SET); + + /* Transfer messages not flagged for deletion from the temporary + maildrop to the new maildrop */ +#ifdef DEBUG + if (p->debug) + pop_log(p,POP_DEBUG,"Creating new maildrop \"%s\" from \"%s\"", + p->drop_name,p->temp_drop); +#endif /* DEBUG */ + + for (msg_num = 0; msg_num < p->msg_count; ++msg_num) { + + int doing_body; + + /* Get a pointer to the message information list */ + mp = &p->mlp[msg_num]; + + if (mp->flags & DEL_FLAG) { +#ifdef DEBUG + if(p->debug) + pop_log(p,POP_DEBUG, + "Message %d flagged for deletion.",mp->number); +#endif /* DEBUG */ + continue; + } + + fseek(p->drop,mp->offset,0); + +#ifdef DEBUG + if(p->debug) + pop_log(p,POP_DEBUG,"Copying message %d.",mp->number); +#endif /* DEBUG */ + blank_line = 1; + for(status_written = doing_body = 0 ; + fgets(buffer,MAXMSGLINELEN,p->drop);) { + + if (doing_body == 0) { /* Header */ + + /* Update the message status */ + if (strncasecmp(buffer,"Status:",7) == 0) { + if (mp->flags & RETR_FLAG) + fputs("Status: RO\n",md); + else + fputs(buffer, md); + status_written++; + continue; + } + /* A blank line signals the end of the header. */ + if (*buffer == '\n') { + doing_body = 1; + if (status_written == 0) { + if (mp->flags & RETR_FLAG) + fputs("Status: RO\n\n",md); + else + fputs("Status: U\n\n",md); + } + else fputs ("\n", md); + continue; + } + /* Save another header line */ + fputs (buffer, md); + } + else { /* Body */ + if (blank_line && strncmp(buffer,"From ",5) == 0) break; + fputs (buffer, md); + blank_line = (*buffer == '\n'); + } + } + } + + /* flush and check for errors now! The new mail will writen + without stdio, since we need not separate messages */ + + fflush(md) ; + if (ferror(md)) { + ftruncate(mfd,0) ; + fclose(md) ; + fclose(p->drop) ; + return pop_msg(p,POP_FAILURE,standard_error); + } + + /* Go to start of new mail if any */ + lseek((int)fileno(p->drop),offset,SEEK_SET); + + while((nchar=read((int)fileno(p->drop),buffer,BUFSIZ)) > 0) + if ( nchar != write(mfd,buffer,nchar) ) { + nchar = -1; + break ; + } + if ( nchar != 0 ) { + ftruncate(mfd,0) ; + fclose(md) ; + fclose(p->drop) ; + return pop_msg(p,POP_FAILURE,standard_error); + } + + /* Close the maildrop and empty temporary maildrop */ + fclose(md); + ftruncate((int)fileno(p->drop),0); + fclose(p->drop); + + return(pop_quit(p)); +} diff --git a/appl/popper/pop_user.c b/appl/popper/pop_user.c new file mode 100644 index 000000000000..56d07842a5f1 --- /dev/null +++ b/appl/popper/pop_user.c @@ -0,0 +1,35 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +/* + * user: Prompt for the user name at the start of a POP session + */ + +int +pop_user (POP *p) +{ + strlcpy(p->user, p->pop_parm[1], sizeof(p->user)); + + if (p->auth_level == AUTH_OTP) { +#ifdef OTP + char ss[256], *s; + + if(otp_challenge (&p->otp_ctx, p->user, ss, sizeof(ss)) == 0) + return pop_msg(p, POP_SUCCESS, "Password %s required for %s.", + ss, p->user); + s = otp_error(&p->otp_ctx); + return pop_msg(p, POP_FAILURE, "Permission denied%s%s", + s ? ":" : "", s ? s : ""); +#endif + } + if (p->auth_level == AUTH_SASL) { + return pop_msg(p, POP_FAILURE, "Permission denied"); + } + return pop_msg(p, POP_SUCCESS, "Password required for %s.", p->user); +} diff --git a/appl/popper/pop_xover.c b/appl/popper/pop_xover.c new file mode 100644 index 000000000000..ceab60cc8dc0 --- /dev/null +++ b/appl/popper/pop_xover.c @@ -0,0 +1,37 @@ +#include +RCSID("$Id$"); + +int +pop_xover (POP *p) +{ +#ifdef XOVER + MsgInfoList * mp; /* Pointer to message info list */ + int i; + + pop_msg(p,POP_SUCCESS, + "%d messages (%ld octets)", + p->msg_count-p->msgs_deleted, + p->drop_size-p->bytes_deleted); + + /* Loop through the message information list. Skip deleted messages */ + for (i = p->msg_count, mp = p->mlp; i > 0; i--, mp++) { + if (!(mp->flags & DEL_FLAG)) + fprintf(p->output,"%u\t%s\t%s\t%s\t%s\t%lu\t%u\r\n", + mp->number, + mp->subject, + mp->from, + mp->date, + mp->msg_id, + mp->length, + mp->lines); + } + + /* "." signals the end of a multi-line transmission */ + fprintf(p->output,".\r\n"); + fflush(p->output); + + return(POP_SUCCESS); +#else + return pop_msg(p, POP_FAILURE, "Command not implemented."); +#endif +} diff --git a/appl/popper/popper.8 b/appl/popper/popper.8 new file mode 100644 index 000000000000..187ecd2284d6 --- /dev/null +++ b/appl/popper/popper.8 @@ -0,0 +1,103 @@ +.\" Copyright (c) 2001 - 2004 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd July 14, 2004 +.Dt POPPER 8 +.Os HEIMDAL +.Sh NAME +.Nm popper +.Nd POP3 server +.Sh SYNOPSIS +.Nm +.Op Fl k +.Op Fl a Ar plaintext Ns \*(Ba Ns Ar otp Ns \*(Ba Ns Ar sasl +.Op Fl t Ar file +.Op Fl T Ar seconds +.Op Fl d +.Op Fl i +.Op Fl p Ar port +.Op Fl Fl address-log= Ns Pa file +.Sh DESCRIPTION +.Nm +serves mail via the Post Office Protocol. Supported options include: +.Bl -tag -width Ds +.It Fl a Ar plaintext Ns \*(Ba Ns Ar otp Ns \*(Ba Ns Ar sasl +Tells +.Nm +which authentication mode is acceptable, +.Ar sasl +enables SASL (RFC2222), and +.Ar otp +enables OTP (RFC1938) authentication. Both disable plaintext passwords. +.It Fl Fl address-log= Ns Pa file +Logs the addresses (along with a timestamp) of all clients to the +specified file. This can be used to implement POP-before-SMTP +authentication. +.It Fl d +Enables more verbose log messages. +.It Fl i +When not started by inetd, this flag tells +.Nm +that it has to create a socket by itself. +.It Fl k +Tells +.Nm +to use Kerberos for authentication. This is the traditional way of +doing Kerberos authentication, and is normally done on a separate port +(as it doesn't follow RFC1939), and should be used instead of using +SASL. +.It Fl p Ar port +Port to listen to, in combination with +.Fl i . +.It Fl t Ar file +Trace all commands to file. +.It Fl T Ar seconds +Set timeout to something other than the default of 120 seconds. +.El +.\".Sh ENVIRONMENT +.\".Sh FILES +.\".Sh EXAMPLES +.\".Sh DIAGNOSTICS +.Sh SEE ALSO +.Xr push 8 , +.Xr movemail 8 +.Sh STANDARDS +RFC1939 (Post Office Protocol - Version 3) +.\" RFC2449 (POP3 Extension Mechanism) +.\".Sh HISTORY +.Sh AUTHORS +The server was initially developed at the University of California, +Berkeley. +.Pp +Many changes have been made as part of the KTH Kerberos distributions. +.\".Sh BUGS diff --git a/appl/popper/popper.README.release b/appl/popper/popper.README.release new file mode 100644 index 000000000000..c0b313ecd964 --- /dev/null +++ b/appl/popper/popper.README.release @@ -0,0 +1,45 @@ +Release Notes: + +popper-1.831beta is no longer beta 30 July 91 + Removed popper-1.7.tar.Z + +popper-1.831beta.tar.Z 03 April 91 + Changed mkstemp to mktemp for Ultrix. Sigh. + +popper-1.83beta.tar.Z 02 April 91 + + This version makes certain that while running as root we do nothing + at all destructive. + +popper-1.82beta.tar.Z 27 March 91 + + This version fixes problems on Encore MultiMax and some Sun releases + which wouldn't allow a user to ftruncate() a file from an open + file descripter unless the user owns the file. Now the user + owns the /usr/spool/mail/.userid.pop file. Thanks to Ben Levy + of FTP Software and Henry Holtzman of Apple. + +popper-1.81beta.tar.Z 20 March 91 + + This version of popper is supposed to fix three problems reported + with various versions of popper (all called 1.7 or 1.7something). + + 1) Dropped network connections meant lost mail files. Some 1.7 + versions also risked corrupting mail files. + + 2) Some versions of 1.7 created temporary drop files with world + read and write permissions. + + 3) Some versions of 1.7 were not careful about opening the temporary + drop file. + +popper-1.7.tar.Z 09 September 90 (updated 20 March 91) + + This version will exhibit the first problem listed above if it is + compiled with -DDEBUG and run without the "-d" (debug) flag. + + If it is compiled without -DDEBUG it will exhibit only the second + and third bug listed above. + +Cliff Frost poptest@nettlesome.berkeley.edu +UC Berkeley diff --git a/appl/popper/popper.c b/appl/popper/popper.c new file mode 100644 index 000000000000..036a5dbdbcdc --- /dev/null +++ b/appl/popper/popper.c @@ -0,0 +1,120 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + */ + +#include +RCSID("$Id$"); + +int hangup = FALSE ; + +static RETSIGTYPE +catchSIGHUP(int sig) +{ + hangup = TRUE ; + + /* This should not be a problem on BSD systems */ + signal(SIGHUP, catchSIGHUP); + signal(SIGPIPE, catchSIGHUP); + SIGRETURN(0); +} + +int pop_timeout = POP_TIMEOUT; + +jmp_buf env; + +static RETSIGTYPE +ring(int sig) +{ + longjmp(env,1); +} + +/* + * fgets, but with a timeout + */ +static char * +tgets(char *str, int size, FILE *fp, int timeout) +{ + char *ret; + + signal(SIGALRM, ring); + alarm(timeout); + if (setjmp(env)) { + alarm(0); + signal(SIGALRM, SIG_DFL); + return NULL; + } + ret = fgets(str, size, fp); + alarm(0); + signal(SIGALRM, SIG_DFL); + return ret; +} + +/* + * popper: Handle a Post Office Protocol version 3 session + */ +int +main (int argc, char **argv) +{ + POP p; + state_table * s; + char message[MAXLINELEN]; + + signal(SIGHUP, catchSIGHUP); + signal(SIGPIPE, catchSIGHUP); + + /* Start things rolling */ + pop_init(&p,argc,argv); + + /* Tell the user that we are listenting */ + pop_msg(&p,POP_SUCCESS, "POP3 server ready"); + + /* State loop. The POP server is always in a particular state in + which a specific suite of commands can be executed. The following + loop reads a line from the client, gets the command, and processes + it in the current context (if allowed) or rejects it. This continues + until the client quits or an error occurs. */ + + for (p.CurrentState=auth1;p.CurrentState!=halt&&p.CurrentState!=error;) { + if (hangup) { + pop_msg(&p, POP_FAILURE, "POP hangup: %s", p.myhost); + if (p.CurrentState > auth2 && !pop_updt(&p)) + pop_msg(&p, POP_FAILURE, + "POP mailbox update failed: %s", p.myhost); + p.CurrentState = error; + } else if (tgets(message, MAXLINELEN, p.input, pop_timeout) == NULL) { + pop_msg(&p, POP_FAILURE, "POP timeout: %s", p.myhost); + if (p.CurrentState > auth2 && !pop_updt(&p)) + pop_msg(&p,POP_FAILURE, + "POP mailbox update failed: %s", p.myhost); + p.CurrentState = error; + } + else { + /* Search for the command in the command/state table */ + if ((s = pop_get_command(&p,message)) == NULL) continue; + + /* Call the function associated with this command in + the current state */ + if (s->function) p.CurrentState = s->result[(*s->function)(&p)]; + + /* Otherwise assume NOOP and send an OK message to the client */ + else { + p.CurrentState = s->success_state; + pop_msg(&p,POP_SUCCESS,"time passes"); + } + } + } + + /* Say goodbye to the client */ + pop_msg(&p,POP_SUCCESS,"Pop server at %s signing off.",p.myhost); + + /* Log the end of activity */ + pop_log(&p,POP_PRIORITY, + "(v%s) Ending request from \"%s\" at %s\n",VERSION,p.client,p.ipaddr); + + /* Stop logging */ + closelog(); + + return(0); +} diff --git a/appl/popper/popper.cat8 b/appl/popper/popper.cat8 new file mode 100644 index 000000000000..a2d279b4a4d3 --- /dev/null +++ b/appl/popper/popper.cat8 @@ -0,0 +1,56 @@ + +POPPER(8) BSD System Manager's Manual POPPER(8) + +NNAAMMEE + ppooppppeerr -- POP3 server + +SSYYNNOOPPSSIISS + ppooppppeerr [--kk] [--aa _p_l_a_i_n_t_e_x_t|_o_t_p|_s_a_s_l] [--tt _f_i_l_e] [--TT _s_e_c_o_n_d_s] [--dd] [--ii] + [--pp _p_o_r_t] [----aaddddrreessss--lloogg==_f_i_l_e] + +DDEESSCCRRIIPPTTIIOONN + ppooppppeerr serves mail via the Post Office Protocol. Supported options + include: + + --aa _p_l_a_i_n_t_e_x_t|_o_t_p|_s_a_s_l + Tells ppooppppeerr which authentication mode is acceptable, _s_a_s_l + enables SASL (RFC2222), and _o_t_p enables OTP (RFC1938) authenti- + cation. Both disable plaintext passwords. + + ----aaddddrreessss--lloogg==_f_i_l_e + Logs the addresses (along with a timestamp) of all clients to the + specified file. This can be used to implement POP-before-SMTP + authentication. + + --dd Enables more verbose log messages. + + --ii When not started by inetd, this flag tells ppooppppeerr that it has to + create a socket by itself. + + --kk Tells ppooppppeerr to use Kerberos for authentication. This is the tra- + ditional way of doing Kerberos authentication, and is normally + done on a separate port (as it doesn't follow RFC1939), and + should be used instead of using SASL. + + --pp _p_o_r_t + Port to listen to, in combination with --ii. + + --tt _f_i_l_e + Trace all commands to file. + + --TT _s_e_c_o_n_d_s + Set timeout to something other than the default of 120 seconds. + +SSEEEE AALLSSOO + push(8), movemail(8) + +SSTTAANNDDAARRDDSS + RFC1939 (Post Office Protocol - Version 3) + +AAUUTTHHOORRSS + The server was initially developed at the University of California, + Berkeley. + + Many changes have been made as part of the KTH Kerberos distributions. + +HEIMDAL July 14, 2004 HEIMDAL diff --git a/appl/popper/popper.h b/appl/popper/popper.h new file mode 100644 index 000000000000..d792ab1fa1ec --- /dev/null +++ b/appl/popper/popper.h @@ -0,0 +1,349 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + * + * static char copyright[] = "Copyright (c) 1990 Regents of the University of California.\nAll rights reserved.\n"; + * static char SccsId[] = "@(#)@(#)popper.h 2.2 2.2 4/2/91"; + * + */ + +/* $Id$ */ + +/* + * Header file for the POP programs + */ + +#ifdef HAVE_CONFIG_H +#include +#define UIDL +#define XOVER +#define XDELE +#define DEBUG +#define RETURN_PATH_HANDLING +#endif + +/* Common include files */ + +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_FCNTL_H +#include +#endif +#ifdef HAVE_PWD_H +#include +#endif +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_IO_H +#include +#endif +#ifdef HAVE_UNISTD_H +#include +#endif +#ifdef HAVE_SYS_STAT_H +#include +#endif +#ifdef HAVE_SYS_FILE_H +#include +#endif +#ifdef TIME_WITH_SYS_TIME +#include +#include +#elif defined(HAVE_SYS_TIME_H) +#include +#else +#include +#endif +#ifdef HAVE_SYS_RESOURCE_H +#include +#endif +#ifdef HAVE_SYS_WAIT_H +#include +#endif +#ifdef HAVE_SYS_SOCKET_H +#include +#endif +#ifdef HAVE_NETINET_IN_H +#include +#endif +#ifdef HAVE_NETINET_IN6_H +#include +#endif +#ifdef HAVE_NETINET6_IN6_H +#include +#endif + +#ifdef HAVE_NETDB_H +#include +#endif +#ifdef HAVE_ARPA_INET_H +#ifdef _AIX +struct sockaddr_dl; /* AIX fun */ +struct ether_addr; +#endif +#include +#endif +#ifdef HAVE_SYSLOG_H +#include +#endif +#ifdef HAVE_SYS_SELECT_H +#include +#endif +#ifdef HAVE_SYS_PARAM_H +#include +#endif +#include "version.h" + +#ifdef SOCKS +#include +#endif + +#include +#include +#include + +#ifdef KRB5 +#include +#endif + +#define MAXUSERNAMELEN 65 +#define MAXLINELEN 1024 +#define MAXMSGLINELEN 1024 +#define MAXCMDLEN 4 +#define MAXPARMCOUNT 10 +#define MAXPARMLEN 10 +#define ALLOC_MSGS 20 +#define MAIL_COMMAND "/usr/lib/sendmail" + +#define POP_FACILITY LOG_LOCAL0 +#define POP_PRIORITY LOG_NOTICE +#define POP_DEBUG LOG_DEBUG +#define POP_INFO LOG_INFO +#define POP_LOGOPTS 0 + +#ifdef HAVE_PATHS_H +#include +#endif +#ifdef HAVE_MAILLOCK_H +#include +#endif + +#ifdef OTP +#include +#endif + +#if defined(_PATH_MAILDIR) +#define POP_MAILDIR _PATH_MAILDIR +#elif defined(MAILDIR) +#define POP_MAILDIR MAILDIR +#else +#define POP_MAILDIR "/usr/spool/mail" +#endif + +#define POP_DROP POP_MAILDIR "/.%s.pop" + /* POP_TMPSIZE needs to be big enough to hold the string + * defined by POP_TMPDROP. POP_DROP and POP_TMPDROP + * must be in the same filesystem. + */ +#define POP_TMPDROP POP_MAILDIR "/tmpXXXXXX" +#define POP_TMPSIZE 256 +#define POP_TMPXMIT "/tmp/xmitXXXXXX" +#define POP_OK "+OK" +#define POP_ERR "-ERR" +#define POP_SUCCESS 1 +#define POP_FAILURE 0 +#define POP_TERMINATE '.' +#define POP_TIMEOUT 120 /* timeout connection after this many secs */ + +extern int pop_timeout; + +extern int hangup; + +#define AUTH_NONE 0 +#define AUTH_OTP 1 +#define AUTH_SASL 2 + +#define pop_command pop_parm[0] /* POP command is first token */ +#define pop_subcommand pop_parm[1] /* POP XTND subcommand is the + second token */ + +typedef enum { /* POP processing states */ + auth1, /* Authorization: waiting for + USER command */ + auth2, /* Authorization: waiting for + PASS command */ + trans, /* Transaction */ + update, /* Update: session ended, + process maildrop changes */ + halt, /* (Halt): stop processing + and exit */ + error /* (Error): something really + bad happened */ +} state; + + +#define DEL_FLAG 1 +#define RETR_FLAG 2 +#define NEW_FLAG 4 + +typedef struct { /* Message information */ + int number; /* Message number relative to + the beginning of list */ + long length; /* Length of message in + bytes */ + int lines; /* Number of (null-terminated) lines in the message */ + long offset; /* Offset from beginning of + file */ + unsigned flags; + +#if defined(UIDL) || defined(XOVER) + char *msg_id; /* The POP UIDL uniqueifier */ +#endif +#ifdef XOVER + char *subject; + char *from; + char *date; +#endif + char *name; +} MsgInfoList; + +#define IS_MAILDIR(P) ((P)->temp_drop[0] == '\0') + +typedef struct { /* POP parameter block */ + int debug; /* Debugging requested */ + char * myname; /* The name of this POP + daemon program */ + char myhost[MaxHostNameLen]; /* The name of our host + computer */ + char client[MaxHostNameLen]; /* Canonical name of client + computer */ + char ipaddr[MaxHostNameLen]; /* Dotted-notation format of + client IP address */ + unsigned short ipport; /* Client port for privileged + operations */ + char user[MAXUSERNAMELEN]; /* Name of the POP user */ + state CurrentState; /* The current POP operational state */ + MsgInfoList * mlp; /* Message information list */ + int msg_count; /* Number of messages in + the maildrop */ + int msgs_deleted; /* Number of messages flagged + for deletion */ + int last_msg; /* Last message touched by + the user */ + long bytes_deleted; /* Number of maildrop bytes + flagged for deletion */ + char drop_name[MAXPATHLEN]; /* The name of the user's + maildrop */ + char temp_drop[MAXPATHLEN]; /* The name of the user's + temporary maildrop */ + long drop_size; /* Size of the maildrop in + bytes */ + FILE * drop; /* (Temporary) mail drop */ + FILE * input; /* Input TCP/IP communication + stream */ + FILE * output; /* Output TCP/IP communication stream */ + FILE * trace; /* Debugging trace file */ + char * pop_parm[MAXPARMCOUNT]; /* Parse POP parameter list */ + int parm_count; /* Number of parameters in + parsed list */ + int kerberosp; /* Using KPOP? */ +#ifdef KRB5 + krb5_context context; + krb5_principal principal; /* principal auth as */ + krb5_log_facility* logf; +#endif + int version; /* 4 or 5? */ + int auth_level; /* Dont allow cleartext */ +#ifdef OTP + OtpContext otp_ctx; /* OTP context */ +#endif + unsigned int flags; +#define POP_FLAG_CAPA 1 +} POP; + +typedef struct { /* State information for + each POP command */ + state ValidCurrentState; /* The operating state of + the command */ + char * command; /* The POP command */ + int min_parms; /* Minimum number of parms + for the command */ + int max_parms; /* Maximum number of parms + for the command */ + int (*function) (); /* The function that process + the command */ + state result[2]; /* The resulting state after + command processing */ +#define success_state result[0] /* State when a command + succeeds */ +} state_table; + +typedef struct { /* Table of extensions */ + char * subcommand; /* The POP XTND subcommand */ + int min_parms; /* Minimum number of parms for + the subcommand */ + int max_parms; /* Maximum number of parms for + the subcommand */ + int (*function) (); /* The function that processes + the subcommand */ +} xtnd_table; + +int pop_dele(POP *p); +int pop_dropcopy(POP *p, struct passwd *pwp); +int pop_dropinfo(POP *p); +int pop_init(POP *p,int argcount,char **argmessage); +int pop_last(POP *p); +int pop_list(POP *p); +int pop_parse(POP *p, char *buf); +int pop_pass(POP *p); +int pop_quit(POP *p); +int pop_rset(POP *p); +int pop_send(POP *p); +int pop_stat(POP *p); +int pop_updt(POP *p); +int pop_user(POP *p); +#ifdef UIDL +int pop_uidl(POP *p); +#endif +#ifdef XOVER +int pop_xover(POP *p); +#endif +#ifdef XDELE +int pop_xdele(POP *p); +#endif +int pop_help(POP *p); +state_table *pop_get_command(POP *p, char *mp); +void pop_lower(char *buf); +#ifdef SASL +int pop_auth (POP *p); +void pop_capa_sasl(POP *p); +#endif + +int pop_log(POP *p, int stat, char *format, ...) +#ifdef __GNUC__ +__attribute__ ((format (printf, 3, 4))) +#endif +; + +int pop_msg(POP *p, int stat, const char *format, ...) +#ifdef __GNUC__ +__attribute__ ((format (printf, 3, 4))) +#endif +; + +int pop_maildir_info (POP*); +int pop_maildir_open (POP*, MsgInfoList*); +int pop_maildir_update (POP*); + +int changeuser(POP*, struct passwd*); +void parse_header(MsgInfoList*, char*); +int add_missing_headers(POP*, MsgInfoList*); +int login_user(POP *p); diff --git a/appl/popper/version.h b/appl/popper/version.h new file mode 100644 index 000000000000..de8836245d2d --- /dev/null +++ b/appl/popper/version.h @@ -0,0 +1,19 @@ +/* + * Copyright (c) 1989 Regents of the University of California. + * All rights reserved. The Berkeley software License Agreement + * specifies the terms and conditions for redistribution. + * + * static char copyright[] = "Copyright (c) 1990 Regents of the University of California.\nAll rights reserved.\n"; + * static char SccsId[] = "@(#)@(#)version.h 2.6 2.6 4/3/91"; + * + */ + +/* $Id$ */ + +/* + * Current version of this POP implementation + */ + +#if 0 +#define VERSION krb4_version +#endif diff --git a/appl/push/ChangeLog b/appl/push/ChangeLog index d1ad46b8c832..ac4cb1ad4df2 100644 --- a/appl/push/ChangeLog +++ b/appl/push/ChangeLog @@ -1,4 +1,4 @@ -2005-04-19 Love Hörnquist Åstrand +2005-04-19 Love Hörnquist Ã…strand * push.c: catch when snprint needs a larger buffer @@ -10,7 +10,7 @@ * push.c: fixed one incorrect fprintf to stderr -2003-03-18 Love Hörnquist Åstrand +2003-03-18 Love Hörnquist Ã…strand * push.c: add names of pop states, add some more debugging and use fprintf(stderr) for all dbg stmts. diff --git a/appl/push/Makefile.am b/appl/push/Makefile.am index eb67943371fc..a1b46ed6b343 100644 --- a/appl/push/Makefile.am +++ b/appl/push/Makefile.am @@ -1,8 +1,8 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -AM_CPPFLAGS += $(INCLUDE_krb4) $(INCLUDE_hesiod) +AM_CPPFLAGS += $(INCLUDE_hesiod) bin_SCRIPTS = pfrom @@ -18,10 +18,9 @@ man_MANS = push.8 pfrom.1 CLEANFILES = pfrom -EXTRA_DIST = pfrom.in $(man_MANS) +EXTRA_DIST = NTMakefile pfrom.in $(man_MANS) LDADD = $(LIB_krb5) \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(LIB_roken) \ $(LIB_hesiod) diff --git a/appl/push/Makefile.in b/appl/push/Makefile.in index 9178f7ba79ff..7f820dc8bffe 100644 --- a/appl/push/Makefile.in +++ b/appl/push/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,17 +15,18 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -46,7 +48,7 @@ libexec_PROGRAMS = push$(EXEEXT) subdir = appl/push ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -61,7 +63,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -75,9 +77,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -85,28 +90,47 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(bindir)" \ "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)" -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(libexec_PROGRAMS) am_push_OBJECTS = push.$(OBJEXT) push_OBJECTS = $(am_push_OBJECTS) push_LDADD = $(LDADD) am__DEPENDENCIES_1 = push_DEPENDENCIES = $(LIB_krb5) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -binSCRIPT_INSTALL = $(INSTALL_SCRIPT) + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' SCRIPTS = $(bin_SCRIPTS) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -128,49 +152,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -194,10 +227,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -214,6 +248,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -229,31 +265,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -268,10 +318,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -312,38 +364,41 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) $(INCLUDE_hesiod) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_hesiod) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la bin_SCRIPTS = pfrom push_SOURCES = push.c push_locl.h man_MANS = push.8 pfrom.1 CLEANFILES = pfrom -EXTRA_DIST = pfrom.in $(man_MANS) +EXTRA_DIST = NTMakefile pfrom.in $(man_MANS) LDADD = $(LIB_krb5) \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(LIB_roken) \ $(LIB_hesiod) @@ -351,19 +406,19 @@ LDADD = $(LIB_krb5) \ all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/push/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/push/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/push/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/push/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -381,56 +436,87 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list push$(EXEEXT): $(push_OBJECTS) $(push_DEPENDENCIES) @rm -f push$(EXEEXT) $(LINK) $(push_OBJECTS) $(push_LDADD) $(LIBS) install-binSCRIPTS: $(bin_SCRIPTS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_SCRIPTS)'; for p in $$list; do \ + @list='$(bin_SCRIPTS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - if test -f $$d$$p; then \ - f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " $(binSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(binSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(bindir)/$$f"; \ - else :; fi; \ - done + if test -f "$$d$$p"; then echo "$$d$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n' \ + -e 'h;s|.*|.|' \ + -e 'p;x;s,.*/,,;$(transform)' | sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1; } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) { files[d] = files[d] " " $$1; \ + if (++n[d] == $(am__install_max)) { \ + print "f", d, files[d]; n[d] = 0; files[d] = "" } } \ + else { print "f", d "/" $$4, $$1 } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_SCRIPT) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_SCRIPT) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binSCRIPTS: @$(NORMAL_UNINSTALL) - @list='$(bin_SCRIPTS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_SCRIPTS)'; test -n "$(bindir)" || exit 0; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 's,.*/,,;$(transform)'`; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -438,160 +524,177 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/push.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) +install-man1: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + uninstall-man1: @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } +install-man8: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + uninstall-man8: @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -607,13 +710,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -649,6 +756,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -659,6 +767,7 @@ clean-am: clean-generic clean-libexecPROGRAMS clean-libtool \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -669,6 +778,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -676,26 +787,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binSCRIPTS install-libexecPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man1 install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -716,11 +836,10 @@ uninstall-am: uninstall-binSCRIPTS uninstall-libexecPROGRAMS \ uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man1 uninstall-man8 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-generic clean-libexecPROGRAMS clean-libtool ctags \ @@ -808,6 +927,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -893,7 +1015,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -910,6 +1032,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) pfrom: pfrom.in sed -e "s!%libexecdir%!$(libexecdir)!" $(srcdir)/pfrom.in > $@ chmod +x $@ + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/push/NTMakefile b/appl/push/NTMakefile new file mode 100644 index 000000000000..52ce4b01f7c5 --- /dev/null +++ b/appl/push/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\push + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/push/pfrom.1 b/appl/push/pfrom.1 index e8f15618edbc..bb474916862d 100644 --- a/appl/push/pfrom.1 +++ b/appl/push/pfrom.1 @@ -1,35 +1,35 @@ -.\" Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: pfrom.1 11648 2003-02-16 21:10:32Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd March 4, 2000 .Dt PFROM 1 @@ -39,13 +39,13 @@ .Nd "fetch a list of the current mail via POP" .Sh SYNOPSIS .Nm -.Op Fl 4 | Fl -krb4 -.Op Fl 5 | Fl -krb5 -.Op Fl v | Fl -verbose +.Op Fl 4 | Fl Fl krb4 +.Op Fl 5 | Fl Fl krb5 +.Op Fl v | Fl Fl verbose .Op Fl c | -count -.Op Fl -header +.Op Fl Fl header .Oo Fl p Ar port-spec \*(Ba Xo -.Fl -port= Ns Ar port-spec +.Fl Fl port= Ns Ar port-spec .Xc .Oc .Sh DESCRIPTION diff --git a/appl/push/pfrom.cat1 b/appl/push/pfrom.cat1 new file mode 100644 index 000000000000..c2536ac8de70 --- /dev/null +++ b/appl/push/pfrom.cat1 @@ -0,0 +1,17 @@ + +PFROM(1) BSD General Commands Manual PFROM(1) + +NNAAMMEE + ppffrroomm -- fetch a list of the current mail via POP + +SSYYNNOOPPSSIISS + ppffrroomm [--44 | ----kkrrbb44] [--55 | ----kkrrbb55] [--vv | ----vveerrbboossee] [--cc | ----ccoouunntt] + [----hheeaaddeerr] [--pp _p_o_r_t_-_s_p_e_c | ----ppoorrtt==_p_o_r_t_-_s_p_e_c] + +DDEESSCCRRIIPPTTIIOONN + ppffrroomm is a script that does push --from. + +SSEEEE AALLSSOO + push(8) + +HEIMDAL March 4, 2000 HEIMDAL diff --git a/appl/push/pfrom.in b/appl/push/pfrom.in index 8af97ef19a04..e90141977d55 100644 --- a/appl/push/pfrom.in +++ b/appl/push/pfrom.in @@ -1,5 +1,5 @@ #!/bin/sh -# $Id: pfrom.in 5248 1998-11-24 13:25:47Z assar $ +# $Id$ libexecdir=%libexecdir% PATH=$libexecdir:$PATH export PATH diff --git a/appl/push/push.8 b/appl/push/push.8 index 985545e547d1..557a7bb74913 100644 --- a/appl/push/push.8 +++ b/appl/push/push.8 @@ -1,4 +1,4 @@ -.\" $Id: push.8 11176 2002-08-20 17:07:29Z joda $ +.\" $Id$ .\" .Dd May 31, 1998 .Dt PUSH 8 @@ -8,16 +8,15 @@ .Nd fetch mail via POP .Sh SYNOPSIS .Nm -.Op Fl 4 | Fl -krb4 -.Op Fl 5 | Fl -krb5 -.Op Fl v | Fl -verbose -.Op Fl f | Fl -fork +.Op Fl 5 | Fl Fl krb5 +.Op Fl v | Fl Fl verbose +.Op Fl f | Fl Fl fork .Op Fl l | -leave -.Op Fl -from +.Op Fl Fl from .Op Fl c | -count -.Op Fl -headers Ns = Ns Ar headers +.Op Fl Fl headers Ns = Ns Ar headers .Oo Fl p Ar port-spec \*(Ba Xo -.Fl -port Ns = Ns Ar port-spec +.Fl Fl port Ns = Ns Ar port-spec .Xc .Oc .Ar po-box @@ -51,41 +50,36 @@ environment variable. Supported options: .Bl -tag -width Ds .It Xo -.Fl 4 , -.Fl -krb4 -.Xc -use Kerberos 4 (if compiled with support for Kerberos 4) -.It Xo .Fl 5 , -.Fl -krb5 +.Fl Fl krb5 .Xc use Kerberos 5 (if compiled with support for Kerberos 5) .It Xo .Fl f , -.Fl -fork +.Fl Fl fork .Xc fork before starting to delete messages .It Xo .Fl l , -.Fl -leave +.Fl Fl leave .Xc don't delete fetched mail .It Xo -.Fl -from +.Fl Fl from .Xc behave like from. .It Xo .Fl c , -.Fl -count +.Fl Fl count .Xc first print how many messages and bytes there are. .It Xo -.Fl -headers Ns = Ns Ar headers +.Fl Fl headers Ns = Ns Ar headers .Xc a list of comma-separated headers that should get printed. .It Xo .Fl p Ar port-spec , -.Fl -port Ns = Ns Ar port-spec +.Fl Fl port Ns = Ns Ar port-spec .Xc use this port instead of the default .Ql kpop diff --git a/appl/push/push.c b/appl/push/push.c index 87a0be234722..5ccb954eeeba 100644 --- a/appl/push/push.c +++ b/appl/push/push.c @@ -1,41 +1,44 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "push_locl.h" -RCSID("$Id: push.c 14850 2005-04-19 18:00:17Z lha $"); +RCSID("$Id$"); -#ifdef KRB4 -static int use_v4 = -1; +#if defined(_AIX) && defined(STAT) +/* + * AIX defines STAT to 1 in sys/dir.h + */ +# undef STAT #endif #ifdef KRB5 @@ -54,10 +57,6 @@ static int do_count; static char *header_str; struct getargs args[] = { -#ifdef KRB4 - { "krb4", '4', arg_flag, &use_v4, "Use Kerberos V4", - NULL }, -#endif #ifdef KRB5 { "krb5", '5', arg_flag, &use_v5, "Use Kerberos V5", NULL }, @@ -134,12 +133,12 @@ do_connect (const char *hostname, int port, int nodelay) return s; } -typedef enum { INIT = 0, GREET, USER, PASS, STAT, RETR, TOP, +typedef enum { INIT = 0, GREET, USER, PASS, STAT, RETR, TOP, DELE, XDELE, QUIT} pop_state; static char *pop_state_string[] = { "INIT", "GREET", "USER", "PASS", "STAT", "RETR", "TOP", - "DELE", "XDELE", "QUIT" + "DELE", "XDELE", "QUIT" }; #define PUSH_BUFSIZ 65536 @@ -169,20 +168,20 @@ write_state_init (struct write_state *w, int fd) static void write_state_add (struct write_state *w, void *v, size_t len) { - if(w->niovecs == w->allociovecs) { - if(w->niovecs == w->maxiovecs) { - if(writev (w->fd, w->iovecs, w->niovecs) < 0) - err(1, "writev"); - w->niovecs = 0; - } else { - w->allociovecs = min(w->allociovecs + STEP, w->maxiovecs); - w->iovecs = erealloc (w->iovecs, - w->allociovecs * sizeof(*w->iovecs)); - } - } - w->iovecs[w->niovecs].iov_base = v; - w->iovecs[w->niovecs].iov_len = len; - ++w->niovecs; + if(w->niovecs == w->allociovecs) { + if(w->niovecs == w->maxiovecs) { + if(writev (w->fd, w->iovecs, w->niovecs) < 0) + err(1, "writev"); + w->niovecs = 0; + } else { + w->allociovecs = min(w->allociovecs + STEP, w->maxiovecs); + w->iovecs = erealloc (w->iovecs, + w->allociovecs * sizeof(*w->iovecs)); + } + } + w->iovecs[w->niovecs].iov_base = v; + w->iovecs[w->niovecs].iov_len = len; + ++w->niovecs; } static void @@ -219,7 +218,7 @@ doit(int s, size_t in_len = 0; char *in_ptr; pop_state state = INIT; - unsigned count, bytes; + unsigned count = 0, bytes; unsigned asked_for = 0, retrieved = 0, asked_deleted = 0, deleted = 0; unsigned sent_xdele = 0; int out_fd; @@ -227,7 +226,7 @@ doit(int s, size_t from_line_length; time_t now; struct write_state write_state; - int numheaders = 1; + unsigned int numheaders = 1; char **headers = NULL; int i; char *tmp = NULL; @@ -296,7 +295,7 @@ doit(int s, if (verbose > 1) fprintf (stderr, "state: %s count: %d asked_for: %d " "retrieved: %d asked_deleted: %d\n", - pop_state_string[state], + pop_state_string[state], count, asked_for, retrieved, asked_deleted); if (((state == STAT || state == RETR || state == TOP) @@ -311,12 +310,12 @@ doit(int s, else err (1, "select"); } - + if (FD_ISSET(s, &readset)) { char *beg, *p; size_t rem; int blank_line = 0; - + if(in_len >= in_buf_size) { char *tmp = erealloc(in_buf, in_buf_size + PUSH_BUFSIZ + 1); in_ptr = tmp + (in_ptr - in_buf); @@ -329,11 +328,11 @@ doit(int s, err (1, "read"); else if (ret == 0) errx (1, "EOF during read"); - + in_len += ret; in_ptr += ret; *in_ptr = '\0'; - + beg = in_buf; rem = in_len; while(rem > 1 @@ -406,7 +405,7 @@ doit(int s, ++copy; } *p = '\n'; - if(blank_line && + if(blank_line && strncmp(copy, "From ", min(p - copy + 1, 5)) == 0) write_state_add(&write_state, ">", 1); write_state_add(&write_state, copy, p - copy + 1); @@ -419,7 +418,7 @@ doit(int s, write_state_add(&write_state, from_line, from_line_length); blank_line = 0; - if (do_from) + if (do_from) state = TOP; else state = RETR; @@ -565,48 +564,6 @@ do_v5 (const char *host, } #endif -#ifdef KRB4 -static int -do_v4 (const char *host, - int port, - const char *user, - const char *filename, - const char *header_str, - int leavep, - int verbose, - int forkp) -{ - KTEXT_ST ticket; - MSG_DAT msg_data; - CREDENTIALS cred; - des_key_schedule sched; - int s; - int ret; - - s = do_connect (host, port, 1); - if (s < 0) - return 1; - ret = krb_sendauth(0, - s, - &ticket, - "pop", - (char *)host, - krb_realmofhost(host), - getpid(), - &msg_data, - &cred, - sched, - NULL, - NULL, - "KPOPV0.1"); - if(ret) { - warnx("krb_sendauth: %s", krb_get_err_text(ret)); - return 1; - } - return doit (s, host, user, filename, header_str, leavep, verbose, forkp); -} -#endif /* KRB4 */ - #ifdef HESIOD #ifdef HESIOD_INTERFACES @@ -763,13 +720,6 @@ main(int argc, char **argv) argc -= optind; argv += optind; -#if defined(KRB4) && defined(KRB5) - if(use_v4 == -1 && use_v5 == 1) - use_v4 = 0; - if(use_v5 == -1 && use_v4 == 1) - use_v5 = 0; -#endif - if (do_help) usage (0); @@ -777,7 +727,7 @@ main(int argc, char **argv) print_version(NULL); return 0; } - + if (do_from && header_str == NULL) header_str = "From:"; else if (header_str != NULL) @@ -818,10 +768,8 @@ main(int argc, char **argv) if (port == 0) { #ifdef KRB5 port = krb5_getportbyname (context, "kpop", "tcp", 1109); -#elif defined(KRB4) - port = k_getportbyname ("kpop", "tcp", htons(1109)); #else -#error must define KRB4 or KRB5 +#error must define KRB5 #endif } @@ -833,12 +781,5 @@ main(int argc, char **argv) do_leave, verbose_level, do_fork); } #endif - -#ifdef KRB4 - if (ret && use_v4) { - ret = do_v4 (host, port, user, filename, header_str, - do_leave, verbose_level, do_fork); - } -#endif /* KRB4 */ return ret; } diff --git a/appl/push/push.cat8 b/appl/push/push.cat8 new file mode 100644 index 000000000000..1a60f8f112b7 --- /dev/null +++ b/appl/push/push.cat8 @@ -0,0 +1,74 @@ + +PUSH(8) BSD System Manager's Manual PUSH(8) + +NNAAMMEE + ppuusshh -- fetch mail via POP + +SSYYNNOOPPSSIISS + ppuusshh [--55 | ----kkrrbb55] [--vv | ----vveerrbboossee] [--ff | ----ffoorrkk] [--ll | ----lleeaavvee] [----ffrroomm] + [--cc | ----ccoouunntt] [----hheeaaddeerrss=_h_e_a_d_e_r_s] [--pp _p_o_r_t_-_s_p_e_c | ----ppoorrtt=_p_o_r_t_-_s_p_e_c] + _p_o_-_b_o_x _f_i_l_e_n_a_m_e + +DDEESSCCRRIIPPTTIIOONN + ppuusshh retrieves mail from the post office box _p_o_-_b_o_x, and stores the mail + in mbox format in _f_i_l_e_n_a_m_e. The _p_o_-_b_o_x can have any of the following + formats: + `hostname:username' + `po:hostname:username' + `username@hostname' + `po:username@hostname' + `hostname' + `po:username' + + If no username is specified, ppuusshh assumes that it's the same as on the + local machine; _h_o_s_t_n_a_m_e defaults to the value of the MAILHOST environment + variable. + + Supported options: + + --55, ----kkrrbb55 + use Kerberos 5 (if compiled with support for Kerberos 5) + + --ff, ----ffoorrkk + fork before starting to delete messages + + --ll, ----lleeaavvee + don't delete fetched mail + + ----ffrroomm behave like from. + + --cc, ----ccoouunntt + first print how many messages and bytes there are. + + ----hheeaaddeerrss=_h_e_a_d_e_r_s + a list of comma-separated headers that should get printed. + + --pp _p_o_r_t_-_s_p_e_c, ----ppoorrtt=_p_o_r_t_-_s_p_e_c + use this port instead of the default `kpop' or `1109'. + + The default is to first try Kerberos 5 authentication and then, if that + fails, Kerberos 4. + +EENNVVIIRROONNMMEENNTT + MAILHOST + points to the post office, if no other hostname is specified. + +EEXXAAMMPPLLEESS + $ push cornfield:roosta ~/.emacs-mail-crash-box + + tries to fetch mail for the user _r_o_o_s_t_a from the post office at + ``cornfield'', and stores the mail in _~_/_._e_m_a_c_s_-_m_a_i_l_-_c_r_a_s_h_-_b_o_x (you are + using Gnus, aren't you?) + + $ push --from -5 havregryn + + tries to fetch FFrroomm:: lines for current user at post office ``havregryn'' + using Kerberos 5. + +SSEEEE AALLSSOO + from(1), pfrom(1), movemail(8), popper(8) + +HHIISSTTOORRYY + ppuusshh was written while waiting for mmoovveemmaaiill to finish getting the mail. + +HEIMDAL May 31, 1998 HEIMDAL diff --git a/appl/push/push_locl.h b/appl/push/push_locl.h index 0bcac64d805d..52fc75711d5e 100644 --- a/appl/push/push_locl.h +++ b/appl/push/push_locl.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: push_locl.h 7463 1999-12-02 16:58:55Z joda $ */ +/* $Id$ */ #ifdef HAVE_CONFIG_H #include @@ -92,7 +92,3 @@ #ifdef KRB5 #include #endif - -#ifdef KRB4 -#include -#endif diff --git a/appl/rcp/ChangeLog b/appl/rcp/ChangeLog index 6ae6a1db0fbc..25a0a5176c8c 100644 --- a/appl/rcp/ChangeLog +++ b/appl/rcp/ChangeLog @@ -1,12 +1,17 @@ -2007-12-13 Love Hörnquist Åstrand +2008-04-17 Love Hörnquist Ã…strand + + * Sync with NetBSD rcp, add v6 parsing support and no setuid code + at all. + +2007-12-13 Love Hörnquist Ã…strand * Makefile.am: Add missing files, from Buchan Milne. -2006-10-20 Love Hörnquist Åstrand +2006-10-20 Love Hörnquist Ã…strand * Makefile.am: more files -2006-08-08 Love Hörnquist Åstrand +2006-08-08 Love Hörnquist Ã…strand * util.c: Check return values from setuid, prompted by MIT advisory. Thanks to Tom Yu at MIT, and Michael Calmer and Marcus @@ -20,16 +25,16 @@ advisory. Thanks to Tom Yu at MIT, and Michael Calmer and Marcus Meissner at SUSE. Either of CVE-2006-3083 or CVE-2006-3084. -2005-10-22 Love Hörnquist Åstrand +2005-10-22 Love Hörnquist Ã…strand * rcp.c: Check return value from asprintf instead of string != - NULL since it undefined behavior on Linux. From Björn Sandell + NULL since it undefined behavior on Linux. From Björn Sandell -2005-08-30 Love Hörnquist Åstrand +2005-08-30 Love Hörnquist Ã…strand * util.c: Explicit typecast to avoid signess warning. -2005-05-29 Love Hörnquist Åstrand +2005-05-29 Love Hörnquist Ã…strand * rcp_locl.h: undef _PATH_RSH to make sure our version is used @@ -38,11 +43,11 @@ * rcp.c: MODEMASK is defined in sys/vnode.h on Solaris, so undef it before we define our own. -2005-04-27 Love Hörnquist Åstrand +2005-04-27 Love Hörnquist Ã…strand * rcp_locl.h: use BINDIR instead of "/usr/bin/ with _PATH_RSH -2005-04-18 Love Hörnquist Åstrand +2005-04-18 Love Hörnquist Ã…strand * util.c: use unsigned char * to make sure its not negative when passing it to is* functions diff --git a/appl/rcp/Makefile.am b/appl/rcp/Makefile.am index 6b2295a3f657..39d67be05ac7 100644 --- a/appl/rcp/Makefile.am +++ b/appl/rcp/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 22281 2007-12-13 20:35:52Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -10,6 +10,6 @@ rcp_SOURCES = rcp.c util.c rcp_locl.h extern.h man_MANS = rcp.1 -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) LDADD = $(LIB_roken) diff --git a/appl/rcp/Makefile.in b/appl/rcp/Makefile.in index 2ee015181aa2..2a764d6bbab7 100644 --- a/appl/rcp/Makefile.in +++ b/appl/rcp/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 22281 2007-12-13 20:35:52Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,7 +47,7 @@ bin_PROGRAMS = rcp$(EXEEXT) subdir = appl/rcp ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -60,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -74,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -84,23 +89,23 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) am_rcp_OBJECTS = rcp.$(OBJEXT) util.$(OBJEXT) rcp_OBJECTS = $(am_rcp_OBJECTS) rcp_LDADD = $(LDADD) am__DEPENDENCIES_1 = rcp_DEPENDENCIES = $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -112,6 +117,27 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(rcp_SOURCES) DIST_SOURCES = $(rcp_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man1dir = $(mandir)/man1 MANS = $(man_MANS) ETAGS = etags @@ -121,49 +147,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -187,10 +222,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -207,6 +243,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -222,31 +260,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -261,10 +313,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -305,51 +359,55 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_krb4) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la rcp_SOURCES = rcp.c util.c rcp_locl.h extern.h man_MANS = rcp.1 -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) LDADD = $(LIB_roken) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/rcp/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/rcp/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/rcp/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/rcp/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -367,34 +425,50 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list rcp$(EXEEXT): $(rcp_OBJECTS) $(rcp_DEPENDENCIES) @rm -f rcp$(EXEEXT) $(LINK) $(rcp_OBJECTS) $(rcp_LDADD) $(LIBS) @@ -405,115 +479,140 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rcp.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/util.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) +install-man1: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + uninstall-man1: @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -529,13 +628,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -570,6 +673,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -579,6 +683,7 @@ clean: clean-am clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -589,6 +694,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -596,26 +703,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man1 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -635,11 +751,10 @@ ps-am: uninstall-am: uninstall-binPROGRAMS uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man1 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-binPROGRAMS clean-generic clean-libtool ctags \ @@ -726,6 +841,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -811,7 +929,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -824,6 +942,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/rcp/NTMakefile b/appl/rcp/NTMakefile new file mode 100644 index 000000000000..48a05b82e7a8 --- /dev/null +++ b/appl/rcp/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\rcp + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/rcp/extern.h b/appl/rcp/extern.h index 606ed83eba2a..c957fa721e09 100644 --- a/appl/rcp/extern.h +++ b/appl/rcp/extern.h @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)extern.h 8.1 (Berkeley) 5/31/93 - * $FreeBSD: vendor-crypto/heimdal/dist/appl/rcp/extern.h 225864 2011-09-29 05:23:57Z stas $ + * $FreeBSD: src/bin/rcp/extern.h,v 1.5 1999/08/27 23:14:57 peter Exp $ */ typedef struct { @@ -43,9 +43,10 @@ extern int iamremote; BUF *allocbuf (BUF *, int, int); char *colon (char *); +char *unbracket(char *); void lostconn (int); void nospace (void); int okname (char *); void run_err (const char *, ...); -int susystem (char *, int); +int susystem (char *); void verifydir (char *); diff --git a/appl/rcp/rcp.1 b/appl/rcp/rcp.1 index 920a4f7d134e..e56491cfcb48 100644 --- a/appl/rcp/rcp.1 +++ b/appl/rcp/rcp.1 @@ -1,12 +1,11 @@ -.\" $Id: rcp.1 12025 2003-04-16 12:20:43Z joda $ +.\" $Id$ .\" .Dd April 16, 2003 .Dt RCP 1 .Os HEIMDAL .Sh NAME .Nm rcp -.Nd -copy file to and from remote machines +.Nd copy file to and from remote machines .Sh SYNOPSIS .Nm rcp .Op Fl 45FKpxz @@ -18,7 +17,7 @@ copy file to and from remote machines .Ar file... directory .Sh DESCRIPTION .Nm rcp -copies files between machines. Each file argument is either a remote file name of the form +copies files between machines. Each file argument is either a remote file name of the form .Dq rname@rhost:path or a local file (containing no colon or with a slash before the first colon). @@ -26,11 +25,11 @@ colon). Supported options: .Bl -tag -width Ds .It Xo -.Fl 4 , -.Fl 5 , -.Fl K , -.Fl F , -.Fl x , +.Fl 4 , +.Fl 5 , +.Fl K , +.Fl F , +.Fl x , .Fl z .Xc These options are passed on to @@ -38,7 +37,7 @@ These options are passed on to .It Fl P Ar port This will pass the option .Fl p Ar port -to +to .Xr rsh 1 . .It Fl p Preserve file permissions. @@ -59,7 +58,7 @@ connection". .\".Sh SEE ALSO .\".Sh STANDARDS .Sh HISTORY -The +The .Nm rcp utility first appeared in 4.2BSD. This version is derived from 4.3BSD-Reno. diff --git a/appl/rcp/rcp.c b/appl/rcp/rcp.c index 9a138c784604..9297af6d7b35 100644 --- a/appl/rcp/rcp.c +++ b/appl/rcp/rcp.c @@ -10,11 +10,7 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors + * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * @@ -105,7 +101,7 @@ main(int argc, char **argv) print_version (NULL); return 0; } - + iamremote = (fflag || tflag); argc -= optind; @@ -118,16 +114,12 @@ main(int argc, char **argv) remout = STDOUT_FILENO; if (fflag) { /* Follow "protocol", send data. */ - response(); - if (setuid(userid) < 0) - errx(1, "setuid failed"); + (void)response(); source(argc, argv); exit(errs); } if (tflag) { /* Receive data. */ - if (setuid(userid) < 0) - errx(1, "setuid failed"); sink(argc, argv); exit(errs); } @@ -140,7 +132,7 @@ main(int argc, char **argv) remin = remout = -1; /* Command to be executed on remote system using "rsh". */ snprintf(cmd, sizeof(cmd), - "rcp%s%s%s", iamrecursive ? " -r" : "", + "rcp%s%s%s", iamrecursive ? " -r" : "", pflag ? " -p" : "", targetshouldbedirectory ? " -d" : ""); signal(SIGPIPE, lostconn); @@ -165,7 +157,7 @@ toremote(char *targ, int argc, char **argv) if (*targ == 0) targ = "."; - if ((thost = strchr(argv[argc - 1], '@'))) { + if ((thost = strchr(argv[argc - 1], '@')) != NULL) { /* user@host */ *thost++ = 0; tuser = argv[argc - 1]; @@ -177,6 +169,7 @@ toremote(char *targ, int argc, char **argv) thost = argv[argc - 1]; tuser = NULL; } + thost = unbracket(thost); for (i = 0; i < argc - 1; i++) { src = colon(argv[i]); @@ -188,6 +181,7 @@ toremote(char *targ, int argc, char **argv) host = strchr(argv[i], '@'); if (host) { *host++ = '\0'; + host = unbracket(host); suser = argv[i]; if (*suser == '\0') suser = pwd->pw_name; @@ -195,21 +189,22 @@ toremote(char *targ, int argc, char **argv) continue; ret = asprintf(&bp, "%s%s %s -l %s -n %s %s '%s%s%s:%s'", - _PATH_RSH, eflag ? " -e" : "", + _PATH_RSH, eflag ? " -e" : "", host, suser, cmd, src, tuser ? tuser : "", tuser ? "@" : "", thost, targ); } else { + host = unbracket(argv[i]); ret = asprintf(&bp, "exec %s%s %s -n %s %s '%s%s%s:%s'", - _PATH_RSH, eflag ? " -e" : "", - argv[i], cmd, src, + _PATH_RSH, eflag ? " -e" : "", + host, cmd, src, tuser ? tuser : "", tuser ? "@" : "", thost, targ); } if (ret == -1) err (1, "malloc"); - susystem(bp, userid); + susystem(bp); free(bp); } else { /* local to remote */ if (remin == -1) { @@ -223,8 +218,6 @@ toremote(char *targ, int argc, char **argv) if (response() < 0) exit(1); free(bp); - if (setuid(userid) < 0) - errx(1, "setuid failed"); } source(1, argv+i); } @@ -246,7 +239,7 @@ tolocal(int argc, char **argv) argv[i], argv[argc - 1]); if (ret == -1) err (1, "malloc"); - if (susystem(bp, userid)) + if (susystem(bp)) ++errs; free(bp); continue; @@ -275,8 +268,6 @@ tolocal(int argc, char **argv) } free(bp); sink(1, argv + argc - 1); - if (seteuid(0) < 0) - exit(1); close(remin); remin = remout = -1; } @@ -289,7 +280,8 @@ source(int argc, char **argv) static BUF buffer; BUF *bp; off_t i; - int amt, fd, haderr, indx, result; + off_t amt; + int fd, haderr, indx, result; char *last, *name, buf[BUFSIZ]; for (indx = 0; indx < argc; ++indx) { @@ -300,16 +292,10 @@ source(int argc, char **argv) syserr: run_err("%s: %s", name, strerror(errno)); goto next; } - switch (stb.st_mode & S_IFMT) { - case S_IFREG: - break; - case S_IFDIR: - if (iamrecursive) { - rsource(name, &stb); - goto next; - } - /* FALLTHROUGH */ - default: + if (S_ISDIR(stb.st_mode) && iamrecursive) { + rsource(name, &stb); + goto next; + } else if (!S_ISREG(stb.st_mode)) { run_err("%s: not a regular file", name); goto next; } @@ -332,7 +318,7 @@ syserr: run_err("%s: %s", name, strerror(errno)); #undef MODEMASK #define MODEMASK (S_ISUID|S_ISGID|S_ISVTX|S_IRWXU|S_IRWXG|S_IRWXO) snprintf(buf, sizeof(buf), "C%04o %lu %s\n", - stb.st_mode & MODEMASK, + (unsigned int)(stb.st_mode & MODEMASK), (unsigned long)stb.st_size, last); write(remout, buf, strlen(buf)); @@ -349,14 +335,14 @@ next: close(fd); if (i + amt > stb.st_size) amt = stb.st_size - i; if (!haderr) { - result = read(fd, bp->buf, amt); + result = read(fd, bp->buf, (size_t)amt); if (result != amt) haderr = result >= 0 ? EIO : errno; } if (haderr) write(remout, bp->buf, amt); else { - result = write(remout, bp->buf, amt); + result = write(remout, bp->buf, (size_t)amt); if (result != amt) haderr = result >= 0 ? EIO : errno; } @@ -398,13 +384,14 @@ rsource(char *name, struct stat *statp) } } snprintf(path, sizeof(path), - "D%04o %d %s\n", statp->st_mode & MODEMASK, 0, last); + "D%04o %d %s\n", + (unsigned int)(statp->st_mode & MODEMASK), 0, last); write(remout, path, strlen(path)); if (response() < 0) { closedir(dirp); return; } - while ((dp = readdir(dirp))) { + while ((dp = readdir(dirp)) != NULL) { if (dp->d_ino == 0) continue; if (!strcmp(dp->d_name, ".") || !strcmp(dp->d_name, "..")) @@ -600,7 +587,7 @@ bad: run_err("%s: %s", np, strerror(errno)); if (count == bp->cnt) { /* Keep reading so we stay sync'd up. */ if (wrerr == NO) { - j = write(ofd, bp->buf, count); + j = write(ofd, bp->buf, (size_t)count); if (j != count) { wrerr = YES; wrerrno = j >= 0 ? EIO : errno; @@ -611,7 +598,7 @@ bad: run_err("%s: %s", np, strerror(errno)); } } if (count != 0 && wrerr == NO && - (j = write(ofd, bp->buf, count)) != count) { + (j = write(ofd, bp->buf, (size_t)count)) != count) { wrerr = YES; wrerrno = j >= 0 ? EIO : errno; } @@ -723,7 +710,7 @@ run_err(const char *fmt, ...) * If it cannot create necessary pipes it exits with error message. */ -int +int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) { int pin[2], pout[2], reserved[2]; diff --git a/appl/rcp/rcp.cat1 b/appl/rcp/rcp.cat1 new file mode 100644 index 000000000000..26c49606717b --- /dev/null +++ b/appl/rcp/rcp.cat1 @@ -0,0 +1,38 @@ + +RCP(1) BSD General Commands Manual RCP(1) + +NNAAMMEE + rrccpp -- copy file to and from remote machines + +SSYYNNOOPPSSIISS + rrccpp [--4455FFKKppxxzz] [--PP _p_o_r_t] _f_i_l_e_1 _f_i_l_e_2 + rrccpp [--4455FFKKpprrxxzz] [--PP _p_o_r_t] _f_i_l_e_._._. _d_i_r_e_c_t_o_r_y + +DDEESSCCRRIIPPTTIIOONN + rrccpp copies files between machines. Each file argument is either a remote + file name of the form ``rname@rhost:path'' or a local file (containing no + colon or with a slash before the first colon). + + Supported options: + + --44, --55, --KK, --FF, --xx, --zz + These options are passed on to rsh(1). + + --PP _p_o_r_t + This will pass the option --pp _p_o_r_t to rsh(1). + + --pp Preserve file permissions. + + --rr Copy source directories recursively. + +DDIIAAGGNNOOSSTTIICCSS + rrccpp is implemented as a protocol on top of rsh(1), and thus requires a + working rsh. If you intend to use Kerberos authentication, rsh needs to + be Kerberos aware, else you may see more or less strange errors, such as + "login incorrect", or "lost connection". + +HHIISSTTOORRYY + The rrccpp utility first appeared in 4.2BSD. This version is derived from + 4.3BSD-Reno. + +HEIMDAL April 16, 2003 HEIMDAL diff --git a/appl/rcp/rcp_locl.h b/appl/rcp/rcp_locl.h index 4dc6d5f8eb74..ad85d868a51d 100644 --- a/appl/rcp/rcp_locl.h +++ b/appl/rcp/rcp_locl.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: rcp_locl.h 15285 2005-05-29 18:24:43Z lha $ */ +/* $Id$ */ #ifdef HAVE_CONFIG_H #include diff --git a/appl/rcp/util.c b/appl/rcp/util.c index 8893cb50257d..890d3b5f361d 100644 --- a/appl/rcp/util.c +++ b/appl/rcp/util.c @@ -37,13 +37,13 @@ static char sccsid[] = "@(#)util.c 8.2 (Berkeley) 4/2/94"; #endif static const char rcsid[] = - "$FreeBSD: vendor-crypto/heimdal/dist/appl/rcp/util.c 225864 2011-09-29 05:23:57Z stas $"; + "$FreeBSD: src/bin/rcp/util.c,v 1.9 1999/08/27 23:14:58 peter Exp $"; #endif /* not lint */ #endif #include "rcp_locl.h" -RCSID("$Id: util.c 17878 2006-08-08 21:43:58Z lha $"); +RCSID("$Id$"); char * colon(cp) @@ -61,6 +61,21 @@ colon(cp) return (0); } +char * +unbracket(char *cp) +{ + char *ep; + + if (*cp == '[') { + ep = cp + (strlen(cp) - 1); + if (*ep == ']') { + *ep = '\0'; + ++cp; + } + } + return (cp); +} + void verifydir(cp) char *cp; @@ -98,8 +113,7 @@ bad: warnx("%s: invalid user name", cp0); } int -susystem(s, userid) - int userid; +susystem(s) char *s; { void (*istat)(int), (*qstat)(int); @@ -112,8 +126,6 @@ susystem(s, userid) return (127); case 0: - if (setuid(userid) < 0) - _exit(127); execl(_PATH_BSHELL, "sh", "-c", s, NULL); _exit(127); } diff --git a/appl/rsh/ChangeLog b/appl/rsh/ChangeLog index e78ff25a8aeb..18202873f5a3 100644 --- a/appl/rsh/ChangeLog +++ b/appl/rsh/ChangeLog @@ -1,27 +1,27 @@ -2007-07-12 Love Hörnquist Åstrand +2007-07-12 Love Hörnquist Ã…strand * rsh.c: Fix pointer vs strict alias rules. * rshd.c: Fix pointer vs strict alias rules. -2007-01-04 Love Hörnquist Åstrand +2007-01-04 Love Hörnquist Ã…strand * rshd.c: Declare iruserok if needed, based on bug report from David Love. -2006-11-14 Love Hörnquist Åstrand +2006-11-14 Love Hörnquist Ã…strand * rsh_locl.h: Forward decl. -2006-10-14 Love Hörnquist Åstrand +2006-10-14 Love Hörnquist Ã…strand * rsh_locl.h: Include "crypto-headers.h". -2006-10-07 Love Hörnquist Åstrand +2006-10-07 Love Hörnquist Ã…strand * Makefile.am: Add man_MANS to EXTRA_DIST -2006-04-27 Love Hörnquist Åstrand +2006-04-27 Love Hörnquist Ã…strand * Makefile.am: rshd_SOURCES += add limits_conf.c @@ -38,30 +38,30 @@ * rshd.c (krb5_start_session): syslog failures to store cred cache -2005-12-21 Love Hörnquist Åstrand +2005-12-21 Love Hörnquist Ã…strand * rshd.c (doit): move creation of users ticket file to later to avoid seteuid/setuid dance. this breaks DCE, so remove support for it completely. -2005-10-22 Love Hörnquist Åstrand +2005-10-22 Love Hörnquist Ã…strand * rshd.c: Check return value from asprintf instead of string != - NULL since it undefined behavior on Linux. From Björn Sandell + NULL since it undefined behavior on Linux. From Björn Sandell * rsh.c: Check return value from asprintf instead of string != - NULL since it undefined behavior on Linux. From Björn Sandell + NULL since it undefined behavior on Linux. From Björn Sandell -2005-06-08 Love Hörnquist Åstrand +2005-06-08 Love Hörnquist Ã…strand * rshd.c: init some important variables and check that they are set checking authentication, all to please gcc -2005-05-27 Love Hörnquist Åstrand +2005-05-27 Love Hörnquist Ã…strand * rshd.c: case uid_t to unsigned long in printf format -2005-04-27 Love Hörnquist Åstrand +2005-04-27 Love Hörnquist Ã…strand * rsh_locl.h: Use larger buffer for recving data to be compatible with older versions of heimdal (0.4 branch specificly) @@ -69,11 +69,11 @@ * rshd.c: Use larger buffer for recving data to be compatible with older versions of heimdal (0.4 branch specificly) -2005-04-25 Love Hörnquist Åstrand +2005-04-25 Love Hörnquist Ã…strand * rshd.c: use snprintf to format tkfile -2005-04-24 Love Hörnquist Åstrand +2005-04-24 Love Hörnquist Ã…strand * rsh.c: use strlcat @@ -81,7 +81,7 @@ * rsh_locl.h: forward declaration for private structures -2005-04-20 Love Hörnquist Åstrand +2005-04-20 Love Hörnquist Ã…strand * rsh.c: cast size_t to unsigned long @@ -119,7 +119,7 @@ * rshd.c: -P also with KRB5 -2003-04-22 Love Hörnquist Åstrand +2003-04-22 Love Hörnquist Ã…strand * rsh.1: replace > with \*[Gt] @@ -138,7 +138,7 @@ * rsh.c (loop): only check errsock if it's valid -2003-03-18 Love Love Hörnquist Åstrand +2003-03-18 Love Love Hörnquist Ã…strand * rshd.c: do krb5_afslog when compling with afs support diff --git a/appl/rsh/Makefile.am b/appl/rsh/Makefile.am index 6377e02c7127..2cd18752f844 100644 --- a/appl/rsh/Makefile.am +++ b/appl/rsh/Makefile.am @@ -1,8 +1,8 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -AM_CPPFLAGS += $(INCLUDE_krb4) -I$(srcdir)/../login +AM_CPPFLAGS += -I$(srcdir)/../login $(INCLUDE_hcrypto) bin_PROGRAMS = rsh @@ -22,8 +22,7 @@ limits_conf.c: LDADD = $(LIB_kafs) \ $(LIB_krb5) \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) diff --git a/appl/rsh/Makefile.in b/appl/rsh/Makefile.in index 6c7651c65fdf..c2ec70e0eae9 100644 --- a/appl/rsh/Makefile.in +++ b/appl/rsh/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -46,7 +48,7 @@ libexec_PROGRAMS = rshd$(EXEEXT) subdir = appl/rsh ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -61,7 +63,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -75,9 +77,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -85,16 +90,15 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" \ "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) am_rsh_OBJECTS = rsh.$(OBJEXT) common.$(OBJEXT) rsh_OBJECTS = $(am_rsh_OBJECTS) @@ -103,18 +107,16 @@ am__DEPENDENCIES_1 = am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ $(am__DEPENDENCIES_1) rsh_DEPENDENCIES = $(am__DEPENDENCIES_2) $(LIB_krb5) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) am_rshd_OBJECTS = rshd.$(OBJEXT) common.$(OBJEXT) \ login_access.$(OBJEXT) limits_conf.$(OBJEXT) rshd_OBJECTS = $(am_rshd_OBJECTS) rshd_LDADD = $(LDADD) rshd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(LIB_krb5) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -126,6 +128,27 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(rsh_SOURCES) $(rshd_SOURCES) DIST_SOURCES = $(rsh_SOURCES) $(rshd_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man1dir = $(mandir)/man1 man8dir = $(mandir)/man8 MANS = $(man_MANS) @@ -136,49 +159,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -202,10 +234,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -222,6 +255,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -237,31 +272,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -276,10 +325,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -320,57 +371,61 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) -I$(srcdir)/../login +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) -I$(srcdir)/../login \ + $(INCLUDE_hcrypto) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la man_MANS = rsh.1 rshd.8 rsh_SOURCES = rsh.c common.c rsh_locl.h rshd_SOURCES = rshd.c common.c login_access.c limits_conf.c rsh_locl.h LDADD = $(LIB_kafs) \ $(LIB_krb5) \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/rsh/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/rsh/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/rsh/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/rsh/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -388,62 +443,93 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list rsh$(EXEEXT): $(rsh_OBJECTS) $(rsh_DEPENDENCIES) @rm -f rsh$(EXEEXT) $(LINK) $(rsh_OBJECTS) $(rsh_LDADD) $(LIBS) @@ -457,160 +543,181 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/common.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/limits_conf.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/login_access.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rsh.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rshd.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) +install-man1: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + uninstall-man1: @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } +install-man8: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + uninstall-man8: @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -626,13 +733,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -667,6 +778,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -677,6 +789,7 @@ clean-am: clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -687,6 +800,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -694,26 +809,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS install-libexecPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man1 install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -734,11 +858,10 @@ uninstall-am: uninstall-binPROGRAMS uninstall-libexecPROGRAMS \ uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man1 uninstall-man8 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ @@ -827,6 +950,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -912,7 +1038,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -931,6 +1057,7 @@ login_access.c: limits_conf.c: $(LN_S) $(srcdir)/../login/limits_conf.c . + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/rsh/NTMakefile b/appl/rsh/NTMakefile new file mode 100644 index 000000000000..c7b4e643d3e9 --- /dev/null +++ b/appl/rsh/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\rsh + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/rsh/common.c b/appl/rsh/common.c index 84311b00e188..79017c33c264 100644 --- a/appl/rsh/common.c +++ b/appl/rsh/common.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "rsh_locl.h" -RCSID("$Id: common.c 17450 2006-05-05 11:11:43Z lha $"); +RCSID("$Id$"); -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) #ifdef KRB5 int key_usage = 1026; @@ -74,11 +74,6 @@ ssize_t do_read (int fd, void *buf, size_t sz, void *ivec) { if (do_encrypt) { -#ifdef KRB4 - if (auth_method == AUTH_KRB4) { - return des_enc_read (fd, buf, sz, schedule, &iv); - } else -#endif /* KRB4 */ #ifdef KRB5 if(auth_method == AUTH_KRB5) { krb5_error_code ret; @@ -102,13 +97,15 @@ do_read (int fd, void *buf, size_t sz, void *ivec) if (edata == NULL) errx (1, "malloc: cannot allocate %u bytes", outer_len); ret = krb5_net_read (context, &fd, edata, outer_len); - if (ret <= 0) + if (ret <= 0) { + free(edata); return ret; + } - status = krb5_decrypt_ivec(context, crypto, key_usage, + status = krb5_decrypt_ivec(context, crypto, key_usage, edata, outer_len, &data, ivec); free (edata); - + if (status) krb5_err (context, 1, status, "decrypting data"); if(ivec != NULL) { @@ -134,11 +131,6 @@ ssize_t do_write (int fd, void *buf, size_t sz, void *ivec) { if (do_encrypt) { -#ifdef KRB4 - if(auth_method == AUTH_KRB4) { - return des_enc_write (fd, buf, sz, schedule, &iv); - } else -#endif /* KRB4 */ #ifdef KRB5 if(auth_method == AUTH_KRB5) { krb5_error_code status; @@ -177,4 +169,4 @@ do_write (int fd, void *buf, size_t sz, void *ivec) } else return write (fd, buf, sz); } -#endif /* KRB4 || KRB5 */ +#endif /* KRB5 */ diff --git a/appl/rsh/limits_conf.c b/appl/rsh/limits_conf.c index ac9837f1406b..1068b967014f 100644 --- a/appl/rsh/limits_conf.c +++ b/appl/rsh/limits_conf.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "login_locl.h" -RCSID("$Id: limits_conf.c 19215 2006-12-04 23:41:18Z lha $"); +RCSID("$Id$"); #include #include @@ -91,7 +91,7 @@ find_limit(const char *name) /* this function reads limits.conf files similar to pam_limits unimplemented features include: % maxlogins - "-" no limits, + "-" no limits, priorities etc that are not set via setrlimit XXX uses static storage, and clobbers getgr* */ @@ -131,7 +131,7 @@ read_limits_conf(const char *file, const struct passwd *pwd) int c; while((c = fgetc(f)) != EOF) { eof = 0; - if(c == '\n') + if(c == '\n') break; } if(!eof) { @@ -192,12 +192,12 @@ read_limits_conf(const char *file, const struct passwd *pwd) continue; l->has_limit = level; } - + /* XXX unclear: if you soft to more than default hard, should we set hard to soft? this code doesn't. */ if(strcasecmp(args[1], "soft") == 0 || strcmp(args[1], "-") == 0) l->limit.rlim_cur = value; - if(strcasecmp(args[1], "hard") == 0 || strcmp(args[1], "-") == 0) + if(strcasecmp(args[1], "hard") == 0 || strcmp(args[1], "-") == 0) l->limit.rlim_max = value; } fclose(f); diff --git a/appl/rsh/login_access.c b/appl/rsh/login_access.c index e1bfe42ea1b8..71b1fb1aa274 100644 --- a/appl/rsh/login_access.c +++ b/appl/rsh/login_access.c @@ -25,7 +25,7 @@ #include "login_locl.h" -RCSID("$Id: login_access.c 10020 2001-06-04 14:10:19Z assar $"); +RCSID("$Id$"); /* Delimiters for fields and for lists of users, ttys or hosts. */ @@ -101,13 +101,13 @@ int login_access(struct passwd *user, char *from) || !(users = strtok_r(NULL, fs, &foo)) || !(froms = strtok_r(NULL, fs, &foo)) || strtok_r(NULL, fs, &foo)) { - syslog(LOG_ERR, "%s: line %d: bad field count", + syslog(LOG_ERR, "%s: line %d: bad field count", _PATH_LOGACCESS, lineno); continue; } if (perm[0] != '+' && perm[0] != '-') { - syslog(LOG_ERR, "%s: line %d: bad first field", + syslog(LOG_ERR, "%s: line %d: bad first field", _PATH_LOGACCESS, lineno); continue; diff --git a/appl/rsh/rsh.1 b/appl/rsh/rsh.1 index 2999dc06a29c..0b0701f43cb1 100644 --- a/appl/rsh/rsh.1 +++ b/appl/rsh/rsh.1 @@ -1,43 +1,42 @@ -.\" Copyright (c) 2002 - 2003 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2002 - 2003 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: rsh.1 13394 2004-02-20 12:21:42Z joda $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd February 20, 2004 .Dt RSH 1 .Os HEIMDAL .Sh NAME .Nm rsh -.Nd -remote shell +.Nd remote shell .Sh SYNOPSIS .Nm .Op Fl 45FGKdefnuxz @@ -63,7 +62,7 @@ Valid options are: .Bl -tag -width Ds .It Xo .Fl 4 , -.Fl -krb4 +.Fl Fl krb4 .Xc The .Fl 4 @@ -72,7 +71,7 @@ authentication mechanisms will be tried, but in some cases more explicit control is desired. .It Xo .Fl 5 , -.Fl -krb5 +.Fl Fl krb5 .Xc The .Fl 5 @@ -81,7 +80,7 @@ option requests Kerberos 5 authentication. This is analogous to the option. .It Xo .Fl K , -.Fl -broken +.Fl Fl broken .Xc The .Fl K @@ -90,7 +89,7 @@ mode relies on reserved ports. The long name is an indication of how good this is. .It Xo .Fl n , -.Fl -no-input +.Fl Fl no-input .Xc The .Fl n @@ -105,13 +104,13 @@ Enable socket debugging. .It Xo .Fl e , -.Fl -no-stderr +.Fl Fl no-stderr .Xc Don't use a separate socket for the stderr stream. This can be necessary if rsh-ing through a NAT bridge. .It Xo .Fl x , -.Fl -encrypt +.Fl Fl encrypt .Xc The .Fl x @@ -127,12 +126,12 @@ The opposite of This is the default, and is mainly useful if encryption has been enabled by default, for instance in the .Li appdefaults -section of +section of .Pa /etc/krb5.conf when using Kerberos 5. .It Xo .Fl f , -.Fl -forward +.Fl Fl forward .Xc Forward Kerberos 5 credentials to the remote host. Also settable via @@ -141,16 +140,16 @@ Also settable via .Xr krb5.conf ) . .It Xo .Fl F , -.Fl -forwardable +.Fl Fl forwardable .Xc -Make the forwarded credentials re-forwardable. +Make the forwarded credentials re-forwardable. Also settable via .Li appdefaults (see .Xr krb5.conf ) . .It Xo .Fl l Ar string , -.Fl -user= Ns Ar string +.Fl Fl user= Ns Ar string .Xc By default the remote username is the same as the local. The .Fl l @@ -159,16 +158,16 @@ option or the format allow the remote name to be specified. .It Xo .Fl n , -.Fl -no-input +.Fl Fl no-input .Xc -Direct input from +Direct input from .Pa /dev/null (see the .Sx BUGS section). .It Xo .Fl p Ar number-or-service , -.Fl -port= Ns Ar number-or-service +.Fl Fl port= Ns Ar number-or-service .Xc Connect to this port instead of the default (which is 514 when using old port based authentication, 544 for Kerberos 5 and non-encrypted @@ -177,13 +176,13 @@ the contents of .Pa /etc/services ) . .It Xo .Fl P Ar N|O|1|2 , -.Fl -protocol= Ns Ar N|O|1|2 +.Fl Fl protocol= Ns Ar N|O|1|2 .Xc Specifies the protocol version to use with Kerberos 5. .Ar N and .Ar 2 -select protocol version 2, while +select protocol version 2, while .Ar O and .Ar 1 @@ -193,20 +192,20 @@ default. Unless asked for a specific version, will try both. This behaviour may change in the future. .It Xo .Fl u , -.Fl -unique +.Fl Fl unique .Xc Make sure the remote credentials cache is unique, that is, don't reuse any existing cache. Mutually exclusive to .Fl U . .It Xo .Fl U Pa string , -.Fl -tkfile= Ns Pa string +.Fl Fl tkfile= Ns Pa string .Xc Name of the remote credentials cache. Mutually exclusive to .Fl u . .It Xo .Fl x , -.Fl -encrypt +.Fl Fl encrypt .Xc The .Fl x diff --git a/appl/rsh/rsh.c b/appl/rsh/rsh.c index 2d64d21f49fa..38ac753cd6ac 100644 --- a/appl/rsh/rsh.c +++ b/appl/rsh/rsh.c @@ -1,41 +1,41 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "rsh_locl.h" -RCSID("$Id: rsh.c 21516 2007-07-12 12:47:23Z lha $"); +RCSID("$Id$"); enum auth_method auth_method; -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) int do_encrypt = -1; #endif #ifdef KRB5 @@ -48,19 +48,12 @@ krb5_context context; krb5_keyblock *keyblock; krb5_crypto crypto; #endif -#ifdef KRB4 -des_key_schedule schedule; -des_cblock iv; -#endif int sock_debug = 0; -#ifdef KRB4 -static int use_v4 = -1; -#endif #ifdef KRB5 static int use_v5 = -1; #endif -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) static int use_only_broken = 0; #else static int use_only_broken = 1; @@ -95,7 +88,7 @@ rsh_loop (int s, int errsock) if (s >= FD_SETSIZE || (errsock != -1 && errsock >= FD_SETSIZE)) errx (1, "fd too large"); - + FD_ZERO(&real_readset); FD_SET(s, &real_readset); if (errsock != -1) { @@ -156,50 +149,6 @@ rsh_loop (int s, int errsock) } } -#ifdef KRB4 -static int -send_krb4_auth(int s, - struct sockaddr *thisaddr, - struct sockaddr *thataddr, - const char *hostname, - const char *remote_user, - const char *local_user, - size_t cmd_len, - const char *cmd) -{ - KTEXT_ST text; - CREDENTIALS cred; - MSG_DAT msg; - int status; - size_t len; - - /* the normal default for krb4 should be to disable encryption */ - status = krb_sendauth ((do_encrypt == 1) ? KOPT_DO_MUTUAL : 0, - s, &text, "rcmd", - (char *)hostname, krb_realmofhost (hostname), - getpid(), &msg, &cred, schedule, - (struct sockaddr_in *)thisaddr, - (struct sockaddr_in *)thataddr, - KCMD_OLD_VERSION); - if (status != KSUCCESS) { - warnx("%s: %s", hostname, krb_get_err_text(status)); - return 1; - } - memcpy (iv, cred.session, sizeof(iv)); - - len = strlen(remote_user) + 1; - if (net_write (s, remote_user, len) != len) { - warn("write"); - return 1; - } - if (net_write (s, cmd, cmd_len) != cmd_len) { - warn("write"); - return 1; - } - return 0; -} -#endif /* KRB4 */ - #ifdef KRB5 /* * Send forward information on `s' for host `hostname', them being @@ -236,17 +185,16 @@ krb5_forward_cred (krb5_auth_context auth_context, } creds.client = principal; - - ret = krb5_build_principal (context, - &creds.server, - strlen(principal->realm), - principal->realm, - "krbtgt", - principal->realm, - NULL); + + ret = krb5_make_principal(context, + &creds.server, + principal->realm, + "krbtgt", + principal->realm, + NULL); if (ret) { - warnx ("could not forward creds: krb5_build_principal: %s", + warnx ("could not forward creds: krb5_make_principal: %s", krb5_get_err_text (context, ret)); return 1; } @@ -313,10 +261,10 @@ send_krb5_auth(int s, } if(do_encrypt == -1) { - krb5_appdefault_boolean(context, NULL, - krb5_principal_get_realm(context, server), - "encrypt", - FALSE, + krb5_appdefault_boolean(context, NULL, + krb5_principal_get_realm(context, server), + "encrypt", + FALSE, &do_encrypt); } @@ -349,7 +297,7 @@ send_krb5_auth(int s, default: abort(); } - + status = krb5_sendauth (context, &auth_context, &s, @@ -369,19 +317,19 @@ send_krb5_auth(int s, krb5_const_realm realm = krb5_principal_get_realm(context, server); if (do_forwardable == -1) krb5_appdefault_boolean(context, NULL, realm, - "forwardable", FALSE, + "forwardable", FALSE, &do_forwardable); if (do_forward == -1) krb5_appdefault_boolean(context, NULL, realm, - "forward", FALSE, + "forward", FALSE, &do_forward); } - + krb5_free_principal(context, server); krb5_data_free(&cksum_data); if (status) { - if(status == KRB5_SENDAUTH_REJECTED && + if(status == KRB5_SENDAUTH_REJECTED && protocol_version == 2 && protocol_version_str == NULL) sendauth_version_error = 1; else @@ -593,7 +541,7 @@ proto (int s, int errsock, cmd_len, cmd)) { close (errsock2); return 1; - } + } ret = net_read (s, &reply, 1); if (ret < 0) { @@ -625,7 +573,7 @@ proto (int s, int errsock, (void *)&one, sizeof(one)) < 0) warn("setsockopt stderr"); } - + return rsh_loop (s, errsock2); } @@ -666,11 +614,11 @@ print_addr (const struct sockaddr *sa) const char *as = NULL; if(sa->sa_family == AF_INET) - as = inet_ntop (sa->sa_family, &((struct sockaddr_in*)sa)->sin_addr, + as = inet_ntop (sa->sa_family, &((struct sockaddr_in*)sa)->sin_addr, addr_str, sizeof(addr_str)); #ifdef HAVE_INET6 else if(sa->sa_family == AF_INET6) - as = inet_ntop (sa->sa_family, &((struct sockaddr_in6*)sa)->sin6_addr, + as = inet_ntop (sa->sa_family, &((struct sockaddr_in6*)sa)->sin6_addr, addr_str, sizeof(addr_str)); #endif if(as == NULL) @@ -697,7 +645,7 @@ doit_broken (int argc, if (connect (priv_socket1, ai->ai_addr, ai->ai_addrlen) < 0) { int save_errno = errno; - + close(priv_socket1); close(priv_socket2); @@ -754,7 +702,7 @@ doit_broken (int argc, } } -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) static int doit (const char *hostname, struct addrinfo *ai, @@ -778,12 +726,12 @@ doit (const char *hostname, int errsock; s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) + if (s < 0) continue; socketfailed = 0; if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { char addr[128]; - if(getnameinfo(a->ai_addr, a->ai_addrlen, + if(getnameinfo(a->ai_addr, a->ai_addrlen, addr, sizeof(addr), NULL, 0, NI_NUMERICHOST) == 0) warn ("connect(%s [%s])", hostname, addr); else @@ -820,7 +768,7 @@ doit (const char *hostname, freeaddrinfo (eai); } else errsock = -1; - + ret = proto (s, errsock, hostname, local_user, remote_user, @@ -832,12 +780,9 @@ doit (const char *hostname, warnx ("failed to contact %s", hostname); return -1; } -#endif /* KRB4 || KRB5 */ +#endif /* KRB5 */ struct getargs args[] = { -#ifdef KRB4 - { "krb4", '4', arg_flag, &use_v4, "Use Kerberos V4" }, -#endif #ifdef KRB5 { "krb5", '5', arg_flag, &use_v5, "Use Kerberos V5" }, { "forward", 'f', arg_flag, &do_forward, "Forward credentials [krb5]"}, @@ -848,11 +793,11 @@ struct getargs args[] = { "Use unique remote credentials cache [krb5]" }, { "tkfile", 'U', arg_string, &unique_tkfile, "Specifies remote credentials cache [krb5]" }, - { "protocol", 'P', arg_string, &protocol_version_str, + { "protocol", 'P', arg_string, &protocol_version_str, "Protocol version [krb5]", "protocol" }, #endif { "broken", 'K', arg_flag, &use_only_broken, "Use only priv port" }, -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) { "encrypt", 'x', arg_flag, &do_encrypt, "Encrypt connection" }, { NULL, 'z', arg_negative_flag, &do_encrypt, "Don't encrypt connection", NULL }, @@ -909,14 +854,14 @@ main(int argc, char **argv) uid = getuid (); if (setuid (uid) || (uid != 0 && setuid(0) == 0)) err (1, "setuid"); - + setprogname (argv[0]); if (argc >= 2 && argv[1][0] != '-') { host = argv[host_index = 1]; argindex = 1; } - + if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, &argindex)) usage (1); @@ -940,7 +885,7 @@ main(int argc, char **argv) int v; v = strtol(protocol_version_str, &end, 0); if(*end != '\0' || (v != 1 && v != 2)) { - errx(1, "unknown protocol version \"%s\"", + errx(1, "unknown protocol version \"%s\"", protocol_version_str); } protocol_version = v; @@ -962,17 +907,7 @@ main(int argc, char **argv) #endif -#if defined(KRB4) && defined(KRB5) - if(use_v4 == -1 && use_v5 == 1) - use_v4 = 0; - if(use_v5 == -1 && use_v4 == 1) - use_v5 = 0; -#endif - if (use_only_broken) { -#ifdef KRB4 - use_v4 = 0; -#endif #ifdef KRB5 use_v5 = 0; #endif @@ -984,7 +919,7 @@ main(int argc, char **argv) use_broken = 0; } -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) if (do_encrypt == 1 && use_only_broken) errx (1, "encryption not supported with old style authentication"); #endif @@ -1013,7 +948,7 @@ main(int argc, char **argv) else host = argv[host_index = argindex++]; } - + if((tmp = strchr(host, '@')) != NULL) { *tmp++ = '\0'; user = host; @@ -1036,7 +971,7 @@ main(int argc, char **argv) user = local_user; cmd_len = construct_command(&cmd, argc - argindex, argv + argindex); - + /* * Try all different authentication methods */ @@ -1061,40 +996,13 @@ main(int argc, char **argv) again: ret = doit (host, ai, user, local_user, cmd, cmd_len, send_krb5_auth); - if(ret != 0 && sendauth_version_error && + if(ret != 0 && sendauth_version_error && protocol_version == 2) { protocol_version = 1; goto again; } freeaddrinfo(ai); } -#endif -#ifdef KRB4 - if (ret && use_v4) { - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - if(port_str == NULL) { - if(do_encrypt) { - error = getaddrinfo(host, "ekshell", &hints, &ai); - if(error == EAI_NONAME) - error = getaddrinfo(host, "545", &hints, &ai); - } else { - error = getaddrinfo(host, "kshell", &hints, &ai); - if(error == EAI_NONAME) - error = getaddrinfo(host, "544", &hints, &ai); - } - } else - error = getaddrinfo(host, port_str, &hints, &ai); - - if(error) - errx (1, "getaddrinfo: %s", gai_strerror(error)); - auth_method = AUTH_KRB4; - ret = doit (host, ai, user, local_user, cmd, cmd_len, - send_krb4_auth); - freeaddrinfo(ai); - } #endif if (ret && use_broken) { memset (&hints, 0, sizeof(hints)); diff --git a/appl/rsh/rsh.cat1 b/appl/rsh/rsh.cat1 new file mode 100644 index 000000000000..b5cda8fc390f --- /dev/null +++ b/appl/rsh/rsh.cat1 @@ -0,0 +1,139 @@ + +RSH(1) BSD General Commands Manual RSH(1) + +NNAAMMEE + rrsshh -- remote shell + +SSYYNNOOPPSSIISS + rrsshh [--4455FFGGKKddeeffnnuuxxzz] [--UU _s_t_r_i_n_g] [--pp _p_o_r_t] [--ll _u_s_e_r_n_a_m_e] [--PP _N_|_O] _h_o_s_t + _[_c_o_m_m_a_n_d_] + +DDEESSCCRRIIPPTTIIOONN + rrsshh authenticates to the rshd(8) daemon on the remote _h_o_s_t, and then exe- + cutes the specified _c_o_m_m_a_n_d. + + rrsshh copies its standard input to the remote command, and the standard + output and error of the remote command to its own. + + Valid options are: + + --44, ----kkrrbb44 + The --44 option requests Kerberos 4 authentication. Normally all + supported authentication mechanisms will be tried, but in some + cases more explicit control is desired. + + --55, ----kkrrbb55 + The --55 option requests Kerberos 5 authentication. This is analo- + gous to the --44 option. + + --KK, ----bbrrookkeenn + The --KK option turns off all Kerberos authentication. The security + in this mode relies on reserved ports. The long name is an indi- + cation of how good this is. + + --nn, ----nnoo--iinnppuutt + The --nn option directs the input from the _/_d_e_v_/_n_u_l_l device (see + the _B_U_G_S section of this manual page). + + --dd Enable setsockopt(2) socket debugging. + + --ee, ----nnoo--ssttddeerrrr + Don't use a separate socket for the stderr stream. This can be + necessary if rsh-ing through a NAT bridge. + + --xx, ----eennccrryypptt + The --xx option enables encryption for all data exchange. This is + only valid for Kerberos authenticated connections (see the _B_U_G_S + section for limitations). + + --zz The opposite of --xx. This is the default, and is mainly useful if + encryption has been enabled by default, for instance in the + appdefaults section of _/_e_t_c_/_k_r_b_5_._c_o_n_f when using Kerberos 5. + + --ff, ----ffoorrwwaarrdd + Forward Kerberos 5 credentials to the remote host. Also settable + via appdefaults (see krb5.conf). + + --FF, ----ffoorrwwaarrddaabbllee + Make the forwarded credentials re-forwardable. Also settable via + appdefaults (see krb5.conf). + + --ll _s_t_r_i_n_g, ----uusseerr==_s_t_r_i_n_g + By default the remote username is the same as the local. The --ll + option or the _u_s_e_r_n_a_m_e_@_h_o_s_t format allow the remote name to be + specified. + + --nn, ----nnoo--iinnppuutt + Direct input from _/_d_e_v_/_n_u_l_l (see the _B_U_G_S section). + + --pp _n_u_m_b_e_r_-_o_r_-_s_e_r_v_i_c_e, ----ppoorrtt==_n_u_m_b_e_r_-_o_r_-_s_e_r_v_i_c_e + Connect to this port instead of the default (which is 514 when + using old port based authentication, 544 for Kerberos 5 and non- + encrypted Kerberos 4, and 545 for encrytpted Kerberos 4; subject + of course to the contents of _/_e_t_c_/_s_e_r_v_i_c_e_s). + + --PP _N_|_O_|_1_|_2, ----pprroottooccooll==_N_|_O_|_1_|_2 + Specifies the protocol version to use with Kerberos 5. _N and _2 + select protocol version 2, while _O and _1 select version 1. Ver- + sion 2 is believed to be more secure, and is the default. Unless + asked for a specific version, rrsshh will try both. This behaviour + may change in the future. + + --uu, ----uunniiqquuee + Make sure the remote credentials cache is unique, that is, don't + reuse any existing cache. Mutually exclusive to --UU. + + --UU _s_t_r_i_n_g, ----ttkkffiillee==_s_t_r_i_n_g + Name of the remote credentials cache. Mutually exclusive to --uu. + + --xx, ----eennccrryypptt + The --xx option enables encryption for all data exchange. This is + only valid for Kerberos authenticated connections (see the _B_U_G_S + section for limitations). + + --zz The opposite of --xx. This is the default, but encryption can be + enabled when using Kerberos 5, by setting the libdefaults/encrypt + option in krb5.conf(5). + +EEXXAAMMPPLLEESS + Care should be taken when issuing commands containing shell meta charac- + ters. Without quoting, these will be expanded on the local machine. + + The following command: + + rsh otherhost cat remotefile > localfile + + will write the contents of the remote _r_e_m_o_t_e_f_i_l_e to the local _l_o_c_a_l_f_i_l_e, + but: + + rsh otherhost 'cat remotefile > remotefile2' + + will write it to the remote _r_e_m_o_t_e_f_i_l_e_2. + +FFIILLEESS + /etc/hosts + +SSEEEE AALLSSOO + rlogin(1), krb_realmofhost(3), krb_sendauth(3), hosts.equiv(5), + krb5.conf(5), rhosts(5), kerberos(8) rshd(8) + +HHIISSTTOORRYY + The rrsshh command appeared in 4.2BSD. + +AAUUTTHHOORRSS + This implementation of rrsshh was written as part of the Heimdal Kerberos 5 + implementation. + +BBUUGGSS + Some shells (notably csh(1)) will cause rrsshh to block if run in the back- + ground, unless the standard input is directed away from the terminal. + This is what the --nn option is for. + + The --xx options enables encryption for the session, but for both Kerberos + 4 and 5 the actual command is sent unencrypted, so you should not send + any secret information in the command line (which is probably a bad idea + anyway, since the command line can usually be read with tools like + ps(1)). Forthermore in Kerberos 4 the command is not even integrity pro- + tected, so anyone with the right tools can modify the command. + +HEIMDAL February 20, 2004 HEIMDAL diff --git a/appl/rsh/rsh_locl.h b/appl/rsh/rsh_locl.h index 0d65962bfd0e..3091ce0793a9 100644 --- a/appl/rsh/rsh_locl.h +++ b/appl/rsh/rsh_locl.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: rsh_locl.h 21553 2007-07-15 09:04:52Z lha $ */ +/* $Id$ */ #ifdef HAVE_CONFIG_H #include @@ -96,22 +96,23 @@ #include #include #include -#ifdef KRB4 -#include -#include -#endif #ifdef KRB5 #include /* XXX */ +struct hx509_certs_data; struct krb5_pk_identity; struct krb5_pk_cert; struct ContentInfo; +struct AlgorithmIdentifier; struct _krb5_krb_auth_data; struct krb5_dh_moduli; +struct _krb5_key_data; +struct _krb5_encryption_type; +struct _krb5_key_type; #include "crypto-headers.h" #include /* for _krb5_{get,put}_int */ #endif -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) #include #endif @@ -129,7 +130,7 @@ struct krb5_dh_moduli; * */ -enum auth_method { AUTH_KRB4, AUTH_KRB5, AUTH_BROKEN }; +enum auth_method { AUTH_KRB5, AUTH_BROKEN }; extern enum auth_method auth_method; extern int do_encrypt; @@ -142,10 +143,6 @@ extern void *ivec_in[2]; extern void *ivec_out[2]; void init_ivecs(int, int); #endif -#ifdef KRB4 -extern des_key_schedule schedule; -extern des_cblock iv; -#endif #define KCMD_OLD_VERSION "KCMDV0.1" #define KCMD_NEW_VERSION "KCMDV0.2" @@ -160,7 +157,7 @@ extern des_cblock iv; #define PATH_RSH BINDIR "/rsh" -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) ssize_t do_read (int, void*, size_t, void*); ssize_t do_write (int, void*, size_t, void*); #else diff --git a/appl/rsh/rshd.8 b/appl/rsh/rshd.8 index 95737a5082d3..1815cc691c32 100644 --- a/appl/rsh/rshd.8 +++ b/appl/rsh/rshd.8 @@ -1,43 +1,42 @@ -.\" Copyright (c) 2001 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2001 - 2006 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: rshd.8 16764 2006-02-27 10:07:04Z joda $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd November 22, 2002 .Dt RSHD 8 .Os HEIMDAL .Sh NAME .Nm rshd -.Nd -remote shell server +.Nd remote shell server .Sh SYNOPSIS .Nm .Op Fl aiklnvxPL @@ -52,14 +51,14 @@ service. Supported options are: .Bl -tag -width Ds .It Xo .Fl n , -.Fl -no-keepalive +.Fl Fl no-keepalive .Xc Disables keep-alive messages. Keep-alives are packets sent at certain intervals to make sure that the client is still there, even when it doesn't send any data. .It Xo .Fl k , -.Fl -kerberos +.Fl Fl kerberos .Xc Assume that clients connecting to this server will use some form of Kerberos authentication. See the @@ -69,7 +68,7 @@ section for a sample configuration. .It Xo .Fl x , -.Fl -encrypt +.Fl Fl encrypt .Xc For Kerberos 4 this means that the connections are encrypted. Kerberos 5 can negotiate encryption even without this option, but if it's @@ -79,14 +78,14 @@ will deny unencrypted connections. This option implies .Fl k . .\".It Xo .\".Fl l , -.\".Fl -no-rhosts +.\".Fl Fl no-rhosts .\".Xc .\"When using old port-based authentication, the user's .\".Pa .rhosts .\"files are normally checked. This option disables this. .It Xo .Fl v , -.Fl -vacuous +.Fl Fl vacuous .Xc If the connecting client does not use any Kerberised authentication, print a message that complains about this fact, and exit. This is @@ -104,7 +103,7 @@ it possible to share tokens between sessions. This is only useful in peculiar environments, such as some batch systems. .It Xo .Fl i , -.Fl -no-inetd +.Fl Fl no-inetd .Xc The .Fl i @@ -115,7 +114,7 @@ to create a socket, instead of assuming that its stdin came from This is mostly useful for debugging. .It Xo .Fl p Ar port , -.Fl -port= Ns Ar port +.Fl Fl port= Ns Ar port .Xc Port to use with .Fl i . diff --git a/appl/rsh/rshd.c b/appl/rsh/rshd.c index 852327ad6705..1958f2d73aa4 100644 --- a/appl/rsh/rshd.c +++ b/appl/rsh/rshd.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "rsh_locl.h" #include "login_locl.h" -RCSID("$Id: rshd.c 21515 2007-07-12 12:47:07Z lha $"); +RCSID("$Id$"); int login_access( struct passwd *user, char *from); @@ -52,11 +52,6 @@ krb5_keyblock *keyblock; krb5_crypto crypto; #endif -#ifdef KRB4 -des_key_schedule schedule; -des_cblock iv; -#endif - #ifdef KRB5 krb5_ccache ccache, ccache2; int kerberos_status = 0; @@ -71,7 +66,6 @@ static int do_inetd = 1; static char *port_str; static int do_rhosts = 1; static int do_kerberos = 0; -#define DO_KRB4 2 #define DO_KRB5 4 static int do_vacuous = 0; static int do_log = 1; @@ -113,7 +107,7 @@ fatal (int sock, const char *what, const char *m, ...) len = min(len, sizeof(buf) - 1); va_end(args); if(what != NULL) - syslog (LOG_ERR, "%s: %m: %s", what, buf + 1); + syslog (LOG_ERR, "%s: %s: %s", what, strerror(errno), buf + 1); else syslog (LOG_ERR, "%s", buf + 1); net_write (sock, buf, len + 1); @@ -129,7 +123,7 @@ read_str (int s, size_t sz, char *expl) fatal(s, NULL, "%s too long", expl); while(p < str + sz) { if(net_read(s, p, 1) != 1) - syslog_and_die("read: %m"); + syslog_and_die("read: %s", strerror(errno)); if(*p == '\0') return str; p++; @@ -146,7 +140,7 @@ recv_bsd_auth (int s, u_char *buf, char **cmd) { struct passwd *pwd; - + *client_username = read_str (s, USERNAME_SZ, "local username"); *server_username = read_str (s, USERNAME_SZ, "remote username"); *cmd = read_str (s, ARG_MAX + 1, "command"); @@ -159,72 +153,8 @@ recv_bsd_auth (int s, u_char *buf, return 0; } -#ifdef KRB4 -static int -recv_krb4_auth (int s, u_char *buf, - struct sockaddr *thisaddr, - struct sockaddr *thataddr, - char **client_username, - char **server_username, - char **cmd) -{ - int status; - int32_t options; - KTEXT_ST ticket; - AUTH_DAT auth; - char instance[INST_SZ + 1]; - char version[KRB_SENDAUTH_VLEN + 1]; - - if (memcmp (buf, KRB_SENDAUTH_VERS, 4) != 0) - return -1; - if (net_read (s, buf + 4, KRB_SENDAUTH_VLEN - 4) != - KRB_SENDAUTH_VLEN - 4) - syslog_and_die ("reading auth info: %m"); - if (memcmp (buf, KRB_SENDAUTH_VERS, KRB_SENDAUTH_VLEN) != 0) - syslog_and_die("unrecognized auth protocol: %.8s", buf); - - options = KOPT_IGNORE_PROTOCOL; - if (do_encrypt) - options |= KOPT_DO_MUTUAL; - k_getsockinst (s, instance, sizeof(instance)); - status = krb_recvauth (options, - s, - &ticket, - "rcmd", - instance, - (struct sockaddr_in *)thataddr, - (struct sockaddr_in *)thisaddr, - &auth, - "", - schedule, - version); - if (status != KSUCCESS) - syslog_and_die ("recvauth: %s", krb_get_err_text(status)); - if (strncmp (version, KCMD_OLD_VERSION, KRB_SENDAUTH_VLEN) != 0) - syslog_and_die ("bad version: %s", version); - - *server_username = read_str (s, USERNAME_SZ, "remote username"); - if (kuserok (&auth, *server_username) != 0) - fatal (s, NULL, "Permission denied."); - *cmd = read_str (s, ARG_MAX + 1, "command"); - - syslog(LOG_INFO|LOG_AUTH, - "kerberos v4 shell from %s on %s as %s, cmd '%.80s'", - krb_unparse_name_long(auth.pname, auth.pinst, auth.prealm), - - inet_ntoa(((struct sockaddr_in *)thataddr)->sin_addr), - *server_username, - *cmd); - - memcpy (iv, auth.session, sizeof(iv)); - - return 0; -} - -#endif /* KRB4 */ - #ifdef KRB5 -static int +static int save_krb5_creds (int s, krb5_auth_context auth_context, krb5_principal client) @@ -232,7 +162,7 @@ save_krb5_creds (int s, { int ret; krb5_data remote_cred; - + krb5_data_zero (&remote_cred); ret= krb5_read_message (context, (void *)&s, &remote_cred); if (ret) { @@ -241,13 +171,13 @@ save_krb5_creds (int s, } if (remote_cred.length == 0) return 0; - - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &ccache); + + ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, &ccache); if (ret) { krb5_data_free(&remote_cred); return 0; } - + krb5_cc_initialize(context,ccache,client); ret = krb5_rd_cred2(context, auth_context, ccache, &remote_cred); if(ret != 0) @@ -268,8 +198,8 @@ krb5_start_session (void) ret = krb5_cc_resolve (context, tkfile, &ccache2); if (ret) { estr = krb5_get_error_string(context); - syslog(LOG_WARNING, "resolve cred cache %s: %s", - tkfile, + syslog(LOG_WARNING, "resolve cred cache %s: %s", + tkfile, estr ? estr : krb5_get_err_text(context, ret)); free(estr); krb5_cc_destroy(context, ccache); @@ -279,7 +209,7 @@ krb5_start_session (void) ret = krb5_cc_copy_cache (context, ccache, ccache2); if (ret) { estr = krb5_get_error_string(context); - syslog(LOG_WARNING, "storing credentials: %s", + syslog(LOG_WARNING, "storing credentials: %s", estr ? estr : krb5_get_err_text(context, ret)); free(estr); krb5_cc_destroy(context, ccache); @@ -328,13 +258,13 @@ recv_krb5_auth (int s, u_char *buf, if (memcmp (buf, "\x00\x00\x00\x13", 4) != 0) return -1; len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | (buf[3]); - + if (net_read(s, buf, len) != len) - syslog_and_die ("reading auth info: %m"); + syslog_and_die ("reading auth info: %s", strerror(errno)); if (len != sizeof(KRB5_SENDAUTH_VERSION) || memcmp (buf, KRB5_SENDAUTH_VERSION, len) != 0) syslog_and_die ("bad sendauth version: %.8s", buf); - + status = krb5_sock_to_principal (context, s, "host", @@ -363,7 +293,7 @@ recv_krb5_auth (int s, u_char *buf, *client_username = read_str (s, ARG_MAX + 1, "local username"); if(protocol_version == 2) { - status = krb5_auth_con_getremotesubkey(context, auth_context, + status = krb5_auth_con_getremotesubkey(context, auth_context, &keyblock); if(status != 0 || keyblock == NULL) syslog_and_die("failed to get remote subkey"); @@ -378,10 +308,10 @@ recv_krb5_auth (int s, u_char *buf, status = krb5_crypto_init(context, keyblock, 0, &crypto); if(status) - syslog_and_die("krb5_crypto_init: %s", + syslog_and_die("krb5_crypto_init: %s", krb5_get_err_text(context, status)); - + cksum_data.length = asprintf (&str, "%u:%s%s", ntohs(socket_get_port (thisaddr)), @@ -391,9 +321,9 @@ recv_krb5_auth (int s, u_char *buf, syslog_and_die ("asprintf: out of memory"); cksum_data.data = str; - status = krb5_verify_authenticator_checksum(context, + status = krb5_verify_authenticator_checksum(context, auth_context, - cksum_data.data, + cksum_data.data, cksum_data.length); if (status) @@ -464,7 +394,9 @@ recv_krb5_auth (int s, u_char *buf, *cmd); free (name); } - } + } + + krb5_auth_con_free(context, auth_context); return 0; } @@ -508,12 +440,12 @@ rshd_loop (int from0, int to0, if (errno == EINTR) continue; else - syslog_and_die ("select: %m"); + syslog_and_die ("select: %s", strerror(errno)); } if (FD_ISSET(from0, &readset)) { ret = do_read (from0, buf, RSHD_BUFSIZ, ivec_in[0]); if (ret < 0) - syslog_and_die ("read: %m"); + syslog_and_die ("read: %s", strerror(errno)); else if (ret == 0) { close (from0); close (to0); @@ -524,7 +456,7 @@ rshd_loop (int from0, int to0, if (FD_ISSET(from1, &readset)) { ret = read (from1, buf, RSH_BUFSIZ); if (ret < 0) - syslog_and_die ("read: %m"); + syslog_and_die ("read: %s", strerror(errno)); else if (ret == 0) { close (from1); close (to1); @@ -537,7 +469,7 @@ rshd_loop (int from0, int to0, if (FD_ISSET(from2, &readset)) { ret = read (from2, buf, RSH_BUFSIZ); if (ret < 0) - syslog_and_die ("read: %m"); + syslog_and_die ("read: %s", strerror(errno)); else if (ret == 0) { close (from2); close (to2); @@ -683,10 +615,10 @@ doit (void) thisaddr_len = sizeof(thisaddr_ss); if (getsockname (s, thisaddr, &thisaddr_len) < 0) - syslog_and_die("getsockname: %m"); + syslog_and_die("getsockname: %s", strerror(errno)); thataddr_len = sizeof(thataddr_ss); if (getpeername (s, thataddr, &thataddr_len) < 0) - syslog_and_die ("getpeername: %m"); + syslog_and_die ("getpeername: %s", strerror(errno)); /* check for V4MAPPED addresses? */ @@ -697,7 +629,7 @@ doit (void) port = 0; for(;;) { if (net_read (s, p, 1) != 1) - syslog_and_die ("reading port number: %m"); + syslog_and_die ("reading port number: %s", strerror(errno)); if (*p == '\0') break; else if (isdigit(*p)) @@ -712,7 +644,7 @@ doit (void) if (port) { int priv_port = IPPORT_RESERVED - 1; - /* + /* * There's no reason to require a ``privileged'' port number * here, but for some reason the brain dead rsh clients * do... :-( @@ -732,28 +664,19 @@ doit (void) else errsock = socket (erraddr->sa_family, SOCK_STREAM, 0); if (errsock < 0) - syslog_and_die ("socket: %m"); + syslog_and_die ("socket: %s", strerror(errno)); if (connect (errsock, erraddr, socket_sockaddr_size (erraddr)) < 0) { - syslog (LOG_WARNING, "connect: %m"); + syslog (LOG_WARNING, "connect: %s", strerror(errno)); close (errsock); } } - + if(do_kerberos) { if (net_read (s, buf, 4) != 4) - syslog_and_die ("reading auth info: %m"); - -#ifdef KRB4 - if ((do_kerberos & DO_KRB4) && - recv_krb4_auth (s, buf, thisaddr, thataddr, - &client_user, - &server_user, - &cmd) == 0) - auth_method = AUTH_KRB4; - else -#endif /* KRB4 */ + syslog_and_die ("reading auth info: %s", strerror(errno)); + #ifdef KRB5 if((do_kerberos & DO_KRB5) && recv_krb5_auth (s, buf, thisaddr, thataddr, @@ -811,26 +734,26 @@ doit (void) { struct spwd *sp; long today; - + sp = getspnam(server_user); if (sp != NULL) { today = time(0)/(24L * 60 * 60); - if (sp->sp_expire > 0) - if (today > sp->sp_expire) + if (sp->sp_expire > 0) + if (today > sp->sp_expire) fatal(s, NULL, "Account has expired."); } } #endif - + #ifdef HAVE_SETLOGIN if (setlogin(pwd->pw_name) < 0) - syslog(LOG_ERR, "setlogin() failed: %m"); + syslog(LOG_ERR, "setlogin() failed: %s", strerror(errno)); #endif #ifdef HAVE_SETPCRED if (setpcred (pwd->pw_name, NULL) == -1) - syslog(LOG_ERR, "setpcred() failure: %m"); + syslog(LOG_ERR, "setpcred() failure: %s", strerror(errno)); #endif /* HAVE_SETPCRED */ /* Apply limits if not root */ @@ -863,7 +786,7 @@ doit (void) #ifdef KRB5 { int fd; - + if (!do_unique_tkfile) snprintf(tkfile,sizeof(tkfile),"FILE:/tmp/krb5cc_%lu", (unsigned long)pwd->pw_uid); @@ -873,7 +796,7 @@ doit (void) close(fd); unlink(tkfile+5); } - + if (kerberos_status) krb5_start_session(); } @@ -888,19 +811,13 @@ doit (void) fatal (s, "net_write", "write failed"); } -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) if(k_hasafs()) { char cell[64]; if(do_newpag) k_setpag(); -#ifdef KRB4 - if (k_afs_cell_of_file (pwd->pw_dir, cell, sizeof(cell)) == 0) - krb_afslog_uid_home (cell, NULL, pwd->pw_uid, pwd->pw_dir); - krb_afslog_uid_home(NULL, NULL, pwd->pw_uid, pwd->pw_dir); -#endif -#ifdef KRB5 /* XXX */ if (kerberos_status) { krb5_ccache ccache; @@ -916,9 +833,8 @@ doit (void) krb5_cc_close (context, ccache); } } -#endif /* KRB5 */ } -#endif /* KRB5 || KRB4 */ +#endif /* KRB5 */ execle (pwd->pw_shell, pwd->pw_shell, "-c", cmd, NULL, env); err(1, "exec %s", pwd->pw_shell); } @@ -928,7 +844,7 @@ struct getargs args[] = { { "keepalive", 'n', arg_negative_flag, &do_keepalive }, { "inetd", 'i', arg_negative_flag, &do_inetd, "Not started from inetd" }, -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) { "kerberos", 'k', arg_flag, &do_kerberos, "Implement kerberised services" }, { "encrypt", 'x', arg_flag, &do_encrypt, @@ -940,7 +856,7 @@ struct getargs args[] = { "port" }, { "vacuous", 'v', arg_flag, &do_vacuous, "Don't accept non-kerberised connections" }, -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) { NULL, 'P', arg_negative_flag, &do_newpag, "Don't put process in new PAG" }, #endif @@ -985,12 +901,12 @@ main(int argc, char **argv) exit(0); } -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) if (do_encrypt) do_kerberos = 1; if(do_kerberos) - do_kerberos = DO_KRB4 | DO_KRB5; + do_kerberos = DO_KRB5; #endif #ifdef KRB5 @@ -1002,19 +918,19 @@ main(int argc, char **argv) int error; struct addrinfo *ai = NULL, hints; char portstr[NI_MAXSERV]; - + memset (&hints, 0, sizeof(hints)); hints.ai_flags = AI_PASSIVE; hints.ai_socktype = SOCK_STREAM; hints.ai_family = PF_UNSPEC; - + if(port_str != NULL) { error = getaddrinfo (NULL, port_str, &hints, &ai); if (error) errx (1, "getaddrinfo: %s", gai_strerror (error)); } if (ai == NULL) { -#if defined(KRB4) || defined(KRB5) +#if defined(KRB5) if (do_kerberos) { if (do_encrypt) { error = getaddrinfo(NULL, "ekshell", &hints, &ai); @@ -1022,7 +938,7 @@ main(int argc, char **argv) snprintf(portstr, sizeof(portstr), "%d", 545); error = getaddrinfo(NULL, portstr, &hints, &ai); } - if(error) + if(error) errx (1, "getaddrinfo: %s", gai_strerror (error)); } else { error = getaddrinfo(NULL, "kshell", &hints, &ai); @@ -1030,7 +946,7 @@ main(int argc, char **argv) snprintf(portstr, sizeof(portstr), "%d", 544); error = getaddrinfo(NULL, portstr, &hints, &ai); } - if(error) + if(error) errx (1, "getaddrinfo: %s", gai_strerror (error)); } } else @@ -1041,18 +957,18 @@ main(int argc, char **argv) snprintf(portstr, sizeof(portstr), "%d", 514); error = getaddrinfo(NULL, portstr, &hints, &ai); } - if(error) + if(error) errx (1, "getaddrinfo: %s", gai_strerror (error)); } } - mini_inetd_addrinfo (ai); + mini_inetd_addrinfo (ai, NULL); freeaddrinfo(ai); } if (do_keepalive && setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, (char *)&on, sizeof(on)) < 0) - syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); + syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %s", strerror(errno)); /* set SO_LINGER? */ diff --git a/appl/rsh/rshd.cat8 b/appl/rsh/rshd.cat8 new file mode 100644 index 000000000000..571a0122e95e --- /dev/null +++ b/appl/rsh/rshd.cat8 @@ -0,0 +1,79 @@ + +RSHD(8) BSD System Manager's Manual RSHD(8) + +NNAAMMEE + rrsshhdd -- remote shell server + +SSYYNNOOPPSSIISS + rrsshhdd [--aaiikkllnnvvxxPPLL] [--pp _p_o_r_t] + +DDEESSCCRRIIPPTTIIOONN + rrsshhdd is the server for the rsh(1) program. It provides an authenticated + remote command execution service. Supported options are: + + --nn, ----nnoo--kkeeeeppaalliivvee + Disables keep-alive messages. Keep-alives are packets sent at + certain intervals to make sure that the client is still there, + even when it doesn't send any data. + + --kk, ----kkeerrbbeerrooss + Assume that clients connecting to this server will use some form + of Kerberos authentication. See the _E_X_A_M_P_L_E_S section for a sample + inetd.conf(5) configuration. + + --xx, ----eennccrryypptt + For Kerberos 4 this means that the connections are encrypted. + Kerberos 5 can negotiate encryption even without this option, but + if it's present rrsshhdd will deny unencrypted connections. This + option implies --kk. + + --vv, ----vvaaccuuoouuss + If the connecting client does not use any Kerberised authentica- + tion, print a message that complains about this fact, and exit. + This is helpful if you want to move away from old port-based + authentication. + + --PP When using the AFS filesystem, users' authentication tokens are + put in something called a PAG (Process Authentication Group). + Multiple processes can share a PAG, but normally each login ses- + sion has its own PAG. This option disables the sseettppaagg() call, so + all tokens will be put in the default (uid-based) PAG, making it + possible to share tokens between sessions. This is only useful in + peculiar environments, such as some batch systems. + + --ii, ----nnoo--iinneettdd + The --ii option will cause rrsshhdd to create a socket, instead of + assuming that its stdin came from inetd(8). This is mostly use- + ful for debugging. + + --pp _p_o_r_t, ----ppoorrtt==_p_o_r_t + Port to use with --ii. + + --aa This flag is for backwards compatibility only. + + --LL This flag enables logging of connections to syslogd(8). This + option is always on in this implementation. + +FFIILLEESS + /etc/hosts.equiv + ~/.rhosts + +EEXXAAMMPPLLEESS + The following can be used to enable Kerberised rsh in inetd.cond(5), + while disabling non-Kerberised connections: + + shell stream tcp nowait root /usr/libexec/rshd rshd -v + kshell stream tcp nowait root /usr/libexec/rshd rshd -k + ekshell stream tcp nowait root /usr/libexec/rshd rshd -kx + +SSEEEE AALLSSOO + rsh(1), iruserok(3) + +HHIISSTTOORRYY + The rrsshhdd command appeared in 4.2BSD. + +AAUUTTHHOORRSS + This implementation of rrsshhdd was written as part of the Heimdal Kerberos 5 + implementation. + +HEIMDAL November 22, 2002 HEIMDAL diff --git a/appl/su/ChangeLog b/appl/su/ChangeLog index 591eadac47ca..6e2e569265fb 100644 --- a/appl/su/ChangeLog +++ b/appl/su/ChangeLog @@ -1,18 +1,24 @@ -2007-10-19 Love Hörnquist Åstrand +2008-07-15 Love Hörnquist Ã…strand + + * Makefile.am: no krb4 + + * su.c: Drop kerberos 4 support. + +2007-10-19 Love Hörnquist Ã…strand * su.c: read environment from _PATH_ETC_ENVIRONMENT * supaths.c: paths -2007-08-02 Love Hörnquist Åstrand +2007-08-02 Love Hörnquist Ã…strand * su.c: Check all local realms when su-ing, from Magnus Holmberg. -2007-06-19 Love Hörnquist Åstrand +2007-06-19 Love Hörnquist Ã…strand * su.c: If not root and not setuid, print warning. -2006-01-17 Love Hörnquist Åstrand +2006-01-17 Love Hörnquist Ã…strand * su.c (group_member_p): rename from group_member to avoid name pollution from glibc headers. Fixed based on report from David Love. @@ -21,16 +27,16 @@ * su.c: fix reversed logic when deciding to print tty or not -2005-10-22 Love Hörnquist Åstrand +2005-10-22 Love Hörnquist Ã…strand * su.c: Check return value from asprintf instead of string != NULL - since it undefined behavior on Linux. From Björn Sandell + since it undefined behavior on Linux. From Björn Sandell 2005-05-10 Dave Love * su.c: Include . -2003-09-03 Love Hörnquist Åstrand +2003-09-03 Love Hörnquist Ã…strand * su.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ @@ -39,7 +45,7 @@ * su.c: remove accidentally committed code that prints the command being executed -2003-03-18 Love Hörnquist Åstrand +2003-03-18 Love Hörnquist Ã…strand * su.c (krb5_start_session): krb5_afslog doesn't depend on KRB4 any more diff --git a/appl/su/Makefile.am b/appl/su/Makefile.am index 91e0ee3d48ee..892bcaf4237d 100644 --- a/appl/su/Makefile.am +++ b/appl/su/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 21986 2007-10-19 05:22:57Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -11,9 +11,8 @@ man_MANS = su.1 LDADD = $(LIB_kafs) \ $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) diff --git a/appl/su/Makefile.in b/appl/su/Makefile.in index 0159272bc721..70c9f476dc68 100644 --- a/appl/su/Makefile.in +++ b/appl/su/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 21986 2007-10-19 05:22:57Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,7 +47,7 @@ bin_PROGRAMS = su$(EXEEXT) subdir = appl/su ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -60,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -74,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -84,14 +89,14 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) am_su_OBJECTS = su.$(OBJEXT) su_OBJECTS = $(am_su_OBJECTS) @@ -101,11 +106,10 @@ am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ $(am__DEPENDENCIES_1) su_DEPENDENCIES = $(am__DEPENDENCIES_2) \ $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = + $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -117,6 +121,27 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(su_SOURCES) DIST_SOURCES = $(su_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man1dir = $(mandir)/man1 MANS = $(man_MANS) ETAGS = etags @@ -126,49 +151,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -192,10 +226,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -212,6 +247,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -227,31 +264,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -266,10 +317,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -310,58 +363,61 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) $(INCLUDE_hcrypto) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_krb4) $(INCLUDE_hcrypto) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la bin_SUIDS = su su_SOURCES = su.c supaths.h man_MANS = su.1 LDADD = $(LIB_kafs) \ $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/su/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/su/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/su/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/su/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -379,34 +435,50 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list su$(EXEEXT): $(su_OBJECTS) $(su_DEPENDENCIES) @rm -f su$(EXEEXT) $(LINK) $(su_OBJECTS) $(su_LDADD) $(LIBS) @@ -417,115 +489,139 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/su.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) +install-man1: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + uninstall-man1: @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -541,13 +637,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -582,6 +682,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -591,6 +692,7 @@ clean: clean-am clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -601,6 +703,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -608,26 +712,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man1 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -647,11 +760,10 @@ ps-am: uninstall-am: uninstall-binPROGRAMS uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man1 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-binPROGRAMS clean-generic clean-libtool ctags \ @@ -738,6 +850,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -823,7 +938,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -836,6 +951,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/su/NTMakefile b/appl/su/NTMakefile new file mode 100644 index 000000000000..7afe814fa651 --- /dev/null +++ b/appl/su/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\su + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/su/su.1 b/appl/su/su.1 index 76f4dc5d4552..b57129e07dd6 100644 --- a/appl/su/su.1 +++ b/appl/su/su.1 @@ -1,35 +1,35 @@ -.\" Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: su.1 16528 2006-01-12 16:25:01Z joda $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd January 12, 2006 .Dt SU 1 @@ -39,16 +39,16 @@ .Nd substitute user identity .Sh SYNOPSIS .Nm su -.Op Fl K | Fl -no-kerberos +.Op Fl K | Fl Fl no-kerberos .Op Fl f -.Op Fl l | Fl -full +.Op Fl l | Fl Fl full .Op Fl m .Oo Fl i Ar instance \*(Ba Xo -.Fl -instance= Ns Ar instance +.Fl Fl instance= Ns Ar instance .Xc .Oc .Oo Fl c Ar command \*(Ba Xo -.Fl -command= Ns Ar command +.Fl Fl command= Ns Ar command .Xc .Oc .Op Ar login Op Ar "shell arguments" @@ -59,25 +59,25 @@ user wanting to change effective UID is present in a file named .Pa .k5login in the target user id's home directory .Pp -A special case exists where +A special case exists where .Ql root Ap s .Pa ~/.k5login needs to contain an entry for: .Ql user Ns / Ns Ao instance Ac Ns @ Ns REALM for .Nm su -to succed (where +to succed (where .Aq instance is .Ql root -unless changed with +unless changed with .Fl i ) . .Pp In the absence of either an entry for current user in said file or -other problems like missing +other problems like missing .Ql host/hostname@REALM keys in the system's -keytab, or user typing the wrong password, +keytab, or user typing the wrong password, .Nm su will fall back to traditional .Pa /etc/passwd @@ -86,7 +86,7 @@ authentication. When using .Pa /etc/passwd authentication, -.Nm su +.Nm su allows .Ql root access only to members of the group @@ -100,24 +100,24 @@ The options are as follows: .Bl -item -width Ds .It .Fl K , -.Fl -no-kerberos +.Fl Fl no-kerberos don't use Kerberos. .It .Fl f don't read .cshrc. .It .Fl l , -.Fl -full +.Fl Fl full simulate full login. .It .Fl m leave environment unmodified. .It .Fl i Ar instance , -.Fl -instance= Ns Ar instance +.Fl Fl instance= Ns Ar instance root instance to use. .It .Fl c Ar command , -.Fl -command= Ns Ar command +.Fl Fl command= Ns Ar command command to execute. .El diff --git a/appl/su/su.c b/appl/su/su.c index fc21595216b6..882ecfaedf97 100644 --- a/appl/su/su.c +++ b/appl/su/su.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,7 +32,7 @@ #include -RCSID("$Id: su.c 21988 2007-10-19 05:36:54Z lha $"); +RCSID("$Id$"); #include #include @@ -57,9 +57,6 @@ RCSID("$Id: su.c 21988 2007-10-19 05:36:54Z lha $"); #ifdef KRB5 #include #endif -#ifdef KRB4 -#include -#endif #include #include #include @@ -67,6 +64,10 @@ RCSID("$Id: su.c 21988 2007-10-19 05:36:54Z lha $"); #include "supaths.h" +#if !HAVE_DECL_ENVIRON +extern char **environ; +#endif + int kerberos_flag = 1; int csh_f_flag; int full_login; @@ -137,26 +138,6 @@ dup_info(const struct passwd *pwd) return info; } -#if defined(KRB4) || defined(KRB5) -static void -set_tkfile() -{ -#ifndef TKT_ROOT -#define TKT_ROOT "/tmp/tkt" -#endif - int fd; - if(*tkfile != '\0') - return; - snprintf(tkfile, sizeof(tkfile), "%s_XXXXXX", TKT_ROOT); - fd = mkstemp(tkfile); - if(fd >= 0) - close(fd); -#ifdef KRB4 - krb_set_tkt_string(tkfile); -#endif -} -#endif - #ifdef KRB5 static krb5_context context; static krb5_ccache ccache; @@ -171,7 +152,7 @@ krb5_verify(const struct passwd *login_info, krb5_realm *realms, *r; char *login_name = NULL; int user_ok = 0; - + #if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) login_name = getlogin(); #endif @@ -182,35 +163,35 @@ krb5_verify(const struct passwd *login_info, #endif return 1; } - + ret = krb5_get_default_realms(context, &realms); - if (ret) + if (ret) return 1; /* Check all local realms */ for (r = realms; *r != NULL && !user_ok; r++) { - - if (login_name == NULL || strcmp (login_name, "root") == 0) + + if (login_name == NULL || strcmp (login_name, "root") == 0) login_name = login_info->pw_name; if (strcmp (su_info->pw_name, "root") == 0) - ret = krb5_make_principal(context, &p, *r, + ret = krb5_make_principal(context, &p, *r, login_name, kerberos_instance, NULL); else - ret = krb5_make_principal(context, &p, *r, + ret = krb5_make_principal(context, &p, *r, su_info->pw_name, NULL); if (ret) { krb5_free_host_realm(context, realms); return 1; } - + /* if we are su-ing too root, check with krb5_kuserok */ if (su_info->pw_uid == 0 && !krb5_kuserok(context, p, su_info->pw_name)) continue; - - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &ccache); + + ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, &ccache); if(ret) { krb5_free_host_realm(context, realms); krb5_free_principal (context, p); @@ -249,109 +230,40 @@ krb5_start_session(void) char *cc_name; int ret; - ret = krb5_cc_gen_new(context, &krb5_fcc_ops, &ccache2); + ret = krb5_cc_new_unique(context, krb5_cc_type_file, NULL, &ccache2); if (ret) { krb5_cc_destroy(context, ccache); return 1; } ret = krb5_cc_copy_cache(context, ccache, ccache2); + if (ret) { + krb5_cc_destroy(context, ccache); + krb5_cc_destroy(context, ccache2); + return 1; + } ret = asprintf(&cc_name, "%s:%s", krb5_cc_get_type(context, ccache2), krb5_cc_get_name(context, ccache2)); - if (ret == -1) + if (ret == -1) { + krb5_cc_destroy(context, ccache); + krb5_cc_destroy(context, ccache2); errx(1, "malloc - out of memory"); + } esetenv("KRB5CCNAME", cc_name, 1); - /* we want to export this even if we don't directly support KRB4 */ - set_tkfile(); - esetenv("KRBTKFILE", tkfile, 1); - /* convert creds? */ if(k_hasafs()) { if (k_setpag() == 0) krb5_afslog(context, ccache2, NULL, NULL); } - + krb5_cc_close(context, ccache2); krb5_cc_destroy(context, ccache); return 0; } #endif -#ifdef KRB4 - -static int -krb_verify(const struct passwd *login_info, - const struct passwd *su_info, - const char *kerberos_instance) -{ - int ret; - char *login_name = NULL; - char *name, *instance, realm[REALM_SZ]; - -#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) - login_name = getlogin(); -#endif - - ret = krb_get_lrealm(realm, 1); - - if (login_name == NULL || strcmp (login_name, "root") == 0) - login_name = login_info->pw_name; - if (strcmp (su_info->pw_name, "root") == 0) { - name = login_name; - instance = (char*)kerberos_instance; - } else { - name = su_info->pw_name; - instance = ""; - } - - if(su_info->pw_uid != 0 || - krb_kuserok(name, instance, realm, su_info->pw_name) == 0) { - char password[128]; - char *prompt; - ret = asprintf (&prompt, - "%s's Password: ", - krb_unparse_name_long (name, instance, realm)); - if (ret == -1) - return (1); - if (UI_UTIL_read_pw_string (password, sizeof (password), prompt, 0)) { - memset (password, 0, sizeof (password)); - free(prompt); - return (1); - } - free(prompt); - if (strlen(password) == 0) - return (1); /* Empty passwords are not allowed */ - set_tkfile(); - setuid(geteuid()); /* need to run as root here */ - ret = krb_verify_user(name, instance, realm, password, - KRB_VERIFY_SECURE, NULL); - memset(password, 0, sizeof(password)); - - if(ret) { - warnx("%s", krb_get_err_text(ret)); - return 1; - } - chown (tkt_string(), su_info->pw_uid, su_info->pw_gid); - return 0; - } - return 1; -} - - -static int -krb_start_session(void) -{ - esetenv("KRBTKFILE", tkfile, 1); - - /* convert creds? */ - if(k_hasafs() && k_setpag() == 0) - krb_afslog(NULL, NULL); - - return 0; -} -#endif #define GROUP_MEMBER 0 #define GROUP_MISSING 1 @@ -425,7 +337,6 @@ main(int argc, char **argv) char *shell; int ok = 0; - int kerberos_error=1; setprogname (argv[0]); @@ -437,7 +348,7 @@ main(int argc, char **argv) full_login = 1; break; } - + if(help_flag) usage(0); if(version_flag) { @@ -450,7 +361,7 @@ main(int argc, char **argv) su_user = argv[optind++]; if (!issuid() && getuid() != 0) - warnx("Not setuid and you are root, expect this to fail"); + warnx("Not setuid and you are not root, expect this to fail"); pwd = k_getpwnam(su_user); if(pwd == NULL) @@ -462,7 +373,7 @@ main(int argc, char **argv) su_info = dup_info(pwd); if (su_info == NULL) errx (1, "malloc: out of memory"); - + pwd = getpwuid(getuid()); if(pwd == NULL) errx(1, "who are you?"); @@ -475,18 +386,13 @@ main(int argc, char **argv) shell = su_info->pw_shell; if(shell == NULL || *shell == '\0') shell = _PATH_BSHELL; - + #ifdef KRB5 if(kerberos_flag && ok == 0 && - (kerberos_error=krb5_verify(login_info, su_info, kerberos_instance)) == 0) + krb5_verify(login_info, su_info, kerberos_instance) == 0) ok = 5; #endif -#ifdef KRB4 - if(kerberos_flag && ok == 0 && - (kerberos_error = krb_verify(login_info, su_info, kerberos_instance)) == 0) - ok = 4; -#endif if(ok == 0 && login_info->pw_uid && verify_unix(login_info, su_info) != 0) { printf("Sorry!\n"); @@ -496,24 +402,24 @@ main(int argc, char **argv) #ifdef HAVE_GETSPNAM { struct spwd *sp; long today; - + sp = getspnam(su_info->pw_name); if (sp != NULL) { today = time(0)/(24L * 60 * 60); if (sp->sp_expire > 0) { if (today >= sp->sp_expire) { - if (login_info->pw_uid) + if (login_info->pw_uid) errx(1,"Your account has expired."); else printf("Your account has expired."); } - else if (sp->sp_expire - today < 14) + else if (sp->sp_expire - today < 14) printf("Your account will expire in %d days.\n", (int)(sp->sp_expire - today)); - } + } if (sp->sp_max > 0) { if (today >= sp->sp_lstchg + sp->sp_max) { - if (login_info->pw_uid) + if (login_info->pw_uid) errx(1,"Your password has expired. Choose a new one."); else printf("Your password has expired. Choose a new one."); @@ -547,6 +453,8 @@ main(int argc, char **argv) for (j = 0; j < i; j++) { char *p = strchr(newenv[j], '='); + if (p == NULL) + errx(1, "enviroment '%s' missing '='", newenv[j]); *p++ = 0; esetenv (newenv[j], p, 1); } @@ -590,15 +498,15 @@ main(int argc, char **argv) if (cmd) { args[i++] = "-c"; args[i++] = cmd; - } - + } + if (csh_f_flag) args[i++] = "-f"; for (argv += optind; *argv; ++argv) args[i++] = *argv; args[i] = NULL; - + if(setgid(su_info->pw_gid) < 0) err(1, "setgid"); if (initgroups (su_info->pw_name, su_info->pw_gid) < 0) @@ -611,12 +519,8 @@ main(int argc, char **argv) if (ok == 5) krb5_start_session(); #endif -#ifdef KRB4 - if (ok == 4) - krb_start_session(); -#endif - execv(shell, args); + execve(shell, args, environ); } - + exit(1); } diff --git a/appl/su/su.cat1 b/appl/su/su.cat1 new file mode 100644 index 000000000000..d8e4092b1fe9 --- /dev/null +++ b/appl/su/su.cat1 @@ -0,0 +1,44 @@ + +SU(1) BSD General Commands Manual SU(1) + +NNAAMMEE + ssuu -- substitute user identity + +SSYYNNOOPPSSIISS + ssuu [--KK | ----nnoo--kkeerrbbeerrooss] [--ff] [--ll | ----ffuullll] [--mm] [--ii _i_n_s_t_a_n_c_e | + ----iinnssttaannccee==_i_n_s_t_a_n_c_e] [--cc _c_o_m_m_a_n_d | ----ccoommmmaanndd==_c_o_m_m_a_n_d] [_l_o_g_i_n [_s_h_e_l_l + _a_r_g_u_m_e_n_t_s]] + +DDEESSCCRRIIPPTTIIOONN + ssuu will use Kerberos authentication provided that an instance for the + user wanting to change effective UID is present in a file named _._k_5_l_o_g_i_n + in the target user id's home directory + + A special case exists where `root's' _~_/_._k_5_l_o_g_i_n needs to contain an entry + for: `user/@REALM' for ssuu to succed (where is `root' + unless changed with --ii). + + In the absence of either an entry for current user in said file or other + problems like missing `host/hostname@REALM' keys in the system's keytab, + or user typing the wrong password, ssuu will fall back to traditional + _/_e_t_c_/_p_a_s_s_w_d authentication. + + When using _/_e_t_c_/_p_a_s_s_w_d authentication, ssuu allows `root' access only to + members of the group `wheel', or to any user (with knowledge of the + `root' password) if that group does not exist, or has no members. + + The options are as follows: + + --KK, ----nnoo--kkeerrbbeerrooss don't use Kerberos. + + --ff don't read .cshrc. + + --ll, ----ffuullll simulate full login. + + --mm leave environment unmodified. + + --ii _i_n_s_t_a_n_c_e, ----iinnssttaannccee==_i_n_s_t_a_n_c_e root instance to use. + + --cc _c_o_m_m_a_n_d, ----ccoommmmaanndd==_c_o_m_m_a_n_d command to execute. + +HEIMDAL January 12, 2006 HEIMDAL diff --git a/appl/su/supaths.h b/appl/su/supaths.h index c12a0c7b748d..9e03a04e42ad 100644 --- a/appl/su/supaths.h +++ b/appl/su/supaths.h @@ -1,34 +1,34 @@ /* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /* $Id$ */ diff --git a/appl/telnet/ChangeLog b/appl/telnet/ChangeLog index 473ab6b05738..2d30af8e3dd5 100644 --- a/appl/telnet/ChangeLog +++ b/appl/telnet/ChangeLog @@ -1,20 +1,47 @@ -2007-12-31 Love Hörnquist Åstrand +2008-04-27 Love Hörnquist Ã…strand + + * libtelnet/enc_des.c: Use RAND_bytes() + DES_is_weak_key() to + generate random DES key. Introdunce random by feeding the des + session key into the random pool when the keys is recived instead + of encrypt the random key with the kerberos key. + + This avoid depenency on DES_new_random_key() that doesn't exists + in OpenSSL. + +2008-04-18 Love Hörnquist Ã…strand + + * libtelnet/enc_des.c: No need to call + DES_init_random_number_generator, hcrypto is sane now. + + * libtelnet/enc_des.c: Use DES_new_random_key(). + +2008-04-10 Love Hörnquist Ã…strand + + * telnetd/sys_term.c: Really, mac os uses wtmpx (or asl). + +2008-03-09 Love Hörnquist Ã…strand + + * telnetd/sys_term.c: Dont need to set this as the controlling PTY + on steams sockets, don't abort on failure. From Harald Barth and + Ian Delahorne. + +2007-12-31 Love Hörnquist Ã…strand * telnetd/sys_term.c: Use strlcpy instead of strncpy, thanks to Antoine Brodin. -2007-07-31 Love Hörnquist Åstrand +2007-07-31 Love Hörnquist Ã…strand * telnetd/telnetd.c (usage): use exit_code, add --version and --help. * telnetd/telnetd.c: Add --help, reported by David Love. -2007-07-30 Love Hörnquist Åstrand +2007-07-30 Love Hörnquist Ã…strand * telnet/main.c: Catch --help, reported by David Love. -2007-07-12 Love Hörnquist Åstrand +2007-07-12 Love Hörnquist Ã…strand * telnetd/sys_term.c: GLIBC made the choice that ut_tv should be shared between 32 and 64 bit platforms so now we can no longer use @@ -22,7 +49,7 @@ pointer (gettimeofday for example) since ut_tv is now not a struct timeval but rather a struct { int32_t tv_sec; int32_t tv_usec; }; -2006-10-21 Love Hörnquist Åstrand +2006-10-21 Love Hörnquist Ã…strand * telnet/telnet_locl.h: Include roken.h before the local headerfiles. @@ -36,13 +63,13 @@ * telnetd/telnetd.h: includes some STREAMSPTY header here to avoid ioctl vs socket_wrapper horror. -2006-10-20 Love Hörnquist Åstrand +2006-10-20 Love Hörnquist Ã…strand * telnet/Makefile.am: more files * telnetd/Makefile.am: more files -2006-09-19 Love Hörnquist Åstrand +2006-09-19 Love Hörnquist Ã…strand * telnetd/telnetd.8: Add documentation for -e, require encryption. @@ -54,50 +81,50 @@ * telnetd/state.c: If encryption is required, don't allow it to be turned off. -2006-09-04 Love Hörnquist Åstrand +2006-09-04 Love Hörnquist Ã…strand * libtelnet/kerberos5.c (kerberos5_forward): use KDCOptions2int on flags before passing them to krb5_get_forwarded_creds. -2006-05-05 Love Hörnquist Åstrand +2006-05-05 Love Hörnquist Ã…strand * Rename u_intXX_t to uintXX_t -2006-03-23 Love Hörnquist Åstrand +2006-03-23 Love Hörnquist Ã…strand * libtelnet/encrypt.c: Spelling. -2005-12-01 Love Hörnquist Åstrand +2005-12-01 Love Hörnquist Ã…strand * telnetd/telnetd.c: Initialize the slc mapping table before its used. Based on bug report from Russell Sanford -2005-11-03 Love Hörnquist Åstrand +2005-11-03 Love Hörnquist Ã…strand * telnet/telnet.c: Spelling in comments, from Dave Love -2005-10-31 Love Hörnquist Åstrand +2005-10-31 Love Hörnquist Ã…strand * libtelnet/kerberos5.c (Data): Use right variable. From Tomas Olsson -2005-10-22 Love Hörnquist Åstrand +2005-10-22 Love Hörnquist Ã…strand * telnet/commands.c: Check return value from asprintf instead of - string != NULL since it undefined behavior on Linux. From Björn + string != NULL since it undefined behavior on Linux. From Björn Sandell * libtelnet/kerberos5.c: Check return value from asprintf instead - of string != NULL since it undefined behavior on Linux. From Björn + of string != NULL since it undefined behavior on Linux. From Björn Sandell * libtelnet/kerberos.c: Check return value from asprintf instead - of string != NULL since it undefined behavior on Linux. From Björn + of string != NULL since it undefined behavior on Linux. From Björn Sandell -2005-08-08 Love Hörnquist Åstrand +2005-08-08 Love Hörnquist Ã…strand * telnetd/telnetd.c: Fix printing of /etc/issue{,.net}. @@ -115,7 +142,7 @@ * libtelnet/kerberos.c: Do not assume that des_key_schedule is an array. -2005-05-27 Love Hörnquist Åstrand +2005-05-27 Love Hörnquist Ã…strand * libtelnet/kerberos5.c: case uid_t to unsigned long in printf format @@ -123,7 +150,7 @@ * telnetd/sys_term.c (set_termbuf): use {} around if to make else unambiguous -2005-05-20 Love Hörnquist Åstrand +2005-05-20 Love Hörnquist Ã…strand * telnetd/sys_term.c (start_login): put utmpx code into a new scope to avoid pre c99 problems. @@ -153,33 +180,33 @@ * telnetd/sys_term.c (getpty): Declare p. -2005-04-25 Love Hörnquist Åstrand +2005-04-25 Love Hörnquist Ã…strand * telnetd/telnetd.c: use strlcpy -2005-04-24 Love Hörnquist Åstrand +2005-04-24 Love Hörnquist Ã…strand * telnetd/global.c, telnetd/state.c, telnetd/telnetd.c, telentd/ext.h: remove another strcpy -2005-04-19 Love Hörnquist Åstrand +2005-04-19 Love Hörnquist Ã…strand * telnetd/sys_term.c: rewrite getpty to make use openpty when its found, save the slave fd so that cleanopen can use it if its available -2005-04-07 Love Hörnquist Åstrand +2005-04-07 Love Hörnquist Ã…strand * telnetd/sys_term.c: clean_ttyname might be unused, mark it so with __attribute__ -2005-04-06 Love Hörnquist Åstrand +2005-04-06 Love Hörnquist Ã…strand * telnetd/sys_term.c: use NULL as last argument to execl, not 0 * telnet/commands.c: use NULL as last argument to execl, not 0 -2005-03-29 Love Hörnquist Åstrand +2005-03-29 Love Hörnquist Ã…strand * telnet/telnet.c: From FreeBSD: @@ -205,20 +232,20 @@ These fixes are based in part on patches Submitted by: Solar Designer -2005-03-23 Love Hörnquist Åstrand +2005-03-23 Love Hörnquist Ã…strand * telnetd/telnetd.c: remove setting of DES_check_key, all code uses DES_set_key_checked * libtelnet/enc_des.c: use DES_set_key_checked -2005-01-09 Love Hörnquist Åstrand +2005-01-09 Love Hörnquist Ã…strand * telnet/telnet.c: cast argument to toupper to unsigned char * telnet/commands.c: cast argument to is* to unsigned char -2004-06-20 Love Hörnquist Åstrand +2004-06-20 Love Hörnquist Ã…strand * telnet/network.c: make network rings larger From: MAAAAA MOOOR @@ -229,19 +256,19 @@ * libtelnet/kerberos5.c (Data): allocate the data needed to be send From: MAAAAA MOOOR -2004-04-02 Love Hörnquist Åstrand +2004-04-02 Love Hörnquist Ã…strand * telnet/main.c: make encrypt, forwardable, forward use appdefault (that also searches libdefaults), prompted by Thomas Nystrom -2004-03-22 Love Hörnquist Åstrand +2004-03-22 Love Hörnquist Ã…strand * telnetd/telnetd.c: call setprogname to make libvers happy * telnet/main.c: call setprogname to make libvers happy -2003-09-25 Love Hörnquist Åstrand +2003-09-25 Love Hörnquist Ã…strand * telnet/externs.h: export Scheduler and scheduler_lockout_tty @@ -251,13 +278,13 @@ * telnet/authenc.c (telnet_spin): if Scheduler() returns failure (-1) propagate to higher level -2003-09-03 Love Hörnquist Åstrand +2003-09-03 Love Hörnquist Ã…strand * telnetd/telnetd.c: use new DES_ api * libtelnet/enc_des.c: use new DES_ api -2003-04-22 Love Hörnquist Åstrand +2003-04-22 Love Hörnquist Ã…strand * telnet/telnet.1: replace <,> with \*[Lt],\*[Gt] diff --git a/appl/telnet/Makefile.am b/appl/telnet/Makefile.am index 61f0e86aecb9..db43430aa7e1 100644 --- a/appl/telnet/Makefile.am +++ b/appl/telnet/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 5652 1999-03-20 13:58:20Z joda $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -8,4 +8,4 @@ dist-hook: $(mkinstalldirs) $(distdir)/arpa $(INSTALL_DATA) $(srcdir)/arpa/telnet.h $(distdir)/arpa -EXTRA_DIST = README.ORIG telnet.state +EXTRA_DIST = NTMakefile README.ORIG telnet.state diff --git a/appl/telnet/Makefile.in b/appl/telnet/Makefile.in index 83dc3744649e..815e1aed4a18 100644 --- a/appl/telnet/Makefile.in +++ b/appl/telnet/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +15,16 @@ @SET_MAKE@ -# $Id: Makefile.am 5652 1999-03-20 13:58:20Z joda $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -43,7 +45,7 @@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ subdir = appl/telnet ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -58,7 +60,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -72,9 +74,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -82,14 +87,13 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = +CONFIG_CLEAN_VPATH_FILES = SOURCES = DIST_SOURCES = RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ @@ -101,57 +105,94 @@ RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ ps-recursive uninstall-recursive RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive +AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \ + $(RECURSIVE_CLEAN_TARGETS:-recursive=) tags TAGS ctags CTAGS \ + distdir ETAGS = etags CTAGS = ctags DIST_SUBDIRS = $(SUBDIRS) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -175,10 +216,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -195,6 +237,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -210,31 +254,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -249,10 +307,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -293,48 +353,53 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la SUBDIRS = libtelnet telnet telnetd -EXTRA_DIST = README.ORIG telnet.state +EXTRA_DIST = NTMakefile README.ORIG telnet.state all: all-recursive .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/telnet/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/telnet/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/telnet/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/telnet/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -352,6 +417,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): mostlyclean-libtool: -rm -f *.lo @@ -366,7 +432,7 @@ clean-libtool: # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. $(RECURSIVE_TARGETS): - @failcom='exit 1'; \ + @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ *=* | --[!k]*);; \ @@ -383,7 +449,7 @@ $(RECURSIVE_TARGETS): else \ local_target="$$target"; \ fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ @@ -391,7 +457,7 @@ $(RECURSIVE_TARGETS): fi; test -z "$$fail" $(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ + @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ *=* | --[!k]*);; \ @@ -417,16 +483,16 @@ $(RECURSIVE_CLEAN_TARGETS): else \ local_target="$$target"; \ fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ done ctags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ done ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) @@ -434,14 +500,14 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ include_option=--etags-include; \ @@ -453,39 +519,43 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -506,29 +576,44 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test -d "$(distdir)/$$subdir" \ || $(MKDIR_P) "$(distdir)/$$subdir" \ || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ am__remove_distdir=: \ am__skip_length_check=: \ + am__skip_mode_fix=: \ distdir) \ || exit 1; \ fi; \ @@ -562,6 +647,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -580,6 +666,8 @@ dvi-am: html: html-recursive +html-am: + info: info-recursive info-am: @@ -587,23 +675,31 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-recursive +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-recursive +install-html-am: + install-info: install-info-recursive +install-info-am: + install-man: install-pdf: install-pdf-recursive +install-pdf-am: + install-ps: install-ps-recursive +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-recursive @@ -625,9 +721,9 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am +.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) check-am \ + ctags-recursive install-am install-data-am install-exec-am \ + install-strip tags-recursive uninstall-am .PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ all all-am all-local check check-am check-local clean \ @@ -713,6 +809,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -798,7 +897,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -815,6 +914,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) dist-hook: $(mkinstalldirs) $(distdir)/arpa $(INSTALL_DATA) $(srcdir)/arpa/telnet.h $(distdir)/arpa + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/telnet/NTMakefile b/appl/telnet/NTMakefile new file mode 100644 index 000000000000..38031e713fe7 --- /dev/null +++ b/appl/telnet/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\telnet + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/telnet/libtelnet/Makefile.am b/appl/telnet/libtelnet/Makefile.am index 60786baa62dc..66571d5dbd78 100644 --- a/appl/telnet/libtelnet/Makefile.am +++ b/appl/telnet/libtelnet/Makefile.am @@ -1,8 +1,8 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -AM_CPPFLAGS += -I$(srcdir)/.. $(INCLUDE_krb4) $(INCLUDE_hcrypto) +AM_CPPFLAGS += -I$(srcdir)/.. $(INCLUDE_hcrypto) noinst_LIBRARIES = libtelnet.a @@ -15,10 +15,9 @@ libtelnet_a_SOURCES = \ encrypt.c \ encrypt.h \ genget.c \ - kerberos.c \ kerberos5.c \ misc-proto.h \ misc.c \ misc.h -EXTRA_DIST = krb4encpwd.c rsaencpwd.c spx.c +EXTRA_DIST = NTMakefile rsaencpwd.c spx.c diff --git a/appl/telnet/libtelnet/Makefile.in b/appl/telnet/libtelnet/Makefile.in index cb00e59e5ff5..37a22963396e 100644 --- a/appl/telnet/libtelnet/Makefile.in +++ b/appl/telnet/libtelnet/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -44,7 +46,7 @@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ subdir = appl/telnet/libtelnet ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -59,7 +61,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -73,9 +75,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -83,23 +88,24 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = LIBRARIES = $(noinst_LIBRARIES) ARFLAGS = cru libtelnet_a_AR = $(AR) $(ARFLAGS) libtelnet_a_LIBADD = am_libtelnet_a_OBJECTS = auth.$(OBJEXT) enc_des.$(OBJEXT) \ - encrypt.$(OBJEXT) genget.$(OBJEXT) kerberos.$(OBJEXT) \ - kerberos5.$(OBJEXT) misc.$(OBJEXT) + encrypt.$(OBJEXT) genget.$(OBJEXT) kerberos5.$(OBJEXT) \ + misc.$(OBJEXT) libtelnet_a_OBJECTS = $(am_libtelnet_a_OBJECTS) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -118,49 +124,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -184,10 +199,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -204,6 +220,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -219,31 +237,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -258,10 +290,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -302,30 +336,34 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -I$(srcdir)/.. $(INCLUDE_krb4) $(INCLUDE_hcrypto) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) -I$(srcdir)/.. $(INCLUDE_hcrypto) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la noinst_LIBRARIES = libtelnet.a libtelnet_a_SOURCES = \ @@ -337,29 +375,28 @@ libtelnet_a_SOURCES = \ encrypt.c \ encrypt.h \ genget.c \ - kerberos.c \ kerberos5.c \ misc-proto.h \ misc.c \ misc.h -EXTRA_DIST = krb4encpwd.c rsaencpwd.c spx.c +EXTRA_DIST = NTMakefile rsaencpwd.c spx.c all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/telnet/libtelnet/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/telnet/libtelnet/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/telnet/libtelnet/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/telnet/libtelnet/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -377,6 +414,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -391,14 +429,33 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auth.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/enc_des.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/encrypt.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/genget.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kerberos5.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo @@ -411,45 +468,49 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -470,13 +531,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -508,6 +573,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -518,6 +584,7 @@ clean-am: clean-generic clean-libtool clean-noinstLIBRARIES \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -528,6 +595,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -535,26 +604,35 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -574,9 +652,8 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-generic clean-libtool clean-noinstLIBRARIES ctags \ @@ -661,6 +738,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -746,7 +826,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -759,6 +839,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/telnet/libtelnet/NTMakefile b/appl/telnet/libtelnet/NTMakefile new file mode 100644 index 000000000000..25da4ec4deff --- /dev/null +++ b/appl/telnet/libtelnet/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\telnet\libtelnet + +!include ../../../windows/NTMakefile.w32 + diff --git a/appl/telnet/libtelnet/auth-proto.h b/appl/telnet/libtelnet/auth-proto.h index 4f2e2457bb03..511a5ab712e1 100644 --- a/appl/telnet/libtelnet/auth-proto.h +++ b/appl/telnet/libtelnet/auth-proto.h @@ -40,7 +40,7 @@ * to require a specific license from the United States Government. * It is the responsibility of any person or organization contemplating * export to obtain such a license before exporting. - * + * * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and * distribute this software and its documentation for any purpose and * without fee is hereby granted, provided that the above copyright @@ -53,7 +53,7 @@ * or implied warranty. */ -/* $Id: auth-proto.h 11288 2002-08-28 20:56:14Z joda $ */ +/* $Id$ */ #ifdef AUTHENTICATION Authenticator *findauthenticator (int, int); @@ -61,7 +61,7 @@ Authenticator *findauthenticator (int, int); int auth_wait (char *, size_t); void auth_disable_name (char *); void auth_finished (Authenticator *, int); -void auth_gen_printsub (unsigned char *, int, unsigned char *, int); +void auth_gen_printsub (unsigned char *, size_t, unsigned char *, size_t); void auth_init (const char *, int); void auth_is (unsigned char *, int); void auth_name(unsigned char*, int); @@ -69,7 +69,7 @@ void auth_reply (unsigned char *, int); void auth_request (void); void auth_send (unsigned char *, int); void auth_send_retry (void); -void auth_printsub(unsigned char*, int, unsigned char*, int); +void auth_printsub(unsigned char*, size_t, unsigned char*, size_t); int getauthmask(char *type, int *maskp); int auth_enable(char *type); int auth_disable(char *type); @@ -78,8 +78,6 @@ int auth_togdebug(int on); int auth_status(void); int auth_sendname(unsigned char *cp, int len); void auth_debug(int mode); -void auth_gen_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen); #ifdef UNSAFE int unsafe_init (Authenticator *, int); @@ -87,7 +85,7 @@ int unsafe_send (Authenticator *); void unsafe_is (Authenticator *, unsigned char *, int); void unsafe_reply (Authenticator *, unsigned char *, int); int unsafe_status (Authenticator *, char *, int); -void unsafe_printsub (unsigned char *, int, unsigned char *, int); +void unsafe_printsub (unsigned char *, size_t, unsigned char *, size_t); #endif #ifdef SRA @@ -96,18 +94,7 @@ int sra_send (Authenticator *); void sra_is (Authenticator *, unsigned char *, int); void sra_reply (Authenticator *, unsigned char *, int); int sra_status (Authenticator *, char *, int); -void sra_printsub (unsigned char *, int, unsigned char *, int); -#endif - -#ifdef KRB4 -int kerberos4_init (Authenticator *, int); -int kerberos4_send_mutual (Authenticator *); -int kerberos4_send_oneway (Authenticator *); -void kerberos4_is (Authenticator *, unsigned char *, int); -void kerberos4_reply (Authenticator *, unsigned char *, int); -int kerberos4_status (Authenticator *, char *, size_t, int); -void kerberos4_printsub (unsigned char *, int, unsigned char *, int); -int kerberos4_forward(Authenticator *ap, void *); +void sra_printsub (unsigned char *, size_t, unsigned char *, size_t); #endif #ifdef KRB5 @@ -117,7 +104,7 @@ int kerberos5_send_oneway (Authenticator *); void kerberos5_is (Authenticator *, unsigned char *, int); void kerberos5_reply (Authenticator *, unsigned char *, int); int kerberos5_status (Authenticator *, char *, size_t, int); -void kerberos5_printsub (unsigned char *, int, unsigned char *, int); +void kerberos5_printsub (unsigned char *, size_t, unsigned char *, size_t); int kerberos5_set_forward(int); int kerberos5_set_forwardable(int); #endif diff --git a/appl/telnet/libtelnet/auth.c b/appl/telnet/libtelnet/auth.c index 13253034d176..1c01245d18b0 100644 --- a/appl/telnet/libtelnet/auth.c +++ b/appl/telnet/libtelnet/auth.c @@ -53,7 +53,7 @@ #include -RCSID("$Id: auth.c 10809 2002-01-18 12:58:49Z joda $"); +RCSID("$Id$"); #if defined(AUTHENTICATION) #include @@ -81,15 +81,6 @@ RCSID("$Id: auth.c 10809 2002-01-18 12:58:49Z joda $"); #define typemask(x) (1<<((x)-1)) -#ifdef KRB4_ENCPWD -extern krb4encpwd_init(); -extern krb4encpwd_send(); -extern krb4encpwd_is(); -extern krb4encpwd_reply(); -extern krb4encpwd_status(); -extern krb4encpwd_printsub(); -#endif - #ifdef RSA_ENCPWD extern rsaencpwd_init(); extern rsaencpwd_send(); @@ -166,31 +157,6 @@ Authenticator authenticators[] = { kerberos5_status, kerberos5_printsub }, #endif -#ifdef KRB4 - { AUTHTYPE_KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL, - kerberos4_init, - kerberos4_send_mutual, - kerberos4_is, - kerberos4_reply, - kerberos4_status, - kerberos4_printsub }, - { AUTHTYPE_KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - kerberos4_init, - kerberos4_send_oneway, - kerberos4_is, - kerberos4_reply, - kerberos4_status, - kerberos4_printsub }, -#endif -#ifdef KRB4_ENCPWD - { AUTHTYPE_KRB4_ENCPWD, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL, - krb4encpwd_init, - krb4encpwd_send, - krb4encpwd_is, - krb4encpwd_reply, - krb4encpwd_status, - krb4encpwd_printsub }, -#endif #ifdef RSA_ENCPWD { AUTHTYPE_RSA_ENCPWD, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, rsaencpwd_init, @@ -627,7 +593,8 @@ auth_debug(int mode) } void -auth_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) +auth_printsub(unsigned char *data, size_t cnt, + unsigned char *buf, size_t buflen) { Authenticator *ap; @@ -638,7 +605,8 @@ auth_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) } void -auth_gen_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) +auth_gen_printsub(unsigned char *data, size_t cnt, + unsigned char *buf, size_t buflen) { unsigned char *cp; unsigned char tbuf[16]; diff --git a/appl/telnet/libtelnet/auth.h b/appl/telnet/libtelnet/auth.h index 924881588af3..bb793459d1b5 100644 --- a/appl/telnet/libtelnet/auth.h +++ b/appl/telnet/libtelnet/auth.h @@ -53,7 +53,7 @@ * or implied warranty. */ -/* $Id: auth.h 5027 1998-06-09 19:25:40Z joda $ */ +/* $Id$ */ #ifndef __AUTH__ #define __AUTH__ @@ -72,7 +72,7 @@ typedef struct XauthP { void (*is) (struct XauthP *, unsigned char *, int); void (*reply) (struct XauthP *, unsigned char *, int); int (*status) (struct XauthP *, char *, size_t, int); - void (*printsub) (unsigned char *, int, unsigned char *, int); + void (*printsub) (unsigned char *, size_t, unsigned char *, size_t); } Authenticator; #include "auth-proto.h" diff --git a/appl/telnet/libtelnet/enc-proto.h b/appl/telnet/libtelnet/enc-proto.h index a40893bb8d36..b3e909bcffa3 100644 --- a/appl/telnet/libtelnet/enc-proto.h +++ b/appl/telnet/libtelnet/enc-proto.h @@ -55,7 +55,7 @@ * or implied warranty. */ -/* $Id: enc-proto.h 10809 2002-01-18 12:58:49Z joda $ */ +/* $Id$ */ #if defined(ENCRYPTION) Encryptions *findencryption (int); @@ -81,12 +81,12 @@ void encrypt_dec_keyid(unsigned char*, int); void encrypt_display(void); void encrypt_enc_keyid(unsigned char*, int); void encrypt_end(void); -void encrypt_gen_printsub(unsigned char*, int, unsigned char*, int); +void encrypt_gen_printsub(unsigned char*, size_t, unsigned char*, size_t); void encrypt_init(const char*, int); void encrypt_is(unsigned char*, int); void encrypt_list_types(void); void encrypt_not(void); -void encrypt_printsub(unsigned char*, int, unsigned char*, int); +void encrypt_printsub(unsigned char*, size_t, unsigned char*, size_t); void encrypt_reply(unsigned char*, int); void encrypt_request_end(void); void encrypt_request_start(unsigned char*, int); @@ -118,7 +118,7 @@ int cfb64_is (unsigned char *, int); int cfb64_reply (unsigned char *, int); void cfb64_session (Session_Key *, int); int cfb64_keyid (int, unsigned char *, int *); -void cfb64_printsub (unsigned char *, int, unsigned char *, int); +void cfb64_printsub (unsigned char *, size_t, unsigned char *, size_t); void ofb64_encrypt (unsigned char *, int); int ofb64_decrypt (int); @@ -128,6 +128,6 @@ int ofb64_is (unsigned char *, int); int ofb64_reply (unsigned char *, int); void ofb64_session (Session_Key *, int); int ofb64_keyid (int, unsigned char *, int *); -void ofb64_printsub (unsigned char *, int, unsigned char *, int); +void ofb64_printsub (unsigned char *, size_t, unsigned char *, size_t); #endif diff --git a/appl/telnet/libtelnet/enc_des.c b/appl/telnet/libtelnet/enc_des.c index 13dd9daf38e0..9b1a5d36c6b0 100644 --- a/appl/telnet/libtelnet/enc_des.c +++ b/appl/telnet/libtelnet/enc_des.c @@ -33,7 +33,7 @@ #include -RCSID("$Id: enc_des.c 14681 2005-03-23 16:19:31Z lha $"); +RCSID("$Id$"); #if defined(AUTHENTICATION) && defined(ENCRYPTION) && defined(DES_ENCRYPTION) #include @@ -83,7 +83,6 @@ struct fb { int need_start; int state[2]; int keyid[2]; - int once; struct stinfo streams[2]; }; @@ -124,8 +123,8 @@ int fb64_reply (unsigned char *, int, struct fb *); static void fb64_session (Session_Key *, int, struct fb *); void fb64_stream_key (DES_cblock, struct stinfo *); int fb64_keyid (int, unsigned char *, int *, struct fb *); -void fb64_printsub(unsigned char *, int , - unsigned char *, int , char *); +void fb64_printsub(unsigned char *, size_t , + unsigned char *, size_t , char *); void cfb64_init(int server) { @@ -210,22 +209,13 @@ static int fb64_start(struct fb *fbp, int dir, int server) /* * Create a random feed and send it over. */ -#ifndef OLD_DES_RANDOM_KEY - DES_random_key(&fbp->temp_feed); -#else - /* - * From des_cryp.man "If the des_check_key flag is non-zero, - * des_set_key will check that the key passed is - * of odd parity and is not a week or semi-weak key." - */ do { - DES_random_key(fbp->temp_feed); - DES_set_odd_parity(fbp->temp_feed); - } while (DES_is_weak_key(fbp->temp_feed)); -#endif - DES_ecb_encrypt(&fbp->temp_feed, - &fbp->temp_feed, - &fbp->krbdes_sched, 1); + if (RAND_bytes(fbp->temp_feed, + sizeof(*fbp->temp_feed)) != 1) + abort(); + DES_set_odd_parity(&fbp->temp_feed); + } while(DES_is_weak_key(&fbp->temp_feed)); + p = fbp->fb_feed + 3; *p++ = ENCRYPT_IS; p++; @@ -405,18 +395,13 @@ static void fb64_session(Session_Key *key, int server, struct fb *fbp) fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_ENCRYPT-1]); fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_DECRYPT-1]); - if (fbp->once == 0) { -#if !defined(OLD_DES_RANDOM_KEY) && !defined(HAVE_OPENSSL) - DES_init_random_number_generator(&fbp->krbdes_key); -#endif - fbp->once = 1; - } + RAND_seed(key->data, key->length); + DES_set_key_checked((DES_cblock *)&fbp->krbdes_key, &fbp->krbdes_sched); /* - * Now look to see if krbdes_start() was was waiting for - * the key to show up. If so, go ahead an call it now - * that we have the key. + * Now look to see if krbdes_start() was waiting for the key to + * show up. If so, go ahead an call it now that we have the key. */ if (fbp->need_start) { fbp->need_start = 0; @@ -456,8 +441,8 @@ int fb64_keyid(int dir, unsigned char *kp, int *lenp, struct fb *fbp) return(fbp->state[dir-1] = state); } -void fb64_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen, char *type) +void fb64_printsub(unsigned char *data, size_t cnt, + unsigned char *buf, size_t buflen, char *type) { char lbuf[32]; int i; @@ -497,14 +482,14 @@ void fb64_printsub(unsigned char *data, int cnt, } } -void cfb64_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen) +void cfb64_printsub(unsigned char *data, size_t cnt, + unsigned char *buf, size_t buflen) { fb64_printsub(data, cnt, buf, buflen, "CFB64"); } -void ofb64_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen) +void ofb64_printsub(unsigned char *data, size_t cnt, + unsigned char *buf, size_t buflen) { fb64_printsub(data, cnt, buf, buflen, "OFB64"); } @@ -540,7 +525,7 @@ void fb64_stream_key(DES_cblock key, struct stinfo *stp) * INPUT --(--------->(+)+---> DATA * | | * +-------------+ - * + * * * Given: * iV: Initial vector, 64 bits (8 bytes) long. @@ -596,7 +581,7 @@ int cfb64_decrypt(int data) DES_ecb_encrypt(&stp->str_output,&b, &stp->str_sched, 1); memcpy(stp->str_feed, b, sizeof(DES_cblock)); stp->str_index = 1; /* Next time will be 1 */ - index = 0; /* But now use 0 */ + index = 0; /* But now use 0 */ } /* On decryption we store (data) which is cypher. */ @@ -665,7 +650,7 @@ int ofb64_decrypt(int data) DES_ecb_encrypt(&stp->str_feed,&b,&stp->str_sched, 1); memcpy(stp->str_feed, b, sizeof(DES_cblock)); stp->str_index = 1; /* Next time will be 1 */ - index = 0; /* But now use 0 */ + index = 0; /* But now use 0 */ } return(data ^ stp->str_feed[index]); diff --git a/appl/telnet/libtelnet/encrypt.c b/appl/telnet/libtelnet/encrypt.c index 04dbe83d5c5e..68e8bd686e81 100644 --- a/appl/telnet/libtelnet/encrypt.c +++ b/appl/telnet/libtelnet/encrypt.c @@ -54,16 +54,13 @@ #include -RCSID("$Id: encrypt.c 16802 2006-03-23 19:36:31Z lha $"); +RCSID("$Id$"); #if defined(ENCRYPTION) #define ENCRYPT_NAMES #include -#include "encrypt.h" -#include "misc.h" - #include #include #include @@ -72,6 +69,9 @@ RCSID("$Id: encrypt.c 16802 2006-03-23 19:36:31Z lha $"); #include #endif +#include "encrypt.h" +#include "misc.h" + /* * These functions pointers point to the current routines @@ -108,7 +108,7 @@ static long i_support_encrypt = typemask(ENCTYPE_DES_CFB64) static Encryptions encryptions[] = { #if defined(DES_ENCRYPTION) { "DES_CFB64", ENCTYPE_DES_CFB64, - cfb64_encrypt, + cfb64_encrypt, cfb64_decrypt, cfb64_init, cfb64_start, @@ -118,7 +118,7 @@ static long i_support_encrypt = typemask(ENCTYPE_DES_CFB64) cfb64_keyid, cfb64_printsub }, { "DES_OFB64", ENCTYPE_DES_OFB64, - ofb64_encrypt, + ofb64_encrypt, ofb64_decrypt, ofb64_init, ofb64_start, @@ -388,7 +388,7 @@ encrypt_display(void) ENCTYPE_NAME(encrypt_mode)); else printf("Currently not encrypting output\r\n"); - + if (decrypt_input) printf("Currently decrypting input with %s\r\n", ENCTYPE_NAME(decrypt_mode)); @@ -411,7 +411,7 @@ EncryptStatus(void) ENCTYPE_NAME(encrypt_mode)); } else printf("Currently not encrypting output\r\n"); - + if (decrypt_input) { printf("Currently decrypting input with %s\r\n", ENCTYPE_NAME(decrypt_mode)); @@ -714,7 +714,7 @@ encrypt_request_end(void) * Called when ENCRYPT REQUEST-START is received. If we receive * this before a type is picked, then that indicates that the * other side wants us to start encrypting data as soon as we - * can. + * can. */ void encrypt_request_start(unsigned char *data, int cnt) @@ -841,7 +841,7 @@ encrypt_start_output(int type) i = (*ep->start)(DIR_ENCRYPT, Server); if (encrypt_debug_mode) { printf(">>>%s: Encrypt start: %s (%d) %s\r\n", - Name, + Name, (i < 0) ? "failed" : "initial negotiation in progress", i, ENCTYPE_NAME(type)); @@ -965,8 +965,8 @@ encrypt_debug(int mode) encrypt_debug_mode = mode; } -void encrypt_gen_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen) +void encrypt_gen_printsub(unsigned char *data, size_t cnt, + unsigned char *buf, size_t buflen) { char tbuf[16], *cp; @@ -986,7 +986,8 @@ void encrypt_gen_printsub(unsigned char *data, int cnt, } void -encrypt_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) +encrypt_printsub(unsigned char *data, size_t cnt, + unsigned char *buf, size_t buflen) { Encryptions *ep; int type = data[1]; diff --git a/appl/telnet/libtelnet/encrypt.h b/appl/telnet/libtelnet/encrypt.h index 814491cb423f..3b2785c3f46b 100644 --- a/appl/telnet/libtelnet/encrypt.h +++ b/appl/telnet/libtelnet/encrypt.h @@ -55,7 +55,7 @@ * or implied warranty. */ -/* $Id: encrypt.h 11444 2002-09-10 20:03:49Z joda $ */ +/* $Id$ */ #ifndef __ENCRYPT__ #define __ENCRYPT__ @@ -85,7 +85,7 @@ typedef struct { int (*reply) (unsigned char *, int); void (*session) (Session_Key *, int); int (*keyid) (int, unsigned char *, int *); - void (*printsub) (unsigned char *, int, unsigned char *, int); + void (*printsub) (unsigned char *, size_t, unsigned char *, size_t); } Encryptions; #define SK_DES 1 /* Matched Kerberos v5 KEYTYPE_DES */ diff --git a/appl/telnet/libtelnet/genget.c b/appl/telnet/libtelnet/genget.c index 5785314f41b5..c5ab9e18847e 100644 --- a/appl/telnet/libtelnet/genget.c +++ b/appl/telnet/libtelnet/genget.c @@ -32,11 +32,14 @@ */ #include +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#include #include "misc-proto.h" -RCSID("$Id: genget.c 10646 2001-09-03 05:54:18Z assar $"); +RCSID("$Id$"); -#include #define LOWER(x) (isupper(x) ? tolower(x) : (x)) /* @@ -72,7 +75,7 @@ char ** genget(char *name, char **table, int stlen) /* name to match */ /* name entry in table */ - + { char **c, **found; int n; diff --git a/appl/telnet/libtelnet/kerberos.c b/appl/telnet/libtelnet/kerberos.c deleted file mode 100644 index 1c86fe298514..000000000000 --- a/appl/telnet/libtelnet/kerberos.c +++ /dev/null @@ -1,723 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -RCSID("$Id: kerberos.c 22071 2007-11-14 20:04:50Z lha $"); - -#ifdef KRB4 -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_ARPA_TELNET_H -#include -#endif -#include -#include -#include -#include -#include -#include -#ifdef SOCKS -#include -#endif - - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" - -int kerberos4_cksum (unsigned char *, int); -extern int auth_debug_mode; - -static unsigned char str_data[2048] = { IAC, SB, TELOPT_AUTHENTICATION, 0, - AUTHTYPE_KERBEROS_V4, }; - -#define KRB_AUTH 0 /* Authentication data follows */ -#define KRB_REJECT 1 /* Rejected (reason might follow) */ -#define KRB_ACCEPT 2 /* Accepted */ -#define KRB_CHALLENGE 3 /* Challenge for mutual auth. */ -#define KRB_RESPONSE 4 /* Response for mutual auth. */ - -#define KRB_FORWARD 5 /* */ -#define KRB_FORWARD_ACCEPT 6 /* */ -#define KRB_FORWARD_REJECT 7 /* */ - -#define KRB_SERVICE_NAME "rcmd" - -static KTEXT_ST auth; -static char name[ANAME_SZ]; -static AUTH_DAT adat; -static des_cblock session_key; -static des_cblock cred_session; -static des_key_schedule sched; -static des_cblock challenge; -static int auth_done; /* XXX */ - -static int pack_cred(CREDENTIALS *cred, unsigned char *buf); -static int unpack_cred(unsigned char *buf, int len, CREDENTIALS *cred); - - -static int -Data(Authenticator *ap, int type, const void *d, int c) -{ - unsigned char *p = str_data + 4; - const unsigned char *cd = (const unsigned char *)d; - - if (c == -1) - c = strlen((const char *)cd); - - if (auth_debug_mode) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - *p++ = type; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &str_data[2], p - (&str_data[2])); - return(telnet_net_write(str_data, p - str_data)); -} - -int -kerberos4_init(Authenticator *ap, int server) -{ - FILE *fp; - - if (server) { - str_data[3] = TELQUAL_REPLY; - if ((fp = fopen(KEYFILE, "r")) == NULL) - return(0); - fclose(fp); - } else { - str_data[3] = TELQUAL_IS; - } - return(1); -} - -char dst_realm_buf[REALM_SZ], *dest_realm = NULL; -int dst_realm_sz = REALM_SZ; - -static int -kerberos4_send(char *name, Authenticator *ap) -{ - KTEXT_ST auth; - char instance[INST_SZ]; - char *realm; - CREDENTIALS cred; - int r; - - if (!UserNameRequested) { - if (auth_debug_mode) { - printf("Kerberos V4: no user name supplied\r\n"); - } - return(0); - } - - memset(instance, 0, sizeof(instance)); - - strlcpy (instance, - krb_get_phost(RemoteHostName), - INST_SZ); - - realm = dest_realm ? dest_realm : krb_realmofhost(RemoteHostName); - - if (!realm) { - printf("Kerberos V4: no realm for %s\r\n", RemoteHostName); - return(0); - } - printf("[ Trying %s (%s.%s@%s) ... ]\r\n", name, - KRB_SERVICE_NAME, instance, realm); - r = krb_mk_req(&auth, KRB_SERVICE_NAME, instance, realm, 0L); - if (r) { - printf("mk_req failed: %s\r\n", krb_get_err_text(r)); - return(0); - } - r = krb_get_cred(KRB_SERVICE_NAME, instance, realm, &cred); - if (r) { - printf("get_cred failed: %s\r\n", krb_get_err_text(r)); - return(0); - } - if (!auth_sendname((unsigned char*)UserNameRequested, - strlen(UserNameRequested))) { - if (auth_debug_mode) - printf("Not enough room for user name\r\n"); - return(0); - } - if (auth_debug_mode) - printf("Sent %d bytes of authentication data\r\n", auth.length); - if (!Data(ap, KRB_AUTH, (void *)auth.dat, auth.length)) { - if (auth_debug_mode) - printf("Not enough room for authentication data\r\n"); - return(0); - } -#ifdef ENCRYPTION - /* create challenge */ - if ((ap->way & AUTH_HOW_MASK)==AUTH_HOW_MUTUAL) { - int i; - - des_key_sched(&cred.session, sched); - memcpy (&cred_session, &cred.session, sizeof(cred_session)); -#ifndef HAVE_OPENSSL - des_init_random_number_generator(&cred.session); -#endif - des_new_random_key(&session_key); - des_ecb_encrypt(&session_key, &session_key, sched, 0); - des_ecb_encrypt(&session_key, &challenge, sched, 0); - - /* - old code - Some CERT Advisory thinks this is a bad thing... - - des_init_random_number_generator(&cred.session); - des_new_random_key(&challenge); - des_ecb_encrypt(&challenge, &session_key, sched, 1); - */ - - /* - * Increment the challenge by 1, and encrypt it for - * later comparison. - */ - for (i = 7; i >= 0; --i) - if(++challenge[i] != 0) /* No carry! */ - break; - des_ecb_encrypt(&challenge, &challenge, sched, 1); - } - -#endif - - if (auth_debug_mode) { - printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length)); - printd(auth.dat, auth.length); - printf("\r\n"); - printf("Sent Kerberos V4 credentials to server\r\n"); - } - return(1); -} -int -kerberos4_send_mutual(Authenticator *ap) -{ - return kerberos4_send("mutual KERBEROS4", ap); -} - -int -kerberos4_send_oneway(Authenticator *ap) -{ - return kerberos4_send("KERBEROS4", ap); -} - -void -kerberos4_is(Authenticator *ap, unsigned char *data, int cnt) -{ - struct sockaddr_in addr; - char realm[REALM_SZ]; - char instance[INST_SZ]; - int r; - socklen_t addr_len; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB_AUTH: - if (krb_get_lrealm(realm, 1) != KSUCCESS) { - Data(ap, KRB_REJECT, (void *)"No local V4 Realm.", -1); - auth_finished(ap, AUTH_REJECT); - if (auth_debug_mode) - printf("No local realm\r\n"); - return; - } - memmove(auth.dat, data, auth.length = cnt); - if (auth_debug_mode) { - printf("Got %d bytes of authentication data\r\n", cnt); - printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length)); - printd(auth.dat, auth.length); - printf("\r\n"); - } - k_getsockinst(0, instance, sizeof(instance)); - addr_len = sizeof(addr); - if(getpeername(0, (struct sockaddr *)&addr, &addr_len) < 0) { - if(auth_debug_mode) - printf("getpeername failed\r\n"); - Data(ap, KRB_REJECT, "getpeername failed", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - if (addr.sin_family != AF_INET) { - if (auth_debug_mode) - printf("unknown address family: %d\r\n", addr.sin_family); - Data(ap, KRB_REJECT, "bad address family", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - - r = krb_rd_req(&auth, KRB_SERVICE_NAME, - instance, addr.sin_addr.s_addr, &adat, ""); - if (r) { - if (auth_debug_mode) - printf("Kerberos failed him as %s\r\n", name); - Data(ap, KRB_REJECT, (void *)krb_get_err_text(r), -1); - auth_finished(ap, AUTH_REJECT); - return; - } - /* save the session key */ - memmove(session_key, adat.session, sizeof(adat.session)); - krb_kntoln(&adat, name); - - if (UserNameRequested && !kuserok(&adat, UserNameRequested)){ - char ts[MaxPathLen]; - struct passwd *pw = getpwnam(UserNameRequested); - - if(pw){ - snprintf(ts, sizeof(ts), - "%s%u", - TKT_ROOT, - (unsigned)pw->pw_uid); - esetenv("KRBTKFILE", ts, 1); - - if (pw->pw_uid == 0) - syslog(LOG_INFO|LOG_AUTH, - "ROOT Kerberos login from %s on %s\n", - krb_unparse_name_long(adat.pname, - adat.pinst, - adat.prealm), - RemoteHostName); - } - Data(ap, KRB_ACCEPT, NULL, 0); - } else { - char *msg; - int ret; - - ret = asprintf (&msg, "user `%s' is not authorized to " - "login as `%s'", - krb_unparse_name_long(adat.pname, - adat.pinst, - adat.prealm), - UserNameRequested ? UserNameRequested : ""); - if (ret == -1) - Data(ap, KRB_REJECT, NULL, 0); - else { - Data(ap, KRB_REJECT, (void *)msg, -1); - free(msg); - } - auth_finished(ap, AUTH_REJECT); - break; - } - auth_finished(ap, AUTH_USER); - break; - - case KRB_CHALLENGE: -#ifndef ENCRYPTION - Data(ap, KRB_RESPONSE, NULL, 0); -#else - if(!VALIDKEY(session_key)){ - Data(ap, KRB_RESPONSE, NULL, 0); - break; - } - des_key_sched(&session_key, sched); - { - des_cblock d_block; - int i; - Session_Key skey; - - memmove(d_block, data, sizeof(d_block)); - - /* make a session key for encryption */ - des_ecb_encrypt(&d_block, &session_key, sched, 1); - skey.type=SK_DES; - skey.length=8; - skey.data=session_key; - encrypt_session_key(&skey, 1); - - /* decrypt challenge, add one and encrypt it */ - des_ecb_encrypt(&d_block, &challenge, sched, 0); - for (i = 7; i >= 0; i--) - if(++challenge[i] != 0) - break; - des_ecb_encrypt(&challenge, &challenge, sched, 1); - Data(ap, KRB_RESPONSE, (void *)challenge, sizeof(challenge)); - } -#endif - break; - - case KRB_FORWARD: - { - des_key_schedule ks; - unsigned char netcred[sizeof(CREDENTIALS)]; - CREDENTIALS cred; - int ret; - if(cnt > sizeof(cred)) - abort(); - - memcpy (session_key, adat.session, sizeof(session_key)); - des_set_key(&session_key, ks); - des_pcbc_encrypt((void*)data, (void*)netcred, cnt, - ks, &session_key, DES_DECRYPT); - unpack_cred(netcred, cnt, &cred); - { - if(strcmp(cred.service, KRB_TICKET_GRANTING_TICKET) || - strncmp(cred.instance, cred.realm, sizeof(cred.instance)) || - cred.lifetime < 0 || cred.lifetime > 255 || - cred.kvno < 0 || cred.kvno > 255 || - cred.issue_date < 0 || - cred.issue_date > time(0) + CLOCK_SKEW || - strncmp(cred.pname, adat.pname, sizeof(cred.pname)) || - strncmp(cred.pinst, adat.pinst, sizeof(cred.pinst))){ - Data(ap, KRB_FORWARD_REJECT, "Bad credentials", -1); - }else{ - if((ret = tf_setup(&cred, - cred.pname, - cred.pinst)) == KSUCCESS){ - struct passwd *pw = getpwnam(UserNameRequested); - - if (pw) - chown(tkt_string(), pw->pw_uid, pw->pw_gid); - Data(ap, KRB_FORWARD_ACCEPT, 0, 0); - } else{ - Data(ap, KRB_FORWARD_REJECT, - krb_get_err_text(ret), -1); - } - } - } - memset(data, 0, cnt); - memset(&ks, 0, sizeof(ks)); - memset(&cred, 0, sizeof(cred)); - } - - break; - - default: - if (auth_debug_mode) - printf("Unknown Kerberos option %d\r\n", data[-1]); - Data(ap, KRB_REJECT, 0, 0); - break; - } -} - -void -kerberos4_reply(Authenticator *ap, unsigned char *data, int cnt) -{ - Session_Key skey; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB_REJECT: - if(auth_done){ /* XXX Ick! */ - printf("[ Kerberos V4 received unknown opcode ]\r\n"); - }else{ - printf("[ Kerberos V4 refuses authentication "); - if (cnt > 0) - printf("because %.*s ", cnt, data); - printf("]\r\n"); - auth_send_retry(); - } - return; - case KRB_ACCEPT: - printf("[ Kerberos V4 accepts you ]\r\n"); - auth_done = 1; - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - /* - * Send over the encrypted challenge. - */ - Data(ap, KRB_CHALLENGE, session_key, - sizeof(session_key)); - des_ecb_encrypt(&session_key, &session_key, sched, 1); - skey.type = SK_DES; - skey.length = 8; - skey.data = session_key; - encrypt_session_key(&skey, 0); -#if 0 - kerberos4_forward(ap, &cred_session); -#endif - return; - } - auth_finished(ap, AUTH_USER); - return; - case KRB_RESPONSE: - /* make sure the response is correct */ - if ((cnt != sizeof(des_cblock)) || - (memcmp(data, challenge, sizeof(challenge)))){ - printf("[ Kerberos V4 challenge failed!!! ]\r\n"); - auth_send_retry(); - return; - } - printf("[ Kerberos V4 challenge successful ]\r\n"); - auth_finished(ap, AUTH_USER); - break; - case KRB_FORWARD_ACCEPT: - printf("[ Kerberos V4 accepted forwarded credentials ]\r\n"); - break; - case KRB_FORWARD_REJECT: - printf("[ Kerberos V4 rejected forwarded credentials: `%.*s']\r\n", - cnt, data); - break; - default: - if (auth_debug_mode) - printf("Unknown Kerberos option %d\r\n", data[-1]); - return; - } -} - -int -kerberos4_status(Authenticator *ap, char *name, size_t name_sz, int level) -{ - if (level < AUTH_USER) - return(level); - - if (UserNameRequested && !kuserok(&adat, UserNameRequested)) { - strlcpy(name, UserNameRequested, name_sz); - return(AUTH_VALID); - } else - return(AUTH_USER); -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - -void -kerberos4_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) -{ - int i; - - buf[buflen-1] = '\0'; /* make sure it's NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case KRB_REJECT: /* Rejected (reason might follow) */ - strlcpy((char *)buf, " REJECT ", buflen); - goto common; - - case KRB_ACCEPT: /* Accepted (name might follow) */ - strlcpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - case KRB_AUTH: /* Authentication data follows */ - strlcpy((char *)buf, " AUTH", buflen); - goto common2; - - case KRB_CHALLENGE: - strlcpy((char *)buf, " CHALLENGE", buflen); - goto common2; - - case KRB_RESPONSE: - strlcpy((char *)buf, " RESPONSE", buflen); - goto common2; - - default: - snprintf((char*)buf, buflen, " %d (unknown)", data[3]); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - snprintf((char*)buf, buflen, " %d", data[i]); - BUMP(buf, buflen); - } - break; - } -} - -int -kerberos4_cksum(unsigned char *d, int n) -{ - int ck = 0; - - /* - * A comment is probably needed here for those not - * well versed in the "C" language. Yes, this is - * supposed to be a "switch" with the body of the - * "switch" being a "while" statement. The whole - * purpose of the switch is to allow us to jump into - * the middle of the while() loop, and then not have - * to do any more switch()s. - * - * Some compilers will spit out a warning message - * about the loop not being entered at the top. - */ - switch (n&03) - while (n > 0) { - case 0: - ck ^= (int)*d++ << 24; - --n; - case 3: - ck ^= (int)*d++ << 16; - --n; - case 2: - ck ^= (int)*d++ << 8; - --n; - case 1: - ck ^= (int)*d++; - --n; - } - return(ck); -} - -static int -pack_cred(CREDENTIALS *cred, unsigned char *buf) -{ - unsigned char *p = buf; - - memcpy (p, cred->service, ANAME_SZ); - p += ANAME_SZ; - memcpy (p, cred->instance, INST_SZ); - p += INST_SZ; - memcpy (p, cred->realm, REALM_SZ); - p += REALM_SZ; - memcpy(p, cred->session, 8); - p += 8; - p += KRB_PUT_INT(cred->lifetime, p, 4, 4); - p += KRB_PUT_INT(cred->kvno, p, 4, 4); - p += KRB_PUT_INT(cred->ticket_st.length, p, 4, 4); - memcpy(p, cred->ticket_st.dat, cred->ticket_st.length); - p += cred->ticket_st.length; - p += KRB_PUT_INT(0, p, 4, 4); - p += KRB_PUT_INT(cred->issue_date, p, 4, 4); - memcpy (p, cred->pname, ANAME_SZ); - p += ANAME_SZ; - memcpy (p, cred->pinst, INST_SZ); - p += INST_SZ; - return p - buf; -} - -static int -unpack_cred(unsigned char *buf, int len, CREDENTIALS *cred) -{ - char *p = (char*)buf; - uint32_t tmp; - - strncpy (cred->service, p, ANAME_SZ); - cred->service[ANAME_SZ - 1] = '\0'; - p += ANAME_SZ; - strncpy (cred->instance, p, INST_SZ); - cred->instance[INST_SZ - 1] = '\0'; - p += INST_SZ; - strncpy (cred->realm, p, REALM_SZ); - cred->realm[REALM_SZ - 1] = '\0'; - p += REALM_SZ; - - memcpy(cred->session, p, 8); - p += 8; - p += krb_get_int(p, &tmp, 4, 0); - cred->lifetime = tmp; - p += krb_get_int(p, &tmp, 4, 0); - cred->kvno = tmp; - - p += krb_get_int(p, &cred->ticket_st.length, 4, 0); - memcpy(cred->ticket_st.dat, p, cred->ticket_st.length); - p += cred->ticket_st.length; - p += krb_get_int(p, &tmp, 4, 0); - cred->ticket_st.mbz = 0; - p += krb_get_int(p, (uint32_t *)&cred->issue_date, 4, 0); - - strncpy (cred->pname, p, ANAME_SZ); - cred->pname[ANAME_SZ - 1] = '\0'; - p += ANAME_SZ; - strncpy (cred->pinst, p, INST_SZ); - cred->pinst[INST_SZ - 1] = '\0'; - p += INST_SZ; - return 0; -} - - -int -kerberos4_forward(Authenticator *ap, void *v) -{ - des_cblock *key = (des_cblock *)v; - CREDENTIALS cred; - char *realm; - des_key_schedule ks; - int len; - unsigned char netcred[sizeof(CREDENTIALS)]; - int ret; - - realm = krb_realmofhost(RemoteHostName); - if(realm == NULL) - return -1; - memset(&cred, 0, sizeof(cred)); - ret = krb_get_cred(KRB_TICKET_GRANTING_TICKET, - realm, - realm, - &cred); - if(ret) - return ret; - des_set_key(key, ks); - len = pack_cred(&cred, netcred); - des_pcbc_encrypt((void*)netcred, (void*)netcred, len, - ks, key, DES_ENCRYPT); - memset(&ks, 0, sizeof(ks)); - Data(ap, KRB_FORWARD, netcred, len); - memset(netcred, 0, sizeof(netcred)); - return 0; -} - -#endif /* KRB4 */ - diff --git a/appl/telnet/libtelnet/kerberos5.c b/appl/telnet/libtelnet/kerberos5.c index cac80d059abf..93a40dfe7de4 100644 --- a/appl/telnet/libtelnet/kerberos5.c +++ b/appl/telnet/libtelnet/kerberos5.c @@ -53,7 +53,7 @@ #include -RCSID("$Id: kerberos5.c 22071 2007-11-14 20:04:50Z lha $"); +RCSID("$Id$"); #ifdef KRB5 @@ -132,10 +132,10 @@ Data(Authenticator *ap, int type, const void *d, int c) p0 = malloc(len); if (p0 == NULL) return 0; - + memcpy(p0, str_data, sizeof(str_data)); p = p0 + sizeof(str_data); - + if (auth_debug_mode) { printf("%s:%d: [%d] (%d)", str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", @@ -199,14 +199,14 @@ kerberos5_send(char *name, Authenticator *ap) int ap_opts; krb5_data cksum_data; char ap_msg[2]; - + if (!UserNameRequested) { if (auth_debug_mode) { printf("Kerberos V5: no user name supplied\r\n"); } return(0); } - + ret = krb5_cc_default(context, &ccache); if (ret) { if (auth_debug_mode) { @@ -215,14 +215,14 @@ kerberos5_send(char *name, Authenticator *ap) } return 0; } - + if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ap_opts = AP_OPTS_MUTUAL_REQUIRED; else ap_opts = 0; ap_opts |= AP_OPTS_USE_SUBKEY; - + ret = krb5_auth_con_init (context, &auth_context); if (ret) { if (auth_debug_mode) { @@ -244,7 +244,7 @@ kerberos5_send(char *name, Authenticator *ap) return(0); } - krb5_auth_con_setkeytype (context, auth_context, KEYTYPE_DES); + krb5_auth_con_setkeytype (context, auth_context, KRB5_ENCTYPE_DES_CBC_CRC); ap_msg[0] = ap->type; ap_msg[1] = ap->way; @@ -282,7 +282,7 @@ kerberos5_send(char *name, Authenticator *ap) } printf("[ Trying %s (%s)... ]\r\n", name, sname); ret = krb5_mk_req_exact(context, &auth_context, ap_opts, - service, + service, &cksum_data, ccache, &auth); krb5_free_principal (context, service); @@ -395,7 +395,7 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt) ret = krb5_rd_req(context, &auth_context, - &auth, + &auth, server, NULL, NULL, @@ -418,16 +418,16 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt) free (errbuf); return; } - + { char ap_msg[2]; - + ap_msg[0] = ap->type; ap_msg[1] = ap->way; - + ret = krb5_verify_authenticator_checksum(context, auth_context, - ap_msg, + ap_msg, sizeof(ap_msg)); if (ret) { @@ -435,7 +435,7 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt) char *errbuf; int ret2; - ret2 = asprintf(&errbuf, "Bad checksum: %s", + ret2 = asprintf(&errbuf, "Bad checksum: %s", krb5_get_err_text(context, ret)); if (ret2 != -1) errbuf2 = errbuf; @@ -489,6 +489,7 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt) log_message("Kerberos V5: " "krb5_mk_rep failed (%s)", krb5_get_err_text(context, ret)); + krb5_free_keyblock(context, key_block); return; } Data(ap, KRB_RESPONSE, outbuf.data, outbuf.length); @@ -501,7 +502,7 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt) UserNameRequested)) { Data(ap, KRB_ACCEPT, name, name ? -1 : 0); log_message("%s accepted as user %s from %s", - name ? name : "", + name ? name : "", UserNameRequested ? UserNameRequested : "", RemoteHostName ? RemoteHostName : ""); @@ -521,7 +522,7 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt) char *msg; ret = asprintf (&msg, "user `%s' is not authorized to " - "login as `%s'", + "login as `%s'", name ? name : "", UserNameRequested ? UserNameRequested : ""); if (ret != -1) @@ -530,12 +531,12 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt) if (ret != -1) free(msg); auth_finished (ap, AUTH_REJECT); - krb5_free_keyblock_contents(context, key_block); + krb5_free_keyblock(context, key_block); break; } auth_finished(ap, AUTH_USER); - krb5_free_keyblock_contents(context, key_block); - + krb5_free_keyblock(context, key_block); + break; case KRB_FORWARD: { struct passwd *pwd; @@ -627,7 +628,7 @@ kerberos5_reply(Authenticator *ap, unsigned char *data, int cnt) krb5_error_code ret; Session_Key skey; krb5_keyblock *keyblock; - + if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL && !mutual_complete) { printf("[ Kerberos V5 accepted you, but didn't provide mutual authentication! ]\r\n"); @@ -638,7 +639,7 @@ kerberos5_reply(Authenticator *ap, unsigned char *data, int cnt) printf("[ Kerberos V5 accepts you as ``%.*s'' ]\r\n", cnt, data); else printf("[ Kerberos V5 accepts you ]\r\n"); - + ret = krb5_auth_con_getlocalsubkey (context, auth_context, &keyblock); @@ -652,12 +653,12 @@ kerberos5_reply(Authenticator *ap, unsigned char *data, int cnt) auth_send_retry(); return; } - + skey.type = SK_DES; skey.length = 8; skey.data = keyblock->keyvalue.data; encrypt_session_key(&skey, 0); - krb5_free_keyblock_contents (context, keyblock); + krb5_free_keyblock (context, keyblock); auth_finished(ap, AUTH_USER); if (forward_flags & OPTS_FORWARD_CREDS) kerberos5_forward(ap); @@ -669,7 +670,7 @@ kerberos5_reply(Authenticator *ap, unsigned char *data, int cnt) krb5_ap_rep_enc_part *reply; krb5_data inbuf; krb5_error_code ret; - + inbuf.length = cnt; inbuf.data = (char *)data; @@ -722,7 +723,8 @@ kerberos5_status(Authenticator *ap, char *name, size_t name_sz, int level) #define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} void -kerberos5_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) +kerberos5_printsub(unsigned char *data, size_t cnt, + unsigned char *buf, size_t buflen) { int i; @@ -810,14 +812,13 @@ kerberos5_forward(Authenticator *ap) memset (&creds, 0, sizeof(creds)); creds.client = principal; - - ret = krb5_build_principal (context, - &creds.server, - strlen(principal->realm), - principal->realm, - "krbtgt", - principal->realm, - NULL); + + ret = krb5_make_principal(context, + &creds.server, + principal->realm, + "krbtgt", + principal->realm, + NULL); if (ret) { if (auth_debug_mode) diff --git a/appl/telnet/libtelnet/krb4encpwd.c b/appl/telnet/libtelnet/krb4encpwd.c deleted file mode 100644 index f14bc7da50f0..000000000000 --- a/appl/telnet/libtelnet/krb4encpwd.c +++ /dev/null @@ -1,436 +0,0 @@ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: krb4encpwd.c 22071 2007-11-14 20:04:50Z lha $"); - -#ifdef KRB4_ENCPWD -/* - * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION - * ALL RIGHTS RESERVED - * - * "Digital Equipment Corporation authorizes the reproduction, - * distribution and modification of this software subject to the following - * restrictions: - * - * 1. Any partial or whole copy of this software, or any modification - * thereof, must include this copyright notice in its entirety. - * - * 2. This software is supplied "as is" with no warranty of any kind, - * expressed or implied, for any purpose, including any warranty of fitness - * or merchantibility. DIGITAL assumes no responsibility for the use or - * reliability of this software, nor promises to provide any form of - * support for it on any basis. - * - * 3. Distribution of this software is authorized only if no profit or - * remuneration of any kind is received in exchange for such distribution. - * - * 4. This software produces public key authentication certificates - * bearing an expiration date established by DIGITAL and RSA Data - * Security, Inc. It may cease to generate certificates after the expiration - * date. Any modification of this software that changes or defeats - * the expiration date or its effect is unauthorized. - * - * 5. Software that will renew or extend the expiration date of - * authentication certificates produced by this software may be obtained - * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA - * 94065, (415)595-8782, or from DIGITAL" - * - */ - -#include -#include -#include -#include - -#include -#include -#include -#ifdef SOCKS -#include -#endif - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" - -int krb_mk_encpwd_req (KTEXT, char *, char *, char *, char *, char *, char *); -int krb_rd_encpwd_req (KTEXT, char *, char *, u_long, AUTH_DAT *, char *, char *, char *, char *); - -extern auth_debug_mode; - -static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, - AUTHTYPE_KRB4_ENCPWD, }; -static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION, - TELQUAL_NAME, }; - -#define KRB4_ENCPWD_AUTH 0 /* Authentication data follows */ -#define KRB4_ENCPWD_REJECT 1 /* Rejected (reason might follow) */ -#define KRB4_ENCPWD_ACCEPT 2 /* Accepted */ -#define KRB4_ENCPWD_CHALLENGE 3 /* Challenge for mutual auth. */ -#define KRB4_ENCPWD_ACK 4 /* Acknowledge */ - -#define KRB_SERVICE_NAME "rcmd" - -static KTEXT_ST auth; -static char name[ANAME_SZ]; -static char user_passwd[ANAME_SZ]; -static AUTH_DAT adat = { 0 }; -static des_key_schedule sched; -static char challenge[REALM_SZ]; - - static int -Data(ap, type, d, c) - Authenticator *ap; - int type; - void *d; - int c; -{ - unsigned char *p = str_data + 4; - unsigned char *cd = (unsigned char *)d; - - if (c == -1) - c = strlen(cd); - - if (0) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - *p++ = type; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &str_data[2], p - (&str_data[2])); - return(telnet_net_write(str_data, p - str_data)); -} - - int -krb4encpwd_init(ap, server) - Authenticator *ap; - int server; -{ - char hostname[80], *cp, *realm; - des_clock skey; - - if (server) { - str_data[3] = TELQUAL_REPLY; - } else { - str_data[3] = TELQUAL_IS; - gethostname(hostname, sizeof(hostname)); - realm = krb_realmofhost(hostname); - cp = strchr(hostname, '.'); - if (*cp != NULL) *cp = NULL; - if (read_service_key(KRB_SERVICE_NAME, hostname, realm, 0, - KEYFILE, (char *)skey)) { - return(0); - } - } - return(1); -} - - int -krb4encpwd_send(ap) - Authenticator *ap; -{ - - printf("[ Trying KRB4ENCPWD ... ]\r\n"); - if (!UserNameRequested) { - return(0); - } - if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) { - return(0); - } - - if (!Data(ap, KRB4_ENCPWD_ACK, NULL, 0)) { - return(0); - } - - return(1); -} - - void -krb4encpwd_is(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ - Session_Key skey; - des_cblock datablock; - char r_passwd[ANAME_SZ], r_user[ANAME_SZ]; - char lhostname[ANAME_SZ], *cp; - int r; - time_t now; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB4_ENCPWD_AUTH: - memmove(auth.dat, data, auth.length = cnt); - - gethostname(lhostname, sizeof(lhostname)); - if ((cp = strchr(lhostname, '.')) != 0) *cp = '\0'; - - if (r = krb_rd_encpwd_req(&auth, KRB_SERVICE_NAME, lhostname, 0, &adat, NULL, challenge, r_user, r_passwd)) { - Data(ap, KRB4_ENCPWD_REJECT, "Auth failed", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - auth_encrypt_userpwd(r_passwd); - if (passwdok(UserNameRequested, UserPassword) == 0) { - /* - * illegal username and password - */ - Data(ap, KRB4_ENCPWD_REJECT, "Illegal password", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - - memmove(session_key, adat.session, sizeof(des_cblock)); - Data(ap, KRB4_ENCPWD_ACCEPT, 0, 0); - auth_finished(ap, AUTH_USER); - break; - - case KRB4_ENCPWD_CHALLENGE: - /* - * Take the received random challenge text and save - * for future authentication. - */ - memmove(challenge, data, sizeof(des_cblock)); - break; - - - case KRB4_ENCPWD_ACK: - /* - * Receive ack, if mutual then send random challenge - */ - - /* - * If we are doing mutual authentication, get set up to send - * the challenge, and verify it when the response comes back. - */ - - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - int i; - - time(&now); - snprintf(challenge, sizeof(challenge), "%x", now); - Data(ap, KRB4_ENCPWD_CHALLENGE, challenge, strlen(challenge)); - } - break; - - default: - Data(ap, KRB4_ENCPWD_REJECT, 0, 0); - break; - } -} - - - void -krb4encpwd_reply(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ - Session_Key skey; - KTEXT_ST krb_token; - des_cblock enckey; - CREDENTIALS cred; - int r; - char randchal[REALM_SZ], instance[ANAME_SZ], *cp; - char hostname[80], *realm; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB4_ENCPWD_REJECT: - if (cnt > 0) { - printf("[ KRB4_ENCPWD refuses authentication because %.*s ]\r\n", - cnt, data); - } else - printf("[ KRB4_ENCPWD refuses authentication ]\r\n"); - auth_send_retry(); - return; - case KRB4_ENCPWD_ACCEPT: - printf("[ KRB4_ENCPWD accepts you ]\r\n"); - auth_finished(ap, AUTH_USER); - return; - case KRB4_ENCPWD_CHALLENGE: - /* - * Verify that the response to the challenge is correct. - */ - - gethostname(hostname, sizeof(hostname)); - realm = krb_realmofhost(hostname); - memmove(challenge, data, cnt); - memset(user_passwd, 0, sizeof(user_passwd)); - des_read_pw_string(user_passwd, sizeof(user_passwd)-1, "Password: ", 0); - UserPassword = user_passwd; - Challenge = challenge; - strlcpy(instance, RemoteHostName, sizeof(instance)); - if ((cp = strchr(instance, '.')) != 0) *cp = '\0'; - - if (r = krb_mk_encpwd_req(&krb_token, KRB_SERVICE_NAME, instance, realm, Challenge, UserNameRequested, user_passwd)) { - krb_token.length = 0; - } - - if (!Data(ap, KRB4_ENCPWD_AUTH, krb_token.dat, krb_token.length)) { - return; - } - - break; - - default: - return; - } -} - - int -krb4encpwd_status(ap, name, name_sz, level) - Authenticator *ap; - char *name; - size_t name_sz; - int level; -{ - - if (level < AUTH_USER) - return(level); - - if (UserNameRequested && passwdok(UserNameRequested, UserPassword)) { - strlcpy(name, UserNameRequested, name_sz); - return(AUTH_VALID); - } else { - return(AUTH_USER); - } -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - - void -krb4encpwd_printsub(data, cnt, buf, buflen) - unsigned char *data, *buf; - int cnt, buflen; -{ - int i; - - buf[buflen-1] = '\0'; /* make sure it's NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case KRB4_ENCPWD_REJECT: /* Rejected (reason might follow) */ - strlcpy((char *)buf, " REJECT ", buflen); - goto common; - - case KRB4_ENCPWD_ACCEPT: /* Accepted (name might follow) */ - strlcpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - case KRB4_ENCPWD_AUTH: /* Authentication data follows */ - strlcpy((char *)buf, " AUTH", buflen); - goto common2; - - case KRB4_ENCPWD_CHALLENGE: - strlcpy((char *)buf, " CHALLENGE", buflen); - goto common2; - - case KRB4_ENCPWD_ACK: - strlcpy((char *)buf, " ACK", buflen); - goto common2; - - default: - snprintf(buf, buflen, " %d (unknown)", data[3]); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - snprintf(buf, buflen, " %d", data[i]); - BUMP(buf, buflen); - } - break; - } -} - -int passwdok(name, passwd) -char *name, *passwd; -{ - char *crypt(); - char *salt, *p; - struct passwd *pwd; - int passwdok_status = 0; - - if (pwd = k_getpwnam(name)) - salt = pwd->pw_passwd; - else salt = "xx"; - - p = crypt(passwd, salt); - - if (pwd && !strcmp(p, pwd->pw_passwd)) { - passwdok_status = 1; - } else passwdok_status = 0; - return(passwdok_status); -} - -#endif - -#ifdef notdef - -prkey(msg, key) - char *msg; - unsigned char *key; -{ - int i; - printf("%s:", msg); - for (i = 0; i < 8; i++) - printf(" %3d", key[i]); - printf("\r\n"); -} -#endif diff --git a/appl/telnet/libtelnet/misc-proto.h b/appl/telnet/libtelnet/misc-proto.h index 07a250948f60..1f496a8f7910 100644 --- a/appl/telnet/libtelnet/misc-proto.h +++ b/appl/telnet/libtelnet/misc-proto.h @@ -53,7 +53,7 @@ * or implied warranty. */ -/* $Id: misc-proto.h 9187 2000-11-15 23:00:21Z assar $ */ +/* $Id$ */ #ifndef __MISC_PROTO__ #define __MISC_PROTO__ @@ -75,5 +75,5 @@ void net_encrypt (void); int telnet_spin (void); char *telnet_getenv (const char *); char *telnet_gets (char *, char *, int, int); -void printsub(int direction, unsigned char *pointer, int length); +void printsub(int direction, unsigned char *pointer, size_t); #endif diff --git a/appl/telnet/libtelnet/misc.c b/appl/telnet/libtelnet/misc.c index f74e30482db1..a5a14e00016e 100644 --- a/appl/telnet/libtelnet/misc.c +++ b/appl/telnet/libtelnet/misc.c @@ -33,7 +33,7 @@ #include -RCSID("$Id: misc.c 7822 2000-01-25 23:24:58Z assar $"); +RCSID("$Id$"); #include #include diff --git a/appl/telnet/libtelnet/rsaencpwd.c b/appl/telnet/libtelnet/rsaencpwd.c index cff096c0229e..b30e6ea7dbef 100644 --- a/appl/telnet/libtelnet/rsaencpwd.c +++ b/appl/telnet/libtelnet/rsaencpwd.c @@ -33,7 +33,7 @@ #include -RCSID("$Id: rsaencpwd.c 22071 2007-11-14 20:04:50Z lha $"); +RCSID("$Id$"); #ifdef RSA_ENCPWD /* @@ -403,11 +403,10 @@ rsaencpwd_status(ap, name, name_sz, level) #define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} void -rsaencpwd_printsub(data, cnt, buf, buflen) - unsigned char *data, *buf; - int cnt, buflen; +rsaencpwd_printsub(unsigned char *data, size_t cnt, + unsigned char * buf, size_t buflen) { - int i; + size_t i; buf[buflen-1] = '\0'; /* make sure it's NULL terminated */ buflen -= 1; diff --git a/appl/telnet/libtelnet/spx.c b/appl/telnet/libtelnet/spx.c index 82fafdb0b7d9..8672c5b4c7a7 100644 --- a/appl/telnet/libtelnet/spx.c +++ b/appl/telnet/libtelnet/spx.c @@ -33,7 +33,7 @@ #include -RCSID("$Id: spx.c 22071 2007-11-14 20:04:50Z lha $"); +RCSID("$Id$"); #ifdef SPX /* @@ -237,7 +237,9 @@ spx_send(ap) &output_name_buffer, &output_name_type); - printf("target is '%s'\n", output_name_buffer.value); fflush(stdout); + printf("target is '%.*s'\n", (int)output_name_buffer.length, + (char*)output_name_buffer.value); + fflush(stdout); major_status = gss_release_buffer(&status, &output_name_buffer); @@ -290,7 +292,8 @@ spx_send(ap) GSS_C_NULL_OID, &msg_ctx, &status_string); - printf("%s\n", status_string.value); + printf("%.*s\n", (int)status_string.length, + (char*)status_string.value); return(0); } @@ -457,8 +460,9 @@ spx_reply(ap, data, cnt) GSS_C_NULL_OID, &msg_ctx, &status_string); - printf("[ SPX mutual response fails ... '%s' ]\r\n", - status_string.value); + printf("[ SPX mutual response fails ... '%.*s' ]\r\n", + (int)status_string.length, + (char*)status_string.value); auth_send_retry(); return; } @@ -526,11 +530,10 @@ spx_status(ap, name, name_sz, level) #define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} void -spx_printsub(data, cnt, buf, buflen) - unsigned char *data, *buf; - int cnt, buflen; +spx_printsub(unsigned char *data, size_t cnt, + unsigned char *buf, size_t buflen) { - int i; + size_t i; buf[buflen-1] = '\0'; /* make sure it's NULL terminated */ buflen -= 1; diff --git a/appl/telnet/telnet/Makefile.am b/appl/telnet/telnet/Makefile.am index a472ba919dd1..34e0fe6410a3 100644 --- a/appl/telnet/telnet/Makefile.am +++ b/appl/telnet/telnet/Makefile.am @@ -1,8 +1,8 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -AM_CPPFLAGS += -I$(srcdir)/.. $(INCLUDE_krb4) $(INCLUDE_hcrypto) +AM_CPPFLAGS += -I$(srcdir)/.. $(INCLUDE_hcrypto) bin_PROGRAMS = telnet @@ -16,10 +16,9 @@ man_MANS = telnet.1 LDADD = ../libtelnet/libtelnet.a \ $(LIB_krb5) \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(LIB_tgetent) \ $(LIB_kdfs) \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) diff --git a/appl/telnet/telnet/Makefile.in b/appl/telnet/telnet/Makefile.in index df9afb1f52da..12c3eed5e4af 100644 --- a/appl/telnet/telnet/Makefile.in +++ b/appl/telnet/telnet/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,7 +47,7 @@ bin_PROGRAMS = telnet$(EXEEXT) subdir = appl/telnet/telnet ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -60,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -74,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -84,14 +89,14 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) am_telnet_OBJECTS = authenc.$(OBJEXT) commands.$(OBJEXT) \ main.$(OBJEXT) network.$(OBJEXT) ring.$(OBJEXT) \ @@ -101,11 +106,11 @@ telnet_OBJECTS = $(am_telnet_OBJECTS) telnet_LDADD = $(LDADD) am__DEPENDENCIES_1 = telnet_DEPENDENCIES = ../libtelnet/libtelnet.a $(LIB_krb5) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(LIB_kdfs) $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) $(LIB_kdfs) \ + $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -117,6 +122,27 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(telnet_SOURCES) DIST_SOURCES = $(telnet_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man1dir = $(mandir)/man1 MANS = $(man_MANS) ETAGS = etags @@ -126,49 +152,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -192,10 +227,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -212,6 +248,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -227,31 +265,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -266,10 +318,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -310,30 +364,34 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -I$(srcdir)/.. $(INCLUDE_krb4) $(INCLUDE_hcrypto) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) -I$(srcdir)/.. $(INCLUDE_hcrypto) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la CHECK_LOCAL = telnet_SOURCES = authenc.c commands.c main.c network.c ring.c \ @@ -343,29 +401,28 @@ telnet_SOURCES = authenc.c commands.c main.c network.c ring.c \ man_MANS = telnet.1 LDADD = ../libtelnet/libtelnet.a \ $(LIB_krb5) \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(LIB_tgetent) \ $(LIB_kdfs) \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/telnet/telnet/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/telnet/telnet/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/telnet/telnet/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/telnet/telnet/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -383,34 +440,50 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list telnet$(EXEEXT): $(telnet_OBJECTS) $(telnet_DEPENDENCIES) @rm -f telnet$(EXEEXT) $(LINK) $(telnet_OBJECTS) $(telnet_LDADD) $(LIBS) @@ -421,115 +494,147 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/authenc.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/commands.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/main.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/network.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ring.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sys_bsd.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/telnet.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/terminal.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utilities.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) +install-man1: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + uninstall-man1: @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -545,13 +650,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -586,6 +695,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -595,6 +705,7 @@ clean: clean-am clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -605,6 +716,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -612,26 +725,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man1 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -651,11 +773,10 @@ ps-am: uninstall-am: uninstall-binPROGRAMS uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man1 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-binPROGRAMS clean-generic clean-libtool ctags \ @@ -742,6 +863,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -827,7 +951,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -840,6 +964,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/telnet/telnet/NTMakefile b/appl/telnet/telnet/NTMakefile new file mode 100644 index 000000000000..9b0844692d30 --- /dev/null +++ b/appl/telnet/telnet/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\telnet\telnet + +!include ../../../windows/NTMakefile.w32 + diff --git a/appl/telnet/telnet/authenc.c b/appl/telnet/telnet/authenc.c index 35a3bf74abca..4c0f6fd122c5 100644 --- a/appl/telnet/telnet/authenc.c +++ b/appl/telnet/telnet/authenc.c @@ -33,7 +33,7 @@ #include "telnet_locl.h" -RCSID("$Id: authenc.c 12921 2003-09-25 15:45:51Z lha $"); +RCSID("$Id$"); #if defined(AUTHENTICATION) || defined(ENCRYPTION) int @@ -68,7 +68,7 @@ telnet_spin(void) if (Scheduler(0) == -1) ret = 1; scheduler_lockout_tty = 0; - + return ret; } diff --git a/appl/telnet/telnet/commands.c b/appl/telnet/telnet/commands.c index 98031e87abfd..4bf814c3b7a2 100644 --- a/appl/telnet/telnet/commands.c +++ b/appl/telnet/telnet/commands.c @@ -33,7 +33,7 @@ #include "telnet_locl.h" -RCSID("$Id: commands.c 16224 2005-10-22 17:17:44Z lha $"); +RCSID("$Id$"); #if defined(IPPROTO_IP) && defined(IP_TOS) int tos = -1; @@ -453,20 +453,6 @@ togdebug() return 1; } -#if defined(KRB4) && defined(HAVE_KRB_DISABLE_DEBUG) -#include - -static int -togkrbdebug(void) -{ - if(krb_debug) - krb_enable_debug(); - else - krb_disable_debug(); - return 1; -} -#endif - static int togcrlf() { @@ -688,13 +674,6 @@ static struct togglelist Togglelist[] = { togdebug, &debug, "turn on socket level debugging" }, -#if defined(KRB4) && defined(HAVE_KRB_DISABLE_DEBUG) - { "krb_debug", - "kerberos 4 debugging", - togkrbdebug, - &krb_debug, - "turn on kerberos 4 debugging" }, -#endif { "netdata", "printing of hexadecimal network data (debugging)", 0, @@ -1351,7 +1330,7 @@ bye(int argc, char **argv) /* reset options */ tninit(); } - if ((argc != 2) || (strcmp(argv[1], "fromquit") != 0)) + if ((argc != 2) || (strcmp(argv[1], "fromquit") != 0)) longjmp(toplevel, 1); return 0; /* NOTREACHED */ } @@ -1553,8 +1532,8 @@ env_find(unsigned char *var) return(NULL); } -#ifdef IRIX4 -#define environ _environ +#if !HAVE_DECL_ENVIRON +extern char **environ; #endif void @@ -1619,7 +1598,7 @@ env_init(void) * USER with the value from LOGNAME. By default, we * don't export the USER variable. */ - if ((env_find((unsigned char*)"USER") == NULL) && + if ((env_find((unsigned char*)"USER") == NULL) && (ep = env_find((unsigned char*)"LOGNAME"))) { env_define((unsigned char *)"USER", ep->value); env_unexport((unsigned char *)"USER"); @@ -2202,7 +2181,7 @@ tn(int argc, char **argv) addrstr, sizeof(addrstr), NULL, 0, NI_NUMERICHOST) != 0) strlcpy (addrstr, "unknown address", sizeof(addrstr)); - + printf("Trying %s...\r\n", addrstr); net = socket (a->ai_family, a->ai_socktype, a->ai_protocol); diff --git a/appl/telnet/telnet/externs.h b/appl/telnet/telnet/externs.h index badfca5775a2..ba55a7bfee3a 100644 --- a/appl/telnet/telnet/externs.h +++ b/appl/telnet/telnet/externs.h @@ -33,7 +33,7 @@ * @(#)externs.h 8.3 (Berkeley) 5/30/95 */ -/* $Id: externs.h 21734 2007-07-31 01:55:45Z lha $ */ +/* $Id$ */ #ifndef BSD # define BSD 43 @@ -291,7 +291,6 @@ void xmitEC(void); void Dump (char, unsigned char *, int); void printoption (char *, int, int); -void printsub (int, unsigned char *, int); void sendnaws (void); void setconnmode (int); void setcommandmode (void); @@ -360,7 +359,7 @@ void SetNetTrace(char *file); void Dump(char direction, unsigned char *buffer, int length); void printoption(char *direction, int cmd, int option); void optionstatus(void); -void printsub(int direction, unsigned char *pointer, int length); +void printsub(int direction, unsigned char *pointer, size_t length); void EmptyTerminal(void); void SetForExit(void); void Exit(int returnCode); diff --git a/appl/telnet/telnet/main.c b/appl/telnet/telnet/main.c index bb358a8d8823..c527608faf10 100644 --- a/appl/telnet/telnet/main.c +++ b/appl/telnet/telnet/main.c @@ -38,7 +38,7 @@ static char *copyright[] = { }; #include "telnet_locl.h" -RCSID("$Id: main.c 21731 2007-07-30 20:01:26Z lha $"); +RCSID("$Id$"); #if KRB5 #define FORWARD @@ -138,12 +138,12 @@ krb5_init(void) kerberos5_set_forwardable(1); #endif #ifdef ENCRYPTION - krb5_appdefault_boolean(context, NULL, + krb5_appdefault_boolean(context, NULL, NULL, "encrypt", 0, &ret_val); if (ret_val) { encrypt_auto(1); - decrypt_auto(1); + decrypt_auto(1); wantencryption = 1; EncryptVerbose(1); } @@ -153,11 +153,6 @@ krb5_init(void) } #endif -#if defined(AUTHENTICATION) && defined(KRB4) -extern char *dest_realm, dst_realm_buf[]; -extern int dst_realm_sz; -#endif - int main(int argc, char **argv) { @@ -169,7 +164,7 @@ main(int argc, char **argv) #ifdef KRB5 krb5_init(); #endif - + tninit(); /* Clear out things */ TerminalSaveState(); @@ -183,10 +178,10 @@ main(int argc, char **argv) rlogin = (strncmp(prompt, "rlog", 4) == 0) ? '~' : _POSIX_VDISABLE; - /* + /* * if AUTHENTICATION and ENCRYPTION is set autologin will be * se to true after the getopt switch; unless the -K option is - * passed + * passed */ autologin = -1; @@ -280,17 +275,10 @@ main(int argc, char **argv) #endif break; case 'k': -#if defined(AUTHENTICATION) && defined(KRB4) - { - dest_realm = dst_realm_buf; - strlcpy(dest_realm, optarg, dst_realm_sz); - } -#else - fprintf(stderr, - "%s: Warning: -k ignored, no Kerberos V4 support.\n", - prompt); -#endif - break; + fprintf(stderr, + "%s: Warning: -k ignored, no Kerberos V4 support.\n", + prompt); + break; case 'l': if(autologin == 0){ fprintf(stderr, "%s: Warning: -K ignored\n", prompt); diff --git a/appl/telnet/telnet/network.c b/appl/telnet/telnet/network.c index 4a565880d2a2..a22ff9b489df 100644 --- a/appl/telnet/telnet/network.c +++ b/appl/telnet/telnet/network.c @@ -33,7 +33,7 @@ #include "telnet_locl.h" -RCSID("$Id: network.c 13941 2004-06-20 17:01:28Z lha $"); +RCSID("$Id$"); Ring netoring, netiring; size_t netobufsize = 64*1024; @@ -47,7 +47,7 @@ void init_network(void) { void *obuf, *ibuf; - + if ((obuf = malloc(netobufsize)) == NULL) exit(1); if ((ibuf = malloc(netibufsize)) == NULL) diff --git a/appl/telnet/telnet/ring.c b/appl/telnet/telnet/ring.c index fd93e949482c..f4aee9ed7005 100644 --- a/appl/telnet/telnet/ring.c +++ b/appl/telnet/telnet/ring.c @@ -33,7 +33,7 @@ #include "telnet_locl.h" -RCSID("$Id: ring.c 7853 2000-02-06 05:15:47Z assar $"); +RCSID("$Id$"); /* * This defines a structure for a ring buffer. diff --git a/appl/telnet/telnet/ring.h b/appl/telnet/telnet/ring.h index d0c2ad75b66c..04e3eaebdf64 100644 --- a/appl/telnet/telnet/ring.h +++ b/appl/telnet/telnet/ring.h @@ -33,7 +33,7 @@ * @(#)ring.h 8.1 (Berkeley) 6/6/93 */ -/* $Id: ring.h 7853 2000-02-06 05:15:47Z assar $ */ +/* $Id$ */ /* * This defines a structure for a ring buffer. diff --git a/appl/telnet/telnet/sys_bsd.c b/appl/telnet/telnet/sys_bsd.c index 5bc2d1298cbb..657b85ecaf8e 100644 --- a/appl/telnet/telnet/sys_bsd.c +++ b/appl/telnet/telnet/sys_bsd.c @@ -33,7 +33,7 @@ #include "telnet_locl.h" -RCSID("$Id: sys_bsd.c 10941 2002-04-18 16:18:43Z joda $"); +RCSID("$Id$"); /* * The following routines try to encapsulate what is system dependent @@ -608,11 +608,11 @@ TerminalSpeeds(long *input_speed, long *output_speed) int TerminalWindowSize(long *rows, long *cols) { - struct winsize ws; + int irows, icols; - if (get_window_size (STDIN_FILENO, &ws) == 0) { - *rows = ws.ws_row; - *cols = ws.ws_col; + if (get_window_size(STDIN_FILENO, &irows, &icols) == 0) { + *rows = irows; + *cols = icols; return 1; } else return 0; @@ -641,7 +641,7 @@ static RETSIGTYPE deadpeer(int), #ifdef SIGINFO static RETSIGTYPE ayt(int); #endif - + /* ARGSUSED */ static RETSIGTYPE diff --git a/appl/telnet/telnet/telnet.c b/appl/telnet/telnet/telnet.c index a90f2124dc70..50b436de34c1 100644 --- a/appl/telnet/telnet/telnet.c +++ b/appl/telnet/telnet/telnet.c @@ -33,7 +33,7 @@ #include "telnet_locl.h" -RCSID("$Id: telnet.c 16285 2005-11-03 18:38:57Z lha $"); +RCSID("$Id$"); #define strip(x) (eight ? (x) : ((x) & 0x7f)) @@ -1631,7 +1631,7 @@ telrcv(void) telrcv_state = TS_IAC; break; } - /* + /* * The 'crmod' hack (see following) is needed * since we can't set CRMOD on output only. * Machines like MULTICS like to send \r without @@ -2036,7 +2036,7 @@ void my_telnet(char *user) { int printed_encrypt = 0; - + sys_telnet_init(); #if defined(AUTHENTICATION) || defined(ENCRYPTION) @@ -2079,7 +2079,7 @@ my_telnet(char *user) /* * Note: we assume a tie to the authentication option here. This * is necessary so that authentication fails, we don't spin - * forever. + * forever. */ if (telnetport && wantencryption) { time_t timeout = time(0) + 60; @@ -2116,7 +2116,7 @@ my_telnet(char *user) printed_encrypt = 1; printf("Waiting for encryption to be negotiated...\n"); /* - * Turn on MODE_TRAPSIG and then turn off localchars + * Turn on MODE_TRAPSIG and then turn off localchars * so that ^C will cause telnet to exit. */ TerminalNewMode(getconnmode()|MODE_TRAPSIG); @@ -2130,7 +2130,7 @@ my_telnet(char *user) printf("\nServer disconnected.\n"); Exit(1); } - + } if (printed_encrypt) { printf("Encryption negotiated.\n"); diff --git a/appl/telnet/telnet/telnet.cat1 b/appl/telnet/telnet/telnet.cat1 new file mode 100644 index 000000000000..f112a55e581d --- /dev/null +++ b/appl/telnet/telnet/telnet.cat1 @@ -0,0 +1,715 @@ + +TELNET(1) BSD General Commands Manual TELNET(1) + +NNAAMMEE + tteellnneett -- user interface to the TELNET protocol + +SSYYNNOOPPSSIISS + tteellnneett [--7788EEFFKKLLaaccddffrrxx] [--SS _t_o_s] [--XX _a_u_t_h_t_y_p_e] [--ee _e_s_c_a_p_e_c_h_a_r] [--kk _r_e_a_l_m] + [--ll _u_s_e_r] [--nn _t_r_a_c_e_f_i_l_e] [_h_o_s_t [port]] + +DDEESSCCRRIIPPTTIIOONN + The tteellnneett command is used to communicate with another host using the + TELNET protocol. If tteellnneett is invoked without the _h_o_s_t argument, it + enters command mode, indicated by its prompt (tteellnneett>>). In this mode, it + accepts and executes the commands listed below. If it is invoked with + arguments, it performs an ooppeenn command with those arguments. + + Options: + + --88 Specifies an 8-bit data path. This causes an attempt to negoti- + ate the TELNET BINARY option on both input and output. + + --77 Do not try to negotiate TELNET BINARY option. + + --EE Stops any character from being recognized as an escape character. + + --FF If Kerberos V5 authentication is being used, the --FF option allows + the local credentials to be forwarded to the remote system, + including any credentials that have already been forwarded into + the local environment. + + --KK Specifies no automatic login to the remote system. + + --LL Specifies an 8-bit data path on output. This causes the BINARY + option to be negotiated on output. + + --SS _t_o_s Sets the IP type-of-service (TOS) option for the telnet connec- + tion to the value _t_o_s, which can be a numeric TOS value or, on + systems that support it, a symbolic TOS name found in the + /etc/iptos file. + + --XX _a_t_y_p_e + Disables the _a_t_y_p_e type of authentication. + + --aa Attempt automatic login. Currently, this sends the user name via + the USER variable of the ENVIRON option if supported by the + remote system. The name used is that of the current user as + returned by getlogin(2) if it agrees with the current user ID, + otherwise it is the name associated with the user ID. + + --cc Disables the reading of the user's _._t_e_l_n_e_t_r_c file. (See the + ttooggggllee sskkiipprrcc command on this man page.) + + --dd Sets the initial value of the ddeebbuugg toggle to TRUE + + --ee _e_s_c_a_p_e _c_h_a_r + Sets the initial tteellnneett tteellnneett escape character to _e_s_c_a_p_e _c_h_a_r. + If _e_s_c_a_p_e _c_h_a_r is omitted, then there will be no escape charac- + ter. + + --ff If Kerberos V5 authentication is being used, the --ff option allows + the local credentials to be forwarded to the remote system. + + --kk _r_e_a_l_m + If Kerberos authentication is being used, the --kk option requests + that telnet obtain tickets for the remote host in realm realm + instead of the remote host's realm, as determined by + krb_realmofhost(3). + + --ll _u_s_e_r + When connecting to the remote system, if the remote system under- + stands the ENVIRON option, then _u_s_e_r will be sent to the remote + system as the value for the variable USER. This option implies + the --aa option. This option may also be used with the ooppeenn com- + mand. + + --nn _t_r_a_c_e_f_i_l_e + Opens _t_r_a_c_e_f_i_l_e for recording trace information. See the sseett + ttrraacceeffiillee command below. + + --rr Specifies a user interface similar to rlogin(1). In this mode, + the escape character is set to the tilde (~) character, unless + modified by the -e option. + + --xx Turn on encryption of the data stream. When this option is + turned on, will exit with an error if authentication cannot be + negotiated or if encryption cannot be turned on. + + _h_o_s_t Indicates the official name, an alias, or the Internet address of + a remote host. + + _p_o_r_t Indicates a port number (address of an application). If a number + is not specified, the default tteellnneett port is used. + + When in rlogin mode, a line of the form ~. disconnects from the remote + host; ~ is the telnet escape character. Similarly, the line ~^Z suspends + the telnet session. The line ~^] escapes to the normal telnet escape + prompt. + + Once a connection has been opened, tteellnneett will attempt to enable the + TELNET LINEMODE option. If this fails, then tteellnneett will revert to one of + two input modes: either ``character at a time'' or ``old line by line'' + depending on what the remote system supports. + + When LINEMODE is enabled, character processing is done on the local sys- + tem, under the control of the remote system. When input editing or char- + acter echoing is to be disabled, the remote system will relay that infor- + mation. The remote system will also relay changes to any special charac- + ters that happen on the remote system, so that they can take effect on + the local system. + + In ``character at a time'' mode, most text typed is immediately sent to + the remote host for processing. + + In ``old line by line'' mode, all text is echoed locally, and (normally) + only completed lines are sent to the remote host. The ``local echo char- + acter'' (initially ``^E'') may be used to turn off and on the local echo + (this would mostly be used to enter passwords without the password being + echoed). + + If the LINEMODE option is enabled, or if the llooccaallcchhaarrss toggle is TRUE + (the default for ``old line by line``; see below), the user's qquuiitt, iinnttrr, + and fflluusshh characters are trapped locally, and sent as TELNET protocol + sequences to the remote side. If LINEMODE has ever been enabled, then + the user's ssuusspp and eeooff are also sent as TELNET protocol sequences, and + qquuiitt is sent as a TELNET ABORT instead of BREAK There are options (see + ttooggggllee aauuttoofflluusshh and ttooggggllee aauuttoossyynncchh below) which cause this action to + flush subsequent output to the terminal (until the remote host acknowl- + edges the TELNET sequence) and flush previous terminal input (in the case + of qquuiitt and iinnttrr). + + While connected to a remote host, tteellnneett command mode may be entered by + typing the tteellnneett ``escape character'' (initially ``^]''). When in com- + mand mode, the normal terminal editing conventions are available. + + The following tteellnneett commands are available. Only enough of each command + to uniquely identify it need be typed (this is also true for arguments to + the mmooddee, sseett, ttooggggllee, uunnsseett, ssllcc, eennvviirroonn, and ddiissppllaayy commands). + + aauutthh _a_r_g_u_m_e_n_t _._._. + The auth command manipulates the information sent through the + TELNET AUTHENTICATE option. Valid arguments for the auth com- + mand are as follows: + + ddiissaabbllee _t_y_p_e Disables the specified type of authentication. + To obtain a list of available types, use the + aauutthh ddiissaabbllee ?? command. + + eennaabbllee _t_y_p_e Enables the specified type of authentication. + To obtain a list of available types, use the + aauutthh eennaabbllee ?? command. + + ssttaattuuss Lists the current status of the various types of + authentication. + + cclloossee Close a TELNET session and return to command mode. + + ddiissppllaayy _a_r_g_u_m_e_n_t _._._. + Displays all, or some, of the sseett and ttooggggllee values (see + below). + + eennccrryypptt _a_r_g_u_m_e_n_t _._._. + The encrypt command manipulates the information sent through + the TELNET ENCRYPT option. + + Note: Because of export controls, the TELNET ENCRYPT option + is not supported outside of the United States and Canada. + + Valid arguments for the encrypt command are as follows: + + ddiissaabbllee _t_y_p_e [iinnppuutt | oouuttppuutt] + Disables the specified type of encryption. If + you omit the input and output, both input and + output are disabled. To obtain a list of avail- + able types, use the eennccrryypptt ddiissaabbllee ?? command. + + eennaabbllee _t_y_p_e [iinnppuutt | oouuttppuutt] + Enables the specified type of encryption. If + you omit input and output, both input and output + are enabled. To obtain a list of available + types, use the eennccrryypptt eennaabbllee ?? command. + + iinnppuutt This is the same as the eennccrryypptt ssttaarrtt iinnppuutt com- + mand. + + --iinnppuutt This is the same as the eennccrryypptt ssttoopp iinnppuutt com- + mand. + + oouuttppuutt This is the same as the eennccrryypptt ssttaarrtt oouuttppuutt + command. + + --oouuttppuutt This is the same as the eennccrryypptt ssttoopp oouuttppuutt com- + mand. + + ssttaarrtt [iinnppuutt | oouuttppuutt] + Attempts to start encryption. If you omit iinnppuutt + and oouuttppuutt, both input and output are enabled. + To obtain a list of available types, use the + eennccrryypptt eennaabbllee ?? command. + + ssttaattuuss Lists the current status of encryption. + + ssttoopp [iinnppuutt | oouuttppuutt] + Stops encryption. If you omit input and output, + encryption is on both input and output. + + ttyyppee _t_y_p_e Sets the default type of encryption to be used + with later eennccrryypptt ssttaarrtt or eennccrryypptt ssttoopp com- + mands. + + eennvviirroonn _a_r_g_u_m_e_n_t_s _._._. + The eennvviirroonn command is used to manipulate the the variables + that my be sent through the TELNET ENVIRON option. The ini- + tial set of variables is taken from the users environment, + with only the DISPLAY and PRINTER variables being exported by + default. The USER variable is also exported if the --aa or --ll + options are used. + + Valid arguments for the eennvviirroonn command are: + + ddeeffiinnee _v_a_r_i_a_b_l_e _v_a_l_u_e + Define the variable _v_a_r_i_a_b_l_e to have a value of + _v_a_l_u_e. Any variables defined by this command are + automatically exported. The _v_a_l_u_e may be enclosed + in single or double quotes so that tabs and spaces + may be included. + + uunnddeeffiinnee _v_a_r_i_a_b_l_e + Remove _v_a_r_i_a_b_l_e from the list of environment vari- + ables. + + eexxppoorrtt _v_a_r_i_a_b_l_e + Mark the variable _v_a_r_i_a_b_l_e to be exported to the + remote side. + + uunneexxppoorrtt _v_a_r_i_a_b_l_e + Mark the variable _v_a_r_i_a_b_l_e to not be exported + unless explicitly asked for by the remote side. + + lliisstt List the current set of environment variables. + Those marked with a ** will be sent automatically, + other variables will only be sent if explicitly + requested. + + ?? Prints out help information for the eennvviirroonn com- + mand. + + llooggoouutt Sends the TELNET LOGOUT option to the remote side. This com- + mand is similar to a cclloossee command; however, if the remote + side does not support the LOGOUT option, nothing happens. If, + however, the remote side does support the LOGOUT option, this + command should cause the remote side to close the TELNET con- + nection. If the remote side also supports the concept of sus- + pending a user's session for later reattachment, the logout + argument indicates that you should terminate the session imme- + diately. + + mmooddee _t_y_p_e _T_y_p_e is one of several options, depending on the state of the + TELNET session. The remote host is asked for permission to go + into the requested mode. If the remote host is capable of + entering that mode, the requested mode will be entered. + + cchhaarraacctteerr Disable the TELNET LINEMODE option, or, if the + remote side does not understand the LINEMODE + option, then enter ``character at a time`` mode. + + lliinnee Enable the TELNET LINEMODE option, or, if the + remote side does not understand the LINEMODE + option, then attempt to enter ``old-line-by- + line`` mode. + + iissiigg (--iissiigg) Attempt to enable (disable) the TRAPSIG mode of + the LINEMODE option. This requires that the + LINEMODE option be enabled. + + eeddiitt (--eeddiitt) Attempt to enable (disable) the EDIT mode of the + LINEMODE option. This requires that the + LINEMODE option be enabled. + + ssooffttttaabbss (--ssooffttttaabbss) + Attempt to enable (disable) the SOFT_TAB mode of + the LINEMODE option. This requires that the + LINEMODE option be enabled. + + lliitteecchhoo (--lliitteecchhoo) + Attempt to enable (disable) the LIT_ECHO mode of + the LINEMODE option. This requires that the + LINEMODE option be enabled. + + ?? Prints out help information for the mmooddee com- + mand. + + ooppeenn _h_o_s_t [--ll _u_s_e_r] [[--]_p_o_r_t] + Open a connection to the named host. If no port number is + specified, tteellnneett will attempt to contact a TELNET server at + the default port. The host specification may be either a host + name (see hosts(5)) or an Internet address specified in the + ``dot notation'' (see inet(3)). The [--ll] option may be used + to specify the user name to be passed to the remote system via + the ENVIRON option. When connecting to a non-standard port, + tteellnneett omits any automatic initiation of TELNET options. When + the port number is preceded by a minus sign, the initial + option negotiation is done. After establishing a connection, + the file _._t_e_l_n_e_t_r_c in the users home directory is opened. + Lines beginning with a # are comment lines. Blank lines are + ignored. Lines that begin without white space are the start + of a machine entry. The first thing on the line is the name + of the machine that is being connected to. The rest of the + line, and successive lines that begin with white space are + assumed to be tteellnneett commands and are processed as if they had + been typed in manually to the tteellnneett command prompt. + + qquuiitt Close any open TELNET session and exit tteellnneett. An end of file + (in command mode) will also close a session and exit. + + sseenndd _a_r_g_u_m_e_n_t_s + Sends one or more special character sequences to the remote + host. The following are the arguments which may be specified + (more than one argument may be specified at a time): + + aabboorrtt Sends the TELNET ABORT (Abort processes) sequence. + + aaoo Sends the TELNET AO (Abort Output) sequence, which + should cause the remote system to flush all output + _f_r_o_m the remote system _t_o the user's terminal. + + aayytt Sends the TELNET AYT (Are You There) sequence, to + which the remote system may or may not choose to + respond. + + bbrrkk Sends the TELNET BRK (Break) sequence, which may have + significance to the remote system. + + eecc Sends the TELNET EC (Erase Character) sequence, which + should cause the remote system to erase the last char- + acter entered. + + eell Sends the TELNET EL (Erase Line) sequence, which + should cause the remote system to erase the line cur- + rently being entered. + + eeooff Sends the TELNET EOF (End Of File) sequence. + + eeoorr Sends the TELNET EOR (End of Record) sequence. + + eessccaappee Sends the current tteellnneett escape character (initially + ``^''). + + ggaa Sends the TELNET GA (Go Ahead) sequence, which likely + has no significance to the remote system. + + ggeettssttaattuuss + If the remote side supports the TELNET STATUS command, + ggeettssttaattuuss will send the subnegotiation to request that + the server send its current option status. + + iipp Sends the TELNET IP (Interrupt Process) sequence, + which should cause the remote system to abort the cur- + rently running process. + + nnoopp Sends the TELNET NOP (No OPeration) sequence. + + ssuusspp Sends the TELNET SUSP (SUSPend process) sequence. + + ssyynncchh Sends the TELNET SYNCH sequence. This sequence causes + the remote system to discard all previously typed (but + not yet read) input. This sequence is sent as TCP + urgent data (and may not work if the remote system is + a 4.2BSD system -- if it doesn't work, a lower case + ``r'' may be echoed on the terminal). + + ddoo _c_m_d + + ddoonntt _c_m_d + + wwiillll _c_m_d + + wwoonntt _c_m_d + Sends the TELNET DO _c_m_d sequence. _C_m_d can be either a + decimal number between 0 and 255, or a symbolic name + for a specific TELNET command. _C_m_d can also be either + hheellpp or ?? to print out help information, including a + list of known symbolic names. + + ?? Prints out help information for the sseenndd command. + + sseett _a_r_g_u_m_e_n_t _v_a_l_u_e + + uunnsseett _a_r_g_u_m_e_n_t _v_a_l_u_e + The sseett command will set any one of a number of tteellnneett vari- + ables to a specific value or to TRUE. The special value ooffff + turns off the function associated with the variable, this is + equivalent to using the uunnsseett command. The uunnsseett command will + disable or set to FALSE any of the specified functions. The + values of variables may be interrogated with the ddiissppllaayy com- + mand. The variables which may be set or unset, but not tog- + gled, are listed here. In addition, any of the variables for + the ttooggggllee command may be explicitly set or unset using the + sseett and uunnsseett commands. + + aayytt If TELNET is in localchars mode, or LINEMODE is + enabled, and the status character is typed, a TELNET + AYT sequence (see sseenndd aayytt preceding) is sent to the + remote host. The initial value for the "Are You + There" character is the terminal's status character. + + eecchhoo This is the value (initially ``^E'') which, when in + ``line by line'' mode, toggles between doing local + echoing of entered characters (for normal processing), + and suppressing echoing of entered characters (for + entering, say, a password). + + eeooff If tteellnneett is operating in LINEMODE or ``old line by + line'' mode, entering this character as the first + character on a line will cause this character to be + sent to the remote system. The initial value of the + eof character is taken to be the terminal's eeooff char- + acter. + + eerraassee If tteellnneett is in llooccaallcchhaarrss mode (see ttooggggllee llooccaallcchhaarrss + below), aanndd if tteellnneett is operating in ``character at a + time'' mode, then when this character is typed, a + TELNET EC sequence (see sseenndd eecc above) is sent to the + remote system. The initial value for the erase char- + acter is taken to be the terminal's eerraassee character. + + eessccaappee This is the tteellnneett escape character (initially ``^['') + which causes entry into tteellnneett command mode (when con- + nected to a remote system). + + fflluusshhoouuttppuutt + If tteellnneett is in llooccaallcchhaarrss mode (see ttooggggllee llooccaallcchhaarrss + below) and the fflluusshhoouuttppuutt character is typed, a + TELNET AO sequence (see sseenndd aaoo above) is sent to the + remote host. The initial value for the flush charac- + ter is taken to be the terminal's fflluusshh character. + + ffoorrww11 + + ffoorrww22 If TELNET is operating in LINEMODE, these are the + characters that, when typed, cause partial lines to be + forwarded to the remote system. The initial value for + the forwarding characters are taken from the termi- + nal's eol and eol2 characters. + + iinntteerrrruupptt + If tteellnneett is in llooccaallcchhaarrss mode (see ttooggggllee llooccaallcchhaarrss + below) and the iinntteerrrruupptt character is typed, a TELNET + IP sequence (see sseenndd iipp above) is sent to the remote + host. The initial value for the interrupt character + is taken to be the terminal's iinnttrr character. + + kkiillll If tteellnneett is in llooccaallcchhaarrss mode (see ttooggggllee llooccaallcchhaarrss + below), aanndd if tteellnneett is operating in ``character at a + time'' mode, then when this character is typed, a + TELNET EL sequence (see sseenndd eell above) is sent to the + remote system. The initial value for the kill charac- + ter is taken to be the terminal's kkiillll character. + + llnneexxtt If tteellnneett is operating in LINEMODE or ``old line by + line`` mode, then this character is taken to be the + terminal's llnneexxtt character. The initial value for the + lnext character is taken to be the terminal's llnneexxtt + character. + + qquuiitt If tteellnneett is in llooccaallcchhaarrss mode (see ttooggggllee llooccaallcchhaarrss + below) and the qquuiitt character is typed, a TELNET BRK + sequence (see sseenndd bbrrkk above) is sent to the remote + host. The initial value for the quit character is + taken to be the terminal's qquuiitt character. + + rreepprriinntt + If tteellnneett is operating in LINEMODE or ``old line by + line`` mode, then this character is taken to be the + terminal's rreepprriinntt character. The initial value for + the reprint character is taken to be the terminal's + rreepprriinntt character. + + rrllooggiinn This is the rlogin escape character. If set, the nor- + mal TELNET escape character is ignored unless it is + preceded by this character at the beginning of a line. + This character, at the beginning of a line followed by + a "." closes the connection; when followed by a ^Z it + suspends the telnet command. The initial state is to + disable the rlogin escape character. + + ssttaarrtt If the TELNET TOGGLE-FLOW-CONTROL option has been + enabled, then this character is taken to be the termi- + nal's ssttaarrtt character. The initial value for the kill + character is taken to be the terminal's ssttaarrtt charac- + ter. + + ssttoopp If the TELNET TOGGLE-FLOW-CONTROL option has been + enabled, then this character is taken to be the termi- + nal's ssttoopp character. The initial value for the kill + character is taken to be the terminal's ssttoopp charac- + ter. + + ssuusspp If tteellnneett is in llooccaallcchhaarrss mode, or LINEMODE is + enabled, and the ssuussppeenndd character is typed, a TELNET + SUSP sequence (see sseenndd ssuusspp above) is sent to the + remote host. The initial value for the suspend char- + acter is taken to be the terminal's ssuussppeenndd character. + + ttrraacceeffiillee + This is the file to which the output, caused by + nneettddaattaa or ooppttiioonn tracing being TRUE, will be written. + If it is set to ``--'', then tracing information will + be written to standard output (the default). + + wwoorrddeerraassee + If tteellnneett is operating in LINEMODE or ``old line by + line`` mode, then this character is taken to be the + terminal's wwoorrddeerraassee character. The initial value for + the worderase character is taken to be the terminal's + wwoorrddeerraassee character. + + ?? Displays the legal sseett (uunnsseett) commands. + + ssllcc _s_t_a_t_e The ssllcc command (Set Local Characters) is used to set or + change the state of the the special characters when the TELNET + LINEMODE option has been enabled. Special characters are + characters that get mapped to TELNET commands sequences (like + iipp or qquuiitt) or line editing characters (like eerraassee and kkiillll). + By default, the local special characters are exported. + + cchheecckk Verify the current settings for the current spe- + cial characters. The remote side is requested to + send all the current special character settings, + and if there are any discrepancies with the local + side, the local side will switch to the remote + value. + + eexxppoorrtt Switch to the local defaults for the special char- + acters. The local default characters are those of + the local terminal at the time when tteellnneett was + started. + + iimmppoorrtt Switch to the remote defaults for the special + characters. The remote default characters are + those of the remote system at the time when the + TELNET connection was established. + + ?? Prints out help information for the ssllcc command. + + ssttaattuuss Show the current status of tteellnneett. This includes the peer one + is connected to, as well as the current mode. + + ttooggggllee _a_r_g_u_m_e_n_t_s _._._. + Toggle (between TRUE and FALSE) various flags that control how + tteellnneett responds to events. These flags may be set explicitly + to TRUE or FALSE using the sseett and uunnsseett commands listed + above. More than one argument may be specified. The state of + these flags may be interrogated with the ddiissppllaayy command. + Valid arguments are: + + aauutthhddeebbuugg Turns on debugging information for the authenti- + cation code. + + aauuttoofflluusshh If aauuttoofflluusshh and llooccaallcchhaarrss are both TRUE, then + when the aaoo, or qquuiitt characters are recognized + (and transformed into TELNET sequences; see sseett + above for details), tteellnneett refuses to display + any data on the user's terminal until the remote + system acknowledges (via a TELNET TIMING MARK + option) that it has processed those TELNET + sequences. The initial value for this toggle is + TRUE if the terminal user had not done an "stty + noflsh", otherwise FALSE (see stty(1)). + + aauuttooddeeccrryypptt When the TELNET ENCRYPT option is negotiated, by + default the actual encryption (decryption) of + the data stream does not start automatically. + The autoencrypt (autodecrypt) command states + that encryption of the output (input) stream + should be enabled as soon as possible. + + Note: Because of export controls, the TELNET + ENCRYPT option is not supported outside the + United States and Canada. + + aauuttoollooggiinn If the remote side supports the TELNET + AUTHENTICATION option TELNET attempts to use it + to perform automatic authentication. If the + AUTHENTICATION option is not supported, the + user's login name are propagated through the + TELNET ENVIRON option. This command is the same + as specifying _a option on the ooppeenn command. + + aauuttoossyynncchh If aauuttoossyynncchh and llooccaallcchhaarrss are both TRUE, then + when either the iinnttrr or qquuiitt characters is typed + (see sseett above for descriptions of the iinnttrr and + qquuiitt characters), the resulting TELNET sequence + sent is followed by the TELNET SYNCH sequence. + This procedure sshhoouulldd cause the remote system to + begin throwing away all previously typed input + until both of the TELNET sequences have been + read and acted upon. The initial value of this + toggle is FALSE. + + bbiinnaarryy Enable or disable the TELNET BINARY option on + both input and output. + + iinnbbiinnaarryy Enable or disable the TELNET BINARY option on + input. + + oouuttbbiinnaarryy Enable or disable the TELNET BINARY option on + output. + + ccrrllff If this is TRUE, then carriage returns will be + sent as . If this is FALSE, then car- + riage returns will be send as . The + initial value for this toggle is FALSE. + + ccrrmmoodd Toggle carriage return mode. When this mode is + enabled, most carriage return characters + received from the remote host will be mapped + into a carriage return followed by a line feed. + This mode does not affect those characters typed + by the user, only those received from the remote + host. This mode is not very useful unless the + remote host only sends carriage return, but + never line feed. The initial value for this + toggle is FALSE. + + ddeebbuugg Toggles socket level debugging (useful only to + the ssuuppeerr uusseerr). The initial value for this + toggle is FALSE. + + eennccddeebbuugg Turns on debugging information for the encryp- + tion code. + + llooccaallcchhaarrss If this is TRUE, then the fflluusshh, iinntteerrrruupptt, + qquuiitt, eerraassee, and kkiillll characters (see sseett above) + are recognized locally, and transformed into + (hopefully) appropriate TELNET control sequences + (respectively aaoo, iipp, bbrrkk, eecc, and eell; see sseenndd + above). The initial value for this toggle is + TRUE in ``old line by line'' mode, and FALSE in + ``character at a time'' mode. When the LINEMODE + option is enabled, the value of llooccaallcchhaarrss is + ignored, and assumed to always be TRUE. If + LINEMODE has ever been enabled, then qquuiitt is + sent as aabboorrtt, and eeooff and ssuussppeenndd are sent as + eeooff and ssuusspp, see sseenndd above). + + nneettddaattaa Toggles the display of all network data (in + hexadecimal format). The initial value for this + toggle is FALSE. + + ooppttiioonnss Toggles the display of some internal tteellnneett pro- + tocol processing (having to do with TELNET + options). The initial value for this toggle is + FALSE. + + pprreettttyydduummpp When the nneettddaattaa toggle is enabled, if + pprreettttyydduummpp is enabled the output from the + nneettddaattaa command will be formatted in a more user + readable format. Spaces are put between each + character in the output, and the beginning of + any TELNET escape sequence is preceded by a '*' + to aid in locating them. + + sskkiipprrcc When the skiprc toggle is TRUE, TELNET skips the + reading of the _._t_e_l_n_e_t_r_c file in the users home + directory when connections are opened. The ini- + tial value for this toggle is FALSE. + + tteerrmmddaattaa Toggles the display of all terminal data (in + hexadecimal format). The initial value for this + toggle is FALSE. + + vveerrbboossee__eennccrryypptt + When the vveerrbboossee__eennccrryypptt toggle is TRUE, TELNET + prints out a message each time encryption is + enabled or disabled. The initial value for this + toggle is FALSE. Note: Because of export con- + trols, data encryption is not supported outside + of the United States and Canada. + + ?? Displays the legal ttooggggllee commands. + + zz Suspend tteellnneett. This command only works when the user is + using the csh(1). + + !! [_c_o_m_m_a_n_d] + Execute a single command in a subshell on the local system. + If ccoommmmaanndd is omitted, then an interactive subshell is + invoked. + + ?? [_c_o_m_m_a_n_d] + Get help. With no arguments, tteellnneett prints a help summary. + If a command is specified, tteellnneett will print the help informa- + tion for just that command. + +EENNVVIIRROONNMMEENNTT + TTeellnneett uses at least the HOME, SHELL, DISPLAY, and TERM environment vari- + ables. Other environment variables may be propagated to the other side + via the TELNET ENVIRON option. + +FFIILLEESS + ~/.telnetrc user customized telnet startup values + +HHIISSTTOORRYY + The TTeellnneett command appeared in 4.2BSD. + +NNOOTTEESS + On some remote systems, echo has to be turned off manually when in ``old + line by line'' mode. + + In ``old line by line'' mode or LINEMODE the terminal's eeooff character is + only recognized (and sent to the remote system) when it is the first + character on a line. + +4.2 Berkeley Distribution June 1, 1994 4.2 Berkeley Distribution diff --git a/appl/telnet/telnet/telnet_locl.h b/appl/telnet/telnet/telnet_locl.h index 503191db1f32..1d387e7d790a 100644 --- a/appl/telnet/telnet/telnet_locl.h +++ b/appl/telnet/telnet/telnet_locl.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: telnet_locl.h 18776 2006-10-21 19:14:13Z lha $ */ +/* $Id$ */ #ifdef HAVE_CONFIG_H #include diff --git a/appl/telnet/telnet/terminal.c b/appl/telnet/telnet/terminal.c index 2fbd3dc9ab94..f9f001711e37 100644 --- a/appl/telnet/telnet/terminal.c +++ b/appl/telnet/telnet/terminal.c @@ -33,7 +33,7 @@ #include "telnet_locl.h" -RCSID("$Id: terminal.c 9733 2001-03-06 20:10:14Z assar $"); +RCSID("$Id$"); Ring ttyoring, ttyiring; unsigned char ttyobuf[2*BUFSIZ], ttyibuf[BUFSIZ]; @@ -195,7 +195,7 @@ setconnmode(force) newmode = getconnmode()|(force?MODE_FORCE:0); TerminalNewMode(newmode); - + #ifdef ENCRYPTION if ((newmode & (MODE_ECHO|MODE_EDIT)) == MODE_EDIT) { if (my_want_state_is_will(TELOPT_ENCRYPT) diff --git a/appl/telnet/telnet/utilities.c b/appl/telnet/telnet/utilities.c index d62d572a5fe4..0ac31c9ebd9d 100644 --- a/appl/telnet/telnet/utilities.c +++ b/appl/telnet/telnet/utilities.c @@ -37,7 +37,7 @@ #include "telnet_locl.h" -RCSID("$Id: utilities.c 10587 2001-08-29 00:45:23Z assar $"); +RCSID("$Id$"); FILE *NetTrace = 0; /* Not in bss, since needs to stay */ int prettydump; @@ -248,8 +248,20 @@ optionstatus(void) } +static void __attribute__((format (printf, 3, 4))) +qprintf(int quote, FILE *f, const char *fmt, ...) + +{ + va_list va; + if (quote) + fprintf(f, "\" "); + va_start(va, fmt); + vfprintf(f, fmt, va); + va_end(va); +} + void -printsub(int direction, unsigned char *pointer, int length) +printsub(int direction, unsigned char *pointer, size_t length) { int i; unsigned char buf[512]; @@ -295,7 +307,9 @@ printsub(int direction, unsigned char *pointer, int length) fprintf(NetTrace, "TERMINAL-TYPE "); switch (pointer[1]) { case TELQUAL_IS: - fprintf(NetTrace, "IS \"%.*s\"", length-2, (char *)pointer+2); + fprintf(NetTrace, "IS \"%.*s\"", + (int)(length-2), + (char *)pointer+2); break; case TELQUAL_SEND: fprintf(NetTrace, "SEND"); @@ -315,7 +329,7 @@ printsub(int direction, unsigned char *pointer, int length) switch (pointer[1]) { case TELQUAL_IS: fprintf(NetTrace, " IS "); - fprintf(NetTrace, "%.*s", length-2, (char *)pointer+2); + fprintf(NetTrace, "%.*s", (int)(length-2), (char *)pointer+2); break; default: if (pointer[1] == 1) @@ -696,7 +710,7 @@ printsub(int direction, unsigned char *pointer, int length) fprintf(NetTrace, "X-DISPLAY-LOCATION "); switch (pointer[1]) { case TELQUAL_IS: - fprintf(NetTrace, "IS \"%.*s\"", length-2, (char *)pointer+2); + fprintf(NetTrace, "IS \"%.*s\"", (int)(length-2), (char *)pointer+2); break; case TELQUAL_SEND: fprintf(NetTrace, "SEND"); @@ -726,57 +740,44 @@ printsub(int direction, unsigned char *pointer, int length) fprintf(NetTrace, "INFO "); env_common: { - int noquote = 2; + int quote = 0; for (i = 2; i < length; i++ ) { switch (pointer[i]) { - case NEW_ENV_VALUE: -#ifdef OLD_ENVIRON - /* case NEW_ENV_OVAR: */ - if (pointer[0] == TELOPT_OLD_ENVIRON) { - fprintf(NetTrace, "\" VAR " + noquote); - } else -#endif /* OLD_ENVIRON */ - fprintf(NetTrace, "\" VALUE " + noquote); - noquote = 2; + case NEW_ENV_VAR: + qprintf(quote, NetTrace, "VAR "); + quote = 0; break; - case NEW_ENV_VAR: -#ifdef OLD_ENVIRON - /* case OLD_ENV_VALUE: */ - if (pointer[0] == TELOPT_OLD_ENVIRON) { - fprintf(NetTrace, "\" VALUE " + noquote); - } else -#endif /* OLD_ENVIRON */ - fprintf(NetTrace, "\" VAR " + noquote); - noquote = 2; + case NEW_ENV_VALUE: + qprintf(quote, NetTrace, "VALUE"); + quote = 0; break; case ENV_ESC: - fprintf(NetTrace, "\" ESC " + noquote); - noquote = 2; + qprintf(quote, NetTrace, "ESC "); + quote = 0; break; case ENV_USERVAR: - fprintf(NetTrace, "\" USERVAR " + noquote); - noquote = 2; + qprintf(quote, NetTrace, "USERVAR "); + quote = 0; break; default: if (isprint(pointer[i]) && pointer[i] != '"') { - if (noquote) { + if (!quote) { putc('"', NetTrace); - noquote = 0; + quote = 1; } putc(pointer[i], NetTrace); } else { - fprintf(NetTrace, "\" %03o " + noquote, - pointer[i]); - noquote = 2; + qprintf(quote, NetTrace, "%03o ", pointer[i]); + quote = 0; } break; } } - if (!noquote) + if (quote) putc('"', NetTrace); break; } diff --git a/appl/telnet/telnetd/Makefile.am b/appl/telnet/telnetd/Makefile.am index df2b864dc17e..d8f5b19f3f57 100644 --- a/appl/telnet/telnetd/Makefile.am +++ b/appl/telnet/telnetd/Makefile.am @@ -1,8 +1,8 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -AM_CPPFLAGS += -I$(srcdir)/.. $(INCLUDE_krb4) $(INCLUDE_hcrypto) +AM_CPPFLAGS += -I$(srcdir)/.. $(INCLUDE_hcrypto) libexec_PROGRAMS = telnetd @@ -16,7 +16,6 @@ man_MANS = telnetd.8 LDADD = \ ../libtelnet/libtelnet.a \ $(LIB_krb5) \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(LIB_tgetent) \ $(LIB_logwtmp) \ @@ -25,4 +24,4 @@ LDADD = \ $(LIB_kdfs) \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) diff --git a/appl/telnet/telnetd/Makefile.in b/appl/telnet/telnetd/Makefile.in index ba4cd3594b4f..fbfb45502224 100644 --- a/appl/telnet/telnetd/Makefile.in +++ b/appl/telnet/telnetd/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,7 +47,7 @@ libexec_PROGRAMS = telnetd$(EXEEXT) subdir = appl/telnet/telnetd ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -60,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -74,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -84,14 +89,14 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man8dir)" -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(libexec_PROGRAMS) am_telnetd_OBJECTS = telnetd.$(OBJEXT) state.$(OBJEXT) \ termstat.$(OBJEXT) slc.$(OBJEXT) sys_term.$(OBJEXT) \ @@ -102,11 +107,10 @@ am__DEPENDENCIES_1 = telnetd_DEPENDENCIES = ../libtelnet/libtelnet.a $(LIB_krb5) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) $(LIB_kdfs) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = + $(am__DEPENDENCIES_1) $(LIB_kdfs) $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -118,6 +122,27 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(telnetd_SOURCES) DIST_SOURCES = $(telnetd_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man8dir = $(mandir)/man8 MANS = $(man_MANS) ETAGS = etags @@ -127,49 +152,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -193,10 +227,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -213,6 +248,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -228,31 +265,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -267,10 +318,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -311,30 +364,34 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -I$(srcdir)/.. $(INCLUDE_krb4) $(INCLUDE_hcrypto) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) -I$(srcdir)/.. $(INCLUDE_hcrypto) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la CHECK_LOCAL = telnetd_SOURCES = telnetd.c state.c termstat.c slc.c sys_term.c \ @@ -344,7 +401,6 @@ man_MANS = telnetd.8 LDADD = \ ../libtelnet/libtelnet.a \ $(LIB_krb5) \ - $(LIB_krb4) \ $(LIB_hcrypto) \ $(LIB_tgetent) \ $(LIB_logwtmp) \ @@ -353,23 +409,23 @@ LDADD = \ $(LIB_kdfs) \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/telnet/telnetd/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/telnet/telnetd/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/telnet/telnetd/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/telnet/telnetd/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -387,34 +443,50 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list telnetd$(EXEEXT): $(telnetd_OBJECTS) $(telnetd_DEPENDENCIES) @rm -f telnetd$(EXEEXT) $(LINK) $(telnetd_OBJECTS) $(telnetd_LDADD) $(LIBS) @@ -425,115 +497,146 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/authenc.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/global.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/slc.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/state.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sys_term.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/telnetd.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/termstat.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utility.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) +install-man8: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + uninstall-man8: @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -549,13 +652,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -590,6 +697,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -600,6 +708,7 @@ clean-am: clean-generic clean-libexecPROGRAMS clean-libtool \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -610,6 +719,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -617,26 +728,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-libexecPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -656,11 +776,10 @@ ps-am: uninstall-am: uninstall-libexecPROGRAMS uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man8 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-generic clean-libexecPROGRAMS clean-libtool ctags \ @@ -747,6 +866,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -832,7 +954,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -845,6 +967,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/telnet/telnetd/NTMakefile b/appl/telnet/telnetd/NTMakefile new file mode 100644 index 000000000000..03bead1015fc --- /dev/null +++ b/appl/telnet/telnetd/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\telnet\telnetd + +!include ../../../windows/NTMakefile.w32 + diff --git a/appl/telnet/telnetd/authenc.c b/appl/telnet/telnetd/authenc.c index 1fac6c0917ae..f077a468f0c5 100644 --- a/appl/telnet/telnetd/authenc.c +++ b/appl/telnet/telnetd/authenc.c @@ -33,7 +33,7 @@ #include "telnetd.h" -RCSID("$Id: authenc.c 9200 2000-11-15 23:20:43Z assar $"); +RCSID("$Id$"); #ifdef AUTHENTICATION diff --git a/appl/telnet/telnetd/defs.h b/appl/telnet/telnetd/defs.h index add8fd21518a..dde22cbe35eb 100644 --- a/appl/telnet/telnetd/defs.h +++ b/appl/telnet/telnetd/defs.h @@ -57,11 +57,11 @@ #ifndef TIOCPKT_FLUSHWRITE #define TIOCPKT_FLUSHWRITE 0x02 #endif - + #ifndef TIOCPKT_NOSTOP #define TIOCPKT_NOSTOP 0x10 #endif - + #ifndef TIOCPKT_DOSTOP #define TIOCPKT_DOSTOP 0x20 #endif diff --git a/appl/telnet/telnetd/ext.h b/appl/telnet/telnetd/ext.h index 68b97bfea3e9..ef54ba7a3d51 100644 --- a/appl/telnet/telnetd/ext.h +++ b/appl/telnet/telnetd/ext.h @@ -33,7 +33,7 @@ * @(#)ext.h 8.2 (Berkeley) 12/15/93 */ -/* $Id: ext.h 15841 2005-08-08 13:34:26Z lha $ */ +/* $Id$ */ #ifndef __EXT_H__ #define __EXT_H__ @@ -147,8 +147,8 @@ void putstr (char *s); void putchr (int cc); void putf (char *cp, char *where); void printoption (char *fmt, int option); -void printsub (int direction, unsigned char *pointer, int length); -void printdata (char *tag, char *ptr, int cnt); +void printsub (int direction, unsigned char *pointer, size_t length); +void printdata (char *tag, char *ptr, size_t cnt); int login_tty(int t); #ifdef ENCRYPTION diff --git a/appl/telnet/telnetd/global.c b/appl/telnet/telnetd/global.c index 8b3c40580e3d..e9ad94fcb9e5 100644 --- a/appl/telnet/telnetd/global.c +++ b/appl/telnet/telnetd/global.c @@ -36,7 +36,7 @@ #include "telnetd.h" -RCSID("$Id: global.c 14939 2005-04-24 20:59:35Z lha $"); +RCSID("$Id$"); /* * Telnet server variable declarations diff --git a/appl/telnet/telnetd/slc.c b/appl/telnet/telnetd/slc.c index b9ab1212c07f..2fd6528779a1 100644 --- a/appl/telnet/telnetd/slc.c +++ b/appl/telnet/telnetd/slc.c @@ -33,7 +33,7 @@ #include "telnetd.h" -RCSID("$Id: slc.c 1695 1997-05-11 06:30:05Z assar $"); +RCSID("$Id$"); /* * get_slc_defaults @@ -44,14 +44,14 @@ void get_slc_defaults(void) { int i; - + init_termbuf(); - + for (i = 1; i <= NSLC; i++) { slctab[i].defset.flag = spcset(i, &slctab[i].defset.val, &slctab[i].sptr); slctab[i].current.flag = SLC_NOSUPPORT; slctab[i].current.val = 0; } - + } diff --git a/appl/telnet/telnetd/state.c b/appl/telnet/telnetd/state.c index 32c3d0e02c39..69cc236a290b 100644 --- a/appl/telnet/telnetd/state.c +++ b/appl/telnet/telnetd/state.c @@ -33,7 +33,7 @@ #include "telnetd.h" -RCSID("$Id: state.c 18110 2006-09-19 08:25:20Z lha $"); +RCSID("$Id$"); unsigned char doopt[] = { IAC, DO, '%', 'c', 0 }; unsigned char dont[] = { IAC, DONT, '%', 'c', 0 }; @@ -506,7 +506,7 @@ willoption(int option) changeok++; break; #endif - + default: break; } diff --git a/appl/telnet/telnetd/sys_term.c b/appl/telnet/telnetd/sys_term.c index 852611f8eefa..d8af14ea7330 100644 --- a/appl/telnet/telnetd/sys_term.c +++ b/appl/telnet/telnetd/sys_term.c @@ -33,7 +33,7 @@ #include "telnetd.h" -RCSID("$Id: sys_term.c 22390 2007-12-31 10:12:48Z lha $"); +RCSID("$Id$"); #if defined(_CRAY) || (defined(__hpux) && !defined(HAVE_UTMPX_H)) # define PARENT_DOES_UTMP @@ -67,6 +67,11 @@ int utmp_len = MaxHostNameLen; #endif #endif +/* really, mac os uses wtmpx (or asl) */ +#ifdef __APPLE__ +#undef _PATH_WTMP +#endif + #if !defined(WTMP_FILE) && defined(_PATH_WTMP) #define WTMP_FILE _PATH_WTMP #endif @@ -159,6 +164,8 @@ char wtmpf[] = "/etc/wtmp"; # ifdef STREAMSPTY static int ttyfd = -1; int really_stream = 0; +# else +#define really_stream 0 # endif const char *new_login = _PATH_LOGIN; @@ -379,12 +386,12 @@ int getpty(int *ptynum) return master; } #endif - + #ifdef STREAMSPTY { - char *clone[] = { "/dev/ptc", "/dev/ptmx", "/dev/ptm", + char *clone[] = { "/dev/ptc", "/dev/ptmx", "/dev/ptm", "/dev/ptym/clone", 0 }; - + char **q; int p; for(q=clone; *q; q++){ @@ -408,7 +415,7 @@ int getpty(int *ptynum) int p; char *cp, *p1, *p2; int i; - + #ifndef __hpux snprintf(line, sizeof(Xline), "/dev/ptyXX"); p1 = &line[8]; @@ -418,11 +425,11 @@ int getpty(int *ptynum) p1 = &line[13]; p2 = &line[14]; #endif - - + + for (cp = "pqrstuvwxyzPQRST"; *cp; cp++) { struct stat stb; - + *p1 = *cp; *p2 = '0'; /* @@ -439,7 +446,7 @@ int getpty(int *ptynum) #if SunOS == 40 int dummy; #endif - + #ifndef __hpux line[5] = 't'; #else @@ -467,7 +474,7 @@ int getpty(int *ptynum) extern lowpty, highpty; struct stat sb; int p; - + for (*ptynum = lowpty; *ptynum <= highpty; (*ptynum)++) { snprintf(myline, sizeof(myline), "/dev/pty/%03d", *ptynum); p = open(myline, 2); @@ -748,7 +755,7 @@ static int my_find(int fd, char *module) static struct str_list sl; int n; int i; - + if(!flag){ n = ioctl(fd, I_LIST, 0); if(n < 0){ @@ -764,7 +771,7 @@ static int my_find(int fd, char *module) } flag = 1; } - + for(i=0; i= modules; p--){ err = ioctl(fd, I_PUSH, *p); if(err < 0 && errno != EINVAL) @@ -849,7 +856,7 @@ void getptyslave(void) #ifdef STREAMSPTY ttyfd = t; - + /* * Not all systems have (or need) modules ttcompat and pckt so @@ -869,7 +876,7 @@ void getptyslave(void) pushed (via autopush, for instance). */ - + char *ttymodules[] = { "ttcompat", "ldterm", "ptem", NULL }; char *ptymodules[] = { "pckt", NULL }; @@ -1008,8 +1015,10 @@ int cleanopen(char *line) int login_tty(int t) { + /* Dont need to set this as the controlling PTY on steams sockets, + * don't abort on failure. */ # if defined(TIOCSCTTY) && !defined(__hpux) - if (ioctl(t, TIOCSCTTY, (char *)0) < 0) + if (ioctl(t, TIOCSCTTY, (char *)0) < 0 && !really_stream) fatalperror(net, "ioctl(sctty)"); # ifdef _CRAY /* @@ -1081,7 +1090,7 @@ static char * make_id (char *tty) { char *res = tty; - + if (strncmp (res, "pts/", 4) == 0) res += 4; if (strncmp (res, "tty", 3) == 0) @@ -1177,7 +1186,9 @@ startslave(const char *host, const char *utmp_host, } char *envinit[3]; +#if !HAVE_DECL_ENVIRON extern char **environ; +#endif void init_env(void) @@ -1223,7 +1234,7 @@ scrub_env(void) char **cpp, **cpp2; const char **p; - + for (cpp2 = cpp = environ; *cpp; cpp++) { int reject_it = 0; @@ -1271,18 +1282,18 @@ start_login(const char *host, int autologin, char *name) encrypt_output = NULL; decrypt_input = NULL; #endif - + #ifdef HAVE_UTMPX_H { int pid = getpid(); struct utmpx utmpx; struct timeval tv; char *clean_tty; - + /* * Create utmp entry for child */ - + clean_tty = clean_ttyname(line); memset(&utmpx, 0, sizeof(utmpx)); strncpy(utmpx.ut_user, ".telnet", sizeof(utmpx.ut_user)); @@ -1291,9 +1302,9 @@ start_login(const char *host, int autologin, char *name) strncpy(utmpx.ut_id, make_id(clean_tty), sizeof(utmpx.ut_id)); #endif utmpx.ut_pid = pid; - + utmpx.ut_type = LOGIN_PROCESS; - + gettimeofday (&tv, NULL); utmpx.ut_tv.tv_sec = tv.tv_sec; utmpx.ut_tv.tv_usec = tv.tv_usec; @@ -1304,7 +1315,7 @@ start_login(const char *host, int autologin, char *name) #endif scrub_env(); - + /* * -h : pass on name of host. * WARNING: -h is accepted by login if and only if @@ -1314,7 +1325,7 @@ start_login(const char *host, int autologin, char *name) * -f : force this login, he has already been authenticated */ - /* init argv structure */ + /* init argv structure */ argv.size=0; argv.argc=0; argv.argv=malloc(0); /*so we can call realloc later */ @@ -1322,7 +1333,7 @@ start_login(const char *host, int autologin, char *name) addarg(&argv, "-h"); addarg(&argv, host); addarg(&argv, "-p"); - if(name[0]) + if(name && name[0]) user = name; else user = getenv("USER"); @@ -1339,8 +1350,8 @@ start_login(const char *host, int autologin, char *name) addarg(&argv, "-a"); addarg(&argv, "otp"); } - if(log_unauth) - syslog(LOG_INFO, "unauthenticated access from %s (%s)", + if(log_unauth) + syslog(LOG_INFO, "unauthenticated access from %s (%s)", host, user ? user : "unknown user"); } if (auth_level >= 0 && autologin == AUTH_VALID) @@ -1433,7 +1444,7 @@ rmut(void) #elif defined(__osf__) /* XXX */ utxp->ut_exit.ut_termination = 0; utxp->ut_exit.ut_exit = 0; -#else +#else utxp->ut_exit.e_termination = 0; utxp->ut_exit.e_exit = 0; #endif @@ -1585,7 +1596,7 @@ cleanup(int sig) int t; int child_status; /* status of child process as returned by waitpid */ int flags = WNOHANG|WUNTRACED; - + /* * 1: Pick up the zombie, if we are being called * as the signal handler. @@ -1613,7 +1624,7 @@ cleanup(int sig) } incleanup = 1; sigsetmask(t); - + t = cleantmp(&wtmp); setutent(); /* just to make sure */ #endif /* CRAY */ @@ -1641,7 +1652,7 @@ cleanup(int sig) #endif #else char *p; - + p = line + sizeof("/dev/") - 1; if (logout(p)) logwtmp(p, "", ""); diff --git a/appl/telnet/telnetd/telnetd.c b/appl/telnet/telnetd/telnetd.c index 033a0bffc3e1..626907e5e2d1 100644 --- a/appl/telnet/telnetd/telnetd.c +++ b/appl/telnet/telnetd/telnetd.c @@ -33,7 +33,7 @@ #include "telnetd.h" -RCSID("$Id: telnetd.c 21748 2007-07-31 18:57:20Z lha $"); +RCSID("$Id$"); #ifdef _SC_CRAY_SECURE_SYS #include @@ -338,7 +338,7 @@ main(int argc, char **argv) case 'L': new_login = optarg; break; - + default: fprintf(stderr, "telnetd: %c: unknown option\n", ch); /* FALLTHROUGH */ @@ -370,7 +370,7 @@ main(int argc, char **argv) port = k_getportbyname("telnet", "tcp", htons(23)); #endif } - mini_inetd (port); + mini_inetd (port, NULL); } else if (argc > 0) { usage(1); /* NOT REACHED */ @@ -389,7 +389,7 @@ main(int argc, char **argv) memset(&dv, 0, sizeof(dv)); - if (getsysv(&sysv, sizeof(struct sysv)) != 0) + if (getsysv(&sysv, sizeof(struct sysv)) != 0) fatalperror(net, "getsysv"); /* @@ -400,7 +400,7 @@ main(int argc, char **argv) if ((getsockopt(0, SOL_SOCKET, SO_SECURITY, (void *)&ss, &szss) < 0) || (getsockopt(0, SOL_SOCKET, SO_SEC_MULTI, - (void *)&sock_multi, &szi) < 0)) + (void *)&sock_multi, &szi) < 0)) fatalperror(net, "getsockopt"); else { dv.dv_actlvl = ss.ss_actlabel.lt_level; @@ -724,7 +724,7 @@ doit(struct sockaddr *who, int who_len) error = getnameinfo_verified (who, who_len, remote_host_name, sizeof(remote_host_name), - NULL, 0, + NULL, 0, registerd_host_only ? NI_NAMEREQD : 0); if (error) fatal(net, "Couldn't resolve your address into a host name.\r\n\ diff --git a/appl/telnet/telnetd/telnetd.cat8 b/appl/telnet/telnetd/telnetd.cat8 new file mode 100644 index 000000000000..f497c6581cc1 --- /dev/null +++ b/appl/telnet/telnetd/telnetd.cat8 @@ -0,0 +1,298 @@ + +TELNETD(8) BSD System Manager's Manual TELNETD(8) + +NNAAMMEE + tteellnneettdd -- DARPA TELNET protocol server + +SSYYNNOOPPSSIISS + tteellnneettdd [--BBeeUUhhkkllnn] [--DD _d_e_b_u_g_m_o_d_e] [--SS _t_o_s] [--XX _a_u_t_h_t_y_p_e] [--aa _a_u_t_h_m_o_d_e] + [--rr_l_o_w_p_t_y_-_h_i_g_h_p_t_y] [--uu _l_e_n] [--ddeebbuugg] [--LL _/_b_i_n_/_l_o_g_i_n] [--yy] [_p_o_r_t] + +DDEESSCCRRIIPPTTIIOONN + The tteellnneettdd command is a server which supports the DARPA standard TELNET + virtual terminal protocol. TTeellnneettdd is normally invoked by the internet + server (see inetd(8)) for requests to connect to the TELNET port as indi- + cated by the _/_e_t_c_/_s_e_r_v_i_c_e_s file (see services(5)). The --ddeebbuugg option may + be used to start up tteellnneettdd manually, instead of through inetd(8). If + started up this way, _p_o_r_t may be specified to run tteellnneettdd on an alternate + TCP port number. + + The tteellnneettdd command accepts the following options: + + --aa _a_u_t_h_m_o_d_e This option may be used for specifying what mode should be + used for authentication. Note that this option is only use- + ful if tteellnneettdd has been compiled with support for the + AUTHENTICATION option. There are several valid values for + _a_u_t_h_m_o_d_e: + + debug Turns on authentication debugging code. + + user Only allow connections when the remote user can pro- + vide valid authentication information to identify the + remote user, and is allowed access to the specified + account without providing a password. + + valid Only allow connections when the remote user can pro- + vide valid authentication information to identify the + remote user. The login(1) command will provide any + additional user verification needed if the remote + user is not allowed automatic access to the specified + account. + + other Only allow connections that supply some authentica- + tion information. This option is currently not sup- + ported by any of the existing authentication mecha- + nisms, and is thus the same as specifying --aa vvaalliidd. + + otp Only allow authenticated connections (as with --aa + uusseerr) and also logins with one-time passwords (OTPs). + This option will call login with an option so that + only OTPs are accepted. The user can of course still + type secret information at the prompt. + + none This is the default state. Authentication informa- + tion is not required. If no or insufficient authen- + tication information is provided, then the login(1) + program will provide the necessary user verification. + + off This disables the authentication code. All user ver- + ification will happen through the login(1) program. + + --BB Ignored. + + --DD _d_e_b_u_g_m_o_d_e + This option may be used for debugging purposes. This allows + tteellnneettdd to print out debugging information to the connec- + tion, allowing the user to see what tteellnneettdd is doing. There + are several possible values for _d_e_b_u_g_m_o_d_e: + + ooppttiioonnss Prints information about the negotiation of TELNET + options. + + rreeppoorrtt Prints the ooppttiioonnss information, plus some addi- + tional information about what processing is going + on. + + nneettddaattaa Displays the data stream received by tteellnneettdd. + + ppttyyddaattaa Displays data written to the pty. + + eexxeerrcciissee Has not been implemented yet. + + --ee require encryption to be turned on (in both direction) by + the client and disconnects if the client tries to turn the + encryption off (in either direction). + + --hh Disables the printing of host-specific information before + login has been completed. + + --kk + + --ll Ignored. + + --nn Disable TCP keep-alives. Normally tteellnneettdd enables the TCP + keep-alive mechanism to probe connections that have been + idle for some period of time to determine if the client is + still there, so that idle connections from machines that + have crashed or can no longer be reached may be cleaned up. + + --rr _l_o_w_p_t_y_-_h_i_g_h_p_t_y + This option is only enabled when tteellnneettdd is compiled for + UNICOS. It specifies an inclusive range of pseudo-terminal + devices to use. If the system has sysconf variable + _SC_CRAY_NPTY configured, the default pty search range is 0 + to _SC_CRAY_NPTY; otherwise, the default range is 0 to 128. + Either _l_o_w_p_t_y or _h_i_g_h_p_t_y may be omitted to allow changing + either end of the search range. If _l_o_w_p_t_y is omitted, the - + character is still required so that tteellnneettdd can differenti- + ate _h_i_g_h_p_t_y from _l_o_w_p_t_y. + + --SS _t_o_s + + --uu _l_e_n This option is used to specify the size of the field in the + utmp structure that holds the remote host name. If the + resolved host name is longer than _l_e_n, the dotted decimal + value will be used instead. This allows hosts with very + long host names that overflow this field to still be + uniquely identified. Specifying --uu00 indicates that only + dotted decimal addresses should be put into the _u_t_m_p file. + + --UU This option causes tteellnneettdd to refuse connections from + addresses that cannot be mapped back into a symbolic name + via the gethostbyaddr(3) routine. + + --XX _a_u_t_h_t_y_p_e This option is only valid if tteellnneettdd has been built with + support for the authentication option. It disables the use + of _a_u_t_h_t_y_p_e authentication, and can be used to temporarily + disable a specific authentication type without having to + recompile tteellnneettdd. + + --LL _p_a_t_h_n_a_m_e Specify pathname to an alternative login program. + + --yy Makes tteellnneettdd not warn when a user is trying to login with a + cleartext password. + + TTeellnneettdd operates by allocating a pseudo-terminal device (see pty(4)) for + a client, then creating a login process which has the slave side of the + pseudo-terminal as stdin, stdout and stderr. TTeellnneettdd manipulates the + master side of the pseudo-terminal, implementing the TELNET protocol and + passing characters between the remote client and the login process. + + When a TELNET session is started up, tteellnneettdd sends TELNET options to the + client side indicating a willingness to do the following TELNET options, + which are described in more detail below: + + DO AUTHENTICATION + WILL ENCRYPT + DO TERMINAL TYPE + DO TSPEED + DO XDISPLOC + DO NEW-ENVIRON + DO ENVIRON + WILL SUPPRESS GO AHEAD + DO ECHO + DO LINEMODE + DO NAWS + WILL STATUS + DO LFLOW + DO TIMING-MARK + + The pseudo-terminal allocated to the client is configured to operate in + ``cooked'' mode, and with XTABS and CRMOD enabled (see tty(4)). + + TTeellnneettdd has support for enabling locally the following TELNET options: + + WILL ECHO When the LINEMODE option is enabled, a WILL ECHO or + WONT ECHO will be sent to the client to indicate the + current state of terminal echoing. When terminal echo + is not desired, a WILL ECHO is sent to indicate that + telnetd will take care of echoing any data that needs + to be echoed to the terminal, and then nothing is + echoed. When terminal echo is desired, a WONT ECHO is + sent to indicate that telnetd will not be doing any + terminal echoing, so the client should do any terminal + echoing that is needed. + + WILL BINARY Indicates that the client is willing to send a 8 bits + of data, rather than the normal 7 bits of the Network + Virtual Terminal. + + WILL SGA Indicates that it will not be sending IAC GA, go + ahead, commands. + + WILL STATUS Indicates a willingness to send the client, upon + request, of the current status of all TELNET options. + + WILL TIMING-MARK Whenever a DO TIMING-MARK command is received, it is + always responded to with a WILL TIMING-MARK + + WILL LOGOUT When a DO LOGOUT is received, a WILL LOGOUT is sent in + response, and the TELNET session is shut down. + + WILL ENCRYPT Only sent if tteellnneettdd is compiled with support for data + encryption, and indicates a willingness to decrypt the + data stream. + + TTeellnneettdd has support for enabling remotely the following TELNET options: + + DO BINARY Sent to indicate that telnetd is willing to receive an + 8 bit data stream. + + DO LFLOW Requests that the client handle flow control charac- + ters remotely. + + DO ECHO This is not really supported, but is sent to identify + a 4.2BSD telnet(1) client, which will improperly + respond with WILL ECHO. If a WILL ECHO is received, a + DONT ECHO will be sent in response. + + DO TERMINAL-TYPE Indicates a desire to be able to request the name of + the type of terminal that is attached to the client + side of the connection. + + DO SGA Indicates that it does not need to receive IAC GA, the + go ahead command. + + DO NAWS Requests that the client inform the server when the + window (display) size changes. + + DO TERMINAL-SPEED Indicates a desire to be able to request information + about the speed of the serial line to which the client + is attached. + + DO XDISPLOC Indicates a desire to be able to request the name of + the X windows display that is associated with the tel- + net client. + + DO NEW-ENVIRON Indicates a desire to be able to request environment + variable information, as described in RFC 1572. + + DO ENVIRON Indicates a desire to be able to request environment + variable information, as described in RFC 1408. + + DO LINEMODE Only sent if tteellnneettdd is compiled with support for + linemode, and requests that the client do line by line + processing. + + DO TIMING-MARK Only sent if tteellnneettdd is compiled with support for both + linemode and kludge linemode, and the client responded + with WONT LINEMODE. If the client responds with WILL + TM, the it is assumed that the client supports kludge + linemode. Note that the [--kk] option can be used to + disable this. + + DO AUTHENTICATION Only sent if tteellnneettdd is compiled with support for + authentication, and indicates a willingness to receive + authentication information for automatic login. + + DO ENCRYPT Only sent if tteellnneettdd is compiled with support for data + encryption, and indicates a willingness to decrypt the + data stream. + +FFIILLEESS + /etc/services + /etc/inittab (UNICOS systems only) + /etc/iptos (if supported) + +SSEEEE AALLSSOO + telnet(1), login(1) + +SSTTAANNDDAARRDDSS + RRFFCC--885544 TELNET PROTOCOL SPECIFICATION + RRFFCC--885555 TELNET OPTION SPECIFICATIONS + RRFFCC--885566 TELNET BINARY TRANSMISSION + RRFFCC--885577 TELNET ECHO OPTION + RRFFCC--885588 TELNET SUPPRESS GO AHEAD OPTION + RRFFCC--885599 TELNET STATUS OPTION + RRFFCC--886600 TELNET TIMING MARK OPTION + RRFFCC--886611 TELNET EXTENDED OPTIONS - LIST OPTION + RRFFCC--888855 TELNET END OF RECORD OPTION + RRFFCC--11007733 Telnet Window Size Option + RRFFCC--11007799 Telnet Terminal Speed Option + RRFFCC--11009911 Telnet Terminal-Type Option + RRFFCC--11009966 Telnet X Display Location Option + RRFFCC--11112233 Requirements for Internet Hosts -- Application and Support + RRFFCC--11118844 Telnet Linemode Option + RRFFCC--11337722 Telnet Remote Flow Control Option + RRFFCC--11441166 Telnet Authentication Option + RRFFCC--11441111 Telnet Authentication: Kerberos Version 4 + RRFFCC--11441122 Telnet Authentication: SPX + RRFFCC--11557711 Telnet Environment Option Interoperability Issues + RRFFCC--11557722 Telnet Environment Option + +BBUUGGSS + Some TELNET commands are only partially implemented. + + Because of bugs in the original 4.2 BSD telnet(1), tteellnneettdd performs some + dubious protocol exchanges to try to discover if the remote client is, in + fact, a 4.2 BSD telnet(1). + + Binary mode has no common interpretation except between similar operating + systems (Unix in this case). + + The terminal type name received from the remote client is converted to + lower case. + + TTeellnneettdd never sends TELNET IAC GA (go ahead) commands. + +4.2 Berkeley Distribution September 19, 2006 4.2 Berkeley Distribution diff --git a/appl/telnet/telnetd/telnetd.h b/appl/telnet/telnetd/telnetd.h index 51a5725bd9a0..828bfb36011e 100644 --- a/appl/telnet/telnetd/telnetd.h +++ b/appl/telnet/telnetd/telnetd.h @@ -189,10 +189,6 @@ struct tm *localtime(const time_t *); struct hostent *gethostbyname(const char *); #endif -#ifdef KRB4 -#include -#endif - #ifdef AUTHENTICATION #include #include diff --git a/appl/telnet/telnetd/termstat.c b/appl/telnet/telnetd/termstat.c index 696a2343dffd..77d113525c29 100644 --- a/appl/telnet/telnetd/termstat.c +++ b/appl/telnet/telnetd/termstat.c @@ -33,7 +33,7 @@ #include "telnetd.h" -RCSID("$Id: termstat.c 10587 2001-08-29 00:45:23Z assar $"); +RCSID("$Id$"); /* * local variables diff --git a/appl/telnet/telnetd/utility.c b/appl/telnet/telnetd/utility.c index f55914f199b3..48d2cf5e245a 100644 --- a/appl/telnet/telnetd/utility.c +++ b/appl/telnet/telnetd/utility.c @@ -34,7 +34,7 @@ #define PRINTOPTIONS #include "telnetd.h" -RCSID("$Id: utility.c 15844 2005-08-08 13:36:16Z lha $"); +RCSID("$Id$"); /* * utility functions performing io related tasks @@ -116,7 +116,7 @@ ptyflush(void) int n; if ((n = pfrontp - pbackp) > 0) { - DIAG((TD_REPORT | TD_PTYDATA), { + DIAG((TD_REPORT | TD_PTYDATA), { output_data("td: ptyflush %d chars\r\n", n); }); DIAG(TD_PTYDATA, printdata("pd", pbackp, n)); @@ -367,7 +367,7 @@ void fatalperror_errno(int f, const char *msg, int error) { char buf[BUFSIZ]; - + snprintf(buf, sizeof(buf), "%s: %s", msg, strerror(error)); fatal(f, buf); } @@ -445,10 +445,10 @@ void putf(char *cp, char *where) char db[100]; /* if we don't have uname, set these to sensible values */ - char *sysname = "Unix", - *machine = "", + char *sysname = "Unix", + *machine = "", *release = "", - *version = ""; + *version = ""; #ifdef HAVE_UNAME uname(&name); @@ -532,7 +532,7 @@ printoption(char *fmt, int option) } void -printsub(int direction, unsigned char *pointer, int length) +printsub(int direction, unsigned char *pointer, size_t length) /* '<' or '>' */ /* where suboption data sits */ /* length of suboption data */ @@ -587,7 +587,7 @@ printsub(int direction, unsigned char *pointer, int length) switch (pointer[1]) { case TELQUAL_IS: output_data("IS \"%.*s\"", - length-2, + (int)(length-2), (char *)pointer+2); break; case TELQUAL_SEND: @@ -606,7 +606,7 @@ printsub(int direction, unsigned char *pointer, int length) } switch (pointer[1]) { case TELQUAL_IS: - output_data(" IS %.*s", length-2, (char *)pointer+2); + output_data(" IS %.*s", (int)(length-2), (char *)pointer+2); break; default: if (pointer[1] == 1) @@ -884,7 +884,7 @@ printsub(int direction, unsigned char *pointer, int length) switch (pointer[1]) { case TELQUAL_IS: output_data("IS \"%.*s\"", - length-2, + (int)(length-2), (char *)pointer+2); break; case TELQUAL_SEND: @@ -913,46 +913,53 @@ printsub(int direction, unsigned char *pointer, int length) output_data("INFO "); env_common: { - int noquote = 2; + int quote = 0; for (i = 2; i < length; i++ ) { switch (pointer[i]) { case NEW_ENV_VAR: - output_data("\" VAR " + noquote); - noquote = 2; + if (quote) + output_data("\" "); + output_data("VAR "); + quote = 0; break; case NEW_ENV_VALUE: - output_data("\" VALUE " + noquote); - noquote = 2; + if (quote) + output_data("\" "); + output_data("VALUE "); + quote = 0; break; case ENV_ESC: - output_data("\" ESC " + noquote); - noquote = 2; + if (quote) + output_data("\" "); + output_data("ESC "); + quote = 0; break; case ENV_USERVAR: - output_data("\" USERVAR " + noquote); - noquote = 2; + if (quote) + output_data("\" "); + output_data("USERVAR "); + quote = 0; break; default: if (isprint(pointer[i]) && pointer[i] != '"') { - if (noquote) { - output_data ("\""); - noquote = 0; + if (!quote) { + output_data("\""); + quote = 1; } - output_data ("%c", pointer[i]); + output_data("%c", pointer[i]); } else { - output_data("\" %03o " + noquote, - pointer[i]); - noquote = 2; + output_data("%03o ", pointer[i]); + quote = 0; } break; } } - if (!noquote) - output_data ("\""); + if (quote) + output_data("\""); break; } } @@ -1019,7 +1026,7 @@ printsub(int direction, unsigned char *pointer, int length) case TELQUAL_NAME: i = 2; output_data(" NAME \"%.*s\"", - length - 2, + (int)(length - 2), pointer); break; @@ -1130,9 +1137,9 @@ printsub(int direction, unsigned char *pointer, int length) * Dump a data buffer in hex and ascii to the output data stream. */ void -printdata(char *tag, char *ptr, int cnt) +printdata(char *tag, char *ptr, size_t cnt) { - int i; + size_t i; char xbuf[30]; while (cnt) { diff --git a/appl/test/Makefile.am b/appl/test/Makefile.am index 21f2013b71e1..7cbaf07d4161 100644 --- a/appl/test/Makefile.am +++ b/appl/test/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -40,3 +40,5 @@ LDADD = $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) + +EXTRA_DIST = NTMakefile diff --git a/appl/test/Makefile.in b/appl/test/Makefile.in index fb9e36884f94..6c352ef37952 100644 --- a/appl/test/Makefile.in +++ b/appl/test/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -48,7 +50,7 @@ noinst_PROGRAMS = tcp_client$(EXEEXT) tcp_server$(EXEEXT) \ subdir = appl/test ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -63,7 +65,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -77,9 +79,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -87,12 +92,13 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = PROGRAMS = $(noinst_PROGRAMS) am_gssapi_client_OBJECTS = gssapi_client.$(OBJEXT) \ gss_common.$(OBJEXT) common.$(OBJEXT) @@ -147,9 +153,9 @@ uu_server_LDADD = $(LDADD) uu_server_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -176,49 +182,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -242,10 +257,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -262,6 +278,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -277,31 +295,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -316,10 +348,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -360,29 +394,34 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la tcp_client_SOURCES = tcp_client.c common.c test_locl.h tcp_server_SOURCES = tcp_server.c common.c test_locl.h @@ -409,22 +448,23 @@ LDADD = $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) +EXTRA_DIST = NTMakefile all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/test/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/test/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/test/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/test/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -442,13 +482,16 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list gssapi_client$(EXEEXT): $(gssapi_client_OBJECTS) $(gssapi_client_DEPENDENCIES) @rm -f gssapi_client$(EXEEXT) $(LINK) $(gssapi_client_OBJECTS) $(gssapi_client_LDADD) $(LIBS) @@ -483,14 +526,39 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/common.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gss_common.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gssapi_client.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gssapi_server.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/http_client.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nt_gss_client.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nt_gss_common.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nt_gss_server.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tcp_client.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tcp_server.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uu_client.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uu_server.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo @@ -503,45 +571,49 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -562,13 +634,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -600,6 +676,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -610,6 +687,7 @@ clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -620,6 +698,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -627,26 +707,35 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -666,9 +755,8 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-generic clean-libtool clean-noinstPROGRAMS ctags \ @@ -753,6 +841,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -838,7 +929,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -851,6 +942,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/test/NTMakefile b/appl/test/NTMakefile new file mode 100644 index 000000000000..15bea96eed48 --- /dev/null +++ b/appl/test/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\test + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/test/common.c b/appl/test/common.c index 595c8287e12f..dcb785efdc8a 100644 --- a/appl/test/common.c +++ b/appl/test/common.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "test_locl.h" -RCSID("$Id: common.c 12796 2003-09-09 03:38:04Z lha $"); +RCSID("$Id$"); static int help_flag; static int version_flag; @@ -43,12 +43,14 @@ krb5_keytab keytab; char *service = SERVICE; char *mech = "krb5"; int fork_flag; +char *password = NULL; static struct getargs args[] = { { "port", 'p', arg_string, &port_str, "port to listen to", "port" }, { "service", 's', arg_string, &service, "service to use", "service" }, { "keytab", 'k', arg_string, &keytab_str, "keytab to use", "keytab" }, { "mech", 'm', arg_string, &mech, "gssapi mech to use", "mech" }, + { "password", 'P', arg_string, &password, "password to use", "password" }, { "fork", 'f', arg_flag, &fork_flag, "do fork" }, { "help", 'h', arg_flag, &help_flag }, { "version", 0, arg_flag, &version_flag } @@ -72,7 +74,7 @@ client_usage(int code, struct getargs *args, int num_args) static int -common_setup(krb5_context *context, int *argc, char **argv, +common_setup(krb5_context *context, int *argc, char **argv, void (*usage)(int, struct getargs*, int)) { int port = 0; @@ -84,7 +86,7 @@ common_setup(krb5_context *context, int *argc, char **argv, print_version(NULL); exit(0); } - + if(port_str){ struct servent *s = roken_getservbyname(port_str, "tcp"); if(s) @@ -101,7 +103,7 @@ common_setup(krb5_context *context, int *argc, char **argv, if (port == 0) port = krb5_getportbyname (*context, PORT, "tcp", 4711); - + return port; } diff --git a/appl/test/gss_common.c b/appl/test/gss_common.c index 4c80e543b7c8..6a0eb77a7614 100644 --- a/appl/test/gss_common.c +++ b/appl/test/gss_common.c @@ -1,40 +1,42 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "test_locl.h" -#include +#include +#include +#include #include "gss_common.h" -RCSID("$Id: gss_common.c 19937 2007-01-16 21:56:01Z lha $"); +RCSID("$Id$"); void write_token (int sock, gss_buffer_t buf) @@ -93,7 +95,7 @@ gss_print_errors (int min_stat) GSS_C_NO_OID, &msg_ctx, &status_string); - fprintf (stderr, "%.*s\n", (int)status_string.length, + fprintf (stderr, "%.*s\n", (int)status_string.length, (char *)status_string.value); gss_release_buffer (&new_stat, &status_string); } while (!GSS_ERROR(ret) && msg_ctx != 0); diff --git a/appl/test/gss_common.h b/appl/test/gss_common.h index 598ac8c287d8..eaab550beb07 100644 --- a/appl/test/gss_common.h +++ b/appl/test/gss_common.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: gss_common.h 14661 2005-03-19 03:13:14Z lha $ */ +/* $Id$ */ void write_token (int sock, gss_buffer_t buf); void read_token (int sock, gss_buffer_t buf); diff --git a/appl/test/gssapi_client.c b/appl/test/gssapi_client.c index d10fc5701fa8..8b37bf2c9bcb 100644 --- a/appl/test/gssapi_client.c +++ b/appl/test/gssapi_client.c @@ -1,40 +1,42 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "test_locl.h" -#include +#include +#include +#include #include "gss_common.h" -RCSID("$Id: gssapi_client.c 21521 2007-07-12 13:13:40Z lha $"); +RCSID("$Id$"); static int do_trans (int sock, gss_ctx_id_t context_hdl) @@ -92,6 +94,8 @@ do_trans (int sock, gss_ctx_id_t context_hdl) return 0; } +extern char *password; + static int proto (int sock, const char *hostname, const char *service) { @@ -100,6 +104,7 @@ proto (int sock, const char *hostname, const char *service) int context_established = 0; gss_ctx_id_t context_hdl = GSS_C_NO_CONTEXT; + gss_cred_id_t cred = GSS_C_NO_CREDENTIAL; gss_buffer_desc real_input_token, real_output_token; gss_buffer_t input_token = &real_input_token, output_token = &real_output_token; @@ -119,7 +124,7 @@ proto (int sock, const char *hostname, const char *service) if (str == NULL) errx(1, "malloc - out of memory"); name_token.value = str; - + maj_stat = gss_import_name (&min_stat, &name_token, GSS_C_NT_HOSTBASED_SERVICE, @@ -128,6 +133,26 @@ proto (int sock, const char *hostname, const char *service) gss_err (1, min_stat, "Error importing name `%s@%s':\n", service, hostname); + if (password) { + gss_buffer_desc pw; + + pw.value = password; + pw.length = strlen(password); + + maj_stat = gss_acquire_cred_with_password(&min_stat, + GSS_C_NO_NAME, + &pw, + GSS_C_INDEFINITE, + GSS_C_NO_OID_SET, + GSS_C_INITIATE, + &cred, + NULL, + NULL); + if (GSS_ERROR(maj_stat)) + gss_err (1, min_stat, + "Error acquiring default initiator credentials"); + } + addrlen = sizeof(local); if (getsockname (sock, (struct sockaddr *)&local, &addrlen) < 0 || addrlen != sizeof(local)) @@ -156,7 +181,7 @@ proto (int sock, const char *hostname, const char *service) acct_buf[2] = (remote.sin_addr.s_addr >> 8) & 0xFF; acct_buf[3] = (remote.sin_addr.s_addr >> 0) & 0xFF; input_chan_bindings.acceptor_address.value = acct_buf; - + #if 0 input_chan_bindings.application_data.value = emalloc(4); * (unsigned short*)input_chan_bindings.application_data.value = local.sin_port; @@ -170,7 +195,7 @@ proto (int sock, const char *hostname, const char *service) while(!context_established) { maj_stat = gss_init_sec_context(&min_stat, - GSS_C_NO_CREDENTIAL, + cred, &context_hdl, server, mech_oid, diff --git a/appl/test/gssapi_server.c b/appl/test/gssapi_server.c index e63a2bc8c538..3c6654f57380 100644 --- a/appl/test/gssapi_server.c +++ b/appl/test/gssapi_server.c @@ -1,40 +1,42 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "test_locl.h" -#include +#include +#include +#include #include "gss_common.h" -RCSID("$Id: gssapi_server.c 14762 2005-04-10 14:47:41Z lha $"); +RCSID("$Id$"); static int process_it(int sock, @@ -185,9 +187,9 @@ proto (int sock, const char *service) input_chan_bindings.application_data.length = 0; input_chan_bindings.application_data.value = NULL; #endif - + delegated_cred_handle = GSS_C_NO_CREDENTIAL; - + do { read_token (sock, input_token); maj_stat = @@ -214,7 +216,7 @@ proto (int sock, const char *service) break; } } while(maj_stat & GSS_S_CONTINUE_NEEDED); - + p = (char *)mech_oid->elements; if (mech_oid->length == GSS_KRB5_MECHANISM->length && memcmp(p, GSS_KRB5_MECHANISM->elements, mech_oid->length) == 0) @@ -298,6 +300,7 @@ doit (int port, const char *service) int sock, sock2; struct sockaddr_in my_addr; int one = 1; + int ret; sock = socket (AF_INET, SOCK_STREAM, 0); if (sock < 0) @@ -315,14 +318,17 @@ doit (int port, const char *service) if (bind (sock, (struct sockaddr *)&my_addr, sizeof(my_addr)) < 0) err (1, "bind"); - if (listen (sock, 1) < 0) - err (1, "listen"); + while (1) { + if (listen (sock, 1) < 0) + err (1, "listen"); - sock2 = accept (sock, NULL, NULL); - if (sock2 < 0) - err (1, "accept"); + sock2 = accept (sock, NULL, NULL); + if (sock2 < 0) + err (1, "accept"); - return proto (sock2, service); + ret = proto (sock2, service); + } + return ret; } int @@ -332,3 +338,4 @@ main(int argc, char **argv) int port = server_setup(&context, argc, argv); return doit (port, service); } + diff --git a/appl/test/http_client.c b/appl/test/http_client.c index 074ba3768bef..c9e1c8492b50 100644 --- a/appl/test/http_client.c +++ b/appl/test/http_client.c @@ -1,42 +1,44 @@ /* - * Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "test_locl.h" -#include +#include +#include +#include #include "gss_common.h" #include -RCSID("$Id: http_client.c 14861 2005-04-20 10:38:37Z lha $"); +RCSID("$Id$"); /* * A simplistic client implementing draft-brezak-spnego-http-04.txt @@ -84,7 +86,7 @@ fdprintf(int s, const char *fmt, ...) ssize_t ret; va_list ap; char *str, *buf; - + va_start(ap, fmt); vasprintf(&str, fmt, ap); va_end(ap); @@ -186,7 +188,7 @@ http_find_header(struct http_req *req, const char *header) static int -http_query(const char *host, const char *page, +http_query(const char *host, const char *page, char **headers, int num_headers, struct http_req *req) { enum { RESPONSE, HEADER, BODY } state; @@ -214,7 +216,7 @@ http_query(const char *host, const char *page, break; else if (ret < 0) err (1, "read: %lu", (unsigned long)ret); - + in_buf[ret + in_len] = '\0'; if (state == HEADER || state == RESPONSE) { @@ -235,12 +237,16 @@ http_query(const char *host, const char *page, in_ptr -= 2; break; } else if (state == RESPONSE) { - req->response = strndup(in_buf, p - in_buf); + req->response = emalloc(p - in_buf + 1); + memcpy(req->response, in_buf, p - in_buf); + req->response[p - in_buf] = '\0'; state = HEADER; } else { req->headers = realloc(req->headers, (req->num_headers + 1) * sizeof(req->headers[0])); - req->headers[req->num_headers] = strndup(in_buf, p - in_buf); + req->headers[req->num_headers] = emalloc(p - in_buf + 1); + memcpy(req->headers[req->num_headers], in_buf, p - in_buf); + req->headers[req->num_headers][p - in_buf] = '\0'; if (req->headers[req->num_headers] == NULL) errx(1, "strdup"); req->num_headers++; @@ -332,7 +338,7 @@ main(int argc, char **argv) print_body = 0; http_query(host, page, headers, num_headers, &req); - for (i = 0 ; i < num_headers; i++) + for (i = 0 ; i < num_headers; i++) free(headers[i]); num_headers = 0; @@ -356,7 +362,7 @@ main(int argc, char **argv) if (verbose_flag) printf("Negotiate found\n"); - + if (server == GSS_C_NO_NAME) { char *name; asprintf(&name, "%s@%s", gss_service, host); @@ -468,7 +474,7 @@ main(int argc, char **argv) base64_encode(output_token.value, output_token.length, &neg_token); - + asprintf(&headers[0], "Authorization: Negotiate %s", neg_token); diff --git a/appl/test/nt_gss_client.c b/appl/test/nt_gss_client.c index 3527799b4017..fc9ff3c8d6e1 100644 --- a/appl/test/nt_gss_client.c +++ b/appl/test/nt_gss_client.c @@ -1,41 +1,41 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "test_locl.h" #include #include "nt_gss_common.h" -RCSID("$Id: nt_gss_client.c 21522 2007-07-12 13:15:04Z lha $"); +RCSID("$Id$"); /* * This program tries to act as a client for the sample in `Sample diff --git a/appl/test/nt_gss_common.c b/appl/test/nt_gss_common.c index ca079179bc8f..f26a10223102 100644 --- a/appl/test/nt_gss_common.c +++ b/appl/test/nt_gss_common.c @@ -1,41 +1,41 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "test_locl.h" #include #include "nt_gss_common.h" -RCSID("$Id: nt_gss_common.c 17450 2006-05-05 11:11:43Z lha $"); +RCSID("$Id$"); /* * These are functions that are needed to interoperate with the @@ -43,7 +43,7 @@ RCSID("$Id: nt_gss_common.c 17450 2006-05-05 11:11:43Z lha $"); */ /* - * Write the `gss_buffer_t' in `buf' onto the fd `sock', but remember that + * Write the `gss_buffer_t' in `buf' onto the fd `sock', but remember that * the length is written in little-endian-order. */ @@ -107,7 +107,9 @@ gss_print_errors (int min_stat) GSS_C_NO_OID, &msg_ctx, &status_string); - fprintf (stderr, "%s\n", (char *)status_string.value); + fprintf (stderr, "%.*s\n", + (int)status_string.length, + (char *)status_string.value); gss_release_buffer (&new_stat, &status_string); } while (!GSS_ERROR(ret) && msg_ctx != 0); } diff --git a/appl/test/nt_gss_common.h b/appl/test/nt_gss_common.h index 50b5c8380f4b..134afe33cd09 100644 --- a/appl/test/nt_gss_common.h +++ b/appl/test/nt_gss_common.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: nt_gss_common.h 7464 1999-12-02 17:05:13Z joda $ */ +/* $Id$ */ void nt_write_token (int sock, gss_buffer_t buf); void nt_read_token (int sock, gss_buffer_t buf); diff --git a/appl/test/nt_gss_server.c b/appl/test/nt_gss_server.c index df4a32ef857c..cdfee1ea58a5 100644 --- a/appl/test/nt_gss_server.c +++ b/appl/test/nt_gss_server.c @@ -1,42 +1,44 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "test_locl.h" -#include +#include +#include +#include #include #include "nt_gss_common.h" -RCSID("$Id: nt_gss_server.c 12323 2003-05-21 15:15:34Z lha $"); +RCSID("$Id$"); /* * This program tries to act as a server for the sample in `Sample @@ -115,21 +117,16 @@ proto (int sock, const char *service) } while(maj_stat & GSS_S_CONTINUE_NEEDED); if (auth_file != NULL) { - int fd = open (auth_file, O_WRONLY | O_CREAT, 0666); -#if 0 - krb5_ticket *ticket; - krb5_data *data; + gss_buffer_desc data; - ticket = context_hdl->ticket; - data = &ticket->ticket.authorization_data->val[0].ad_data; - - if(fd < 0) - err (1, "open %s", auth_file); - if (write (fd, data->data, data->length) != data->length) - errx (1, "write to %s failed", auth_file); -#endif - if (close (fd)) - err (1, "close %s", auth_file); + maj_stat = gsskrb5_extract_authz_data_from_sec_context(&min_stat, + context_hdl, + KRB5_AUTHDATA_WIN2K_PAC, + &data); + if (maj_stat == GSS_S_COMPLETE) { + rk_dumpdata(auth_file, data.value, data.length); + gss_release_buffer(&min_stat, &data); + } } maj_stat = gss_display_name (&min_stat, @@ -196,7 +193,7 @@ usage(int code, struct getargs *args, int num_args) } static int -common_setup(krb5_context *context, int *argc, char **argv, +common_setup(krb5_context *context, int *argc, char **argv, void (*usage)(int, struct getargs*, int)) { int port = 0; @@ -208,7 +205,7 @@ common_setup(krb5_context *context, int *argc, char **argv, print_version(NULL); exit(0); } - + if(port_str){ struct servent *s = roken_getservbyname(port_str, "tcp"); if(s) @@ -225,7 +222,7 @@ common_setup(krb5_context *context, int *argc, char **argv, if (port == 0) port = krb5_getportbyname (*context, PORT, "tcp", 4711); - + return port; } diff --git a/appl/test/tcp_client.c b/appl/test/tcp_client.c index f1a4cb25216f..2bbb068113f5 100644 --- a/appl/test/tcp_client.c +++ b/appl/test/tcp_client.c @@ -1,38 +1,38 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "test_locl.h" -RCSID("$Id: tcp_client.c 17450 2006-05-05 11:11:43Z lha $"); +RCSID("$Id$"); krb5_context context; diff --git a/appl/test/tcp_server.c b/appl/test/tcp_server.c index 97a9b1170d2e..7da97e6aa2f7 100644 --- a/appl/test/tcp_server.c +++ b/appl/test/tcp_server.c @@ -1,38 +1,38 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "test_locl.h" -RCSID("$Id: tcp_server.c 17954 2006-09-01 09:01:03Z lha $"); +RCSID("$Id$"); krb5_context context; @@ -110,7 +110,7 @@ proto (int sock, const char *service) krb5_errx (context, 1, "EOF in krb5_net_read"); if (n < 0) krb5_err (context, 1, errno, "krb5_net_read"); - + status = krb5_rd_safe (context, auth_context, &packet, @@ -137,7 +137,7 @@ proto (int sock, const char *service) krb5_errx (context, 1, "EOF in krb5_net_read"); if (n < 0) krb5_err (context, 1, errno, "krb5_net_read"); - + status = krb5_rd_priv (context, auth_context, &packet, @@ -155,7 +155,7 @@ proto (int sock, const char *service) static int doit (int port, const char *service) { - mini_inetd (port); + mini_inetd (port, NULL); return proto (STDIN_FILENO, service); } diff --git a/appl/test/test_locl.h b/appl/test/test_locl.h index b203787f0a07..a2135c4fb456 100644 --- a/appl/test/test_locl.h +++ b/appl/test/test_locl.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: test_locl.h 12797 2003-09-09 03:38:51Z lha $ */ +/* $Id$ */ #ifdef HAVE_CONFIG_H #include diff --git a/appl/test/uu_client.c b/appl/test/uu_client.c index 6113b8b569f9..749f05583ce3 100644 --- a/appl/test/uu_client.c +++ b/appl/test/uu_client.c @@ -1,38 +1,38 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "test_locl.h" -RCSID("$Id: uu_client.c 14719 2005-04-03 19:53:32Z lha $"); +RCSID("$Id$"); krb5_context context; @@ -95,14 +95,14 @@ proto (int sock, const char *hostname, const char *service) if(status) krb5_err(context, 1, status, "krb5_cc_get_principal"); status = krb5_make_principal(context, &mcred.server, - *krb5_princ_realm(context, client), - "krbtgt", - *krb5_princ_realm(context, client), + krb5_principal_get_realm(context, client), + "krbtgt", + krb5_principal_get_realm(context, client), NULL); if(status) krb5_err(context, 1, status, "krb5_make_principal"); mcred.client = client; - + status = krb5_cc_retrieve_cred(context, ccache, 0, &mcred, &cred); if(status) krb5_err(context, 1, status, "krb5_cc_retrieve_cred"); @@ -128,13 +128,13 @@ proto (int sock, const char *hostname, const char *service) status = krb5_auth_con_setuserkey(context, auth_context, &cred.session); if(status) krb5_err(context, 1, status, "krb5_auth_con_setuserkey"); - - status = krb5_recvauth(context, &auth_context, &sock, + + status = krb5_recvauth(context, &auth_context, &sock, VERSION, client, 0, NULL, &ticket); if (status) krb5_err(context, 1, status, "krb5_recvauth"); - + if (ticket->ticket.authorization_data) { AuthorizationData *authz; int i; diff --git a/appl/test/uu_server.c b/appl/test/uu_server.c index 6462363456cd..43ff5a49c96d 100644 --- a/appl/test/uu_server.c +++ b/appl/test/uu_server.c @@ -1,38 +1,38 @@ /* - * Copyright (c) 1997 - 2000, 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000, 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "test_locl.h" -RCSID("$Id: uu_server.c 20880 2007-06-04 16:55:00Z lha $"); +RCSID("$Id$"); krb5_context context; @@ -62,8 +62,7 @@ proto (int sock, const char *service) status = krb5_auth_con_init (context, &auth_context); if (status) - errx (1, "krb5_auth_con_init: %s", - krb5_get_err_text(context, status)); + krb5_err(context, 1, status, "krb5_auth_con_init"); local_addr.addr_type = AF_INET; local_addr.address.length = sizeof(local.sin_addr); @@ -78,16 +77,19 @@ proto (int sock, const char *service) &local_addr, &remote_addr); if (status) - errx (1, "krb5_auth_con_setaddr: %s", - krb5_get_err_text(context, status)); + krb5_err(context, 1, status, "krb5_auth_con_setaddr"); status = krb5_read_message(context, &sock, &client_name); if(status) krb5_err(context, 1, status, "krb5_read_message"); - + memset(&in_creds, 0, sizeof(in_creds)); status = krb5_cc_default(context, &ccache); + if(status) + krb5_err(context, 1, status, "krb5_cc_default"); status = krb5_cc_get_principal(context, ccache, &in_creds.client); + if(status) + krb5_err(context, 1, status, "krb5_cc_get_principal"); status = krb5_read_message(context, &sock, &in_creds.second_ticket); if(status) @@ -96,18 +98,20 @@ proto (int sock, const char *service) status = krb5_parse_name(context, client_name.data, &in_creds.server); if(status) krb5_err(context, 1, status, "krb5_parse_name"); - - status = krb5_get_credentials(context, KRB5_GC_USER_USER, ccache, + + status = krb5_get_credentials(context, KRB5_GC_USER_USER, ccache, &in_creds, &out_creds); if(status) krb5_err(context, 1, status, "krb5_get_credentials"); status = krb5_cc_default(context, &ccache); + if(status) + krb5_err(context, 1, status, "krb5_cc_default"); - status = krb5_sendauth(context, + status = krb5_sendauth(context, &auth_context, - &sock, - VERSION, + &sock, + VERSION, in_creds.client, in_creds.server, AP_OPTS_USE_SESSION_KEY, @@ -117,10 +121,10 @@ proto (int sock, const char *service) NULL, NULL, NULL); - + if (status) krb5_err(context, 1, status, "krb5_sendauth"); - + { char *str; krb5_unparse_name(context, in_creds.server, &str); @@ -137,15 +141,14 @@ proto (int sock, const char *service) status = krb5_read_message(context, &sock, &packet); if(status) krb5_err(context, 1, status, "krb5_read_message"); - + status = krb5_rd_safe (context, auth_context, &packet, &data, NULL); if (status) - errx (1, "krb5_rd_safe: %s", - krb5_get_err_text(context, status)); + krb5_err(context, 1, status, "krb5_rd_safe"); printf ("safe packet: %.*s\n", (int)data.length, (char *)data.data); @@ -153,15 +156,14 @@ proto (int sock, const char *service) status = krb5_read_message(context, &sock, &packet); if(status) krb5_err(context, 1, status, "krb5_read_message"); - + status = krb5_rd_priv (context, auth_context, &packet, &data, NULL); if (status) - errx (1, "krb5_rd_priv: %s", - krb5_get_err_text(context, status)); + krb5_err(context, 1, status, "krb5_rd_priv"); printf ("priv packet: %.*s\n", (int)data.length, (char *)data.data); @@ -185,7 +187,7 @@ doit (int port, const char *service) my_addr.sin_port = port; my_addr.sin_addr.s_addr = INADDR_ANY; - if (setsockopt (sock, SOL_SOCKET, SO_REUSEADDR, + if (setsockopt (sock, SOL_SOCKET, SO_REUSEADDR, (void *)&one, sizeof(one)) < 0) warn ("setsockopt SO_REUSEADDR"); diff --git a/appl/xnlock/ChangeLog b/appl/xnlock/ChangeLog new file mode 100644 index 000000000000..c1188ef08dcb --- /dev/null +++ b/appl/xnlock/ChangeLog @@ -0,0 +1,159 @@ +2007-07-28 Love Hörnquist Ã…strand + + * xnlock.c: Add --help. + +2006-10-21 Love Hörnquist Ã…strand + + * xnlock.c: Don't include , its x11's "roken.h" and we + do that just fine ourself thanks. + +2006-05-13 Love Hörnquist Ã…strand + + * xnlock.c (main): argc_in_out argument to XtVaAppInitialize + should be an 'int *' accoring to manpage and headerfile, so remove + the cast added in 1996 + (rev 1.54) + +2005-10-22 Love Hörnquist Ã…strand + + * xnlock.c: Check return value from asprintf instead of string != + NULL since it undefined behavior on Linux. From Björn Sandell + +2005-04-06 Love Hörnquist Ã…strand + + * xnlock.c: use NULL as last argument to execl, not 0 + +2005-01-09 Love Hörnquist Ã…strand + + * xnlock.c: get_v4_tgt only used when compileing with kerberos 4 + support + +2004-09-08 Johan Danielsson + + * xnlock.c: use krb5_appdefault_boolean instead of + krb5_config_get_bool + +2004-03-22 Johan Danielsson + + * xnlock.c: protect the world from des_encrypt in crypt.h + +2004-03-01 Love Hörnquist Ã…strand + + * xnlock.c: include , From: Fredrik Ljungberg + + +2003-09-30 Love Hörnquist Ã…strand + + * xnlock.c (verify_krb5): set mcred.client too + +2003-08-25 Johan Danielsson + + * Makefile.am: fix automake conditional foo + +2003-08-16 Love Hörnquist Ã…strand + + * Makefile.am: Don't do local checks on xnlock, it only passes if + there is a working X11 socket, XXX should really be fixed in + xnlock + +2003-07-07 Love Hörnquist Ã…strand + + * xnlock.c (verify_krb5): use krb5_cc_clear_mcred + +2003-05-06 Johan Danielsson + + * no checks here + +2003-04-29 Love Hörnquist Ã…strand + + * xnlock.c: include kafs.h in the krb5 case + +2003-04-14 Love Hörnquist Ã…strand + + * xnlock.c (GetPasswd): cast argument to isprint to unsigned char, + From Christian Biere via NetBSD + +2003-03-18 Love Hörnquist Ã…strand + + * xnlock.c: do krb5_afslog when compling with afs support + +2003-02-10 Assar Westerlund + + * xnlock.c (verify): move ret to where it's used + +2002-08-23 Assar Westerlund + + * xnlock.c: add --version as a special case + +2001-06-24 Assar Westerlund + + * xnlock.c (verify_krb5): remove unused variable + +2001-03-15 Johan Danielsson + + * xnlock.c: don't explicitly set the krb4 ticket file + +2000-12-31 Assar Westerlund + + * xnlock.c (main): handle krb5_init_context failure consistently + +2000-07-17 Johan Danielsson + + * Makefile.am: use conditional for X + +2000-04-09 Assar Westerlund + + * xnlock.c (verfiy_krb5): get the v4-realm from the v5-ticket and + not from the default one. + * xnlock.c (verify_krb5): add obtainting of v4 tickets. + +1999-11-17 Assar Westerlund + + * Makefile.am: only build when we have X11. From: Simon Josefsson + + +Thu Mar 18 11:21:44 1999 Johan Danielsson + + * Makefile.am: include Makefile.am.common + +Wed Mar 17 23:35:51 1999 Assar Westerlund + + * xnlock.c (verify): use KRB_VERIFY_SECURE instead of 1 + +Tue Mar 16 22:29:14 1999 Assar Westerlund + + * xnlock.c: krb_verify_user_multiple -> krb_verify_user + +Thu Mar 11 14:59:20 1999 Johan Danielsson + + * xnlock.c: add some if-braces to keep gcc happy + +Sun Nov 22 10:36:45 1998 Assar Westerlund + + * Makefile.in (WFLAGS): set + +Wed Jul 8 01:37:37 1998 Assar Westerlund + + * xnlock.c (main): create place-holder ticket file with + open(O_EXCL | O_CREAT) instead of creat + +Sat Mar 28 12:53:46 1998 Assar Westerlund + + * Makefile.in (install, uninstall): transform the man page + +Tue Mar 24 05:20:34 1998 Assar Westerlund + + * xnlock.c: remove redundant preprocessor stuff + +Sat Mar 21 14:36:21 1998 Assar Westerlund + + * xnlock.c (init_words): recognize both `-p' and `-prog' + +Sat Feb 7 10:08:07 1998 Assar Westerlund + + * xnlock.c: Don't use REALM_SZ + 1, just REALM_SZ + +Sat Nov 29 04:58:19 1997 Johan Danielsson + + * xnlock.c: Make it build w/o krb4. + diff --git a/appl/xnlock/Makefile.am b/appl/xnlock/Makefile.am new file mode 100644 index 000000000000..f971d18c3457 --- /dev/null +++ b/appl/xnlock/Makefile.am @@ -0,0 +1,32 @@ +# $Id$ + +include $(top_srcdir)/Makefile.am.common + +AM_CPPFLAGS += $(X_CFLAGS) + +WFLAGS += $(WFLAGS_NOIMPLICITINT) + +if HAVE_X + +bin_PROGRAMS = xnlock + +else + +bin_PROGRAMS = + +endif + +CHECK_LOCAL = no-check-local + +man_MANS = xnlock.1 + +EXTRA_DIST = $(man_MANS) nose.0.left nose.0.right nose.1.left nose.1.right \ + nose.down nose.front nose.left.front nose.right.front \ + NTMakefile + +LDADD = \ + $(LIB_kafs) \ + $(LIB_krb5) \ + $(LIB_hcrypto) \ + $(LIB_roken) \ + $(X_LIBS) -lXt $(X_PRE_LIBS) -lX11 $(X_EXTRA_LIBS) diff --git a/lib/auth/sia/Makefile.in b/appl/xnlock/Makefile.in similarity index 55% rename from lib/auth/sia/Makefile.in rename to appl/xnlock/Makefile.in index 88f62579821b..03220fd02698 100644 --- a/lib/auth/sia/Makefile.in +++ b/appl/xnlock/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 22304 2007-12-14 12:18:18Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -38,13 +40,14 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ +DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = lib/auth/sia + $(top_srcdir)/cf/Makefile.am.common ChangeLog +@HAVE_X_TRUE@bin_PROGRAMS = xnlock$(EXEEXT) +subdir = appl/xnlock ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -59,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -73,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -83,74 +89,122 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = +CONFIG_CLEAN_VPATH_FILES = +am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" +PROGRAMS = $(bin_PROGRAMS) +xnlock_SOURCES = xnlock.c +xnlock_OBJECTS = xnlock.$(OBJEXT) +xnlock_LDADD = $(LDADD) +am__DEPENDENCIES_1 = +am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ + $(am__DEPENDENCIES_1) +xnlock_DEPENDENCIES = $(am__DEPENDENCIES_2) $(LIB_krb5) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = xnlock.c +DIST_SOURCES = xnlock.c am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(foodir)" -fooDATA_INSTALL = $(INSTALL_DATA) -DATA = $(foo_DATA) +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +man1dir = $(mandir)/man1 +MANS = $(man_MANS) +ETAGS = etags +CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -rpath $(libdir) -Wl,-hidden -Wl,-exported_symbol -Wl,siad_\* +LD = @LD@ +LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -173,10 +227,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -193,6 +248,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -208,31 +265,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ $(WFLAGS_NOIMPLICITINT) WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -247,10 +318,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -291,104 +364,64 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .o -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(X_CFLAGS) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a -KAFS_S = $(top_builddir)/lib/kafs/.libs/libkafs.so -@KRB5_FALSE@L = \ -@KRB5_FALSE@ $(KAFS) \ -@KRB5_FALSE@ $(top_builddir)/lib/kadm/.libs/libkadm.a \ -@KRB5_FALSE@ $(top_builddir)/lib/krb/.libs/libkrb.a \ -@KRB5_FALSE@ $(LIB_hcrypto_a) \ -@KRB5_FALSE@ $(top_builddir)/lib/com_err/.libs/libcom_err.a \ -@KRB5_FALSE@ $(top_builddir)/lib/roken/.libs/libroken.a \ -@KRB5_FALSE@ $(LIB_getpwnam_r) \ -@KRB5_FALSE@ -lc +CHECK_LOCAL = no-check-local +man_MANS = xnlock.1 +EXTRA_DIST = $(man_MANS) nose.0.left nose.0.right nose.1.left nose.1.right \ + nose.down nose.front nose.left.front nose.right.front \ + NTMakefile -@KRB5_TRUE@L = \ -@KRB5_TRUE@ $(KAFS) \ -@KRB5_TRUE@ $(top_builddir)/lib/krb5/.libs/libkrb5.a \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/.libs/libasn1.a \ -@KRB5_TRUE@ $(LIB_krb4) \ -@KRB5_TRUE@ $(LIB_hcrypto_a) \ -@KRB5_TRUE@ $(LIB_com_err_a) \ -@KRB5_TRUE@ $(top_builddir)/lib/roken/.libs/libroken.a \ -@KRB5_TRUE@ $(LIB_getpwnam_r) \ -@KRB5_TRUE@ -lc - -@KRB5_FALSE@L_shared = \ -@KRB5_FALSE@ $(KAFS_S) \ -@KRB5_FALSE@ $(top_builddir)/lib/kadm/.libs/libkadm.so \ -@KRB5_FALSE@ $(top_builddir)/lib/krb/.libs/libkrb.so \ -@KRB5_FALSE@ $(LIB_hcrypto_so) \ -@KRB5_FALSE@ $(top_builddir)/lib/com_err/.libs/libcom_err.so \ -@KRB5_FALSE@ $(top_builddir)/lib/roken/.libs/libroken.so \ -@KRB5_FALSE@ $(LIB_getpwnam_r) \ -@KRB5_FALSE@ -lc - -@KRB5_TRUE@L_shared = \ -@KRB5_TRUE@ $(KAFS_S) \ -@KRB5_TRUE@ $(top_builddir)/lib/krb5/.libs/libkrb5.so \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/.libs/libasn1.so \ -@KRB5_TRUE@ $(LIB_krb4) \ -@KRB5_TRUE@ $(LIB_hcrypto_so) \ -@KRB5_TRUE@ $(LIB_com_err_so) \ -@KRB5_TRUE@ $(top_builddir)/lib/roken/.libs/libroken.so \ -@KRB5_TRUE@ $(LIB_getpwnam_r) \ -@KRB5_TRUE@ -lc - -@KRB5_FALSE@MOD = libsia_krb4.so -@KRB5_TRUE@MOD = libsia_krb5.so -foodir = $(libdir) -foo_DATA = $(MOD) -SRCS = sia.c posix_getpw.c sia_locl.h -OBJS = sia.o posix_getpw.o -CLEANFILES = $(MOD) $(OBJS) so_locations -EXTRA_DIST = sia.c sia_locl.h posix_getpw.c \ - krb4_matrix.conf krb4+c2_matrix.conf \ - krb5_matrix.conf krb5+c2_matrix.conf \ - security.patch \ - make-rpath $(SRCS) +LDADD = \ + $(LIB_kafs) \ + $(LIB_krb5) \ + $(LIB_hcrypto) \ + $(LIB_roken) \ + $(X_LIBS) -lXt $(X_PRE_LIBS) -lX11 $(X_EXTRA_LIBS) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .o +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/auth/sia/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/auth/sia/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/xnlock/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign appl/xnlock/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -406,37 +439,193 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-binPROGRAMS: $(bin_PROGRAMS) + @$(NORMAL_INSTALL) + test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done + +uninstall-binPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files + +clean-binPROGRAMS: + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +xnlock$(EXEEXT): $(xnlock_OBJECTS) $(xnlock_DEPENDENCIES) + @rm -f xnlock$(EXEEXT) + $(LINK) $(xnlock_OBJECTS) $(xnlock_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xnlock.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-fooDATA: $(foo_DATA) +install-man1: $(man_MANS) @$(NORMAL_INSTALL) - test -z "$(foodir)" || $(MKDIR_P) "$(DESTDIR)$(foodir)" - @list='$(foo_DATA)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(fooDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(foodir)/$$f'"; \ - $(fooDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(foodir)/$$f"; \ - done + test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } -uninstall-fooDATA: +uninstall-man1: @$(NORMAL_UNINSTALL) - @list='$(foo_DATA)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(foodir)/$$f'"; \ - rm -f "$(DESTDIR)$(foodir)/$$f"; \ - done + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique tags: TAGS -TAGS: +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi ctags: CTAGS -CTAGS: +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -452,13 +641,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -468,9 +661,9 @@ distdir: $(DISTFILES) check-am: all-am $(MAKE) $(AM_MAKEFLAGS) check-local check: check-am -all-am: Makefile $(DATA) all-local +all-am: Makefile $(PROGRAMS) $(MANS) all-local installdirs: - for dir in "$(DESTDIR)$(foodir)"; do \ + for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am @@ -490,21 +683,23 @@ install-strip: mostlyclean-generic: clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool mostlyclean-am +clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile -distclean-am: clean-am distclean-generic +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags dvi: dvi-am @@ -512,39 +707,51 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: -install-data-am: install-fooDATA +install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am -install-exec-am: +install-dvi-am: + +install-exec-am: install-binPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am -install-man: +install-info-am: + +install-man: install-man1 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am -mostlyclean-am: mostlyclean-generic mostlyclean-libtool +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf: pdf-am @@ -554,26 +761,29 @@ ps: ps-am ps-am: -uninstall-am: uninstall-fooDATA +uninstall-am: uninstall-binPROGRAMS uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook +uninstall-man: uninstall-man1 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-fooDATA \ +.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ + clean clean-binPROGRAMS clean-generic clean-libtool ctags \ + dist-hook distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-binPROGRAMS \ + install-data install-data-am install-data-hook install-dvi \ + install-dvi-am install-exec install-exec-am install-exec-hook \ install-html install-html-am install-info install-info-am \ - install-man install-pdf install-pdf-am install-ps \ + install-man install-man1 install-pdf install-pdf-am install-ps \ install-ps-am install-strip installcheck installcheck-am \ installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ - ps ps-am uninstall uninstall-am uninstall-fooDATA \ - uninstall-hook + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-binPROGRAMS uninstall-hook \ + uninstall-man uninstall-man1 install-suid-programs: @@ -644,6 +854,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -729,7 +942,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -743,36 +956,6 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) fi ; \ done -libsia_krb5.so: $(OBJS) - @if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`; \ - elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`; \ - else \ - echo "missing libraries"; exit 1; \ - fi - ostrip -x $@ - -libsia_krb4.so: $(OBJS) - @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`; \ - elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`; \ - else \ - echo "missing libraries"; exit 1; \ - fi - ostrip -x $@ - -# XXX inline COMPILE since automake wont add it - -.c.o: - $(CC) $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ - -c `test -f '$<' || echo '$(srcdir)/'`$< # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/appl/xnlock/NTMakefile b/appl/xnlock/NTMakefile new file mode 100644 index 000000000000..16f305b882aa --- /dev/null +++ b/appl/xnlock/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=appl\xnlock + +!include ../../windows/NTMakefile.w32 + diff --git a/appl/xnlock/README b/appl/xnlock/README new file mode 100644 index 000000000000..5b16c522fd6b --- /dev/null +++ b/appl/xnlock/README @@ -0,0 +1,21 @@ +xnlock -- Dan Heller, 1990 +"nlock" is a "new lockscreen" type program... something that prevents +screen burnout by making most of it "black" while providing something +of interest to be displayed in case anyone is watching. The program +also provides added security. + +"xnlock" is the X11 version of the program. + +Original sunview version written by Dan Heller 1985 (not included). + +For a real description of how this program works, read the +man page or just try running it. + +The one major outstanding bug with this program is that every +once in a while, two horizontal lines appear below the little +figure that runs around the screen. If someone can find and +fix this bug, *please* let me know -- I don't have time to +look and if I waited till I had time, you'd never see this +program... It has something to do with the "looking down" +position and then directly moving up and right or left... + diff --git a/appl/xnlock/nose.0.left b/appl/xnlock/nose.0.left new file mode 100644 index 000000000000..cb3d152863a0 --- /dev/null +++ b/appl/xnlock/nose.0.left @@ -0,0 +1,38 @@ +#define nose_0_left_width 64 +#define nose_0_left_height 64 +static unsigned char nose_0_left_bits[] = { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0xc0,0xff,0xff,0x07,0x00,0x00,0x00,0x00,0x40,0x00, + 0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40, + 0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00, + 0x40,0x00,0x00,0x04,0x00,0x00,0x00,0xf8,0xff,0xff,0xff,0xff,0x3f,0x00,0x00, + 0x08,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x08,0x00,0x00,0x00,0x00,0x20,0x00, + 0x00,0xf8,0xff,0xff,0xff,0xff,0x3f,0x00,0x00,0xf0,0x03,0x00,0x00,0x80,0x00, + 0x00,0x00,0x0e,0x0c,0x00,0x00,0x80,0x01,0x00,0x00,0x03,0x30,0x00,0x00,0x00, + 0x01,0x00,0x80,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x40,0x00,0xc0,0x00,0x00, + 0x00,0x02,0x00,0x20,0x00,0x80,0x00,0x00,0x00,0x04,0x00,0x10,0x00,0x00,0x00, + 0x00,0x00,0x04,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x0c,0x00,0x08,0x00,0x00, + 0x00,0x00,0x00,0x08,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x08,0x00,0x08,0x00, + 0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08, + 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00, + 0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10, + 0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x10,0x00,0x00,0x01,0x00,0x00, + 0x18,0x00,0x20,0x00,0x00,0x01,0x00,0x00,0x08,0x00,0x40,0x00,0x80,0x00,0x00, + 0x00,0x08,0x00,0x80,0x00,0x40,0x00,0x00,0x00,0x0c,0x00,0x00,0x01,0x20,0x00, + 0x00,0x00,0x04,0x00,0x00,0x06,0x18,0x00,0x00,0x00,0x06,0x00,0x00,0xf8,0x07, + 0x00,0x00,0x00,0x02,0x00,0x00,0x00,0xf8,0xff,0xff,0xff,0x01,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xf8,0x0f,0x00,0x00,0x00, + 0x00,0xff,0x00,0x04,0x10,0x00,0x00,0x00,0xc0,0x00,0x03,0x03,0x10,0x00,0x00, + 0x00,0x30,0x00,0x0c,0x01,0x20,0x00,0x00,0x00,0x08,0x00,0x98,0x00,0x20,0x00, + 0x00,0x00,0x0c,0x03,0x60,0x00,0x20,0x00,0x00,0x00,0xc2,0x00,0xc0,0x00,0x20, + 0x00,0x00,0x00,0x42,0x00,0x80,0x00,0x20,0x00,0x00,0x00,0x21,0x00,0x00,0x01, + 0x20,0x00,0x00,0x00,0x21,0x00,0x00,0x01,0x20,0x00,0x00,0x00,0x21,0x00,0x00, + 0x00,0x20,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x01,0x00, + 0x00,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x02, + 0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x20,0x00,0x00,0x00, + 0x18,0x00,0x00,0x00,0x20,0x00,0x00,0x00,0x70,0x00,0x00,0x00,0x10,0x00,0x00, + 0x00,0xc0,0xff,0xff,0xff,0x0f,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00}; diff --git a/appl/xnlock/nose.0.right b/appl/xnlock/nose.0.right new file mode 100644 index 000000000000..f387baa7304f --- /dev/null +++ b/appl/xnlock/nose.0.right @@ -0,0 +1,38 @@ +#define nose_0_right_width 64 +#define nose_0_right_height 64 +static unsigned char nose_0_right_bits[] = { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0xe0,0xff,0xff,0x03,0x00,0x00,0x00,0x00,0x20,0x00, + 0x00,0x02,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x20, + 0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x02,0x00,0x00,0x00,0x00, + 0x20,0x00,0x00,0x02,0x00,0x00,0x00,0xfc,0xff,0xff,0xff,0xff,0x1f,0x00,0x00, + 0x04,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x10,0x00, + 0x00,0xfc,0xff,0xff,0xff,0xff,0x1f,0x00,0x00,0x00,0x01,0x00,0x00,0xc0,0x0f, + 0x00,0x00,0x80,0x01,0x00,0x00,0x30,0x70,0x00,0x00,0x80,0x00,0x00,0x00,0x0c, + 0xc0,0x00,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x01,0x00,0x40,0x00,0x00,0x00, + 0x03,0x00,0x02,0x00,0x20,0x00,0x00,0x00,0x01,0x00,0x04,0x00,0x20,0x00,0x00, + 0x00,0x00,0x00,0x08,0x00,0x30,0x00,0x00,0x00,0x00,0x00,0x08,0x00,0x10,0x00, + 0x00,0x00,0x00,0x00,0x10,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08, + 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00, + 0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10, + 0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00, + 0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x08,0x00,0x18,0x00,0x00,0x80,0x00, + 0x00,0x08,0x00,0x10,0x00,0x00,0x80,0x00,0x00,0x04,0x00,0x10,0x00,0x00,0x00, + 0x01,0x00,0x02,0x00,0x30,0x00,0x00,0x00,0x02,0x00,0x01,0x00,0x20,0x00,0x00, + 0x00,0x04,0x80,0x00,0x00,0x60,0x00,0x00,0x00,0x18,0x60,0x00,0x00,0x40,0x00, + 0x00,0x00,0xe0,0x1f,0x00,0x00,0x80,0xff,0xff,0xff,0x1f,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xf0,0x1f,0x00,0x00,0x00,0x00,0x00, + 0x00,0x08,0x20,0x00,0xff,0x00,0x00,0x00,0x00,0x08,0xc0,0xc0,0x00,0x03,0x00, + 0x00,0x00,0x04,0x80,0x30,0x00,0x0c,0x00,0x00,0x00,0x04,0x00,0x19,0x00,0x10, + 0x00,0x00,0x00,0x04,0x00,0x06,0xc0,0x30,0x00,0x00,0x00,0x04,0x00,0x03,0x00, + 0x43,0x00,0x00,0x00,0x04,0x00,0x01,0x00,0x42,0x00,0x00,0x00,0x04,0x80,0x00, + 0x00,0x84,0x00,0x00,0x00,0x04,0x80,0x00,0x00,0x84,0x00,0x00,0x00,0x04,0x00, + 0x00,0x00,0x84,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x02, + 0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x40,0x00,0x00,0x00, + 0x02,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x20,0x00,0x00, + 0x00,0x04,0x00,0x00,0x00,0x18,0x00,0x00,0x00,0x08,0x00,0x00,0x00,0x0e,0x00, + 0x00,0x00,0xf0,0xff,0xff,0xff,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00}; diff --git a/appl/xnlock/nose.1.left b/appl/xnlock/nose.1.left new file mode 100644 index 000000000000..8a6b82952612 --- /dev/null +++ b/appl/xnlock/nose.1.left @@ -0,0 +1,38 @@ +#define nose_1_left_width 64 +#define nose_1_left_height 64 +static unsigned char nose_1_left_bits[] = { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0xc0,0xff,0xff,0x07,0x00,0x00,0x00,0x00,0x40,0x00, + 0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40, + 0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00, + 0x40,0x00,0x00,0x04,0x00,0x00,0x00,0xf8,0xff,0xff,0xff,0xff,0x3f,0x00,0x00, + 0x08,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x08,0x00,0x00,0x00,0x00,0x20,0x00, + 0x00,0xf8,0xff,0xff,0xff,0xff,0x3f,0x00,0x00,0xf0,0x03,0x00,0x00,0x80,0x00, + 0x00,0x00,0x0e,0x0c,0x00,0x00,0x80,0x01,0x00,0x00,0x03,0x30,0x00,0x00,0x00, + 0x01,0x00,0x80,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x40,0x00,0xc0,0x00,0x00, + 0x00,0x02,0x00,0x20,0x00,0x80,0x00,0x00,0x00,0x04,0x00,0x10,0x00,0x00,0x00, + 0x00,0x00,0x04,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x0c,0x00,0x08,0x00,0x00, + 0x00,0x00,0x00,0x08,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x08,0x00,0x08,0x00, + 0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08, + 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00, + 0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10, + 0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x10,0x00,0x00,0x01,0x00,0x00, + 0x18,0x00,0x10,0x00,0x00,0x01,0x00,0x00,0x08,0x00,0x20,0x00,0x80,0x00,0x00, + 0x00,0x08,0x00,0x40,0x00,0x40,0x00,0x00,0x00,0x0c,0x00,0x80,0x00,0x20,0x00, + 0x00,0x00,0xe4,0x00,0x00,0x03,0x18,0x00,0x00,0x00,0x26,0x03,0x00,0xfc,0x07, + 0x00,0x00,0x00,0x12,0x0c,0x00,0x00,0xf8,0xff,0xff,0xff,0x11,0x10,0x80,0x1f, + 0x00,0x00,0x00,0x00,0x08,0x20,0x60,0x60,0xc0,0x07,0x00,0x00,0x04,0x40,0x10, + 0xc0,0x20,0x08,0x00,0x1f,0x02,0x40,0x08,0x00,0x21,0x10,0xc0,0x60,0x02,0x40, + 0x04,0x00,0x12,0x20,0x20,0x80,0x02,0x20,0xc2,0x00,0x14,0x40,0x18,0x00,0x03, + 0x20,0x22,0x00,0x0c,0x80,0x04,0x03,0x02,0x10,0x12,0x00,0x08,0x80,0x86,0x00, + 0x04,0x10,0x12,0x00,0x10,0x80,0x42,0x00,0x18,0x08,0x12,0x00,0x10,0x40,0x42, + 0x00,0x00,0x04,0x02,0x00,0x20,0x40,0x42,0x00,0x00,0x04,0x02,0x00,0x00,0x20, + 0x42,0x00,0x00,0x02,0x04,0x00,0x00,0x20,0x02,0x00,0x00,0x01,0x04,0x00,0x00, + 0x20,0x02,0x00,0x00,0x01,0x08,0x00,0x00,0x20,0x04,0x00,0x80,0x00,0x10,0x00, + 0x00,0x20,0x0c,0x00,0x80,0x00,0x60,0x00,0x00,0x10,0x08,0x00,0x40,0x00,0x80, + 0xff,0xff,0x0f,0x30,0x00,0x30,0x00,0x00,0x00,0x00,0x00,0xc0,0xff,0x0f,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00}; diff --git a/appl/xnlock/nose.1.right b/appl/xnlock/nose.1.right new file mode 100644 index 000000000000..f7c8962c0262 --- /dev/null +++ b/appl/xnlock/nose.1.right @@ -0,0 +1,38 @@ +#define nose_1_right_width 64 +#define nose_1_right_height 64 +static unsigned char nose_1_right_bits[] = { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0xe0,0xff,0xff,0x03,0x00,0x00,0x00,0x00,0x20,0x00, + 0x00,0x02,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x20, + 0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x02,0x00,0x00,0x00,0x00, + 0x20,0x00,0x00,0x02,0x00,0x00,0x00,0xfc,0xff,0xff,0xff,0xff,0x1f,0x00,0x00, + 0x04,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x10,0x00, + 0x00,0xfc,0xff,0xff,0xff,0xff,0x1f,0x00,0x00,0x00,0x01,0x00,0x00,0xc0,0x0f, + 0x00,0x00,0x80,0x01,0x00,0x00,0x30,0x70,0x00,0x00,0x80,0x00,0x00,0x00,0x0c, + 0xc0,0x00,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x01,0x00,0x40,0x00,0x00,0x00, + 0x03,0x00,0x02,0x00,0x20,0x00,0x00,0x00,0x01,0x00,0x04,0x00,0x20,0x00,0x00, + 0x00,0x00,0x00,0x08,0x00,0x30,0x00,0x00,0x00,0x00,0x00,0x08,0x00,0x10,0x00, + 0x00,0x00,0x00,0x00,0x10,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08, + 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00, + 0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10, + 0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00, + 0x10,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x18,0x00,0x00,0x80,0x00, + 0x00,0x08,0x00,0x10,0x00,0x00,0x80,0x00,0x00,0x08,0x00,0x10,0x00,0x00,0x00, + 0x01,0x00,0x04,0x00,0x30,0x00,0x00,0x00,0x02,0x00,0x02,0x00,0x27,0x00,0x00, + 0x00,0x04,0x00,0x01,0xc0,0x64,0x00,0x00,0x00,0x18,0xc0,0x00,0x30,0x48,0x00, + 0x00,0x00,0xe0,0x3f,0x00,0x08,0x88,0xff,0xff,0xff,0x1f,0x00,0x00,0x04,0x10, + 0x00,0x00,0x00,0x00,0xf8,0x01,0x02,0x20,0x00,0x00,0xe0,0x03,0x06,0x06,0x02, + 0x40,0xf8,0x00,0x10,0x04,0x03,0x08,0x02,0x40,0x06,0x03,0x08,0x84,0x00,0x10, + 0x04,0x40,0x01,0x04,0x04,0x48,0x00,0x20,0x04,0xc0,0x00,0x18,0x02,0x28,0x00, + 0x43,0x08,0x40,0xc0,0x20,0x01,0x30,0x00,0x44,0x08,0x20,0x00,0x61,0x01,0x10, + 0x00,0x48,0x10,0x18,0x00,0x42,0x01,0x08,0x00,0x48,0x20,0x00,0x00,0x42,0x02, + 0x08,0x00,0x48,0x20,0x00,0x00,0x42,0x02,0x04,0x00,0x40,0x40,0x00,0x00,0x42, + 0x04,0x00,0x00,0x40,0x80,0x00,0x00,0x40,0x04,0x00,0x00,0x20,0x80,0x00,0x00, + 0x40,0x04,0x00,0x00,0x20,0x00,0x01,0x00,0x20,0x04,0x00,0x00,0x10,0x00,0x01, + 0x00,0x30,0x04,0x00,0x00,0x08,0x00,0x02,0x00,0x10,0x08,0x00,0x00,0x06,0x00, + 0x0c,0x00,0x0c,0xf0,0xff,0xff,0x01,0x00,0xf0,0xff,0x03,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00}; diff --git a/appl/xnlock/nose.down b/appl/xnlock/nose.down new file mode 100644 index 000000000000..e8bdba4f45b6 --- /dev/null +++ b/appl/xnlock/nose.down @@ -0,0 +1,38 @@ +#define nose_down_width 64 +#define nose_down_height 64 +static unsigned char nose_down_bits[] = { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0xfc,0xff,0x01,0x00,0x00,0x00,0x00,0xc0,0x03,0x00,0x1e,0x00, + 0x00,0x00,0x00,0x38,0x00,0x00,0xe0,0x00,0x00,0x00,0x00,0x06,0x00,0x00,0x00, + 0x03,0x00,0x00,0x80,0x01,0x00,0x00,0x00,0x04,0x00,0x00,0x40,0x00,0x00,0x00, + 0x00,0x08,0x00,0x00,0x20,0x00,0x00,0x00,0x00,0x30,0x00,0x00,0x10,0x00,0x80, + 0x1f,0x00,0x40,0x00,0x00,0x08,0x00,0x60,0x60,0x00,0x80,0x00,0x00,0x08,0x00, + 0x10,0x80,0x00,0x80,0x00,0x00,0x04,0x00,0x08,0x00,0x01,0x00,0x01,0x00,0x04, + 0x00,0x08,0x00,0x01,0x00,0x01,0x00,0x02,0x00,0x18,0x80,0x01,0x00,0x02,0x00, + 0x02,0x00,0x68,0x60,0x01,0x00,0x02,0x00,0x02,0x00,0x88,0x1f,0x01,0x00,0x02, + 0x00,0x02,0x00,0x08,0x00,0x01,0x00,0x02,0x00,0x02,0x00,0x10,0x80,0x00,0x00, + 0x03,0x00,0x06,0x00,0x60,0x60,0x00,0x80,0x02,0x00,0x0c,0x00,0x80,0x1f,0x00, + 0x40,0x01,0x00,0x14,0x00,0x00,0x00,0x00,0x20,0x01,0x00,0x28,0x00,0x00,0x00, + 0x00,0x90,0x00,0x00,0x50,0x00,0x00,0x00,0x00,0x48,0x00,0x00,0xa0,0x01,0x00, + 0x00,0x00,0x26,0x00,0x00,0x40,0x1e,0x00,0x00,0xc0,0x11,0x00,0x00,0x80,0xe1, + 0x03,0x00,0x3c,0x0c,0x00,0x00,0x00,0x0e,0xfc,0xff,0x83,0x03,0x00,0x00,0x00, + 0xf0,0x01,0x00,0x78,0x00,0x00,0x00,0x00,0x00,0xfe,0xff,0x0f,0x00,0x00,0x00, + 0x00,0x80,0x03,0x00,0x0c,0x00,0x00,0x00,0x00,0x80,0x02,0x00,0x14,0x00,0x00, + 0x00,0x00,0x60,0x04,0x00,0x12,0x00,0x00,0xc0,0x7f,0x10,0x04,0x00,0x22,0xe0, + 0x01,0x70,0xc0,0x18,0x08,0x00,0x61,0x1c,0x06,0x10,0x00,0x0f,0x30,0xc0,0x80, + 0x07,0x08,0x08,0x00,0x06,0xc0,0x3f,0x80,0x01,0x08,0x08,0x00,0x18,0x00,0x02, + 0xc0,0x00,0x10,0x04,0x00,0x30,0x00,0x05,0x30,0x00,0x10,0x04,0x00,0x00,0x80, + 0x08,0x18,0x00,0x20,0x04,0x00,0x00,0x80,0x08,0x00,0x00,0x20,0x04,0x00,0x00, + 0x40,0x10,0x00,0x00,0x20,0x24,0x00,0x00,0x40,0x10,0x00,0x00,0x22,0x24,0x00, + 0x00,0x40,0x10,0x00,0x00,0x22,0x44,0x00,0x00,0x40,0x10,0x00,0x00,0x11,0x84, + 0x01,0x00,0xc0,0x18,0x00,0xc0,0x10,0x08,0x00,0x00,0x80,0x08,0x00,0x00,0x08, + 0x30,0x00,0x00,0x80,0x08,0x00,0x00,0x04,0xe0,0xff,0xff,0xff,0xf8,0xff,0xff, + 0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00}; diff --git a/appl/xnlock/nose.front b/appl/xnlock/nose.front new file mode 100644 index 000000000000..64b82015c6a7 --- /dev/null +++ b/appl/xnlock/nose.front @@ -0,0 +1,38 @@ +#define nose_front_width 64 +#define nose_front_height 64 +static unsigned char nose_front_bits[] = { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0xc0,0xff,0xff,0x07,0x00,0x00,0x00,0x00,0x40,0x00, + 0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40, + 0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00, + 0x40,0x00,0x00,0x04,0x00,0x00,0x00,0xf8,0xff,0xff,0xff,0xff,0x3f,0x00,0x00, + 0x08,0x00,0xc0,0x1f,0x00,0x20,0x00,0x00,0x08,0x00,0x30,0x60,0x00,0x20,0x00, + 0x00,0xf8,0xff,0x0f,0x80,0xff,0x3f,0x00,0x00,0x00,0x02,0x02,0x00,0x82,0x00, + 0x00,0x00,0x00,0x03,0x01,0x00,0x84,0x01,0x00,0x00,0x00,0x81,0x00,0x00,0x08, + 0x01,0x00,0x00,0x80,0x80,0x00,0x00,0x08,0x02,0x00,0x00,0x80,0x40,0x00,0x00, + 0x10,0x02,0x00,0x00,0x40,0x40,0x00,0x00,0x10,0x04,0x00,0x00,0x40,0x20,0x00, + 0x00,0x20,0x04,0x00,0x00,0x60,0x20,0x00,0x00,0x20,0x0c,0x00,0x00,0x20,0x20, + 0x00,0x00,0x20,0x08,0x00,0x00,0x20,0x20,0x00,0x00,0x20,0x08,0x00,0x00,0x10, + 0x20,0x00,0x00,0x20,0x10,0x00,0x00,0x10,0x20,0x00,0x00,0x20,0x10,0x00,0x00, + 0x10,0x20,0x00,0x00,0x20,0x10,0x00,0x00,0x10,0x40,0x00,0x00,0x10,0x10,0x00, + 0x00,0x10,0x40,0x00,0x00,0x10,0x10,0x00,0x00,0x10,0x80,0x00,0x00,0x08,0x10, + 0x00,0x00,0x10,0x80,0x00,0x00,0x08,0x10,0x00,0x00,0x30,0x00,0x01,0x00,0x04, + 0x18,0x00,0x00,0x20,0x00,0x02,0x00,0x02,0x08,0x00,0x00,0x20,0x00,0x0c,0x80, + 0x01,0x08,0x00,0x00,0x60,0x00,0x30,0x60,0x00,0x0c,0x00,0x00,0x40,0x00,0xc0, + 0x1f,0x00,0x04,0x00,0x00,0xc0,0x00,0x00,0x00,0x00,0x06,0x00,0x00,0x00,0x01, + 0x00,0x00,0x00,0x02,0x00,0x00,0x00,0xfe,0xff,0xff,0xff,0x01,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x0f,0xc0,0x0f,0x00,0x00,0x00, + 0x00,0x40,0x10,0x20,0x10,0x00,0x00,0x00,0x00,0x20,0x60,0x30,0x20,0x00,0x00, + 0x00,0x00,0x20,0xc0,0x18,0x20,0x00,0x00,0xc0,0x7f,0x10,0x80,0x0d,0x40,0xe0, + 0x01,0x70,0xc0,0x18,0x00,0x05,0x40,0x1c,0x06,0x10,0x00,0x0f,0x00,0x05,0x80, + 0x07,0x08,0x08,0x00,0x06,0x00,0x05,0x80,0x01,0x08,0x08,0x00,0x18,0x00,0x05, + 0xc0,0x00,0x10,0x04,0x00,0x30,0x00,0x05,0x30,0x00,0x10,0x04,0x00,0x00,0x80, + 0x08,0x18,0x00,0x20,0x04,0x00,0x00,0x80,0x08,0x00,0x00,0x20,0x04,0x00,0x00, + 0x40,0x10,0x00,0x00,0x20,0x24,0x00,0x00,0x40,0x10,0x00,0x00,0x22,0x24,0x00, + 0x00,0x40,0x10,0x00,0x00,0x22,0x44,0x00,0x00,0x40,0x10,0x00,0x00,0x11,0x84, + 0x01,0x00,0xc0,0x18,0x00,0xc0,0x10,0x08,0x00,0x00,0x80,0x08,0x00,0x00,0x08, + 0x30,0x00,0x00,0x80,0x08,0x00,0x00,0x04,0xe0,0xff,0xff,0xff,0xf8,0xff,0xff, + 0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00}; diff --git a/appl/xnlock/nose.left.front b/appl/xnlock/nose.left.front new file mode 100644 index 000000000000..3a871eaaa150 --- /dev/null +++ b/appl/xnlock/nose.left.front @@ -0,0 +1,38 @@ +#define nose_left_front_width 64 +#define nose_left_front_height 64 +static unsigned char nose_left_front_bits[] = { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0xc0,0xff,0xff,0x07,0x00,0x00,0x00,0x00,0x40,0x00, + 0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40, + 0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x04,0x00,0x00,0x00,0x00, + 0x40,0x00,0x00,0x04,0x00,0x00,0x00,0xf8,0xff,0xff,0xff,0xff,0x3f,0x00,0x00, + 0x08,0x00,0xe0,0x0f,0x00,0x20,0x00,0x00,0x08,0x00,0x18,0x30,0x00,0x20,0x00, + 0x00,0xf8,0xff,0x07,0xc0,0xff,0x3f,0x00,0x00,0x00,0x02,0x01,0x00,0x81,0x00, + 0x00,0x00,0x00,0x83,0x00,0x00,0x82,0x01,0x00,0x00,0x00,0x41,0x00,0x00,0x04, + 0x01,0x00,0x00,0x80,0x40,0x00,0x00,0x04,0x02,0x00,0x00,0x80,0x20,0x00,0x00, + 0x08,0x02,0x00,0x00,0x40,0x20,0x00,0x00,0x08,0x04,0x00,0x00,0x40,0x10,0x00, + 0x00,0x10,0x04,0x00,0x00,0x60,0x10,0x00,0x00,0x10,0x0c,0x00,0x00,0x20,0x10, + 0x00,0x00,0x10,0x08,0x00,0x00,0x30,0x10,0x00,0x00,0x10,0x08,0x00,0x00,0x10, + 0x10,0x00,0x00,0x10,0x10,0x00,0x00,0x10,0x10,0x00,0x00,0x10,0x10,0x00,0x00, + 0x10,0x10,0x00,0x00,0x10,0x10,0x00,0x00,0x10,0x20,0x00,0x00,0x08,0x10,0x00, + 0x00,0x10,0x20,0x00,0x00,0x08,0x10,0x00,0x00,0x10,0x40,0x00,0x00,0x04,0x10, + 0x00,0x00,0x30,0x40,0x00,0x00,0x04,0x10,0x00,0x00,0x20,0x80,0x00,0x00,0x02, + 0x18,0x00,0x00,0x20,0x00,0x01,0x00,0x01,0x08,0x00,0x00,0x60,0x00,0x06,0xc0, + 0x00,0x08,0x00,0x00,0x80,0x00,0x18,0x30,0x00,0x0c,0x00,0x00,0x80,0x00,0xe0, + 0x0f,0x00,0x04,0x00,0x00,0x80,0x01,0x00,0x00,0x00,0x06,0x00,0x00,0x00,0x01, + 0x00,0x00,0x00,0x02,0x00,0x00,0x00,0xfe,0xff,0xff,0xff,0x01,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xf8,0x0f,0x00,0x00,0x00, + 0x00,0xff,0x00,0x04,0x10,0x00,0x00,0x00,0xe0,0x00,0x07,0x02,0x10,0x00,0x00, + 0x00,0x30,0x00,0x8c,0x01,0x20,0x00,0x00,0x00,0x0c,0x00,0x90,0x00,0x20,0x00, + 0x00,0x00,0x04,0x03,0x60,0x00,0x20,0x00,0x00,0x00,0xc2,0x00,0xc0,0x00,0x20, + 0x00,0x00,0x00,0x42,0x00,0x00,0x01,0x20,0x00,0x00,0x00,0x21,0x00,0x00,0x02, + 0x20,0x00,0x00,0x00,0x21,0x00,0x00,0x06,0x20,0x00,0x00,0x00,0x21,0x00,0x00, + 0x00,0x20,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x03,0x00, + 0x00,0x00,0x40,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x02, + 0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x20,0x00,0x00,0x00, + 0x18,0x00,0x00,0x00,0x20,0x00,0x00,0x00,0x70,0x00,0x00,0x00,0x10,0x00,0x00, + 0x00,0xc0,0xff,0xff,0xff,0x0f,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00}; diff --git a/appl/xnlock/nose.right.front b/appl/xnlock/nose.right.front new file mode 100644 index 000000000000..f8214174e87c --- /dev/null +++ b/appl/xnlock/nose.right.front @@ -0,0 +1,38 @@ +#define nose_right_front_width 64 +#define nose_right_front_height 64 +static unsigned char nose_right_front_bits[] = { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0xe0,0xff,0xff,0x03,0x00,0x00,0x00,0x00,0x20,0x00, + 0x00,0x02,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x20, + 0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x02,0x00,0x00,0x00,0x00, + 0x20,0x00,0x00,0x02,0x00,0x00,0x00,0xfc,0xff,0xff,0xff,0xff,0x1f,0x00,0x00, + 0x04,0x00,0xf0,0x07,0x00,0x10,0x00,0x00,0x04,0x00,0x0c,0x18,0x00,0x10,0x00, + 0x00,0xfc,0xff,0x03,0xe0,0xff,0x1f,0x00,0x00,0x00,0x81,0x00,0x80,0x40,0x00, + 0x00,0x00,0x80,0x41,0x00,0x00,0xc1,0x00,0x00,0x00,0x80,0x20,0x00,0x00,0x82, + 0x00,0x00,0x00,0x40,0x20,0x00,0x00,0x02,0x01,0x00,0x00,0x40,0x10,0x00,0x00, + 0x04,0x01,0x00,0x00,0x20,0x10,0x00,0x00,0x04,0x02,0x00,0x00,0x20,0x08,0x00, + 0x00,0x08,0x02,0x00,0x00,0x30,0x08,0x00,0x00,0x08,0x06,0x00,0x00,0x10,0x08, + 0x00,0x00,0x08,0x04,0x00,0x00,0x10,0x08,0x00,0x00,0x08,0x0c,0x00,0x00,0x08, + 0x08,0x00,0x00,0x08,0x08,0x00,0x00,0x08,0x08,0x00,0x00,0x08,0x08,0x00,0x00, + 0x08,0x08,0x00,0x00,0x08,0x08,0x00,0x00,0x08,0x10,0x00,0x00,0x04,0x08,0x00, + 0x00,0x08,0x10,0x00,0x00,0x04,0x08,0x00,0x00,0x08,0x20,0x00,0x00,0x02,0x08, + 0x00,0x00,0x08,0x20,0x00,0x00,0x02,0x0c,0x00,0x00,0x18,0x40,0x00,0x00,0x01, + 0x04,0x00,0x00,0x10,0x80,0x00,0x80,0x00,0x04,0x00,0x00,0x10,0x00,0x03,0x60, + 0x00,0x06,0x00,0x00,0x30,0x00,0x0c,0x18,0x00,0x01,0x00,0x00,0x20,0x00,0xf0, + 0x07,0x00,0x01,0x00,0x00,0x60,0x00,0x00,0x00,0x80,0x01,0x00,0x00,0x40,0x00, + 0x00,0x00,0x80,0x00,0x00,0x00,0x80,0xff,0xff,0xff,0x7f,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xf0,0x1f,0x00,0x00,0x00,0x00,0x00, + 0x00,0x08,0x20,0x00,0xff,0x00,0x00,0x00,0x00,0x08,0x40,0xe0,0x00,0x07,0x00, + 0x00,0x00,0x04,0x80,0x31,0x00,0x0c,0x00,0x00,0x00,0x04,0x00,0x09,0x00,0x30, + 0x00,0x00,0x00,0x04,0x00,0x06,0xc0,0x20,0x00,0x00,0x00,0x04,0x00,0x03,0x00, + 0x43,0x00,0x00,0x00,0x04,0x80,0x00,0x00,0x42,0x00,0x00,0x00,0x04,0x40,0x00, + 0x00,0x84,0x00,0x00,0x00,0x04,0x60,0x00,0x00,0x84,0x00,0x00,0x00,0x04,0x00, + 0x00,0x00,0x84,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x02, + 0x00,0x00,0x00,0xc0,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x40,0x00,0x00,0x00, + 0x02,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x20,0x00,0x00, + 0x00,0x04,0x00,0x00,0x00,0x18,0x00,0x00,0x00,0x08,0x00,0x00,0x00,0x0e,0x00, + 0x00,0x00,0xf0,0xff,0xff,0xff,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00}; diff --git a/appl/xnlock/xnlock.1 b/appl/xnlock/xnlock.1 new file mode 100644 index 000000000000..1adc9b5771c4 --- /dev/null +++ b/appl/xnlock/xnlock.1 @@ -0,0 +1,123 @@ +.\" xnlock -- Dan Heller 1985 +.TH XNLOCK 1 "19 April 1990" +.SH NAME +xnlock \- amusing lock screen program with message for passers-by +.SH SYNOPSIS +.B xnlock +[ +\fIoptions\fP +] +[ +\fImessage\fP +] +.SH DESCRIPTION +.I xnlock +is a program that acts as a screen saver for workstations running X11. +It also "locks" the screen such that the workstation can be left +unattended without worry that someone else will walk up to it and +mess everything up. When \fIxnlock\fP is running, a little man with +a big nose and a hat runs around spewing out messages to the screen. +By default, the messages are "humorous", but that depends on your +sense of humor. +.LP +If a key or mouse button is pressed, a prompt is printed requesting the +user's password. If a RETURN is not typed within 30 seconds, +the little man resumes running around. +.LP +Text on the command line is used as the message. For example: +.br + % xnlock I\'m out to lunch for a couple of hours. +.br +Note the need to quote shell metacharacters. +.LP +In the absence of flags or text, \fIxnlock\fP displays random fortunes. +.SH OPTIONS +Command line options override all resource specifications. +All arguments that are not associated with a command line option +is taken to be message text that the little man will "say" every +once in a while. The resource \fBxnlock.text\fP may be set to +a string. +.TP +.BI \-fn " fontname" +The default font is the first 18 point font in the \fInew century schoolbook\fP +family. While larger fonts are recokmmended over smaller ones, any font +in the server's font list will work. The resource to use for this option +is \fBxnlock.font\fP. +.TP +.BI \-filename " filename" +Take the message to be displayed from the file \fIfilename\fP. +If \fIfilename\fP is not specified, \fI$HOME/.msgfile\fP is used. +If the contents of the file are changed during runtime, the most recent text +of the file is used (allowing the displayed message to be altered remotely). +Carriage returns within the text are allowed, but tabs or other control +characters are not translated and should not be used. +The resource available for this option is \fBxnlock.file\fP. +.TP +.BI \-ar +Accept root's password to unlock screen. This option is true by +default. The reason for this is so that someone's screen may be +unlocked by autorized users in case of emergency and the person +running the program is still out to lunch. The resource available +for specifying this option is \fBxnlock.acceptRootPasswd\fP. +.TP +.BI \-noar +Don't accept root's password. This option is for paranoids who +fear their peers might breakin using root's password and remove +their files anyway. Specifying this option on the command line +overrides the \fBxnlock.acceptRootPasswd\fP if set to True. +.TP +.BI \-ip +Ignore password prompt. +The resource available for this option is \fBxnlock.ignorePasswd\fP. +.TP +.BI \-noip +Don't ignore password prompt. This is available in order to +override the resource \fBignorePasswd\fP if set to True. +.TP +.BI -fg " color" +Specifies the foreground color. The resource available for this +is \fBxnlock.foreground\fP. +.TP +.BI -bg " color" +Specifies the background color. The resource available for this +is \fBxnlock.background\fP. +.TP +.BI \-rv +Reverse the foreground and background colors. +The resource for this is \fBxvnlock.reverseVideo\fP. +.TP +.BI \-norv +Don't use reverse video. This is available to override the reverseVideo +resource if set to True. +.TP +.BI \-prog " program" +Receive message text from the running program \fIprogram\fP. If there +are arguments to \fIprogram\fP, encase them with the name of the program in +quotes (e.g. xnlock -t "fortune -o"). +The resource for this is \fBxnlock.program\fP. +.SH RESOURCES +.br +xnlock.font: fontname +.br +xnlock.foreground: color +.br +xnlock.background: color +.br +xnlock.reverseVideo: True/False +.br +xnlock.text: Some random text string +.br +xnlock.program: program [args] +.br +xnlock.ignorePasswd: True/False +.br +xnlock.acceptRootPasswd: True/False +.SH FILES +\fIxnlock\fP executable file +.br +~/.msgfile default message file +.SH AUTHOR +Dan Heller Copyright (c) 1985, 1990. +.br +The original version of this program was written using pixrects on +a Sun 2 running SunOS 1.1. diff --git a/appl/xnlock/xnlock.c b/appl/xnlock/xnlock.c new file mode 100644 index 000000000000..c19066f3323e --- /dev/null +++ b/appl/xnlock/xnlock.c @@ -0,0 +1,1083 @@ +/* + * xnlock -- Dan Heller, 1990 + * "nlock" is a "new lockscreen" type program... something that prevents + * screen burnout by making most of it "black" while providing something + * of interest to be displayed in case anyone is watching. + * "xnlock" is the X11 version of the program. + * Original sunview version written by Dan Heller 1985 (not included here). + */ +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id$"); +#endif + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_PWD_H +#include +#endif +#ifdef HAVE_CRYPT_H +#undef des_encrypt +#define des_encrypt wingless_pigs_mostly_fail_to_fly +#include +#undef des_encrypt +#endif + +#ifdef KRB5 +#include +#include +#endif + +#include +#include + +static char login[16]; +static char userprompt[128]; +#ifdef KRB5 +static krb5_context context; +static krb5_principal client; +#endif + +#define font_height(font) (font->ascent + font->descent) + +static char *SPACE_STRING = " "; +static char STRING[] = "****************"; + +#define STRING_LENGTH (sizeof(STRING)) +#define MAX_PASSWD_LENGTH 256 +/* (sizeof(STRING)) */ + +#define PROMPT "Password: " +#define FAIL_MSG "Sorry, try again" +#define LEFT 001 +#define RIGHT 002 +#define DOWN 004 +#define UP 010 +#define FRONT 020 +#define X_INCR 3 +#define Y_INCR 2 +#define XNLOCK_CTRL 1 +#define XNLOCK_NOCTRL 0 + +static XtAppContext app; +static Display *dpy; +static unsigned short Width, Height; +static Widget widget; +static GC gc; +static XtIntervalId timeout_id; +static char *words; +static int x, y; +static Pixel Black, White; +static XFontStruct *font; +static char root_cpass[128]; +static char user_cpass[128]; +static int time_left, prompt_x, prompt_y, time_x, time_y; +static unsigned long interval; +static Pixmap left0, left1, right0, right1, left_front, + right_front, front, down; + +#define MAXLINES 40 + +#define IS_MOVING 1 +#define GET_PASSWD 2 +static int state; /* indicates states: walking or getting passwd */ + +static int ALLOW_LOGOUT = (60*10); /* Allow logout after nn seconds */ +#define LOGOUT_PASSWD "enuHDmTo5Lq4g" /* when given password "LOGOUT" */ +static time_t locked_at; + +struct appres_t { + Pixel bg; + Pixel fg; + XFontStruct *font; + Boolean ignore_passwd; + Boolean do_reverse; + Boolean accept_root; + char *text, *text_prog, *file, *logoutPasswd; + Boolean no_screensaver; + Boolean destroytickets; +} appres; + +static XtResource resources[] = { + { XtNbackground, XtCBackground, XtRPixel, sizeof(Pixel), + XtOffsetOf(struct appres_t, bg), XtRString, "black" }, + + { XtNforeground, XtCForeground, XtRPixel, sizeof(Pixel), + XtOffsetOf(struct appres_t, fg), XtRString, "white" }, + + { XtNfont, XtCFont, XtRFontStruct, sizeof (XFontStruct *), + XtOffsetOf(struct appres_t, font), + XtRString, "-*-new century schoolbook-*-*-*-18-*" }, + + { "ignorePasswd", "IgnorePasswd", XtRBoolean, sizeof(Boolean), + XtOffsetOf(struct appres_t,ignore_passwd),XtRImmediate,(XtPointer)False }, + + { "acceptRootPasswd", "AcceptRootPasswd", XtRBoolean, sizeof(Boolean), + XtOffsetOf(struct appres_t, accept_root), XtRImmediate, (XtPointer)True }, + + { "text", "Text", XtRString, sizeof(String), + XtOffsetOf(struct appres_t, text), XtRString, "I'm out running around." }, + + { "program", "Program", XtRString, sizeof(String), + XtOffsetOf(struct appres_t, text_prog), XtRImmediate, NULL }, + + { "file", "File", XtRString, sizeof(String), + XtOffsetOf(struct appres_t,file), XtRImmediate, NULL }, + + { "logoutPasswd", "logoutPasswd", XtRString, sizeof(String), + XtOffsetOf(struct appres_t, logoutPasswd), XtRString, LOGOUT_PASSWD }, + + { "noScreenSaver", "NoScreenSaver", XtRBoolean, sizeof(Boolean), + XtOffsetOf(struct appres_t,no_screensaver), XtRImmediate, (XtPointer)True }, + + { "destroyTickets", "DestroyTickets", XtRBoolean, sizeof(Boolean), + XtOffsetOf(struct appres_t,destroytickets), XtRImmediate, (XtPointer)True }, +}; + +static XrmOptionDescRec options[] = { + { "-fg", ".foreground", XrmoptionSepArg, NULL }, + { "-foreground", ".foreground", XrmoptionSepArg, NULL }, + { "-fn", ".font", XrmoptionSepArg, NULL }, + { "-font", ".font", XrmoptionSepArg, NULL }, + { "-ip", ".ignorePasswd", XrmoptionNoArg, "True" }, + { "-noip", ".ignorePasswd", XrmoptionNoArg, "False" }, + { "-ar", ".acceptRootPasswd", XrmoptionNoArg, "True" }, + { "-noar", ".acceptRootPasswd", XrmoptionNoArg, "False" }, + { "-nonoscreensaver", ".noScreenSaver", XrmoptionNoArg, "False" }, + { "-nodestroytickets", ".destroyTickets", XrmoptionNoArg, "False" }, +}; + +static char* +get_words(void) +{ + FILE *pp = NULL; + static char buf[512]; + long n; + + if (appres.text_prog) { + pp = popen(appres.text_prog, "r"); + if (!pp) { + warn("popen %s", appres.text_prog); + return appres.text; + } + n = fread(buf, 1, sizeof(buf) - 1, pp); + buf[n] = 0; + pclose(pp); + return buf; + } + if (appres.file) { + pp = fopen(appres.file, "r"); + if (!pp) { + warn("fopen %s", appres.file); + return appres.text; + } + n = fread(buf, 1, sizeof(buf) - 1, pp); + buf[n] = 0; + fclose(pp); + return buf; + } + + return appres.text; +} + +static void +usage(int exit_code) +{ + fprintf(stderr, "usage: %s [options] [message]\n", getprogname()); + fprintf(stderr, "-fg color foreground color\n"); + fprintf(stderr, "-bg color background color\n"); + fprintf(stderr, "-rv reverse foreground/background colors\n"); + fprintf(stderr, "-nrv no reverse video\n"); + fprintf(stderr, "-ip ignore passwd\n"); + fprintf(stderr, "-nip don't ignore passwd\n"); + fprintf(stderr, "-ar accept root's passwd to unlock\n"); + fprintf(stderr, "-nar don't accept root's passwd\n"); + fprintf(stderr, "-f [file] message is read from file or ~/.msgfile\n"); + fprintf(stderr, "-prog program text is gotten from executing `program'\n"); + fprintf(stderr, "-nodestroytickets keep kerberos tickets\n"); + fprintf(stderr, "--version\n"); + fprintf(stderr, "--help\n"); + exit(exit_code); +} + +static void +init_words (int argc, char **argv) +{ + int i = 0; + + while(argv[i]) { + if(strcmp(argv[i], "-p") == 0 + || strcmp(argv[i], "-prog") == 0) { + i++; + if(argv[i]) { + appres.text_prog = argv[i]; + i++; + } else { + warnx ("-p requires an argument"); + usage(1); + } + } else if(strcmp(argv[i], "-f") == 0) { + i++; + if(argv[i]) { + appres.file = argv[i]; + i++; + } else { + int ret; + ret = asprintf (&appres.file, + "%s/.msgfile", getenv("HOME")); + if (ret == -1) + errx (1, "cannot allocate memory for message"); + } + } else if(strcmp(argv[i], "--version") == 0) { + print_version(NULL); + exit(0); + } else if(strcmp(argv[i], "--help") == 0) { + usage(0); + } else { + int j; + int len = 1; + for(j = i; argv[j]; j++) + len += strlen(argv[j]) + 1; + appres.text = malloc(len); + if (appres.text == NULL) + errx (1, "cannot allocate memory for message"); + appres.text[0] = 0; + for(; i < j; i++){ + strlcat(appres.text, argv[i], len); + strlcat(appres.text, " ", len); + } + } + } +} + +static void +ScreenSaver(int save) +{ + static int timeout, interval, prefer_blank, allow_exp; + if(!appres.no_screensaver){ + if (save) { + XGetScreenSaver(dpy, &timeout, &interval, + &prefer_blank, &allow_exp); + XSetScreenSaver(dpy, 0, interval, prefer_blank, allow_exp); + } else + /* restore state */ + XSetScreenSaver(dpy, timeout, interval, prefer_blank, allow_exp); + } +} + +/* Forward decls necessary */ +static void talk(int force_erase); +static unsigned long look(void); + +static int +zrefresh(void) +{ + switch (fork()) { + case -1: + warn ("zrefresh: fork"); + return -1; + case 0: + /* Child */ + execlp("zrefresh", "zrefresh", NULL); + execl(BINDIR "/zrefresh", "zrefresh", NULL); + return -1; + default: + /* Parent */ + break; + } + return 0; +} + +static void +leave(void) +{ + XUngrabPointer(dpy, CurrentTime); + XUngrabKeyboard(dpy, CurrentTime); + ScreenSaver(0); + XCloseDisplay(dpy); + zrefresh(); + exit(0); +} + +static void +walk(int dir) +{ + int incr = 0; + static int lastdir; + static int up = 1; + static Pixmap frame; + + XSetForeground(dpy, gc, White); + XSetBackground(dpy, gc, Black); + if (dir & (LEFT|RIGHT)) { /* left/right movement (mabye up/down too) */ + up = -up; /* bouncing effect (even if hit a wall) */ + if (dir & LEFT) { + incr = X_INCR; + frame = (up < 0) ? left0 : left1; + } else { + incr = -X_INCR; + frame = (up < 0) ? right0 : right1; + } + if ((lastdir == FRONT || lastdir == DOWN) && dir & UP) { + /* workaround silly bug that leaves screen dust when + * guy is facing forward or down and moves up-left/right. + */ + XCopyPlane(dpy, frame, XtWindow(widget), gc, 0, 0, 64,64, x, y, 1L); + XFlush(dpy); + } + /* note that maybe neither UP nor DOWN is set! */ + if (dir & UP && y > Y_INCR) + y -= Y_INCR; + else if (dir & DOWN && y < (int)Height - 64) + y += Y_INCR; + } + /* Explicit up/down movement only (no left/right) */ + else if (dir == UP) + XCopyPlane(dpy, front, XtWindow(widget), gc, + 0,0, 64,64, x, y -= Y_INCR, 1L); + else if (dir == DOWN) + XCopyPlane(dpy, down, XtWindow(widget), gc, + 0,0, 64,64, x, y += Y_INCR, 1L); + else if (dir == FRONT && frame != front) { + if (up > 0) + up = -up; + if (lastdir & LEFT) + frame = left_front; + else if (lastdir & RIGHT) + frame = right_front; + else + frame = front; + XCopyPlane(dpy, frame, XtWindow(widget), gc, 0, 0, 64,64, x, y, 1L); + } + if (dir & LEFT) + while(--incr >= 0) { + XCopyPlane(dpy, frame, XtWindow(widget), gc, + 0,0, 64,64, --x, y+up, 1L); + XFlush(dpy); + } + else if (dir & RIGHT) + while(++incr <= 0) { + XCopyPlane(dpy, frame, XtWindow(widget), gc, + 0,0, 64,64, ++x, y+up, 1L); + XFlush(dpy); + } + lastdir = dir; +} + +static long +my_random (void) +{ +#ifdef HAVE_RANDOM + return random(); +#else + return rand(); +#endif +} + +static int +think(void) +{ + if (my_random() & 1) + walk(FRONT); + if (my_random() & 1) { + words = get_words(); + return 1; + } + return 0; +} + +static void +move(XtPointer _p, XtIntervalId *_id) +{ + static int dir; + static unsigned int length; + + if (!length) { + int tries = 0; + dir = 0; + if ((my_random() & 1) && think()) { + talk(0); /* sets timeout to itself */ + return; + } + if (!(my_random() % 3) && (interval = look())) { + timeout_id = XtAppAddTimeOut(app, interval, move, NULL); + return; + } + interval = 20 + my_random() % 100; + do { + if (!tries) + length = Width/100 + my_random() % 90, tries = 8; + else + tries--; + switch (my_random() % 8) { + case 0: + if (x - X_INCR*length >= 5) + dir = LEFT; + case 1: + if (x + X_INCR*length <= (int)Width - 70) + dir = RIGHT; + case 2: + if (y - (Y_INCR*length) >= 5) + dir = UP, interval = 40; + case 3: + if (y + Y_INCR*length <= (int)Height - 70) + dir = DOWN, interval = 20; + case 4: + if (x - X_INCR*length >= 5 && y - (Y_INCR*length) >= 5) + dir = (LEFT|UP); + case 5: + if (x + X_INCR * length <= (int)Width - 70 && + y-Y_INCR * length >= 5) + dir = (RIGHT|UP); + case 6: + if (x - X_INCR * length >= 5 && + y + Y_INCR * length <= (int)Height - 70) + dir = (LEFT|DOWN); + case 7: + if (x + X_INCR*length <= (int)Width - 70 && + y + Y_INCR*length <= (int)Height - 70) + dir = (RIGHT|DOWN); + } + } while (!dir); + } + walk(dir); + --length; + timeout_id = XtAppAddTimeOut(app, interval, move, NULL); +} + +static void +post_prompt_box(Window window) +{ + int width = (Width / 3); + int height = font_height(font) * 6; + int box_x, box_y; + + /* make sure the entire nose icon fits in the box */ + if (height < 100) + height = 100; + + if(width < 105 + font->max_bounds.width*STRING_LENGTH) + width = 105 + font->max_bounds.width*STRING_LENGTH; + box_x = (Width - width) / 2; + time_x = prompt_x = box_x + 105; + + time_y = prompt_y = Height / 2; + box_y = prompt_y - 3 * font_height(font); + + /* erase current guy -- text message may still exist */ + XSetForeground(dpy, gc, Black); + XFillRectangle(dpy, window, gc, x, y, 64, 64); + talk(1); /* forcefully erase message if one is being displayed */ + /* Clear area in middle of screen for prompt box */ + XSetForeground(dpy, gc, White); + XFillRectangle(dpy, window, gc, box_x, box_y, width, height); + + /* make a box that's 5 pixels thick. Then add a thin box inside it */ + XSetForeground(dpy, gc, Black); + XSetLineAttributes(dpy, gc, 5, 0, 0, 0); + XDrawRectangle(dpy, window, gc, box_x+5, box_y+5, width-10, height-10); + XSetLineAttributes(dpy, gc, 0, 0, 0, 0); + XDrawRectangle(dpy, window, gc, box_x+12, box_y+12, width-23, height-23); + + XDrawString(dpy, window, gc, + prompt_x, prompt_y-font_height(font), + userprompt, strlen(userprompt)); + XDrawString(dpy, window, gc, prompt_x, prompt_y, PROMPT, strlen(PROMPT)); + /* set background for copyplane and DrawImageString; need reverse video */ + XSetBackground(dpy, gc, White); + XCopyPlane(dpy, right0, window, gc, 0,0, 64,64, + box_x + 20, box_y + (height - 64)/2, 1L); + prompt_x += XTextWidth(font, PROMPT, strlen(PROMPT)); + time_y += 2*font_height(font); +} + +static void +RaiseWindow(Widget w, XEvent *ev, String *s, Cardinal *n) +{ + Widget x; + if(!XtIsRealized(w)) + return; + x = XtParent(w); + XRaiseWindow(dpy, XtWindow(x)); +} + + +static void +ClearWindow(Widget w, XEvent *_event, String *_s, Cardinal *_n) +{ + XExposeEvent *event = (XExposeEvent *)_event; + if (!XtIsRealized(w)) + return; + XClearArea(dpy, XtWindow(w), event->x, event->y, + event->width, event->height, False); + if (state == GET_PASSWD) + post_prompt_box(XtWindow(w)); + if (timeout_id == 0 && event->count == 0) { + timeout_id = XtAppAddTimeOut(app, 1000L, move, NULL); + /* first grab the input focus */ + XSetInputFocus(dpy, XtWindow(w), RevertToPointerRoot, CurrentTime); + /* now grab the pointer and keyboard and contrain to this window */ + XGrabPointer(dpy, XtWindow(w), TRUE, 0, GrabModeAsync, + GrabModeAsync, XtWindow(w), None, CurrentTime); + } +} + +static void +countdown(XtPointer _t, XtIntervalId *_d) +{ + int *timeout = (int *)_t; + char buf[128]; + time_t seconds; + + if (--(*timeout) < 0) { + XExposeEvent event; + XtRemoveTimeOut(timeout_id); + state = IS_MOVING; + event.x = event.y = 0; + event.width = Width, event.height = Height; + ClearWindow(widget, (XEvent *)&event, 0, 0); + timeout_id = XtAppAddTimeOut(app, 200L, move, NULL); + return; + } + seconds = time(0) - locked_at; + if (seconds >= 3600) + snprintf(buf, sizeof(buf), + "Locked for %d:%02d:%02d ", + (int)seconds/3600, (int)seconds/60%60, (int)seconds%60); + else + snprintf(buf, sizeof(buf), + "Locked for %2d:%02d ", + (int)seconds/60, (int)seconds%60); + + XDrawImageString(dpy, XtWindow(widget), gc, + time_x, time_y, buf, strlen(buf)); + XtAppAddTimeOut(app, 1000L, countdown, timeout); + return; +} + +#ifdef KRB5 +static int +verify_krb5(const char *password) +{ + krb5_error_code ret; + krb5_ccache id; + + krb5_cc_default(context, &id); + ret = krb5_verify_user(context, + client, + id, + password, + 0, + NULL); + if (ret == 0){ + if (k_hasafs()) + krb5_afslog(context, id, NULL, NULL); + return 0; + } + if (ret != KRB5KRB_AP_ERR_MODIFIED) + krb5_warn(context, ret, "verify_krb5"); + + return -1; +} +#endif + +static int +verify(char *password) +{ + /* + * First try with root password, if allowed. + */ + if ( appres.accept_root + && strcmp(crypt(password, root_cpass), root_cpass) == 0) + return 0; + + /* + * Password that log out user + */ + if (getuid() != 0 && + geteuid() != 0 && + (time(0) - locked_at) > ALLOW_LOGOUT && + strcmp(crypt(password, appres.logoutPasswd), appres.logoutPasswd) == 0) + { + signal(SIGHUP, SIG_IGN); + kill(-1, SIGHUP); + sleep(5); + /* If the X-server shut down then so will we, else + * continue */ + signal(SIGHUP, SIG_DFL); + } + + /* + * Try copy of users password. + */ + if (strcmp(crypt(password, user_cpass), user_cpass) == 0) + return 0; + + /* + * Try to verify as user in case password change. + */ + if (unix_verify_user(login, password) == 0) + return 0; + +#ifdef KRB5 + /* + * Try to verify as user with kerberos 5. + */ + if(verify_krb5(password) == 0) + return 0; +#endif + + return -1; +} + + +static void +GetPasswd(Widget w, XEvent *_event, String *_s, Cardinal *_n) +{ + XKeyEvent *event = (XKeyEvent *)_event; + static char passwd[MAX_PASSWD_LENGTH]; + static unsigned int cnt; + static int is_ctrl = XNLOCK_NOCTRL; + char c; + KeySym keysym; + int echolen; + int old_state = state; + + if (event->type == ButtonPress) { + x = event->x, y = event->y; + return; + } + if (state == IS_MOVING) { + /* guy is running around--change to post prompt box. */ + XtRemoveTimeOut(timeout_id); + state = GET_PASSWD; + if (appres.ignore_passwd || !strlen(user_cpass)) + leave(); + post_prompt_box(XtWindow(w)); + cnt = 0; + time_left = 30; + countdown((XtPointer)&time_left, 0); + } + if (event->type == KeyRelease) { + keysym = XLookupKeysym(event, 0); + if (keysym == XK_Control_L || keysym == XK_Control_R) { + is_ctrl = XNLOCK_NOCTRL; + } + } + if (event->type != KeyPress) + return; + + time_left = 30; + + keysym = XLookupKeysym(event, 0); + if (keysym == XK_Control_L || keysym == XK_Control_R) { + is_ctrl = XNLOCK_CTRL; + return; + } + if (!XLookupString(event, &c, 1, &keysym, 0)) + return; + if (keysym == XK_Return || keysym == XK_Linefeed) { + passwd[cnt] = 0; + if(old_state == IS_MOVING) + return; + XtRemoveTimeOut(timeout_id); + + if(verify(passwd) == 0) + leave(); + + cnt = 0; + + XDrawImageString(dpy, XtWindow(widget), gc, + time_x, time_y, FAIL_MSG, strlen(FAIL_MSG)); + time_left = 0; + timeout_id = XtAppAddTimeOut(app, 2000L, countdown, &time_left); + return; + } + if (keysym == XK_BackSpace || keysym == XK_Delete || keysym == XK_Left) { + if (cnt) + passwd[cnt--] = ' '; + } else if (keysym == XK_u && is_ctrl == XNLOCK_CTRL) { + while (cnt) { + passwd[cnt--] = ' '; + echolen = min(cnt, STRING_LENGTH); + XDrawImageString(dpy, XtWindow(w), gc, + prompt_x, prompt_y, STRING, echolen); + XDrawImageString(dpy, XtWindow(w), gc, + prompt_x + XTextWidth(font, STRING, echolen), + prompt_y, SPACE_STRING, STRING_LENGTH - echolen + 1); + } + } else if (isprint((unsigned char)c)) { + if ((cnt + 1) >= MAX_PASSWD_LENGTH) + XBell(dpy, 50); + else + passwd[cnt++] = c; + } else + return; + echolen = min(cnt, STRING_LENGTH); + XDrawImageString(dpy, XtWindow(w), gc, + prompt_x, prompt_y, STRING, echolen); + XDrawImageString(dpy, XtWindow(w), gc, + prompt_x + XTextWidth(font, STRING, echolen), + prompt_y, SPACE_STRING, STRING_LENGTH - echolen +1); +} + +#include "nose.0.left" +#include "nose.1.left" +#include "nose.0.right" +#include "nose.1.right" +#include "nose.left.front" +#include "nose.right.front" +#include "nose.front" +#include "nose.down" + +static void +init_images(void) +{ + static Pixmap *images[] = { + &left0, &left1, &right0, &right1, + &left_front, &right_front, &front, &down + }; + static unsigned char *bits[] = { + nose_0_left_bits, nose_1_left_bits, nose_0_right_bits, + nose_1_right_bits, nose_left_front_bits, nose_right_front_bits, + nose_front_bits, nose_down_bits + }; + int i; + + for (i = 0; i < XtNumber(images); i++) + if (!(*images[i] = + XCreatePixmapFromBitmapData(dpy, DefaultRootWindow(dpy), + (char*)(bits[i]), 64, 64, 1, 0, 1))) + XtError("Can't load nose images"); +} + +static void +talk(int force_erase) +{ + unsigned int width = 0, height, Z, total = 0; + static unsigned int X, Y; + static int talking; + static struct { int x, y, width, height; } s_rect; + char *p, *p2; + char buf[BUFSIZ], args[MAXLINES][256]; + + /* clear what we've written */ + if (talking || force_erase) { + if (!talking) + return; + if (talking == 2) { + XSetForeground(dpy, gc, Black); + XDrawString(dpy, XtWindow(widget), gc, X, Y, words, strlen(words)); + } else if (talking == 1) { + XSetForeground(dpy, gc, Black); + XFillRectangle(dpy, XtWindow(widget), gc, s_rect.x-5, s_rect.y-5, + s_rect.width+10, s_rect.height+10); + } + talking = 0; + if (!force_erase) + timeout_id = XtAppAddTimeOut(app, 40L, + (XtTimerCallbackProc)move, + NULL); + return; + } + XSetForeground(dpy, gc, White); + talking = 1; + walk(FRONT); + strlcpy (buf, words, sizeof(buf)); + p = buf; + + /* possibly avoid a lot of work here + * if no CR or only one, then just print the line + */ + if (!(p2 = strchr(p, '\n')) || !p2[1]) { + int w; + + if (p2) + *p2 = 0; + w = XTextWidth(font, words, strlen(words)); + X = x + 32 - w/2; + Y = y - 5 - font_height(font); + /* give us a nice 5 pixel margin */ + if (X < 5) + X = 5; + else if (X + w + 15 > (int)Width + 5) + X = Width - w - 5; + if (Y < 5) + Y = y + 64 + 5 + font_height(font); + XDrawString(dpy, XtWindow(widget), gc, X, Y, words, strlen(words)); + timeout_id = XtAppAddTimeOut(app, 5000L, (XtTimerCallbackProc)talk, + NULL); + talking++; + return; + } + + /* p2 now points to the first '\n' */ + for (height = 0; p[0]; height++) { + int w; + *p2 = 0; + if ((w = XTextWidth(font, p, p2 - p)) > width) + width = w; + total += p2 - p; /* total chars; count to determine reading time */ + strlcpy(args[height], p, sizeof(args[height])); + if (height == MAXLINES - 1) { + puts("Message too long!"); + break; + } + p = p2+1; + if (!(p2 = strchr(p, '\n'))) + break; + } + height++; + + /* Figure out the height and width in pixels (height, width) extend + * the new box by 15 pixels on the sides (30 total) top and bottom. + */ + s_rect.width = width + 30; + s_rect.height = height * font_height(font) + 30; + if (x - s_rect.width - 10 < 5) + s_rect.x = 5; + else + if ((s_rect.x = x+32-(s_rect.width+15)/2) + + s_rect.width+15 > (int)Width-5) + s_rect.x = Width - 15 - s_rect.width; + if (y - s_rect.height - 10 < 5) + s_rect.y = y + 64 + 5; + else + s_rect.y = y - 5 - s_rect.height; + + XSetForeground(dpy, gc, White); + XFillRectangle(dpy, XtWindow(widget), gc, + s_rect.x-5, s_rect.y-5, s_rect.width+10, s_rect.height+10); + + /* make a box that's 5 pixels thick. Then add a thin box inside it */ + XSetForeground(dpy, gc, Black); + XSetLineAttributes(dpy, gc, 5, 0, 0, 0); + XDrawRectangle(dpy, XtWindow(widget), gc, + s_rect.x, s_rect.y, s_rect.width-1, s_rect.height-1); + XSetLineAttributes(dpy, gc, 0, 0, 0, 0); + XDrawRectangle(dpy, XtWindow(widget), gc, + s_rect.x + 7, s_rect.y + 7, s_rect.width - 15, + s_rect.height - 15); + + X = 15; + Y = 15 + font_height(font); + + /* now print each string in reverse order (start at bottom of box) */ + for (Z = 0; Z < height; Z++) { + XDrawString(dpy, XtWindow(widget), gc, s_rect.x+X, s_rect.y+Y, + args[Z], strlen(args[Z])); + Y += font_height(font); + } + timeout_id = XtAppAddTimeOut(app, (total/15) * 1000, + (XtTimerCallbackProc)talk, NULL); +} + +static unsigned long +look(void) +{ + XSetForeground(dpy, gc, White); + XSetBackground(dpy, gc, Black); + if (my_random() % 3) { + XCopyPlane(dpy, (my_random() & 1)? down : front, XtWindow(widget), gc, + 0, 0, 64,64, x, y, 1L); + return 1000L; + } + if (!(my_random() % 5)) + return 0; + if (my_random() % 3) { + XCopyPlane(dpy, (my_random() & 1)? left_front : right_front, + XtWindow(widget), gc, 0, 0, 64,64, x, y, 1L); + return 1000L; + } + if (!(my_random() % 5)) + return 0; + XCopyPlane(dpy, (my_random() & 1)? left0 : right0, XtWindow(widget), gc, + 0, 0, 64,64, x, y, 1L); + return 1000L; +} + +int +main (int argc, char **argv) +{ + int i; + Widget override; + XGCValues gcvalues; + + setprogname (argv[0]); + + /* + * Must be setuid root to read /etc/shadow, copy encrypted + * passwords here and then switch to sane uid. + */ + { + struct passwd *pw; + uid_t uid = getuid(); + if (!(pw = k_getpwuid(0))) + errx (1, "can't get root's passwd!"); + strlcpy(root_cpass, pw->pw_passwd, sizeof(root_cpass)); + + if (!(pw = k_getpwuid(uid))) + errx (1, "Can't get your password entry!"); + strlcpy(user_cpass, pw->pw_passwd, sizeof(user_cpass)); + setuid(uid); + if (uid != 0 && setuid(0) != -1) { + fprintf(stderr, "Failed to drop privileges!\n"); + exit(1); + } + /* Now we're no longer running setuid root. */ + strlcpy(login, pw->pw_name, sizeof(login)); + } + +#if defined(HAVE_SRANDOMDEV) + srandomdev(); +#elif defined(HAVE_RANDOM) + srandom(time(NULL)); +#else + srand (time(NULL)); +#endif + for (i = 0; i < STRING_LENGTH; i++) + STRING[i] = ((unsigned long)my_random() % ('~' - ' ')) + ' '; + + locked_at = time(0); + + snprintf(userprompt, sizeof(userprompt), "User: %s", login); +#ifdef KRB5 + { + krb5_error_code ret; + char *str; + + ret = krb5_init_context(&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + krb5_get_default_principal(context, &client); + krb5_unparse_name(context, client, &str); + snprintf(userprompt, sizeof(userprompt), "User: %s", str); + free(str); + } +#endif + + override = XtVaAppInitialize(&app, "XNlock", options, XtNumber(options), + &argc, argv, NULL, + XtNoverrideRedirect, True, + NULL); + + XtVaGetApplicationResources(override,(XtPointer)&appres, + resources,XtNumber(resources), + NULL); + /* the background is black and the little guy is white */ + Black = appres.bg; + White = appres.fg; + + if (appres.destroytickets) { +#ifdef KRB5 + /*XXX add krb4 code here */ +#endif + } + + dpy = XtDisplay(override); + + if (dpy == 0) + errx (1, "Error: Can't open display"); + + Width = DisplayWidth(dpy, DefaultScreen(dpy)) + 2; + Height = DisplayHeight(dpy, DefaultScreen(dpy)) + 2; + + for(i = 0; i < ScreenCount(dpy); i++){ + Widget shell, core; + + struct xxx{ + Pixel bg; + }res; + + XtResource Res[] = { + { XtNbackground, XtCBackground, XtRPixel, sizeof(Pixel), + XtOffsetOf(struct xxx, bg), XtRString, "black" } + }; + + if(i == DefaultScreen(dpy)) + continue; + + shell = XtVaAppCreateShell(NULL,NULL, applicationShellWidgetClass, dpy, + XtNscreen, ScreenOfDisplay(dpy, i), + XtNoverrideRedirect, True, + XtNx, -1, + XtNy, -1, + NULL); + + XtVaGetApplicationResources(shell, (XtPointer)&res, + Res, XtNumber(Res), + NULL); + + core = XtVaCreateManagedWidget("_foo", widgetClass, shell, + XtNwidth, DisplayWidth(dpy, i), + XtNheight, DisplayHeight(dpy, i), + XtNbackground, res.bg, + NULL); + XtRealizeWidget(shell); + } + + widget = XtVaCreateManagedWidget("_foo", widgetClass, override, + XtNwidth, Width, + XtNheight, Height, + XtNbackground, Black, + NULL); + + init_words(--argc, ++argv); + init_images(); + + gcvalues.foreground = Black; + gcvalues.background = White; + + + font = appres.font; + gcvalues.font = font->fid; + gcvalues.graphics_exposures = False; + gc = XCreateGC(dpy, DefaultRootWindow(dpy), + GCForeground | GCBackground | GCGraphicsExposures | GCFont, + &gcvalues); + + x = Width / 2; + y = Height / 2; + srand (time(0)); + state = IS_MOVING; + + { + static XtActionsRec actions[] = { + { "ClearWindow", ClearWindow }, + { "GetPasswd", GetPasswd }, + { "RaiseWindow", RaiseWindow }, + }; + XtAppAddActions(app, actions, XtNumber(actions)); + XtOverrideTranslations(widget, + XtParseTranslationTable( + ": ClearWindow() \n" + ": GetPasswd() \n" + ": RaiseWindow() \n" + ": GetPasswd() \n" + ": GetPasswd()")); + } + + XtRealizeWidget(override); + if((i = XGrabPointer(dpy, XtWindow(widget), True, 0, GrabModeAsync, + GrabModeAsync, XtWindow(widget), + None, CurrentTime)) != 0) + errx(1, "Failed to grab pointer (%d)", i); + + if((i = XGrabKeyboard(dpy, XtWindow(widget), True, GrabModeAsync, + GrabModeAsync, CurrentTime)) != 0) + errx(1, "Failed to grab keyboard (%d)", i); + ScreenSaver(1); + XtAppMainLoop(app); + exit(0); +} + diff --git a/appl/xnlock/xnlock.cat1 b/appl/xnlock/xnlock.cat1 new file mode 100644 index 000000000000..5e95199f2bc6 --- /dev/null +++ b/appl/xnlock/xnlock.cat1 @@ -0,0 +1,110 @@ +XNLOCK(1) XNLOCK(1) + + + +NNAAMMEE + xnlock - amusing lock screen program with message for passers-by + +SSYYNNOOPPSSIISS + xxnnlloocckk [ _o_p_t_i_o_n_s ] [ _m_e_s_s_a_g_e ] + +DDEESSCCRRIIPPTTIIOONN + _x_n_l_o_c_k is a program that acts as a screen saver for workstations run- + ning X11. It also "locks" the screen such that the workstation can be + left unattended without worry that someone else will walk up to it and + mess everything up. When _x_n_l_o_c_k is running, a little man with a big + nose and a hat runs around spewing out messages to the screen. By + default, the messages are "humorous", but that depends on your sense of + humor. + + If a key or mouse button is pressed, a prompt is printed requesting the + user's password. If a RETURN is not typed within 30 seconds, the lit- + tle man resumes running around. + + Text on the command line is used as the message. For example: + % xnlock I'm out to lunch for a couple of hours. + Note the need to quote shell metacharacters. + + In the absence of flags or text, _x_n_l_o_c_k displays random fortunes. + +OOPPTTIIOONNSS + Command line options override all resource specifications. All argu- + ments that are not associated with a command line option is taken to be + message text that the little man will "say" every once in a while. The + resource xxnnlloocckk..tteexxtt may be set to a string. + + --ffnn _f_o_n_t_n_a_m_e + The default font is the first 18 point font in the _n_e_w _c_e_n_t_u_r_y + _s_c_h_o_o_l_b_o_o_k family. While larger fonts are recokmmended over + smaller ones, any font in the server's font list will work. The + resource to use for this option is xxnnlloocckk..ffoonntt. + + --ffiilleennaammee _f_i_l_e_n_a_m_e + Take the message to be displayed from the file _f_i_l_e_n_a_m_e. If + _f_i_l_e_n_a_m_e is not specified, _$_H_O_M_E_/_._m_s_g_f_i_l_e is used. If the con- + tents of the file are changed during runtime, the most recent + text of the file is used (allowing the displayed message to be + altered remotely). Carriage returns within the text are + allowed, but tabs or other control characters are not translated + and should not be used. The resource available for this option + is xxnnlloocckk..ffiillee. + + --aarr Accept root's password to unlock screen. This option is true by + default. The reason for this is so that someone's screen may be + unlocked by autorized users in case of emergency and the person + running the program is still out to lunch. The resource avail- + able for specifying this option is xxnnlloocckk..aacccceeppttRRoooottPPaasssswwdd. + + --nnooaarr Don't accept root's password. This option is for paranoids who + fear their peers might breakin using root's password and remove + their files anyway. Specifying this option on the command line + overrides the xxnnlloocckk..aacccceeppttRRoooottPPaasssswwdd if set to True. + + --iipp Ignore password prompt. The resource available for this option + is xxnnlloocckk..iiggnnoorreePPaasssswwdd. + + --nnooiipp Don't ignore password prompt. This is available in order to + override the resource iiggnnoorreePPaasssswwdd if set to True. + + --ffgg _c_o_l_o_r + Specifies the foreground color. The resource available for this + is xxnnlloocckk..ffoorreeggrroouunndd. + + --bbgg _c_o_l_o_r + Specifies the background color. The resource available for this + is xxnnlloocckk..bbaacckkggrroouunndd. + + --rrvv Reverse the foreground and background colors. The resource for + this is xxvvnnlloocckk..rreevveerrsseeVViiddeeoo. + + --nnoorrvv Don't use reverse video. This is available to override the + reverseVideo resource if set to True. + + --pprroogg _p_r_o_g_r_a_m + Receive message text from the running program _p_r_o_g_r_a_m. If there + are arguments to _p_r_o_g_r_a_m, encase them with the name of the pro- + gram in quotes (e.g. xnlock -t "fortune -o"). The resource for + this is xxnnlloocckk..pprrooggrraamm. + +RREESSOOUURRCCEESS + xnlock.font: fontname + xnlock.foreground: color + xnlock.background: color + xnlock.reverseVideo: True/False + xnlock.text: Some random text string + xnlock.program: program [args] + xnlock.ignorePasswd: True/False + xnlock.acceptRootPasswd: True/False + +FFIILLEESS + _x_n_l_o_c_k executable file + ~/.msgfile default message file + +AAUUTTHHOORR + Dan Heller Copyright (c) 1985, 1990. + The original version of this program was written using pixrects on a + Sun 2 running SunOS 1.1. + + + + 19 April 1990 XNLOCK(1) diff --git a/autogen.sh b/autogen.sh index c3facbf5c7ee..c8ae49af07be 100644 --- a/autogen.sh +++ b/autogen.sh @@ -3,3 +3,4 @@ # object tree, but this will do if you have all parts of the required # tool-chain installed autoreconf -f -i || { echo "autoreconf failed: $?"; exit 1; } +find . \( -name '*-private.h' -o -name '*-protos.h' \) -delete diff --git a/base/Makefile.am b/base/Makefile.am new file mode 100644 index 000000000000..639136f79c3f --- /dev/null +++ b/base/Makefile.am @@ -0,0 +1,31 @@ + +include $(top_srcdir)/Makefile.am.common + +lib_LTLIBRARIES = libheimbase.la +check_PROGRAMS = test_base + +libheimbase_la_LDFLAGS = -version-info 1:0:0 + +if versionscript +libheimbase_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map +endif + +include_HEADERS = heimbase.h + +dist_libheimbase_la_SOURCES = \ + array.c \ + baselocl.h \ + bool.c \ + dict.c \ + heimbase.c \ + heimbasepriv.h \ + heimqueue.h \ + null.c \ + number.c \ + string.c + +libheimbase_la_DEPENDENCIES = version-script.map + +test_base_LDADD = $(LIB_heimbase) + +EXTRA_DIST = NTMakefile version-script.map diff --git a/lib/auth/afskauthlib/Makefile.in b/base/Makefile.in similarity index 56% rename from lib/auth/afskauthlib/Makefile.in rename to base/Makefile.in index 89c966ad8137..9dc5a5aa14ff 100644 --- a/lib/auth/afskauthlib/Makefile.in +++ b/base/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,16 @@ @SET_MAKE@ -# $Id: Makefile.am 22298 2007-12-14 06:38:06Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -38,13 +39,15 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ +DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ $(top_srcdir)/cf/Makefile.am.common -subdir = lib/auth/afskauthlib +check_PROGRAMS = test_base$(EXEEXT) +@versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map +subdir = base ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -59,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -73,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -83,73 +89,120 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(foodir)" -fooDATA_INSTALL = $(INSTALL_DATA) -DATA = $(foo_DATA) +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" +LTLIBRARIES = $(lib_LTLIBRARIES) +libheimbase_la_LIBADD = +dist_libheimbase_la_OBJECTS = array.lo bool.lo dict.lo heimbase.lo \ + null.lo number.lo string.lo +libheimbase_la_OBJECTS = $(dist_libheimbase_la_OBJECTS) +libheimbase_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libheimbase_la_LDFLAGS) $(LDFLAGS) -o $@ +test_base_SOURCES = test_base.c +test_base_OBJECTS = test_base.$(OBJEXT) +test_base_DEPENDENCIES = $(LIB_heimbase) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(dist_libheimbase_la_SOURCES) test_base.c +DIST_SOURCES = $(dist_libheimbase_la_SOURCES) test_base.c +HEADERS = $(include_HEADERS) +ETAGS = etags +CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -173,10 +226,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -193,6 +247,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -208,31 +264,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -247,10 +317,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -291,70 +363,69 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .o -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -foodir = $(libdir) -foo_DATA = afskauthlib.so -SRCS = verify.c -OBJS = verify.o -CLEANFILES = $(foo_DATA) $(OBJS) so_locations -KAFS = $(top_builddir)/lib/kafs/libkafs.la -@KRB5_FALSE@L = \ -@KRB5_FALSE@ $(KAFS) \ -@KRB5_FALSE@ $(LIB_krb4) \ -@KRB5_FALSE@ $(LIB_hcrypto) \ -@KRB5_FALSE@ $(top_builddir)/lib/roken/libroken.la \ -@KRB5_FALSE@ -lc +lib_LTLIBRARIES = libheimbase.la +libheimbase_la_LDFLAGS = -version-info 1:0:0 $(am__append_1) +include_HEADERS = heimbase.h +dist_libheimbase_la_SOURCES = \ + array.c \ + baselocl.h \ + bool.c \ + dict.c \ + heimbase.c \ + heimbasepriv.h \ + heimqueue.h \ + null.c \ + number.c \ + string.c -@KRB5_TRUE@L = \ -@KRB5_TRUE@ $(KAFS) \ -@KRB5_TRUE@ $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la \ -@KRB5_TRUE@ $(LIB_krb4) \ -@KRB5_TRUE@ $(LIB_hcrypto) \ -@KRB5_TRUE@ $(top_builddir)/lib/roken/libroken.la \ -@KRB5_TRUE@ -lc - -EXTRA_DIST = $(SRCS) +libheimbase_la_DEPENDENCIES = version-script.map +test_base_LDADD = $(LIB_heimbase) +EXTRA_DIST = NTMakefile version-script.map all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .o +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/auth/afskauthlib/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/auth/afskauthlib/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign base/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign base/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -372,35 +443,166 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ + if test -f $$p; then \ + list2="$$list2 $$p"; \ + else :; fi; \ + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ + done + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libheimbase.la: $(libheimbase_la_OBJECTS) $(libheimbase_la_DEPENDENCIES) + $(libheimbase_la_LINK) -rpath $(libdir) $(libheimbase_la_OBJECTS) $(libheimbase_la_LIBADD) $(LIBS) + +clean-checkPROGRAMS: + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +test_base$(EXEEXT): $(test_base_OBJECTS) $(test_base_DEPENDENCIES) + @rm -f test_base$(EXEEXT) + $(LINK) $(test_base_OBJECTS) $(test_base_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/array.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bool.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dict.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/heimbase.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/null.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/number.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/string.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_base.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-fooDATA: $(foo_DATA) +install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) - test -z "$(foodir)" || $(MKDIR_P) "$(DESTDIR)$(foodir)" - @list='$(foo_DATA)'; for p in $$list; do \ + test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(fooDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(foodir)/$$f'"; \ - $(fooDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(foodir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done -uninstall-fooDATA: +uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(foo_DATA)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(foodir)/$$f'"; \ - rm -f "$(DESTDIR)$(foodir)/$$f"; \ - done + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique tags: TAGS -TAGS: +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi ctags: CTAGS -CTAGS: +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ @@ -418,13 +620,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -432,11 +638,12 @@ distdir: $(DISTFILES) top_distdir="$(top_distdir)" distdir="$(distdir)" \ dist-hook check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) $(MAKE) $(AM_MAKEFLAGS) check-local check: check-am -all-am: Makefile $(DATA) all-local +all-am: Makefile $(LTLIBRARIES) $(HEADERS) all-local installdirs: - for dir in "$(DESTDIR)$(foodir)"; do \ + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am @@ -456,21 +663,24 @@ install-strip: mostlyclean-generic: clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool mostlyclean-am +clean-am: clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ + clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile -distclean-am: clean-am distclean-generic +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags dvi: dvi-am @@ -478,39 +688,51 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: -install-data-am: install-fooDATA +install-data-am: install-includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am -install-exec-am: +install-dvi-am: + +install-exec-am: install-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am -mostlyclean-am: mostlyclean-generic mostlyclean-libtool +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf: pdf-am @@ -520,26 +742,28 @@ ps: ps-am ps-am: -uninstall-am: uninstall-fooDATA +uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-fooDATA \ - install-html install-html-am install-info install-info-am \ +.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ + clean clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ + clean-libtool ctags dist-hook distclean distclean-compile \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-data-hook install-dvi \ + install-dvi-am install-exec install-exec-am install-exec-hook \ + install-html install-html-am install-includeHEADERS \ + install-info install-info-am install-libLTLIBRARIES \ install-man install-pdf install-pdf-am install-ps \ install-ps-am install-strip installcheck installcheck-am \ installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ - ps ps-am uninstall uninstall-am uninstall-fooDATA \ - uninstall-hook + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-hook uninstall-includeHEADERS \ + uninstall-libLTLIBRARIES install-suid-programs: @@ -610,6 +834,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -695,7 +922,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -709,15 +936,6 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) fi ; \ done -afskauthlib.so: $(OBJS) - $(LIBTOOL) --mode=link $(CC) -shared -o $@ $(OBJS) $(L) $(LDFLAGS) - -.c.o: - $(CC) $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ - -c `test -f '$<' || echo '$(srcdir)/'`$< - -$(OBJS): $(top_builddir)/include/config.h # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/base/NTMakefile b/base/NTMakefile new file mode 100644 index 000000000000..0668cd6990a7 --- /dev/null +++ b/base/NTMakefile @@ -0,0 +1,53 @@ +######################################################################## +# +# Copyright (c) 2010, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=base + +!include ../windows/NTMakefile.w32 + +INCFILES=$(INCDIR)\heimbase.h + +libheimbase_OBJS = \ + $(OBJ)\array.obj \ + $(OBJ)\bool.obj \ + $(OBJ)\dict.obj \ + $(OBJ)\heimbase.obj \ + $(OBJ)\null.obj \ + $(OBJ)\number.obj \ + $(OBJ)\string.obj + +$(LIBHEIMBASE): $(libheimbase_OBJS) + $(LIBCON) + +all:: $(INCFILES) $(LIBHEIMBASE) + +clean:: + -$(RM) $(INCFILES) diff --git a/base/array.c b/base/array.c new file mode 100644 index 000000000000..7b0d77b1cc11 --- /dev/null +++ b/base/array.c @@ -0,0 +1,234 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "baselocl.h" + +/* + * + */ + +struct heim_array_data { + size_t len; + heim_object_t *val; +}; + +static void +array_dealloc(heim_object_t ptr) +{ + heim_array_t array = ptr; + size_t n; + for (n = 0; n < array->len; n++) + heim_release(array->val[n]); + free(array->val); +} + +struct heim_type_data array_object = { + HEIM_TID_ARRAY, + "dict-object", + NULL, + array_dealloc, + NULL, + NULL, + NULL +}; + +/** + * Allocate an array + * + * @return A new allocated array, free with heim_release() + */ + +heim_array_t +heim_array_create(void) +{ + heim_array_t array; + + array = _heim_alloc_object(&array_object, sizeof(*array)); + if (array == NULL) + return NULL; + + array->val = NULL; + array->len = 0; + + return array; +} + +/** + * Get type id of an dict + * + * @return the type id + */ + +heim_tid_t +heim_array_get_type_id(void) +{ + return HEIM_TID_ARRAY; +} + +/** + * Append object to array + * + * @param array array to add too + * @param object the object to add + * + * @return zero if added, errno otherwise + */ + +int +heim_array_append_value(heim_array_t array, heim_object_t object) +{ + heim_object_t *ptr; + + ptr = realloc(array->val, (array->len + 1) * sizeof(array->val[0])); + if (ptr == NULL) + return ENOMEM; + array->val = ptr; + array->val[array->len++] = heim_retain(object); + + return 0; +} + +/** + * Iterate over all objects in array + * + * @param array array to iterate over + * @param fn function to call on each object + * @param ctx context passed to fn + */ + +void +heim_array_iterate_f(heim_array_t array, heim_array_iterator_f_t fn, void *ctx) +{ + size_t n; + for (n = 0; n < array->len; n++) + fn(array->val[n], ctx); +} + +#ifdef __BLOCKS__ +/** + * Iterate over all objects in array + * + * @param array array to iterate over + * @param fn block to call on each object + */ + +void +heim_array_iterate(heim_array_t array, void (^fn)(heim_object_t)) +{ + size_t n; + for (n = 0; n < array->len; n++) + fn(array->val[n]); +} +#endif + +/** + * Get length of array + * + * @param array array to get length of + * + * @return length of array + */ + +size_t +heim_array_get_length(heim_array_t array) +{ + return array->len; +} + +/** + * Copy value of array + * + * @param array array copy object from + * @param idx index of object, 0 based, must be smaller then + * heim_array_get_length() + * + * @return a retained copy of the object + */ + +heim_object_t +heim_array_copy_value(heim_array_t array, size_t idx) +{ + if (idx >= array->len) + heim_abort("index too large"); + return heim_retain(array->val[idx]); +} + +/** + * Delete value at idx + * + * @param array the array to modify + * @param idx the key to delete + */ + +void +heim_array_delete_value(heim_array_t array, size_t idx) +{ + heim_object_t obj; + if (idx >= array->len) + heim_abort("index too large"); + obj = array->val[idx]; + + array->len--; + + if (idx < array->len) + memmove(&array->val[idx], &array->val[idx + 1], + (array->len - idx) * sizeof(array->val[0])); + + heim_release(obj); +} + +#ifdef __BLOCKS__ +/** + * Get value at idx + * + * @param array the array to modify + * @param idx the key to delete + */ + +void +heim_array_filter(heim_array_t array, bool (^block)(heim_object_t)) +{ + size_t n = 0; + + while (n < array->len) { + if (block(array->val[n])) { + heim_array_delete_value(array, n); + } else { + n++; + } + } +} + +#endif /* __BLOCKS__ */ diff --git a/base/baselocl.h b/base/baselocl.h new file mode 100644 index 000000000000..901e8606fd97 --- /dev/null +++ b/base/baselocl.h @@ -0,0 +1,129 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_SYS_SELECT_H +#include +#endif + +#include +#include +#include +#include +#include + +#ifdef HAVE_UNISTD_H +#include +#endif + +#include "heimqueue.h" +#include "heim_threads.h" +#include "heimbase.h" +#include "heimbasepriv.h" + +#ifdef HAVE_DISPATCH_DISPATCH_H +#include +#endif + +#if defined(__GNUC__) && defined(HAVE___SYNC_ADD_AND_FETCH) + +#define heim_base_atomic_inc(x) __sync_add_and_fetch((x), 1) +#define heim_base_atomic_dec(x) __sync_sub_and_fetch((x), 1) +#define heim_base_atomic_type unsigned int +#define heim_base_atomic_max UINT_MAX + +#define heim_base_exchange_pointer(t,v) __sync_lock_test_and_set((t), (v)) + +#elif defined(_WIN32) + +#define heim_base_atomic_inc(x) InterlockedIncrement(x) +#define heim_base_atomic_dec(x) InterlockedDecrement(x) +#define heim_base_atomic_type LONG +#define heim_base_atomic_max MAXLONG + +#define heim_base_exchange_pointer(t,v) InterlockedExchangePointer((t),(v)) + +#else + +#define HEIM_BASE_NEED_ATOMIC_MUTEX 1 +extern HEIMDAL_MUTEX _heim_base_mutex; + +#define heim_base_atomic_type unsigned int + +static inline heim_base_atomic_type +heim_base_atomic_inc(heim_base_atomic_type *x) +{ + heim_base_atomic_type t; + HEIMDAL_MUTEX_lock(&_heim_base_mutex); + t = ++(*x); + HEIMDAL_MUTEX_unlock(&_heim_base_mutex); + return t; +} + +static inline heim_base_atomic_type +heim_base_atomic_dec(heim_base_atomic_type *x) +{ + heim_base_atomic_type t; + HEIMDAL_MUTEX_lock(&_heim_base_mutex); + t = --(*x); + HEIMDAL_MUTEX_unlock(&_heim_base_mutex); + return t; +} + +#define heim_base_atomic_max UINT_MAX + +#endif + +/* tagged strings/object/XXX */ +#define heim_base_is_tagged(x) (((uintptr_t)(x)) & 0x3) + +#define heim_base_is_tagged_object(x) ((((uintptr_t)(x)) & 0x3) == 1) +#define heim_base_make_tagged_object(x, tid) \ + ((heim_object_t)((((uintptr_t)(x)) << 5) | ((tid) << 2) | 0x1)) +#define heim_base_tagged_object_tid(x) ((((uintptr_t)(x)) & 0x1f) >> 2) +#define heim_base_tagged_object_value(x) (((uintptr_t)(x)) >> 5) + +/* + * + */ + +#undef HEIMDAL_NORETURN_ATTRIBUTE +#define HEIMDAL_NORETURN_ATTRIBUTE +#undef HEIMDAL_PRINTF_ATTRIBUTE +#define HEIMDAL_PRINTF_ATTRIBUTE(x) diff --git a/base/bool.c b/base/bool.c new file mode 100644 index 000000000000..72edcc71ed4d --- /dev/null +++ b/base/bool.c @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "baselocl.h" + +struct heim_type_data _heim_bool_object = { + HEIM_TID_BOOL, + "bool-object", + NULL, + NULL, + NULL, + NULL, + NULL +}; + +heim_bool_t +heim_bool_create(int val) +{ + return heim_base_make_tagged_object(!!val, HEIM_TID_BOOL); +} + +int +heim_bool_val(heim_bool_t ptr) +{ + return heim_base_tagged_object_value(ptr); +} diff --git a/base/dict.c b/base/dict.c new file mode 100644 index 000000000000..1f9d71a0f506 --- /dev/null +++ b/base/dict.c @@ -0,0 +1,282 @@ +/* + * Copyright (c) 2002, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "baselocl.h" + +struct hashentry { + struct hashentry **prev; + struct hashentry *next; + heim_object_t key; + heim_object_t value; +}; + +struct heim_dict_data { + size_t size; + struct hashentry **tab; +}; + +static void +dict_dealloc(void *ptr) +{ + heim_dict_t dict = ptr; + struct hashentry **h, *g, *i; + + for (h = dict->tab; h < &dict->tab[dict->size]; ++h) { + for (g = h[0]; g; g = i) { + i = g->next; + heim_release(g->key); + heim_release(g->value); + free(g); + } + } + free(dict->tab); +} + +struct heim_type_data dict_object = { + HEIM_TID_DICT, + "dict-object", + NULL, + dict_dealloc, + NULL, + NULL, + NULL +}; + +static size_t +isprime(size_t p) +{ + size_t q, i; + + for(i = 2 ; i < p; i++) { + q = p / i; + + if (i * q == p) + return 0; + if (i * i > p) + return 1; + } + return 1; +} + +static size_t +findprime(size_t p) +{ + if (p % 2 == 0) + p++; + + while (isprime(p) == 0) + p += 2; + + return p; +} + +/** + * Allocate an array + * + * @return A new allocated array, free with heim_release() + */ + +heim_dict_t +heim_dict_create(size_t size) +{ + heim_dict_t dict; + + dict = _heim_alloc_object(&dict_object, sizeof(*dict)); + + dict->size = findprime(size); + if (dict->size == 0) { + heim_release(dict); + return NULL; + } + + dict->tab = calloc(dict->size, sizeof(dict->tab[0])); + if (dict->tab == NULL) { + dict->size = 0; + heim_release(dict); + return NULL; + } + + return dict; +} + +/** + * Get type id of an dict + * + * @return the type id + */ + +heim_tid_t +heim_dict_get_type_id(void) +{ + return HEIM_TID_DICT; +} + +/* Intern search function */ + +static struct hashentry * +_search(heim_dict_t dict, heim_object_t ptr) +{ + unsigned long v = heim_get_hash(ptr); + struct hashentry *p; + + for (p = dict->tab[v % dict->size]; p != NULL; p = p->next) + if (heim_cmp(ptr, p->key) == 0) + return p; + + return NULL; +} + +/** + * Search for element in hash table + * + * @value dict the dict to search in + * @value key the key to search for + * + * @return a retained copy of the value for key or NULL if not found + */ + +heim_object_t +heim_dict_copy_value(heim_dict_t dict, heim_object_t key) +{ + struct hashentry *p; + p = _search(dict, key); + if (p == NULL) + return NULL; + + return heim_retain(p->value); +} + +/** + * Add key and value to dict + * + * @value dict the dict to add too + * @value key the key to add + * @value value the value to add + * + * @return 0 if added, errno if not + */ + +int +heim_dict_add_value(heim_dict_t dict, heim_object_t key, heim_object_t value) +{ + struct hashentry **tabptr, *h; + + h = _search(dict, key); + if (h) { + heim_release(h->value); + h->value = heim_retain(value); + } else { + unsigned long v; + + h = malloc(sizeof(*h)); + if (h == NULL) + return ENOMEM; + + h->key = heim_retain(key); + h->value = heim_retain(value); + + v = heim_get_hash(key); + + tabptr = &dict->tab[v % dict->size]; + h->next = *tabptr; + *tabptr = h; + h->prev = tabptr; + if (h->next) + h->next->prev = &h->next; + } + + return 0; +} + +/** + * Delete element with key key + * + * @value dict the dict to delete from + * @value key the key to delete + */ + +void +heim_dict_delete_key(heim_dict_t dict, heim_object_t key) +{ + struct hashentry *h = _search(dict, key); + + if (h == NULL) + return; + + heim_release(h->key); + heim_release(h->value); + + if ((*(h->prev) = h->next) != NULL) + h->next->prev = h->prev; + + free(h); +} + +/** + * Do something for each element + * + * @value dict the dict to interate over + * @value func the function to search for + * @value arg argument to func + */ + +void +heim_dict_iterate_f(heim_dict_t dict, heim_dict_iterator_f_t func, void *arg) +{ + struct hashentry **h, *g; + + for (h = dict->tab; h < &dict->tab[dict->size]; ++h) + for (g = *h; g; g = g->next) + func(g->key, g->value, arg); +} + +#ifdef __BLOCKS__ +/** + * Do something for each element + * + * @value dict the dict to interate over + * @value func the function to search for + */ + +void +heim_dict_iterate(heim_dict_t dict, void (^func)(heim_object_t, heim_object_t)) +{ + struct hashentry **h, *g; + + for (h = dict->tab; h < &dict->tab[dict->size]; ++h) + for (g = *h; g; g = g->next) + func(g->key, g->value); +} +#endif diff --git a/base/heimbase.c b/base/heimbase.c new file mode 100644 index 000000000000..7031af9e4980 --- /dev/null +++ b/base/heimbase.c @@ -0,0 +1,559 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "baselocl.h" +#include + +static heim_base_atomic_type tidglobal = HEIM_TID_USER; + +struct heim_base { + heim_type_t isa; + heim_base_atomic_type ref_cnt; + HEIM_TAILQ_ENTRY(heim_base) autorel; + heim_auto_release_t autorelpool; + uintptr_t isaextra[3]; +}; + +/* specialized version of base */ +struct heim_base_mem { + heim_type_t isa; + heim_base_atomic_type ref_cnt; + HEIM_TAILQ_ENTRY(heim_base) autorel; + heim_auto_release_t autorelpool; + const char *name; + void (*dealloc)(void *); + uintptr_t isaextra[1]; +}; + +#define PTR2BASE(ptr) (((struct heim_base *)ptr) - 1) +#define BASE2PTR(ptr) ((void *)(((struct heim_base *)ptr) + 1)) + +#ifdef HEIM_BASE_NEED_ATOMIC_MUTEX +HEIMDAL_MUTEX _heim_base_mutex = HEIMDAL_MUTEX_INITIALIZER; +#endif + +/* + * Auto release structure + */ + +struct heim_auto_release { + HEIM_TAILQ_HEAD(, heim_base) pool; + HEIMDAL_MUTEX pool_mutex; + struct heim_auto_release *parent; +}; + + +/** + * Retain object + * + * @param object to be released, NULL is ok + * + * @return the same object as passed in + */ + +void * +heim_retain(void *ptr) +{ + struct heim_base *p = PTR2BASE(ptr); + + if (ptr == NULL || heim_base_is_tagged(ptr)) + return ptr; + + if (p->ref_cnt == heim_base_atomic_max) + return ptr; + + if ((heim_base_atomic_inc(&p->ref_cnt) - 1) == 0) + heim_abort("resurection"); + return ptr; +} + +/** + * Release object, free is reference count reaches zero + * + * @param object to be released + */ + +void +heim_release(void *ptr) +{ + heim_base_atomic_type old; + struct heim_base *p = PTR2BASE(ptr); + + if (ptr == NULL || heim_base_is_tagged(ptr)) + return; + + if (p->ref_cnt == heim_base_atomic_max) + return; + + old = heim_base_atomic_dec(&p->ref_cnt) + 1; + + if (old > 1) + return; + + if (old == 1) { + heim_auto_release_t ar = p->autorelpool; + /* remove from autorel pool list */ + if (ar) { + p->autorelpool = NULL; + HEIMDAL_MUTEX_lock(&ar->pool_mutex); + HEIM_TAILQ_REMOVE(&ar->pool, p, autorel); + HEIMDAL_MUTEX_unlock(&ar->pool_mutex); + } + if (p->isa->dealloc) + p->isa->dealloc(ptr); + free(p); + } else + heim_abort("over release"); +} + +static heim_type_t tagged_isa[9] = { + &_heim_number_object, + &_heim_null_object, + &_heim_bool_object, + + NULL, + NULL, + NULL, + + NULL, + NULL, + NULL +}; + +heim_type_t +_heim_get_isa(heim_object_t ptr) +{ + struct heim_base *p; + if (heim_base_is_tagged(ptr)) { + if (heim_base_is_tagged_object(ptr)) + return tagged_isa[heim_base_tagged_object_tid(ptr)]; + heim_abort("not a supported tagged type"); + } + p = PTR2BASE(ptr); + return p->isa; +} + +/** + * Get type ID of object + * + * @param object object to get type id of + * + * @return type id of object + */ + +heim_tid_t +heim_get_tid(heim_object_t ptr) +{ + heim_type_t isa = _heim_get_isa(ptr); + return isa->tid; +} + +/** + * Get hash value of object + * + * @param object object to get hash value for + * + * @return a hash value + */ + +unsigned long +heim_get_hash(heim_object_t ptr) +{ + heim_type_t isa = _heim_get_isa(ptr); + if (isa->hash) + return isa->hash(ptr); + return (unsigned long)ptr; +} + +/** + * Compare two objects, returns 0 if equal, can use used for qsort() + * and friends. + * + * @param a first object to compare + * @param b first object to compare + * + * @return 0 if objects are equal + */ + +int +heim_cmp(heim_object_t a, heim_object_t b) +{ + heim_tid_t ta, tb; + heim_type_t isa; + + ta = heim_get_tid(a); + tb = heim_get_tid(b); + + if (ta != tb) + return ta - tb; + + isa = _heim_get_isa(a); + + if (isa->cmp) + return isa->cmp(a, b); + + return (uintptr_t)a - (uintptr_t)b; +} + +/* + * Private - allocates an memory object + */ + +static void +memory_dealloc(void *ptr) +{ + struct heim_base_mem *p = (struct heim_base_mem *)PTR2BASE(ptr); + if (p->dealloc) + p->dealloc(ptr); +} + +struct heim_type_data memory_object = { + HEIM_TID_MEMORY, + "memory-object", + NULL, + memory_dealloc, + NULL, + NULL, + NULL +}; + +void * +heim_alloc(size_t size, const char *name, heim_type_dealloc dealloc) +{ + /* XXX use posix_memalign */ + + struct heim_base_mem *p = calloc(1, size + sizeof(*p)); + if (p == NULL) + return NULL; + p->isa = &memory_object; + p->ref_cnt = 1; + p->name = name; + p->dealloc = dealloc; + return BASE2PTR(p); +} + +heim_type_t +_heim_create_type(const char *name, + heim_type_init init, + heim_type_dealloc dealloc, + heim_type_copy copy, + heim_type_cmp cmp, + heim_type_hash hash) +{ + heim_type_t type; + + type = calloc(1, sizeof(*type)); + if (type == NULL) + return NULL; + + type->tid = heim_base_atomic_inc(&tidglobal); + type->name = name; + type->init = init; + type->dealloc = dealloc; + type->copy = copy; + type->cmp = cmp; + type->hash = hash; + + return type; +} + +heim_object_t +_heim_alloc_object(heim_type_t type, size_t size) +{ + /* XXX should use posix_memalign */ + struct heim_base *p = calloc(1, size + sizeof(*p)); + if (p == NULL) + return NULL; + p->isa = type; + p->ref_cnt = 1; + + return BASE2PTR(p); +} + +heim_tid_t +_heim_type_get_tid(heim_type_t type) +{ + return type->tid; +} + +/** + * Call func once and only once + * + * @param once pointer to a heim_base_once_t + * @param ctx context passed to func + * @param func function to be called + */ + +void +heim_base_once_f(heim_base_once_t *once, void *ctx, void (*func)(void *)) +{ +#ifdef HAVE_DISPATCH_DISPATCH_H + dispatch_once_f(once, ctx, func); +#else + static HEIMDAL_MUTEX mutex = HEIMDAL_MUTEX_INITIALIZER; + HEIMDAL_MUTEX_lock(&mutex); + if (*once == 0) { + *once = 1; + HEIMDAL_MUTEX_unlock(&mutex); + func(ctx); + HEIMDAL_MUTEX_lock(&mutex); + *once = 2; + HEIMDAL_MUTEX_unlock(&mutex); + } else if (*once == 2) { + HEIMDAL_MUTEX_unlock(&mutex); + } else { + HEIMDAL_MUTEX_unlock(&mutex); + while (1) { + struct timeval tv = { 0, 1000 }; + select(0, NULL, NULL, NULL, &tv); + HEIMDAL_MUTEX_lock(&mutex); + if (*once == 2) + break; + HEIMDAL_MUTEX_unlock(&mutex); + } + HEIMDAL_MUTEX_unlock(&mutex); + } +#endif +} + +/** + * Abort and log the failure (using syslog) + */ + +void +heim_abort(const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + heim_abortv(fmt, ap); + va_end(ap); +} + +/** + * Abort and log the failure (using syslog) + */ + +void +heim_abortv(const char *fmt, va_list ap) +{ + static char str[1024]; + + vsnprintf(str, sizeof(str), fmt, ap); + syslog(LOG_ERR, "heim_abort: %s", str); + abort(); +} + +/* + * + */ + +static int ar_created = 0; +static HEIMDAL_thread_key ar_key; + +struct ar_tls { + struct heim_auto_release *head; + struct heim_auto_release *current; + HEIMDAL_MUTEX tls_mutex; +}; + +static void +ar_tls_delete(void *ptr) +{ + struct ar_tls *tls = ptr; + if (tls->head) + heim_release(tls->head); + free(tls); +} + +static void +init_ar_tls(void *ptr) +{ + int ret; + HEIMDAL_key_create(&ar_key, ar_tls_delete, ret); + if (ret == 0) + ar_created = 1; +} + +static struct ar_tls * +autorel_tls(void) +{ + static heim_base_once_t once = HEIM_BASE_ONCE_INIT; + struct ar_tls *arp; + int ret; + + heim_base_once_f(&once, NULL, init_ar_tls); + if (!ar_created) + return NULL; + + arp = HEIMDAL_getspecific(ar_key); + if (arp == NULL) { + + arp = calloc(1, sizeof(*arp)); + if (arp == NULL) + return NULL; + HEIMDAL_setspecific(ar_key, arp, ret); + if (ret) { + free(arp); + return NULL; + } + } + return arp; + +} + +static void +autorel_dealloc(void *ptr) +{ + heim_auto_release_t ar = ptr; + struct ar_tls *tls; + + tls = autorel_tls(); + if (tls == NULL) + heim_abort("autorelease pool released on thread w/o autorelease inited"); + + heim_auto_release_drain(ar); + + if (!HEIM_TAILQ_EMPTY(&ar->pool)) + heim_abort("pool not empty after draining"); + + HEIMDAL_MUTEX_lock(&tls->tls_mutex); + if (tls->current != ptr) + heim_abort("autorelease not releaseing top pool"); + + if (tls->current != tls->head) + tls->current = ar->parent; + HEIMDAL_MUTEX_unlock(&tls->tls_mutex); +} + +static int +autorel_cmp(void *a, void *b) +{ + return (a == b); +} + +static unsigned long +autorel_hash(void *ptr) +{ + return (unsigned long)ptr; +} + + +static struct heim_type_data _heim_autorel_object = { + HEIM_TID_AUTORELEASE, + "autorelease-pool", + NULL, + autorel_dealloc, + NULL, + autorel_cmp, + autorel_hash +}; + +/** + * + */ + +heim_auto_release_t +heim_auto_release_create(void) +{ + struct ar_tls *tls = autorel_tls(); + heim_auto_release_t ar; + + if (tls == NULL) + heim_abort("Failed to create/get autorelease head"); + + ar = _heim_alloc_object(&_heim_autorel_object, sizeof(struct heim_auto_release)); + if (ar) { + HEIMDAL_MUTEX_lock(&tls->tls_mutex); + if (tls->head == NULL) + tls->head = ar; + ar->parent = tls->current; + tls->current = ar; + HEIMDAL_MUTEX_unlock(&tls->tls_mutex); + } + + return ar; +} + +/** + * Mark the current object as a + */ + +void +heim_auto_release(heim_object_t ptr) +{ + struct heim_base *p = PTR2BASE(ptr); + struct ar_tls *tls = autorel_tls(); + heim_auto_release_t ar; + + if (ptr == NULL || heim_base_is_tagged(ptr)) + return; + + /* drop from old pool */ + if ((ar = p->autorelpool) != NULL) { + HEIMDAL_MUTEX_lock(&ar->pool_mutex); + HEIM_TAILQ_REMOVE(&ar->pool, p, autorel); + p->autorelpool = NULL; + HEIMDAL_MUTEX_unlock(&ar->pool_mutex); + } + + if (tls == NULL || (ar = tls->current) == NULL) + heim_abort("no auto relase pool in place, would leak"); + + HEIMDAL_MUTEX_lock(&ar->pool_mutex); + HEIM_TAILQ_INSERT_HEAD(&ar->pool, p, autorel); + p->autorelpool = ar; + HEIMDAL_MUTEX_unlock(&ar->pool_mutex); +} + +/** + * + */ + +void +heim_auto_release_drain(heim_auto_release_t autorel) +{ + heim_object_t obj; + + /* release all elements on the tail queue */ + + HEIMDAL_MUTEX_lock(&autorel->pool_mutex); + while(!HEIM_TAILQ_EMPTY(&autorel->pool)) { + obj = HEIM_TAILQ_FIRST(&autorel->pool); + HEIMDAL_MUTEX_unlock(&autorel->pool_mutex); + heim_release(BASE2PTR(obj)); + HEIMDAL_MUTEX_lock(&autorel->pool_mutex); + } + HEIMDAL_MUTEX_unlock(&autorel->pool_mutex); +} diff --git a/base/heimbase.h b/base/heimbase.h new file mode 100644 index 000000000000..ad1b3f0c48d3 --- /dev/null +++ b/base/heimbase.h @@ -0,0 +1,188 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef HEIM_BASE_H +#define HEIM_BASE_H 1 + +#include +#include +#include +#include + +typedef void * heim_object_t; +typedef unsigned int heim_tid_t; +typedef heim_object_t heim_bool_t; +typedef heim_object_t heim_null_t; +#define HEIM_BASE_ONCE_INIT 0 +typedef long heim_base_once_t; /* XXX arch dependant */ + +#if !defined(__has_extension) +#define __has_extension(x) 0 +#endif + +#define HEIM_REQUIRE_GNUC(m,n,p) \ + (((__GNUC__ * 10000) + (__GNUC_MINOR__ * 100) + __GNUC_PATCHLEVEL__) >= \ + (((m) * 10000) + ((n) * 100) + (p))) + + +#if __has_extension(__builtin_expect) || HEIM_REQUIRE_GNUC(3,0,0) +#define heim_builtin_expect(_op,_res) __builtin_expect(_op,_res) +#else +#define heim_builtin_expect(_op,_res) (_op) +#endif + + +void * heim_retain(heim_object_t); +void heim_release(heim_object_t); + +typedef void (*heim_type_dealloc)(void *); + +void * +heim_alloc(size_t size, const char *name, heim_type_dealloc dealloc); + +heim_tid_t +heim_get_tid(heim_object_t object); + +int +heim_cmp(heim_object_t a, heim_object_t b); + +unsigned long +heim_get_hash(heim_object_t ptr); + +void +heim_base_once_f(heim_base_once_t *, void *, void (*)(void *)); + +void +heim_abort(const char *fmt, ...) + HEIMDAL_NORETURN_ATTRIBUTE + HEIMDAL_PRINTF_ATTRIBUTE((printf, 1, 2)); + +void +heim_abortv(const char *fmt, va_list ap) + HEIMDAL_NORETURN_ATTRIBUTE + HEIMDAL_PRINTF_ATTRIBUTE((printf, 1, 0)); + +#define heim_assert(e,t) \ + (heim_builtin_expect(!(e), 0) ? heim_abort(t ":" #e) : (void)0) + +/* + * + */ + +heim_null_t +heim_null_create(void); + +heim_bool_t +heim_bool_create(int); + +int +heim_bool_val(heim_bool_t); + +/* + * Array + */ + +typedef struct heim_array_data *heim_array_t; + +heim_array_t heim_array_create(void); +heim_tid_t heim_array_get_type_id(void); + +typedef void (*heim_array_iterator_f_t)(heim_object_t, void *); + +int heim_array_append_value(heim_array_t, heim_object_t); +void heim_array_iterate_f(heim_array_t, heim_array_iterator_f_t, void *); +#ifdef __BLOCKS__ +void heim_array_iterate(heim_array_t, void (^)(heim_object_t)); +#endif +size_t heim_array_get_length(heim_array_t); +heim_object_t + heim_array_copy_value(heim_array_t, size_t); +void heim_array_delete_value(heim_array_t, size_t); +#ifdef __BLOCKS__ +void heim_array_filter(heim_array_t, bool (^)(heim_object_t)); +#endif + +/* + * Dict + */ + +typedef struct heim_dict_data *heim_dict_t; + +heim_dict_t heim_dict_create(size_t size); +heim_tid_t heim_dict_get_type_id(void); + +typedef void (*heim_dict_iterator_f_t)(heim_object_t, heim_object_t, void *); + +int heim_dict_add_value(heim_dict_t, heim_object_t, heim_object_t); +void heim_dict_iterate_f(heim_dict_t, heim_dict_iterator_f_t, void *); +#ifdef __BLOCKS__ +void heim_dict_iterate(heim_dict_t, void (^)(heim_object_t, heim_object_t)); +#endif + +heim_object_t + heim_dict_copy_value(heim_dict_t, heim_object_t); +void heim_dict_delete_key(heim_dict_t, heim_object_t); + +/* + * String + */ + +typedef struct heim_string_data *heim_string_t; + +heim_string_t heim_string_create(const char *); +heim_tid_t heim_string_get_type_id(void); +const char * heim_string_get_utf8(heim_string_t); + +/* + * Number + */ + +typedef struct heim_number_data *heim_number_t; + +heim_number_t heim_number_create(int); +heim_tid_t heim_number_get_type_id(void); +int heim_number_get_int(heim_number_t); + +/* + * + */ + +typedef struct heim_auto_release * heim_auto_release_t; + +heim_auto_release_t heim_auto_release_create(void); +void heim_auto_release_drain(heim_auto_release_t); +void heim_auto_release(heim_object_t); + +#endif /* HEIM_BASE_H */ diff --git a/base/heimbasepriv.h b/base/heimbasepriv.h new file mode 100644 index 000000000000..772962548f48 --- /dev/null +++ b/base/heimbasepriv.h @@ -0,0 +1,91 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +typedef void (*heim_type_init)(void *); +typedef heim_object_t (*heim_type_copy)(void *); +typedef int (*heim_type_cmp)(void *, void *); +typedef unsigned long (*heim_type_hash)(void *); + +typedef struct heim_type_data *heim_type_t; + +enum { + HEIM_TID_NUMBER = 0, + HEIM_TID_NULL = 1, + HEIM_TID_BOOL = 2, + HEIM_TID_TAGGED_UNUSED2 = 3, + HEIM_TID_TAGGED_UNUSED3 = 4, + HEIM_TID_TAGGED_UNUSED4 = 5, + HEIM_TID_TAGGED_UNUSED5 = 6, + HEIM_TID_TAGGED_UNUSED6 = 7, + HEIM_TID_MEMORY = 128, + HEIM_TID_ARRAY = 129, + HEIM_TID_DICT = 130, + HEIM_TID_STRING = 131, + HEIM_TID_AUTORELEASE = 132, + HEIM_TID_USER = 255 + +}; + +struct heim_type_data { + heim_tid_t tid; + const char *name; + heim_type_init init; + heim_type_dealloc dealloc; + heim_type_copy copy; + heim_type_cmp cmp; + heim_type_hash hash; +}; + +heim_type_t _heim_get_isa(heim_object_t); + +heim_type_t +_heim_create_type(const char *name, + heim_type_init init, + heim_type_dealloc dealloc, + heim_type_copy copy, + heim_type_cmp cmp, + heim_type_hash hash); + +heim_object_t +_heim_alloc_object(heim_type_t type, size_t size); + +heim_tid_t +_heim_type_get_tid(heim_type_t type); + +/* tagged tid */ +extern struct heim_type_data _heim_null_object; +extern struct heim_type_data _heim_bool_object; +extern struct heim_type_data _heim_number_object; +extern struct heim_type_data _heim_string_object; diff --git a/base/heimqueue.h b/base/heimqueue.h new file mode 100644 index 000000000000..423a68478792 --- /dev/null +++ b/base/heimqueue.h @@ -0,0 +1,167 @@ +/* $NetBSD: queue.h,v 1.38 2004/04/18 14:12:05 lukem Exp $ */ +/* $Id$ */ + +/* + * Copyright (c) 1991, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)queue.h 8.5 (Berkeley) 8/20/94 + */ + +#ifndef _HEIM_QUEUE_H_ +#define _HEIM_QUEUE_H_ + +/* + * Tail queue definitions. + */ +#define HEIM_TAILQ_HEAD(name, type) \ +struct name { \ + struct type *tqh_first; /* first element */ \ + struct type **tqh_last; /* addr of last next element */ \ +} + +#define HEIM_TAILQ_HEAD_INITIALIZER(head) \ + { NULL, &(head).tqh_first } +#define HEIM_TAILQ_ENTRY(type) \ +struct { \ + struct type *tqe_next; /* next element */ \ + struct type **tqe_prev; /* address of previous next element */ \ +} + +/* + * Tail queue functions. + */ +#if defined(_KERNEL) && defined(QUEUEDEBUG) +#define QUEUEDEBUG_HEIM_TAILQ_INSERT_HEAD(head, elm, field) \ + if ((head)->tqh_first && \ + (head)->tqh_first->field.tqe_prev != &(head)->tqh_first) \ + panic("HEIM_TAILQ_INSERT_HEAD %p %s:%d", (head), __FILE__, __LINE__); +#define QUEUEDEBUG_HEIM_TAILQ_INSERT_TAIL(head, elm, field) \ + if (*(head)->tqh_last != NULL) \ + panic("HEIM_TAILQ_INSERT_TAIL %p %s:%d", (head), __FILE__, __LINE__); +#define QUEUEDEBUG_HEIM_TAILQ_OP(elm, field) \ + if ((elm)->field.tqe_next && \ + (elm)->field.tqe_next->field.tqe_prev != \ + &(elm)->field.tqe_next) \ + panic("HEIM_TAILQ_* forw %p %s:%d", (elm), __FILE__, __LINE__);\ + if (*(elm)->field.tqe_prev != (elm)) \ + panic("HEIM_TAILQ_* back %p %s:%d", (elm), __FILE__, __LINE__); +#define QUEUEDEBUG_HEIM_TAILQ_PREREMOVE(head, elm, field) \ + if ((elm)->field.tqe_next == NULL && \ + (head)->tqh_last != &(elm)->field.tqe_next) \ + panic("HEIM_TAILQ_PREREMOVE head %p elm %p %s:%d", \ + (head), (elm), __FILE__, __LINE__); +#define QUEUEDEBUG_HEIM_TAILQ_POSTREMOVE(elm, field) \ + (elm)->field.tqe_next = (void *)1L; \ + (elm)->field.tqe_prev = (void *)1L; +#else +#define QUEUEDEBUG_HEIM_TAILQ_INSERT_HEAD(head, elm, field) +#define QUEUEDEBUG_HEIM_TAILQ_INSERT_TAIL(head, elm, field) +#define QUEUEDEBUG_HEIM_TAILQ_OP(elm, field) +#define QUEUEDEBUG_HEIM_TAILQ_PREREMOVE(head, elm, field) +#define QUEUEDEBUG_HEIM_TAILQ_POSTREMOVE(elm, field) +#endif + +#define HEIM_TAILQ_INIT(head) do { \ + (head)->tqh_first = NULL; \ + (head)->tqh_last = &(head)->tqh_first; \ +} while (/*CONSTCOND*/0) + +#define HEIM_TAILQ_INSERT_HEAD(head, elm, field) do { \ + QUEUEDEBUG_HEIM_TAILQ_INSERT_HEAD((head), (elm), field) \ + if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \ + (head)->tqh_first->field.tqe_prev = \ + &(elm)->field.tqe_next; \ + else \ + (head)->tqh_last = &(elm)->field.tqe_next; \ + (head)->tqh_first = (elm); \ + (elm)->field.tqe_prev = &(head)->tqh_first; \ +} while (/*CONSTCOND*/0) + +#define HEIM_TAILQ_INSERT_TAIL(head, elm, field) do { \ + QUEUEDEBUG_HEIM_TAILQ_INSERT_TAIL((head), (elm), field) \ + (elm)->field.tqe_next = NULL; \ + (elm)->field.tqe_prev = (head)->tqh_last; \ + *(head)->tqh_last = (elm); \ + (head)->tqh_last = &(elm)->field.tqe_next; \ +} while (/*CONSTCOND*/0) + +#define HEIM_TAILQ_INSERT_AFTER(head, listelm, elm, field) do { \ + QUEUEDEBUG_HEIM_TAILQ_OP((listelm), field) \ + if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\ + (elm)->field.tqe_next->field.tqe_prev = \ + &(elm)->field.tqe_next; \ + else \ + (head)->tqh_last = &(elm)->field.tqe_next; \ + (listelm)->field.tqe_next = (elm); \ + (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \ +} while (/*CONSTCOND*/0) + +#define HEIM_TAILQ_INSERT_BEFORE(listelm, elm, field) do { \ + QUEUEDEBUG_HEIM_TAILQ_OP((listelm), field) \ + (elm)->field.tqe_prev = (listelm)->field.tqe_prev; \ + (elm)->field.tqe_next = (listelm); \ + *(listelm)->field.tqe_prev = (elm); \ + (listelm)->field.tqe_prev = &(elm)->field.tqe_next; \ +} while (/*CONSTCOND*/0) + +#define HEIM_TAILQ_REMOVE(head, elm, field) do { \ + QUEUEDEBUG_HEIM_TAILQ_PREREMOVE((head), (elm), field) \ + QUEUEDEBUG_HEIM_TAILQ_OP((elm), field) \ + if (((elm)->field.tqe_next) != NULL) \ + (elm)->field.tqe_next->field.tqe_prev = \ + (elm)->field.tqe_prev; \ + else \ + (head)->tqh_last = (elm)->field.tqe_prev; \ + *(elm)->field.tqe_prev = (elm)->field.tqe_next; \ + QUEUEDEBUG_HEIM_TAILQ_POSTREMOVE((elm), field); \ +} while (/*CONSTCOND*/0) + +#define HEIM_TAILQ_FOREACH(var, head, field) \ + for ((var) = ((head)->tqh_first); \ + (var); \ + (var) = ((var)->field.tqe_next)) + +#define HEIM_TAILQ_FOREACH_REVERSE(var, head, headname, field) \ + for ((var) = (*(((struct headname *)((head)->tqh_last))->tqh_last)); \ + (var); \ + (var) = (*(((struct headname *)((var)->field.tqe_prev))->tqh_last))) + +/* + * Tail queue access methods. + */ +#define HEIM_TAILQ_EMPTY(head) ((head)->tqh_first == NULL) +#define HEIM_TAILQ_FIRST(head) ((head)->tqh_first) +#define HEIM_TAILQ_NEXT(elm, field) ((elm)->field.tqe_next) + +#define HEIM_TAILQ_LAST(head, headname) \ + (*(((struct headname *)((head)->tqh_last))->tqh_last)) +#define HEIM_TAILQ_PREV(elm, headname, field) \ + (*(((struct headname *)((elm)->field.tqe_prev))->tqh_last)) + + +#endif /* !_HEIM_QUEUE_H_ */ diff --git a/base/null.c b/base/null.c new file mode 100644 index 000000000000..66731aad2614 --- /dev/null +++ b/base/null.c @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "baselocl.h" + +struct heim_type_data _heim_null_object = { + HEIM_TID_NULL, + "null-object", + NULL, + NULL, + NULL, + NULL, + NULL +}; + +heim_null_t +heim_null_create(void) +{ + return heim_base_make_tagged_object(0, HEIM_TID_NULL); +} diff --git a/base/number.c b/base/number.c new file mode 100644 index 000000000000..72631a531ce7 --- /dev/null +++ b/base/number.c @@ -0,0 +1,127 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "baselocl.h" + +static void +number_dealloc(void *ptr) +{ +} + +static int +number_cmp(void *a, void *b) +{ + int na, nb; + + if (heim_base_is_tagged_object(a)) + na = heim_base_tagged_object_value(a); + else + na = *(int *)a; + + if (heim_base_is_tagged_object(b)) + nb = heim_base_tagged_object_value(b); + else + nb = *(int *)b; + + return na - nb; +} + +static unsigned long +number_hash(void *ptr) +{ + if (heim_base_is_tagged_object(ptr)) + return heim_base_tagged_object_value(ptr); + return (unsigned long)*(int *)ptr; +} + +struct heim_type_data _heim_number_object = { + HEIM_TID_NUMBER, + "number-object", + NULL, + number_dealloc, + NULL, + number_cmp, + number_hash +}; + +/** + * Create a number object + * + * @param the number to contain in the object + * + * @return a number object + */ + +heim_number_t +heim_number_create(int number) +{ + heim_number_t n; + + if (number < 0xffffff && number >= 0) + return heim_base_make_tagged_object(number, HEIM_TID_NUMBER); + + n = _heim_alloc_object(&_heim_number_object, sizeof(int)); + if (n) + *((int *)n) = number; + return n; +} + +/** + * Return the type ID of number objects + * + * @return type id of number objects + */ + +heim_tid_t +heim_number_get_type_id(void) +{ + return HEIM_TID_NUMBER; +} + +/** + * Get the int value of the content + * + * @param number the number object to get the value from + * + * @return an int + */ + +int +heim_number_get_int(heim_number_t number) +{ + if (heim_base_is_tagged_object(number)) + return heim_base_tagged_object_value(number); + return *(int *)number; +} diff --git a/base/string.c b/base/string.c new file mode 100644 index 000000000000..11e8841153bf --- /dev/null +++ b/base/string.c @@ -0,0 +1,115 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "baselocl.h" +#include + +static void +string_dealloc(void *ptr) +{ +} + +static int +string_cmp(void *a, void *b) +{ + return strcmp(a, b); +} + +static unsigned long +string_hash(void *ptr) +{ + const char *s = ptr; + unsigned long n; + + for (n = 0; *s; ++s) + n += *s; + return n; +} + +struct heim_type_data _heim_string_object = { + HEIM_TID_STRING, + "string-object", + NULL, + string_dealloc, + NULL, + string_cmp, + string_hash +}; + +/** + * Create a string object + * + * @param string the string to create, must be an utf8 string + * + * @return string object + */ + +heim_string_t +heim_string_create(const char *string) +{ + size_t len = strlen(string); + heim_string_t s; + + s = _heim_alloc_object(&_heim_string_object, len + 1); + if (s) + memcpy(s, string, len + 1); + return s; +} + +/** + * Return the type ID of string objects + * + * @return type id of string objects + */ + +heim_tid_t +heim_string_get_type_id(void) +{ + return HEIM_TID_STRING; +} + +/** + * Get the string value of the content. + * + * @param string the string object to get the value from + * + * @return a utf8 string + */ + +const char * +heim_string_get_utf8(heim_string_t string) +{ + return (const char *)string; +} diff --git a/base/test_base.c b/base/test_base.c new file mode 100644 index 000000000000..5355907c7857 --- /dev/null +++ b/base/test_base.c @@ -0,0 +1,151 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include + +#include "heimbase.h" +#include "heimbasepriv.h" + +static void +memory_free(heim_object_t obj) +{ +} + +static int +test_memory(void) +{ + void *ptr; + + ptr = heim_alloc(10, "memory", memory_free); + + heim_retain(ptr); + heim_release(ptr); + + heim_retain(ptr); + heim_release(ptr); + + heim_release(ptr); + + ptr = heim_alloc(10, "memory", NULL); + heim_release(ptr); + + return 0; +} + +static int +test_dict(void) +{ + heim_dict_t dict; + heim_number_t a1 = heim_number_create(1); + heim_string_t a2 = heim_string_create("hejsan"); + heim_number_t a3 = heim_number_create(3); + heim_string_t a4 = heim_string_create("foosan"); + + dict = heim_dict_create(10); + + heim_dict_add_value(dict, a1, a2); + heim_dict_add_value(dict, a3, a4); + + heim_dict_delete_key(dict, a3); + heim_dict_delete_key(dict, a1); + + heim_release(a1); + heim_release(a2); + heim_release(a3); + heim_release(a4); + + heim_release(dict); + + return 0; +} + +static int +test_auto_release(void) +{ + heim_auto_release_t ar1, ar2; + heim_number_t n1; + heim_string_t s1; + + ar1 = heim_auto_release_create(); + + s1 = heim_string_create("hejsan"); + heim_auto_release(s1); + + n1 = heim_number_create(1); + heim_auto_release(n1); + + ar2 = heim_auto_release_create(); + + n1 = heim_number_create(1); + heim_auto_release(n1); + + heim_release(ar2); + heim_release(ar1); + + return 0; +} + +static int +test_string(void) +{ + heim_string_t s1, s2; + const char *string = "hejsan"; + + s1 = heim_string_create(string); + s2 = heim_string_create(string); + + if (heim_cmp(s1, s2) != 0) + errx(1, "the same string is not the same"); + + + heim_release(s1); + heim_release(s2); + + return 0; +} + +int +main(int argc, char **argv) +{ + int res = 0; + + res |= test_memory(); + res |= test_dict(); + res |= test_auto_release(); + res |= test_string(); + + return res; +} diff --git a/base/version-script.map b/base/version-script.map new file mode 100644 index 000000000000..007052baeb0f --- /dev/null +++ b/base/version-script.map @@ -0,0 +1,28 @@ +HEIMDAL_BASE_1.0 { + global: + heim_abort; + heim_alloc; + heim_array_append_value; + heim_array_copy_value; + heim_array_create; + heim_array_delete_value; + heim_array_get_length; + heim_array_iterate_f; + heim_auto_release; + heim_auto_release_create; + heim_auto_release_drain; + heim_base_once_f; + heim_cmp; + heim_dict_add_value; + heim_dict_copy_value; + heim_dict_create; + heim_dict_delete_key; + heim_dict_iterate_f; + heim_release; + heim_retain; + heim_string_create; + heim_string_get_utf8; + heim_number_create; + local: + *; +}; diff --git a/cf/ChangeLog b/cf/ChangeLog index 0bd84c652cbd..8bd0b3e2f4d7 100644 --- a/cf/ChangeLog +++ b/cf/ChangeLog @@ -1,31 +1,94 @@ -2007-10-01 Love Hörnquist Åstrand +2008-07-26 Love Hörnquist Ã…strand + + * krb-ipv6.m4: Patch from Björn Schlögl to enable disable-ness of + ipv6. + +2008-05-20 Love Hörnquist Ã…strand + + * sunos.m4: Detect solaris2.11 and later and assume its sunos=58. + Bug report from Klas Heggemann. + +2008-05-05 Love Hörnquist Ã…strand + + * version-script.m4: Add -rpath to avoid building a convince + library, also sprinkle some other options to make the link line + more like automake's. + +2008-04-29 Love Hörnquist Ã…strand + + * version-script.m4: use libtool to probe for version script to + make it work on amd64/ia64 where -fpic in needed to build shared + objects. + +2008-04-24 Björn Sandell + + * pthreads.m4: macros for OpenBSD + +2008-04-17 Love Hörnquist Ã…strand + + * make-proto.pl: Define both export variables. + + * win32.m4: Export _FUNCTION and _VARIABLE for _win32 magic + + * krb-ipv6.m4: Rename cache variable to AC_CACHE_CHECK to make the + cached. + + * win32.m4: replace _export with __declspec(dllexport) + + * make-proto.pl: Add __declspec(dllimport) to the exported + functions. + +2008-04-07 Love Hörnquist Ã…strand + + * wflags.m4: Add -Wstrict-overflow=5 as an example. + +2008-03-25 Love Hörnquist Ã…strand + + * install-catman.sh: Match man_MANS = files with directories in + them. + +2008-02-23 Love Hörnquist Ã…strand + + * make-proto.pl: Handle c-comments. + + * Makefile.am.common: Make DEFAULT_INCLUDES work better, avoid + picking up the wrong headerfiles. $(top_builddir)/include vs + ${builddir}. + +2008-01-21 Love Hörnquist Ã…strand + + * Makefile.am.common: remove the check-symbols check + + * check-symbols.sh: removed, use version script instead + +2007-10-01 Love Hörnquist Ã…strand * crypto.m4: openssl might require -ldl too, so lets check that. -2007-07-31 Love Hörnquist Åstrand +2007-07-31 Love Hörnquist Ã…strand * Makefile.am.common (check-local::): exit on failure to perform test. -2007-07-28 Love Hörnquist Åstrand +2007-07-28 Love Hörnquist Ã…strand * Makefile.am.common (check-local): also check that --help works. -2007-07-17 Love Hörnquist Åstrand +2007-07-17 Love Hörnquist Ã…strand * crypto.m4: depend on EVP_CIPHER_iv_length -2007-06-27 Love Hörnquist Åstrand +2007-06-27 Love Hörnquist Ã…strand * Makefile.am.common: Need absolute reference to the top source directory and top build directory. -2007-06-20 Love Hörnquist Åstrand +2007-06-20 Love Hörnquist Ã…strand * wflags.m4: Add --enable-developer and make it cause -Werror to be included. -2007-06-18 Love Hörnquist Åstrand +2007-06-18 Love Hörnquist Ã…strand * Makefile.am.common: Merge from samba config. @@ -34,85 +97,85 @@ * valgrind-suppressions: Unknown suppression in runtime link editor -2007-06-08 Love Hörnquist Åstrand +2007-06-08 Love Hörnquist Ã…strand * Makefile.am.common: Add heimdal-lorikeet target distdir-in-tree -2007-06-04 Love Hörnquist Åstrand +2007-06-04 Love Hörnquist Ã…strand * framework-security.m4: test for -framework Security -2007-05-10 Love Hörnquist Åstrand +2007-05-10 Love Hörnquist Ã…strand * roken-frag.m4: we have a fnmatch.h only if there is a working implementation and a header file. If we do use roken, lets use our own headerfile that does symbol renaming. -2007-04-19 Love Hörnquist Åstrand +2007-04-19 Love Hörnquist Ã…strand * version-script.m4: check if ld supports --version-script -2007-04-11 Love Hörnquist Åstrand +2007-04-11 Love Hörnquist Ã…strand * roken-frag.m4: drop broken-getnameinfo.m4 * roken-frag.m4: drop test for broken getnameinfo, that old aix is no longer relevant. -2007-02-16 Love Hörnquist Åstrand +2007-02-16 Love Hörnquist Ã…strand * install-catman.sh: Stop overwriting cmd. -2007-01-15 Love Hörnquist Åstrand +2007-01-15 Love Hörnquist Ã…strand * install-catman.sh: Use test instead of [. * install-catman.sh: Use = instead of ==, make solaris more happy. -2007-01-08 Love Hörnquist Åstrand +2007-01-08 Love Hörnquist Ã…strand * roken-frag.m4: More headerfiles for iruserok prototype check. * check-symbols.sh: Add fc_softc for AIX as ignore syms. -2007-01-04 Love Hörnquist Åstrand +2007-01-04 Love Hörnquist Ã…strand * roken-frag.m4: Check if iruserok needs a prototype. -2006-12-06 Love Hörnquist Åstrand +2006-12-06 Love Hörnquist Ã…strand * check-compile-et.m4: set automake symbol COM_ERR when we build local com_err -2006-11-16 Love Hörnquist Åstrand +2006-11-16 Love Hörnquist Ã…strand * valgrind-suppressions: We shouldn't be running /bin/ls under valgrind, but for now, at least make it easier to see any other warnings. From Andrew Bartlett. -2006-10-22 Love Hörnquist Åstrand +2006-10-22 Love Hörnquist Ã…strand * Makefile.am.common: Add target for valgrind debugging * valgrind-suppressions: valgrind suppressions -2006-10-21 Love Hörnquist Åstrand +2006-10-21 Love Hörnquist Ã…strand * check-lex.m4: Borrow test for autoconf cvs to help hpux hosts -2006-10-20 Love Hörnquist Åstrand +2006-10-20 Love Hörnquist Ã…strand * Makefile.am.common: provide uninstall hook for cat/manpages. * install-catman.sh: provide uninstall command -2006-10-19 Love Hörnquist Åstrand +2006-10-19 Love Hörnquist Ã…strand * roken-frag.m4: Add check for timegm. * roken-frag.m4: Include sys/types.h for sys/socket.h and netdb.h. -2006-10-07 Love Hörnquist Åstrand +2006-10-07 Love Hörnquist Ã…strand * Makefile.am.common (install-build-headers): make this function convoluted and deal with dist_, nodist, nobase and all its @@ -126,56 +189,56 @@ * crypto.m4: Require openssl have OpenSSL_add_all_algorithms -2006-10-04 Love Hörnquist Åstrand +2006-10-04 Love Hörnquist Ã…strand * autobuild.m4: Add autobuild, GPLed, but free to use in projects not avaible under GPL or LGPL (just like autoconf). -2006-09-16 Love Hörnquist Åstrand +2006-09-16 Love Hörnquist Ã…strand * roken-frag.m4: Add samba_SOCKET_WRAPPER fragment -2006-09-12 Love Hörnquist Åstrand +2006-09-12 Love Hörnquist Ã…strand * socket-wrapper.m4: Add socket-wrapper test -2006-05-06 Love Hörnquist Åstrand +2006-05-06 Love Hörnquist Ã…strand * crypto.m4: Move up evp.h to please OpenSSL, from Douglas E. Engert. -2006-04-22 Love Hörnquist Åstrand +2006-04-22 Love Hörnquist Ã…strand * roken-frag.m4: Add check for fnmatch.h, its needed to be done for the automake conditional below. -2006-04-15 Love Hörnquist Åstrand +2006-04-15 Love Hörnquist Ã…strand * crypto.m4: Require SHA256 -2006-01-18 Love Hörnquist Åstrand +2006-01-18 Love Hörnquist Ã…strand * crypto.m4 Check for if we are to consider using OpenSSL, also check for headers since make_crypto.c assumes that the name of the files. -2006-01-13 Love Hörnquist Åstrand +2006-01-13 Love Hörnquist Ã…strand * crypto.m4: libdes is renamed to hcrypto * crypto.m4: Remove support for old hash names. -2005-10-26 Love Hörnquist Åstrand +2005-10-26 Love Hörnquist Ã…strand * install-catman.sh: Add variable INSTALL_CATPAGES that controls if cat pages are installed, defaults to true. From Johnny Lam . -2005-09-28 Love Hörnquist Åstrand +2005-09-28 Love Hörnquist Ã…strand * roken-frag.m4: Check for and uintptr_t -2005-09-02 Love Hörnquist Åstrand +2005-09-02 Love Hörnquist Ã…strand * roken-frag.m4: Resolver check moved to rk_RESOLV, from Andrew Bartlet @@ -183,25 +246,25 @@ * resolv.m4: Resolver checks, broken out so samba can use it From Andrew Bartlet -2005-08-22 Love Hörnquist Åstrand +2005-08-22 Love Hörnquist Ã…strand * roken-frag.m4: Check for res_ndestroy. -2005-08-03 Love Hörnquist Åstrand +2005-08-03 Love Hörnquist Ã…strand * crypto.m4: Add , OpenSSL 0.9.8 needs it for size_t. From: Quanah Gibson-Mount -2005-07-12 Love Hörnquist Åstrand +2005-07-12 Love Hörnquist Ã…strand * check-compile-et.m4: check that initialize_conf_error_table_r have the right argument -2005-07-07 Love Hörnquist Åstrand +2005-07-07 Love Hörnquist Ã…strand * check-symbols.sh: allow symbols to start with ., aix uses this -2005-06-16 Love Hörnquist Åstrand +2005-06-16 Love Hörnquist Ã…strand * krb-bigendian.m4: use ansi c prototypes @@ -229,18 +292,18 @@ * broken-getaddrinfo.m4: check for brokenness in getaddrinfo on AIX that can't handle "0" as port number. -2005-06-11 Love Hörnquist Åstrand +2005-06-11 Love Hörnquist Ã…strand * db.m4: Add an option to disable ndbm, from Stefan Metzmacher -2005-06-03 Love Hörnquist Åstrand +2005-06-03 Love Hörnquist Ã…strand * pthreads.m4: rework how pthreads support to turned on/off, always run though the switch to figure out what the linker/compiler flag are -2005-06-01 Love Hörnquist Åstrand +2005-06-01 Love Hörnquist Ã…strand * pthreads.m4: s/else if/elif/ @@ -251,7 +314,7 @@ non-gcc case, use the compiler as hint (xlc vs xlc_r) if this environment handles threads or not -2005-05-22 Love Hörnquist Åstrand +2005-05-22 Love Hörnquist Ã…strand * check-symbols.sh: ignore weak symbols too @@ -270,16 +333,16 @@ but masked by a feature test), just to avoid a warning, since it has int args. -2005-05-11 Love Hörnquist Åstrand +2005-05-11 Love Hörnquist Ã…strand * check-var.m4: AC_CHECK_DECL and AC_CHECK_DECLS have a subtile diffrence, the later defines HAVE_ cpp symbols, the first doesn't. -2005-05-05 Love Hörnquist Åstrand +2005-05-05 Love Hörnquist Ã…strand * check-symbols.sh: ignore N symbols too -2005-04-30 Love Hörnquist Åstrand +2005-04-30 Love Hörnquist Ã…strand * broken-snprintf.m4: include checking if snprintf(NULL, 0, "") works @@ -288,7 +351,7 @@ initialize_FOO_error_table_r (they are used in libkrb5), and always check for initialize_error_table_r -2005-04-29 Love Hörnquist Åstrand +2005-04-29 Love Hörnquist Ã…strand * Makefile.am.common: add LIB_com_err @@ -300,7 +363,7 @@ * pthreads.m4: Set PTHREADS_LIBS on Irix. -2005-04-27 Love Hörnquist Åstrand +2005-04-27 Love Hörnquist Ã…strand * broken-realloc.m4: use rk_realloc if realloc is broken, this makes "host-tools" not beeing able to use realloc @@ -308,32 +371,32 @@ * pthreads.m4: Add support for Solaris, Irix, and modern Linux. From David Love -2005-04-25 Love Hörnquist Åstrand +2005-04-25 Love Hörnquist Ã…strand * check-symbols.sh: limit the units functions to asn1_[A-Za-z0-9]*_units$ -2005-04-20 Love Hörnquist Åstrand +2005-04-20 Love Hörnquist Ã…strand * check-symbols.sh: this lib include com_err, add -com_err to CHECK_SYMBOLS * check-symbols.sh: print the type so I don't need to ask for it -2005-04-18 Love Hörnquist Åstrand +2005-04-18 Love Hörnquist Ã…strand * check-symbols.sh: ignore filename symbols -2005-04-04 Love Hörnquist Åstrand +2005-04-04 Love Hörnquist Ã…strand * check-symbols.sh: assume symbols prefixed with _ is a sideeffekt of the local linker and also just fine -2005-03-16 Love Hörnquist Åstrand +2005-03-16 Love Hörnquist Ã…strand * roken-frag.m4: include for -2005-03-01 Love Hörnquist Åstrand +2005-03-01 Love Hörnquist Ã…strand * sunos.m4: Match solaris 10. From: Joakim Fallsjo @@ -342,18 +405,18 @@ * check-symbols.sh: add -asn1compile symbols -2004-12-29 Love Hörnquist Åstrand +2004-12-29 Love Hörnquist Ã…strand * check-symbols.sh: add exported symbols test * Makefile.am.common: add CHECK_SYMBOLS tests, so that we don't export to much stuff -2004-09-03 Love Hörnquist Åstrand +2004-09-03 Love Hörnquist Ã…strand * make-proto.pl: add cpluscplus extern "C" support -2004-07-09 Love Hörnquist Åstrand +2004-07-09 Love Hörnquist Ã…strand * pthreads.m4: add -pthread to LIBS since libtool doesn't preserve it for us when adding is as a dependency on libs @@ -362,7 +425,7 @@ * largefile.m4: like AC_SYS_LARGEFILE, but also add to CPPFLAGS -2004-04-14 Love Hörnquist Åstrand +2004-04-14 Love Hörnquist Ã…strand * check-compile-et.m4: even more evil stuff for cross-compiling @@ -371,20 +434,20 @@ * check-compile-et.m4: use AC_RUN_IFELSE so we can handle cross compiling -2004-04-13 Love Hörnquist Åstrand +2004-04-13 Love Hörnquist Ã…strand * make-proto.pl: if -E, add windows standard calling conv to headerfile if needed * win32.m4: add rk_WIN32_EXPORT -2004-02-12 Love Hörnquist Åstrand +2004-02-12 Love Hörnquist Ã…strand * configure.in: rename AC_WFLAGS to rk_WFLAGS * *.m4: overquote to pacify automake1.8 -2004-02-11 Love Hörnquist Åstrand +2004-02-11 Love Hörnquist Ã…strand * roken-frag.m4: resolv.h is even more special @@ -396,7 +459,7 @@ --with-PACKAGE-config, go seach for path/PACKEGE-config and use it if it exists. Inspired by Harald Barth -2003-09-03 Love Hörnquist Åstrand +2003-09-03 Love Hörnquist Ã…strand * crypto.m4: check for DES_, AES_, and if openssl UI_ @@ -406,17 +469,17 @@ * roken-frag.m4: test for poll and poll.h -2003-08-16 Love Hörnquist Åstrand +2003-08-16 Love Hörnquist Ã…strand * Makefile.am.common: don't try doing local checks if CHECK_LOCAL is set to no-check-local -2003-08-01 Love Hörnquist Åstrand +2003-08-01 Love Hörnquist Ã…strand * check-compile-et.m4: check if compile_et support ``error_table N M'' also, don't be overly aggressivly reset CFLAGS -2003-07-22 Love Hörnquist Åstrand +2003-07-22 Love Hörnquist Ã…strand * pthreads.m4: pthread test @@ -429,26 +492,26 @@ * crypto.m4: define OPENSSL_DES_LIBDES_COMPATIBILITY -2003-04-03 Love Hörnquist Åstrand +2003-04-03 Love Hörnquist Ã…strand * crypto.m4: check if libcrypto needs -lnsl or -lsocket -2003-04-02 Love Hörnquist Åstrand +2003-04-02 Love Hörnquist Ã…strand * crypto.m4: in the case where se don't link with kerberos 4, use ${with_openssl_include} if its are set (not ${with_openssl}/include) same for with_openssl_lib -2003-03-18 Love Hörnquist Åstrand +2003-03-18 Love Hörnquist Ã…strand * Makefile.am.common: always define LIB_kafs -2003-03-12 Love Hörnquist Åstrand +2003-03-12 Love Hörnquist Ã…strand * check-compile-et.m4: check if the output of compile_et needs initialize_error_table_r -2003-02-17 Love Hörnquist Åstrand +2003-02-17 Love Hörnquist Ã…strand * check-var.m4: add a check if the variable is avaible when we include the headerfiles diff --git a/cf/Makefile.am.common b/cf/Makefile.am.common index bbc79a5ab9df..1470fe0d5c23 100644 --- a/cf/Makefile.am.common +++ b/cf/Makefile.am.common @@ -1,8 +1,10 @@ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ SUFFIXES = .et .h -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include + +AM_CPPFLAGS = $(INCLUDES_roken) if do_roken_rename ROKEN_RENAME = -DROKEN_RENAME @@ -59,6 +61,8 @@ LIB_readline = @LIB_readline@ LEXLIB = @LEXLIB@ +libexec_heimdaldir = $(libexecdir)/heimdal + install-suid-programs: @foo='$(bin_SUIDS)'; \ for file in $$foo; do \ @@ -125,11 +129,14 @@ check-local:: test "$$failed" -eq 0 || exit 1; \ fi -SUFFIXES += .x .z +SUFFIXES += .x .z .hx .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + SUFFIXES += .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 NROFF_MAN = groff -mandoc -Tascii @@ -220,9 +227,10 @@ if KRB5 LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la endif +LIB_heimbase = $(top_builddir)/base/libheimbase.la + if DCE LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la endif @@ -234,7 +242,7 @@ endif check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. diff --git a/cf/aix.m4 b/cf/aix.m4 index 32aeba6a70c2..2c450fbb8b4c 100644 --- a/cf/aix.m4 +++ b/cf/aix.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: aix.m4 14147 2004-08-25 14:14:01Z joda $ +dnl $Id$ dnl AC_DEFUN([rk_AIX],[ @@ -9,20 +9,22 @@ case "$host" in *-*-aix3*) aix=3 ;; -*-*-aix4*|*-*-aix5*) +*-*-aix[[4-9]]*) aix=4 ;; esac AM_CONDITIONAL(AIX, test "$aix" != no)dnl -AM_CONDITIONAL(AIX4, test "$aix" = 4) - +AM_CONDITIONAL(AIX4, test "$aix" = 4)dnl AC_ARG_ENABLE(dynamic-afs, AS_HELP_STRING([--disable-dynamic-afs], [do not use loaded AFS library with AIX])) if test "$aix" != no; then + + AC_DEFINE(NEED_QSORT, 1, [if your qsort is not a stable sort]) + if test "$enable_dynamic_afs" != no; then AC_REQUIRE([rk_DLOPEN]) if test "$ac_cv_func_dlopen" = no; then @@ -45,8 +47,11 @@ fi AM_CONDITIONAL(AIX_DYNAMIC_AFS, test "$enable_dynamic_afs" != no)dnl AC_SUBST(AIX_EXTRA_KAFS)dnl +if test "$aix" != no; then + AC_DEFINE([_ALL_SOURCE],1,[Required for functional/sane headers on AIX]) +fi + AH_BOTTOM([#if _AIX -#define _ALL_SOURCE /* XXX this is gross, but kills about a gazillion warnings */ struct ether_addr; struct sockaddr; diff --git a/cf/auth-modules.m4 b/cf/auth-modules.m4 index d2383c6bbde6..e27de4bd8ad6 100644 --- a/cf/auth-modules.m4 +++ b/cf/auth-modules.m4 @@ -1,4 +1,4 @@ -dnl $Id: auth-modules.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl Figure what authentication modules should be built dnl diff --git a/cf/autobuild.m4 b/cf/autobuild.m4 deleted file mode 100644 index bd1f4dc1b0b3..000000000000 --- a/cf/autobuild.m4 +++ /dev/null @@ -1,34 +0,0 @@ -# autobuild.m4 serial 2 (autobuild-3.3) -# Copyright (C) 2004 Simon Josefsson -# -# This file is free software, distributed under the terms of the GNU -# General Public License. As a special exception to the GNU General -# Public License, this file may be distributed as part of a program -# that contains a configuration script generated by Autoconf, under -# the same distribution terms as the rest of that program. -# -# This file can can be used in projects which are not available under -# the GNU General Public License or the GNU Library General Public -# License but which still want to provide support for Autobuild. - -# Usage: AB_INIT([MODE]). -AC_DEFUN([AB_INIT], -[ - AC_REQUIRE([AC_CANONICAL_BUILD]) - AC_REQUIRE([AC_CANONICAL_HOST]) - - AC_MSG_NOTICE([autobuild project... ${PACKAGE_NAME:-$PACKAGE}]) - AC_MSG_NOTICE([autobuild revision... ${PACKAGE_VERSION:-$VERSION}]) - hostname=`hostname` - if test "$hostname"; then - AC_MSG_NOTICE([autobuild hostname... $hostname]) - fi - ifelse([$1],[],,[AC_MSG_NOTICE([autobuild mode... $1])]) - date=`date +%Y%m%d-%H%M%S` - if test "$?" != 0; then - date=`date` - fi - if test "$date"; then - AC_MSG_NOTICE([autobuild timestamp... $date]) - fi -]) diff --git a/cf/broken-getaddrinfo.m4 b/cf/broken-getaddrinfo.m4 index b8d323c71229..5daf416e3061 100644 --- a/cf/broken-getaddrinfo.m4 +++ b/cf/broken-getaddrinfo.m4 @@ -1,4 +1,4 @@ -dnl $Id: broken-getaddrinfo.m4 15401 2005-06-16 16:10:50Z lha $ +dnl $Id$ dnl dnl test if getaddrinfo can handle numeric services @@ -23,4 +23,4 @@ main(int argc, char **argv) return 1; return 0; } -]])],[ac_cv_func_getaddrinfo_numserv=yes],[ac_cv_func_getaddrinfo_numserv=no]))]) +]])],[ac_cv_func_getaddrinfo_numserv=yes],[ac_cv_func_getaddrinfo_numserv=no],[ac_cv_func_getaddrinfo_numserv=yes]))]) diff --git a/cf/broken-glob.m4 b/cf/broken-glob.m4 index a27e7ea3be0f..0e77427d006c 100644 --- a/cf/broken-glob.m4 +++ b/cf/broken-glob.m4 @@ -1,4 +1,4 @@ -dnl $Id: broken-glob.m4 14166 2004-08-26 12:35:42Z joda $ +dnl $Id$ dnl dnl check for glob(3) dnl diff --git a/cf/broken-realloc.m4 b/cf/broken-realloc.m4 index 0b7c4766372c..b6d962aceba1 100644 --- a/cf/broken-realloc.m4 +++ b/cf/broken-realloc.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: broken-realloc.m4 15435 2005-06-16 19:45:52Z lha $ +dnl $Id$ dnl dnl Test for realloc that doesn't handle NULL as first parameter dnl diff --git a/cf/broken-snprintf.m4 b/cf/broken-snprintf.m4 index 8e2287419f2d..02611166a522 100644 --- a/cf/broken-snprintf.m4 +++ b/cf/broken-snprintf.m4 @@ -1,4 +1,4 @@ -dnl $Id: broken-snprintf.m4 15455 2005-06-16 21:03:43Z lha $ +dnl $Id$ dnl AC_DEFUN([AC_BROKEN_SNPRINTF], [ AC_CACHE_CHECK(for working snprintf,ac_cv_func_snprintf_working, diff --git a/cf/broken.m4 b/cf/broken.m4 index 6306ba7176f3..1c8db72a2704 100644 --- a/cf/broken.m4 +++ b/cf/broken.m4 @@ -1,4 +1,4 @@ -dnl $Id: broken.m4 11003 2002-05-19 19:37:08Z joda $ +dnl $Id$ dnl dnl dnl Same as AC _REPLACE_FUNCS, just define HAVE_func if found in normal diff --git a/cf/broken2.m4 b/cf/broken2.m4 index 20d5163ac85a..71e2afa9a96c 100644 --- a/cf/broken2.m4 +++ b/cf/broken2.m4 @@ -1,4 +1,4 @@ -dnl $Id: broken2.m4 14181 2004-08-31 12:53:36Z joda $ +dnl $Id$ dnl dnl AC_BROKEN but with more arguments diff --git a/cf/c-attribute.m4 b/cf/c-attribute.m4 index 1025538f66f7..8ff6bd3e84db 100644 --- a/cf/c-attribute.m4 +++ b/cf/c-attribute.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: c-attribute.m4 14166 2004-08-26 12:35:42Z joda $ +dnl $Id$ dnl dnl diff --git a/cf/c-function.m4 b/cf/c-function.m4 index cb39705e8694..74ffd9511618 100644 --- a/cf/c-function.m4 +++ b/cf/c-function.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: c-function.m4 15422 2005-06-16 18:59:29Z lha $ +dnl $Id$ dnl dnl diff --git a/cf/capabilities.m4 b/cf/capabilities.m4 index 12cbef81b417..4178b3c0ae17 100644 --- a/cf/capabilities.m4 +++ b/cf/capabilities.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: capabilities.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl diff --git a/cf/check-compile-et.m4 b/cf/check-compile-et.m4 index 583abdf7099c..3f9d95975351 100644 --- a/cf/check-compile-et.m4 +++ b/cf/check-compile-et.m4 @@ -1,4 +1,4 @@ -dnl $Id: check-compile-et.m4 19252 2006-12-06 13:32:55Z lha $ +dnl $Id$ dnl dnl CHECK_COMPILE_ET AC_DEFUN([CHECK_COMPILE_ET], [ @@ -67,6 +67,7 @@ elif test "${krb_cv_compile_et}" = "yes"; then const char *p; p = error_message(0); initialize_error_table_r(0,0,0,0); + com_right_r(0, 0, 0, 0); ]])],[krb_cv_com_err="yes"],[krb_cv_com_err="no"; CPPFLAGS="${save_CPPFLAGS}"]) AC_MSG_RESULT(${krb_cv_com_err}) LIBS="${krb_cv_save_LIBS}" diff --git a/cf/check-getpwnam_r-posix.m4 b/cf/check-getpwnam_r-posix.m4 index bb7e38859a25..69bc06e7cc95 100644 --- a/cf/check-getpwnam_r-posix.m4 +++ b/cf/check-getpwnam_r-posix.m4 @@ -1,4 +1,4 @@ -dnl $Id: check-getpwnam_r-posix.m4 15435 2005-06-16 19:45:52Z lha $ +dnl $Id$ dnl dnl check for getpwnam_r, and if it's posix or not diff --git a/cf/check-man.m4 b/cf/check-man.m4 index 7538cc82d7af..ad013a4daf8d 100644 --- a/cf/check-man.m4 +++ b/cf/check-man.m4 @@ -1,4 +1,4 @@ -dnl $Id: check-man.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl check how to format manual pages dnl @@ -11,8 +11,7 @@ AC_CACHE_CHECK(how to format man pages,ac_cv_sys_man_format, .Dt CONFTEST 1 .Sh NAME .Nm conftest -.Nd -foobar +.Nd foobar END if test "$NROFF" ; then @@ -55,4 +54,4 @@ else CATMANEXT=0 fi AC_SUBST(CATMANEXT) -]) \ No newline at end of file +]) diff --git a/cf/check-netinet-ip-and-tcp.m4 b/cf/check-netinet-ip-and-tcp.m4 index 64bb8f139de7..65c5f6450047 100644 --- a/cf/check-netinet-ip-and-tcp.m4 +++ b/cf/check-netinet-ip-and-tcp.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: check-netinet-ip-and-tcp.m4 14162 2004-08-26 11:27:32Z joda $ +dnl $Id$ dnl dnl extra magic check for netinet/{ip.h,tcp.h} because on irix 6.5.3 diff --git a/cf/check-type-extra.m4 b/cf/check-type-extra.m4 index 2778a9d76f13..f881120ae0d5 100644 --- a/cf/check-type-extra.m4 +++ b/cf/check-type-extra.m4 @@ -1,4 +1,4 @@ -dnl $Id: check-type-extra.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl ac_check_type + extra headers diff --git a/cf/check-var.m4 b/cf/check-var.m4 index 1e6846593b08..2fd7bca6f0ef 100644 --- a/cf/check-var.m4 +++ b/cf/check-var.m4 @@ -1,4 +1,4 @@ -dnl $Id: check-var.m4 15422 2005-06-16 18:59:29Z lha $ +dnl $Id$ dnl dnl rk_CHECK_VAR(variable, includes) AC_DEFUN([rk_CHECK_VAR], [ @@ -9,7 +9,8 @@ m4_ifval([$2],[ void * foo(void) { return &$1; }]],[[foo()]])], [ac_cv_var_$1=yes],[ac_cv_var_$1=no])]) if test "$ac_cv_var_$1" != yes ; then -AC_LINK_IFELSE([AC_LANG_PROGRAM([[extern int $1; +AC_LINK_IFELSE([AC_LANG_PROGRAM([[$2 +extern int $1; int foo(void) { return $1; }]],[[foo()]])], [ac_cv_var_$1=yes],[ac_cv_var_$1=no]) fi diff --git a/cf/check-x.m4 b/cf/check-x.m4 index 07f7e2d80f59..5d8806c4b10b 100644 --- a/cf/check-x.m4 +++ b/cf/check-x.m4 @@ -1,7 +1,7 @@ dnl dnl See if there is any X11 present dnl -dnl $Id: check-x.m4 15435 2005-06-16 19:45:52Z lha $ +dnl $Id$ AC_DEFUN([KRB_CHECK_X],[ AC_PATH_XTRA diff --git a/cf/check-xau.m4 b/cf/check-xau.m4 index 4d416fd19ac6..f66e2d193285 100644 --- a/cf/check-xau.m4 +++ b/cf/check-xau.m4 @@ -1,4 +1,4 @@ -dnl $Id: check-xau.m4 15454 2005-06-16 21:02:16Z lha $ +dnl $Id$ dnl dnl check for Xau{Read,Write}Auth and XauFileName dnl diff --git a/cf/crypto.m4 b/cf/crypto.m4 index 69b2fc963c31..a29b7648c5f8 100644 --- a/cf/crypto.m4 +++ b/cf/crypto.m4 @@ -1,4 +1,4 @@ -dnl $Id: crypto.m4 22080 2007-11-16 11:10:54Z lha $ +dnl $Id$ dnl dnl test for crypto libraries: dnl - libcrypto (from openssl) @@ -17,6 +17,7 @@ m4_define([test_headers], [ #include #include #include + #include #include #include #include @@ -37,19 +38,20 @@ m4_define([test_headers], [ ]) m4_define([test_body], [ void *schedule = 0; - MD4_CTX md4; - MD5_CTX md5; - SHA_CTX sha1; - SHA256_CTX sha256; + EVP_MD_CTX mdctx; - MD4_Init(&md4); - MD5_Init(&md5); - SHA1_Init(&sha1); - SHA256_Init(&sha256); + EVP_md4(); + EVP_md5(); + EVP_sha1(); + EVP_sha256(); + + EVP_MD_CTX_init(&mdctx); + EVP_DigestInit_ex(&mdctx, EVP_sha1(), (ENGINE *)0); EVP_CIPHER_iv_length(((EVP_CIPHER*)0)); - #ifdef HAVE_OPENSSL - RAND_status(); UI_UTIL_read_pw_string(0,0,0,0); + RAND_status(); + #ifdef HAVE_OPENSSL + EC_KEY_new(); #endif OpenSSL_add_all_algorithms(); diff --git a/cf/db.m4 b/cf/db.m4 index cc8b8cae40e9..ff10f76eb6e0 100644 --- a/cf/db.m4 +++ b/cf/db.m4 @@ -1,12 +1,21 @@ -dnl $Id: db.m4 15456 2005-06-16 21:04:43Z lha $ +dnl $Id$ dnl dnl tests for various db libraries dnl + AC_DEFUN([rk_DB],[ -AC_ARG_ENABLE(berkeley-db, - AS_HELP_STRING([--disable-berkeley-db], - [if you don't want berkeley db]),[ -]) +AC_ARG_WITH(berkeley-db, + AS_HELP_STRING([--with-berkeley-db], + [enable support for berkeley db @<:@default=check@:>@]), + [], + [with_berkeley_db=check]) + +dbheader="" +AC_ARG_WITH(berkeley-db-include, + AS_HELP_STRING([--with-berkeley-db-include=dir], + [use berkeley-db headers in dir]), + [dbheader=$withval], + [with_berkeley_db_include=check]) AC_ARG_ENABLE(ndbm-db, AS_HELP_STRING([--disable-ndbm-db], @@ -16,20 +25,34 @@ AC_ARG_ENABLE(ndbm-db, have_ndbm=no db_type=unknown -if test "$enable_berkeley_db" != no; then +AS_IF([test "x$with_berkeley_db" != xno], + [AS_IF([test "x$with_berkeley_db_include" != xcheck], + [AC_CHECK_HEADERS(["$dbheader/db.h"], + [AC_SUBST([DBHEADER], [$dbheader]) + AC_DEFINE([HAVE_DBHEADER], [1], + [Define if you have user supplied header location]) + ], + [if test "x$with_berkeley_db_include" != xcheck; then + AC_MSG_FAILURE( + [--with-berkeley-db-include was given but include test failed]) + fi + ])], + [AC_CHECK_HEADERS([ \ + db5/db.h \ + db4/db.h \ + db3/db.h \ + db.h \ + ])]) - AC_CHECK_HEADERS([ \ - db4/db.h \ - db3/db.h \ - db.h \ - db_185.h \ - ]) +dnl db_create is used by db3 and db4 and db5 -dnl db_create is used by db3 and db4 - - AC_FIND_FUNC_NO_LIBS(db_create, db4 db3 db, [ + AC_FIND_FUNC_NO_LIBS(db_create, [$dbheader] db5 db4 db3 db, [ #include - #ifdef HAVE_DB4_DB_H + #ifdef HAVE_DBHEADER + #include <$dbheader/db.h> + #elif HAVE_DB5_DB_H + #include + #elif HAVE_DB4_DB_H #include #elif defined(HAVE_DB3_DB_H) #include @@ -45,33 +68,30 @@ dnl db_create is used by db3 and db4 else DBLIB="" fi - AC_DEFINE(HAVE_DB3, 1, [define if you have a berkeley db3/4 library]) - else + AC_DEFINE(HAVE_DB3, 1, [define if you have a berkeley db3/4/5 library]) + fi dnl dbopen is used by db1/db2 - AC_FIND_FUNC_NO_LIBS(dbopen, db2 db, [ - #include - #if defined(HAVE_DB2_DB_H) - #include - #elif defined(HAVE_DB_185_H) - #include - #elif defined(HAVE_DB_H) - #include - #else - #error no db.h - #endif - ],[NULL, 0, 0, 0, NULL]) + AC_FIND_FUNC_NO_LIBS(dbopen, db2 db, [ + #include + #if defined(HAVE_DB2_DB_H) + #include + #elif defined(HAVE_DB_H) + #include + #else + #error no db.h + #endif + ],[NULL, 0, 0, 0, NULL]) - if test "$ac_cv_func_dbopen" = "yes"; then - db_type=db1 - if test "$ac_cv_funclib_dbopen" != "yes"; then - DBLIB="$ac_cv_funclib_dbopen" - else - DBLIB="" - fi - AC_DEFINE(HAVE_DB1, 1, [define if you have a berkeley db1/2 library]) + if test "$ac_cv_func_dbopen" = "yes"; then + db_type=db1 + if test "$ac_cv_funclib_dbopen" != "yes"; then + DBLIB="$ac_cv_funclib_dbopen" + else + DBLIB="" fi + AC_DEFINE(HAVE_DB1, 1, [define if you have a berkeley db1/2 library]) fi dnl test for ndbm compatability @@ -98,7 +118,7 @@ dnl test for ndbm compatability fi fi -fi # berkeley db +]) # fi berkeley db if test "$enable_ndbm_db" != "no"; then @@ -190,12 +210,13 @@ int main(int argc, char **argv) AC_DEFINE(HAVE_NEW_DB, 1, [Define if NDBM really is DB (creates files *.db)]) else AC_MSG_RESULT([no]) - fi],[AC_MSG_RESULT([no])]) + fi],[AC_MSG_RESULT([no])],[AC_MSG_RESULT([no-cross])]) fi AM_CONDITIONAL(HAVE_DB1, test "$db_type" = db1)dnl AM_CONDITIONAL(HAVE_DB3, test "$db_type" = db3)dnl AM_CONDITIONAL(HAVE_NDBM, test "$db_type" = ndbm)dnl +AM_CONDITIONAL(HAVE_DBHEADER, test "$dbheader" != "")dnl ## it's probably not correct to include LDFLAGS here, but we might ## need it, for now just add any possible -L diff --git a/cf/destdirs.m4 b/cf/destdirs.m4 index 6b75f655fb07..36baafd3eb18 100644 --- a/cf/destdirs.m4 +++ b/cf/destdirs.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: destdirs.m4 11082 2002-08-12 15:12:50Z joda $ +dnl $Id$ dnl AC_DEFUN([rk_DESTDIRS], [ diff --git a/cf/dispatch.m4 b/cf/dispatch.m4 new file mode 100644 index 000000000000..68b39fd48ae7 --- /dev/null +++ b/cf/dispatch.m4 @@ -0,0 +1,20 @@ + +AC_DEFUN([rk_LIBDISPATCH],[ + +AC_CHECK_HEADERS([dispatch/dispatch.h]) + +AC_FIND_FUNC_NO_LIBS(dispatch_async_f, dispatch, +[#ifdef HAVE_DISPATCH_DISPATCH_H +#include +#endif],[0,0,0]) + +if test "$ac_cv_func_dispatch_async_f" = yes ; then + AC_DEFINE([HAVE_GCD], 1, [Define if os support gcd.]) + libdispatch=yes +else + libdispatch=no +fi + +AM_CONDITIONAL(have_gcd, test "$libdispatch" = yes) + +]) \ No newline at end of file diff --git a/cf/dlopen.m4 b/cf/dlopen.m4 index 310ca556b4d1..17e3c6203793 100644 --- a/cf/dlopen.m4 +++ b/cf/dlopen.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: dlopen.m4 15433 2005-06-16 19:40:59Z lha $ +dnl $Id$ dnl AC_DEFUN([rk_DLOPEN], [ diff --git a/cf/find-func-no-libs.m4 b/cf/find-func-no-libs.m4 index 76965a84ee8a..f3413409f63c 100644 --- a/cf/find-func-no-libs.m4 +++ b/cf/find-func-no-libs.m4 @@ -1,4 +1,4 @@ -dnl $Id: find-func-no-libs.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl dnl Look for function in any of the specified libraries diff --git a/cf/find-func-no-libs2.m4 b/cf/find-func-no-libs2.m4 index 617a09e8da1b..692001c103b7 100644 --- a/cf/find-func-no-libs2.m4 +++ b/cf/find-func-no-libs2.m4 @@ -1,4 +1,4 @@ -dnl $Id: find-func-no-libs2.m4 14166 2004-08-26 12:35:42Z joda $ +dnl $Id$ dnl dnl dnl Look for function in any of the specified libraries diff --git a/cf/find-func.m4 b/cf/find-func.m4 index 2354f38e5e4b..865772a70085 100644 --- a/cf/find-func.m4 +++ b/cf/find-func.m4 @@ -1,4 +1,4 @@ -dnl $Id: find-func.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl AC_FIND_FUNC(func, libraries, includes, arguments) AC_DEFUN([AC_FIND_FUNC], [ diff --git a/cf/find-if-not-broken.m4 b/cf/find-if-not-broken.m4 index 3e946385c50a..1397616f4bda 100644 --- a/cf/find-if-not-broken.m4 +++ b/cf/find-if-not-broken.m4 @@ -1,4 +1,4 @@ -dnl $Id: find-if-not-broken.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl dnl Mix between AC_FIND_FUNC and AC_BROKEN diff --git a/cf/have-pragma-weak.m4 b/cf/have-pragma-weak.m4 index 32b7a67da149..cd892bd0e003 100644 --- a/cf/have-pragma-weak.m4 +++ b/cf/have-pragma-weak.m4 @@ -1,4 +1,4 @@ -dnl $Id: have-pragma-weak.m4 15435 2005-06-16 19:45:52Z lha $ +dnl $Id$ dnl AC_DEFUN([AC_HAVE_PRAGMA_WEAK], [ if test "${enable_shared}" = "yes"; then diff --git a/cf/have-struct-field.m4 b/cf/have-struct-field.m4 index 8618bc073482..bb7bcefbcc68 100644 --- a/cf/have-struct-field.m4 +++ b/cf/have-struct-field.m4 @@ -1,4 +1,4 @@ -dnl $Id: have-struct-field.m4 18314 2006-10-07 17:31:56Z lha $ +dnl $Id$ dnl dnl check for fields in a structure dnl diff --git a/cf/have-type.m4 b/cf/have-type.m4 index 34d5befbb602..4c533a6f2a4e 100644 --- a/cf/have-type.m4 +++ b/cf/have-type.m4 @@ -1,4 +1,4 @@ -dnl $Id: have-type.m4 14166 2004-08-26 12:35:42Z joda $ +dnl $Id$ dnl dnl check for existance of a type diff --git a/cf/have-types.m4 b/cf/have-types.m4 index 79ceb97e40f8..7e6e49352ad4 100644 --- a/cf/have-types.m4 +++ b/cf/have-types.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: have-types.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl AC_DEFUN([AC_HAVE_TYPES], [ diff --git a/cf/install-catman.sh b/cf/install-catman.sh index 872e1628070c..4f63cb406a93 100755 --- a/cf/install-catman.sh +++ b/cf/install-catman.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# $Id: install-catman.sh 20232 2007-02-16 11:03:13Z lha $ +# $Id$ # # install preformatted manual pages @@ -13,8 +13,9 @@ suffix="$1"; shift catinstall="${INSTALL_CATPAGES-yes}" for f in "$@"; do - base=`echo "$f" | sed 's/\(.*\)\.\([^.]*\)$/\1/'` - section=`echo "$f" | sed 's/\(.*\)\.\([^.]*\)$/\2/'` + echo $f + base=`echo "$f" | sed 's/\([^/]*\/\)*\(.*\)\.\([^.]*\)$/\2/'` + section=`echo "$f" | sed 's/\([^/]*\/\)*\(.*\)\.\([^.]*\)$/\3/'` mandir="$manbase/man$section" catdir="$manbase/cat$section" c="$base.cat$section" diff --git a/cf/irix.m4 b/cf/irix.m4 index 510b81f26bc0..d2b0009a0aac 100644 --- a/cf/irix.m4 +++ b/cf/irix.m4 @@ -1,26 +1,15 @@ dnl -dnl $Id: irix.m4 11267 2002-08-28 19:11:44Z joda $ +dnl $Id$ dnl AC_DEFUN([rk_IRIX], [ irix=no case "$host" in -*-*-irix4*) - AC_DEFINE([IRIX4], 1, - [Define if you are running IRIX 4.]) - irix=yes - ;; *-*-irix*) irix=yes ;; esac AM_CONDITIONAL(IRIX, test "$irix" != no)dnl -AH_BOTTOM([ -/* IRIX 4 braindamage */ -#if IRIX == 4 && !defined(__STDC__) -#define __STDC__ 0 -#endif -]) ]) diff --git a/cf/krb-bigendian.m4 b/cf/krb-bigendian.m4 index 30e1a799c511..e8037503f873 100644 --- a/cf/krb-bigendian.m4 +++ b/cf/krb-bigendian.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: krb-bigendian.m4 15456 2005-06-16 21:04:43Z lha $ +dnl $Id$ dnl dnl check if this computer is little or big-endian @@ -51,7 +51,7 @@ if test "$krb_cv_c_bigendian_compile" = "yes"; then AC_DEFINE(ENDIANESS_IN_SYS_PARAM_H, 1, [define if sys/param.h defines the endiness])dnl fi AH_BOTTOM([ -#if ENDIANESS_IN_SYS_PARAM_H +#ifdef ENDIANESS_IN_SYS_PARAM_H # include # include # if BYTE_ORDER == BIG_ENDIAN diff --git a/cf/krb-func-getcwd-broken.m4 b/cf/krb-func-getcwd-broken.m4 index 6ab4a268a47c..08b0793510a7 100644 --- a/cf/krb-func-getcwd-broken.m4 +++ b/cf/krb-func-getcwd-broken.m4 @@ -1,4 +1,4 @@ -dnl $Id: krb-func-getcwd-broken.m4 15455 2005-06-16 21:03:43Z lha $ +dnl $Id$ dnl dnl dnl test for broken getcwd in (SunOS braindamage) diff --git a/cf/krb-func-getlogin.m4 b/cf/krb-func-getlogin.m4 index 03cecfcefe66..6218e6b1fef2 100644 --- a/cf/krb-func-getlogin.m4 +++ b/cf/krb-func-getlogin.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: krb-func-getlogin.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl test for POSIX (broken) getlogin dnl diff --git a/cf/krb-ipv6.m4 b/cf/krb-ipv6.m4 index ba0b00093fde..4fbe2d67fbc3 100644 --- a/cf/krb-ipv6.m4 +++ b/cf/krb-ipv6.m4 @@ -1,95 +1,98 @@ -dnl $Id: krb-ipv6.m4 14166 2004-08-26 12:35:42Z joda $ +dnl $Id$ dnl dnl test for IPv6 dnl +ac_cv_lib_ipv6=check + AC_DEFUN([AC_KRB_IPV6], [ AC_ARG_WITH(ipv6, AS_HELP_STRING([--without-ipv6],[do not enable IPv6 support]),[ -if test "$withval" = "no"; then - ac_cv_lib_ipv6=no -fi]) + ac_cv_lib_ipv6="$withval" +]) save_CFLAGS="${CFLAGS}" -AC_CACHE_CHECK([for IPv6 stack type], v6type, -[dnl check for different v6 implementations (by itojun) -v6type=unknown -v6lib=none -for i in v6d toshiba kame inria zeta linux; do - case $i in - v6d) - AC_EGREP_CPP(yes, [ +if test "X$ac_cv_lib_ipv6" != "Xno"; then + + AC_CACHE_CHECK([for IPv6 stack type], rk_cv_v6type, + [dnl check for different v6 implementations (by itojun) + v6type=unknown + v6lib=none + + for i in v6d toshiba kame inria zeta linux; do + case $i in + v6d) + AC_EGREP_CPP(yes, [ #include #ifdef __V6D__ yes #endif], - [v6type=$i; v6lib=v6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-I/usr/local/v6/include $CFLAGS"]) - ;; - toshiba) - AC_EGREP_CPP(yes, [ + [v6type=$i; v6lib=v6; + v6libdir=/usr/local/v6/lib; + CFLAGS="-I/usr/local/v6/include $CFLAGS"]) + ;; + toshiba) + AC_EGREP_CPP(yes, [ #include #ifdef _TOSHIBA_INET6 yes #endif], - [v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS"]) - ;; - kame) - AC_EGREP_CPP(yes, [ + [v6type=$i; v6lib=inet6; + v6libdir=/usr/local/v6/lib; + CFLAGS="-DINET6 $CFLAGS"]) + ;; + kame) + AC_EGREP_CPP(yes, [ #include #ifdef __KAME__ yes #endif], - [v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS"]) - ;; - inria) - AC_EGREP_CPP(yes, [ + [v6type=$i; v6lib=inet6; + v6libdir=/usr/local/v6/lib; + CFLAGS="-DINET6 $CFLAGS"]) + ;; + inria) + AC_EGREP_CPP(yes, [ #include #ifdef IPV6_INRIA_VERSION yes #endif], - [v6type=$i; CFLAGS="-DINET6 $CFLAGS"]) - ;; - zeta) - AC_EGREP_CPP(yes, [ + [v6type=$i; CFLAGS="-DINET6 $CFLAGS"]) + ;; + zeta) + AC_EGREP_CPP(yes, [ #include #ifdef _ZETA_MINAMI_INET6 yes #endif], - [v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS"]) - ;; - linux) - if test -d /usr/inet6; then - v6type=$i - v6lib=inet6 - v6libdir=/usr/inet6 - CFLAGS="-DINET6 $CFLAGS" - fi - ;; - esac - if test "$v6type" != "unknown"; then - break - fi -done - -if test "$v6lib" != "none"; then - for dir in $v6libdir /usr/local/v6/lib /usr/local/lib; do - if test -d $dir -a -f $dir/lib$v6lib.a; then - LIBS="-L$dir -l$v6lib $LIBS" + [v6type=$i; v6lib=inet6; + v6libdir=/usr/local/v6/lib; + CFLAGS="-DINET6 $CFLAGS"]) + ;; + linux) + if test -d /usr/inet6; then + v6type=$i + v6lib=inet6 + v6libdir=/usr/inet6 + CFLAGS="-DINET6 $CFLAGS" + fi + ;; + esac + if test "$v6type" != "unknown"; then break fi done -fi -]) -AC_CACHE_CHECK([for IPv6], ac_cv_lib_ipv6, [ -AC_LINK_IFELSE([AC_LANG_PROGRAM([[ + if test "$v6lib" != "none"; then + for dir in $v6libdir /usr/local/v6/lib /usr/local/lib; do + if test -d $dir -a -f $dir/lib$v6lib.a; then + LIBS="-L$dir -l$v6lib $LIBS" + break + fi + done + fi]) + + AC_CACHE_CHECK([for IPv6], rk_cv_lib_ipv6, [ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #ifdef HAVE_SYS_TYPES_H #include #endif @@ -103,7 +106,7 @@ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include #endif ]], -[[ + [[ struct sockaddr_in6 sin6; int s; @@ -114,8 +117,10 @@ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ sin6.sin6_addr = in6addr_any; bind(s, (struct sockaddr *)&sin6, sizeof(sin6)); ]])], -[ac_cv_lib_ipv6=yes], -[ac_cv_lib_ipv6=no])]) + [ac_cv_lib_ipv6=yes], + [ac_cv_lib_ipv6=no])]) +fi + if test "$ac_cv_lib_ipv6" = yes; then AC_DEFINE(HAVE_IPV6, 1, [Define if you have IPv6.]) else @@ -124,7 +129,7 @@ fi ## test for AIX missing in6addr_loopback if test "$ac_cv_lib_ipv6" = yes; then - AC_CACHE_CHECK([for in6addr_loopback],[ac_cv_var_in6addr_loopback],[ + AC_CACHE_CHECK([for in6addr_loopback],[rk_cv_var_in6addr_loopback],[ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #ifdef HAVE_SYS_TYPES_H #include diff --git a/cf/krb-prog-ln-s.m4 b/cf/krb-prog-ln-s.m4 index e4bb7cad460a..35ab877ef13b 100644 --- a/cf/krb-prog-ln-s.m4 +++ b/cf/krb-prog-ln-s.m4 @@ -1,4 +1,4 @@ -dnl $Id: krb-prog-ln-s.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl dnl Better test for ln -s, ln or cp diff --git a/cf/krb-prog-ranlib.m4 b/cf/krb-prog-ranlib.m4 index 6a851a24da62..8bc5b9eff24b 100644 --- a/cf/krb-prog-ranlib.m4 +++ b/cf/krb-prog-ranlib.m4 @@ -1,4 +1,4 @@ -dnl $Id: krb-prog-ranlib.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl dnl Also look for EMXOMF for OS/2 diff --git a/cf/krb-prog-yacc.m4 b/cf/krb-prog-yacc.m4 index 10203e453fe4..380412ec7a0d 100644 --- a/cf/krb-prog-yacc.m4 +++ b/cf/krb-prog-yacc.m4 @@ -1,4 +1,4 @@ -dnl $Id: krb-prog-yacc.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl dnl We prefer byacc or yacc because they do not use `alloca' diff --git a/cf/krb-readline.m4 b/cf/krb-readline.m4 index 61a50c5abacd..ddb94bf0d1da 100644 --- a/cf/krb-readline.m4 +++ b/cf/krb-readline.m4 @@ -1,4 +1,4 @@ -dnl $Id: krb-readline.m4 14166 2004-08-26 12:35:42Z joda $ +dnl $Id$ dnl dnl Tests for readline functions dnl @@ -6,33 +6,22 @@ dnl dnl el_init AC_DEFUN([KRB_READLINE],[ -AC_FIND_FUNC_NO_LIBS(el_init, edit, [], [], [$LIB_tgetent]) -if test "$ac_cv_func_el_init" = yes ; then - AC_CACHE_CHECK(for four argument el_init, ac_cv_func_el_init_four,[ - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include - #include ]], - [[el_init("", NULL, NULL, NULL);]])], - [ac_cv_func_el_init_four=yes], - [ac_cv_func_el_init_four=no])]) - if test "$ac_cv_func_el_init_four" = yes; then - AC_DEFINE(HAVE_FOUR_VALUED_EL_INIT, 1, [Define if el_init takes four arguments.]) - fi -fi dnl readline ac_foo=no +build_editline=no if test "$with_readline" = yes; then : +elif test "$with_libedit" = yes; then + LIB_readline="${LIB_libedit}" elif test "$ac_cv_func_readline" = yes; then : -elif test "$ac_cv_func_el_init" = yes; then - ac_foo=yes - LIB_readline="\$(top_builddir)/lib/editline/libel_compat.la \$(LIB_el_init) \$(LIB_tgetent)" else - LIB_readline="\$(top_builddir)/lib/editline/libeditline.la \$(LIB_tgetent)" + build_libedit=yes + LIB_readline="\$(top_builddir)/lib/libedit/src/libheimedit.la \$(LIB_tgetent)" fi -AM_CONDITIONAL(el_compat, test "$ac_foo" = yes) +AM_CONDITIONAL(LIBEDIT, test "$build_libedit" = yes) AC_DEFINE(HAVE_READLINE, 1, [Define if you have a readline compatible library.])dnl diff --git a/cf/krb-struct-spwd.m4 b/cf/krb-struct-spwd.m4 index 17fb2a371cb3..aebf20c1170d 100644 --- a/cf/krb-struct-spwd.m4 +++ b/cf/krb-struct-spwd.m4 @@ -1,4 +1,4 @@ -dnl $Id: krb-struct-spwd.m4 14166 2004-08-26 12:35:42Z joda $ +dnl $Id$ dnl dnl Test for `struct spwd' diff --git a/cf/krb-struct-winsize.m4 b/cf/krb-struct-winsize.m4 index 06e5f5bb8e7e..5f46b8d06db8 100644 --- a/cf/krb-struct-winsize.m4 +++ b/cf/krb-struct-winsize.m4 @@ -1,4 +1,4 @@ -dnl $Id: krb-struct-winsize.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl dnl Search for struct winsize diff --git a/cf/krb-sys-aix.m4 b/cf/krb-sys-aix.m4 index 544e779181a5..c599ef88b568 100644 --- a/cf/krb-sys-aix.m4 +++ b/cf/krb-sys-aix.m4 @@ -1,4 +1,4 @@ -dnl $Id: krb-sys-aix.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl dnl AIX have a very different syscall convention diff --git a/cf/krb-sys-nextstep.m4 b/cf/krb-sys-nextstep.m4 index dcf7e096c33e..d9308a087754 100644 --- a/cf/krb-sys-nextstep.m4 +++ b/cf/krb-sys-nextstep.m4 @@ -1,4 +1,4 @@ -dnl $Id: krb-sys-nextstep.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl NEXTSTEP is not posix compliant by default, dnl you need a switch -posix to the compiler diff --git a/cf/krb-version.m4 b/cf/krb-version.m4 index 92d731f0438f..e196d993de20 100644 --- a/cf/krb-version.m4 +++ b/cf/krb-version.m4 @@ -1,4 +1,4 @@ -dnl $Id: krb-version.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl dnl output a C header-file with some version strings diff --git a/cf/largefile.m4 b/cf/largefile.m4 index 972ba9c44549..5c54897be483 100644 --- a/cf/largefile.m4 +++ b/cf/largefile.m4 @@ -1,4 +1,4 @@ -dnl $Id: largefile.m4 13768 2004-04-24 21:51:32Z joda $ +dnl $Id$ dnl dnl Figure out what flags we need for 64-bit file access, and also set dnl them on the command line. diff --git a/cf/libtool.m4 b/cf/libtool.m4 new file mode 100644 index 000000000000..d8125842f0a8 --- /dev/null +++ b/cf/libtool.m4 @@ -0,0 +1,7831 @@ +# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- +# +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, +# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, +# Inc. +# Written by Gordon Matzigkeit, 1996 +# +# This file is free software; the Free Software Foundation gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. + +m4_define([_LT_COPYING], [dnl +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, +# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, +# Inc. +# Written by Gordon Matzigkeit, 1996 +# +# This file is part of GNU Libtool. +# +# GNU Libtool is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of +# the License, or (at your option) any later version. +# +# As a special exception to the GNU General Public License, +# if you distribute this file as part of a program or library that +# is built using GNU Libtool, you may include this file under the +# same distribution terms that you use for the rest of that program. +# +# GNU Libtool is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GNU Libtool; see the file COPYING. If not, a copy +# can be downloaded from http://www.gnu.org/licenses/gpl.html, or +# obtained by writing to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +]) + +# serial 57 LT_INIT + + +# LT_PREREQ(VERSION) +# ------------------ +# Complain and exit if this libtool version is less that VERSION. +m4_defun([LT_PREREQ], +[m4_if(m4_version_compare(m4_defn([LT_PACKAGE_VERSION]), [$1]), -1, + [m4_default([$3], + [m4_fatal([Libtool version $1 or higher is required], + 63)])], + [$2])]) + + +# _LT_CHECK_BUILDDIR +# ------------------ +# Complain if the absolute build directory name contains unusual characters +m4_defun([_LT_CHECK_BUILDDIR], +[case `pwd` in + *\ * | *\ *) + AC_MSG_WARN([Libtool does not cope well with whitespace in `pwd`]) ;; +esac +]) + + +# LT_INIT([OPTIONS]) +# ------------------ +AC_DEFUN([LT_INIT], +[AC_PREREQ([2.58])dnl We use AC_INCLUDES_DEFAULT +AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl +AC_BEFORE([$0], [LT_LANG])dnl +AC_BEFORE([$0], [LT_OUTPUT])dnl +AC_BEFORE([$0], [LTDL_INIT])dnl +m4_require([_LT_CHECK_BUILDDIR])dnl + +dnl Autoconf doesn't catch unexpanded LT_ macros by default: +m4_pattern_forbid([^_?LT_[A-Z_]+$])dnl +m4_pattern_allow([^(_LT_EOF|LT_DLGLOBAL|LT_DLLAZY_OR_NOW|LT_MULTI_MODULE)$])dnl +dnl aclocal doesn't pull ltoptions.m4, ltsugar.m4, or ltversion.m4 +dnl unless we require an AC_DEFUNed macro: +AC_REQUIRE([LTOPTIONS_VERSION])dnl +AC_REQUIRE([LTSUGAR_VERSION])dnl +AC_REQUIRE([LTVERSION_VERSION])dnl +AC_REQUIRE([LTOBSOLETE_VERSION])dnl +m4_require([_LT_PROG_LTMAIN])dnl + +_LT_SHELL_INIT([SHELL=${CONFIG_SHELL-/bin/sh}]) + +dnl Parse OPTIONS +_LT_SET_OPTIONS([$0], [$1]) + +# This can be used to rebuild libtool when needed +LIBTOOL_DEPS="$ltmain" + +# Always use our own libtool. +LIBTOOL='$(SHELL) $(top_builddir)/libtool' +AC_SUBST(LIBTOOL)dnl + +_LT_SETUP + +# Only expand once: +m4_define([LT_INIT]) +])# LT_INIT + +# Old names: +AU_ALIAS([AC_PROG_LIBTOOL], [LT_INIT]) +AU_ALIAS([AM_PROG_LIBTOOL], [LT_INIT]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_PROG_LIBTOOL], []) +dnl AC_DEFUN([AM_PROG_LIBTOOL], []) + + +# _LT_CC_BASENAME(CC) +# ------------------- +# Calculate cc_basename. Skip known compiler wrappers and cross-prefix. +m4_defun([_LT_CC_BASENAME], +[for cc_temp in $1""; do + case $cc_temp in + compile | *[[\\/]]compile | ccache | *[[\\/]]ccache ) ;; + distcc | *[[\\/]]distcc | purify | *[[\\/]]purify ) ;; + \-*) ;; + *) break;; + esac +done +cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"` +]) + + +# _LT_FILEUTILS_DEFAULTS +# ---------------------- +# It is okay to use these file commands and assume they have been set +# sensibly after `m4_require([_LT_FILEUTILS_DEFAULTS])'. +m4_defun([_LT_FILEUTILS_DEFAULTS], +[: ${CP="cp -f"} +: ${MV="mv -f"} +: ${RM="rm -f"} +])# _LT_FILEUTILS_DEFAULTS + + +# _LT_SETUP +# --------- +m4_defun([_LT_SETUP], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +AC_REQUIRE([AC_CANONICAL_BUILD])dnl +AC_REQUIRE([_LT_PREPARE_SED_QUOTE_VARS])dnl +AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl + +_LT_DECL([], [host_alias], [0], [The host system])dnl +_LT_DECL([], [host], [0])dnl +_LT_DECL([], [host_os], [0])dnl +dnl +_LT_DECL([], [build_alias], [0], [The build system])dnl +_LT_DECL([], [build], [0])dnl +_LT_DECL([], [build_os], [0])dnl +dnl +AC_REQUIRE([AC_PROG_CC])dnl +AC_REQUIRE([LT_PATH_LD])dnl +AC_REQUIRE([LT_PATH_NM])dnl +dnl +AC_REQUIRE([AC_PROG_LN_S])dnl +test -z "$LN_S" && LN_S="ln -s" +_LT_DECL([], [LN_S], [1], [Whether we need soft or hard links])dnl +dnl +AC_REQUIRE([LT_CMD_MAX_LEN])dnl +_LT_DECL([objext], [ac_objext], [0], [Object file suffix (normally "o")])dnl +_LT_DECL([], [exeext], [0], [Executable file suffix (normally "")])dnl +dnl +m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_CHECK_SHELL_FEATURES])dnl +m4_require([_LT_PATH_CONVERSION_FUNCTIONS])dnl +m4_require([_LT_CMD_RELOAD])dnl +m4_require([_LT_CHECK_MAGIC_METHOD])dnl +m4_require([_LT_CHECK_SHAREDLIB_FROM_LINKLIB])dnl +m4_require([_LT_CMD_OLD_ARCHIVE])dnl +m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl +m4_require([_LT_WITH_SYSROOT])dnl + +_LT_CONFIG_LIBTOOL_INIT([ +# See if we are running on zsh, and set the options which allow our +# commands through without removal of \ escapes INIT. +if test -n "\${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST +fi +]) +if test -n "${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST +fi + +_LT_CHECK_OBJDIR + +m4_require([_LT_TAG_COMPILER])dnl + +case $host_os in +aix3*) + # AIX sometimes has problems with the GCC collect2 program. For some + # reason, if we set the COLLECT_NAMES environment variable, the problems + # vanish in a puff of smoke. + if test "X${COLLECT_NAMES+set}" != Xset; then + COLLECT_NAMES= + export COLLECT_NAMES + fi + ;; +esac + +# Global variables: +ofile=libtool +can_build_shared=yes + +# All known linkers require a `.a' archive for static linking (except MSVC, +# which needs '.lib'). +libext=a + +with_gnu_ld="$lt_cv_prog_gnu_ld" + +old_CC="$CC" +old_CFLAGS="$CFLAGS" + +# Set sane defaults for various variables +test -z "$CC" && CC=cc +test -z "$LTCC" && LTCC=$CC +test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS +test -z "$LD" && LD=ld +test -z "$ac_objext" && ac_objext=o + +_LT_CC_BASENAME([$compiler]) + +# Only perform the check for file, if the check method requires it +test -z "$MAGIC_CMD" && MAGIC_CMD=file +case $deplibs_check_method in +file_magic*) + if test "$file_magic_cmd" = '$MAGIC_CMD'; then + _LT_PATH_MAGIC + fi + ;; +esac + +# Use C for the default configuration in the libtool script +LT_SUPPORTED_TAG([CC]) +_LT_LANG_C_CONFIG +_LT_LANG_DEFAULT_CONFIG +_LT_CONFIG_COMMANDS +])# _LT_SETUP + + +# _LT_PREPARE_SED_QUOTE_VARS +# -------------------------- +# Define a few sed substitution that help us do robust quoting. +m4_defun([_LT_PREPARE_SED_QUOTE_VARS], +[# Backslashify metacharacters that are still active within +# double-quoted strings. +sed_quote_subst='s/\([["`$\\]]\)/\\\1/g' + +# Same as above, but do not quote variable references. +double_quote_subst='s/\([["`\\]]\)/\\\1/g' + +# Sed substitution to delay expansion of an escaped shell variable in a +# double_quote_subst'ed string. +delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' + +# Sed substitution to delay expansion of an escaped single quote. +delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g' + +# Sed substitution to avoid accidental globbing in evaled expressions +no_glob_subst='s/\*/\\\*/g' +]) + +# _LT_PROG_LTMAIN +# --------------- +# Note that this code is called both from `configure', and `config.status' +# now that we use AC_CONFIG_COMMANDS to generate libtool. Notably, +# `config.status' has no value for ac_aux_dir unless we are using Automake, +# so we pass a copy along to make sure it has a sensible value anyway. +m4_defun([_LT_PROG_LTMAIN], +[m4_ifdef([AC_REQUIRE_AUX_FILE], [AC_REQUIRE_AUX_FILE([ltmain.sh])])dnl +_LT_CONFIG_LIBTOOL_INIT([ac_aux_dir='$ac_aux_dir']) +ltmain="$ac_aux_dir/ltmain.sh" +])# _LT_PROG_LTMAIN + + +## ------------------------------------- ## +## Accumulate code for creating libtool. ## +## ------------------------------------- ## + +# So that we can recreate a full libtool script including additional +# tags, we accumulate the chunks of code to send to AC_CONFIG_COMMANDS +# in macros and then make a single call at the end using the `libtool' +# label. + + +# _LT_CONFIG_LIBTOOL_INIT([INIT-COMMANDS]) +# ---------------------------------------- +# Register INIT-COMMANDS to be passed to AC_CONFIG_COMMANDS later. +m4_define([_LT_CONFIG_LIBTOOL_INIT], +[m4_ifval([$1], + [m4_append([_LT_OUTPUT_LIBTOOL_INIT], + [$1 +])])]) + +# Initialize. +m4_define([_LT_OUTPUT_LIBTOOL_INIT]) + + +# _LT_CONFIG_LIBTOOL([COMMANDS]) +# ------------------------------ +# Register COMMANDS to be passed to AC_CONFIG_COMMANDS later. +m4_define([_LT_CONFIG_LIBTOOL], +[m4_ifval([$1], + [m4_append([_LT_OUTPUT_LIBTOOL_COMMANDS], + [$1 +])])]) + +# Initialize. +m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS]) + + +# _LT_CONFIG_SAVE_COMMANDS([COMMANDS], [INIT_COMMANDS]) +# ----------------------------------------------------- +m4_defun([_LT_CONFIG_SAVE_COMMANDS], +[_LT_CONFIG_LIBTOOL([$1]) +_LT_CONFIG_LIBTOOL_INIT([$2]) +]) + + +# _LT_FORMAT_COMMENT([COMMENT]) +# ----------------------------- +# Add leading comment marks to the start of each line, and a trailing +# full-stop to the whole comment if one is not present already. +m4_define([_LT_FORMAT_COMMENT], +[m4_ifval([$1], [ +m4_bpatsubst([m4_bpatsubst([$1], [^ *], [# ])], + [['`$\]], [\\\&])]m4_bmatch([$1], [[!?.]$], [], [.]) +)]) + + + +## ------------------------ ## +## FIXME: Eliminate VARNAME ## +## ------------------------ ## + + +# _LT_DECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION], [IS-TAGGED?]) +# ------------------------------------------------------------------- +# CONFIGNAME is the name given to the value in the libtool script. +# VARNAME is the (base) name used in the configure script. +# VALUE may be 0, 1 or 2 for a computed quote escaped value based on +# VARNAME. Any other value will be used directly. +m4_define([_LT_DECL], +[lt_if_append_uniq([lt_decl_varnames], [$2], [, ], + [lt_dict_add_subkey([lt_decl_dict], [$2], [libtool_name], + [m4_ifval([$1], [$1], [$2])]) + lt_dict_add_subkey([lt_decl_dict], [$2], [value], [$3]) + m4_ifval([$4], + [lt_dict_add_subkey([lt_decl_dict], [$2], [description], [$4])]) + lt_dict_add_subkey([lt_decl_dict], [$2], + [tagged?], [m4_ifval([$5], [yes], [no])])]) +]) + + +# _LT_TAGDECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION]) +# -------------------------------------------------------- +m4_define([_LT_TAGDECL], [_LT_DECL([$1], [$2], [$3], [$4], [yes])]) + + +# lt_decl_tag_varnames([SEPARATOR], [VARNAME1...]) +# ------------------------------------------------ +m4_define([lt_decl_tag_varnames], +[_lt_decl_filter([tagged?], [yes], $@)]) + + +# _lt_decl_filter(SUBKEY, VALUE, [SEPARATOR], [VARNAME1..]) +# --------------------------------------------------------- +m4_define([_lt_decl_filter], +[m4_case([$#], + [0], [m4_fatal([$0: too few arguments: $#])], + [1], [m4_fatal([$0: too few arguments: $#: $1])], + [2], [lt_dict_filter([lt_decl_dict], [$1], [$2], [], lt_decl_varnames)], + [3], [lt_dict_filter([lt_decl_dict], [$1], [$2], [$3], lt_decl_varnames)], + [lt_dict_filter([lt_decl_dict], $@)])[]dnl +]) + + +# lt_decl_quote_varnames([SEPARATOR], [VARNAME1...]) +# -------------------------------------------------- +m4_define([lt_decl_quote_varnames], +[_lt_decl_filter([value], [1], $@)]) + + +# lt_decl_dquote_varnames([SEPARATOR], [VARNAME1...]) +# --------------------------------------------------- +m4_define([lt_decl_dquote_varnames], +[_lt_decl_filter([value], [2], $@)]) + + +# lt_decl_varnames_tagged([SEPARATOR], [VARNAME1...]) +# --------------------------------------------------- +m4_define([lt_decl_varnames_tagged], +[m4_assert([$# <= 2])dnl +_$0(m4_quote(m4_default([$1], [[, ]])), + m4_ifval([$2], [[$2]], [m4_dquote(lt_decl_tag_varnames)]), + m4_split(m4_normalize(m4_quote(_LT_TAGS)), [ ]))]) +m4_define([_lt_decl_varnames_tagged], +[m4_ifval([$3], [lt_combine([$1], [$2], [_], $3)])]) + + +# lt_decl_all_varnames([SEPARATOR], [VARNAME1...]) +# ------------------------------------------------ +m4_define([lt_decl_all_varnames], +[_$0(m4_quote(m4_default([$1], [[, ]])), + m4_if([$2], [], + m4_quote(lt_decl_varnames), + m4_quote(m4_shift($@))))[]dnl +]) +m4_define([_lt_decl_all_varnames], +[lt_join($@, lt_decl_varnames_tagged([$1], + lt_decl_tag_varnames([[, ]], m4_shift($@))))dnl +]) + + +# _LT_CONFIG_STATUS_DECLARE([VARNAME]) +# ------------------------------------ +# Quote a variable value, and forward it to `config.status' so that its +# declaration there will have the same value as in `configure'. VARNAME +# must have a single quote delimited value for this to work. +m4_define([_LT_CONFIG_STATUS_DECLARE], +[$1='`$ECHO "$][$1" | $SED "$delay_single_quote_subst"`']) + + +# _LT_CONFIG_STATUS_DECLARATIONS +# ------------------------------ +# We delimit libtool config variables with single quotes, so when +# we write them to config.status, we have to be sure to quote all +# embedded single quotes properly. In configure, this macro expands +# each variable declared with _LT_DECL (and _LT_TAGDECL) into: +# +# ='`$ECHO "$" | $SED "$delay_single_quote_subst"`' +m4_defun([_LT_CONFIG_STATUS_DECLARATIONS], +[m4_foreach([_lt_var], m4_quote(lt_decl_all_varnames), + [m4_n([_LT_CONFIG_STATUS_DECLARE(_lt_var)])])]) + + +# _LT_LIBTOOL_TAGS +# ---------------- +# Output comment and list of tags supported by the script +m4_defun([_LT_LIBTOOL_TAGS], +[_LT_FORMAT_COMMENT([The names of the tagged configurations supported by this script])dnl +available_tags="_LT_TAGS"dnl +]) + + +# _LT_LIBTOOL_DECLARE(VARNAME, [TAG]) +# ----------------------------------- +# Extract the dictionary values for VARNAME (optionally with TAG) and +# expand to a commented shell variable setting: +# +# # Some comment about what VAR is for. +# visible_name=$lt_internal_name +m4_define([_LT_LIBTOOL_DECLARE], +[_LT_FORMAT_COMMENT(m4_quote(lt_dict_fetch([lt_decl_dict], [$1], + [description])))[]dnl +m4_pushdef([_libtool_name], + m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [libtool_name])))[]dnl +m4_case(m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [value])), + [0], [_libtool_name=[$]$1], + [1], [_libtool_name=$lt_[]$1], + [2], [_libtool_name=$lt_[]$1], + [_libtool_name=lt_dict_fetch([lt_decl_dict], [$1], [value])])[]dnl +m4_ifval([$2], [_$2])[]m4_popdef([_libtool_name])[]dnl +]) + + +# _LT_LIBTOOL_CONFIG_VARS +# ----------------------- +# Produce commented declarations of non-tagged libtool config variables +# suitable for insertion in the LIBTOOL CONFIG section of the `libtool' +# script. Tagged libtool config variables (even for the LIBTOOL CONFIG +# section) are produced by _LT_LIBTOOL_TAG_VARS. +m4_defun([_LT_LIBTOOL_CONFIG_VARS], +[m4_foreach([_lt_var], + m4_quote(_lt_decl_filter([tagged?], [no], [], lt_decl_varnames)), + [m4_n([_LT_LIBTOOL_DECLARE(_lt_var)])])]) + + +# _LT_LIBTOOL_TAG_VARS(TAG) +# ------------------------- +m4_define([_LT_LIBTOOL_TAG_VARS], +[m4_foreach([_lt_var], m4_quote(lt_decl_tag_varnames), + [m4_n([_LT_LIBTOOL_DECLARE(_lt_var, [$1])])])]) + + +# _LT_TAGVAR(VARNAME, [TAGNAME]) +# ------------------------------ +m4_define([_LT_TAGVAR], [m4_ifval([$2], [$1_$2], [$1])]) + + +# _LT_CONFIG_COMMANDS +# ------------------- +# Send accumulated output to $CONFIG_STATUS. Thanks to the lists of +# variables for single and double quote escaping we saved from calls +# to _LT_DECL, we can put quote escaped variables declarations +# into `config.status', and then the shell code to quote escape them in +# for loops in `config.status'. Finally, any additional code accumulated +# from calls to _LT_CONFIG_LIBTOOL_INIT is expanded. +m4_defun([_LT_CONFIG_COMMANDS], +[AC_PROVIDE_IFELSE([LT_OUTPUT], + dnl If the libtool generation code has been placed in $CONFIG_LT, + dnl instead of duplicating it all over again into config.status, + dnl then we will have config.status run $CONFIG_LT later, so it + dnl needs to know what name is stored there: + [AC_CONFIG_COMMANDS([libtool], + [$SHELL $CONFIG_LT || AS_EXIT(1)], [CONFIG_LT='$CONFIG_LT'])], + dnl If the libtool generation code is destined for config.status, + dnl expand the accumulated commands and init code now: + [AC_CONFIG_COMMANDS([libtool], + [_LT_OUTPUT_LIBTOOL_COMMANDS], [_LT_OUTPUT_LIBTOOL_COMMANDS_INIT])]) +])#_LT_CONFIG_COMMANDS + + +# Initialize. +m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS_INIT], +[ + +# The HP-UX ksh and POSIX shell print the target directory to stdout +# if CDPATH is set. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +sed_quote_subst='$sed_quote_subst' +double_quote_subst='$double_quote_subst' +delay_variable_subst='$delay_variable_subst' +_LT_CONFIG_STATUS_DECLARATIONS +LTCC='$LTCC' +LTCFLAGS='$LTCFLAGS' +compiler='$compiler_DEFAULT' + +# A function that is used when there is no print builtin or printf. +func_fallback_echo () +{ + eval 'cat <<_LTECHO_EOF +\$[]1 +_LTECHO_EOF' +} + +# Quote evaled strings. +for var in lt_decl_all_varnames([[ \ +]], lt_decl_quote_varnames); do + case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in + *[[\\\\\\\`\\"\\\$]]*) + eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" + ;; + *) + eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" + ;; + esac +done + +# Double-quote double-evaled strings. +for var in lt_decl_all_varnames([[ \ +]], lt_decl_dquote_varnames); do + case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in + *[[\\\\\\\`\\"\\\$]]*) + eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" + ;; + *) + eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" + ;; + esac +done + +_LT_OUTPUT_LIBTOOL_INIT +]) + +# _LT_GENERATED_FILE_INIT(FILE, [COMMENT]) +# ------------------------------------ +# Generate a child script FILE with all initialization necessary to +# reuse the environment learned by the parent script, and make the +# file executable. If COMMENT is supplied, it is inserted after the +# `#!' sequence but before initialization text begins. After this +# macro, additional text can be appended to FILE to form the body of +# the child script. The macro ends with non-zero status if the +# file could not be fully written (such as if the disk is full). +m4_ifdef([AS_INIT_GENERATED], +[m4_defun([_LT_GENERATED_FILE_INIT],[AS_INIT_GENERATED($@)])], +[m4_defun([_LT_GENERATED_FILE_INIT], +[m4_require([AS_PREPARE])]dnl +[m4_pushdef([AS_MESSAGE_LOG_FD])]dnl +[lt_write_fail=0 +cat >$1 <<_ASEOF || lt_write_fail=1 +#! $SHELL +# Generated by $as_me. +$2 +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>$1 <<\_ASEOF || lt_write_fail=1 +AS_SHELL_SANITIZE +_AS_PREPARE +exec AS_MESSAGE_FD>&1 +_ASEOF +test $lt_write_fail = 0 && chmod +x $1[]dnl +m4_popdef([AS_MESSAGE_LOG_FD])])])# _LT_GENERATED_FILE_INIT + +# LT_OUTPUT +# --------- +# This macro allows early generation of the libtool script (before +# AC_OUTPUT is called), incase it is used in configure for compilation +# tests. +AC_DEFUN([LT_OUTPUT], +[: ${CONFIG_LT=./config.lt} +AC_MSG_NOTICE([creating $CONFIG_LT]) +_LT_GENERATED_FILE_INIT(["$CONFIG_LT"], +[# Run this file to recreate a libtool stub with the current configuration.]) + +cat >>"$CONFIG_LT" <<\_LTEOF +lt_cl_silent=false +exec AS_MESSAGE_LOG_FD>>config.log +{ + echo + AS_BOX([Running $as_me.]) +} >&AS_MESSAGE_LOG_FD + +lt_cl_help="\ +\`$as_me' creates a local libtool stub from the current configuration, +for use in further configure time tests before the real libtool is +generated. + +Usage: $[0] [[OPTIONS]] + + -h, --help print this help, then exit + -V, --version print version number, then exit + -q, --quiet do not print progress messages + -d, --debug don't remove temporary files + +Report bugs to ." + +lt_cl_version="\ +m4_ifset([AC_PACKAGE_NAME], [AC_PACKAGE_NAME ])config.lt[]dnl +m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION]) +configured by $[0], generated by m4_PACKAGE_STRING. + +Copyright (C) 2010 Free Software Foundation, Inc. +This config.lt script is free software; the Free Software Foundation +gives unlimited permision to copy, distribute and modify it." + +while test $[#] != 0 +do + case $[1] in + --version | --v* | -V ) + echo "$lt_cl_version"; exit 0 ;; + --help | --h* | -h ) + echo "$lt_cl_help"; exit 0 ;; + --debug | --d* | -d ) + debug=: ;; + --quiet | --q* | --silent | --s* | -q ) + lt_cl_silent=: ;; + + -*) AC_MSG_ERROR([unrecognized option: $[1] +Try \`$[0] --help' for more information.]) ;; + + *) AC_MSG_ERROR([unrecognized argument: $[1] +Try \`$[0] --help' for more information.]) ;; + esac + shift +done + +if $lt_cl_silent; then + exec AS_MESSAGE_FD>/dev/null +fi +_LTEOF + +cat >>"$CONFIG_LT" <<_LTEOF +_LT_OUTPUT_LIBTOOL_COMMANDS_INIT +_LTEOF + +cat >>"$CONFIG_LT" <<\_LTEOF +AC_MSG_NOTICE([creating $ofile]) +_LT_OUTPUT_LIBTOOL_COMMANDS +AS_EXIT(0) +_LTEOF +chmod +x "$CONFIG_LT" + +# configure is writing to config.log, but config.lt does its own redirection, +# appending to config.log, which fails on DOS, as config.log is still kept +# open by configure. Here we exec the FD to /dev/null, effectively closing +# config.log, so it can be properly (re)opened and appended to by config.lt. +lt_cl_success=: +test "$silent" = yes && + lt_config_lt_args="$lt_config_lt_args --quiet" +exec AS_MESSAGE_LOG_FD>/dev/null +$SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false +exec AS_MESSAGE_LOG_FD>>config.log +$lt_cl_success || AS_EXIT(1) +])# LT_OUTPUT + + +# _LT_CONFIG(TAG) +# --------------- +# If TAG is the built-in tag, create an initial libtool script with a +# default configuration from the untagged config vars. Otherwise add code +# to config.status for appending the configuration named by TAG from the +# matching tagged config vars. +m4_defun([_LT_CONFIG], +[m4_require([_LT_FILEUTILS_DEFAULTS])dnl +_LT_CONFIG_SAVE_COMMANDS([ + m4_define([_LT_TAG], m4_if([$1], [], [C], [$1]))dnl + m4_if(_LT_TAG, [C], [ + # See if we are running on zsh, and set the options which allow our + # commands through without removal of \ escapes. + if test -n "${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST + fi + + cfgfile="${ofile}T" + trap "$RM \"$cfgfile\"; exit 1" 1 2 15 + $RM "$cfgfile" + + cat <<_LT_EOF >> "$cfgfile" +#! $SHELL + +# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services. +# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION +# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: +# NOTE: Changes made to this file will be lost: look at ltmain.sh. +# +_LT_COPYING +_LT_LIBTOOL_TAGS + +# ### BEGIN LIBTOOL CONFIG +_LT_LIBTOOL_CONFIG_VARS +_LT_LIBTOOL_TAG_VARS +# ### END LIBTOOL CONFIG + +_LT_EOF + + case $host_os in + aix3*) + cat <<\_LT_EOF >> "$cfgfile" +# AIX sometimes has problems with the GCC collect2 program. For some +# reason, if we set the COLLECT_NAMES environment variable, the problems +# vanish in a puff of smoke. +if test "X${COLLECT_NAMES+set}" != Xset; then + COLLECT_NAMES= + export COLLECT_NAMES +fi +_LT_EOF + ;; + esac + + _LT_PROG_LTMAIN + + # We use sed instead of cat because bash on DJGPP gets confused if + # if finds mixed CR/LF and LF-only lines. Since sed operates in + # text mode, it properly converts lines to CR/LF. This bash problem + # is reportedly fixed, but why not run on old versions too? + sed '$q' "$ltmain" >> "$cfgfile" \ + || (rm -f "$cfgfile"; exit 1) + + _LT_PROG_REPLACE_SHELLFNS + + mv -f "$cfgfile" "$ofile" || + (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") + chmod +x "$ofile" +], +[cat <<_LT_EOF >> "$ofile" + +dnl Unfortunately we have to use $1 here, since _LT_TAG is not expanded +dnl in a comment (ie after a #). +# ### BEGIN LIBTOOL TAG CONFIG: $1 +_LT_LIBTOOL_TAG_VARS(_LT_TAG) +# ### END LIBTOOL TAG CONFIG: $1 +_LT_EOF +])dnl /m4_if +], +[m4_if([$1], [], [ + PACKAGE='$PACKAGE' + VERSION='$VERSION' + TIMESTAMP='$TIMESTAMP' + RM='$RM' + ofile='$ofile'], []) +])dnl /_LT_CONFIG_SAVE_COMMANDS +])# _LT_CONFIG + + +# LT_SUPPORTED_TAG(TAG) +# --------------------- +# Trace this macro to discover what tags are supported by the libtool +# --tag option, using: +# autoconf --trace 'LT_SUPPORTED_TAG:$1' +AC_DEFUN([LT_SUPPORTED_TAG], []) + + +# C support is built-in for now +m4_define([_LT_LANG_C_enabled], []) +m4_define([_LT_TAGS], []) + + +# LT_LANG(LANG) +# ------------- +# Enable libtool support for the given language if not already enabled. +AC_DEFUN([LT_LANG], +[AC_BEFORE([$0], [LT_OUTPUT])dnl +m4_case([$1], + [C], [_LT_LANG(C)], + [C++], [_LT_LANG(CXX)], + [Java], [_LT_LANG(GCJ)], + [Fortran 77], [_LT_LANG(F77)], + [Fortran], [_LT_LANG(FC)], + [Windows Resource], [_LT_LANG(RC)], + [m4_ifdef([_LT_LANG_]$1[_CONFIG], + [_LT_LANG($1)], + [m4_fatal([$0: unsupported language: "$1"])])])dnl +])# LT_LANG + + +# _LT_LANG(LANGNAME) +# ------------------ +m4_defun([_LT_LANG], +[m4_ifdef([_LT_LANG_]$1[_enabled], [], + [LT_SUPPORTED_TAG([$1])dnl + m4_append([_LT_TAGS], [$1 ])dnl + m4_define([_LT_LANG_]$1[_enabled], [])dnl + _LT_LANG_$1_CONFIG($1)])dnl +])# _LT_LANG + + +# _LT_LANG_DEFAULT_CONFIG +# ----------------------- +m4_defun([_LT_LANG_DEFAULT_CONFIG], +[AC_PROVIDE_IFELSE([AC_PROG_CXX], + [LT_LANG(CXX)], + [m4_define([AC_PROG_CXX], defn([AC_PROG_CXX])[LT_LANG(CXX)])]) + +AC_PROVIDE_IFELSE([AC_PROG_F77], + [LT_LANG(F77)], + [m4_define([AC_PROG_F77], defn([AC_PROG_F77])[LT_LANG(F77)])]) + +AC_PROVIDE_IFELSE([AC_PROG_FC], + [LT_LANG(FC)], + [m4_define([AC_PROG_FC], defn([AC_PROG_FC])[LT_LANG(FC)])]) + +dnl The call to [A][M_PROG_GCJ] is quoted like that to stop aclocal +dnl pulling things in needlessly. +AC_PROVIDE_IFELSE([AC_PROG_GCJ], + [LT_LANG(GCJ)], + [AC_PROVIDE_IFELSE([A][M_PROG_GCJ], + [LT_LANG(GCJ)], + [AC_PROVIDE_IFELSE([LT_PROG_GCJ], + [LT_LANG(GCJ)], + [m4_ifdef([AC_PROG_GCJ], + [m4_define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[LT_LANG(GCJ)])]) + m4_ifdef([A][M_PROG_GCJ], + [m4_define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[LT_LANG(GCJ)])]) + m4_ifdef([LT_PROG_GCJ], + [m4_define([LT_PROG_GCJ], defn([LT_PROG_GCJ])[LT_LANG(GCJ)])])])])]) + +AC_PROVIDE_IFELSE([LT_PROG_RC], + [LT_LANG(RC)], + [m4_define([LT_PROG_RC], defn([LT_PROG_RC])[LT_LANG(RC)])]) +])# _LT_LANG_DEFAULT_CONFIG + +# Obsolete macros: +AU_DEFUN([AC_LIBTOOL_CXX], [LT_LANG(C++)]) +AU_DEFUN([AC_LIBTOOL_F77], [LT_LANG(Fortran 77)]) +AU_DEFUN([AC_LIBTOOL_FC], [LT_LANG(Fortran)]) +AU_DEFUN([AC_LIBTOOL_GCJ], [LT_LANG(Java)]) +AU_DEFUN([AC_LIBTOOL_RC], [LT_LANG(Windows Resource)]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_CXX], []) +dnl AC_DEFUN([AC_LIBTOOL_F77], []) +dnl AC_DEFUN([AC_LIBTOOL_FC], []) +dnl AC_DEFUN([AC_LIBTOOL_GCJ], []) +dnl AC_DEFUN([AC_LIBTOOL_RC], []) + + +# _LT_TAG_COMPILER +# ---------------- +m4_defun([_LT_TAG_COMPILER], +[AC_REQUIRE([AC_PROG_CC])dnl + +_LT_DECL([LTCC], [CC], [1], [A C compiler])dnl +_LT_DECL([LTCFLAGS], [CFLAGS], [1], [LTCC compiler flags])dnl +_LT_TAGDECL([CC], [compiler], [1], [A language specific compiler])dnl +_LT_TAGDECL([with_gcc], [GCC], [0], [Is the compiler the GNU compiler?])dnl + +# If no C compiler was specified, use CC. +LTCC=${LTCC-"$CC"} + +# If no C compiler flags were specified, use CFLAGS. +LTCFLAGS=${LTCFLAGS-"$CFLAGS"} + +# Allow CC to be a program name with arguments. +compiler=$CC +])# _LT_TAG_COMPILER + + +# _LT_COMPILER_BOILERPLATE +# ------------------------ +# Check for compiler boilerplate output or warnings with +# the simple compiler test code. +m4_defun([_LT_COMPILER_BOILERPLATE], +[m4_require([_LT_DECL_SED])dnl +ac_outfile=conftest.$ac_objext +echo "$lt_simple_compile_test_code" >conftest.$ac_ext +eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err +_lt_compiler_boilerplate=`cat conftest.err` +$RM conftest* +])# _LT_COMPILER_BOILERPLATE + + +# _LT_LINKER_BOILERPLATE +# ---------------------- +# Check for linker boilerplate output or warnings with +# the simple link test code. +m4_defun([_LT_LINKER_BOILERPLATE], +[m4_require([_LT_DECL_SED])dnl +ac_outfile=conftest.$ac_objext +echo "$lt_simple_link_test_code" >conftest.$ac_ext +eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err +_lt_linker_boilerplate=`cat conftest.err` +$RM -r conftest* +])# _LT_LINKER_BOILERPLATE + +# _LT_REQUIRED_DARWIN_CHECKS +# ------------------------- +m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ + case $host_os in + rhapsody* | darwin*) + AC_CHECK_TOOL([DSYMUTIL], [dsymutil], [:]) + AC_CHECK_TOOL([NMEDIT], [nmedit], [:]) + AC_CHECK_TOOL([LIPO], [lipo], [:]) + AC_CHECK_TOOL([OTOOL], [otool], [:]) + AC_CHECK_TOOL([OTOOL64], [otool64], [:]) + _LT_DECL([], [DSYMUTIL], [1], + [Tool to manipulate archived DWARF debug symbol files on Mac OS X]) + _LT_DECL([], [NMEDIT], [1], + [Tool to change global to local symbols on Mac OS X]) + _LT_DECL([], [LIPO], [1], + [Tool to manipulate fat objects and archives on Mac OS X]) + _LT_DECL([], [OTOOL], [1], + [ldd/readelf like tool for Mach-O binaries on Mac OS X]) + _LT_DECL([], [OTOOL64], [1], + [ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4]) + + AC_CACHE_CHECK([for -single_module linker flag],[lt_cv_apple_cc_single_mod], + [lt_cv_apple_cc_single_mod=no + if test -z "${LT_MULTI_MODULE}"; then + # By default we will add the -single_module flag. You can override + # by either setting the environment variable LT_MULTI_MODULE + # non-empty at configure time, or by adding -multi_module to the + # link flags. + rm -rf libconftest.dylib* + echo "int foo(void){return 1;}" > conftest.c + echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ +-dynamiclib -Wl,-single_module conftest.c" >&AS_MESSAGE_LOG_FD + $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ + -dynamiclib -Wl,-single_module conftest.c 2>conftest.err + _lt_result=$? + if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then + lt_cv_apple_cc_single_mod=yes + else + cat conftest.err >&AS_MESSAGE_LOG_FD + fi + rm -rf libconftest.dylib* + rm -f conftest.* + fi]) + AC_CACHE_CHECK([for -exported_symbols_list linker flag], + [lt_cv_ld_exported_symbols_list], + [lt_cv_ld_exported_symbols_list=no + save_LDFLAGS=$LDFLAGS + echo "_main" > conftest.sym + LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym" + AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])], + [lt_cv_ld_exported_symbols_list=yes], + [lt_cv_ld_exported_symbols_list=no]) + LDFLAGS="$save_LDFLAGS" + ]) + AC_CACHE_CHECK([for -force_load linker flag],[lt_cv_ld_force_load], + [lt_cv_ld_force_load=no + cat > conftest.c << _LT_EOF +int forced_loaded() { return 2;} +_LT_EOF + echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD + $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD + echo "$AR cru libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD + $AR cru libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD + echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD + $RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD + cat > conftest.c << _LT_EOF +int main() { return 0;} +_LT_EOF + echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&AS_MESSAGE_LOG_FD + $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err + _lt_result=$? + if test -f conftest && test ! -s conftest.err && test $_lt_result = 0 && $GREP forced_load conftest 2>&1 >/dev/null; then + lt_cv_ld_force_load=yes + else + cat conftest.err >&AS_MESSAGE_LOG_FD + fi + rm -f conftest.err libconftest.a conftest conftest.c + rm -rf conftest.dSYM + ]) + case $host_os in + rhapsody* | darwin1.[[012]]) + _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;; + darwin1.*) + _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; + darwin*) # darwin 5.x on + # if running on 10.5 or later, the deployment target defaults + # to the OS version, if on x86, and 10.4, the deployment + # target defaults to 10.4. Don't you love it? + case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in + 10.0,*86*-darwin8*|10.0,*-darwin[[91]]*) + _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; + 10.[[012]]*) + _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; + 10.*) + _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; + esac + ;; + esac + if test "$lt_cv_apple_cc_single_mod" = "yes"; then + _lt_dar_single_mod='$single_module' + fi + if test "$lt_cv_ld_exported_symbols_list" = "yes"; then + _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym' + else + _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}' + fi + if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then + _lt_dsymutil='~$DSYMUTIL $lib || :' + else + _lt_dsymutil= + fi + ;; + esac +]) + + +# _LT_DARWIN_LINKER_FEATURES +# -------------------------- +# Checks for linker and compiler features on darwin +m4_defun([_LT_DARWIN_LINKER_FEATURES], +[ + m4_require([_LT_REQUIRED_DARWIN_CHECKS]) + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_TAGVAR(hardcode_direct, $1)=no + _LT_TAGVAR(hardcode_automatic, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported + if test "$lt_cv_ld_force_load" = "yes"; then + _LT_TAGVAR(whole_archive_flag_spec, $1)='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' + else + _LT_TAGVAR(whole_archive_flag_spec, $1)='' + fi + _LT_TAGVAR(link_all_deplibs, $1)=yes + _LT_TAGVAR(allow_undefined_flag, $1)="$_lt_dar_allow_undefined" + case $cc_basename in + ifort*) _lt_dar_can_shared=yes ;; + *) _lt_dar_can_shared=$GCC ;; + esac + if test "$_lt_dar_can_shared" = "yes"; then + output_verbose_link_cmd=func_echo_all + _LT_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}" + _LT_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}" + _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}" + _LT_TAGVAR(module_expsym_cmds, $1)="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}" + m4_if([$1], [CXX], +[ if test "$lt_cv_apple_cc_single_mod" != "yes"; then + _LT_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dsymutil}" + _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dar_export_syms}${_lt_dsymutil}" + fi +],[]) + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi +]) + +# _LT_SYS_MODULE_PATH_AIX([TAGNAME]) +# ---------------------------------- +# Links a minimal program and checks the executable +# for the system default hardcoded library path. In most cases, +# this is /usr/lib:/lib, but when the MPI compilers are used +# the location of the communication and MPI libs are included too. +# If we don't find anything, use the default library path according +# to the aix ld manual. +# Store the results from the different compilers for each TAGNAME. +# Allow to override them for all tags through lt_cv_aix_libpath. +m4_defun([_LT_SYS_MODULE_PATH_AIX], +[m4_require([_LT_DECL_SED])dnl +if test "${lt_cv_aix_libpath+set}" = set; then + aix_libpath=$lt_cv_aix_libpath +else + AC_CACHE_VAL([_LT_TAGVAR([lt_cv_aix_libpath_], [$1])], + [AC_LINK_IFELSE([AC_LANG_PROGRAM],[ + lt_aix_libpath_sed='[ + /Import File Strings/,/^$/ { + /^0/ { + s/^0 *\([^ ]*\) *$/\1/ + p + } + }]' + _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + # Check for a 64-bit object if we didn't find anything. + if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then + _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + fi],[]) + if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then + _LT_TAGVAR([lt_cv_aix_libpath_], [$1])="/usr/lib:/lib" + fi + ]) + aix_libpath=$_LT_TAGVAR([lt_cv_aix_libpath_], [$1]) +fi +])# _LT_SYS_MODULE_PATH_AIX + + +# _LT_SHELL_INIT(ARG) +# ------------------- +m4_define([_LT_SHELL_INIT], +[m4_divert_text([M4SH-INIT], [$1 +])])# _LT_SHELL_INIT + + + +# _LT_PROG_ECHO_BACKSLASH +# ----------------------- +# Find how we can fake an echo command that does not interpret backslash. +# In particular, with Autoconf 2.60 or later we add some code to the start +# of the generated configure script which will find a shell with a builtin +# printf (which we can use as an echo command). +m4_defun([_LT_PROG_ECHO_BACKSLASH], +[ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO +ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO + +AC_MSG_CHECKING([how to print strings]) +# Test print first, because it will be a builtin if present. +if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \ + test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then + ECHO='print -r --' +elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then + ECHO='printf %s\n' +else + # Use this function as a fallback that always works. + func_fallback_echo () + { + eval 'cat <<_LTECHO_EOF +$[]1 +_LTECHO_EOF' + } + ECHO='func_fallback_echo' +fi + +# func_echo_all arg... +# Invoke $ECHO with all args, space-separated. +func_echo_all () +{ + $ECHO "$*" +} + +case "$ECHO" in + printf*) AC_MSG_RESULT([printf]) ;; + print*) AC_MSG_RESULT([print -r]) ;; + *) AC_MSG_RESULT([cat]) ;; +esac + +m4_ifdef([_AS_DETECT_SUGGESTED], +[_AS_DETECT_SUGGESTED([ + test -n "${ZSH_VERSION+set}${BASH_VERSION+set}" || ( + ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' + ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO + ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO + PATH=/empty FPATH=/empty; export PATH FPATH + test "X`printf %s $ECHO`" = "X$ECHO" \ + || test "X`print -r -- $ECHO`" = "X$ECHO" )])]) + +_LT_DECL([], [SHELL], [1], [Shell to use when invoking shell scripts]) +_LT_DECL([], [ECHO], [1], [An echo program that protects backslashes]) +])# _LT_PROG_ECHO_BACKSLASH + + +# _LT_WITH_SYSROOT +# ---------------- +AC_DEFUN([_LT_WITH_SYSROOT], +[AC_MSG_CHECKING([for sysroot]) +AC_ARG_WITH([sysroot], +[ --with-sysroot[=DIR] Search for dependent libraries within DIR + (or the compiler's sysroot if not specified).], +[], [with_sysroot=no]) + +dnl lt_sysroot will always be passed unquoted. We quote it here +dnl in case the user passed a directory name. +lt_sysroot= +case ${with_sysroot} in #( + yes) + if test "$GCC" = yes; then + lt_sysroot=`$CC --print-sysroot 2>/dev/null` + fi + ;; #( + /*) + lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` + ;; #( + no|'') + ;; #( + *) + AC_MSG_RESULT([${with_sysroot}]) + AC_MSG_ERROR([The sysroot must be an absolute path.]) + ;; +esac + + AC_MSG_RESULT([${lt_sysroot:-no}]) +_LT_DECL([], [lt_sysroot], [0], [The root where to search for ]dnl +[dependent libraries, and in which our libraries should be installed.])]) + +# _LT_ENABLE_LOCK +# --------------- +m4_defun([_LT_ENABLE_LOCK], +[AC_ARG_ENABLE([libtool-lock], + [AS_HELP_STRING([--disable-libtool-lock], + [avoid locking (might break parallel builds)])]) +test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes + +# Some flags need to be propagated to the compiler or linker for good +# libtool support. +case $host in +ia64-*-hpux*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if AC_TRY_EVAL(ac_compile); then + case `/usr/bin/file conftest.$ac_objext` in + *ELF-32*) + HPUX_IA64_MODE="32" + ;; + *ELF-64*) + HPUX_IA64_MODE="64" + ;; + esac + fi + rm -rf conftest* + ;; +*-*-irix6*) + # Find out which ABI we are using. + echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext + if AC_TRY_EVAL(ac_compile); then + if test "$lt_cv_prog_gnu_ld" = yes; then + case `/usr/bin/file conftest.$ac_objext` in + *32-bit*) + LD="${LD-ld} -melf32bsmip" + ;; + *N32*) + LD="${LD-ld} -melf32bmipn32" + ;; + *64-bit*) + LD="${LD-ld} -melf64bmip" + ;; + esac + else + case `/usr/bin/file conftest.$ac_objext` in + *32-bit*) + LD="${LD-ld} -32" + ;; + *N32*) + LD="${LD-ld} -n32" + ;; + *64-bit*) + LD="${LD-ld} -64" + ;; + esac + fi + fi + rm -rf conftest* + ;; + +x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ +s390*-*linux*|s390*-*tpf*|sparc*-*linux*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if AC_TRY_EVAL(ac_compile); then + case `/usr/bin/file conftest.o` in + *32-bit*) + case $host in + x86_64-*kfreebsd*-gnu) + LD="${LD-ld} -m elf_i386_fbsd" + ;; + x86_64-*linux*) + LD="${LD-ld} -m elf_i386" + ;; + ppc64-*linux*|powerpc64-*linux*) + LD="${LD-ld} -m elf32ppclinux" + ;; + s390x-*linux*) + LD="${LD-ld} -m elf_s390" + ;; + sparc64-*linux*) + LD="${LD-ld} -m elf32_sparc" + ;; + esac + ;; + *64-bit*) + case $host in + x86_64-*kfreebsd*-gnu) + LD="${LD-ld} -m elf_x86_64_fbsd" + ;; + x86_64-*linux*) + LD="${LD-ld} -m elf_x86_64" + ;; + ppc*-*linux*|powerpc*-*linux*) + LD="${LD-ld} -m elf64ppc" + ;; + s390*-*linux*|s390*-*tpf*) + LD="${LD-ld} -m elf64_s390" + ;; + sparc*-*linux*) + LD="${LD-ld} -m elf64_sparc" + ;; + esac + ;; + esac + fi + rm -rf conftest* + ;; + +*-*-sco3.2v5*) + # On SCO OpenServer 5, we need -belf to get full-featured binaries. + SAVE_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -belf" + AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf, + [AC_LANG_PUSH(C) + AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],[[]])],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no]) + AC_LANG_POP]) + if test x"$lt_cv_cc_needs_belf" != x"yes"; then + # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf + CFLAGS="$SAVE_CFLAGS" + fi + ;; +sparc*-*solaris*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if AC_TRY_EVAL(ac_compile); then + case `/usr/bin/file conftest.o` in + *64-bit*) + case $lt_cv_prog_gnu_ld in + yes*) LD="${LD-ld} -m elf64_sparc" ;; + *) + if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then + LD="${LD-ld} -64" + fi + ;; + esac + ;; + esac + fi + rm -rf conftest* + ;; +esac + +need_locks="$enable_libtool_lock" +])# _LT_ENABLE_LOCK + + +# _LT_PROG_AR +# ----------- +m4_defun([_LT_PROG_AR], +[AC_CHECK_TOOLS(AR, [ar], false) +: ${AR=ar} +: ${AR_FLAGS=cru} +_LT_DECL([], [AR], [1], [The archiver]) +_LT_DECL([], [AR_FLAGS], [1], [Flags to create an archive]) + +AC_CACHE_CHECK([for archiver @FILE support], [lt_cv_ar_at_file], + [lt_cv_ar_at_file=no + AC_COMPILE_IFELSE([AC_LANG_PROGRAM], + [echo conftest.$ac_objext > conftest.lst + lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&AS_MESSAGE_LOG_FD' + AC_TRY_EVAL([lt_ar_try]) + if test "$ac_status" -eq 0; then + # Ensure the archiver fails upon bogus file names. + rm -f conftest.$ac_objext libconftest.a + AC_TRY_EVAL([lt_ar_try]) + if test "$ac_status" -ne 0; then + lt_cv_ar_at_file=@ + fi + fi + rm -f conftest.* libconftest.a + ]) + ]) + +if test "x$lt_cv_ar_at_file" = xno; then + archiver_list_spec= +else + archiver_list_spec=$lt_cv_ar_at_file +fi +_LT_DECL([], [archiver_list_spec], [1], + [How to feed a file listing to the archiver]) +])# _LT_PROG_AR + + +# _LT_CMD_OLD_ARCHIVE +# ------------------- +m4_defun([_LT_CMD_OLD_ARCHIVE], +[_LT_PROG_AR + +AC_CHECK_TOOL(STRIP, strip, :) +test -z "$STRIP" && STRIP=: +_LT_DECL([], [STRIP], [1], [A symbol stripping program]) + +AC_CHECK_TOOL(RANLIB, ranlib, :) +test -z "$RANLIB" && RANLIB=: +_LT_DECL([], [RANLIB], [1], + [Commands used to install an old-style archive]) + +# Determine commands to create old-style static archives. +old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs' +old_postinstall_cmds='chmod 644 $oldlib' +old_postuninstall_cmds= + +if test -n "$RANLIB"; then + case $host_os in + openbsd*) + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" + ;; + *) + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" + ;; + esac + old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" +fi + +case $host_os in + darwin*) + lock_old_archive_extraction=yes ;; + *) + lock_old_archive_extraction=no ;; +esac +_LT_DECL([], [old_postinstall_cmds], [2]) +_LT_DECL([], [old_postuninstall_cmds], [2]) +_LT_TAGDECL([], [old_archive_cmds], [2], + [Commands used to build an old-style archive]) +_LT_DECL([], [lock_old_archive_extraction], [0], + [Whether to use a lock for old archive extraction]) +])# _LT_CMD_OLD_ARCHIVE + + +# _LT_COMPILER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS, +# [OUTPUT-FILE], [ACTION-SUCCESS], [ACTION-FAILURE]) +# ---------------------------------------------------------------- +# Check whether the given compiler option works +AC_DEFUN([_LT_COMPILER_OPTION], +[m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_DECL_SED])dnl +AC_CACHE_CHECK([$1], [$2], + [$2=no + m4_if([$4], , [ac_outfile=conftest.$ac_objext], [ac_outfile=$4]) + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + lt_compiler_flag="$3" + # Insert the option either (1) after the last *FLAGS variable, or + # (2) before a word containing "conftest.", or (3) at the end. + # Note that $ac_compile itself does not contain backslashes and begins + # with a dollar sign (not a hyphen), so the echo should work correctly. + # The option is referenced via a variable to avoid confusing sed. + lt_compile=`echo "$ac_compile" | $SED \ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` + (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD) + (eval "$lt_compile" 2>conftest.err) + ac_status=$? + cat conftest.err >&AS_MESSAGE_LOG_FD + echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD + if (exit $ac_status) && test -s "$ac_outfile"; then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings other than the usual output. + $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then + $2=yes + fi + fi + $RM conftest* +]) + +if test x"[$]$2" = xyes; then + m4_if([$5], , :, [$5]) +else + m4_if([$6], , :, [$6]) +fi +])# _LT_COMPILER_OPTION + +# Old name: +AU_ALIAS([AC_LIBTOOL_COMPILER_OPTION], [_LT_COMPILER_OPTION]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_COMPILER_OPTION], []) + + +# _LT_LINKER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS, +# [ACTION-SUCCESS], [ACTION-FAILURE]) +# ---------------------------------------------------- +# Check whether the given linker option works +AC_DEFUN([_LT_LINKER_OPTION], +[m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_DECL_SED])dnl +AC_CACHE_CHECK([$1], [$2], + [$2=no + save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $3" + echo "$lt_simple_link_test_code" > conftest.$ac_ext + if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then + # The linker can only warn and ignore the option if not recognized + # So say no if there are warnings + if test -s conftest.err; then + # Append any errors to the config.log. + cat conftest.err 1>&AS_MESSAGE_LOG_FD + $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if diff conftest.exp conftest.er2 >/dev/null; then + $2=yes + fi + else + $2=yes + fi + fi + $RM -r conftest* + LDFLAGS="$save_LDFLAGS" +]) + +if test x"[$]$2" = xyes; then + m4_if([$4], , :, [$4]) +else + m4_if([$5], , :, [$5]) +fi +])# _LT_LINKER_OPTION + +# Old name: +AU_ALIAS([AC_LIBTOOL_LINKER_OPTION], [_LT_LINKER_OPTION]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_LINKER_OPTION], []) + + +# LT_CMD_MAX_LEN +#--------------- +AC_DEFUN([LT_CMD_MAX_LEN], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +# find the maximum length of command line arguments +AC_MSG_CHECKING([the maximum length of command line arguments]) +AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl + i=0 + teststring="ABCD" + + case $build_os in + msdosdjgpp*) + # On DJGPP, this test can blow up pretty badly due to problems in libc + # (any single argument exceeding 2000 bytes causes a buffer overrun + # during glob expansion). Even if it were fixed, the result of this + # check would be larger than it should be. + lt_cv_sys_max_cmd_len=12288; # 12K is about right + ;; + + gnu*) + # Under GNU Hurd, this test is not required because there is + # no limit to the length of command line arguments. + # Libtool will interpret -1 as no limit whatsoever + lt_cv_sys_max_cmd_len=-1; + ;; + + cygwin* | mingw* | cegcc*) + # On Win9x/ME, this test blows up -- it succeeds, but takes + # about 5 minutes as the teststring grows exponentially. + # Worse, since 9x/ME are not pre-emptively multitasking, + # you end up with a "frozen" computer, even though with patience + # the test eventually succeeds (with a max line length of 256k). + # Instead, let's just punt: use the minimum linelength reported by + # all of the supported platforms: 8192 (on NT/2K/XP). + lt_cv_sys_max_cmd_len=8192; + ;; + + mint*) + # On MiNT this can take a long time and run out of memory. + lt_cv_sys_max_cmd_len=8192; + ;; + + amigaos*) + # On AmigaOS with pdksh, this test takes hours, literally. + # So we just punt and use a minimum line length of 8192. + lt_cv_sys_max_cmd_len=8192; + ;; + + netbsd* | freebsd* | openbsd* | darwin* | dragonfly*) + # This has been around since 386BSD, at least. Likely further. + if test -x /sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` + elif test -x /usr/sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` + else + lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs + fi + # And add a safety zone + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` + ;; + + interix*) + # We know the value 262144 and hardcode it with a safety zone (like BSD) + lt_cv_sys_max_cmd_len=196608 + ;; + + osf*) + # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure + # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not + # nice to cause kernel panics so lets avoid the loop below. + # First set a reasonable default. + lt_cv_sys_max_cmd_len=16384 + # + if test -x /sbin/sysconfig; then + case `/sbin/sysconfig -q proc exec_disable_arg_limit` in + *1*) lt_cv_sys_max_cmd_len=-1 ;; + esac + fi + ;; + sco3.2v5*) + lt_cv_sys_max_cmd_len=102400 + ;; + sysv5* | sco5v6* | sysv4.2uw2*) + kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` + if test -n "$kargmax"; then + lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[[ ]]//'` + else + lt_cv_sys_max_cmd_len=32768 + fi + ;; + *) + lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` + if test -n "$lt_cv_sys_max_cmd_len"; then + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` + else + # Make teststring a little bigger before we do anything with it. + # a 1K string should be a reasonable start. + for i in 1 2 3 4 5 6 7 8 ; do + teststring=$teststring$teststring + done + SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} + # If test is not a shell built-in, we'll probably end up computing a + # maximum length that is only half of the actual maximum length, but + # we can't tell. + while { test "X"`func_fallback_echo "$teststring$teststring" 2>/dev/null` \ + = "X$teststring$teststring"; } >/dev/null 2>&1 && + test $i != 17 # 1/2 MB should be enough + do + i=`expr $i + 1` + teststring=$teststring$teststring + done + # Only check the string length outside the loop. + lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1` + teststring= + # Add a significant safety factor because C++ compilers can tack on + # massive amounts of additional arguments before passing them to the + # linker. It appears as though 1/2 is a usable value. + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` + fi + ;; + esac +]) +if test -n $lt_cv_sys_max_cmd_len ; then + AC_MSG_RESULT($lt_cv_sys_max_cmd_len) +else + AC_MSG_RESULT(none) +fi +max_cmd_len=$lt_cv_sys_max_cmd_len +_LT_DECL([], [max_cmd_len], [0], + [What is the maximum length of a command?]) +])# LT_CMD_MAX_LEN + +# Old name: +AU_ALIAS([AC_LIBTOOL_SYS_MAX_CMD_LEN], [LT_CMD_MAX_LEN]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN], []) + + +# _LT_HEADER_DLFCN +# ---------------- +m4_defun([_LT_HEADER_DLFCN], +[AC_CHECK_HEADERS([dlfcn.h], [], [], [AC_INCLUDES_DEFAULT])dnl +])# _LT_HEADER_DLFCN + + +# _LT_TRY_DLOPEN_SELF (ACTION-IF-TRUE, ACTION-IF-TRUE-W-USCORE, +# ACTION-IF-FALSE, ACTION-IF-CROSS-COMPILING) +# ---------------------------------------------------------------- +m4_defun([_LT_TRY_DLOPEN_SELF], +[m4_require([_LT_HEADER_DLFCN])dnl +if test "$cross_compiling" = yes; then : + [$4] +else + lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 + lt_status=$lt_dlunknown + cat > conftest.$ac_ext <<_LT_EOF +[#line $LINENO "configure" +#include "confdefs.h" + +#if HAVE_DLFCN_H +#include +#endif + +#include + +#ifdef RTLD_GLOBAL +# define LT_DLGLOBAL RTLD_GLOBAL +#else +# ifdef DL_GLOBAL +# define LT_DLGLOBAL DL_GLOBAL +# else +# define LT_DLGLOBAL 0 +# endif +#endif + +/* We may have to define LT_DLLAZY_OR_NOW in the command line if we + find out it does not work in some platform. */ +#ifndef LT_DLLAZY_OR_NOW +# ifdef RTLD_LAZY +# define LT_DLLAZY_OR_NOW RTLD_LAZY +# else +# ifdef DL_LAZY +# define LT_DLLAZY_OR_NOW DL_LAZY +# else +# ifdef RTLD_NOW +# define LT_DLLAZY_OR_NOW RTLD_NOW +# else +# ifdef DL_NOW +# define LT_DLLAZY_OR_NOW DL_NOW +# else +# define LT_DLLAZY_OR_NOW 0 +# endif +# endif +# endif +# endif +#endif + +/* When -fvisbility=hidden is used, assume the code has been annotated + correspondingly for the symbols needed. */ +#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) +int fnord () __attribute__((visibility("default"))); +#endif + +int fnord () { return 42; } +int main () +{ + void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); + int status = $lt_dlunknown; + + if (self) + { + if (dlsym (self,"fnord")) status = $lt_dlno_uscore; + else + { + if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; + else puts (dlerror ()); + } + /* dlclose (self); */ + } + else + puts (dlerror ()); + + return status; +}] +_LT_EOF + if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext} 2>/dev/null; then + (./conftest; exit; ) >&AS_MESSAGE_LOG_FD 2>/dev/null + lt_status=$? + case x$lt_status in + x$lt_dlno_uscore) $1 ;; + x$lt_dlneed_uscore) $2 ;; + x$lt_dlunknown|x*) $3 ;; + esac + else : + # compilation failed + $3 + fi +fi +rm -fr conftest* +])# _LT_TRY_DLOPEN_SELF + + +# LT_SYS_DLOPEN_SELF +# ------------------ +AC_DEFUN([LT_SYS_DLOPEN_SELF], +[m4_require([_LT_HEADER_DLFCN])dnl +if test "x$enable_dlopen" != xyes; then + enable_dlopen=unknown + enable_dlopen_self=unknown + enable_dlopen_self_static=unknown +else + lt_cv_dlopen=no + lt_cv_dlopen_libs= + + case $host_os in + beos*) + lt_cv_dlopen="load_add_on" + lt_cv_dlopen_libs= + lt_cv_dlopen_self=yes + ;; + + mingw* | pw32* | cegcc*) + lt_cv_dlopen="LoadLibrary" + lt_cv_dlopen_libs= + ;; + + cygwin*) + lt_cv_dlopen="dlopen" + lt_cv_dlopen_libs= + ;; + + darwin*) + # if libdl is installed we need to link against it + AC_CHECK_LIB([dl], [dlopen], + [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],[ + lt_cv_dlopen="dyld" + lt_cv_dlopen_libs= + lt_cv_dlopen_self=yes + ]) + ;; + + *) + AC_CHECK_FUNC([shl_load], + [lt_cv_dlopen="shl_load"], + [AC_CHECK_LIB([dld], [shl_load], + [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"], + [AC_CHECK_FUNC([dlopen], + [lt_cv_dlopen="dlopen"], + [AC_CHECK_LIB([dl], [dlopen], + [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"], + [AC_CHECK_LIB([svld], [dlopen], + [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"], + [AC_CHECK_LIB([dld], [dld_link], + [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"]) + ]) + ]) + ]) + ]) + ]) + ;; + esac + + if test "x$lt_cv_dlopen" != xno; then + enable_dlopen=yes + else + enable_dlopen=no + fi + + case $lt_cv_dlopen in + dlopen) + save_CPPFLAGS="$CPPFLAGS" + test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H" + + save_LDFLAGS="$LDFLAGS" + wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\" + + save_LIBS="$LIBS" + LIBS="$lt_cv_dlopen_libs $LIBS" + + AC_CACHE_CHECK([whether a program can dlopen itself], + lt_cv_dlopen_self, [dnl + _LT_TRY_DLOPEN_SELF( + lt_cv_dlopen_self=yes, lt_cv_dlopen_self=yes, + lt_cv_dlopen_self=no, lt_cv_dlopen_self=cross) + ]) + + if test "x$lt_cv_dlopen_self" = xyes; then + wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\" + AC_CACHE_CHECK([whether a statically linked program can dlopen itself], + lt_cv_dlopen_self_static, [dnl + _LT_TRY_DLOPEN_SELF( + lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=yes, + lt_cv_dlopen_self_static=no, lt_cv_dlopen_self_static=cross) + ]) + fi + + CPPFLAGS="$save_CPPFLAGS" + LDFLAGS="$save_LDFLAGS" + LIBS="$save_LIBS" + ;; + esac + + case $lt_cv_dlopen_self in + yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;; + *) enable_dlopen_self=unknown ;; + esac + + case $lt_cv_dlopen_self_static in + yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;; + *) enable_dlopen_self_static=unknown ;; + esac +fi +_LT_DECL([dlopen_support], [enable_dlopen], [0], + [Whether dlopen is supported]) +_LT_DECL([dlopen_self], [enable_dlopen_self], [0], + [Whether dlopen of programs is supported]) +_LT_DECL([dlopen_self_static], [enable_dlopen_self_static], [0], + [Whether dlopen of statically linked programs is supported]) +])# LT_SYS_DLOPEN_SELF + +# Old name: +AU_ALIAS([AC_LIBTOOL_DLOPEN_SELF], [LT_SYS_DLOPEN_SELF]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_DLOPEN_SELF], []) + + +# _LT_COMPILER_C_O([TAGNAME]) +# --------------------------- +# Check to see if options -c and -o are simultaneously supported by compiler. +# This macro does not hard code the compiler like AC_PROG_CC_C_O. +m4_defun([_LT_COMPILER_C_O], +[m4_require([_LT_DECL_SED])dnl +m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_TAG_COMPILER])dnl +AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext], + [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)], + [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=no + $RM -r conftest 2>/dev/null + mkdir conftest + cd conftest + mkdir out + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + + lt_compiler_flag="-o out/conftest2.$ac_objext" + # Insert the option either (1) after the last *FLAGS variable, or + # (2) before a word containing "conftest.", or (3) at the end. + # Note that $ac_compile itself does not contain backslashes and begins + # with a dollar sign (not a hyphen), so the echo should work correctly. + lt_compile=`echo "$ac_compile" | $SED \ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` + (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD) + (eval "$lt_compile" 2>out/conftest.err) + ac_status=$? + cat out/conftest.err >&AS_MESSAGE_LOG_FD + echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD + if (exit $ac_status) && test -s out/conftest2.$ac_objext + then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings + $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp + $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 + if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then + _LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes + fi + fi + chmod u+w . 2>&AS_MESSAGE_LOG_FD + $RM conftest* + # SGI C++ compiler will create directory out/ii_files/ for + # template instantiation + test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files + $RM out/* && rmdir out + cd .. + $RM -r conftest + $RM conftest* +]) +_LT_TAGDECL([compiler_c_o], [lt_cv_prog_compiler_c_o], [1], + [Does compiler simultaneously support -c and -o options?]) +])# _LT_COMPILER_C_O + + +# _LT_COMPILER_FILE_LOCKS([TAGNAME]) +# ---------------------------------- +# Check to see if we can do hard links to lock some files if needed +m4_defun([_LT_COMPILER_FILE_LOCKS], +[m4_require([_LT_ENABLE_LOCK])dnl +m4_require([_LT_FILEUTILS_DEFAULTS])dnl +_LT_COMPILER_C_O([$1]) + +hard_links="nottested" +if test "$_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)" = no && test "$need_locks" != no; then + # do not overwrite the value of need_locks provided by the user + AC_MSG_CHECKING([if we can lock with hard links]) + hard_links=yes + $RM conftest* + ln conftest.a conftest.b 2>/dev/null && hard_links=no + touch conftest.a + ln conftest.a conftest.b 2>&5 || hard_links=no + ln conftest.a conftest.b 2>/dev/null && hard_links=no + AC_MSG_RESULT([$hard_links]) + if test "$hard_links" = no; then + AC_MSG_WARN([`$CC' does not support `-c -o', so `make -j' may be unsafe]) + need_locks=warn + fi +else + need_locks=no +fi +_LT_DECL([], [need_locks], [1], [Must we lock files when doing compilation?]) +])# _LT_COMPILER_FILE_LOCKS + + +# _LT_CHECK_OBJDIR +# ---------------- +m4_defun([_LT_CHECK_OBJDIR], +[AC_CACHE_CHECK([for objdir], [lt_cv_objdir], +[rm -f .libs 2>/dev/null +mkdir .libs 2>/dev/null +if test -d .libs; then + lt_cv_objdir=.libs +else + # MS-DOS does not allow filenames that begin with a dot. + lt_cv_objdir=_libs +fi +rmdir .libs 2>/dev/null]) +objdir=$lt_cv_objdir +_LT_DECL([], [objdir], [0], + [The name of the directory that contains temporary libtool files])dnl +m4_pattern_allow([LT_OBJDIR])dnl +AC_DEFINE_UNQUOTED(LT_OBJDIR, "$lt_cv_objdir/", + [Define to the sub-directory in which libtool stores uninstalled libraries.]) +])# _LT_CHECK_OBJDIR + + +# _LT_LINKER_HARDCODE_LIBPATH([TAGNAME]) +# -------------------------------------- +# Check hardcoding attributes. +m4_defun([_LT_LINKER_HARDCODE_LIBPATH], +[AC_MSG_CHECKING([how to hardcode library paths into programs]) +_LT_TAGVAR(hardcode_action, $1)= +if test -n "$_LT_TAGVAR(hardcode_libdir_flag_spec, $1)" || + test -n "$_LT_TAGVAR(runpath_var, $1)" || + test "X$_LT_TAGVAR(hardcode_automatic, $1)" = "Xyes" ; then + + # We can hardcode non-existent directories. + if test "$_LT_TAGVAR(hardcode_direct, $1)" != no && + # If the only mechanism to avoid hardcoding is shlibpath_var, we + # have to relink, otherwise we might link with an installed library + # when we should be linking with a yet-to-be-installed one + ## test "$_LT_TAGVAR(hardcode_shlibpath_var, $1)" != no && + test "$_LT_TAGVAR(hardcode_minus_L, $1)" != no; then + # Linking always hardcodes the temporary library directory. + _LT_TAGVAR(hardcode_action, $1)=relink + else + # We can link without hardcoding, and we can hardcode nonexisting dirs. + _LT_TAGVAR(hardcode_action, $1)=immediate + fi +else + # We cannot hardcode anything, or else we can only hardcode existing + # directories. + _LT_TAGVAR(hardcode_action, $1)=unsupported +fi +AC_MSG_RESULT([$_LT_TAGVAR(hardcode_action, $1)]) + +if test "$_LT_TAGVAR(hardcode_action, $1)" = relink || + test "$_LT_TAGVAR(inherit_rpath, $1)" = yes; then + # Fast installation is not supported + enable_fast_install=no +elif test "$shlibpath_overrides_runpath" = yes || + test "$enable_shared" = no; then + # Fast installation is not necessary + enable_fast_install=needless +fi +_LT_TAGDECL([], [hardcode_action], [0], + [How to hardcode a shared library path into an executable]) +])# _LT_LINKER_HARDCODE_LIBPATH + + +# _LT_CMD_STRIPLIB +# ---------------- +m4_defun([_LT_CMD_STRIPLIB], +[m4_require([_LT_DECL_EGREP]) +striplib= +old_striplib= +AC_MSG_CHECKING([whether stripping libraries is possible]) +if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then + test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" + test -z "$striplib" && striplib="$STRIP --strip-unneeded" + AC_MSG_RESULT([yes]) +else +# FIXME - insert some real tests, host_os isn't really good enough + case $host_os in + darwin*) + if test -n "$STRIP" ; then + striplib="$STRIP -x" + old_striplib="$STRIP -S" + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + fi + ;; + *) + AC_MSG_RESULT([no]) + ;; + esac +fi +_LT_DECL([], [old_striplib], [1], [Commands to strip libraries]) +_LT_DECL([], [striplib], [1]) +])# _LT_CMD_STRIPLIB + + +# _LT_SYS_DYNAMIC_LINKER([TAG]) +# ----------------------------- +# PORTME Fill in your ld.so characteristics +m4_defun([_LT_SYS_DYNAMIC_LINKER], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +m4_require([_LT_DECL_EGREP])dnl +m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_DECL_OBJDUMP])dnl +m4_require([_LT_DECL_SED])dnl +m4_require([_LT_CHECK_SHELL_FEATURES])dnl +AC_MSG_CHECKING([dynamic linker characteristics]) +m4_if([$1], + [], [ +if test "$GCC" = yes; then + case $host_os in + darwin*) lt_awk_arg="/^libraries:/,/LR/" ;; + *) lt_awk_arg="/^libraries:/" ;; + esac + case $host_os in + mingw* | cegcc*) lt_sed_strip_eq="s,=\([[A-Za-z]]:\),\1,g" ;; + *) lt_sed_strip_eq="s,=/,/,g" ;; + esac + lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq` + case $lt_search_path_spec in + *\;*) + # if the path contains ";" then we assume it to be the separator + # otherwise default to the standard path separator (i.e. ":") - it is + # assumed that no part of a normal pathname contains ";" but that should + # okay in the real world where ";" in dirpaths is itself problematic. + lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'` + ;; + *) + lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"` + ;; + esac + # Ok, now we have the path, separated by spaces, we can step through it + # and add multilib dir if necessary. + lt_tmp_lt_search_path_spec= + lt_multi_os_dir=`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null` + for lt_sys_path in $lt_search_path_spec; do + if test -d "$lt_sys_path/$lt_multi_os_dir"; then + lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path/$lt_multi_os_dir" + else + test -d "$lt_sys_path" && \ + lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path" + fi + done + lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk ' +BEGIN {RS=" "; FS="/|\n";} { + lt_foo=""; + lt_count=0; + for (lt_i = NF; lt_i > 0; lt_i--) { + if ($lt_i != "" && $lt_i != ".") { + if ($lt_i == "..") { + lt_count++; + } else { + if (lt_count == 0) { + lt_foo="/" $lt_i lt_foo; + } else { + lt_count--; + } + } + } + } + if (lt_foo != "") { lt_freq[[lt_foo]]++; } + if (lt_freq[[lt_foo]] == 1) { print lt_foo; } +}'` + # AWK program above erroneously prepends '/' to C:/dos/paths + # for these hosts. + case $host_os in + mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\ + $SED 's,/\([[A-Za-z]]:\),\1,g'` ;; + esac + sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP` +else + sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" +fi]) +library_names_spec= +libname_spec='lib$name' +soname_spec= +shrext_cmds=".so" +postinstall_cmds= +postuninstall_cmds= +finish_cmds= +finish_eval= +shlibpath_var= +shlibpath_overrides_runpath=unknown +version_type=none +dynamic_linker="$host_os ld.so" +sys_lib_dlsearch_path_spec="/lib /usr/lib" +need_lib_prefix=unknown +hardcode_into_libs=no + +# when you set need_version to no, make sure it does not cause -set_version +# flags to be left without arguments +need_version=unknown + +case $host_os in +aix3*) + version_type=linux + library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' + shlibpath_var=LIBPATH + + # AIX 3 has no versioning support, so we append a major version to the name. + soname_spec='${libname}${release}${shared_ext}$major' + ;; + +aix[[4-9]]*) + version_type=linux + need_lib_prefix=no + need_version=no + hardcode_into_libs=yes + if test "$host_cpu" = ia64; then + # AIX 5 supports IA64 + library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + else + # With GCC up to 2.95.x, collect2 would create an import file + # for dependence libraries. The import file would start with + # the line `#! .'. This would cause the generated library to + # depend on `.', always an invalid library. This was fixed in + # development snapshots of GCC prior to 3.0. + case $host_os in + aix4 | aix4.[[01]] | aix4.[[01]].*) + if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' + echo ' yes ' + echo '#endif'; } | ${CC} -E - | $GREP yes > /dev/null; then + : + else + can_build_shared=no + fi + ;; + esac + # AIX (on Power*) has no versioning support, so currently we can not hardcode correct + # soname into executable. Probably we can add versioning support to + # collect2, so additional links can be useful in future. + if test "$aix_use_runtimelinking" = yes; then + # If using run time linking (on AIX 4.2 or later) use lib.so + # instead of lib.a to let people know that these are not + # typical AIX shared libraries. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + else + # We preserve .a as extension for shared libraries through AIX4.2 + # and later when we are not doing run time linking. + library_names_spec='${libname}${release}.a $libname.a' + soname_spec='${libname}${release}${shared_ext}$major' + fi + shlibpath_var=LIBPATH + fi + ;; + +amigaos*) + case $host_cpu in + powerpc) + # Since July 2007 AmigaOS4 officially supports .so libraries. + # When compiling the executable, add -use-dynld -Lsobjs: to the compileline. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + ;; + m68k) + library_names_spec='$libname.ixlibrary $libname.a' + # Create ${libname}_ixlibrary.a entries in /sys/libs. + finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' + ;; + esac + ;; + +beos*) + library_names_spec='${libname}${shared_ext}' + dynamic_linker="$host_os ld.so" + shlibpath_var=LIBRARY_PATH + ;; + +bsdi[[45]]*) + version_type=linux + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' + shlibpath_var=LD_LIBRARY_PATH + sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" + sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" + # the default ld.so.conf also contains /usr/contrib/lib and + # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow + # libtool to hard-code these into programs + ;; + +cygwin* | mingw* | pw32* | cegcc*) + version_type=windows + shrext_cmds=".dll" + need_version=no + need_lib_prefix=no + + case $GCC,$cc_basename in + yes,*) + # gcc + library_names_spec='$libname.dll.a' + # DLL is installed to $(libdir)/../bin by postinstall_cmds + postinstall_cmds='base_file=`basename \${file}`~ + dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ + dldir=$destdir/`dirname \$dlpath`~ + test -d \$dldir || mkdir -p \$dldir~ + $install_prog $dir/$dlname \$dldir/$dlname~ + chmod a+x \$dldir/$dlname~ + if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then + eval '\''$striplib \$dldir/$dlname'\'' || exit \$?; + fi' + postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ + dlpath=$dir/\$dldll~ + $RM \$dlpath' + shlibpath_overrides_runpath=yes + + case $host_os in + cygwin*) + # Cygwin DLLs use 'cyg' prefix rather than 'lib' + soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' +m4_if([$1], [],[ + sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"]) + ;; + mingw* | cegcc*) + # MinGW DLLs use traditional 'lib' prefix + soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' + ;; + pw32*) + # pw32 DLLs use 'pw' prefix rather than 'lib' + library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' + ;; + esac + dynamic_linker='Win32 ld.exe' + ;; + + *,cl*) + # Native MSVC + libname_spec='$name' + soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' + library_names_spec='${libname}.dll.lib' + + case $build_os in + mingw*) + sys_lib_search_path_spec= + lt_save_ifs=$IFS + IFS=';' + for lt_path in $LIB + do + IFS=$lt_save_ifs + # Let DOS variable expansion print the short 8.3 style file name. + lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"` + sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path" + done + IFS=$lt_save_ifs + # Convert to MSYS style. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([[a-zA-Z]]\\):| /\\1|g' -e 's|^ ||'` + ;; + cygwin*) + # Convert to unix form, then to dos form, then back to unix form + # but this time dos style (no spaces!) so that the unix form looks + # like /cygdrive/c/PROGRA~1:/cygdr... + sys_lib_search_path_spec=`cygpath --path --unix "$LIB"` + sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null` + sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + ;; + *) + sys_lib_search_path_spec="$LIB" + if $ECHO "$sys_lib_search_path_spec" | [$GREP ';[c-zC-Z]:/' >/dev/null]; then + # It is most probably a Windows format PATH. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` + else + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + fi + # FIXME: find the short name or the path components, as spaces are + # common. (e.g. "Program Files" -> "PROGRA~1") + ;; + esac + + # DLL is installed to $(libdir)/../bin by postinstall_cmds + postinstall_cmds='base_file=`basename \${file}`~ + dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ + dldir=$destdir/`dirname \$dlpath`~ + test -d \$dldir || mkdir -p \$dldir~ + $install_prog $dir/$dlname \$dldir/$dlname' + postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ + dlpath=$dir/\$dldll~ + $RM \$dlpath' + shlibpath_overrides_runpath=yes + dynamic_linker='Win32 link.exe' + ;; + + *) + # Assume MSVC wrapper + library_names_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext} $libname.lib' + dynamic_linker='Win32 ld.exe' + ;; + esac + # FIXME: first we should search . and the directory the executable is in + shlibpath_var=PATH + ;; + +darwin* | rhapsody*) + dynamic_linker="$host_os dyld" + version_type=darwin + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext' + soname_spec='${libname}${release}${major}$shared_ext' + shlibpath_overrides_runpath=yes + shlibpath_var=DYLD_LIBRARY_PATH + shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' +m4_if([$1], [],[ + sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib"]) + sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' + ;; + +dgux*) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + ;; + +freebsd1*) + dynamic_linker=no + ;; + +freebsd* | dragonfly*) + # DragonFly does not have aout. When/if they implement a new + # versioning mechanism, adjust this. + if test -x /usr/bin/objformat; then + objformat=`/usr/bin/objformat` + else + case $host_os in + freebsd[[123]]*) objformat=aout ;; + *) objformat=elf ;; + esac + fi + version_type=freebsd-$objformat + case $version_type in + freebsd-elf*) + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' + need_version=no + need_lib_prefix=no + ;; + freebsd-*) + library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' + need_version=yes + ;; + esac + shlibpath_var=LD_LIBRARY_PATH + case $host_os in + freebsd2*) + shlibpath_overrides_runpath=yes + ;; + freebsd3.[[01]]* | freebsdelf3.[[01]]*) + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + ;; + freebsd3.[[2-9]]* | freebsdelf3.[[2-9]]* | \ + freebsd4.[[0-5]] | freebsdelf4.[[0-5]] | freebsd4.1.1 | freebsdelf4.1.1) + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + ;; + *) # from 4.6 on, and DragonFly + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + ;; + esac + ;; + +gnu*) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + hardcode_into_libs=yes + ;; + +haiku*) + version_type=linux + need_lib_prefix=no + need_version=no + dynamic_linker="$host_os runtime_loader" + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LIBRARY_PATH + shlibpath_overrides_runpath=yes + sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib' + hardcode_into_libs=yes + ;; + +hpux9* | hpux10* | hpux11*) + # Give a soname corresponding to the major version so that dld.sl refuses to + # link against other versions. + version_type=sunos + need_lib_prefix=no + need_version=no + case $host_cpu in + ia64*) + shrext_cmds='.so' + hardcode_into_libs=yes + dynamic_linker="$host_os dld.so" + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + if test "X$HPUX_IA64_MODE" = X32; then + sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" + else + sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" + fi + sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec + ;; + hppa*64*) + shrext_cmds='.sl' + hardcode_into_libs=yes + dynamic_linker="$host_os dld.sl" + shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH + shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" + sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec + ;; + *) + shrext_cmds='.sl' + dynamic_linker="$host_os dld.sl" + shlibpath_var=SHLIB_PATH + shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + ;; + esac + # HP-UX runs *really* slowly unless shared libraries are mode 555, ... + postinstall_cmds='chmod 555 $lib' + # or fails outright, so override atomically: + install_override_mode=555 + ;; + +interix[[3-9]]*) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + ;; + +irix5* | irix6* | nonstopux*) + case $host_os in + nonstopux*) version_type=nonstopux ;; + *) + if test "$lt_cv_prog_gnu_ld" = yes; then + version_type=linux + else + version_type=irix + fi ;; + esac + need_lib_prefix=no + need_version=no + soname_spec='${libname}${release}${shared_ext}$major' + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' + case $host_os in + irix5* | nonstopux*) + libsuff= shlibsuff= + ;; + *) + case $LD in # libtool.m4 will add one of these switches to LD + *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") + libsuff= shlibsuff= libmagic=32-bit;; + *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") + libsuff=32 shlibsuff=N32 libmagic=N32;; + *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") + libsuff=64 shlibsuff=64 libmagic=64-bit;; + *) libsuff= shlibsuff= libmagic=never-match;; + esac + ;; + esac + shlibpath_var=LD_LIBRARY${shlibsuff}_PATH + shlibpath_overrides_runpath=no + sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" + sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" + hardcode_into_libs=yes + ;; + +# No shared lib support for Linux oldld, aout, or coff. +linux*oldld* | linux*aout* | linux*coff*) + dynamic_linker=no + ;; + +# This must be Linux ELF. +linux* | k*bsd*-gnu | kopensolaris*-gnu) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + + # Some binutils ld are patched to set DT_RUNPATH + AC_CACHE_VAL([lt_cv_shlibpath_overrides_runpath], + [lt_cv_shlibpath_overrides_runpath=no + save_LDFLAGS=$LDFLAGS + save_libdir=$libdir + eval "libdir=/foo; wl=\"$_LT_TAGVAR(lt_prog_compiler_wl, $1)\"; \ + LDFLAGS=\"\$LDFLAGS $_LT_TAGVAR(hardcode_libdir_flag_spec, $1)\"" + AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])], + [AS_IF([ ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null], + [lt_cv_shlibpath_overrides_runpath=yes])]) + LDFLAGS=$save_LDFLAGS + libdir=$save_libdir + ]) + shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath + + # This implies no fast_install, which is unacceptable. + # Some rework will be needed to allow for fast_install + # before this can be enabled. + hardcode_into_libs=yes + + # Append ld.so.conf contents to the search path + if test -f /etc/ld.so.conf; then + lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '` + sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" + fi + + # We used to test for /lib/ld.so.1 and disable shared libraries on + # powerpc, because MkLinux only supported shared libraries with the + # GNU dynamic linker. Since this was broken with cross compilers, + # most powerpc-linux boxes support dynamic linking these days and + # people can always --disable-shared, the test was removed, and we + # assume the GNU/Linux dynamic linker is in use. + dynamic_linker='GNU/Linux ld.so' + ;; + +netbsd*) + version_type=sunos + need_lib_prefix=no + need_version=no + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' + finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' + dynamic_linker='NetBSD (a.out) ld.so' + else + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + dynamic_linker='NetBSD ld.elf_so' + fi + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + ;; + +newsos6) + version_type=linux + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + ;; + +*nto* | *qnx*) + version_type=qnx + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + dynamic_linker='ldqnx.so' + ;; + +openbsd*) + version_type=sunos + sys_lib_dlsearch_path_spec="/usr/lib" + need_lib_prefix=no + # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. + case $host_os in + openbsd3.3 | openbsd3.3.*) need_version=yes ;; + *) need_version=no ;; + esac + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' + finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' + shlibpath_var=LD_LIBRARY_PATH + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + case $host_os in + openbsd2.[[89]] | openbsd2.[[89]].*) + shlibpath_overrides_runpath=no + ;; + *) + shlibpath_overrides_runpath=yes + ;; + esac + else + shlibpath_overrides_runpath=yes + fi + ;; + +os2*) + libname_spec='$name' + shrext_cmds=".dll" + need_lib_prefix=no + library_names_spec='$libname${shared_ext} $libname.a' + dynamic_linker='OS/2 ld.exe' + shlibpath_var=LIBPATH + ;; + +osf3* | osf4* | osf5*) + version_type=osf + need_lib_prefix=no + need_version=no + soname_spec='${libname}${release}${shared_ext}$major' + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" + sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" + ;; + +rdos*) + dynamic_linker=no + ;; + +solaris*) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + # ldd complains unless libraries are executable + postinstall_cmds='chmod +x $lib' + ;; + +sunos4*) + version_type=sunos + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' + finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + if test "$with_gnu_ld" = yes; then + need_lib_prefix=no + fi + need_version=yes + ;; + +sysv4 | sysv4.3*) + version_type=linux + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + case $host_vendor in + sni) + shlibpath_overrides_runpath=no + need_lib_prefix=no + runpath_var=LD_RUN_PATH + ;; + siemens) + need_lib_prefix=no + ;; + motorola) + need_lib_prefix=no + need_version=no + shlibpath_overrides_runpath=no + sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' + ;; + esac + ;; + +sysv4*MP*) + if test -d /usr/nec ;then + version_type=linux + library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' + soname_spec='$libname${shared_ext}.$major' + shlibpath_var=LD_LIBRARY_PATH + fi + ;; + +sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) + version_type=freebsd-elf + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + if test "$with_gnu_ld" = yes; then + sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' + else + sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' + case $host_os in + sco3.2v5*) + sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" + ;; + esac + fi + sys_lib_dlsearch_path_spec='/usr/lib' + ;; + +tpf*) + # TPF is a cross-target only. Preferred cross-host = GNU/Linux. + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + ;; + +uts4*) + version_type=linux + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + ;; + +*) + dynamic_linker=no + ;; +esac +AC_MSG_RESULT([$dynamic_linker]) +test "$dynamic_linker" = no && can_build_shared=no + +variables_saved_for_relink="PATH $shlibpath_var $runpath_var" +if test "$GCC" = yes; then + variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" +fi + +if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then + sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" +fi +if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then + sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" +fi + +_LT_DECL([], [variables_saved_for_relink], [1], + [Variables whose values should be saved in libtool wrapper scripts and + restored at link time]) +_LT_DECL([], [need_lib_prefix], [0], + [Do we need the "lib" prefix for modules?]) +_LT_DECL([], [need_version], [0], [Do we need a version for libraries?]) +_LT_DECL([], [version_type], [0], [Library versioning type]) +_LT_DECL([], [runpath_var], [0], [Shared library runtime path variable]) +_LT_DECL([], [shlibpath_var], [0],[Shared library path variable]) +_LT_DECL([], [shlibpath_overrides_runpath], [0], + [Is shlibpath searched before the hard-coded library search path?]) +_LT_DECL([], [libname_spec], [1], [Format of library name prefix]) +_LT_DECL([], [library_names_spec], [1], + [[List of archive names. First name is the real one, the rest are links. + The last name is the one that the linker finds with -lNAME]]) +_LT_DECL([], [soname_spec], [1], + [[The coded name of the library, if different from the real name]]) +_LT_DECL([], [install_override_mode], [1], + [Permission mode override for installation of shared libraries]) +_LT_DECL([], [postinstall_cmds], [2], + [Command to use after installation of a shared archive]) +_LT_DECL([], [postuninstall_cmds], [2], + [Command to use after uninstallation of a shared archive]) +_LT_DECL([], [finish_cmds], [2], + [Commands used to finish a libtool library installation in a directory]) +_LT_DECL([], [finish_eval], [1], + [[As "finish_cmds", except a single script fragment to be evaled but + not shown]]) +_LT_DECL([], [hardcode_into_libs], [0], + [Whether we should hardcode library paths into libraries]) +_LT_DECL([], [sys_lib_search_path_spec], [2], + [Compile-time system search path for libraries]) +_LT_DECL([], [sys_lib_dlsearch_path_spec], [2], + [Run-time system search path for libraries]) +])# _LT_SYS_DYNAMIC_LINKER + + +# _LT_PATH_TOOL_PREFIX(TOOL) +# -------------------------- +# find a file program which can recognize shared library +AC_DEFUN([_LT_PATH_TOOL_PREFIX], +[m4_require([_LT_DECL_EGREP])dnl +AC_MSG_CHECKING([for $1]) +AC_CACHE_VAL(lt_cv_path_MAGIC_CMD, +[case $MAGIC_CMD in +[[\\/*] | ?:[\\/]*]) + lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path. + ;; +*) + lt_save_MAGIC_CMD="$MAGIC_CMD" + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR +dnl $ac_dummy forces splitting on constant user-supplied paths. +dnl POSIX.2 word splitting is done only on the output of word expansions, +dnl not every word. This closes a longstanding sh security hole. + ac_dummy="m4_if([$2], , $PATH, [$2])" + for ac_dir in $ac_dummy; do + IFS="$lt_save_ifs" + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$1; then + lt_cv_path_MAGIC_CMD="$ac_dir/$1" + if test -n "$file_magic_test_file"; then + case $deplibs_check_method in + "file_magic "*) + file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"` + MAGIC_CMD="$lt_cv_path_MAGIC_CMD" + if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null | + $EGREP "$file_magic_regex" > /dev/null; then + : + else + cat <<_LT_EOF 1>&2 + +*** Warning: the command libtool uses to detect shared libraries, +*** $file_magic_cmd, produces output that libtool cannot recognize. +*** The result is that libtool may fail to recognize shared libraries +*** as such. This will affect the creation of libtool libraries that +*** depend on shared libraries, but programs linked with such libtool +*** libraries will work regardless of this problem. Nevertheless, you +*** may want to report the problem to your system manager and/or to +*** bug-libtool@gnu.org + +_LT_EOF + fi ;; + esac + fi + break + fi + done + IFS="$lt_save_ifs" + MAGIC_CMD="$lt_save_MAGIC_CMD" + ;; +esac]) +MAGIC_CMD="$lt_cv_path_MAGIC_CMD" +if test -n "$MAGIC_CMD"; then + AC_MSG_RESULT($MAGIC_CMD) +else + AC_MSG_RESULT(no) +fi +_LT_DECL([], [MAGIC_CMD], [0], + [Used to examine libraries when file_magic_cmd begins with "file"])dnl +])# _LT_PATH_TOOL_PREFIX + +# Old name: +AU_ALIAS([AC_PATH_TOOL_PREFIX], [_LT_PATH_TOOL_PREFIX]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_PATH_TOOL_PREFIX], []) + + +# _LT_PATH_MAGIC +# -------------- +# find a file program which can recognize a shared library +m4_defun([_LT_PATH_MAGIC], +[_LT_PATH_TOOL_PREFIX(${ac_tool_prefix}file, /usr/bin$PATH_SEPARATOR$PATH) +if test -z "$lt_cv_path_MAGIC_CMD"; then + if test -n "$ac_tool_prefix"; then + _LT_PATH_TOOL_PREFIX(file, /usr/bin$PATH_SEPARATOR$PATH) + else + MAGIC_CMD=: + fi +fi +])# _LT_PATH_MAGIC + + +# LT_PATH_LD +# ---------- +# find the pathname to the GNU or non-GNU linker +AC_DEFUN([LT_PATH_LD], +[AC_REQUIRE([AC_PROG_CC])dnl +AC_REQUIRE([AC_CANONICAL_HOST])dnl +AC_REQUIRE([AC_CANONICAL_BUILD])dnl +m4_require([_LT_DECL_SED])dnl +m4_require([_LT_DECL_EGREP])dnl +m4_require([_LT_PROG_ECHO_BACKSLASH])dnl + +AC_ARG_WITH([gnu-ld], + [AS_HELP_STRING([--with-gnu-ld], + [assume the C compiler uses GNU ld @<:@default=no@:>@])], + [test "$withval" = no || with_gnu_ld=yes], + [with_gnu_ld=no])dnl + +ac_prog=ld +if test "$GCC" = yes; then + # Check if gcc -print-prog-name=ld gives a path. + AC_MSG_CHECKING([for ld used by $CC]) + case $host in + *-*-mingw*) + # gcc leaves a trailing carriage return which upsets mingw + ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; + *) + ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; + esac + case $ac_prog in + # Accept absolute paths. + [[\\/]]* | ?:[[\\/]]*) + re_direlt='/[[^/]][[^/]]*/\.\./' + # Canonicalize the pathname of ld + ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'` + while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do + ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"` + done + test -z "$LD" && LD="$ac_prog" + ;; + "") + # If it fails, then pretend we aren't using GCC. + ac_prog=ld + ;; + *) + # If it is relative, then search for the first ld in PATH. + with_gnu_ld=unknown + ;; + esac +elif test "$with_gnu_ld" = yes; then + AC_MSG_CHECKING([for GNU ld]) +else + AC_MSG_CHECKING([for non-GNU ld]) +fi +AC_CACHE_VAL(lt_cv_path_LD, +[if test -z "$LD"; then + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR + for ac_dir in $PATH; do + IFS="$lt_save_ifs" + test -z "$ac_dir" && ac_dir=. + if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then + lt_cv_path_LD="$ac_dir/$ac_prog" + # Check to see if the program is GNU ld. I'd rather use --version, + # but apparently some variants of GNU ld only accept -v. + # Break only if it was the GNU/non-GNU ld that we prefer. + case `"$lt_cv_path_LD" -v 2>&1 &1 /dev/null 2>&1; then + lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' + lt_cv_file_magic_cmd='func_win32_libid' + else + # Keep this pattern in sync with the one in func_win32_libid. + lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' + lt_cv_file_magic_cmd='$OBJDUMP -f' + fi + ;; + +cegcc*) + # use the weaker test based on 'objdump'. See mingw*. + lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?' + lt_cv_file_magic_cmd='$OBJDUMP -f' + ;; + +darwin* | rhapsody*) + lt_cv_deplibs_check_method=pass_all + ;; + +freebsd* | dragonfly*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then + case $host_cpu in + i*86 ) + # Not sure whether the presence of OpenBSD here was a mistake. + # Let's accept both of them until this is cleared up. + lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library' + lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` + ;; + esac + else + lt_cv_deplibs_check_method=pass_all + fi + ;; + +gnu*) + lt_cv_deplibs_check_method=pass_all + ;; + +haiku*) + lt_cv_deplibs_check_method=pass_all + ;; + +hpux10.20* | hpux11*) + lt_cv_file_magic_cmd=/usr/bin/file + case $host_cpu in + ia64*) + lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64' + lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so + ;; + hppa*64*) + [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]'] + lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl + ;; + *) + lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]]\.[[0-9]]) shared library' + lt_cv_file_magic_test_file=/usr/lib/libc.sl + ;; + esac + ;; + +interix[[3-9]]*) + # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|\.a)$' + ;; + +irix5* | irix6* | nonstopux*) + case $LD in + *-32|*"-32 ") libmagic=32-bit;; + *-n32|*"-n32 ") libmagic=N32;; + *-64|*"-64 ") libmagic=64-bit;; + *) libmagic=never-match;; + esac + lt_cv_deplibs_check_method=pass_all + ;; + +# This must be Linux ELF. +linux* | k*bsd*-gnu | kopensolaris*-gnu) + lt_cv_deplibs_check_method=pass_all + ;; + +netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' + else + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|_pic\.a)$' + fi + ;; + +newos6*) + lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)' + lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_test_file=/usr/lib/libnls.so + ;; + +*nto* | *qnx*) + lt_cv_deplibs_check_method=pass_all + ;; + +openbsd*) + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$' + else + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' + fi + ;; + +osf3* | osf4* | osf5*) + lt_cv_deplibs_check_method=pass_all + ;; + +rdos*) + lt_cv_deplibs_check_method=pass_all + ;; + +solaris*) + lt_cv_deplibs_check_method=pass_all + ;; + +sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) + lt_cv_deplibs_check_method=pass_all + ;; + +sysv4 | sysv4.3*) + case $host_vendor in + motorola) + lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib) M[[0-9]][[0-9]]* Version [[0-9]]' + lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` + ;; + ncr) + lt_cv_deplibs_check_method=pass_all + ;; + sequent) + lt_cv_file_magic_cmd='/bin/file' + lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )' + ;; + sni) + lt_cv_file_magic_cmd='/bin/file' + lt_cv_deplibs_check_method="file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB dynamic lib" + lt_cv_file_magic_test_file=/lib/libc.so + ;; + siemens) + lt_cv_deplibs_check_method=pass_all + ;; + pc) + lt_cv_deplibs_check_method=pass_all + ;; + esac + ;; + +tpf*) + lt_cv_deplibs_check_method=pass_all + ;; +esac +]) + +file_magic_glob= +want_nocaseglob=no +if test "$build" = "$host"; then + case $host_os in + mingw* | pw32*) + if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then + want_nocaseglob=yes + else + file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[[\1]]\/[[\1]]\/g;/g"` + fi + ;; + esac +fi + +file_magic_cmd=$lt_cv_file_magic_cmd +deplibs_check_method=$lt_cv_deplibs_check_method +test -z "$deplibs_check_method" && deplibs_check_method=unknown + +_LT_DECL([], [deplibs_check_method], [1], + [Method to check whether dependent libraries are shared objects]) +_LT_DECL([], [file_magic_cmd], [1], + [Command to use when deplibs_check_method = "file_magic"]) +_LT_DECL([], [file_magic_glob], [1], + [How to find potential files when deplibs_check_method = "file_magic"]) +_LT_DECL([], [want_nocaseglob], [1], + [Find potential files using nocaseglob when deplibs_check_method = "file_magic"]) +])# _LT_CHECK_MAGIC_METHOD + + +# LT_PATH_NM +# ---------- +# find the pathname to a BSD- or MS-compatible name lister +AC_DEFUN([LT_PATH_NM], +[AC_REQUIRE([AC_PROG_CC])dnl +AC_CACHE_CHECK([for BSD- or MS-compatible name lister (nm)], lt_cv_path_NM, +[if test -n "$NM"; then + # Let the user override the test. + lt_cv_path_NM="$NM" +else + lt_nm_to_check="${ac_tool_prefix}nm" + if test -n "$ac_tool_prefix" && test "$build" = "$host"; then + lt_nm_to_check="$lt_nm_to_check nm" + fi + for lt_tmp_nm in $lt_nm_to_check; do + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR + for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do + IFS="$lt_save_ifs" + test -z "$ac_dir" && ac_dir=. + tmp_nm="$ac_dir/$lt_tmp_nm" + if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then + # Check to see if the nm accepts a BSD-compat flag. + # Adding the `sed 1q' prevents false positives on HP-UX, which says: + # nm: unknown option "B" ignored + # Tru64's nm complains that /dev/null is an invalid object file + case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in + */dev/null* | *'Invalid file or object type'*) + lt_cv_path_NM="$tmp_nm -B" + break + ;; + *) + case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in + */dev/null*) + lt_cv_path_NM="$tmp_nm -p" + break + ;; + *) + lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but + continue # so that we can try to find one that supports BSD flags + ;; + esac + ;; + esac + fi + done + IFS="$lt_save_ifs" + done + : ${lt_cv_path_NM=no} +fi]) +if test "$lt_cv_path_NM" != "no"; then + NM="$lt_cv_path_NM" +else + # Didn't find any BSD compatible name lister, look for dumpbin. + if test -n "$DUMPBIN"; then : + # Let the user override the test. + else + AC_CHECK_TOOLS(DUMPBIN, [dumpbin "link -dump"], :) + case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in + *COFF*) + DUMPBIN="$DUMPBIN -symbols" + ;; + *) + DUMPBIN=: + ;; + esac + fi + AC_SUBST([DUMPBIN]) + if test "$DUMPBIN" != ":"; then + NM="$DUMPBIN" + fi +fi +test -z "$NM" && NM=nm +AC_SUBST([NM]) +_LT_DECL([], [NM], [1], [A BSD- or MS-compatible name lister])dnl + +AC_CACHE_CHECK([the name lister ($NM) interface], [lt_cv_nm_interface], + [lt_cv_nm_interface="BSD nm" + echo "int some_variable = 0;" > conftest.$ac_ext + (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&AS_MESSAGE_LOG_FD) + (eval "$ac_compile" 2>conftest.err) + cat conftest.err >&AS_MESSAGE_LOG_FD + (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&AS_MESSAGE_LOG_FD) + (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) + cat conftest.err >&AS_MESSAGE_LOG_FD + (eval echo "\"\$as_me:$LINENO: output\"" >&AS_MESSAGE_LOG_FD) + cat conftest.out >&AS_MESSAGE_LOG_FD + if $GREP 'External.*some_variable' conftest.out > /dev/null; then + lt_cv_nm_interface="MS dumpbin" + fi + rm -f conftest*]) +])# LT_PATH_NM + +# Old names: +AU_ALIAS([AM_PROG_NM], [LT_PATH_NM]) +AU_ALIAS([AC_PROG_NM], [LT_PATH_NM]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AM_PROG_NM], []) +dnl AC_DEFUN([AC_PROG_NM], []) + +# _LT_CHECK_SHAREDLIB_FROM_LINKLIB +# -------------------------------- +# how to determine the name of the shared library +# associated with a specific link library. +# -- PORTME fill in with the dynamic library characteristics +m4_defun([_LT_CHECK_SHAREDLIB_FROM_LINKLIB], +[m4_require([_LT_DECL_EGREP]) +m4_require([_LT_DECL_OBJDUMP]) +m4_require([_LT_DECL_DLLTOOL]) +AC_CACHE_CHECK([how to associate runtime and link libraries], +lt_cv_sharedlib_from_linklib_cmd, +[lt_cv_sharedlib_from_linklib_cmd='unknown' + +case $host_os in +cygwin* | mingw* | pw32* | cegcc*) + # two different shell functions defined in ltmain.sh + # decide which to use based on capabilities of $DLLTOOL + case `$DLLTOOL --help 2>&1` in + *--identify-strict*) + lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib + ;; + *) + lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback + ;; + esac + ;; +*) + # fallback: assume linklib IS sharedlib + lt_cv_sharedlib_from_linklib_cmd="$ECHO" + ;; +esac +]) +sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd +test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO + +_LT_DECL([], [sharedlib_from_linklib_cmd], [1], + [Command to associate shared and link libraries]) +])# _LT_CHECK_SHAREDLIB_FROM_LINKLIB + + +# _LT_PATH_MANIFEST_TOOL +# ---------------------- +# locate the manifest tool +m4_defun([_LT_PATH_MANIFEST_TOOL], +[AC_CHECK_TOOL(MANIFEST_TOOL, mt, :) +test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt +AC_CACHE_CHECK([if $MANIFEST_TOOL is a manifest tool], [lt_cv_path_mainfest_tool], + [lt_cv_path_mainfest_tool=no + echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&AS_MESSAGE_LOG_FD + $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out + cat conftest.err >&AS_MESSAGE_LOG_FD + if $GREP 'Manifest Tool' conftest.out > /dev/null; then + lt_cv_path_mainfest_tool=yes + fi + rm -f conftest*]) +if test "x$lt_cv_path_mainfest_tool" != xyes; then + MANIFEST_TOOL=: +fi +_LT_DECL([], [MANIFEST_TOOL], [1], [Manifest tool])dnl +])# _LT_PATH_MANIFEST_TOOL + + +# LT_LIB_M +# -------- +# check for math library +AC_DEFUN([LT_LIB_M], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +LIBM= +case $host in +*-*-beos* | *-*-cegcc* | *-*-cygwin* | *-*-haiku* | *-*-pw32* | *-*-darwin*) + # These system don't have libm, or don't need it + ;; +*-ncr-sysv4.3*) + AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM="-lmw") + AC_CHECK_LIB(m, cos, LIBM="$LIBM -lm") + ;; +*) + AC_CHECK_LIB(m, cos, LIBM="-lm") + ;; +esac +AC_SUBST([LIBM]) +])# LT_LIB_M + +# Old name: +AU_ALIAS([AC_CHECK_LIBM], [LT_LIB_M]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_CHECK_LIBM], []) + + +# _LT_COMPILER_NO_RTTI([TAGNAME]) +# ------------------------------- +m4_defun([_LT_COMPILER_NO_RTTI], +[m4_require([_LT_TAG_COMPILER])dnl + +_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)= + +if test "$GCC" = yes; then + case $cc_basename in + nvcc*) + _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -Xcompiler -fno-builtin' ;; + *) + _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' ;; + esac + + _LT_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions], + lt_cv_prog_compiler_rtti_exceptions, + [-fno-rtti -fno-exceptions], [], + [_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)="$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) -fno-rtti -fno-exceptions"]) +fi +_LT_TAGDECL([no_builtin_flag], [lt_prog_compiler_no_builtin_flag], [1], + [Compiler flag to turn off builtin functions]) +])# _LT_COMPILER_NO_RTTI + + +# _LT_CMD_GLOBAL_SYMBOLS +# ---------------------- +m4_defun([_LT_CMD_GLOBAL_SYMBOLS], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +AC_REQUIRE([AC_PROG_CC])dnl +AC_REQUIRE([AC_PROG_AWK])dnl +AC_REQUIRE([LT_PATH_NM])dnl +AC_REQUIRE([LT_PATH_LD])dnl +m4_require([_LT_DECL_SED])dnl +m4_require([_LT_DECL_EGREP])dnl +m4_require([_LT_TAG_COMPILER])dnl + +# Check for command to grab the raw symbol name followed by C symbol from nm. +AC_MSG_CHECKING([command to parse $NM output from $compiler object]) +AC_CACHE_VAL([lt_cv_sys_global_symbol_pipe], +[ +# These are sane defaults that work on at least a few old systems. +# [They come from Ultrix. What could be older than Ultrix?!! ;)] + +# Character class describing NM global symbol codes. +symcode='[[BCDEGRST]]' + +# Regexp to match symbols that can be accessed directly from C. +sympat='\([[_A-Za-z]][[_A-Za-z0-9]]*\)' + +# Define system-specific variables. +case $host_os in +aix*) + symcode='[[BCDT]]' + ;; +cygwin* | mingw* | pw32* | cegcc*) + symcode='[[ABCDGISTW]]' + ;; +hpux*) + if test "$host_cpu" = ia64; then + symcode='[[ABCDEGRST]]' + fi + ;; +irix* | nonstopux*) + symcode='[[BCDEGRST]]' + ;; +osf*) + symcode='[[BCDEGQRST]]' + ;; +solaris*) + symcode='[[BDRT]]' + ;; +sco3.2v5*) + symcode='[[DT]]' + ;; +sysv4.2uw2*) + symcode='[[DT]]' + ;; +sysv5* | sco5v6* | unixware* | OpenUNIX*) + symcode='[[ABDT]]' + ;; +sysv4) + symcode='[[DFNSTU]]' + ;; +esac + +# If we're using GNU nm, then use its standard symbol codes. +case `$NM -V 2>&1` in +*GNU* | *'with BFD'*) + symcode='[[ABCDGIRSTW]]' ;; +esac + +# Transform an extracted symbol line into a proper C declaration. +# Some systems (esp. on ia64) link data and code symbols differently, +# so use this general approach. +lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" + +# Transform an extracted symbol line into symbol name and symbol address +lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\)[[ ]]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (void *) \&\2},/p'" +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([[^ ]]*\)[[ ]]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \(lib[[^ ]]*\)$/ {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"lib\2\", (void *) \&\2},/p'" + +# Handle CRLF in mingw tool chain +opt_cr= +case $build_os in +mingw*) + opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp + ;; +esac + +# Try without a prefix underscore, then with it. +for ac_symprfx in "" "_"; do + + # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol. + symxfrm="\\1 $ac_symprfx\\2 \\2" + + # Write the raw and C identifiers. + if test "$lt_cv_nm_interface" = "MS dumpbin"; then + # Fake it for dumpbin and say T for any non-static function + # and D for any global variable. + # Also find C++ and __fastcall symbols from MSVC++, + # which start with @ or ?. + lt_cv_sys_global_symbol_pipe="$AWK ['"\ +" {last_section=section; section=\$ 3};"\ +" /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ +" \$ 0!~/External *\|/{next};"\ +" / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ +" {if(hide[section]) next};"\ +" {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\ +" {split(\$ 0, a, /\||\r/); split(a[2], s)};"\ +" s[1]~/^[@?]/{print s[1], s[1]; next};"\ +" s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\ +" ' prfx=^$ac_symprfx]" + else + lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" + fi + lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'" + + # Check to see that the pipe works correctly. + pipe_works=no + + rm -f conftest* + cat > conftest.$ac_ext <<_LT_EOF +#ifdef __cplusplus +extern "C" { +#endif +char nm_test_var; +void nm_test_func(void); +void nm_test_func(void){} +#ifdef __cplusplus +} +#endif +int main(){nm_test_var='a';nm_test_func();return(0);} +_LT_EOF + + if AC_TRY_EVAL(ac_compile); then + # Now try to grab the symbols. + nlist=conftest.nm + if AC_TRY_EVAL(NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) && test -s "$nlist"; then + # Try sorting and uniquifying the output. + if sort "$nlist" | uniq > "$nlist"T; then + mv -f "$nlist"T "$nlist" + else + rm -f "$nlist"T + fi + + # Make sure that we snagged all the symbols we need. + if $GREP ' nm_test_var$' "$nlist" >/dev/null; then + if $GREP ' nm_test_func$' "$nlist" >/dev/null; then + cat <<_LT_EOF > conftest.$ac_ext +/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ +#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) +/* DATA imports from DLLs on WIN32 con't be const, because runtime + relocations are performed -- see ld's documentation on pseudo-relocs. */ +# define LT@&t@_DLSYM_CONST +#elif defined(__osf__) +/* This system does not cope well with relocations in const data. */ +# define LT@&t@_DLSYM_CONST +#else +# define LT@&t@_DLSYM_CONST const +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +_LT_EOF + # Now generate the symbol file. + eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext' + + cat <<_LT_EOF >> conftest.$ac_ext + +/* The mapping between symbol names and symbols. */ +LT@&t@_DLSYM_CONST struct { + const char *name; + void *address; +} +lt__PROGRAM__LTX_preloaded_symbols[[]] = +{ + { "@PROGRAM@", (void *) 0 }, +_LT_EOF + $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext + cat <<\_LT_EOF >> conftest.$ac_ext + {0, (void *) 0} +}; + +/* This works around a problem in FreeBSD linker */ +#ifdef FREEBSD_WORKAROUND +static const void *lt_preloaded_setup() { + return lt__PROGRAM__LTX_preloaded_symbols; +} +#endif + +#ifdef __cplusplus +} +#endif +_LT_EOF + # Now try linking the two files. + mv conftest.$ac_objext conftstm.$ac_objext + lt_globsym_save_LIBS=$LIBS + lt_globsym_save_CFLAGS=$CFLAGS + LIBS="conftstm.$ac_objext" + CFLAGS="$CFLAGS$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)" + if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext}; then + pipe_works=yes + fi + LIBS=$lt_globsym_save_LIBS + CFLAGS=$lt_globsym_save_CFLAGS + else + echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD + fi + else + echo "cannot find nm_test_var in $nlist" >&AS_MESSAGE_LOG_FD + fi + else + echo "cannot run $lt_cv_sys_global_symbol_pipe" >&AS_MESSAGE_LOG_FD + fi + else + echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD + cat conftest.$ac_ext >&5 + fi + rm -rf conftest* conftst* + + # Do not use the global_symbol_pipe unless it works. + if test "$pipe_works" = yes; then + break + else + lt_cv_sys_global_symbol_pipe= + fi +done +]) +if test -z "$lt_cv_sys_global_symbol_pipe"; then + lt_cv_sys_global_symbol_to_cdecl= +fi +if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then + AC_MSG_RESULT(failed) +else + AC_MSG_RESULT(ok) +fi + +# Response file support. +if test "$lt_cv_nm_interface" = "MS dumpbin"; then + nm_file_list_spec='@' +elif $NM --help 2>/dev/null | grep '[[@]]FILE' >/dev/null; then + nm_file_list_spec='@' +fi + +_LT_DECL([global_symbol_pipe], [lt_cv_sys_global_symbol_pipe], [1], + [Take the output of nm and produce a listing of raw symbols and C names]) +_LT_DECL([global_symbol_to_cdecl], [lt_cv_sys_global_symbol_to_cdecl], [1], + [Transform the output of nm in a proper C declaration]) +_LT_DECL([global_symbol_to_c_name_address], + [lt_cv_sys_global_symbol_to_c_name_address], [1], + [Transform the output of nm in a C name address pair]) +_LT_DECL([global_symbol_to_c_name_address_lib_prefix], + [lt_cv_sys_global_symbol_to_c_name_address_lib_prefix], [1], + [Transform the output of nm in a C name address pair when lib prefix is needed]) +_LT_DECL([], [nm_file_list_spec], [1], + [Specify filename containing input files for $NM]) +]) # _LT_CMD_GLOBAL_SYMBOLS + + +# _LT_COMPILER_PIC([TAGNAME]) +# --------------------------- +m4_defun([_LT_COMPILER_PIC], +[m4_require([_LT_TAG_COMPILER])dnl +_LT_TAGVAR(lt_prog_compiler_wl, $1)= +_LT_TAGVAR(lt_prog_compiler_pic, $1)= +_LT_TAGVAR(lt_prog_compiler_static, $1)= + +m4_if([$1], [CXX], [ + # C++ specific cases for pic, static, wl, etc. + if test "$GXX" = yes; then + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + + case $host_os in + aix*) + # All AIX code is PIC. + if test "$host_cpu" = ia64; then + # AIX 5 now supports IA64 processor + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + fi + ;; + + amigaos*) + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + m68k) + # FIXME: we need at least 68020 code to build shared libraries, but + # adding the `-m68020' flag to GCC prevents building anything better, + # like `-m68040'. + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4' + ;; + esac + ;; + + beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) + # PIC is the default for these OSes. + ;; + mingw* | cygwin* | os2* | pw32* | cegcc*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). + # Although the cygwin gcc ignores -fPIC, still need this for old-style + # (--disable-auto-import) libraries + m4_if([$1], [GCJ], [], + [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) + ;; + darwin* | rhapsody*) + # PIC is the default on this platform + # Common symbols not allowed in MH_DYLIB files + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' + ;; + *djgpp*) + # DJGPP does not support shared libraries at all + _LT_TAGVAR(lt_prog_compiler_pic, $1)= + ;; + haiku*) + # PIC is the default for Haiku. + # The "-static" flag exists, but is broken. + _LT_TAGVAR(lt_prog_compiler_static, $1)= + ;; + interix[[3-9]]*) + # Interix 3.x gcc -fpic/-fPIC options generate broken code. + # Instead, we relocate shared libraries at runtime. + ;; + sysv4*MP*) + if test -d /usr/nec; then + _LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic + fi + ;; + hpux*) + # PIC is the default for 64-bit PA HP-UX, but not for 32-bit + # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag + # sets the default TLS model and affects inlining. + case $host_cpu in + hppa*64*) + ;; + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + esac + ;; + *qnx* | *nto*) + # QNX uses GNU C++, but need to define -shared option too, otherwise + # it will coredump. + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' + ;; + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + esac + else + case $host_os in + aix[[4-9]]*) + # All AIX code is PIC. + if test "$host_cpu" = ia64; then + # AIX 5 now supports IA64 processor + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + else + _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' + fi + ;; + chorus*) + case $cc_basename in + cxch68*) + # Green Hills C++ Compiler + # _LT_TAGVAR(lt_prog_compiler_static, $1)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a" + ;; + esac + ;; + mingw* | cygwin* | os2* | pw32* | cegcc*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). + m4_if([$1], [GCJ], [], + [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) + ;; + dgux*) + case $cc_basename in + ec++*) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + ;; + ghcx*) + # Green Hills C++ Compiler + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' + ;; + *) + ;; + esac + ;; + freebsd* | dragonfly*) + # FreeBSD uses GNU C++ + ;; + hpux9* | hpux10* | hpux11*) + case $cc_basename in + CC*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' + if test "$host_cpu" != ia64; then + _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z' + fi + ;; + aCC*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' + case $host_cpu in + hppa*64*|ia64*) + # +Z the default + ;; + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z' + ;; + esac + ;; + *) + ;; + esac + ;; + interix*) + # This is c89, which is MS Visual C++ (no shared libs) + # Anyone wants to do a port? + ;; + irix5* | irix6* | nonstopux*) + case $cc_basename in + CC*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + # CC pic flag -KPIC is the default. + ;; + *) + ;; + esac + ;; + linux* | k*bsd*-gnu | kopensolaris*-gnu) + case $cc_basename in + KCC*) + # KAI C++ Compiler + _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + ecpc* ) + # old Intel C++ for x86_64 which still supported -KPIC. + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; + icpc* ) + # Intel C++, used to be incompatible with GCC. + # ICC 10 doesn't accept -KPIC any more. + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; + pgCC* | pgcpp*) + # Portland Group C++ compiler + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + cxx*) + # Compaq C++ + # Make sure the PIC flag is empty. It appears that all Alpha + # Linux and Compaq Tru64 Unix objects are PIC. + _LT_TAGVAR(lt_prog_compiler_pic, $1)= + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + ;; + xlc* | xlC* | bgxl[[cC]]* | mpixl[[cC]]*) + # IBM XL 8.0, 9.0 on PPC and BlueGene + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink' + ;; + *) + case `$CC -V 2>&1 | sed 5q` in + *Sun\ C*) + # Sun C++ 5.9 + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' + ;; + esac + ;; + esac + ;; + lynxos*) + ;; + m88k*) + ;; + mvs*) + case $cc_basename in + cxx*) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-W c,exportall' + ;; + *) + ;; + esac + ;; + netbsd*) + ;; + *qnx* | *nto*) + # QNX uses GNU C++, but need to define -shared option too, otherwise + # it will coredump. + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' + ;; + osf3* | osf4* | osf5*) + case $cc_basename in + KCC*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,' + ;; + RCC*) + # Rational C++ 2.4.1 + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' + ;; + cxx*) + # Digital/Compaq C++ + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + # Make sure the PIC flag is empty. It appears that all Alpha + # Linux and Compaq Tru64 Unix objects are PIC. + _LT_TAGVAR(lt_prog_compiler_pic, $1)= + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + ;; + *) + ;; + esac + ;; + psos*) + ;; + solaris*) + case $cc_basename in + CC* | sunCC*) + # Sun C++ 4.2, 5.x and Centerline C++ + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' + ;; + gcx*) + # Green Hills C++ Compiler + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' + ;; + *) + ;; + esac + ;; + sunos4*) + case $cc_basename in + CC*) + # Sun C++ 4.x + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + lcc*) + # Lucid + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' + ;; + *) + ;; + esac + ;; + sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) + case $cc_basename in + CC*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + esac + ;; + tandem*) + case $cc_basename in + NCC*) + # NonStop-UX NCC 3.20 + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + ;; + *) + ;; + esac + ;; + vxworks*) + ;; + *) + _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no + ;; + esac + fi +], +[ + if test "$GCC" = yes; then + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + + case $host_os in + aix*) + # All AIX code is PIC. + if test "$host_cpu" = ia64; then + # AIX 5 now supports IA64 processor + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + fi + ;; + + amigaos*) + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + m68k) + # FIXME: we need at least 68020 code to build shared libraries, but + # adding the `-m68020' flag to GCC prevents building anything better, + # like `-m68040'. + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4' + ;; + esac + ;; + + beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) + # PIC is the default for these OSes. + ;; + + mingw* | cygwin* | pw32* | os2* | cegcc*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). + # Although the cygwin gcc ignores -fPIC, still need this for old-style + # (--disable-auto-import) libraries + m4_if([$1], [GCJ], [], + [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) + ;; + + darwin* | rhapsody*) + # PIC is the default on this platform + # Common symbols not allowed in MH_DYLIB files + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' + ;; + + haiku*) + # PIC is the default for Haiku. + # The "-static" flag exists, but is broken. + _LT_TAGVAR(lt_prog_compiler_static, $1)= + ;; + + hpux*) + # PIC is the default for 64-bit PA HP-UX, but not for 32-bit + # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag + # sets the default TLS model and affects inlining. + case $host_cpu in + hppa*64*) + # +Z the default + ;; + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + esac + ;; + + interix[[3-9]]*) + # Interix 3.x gcc -fpic/-fPIC options generate broken code. + # Instead, we relocate shared libraries at runtime. + ;; + + msdosdjgpp*) + # Just because we use GCC doesn't mean we suddenly get shared libraries + # on systems that don't support them. + _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no + enable_shared=no + ;; + + *nto* | *qnx*) + # QNX uses GNU C++, but need to define -shared option too, otherwise + # it will coredump. + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' + ;; + + sysv4*MP*) + if test -d /usr/nec; then + _LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic + fi + ;; + + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + esac + + case $cc_basename in + nvcc*) # Cuda Compiler Driver 2.2 + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Xlinker ' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-Xcompiler -fPIC' + ;; + esac + else + # PORTME Check for flag to pass linker flags through the system compiler. + case $host_os in + aix*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + if test "$host_cpu" = ia64; then + # AIX 5 now supports IA64 processor + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + else + _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' + fi + ;; + + mingw* | cygwin* | pw32* | os2* | cegcc*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). + m4_if([$1], [GCJ], [], + [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) + ;; + + hpux9* | hpux10* | hpux11*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but + # not for PA HP-UX. + case $host_cpu in + hppa*64*|ia64*) + # +Z the default + ;; + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z' + ;; + esac + # Is there a better lt_prog_compiler_static that works with the bundled CC? + _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' + ;; + + irix5* | irix6* | nonstopux*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + # PIC (with -KPIC) is the default. + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + ;; + + linux* | k*bsd*-gnu | kopensolaris*-gnu) + case $cc_basename in + # old Intel for x86_64 which still supported -KPIC. + ecc*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; + # icc used to be incompatible with GCC. + # ICC 10 doesn't accept -KPIC any more. + icc* | ifort*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; + # Lahey Fortran 8.1. + lf95*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='--shared' + _LT_TAGVAR(lt_prog_compiler_static, $1)='--static' + ;; + nagfor*) + # NAG Fortran compiler + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,-Wl,,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*) + # Portland Group compilers (*not* the Pentium gcc compiler, + # which looks to be a dead project) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + ccc*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + # All Alpha code is PIC. + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + ;; + xl* | bgxl* | bgf* | mpixl*) + # IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink' + ;; + *) + case `$CC -V 2>&1 | sed 5q` in + *Sun\ F* | *Sun*Fortran*) + # Sun Fortran 8.3 passes all unrecognized flags to the linker + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + _LT_TAGVAR(lt_prog_compiler_wl, $1)='' + ;; + *Sun\ C*) + # Sun C 5.9 + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + ;; + esac + ;; + esac + ;; + + newsos6) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + + *nto* | *qnx*) + # QNX uses GNU C++, but need to define -shared option too, otherwise + # it will coredump. + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' + ;; + + osf3* | osf4* | osf5*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + # All OSF/1 code is PIC. + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + ;; + + rdos*) + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + ;; + + solaris*) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + case $cc_basename in + f77* | f90* | f95* | sunf77* | sunf90* | sunf95*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';; + *) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';; + esac + ;; + + sunos4*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + + sysv4 | sysv4.2uw2* | sysv4.3*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + + sysv4*MP*) + if test -d /usr/nec ;then + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-Kconform_pic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + fi + ;; + + sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + + unicos*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no + ;; + + uts4*) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + + *) + _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no + ;; + esac + fi +]) +case $host_os in + # For platforms which do not support PIC, -DPIC is meaningless: + *djgpp*) + _LT_TAGVAR(lt_prog_compiler_pic, $1)= + ;; + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])" + ;; +esac + +AC_CACHE_CHECK([for $compiler option to produce PIC], + [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)], + [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_prog_compiler_pic, $1)]) +_LT_TAGVAR(lt_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_cv_prog_compiler_pic, $1) + +# +# Check to make sure the PIC flag actually works. +# +if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then + _LT_COMPILER_OPTION([if $compiler PIC flag $_LT_TAGVAR(lt_prog_compiler_pic, $1) works], + [_LT_TAGVAR(lt_cv_prog_compiler_pic_works, $1)], + [$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])], [], + [case $_LT_TAGVAR(lt_prog_compiler_pic, $1) in + "" | " "*) ;; + *) _LT_TAGVAR(lt_prog_compiler_pic, $1)=" $_LT_TAGVAR(lt_prog_compiler_pic, $1)" ;; + esac], + [_LT_TAGVAR(lt_prog_compiler_pic, $1)= + _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no]) +fi +_LT_TAGDECL([pic_flag], [lt_prog_compiler_pic], [1], + [Additional compiler flags for building library objects]) + +_LT_TAGDECL([wl], [lt_prog_compiler_wl], [1], + [How to pass a linker flag through the compiler]) +# +# Check to make sure the static flag actually works. +# +wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_TAGVAR(lt_prog_compiler_static, $1)\" +_LT_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works], + _LT_TAGVAR(lt_cv_prog_compiler_static_works, $1), + $lt_tmp_static_flag, + [], + [_LT_TAGVAR(lt_prog_compiler_static, $1)=]) +_LT_TAGDECL([link_static_flag], [lt_prog_compiler_static], [1], + [Compiler flag to prevent dynamic linking]) +])# _LT_COMPILER_PIC + + +# _LT_LINKER_SHLIBS([TAGNAME]) +# ---------------------------- +# See if the linker supports building shared libraries. +m4_defun([_LT_LINKER_SHLIBS], +[AC_REQUIRE([LT_PATH_LD])dnl +AC_REQUIRE([LT_PATH_NM])dnl +m4_require([_LT_PATH_MANIFEST_TOOL])dnl +m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_DECL_EGREP])dnl +m4_require([_LT_DECL_SED])dnl +m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl +m4_require([_LT_TAG_COMPILER])dnl +AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) +m4_if([$1], [CXX], [ + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'] + case $host_os in + aix[[4-9]]*) + # If we're using GNU nm, then we don't want the "-C" option. + # -C means demangle to AIX nm, but means don't demangle with GNU nm + # Also, AIX nm treats weak defined symbols like other global defined + # symbols, whereas GNU nm marks them as "W". + if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then + _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' + else + _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' + fi + ;; + pw32*) + _LT_TAGVAR(export_symbols_cmds, $1)="$ltdll_cmds" + ;; + cygwin* | mingw* | cegcc*) + case $cc_basename in + cl*) ;; + *) + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' + _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'] + ;; + esac + ;; + *) + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + ;; + esac +], [ + runpath_var= + _LT_TAGVAR(allow_undefined_flag, $1)= + _LT_TAGVAR(always_export_symbols, $1)=no + _LT_TAGVAR(archive_cmds, $1)= + _LT_TAGVAR(archive_expsym_cmds, $1)= + _LT_TAGVAR(compiler_needs_object, $1)=no + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no + _LT_TAGVAR(export_dynamic_flag_spec, $1)= + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + _LT_TAGVAR(hardcode_automatic, $1)=no + _LT_TAGVAR(hardcode_direct, $1)=no + _LT_TAGVAR(hardcode_direct_absolute, $1)=no + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= + _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= + _LT_TAGVAR(hardcode_libdir_separator, $1)= + _LT_TAGVAR(hardcode_minus_L, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported + _LT_TAGVAR(inherit_rpath, $1)=no + _LT_TAGVAR(link_all_deplibs, $1)=unknown + _LT_TAGVAR(module_cmds, $1)= + _LT_TAGVAR(module_expsym_cmds, $1)= + _LT_TAGVAR(old_archive_from_new_cmds, $1)= + _LT_TAGVAR(old_archive_from_expsyms_cmds, $1)= + _LT_TAGVAR(thread_safe_flag_spec, $1)= + _LT_TAGVAR(whole_archive_flag_spec, $1)= + # include_expsyms should be a list of space-separated symbols to be *always* + # included in the symbol list + _LT_TAGVAR(include_expsyms, $1)= + # exclude_expsyms can be an extended regexp of symbols to exclude + # it will be wrapped by ` (' and `)$', so one must not match beginning or + # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', + # as well as any symbol that contains `d'. + _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'] + # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out + # platforms (ab)use it in PIC code, but their linkers get confused if + # the symbol is explicitly referenced. Since portable code cannot + # rely on this symbol name, it's probably fine to never include it in + # preloaded symbol tables. + # Exclude shared library initialization/finalization symbols. +dnl Note also adjust exclude_expsyms for C++ above. + extract_expsyms_cmds= + + case $host_os in + cygwin* | mingw* | pw32* | cegcc*) + # FIXME: the MSVC++ port hasn't been tested in a loooong time + # When not using gcc, we currently assume that we are using + # Microsoft Visual C++. + if test "$GCC" != yes; then + with_gnu_ld=no + fi + ;; + interix*) + # we just hope/assume this is gcc and not c89 (= MSVC++) + with_gnu_ld=yes + ;; + openbsd*) + with_gnu_ld=no + ;; + esac + + _LT_TAGVAR(ld_shlibs, $1)=yes + + # On some targets, GNU ld is compatible enough with the native linker + # that we're better off using the native interface for both. + lt_use_gnu_ld_interface=no + if test "$with_gnu_ld" = yes; then + case $host_os in + aix*) + # The AIX port of GNU ld has always aspired to compatibility + # with the native linker. However, as the warning in the GNU ld + # block says, versions before 2.19.5* couldn't really create working + # shared libraries, regardless of the interface used. + case `$LD -v 2>&1` in + *\ \(GNU\ Binutils\)\ 2.19.5*) ;; + *\ \(GNU\ Binutils\)\ 2.[[2-9]]*) ;; + *\ \(GNU\ Binutils\)\ [[3-9]]*) ;; + *) + lt_use_gnu_ld_interface=yes + ;; + esac + ;; + *) + lt_use_gnu_ld_interface=yes + ;; + esac + fi + + if test "$lt_use_gnu_ld_interface" = yes; then + # If archive_cmds runs LD, not CC, wlarc should be empty + wlarc='${wl}' + + # Set some defaults for GNU ld with shared library support. These + # are reset later if shared libraries are not supported. Putting them + # here allows them to be overridden if necessary. + runpath_var=LD_RUN_PATH + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + # ancient GNU ld didn't support --whole-archive et. al. + if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then + _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' + else + _LT_TAGVAR(whole_archive_flag_spec, $1)= + fi + supports_anon_versioning=no + case `$LD -v 2>&1` in + *GNU\ gold*) supports_anon_versioning=yes ;; + *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11 + *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... + *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... + *\ 2.11.*) ;; # other 2.11 versions + *) supports_anon_versioning=yes ;; + esac + + # See if GNU ld supports shared libraries. + case $host_os in + aix[[3-9]]*) + # On AIX/PPC, the GNU linker is very broken + if test "$host_cpu" != ia64; then + _LT_TAGVAR(ld_shlibs, $1)=no + cat <<_LT_EOF 1>&2 + +*** Warning: the GNU linker, at least up to release 2.19, is reported +*** to be unable to reliably create shared libraries on AIX. +*** Therefore, libtool is disabling shared libraries support. If you +*** really care for shared libraries, you may want to install binutils +*** 2.20 or above, or modify your PATH so that a non-GNU linker is found. +*** You will then need to restart the configuration process. + +_LT_EOF + fi + ;; + + amigaos*) + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='' + ;; + m68k) + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_minus_L, $1)=yes + ;; + esac + ;; + + beos*) + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + # Joseph Beckenbach says some releases of gcc + # support --undefined. This deserves some investigation. FIXME + _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + cygwin* | mingw* | pw32* | cegcc*) + # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, + # as there is no search path for DLLs. + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=no + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' + _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'] + + if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + # If the export-symbols file already is a .def file (1st line + # is EXPORTS), use it as is; otherwise, prepend... + _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + cp $export_symbols $output_objdir/$soname.def; + else + echo EXPORTS > $output_objdir/$soname.def; + cat $export_symbols >> $output_objdir/$soname.def; + fi~ + $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + haiku*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(link_all_deplibs, $1)=yes + ;; + + interix[[3-9]]*) + _LT_TAGVAR(hardcode_direct, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. + # Instead, shared libraries are loaded at an image base (0x10000000 by + # default) and relocated if they conflict, which is a slow very memory + # consuming and fragmenting process. To avoid this, we pick a random, + # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link + # time. Moving up from 0x10000000 also allows more sbrk(2) space. + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + ;; + + gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu) + tmp_diet=no + if test "$host_os" = linux-dietlibc; then + case $cc_basename in + diet\ *) tmp_diet=yes;; # linux-dietlibc with static linking (!diet-dyn) + esac + fi + if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \ + && test "$tmp_diet" = no + then + tmp_addflag=' $pic_flag' + tmp_sharedflag='-shared' + case $cc_basename,$host_cpu in + pgcc*) # Portland Group C compiler + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + tmp_addflag=' $pic_flag' + ;; + pgf77* | pgf90* | pgf95* | pgfortran*) + # Portland Group f77 and f90 compilers + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + tmp_addflag=' $pic_flag -Mnomain' ;; + ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 + tmp_addflag=' -i_dynamic' ;; + efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 + tmp_addflag=' -i_dynamic -nofor_main' ;; + ifc* | ifort*) # Intel Fortran compiler + tmp_addflag=' -nofor_main' ;; + lf95*) # Lahey Fortran 8.1 + _LT_TAGVAR(whole_archive_flag_spec, $1)= + tmp_sharedflag='--shared' ;; + xl[[cC]]* | bgxl[[cC]]* | mpixl[[cC]]*) # IBM XL C 8.0 on PPC (deal with xlf below) + tmp_sharedflag='-qmkshrobj' + tmp_addflag= ;; + nvcc*) # Cuda Compiler Driver 2.2 + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + _LT_TAGVAR(compiler_needs_object, $1)=yes + ;; + esac + case `$CC -V 2>&1 | sed 5q` in + *Sun\ C*) # Sun C 5.9 + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + _LT_TAGVAR(compiler_needs_object, $1)=yes + tmp_sharedflag='-G' ;; + *Sun\ F*) # Sun Fortran 8.3 + tmp_sharedflag='-G' ;; + esac + _LT_TAGVAR(archive_cmds, $1)='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + + if test "x$supports_anon_versioning" = xyes; then + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ + cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + echo "local: *; };" >> $output_objdir/$libname.ver~ + $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' + fi + + case $cc_basename in + xlf* | bgf* | bgxlf* | mpixlf*) + # IBM XL Fortran 10.1 on PPC cannot create shared libs itself + _LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= + _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir' + _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' + if test "x$supports_anon_versioning" = xyes; then + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ + cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + echo "local: *; };" >> $output_objdir/$libname.ver~ + $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib' + fi + ;; + esac + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' + wlarc= + else + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + fi + ;; + + solaris*) + if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then + _LT_TAGVAR(ld_shlibs, $1)=no + cat <<_LT_EOF 1>&2 + +*** Warning: The releases 2.8.* of the GNU linker cannot reliably +*** create shared libraries on Solaris systems. Therefore, libtool +*** is disabling shared libraries support. We urge you to upgrade GNU +*** binutils to release 2.9.1 or newer. Another option is to modify +*** your PATH or compiler configuration so that the native linker is +*** used, and then restart. + +_LT_EOF + elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) + case `$LD -v 2>&1` in + *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*) + _LT_TAGVAR(ld_shlibs, $1)=no + cat <<_LT_EOF 1>&2 + +*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not +*** reliably create shared libraries on SCO systems. Therefore, libtool +*** is disabling shared libraries support. We urge you to upgrade GNU +*** binutils to release 2.16.91.0.3 or newer. Another option is to modify +*** your PATH or compiler configuration so that the native linker is +*** used, and then restart. + +_LT_EOF + ;; + *) + # For security reasons, it is highly recommended that you always + # use absolute paths for naming shared libraries, and exclude the + # DT_RUNPATH tag from executables and libraries. But doing so + # requires that you compile everything twice, which is a pain. + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + ;; + + sunos4*) + _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' + wlarc= + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + *) + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + + if test "$_LT_TAGVAR(ld_shlibs, $1)" = no; then + runpath_var= + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= + _LT_TAGVAR(export_dynamic_flag_spec, $1)= + _LT_TAGVAR(whole_archive_flag_spec, $1)= + fi + else + # PORTME fill in a description of your system's linker (not GNU ld) + case $host_os in + aix3*) + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=yes + _LT_TAGVAR(archive_expsym_cmds, $1)='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' + # Note: this linker hardcodes the directories in LIBPATH if there + # are no directories specified by -L. + _LT_TAGVAR(hardcode_minus_L, $1)=yes + if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then + # Neither direct hardcoding nor static linking is supported with a + # broken collect2. + _LT_TAGVAR(hardcode_direct, $1)=unsupported + fi + ;; + + aix[[4-9]]*) + if test "$host_cpu" = ia64; then + # On IA64, the linker does run time linking by default, so we don't + # have to do anything special. + aix_use_runtimelinking=no + exp_sym_flag='-Bexport' + no_entry_flag="" + else + # If we're using GNU nm, then we don't want the "-C" option. + # -C means demangle to AIX nm, but means don't demangle with GNU nm + # Also, AIX nm treats weak defined symbols like other global + # defined symbols, whereas GNU nm marks them as "W". + if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then + _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' + else + _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' + fi + aix_use_runtimelinking=no + + # Test if we are trying to use run time linking or normal + # AIX style linking. If -brtl is somewhere in LDFLAGS, we + # need to do runtime linking. + case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*) + for ld_flag in $LDFLAGS; do + if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then + aix_use_runtimelinking=yes + break + fi + done + ;; + esac + + exp_sym_flag='-bexport' + no_entry_flag='-bnoentry' + fi + + # When large executables or shared objects are built, AIX ld can + # have problems creating the table of contents. If linking a library + # or program results in "error TOC overflow" add -mminimal-toc to + # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not + # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. + + _LT_TAGVAR(archive_cmds, $1)='' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + _LT_TAGVAR(hardcode_libdir_separator, $1)=':' + _LT_TAGVAR(link_all_deplibs, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='${wl}-f,' + + if test "$GCC" = yes; then + case $host_os in aix4.[[012]]|aix4.[[012]].*) + # We only want to do this on AIX 4.2 and lower, the check + # below for broken collect2 doesn't work under 4.3+ + collect2name=`${CC} -print-prog-name=collect2` + if test -f "$collect2name" && + strings "$collect2name" | $GREP resolve_lib_name >/dev/null + then + # We have reworked collect2 + : + else + # We have old collect2 + _LT_TAGVAR(hardcode_direct, $1)=unsupported + # It fails to find uninstalled libraries when the uninstalled + # path is not listed in the libpath. Setting hardcode_minus_L + # to unsupported forces relinking + _LT_TAGVAR(hardcode_minus_L, $1)=yes + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)= + fi + ;; + esac + shared_flag='-shared' + if test "$aix_use_runtimelinking" = yes; then + shared_flag="$shared_flag "'${wl}-G' + fi + else + # not using gcc + if test "$host_cpu" = ia64; then + # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release + # chokes on -Wl,-G. The following line is correct: + shared_flag='-G' + else + if test "$aix_use_runtimelinking" = yes; then + shared_flag='${wl}-G' + else + shared_flag='${wl}-bM:SRE' + fi + fi + fi + + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-bexpall' + # It seems that -bexpall does not export symbols beginning with + # underscore (_), so it is better to generate a list of symbols to export. + _LT_TAGVAR(always_export_symbols, $1)=yes + if test "$aix_use_runtimelinking" = yes; then + # Warning - without using the other runtime loading flags (-brtl), + # -berok will link without error, but may produce a broken library. + _LT_TAGVAR(allow_undefined_flag, $1)='-berok' + # Determine the default libpath from the value encoded in an + # empty executable. + _LT_SYS_MODULE_PATH_AIX([$1]) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" + else + if test "$host_cpu" = ia64; then + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib' + _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs" + _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" + else + # Determine the default libpath from the value encoded in an + # empty executable. + _LT_SYS_MODULE_PATH_AIX([$1]) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" + # Warning - without using the other run time loading flags, + # -berok will link without error, but may produce a broken library. + _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok' + _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok' + if test "$with_gnu_ld" = yes; then + # We only use this code for GNU lds that support --whole-archive. + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' + else + # Exported symbols can be pulled into shared objects from archives + _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience' + fi + _LT_TAGVAR(archive_cmds_need_lc, $1)=yes + # This is similar to how AIX traditionally builds its shared libraries. + _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' + fi + fi + ;; + + amigaos*) + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='' + ;; + m68k) + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_minus_L, $1)=yes + ;; + esac + ;; + + bsdi[[45]]*) + _LT_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic + ;; + + cygwin* | mingw* | pw32* | cegcc*) + # When not using gcc, we currently assume that we are using + # Microsoft Visual C++. + # hardcode_libdir_flag_spec is actually meaningless, as there is + # no search path for DLLs. + case $cc_basename in + cl*) + # Native MSVC + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='@' + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' + _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; + else + sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; + fi~ + $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ + linknames=' + # The linker will not automatically build a static lib if we build a DLL. + # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1,DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols' + # Don't use ranlib + _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib' + _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~ + lt_tool_outputfile="@TOOL_OUTPUT@"~ + case $lt_outputfile in + *.exe|*.EXE) ;; + *) + lt_outputfile="$lt_outputfile.exe" + lt_tool_outputfile="$lt_tool_outputfile.exe" + ;; + esac~ + if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then + $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; + $RM "$lt_outputfile.manifest"; + fi' + ;; + *) + # Assume MSVC wrapper + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + _LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames=' + # The linker will automatically build a .lib file if we build a DLL. + _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' + # FIXME: Should let the user specify the lib program. + _LT_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs' + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + ;; + esac + ;; + + darwin* | rhapsody*) + _LT_DARWIN_LINKER_FEATURES($1) + ;; + + dgux*) + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + freebsd1*) + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor + # support. Future versions do this automatically, but an explicit c++rt0.o + # does not break anything, and helps significantly (at the cost of a little + # extra space). + freebsd2.2*) + _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + # Unfortunately, older versions of FreeBSD 2 do not have this feature. + freebsd2*) + _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_minus_L, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + # FreeBSD 3 and greater uses gcc -shared to do shared libraries. + freebsd* | dragonfly*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + hpux9*) + if test "$GCC" = yes; then + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + else + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + fi + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + _LT_TAGVAR(hardcode_direct, $1)=yes + + # hardcode_minus_L: Not really in the search PATH, + # but as the default location of the library. + _LT_TAGVAR(hardcode_minus_L, $1)=yes + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + ;; + + hpux10*) + if test "$GCC" = yes && test "$with_gnu_ld" = no; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + else + _LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' + fi + if test "$with_gnu_ld" = no; then + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + # hardcode_minus_L: Not really in the search PATH, + # but as the default location of the library. + _LT_TAGVAR(hardcode_minus_L, $1)=yes + fi + ;; + + hpux11*) + if test "$GCC" = yes && test "$with_gnu_ld" = no; then + case $host_cpu in + hppa*64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' + ;; + ia64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + ;; + esac + else + case $host_cpu in + hppa*64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' + ;; + ia64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' + ;; + *) + m4_if($1, [], [ + # Older versions of the 11.00 compiler do not understand -b yet + # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does) + _LT_LINKER_OPTION([if $CC understands -b], + _LT_TAGVAR(lt_cv_prog_compiler__b, $1), [-b], + [_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'], + [_LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'])], + [_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags']) + ;; + esac + fi + if test "$with_gnu_ld" = no; then + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + + case $host_cpu in + hppa*64*|ia64*) + _LT_TAGVAR(hardcode_direct, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + *) + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + + # hardcode_minus_L: Not really in the search PATH, + # but as the default location of the library. + _LT_TAGVAR(hardcode_minus_L, $1)=yes + ;; + esac + fi + ;; + + irix5* | irix6* | nonstopux*) + if test "$GCC" = yes; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + # Try to use the -exported_symbol ld option, if it does not + # work, assume that -exports_file does not work either and + # implicitly export all symbols. + # This should be the same for all languages, so no per-tag cache variable. + AC_CACHE_CHECK([whether the $host_os linker accepts -exported_symbol], + [lt_cv_irix_exported_symbol], + [save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null" + AC_LINK_IFELSE( + [AC_LANG_SOURCE( + [AC_LANG_CASE([C], [[int foo (void) { return 0; }]], + [C++], [[int foo (void) { return 0; }]], + [Fortran 77], [[ + subroutine foo + end]], + [Fortran], [[ + subroutine foo + end]])])], + [lt_cv_irix_exported_symbol=yes], + [lt_cv_irix_exported_symbol=no]) + LDFLAGS="$save_LDFLAGS"]) + if test "$lt_cv_irix_exported_symbol" = yes; then + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib' + fi + else + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib' + fi + _LT_TAGVAR(archive_cmds_need_lc, $1)='no' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + _LT_TAGVAR(inherit_rpath, $1)=yes + _LT_TAGVAR(link_all_deplibs, $1)=yes + ;; + + netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out + else + _LT_TAGVAR(archive_cmds, $1)='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF + fi + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + newsos6) + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + *nto* | *qnx*) + ;; + + openbsd*) + if test -f /usr/libexec/ld.so; then + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + else + case $host_os in + openbsd[[01]].* | openbsd2.[[0-7]] | openbsd2.[[0-7]].*) + _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + ;; + esac + fi + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + os2*) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_minus_L, $1)=yes + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~echo DATA >> $output_objdir/$libname.def~echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' + _LT_TAGVAR(old_archive_from_new_cmds, $1)='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' + ;; + + osf3*) + if test "$GCC" = yes; then + _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + else + _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + fi + _LT_TAGVAR(archive_cmds_need_lc, $1)='no' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + ;; + + osf4* | osf5*) # as osf3* with the addition of -msym flag + if test "$GCC" = yes; then + _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + else + _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~ + $CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp' + + # Both c and cxx compiler support -rpath directly + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' + fi + _LT_TAGVAR(archive_cmds_need_lc, $1)='no' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + ;; + + solaris*) + _LT_TAGVAR(no_undefined_flag, $1)=' -z defs' + if test "$GCC" = yes; then + wlarc='${wl}' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' + else + case `$CC -V 2>&1` in + *"Compilers 5.0"*) + wlarc='' + _LT_TAGVAR(archive_cmds, $1)='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp' + ;; + *) + wlarc='${wl}' + _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' + ;; + esac + fi + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + case $host_os in + solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; + *) + # The compiler driver will combine and reorder linker options, + # but understands `-z linker_flag'. GCC discards it without `$wl', + # but is careful enough not to reorder. + # Supported since Solaris 2.6 (maybe 2.5.1?) + if test "$GCC" = yes; then + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract' + else + _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract' + fi + ;; + esac + _LT_TAGVAR(link_all_deplibs, $1)=yes + ;; + + sunos4*) + if test "x$host_vendor" = xsequent; then + # Use $CC to link under sequent, because it throws in some extra .o + # files that make .init and .fini sections work. + _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags' + else + _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' + fi + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_minus_L, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + sysv4) + case $host_vendor in + sni) + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_direct, $1)=yes # is this really true??? + ;; + siemens) + ## LD is ld it makes a PLAMLIB + ## CC just makes a GrossModule. + _LT_TAGVAR(archive_cmds, $1)='$LD -G -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(reload_cmds, $1)='$CC -r -o $output$reload_objs' + _LT_TAGVAR(hardcode_direct, $1)=no + ;; + motorola) + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_direct, $1)=no #Motorola manual says yes, but my tests say they lie + ;; + esac + runpath_var='LD_RUN_PATH' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + sysv4.3*) + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(export_dynamic_flag_spec, $1)='-Bexport' + ;; + + sysv4*MP*) + if test -d /usr/nec; then + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + runpath_var=LD_RUN_PATH + hardcode_runpath_var=yes + _LT_TAGVAR(ld_shlibs, $1)=yes + fi + ;; + + sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*) + _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + runpath_var='LD_RUN_PATH' + + if test "$GCC" = yes; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + else + _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + fi + ;; + + sysv5* | sco3.2v5* | sco5v6*) + # Note: We can NOT use -z defs as we might desire, because we do not + # link with -lc, and that would cause any symbols used from libc to + # always be unresolved, which means just about no library would + # ever link correctly. If we're not using GNU ld we use -z text + # though, which does catch some bad symbols but isn't as heavy-handed + # as -z defs. + _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' + _LT_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs' + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R,$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=':' + _LT_TAGVAR(link_all_deplibs, $1)=yes + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport' + runpath_var='LD_RUN_PATH' + + if test "$GCC" = yes; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + else + _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + fi + ;; + + uts4*) + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + *) + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + + if test x$host_vendor = xsni; then + case $host in + sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*) + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Blargedynsym' + ;; + esac + fi + fi +]) +AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)]) +test "$_LT_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no + +_LT_TAGVAR(with_gnu_ld, $1)=$with_gnu_ld + +_LT_DECL([], [libext], [0], [Old archive suffix (normally "a")])dnl +_LT_DECL([], [shrext_cmds], [1], [Shared library suffix (normally ".so")])dnl +_LT_DECL([], [extract_expsyms_cmds], [2], + [The commands to extract the exported symbol list from a shared archive]) + +# +# Do we need to explicitly link libc? +# +case "x$_LT_TAGVAR(archive_cmds_need_lc, $1)" in +x|xyes) + # Assume -lc should be added + _LT_TAGVAR(archive_cmds_need_lc, $1)=yes + + if test "$enable_shared" = yes && test "$GCC" = yes; then + case $_LT_TAGVAR(archive_cmds, $1) in + *'~'*) + # FIXME: we may have to deal with multi-command sequences. + ;; + '$CC '*) + # Test whether the compiler implicitly links with -lc since on some + # systems, -lgcc has to come before -lc. If gcc already passes -lc + # to ld, don't add -lc before -lgcc. + AC_CACHE_CHECK([whether -lc should be explicitly linked in], + [lt_cv_]_LT_TAGVAR(archive_cmds_need_lc, $1), + [$RM conftest* + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + + if AC_TRY_EVAL(ac_compile) 2>conftest.err; then + soname=conftest + lib=conftest + libobjs=conftest.$ac_objext + deplibs= + wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1) + pic_flag=$_LT_TAGVAR(lt_prog_compiler_pic, $1) + compiler_flags=-v + linker_flags=-v + verstring= + output_objdir=. + libname=conftest + lt_save_allow_undefined_flag=$_LT_TAGVAR(allow_undefined_flag, $1) + _LT_TAGVAR(allow_undefined_flag, $1)= + if AC_TRY_EVAL(_LT_TAGVAR(archive_cmds, $1) 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) + then + lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=no + else + lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=yes + fi + _LT_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag + else + cat conftest.err 1>&5 + fi + $RM conftest* + ]) + _LT_TAGVAR(archive_cmds_need_lc, $1)=$lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1) + ;; + esac + fi + ;; +esac + +_LT_TAGDECL([build_libtool_need_lc], [archive_cmds_need_lc], [0], + [Whether or not to add -lc for building shared libraries]) +_LT_TAGDECL([allow_libtool_libs_with_static_runtimes], + [enable_shared_with_static_runtimes], [0], + [Whether or not to disallow shared libs when runtime libs are static]) +_LT_TAGDECL([], [export_dynamic_flag_spec], [1], + [Compiler flag to allow reflexive dlopens]) +_LT_TAGDECL([], [whole_archive_flag_spec], [1], + [Compiler flag to generate shared objects directly from archives]) +_LT_TAGDECL([], [compiler_needs_object], [1], + [Whether the compiler copes with passing no objects directly]) +_LT_TAGDECL([], [old_archive_from_new_cmds], [2], + [Create an old-style archive from a shared archive]) +_LT_TAGDECL([], [old_archive_from_expsyms_cmds], [2], + [Create a temporary old-style archive to link instead of a shared archive]) +_LT_TAGDECL([], [archive_cmds], [2], [Commands used to build a shared archive]) +_LT_TAGDECL([], [archive_expsym_cmds], [2]) +_LT_TAGDECL([], [module_cmds], [2], + [Commands used to build a loadable module if different from building + a shared archive.]) +_LT_TAGDECL([], [module_expsym_cmds], [2]) +_LT_TAGDECL([], [with_gnu_ld], [1], + [Whether we are building with GNU ld or not]) +_LT_TAGDECL([], [allow_undefined_flag], [1], + [Flag that allows shared libraries with undefined symbols to be built]) +_LT_TAGDECL([], [no_undefined_flag], [1], + [Flag that enforces no undefined symbols]) +_LT_TAGDECL([], [hardcode_libdir_flag_spec], [1], + [Flag to hardcode $libdir into a binary during linking. + This must work even if $libdir does not exist]) +_LT_TAGDECL([], [hardcode_libdir_flag_spec_ld], [1], + [[If ld is used when linking, flag to hardcode $libdir into a binary + during linking. This must work even if $libdir does not exist]]) +_LT_TAGDECL([], [hardcode_libdir_separator], [1], + [Whether we need a single "-rpath" flag with a separated argument]) +_LT_TAGDECL([], [hardcode_direct], [0], + [Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes + DIR into the resulting binary]) +_LT_TAGDECL([], [hardcode_direct_absolute], [0], + [Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes + DIR into the resulting binary and the resulting library dependency is + "absolute", i.e impossible to change by setting ${shlibpath_var} if the + library is relocated]) +_LT_TAGDECL([], [hardcode_minus_L], [0], + [Set to "yes" if using the -LDIR flag during linking hardcodes DIR + into the resulting binary]) +_LT_TAGDECL([], [hardcode_shlibpath_var], [0], + [Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR + into the resulting binary]) +_LT_TAGDECL([], [hardcode_automatic], [0], + [Set to "yes" if building a shared library automatically hardcodes DIR + into the library and all subsequent libraries and executables linked + against it]) +_LT_TAGDECL([], [inherit_rpath], [0], + [Set to yes if linker adds runtime paths of dependent libraries + to runtime path list]) +_LT_TAGDECL([], [link_all_deplibs], [0], + [Whether libtool must link a program against all its dependency libraries]) +_LT_TAGDECL([], [always_export_symbols], [0], + [Set to "yes" if exported symbols are required]) +_LT_TAGDECL([], [export_symbols_cmds], [2], + [The commands to list exported symbols]) +_LT_TAGDECL([], [exclude_expsyms], [1], + [Symbols that should not be listed in the preloaded symbols]) +_LT_TAGDECL([], [include_expsyms], [1], + [Symbols that must always be exported]) +_LT_TAGDECL([], [prelink_cmds], [2], + [Commands necessary for linking programs (against libraries) with templates]) +_LT_TAGDECL([], [postlink_cmds], [2], + [Commands necessary for finishing linking programs]) +_LT_TAGDECL([], [file_list_spec], [1], + [Specify filename containing input files]) +dnl FIXME: Not yet implemented +dnl _LT_TAGDECL([], [thread_safe_flag_spec], [1], +dnl [Compiler flag to generate thread safe objects]) +])# _LT_LINKER_SHLIBS + + +# _LT_LANG_C_CONFIG([TAG]) +# ------------------------ +# Ensure that the configuration variables for a C compiler are suitably +# defined. These variables are subsequently used by _LT_CONFIG to write +# the compiler configuration to `libtool'. +m4_defun([_LT_LANG_C_CONFIG], +[m4_require([_LT_DECL_EGREP])dnl +lt_save_CC="$CC" +AC_LANG_PUSH(C) + +# Source file extension for C test sources. +ac_ext=c + +# Object file extension for compiled C test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# Code to be used in simple compile tests +lt_simple_compile_test_code="int some_variable = 0;" + +# Code to be used in simple link tests +lt_simple_link_test_code='int main(){return(0);}' + +_LT_TAG_COMPILER +# Save the default compiler, since it gets overwritten when the other +# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP. +compiler_DEFAULT=$CC + +# save warnings/boilerplate of simple test code +_LT_COMPILER_BOILERPLATE +_LT_LINKER_BOILERPLATE + +## CAVEAT EMPTOR: +## There is no encapsulation within the following macros, do not change +## the running order or otherwise move them around unless you know exactly +## what you are doing... +if test -n "$compiler"; then + _LT_COMPILER_NO_RTTI($1) + _LT_COMPILER_PIC($1) + _LT_COMPILER_C_O($1) + _LT_COMPILER_FILE_LOCKS($1) + _LT_LINKER_SHLIBS($1) + _LT_SYS_DYNAMIC_LINKER($1) + _LT_LINKER_HARDCODE_LIBPATH($1) + LT_SYS_DLOPEN_SELF + _LT_CMD_STRIPLIB + + # Report which library types will actually be built + AC_MSG_CHECKING([if libtool supports shared libraries]) + AC_MSG_RESULT([$can_build_shared]) + + AC_MSG_CHECKING([whether to build shared libraries]) + test "$can_build_shared" = "no" && enable_shared=no + + # On AIX, shared libraries and static libraries use the same namespace, and + # are all built from PIC. + case $host_os in + aix3*) + test "$enable_shared" = yes && enable_static=no + if test -n "$RANLIB"; then + archive_cmds="$archive_cmds~\$RANLIB \$lib" + postinstall_cmds='$RANLIB $lib' + fi + ;; + + aix[[4-9]]*) + if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then + test "$enable_shared" = yes && enable_static=no + fi + ;; + esac + AC_MSG_RESULT([$enable_shared]) + + AC_MSG_CHECKING([whether to build static libraries]) + # Make sure either enable_shared or enable_static is yes. + test "$enable_shared" = yes || enable_static=yes + AC_MSG_RESULT([$enable_static]) + + _LT_CONFIG($1) +fi +AC_LANG_POP +CC="$lt_save_CC" +])# _LT_LANG_C_CONFIG + + +# _LT_LANG_CXX_CONFIG([TAG]) +# -------------------------- +# Ensure that the configuration variables for a C++ compiler are suitably +# defined. These variables are subsequently used by _LT_CONFIG to write +# the compiler configuration to `libtool'. +m4_defun([_LT_LANG_CXX_CONFIG], +[m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_DECL_EGREP])dnl +m4_require([_LT_PATH_MANIFEST_TOOL])dnl +if test -n "$CXX" && ( test "X$CXX" != "Xno" && + ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || + (test "X$CXX" != "Xg++"))) ; then + AC_PROG_CXXCPP +else + _lt_caught_CXX_error=yes +fi + +AC_LANG_PUSH(C++) +_LT_TAGVAR(archive_cmds_need_lc, $1)=no +_LT_TAGVAR(allow_undefined_flag, $1)= +_LT_TAGVAR(always_export_symbols, $1)=no +_LT_TAGVAR(archive_expsym_cmds, $1)= +_LT_TAGVAR(compiler_needs_object, $1)=no +_LT_TAGVAR(export_dynamic_flag_spec, $1)= +_LT_TAGVAR(hardcode_direct, $1)=no +_LT_TAGVAR(hardcode_direct_absolute, $1)=no +_LT_TAGVAR(hardcode_libdir_flag_spec, $1)= +_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= +_LT_TAGVAR(hardcode_libdir_separator, $1)= +_LT_TAGVAR(hardcode_minus_L, $1)=no +_LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported +_LT_TAGVAR(hardcode_automatic, $1)=no +_LT_TAGVAR(inherit_rpath, $1)=no +_LT_TAGVAR(module_cmds, $1)= +_LT_TAGVAR(module_expsym_cmds, $1)= +_LT_TAGVAR(link_all_deplibs, $1)=unknown +_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds +_LT_TAGVAR(reload_flag, $1)=$reload_flag +_LT_TAGVAR(reload_cmds, $1)=$reload_cmds +_LT_TAGVAR(no_undefined_flag, $1)= +_LT_TAGVAR(whole_archive_flag_spec, $1)= +_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no + +# Source file extension for C++ test sources. +ac_ext=cpp + +# Object file extension for compiled C++ test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# No sense in running all these tests if we already determined that +# the CXX compiler isn't working. Some variables (like enable_shared) +# are currently assumed to apply to all compilers on this platform, +# and will be corrupted by setting them based on a non-working compiler. +if test "$_lt_caught_CXX_error" != yes; then + # Code to be used in simple compile tests + lt_simple_compile_test_code="int some_variable = 0;" + + # Code to be used in simple link tests + lt_simple_link_test_code='int main(int, char *[[]]) { return(0); }' + + # ltmain only uses $CC for tagged configurations so make sure $CC is set. + _LT_TAG_COMPILER + + # save warnings/boilerplate of simple test code + _LT_COMPILER_BOILERPLATE + _LT_LINKER_BOILERPLATE + + # Allow CC to be a program name with arguments. + lt_save_CC=$CC + lt_save_CFLAGS=$CFLAGS + lt_save_LD=$LD + lt_save_GCC=$GCC + GCC=$GXX + lt_save_with_gnu_ld=$with_gnu_ld + lt_save_path_LD=$lt_cv_path_LD + if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then + lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx + else + $as_unset lt_cv_prog_gnu_ld + fi + if test -n "${lt_cv_path_LDCXX+set}"; then + lt_cv_path_LD=$lt_cv_path_LDCXX + else + $as_unset lt_cv_path_LD + fi + test -z "${LDCXX+set}" || LD=$LDCXX + CC=${CXX-"c++"} + CFLAGS=$CXXFLAGS + compiler=$CC + _LT_TAGVAR(compiler, $1)=$CC + _LT_CC_BASENAME([$compiler]) + + if test -n "$compiler"; then + # We don't want -fno-exception when compiling C++ code, so set the + # no_builtin_flag separately + if test "$GXX" = yes; then + _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' + else + _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)= + fi + + if test "$GXX" = yes; then + # Set up default GNU C++ configuration + + LT_PATH_LD + + # Check if GNU C++ uses GNU ld as the underlying linker, since the + # archiving commands below assume that GNU ld is being used. + if test "$with_gnu_ld" = yes; then + _LT_TAGVAR(archive_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + + # If archive_cmds runs LD, not CC, wlarc should be empty + # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to + # investigate it a little bit more. (MM) + wlarc='${wl}' + + # ancient GNU ld didn't support --whole-archive et. al. + if eval "`$CC -print-prog-name=ld` --help 2>&1" | + $GREP 'no-whole-archive' > /dev/null; then + _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' + else + _LT_TAGVAR(whole_archive_flag_spec, $1)= + fi + else + with_gnu_ld=no + wlarc= + + # A generic and very simple default shared library creation + # command for GNU C++ for the case where it uses the native + # linker, instead of GNU ld. If possible, this setting should + # overridden to take advantage of the native linker features on + # the platform it is being used on. + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' + fi + + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + + else + GXX=no + with_gnu_ld=no + wlarc= + fi + + # PORTME: fill in a description of your system's C++ link characteristics + AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) + _LT_TAGVAR(ld_shlibs, $1)=yes + case $host_os in + aix3*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + aix[[4-9]]*) + if test "$host_cpu" = ia64; then + # On IA64, the linker does run time linking by default, so we don't + # have to do anything special. + aix_use_runtimelinking=no + exp_sym_flag='-Bexport' + no_entry_flag="" + else + aix_use_runtimelinking=no + + # Test if we are trying to use run time linking or normal + # AIX style linking. If -brtl is somewhere in LDFLAGS, we + # need to do runtime linking. + case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*) + for ld_flag in $LDFLAGS; do + case $ld_flag in + *-brtl*) + aix_use_runtimelinking=yes + break + ;; + esac + done + ;; + esac + + exp_sym_flag='-bexport' + no_entry_flag='-bnoentry' + fi + + # When large executables or shared objects are built, AIX ld can + # have problems creating the table of contents. If linking a library + # or program results in "error TOC overflow" add -mminimal-toc to + # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not + # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. + + _LT_TAGVAR(archive_cmds, $1)='' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + _LT_TAGVAR(hardcode_libdir_separator, $1)=':' + _LT_TAGVAR(link_all_deplibs, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='${wl}-f,' + + if test "$GXX" = yes; then + case $host_os in aix4.[[012]]|aix4.[[012]].*) + # We only want to do this on AIX 4.2 and lower, the check + # below for broken collect2 doesn't work under 4.3+ + collect2name=`${CC} -print-prog-name=collect2` + if test -f "$collect2name" && + strings "$collect2name" | $GREP resolve_lib_name >/dev/null + then + # We have reworked collect2 + : + else + # We have old collect2 + _LT_TAGVAR(hardcode_direct, $1)=unsupported + # It fails to find uninstalled libraries when the uninstalled + # path is not listed in the libpath. Setting hardcode_minus_L + # to unsupported forces relinking + _LT_TAGVAR(hardcode_minus_L, $1)=yes + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)= + fi + esac + shared_flag='-shared' + if test "$aix_use_runtimelinking" = yes; then + shared_flag="$shared_flag "'${wl}-G' + fi + else + # not using gcc + if test "$host_cpu" = ia64; then + # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release + # chokes on -Wl,-G. The following line is correct: + shared_flag='-G' + else + if test "$aix_use_runtimelinking" = yes; then + shared_flag='${wl}-G' + else + shared_flag='${wl}-bM:SRE' + fi + fi + fi + + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-bexpall' + # It seems that -bexpall does not export symbols beginning with + # underscore (_), so it is better to generate a list of symbols to + # export. + _LT_TAGVAR(always_export_symbols, $1)=yes + if test "$aix_use_runtimelinking" = yes; then + # Warning - without using the other runtime loading flags (-brtl), + # -berok will link without error, but may produce a broken library. + _LT_TAGVAR(allow_undefined_flag, $1)='-berok' + # Determine the default libpath from the value encoded in an empty + # executable. + _LT_SYS_MODULE_PATH_AIX([$1]) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" + + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" + else + if test "$host_cpu" = ia64; then + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib' + _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs" + _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" + else + # Determine the default libpath from the value encoded in an + # empty executable. + _LT_SYS_MODULE_PATH_AIX([$1]) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" + # Warning - without using the other run time loading flags, + # -berok will link without error, but may produce a broken library. + _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok' + _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok' + if test "$with_gnu_ld" = yes; then + # We only use this code for GNU lds that support --whole-archive. + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' + else + # Exported symbols can be pulled into shared objects from archives + _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience' + fi + _LT_TAGVAR(archive_cmds_need_lc, $1)=yes + # This is similar to how AIX traditionally builds its shared + # libraries. + _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' + fi + fi + ;; + + beos*) + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + # Joseph Beckenbach says some releases of gcc + # support --undefined. This deserves some investigation. FIXME + _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + chorus*) + case $cc_basename in + *) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + ;; + + cygwin* | mingw* | pw32* | cegcc*) + case $GXX,$cc_basename in + ,cl* | no,cl*) + # Native MSVC + # hardcode_libdir_flag_spec is actually meaningless, as there is + # no search path for DLLs. + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='@' + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' + _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + $SED -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; + else + $SED -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; + fi~ + $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ + linknames=' + # The linker will not automatically build a static lib if we build a DLL. + # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + # Don't use ranlib + _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib' + _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~ + lt_tool_outputfile="@TOOL_OUTPUT@"~ + case $lt_outputfile in + *.exe|*.EXE) ;; + *) + lt_outputfile="$lt_outputfile.exe" + lt_tool_outputfile="$lt_tool_outputfile.exe" + ;; + esac~ + func_to_tool_file "$lt_outputfile"~ + if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then + $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; + $RM "$lt_outputfile.manifest"; + fi' + ;; + *) + # g++ + # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, + # as there is no search path for DLLs. + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=no + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + + if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + # If the export-symbols file already is a .def file (1st line + # is EXPORTS), use it as is; otherwise, prepend... + _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + cp $export_symbols $output_objdir/$soname.def; + else + echo EXPORTS > $output_objdir/$soname.def; + cat $export_symbols >> $output_objdir/$soname.def; + fi~ + $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + ;; + darwin* | rhapsody*) + _LT_DARWIN_LINKER_FEATURES($1) + ;; + + dgux*) + case $cc_basename in + ec++*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + ghcx*) + # Green Hills C++ Compiler + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + *) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + ;; + + freebsd[[12]]*) + # C++ shared libraries reported to be fairly broken before + # switch to ELF + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + freebsd-elf*) + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + ;; + + freebsd* | dragonfly*) + # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF + # conventions + _LT_TAGVAR(ld_shlibs, $1)=yes + ;; + + gnu*) + ;; + + haiku*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(link_all_deplibs, $1)=yes + ;; + + hpux9*) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH, + # but as the default + # location of the library. + + case $cc_basename in + CC*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + aCC*) + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + # + # There doesn't appear to be a way to prevent this compiler from + # explicitly linking system object files so we need to strip them + # from the output so that they don't get included in the library + # dependencies. + output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + ;; + *) + if test "$GXX" = yes; then + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -nostdlib $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + else + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + ;; + + hpux10*|hpux11*) + if test $with_gnu_ld = no; then + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + + case $host_cpu in + hppa*64*|ia64*) + ;; + *) + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + ;; + esac + fi + case $host_cpu in + hppa*64*|ia64*) + _LT_TAGVAR(hardcode_direct, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + *) + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH, + # but as the default + # location of the library. + ;; + esac + + case $cc_basename in + CC*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + aCC*) + case $host_cpu in + hppa*64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + ;; + ia64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + ;; + esac + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + # + # There doesn't appear to be a way to prevent this compiler from + # explicitly linking system object files so we need to strip them + # from the output so that they don't get included in the library + # dependencies. + output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + ;; + *) + if test "$GXX" = yes; then + if test $with_gnu_ld = no; then + case $host_cpu in + hppa*64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + ;; + ia64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + ;; + esac + fi + else + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + ;; + + interix[[3-9]]*) + _LT_TAGVAR(hardcode_direct, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. + # Instead, shared libraries are loaded at an image base (0x10000000 by + # default) and relocated if they conflict, which is a slow very memory + # consuming and fragmenting process. To avoid this, we pick a random, + # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link + # time. Moving up from 0x10000000 also allows more sbrk(2) space. + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + ;; + irix5* | irix6*) + case $cc_basename in + CC*) + # SGI C++ + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + + # Archives containing C++ object files must be created using + # "CC -ar", where "CC" is the IRIX C++ compiler. This is + # necessary to make sure instantiated templates are included + # in the archive. + _LT_TAGVAR(old_archive_cmds, $1)='$CC -ar -WR,-u -o $oldlib $oldobjs' + ;; + *) + if test "$GXX" = yes; then + if test "$with_gnu_ld" = no; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + else + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` -o $lib' + fi + fi + _LT_TAGVAR(link_all_deplibs, $1)=yes + ;; + esac + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + _LT_TAGVAR(inherit_rpath, $1)=yes + ;; + + linux* | k*bsd*-gnu | kopensolaris*-gnu) + case $cc_basename in + KCC*) + # Kuck and Associates, Inc. (KAI) C++ Compiler + + # KCC will only create a shared library if the output file + # ends with ".so" (or ".sl" for HP-UX), so rename the library + # to its proper name (with version) after linking. + _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib' + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + # + # There doesn't appear to be a way to prevent this compiler from + # explicitly linking system object files so we need to strip them + # from the output so that they don't get included in the library + # dependencies. + output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + + # Archives containing C++ object files must be created using + # "CC -Bstatic", where "CC" is the KAI C++ compiler. + _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' + ;; + icpc* | ecpc* ) + # Intel C++ + with_gnu_ld=yes + # version 8.0 and above of icpc choke on multiply defined symbols + # if we add $predep_objects and $postdep_objects, however 7.1 and + # earlier do not add the objects themselves. + case `$CC -V 2>&1` in + *"Version 7."*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + ;; + *) # Version 8.0 or newer + tmp_idyn= + case $host_cpu in + ia64*) tmp_idyn=' -i_dynamic';; + esac + _LT_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + ;; + esac + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' + ;; + pgCC* | pgcpp*) + # Portland Group C++ compiler + case `$CC -V` in + *pgCC\ [[1-5]].* | *pgcpp\ [[1-5]].*) + _LT_TAGVAR(prelink_cmds, $1)='tpldir=Template.dir~ + rm -rf $tpldir~ + $CC --prelink_objects --instantiation_dir $tpldir $objs $libobjs $compile_deplibs~ + compile_command="$compile_command `find $tpldir -name \*.o | sort | $NL2SP`"' + _LT_TAGVAR(old_archive_cmds, $1)='tpldir=Template.dir~ + rm -rf $tpldir~ + $CC --prelink_objects --instantiation_dir $tpldir $oldobjs$old_deplibs~ + $AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | sort | $NL2SP`~ + $RANLIB $oldlib' + _LT_TAGVAR(archive_cmds, $1)='tpldir=Template.dir~ + rm -rf $tpldir~ + $CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~ + $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='tpldir=Template.dir~ + rm -rf $tpldir~ + $CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~ + $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib' + ;; + *) # Version 6 and above use weak symbols + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib' + ;; + esac + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + ;; + cxx*) + # Compaq C++ + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib ${wl}-retain-symbols-file $wl$export_symbols' + + runpath_var=LD_RUN_PATH + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + # + # There doesn't appear to be a way to prevent this compiler from + # explicitly linking system object files so we need to strip them + # from the output so that they don't get included in the library + # dependencies. + output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "X$list" | $Xsed' + ;; + xl* | mpixl* | bgxl*) + # IBM XL 8.0 on PPC, with GNU ld + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + _LT_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + if test "x$supports_anon_versioning" = xyes; then + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ + cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + echo "local: *; };" >> $output_objdir/$libname.ver~ + $CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' + fi + ;; + *) + case `$CC -V 2>&1 | sed 5q` in + *Sun\ C*) + # Sun C++ 5.9 + _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs' + _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file ${wl}$export_symbols' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + _LT_TAGVAR(compiler_needs_object, $1)=yes + + # Not sure whether something based on + # $CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 + # would be better. + output_verbose_link_cmd='func_echo_all' + + # Archives containing C++ object files must be created using + # "CC -xar", where "CC" is the Sun C++ compiler. This is + # necessary to make sure instantiated templates are included + # in the archive. + _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs' + ;; + esac + ;; + esac + ;; + + lynxos*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + m88k*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + mvs*) + case $cc_basename in + cxx*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + *) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + ;; + + netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags' + wlarc= + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + fi + # Workaround some broken pre-1.5 toolchains + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"' + ;; + + *nto* | *qnx*) + _LT_TAGVAR(ld_shlibs, $1)=yes + ;; + + openbsd2*) + # C++ shared libraries are fairly broken + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + openbsd*) + if test -f /usr/libexec/ld.so; then + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' + fi + output_verbose_link_cmd=func_echo_all + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + osf3* | osf4* | osf5*) + case $cc_basename in + KCC*) + # Kuck and Associates, Inc. (KAI) C++ Compiler + + # KCC will only create a shared library if the output file + # ends with ".so" (or ".sl" for HP-UX), so rename the library + # to its proper name (with version) after linking. + _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo "$lib" | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + + # Archives containing C++ object files must be created using + # the KAI C++ compiler. + case $host in + osf3*) _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' ;; + *) _LT_TAGVAR(old_archive_cmds, $1)='$CC -o $oldlib $oldobjs' ;; + esac + ;; + RCC*) + # Rational C++ 2.4.1 + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + cxx*) + case $host in + osf3*) + _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && func_echo_all "${wl}-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + ;; + *) + _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~ + echo "-hidden">> $lib.exp~ + $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname ${wl}-input ${wl}$lib.exp `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~ + $RM $lib.exp' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' + ;; + esac + + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + # + # There doesn't appear to be a way to prevent this compiler from + # explicitly linking system object files so we need to strip them + # from the output so that they don't get included in the library + # dependencies. + output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + ;; + *) + if test "$GXX" = yes && test "$with_gnu_ld" = no; then + _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' + case $host in + osf3*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + ;; + esac + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + + else + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + ;; + + psos*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + sunos4*) + case $cc_basename in + CC*) + # Sun C++ 4.x + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + lcc*) + # Lucid + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + *) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + ;; + + solaris*) + case $cc_basename in + CC* | sunCC*) + # Sun C++ 4.2, 5.x and Centerline C++ + _LT_TAGVAR(archive_cmds_need_lc,$1)=yes + _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs' + _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + case $host_os in + solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; + *) + # The compiler driver will combine and reorder linker options, + # but understands `-z linker_flag'. + # Supported since Solaris 2.6 (maybe 2.5.1?) + _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract' + ;; + esac + _LT_TAGVAR(link_all_deplibs, $1)=yes + + output_verbose_link_cmd='func_echo_all' + + # Archives containing C++ object files must be created using + # "CC -xar", where "CC" is the Sun C++ compiler. This is + # necessary to make sure instantiated templates are included + # in the archive. + _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs' + ;; + gcx*) + # Green Hills C++ Compiler + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' + + # The C++ compiler must be used to create the archive. + _LT_TAGVAR(old_archive_cmds, $1)='$CC $LDFLAGS -archive -o $oldlib $oldobjs' + ;; + *) + # GNU C++ compiler with Solaris linker + if test "$GXX" = yes && test "$with_gnu_ld" = no; then + _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-z ${wl}defs' + if $CC --version | $GREP -v '^2\.7' > /dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -shared $pic_flag -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' + + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + else + # g++ 2.7 appears to require `-G' NOT `-shared' on this + # platform. + _LT_TAGVAR(archive_cmds, $1)='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' + + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + fi + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $wl$libdir' + case $host_os in + solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; + *) + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract' + ;; + esac + fi + ;; + esac + ;; + + sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*) + _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + runpath_var='LD_RUN_PATH' + + case $cc_basename in + CC*) + _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + ;; + esac + ;; + + sysv5* | sco3.2v5* | sco5v6*) + # Note: We can NOT use -z defs as we might desire, because we do not + # link with -lc, and that would cause any symbols used from libc to + # always be unresolved, which means just about no library would + # ever link correctly. If we're not using GNU ld we use -z text + # though, which does catch some bad symbols but isn't as heavy-handed + # as -z defs. + _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' + _LT_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs' + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R,$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=':' + _LT_TAGVAR(link_all_deplibs, $1)=yes + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport' + runpath_var='LD_RUN_PATH' + + case $cc_basename in + CC*) + _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(old_archive_cmds, $1)='$CC -Tprelink_objects $oldobjs~ + '"$_LT_TAGVAR(old_archive_cmds, $1)" + _LT_TAGVAR(reload_cmds, $1)='$CC -Tprelink_objects $reload_objs~ + '"$_LT_TAGVAR(reload_cmds, $1)" + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + ;; + esac + ;; + + tandem*) + case $cc_basename in + NCC*) + # NonStop-UX NCC 3.20 + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + *) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + ;; + + vxworks*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + *) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + + AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)]) + test "$_LT_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no + + _LT_TAGVAR(GCC, $1)="$GXX" + _LT_TAGVAR(LD, $1)="$LD" + + ## CAVEAT EMPTOR: + ## There is no encapsulation within the following macros, do not change + ## the running order or otherwise move them around unless you know exactly + ## what you are doing... + _LT_SYS_HIDDEN_LIBDEPS($1) + _LT_COMPILER_PIC($1) + _LT_COMPILER_C_O($1) + _LT_COMPILER_FILE_LOCKS($1) + _LT_LINKER_SHLIBS($1) + _LT_SYS_DYNAMIC_LINKER($1) + _LT_LINKER_HARDCODE_LIBPATH($1) + + _LT_CONFIG($1) + fi # test -n "$compiler" + + CC=$lt_save_CC + CFLAGS=$lt_save_CFLAGS + LDCXX=$LD + LD=$lt_save_LD + GCC=$lt_save_GCC + with_gnu_ld=$lt_save_with_gnu_ld + lt_cv_path_LDCXX=$lt_cv_path_LD + lt_cv_path_LD=$lt_save_path_LD + lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld + lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld +fi # test "$_lt_caught_CXX_error" != yes + +AC_LANG_POP +])# _LT_LANG_CXX_CONFIG + + +# _LT_FUNC_STRIPNAME_CNF +# ---------------------- +# func_stripname_cnf prefix suffix name +# strip PREFIX and SUFFIX off of NAME. +# PREFIX and SUFFIX must not contain globbing or regex special +# characters, hashes, percent signs, but SUFFIX may contain a leading +# dot (in which case that matches only a dot). +# +# This function is identical to the (non-XSI) version of func_stripname, +# except this one can be used by m4 code that may be executed by configure, +# rather than the libtool script. +m4_defun([_LT_FUNC_STRIPNAME_CNF],[dnl +AC_REQUIRE([_LT_DECL_SED]) +AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH]) +func_stripname_cnf () +{ + case ${2} in + .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;; + *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;; + esac +} # func_stripname_cnf +])# _LT_FUNC_STRIPNAME_CNF + +# _LT_SYS_HIDDEN_LIBDEPS([TAGNAME]) +# --------------------------------- +# Figure out "hidden" library dependencies from verbose +# compiler output when linking a shared library. +# Parse the compiler output and extract the necessary +# objects, libraries and library flags. +m4_defun([_LT_SYS_HIDDEN_LIBDEPS], +[m4_require([_LT_FILEUTILS_DEFAULTS])dnl +AC_REQUIRE([_LT_FUNC_STRIPNAME_CNF])dnl +# Dependencies to place before and after the object being linked: +_LT_TAGVAR(predep_objects, $1)= +_LT_TAGVAR(postdep_objects, $1)= +_LT_TAGVAR(predeps, $1)= +_LT_TAGVAR(postdeps, $1)= +_LT_TAGVAR(compiler_lib_search_path, $1)= + +dnl we can't use the lt_simple_compile_test_code here, +dnl because it contains code intended for an executable, +dnl not a library. It's possible we should let each +dnl tag define a new lt_????_link_test_code variable, +dnl but it's only used here... +m4_if([$1], [], [cat > conftest.$ac_ext <<_LT_EOF +int a; +void foo (void) { a = 0; } +_LT_EOF +], [$1], [CXX], [cat > conftest.$ac_ext <<_LT_EOF +class Foo +{ +public: + Foo (void) { a = 0; } +private: + int a; +}; +_LT_EOF +], [$1], [F77], [cat > conftest.$ac_ext <<_LT_EOF + subroutine foo + implicit none + integer*4 a + a=0 + return + end +_LT_EOF +], [$1], [FC], [cat > conftest.$ac_ext <<_LT_EOF + subroutine foo + implicit none + integer a + a=0 + return + end +_LT_EOF +], [$1], [GCJ], [cat > conftest.$ac_ext <<_LT_EOF +public class foo { + private int a; + public void bar (void) { + a = 0; + } +}; +_LT_EOF +]) + +_lt_libdeps_save_CFLAGS=$CFLAGS +case "$CC $CFLAGS " in #( +*\ -flto*\ *) CFLAGS="$CFLAGS -fno-lto" ;; +*\ -fwhopr*\ *) CFLAGS="$CFLAGS -fno-whopr" ;; +esac + +dnl Parse the compiler output and extract the necessary +dnl objects, libraries and library flags. +if AC_TRY_EVAL(ac_compile); then + # Parse the compiler output and extract the necessary + # objects, libraries and library flags. + + # Sentinel used to keep track of whether or not we are before + # the conftest object file. + pre_test_object_deps_done=no + + for p in `eval "$output_verbose_link_cmd"`; do + case ${prev}${p} in + + -L* | -R* | -l*) + # Some compilers place space between "-{L,R}" and the path. + # Remove the space. + if test $p = "-L" || + test $p = "-R"; then + prev=$p + continue + fi + + # Expand the sysroot to ease extracting the directories later. + if test -z "$prev"; then + case $p in + -L*) func_stripname_cnf '-L' '' "$p"; prev=-L; p=$func_stripname_result ;; + -R*) func_stripname_cnf '-R' '' "$p"; prev=-R; p=$func_stripname_result ;; + -l*) func_stripname_cnf '-l' '' "$p"; prev=-l; p=$func_stripname_result ;; + esac + fi + case $p in + =*) func_stripname_cnf '=' '' "$p"; p=$lt_sysroot$func_stripname_result ;; + esac + if test "$pre_test_object_deps_done" = no; then + case ${prev} in + -L | -R) + # Internal compiler library paths should come after those + # provided the user. The postdeps already come after the + # user supplied libs so there is no need to process them. + if test -z "$_LT_TAGVAR(compiler_lib_search_path, $1)"; then + _LT_TAGVAR(compiler_lib_search_path, $1)="${prev}${p}" + else + _LT_TAGVAR(compiler_lib_search_path, $1)="${_LT_TAGVAR(compiler_lib_search_path, $1)} ${prev}${p}" + fi + ;; + # The "-l" case would never come before the object being + # linked, so don't bother handling this case. + esac + else + if test -z "$_LT_TAGVAR(postdeps, $1)"; then + _LT_TAGVAR(postdeps, $1)="${prev}${p}" + else + _LT_TAGVAR(postdeps, $1)="${_LT_TAGVAR(postdeps, $1)} ${prev}${p}" + fi + fi + prev= + ;; + + *.lto.$objext) ;; # Ignore GCC LTO objects + *.$objext) + # This assumes that the test object file only shows up + # once in the compiler output. + if test "$p" = "conftest.$objext"; then + pre_test_object_deps_done=yes + continue + fi + + if test "$pre_test_object_deps_done" = no; then + if test -z "$_LT_TAGVAR(predep_objects, $1)"; then + _LT_TAGVAR(predep_objects, $1)="$p" + else + _LT_TAGVAR(predep_objects, $1)="$_LT_TAGVAR(predep_objects, $1) $p" + fi + else + if test -z "$_LT_TAGVAR(postdep_objects, $1)"; then + _LT_TAGVAR(postdep_objects, $1)="$p" + else + _LT_TAGVAR(postdep_objects, $1)="$_LT_TAGVAR(postdep_objects, $1) $p" + fi + fi + ;; + + *) ;; # Ignore the rest. + + esac + done + + # Clean up. + rm -f a.out a.exe +else + echo "libtool.m4: error: problem compiling $1 test program" +fi + +$RM -f confest.$objext +CFLAGS=$_lt_libdeps_save_CFLAGS + +# PORTME: override above test on systems where it is broken +m4_if([$1], [CXX], +[case $host_os in +interix[[3-9]]*) + # Interix 3.5 installs completely hosed .la files for C++, so rather than + # hack all around it, let's just trust "g++" to DTRT. + _LT_TAGVAR(predep_objects,$1)= + _LT_TAGVAR(postdep_objects,$1)= + _LT_TAGVAR(postdeps,$1)= + ;; + +linux*) + case `$CC -V 2>&1 | sed 5q` in + *Sun\ C*) + # Sun C++ 5.9 + + # The more standards-conforming stlport4 library is + # incompatible with the Cstd library. Avoid specifying + # it if it's in CXXFLAGS. Ignore libCrun as + # -library=stlport4 depends on it. + case " $CXX $CXXFLAGS " in + *" -library=stlport4 "*) + solaris_use_stlport4=yes + ;; + esac + + if test "$solaris_use_stlport4" != yes; then + _LT_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun' + fi + ;; + esac + ;; + +solaris*) + case $cc_basename in + CC* | sunCC*) + # The more standards-conforming stlport4 library is + # incompatible with the Cstd library. Avoid specifying + # it if it's in CXXFLAGS. Ignore libCrun as + # -library=stlport4 depends on it. + case " $CXX $CXXFLAGS " in + *" -library=stlport4 "*) + solaris_use_stlport4=yes + ;; + esac + + # Adding this requires a known-good setup of shared libraries for + # Sun compiler versions before 5.6, else PIC objects from an old + # archive will be linked into the output, leading to subtle bugs. + if test "$solaris_use_stlport4" != yes; then + _LT_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun' + fi + ;; + esac + ;; +esac +]) + +case " $_LT_TAGVAR(postdeps, $1) " in +*" -lc "*) _LT_TAGVAR(archive_cmds_need_lc, $1)=no ;; +esac + _LT_TAGVAR(compiler_lib_search_dirs, $1)= +if test -n "${_LT_TAGVAR(compiler_lib_search_path, $1)}"; then + _LT_TAGVAR(compiler_lib_search_dirs, $1)=`echo " ${_LT_TAGVAR(compiler_lib_search_path, $1)}" | ${SED} -e 's! -L! !g' -e 's!^ !!'` +fi +_LT_TAGDECL([], [compiler_lib_search_dirs], [1], + [The directories searched by this compiler when creating a shared library]) +_LT_TAGDECL([], [predep_objects], [1], + [Dependencies to place before and after the objects being linked to + create a shared library]) +_LT_TAGDECL([], [postdep_objects], [1]) +_LT_TAGDECL([], [predeps], [1]) +_LT_TAGDECL([], [postdeps], [1]) +_LT_TAGDECL([], [compiler_lib_search_path], [1], + [The library search path used internally by the compiler when linking + a shared library]) +])# _LT_SYS_HIDDEN_LIBDEPS + + +# _LT_LANG_F77_CONFIG([TAG]) +# -------------------------- +# Ensure that the configuration variables for a Fortran 77 compiler are +# suitably defined. These variables are subsequently used by _LT_CONFIG +# to write the compiler configuration to `libtool'. +m4_defun([_LT_LANG_F77_CONFIG], +[AC_LANG_PUSH(Fortran 77) +if test -z "$F77" || test "X$F77" = "Xno"; then + _lt_disable_F77=yes +fi + +_LT_TAGVAR(archive_cmds_need_lc, $1)=no +_LT_TAGVAR(allow_undefined_flag, $1)= +_LT_TAGVAR(always_export_symbols, $1)=no +_LT_TAGVAR(archive_expsym_cmds, $1)= +_LT_TAGVAR(export_dynamic_flag_spec, $1)= +_LT_TAGVAR(hardcode_direct, $1)=no +_LT_TAGVAR(hardcode_direct_absolute, $1)=no +_LT_TAGVAR(hardcode_libdir_flag_spec, $1)= +_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= +_LT_TAGVAR(hardcode_libdir_separator, $1)= +_LT_TAGVAR(hardcode_minus_L, $1)=no +_LT_TAGVAR(hardcode_automatic, $1)=no +_LT_TAGVAR(inherit_rpath, $1)=no +_LT_TAGVAR(module_cmds, $1)= +_LT_TAGVAR(module_expsym_cmds, $1)= +_LT_TAGVAR(link_all_deplibs, $1)=unknown +_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds +_LT_TAGVAR(reload_flag, $1)=$reload_flag +_LT_TAGVAR(reload_cmds, $1)=$reload_cmds +_LT_TAGVAR(no_undefined_flag, $1)= +_LT_TAGVAR(whole_archive_flag_spec, $1)= +_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no + +# Source file extension for f77 test sources. +ac_ext=f + +# Object file extension for compiled f77 test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# No sense in running all these tests if we already determined that +# the F77 compiler isn't working. Some variables (like enable_shared) +# are currently assumed to apply to all compilers on this platform, +# and will be corrupted by setting them based on a non-working compiler. +if test "$_lt_disable_F77" != yes; then + # Code to be used in simple compile tests + lt_simple_compile_test_code="\ + subroutine t + return + end +" + + # Code to be used in simple link tests + lt_simple_link_test_code="\ + program t + end +" + + # ltmain only uses $CC for tagged configurations so make sure $CC is set. + _LT_TAG_COMPILER + + # save warnings/boilerplate of simple test code + _LT_COMPILER_BOILERPLATE + _LT_LINKER_BOILERPLATE + + # Allow CC to be a program name with arguments. + lt_save_CC="$CC" + lt_save_GCC=$GCC + lt_save_CFLAGS=$CFLAGS + CC=${F77-"f77"} + CFLAGS=$FFLAGS + compiler=$CC + _LT_TAGVAR(compiler, $1)=$CC + _LT_CC_BASENAME([$compiler]) + GCC=$G77 + if test -n "$compiler"; then + AC_MSG_CHECKING([if libtool supports shared libraries]) + AC_MSG_RESULT([$can_build_shared]) + + AC_MSG_CHECKING([whether to build shared libraries]) + test "$can_build_shared" = "no" && enable_shared=no + + # On AIX, shared libraries and static libraries use the same namespace, and + # are all built from PIC. + case $host_os in + aix3*) + test "$enable_shared" = yes && enable_static=no + if test -n "$RANLIB"; then + archive_cmds="$archive_cmds~\$RANLIB \$lib" + postinstall_cmds='$RANLIB $lib' + fi + ;; + aix[[4-9]]*) + if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then + test "$enable_shared" = yes && enable_static=no + fi + ;; + esac + AC_MSG_RESULT([$enable_shared]) + + AC_MSG_CHECKING([whether to build static libraries]) + # Make sure either enable_shared or enable_static is yes. + test "$enable_shared" = yes || enable_static=yes + AC_MSG_RESULT([$enable_static]) + + _LT_TAGVAR(GCC, $1)="$G77" + _LT_TAGVAR(LD, $1)="$LD" + + ## CAVEAT EMPTOR: + ## There is no encapsulation within the following macros, do not change + ## the running order or otherwise move them around unless you know exactly + ## what you are doing... + _LT_COMPILER_PIC($1) + _LT_COMPILER_C_O($1) + _LT_COMPILER_FILE_LOCKS($1) + _LT_LINKER_SHLIBS($1) + _LT_SYS_DYNAMIC_LINKER($1) + _LT_LINKER_HARDCODE_LIBPATH($1) + + _LT_CONFIG($1) + fi # test -n "$compiler" + + GCC=$lt_save_GCC + CC="$lt_save_CC" + CFLAGS="$lt_save_CFLAGS" +fi # test "$_lt_disable_F77" != yes + +AC_LANG_POP +])# _LT_LANG_F77_CONFIG + + +# _LT_LANG_FC_CONFIG([TAG]) +# ------------------------- +# Ensure that the configuration variables for a Fortran compiler are +# suitably defined. These variables are subsequently used by _LT_CONFIG +# to write the compiler configuration to `libtool'. +m4_defun([_LT_LANG_FC_CONFIG], +[AC_LANG_PUSH(Fortran) + +if test -z "$FC" || test "X$FC" = "Xno"; then + _lt_disable_FC=yes +fi + +_LT_TAGVAR(archive_cmds_need_lc, $1)=no +_LT_TAGVAR(allow_undefined_flag, $1)= +_LT_TAGVAR(always_export_symbols, $1)=no +_LT_TAGVAR(archive_expsym_cmds, $1)= +_LT_TAGVAR(export_dynamic_flag_spec, $1)= +_LT_TAGVAR(hardcode_direct, $1)=no +_LT_TAGVAR(hardcode_direct_absolute, $1)=no +_LT_TAGVAR(hardcode_libdir_flag_spec, $1)= +_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= +_LT_TAGVAR(hardcode_libdir_separator, $1)= +_LT_TAGVAR(hardcode_minus_L, $1)=no +_LT_TAGVAR(hardcode_automatic, $1)=no +_LT_TAGVAR(inherit_rpath, $1)=no +_LT_TAGVAR(module_cmds, $1)= +_LT_TAGVAR(module_expsym_cmds, $1)= +_LT_TAGVAR(link_all_deplibs, $1)=unknown +_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds +_LT_TAGVAR(reload_flag, $1)=$reload_flag +_LT_TAGVAR(reload_cmds, $1)=$reload_cmds +_LT_TAGVAR(no_undefined_flag, $1)= +_LT_TAGVAR(whole_archive_flag_spec, $1)= +_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no + +# Source file extension for fc test sources. +ac_ext=${ac_fc_srcext-f} + +# Object file extension for compiled fc test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# No sense in running all these tests if we already determined that +# the FC compiler isn't working. Some variables (like enable_shared) +# are currently assumed to apply to all compilers on this platform, +# and will be corrupted by setting them based on a non-working compiler. +if test "$_lt_disable_FC" != yes; then + # Code to be used in simple compile tests + lt_simple_compile_test_code="\ + subroutine t + return + end +" + + # Code to be used in simple link tests + lt_simple_link_test_code="\ + program t + end +" + + # ltmain only uses $CC for tagged configurations so make sure $CC is set. + _LT_TAG_COMPILER + + # save warnings/boilerplate of simple test code + _LT_COMPILER_BOILERPLATE + _LT_LINKER_BOILERPLATE + + # Allow CC to be a program name with arguments. + lt_save_CC="$CC" + lt_save_GCC=$GCC + lt_save_CFLAGS=$CFLAGS + CC=${FC-"f95"} + CFLAGS=$FCFLAGS + compiler=$CC + GCC=$ac_cv_fc_compiler_gnu + + _LT_TAGVAR(compiler, $1)=$CC + _LT_CC_BASENAME([$compiler]) + + if test -n "$compiler"; then + AC_MSG_CHECKING([if libtool supports shared libraries]) + AC_MSG_RESULT([$can_build_shared]) + + AC_MSG_CHECKING([whether to build shared libraries]) + test "$can_build_shared" = "no" && enable_shared=no + + # On AIX, shared libraries and static libraries use the same namespace, and + # are all built from PIC. + case $host_os in + aix3*) + test "$enable_shared" = yes && enable_static=no + if test -n "$RANLIB"; then + archive_cmds="$archive_cmds~\$RANLIB \$lib" + postinstall_cmds='$RANLIB $lib' + fi + ;; + aix[[4-9]]*) + if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then + test "$enable_shared" = yes && enable_static=no + fi + ;; + esac + AC_MSG_RESULT([$enable_shared]) + + AC_MSG_CHECKING([whether to build static libraries]) + # Make sure either enable_shared or enable_static is yes. + test "$enable_shared" = yes || enable_static=yes + AC_MSG_RESULT([$enable_static]) + + _LT_TAGVAR(GCC, $1)="$ac_cv_fc_compiler_gnu" + _LT_TAGVAR(LD, $1)="$LD" + + ## CAVEAT EMPTOR: + ## There is no encapsulation within the following macros, do not change + ## the running order or otherwise move them around unless you know exactly + ## what you are doing... + _LT_SYS_HIDDEN_LIBDEPS($1) + _LT_COMPILER_PIC($1) + _LT_COMPILER_C_O($1) + _LT_COMPILER_FILE_LOCKS($1) + _LT_LINKER_SHLIBS($1) + _LT_SYS_DYNAMIC_LINKER($1) + _LT_LINKER_HARDCODE_LIBPATH($1) + + _LT_CONFIG($1) + fi # test -n "$compiler" + + GCC=$lt_save_GCC + CC=$lt_save_CC + CFLAGS=$lt_save_CFLAGS +fi # test "$_lt_disable_FC" != yes + +AC_LANG_POP +])# _LT_LANG_FC_CONFIG + + +# _LT_LANG_GCJ_CONFIG([TAG]) +# -------------------------- +# Ensure that the configuration variables for the GNU Java Compiler compiler +# are suitably defined. These variables are subsequently used by _LT_CONFIG +# to write the compiler configuration to `libtool'. +m4_defun([_LT_LANG_GCJ_CONFIG], +[AC_REQUIRE([LT_PROG_GCJ])dnl +AC_LANG_SAVE + +# Source file extension for Java test sources. +ac_ext=java + +# Object file extension for compiled Java test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# Code to be used in simple compile tests +lt_simple_compile_test_code="class foo {}" + +# Code to be used in simple link tests +lt_simple_link_test_code='public class conftest { public static void main(String[[]] argv) {}; }' + +# ltmain only uses $CC for tagged configurations so make sure $CC is set. +_LT_TAG_COMPILER + +# save warnings/boilerplate of simple test code +_LT_COMPILER_BOILERPLATE +_LT_LINKER_BOILERPLATE + +# Allow CC to be a program name with arguments. +lt_save_CC=$CC +lt_save_CFLAGS=$CFLAGS +lt_save_GCC=$GCC +GCC=yes +CC=${GCJ-"gcj"} +CFLAGS=$GCJFLAGS +compiler=$CC +_LT_TAGVAR(compiler, $1)=$CC +_LT_TAGVAR(LD, $1)="$LD" +_LT_CC_BASENAME([$compiler]) + +# GCJ did not exist at the time GCC didn't implicitly link libc in. +_LT_TAGVAR(archive_cmds_need_lc, $1)=no + +_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds +_LT_TAGVAR(reload_flag, $1)=$reload_flag +_LT_TAGVAR(reload_cmds, $1)=$reload_cmds + +## CAVEAT EMPTOR: +## There is no encapsulation within the following macros, do not change +## the running order or otherwise move them around unless you know exactly +## what you are doing... +if test -n "$compiler"; then + _LT_COMPILER_NO_RTTI($1) + _LT_COMPILER_PIC($1) + _LT_COMPILER_C_O($1) + _LT_COMPILER_FILE_LOCKS($1) + _LT_LINKER_SHLIBS($1) + _LT_LINKER_HARDCODE_LIBPATH($1) + + _LT_CONFIG($1) +fi + +AC_LANG_RESTORE + +GCC=$lt_save_GCC +CC=$lt_save_CC +CFLAGS=$lt_save_CFLAGS +])# _LT_LANG_GCJ_CONFIG + + +# _LT_LANG_RC_CONFIG([TAG]) +# ------------------------- +# Ensure that the configuration variables for the Windows resource compiler +# are suitably defined. These variables are subsequently used by _LT_CONFIG +# to write the compiler configuration to `libtool'. +m4_defun([_LT_LANG_RC_CONFIG], +[AC_REQUIRE([LT_PROG_RC])dnl +AC_LANG_SAVE + +# Source file extension for RC test sources. +ac_ext=rc + +# Object file extension for compiled RC test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# Code to be used in simple compile tests +lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }' + +# Code to be used in simple link tests +lt_simple_link_test_code="$lt_simple_compile_test_code" + +# ltmain only uses $CC for tagged configurations so make sure $CC is set. +_LT_TAG_COMPILER + +# save warnings/boilerplate of simple test code +_LT_COMPILER_BOILERPLATE +_LT_LINKER_BOILERPLATE + +# Allow CC to be a program name with arguments. +lt_save_CC="$CC" +lt_save_CFLAGS=$CFLAGS +lt_save_GCC=$GCC +GCC= +CC=${RC-"windres"} +CFLAGS= +compiler=$CC +_LT_TAGVAR(compiler, $1)=$CC +_LT_CC_BASENAME([$compiler]) +_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes + +if test -n "$compiler"; then + : + _LT_CONFIG($1) +fi + +GCC=$lt_save_GCC +AC_LANG_RESTORE +CC=$lt_save_CC +CFLAGS=$lt_save_CFLAGS +])# _LT_LANG_RC_CONFIG + + +# LT_PROG_GCJ +# ----------- +AC_DEFUN([LT_PROG_GCJ], +[m4_ifdef([AC_PROG_GCJ], [AC_PROG_GCJ], + [m4_ifdef([A][M_PROG_GCJ], [A][M_PROG_GCJ], + [AC_CHECK_TOOL(GCJ, gcj,) + test "x${GCJFLAGS+set}" = xset || GCJFLAGS="-g -O2" + AC_SUBST(GCJFLAGS)])])[]dnl +]) + +# Old name: +AU_ALIAS([LT_AC_PROG_GCJ], [LT_PROG_GCJ]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([LT_AC_PROG_GCJ], []) + + +# LT_PROG_RC +# ---------- +AC_DEFUN([LT_PROG_RC], +[AC_CHECK_TOOL(RC, windres,) +]) + +# Old name: +AU_ALIAS([LT_AC_PROG_RC], [LT_PROG_RC]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([LT_AC_PROG_RC], []) + + +# _LT_DECL_EGREP +# -------------- +# If we don't have a new enough Autoconf to choose the best grep +# available, choose the one first in the user's PATH. +m4_defun([_LT_DECL_EGREP], +[AC_REQUIRE([AC_PROG_EGREP])dnl +AC_REQUIRE([AC_PROG_FGREP])dnl +test -z "$GREP" && GREP=grep +_LT_DECL([], [GREP], [1], [A grep program that handles long lines]) +_LT_DECL([], [EGREP], [1], [An ERE matcher]) +_LT_DECL([], [FGREP], [1], [A literal string matcher]) +dnl Non-bleeding-edge autoconf doesn't subst GREP, so do it here too +AC_SUBST([GREP]) +]) + + +# _LT_DECL_OBJDUMP +# -------------- +# If we don't have a new enough Autoconf to choose the best objdump +# available, choose the one first in the user's PATH. +m4_defun([_LT_DECL_OBJDUMP], +[AC_CHECK_TOOL(OBJDUMP, objdump, false) +test -z "$OBJDUMP" && OBJDUMP=objdump +_LT_DECL([], [OBJDUMP], [1], [An object symbol dumper]) +AC_SUBST([OBJDUMP]) +]) + +# _LT_DECL_DLLTOOL +# ---------------- +# Ensure DLLTOOL variable is set. +m4_defun([_LT_DECL_DLLTOOL], +[AC_CHECK_TOOL(DLLTOOL, dlltool, false) +test -z "$DLLTOOL" && DLLTOOL=dlltool +_LT_DECL([], [DLLTOOL], [1], [DLL creation program]) +AC_SUBST([DLLTOOL]) +]) + +# _LT_DECL_SED +# ------------ +# Check for a fully-functional sed program, that truncates +# as few characters as possible. Prefer GNU sed if found. +m4_defun([_LT_DECL_SED], +[AC_PROG_SED +test -z "$SED" && SED=sed +Xsed="$SED -e 1s/^X//" +_LT_DECL([], [SED], [1], [A sed program that does not truncate output]) +_LT_DECL([], [Xsed], ["\$SED -e 1s/^X//"], + [Sed that helps us avoid accidentally triggering echo(1) options like -n]) +])# _LT_DECL_SED + +m4_ifndef([AC_PROG_SED], [ +############################################################ +# NOTE: This macro has been submitted for inclusion into # +# GNU Autoconf as AC_PROG_SED. When it is available in # +# a released version of Autoconf we should remove this # +# macro and use it instead. # +############################################################ + +m4_defun([AC_PROG_SED], +[AC_MSG_CHECKING([for a sed that does not truncate output]) +AC_CACHE_VAL(lt_cv_path_SED, +[# Loop through the user's path and test for sed and gsed. +# Then use that list of sed's as ones to test for truncation. +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for lt_ac_prog in sed gsed; do + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then + lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext" + fi + done + done +done +IFS=$as_save_IFS +lt_ac_max=0 +lt_ac_count=0 +# Add /usr/xpg4/bin/sed as it is typically found on Solaris +# along with /bin/sed that truncates output. +for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do + test ! -f $lt_ac_sed && continue + cat /dev/null > conftest.in + lt_ac_count=0 + echo $ECHO_N "0123456789$ECHO_C" >conftest.in + # Check for GNU sed and select it if it is found. + if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then + lt_cv_path_SED=$lt_ac_sed + break + fi + while true; do + cat conftest.in conftest.in >conftest.tmp + mv conftest.tmp conftest.in + cp conftest.in conftest.nl + echo >>conftest.nl + $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break + cmp -s conftest.out conftest.nl || break + # 10000 chars as input seems more than enough + test $lt_ac_count -gt 10 && break + lt_ac_count=`expr $lt_ac_count + 1` + if test $lt_ac_count -gt $lt_ac_max; then + lt_ac_max=$lt_ac_count + lt_cv_path_SED=$lt_ac_sed + fi + done +done +]) +SED=$lt_cv_path_SED +AC_SUBST([SED]) +AC_MSG_RESULT([$SED]) +])#AC_PROG_SED +])#m4_ifndef + +# Old name: +AU_ALIAS([LT_AC_PROG_SED], [AC_PROG_SED]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([LT_AC_PROG_SED], []) + + +# _LT_CHECK_SHELL_FEATURES +# ------------------------ +# Find out whether the shell is Bourne or XSI compatible, +# or has some other useful features. +m4_defun([_LT_CHECK_SHELL_FEATURES], +[AC_MSG_CHECKING([whether the shell understands some XSI constructs]) +# Try some XSI features +xsi_shell=no +( _lt_dummy="a/b/c" + test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \ + = c,a/b,b/c, \ + && eval 'test $(( 1 + 1 )) -eq 2 \ + && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \ + && xsi_shell=yes +AC_MSG_RESULT([$xsi_shell]) +_LT_CONFIG_LIBTOOL_INIT([xsi_shell='$xsi_shell']) + +AC_MSG_CHECKING([whether the shell understands "+="]) +lt_shell_append=no +( foo=bar; set foo baz; eval "$[1]+=\$[2]" && test "$foo" = barbaz ) \ + >/dev/null 2>&1 \ + && lt_shell_append=yes +AC_MSG_RESULT([$lt_shell_append]) +_LT_CONFIG_LIBTOOL_INIT([lt_shell_append='$lt_shell_append']) + +if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then + lt_unset=unset +else + lt_unset=false +fi +_LT_DECL([], [lt_unset], [0], [whether the shell understands "unset"])dnl + +# test EBCDIC or ASCII +case `echo X|tr X '\101'` in + A) # ASCII based system + # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr + lt_SP2NL='tr \040 \012' + lt_NL2SP='tr \015\012 \040\040' + ;; + *) # EBCDIC based system + lt_SP2NL='tr \100 \n' + lt_NL2SP='tr \r\n \100\100' + ;; +esac +_LT_DECL([SP2NL], [lt_SP2NL], [1], [turn spaces into newlines])dnl +_LT_DECL([NL2SP], [lt_NL2SP], [1], [turn newlines into spaces])dnl +])# _LT_CHECK_SHELL_FEATURES + + +# _LT_PROG_FUNCTION_REPLACE (FUNCNAME, REPLACEMENT-BODY) +# ------------------------------------------------------ +# In `$cfgfile', look for function FUNCNAME delimited by `^FUNCNAME ()$' and +# '^} FUNCNAME ', and replace its body with REPLACEMENT-BODY. +m4_defun([_LT_PROG_FUNCTION_REPLACE], +[dnl { +sed -e '/^$1 ()$/,/^} # $1 /c\ +$1 ()\ +{\ +m4_bpatsubsts([$2], [$], [\\], [^\([ ]\)], [\\\1]) +} # Extended-shell $1 implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: +]) + + +# _LT_PROG_REPLACE_SHELLFNS +# ------------------------- +# Replace existing portable implementations of several shell functions with +# equivalent extended shell implementations where those features are available.. +m4_defun([_LT_PROG_REPLACE_SHELLFNS], +[if test x"$xsi_shell" = xyes; then + _LT_PROG_FUNCTION_REPLACE([func_dirname], [dnl + case ${1} in + */*) func_dirname_result="${1%/*}${2}" ;; + * ) func_dirname_result="${3}" ;; + esac]) + + _LT_PROG_FUNCTION_REPLACE([func_basename], [dnl + func_basename_result="${1##*/}"]) + + _LT_PROG_FUNCTION_REPLACE([func_dirname_and_basename], [dnl + case ${1} in + */*) func_dirname_result="${1%/*}${2}" ;; + * ) func_dirname_result="${3}" ;; + esac + func_basename_result="${1##*/}"]) + + _LT_PROG_FUNCTION_REPLACE([func_stripname], [dnl + # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are + # positional parameters, so assign one to ordinary parameter first. + func_stripname_result=${3} + func_stripname_result=${func_stripname_result#"${1}"} + func_stripname_result=${func_stripname_result%"${2}"}]) + + _LT_PROG_FUNCTION_REPLACE([func_split_long_opt], [dnl + func_split_long_opt_name=${1%%=*} + func_split_long_opt_arg=${1#*=}]) + + _LT_PROG_FUNCTION_REPLACE([func_split_short_opt], [dnl + func_split_short_opt_arg=${1#??} + func_split_short_opt_name=${1%"$func_split_short_opt_arg"}]) + + _LT_PROG_FUNCTION_REPLACE([func_lo2o], [dnl + case ${1} in + *.lo) func_lo2o_result=${1%.lo}.${objext} ;; + *) func_lo2o_result=${1} ;; + esac]) + + _LT_PROG_FUNCTION_REPLACE([func_xform], [ func_xform_result=${1%.*}.lo]) + + _LT_PROG_FUNCTION_REPLACE([func_arith], [ func_arith_result=$(( $[*] ))]) + + _LT_PROG_FUNCTION_REPLACE([func_len], [ func_len_result=${#1}]) +fi + +if test x"$lt_shell_append" = xyes; then + _LT_PROG_FUNCTION_REPLACE([func_append], [ eval "${1}+=\\${2}"]) + + _LT_PROG_FUNCTION_REPLACE([func_append_quoted], [dnl + func_quote_for_eval "${2}" +dnl m4 expansion turns \\\\ into \\, and then the shell eval turns that into \ + eval "${1}+=\\\\ \\$func_quote_for_eval_result"]) + + # Save a `func_append' function call where possible by direct use of '+=' + sed -e 's%func_append \([[a-zA-Z_]]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +else + # Save a `func_append' function call even when '+=' is not available + sed -e 's%func_append \([[a-zA-Z_]]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +fi + +if test x"$_lt_function_replace_fail" = x":"; then + AC_MSG_WARN([Unable to substitute extended shell functions in $ofile]) +fi +]) + +# _LT_PATH_CONVERSION_FUNCTIONS +# ----------------------------- +# Determine which file name conversion functions should be used by +# func_to_host_file (and, implicitly, by func_to_host_path). These are needed +# for certain cross-compile configurations and native mingw. +m4_defun([_LT_PATH_CONVERSION_FUNCTIONS], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +AC_REQUIRE([AC_CANONICAL_BUILD])dnl +AC_MSG_CHECKING([how to convert $build file names to $host format]) +AC_CACHE_VAL(lt_cv_to_host_file_cmd, +[case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32 + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32 + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32 + ;; + esac + ;; + *-*-cygwin* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin + ;; + esac + ;; + * ) # unhandled hosts (and "normal" native builds) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; +esac +]) +to_host_file_cmd=$lt_cv_to_host_file_cmd +AC_MSG_RESULT([$lt_cv_to_host_file_cmd]) +_LT_DECL([to_host_file_cmd], [lt_cv_to_host_file_cmd], + [0], [convert $build file names to $host format])dnl + +AC_MSG_CHECKING([how to convert $build file names to toolchain format]) +AC_CACHE_VAL(lt_cv_to_tool_file_cmd, +[#assume ordinary cross tools, or native build. +lt_cv_to_tool_file_cmd=func_convert_file_noop +case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32 + ;; + esac + ;; +esac +]) +to_tool_file_cmd=$lt_cv_to_tool_file_cmd +AC_MSG_RESULT([$lt_cv_to_tool_file_cmd]) +_LT_DECL([to_tool_file_cmd], [lt_cv_to_tool_file_cmd], + [0], [convert $build files to toolchain format])dnl +])# _LT_PATH_CONVERSION_FUNCTIONS diff --git a/cf/ltoptions.m4 b/cf/ltoptions.m4 new file mode 100644 index 000000000000..17cfd51c0b34 --- /dev/null +++ b/cf/ltoptions.m4 @@ -0,0 +1,369 @@ +# Helper functions for option handling. -*- Autoconf -*- +# +# Copyright (C) 2004, 2005, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# Written by Gary V. Vaughan, 2004 +# +# This file is free software; the Free Software Foundation gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. + +# serial 7 ltoptions.m4 + +# This is to help aclocal find these macros, as it can't see m4_define. +AC_DEFUN([LTOPTIONS_VERSION], [m4_if([1])]) + + +# _LT_MANGLE_OPTION(MACRO-NAME, OPTION-NAME) +# ------------------------------------------ +m4_define([_LT_MANGLE_OPTION], +[[_LT_OPTION_]m4_bpatsubst($1__$2, [[^a-zA-Z0-9_]], [_])]) + + +# _LT_SET_OPTION(MACRO-NAME, OPTION-NAME) +# --------------------------------------- +# Set option OPTION-NAME for macro MACRO-NAME, and if there is a +# matching handler defined, dispatch to it. Other OPTION-NAMEs are +# saved as a flag. +m4_define([_LT_SET_OPTION], +[m4_define(_LT_MANGLE_OPTION([$1], [$2]))dnl +m4_ifdef(_LT_MANGLE_DEFUN([$1], [$2]), + _LT_MANGLE_DEFUN([$1], [$2]), + [m4_warning([Unknown $1 option `$2'])])[]dnl +]) + + +# _LT_IF_OPTION(MACRO-NAME, OPTION-NAME, IF-SET, [IF-NOT-SET]) +# ------------------------------------------------------------ +# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. +m4_define([_LT_IF_OPTION], +[m4_ifdef(_LT_MANGLE_OPTION([$1], [$2]), [$3], [$4])]) + + +# _LT_UNLESS_OPTIONS(MACRO-NAME, OPTION-LIST, IF-NOT-SET) +# ------------------------------------------------------- +# Execute IF-NOT-SET unless all options in OPTION-LIST for MACRO-NAME +# are set. +m4_define([_LT_UNLESS_OPTIONS], +[m4_foreach([_LT_Option], m4_split(m4_normalize([$2])), + [m4_ifdef(_LT_MANGLE_OPTION([$1], _LT_Option), + [m4_define([$0_found])])])[]dnl +m4_ifdef([$0_found], [m4_undefine([$0_found])], [$3 +])[]dnl +]) + + +# _LT_SET_OPTIONS(MACRO-NAME, OPTION-LIST) +# ---------------------------------------- +# OPTION-LIST is a space-separated list of Libtool options associated +# with MACRO-NAME. If any OPTION has a matching handler declared with +# LT_OPTION_DEFINE, dispatch to that macro; otherwise complain about +# the unknown option and exit. +m4_defun([_LT_SET_OPTIONS], +[# Set options +m4_foreach([_LT_Option], m4_split(m4_normalize([$2])), + [_LT_SET_OPTION([$1], _LT_Option)]) + +m4_if([$1],[LT_INIT],[ + dnl + dnl Simply set some default values (i.e off) if boolean options were not + dnl specified: + _LT_UNLESS_OPTIONS([LT_INIT], [dlopen], [enable_dlopen=no + ]) + _LT_UNLESS_OPTIONS([LT_INIT], [win32-dll], [enable_win32_dll=no + ]) + dnl + dnl If no reference was made to various pairs of opposing options, then + dnl we run the default mode handler for the pair. For example, if neither + dnl `shared' nor `disable-shared' was passed, we enable building of shared + dnl archives by default: + _LT_UNLESS_OPTIONS([LT_INIT], [shared disable-shared], [_LT_ENABLE_SHARED]) + _LT_UNLESS_OPTIONS([LT_INIT], [static disable-static], [_LT_ENABLE_STATIC]) + _LT_UNLESS_OPTIONS([LT_INIT], [pic-only no-pic], [_LT_WITH_PIC]) + _LT_UNLESS_OPTIONS([LT_INIT], [fast-install disable-fast-install], + [_LT_ENABLE_FAST_INSTALL]) + ]) +])# _LT_SET_OPTIONS + + +## --------------------------------- ## +## Macros to handle LT_INIT options. ## +## --------------------------------- ## + +# _LT_MANGLE_DEFUN(MACRO-NAME, OPTION-NAME) +# ----------------------------------------- +m4_define([_LT_MANGLE_DEFUN], +[[_LT_OPTION_DEFUN_]m4_bpatsubst(m4_toupper([$1__$2]), [[^A-Z0-9_]], [_])]) + + +# LT_OPTION_DEFINE(MACRO-NAME, OPTION-NAME, CODE) +# ----------------------------------------------- +m4_define([LT_OPTION_DEFINE], +[m4_define(_LT_MANGLE_DEFUN([$1], [$2]), [$3])[]dnl +])# LT_OPTION_DEFINE + + +# dlopen +# ------ +LT_OPTION_DEFINE([LT_INIT], [dlopen], [enable_dlopen=yes +]) + +AU_DEFUN([AC_LIBTOOL_DLOPEN], +[_LT_SET_OPTION([LT_INIT], [dlopen]) +AC_DIAGNOSE([obsolete], +[$0: Remove this warning and the call to _LT_SET_OPTION when you +put the `dlopen' option into LT_INIT's first parameter.]) +]) + +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_DLOPEN], []) + + +# win32-dll +# --------- +# Declare package support for building win32 dll's. +LT_OPTION_DEFINE([LT_INIT], [win32-dll], +[enable_win32_dll=yes + +case $host in +*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*) + AC_CHECK_TOOL(AS, as, false) + AC_CHECK_TOOL(DLLTOOL, dlltool, false) + AC_CHECK_TOOL(OBJDUMP, objdump, false) + ;; +esac + +test -z "$AS" && AS=as +_LT_DECL([], [AS], [1], [Assembler program])dnl + +test -z "$DLLTOOL" && DLLTOOL=dlltool +_LT_DECL([], [DLLTOOL], [1], [DLL creation program])dnl + +test -z "$OBJDUMP" && OBJDUMP=objdump +_LT_DECL([], [OBJDUMP], [1], [Object dumper program])dnl +])# win32-dll + +AU_DEFUN([AC_LIBTOOL_WIN32_DLL], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +_LT_SET_OPTION([LT_INIT], [win32-dll]) +AC_DIAGNOSE([obsolete], +[$0: Remove this warning and the call to _LT_SET_OPTION when you +put the `win32-dll' option into LT_INIT's first parameter.]) +]) + +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_WIN32_DLL], []) + + +# _LT_ENABLE_SHARED([DEFAULT]) +# ---------------------------- +# implement the --enable-shared flag, and supports the `shared' and +# `disable-shared' LT_INIT options. +# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. +m4_define([_LT_ENABLE_SHARED], +[m4_define([_LT_ENABLE_SHARED_DEFAULT], [m4_if($1, no, no, yes)])dnl +AC_ARG_ENABLE([shared], + [AS_HELP_STRING([--enable-shared@<:@=PKGS@:>@], + [build shared libraries @<:@default=]_LT_ENABLE_SHARED_DEFAULT[@:>@])], + [p=${PACKAGE-default} + case $enableval in + yes) enable_shared=yes ;; + no) enable_shared=no ;; + *) + enable_shared=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_shared=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac], + [enable_shared=]_LT_ENABLE_SHARED_DEFAULT) + + _LT_DECL([build_libtool_libs], [enable_shared], [0], + [Whether or not to build shared libraries]) +])# _LT_ENABLE_SHARED + +LT_OPTION_DEFINE([LT_INIT], [shared], [_LT_ENABLE_SHARED([yes])]) +LT_OPTION_DEFINE([LT_INIT], [disable-shared], [_LT_ENABLE_SHARED([no])]) + +# Old names: +AC_DEFUN([AC_ENABLE_SHARED], +[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[shared]) +]) + +AC_DEFUN([AC_DISABLE_SHARED], +[_LT_SET_OPTION([LT_INIT], [disable-shared]) +]) + +AU_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)]) +AU_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)]) + +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AM_ENABLE_SHARED], []) +dnl AC_DEFUN([AM_DISABLE_SHARED], []) + + + +# _LT_ENABLE_STATIC([DEFAULT]) +# ---------------------------- +# implement the --enable-static flag, and support the `static' and +# `disable-static' LT_INIT options. +# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. +m4_define([_LT_ENABLE_STATIC], +[m4_define([_LT_ENABLE_STATIC_DEFAULT], [m4_if($1, no, no, yes)])dnl +AC_ARG_ENABLE([static], + [AS_HELP_STRING([--enable-static@<:@=PKGS@:>@], + [build static libraries @<:@default=]_LT_ENABLE_STATIC_DEFAULT[@:>@])], + [p=${PACKAGE-default} + case $enableval in + yes) enable_static=yes ;; + no) enable_static=no ;; + *) + enable_static=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_static=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac], + [enable_static=]_LT_ENABLE_STATIC_DEFAULT) + + _LT_DECL([build_old_libs], [enable_static], [0], + [Whether or not to build static libraries]) +])# _LT_ENABLE_STATIC + +LT_OPTION_DEFINE([LT_INIT], [static], [_LT_ENABLE_STATIC([yes])]) +LT_OPTION_DEFINE([LT_INIT], [disable-static], [_LT_ENABLE_STATIC([no])]) + +# Old names: +AC_DEFUN([AC_ENABLE_STATIC], +[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[static]) +]) + +AC_DEFUN([AC_DISABLE_STATIC], +[_LT_SET_OPTION([LT_INIT], [disable-static]) +]) + +AU_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)]) +AU_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)]) + +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AM_ENABLE_STATIC], []) +dnl AC_DEFUN([AM_DISABLE_STATIC], []) + + + +# _LT_ENABLE_FAST_INSTALL([DEFAULT]) +# ---------------------------------- +# implement the --enable-fast-install flag, and support the `fast-install' +# and `disable-fast-install' LT_INIT options. +# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. +m4_define([_LT_ENABLE_FAST_INSTALL], +[m4_define([_LT_ENABLE_FAST_INSTALL_DEFAULT], [m4_if($1, no, no, yes)])dnl +AC_ARG_ENABLE([fast-install], + [AS_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@], + [optimize for fast installation @<:@default=]_LT_ENABLE_FAST_INSTALL_DEFAULT[@:>@])], + [p=${PACKAGE-default} + case $enableval in + yes) enable_fast_install=yes ;; + no) enable_fast_install=no ;; + *) + enable_fast_install=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_fast_install=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac], + [enable_fast_install=]_LT_ENABLE_FAST_INSTALL_DEFAULT) + +_LT_DECL([fast_install], [enable_fast_install], [0], + [Whether or not to optimize for fast installation])dnl +])# _LT_ENABLE_FAST_INSTALL + +LT_OPTION_DEFINE([LT_INIT], [fast-install], [_LT_ENABLE_FAST_INSTALL([yes])]) +LT_OPTION_DEFINE([LT_INIT], [disable-fast-install], [_LT_ENABLE_FAST_INSTALL([no])]) + +# Old names: +AU_DEFUN([AC_ENABLE_FAST_INSTALL], +[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[fast-install]) +AC_DIAGNOSE([obsolete], +[$0: Remove this warning and the call to _LT_SET_OPTION when you put +the `fast-install' option into LT_INIT's first parameter.]) +]) + +AU_DEFUN([AC_DISABLE_FAST_INSTALL], +[_LT_SET_OPTION([LT_INIT], [disable-fast-install]) +AC_DIAGNOSE([obsolete], +[$0: Remove this warning and the call to _LT_SET_OPTION when you put +the `disable-fast-install' option into LT_INIT's first parameter.]) +]) + +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_ENABLE_FAST_INSTALL], []) +dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], []) + + +# _LT_WITH_PIC([MODE]) +# -------------------- +# implement the --with-pic flag, and support the `pic-only' and `no-pic' +# LT_INIT options. +# MODE is either `yes' or `no'. If omitted, it defaults to `both'. +m4_define([_LT_WITH_PIC], +[AC_ARG_WITH([pic], + [AS_HELP_STRING([--with-pic], + [try to use only PIC/non-PIC objects @<:@default=use both@:>@])], + [pic_mode="$withval"], + [pic_mode=default]) + +test -z "$pic_mode" && pic_mode=m4_default([$1], [default]) + +_LT_DECL([], [pic_mode], [0], [What type of objects to build])dnl +])# _LT_WITH_PIC + +LT_OPTION_DEFINE([LT_INIT], [pic-only], [_LT_WITH_PIC([yes])]) +LT_OPTION_DEFINE([LT_INIT], [no-pic], [_LT_WITH_PIC([no])]) + +# Old name: +AU_DEFUN([AC_LIBTOOL_PICMODE], +[_LT_SET_OPTION([LT_INIT], [pic-only]) +AC_DIAGNOSE([obsolete], +[$0: Remove this warning and the call to _LT_SET_OPTION when you +put the `pic-only' option into LT_INIT's first parameter.]) +]) + +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_PICMODE], []) + +## ----------------- ## +## LTDL_INIT Options ## +## ----------------- ## + +m4_define([_LTDL_MODE], []) +LT_OPTION_DEFINE([LTDL_INIT], [nonrecursive], + [m4_define([_LTDL_MODE], [nonrecursive])]) +LT_OPTION_DEFINE([LTDL_INIT], [recursive], + [m4_define([_LTDL_MODE], [recursive])]) +LT_OPTION_DEFINE([LTDL_INIT], [subproject], + [m4_define([_LTDL_MODE], [subproject])]) + +m4_define([_LTDL_TYPE], []) +LT_OPTION_DEFINE([LTDL_INIT], [installable], + [m4_define([_LTDL_TYPE], [installable])]) +LT_OPTION_DEFINE([LTDL_INIT], [convenience], + [m4_define([_LTDL_TYPE], [convenience])]) diff --git a/cf/ltsugar.m4 b/cf/ltsugar.m4 new file mode 100644 index 000000000000..9000a057d31d --- /dev/null +++ b/cf/ltsugar.m4 @@ -0,0 +1,123 @@ +# ltsugar.m4 -- libtool m4 base layer. -*-Autoconf-*- +# +# Copyright (C) 2004, 2005, 2007, 2008 Free Software Foundation, Inc. +# Written by Gary V. Vaughan, 2004 +# +# This file is free software; the Free Software Foundation gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. + +# serial 6 ltsugar.m4 + +# This is to help aclocal find these macros, as it can't see m4_define. +AC_DEFUN([LTSUGAR_VERSION], [m4_if([0.1])]) + + +# lt_join(SEP, ARG1, [ARG2...]) +# ----------------------------- +# Produce ARG1SEPARG2...SEPARGn, omitting [] arguments and their +# associated separator. +# Needed until we can rely on m4_join from Autoconf 2.62, since all earlier +# versions in m4sugar had bugs. +m4_define([lt_join], +[m4_if([$#], [1], [], + [$#], [2], [[$2]], + [m4_if([$2], [], [], [[$2]_])$0([$1], m4_shift(m4_shift($@)))])]) +m4_define([_lt_join], +[m4_if([$#$2], [2], [], + [m4_if([$2], [], [], [[$1$2]])$0([$1], m4_shift(m4_shift($@)))])]) + + +# lt_car(LIST) +# lt_cdr(LIST) +# ------------ +# Manipulate m4 lists. +# These macros are necessary as long as will still need to support +# Autoconf-2.59 which quotes differently. +m4_define([lt_car], [[$1]]) +m4_define([lt_cdr], +[m4_if([$#], 0, [m4_fatal([$0: cannot be called without arguments])], + [$#], 1, [], + [m4_dquote(m4_shift($@))])]) +m4_define([lt_unquote], $1) + + +# lt_append(MACRO-NAME, STRING, [SEPARATOR]) +# ------------------------------------------ +# Redefine MACRO-NAME to hold its former content plus `SEPARATOR'`STRING'. +# Note that neither SEPARATOR nor STRING are expanded; they are appended +# to MACRO-NAME as is (leaving the expansion for when MACRO-NAME is invoked). +# No SEPARATOR is output if MACRO-NAME was previously undefined (different +# than defined and empty). +# +# This macro is needed until we can rely on Autoconf 2.62, since earlier +# versions of m4sugar mistakenly expanded SEPARATOR but not STRING. +m4_define([lt_append], +[m4_define([$1], + m4_ifdef([$1], [m4_defn([$1])[$3]])[$2])]) + + + +# lt_combine(SEP, PREFIX-LIST, INFIX, SUFFIX1, [SUFFIX2...]) +# ---------------------------------------------------------- +# Produce a SEP delimited list of all paired combinations of elements of +# PREFIX-LIST with SUFFIX1 through SUFFIXn. Each element of the list +# has the form PREFIXmINFIXSUFFIXn. +# Needed until we can rely on m4_combine added in Autoconf 2.62. +m4_define([lt_combine], +[m4_if(m4_eval([$# > 3]), [1], + [m4_pushdef([_Lt_sep], [m4_define([_Lt_sep], m4_defn([lt_car]))])]]dnl +[[m4_foreach([_Lt_prefix], [$2], + [m4_foreach([_Lt_suffix], + ]m4_dquote(m4_dquote(m4_shift(m4_shift(m4_shift($@)))))[, + [_Lt_sep([$1])[]m4_defn([_Lt_prefix])[$3]m4_defn([_Lt_suffix])])])])]) + + +# lt_if_append_uniq(MACRO-NAME, VARNAME, [SEPARATOR], [UNIQ], [NOT-UNIQ]) +# ----------------------------------------------------------------------- +# Iff MACRO-NAME does not yet contain VARNAME, then append it (delimited +# by SEPARATOR if supplied) and expand UNIQ, else NOT-UNIQ. +m4_define([lt_if_append_uniq], +[m4_ifdef([$1], + [m4_if(m4_index([$3]m4_defn([$1])[$3], [$3$2$3]), [-1], + [lt_append([$1], [$2], [$3])$4], + [$5])], + [lt_append([$1], [$2], [$3])$4])]) + + +# lt_dict_add(DICT, KEY, VALUE) +# ----------------------------- +m4_define([lt_dict_add], +[m4_define([$1($2)], [$3])]) + + +# lt_dict_add_subkey(DICT, KEY, SUBKEY, VALUE) +# -------------------------------------------- +m4_define([lt_dict_add_subkey], +[m4_define([$1($2:$3)], [$4])]) + + +# lt_dict_fetch(DICT, KEY, [SUBKEY]) +# ---------------------------------- +m4_define([lt_dict_fetch], +[m4_ifval([$3], + m4_ifdef([$1($2:$3)], [m4_defn([$1($2:$3)])]), + m4_ifdef([$1($2)], [m4_defn([$1($2)])]))]) + + +# lt_if_dict_fetch(DICT, KEY, [SUBKEY], VALUE, IF-TRUE, [IF-FALSE]) +# ----------------------------------------------------------------- +m4_define([lt_if_dict_fetch], +[m4_if(lt_dict_fetch([$1], [$2], [$3]), [$4], + [$5], + [$6])]) + + +# lt_dict_filter(DICT, [SUBKEY], VALUE, [SEPARATOR], KEY, [...]) +# -------------------------------------------------------------- +m4_define([lt_dict_filter], +[m4_if([$5], [], [], + [lt_join(m4_quote(m4_default([$4], [[, ]])), + lt_unquote(m4_split(m4_normalize(m4_foreach(_Lt_key, lt_car([m4_shiftn(4, $@)]), + [lt_if_dict_fetch([$1], _Lt_key, [$2], [$3], [_Lt_key ])])))))])[]dnl +]) diff --git a/cf/ltversion.m4 b/cf/ltversion.m4 new file mode 100644 index 000000000000..9c7b5d411858 --- /dev/null +++ b/cf/ltversion.m4 @@ -0,0 +1,23 @@ +# ltversion.m4 -- version numbers -*- Autoconf -*- +# +# Copyright (C) 2004 Free Software Foundation, Inc. +# Written by Scott James Remnant, 2004 +# +# This file is free software; the Free Software Foundation gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. + +# @configure_input@ + +# serial 3293 ltversion.m4 +# This file is part of GNU Libtool + +m4_define([LT_PACKAGE_VERSION], [2.4]) +m4_define([LT_PACKAGE_REVISION], [1.3293]) + +AC_DEFUN([LTVERSION_VERSION], +[macro_version='2.4' +macro_revision='1.3293' +_LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?]) +_LT_DECL(, macro_revision, 0) +]) diff --git a/cf/lt~obsolete.m4 b/cf/lt~obsolete.m4 new file mode 100644 index 000000000000..c573da90c5cc --- /dev/null +++ b/cf/lt~obsolete.m4 @@ -0,0 +1,98 @@ +# lt~obsolete.m4 -- aclocal satisfying obsolete definitions. -*-Autoconf-*- +# +# Copyright (C) 2004, 2005, 2007, 2009 Free Software Foundation, Inc. +# Written by Scott James Remnant, 2004. +# +# This file is free software; the Free Software Foundation gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. + +# serial 5 lt~obsolete.m4 + +# These exist entirely to fool aclocal when bootstrapping libtool. +# +# In the past libtool.m4 has provided macros via AC_DEFUN (or AU_DEFUN) +# which have later been changed to m4_define as they aren't part of the +# exported API, or moved to Autoconf or Automake where they belong. +# +# The trouble is, aclocal is a bit thick. It'll see the old AC_DEFUN +# in /usr/share/aclocal/libtool.m4 and remember it, then when it sees us +# using a macro with the same name in our local m4/libtool.m4 it'll +# pull the old libtool.m4 in (it doesn't see our shiny new m4_define +# and doesn't know about Autoconf macros at all.) +# +# So we provide this file, which has a silly filename so it's always +# included after everything else. This provides aclocal with the +# AC_DEFUNs it wants, but when m4 processes it, it doesn't do anything +# because those macros already exist, or will be overwritten later. +# We use AC_DEFUN over AU_DEFUN for compatibility with aclocal-1.6. +# +# Anytime we withdraw an AC_DEFUN or AU_DEFUN, remember to add it here. +# Yes, that means every name once taken will need to remain here until +# we give up compatibility with versions before 1.7, at which point +# we need to keep only those names which we still refer to. + +# This is to help aclocal find these macros, as it can't see m4_define. +AC_DEFUN([LTOBSOLETE_VERSION], [m4_if([1])]) + +m4_ifndef([AC_LIBTOOL_LINKER_OPTION], [AC_DEFUN([AC_LIBTOOL_LINKER_OPTION])]) +m4_ifndef([AC_PROG_EGREP], [AC_DEFUN([AC_PROG_EGREP])]) +m4_ifndef([_LT_AC_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH])]) +m4_ifndef([_LT_AC_SHELL_INIT], [AC_DEFUN([_LT_AC_SHELL_INIT])]) +m4_ifndef([_LT_AC_SYS_LIBPATH_AIX], [AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX])]) +m4_ifndef([_LT_PROG_LTMAIN], [AC_DEFUN([_LT_PROG_LTMAIN])]) +m4_ifndef([_LT_AC_TAGVAR], [AC_DEFUN([_LT_AC_TAGVAR])]) +m4_ifndef([AC_LTDL_ENABLE_INSTALL], [AC_DEFUN([AC_LTDL_ENABLE_INSTALL])]) +m4_ifndef([AC_LTDL_PREOPEN], [AC_DEFUN([AC_LTDL_PREOPEN])]) +m4_ifndef([_LT_AC_SYS_COMPILER], [AC_DEFUN([_LT_AC_SYS_COMPILER])]) +m4_ifndef([_LT_AC_LOCK], [AC_DEFUN([_LT_AC_LOCK])]) +m4_ifndef([AC_LIBTOOL_SYS_OLD_ARCHIVE], [AC_DEFUN([AC_LIBTOOL_SYS_OLD_ARCHIVE])]) +m4_ifndef([_LT_AC_TRY_DLOPEN_SELF], [AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF])]) +m4_ifndef([AC_LIBTOOL_PROG_CC_C_O], [AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O])]) +m4_ifndef([AC_LIBTOOL_SYS_HARD_LINK_LOCKS], [AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS])]) +m4_ifndef([AC_LIBTOOL_OBJDIR], [AC_DEFUN([AC_LIBTOOL_OBJDIR])]) +m4_ifndef([AC_LTDL_OBJDIR], [AC_DEFUN([AC_LTDL_OBJDIR])]) +m4_ifndef([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH], [AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH])]) +m4_ifndef([AC_LIBTOOL_SYS_LIB_STRIP], [AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP])]) +m4_ifndef([AC_PATH_MAGIC], [AC_DEFUN([AC_PATH_MAGIC])]) +m4_ifndef([AC_PROG_LD_GNU], [AC_DEFUN([AC_PROG_LD_GNU])]) +m4_ifndef([AC_PROG_LD_RELOAD_FLAG], [AC_DEFUN([AC_PROG_LD_RELOAD_FLAG])]) +m4_ifndef([AC_DEPLIBS_CHECK_METHOD], [AC_DEFUN([AC_DEPLIBS_CHECK_METHOD])]) +m4_ifndef([AC_LIBTOOL_PROG_COMPILER_NO_RTTI], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI])]) +m4_ifndef([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE], [AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE])]) +m4_ifndef([AC_LIBTOOL_PROG_COMPILER_PIC], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC])]) +m4_ifndef([AC_LIBTOOL_PROG_LD_SHLIBS], [AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS])]) +m4_ifndef([AC_LIBTOOL_POSTDEP_PREDEP], [AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP])]) +m4_ifndef([LT_AC_PROG_EGREP], [AC_DEFUN([LT_AC_PROG_EGREP])]) +m4_ifndef([LT_AC_PROG_SED], [AC_DEFUN([LT_AC_PROG_SED])]) +m4_ifndef([_LT_CC_BASENAME], [AC_DEFUN([_LT_CC_BASENAME])]) +m4_ifndef([_LT_COMPILER_BOILERPLATE], [AC_DEFUN([_LT_COMPILER_BOILERPLATE])]) +m4_ifndef([_LT_LINKER_BOILERPLATE], [AC_DEFUN([_LT_LINKER_BOILERPLATE])]) +m4_ifndef([_AC_PROG_LIBTOOL], [AC_DEFUN([_AC_PROG_LIBTOOL])]) +m4_ifndef([AC_LIBTOOL_SETUP], [AC_DEFUN([AC_LIBTOOL_SETUP])]) +m4_ifndef([_LT_AC_CHECK_DLFCN], [AC_DEFUN([_LT_AC_CHECK_DLFCN])]) +m4_ifndef([AC_LIBTOOL_SYS_DYNAMIC_LINKER], [AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER])]) +m4_ifndef([_LT_AC_TAGCONFIG], [AC_DEFUN([_LT_AC_TAGCONFIG])]) +m4_ifndef([AC_DISABLE_FAST_INSTALL], [AC_DEFUN([AC_DISABLE_FAST_INSTALL])]) +m4_ifndef([_LT_AC_LANG_CXX], [AC_DEFUN([_LT_AC_LANG_CXX])]) +m4_ifndef([_LT_AC_LANG_F77], [AC_DEFUN([_LT_AC_LANG_F77])]) +m4_ifndef([_LT_AC_LANG_GCJ], [AC_DEFUN([_LT_AC_LANG_GCJ])]) +m4_ifndef([AC_LIBTOOL_LANG_C_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG])]) +m4_ifndef([_LT_AC_LANG_C_CONFIG], [AC_DEFUN([_LT_AC_LANG_C_CONFIG])]) +m4_ifndef([AC_LIBTOOL_LANG_CXX_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG])]) +m4_ifndef([_LT_AC_LANG_CXX_CONFIG], [AC_DEFUN([_LT_AC_LANG_CXX_CONFIG])]) +m4_ifndef([AC_LIBTOOL_LANG_F77_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_F77_CONFIG])]) +m4_ifndef([_LT_AC_LANG_F77_CONFIG], [AC_DEFUN([_LT_AC_LANG_F77_CONFIG])]) +m4_ifndef([AC_LIBTOOL_LANG_GCJ_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_GCJ_CONFIG])]) +m4_ifndef([_LT_AC_LANG_GCJ_CONFIG], [AC_DEFUN([_LT_AC_LANG_GCJ_CONFIG])]) +m4_ifndef([AC_LIBTOOL_LANG_RC_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_RC_CONFIG])]) +m4_ifndef([_LT_AC_LANG_RC_CONFIG], [AC_DEFUN([_LT_AC_LANG_RC_CONFIG])]) +m4_ifndef([AC_LIBTOOL_CONFIG], [AC_DEFUN([AC_LIBTOOL_CONFIG])]) +m4_ifndef([_LT_AC_FILE_LTDLL_C], [AC_DEFUN([_LT_AC_FILE_LTDLL_C])]) +m4_ifndef([_LT_REQUIRED_DARWIN_CHECKS], [AC_DEFUN([_LT_REQUIRED_DARWIN_CHECKS])]) +m4_ifndef([_LT_AC_PROG_CXXCPP], [AC_DEFUN([_LT_AC_PROG_CXXCPP])]) +m4_ifndef([_LT_PREPARE_SED_QUOTE_VARS], [AC_DEFUN([_LT_PREPARE_SED_QUOTE_VARS])]) +m4_ifndef([_LT_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_PROG_ECHO_BACKSLASH])]) +m4_ifndef([_LT_PROG_F77], [AC_DEFUN([_LT_PROG_F77])]) +m4_ifndef([_LT_PROG_FC], [AC_DEFUN([_LT_PROG_FC])]) +m4_ifndef([_LT_PROG_CXX], [AC_DEFUN([_LT_PROG_CXX])]) diff --git a/cf/make-proto.pl b/cf/make-proto.pl index f119b517e792..6894dc143e17 100644 --- a/cf/make-proto.pl +++ b/cf/make-proto.pl @@ -1,16 +1,19 @@ # Make prototypes from .c files -# $Id: make-proto.pl 14183 2004-09-03 08:50:57Z lha $ +# $Id$ ##use Getopt::Std; require 'getopts.pl'; -$brace = 0; -$line = ""; -$debug = 0; -$oproto = 1; -$private_func_re = "^_"; +my $comment = 0; +my $if_0 = 0; +my $brace = 0; +my $line = ""; +my $debug = 0; +my $oproto = 1; +my $private_func_re = "^_"; +my %depfunction = (); -do Getopts('x:m:o:p:dqE:R:P:') || die "foo"; +Getopts('x:m:o:p:dqE:R:P:') || die "foo"; if($opt_d) { $debug = 1; @@ -23,7 +26,7 @@ if($opt_q) { if($opt_R) { $private_func_re = $opt_R; } -%flags = ( +my %flags = ( 'multiline-proto' => 1, 'header' => 1, 'function-blocking' => 0, @@ -65,6 +68,14 @@ if($opt_x) { while(<>) { print $brace, " ", $_ if($debug); + + # Handle C comments + s@/\*.*\*/@@; + s@//.*/@@; + if ( s@/\*.*@@) { $comment = 1; + } elsif ($comment && s@.*\*/@@) { $comment = 0; + } elsif ($comment) { next; } + if(/^\#if 0/) { $if_0 = 1; } @@ -92,11 +103,19 @@ while(<>) { s/\s+/ /g; if($_ =~ /\)$/){ if(!/^static/ && !/^PRIVATE/){ - if(/(.*)(__attribute__\s?\(.*\))/) { - $attr = $2; + $attr = ""; + if(m/(.*)(__attribute__\s?\(.*\))/) { + $attr .= " $2"; $_ = $1; - } else { - $attr = ""; + } + if(m/(.*)\s(\w+DEPRECATED_FUNCTION)\s?(\(.*\))(.*)/) { + $depfunction{$2} = 1; + $attr .= " $2$3"; + $_ = "$1 $4"; + } + if(m/(.*)\s(\w+DEPRECATED)(.*)/) { + $attr .= " $2"; + $_ = "$1 $3"; } # remove outer () s/\s*\(/ 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) +#define $_(X) __attribute__((__deprecated__)) +#else +#define $_(X) +#endif +#endif + + +"; + $public_h_trailer .= "#undef $_ + +"; + $private_h_trailer .= "#undef $_ +#define $_(X) + +"; +} + +$public_h_header .= $depstr; +$private_h_header .= $depstr; + + if($flags{"cxx"}) { $public_h_header .= "#ifdef __cplusplus extern \"C\" { #endif "; - $public_h_trailer .= "#ifdef __cplusplus + $public_h_trailer = "#ifdef __cplusplus } #endif -"; +" . $public_h_trailer; } if ($opt_E) { $public_h_header .= "#ifndef $opt_E +#ifndef ${opt_E}_FUNCTION #if defined(_WIN32) -#define $opt_E _stdcall +#define ${opt_E}_FUNCTION __declspec(dllimport) +#define ${opt_E}_CALL __stdcall +#define ${opt_E}_VARIABLE __declspec(dllimport) #else -#define $opt_E +#define ${opt_E}_FUNCTION +#define ${opt_E}_CALL +#define ${opt_E}_VARIABLE +#endif #endif #endif - "; $private_h_header .= "#ifndef $opt_E +#ifndef ${opt_E}_FUNCTION #if defined(_WIN32) -#define $opt_E _stdcall +#define ${opt_E}_FUNCTION __declspec(dllimport) +#define ${opt_E}_CALL __stdcall +#define ${opt_E}_VARIABLE __declspec(dllimport) #else -#define $opt_E +#define ${opt_E}_FUNCTION +#define ${opt_E}_CALL +#define ${opt_E}_VARIABLE +#endif #endif #endif "; } +$public_h_trailer .= $undepstr; +$private_h_trailer .= $undepstr; + if ($public_h ne "" && $flags{"header"}) { $public_h = $public_h_header . $public_h . $public_h_trailer . "#endif /* $block */\n"; diff --git a/cf/mips-abi.m4 b/cf/mips-abi.m4 index 2af513e188df..20035beea86c 100644 --- a/cf/mips-abi.m4 +++ b/cf/mips-abi.m4 @@ -1,4 +1,4 @@ -dnl $Id: mips-abi.m4 14166 2004-08-26 12:35:42Z joda $ +dnl $Id$ dnl dnl dnl Check for MIPS/IRIX ABI flags. Sets $abi and $abilibdirext to some diff --git a/cf/misc.m4 b/cf/misc.m4 index 042f30a58d60..c6d8827aae59 100644 --- a/cf/misc.m4 +++ b/cf/misc.m4 @@ -1,5 +1,5 @@ -dnl $Id: misc.m4 11022 2002-05-24 15:35:32Z joda $ +dnl $Id$ dnl AC_DEFUN([upcase],[`echo $1 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`])dnl AC_DEFUN([rk_LIBOBJ],[AC_LIBOBJ([$1])])dnl diff --git a/cf/need-proto.m4 b/cf/need-proto.m4 index 978abb1afbaa..2f7a2216b297 100644 --- a/cf/need-proto.m4 +++ b/cf/need-proto.m4 @@ -1,4 +1,4 @@ -dnl $Id: need-proto.m4 14166 2004-08-26 12:35:42Z joda $ +dnl $Id$ dnl dnl dnl Check if we need the prototype for a function diff --git a/cf/osfc2.m4 b/cf/osfc2.m4 index 6366f7a4ed23..cb8768a0c1ee 100644 --- a/cf/osfc2.m4 +++ b/cf/osfc2.m4 @@ -1,4 +1,4 @@ -dnl $Id: osfc2.m4 14147 2004-08-25 14:14:01Z joda $ +dnl $Id$ dnl dnl enable OSF C2 stuff diff --git a/cf/otp.m4 b/cf/otp.m4 index fa6a530bcf34..d354515dcaad 100644 --- a/cf/otp.m4 +++ b/cf/otp.m4 @@ -1,4 +1,4 @@ -dnl $Id: otp.m4 14147 2004-08-25 14:14:01Z joda $ +dnl $Id$ dnl dnl check requirements for OTP library dnl diff --git a/cf/pkg.m4 b/cf/pkg.m4 new file mode 100644 index 000000000000..8cdc5e416612 --- /dev/null +++ b/cf/pkg.m4 @@ -0,0 +1,157 @@ +# pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*- +# +# Copyright © 2004 Scott James Remnant . +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# PKG_PROG_PKG_CONFIG([MIN-VERSION]) +# ---------------------------------- +AC_DEFUN([PKG_PROG_PKG_CONFIG], +[m4_pattern_forbid([^_?PKG_[A-Z_]+$]) +m4_pattern_allow([^PKG_CONFIG(_PATH)?$]) +AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility])dnl +if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then + AC_PATH_TOOL([PKG_CONFIG], [pkg-config]) +fi +if test -n "$PKG_CONFIG"; then + _pkg_min_version=m4_default([$1], [0.9.0]) + AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version]) + if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + PKG_CONFIG="" + fi + +fi[]dnl +])# PKG_PROG_PKG_CONFIG + +# PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) +# +# Check to see whether a particular set of modules exists. Similar +# to PKG_CHECK_MODULES(), but does not set variables or print errors. +# +# +# Similar to PKG_CHECK_MODULES, make sure that the first instance of +# this or PKG_CHECK_MODULES is called, or make sure to call +# PKG_CHECK_EXISTS manually +# -------------------------------------------------------------- +AC_DEFUN([PKG_CHECK_EXISTS], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl +if test -n "$PKG_CONFIG" && \ + AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then + m4_ifval([$2], [$2], [:]) +m4_ifvaln([$3], [else + $3])dnl +fi]) + + +# _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES]) +# --------------------------------------------- +m4_define([_PKG_CONFIG], +[if test -n "$PKG_CONFIG"; then + if test -n "$$1"; then + pkg_cv_[]$1="$$1" + else + PKG_CHECK_EXISTS([$3], + [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`], + [pkg_failed=yes]) + fi +else + pkg_failed=untried +fi[]dnl +])# _PKG_CONFIG + +# _PKG_SHORT_ERRORS_SUPPORTED +# ----------------------------- +AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG]) +if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then + _pkg_short_errors_supported=yes +else + _pkg_short_errors_supported=no +fi[]dnl +])# _PKG_SHORT_ERRORS_SUPPORTED + + +# PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], +# [ACTION-IF-NOT-FOUND]) +# +# +# Note that if there is a possibility the first call to +# PKG_CHECK_MODULES might not happen, you should be sure to include an +# explicit call to PKG_PROG_PKG_CONFIG in your configure.ac +# +# +# -------------------------------------------------------------- +AC_DEFUN([PKG_CHECK_MODULES], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl +AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl +AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl + +pkg_failed=no +AC_MSG_CHECKING([for $1]) + +_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2]) +_PKG_CONFIG([$1][_LIBS], [libs], [$2]) + +m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS +and $1[]_LIBS to avoid the need to call pkg-config. +See the pkg-config man page for more details.]) + +if test $pkg_failed = yes; then + _PKG_SHORT_ERRORS_SUPPORTED + if test $_pkg_short_errors_supported = yes; then + $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "$2"` + else + $1[]_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "$2"` + fi + # Put the nasty error message in config.log where it belongs + echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD + + ifelse([$4], , [AC_MSG_ERROR(dnl +[Package requirements ($2) were not met: + +$$1_PKG_ERRORS + +Consider adjusting the PKG_CONFIG_PATH environment variable if you +installed software in a non-standard prefix. + +_PKG_TEXT +])], + [AC_MSG_RESULT([no]) + $4]) +elif test $pkg_failed = untried; then + ifelse([$4], , [AC_MSG_FAILURE(dnl +[The pkg-config script could not be found or is too old. Make sure it +is in your PATH or set the PKG_CONFIG environment variable to the full +path to pkg-config. + +_PKG_TEXT + +To get pkg-config, see .])], + [$4]) +else + $1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS + $1[]_LIBS=$pkg_cv_[]$1[]_LIBS + AC_MSG_RESULT([yes]) + ifelse([$3], , :, [$3]) +fi[]dnl +])# PKG_CHECK_MODULES diff --git a/cf/proto-compat.m4 b/cf/proto-compat.m4 index 0da8b250e60f..7d0fd70d4552 100644 --- a/cf/proto-compat.m4 +++ b/cf/proto-compat.m4 @@ -1,4 +1,4 @@ -dnl $Id: proto-compat.m4 14166 2004-08-26 12:35:42Z joda $ +dnl $Id$ dnl dnl dnl Check if the prototype of a function is compatible with another one diff --git a/cf/pthreads.m4 b/cf/pthreads.m4 index fd2c81ba3f07..209e4f3deef1 100644 --- a/cf/pthreads.m4 +++ b/cf/pthreads.m4 @@ -1,4 +1,4 @@ -dnl $Id: pthreads.m4 20295 2007-04-11 11:08:08Z lha $ +Dnl $Id$ AC_DEFUN([KRB_PTHREADS], [ AC_MSG_CHECKING(if compiling threadsafe libraries) @@ -12,30 +12,47 @@ case "$host" in *-*-solaris2*) native_pthread_support=yes if test "$GCC" = yes; then - PTHREADS_CFLAGS=-pthreads - PTHREADS_LIBS=-pthreads + PTHREAD_CFLAGS=-pthreads + PTHREAD_LIBADD=-pthreads else - PTHREADS_CFLAGS=-mt - PTHREADS_LIBS=-mt + PTHREAD_CFLAGS=-mt + PTHREAD_LDADD=-mt + PTHREAD_LIBADD=-mt fi ;; -*-*-netbsd*) +*-*-netbsd[[12]]*) native_pthread_support="if running netbsd 1.6T or newer" dnl heim_threads.h knows this - PTHREADS_LIBS="" + PTHREAD_LIBADD="-lpthread" ;; -*-*-freebsd5*) +*-*-netbsd[[3456789]]*) + native_pthread_support="netbsd 3 uses explict pthread" + dnl heim_threads.h knows this + PTHREAD_LIBADD="-lpthread" + ;; +*-*-freebsd[[56789]]*) native_pthread_support=yes + PTHREAD_LIBADD="-pthread" + ;; +*-*-openbsd*) + native_pthread_support=yes + PTHREAD_CFLAGS=-pthread + PTHREAD_LIBADD=-pthread ;; *-*-linux* | *-*-linux-gnu) case `uname -r` in - 2.*) + 2.*|3.*) native_pthread_support=yes - PTHREADS_CFLAGS=-pthread - PTHREADS_LIBS=-pthread + PTHREAD_CFLAGS=-pthread + PTHREAD_LIBADD=-pthread ;; esac ;; +*-*-kfreebsd*-gnu*) + native_pthread_support=yes + PTHREAD_CFLAGS=-pthread + PTHREAD_LIBADD=-pthread + ;; *-*-aix*) dnl AIX is disabled since we don't handle the utmp/utmpx dnl problems that aix causes when compiling with pthread support @@ -43,7 +60,7 @@ case "$host" in ;; mips-sgi-irix6.[[5-9]]) # maybe works for earlier versions too native_pthread_support=yes - PTHREADS_LIBS="-lpthread" + PTHREAD_LIBADD="-lpthread" ;; *-*-darwin*) native_pthread_support=yes @@ -62,14 +79,15 @@ if test "$enable_pthread_support" != no; then [Define if you want have a thread safe libraries]) dnl This sucks, but libtool doesn't save the depenecy on -pthread dnl for libraries. - LIBS="$PTHREADS_LIBS $LIBS" + LIBS="$PTHREAD_LIBADD $LIBS" else - PTHREADS_CFLAGS="" - PTHREADS_LIBS="" + PTHREAD_CFLAGS="" + PTHREAD_LIBADD="" fi -AC_SUBST(PTHREADS_CFLAGS) -AC_SUBST(PTHREADS_LIBS) +AC_SUBST(PTHREAD_CFLAGS) +AC_SUBST(PTHREAD_LDADD) +AC_SUBST(PTHREAD_LIBADD) AC_MSG_RESULT($enable_pthread_support) ]) diff --git a/cf/resolv.m4 b/cf/resolv.m4 index 8bb5e4ecbb0f..49c868ab0ec6 100644 --- a/cf/resolv.m4 +++ b/cf/resolv.m4 @@ -1,11 +1,11 @@ dnl stuff used by DNS resolv code in roken dnl -dnl $Id: resolv.m4 16009 2005-09-02 10:17:38Z lha $ +dnl $Id$ dnl AC_DEFUN([rk_RESOLV],[ -AC_CHECK_HEADERS([arpa/nameser.h]) +AC_CHECK_HEADERS([arpa/nameser.h dns.h]) AC_CHECK_HEADERS(resolv.h, , , [AC_INCLUDES_DEFAULT #ifdef HAVE_SYS_TYPES_H @@ -73,6 +73,15 @@ AC_FIND_FUNC(res_ndestroy, resolv, ], [0]) +AC_FIND_FUNC_NO_LIBS(dns_search,, +[ +#ifdef HAVE_DNS_H +#include +#endif +], +[0,0,0,0,0,0,0,0]) + + AC_FIND_FUNC(dn_expand, resolv, [ #include diff --git a/cf/retsigtype.m4 b/cf/retsigtype.m4 index 2857bff1d965..5dfd820926b8 100644 --- a/cf/retsigtype.m4 +++ b/cf/retsigtype.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: retsigtype.m4 13338 2004-02-12 14:21:14Z lha $ +dnl $Id$ dnl dnl Figure out return type of signal handlers, and define SIGRETURN macro dnl that can be used to return from one @@ -9,7 +9,7 @@ AC_TYPE_SIGNAL if test "$ac_cv_type_signal" = "void" ; then AC_DEFINE(VOID_RETSIGTYPE, 1, [Define if signal handlers return void.]) fi -AC_SUBST(VOID_RETSIGTYPE) + AH_BOTTOM([#ifdef VOID_RETSIGTYPE #define SIGRETURN(x) return #else diff --git a/cf/roken-frag.m4 b/cf/roken-frag.m4 index eccbdbd4142f..7622cabc665b 100644 --- a/cf/roken-frag.m4 +++ b/cf/roken-frag.m4 @@ -1,4 +1,4 @@ -dnl $Id: roken-frag.m4 20639 2007-05-10 17:22:58Z lha $ +dnl $Id$ dnl dnl some code to get roken working dnl @@ -21,6 +21,8 @@ AC_REQUIRE([AC_PROG_LIBTOOL]) AC_REQUIRE([AC_MIPS_ABI]) +AC_DEFINE(rk_PATH_DELIM, '/', [Path name delimiter]) + dnl C characteristics AC_REQUIRE([AC_C___ATTRIBUTE__]) @@ -63,6 +65,7 @@ AC_CHECK_HEADERS([\ poll.h \ pwd.h \ rpcsvc/ypclnt.h \ + search.h \ shadow.h \ stdint.h \ sys/bswap.h \ @@ -80,6 +83,8 @@ AC_CHECK_HEADERS([\ sys/wait.h \ syslog.h \ termios.h \ + winsock2.h \ + ws2tcpip.h \ unistd.h \ userconf.h \ usersec.h \ @@ -145,6 +150,7 @@ AC_REQUIRE([CHECK_NETINET_IP_AND_TCP]) AM_CONDITIONAL(have_err_h, test "$ac_cv_header_err_h" = yes) AM_CONDITIONAL(have_ifaddrs_h, test "$ac_cv_header_ifaddrs_h" = yes) +AM_CONDITIONAL(have_search_h, test "$ac_cv_header_search_h" = yes) AM_CONDITIONAL(have_vis_h, test "$ac_cv_header_vis_h" = yes) dnl Check for functions and libraries @@ -186,12 +192,16 @@ AC_CHECK_FUNCS([ \ setprogname \ setstate \ strsvis \ + strsvisx \ strunvis \ strvis \ strvisx \ svis \ sysconf \ sysctl \ + tdelete \ + tfind \ + twalk \ uname \ unvis \ vasnprintf \ @@ -243,12 +253,18 @@ AC_FOREACH([rk_func], [asprintf vasprintf asnprintf vasnprintf], rk_func)]) AC_FIND_FUNC_NO_LIBS(bswap16,, -[#ifdef HAVE_SYS_BSWAP_H +[#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_SYS_BSWAP_H #include #endif],0) AC_FIND_FUNC_NO_LIBS(bswap32,, -[#ifdef HAVE_SYS_BSWAP_H +[#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_SYS_BSWAP_H #include #endif],0) @@ -260,28 +276,50 @@ AC_FIND_FUNC_NO_LIBS(pidfile,util, AC_FIND_IF_NOT_BROKEN(getaddrinfo,, [#ifdef HAVE_NETDB_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include #endif],[0,0,0,0]) AC_FIND_IF_NOT_BROKEN(getnameinfo,, [#ifdef HAVE_NETDB_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include #endif],[0,0,0,0,0,0,0]) AC_FIND_IF_NOT_BROKEN(freeaddrinfo,, [#ifdef HAVE_NETDB_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include #endif],[0]) AC_FIND_IF_NOT_BROKEN(gai_strerror,, [#ifdef HAVE_NETDB_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include #endif],[0]) +dnl Darwin is weird, and in some senses not unix, launchd doesn't want +dnl servers to use daemon(), so its deprecated. +case "$host_os" in + darwin*) + ;; + *) + AC_DEFINE([SUPPORT_DETACH], 1, + [Define if os support want to detach is daemonens.]) + AC_BROKEN([daemon]) ;; +esac + AC_BROKEN([ \ chown \ copyhostent \ closefrom \ - daemon \ ecalloc \ emalloc \ erealloc \ @@ -336,6 +374,7 @@ AC_BROKEN([ \ strtok_r \ strupr \ swab \ + tsearch \ timegm \ unsetenv \ verr \ @@ -354,11 +393,30 @@ AM_CONDITIONAL(have_fnmatch_h, AC_FOREACH([rk_func], [strndup strsep strtok_r], [AC_NEED_PROTO([#include ], rk_func)]) -AC_FOREACH([rk_func], [strsvis strunvis strvis strvisx svis unvis vis], +AC_FOREACH([rk_func], [strsvis strsvisx strunvis strvis strvisx svis unvis vis], [AC_NEED_PROTO([#ifdef HAVE_VIS_H #include #endif], rk_func)]) +AC_MSG_CHECKING([checking for dirfd]) +AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include +#ifdef HAVE_DIRENT_H +#include +#endif +]], + [[DIR *d = 0; dirfd(d);]])], + [ac_rk_have_dirfd=yes], [ac_rk_have_dirfd=no]) +if test "$ac_rk_have_dirfd" = "yes" ; then + AC_DEFINE_UNQUOTED(HAVE_DIRFD, 1, [have a dirfd function/macro]) +fi +AC_MSG_RESULT($ac_rk_have_dirfd) + +AC_HAVE_STRUCT_FIELD(DIR, dd_fd, [#include +#ifdef HAVE_DIRENT_H +#include +#endif]) + + AC_BROKEN2(inet_aton, [#ifdef HAVE_SYS_TYPES_H #include @@ -467,6 +525,19 @@ AC_REQUIRE([rk_BROKEN_REALLOC])dnl dnl AC_KRB_FUNC_GETCWD_BROKEN +dnl strerror_r is great fun, on linux it exists before sus catched up, +dnl so the return type is diffrent, lets check for both + +AC_PROTO_COMPAT([ +#include +#include +], +strerror_r, int strerror_r(int, char *, size_t)) + +AC_CHECK_FUNC([strerror_r], + [AC_DEFINE_UNQUOTED(HAVE_STRERROR_R, 1, + [Define if you have the function strerror_r.])]) + dnl dnl Checks for prototypes and declarations dnl @@ -563,16 +634,26 @@ rk_CHECK_VAR(h_errno, #endif #ifdef HAVE_NETDB_H #include -#endif]) +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif +]) rk_CHECK_VAR(h_errlist, [#ifdef HAVE_NETDB_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include #endif]) rk_CHECK_VAR(h_nerr, [#ifdef HAVE_NETDB_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include #endif]) rk_CHECK_VAR([__progname], @@ -580,7 +661,7 @@ rk_CHECK_VAR([__progname], #include #endif]) -AC_CHECK_DECLS([optarg, optind, opterr, optopt, environ],[],[][ +AC_CHECK_DECLS([optarg, optind, opterr, optopt, environ],[],[],[ #include #ifdef HAVE_UNISTD_H #include @@ -602,19 +683,44 @@ rk_CHECK_VAR(altzone,[#include ]) AC_HAVE_TYPE([sa_family_t],[ #include -#include ]) +#ifdef HAVE_SYS_SOCKET_H +#include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif]) AC_HAVE_TYPE([socklen_t],[ #include -#include ]) +#ifdef HAVE_SYS_SOCKET_H +#include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif]) AC_HAVE_TYPE([struct sockaddr], [ #include -#include ]) +#ifdef HAVE_SYS_SOCKET_H +#include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif]) AC_HAVE_TYPE([struct sockaddr_storage], [ #include -#include ]) +#ifdef HAVE_SYS_SOCKET_H +#include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif]) AC_HAVE_TYPE([struct addrinfo], [ #include -#include ]) +#ifdef HAVE_NETDB_H +#include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif]) AC_HAVE_TYPE([struct ifaddrs], [#include ]) AC_HAVE_TYPE([struct iovec],[ #include @@ -622,8 +728,12 @@ AC_HAVE_TYPE([struct iovec],[ ]) AC_HAVE_TYPE([struct msghdr],[ #include +#ifdef HAVE_SYS_SOCKET_H #include -]) +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif]) dnl dnl Check for struct winsize diff --git a/cf/roken.m4 b/cf/roken.m4 index 7d8a7e8d2442..d4feddaa2b97 100644 --- a/cf/roken.m4 +++ b/cf/roken.m4 @@ -1,4 +1,4 @@ -dnl $Id: roken.m4 14162 2004-08-26 11:27:32Z joda $ +dnl $Id$ dnl dnl try to look for an installed roken library with sufficient stuff dnl diff --git a/cf/socket-wrapper.m4 b/cf/socket-wrapper.m4 index a2b934bd0a15..2804d1f36d42 100644 --- a/cf/socket-wrapper.m4 +++ b/cf/socket-wrapper.m4 @@ -1,4 +1,4 @@ -dnl $Id: socket-wrapper.m4 18077 2006-09-12 17:33:07Z lha $ +dnl $Id$ dnl AC_DEFUN([samba_SOCKET_WRAPPER], [ diff --git a/cf/sunos.m4 b/cf/sunos.m4 index 18876f58e12c..d81be70d435e 100644 --- a/cf/sunos.m4 +++ b/cf/sunos.m4 @@ -1,17 +1,14 @@ dnl -dnl $Id: sunos.m4 14608 2005-03-01 22:17:44Z lha $ +dnl $Id$ dnl AC_DEFUN([rk_SUNOS],[ sunos=no case "$host" in -*-*-sunos4*) - sunos=40 - ;; *-*-solaris2.7) sunos=57 ;; -*-*-solaris2.[[89]] | *-*-solaris2.10) +*-*-solaris2.[[89]] | *-*-solaris2.1[[0-9]]) sunos=58 ;; *-*-solaris2*) diff --git a/cf/telnet.m4 b/cf/telnet.m4 index b2bef86e9e7d..c48e5f9b4204 100644 --- a/cf/telnet.m4 +++ b/cf/telnet.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: telnet.m4 15435 2005-06-16 19:45:52Z lha $ +dnl $Id$ dnl dnl stuff used by telnet @@ -57,9 +57,6 @@ case "$host" in esac AH_BOTTOM([ -#if defined(ENCRYPTION) && !defined(AUTHENTICATION) -#define AUTHENTICATION 1 -#endif /* Set this to the default system lead string for telnetd * can contain %-escapes: %s=sysname, %m=machine, %r=os-release diff --git a/cf/test-package.m4 b/cf/test-package.m4 index 8ef9ef738e44..8e694bbcbde1 100644 --- a/cf/test-package.m4 +++ b/cf/test-package.m4 @@ -1,7 +1,7 @@ -dnl $Id: test-package.m4 14166 2004-08-26 12:35:42Z joda $ +dnl $Id$ dnl dnl rk_TEST_PACKAGE(package,headers,libraries,extra libs, -dnl default locations, conditional, config-program) +dnl default locations, conditional, config-program, headers) AC_DEFUN([rk_TEST_PACKAGE],[ AC_ARG_WITH($1, @@ -91,6 +91,7 @@ if test "$with_$1" != no; then if test "$[]$1_cflags" -a "$[]$1_libs"; then CFLAGS="$[]$1_cflags $save_CFLAGS" LIBS="$[]$1_libs $save_LIBS" + m4_ifval([$8],[AC_CHECK_HEADERS([[$8]])]) AC_LINK_IFELSE([AC_LANG_PROGRAM([[$2]],[[]])],[ INCLUDE_$1="$[]$1_cflags" LIB_$1="$[]$1_libs" @@ -101,6 +102,7 @@ if test "$with_$1" != no; then ires= lres= for i in $header_dirs; do CFLAGS="-I$i $save_CFLAGS" + m4_ifval([$8],[AC_CHECK_HEADERS([[$8]])]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[$2]],[[]])],[ires=$i;break]) done for i in $lib_dirs; do diff --git a/cf/valgrind-suppressions b/cf/valgrind-suppressions index 1e32042f3c4f..ab5ba52885f5 100644 --- a/cf/valgrind-suppressions +++ b/cf/valgrind-suppressions @@ -1,4 +1,4 @@ -# $Id: valgrind-suppressions 21182 2007-06-20 02:57:13Z lha $ +# $Id$ { linux db init brokenness Memcheck:Param diff --git a/cf/vararray.m4 b/cf/vararray.m4 index 86f58d954f33..8511b16287b2 100644 --- a/cf/vararray.m4 +++ b/cf/vararray.m4 @@ -1,5 +1,5 @@ dnl -dnl $Id: vararray.m4 14166 2004-08-26 12:35:42Z joda $ +dnl $Id$ dnl dnl Test for variable size arrays. dnl diff --git a/cf/version-script.m4 b/cf/version-script.m4 index 342e5ac9cb14..f08e01344f3f 100644 --- a/cf/version-script.m4 +++ b/cf/version-script.m4 @@ -16,13 +16,12 @@ cat > conftest.c <. # # This program is free software; you can redistribute it and/or modify @@ -17,8 +18,7 @@ scriptversion=2005-05-14.22 # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -103,13 +103,13 @@ if test -z "$ofile" || test -z "$cfile"; then fi # Name of file we expect compiler to create. -cofile=`echo "$cfile" | sed -e 's|^.*/||' -e 's/\.c$/.o/'` +cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'` # Create the lock directory. -# Note: use `[/.-]' here to ensure that we don't use the same name +# Note: use `[/\\:.-]' here to ensure that we don't use the same name # that we are using for the .o file. Also, base the name on the expected # object file name, since that is what matters with a parallel build. -lockdir=`echo "$cofile" | sed -e 's|[/.-]|_|g'`.d +lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d while true; do if mkdir "$lockdir" >/dev/null 2>&1; then break @@ -124,9 +124,9 @@ trap "rmdir '$lockdir'; exit 1" 1 2 15 ret=$? if test -f "$cofile"; then - mv "$cofile" "$ofile" + test "$cofile" = "$ofile" || mv "$cofile" "$ofile" elif test -f "${cofile}bj"; then - mv "${cofile}bj" "$ofile" + test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile" fi rmdir "$lockdir" @@ -138,5 +138,6 @@ exit $ret # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" # End: diff --git a/config.guess b/config.guess index 396482d6cb50..dc84c68ef798 100755 --- a/config.guess +++ b/config.guess @@ -1,10 +1,10 @@ #! /bin/sh # Attempt to guess a canonical system name. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, -# Inc. +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 +# Free Software Foundation, Inc. -timestamp='2006-07-02' +timestamp='2009-11-20' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -27,16 +27,16 @@ timestamp='2006-07-02' # the same distribution terms that you use for the rest of that program. -# Originally written by Per Bothner . -# Please send patches to . Submit a context -# diff and a properly formatted ChangeLog entry. +# Originally written by Per Bothner. Please send patches (context +# diff format) to and include a ChangeLog +# entry. # # This script attempts to guess a canonical system name similar to # config.sub. If it succeeds, it prints the system name on stdout, and # exits with 0. Otherwise, it exits with 1. # -# The plan is that this can be called by configure scripts if you -# don't specify an explicit build system type. +# You can get the latest version of this script from: +# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD me=`echo "$0" | sed -e 's,.*/,,'` @@ -56,8 +56,8 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 -Free Software Foundation, Inc. +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, +2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -161,6 +161,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in arm*) machine=arm-unknown ;; sh3el) machine=shl-unknown ;; sh3eb) machine=sh-unknown ;; + sh5el) machine=sh5le-unknown ;; *) machine=${UNAME_MACHINE_ARCH}-unknown ;; esac # The Operating System including object format, if it has switched @@ -169,7 +170,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in arm*|i386|m68k|ns32k|sh3*|sparc|vax) eval $set_cc_for_build if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep __ELF__ >/dev/null + | grep -q __ELF__ then # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). # Return netbsd for either. FIX? @@ -323,14 +324,33 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in case `/usr/bin/uname -p` in sparc) echo sparc-icl-nx7; exit ;; esac ;; + s390x:SunOS:*:*) + echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; sun4H:SunOS:5.*:*) echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; - i86pc:SunOS:5.*:*) - echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) + echo i386-pc-auroraux${UNAME_RELEASE} + exit ;; + i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) + eval $set_cc_for_build + SUN_ARCH="i386" + # If there is a compiler, see if it is configured for 64-bit objects. + # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. + # This test works for both compilers. + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + SUN_ARCH="x86_64" + fi + fi + echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4*:SunOS:6*:*) # According to config.sub, this is the proper way to canonicalize @@ -531,7 +551,7 @@ EOF echo rs6000-ibm-aix3.2 fi exit ;; - *:AIX:*:[45]) + *:AIX:*:[456]) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then IBM_ARCH=rs6000 @@ -639,7 +659,7 @@ EOF # => hppa64-hp-hpux11.23 if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | - grep __LP64__ >/dev/null + grep -q __LP64__ then HP_ARCH="hppa2.0w" else @@ -780,7 +800,7 @@ EOF i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin exit ;; - i*:MINGW*:*) + *:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; i*:windows32*:*) @@ -790,15 +810,24 @@ EOF i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 exit ;; - x86:Interix*:[3456]*) - echo i586-pc-interix${UNAME_RELEASE} - exit ;; - EM64T:Interix*:[3456]*) - echo x86_64-unknown-interix${UNAME_RELEASE} - exit ;; + *:Interix*:*) + case ${UNAME_MACHINE} in + x86) + echo i586-pc-interix${UNAME_RELEASE} + exit ;; + authenticamd | genuineintel | EM64T) + echo x86_64-unknown-interix${UNAME_RELEASE} + exit ;; + IA64) + echo ia64-unknown-interix${UNAME_RELEASE} + exit ;; + esac ;; [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) echo i${UNAME_MACHINE}-pc-mks exit ;; + 8664:Windows_NT:*) + echo x86_64-pc-mks + exit ;; i*:Windows_NT*:* | Pentium*:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we @@ -828,8 +857,29 @@ EOF i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit ;; + alpha:Linux:*:*) + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + EV5) UNAME_MACHINE=alphaev5 ;; + EV56) UNAME_MACHINE=alphaev56 ;; + PCA56) UNAME_MACHINE=alphapca56 ;; + PCA57) UNAME_MACHINE=alphapca56 ;; + EV6) UNAME_MACHINE=alphaev6 ;; + EV67) UNAME_MACHINE=alphaev67 ;; + EV68*) UNAME_MACHINE=alphaev68 ;; + esac + objdump --private-headers /bin/sh | grep -q ld.so.1 + if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi + echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + exit ;; arm*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + eval $set_cc_for_build + if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_EABI__ + then + echo ${UNAME_MACHINE}-unknown-linux-gnu + else + echo ${UNAME_MACHINE}-unknown-linux-gnueabi + fi exit ;; avr32*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu @@ -843,6 +893,17 @@ EOF frv:Linux:*:*) echo frv-unknown-linux-gnu exit ;; + i*86:Linux:*:*) + LIBC=gnu + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #ifdef __dietlibc__ + LIBC=dietlibc + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` + echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + exit ;; ia64:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; @@ -852,74 +913,33 @@ EOF m68*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; - mips:Linux:*:*) + mips:Linux:*:* | mips64:Linux:*:*) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #undef CPU - #undef mips - #undef mipsel + #undef ${UNAME_MACHINE} + #undef ${UNAME_MACHINE}el #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=mipsel + CPU=${UNAME_MACHINE}el #else #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=mips + CPU=${UNAME_MACHINE} #else CPU= #endif #endif EOF - eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' - /^CPU/{ - s: ::g - p - }'`" - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } - ;; - mips64:Linux:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #undef CPU - #undef mips64 - #undef mips64el - #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=mips64el - #else - #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=mips64 - #else - CPU= - #endif - #endif -EOF - eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' - /^CPU/{ - s: ::g - p - }'`" + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } ;; or32:Linux:*:*) echo or32-unknown-linux-gnu exit ;; - ppc:Linux:*:*) - echo powerpc-unknown-linux-gnu + padre:Linux:*:*) + echo sparc-unknown-linux-gnu exit ;; - ppc64:Linux:*:*) - echo powerpc64-unknown-linux-gnu - exit ;; - alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in - EV5) UNAME_MACHINE=alphaev5 ;; - EV56) UNAME_MACHINE=alphaev56 ;; - PCA56) UNAME_MACHINE=alphapca56 ;; - PCA57) UNAME_MACHINE=alphapca56 ;; - EV6) UNAME_MACHINE=alphaev6 ;; - EV67) UNAME_MACHINE=alphaev67 ;; - EV68*) UNAME_MACHINE=alphaev68 ;; - esac - objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null - if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi - echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + parisc64:Linux:*:* | hppa64:Linux:*:*) + echo hppa64-unknown-linux-gnu exit ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level @@ -929,8 +949,11 @@ EOF *) echo hppa-unknown-linux-gnu ;; esac exit ;; - parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-gnu + ppc64:Linux:*:*) + echo powerpc64-unknown-linux-gnu + exit ;; + ppc:Linux:*:*) + echo powerpc-unknown-linux-gnu exit ;; s390:Linux:*:* | s390x:Linux:*:*) echo ${UNAME_MACHINE}-ibm-linux @@ -950,69 +973,9 @@ EOF x86_64:Linux:*:*) echo x86_64-unknown-linux-gnu exit ;; - i*86:Linux:*:*) - # The BFD linker knows what the default object file format is, so - # first see if it will tell us. cd to the root directory to prevent - # problems with other programs or directories called `ld' in the path. - # Set LC_ALL=C to ensure ld outputs messages in English. - ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \ - | sed -ne '/supported targets:/!d - s/[ ][ ]*/ /g - s/.*supported targets: *// - s/ .*// - p'` - case "$ld_supported_targets" in - elf32-i386) - TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" - ;; - a.out-i386-linux) - echo "${UNAME_MACHINE}-pc-linux-gnuaout" - exit ;; - coff-i386) - echo "${UNAME_MACHINE}-pc-linux-gnucoff" - exit ;; - "") - # Either a pre-BFD a.out linker (linux-gnuoldld) or - # one that does not give us useful --help. - echo "${UNAME_MACHINE}-pc-linux-gnuoldld" - exit ;; - esac - # Determine whether the default compiler is a.out or elf - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - #ifdef __ELF__ - # ifdef __GLIBC__ - # if __GLIBC__ >= 2 - LIBC=gnu - # else - LIBC=gnulibc1 - # endif - # else - LIBC=gnulibc1 - # endif - #else - #if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__SUNPRO_C) || defined(__SUNPRO_CC) - LIBC=gnu - #else - LIBC=gnuaout - #endif - #endif - #ifdef __dietlibc__ - LIBC=dietlibc - #endif -EOF - eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' - /^LIBC/{ - s: ::g - p - }'`" - test x"${LIBC}" != x && { - echo "${UNAME_MACHINE}-pc-linux-${LIBC}" - exit - } - test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; } - ;; + xtensa*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. # earlier versions are messed up and put the nodename in both @@ -1041,7 +1004,7 @@ EOF i*86:syllable:*:*) echo ${UNAME_MACHINE}-pc-syllable exit ;; - i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) + i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) echo i386-unknown-lynxos${UNAME_RELEASE} exit ;; i*86:*DOS:*:*) @@ -1085,8 +1048,11 @@ EOF pc:*:*:*) # Left here for compatibility: # uname -m prints for DJGPP always 'pc', but it prints nothing about - # the processor, so we play safe by assuming i386. - echo i386-pc-msdosdjgpp + # the processor, so we play safe by assuming i586. + # Note: whatever this is, it MUST be the same as what config.sub + # prints for the "djgpp" host, or else GDB configury will decide that + # this is a cross-build. + echo i586-pc-msdosdjgpp exit ;; Intel:Mach:3*:*) echo i386-pc-mach3 @@ -1124,6 +1090,16 @@ EOF 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ && { echo i486-ncr-sysv4; exit; } ;; + NCR*:*:4.2:* | MPRAS*:*:4.2:*) + OS_REL='.3' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) echo m68k-unknown-lynxos${UNAME_RELEASE} exit ;; @@ -1136,7 +1112,7 @@ EOF rs6000:LynxOS:2.*:*) echo rs6000-unknown-lynxos${UNAME_RELEASE} exit ;; - PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*) + PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) echo powerpc-unknown-lynxos${UNAME_RELEASE} exit ;; SM[BE]S:UNIX_SV:*:*) @@ -1199,6 +1175,9 @@ EOF BePC:BeOS:*:*) # BeOS running on Intel PC compatible. echo i586-pc-beos exit ;; + BePC:Haiku:*:*) # Haiku running on Intel PC compatible. + echo i586-pc-haiku + exit ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} exit ;; @@ -1208,6 +1187,15 @@ EOF SX-6:SUPER-UX:*:*) echo sx6-nec-superux${UNAME_RELEASE} exit ;; + SX-7:SUPER-UX:*:*) + echo sx7-nec-superux${UNAME_RELEASE} + exit ;; + SX-8:SUPER-UX:*:*) + echo sx8-nec-superux${UNAME_RELEASE} + exit ;; + SX-8R:SUPER-UX:*:*) + echo sx8r-nec-superux${UNAME_RELEASE} + exit ;; Power*:Rhapsody:*:*) echo powerpc-apple-rhapsody${UNAME_RELEASE} exit ;; @@ -1217,6 +1205,16 @@ EOF *:Darwin:*:*) UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown case $UNAME_PROCESSOR in + i386) + eval $set_cc_for_build + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + UNAME_PROCESSOR="x86_64" + fi + fi ;; unknown) UNAME_PROCESSOR=powerpc ;; esac echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} @@ -1298,6 +1296,9 @@ EOF i*86:rdos:*:*) echo ${UNAME_MACHINE}-pc-rdos exit ;; + i*86:AROS:*:*) + echo ${UNAME_MACHINE}-pc-aros + exit ;; esac #echo '(No uname command or uname output not recognized.)' 1>&2 @@ -1458,9 +1459,9 @@ This script, last modified $timestamp, has failed to recognize the operating system you are using. It is advised that you download the most up to date version of the config scripts from - http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.guess + http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD and - http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.sub + http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD If the version you run ($0) is already up to date, please send the following data and any information you think might be diff --git a/config.sub b/config.sub index fab0aa355663..2a55a50751c1 100755 --- a/config.sub +++ b/config.sub @@ -1,10 +1,10 @@ #! /bin/sh # Configuration validation subroutine script. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, -# Inc. +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 +# Free Software Foundation, Inc. -timestamp='2006-09-20' +timestamp='2009-11-20' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software @@ -32,13 +32,16 @@ timestamp='2006-09-20' # Please send patches to . Submit a context -# diff and a properly formatted ChangeLog entry. +# diff and a properly formatted GNU ChangeLog entry. # # Configuration subroutine to validate and canonicalize a configuration type. # Supply the specified configuration type as an argument. # If it is invalid, we print an error message on stderr and exit with code 1. # Otherwise, we print the canonical config type on stdout and succeed. +# You can get the latest version of this script from: +# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD + # This file is supposed to be the same for all GNU packages # and recognize all the CPU types, system types and aliases # that are meaningful with *any* GNU software. @@ -72,8 +75,8 @@ Report bugs and patches to ." version="\ GNU config.sub ($timestamp) -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 -Free Software Foundation, Inc. +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, +2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -122,6 +125,7 @@ maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ + kopensolaris*-gnu* | \ storm-chaos* | os2-emx* | rtmk-nova*) os=-$maybe_os basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` @@ -148,10 +152,13 @@ case $os in -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis | -knuth | -cray) + -apple | -axis | -knuth | -cray | -microblaze) os= basic_machine=$1 ;; + -bluegene*) + os=-cnk + ;; -sim | -cisco | -oki | -wec | -winbond) os= basic_machine=$1 @@ -245,17 +252,20 @@ case $basic_machine in | bfin \ | c4x | clipper \ | d10v | d30v | dlx | dsp16xx \ - | fr30 | frv \ + | fido | fr30 | frv \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ | i370 | i860 | i960 | ia64 \ | ip2k | iq2000 \ + | lm32 \ | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | mcore \ + | maxq | mb | microblaze | mcore | mep | metag \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ - | mips64vr | mips64vrel \ + | mips64octeon | mips64octeonel \ | mips64orion | mips64orionel \ + | mips64r5900 | mips64r5900el \ + | mips64vr | mips64vrel \ | mips64vr4100 | mips64vr4100el \ | mips64vr4300 | mips64vr4300el \ | mips64vr5000 | mips64vr5000el \ @@ -268,6 +278,7 @@ case $basic_machine in | mipsisa64sr71k | mipsisa64sr71kel \ | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ + | moxie \ | mt \ | msp430 \ | nios | nios2 \ @@ -276,20 +287,22 @@ case $basic_machine in | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ | pyramid \ + | rx \ | score \ - | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ + | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ | sh64 | sh64le \ | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ | spu | strongarm \ | tahoe | thumb | tic4x | tic80 | tron \ + | ubicom32 \ | v850 | v850e \ | we32k \ | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ - | z8k) + | z8k | z80) basic_machine=$basic_machine-unknown ;; - m6811 | m68hc11 | m6812 | m68hc12) + m6811 | m68hc11 | m6812 | m68hc12 | picochip) # Motorola 68HC11/12. basic_machine=$basic_machine-unknown os=-none @@ -324,19 +337,22 @@ case $basic_machine in | clipper-* | craynv-* | cydra-* \ | d10v-* | d30v-* | dlx-* \ | elxsi-* \ - | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \ + | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ | h8300-* | h8500-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ | i*86-* | i860-* | i960-* | ia64-* \ | ip2k-* | iq2000-* \ + | lm32-* \ | m32c-* | m32r-* | m32rle-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* \ + | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ | mips16-* \ | mips64-* | mips64el-* \ - | mips64vr-* | mips64vrel-* \ + | mips64octeon-* | mips64octeonel-* \ | mips64orion-* | mips64orionel-* \ + | mips64r5900-* | mips64r5900el-* \ + | mips64vr-* | mips64vrel-* \ | mips64vr4100-* | mips64vr4100el-* \ | mips64vr4300-* | mips64vr4300el-* \ | mips64vr5000-* | mips64vr5000el-* \ @@ -357,21 +373,26 @@ case $basic_machine in | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ | pyramid-* \ - | romp-* | rs6000-* \ - | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ + | romp-* | rs6000-* | rx-* \ + | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ | sparclite-* \ | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ | tahoe-* | thumb-* \ - | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ + | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* | tile-* \ | tron-* \ + | ubicom32-* \ | v850-* | v850e-* | vax-* \ | we32k-* \ | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ - | xstormy16-* | xtensa-* \ + | xstormy16-* | xtensa*-* \ | ymp-* \ - | z8k-*) + | z8k-* | z80-*) + ;; + # Recognize the basic CPU types without company name, with glob match. + xtensa*) + basic_machine=$basic_machine-unknown ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. @@ -435,6 +456,10 @@ case $basic_machine in basic_machine=m68k-apollo os=-bsd ;; + aros) + basic_machine=i386-pc + os=-aros + ;; aux) basic_machine=m68k-apple os=-aux @@ -443,10 +468,26 @@ case $basic_machine in basic_machine=ns32k-sequent os=-dynix ;; + blackfin) + basic_machine=bfin-unknown + os=-linux + ;; + blackfin-*) + basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + bluegene*) + basic_machine=powerpc-ibm + os=-cnk + ;; c90) basic_machine=c90-cray os=-unicos ;; + cegcc) + basic_machine=arm-unknown + os=-cegcc + ;; convex-c1) basic_machine=c1-convex os=-bsd @@ -475,8 +516,8 @@ case $basic_machine in basic_machine=craynv-cray os=-unicosmp ;; - cr16c) - basic_machine=cr16c-unknown + cr16) + basic_machine=cr16-unknown os=-elf ;; crds | unos) @@ -514,6 +555,10 @@ case $basic_machine in basic_machine=m88k-motorola os=-sysv3 ;; + dicos) + basic_machine=i686-pc + os=-dicos + ;; djgpp) basic_machine=i586-pc os=-msdosdjgpp @@ -668,6 +713,14 @@ case $basic_machine in basic_machine=m68k-isi os=-sysv ;; + m68knommu) + basic_machine=m68k-unknown + os=-linux + ;; + m68knommu-*) + basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; m88k-omron*) basic_machine=m88k-omron ;; @@ -679,10 +732,17 @@ case $basic_machine in basic_machine=ns32k-utek os=-sysv ;; + microblaze) + basic_machine=microblaze-xilinx + ;; mingw32) basic_machine=i386-pc os=-mingw32 ;; + mingw32ce) + basic_machine=arm-unknown + os=-mingw32ce + ;; miniframe) basic_machine=m68000-convergent ;; @@ -809,6 +869,14 @@ case $basic_machine in basic_machine=i860-intel os=-osf ;; + parisc) + basic_machine=hppa-unknown + os=-linux + ;; + parisc-*) + basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; pbd) basic_machine=sparc-tti ;; @@ -925,6 +993,9 @@ case $basic_machine in basic_machine=sh-hitachi os=-hms ;; + sh5el) + basic_machine=sh5le-unknown + ;; sh64) basic_machine=sh64-unknown ;; @@ -1014,6 +1085,10 @@ case $basic_machine in basic_machine=tic6x-unknown os=-coff ;; + tile*) + basic_machine=tile-unknown + os=-linux-gnu + ;; tx39) basic_machine=mipstx39-unknown ;; @@ -1089,6 +1164,10 @@ case $basic_machine in basic_machine=z8k-unknown os=-sim ;; + z80-*-coff) + basic_machine=z80-unknown + os=-sim + ;; none) basic_machine=none-none os=-none @@ -1127,7 +1206,7 @@ case $basic_machine in we32k) basic_machine=we32k-att ;; - sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele) + sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) basic_machine=sh-unknown ;; sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) @@ -1177,6 +1256,9 @@ case $os in # First match some system type aliases # that might get confused with valid system types. # -solaris* is a basic system type, with this one exception. + -auroraux) + os=-auroraux + ;; -solaris1 | -solaris1.*) os=`echo $os | sed -e 's|solaris1|sunos4|'` ;; @@ -1197,10 +1279,11 @@ case $os in # Each alternative MUST END IN A *, to match a version number. # -sysv* is not here because it comes later, after sysvr4. -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ - | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ - | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ + | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ + | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ + | -sym* | -kopensolaris* \ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ - | -aos* \ + | -aos* | -aros* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ @@ -1209,7 +1292,7 @@ case $os in | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ - | -chorusos* | -chorusrdb* \ + | -chorusos* | -chorusrdb* | -cegcc* \ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ | -uxpv* | -beos* | -mpeix* | -udk* \ @@ -1219,7 +1302,7 @@ case $os in | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ - | -skyos* | -haiku* | -rdos* | -toppers*) + | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) @@ -1349,6 +1432,9 @@ case $os in -zvmoe) os=-zvmoe ;; + -dicos*) + os=-dicos + ;; -none) ;; *) @@ -1414,6 +1500,9 @@ case $basic_machine in m68*-cisco) os=-aout ;; + mep-*) + os=-elf + ;; mips*-cisco) os=-elf ;; @@ -1543,7 +1632,7 @@ case $basic_machine in -sunos*) vendor=sun ;; - -aix*) + -cnk*|-aix*) vendor=ibm ;; -beos*) diff --git a/configure b/configure index e905a3519728..36efaf614bb0 100755 --- a/configure +++ b/configure @@ -1,63 +1,86 @@ #! /bin/sh -# From configure.in Revision: 22513 . +# From configure.ac Revision. # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.61 for Heimdal 1.1. +# Generated by GNU Autoconf 2.65 for Heimdal 1.5. # # Report bugs to . # +# # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -# 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# +# # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. -## --------------------- ## -## M4sh Initialization. ## -## --------------------- ## +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; esac - fi - - -# PATH needs CR -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then - echo "#! /bin/sh" >conf$$.sh - echo "exit 0" >>conf$$.sh - chmod +x conf$$.sh - if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then - PATH_SEPARATOR=';' - else - PATH_SEPARATOR=: - fi - rm -f conf$$.sh -fi - -# Support unset when possible. -if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then - as_unset=unset -else - as_unset=false + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } fi @@ -66,20 +89,18 @@ fi # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) -as_nl=' -' IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. -case $0 in +case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break -done + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done IFS=$as_save_IFS ;; @@ -90,32 +111,279 @@ if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then - echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - { (exit 1); exit 1; } + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 fi -# Work around bugs in pre-3.0 UWIN ksh. -for as_var in ENV MAIL MAILPATH -do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. -for as_var in \ - LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ - LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ - LC_TELEPHONE LC_TIME -do - if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then - eval $as_var=C; export $as_var - else - ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var - fi -done +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +if test "x$CONFIG_SHELL" = x; then + as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which + # is contrary to our usage. Disable this feature. + alias -g '\${1+\"\$@\"}'='\"\$@\"' + setopt NO_GLOB_SUBST +else + case \`(set -o) 2>/dev/null\` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi +" + as_required="as_fn_return () { (exit \$1); } +as_fn_success () { as_fn_return 0; } +as_fn_failure () { as_fn_return 1; } +as_fn_ret_success () { return 0; } +as_fn_ret_failure () { return 1; } + +exitcode=0 +as_fn_success || { exitcode=1; echo as_fn_success failed.; } +as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } +as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } +as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } +if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : + +else + exitcode=1; echo positional parameters were not saved. +fi +test x\$exitcode = x0 || exit 1" + as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO + as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO + eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && + test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 + + test -n \"\${ZSH_VERSION+set}\${BASH_VERSION+set}\" || ( + ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' + ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO + ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO + PATH=/empty FPATH=/empty; export PATH FPATH + test \"X\`printf %s \$ECHO\`\" = \"X\$ECHO\" \\ + || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" ) || exit 1 +test \$(( 1 + 1 )) = 2 || exit 1" + if (eval "$as_required") 2>/dev/null; then : + as_have_required=yes +else + as_have_required=no +fi + if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : + +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_found=false +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + as_found=: + case $as_dir in #( + /*) + for as_base in sh bash ksh sh5; do + # Try only shells that exist, to save several forks. + as_shell=$as_dir/$as_base + if { test -f "$as_shell" || test -f "$as_shell.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : + CONFIG_SHELL=$as_shell as_have_required=yes + if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : + break 2 +fi +fi + done;; + esac + as_found=false +done +$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : + CONFIG_SHELL=$SHELL as_have_required=yes +fi; } +IFS=$as_save_IFS + + + if test "x$CONFIG_SHELL" != x; then : + # We cannot yet assume a decent shell, so we have to provide a + # neutralization value for shells without unset; and this also + # works around shells that cannot unset nonexistent variables. + BASH_ENV=/dev/null + ENV=/dev/null + (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV + export CONFIG_SHELL + exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"} +fi + + if test x$as_have_required = xno; then : + $as_echo "$0: This script requires a shell more modern than all" + $as_echo "$0: the shells that I found on your system." + if test x${ZSH_VERSION+set} = xset ; then + $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" + $as_echo "$0: be upgraded to zsh 4.3.4 or later." + else + $as_echo "$0: Please tell bug-autoconf@gnu.org and +$0: heimdal-bugs@h5l.org about your system, including any +$0: error possibly output before this message. Then install +$0: a modern shell, or manually run the script under such a +$0: shell if you do have one." + fi + exit 1 +fi +fi +fi +SHELL=${CONFIG_SHELL-/bin/sh} +export SHELL +# Unset more variables known to interfere with behavior of common tools. +CLICOLOR_FORCE= GREP_OPTIONS= +unset CLICOLOR_FORCE GREP_OPTIONS + +## --------------------- ## +## M4sh Shell Functions. ## +## --------------------- ## +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error "cannot create directory $as_dir" + + +} # as_fn_mkdir_p +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +# as_fn_error ERROR [LINENO LOG_FD] +# --------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with status $?, using 1 if that was 0. +as_fn_error () +{ + as_status=$?; test $as_status -eq 0 && as_status=1 + if test "$3"; then + as_lineno=${as_lineno-"$2"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $1" >&$3 + fi + $as_echo "$as_me: error: $1" >&2 + as_fn_exit $as_status +} # as_fn_error -# Required to use basename. if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr @@ -129,13 +397,17 @@ else as_basename=false fi +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi -# Name of the executable. as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || -echo X/"$0" | +$as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q @@ -150,294 +422,19 @@ echo X/"$0" | } s/.*/./; q'` -# CDPATH. -$as_unset CDPATH +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits -if test "x$CONFIG_SHELL" = x; then - if (eval ":") 2>/dev/null; then - as_have_required=yes -else - as_have_required=no -fi - - if test $as_have_required = yes && (eval ": -(as_func_return () { - (exit \$1) -} -as_func_success () { - as_func_return 0 -} -as_func_failure () { - as_func_return 1 -} -as_func_ret_success () { - return 0 -} -as_func_ret_failure () { - return 1 -} - -exitcode=0 -if as_func_success; then - : -else - exitcode=1 - echo as_func_success failed. -fi - -if as_func_failure; then - exitcode=1 - echo as_func_failure succeeded. -fi - -if as_func_ret_success; then - : -else - exitcode=1 - echo as_func_ret_success failed. -fi - -if as_func_ret_failure; then - exitcode=1 - echo as_func_ret_failure succeeded. -fi - -if ( set x; as_func_ret_success y && test x = \"\$1\" ); then - : -else - exitcode=1 - echo positional parameters were not saved. -fi - -test \$exitcode = 0) || { (exit 1); exit 1; } - -( - as_lineno_1=\$LINENO - as_lineno_2=\$LINENO - test \"x\$as_lineno_1\" != \"x\$as_lineno_2\" && - test \"x\`expr \$as_lineno_1 + 1\`\" = \"x\$as_lineno_2\") || { (exit 1); exit 1; } -") 2> /dev/null; then - : -else - as_candidate_shells= - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - case $as_dir in - /*) - for as_base in sh bash ksh sh5; do - as_candidate_shells="$as_candidate_shells $as_dir/$as_base" - done;; - esac -done -IFS=$as_save_IFS - - - for as_shell in $as_candidate_shells $SHELL; do - # Try only shells that exist, to save several forks. - if { test -f "$as_shell" || test -f "$as_shell.exe"; } && - { ("$as_shell") 2> /dev/null <<\_ASEOF -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; -esac - -fi - - -: -_ASEOF -}; then - CONFIG_SHELL=$as_shell - as_have_required=yes - if { "$as_shell" 2> /dev/null <<\_ASEOF -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; -esac - -fi - - -: -(as_func_return () { - (exit $1) -} -as_func_success () { - as_func_return 0 -} -as_func_failure () { - as_func_return 1 -} -as_func_ret_success () { - return 0 -} -as_func_ret_failure () { - return 1 -} - -exitcode=0 -if as_func_success; then - : -else - exitcode=1 - echo as_func_success failed. -fi - -if as_func_failure; then - exitcode=1 - echo as_func_failure succeeded. -fi - -if as_func_ret_success; then - : -else - exitcode=1 - echo as_func_ret_success failed. -fi - -if as_func_ret_failure; then - exitcode=1 - echo as_func_ret_failure succeeded. -fi - -if ( set x; as_func_ret_success y && test x = "$1" ); then - : -else - exitcode=1 - echo positional parameters were not saved. -fi - -test $exitcode = 0) || { (exit 1); exit 1; } - -( - as_lineno_1=$LINENO - as_lineno_2=$LINENO - test "x$as_lineno_1" != "x$as_lineno_2" && - test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2") || { (exit 1); exit 1; } - -_ASEOF -}; then - break -fi - -fi - - done - - if test "x$CONFIG_SHELL" != x; then - for as_var in BASH_ENV ENV - do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var - done - export CONFIG_SHELL - exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"} -fi - - - if test $as_have_required = no; then - echo This script requires a shell more modern than all the - echo shells that I found on your system. Please install a - echo modern shell, or manually run the script under such a - echo shell if you do have one. - { (exit 1); exit 1; } -fi - - -fi - -fi - - - -(eval "as_func_return () { - (exit \$1) -} -as_func_success () { - as_func_return 0 -} -as_func_failure () { - as_func_return 1 -} -as_func_ret_success () { - return 0 -} -as_func_ret_failure () { - return 1 -} - -exitcode=0 -if as_func_success; then - : -else - exitcode=1 - echo as_func_success failed. -fi - -if as_func_failure; then - exitcode=1 - echo as_func_failure succeeded. -fi - -if as_func_ret_success; then - : -else - exitcode=1 - echo as_func_ret_success failed. -fi - -if as_func_ret_failure; then - exitcode=1 - echo as_func_ret_failure succeeded. -fi - -if ( set x; as_func_ret_success y && test x = \"\$1\" ); then - : -else - exitcode=1 - echo positional parameters were not saved. -fi - -test \$exitcode = 0") || { - echo No shell found that supports shell functions. - echo Please tell autoconf@gnu.org about your system, - echo including any error possibly output before this - echo message -} - - - - as_lineno_1=$LINENO - as_lineno_2=$LINENO - test "x$as_lineno_1" != "x$as_lineno_2" && - test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2" || { - - # Create $as_me.lineno as a copy of $as_myself, but with $LINENO - # uniformly replaced by the line number. The first 'sed' inserts a - # line-number line after each line using $LINENO; the second 'sed' - # does the real work. The second script uses 'N' to pair each - # line-number line with the line containing $LINENO, and appends - # trailing '-' during substitution so that $LINENO is not a special - # case at line end. - # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the - # scripts with optimization help from Paolo Bonzini. Blame Lee - # E. McMahon (1931-1989) for sed's syntax. :-) + as_lineno_1=$LINENO as_lineno_1a=$LINENO + as_lineno_2=$LINENO as_lineno_2a=$LINENO + eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && + test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { + # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) sed -n ' p /[$]LINENO/= @@ -454,8 +451,7 @@ test \$exitcode = 0") || { s/-\n.*// ' >$as_me.lineno && chmod +x "$as_me.lineno" || - { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2 - { (exit 1); exit 1; }; } + { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the @@ -465,49 +461,40 @@ test \$exitcode = 0") || { exit } - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi - ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in +case `echo -n x` in #((((( -n*) - case `echo 'x\c'` in + case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. - *) ECHO_C='\c';; + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir - mkdir conf$$.dir + mkdir conf$$.dir 2>/dev/null fi -echo >conf$$.file -if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -p'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -p' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else as_ln_s='cp -p' -elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln + fi else as_ln_s='cp -p' fi @@ -515,7 +502,7 @@ rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null if mkdir -p . 2>/dev/null; then - as_mkdir_p=: + as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false @@ -532,12 +519,12 @@ else as_test_x=' eval sh -c '\'' if test -d "$1"; then - test -d "$1/."; + test -d "$1/."; else - case $1 in - -*)set "./$1";; + case $1 in #( + -*)set "./$1";; esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( ???[sx]*):;;*)false;;esac;fi '\'' sh ' @@ -550,163 +537,11 @@ as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" - - - -# Check that we are running under the correct shell. SHELL=${CONFIG_SHELL-/bin/sh} -case X$ECHO in -X*--fallback-echo) - # Remove one level of quotation (which was required for Make). - ECHO=`echo "$ECHO" | sed 's,\\\\\$\\$0,'$0','` - ;; -esac -echo=${ECHO-echo} -if test "X$1" = X--no-reexec; then - # Discard the --no-reexec flag, and continue. - shift -elif test "X$1" = X--fallback-echo; then - # Avoid inline document here, it may be left over - : -elif test "X`($echo '\t') 2>/dev/null`" = 'X\t' ; then - # Yippee, $echo works! - : -else - # Restart under the correct shell. - exec $SHELL "$0" --no-reexec ${1+"$@"} -fi - -if test "X$1" = X--fallback-echo; then - # used as fallback echo - shift - cat </dev/null 2>&1 && unset CDPATH - -if test -z "$ECHO"; then -if test "X${echo_test_string+set}" != Xset; then -# find a string as large as possible, as long as the shell can cope with it - for cmd in 'sed 50q "$0"' 'sed 20q "$0"' 'sed 10q "$0"' 'sed 2q "$0"' 'echo test'; do - # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ... - if (echo_test_string=`eval $cmd`) 2>/dev/null && - echo_test_string=`eval $cmd` && - (test "X$echo_test_string" = "X$echo_test_string") 2>/dev/null - then - break - fi - done -fi - -if test "X`($echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - : -else - # The Solaris, AIX, and Digital Unix default echo programs unquote - # backslashes. This makes it impossible to quote backslashes using - # echo "$something" | sed 's/\\/\\\\/g' - # - # So, first we look for a working echo in the user's PATH. - - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for dir in $PATH /usr/ucb; do - IFS="$lt_save_ifs" - if (test -f $dir/echo || test -f $dir/echo$ac_exeext) && - test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - echo="$dir/echo" - break - fi - done - IFS="$lt_save_ifs" - - if test "X$echo" = Xecho; then - # We didn't find a better echo, so look for alternatives. - if test "X`(print -r '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`(print -r "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - # This shell has a builtin print -r that does the trick. - echo='print -r' - elif (test -f /bin/ksh || test -f /bin/ksh$ac_exeext) && - test "X$CONFIG_SHELL" != X/bin/ksh; then - # If we have ksh, try running configure again with it. - ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh} - export ORIGINAL_CONFIG_SHELL - CONFIG_SHELL=/bin/ksh - export CONFIG_SHELL - exec $CONFIG_SHELL "$0" --no-reexec ${1+"$@"} - else - # Try using printf. - echo='printf %s\n' - if test "X`($echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - # Cool, printf works - : - elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "$0" --fallback-echo '\t') 2>/dev/null` && - test "X$echo_testing_string" = 'X\t' && - echo_testing_string=`($ORIGINAL_CONFIG_SHELL "$0" --fallback-echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL - export CONFIG_SHELL - SHELL="$CONFIG_SHELL" - export SHELL - echo="$CONFIG_SHELL $0 --fallback-echo" - elif echo_testing_string=`($CONFIG_SHELL "$0" --fallback-echo '\t') 2>/dev/null` && - test "X$echo_testing_string" = 'X\t' && - echo_testing_string=`($CONFIG_SHELL "$0" --fallback-echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - echo="$CONFIG_SHELL $0 --fallback-echo" - else - # maybe with a smaller string... - prev=: - - for cmd in 'echo test' 'sed 2q "$0"' 'sed 10q "$0"' 'sed 20q "$0"' 'sed 50q "$0"'; do - if (test "X$echo_test_string" = "X`eval $cmd`") 2>/dev/null - then - break - fi - prev="$cmd" - done - - if test "$prev" != 'sed 50q "$0"'; then - echo_test_string=`eval $prev` - export echo_test_string - exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "$0" ${1+"$@"} - else - # Oops. We lost completely, so just stick with echo. - echo=echo - fi - fi - fi - fi -fi -fi - -# Copy echo and quote the copy suitably for passing to libtool from -# the Makefile, instead of quoting the original, which is used later. -ECHO=$echo -if test "X$ECHO" = "X$CONFIG_SHELL $0 --fallback-echo"; then - ECHO="$CONFIG_SHELL \\\$\$0 --fallback-echo" -fi - - - - -tagnames=${tagnames+${tagnames},}CXX - -tagnames=${tagnames+${tagnames},}F77 - -exec 7<&0 &1 +test -n "$DJDIR" || exec 7<&0 &1 # Name of the host. # hostname on some systems (SVR3.2, Linux) returns a bogus exit status, @@ -724,17 +559,16 @@ cross_compiling=no subdirs= MFLAGS= MAKEFLAGS= -SHELL=${CONFIG_SHELL-/bin/sh} # Identity of this package. PACKAGE_NAME='Heimdal' PACKAGE_TARNAME='heimdal' -PACKAGE_VERSION='1.1' -PACKAGE_STRING='Heimdal 1.1' +PACKAGE_VERSION='1.5' +PACKAGE_STRING='Heimdal 1.5' PACKAGE_BUGREPORT='heimdal-bugs@h5l.org' +PACKAGE_URL='' ac_unique_file="kuser/kinit.c" -ac_default_prefix=/usr/heimdal # Factoring default headers for most tests. ac_includes_default="\ #include @@ -771,256 +605,380 @@ ac_includes_default="\ # include #endif" -ac_subst_vars='SHELL -PATH_SEPARATOR -PACKAGE_NAME -PACKAGE_TARNAME -PACKAGE_VERSION -PACKAGE_STRING -PACKAGE_BUGREPORT -exec_prefix -prefix -program_transform_name -bindir -sbindir -libexecdir -datarootdir -datadir -sysconfdir -sharedstatedir -localstatedir -includedir -oldincludedir -docdir -infodir -htmldir -dvidir -pdfdir -psdir -libdir -localedir -mandir -DEFS -ECHO_C -ECHO_N -ECHO_T -LIBS -build_alias -host_alias -target_alias -INSTALL_PROGRAM -INSTALL_SCRIPT -INSTALL_DATA -am__isrc -CYGPATH_W -PACKAGE -VERSION -ACLOCAL -AUTOCONF -AUTOMAKE -AUTOHEADER -MAKEINFO -install_sh -STRIP -INSTALL_STRIP_PROGRAM -mkdir_p -AWK -SET_MAKE -am__leading_dot -AMTAR -am__tar -am__untar -MAINTAINER_MODE_TRUE -MAINTAINER_MODE_FALSE -MAINT -CC -CFLAGS -LDFLAGS -CPPFLAGS -ac_ct_CC -EXEEXT -OBJEXT -CPP -build -build_cpu -build_vendor -build_os -host -host_cpu -host_vendor -host_os -CANONICAL_HOST -YACC -YFLAGS -LEX -LEX_OUTPUT_ROOT -LEXLIB -LN_S -GREP -EGREP -ECHO -AR -RANLIB -CXX -CXXFLAGS -ac_ct_CXX -CXXCPP -F77 -FFLAGS -ac_ct_F77 -LIBTOOL -ENABLE_SHARED_TRUE -ENABLE_SHARED_FALSE -VERSIONING -versionscript_TRUE -versionscript_FALSE -LDFLAGS_VERSION_SCRIPT -INCLUDE_openldap -LIB_openldap -OPENLDAP_MODULE_TRUE -OPENLDAP_MODULE_FALSE -PKINIT_TRUE -PKINIT_FALSE -DIR_hdbdir -INCLUDE_krb4 -LIB_krb4 -KRB4_TRUE -KRB4_FALSE -KRB5_TRUE -KRB5_FALSE -do_roken_rename_TRUE -do_roken_rename_FALSE -LIB_kdb -HAVE_OPENSSL_TRUE -HAVE_OPENSSL_FALSE -DIR_hcrypto -INCLUDE_hcrypto -LIB_hcrypto -LIB_hcrypto_a -LIB_hcrypto_so -LIB_hcrypto_appl -PTHREADS_CFLAGS -PTHREADS_LIBS -DCE_TRUE -DCE_FALSE -dpagaix_cflags -dpagaix_ldadd -dpagaix_ldflags -LIB_db_create -LIB_dbopen -LIB_dbm_firstkey -HAVE_DB1_TRUE -HAVE_DB1_FALSE -HAVE_DB3_TRUE -HAVE_DB3_FALSE -HAVE_NDBM_TRUE -HAVE_NDBM_FALSE -DBLIB -LIB_NDBM -WFLAGS -WFLAGS_NOUNUSED -WFLAGS_NOIMPLICITINT -VOID_RETSIGTYPE -have_err_h_TRUE -have_err_h_FALSE -have_ifaddrs_h_TRUE -have_ifaddrs_h_FALSE -have_vis_h_TRUE -have_vis_h_FALSE -LIB_socket -LIB_gethostbyname -LIB_syslog -LIB_gethostbyname2 -LIB_res_search -LIB_res_nsearch -LIB_res_ndestroy -LIB_dn_expand -LIBOBJS -have_glob_h_TRUE -have_glob_h_FALSE -have_cgetent_TRUE -have_cgetent_FALSE -LIB_getsockopt -LIB_setsockopt -LIB_hstrerror -LIB_bswap16 -LIB_bswap32 -LIB_pidfile -LIB_getaddrinfo -LIB_getnameinfo -LIB_freeaddrinfo -LIB_gai_strerror -have_fnmatch_h_TRUE -have_fnmatch_h_FALSE -LIB_crypt -have_socket_wrapper_TRUE -have_socket_wrapper_FALSE -DIR_roken -LIB_roken -INCLUDES_roken -LIBADD_roken -LIB_otp -OTP_TRUE -OTP_FALSE -LIB_security -NROFF -GROFF -CATMAN -CATMAN_TRUE -CATMAN_FALSE -CATMANEXT -INCLUDE_readline -LIB_readline -INCLUDE_hesiod -LIB_hesiod -AIX_TRUE -AIX_FALSE -AIX4_TRUE -AIX4_FALSE -LIB_dlopen -HAVE_DLOPEN_TRUE -HAVE_DLOPEN_FALSE -LIB_loadquery -AIX_DYNAMIC_AFS_TRUE -AIX_DYNAMIC_AFS_FALSE -AIX_EXTRA_KAFS -IRIX_TRUE -IRIX_FALSE -XMKMF -X_CFLAGS -X_PRE_LIBS -X_LIBS -X_EXTRA_LIBS -HAVE_X_TRUE -HAVE_X_FALSE -LIB_XauWriteAuth -LIB_XauReadAuth -LIB_XauFileName -NEED_WRITEAUTH_TRUE -NEED_WRITEAUTH_FALSE -LIB_logwtmp -LIB_logout -LIB_openpty -LIB_tgetent -LIB_getpwnam_r -LIB_door_create -KCM_TRUE -KCM_FALSE -FRAMEWORK_SECURITY_TRUE -FRAMEWORK_SECURITY_FALSE -LIB_el_init -el_compat_TRUE -el_compat_FALSE -COMPILE_ET -COM_ERR_TRUE -COM_ERR_FALSE -DIR_com_err -LIB_com_err -LIB_com_err_a -LIB_com_err_so +ac_default_prefix=/usr/heimdal +ac_header_list= +enable_option_checking=no +ac_subst_vars='am__EXEEXT_FALSE +am__EXEEXT_TRUE +LTLIBOBJS +HEIMDAL_DOCUMENTATION_FALSE +HEIMDAL_DOCUMENTATION_TRUE LIB_AUTH_SUBDIRS -LTLIBOBJS' +LIB_com_err_so +LIB_com_err_a +LIB_com_err +DIR_com_err +COM_ERR_FALSE +COM_ERR_TRUE +COMPILE_ET +LIBEDIT_FALSE +LIBEDIT_TRUE +FRAMEWORK_SECURITY_FALSE +FRAMEWORK_SECURITY_TRUE +KCM_FALSE +KCM_TRUE +LIB_door_create +LIB_getpwnam_r +LIB_tgetent +LIB_openpty +LIB_logout +LIB_logwtmp +NEED_WRITEAUTH_FALSE +NEED_WRITEAUTH_TRUE +LIB_XauFileName +LIB_XauReadAuth +LIB_XauWriteAuth +HAVE_X_FALSE +HAVE_X_TRUE +X_EXTRA_LIBS +X_LIBS +X_PRE_LIBS +X_CFLAGS +XMKMF +LIB_hesiod +INCLUDE_hesiod +subdirs +LIB_libedit +INCLUDE_libedit +LIB_readline +INCLUDE_readline +CATMANEXT +CATMAN_FALSE +CATMAN_TRUE +CATMAN +GROFF +NROFF +LIB_security +have_gcd_FALSE +have_gcd_TRUE +LIB_dispatch_async_f +OTP_FALSE +OTP_TRUE +LIB_otp +LIBADD_roken +INCLUDES_roken +LIB_roken +DIR_roken +have_socket_wrapper_FALSE +have_socket_wrapper_TRUE +LIB_crypt +have_fnmatch_h_FALSE +have_fnmatch_h_TRUE +LIB_gai_strerror +LIB_freeaddrinfo +LIB_getnameinfo +LIB_getaddrinfo +LIB_pidfile +LIB_bswap32 +LIB_bswap16 +LIB_hstrerror +LIB_setsockopt +LIB_getsockopt +have_cgetent_FALSE +have_cgetent_TRUE +have_glob_h_FALSE +have_glob_h_TRUE +LIBOBJS +LIB_dn_expand +LIB_dns_search +LIB_res_ndestroy +LIB_res_nsearch +LIB_res_search +LIB_gethostbyname2 +LIB_syslog +LIB_gethostbyname +LIB_socket +have_vis_h_FALSE +have_vis_h_TRUE +have_search_h_FALSE +have_search_h_TRUE +have_ifaddrs_h_FALSE +have_ifaddrs_h_TRUE +have_err_h_FALSE +have_err_h_TRUE +WFLAGS_NOIMPLICITINT +WFLAGS_NOUNUSED +WFLAGS +LIB_NDBM +DBLIB +HAVE_DBHEADER_FALSE +HAVE_DBHEADER_TRUE +HAVE_NDBM_FALSE +HAVE_NDBM_TRUE +HAVE_DB3_FALSE +HAVE_DB3_TRUE +HAVE_DB1_FALSE +HAVE_DB1_TRUE +LIB_dbm_firstkey +LIB_dbopen +LIB_db_create +DBHEADER +NO_AFS +dpagaix_ldflags +dpagaix_ldadd +dpagaix_cflags +DCE_FALSE +DCE_TRUE +PTHREAD_LIBADD +PTHREAD_LDADD +PTHREAD_CFLAGS +LIB_hcrypto_appl +LIB_hcrypto_so +LIB_hcrypto_a +LIB_hcrypto +INCLUDE_hcrypto +DIR_hcrypto +HAVE_OPENSSL_FALSE +HAVE_OPENSSL_TRUE +LIB_kdb +do_roken_rename_FALSE +do_roken_rename_TRUE +KRB5_FALSE +KRB5_TRUE +KRB4_FALSE +KRB4_TRUE +LIB_krb4 +INCLUDE_krb4 +DIR_hdbdir +LIB_libintl +INCLUDE_libintl +have_scc_FALSE +have_scc_TRUE +SQLITE3_FALSE +SQLITE3_TRUE +LIB_sqlite3 +INCLUDE_sqlite3 +HAVE_CAPNG_FALSE +HAVE_CAPNG_TRUE +CAPNG_LIBS +CAPNG_CFLAGS +PKG_CONFIG +PKINIT_FALSE +PKINIT_TRUE +OPENLDAP_MODULE_FALSE +OPENLDAP_MODULE_TRUE +LIB_openldap +INCLUDE_openldap +SLC_DEP +SLC +ASN1_COMPILE_DEP +ASN1_COMPILE +CROSS_COMPILE_FALSE +CROSS_COMPILE_TRUE +LDFLAGS_VERSION_SCRIPT +versionscript_FALSE +versionscript_TRUE +VERSIONING +ENABLE_SHARED_FALSE +ENABLE_SHARED_TRUE +LEXLIB +LEX_OUTPUT_ROOT +LEX +YFLAGS +YACC +IRIX_FALSE +IRIX_TRUE +AIX_EXTRA_KAFS +AIX_DYNAMIC_AFS_FALSE +AIX_DYNAMIC_AFS_TRUE +LIB_loadquery +HAVE_DLOPEN_FALSE +HAVE_DLOPEN_TRUE +LIB_dlopen +AIX4_FALSE +AIX4_TRUE +AIX_FALSE +AIX_TRUE +CANONICAL_HOST +OTOOL64 +OTOOL +LIPO +NMEDIT +DSYMUTIL +MANIFEST_TOOL +RANLIB +ac_ct_AR +AR +DLLTOOL +OBJDUMP +LN_S +NM +ac_ct_DUMPBIN +DUMPBIN +LD +FGREP +EGREP +GREP +SED +host_os +host_vendor +host_cpu +host +build_os +build_vendor +build_cpu +build +LIBTOOL +CPP +am__fastdepCC_FALSE +am__fastdepCC_TRUE +CCDEPMODE +AMDEPBACKSLASH +AMDEP_FALSE +AMDEP_TRUE +am__quote +am__include +DEPDIR +OBJEXT +EXEEXT +ac_ct_CC +CPPFLAGS +LDFLAGS +CFLAGS +CC +MAINT +MAINTAINER_MODE_FALSE +MAINTAINER_MODE_TRUE +am__untar +am__tar +AMTAR +am__leading_dot +SET_MAKE +AWK +mkdir_p +MKDIR_P +INSTALL_STRIP_PROGRAM +STRIP +install_sh +MAKEINFO +AUTOHEADER +AUTOMAKE +AUTOCONF +ACLOCAL +VERSION +PACKAGE +CYGPATH_W +am__isrc +INSTALL_DATA +INSTALL_SCRIPT +INSTALL_PROGRAM +target_alias +host_alias +build_alias +LIBS +ECHO_T +ECHO_N +ECHO_C +DEFS +mandir +localedir +libdir +psdir +pdfdir +dvidir +htmldir +infodir +docdir +oldincludedir +includedir +localstatedir +sharedstatedir +sysconfdir +datadir +datarootdir +libexecdir +sbindir +bindir +program_transform_name +prefix +exec_prefix +PACKAGE_URL +PACKAGE_BUGREPORT +PACKAGE_STRING +PACKAGE_VERSION +PACKAGE_TARNAME +PACKAGE_NAME +PATH_SEPARATOR +SHELL' ac_subst_files='' +ac_user_opts=' +enable_option_checking +enable_maintainer_mode +enable_dependency_tracking +enable_shared +enable_static +with_pic +enable_fast_install +with_gnu_ld +with_sysroot +enable_libtool_lock +enable_largefile +enable_dynamic_afs +with_mips_abi +with_cross_tools +with_openldap +with_openldap_lib +with_openldap_include +with_openldap_config +enable_hdb_openldap_module +enable_pk_init +enable_digest +enable_kx509 +with_capng +with_sqlite3 +with_sqlite3_lib +with_sqlite3_include +with_sqlite3_config +enable_sqlite_cache +with_libintl +with_libintl_lib +with_libintl_include +with_libintl_config +with_hdbdir +with_openssl +with_openssl_lib +with_openssl_include +enable_pthread_support +enable_dce +enable_afs_support +with_berkeley_db +with_berkeley_db_include +enable_ndbm_db +enable_developer +with_ipv6 +enable_socket_wrapper +enable_otp +enable_osfc2 +enable_mmap +enable_afs_string_to_key +with_readline +with_readline_lib +with_readline_include +with_readline_config +with_libedit +with_libedit_lib +with_libedit_include +with_libedit_config +with_hesiod +with_hesiod_lib +with_hesiod_include +with_hesiod_config +enable_bigendian +enable_littleendian +with_x +enable_kcm +enable_heimdal_documentation +' ac_precious_vars='build_alias host_alias target_alias @@ -1032,18 +990,17 @@ CPPFLAGS CPP YACC YFLAGS -CXX -CXXFLAGS -CCC -CXXCPP -F77 -FFLAGS +PKG_CONFIG +CAPNG_CFLAGS +CAPNG_LIBS XMKMF' - +ac_subdirs_all='lib/libedit' # Initialize some variables set by options. ac_init_help= ac_init_version=false +ac_unrecognized_opts= +ac_unrecognized_sep= # The variables have the same names as the options, with # dashes changed to underlines. cache_file=/dev/null @@ -1142,13 +1099,20 @@ do datarootdir=$ac_optarg ;; -disable-* | --disable-*) - ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'` + ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid feature name: $ac_feature" >&2 - { (exit 1); exit 1; }; } - ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'` - eval enable_$ac_feature=no ;; + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=no ;; -docdir | --docdir | --docdi | --doc | --do) ac_prev=docdir ;; @@ -1161,13 +1125,20 @@ do dvidir=$ac_optarg ;; -enable-* | --enable-*) - ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` + ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid feature name: $ac_feature" >&2 - { (exit 1); exit 1; }; } - ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'` - eval enable_$ac_feature=\$ac_optarg ;; + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=\$ac_optarg ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ @@ -1358,22 +1329,36 @@ do ac_init_version=: ;; -with-* | --with-*) - ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` + ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid package name: $ac_package" >&2 - { (exit 1); exit 1; }; } - ac_package=`echo $ac_package | sed 's/[-.]/_/g'` - eval with_$ac_package=\$ac_optarg ;; + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=\$ac_optarg ;; -without-* | --without-*) - ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'` + ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid package name: $ac_package" >&2 - { (exit 1); exit 1; }; } - ac_package=`echo $ac_package | sed 's/[-.]/_/g'` - eval with_$ac_package=no ;; + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=no ;; --x) # Obsolete; use --with-x. @@ -1393,25 +1378,25 @@ do | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; - -*) { echo "$as_me: error: unrecognized option: $ac_option -Try \`$0 --help' for more information." >&2 - { (exit 1); exit 1; }; } + -*) as_fn_error "unrecognized option: \`$ac_option' +Try \`$0 --help' for more information." ;; *=*) ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` # Reject names that are not valid shell variable names. - expr "x$ac_envvar" : ".*[^_$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid variable name: $ac_envvar" >&2 - { (exit 1); exit 1; }; } + case $ac_envvar in #( + '' | [0-9]* | *[!_$as_cr_alnum]* ) + as_fn_error "invalid variable name: \`$ac_envvar'" ;; + esac eval $ac_envvar=\$ac_optarg export $ac_envvar ;; *) # FIXME: should be removed in autoconf 3.0. - echo "$as_me: WARNING: you should use --build, --host, --target" >&2 + $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && - echo "$as_me: WARNING: invalid host type: $ac_option" >&2 + $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} ;; @@ -1420,23 +1405,36 @@ done if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` - { echo "$as_me: error: missing argument to $ac_option" >&2 - { (exit 1); exit 1; }; } + as_fn_error "missing argument to $ac_option" fi -# Be sure to have absolute directory names. +if test -n "$ac_unrecognized_opts"; then + case $enable_option_checking in + no) ;; + fatal) as_fn_error "unrecognized options: $ac_unrecognized_opts" ;; + *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; + esac +fi + +# Check all directory arguments for consistency. for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ libdir localedir mandir do eval ac_val=\$$ac_var + # Remove trailing slashes. + case $ac_val in + */ ) + ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` + eval $ac_var=\$ac_val;; + esac + # Be sure to have absolute directory names. case $ac_val in [\\/$]* | ?:[\\/]* ) continue;; NONE | '' ) case $ac_var in *prefix ) continue;; esac;; esac - { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2 - { (exit 1); exit 1; }; } + as_fn_error "expected an absolute directory name for --$ac_var: $ac_val" done # There might be people who depend on the old broken behavior: `$host' @@ -1450,7 +1448,7 @@ target=$target_alias if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe - echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host. + $as_echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host. If a cross compiler is detected then cross compile mode will be used." >&2 elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes @@ -1466,23 +1464,21 @@ test "$silent" = yes && exec 6>/dev/null ac_pwd=`pwd` && test -n "$ac_pwd" && ac_ls_di=`ls -di .` && ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || - { echo "$as_me: error: Working directory cannot be determined" >&2 - { (exit 1); exit 1; }; } + as_fn_error "working directory cannot be determined" test "X$ac_ls_di" = "X$ac_pwd_ls_di" || - { echo "$as_me: error: pwd does not report name of working directory" >&2 - { (exit 1); exit 1; }; } + as_fn_error "pwd does not report name of working directory" # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then the parent directory. - ac_confdir=`$as_dirname -- "$0" || -$as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$0" : 'X\(//\)[^/]' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -echo X"$0" | + ac_confdir=`$as_dirname -- "$as_myself" || +$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_myself" : 'X\(//\)[^/]' \| \ + X"$as_myself" : 'X\(//\)$' \| \ + X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_myself" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -1509,13 +1505,11 @@ else fi if test ! -r "$srcdir/$ac_unique_file"; then test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." - { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2 - { (exit 1); exit 1; }; } + as_fn_error "cannot find sources ($ac_unique_file) in $srcdir" fi ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" ac_abs_confdir=`( - cd "$srcdir" && test -r "./$ac_unique_file" || { echo "$as_me: error: $ac_msg" >&2 - { (exit 1); exit 1; }; } + cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error "$ac_msg" pwd)` # When building in place, set srcdir=. if test "$ac_abs_confdir" = "$ac_pwd"; then @@ -1541,7 +1535,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures Heimdal 1.1 to adapt to many kinds of systems. +\`configure' configures Heimdal 1.5 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1563,9 +1557,9 @@ Configuration: Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX - [$ac_default_prefix] + [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX - [PREFIX] + [PREFIX] By default, \`make install' will install all the files in \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify @@ -1575,25 +1569,25 @@ for instance \`--prefix=\$HOME'. For better control, use the options below. Fine tuning of the installation directories: - --bindir=DIR user executables [EPREFIX/bin] - --sbindir=DIR system admin executables [EPREFIX/sbin] - --libexecdir=DIR program executables [EPREFIX/libexec] - --sysconfdir=DIR read-only single-machine data [PREFIX/etc] - --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] - --localstatedir=DIR modifiable single-machine data [PREFIX/var] - --libdir=DIR object code libraries [EPREFIX/lib] - --includedir=DIR C header files [PREFIX/include] - --oldincludedir=DIR C header files for non-gcc [/usr/include] - --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] - --datadir=DIR read-only architecture-independent data [DATAROOTDIR] - --infodir=DIR info documentation [DATAROOTDIR/info] - --localedir=DIR locale-dependent data [DATAROOTDIR/locale] - --mandir=DIR man documentation [DATAROOTDIR/man] - --docdir=DIR documentation root [DATAROOTDIR/doc/heimdal] - --htmldir=DIR html documentation [DOCDIR] - --dvidir=DIR dvi documentation [DOCDIR] - --pdfdir=DIR pdf documentation [DOCDIR] - --psdir=DIR ps documentation [DOCDIR] + --bindir=DIR user executables [EPREFIX/bin] + --sbindir=DIR system admin executables [EPREFIX/sbin] + --libexecdir=DIR program executables [EPREFIX/libexec] + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] + --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] + --datadir=DIR read-only architecture-independent data [DATAROOTDIR] + --infodir=DIR info documentation [DATAROOTDIR/info] + --localedir=DIR locale-dependent data [DATAROOTDIR/locale] + --mandir=DIR man documentation [DATAROOTDIR/man] + --docdir=DIR documentation root [DATAROOTDIR/doc/heimdal] + --htmldir=DIR html documentation [DOCDIR] + --dvidir=DIR dvi documentation [DOCDIR] + --pdfdir=DIR pdf documentation [DOCDIR] + --psdir=DIR ps documentation [DOCDIR] _ACEOF cat <<\_ACEOF @@ -1615,30 +1609,36 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of Heimdal 1.1:";; + short | recursive ) echo "Configuration of Heimdal 1.5:";; esac cat <<\_ACEOF Optional Features: + --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --enable-maintainer-mode enable make rules and dependencies not useful (and sometimes confusing) to the casual installer - --disable-largefile omit support for large files + --disable-dependency-tracking speeds up one-time build + --enable-dependency-tracking do not reject slow dependency extractors --enable-shared[=PKGS] build shared libraries [default=yes] --enable-static[=PKGS] build static libraries [default=yes] --enable-fast-install[=PKGS] optimize for fast installation [default=yes] --disable-libtool-lock avoid locking (might break parallel builds) + --disable-largefile omit support for large files + --disable-dynamic-afs do not use loaded AFS library with AIX --enable-hdb-openldap-module if you want support to build openldap hdb as shared object --disable-pk-init if you want disable to PK-INIT support + --disable-digest if you want disable to DIGEST support + --disable-kx509 if you want disable to kx509 support + --disable-sqlite-cache if you want support for cache in sqlite --enable-pthread-support if you want thread safe libraries --enable-dce if you want support for DCE/DFS PAG's --disable-afs-support if you don't want support for AFS - --disable-berkeley-db if you don't want berkeley db --disable-ndbm-db if you don't want ndbm db --enable-developer enable developer warnings --enable-socket-wrapper use sambas socket-wrapper for testing @@ -1649,30 +1649,48 @@ Optional Features: disable use of weak AFS string-to-key functions --enable-bigendian the target is big endian --enable-littleendian the target is little endian - --disable-dynamic-afs do not use loaded AFS library with AIX - --enable-netinfo enable netinfo for configuration lookup --enable-kcm enable Kerberos Credentials Manager + --disable-heimdal-documentation + if you want disable to heimdal documentation Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) - --with-mips-abi=abi ABI to use for IRIX (32, n32, or 64) - --with-gnu-ld assume the C compiler uses GNU ld [default=no] --with-pic try to use only PIC/non-PIC objects [default=use both] - --with-tags[=TAGS] include additional configurations [automatic] + --with-gnu-ld assume the C compiler uses GNU ld [default=no] + --with-sysroot=DIR Search for dependent libraries within DIR + (or the compiler's sysroot if not specified). + --with-mips-abi=abi ABI to use for IRIX (32, n32, or 64) + --with-cross-tools=dir use cross tools in dir --with-openldap=dir use openldap in dir --with-openldap-lib=dir use openldap libraries in dir --with-openldap-include=dir use openldap headers in dir --with-openldap-config=path config program for openldap + --with-capng use libcap-ng to drop KDC privileges [default=check] + --with-sqlite3=dir use sqlite3 in dir + --with-sqlite3-lib=dir use sqlite3 libraries in dir + --with-sqlite3-include=dir + use sqlite3 headers in dir + --with-sqlite3-config=path + config program for sqlite3 + --with-libintl=dir use libintl in dir + --with-libintl-lib=dir use libintl libraries in dir + --with-libintl-include=dir + use libintl headers in dir + --with-libintl-config=path + config program for libintl --with-hdbdir Default location for KDC database [default=/var/heimdal] --with-openssl=dir use openssl in dir --with-openssl-lib=dir use openssl libraries in dir --with-openssl-include=dir use openssl headers in dir + --with-berkeley-db enable support for berkeley db [default=check] + --with-berkeley-db-include=dir + use berkeley-db headers in dir --without-ipv6 do not enable IPv6 support --with-readline=dir use readline in dir --with-readline-lib=dir use readline libraries in dir @@ -1680,6 +1698,12 @@ Optional Packages: use readline headers in dir --with-readline-config=path config program for readline + --with-libedit=dir use libedit in dir + --with-libedit-lib=dir use libedit libraries in dir + --with-libedit-include=dir + use libedit headers in dir + --with-libedit-config=path + config program for libedit --with-hesiod=dir use hesiod in dir --with-hesiod-lib=dir use hesiod libraries in dir --with-hesiod-include=dir @@ -1694,7 +1718,7 @@ Some influential environment variables: LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory LIBS libraries to pass to the linker, e.g. -l - CPPFLAGS C/C++/Objective C preprocessor flags, e.g. -I if + CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory CPP C preprocessor YACC The `Yet Another C Compiler' implementation to use. Defaults to @@ -1702,11 +1726,10 @@ Some influential environment variables: YFLAGS The list of arguments that will be passed by default to $YACC. This script will default YFLAGS to the empty string to avoid a default value of `-d' given by some make applications. - CXX C++ compiler command - CXXFLAGS C++ compiler flags - CXXCPP C++ preprocessor - F77 Fortran 77 compiler command - FFLAGS Fortran 77 compiler flags + PKG_CONFIG path to pkg-config utility + CAPNG_CFLAGS + C compiler flags for CAPNG, overriding pkg-config + CAPNG_LIBS linker flags for CAPNG, overriding pkg-config XMKMF Path to xmkmf, Makefile generator for X Window System Use these variables to override the choices made by `configure' or to help @@ -1720,15 +1743,17 @@ fi if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue - test -d "$ac_dir" || continue + test -d "$ac_dir" || + { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || + continue ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) - ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'` + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; @@ -1764,7 +1789,7 @@ ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix echo && $SHELL "$ac_srcdir/configure" --help=recursive else - echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi || ac_status=$? cd "$ac_pwd" || { ac_status=$?; break; } done @@ -1773,22 +1798,462 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -Heimdal configure 1.1 -generated by GNU Autoconf 2.61 +Heimdal configure 1.5 +generated by GNU Autoconf 2.65 -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +Copyright (C) 2009 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit fi + +## ------------------------ ## +## Autoconf initialization. ## +## ------------------------ ## + +# ac_fn_c_try_compile LINENO +# -------------------------- +# Try to compile conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext + if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval + +} # ac_fn_c_try_compile + +# ac_fn_c_try_cpp LINENO +# ---------------------- +# Try to preprocess conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_cpp () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval + +} # ac_fn_c_try_cpp + +# ac_fn_c_try_link LINENO +# ----------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_link () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext conftest$ac_exeext + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && { + test "$cross_compiling" = yes || + $as_test_x conftest$ac_exeext + }; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information + # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would + # interfere with the next link command; also delete a directory that is + # left behind by Apple's compiler. We do this before executing the actions. + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval + +} # ac_fn_c_try_link + +# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists and can be compiled using the include files in +# INCLUDES, setting the cache variable VAR accordingly. +ac_fn_c_check_header_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$3=yes" +else + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + +} # ac_fn_c_check_header_compile + +# ac_fn_c_try_run LINENO +# ---------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes +# that executables *can* be run. +ac_fn_c_try_run () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then : + ac_retval=0 +else + $as_echo "$as_me: program exited with status $ac_status" >&5 + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=$ac_status +fi + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval + +} # ac_fn_c_try_run + +# ac_fn_c_check_func LINENO FUNC VAR +# ---------------------------------- +# Tests whether FUNC exists, setting the cache variable VAR accordingly +ac_fn_c_check_func () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* Define $2 to an innocuous variant, in case declares $2. + For example, HP-UX 11i declares gettimeofday. */ +#define $2 innocuous_$2 + +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char $2 (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $2 + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char $2 (); +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined __stub_$2 || defined __stub___$2 +choke me +#endif + +int +main () +{ +return $2 (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + eval "$3=yes" +else + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + +} # ac_fn_c_check_func + +# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists, giving a warning if it cannot be compiled using +# the include files in INCLUDES and setting the cache variable VAR +# accordingly. +ac_fn_c_check_header_mongrel () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +else + # Is the header compilable? +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 +$as_echo_n "checking $2 usability... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_header_compiler=yes +else + ac_header_compiler=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 +$as_echo "$ac_header_compiler" >&6; } + +# Is the header present? +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 +$as_echo_n "checking $2 presence... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include <$2> +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + ac_header_preproc=yes +else + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 +$as_echo "$ac_header_preproc" >&6; } + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( + yes:no: ) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 +$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 +$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} + ;; + no:yes:* ) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 +$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 +$as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 +$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 +$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 +$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} +( cat <<\_ASBOX +## ----------------------------------- ## +## Report this to heimdal-bugs@h5l.org ## +## ----------------------------------- ## +_ASBOX + ) | sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + eval "$3=\$ac_header_compiler" +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +fi + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + +} # ac_fn_c_check_header_mongrel + +# ac_fn_c_check_type LINENO TYPE VAR INCLUDES +# ------------------------------------------- +# Tests whether TYPE exists after having included INCLUDES, setting cache +# variable VAR accordingly. +ac_fn_c_check_type () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + eval "$3=no" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +if (sizeof ($2)) + return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +if (sizeof (($2))) + return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +else + eval "$3=yes" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + +} # ac_fn_c_check_type + +# ac_fn_c_check_header_preproc LINENO HEADER VAR +# ---------------------------------------------- +# Tests whether HEADER is present, setting the cache variable VAR accordingly. +ac_fn_c_check_header_preproc () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include <$2> +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + eval "$3=yes" +else + eval "$3=no" +fi +rm -f conftest.err conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + +} # ac_fn_c_check_header_preproc cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by Heimdal $as_me 1.1, which was -generated by GNU Autoconf 2.61. Invocation command line was +It was created by Heimdal $as_me 1.5, which was +generated by GNU Autoconf 2.65. Invocation command line was $ $0 $@ @@ -1824,8 +2289,8 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - echo "PATH: $as_dir" -done + $as_echo "PATH: $as_dir" + done IFS=$as_save_IFS } >&5 @@ -1859,12 +2324,12 @@ do | -silent | --silent | --silen | --sile | --sil) continue ;; *\'*) - ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; esac case $ac_pass in - 1) ac_configure_args0="$ac_configure_args0 '$ac_arg'" ;; + 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; 2) - ac_configure_args1="$ac_configure_args1 '$ac_arg'" + as_fn_append ac_configure_args1 " '$ac_arg'" if test $ac_must_keep_next = true; then ac_must_keep_next=false # Got value, back to normal. else @@ -1880,13 +2345,13 @@ do -* ) ac_must_keep_next=true ;; esac fi - ac_configure_args="$ac_configure_args '$ac_arg'" + as_fn_append ac_configure_args " '$ac_arg'" ;; esac done done -$as_unset ac_configure_args0 || test "${ac_configure_args0+set}" != set || { ac_configure_args0=; export ac_configure_args0; } -$as_unset ac_configure_args1 || test "${ac_configure_args1+set}" != set || { ac_configure_args1=; export ac_configure_args1; } +{ ac_configure_args0=; unset ac_configure_args0;} +{ ac_configure_args1=; unset ac_configure_args1;} # When interrupted or exit'd, cleanup temporary files, and complete # config.log. We remove comments because anyway the quotes in there @@ -1911,12 +2376,13 @@ _ASBOX case $ac_val in #( *${as_nl}*) case $ac_var in #( - *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5 -echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;; + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( - *) $as_unset $ac_var ;; + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done @@ -1945,9 +2411,9 @@ _ASBOX do eval ac_val=\$$ac_var case $ac_val in - *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac - echo "$ac_var='\''$ac_val'\''" + $as_echo "$ac_var='\''$ac_val'\''" done | sort echo @@ -1962,9 +2428,9 @@ _ASBOX do eval ac_val=\$$ac_var case $ac_val in - *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac - echo "$ac_var='\''$ac_val'\''" + $as_echo "$ac_var='\''$ac_val'\''" done | sort echo fi @@ -1980,86 +2446,94 @@ _ASBOX echo fi test "$ac_signal" != 0 && - echo "$as_me: caught signal $ac_signal" - echo "$as_me: exit $exit_status" + $as_echo "$as_me: caught signal $ac_signal" + $as_echo "$as_me: exit $exit_status" } >&5 rm -f core *.core core.conftest.* && rm -f -r conftest* confdefs* conf$$* $ac_clean_files && exit $exit_status ' 0 for ac_signal in 1 2 13 15; do - trap 'ac_signal='$ac_signal'; { (exit 1); exit 1; }' $ac_signal + trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal done ac_signal=0 # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -f -r conftest* confdefs.h +$as_echo "/* confdefs.h */" > confdefs.h + # Predefined preprocessor variables. cat >>confdefs.h <<_ACEOF #define PACKAGE_NAME "$PACKAGE_NAME" _ACEOF - cat >>confdefs.h <<_ACEOF #define PACKAGE_TARNAME "$PACKAGE_TARNAME" _ACEOF - cat >>confdefs.h <<_ACEOF #define PACKAGE_VERSION "$PACKAGE_VERSION" _ACEOF - cat >>confdefs.h <<_ACEOF #define PACKAGE_STRING "$PACKAGE_STRING" _ACEOF - cat >>confdefs.h <<_ACEOF #define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" _ACEOF +cat >>confdefs.h <<_ACEOF +#define PACKAGE_URL "$PACKAGE_URL" +_ACEOF + # Let the site file select an alternate cache file if it wants to. -# Prefer explicitly selected file to automatically selected ones. +# Prefer an explicitly selected file to automatically selected ones. +ac_site_file1=NONE +ac_site_file2=NONE if test -n "$CONFIG_SITE"; then - set x "$CONFIG_SITE" + ac_site_file1=$CONFIG_SITE elif test "x$prefix" != xNONE; then - set x "$prefix/share/config.site" "$prefix/etc/config.site" + ac_site_file1=$prefix/share/config.site + ac_site_file2=$prefix/etc/config.site else - set x "$ac_default_prefix/share/config.site" \ - "$ac_default_prefix/etc/config.site" + ac_site_file1=$ac_default_prefix/share/config.site + ac_site_file2=$ac_default_prefix/etc/config.site fi -shift -for ac_site_file +for ac_site_file in "$ac_site_file1" "$ac_site_file2" do - if test -r "$ac_site_file"; then - { echo "$as_me:$LINENO: loading site script $ac_site_file" >&5 -echo "$as_me: loading site script $ac_site_file" >&6;} + test "x$ac_site_file" = xNONE && continue + if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 +$as_echo "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" fi done if test -r "$cache_file"; then - # Some versions of bash will fail to source /dev/null (special - # files actually), so we avoid doing that. - if test -f "$cache_file"; then - { echo "$as_me:$LINENO: loading cache $cache_file" >&5 -echo "$as_me: loading cache $cache_file" >&6;} + # Some versions of bash will fail to source /dev/null (special files + # actually), so we avoid doing that. DJGPP emulates it as a regular file. + if test /dev/null != "$cache_file" && test -f "$cache_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 +$as_echo "$as_me: loading cache $cache_file" >&6;} case $cache_file in [\\/]* | ?:[\\/]* ) . "$cache_file";; *) . "./$cache_file";; esac fi else - { echo "$as_me:$LINENO: creating cache $cache_file" >&5 -echo "$as_me: creating cache $cache_file" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 +$as_echo "$as_me: creating cache $cache_file" >&6;} >$cache_file fi +as_fn_append ac_header_list " stdlib.h" +as_fn_append ac_header_list " unistd.h" +as_fn_append ac_header_list " sys/param.h" # Check that the precious variables saved in the cache have kept the same # value. ac_cache_corrupted=false @@ -2070,68 +2544,56 @@ for ac_var in $ac_precious_vars; do eval ac_new_val=\$ac_env_${ac_var}_value case $ac_old_set,$ac_new_set in set,) - { echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 -echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) - { echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5 -echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) if test "x$ac_old_val" != "x$ac_new_val"; then - { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5 -echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} - { echo "$as_me:$LINENO: former value: $ac_old_val" >&5 -echo "$as_me: former value: $ac_old_val" >&2;} - { echo "$as_me:$LINENO: current value: $ac_new_val" >&5 -echo "$as_me: current value: $ac_new_val" >&2;} - ac_cache_corrupted=: + # differences in whitespace do not lead to failure. + ac_old_val_w=`echo x $ac_old_val` + ac_new_val_w=`echo x $ac_new_val` + if test "$ac_old_val_w" != "$ac_new_val_w"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 +$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + ac_cache_corrupted=: + else + { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 +$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} + eval $ac_var=\$ac_old_val + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 +$as_echo "$as_me: former value: \`$ac_old_val'" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 +$as_echo "$as_me: current value: \`$ac_new_val'" >&2;} fi;; esac # Pass precious variables to config.status. if test "$ac_new_set" = set; then case $ac_new_val in - *\'*) ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; *) ac_arg=$ac_var=$ac_new_val ;; esac case " $ac_configure_args " in *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. - *) ac_configure_args="$ac_configure_args '$ac_arg'" ;; + *) as_fn_append ac_configure_args " '$ac_arg'" ;; esac fi done if $ac_cache_corrupted; then - { echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5 -echo "$as_me: error: changes in the environment can compromise the build" >&2;} - { { echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5 -echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;} - { (exit 1); exit 1; }; } + { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 +$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} + as_fn_error "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 fi - - - - - - - - - - - - - - - - - - - - - - - - +## -------------------- ## +## Main body of script. ## +## -------------------- ## ac_ext=c ac_cpp='$CPP $CPPFLAGS' @@ -2144,28 +2606,21 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_config_headers="$ac_config_headers include/config.h" -am__api_version='1.10' + +am__api_version='1.11' ac_aux_dir= for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do - if test -f "$ac_dir/install-sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install-sh -c" - break - elif test -f "$ac_dir/install.sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install.sh -c" - break - elif test -f "$ac_dir/shtool"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/shtool install -c" - break - fi + for ac_t in install-sh install.sh shtool; do + if test -f "$ac_dir/$ac_t"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/$ac_t -c" + break 2 + fi + done done if test -z "$ac_aux_dir"; then - { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" >&5 -echo "$as_me: error: cannot find install-sh or install.sh in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 fi # These three variables are undocumented and unsupported, @@ -2190,22 +2645,23 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" # OS/2's system install, which has a completely different semantic # ./install, which can be erroneously created by make from ./install.sh. -{ echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5 -echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6; } +# Reject install programs that cannot install multiple files. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 +$as_echo_n "checking for a BSD-compatible install... " >&6; } if test -z "$INSTALL"; then -if test "${ac_cv_path_install+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "${ac_cv_path_install+set}" = set; then : + $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - # Account for people who put trailing slashes in PATH elements. -case $as_dir/ in - ./ | .// | /cC/* | \ + # Account for people who put trailing slashes in PATH elements. +case $as_dir/ in #(( + ./ | .// | /[cC]/* | \ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ - ?:\\/os2\\/install\\/* | ?:\\/OS2\\/INSTALL\\/* | \ + ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ /usr/ucb/* ) ;; *) # OSF1 and SCO ODT 3.0 have their own names for install. @@ -2223,17 +2679,29 @@ case $as_dir/ in # program-specific install script used by HP pwplus--don't use. : else - ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" - break 3 + rm -rf conftest.one conftest.two conftest.dir + echo one > conftest.one + echo two > conftest.two + mkdir conftest.dir + if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && + test -s conftest.one && test -s conftest.two && + test -s conftest.dir/conftest.one && + test -s conftest.dir/conftest.two + then + ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" + break 3 + fi fi fi done done ;; esac -done + + done IFS=$as_save_IFS +rm -rf conftest.one conftest.two conftest.dir fi if test "${ac_cv_path_install+set}" = set; then @@ -2246,8 +2714,8 @@ fi INSTALL=$ac_install_sh fi fi -{ echo "$as_me:$LINENO: result: $INSTALL" >&5 -echo "${ECHO_T}$INSTALL" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 +$as_echo "$INSTALL" >&6; } # Use test -z because SunOS4 sh mishandles braces in ${var-val}. # It thinks the first close brace ends the variable substitution. @@ -2257,21 +2725,34 @@ test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' -{ echo "$as_me:$LINENO: checking whether build environment is sane" >&5 -echo $ECHO_N "checking whether build environment is sane... $ECHO_C" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5 +$as_echo_n "checking whether build environment is sane... " >&6; } # Just in case sleep 1 echo timestamp > conftest.file +# Reject unsafe characters in $srcdir or the absolute working directory +# name. Accept space and tab only in the latter. +am_lf=' +' +case `pwd` in + *[\\\"\#\$\&\'\`$am_lf]*) + as_fn_error "unsafe absolute working directory name" "$LINENO" 5;; +esac +case $srcdir in + *[\\\"\#\$\&\'\`$am_lf\ \ ]*) + as_fn_error "unsafe srcdir value: \`$srcdir'" "$LINENO" 5;; +esac + # Do `set' in a subshell so we don't clobber the current shell's # arguments. Must try -L first in case configure is actually a # symlink; some systems play weird games with the mod time of symlinks # (eg FreeBSD returns the mod time of the symlink's containing # directory). if ( - set X `ls -Lt $srcdir/configure conftest.file 2> /dev/null` + set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` if test "$*" = "X"; then # -L didn't work. - set X `ls -t $srcdir/configure conftest.file` + set X `ls -t "$srcdir/configure" conftest.file` fi rm -f conftest.file if test "$*" != "X $srcdir/configure conftest.file" \ @@ -2281,11 +2762,8 @@ if ( # if, for instance, CONFIG_SHELL is bash and it inherits a # broken ls alias from the environment. This has actually # happened. Such a system could not be considered "sane". - { { echo "$as_me:$LINENO: error: ls -t appears to fail. Make sure there is not a broken -alias in your environment" >&5 -echo "$as_me: error: ls -t appears to fail. Make sure there is not a broken -alias in your environment" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "ls -t appears to fail. Make sure there is not a broken +alias in your environment" "$LINENO" 5 fi test "$2" = conftest.file @@ -2294,52 +2772,162 @@ then # Ok. : else - { { echo "$as_me:$LINENO: error: newly created file is older than distributed files! -Check your system clock" >&5 -echo "$as_me: error: newly created file is older than distributed files! -Check your system clock" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "newly created file is older than distributed files! +Check your system clock" "$LINENO" 5 fi -{ echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } test "$program_prefix" != NONE && program_transform_name="s&^&$program_prefix&;$program_transform_name" # Use a double $ so make ignores it. test "$program_suffix" != NONE && program_transform_name="s&\$&$program_suffix&;$program_transform_name" -# Double any \ or $. echo might interpret backslashes. +# Double any \ or $. # By default was `s,x,x', remove it if useless. -cat <<\_ACEOF >conftest.sed -s/[\\$]/&&/g;s/;s,x,x,$// -_ACEOF -program_transform_name=`echo $program_transform_name | sed -f conftest.sed` -rm -f conftest.sed +ac_script='s/[\\$]/&&/g;s/;s,x,x,$//' +program_transform_name=`$as_echo "$program_transform_name" | sed "$ac_script"` # expand $ac_aux_dir to an absolute path am_aux_dir=`cd $ac_aux_dir && pwd` -test x"${MISSING+set}" = xset || MISSING="\${SHELL} $am_aux_dir/missing" +if test x"${MISSING+set}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; + *) + MISSING="\${SHELL} $am_aux_dir/missing" ;; + esac +fi # Use eval to expand $SHELL if eval "$MISSING --run true"; then am_missing_run="$MISSING --run " else am_missing_run= - { echo "$as_me:$LINENO: WARNING: \`missing' script is too old or missing" >&5 -echo "$as_me: WARNING: \`missing' script is too old or missing" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \`missing' script is too old or missing" >&5 +$as_echo "$as_me: WARNING: \`missing' script is too old or missing" >&2;} fi -{ echo "$as_me:$LINENO: checking for a thread-safe mkdir -p" >&5 -echo $ECHO_N "checking for a thread-safe mkdir -p... $ECHO_C" >&6; } +if test x"${install_sh}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; + *) + install_sh="\${SHELL} $am_aux_dir/install-sh" + esac +fi + +# Installed binaries are usually stripped using `strip' when the user +# run `make install-strip'. However `strip' might not be the right +# tool to use in cross-compilation environments, therefore Automake +# will honor the `STRIP' environment variable to overrule this program. +if test "$cross_compiling" != no; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. +set dummy ${ac_tool_prefix}strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_STRIP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$STRIP"; then + ac_cv_prog_STRIP="$STRIP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_STRIP="${ac_tool_prefix}strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +STRIP=$ac_cv_prog_STRIP +if test -n "$STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 +$as_echo "$STRIP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_STRIP"; then + ac_ct_STRIP=$STRIP + # Extract the first word of "strip", so it can be a program name with args. +set dummy strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_STRIP"; then + ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_STRIP="strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP +if test -n "$ac_ct_STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 +$as_echo "$ac_ct_STRIP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_STRIP" = x; then + STRIP=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + STRIP=$ac_ct_STRIP + fi +else + STRIP="$ac_cv_prog_STRIP" +fi + +fi +INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5 +$as_echo_n "checking for a thread-safe mkdir -p... " >&6; } if test -z "$MKDIR_P"; then - if test "${ac_cv_path_mkdir+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if test "${ac_cv_path_mkdir+set}" = set; then : + $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_prog in mkdir gmkdir; do + for ac_prog in mkdir gmkdir; do for ac_exec_ext in '' $ac_executable_extensions; do { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; } || continue case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( @@ -2351,11 +2939,12 @@ do esac done done -done + done IFS=$as_save_IFS fi + test -d ./--version && rmdir ./--version if test "${ac_cv_path_mkdir+set}" = set; then MKDIR_P="$ac_cv_path_mkdir -p" else @@ -2363,12 +2952,11 @@ fi # value for MKDIR_P within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the value is a relative name. - test -d ./--version && rmdir ./--version MKDIR_P="$ac_install_sh -d" fi fi -{ echo "$as_me:$LINENO: result: $MKDIR_P" >&5 -echo "${ECHO_T}$MKDIR_P" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 +$as_echo "$MKDIR_P" >&6; } mkdir_p="$MKDIR_P" case $mkdir_p in @@ -2380,10 +2968,10 @@ for ac_prog in gawk mawk nawk awk do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_AWK+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_AWK+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test -n "$AWK"; then ac_cv_prog_AWK="$AWK" # Let the user override the test. @@ -2393,36 +2981,37 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do + for ac_exec_ext in '' $ac_executable_extensions; do if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_AWK="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi AWK=$ac_cv_prog_AWK if test -n "$AWK"; then - { echo "$as_me:$LINENO: result: $AWK" >&5 -echo "${ECHO_T}$AWK" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 +$as_echo "$AWK" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi test -n "$AWK" && break done -{ echo "$as_me:$LINENO: checking whether ${MAKE-make} sets \$(MAKE)" >&5 -echo $ECHO_N "checking whether ${MAKE-make} sets \$(MAKE)... $ECHO_C" >&6; } -set x ${MAKE-make}; ac_make=`echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` -if { as_var=ac_cv_prog_make_${ac_make}_set; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 +$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } +set x ${MAKE-make} +ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` +if { as_var=ac_cv_prog_make_${ac_make}_set; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else cat >conftest.make <<\_ACEOF SHELL = /bin/sh @@ -2439,12 +3028,12 @@ esac rm -f conftest.make fi if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } SET_MAKE= else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } SET_MAKE="MAKE=${MAKE-make}" fi @@ -2463,9 +3052,7 @@ if test "`cd $srcdir && pwd`" != "`pwd`"; then am__isrc=' -I$(srcdir)' # test to see if srcdir already configured if test -f $srcdir/config.status; then - { { echo "$as_me:$LINENO: error: source directory already configured; run \"make distclean\" there first" >&5 -echo "$as_me: error: source directory already configured; run \"make distclean\" there first" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "source directory already configured; run \"make distclean\" there first" "$LINENO" 5 fi fi @@ -2481,7 +3068,7 @@ fi # Define the identity of the package. PACKAGE='heimdal' - VERSION='1.1' + VERSION='1.5' cat >>confdefs.h <<_ACEOF @@ -2509,112 +3096,6 @@ AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"} MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} -install_sh=${install_sh-"\$(SHELL) $am_aux_dir/install-sh"} - -# Installed binaries are usually stripped using `strip' when the user -# run `make install-strip'. However `strip' might not be the right -# tool to use in cross-compilation environments, therefore Automake -# will honor the `STRIP' environment variable to overrule this program. -if test "$cross_compiling" != no; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. -set dummy ${ac_tool_prefix}strip; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_STRIP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$STRIP"; then - ac_cv_prog_STRIP="$STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_STRIP="${ac_tool_prefix}strip" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -STRIP=$ac_cv_prog_STRIP -if test -n "$STRIP"; then - { echo "$as_me:$LINENO: result: $STRIP" >&5 -echo "${ECHO_T}$STRIP" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_STRIP"; then - ac_ct_STRIP=$STRIP - # Extract the first word of "strip", so it can be a program name with args. -set dummy strip; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_STRIP"; then - ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_STRIP="strip" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP -if test -n "$ac_ct_STRIP"; then - { echo "$as_me:$LINENO: result: $ac_ct_STRIP" >&5 -echo "${ECHO_T}$ac_ct_STRIP" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_STRIP" = x; then - STRIP=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - STRIP=$ac_ct_STRIP - fi -else - STRIP="$ac_cv_prog_STRIP" -fi - -fi -INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" - # We need awk for the "check" target. The system "awk" is bad on # some platforms. # Always define AMTAR for backward compatibility. @@ -2627,17 +3108,18 @@ am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -' -{ echo "$as_me:$LINENO: checking whether to enable maintainer-specific portions of Makefiles" >&5 -echo $ECHO_N "checking whether to enable maintainer-specific portions of Makefiles... $ECHO_C" >&6; } + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5 +$as_echo_n "checking whether to enable maintainer-specific portions of Makefiles... " >&6; } # Check whether --enable-maintainer-mode was given. -if test "${enable_maintainer_mode+set}" = set; then +if test "${enable_maintainer_mode+set}" = set; then : enableval=$enable_maintainer_mode; USE_MAINTAINER_MODE=$enableval else USE_MAINTAINER_MODE=no fi - { echo "$as_me:$LINENO: result: $USE_MAINTAINER_MODE" >&5 -echo "${ECHO_T}$USE_MAINTAINER_MODE" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $USE_MAINTAINER_MODE" >&5 +$as_echo "$USE_MAINTAINER_MODE" >&6; } if test $USE_MAINTAINER_MODE = yes; then MAINTAINER_MODE_TRUE= MAINTAINER_MODE_FALSE='#' @@ -2658,10 +3140,10 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. @@ -2671,25 +3153,25 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do + for ac_exec_ext in '' $ac_executable_extensions; do if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_CC="${ac_tool_prefix}gcc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -2698,10 +3180,10 @@ if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. @@ -2711,25 +3193,25 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do + for ac_exec_ext in '' $ac_executable_extensions; do if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_ac_ct_CC="gcc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then - { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 -echo "${ECHO_T}$ac_ct_CC" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi if test "x$ac_ct_CC" = x; then @@ -2737,12 +3219,8 @@ fi else case $cross_compiling:$ac_tool_warned in yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC @@ -2755,10 +3233,10 @@ if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. @@ -2768,25 +3246,25 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do + for ac_exec_ext in '' $ac_executable_extensions; do if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_CC="${ac_tool_prefix}cc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -2795,10 +3273,10 @@ fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. @@ -2809,18 +3287,18 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do + for ac_exec_ext in '' $ac_executable_extensions; do if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS if test $ac_prog_rejected = yes; then @@ -2839,11 +3317,11 @@ fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -2854,10 +3332,10 @@ if test -z "$CC"; then do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. @@ -2867,25 +3345,25 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do + for ac_exec_ext in '' $ac_executable_extensions; do if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -2898,10 +3376,10 @@ if test -z "$CC"; then do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. @@ -2911,25 +3389,25 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do + for ac_exec_ext in '' $ac_executable_extensions; do if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_ac_ct_CC="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then - { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 -echo "${ECHO_T}$ac_ct_CC" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -2941,12 +3419,8 @@ done else case $cross_compiling:$ac_tool_warned in yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC @@ -2956,51 +3430,37 @@ fi fi -test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH -See \`config.log' for more details." >&5 -echo "$as_me: error: no acceptable C compiler found in \$PATH -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } +test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error "no acceptable C compiler found in \$PATH +See \`config.log' for more details." "$LINENO" 5; } # Provide some information about the compiler. -echo "$as_me:$LINENO: checking for C compiler version" >&5 -ac_compiler=`set X $ac_compile; echo $2` -{ (ac_try="$ac_compiler --version >&5" +$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 +set X $ac_compile +ac_compiler=$2 +for ac_option in --version -v -V -qversion; do + { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler --version >&5") 2>&5 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -v >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -v >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -V >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -V >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } + if test -s conftest.err; then + sed '10a\ +... rest of stderr output deleted ... + 10q' conftest.err >conftest.er1 + cat conftest.er1 >&5 + fi + rm -f conftest.er1 conftest.err + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +done -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -3012,42 +3472,38 @@ main () } _ACEOF ac_clean_files_save=$ac_clean_files -ac_clean_files="$ac_clean_files a.out a.exe b.out" +ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. -{ echo "$as_me:$LINENO: checking for C compiler default output file name" >&5 -echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6; } -ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` -# -# List of possible output files, starting from the most likely. -# The algorithm is not robust to junk in `.', hence go to wildcards (a.*) -# only as a last resort. b.out is created by i960 compilers. -ac_files='a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out' -# -# The IRIX 6 linker writes into existing files which may not be -# executable, retaining their permissions. Remove them first so a -# subsequent execution test works. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 +$as_echo_n "checking whether the C compiler works... " >&6; } +ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` + +# The possible output files: +ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" + ac_rmfiles= for ac_file in $ac_files do case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;; + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; * ) ac_rmfiles="$ac_rmfiles $ac_file";; esac done rm -f $ac_rmfiles -if { (ac_try="$ac_link_default" +if { { ac_try="$ac_link_default" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 (eval "$ac_link_default") 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. # So ignore a value of `no', otherwise this would lead to `EXEEXT = no' # in a Makefile. We should not override ac_cv_exeext if it was cached, @@ -3057,14 +3513,14 @@ for ac_file in $ac_files '' do test -f "$ac_file" || continue case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; [ab].out ) # We found the default executable, but exeext='' is most # certainly right. break;; *.* ) - if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; + if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; then :; else ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` fi @@ -3083,78 +3539,42 @@ test "$ac_cv_exeext" = no && ac_cv_exeext= else ac_file='' fi - -{ echo "$as_me:$LINENO: result: $ac_file" >&5 -echo "${ECHO_T}$ac_file" >&6; } -if test -z "$ac_file"; then - echo "$as_me: failed program was:" >&5 +if test -z "$ac_file"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +$as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 -{ { echo "$as_me:$LINENO: error: C compiler cannot create executables -See \`config.log' for more details." >&5 -echo "$as_me: error: C compiler cannot create executables -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +{ as_fn_set_status 77 +as_fn_error "C compiler cannot create executables +See \`config.log' for more details." "$LINENO" 5; }; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } fi - +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 +$as_echo_n "checking for C compiler default output file name... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 +$as_echo "$ac_file" >&6; } ac_exeext=$ac_cv_exeext -# Check that the compiler produces executables we can run. If not, either -# the compiler is broken, or we cross compile. -{ echo "$as_me:$LINENO: checking whether the C compiler works" >&5 -echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6; } -# FIXME: These cross compiler hacks should be removed for Autoconf 3.0 -# If not cross compiling, check that we can run a simple program. -if test "$cross_compiling" != yes; then - if { ac_try='./$ac_file' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - cross_compiling=no - else - if test "$cross_compiling" = maybe; then - cross_compiling=yes - else - { { echo "$as_me:$LINENO: error: cannot run C compiled programs. -If you meant to cross compile, use \`--host'. -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot run C compiled programs. -If you meant to cross compile, use \`--host'. -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } - fi - fi -fi -{ echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - -rm -f a.out a.exe conftest$ac_cv_exeext b.out +rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out ac_clean_files=$ac_clean_files_save -# Check that the compiler produces executables we can run. If not, either -# the compiler is broken, or we cross compile. -{ echo "$as_me:$LINENO: checking whether we are cross compiling" >&5 -echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6; } -{ echo "$as_me:$LINENO: result: $cross_compiling" >&5 -echo "${ECHO_T}$cross_compiling" >&6; } - -{ echo "$as_me:$LINENO: checking for suffix of executables" >&5 -echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6; } -if { (ac_try="$ac_link" +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 +$as_echo_n "checking for suffix of executables... " >&6; } +if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : # If both `conftest.exe' and `conftest' are `present' (well, observable) # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will # work properly (i.e., refer to `conftest.exe'), while it won't with @@ -3162,37 +3582,90 @@ eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 for ac_file in conftest.exe conftest conftest.*; do test -f "$ac_file" || continue case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;; + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` break;; * ) break;; esac done else - { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error "cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details." "$LINENO" 5; } fi - -rm -f conftest$ac_cv_exeext -{ echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5 -echo "${ECHO_T}$ac_cv_exeext" >&6; } +rm -f conftest conftest$ac_cv_exeext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 +$as_echo "$ac_cv_exeext" >&6; } rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext ac_exeext=$EXEEXT -{ echo "$as_me:$LINENO: checking for suffix of object files" >&5 -echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6; } -if test "${ac_cv_objext+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +FILE *f = fopen ("conftest.out", "w"); + return ferror (f) || fclose (f) != 0; + + ; + return 0; +} _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +ac_clean_files="$ac_clean_files conftest.out" +# Check that the compiler produces executables we can run. If not, either +# the compiler is broken, or we cross compile. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 +$as_echo_n "checking whether we are cross compiling... " >&6; } +if test "$cross_compiling" != yes; then + { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if { ac_try='./conftest$ac_cv_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then + cross_compiling=no + else + if test "$cross_compiling" = maybe; then + cross_compiling=yes + else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error "cannot run C compiled programs. +If you meant to cross compile, use \`--host'. +See \`config.log' for more details." "$LINENO" 5; } + fi + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 +$as_echo "$cross_compiling" >&6; } + +rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out +ac_clean_files=$ac_clean_files_save +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 +$as_echo_n "checking for suffix of object files... " >&6; } +if test "${ac_cv_objext+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -3204,51 +3677,46 @@ main () } _ACEOF rm -f conftest.o conftest.obj -if { (ac_try="$ac_compile" +if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : for ac_file in conftest.o conftest.obj conftest.*; do test -f "$ac_file" || continue; case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf ) ;; + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` break;; esac done else - echo "$as_me: failed program was:" >&5 + $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 -{ { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute suffix of object files: cannot compile -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error "cannot compute suffix of object files: cannot compile +See \`config.log' for more details." "$LINENO" 5; } fi - rm -f conftest.$ac_cv_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_objext" >&5 -echo "${ECHO_T}$ac_cv_objext" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 +$as_echo "$ac_cv_objext" >&6; } OBJEXT=$ac_cv_objext ac_objext=$OBJEXT -{ echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5 -echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6; } -if test "${ac_cv_c_compiler_gnu+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 +$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } +if test "${ac_cv_c_compiler_gnu+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -3262,54 +3730,34 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_compiler_gnu=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_compiler_gnu=no + ac_compiler_gnu=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5 -echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6; } -GCC=`test $ac_compiler_gnu = yes && echo yes` +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 +$as_echo "$ac_cv_c_compiler_gnu" >&6; } +if test $ac_compiler_gnu = yes; then + GCC=yes +else + GCC= +fi ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS -{ echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5 -echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6; } -if test "${ac_cv_prog_cc_g+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 +$as_echo_n "checking whether $CC accepts -g... " >&6; } +if test "${ac_cv_prog_cc_g+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no CFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -3320,34 +3768,11 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - CFLAGS="" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + CFLAGS="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -3358,35 +3783,12 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_c_try_compile "$LINENO"; then : - ac_c_werror_flag=$ac_save_c_werror_flag +else + ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -3397,42 +3799,18 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_c_werror_flag=$ac_save_c_werror_flag fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5 -echo "${ECHO_T}$ac_cv_prog_cc_g" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 +$as_echo "$ac_cv_prog_cc_g" >&6; } if test "$ac_test_CFLAGS" = set; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then @@ -3448,18 +3826,14 @@ else CFLAGS= fi fi -{ echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5 -echo $ECHO_N "checking for $CC option to accept ISO C89... $ECHO_C" >&6; } -if test "${ac_cv_prog_cc_c89+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 +$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } +if test "${ac_cv_prog_cc_c89+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c89=no ac_save_CC=$CC -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -3516,31 +3890,9 @@ for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" - rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then + if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_c89=$ac_arg -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - rm -f core conftest.err conftest.$ac_objext test "x$ac_cv_prog_cc_c89" != "xno" && break done @@ -3551,41 +3903,228 @@ fi # AC_CACHE_VAL case "x$ac_cv_prog_cc_c89" in x) - { echo "$as_me:$LINENO: result: none needed" >&5 -echo "${ECHO_T}none needed" >&6; } ;; + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; xno) - { echo "$as_me:$LINENO: result: unsupported" >&5 -echo "${ECHO_T}unsupported" >&6; } ;; + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; *) CC="$CC $ac_cv_prog_cc_c89" - { echo "$as_me:$LINENO: result: $ac_cv_prog_cc_c89" >&5 -echo "${ECHO_T}$ac_cv_prog_cc_c89" >&6; } ;; + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; esac +if test "x$ac_cv_prog_cc_c89" != xno; then : +fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu +DEPDIR="${am__leading_dot}deps" + +ac_config_commands="$ac_config_commands depfiles" + + +am_make=${MAKE-make} +cat > confinc << 'END' +am__doit: + @echo this is the am__doit target +.PHONY: am__doit +END +# If we don't find an include directive, just comment out the code. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for style of include used by $am_make" >&5 +$as_echo_n "checking for style of include used by $am_make... " >&6; } +am__include="#" +am__quote= +_am_result=none +# First try GNU make style include. +echo "include confinc" > confmf +# Ignore all kinds of additional output from `make'. +case `$am_make -s -f confmf 2> /dev/null` in #( +*the\ am__doit\ target*) + am__include=include + am__quote= + _am_result=GNU + ;; +esac +# Now try BSD make style include. +if test "$am__include" = "#"; then + echo '.include "confinc"' > confmf + case `$am_make -s -f confmf 2> /dev/null` in #( + *the\ am__doit\ target*) + am__include=.include + am__quote="\"" + _am_result=BSD + ;; + esac +fi + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $_am_result" >&5 +$as_echo "$_am_result" >&6; } +rm -f confinc confmf + +# Check whether --enable-dependency-tracking was given. +if test "${enable_dependency_tracking+set}" = set; then : + enableval=$enable_dependency_tracking; +fi + +if test "x$enable_dependency_tracking" != xno; then + am_depcomp="$ac_aux_dir/depcomp" + AMDEPBACKSLASH='\' +fi + if test "x$enable_dependency_tracking" != xno; then + AMDEP_TRUE= + AMDEP_FALSE='#' +else + AMDEP_TRUE='#' + AMDEP_FALSE= +fi + + + +depcc="$CC" am_compiler_list= + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 +$as_echo_n "checking dependency style of $depcc... " >&6; } +if test "${am_cv_CC_dependencies_compiler_type+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then + # We make a subdir and do the tests there. Otherwise we can end up + # making bogus files that we don't know about and never remove. For + # instance it was reported that on HP-UX the gcc test will end up + # making a dummy file named `D' -- because `-MD' means `put the output + # in D'. + mkdir conftest.dir + # Copy depcomp to subdir because otherwise we won't find it if we're + # using a relative directory. + cp "$am_depcomp" conftest.dir + cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub + + am_cv_CC_dependencies_compiler_type=none + if test "$am_compiler_list" = ""; then + am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` + fi + am__universal=false + case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac + + for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # + # We need to recreate these files for each test, as the compiler may + # overwrite some of them when testing with obscure command lines. + # This happens at least with the AIX C compiler. + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with + # Solaris 8's {/usr,}/bin/sh. + touch sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf + + # We check with `-c' and `-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle `-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" + case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; + nosideeffect) + # after this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested + if test "x$enable_dependency_tracking" = xyes; then + continue + else + break + fi + ;; + msvisualcpp | msvcmsys) + # This compiler won't grok `-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; + none) break ;; + esac + if depmode=$depmode \ + source=sub/conftest.c object=$am__obj \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && + ${MAKE-make} -s -f confmf > /dev/null 2>&1; then + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_CC_dependencies_compiler_type=$depmode + break + fi + fi + done + + cd .. + rm -rf conftest.dir +else + am_cv_CC_dependencies_compiler_type=none +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 +$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } +CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type + + if + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then + am__fastdepCC_TRUE= + am__fastdepCC_FALSE='#' +else + am__fastdepCC_TRUE='#' + am__fastdepCC_FALSE= +fi + if test "x$CC" != xcc; then - { echo "$as_me:$LINENO: checking whether $CC and cc understand -c and -o together" >&5 -echo $ECHO_N "checking whether $CC and cc understand -c and -o together... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC and cc understand -c and -o together" >&5 +$as_echo_n "checking whether $CC and cc understand -c and -o together... " >&6; } else - { echo "$as_me:$LINENO: checking whether cc understands -c and -o together" >&5 -echo $ECHO_N "checking whether cc understands -c and -o together... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether cc understands -c and -o together" >&5 +$as_echo_n "checking whether cc understands -c and -o together... " >&6; } fi -set dummy $CC; ac_cc=`echo $2 | +set dummy $CC; ac_cc=`$as_echo "$2" | sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'` -if { as_var=ac_cv_prog_cc_${ac_cc}_c_o; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if { as_var=ac_cv_prog_cc_${ac_cc}_c_o; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -3601,58 +4140,63 @@ _ACEOF # existing .o file with -o, though they will create one. ac_try='$CC -c conftest.$ac_ext -o conftest2.$ac_objext >&5' rm -f conftest2.* -if { (case "(($ac_try" in +if { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - test -f conftest2.$ac_objext && { (case "(($ac_try" in + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && + test -f conftest2.$ac_objext && { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then eval ac_cv_prog_cc_${ac_cc}_c_o=yes if test "x$CC" != xcc; then # Test first that cc exists at all. if { ac_try='cc -c conftest.$ac_ext >&5' - { (case "(($ac_try" in + { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then ac_try='cc -c conftest.$ac_ext -o conftest2.$ac_objext >&5' rm -f conftest2.* - if { (case "(($ac_try" in + if { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - test -f conftest2.$ac_objext && { (case "(($ac_try" in + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && + test -f conftest2.$ac_objext && { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then # cc works too. : @@ -3669,23 +4213,22 @@ rm -f core conftest* fi if eval test \$ac_cv_prog_cc_${ac_cc}_c_o = yes; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } -cat >>confdefs.h <<\_ACEOF -#define NO_MINUS_C_MINUS_O 1 -_ACEOF +$as_echo "#define NO_MINUS_C_MINUS_O 1" >>confdefs.h fi # FIXME: we rely on the cache variable name because # there is no other way. set dummy $CC -ac_cc=`echo $2 | sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'` -if eval "test \"`echo '$ac_cv_prog_cc_'${ac_cc}_c_o`\" != yes"; then +am_cc=`echo $2 | sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'` +eval am_t=\$ac_cv_prog_cc_${am_cc}_c_o +if test "$am_t" != yes; then # Losing compiler, so override with the script. # FIXME: It is wrong to rewrite CC. # But if we don't then we get into trouble of one sort or another. @@ -3700,15 +4243,15 @@ ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ echo "$as_me:$LINENO: checking how to run the C preprocessor" >&5 -echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 +$as_echo_n "checking how to run the C preprocessor... " >&6; } # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then - if test "${ac_cv_prog_CPP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if test "${ac_cv_prog_CPP+set}" = set; then : + $as_echo_n "(cached) " >&6 else # Double quotes because CPP needs to be expanded for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" @@ -3722,11 +4265,7 @@ do # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include @@ -3735,76 +4274,34 @@ cat >>conftest.$ac_ext <<_ACEOF #endif Syntax error _ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_c_try_cpp "$LINENO"; then : +else # Broken: fails on valid input. continue fi - rm -f conftest.err conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then +if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - # Passes both tests. ac_preproc_ok=: break fi - rm -f conftest.err conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then +if $ac_preproc_ok; then : break fi @@ -3816,8 +4313,8 @@ fi else ac_cv_prog_CPP=$CPP fi -{ echo "$as_me:$LINENO: result: $CPP" >&5 -echo "${ECHO_T}$CPP" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 +$as_echo "$CPP" >&6; } ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do @@ -3827,11 +4324,7 @@ do # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include @@ -3840,83 +4333,40 @@ cat >>conftest.$ac_ext <<_ACEOF #endif Syntax error _ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_c_try_cpp "$LINENO"; then : +else # Broken: fails on valid input. continue fi - rm -f conftest.err conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then +if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - # Passes both tests. ac_preproc_ok=: break fi - rm -f conftest.err conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then - : +if $ac_preproc_ok; then : + else - { { echo "$as_me:$LINENO: error: C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details." >&5 -echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error "C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details." "$LINENO" 5; } fi ac_ext=c @@ -3925,43 +4375,54 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu +case `pwd` in + *\ * | *\ *) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5 +$as_echo "$as_me: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&2;} ;; +esac -test "$sysconfdir" = '${prefix}/etc' && sysconfdir='/etc' -test "$localstatedir" = '${prefix}/var' && localstatedir='/var/heimdal' +macro_version='2.4' +macro_revision='1.3293' + + + + + + + + + + + + + +ltmain="$ac_aux_dir/ltmain.sh" # Make sure we can run config.sub. $SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || - { { echo "$as_me:$LINENO: error: cannot run $SHELL $ac_aux_dir/config.sub" >&5 -echo "$as_me: error: cannot run $SHELL $ac_aux_dir/config.sub" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 -{ echo "$as_me:$LINENO: checking build system type" >&5 -echo $ECHO_N "checking build system type... $ECHO_C" >&6; } -if test "${ac_cv_build+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 +$as_echo_n "checking build system type... " >&6; } +if test "${ac_cv_build+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_build_alias=$build_alias test "x$ac_build_alias" = x && ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` test "x$ac_build_alias" = x && - { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5 -echo "$as_me: error: cannot guess build type; you must specify one" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "cannot guess build type; you must specify one" "$LINENO" 5 ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || - { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $ac_build_alias failed" >&5 -echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $ac_build_alias failed" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 fi -{ echo "$as_me:$LINENO: result: $ac_cv_build" >&5 -echo "${ECHO_T}$ac_cv_build" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 +$as_echo "$ac_cv_build" >&6; } case $ac_cv_build in *-*-*) ;; -*) { { echo "$as_me:$LINENO: error: invalid value of canonical build" >&5 -echo "$as_me: error: invalid value of canonical build" >&2;} - { (exit 1); exit 1; }; };; +*) as_fn_error "invalid value of canonical build" "$LINENO" 5;; esac build=$ac_cv_build ac_save_IFS=$IFS; IFS='-' @@ -3977,28 +4438,24 @@ IFS=$ac_save_IFS case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac -{ echo "$as_me:$LINENO: checking host system type" >&5 -echo $ECHO_N "checking host system type... $ECHO_C" >&6; } -if test "${ac_cv_host+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 +$as_echo_n "checking host system type... " >&6; } +if test "${ac_cv_host+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test "x$host_alias" = x; then ac_cv_host=$ac_cv_build else ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || - { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $host_alias failed" >&5 -echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $host_alias failed" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 fi fi -{ echo "$as_me:$LINENO: result: $ac_cv_host" >&5 -echo "${ECHO_T}$ac_cv_host" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 +$as_echo "$ac_cv_host" >&6; } case $ac_cv_host in *-*-*) ;; -*) { { echo "$as_me:$LINENO: error: invalid value of canonical host" >&5 -echo "$as_me: error: invalid value of canonical host" >&2;} - { (exit 1); exit 1; }; };; +*) as_fn_error "invalid value of canonical host" "$LINENO" 5;; esac host=$ac_cv_host ac_save_IFS=$IFS; IFS='-' @@ -4014,1126 +4471,191 @@ IFS=$ac_save_IFS case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac -CANONICAL_HOST=$host +# Backslashify metacharacters that are still active within +# double-quoted strings. +sed_quote_subst='s/\(["`$\\]\)/\\\1/g' +# Same as above, but do not quote variable references. +double_quote_subst='s/\(["`\\]\)/\\\1/g' +# Sed substitution to delay expansion of an escaped shell variable in a +# double_quote_subst'ed string. +delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' +# Sed substitution to delay expansion of an escaped single quote. +delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g' +# Sed substitution to avoid accidental globbing in evaled expressions +no_glob_subst='s/\*/\\\*/g' +ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO +ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO - { echo "$as_me:$LINENO: autobuild project... ${PACKAGE_NAME:-$PACKAGE}" >&5 -echo "$as_me: autobuild project... ${PACKAGE_NAME:-$PACKAGE}" >&6;} - { echo "$as_me:$LINENO: autobuild revision... ${PACKAGE_VERSION:-$VERSION}" >&5 -echo "$as_me: autobuild revision... ${PACKAGE_VERSION:-$VERSION}" >&6;} - hostname=`hostname` - if test "$hostname"; then - { echo "$as_me:$LINENO: autobuild hostname... $hostname" >&5 -echo "$as_me: autobuild hostname... $hostname" >&6;} - fi - - date=`date +%Y%m%d-%H%M%S` - if test "$?" != 0; then - date=`date` - fi - if test "$date"; then - { echo "$as_me:$LINENO: autobuild timestamp... $date" >&5 -echo "$as_me: autobuild timestamp... $date" >&6;} - fi - - - -# Check whether --enable-largefile was given. -if test "${enable_largefile+set}" = set; then - enableval=$enable_largefile; +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to print strings" >&5 +$as_echo_n "checking how to print strings... " >&6; } +# Test print first, because it will be a builtin if present. +if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \ + test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then + ECHO='print -r --' +elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then + ECHO='printf %s\n' +else + # Use this function as a fallback that always works. + func_fallback_echo () + { + eval 'cat <<_LTECHO_EOF +$1 +_LTECHO_EOF' + } + ECHO='func_fallback_echo' fi -if test "$enable_largefile" != no; then - - { echo "$as_me:$LINENO: checking for special C compiler options needed for large files" >&5 -echo $ECHO_N "checking for special C compiler options needed for large files... $ECHO_C" >&6; } -if test "${ac_cv_sys_largefile_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_sys_largefile_CC=no - if test "$GCC" != yes; then - ac_save_CC=$CC - while :; do - # IRIX 6.2 and later do not support large files by default, - # so use the C compiler's -n32 option if that helps. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () +# func_echo_all arg... +# Invoke $ECHO with all args, space-separated. +func_echo_all () { - - ; - return 0; + $ECHO "" } -_ACEOF - rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; + +case "$ECHO" in + printf*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: printf" >&5 +$as_echo "printf" >&6; } ;; + print*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: print -r" >&5 +$as_echo "print -r" >&6; } ;; + *) { $as_echo "$as_me:${as_lineno-$LINENO}: result: cat" >&5 +$as_echo "cat" >&6; } ;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - break + + + + + + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a sed that does not truncate output" >&5 +$as_echo_n "checking for a sed that does not truncate output... " >&6; } +if test "${ac_cv_path_SED+set}" = set; then : + $as_echo_n "(cached) " >&6 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext - CC="$CC -n32" - rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_sys_largefile_CC=' -n32'; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext - break - done - CC=$ac_save_CC - rm -f conftest.$ac_ext - fi -fi -{ echo "$as_me:$LINENO: result: $ac_cv_sys_largefile_CC" >&5 -echo "${ECHO_T}$ac_cv_sys_largefile_CC" >&6; } - if test "$ac_cv_sys_largefile_CC" != no; then - CC=$CC$ac_cv_sys_largefile_CC - fi - - { echo "$as_me:$LINENO: checking for _FILE_OFFSET_BITS value needed for large files" >&5 -echo $ECHO_N "checking for _FILE_OFFSET_BITS value needed for large files... $ECHO_C" >&6; } -if test "${ac_cv_sys_file_offset_bits+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_sys_file_offset_bits=no; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#define _FILE_OFFSET_BITS 64 -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_sys_file_offset_bits=64; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_cv_sys_file_offset_bits=unknown - break -done -fi -{ echo "$as_me:$LINENO: result: $ac_cv_sys_file_offset_bits" >&5 -echo "${ECHO_T}$ac_cv_sys_file_offset_bits" >&6; } -case $ac_cv_sys_file_offset_bits in #( - no | unknown) ;; - *) -cat >>confdefs.h <<_ACEOF -#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits -_ACEOF -;; -esac -rm -f conftest* - if test $ac_cv_sys_file_offset_bits = unknown; then - { echo "$as_me:$LINENO: checking for _LARGE_FILES value needed for large files" >&5 -echo $ECHO_N "checking for _LARGE_FILES value needed for large files... $ECHO_C" >&6; } -if test "${ac_cv_sys_large_files+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_sys_large_files=no; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#define _LARGE_FILES 1 -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_sys_large_files=1; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_cv_sys_large_files=unknown - break -done -fi -{ echo "$as_me:$LINENO: result: $ac_cv_sys_large_files" >&5 -echo "${ECHO_T}$ac_cv_sys_large_files" >&6; } -case $ac_cv_sys_large_files in #( - no | unknown) ;; - *) -cat >>confdefs.h <<_ACEOF -#define _LARGE_FILES $ac_cv_sys_large_files -_ACEOF -;; -esac -rm -f conftest* - fi -fi - - -if test "$enable_largefile" != no -a "$ac_cv_sys_large_files" != no; then - CPPFLAGS="$CPPFLAGS -D_LARGE_FILES=$ac_cv_sys_large_files" -fi -if test "$enable_largefile" != no -a "$ac_cv_sys_file_offset_bits" != no; then - CPPFLAGS="$CPPFLAGS -D_FILE_OFFSET_BITS=$ac_cv_sys_file_offset_bits" -fi - - - -cat >>confdefs.h <<\_ACEOF -#define _GNU_SOURCE 1 -_ACEOF - - - - - -for ac_prog in 'bison -y' byacc -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_YACC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$YACC"; then - ac_cv_prog_YACC="$YACC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR + ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ + for ac_i in 1 2 3 4 5 6 7; do + ac_script="$ac_script$as_nl$ac_script" + done + echo "$ac_script" 2>/dev/null | sed 99q >conftest.sed + { ac_script=; unset ac_script;} + if test -z "$SED"; then + ac_path_SED_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_YACC="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -YACC=$ac_cv_prog_YACC -if test -n "$YACC"; then - { echo "$as_me:$LINENO: result: $YACC" >&5 -echo "${ECHO_T}$YACC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$YACC" && break -done -test -n "$YACC" || YACC="yacc" - -for ac_prog in flex lex -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_LEX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$LEX"; then - ac_cv_prog_LEX="$LEX" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_LEX="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -LEX=$ac_cv_prog_LEX -if test -n "$LEX"; then - { echo "$as_me:$LINENO: result: $LEX" >&5 -echo "${ECHO_T}$LEX" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$LEX" && break -done -test -n "$LEX" || LEX=":" - -if test "x$LEX" != "x:"; then - cat >conftest.l <<_ACEOF -%% -a { ECHO; } -b { REJECT; } -c { yymore (); } -d { yyless (1); } -e { yyless (input () != 0); } -f { unput (yytext[0]); } -. { BEGIN INITIAL; } -%% -#ifdef YYTEXT_POINTER -extern char *yytext; -#endif -int -main (void) -{ - return ! yylex () + ! yywrap (); -} -_ACEOF -{ (ac_try="$LEX conftest.l" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$LEX conftest.l") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ echo "$as_me:$LINENO: checking lex output file root" >&5 -echo $ECHO_N "checking lex output file root... $ECHO_C" >&6; } -if test "${ac_cv_prog_lex_root+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if test -f lex.yy.c; then - ac_cv_prog_lex_root=lex.yy -elif test -f lexyy.c; then - ac_cv_prog_lex_root=lexyy -else - { { echo "$as_me:$LINENO: error: cannot find output from $LEX; giving up" >&5 -echo "$as_me: error: cannot find output from $LEX; giving up" >&2;} - { (exit 1); exit 1; }; } -fi -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_lex_root" >&5 -echo "${ECHO_T}$ac_cv_prog_lex_root" >&6; } -LEX_OUTPUT_ROOT=$ac_cv_prog_lex_root - -if test -z "${LEXLIB+set}"; then - { echo "$as_me:$LINENO: checking lex library" >&5 -echo $ECHO_N "checking lex library... $ECHO_C" >&6; } -if test "${ac_cv_lib_lex+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - ac_save_LIBS=$LIBS - ac_cv_lib_lex='none needed' - for ac_lib in '' -lfl -ll; do - LIBS="$ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -`cat $LEX_OUTPUT_ROOT.c` -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_lex=$ac_lib -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - test "$ac_cv_lib_lex" != 'none needed' && break - done - LIBS=$ac_save_LIBS - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_lex" >&5 -echo "${ECHO_T}$ac_cv_lib_lex" >&6; } - test "$ac_cv_lib_lex" != 'none needed' && LEXLIB=$ac_cv_lib_lex -fi - - -{ echo "$as_me:$LINENO: checking whether yytext is a pointer" >&5 -echo $ECHO_N "checking whether yytext is a pointer... $ECHO_C" >&6; } -if test "${ac_cv_prog_lex_yytext_pointer+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # POSIX says lex can declare yytext either as a pointer or an array; the -# default is implementation-dependent. Figure out which it is, since -# not all implementations provide the %pointer and %array declarations. -ac_cv_prog_lex_yytext_pointer=no -ac_save_LIBS=$LIBS -LIBS="$LEXLIB $ac_save_LIBS" -cat >conftest.$ac_ext <<_ACEOF -#define YYTEXT_POINTER 1 -`cat $LEX_OUTPUT_ROOT.c` -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_prog_lex_yytext_pointer=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_save_LIBS - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_lex_yytext_pointer" >&5 -echo "${ECHO_T}$ac_cv_prog_lex_yytext_pointer" >&6; } -if test $ac_cv_prog_lex_yytext_pointer = yes; then - -cat >>confdefs.h <<\_ACEOF -#define YYTEXT_POINTER 1 -_ACEOF - -fi -rm -f conftest.l $LEX_OUTPUT_ROOT.c - -fi -if test "$LEX" = :; then - LEX=${am_missing_run}flex -fi -for ac_prog in gawk mawk nawk awk -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_AWK+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$AWK"; then - ac_cv_prog_AWK="$AWK" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_AWK="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -AWK=$ac_cv_prog_AWK -if test -n "$AWK"; then - { echo "$as_me:$LINENO: result: $AWK" >&5 -echo "${ECHO_T}$AWK" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$AWK" && break -done - -{ echo "$as_me:$LINENO: checking for ln -s or something else" >&5 -echo $ECHO_N "checking for ln -s or something else... $ECHO_C" >&6; } -if test "${ac_cv_prog_LN_S+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - rm -f conftestdata -if ln -s X conftestdata 2>/dev/null -then - rm -f conftestdata - ac_cv_prog_LN_S="ln -s" -else - touch conftestdata1 - if ln conftestdata1 conftestdata2; then - rm -f conftestdata* - ac_cv_prog_LN_S=ln - else - ac_cv_prog_LN_S=cp - fi -fi -fi -LN_S="$ac_cv_prog_LN_S" -{ echo "$as_me:$LINENO: result: $ac_cv_prog_LN_S" >&5 -echo "${ECHO_T}$ac_cv_prog_LN_S" >&6; } - - - - -# Check whether --with-mips_abi was given. -if test "${with_mips_abi+set}" = set; then - withval=$with_mips_abi; -fi - - -case "$host_os" in -irix*) -with_mips_abi="${with_mips_abi:-yes}" -if test -n "$GCC"; then - -# GCC < 2.8 only supports the O32 ABI. GCC >= 2.8 has a flag to select -# which ABI to use, but only supports (as of 2.8.1) the N32 and 64 ABIs. -# -# Default to N32, but if GCC doesn't grok -mabi=n32, we assume an old -# GCC and revert back to O32. The same goes if O32 is asked for - old -# GCCs doesn't like the -mabi option, and new GCCs can't output O32. -# -# Don't you just love *all* the different SGI ABIs? - -case "${with_mips_abi}" in - 32|o32) abi='-mabi=32'; abilibdirext='' ;; - n32|yes) abi='-mabi=n32'; abilibdirext='32' ;; - 64) abi='-mabi=64'; abilibdirext='64' ;; - no) abi=''; abilibdirext='';; - *) { { echo "$as_me:$LINENO: error: \"Invalid ABI specified\"" >&5 -echo "$as_me: error: \"Invalid ABI specified\"" >&2;} - { (exit 1); exit 1; }; } ;; -esac -if test -n "$abi" ; then -ac_foo=krb_cv_gcc_`echo $abi | tr =- __` -{ echo "$as_me:$LINENO: checking if $CC supports the $abi option" >&5 -echo $ECHO_N "checking if $CC supports the $abi option... $ECHO_C" >&6; } -if { as_var=$ac_foo; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -save_CFLAGS="$CFLAGS" -CFLAGS="$CFLAGS $abi" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -int x; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval $ac_foo=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval $ac_foo=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_extCFLAGS="$save_CFLAGS" - -fi - -ac_res=`eval echo \\\$$ac_foo` -{ echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test $ac_res = no; then -# Try to figure out why that failed... -case $abi in - -mabi=32) - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -mabi=n32" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -int x; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_res=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_res=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext CLAGS="$save_CFLAGS" - if test $ac_res = yes; then - # New GCC - { { echo "$as_me:$LINENO: error: $CC does not support the $with_mips_abi ABI" >&5 -echo "$as_me: error: $CC does not support the $with_mips_abi ABI" >&2;} - { (exit 1); exit 1; }; } - fi - # Old GCC - abi='' - abilibdirext='' - ;; - -mabi=n32|-mabi=64) - if test $with_mips_abi = yes; then - # Old GCC, default to O32 - abi='' - abilibdirext='' - else - # Some broken GCC - { { echo "$as_me:$LINENO: error: $CC does not support the $with_mips_abi ABI" >&5 -echo "$as_me: error: $CC does not support the $with_mips_abi ABI" >&2;} - { (exit 1); exit 1; }; } - fi - ;; -esac -fi #if test $ac_res = no; then -fi #if test -n "$abi" ; then -else -case "${with_mips_abi}" in - 32|o32) abi='-32'; abilibdirext='' ;; - n32|yes) abi='-n32'; abilibdirext='32' ;; - 64) abi='-64'; abilibdirext='64' ;; - no) abi=''; abilibdirext='';; - *) { { echo "$as_me:$LINENO: error: \"Invalid ABI specified\"" >&5 -echo "$as_me: error: \"Invalid ABI specified\"" >&2;} - { (exit 1); exit 1; }; } ;; -esac -fi #if test -n "$GCC"; then -;; -esac - -CC="$CC $abi" -libdir="$libdir$abilibdirext" - - -{ echo "$as_me:$LINENO: checking for __attribute__" >&5 -echo $ECHO_N "checking for __attribute__... $ECHO_C" >&6; } -if test "${ac_cv___attribute__+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -static void foo(void) __attribute__ ((noreturn)); - -static void -foo(void) -{ - exit(1); -} - -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv___attribute__=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv___attribute__=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -if test "$ac_cv___attribute__" = "yes"; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE___ATTRIBUTE__ 1 -_ACEOF - -fi -{ echo "$as_me:$LINENO: result: $ac_cv___attribute__" >&5 -echo "${ECHO_T}$ac_cv___attribute__" >&6; } - - -# Check whether --enable-shared was given. -if test "${enable_shared+set}" = set; then - enableval=$enable_shared; p=${PACKAGE-default} - case $enableval in - yes) enable_shared=yes ;; - no) enable_shared=no ;; - *) - enable_shared=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_shared=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac -else - enable_shared=yes -fi - - -# Check whether --enable-static was given. -if test "${enable_static+set}" = set; then - enableval=$enable_static; p=${PACKAGE-default} - case $enableval in - yes) enable_static=yes ;; - no) enable_static=no ;; - *) - enable_static=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_static=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac -else - enable_static=yes -fi - - -# Check whether --enable-fast-install was given. -if test "${enable_fast_install+set}" = set; then - enableval=$enable_fast_install; p=${PACKAGE-default} - case $enableval in - yes) enable_fast_install=yes ;; - no) enable_fast_install=no ;; - *) - enable_fast_install=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_fast_install=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac -else - enable_fast_install=yes -fi - - -{ echo "$as_me:$LINENO: checking for a sed that does not truncate output" >&5 -echo $ECHO_N "checking for a sed that does not truncate output... $ECHO_C" >&6; } -if test "${lt_cv_path_SED+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # Loop through the user's path and test for sed and gsed. -# Then use that list of sed's as ones to test for truncation. -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for lt_ac_prog in sed gsed; do + for ac_prog in sed gsed; do for ac_exec_ext in '' $ac_executable_extensions; do - if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then - lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext" - fi + ac_path_SED="$as_dir/$ac_prog$ac_exec_ext" + { test -f "$ac_path_SED" && $as_test_x "$ac_path_SED"; } || continue +# Check for GNU ac_path_SED and select it if it is found. + # Check for GNU $ac_path_SED +case `"$ac_path_SED" --version 2>&1` in +*GNU*) + ac_cv_path_SED="$ac_path_SED" ac_path_SED_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo '' >> "conftest.nl" + "$ac_path_SED" -f conftest.sed < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_SED_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_SED="$ac_path_SED" + ac_path_SED_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_SED_found && break 3 done done -done -lt_ac_max=0 -lt_ac_count=0 -# Add /usr/xpg4/bin/sed as it is typically found on Solaris -# along with /bin/sed that truncates output. -for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do - test ! -f $lt_ac_sed && continue - cat /dev/null > conftest.in - lt_ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >conftest.in - # Check for GNU sed and select it if it is found. - if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then - lt_cv_path_SED=$lt_ac_sed - break - fi - while true; do - cat conftest.in conftest.in >conftest.tmp - mv conftest.tmp conftest.in - cp conftest.in conftest.nl - echo >>conftest.nl - $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break - cmp -s conftest.out conftest.nl || break - # 10000 chars as input seems more than enough - test $lt_ac_count -gt 10 && break - lt_ac_count=`expr $lt_ac_count + 1` - if test $lt_ac_count -gt $lt_ac_max; then - lt_ac_max=$lt_ac_count - lt_cv_path_SED=$lt_ac_sed - fi done -done - +IFS=$as_save_IFS + if test -z "$ac_cv_path_SED"; then + as_fn_error "no acceptable sed could be found in \$PATH" "$LINENO" 5 + fi +else + ac_cv_path_SED=$SED fi -SED=$lt_cv_path_SED -{ echo "$as_me:$LINENO: result: $SED" >&5 -echo "${ECHO_T}$SED" >&6; } +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_SED" >&5 +$as_echo "$ac_cv_path_SED" >&6; } + SED="$ac_cv_path_SED" + rm -f conftest.sed -{ echo "$as_me:$LINENO: checking for grep that handles long lines and -e" >&5 -echo $ECHO_N "checking for grep that handles long lines and -e... $ECHO_C" >&6; } -if test "${ac_cv_path_GREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # Extract the first word of "grep ggrep" to use in msg output -if test -z "$GREP"; then -set dummy grep ggrep; ac_prog_name=$2 -if test "${ac_cv_path_GREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +test -z "$SED" && SED=sed +Xsed="$SED -e 1s/^X//" + + + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 +$as_echo_n "checking for grep that handles long lines and -e... " >&6; } +if test "${ac_cv_path_GREP+set}" = set; then : + $as_echo_n "(cached) " >&6 else + if test -z "$GREP"; then ac_path_GREP_found=false -# Loop through the user's path and test for each of PROGNAME-LIST -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_prog in grep ggrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue - # Check for GNU ac_path_GREP and select it if it is found. + for ac_prog in grep ggrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" + { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue +# Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in *GNU*) ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; *) ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >"conftest.in" + $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" - echo 'GREP' >> "conftest.nl" + $as_echo 'GREP' >> "conftest.nl" "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - ac_count=`expr $ac_count + 1` + as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_GREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_GREP="$ac_path_GREP" @@ -5145,77 +4667,61 @@ case `"$ac_path_GREP" --version 2>&1` in rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac - - $ac_path_GREP_found && break 3 + $ac_path_GREP_found && break 3 + done + done done -done - -done IFS=$as_save_IFS - - -fi - -GREP="$ac_cv_path_GREP" -if test -z "$GREP"; then - { { echo "$as_me:$LINENO: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&5 -echo "$as_me: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&2;} - { (exit 1); exit 1; }; } -fi - + if test -z "$ac_cv_path_GREP"; then + as_fn_error "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi else ac_cv_path_GREP=$GREP fi - fi -{ echo "$as_me:$LINENO: result: $ac_cv_path_GREP" >&5 -echo "${ECHO_T}$ac_cv_path_GREP" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 +$as_echo "$ac_cv_path_GREP" >&6; } GREP="$ac_cv_path_GREP" -{ echo "$as_me:$LINENO: checking for egrep" >&5 -echo $ECHO_N "checking for egrep... $ECHO_C" >&6; } -if test "${ac_cv_path_EGREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 +$as_echo_n "checking for egrep... " >&6; } +if test "${ac_cv_path_EGREP+set}" = set; then : + $as_echo_n "(cached) " >&6 else if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 then ac_cv_path_EGREP="$GREP -E" else - # Extract the first word of "egrep" to use in msg output -if test -z "$EGREP"; then -set dummy egrep; ac_prog_name=$2 -if test "${ac_cv_path_EGREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else + if test -z "$EGREP"; then ac_path_EGREP_found=false -# Loop through the user's path and test for each of PROGNAME-LIST -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_prog in egrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue - # Check for GNU ac_path_EGREP and select it if it is found. + for ac_prog in egrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" + { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue +# Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in *GNU*) ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; *) ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >"conftest.in" + $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" - echo 'EGREP' >> "conftest.nl" + $as_echo 'EGREP' >> "conftest.nl" "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - ac_count=`expr $ac_count + 1` + as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_EGREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_EGREP="$ac_path_EGREP" @@ -5227,39 +4733,114 @@ case `"$ac_path_EGREP" --version 2>&1` in rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac - - $ac_path_EGREP_found && break 3 + $ac_path_EGREP_found && break 3 + done + done done -done - -done IFS=$as_save_IFS - - -fi - -EGREP="$ac_cv_path_EGREP" -if test -z "$EGREP"; then - { { echo "$as_me:$LINENO: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&5 -echo "$as_me: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&2;} - { (exit 1); exit 1; }; } -fi - + if test -z "$ac_cv_path_EGREP"; then + as_fn_error "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi else ac_cv_path_EGREP=$EGREP fi + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 +$as_echo "$ac_cv_path_EGREP" >&6; } + EGREP="$ac_cv_path_EGREP" + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for fgrep" >&5 +$as_echo_n "checking for fgrep... " >&6; } +if test "${ac_cv_path_FGREP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if echo 'ab*c' | $GREP -F 'ab*c' >/dev/null 2>&1 + then ac_cv_path_FGREP="$GREP -F" + else + if test -z "$FGREP"; then + ac_path_FGREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in fgrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext" + { test -f "$ac_path_FGREP" && $as_test_x "$ac_path_FGREP"; } || continue +# Check for GNU ac_path_FGREP and select it if it is found. + # Check for GNU $ac_path_FGREP +case `"$ac_path_FGREP" --version 2>&1` in +*GNU*) + ac_cv_path_FGREP="$ac_path_FGREP" ac_path_FGREP_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo 'FGREP' >> "conftest.nl" + "$ac_path_FGREP" FGREP < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_FGREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_FGREP="$ac_path_FGREP" + ac_path_FGREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_FGREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_FGREP"; then + as_fn_error "no acceptable fgrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi +else + ac_cv_path_FGREP=$FGREP +fi fi fi -{ echo "$as_me:$LINENO: result: $ac_cv_path_EGREP" >&5 -echo "${ECHO_T}$ac_cv_path_EGREP" >&6; } - EGREP="$ac_cv_path_EGREP" +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_FGREP" >&5 +$as_echo "$ac_cv_path_FGREP" >&6; } + FGREP="$ac_cv_path_FGREP" + + +test -z "$GREP" && GREP=grep + + + + + + + + + + + + + + + + # Check whether --with-gnu-ld was given. -if test "${with_gnu_ld+set}" = set; then +if test "${with_gnu_ld+set}" = set; then : withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes else with_gnu_ld=no @@ -5268,8 +4849,8 @@ fi ac_prog=ld if test "$GCC" = yes; then # Check if gcc -print-prog-name=ld gives a path. - { echo "$as_me:$LINENO: checking for ld used by $CC" >&5 -echo $ECHO_N "checking for ld used by $CC... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5 +$as_echo_n "checking for ld used by $CC... " >&6; } case $host in *-*-mingw*) # gcc leaves a trailing carriage return which upsets mingw @@ -5282,9 +4863,9 @@ echo $ECHO_N "checking for ld used by $CC... $ECHO_C" >&6; } [\\/]* | ?:[\\/]*) re_direlt='/[^/][^/]*/\.\./' # Canonicalize the pathname of ld - ac_prog=`echo $ac_prog| $SED 's%\\\\%/%g'` - while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do - ac_prog=`echo $ac_prog| $SED "s%$re_direlt%/%"` + ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'` + while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do + ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"` done test -z "$LD" && LD="$ac_prog" ;; @@ -5298,14 +4879,14 @@ echo $ECHO_N "checking for ld used by $CC... $ECHO_C" >&6; } ;; esac elif test "$with_gnu_ld" = yes; then - { echo "$as_me:$LINENO: checking for GNU ld" >&5 -echo $ECHO_N "checking for GNU ld... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 +$as_echo_n "checking for GNU ld... " >&6; } else - { echo "$as_me:$LINENO: checking for non-GNU ld" >&5 -echo $ECHO_N "checking for non-GNU ld... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 +$as_echo_n "checking for non-GNU ld... " >&6; } fi -if test "${lt_cv_path_LD+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "${lt_cv_path_LD+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test -z "$LD"; then lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR @@ -5335,19 +4916,17 @@ fi LD="$lt_cv_path_LD" if test -n "$LD"; then - { echo "$as_me:$LINENO: result: $LD" >&5 -echo "${ECHO_T}$LD" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LD" >&5 +$as_echo "$LD" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -test -z "$LD" && { { echo "$as_me:$LINENO: error: no acceptable ld found in \$PATH" >&5 -echo "$as_me: error: no acceptable ld found in \$PATH" >&2;} - { (exit 1); exit 1; }; } -{ echo "$as_me:$LINENO: checking if the linker ($LD) is GNU ld" >&5 -echo $ECHO_N "checking if the linker ($LD) is GNU ld... $ECHO_C" >&6; } -if test "${lt_cv_prog_gnu_ld+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +test -z "$LD" && as_fn_error "no acceptable ld found in \$PATH" "$LINENO" 5 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 +$as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; } +if test "${lt_cv_prog_gnu_ld+set}" = set; then : + $as_echo_n "(cached) " >&6 else # I'd rather use --version here, but apparently some GNU lds only accept -v. case `$LD -v 2>&1 &1 &5 -echo "${ECHO_T}$lt_cv_prog_gnu_ld" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_gnu_ld" >&5 +$as_echo "$lt_cv_prog_gnu_ld" >&6; } with_gnu_ld=$lt_cv_prog_gnu_ld -{ echo "$as_me:$LINENO: checking for $LD option to reload object files" >&5 -echo $ECHO_N "checking for $LD option to reload object files... $ECHO_C" >&6; } -if test "${lt_cv_ld_reload_flag+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_ld_reload_flag='-r' -fi -{ echo "$as_me:$LINENO: result: $lt_cv_ld_reload_flag" >&5 -echo "${ECHO_T}$lt_cv_ld_reload_flag" >&6; } -reload_flag=$lt_cv_ld_reload_flag -case $reload_flag in -"" | " "*) ;; -*) reload_flag=" $reload_flag" ;; -esac -reload_cmds='$LD$reload_flag -o $output$reload_objs' -case $host_os in - darwin*) - if test "$GCC" = yes; then - reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs' - else - reload_cmds='$LD$reload_flag -o $output$reload_objs' - fi - ;; -esac -{ echo "$as_me:$LINENO: checking for BSD-compatible nm" >&5 -echo $ECHO_N "checking for BSD-compatible nm... $ECHO_C" >&6; } -if test "${lt_cv_path_NM+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for BSD- or MS-compatible name lister (nm)" >&5 +$as_echo_n "checking for BSD- or MS-compatible name lister (nm)... " >&6; } +if test "${lt_cv_path_NM+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test -n "$NM"; then # Let the user override the test. @@ -5435,1682 +4996,178 @@ else done IFS="$lt_save_ifs" done - test -z "$lt_cv_path_NM" && lt_cv_path_NM=nm + : ${lt_cv_path_NM=no} fi fi -{ echo "$as_me:$LINENO: result: $lt_cv_path_NM" >&5 -echo "${ECHO_T}$lt_cv_path_NM" >&6; } -NM="$lt_cv_path_NM" - -{ echo "$as_me:$LINENO: checking whether ln -s works" >&5 -echo $ECHO_N "checking whether ln -s works... $ECHO_C" >&6; } -LN_S=$as_ln_s -if test "$LN_S" = "ln -s"; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_NM" >&5 +$as_echo "$lt_cv_path_NM" >&6; } +if test "$lt_cv_path_NM" != "no"; then + NM="$lt_cv_path_NM" else - { echo "$as_me:$LINENO: result: no, using $LN_S" >&5 -echo "${ECHO_T}no, using $LN_S" >&6; } -fi - -{ echo "$as_me:$LINENO: checking how to recognise dependent libraries" >&5 -echo $ECHO_N "checking how to recognise dependent libraries... $ECHO_C" >&6; } -if test "${lt_cv_deplibs_check_method+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_file_magic_cmd='$MAGIC_CMD' -lt_cv_file_magic_test_file= -lt_cv_deplibs_check_method='unknown' -# Need to set the preceding variable on all platforms that support -# interlibrary dependencies. -# 'none' -- dependencies not supported. -# `unknown' -- same as none, but documents that we really don't know. -# 'pass_all' -- all dependencies passed with no checks. -# 'test_compile' -- check by making test program. -# 'file_magic [[regex]]' -- check by looking for files in library path -# which responds to the $file_magic_cmd with a given extended regex. -# If you have `file' or equivalent on your system and you're not sure -# whether `pass_all' will *always* work, you probably want this one. - -case $host_os in -aix4* | aix5*) - lt_cv_deplibs_check_method=pass_all - ;; - -beos*) - lt_cv_deplibs_check_method=pass_all - ;; - -bsdi[45]*) - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)' - lt_cv_file_magic_cmd='/usr/bin/file -L' - lt_cv_file_magic_test_file=/shlib/libc.so - ;; - -cygwin*) - # func_win32_libid is a shell function defined in ltmain.sh - lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' - lt_cv_file_magic_cmd='func_win32_libid' - ;; - -mingw* | pw32*) - # Base MSYS/MinGW do not provide the 'file' command needed by - # func_win32_libid shell function, so use a weaker test based on 'objdump'. - lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?' - lt_cv_file_magic_cmd='$OBJDUMP -f' - ;; - -darwin* | rhapsody*) - lt_cv_deplibs_check_method=pass_all - ;; - -freebsd* | kfreebsd*-gnu | dragonfly*) - if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then - case $host_cpu in - i*86 ) - # Not sure whether the presence of OpenBSD here was a mistake. - # Let's accept both of them until this is cleared up. - lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` - ;; - esac - else - lt_cv_deplibs_check_method=pass_all - fi - ;; - -gnu*) - lt_cv_deplibs_check_method=pass_all - ;; - -hpux10.20* | hpux11*) - lt_cv_file_magic_cmd=/usr/bin/file - case $host_cpu in - ia64*) - lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64' - lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so - ;; - hppa*64*) - lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - PA-RISC [0-9].[0-9]' - lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl - ;; - *) - lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9].[0-9]) shared library' - lt_cv_file_magic_test_file=/usr/lib/libc.sl - ;; - esac - ;; - -interix3*) - # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|\.a)$' - ;; - -irix5* | irix6* | nonstopux*) - case $LD in - *-32|*"-32 ") libmagic=32-bit;; - *-n32|*"-n32 ") libmagic=N32;; - *-64|*"-64 ") libmagic=64-bit;; - *) libmagic=never-match;; - esac - lt_cv_deplibs_check_method=pass_all - ;; - -# This must be Linux ELF. -linux*) - lt_cv_deplibs_check_method=pass_all - ;; - -netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|_pic\.a)$' - fi - ;; - -newos6*) - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=/usr/lib/libnls.so - ;; - -nto-qnx*) - lt_cv_deplibs_check_method=unknown - ;; - -openbsd*) - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|\.so|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' - fi - ;; - -osf3* | osf4* | osf5*) - lt_cv_deplibs_check_method=pass_all - ;; - -solaris*) - lt_cv_deplibs_check_method=pass_all - ;; - -sysv4 | sysv4.3*) - case $host_vendor in - motorola) - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib) M[0-9][0-9]* Version [0-9]' - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` - ;; - ncr) - lt_cv_deplibs_check_method=pass_all - ;; - sequent) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )' - ;; - sni) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method="file_magic ELF [0-9][0-9]*-bit [LM]SB dynamic lib" - lt_cv_file_magic_test_file=/lib/libc.so - ;; - siemens) - lt_cv_deplibs_check_method=pass_all - ;; - pc) - lt_cv_deplibs_check_method=pass_all - ;; - esac - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - lt_cv_deplibs_check_method=pass_all - ;; -esac - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_deplibs_check_method" >&5 -echo "${ECHO_T}$lt_cv_deplibs_check_method" >&6; } -file_magic_cmd=$lt_cv_file_magic_cmd -deplibs_check_method=$lt_cv_deplibs_check_method -test -z "$deplibs_check_method" && deplibs_check_method=unknown - - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - -# Check whether --enable-libtool-lock was given. -if test "${enable_libtool_lock+set}" = set; then - enableval=$enable_libtool_lock; -fi - -test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes - -# Some flags need to be propagated to the compiler or linker for good -# libtool support. -case $host in -ia64-*-hpux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - case `/usr/bin/file conftest.$ac_objext` in - *ELF-32*) - HPUX_IA64_MODE="32" - ;; - *ELF-64*) - HPUX_IA64_MODE="64" - ;; - esac - fi - rm -rf conftest* - ;; -*-*-irix6*) - # Find out which ABI we are using. - echo '#line 5679 "configure"' > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - if test "$lt_cv_prog_gnu_ld" = yes; then - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -melf32bsmip" - ;; - *N32*) - LD="${LD-ld} -melf32bmipn32" - ;; - *64-bit*) - LD="${LD-ld} -melf64bmip" - ;; - esac - else - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -32" - ;; - *N32*) - LD="${LD-ld} -n32" - ;; - *64-bit*) - LD="${LD-ld} -64" - ;; - esac - fi - fi - rm -rf conftest* - ;; - -x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*|s390*-*linux*|sparc*-*linux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - case `/usr/bin/file conftest.o` in - *32-bit*) - case $host in - x86_64-*linux*) - LD="${LD-ld} -m elf_i386" - ;; - ppc64-*linux*|powerpc64-*linux*) - LD="${LD-ld} -m elf32ppclinux" - ;; - s390x-*linux*) - LD="${LD-ld} -m elf_s390" - ;; - sparc64-*linux*) - LD="${LD-ld} -m elf32_sparc" - ;; - esac - ;; - *64-bit*) - case $host in - x86_64-*linux*) - LD="${LD-ld} -m elf_x86_64" - ;; - ppc*-*linux*|powerpc*-*linux*) - LD="${LD-ld} -m elf64ppc" - ;; - s390*-*linux*) - LD="${LD-ld} -m elf64_s390" - ;; - sparc*-*linux*) - LD="${LD-ld} -m elf64_sparc" - ;; - esac - ;; - esac - fi - rm -rf conftest* - ;; - -*-*-sco3.2v5*) - # On SCO OpenServer 5, we need -belf to get full-featured binaries. - SAVE_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -belf" - { echo "$as_me:$LINENO: checking whether the C compiler needs -belf" >&5 -echo $ECHO_N "checking whether the C compiler needs -belf... $ECHO_C" >&6; } -if test "${lt_cv_cc_needs_belf+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - lt_cv_cc_needs_belf=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - lt_cv_cc_needs_belf=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_cc_needs_belf" >&5 -echo "${ECHO_T}$lt_cv_cc_needs_belf" >&6; } - if test x"$lt_cv_cc_needs_belf" != x"yes"; then - # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf - CFLAGS="$SAVE_CFLAGS" - fi - ;; -sparc*-*solaris*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - case `/usr/bin/file conftest.o` in - *64-bit*) - case $lt_cv_prog_gnu_ld in - yes*) LD="${LD-ld} -m elf64_sparc" ;; - *) LD="${LD-ld} -64" ;; - esac - ;; - esac - fi - rm -rf conftest* - ;; - - -esac - -need_locks="$enable_libtool_lock" - - - -{ echo "$as_me:$LINENO: checking for ANSI C header files" >&5 -echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6; } -if test "${ac_cv_header_stdc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#include -#include - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_header_stdc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_header_stdc=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -if test $ac_cv_header_stdc = yes; then - # SunOS 4.x string.h does not declare mem*, contrary to ANSI. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "memchr" >/dev/null 2>&1; then - : -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "free" >/dev/null 2>&1; then - : -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. - if test "$cross_compiling" = yes; then - : -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#if ((' ' & 0x0FF) == 0x020) -# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') -# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) -#else -# define ISLOWER(c) \ - (('a' <= (c) && (c) <= 'i') \ - || ('j' <= (c) && (c) <= 'r') \ - || ('s' <= (c) && (c) <= 'z')) -# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) -#endif - -#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) -int -main () -{ - int i; - for (i = 0; i < 256; i++) - if (XOR (islower (i), ISLOWER (i)) - || toupper (i) != TOUPPER (i)) - return 2; - return 0; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - : -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_header_stdc=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - -fi -fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5 -echo "${ECHO_T}$ac_cv_header_stdc" >&6; } -if test $ac_cv_header_stdc = yes; then - -cat >>confdefs.h <<\_ACEOF -#define STDC_HEADERS 1 -_ACEOF - -fi - -# On IRIX 5.3, sys/types and inttypes.h are conflicting. - - - - - - - - - -for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ - inttypes.h stdint.h unistd.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in dlfcn.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - -ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu -if test -z "$CXX"; then - if test -n "$CCC"; then - CXX=$CCC + # Didn't find any BSD compatible name lister, look for dumpbin. + if test -n "$DUMPBIN"; then : + # Let the user override the test. else if test -n "$ac_tool_prefix"; then - for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC + for ac_prog in dumpbin "link -dump" do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_DUMPBIN+set}" = set; then : + $as_echo_n "(cached) " >&6 else - if test -n "$CXX"; then - ac_cv_prog_CXX="$CXX" # Let the user override the test. + if test -n "$DUMPBIN"; then + ac_cv_prog_DUMPBIN="$DUMPBIN" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do + for ac_exec_ext in '' $ac_executable_extensions; do if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CXX="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -CXX=$ac_cv_prog_CXX -if test -n "$CXX"; then - { echo "$as_me:$LINENO: result: $CXX" >&5 -echo "${ECHO_T}$CXX" >&6; } +DUMPBIN=$ac_cv_prog_DUMPBIN +if test -n "$DUMPBIN"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DUMPBIN" >&5 +$as_echo "$DUMPBIN" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi - test -n "$CXX" && break + test -n "$DUMPBIN" && break done fi -if test -z "$CXX"; then - ac_ct_CXX=$CXX - for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC +if test -z "$DUMPBIN"; then + ac_ct_DUMPBIN=$DUMPBIN + for ac_prog in dumpbin "link -dump" do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_DUMPBIN+set}" = set; then : + $as_echo_n "(cached) " >&6 else - if test -n "$ac_ct_CXX"; then - ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test. + if test -n "$ac_ct_DUMPBIN"; then + ac_cv_prog_ac_ct_DUMPBIN="$ac_ct_DUMPBIN" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do + for ac_exec_ext in '' $ac_executable_extensions; do if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_CXX="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + ac_cv_prog_ac_ct_DUMPBIN="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_CXX=$ac_cv_prog_ac_ct_CXX -if test -n "$ac_ct_CXX"; then - { echo "$as_me:$LINENO: result: $ac_ct_CXX" >&5 -echo "${ECHO_T}$ac_ct_CXX" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$ac_ct_CXX" && break -done - - if test "x$ac_ct_CXX" = x; then - CXX="g++" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - CXX=$ac_ct_CXX - fi -fi - - fi -fi -# Provide some information about the compiler. -echo "$as_me:$LINENO: checking for C++ compiler version" >&5 -ac_compiler=`set X $ac_compile; echo $2` -{ (ac_try="$ac_compiler --version >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler --version >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -v >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -v >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -V >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -V >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - -{ echo "$as_me:$LINENO: checking whether we are using the GNU C++ compiler" >&5 -echo $ECHO_N "checking whether we are using the GNU C++ compiler... $ECHO_C" >&6; } -if test "${ac_cv_cxx_compiler_gnu+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -#ifndef __GNUC__ - choke me -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_compiler_gnu=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_compiler_gnu=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_cxx_compiler_gnu=$ac_compiler_gnu - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_cxx_compiler_gnu" >&5 -echo "${ECHO_T}$ac_cv_cxx_compiler_gnu" >&6; } -GXX=`test $ac_compiler_gnu = yes && echo yes` -ac_test_CXXFLAGS=${CXXFLAGS+set} -ac_save_CXXFLAGS=$CXXFLAGS -{ echo "$as_me:$LINENO: checking whether $CXX accepts -g" >&5 -echo $ECHO_N "checking whether $CXX accepts -g... $ECHO_C" >&6; } -if test "${ac_cv_prog_cxx_g+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_save_cxx_werror_flag=$ac_cxx_werror_flag - ac_cxx_werror_flag=yes - ac_cv_prog_cxx_g=no - CXXFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cxx_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - CXXFLAGS="" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cxx_werror_flag=$ac_save_cxx_werror_flag - CXXFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cxx_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_cxx_werror_flag=$ac_save_cxx_werror_flag -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_cxx_g" >&5 -echo "${ECHO_T}$ac_cv_prog_cxx_g" >&6; } -if test "$ac_test_CXXFLAGS" = set; then - CXXFLAGS=$ac_save_CXXFLAGS -elif test $ac_cv_prog_cxx_g = yes; then - if test "$GXX" = yes; then - CXXFLAGS="-g -O2" - else - CXXFLAGS="-g" - fi -else - if test "$GXX" = yes; then - CXXFLAGS="-O2" - else - CXXFLAGS= - fi -fi -ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu - - - -if test -n "$CXX" && ( test "X$CXX" != "Xno" && - ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || - (test "X$CXX" != "Xg++"))) ; then - ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu -{ echo "$as_me:$LINENO: checking how to run the C++ preprocessor" >&5 -echo $ECHO_N "checking how to run the C++ preprocessor... $ECHO_C" >&6; } -if test -z "$CXXCPP"; then - if test "${ac_cv_prog_CXXCPP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # Double quotes because CXXCPP needs to be expanded - for CXXCPP in "$CXX -E" "/lib/cpp" - do - ac_preproc_ok=false -for ac_cxx_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || - test ! -s conftest.err - }; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Broken: fails on valid input. -continue -fi - -rm -f conftest.err conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || - test ! -s conftest.err - }; then - # Broken: success on invalid input. -continue -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Passes both tests. -ac_preproc_ok=: -break -fi - -rm -f conftest.err conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then - break -fi - - done - ac_cv_prog_CXXCPP=$CXXCPP - -fi - CXXCPP=$ac_cv_prog_CXXCPP -else - ac_cv_prog_CXXCPP=$CXXCPP -fi -{ echo "$as_me:$LINENO: result: $CXXCPP" >&5 -echo "${ECHO_T}$CXXCPP" >&6; } -ac_preproc_ok=false -for ac_cxx_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || - test ! -s conftest.err - }; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Broken: fails on valid input. -continue -fi - -rm -f conftest.err conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || - test ! -s conftest.err - }; then - # Broken: success on invalid input. -continue -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Passes both tests. -ac_preproc_ok=: -break -fi - -rm -f conftest.err conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then - : -else - { { echo "$as_me:$LINENO: error: C++ preprocessor \"$CXXCPP\" fails sanity check -See \`config.log' for more details." >&5 -echo "$as_me: error: C++ preprocessor \"$CXXCPP\" fails sanity check -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -fi - -ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu - -fi - - -ac_ext=f -ac_compile='$F77 -c $FFLAGS conftest.$ac_ext >&5' -ac_link='$F77 -o conftest$ac_exeext $FFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_f77_compiler_gnu -if test -n "$ac_tool_prefix"; then - for ac_prog in g77 xlf f77 frt pgf77 cf77 fort77 fl32 af77 xlf90 f90 pgf90 pghpf epcf90 gfortran g95 xlf95 f95 fort ifort ifc efc pgf95 lf95 ftn - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_F77+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$F77"; then - ac_cv_prog_F77="$F77" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_F77="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -F77=$ac_cv_prog_F77 -if test -n "$F77"; then - { echo "$as_me:$LINENO: result: $F77" >&5 -echo "${ECHO_T}$F77" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$F77" && break done -fi -if test -z "$F77"; then - ac_ct_F77=$F77 - for ac_prog in g77 xlf f77 frt pgf77 cf77 fort77 fl32 af77 xlf90 f90 pgf90 pghpf epcf90 gfortran g95 xlf95 f95 fort ifort ifc efc pgf95 lf95 ftn -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_F77+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_F77"; then - ac_cv_prog_ac_ct_F77="$ac_ct_F77" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_F77="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done IFS=$as_save_IFS fi fi -ac_ct_F77=$ac_cv_prog_ac_ct_F77 -if test -n "$ac_ct_F77"; then - { echo "$as_me:$LINENO: result: $ac_ct_F77" >&5 -echo "${ECHO_T}$ac_ct_F77" >&6; } +ac_ct_DUMPBIN=$ac_cv_prog_ac_ct_DUMPBIN +if test -n "$ac_ct_DUMPBIN"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DUMPBIN" >&5 +$as_echo "$ac_ct_DUMPBIN" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi - test -n "$ac_ct_F77" && break + test -n "$ac_ct_DUMPBIN" && break done - if test "x$ac_ct_F77" = x; then - F77="" + if test "x$ac_ct_DUMPBIN" = x; then + DUMPBIN=":" else case $cross_compiling:$ac_tool_warned in yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac - F77=$ac_ct_F77 + DUMPBIN=$ac_ct_DUMPBIN fi fi + case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in + *COFF*) + DUMPBIN="$DUMPBIN -symbols" + ;; + *) + DUMPBIN=: + ;; + esac + fi -# Provide some information about the compiler. -echo "$as_me:$LINENO: checking for Fortran 77 compiler version" >&5 -ac_compiler=`set X $ac_compile; echo $2` -{ (ac_try="$ac_compiler --version >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler --version >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -v >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -v >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -V >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -V >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -rm -f a.out + if test "$DUMPBIN" != ":"; then + NM="$DUMPBIN" + fi +fi +test -z "$NM" && NM=nm -# If we don't use `.F' as extension, the preprocessor is not run on the -# input file. (Note that this only needs to work for GNU compilers.) -ac_save_ext=$ac_ext -ac_ext=F -{ echo "$as_me:$LINENO: checking whether we are using the GNU Fortran 77 compiler" >&5 -echo $ECHO_N "checking whether we are using the GNU Fortran 77 compiler... $ECHO_C" >&6; } -if test "${ac_cv_f77_compiler_gnu+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the name lister ($NM) interface" >&5 +$as_echo_n "checking the name lister ($NM) interface... " >&6; } +if test "${lt_cv_nm_interface+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF - program main -#ifndef __GNUC__ - choke me -#endif - - end -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 + lt_cv_nm_interface="BSD nm" + echo "int some_variable = 0;" > conftest.$ac_ext + (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&5) + (eval "$ac_compile" 2>conftest.err) cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_f77_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_compiler_gnu=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_compiler_gnu=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_f77_compiler_gnu=$ac_compiler_gnu - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_f77_compiler_gnu" >&5 -echo "${ECHO_T}$ac_cv_f77_compiler_gnu" >&6; } -ac_ext=$ac_save_ext -ac_test_FFLAGS=${FFLAGS+set} -ac_save_FFLAGS=$FFLAGS -FFLAGS= -{ echo "$as_me:$LINENO: checking whether $F77 accepts -g" >&5 -echo $ECHO_N "checking whether $F77 accepts -g... $ECHO_C" >&6; } -if test "${ac_cv_prog_f77_g+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - FFLAGS=-g -cat >conftest.$ac_ext <<_ACEOF - program main - - end -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 + (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&5) + (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_f77_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_f77_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_prog_f77_g=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_f77_g" >&5 -echo "${ECHO_T}$ac_cv_prog_f77_g" >&6; } -if test "$ac_test_FFLAGS" = set; then - FFLAGS=$ac_save_FFLAGS -elif test $ac_cv_prog_f77_g = yes; then - if test "x$ac_cv_f77_compiler_gnu" = xyes; then - FFLAGS="-g -O2" - else - FFLAGS="-g" - fi -else - if test "x$ac_cv_f77_compiler_gnu" = xyes; then - FFLAGS="-O2" - else - FFLAGS= + (eval echo "\"\$as_me:$LINENO: output\"" >&5) + cat conftest.out >&5 + if $GREP 'External.*some_variable' conftest.out > /dev/null; then + lt_cv_nm_interface="MS dumpbin" fi + rm -f conftest* fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_nm_interface" >&5 +$as_echo "$lt_cv_nm_interface" >&6; } -G77=`test $ac_compiler_gnu = yes && echo yes` -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - - -# Autoconf 2.13's AC_OBJEXT and AC_EXEEXT macros only works for C compilers! +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5 +$as_echo_n "checking whether ln -s works... " >&6; } +LN_S=$as_ln_s +if test "$LN_S" = "ln -s"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5 +$as_echo "no, using $LN_S" >&6; } +fi # find the maximum length of command line arguments -{ echo "$as_me:$LINENO: checking the maximum length of command line arguments" >&5 -echo $ECHO_N "checking the maximum length of command line arguments... $ECHO_C" >&6; } -if test "${lt_cv_sys_max_cmd_len+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the maximum length of command line arguments" >&5 +$as_echo_n "checking the maximum length of command line arguments... " >&6; } +if test "${lt_cv_sys_max_cmd_len+set}" = set; then : + $as_echo_n "(cached) " >&6 else i=0 teststring="ABCD" @@ -7131,7 +5188,7 @@ else lt_cv_sys_max_cmd_len=-1; ;; - cygwin* | mingw*) + cygwin* | mingw* | cegcc*) # On Win9x/ME, this test blows up -- it succeeds, but takes # about 5 minutes as the teststring grows exponentially. # Worse, since 9x/ME are not pre-emptively multitasking, @@ -7142,6 +5199,11 @@ else lt_cv_sys_max_cmd_len=8192; ;; + mint*) + # On MiNT this can take a long time and run out of memory. + lt_cv_sys_max_cmd_len=8192; + ;; + amigaos*) # On AmigaOS with pdksh, this test takes hours, literally. # So we just punt and use a minimum line length of 8192. @@ -7186,51 +5248,1165 @@ else sysv5* | sco5v6* | sysv4.2uw2*) kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` if test -n "$kargmax"; then - lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[ ]//'` + lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[ ]//'` else lt_cv_sys_max_cmd_len=32768 fi ;; *) - # If test is not a shell built-in, we'll probably end up computing a - # maximum length that is only half of the actual maximum length, but - # we can't tell. - SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} - while (test "X"`$SHELL $0 --fallback-echo "X$teststring" 2>/dev/null` \ - = "XX$teststring") >/dev/null 2>&1 && - new_result=`expr "X$teststring" : ".*" 2>&1` && - lt_cv_sys_max_cmd_len=$new_result && - test $i != 17 # 1/2 MB should be enough - do - i=`expr $i + 1` - teststring=$teststring$teststring - done - teststring= - # Add a significant safety factor because C++ compilers can tack on massive - # amounts of additional arguments before passing them to the linker. - # It appears as though 1/2 is a usable value. - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` + lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` + if test -n "$lt_cv_sys_max_cmd_len"; then + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` + else + # Make teststring a little bigger before we do anything with it. + # a 1K string should be a reasonable start. + for i in 1 2 3 4 5 6 7 8 ; do + teststring=$teststring$teststring + done + SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} + # If test is not a shell built-in, we'll probably end up computing a + # maximum length that is only half of the actual maximum length, but + # we can't tell. + while { test "X"`func_fallback_echo "$teststring$teststring" 2>/dev/null` \ + = "X$teststring$teststring"; } >/dev/null 2>&1 && + test $i != 17 # 1/2 MB should be enough + do + i=`expr $i + 1` + teststring=$teststring$teststring + done + # Only check the string length outside the loop. + lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1` + teststring= + # Add a significant safety factor because C++ compilers can tack on + # massive amounts of additional arguments before passing them to the + # linker. It appears as though 1/2 is a usable value. + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` + fi ;; esac fi if test -n $lt_cv_sys_max_cmd_len ; then - { echo "$as_me:$LINENO: result: $lt_cv_sys_max_cmd_len" >&5 -echo "${ECHO_T}$lt_cv_sys_max_cmd_len" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sys_max_cmd_len" >&5 +$as_echo "$lt_cv_sys_max_cmd_len" >&6; } else - { echo "$as_me:$LINENO: result: none" >&5 -echo "${ECHO_T}none" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none" >&5 +$as_echo "none" >&6; } +fi +max_cmd_len=$lt_cv_sys_max_cmd_len + + + + + + +: ${CP="cp -f"} +: ${MV="mv -f"} +: ${RM="rm -f"} + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the shell understands some XSI constructs" >&5 +$as_echo_n "checking whether the shell understands some XSI constructs... " >&6; } +# Try some XSI features +xsi_shell=no +( _lt_dummy="a/b/c" + test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \ + = c,a/b,b/c, \ + && eval 'test $(( 1 + 1 )) -eq 2 \ + && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \ + && xsi_shell=yes +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $xsi_shell" >&5 +$as_echo "$xsi_shell" >&6; } + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the shell understands \"+=\"" >&5 +$as_echo_n "checking whether the shell understands \"+=\"... " >&6; } +lt_shell_append=no +( foo=bar; set foo baz; eval "$1+=\$2" && test "$foo" = barbaz ) \ + >/dev/null 2>&1 \ + && lt_shell_append=yes +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_shell_append" >&5 +$as_echo "$lt_shell_append" >&6; } + + +if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then + lt_unset=unset +else + lt_unset=false fi + +# test EBCDIC or ASCII +case `echo X|tr X '\101'` in + A) # ASCII based system + # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr + lt_SP2NL='tr \040 \012' + lt_NL2SP='tr \015\012 \040\040' + ;; + *) # EBCDIC based system + lt_SP2NL='tr \100 \n' + lt_NL2SP='tr \r\n \100\100' + ;; +esac + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to $host format" >&5 +$as_echo_n "checking how to convert $build file names to $host format... " >&6; } +if test "${lt_cv_to_host_file_cmd+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32 + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32 + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32 + ;; + esac + ;; + *-*-cygwin* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin + ;; + esac + ;; + * ) # unhandled hosts (and "normal" native builds) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; +esac + +fi + +to_host_file_cmd=$lt_cv_to_host_file_cmd +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_host_file_cmd" >&5 +$as_echo "$lt_cv_to_host_file_cmd" >&6; } + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to toolchain format" >&5 +$as_echo_n "checking how to convert $build file names to toolchain format... " >&6; } +if test "${lt_cv_to_tool_file_cmd+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + #assume ordinary cross tools, or native build. +lt_cv_to_tool_file_cmd=func_convert_file_noop +case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32 + ;; + esac + ;; +esac + +fi + +to_tool_file_cmd=$lt_cv_to_tool_file_cmd +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_tool_file_cmd" >&5 +$as_echo "$lt_cv_to_tool_file_cmd" >&6; } + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $LD option to reload object files" >&5 +$as_echo_n "checking for $LD option to reload object files... " >&6; } +if test "${lt_cv_ld_reload_flag+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_ld_reload_flag='-r' +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_reload_flag" >&5 +$as_echo "$lt_cv_ld_reload_flag" >&6; } +reload_flag=$lt_cv_ld_reload_flag +case $reload_flag in +"" | " "*) ;; +*) reload_flag=" $reload_flag" ;; +esac +reload_cmds='$LD$reload_flag -o $output$reload_objs' +case $host_os in + cygwin* | mingw* | pw32* | cegcc*) + if test "$GCC" != yes; then + reload_cmds=false + fi + ;; + darwin*) + if test "$GCC" = yes; then + reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs' + else + reload_cmds='$LD$reload_flag -o $output$reload_objs' + fi + ;; +esac + + + + + + + + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. +set dummy ${ac_tool_prefix}objdump; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_OBJDUMP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$OBJDUMP"; then + ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +OBJDUMP=$ac_cv_prog_OBJDUMP +if test -n "$OBJDUMP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 +$as_echo "$OBJDUMP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_OBJDUMP"; then + ac_ct_OBJDUMP=$OBJDUMP + # Extract the first word of "objdump", so it can be a program name with args. +set dummy objdump; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_OBJDUMP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_OBJDUMP"; then + ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_OBJDUMP="objdump" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP +if test -n "$ac_ct_OBJDUMP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 +$as_echo "$ac_ct_OBJDUMP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_OBJDUMP" = x; then + OBJDUMP="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OBJDUMP=$ac_ct_OBJDUMP + fi +else + OBJDUMP="$ac_cv_prog_OBJDUMP" +fi + +test -z "$OBJDUMP" && OBJDUMP=objdump + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to recognize dependent libraries" >&5 +$as_echo_n "checking how to recognize dependent libraries... " >&6; } +if test "${lt_cv_deplibs_check_method+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_file_magic_cmd='$MAGIC_CMD' +lt_cv_file_magic_test_file= +lt_cv_deplibs_check_method='unknown' +# Need to set the preceding variable on all platforms that support +# interlibrary dependencies. +# 'none' -- dependencies not supported. +# `unknown' -- same as none, but documents that we really don't know. +# 'pass_all' -- all dependencies passed with no checks. +# 'test_compile' -- check by making test program. +# 'file_magic [[regex]]' -- check by looking for files in library path +# which responds to the $file_magic_cmd with a given extended regex. +# If you have `file' or equivalent on your system and you're not sure +# whether `pass_all' will *always* work, you probably want this one. + +case $host_os in +aix[4-9]*) + lt_cv_deplibs_check_method=pass_all + ;; + +beos*) + lt_cv_deplibs_check_method=pass_all + ;; + +bsdi[45]*) + lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)' + lt_cv_file_magic_cmd='/usr/bin/file -L' + lt_cv_file_magic_test_file=/shlib/libc.so + ;; + +cygwin*) + # func_win32_libid is a shell function defined in ltmain.sh + lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' + lt_cv_file_magic_cmd='func_win32_libid' + ;; + +mingw* | pw32*) + # Base MSYS/MinGW do not provide the 'file' command needed by + # func_win32_libid shell function, so use a weaker test based on 'objdump', + # unless we find 'file', for example because we are cross-compiling. + # func_win32_libid assumes BSD nm, so disallow it if using MS dumpbin. + if ( test "$lt_cv_nm_interface" = "BSD nm" && file / ) >/dev/null 2>&1; then + lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' + lt_cv_file_magic_cmd='func_win32_libid' + else + # Keep this pattern in sync with the one in func_win32_libid. + lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' + lt_cv_file_magic_cmd='$OBJDUMP -f' + fi + ;; + +cegcc*) + # use the weaker test based on 'objdump'. See mingw*. + lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?' + lt_cv_file_magic_cmd='$OBJDUMP -f' + ;; + +darwin* | rhapsody*) + lt_cv_deplibs_check_method=pass_all + ;; + +freebsd* | dragonfly*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then + case $host_cpu in + i*86 ) + # Not sure whether the presence of OpenBSD here was a mistake. + # Let's accept both of them until this is cleared up. + lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library' + lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` + ;; + esac + else + lt_cv_deplibs_check_method=pass_all + fi + ;; + +gnu*) + lt_cv_deplibs_check_method=pass_all + ;; + +haiku*) + lt_cv_deplibs_check_method=pass_all + ;; + +hpux10.20* | hpux11*) + lt_cv_file_magic_cmd=/usr/bin/file + case $host_cpu in + ia64*) + lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64' + lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so + ;; + hppa*64*) + lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]' + lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl + ;; + *) + lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9]\.[0-9]) shared library' + lt_cv_file_magic_test_file=/usr/lib/libc.sl + ;; + esac + ;; + +interix[3-9]*) + # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|\.a)$' + ;; + +irix5* | irix6* | nonstopux*) + case $LD in + *-32|*"-32 ") libmagic=32-bit;; + *-n32|*"-n32 ") libmagic=N32;; + *-64|*"-64 ") libmagic=64-bit;; + *) libmagic=never-match;; + esac + lt_cv_deplibs_check_method=pass_all + ;; + +# This must be Linux ELF. +linux* | k*bsd*-gnu | kopensolaris*-gnu) + lt_cv_deplibs_check_method=pass_all + ;; + +netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' + else + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|_pic\.a)$' + fi + ;; + +newos6*) + lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)' + lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_test_file=/usr/lib/libnls.so + ;; + +*nto* | *qnx*) + lt_cv_deplibs_check_method=pass_all + ;; + +openbsd*) + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|\.so|_pic\.a)$' + else + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' + fi + ;; + +osf3* | osf4* | osf5*) + lt_cv_deplibs_check_method=pass_all + ;; + +rdos*) + lt_cv_deplibs_check_method=pass_all + ;; + +solaris*) + lt_cv_deplibs_check_method=pass_all + ;; + +sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) + lt_cv_deplibs_check_method=pass_all + ;; + +sysv4 | sysv4.3*) + case $host_vendor in + motorola) + lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib) M[0-9][0-9]* Version [0-9]' + lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` + ;; + ncr) + lt_cv_deplibs_check_method=pass_all + ;; + sequent) + lt_cv_file_magic_cmd='/bin/file' + lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )' + ;; + sni) + lt_cv_file_magic_cmd='/bin/file' + lt_cv_deplibs_check_method="file_magic ELF [0-9][0-9]*-bit [LM]SB dynamic lib" + lt_cv_file_magic_test_file=/lib/libc.so + ;; + siemens) + lt_cv_deplibs_check_method=pass_all + ;; + pc) + lt_cv_deplibs_check_method=pass_all + ;; + esac + ;; + +tpf*) + lt_cv_deplibs_check_method=pass_all + ;; +esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_deplibs_check_method" >&5 +$as_echo "$lt_cv_deplibs_check_method" >&6; } + +file_magic_glob= +want_nocaseglob=no +if test "$build" = "$host"; then + case $host_os in + mingw* | pw32*) + if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then + want_nocaseglob=yes + else + file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[\1]\/[\1]\/g;/g"` + fi + ;; + esac +fi + +file_magic_cmd=$lt_cv_file_magic_cmd +deplibs_check_method=$lt_cv_deplibs_check_method +test -z "$deplibs_check_method" && deplibs_check_method=unknown + + + + + + + + + + + + + + + + + + + + + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args. +set dummy ${ac_tool_prefix}dlltool; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_DLLTOOL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$DLLTOOL"; then + ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +DLLTOOL=$ac_cv_prog_DLLTOOL +if test -n "$DLLTOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5 +$as_echo "$DLLTOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_DLLTOOL"; then + ac_ct_DLLTOOL=$DLLTOOL + # Extract the first word of "dlltool", so it can be a program name with args. +set dummy dlltool; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_DLLTOOL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_DLLTOOL"; then + ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_DLLTOOL="dlltool" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL +if test -n "$ac_ct_DLLTOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5 +$as_echo "$ac_ct_DLLTOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_DLLTOOL" = x; then + DLLTOOL="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + DLLTOOL=$ac_ct_DLLTOOL + fi +else + DLLTOOL="$ac_cv_prog_DLLTOOL" +fi + +test -z "$DLLTOOL" && DLLTOOL=dlltool + + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to associate runtime and link libraries" >&5 +$as_echo_n "checking how to associate runtime and link libraries... " >&6; } +if test "${lt_cv_sharedlib_from_linklib_cmd+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_sharedlib_from_linklib_cmd='unknown' + +case $host_os in +cygwin* | mingw* | pw32* | cegcc*) + # two different shell functions defined in ltmain.sh + # decide which to use based on capabilities of $DLLTOOL + case `$DLLTOOL --help 2>&1` in + *--identify-strict*) + lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib + ;; + *) + lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback + ;; + esac + ;; +*) + # fallback: assume linklib IS sharedlib + lt_cv_sharedlib_from_linklib_cmd="$ECHO" + ;; +esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sharedlib_from_linklib_cmd" >&5 +$as_echo "$lt_cv_sharedlib_from_linklib_cmd" >&6; } +sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd +test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO + + + + + + + + +if test -n "$ac_tool_prefix"; then + for ac_prog in ar + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_AR+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$AR"; then + ac_cv_prog_AR="$AR" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_AR="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +AR=$ac_cv_prog_AR +if test -n "$AR"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AR" >&5 +$as_echo "$AR" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$AR" && break + done +fi +if test -z "$AR"; then + ac_ct_AR=$AR + for ac_prog in ar +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_AR+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_AR"; then + ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_AR="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_AR=$ac_cv_prog_ac_ct_AR +if test -n "$ac_ct_AR"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5 +$as_echo "$ac_ct_AR" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$ac_ct_AR" && break +done + + if test "x$ac_ct_AR" = x; then + AR="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + AR=$ac_ct_AR + fi +fi + +: ${AR=ar} +: ${AR_FLAGS=cru} + + + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for archiver @FILE support" >&5 +$as_echo_n "checking for archiver @FILE support... " >&6; } +if test "${lt_cv_ar_at_file+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_ar_at_file=no + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + echo conftest.$ac_objext > conftest.lst + lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&5' + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5 + (eval $lt_ar_try) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if test "$ac_status" -eq 0; then + # Ensure the archiver fails upon bogus file names. + rm -f conftest.$ac_objext libconftest.a + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5 + (eval $lt_ar_try) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if test "$ac_status" -ne 0; then + lt_cv_ar_at_file=@ + fi + fi + rm -f conftest.* libconftest.a + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ar_at_file" >&5 +$as_echo "$lt_cv_ar_at_file" >&6; } + +if test "x$lt_cv_ar_at_file" = xno; then + archiver_list_spec= +else + archiver_list_spec=$lt_cv_ar_at_file +fi + + + + + + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. +set dummy ${ac_tool_prefix}strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_STRIP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$STRIP"; then + ac_cv_prog_STRIP="$STRIP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_STRIP="${ac_tool_prefix}strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +STRIP=$ac_cv_prog_STRIP +if test -n "$STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 +$as_echo "$STRIP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_STRIP"; then + ac_ct_STRIP=$STRIP + # Extract the first word of "strip", so it can be a program name with args. +set dummy strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_STRIP"; then + ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_STRIP="strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP +if test -n "$ac_ct_STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 +$as_echo "$ac_ct_STRIP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_STRIP" = x; then + STRIP=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + STRIP=$ac_ct_STRIP + fi +else + STRIP="$ac_cv_prog_STRIP" +fi + +test -z "$STRIP" && STRIP=: + + + + + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. +set dummy ${ac_tool_prefix}ranlib; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_RANLIB+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$RANLIB"; then + ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +RANLIB=$ac_cv_prog_RANLIB +if test -n "$RANLIB"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 +$as_echo "$RANLIB" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_RANLIB"; then + ac_ct_RANLIB=$RANLIB + # Extract the first word of "ranlib", so it can be a program name with args. +set dummy ranlib; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_RANLIB"; then + ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_RANLIB="ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB +if test -n "$ac_ct_RANLIB"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 +$as_echo "$ac_ct_RANLIB" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_RANLIB" = x; then + RANLIB=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + RANLIB=$ac_ct_RANLIB + fi +else + RANLIB="$ac_cv_prog_RANLIB" +fi + +test -z "$RANLIB" && RANLIB=: + + + + + + +# Determine commands to create old-style static archives. +old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs' +old_postinstall_cmds='chmod 644 $oldlib' +old_postuninstall_cmds= + +if test -n "$RANLIB"; then + case $host_os in + openbsd*) + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" + ;; + *) + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" + ;; + esac + old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" +fi + +case $host_os in + darwin*) + lock_old_archive_extraction=yes ;; + *) + lock_old_archive_extraction=no ;; +esac + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +# If no C compiler was specified, use CC. +LTCC=${LTCC-"$CC"} + +# If no C compiler flags were specified, use CFLAGS. +LTCFLAGS=${LTCFLAGS-"$CFLAGS"} + +# Allow CC to be a program name with arguments. +compiler=$CC + + # Check for command to grab the raw symbol name followed by C symbol from nm. -{ echo "$as_me:$LINENO: checking command to parse $NM output from $compiler object" >&5 -echo $ECHO_N "checking command to parse $NM output from $compiler object... $ECHO_C" >&6; } -if test "${lt_cv_sys_global_symbol_pipe+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking command to parse $NM output from $compiler object" >&5 +$as_echo_n "checking command to parse $NM output from $compiler object... " >&6; } +if test "${lt_cv_sys_global_symbol_pipe+set}" = set; then : + $as_echo_n "(cached) " >&6 else # These are sane defaults that work on at least a few old systems. @@ -7242,33 +6418,18 @@ symcode='[BCDEGRST]' # Regexp to match symbols that can be accessed directly from C. sympat='\([_A-Za-z][_A-Za-z0-9]*\)' -# Transform an extracted symbol line into a proper C declaration -lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^. .* \(.*\)$/extern int \1;/p'" - -# Transform an extracted symbol line into symbol name and symbol address -lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode \([^ ]*\) \([^ ]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" - # Define system-specific variables. case $host_os in aix*) symcode='[BCDT]' ;; -cygwin* | mingw* | pw32*) +cygwin* | mingw* | pw32* | cegcc*) symcode='[ABCDGISTW]' ;; -hpux*) # Its linker distinguishes data from code symbols +hpux*) if test "$host_cpu" = ia64; then symcode='[ABCDEGRST]' fi - lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" - lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" - ;; -linux*) - if test "$host_cpu" = ia64; then - symcode='[ABCDGIRSTW]' - lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" - lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" - fi ;; irix* | nonstopux*) symcode='[BCDEGRST]' @@ -7293,57 +6454,86 @@ sysv4) ;; esac -# Handle CRLF in mingw tool chain -opt_cr= -case $build_os in -mingw*) - opt_cr=`echo 'x\{0,1\}' | tr x '\015'` # option cr in regexp - ;; -esac - # If we're using GNU nm, then use its standard symbol codes. case `$NM -V 2>&1` in *GNU* | *'with BFD'*) symcode='[ABCDGIRSTW]' ;; esac -# Try without a prefix undercore, then with it. +# Transform an extracted symbol line into a proper C declaration. +# Some systems (esp. on ia64) link data and code symbols differently, +# so use this general approach. +lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" + +# Transform an extracted symbol line into symbol name and symbol address +lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\)[ ]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (void *) \&\2},/p'" +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([^ ]*\)[ ]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \(lib[^ ]*\)$/ {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"lib\2\", (void *) \&\2},/p'" + +# Handle CRLF in mingw tool chain +opt_cr= +case $build_os in +mingw*) + opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp + ;; +esac + +# Try without a prefix underscore, then with it. for ac_symprfx in "" "_"; do # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol. symxfrm="\\1 $ac_symprfx\\2 \\2" # Write the raw and C identifiers. - lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" + if test "$lt_cv_nm_interface" = "MS dumpbin"; then + # Fake it for dumpbin and say T for any non-static function + # and D for any global variable. + # Also find C++ and __fastcall symbols from MSVC++, + # which start with @ or ?. + lt_cv_sys_global_symbol_pipe="$AWK '"\ +" {last_section=section; section=\$ 3};"\ +" /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ +" \$ 0!~/External *\|/{next};"\ +" / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ +" {if(hide[section]) next};"\ +" {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\ +" {split(\$ 0, a, /\||\r/); split(a[2], s)};"\ +" s[1]~/^[@?]/{print s[1], s[1]; next};"\ +" s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\ +" ' prfx=^$ac_symprfx" + else + lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" + fi + lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'" # Check to see that the pipe works correctly. pipe_works=no rm -f conftest* - cat > conftest.$ac_ext < conftest.$ac_ext <<_LT_EOF #ifdef __cplusplus extern "C" { #endif char nm_test_var; -void nm_test_func(){} +void nm_test_func(void); +void nm_test_func(void){} #ifdef __cplusplus } #endif int main(){nm_test_var='a';nm_test_func();return(0);} -EOF +_LT_EOF - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then # Now try to grab the symbols. nlist=conftest.nm - if { (eval echo "$as_me:$LINENO: \"$NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist\"") >&5 - (eval $NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist) 2>&5 + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\""; } >&5 + (eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && test -s "$nlist"; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s "$nlist"; then # Try sorting and uniquifying the output. if sort "$nlist" | uniq > "$nlist"T; then mv -f "$nlist"T "$nlist" @@ -7352,57 +6542,71 @@ EOF fi # Make sure that we snagged all the symbols we need. - if grep ' nm_test_var$' "$nlist" >/dev/null; then - if grep ' nm_test_func$' "$nlist" >/dev/null; then - cat < conftest.$ac_ext + if $GREP ' nm_test_var$' "$nlist" >/dev/null; then + if $GREP ' nm_test_func$' "$nlist" >/dev/null; then + cat <<_LT_EOF > conftest.$ac_ext +/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ +#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) +/* DATA imports from DLLs on WIN32 con't be const, because runtime + relocations are performed -- see ld's documentation on pseudo-relocs. */ +# define LT_DLSYM_CONST +#elif defined(__osf__) +/* This system does not cope well with relocations in const data. */ +# define LT_DLSYM_CONST +#else +# define LT_DLSYM_CONST const +#endif + #ifdef __cplusplus extern "C" { #endif -EOF +_LT_EOF # Now generate the symbol file. - eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | grep -v main >> conftest.$ac_ext' + eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext' - cat <> conftest.$ac_ext -#if defined (__STDC__) && __STDC__ -# define lt_ptr_t void * -#else -# define lt_ptr_t char * -# define const -#endif + cat <<_LT_EOF >> conftest.$ac_ext -/* The mapping between symbol names and symbols. */ -const struct { +/* The mapping between symbol names and symbols. */ +LT_DLSYM_CONST struct { const char *name; - lt_ptr_t address; + void *address; } -lt_preloaded_symbols[] = +lt__PROGRAM__LTX_preloaded_symbols[] = { -EOF - $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (lt_ptr_t) \&\2},/" < "$nlist" | grep -v main >> conftest.$ac_ext - cat <<\EOF >> conftest.$ac_ext - {0, (lt_ptr_t) 0} + { "@PROGRAM@", (void *) 0 }, +_LT_EOF + $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext + cat <<\_LT_EOF >> conftest.$ac_ext + {0, (void *) 0} }; +/* This works around a problem in FreeBSD linker */ +#ifdef FREEBSD_WORKAROUND +static const void *lt_preloaded_setup() { + return lt__PROGRAM__LTX_preloaded_symbols; +} +#endif + #ifdef __cplusplus } #endif -EOF +_LT_EOF # Now try linking the two files. mv conftest.$ac_objext conftstm.$ac_objext - lt_save_LIBS="$LIBS" - lt_save_CFLAGS="$CFLAGS" + lt_globsym_save_LIBS=$LIBS + lt_globsym_save_CFLAGS=$CFLAGS LIBS="conftstm.$ac_objext" CFLAGS="$CFLAGS$lt_prog_compiler_no_builtin_flag" - if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && test -s conftest${ac_exeext}; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s conftest${ac_exeext}; then pipe_works=yes fi - LIBS="$lt_save_LIBS" - CFLAGS="$lt_save_CFLAGS" + LIBS=$lt_globsym_save_LIBS + CFLAGS=$lt_globsym_save_CFLAGS else echo "cannot find nm_test_func in $nlist" >&5 fi @@ -7416,7 +6620,7 @@ EOF echo "$progname: failed program was:" >&5 cat conftest.$ac_ext >&5 fi - rm -f conftest* conftst* + rm -rf conftest* conftst* # Do not use the global_symbol_pipe unless it works. if test "$pipe_works" = yes; then @@ -7432,17 +6636,1334 @@ if test -z "$lt_cv_sys_global_symbol_pipe"; then lt_cv_sys_global_symbol_to_cdecl= fi if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then - { echo "$as_me:$LINENO: result: failed" >&5 -echo "${ECHO_T}failed" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: failed" >&5 +$as_echo "failed" >&6; } else - { echo "$as_me:$LINENO: result: ok" >&5 -echo "${ECHO_T}ok" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok" >&5 +$as_echo "ok" >&6; } fi -{ echo "$as_me:$LINENO: checking for objdir" >&5 -echo $ECHO_N "checking for objdir... $ECHO_C" >&6; } -if test "${lt_cv_objdir+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# Response file support. +if test "$lt_cv_nm_interface" = "MS dumpbin"; then + nm_file_list_spec='@' +elif $NM --help 2>/dev/null | grep '[@]FILE' >/dev/null; then + nm_file_list_spec='@' +fi + + + + + + + + + + + + + + + + + + + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sysroot" >&5 +$as_echo_n "checking for sysroot... " >&6; } + +# Check whether --with-sysroot was given. +if test "${with_sysroot+set}" = set; then : + withval=$with_sysroot; +else + with_sysroot=no +fi + + +lt_sysroot= +case ${with_sysroot} in #( + yes) + if test "$GCC" = yes; then + lt_sysroot=`$CC --print-sysroot 2>/dev/null` + fi + ;; #( + /*) + lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` + ;; #( + no|'') + ;; #( + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${with_sysroot}" >&5 +$as_echo "${with_sysroot}" >&6; } + as_fn_error "The sysroot must be an absolute path." "$LINENO" 5 + ;; +esac + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${lt_sysroot:-no}" >&5 +$as_echo "${lt_sysroot:-no}" >&6; } + + + + + +# Check whether --enable-libtool-lock was given. +if test "${enable_libtool_lock+set}" = set; then : + enableval=$enable_libtool_lock; +fi + +test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes + +# Some flags need to be propagated to the compiler or linker for good +# libtool support. +case $host in +ia64-*-hpux*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + case `/usr/bin/file conftest.$ac_objext` in + *ELF-32*) + HPUX_IA64_MODE="32" + ;; + *ELF-64*) + HPUX_IA64_MODE="64" + ;; + esac + fi + rm -rf conftest* + ;; +*-*-irix6*) + # Find out which ABI we are using. + echo '#line '$LINENO' "configure"' > conftest.$ac_ext + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + if test "$lt_cv_prog_gnu_ld" = yes; then + case `/usr/bin/file conftest.$ac_objext` in + *32-bit*) + LD="${LD-ld} -melf32bsmip" + ;; + *N32*) + LD="${LD-ld} -melf32bmipn32" + ;; + *64-bit*) + LD="${LD-ld} -melf64bmip" + ;; + esac + else + case `/usr/bin/file conftest.$ac_objext` in + *32-bit*) + LD="${LD-ld} -32" + ;; + *N32*) + LD="${LD-ld} -n32" + ;; + *64-bit*) + LD="${LD-ld} -64" + ;; + esac + fi + fi + rm -rf conftest* + ;; + +x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ +s390*-*linux*|s390*-*tpf*|sparc*-*linux*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + case `/usr/bin/file conftest.o` in + *32-bit*) + case $host in + x86_64-*kfreebsd*-gnu) + LD="${LD-ld} -m elf_i386_fbsd" + ;; + x86_64-*linux*) + LD="${LD-ld} -m elf_i386" + ;; + ppc64-*linux*|powerpc64-*linux*) + LD="${LD-ld} -m elf32ppclinux" + ;; + s390x-*linux*) + LD="${LD-ld} -m elf_s390" + ;; + sparc64-*linux*) + LD="${LD-ld} -m elf32_sparc" + ;; + esac + ;; + *64-bit*) + case $host in + x86_64-*kfreebsd*-gnu) + LD="${LD-ld} -m elf_x86_64_fbsd" + ;; + x86_64-*linux*) + LD="${LD-ld} -m elf_x86_64" + ;; + ppc*-*linux*|powerpc*-*linux*) + LD="${LD-ld} -m elf64ppc" + ;; + s390*-*linux*|s390*-*tpf*) + LD="${LD-ld} -m elf64_s390" + ;; + sparc*-*linux*) + LD="${LD-ld} -m elf64_sparc" + ;; + esac + ;; + esac + fi + rm -rf conftest* + ;; + +*-*-sco3.2v5*) + # On SCO OpenServer 5, we need -belf to get full-featured binaries. + SAVE_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -belf" + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler needs -belf" >&5 +$as_echo_n "checking whether the C compiler needs -belf... " >&6; } +if test "${lt_cv_cc_needs_belf+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + lt_cv_cc_needs_belf=yes +else + lt_cv_cc_needs_belf=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_cc_needs_belf" >&5 +$as_echo "$lt_cv_cc_needs_belf" >&6; } + if test x"$lt_cv_cc_needs_belf" != x"yes"; then + # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf + CFLAGS="$SAVE_CFLAGS" + fi + ;; +sparc*-*solaris*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + case `/usr/bin/file conftest.o` in + *64-bit*) + case $lt_cv_prog_gnu_ld in + yes*) LD="${LD-ld} -m elf64_sparc" ;; + *) + if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then + LD="${LD-ld} -64" + fi + ;; + esac + ;; + esac + fi + rm -rf conftest* + ;; +esac + +need_locks="$enable_libtool_lock" + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}mt", so it can be a program name with args. +set dummy ${ac_tool_prefix}mt; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_MANIFEST_TOOL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$MANIFEST_TOOL"; then + ac_cv_prog_MANIFEST_TOOL="$MANIFEST_TOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +MANIFEST_TOOL=$ac_cv_prog_MANIFEST_TOOL +if test -n "$MANIFEST_TOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MANIFEST_TOOL" >&5 +$as_echo "$MANIFEST_TOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_MANIFEST_TOOL"; then + ac_ct_MANIFEST_TOOL=$MANIFEST_TOOL + # Extract the first word of "mt", so it can be a program name with args. +set dummy mt; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_MANIFEST_TOOL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_MANIFEST_TOOL"; then + ac_cv_prog_ac_ct_MANIFEST_TOOL="$ac_ct_MANIFEST_TOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_MANIFEST_TOOL="mt" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_MANIFEST_TOOL=$ac_cv_prog_ac_ct_MANIFEST_TOOL +if test -n "$ac_ct_MANIFEST_TOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_MANIFEST_TOOL" >&5 +$as_echo "$ac_ct_MANIFEST_TOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_MANIFEST_TOOL" = x; then + MANIFEST_TOOL=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + MANIFEST_TOOL=$ac_ct_MANIFEST_TOOL + fi +else + MANIFEST_TOOL="$ac_cv_prog_MANIFEST_TOOL" +fi + +test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $MANIFEST_TOOL is a manifest tool" >&5 +$as_echo_n "checking if $MANIFEST_TOOL is a manifest tool... " >&6; } +if test "${lt_cv_path_mainfest_tool+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_path_mainfest_tool=no + echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&5 + $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out + cat conftest.err >&5 + if $GREP 'Manifest Tool' conftest.out > /dev/null; then + lt_cv_path_mainfest_tool=yes + fi + rm -f conftest* +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_mainfest_tool" >&5 +$as_echo "$lt_cv_path_mainfest_tool" >&6; } +if test "x$lt_cv_path_mainfest_tool" != xyes; then + MANIFEST_TOOL=: +fi + + + + + + + case $host_os in + rhapsody* | darwin*) + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}dsymutil", so it can be a program name with args. +set dummy ${ac_tool_prefix}dsymutil; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_DSYMUTIL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$DSYMUTIL"; then + ac_cv_prog_DSYMUTIL="$DSYMUTIL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +DSYMUTIL=$ac_cv_prog_DSYMUTIL +if test -n "$DSYMUTIL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DSYMUTIL" >&5 +$as_echo "$DSYMUTIL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_DSYMUTIL"; then + ac_ct_DSYMUTIL=$DSYMUTIL + # Extract the first word of "dsymutil", so it can be a program name with args. +set dummy dsymutil; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_DSYMUTIL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_DSYMUTIL"; then + ac_cv_prog_ac_ct_DSYMUTIL="$ac_ct_DSYMUTIL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_DSYMUTIL="dsymutil" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_DSYMUTIL=$ac_cv_prog_ac_ct_DSYMUTIL +if test -n "$ac_ct_DSYMUTIL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DSYMUTIL" >&5 +$as_echo "$ac_ct_DSYMUTIL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_DSYMUTIL" = x; then + DSYMUTIL=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + DSYMUTIL=$ac_ct_DSYMUTIL + fi +else + DSYMUTIL="$ac_cv_prog_DSYMUTIL" +fi + + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}nmedit", so it can be a program name with args. +set dummy ${ac_tool_prefix}nmedit; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_NMEDIT+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$NMEDIT"; then + ac_cv_prog_NMEDIT="$NMEDIT" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +NMEDIT=$ac_cv_prog_NMEDIT +if test -n "$NMEDIT"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NMEDIT" >&5 +$as_echo "$NMEDIT" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_NMEDIT"; then + ac_ct_NMEDIT=$NMEDIT + # Extract the first word of "nmedit", so it can be a program name with args. +set dummy nmedit; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_NMEDIT+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_NMEDIT"; then + ac_cv_prog_ac_ct_NMEDIT="$ac_ct_NMEDIT" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_NMEDIT="nmedit" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_NMEDIT=$ac_cv_prog_ac_ct_NMEDIT +if test -n "$ac_ct_NMEDIT"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_NMEDIT" >&5 +$as_echo "$ac_ct_NMEDIT" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_NMEDIT" = x; then + NMEDIT=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + NMEDIT=$ac_ct_NMEDIT + fi +else + NMEDIT="$ac_cv_prog_NMEDIT" +fi + + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}lipo", so it can be a program name with args. +set dummy ${ac_tool_prefix}lipo; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_LIPO+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$LIPO"; then + ac_cv_prog_LIPO="$LIPO" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_LIPO="${ac_tool_prefix}lipo" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +LIPO=$ac_cv_prog_LIPO +if test -n "$LIPO"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIPO" >&5 +$as_echo "$LIPO" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_LIPO"; then + ac_ct_LIPO=$LIPO + # Extract the first word of "lipo", so it can be a program name with args. +set dummy lipo; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_LIPO+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_LIPO"; then + ac_cv_prog_ac_ct_LIPO="$ac_ct_LIPO" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_LIPO="lipo" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_LIPO=$ac_cv_prog_ac_ct_LIPO +if test -n "$ac_ct_LIPO"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_LIPO" >&5 +$as_echo "$ac_ct_LIPO" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_LIPO" = x; then + LIPO=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + LIPO=$ac_ct_LIPO + fi +else + LIPO="$ac_cv_prog_LIPO" +fi + + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}otool", so it can be a program name with args. +set dummy ${ac_tool_prefix}otool; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_OTOOL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$OTOOL"; then + ac_cv_prog_OTOOL="$OTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_OTOOL="${ac_tool_prefix}otool" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +OTOOL=$ac_cv_prog_OTOOL +if test -n "$OTOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OTOOL" >&5 +$as_echo "$OTOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_OTOOL"; then + ac_ct_OTOOL=$OTOOL + # Extract the first word of "otool", so it can be a program name with args. +set dummy otool; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_OTOOL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_OTOOL"; then + ac_cv_prog_ac_ct_OTOOL="$ac_ct_OTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_OTOOL="otool" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_OTOOL=$ac_cv_prog_ac_ct_OTOOL +if test -n "$ac_ct_OTOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL" >&5 +$as_echo "$ac_ct_OTOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_OTOOL" = x; then + OTOOL=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OTOOL=$ac_ct_OTOOL + fi +else + OTOOL="$ac_cv_prog_OTOOL" +fi + + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}otool64", so it can be a program name with args. +set dummy ${ac_tool_prefix}otool64; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_OTOOL64+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$OTOOL64"; then + ac_cv_prog_OTOOL64="$OTOOL64" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +OTOOL64=$ac_cv_prog_OTOOL64 +if test -n "$OTOOL64"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OTOOL64" >&5 +$as_echo "$OTOOL64" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_OTOOL64"; then + ac_ct_OTOOL64=$OTOOL64 + # Extract the first word of "otool64", so it can be a program name with args. +set dummy otool64; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_OTOOL64+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_OTOOL64"; then + ac_cv_prog_ac_ct_OTOOL64="$ac_ct_OTOOL64" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_OTOOL64="otool64" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_OTOOL64=$ac_cv_prog_ac_ct_OTOOL64 +if test -n "$ac_ct_OTOOL64"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL64" >&5 +$as_echo "$ac_ct_OTOOL64" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_OTOOL64" = x; then + OTOOL64=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OTOOL64=$ac_ct_OTOOL64 + fi +else + OTOOL64="$ac_cv_prog_OTOOL64" +fi + + + + + + + + + + + + + + + + + + + + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -single_module linker flag" >&5 +$as_echo_n "checking for -single_module linker flag... " >&6; } +if test "${lt_cv_apple_cc_single_mod+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_apple_cc_single_mod=no + if test -z "${LT_MULTI_MODULE}"; then + # By default we will add the -single_module flag. You can override + # by either setting the environment variable LT_MULTI_MODULE + # non-empty at configure time, or by adding -multi_module to the + # link flags. + rm -rf libconftest.dylib* + echo "int foo(void){return 1;}" > conftest.c + echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ +-dynamiclib -Wl,-single_module conftest.c" >&5 + $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ + -dynamiclib -Wl,-single_module conftest.c 2>conftest.err + _lt_result=$? + if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then + lt_cv_apple_cc_single_mod=yes + else + cat conftest.err >&5 + fi + rm -rf libconftest.dylib* + rm -f conftest.* + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_apple_cc_single_mod" >&5 +$as_echo "$lt_cv_apple_cc_single_mod" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -exported_symbols_list linker flag" >&5 +$as_echo_n "checking for -exported_symbols_list linker flag... " >&6; } +if test "${lt_cv_ld_exported_symbols_list+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_ld_exported_symbols_list=no + save_LDFLAGS=$LDFLAGS + echo "_main" > conftest.sym + LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + lt_cv_ld_exported_symbols_list=yes +else + lt_cv_ld_exported_symbols_list=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS="$save_LDFLAGS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_exported_symbols_list" >&5 +$as_echo "$lt_cv_ld_exported_symbols_list" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -force_load linker flag" >&5 +$as_echo_n "checking for -force_load linker flag... " >&6; } +if test "${lt_cv_ld_force_load+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_ld_force_load=no + cat > conftest.c << _LT_EOF +int forced_loaded() { return 2;} +_LT_EOF + echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5 + $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5 + echo "$AR cru libconftest.a conftest.o" >&5 + $AR cru libconftest.a conftest.o 2>&5 + echo "$RANLIB libconftest.a" >&5 + $RANLIB libconftest.a 2>&5 + cat > conftest.c << _LT_EOF +int main() { return 0;} +_LT_EOF + echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&5 + $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err + _lt_result=$? + if test -f conftest && test ! -s conftest.err && test $_lt_result = 0 && $GREP forced_load conftest 2>&1 >/dev/null; then + lt_cv_ld_force_load=yes + else + cat conftest.err >&5 + fi + rm -f conftest.err libconftest.a conftest conftest.c + rm -rf conftest.dSYM + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_force_load" >&5 +$as_echo "$lt_cv_ld_force_load" >&6; } + case $host_os in + rhapsody* | darwin1.[012]) + _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;; + darwin1.*) + _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; + darwin*) # darwin 5.x on + # if running on 10.5 or later, the deployment target defaults + # to the OS version, if on x86, and 10.4, the deployment + # target defaults to 10.4. Don't you love it? + case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in + 10.0,*86*-darwin8*|10.0,*-darwin[91]*) + _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; + 10.[012]*) + _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; + 10.*) + _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; + esac + ;; + esac + if test "$lt_cv_apple_cc_single_mod" = "yes"; then + _lt_dar_single_mod='$single_module' + fi + if test "$lt_cv_ld_exported_symbols_list" = "yes"; then + _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym' + else + _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}' + fi + if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then + _lt_dsymutil='~$DSYMUTIL $lib || :' + else + _lt_dsymutil= + fi + ;; + esac + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 +$as_echo_n "checking for ANSI C header files... " >&6; } +if test "${ac_cv_header_stdc+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#include +#include + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_header_stdc=yes +else + ac_cv_header_stdc=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +if test $ac_cv_header_stdc = yes; then + # SunOS 4.x string.h does not declare mem*, contrary to ANSI. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "memchr" >/dev/null 2>&1; then : + +else + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "free" >/dev/null 2>&1; then : + +else + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. + if test "$cross_compiling" = yes; then : + : +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#if ((' ' & 0x0FF) == 0x020) +# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') +# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) +#else +# define ISLOWER(c) \ + (('a' <= (c) && (c) <= 'i') \ + || ('j' <= (c) && (c) <= 'r') \ + || ('s' <= (c) && (c) <= 'z')) +# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) +#endif + +#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) +int +main () +{ + int i; + for (i = 0; i < 256; i++) + if (XOR (islower (i), ISLOWER (i)) + || toupper (i) != TOUPPER (i)) + return 2; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + +else + ac_cv_header_stdc=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 +$as_echo "$ac_cv_header_stdc" >&6; } +if test $ac_cv_header_stdc = yes; then + +$as_echo "#define STDC_HEADERS 1" >>confdefs.h + +fi + +# On IRIX 5.3, sys/types and inttypes.h are conflicting. +for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ + inttypes.h stdint.h unistd.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default +" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + +for ac_header in dlfcn.h +do : + ac_fn_c_check_header_compile "$LINENO" "dlfcn.h" "ac_cv_header_dlfcn_h" "$ac_includes_default +" +if test "x$ac_cv_header_dlfcn_h" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_DLFCN_H 1 +_ACEOF + +fi + +done + + + + + +# Set options + + + + enable_dlopen=no + + + enable_win32_dll=no + + + # Check whether --enable-shared was given. +if test "${enable_shared+set}" = set; then : + enableval=$enable_shared; p=${PACKAGE-default} + case $enableval in + yes) enable_shared=yes ;; + no) enable_shared=no ;; + *) + enable_shared=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_shared=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac +else + enable_shared=yes +fi + + + + + + + + + + # Check whether --enable-static was given. +if test "${enable_static+set}" = set; then : + enableval=$enable_static; p=${PACKAGE-default} + case $enableval in + yes) enable_static=yes ;; + no) enable_static=no ;; + *) + enable_static=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_static=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac +else + enable_static=yes +fi + + + + + + + + + + +# Check whether --with-pic was given. +if test "${with_pic+set}" = set; then : + withval=$with_pic; pic_mode="$withval" +else + pic_mode=default +fi + + +test -z "$pic_mode" && pic_mode=default + + + + + + + + # Check whether --enable-fast-install was given. +if test "${enable_fast_install+set}" = set; then : + enableval=$enable_fast_install; p=${PACKAGE-default} + case $enableval in + yes) enable_fast_install=yes ;; + no) enable_fast_install=no ;; + *) + enable_fast_install=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_fast_install=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac +else + enable_fast_install=yes +fi + + + + + + + + + + + +# This can be used to rebuild libtool when needed +LIBTOOL_DEPS="$ltmain" + +# Always use our own libtool. +LIBTOOL='$(SHELL) $(top_builddir)/libtool' + + + + + + + + + + + + + + + + + + + + + + + + + + +test -z "$LN_S" && LN_S="ln -s" + + + + + + + + + + + + + + +if test -n "${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for objdir" >&5 +$as_echo_n "checking for objdir... " >&6; } +if test "${lt_cv_objdir+set}" = set; then : + $as_echo_n "(cached) " >&6 else rm -f .libs 2>/dev/null mkdir .libs 2>/dev/null @@ -7454,14 +7975,21 @@ else fi rmdir .libs 2>/dev/null fi -{ echo "$as_me:$LINENO: result: $lt_cv_objdir" >&5 -echo "${ECHO_T}$lt_cv_objdir" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_objdir" >&5 +$as_echo "$lt_cv_objdir" >&6; } objdir=$lt_cv_objdir +cat >>confdefs.h <<_ACEOF +#define LT_OBJDIR "$lt_cv_objdir/" +_ACEOF + + + + case $host_os in aix3*) # AIX sometimes has problems with the GCC collect2 program. For some @@ -7474,362 +8002,26 @@ aix3*) ;; esac -# Sed substitution that helps us do robust quoting. It backslashifies -# metacharacters that are still active within double-quoted strings. -Xsed='sed -e 1s/^X//' -sed_quote_subst='s/\([\\"\\`$\\\\]\)/\\\1/g' - -# Same as above, but do not quote variable references. -double_quote_subst='s/\([\\"\\`\\\\]\)/\\\1/g' - -# Sed substitution to delay expansion of an escaped shell variable in a -# double_quote_subst'ed string. -delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' - -# Sed substitution to avoid accidental globbing in evaled expressions -no_glob_subst='s/\*/\\\*/g' - -# Constants: -rm="rm -f" - # Global variables: -default_ofile=libtool +ofile=libtool can_build_shared=yes # All known linkers require a `.a' archive for static linking (except MSVC, # which needs '.lib'). libext=a -ltmain="$ac_aux_dir/ltmain.sh" -ofile="$default_ofile" + with_gnu_ld="$lt_cv_prog_gnu_ld" -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}ar", so it can be a program name with args. -set dummy ${ac_tool_prefix}ar; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_AR+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$AR"; then - ac_cv_prog_AR="$AR" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_AR="${ac_tool_prefix}ar" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -AR=$ac_cv_prog_AR -if test -n "$AR"; then - { echo "$as_me:$LINENO: result: $AR" >&5 -echo "${ECHO_T}$AR" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_AR"; then - ac_ct_AR=$AR - # Extract the first word of "ar", so it can be a program name with args. -set dummy ar; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_AR+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_AR"; then - ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_AR="ar" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_AR=$ac_cv_prog_ac_ct_AR -if test -n "$ac_ct_AR"; then - { echo "$as_me:$LINENO: result: $ac_ct_AR" >&5 -echo "${ECHO_T}$ac_ct_AR" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_AR" = x; then - AR="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - AR=$ac_ct_AR - fi -else - AR="$ac_cv_prog_AR" -fi - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. -set dummy ${ac_tool_prefix}ranlib; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_RANLIB+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$RANLIB"; then - ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -RANLIB=$ac_cv_prog_RANLIB -if test -n "$RANLIB"; then - { echo "$as_me:$LINENO: result: $RANLIB" >&5 -echo "${ECHO_T}$RANLIB" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_RANLIB"; then - ac_ct_RANLIB=$RANLIB - # Extract the first word of "ranlib", so it can be a program name with args. -set dummy ranlib; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_RANLIB"; then - ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_RANLIB="ranlib" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB -if test -n "$ac_ct_RANLIB"; then - { echo "$as_me:$LINENO: result: $ac_ct_RANLIB" >&5 -echo "${ECHO_T}$ac_ct_RANLIB" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_RANLIB" = x; then - RANLIB=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - RANLIB=$ac_ct_RANLIB - fi -else - RANLIB="$ac_cv_prog_RANLIB" -fi - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. -set dummy ${ac_tool_prefix}strip; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_STRIP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$STRIP"; then - ac_cv_prog_STRIP="$STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_STRIP="${ac_tool_prefix}strip" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -STRIP=$ac_cv_prog_STRIP -if test -n "$STRIP"; then - { echo "$as_me:$LINENO: result: $STRIP" >&5 -echo "${ECHO_T}$STRIP" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_STRIP"; then - ac_ct_STRIP=$STRIP - # Extract the first word of "strip", so it can be a program name with args. -set dummy strip; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_STRIP"; then - ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_STRIP="strip" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP -if test -n "$ac_ct_STRIP"; then - { echo "$as_me:$LINENO: result: $ac_ct_STRIP" >&5 -echo "${ECHO_T}$ac_ct_STRIP" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_STRIP" = x; then - STRIP=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - STRIP=$ac_ct_STRIP - fi -else - STRIP="$ac_cv_prog_STRIP" -fi - - old_CC="$CC" old_CFLAGS="$CFLAGS" # Set sane defaults for various variables -test -z "$AR" && AR=ar -test -z "$AR_FLAGS" && AR_FLAGS=cru -test -z "$AS" && AS=as test -z "$CC" && CC=cc test -z "$LTCC" && LTCC=$CC test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS -test -z "$DLLTOOL" && DLLTOOL=dlltool test -z "$LD" && LD=ld -test -z "$LN_S" && LN_S="ln -s" -test -z "$MAGIC_CMD" && MAGIC_CMD=file -test -z "$NM" && NM=nm -test -z "$SED" && SED=sed -test -z "$OBJDUMP" && OBJDUMP=objdump -test -z "$RANLIB" && RANLIB=: -test -z "$STRIP" && STRIP=: test -z "$ac_objext" && ac_objext=o -# Determine commands to create old-style static archives. -old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs' -old_postinstall_cmds='chmod 644 $oldlib' -old_postuninstall_cmds= - -if test -n "$RANLIB"; then - case $host_os in - openbsd*) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" - ;; - *) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" - ;; - esac - old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" -fi - for cc_temp in $compiler""; do case $cc_temp in compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; @@ -7838,17 +8030,18 @@ for cc_temp in $compiler""; do *) break;; esac done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` +cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"` # Only perform the check for file, if the check method requires it +test -z "$MAGIC_CMD" && MAGIC_CMD=file case $deplibs_check_method in file_magic*) if test "$file_magic_cmd" = '$MAGIC_CMD'; then - { echo "$as_me:$LINENO: checking for ${ac_tool_prefix}file" >&5 -echo $ECHO_N "checking for ${ac_tool_prefix}file... $ECHO_C" >&6; } -if test "${lt_cv_path_MAGIC_CMD+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${ac_tool_prefix}file" >&5 +$as_echo_n "checking for ${ac_tool_prefix}file... " >&6; } +if test "${lt_cv_path_MAGIC_CMD+set}" = set; then : + $as_echo_n "(cached) " >&6 else case $MAGIC_CMD in [\\/*] | ?:[\\/]*) @@ -7872,7 +8065,7 @@ else $EGREP "$file_magic_regex" > /dev/null; then : else - cat <&2 + cat <<_LT_EOF 1>&2 *** Warning: the command libtool uses to detect shared libraries, *** $file_magic_cmd, produces output that libtool cannot recognize. @@ -7883,7 +8076,7 @@ else *** may want to report the problem to your system manager and/or to *** bug-libtool@gnu.org -EOF +_LT_EOF fi ;; esac fi @@ -7898,19 +8091,23 @@ fi MAGIC_CMD="$lt_cv_path_MAGIC_CMD" if test -n "$MAGIC_CMD"; then - { echo "$as_me:$LINENO: result: $MAGIC_CMD" >&5 -echo "${ECHO_T}$MAGIC_CMD" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5 +$as_echo "$MAGIC_CMD" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi + + + + if test -z "$lt_cv_path_MAGIC_CMD"; then if test -n "$ac_tool_prefix"; then - { echo "$as_me:$LINENO: checking for file" >&5 -echo $ECHO_N "checking for file... $ECHO_C" >&6; } -if test "${lt_cv_path_MAGIC_CMD+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for file" >&5 +$as_echo_n "checking for file... " >&6; } +if test "${lt_cv_path_MAGIC_CMD+set}" = set; then : + $as_echo_n "(cached) " >&6 else case $MAGIC_CMD in [\\/*] | ?:[\\/]*) @@ -7934,7 +8131,7 @@ else $EGREP "$file_magic_regex" > /dev/null; then : else - cat <&2 + cat <<_LT_EOF 1>&2 *** Warning: the command libtool uses to detect shared libraries, *** $file_magic_cmd, produces output that libtool cannot recognize. @@ -7945,7 +8142,7 @@ else *** may want to report the problem to your system manager and/or to *** bug-libtool@gnu.org -EOF +_LT_EOF fi ;; esac fi @@ -7960,13 +8157,14 @@ fi MAGIC_CMD="$lt_cv_path_MAGIC_CMD" if test -n "$MAGIC_CMD"; then - { echo "$as_me:$LINENO: result: $MAGIC_CMD" >&5 -echo "${ECHO_T}$MAGIC_CMD" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5 +$as_echo "$MAGIC_CMD" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi + else MAGIC_CMD=: fi @@ -7976,28 +8174,8 @@ fi ;; esac -enable_dlopen=no -enable_win32_dll=no - -# Check whether --enable-libtool-lock was given. -if test "${enable_libtool_lock+set}" = set; then - enableval=$enable_libtool_lock; -fi - -test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes - - -# Check whether --with-pic was given. -if test "${with_pic+set}" = set; then - withval=$with_pic; pic_mode="$withval" -else - pic_mode=default -fi - -test -z "$pic_mode" && pic_mode=default - # Use C for the default configuration in the libtool script -tagname= + lt_save_CC="$CC" ac_ext=c ac_cpp='$CPP $CPPFLAGS' @@ -8014,10 +8192,15 @@ objext=o objext=$objext # Code to be used in simple compile tests -lt_simple_compile_test_code="int some_variable = 0;\n" +lt_simple_compile_test_code="int some_variable = 0;" # Code to be used in simple link tests -lt_simple_link_test_code='int main(){return(0);}\n' +lt_simple_link_test_code='int main(){return(0);}' + + + + + # If no C compiler was specified, use CC. @@ -8029,36 +8212,48 @@ LTCFLAGS=${LTCFLAGS-"$CFLAGS"} # Allow CC to be a program name with arguments. compiler=$CC +# Save the default compiler, since it gets overwritten when the other +# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP. +compiler_DEFAULT=$CC # save warnings/boilerplate of simple test code ac_outfile=conftest.$ac_objext -printf "$lt_simple_compile_test_code" >conftest.$ac_ext +echo "$lt_simple_compile_test_code" >conftest.$ac_ext eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err _lt_compiler_boilerplate=`cat conftest.err` -$rm conftest* +$RM conftest* ac_outfile=conftest.$ac_objext -printf "$lt_simple_link_test_code" >conftest.$ac_ext +echo "$lt_simple_link_test_code" >conftest.$ac_ext eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err _lt_linker_boilerplate=`cat conftest.err` -$rm conftest* +$RM -r conftest* +## CAVEAT EMPTOR: +## There is no encapsulation within the following macros, do not change +## the running order or otherwise move them around unless you know exactly +## what you are doing... +if test -n "$compiler"; then lt_prog_compiler_no_builtin_flag= if test "$GCC" = yes; then - lt_prog_compiler_no_builtin_flag=' -fno-builtin' + case $cc_basename in + nvcc*) + lt_prog_compiler_no_builtin_flag=' -Xcompiler -fno-builtin' ;; + *) + lt_prog_compiler_no_builtin_flag=' -fno-builtin' ;; + esac - -{ echo "$as_me:$LINENO: checking if $compiler supports -fno-rtti -fno-exceptions" >&5 -echo $ECHO_N "checking if $compiler supports -fno-rtti -fno-exceptions... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_rtti_exceptions+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -fno-rtti -fno-exceptions" >&5 +$as_echo_n "checking if $compiler supports -fno-rtti -fno-exceptions... " >&6; } +if test "${lt_cv_prog_compiler_rtti_exceptions+set}" = set; then : + $as_echo_n "(cached) " >&6 else lt_cv_prog_compiler_rtti_exceptions=no - ac_outfile=conftest.$ac_objext - printf "$lt_simple_compile_test_code" > conftest.$ac_ext + ac_outfile=conftest.$ac_objext + echo "$lt_simple_compile_test_code" > conftest.$ac_ext lt_compiler_flag="-fno-rtti -fno-exceptions" # Insert the option either (1) after the last *FLAGS variable, or # (2) before a word containing "conftest.", or (3) at the end. @@ -8069,25 +8264,25 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8072: $lt_compile\"" >&5) + (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:8076: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp + $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then lt_cv_prog_compiler_rtti_exceptions=yes fi fi - $rm conftest* + $RM conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_rtti_exceptions" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_rtti_exceptions" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_rtti_exceptions" >&5 +$as_echo "$lt_cv_prog_compiler_rtti_exceptions" >&6; } if test x"$lt_cv_prog_compiler_rtti_exceptions" = xyes; then lt_prog_compiler_no_builtin_flag="$lt_prog_compiler_no_builtin_flag -fno-rtti -fno-exceptions" @@ -8097,12 +8292,15 @@ fi fi -lt_prog_compiler_wl= + + + + + + lt_prog_compiler_wl= lt_prog_compiler_pic= lt_prog_compiler_static= -{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5 -echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } if test "$GCC" = yes; then lt_prog_compiler_wl='-Wl,' @@ -8118,19 +8316,29 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } ;; amigaos*) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - lt_prog_compiler_pic='-m68020 -resident32 -malways-restore-a4' + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + lt_prog_compiler_pic='-fPIC' + ;; + m68k) + # FIXME: we need at least 68020 code to build shared libraries, but + # adding the `-m68020' flag to GCC prevents building anything better, + # like `-m68040'. + lt_prog_compiler_pic='-m68020 -resident32 -malways-restore-a4' + ;; + esac ;; - beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) + beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) # PIC is the default for these OSes. ;; - mingw* | pw32* | os2*) + mingw* | cygwin* | pw32* | os2* | cegcc*) # This hack is so that the source file can tell whether it is being # built for inclusion in a dll (and should export symbols for example). + # Although the cygwin gcc ignores -fPIC, still need this for old-style + # (--disable-auto-import) libraries lt_prog_compiler_pic='-DDLL_EXPORT' ;; @@ -8140,7 +8348,27 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } lt_prog_compiler_pic='-fno-common' ;; - interix3*) + haiku*) + # PIC is the default for Haiku. + # The "-static" flag exists, but is broken. + lt_prog_compiler_static= + ;; + + hpux*) + # PIC is the default for 64-bit PA HP-UX, but not for 32-bit + # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag + # sets the default TLS model and affects inlining. + case $host_cpu in + hppa*64*) + # +Z the default + ;; + *) + lt_prog_compiler_pic='-fPIC' + ;; + esac + ;; + + interix[3-9]*) # Interix 3.x gcc -fpic/-fPIC options generate broken code. # Instead, we relocate shared libraries at runtime. ;; @@ -8152,29 +8380,29 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } enable_shared=no ;; + *nto* | *qnx*) + # QNX uses GNU C++, but need to define -shared option too, otherwise + # it will coredump. + lt_prog_compiler_pic='-fPIC -shared' + ;; + sysv4*MP*) if test -d /usr/nec; then lt_prog_compiler_pic=-Kconform_pic fi ;; - hpux*) - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic='-fPIC' - ;; - esac - ;; - *) lt_prog_compiler_pic='-fPIC' ;; esac + + case $cc_basename in + nvcc*) # Cuda Compiler Driver 2.2 + lt_prog_compiler_wl='-Xlinker ' + lt_prog_compiler_pic='-Xcompiler -fPIC' + ;; + esac else # PORTME Check for flag to pass linker flags through the system compiler. case $host_os in @@ -8187,18 +8415,8 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } lt_prog_compiler_static='-bnso -bI:/lib/syscalls.exp' fi ;; - darwin*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - case $cc_basename in - xlc*) - lt_prog_compiler_pic='-qnocommon' - lt_prog_compiler_wl='-Wl,' - ;; - esac - ;; - mingw* | pw32* | os2*) + mingw* | cygwin* | pw32* | os2* | cegcc*) # This hack is so that the source file can tell whether it is being # built for inclusion in a dll (and should export symbols for example). lt_prog_compiler_pic='-DDLL_EXPORT' @@ -8226,19 +8444,34 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } lt_prog_compiler_static='-non_shared' ;; - newsos6) - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-Bstatic' - ;; - - linux*) + linux* | k*bsd*-gnu | kopensolaris*-gnu) case $cc_basename in - icc* | ecc*) + # old Intel for x86_64 which still supported -KPIC. + ecc*) lt_prog_compiler_wl='-Wl,' lt_prog_compiler_pic='-KPIC' lt_prog_compiler_static='-static' ;; - pgcc* | pgf77* | pgf90* | pgf95*) + # icc used to be incompatible with GCC. + # ICC 10 doesn't accept -KPIC any more. + icc* | ifort*) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='-fPIC' + lt_prog_compiler_static='-static' + ;; + # Lahey Fortran 8.1. + lf95*) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='--shared' + lt_prog_compiler_static='--static' + ;; + nagfor*) + # NAG Fortran compiler + lt_prog_compiler_wl='-Wl,-Wl,,' + lt_prog_compiler_pic='-PIC' + lt_prog_compiler_static='-Bstatic' + ;; + pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*) # Portland Group compilers (*not* the Pentium gcc compiler, # which looks to be a dead project) lt_prog_compiler_wl='-Wl,' @@ -8250,20 +8483,57 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } # All Alpha code is PIC. lt_prog_compiler_static='-non_shared' ;; + xl* | bgxl* | bgf* | mpixl*) + # IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='-qpic' + lt_prog_compiler_static='-qstaticlink' + ;; + *) + case `$CC -V 2>&1 | sed 5q` in + *Sun\ F* | *Sun*Fortran*) + # Sun Fortran 8.3 passes all unrecognized flags to the linker + lt_prog_compiler_pic='-KPIC' + lt_prog_compiler_static='-Bstatic' + lt_prog_compiler_wl='' + ;; + *Sun\ C*) + # Sun C 5.9 + lt_prog_compiler_pic='-KPIC' + lt_prog_compiler_static='-Bstatic' + lt_prog_compiler_wl='-Wl,' + ;; + esac + ;; esac ;; + newsos6) + lt_prog_compiler_pic='-KPIC' + lt_prog_compiler_static='-Bstatic' + ;; + + *nto* | *qnx*) + # QNX uses GNU C++, but need to define -shared option too, otherwise + # it will coredump. + lt_prog_compiler_pic='-fPIC -shared' + ;; + osf3* | osf4* | osf5*) lt_prog_compiler_wl='-Wl,' # All OSF/1 code is PIC. lt_prog_compiler_static='-non_shared' ;; + rdos*) + lt_prog_compiler_static='-non_shared' + ;; + solaris*) lt_prog_compiler_pic='-KPIC' lt_prog_compiler_static='-Bstatic' case $cc_basename in - f77* | f90* | f95*) + f77* | f90* | f95* | sunf77* | sunf90* | sunf95*) lt_prog_compiler_wl='-Qoption ld ';; *) lt_prog_compiler_wl='-Wl,';; @@ -8311,63 +8581,6 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } esac fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic" >&6; } - -# -# Check to make sure the PIC flag actually works. -# -if test -n "$lt_prog_compiler_pic"; then - -{ echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5 -echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_pic_works+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_pic_works=no - ac_outfile=conftest.$ac_objext - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="$lt_prog_compiler_pic -DPIC" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8340: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:8344: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_pic_works=yes - fi - fi - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_works" >&6; } - -if test x"$lt_prog_compiler_pic_works" = xyes; then - case $lt_prog_compiler_pic in - "" | " "*) ;; - *) lt_prog_compiler_pic=" $lt_prog_compiler_pic" ;; - esac -else - lt_prog_compiler_pic= - lt_prog_compiler_can_build_shared=no -fi - -fi case $host_os in # For platforms which do not support PIC, -DPIC is meaningless: *djgpp*) @@ -8378,59 +8591,139 @@ case $host_os in ;; esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5 +$as_echo_n "checking for $compiler option to produce PIC... " >&6; } +if test "${lt_cv_prog_compiler_pic+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler_pic=$lt_prog_compiler_pic +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic" >&5 +$as_echo "$lt_cv_prog_compiler_pic" >&6; } +lt_prog_compiler_pic=$lt_cv_prog_compiler_pic + +# +# Check to make sure the PIC flag actually works. +# +if test -n "$lt_prog_compiler_pic"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5 +$as_echo_n "checking if $compiler PIC flag $lt_prog_compiler_pic works... " >&6; } +if test "${lt_cv_prog_compiler_pic_works+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler_pic_works=no + ac_outfile=conftest.$ac_objext + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + lt_compiler_flag="$lt_prog_compiler_pic -DPIC" + # Insert the option either (1) after the last *FLAGS variable, or + # (2) before a word containing "conftest.", or (3) at the end. + # Note that $ac_compile itself does not contain backslashes and begins + # with a dollar sign (not a hyphen), so the echo should work correctly. + # The option is referenced via a variable to avoid confusing sed. + lt_compile=`echo "$ac_compile" | $SED \ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` + (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5) + (eval "$lt_compile" 2>conftest.err) + ac_status=$? + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s "$ac_outfile"; then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings other than the usual output. + $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then + lt_cv_prog_compiler_pic_works=yes + fi + fi + $RM conftest* + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works" >&5 +$as_echo "$lt_cv_prog_compiler_pic_works" >&6; } + +if test x"$lt_cv_prog_compiler_pic_works" = xyes; then + case $lt_prog_compiler_pic in + "" | " "*) ;; + *) lt_prog_compiler_pic=" $lt_prog_compiler_pic" ;; + esac +else + lt_prog_compiler_pic= + lt_prog_compiler_can_build_shared=no +fi + +fi + + + + + + + + + + + # # Check to make sure the static flag actually works. # wl=$lt_prog_compiler_wl eval lt_tmp_static_flag=\"$lt_prog_compiler_static\" -{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_static_works+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5 +$as_echo_n "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; } +if test "${lt_cv_prog_compiler_static_works+set}" = set; then : + $as_echo_n "(cached) " >&6 else - lt_prog_compiler_static_works=no + lt_cv_prog_compiler_static_works=no save_LDFLAGS="$LDFLAGS" LDFLAGS="$LDFLAGS $lt_tmp_static_flag" - printf "$lt_simple_link_test_code" > conftest.$ac_ext + echo "$lt_simple_link_test_code" > conftest.$ac_ext if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then # The linker can only warn and ignore the option if not recognized # So say no if there are warnings if test -s conftest.err; then # Append any errors to the config.log. cat conftest.err 1>&5 - $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp + $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 if diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_static_works=yes + lt_cv_prog_compiler_static_works=yes fi else - lt_prog_compiler_static_works=yes + lt_cv_prog_compiler_static_works=yes fi fi - $rm conftest* + $RM -r conftest* LDFLAGS="$save_LDFLAGS" fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works" >&5 -echo "${ECHO_T}$lt_prog_compiler_static_works" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works" >&5 +$as_echo "$lt_cv_prog_compiler_static_works" >&6; } -if test x"$lt_prog_compiler_static_works" = xyes; then +if test x"$lt_cv_prog_compiler_static_works" = xyes; then : else lt_prog_compiler_static= fi -{ echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5 -echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_c_o+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 +$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } +if test "${lt_cv_prog_compiler_c_o+set}" = set; then : + $as_echo_n "(cached) " >&6 else lt_cv_prog_compiler_c_o=no - $rm -r conftest 2>/dev/null + $RM -r conftest 2>/dev/null mkdir conftest cd conftest mkdir out - printf "$lt_simple_compile_test_code" > conftest.$ac_ext + echo "$lt_simple_compile_test_code" > conftest.$ac_ext lt_compiler_flag="-o out/conftest2.$ac_objext" # Insert the option either (1) after the last *FLAGS variable, or @@ -8441,83 +8734,148 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8444: $lt_compile\"" >&5) + (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:8448: \$? = $ac_status" >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp + $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then lt_cv_prog_compiler_c_o=yes fi fi chmod u+w . 2>&5 - $rm conftest* + $RM conftest* # SGI C++ compiler will create directory out/ii_files/ for # template instantiation - test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files - $rm out/* && rmdir out + test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files + $RM out/* && rmdir out cd .. - rmdir conftest - $rm conftest* + $RM -r conftest + $RM conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_c_o" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 +$as_echo "$lt_cv_prog_compiler_c_o" >&6; } + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 +$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } +if test "${lt_cv_prog_compiler_c_o+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler_c_o=no + $RM -r conftest 2>/dev/null + mkdir conftest + cd conftest + mkdir out + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + + lt_compiler_flag="-o out/conftest2.$ac_objext" + # Insert the option either (1) after the last *FLAGS variable, or + # (2) before a word containing "conftest.", or (3) at the end. + # Note that $ac_compile itself does not contain backslashes and begins + # with a dollar sign (not a hyphen), so the echo should work correctly. + lt_compile=`echo "$ac_compile" | $SED \ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` + (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5) + (eval "$lt_compile" 2>out/conftest.err) + ac_status=$? + cat out/conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s out/conftest2.$ac_objext + then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings + $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp + $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 + if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then + lt_cv_prog_compiler_c_o=yes + fi + fi + chmod u+w . 2>&5 + $RM conftest* + # SGI C++ compiler will create directory out/ii_files/ for + # template instantiation + test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files + $RM out/* && rmdir out + cd .. + $RM -r conftest + $RM conftest* + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 +$as_echo "$lt_cv_prog_compiler_c_o" >&6; } + + hard_links="nottested" if test "$lt_cv_prog_compiler_c_o" = no && test "$need_locks" != no; then # do not overwrite the value of need_locks provided by the user - { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5 -echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we can lock with hard links" >&5 +$as_echo_n "checking if we can lock with hard links... " >&6; } hard_links=yes - $rm conftest* + $RM conftest* ln conftest.a conftest.b 2>/dev/null && hard_links=no touch conftest.a ln conftest.a conftest.b 2>&5 || hard_links=no ln conftest.a conftest.b 2>/dev/null && hard_links=no - { echo "$as_me:$LINENO: result: $hard_links" >&5 -echo "${ECHO_T}$hard_links" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $hard_links" >&5 +$as_echo "$hard_links" >&6; } if test "$hard_links" = no; then - { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 -echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 +$as_echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} need_locks=warn fi else need_locks=no fi -{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5 +$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; } runpath_var= allow_undefined_flag= - enable_shared_with_static_runtimes=no + always_export_symbols=no archive_cmds= archive_expsym_cmds= - old_archive_From_new_cmds= - old_archive_from_expsyms_cmds= + compiler_needs_object=no + enable_shared_with_static_runtimes=no export_dynamic_flag_spec= - whole_archive_flag_spec= - thread_safe_flag_spec= + export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + hardcode_automatic=no + hardcode_direct=no + hardcode_direct_absolute=no hardcode_libdir_flag_spec= hardcode_libdir_flag_spec_ld= hardcode_libdir_separator= - hardcode_direct=no hardcode_minus_L=no hardcode_shlibpath_var=unsupported + inherit_rpath=no link_all_deplibs=unknown - hardcode_automatic=no module_cmds= module_expsym_cmds= - always_export_symbols=no - export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + old_archive_from_new_cmds= + old_archive_from_expsyms_cmds= + thread_safe_flag_spec= + whole_archive_flag_spec= # include_expsyms should be a list of space-separated symbols to be *always* # included in the symbol list include_expsyms= @@ -8525,26 +8883,17 @@ echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared librar # it will be wrapped by ` (' and `)$', so one must not match beginning or # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', # as well as any symbol that contains `d'. - exclude_expsyms="_GLOBAL_OFFSET_TABLE_" + exclude_expsyms='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*' # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out # platforms (ab)use it in PIC code, but their linkers get confused if # the symbol is explicitly referenced. Since portable code cannot # rely on this symbol name, it's probably fine to never include it in # preloaded symbol tables. + # Exclude shared library initialization/finalization symbols. extract_expsyms_cmds= - # Just being paranoid about ensuring that cc_basename is set. - for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` case $host_os in - cygwin* | mingw* | pw32*) + cygwin* | mingw* | pw32* | cegcc*) # FIXME: the MSVC++ port hasn't been tested in a loooong time # When not using gcc, we currently assume that we are using # Microsoft Visual C++. @@ -8562,7 +8911,33 @@ cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` esac ld_shlibs=yes + + # On some targets, GNU ld is compatible enough with the native linker + # that we're better off using the native interface for both. + lt_use_gnu_ld_interface=no if test "$with_gnu_ld" = yes; then + case $host_os in + aix*) + # The AIX port of GNU ld has always aspired to compatibility + # with the native linker. However, as the warning in the GNU ld + # block says, versions before 2.19.5* couldn't really create working + # shared libraries, regardless of the interface used. + case `$LD -v 2>&1` in + *\ \(GNU\ Binutils\)\ 2.19.5*) ;; + *\ \(GNU\ Binutils\)\ 2.[2-9]*) ;; + *\ \(GNU\ Binutils\)\ [3-9]*) ;; + *) + lt_use_gnu_ld_interface=yes + ;; + esac + ;; + *) + lt_use_gnu_ld_interface=yes + ;; + esac + fi + + if test "$lt_use_gnu_ld_interface" = yes; then # If archive_cmds runs LD, not CC, wlarc should be empty wlarc='${wl}' @@ -8570,16 +8945,17 @@ cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` # are reset later if shared libraries are not supported. Putting them # here allows them to be overridden if necessary. runpath_var=LD_RUN_PATH - hardcode_libdir_flag_spec='${wl}--rpath ${wl}$libdir' + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' export_dynamic_flag_spec='${wl}--export-dynamic' # ancient GNU ld didn't support --whole-archive et. al. - if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then - whole_archive_flag_spec="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - whole_archive_flag_spec= + if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then + whole_archive_flag_spec="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' + else + whole_archive_flag_spec= fi supports_anon_versioning=no - case `$LD -v 2>/dev/null` in + case `$LD -v 2>&1` in + *GNU\ gold*) supports_anon_versioning=yes ;; *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11 *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... @@ -8589,38 +8965,40 @@ cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` # See if GNU ld supports shared libraries. case $host_os in - aix3* | aix4* | aix5*) + aix[3-9]*) # On AIX/PPC, the GNU linker is very broken if test "$host_cpu" != ia64; then ld_shlibs=no - cat <&2 + cat <<_LT_EOF 1>&2 -*** Warning: the GNU linker, at least up to release 2.9.1, is reported +*** Warning: the GNU linker, at least up to release 2.19, is reported *** to be unable to reliably create shared libraries on AIX. *** Therefore, libtool is disabling shared libraries support. If you -*** really care for shared libraries, you may want to modify your PATH -*** so that a non-GNU linker is found, and then restart. +*** really care for shared libraries, you may want to install binutils +*** 2.20 or above, or modify your PATH so that a non-GNU linker is found. +*** You will then need to restart the configuration process. -EOF +_LT_EOF fi ;; amigaos*) - archive_cmds='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - - # Samuel A. Falvo II reports - # that the semantics of dynamic libraries on AmigaOS, at least up - # to version 4, is to share data among multiple programs linked - # with the same dynamic library. Since this doesn't match the - # behavior of shared libraries on other platforms, we can't use - # them. - ld_shlibs=no + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='' + ;; + m68k) + archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' + hardcode_libdir_flag_spec='-L$libdir' + hardcode_minus_L=yes + ;; + esac ;; beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then allow_undefined_flag=unsupported # Joseph Beckenbach says some releases of gcc # support --undefined. This deserves some investigation. FIXME @@ -8630,16 +9008,18 @@ EOF fi ;; - cygwin* | mingw* | pw32*) - # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, ) is actually meaningless, + cygwin* | mingw* | pw32* | cegcc*) + # _LT_TAGVAR(hardcode_libdir_flag_spec, ) is actually meaningless, # as there is no search path for DLLs. hardcode_libdir_flag_spec='-L$libdir' + export_dynamic_flag_spec='${wl}--export-all-symbols' allow_undefined_flag=unsupported always_export_symbols=no enable_shared_with_static_runtimes=yes - export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS] /s/.* \([^ ]*\)/\1 DATA/'\'' | $SED -e '\''/^[AITW] /s/.* //'\'' | sort | uniq > $export_symbols' + export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/;s/^.*[ ]__nm__\([^ ]*\)[ ][^ ]*/\1 DATA/;/^I[ ]/d;/^[AITW][ ]/s/.* //'\'' | sort | uniq > $export_symbols' + exclude_expsyms='[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname' - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then + if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' # If the export-symbols file already is a .def file (1st line # is EXPORTS), use it as is; otherwise, prepend... @@ -8655,7 +9035,12 @@ EOF fi ;; - interix3*) + haiku*) + archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + link_all_deplibs=yes + ;; + + interix[3-9]*) hardcode_direct=no hardcode_shlibpath_var=no hardcode_libdir_flag_spec='${wl}-rpath,$libdir' @@ -8670,51 +9055,95 @@ EOF archive_expsym_cmds='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' ;; - linux*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - tmp_addflag= + gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu) + tmp_diet=no + if test "$host_os" = linux-dietlibc; then + case $cc_basename in + diet\ *) tmp_diet=yes;; # linux-dietlibc with static linking (!diet-dyn) + esac + fi + if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \ + && test "$tmp_diet" = no + then + tmp_addflag=' $pic_flag' + tmp_sharedflag='-shared' case $cc_basename,$host_cpu in - pgcc*) # Portland Group C compiler - whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' + pgcc*) # Portland Group C compiler + whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' tmp_addflag=' $pic_flag' ;; - pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers - whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' + pgf77* | pgf90* | pgf95* | pgfortran*) + # Portland Group f77 and f90 compilers + whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' tmp_addflag=' $pic_flag -Mnomain' ;; - ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 + ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 tmp_addflag=' -i_dynamic' ;; efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 tmp_addflag=' -i_dynamic -nofor_main' ;; ifc* | ifort*) # Intel Fortran compiler tmp_addflag=' -nofor_main' ;; + lf95*) # Lahey Fortran 8.1 + whole_archive_flag_spec= + tmp_sharedflag='--shared' ;; + xl[cC]* | bgxl[cC]* | mpixl[cC]*) # IBM XL C 8.0 on PPC (deal with xlf below) + tmp_sharedflag='-qmkshrobj' + tmp_addflag= ;; + nvcc*) # Cuda Compiler Driver 2.2 + whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + compiler_needs_object=yes + ;; esac - archive_cmds='$CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + case `$CC -V 2>&1 | sed 5q` in + *Sun\ C*) # Sun C 5.9 + whole_archive_flag_spec='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + compiler_needs_object=yes + tmp_sharedflag='-G' ;; + *Sun\ F*) # Sun Fortran 8.3 + tmp_sharedflag='-G' ;; + esac + archive_cmds='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - if test $supports_anon_versioning = yes; then - archive_expsym_cmds='$echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - $echo "local: *; };" >> $output_objdir/$libname.ver~ - $CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' - fi + if test "x$supports_anon_versioning" = xyes; then + archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~ + cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + echo "local: *; };" >> $output_objdir/$libname.ver~ + $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' + fi + + case $cc_basename in + xlf* | bgf* | bgxlf* | mpixlf*) + # IBM XL Fortran 10.1 on PPC cannot create shared libs itself + whole_archive_flag_spec='--whole-archive$convenience --no-whole-archive' + hardcode_libdir_flag_spec= + hardcode_libdir_flag_spec_ld='-rpath $libdir' + archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' + if test "x$supports_anon_versioning" = xyes; then + archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~ + cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + echo "local: *; };" >> $output_objdir/$libname.ver~ + $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib' + fi + ;; + esac else - ld_shlibs=no + ld_shlibs=no fi ;; netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' wlarc= else - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' fi ;; solaris*) - if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then + if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then ld_shlibs=no - cat <&2 + cat <<_LT_EOF 1>&2 *** Warning: The releases 2.8.* of the GNU linker cannot reliably *** create shared libraries on Solaris systems. Therefore, libtool @@ -8723,10 +9152,10 @@ EOF *** your PATH or compiler configuration so that the native linker is *** used, and then restart. -EOF - elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' +_LT_EOF + elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' else ld_shlibs=no fi @@ -8748,10 +9177,14 @@ EOF _LT_EOF ;; *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`' - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib' + # For security reasons, it is highly recommended that you always + # use absolute paths for naming shared libraries, and exclude the + # DT_RUNPATH tag from executables and libraries. But doing so + # requires that you compile everything twice, which is a pain. + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' + archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' else ld_shlibs=no fi @@ -8767,9 +9200,9 @@ _LT_EOF ;; *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' else ld_shlibs=no fi @@ -8799,7 +9232,7 @@ _LT_EOF fi ;; - aix4* | aix5*) + aix[4-9]*) if test "$host_cpu" = ia64; then # On IA64, the linker does run time linking by default, so we don't # have to do anything special. @@ -8809,22 +9242,24 @@ _LT_EOF else # If we're using GNU nm, then we don't want the "-C" option. # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | grep 'GNU' > /dev/null; then - export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' + # Also, AIX nm treats weak defined symbols like other global + # defined symbols, whereas GNU nm marks them as "W". + if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then + export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' else - export_symbols_cmds='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' + export_symbols_cmds='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' fi aix_use_runtimelinking=no # Test if we are trying to use run time linking or normal # AIX style linking. If -brtl is somewhere in LDFLAGS, we # need to do runtime linking. - case $host_os in aix4.[23]|aix4.[23].*|aix5*) + case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*) for ld_flag in $LDFLAGS; do - if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then - aix_use_runtimelinking=yes - break - fi + if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then + aix_use_runtimelinking=yes + break + fi done ;; esac @@ -8841,28 +9276,30 @@ _LT_EOF archive_cmds='' hardcode_direct=yes + hardcode_direct_absolute=yes hardcode_libdir_separator=':' link_all_deplibs=yes + file_list_spec='${wl}-f,' if test "$GCC" = yes; then case $host_os in aix4.[012]|aix4.[012].*) # We only want to do this on AIX 4.2 and lower, the check # below for broken collect2 doesn't work under 4.3+ collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null + if test -f "$collect2name" && + strings "$collect2name" | $GREP resolve_lib_name >/dev/null then - # We have reworked collect2 - hardcode_direct=yes + # We have reworked collect2 + : else - # We have old collect2 - hardcode_direct=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - hardcode_minus_L=yes - hardcode_libdir_flag_spec='-L$libdir' - hardcode_libdir_separator= + # We have old collect2 + hardcode_direct=unsupported + # It fails to find uninstalled libraries when the uninstalled + # path is not listed in the libpath. Setting hardcode_minus_L + # to unsupported forces relinking + hardcode_minus_L=yes + hardcode_libdir_flag_spec='-L$libdir' + hardcode_libdir_separator= fi ;; esac @@ -8873,8 +9310,8 @@ _LT_EOF else # not using gcc if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: + # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release + # chokes on -Wl,-G. The following line is correct: shared_flag='-G' else if test "$aix_use_runtimelinking" = yes; then @@ -8885,6 +9322,7 @@ _LT_EOF fi fi + export_dynamic_flag_spec='${wl}-bexpall' # It seems that -bexpall does not export symbols beginning with # underscore (_), so it is better to generate a list of symbols to export. always_export_symbols=yes @@ -8892,12 +9330,15 @@ _LT_EOF # Warning - without using the other runtime loading flags (-brtl), # -berok will link without error, but may produce a broken library. allow_undefined_flag='-berok' - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + # Determine the default libpath from the value encoded in an + # empty executable. + if test "${lt_cv_aix_libpath+set}" = set; then + aix_libpath=$lt_cv_aix_libpath +else + if test "${lt_cv_aix_libpath_+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -8908,55 +9349,49 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_c_try_link "$LINENO"; then : + lt_aix_libpath_sed=' + /Import File Strings/,/^$/ { + /^0/ { + s/^0 *\([^ ]*\) *$/\1/ + p + } + }' + lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + # Check for a 64-bit object if we didn't find anything. + if test -z "$lt_cv_aix_libpath_"; then + lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + fi +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test -z "$lt_cv_aix_libpath_"; then + lt_cv_aix_libpath_="/usr/lib:/lib" + fi fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi + aix_libpath=$lt_cv_aix_libpath_ +fi - hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" - archive_expsym_cmds="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else + hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" + archive_expsym_cmds='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" + else if test "$host_cpu" = ia64; then hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib' allow_undefined_flag="-z nodefs" archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" else - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + # Determine the default libpath from the value encoded in an + # empty executable. + if test "${lt_cv_aix_libpath+set}" = set; then + aix_libpath=$lt_cv_aix_libpath +else + if test "${lt_cv_aix_libpath_+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -8967,48 +9402,44 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_c_try_link "$LINENO"; then : + lt_aix_libpath_sed=' + /Import File Strings/,/^$/ { + /^0/ { + s/^0 *\([^ ]*\) *$/\1/ + p + } + }' + lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + # Check for a 64-bit object if we didn't find anything. + if test -z "$lt_cv_aix_libpath_"; then + lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + fi +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test -z "$lt_cv_aix_libpath_"; then + lt_cv_aix_libpath_="/usr/lib:/lib" + fi fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi + aix_libpath=$lt_cv_aix_libpath_ +fi hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" # Warning - without using the other run time loading flags, # -berok will link without error, but may produce a broken library. no_undefined_flag=' ${wl}-bernotok' allow_undefined_flag=' ${wl}-berok' - # Exported symbols can be pulled into shared objects from archives - whole_archive_flag_spec='$convenience' + if test "$with_gnu_ld" = yes; then + # We only use this code for GNU lds that support --whole-archive. + whole_archive_flag_spec='${wl}--whole-archive$convenience ${wl}--no-whole-archive' + else + # Exported symbols can be pulled into shared objects from archives + whole_archive_flag_spec='$convenience' + fi archive_cmds_need_lc=yes # This is similar to how AIX traditionally builds its shared libraries. archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' @@ -9017,86 +9448,117 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ;; amigaos*) - archive_cmds='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - # see comment about different semantics on the GNU ld section - ld_shlibs=no + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='' + ;; + m68k) + archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' + hardcode_libdir_flag_spec='-L$libdir' + hardcode_minus_L=yes + ;; + esac ;; bsdi[45]*) export_dynamic_flag_spec=-rdynamic ;; - cygwin* | mingw* | pw32*) + cygwin* | mingw* | pw32* | cegcc*) # When not using gcc, we currently assume that we are using # Microsoft Visual C++. # hardcode_libdir_flag_spec is actually meaningless, as there is # no search path for DLLs. - hardcode_libdir_flag_spec=' ' - allow_undefined_flag=unsupported - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - archive_cmds='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames=' - # The linker will automatically build a .lib file if we build a DLL. - old_archive_From_new_cmds='true' - # FIXME: Should let the user specify the lib program. - old_archive_cmds='lib /OUT:$oldlib$oldobjs$old_deplibs' - fix_srcfile_path='`cygpath -w "$srcfile"`' - enable_shared_with_static_runtimes=yes + case $cc_basename in + cl*) + # Native MSVC + hardcode_libdir_flag_spec=' ' + allow_undefined_flag=unsupported + always_export_symbols=yes + file_list_spec='@' + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + archive_cmds='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' + archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; + else + sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; + fi~ + $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ + linknames=' + # The linker will not automatically build a static lib if we build a DLL. + # _LT_TAGVAR(old_archive_from_new_cmds, )='true' + enable_shared_with_static_runtimes=yes + export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1,DATA/'\'' | $SED -e '\''/^[AITW][ ]/s/.*[ ]//'\'' | sort | uniq > $export_symbols' + # Don't use ranlib + old_postinstall_cmds='chmod 644 $oldlib' + postlink_cmds='lt_outputfile="@OUTPUT@"~ + lt_tool_outputfile="@TOOL_OUTPUT@"~ + case $lt_outputfile in + *.exe|*.EXE) ;; + *) + lt_outputfile="$lt_outputfile.exe" + lt_tool_outputfile="$lt_tool_outputfile.exe" + ;; + esac~ + if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then + $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; + $RM "$lt_outputfile.manifest"; + fi' + ;; + *) + # Assume MSVC wrapper + hardcode_libdir_flag_spec=' ' + allow_undefined_flag=unsupported + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + archive_cmds='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames=' + # The linker will automatically build a .lib file if we build a DLL. + old_archive_from_new_cmds='true' + # FIXME: Should let the user specify the lib program. + old_archive_cmds='lib -OUT:$oldlib$oldobjs$old_deplibs' + enable_shared_with_static_runtimes=yes + ;; + esac ;; darwin* | rhapsody*) - case $host_os in - rhapsody* | darwin1.[012]) - allow_undefined_flag='${wl}-undefined ${wl}suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - ;; - 10.*) - allow_undefined_flag='${wl}-undefined ${wl}dynamic_lookup' - ;; - esac - fi - ;; - esac - archive_cmds_need_lc=no - hardcode_direct=no - hardcode_automatic=yes - hardcode_shlibpath_var=unsupported - whole_archive_flag_spec='' - link_all_deplibs=yes - if test "$GCC" = yes ; then - output_verbose_link_cmd='echo' - archive_cmds='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - module_cmds='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - case $cc_basename in - xlc*) - output_verbose_link_cmd='echo' - archive_cmds='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' - module_cmds='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - ;; - *) - ld_shlibs=no - ;; - esac - fi + + + archive_cmds_need_lc=no + hardcode_direct=no + hardcode_automatic=yes + hardcode_shlibpath_var=unsupported + if test "$lt_cv_ld_force_load" = "yes"; then + whole_archive_flag_spec='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' + else + whole_archive_flag_spec='' + fi + link_all_deplibs=yes + allow_undefined_flag="$_lt_dar_allow_undefined" + case $cc_basename in + ifort*) _lt_dar_can_shared=yes ;; + *) _lt_dar_can_shared=$GCC ;; + esac + if test "$_lt_dar_can_shared" = "yes"; then + output_verbose_link_cmd=func_echo_all + archive_cmds="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}" + module_cmds="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}" + archive_expsym_cmds="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}" + module_expsym_cmds="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}" + + else + ld_shlibs=no + fi + ;; dgux*) @@ -9129,8 +9591,8 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ;; # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | kfreebsd*-gnu | dragonfly*) - archive_cmds='$CC -shared -o $lib $libobjs $deplibs $compiler_flags' + freebsd* | dragonfly*) + archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' hardcode_libdir_flag_spec='-R$libdir' hardcode_direct=yes hardcode_shlibpath_var=no @@ -9138,9 +9600,9 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi hpux9*) if test "$GCC" = yes; then - archive_cmds='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + archive_cmds='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' else - archive_cmds='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + archive_cmds='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' fi hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' hardcode_libdir_separator=: @@ -9153,18 +9615,18 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ;; hpux10*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - archive_cmds='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + if test "$GCC" = yes && test "$with_gnu_ld" = no; then + archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' else archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' fi if test "$with_gnu_ld" = no; then hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' + hardcode_libdir_flag_spec_ld='+b $libdir' hardcode_libdir_separator=: - hardcode_direct=yes + hardcode_direct_absolute=yes export_dynamic_flag_spec='${wl}-E' - # hardcode_minus_L: Not really in the search PATH, # but as the default location of the library. hardcode_minus_L=yes @@ -9172,16 +9634,16 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ;; hpux11*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then + if test "$GCC" = yes && test "$with_gnu_ld" = no; then case $host_cpu in hppa*64*) archive_cmds='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' ;; ia64*) - archive_cmds='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' + archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' ;; *) - archive_cmds='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' ;; esac else @@ -9193,7 +9655,46 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' ;; *) - archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + + # Older versions of the 11.00 compiler do not understand -b yet + # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC understands -b" >&5 +$as_echo_n "checking if $CC understands -b... " >&6; } +if test "${lt_cv_prog_compiler__b+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler__b=no + save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS -b" + echo "$lt_simple_link_test_code" > conftest.$ac_ext + if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then + # The linker can only warn and ignore the option if not recognized + # So say no if there are warnings + if test -s conftest.err; then + # Append any errors to the config.log. + cat conftest.err 1>&5 + $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if diff conftest.exp conftest.er2 >/dev/null; then + lt_cv_prog_compiler__b=yes + fi + else + lt_cv_prog_compiler__b=yes + fi + fi + $RM -r conftest* + LDFLAGS="$save_LDFLAGS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler__b" >&5 +$as_echo "$lt_cv_prog_compiler__b" >&6; } + +if test x"$lt_cv_prog_compiler__b" = xyes; then + archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' +else + archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' +fi + ;; esac fi @@ -9203,12 +9704,12 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi case $host_cpu in hppa*64*|ia64*) - hardcode_libdir_flag_spec_ld='+b $libdir' hardcode_direct=no hardcode_shlibpath_var=no ;; *) hardcode_direct=yes + hardcode_direct_absolute=yes export_dynamic_flag_spec='${wl}-E' # hardcode_minus_L: Not really in the search PATH, @@ -9221,18 +9722,49 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi irix5* | irix6* | nonstopux*) if test "$GCC" = yes; then - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + # Try to use the -exported_symbol ld option, if it does not + # work, assume that -exports_file does not work either and + # implicitly export all symbols. + # This should be the same for all languages, so no per-tag cache variable. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $host_os linker accepts -exported_symbol" >&5 +$as_echo_n "checking whether the $host_os linker accepts -exported_symbol... " >&6; } +if test "${lt_cv_irix_exported_symbol+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int foo (void) { return 0; } +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + lt_cv_irix_exported_symbol=yes +else + lt_cv_irix_exported_symbol=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS="$save_LDFLAGS" +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_irix_exported_symbol" >&5 +$as_echo "$lt_cv_irix_exported_symbol" >&6; } + if test "$lt_cv_irix_exported_symbol" = yes; then + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib' + fi else - archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - hardcode_libdir_flag_spec_ld='-rpath $libdir' + archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib' fi + archive_cmds_need_lc='no' hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' hardcode_libdir_separator=: + inherit_rpath=yes link_all_deplibs=yes ;; netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out else archive_cmds='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF @@ -9250,25 +9782,33 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi hardcode_shlibpath_var=no ;; + *nto* | *qnx*) + ;; + openbsd*) - hardcode_direct=yes - hardcode_shlibpath_var=no - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' - hardcode_libdir_flag_spec='${wl}-rpath,$libdir' - export_dynamic_flag_spec='${wl}-E' + if test -f /usr/libexec/ld.so; then + hardcode_direct=yes + hardcode_shlibpath_var=no + hardcode_direct_absolute=yes + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' + hardcode_libdir_flag_spec='${wl}-rpath,$libdir' + export_dynamic_flag_spec='${wl}-E' + else + case $host_os in + openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*) + archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' + hardcode_libdir_flag_spec='-R$libdir' + ;; + *) + archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + hardcode_libdir_flag_spec='${wl}-rpath,$libdir' + ;; + esac + fi else - case $host_os in - openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*) - archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec='-R$libdir' - ;; - *) - archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec='${wl}-rpath,$libdir' - ;; - esac + ld_shlibs=no fi ;; @@ -9276,18 +9816,19 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi hardcode_libdir_flag_spec='-L$libdir' hardcode_minus_L=yes allow_undefined_flag=unsupported - archive_cmds='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' - old_archive_From_new_cmds='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' + archive_cmds='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~echo DATA >> $output_objdir/$libname.def~echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' + old_archive_from_new_cmds='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' ;; osf3*) if test "$GCC" = yes; then allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' else allow_undefined_flag=' -expect_unresolved \*' - archive_cmds='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' + archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' fi + archive_cmds_need_lc='no' hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' hardcode_libdir_separator=: ;; @@ -9295,49 +9836,59 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi osf4* | osf5*) # as osf3* with the addition of -msym flag if test "$GCC" = yes; then allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + archive_cmds='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' else allow_undefined_flag=' -expect_unresolved \*' - archive_cmds='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - archive_expsym_cmds='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~ - $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp' + archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + archive_expsym_cmds='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~ + $CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp' # Both c and cxx compiler support -rpath directly hardcode_libdir_flag_spec='-rpath $libdir' fi + archive_cmds_need_lc='no' hardcode_libdir_separator=: ;; solaris*) - no_undefined_flag=' -z text' + no_undefined_flag=' -z defs' if test "$GCC" = yes; then wlarc='${wl}' - archive_cmds='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp' + archive_cmds='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' else - wlarc='' - archive_cmds='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' - archive_expsym_cmds='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp' + case `$CC -V 2>&1` in + *"Compilers 5.0"*) + wlarc='' + archive_cmds='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' + archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp' + ;; + *) + wlarc='${wl}' + archive_cmds='$CC -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' + ;; + esac fi hardcode_libdir_flag_spec='-R$libdir' hardcode_shlibpath_var=no case $host_os in solaris2.[0-5] | solaris2.[0-5].*) ;; *) - # The compiler driver will combine linker options so we - # cannot just pass the convience library names through - # without $wl, iff we do not link with $LD. - # Luckily, gcc supports the same syntax we need for Sun Studio. - # Supported since Solaris 2.6 (maybe 2.5.1?) - case $wlarc in - '') - whole_archive_flag_spec='-z allextract$convenience -z defaultextract' ;; - *) - whole_archive_flag_spec='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' ;; - esac ;; + # The compiler driver will combine and reorder linker options, + # but understands `-z linker_flag'. GCC discards it without `$wl', + # but is careful enough not to reorder. + # Supported since Solaris 2.6 (maybe 2.5.1?) + if test "$GCC" = yes; then + whole_archive_flag_spec='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract' + else + whole_archive_flag_spec='-z allextract$convenience -z defaultextract' + fi + ;; esac link_all_deplibs=yes ;; @@ -9394,7 +9945,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi fi ;; - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7*) + sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7* | sco3.2v5.0.[024]*) no_undefined_flag='${wl}-z,text' archive_cmds_need_lc=no hardcode_shlibpath_var=no @@ -9420,18 +9971,18 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi allow_undefined_flag='${wl}-z,nodefs' archive_cmds_need_lc=no hardcode_shlibpath_var=no - hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' + hardcode_libdir_flag_spec='${wl}-R,$libdir' hardcode_libdir_separator=':' link_all_deplibs=yes export_dynamic_flag_spec='${wl}-Bexport' runpath_var='LD_RUN_PATH' if test "$GCC" = yes; then - archive_cmds='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' + archive_cmds='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' else - archive_cmds='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' + archive_cmds='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' fi ;; @@ -9445,12 +9996,36 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ld_shlibs=no ;; esac + + if test x$host_vendor = xsni; then + case $host in + sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*) + export_dynamic_flag_spec='${wl}-Blargedynsym' + ;; + esac + fi fi -{ echo "$as_me:$LINENO: result: $ld_shlibs" >&5 -echo "${ECHO_T}$ld_shlibs" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs" >&5 +$as_echo "$ld_shlibs" >&6; } test "$ld_shlibs" = no && can_build_shared=no +with_gnu_ld=$with_gnu_ld + + + + + + + + + + + + + + + # # Do we need to explicitly link libc? # @@ -9468,54 +10043,281 @@ x|xyes) # Test whether the compiler implicitly links with -lc since on some # systems, -lgcc has to come before -lc. If gcc already passes -lc # to ld, don't add -lc before -lgcc. - { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5 -echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; } - $rm conftest* - printf "$lt_simple_compile_test_code" > conftest.$ac_ext + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5 +$as_echo_n "checking whether -lc should be explicitly linked in... " >&6; } +if test "${lt_cv_archive_cmds_need_lc+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + $RM conftest* + echo "$lt_simple_compile_test_code" > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } 2>conftest.err; then - soname=conftest - lib=conftest - libobjs=conftest.$ac_objext - deplibs= - wl=$lt_prog_compiler_wl - pic_flag=$lt_prog_compiler_pic - compiler_flags=-v - linker_flags=-v - verstring= - output_objdir=. - libname=conftest - lt_save_allow_undefined_flag=$allow_undefined_flag - allow_undefined_flag= - if { (eval echo "$as_me:$LINENO: \"$archive_cmds 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\"") >&5 - (eval $archive_cmds 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5 + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } 2>conftest.err; then + soname=conftest + lib=conftest + libobjs=conftest.$ac_objext + deplibs= + wl=$lt_prog_compiler_wl + pic_flag=$lt_prog_compiler_pic + compiler_flags=-v + linker_flags=-v + verstring= + output_objdir=. + libname=conftest + lt_save_allow_undefined_flag=$allow_undefined_flag + allow_undefined_flag= + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5 + (eval $archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - then - archive_cmds_need_lc=no - else - archive_cmds_need_lc=yes - fi - allow_undefined_flag=$lt_save_allow_undefined_flag - else - cat conftest.err 1>&5 - fi - $rm conftest* - { echo "$as_me:$LINENO: result: $archive_cmds_need_lc" >&5 -echo "${ECHO_T}$archive_cmds_need_lc" >&6; } + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + then + lt_cv_archive_cmds_need_lc=no + else + lt_cv_archive_cmds_need_lc=yes + fi + allow_undefined_flag=$lt_save_allow_undefined_flag + else + cat conftest.err 1>&5 + fi + $RM conftest* + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc" >&5 +$as_echo "$lt_cv_archive_cmds_need_lc" >&6; } + archive_cmds_need_lc=$lt_cv_archive_cmds_need_lc ;; esac fi ;; esac -{ echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5 -echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; } + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5 +$as_echo_n "checking dynamic linker characteristics... " >&6; } + +if test "$GCC" = yes; then + case $host_os in + darwin*) lt_awk_arg="/^libraries:/,/LR/" ;; + *) lt_awk_arg="/^libraries:/" ;; + esac + case $host_os in + mingw* | cegcc*) lt_sed_strip_eq="s,=\([A-Za-z]:\),\1,g" ;; + *) lt_sed_strip_eq="s,=/,/,g" ;; + esac + lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq` + case $lt_search_path_spec in + *\;*) + # if the path contains ";" then we assume it to be the separator + # otherwise default to the standard path separator (i.e. ":") - it is + # assumed that no part of a normal pathname contains ";" but that should + # okay in the real world where ";" in dirpaths is itself problematic. + lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'` + ;; + *) + lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"` + ;; + esac + # Ok, now we have the path, separated by spaces, we can step through it + # and add multilib dir if necessary. + lt_tmp_lt_search_path_spec= + lt_multi_os_dir=`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null` + for lt_sys_path in $lt_search_path_spec; do + if test -d "$lt_sys_path/$lt_multi_os_dir"; then + lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path/$lt_multi_os_dir" + else + test -d "$lt_sys_path" && \ + lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path" + fi + done + lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk ' +BEGIN {RS=" "; FS="/|\n";} { + lt_foo=""; + lt_count=0; + for (lt_i = NF; lt_i > 0; lt_i--) { + if ($lt_i != "" && $lt_i != ".") { + if ($lt_i == "..") { + lt_count++; + } else { + if (lt_count == 0) { + lt_foo="/" $lt_i lt_foo; + } else { + lt_count--; + } + } + } + } + if (lt_foo != "") { lt_freq[lt_foo]++; } + if (lt_freq[lt_foo] == 1) { print lt_foo; } +}'` + # AWK program above erroneously prepends '/' to C:/dos/paths + # for these hosts. + case $host_os in + mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\ + $SED 's,/\([A-Za-z]:\),\1,g'` ;; + esac + sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP` +else + sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" +fi library_names_spec= libname_spec='lib$name' soname_spec= @@ -9529,20 +10331,6 @@ shlibpath_overrides_runpath=unknown version_type=none dynamic_linker="$host_os ld.so" sys_lib_dlsearch_path_spec="/lib /usr/lib" -if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then - # if the path contains ";" then we assume it to be the separator - # otherwise default to the standard path separator (i.e. ":") - it is - # assumed that no part of a normal pathname contains ";" but that should - # okay in the real world where ";" in dirpaths is itself problematic. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi -else - sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" -fi need_lib_prefix=unknown hardcode_into_libs=no @@ -9560,7 +10348,7 @@ aix3*) soname_spec='${libname}${release}${shared_ext}$major' ;; -aix4* | aix5*) +aix[4-9]*) version_type=linux need_lib_prefix=no need_version=no @@ -9579,7 +10367,7 @@ aix4* | aix5*) aix4 | aix4.[01] | aix4.[01].*) if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' echo ' yes ' - echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then + echo '#endif'; } | ${CC} -E - | $GREP yes > /dev/null; then : else can_build_shared=no @@ -9605,9 +10393,18 @@ aix4* | aix5*) ;; amigaos*) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' + case $host_cpu in + powerpc) + # Since July 2007 AmigaOS4 officially supports .so libraries. + # When compiling the executable, add -use-dynld -Lsobjs: to the compileline. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + ;; + m68k) + library_names_spec='$libname.ixlibrary $libname.a' + # Create ${libname}_ixlibrary.a entries in /sys/libs. + finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' + ;; + esac ;; beos*) @@ -9630,61 +10427,112 @@ bsdi[45]*) # libtool to hard-code these into programs ;; -cygwin* | mingw* | pw32*) +cygwin* | mingw* | pw32* | cegcc*) version_type=windows shrext_cmds=".dll" need_version=no need_lib_prefix=no - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32*) + case $GCC,$cc_basename in + yes,*) + # gcc library_names_spec='$libname.dll.a' # DLL is installed to $(libdir)/../bin by postinstall_cmds postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~ + dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ dldir=$destdir/`dirname \$dlpath`~ test -d \$dldir || mkdir -p \$dldir~ $install_prog $dir/$dlname \$dldir/$dlname~ - chmod a+x \$dldir/$dlname' + chmod a+x \$dldir/$dlname~ + if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then + eval '\''$striplib \$dldir/$dlname'\'' || exit \$?; + fi' postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ dlpath=$dir/\$dldll~ - $rm \$dlpath' + $RM \$dlpath' shlibpath_overrides_runpath=yes case $host_os in cygwin*) # Cygwin DLLs use 'cyg' prefix rather than 'lib' soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib" + + sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api" ;; - mingw*) + mingw* | cegcc*) # MinGW DLLs use traditional 'lib' prefix soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';[c-zC-Z]:/' >/dev/null; then - # It is most probably a Windows format PATH printed by - # mingw gcc, but we are running on Cygwin. Gcc prints its search - # path with ; separators, and with drive letters. We can handle the - # drive letters (cygwin fileutils understands them), so leave them, - # especially as we might pass files found there to a mingw objdump, - # which wouldn't understand a cygwinified path. Ahh. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi ;; pw32*) # pw32 DLLs use 'pw' prefix rather than 'lib' library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' ;; esac + dynamic_linker='Win32 ld.exe' + ;; + + *,cl*) + # Native MSVC + libname_spec='$name' + soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' + library_names_spec='${libname}.dll.lib' + + case $build_os in + mingw*) + sys_lib_search_path_spec= + lt_save_ifs=$IFS + IFS=';' + for lt_path in $LIB + do + IFS=$lt_save_ifs + # Let DOS variable expansion print the short 8.3 style file name. + lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"` + sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path" + done + IFS=$lt_save_ifs + # Convert to MSYS style. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` + ;; + cygwin*) + # Convert to unix form, then to dos form, then back to unix form + # but this time dos style (no spaces!) so that the unix form looks + # like /cygdrive/c/PROGRA~1:/cygdr... + sys_lib_search_path_spec=`cygpath --path --unix "$LIB"` + sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null` + sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + ;; + *) + sys_lib_search_path_spec="$LIB" + if $ECHO "$sys_lib_search_path_spec" | $GREP ';[c-zC-Z]:/' >/dev/null; then + # It is most probably a Windows format PATH. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` + else + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + fi + # FIXME: find the short name or the path components, as spaces are + # common. (e.g. "Program Files" -> "PROGRA~1") + ;; + esac + + # DLL is installed to $(libdir)/../bin by postinstall_cmds + postinstall_cmds='base_file=`basename \${file}`~ + dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ + dldir=$destdir/`dirname \$dlpath`~ + test -d \$dldir || mkdir -p \$dldir~ + $install_prog $dir/$dlname \$dldir/$dlname' + postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ + dlpath=$dir/\$dldll~ + $RM \$dlpath' + shlibpath_overrides_runpath=yes + dynamic_linker='Win32 link.exe' ;; *) + # Assume MSVC wrapper library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib' + dynamic_linker='Win32 ld.exe' ;; esac - dynamic_linker='Win32 ld.exe' # FIXME: first we should search . and the directory the executable is in shlibpath_var=PATH ;; @@ -9694,17 +10542,13 @@ darwin* | rhapsody*) version_type=darwin need_lib_prefix=no need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' + library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext' soname_spec='${libname}${release}${major}$shared_ext' shlibpath_overrides_runpath=yes shlibpath_var=DYLD_LIBRARY_PATH shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' - # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. - if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` - else - sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib' - fi + + sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib" sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' ;; @@ -9721,18 +10565,6 @@ freebsd1*) dynamic_linker=no ;; -kfreebsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - freebsd* | dragonfly*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. @@ -9770,7 +10602,7 @@ freebsd* | dragonfly*) shlibpath_overrides_runpath=no hardcode_into_libs=yes ;; - freebsd*) # from 4.6 on + *) # from 4.6 on, and DragonFly shlibpath_overrides_runpath=yes hardcode_into_libs=yes ;; @@ -9787,6 +10619,19 @@ gnu*) hardcode_into_libs=yes ;; +haiku*) + version_type=linux + need_lib_prefix=no + need_version=no + dynamic_linker="$host_os runtime_loader" + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LIBRARY_PATH + shlibpath_overrides_runpath=yes + sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib' + hardcode_into_libs=yes + ;; + hpux9* | hpux10* | hpux11*) # Give a soname corresponding to the major version so that dld.sl refuses to # link against other versions. @@ -9809,18 +10654,18 @@ hpux9* | hpux10* | hpux11*) fi sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; - hppa*64*) - shrext_cmds='.sl' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.sl" - shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - *) + hppa*64*) + shrext_cmds='.sl' + hardcode_into_libs=yes + dynamic_linker="$host_os dld.sl" + shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH + shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" + sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec + ;; + *) shrext_cmds='.sl' dynamic_linker="$host_os dld.sl" shlibpath_var=SHLIB_PATH @@ -9829,11 +10674,13 @@ hpux9* | hpux10* | hpux11*) soname_spec='${libname}${release}${shared_ext}$major' ;; esac - # HP-UX runs *really* slowly unless shared libraries are mode 555. + # HP-UX runs *really* slowly unless shared libraries are mode 555, ... postinstall_cmds='chmod 555 $lib' + # or fails outright, so override atomically: + install_override_mode=555 ;; -interix3*) +interix[3-9]*) version_type=linux need_lib_prefix=no need_version=no @@ -9888,7 +10735,7 @@ linux*oldld* | linux*aout* | linux*coff*) ;; # This must be Linux ELF. -linux*) +linux* | k*bsd*-gnu | kopensolaris*-gnu) version_type=linux need_lib_prefix=no need_version=no @@ -9897,6 +10744,41 @@ linux*) finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=no + + # Some binutils ld are patched to set DT_RUNPATH + if test "${lt_cv_shlibpath_overrides_runpath+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_shlibpath_overrides_runpath=no + save_LDFLAGS=$LDFLAGS + save_libdir=$libdir + eval "libdir=/foo; wl=\"$lt_prog_compiler_wl\"; \ + LDFLAGS=\"\$LDFLAGS $hardcode_libdir_flag_spec\"" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then : + lt_cv_shlibpath_overrides_runpath=yes +fi +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$save_LDFLAGS + libdir=$save_libdir + +fi + + shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath + # This implies no fast_install, which is unacceptable. # Some rework will be needed to allow for fast_install # before this can be enabled. @@ -9904,7 +10786,7 @@ linux*) # Append ld.so.conf contents to the search path if test -f /etc/ld.so.conf; then - lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '` + lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '` sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" fi @@ -9917,23 +10799,11 @@ linux*) dynamic_linker='GNU/Linux ld.so' ;; -knetbsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - netbsd*) version_type=sunos need_lib_prefix=no need_version=no - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' dynamic_linker='NetBSD (a.out) ld.so' @@ -9954,14 +10824,16 @@ newsos6) shlibpath_overrides_runpath=yes ;; -nto-qnx*) - version_type=linux +*nto* | *qnx*) + version_type=qnx need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + dynamic_linker='ldqnx.so' ;; openbsd*) @@ -9970,13 +10842,13 @@ openbsd*) need_lib_prefix=no # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. case $host_os in - openbsd3.3 | openbsd3.3.*) need_version=yes ;; - *) need_version=no ;; + openbsd3.3 | openbsd3.3.*) need_version=yes ;; + *) need_version=no ;; esac library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' shlibpath_var=LD_LIBRARY_PATH - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then case $host_os in openbsd2.[89] | openbsd2.[89].*) shlibpath_overrides_runpath=no @@ -10010,6 +10882,10 @@ osf3* | osf4* | osf5*) sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" ;; +rdos*) + dynamic_linker=no + ;; + solaris*) version_type=linux need_lib_prefix=no @@ -10044,7 +10920,6 @@ sysv4 | sysv4.3*) sni) shlibpath_overrides_runpath=no need_lib_prefix=no - export_dynamic_flag_spec='${wl}-Blargedynsym' runpath_var=LD_RUN_PATH ;; siemens) @@ -10075,13 +10950,12 @@ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes hardcode_into_libs=yes if test "$with_gnu_ld" = yes; then sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' - shlibpath_overrides_runpath=no else sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' - shlibpath_overrides_runpath=yes case $host_os in sco3.2v5*) sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" @@ -10091,6 +10965,17 @@ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) sys_lib_dlsearch_path_spec='/usr/lib' ;; +tpf*) + # TPF is a cross-target only. Preferred cross-host = GNU/Linux. + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + ;; + uts4*) version_type=linux library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -10102,8 +10987,8 @@ uts4*) dynamic_linker=no ;; esac -{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5 -echo "${ECHO_T}$dynamic_linker" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $dynamic_linker" >&5 +$as_echo "$dynamic_linker" >&6; } test "$dynamic_linker" = no && can_build_shared=no variables_saved_for_relink="PATH $shlibpath_var $runpath_var" @@ -10111,19 +10996,117 @@ if test "$GCC" = yes; then variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" fi -{ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 -echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; } +if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then + sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" +fi +if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then + sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" +fi + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5 +$as_echo_n "checking how to hardcode library paths into programs... " >&6; } hardcode_action= -if test -n "$hardcode_libdir_flag_spec" || \ - test -n "$runpath_var" || \ +if test -n "$hardcode_libdir_flag_spec" || + test -n "$runpath_var" || test "X$hardcode_automatic" = "Xyes" ; then - # We can hardcode non-existant directories. + # We can hardcode non-existent directories. if test "$hardcode_direct" != no && # If the only mechanism to avoid hardcoding is shlibpath_var, we # have to relink, otherwise we might link with an installed library # when we should be linking with a yet-to-be-installed one - ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, )" != no && + ## test "$_LT_TAGVAR(hardcode_shlibpath_var, )" != no && test "$hardcode_minus_L" != no; then # Linking always hardcodes the temporary library directory. hardcode_action=relink @@ -10136,10 +11119,11 @@ else # directories. hardcode_action=unsupported fi -{ echo "$as_me:$LINENO: result: $hardcode_action" >&5 -echo "${ECHO_T}$hardcode_action" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $hardcode_action" >&5 +$as_echo "$hardcode_action" >&6; } -if test "$hardcode_action" = relink; then +if test "$hardcode_action" = relink || + test "$inherit_rpath" = yes; then # Fast installation is not supported enable_fast_install=no elif test "$shlibpath_overrides_runpath" = yes || @@ -10148,36 +11132,12 @@ elif test "$shlibpath_overrides_runpath" = yes || enable_fast_install=needless fi -striplib= -old_striplib= -{ echo "$as_me:$LINENO: checking whether stripping libraries is possible" >&5 -echo $ECHO_N "checking whether stripping libraries is possible... $ECHO_C" >&6; } -if test -n "$STRIP" && $STRIP -V 2>&1 | grep "GNU strip" >/dev/null; then - test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" - test -z "$striplib" && striplib="$STRIP --strip-unneeded" - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } -else -# FIXME - insert some real tests, host_os isn't really good enough - case $host_os in - darwin*) - if test -n "$STRIP" ; then - striplib="$STRIP -x" - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - ;; - *) - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - esac -fi -if test "x$enable_dlopen" != xyes; then + + + + + if test "x$enable_dlopen" != xyes; then enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown @@ -10192,30 +11152,26 @@ else lt_cv_dlopen_self=yes ;; - mingw* | pw32*) + mingw* | pw32* | cegcc*) lt_cv_dlopen="LoadLibrary" lt_cv_dlopen_libs= - ;; + ;; cygwin*) lt_cv_dlopen="dlopen" lt_cv_dlopen_libs= - ;; + ;; darwin*) # if libdl is installed we need to link against it - { echo "$as_me:$LINENO: checking for dlopen in -ldl" >&5 -echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6; } -if test "${ac_cv_lib_dl_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 +$as_echo_n "checking for dlopen in -ldl... " >&6; } +if test "${ac_cv_lib_dl_dlopen+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-ldl $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -10233,39 +11189,18 @@ return dlopen (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_dl_dlopen=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dl_dlopen=no + ac_cv_lib_dl_dlopen=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dl_dlopen" >&5 -echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6; } -if test $ac_cv_lib_dl_dlopen = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 +$as_echo "$ac_cv_lib_dl_dlopen" >&6; } +if test "x$ac_cv_lib_dl_dlopen" = x""yes; then : lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl" else @@ -10275,105 +11210,21 @@ else fi - ;; + ;; *) - { echo "$as_me:$LINENO: checking for shl_load" >&5 -echo $ECHO_N "checking for shl_load... $ECHO_C" >&6; } -if test "${ac_cv_func_shl_load+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define shl_load to an innocuous variant, in case declares shl_load. - For example, HP-UX 11i declares gettimeofday. */ -#define shl_load innocuous_shl_load - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char shl_load (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef shl_load - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char shl_load (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_shl_load || defined __stub___shl_load -choke me -#endif - -int -main () -{ -return shl_load (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_shl_load=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_shl_load=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_shl_load" >&5 -echo "${ECHO_T}$ac_cv_func_shl_load" >&6; } -if test $ac_cv_func_shl_load = yes; then + ac_fn_c_check_func "$LINENO" "shl_load" "ac_cv_func_shl_load" +if test "x$ac_cv_func_shl_load" = x""yes; then : lt_cv_dlopen="shl_load" else - { echo "$as_me:$LINENO: checking for shl_load in -ldld" >&5 -echo $ECHO_N "checking for shl_load in -ldld... $ECHO_C" >&6; } -if test "${ac_cv_lib_dld_shl_load+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for shl_load in -ldld" >&5 +$as_echo_n "checking for shl_load in -ldld... " >&6; } +if test "${ac_cv_lib_dld_shl_load+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-ldld $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -10391,137 +11242,32 @@ return shl_load (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_dld_shl_load=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dld_shl_load=no + ac_cv_lib_dld_shl_load=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dld_shl_load" >&5 -echo "${ECHO_T}$ac_cv_lib_dld_shl_load" >&6; } -if test $ac_cv_lib_dld_shl_load = yes; then - lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-dld" +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_shl_load" >&5 +$as_echo "$ac_cv_lib_dld_shl_load" >&6; } +if test "x$ac_cv_lib_dld_shl_load" = x""yes; then : + lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld" else - { echo "$as_me:$LINENO: checking for dlopen" >&5 -echo $ECHO_N "checking for dlopen... $ECHO_C" >&6; } -if test "${ac_cv_func_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define dlopen to an innocuous variant, in case declares dlopen. - For example, HP-UX 11i declares gettimeofday. */ -#define dlopen innocuous_dlopen - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char dlopen (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef dlopen - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlopen (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_dlopen || defined __stub___dlopen -choke me -#endif - -int -main () -{ -return dlopen (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_dlopen=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_dlopen=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_dlopen" >&5 -echo "${ECHO_T}$ac_cv_func_dlopen" >&6; } -if test $ac_cv_func_dlopen = yes; then + ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen" +if test "x$ac_cv_func_dlopen" = x""yes; then : lt_cv_dlopen="dlopen" else - { echo "$as_me:$LINENO: checking for dlopen in -ldl" >&5 -echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6; } -if test "${ac_cv_lib_dl_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 +$as_echo_n "checking for dlopen in -ldl... " >&6; } +if test "${ac_cv_lib_dl_dlopen+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-ldl $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -10539,53 +11285,28 @@ return dlopen (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_dl_dlopen=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dl_dlopen=no + ac_cv_lib_dl_dlopen=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dl_dlopen" >&5 -echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6; } -if test $ac_cv_lib_dl_dlopen = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 +$as_echo "$ac_cv_lib_dl_dlopen" >&6; } +if test "x$ac_cv_lib_dl_dlopen" = x""yes; then : lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl" else - { echo "$as_me:$LINENO: checking for dlopen in -lsvld" >&5 -echo $ECHO_N "checking for dlopen in -lsvld... $ECHO_C" >&6; } -if test "${ac_cv_lib_svld_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -lsvld" >&5 +$as_echo_n "checking for dlopen in -lsvld... " >&6; } +if test "${ac_cv_lib_svld_dlopen+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lsvld $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -10603,53 +11324,28 @@ return dlopen (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_svld_dlopen=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_svld_dlopen=no + ac_cv_lib_svld_dlopen=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_svld_dlopen" >&5 -echo "${ECHO_T}$ac_cv_lib_svld_dlopen" >&6; } -if test $ac_cv_lib_svld_dlopen = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_svld_dlopen" >&5 +$as_echo "$ac_cv_lib_svld_dlopen" >&6; } +if test "x$ac_cv_lib_svld_dlopen" = x""yes; then : lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld" else - { echo "$as_me:$LINENO: checking for dld_link in -ldld" >&5 -echo $ECHO_N "checking for dld_link in -ldld... $ECHO_C" >&6; } -if test "${ac_cv_lib_dld_dld_link+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dld_link in -ldld" >&5 +$as_echo_n "checking for dld_link in -ldld... " >&6; } +if test "${ac_cv_lib_dld_dld_link+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-ldld $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -10667,40 +11363,19 @@ return dld_link (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_dld_dld_link=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dld_dld_link=no + ac_cv_lib_dld_dld_link=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dld_dld_link" >&5 -echo "${ECHO_T}$ac_cv_lib_dld_dld_link" >&6; } -if test $ac_cv_lib_dld_dld_link = yes; then - lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld" +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_dld_link" >&5 +$as_echo "$ac_cv_lib_dld_dld_link" >&6; } +if test "x$ac_cv_lib_dld_dld_link" = x""yes; then : + lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld" fi @@ -10738,18 +11413,18 @@ fi save_LIBS="$LIBS" LIBS="$lt_cv_dlopen_libs $LIBS" - { echo "$as_me:$LINENO: checking whether a program can dlopen itself" >&5 -echo $ECHO_N "checking whether a program can dlopen itself... $ECHO_C" >&6; } -if test "${lt_cv_dlopen_self+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a program can dlopen itself" >&5 +$as_echo_n "checking whether a program can dlopen itself... " >&6; } +if test "${lt_cv_dlopen_self+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : lt_cv_dlopen_self=cross else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown - cat > conftest.$ac_ext < conftest.$ac_ext <<_LT_EOF +#line $LINENO "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -10790,11 +11465,13 @@ else # endif #endif -#ifdef __cplusplus -extern "C" void exit (int); +/* When -fvisbility=hidden is used, assume the code has been annotated + correspondingly for the symbols needed. */ +#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) +int fnord () __attribute__((visibility("default"))); #endif -void fnord() { int i=42;} +int fnord () { return 42; } int main () { void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); @@ -10803,20 +11480,24 @@ int main () if (self) { if (dlsym (self,"fnord")) status = $lt_dlno_uscore; - else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; + else + { + if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; + else puts (dlerror ()); + } /* dlclose (self); */ } else puts (dlerror ()); - exit (status); + return status; } -EOF - if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 +_LT_EOF + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && test -s conftest${ac_exeext} 2>/dev/null; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s conftest${ac_exeext} 2>/dev/null; then (./conftest; exit; ) >&5 2>/dev/null lt_status=$? case x$lt_status in @@ -10833,23 +11514,23 @@ rm -fr conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_dlopen_self" >&5 -echo "${ECHO_T}$lt_cv_dlopen_self" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self" >&5 +$as_echo "$lt_cv_dlopen_self" >&6; } if test "x$lt_cv_dlopen_self" = xyes; then wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\" - { echo "$as_me:$LINENO: checking whether a statically linked program can dlopen itself" >&5 -echo $ECHO_N "checking whether a statically linked program can dlopen itself... $ECHO_C" >&6; } -if test "${lt_cv_dlopen_self_static+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a statically linked program can dlopen itself" >&5 +$as_echo_n "checking whether a statically linked program can dlopen itself... " >&6; } +if test "${lt_cv_dlopen_self_static+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : lt_cv_dlopen_self_static=cross else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown - cat > conftest.$ac_ext < conftest.$ac_ext <<_LT_EOF +#line $LINENO "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -10890,11 +11571,13 @@ else # endif #endif -#ifdef __cplusplus -extern "C" void exit (int); +/* When -fvisbility=hidden is used, assume the code has been annotated + correspondingly for the symbols needed. */ +#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) +int fnord () __attribute__((visibility("default"))); #endif -void fnord() { int i=42;} +int fnord () { return 42; } int main () { void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); @@ -10903,20 +11586,24 @@ int main () if (self) { if (dlsym (self,"fnord")) status = $lt_dlno_uscore; - else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; + else + { + if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; + else puts (dlerror ()); + } /* dlclose (self); */ } else puts (dlerror ()); - exit (status); + return status; } -EOF - if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 +_LT_EOF + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && test -s conftest${ac_exeext} 2>/dev/null; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s conftest${ac_exeext} 2>/dev/null; then (./conftest; exit; ) >&5 2>/dev/null lt_status=$? case x$lt_status in @@ -10933,8 +11620,8 @@ rm -fr conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_dlopen_self_static" >&5 -echo "${ECHO_T}$lt_cv_dlopen_self_static" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self_static" >&5 +$as_echo "$lt_cv_dlopen_self_static" >&6; } fi CPPFLAGS="$save_CPPFLAGS" @@ -10955,524 +11642,103 @@ echo "${ECHO_T}$lt_cv_dlopen_self_static" >&6; } fi -# Report which library types will actually be built -{ echo "$as_me:$LINENO: checking if libtool supports shared libraries" >&5 -echo $ECHO_N "checking if libtool supports shared libraries... $ECHO_C" >&6; } -{ echo "$as_me:$LINENO: result: $can_build_shared" >&5 -echo "${ECHO_T}$can_build_shared" >&6; } -{ echo "$as_me:$LINENO: checking whether to build shared libraries" >&5 -echo $ECHO_N "checking whether to build shared libraries... $ECHO_C" >&6; } -test "$can_build_shared" = "no" && enable_shared=no -# On AIX, shared libraries and static libraries use the same namespace, and -# are all built from PIC. -case $host_os in -aix3*) - test "$enable_shared" = yes && enable_static=no - if test -n "$RANLIB"; then - archive_cmds="$archive_cmds~\$RANLIB \$lib" - postinstall_cmds='$RANLIB $lib' - fi - ;; -aix4* | aix5*) - if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then - test "$enable_shared" = yes && enable_static=no - fi + + + + + + + + + + + + +striplib= +old_striplib= +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stripping libraries is possible" >&5 +$as_echo_n "checking whether stripping libraries is possible... " >&6; } +if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then + test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" + test -z "$striplib" && striplib="$STRIP --strip-unneeded" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else +# FIXME - insert some real tests, host_os isn't really good enough + case $host_os in + darwin*) + if test -n "$STRIP" ; then + striplib="$STRIP -x" + old_striplib="$STRIP -S" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + fi ;; -esac -{ echo "$as_me:$LINENO: result: $enable_shared" >&5 -echo "${ECHO_T}$enable_shared" >&6; } - -{ echo "$as_me:$LINENO: checking whether to build static libraries" >&5 -echo $ECHO_N "checking whether to build static libraries... $ECHO_C" >&6; } -# Make sure either enable_shared or enable_static is yes. -test "$enable_shared" = yes || enable_static=yes -{ echo "$as_me:$LINENO: result: $enable_static" >&5 -echo "${ECHO_T}$enable_static" >&6; } - -# The else clause should only fire when bootstrapping the -# libtool distribution, otherwise you forgot to ship ltmain.sh -# with your package, and you will get complaints that there are -# no rules to generate ltmain.sh. -if test -f "$ltmain"; then - # See if we are running on zsh, and set the options which allow our commands through - # without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - # Now quote all the things that may contain metacharacters while being - # careful not to overquote the AC_SUBSTed values. We take copies of the - # variables and quote the copies for generation of the libtool script. - for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \ - SED SHELL STRIP \ - libname_spec library_names_spec soname_spec extract_expsyms_cmds \ - old_striplib striplib file_magic_cmd finish_cmds finish_eval \ - deplibs_check_method reload_flag reload_cmds need_locks \ - lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \ - lt_cv_sys_global_symbol_to_c_name_address \ - sys_lib_search_path_spec sys_lib_dlsearch_path_spec \ - old_postinstall_cmds old_postuninstall_cmds \ - compiler \ - CC \ - LD \ - lt_prog_compiler_wl \ - lt_prog_compiler_pic \ - lt_prog_compiler_static \ - lt_prog_compiler_no_builtin_flag \ - export_dynamic_flag_spec \ - thread_safe_flag_spec \ - whole_archive_flag_spec \ - enable_shared_with_static_runtimes \ - old_archive_cmds \ - old_archive_from_new_cmds \ - predep_objects \ - postdep_objects \ - predeps \ - postdeps \ - compiler_lib_search_path \ - archive_cmds \ - archive_expsym_cmds \ - postinstall_cmds \ - postuninstall_cmds \ - old_archive_from_expsyms_cmds \ - allow_undefined_flag \ - no_undefined_flag \ - export_symbols_cmds \ - hardcode_libdir_flag_spec \ - hardcode_libdir_flag_spec_ld \ - hardcode_libdir_separator \ - hardcode_automatic \ - module_cmds \ - module_expsym_cmds \ - lt_cv_prog_compiler_c_o \ - exclude_expsyms \ - include_expsyms; do - - case $var in - old_archive_cmds | \ - old_archive_from_new_cmds | \ - archive_cmds | \ - archive_expsym_cmds | \ - module_cmds | \ - module_expsym_cmds | \ - old_archive_from_expsyms_cmds | \ - export_symbols_cmds | \ - extract_expsyms_cmds | reload_cmds | finish_cmds | \ - postinstall_cmds | postuninstall_cmds | \ - old_postinstall_cmds | old_postuninstall_cmds | \ - sys_lib_search_path_spec | sys_lib_dlsearch_path_spec) - # Double-quote double-evaled strings. - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\"" - ;; - *) - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\"" - ;; - esac - done - - case $lt_echo in - *'\$0 --fallback-echo"') - lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'` + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; esac +fi -cfgfile="${ofile}T" - trap "$rm \"$cfgfile\"; exit 1" 1 2 15 - $rm -f "$cfgfile" - { echo "$as_me:$LINENO: creating $ofile" >&5 -echo "$as_me: creating $ofile" >&6;} - cat <<__EOF__ >> "$cfgfile" -#! $SHELL -# `$echo "$cfgfile" | sed 's%^.*/%%'` - Provide generalized library-building support services. -# Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP) -# NOTE: Changes made to this file will be lost: look at ltmain.sh. -# -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001 -# Free Software Foundation, Inc. -# -# This file is part of GNU Libtool: -# Originally by Gordon Matzigkeit , 1996 -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. -# A sed program that does not truncate output. -SED=$lt_SED -# Sed that helps us avoid accidentally triggering echo(1) options like -n. -Xsed="$SED -e 1s/^X//" -# The HP-UX ksh and POSIX shell print the target directory to stdout -# if CDPATH is set. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH -# The names of the tagged configurations supported by this script. -available_tags= -# ### BEGIN LIBTOOL CONFIG -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$archive_cmds_need_lc - -# Whether or not to disallow shared libs when runtime libs are static -allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# An echo program that does not interpret backslashes. -echo=$lt_echo - -# The archiver. -AR=$lt_AR -AR_FLAGS=$lt_AR_FLAGS - -# A C compiler. -LTCC=$lt_LTCC - -# LTCC compiler flags. -LTCFLAGS=$lt_LTCFLAGS - -# A language-specific compiler. -CC=$lt_compiler - -# Is the compiler the GNU C compiler? -with_gcc=$GCC - -# An ERE matcher. -EGREP=$lt_EGREP - -# The linker used to build libraries. -LD=$lt_LD - -# Whether we need hard or soft links. -LN_S=$lt_LN_S - -# A BSD-compatible nm program. -NM=$lt_NM - -# A symbol stripping program -STRIP=$lt_STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl - -# Object file suffix (normally "o"). -objext="$ac_objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Shared library suffix (normally ".so"). -shrext_cmds='$shrext_cmds' - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$lt_lt_prog_compiler_pic -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$lt_cv_sys_max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_lt_cv_prog_compiler_c_o - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_lt_prog_compiler_static - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_export_dynamic_flag_spec - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_whole_archive_flag_spec - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$lt_thread_safe_flag_spec - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$lt_RANLIB -old_archive_cmds=$lt_old_archive_cmds -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_old_archive_from_new_cmds - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds - -# Commands used to build and install a shared archive. -archive_cmds=$lt_archive_cmds -archive_expsym_cmds=$lt_archive_expsym_cmds -postinstall_cmds=$lt_postinstall_cmds -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to build a loadable module (assumed same as above if empty) -module_cmds=$lt_module_cmds -module_expsym_cmds=$lt_module_expsym_cmds - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$lt_predep_objects - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$lt_postdep_objects - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$lt_predeps - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$lt_postdeps - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$lt_compiler_lib_search_path - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$lt_file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_allow_undefined_flag - -# Flag that forces no undefined symbols. -no_undefined_flag=$lt_no_undefined_flag - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$lt_finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec - -# If ld is used when linking, flag to hardcode \$libdir into -# a binary during linking. This must work even if \$libdir does -# not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$lt_hardcode_libdir_separator - -# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$hardcode_direct - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$hardcode_minus_L - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var - -# Set to yes if building a shared library automatically hardcodes DIR into the library -# and all subsequent libraries and executables linked against it. -hardcode_automatic=$hardcode_automatic - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$fix_srcfile_path" - -# Set to yes if exported symbols are required. -always_export_symbols=$always_export_symbols - -# The commands to list exported symbols. -export_symbols_cmds=$lt_export_symbols_cmds - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_exclude_expsyms - -# Symbols that must always be exported. -include_expsyms=$lt_include_expsyms - -# ### END LIBTOOL CONFIG - -__EOF__ + # Report which library types will actually be built + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if libtool supports shared libraries" >&5 +$as_echo_n "checking if libtool supports shared libraries... " >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $can_build_shared" >&5 +$as_echo "$can_build_shared" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build shared libraries" >&5 +$as_echo_n "checking whether to build shared libraries... " >&6; } + test "$can_build_shared" = "no" && enable_shared=no + # On AIX, shared libraries and static libraries use the same namespace, and + # are all built from PIC. case $host_os in aix3*) - cat <<\EOF >> "$cfgfile" + test "$enable_shared" = yes && enable_static=no + if test -n "$RANLIB"; then + archive_cmds="$archive_cmds~\$RANLIB \$lib" + postinstall_cmds='$RANLIB $lib' + fi + ;; -# AIX sometimes has problems with the GCC collect2 program. For some -# reason, if we set the COLLECT_NAMES environment variable, the problems -# vanish in a puff of smoke. -if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES -fi -EOF + aix[4-9]*) + if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then + test "$enable_shared" = yes && enable_static=no + fi ;; esac + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_shared" >&5 +$as_echo "$enable_shared" >&6; } + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build static libraries" >&5 +$as_echo_n "checking whether to build static libraries... " >&6; } + # Make sure either enable_shared or enable_static is yes. + test "$enable_shared" = yes || enable_static=yes + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_static" >&5 +$as_echo "$enable_static" >&6; } + - # We use sed instead of cat because bash on DJGPP gets confused if - # if finds mixed CR/LF and LF-only lines. Since sed operates in - # text mode, it properly converts lines to CR/LF. This bash problem - # is reportedly fixed, but why not run on old versions too? - sed '$q' "$ltmain" >> "$cfgfile" || (rm -f "$cfgfile"; exit 1) - mv -f "$cfgfile" "$ofile" || \ - (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") - chmod +x "$ofile" -else - # If there is no Makefile yet, we rely on a make rule to execute - # `config.status --recheck' to rerun these tests and create the - # libtool script then. - ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'` - if test -f "$ltmain_in"; then - test -f Makefile && make "$ltmain" - fi fi - - ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' @@ -11482,8715 +11748,996 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu CC="$lt_save_CC" -# Check whether --with-tags was given. -if test "${with_tags+set}" = set; then - withval=$with_tags; tagnames="$withval" + + + + + + + + + + + + ac_config_commands="$ac_config_commands libtool" + + + + +# Only expand once: + + + + + +test "$sysconfdir" = '${prefix}/etc' && sysconfdir='/etc' +test "$localstatedir" = '${prefix}/var' && localstatedir='/var/heimdal' + + +CANONICAL_HOST=$host + + +# Check whether --enable-largefile was given. +if test "${enable_largefile+set}" = set; then : + enableval=$enable_largefile; fi +if test "$enable_largefile" != no; then -if test -f "$ltmain" && test -n "$tagnames"; then - if test ! -f "${ofile}"; then - { echo "$as_me:$LINENO: WARNING: output file \`$ofile' does not exist" >&5 -echo "$as_me: WARNING: output file \`$ofile' does not exist" >&2;} - fi - - if test -z "$LTCC"; then - eval "`$SHELL ${ofile} --config | grep '^LTCC='`" - if test -z "$LTCC"; then - { echo "$as_me:$LINENO: WARNING: output file \`$ofile' does not look like a libtool script" >&5 -echo "$as_me: WARNING: output file \`$ofile' does not look like a libtool script" >&2;} - else - { echo "$as_me:$LINENO: WARNING: using \`LTCC=$LTCC', extracted from \`$ofile'" >&5 -echo "$as_me: WARNING: using \`LTCC=$LTCC', extracted from \`$ofile'" >&2;} - fi - fi - if test -z "$LTCFLAGS"; then - eval "`$SHELL ${ofile} --config | grep '^LTCFLAGS='`" - fi - - # Extract list of available tagged configurations in $ofile. - # Note that this assumes the entire list is on one line. - available_tags=`grep "^available_tags=" "${ofile}" | $SED -e 's/available_tags=\(.*$\)/\1/' -e 's/\"//g'` - - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for tagname in $tagnames; do - IFS="$lt_save_ifs" - # Check whether tagname contains only valid characters - case `$echo "X$tagname" | $Xsed -e 's:[-_ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890,/]::g'` in - "") ;; - *) { { echo "$as_me:$LINENO: error: invalid tag name: $tagname" >&5 -echo "$as_me: error: invalid tag name: $tagname" >&2;} - { (exit 1); exit 1; }; } - ;; - esac - - if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$" < "${ofile}" > /dev/null - then - { { echo "$as_me:$LINENO: error: tag name \"$tagname\" already exists" >&5 -echo "$as_me: error: tag name \"$tagname\" already exists" >&2;} - { (exit 1); exit 1; }; } - fi - - # Update the list of available tags. - if test -n "$tagname"; then - echo appending configuration tag \"$tagname\" to $ofile - - case $tagname in - CXX) - if test -n "$CXX" && ( test "X$CXX" != "Xno" && - ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || - (test "X$CXX" != "Xg++"))) ; then - ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu - - - - -archive_cmds_need_lc_CXX=no -allow_undefined_flag_CXX= -always_export_symbols_CXX=no -archive_expsym_cmds_CXX= -export_dynamic_flag_spec_CXX= -hardcode_direct_CXX=no -hardcode_libdir_flag_spec_CXX= -hardcode_libdir_flag_spec_ld_CXX= -hardcode_libdir_separator_CXX= -hardcode_minus_L_CXX=no -hardcode_shlibpath_var_CXX=unsupported -hardcode_automatic_CXX=no -module_cmds_CXX= -module_expsym_cmds_CXX= -link_all_deplibs_CXX=unknown -old_archive_cmds_CXX=$old_archive_cmds -no_undefined_flag_CXX= -whole_archive_flag_spec_CXX= -enable_shared_with_static_runtimes_CXX=no - -# Dependencies to place before and after the object being linked: -predep_objects_CXX= -postdep_objects_CXX= -predeps_CXX= -postdeps_CXX= -compiler_lib_search_path_CXX= - -# Source file extension for C++ test sources. -ac_ext=cpp - -# Object file extension for compiled C++ test sources. -objext=o -objext_CXX=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="int some_variable = 0;\n" - -# Code to be used in simple link tests -lt_simple_link_test_code='int main(int, char *[]) { return(0); }\n' - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - - -# save warnings/boilerplate of simple test code -ac_outfile=conftest.$ac_objext -printf "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$rm conftest* - -ac_outfile=conftest.$ac_objext -printf "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$rm conftest* - - -# Allow CC to be a program name with arguments. -lt_save_CC=$CC -lt_save_LD=$LD -lt_save_GCC=$GCC -GCC=$GXX -lt_save_with_gnu_ld=$with_gnu_ld -lt_save_path_LD=$lt_cv_path_LD -if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then - lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for special C compiler options needed for large files" >&5 +$as_echo_n "checking for special C compiler options needed for large files... " >&6; } +if test "${ac_cv_sys_largefile_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 else - $as_unset lt_cv_prog_gnu_ld + ac_cv_sys_largefile_CC=no + if test "$GCC" != yes; then + ac_save_CC=$CC + while :; do + # IRIX 6.2 and later do not support large files by default, + # so use the C compiler's -n32 option if that helps. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main () +{ + + ; + return 0; +} +_ACEOF + if ac_fn_c_try_compile "$LINENO"; then : + break fi -if test -n "${lt_cv_path_LDCXX+set}"; then - lt_cv_path_LD=$lt_cv_path_LDCXX +rm -f core conftest.err conftest.$ac_objext + CC="$CC -n32" + if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_sys_largefile_CC=' -n32'; break +fi +rm -f core conftest.err conftest.$ac_objext + break + done + CC=$ac_save_CC + rm -f conftest.$ac_ext + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_largefile_CC" >&5 +$as_echo "$ac_cv_sys_largefile_CC" >&6; } + if test "$ac_cv_sys_largefile_CC" != no; then + CC=$CC$ac_cv_sys_largefile_CC + fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _FILE_OFFSET_BITS value needed for large files" >&5 +$as_echo_n "checking for _FILE_OFFSET_BITS value needed for large files... " >&6; } +if test "${ac_cv_sys_file_offset_bits+set}" = set; then : + $as_echo_n "(cached) " >&6 else - $as_unset lt_cv_path_LD + while :; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_sys_file_offset_bits=no; break fi -test -z "${LDCXX+set}" || LD=$LDCXX -CC=${CXX-"c++"} -compiler=$CC -compiler_CXX=$CC -for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#define _FILE_OFFSET_BITS 64 +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_sys_file_offset_bits=64; break +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_cv_sys_file_offset_bits=unknown + break done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - - -# We don't want -fno-exception wen compiling C++ code, so set the -# no_builtin_flag separately -if test "$GXX" = yes; then - lt_prog_compiler_no_builtin_flag_CXX=' -fno-builtin' -else - lt_prog_compiler_no_builtin_flag_CXX= fi - -if test "$GXX" = yes; then - # Set up default GNU C++ configuration - - -# Check whether --with-gnu-ld was given. -if test "${with_gnu_ld+set}" = set; then - withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes -else - with_gnu_ld=no -fi - -ac_prog=ld -if test "$GCC" = yes; then - # Check if gcc -print-prog-name=ld gives a path. - { echo "$as_me:$LINENO: checking for ld used by $CC" >&5 -echo $ECHO_N "checking for ld used by $CC... $ECHO_C" >&6; } - case $host in - *-*-mingw*) - # gcc leaves a trailing carriage return which upsets mingw - ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_file_offset_bits" >&5 +$as_echo "$ac_cv_sys_file_offset_bits" >&6; } +case $ac_cv_sys_file_offset_bits in #( + no | unknown) ;; *) - ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; - esac - case $ac_prog in - # Accept absolute paths. - [\\/]* | ?:[\\/]*) - re_direlt='/[^/][^/]*/\.\./' - # Canonicalize the pathname of ld - ac_prog=`echo $ac_prog| $SED 's%\\\\%/%g'` - while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do - ac_prog=`echo $ac_prog| $SED "s%$re_direlt%/%"` - done - test -z "$LD" && LD="$ac_prog" - ;; - "") - # If it fails, then pretend we aren't using GCC. - ac_prog=ld - ;; - *) - # If it is relative, then search for the first ld in PATH. - with_gnu_ld=unknown - ;; - esac -elif test "$with_gnu_ld" = yes; then - { echo "$as_me:$LINENO: checking for GNU ld" >&5 -echo $ECHO_N "checking for GNU ld... $ECHO_C" >&6; } -else - { echo "$as_me:$LINENO: checking for non-GNU ld" >&5 -echo $ECHO_N "checking for non-GNU ld... $ECHO_C" >&6; } -fi -if test "${lt_cv_path_LD+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -z "$LD"; then - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then - lt_cv_path_LD="$ac_dir/$ac_prog" - # Check to see if the program is GNU ld. I'd rather use --version, - # but apparently some variants of GNU ld only accept -v. - # Break only if it was the GNU/non-GNU ld that we prefer. - case `"$lt_cv_path_LD" -v 2>&1 &5 -echo "${ECHO_T}$LD" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi -test -z "$LD" && { { echo "$as_me:$LINENO: error: no acceptable ld found in \$PATH" >&5 -echo "$as_me: error: no acceptable ld found in \$PATH" >&2;} - { (exit 1); exit 1; }; } -{ echo "$as_me:$LINENO: checking if the linker ($LD) is GNU ld" >&5 -echo $ECHO_N "checking if the linker ($LD) is GNU ld... $ECHO_C" >&6; } -if test "${lt_cv_prog_gnu_ld+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # I'd rather use --version here, but apparently some GNU lds only accept -v. -case `$LD -v 2>&1 >confdefs.h <<_ACEOF +#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits +_ACEOF +;; esac -fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_gnu_ld" >&5 -echo "${ECHO_T}$lt_cv_prog_gnu_ld" >&6; } -with_gnu_ld=$lt_cv_prog_gnu_ld - - - - # Check if GNU C++ uses GNU ld as the underlying linker, since the - # archiving commands below assume that GNU ld is being used. - if test "$with_gnu_ld" = yes; then - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - - hardcode_libdir_flag_spec_CXX='${wl}--rpath ${wl}$libdir' - export_dynamic_flag_spec_CXX='${wl}--export-dynamic' - - # If archive_cmds runs LD, not CC, wlarc should be empty - # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to - # investigate it a little bit more. (MM) - wlarc='${wl}' - - # ancient GNU ld didn't support --whole-archive et. al. - if eval "`$CC -print-prog-name=ld` --help 2>&1" | \ - grep 'no-whole-archive' > /dev/null; then - whole_archive_flag_spec_CXX="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - whole_archive_flag_spec_CXX= - fi - else - with_gnu_ld=no - wlarc= - - # A generic and very simple default shared library creation - # command for GNU C++ for the case where it uses the native - # linker, instead of GNU ld. If possible, this setting should - # overridden to take advantage of the native linker features on - # the platform it is being used on. - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' - fi - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"' - +rm -rf conftest* + if test $ac_cv_sys_file_offset_bits = unknown; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _LARGE_FILES value needed for large files" >&5 +$as_echo_n "checking for _LARGE_FILES value needed for large files... " >&6; } +if test "${ac_cv_sys_large_files+set}" = set; then : + $as_echo_n "(cached) " >&6 else - GXX=no - with_gnu_ld=no - wlarc= + while :; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_sys_large_files=no; break +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#define _LARGE_FILES 1 +#include + /* Check that off_t can represent 2**63 - 1 correctly. + We can't simply define LARGE_OFF_T to be 9223372036854775807, + since some C++ compilers masquerading as C compilers + incorrectly reject 9223372036854775807. */ +#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) + int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 + && LARGE_OFF_T % 2147483647 == 1) + ? 1 : -1]; +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_sys_large_files=1; break +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_cv_sys_large_files=unknown + break +done +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_large_files" >&5 +$as_echo "$ac_cv_sys_large_files" >&6; } +case $ac_cv_sys_large_files in #( + no | unknown) ;; + *) +cat >>confdefs.h <<_ACEOF +#define _LARGE_FILES $ac_cv_sys_large_files +_ACEOF +;; +esac +rm -rf conftest* + fi fi -# PORTME: fill in a description of your system's C++ link characteristics -{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } -ld_shlibs_CXX=yes -case $host_os in - aix3*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - aix4* | aix5*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - aix_use_runtimelinking=no - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[23]|aix4.[23].*|aix5*) - for ld_flag in $LDFLAGS; do - case $ld_flag in - *-brtl*) - aix_use_runtimelinking=yes - break - ;; - esac +if test "$enable_largefile" != no -a "$ac_cv_sys_large_files" != no; then + CPPFLAGS="$CPPFLAGS -D_LARGE_FILES=$ac_cv_sys_large_files" +fi +if test "$enable_largefile" != no -a "$ac_cv_sys_file_offset_bits" != no; then + CPPFLAGS="$CPPFLAGS -D_FILE_OFFSET_BITS=$ac_cv_sys_file_offset_bits" +fi + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen" >&5 +$as_echo_n "checking for dlopen... " >&6; } +if test "${ac_cv_funclib_dlopen+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +if eval "test \"\$ac_cv_func_dlopen\" != yes" ; then + ac_save_LIBS="$LIBS" + for ac_lib in "" dl; do + case "$ac_lib" in + "") ;; + yes) ac_lib="" ;; + no) continue ;; + -l*) ;; + *) ac_lib="-l$ac_lib" ;; + esac + LIBS=" $ac_lib $ac_save_LIBS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#ifdef HAVE_DLFCN_H +#include +#endif +int +main () +{ +dlopen(0,0) + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + eval "if test -n \"$ac_lib\";then ac_cv_funclib_dlopen=$ac_lib; else ac_cv_funclib_dlopen=yes; fi";break +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done - ;; - esac + eval "ac_cv_funclib_dlopen=\${ac_cv_funclib_dlopen-no}" + LIBS="$ac_save_LIBS" +fi - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi +fi - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - archive_cmds_CXX='' - hardcode_direct_CXX=yes - hardcode_libdir_separator_CXX=':' - link_all_deplibs_CXX=yes +eval "ac_res=\$ac_cv_funclib_dlopen" - if test "$GXX" = yes; then - case $host_os in aix4.[012]|aix4.[012].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null - then - # We have reworked collect2 - hardcode_direct_CXX=yes - else - # We have old collect2 - hardcode_direct_CXX=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - hardcode_minus_L_CXX=yes - hardcode_libdir_flag_spec_CXX='-L$libdir' - hardcode_libdir_separator_CXX= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - always_export_symbols_CXX=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - allow_undefined_flag_CXX='-berok' - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ +if false; then + for ac_func in dlopen +do : + ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen" +if test "x$ac_cv_func_dlopen" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_DLOPEN 1 _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + +fi +done + +fi +# dlopen +eval "ac_tr_func=HAVE_`echo dlopen | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" +eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" +eval "LIB_dlopen=$ac_res" + +case "$ac_res" in + yes) + eval "ac_cv_func_dlopen=yes" + eval "LIB_dlopen=" + cat >>confdefs.h <<_ACEOF +#define $ac_tr_func 1 +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + ;; + no) + eval "ac_cv_func_dlopen=no" + eval "LIB_dlopen=" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + ;; + *) + eval "ac_cv_func_dlopen=yes" + eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" + cat >>confdefs.h <<_ACEOF +#define $ac_tr_func 1 +_ACEOF + + cat >>confdefs.h <<_ACEOF +#define $ac_tr_lib 1 +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } + ;; +esac + + + if test "$ac_cv_funclib_dlopen" != no; then + HAVE_DLOPEN_TRUE= + HAVE_DLOPEN_FALSE='#' +else + HAVE_DLOPEN_TRUE='#' + HAVE_DLOPEN_FALSE= +fi + + + + +aix=no +case "$host" in +*-*-aix3*) + aix=3 + ;; +*-*-aix[4-9]*) + aix=4 + ;; +esac + + if test "$aix" != no; then + AIX_TRUE= + AIX_FALSE='#' +else + AIX_TRUE='#' + AIX_FALSE= +fi + if test "$aix" = 4; then + AIX4_TRUE= + AIX4_FALSE='#' +else + AIX4_TRUE='#' + AIX4_FALSE= +fi + +# Check whether --enable-dynamic-afs was given. +if test "${enable_dynamic_afs+set}" = set; then : + enableval=$enable_dynamic_afs; +fi + + +if test "$aix" != no; then + + +$as_echo "#define NEED_QSORT 1" >>confdefs.h + + + if test "$enable_dynamic_afs" != no; then + + if test "$ac_cv_func_dlopen" = no; then + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for loadquery" >&5 +$as_echo_n "checking for loadquery... " >&6; } +if test "${ac_cv_funclib_loadquery+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +if eval "test \"\$ac_cv_func_loadquery\" != yes" ; then + ac_save_LIBS="$LIBS" + for ac_lib in "" ld; do + case "$ac_lib" in + "") ;; + yes) ac_lib="" ;; + no) continue ;; + -l*) ;; + *) ac_lib="-l$ac_lib" ;; + esac + LIBS=" $ac_lib $ac_save_LIBS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { - +loadquery() ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" +if ac_fn_c_try_link "$LINENO"; then : + eval "if test -n \"$ac_lib\";then ac_cv_funclib_loadquery=$ac_lib; else ac_cv_funclib_loadquery=yes; fi";break +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + done + eval "ac_cv_funclib_loadquery=\${ac_cv_funclib_loadquery-no}" + LIBS="$ac_save_LIBS" +fi + +fi + + +eval "ac_res=\$ac_cv_funclib_loadquery" + +if false; then + for ac_func in loadquery +do : + ac_fn_c_check_func "$LINENO" "loadquery" "ac_cv_func_loadquery" +if test "x$ac_cv_func_loadquery" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LOADQUERY 1 +_ACEOF + +fi +done + +fi +# loadquery +eval "ac_tr_func=HAVE_`echo loadquery | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" +eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" +eval "LIB_loadquery=$ac_res" + +case "$ac_res" in + yes) + eval "ac_cv_func_loadquery=yes" + eval "LIB_loadquery=" + cat >>confdefs.h <<_ACEOF +#define $ac_tr_func 1 +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + ;; + no) + eval "ac_cv_func_loadquery=no" + eval "LIB_loadquery=" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + ;; + *) + eval "ac_cv_func_loadquery=yes" + eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" + cat >>confdefs.h <<_ACEOF +#define $ac_tr_func 1 +_ACEOF + + cat >>confdefs.h <<_ACEOF +#define $ac_tr_lib 1 +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } + ;; +esac + + + fi + if test "$ac_cv_func_dlopen" != no; then + AIX_EXTRA_KAFS='$(LIB_dlopen)' + elif test "$ac_cv_func_loadquery" != no; then + AIX_EXTRA_KAFS='$(LIB_loadquery)' + else + { $as_echo "$as_me:${as_lineno-$LINENO}: not using dynloaded AFS library" >&5 +$as_echo "$as_me: not using dynloaded AFS library" >&6;} + AIX_EXTRA_KAFS= + enable_dynamic_afs=no + fi + else + AIX_EXTRA_KAFS= + fi +fi + + if test "$enable_dynamic_afs" != no; then + AIX_DYNAMIC_AFS_TRUE= + AIX_DYNAMIC_AFS_FALSE='#' +else + AIX_DYNAMIC_AFS_TRUE='#' + AIX_DYNAMIC_AFS_FALSE= +fi + +if test "$aix" != no; then + +$as_echo "#define _ALL_SOURCE 1" >>confdefs.h + +fi + + + + + +irix=no +case "$host" in +*-*-irix*) + irix=yes + ;; +esac + if test "$irix" != no; then + IRIX_TRUE= + IRIX_FALSE='#' +else + IRIX_TRUE='#' + IRIX_FALSE= +fi + + + +sunos=no +case "$host" in +*-*-solaris2.7) + sunos=57 + ;; +*-*-solaris2.[89] | *-*-solaris2.1[0-9]) + sunos=58 + ;; +*-*-solaris2*) + sunos=50 + ;; +esac +if test "$sunos" != no; then + +cat >>confdefs.h <<_ACEOF +#define SunOS $sunos +_ACEOF + +fi + + + +$as_echo "#define _GNU_SOURCE 1" >>confdefs.h + + + + + +for ac_prog in 'bison -y' byacc +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_YACC+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$YACC"; then + ac_cv_prog_YACC="$YACC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_YACC="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +YACC=$ac_cv_prog_YACC +if test -n "$YACC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $YACC" >&5 +$as_echo "$YACC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$YACC" && break +done +test -n "$YACC" || YACC="yacc" + +for ac_prog in flex lex +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_LEX+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$LEX"; then + ac_cv_prog_LEX="$LEX" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_LEX="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +LEX=$ac_cv_prog_LEX +if test -n "$LEX"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LEX" >&5 +$as_echo "$LEX" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$LEX" && break +done +test -n "$LEX" || LEX=":" + +if test "x$LEX" != "x:"; then + cat >conftest.l <<_ACEOF +%% +a { ECHO; } +b { REJECT; } +c { yymore (); } +d { yyless (1); } +e { yyless (input () != 0); } +f { unput (yytext[0]); } +. { BEGIN INITIAL; } +%% +#ifdef YYTEXT_POINTER +extern char *yytext; +#endif +int +main (void) +{ + return ! yylex () + ! yywrap (); +} +_ACEOF +{ { ac_try="$LEX conftest.l" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$LEX conftest.l") 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking lex output file root" >&5 +$as_echo_n "checking lex output file root... " >&6; } +if test "${ac_cv_prog_lex_root+set}" = set; then : + $as_echo_n "(cached) " >&6 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if test -f lex.yy.c; then + ac_cv_prog_lex_root=lex.yy +elif test -f lexyy.c; then + ac_cv_prog_lex_root=lexyy +else + as_fn_error "cannot find output from $LEX; giving up" "$LINENO" 5 +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_lex_root" >&5 +$as_echo "$ac_cv_prog_lex_root" >&6; } +LEX_OUTPUT_ROOT=$ac_cv_prog_lex_root + +if test -z "${LEXLIB+set}"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking lex library" >&5 +$as_echo_n "checking lex library... " >&6; } +if test "${ac_cv_lib_lex+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + + ac_save_LIBS=$LIBS + ac_cv_lib_lex='none needed' + for ac_lib in '' -lfl -ll; do + LIBS="$ac_lib $ac_save_LIBS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +`cat $LEX_OUTPUT_ROOT.c` +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_lex=$ac_lib +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + test "$ac_cv_lib_lex" != 'none needed' && break + done + LIBS=$ac_save_LIBS fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_lex" >&5 +$as_echo "$ac_cv_lib_lex" >&6; } + test "$ac_cv_lib_lex" != 'none needed' && LEXLIB=$ac_cv_lib_lex +fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi - hardcode_libdir_flag_spec_CXX='${wl}-blibpath:$libdir:'"$aix_libpath" - - archive_expsym_cmds_CXX="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - hardcode_libdir_flag_spec_CXX='${wl}-R $libdir:/usr/lib:/lib' - allow_undefined_flag_CXX="-z nodefs" - archive_expsym_cmds_CXX="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether yytext is a pointer" >&5 +$as_echo_n "checking whether yytext is a pointer... " >&6; } +if test "${ac_cv_prog_lex_yytext_pointer+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + # POSIX says lex can declare yytext either as a pointer or an array; the +# default is implementation-dependent. Figure out which it is, since +# not all implementations provide the %pointer and %array declarations. +ac_cv_prog_lex_yytext_pointer=no +ac_save_LIBS=$LIBS +LIBS="$LEXLIB $ac_save_LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#define YYTEXT_POINTER 1 +`cat $LEX_OUTPUT_ROOT.c` _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_prog_lex_yytext_pointer=yes +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_save_LIBS + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_lex_yytext_pointer" >&5 +$as_echo "$ac_cv_prog_lex_yytext_pointer" >&6; } +if test $ac_cv_prog_lex_yytext_pointer = yes; then + +$as_echo "#define YYTEXT_POINTER 1" >>confdefs.h + +fi +rm -f conftest.l $LEX_OUTPUT_ROOT.c + +fi +if test "$LEX" = :; then + LEX=${am_missing_run}flex +fi +for ac_prog in gawk mawk nawk awk +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_AWK+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$AWK"; then + ac_cv_prog_AWK="$AWK" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_AWK="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +AWK=$ac_cv_prog_AWK +if test -n "$AWK"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 +$as_echo "$AWK" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$AWK" && break +done + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ln -s or something else" >&5 +$as_echo_n "checking for ln -s or something else... " >&6; } +if test "${ac_cv_prog_LN_S+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + rm -f conftestdata +if ln -s X conftestdata 2>/dev/null +then + rm -f conftestdata + ac_cv_prog_LN_S="ln -s" +else + touch conftestdata1 + if ln conftestdata1 conftestdata2; then + rm -f conftestdata* + ac_cv_prog_LN_S=ln + else + ac_cv_prog_LN_S=cp + fi +fi +fi +LN_S="$ac_cv_prog_LN_S" +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_LN_S" >&5 +$as_echo "$ac_cv_prog_LN_S" >&6; } + + + + +# Check whether --with-mips_abi was given. +if test "${with_mips_abi+set}" = set; then : + withval=$with_mips_abi; +fi + + +case "$host_os" in +irix*) +with_mips_abi="${with_mips_abi:-yes}" +if test -n "$GCC"; then + +# GCC < 2.8 only supports the O32 ABI. GCC >= 2.8 has a flag to select +# which ABI to use, but only supports (as of 2.8.1) the N32 and 64 ABIs. +# +# Default to N32, but if GCC doesn't grok -mabi=n32, we assume an old +# GCC and revert back to O32. The same goes if O32 is asked for - old +# GCCs doesn't like the -mabi option, and new GCCs can't output O32. +# +# Don't you just love *all* the different SGI ABIs? + +case "${with_mips_abi}" in + 32|o32) abi='-mabi=32'; abilibdirext='' ;; + n32|yes) abi='-mabi=n32'; abilibdirext='32' ;; + 64) abi='-mabi=64'; abilibdirext='64' ;; + no) abi=''; abilibdirext='';; + *) as_fn_error "\"Invalid ABI specified\"" "$LINENO" 5 ;; +esac +if test -n "$abi" ; then +ac_foo=krb_cv_gcc_`echo $abi | tr =- __` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports the $abi option" >&5 +$as_echo_n "checking if $CC supports the $abi option... " >&6; } +if { as_var=$ac_foo; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + +save_CFLAGS="$CFLAGS" +CFLAGS="$CFLAGS $abi" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { - +int x; ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi +if ac_fn_c_try_compile "$LINENO"; then : + eval $ac_foo=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - + eval $ac_foo=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_extCFLAGS="$save_CFLAGS" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi - - hardcode_libdir_flag_spec_CXX='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - no_undefined_flag_CXX=' ${wl}-bernotok' - allow_undefined_flag_CXX=' ${wl}-berok' - # Exported symbols can be pulled into shared objects from archives - whole_archive_flag_spec_CXX='$convenience' - archive_cmds_need_lc_CXX=yes - # This is similar to how AIX traditionally builds its shared libraries. - archive_expsym_cmds_CXX="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - allow_undefined_flag_CXX=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - archive_cmds_CXX='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - ld_shlibs_CXX=no - fi - ;; - - chorus*) - case $cc_basename in - *) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - esac - ;; - - cygwin* | mingw* | pw32*) - # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, CXX) is actually meaningless, - # as there is no search path for DLLs. - hardcode_libdir_flag_spec_CXX='-L$libdir' - allow_undefined_flag_CXX=unsupported - always_export_symbols_CXX=no - enable_shared_with_static_runtimes_CXX=yes - - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - archive_expsym_cmds_CXX='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - ld_shlibs_CXX=no - fi - ;; - darwin* | rhapsody*) - case $host_os in - rhapsody* | darwin1.[012]) - allow_undefined_flag_CXX='${wl}-undefined ${wl}suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag_CXX='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag_CXX='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - ;; - 10.*) - allow_undefined_flag_CXX='${wl}-undefined ${wl}dynamic_lookup' - ;; - esac - fi - ;; - esac - archive_cmds_need_lc_CXX=no - hardcode_direct_CXX=no - hardcode_automatic_CXX=yes - hardcode_shlibpath_var_CXX=unsupported - whole_archive_flag_spec_CXX='' - link_all_deplibs_CXX=yes - - if test "$GXX" = yes ; then - lt_int_apple_cc_single_mod=no - output_verbose_link_cmd='echo' - if $CC -dumpspecs 2>&1 | $EGREP 'single_module' >/dev/null ; then - lt_int_apple_cc_single_mod=yes - fi - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - archive_cmds_CXX='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - else - archive_cmds_CXX='$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - fi - module_cmds_CXX='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - module_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - case $cc_basename in - xlc*) - output_verbose_link_cmd='echo' - archive_cmds_CXX='$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' - module_cmds_CXX='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - ;; - *) - ld_shlibs_CXX=no - ;; - esac - fi - ;; - - dgux*) - case $cc_basename in - ec++*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - ghcx*) - # Green Hills C++ Compiler - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - *) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - esac - ;; - freebsd[12]*) - # C++ shared libraries reported to be fairly broken before switch to ELF - ld_shlibs_CXX=no - ;; - freebsd-elf*) - archive_cmds_need_lc_CXX=no - ;; - freebsd* | kfreebsd*-gnu | dragonfly*) - # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF - # conventions - ld_shlibs_CXX=yes - ;; - gnu*) - ;; - hpux9*) - hardcode_libdir_flag_spec_CXX='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_CXX=: - export_dynamic_flag_spec_CXX='${wl}-E' - hardcode_direct_CXX=yes - hardcode_minus_L_CXX=yes # Not in the search PATH, - # but as the default - # location of the library. - - case $cc_basename in - CC*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - aCC*) - archive_cmds_CXX='$rm $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "[-]L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes; then - archive_cmds_CXX='$rm $output_objdir/$soname~$CC -shared -nostdlib -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - fi - ;; - esac - ;; - hpux10*|hpux11*) - if test $with_gnu_ld = no; then - hardcode_libdir_flag_spec_CXX='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_CXX=: - - case $host_cpu in - hppa*64*|ia64*) - hardcode_libdir_flag_spec_ld_CXX='+b $libdir' - ;; - *) - export_dynamic_flag_spec_CXX='${wl}-E' - ;; - esac - fi - case $host_cpu in - hppa*64*|ia64*) - hardcode_direct_CXX=no - hardcode_shlibpath_var_CXX=no - ;; - *) - hardcode_direct_CXX=yes - hardcode_minus_L_CXX=yes # Not in the search PATH, - # but as the default - # location of the library. - ;; - esac - - case $cc_basename in - CC*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - aCC*) - case $host_cpu in - hppa*64*) - archive_cmds_CXX='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - ia64*) - archive_cmds_CXX='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - *) - archive_cmds_CXX='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - esac - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes; then - if test $with_gnu_ld = no; then - case $host_cpu in - hppa*64*) - archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - ia64*) - archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - *) - archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - esac - fi - else - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - fi - ;; - esac - ;; - interix3*) - hardcode_direct_CXX=no - hardcode_shlibpath_var_CXX=no - hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir' - export_dynamic_flag_spec_CXX='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - archive_cmds_CXX='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - archive_expsym_cmds_CXX='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - irix5* | irix6*) - case $cc_basename in - CC*) - # SGI C++ - archive_cmds_CXX='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - - # Archives containing C++ object files must be created using - # "CC -ar", where "CC" is the IRIX C++ compiler. This is - # necessary to make sure instantiated templates are included - # in the archive. - old_archive_cmds_CXX='$CC -ar -WR,-u -o $oldlib $oldobjs' - ;; - *) - if test "$GXX" = yes; then - if test "$with_gnu_ld" = no; then - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` -o $lib' - fi - fi - link_all_deplibs_CXX=yes - ;; - esac - hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_CXX=: - ;; - linux*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - archive_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - archive_expsym_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib' - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | grep "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - - hardcode_libdir_flag_spec_CXX='${wl}--rpath,$libdir' - export_dynamic_flag_spec_CXX='${wl}--export-dynamic' - - # Archives containing C++ object files must be created using - # "CC -Bstatic", where "CC" is the KAI C++ compiler. - old_archive_cmds_CXX='$CC -Bstatic -o $oldlib $oldobjs' - ;; - icpc*) - # Intel C++ - with_gnu_ld=yes - # version 8.0 and above of icpc choke on multiply defined symbols - # if we add $predep_objects and $postdep_objects, however 7.1 and - # earlier do not add the objects themselves. - case `$CC -V 2>&1` in - *"Version 7."*) - archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - ;; - *) # Version 8.0 or newer - tmp_idyn= - case $host_cpu in - ia64*) tmp_idyn=' -i_dynamic';; - esac - archive_cmds_CXX='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_CXX='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - ;; - esac - archive_cmds_need_lc_CXX=no - hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir' - export_dynamic_flag_spec_CXX='${wl}--export-dynamic' - whole_archive_flag_spec_CXX='${wl}--whole-archive$convenience ${wl}--no-whole-archive' - ;; - pgCC*) - # Portland Group C++ compiler - archive_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib' - archive_expsym_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib' - - hardcode_libdir_flag_spec_CXX='${wl}--rpath ${wl}$libdir' - export_dynamic_flag_spec_CXX='${wl}--export-dynamic' - whole_archive_flag_spec_CXX='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - ;; - cxx*) - # Compaq C++ - archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib ${wl}-retain-symbols-file $wl$export_symbols' - - runpath_var=LD_RUN_PATH - hardcode_libdir_flag_spec_CXX='-rpath $libdir' - hardcode_libdir_separator_CXX=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - esac - ;; - lynxos*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - m88k*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - mvs*) - case $cc_basename in - cxx*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - *) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - esac - ;; - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - archive_cmds_CXX='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags' - wlarc= - hardcode_libdir_flag_spec_CXX='-R$libdir' - hardcode_direct_CXX=yes - hardcode_shlibpath_var_CXX=no - fi - # Workaround some broken pre-1.5 toolchains - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"' - ;; - openbsd2*) - # C++ shared libraries are fairly broken - ld_shlibs_CXX=no - ;; - openbsd*) - hardcode_direct_CXX=yes - hardcode_shlibpath_var_CXX=no - archive_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' - hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir' - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - archive_expsym_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib' - export_dynamic_flag_spec_CXX='${wl}-E' - whole_archive_flag_spec_CXX="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - fi - output_verbose_link_cmd='echo' - ;; - osf3*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - archive_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - - hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir' - hardcode_libdir_separator_CXX=: - - # Archives containing C++ object files must be created using - # "CC -Bstatic", where "CC" is the KAI C++ compiler. - old_archive_cmds_CXX='$CC -Bstatic -o $oldlib $oldobjs' - - ;; - RCC*) - # Rational C++ 2.4.1 - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - cxx*) - allow_undefined_flag_CXX=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_CXX='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && echo ${wl}-set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - - hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_CXX=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - allow_undefined_flag_CXX=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_CXX='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - - hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_CXX=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"' - - else - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - fi - ;; - esac - ;; - osf4* | osf5*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - archive_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - - hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir' - hardcode_libdir_separator_CXX=: - - # Archives containing C++ object files must be created using - # the KAI C++ compiler. - old_archive_cmds_CXX='$CC -o $oldlib $oldobjs' - ;; - RCC*) - # Rational C++ 2.4.1 - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - cxx*) - allow_undefined_flag_CXX=' -expect_unresolved \*' - archive_cmds_CXX='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - archive_expsym_cmds_CXX='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~ - echo "-hidden">> $lib.exp~ - $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname -Wl,-input -Wl,$lib.exp `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~ - $rm $lib.exp' - - hardcode_libdir_flag_spec_CXX='-rpath $libdir' - hardcode_libdir_separator_CXX=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - allow_undefined_flag_CXX=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_CXX='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - - hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_CXX=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"' - - else - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - fi - ;; - esac - ;; - psos*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - sunos4*) - case $cc_basename in - CC*) - # Sun C++ 4.x - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - lcc*) - # Lucid - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - *) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - esac - ;; - solaris*) - case $cc_basename in - CC*) - # Sun C++ 4.2, 5.x and Centerline C++ - archive_cmds_need_lc_CXX=yes - no_undefined_flag_CXX=' -zdefs' - archive_cmds_CXX='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - archive_expsym_cmds_CXX='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp' - - hardcode_libdir_flag_spec_CXX='-R$libdir' - hardcode_shlibpath_var_CXX=no - case $host_os in - solaris2.[0-5] | solaris2.[0-5].*) ;; - *) - # The C++ compiler is used as linker so we must use $wl - # flag to pass the commands to the underlying system - # linker. We must also pass each convience library through - # to the system linker between allextract/defaultextract. - # The C++ compiler will combine linker options so we - # cannot just pass the convience library names through - # without $wl. - # Supported since Solaris 2.6 (maybe 2.5.1?) - whole_archive_flag_spec_CXX='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' - ;; - esac - link_all_deplibs_CXX=yes - - output_verbose_link_cmd='echo' - - # Archives containing C++ object files must be created using - # "CC -xar", where "CC" is the Sun C++ compiler. This is - # necessary to make sure instantiated templates are included - # in the archive. - old_archive_cmds_CXX='$CC -xar -o $oldlib $oldobjs' - ;; - gcx*) - # Green Hills C++ Compiler - archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - - # The C++ compiler must be used to create the archive. - old_archive_cmds_CXX='$CC $LDFLAGS -archive -o $oldlib $oldobjs' - ;; - *) - # GNU C++ compiler with Solaris linker - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - no_undefined_flag_CXX=' ${wl}-z ${wl}defs' - if $CC --version | grep -v '^2\.7' > /dev/null; then - archive_cmds_CXX='$CC -shared -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - archive_expsym_cmds_CXX='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -shared -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp' - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd="$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\"" - else - # g++ 2.7 appears to require `-G' NOT `-shared' on this - # platform. - archive_cmds_CXX='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - archive_expsym_cmds_CXX='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp' - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd="$CC -G $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\"" - fi - - hardcode_libdir_flag_spec_CXX='${wl}-R $wl$libdir' - fi - ;; - esac - ;; - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7* | sco3.2v5.0.[024]*) - no_undefined_flag_CXX='${wl}-z,text' - archive_cmds_need_lc_CXX=no - hardcode_shlibpath_var_CXX=no - runpath_var='LD_RUN_PATH' - - case $cc_basename in - CC*) - archive_cmds_CXX='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_CXX='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds_CXX='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_CXX='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - ;; - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - # For security reasons, it is highly recommended that you always - # use absolute paths for naming shared libraries, and exclude the - # DT_RUNPATH tag from executables and libraries. But doing so - # requires that you compile everything twice, which is a pain. - # So that behaviour is only enabled if SCOABSPATH is set to a - # non-empty value in the environment. Most likely only useful for - # creating official distributions of packages. - # This is a hack until libtool officially supports absolute path - # names for shared libraries. - no_undefined_flag_CXX='${wl}-z,text' - allow_undefined_flag_CXX='${wl}-z,nodefs' - archive_cmds_need_lc_CXX=no - hardcode_shlibpath_var_CXX=no - hardcode_libdir_flag_spec_CXX='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' - hardcode_libdir_separator_CXX=':' - link_all_deplibs_CXX=yes - export_dynamic_flag_spec_CXX='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - case $cc_basename in - CC*) - archive_cmds_CXX='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_CXX='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds_CXX='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_CXX='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - ;; - tandem*) - case $cc_basename in - NCC*) - # NonStop-UX NCC 3.20 - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - *) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - esac - ;; - vxworks*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - *) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; -esac -{ echo "$as_me:$LINENO: result: $ld_shlibs_CXX" >&5 -echo "${ECHO_T}$ld_shlibs_CXX" >&6; } -test "$ld_shlibs_CXX" = no && can_build_shared=no - -GCC_CXX="$GXX" -LD_CXX="$LD" - - -cat > conftest.$ac_ext <&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - # Parse the compiler output and extract the necessary - # objects, libraries and library flags. - - # Sentinel used to keep track of whether or not we are before - # the conftest object file. - pre_test_object_deps_done=no - - # The `*' in the case matches for architectures that use `case' in - # $output_verbose_cmd can trigger glob expansion during the loop - # eval without this substitution. - output_verbose_link_cmd=`$echo "X$output_verbose_link_cmd" | $Xsed -e "$no_glob_subst"` - - for p in `eval $output_verbose_link_cmd`; do - case $p in - - -L* | -R* | -l*) - # Some compilers place space between "-{L,R}" and the path. - # Remove the space. - if test $p = "-L" \ - || test $p = "-R"; then - prev=$p - continue - else - prev= - fi - - if test "$pre_test_object_deps_done" = no; then - case $p in - -L* | -R*) - # Internal compiler library paths should come after those - # provided the user. The postdeps already come after the - # user supplied libs so there is no need to process them. - if test -z "$compiler_lib_search_path_CXX"; then - compiler_lib_search_path_CXX="${prev}${p}" - else - compiler_lib_search_path_CXX="${compiler_lib_search_path_CXX} ${prev}${p}" - fi - ;; - # The "-l" case would never come before the object being - # linked, so don't bother handling this case. - esac - else - if test -z "$postdeps_CXX"; then - postdeps_CXX="${prev}${p}" - else - postdeps_CXX="${postdeps_CXX} ${prev}${p}" - fi - fi - ;; - - *.$objext) - # This assumes that the test object file only shows up - # once in the compiler output. - if test "$p" = "conftest.$objext"; then - pre_test_object_deps_done=yes - continue - fi - - if test "$pre_test_object_deps_done" = no; then - if test -z "$predep_objects_CXX"; then - predep_objects_CXX="$p" - else - predep_objects_CXX="$predep_objects_CXX $p" - fi - else - if test -z "$postdep_objects_CXX"; then - postdep_objects_CXX="$p" - else - postdep_objects_CXX="$postdep_objects_CXX $p" - fi - fi - ;; - - *) ;; # Ignore the rest. - - esac - done - - # Clean up. - rm -f a.out a.exe -else - echo "libtool.m4: error: problem compiling CXX test program" -fi - -$rm -f confest.$objext - -# PORTME: override above test on systems where it is broken -case $host_os in -interix3*) - # Interix 3.5 installs completely hosed .la files for C++, so rather than - # hack all around it, let's just trust "g++" to DTRT. - predep_objects_CXX= - postdep_objects_CXX= - postdeps_CXX= - ;; - -solaris*) - case $cc_basename in - CC*) - # Adding this requires a known-good setup of shared libraries for - # Sun compiler versions before 5.6, else PIC objects from an old - # archive will be linked into the output, leading to subtle bugs. - postdeps_CXX='-lCstd -lCrun' - ;; - esac - ;; -esac - - -case " $postdeps_CXX " in -*" -lc "*) archive_cmds_need_lc_CXX=no ;; -esac - -lt_prog_compiler_wl_CXX= -lt_prog_compiler_pic_CXX= -lt_prog_compiler_static_CXX= - -{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5 -echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } - - # C++ specific cases for pic, static, wl, etc. - if test "$GXX" = yes; then - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_static_CXX='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static_CXX='-Bstatic' - fi - ;; - amigaos*) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - lt_prog_compiler_pic_CXX='-m68020 -resident32 -malways-restore-a4' - ;; - beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - mingw* | os2* | pw32*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic_CXX='-DDLL_EXPORT' - ;; - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - lt_prog_compiler_pic_CXX='-fno-common' - ;; - *djgpp*) - # DJGPP does not support shared libraries at all - lt_prog_compiler_pic_CXX= - ;; - interix3*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - sysv4*MP*) - if test -d /usr/nec; then - lt_prog_compiler_pic_CXX=-Kconform_pic - fi - ;; - hpux*) - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - ;; - *) - lt_prog_compiler_pic_CXX='-fPIC' - ;; - esac - ;; - *) - lt_prog_compiler_pic_CXX='-fPIC' - ;; - esac - else - case $host_os in - aix4* | aix5*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static_CXX='-Bstatic' - else - lt_prog_compiler_static_CXX='-bnso -bI:/lib/syscalls.exp' - fi - ;; - chorus*) - case $cc_basename in - cxch68*) - # Green Hills C++ Compiler - # _LT_AC_TAGVAR(lt_prog_compiler_static, CXX)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a" - ;; - esac - ;; - darwin*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - case $cc_basename in - xlc*) - lt_prog_compiler_pic_CXX='-qnocommon' - lt_prog_compiler_wl_CXX='-Wl,' - ;; - esac - ;; - dgux*) - case $cc_basename in - ec++*) - lt_prog_compiler_pic_CXX='-KPIC' - ;; - ghcx*) - # Green Hills C++ Compiler - lt_prog_compiler_pic_CXX='-pic' - ;; - *) - ;; - esac - ;; - freebsd* | kfreebsd*-gnu | dragonfly*) - # FreeBSD uses GNU C++ - ;; - hpux9* | hpux10* | hpux11*) - case $cc_basename in - CC*) - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_static_CXX='${wl}-a ${wl}archive' - if test "$host_cpu" != ia64; then - lt_prog_compiler_pic_CXX='+Z' - fi - ;; - aCC*) - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_static_CXX='${wl}-a ${wl}archive' - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic_CXX='+Z' - ;; - esac - ;; - *) - ;; - esac - ;; - interix*) - # This is c89, which is MS Visual C++ (no shared libs) - # Anyone wants to do a port? - ;; - irix5* | irix6* | nonstopux*) - case $cc_basename in - CC*) - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_static_CXX='-non_shared' - # CC pic flag -KPIC is the default. - ;; - *) - ;; - esac - ;; - linux*) - case $cc_basename in - KCC*) - # KAI C++ Compiler - lt_prog_compiler_wl_CXX='--backend -Wl,' - lt_prog_compiler_pic_CXX='-fPIC' - ;; - icpc* | ecpc*) - # Intel C++ - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_pic_CXX='-KPIC' - lt_prog_compiler_static_CXX='-static' - ;; - pgCC*) - # Portland Group C++ compiler. - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_pic_CXX='-fpic' - lt_prog_compiler_static_CXX='-Bstatic' - ;; - cxx*) - # Compaq C++ - # Make sure the PIC flag is empty. It appears that all Alpha - # Linux and Compaq Tru64 Unix objects are PIC. - lt_prog_compiler_pic_CXX= - lt_prog_compiler_static_CXX='-non_shared' - ;; - *) - ;; - esac - ;; - lynxos*) - ;; - m88k*) - ;; - mvs*) - case $cc_basename in - cxx*) - lt_prog_compiler_pic_CXX='-W c,exportall' - ;; - *) - ;; - esac - ;; - netbsd*) - ;; - osf3* | osf4* | osf5*) - case $cc_basename in - KCC*) - lt_prog_compiler_wl_CXX='--backend -Wl,' - ;; - RCC*) - # Rational C++ 2.4.1 - lt_prog_compiler_pic_CXX='-pic' - ;; - cxx*) - # Digital/Compaq C++ - lt_prog_compiler_wl_CXX='-Wl,' - # Make sure the PIC flag is empty. It appears that all Alpha - # Linux and Compaq Tru64 Unix objects are PIC. - lt_prog_compiler_pic_CXX= - lt_prog_compiler_static_CXX='-non_shared' - ;; - *) - ;; - esac - ;; - psos*) - ;; - solaris*) - case $cc_basename in - CC*) - # Sun C++ 4.2, 5.x and Centerline C++ - lt_prog_compiler_pic_CXX='-KPIC' - lt_prog_compiler_static_CXX='-Bstatic' - lt_prog_compiler_wl_CXX='-Qoption ld ' - ;; - gcx*) - # Green Hills C++ Compiler - lt_prog_compiler_pic_CXX='-PIC' - ;; - *) - ;; - esac - ;; - sunos4*) - case $cc_basename in - CC*) - # Sun C++ 4.x - lt_prog_compiler_pic_CXX='-pic' - lt_prog_compiler_static_CXX='-Bstatic' - ;; - lcc*) - # Lucid - lt_prog_compiler_pic_CXX='-pic' - ;; - *) - ;; - esac - ;; - tandem*) - case $cc_basename in - NCC*) - # NonStop-UX NCC 3.20 - lt_prog_compiler_pic_CXX='-KPIC' - ;; - *) - ;; - esac - ;; - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - case $cc_basename in - CC*) - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_pic_CXX='-KPIC' - lt_prog_compiler_static_CXX='-Bstatic' - ;; - esac - ;; - vxworks*) - ;; - *) - lt_prog_compiler_can_build_shared_CXX=no - ;; - esac - fi - -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_CXX" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_CXX" >&6; } - -# -# Check to make sure the PIC flag actually works. -# -if test -n "$lt_prog_compiler_pic_CXX"; then - -{ echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works" >&5 -echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_pic_works_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_pic_works_CXX=no - ac_outfile=conftest.$ac_objext - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="$lt_prog_compiler_pic_CXX -DPIC" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:13188: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:13192: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_pic_works_CXX=yes - fi - fi - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works_CXX" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_works_CXX" >&6; } - -if test x"$lt_prog_compiler_pic_works_CXX" = xyes; then - case $lt_prog_compiler_pic_CXX in - "" | " "*) ;; - *) lt_prog_compiler_pic_CXX=" $lt_prog_compiler_pic_CXX" ;; - esac -else - lt_prog_compiler_pic_CXX= - lt_prog_compiler_can_build_shared_CXX=no -fi - -fi -case $host_os in - # For platforms which do not support PIC, -DPIC is meaningless: - *djgpp*) - lt_prog_compiler_pic_CXX= - ;; - *) - lt_prog_compiler_pic_CXX="$lt_prog_compiler_pic_CXX -DPIC" - ;; -esac - -# -# Check to make sure the static flag actually works. -# -wl=$lt_prog_compiler_wl_CXX eval lt_tmp_static_flag=\"$lt_prog_compiler_static_CXX\" -{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_static_works_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_static_works_CXX=no - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $lt_tmp_static_flag" - printf "$lt_simple_link_test_code" > conftest.$ac_ext - if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then - # The linker can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - # Append any errors to the config.log. - cat conftest.err 1>&5 - $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_static_works_CXX=yes - fi - else - lt_prog_compiler_static_works_CXX=yes - fi - fi - $rm conftest* - LDFLAGS="$save_LDFLAGS" - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works_CXX" >&5 -echo "${ECHO_T}$lt_prog_compiler_static_works_CXX" >&6; } - -if test x"$lt_prog_compiler_static_works_CXX" = xyes; then - : -else - lt_prog_compiler_static_CXX= -fi - - -{ echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5 -echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_c_o_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_prog_compiler_c_o_CXX=no - $rm -r conftest 2>/dev/null - mkdir conftest - cd conftest - mkdir out - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - lt_compiler_flag="-o out/conftest2.$ac_objext" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:13292: $lt_compile\"" >&5) - (eval "$lt_compile" 2>out/conftest.err) - ac_status=$? - cat out/conftest.err >&5 - echo "$as_me:13296: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s out/conftest2.$ac_objext - then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp - $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 - if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then - lt_cv_prog_compiler_c_o_CXX=yes - fi - fi - chmod u+w . 2>&5 - $rm conftest* - # SGI C++ compiler will create directory out/ii_files/ for - # template instantiation - test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files - $rm out/* && rmdir out - cd .. - rmdir conftest - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o_CXX" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_c_o_CXX" >&6; } - - -hard_links="nottested" -if test "$lt_cv_prog_compiler_c_o_CXX" = no && test "$need_locks" != no; then - # do not overwrite the value of need_locks provided by the user - { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5 -echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; } - hard_links=yes - $rm conftest* - ln conftest.a conftest.b 2>/dev/null && hard_links=no - touch conftest.a - ln conftest.a conftest.b 2>&5 || hard_links=no - ln conftest.a conftest.b 2>/dev/null && hard_links=no - { echo "$as_me:$LINENO: result: $hard_links" >&5 -echo "${ECHO_T}$hard_links" >&6; } - if test "$hard_links" = no; then - { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 -echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} - need_locks=warn - fi -else - need_locks=no -fi - -{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } - - export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - case $host_os in - aix4* | aix5*) - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | grep 'GNU' > /dev/null; then - export_symbols_cmds_CXX='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - else - export_symbols_cmds_CXX='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - fi - ;; - pw32*) - export_symbols_cmds_CXX="$ltdll_cmds" - ;; - cygwin* | mingw*) - export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS] /s/.* \([^ ]*\)/\1 DATA/;/^.* __nm__/s/^.* __nm__\([^ ]*\) [^ ]*/\1 DATA/;/^I /d;/^[AITW] /s/.* //'\'' | sort | uniq > $export_symbols' - ;; - *) - export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - ;; - esac - -{ echo "$as_me:$LINENO: result: $ld_shlibs_CXX" >&5 -echo "${ECHO_T}$ld_shlibs_CXX" >&6; } -test "$ld_shlibs_CXX" = no && can_build_shared=no - -# -# Do we need to explicitly link libc? -# -case "x$archive_cmds_need_lc_CXX" in -x|xyes) - # Assume -lc should be added - archive_cmds_need_lc_CXX=yes - - if test "$enable_shared" = yes && test "$GCC" = yes; then - case $archive_cmds_CXX in - *'~'*) - # FIXME: we may have to deal with multi-command sequences. - ;; - '$CC '*) - # Test whether the compiler implicitly links with -lc since on some - # systems, -lgcc has to come before -lc. If gcc already passes -lc - # to ld, don't add -lc before -lgcc. - { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5 -echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; } - $rm conftest* - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } 2>conftest.err; then - soname=conftest - lib=conftest - libobjs=conftest.$ac_objext - deplibs= - wl=$lt_prog_compiler_wl_CXX - pic_flag=$lt_prog_compiler_pic_CXX - compiler_flags=-v - linker_flags=-v - verstring= - output_objdir=. - libname=conftest - lt_save_allow_undefined_flag=$allow_undefined_flag_CXX - allow_undefined_flag_CXX= - if { (eval echo "$as_me:$LINENO: \"$archive_cmds_CXX 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\"") >&5 - (eval $archive_cmds_CXX 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - then - archive_cmds_need_lc_CXX=no - else - archive_cmds_need_lc_CXX=yes - fi - allow_undefined_flag_CXX=$lt_save_allow_undefined_flag - else - cat conftest.err 1>&5 - fi - $rm conftest* - { echo "$as_me:$LINENO: result: $archive_cmds_need_lc_CXX" >&5 -echo "${ECHO_T}$archive_cmds_need_lc_CXX" >&6; } - ;; - esac - fi - ;; -esac - -{ echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5 -echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; } -library_names_spec= -libname_spec='lib$name' -soname_spec= -shrext_cmds=".so" -postinstall_cmds= -postuninstall_cmds= -finish_cmds= -finish_eval= -shlibpath_var= -shlibpath_overrides_runpath=unknown -version_type=none -dynamic_linker="$host_os ld.so" -sys_lib_dlsearch_path_spec="/lib /usr/lib" -if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then - # if the path contains ";" then we assume it to be the separator - # otherwise default to the standard path separator (i.e. ":") - it is - # assumed that no part of a normal pathname contains ";" but that should - # okay in the real world where ";" in dirpaths is itself problematic. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi -else - sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" -fi -need_lib_prefix=unknown -hardcode_into_libs=no - -# when you set need_version to no, make sure it does not cause -set_version -# flags to be left without arguments -need_version=unknown - -case $host_os in -aix3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' - shlibpath_var=LIBPATH - - # AIX 3 has no versioning support, so we append a major version to the name. - soname_spec='${libname}${release}${shared_ext}$major' - ;; - -aix4* | aix5*) - version_type=linux - need_lib_prefix=no - need_version=no - hardcode_into_libs=yes - if test "$host_cpu" = ia64; then - # AIX 5 supports IA64 - library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - else - # With GCC up to 2.95.x, collect2 would create an import file - # for dependence libraries. The import file would start with - # the line `#! .'. This would cause the generated library to - # depend on `.', always an invalid library. This was fixed in - # development snapshots of GCC prior to 3.0. - case $host_os in - aix4 | aix4.[01] | aix4.[01].*) - if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' - echo ' yes ' - echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then - : - else - can_build_shared=no - fi - ;; - esac - # AIX (on Power*) has no versioning support, so currently we can not hardcode correct - # soname into executable. Probably we can add versioning support to - # collect2, so additional links can be useful in future. - if test "$aix_use_runtimelinking" = yes; then - # If using run time linking (on AIX 4.2 or later) use lib.so - # instead of lib.a to let people know that these are not - # typical AIX shared libraries. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - else - # We preserve .a as extension for shared libraries through AIX4.2 - # and later when we are not doing run time linking. - library_names_spec='${libname}${release}.a $libname.a' - soname_spec='${libname}${release}${shared_ext}$major' - fi - shlibpath_var=LIBPATH - fi - ;; - -amigaos*) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' - ;; - -beos*) - library_names_spec='${libname}${shared_ext}' - dynamic_linker="$host_os ld.so" - shlibpath_var=LIBRARY_PATH - ;; - -bsdi[45]*) - version_type=linux - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" - sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" - # the default ld.so.conf also contains /usr/contrib/lib and - # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow - # libtool to hard-code these into programs - ;; - -cygwin* | mingw* | pw32*) - version_type=windows - shrext_cmds=".dll" - need_version=no - need_lib_prefix=no - - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32*) - library_names_spec='$libname.dll.a' - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname~ - chmod a+x \$dldir/$dlname' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $rm \$dlpath' - shlibpath_overrides_runpath=yes - - case $host_os in - cygwin*) - # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib" - ;; - mingw*) - # MinGW DLLs use traditional 'lib' prefix - soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';[c-zC-Z]:/' >/dev/null; then - # It is most probably a Windows format PATH printed by - # mingw gcc, but we are running on Cygwin. Gcc prints its search - # path with ; separators, and with drive letters. We can handle the - # drive letters (cygwin fileutils understands them), so leave them, - # especially as we might pass files found there to a mingw objdump, - # which wouldn't understand a cygwinified path. Ahh. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi - ;; - pw32*) - # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - ;; - esac - ;; - - *) - library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib' - ;; - esac - dynamic_linker='Win32 ld.exe' - # FIXME: first we should search . and the directory the executable is in - shlibpath_var=PATH - ;; - -darwin* | rhapsody*) - dynamic_linker="$host_os dyld" - version_type=darwin - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' - soname_spec='${libname}${release}${major}$shared_ext' - shlibpath_overrides_runpath=yes - shlibpath_var=DYLD_LIBRARY_PATH - shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' - # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. - if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` - else - sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib' - fi - sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' - ;; - -dgux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -freebsd1*) - dynamic_linker=no - ;; - -kfreebsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -freebsd* | dragonfly*) - # DragonFly does not have aout. When/if they implement a new - # versioning mechanism, adjust this. - if test -x /usr/bin/objformat; then - objformat=`/usr/bin/objformat` - else - case $host_os in - freebsd[123]*) objformat=aout ;; - *) objformat=elf ;; - esac - fi - version_type=freebsd-$objformat - case $version_type in - freebsd-elf*) - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - need_version=no - need_lib_prefix=no - ;; - freebsd-*) - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' - need_version=yes - ;; - esac - shlibpath_var=LD_LIBRARY_PATH - case $host_os in - freebsd2*) - shlibpath_overrides_runpath=yes - ;; - freebsd3.[01]* | freebsdelf3.[01]*) - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - freebsd3.[2-9]* | freebsdelf3.[2-9]* | \ - freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1) - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - freebsd*) # from 4.6 on - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - esac - ;; - -gnu*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - ;; - -hpux9* | hpux10* | hpux11*) - # Give a soname corresponding to the major version so that dld.sl refuses to - # link against other versions. - version_type=sunos - need_lib_prefix=no - need_version=no - case $host_cpu in - ia64*) - shrext_cmds='.so' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.so" - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - if test "X$HPUX_IA64_MODE" = X32; then - sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" - else - sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" - fi - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - hppa*64*) - shrext_cmds='.sl' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.sl" - shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - *) - shrext_cmds='.sl' - dynamic_linker="$host_os dld.sl" - shlibpath_var=SHLIB_PATH - shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - ;; - esac - # HP-UX runs *really* slowly unless shared libraries are mode 555. - postinstall_cmds='chmod 555 $lib' - ;; - -interix3*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -irix5* | irix6* | nonstopux*) - case $host_os in - nonstopux*) version_type=nonstopux ;; - *) - if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux - else - version_type=irix - fi ;; - esac - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' - case $host_os in - irix5* | nonstopux*) - libsuff= shlibsuff= - ;; - *) - case $LD in # libtool.m4 will add one of these switches to LD - *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") - libsuff= shlibsuff= libmagic=32-bit;; - *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") - libsuff=32 shlibsuff=N32 libmagic=N32;; - *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") - libsuff=64 shlibsuff=64 libmagic=64-bit;; - *) libsuff= shlibsuff= libmagic=never-match;; - esac - ;; - esac - shlibpath_var=LD_LIBRARY${shlibsuff}_PATH - shlibpath_overrides_runpath=no - sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" - sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" - hardcode_into_libs=yes - ;; - -# No shared lib support for Linux oldld, aout, or coff. -linux*oldld* | linux*aout* | linux*coff*) - dynamic_linker=no - ;; - -# This must be Linux ELF. -linux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - # This implies no fast_install, which is unacceptable. - # Some rework will be needed to allow for fast_install - # before this can be enabled. - hardcode_into_libs=yes - - # Append ld.so.conf contents to the search path - if test -f /etc/ld.so.conf; then - lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" - fi - - # We used to test for /lib/ld.so.1 and disable shared libraries on - # powerpc, because MkLinux only supported shared libraries with the - # GNU dynamic linker. Since this was broken with cross compilers, - # most powerpc-linux boxes support dynamic linking these days and - # people can always --disable-shared, the test was removed, and we - # assume the GNU/Linux dynamic linker is in use. - dynamic_linker='GNU/Linux ld.so' - ;; - -knetbsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -netbsd*) - version_type=sunos - need_lib_prefix=no - need_version=no - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - dynamic_linker='NetBSD (a.out) ld.so' - else - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='NetBSD ld.elf_so' - fi - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - -newsos6) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -nto-qnx*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -openbsd*) - version_type=sunos - sys_lib_dlsearch_path_spec="/usr/lib" - need_lib_prefix=no - # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. - case $host_os in - openbsd3.3 | openbsd3.3.*) need_version=yes ;; - *) need_version=no ;; - esac - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - shlibpath_var=LD_LIBRARY_PATH - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - case $host_os in - openbsd2.[89] | openbsd2.[89].*) - shlibpath_overrides_runpath=no - ;; - *) - shlibpath_overrides_runpath=yes - ;; - esac - else - shlibpath_overrides_runpath=yes - fi - ;; - -os2*) - libname_spec='$name' - shrext_cmds=".dll" - need_lib_prefix=no - library_names_spec='$libname${shared_ext} $libname.a' - dynamic_linker='OS/2 ld.exe' - shlibpath_var=LIBPATH - ;; - -osf3* | osf4* | osf5*) - version_type=osf - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" - sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" - ;; - -solaris*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - # ldd complains unless libraries are executable - postinstall_cmds='chmod +x $lib' - ;; - -sunos4*) - version_type=sunos - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - fi - need_version=yes - ;; - -sysv4 | sysv4.3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - case $host_vendor in - sni) - shlibpath_overrides_runpath=no - need_lib_prefix=no - export_dynamic_flag_spec='${wl}-Blargedynsym' - runpath_var=LD_RUN_PATH - ;; - siemens) - need_lib_prefix=no - ;; - motorola) - need_lib_prefix=no - need_version=no - shlibpath_overrides_runpath=no - sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' - ;; - esac - ;; - -sysv4*MP*) - if test -d /usr/nec ;then - version_type=linux - library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' - soname_spec='$libname${shared_ext}.$major' - shlibpath_var=LD_LIBRARY_PATH - fi - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - version_type=freebsd-elf - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - if test "$with_gnu_ld" = yes; then - sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' - shlibpath_overrides_runpath=no - else - sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' - shlibpath_overrides_runpath=yes - case $host_os in - sco3.2v5*) - sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" - ;; - esac - fi - sys_lib_dlsearch_path_spec='/usr/lib' - ;; - -uts4*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -*) - dynamic_linker=no - ;; -esac -{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5 -echo "${ECHO_T}$dynamic_linker" >&6; } -test "$dynamic_linker" = no && can_build_shared=no - -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$GCC" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi - -{ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 -echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; } -hardcode_action_CXX= -if test -n "$hardcode_libdir_flag_spec_CXX" || \ - test -n "$runpath_var_CXX" || \ - test "X$hardcode_automatic_CXX" = "Xyes" ; then - - # We can hardcode non-existant directories. - if test "$hardcode_direct_CXX" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, CXX)" != no && - test "$hardcode_minus_L_CXX" != no; then - # Linking always hardcodes the temporary library directory. - hardcode_action_CXX=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - hardcode_action_CXX=immediate - fi -else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - hardcode_action_CXX=unsupported -fi -{ echo "$as_me:$LINENO: result: $hardcode_action_CXX" >&5 -echo "${ECHO_T}$hardcode_action_CXX" >&6; } - -if test "$hardcode_action_CXX" = relink; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless -fi - - -# The else clause should only fire when bootstrapping the -# libtool distribution, otherwise you forgot to ship ltmain.sh -# with your package, and you will get complaints that there are -# no rules to generate ltmain.sh. -if test -f "$ltmain"; then - # See if we are running on zsh, and set the options which allow our commands through - # without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - # Now quote all the things that may contain metacharacters while being - # careful not to overquote the AC_SUBSTed values. We take copies of the - # variables and quote the copies for generation of the libtool script. - for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \ - SED SHELL STRIP \ - libname_spec library_names_spec soname_spec extract_expsyms_cmds \ - old_striplib striplib file_magic_cmd finish_cmds finish_eval \ - deplibs_check_method reload_flag reload_cmds need_locks \ - lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \ - lt_cv_sys_global_symbol_to_c_name_address \ - sys_lib_search_path_spec sys_lib_dlsearch_path_spec \ - old_postinstall_cmds old_postuninstall_cmds \ - compiler_CXX \ - CC_CXX \ - LD_CXX \ - lt_prog_compiler_wl_CXX \ - lt_prog_compiler_pic_CXX \ - lt_prog_compiler_static_CXX \ - lt_prog_compiler_no_builtin_flag_CXX \ - export_dynamic_flag_spec_CXX \ - thread_safe_flag_spec_CXX \ - whole_archive_flag_spec_CXX \ - enable_shared_with_static_runtimes_CXX \ - old_archive_cmds_CXX \ - old_archive_from_new_cmds_CXX \ - predep_objects_CXX \ - postdep_objects_CXX \ - predeps_CXX \ - postdeps_CXX \ - compiler_lib_search_path_CXX \ - archive_cmds_CXX \ - archive_expsym_cmds_CXX \ - postinstall_cmds_CXX \ - postuninstall_cmds_CXX \ - old_archive_from_expsyms_cmds_CXX \ - allow_undefined_flag_CXX \ - no_undefined_flag_CXX \ - export_symbols_cmds_CXX \ - hardcode_libdir_flag_spec_CXX \ - hardcode_libdir_flag_spec_ld_CXX \ - hardcode_libdir_separator_CXX \ - hardcode_automatic_CXX \ - module_cmds_CXX \ - module_expsym_cmds_CXX \ - lt_cv_prog_compiler_c_o_CXX \ - exclude_expsyms_CXX \ - include_expsyms_CXX; do - - case $var in - old_archive_cmds_CXX | \ - old_archive_from_new_cmds_CXX | \ - archive_cmds_CXX | \ - archive_expsym_cmds_CXX | \ - module_cmds_CXX | \ - module_expsym_cmds_CXX | \ - old_archive_from_expsyms_cmds_CXX | \ - export_symbols_cmds_CXX | \ - extract_expsyms_cmds | reload_cmds | finish_cmds | \ - postinstall_cmds | postuninstall_cmds | \ - old_postinstall_cmds | old_postuninstall_cmds | \ - sys_lib_search_path_spec | sys_lib_dlsearch_path_spec) - # Double-quote double-evaled strings. - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\"" - ;; - *) - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\"" - ;; - esac - done - - case $lt_echo in - *'\$0 --fallback-echo"') - lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'` - ;; - esac - -cfgfile="$ofile" - - cat <<__EOF__ >> "$cfgfile" -# ### BEGIN LIBTOOL TAG CONFIG: $tagname - -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$archive_cmds_need_lc_CXX - -# Whether or not to disallow shared libs when runtime libs are static -allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_CXX - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# An echo program that does not interpret backslashes. -echo=$lt_echo - -# The archiver. -AR=$lt_AR -AR_FLAGS=$lt_AR_FLAGS - -# A C compiler. -LTCC=$lt_LTCC - -# LTCC compiler flags. -LTCFLAGS=$lt_LTCFLAGS - -# A language-specific compiler. -CC=$lt_compiler_CXX - -# Is the compiler the GNU C compiler? -with_gcc=$GCC_CXX - -# An ERE matcher. -EGREP=$lt_EGREP - -# The linker used to build libraries. -LD=$lt_LD_CXX - -# Whether we need hard or soft links. -LN_S=$lt_LN_S - -# A BSD-compatible nm program. -NM=$lt_NM - -# A symbol stripping program -STRIP=$lt_STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl_CXX - -# Object file suffix (normally "o"). -objext="$ac_objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Shared library suffix (normally ".so"). -shrext_cmds='$shrext_cmds' - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$lt_lt_prog_compiler_pic_CXX -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$lt_cv_sys_max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_lt_cv_prog_compiler_c_o_CXX - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_lt_prog_compiler_static_CXX - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_CXX - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_CXX - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_whole_archive_flag_spec_CXX - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$lt_thread_safe_flag_spec_CXX - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$lt_RANLIB -old_archive_cmds=$lt_old_archive_cmds_CXX -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_CXX - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_CXX - -# Commands used to build and install a shared archive. -archive_cmds=$lt_archive_cmds_CXX -archive_expsym_cmds=$lt_archive_expsym_cmds_CXX -postinstall_cmds=$lt_postinstall_cmds -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to build a loadable module (assumed same as above if empty) -module_cmds=$lt_module_cmds_CXX -module_expsym_cmds=$lt_module_expsym_cmds_CXX - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$lt_predep_objects_CXX - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$lt_postdep_objects_CXX - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$lt_predeps_CXX - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$lt_postdeps_CXX - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$lt_compiler_lib_search_path_CXX - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$lt_file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_allow_undefined_flag_CXX - -# Flag that forces no undefined symbols. -no_undefined_flag=$lt_no_undefined_flag_CXX - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$lt_finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action_CXX - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_CXX - -# If ld is used when linking, flag to hardcode \$libdir into -# a binary during linking. This must work even if \$libdir does -# not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_CXX - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$lt_hardcode_libdir_separator_CXX - -# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$hardcode_direct_CXX - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$hardcode_minus_L_CXX - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var_CXX - -# Set to yes if building a shared library automatically hardcodes DIR into the library -# and all subsequent libraries and executables linked against it. -hardcode_automatic=$hardcode_automatic_CXX - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs_CXX - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$fix_srcfile_path_CXX" - -# Set to yes if exported symbols are required. -always_export_symbols=$always_export_symbols_CXX - -# The commands to list exported symbols. -export_symbols_cmds=$lt_export_symbols_cmds_CXX - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_exclude_expsyms_CXX - -# Symbols that must always be exported. -include_expsyms=$lt_include_expsyms_CXX - -# ### END LIBTOOL TAG CONFIG: $tagname - -__EOF__ - - -else - # If there is no Makefile yet, we rely on a make rule to execute - # `config.status --recheck' to rerun these tests and create the - # libtool script then. - ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'` - if test -f "$ltmain_in"; then - test -f Makefile && make "$ltmain" - fi -fi - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -CC=$lt_save_CC -LDCXX=$LD -LD=$lt_save_LD -GCC=$lt_save_GCC -with_gnu_ldcxx=$with_gnu_ld -with_gnu_ld=$lt_save_with_gnu_ld -lt_cv_path_LDCXX=$lt_cv_path_LD -lt_cv_path_LD=$lt_save_path_LD -lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld -lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld - - else - tagname="" - fi - ;; - - F77) - if test -n "$F77" && test "X$F77" != "Xno"; then - -ac_ext=f -ac_compile='$F77 -c $FFLAGS conftest.$ac_ext >&5' -ac_link='$F77 -o conftest$ac_exeext $FFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_f77_compiler_gnu - - -archive_cmds_need_lc_F77=no -allow_undefined_flag_F77= -always_export_symbols_F77=no -archive_expsym_cmds_F77= -export_dynamic_flag_spec_F77= -hardcode_direct_F77=no -hardcode_libdir_flag_spec_F77= -hardcode_libdir_flag_spec_ld_F77= -hardcode_libdir_separator_F77= -hardcode_minus_L_F77=no -hardcode_automatic_F77=no -module_cmds_F77= -module_expsym_cmds_F77= -link_all_deplibs_F77=unknown -old_archive_cmds_F77=$old_archive_cmds -no_undefined_flag_F77= -whole_archive_flag_spec_F77= -enable_shared_with_static_runtimes_F77=no - -# Source file extension for f77 test sources. -ac_ext=f - -# Object file extension for compiled f77 test sources. -objext=o -objext_F77=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code=" subroutine t\n return\n end\n" - -# Code to be used in simple link tests -lt_simple_link_test_code=" program t\n end\n" - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - - -# save warnings/boilerplate of simple test code -ac_outfile=conftest.$ac_objext -printf "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$rm conftest* - -ac_outfile=conftest.$ac_objext -printf "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$rm conftest* - - -# Allow CC to be a program name with arguments. -lt_save_CC="$CC" -CC=${F77-"f77"} -compiler=$CC -compiler_F77=$CC -for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - - -{ echo "$as_me:$LINENO: checking if libtool supports shared libraries" >&5 -echo $ECHO_N "checking if libtool supports shared libraries... $ECHO_C" >&6; } -{ echo "$as_me:$LINENO: result: $can_build_shared" >&5 -echo "${ECHO_T}$can_build_shared" >&6; } - -{ echo "$as_me:$LINENO: checking whether to build shared libraries" >&5 -echo $ECHO_N "checking whether to build shared libraries... $ECHO_C" >&6; } -test "$can_build_shared" = "no" && enable_shared=no - -# On AIX, shared libraries and static libraries use the same namespace, and -# are all built from PIC. -case $host_os in -aix3*) - test "$enable_shared" = yes && enable_static=no - if test -n "$RANLIB"; then - archive_cmds="$archive_cmds~\$RANLIB \$lib" - postinstall_cmds='$RANLIB $lib' - fi - ;; -aix4* | aix5*) - if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then - test "$enable_shared" = yes && enable_static=no - fi - ;; -esac -{ echo "$as_me:$LINENO: result: $enable_shared" >&5 -echo "${ECHO_T}$enable_shared" >&6; } - -{ echo "$as_me:$LINENO: checking whether to build static libraries" >&5 -echo $ECHO_N "checking whether to build static libraries... $ECHO_C" >&6; } -# Make sure either enable_shared or enable_static is yes. -test "$enable_shared" = yes || enable_static=yes -{ echo "$as_me:$LINENO: result: $enable_static" >&5 -echo "${ECHO_T}$enable_static" >&6; } - -GCC_F77="$G77" -LD_F77="$LD" - -lt_prog_compiler_wl_F77= -lt_prog_compiler_pic_F77= -lt_prog_compiler_static_F77= - -{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5 -echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } - - if test "$GCC" = yes; then - lt_prog_compiler_wl_F77='-Wl,' - lt_prog_compiler_static_F77='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static_F77='-Bstatic' - fi - ;; - - amigaos*) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - lt_prog_compiler_pic_F77='-m68020 -resident32 -malways-restore-a4' - ;; - - beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic_F77='-DDLL_EXPORT' - ;; - - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - lt_prog_compiler_pic_F77='-fno-common' - ;; - - interix3*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - - msdosdjgpp*) - # Just because we use GCC doesn't mean we suddenly get shared libraries - # on systems that don't support them. - lt_prog_compiler_can_build_shared_F77=no - enable_shared=no - ;; - - sysv4*MP*) - if test -d /usr/nec; then - lt_prog_compiler_pic_F77=-Kconform_pic - fi - ;; - - hpux*) - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic_F77='-fPIC' - ;; - esac - ;; - - *) - lt_prog_compiler_pic_F77='-fPIC' - ;; - esac - else - # PORTME Check for flag to pass linker flags through the system compiler. - case $host_os in - aix*) - lt_prog_compiler_wl_F77='-Wl,' - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static_F77='-Bstatic' - else - lt_prog_compiler_static_F77='-bnso -bI:/lib/syscalls.exp' - fi - ;; - darwin*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - case $cc_basename in - xlc*) - lt_prog_compiler_pic_F77='-qnocommon' - lt_prog_compiler_wl_F77='-Wl,' - ;; - esac - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic_F77='-DDLL_EXPORT' - ;; - - hpux9* | hpux10* | hpux11*) - lt_prog_compiler_wl_F77='-Wl,' - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic_F77='+Z' - ;; - esac - # Is there a better lt_prog_compiler_static that works with the bundled CC? - lt_prog_compiler_static_F77='${wl}-a ${wl}archive' - ;; - - irix5* | irix6* | nonstopux*) - lt_prog_compiler_wl_F77='-Wl,' - # PIC (with -KPIC) is the default. - lt_prog_compiler_static_F77='-non_shared' - ;; - - newsos6) - lt_prog_compiler_pic_F77='-KPIC' - lt_prog_compiler_static_F77='-Bstatic' - ;; - - linux*) - case $cc_basename in - icc* | ecc*) - lt_prog_compiler_wl_F77='-Wl,' - lt_prog_compiler_pic_F77='-KPIC' - lt_prog_compiler_static_F77='-static' - ;; - pgcc* | pgf77* | pgf90* | pgf95*) - # Portland Group compilers (*not* the Pentium gcc compiler, - # which looks to be a dead project) - lt_prog_compiler_wl_F77='-Wl,' - lt_prog_compiler_pic_F77='-fpic' - lt_prog_compiler_static_F77='-Bstatic' - ;; - ccc*) - lt_prog_compiler_wl_F77='-Wl,' - # All Alpha code is PIC. - lt_prog_compiler_static_F77='-non_shared' - ;; - esac - ;; - - osf3* | osf4* | osf5*) - lt_prog_compiler_wl_F77='-Wl,' - # All OSF/1 code is PIC. - lt_prog_compiler_static_F77='-non_shared' - ;; - - solaris*) - lt_prog_compiler_pic_F77='-KPIC' - lt_prog_compiler_static_F77='-Bstatic' - case $cc_basename in - f77* | f90* | f95*) - lt_prog_compiler_wl_F77='-Qoption ld ';; - *) - lt_prog_compiler_wl_F77='-Wl,';; - esac - ;; - - sunos4*) - lt_prog_compiler_wl_F77='-Qoption ld ' - lt_prog_compiler_pic_F77='-PIC' - lt_prog_compiler_static_F77='-Bstatic' - ;; - - sysv4 | sysv4.2uw2* | sysv4.3*) - lt_prog_compiler_wl_F77='-Wl,' - lt_prog_compiler_pic_F77='-KPIC' - lt_prog_compiler_static_F77='-Bstatic' - ;; - - sysv4*MP*) - if test -d /usr/nec ;then - lt_prog_compiler_pic_F77='-Kconform_pic' - lt_prog_compiler_static_F77='-Bstatic' - fi - ;; - - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - lt_prog_compiler_wl_F77='-Wl,' - lt_prog_compiler_pic_F77='-KPIC' - lt_prog_compiler_static_F77='-Bstatic' - ;; - - unicos*) - lt_prog_compiler_wl_F77='-Wl,' - lt_prog_compiler_can_build_shared_F77=no - ;; - - uts4*) - lt_prog_compiler_pic_F77='-pic' - lt_prog_compiler_static_F77='-Bstatic' - ;; - - *) - lt_prog_compiler_can_build_shared_F77=no - ;; - esac - fi - -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_F77" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_F77" >&6; } - -# -# Check to make sure the PIC flag actually works. -# -if test -n "$lt_prog_compiler_pic_F77"; then - -{ echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_F77 works" >&5 -echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_F77 works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_pic_works_F77+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_pic_works_F77=no - ac_outfile=conftest.$ac_objext - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="$lt_prog_compiler_pic_F77" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:14862: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:14866: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_pic_works_F77=yes - fi - fi - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works_F77" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_works_F77" >&6; } - -if test x"$lt_prog_compiler_pic_works_F77" = xyes; then - case $lt_prog_compiler_pic_F77 in - "" | " "*) ;; - *) lt_prog_compiler_pic_F77=" $lt_prog_compiler_pic_F77" ;; - esac -else - lt_prog_compiler_pic_F77= - lt_prog_compiler_can_build_shared_F77=no -fi - -fi -case $host_os in - # For platforms which do not support PIC, -DPIC is meaningless: - *djgpp*) - lt_prog_compiler_pic_F77= - ;; - *) - lt_prog_compiler_pic_F77="$lt_prog_compiler_pic_F77" - ;; -esac - -# -# Check to make sure the static flag actually works. -# -wl=$lt_prog_compiler_wl_F77 eval lt_tmp_static_flag=\"$lt_prog_compiler_static_F77\" -{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_static_works_F77+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_static_works_F77=no - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $lt_tmp_static_flag" - printf "$lt_simple_link_test_code" > conftest.$ac_ext - if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then - # The linker can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - # Append any errors to the config.log. - cat conftest.err 1>&5 - $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_static_works_F77=yes - fi - else - lt_prog_compiler_static_works_F77=yes - fi - fi - $rm conftest* - LDFLAGS="$save_LDFLAGS" - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works_F77" >&5 -echo "${ECHO_T}$lt_prog_compiler_static_works_F77" >&6; } - -if test x"$lt_prog_compiler_static_works_F77" = xyes; then - : -else - lt_prog_compiler_static_F77= -fi - - -{ echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5 -echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_c_o_F77+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_prog_compiler_c_o_F77=no - $rm -r conftest 2>/dev/null - mkdir conftest - cd conftest - mkdir out - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - lt_compiler_flag="-o out/conftest2.$ac_objext" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:14966: $lt_compile\"" >&5) - (eval "$lt_compile" 2>out/conftest.err) - ac_status=$? - cat out/conftest.err >&5 - echo "$as_me:14970: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s out/conftest2.$ac_objext - then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp - $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 - if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then - lt_cv_prog_compiler_c_o_F77=yes - fi - fi - chmod u+w . 2>&5 - $rm conftest* - # SGI C++ compiler will create directory out/ii_files/ for - # template instantiation - test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files - $rm out/* && rmdir out - cd .. - rmdir conftest - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o_F77" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_c_o_F77" >&6; } - - -hard_links="nottested" -if test "$lt_cv_prog_compiler_c_o_F77" = no && test "$need_locks" != no; then - # do not overwrite the value of need_locks provided by the user - { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5 -echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; } - hard_links=yes - $rm conftest* - ln conftest.a conftest.b 2>/dev/null && hard_links=no - touch conftest.a - ln conftest.a conftest.b 2>&5 || hard_links=no - ln conftest.a conftest.b 2>/dev/null && hard_links=no - { echo "$as_me:$LINENO: result: $hard_links" >&5 -echo "${ECHO_T}$hard_links" >&6; } - if test "$hard_links" = no; then - { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 -echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} - need_locks=warn - fi -else - need_locks=no -fi - -{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } - - runpath_var= - allow_undefined_flag_F77= - enable_shared_with_static_runtimes_F77=no - archive_cmds_F77= - archive_expsym_cmds_F77= - old_archive_From_new_cmds_F77= - old_archive_from_expsyms_cmds_F77= - export_dynamic_flag_spec_F77= - whole_archive_flag_spec_F77= - thread_safe_flag_spec_F77= - hardcode_libdir_flag_spec_F77= - hardcode_libdir_flag_spec_ld_F77= - hardcode_libdir_separator_F77= - hardcode_direct_F77=no - hardcode_minus_L_F77=no - hardcode_shlibpath_var_F77=unsupported - link_all_deplibs_F77=unknown - hardcode_automatic_F77=no - module_cmds_F77= - module_expsym_cmds_F77= - always_export_symbols_F77=no - export_symbols_cmds_F77='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - # include_expsyms should be a list of space-separated symbols to be *always* - # included in the symbol list - include_expsyms_F77= - # exclude_expsyms can be an extended regexp of symbols to exclude - # it will be wrapped by ` (' and `)$', so one must not match beginning or - # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', - # as well as any symbol that contains `d'. - exclude_expsyms_F77="_GLOBAL_OFFSET_TABLE_" - # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out - # platforms (ab)use it in PIC code, but their linkers get confused if - # the symbol is explicitly referenced. Since portable code cannot - # rely on this symbol name, it's probably fine to never include it in - # preloaded symbol tables. - extract_expsyms_cmds= - # Just being paranoid about ensuring that cc_basename is set. - for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - - case $host_os in - cygwin* | mingw* | pw32*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - if test "$GCC" != yes; then - with_gnu_ld=no - fi - ;; - interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) - with_gnu_ld=yes - ;; - openbsd*) - with_gnu_ld=no - ;; - esac - - ld_shlibs_F77=yes - if test "$with_gnu_ld" = yes; then - # If archive_cmds runs LD, not CC, wlarc should be empty - wlarc='${wl}' - - # Set some defaults for GNU ld with shared library support. These - # are reset later if shared libraries are not supported. Putting them - # here allows them to be overridden if necessary. - runpath_var=LD_RUN_PATH - hardcode_libdir_flag_spec_F77='${wl}--rpath ${wl}$libdir' - export_dynamic_flag_spec_F77='${wl}--export-dynamic' - # ancient GNU ld didn't support --whole-archive et. al. - if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then - whole_archive_flag_spec_F77="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - whole_archive_flag_spec_F77= - fi - supports_anon_versioning=no - case `$LD -v 2>/dev/null` in - *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11 - *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... - *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... - *\ 2.11.*) ;; # other 2.11 versions - *) supports_anon_versioning=yes ;; - esac - - # See if GNU ld supports shared libraries. - case $host_os in - aix3* | aix4* | aix5*) - # On AIX/PPC, the GNU linker is very broken - if test "$host_cpu" != ia64; then - ld_shlibs_F77=no - cat <&2 - -*** Warning: the GNU linker, at least up to release 2.9.1, is reported -*** to be unable to reliably create shared libraries on AIX. -*** Therefore, libtool is disabling shared libraries support. If you -*** really care for shared libraries, you may want to modify your PATH -*** so that a non-GNU linker is found, and then restart. - -EOF - fi - ;; - - amigaos*) - archive_cmds_F77='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_minus_L_F77=yes - - # Samuel A. Falvo II reports - # that the semantics of dynamic libraries on AmigaOS, at least up - # to version 4, is to share data among multiple programs linked - # with the same dynamic library. Since this doesn't match the - # behavior of shared libraries on other platforms, we can't use - # them. - ld_shlibs_F77=no - ;; - - beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - allow_undefined_flag_F77=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - archive_cmds_F77='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - ld_shlibs_F77=no - fi - ;; - - cygwin* | mingw* | pw32*) - # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, F77) is actually meaningless, - # as there is no search path for DLLs. - hardcode_libdir_flag_spec_F77='-L$libdir' - allow_undefined_flag_F77=unsupported - always_export_symbols_F77=no - enable_shared_with_static_runtimes_F77=yes - export_symbols_cmds_F77='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS] /s/.* \([^ ]*\)/\1 DATA/'\'' | $SED -e '\''/^[AITW] /s/.* //'\'' | sort | uniq > $export_symbols' - - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then - archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - archive_expsym_cmds_F77='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - ld_shlibs_F77=no - fi - ;; - - interix3*) - hardcode_direct_F77=no - hardcode_shlibpath_var_F77=no - hardcode_libdir_flag_spec_F77='${wl}-rpath,$libdir' - export_dynamic_flag_spec_F77='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - archive_cmds_F77='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - archive_expsym_cmds_F77='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - - linux*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - tmp_addflag= - case $cc_basename,$host_cpu in - pgcc*) # Portland Group C compiler - whole_archive_flag_spec_F77='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag' - ;; - pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers - whole_archive_flag_spec_F77='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag -Mnomain' ;; - ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 - tmp_addflag=' -i_dynamic' ;; - efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 - tmp_addflag=' -i_dynamic -nofor_main' ;; - ifc* | ifort*) # Intel Fortran compiler - tmp_addflag=' -nofor_main' ;; - esac - archive_cmds_F77='$CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - - if test $supports_anon_versioning = yes; then - archive_expsym_cmds_F77='$echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - $echo "local: *; };" >> $output_objdir/$libname.ver~ - $CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' - fi - else - ld_shlibs_F77=no - fi - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - archive_cmds_F77='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' - wlarc= - else - archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - fi - ;; - - solaris*) - if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then - ld_shlibs_F77=no - cat <&2 - -*** Warning: The releases 2.8.* of the GNU linker cannot reliably -*** create shared libraries on Solaris systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.9.1 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -EOF - elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs_F77=no - fi - ;; - - sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) - case `$LD -v 2>&1` in - *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*) - ld_shlibs_F77=no - cat <<_LT_EOF 1>&2 - -*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not -*** reliably create shared libraries on SCO systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.16.91.0.3 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -_LT_EOF - ;; - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - hardcode_libdir_flag_spec_F77='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`' - archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib' - archive_expsym_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib' - else - ld_shlibs_F77=no - fi - ;; - esac - ;; - - sunos4*) - archive_cmds_F77='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' - wlarc= - hardcode_direct_F77=yes - hardcode_shlibpath_var_F77=no - ;; - - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs_F77=no - fi - ;; - esac - - if test "$ld_shlibs_F77" = no; then - runpath_var= - hardcode_libdir_flag_spec_F77= - export_dynamic_flag_spec_F77= - whole_archive_flag_spec_F77= - fi - else - # PORTME fill in a description of your system's linker (not GNU ld) - case $host_os in - aix3*) - allow_undefined_flag_F77=unsupported - always_export_symbols_F77=yes - archive_expsym_cmds_F77='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' - # Note: this linker hardcodes the directories in LIBPATH if there - # are no directories specified by -L. - hardcode_minus_L_F77=yes - if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then - # Neither direct hardcoding nor static linking is supported with a - # broken collect2. - hardcode_direct_F77=unsupported - fi - ;; - - aix4* | aix5*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | grep 'GNU' > /dev/null; then - export_symbols_cmds_F77='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - else - export_symbols_cmds_F77='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - fi - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[23]|aix4.[23].*|aix5*) - for ld_flag in $LDFLAGS; do - if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then - aix_use_runtimelinking=yes - break - fi - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - archive_cmds_F77='' - hardcode_direct_F77=yes - hardcode_libdir_separator_F77=':' - link_all_deplibs_F77=yes - - if test "$GCC" = yes; then - case $host_os in aix4.[012]|aix4.[012].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null - then - # We have reworked collect2 - hardcode_direct_F77=yes - else - # We have old collect2 - hardcode_direct_F77=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - hardcode_minus_L_F77=yes - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_libdir_separator_F77= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - always_export_symbols_F77=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - allow_undefined_flag_F77='-berok' - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF - program main - - end -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_f77_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi - - hardcode_libdir_flag_spec_F77='${wl}-blibpath:$libdir:'"$aix_libpath" - archive_expsym_cmds_F77="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - hardcode_libdir_flag_spec_F77='${wl}-R $libdir:/usr/lib:/lib' - allow_undefined_flag_F77="-z nodefs" - archive_expsym_cmds_F77="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF - program main - - end -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_f77_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi - - hardcode_libdir_flag_spec_F77='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - no_undefined_flag_F77=' ${wl}-bernotok' - allow_undefined_flag_F77=' ${wl}-berok' - # Exported symbols can be pulled into shared objects from archives - whole_archive_flag_spec_F77='$convenience' - archive_cmds_need_lc_F77=yes - # This is similar to how AIX traditionally builds its shared libraries. - archive_expsym_cmds_F77="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - amigaos*) - archive_cmds_F77='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_minus_L_F77=yes - # see comment about different semantics on the GNU ld section - ld_shlibs_F77=no - ;; - - bsdi[45]*) - export_dynamic_flag_spec_F77=-rdynamic - ;; - - cygwin* | mingw* | pw32*) - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - # hardcode_libdir_flag_spec is actually meaningless, as there is - # no search path for DLLs. - hardcode_libdir_flag_spec_F77=' ' - allow_undefined_flag_F77=unsupported - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - archive_cmds_F77='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames=' - # The linker will automatically build a .lib file if we build a DLL. - old_archive_From_new_cmds_F77='true' - # FIXME: Should let the user specify the lib program. - old_archive_cmds_F77='lib /OUT:$oldlib$oldobjs$old_deplibs' - fix_srcfile_path_F77='`cygpath -w "$srcfile"`' - enable_shared_with_static_runtimes_F77=yes - ;; - - darwin* | rhapsody*) - case $host_os in - rhapsody* | darwin1.[012]) - allow_undefined_flag_F77='${wl}-undefined ${wl}suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag_F77='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag_F77='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - ;; - 10.*) - allow_undefined_flag_F77='${wl}-undefined ${wl}dynamic_lookup' - ;; - esac - fi - ;; - esac - archive_cmds_need_lc_F77=no - hardcode_direct_F77=no - hardcode_automatic_F77=yes - hardcode_shlibpath_var_F77=unsupported - whole_archive_flag_spec_F77='' - link_all_deplibs_F77=yes - if test "$GCC" = yes ; then - output_verbose_link_cmd='echo' - archive_cmds_F77='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - module_cmds_F77='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - case $cc_basename in - xlc*) - output_verbose_link_cmd='echo' - archive_cmds_F77='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' - module_cmds_F77='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - ;; - *) - ld_shlibs_F77=no - ;; - esac - fi - ;; - - dgux*) - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_shlibpath_var_F77=no - ;; - - freebsd1*) - ld_shlibs_F77=no - ;; - - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor - # support. Future versions do this automatically, but an explicit c++rt0.o - # does not break anything, and helps significantly (at the cost of a little - # extra space). - freebsd2.2*) - archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' - hardcode_libdir_flag_spec_F77='-R$libdir' - hardcode_direct_F77=yes - hardcode_shlibpath_var_F77=no - ;; - - # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2*) - archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_F77=yes - hardcode_minus_L_F77=yes - hardcode_shlibpath_var_F77=no - ;; - - # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | kfreebsd*-gnu | dragonfly*) - archive_cmds_F77='$CC -shared -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec_F77='-R$libdir' - hardcode_direct_F77=yes - hardcode_shlibpath_var_F77=no - ;; - - hpux9*) - if test "$GCC" = yes; then - archive_cmds_F77='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - archive_cmds_F77='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - fi - hardcode_libdir_flag_spec_F77='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_F77=: - hardcode_direct_F77=yes - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L_F77=yes - export_dynamic_flag_spec_F77='${wl}-E' - ;; - - hpux10*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - archive_cmds_F77='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_F77='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' - fi - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec_F77='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_F77=: - - hardcode_direct_F77=yes - export_dynamic_flag_spec_F77='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L_F77=yes - fi - ;; - - hpux11*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - case $host_cpu in - hppa*64*) - archive_cmds_F77='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - archive_cmds_F77='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds_F77='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - else - case $host_cpu in - hppa*64*) - archive_cmds_F77='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - archive_cmds_F77='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds_F77='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - fi - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec_F77='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_F77=: - - case $host_cpu in - hppa*64*|ia64*) - hardcode_libdir_flag_spec_ld_F77='+b $libdir' - hardcode_direct_F77=no - hardcode_shlibpath_var_F77=no - ;; - *) - hardcode_direct_F77=yes - export_dynamic_flag_spec_F77='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L_F77=yes - ;; - esac - fi - ;; - - irix5* | irix6* | nonstopux*) - if test "$GCC" = yes; then - archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - archive_cmds_F77='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - hardcode_libdir_flag_spec_ld_F77='-rpath $libdir' - fi - hardcode_libdir_flag_spec_F77='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_F77=: - link_all_deplibs_F77=yes - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out - else - archive_cmds_F77='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF - fi - hardcode_libdir_flag_spec_F77='-R$libdir' - hardcode_direct_F77=yes - hardcode_shlibpath_var_F77=no - ;; - - newsos6) - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_F77=yes - hardcode_libdir_flag_spec_F77='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_F77=: - hardcode_shlibpath_var_F77=no - ;; - - openbsd*) - hardcode_direct_F77=yes - hardcode_shlibpath_var_F77=no - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - archive_cmds_F77='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_F77='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' - hardcode_libdir_flag_spec_F77='${wl}-rpath,$libdir' - export_dynamic_flag_spec_F77='${wl}-E' - else - case $host_os in - openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*) - archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec_F77='-R$libdir' - ;; - *) - archive_cmds_F77='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec_F77='${wl}-rpath,$libdir' - ;; - esac - fi - ;; - - os2*) - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_minus_L_F77=yes - allow_undefined_flag_F77=unsupported - archive_cmds_F77='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' - old_archive_From_new_cmds_F77='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' - ;; - - osf3*) - if test "$GCC" = yes; then - allow_undefined_flag_F77=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_F77='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - allow_undefined_flag_F77=' -expect_unresolved \*' - archive_cmds_F77='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - fi - hardcode_libdir_flag_spec_F77='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_F77=: - ;; - - osf4* | osf5*) # as osf3* with the addition of -msym flag - if test "$GCC" = yes; then - allow_undefined_flag_F77=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_F77='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - hardcode_libdir_flag_spec_F77='${wl}-rpath ${wl}$libdir' - else - allow_undefined_flag_F77=' -expect_unresolved \*' - archive_cmds_F77='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - archive_expsym_cmds_F77='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~ - $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp' - - # Both c and cxx compiler support -rpath directly - hardcode_libdir_flag_spec_F77='-rpath $libdir' - fi - hardcode_libdir_separator_F77=: - ;; - - solaris*) - no_undefined_flag_F77=' -z text' - if test "$GCC" = yes; then - wlarc='${wl}' - archive_cmds_F77='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_F77='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp' - else - wlarc='' - archive_cmds_F77='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' - archive_expsym_cmds_F77='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp' - fi - hardcode_libdir_flag_spec_F77='-R$libdir' - hardcode_shlibpath_var_F77=no - case $host_os in - solaris2.[0-5] | solaris2.[0-5].*) ;; - *) - # The compiler driver will combine linker options so we - # cannot just pass the convience library names through - # without $wl, iff we do not link with $LD. - # Luckily, gcc supports the same syntax we need for Sun Studio. - # Supported since Solaris 2.6 (maybe 2.5.1?) - case $wlarc in - '') - whole_archive_flag_spec_F77='-z allextract$convenience -z defaultextract' ;; - *) - whole_archive_flag_spec_F77='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' ;; - esac ;; - esac - link_all_deplibs_F77=yes - ;; - - sunos4*) - if test "x$host_vendor" = xsequent; then - # Use $CC to link under sequent, because it throws in some extra .o - # files that make .init and .fini sections work. - archive_cmds_F77='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_F77='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' - fi - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_direct_F77=yes - hardcode_minus_L_F77=yes - hardcode_shlibpath_var_F77=no - ;; - - sysv4) - case $host_vendor in - sni) - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_F77=yes # is this really true??? - ;; - siemens) - ## LD is ld it makes a PLAMLIB - ## CC just makes a GrossModule. - archive_cmds_F77='$LD -G -o $lib $libobjs $deplibs $linker_flags' - reload_cmds_F77='$CC -r -o $output$reload_objs' - hardcode_direct_F77=no - ;; - motorola) - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_F77=no #Motorola manual says yes, but my tests say they lie - ;; - esac - runpath_var='LD_RUN_PATH' - hardcode_shlibpath_var_F77=no - ;; - - sysv4.3*) - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_shlibpath_var_F77=no - export_dynamic_flag_spec_F77='-Bexport' - ;; - - sysv4*MP*) - if test -d /usr/nec; then - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_shlibpath_var_F77=no - runpath_var=LD_RUN_PATH - hardcode_runpath_var=yes - ld_shlibs_F77=yes - fi - ;; - - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7*) - no_undefined_flag_F77='${wl}-z,text' - archive_cmds_need_lc_F77=no - hardcode_shlibpath_var_F77=no - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - archive_cmds_F77='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_F77='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_F77='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_F77='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - no_undefined_flag_F77='${wl}-z,text' - allow_undefined_flag_F77='${wl}-z,nodefs' - archive_cmds_need_lc_F77=no - hardcode_shlibpath_var_F77=no - hardcode_libdir_flag_spec_F77='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' - hardcode_libdir_separator_F77=':' - link_all_deplibs_F77=yes - export_dynamic_flag_spec_F77='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - archive_cmds_F77='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_F77='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_F77='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_F77='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - uts4*) - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_shlibpath_var_F77=no - ;; - - *) - ld_shlibs_F77=no - ;; - esac - fi - -{ echo "$as_me:$LINENO: result: $ld_shlibs_F77" >&5 -echo "${ECHO_T}$ld_shlibs_F77" >&6; } -test "$ld_shlibs_F77" = no && can_build_shared=no - -# -# Do we need to explicitly link libc? -# -case "x$archive_cmds_need_lc_F77" in -x|xyes) - # Assume -lc should be added - archive_cmds_need_lc_F77=yes - - if test "$enable_shared" = yes && test "$GCC" = yes; then - case $archive_cmds_F77 in - *'~'*) - # FIXME: we may have to deal with multi-command sequences. - ;; - '$CC '*) - # Test whether the compiler implicitly links with -lc since on some - # systems, -lgcc has to come before -lc. If gcc already passes -lc - # to ld, don't add -lc before -lgcc. - { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5 -echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; } - $rm conftest* - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } 2>conftest.err; then - soname=conftest - lib=conftest - libobjs=conftest.$ac_objext - deplibs= - wl=$lt_prog_compiler_wl_F77 - pic_flag=$lt_prog_compiler_pic_F77 - compiler_flags=-v - linker_flags=-v - verstring= - output_objdir=. - libname=conftest - lt_save_allow_undefined_flag=$allow_undefined_flag_F77 - allow_undefined_flag_F77= - if { (eval echo "$as_me:$LINENO: \"$archive_cmds_F77 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\"") >&5 - (eval $archive_cmds_F77 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - then - archive_cmds_need_lc_F77=no - else - archive_cmds_need_lc_F77=yes - fi - allow_undefined_flag_F77=$lt_save_allow_undefined_flag - else - cat conftest.err 1>&5 - fi - $rm conftest* - { echo "$as_me:$LINENO: result: $archive_cmds_need_lc_F77" >&5 -echo "${ECHO_T}$archive_cmds_need_lc_F77" >&6; } - ;; - esac - fi - ;; -esac - -{ echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5 -echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; } -library_names_spec= -libname_spec='lib$name' -soname_spec= -shrext_cmds=".so" -postinstall_cmds= -postuninstall_cmds= -finish_cmds= -finish_eval= -shlibpath_var= -shlibpath_overrides_runpath=unknown -version_type=none -dynamic_linker="$host_os ld.so" -sys_lib_dlsearch_path_spec="/lib /usr/lib" -if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then - # if the path contains ";" then we assume it to be the separator - # otherwise default to the standard path separator (i.e. ":") - it is - # assumed that no part of a normal pathname contains ";" but that should - # okay in the real world where ";" in dirpaths is itself problematic. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi -else - sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" -fi -need_lib_prefix=unknown -hardcode_into_libs=no - -# when you set need_version to no, make sure it does not cause -set_version -# flags to be left without arguments -need_version=unknown - -case $host_os in -aix3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' - shlibpath_var=LIBPATH - - # AIX 3 has no versioning support, so we append a major version to the name. - soname_spec='${libname}${release}${shared_ext}$major' - ;; - -aix4* | aix5*) - version_type=linux - need_lib_prefix=no - need_version=no - hardcode_into_libs=yes - if test "$host_cpu" = ia64; then - # AIX 5 supports IA64 - library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - else - # With GCC up to 2.95.x, collect2 would create an import file - # for dependence libraries. The import file would start with - # the line `#! .'. This would cause the generated library to - # depend on `.', always an invalid library. This was fixed in - # development snapshots of GCC prior to 3.0. - case $host_os in - aix4 | aix4.[01] | aix4.[01].*) - if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' - echo ' yes ' - echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then - : - else - can_build_shared=no - fi - ;; - esac - # AIX (on Power*) has no versioning support, so currently we can not hardcode correct - # soname into executable. Probably we can add versioning support to - # collect2, so additional links can be useful in future. - if test "$aix_use_runtimelinking" = yes; then - # If using run time linking (on AIX 4.2 or later) use lib.so - # instead of lib.a to let people know that these are not - # typical AIX shared libraries. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - else - # We preserve .a as extension for shared libraries through AIX4.2 - # and later when we are not doing run time linking. - library_names_spec='${libname}${release}.a $libname.a' - soname_spec='${libname}${release}${shared_ext}$major' - fi - shlibpath_var=LIBPATH - fi - ;; - -amigaos*) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' - ;; - -beos*) - library_names_spec='${libname}${shared_ext}' - dynamic_linker="$host_os ld.so" - shlibpath_var=LIBRARY_PATH - ;; - -bsdi[45]*) - version_type=linux - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" - sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" - # the default ld.so.conf also contains /usr/contrib/lib and - # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow - # libtool to hard-code these into programs - ;; - -cygwin* | mingw* | pw32*) - version_type=windows - shrext_cmds=".dll" - need_version=no - need_lib_prefix=no - - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32*) - library_names_spec='$libname.dll.a' - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname~ - chmod a+x \$dldir/$dlname' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $rm \$dlpath' - shlibpath_overrides_runpath=yes - - case $host_os in - cygwin*) - # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib" - ;; - mingw*) - # MinGW DLLs use traditional 'lib' prefix - soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';[c-zC-Z]:/' >/dev/null; then - # It is most probably a Windows format PATH printed by - # mingw gcc, but we are running on Cygwin. Gcc prints its search - # path with ; separators, and with drive letters. We can handle the - # drive letters (cygwin fileutils understands them), so leave them, - # especially as we might pass files found there to a mingw objdump, - # which wouldn't understand a cygwinified path. Ahh. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi - ;; - pw32*) - # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - ;; - esac - ;; - - *) - library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib' - ;; - esac - dynamic_linker='Win32 ld.exe' - # FIXME: first we should search . and the directory the executable is in - shlibpath_var=PATH - ;; - -darwin* | rhapsody*) - dynamic_linker="$host_os dyld" - version_type=darwin - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' - soname_spec='${libname}${release}${major}$shared_ext' - shlibpath_overrides_runpath=yes - shlibpath_var=DYLD_LIBRARY_PATH - shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' - # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. - if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` - else - sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib' - fi - sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' - ;; - -dgux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -freebsd1*) - dynamic_linker=no - ;; - -kfreebsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -freebsd* | dragonfly*) - # DragonFly does not have aout. When/if they implement a new - # versioning mechanism, adjust this. - if test -x /usr/bin/objformat; then - objformat=`/usr/bin/objformat` - else - case $host_os in - freebsd[123]*) objformat=aout ;; - *) objformat=elf ;; - esac - fi - version_type=freebsd-$objformat - case $version_type in - freebsd-elf*) - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - need_version=no - need_lib_prefix=no - ;; - freebsd-*) - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' - need_version=yes - ;; - esac - shlibpath_var=LD_LIBRARY_PATH - case $host_os in - freebsd2*) - shlibpath_overrides_runpath=yes - ;; - freebsd3.[01]* | freebsdelf3.[01]*) - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - freebsd3.[2-9]* | freebsdelf3.[2-9]* | \ - freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1) - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - freebsd*) # from 4.6 on - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - esac - ;; - -gnu*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - ;; - -hpux9* | hpux10* | hpux11*) - # Give a soname corresponding to the major version so that dld.sl refuses to - # link against other versions. - version_type=sunos - need_lib_prefix=no - need_version=no - case $host_cpu in - ia64*) - shrext_cmds='.so' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.so" - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - if test "X$HPUX_IA64_MODE" = X32; then - sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" - else - sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" - fi - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - hppa*64*) - shrext_cmds='.sl' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.sl" - shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - *) - shrext_cmds='.sl' - dynamic_linker="$host_os dld.sl" - shlibpath_var=SHLIB_PATH - shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - ;; - esac - # HP-UX runs *really* slowly unless shared libraries are mode 555. - postinstall_cmds='chmod 555 $lib' - ;; - -interix3*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -irix5* | irix6* | nonstopux*) - case $host_os in - nonstopux*) version_type=nonstopux ;; - *) - if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux - else - version_type=irix - fi ;; - esac - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' - case $host_os in - irix5* | nonstopux*) - libsuff= shlibsuff= - ;; - *) - case $LD in # libtool.m4 will add one of these switches to LD - *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") - libsuff= shlibsuff= libmagic=32-bit;; - *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") - libsuff=32 shlibsuff=N32 libmagic=N32;; - *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") - libsuff=64 shlibsuff=64 libmagic=64-bit;; - *) libsuff= shlibsuff= libmagic=never-match;; - esac - ;; - esac - shlibpath_var=LD_LIBRARY${shlibsuff}_PATH - shlibpath_overrides_runpath=no - sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" - sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" - hardcode_into_libs=yes - ;; - -# No shared lib support for Linux oldld, aout, or coff. -linux*oldld* | linux*aout* | linux*coff*) - dynamic_linker=no - ;; - -# This must be Linux ELF. -linux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - # This implies no fast_install, which is unacceptable. - # Some rework will be needed to allow for fast_install - # before this can be enabled. - hardcode_into_libs=yes - - # Append ld.so.conf contents to the search path - if test -f /etc/ld.so.conf; then - lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" - fi - - # We used to test for /lib/ld.so.1 and disable shared libraries on - # powerpc, because MkLinux only supported shared libraries with the - # GNU dynamic linker. Since this was broken with cross compilers, - # most powerpc-linux boxes support dynamic linking these days and - # people can always --disable-shared, the test was removed, and we - # assume the GNU/Linux dynamic linker is in use. - dynamic_linker='GNU/Linux ld.so' - ;; - -knetbsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -netbsd*) - version_type=sunos - need_lib_prefix=no - need_version=no - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - dynamic_linker='NetBSD (a.out) ld.so' - else - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='NetBSD ld.elf_so' - fi - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - -newsos6) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -nto-qnx*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -openbsd*) - version_type=sunos - sys_lib_dlsearch_path_spec="/usr/lib" - need_lib_prefix=no - # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. - case $host_os in - openbsd3.3 | openbsd3.3.*) need_version=yes ;; - *) need_version=no ;; - esac - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - shlibpath_var=LD_LIBRARY_PATH - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - case $host_os in - openbsd2.[89] | openbsd2.[89].*) - shlibpath_overrides_runpath=no - ;; - *) - shlibpath_overrides_runpath=yes - ;; - esac - else - shlibpath_overrides_runpath=yes - fi - ;; - -os2*) - libname_spec='$name' - shrext_cmds=".dll" - need_lib_prefix=no - library_names_spec='$libname${shared_ext} $libname.a' - dynamic_linker='OS/2 ld.exe' - shlibpath_var=LIBPATH - ;; - -osf3* | osf4* | osf5*) - version_type=osf - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" - sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" - ;; - -solaris*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - # ldd complains unless libraries are executable - postinstall_cmds='chmod +x $lib' - ;; - -sunos4*) - version_type=sunos - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - fi - need_version=yes - ;; - -sysv4 | sysv4.3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - case $host_vendor in - sni) - shlibpath_overrides_runpath=no - need_lib_prefix=no - export_dynamic_flag_spec='${wl}-Blargedynsym' - runpath_var=LD_RUN_PATH - ;; - siemens) - need_lib_prefix=no - ;; - motorola) - need_lib_prefix=no - need_version=no - shlibpath_overrides_runpath=no - sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' - ;; - esac - ;; - -sysv4*MP*) - if test -d /usr/nec ;then - version_type=linux - library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' - soname_spec='$libname${shared_ext}.$major' - shlibpath_var=LD_LIBRARY_PATH - fi - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - version_type=freebsd-elf - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - if test "$with_gnu_ld" = yes; then - sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' - shlibpath_overrides_runpath=no - else - sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' - shlibpath_overrides_runpath=yes - case $host_os in - sco3.2v5*) - sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" - ;; - esac - fi - sys_lib_dlsearch_path_spec='/usr/lib' - ;; - -uts4*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -*) - dynamic_linker=no - ;; -esac -{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5 -echo "${ECHO_T}$dynamic_linker" >&6; } -test "$dynamic_linker" = no && can_build_shared=no - -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$GCC" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi - -{ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 -echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; } -hardcode_action_F77= -if test -n "$hardcode_libdir_flag_spec_F77" || \ - test -n "$runpath_var_F77" || \ - test "X$hardcode_automatic_F77" = "Xyes" ; then - - # We can hardcode non-existant directories. - if test "$hardcode_direct_F77" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, F77)" != no && - test "$hardcode_minus_L_F77" != no; then - # Linking always hardcodes the temporary library directory. - hardcode_action_F77=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - hardcode_action_F77=immediate - fi -else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - hardcode_action_F77=unsupported -fi -{ echo "$as_me:$LINENO: result: $hardcode_action_F77" >&5 -echo "${ECHO_T}$hardcode_action_F77" >&6; } - -if test "$hardcode_action_F77" = relink; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless -fi - - -# The else clause should only fire when bootstrapping the -# libtool distribution, otherwise you forgot to ship ltmain.sh -# with your package, and you will get complaints that there are -# no rules to generate ltmain.sh. -if test -f "$ltmain"; then - # See if we are running on zsh, and set the options which allow our commands through - # without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - # Now quote all the things that may contain metacharacters while being - # careful not to overquote the AC_SUBSTed values. We take copies of the - # variables and quote the copies for generation of the libtool script. - for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \ - SED SHELL STRIP \ - libname_spec library_names_spec soname_spec extract_expsyms_cmds \ - old_striplib striplib file_magic_cmd finish_cmds finish_eval \ - deplibs_check_method reload_flag reload_cmds need_locks \ - lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \ - lt_cv_sys_global_symbol_to_c_name_address \ - sys_lib_search_path_spec sys_lib_dlsearch_path_spec \ - old_postinstall_cmds old_postuninstall_cmds \ - compiler_F77 \ - CC_F77 \ - LD_F77 \ - lt_prog_compiler_wl_F77 \ - lt_prog_compiler_pic_F77 \ - lt_prog_compiler_static_F77 \ - lt_prog_compiler_no_builtin_flag_F77 \ - export_dynamic_flag_spec_F77 \ - thread_safe_flag_spec_F77 \ - whole_archive_flag_spec_F77 \ - enable_shared_with_static_runtimes_F77 \ - old_archive_cmds_F77 \ - old_archive_from_new_cmds_F77 \ - predep_objects_F77 \ - postdep_objects_F77 \ - predeps_F77 \ - postdeps_F77 \ - compiler_lib_search_path_F77 \ - archive_cmds_F77 \ - archive_expsym_cmds_F77 \ - postinstall_cmds_F77 \ - postuninstall_cmds_F77 \ - old_archive_from_expsyms_cmds_F77 \ - allow_undefined_flag_F77 \ - no_undefined_flag_F77 \ - export_symbols_cmds_F77 \ - hardcode_libdir_flag_spec_F77 \ - hardcode_libdir_flag_spec_ld_F77 \ - hardcode_libdir_separator_F77 \ - hardcode_automatic_F77 \ - module_cmds_F77 \ - module_expsym_cmds_F77 \ - lt_cv_prog_compiler_c_o_F77 \ - exclude_expsyms_F77 \ - include_expsyms_F77; do - - case $var in - old_archive_cmds_F77 | \ - old_archive_from_new_cmds_F77 | \ - archive_cmds_F77 | \ - archive_expsym_cmds_F77 | \ - module_cmds_F77 | \ - module_expsym_cmds_F77 | \ - old_archive_from_expsyms_cmds_F77 | \ - export_symbols_cmds_F77 | \ - extract_expsyms_cmds | reload_cmds | finish_cmds | \ - postinstall_cmds | postuninstall_cmds | \ - old_postinstall_cmds | old_postuninstall_cmds | \ - sys_lib_search_path_spec | sys_lib_dlsearch_path_spec) - # Double-quote double-evaled strings. - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\"" - ;; - *) - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\"" - ;; - esac - done - - case $lt_echo in - *'\$0 --fallback-echo"') - lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'` - ;; - esac - -cfgfile="$ofile" - - cat <<__EOF__ >> "$cfgfile" -# ### BEGIN LIBTOOL TAG CONFIG: $tagname - -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$archive_cmds_need_lc_F77 - -# Whether or not to disallow shared libs when runtime libs are static -allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_F77 - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# An echo program that does not interpret backslashes. -echo=$lt_echo - -# The archiver. -AR=$lt_AR -AR_FLAGS=$lt_AR_FLAGS - -# A C compiler. -LTCC=$lt_LTCC - -# LTCC compiler flags. -LTCFLAGS=$lt_LTCFLAGS - -# A language-specific compiler. -CC=$lt_compiler_F77 - -# Is the compiler the GNU C compiler? -with_gcc=$GCC_F77 - -# An ERE matcher. -EGREP=$lt_EGREP - -# The linker used to build libraries. -LD=$lt_LD_F77 - -# Whether we need hard or soft links. -LN_S=$lt_LN_S - -# A BSD-compatible nm program. -NM=$lt_NM - -# A symbol stripping program -STRIP=$lt_STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl_F77 - -# Object file suffix (normally "o"). -objext="$ac_objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Shared library suffix (normally ".so"). -shrext_cmds='$shrext_cmds' - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$lt_lt_prog_compiler_pic_F77 -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$lt_cv_sys_max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_lt_cv_prog_compiler_c_o_F77 - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_lt_prog_compiler_static_F77 - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_F77 - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_F77 - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_whole_archive_flag_spec_F77 - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$lt_thread_safe_flag_spec_F77 - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$lt_RANLIB -old_archive_cmds=$lt_old_archive_cmds_F77 -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_F77 - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_F77 - -# Commands used to build and install a shared archive. -archive_cmds=$lt_archive_cmds_F77 -archive_expsym_cmds=$lt_archive_expsym_cmds_F77 -postinstall_cmds=$lt_postinstall_cmds -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to build a loadable module (assumed same as above if empty) -module_cmds=$lt_module_cmds_F77 -module_expsym_cmds=$lt_module_expsym_cmds_F77 - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$lt_predep_objects_F77 - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$lt_postdep_objects_F77 - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$lt_predeps_F77 - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$lt_postdeps_F77 - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$lt_compiler_lib_search_path_F77 - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$lt_file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_allow_undefined_flag_F77 - -# Flag that forces no undefined symbols. -no_undefined_flag=$lt_no_undefined_flag_F77 - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$lt_finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action_F77 - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_F77 - -# If ld is used when linking, flag to hardcode \$libdir into -# a binary during linking. This must work even if \$libdir does -# not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_F77 - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$lt_hardcode_libdir_separator_F77 - -# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$hardcode_direct_F77 - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$hardcode_minus_L_F77 - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var_F77 - -# Set to yes if building a shared library automatically hardcodes DIR into the library -# and all subsequent libraries and executables linked against it. -hardcode_automatic=$hardcode_automatic_F77 - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs_F77 - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$fix_srcfile_path_F77" - -# Set to yes if exported symbols are required. -always_export_symbols=$always_export_symbols_F77 - -# The commands to list exported symbols. -export_symbols_cmds=$lt_export_symbols_cmds_F77 - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_exclude_expsyms_F77 - -# Symbols that must always be exported. -include_expsyms=$lt_include_expsyms_F77 - -# ### END LIBTOOL TAG CONFIG: $tagname - -__EOF__ - - -else - # If there is no Makefile yet, we rely on a make rule to execute - # `config.status --recheck' to rerun these tests and create the - # libtool script then. - ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'` - if test -f "$ltmain_in"; then - test -f Makefile && make "$ltmain" - fi -fi - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -CC="$lt_save_CC" - - else - tagname="" - fi - ;; - - GCJ) - if test -n "$GCJ" && test "X$GCJ" != "Xno"; then - - -# Source file extension for Java test sources. -ac_ext=java - -# Object file extension for compiled Java test sources. -objext=o -objext_GCJ=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="class foo {}\n" - -# Code to be used in simple link tests -lt_simple_link_test_code='public class conftest { public static void main(String[] argv) {}; }\n' - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - - -# save warnings/boilerplate of simple test code -ac_outfile=conftest.$ac_objext -printf "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$rm conftest* - -ac_outfile=conftest.$ac_objext -printf "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$rm conftest* - - -# Allow CC to be a program name with arguments. -lt_save_CC="$CC" -CC=${GCJ-"gcj"} -compiler=$CC -compiler_GCJ=$CC -for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - - -# GCJ did not exist at the time GCC didn't implicitly link libc in. -archive_cmds_need_lc_GCJ=no - -old_archive_cmds_GCJ=$old_archive_cmds - - -lt_prog_compiler_no_builtin_flag_GCJ= - -if test "$GCC" = yes; then - lt_prog_compiler_no_builtin_flag_GCJ=' -fno-builtin' - - -{ echo "$as_me:$LINENO: checking if $compiler supports -fno-rtti -fno-exceptions" >&5 -echo $ECHO_N "checking if $compiler supports -fno-rtti -fno-exceptions... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_rtti_exceptions+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_prog_compiler_rtti_exceptions=no - ac_outfile=conftest.$ac_objext - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="-fno-rtti -fno-exceptions" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:17164: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:17168: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_cv_prog_compiler_rtti_exceptions=yes - fi - fi - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_rtti_exceptions" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_rtti_exceptions" >&6; } - -if test x"$lt_cv_prog_compiler_rtti_exceptions" = xyes; then - lt_prog_compiler_no_builtin_flag_GCJ="$lt_prog_compiler_no_builtin_flag_GCJ -fno-rtti -fno-exceptions" -else - : -fi - -fi - -lt_prog_compiler_wl_GCJ= -lt_prog_compiler_pic_GCJ= -lt_prog_compiler_static_GCJ= - -{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5 -echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } - - if test "$GCC" = yes; then - lt_prog_compiler_wl_GCJ='-Wl,' - lt_prog_compiler_static_GCJ='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static_GCJ='-Bstatic' - fi - ;; - - amigaos*) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - lt_prog_compiler_pic_GCJ='-m68020 -resident32 -malways-restore-a4' - ;; - - beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic_GCJ='-DDLL_EXPORT' - ;; - - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - lt_prog_compiler_pic_GCJ='-fno-common' - ;; - - interix3*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - - msdosdjgpp*) - # Just because we use GCC doesn't mean we suddenly get shared libraries - # on systems that don't support them. - lt_prog_compiler_can_build_shared_GCJ=no - enable_shared=no - ;; - - sysv4*MP*) - if test -d /usr/nec; then - lt_prog_compiler_pic_GCJ=-Kconform_pic - fi - ;; - - hpux*) - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic_GCJ='-fPIC' - ;; - esac - ;; - - *) - lt_prog_compiler_pic_GCJ='-fPIC' - ;; - esac - else - # PORTME Check for flag to pass linker flags through the system compiler. - case $host_os in - aix*) - lt_prog_compiler_wl_GCJ='-Wl,' - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static_GCJ='-Bstatic' - else - lt_prog_compiler_static_GCJ='-bnso -bI:/lib/syscalls.exp' - fi - ;; - darwin*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - case $cc_basename in - xlc*) - lt_prog_compiler_pic_GCJ='-qnocommon' - lt_prog_compiler_wl_GCJ='-Wl,' - ;; - esac - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic_GCJ='-DDLL_EXPORT' - ;; - - hpux9* | hpux10* | hpux11*) - lt_prog_compiler_wl_GCJ='-Wl,' - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic_GCJ='+Z' - ;; - esac - # Is there a better lt_prog_compiler_static that works with the bundled CC? - lt_prog_compiler_static_GCJ='${wl}-a ${wl}archive' - ;; - - irix5* | irix6* | nonstopux*) - lt_prog_compiler_wl_GCJ='-Wl,' - # PIC (with -KPIC) is the default. - lt_prog_compiler_static_GCJ='-non_shared' - ;; - - newsos6) - lt_prog_compiler_pic_GCJ='-KPIC' - lt_prog_compiler_static_GCJ='-Bstatic' - ;; - - linux*) - case $cc_basename in - icc* | ecc*) - lt_prog_compiler_wl_GCJ='-Wl,' - lt_prog_compiler_pic_GCJ='-KPIC' - lt_prog_compiler_static_GCJ='-static' - ;; - pgcc* | pgf77* | pgf90* | pgf95*) - # Portland Group compilers (*not* the Pentium gcc compiler, - # which looks to be a dead project) - lt_prog_compiler_wl_GCJ='-Wl,' - lt_prog_compiler_pic_GCJ='-fpic' - lt_prog_compiler_static_GCJ='-Bstatic' - ;; - ccc*) - lt_prog_compiler_wl_GCJ='-Wl,' - # All Alpha code is PIC. - lt_prog_compiler_static_GCJ='-non_shared' - ;; - esac - ;; - - osf3* | osf4* | osf5*) - lt_prog_compiler_wl_GCJ='-Wl,' - # All OSF/1 code is PIC. - lt_prog_compiler_static_GCJ='-non_shared' - ;; - - solaris*) - lt_prog_compiler_pic_GCJ='-KPIC' - lt_prog_compiler_static_GCJ='-Bstatic' - case $cc_basename in - f77* | f90* | f95*) - lt_prog_compiler_wl_GCJ='-Qoption ld ';; - *) - lt_prog_compiler_wl_GCJ='-Wl,';; - esac - ;; - - sunos4*) - lt_prog_compiler_wl_GCJ='-Qoption ld ' - lt_prog_compiler_pic_GCJ='-PIC' - lt_prog_compiler_static_GCJ='-Bstatic' - ;; - - sysv4 | sysv4.2uw2* | sysv4.3*) - lt_prog_compiler_wl_GCJ='-Wl,' - lt_prog_compiler_pic_GCJ='-KPIC' - lt_prog_compiler_static_GCJ='-Bstatic' - ;; - - sysv4*MP*) - if test -d /usr/nec ;then - lt_prog_compiler_pic_GCJ='-Kconform_pic' - lt_prog_compiler_static_GCJ='-Bstatic' - fi - ;; - - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - lt_prog_compiler_wl_GCJ='-Wl,' - lt_prog_compiler_pic_GCJ='-KPIC' - lt_prog_compiler_static_GCJ='-Bstatic' - ;; - - unicos*) - lt_prog_compiler_wl_GCJ='-Wl,' - lt_prog_compiler_can_build_shared_GCJ=no - ;; - - uts4*) - lt_prog_compiler_pic_GCJ='-pic' - lt_prog_compiler_static_GCJ='-Bstatic' - ;; - - *) - lt_prog_compiler_can_build_shared_GCJ=no - ;; - esac - fi - -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_GCJ" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_GCJ" >&6; } - -# -# Check to make sure the PIC flag actually works. -# -if test -n "$lt_prog_compiler_pic_GCJ"; then - -{ echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_GCJ works" >&5 -echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_GCJ works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_pic_works_GCJ+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_pic_works_GCJ=no - ac_outfile=conftest.$ac_objext - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="$lt_prog_compiler_pic_GCJ" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:17432: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:17436: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_pic_works_GCJ=yes - fi - fi - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works_GCJ" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_works_GCJ" >&6; } - -if test x"$lt_prog_compiler_pic_works_GCJ" = xyes; then - case $lt_prog_compiler_pic_GCJ in - "" | " "*) ;; - *) lt_prog_compiler_pic_GCJ=" $lt_prog_compiler_pic_GCJ" ;; - esac -else - lt_prog_compiler_pic_GCJ= - lt_prog_compiler_can_build_shared_GCJ=no -fi - -fi -case $host_os in - # For platforms which do not support PIC, -DPIC is meaningless: - *djgpp*) - lt_prog_compiler_pic_GCJ= - ;; - *) - lt_prog_compiler_pic_GCJ="$lt_prog_compiler_pic_GCJ" - ;; -esac - -# -# Check to make sure the static flag actually works. -# -wl=$lt_prog_compiler_wl_GCJ eval lt_tmp_static_flag=\"$lt_prog_compiler_static_GCJ\" -{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_static_works_GCJ+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_static_works_GCJ=no - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $lt_tmp_static_flag" - printf "$lt_simple_link_test_code" > conftest.$ac_ext - if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then - # The linker can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - # Append any errors to the config.log. - cat conftest.err 1>&5 - $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_static_works_GCJ=yes - fi - else - lt_prog_compiler_static_works_GCJ=yes - fi - fi - $rm conftest* - LDFLAGS="$save_LDFLAGS" - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works_GCJ" >&5 -echo "${ECHO_T}$lt_prog_compiler_static_works_GCJ" >&6; } - -if test x"$lt_prog_compiler_static_works_GCJ" = xyes; then - : -else - lt_prog_compiler_static_GCJ= -fi - - -{ echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5 -echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_c_o_GCJ+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_prog_compiler_c_o_GCJ=no - $rm -r conftest 2>/dev/null - mkdir conftest - cd conftest - mkdir out - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - lt_compiler_flag="-o out/conftest2.$ac_objext" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:17536: $lt_compile\"" >&5) - (eval "$lt_compile" 2>out/conftest.err) - ac_status=$? - cat out/conftest.err >&5 - echo "$as_me:17540: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s out/conftest2.$ac_objext - then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp - $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 - if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then - lt_cv_prog_compiler_c_o_GCJ=yes - fi - fi - chmod u+w . 2>&5 - $rm conftest* - # SGI C++ compiler will create directory out/ii_files/ for - # template instantiation - test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files - $rm out/* && rmdir out - cd .. - rmdir conftest - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o_GCJ" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_c_o_GCJ" >&6; } - - -hard_links="nottested" -if test "$lt_cv_prog_compiler_c_o_GCJ" = no && test "$need_locks" != no; then - # do not overwrite the value of need_locks provided by the user - { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5 -echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; } - hard_links=yes - $rm conftest* - ln conftest.a conftest.b 2>/dev/null && hard_links=no - touch conftest.a - ln conftest.a conftest.b 2>&5 || hard_links=no - ln conftest.a conftest.b 2>/dev/null && hard_links=no - { echo "$as_me:$LINENO: result: $hard_links" >&5 -echo "${ECHO_T}$hard_links" >&6; } - if test "$hard_links" = no; then - { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 -echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} - need_locks=warn - fi -else - need_locks=no -fi - -{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } - - runpath_var= - allow_undefined_flag_GCJ= - enable_shared_with_static_runtimes_GCJ=no - archive_cmds_GCJ= - archive_expsym_cmds_GCJ= - old_archive_From_new_cmds_GCJ= - old_archive_from_expsyms_cmds_GCJ= - export_dynamic_flag_spec_GCJ= - whole_archive_flag_spec_GCJ= - thread_safe_flag_spec_GCJ= - hardcode_libdir_flag_spec_GCJ= - hardcode_libdir_flag_spec_ld_GCJ= - hardcode_libdir_separator_GCJ= - hardcode_direct_GCJ=no - hardcode_minus_L_GCJ=no - hardcode_shlibpath_var_GCJ=unsupported - link_all_deplibs_GCJ=unknown - hardcode_automatic_GCJ=no - module_cmds_GCJ= - module_expsym_cmds_GCJ= - always_export_symbols_GCJ=no - export_symbols_cmds_GCJ='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - # include_expsyms should be a list of space-separated symbols to be *always* - # included in the symbol list - include_expsyms_GCJ= - # exclude_expsyms can be an extended regexp of symbols to exclude - # it will be wrapped by ` (' and `)$', so one must not match beginning or - # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', - # as well as any symbol that contains `d'. - exclude_expsyms_GCJ="_GLOBAL_OFFSET_TABLE_" - # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out - # platforms (ab)use it in PIC code, but their linkers get confused if - # the symbol is explicitly referenced. Since portable code cannot - # rely on this symbol name, it's probably fine to never include it in - # preloaded symbol tables. - extract_expsyms_cmds= - # Just being paranoid about ensuring that cc_basename is set. - for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - - case $host_os in - cygwin* | mingw* | pw32*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - if test "$GCC" != yes; then - with_gnu_ld=no - fi - ;; - interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) - with_gnu_ld=yes - ;; - openbsd*) - with_gnu_ld=no - ;; - esac - - ld_shlibs_GCJ=yes - if test "$with_gnu_ld" = yes; then - # If archive_cmds runs LD, not CC, wlarc should be empty - wlarc='${wl}' - - # Set some defaults for GNU ld with shared library support. These - # are reset later if shared libraries are not supported. Putting them - # here allows them to be overridden if necessary. - runpath_var=LD_RUN_PATH - hardcode_libdir_flag_spec_GCJ='${wl}--rpath ${wl}$libdir' - export_dynamic_flag_spec_GCJ='${wl}--export-dynamic' - # ancient GNU ld didn't support --whole-archive et. al. - if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then - whole_archive_flag_spec_GCJ="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - whole_archive_flag_spec_GCJ= - fi - supports_anon_versioning=no - case `$LD -v 2>/dev/null` in - *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11 - *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... - *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... - *\ 2.11.*) ;; # other 2.11 versions - *) supports_anon_versioning=yes ;; - esac - - # See if GNU ld supports shared libraries. - case $host_os in - aix3* | aix4* | aix5*) - # On AIX/PPC, the GNU linker is very broken - if test "$host_cpu" != ia64; then - ld_shlibs_GCJ=no - cat <&2 - -*** Warning: the GNU linker, at least up to release 2.9.1, is reported -*** to be unable to reliably create shared libraries on AIX. -*** Therefore, libtool is disabling shared libraries support. If you -*** really care for shared libraries, you may want to modify your PATH -*** so that a non-GNU linker is found, and then restart. - -EOF - fi - ;; - - amigaos*) - archive_cmds_GCJ='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_minus_L_GCJ=yes - - # Samuel A. Falvo II reports - # that the semantics of dynamic libraries on AmigaOS, at least up - # to version 4, is to share data among multiple programs linked - # with the same dynamic library. Since this doesn't match the - # behavior of shared libraries on other platforms, we can't use - # them. - ld_shlibs_GCJ=no - ;; - - beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - allow_undefined_flag_GCJ=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - archive_cmds_GCJ='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - ld_shlibs_GCJ=no - fi - ;; - - cygwin* | mingw* | pw32*) - # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, GCJ) is actually meaningless, - # as there is no search path for DLLs. - hardcode_libdir_flag_spec_GCJ='-L$libdir' - allow_undefined_flag_GCJ=unsupported - always_export_symbols_GCJ=no - enable_shared_with_static_runtimes_GCJ=yes - export_symbols_cmds_GCJ='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS] /s/.* \([^ ]*\)/\1 DATA/'\'' | $SED -e '\''/^[AITW] /s/.* //'\'' | sort | uniq > $export_symbols' - - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then - archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - archive_expsym_cmds_GCJ='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - ld_shlibs_GCJ=no - fi - ;; - - interix3*) - hardcode_direct_GCJ=no - hardcode_shlibpath_var_GCJ=no - hardcode_libdir_flag_spec_GCJ='${wl}-rpath,$libdir' - export_dynamic_flag_spec_GCJ='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - archive_cmds_GCJ='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - archive_expsym_cmds_GCJ='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - - linux*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - tmp_addflag= - case $cc_basename,$host_cpu in - pgcc*) # Portland Group C compiler - whole_archive_flag_spec_GCJ='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag' - ;; - pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers - whole_archive_flag_spec_GCJ='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag -Mnomain' ;; - ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 - tmp_addflag=' -i_dynamic' ;; - efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 - tmp_addflag=' -i_dynamic -nofor_main' ;; - ifc* | ifort*) # Intel Fortran compiler - tmp_addflag=' -nofor_main' ;; - esac - archive_cmds_GCJ='$CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - - if test $supports_anon_versioning = yes; then - archive_expsym_cmds_GCJ='$echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - $echo "local: *; };" >> $output_objdir/$libname.ver~ - $CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' - fi - else - ld_shlibs_GCJ=no - fi - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - archive_cmds_GCJ='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' - wlarc= - else - archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - fi - ;; - - solaris*) - if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then - ld_shlibs_GCJ=no - cat <&2 - -*** Warning: The releases 2.8.* of the GNU linker cannot reliably -*** create shared libraries on Solaris systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.9.1 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -EOF - elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs_GCJ=no - fi - ;; - - sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) - case `$LD -v 2>&1` in - *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*) - ld_shlibs_GCJ=no - cat <<_LT_EOF 1>&2 - -*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not -*** reliably create shared libraries on SCO systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.16.91.0.3 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -_LT_EOF - ;; - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - hardcode_libdir_flag_spec_GCJ='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`' - archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib' - archive_expsym_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib' - else - ld_shlibs_GCJ=no - fi - ;; - esac - ;; - - sunos4*) - archive_cmds_GCJ='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' - wlarc= - hardcode_direct_GCJ=yes - hardcode_shlibpath_var_GCJ=no - ;; - - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs_GCJ=no - fi - ;; - esac - - if test "$ld_shlibs_GCJ" = no; then - runpath_var= - hardcode_libdir_flag_spec_GCJ= - export_dynamic_flag_spec_GCJ= - whole_archive_flag_spec_GCJ= - fi - else - # PORTME fill in a description of your system's linker (not GNU ld) - case $host_os in - aix3*) - allow_undefined_flag_GCJ=unsupported - always_export_symbols_GCJ=yes - archive_expsym_cmds_GCJ='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' - # Note: this linker hardcodes the directories in LIBPATH if there - # are no directories specified by -L. - hardcode_minus_L_GCJ=yes - if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then - # Neither direct hardcoding nor static linking is supported with a - # broken collect2. - hardcode_direct_GCJ=unsupported - fi - ;; - - aix4* | aix5*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | grep 'GNU' > /dev/null; then - export_symbols_cmds_GCJ='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - else - export_symbols_cmds_GCJ='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - fi - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[23]|aix4.[23].*|aix5*) - for ld_flag in $LDFLAGS; do - if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then - aix_use_runtimelinking=yes - break - fi - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - archive_cmds_GCJ='' - hardcode_direct_GCJ=yes - hardcode_libdir_separator_GCJ=':' - link_all_deplibs_GCJ=yes - - if test "$GCC" = yes; then - case $host_os in aix4.[012]|aix4.[012].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null - then - # We have reworked collect2 - hardcode_direct_GCJ=yes - else - # We have old collect2 - hardcode_direct_GCJ=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - hardcode_minus_L_GCJ=yes - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_libdir_separator_GCJ= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - always_export_symbols_GCJ=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - allow_undefined_flag_GCJ='-berok' - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +ac_res=`eval echo \\\$$ac_foo` +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test $ac_res = no; then +# Try to figure out why that failed... +case $abi in + -mabi=32) + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -mabi=n32" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { - +int x; ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi +if ac_fn_c_try_compile "$LINENO"; then : + ac_res=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - + ac_res=no fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext CLAGS="$save_CFLAGS" + if test $ac_res = yes; then + # New GCC + as_fn_error "$CC does not support the $with_mips_abi ABI" "$LINENO" 5 + fi + # Old GCC + abi='' + abilibdirext='' + ;; + -mabi=n32|-mabi=64) + if test $with_mips_abi = yes; then + # Old GCC, default to O32 + abi='' + abilibdirext='' + else + # Some broken GCC + as_fn_error "$CC does not support the $with_mips_abi ABI" "$LINENO" 5 + fi + ;; +esac +fi #if test $ac_res = no; then +fi #if test -n "$abi" ; then +else +case "${with_mips_abi}" in + 32|o32) abi='-32'; abilibdirext='' ;; + n32|yes) abi='-n32'; abilibdirext='32' ;; + 64) abi='-64'; abilibdirext='64' ;; + no) abi=''; abilibdirext='';; + *) as_fn_error "\"Invalid ABI specified\"" "$LINENO" 5 ;; +esac +fi #if test -n "$GCC"; then +;; +esac -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi +CC="$CC $abi" +libdir="$libdir$abilibdirext" - hardcode_libdir_flag_spec_GCJ='${wl}-blibpath:$libdir:'"$aix_libpath" - archive_expsym_cmds_GCJ="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - hardcode_libdir_flag_spec_GCJ='${wl}-R $libdir:/usr/lib:/lib' - allow_undefined_flag_GCJ="-z nodefs" - archive_expsym_cmds_GCJ="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for __attribute__" >&5 +$as_echo_n "checking for __attribute__... " >&6; } +if test "${ac_cv___attribute__+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#include +static void foo(void) __attribute__ ((noreturn)); -int -main () +static void +foo(void) { - - ; - return 0; + exit(1); } + _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv___attribute__=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - + ac_cv___attribute__=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi +if test "$ac_cv___attribute__" = "yes"; then - hardcode_libdir_flag_spec_GCJ='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - no_undefined_flag_GCJ=' ${wl}-bernotok' - allow_undefined_flag_GCJ=' ${wl}-berok' - # Exported symbols can be pulled into shared objects from archives - whole_archive_flag_spec_GCJ='$convenience' - archive_cmds_need_lc_GCJ=yes - # This is similar to how AIX traditionally builds its shared libraries. - archive_expsym_cmds_GCJ="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; +$as_echo "#define HAVE___ATTRIBUTE__ 1" >>confdefs.h - amigaos*) - archive_cmds_GCJ='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_minus_L_GCJ=yes - # see comment about different semantics on the GNU ld section - ld_shlibs_GCJ=no - ;; - - bsdi[45]*) - export_dynamic_flag_spec_GCJ=-rdynamic - ;; - - cygwin* | mingw* | pw32*) - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - # hardcode_libdir_flag_spec is actually meaningless, as there is - # no search path for DLLs. - hardcode_libdir_flag_spec_GCJ=' ' - allow_undefined_flag_GCJ=unsupported - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - archive_cmds_GCJ='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames=' - # The linker will automatically build a .lib file if we build a DLL. - old_archive_From_new_cmds_GCJ='true' - # FIXME: Should let the user specify the lib program. - old_archive_cmds_GCJ='lib /OUT:$oldlib$oldobjs$old_deplibs' - fix_srcfile_path_GCJ='`cygpath -w "$srcfile"`' - enable_shared_with_static_runtimes_GCJ=yes - ;; - - darwin* | rhapsody*) - case $host_os in - rhapsody* | darwin1.[012]) - allow_undefined_flag_GCJ='${wl}-undefined ${wl}suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag_GCJ='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag_GCJ='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - ;; - 10.*) - allow_undefined_flag_GCJ='${wl}-undefined ${wl}dynamic_lookup' - ;; - esac - fi - ;; - esac - archive_cmds_need_lc_GCJ=no - hardcode_direct_GCJ=no - hardcode_automatic_GCJ=yes - hardcode_shlibpath_var_GCJ=unsupported - whole_archive_flag_spec_GCJ='' - link_all_deplibs_GCJ=yes - if test "$GCC" = yes ; then - output_verbose_link_cmd='echo' - archive_cmds_GCJ='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - module_cmds_GCJ='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - case $cc_basename in - xlc*) - output_verbose_link_cmd='echo' - archive_cmds_GCJ='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' - module_cmds_GCJ='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - ;; - *) - ld_shlibs_GCJ=no - ;; - esac - fi - ;; - - dgux*) - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_shlibpath_var_GCJ=no - ;; - - freebsd1*) - ld_shlibs_GCJ=no - ;; - - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor - # support. Future versions do this automatically, but an explicit c++rt0.o - # does not break anything, and helps significantly (at the cost of a little - # extra space). - freebsd2.2*) - archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' - hardcode_libdir_flag_spec_GCJ='-R$libdir' - hardcode_direct_GCJ=yes - hardcode_shlibpath_var_GCJ=no - ;; - - # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2*) - archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_GCJ=yes - hardcode_minus_L_GCJ=yes - hardcode_shlibpath_var_GCJ=no - ;; - - # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | kfreebsd*-gnu | dragonfly*) - archive_cmds_GCJ='$CC -shared -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec_GCJ='-R$libdir' - hardcode_direct_GCJ=yes - hardcode_shlibpath_var_GCJ=no - ;; - - hpux9*) - if test "$GCC" = yes; then - archive_cmds_GCJ='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - archive_cmds_GCJ='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - fi - hardcode_libdir_flag_spec_GCJ='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_GCJ=: - hardcode_direct_GCJ=yes - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L_GCJ=yes - export_dynamic_flag_spec_GCJ='${wl}-E' - ;; - - hpux10*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - archive_cmds_GCJ='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_GCJ='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' - fi - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec_GCJ='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_GCJ=: - - hardcode_direct_GCJ=yes - export_dynamic_flag_spec_GCJ='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L_GCJ=yes - fi - ;; - - hpux11*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - case $host_cpu in - hppa*64*) - archive_cmds_GCJ='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - archive_cmds_GCJ='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds_GCJ='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - else - case $host_cpu in - hppa*64*) - archive_cmds_GCJ='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - archive_cmds_GCJ='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds_GCJ='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - fi - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec_GCJ='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_GCJ=: - - case $host_cpu in - hppa*64*|ia64*) - hardcode_libdir_flag_spec_ld_GCJ='+b $libdir' - hardcode_direct_GCJ=no - hardcode_shlibpath_var_GCJ=no - ;; - *) - hardcode_direct_GCJ=yes - export_dynamic_flag_spec_GCJ='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L_GCJ=yes - ;; - esac - fi - ;; - - irix5* | irix6* | nonstopux*) - if test "$GCC" = yes; then - archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - archive_cmds_GCJ='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - hardcode_libdir_flag_spec_ld_GCJ='-rpath $libdir' - fi - hardcode_libdir_flag_spec_GCJ='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_GCJ=: - link_all_deplibs_GCJ=yes - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out - else - archive_cmds_GCJ='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF - fi - hardcode_libdir_flag_spec_GCJ='-R$libdir' - hardcode_direct_GCJ=yes - hardcode_shlibpath_var_GCJ=no - ;; - - newsos6) - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_GCJ=yes - hardcode_libdir_flag_spec_GCJ='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_GCJ=: - hardcode_shlibpath_var_GCJ=no - ;; - - openbsd*) - hardcode_direct_GCJ=yes - hardcode_shlibpath_var_GCJ=no - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - archive_cmds_GCJ='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_GCJ='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' - hardcode_libdir_flag_spec_GCJ='${wl}-rpath,$libdir' - export_dynamic_flag_spec_GCJ='${wl}-E' - else - case $host_os in - openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*) - archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec_GCJ='-R$libdir' - ;; - *) - archive_cmds_GCJ='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec_GCJ='${wl}-rpath,$libdir' - ;; - esac - fi - ;; - - os2*) - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_minus_L_GCJ=yes - allow_undefined_flag_GCJ=unsupported - archive_cmds_GCJ='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' - old_archive_From_new_cmds_GCJ='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' - ;; - - osf3*) - if test "$GCC" = yes; then - allow_undefined_flag_GCJ=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_GCJ='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - allow_undefined_flag_GCJ=' -expect_unresolved \*' - archive_cmds_GCJ='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - fi - hardcode_libdir_flag_spec_GCJ='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_GCJ=: - ;; - - osf4* | osf5*) # as osf3* with the addition of -msym flag - if test "$GCC" = yes; then - allow_undefined_flag_GCJ=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_GCJ='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - hardcode_libdir_flag_spec_GCJ='${wl}-rpath ${wl}$libdir' - else - allow_undefined_flag_GCJ=' -expect_unresolved \*' - archive_cmds_GCJ='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - archive_expsym_cmds_GCJ='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~ - $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp' - - # Both c and cxx compiler support -rpath directly - hardcode_libdir_flag_spec_GCJ='-rpath $libdir' - fi - hardcode_libdir_separator_GCJ=: - ;; - - solaris*) - no_undefined_flag_GCJ=' -z text' - if test "$GCC" = yes; then - wlarc='${wl}' - archive_cmds_GCJ='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_GCJ='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp' - else - wlarc='' - archive_cmds_GCJ='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' - archive_expsym_cmds_GCJ='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp' - fi - hardcode_libdir_flag_spec_GCJ='-R$libdir' - hardcode_shlibpath_var_GCJ=no - case $host_os in - solaris2.[0-5] | solaris2.[0-5].*) ;; - *) - # The compiler driver will combine linker options so we - # cannot just pass the convience library names through - # without $wl, iff we do not link with $LD. - # Luckily, gcc supports the same syntax we need for Sun Studio. - # Supported since Solaris 2.6 (maybe 2.5.1?) - case $wlarc in - '') - whole_archive_flag_spec_GCJ='-z allextract$convenience -z defaultextract' ;; - *) - whole_archive_flag_spec_GCJ='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' ;; - esac ;; - esac - link_all_deplibs_GCJ=yes - ;; - - sunos4*) - if test "x$host_vendor" = xsequent; then - # Use $CC to link under sequent, because it throws in some extra .o - # files that make .init and .fini sections work. - archive_cmds_GCJ='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_GCJ='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' - fi - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_direct_GCJ=yes - hardcode_minus_L_GCJ=yes - hardcode_shlibpath_var_GCJ=no - ;; - - sysv4) - case $host_vendor in - sni) - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_GCJ=yes # is this really true??? - ;; - siemens) - ## LD is ld it makes a PLAMLIB - ## CC just makes a GrossModule. - archive_cmds_GCJ='$LD -G -o $lib $libobjs $deplibs $linker_flags' - reload_cmds_GCJ='$CC -r -o $output$reload_objs' - hardcode_direct_GCJ=no - ;; - motorola) - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_GCJ=no #Motorola manual says yes, but my tests say they lie - ;; - esac - runpath_var='LD_RUN_PATH' - hardcode_shlibpath_var_GCJ=no - ;; - - sysv4.3*) - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_shlibpath_var_GCJ=no - export_dynamic_flag_spec_GCJ='-Bexport' - ;; - - sysv4*MP*) - if test -d /usr/nec; then - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_shlibpath_var_GCJ=no - runpath_var=LD_RUN_PATH - hardcode_runpath_var=yes - ld_shlibs_GCJ=yes - fi - ;; - - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7*) - no_undefined_flag_GCJ='${wl}-z,text' - archive_cmds_need_lc_GCJ=no - hardcode_shlibpath_var_GCJ=no - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - archive_cmds_GCJ='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_GCJ='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_GCJ='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_GCJ='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - no_undefined_flag_GCJ='${wl}-z,text' - allow_undefined_flag_GCJ='${wl}-z,nodefs' - archive_cmds_need_lc_GCJ=no - hardcode_shlibpath_var_GCJ=no - hardcode_libdir_flag_spec_GCJ='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' - hardcode_libdir_separator_GCJ=':' - link_all_deplibs_GCJ=yes - export_dynamic_flag_spec_GCJ='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - archive_cmds_GCJ='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_GCJ='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_GCJ='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_GCJ='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - uts4*) - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_shlibpath_var_GCJ=no - ;; - - *) - ld_shlibs_GCJ=no - ;; - esac - fi - -{ echo "$as_me:$LINENO: result: $ld_shlibs_GCJ" >&5 -echo "${ECHO_T}$ld_shlibs_GCJ" >&6; } -test "$ld_shlibs_GCJ" = no && can_build_shared=no - -# -# Do we need to explicitly link libc? -# -case "x$archive_cmds_need_lc_GCJ" in -x|xyes) - # Assume -lc should be added - archive_cmds_need_lc_GCJ=yes - - if test "$enable_shared" = yes && test "$GCC" = yes; then - case $archive_cmds_GCJ in - *'~'*) - # FIXME: we may have to deal with multi-command sequences. - ;; - '$CC '*) - # Test whether the compiler implicitly links with -lc since on some - # systems, -lgcc has to come before -lc. If gcc already passes -lc - # to ld, don't add -lc before -lgcc. - { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5 -echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; } - $rm conftest* - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } 2>conftest.err; then - soname=conftest - lib=conftest - libobjs=conftest.$ac_objext - deplibs= - wl=$lt_prog_compiler_wl_GCJ - pic_flag=$lt_prog_compiler_pic_GCJ - compiler_flags=-v - linker_flags=-v - verstring= - output_objdir=. - libname=conftest - lt_save_allow_undefined_flag=$allow_undefined_flag_GCJ - allow_undefined_flag_GCJ= - if { (eval echo "$as_me:$LINENO: \"$archive_cmds_GCJ 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\"") >&5 - (eval $archive_cmds_GCJ 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - then - archive_cmds_need_lc_GCJ=no - else - archive_cmds_need_lc_GCJ=yes - fi - allow_undefined_flag_GCJ=$lt_save_allow_undefined_flag - else - cat conftest.err 1>&5 - fi - $rm conftest* - { echo "$as_me:$LINENO: result: $archive_cmds_need_lc_GCJ" >&5 -echo "${ECHO_T}$archive_cmds_need_lc_GCJ" >&6; } - ;; - esac - fi - ;; -esac - -{ echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5 -echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; } -library_names_spec= -libname_spec='lib$name' -soname_spec= -shrext_cmds=".so" -postinstall_cmds= -postuninstall_cmds= -finish_cmds= -finish_eval= -shlibpath_var= -shlibpath_overrides_runpath=unknown -version_type=none -dynamic_linker="$host_os ld.so" -sys_lib_dlsearch_path_spec="/lib /usr/lib" -if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then - # if the path contains ";" then we assume it to be the separator - # otherwise default to the standard path separator (i.e. ":") - it is - # assumed that no part of a normal pathname contains ";" but that should - # okay in the real world where ";" in dirpaths is itself problematic. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi -else - sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" fi -need_lib_prefix=unknown -hardcode_into_libs=no - -# when you set need_version to no, make sure it does not cause -set_version -# flags to be left without arguments -need_version=unknown - -case $host_os in -aix3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' - shlibpath_var=LIBPATH - - # AIX 3 has no versioning support, so we append a major version to the name. - soname_spec='${libname}${release}${shared_ext}$major' - ;; - -aix4* | aix5*) - version_type=linux - need_lib_prefix=no - need_version=no - hardcode_into_libs=yes - if test "$host_cpu" = ia64; then - # AIX 5 supports IA64 - library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - else - # With GCC up to 2.95.x, collect2 would create an import file - # for dependence libraries. The import file would start with - # the line `#! .'. This would cause the generated library to - # depend on `.', always an invalid library. This was fixed in - # development snapshots of GCC prior to 3.0. - case $host_os in - aix4 | aix4.[01] | aix4.[01].*) - if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' - echo ' yes ' - echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then - : - else - can_build_shared=no - fi - ;; - esac - # AIX (on Power*) has no versioning support, so currently we can not hardcode correct - # soname into executable. Probably we can add versioning support to - # collect2, so additional links can be useful in future. - if test "$aix_use_runtimelinking" = yes; then - # If using run time linking (on AIX 4.2 or later) use lib.so - # instead of lib.a to let people know that these are not - # typical AIX shared libraries. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - else - # We preserve .a as extension for shared libraries through AIX4.2 - # and later when we are not doing run time linking. - library_names_spec='${libname}${release}.a $libname.a' - soname_spec='${libname}${release}${shared_ext}$major' - fi - shlibpath_var=LIBPATH - fi - ;; - -amigaos*) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' - ;; - -beos*) - library_names_spec='${libname}${shared_ext}' - dynamic_linker="$host_os ld.so" - shlibpath_var=LIBRARY_PATH - ;; - -bsdi[45]*) - version_type=linux - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" - sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" - # the default ld.so.conf also contains /usr/contrib/lib and - # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow - # libtool to hard-code these into programs - ;; - -cygwin* | mingw* | pw32*) - version_type=windows - shrext_cmds=".dll" - need_version=no - need_lib_prefix=no - - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32*) - library_names_spec='$libname.dll.a' - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname~ - chmod a+x \$dldir/$dlname' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $rm \$dlpath' - shlibpath_overrides_runpath=yes - - case $host_os in - cygwin*) - # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib" - ;; - mingw*) - # MinGW DLLs use traditional 'lib' prefix - soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';[c-zC-Z]:/' >/dev/null; then - # It is most probably a Windows format PATH printed by - # mingw gcc, but we are running on Cygwin. Gcc prints its search - # path with ; separators, and with drive letters. We can handle the - # drive letters (cygwin fileutils understands them), so leave them, - # especially as we might pass files found there to a mingw objdump, - # which wouldn't understand a cygwinified path. Ahh. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi - ;; - pw32*) - # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - ;; - esac - ;; - - *) - library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib' - ;; - esac - dynamic_linker='Win32 ld.exe' - # FIXME: first we should search . and the directory the executable is in - shlibpath_var=PATH - ;; - -darwin* | rhapsody*) - dynamic_linker="$host_os dyld" - version_type=darwin - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' - soname_spec='${libname}${release}${major}$shared_ext' - shlibpath_overrides_runpath=yes - shlibpath_var=DYLD_LIBRARY_PATH - shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' - # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. - if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` - else - sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib' - fi - sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' - ;; - -dgux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -freebsd1*) - dynamic_linker=no - ;; - -kfreebsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -freebsd* | dragonfly*) - # DragonFly does not have aout. When/if they implement a new - # versioning mechanism, adjust this. - if test -x /usr/bin/objformat; then - objformat=`/usr/bin/objformat` - else - case $host_os in - freebsd[123]*) objformat=aout ;; - *) objformat=elf ;; - esac - fi - version_type=freebsd-$objformat - case $version_type in - freebsd-elf*) - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - need_version=no - need_lib_prefix=no - ;; - freebsd-*) - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' - need_version=yes - ;; - esac - shlibpath_var=LD_LIBRARY_PATH - case $host_os in - freebsd2*) - shlibpath_overrides_runpath=yes - ;; - freebsd3.[01]* | freebsdelf3.[01]*) - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - freebsd3.[2-9]* | freebsdelf3.[2-9]* | \ - freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1) - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - freebsd*) # from 4.6 on - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - esac - ;; - -gnu*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - ;; - -hpux9* | hpux10* | hpux11*) - # Give a soname corresponding to the major version so that dld.sl refuses to - # link against other versions. - version_type=sunos - need_lib_prefix=no - need_version=no - case $host_cpu in - ia64*) - shrext_cmds='.so' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.so" - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - if test "X$HPUX_IA64_MODE" = X32; then - sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" - else - sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" - fi - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - hppa*64*) - shrext_cmds='.sl' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.sl" - shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - *) - shrext_cmds='.sl' - dynamic_linker="$host_os dld.sl" - shlibpath_var=SHLIB_PATH - shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - ;; - esac - # HP-UX runs *really* slowly unless shared libraries are mode 555. - postinstall_cmds='chmod 555 $lib' - ;; - -interix3*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -irix5* | irix6* | nonstopux*) - case $host_os in - nonstopux*) version_type=nonstopux ;; - *) - if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux - else - version_type=irix - fi ;; - esac - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' - case $host_os in - irix5* | nonstopux*) - libsuff= shlibsuff= - ;; - *) - case $LD in # libtool.m4 will add one of these switches to LD - *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") - libsuff= shlibsuff= libmagic=32-bit;; - *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") - libsuff=32 shlibsuff=N32 libmagic=N32;; - *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") - libsuff=64 shlibsuff=64 libmagic=64-bit;; - *) libsuff= shlibsuff= libmagic=never-match;; - esac - ;; - esac - shlibpath_var=LD_LIBRARY${shlibsuff}_PATH - shlibpath_overrides_runpath=no - sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" - sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" - hardcode_into_libs=yes - ;; - -# No shared lib support for Linux oldld, aout, or coff. -linux*oldld* | linux*aout* | linux*coff*) - dynamic_linker=no - ;; - -# This must be Linux ELF. -linux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - # This implies no fast_install, which is unacceptable. - # Some rework will be needed to allow for fast_install - # before this can be enabled. - hardcode_into_libs=yes - - # Append ld.so.conf contents to the search path - if test -f /etc/ld.so.conf; then - lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" - fi - - # We used to test for /lib/ld.so.1 and disable shared libraries on - # powerpc, because MkLinux only supported shared libraries with the - # GNU dynamic linker. Since this was broken with cross compilers, - # most powerpc-linux boxes support dynamic linking these days and - # people can always --disable-shared, the test was removed, and we - # assume the GNU/Linux dynamic linker is in use. - dynamic_linker='GNU/Linux ld.so' - ;; - -knetbsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -netbsd*) - version_type=sunos - need_lib_prefix=no - need_version=no - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - dynamic_linker='NetBSD (a.out) ld.so' - else - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='NetBSD ld.elf_so' - fi - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - -newsos6) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -nto-qnx*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -openbsd*) - version_type=sunos - sys_lib_dlsearch_path_spec="/usr/lib" - need_lib_prefix=no - # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. - case $host_os in - openbsd3.3 | openbsd3.3.*) need_version=yes ;; - *) need_version=no ;; - esac - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - shlibpath_var=LD_LIBRARY_PATH - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - case $host_os in - openbsd2.[89] | openbsd2.[89].*) - shlibpath_overrides_runpath=no - ;; - *) - shlibpath_overrides_runpath=yes - ;; - esac - else - shlibpath_overrides_runpath=yes - fi - ;; - -os2*) - libname_spec='$name' - shrext_cmds=".dll" - need_lib_prefix=no - library_names_spec='$libname${shared_ext} $libname.a' - dynamic_linker='OS/2 ld.exe' - shlibpath_var=LIBPATH - ;; - -osf3* | osf4* | osf5*) - version_type=osf - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" - sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" - ;; - -solaris*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - # ldd complains unless libraries are executable - postinstall_cmds='chmod +x $lib' - ;; - -sunos4*) - version_type=sunos - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - fi - need_version=yes - ;; - -sysv4 | sysv4.3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - case $host_vendor in - sni) - shlibpath_overrides_runpath=no - need_lib_prefix=no - export_dynamic_flag_spec='${wl}-Blargedynsym' - runpath_var=LD_RUN_PATH - ;; - siemens) - need_lib_prefix=no - ;; - motorola) - need_lib_prefix=no - need_version=no - shlibpath_overrides_runpath=no - sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' - ;; - esac - ;; - -sysv4*MP*) - if test -d /usr/nec ;then - version_type=linux - library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' - soname_spec='$libname${shared_ext}.$major' - shlibpath_var=LD_LIBRARY_PATH - fi - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - version_type=freebsd-elf - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - if test "$with_gnu_ld" = yes; then - sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' - shlibpath_overrides_runpath=no - else - sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' - shlibpath_overrides_runpath=yes - case $host_os in - sco3.2v5*) - sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" - ;; - esac - fi - sys_lib_dlsearch_path_spec='/usr/lib' - ;; - -uts4*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -*) - dynamic_linker=no - ;; -esac -{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5 -echo "${ECHO_T}$dynamic_linker" >&6; } -test "$dynamic_linker" = no && can_build_shared=no - -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$GCC" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi - -{ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 -echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; } -hardcode_action_GCJ= -if test -n "$hardcode_libdir_flag_spec_GCJ" || \ - test -n "$runpath_var_GCJ" || \ - test "X$hardcode_automatic_GCJ" = "Xyes" ; then - - # We can hardcode non-existant directories. - if test "$hardcode_direct_GCJ" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, GCJ)" != no && - test "$hardcode_minus_L_GCJ" != no; then - # Linking always hardcodes the temporary library directory. - hardcode_action_GCJ=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - hardcode_action_GCJ=immediate - fi -else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - hardcode_action_GCJ=unsupported -fi -{ echo "$as_me:$LINENO: result: $hardcode_action_GCJ" >&5 -echo "${ECHO_T}$hardcode_action_GCJ" >&6; } - -if test "$hardcode_action_GCJ" = relink; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless -fi - - -# The else clause should only fire when bootstrapping the -# libtool distribution, otherwise you forgot to ship ltmain.sh -# with your package, and you will get complaints that there are -# no rules to generate ltmain.sh. -if test -f "$ltmain"; then - # See if we are running on zsh, and set the options which allow our commands through - # without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - # Now quote all the things that may contain metacharacters while being - # careful not to overquote the AC_SUBSTed values. We take copies of the - # variables and quote the copies for generation of the libtool script. - for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \ - SED SHELL STRIP \ - libname_spec library_names_spec soname_spec extract_expsyms_cmds \ - old_striplib striplib file_magic_cmd finish_cmds finish_eval \ - deplibs_check_method reload_flag reload_cmds need_locks \ - lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \ - lt_cv_sys_global_symbol_to_c_name_address \ - sys_lib_search_path_spec sys_lib_dlsearch_path_spec \ - old_postinstall_cmds old_postuninstall_cmds \ - compiler_GCJ \ - CC_GCJ \ - LD_GCJ \ - lt_prog_compiler_wl_GCJ \ - lt_prog_compiler_pic_GCJ \ - lt_prog_compiler_static_GCJ \ - lt_prog_compiler_no_builtin_flag_GCJ \ - export_dynamic_flag_spec_GCJ \ - thread_safe_flag_spec_GCJ \ - whole_archive_flag_spec_GCJ \ - enable_shared_with_static_runtimes_GCJ \ - old_archive_cmds_GCJ \ - old_archive_from_new_cmds_GCJ \ - predep_objects_GCJ \ - postdep_objects_GCJ \ - predeps_GCJ \ - postdeps_GCJ \ - compiler_lib_search_path_GCJ \ - archive_cmds_GCJ \ - archive_expsym_cmds_GCJ \ - postinstall_cmds_GCJ \ - postuninstall_cmds_GCJ \ - old_archive_from_expsyms_cmds_GCJ \ - allow_undefined_flag_GCJ \ - no_undefined_flag_GCJ \ - export_symbols_cmds_GCJ \ - hardcode_libdir_flag_spec_GCJ \ - hardcode_libdir_flag_spec_ld_GCJ \ - hardcode_libdir_separator_GCJ \ - hardcode_automatic_GCJ \ - module_cmds_GCJ \ - module_expsym_cmds_GCJ \ - lt_cv_prog_compiler_c_o_GCJ \ - exclude_expsyms_GCJ \ - include_expsyms_GCJ; do - - case $var in - old_archive_cmds_GCJ | \ - old_archive_from_new_cmds_GCJ | \ - archive_cmds_GCJ | \ - archive_expsym_cmds_GCJ | \ - module_cmds_GCJ | \ - module_expsym_cmds_GCJ | \ - old_archive_from_expsyms_cmds_GCJ | \ - export_symbols_cmds_GCJ | \ - extract_expsyms_cmds | reload_cmds | finish_cmds | \ - postinstall_cmds | postuninstall_cmds | \ - old_postinstall_cmds | old_postuninstall_cmds | \ - sys_lib_search_path_spec | sys_lib_dlsearch_path_spec) - # Double-quote double-evaled strings. - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\"" - ;; - *) - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\"" - ;; - esac - done - - case $lt_echo in - *'\$0 --fallback-echo"') - lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'` - ;; - esac - -cfgfile="$ofile" - - cat <<__EOF__ >> "$cfgfile" -# ### BEGIN LIBTOOL TAG CONFIG: $tagname - -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$archive_cmds_need_lc_GCJ - -# Whether or not to disallow shared libs when runtime libs are static -allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_GCJ - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# An echo program that does not interpret backslashes. -echo=$lt_echo - -# The archiver. -AR=$lt_AR -AR_FLAGS=$lt_AR_FLAGS - -# A C compiler. -LTCC=$lt_LTCC - -# LTCC compiler flags. -LTCFLAGS=$lt_LTCFLAGS - -# A language-specific compiler. -CC=$lt_compiler_GCJ - -# Is the compiler the GNU C compiler? -with_gcc=$GCC_GCJ - -# An ERE matcher. -EGREP=$lt_EGREP - -# The linker used to build libraries. -LD=$lt_LD_GCJ - -# Whether we need hard or soft links. -LN_S=$lt_LN_S - -# A BSD-compatible nm program. -NM=$lt_NM - -# A symbol stripping program -STRIP=$lt_STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl_GCJ - -# Object file suffix (normally "o"). -objext="$ac_objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Shared library suffix (normally ".so"). -shrext_cmds='$shrext_cmds' - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$lt_lt_prog_compiler_pic_GCJ -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$lt_cv_sys_max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_lt_cv_prog_compiler_c_o_GCJ - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_lt_prog_compiler_static_GCJ - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_GCJ - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_GCJ - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_whole_archive_flag_spec_GCJ - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$lt_thread_safe_flag_spec_GCJ - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$lt_RANLIB -old_archive_cmds=$lt_old_archive_cmds_GCJ -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_GCJ - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_GCJ - -# Commands used to build and install a shared archive. -archive_cmds=$lt_archive_cmds_GCJ -archive_expsym_cmds=$lt_archive_expsym_cmds_GCJ -postinstall_cmds=$lt_postinstall_cmds -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to build a loadable module (assumed same as above if empty) -module_cmds=$lt_module_cmds_GCJ -module_expsym_cmds=$lt_module_expsym_cmds_GCJ - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$lt_predep_objects_GCJ - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$lt_postdep_objects_GCJ - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$lt_predeps_GCJ - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$lt_postdeps_GCJ - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$lt_compiler_lib_search_path_GCJ - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$lt_file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_allow_undefined_flag_GCJ - -# Flag that forces no undefined symbols. -no_undefined_flag=$lt_no_undefined_flag_GCJ - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$lt_finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action_GCJ - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_GCJ - -# If ld is used when linking, flag to hardcode \$libdir into -# a binary during linking. This must work even if \$libdir does -# not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_GCJ - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$lt_hardcode_libdir_separator_GCJ - -# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$hardcode_direct_GCJ - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$hardcode_minus_L_GCJ - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var_GCJ - -# Set to yes if building a shared library automatically hardcodes DIR into the library -# and all subsequent libraries and executables linked against it. -hardcode_automatic=$hardcode_automatic_GCJ - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs_GCJ - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$fix_srcfile_path_GCJ" - -# Set to yes if exported symbols are required. -always_export_symbols=$always_export_symbols_GCJ - -# The commands to list exported symbols. -export_symbols_cmds=$lt_export_symbols_cmds_GCJ - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_exclude_expsyms_GCJ - -# Symbols that must always be exported. -include_expsyms=$lt_include_expsyms_GCJ - -# ### END LIBTOOL TAG CONFIG: $tagname - -__EOF__ - - -else - # If there is no Makefile yet, we rely on a make rule to execute - # `config.status --recheck' to rerun these tests and create the - # libtool script then. - ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'` - if test -f "$ltmain_in"; then - test -f Makefile && make "$ltmain" - fi -fi - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -CC="$lt_save_CC" - - else - tagname="" - fi - ;; - - RC) - - -# Source file extension for RC test sources. -ac_ext=rc - -# Object file extension for compiled RC test sources. -objext=o -objext_RC=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }\n' - -# Code to be used in simple link tests -lt_simple_link_test_code="$lt_simple_compile_test_code" - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - - -# save warnings/boilerplate of simple test code -ac_outfile=conftest.$ac_objext -printf "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$rm conftest* - -ac_outfile=conftest.$ac_objext -printf "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$rm conftest* - - -# Allow CC to be a program name with arguments. -lt_save_CC="$CC" -CC=${RC-"windres"} -compiler=$CC -compiler_RC=$CC -for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - -lt_cv_prog_compiler_c_o_RC=yes - -# The else clause should only fire when bootstrapping the -# libtool distribution, otherwise you forgot to ship ltmain.sh -# with your package, and you will get complaints that there are -# no rules to generate ltmain.sh. -if test -f "$ltmain"; then - # See if we are running on zsh, and set the options which allow our commands through - # without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - # Now quote all the things that may contain metacharacters while being - # careful not to overquote the AC_SUBSTed values. We take copies of the - # variables and quote the copies for generation of the libtool script. - for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \ - SED SHELL STRIP \ - libname_spec library_names_spec soname_spec extract_expsyms_cmds \ - old_striplib striplib file_magic_cmd finish_cmds finish_eval \ - deplibs_check_method reload_flag reload_cmds need_locks \ - lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \ - lt_cv_sys_global_symbol_to_c_name_address \ - sys_lib_search_path_spec sys_lib_dlsearch_path_spec \ - old_postinstall_cmds old_postuninstall_cmds \ - compiler_RC \ - CC_RC \ - LD_RC \ - lt_prog_compiler_wl_RC \ - lt_prog_compiler_pic_RC \ - lt_prog_compiler_static_RC \ - lt_prog_compiler_no_builtin_flag_RC \ - export_dynamic_flag_spec_RC \ - thread_safe_flag_spec_RC \ - whole_archive_flag_spec_RC \ - enable_shared_with_static_runtimes_RC \ - old_archive_cmds_RC \ - old_archive_from_new_cmds_RC \ - predep_objects_RC \ - postdep_objects_RC \ - predeps_RC \ - postdeps_RC \ - compiler_lib_search_path_RC \ - archive_cmds_RC \ - archive_expsym_cmds_RC \ - postinstall_cmds_RC \ - postuninstall_cmds_RC \ - old_archive_from_expsyms_cmds_RC \ - allow_undefined_flag_RC \ - no_undefined_flag_RC \ - export_symbols_cmds_RC \ - hardcode_libdir_flag_spec_RC \ - hardcode_libdir_flag_spec_ld_RC \ - hardcode_libdir_separator_RC \ - hardcode_automatic_RC \ - module_cmds_RC \ - module_expsym_cmds_RC \ - lt_cv_prog_compiler_c_o_RC \ - exclude_expsyms_RC \ - include_expsyms_RC; do - - case $var in - old_archive_cmds_RC | \ - old_archive_from_new_cmds_RC | \ - archive_cmds_RC | \ - archive_expsym_cmds_RC | \ - module_cmds_RC | \ - module_expsym_cmds_RC | \ - old_archive_from_expsyms_cmds_RC | \ - export_symbols_cmds_RC | \ - extract_expsyms_cmds | reload_cmds | finish_cmds | \ - postinstall_cmds | postuninstall_cmds | \ - old_postinstall_cmds | old_postuninstall_cmds | \ - sys_lib_search_path_spec | sys_lib_dlsearch_path_spec) - # Double-quote double-evaled strings. - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\"" - ;; - *) - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\"" - ;; - esac - done - - case $lt_echo in - *'\$0 --fallback-echo"') - lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'` - ;; - esac - -cfgfile="$ofile" - - cat <<__EOF__ >> "$cfgfile" -# ### BEGIN LIBTOOL TAG CONFIG: $tagname - -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$archive_cmds_need_lc_RC - -# Whether or not to disallow shared libs when runtime libs are static -allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_RC - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# An echo program that does not interpret backslashes. -echo=$lt_echo - -# The archiver. -AR=$lt_AR -AR_FLAGS=$lt_AR_FLAGS - -# A C compiler. -LTCC=$lt_LTCC - -# LTCC compiler flags. -LTCFLAGS=$lt_LTCFLAGS - -# A language-specific compiler. -CC=$lt_compiler_RC - -# Is the compiler the GNU C compiler? -with_gcc=$GCC_RC - -# An ERE matcher. -EGREP=$lt_EGREP - -# The linker used to build libraries. -LD=$lt_LD_RC - -# Whether we need hard or soft links. -LN_S=$lt_LN_S - -# A BSD-compatible nm program. -NM=$lt_NM - -# A symbol stripping program -STRIP=$lt_STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl_RC - -# Object file suffix (normally "o"). -objext="$ac_objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Shared library suffix (normally ".so"). -shrext_cmds='$shrext_cmds' - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$lt_lt_prog_compiler_pic_RC -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$lt_cv_sys_max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_lt_cv_prog_compiler_c_o_RC - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_lt_prog_compiler_static_RC - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_RC - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_RC - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_whole_archive_flag_spec_RC - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$lt_thread_safe_flag_spec_RC - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$lt_RANLIB -old_archive_cmds=$lt_old_archive_cmds_RC -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_RC - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_RC - -# Commands used to build and install a shared archive. -archive_cmds=$lt_archive_cmds_RC -archive_expsym_cmds=$lt_archive_expsym_cmds_RC -postinstall_cmds=$lt_postinstall_cmds -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to build a loadable module (assumed same as above if empty) -module_cmds=$lt_module_cmds_RC -module_expsym_cmds=$lt_module_expsym_cmds_RC - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$lt_predep_objects_RC - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$lt_postdep_objects_RC - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$lt_predeps_RC - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$lt_postdeps_RC - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$lt_compiler_lib_search_path_RC - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$lt_file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_allow_undefined_flag_RC - -# Flag that forces no undefined symbols. -no_undefined_flag=$lt_no_undefined_flag_RC - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$lt_finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action_RC - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_RC - -# If ld is used when linking, flag to hardcode \$libdir into -# a binary during linking. This must work even if \$libdir does -# not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_RC - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$lt_hardcode_libdir_separator_RC - -# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$hardcode_direct_RC - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$hardcode_minus_L_RC - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var_RC - -# Set to yes if building a shared library automatically hardcodes DIR into the library -# and all subsequent libraries and executables linked against it. -hardcode_automatic=$hardcode_automatic_RC - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs_RC - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$fix_srcfile_path_RC" - -# Set to yes if exported symbols are required. -always_export_symbols=$always_export_symbols_RC - -# The commands to list exported symbols. -export_symbols_cmds=$lt_export_symbols_cmds_RC - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_exclude_expsyms_RC - -# Symbols that must always be exported. -include_expsyms=$lt_include_expsyms_RC - -# ### END LIBTOOL TAG CONFIG: $tagname - -__EOF__ - - -else - # If there is no Makefile yet, we rely on a make rule to execute - # `config.status --recheck' to rerun these tests and create the - # libtool script then. - ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'` - if test -f "$ltmain_in"; then - test -f Makefile && make "$ltmain" - fi -fi - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -CC="$lt_save_CC" - - ;; - - *) - { { echo "$as_me:$LINENO: error: Unsupported tag name: $tagname" >&5 -echo "$as_me: error: Unsupported tag name: $tagname" >&2;} - { (exit 1); exit 1; }; } - ;; - esac - - # Append the new tag name to the list of available tags. - if test -n "$tagname" ; then - available_tags="$available_tags $tagname" - fi - fi - done - IFS="$lt_save_ifs" - - # Now substitute the updated list of available tags. - if eval "sed -e 's/^available_tags=.*\$/available_tags=\"$available_tags\"/' \"$ofile\" > \"${ofile}T\""; then - mv "${ofile}T" "$ofile" - chmod +x "$ofile" - else - rm -f "${ofile}T" - { { echo "$as_me:$LINENO: error: unable to update list of available tagged configurations." >&5 -echo "$as_me: error: unable to update list of available tagged configurations." >&2;} - { (exit 1); exit 1; }; } - fi -fi - - - -# This can be used to rebuild libtool when needed -LIBTOOL_DEPS="$ac_aux_dir/ltmain.sh" - -# Always use our own libtool. -LIBTOOL='$(SHELL) $(top_builddir)/libtool' - -# Prevent multiple expansion - - - - - - - - - - - - - - - - +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv___attribute__" >&5 +$as_echo "$ac_cv___attribute__" >&6; } @@ -20205,10 +12752,10 @@ else fi -{ echo "$as_me:$LINENO: checking for ld --version-script" >&5 -echo $ECHO_N "checking for ld --version-script... $ECHO_C" >&6; } -if test "${rk_cv_version_script+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ld --version-script" >&5 +$as_echo_n "checking for ld --version-script... " >&6; } +if test "${rk_cv_version_script+set}" = set; then : + $as_echo_n "(cached) " >&6 else rk_cv_version_script=no @@ -20225,22 +12772,26 @@ cat > conftest.c <&5 + if { ac_try='${CC-cc} -c $CFLAGS -fPIC conftest.c' + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5 (eval $ac_try) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; } && + { ac_try='${CC-cc} -shared -Wl,--version-script,conftest.map $CFLAGS $LDFLAGS -o libconftestlib.so conftest.o' + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5 + (eval $ac_try) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then rk_cv_version_script=yes fi -rm -f conftest* +rm -rf conftest* libconftest* .libs fi -{ echo "$as_me:$LINENO: result: $rk_cv_version_script" >&5 -echo "${ECHO_T}$rk_cv_version_script" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $rk_cv_version_script" >&5 +$as_echo "$rk_cv_version_script" >&6; } if test $rk_cv_version_script = yes ; then doversioning=yes @@ -20265,18 +12816,65 @@ fi + + if test "${cross_compiling}" = yes; then + CROSS_COMPILE_TRUE= + CROSS_COMPILE_FALSE='#' +else + CROSS_COMPILE_TRUE='#' + CROSS_COMPILE_FALSE= +fi + + + +# Check whether --with-cross-tools was given. +if test "${with_cross_tools+set}" = set; then : + withval=$with_cross_tools; if test "$withval" = "yes"; then + as_fn_error "Need path to cross tools" "$LINENO" 5 + fi + with_cross_tools="${with_cross_tools}/" + +fi + + +if test "${cross_compiling}" != yes ; then + + ASN1_COMPILE="\$(top_builddir)/lib/asn1/asn1_compile\$(EXEEXT)" + SLC="\$(top_builddir)/lib/sl/slc" + + ASN1_COMPILE_DEP="\$(ASN1_COMPILE)" + SLC_DEP="\$(SLC)" +else + ASN1_COMPILE="${with_cross_tools}asn1_compile" + SLC="${with_cross_tools}slc" + + ASN1_COMPILE_DEP= + SLC_DEP= +fi + + + + + + + + + +$as_echo "#define HEIM_WEAK_CRYPTO 1" >>confdefs.h + + + + # Check whether --with-openldap was given. -if test "${with_openldap+set}" = set; then +if test "${with_openldap+set}" = set; then : withval=$with_openldap; fi # Check whether --with-openldap-lib was given. -if test "${with_openldap_lib+set}" = set; then +if test "${with_openldap_lib+set}" = set; then : withval=$with_openldap_lib; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-openldap-lib" >&5 -echo "$as_me: error: No argument for --with-openldap-lib" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "No argument for --with-openldap-lib" "$LINENO" 5 elif test "X$with_openldap" = "X"; then with_openldap=yes fi @@ -20284,11 +12882,9 @@ fi # Check whether --with-openldap-include was given. -if test "${with_openldap_include+set}" = set; then +if test "${with_openldap_include+set}" = set; then : withval=$with_openldap_include; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-openldap-include" >&5 -echo "$as_me: error: No argument for --with-openldap-include" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "No argument for --with-openldap-include" "$LINENO" 5 elif test "X$with_openldap" = "X"; then with_openldap=yes fi @@ -20296,15 +12892,15 @@ fi # Check whether --with-openldap-config was given. -if test "${with_openldap_config+set}" = set; then +if test "${with_openldap_config+set}" = set; then : withval=$with_openldap_config; fi -{ echo "$as_me:$LINENO: checking for openldap" >&5 -echo $ECHO_N "checking for openldap... $ECHO_C" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for openldap" >&5 +$as_echo_n "checking for openldap... " >&6; } case "$with_openldap" in yes|"") d='' ;; @@ -20368,11 +12964,8 @@ if test "$with_openldap" != no; then if test "$openldap_cflags" -a "$openldap_libs"; then CFLAGS="$openldap_cflags $save_CFLAGS" LIBS="$openldap_libs $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -20384,49 +12977,23 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : INCLUDE_openldap="$openldap_cflags" LIB_openldap="$openldap_libs" - { echo "$as_me:$LINENO: result: from $with_openldap_config" >&5 -echo "${ECHO_T}from $with_openldap_config" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: from $with_openldap_config" >&5 +$as_echo "from $with_openldap_config" >&6; } found=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi if test "$found" = no; then ires= lres= for i in $header_dirs; do CFLAGS="-I$i $save_CFLAGS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -20438,40 +13005,14 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ires=$i;break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext done for i in $lib_dirs; do LIBS="-L$i -lldap -llber $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -20483,41 +13024,18 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : lres=$i;break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done if test "$ires" -a "$lres" -a "$with_openldap" != "no"; then INCLUDE_openldap="-I$ires" LIB_openldap="-L$lres -lldap -llber " found=yes - { echo "$as_me:$LINENO: result: headers $ires, libraries $lres" >&5 -echo "${ECHO_T}headers $ires, libraries $lres" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: headers $ires, libraries $lres" >&5 +$as_echo "headers $ires, libraries $lres" >&6; } fi fi CFLAGS="$save_CFLAGS" @@ -20535,8 +13053,8 @@ else with_openldap=no INCLUDE_openldap= LIB_openldap= - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -20544,15 +13062,13 @@ fi # Check whether --enable-hdb-openldap-module was given. -if test "${enable_hdb_openldap_module+set}" = set; then +if test "${enable_hdb_openldap_module+set}" = set; then : enableval=$enable_hdb_openldap_module; fi if test "$enable_hdb_openldap_module" = yes -a "$with_openldap" = yes; then -cat >>confdefs.h <<\_ACEOF -#define OPENLDAP_MODULE 1 -_ACEOF +$as_echo "#define OPENLDAP_MODULE 1" >>confdefs.h fi if test "$enable_hdb_openldap_module" = yes -a "$with_openldap" = yes; then @@ -20564,16 +13080,15 @@ else fi + # Check whether --enable-pk-init was given. -if test "${enable_pk_init+set}" = set; then +if test "${enable_pk_init+set}" = set; then : enableval=$enable_pk_init; fi if test "$enable_pk_init" != no ;then -cat >>confdefs.h <<\_ACEOF -#define PKINIT 1 -_ACEOF +$as_echo "#define PKINIT 1" >>confdefs.h fi if test "$enable_pk_init" != no; then @@ -20585,10 +13100,683 @@ else fi +# Check whether --enable-digest was given. +if test "${enable_digest+set}" = set; then : + enableval=$enable_digest; +fi + +if test "$enable_digest" != no ;then + +$as_echo "#define DIGEST 1" >>confdefs.h + +fi + +# Check whether --enable-kx509 was given. +if test "${enable_kx509+set}" = set; then : + enableval=$enable_kx509; +fi + +if test "$enable_kx509" != no ;then + +$as_echo "#define KX509 1" >>confdefs.h + +fi + + + +if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. +set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_path_PKG_CONFIG+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + case $PKG_CONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +PKG_CONFIG=$ac_cv_path_PKG_CONFIG +if test -n "$PKG_CONFIG"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKG_CONFIG" >&5 +$as_echo "$PKG_CONFIG" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_path_PKG_CONFIG"; then + ac_pt_PKG_CONFIG=$PKG_CONFIG + # Extract the first word of "pkg-config", so it can be a program name with args. +set dummy pkg-config; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_path_ac_pt_PKG_CONFIG+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + case $ac_pt_PKG_CONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_ac_pt_PKG_CONFIG="$ac_pt_PKG_CONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_ac_pt_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +ac_pt_PKG_CONFIG=$ac_cv_path_ac_pt_PKG_CONFIG +if test -n "$ac_pt_PKG_CONFIG"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PKG_CONFIG" >&5 +$as_echo "$ac_pt_PKG_CONFIG" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_pt_PKG_CONFIG" = x; then + PKG_CONFIG="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + PKG_CONFIG=$ac_pt_PKG_CONFIG + fi +else + PKG_CONFIG="$ac_cv_path_PKG_CONFIG" +fi + +fi +if test -n "$PKG_CONFIG"; then + _pkg_min_version=0.9.0 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking pkg-config is at least version $_pkg_min_version" >&5 +$as_echo_n "checking pkg-config is at least version $_pkg_min_version... " >&6; } + if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + PKG_CONFIG="" + fi + +fi + + +# Check whether --with-capng was given. +if test "${with_capng+set}" = set; then : + withval=$with_capng; +else + with_capng=check +fi + +if test "$with_capng" != "no"; then + +pkg_failed=no +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for CAPNG" >&5 +$as_echo_n "checking for CAPNG... " >&6; } + +if test -n "$PKG_CONFIG"; then + if test -n "$CAPNG_CFLAGS"; then + pkg_cv_CAPNG_CFLAGS="$CAPNG_CFLAGS" + else + if test -n "$PKG_CONFIG" && \ + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libcap-ng >= 0.4.0\""; } >&5 + ($PKG_CONFIG --exists --print-errors "libcap-ng >= 0.4.0") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + pkg_cv_CAPNG_CFLAGS=`$PKG_CONFIG --cflags "libcap-ng >= 0.4.0" 2>/dev/null` +else + pkg_failed=yes +fi + fi +else + pkg_failed=untried +fi +if test -n "$PKG_CONFIG"; then + if test -n "$CAPNG_LIBS"; then + pkg_cv_CAPNG_LIBS="$CAPNG_LIBS" + else + if test -n "$PKG_CONFIG" && \ + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libcap-ng >= 0.4.0\""; } >&5 + ($PKG_CONFIG --exists --print-errors "libcap-ng >= 0.4.0") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + pkg_cv_CAPNG_LIBS=`$PKG_CONFIG --libs "libcap-ng >= 0.4.0" 2>/dev/null` +else + pkg_failed=yes +fi + fi +else + pkg_failed=untried +fi + + + +if test $pkg_failed = yes; then + +if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then + _pkg_short_errors_supported=yes +else + _pkg_short_errors_supported=no +fi + if test $_pkg_short_errors_supported = yes; then + CAPNG_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "libcap-ng >= 0.4.0"` + else + CAPNG_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "libcap-ng >= 0.4.0"` + fi + # Put the nasty error message in config.log where it belongs + echo "$CAPNG_PKG_ERRORS" >&5 + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + with_capng=no +elif test $pkg_failed = untried; then + with_capng=no +else + CAPNG_CFLAGS=$pkg_cv_CAPNG_CFLAGS + CAPNG_LIBS=$pkg_cv_CAPNG_LIBS + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + with_capng=yes +fi +fi +if test "$with_capng" = "yes"; then + +cat >>confdefs.h <<_ACEOF +#define HAVE_CAPNG 1 +_ACEOF + +fi + if test "$with_capng" != "no"; then + HAVE_CAPNG_TRUE= + HAVE_CAPNG_FALSE='#' +else + HAVE_CAPNG_TRUE='#' + HAVE_CAPNG_FALSE= +fi + + + + + + +# Check whether --with-sqlite3 was given. +if test "${with_sqlite3+set}" = set; then : + withval=$with_sqlite3; +fi + + +# Check whether --with-sqlite3-lib was given. +if test "${with_sqlite3_lib+set}" = set; then : + withval=$with_sqlite3_lib; if test "$withval" = "yes" -o "$withval" = "no"; then + as_fn_error "No argument for --with-sqlite3-lib" "$LINENO" 5 +elif test "X$with_sqlite3" = "X"; then + with_sqlite3=yes +fi +fi + + +# Check whether --with-sqlite3-include was given. +if test "${with_sqlite3_include+set}" = set; then : + withval=$with_sqlite3_include; if test "$withval" = "yes" -o "$withval" = "no"; then + as_fn_error "No argument for --with-sqlite3-include" "$LINENO" 5 +elif test "X$with_sqlite3" = "X"; then + with_sqlite3=yes +fi +fi + + +# Check whether --with-sqlite3-config was given. +if test "${with_sqlite3_config+set}" = set; then : + withval=$with_sqlite3_config; +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sqlite3" >&5 +$as_echo_n "checking for sqlite3... " >&6; } + +case "$with_sqlite3" in +yes|"") d='' ;; +no) d= ;; +*) d="$with_sqlite3" ;; +esac + +header_dirs= +lib_dirs= +for i in $d; do + if test "$with_sqlite3_include" = ""; then + if test -d "$i/include/sqlite3"; then + header_dirs="$header_dirs $i/include/sqlite3" + fi + if test -d "$i/include"; then + header_dirs="$header_dirs $i/include" + fi + fi + if test "$with_sqlite3_lib" = ""; then + if test -d "$i/lib$abilibdirext"; then + lib_dirs="$lib_dirs $i/lib$abilibdirext" + fi + fi +done + +if test "$with_sqlite3_include"; then + header_dirs="$with_sqlite3_include $header_dirs" +fi +if test "$with_sqlite3_lib"; then + lib_dirs="$with_sqlite3_lib $lib_dirs" +fi + +if test "$with_sqlite3_config" = ""; then + with_sqlite3_config='' +fi + +sqlite3_cflags= +sqlite3_libs= + +case "$with_sqlite3_config" in +yes|no|""|"") + if test -f $with_sqlite3/bin/ ; then + with_sqlite3_config=$with_sqlite3/bin/ + fi + ;; +esac + +case "$with_sqlite3_config" in +yes|no|"") + ;; +*) + sqlite3_cflags="`$with_sqlite3_config --cflags 2>&1`" + sqlite3_libs="`$with_sqlite3_config --libs 2>&1`" + ;; +esac + +found=no +if test "$with_sqlite3" != no; then + save_CFLAGS="$CFLAGS" + save_LIBS="$LIBS" + if test "$sqlite3_cflags" -a "$sqlite3_libs"; then + CFLAGS="$sqlite3_cflags $save_CFLAGS" + LIBS="$sqlite3_libs $save_LIBS" + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#ifndef SQLITE_OPEN_CREATE +#error "old version" +#endif +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + + INCLUDE_sqlite3="$sqlite3_cflags" + LIB_sqlite3="$sqlite3_libs" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: from $with_sqlite3_config" >&5 +$as_echo "from $with_sqlite3_config" >&6; } + found=yes +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + fi + if test "$found" = no; then + ires= lres= + for i in $header_dirs; do + CFLAGS="-I$i $save_CFLAGS" + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#ifndef SQLITE_OPEN_CREATE +#error "old version" +#endif +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ires=$i;break +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + done + for i in $lib_dirs; do + LIBS="-L$i -lsqlite3 $save_LIBS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#ifndef SQLITE_OPEN_CREATE +#error "old version" +#endif +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + lres=$i;break +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + done + if test "$ires" -a "$lres" -a "$with_sqlite3" != "no"; then + INCLUDE_sqlite3="-I$ires" + LIB_sqlite3="-L$lres -lsqlite3 " + found=yes + { $as_echo "$as_me:${as_lineno-$LINENO}: result: headers $ires, libraries $lres" >&5 +$as_echo "headers $ires, libraries $lres" >&6; } + fi + fi + CFLAGS="$save_CFLAGS" + LIBS="$save_LIBS" +fi + +if test "$found" = yes; then + +cat >>confdefs.h <<_ACEOF +#define SQLITE3 1 +_ACEOF + + with_sqlite3=yes +else + with_sqlite3=no + INCLUDE_sqlite3= + LIB_sqlite3= + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + + + +if test "X$with_sqlite3" != Xyes ; then + INCLUDE_sqlite3="-I\$(top_srcdir)/lib/sqlite" + LIB_sqlite3="\$(top_builddir)/lib/sqlite/libheimsqlite.la" +fi + if test "X$with_sqlite3" = Xyes; then + SQLITE3_TRUE= + SQLITE3_FALSE='#' +else + SQLITE3_TRUE='#' + SQLITE3_FALSE= +fi + + + +$as_echo "#define HAVE_SQLITE3 1" >>confdefs.h + + +# Check whether --enable-sqlite-cache was given. +if test "${enable_sqlite_cache+set}" = set; then : + enableval=$enable_sqlite_cache; +fi + +if test "$enable_sqlite_cache" != no; then + +$as_echo "#define HAVE_SCC 1" >>confdefs.h + +fi + if test "$enable_sqlite_cache" != no; then + have_scc_TRUE= + have_scc_FALSE='#' +else + have_scc_TRUE='#' + have_scc_FALSE= +fi + + + + + +# Check whether --with-libintl was given. +if test "${with_libintl+set}" = set; then : + withval=$with_libintl; +fi + + +# Check whether --with-libintl-lib was given. +if test "${with_libintl_lib+set}" = set; then : + withval=$with_libintl_lib; if test "$withval" = "yes" -o "$withval" = "no"; then + as_fn_error "No argument for --with-libintl-lib" "$LINENO" 5 +elif test "X$with_libintl" = "X"; then + with_libintl=yes +fi +fi + + +# Check whether --with-libintl-include was given. +if test "${with_libintl_include+set}" = set; then : + withval=$with_libintl_include; if test "$withval" = "yes" -o "$withval" = "no"; then + as_fn_error "No argument for --with-libintl-include" "$LINENO" 5 +elif test "X$with_libintl" = "X"; then + with_libintl=yes +fi +fi + + +# Check whether --with-libintl-config was given. +if test "${with_libintl_config+set}" = set; then : + withval=$with_libintl_config; +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for libintl" >&5 +$as_echo_n "checking for libintl... " >&6; } + +case "$with_libintl" in +yes|"") d='' ;; +no) d= ;; +*) d="$with_libintl" ;; +esac + +header_dirs= +lib_dirs= +for i in $d; do + if test "$with_libintl_include" = ""; then + if test -d "$i/include/libintl"; then + header_dirs="$header_dirs $i/include/libintl" + fi + if test -d "$i/include"; then + header_dirs="$header_dirs $i/include" + fi + fi + if test "$with_libintl_lib" = ""; then + if test -d "$i/lib$abilibdirext"; then + lib_dirs="$lib_dirs $i/lib$abilibdirext" + fi + fi +done + +if test "$with_libintl_include"; then + header_dirs="$with_libintl_include $header_dirs" +fi +if test "$with_libintl_lib"; then + lib_dirs="$with_libintl_lib $lib_dirs" +fi + +if test "$with_libintl_config" = ""; then + with_libintl_config='' +fi + +libintl_cflags= +libintl_libs= + +case "$with_libintl_config" in +yes|no|""|"") + if test -f $with_libintl/bin/ ; then + with_libintl_config=$with_libintl/bin/ + fi + ;; +esac + +case "$with_libintl_config" in +yes|no|"") + ;; +*) + libintl_cflags="`$with_libintl_config --cflags 2>&1`" + libintl_libs="`$with_libintl_config --libs 2>&1`" + ;; +esac + +found=no +if test "$with_libintl" != no; then + save_CFLAGS="$CFLAGS" + save_LIBS="$LIBS" + if test "$libintl_cflags" -a "$libintl_libs"; then + CFLAGS="$libintl_cflags $save_CFLAGS" + LIBS="$libintl_libs $save_LIBS" + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + + INCLUDE_libintl="$libintl_cflags" + LIB_libintl="$libintl_libs" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: from $with_libintl_config" >&5 +$as_echo "from $with_libintl_config" >&6; } + found=yes +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + fi + if test "$found" = no; then + ires= lres= + for i in $header_dirs; do + CFLAGS="-I$i $save_CFLAGS" + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ires=$i;break +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + done + for i in $lib_dirs; do + LIBS="-L$i -lintl $save_LIBS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + lres=$i;break +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + done + if test "$ires" -a "$lres" -a "$with_libintl" != "no"; then + INCLUDE_libintl="-I$ires" + LIB_libintl="-L$lres -lintl " + found=yes + { $as_echo "$as_me:${as_lineno-$LINENO}: result: headers $ires, libraries $lres" >&5 +$as_echo "headers $ires, libraries $lres" >&6; } + fi + fi + CFLAGS="$save_CFLAGS" + LIBS="$save_LIBS" +fi + +if test "$found" = yes; then + +cat >>confdefs.h <<_ACEOF +#define LIBINTL 1 +_ACEOF + + with_libintl=yes +else + with_libintl=no + INCLUDE_libintl= + LIB_libintl= + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + + # Check whether --with-hdbdir was given. -if test "${with_hdbdir+set}" = set; then +if test "${with_hdbdir+set}" = set; then : withval=$with_hdbdir; else with_hdbdir=/var/heimdal @@ -20628,27 +13816,27 @@ fi -cat >>confdefs.h <<\_ACEOF -#define KRB5 1 -_ACEOF +$as_echo "#define SUPPORT_INETD 1" >>confdefs.h + + + +$as_echo "#define KRB5 1" >>confdefs.h crypto_lib=unknown # Check whether --with-openssl was given. -if test "${with_openssl+set}" = set; then +if test "${with_openssl+set}" = set; then : withval=$with_openssl; fi # Check whether --with-openssl-lib was given. -if test "${with_openssl_lib+set}" = set; then +if test "${with_openssl_lib+set}" = set; then : withval=$with_openssl_lib; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-openssl-lib" >&5 -echo "$as_me: error: No argument for --with-openssl-lib" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "No argument for --with-openssl-lib" "$LINENO" 5 elif test "X$with_openssl" = "X"; then with_openssl=yes fi @@ -20657,11 +13845,9 @@ fi # Check whether --with-openssl-include was given. -if test "${with_openssl_include+set}" = set; then +if test "${with_openssl_include+set}" = set; then : withval=$with_openssl_include; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-openssl-include" >&5 -echo "$as_me: error: No argument for --with-openssl-include" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "No argument for --with-openssl-include" "$LINENO" 5 elif test "X$with_openssl" = "X"; then with_openssl=yes fi @@ -20684,8 +13870,8 @@ esac DIR_hcrypto= -{ echo "$as_me:$LINENO: checking for crypto library" >&5 -echo $ECHO_N "checking for crypto library... $ECHO_C" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for crypto library" >&5 +$as_echo_n "checking for crypto library... " >&6; } openssl=no @@ -20707,11 +13893,7 @@ if test "$crypto_lib" = "unknown" -a "$with_krb4" != "no"; then for j in $cdirs; do for k in $clibs; do LIBS="$j $k $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #undef KRB5 /* makes md4.h et al unhappy */ @@ -20726,6 +13908,7 @@ cat >>conftest.$ac_ext <<_ACEOF #include #include #include + #include #include #include #include @@ -20749,19 +13932,20 @@ main () { void *schedule = 0; - MD4_CTX md4; - MD5_CTX md5; - SHA_CTX sha1; - SHA256_CTX sha256; + EVP_MD_CTX mdctx; - MD4_Init(&md4); - MD5_Init(&md5); - SHA1_Init(&sha1); - SHA256_Init(&sha256); + EVP_md4(); + EVP_md5(); + EVP_sha1(); + EVP_sha256(); + + EVP_MD_CTX_init(&mdctx); + EVP_DigestInit_ex(&mdctx, EVP_sha1(), (ENGINE *)0); EVP_CIPHER_iv_length(((EVP_CIPHER*)0)); - #ifdef HAVE_OPENSSL - RAND_status(); UI_UTIL_read_pw_string(0,0,0,0); + RAND_status(); + #ifdef HAVE_OPENSSL + EC_KEY_new(); #endif OpenSSL_add_all_algorithms(); @@ -20772,45 +13956,18 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : openssl=yes ires="$i" lres="$j $k"; break 3 -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done done CFLAGS="$i $save_CFLAGS" for j in $cdirs; do for k in $clibs; do LIBS="$j $k $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #undef KRB5 /* makes md4.h et al unhappy */ @@ -20825,6 +13982,7 @@ cat >>conftest.$ac_ext <<_ACEOF #include #include #include + #include #include #include #include @@ -20848,19 +14006,20 @@ main () { void *schedule = 0; - MD4_CTX md4; - MD5_CTX md5; - SHA_CTX sha1; - SHA256_CTX sha256; + EVP_MD_CTX mdctx; - MD4_Init(&md4); - MD5_Init(&md5); - SHA1_Init(&sha1); - SHA256_Init(&sha256); + EVP_md4(); + EVP_md5(); + EVP_sha1(); + EVP_sha256(); + + EVP_MD_CTX_init(&mdctx); + EVP_DigestInit_ex(&mdctx, EVP_sha1(), (ENGINE *)0); EVP_CIPHER_iv_length(((EVP_CIPHER*)0)); - #ifdef HAVE_OPENSSL - RAND_status(); UI_UTIL_read_pw_string(0,0,0,0); + RAND_status(); + #ifdef HAVE_OPENSSL + EC_KEY_new(); #endif OpenSSL_add_all_algorithms(); @@ -20871,34 +14030,11 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : openssl=no ires="$i" lres="$j $k"; break 3 -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done done done @@ -20909,8 +14045,8 @@ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ INCLUDE_hcrypto="$ires" LIB_hcrypto="$lres" crypto_lib=krb4 - { echo "$as_me:$LINENO: result: same as krb4" >&5 -echo "${ECHO_T}same as krb4" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: same as krb4" >&5 +$as_echo "same as krb4" >&6; } LIB_hcrypto_a='$(LIB_hcrypto)' LIB_hcrypto_so='$(LIB_hcrypto)' LIB_hcrypto_appl='$(LIB_hcrypto)' @@ -20936,11 +14072,7 @@ if test "$crypto_lib" = "unknown" -a "$with_openssl" != "no"; then LIB_hcrypto_so="$LIB_hcrypto" LIB_hcrypto_appl="$LIB_hcrypto" LIBS="${LIBS} ${LIB_hcrypto}" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #undef KRB5 /* makes md4.h et al unhappy */ @@ -20955,6 +14087,7 @@ cat >>conftest.$ac_ext <<_ACEOF #include #include #include + #include #include #include #include @@ -20978,19 +14111,20 @@ main () { void *schedule = 0; - MD4_CTX md4; - MD5_CTX md5; - SHA_CTX sha1; - SHA256_CTX sha256; + EVP_MD_CTX mdctx; - MD4_Init(&md4); - MD5_Init(&md5); - SHA1_Init(&sha1); - SHA256_Init(&sha256); + EVP_md4(); + EVP_md5(); + EVP_sha1(); + EVP_sha256(); + + EVP_MD_CTX_init(&mdctx); + EVP_DigestInit_ex(&mdctx, EVP_sha1(), (ENGINE *)0); EVP_CIPHER_iv_length(((EVP_CIPHER*)0)); - #ifdef HAVE_OPENSSL - RAND_status(); UI_UTIL_read_pw_string(0,0,0,0); + RAND_status(); + #ifdef HAVE_OPENSSL + EC_KEY_new(); #endif OpenSSL_add_all_algorithms(); @@ -21001,38 +14135,15 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : crypto_lib=libcrypto openssl=yes - { echo "$as_me:$LINENO: result: libcrypto" >&5 -echo "${ECHO_T}libcrypto" >&6; } - -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - + { $as_echo "$as_me:${as_lineno-$LINENO}: result: libcrypto" >&5 +$as_echo "libcrypto" >&6; } fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext if test "$crypto_lib" = libcrypto ; then break; fi @@ -21049,26 +14160,20 @@ if test "$crypto_lib" = "unknown"; then LIB_hcrypto_so='$(top_builddir)/lib/hcrypto/.libs/libhcrypto.so' LIB_hcrypto_appl="-lhcrypto" - { echo "$as_me:$LINENO: result: included libhcrypto" >&5 -echo "${ECHO_T}included libhcrypto" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: included libhcrypto" >&5 +$as_echo "included libhcrypto" >&6; } fi if test "$with_krb4" != no -a "$crypto_lib" != krb4; then - { { echo "$as_me:$LINENO: error: the crypto library used by krb4 lacks features + as_fn_error "the crypto library used by krb4 lacks features required by Kerberos 5; to continue, you need to install a newer -Kerberos 4 or configure --without-krb4" >&5 -echo "$as_me: error: the crypto library used by krb4 lacks features -required by Kerberos 5; to continue, you need to install a newer -Kerberos 4 or configure --without-krb4" >&2;} - { (exit 1); exit 1; }; } +Kerberos 4 or configure --without-krb4" "$LINENO" 5 fi if test "$openssl" = "yes"; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_OPENSSL 1 -_ACEOF +$as_echo "#define HAVE_OPENSSL 1" >>confdefs.h fi if test "$openssl" = yes; then @@ -21088,11 +14193,11 @@ fi -{ echo "$as_me:$LINENO: checking if compiling threadsafe libraries" >&5 -echo $ECHO_N "checking if compiling threadsafe libraries... $ECHO_C" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if compiling threadsafe libraries" >&5 +$as_echo_n "checking if compiling threadsafe libraries... " >&6; } # Check whether --enable-pthread-support was given. -if test "${enable_pthread_support+set}" = set; then +if test "${enable_pthread_support+set}" = set; then : enableval=$enable_pthread_support; else enable_pthread_support=maybe @@ -21103,35 +14208,51 @@ case "$host" in *-*-solaris2*) native_pthread_support=yes if test "$GCC" = yes; then - PTHREADS_CFLAGS=-pthreads - PTHREADS_LIBS=-pthreads + PTHREAD_CFLAGS=-pthreads + PTHREAD_LIBADD=-pthreads else - PTHREADS_CFLAGS=-mt - PTHREADS_LIBS=-mt + PTHREAD_CFLAGS=-mt + PTHREAD_LDADD=-mt + PTHREAD_LIBADD=-mt fi ;; -*-*-netbsd*) +*-*-netbsd[12]*) native_pthread_support="if running netbsd 1.6T or newer" - PTHREADS_LIBS="" + PTHREAD_LIBADD="-lpthread" ;; -*-*-freebsd5*) +*-*-netbsd[3456789]*) + native_pthread_support="netbsd 3 uses explict pthread" + PTHREAD_LIBADD="-lpthread" + ;; +*-*-freebsd[56789]*) native_pthread_support=yes + PTHREAD_LIBADD="-pthread" + ;; +*-*-openbsd*) + native_pthread_support=yes + PTHREAD_CFLAGS=-pthread + PTHREAD_LIBADD=-pthread ;; *-*-linux* | *-*-linux-gnu) case `uname -r` in - 2.*) + 2.*|3.*) native_pthread_support=yes - PTHREADS_CFLAGS=-pthread - PTHREADS_LIBS=-pthread + PTHREAD_CFLAGS=-pthread + PTHREAD_LIBADD=-pthread ;; esac ;; +*-*-kfreebsd*-gnu*) + native_pthread_support=yes + PTHREAD_CFLAGS=-pthread + PTHREAD_LIBADD=-pthread + ;; *-*-aix*) native_pthread_support=no ;; mips-sgi-irix6.[5-9]) # maybe works for earlier versions too native_pthread_support=yes - PTHREADS_LIBS="-lpthread" + PTHREAD_LIBADD="-lpthread" ;; *-*-darwin*) native_pthread_support=yes @@ -21147,33 +14268,30 @@ fi if test "$enable_pthread_support" != no; then -cat >>confdefs.h <<\_ACEOF -#define ENABLE_PTHREAD_SUPPORT 1 -_ACEOF +$as_echo "#define ENABLE_PTHREAD_SUPPORT 1" >>confdefs.h - LIBS="$PTHREADS_LIBS $LIBS" + LIBS="$PTHREAD_LIBADD $LIBS" else - PTHREADS_CFLAGS="" - PTHREADS_LIBS="" + PTHREAD_CFLAGS="" + PTHREAD_LIBADD="" fi -{ echo "$as_me:$LINENO: result: $enable_pthread_support" >&5 -echo "${ECHO_T}$enable_pthread_support" >&6; } + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_pthread_support" >&5 +$as_echo "$enable_pthread_support" >&6; } # Check whether --enable-dce was given. -if test "${enable_dce+set}" = set; then +if test "${enable_dce+set}" = set; then : enableval=$enable_dce; fi if test "$enable_dce" = yes; then -cat >>confdefs.h <<\_ACEOF -#define DCE 1 -_ACEOF +$as_echo "#define DCE 1" >>confdefs.h fi if test "$enable_dce" = yes; then @@ -21200,28 +14318,39 @@ fi # Check whether --enable-afs-support was given. -if test "${enable_afs_support+set}" = set; then +if test "${enable_afs_support+set}" = set; then : enableval=$enable_afs_support; fi if test "$enable_afs_support" = no; then -cat >>confdefs.h <<\_ACEOF -#define NO_AFS 1 -_ACEOF +$as_echo "#define NO_AFS 1" >>confdefs.h + NO_AFS="1" fi -# Check whether --enable-berkeley-db was given. -if test "${enable_berkeley_db+set}" = set; then - enableval=$enable_berkeley_db; +# Check whether --with-berkeley-db was given. +if test "${with_berkeley_db+set}" = set; then : + withval=$with_berkeley_db; +else + with_berkeley_db=check +fi + + +dbheader="" + +# Check whether --with-berkeley-db-include was given. +if test "${with_berkeley_db_include+set}" = set; then : + withval=$with_berkeley_db_include; dbheader=$withval +else + with_berkeley_db_include=check fi # Check whether --enable-ndbm-db was given. -if test "${enable_ndbm_db+set}" = set; then +if test "${enable_ndbm_db+set}" = set; then : enableval=$enable_ndbm_db; fi @@ -21230,175 +14359,70 @@ fi have_ndbm=no db_type=unknown -if test "$enable_berkeley_db" != no; then - - - - - -for ac_header in \ - db4/db.h \ - db3/db.h \ - db.h \ - db_185.h \ - -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then +if test "x$with_berkeley_db" != xno; then : + if test "x$with_berkeley_db_include" != xcheck; then : + for ac_header in "$dbheader/db.h" +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + DBHEADER=$dbheader + + +$as_echo "#define HAVE_DBHEADER 1" >>confdefs.h + + +else + if test "x$with_berkeley_db_include" != xcheck; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error "--with-berkeley-db-include was given but include test failed +See \`config.log' for more details." "$LINENO" 5; } + fi + +fi + +done + +else + for ac_header in \ + db5/db.h \ + db4/db.h \ + db3/db.h \ + db.h \ + +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done +fi -{ echo "$as_me:$LINENO: checking for db_create" >&5 -echo $ECHO_N "checking for db_create... $ECHO_C" >&6; } -if test "${ac_cv_funclib_db_create+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for db_create" >&5 +$as_echo_n "checking for db_create... " >&6; } +if test "${ac_cv_funclib_db_create+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_db_create\" != yes" ; then ac_save_LIBS="$LIBS" - for ac_lib in "" db4 db3 db; do + for ac_lib in "" $dbheader db5 db4 db3 db; do case "$ac_lib" in "") ;; yes) ac_lib="" ;; @@ -21407,15 +14431,15 @@ if eval "test \"\$ac_cv_func_db_create\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include - #ifdef HAVE_DB4_DB_H + #ifdef HAVE_DBHEADER + #include <$dbheader/db.h> + #elif HAVE_DB5_DB_H + #include + #elif HAVE_DB4_DB_H #include #elif defined(HAVE_DB3_DB_H) #include @@ -21431,34 +14455,11 @@ db_create(NULL, NULL, 0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_db_create=$ac_lib; else ac_cv_funclib_db_create=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_db_create=\${ac_cv_funclib_db_create-no}" LIBS="$ac_save_LIBS" @@ -21470,95 +14471,12 @@ fi eval "ac_res=\$ac_cv_funclib_db_create" if false; then - -for ac_func in db_create -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in db_create +do : + ac_fn_c_check_func "$LINENO" "db_create" "ac_cv_func_db_create" +if test "x$ac_cv_func_db_create" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_DB_CREATE 1 _ACEOF fi @@ -21578,14 +14496,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_db_create=no" eval "LIB_db_create=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_db_create=yes" @@ -21598,8 +14516,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -21613,20 +14531,18 @@ esac DBLIB="" fi -cat >>confdefs.h <<\_ACEOF -#define HAVE_DB3 1 -_ACEOF +$as_echo "#define HAVE_DB3 1" >>confdefs.h - else + fi -{ echo "$as_me:$LINENO: checking for dbopen" >&5 -echo $ECHO_N "checking for dbopen... $ECHO_C" >&6; } -if test "${ac_cv_funclib_dbopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dbopen" >&5 +$as_echo_n "checking for dbopen... " >&6; } +if test "${ac_cv_funclib_dbopen+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_dbopen\" != yes" ; then @@ -21640,23 +14556,17 @@ if eval "test \"\$ac_cv_func_dbopen\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ - #include - #if defined(HAVE_DB2_DB_H) - #include - #elif defined(HAVE_DB_185_H) - #include - #elif defined(HAVE_DB_H) - #include - #else - #error no db.h - #endif + #include + #if defined(HAVE_DB2_DB_H) + #include + #elif defined(HAVE_DB_H) + #include + #else + #error no db.h + #endif int main () @@ -21666,34 +14576,11 @@ dbopen(NULL, 0, 0, 0, NULL) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_dbopen=$ac_lib; else ac_cv_funclib_dbopen=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_dbopen=\${ac_cv_funclib_dbopen-no}" LIBS="$ac_save_LIBS" @@ -21705,95 +14592,12 @@ fi eval "ac_res=\$ac_cv_funclib_dbopen" if false; then - -for ac_func in dbopen -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in dbopen +do : + ac_fn_c_check_func "$LINENO" "dbopen" "ac_cv_func_dbopen" +if test "x$ac_cv_func_dbopen" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_DBOPEN 1 _ACEOF fi @@ -21813,14 +14617,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_dbopen=no" eval "LIB_dbopen=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_dbopen=yes" @@ -21833,36 +14637,33 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac - if test "$ac_cv_func_dbopen" = "yes"; then - db_type=db1 - if test "$ac_cv_funclib_dbopen" != "yes"; then - DBLIB="$ac_cv_funclib_dbopen" - else - DBLIB="" - fi - -cat >>confdefs.h <<\_ACEOF -#define HAVE_DB1 1 -_ACEOF - + if test "$ac_cv_func_dbopen" = "yes"; then + db_type=db1 + if test "$ac_cv_funclib_dbopen" != "yes"; then + DBLIB="$ac_cv_funclib_dbopen" + else + DBLIB="" fi + +$as_echo "#define HAVE_DB1 1" >>confdefs.h + fi if test "$ac_cv_func_dbm_firstkey" != yes; then -{ echo "$as_me:$LINENO: checking for dbm_firstkey" >&5 -echo $ECHO_N "checking for dbm_firstkey... $ECHO_C" >&6; } -if test "${ac_cv_funclib_dbm_firstkey+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dbm_firstkey" >&5 +$as_echo_n "checking for dbm_firstkey... " >&6; } +if test "${ac_cv_funclib_dbm_firstkey+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_dbm_firstkey\" != yes" ; then @@ -21876,11 +14677,7 @@ if eval "test \"\$ac_cv_func_dbm_firstkey\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -21896,34 +14693,11 @@ dbm_firstkey(NULL) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_dbm_firstkey=$ac_lib; else ac_cv_funclib_dbm_firstkey=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_dbm_firstkey=\${ac_cv_funclib_dbm_firstkey-no}" LIBS="$ac_save_LIBS" @@ -21935,95 +14709,12 @@ fi eval "ac_res=\$ac_cv_funclib_dbm_firstkey" if false; then - -for ac_func in dbm_firstkey -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in dbm_firstkey +do : + ac_fn_c_check_func "$LINENO" "dbm_firstkey" "ac_cv_func_dbm_firstkey" +if test "x$ac_cv_func_dbm_firstkey" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_DBM_FIRSTKEY 1 _ACEOF fi @@ -22043,14 +14734,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_dbm_firstkey=no" eval "LIB_dbm_firstkey=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_dbm_firstkey=yes" @@ -22063,8 +14754,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -22077,14 +14768,10 @@ esac LIB_NDBM="" fi -cat >>confdefs.h <<\_ACEOF -#define HAVE_DB_NDBM 1 -_ACEOF +$as_echo "#define HAVE_DB_NDBM 1" >>confdefs.h -cat >>confdefs.h <<\_ACEOF -#define HAVE_NEW_DB 1 -_ACEOF +$as_echo "#define HAVE_NEW_DB 1" >>confdefs.h else $as_unset ac_cv_func_dbm_firstkey @@ -22092,155 +14779,24 @@ _ACEOF fi fi -fi # berkeley db + +fi # fi berkeley db if test "$enable_ndbm_db" != "no"; then if test "$db_type" = "unknown" -o "$ac_cv_func_dbm_firstkey" = ""; then - - -for ac_header in \ + for ac_header in \ dbm.h \ ndbm.h \ -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi @@ -22251,10 +14807,10 @@ done -{ echo "$as_me:$LINENO: checking for dbm_firstkey" >&5 -echo $ECHO_N "checking for dbm_firstkey... $ECHO_C" >&6; } -if test "${ac_cv_funclib_dbm_firstkey+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dbm_firstkey" >&5 +$as_echo_n "checking for dbm_firstkey... " >&6; } +if test "${ac_cv_funclib_dbm_firstkey+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_dbm_firstkey\" != yes" ; then @@ -22268,11 +14824,7 @@ if eval "test \"\$ac_cv_func_dbm_firstkey\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -22291,34 +14843,11 @@ dbm_firstkey(NULL) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_dbm_firstkey=$ac_lib; else ac_cv_funclib_dbm_firstkey=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_dbm_firstkey=\${ac_cv_funclib_dbm_firstkey-no}" LIBS="$ac_save_LIBS" @@ -22330,95 +14859,12 @@ fi eval "ac_res=\$ac_cv_funclib_dbm_firstkey" if false; then - -for ac_func in dbm_firstkey -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in dbm_firstkey +do : + ac_fn_c_check_func "$LINENO" "dbm_firstkey" "ac_cv_func_dbm_firstkey" +if test "x$ac_cv_func_dbm_firstkey" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_DBM_FIRSTKEY 1 _ACEOF fi @@ -22438,14 +14884,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_dbm_firstkey=no" eval "LIB_dbm_firstkey=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_dbm_firstkey=yes" @@ -22458,8 +14904,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -22472,9 +14918,7 @@ esac LIB_NDBM="" fi -cat >>confdefs.h <<\_ACEOF -#define HAVE_NDBM 1 -_ACEOF +$as_echo "#define HAVE_NDBM 1" >>confdefs.h have_ndbm=yes if test "$db_type" = "unknown"; then db_type=ndbm @@ -22485,147 +14929,16 @@ _ACEOF $as_unset ac_cv_func_dbm_firstkey $as_unset ac_cv_funclib_dbm_firstkey - -for ac_header in \ + for ac_header in \ gdbm/ndbm.h \ -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi @@ -22636,10 +14949,10 @@ done -{ echo "$as_me:$LINENO: checking for dbm_firstkey" >&5 -echo $ECHO_N "checking for dbm_firstkey... $ECHO_C" >&6; } -if test "${ac_cv_funclib_dbm_firstkey+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dbm_firstkey" >&5 +$as_echo_n "checking for dbm_firstkey... " >&6; } +if test "${ac_cv_funclib_dbm_firstkey+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_dbm_firstkey\" != yes" ; then @@ -22653,11 +14966,7 @@ if eval "test \"\$ac_cv_func_dbm_firstkey\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -22672,34 +14981,11 @@ dbm_firstkey(NULL) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_dbm_firstkey=$ac_lib; else ac_cv_funclib_dbm_firstkey=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_dbm_firstkey=\${ac_cv_funclib_dbm_firstkey-no}" LIBS="$ac_save_LIBS" @@ -22711,95 +14997,12 @@ fi eval "ac_res=\$ac_cv_funclib_dbm_firstkey" if false; then - -for ac_func in dbm_firstkey -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in dbm_firstkey +do : + ac_fn_c_check_func "$LINENO" "dbm_firstkey" "ac_cv_func_dbm_firstkey" +if test "x$ac_cv_func_dbm_firstkey" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_DBM_FIRSTKEY 1 _ACEOF fi @@ -22819,14 +15022,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_dbm_firstkey=no" eval "LIB_dbm_firstkey=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_dbm_firstkey=yes" @@ -22839,8 +15042,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -22853,9 +15056,7 @@ esac LIB_NDBM="" fi -cat >>confdefs.h <<\_ACEOF -#define HAVE_NDBM 1 -_ACEOF +$as_echo "#define HAVE_NDBM 1" >>confdefs.h have_ndbm=yes if test "$db_type" = "unknown"; then db_type=ndbm @@ -22867,20 +15068,13 @@ _ACEOF fi # unknown if test "$have_ndbm" = "yes"; then - { echo "$as_me:$LINENO: checking if ndbm is implemented with db" >&5 -echo $ECHO_N "checking if ndbm is implemented with db... $ECHO_C" >&6; } - if test "$cross_compiling" = yes; then - { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot run test program while cross compiling -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if ndbm is implemented with db" >&5 +$as_echo_n "checking if ndbm is implemented with db... " >&6; } + if test "$cross_compiling" = yes; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no-cross" >&5 +$as_echo "no-cross" >&6; } else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -22903,52 +15097,26 @@ int main(int argc, char **argv) return 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : if test -f conftest.db; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } -cat >>confdefs.h <<\_ACEOF -#define HAVE_NEW_DB 1 -_ACEOF +$as_echo "#define HAVE_NEW_DB 1" >>confdefs.h else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -{ echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - fi if test "$db_type" = db1; then @@ -22972,6 +15140,13 @@ else HAVE_NDBM_TRUE='#' HAVE_NDBM_FALSE= fi + if test "$dbheader" != ""; then + HAVE_DBHEADER_TRUE= + HAVE_DBHEADER_FALSE='#' +else + HAVE_DBHEADER_TRUE='#' + HAVE_DBHEADER_FALSE= +fi ## it's probably not correct to include LDFLAGS here, but we might ## need it, for now just add any possible -L @@ -22986,19 +15161,14 @@ DBLIB="$z $DBLIB" - -{ echo "$as_me:$LINENO: checking for inline" >&5 -echo $ECHO_N "checking for inline... $ECHO_C" >&6; } -if test "${ac_cv_c_inline+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5 +$as_echo_n "checking for inline... " >&6; } +if test "${ac_cv_c_inline+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_cv_c_inline=no for ac_kw in inline __inline__ __inline; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifndef __cplusplus typedef int foo_t; @@ -23007,39 +15177,16 @@ $ac_kw foo_t foo () {return 0; } #endif _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_c_inline=$ac_kw -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext test "$ac_cv_c_inline" != no && break done fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_inline" >&5 -echo "${ECHO_T}$ac_cv_c_inline" >&6; } - +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5 +$as_echo "$ac_cv_c_inline" >&6; } case $ac_cv_c_inline in inline | yes) ;; @@ -23056,16 +15203,12 @@ _ACEOF ;; esac -{ echo "$as_me:$LINENO: checking for an ANSI C-conforming const" >&5 -echo $ECHO_N "checking for an ANSI C-conforming const... $ECHO_C" >&6; } -if test "${ac_cv_c_const+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5 +$as_echo_n "checking for an ANSI C-conforming const... " >&6; } +if test "${ac_cv_c_const+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -23125,98 +15268,24 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_c_const=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_c_const=no + ac_cv_c_const=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_const" >&5 -echo "${ECHO_T}$ac_cv_c_const" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5 +$as_echo "$ac_cv_c_const" >&6; } if test $ac_cv_c_const = no; then -cat >>confdefs.h <<\_ACEOF -#define const -_ACEOF +$as_echo "#define const /**/" >>confdefs.h fi -{ echo "$as_me:$LINENO: checking for size_t" >&5 -echo $ECHO_N "checking for size_t... $ECHO_C" >&6; } -if test "${ac_cv_type_size_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef size_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_size_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" +if test "x$ac_cv_type_size_t" = x""yes; then : - ac_cv_type_size_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_size_t" >&5 -echo "${ECHO_T}$ac_cv_type_size_t" >&6; } -if test $ac_cv_type_size_t = yes; then - : else cat >>confdefs.h <<_ACEOF @@ -23225,61 +15294,9 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for pid_t" >&5 -echo $ECHO_N "checking for pid_t... $ECHO_C" >&6; } -if test "${ac_cv_type_pid_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef pid_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_pid_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +ac_fn_c_check_type "$LINENO" "pid_t" "ac_cv_type_pid_t" "$ac_includes_default" +if test "x$ac_cv_type_pid_t" = x""yes; then : - ac_cv_type_pid_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_pid_t" >&5 -echo "${ECHO_T}$ac_cv_type_pid_t" >&6; } -if test $ac_cv_type_pid_t = yes; then - : else cat >>confdefs.h <<_ACEOF @@ -23288,22 +15305,18 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for uid_t in sys/types.h" >&5 -echo $ECHO_N "checking for uid_t in sys/types.h... $ECHO_C" >&6; } -if test "${ac_cv_type_uid_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for uid_t in sys/types.h" >&5 +$as_echo_n "checking for uid_t in sys/types.h... " >&6; } +if test "${ac_cv_type_uid_t+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "uid_t" >/dev/null 2>&1; then + $EGREP "uid_t" >/dev/null 2>&1; then : ac_cv_type_uid_t=yes else ac_cv_type_uid_t=no @@ -23311,32 +15324,24 @@ fi rm -f conftest* fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uid_t" >&5 -echo "${ECHO_T}$ac_cv_type_uid_t" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_uid_t" >&5 +$as_echo "$ac_cv_type_uid_t" >&6; } if test $ac_cv_type_uid_t = no; then -cat >>confdefs.h <<\_ACEOF -#define uid_t int -_ACEOF +$as_echo "#define uid_t int" >>confdefs.h -cat >>confdefs.h <<\_ACEOF -#define gid_t int -_ACEOF +$as_echo "#define gid_t int" >>confdefs.h fi -{ echo "$as_me:$LINENO: checking return type of signal handlers" >&5 -echo $ECHO_N "checking return type of signal handlers... $ECHO_C" >&6; } -if test "${ac_cv_type_signal+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of signal handlers" >&5 +$as_echo_n "checking return type of signal handlers... " >&6; } +if test "${ac_cv_type_signal+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -23349,35 +15354,15 @@ return *(signal (0, 0)) (0) == 1; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_signal=int else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_signal=void + ac_cv_type_signal=void fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_signal" >&5 -echo "${ECHO_T}$ac_cv_type_signal" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_signal" >&5 +$as_echo "$ac_cv_type_signal" >&6; } cat >>confdefs.h <<_ACEOF #define RETSIGTYPE $ac_cv_type_signal @@ -23386,25 +15371,18 @@ _ACEOF if test "$ac_cv_type_signal" = "void" ; then -cat >>confdefs.h <<\_ACEOF -#define VOID_RETSIGTYPE 1 -_ACEOF +$as_echo "#define VOID_RETSIGTYPE 1" >>confdefs.h fi - -{ echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5 -echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6; } -if test "${ac_cv_header_time+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether time.h and sys/time.h may both be included" >&5 +$as_echo_n "checking whether time.h and sys/time.h may both be included... " >&6; } +if test "${ac_cv_header_time+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -23419,183 +15397,28 @@ return 0; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_header_time=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_header_time=no + ac_cv_header_time=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_time" >&5 -echo "${ECHO_T}$ac_cv_header_time" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_time" >&5 +$as_echo "$ac_cv_header_time" >&6; } if test $ac_cv_header_time = yes; then -cat >>confdefs.h <<\_ACEOF -#define TIME_WITH_SYS_TIME 1 -_ACEOF +$as_echo "#define TIME_WITH_SYS_TIME 1" >>confdefs.h fi - for ac_header in standards.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then +do : + ac_fn_c_check_header_mongrel "$LINENO" "standards.h" "ac_cv_header_standards_h" "$ac_includes_default" +if test "x$ac_cv_header_standards_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_STANDARDS_H 1 _ACEOF fi @@ -23606,16 +15429,12 @@ for i in netinet/ip.h netinet/tcp.h; do cv=`echo "$i" | sed 'y%./+-%__p_%'` -{ echo "$as_me:$LINENO: checking for $i" >&5 -echo $ECHO_N "checking for $i... $ECHO_C" >&6; } -if { as_var=ac_cv_header_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $i" >&5 +$as_echo_n "checking for $i... " >&6; } +if { as_var=ac_cv_header_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_STANDARDS_H @@ -23624,35 +15443,16 @@ cat >>conftest.$ac_ext <<_ACEOF #include <$i> _ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then +if ac_fn_c_try_cpp "$LINENO"; then : eval "ac_cv_header_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - eval "ac_cv_header_$cv=no" fi - rm -f conftest.err conftest.$ac_ext fi -ac_res=`eval echo '${'ac_cv_header_$cv'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } +eval ac_res=\$ac_cv_header_$cv + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } ac_res=`eval echo \\$ac_cv_header_$cv` if test "$ac_res" = yes; then ac_tr_hdr=HAVE_`echo $i | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` @@ -23663,146 +15463,14 @@ _ACEOF fi done if false;then - - -for ac_header in netinet/ip.h netinet/tcp.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then + for ac_header in netinet/ip.h netinet/tcp.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi @@ -23812,106 +15480,24 @@ done fi - - for ac_func in getlogin setlogin -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +eval as_val=\$$as_ac_var + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done if test "$ac_cv_func_getlogin" = yes; then -{ echo "$as_me:$LINENO: checking if getlogin is posix" >&5 -echo $ECHO_N "checking if getlogin is posix... $ECHO_C" >&6; } -if test "${ac_cv_func_getlogin_posix+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if getlogin is posix" >&5 +$as_echo_n "checking if getlogin is posix... " >&6; } +if test "${ac_cv_func_getlogin_posix+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test "$ac_cv_func_getlogin" = yes -a "$ac_cv_func_setlogin" = yes; then @@ -23921,157 +15507,27 @@ else fi fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getlogin_posix" >&5 -echo "${ECHO_T}$ac_cv_func_getlogin_posix" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_getlogin_posix" >&5 +$as_echo "$ac_cv_func_getlogin_posix" >&6; } if test "$ac_cv_func_getlogin_posix" = yes; then -cat >>confdefs.h <<\_ACEOF -#define POSIX_GETLOGIN 1 -_ACEOF +$as_echo "#define POSIX_GETLOGIN 1" >>confdefs.h fi fi -for ac_header in stdlib.h unistd.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then + for ac_header in $ac_header_list +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default +" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi @@ -24079,112 +15535,32 @@ fi done + + + + + + for ac_func in getpagesize -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then +do : + ac_fn_c_check_func "$LINENO" "getpagesize" "ac_cv_func_getpagesize" +if test "x$ac_cv_func_getpagesize" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_GETPAGESIZE 1 _ACEOF fi done -{ echo "$as_me:$LINENO: checking for working mmap" >&5 -echo $ECHO_N "checking for working mmap... $ECHO_C" >&6; } -if test "${ac_cv_func_mmap_fixed_mapped+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for working mmap" >&5 +$as_echo_n "checking for working mmap... " >&6; } +if test "${ac_cv_func_mmap_fixed_mapped+set}" = set; then : + $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then + if test "$cross_compiling" = yes; then : ac_cv_func_mmap_fixed_mapped=no else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default /* malloc might have been renamed as rpl_malloc. */ @@ -24221,11 +15597,6 @@ char *malloc (); /* This mess was copied from the GNU getpagesize.h. */ #ifndef HAVE_GETPAGESIZE -/* Assume that all systems that can run configure have sys/param.h. */ -# ifndef HAVE_SYS_PARAM_H -# define HAVE_SYS_PARAM_H 1 -# endif - # ifdef _SC_PAGESIZE # define getpagesize() sysconf(_SC_PAGESIZE) # else /* no _SC_PAGESIZE */ @@ -24261,7 +15632,7 @@ main () { char *data, *data2, *data3; int i, pagesize; - int fd; + int fd, fd2; pagesize = getpagesize (); @@ -24274,27 +15645,41 @@ main () umask (0); fd = creat ("conftest.mmap", 0600); if (fd < 0) - return 1; + return 2; if (write (fd, data, pagesize) != pagesize) - return 1; + return 3; close (fd); + /* Next, check that the tail of a page is zero-filled. File must have + non-zero length, otherwise we risk SIGBUS for entire page. */ + fd2 = open ("conftest.txt", O_RDWR | O_CREAT | O_TRUNC, 0600); + if (fd2 < 0) + return 4; + data2 = ""; + if (write (fd2, data2, 1) != 1) + return 5; + data2 = mmap (0, pagesize, PROT_READ | PROT_WRITE, MAP_SHARED, fd2, 0L); + if (data2 == MAP_FAILED) + return 6; + for (i = 0; i < pagesize; ++i) + if (*(data2 + i)) + return 7; + close (fd2); + if (munmap (data2, pagesize)) + return 8; + /* Next, try to mmap the file at a fixed address which already has something else allocated at it. If we can, also make sure that we see the same garbage. */ fd = open ("conftest.mmap", O_RDWR); if (fd < 0) - return 1; - data2 = (char *) malloc (2 * pagesize); - if (!data2) - return 1; - data2 += (pagesize - ((long int) data2 & (pagesize - 1))) & (pagesize - 1); + return 9; if (data2 != mmap (data2, pagesize, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_FIXED, fd, 0L)) - return 1; + return 10; for (i = 0; i < pagesize; ++i) if (*(data + i) != *(data2 + i)) - return 1; + return 11; /* Finally, make sure that changes to the mapped area do not percolate back to the file as seen by read(). (This is a bug on @@ -24303,77 +15688,47 @@ main () *(data2 + i) = *(data2 + i) + 1; data3 = (char *) malloc (pagesize); if (!data3) - return 1; + return 12; if (read (fd, data3, pagesize) != pagesize) - return 1; + return 13; for (i = 0; i < pagesize; ++i) if (*(data + i) != *(data3 + i)) - return 1; + return 14; close (fd); return 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : ac_cv_func_mmap_fixed_mapped=yes else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_mmap_fixed_mapped=no + ac_cv_func_mmap_fixed_mapped=no fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_mmap_fixed_mapped" >&5 -echo "${ECHO_T}$ac_cv_func_mmap_fixed_mapped" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_mmap_fixed_mapped" >&5 +$as_echo "$ac_cv_func_mmap_fixed_mapped" >&6; } if test $ac_cv_func_mmap_fixed_mapped = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_MMAP 1 -_ACEOF +$as_echo "#define HAVE_MMAP 1" >>confdefs.h fi -rm -f conftest.mmap +rm -f conftest.mmap conftest.txt -{ echo "$as_me:$LINENO: checking if realloc if broken" >&5 -echo $ECHO_N "checking if realloc if broken... $ECHO_C" >&6; } -if test "${ac_cv_func_realloc_broken+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if realloc if broken" >&5 +$as_echo_n "checking if realloc if broken... " >&6; } +if test "${ac_cv_func_realloc_broken+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_cv_func_realloc_broken=no -if test "$cross_compiling" = yes; then +if test "$cross_compiling" = yes; then : : else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -24385,48 +15740,22 @@ int main(int argc, char **argv) } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : : else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_realloc_broken=yes + ac_cv_func_realloc_broken=yes fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_realloc_broken" >&5 -echo "${ECHO_T}$ac_cv_func_realloc_broken" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_realloc_broken" >&5 +$as_echo "$ac_cv_func_realloc_broken" >&6; } if test "$ac_cv_func_realloc_broken" = yes ; then -cat >>confdefs.h <<\_ACEOF -#define BROKEN_REALLOC 1 -_ACEOF +$as_echo "#define BROKEN_REALLOC 1" >>confdefs.h fi @@ -24435,7 +15764,6 @@ fi - DIR_roken=roken LIB_roken='$(top_builddir)/lib/roken/libroken.la' INCLUDES_roken='-I$(top_builddir)/lib/roken -I$(top_srcdir)/lib/roken' @@ -24449,13 +15777,17 @@ INCLUDES_roken='-I$(top_builddir)/lib/roken -I$(top_srcdir)/lib/roken' +$as_echo "#define rk_PATH_DELIM '/'" >>confdefs.h + + + # Check whether --enable-developer was given. -if test "${enable_developer+set}" = set; then +if test "${enable_developer+set}" = set; then : enableval=$enable_developer; fi @@ -24471,6 +15803,7 @@ if test -z "$WFLAGS" -a "$GCC" = "yes"; then # -Wcast-align doesn't work well on alpha osf/1 # -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast # -Wmissing-declarations -Wnested-externs + # -Wstrict-overflow=5 WFLAGS="-Wall -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs $dwflags" WFLAGS_NOUNUSED="-Wno-unused" WFLAGS_NOIMPLICITINT="-Wno-implicit-int" @@ -24484,16 +15817,12 @@ fi cv=`echo "ssize_t" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for ssize_t" >&5 -echo $ECHO_N "checking for ssize_t... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ssize_t" >&5 +$as_echo_n "checking for ssize_t... " >&6; } +if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -24510,93 +15839,21 @@ ssize_t foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_type_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" + eval "ac_cv_type_$cv=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then ac_tr_hdr=HAVE_`echo ssize_t | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` if false; then - { echo "$as_me:$LINENO: checking for ssize_t" >&5 -echo $ECHO_N "checking for ssize_t... $ECHO_C" >&6; } -if test "${ac_cv_type_ssize_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef ssize_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_ssize_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_ssize_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_ssize_t" >&5 -echo "${ECHO_T}$ac_cv_type_ssize_t" >&6; } -if test $ac_cv_type_ssize_t = yes; then + ac_fn_c_check_type "$LINENO" "ssize_t" "ac_cv_type_ssize_t" "$ac_includes_default" +if test "x$ac_cv_type_ssize_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SSIZE_T 1 @@ -24618,16 +15875,12 @@ fi cv=`echo "long long" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for long long" >&5 -echo $ECHO_N "checking for long long... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for long long" >&5 +$as_echo_n "checking for long long... " >&6; } +if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -24644,93 +15897,21 @@ long long foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_type_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" + eval "ac_cv_type_$cv=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then ac_tr_hdr=HAVE_`echo long long | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` if false; then - { echo "$as_me:$LINENO: checking for long long" >&5 -echo $ECHO_N "checking for long long... $ECHO_C" >&6; } -if test "${ac_cv_type_long_long+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef long long ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_long_long=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_long_long=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_long_long" >&5 -echo "${ECHO_T}$ac_cv_type_long_long" >&6; } -if test $ac_cv_type_long_long = yes; then + ac_fn_c_check_type "$LINENO" "long long" "ac_cv_type_long_long" "$ac_includes_default" +if test "x$ac_cv_type_long_long" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LONG_LONG 1 @@ -24753,45 +15934,6 @@ fi - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - for ac_header in \ arpa/inet.h \ config.h \ @@ -24811,6 +15953,7 @@ for ac_header in \ poll.h \ pwd.h \ rpcsvc/ypclnt.h \ + search.h \ shadow.h \ stdint.h \ sys/bswap.h \ @@ -24828,148 +15971,20 @@ for ac_header in \ sys/wait.h \ syslog.h \ termios.h \ + winsock2.h \ + ws2tcpip.h \ unistd.h \ userconf.h \ usersec.h \ util.h \ -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi @@ -24980,16 +15995,12 @@ done cv=`echo "uintptr_t" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for uintptr_t" >&5 -echo $ECHO_N "checking for uintptr_t... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for uintptr_t" >&5 +$as_echo_n "checking for uintptr_t... " >&6; } +if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -25008,93 +16019,21 @@ uintptr_t foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_type_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" + eval "ac_cv_type_$cv=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then ac_tr_hdr=HAVE_`echo uintptr_t | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` if false; then - { echo "$as_me:$LINENO: checking for uintptr_t" >&5 -echo $ECHO_N "checking for uintptr_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uintptr_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef uintptr_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uintptr_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_uintptr_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uintptr_t" >&5 -echo "${ECHO_T}$ac_cv_type_uintptr_t" >&6; } -if test $ac_cv_type_uintptr_t = yes; then + ac_fn_c_check_type "$LINENO" "uintptr_t" "ac_cv_type_uintptr_t" "$ac_includes_default" +if test "x$ac_cv_type_uintptr_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_UINTPTR_T 1 @@ -25112,62 +16051,17 @@ _ACEOF fi - for ac_header in vis.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +do : + ac_fn_c_check_header_compile "$LINENO" "vis.h" "ac_cv_header_vis_h" " #include #ifndef VIS_SP #error invis #endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_vis_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_VIS_H 1 _ACEOF fi @@ -25175,62 +16069,17 @@ fi done - for ac_header in netdb.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default +do : + ac_fn_c_check_header_compile "$LINENO" "netdb.h" "ac_cv_header_netdb_h" "$ac_includes_default #ifdef HAVE_SYS_TYPES_H #include #endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_netdb_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_NETDB_H 1 _ACEOF fi @@ -25238,62 +16087,17 @@ fi done - for ac_header in sys/socket.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default +do : + ac_fn_c_check_header_compile "$LINENO" "sys/socket.h" "ac_cv_header_sys_socket_h" "$ac_includes_default #ifdef HAVE_SYS_TYPES_H #include #endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_sys_socket_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_SYS_SOCKET_H 1 _ACEOF fi @@ -25301,64 +16105,19 @@ fi done - for ac_header in net/if.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default +do : + ac_fn_c_check_header_compile "$LINENO" "net/if.h" "ac_cv_header_net_if_h" "$ac_includes_default #ifdef HAVE_SYS_TYPES_H #include #endif #if HAVE_SYS_SOCKET_H #include #endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_net_if_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_NET_IF_H 1 _ACEOF fi @@ -25366,22 +16125,9 @@ fi done - for ac_header in netinet6/in6_var.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default +do : + ac_fn_c_check_header_compile "$LINENO" "netinet6/in6_var.h" "ac_cv_header_netinet6_in6_var_h" "$ac_includes_default #ifdef HAVE_SYS_TYPES_H #include #endif @@ -25392,42 +16138,10 @@ $ac_includes_default #include #endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_netinet6_in6_var_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_NETINET6_IN6_VAR_H 1 _ACEOF fi @@ -25435,62 +16149,17 @@ fi done - for ac_header in sys/sysctl.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default +do : + ac_fn_c_check_header_compile "$LINENO" "sys/sysctl.h" "ac_cv_header_sys_sysctl_h" "$ac_includes_default #ifdef HAVE_SYS_PARAM_H #include #endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_sys_sysctl_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_SYS_SYSCTL_H 1 _ACEOF fi @@ -25498,62 +16167,17 @@ fi done - for ac_header in sys/proc.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default +do : + ac_fn_c_check_header_compile "$LINENO" "sys/proc.h" "ac_cv_header_sys_proc_h" "$ac_includes_default #ifdef HAVE_SYS_PARAM_H #include #endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_sys_proc_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_SYS_PROC_H 1 _ACEOF fi @@ -25579,6 +16203,14 @@ else have_ifaddrs_h_FALSE= fi + if test "$ac_cv_header_search_h" = yes; then + have_search_h_TRUE= + have_search_h_FALSE='#' +else + have_search_h_TRUE='#' + have_search_h_FALSE= +fi + if test "$ac_cv_header_vis_h" = yes; then have_vis_h_TRUE= have_vis_h_FALSE='#' @@ -25593,10 +16225,10 @@ fi -{ echo "$as_me:$LINENO: checking for socket" >&5 -echo $ECHO_N "checking for socket... $ECHO_C" >&6; } -if test "${ac_cv_funclib_socket+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for socket" >&5 +$as_echo_n "checking for socket... " >&6; } +if test "${ac_cv_funclib_socket+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_socket\" != yes" ; then @@ -25610,11 +16242,7 @@ if eval "test \"\$ac_cv_func_socket\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -25625,34 +16253,11 @@ socket() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_socket=$ac_lib; else ac_cv_funclib_socket=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_socket=\${ac_cv_funclib_socket-no}" LIBS="$ac_save_LIBS" @@ -25664,95 +16269,12 @@ fi eval "ac_res=\$ac_cv_funclib_socket" if false; then - -for ac_func in socket -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in socket +do : + ac_fn_c_check_func "$LINENO" "socket" "ac_cv_func_socket" +if test "x$ac_cv_func_socket" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_SOCKET 1 _ACEOF fi @@ -25772,14 +16294,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_socket=no" eval "LIB_socket=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_socket=yes" @@ -25792,8 +16314,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -25806,10 +16328,10 @@ fi -{ echo "$as_me:$LINENO: checking for gethostbyname" >&5 -echo $ECHO_N "checking for gethostbyname... $ECHO_C" >&6; } -if test "${ac_cv_funclib_gethostbyname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gethostbyname" >&5 +$as_echo_n "checking for gethostbyname... " >&6; } +if test "${ac_cv_funclib_gethostbyname+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_gethostbyname\" != yes" ; then @@ -25823,11 +16345,7 @@ if eval "test \"\$ac_cv_func_gethostbyname\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -25838,34 +16356,11 @@ gethostbyname() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_gethostbyname=$ac_lib; else ac_cv_funclib_gethostbyname=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_gethostbyname=\${ac_cv_funclib_gethostbyname-no}" LIBS="$ac_save_LIBS" @@ -25877,95 +16372,12 @@ fi eval "ac_res=\$ac_cv_funclib_gethostbyname" if false; then - -for ac_func in gethostbyname -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in gethostbyname +do : + ac_fn_c_check_func "$LINENO" "gethostbyname" "ac_cv_func_gethostbyname" +if test "x$ac_cv_func_gethostbyname" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_GETHOSTBYNAME 1 _ACEOF fi @@ -25985,14 +16397,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_gethostbyname=no" eval "LIB_gethostbyname=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_gethostbyname=yes" @@ -26005,8 +16417,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -26019,10 +16431,10 @@ fi -{ echo "$as_me:$LINENO: checking for syslog" >&5 -echo $ECHO_N "checking for syslog... $ECHO_C" >&6; } -if test "${ac_cv_funclib_syslog+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for syslog" >&5 +$as_echo_n "checking for syslog... " >&6; } +if test "${ac_cv_funclib_syslog+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_syslog\" != yes" ; then @@ -26036,11 +16448,7 @@ if eval "test \"\$ac_cv_func_syslog\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -26051,34 +16459,11 @@ syslog() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_syslog=$ac_lib; else ac_cv_funclib_syslog=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_syslog=\${ac_cv_funclib_syslog-no}" LIBS="$ac_save_LIBS" @@ -26090,95 +16475,12 @@ fi eval "ac_res=\$ac_cv_funclib_syslog" if false; then - -for ac_func in syslog -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in syslog +do : + ac_fn_c_check_func "$LINENO" "syslog" "ac_cv_func_syslog" +if test "x$ac_cv_func_syslog" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_SYSLOG 1 _ACEOF fi @@ -26198,14 +16500,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_syslog=no" eval "LIB_syslog=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_syslog=yes" @@ -26218,8 +16520,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -26232,30 +16534,28 @@ fi # Check whether --with-ipv6 was given. -if test "${with_ipv6+set}" = set; then +if test "${with_ipv6+set}" = set; then : withval=$with_ipv6; -if test "$withval" = "no"; then - ac_cv_lib_ipv6=no -fi + ac_cv_lib_ipv6="$withval" + fi save_CFLAGS="${CFLAGS}" -{ echo "$as_me:$LINENO: checking for IPv6 stack type" >&5 -echo $ECHO_N "checking for IPv6 stack type... $ECHO_C" >&6; } -if test "${v6type+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - v6type=unknown -v6lib=none -for i in v6d toshiba kame inria zeta linux; do - case $i in - v6d) - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +if test "X$ac_cv_lib_ipv6" != "Xno"; then + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for IPv6 stack type" >&5 +$as_echo_n "checking for IPv6 stack type... " >&6; } +if test "${rk_cv_v6type+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + v6type=unknown + v6lib=none + + for i in v6d toshiba kame inria zeta linux; do + case $i in + v6d) + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -26264,20 +16564,16 @@ yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "yes" >/dev/null 2>&1; then + $EGREP "yes" >/dev/null 2>&1; then : v6type=$i; v6lib=v6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-I/usr/local/v6/include $CFLAGS" + v6libdir=/usr/local/v6/lib; + CFLAGS="-I/usr/local/v6/include $CFLAGS" fi rm -f conftest* - ;; - toshiba) - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ;; + toshiba) + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -26286,20 +16582,16 @@ yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "yes" >/dev/null 2>&1; then + $EGREP "yes" >/dev/null 2>&1; then : v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS" + v6libdir=/usr/local/v6/lib; + CFLAGS="-DINET6 $CFLAGS" fi rm -f conftest* - ;; - kame) - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ;; + kame) + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -26308,20 +16600,16 @@ yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "yes" >/dev/null 2>&1; then + $EGREP "yes" >/dev/null 2>&1; then : v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS" + v6libdir=/usr/local/v6/lib; + CFLAGS="-DINET6 $CFLAGS" fi rm -f conftest* - ;; - inria) - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ;; + inria) + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -26330,18 +16618,14 @@ yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "yes" >/dev/null 2>&1; then + $EGREP "yes" >/dev/null 2>&1; then : v6type=$i; CFLAGS="-DINET6 $CFLAGS" fi rm -f conftest* - ;; - zeta) - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ;; + zeta) + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -26350,52 +16634,47 @@ yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "yes" >/dev/null 2>&1; then + $EGREP "yes" >/dev/null 2>&1; then : v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS" + v6libdir=/usr/local/v6/lib; + CFLAGS="-DINET6 $CFLAGS" fi rm -f conftest* - ;; - linux) - if test -d /usr/inet6; then - v6type=$i - v6lib=inet6 - v6libdir=/usr/inet6 - CFLAGS="-DINET6 $CFLAGS" - fi - ;; - esac - if test "$v6type" != "unknown"; then - break - fi -done - -if test "$v6lib" != "none"; then - for dir in $v6libdir /usr/local/v6/lib /usr/local/lib; do - if test -d $dir -a -f $dir/lib$v6lib.a; then - LIBS="-L$dir -l$v6lib $LIBS" + ;; + linux) + if test -d /usr/inet6; then + v6type=$i + v6lib=inet6 + v6libdir=/usr/inet6 + CFLAGS="-DINET6 $CFLAGS" + fi + ;; + esac + if test "$v6type" != "unknown"; then break fi done -fi + if test "$v6lib" != "none"; then + for dir in $v6libdir /usr/local/v6/lib /usr/local/lib; do + if test -d $dir -a -f $dir/lib$v6lib.a; then + LIBS="-L$dir -l$v6lib $LIBS" + break + fi + done + fi fi -{ echo "$as_me:$LINENO: result: $v6type" >&5 -echo "${ECHO_T}$v6type" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $rk_cv_v6type" >&5 +$as_echo "$rk_cv_v6type" >&6; } -{ echo "$as_me:$LINENO: checking for IPv6" >&5 -echo $ECHO_N "checking for IPv6... $ECHO_C" >&6; } -if test "${ac_cv_lib_ipv6+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for IPv6" >&5 +$as_echo_n "checking for IPv6... " >&6; } +if test "${rk_cv_lib_ipv6+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H @@ -26429,42 +16708,21 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_ipv6=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_ipv6=no + ac_cv_lib_ipv6=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $rk_cv_lib_ipv6" >&5 +$as_echo "$rk_cv_lib_ipv6" >&6; } fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_ipv6" >&5 -echo "${ECHO_T}$ac_cv_lib_ipv6" >&6; } if test "$ac_cv_lib_ipv6" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_IPV6 1 -_ACEOF +$as_echo "#define HAVE_IPV6 1" >>confdefs.h else CFLAGS="${save_CFLAGS}" @@ -26472,17 +16730,13 @@ fi ## test for AIX missing in6addr_loopback if test "$ac_cv_lib_ipv6" = yes; then - { echo "$as_me:$LINENO: checking for in6addr_loopback" >&5 -echo $ECHO_N "checking for in6addr_loopback... $ECHO_C" >&6; } -if test "${ac_cv_var_in6addr_loopback+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for in6addr_loopback" >&5 +$as_echo_n "checking for in6addr_loopback... " >&6; } +if test "${rk_cv_var_in6addr_loopback+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H @@ -26508,42 +16762,19 @@ sin6.sin6_addr = in6addr_loopback; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var_in6addr_loopback=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_in6addr_loopback=no + ac_cv_var_in6addr_loopback=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_var_in6addr_loopback" >&5 -echo "${ECHO_T}$ac_cv_var_in6addr_loopback" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $rk_cv_var_in6addr_loopback" >&5 +$as_echo "$rk_cv_var_in6addr_loopback" >&6; } if test "$ac_cv_var_in6addr_loopback" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_IN6ADDR_LOOPBACK 1 -_ACEOF +$as_echo "#define HAVE_IN6ADDR_LOOPBACK 1" >>confdefs.h fi fi @@ -26553,10 +16784,10 @@ fi -{ echo "$as_me:$LINENO: checking for gethostbyname2" >&5 -echo $ECHO_N "checking for gethostbyname2... $ECHO_C" >&6; } -if test "${ac_cv_funclib_gethostbyname2+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gethostbyname2" >&5 +$as_echo_n "checking for gethostbyname2... " >&6; } +if test "${ac_cv_funclib_gethostbyname2+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_gethostbyname2\" != yes" ; then @@ -26570,11 +16801,7 @@ if eval "test \"\$ac_cv_func_gethostbyname2\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -26585,34 +16812,11 @@ gethostbyname2() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_gethostbyname2=$ac_lib; else ac_cv_funclib_gethostbyname2=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_gethostbyname2=\${ac_cv_funclib_gethostbyname2-no}" LIBS="$ac_save_LIBS" @@ -26624,95 +16828,12 @@ fi eval "ac_res=\$ac_cv_funclib_gethostbyname2" if false; then - -for ac_func in gethostbyname2 -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in gethostbyname2 +do : + ac_fn_c_check_func "$LINENO" "gethostbyname2" "ac_cv_func_gethostbyname2" +if test "x$ac_cv_func_gethostbyname2" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_GETHOSTBYNAME2 1 _ACEOF fi @@ -26732,14 +16853,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_gethostbyname2=no" eval "LIB_gethostbyname2=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_gethostbyname2=yes" @@ -26752,8 +16873,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -26765,145 +16886,14 @@ fi - -for ac_header in arpa/nameser.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then +for ac_header in arpa/nameser.h dns.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi @@ -26911,22 +16901,9 @@ fi done - for ac_header in resolv.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default +do : + ac_fn_c_check_header_compile "$LINENO" "resolv.h" "ac_cv_header_resolv_h" "$ac_includes_default #ifdef HAVE_SYS_TYPES_H #include #endif @@ -26937,42 +16914,10 @@ $ac_includes_default #include #endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_resolv_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_RESOLV_H 1 _ACEOF fi @@ -26984,10 +16929,10 @@ done -{ echo "$as_me:$LINENO: checking for res_search" >&5 -echo $ECHO_N "checking for res_search... $ECHO_C" >&6; } -if test "${ac_cv_funclib_res_search+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for res_search" >&5 +$as_echo_n "checking for res_search... " >&6; } +if test "${ac_cv_funclib_res_search+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_res_search\" != yes" ; then @@ -27001,11 +16946,7 @@ if eval "test \"\$ac_cv_func_res_search\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -27030,34 +16971,11 @@ res_search(0,0,0,0,0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_res_search=$ac_lib; else ac_cv_funclib_res_search=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_res_search=\${ac_cv_funclib_res_search-no}" LIBS="$ac_save_LIBS" @@ -27069,95 +16987,12 @@ fi eval "ac_res=\$ac_cv_funclib_res_search" if false; then - -for ac_func in res_search -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in res_search +do : + ac_fn_c_check_func "$LINENO" "res_search" "ac_cv_func_res_search" +if test "x$ac_cv_func_res_search" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_RES_SEARCH 1 _ACEOF fi @@ -27177,14 +17012,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_res_search=no" eval "LIB_res_search=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_res_search=yes" @@ -27197,8 +17032,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -27212,10 +17047,10 @@ fi -{ echo "$as_me:$LINENO: checking for res_nsearch" >&5 -echo $ECHO_N "checking for res_nsearch... $ECHO_C" >&6; } -if test "${ac_cv_funclib_res_nsearch+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for res_nsearch" >&5 +$as_echo_n "checking for res_nsearch... " >&6; } +if test "${ac_cv_funclib_res_nsearch+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_res_nsearch\" != yes" ; then @@ -27229,11 +17064,7 @@ if eval "test \"\$ac_cv_func_res_nsearch\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -27258,34 +17089,11 @@ res_nsearch(0,0,0,0,0,0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_res_nsearch=$ac_lib; else ac_cv_funclib_res_nsearch=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_res_nsearch=\${ac_cv_funclib_res_nsearch-no}" LIBS="$ac_save_LIBS" @@ -27297,95 +17105,12 @@ fi eval "ac_res=\$ac_cv_funclib_res_nsearch" if false; then - -for ac_func in res_nsearch -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in res_nsearch +do : + ac_fn_c_check_func "$LINENO" "res_nsearch" "ac_cv_func_res_nsearch" +if test "x$ac_cv_func_res_nsearch" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_RES_NSEARCH 1 _ACEOF fi @@ -27405,14 +17130,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_res_nsearch=no" eval "LIB_res_nsearch=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_res_nsearch=yes" @@ -27425,8 +17150,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -27440,10 +17165,10 @@ fi -{ echo "$as_me:$LINENO: checking for res_ndestroy" >&5 -echo $ECHO_N "checking for res_ndestroy... $ECHO_C" >&6; } -if test "${ac_cv_funclib_res_ndestroy+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for res_ndestroy" >&5 +$as_echo_n "checking for res_ndestroy... " >&6; } +if test "${ac_cv_funclib_res_ndestroy+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_res_ndestroy\" != yes" ; then @@ -27457,11 +17182,7 @@ if eval "test \"\$ac_cv_func_res_ndestroy\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -27486,34 +17207,11 @@ res_ndestroy(0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_res_ndestroy=$ac_lib; else ac_cv_funclib_res_ndestroy=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_res_ndestroy=\${ac_cv_funclib_res_ndestroy-no}" LIBS="$ac_save_LIBS" @@ -27525,95 +17223,12 @@ fi eval "ac_res=\$ac_cv_funclib_res_ndestroy" if false; then - -for ac_func in res_ndestroy -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in res_ndestroy +do : + ac_fn_c_check_func "$LINENO" "res_ndestroy" "ac_cv_func_res_ndestroy" +if test "x$ac_cv_func_res_ndestroy" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_RES_NDESTROY 1 _ACEOF fi @@ -27633,14 +17248,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_res_ndestroy=no" eval "LIB_res_ndestroy=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_res_ndestroy=yes" @@ -27653,8 +17268,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -27667,11 +17282,115 @@ fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dns_search" >&5 +$as_echo_n "checking for dns_search... " >&6; } +if test "${ac_cv_funclib_dns_search+set}" = set; then : + $as_echo_n "(cached) " >&6 +else -{ echo "$as_me:$LINENO: checking for dn_expand" >&5 -echo $ECHO_N "checking for dn_expand... $ECHO_C" >&6; } -if test "${ac_cv_funclib_dn_expand+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if eval "test \"\$ac_cv_func_dns_search\" != yes" ; then + ac_save_LIBS="$LIBS" + for ac_lib in "" ; do + case "$ac_lib" in + "") ;; + yes) ac_lib="" ;; + no) continue ;; + -l*) ;; + *) ac_lib="-l$ac_lib" ;; + esac + LIBS=" $ac_lib $ac_save_LIBS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#ifdef HAVE_DNS_H +#include +#endif + +int +main () +{ +dns_search(0,0,0,0,0,0,0,0) + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + eval "if test -n \"$ac_lib\";then ac_cv_funclib_dns_search=$ac_lib; else ac_cv_funclib_dns_search=yes; fi";break +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + done + eval "ac_cv_funclib_dns_search=\${ac_cv_funclib_dns_search-no}" + LIBS="$ac_save_LIBS" +fi + +fi + + +eval "ac_res=\$ac_cv_funclib_dns_search" + +if false; then + for ac_func in dns_search +do : + ac_fn_c_check_func "$LINENO" "dns_search" "ac_cv_func_dns_search" +if test "x$ac_cv_func_dns_search" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_DNS_SEARCH 1 +_ACEOF + +fi +done + +fi +# dns_search +eval "ac_tr_func=HAVE_`echo dns_search | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" +eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" +eval "LIB_dns_search=$ac_res" + +case "$ac_res" in + yes) + eval "ac_cv_func_dns_search=yes" + eval "LIB_dns_search=" + cat >>confdefs.h <<_ACEOF +#define $ac_tr_func 1 +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + ;; + no) + eval "ac_cv_func_dns_search=no" + eval "LIB_dns_search=" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + ;; + *) + eval "ac_cv_func_dns_search=yes" + eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" + cat >>confdefs.h <<_ACEOF +#define $ac_tr_func 1 +_ACEOF + + cat >>confdefs.h <<_ACEOF +#define $ac_tr_lib 1 +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } + ;; +esac + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dn_expand" >&5 +$as_echo_n "checking for dn_expand... " >&6; } +if test "${ac_cv_funclib_dn_expand+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_dn_expand\" != yes" ; then @@ -27685,11 +17404,7 @@ if eval "test \"\$ac_cv_func_dn_expand\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -27714,34 +17429,11 @@ dn_expand(0,0,0,0,0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_dn_expand=$ac_lib; else ac_cv_funclib_dn_expand=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_dn_expand=\${ac_cv_funclib_dn_expand-no}" LIBS="$ac_save_LIBS" @@ -27753,95 +17445,12 @@ fi eval "ac_res=\$ac_cv_funclib_dn_expand" if false; then - -for ac_func in dn_expand -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in dn_expand +do : + ac_fn_c_check_func "$LINENO" "dn_expand" "ac_cv_func_dn_expand" +if test "x$ac_cv_func_dn_expand" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_DN_EXPAND 1 _ACEOF fi @@ -27861,14 +17470,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_dn_expand=no" eval "LIB_dn_expand=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_dn_expand=yes" @@ -27881,8 +17490,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -27893,18 +17502,14 @@ fi -{ echo "$as_me:$LINENO: checking for _res" >&5 -echo $ECHO_N "checking for _res... $ECHO_C" >&6; } -if test "${ac_cv_var__res+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for _res" >&5 +$as_echo_n "checking for _res... " >&6; } +if test "${ac_cv_var__res+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #ifdef HAVE_SYS_TYPES_H @@ -27928,102 +17533,15 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var__res=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var__res=no + ac_cv_var__res=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext if test "$ac_cv_var__res" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern int _res; -int foo(void) { return _res; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var__res=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var__res=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi - -fi - -ac_foo=`eval echo \\$ac_cv_var__res` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE__RES 1 -_ACEOF - - { echo "$as_me:$LINENO: checking whether _res is declared" >&5 -echo $ECHO_N "checking whether _res is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl__res+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #ifdef HAVE_SYS_TYPES_H @@ -28038,83 +17556,115 @@ cat >>conftest.$ac_ext <<_ACEOF #ifdef HAVE_RESOLV_H #include #endif - +extern int _res; +int foo(void) { return _res; } int main () { -#ifndef _res - (void) _res; +foo() + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_var__res=yes +else + ac_cv_var__res=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi + +fi + +ac_foo=`eval echo \\$ac_cv_var__res` +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } +if test "$ac_foo" = yes; then + +cat >>confdefs.h <<_ACEOF +#define HAVE__RES 1 +_ACEOF + + +# ac_fn_c_check_decl LINENO SYMBOL VAR +# ------------------------------------ +# Tests whether SYMBOL is declared, setting cache variable VAR accordingly. +ac_fn_c_check_decl () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $2 is declared" >&5 +$as_echo_n "checking whether $2 is declared... " >&6; } +if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +#ifndef $2 + (void) $2; #endif ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl__res=yes +if ac_fn_c_try_compile "$LINENO"; then : + eval "$3=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl__res=no + eval "$3=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl__res" >&5 -echo "${ECHO_T}$ac_cv_have_decl__res" >&6; } -if test $ac_cv_have_decl__res = yes; then +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + +} # ac_fn_c_check_decl +ac_fn_c_check_decl "$LINENO" "_res" "ac_cv_have_decl__res" "#include +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_NETINET_IN_H +#include +#endif +#ifdef HAVE_ARPA_NAMESER_H +#include +#endif +#ifdef HAVE_RESOLV_H +#include +#endif +" +if test "x$ac_cv_have_decl__res" = x""yes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi cat >>confdefs.h <<_ACEOF -#define HAVE_DECL__RES 1 +#define HAVE_DECL__RES $ac_have_decl _ACEOF - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL__RES 0 -_ACEOF - - -fi - - fi -{ echo "$as_me:$LINENO: checking for working snprintf" >&5 -echo $ECHO_N "checking for working snprintf... $ECHO_C" >&6; } -if test "${ac_cv_func_snprintf_working+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for working snprintf" >&5 +$as_echo_n "checking for working snprintf... " >&6; } +if test "${ac_cv_func_snprintf_working+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_cv_func_snprintf_working=yes -if test "$cross_compiling" = yes; then +if test "$cross_compiling" = yes; then : : else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -28126,42 +17676,18 @@ int main(int argc, char **argv) return strcmp(foo, "1") || snprintf(NULL, 0, "%d", 12) != 2; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : : else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_snprintf_working=no + ac_cv_func_snprintf_working=no fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_snprintf_working" >&5 -echo "${ECHO_T}$ac_cv_func_snprintf_working" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_snprintf_working" >&5 +$as_echo "$ac_cv_func_snprintf_working" >&6; } if test "$ac_cv_func_snprintf_working" = yes; then @@ -28173,16 +17699,12 @@ fi if test "$ac_cv_func_snprintf_working" = yes; then if test "$ac_cv_func_snprintf+set" != set -o "$ac_cv_func_snprintf" = yes; then -{ echo "$as_me:$LINENO: checking if snprintf needs a prototype" >&5 -echo $ECHO_N "checking if snprintf needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_snprintf_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if snprintf needs a prototype" >&5 +$as_echo_n "checking if snprintf needs a prototype... " >&6; } +if test "${ac_cv_func_snprintf_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include struct foo { int foo; } xx; @@ -28195,40 +17717,18 @@ snprintf(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_snprintf_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_snprintf_noproto=no" + eval "ac_cv_func_snprintf_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_snprintf_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_snprintf_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_snprintf_noproto" >&5 +$as_echo "$ac_cv_func_snprintf_noproto" >&6; } if test "$ac_cv_func_snprintf_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_SNPRINTF_PROTO 1 -_ACEOF +$as_echo "#define NEED_SNPRINTF_PROTO 1" >>confdefs.h fi fi @@ -28236,20 +17736,16 @@ fi fi -{ echo "$as_me:$LINENO: checking for working vsnprintf" >&5 -echo $ECHO_N "checking for working vsnprintf... $ECHO_C" >&6; } -if test "${ac_cv_func_vsnprintf_working+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for working vsnprintf" >&5 +$as_echo_n "checking for working vsnprintf... " >&6; } +if test "${ac_cv_func_vsnprintf_working+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_cv_func_vsnprintf_working=yes -if test "$cross_compiling" = yes; then +if test "$cross_compiling" = yes; then : : else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -28281,42 +17777,18 @@ int main(int argc, char **argv) return foo(0, "12") || bar(0, 2, "12"); } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : : else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_vsnprintf_working=no + ac_cv_func_vsnprintf_working=no fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vsnprintf_working" >&5 -echo "${ECHO_T}$ac_cv_func_vsnprintf_working" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_vsnprintf_working" >&5 +$as_echo "$ac_cv_func_vsnprintf_working" >&6; } if test "$ac_cv_func_vsnprintf_working" = yes; then @@ -28328,16 +17800,12 @@ fi if test "$ac_cv_func_vsnprintf_working" = yes; then if test "$ac_cv_func_vsnprintf+set" != set -o "$ac_cv_func_vsnprintf" = yes; then -{ echo "$as_me:$LINENO: checking if vsnprintf needs a prototype" >&5 -echo $ECHO_N "checking if vsnprintf needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_vsnprintf_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if vsnprintf needs a prototype" >&5 +$as_echo_n "checking if vsnprintf needs a prototype... " >&6; } +if test "${ac_cv_func_vsnprintf_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include struct foo { int foo; } xx; @@ -28350,40 +17818,18 @@ vsnprintf(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_vsnprintf_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_vsnprintf_noproto=no" + eval "ac_cv_func_vsnprintf_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vsnprintf_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_vsnprintf_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_vsnprintf_noproto" >&5 +$as_echo "$ac_cv_func_vsnprintf_noproto" >&6; } if test "$ac_cv_func_vsnprintf_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_VSNPRINTF_PROTO 1 -_ACEOF +$as_echo "#define NEED_VSNPRINTF_PROTO 1" >>confdefs.h fi fi @@ -28392,17 +17838,13 @@ fi -{ echo "$as_me:$LINENO: checking for working glob" >&5 -echo $ECHO_N "checking for working glob... $ECHO_C" >&6; } -if test "${ac_cv_func_glob_working+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for working glob" >&5 +$as_echo_n "checking for working glob... " >&6; } +if test "${ac_cv_func_glob_working+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_cv_func_glob_working=yes -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -28424,58 +17866,31 @@ NULL, NULL); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : : else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_glob_working=no + ac_cv_func_glob_working=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_glob_working" >&5 -echo "${ECHO_T}$ac_cv_func_glob_working" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_glob_working" >&5 +$as_echo "$ac_cv_func_glob_working" >&6; } if test "$ac_cv_func_glob_working" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_GLOB 1 -_ACEOF +$as_echo "#define HAVE_GLOB 1" >>confdefs.h fi if test "$ac_cv_func_glob_working" = yes; then if test "$ac_cv_func_glob+set" != set -o "$ac_cv_func_glob" = yes; then -{ echo "$as_me:$LINENO: checking if glob needs a prototype" >&5 -echo $ECHO_N "checking if glob needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_glob_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if glob needs a prototype" >&5 +$as_echo_n "checking if glob needs a prototype... " >&6; } +if test "${ac_cv_func_glob_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -28489,40 +17904,18 @@ glob(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_glob_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_glob_noproto=no" + eval "ac_cv_func_glob_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_glob_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_glob_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_glob_noproto" >&5 +$as_echo "$ac_cv_func_glob_noproto" >&6; } if test "$ac_cv_func_glob_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_GLOB_PROTO 1 -_ACEOF +$as_echo "#define NEED_GLOB_PROTO 1" >>confdefs.h fi fi @@ -28547,33 +17940,6 @@ fi - - - - - - - - - - - - - - - - - - - - - - - - - - - for ac_func in \ asnprintf \ asprintf \ @@ -28591,105 +17957,29 @@ for ac_func in \ setprogname \ setstate \ strsvis \ + strsvisx \ strunvis \ strvis \ strvisx \ svis \ sysconf \ sysctl \ + tdelete \ + tfind \ + twalk \ uname \ unvis \ vasnprintf \ vasprintf \ vis \ -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +eval as_val=\$$as_ac_var + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi @@ -28720,10 +18010,10 @@ fi -{ echo "$as_me:$LINENO: checking for getsockopt" >&5 -echo $ECHO_N "checking for getsockopt... $ECHO_C" >&6; } -if test "${ac_cv_funclib_getsockopt+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for getsockopt" >&5 +$as_echo_n "checking for getsockopt... " >&6; } +if test "${ac_cv_funclib_getsockopt+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_getsockopt\" != yes" ; then @@ -28737,11 +18027,7 @@ if eval "test \"\$ac_cv_func_getsockopt\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H #include @@ -28757,34 +18043,11 @@ getsockopt(0,0,0,0,0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_getsockopt=$ac_lib; else ac_cv_funclib_getsockopt=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_getsockopt=\${ac_cv_funclib_getsockopt-no}" LIBS="$ac_save_LIBS" @@ -28796,95 +18059,12 @@ fi eval "ac_res=\$ac_cv_funclib_getsockopt" if false; then - -for ac_func in getsockopt -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in getsockopt +do : + ac_fn_c_check_func "$LINENO" "getsockopt" "ac_cv_func_getsockopt" +if test "x$ac_cv_func_getsockopt" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_GETSOCKOPT 1 _ACEOF fi @@ -28904,14 +18084,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_getsockopt=no" eval "LIB_getsockopt=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_getsockopt=yes" @@ -28924,8 +18104,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -28933,10 +18113,10 @@ esac -{ echo "$as_me:$LINENO: checking for setsockopt" >&5 -echo $ECHO_N "checking for setsockopt... $ECHO_C" >&6; } -if test "${ac_cv_funclib_setsockopt+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for setsockopt" >&5 +$as_echo_n "checking for setsockopt... " >&6; } +if test "${ac_cv_funclib_setsockopt+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_setsockopt\" != yes" ; then @@ -28950,11 +18130,7 @@ if eval "test \"\$ac_cv_func_setsockopt\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H #include @@ -28970,34 +18146,11 @@ setsockopt(0,0,0,0,0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_setsockopt=$ac_lib; else ac_cv_funclib_setsockopt=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_setsockopt=\${ac_cv_funclib_setsockopt-no}" LIBS="$ac_save_LIBS" @@ -29009,95 +18162,12 @@ fi eval "ac_res=\$ac_cv_funclib_setsockopt" if false; then - -for ac_func in setsockopt -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in setsockopt +do : + ac_fn_c_check_func "$LINENO" "setsockopt" "ac_cv_func_setsockopt" +if test "x$ac_cv_func_setsockopt" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_SETSOCKOPT 1 _ACEOF fi @@ -29117,14 +18187,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_setsockopt=no" eval "LIB_setsockopt=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_setsockopt=yes" @@ -29137,8 +18207,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -29148,10 +18218,10 @@ esac -{ echo "$as_me:$LINENO: checking for hstrerror" >&5 -echo $ECHO_N "checking for hstrerror... $ECHO_C" >&6; } -if test "${ac_cv_funclib_hstrerror+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for hstrerror" >&5 +$as_echo_n "checking for hstrerror... " >&6; } +if test "${ac_cv_funclib_hstrerror+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_hstrerror\" != yes" ; then @@ -29165,11 +18235,7 @@ if eval "test \"\$ac_cv_func_hstrerror\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_NETDB_H #include @@ -29182,34 +18248,11 @@ hstrerror(17) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_hstrerror=$ac_lib; else ac_cv_funclib_hstrerror=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_hstrerror=\${ac_cv_funclib_hstrerror-no}" LIBS="$ac_save_LIBS" @@ -29221,95 +18264,12 @@ fi eval "ac_res=\$ac_cv_funclib_hstrerror" if false; then - -for ac_func in hstrerror -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in hstrerror +do : + ac_fn_c_check_func "$LINENO" "hstrerror" "ac_cv_func_hstrerror" +if test "x$ac_cv_func_hstrerror" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_HSTRERROR 1 _ACEOF fi @@ -29329,14 +18289,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_hstrerror=no" eval "LIB_hstrerror=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_hstrerror=yes" @@ -29349,8 +18309,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -29370,16 +18330,12 @@ fi if test "$ac_cv_func_hstrerror+set" != set -o "$ac_cv_func_hstrerror" = yes; then -{ echo "$as_me:$LINENO: checking if hstrerror needs a prototype" >&5 -echo $ECHO_N "checking if hstrerror needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_hstrerror_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if hstrerror needs a prototype" >&5 +$as_echo_n "checking if hstrerror needs a prototype... " >&6; } +if test "${ac_cv_func_hstrerror_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_NETDB_H @@ -29395,40 +18351,18 @@ hstrerror(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_hstrerror_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_hstrerror_noproto=no" + eval "ac_cv_func_hstrerror_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_hstrerror_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_hstrerror_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_hstrerror_noproto" >&5 +$as_echo "$ac_cv_func_hstrerror_noproto" >&6; } if test "$ac_cv_func_hstrerror_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_HSTRERROR_PROTO 1 -_ACEOF +$as_echo "#define NEED_HSTRERROR_PROTO 1" >>confdefs.h fi fi @@ -29436,16 +18370,12 @@ fi if test "$ac_cv_func_asprintf+set" != set -o "$ac_cv_func_asprintf" = yes; then -{ echo "$as_me:$LINENO: checking if asprintf needs a prototype" >&5 -echo $ECHO_N "checking if asprintf needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_asprintf_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if asprintf needs a prototype" >&5 +$as_echo_n "checking if asprintf needs a prototype... " >&6; } +if test "${ac_cv_func_asprintf_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -29460,55 +18390,29 @@ asprintf(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_asprintf_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_asprintf_noproto=no" + eval "ac_cv_func_asprintf_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_asprintf_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_asprintf_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_asprintf_noproto" >&5 +$as_echo "$ac_cv_func_asprintf_noproto" >&6; } if test "$ac_cv_func_asprintf_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_ASPRINTF_PROTO 1 -_ACEOF +$as_echo "#define NEED_ASPRINTF_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_vasprintf+set" != set -o "$ac_cv_func_vasprintf" = yes; then -{ echo "$as_me:$LINENO: checking if vasprintf needs a prototype" >&5 -echo $ECHO_N "checking if vasprintf needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_vasprintf_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if vasprintf needs a prototype" >&5 +$as_echo_n "checking if vasprintf needs a prototype... " >&6; } +if test "${ac_cv_func_vasprintf_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -29523,55 +18427,29 @@ vasprintf(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_vasprintf_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_vasprintf_noproto=no" + eval "ac_cv_func_vasprintf_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vasprintf_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_vasprintf_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_vasprintf_noproto" >&5 +$as_echo "$ac_cv_func_vasprintf_noproto" >&6; } if test "$ac_cv_func_vasprintf_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_VASPRINTF_PROTO 1 -_ACEOF +$as_echo "#define NEED_VASPRINTF_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_asnprintf+set" != set -o "$ac_cv_func_asnprintf" = yes; then -{ echo "$as_me:$LINENO: checking if asnprintf needs a prototype" >&5 -echo $ECHO_N "checking if asnprintf needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_asnprintf_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if asnprintf needs a prototype" >&5 +$as_echo_n "checking if asnprintf needs a prototype... " >&6; } +if test "${ac_cv_func_asnprintf_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -29586,55 +18464,29 @@ asnprintf(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_asnprintf_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_asnprintf_noproto=no" + eval "ac_cv_func_asnprintf_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_asnprintf_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_asnprintf_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_asnprintf_noproto" >&5 +$as_echo "$ac_cv_func_asnprintf_noproto" >&6; } if test "$ac_cv_func_asnprintf_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_ASNPRINTF_PROTO 1 -_ACEOF +$as_echo "#define NEED_ASNPRINTF_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_vasnprintf+set" != set -o "$ac_cv_func_vasnprintf" = yes; then -{ echo "$as_me:$LINENO: checking if vasnprintf needs a prototype" >&5 -echo $ECHO_N "checking if vasnprintf needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_vasnprintf_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if vasnprintf needs a prototype" >&5 +$as_echo_n "checking if vasnprintf needs a prototype... " >&6; } +if test "${ac_cv_func_vasnprintf_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -29649,40 +18501,18 @@ vasnprintf(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_vasnprintf_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_vasnprintf_noproto=no" + eval "ac_cv_func_vasnprintf_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vasnprintf_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_vasnprintf_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_vasnprintf_noproto" >&5 +$as_echo "$ac_cv_func_vasnprintf_noproto" >&6; } if test "$ac_cv_func_vasnprintf_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_VASNPRINTF_PROTO 1 -_ACEOF +$as_echo "#define NEED_VASNPRINTF_PROTO 1" >>confdefs.h fi fi @@ -29691,10 +18521,10 @@ fi -{ echo "$as_me:$LINENO: checking for bswap16" >&5 -echo $ECHO_N "checking for bswap16... $ECHO_C" >&6; } -if test "${ac_cv_funclib_bswap16+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for bswap16" >&5 +$as_echo_n "checking for bswap16... " >&6; } +if test "${ac_cv_funclib_bswap16+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_bswap16\" != yes" ; then @@ -29708,12 +18538,11 @@ if eval "test \"\$ac_cv_func_bswap16\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#ifdef HAVE_SYS_TYPES_H +#include +#endif #ifdef HAVE_SYS_BSWAP_H #include #endif @@ -29725,34 +18554,11 @@ bswap16(0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_bswap16=$ac_lib; else ac_cv_funclib_bswap16=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_bswap16=\${ac_cv_funclib_bswap16-no}" LIBS="$ac_save_LIBS" @@ -29764,95 +18570,12 @@ fi eval "ac_res=\$ac_cv_funclib_bswap16" if false; then - -for ac_func in bswap16 -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in bswap16 +do : + ac_fn_c_check_func "$LINENO" "bswap16" "ac_cv_func_bswap16" +if test "x$ac_cv_func_bswap16" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_BSWAP16 1 _ACEOF fi @@ -29872,14 +18595,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_bswap16=no" eval "LIB_bswap16=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_bswap16=yes" @@ -29892,8 +18615,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -29902,10 +18625,10 @@ esac -{ echo "$as_me:$LINENO: checking for bswap32" >&5 -echo $ECHO_N "checking for bswap32... $ECHO_C" >&6; } -if test "${ac_cv_funclib_bswap32+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for bswap32" >&5 +$as_echo_n "checking for bswap32... " >&6; } +if test "${ac_cv_funclib_bswap32+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_bswap32\" != yes" ; then @@ -29919,12 +18642,11 @@ if eval "test \"\$ac_cv_func_bswap32\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#ifdef HAVE_SYS_TYPES_H +#include +#endif #ifdef HAVE_SYS_BSWAP_H #include #endif @@ -29936,34 +18658,11 @@ bswap32(0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_bswap32=$ac_lib; else ac_cv_funclib_bswap32=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_bswap32=\${ac_cv_funclib_bswap32-no}" LIBS="$ac_save_LIBS" @@ -29975,95 +18674,12 @@ fi eval "ac_res=\$ac_cv_funclib_bswap32" if false; then - -for ac_func in bswap32 -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in bswap32 +do : + ac_fn_c_check_func "$LINENO" "bswap32" "ac_cv_func_bswap32" +if test "x$ac_cv_func_bswap32" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_BSWAP32 1 _ACEOF fi @@ -30083,14 +18699,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_bswap32=no" eval "LIB_bswap32=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_bswap32=yes" @@ -30103,8 +18719,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -30113,10 +18729,10 @@ esac -{ echo "$as_me:$LINENO: checking for pidfile" >&5 -echo $ECHO_N "checking for pidfile... $ECHO_C" >&6; } -if test "${ac_cv_funclib_pidfile+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for pidfile" >&5 +$as_echo_n "checking for pidfile... " >&6; } +if test "${ac_cv_funclib_pidfile+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_pidfile\" != yes" ; then @@ -30130,11 +18746,7 @@ if eval "test \"\$ac_cv_func_pidfile\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_UTIL_H #include @@ -30147,34 +18759,11 @@ pidfile(0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_pidfile=$ac_lib; else ac_cv_funclib_pidfile=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_pidfile=\${ac_cv_funclib_pidfile-no}" LIBS="$ac_save_LIBS" @@ -30186,95 +18775,12 @@ fi eval "ac_res=\$ac_cv_funclib_pidfile" if false; then - -for ac_func in pidfile -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in pidfile +do : + ac_fn_c_check_func "$LINENO" "pidfile" "ac_cv_func_pidfile" +if test "x$ac_cv_func_pidfile" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_PIDFILE 1 _ACEOF fi @@ -30294,14 +18800,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_pidfile=no" eval "LIB_pidfile=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_pidfile=yes" @@ -30314,8 +18820,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -30325,10 +18831,10 @@ esac -{ echo "$as_me:$LINENO: checking for getaddrinfo" >&5 -echo $ECHO_N "checking for getaddrinfo... $ECHO_C" >&6; } -if test "${ac_cv_funclib_getaddrinfo+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for getaddrinfo" >&5 +$as_echo_n "checking for getaddrinfo... " >&6; } +if test "${ac_cv_funclib_getaddrinfo+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_getaddrinfo\" != yes" ; then @@ -30342,15 +18848,14 @@ if eval "test \"\$ac_cv_func_getaddrinfo\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_NETDB_H #include #endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif int main () { @@ -30359,34 +18864,11 @@ getaddrinfo(0,0,0,0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_getaddrinfo=$ac_lib; else ac_cv_funclib_getaddrinfo=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_getaddrinfo=\${ac_cv_funclib_getaddrinfo-no}" LIBS="$ac_save_LIBS" @@ -30398,95 +18880,12 @@ fi eval "ac_res=\$ac_cv_funclib_getaddrinfo" if false; then - -for ac_func in getaddrinfo -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in getaddrinfo +do : + ac_fn_c_check_func "$LINENO" "getaddrinfo" "ac_cv_func_getaddrinfo" +if test "x$ac_cv_func_getaddrinfo" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_GETADDRINFO 1 _ACEOF fi @@ -30506,14 +18905,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_getaddrinfo=no" eval "LIB_getaddrinfo=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_getaddrinfo=yes" @@ -30526,8 +18925,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -30550,10 +18949,10 @@ fi -{ echo "$as_me:$LINENO: checking for getnameinfo" >&5 -echo $ECHO_N "checking for getnameinfo... $ECHO_C" >&6; } -if test "${ac_cv_funclib_getnameinfo+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for getnameinfo" >&5 +$as_echo_n "checking for getnameinfo... " >&6; } +if test "${ac_cv_funclib_getnameinfo+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_getnameinfo\" != yes" ; then @@ -30567,15 +18966,14 @@ if eval "test \"\$ac_cv_func_getnameinfo\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_NETDB_H #include #endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif int main () { @@ -30584,34 +18982,11 @@ getnameinfo(0,0,0,0,0,0,0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_getnameinfo=$ac_lib; else ac_cv_funclib_getnameinfo=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_getnameinfo=\${ac_cv_funclib_getnameinfo-no}" LIBS="$ac_save_LIBS" @@ -30623,95 +18998,12 @@ fi eval "ac_res=\$ac_cv_funclib_getnameinfo" if false; then - -for ac_func in getnameinfo -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in getnameinfo +do : + ac_fn_c_check_func "$LINENO" "getnameinfo" "ac_cv_func_getnameinfo" +if test "x$ac_cv_func_getnameinfo" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_GETNAMEINFO 1 _ACEOF fi @@ -30731,14 +19023,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_getnameinfo=no" eval "LIB_getnameinfo=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_getnameinfo=yes" @@ -30751,8 +19043,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -30775,10 +19067,10 @@ fi -{ echo "$as_me:$LINENO: checking for freeaddrinfo" >&5 -echo $ECHO_N "checking for freeaddrinfo... $ECHO_C" >&6; } -if test "${ac_cv_funclib_freeaddrinfo+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for freeaddrinfo" >&5 +$as_echo_n "checking for freeaddrinfo... " >&6; } +if test "${ac_cv_funclib_freeaddrinfo+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_freeaddrinfo\" != yes" ; then @@ -30792,15 +19084,14 @@ if eval "test \"\$ac_cv_func_freeaddrinfo\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_NETDB_H #include #endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif int main () { @@ -30809,34 +19100,11 @@ freeaddrinfo(0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_freeaddrinfo=$ac_lib; else ac_cv_funclib_freeaddrinfo=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_freeaddrinfo=\${ac_cv_funclib_freeaddrinfo-no}" LIBS="$ac_save_LIBS" @@ -30848,95 +19116,12 @@ fi eval "ac_res=\$ac_cv_funclib_freeaddrinfo" if false; then - -for ac_func in freeaddrinfo -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in freeaddrinfo +do : + ac_fn_c_check_func "$LINENO" "freeaddrinfo" "ac_cv_func_freeaddrinfo" +if test "x$ac_cv_func_freeaddrinfo" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_FREEADDRINFO 1 _ACEOF fi @@ -30956,14 +19141,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_freeaddrinfo=no" eval "LIB_freeaddrinfo=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_freeaddrinfo=yes" @@ -30976,8 +19161,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -31000,10 +19185,10 @@ fi -{ echo "$as_me:$LINENO: checking for gai_strerror" >&5 -echo $ECHO_N "checking for gai_strerror... $ECHO_C" >&6; } -if test "${ac_cv_funclib_gai_strerror+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gai_strerror" >&5 +$as_echo_n "checking for gai_strerror... " >&6; } +if test "${ac_cv_funclib_gai_strerror+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_gai_strerror\" != yes" ; then @@ -31017,15 +19202,14 @@ if eval "test \"\$ac_cv_func_gai_strerror\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_NETDB_H #include #endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif int main () { @@ -31034,34 +19218,11 @@ gai_strerror(0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_gai_strerror=$ac_lib; else ac_cv_funclib_gai_strerror=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_gai_strerror=\${ac_cv_funclib_gai_strerror-no}" LIBS="$ac_save_LIBS" @@ -31073,95 +19234,12 @@ fi eval "ac_res=\$ac_cv_funclib_gai_strerror" if false; then - -for ac_func in gai_strerror -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in gai_strerror +do : + ac_fn_c_check_func "$LINENO" "gai_strerror" "ac_cv_func_gai_strerror" +if test "x$ac_cv_func_gai_strerror" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_GAI_STRERROR 1 _ACEOF fi @@ -31181,14 +19259,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_gai_strerror=no" eval "LIB_gai_strerror=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_gai_strerror=yes" @@ -31201,8 +19279,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -31221,373 +19299,15 @@ esac fi -{ echo "$as_me:$LINENO: checking for chown" >&5 -echo $ECHO_N "checking for chown... $ECHO_C" >&6; } -if test "${ac_cv_func_chown+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define chown to an innocuous variant, in case declares chown. - For example, HP-UX 11i declares gettimeofday. */ -#define chown innocuous_chown +case "$host_os" in + darwin*) + ;; + *) -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char chown (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ +$as_echo "#define SUPPORT_DETACH 1" >>confdefs.h -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef chown - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char chown (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_chown || defined __stub___chown -choke me -#endif - -int -main () -{ -return chown (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_chown=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_chown=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_chown" >&5 -echo "${ECHO_T}$ac_cv_func_chown" >&6; } -if test $ac_cv_func_chown = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_CHOWN 1 -_ACEOF - -else - case " $LIBOBJS " in - *" chown.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS chown.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for copyhostent" >&5 -echo $ECHO_N "checking for copyhostent... $ECHO_C" >&6; } -if test "${ac_cv_func_copyhostent+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define copyhostent to an innocuous variant, in case declares copyhostent. - For example, HP-UX 11i declares gettimeofday. */ -#define copyhostent innocuous_copyhostent - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char copyhostent (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef copyhostent - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char copyhostent (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_copyhostent || defined __stub___copyhostent -choke me -#endif - -int -main () -{ -return copyhostent (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_copyhostent=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_copyhostent=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_copyhostent" >&5 -echo "${ECHO_T}$ac_cv_func_copyhostent" >&6; } -if test $ac_cv_func_copyhostent = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_COPYHOSTENT 1 -_ACEOF - -else - case " $LIBOBJS " in - *" copyhostent.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS copyhostent.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for closefrom" >&5 -echo $ECHO_N "checking for closefrom... $ECHO_C" >&6; } -if test "${ac_cv_func_closefrom+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define closefrom to an innocuous variant, in case declares closefrom. - For example, HP-UX 11i declares gettimeofday. */ -#define closefrom innocuous_closefrom - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char closefrom (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef closefrom - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char closefrom (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_closefrom || defined __stub___closefrom -choke me -#endif - -int -main () -{ -return closefrom (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_closefrom=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_closefrom=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_closefrom" >&5 -echo "${ECHO_T}$ac_cv_func_closefrom" >&6; } -if test $ac_cv_func_closefrom = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_CLOSEFROM 1 -_ACEOF - -else - case " $LIBOBJS " in - *" closefrom.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS closefrom.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for daemon" >&5 -echo $ECHO_N "checking for daemon... $ECHO_C" >&6; } -if test "${ac_cv_func_daemon+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define daemon to an innocuous variant, in case declares daemon. - For example, HP-UX 11i declares gettimeofday. */ -#define daemon innocuous_daemon - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char daemon (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef daemon - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char daemon (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_daemon || defined __stub___daemon -choke me -#endif - -int -main () -{ -return daemon (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_daemon=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_daemon=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_daemon" >&5 -echo "${ECHO_T}$ac_cv_func_daemon" >&6; } -if test $ac_cv_func_daemon = yes; then + ac_fn_c_check_func "$LINENO" "daemon" "ac_cv_func_daemon" +if test "x$ac_cv_func_daemon" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_DAEMON 1 @@ -31601,88 +19321,56 @@ else esac fi -{ echo "$as_me:$LINENO: checking for ecalloc" >&5 -echo $ECHO_N "checking for ecalloc... $ECHO_C" >&6; } -if test "${ac_cv_func_ecalloc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define ecalloc to an innocuous variant, in case declares ecalloc. - For example, HP-UX 11i declares gettimeofday. */ -#define ecalloc innocuous_ecalloc - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char ecalloc (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef ecalloc - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char ecalloc (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_ecalloc || defined __stub___ecalloc -choke me -#endif - -int -main () -{ -return ecalloc (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; + ;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_ecalloc=yes + +ac_fn_c_check_func "$LINENO" "chown" "ac_cv_func_chown" +if test "x$ac_cv_func_chown" = x""yes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_CHOWN 1 +_ACEOF + else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + case " $LIBOBJS " in + *" chown.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS chown.$ac_objext" + ;; +esac - ac_cv_func_ecalloc=no fi +ac_fn_c_check_func "$LINENO" "copyhostent" "ac_cv_func_copyhostent" +if test "x$ac_cv_func_copyhostent" = x""yes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_COPYHOSTENT 1 +_ACEOF + +else + case " $LIBOBJS " in + *" copyhostent.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS copyhostent.$ac_objext" + ;; +esac -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_ecalloc" >&5 -echo "${ECHO_T}$ac_cv_func_ecalloc" >&6; } -if test $ac_cv_func_ecalloc = yes; then +ac_fn_c_check_func "$LINENO" "closefrom" "ac_cv_func_closefrom" +if test "x$ac_cv_func_closefrom" = x""yes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_CLOSEFROM 1 +_ACEOF + +else + case " $LIBOBJS " in + *" closefrom.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS closefrom.$ac_objext" + ;; +esac + +fi +ac_fn_c_check_func "$LINENO" "ecalloc" "ac_cv_func_ecalloc" +if test "x$ac_cv_func_ecalloc" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_ECALLOC 1 @@ -31696,88 +19384,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for emalloc" >&5 -echo $ECHO_N "checking for emalloc... $ECHO_C" >&6; } -if test "${ac_cv_func_emalloc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define emalloc to an innocuous variant, in case declares emalloc. - For example, HP-UX 11i declares gettimeofday. */ -#define emalloc innocuous_emalloc - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char emalloc (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef emalloc - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char emalloc (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_emalloc || defined __stub___emalloc -choke me -#endif - -int -main () -{ -return emalloc (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_emalloc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_emalloc=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_emalloc" >&5 -echo "${ECHO_T}$ac_cv_func_emalloc" >&6; } -if test $ac_cv_func_emalloc = yes; then +ac_fn_c_check_func "$LINENO" "emalloc" "ac_cv_func_emalloc" +if test "x$ac_cv_func_emalloc" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_EMALLOC 1 @@ -31791,88 +19399,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for erealloc" >&5 -echo $ECHO_N "checking for erealloc... $ECHO_C" >&6; } -if test "${ac_cv_func_erealloc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define erealloc to an innocuous variant, in case declares erealloc. - For example, HP-UX 11i declares gettimeofday. */ -#define erealloc innocuous_erealloc - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char erealloc (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef erealloc - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char erealloc (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_erealloc || defined __stub___erealloc -choke me -#endif - -int -main () -{ -return erealloc (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_erealloc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_erealloc=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_erealloc" >&5 -echo "${ECHO_T}$ac_cv_func_erealloc" >&6; } -if test $ac_cv_func_erealloc = yes; then +ac_fn_c_check_func "$LINENO" "erealloc" "ac_cv_func_erealloc" +if test "x$ac_cv_func_erealloc" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_EREALLOC 1 @@ -31886,88 +19414,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for estrdup" >&5 -echo $ECHO_N "checking for estrdup... $ECHO_C" >&6; } -if test "${ac_cv_func_estrdup+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define estrdup to an innocuous variant, in case declares estrdup. - For example, HP-UX 11i declares gettimeofday. */ -#define estrdup innocuous_estrdup - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char estrdup (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef estrdup - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char estrdup (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_estrdup || defined __stub___estrdup -choke me -#endif - -int -main () -{ -return estrdup (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_estrdup=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_estrdup=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_estrdup" >&5 -echo "${ECHO_T}$ac_cv_func_estrdup" >&6; } -if test $ac_cv_func_estrdup = yes; then +ac_fn_c_check_func "$LINENO" "estrdup" "ac_cv_func_estrdup" +if test "x$ac_cv_func_estrdup" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_ESTRDUP 1 @@ -31981,88 +19429,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for err" >&5 -echo $ECHO_N "checking for err... $ECHO_C" >&6; } -if test "${ac_cv_func_err+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define err to an innocuous variant, in case declares err. - For example, HP-UX 11i declares gettimeofday. */ -#define err innocuous_err - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char err (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef err - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char err (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_err || defined __stub___err -choke me -#endif - -int -main () -{ -return err (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_err=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_err=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_err" >&5 -echo "${ECHO_T}$ac_cv_func_err" >&6; } -if test $ac_cv_func_err = yes; then +ac_fn_c_check_func "$LINENO" "err" "ac_cv_func_err" +if test "x$ac_cv_func_err" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_ERR 1 @@ -32076,88 +19444,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for errx" >&5 -echo $ECHO_N "checking for errx... $ECHO_C" >&6; } -if test "${ac_cv_func_errx+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define errx to an innocuous variant, in case declares errx. - For example, HP-UX 11i declares gettimeofday. */ -#define errx innocuous_errx - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char errx (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef errx - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char errx (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_errx || defined __stub___errx -choke me -#endif - -int -main () -{ -return errx (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_errx=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_errx=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_errx" >&5 -echo "${ECHO_T}$ac_cv_func_errx" >&6; } -if test $ac_cv_func_errx = yes; then +ac_fn_c_check_func "$LINENO" "errx" "ac_cv_func_errx" +if test "x$ac_cv_func_errx" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_ERRX 1 @@ -32171,88 +19459,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for fchown" >&5 -echo $ECHO_N "checking for fchown... $ECHO_C" >&6; } -if test "${ac_cv_func_fchown+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define fchown to an innocuous variant, in case declares fchown. - For example, HP-UX 11i declares gettimeofday. */ -#define fchown innocuous_fchown - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char fchown (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef fchown - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char fchown (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_fchown || defined __stub___fchown -choke me -#endif - -int -main () -{ -return fchown (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_fchown=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_fchown=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_fchown" >&5 -echo "${ECHO_T}$ac_cv_func_fchown" >&6; } -if test $ac_cv_func_fchown = yes; then +ac_fn_c_check_func "$LINENO" "fchown" "ac_cv_func_fchown" +if test "x$ac_cv_func_fchown" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_FCHOWN 1 @@ -32266,88 +19474,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for flock" >&5 -echo $ECHO_N "checking for flock... $ECHO_C" >&6; } -if test "${ac_cv_func_flock+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define flock to an innocuous variant, in case declares flock. - For example, HP-UX 11i declares gettimeofday. */ -#define flock innocuous_flock - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char flock (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef flock - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char flock (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_flock || defined __stub___flock -choke me -#endif - -int -main () -{ -return flock (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_flock=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_flock=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_flock" >&5 -echo "${ECHO_T}$ac_cv_func_flock" >&6; } -if test $ac_cv_func_flock = yes; then +ac_fn_c_check_func "$LINENO" "flock" "ac_cv_func_flock" +if test "x$ac_cv_func_flock" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_FLOCK 1 @@ -32361,88 +19489,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for fnmatch" >&5 -echo $ECHO_N "checking for fnmatch... $ECHO_C" >&6; } -if test "${ac_cv_func_fnmatch+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define fnmatch to an innocuous variant, in case declares fnmatch. - For example, HP-UX 11i declares gettimeofday. */ -#define fnmatch innocuous_fnmatch - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char fnmatch (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef fnmatch - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char fnmatch (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_fnmatch || defined __stub___fnmatch -choke me -#endif - -int -main () -{ -return fnmatch (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_fnmatch=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_fnmatch=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_fnmatch" >&5 -echo "${ECHO_T}$ac_cv_func_fnmatch" >&6; } -if test $ac_cv_func_fnmatch = yes; then +ac_fn_c_check_func "$LINENO" "fnmatch" "ac_cv_func_fnmatch" +if test "x$ac_cv_func_fnmatch" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_FNMATCH 1 @@ -32456,88 +19504,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for freehostent" >&5 -echo $ECHO_N "checking for freehostent... $ECHO_C" >&6; } -if test "${ac_cv_func_freehostent+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define freehostent to an innocuous variant, in case declares freehostent. - For example, HP-UX 11i declares gettimeofday. */ -#define freehostent innocuous_freehostent - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char freehostent (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef freehostent - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char freehostent (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_freehostent || defined __stub___freehostent -choke me -#endif - -int -main () -{ -return freehostent (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_freehostent=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_freehostent=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_freehostent" >&5 -echo "${ECHO_T}$ac_cv_func_freehostent" >&6; } -if test $ac_cv_func_freehostent = yes; then +ac_fn_c_check_func "$LINENO" "freehostent" "ac_cv_func_freehostent" +if test "x$ac_cv_func_freehostent" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_FREEHOSTENT 1 @@ -32551,88 +19519,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for getcwd" >&5 -echo $ECHO_N "checking for getcwd... $ECHO_C" >&6; } -if test "${ac_cv_func_getcwd+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getcwd to an innocuous variant, in case declares getcwd. - For example, HP-UX 11i declares gettimeofday. */ -#define getcwd innocuous_getcwd - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getcwd (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getcwd - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getcwd (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getcwd || defined __stub___getcwd -choke me -#endif - -int -main () -{ -return getcwd (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getcwd=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getcwd=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getcwd" >&5 -echo "${ECHO_T}$ac_cv_func_getcwd" >&6; } -if test $ac_cv_func_getcwd = yes; then +ac_fn_c_check_func "$LINENO" "getcwd" "ac_cv_func_getcwd" +if test "x$ac_cv_func_getcwd" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETCWD 1 @@ -32646,88 +19534,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for getdtablesize" >&5 -echo $ECHO_N "checking for getdtablesize... $ECHO_C" >&6; } -if test "${ac_cv_func_getdtablesize+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getdtablesize to an innocuous variant, in case declares getdtablesize. - For example, HP-UX 11i declares gettimeofday. */ -#define getdtablesize innocuous_getdtablesize - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getdtablesize (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getdtablesize - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getdtablesize (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getdtablesize || defined __stub___getdtablesize -choke me -#endif - -int -main () -{ -return getdtablesize (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getdtablesize=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getdtablesize=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getdtablesize" >&5 -echo "${ECHO_T}$ac_cv_func_getdtablesize" >&6; } -if test $ac_cv_func_getdtablesize = yes; then +ac_fn_c_check_func "$LINENO" "getdtablesize" "ac_cv_func_getdtablesize" +if test "x$ac_cv_func_getdtablesize" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETDTABLESIZE 1 @@ -32741,88 +19549,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for getegid" >&5 -echo $ECHO_N "checking for getegid... $ECHO_C" >&6; } -if test "${ac_cv_func_getegid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getegid to an innocuous variant, in case declares getegid. - For example, HP-UX 11i declares gettimeofday. */ -#define getegid innocuous_getegid - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getegid (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getegid - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getegid (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getegid || defined __stub___getegid -choke me -#endif - -int -main () -{ -return getegid (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getegid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getegid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getegid" >&5 -echo "${ECHO_T}$ac_cv_func_getegid" >&6; } -if test $ac_cv_func_getegid = yes; then +ac_fn_c_check_func "$LINENO" "getegid" "ac_cv_func_getegid" +if test "x$ac_cv_func_getegid" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETEGID 1 @@ -32836,88 +19564,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for geteuid" >&5 -echo $ECHO_N "checking for geteuid... $ECHO_C" >&6; } -if test "${ac_cv_func_geteuid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define geteuid to an innocuous variant, in case declares geteuid. - For example, HP-UX 11i declares gettimeofday. */ -#define geteuid innocuous_geteuid - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char geteuid (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef geteuid - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char geteuid (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_geteuid || defined __stub___geteuid -choke me -#endif - -int -main () -{ -return geteuid (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_geteuid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_geteuid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_geteuid" >&5 -echo "${ECHO_T}$ac_cv_func_geteuid" >&6; } -if test $ac_cv_func_geteuid = yes; then +ac_fn_c_check_func "$LINENO" "geteuid" "ac_cv_func_geteuid" +if test "x$ac_cv_func_geteuid" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETEUID 1 @@ -32931,88 +19579,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for getgid" >&5 -echo $ECHO_N "checking for getgid... $ECHO_C" >&6; } -if test "${ac_cv_func_getgid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getgid to an innocuous variant, in case declares getgid. - For example, HP-UX 11i declares gettimeofday. */ -#define getgid innocuous_getgid - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getgid (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getgid - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getgid (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getgid || defined __stub___getgid -choke me -#endif - -int -main () -{ -return getgid (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getgid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getgid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getgid" >&5 -echo "${ECHO_T}$ac_cv_func_getgid" >&6; } -if test $ac_cv_func_getgid = yes; then +ac_fn_c_check_func "$LINENO" "getgid" "ac_cv_func_getgid" +if test "x$ac_cv_func_getgid" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETGID 1 @@ -33026,88 +19594,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for gethostname" >&5 -echo $ECHO_N "checking for gethostname... $ECHO_C" >&6; } -if test "${ac_cv_func_gethostname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define gethostname to an innocuous variant, in case declares gethostname. - For example, HP-UX 11i declares gettimeofday. */ -#define gethostname innocuous_gethostname - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char gethostname (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef gethostname - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gethostname (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_gethostname || defined __stub___gethostname -choke me -#endif - -int -main () -{ -return gethostname (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_gethostname=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_gethostname=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_gethostname" >&5 -echo "${ECHO_T}$ac_cv_func_gethostname" >&6; } -if test $ac_cv_func_gethostname = yes; then +ac_fn_c_check_func "$LINENO" "gethostname" "ac_cv_func_gethostname" +if test "x$ac_cv_func_gethostname" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETHOSTNAME 1 @@ -33121,88 +19609,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for getifaddrs" >&5 -echo $ECHO_N "checking for getifaddrs... $ECHO_C" >&6; } -if test "${ac_cv_func_getifaddrs+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getifaddrs to an innocuous variant, in case declares getifaddrs. - For example, HP-UX 11i declares gettimeofday. */ -#define getifaddrs innocuous_getifaddrs - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getifaddrs (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getifaddrs - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getifaddrs (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getifaddrs || defined __stub___getifaddrs -choke me -#endif - -int -main () -{ -return getifaddrs (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getifaddrs=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getifaddrs=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getifaddrs" >&5 -echo "${ECHO_T}$ac_cv_func_getifaddrs" >&6; } -if test $ac_cv_func_getifaddrs = yes; then +ac_fn_c_check_func "$LINENO" "getifaddrs" "ac_cv_func_getifaddrs" +if test "x$ac_cv_func_getifaddrs" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETIFADDRS 1 @@ -33216,88 +19624,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for getipnodebyaddr" >&5 -echo $ECHO_N "checking for getipnodebyaddr... $ECHO_C" >&6; } -if test "${ac_cv_func_getipnodebyaddr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getipnodebyaddr to an innocuous variant, in case declares getipnodebyaddr. - For example, HP-UX 11i declares gettimeofday. */ -#define getipnodebyaddr innocuous_getipnodebyaddr - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getipnodebyaddr (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getipnodebyaddr - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getipnodebyaddr (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getipnodebyaddr || defined __stub___getipnodebyaddr -choke me -#endif - -int -main () -{ -return getipnodebyaddr (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getipnodebyaddr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getipnodebyaddr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getipnodebyaddr" >&5 -echo "${ECHO_T}$ac_cv_func_getipnodebyaddr" >&6; } -if test $ac_cv_func_getipnodebyaddr = yes; then +ac_fn_c_check_func "$LINENO" "getipnodebyaddr" "ac_cv_func_getipnodebyaddr" +if test "x$ac_cv_func_getipnodebyaddr" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETIPNODEBYADDR 1 @@ -33311,88 +19639,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for getipnodebyname" >&5 -echo $ECHO_N "checking for getipnodebyname... $ECHO_C" >&6; } -if test "${ac_cv_func_getipnodebyname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getipnodebyname to an innocuous variant, in case declares getipnodebyname. - For example, HP-UX 11i declares gettimeofday. */ -#define getipnodebyname innocuous_getipnodebyname - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getipnodebyname (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getipnodebyname - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getipnodebyname (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getipnodebyname || defined __stub___getipnodebyname -choke me -#endif - -int -main () -{ -return getipnodebyname (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getipnodebyname=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getipnodebyname=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getipnodebyname" >&5 -echo "${ECHO_T}$ac_cv_func_getipnodebyname" >&6; } -if test $ac_cv_func_getipnodebyname = yes; then +ac_fn_c_check_func "$LINENO" "getipnodebyname" "ac_cv_func_getipnodebyname" +if test "x$ac_cv_func_getipnodebyname" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETIPNODEBYNAME 1 @@ -33406,88 +19654,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for getopt" >&5 -echo $ECHO_N "checking for getopt... $ECHO_C" >&6; } -if test "${ac_cv_func_getopt+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getopt to an innocuous variant, in case declares getopt. - For example, HP-UX 11i declares gettimeofday. */ -#define getopt innocuous_getopt - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getopt (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getopt - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getopt (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getopt || defined __stub___getopt -choke me -#endif - -int -main () -{ -return getopt (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getopt=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getopt=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getopt" >&5 -echo "${ECHO_T}$ac_cv_func_getopt" >&6; } -if test $ac_cv_func_getopt = yes; then +ac_fn_c_check_func "$LINENO" "getopt" "ac_cv_func_getopt" +if test "x$ac_cv_func_getopt" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETOPT 1 @@ -33501,88 +19669,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for gettimeofday" >&5 -echo $ECHO_N "checking for gettimeofday... $ECHO_C" >&6; } -if test "${ac_cv_func_gettimeofday+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define gettimeofday to an innocuous variant, in case declares gettimeofday. - For example, HP-UX 11i declares gettimeofday. */ -#define gettimeofday innocuous_gettimeofday - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char gettimeofday (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef gettimeofday - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gettimeofday (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_gettimeofday || defined __stub___gettimeofday -choke me -#endif - -int -main () -{ -return gettimeofday (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_gettimeofday=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_gettimeofday=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_gettimeofday" >&5 -echo "${ECHO_T}$ac_cv_func_gettimeofday" >&6; } -if test $ac_cv_func_gettimeofday = yes; then +ac_fn_c_check_func "$LINENO" "gettimeofday" "ac_cv_func_gettimeofday" +if test "x$ac_cv_func_gettimeofday" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETTIMEOFDAY 1 @@ -33596,88 +19684,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for getuid" >&5 -echo $ECHO_N "checking for getuid... $ECHO_C" >&6; } -if test "${ac_cv_func_getuid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getuid to an innocuous variant, in case declares getuid. - For example, HP-UX 11i declares gettimeofday. */ -#define getuid innocuous_getuid - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getuid (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getuid - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getuid (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getuid || defined __stub___getuid -choke me -#endif - -int -main () -{ -return getuid (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getuid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getuid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getuid" >&5 -echo "${ECHO_T}$ac_cv_func_getuid" >&6; } -if test $ac_cv_func_getuid = yes; then +ac_fn_c_check_func "$LINENO" "getuid" "ac_cv_func_getuid" +if test "x$ac_cv_func_getuid" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETUID 1 @@ -33691,88 +19699,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for getusershell" >&5 -echo $ECHO_N "checking for getusershell... $ECHO_C" >&6; } -if test "${ac_cv_func_getusershell+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getusershell to an innocuous variant, in case declares getusershell. - For example, HP-UX 11i declares gettimeofday. */ -#define getusershell innocuous_getusershell - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getusershell (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getusershell - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getusershell (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getusershell || defined __stub___getusershell -choke me -#endif - -int -main () -{ -return getusershell (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getusershell=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getusershell=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getusershell" >&5 -echo "${ECHO_T}$ac_cv_func_getusershell" >&6; } -if test $ac_cv_func_getusershell = yes; then +ac_fn_c_check_func "$LINENO" "getusershell" "ac_cv_func_getusershell" +if test "x$ac_cv_func_getusershell" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETUSERSHELL 1 @@ -33786,88 +19714,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for initgroups" >&5 -echo $ECHO_N "checking for initgroups... $ECHO_C" >&6; } -if test "${ac_cv_func_initgroups+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define initgroups to an innocuous variant, in case declares initgroups. - For example, HP-UX 11i declares gettimeofday. */ -#define initgroups innocuous_initgroups - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char initgroups (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef initgroups - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char initgroups (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_initgroups || defined __stub___initgroups -choke me -#endif - -int -main () -{ -return initgroups (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_initgroups=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_initgroups=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_initgroups" >&5 -echo "${ECHO_T}$ac_cv_func_initgroups" >&6; } -if test $ac_cv_func_initgroups = yes; then +ac_fn_c_check_func "$LINENO" "initgroups" "ac_cv_func_initgroups" +if test "x$ac_cv_func_initgroups" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_INITGROUPS 1 @@ -33881,88 +19729,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for innetgr" >&5 -echo $ECHO_N "checking for innetgr... $ECHO_C" >&6; } -if test "${ac_cv_func_innetgr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define innetgr to an innocuous variant, in case declares innetgr. - For example, HP-UX 11i declares gettimeofday. */ -#define innetgr innocuous_innetgr - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char innetgr (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef innetgr - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char innetgr (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_innetgr || defined __stub___innetgr -choke me -#endif - -int -main () -{ -return innetgr (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_innetgr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_innetgr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_innetgr" >&5 -echo "${ECHO_T}$ac_cv_func_innetgr" >&6; } -if test $ac_cv_func_innetgr = yes; then +ac_fn_c_check_func "$LINENO" "innetgr" "ac_cv_func_innetgr" +if test "x$ac_cv_func_innetgr" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_INNETGR 1 @@ -33976,88 +19744,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for iruserok" >&5 -echo $ECHO_N "checking for iruserok... $ECHO_C" >&6; } -if test "${ac_cv_func_iruserok+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define iruserok to an innocuous variant, in case declares iruserok. - For example, HP-UX 11i declares gettimeofday. */ -#define iruserok innocuous_iruserok - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char iruserok (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef iruserok - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char iruserok (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_iruserok || defined __stub___iruserok -choke me -#endif - -int -main () -{ -return iruserok (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_iruserok=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_iruserok=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_iruserok" >&5 -echo "${ECHO_T}$ac_cv_func_iruserok" >&6; } -if test $ac_cv_func_iruserok = yes; then +ac_fn_c_check_func "$LINENO" "iruserok" "ac_cv_func_iruserok" +if test "x$ac_cv_func_iruserok" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_IRUSEROK 1 @@ -34071,88 +19759,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for localtime_r" >&5 -echo $ECHO_N "checking for localtime_r... $ECHO_C" >&6; } -if test "${ac_cv_func_localtime_r+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define localtime_r to an innocuous variant, in case declares localtime_r. - For example, HP-UX 11i declares gettimeofday. */ -#define localtime_r innocuous_localtime_r - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char localtime_r (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef localtime_r - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char localtime_r (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_localtime_r || defined __stub___localtime_r -choke me -#endif - -int -main () -{ -return localtime_r (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_localtime_r=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_localtime_r=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_localtime_r" >&5 -echo "${ECHO_T}$ac_cv_func_localtime_r" >&6; } -if test $ac_cv_func_localtime_r = yes; then +ac_fn_c_check_func "$LINENO" "localtime_r" "ac_cv_func_localtime_r" +if test "x$ac_cv_func_localtime_r" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LOCALTIME_R 1 @@ -34166,88 +19774,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for lstat" >&5 -echo $ECHO_N "checking for lstat... $ECHO_C" >&6; } -if test "${ac_cv_func_lstat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define lstat to an innocuous variant, in case declares lstat. - For example, HP-UX 11i declares gettimeofday. */ -#define lstat innocuous_lstat - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char lstat (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef lstat - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char lstat (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_lstat || defined __stub___lstat -choke me -#endif - -int -main () -{ -return lstat (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_lstat=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_lstat=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_lstat" >&5 -echo "${ECHO_T}$ac_cv_func_lstat" >&6; } -if test $ac_cv_func_lstat = yes; then +ac_fn_c_check_func "$LINENO" "lstat" "ac_cv_func_lstat" +if test "x$ac_cv_func_lstat" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LSTAT 1 @@ -34261,88 +19789,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for memmove" >&5 -echo $ECHO_N "checking for memmove... $ECHO_C" >&6; } -if test "${ac_cv_func_memmove+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define memmove to an innocuous variant, in case declares memmove. - For example, HP-UX 11i declares gettimeofday. */ -#define memmove innocuous_memmove - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char memmove (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef memmove - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char memmove (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_memmove || defined __stub___memmove -choke me -#endif - -int -main () -{ -return memmove (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_memmove=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_memmove=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_memmove" >&5 -echo "${ECHO_T}$ac_cv_func_memmove" >&6; } -if test $ac_cv_func_memmove = yes; then +ac_fn_c_check_func "$LINENO" "memmove" "ac_cv_func_memmove" +if test "x$ac_cv_func_memmove" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_MEMMOVE 1 @@ -34356,88 +19804,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for mkstemp" >&5 -echo $ECHO_N "checking for mkstemp... $ECHO_C" >&6; } -if test "${ac_cv_func_mkstemp+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define mkstemp to an innocuous variant, in case declares mkstemp. - For example, HP-UX 11i declares gettimeofday. */ -#define mkstemp innocuous_mkstemp - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char mkstemp (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef mkstemp - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char mkstemp (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_mkstemp || defined __stub___mkstemp -choke me -#endif - -int -main () -{ -return mkstemp (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_mkstemp=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_mkstemp=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_mkstemp" >&5 -echo "${ECHO_T}$ac_cv_func_mkstemp" >&6; } -if test $ac_cv_func_mkstemp = yes; then +ac_fn_c_check_func "$LINENO" "mkstemp" "ac_cv_func_mkstemp" +if test "x$ac_cv_func_mkstemp" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_MKSTEMP 1 @@ -34451,88 +19819,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for putenv" >&5 -echo $ECHO_N "checking for putenv... $ECHO_C" >&6; } -if test "${ac_cv_func_putenv+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define putenv to an innocuous variant, in case declares putenv. - For example, HP-UX 11i declares gettimeofday. */ -#define putenv innocuous_putenv - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char putenv (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef putenv - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char putenv (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_putenv || defined __stub___putenv -choke me -#endif - -int -main () -{ -return putenv (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_putenv=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_putenv=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_putenv" >&5 -echo "${ECHO_T}$ac_cv_func_putenv" >&6; } -if test $ac_cv_func_putenv = yes; then +ac_fn_c_check_func "$LINENO" "putenv" "ac_cv_func_putenv" +if test "x$ac_cv_func_putenv" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PUTENV 1 @@ -34546,88 +19834,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for rcmd" >&5 -echo $ECHO_N "checking for rcmd... $ECHO_C" >&6; } -if test "${ac_cv_func_rcmd+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define rcmd to an innocuous variant, in case declares rcmd. - For example, HP-UX 11i declares gettimeofday. */ -#define rcmd innocuous_rcmd - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char rcmd (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef rcmd - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char rcmd (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_rcmd || defined __stub___rcmd -choke me -#endif - -int -main () -{ -return rcmd (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_rcmd=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_rcmd=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_rcmd" >&5 -echo "${ECHO_T}$ac_cv_func_rcmd" >&6; } -if test $ac_cv_func_rcmd = yes; then +ac_fn_c_check_func "$LINENO" "rcmd" "ac_cv_func_rcmd" +if test "x$ac_cv_func_rcmd" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_RCMD 1 @@ -34641,88 +19849,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for readv" >&5 -echo $ECHO_N "checking for readv... $ECHO_C" >&6; } -if test "${ac_cv_func_readv+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define readv to an innocuous variant, in case declares readv. - For example, HP-UX 11i declares gettimeofday. */ -#define readv innocuous_readv - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char readv (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef readv - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char readv (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_readv || defined __stub___readv -choke me -#endif - -int -main () -{ -return readv (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_readv=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_readv=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_readv" >&5 -echo "${ECHO_T}$ac_cv_func_readv" >&6; } -if test $ac_cv_func_readv = yes; then +ac_fn_c_check_func "$LINENO" "readv" "ac_cv_func_readv" +if test "x$ac_cv_func_readv" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_READV 1 @@ -34736,88 +19864,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for recvmsg" >&5 -echo $ECHO_N "checking for recvmsg... $ECHO_C" >&6; } -if test "${ac_cv_func_recvmsg+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define recvmsg to an innocuous variant, in case declares recvmsg. - For example, HP-UX 11i declares gettimeofday. */ -#define recvmsg innocuous_recvmsg - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char recvmsg (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef recvmsg - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char recvmsg (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_recvmsg || defined __stub___recvmsg -choke me -#endif - -int -main () -{ -return recvmsg (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_recvmsg=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_recvmsg=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_recvmsg" >&5 -echo "${ECHO_T}$ac_cv_func_recvmsg" >&6; } -if test $ac_cv_func_recvmsg = yes; then +ac_fn_c_check_func "$LINENO" "recvmsg" "ac_cv_func_recvmsg" +if test "x$ac_cv_func_recvmsg" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_RECVMSG 1 @@ -34831,88 +19879,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for sendmsg" >&5 -echo $ECHO_N "checking for sendmsg... $ECHO_C" >&6; } -if test "${ac_cv_func_sendmsg+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define sendmsg to an innocuous variant, in case declares sendmsg. - For example, HP-UX 11i declares gettimeofday. */ -#define sendmsg innocuous_sendmsg - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char sendmsg (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef sendmsg - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char sendmsg (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_sendmsg || defined __stub___sendmsg -choke me -#endif - -int -main () -{ -return sendmsg (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_sendmsg=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_sendmsg=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_sendmsg" >&5 -echo "${ECHO_T}$ac_cv_func_sendmsg" >&6; } -if test $ac_cv_func_sendmsg = yes; then +ac_fn_c_check_func "$LINENO" "sendmsg" "ac_cv_func_sendmsg" +if test "x$ac_cv_func_sendmsg" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SENDMSG 1 @@ -34926,88 +19894,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for setegid" >&5 -echo $ECHO_N "checking for setegid... $ECHO_C" >&6; } -if test "${ac_cv_func_setegid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define setegid to an innocuous variant, in case declares setegid. - For example, HP-UX 11i declares gettimeofday. */ -#define setegid innocuous_setegid - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char setegid (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef setegid - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char setegid (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_setegid || defined __stub___setegid -choke me -#endif - -int -main () -{ -return setegid (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_setegid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_setegid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_setegid" >&5 -echo "${ECHO_T}$ac_cv_func_setegid" >&6; } -if test $ac_cv_func_setegid = yes; then +ac_fn_c_check_func "$LINENO" "setegid" "ac_cv_func_setegid" +if test "x$ac_cv_func_setegid" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SETEGID 1 @@ -35021,88 +19909,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for setenv" >&5 -echo $ECHO_N "checking for setenv... $ECHO_C" >&6; } -if test "${ac_cv_func_setenv+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define setenv to an innocuous variant, in case declares setenv. - For example, HP-UX 11i declares gettimeofday. */ -#define setenv innocuous_setenv - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char setenv (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef setenv - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char setenv (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_setenv || defined __stub___setenv -choke me -#endif - -int -main () -{ -return setenv (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_setenv=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_setenv=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_setenv" >&5 -echo "${ECHO_T}$ac_cv_func_setenv" >&6; } -if test $ac_cv_func_setenv = yes; then +ac_fn_c_check_func "$LINENO" "setenv" "ac_cv_func_setenv" +if test "x$ac_cv_func_setenv" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SETENV 1 @@ -35116,88 +19924,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for seteuid" >&5 -echo $ECHO_N "checking for seteuid... $ECHO_C" >&6; } -if test "${ac_cv_func_seteuid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define seteuid to an innocuous variant, in case declares seteuid. - For example, HP-UX 11i declares gettimeofday. */ -#define seteuid innocuous_seteuid - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char seteuid (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef seteuid - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char seteuid (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_seteuid || defined __stub___seteuid -choke me -#endif - -int -main () -{ -return seteuid (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_seteuid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_seteuid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_seteuid" >&5 -echo "${ECHO_T}$ac_cv_func_seteuid" >&6; } -if test $ac_cv_func_seteuid = yes; then +ac_fn_c_check_func "$LINENO" "seteuid" "ac_cv_func_seteuid" +if test "x$ac_cv_func_seteuid" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SETEUID 1 @@ -35211,88 +19939,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strcasecmp" >&5 -echo $ECHO_N "checking for strcasecmp... $ECHO_C" >&6; } -if test "${ac_cv_func_strcasecmp+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strcasecmp to an innocuous variant, in case declares strcasecmp. - For example, HP-UX 11i declares gettimeofday. */ -#define strcasecmp innocuous_strcasecmp - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strcasecmp (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strcasecmp - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strcasecmp (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strcasecmp || defined __stub___strcasecmp -choke me -#endif - -int -main () -{ -return strcasecmp (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strcasecmp=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strcasecmp=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strcasecmp" >&5 -echo "${ECHO_T}$ac_cv_func_strcasecmp" >&6; } -if test $ac_cv_func_strcasecmp = yes; then +ac_fn_c_check_func "$LINENO" "strcasecmp" "ac_cv_func_strcasecmp" +if test "x$ac_cv_func_strcasecmp" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRCASECMP 1 @@ -35306,88 +19954,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strdup" >&5 -echo $ECHO_N "checking for strdup... $ECHO_C" >&6; } -if test "${ac_cv_func_strdup+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strdup to an innocuous variant, in case declares strdup. - For example, HP-UX 11i declares gettimeofday. */ -#define strdup innocuous_strdup - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strdup (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strdup - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strdup (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strdup || defined __stub___strdup -choke me -#endif - -int -main () -{ -return strdup (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strdup=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strdup=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strdup" >&5 -echo "${ECHO_T}$ac_cv_func_strdup" >&6; } -if test $ac_cv_func_strdup = yes; then +ac_fn_c_check_func "$LINENO" "strdup" "ac_cv_func_strdup" +if test "x$ac_cv_func_strdup" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRDUP 1 @@ -35401,88 +19969,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strerror" >&5 -echo $ECHO_N "checking for strerror... $ECHO_C" >&6; } -if test "${ac_cv_func_strerror+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strerror to an innocuous variant, in case declares strerror. - For example, HP-UX 11i declares gettimeofday. */ -#define strerror innocuous_strerror - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strerror (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strerror - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strerror (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strerror || defined __stub___strerror -choke me -#endif - -int -main () -{ -return strerror (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strerror=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strerror=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strerror" >&5 -echo "${ECHO_T}$ac_cv_func_strerror" >&6; } -if test $ac_cv_func_strerror = yes; then +ac_fn_c_check_func "$LINENO" "strerror" "ac_cv_func_strerror" +if test "x$ac_cv_func_strerror" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRERROR 1 @@ -35496,88 +19984,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strftime" >&5 -echo $ECHO_N "checking for strftime... $ECHO_C" >&6; } -if test "${ac_cv_func_strftime+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strftime to an innocuous variant, in case declares strftime. - For example, HP-UX 11i declares gettimeofday. */ -#define strftime innocuous_strftime - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strftime (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strftime - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strftime (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strftime || defined __stub___strftime -choke me -#endif - -int -main () -{ -return strftime (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strftime=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strftime=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strftime" >&5 -echo "${ECHO_T}$ac_cv_func_strftime" >&6; } -if test $ac_cv_func_strftime = yes; then +ac_fn_c_check_func "$LINENO" "strftime" "ac_cv_func_strftime" +if test "x$ac_cv_func_strftime" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRFTIME 1 @@ -35591,88 +19999,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strlcat" >&5 -echo $ECHO_N "checking for strlcat... $ECHO_C" >&6; } -if test "${ac_cv_func_strlcat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strlcat to an innocuous variant, in case declares strlcat. - For example, HP-UX 11i declares gettimeofday. */ -#define strlcat innocuous_strlcat - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strlcat (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strlcat - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strlcat (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strlcat || defined __stub___strlcat -choke me -#endif - -int -main () -{ -return strlcat (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strlcat=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strlcat=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strlcat" >&5 -echo "${ECHO_T}$ac_cv_func_strlcat" >&6; } -if test $ac_cv_func_strlcat = yes; then +ac_fn_c_check_func "$LINENO" "strlcat" "ac_cv_func_strlcat" +if test "x$ac_cv_func_strlcat" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRLCAT 1 @@ -35686,88 +20014,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strlcpy" >&5 -echo $ECHO_N "checking for strlcpy... $ECHO_C" >&6; } -if test "${ac_cv_func_strlcpy+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strlcpy to an innocuous variant, in case declares strlcpy. - For example, HP-UX 11i declares gettimeofday. */ -#define strlcpy innocuous_strlcpy - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strlcpy (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strlcpy - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strlcpy (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strlcpy || defined __stub___strlcpy -choke me -#endif - -int -main () -{ -return strlcpy (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strlcpy=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strlcpy=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strlcpy" >&5 -echo "${ECHO_T}$ac_cv_func_strlcpy" >&6; } -if test $ac_cv_func_strlcpy = yes; then +ac_fn_c_check_func "$LINENO" "strlcpy" "ac_cv_func_strlcpy" +if test "x$ac_cv_func_strlcpy" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRLCPY 1 @@ -35781,88 +20029,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strlwr" >&5 -echo $ECHO_N "checking for strlwr... $ECHO_C" >&6; } -if test "${ac_cv_func_strlwr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strlwr to an innocuous variant, in case declares strlwr. - For example, HP-UX 11i declares gettimeofday. */ -#define strlwr innocuous_strlwr - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strlwr (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strlwr - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strlwr (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strlwr || defined __stub___strlwr -choke me -#endif - -int -main () -{ -return strlwr (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strlwr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strlwr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strlwr" >&5 -echo "${ECHO_T}$ac_cv_func_strlwr" >&6; } -if test $ac_cv_func_strlwr = yes; then +ac_fn_c_check_func "$LINENO" "strlwr" "ac_cv_func_strlwr" +if test "x$ac_cv_func_strlwr" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRLWR 1 @@ -35876,88 +20044,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strncasecmp" >&5 -echo $ECHO_N "checking for strncasecmp... $ECHO_C" >&6; } -if test "${ac_cv_func_strncasecmp+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strncasecmp to an innocuous variant, in case declares strncasecmp. - For example, HP-UX 11i declares gettimeofday. */ -#define strncasecmp innocuous_strncasecmp - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strncasecmp (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strncasecmp - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strncasecmp (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strncasecmp || defined __stub___strncasecmp -choke me -#endif - -int -main () -{ -return strncasecmp (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strncasecmp=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strncasecmp=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strncasecmp" >&5 -echo "${ECHO_T}$ac_cv_func_strncasecmp" >&6; } -if test $ac_cv_func_strncasecmp = yes; then +ac_fn_c_check_func "$LINENO" "strncasecmp" "ac_cv_func_strncasecmp" +if test "x$ac_cv_func_strncasecmp" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRNCASECMP 1 @@ -35971,88 +20059,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strndup" >&5 -echo $ECHO_N "checking for strndup... $ECHO_C" >&6; } -if test "${ac_cv_func_strndup+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strndup to an innocuous variant, in case declares strndup. - For example, HP-UX 11i declares gettimeofday. */ -#define strndup innocuous_strndup - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strndup (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strndup - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strndup (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strndup || defined __stub___strndup -choke me -#endif - -int -main () -{ -return strndup (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strndup=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strndup=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strndup" >&5 -echo "${ECHO_T}$ac_cv_func_strndup" >&6; } -if test $ac_cv_func_strndup = yes; then +ac_fn_c_check_func "$LINENO" "strndup" "ac_cv_func_strndup" +if test "x$ac_cv_func_strndup" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRNDUP 1 @@ -36066,88 +20074,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strnlen" >&5 -echo $ECHO_N "checking for strnlen... $ECHO_C" >&6; } -if test "${ac_cv_func_strnlen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strnlen to an innocuous variant, in case declares strnlen. - For example, HP-UX 11i declares gettimeofday. */ -#define strnlen innocuous_strnlen - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strnlen (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strnlen - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strnlen (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strnlen || defined __stub___strnlen -choke me -#endif - -int -main () -{ -return strnlen (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strnlen=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strnlen=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strnlen" >&5 -echo "${ECHO_T}$ac_cv_func_strnlen" >&6; } -if test $ac_cv_func_strnlen = yes; then +ac_fn_c_check_func "$LINENO" "strnlen" "ac_cv_func_strnlen" +if test "x$ac_cv_func_strnlen" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRNLEN 1 @@ -36161,88 +20089,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strptime" >&5 -echo $ECHO_N "checking for strptime... $ECHO_C" >&6; } -if test "${ac_cv_func_strptime+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strptime to an innocuous variant, in case declares strptime. - For example, HP-UX 11i declares gettimeofday. */ -#define strptime innocuous_strptime - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strptime (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strptime - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strptime (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strptime || defined __stub___strptime -choke me -#endif - -int -main () -{ -return strptime (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strptime=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strptime=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strptime" >&5 -echo "${ECHO_T}$ac_cv_func_strptime" >&6; } -if test $ac_cv_func_strptime = yes; then +ac_fn_c_check_func "$LINENO" "strptime" "ac_cv_func_strptime" +if test "x$ac_cv_func_strptime" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRPTIME 1 @@ -36256,88 +20104,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strsep" >&5 -echo $ECHO_N "checking for strsep... $ECHO_C" >&6; } -if test "${ac_cv_func_strsep+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strsep to an innocuous variant, in case declares strsep. - For example, HP-UX 11i declares gettimeofday. */ -#define strsep innocuous_strsep - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strsep (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strsep - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strsep (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strsep || defined __stub___strsep -choke me -#endif - -int -main () -{ -return strsep (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strsep=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strsep=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strsep" >&5 -echo "${ECHO_T}$ac_cv_func_strsep" >&6; } -if test $ac_cv_func_strsep = yes; then +ac_fn_c_check_func "$LINENO" "strsep" "ac_cv_func_strsep" +if test "x$ac_cv_func_strsep" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRSEP 1 @@ -36351,88 +20119,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strsep_copy" >&5 -echo $ECHO_N "checking for strsep_copy... $ECHO_C" >&6; } -if test "${ac_cv_func_strsep_copy+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strsep_copy to an innocuous variant, in case declares strsep_copy. - For example, HP-UX 11i declares gettimeofday. */ -#define strsep_copy innocuous_strsep_copy - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strsep_copy (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strsep_copy - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strsep_copy (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strsep_copy || defined __stub___strsep_copy -choke me -#endif - -int -main () -{ -return strsep_copy (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strsep_copy=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strsep_copy=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strsep_copy" >&5 -echo "${ECHO_T}$ac_cv_func_strsep_copy" >&6; } -if test $ac_cv_func_strsep_copy = yes; then +ac_fn_c_check_func "$LINENO" "strsep_copy" "ac_cv_func_strsep_copy" +if test "x$ac_cv_func_strsep_copy" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRSEP_COPY 1 @@ -36446,88 +20134,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strtok_r" >&5 -echo $ECHO_N "checking for strtok_r... $ECHO_C" >&6; } -if test "${ac_cv_func_strtok_r+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strtok_r to an innocuous variant, in case declares strtok_r. - For example, HP-UX 11i declares gettimeofday. */ -#define strtok_r innocuous_strtok_r - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strtok_r (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strtok_r - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strtok_r (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strtok_r || defined __stub___strtok_r -choke me -#endif - -int -main () -{ -return strtok_r (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strtok_r=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strtok_r=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strtok_r" >&5 -echo "${ECHO_T}$ac_cv_func_strtok_r" >&6; } -if test $ac_cv_func_strtok_r = yes; then +ac_fn_c_check_func "$LINENO" "strtok_r" "ac_cv_func_strtok_r" +if test "x$ac_cv_func_strtok_r" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRTOK_R 1 @@ -36541,88 +20149,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for strupr" >&5 -echo $ECHO_N "checking for strupr... $ECHO_C" >&6; } -if test "${ac_cv_func_strupr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strupr to an innocuous variant, in case declares strupr. - For example, HP-UX 11i declares gettimeofday. */ -#define strupr innocuous_strupr - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strupr (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strupr - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strupr (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strupr || defined __stub___strupr -choke me -#endif - -int -main () -{ -return strupr (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strupr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strupr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strupr" >&5 -echo "${ECHO_T}$ac_cv_func_strupr" >&6; } -if test $ac_cv_func_strupr = yes; then +ac_fn_c_check_func "$LINENO" "strupr" "ac_cv_func_strupr" +if test "x$ac_cv_func_strupr" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUPR 1 @@ -36636,88 +20164,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for swab" >&5 -echo $ECHO_N "checking for swab... $ECHO_C" >&6; } -if test "${ac_cv_func_swab+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define swab to an innocuous variant, in case declares swab. - For example, HP-UX 11i declares gettimeofday. */ -#define swab innocuous_swab - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char swab (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef swab - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char swab (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_swab || defined __stub___swab -choke me -#endif - -int -main () -{ -return swab (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_swab=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_swab=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_swab" >&5 -echo "${ECHO_T}$ac_cv_func_swab" >&6; } -if test $ac_cv_func_swab = yes; then +ac_fn_c_check_func "$LINENO" "swab" "ac_cv_func_swab" +if test "x$ac_cv_func_swab" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SWAB 1 @@ -36731,88 +20179,23 @@ else esac fi -{ echo "$as_me:$LINENO: checking for timegm" >&5 -echo $ECHO_N "checking for timegm... $ECHO_C" >&6; } -if test "${ac_cv_func_timegm+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +ac_fn_c_check_func "$LINENO" "tsearch" "ac_cv_func_tsearch" +if test "x$ac_cv_func_tsearch" = x""yes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_TSEARCH 1 +_ACEOF + else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define timegm to an innocuous variant, in case declares timegm. - For example, HP-UX 11i declares gettimeofday. */ -#define timegm innocuous_timegm - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char timegm (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef timegm - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char timegm (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_timegm || defined __stub___timegm -choke me -#endif - -int -main () -{ -return timegm (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; + case " $LIBOBJS " in + *" tsearch.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS tsearch.$ac_objext" + ;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_timegm=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_cv_func_timegm=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_timegm" >&5 -echo "${ECHO_T}$ac_cv_func_timegm" >&6; } -if test $ac_cv_func_timegm = yes; then +ac_fn_c_check_func "$LINENO" "timegm" "ac_cv_func_timegm" +if test "x$ac_cv_func_timegm" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_TIMEGM 1 @@ -36826,88 +20209,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for unsetenv" >&5 -echo $ECHO_N "checking for unsetenv... $ECHO_C" >&6; } -if test "${ac_cv_func_unsetenv+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define unsetenv to an innocuous variant, in case declares unsetenv. - For example, HP-UX 11i declares gettimeofday. */ -#define unsetenv innocuous_unsetenv - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char unsetenv (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef unsetenv - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char unsetenv (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_unsetenv || defined __stub___unsetenv -choke me -#endif - -int -main () -{ -return unsetenv (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_unsetenv=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_unsetenv=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_unsetenv" >&5 -echo "${ECHO_T}$ac_cv_func_unsetenv" >&6; } -if test $ac_cv_func_unsetenv = yes; then +ac_fn_c_check_func "$LINENO" "unsetenv" "ac_cv_func_unsetenv" +if test "x$ac_cv_func_unsetenv" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_UNSETENV 1 @@ -36921,88 +20224,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for verr" >&5 -echo $ECHO_N "checking for verr... $ECHO_C" >&6; } -if test "${ac_cv_func_verr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define verr to an innocuous variant, in case declares verr. - For example, HP-UX 11i declares gettimeofday. */ -#define verr innocuous_verr - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char verr (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef verr - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char verr (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_verr || defined __stub___verr -choke me -#endif - -int -main () -{ -return verr (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_verr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_verr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_verr" >&5 -echo "${ECHO_T}$ac_cv_func_verr" >&6; } -if test $ac_cv_func_verr = yes; then +ac_fn_c_check_func "$LINENO" "verr" "ac_cv_func_verr" +if test "x$ac_cv_func_verr" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_VERR 1 @@ -37016,88 +20239,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for verrx" >&5 -echo $ECHO_N "checking for verrx... $ECHO_C" >&6; } -if test "${ac_cv_func_verrx+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define verrx to an innocuous variant, in case declares verrx. - For example, HP-UX 11i declares gettimeofday. */ -#define verrx innocuous_verrx - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char verrx (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef verrx - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char verrx (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_verrx || defined __stub___verrx -choke me -#endif - -int -main () -{ -return verrx (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_verrx=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_verrx=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_verrx" >&5 -echo "${ECHO_T}$ac_cv_func_verrx" >&6; } -if test $ac_cv_func_verrx = yes; then +ac_fn_c_check_func "$LINENO" "verrx" "ac_cv_func_verrx" +if test "x$ac_cv_func_verrx" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_VERRX 1 @@ -37111,88 +20254,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for vsyslog" >&5 -echo $ECHO_N "checking for vsyslog... $ECHO_C" >&6; } -if test "${ac_cv_func_vsyslog+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define vsyslog to an innocuous variant, in case declares vsyslog. - For example, HP-UX 11i declares gettimeofday. */ -#define vsyslog innocuous_vsyslog - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char vsyslog (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef vsyslog - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char vsyslog (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_vsyslog || defined __stub___vsyslog -choke me -#endif - -int -main () -{ -return vsyslog (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_vsyslog=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_vsyslog=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vsyslog" >&5 -echo "${ECHO_T}$ac_cv_func_vsyslog" >&6; } -if test $ac_cv_func_vsyslog = yes; then +ac_fn_c_check_func "$LINENO" "vsyslog" "ac_cv_func_vsyslog" +if test "x$ac_cv_func_vsyslog" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_VSYSLOG 1 @@ -37206,88 +20269,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for vwarn" >&5 -echo $ECHO_N "checking for vwarn... $ECHO_C" >&6; } -if test "${ac_cv_func_vwarn+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define vwarn to an innocuous variant, in case declares vwarn. - For example, HP-UX 11i declares gettimeofday. */ -#define vwarn innocuous_vwarn - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char vwarn (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef vwarn - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char vwarn (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_vwarn || defined __stub___vwarn -choke me -#endif - -int -main () -{ -return vwarn (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_vwarn=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_vwarn=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vwarn" >&5 -echo "${ECHO_T}$ac_cv_func_vwarn" >&6; } -if test $ac_cv_func_vwarn = yes; then +ac_fn_c_check_func "$LINENO" "vwarn" "ac_cv_func_vwarn" +if test "x$ac_cv_func_vwarn" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_VWARN 1 @@ -37301,88 +20284,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for vwarnx" >&5 -echo $ECHO_N "checking for vwarnx... $ECHO_C" >&6; } -if test "${ac_cv_func_vwarnx+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define vwarnx to an innocuous variant, in case declares vwarnx. - For example, HP-UX 11i declares gettimeofday. */ -#define vwarnx innocuous_vwarnx - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char vwarnx (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef vwarnx - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char vwarnx (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_vwarnx || defined __stub___vwarnx -choke me -#endif - -int -main () -{ -return vwarnx (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_vwarnx=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_vwarnx=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vwarnx" >&5 -echo "${ECHO_T}$ac_cv_func_vwarnx" >&6; } -if test $ac_cv_func_vwarnx = yes; then +ac_fn_c_check_func "$LINENO" "vwarnx" "ac_cv_func_vwarnx" +if test "x$ac_cv_func_vwarnx" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_VWARNX 1 @@ -37396,88 +20299,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for warn" >&5 -echo $ECHO_N "checking for warn... $ECHO_C" >&6; } -if test "${ac_cv_func_warn+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define warn to an innocuous variant, in case declares warn. - For example, HP-UX 11i declares gettimeofday. */ -#define warn innocuous_warn - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char warn (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef warn - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char warn (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_warn || defined __stub___warn -choke me -#endif - -int -main () -{ -return warn (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_warn=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_warn=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_warn" >&5 -echo "${ECHO_T}$ac_cv_func_warn" >&6; } -if test $ac_cv_func_warn = yes; then +ac_fn_c_check_func "$LINENO" "warn" "ac_cv_func_warn" +if test "x$ac_cv_func_warn" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_WARN 1 @@ -37491,88 +20314,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for warnx" >&5 -echo $ECHO_N "checking for warnx... $ECHO_C" >&6; } -if test "${ac_cv_func_warnx+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define warnx to an innocuous variant, in case declares warnx. - For example, HP-UX 11i declares gettimeofday. */ -#define warnx innocuous_warnx - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char warnx (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef warnx - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char warnx (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_warnx || defined __stub___warnx -choke me -#endif - -int -main () -{ -return warnx (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_warnx=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_warnx=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_warnx" >&5 -echo "${ECHO_T}$ac_cv_func_warnx" >&6; } -if test $ac_cv_func_warnx = yes; then +ac_fn_c_check_func "$LINENO" "warnx" "ac_cv_func_warnx" +if test "x$ac_cv_func_warnx" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_WARNX 1 @@ -37586,88 +20329,8 @@ else esac fi -{ echo "$as_me:$LINENO: checking for writev" >&5 -echo $ECHO_N "checking for writev... $ECHO_C" >&6; } -if test "${ac_cv_func_writev+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define writev to an innocuous variant, in case declares writev. - For example, HP-UX 11i declares gettimeofday. */ -#define writev innocuous_writev - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char writev (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef writev - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char writev (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_writev || defined __stub___writev -choke me -#endif - -int -main () -{ -return writev (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_writev=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_writev=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_writev" >&5 -echo "${ECHO_T}$ac_cv_func_writev" >&6; } -if test $ac_cv_func_writev = yes; then +ac_fn_c_check_func "$LINENO" "writev" "ac_cv_func_writev" +if test "x$ac_cv_func_writev" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_WRITEV 1 @@ -37694,16 +20357,12 @@ fi if test "$ac_cv_func_strndup+set" != set -o "$ac_cv_func_strndup" = yes; then -{ echo "$as_me:$LINENO: checking if strndup needs a prototype" >&5 -echo $ECHO_N "checking if strndup needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strndup_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if strndup needs a prototype" >&5 +$as_echo_n "checking if strndup needs a prototype... " >&6; } +if test "${ac_cv_func_strndup_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include struct foo { int foo; } xx; @@ -37716,55 +20375,29 @@ strndup(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_strndup_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strndup_noproto=no" + eval "ac_cv_func_strndup_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strndup_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strndup_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_strndup_noproto" >&5 +$as_echo "$ac_cv_func_strndup_noproto" >&6; } if test "$ac_cv_func_strndup_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_STRNDUP_PROTO 1 -_ACEOF +$as_echo "#define NEED_STRNDUP_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_strsep+set" != set -o "$ac_cv_func_strsep" = yes; then -{ echo "$as_me:$LINENO: checking if strsep needs a prototype" >&5 -echo $ECHO_N "checking if strsep needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strsep_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if strsep needs a prototype" >&5 +$as_echo_n "checking if strsep needs a prototype... " >&6; } +if test "${ac_cv_func_strsep_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include struct foo { int foo; } xx; @@ -37777,55 +20410,29 @@ strsep(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_strsep_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strsep_noproto=no" + eval "ac_cv_func_strsep_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strsep_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strsep_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_strsep_noproto" >&5 +$as_echo "$ac_cv_func_strsep_noproto" >&6; } if test "$ac_cv_func_strsep_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_STRSEP_PROTO 1 -_ACEOF +$as_echo "#define NEED_STRSEP_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_strtok_r+set" != set -o "$ac_cv_func_strtok_r" = yes; then -{ echo "$as_me:$LINENO: checking if strtok_r needs a prototype" >&5 -echo $ECHO_N "checking if strtok_r needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strtok_r_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if strtok_r needs a prototype" >&5 +$as_echo_n "checking if strtok_r needs a prototype... " >&6; } +if test "${ac_cv_func_strtok_r_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include struct foo { int foo; } xx; @@ -37838,40 +20445,18 @@ strtok_r(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_strtok_r_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strtok_r_noproto=no" + eval "ac_cv_func_strtok_r_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strtok_r_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strtok_r_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_strtok_r_noproto" >&5 +$as_echo "$ac_cv_func_strtok_r_noproto" >&6; } if test "$ac_cv_func_strtok_r_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_STRTOK_R_PROTO 1 -_ACEOF +$as_echo "#define NEED_STRTOK_R_PROTO 1" >>confdefs.h fi fi @@ -37879,16 +20464,12 @@ fi if test "$ac_cv_func_strsvis+set" != set -o "$ac_cv_func_strsvis" = yes; then -{ echo "$as_me:$LINENO: checking if strsvis needs a prototype" >&5 -echo $ECHO_N "checking if strsvis needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strsvis_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if strsvis needs a prototype" >&5 +$as_echo_n "checking if strsvis needs a prototype... " >&6; } +if test "${ac_cv_func_strsvis_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_VIS_H #include @@ -37903,55 +20484,66 @@ strsvis(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_strsvis_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strsvis_noproto=no" + eval "ac_cv_func_strsvis_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strsvis_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strsvis_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_strsvis_noproto" >&5 +$as_echo "$ac_cv_func_strsvis_noproto" >&6; } if test "$ac_cv_func_strsvis_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_STRSVIS_PROTO 1 +$as_echo "#define NEED_STRSVIS_PROTO 1" >>confdefs.h + +fi +fi + +if test "$ac_cv_func_strsvisx+set" != set -o "$ac_cv_func_strsvisx" = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if strsvisx needs a prototype" >&5 +$as_echo_n "checking if strsvisx needs a prototype... " >&6; } +if test "${ac_cv_func_strsvisx_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef HAVE_VIS_H +#include +#endif +struct foo { int foo; } xx; +extern int strsvisx (struct foo*); +int +main () +{ +strsvisx(&xx) + ; + return 0; +} _ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "ac_cv_func_strsvisx_noproto=yes" +else + eval "ac_cv_func_strsvisx_noproto=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_strsvisx_noproto" >&5 +$as_echo "$ac_cv_func_strsvisx_noproto" >&6; } +if test "$ac_cv_func_strsvisx_noproto" = yes; then + +$as_echo "#define NEED_STRSVISX_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_strunvis+set" != set -o "$ac_cv_func_strunvis" = yes; then -{ echo "$as_me:$LINENO: checking if strunvis needs a prototype" >&5 -echo $ECHO_N "checking if strunvis needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strunvis_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if strunvis needs a prototype" >&5 +$as_echo_n "checking if strunvis needs a prototype... " >&6; } +if test "${ac_cv_func_strunvis_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_VIS_H #include @@ -37966,55 +20558,29 @@ strunvis(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_strunvis_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strunvis_noproto=no" + eval "ac_cv_func_strunvis_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strunvis_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strunvis_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_strunvis_noproto" >&5 +$as_echo "$ac_cv_func_strunvis_noproto" >&6; } if test "$ac_cv_func_strunvis_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_STRUNVIS_PROTO 1 -_ACEOF +$as_echo "#define NEED_STRUNVIS_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_strvis+set" != set -o "$ac_cv_func_strvis" = yes; then -{ echo "$as_me:$LINENO: checking if strvis needs a prototype" >&5 -echo $ECHO_N "checking if strvis needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strvis_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if strvis needs a prototype" >&5 +$as_echo_n "checking if strvis needs a prototype... " >&6; } +if test "${ac_cv_func_strvis_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_VIS_H #include @@ -38029,55 +20595,29 @@ strvis(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_strvis_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strvis_noproto=no" + eval "ac_cv_func_strvis_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strvis_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strvis_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_strvis_noproto" >&5 +$as_echo "$ac_cv_func_strvis_noproto" >&6; } if test "$ac_cv_func_strvis_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_STRVIS_PROTO 1 -_ACEOF +$as_echo "#define NEED_STRVIS_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_strvisx+set" != set -o "$ac_cv_func_strvisx" = yes; then -{ echo "$as_me:$LINENO: checking if strvisx needs a prototype" >&5 -echo $ECHO_N "checking if strvisx needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strvisx_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if strvisx needs a prototype" >&5 +$as_echo_n "checking if strvisx needs a prototype... " >&6; } +if test "${ac_cv_func_strvisx_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_VIS_H #include @@ -38092,55 +20632,29 @@ strvisx(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_strvisx_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strvisx_noproto=no" + eval "ac_cv_func_strvisx_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strvisx_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strvisx_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_strvisx_noproto" >&5 +$as_echo "$ac_cv_func_strvisx_noproto" >&6; } if test "$ac_cv_func_strvisx_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_STRVISX_PROTO 1 -_ACEOF +$as_echo "#define NEED_STRVISX_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_svis+set" != set -o "$ac_cv_func_svis" = yes; then -{ echo "$as_me:$LINENO: checking if svis needs a prototype" >&5 -echo $ECHO_N "checking if svis needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_svis_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if svis needs a prototype" >&5 +$as_echo_n "checking if svis needs a prototype... " >&6; } +if test "${ac_cv_func_svis_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_VIS_H #include @@ -38155,55 +20669,29 @@ svis(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_svis_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_svis_noproto=no" + eval "ac_cv_func_svis_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_svis_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_svis_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_svis_noproto" >&5 +$as_echo "$ac_cv_func_svis_noproto" >&6; } if test "$ac_cv_func_svis_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_SVIS_PROTO 1 -_ACEOF +$as_echo "#define NEED_SVIS_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_unvis+set" != set -o "$ac_cv_func_unvis" = yes; then -{ echo "$as_me:$LINENO: checking if unvis needs a prototype" >&5 -echo $ECHO_N "checking if unvis needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_unvis_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if unvis needs a prototype" >&5 +$as_echo_n "checking if unvis needs a prototype... " >&6; } +if test "${ac_cv_func_unvis_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_VIS_H #include @@ -38218,55 +20706,29 @@ unvis(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_unvis_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_unvis_noproto=no" + eval "ac_cv_func_unvis_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_unvis_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_unvis_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_unvis_noproto" >&5 +$as_echo "$ac_cv_func_unvis_noproto" >&6; } if test "$ac_cv_func_unvis_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_UNVIS_PROTO 1 -_ACEOF +$as_echo "#define NEED_UNVIS_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_vis+set" != set -o "$ac_cv_func_vis" = yes; then -{ echo "$as_me:$LINENO: checking if vis needs a prototype" >&5 -echo $ECHO_N "checking if vis needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_vis_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if vis needs a prototype" >&5 +$as_echo_n "checking if vis needs a prototype... " >&6; } +if test "${ac_cv_func_vis_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_VIS_H #include @@ -38281,55 +20743,106 @@ vis(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_vis_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_vis_noproto=no" + eval "ac_cv_func_vis_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vis_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_vis_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_vis_noproto" >&5 +$as_echo "$ac_cv_func_vis_noproto" >&6; } if test "$ac_cv_func_vis_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_VIS_PROTO 1 +$as_echo "#define NEED_VIS_PROTO 1" >>confdefs.h + +fi +fi + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking checking for dirfd" >&5 +$as_echo_n "checking checking for dirfd... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#ifdef HAVE_DIRENT_H +#include +#endif + +int +main () +{ +DIR *d = 0; dirfd(d); + ; + return 0; +} _ACEOF - -fi -fi - - -{ echo "$as_me:$LINENO: checking for inet_aton" >&5 -echo $ECHO_N "checking for inet_aton... $ECHO_C" >&6; } -if test "${ac_cv_func_inet_aton+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if ac_fn_c_try_link "$LINENO"; then : + ac_rk_have_dirfd=yes else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ + ac_rk_have_dirfd=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +if test "$ac_rk_have_dirfd" = "yes" ; then + +cat >>confdefs.h <<_ACEOF +#define HAVE_DIRFD 1 _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_rk_have_dirfd" >&5 +$as_echo "$ac_rk_have_dirfd" >&6; } + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dd_fd in DIR" >&5 +$as_echo_n "checking for dd_fd in DIR... " >&6; } +if test "${ac_cv_type_dir_dd_fd+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#ifdef HAVE_DIRENT_H +#include +#endif +int +main () +{ +DIR x; memset(&x, 0, sizeof(x)); x.dd_fd + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_type_dir_dd_fd=yes +else + ac_cv_type_dir_dd_fd=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_dir_dd_fd" >&5 +$as_echo "$ac_cv_type_dir_dd_fd" >&6; } +if test "$ac_cv_type_dir_dd_fd" = yes; then + + +$as_echo "#define HAVE_DIR_DD_FD 1" >>confdefs.h + + +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inet_aton" >&5 +$as_echo_n "checking for inet_aton... " >&6; } +if test "${ac_cv_func_inet_aton+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H #include @@ -38360,34 +20873,13 @@ inet_aton(0,0); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "ac_cv_func_inet_aton=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_inet_aton=no" + eval "ac_cv_func_inet_aton=no" fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi if eval "test \"\${ac_cv_func_inet_aton}\" = yes"; then @@ -38396,11 +20888,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_INET_ATON 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } case " $LIBOBJS " in *" inet_aton.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS inet_aton.$ac_objext" @@ -38409,16 +20901,12 @@ esac fi -{ echo "$as_me:$LINENO: checking for inet_ntop" >&5 -echo $ECHO_N "checking for inet_ntop... $ECHO_C" >&6; } -if test "${ac_cv_func_inet_ntop+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inet_ntop" >&5 +$as_echo_n "checking for inet_ntop... " >&6; } +if test "${ac_cv_func_inet_ntop+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H #include @@ -38449,34 +20937,13 @@ inet_ntop(0, 0, 0, 0); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "ac_cv_func_inet_ntop=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_inet_ntop=no" + eval "ac_cv_func_inet_ntop=no" fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi if eval "test \"\${ac_cv_func_inet_ntop}\" = yes"; then @@ -38485,11 +20952,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_INET_NTOP 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } case " $LIBOBJS " in *" inet_ntop.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS inet_ntop.$ac_objext" @@ -38498,16 +20965,12 @@ esac fi -{ echo "$as_me:$LINENO: checking for inet_pton" >&5 -echo $ECHO_N "checking for inet_pton... $ECHO_C" >&6; } -if test "${ac_cv_func_inet_pton+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inet_pton" >&5 +$as_echo_n "checking for inet_pton... " >&6; } +if test "${ac_cv_func_inet_pton+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H #include @@ -38538,34 +21001,13 @@ inet_pton(0,0,0); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "ac_cv_func_inet_pton=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_inet_pton=no" + eval "ac_cv_func_inet_pton=no" fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi if eval "test \"\${ac_cv_func_inet_pton}\" = yes"; then @@ -38574,11 +21016,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_INET_PTON 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } case " $LIBOBJS " in *" inet_pton.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS inet_pton.$ac_objext" @@ -38589,17 +21031,13 @@ fi -{ echo "$as_me:$LINENO: checking for sa_len in struct sockaddr" >&5 -echo $ECHO_N "checking for sa_len in struct sockaddr... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_sockaddr_sa_len+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sa_len in struct sockaddr" >&5 +$as_echo_n "checking for sa_len in struct sockaddr... " >&6; } +if test "${ac_cv_type_struct_sockaddr_sa_len+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -38611,42 +21049,20 @@ struct sockaddr x; memset(&x, 0, sizeof(x)); x.sa_len return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_struct_sockaddr_sa_len=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_sockaddr_sa_len=no + ac_cv_type_struct_sockaddr_sa_len=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_sockaddr_sa_len" >&5 -echo "${ECHO_T}$ac_cv_type_struct_sockaddr_sa_len" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_sockaddr_sa_len" >&5 +$as_echo "$ac_cv_type_struct_sockaddr_sa_len" >&6; } if test "$ac_cv_type_struct_sockaddr_sa_len" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_SOCKADDR_SA_LEN 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_SOCKADDR_SA_LEN 1" >>confdefs.h fi @@ -38655,23 +21071,15 @@ fi if test "$ac_cv_func_getaddrinfo" = "yes"; then -{ echo "$as_me:$LINENO: checking if getaddrinfo handles numeric services" >&5 -echo $ECHO_N "checking if getaddrinfo handles numeric services... $ECHO_C" >&6; } -if test "${ac_cv_func_getaddrinfo_numserv+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if getaddrinfo handles numeric services" >&5 +$as_echo_n "checking if getaddrinfo handles numeric services... " >&6; } +if test "${ac_cv_func_getaddrinfo_numserv+set}" = set; then : + $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then - { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot run test program while cross compiling -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } + if test "$cross_compiling" = yes; then : + ac_cv_func_getaddrinfo_numserv=yes else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -38694,42 +21102,18 @@ main(int argc, char **argv) } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : ac_cv_func_getaddrinfo_numserv=yes else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_getaddrinfo_numserv=no + ac_cv_func_getaddrinfo_numserv=no fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getaddrinfo_numserv" >&5 -echo "${ECHO_T}$ac_cv_func_getaddrinfo_numserv" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_getaddrinfo_numserv" >&5 +$as_echo "$ac_cv_func_getaddrinfo_numserv" >&6; } if test "$ac_cv_func_getaddrinfo_numserv" = no; then case " $LIBOBJS " in *" getaddrinfo.$ac_objext "* ) ;; @@ -38748,16 +21132,12 @@ fi if test "$ac_cv_func_setenv+set" != set -o "$ac_cv_func_setenv" = yes; then -{ echo "$as_me:$LINENO: checking if setenv needs a prototype" >&5 -echo $ECHO_N "checking if setenv needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_setenv_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if setenv needs a prototype" >&5 +$as_echo_n "checking if setenv needs a prototype... " >&6; } +if test "${ac_cv_func_setenv_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include struct foo { int foo; } xx; @@ -38770,56 +21150,30 @@ setenv(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_setenv_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_setenv_noproto=no" + eval "ac_cv_func_setenv_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_setenv_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_setenv_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_setenv_noproto" >&5 +$as_echo "$ac_cv_func_setenv_noproto" >&6; } if test "$ac_cv_func_setenv_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_SETENV_PROTO 1 -_ACEOF +$as_echo "#define NEED_SETENV_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_unsetenv+set" != set -o "$ac_cv_func_unsetenv" = yes; then -{ echo "$as_me:$LINENO: checking if unsetenv needs a prototype" >&5 -echo $ECHO_N "checking if unsetenv needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_unsetenv_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if unsetenv needs a prototype" >&5 +$as_echo_n "checking if unsetenv needs a prototype... " >&6; } +if test "${ac_cv_func_unsetenv_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include struct foo { int foo; } xx; @@ -38832,56 +21186,30 @@ unsetenv(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_unsetenv_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_unsetenv_noproto=no" + eval "ac_cv_func_unsetenv_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_unsetenv_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_unsetenv_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_unsetenv_noproto" >&5 +$as_echo "$ac_cv_func_unsetenv_noproto" >&6; } if test "$ac_cv_func_unsetenv_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_UNSETENV_PROTO 1 -_ACEOF +$as_echo "#define NEED_UNSETENV_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_gethostname+set" != set -o "$ac_cv_func_gethostname" = yes; then -{ echo "$as_me:$LINENO: checking if gethostname needs a prototype" >&5 -echo $ECHO_N "checking if gethostname needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_gethostname_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if gethostname needs a prototype" >&5 +$as_echo_n "checking if gethostname needs a prototype... " >&6; } +if test "${ac_cv_func_gethostname_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include struct foo { int foo; } xx; @@ -38894,56 +21222,30 @@ gethostname(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_gethostname_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_gethostname_noproto=no" + eval "ac_cv_func_gethostname_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_gethostname_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_gethostname_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_gethostname_noproto" >&5 +$as_echo "$ac_cv_func_gethostname_noproto" >&6; } if test "$ac_cv_func_gethostname_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_GETHOSTNAME_PROTO 1 -_ACEOF +$as_echo "#define NEED_GETHOSTNAME_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_mkstemp+set" != set -o "$ac_cv_func_mkstemp" = yes; then -{ echo "$as_me:$LINENO: checking if mkstemp needs a prototype" >&5 -echo $ECHO_N "checking if mkstemp needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_mkstemp_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if mkstemp needs a prototype" >&5 +$as_echo_n "checking if mkstemp needs a prototype... " >&6; } +if test "${ac_cv_func_mkstemp_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include struct foo { int foo; } xx; @@ -38956,56 +21258,30 @@ mkstemp(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_mkstemp_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_mkstemp_noproto=no" + eval "ac_cv_func_mkstemp_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_mkstemp_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_mkstemp_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_mkstemp_noproto" >&5 +$as_echo "$ac_cv_func_mkstemp_noproto" >&6; } if test "$ac_cv_func_mkstemp_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_MKSTEMP_PROTO 1 -_ACEOF +$as_echo "#define NEED_MKSTEMP_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_getusershell+set" != set -o "$ac_cv_func_getusershell" = yes; then -{ echo "$as_me:$LINENO: checking if getusershell needs a prototype" >&5 -echo $ECHO_N "checking if getusershell needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_getusershell_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if getusershell needs a prototype" >&5 +$as_echo_n "checking if getusershell needs a prototype... " >&6; } +if test "${ac_cv_func_getusershell_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include struct foo { int foo; } xx; @@ -39018,56 +21294,30 @@ getusershell(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_getusershell_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_getusershell_noproto=no" + eval "ac_cv_func_getusershell_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getusershell_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_getusershell_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_getusershell_noproto" >&5 +$as_echo "$ac_cv_func_getusershell_noproto" >&6; } if test "$ac_cv_func_getusershell_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_GETUSERSHELL_PROTO 1 -_ACEOF +$as_echo "#define NEED_GETUSERSHELL_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_daemon+set" != set -o "$ac_cv_func_daemon" = yes; then -{ echo "$as_me:$LINENO: checking if daemon needs a prototype" >&5 -echo $ECHO_N "checking if daemon needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_daemon_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if daemon needs a prototype" >&5 +$as_echo_n "checking if daemon needs a prototype... " >&6; } +if test "${ac_cv_func_daemon_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include struct foo { int foo; } xx; @@ -39080,56 +21330,30 @@ daemon(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_daemon_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_daemon_noproto=no" + eval "ac_cv_func_daemon_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_daemon_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_daemon_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_daemon_noproto" >&5 +$as_echo "$ac_cv_func_daemon_noproto" >&6; } if test "$ac_cv_func_daemon_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_DAEMON_PROTO 1 -_ACEOF +$as_echo "#define NEED_DAEMON_PROTO 1" >>confdefs.h fi fi if test "$ac_cv_func_iruserok+set" != set -o "$ac_cv_func_iruserok" = yes; then -{ echo "$as_me:$LINENO: checking if iruserok needs a prototype" >&5 -echo $ECHO_N "checking if iruserok needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_iruserok_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if iruserok needs a prototype" >&5 +$as_echo_n "checking if iruserok needs a prototype... " >&6; } +if test "${ac_cv_func_iruserok_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H @@ -39160,40 +21384,18 @@ iruserok(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_iruserok_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_iruserok_noproto=no" + eval "ac_cv_func_iruserok_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_iruserok_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_iruserok_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_iruserok_noproto" >&5 +$as_echo "$ac_cv_func_iruserok_noproto" >&6; } if test "$ac_cv_func_iruserok_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_IRUSEROK_PROTO 1 -_ACEOF +$as_echo "#define NEED_IRUSEROK_PROTO 1" >>confdefs.h fi fi @@ -39201,16 +21403,12 @@ fi if test "$ac_cv_func_inet_aton+set" != set -o "$ac_cv_func_inet_aton" = yes; then -{ echo "$as_me:$LINENO: checking if inet_aton needs a prototype" >&5 -echo $ECHO_N "checking if inet_aton needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_inet_aton_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if inet_aton needs a prototype" >&5 +$as_echo_n "checking if inet_aton needs a prototype... " >&6; } +if test "${ac_cv_func_inet_aton_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H @@ -39235,40 +21433,18 @@ inet_aton(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_inet_aton_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_inet_aton_noproto=no" + eval "ac_cv_func_inet_aton_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_inet_aton_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_inet_aton_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_inet_aton_noproto" >&5 +$as_echo "$ac_cv_func_inet_aton_noproto" >&6; } if test "$ac_cv_func_inet_aton_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_INET_ATON_PROTO 1 -_ACEOF +$as_echo "#define NEED_INET_ATON_PROTO 1" >>confdefs.h fi fi @@ -39277,10 +21453,10 @@ fi -{ echo "$as_me:$LINENO: checking for crypt" >&5 -echo $ECHO_N "checking for crypt... $ECHO_C" >&6; } -if test "${ac_cv_funclib_crypt+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for crypt" >&5 +$as_echo_n "checking for crypt... " >&6; } +if test "${ac_cv_funclib_crypt+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_crypt\" != yes" ; then @@ -39294,11 +21470,7 @@ if eval "test \"\$ac_cv_func_crypt\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -39309,34 +21481,11 @@ crypt() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_crypt=$ac_lib; else ac_cv_funclib_crypt=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_crypt=\${ac_cv_funclib_crypt-no}" LIBS="$ac_save_LIBS" @@ -39348,95 +21497,12 @@ fi eval "ac_res=\$ac_cv_funclib_crypt" if false; then - -for ac_func in crypt -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in crypt +do : + ac_fn_c_check_func "$LINENO" "crypt" "ac_cv_func_crypt" +if test "x$ac_cv_func_crypt" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_CRYPT 1 _ACEOF fi @@ -39456,14 +21522,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_crypt=no" eval "LIB_crypt=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_crypt=yes" @@ -39476,8 +21542,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -39486,16 +21552,61 @@ esac -{ echo "$as_me:$LINENO: checking if gethostbyname is compatible with system prototype" >&5 -echo $ECHO_N "checking if gethostbyname is compatible with system prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_gethostbyname_proto_compat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if strerror_r is compatible with system prototype" >&5 +$as_echo_n "checking if strerror_r is compatible with system prototype... " >&6; } +if test "${ac_cv_func_strerror_r_proto_compat+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main () +{ +int strerror_r(int, char *, size_t) + ; + return 0; +} _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "ac_cv_func_strerror_r_proto_compat=yes" +else + eval "ac_cv_func_strerror_r_proto_compat=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_strerror_r_proto_compat" >&5 +$as_echo "$ac_cv_func_strerror_r_proto_compat" >&6; } + +if test "$ac_cv_func_strerror_r_proto_compat" = yes; then + +$as_echo "#define STRERROR_R_PROTO_COMPATIBLE 1" >>confdefs.h + +fi + + + +ac_fn_c_check_func "$LINENO" "strerror_r" "ac_cv_func_strerror_r" +if test "x$ac_cv_func_strerror_r" = x""yes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_STRERROR_R 1 +_ACEOF + +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if gethostbyname is compatible with system prototype" >&5 +$as_echo_n "checking if gethostbyname is compatible with system prototype... " >&6; } +if test "${ac_cv_func_gethostbyname_proto_compat+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H @@ -39522,57 +21633,31 @@ struct hostent *gethostbyname(const char *) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_gethostbyname_proto_compat=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_gethostbyname_proto_compat=no" + eval "ac_cv_func_gethostbyname_proto_compat=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_gethostbyname_proto_compat" >&5 -echo "${ECHO_T}$ac_cv_func_gethostbyname_proto_compat" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_gethostbyname_proto_compat" >&5 +$as_echo "$ac_cv_func_gethostbyname_proto_compat" >&6; } if test "$ac_cv_func_gethostbyname_proto_compat" = yes; then -cat >>confdefs.h <<\_ACEOF -#define GETHOSTBYNAME_PROTO_COMPATIBLE 1 -_ACEOF +$as_echo "#define GETHOSTBYNAME_PROTO_COMPATIBLE 1" >>confdefs.h fi -{ echo "$as_me:$LINENO: checking if gethostbyaddr is compatible with system prototype" >&5 -echo $ECHO_N "checking if gethostbyaddr is compatible with system prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_gethostbyaddr_proto_compat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if gethostbyaddr is compatible with system prototype" >&5 +$as_echo_n "checking if gethostbyaddr is compatible with system prototype... " >&6; } +if test "${ac_cv_func_gethostbyaddr_proto_compat+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H @@ -39599,57 +21684,31 @@ struct hostent *gethostbyaddr(const void *, size_t, int) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_gethostbyaddr_proto_compat=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_gethostbyaddr_proto_compat=no" + eval "ac_cv_func_gethostbyaddr_proto_compat=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_gethostbyaddr_proto_compat" >&5 -echo "${ECHO_T}$ac_cv_func_gethostbyaddr_proto_compat" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_gethostbyaddr_proto_compat" >&5 +$as_echo "$ac_cv_func_gethostbyaddr_proto_compat" >&6; } if test "$ac_cv_func_gethostbyaddr_proto_compat" = yes; then -cat >>confdefs.h <<\_ACEOF -#define GETHOSTBYADDR_PROTO_COMPATIBLE 1 -_ACEOF +$as_echo "#define GETHOSTBYADDR_PROTO_COMPATIBLE 1" >>confdefs.h fi -{ echo "$as_me:$LINENO: checking if getservbyname is compatible with system prototype" >&5 -echo $ECHO_N "checking if getservbyname is compatible with system prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_getservbyname_proto_compat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if getservbyname is compatible with system prototype" >&5 +$as_echo_n "checking if getservbyname is compatible with system prototype... " >&6; } +if test "${ac_cv_func_getservbyname_proto_compat+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H @@ -39676,57 +21735,31 @@ struct servent *getservbyname(const char *, const char *) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_getservbyname_proto_compat=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_getservbyname_proto_compat=no" + eval "ac_cv_func_getservbyname_proto_compat=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getservbyname_proto_compat" >&5 -echo "${ECHO_T}$ac_cv_func_getservbyname_proto_compat" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_getservbyname_proto_compat" >&5 +$as_echo "$ac_cv_func_getservbyname_proto_compat" >&6; } if test "$ac_cv_func_getservbyname_proto_compat" = yes; then -cat >>confdefs.h <<\_ACEOF -#define GETSERVBYNAME_PROTO_COMPATIBLE 1 -_ACEOF +$as_echo "#define GETSERVBYNAME_PROTO_COMPATIBLE 1" >>confdefs.h fi -{ echo "$as_me:$LINENO: checking if getsockname is compatible with system prototype" >&5 -echo $ECHO_N "checking if getsockname is compatible with system prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_getsockname_proto_compat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if getsockname is compatible with system prototype" >&5 +$as_echo_n "checking if getsockname is compatible with system prototype... " >&6; } +if test "${ac_cv_func_getsockname_proto_compat+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H @@ -39744,57 +21777,31 @@ int getsockname(int, struct sockaddr*, socklen_t*) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_getsockname_proto_compat=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_getsockname_proto_compat=no" + eval "ac_cv_func_getsockname_proto_compat=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getsockname_proto_compat" >&5 -echo "${ECHO_T}$ac_cv_func_getsockname_proto_compat" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_getsockname_proto_compat" >&5 +$as_echo "$ac_cv_func_getsockname_proto_compat" >&6; } if test "$ac_cv_func_getsockname_proto_compat" = yes; then -cat >>confdefs.h <<\_ACEOF -#define GETSOCKNAME_PROTO_COMPATIBLE 1 -_ACEOF +$as_echo "#define GETSOCKNAME_PROTO_COMPATIBLE 1" >>confdefs.h fi -{ echo "$as_me:$LINENO: checking if openlog is compatible with system prototype" >&5 -echo $ECHO_N "checking if openlog is compatible with system prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_openlog_proto_compat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if openlog is compatible with system prototype" >&5 +$as_echo_n "checking if openlog is compatible with system prototype... " >&6; } +if test "${ac_cv_func_openlog_proto_compat+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYSLOG_H @@ -39809,41 +21816,19 @@ void openlog(const char *, int, int) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_openlog_proto_compat=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_openlog_proto_compat=no" + eval "ac_cv_func_openlog_proto_compat=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_openlog_proto_compat" >&5 -echo "${ECHO_T}$ac_cv_func_openlog_proto_compat" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_openlog_proto_compat" >&5 +$as_echo "$ac_cv_func_openlog_proto_compat" >&6; } if test "$ac_cv_func_openlog_proto_compat" = yes; then -cat >>confdefs.h <<\_ACEOF -#define OPENLOG_PROTO_COMPATIBLE 1 -_ACEOF +$as_echo "#define OPENLOG_PROTO_COMPATIBLE 1" >>confdefs.h fi @@ -39851,16 +21836,12 @@ fi if test "$ac_cv_func_crypt+set" != set -o "$ac_cv_func_crypt" = yes; then -{ echo "$as_me:$LINENO: checking if crypt needs a prototype" >&5 -echo $ECHO_N "checking if crypt needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_crypt_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if crypt needs a prototype" >&5 +$as_echo_n "checking if crypt needs a prototype... " >&6; } +if test "${ac_cv_func_crypt_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_CRYPT_H @@ -39880,40 +21861,18 @@ crypt(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_crypt_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_crypt_noproto=no" + eval "ac_cv_func_crypt_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_crypt_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_crypt_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_crypt_noproto" >&5 +$as_echo "$ac_cv_func_crypt_noproto" >&6; } if test "$ac_cv_func_crypt_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_CRYPT_PROTO 1 -_ACEOF +$as_echo "#define NEED_CRYPT_PROTO 1" >>confdefs.h fi fi @@ -39921,18 +21880,14 @@ fi -{ echo "$as_me:$LINENO: checking for h_errno" >&5 -echo $ECHO_N "checking for h_errno... $ECHO_C" >&6; } -if test "${ac_cv_var_h_errno+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for h_errno" >&5 +$as_echo_n "checking for h_errno... " >&6; } +if test "${ac_cv_var_h_errno+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_SYS_TYPES_H #include @@ -39940,6 +21895,10 @@ cat >>conftest.$ac_ext <<_ACEOF #ifdef HAVE_NETDB_H #include #endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif + void * foo(void) { return &h_errno; } int main () @@ -39949,41 +21908,26 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var_h_errno=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_h_errno=no + ac_cv_var_h_errno=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext if test "$ac_cv_var_h_errno" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_NETDB_H +#include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif + extern int h_errno; int foo(void) { return h_errno; } int @@ -39994,140 +21938,65 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var_h_errno=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_h_errno=no + ac_cv_var_h_errno=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi fi ac_foo=`eval echo \\$ac_cv_var_h_errno` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_H_ERRNO 1 _ACEOF - { echo "$as_me:$LINENO: checking whether h_errno is declared" >&5 -echo $ECHO_N "checking whether h_errno is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_h_errno+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_SYS_TYPES_H + ac_fn_c_check_decl "$LINENO" "h_errno" "ac_cv_have_decl_h_errno" "#ifdef HAVE_SYS_TYPES_H #include #endif #ifdef HAVE_NETDB_H #include #endif - -int -main () -{ -#ifndef h_errno - (void) h_errno; +#ifdef HAVE_WS2TCPIP_H +#include #endif - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_h_errno=yes +" +if test "x$ac_cv_have_decl_h_errno" = x""yes; then : + ac_have_decl=1 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_h_errno=no + ac_have_decl=0 fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_h_errno" >&5 -echo "${ECHO_T}$ac_cv_have_decl_h_errno" >&6; } -if test $ac_cv_have_decl_h_errno = yes; then - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_ERRNO 1 +#define HAVE_DECL_H_ERRNO $ac_have_decl _ACEOF - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_ERRNO 0 -_ACEOF - - -fi - - fi -{ echo "$as_me:$LINENO: checking for h_errlist" >&5 -echo $ECHO_N "checking for h_errlist... $ECHO_C" >&6; } -if test "${ac_cv_var_h_errlist+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for h_errlist" >&5 +$as_echo_n "checking for h_errlist... " >&6; } +if test "${ac_cv_var_h_errlist+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_NETDB_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include #endif void * foo(void) { return &h_errlist; } int @@ -40138,41 +22007,22 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var_h_errlist=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_h_errlist=no + ac_cv_var_h_errlist=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext if test "$ac_cv_var_h_errlist" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#ifdef HAVE_NETDB_H +#include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif extern int h_errlist; int foo(void) { return h_errlist; } int @@ -40183,137 +22033,61 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var_h_errlist=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_h_errlist=no + ac_cv_var_h_errlist=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi fi ac_foo=`eval echo \\$ac_cv_var_h_errlist` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_H_ERRLIST 1 _ACEOF - { echo "$as_me:$LINENO: checking whether h_errlist is declared" >&5 -echo $ECHO_N "checking whether h_errlist is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_h_errlist+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_NETDB_H + ac_fn_c_check_decl "$LINENO" "h_errlist" "ac_cv_have_decl_h_errlist" "#ifdef HAVE_NETDB_H #include #endif - -int -main () -{ -#ifndef h_errlist - (void) h_errlist; +#ifdef HAVE_WS2TCPIP_H +#include #endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_h_errlist=yes +" +if test "x$ac_cv_have_decl_h_errlist" = x""yes; then : + ac_have_decl=1 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_h_errlist=no + ac_have_decl=0 fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_h_errlist" >&5 -echo "${ECHO_T}$ac_cv_have_decl_h_errlist" >&6; } -if test $ac_cv_have_decl_h_errlist = yes; then - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_ERRLIST 1 +#define HAVE_DECL_H_ERRLIST $ac_have_decl _ACEOF - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_ERRLIST 0 -_ACEOF - - -fi - - fi -{ echo "$as_me:$LINENO: checking for h_nerr" >&5 -echo $ECHO_N "checking for h_nerr... $ECHO_C" >&6; } -if test "${ac_cv_var_h_nerr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for h_nerr" >&5 +$as_echo_n "checking for h_nerr... " >&6; } +if test "${ac_cv_var_h_nerr+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_NETDB_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include #endif void * foo(void) { return &h_nerr; } int @@ -40324,41 +22098,22 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var_h_nerr=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_h_nerr=no + ac_cv_var_h_nerr=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext if test "$ac_cv_var_h_nerr" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#ifdef HAVE_NETDB_H +#include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif extern int h_nerr; int foo(void) { return h_nerr; } int @@ -40369,134 +22124,55 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var_h_nerr=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_h_nerr=no + ac_cv_var_h_nerr=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi fi ac_foo=`eval echo \\$ac_cv_var_h_nerr` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_H_NERR 1 _ACEOF - { echo "$as_me:$LINENO: checking whether h_nerr is declared" >&5 -echo $ECHO_N "checking whether h_nerr is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_h_nerr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_NETDB_H + ac_fn_c_check_decl "$LINENO" "h_nerr" "ac_cv_have_decl_h_nerr" "#ifdef HAVE_NETDB_H #include #endif - -int -main () -{ -#ifndef h_nerr - (void) h_nerr; +#ifdef HAVE_WS2TCPIP_H +#include #endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_h_nerr=yes +" +if test "x$ac_cv_have_decl_h_nerr" = x""yes; then : + ac_have_decl=1 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_h_nerr=no + ac_have_decl=0 fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_h_nerr" >&5 -echo "${ECHO_T}$ac_cv_have_decl_h_nerr" >&6; } -if test $ac_cv_have_decl_h_nerr = yes; then - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_NERR 1 +#define HAVE_DECL_H_NERR $ac_have_decl _ACEOF - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_NERR 0 -_ACEOF - - -fi - - fi -{ echo "$as_me:$LINENO: checking for __progname" >&5 -echo $ECHO_N "checking for __progname... $ECHO_C" >&6; } -if test "${ac_cv_var___progname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for __progname" >&5 +$as_echo_n "checking for __progname... " >&6; } +if test "${ac_cv_var___progname+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_ERR_H #include @@ -40510,41 +22186,19 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var___progname=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var___progname=no + ac_cv_var___progname=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext if test "$ac_cv_var___progname" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#ifdef HAVE_ERR_H +#include +#endif extern int __progname; int foo(void) { return __progname; } int @@ -40555,488 +22209,130 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var___progname=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var___progname=no + ac_cv_var___progname=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi fi ac_foo=`eval echo \\$ac_cv_var___progname` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then cat >>confdefs.h <<_ACEOF #define HAVE___PROGNAME 1 _ACEOF - { echo "$as_me:$LINENO: checking whether __progname is declared" >&5 -echo $ECHO_N "checking whether __progname is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl___progname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_ERR_H + ac_fn_c_check_decl "$LINENO" "__progname" "ac_cv_have_decl___progname" "#ifdef HAVE_ERR_H #include #endif - -int -main () -{ -#ifndef __progname - (void) __progname; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl___progname=yes +" +if test "x$ac_cv_have_decl___progname" = x""yes; then : + ac_have_decl=1 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl___progname=no + ac_have_decl=0 fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl___progname" >&5 -echo "${ECHO_T}$ac_cv_have_decl___progname" >&6; } -if test $ac_cv_have_decl___progname = yes; then - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL___PROGNAME 1 +#define HAVE_DECL___PROGNAME $ac_have_decl _ACEOF - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL___PROGNAME 0 -_ACEOF - - fi -fi - - -{ echo "$as_me:$LINENO: checking whether optarg is declared" >&5 -echo $ECHO_N "checking whether optarg is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_optarg+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ -#ifndef optarg - (void) optarg; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_optarg=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_optarg=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_optarg" >&5 -echo "${ECHO_T}$ac_cv_have_decl_optarg" >&6; } -if test $ac_cv_have_decl_optarg = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTARG 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTARG 0 -_ACEOF - - +ac_fn_c_check_decl "$LINENO" "optarg" "ac_cv_have_decl_optarg" " #include #ifdef HAVE_UNISTD_H #include #endif -fi -{ echo "$as_me:$LINENO: checking whether optind is declared" >&5 -echo $ECHO_N "checking whether optind is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_optind+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +" +if test "x$ac_cv_have_decl_optarg" = x""yes; then : + ac_have_decl=1 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ -#ifndef optind - (void) optind; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_optind=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_optind=no + ac_have_decl=0 fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_optind" >&5 -echo "${ECHO_T}$ac_cv_have_decl_optind" >&6; } -if test $ac_cv_have_decl_optind = yes; then - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTIND 1 +#define HAVE_DECL_OPTARG $ac_have_decl _ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTIND 0 -_ACEOF - - +ac_fn_c_check_decl "$LINENO" "optind" "ac_cv_have_decl_optind" " #include #ifdef HAVE_UNISTD_H #include #endif -fi -{ echo "$as_me:$LINENO: checking whether opterr is declared" >&5 -echo $ECHO_N "checking whether opterr is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_opterr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +" +if test "x$ac_cv_have_decl_optind" = x""yes; then : + ac_have_decl=1 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ -#ifndef opterr - (void) opterr; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_opterr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_opterr=no + ac_have_decl=0 fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_opterr" >&5 -echo "${ECHO_T}$ac_cv_have_decl_opterr" >&6; } -if test $ac_cv_have_decl_opterr = yes; then - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTERR 1 +#define HAVE_DECL_OPTIND $ac_have_decl _ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTERR 0 -_ACEOF - - +ac_fn_c_check_decl "$LINENO" "opterr" "ac_cv_have_decl_opterr" " #include #ifdef HAVE_UNISTD_H #include #endif -fi -{ echo "$as_me:$LINENO: checking whether optopt is declared" >&5 -echo $ECHO_N "checking whether optopt is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_optopt+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +" +if test "x$ac_cv_have_decl_opterr" = x""yes; then : + ac_have_decl=1 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ -#ifndef optopt - (void) optopt; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_optopt=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_optopt=no + ac_have_decl=0 fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_optopt" >&5 -echo "${ECHO_T}$ac_cv_have_decl_optopt" >&6; } -if test $ac_cv_have_decl_optopt = yes; then - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTOPT 1 +#define HAVE_DECL_OPTERR $ac_have_decl _ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTOPT 0 -_ACEOF - - +ac_fn_c_check_decl "$LINENO" "optopt" "ac_cv_have_decl_optopt" " #include #ifdef HAVE_UNISTD_H #include #endif -fi -{ echo "$as_me:$LINENO: checking whether environ is declared" >&5 -echo $ECHO_N "checking whether environ is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_environ+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +" +if test "x$ac_cv_have_decl_optopt" = x""yes; then : + ac_have_decl=1 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ -#ifndef environ - (void) environ; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_environ=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_environ=no + ac_have_decl=0 fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_environ" >&5 -echo "${ECHO_T}$ac_cv_have_decl_environ" >&6; } -if test $ac_cv_have_decl_environ = yes; then - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_ENVIRON 1 +#define HAVE_DECL_OPTOPT $ac_have_decl _ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_ENVIRON 0 -_ACEOF - - +ac_fn_c_check_decl "$LINENO" "environ" "ac_cv_have_decl_environ" " #include #ifdef HAVE_UNISTD_H #include #endif +" +if test "x$ac_cv_have_decl_environ" = x""yes; then : + ac_have_decl=1 +else + ac_have_decl=0 fi +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_ENVIRON $ac_have_decl +_ACEOF -{ echo "$as_me:$LINENO: checking for tm_gmtoff in struct tm" >&5 -echo $ECHO_N "checking for tm_gmtoff in struct tm... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_tm_tm_gmtoff+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for tm_gmtoff in struct tm" >&5 +$as_echo_n "checking for tm_gmtoff in struct tm... " >&6; } +if test "${ac_cv_type_struct_tm_tm_gmtoff+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -41047,42 +22343,20 @@ struct tm x; memset(&x, 0, sizeof(x)); x.tm_gmtoff return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_struct_tm_tm_gmtoff=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_tm_tm_gmtoff=no + ac_cv_type_struct_tm_tm_gmtoff=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_tm_tm_gmtoff" >&5 -echo "${ECHO_T}$ac_cv_type_struct_tm_tm_gmtoff" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_tm_tm_gmtoff" >&5 +$as_echo "$ac_cv_type_struct_tm_tm_gmtoff" >&6; } if test "$ac_cv_type_struct_tm_tm_gmtoff" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_TM_TM_GMTOFF 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_TM_TM_GMTOFF 1" >>confdefs.h fi @@ -41090,17 +22364,13 @@ fi -{ echo "$as_me:$LINENO: checking for tm_zone in struct tm" >&5 -echo $ECHO_N "checking for tm_zone in struct tm... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_tm_tm_zone+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for tm_zone in struct tm" >&5 +$as_echo_n "checking for tm_zone in struct tm... " >&6; } +if test "${ac_cv_type_struct_tm_tm_zone+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -41111,42 +22381,20 @@ struct tm x; memset(&x, 0, sizeof(x)); x.tm_zone return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_struct_tm_tm_zone=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_tm_tm_zone=no + ac_cv_type_struct_tm_tm_zone=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_tm_tm_zone" >&5 -echo "${ECHO_T}$ac_cv_type_struct_tm_tm_zone" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_tm_tm_zone" >&5 +$as_echo "$ac_cv_type_struct_tm_tm_zone" >&6; } if test "$ac_cv_type_struct_tm_tm_zone" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_TM_TM_ZONE 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_TM_TM_ZONE 1" >>confdefs.h fi @@ -41155,18 +22403,14 @@ fi -{ echo "$as_me:$LINENO: checking for timezone" >&5 -echo $ECHO_N "checking for timezone... $ECHO_C" >&6; } -if test "${ac_cv_var_timezone+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for timezone" >&5 +$as_echo_n "checking for timezone... " >&6; } +if test "${ac_cv_var_timezone+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include void * foo(void) { return &timezone; } @@ -41178,41 +22422,17 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var_timezone=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_timezone=no + ac_cv_var_timezone=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext if test "$ac_cv_var_timezone" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#include extern int timezone; int foo(void) { return timezone; } int @@ -41223,131 +22443,49 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var_timezone=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_timezone=no + ac_cv_var_timezone=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi fi ac_foo=`eval echo \\$ac_cv_var_timezone` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_TIMEZONE 1 _ACEOF - { echo "$as_me:$LINENO: checking whether timezone is declared" >&5 -echo $ECHO_N "checking whether timezone is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_timezone+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + ac_fn_c_check_decl "$LINENO" "timezone" "ac_cv_have_decl_timezone" "#include +" +if test "x$ac_cv_have_decl_timezone" = x""yes; then : + ac_have_decl=1 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -int -main () -{ -#ifndef timezone - (void) timezone; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_timezone=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_timezone=no + ac_have_decl=0 fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_timezone" >&5 -echo "${ECHO_T}$ac_cv_have_decl_timezone" >&6; } -if test $ac_cv_have_decl_timezone = yes; then - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_TIMEZONE 1 +#define HAVE_DECL_TIMEZONE $ac_have_decl _ACEOF - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_TIMEZONE 0 -_ACEOF - - fi -fi - - -{ echo "$as_me:$LINENO: checking for altzone" >&5 -echo $ECHO_N "checking for altzone... $ECHO_C" >&6; } -if test "${ac_cv_var_altzone+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for altzone" >&5 +$as_echo_n "checking for altzone... " >&6; } +if test "${ac_cv_var_altzone+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include void * foo(void) { return &altzone; } @@ -41359,41 +22497,17 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var_altzone=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_altzone=no + ac_cv_var_altzone=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext if test "$ac_cv_var_altzone" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#include extern int altzone; int foo(void) { return altzone; } int @@ -41404,132 +22518,50 @@ foo() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_var_altzone=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_altzone=no + ac_cv_var_altzone=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi fi ac_foo=`eval echo \\$ac_cv_var_altzone` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_ALTZONE 1 _ACEOF - { echo "$as_me:$LINENO: checking whether altzone is declared" >&5 -echo $ECHO_N "checking whether altzone is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_altzone+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + ac_fn_c_check_decl "$LINENO" "altzone" "ac_cv_have_decl_altzone" "#include +" +if test "x$ac_cv_have_decl_altzone" = x""yes; then : + ac_have_decl=1 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -int -main () -{ -#ifndef altzone - (void) altzone; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_altzone=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_altzone=no + ac_have_decl=0 fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_altzone" >&5 -echo "${ECHO_T}$ac_cv_have_decl_altzone" >&6; } -if test $ac_cv_have_decl_altzone = yes; then - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_ALTZONE 1 +#define HAVE_DECL_ALTZONE $ac_have_decl _ACEOF - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_ALTZONE 0 -_ACEOF - - -fi - - fi cv=`echo "sa_family_t" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for sa_family_t" >&5 -echo $ECHO_N "checking for sa_family_t... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sa_family_t" >&5 +$as_echo_n "checking for sa_family_t... " >&6; } +if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -41539,7 +22571,12 @@ cat >>conftest.$ac_ext <<_ACEOF #endif #include +#ifdef HAVE_SYS_SOCKET_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif int main () { @@ -41548,93 +22585,21 @@ sa_family_t foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_type_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" + eval "ac_cv_type_$cv=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then ac_tr_hdr=HAVE_`echo sa_family_t | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` if false; then - { echo "$as_me:$LINENO: checking for sa_family_t" >&5 -echo $ECHO_N "checking for sa_family_t... $ECHO_C" >&6; } -if test "${ac_cv_type_sa_family_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef sa_family_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_sa_family_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_sa_family_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_sa_family_t" >&5 -echo "${ECHO_T}$ac_cv_type_sa_family_t" >&6; } -if test $ac_cv_type_sa_family_t = yes; then + ac_fn_c_check_type "$LINENO" "sa_family_t" "ac_cv_type_sa_family_t" "$ac_includes_default" +if test "x$ac_cv_type_sa_family_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SA_FAMILY_T 1 @@ -41654,16 +22619,12 @@ fi cv=`echo "socklen_t" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for socklen_t" >&5 -echo $ECHO_N "checking for socklen_t... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for socklen_t" >&5 +$as_echo_n "checking for socklen_t... " >&6; } +if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -41673,7 +22634,12 @@ cat >>conftest.$ac_ext <<_ACEOF #endif #include +#ifdef HAVE_SYS_SOCKET_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif int main () { @@ -41682,93 +22648,21 @@ socklen_t foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_type_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" + eval "ac_cv_type_$cv=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then ac_tr_hdr=HAVE_`echo socklen_t | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` if false; then - { echo "$as_me:$LINENO: checking for socklen_t" >&5 -echo $ECHO_N "checking for socklen_t... $ECHO_C" >&6; } -if test "${ac_cv_type_socklen_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef socklen_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_socklen_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_socklen_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_socklen_t" >&5 -echo "${ECHO_T}$ac_cv_type_socklen_t" >&6; } -if test $ac_cv_type_socklen_t = yes; then + ac_fn_c_check_type "$LINENO" "socklen_t" "ac_cv_type_socklen_t" "$ac_includes_default" +if test "x$ac_cv_type_socklen_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SOCKLEN_T 1 @@ -41788,16 +22682,12 @@ fi cv=`echo "struct sockaddr" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for struct sockaddr" >&5 -echo $ECHO_N "checking for struct sockaddr... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct sockaddr" >&5 +$as_echo_n "checking for struct sockaddr... " >&6; } +if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -41807,7 +22697,12 @@ cat >>conftest.$ac_ext <<_ACEOF #endif #include +#ifdef HAVE_SYS_SOCKET_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif int main () { @@ -41816,93 +22711,21 @@ struct sockaddr foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_type_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" + eval "ac_cv_type_$cv=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then ac_tr_hdr=HAVE_`echo struct sockaddr | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` if false; then - { echo "$as_me:$LINENO: checking for struct sockaddr" >&5 -echo $ECHO_N "checking for struct sockaddr... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_sockaddr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef struct sockaddr ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_sockaddr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_sockaddr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_sockaddr" >&5 -echo "${ECHO_T}$ac_cv_type_struct_sockaddr" >&6; } -if test $ac_cv_type_struct_sockaddr = yes; then + ac_fn_c_check_type "$LINENO" "struct sockaddr" "ac_cv_type_struct_sockaddr" "$ac_includes_default" +if test "x$ac_cv_type_struct_sockaddr" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_SOCKADDR 1 @@ -41922,16 +22745,12 @@ fi cv=`echo "struct sockaddr_storage" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for struct sockaddr_storage" >&5 -echo $ECHO_N "checking for struct sockaddr_storage... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct sockaddr_storage" >&5 +$as_echo_n "checking for struct sockaddr_storage... " >&6; } +if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -41941,7 +22760,12 @@ cat >>conftest.$ac_ext <<_ACEOF #endif #include +#ifdef HAVE_SYS_SOCKET_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif int main () { @@ -41950,93 +22774,21 @@ struct sockaddr_storage foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_type_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" + eval "ac_cv_type_$cv=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then ac_tr_hdr=HAVE_`echo struct sockaddr_storage | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` if false; then - { echo "$as_me:$LINENO: checking for struct sockaddr_storage" >&5 -echo $ECHO_N "checking for struct sockaddr_storage... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_sockaddr_storage+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef struct sockaddr_storage ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_sockaddr_storage=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_sockaddr_storage=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_sockaddr_storage" >&5 -echo "${ECHO_T}$ac_cv_type_struct_sockaddr_storage" >&6; } -if test $ac_cv_type_struct_sockaddr_storage = yes; then + ac_fn_c_check_type "$LINENO" "struct sockaddr_storage" "ac_cv_type_struct_sockaddr_storage" "$ac_includes_default" +if test "x$ac_cv_type_struct_sockaddr_storage" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_SOCKADDR_STORAGE 1 @@ -42056,16 +22808,12 @@ fi cv=`echo "struct addrinfo" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for struct addrinfo" >&5 -echo $ECHO_N "checking for struct addrinfo... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct addrinfo" >&5 +$as_echo_n "checking for struct addrinfo... " >&6; } +if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -42075,7 +22823,12 @@ cat >>conftest.$ac_ext <<_ACEOF #endif #include +#ifdef HAVE_NETDB_H #include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif int main () { @@ -42084,93 +22837,21 @@ struct addrinfo foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_type_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" + eval "ac_cv_type_$cv=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then ac_tr_hdr=HAVE_`echo struct addrinfo | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` if false; then - { echo "$as_me:$LINENO: checking for struct addrinfo" >&5 -echo $ECHO_N "checking for struct addrinfo... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_addrinfo+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef struct addrinfo ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_addrinfo=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_addrinfo=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_addrinfo" >&5 -echo "${ECHO_T}$ac_cv_type_struct_addrinfo" >&6; } -if test $ac_cv_type_struct_addrinfo = yes; then + ac_fn_c_check_type "$LINENO" "struct addrinfo" "ac_cv_type_struct_addrinfo" "$ac_includes_default" +if test "x$ac_cv_type_struct_addrinfo" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_ADDRINFO 1 @@ -42190,16 +22871,12 @@ fi cv=`echo "struct ifaddrs" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for struct ifaddrs" >&5 -echo $ECHO_N "checking for struct ifaddrs... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct ifaddrs" >&5 +$as_echo_n "checking for struct ifaddrs... " >&6; } +if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -42216,93 +22893,21 @@ struct ifaddrs foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_type_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" + eval "ac_cv_type_$cv=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then ac_tr_hdr=HAVE_`echo struct ifaddrs | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` if false; then - { echo "$as_me:$LINENO: checking for struct ifaddrs" >&5 -echo $ECHO_N "checking for struct ifaddrs... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_ifaddrs+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef struct ifaddrs ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_ifaddrs=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_ifaddrs=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_ifaddrs" >&5 -echo "${ECHO_T}$ac_cv_type_struct_ifaddrs" >&6; } -if test $ac_cv_type_struct_ifaddrs = yes; then + ac_fn_c_check_type "$LINENO" "struct ifaddrs" "ac_cv_type_struct_ifaddrs" "$ac_includes_default" +if test "x$ac_cv_type_struct_ifaddrs" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_IFADDRS 1 @@ -42322,16 +22927,12 @@ fi cv=`echo "struct iovec" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for struct iovec" >&5 -echo $ECHO_N "checking for struct iovec... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct iovec" >&5 +$as_echo_n "checking for struct iovec... " >&6; } +if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -42351,93 +22952,21 @@ struct iovec foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_type_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" + eval "ac_cv_type_$cv=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then ac_tr_hdr=HAVE_`echo struct iovec | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` if false; then - { echo "$as_me:$LINENO: checking for struct iovec" >&5 -echo $ECHO_N "checking for struct iovec... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_iovec+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef struct iovec ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_iovec=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_iovec=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_iovec" >&5 -echo "${ECHO_T}$ac_cv_type_struct_iovec" >&6; } -if test $ac_cv_type_struct_iovec = yes; then + ac_fn_c_check_type "$LINENO" "struct iovec" "ac_cv_type_struct_iovec" "$ac_includes_default" +if test "x$ac_cv_type_struct_iovec" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_IOVEC 1 @@ -42457,16 +22986,12 @@ fi cv=`echo "struct msghdr" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for struct msghdr" >&5 -echo $ECHO_N "checking for struct msghdr... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct msghdr" >&5 +$as_echo_n "checking for struct msghdr... " >&6; } +if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -42476,8 +23001,12 @@ cat >>conftest.$ac_ext <<_ACEOF #endif #include +#ifdef HAVE_SYS_SOCKET_H #include - +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif int main () { @@ -42486,93 +23015,21 @@ struct msghdr foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_type_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" + eval "ac_cv_type_$cv=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then ac_tr_hdr=HAVE_`echo struct msghdr | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` if false; then - { echo "$as_me:$LINENO: checking for struct msghdr" >&5 -echo $ECHO_N "checking for struct msghdr... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_msghdr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef struct msghdr ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_msghdr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_msghdr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_msghdr" >&5 -echo "${ECHO_T}$ac_cv_type_struct_msghdr" >&6; } -if test $ac_cv_type_struct_msghdr = yes; then + ac_fn_c_check_type "$LINENO" "struct msghdr" "ac_cv_type_struct_msghdr" "$ac_includes_default" +if test "x$ac_cv_type_struct_msghdr" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_MSGHDR 1 @@ -42592,25 +23049,21 @@ fi -{ echo "$as_me:$LINENO: checking for struct winsize" >&5 -echo $ECHO_N "checking for struct winsize... $ECHO_C" >&6; } -if test "${ac_cv_struct_winsize+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct winsize" >&5 +$as_echo_n "checking for struct winsize... " >&6; } +if test "${ac_cv_struct_winsize+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_cv_struct_winsize=no for i in sys/termios.h sys/ioctl.h; do -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include <$i> _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "struct[ ]*winsize" >/dev/null 2>&1; then + $EGREP "struct[ ]*winsize" >/dev/null 2>&1; then : ac_cv_struct_winsize=yes; break fi rm -f conftest* @@ -42620,47 +23073,33 @@ fi if test "$ac_cv_struct_winsize" = "yes"; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_WINSIZE 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_WINSIZE 1" >>confdefs.h fi -{ echo "$as_me:$LINENO: result: $ac_cv_struct_winsize" >&5 -echo "${ECHO_T}$ac_cv_struct_winsize" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_struct_winsize" >&5 +$as_echo "$ac_cv_struct_winsize" >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ws_xpixel" >/dev/null 2>&1; then + $EGREP "ws_xpixel" >/dev/null 2>&1; then : -cat >>confdefs.h <<\_ACEOF -#define HAVE_WS_XPIXEL 1 -_ACEOF +$as_echo "#define HAVE_WS_XPIXEL 1" >>confdefs.h fi rm -f conftest* -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ws_ypixel" >/dev/null 2>&1; then + $EGREP "ws_ypixel" >/dev/null 2>&1; then : -cat >>confdefs.h <<\_ACEOF -#define HAVE_WS_YPIXEL 1 -_ACEOF +$as_echo "#define HAVE_WS_YPIXEL 1" >>confdefs.h fi rm -f conftest* @@ -42669,17 +23108,13 @@ rm -f conftest* -{ echo "$as_me:$LINENO: checking for struct spwd" >&5 -echo $ECHO_N "checking for struct spwd... $ECHO_C" >&6; } -if test "${ac_cv_struct_spwd+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct spwd" >&5 +$as_echo_n "checking for struct spwd... " >&6; } +if test "${ac_cv_struct_spwd+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -42694,43 +23129,21 @@ struct spwd foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_struct_spwd=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_struct_spwd=no + ac_cv_struct_spwd=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_struct_spwd" >&5 -echo "${ECHO_T}$ac_cv_struct_spwd" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_struct_spwd" >&5 +$as_echo "$ac_cv_struct_spwd" >&6; } if test "$ac_cv_struct_spwd" = "yes"; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_SPWD 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_SPWD 1" >>confdefs.h fi @@ -42742,7 +23155,7 @@ fi # Check whether --enable-socket-wrapper was given. -if test "${enable_socket_wrapper+set}" = set; then +if test "${enable_socket_wrapper+set}" = set; then : enableval=$enable_socket_wrapper; fi @@ -42757,9 +23170,7 @@ fi if test "x$enable_socket_wrapper" = xyes ; then -cat >>confdefs.h <<\_ACEOF -#define SOCKET_WRAPPER_REPLACE 1 -_ACEOF +$as_echo "#define SOCKET_WRAPPER_REPLACE 1" >>confdefs.h fi @@ -42774,14 +23185,12 @@ LIB_roken="\$(top_builddir)/lib/vers/libvers.la $LIB_roken" # Check whether --enable-otp was given. -if test "${enable_otp+set}" = set; then +if test "${enable_otp+set}" = set; then : enableval=$enable_otp; fi if test "$enable_otp" = yes -a "$db_type" = unknown; then - { { echo "$as_me:$LINENO: error: OTP requires a NDBM/DB compatible library" >&5 -echo "$as_me: error: OTP requires a NDBM/DB compatible library" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "OTP requires a NDBM/DB compatible library" "$LINENO" 5 fi if test "$enable_otp" != no; then if test "$db_type" != unknown; then @@ -42792,17 +23201,15 @@ if test "$enable_otp" != no; then fi if test "$enable_otp" = yes; then -cat >>confdefs.h <<\_ACEOF -#define OTP 1 -_ACEOF +$as_echo "#define OTP 1" >>confdefs.h LIB_otp='$(top_builddir)/lib/otp/libotp.la' fi -{ echo "$as_me:$LINENO: checking whether to enable OTP library" >&5 -echo $ECHO_N "checking whether to enable OTP library... $ECHO_C" >&6; } -{ echo "$as_me:$LINENO: result: $enable_otp" >&5 -echo "${ECHO_T}$enable_otp" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable OTP library" >&5 +$as_echo_n "checking whether to enable OTP library... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_otp" >&5 +$as_echo "$enable_otp" >&6; } if test "$enable_otp" = yes; then OTP_TRUE= OTP_FALSE='#' @@ -42813,17 +23220,151 @@ fi + +for ac_header in dispatch/dispatch.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "dispatch/dispatch.h" "ac_cv_header_dispatch_dispatch_h" "$ac_includes_default" +if test "x$ac_cv_header_dispatch_dispatch_h" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_DISPATCH_DISPATCH_H 1 +_ACEOF + +fi + +done + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dispatch_async_f" >&5 +$as_echo_n "checking for dispatch_async_f... " >&6; } +if test "${ac_cv_funclib_dispatch_async_f+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +if eval "test \"\$ac_cv_func_dispatch_async_f\" != yes" ; then + ac_save_LIBS="$LIBS" + for ac_lib in "" dispatch; do + case "$ac_lib" in + "") ;; + yes) ac_lib="" ;; + no) continue ;; + -l*) ;; + *) ac_lib="-l$ac_lib" ;; + esac + LIBS=" $ac_lib $ac_save_LIBS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef HAVE_DISPATCH_DISPATCH_H +#include +#endif +int +main () +{ +dispatch_async_f(0,0,0) + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + eval "if test -n \"$ac_lib\";then ac_cv_funclib_dispatch_async_f=$ac_lib; else ac_cv_funclib_dispatch_async_f=yes; fi";break +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + done + eval "ac_cv_funclib_dispatch_async_f=\${ac_cv_funclib_dispatch_async_f-no}" + LIBS="$ac_save_LIBS" +fi + +fi + + +eval "ac_res=\$ac_cv_funclib_dispatch_async_f" + +if false; then + for ac_func in dispatch_async_f +do : + ac_fn_c_check_func "$LINENO" "dispatch_async_f" "ac_cv_func_dispatch_async_f" +if test "x$ac_cv_func_dispatch_async_f" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_DISPATCH_ASYNC_F 1 +_ACEOF + +fi +done + +fi +# dispatch_async_f +eval "ac_tr_func=HAVE_`echo dispatch_async_f | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" +eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" +eval "LIB_dispatch_async_f=$ac_res" + +case "$ac_res" in + yes) + eval "ac_cv_func_dispatch_async_f=yes" + eval "LIB_dispatch_async_f=" + cat >>confdefs.h <<_ACEOF +#define $ac_tr_func 1 +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + ;; + no) + eval "ac_cv_func_dispatch_async_f=no" + eval "LIB_dispatch_async_f=" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + ;; + *) + eval "ac_cv_func_dispatch_async_f=yes" + eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" + cat >>confdefs.h <<_ACEOF +#define $ac_tr_func 1 +_ACEOF + + cat >>confdefs.h <<_ACEOF +#define $ac_tr_lib 1 +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } + ;; +esac + + + +if test "$ac_cv_func_dispatch_async_f" = yes ; then + +$as_echo "#define HAVE_GCD 1" >>confdefs.h + + libdispatch=yes +else + libdispatch=no +fi + + if test "$libdispatch" = yes; then + have_gcd_TRUE= + have_gcd_FALSE='#' +else + have_gcd_TRUE='#' + have_gcd_FALSE= +fi + + + + + # Check whether --enable-osfc2 was given. -if test "${enable_osfc2+set}" = set; then +if test "${enable_osfc2+set}" = set; then : enableval=$enable_osfc2; fi LIB_security= if test "$enable_osfc2" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_OSFC2 1 -_ACEOF +$as_echo "#define HAVE_OSFC2 1" >>confdefs.h LIB_security=-lsecurity fi @@ -42831,20 +23372,18 @@ fi # Check whether --enable-mmap was given. -if test "${enable_mmap+set}" = set; then +if test "${enable_mmap+set}" = set; then : enableval=$enable_mmap; fi if test "$enable_mmap" = "no"; then -cat >>confdefs.h <<\_ACEOF -#define NO_MMAP 1 -_ACEOF +$as_echo "#define NO_MMAP 1" >>confdefs.h fi # Check whether --enable-afs-string-to-key was given. -if test "${enable_afs_string_to_key+set}" = set; then +if test "${enable_afs_string_to_key+set}" = set; then : enableval=$enable_afs_string_to_key; else enable_afs_string_to_key=yes @@ -42853,19 +23392,17 @@ fi if test "$enable_afs_string_to_key" = "yes"; then -cat >>confdefs.h <<\_ACEOF -#define ENABLE_AFS_STRING_TO_KEY 1 -_ACEOF +$as_echo "#define ENABLE_AFS_STRING_TO_KEY 1" >>confdefs.h fi # Extract the first word of "nroff", so it can be a program name with args. set dummy nroff; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_path_NROFF+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_path_NROFF+set}" = set; then : + $as_echo_n "(cached) " >&6 else case $NROFF in [\\/]* | ?:[\\/]*) @@ -42877,14 +23414,14 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do + for ac_exec_ext in '' $ac_executable_extensions; do if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_path_NROFF="$as_dir/$ac_word$ac_exec_ext" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS ;; @@ -42892,20 +23429,20 @@ esac fi NROFF=$ac_cv_path_NROFF if test -n "$NROFF"; then - { echo "$as_me:$LINENO: result: $NROFF" >&5 -echo "${ECHO_T}$NROFF" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NROFF" >&5 +$as_echo "$NROFF" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi # Extract the first word of "groff", so it can be a program name with args. set dummy groff; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_path_GROFF+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_path_GROFF+set}" = set; then : + $as_echo_n "(cached) " >&6 else case $GROFF in [\\/]* | ?:[\\/]*) @@ -42917,14 +23454,14 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do + for ac_exec_ext in '' $ac_executable_extensions; do if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_path_GROFF="$as_dir/$ac_word$ac_exec_ext" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS ;; @@ -42932,26 +23469,25 @@ esac fi GROFF=$ac_cv_path_GROFF if test -n "$GROFF"; then - { echo "$as_me:$LINENO: result: $GROFF" >&5 -echo "${ECHO_T}$GROFF" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $GROFF" >&5 +$as_echo "$GROFF" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -{ echo "$as_me:$LINENO: checking how to format man pages" >&5 -echo $ECHO_N "checking how to format man pages... $ECHO_C" >&6; } -if test "${ac_cv_sys_man_format+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to format man pages" >&5 +$as_echo_n "checking how to format man pages... " >&6; } +if test "${ac_cv_sys_man_format+set}" = set; then : + $as_echo_n "(cached) " >&6 else cat > conftest.1 << END .Dd January 1, 1970 .Dt CONFTEST 1 .Sh NAME .Nm conftest -.Nd -foobar +.Nd foobar END if test "$NROFF" ; then @@ -42977,8 +23513,8 @@ if test "$ac_cv_sys_man_format"; then fi fi -{ echo "$as_me:$LINENO: result: $ac_cv_sys_man_format" >&5 -echo "${ECHO_T}$ac_cv_sys_man_format" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_man_format" >&5 +$as_echo "$ac_cv_sys_man_format" >&6; } if test "$ac_cv_sys_man_format"; then CATMAN="$ac_cv_sys_man_format" @@ -42991,10 +23527,10 @@ else CATMAN_FALSE= fi -{ echo "$as_me:$LINENO: checking extension of pre-formatted manual pages" >&5 -echo $ECHO_N "checking extension of pre-formatted manual pages... $ECHO_C" >&6; } -if test "${ac_cv_sys_catman_ext+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking extension of pre-formatted manual pages" >&5 +$as_echo_n "checking extension of pre-formatted manual pages... " >&6; } +if test "${ac_cv_sys_catman_ext+set}" = set; then : + $as_echo_n "(cached) " >&6 else if grep _suffix /etc/man.conf > /dev/null 2>&1; then ac_cv_sys_catman_ext=0 @@ -43003,8 +23539,8 @@ else fi fi -{ echo "$as_me:$LINENO: result: $ac_cv_sys_catman_ext" >&5 -echo "${ECHO_T}$ac_cv_sys_catman_ext" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_catman_ext" >&5 +$as_echo "$ac_cv_sys_catman_ext" >&6; } if test "$ac_cv_sys_catman_ext" = number; then CATMANEXT='$$section' else @@ -43016,17 +23552,15 @@ fi # Check whether --with-readline was given. -if test "${with_readline+set}" = set; then +if test "${with_readline+set}" = set; then : withval=$with_readline; fi # Check whether --with-readline-lib was given. -if test "${with_readline_lib+set}" = set; then +if test "${with_readline_lib+set}" = set; then : withval=$with_readline_lib; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-readline-lib" >&5 -echo "$as_me: error: No argument for --with-readline-lib" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "No argument for --with-readline-lib" "$LINENO" 5 elif test "X$with_readline" = "X"; then with_readline=yes fi @@ -43034,11 +23568,9 @@ fi # Check whether --with-readline-include was given. -if test "${with_readline_include+set}" = set; then +if test "${with_readline_include+set}" = set; then : withval=$with_readline_include; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-readline-include" >&5 -echo "$as_me: error: No argument for --with-readline-include" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "No argument for --with-readline-include" "$LINENO" 5 elif test "X$with_readline" = "X"; then with_readline=yes fi @@ -43046,15 +23578,15 @@ fi # Check whether --with-readline-config was given. -if test "${with_readline_config+set}" = set; then +if test "${with_readline_config+set}" = set; then : withval=$with_readline_config; fi -{ echo "$as_me:$LINENO: checking for readline" >&5 -echo $ECHO_N "checking for readline... $ECHO_C" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for readline" >&5 +$as_echo_n "checking for readline... " >&6; } case "$with_readline" in yes|"") d='' ;; @@ -43118,14 +23650,29 @@ if test "$with_readline" != no; then if test "$readline_cflags" -a "$readline_libs"; then CFLAGS="$readline_cflags $save_CFLAGS" LIBS="$readline_libs $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ + for ac_header in readline.h readline/readline.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + +fi + +done + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include - #include +#if defined(HAVE_READLINE_READLINE_H) +#include +#elif defined(HAVE_READLINE_H) +#include +#endif + int main () { @@ -43134,52 +23681,44 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : INCLUDE_readline="$readline_cflags" LIB_readline="$readline_libs" - { echo "$as_me:$LINENO: result: from $with_readline_config" >&5 -echo "${ECHO_T}from $with_readline_config" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: from $with_readline_config" >&5 +$as_echo "from $with_readline_config" >&6; } found=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi if test "$found" = no; then ires= lres= for i in $header_dirs; do CFLAGS="-I$i $save_CFLAGS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ + for ac_header in readline.h readline/readline.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + +fi + +done + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include - #include +#if defined(HAVE_READLINE_READLINE_H) +#include +#elif defined(HAVE_READLINE_H) +#include +#endif + int main () { @@ -43188,43 +23727,22 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ires=$i;break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext done for i in $lib_dirs; do LIBS="-L$i -lreadline $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include - #include +#if defined(HAVE_READLINE_READLINE_H) +#include +#elif defined(HAVE_READLINE_H) +#include +#endif + int main () { @@ -43233,41 +23751,18 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : lres=$i;break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done if test "$ires" -a "$lres" -a "$with_readline" != "no"; then INCLUDE_readline="-I$ires" LIB_readline="-L$lres -lreadline " found=yes - { echo "$as_me:$LINENO: result: headers $ires, libraries $lres" >&5 -echo "${ECHO_T}headers $ires, libraries $lres" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: headers $ires, libraries $lres" >&5 +$as_echo "headers $ires, libraries $lres" >&6; } fi fi CFLAGS="$save_CFLAGS" @@ -43285,8 +23780,8 @@ else with_readline=no INCLUDE_readline= LIB_readline= - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -43295,18 +23790,260 @@ fi +# Check whether --with-libedit was given. +if test "${with_libedit+set}" = set; then : + withval=$with_libedit; +fi + + +# Check whether --with-libedit-lib was given. +if test "${with_libedit_lib+set}" = set; then : + withval=$with_libedit_lib; if test "$withval" = "yes" -o "$withval" = "no"; then + as_fn_error "No argument for --with-libedit-lib" "$LINENO" 5 +elif test "X$with_libedit" = "X"; then + with_libedit=yes +fi +fi + + +# Check whether --with-libedit-include was given. +if test "${with_libedit_include+set}" = set; then : + withval=$with_libedit_include; if test "$withval" = "yes" -o "$withval" = "no"; then + as_fn_error "No argument for --with-libedit-include" "$LINENO" 5 +elif test "X$with_libedit" = "X"; then + with_libedit=yes +fi +fi + + +# Check whether --with-libedit-config was given. +if test "${with_libedit_config+set}" = set; then : + withval=$with_libedit_config; +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for libedit" >&5 +$as_echo_n "checking for libedit... " >&6; } + +case "$with_libedit" in +yes|"") d='' ;; +no) d= ;; +*) d="$with_libedit" ;; +esac + +header_dirs= +lib_dirs= +for i in $d; do + if test "$with_libedit_include" = ""; then + if test -d "$i/include/libedit"; then + header_dirs="$header_dirs $i/include/libedit" + fi + if test -d "$i/include"; then + header_dirs="$header_dirs $i/include" + fi + fi + if test "$with_libedit_lib" = ""; then + if test -d "$i/lib$abilibdirext"; then + lib_dirs="$lib_dirs $i/lib$abilibdirext" + fi + fi +done + +if test "$with_libedit_include"; then + header_dirs="$with_libedit_include $header_dirs" +fi +if test "$with_libedit_lib"; then + lib_dirs="$with_libedit_lib $lib_dirs" +fi + +if test "$with_libedit_config" = ""; then + with_libedit_config='' +fi + +libedit_cflags= +libedit_libs= + +case "$with_libedit_config" in +yes|no|""|"") + if test -f $with_libedit/bin/ ; then + with_libedit_config=$with_libedit/bin/ + fi + ;; +esac + +case "$with_libedit_config" in +yes|no|"") + ;; +*) + libedit_cflags="`$with_libedit_config --cflags 2>&1`" + libedit_libs="`$with_libedit_config --libs 2>&1`" + ;; +esac + +found=no +if test "$with_libedit" != no; then + save_CFLAGS="$CFLAGS" + save_LIBS="$LIBS" + if test "$libedit_cflags" -a "$libedit_libs"; then + CFLAGS="$libedit_cflags $save_CFLAGS" + LIBS="$libedit_libs $save_LIBS" + for ac_header in readline.h readline/readline.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#if defined(HAVE_READLINE_READLINE_H) +#include +#elif defined(HAVE_READLINE_H) +#include +#endif + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + + INCLUDE_libedit="$libedit_cflags" + LIB_libedit="$libedit_libs" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: from $with_libedit_config" >&5 +$as_echo "from $with_libedit_config" >&6; } + found=yes +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + fi + if test "$found" = no; then + ires= lres= + for i in $header_dirs; do + CFLAGS="-I$i $save_CFLAGS" + for ac_header in readline.h readline/readline.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#if defined(HAVE_READLINE_READLINE_H) +#include +#elif defined(HAVE_READLINE_H) +#include +#endif + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ires=$i;break +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + done + for i in $lib_dirs; do + LIBS="-L$i -ledit $save_LIBS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#if defined(HAVE_READLINE_READLINE_H) +#include +#elif defined(HAVE_READLINE_H) +#include +#endif + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + lres=$i;break +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + done + if test "$ires" -a "$lres" -a "$with_libedit" != "no"; then + INCLUDE_libedit="-I$ires" + LIB_libedit="-L$lres -ledit " + found=yes + { $as_echo "$as_me:${as_lineno-$LINENO}: result: headers $ires, libraries $lres" >&5 +$as_echo "headers $ires, libraries $lres" >&6; } + fi + fi + CFLAGS="$save_CFLAGS" + LIBS="$save_LIBS" +fi + +if test "$found" = yes; then + +cat >>confdefs.h <<_ACEOF +#define LIBEDIT 1 +_ACEOF + + with_libedit=yes +else + with_libedit=no + INCLUDE_libedit= + LIB_libedit= + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + + + + + +subdirs="$subdirs lib/libedit" + + + + # Check whether --with-hesiod was given. -if test "${with_hesiod+set}" = set; then +if test "${with_hesiod+set}" = set; then : withval=$with_hesiod; fi # Check whether --with-hesiod-lib was given. -if test "${with_hesiod_lib+set}" = set; then +if test "${with_hesiod_lib+set}" = set; then : withval=$with_hesiod_lib; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-hesiod-lib" >&5 -echo "$as_me: error: No argument for --with-hesiod-lib" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "No argument for --with-hesiod-lib" "$LINENO" 5 elif test "X$with_hesiod" = "X"; then with_hesiod=yes fi @@ -43314,11 +24051,9 @@ fi # Check whether --with-hesiod-include was given. -if test "${with_hesiod_include+set}" = set; then +if test "${with_hesiod_include+set}" = set; then : withval=$with_hesiod_include; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-hesiod-include" >&5 -echo "$as_me: error: No argument for --with-hesiod-include" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "No argument for --with-hesiod-include" "$LINENO" 5 elif test "X$with_hesiod" = "X"; then with_hesiod=yes fi @@ -43326,15 +24061,15 @@ fi # Check whether --with-hesiod-config was given. -if test "${with_hesiod_config+set}" = set; then +if test "${with_hesiod_config+set}" = set; then : withval=$with_hesiod_config; fi -{ echo "$as_me:$LINENO: checking for hesiod" >&5 -echo $ECHO_N "checking for hesiod... $ECHO_C" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for hesiod" >&5 +$as_echo_n "checking for hesiod... " >&6; } case "$with_hesiod" in yes|"") d='' ;; @@ -43398,11 +24133,8 @@ if test "$with_hesiod" != no; then if test "$hesiod_cflags" -a "$hesiod_libs"; then CFLAGS="$hesiod_cflags $save_CFLAGS" LIBS="$hesiod_libs $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -43413,49 +24145,23 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : INCLUDE_hesiod="$hesiod_cflags" LIB_hesiod="$hesiod_libs" - { echo "$as_me:$LINENO: result: from $with_hesiod_config" >&5 -echo "${ECHO_T}from $with_hesiod_config" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: from $with_hesiod_config" >&5 +$as_echo "from $with_hesiod_config" >&6; } found=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi if test "$found" = no; then ires= lres= for i in $header_dirs; do CFLAGS="-I$i $save_CFLAGS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -43466,40 +24172,14 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ires=$i;break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext done for i in $lib_dirs; do LIBS="-L$i -lhesiod $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -43510,41 +24190,18 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : lres=$i;break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done if test "$ires" -a "$lres" -a "$with_hesiod" != "no"; then INCLUDE_hesiod="-I$ires" LIB_hesiod="-L$lres -lhesiod " found=yes - { echo "$as_me:$LINENO: result: headers $ires, libraries $lres" >&5 -echo "${ECHO_T}headers $ires, libraries $lres" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: headers $ires, libraries $lres" >&5 +$as_echo "headers $ires, libraries $lres" >&6; } fi fi CFLAGS="$save_CFLAGS" @@ -43562,8 +24219,8 @@ else with_hesiod=no INCLUDE_hesiod= LIB_hesiod= - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -43572,25 +24229,21 @@ fi # Check whether --enable-bigendian was given. -if test "${enable_bigendian+set}" = set; then +if test "${enable_bigendian+set}" = set; then : enableval=$enable_bigendian; krb_cv_c_bigendian=yes fi # Check whether --enable-littleendian was given. -if test "${enable_littleendian+set}" = set; then +if test "${enable_littleendian+set}" = set; then : enableval=$enable_littleendian; krb_cv_c_bigendian=no fi -{ echo "$as_me:$LINENO: checking whether byte order is known at compile time" >&5 -echo $ECHO_N "checking whether byte order is known at compile time... $ECHO_C" >&6; } -if test "${krb_cv_c_bigendian_compile+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether byte order is known at compile time" >&5 +$as_echo_n "checking whether byte order is known at compile time... " >&6; } +if test "${krb_cv_c_bigendian_compile+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -43599,47 +24252,23 @@ cat >>conftest.$ac_ext <<_ACEOF bogus endian macros #endif _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : krb_cv_c_bigendian_compile=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - krb_cv_c_bigendian_compile=no + krb_cv_c_bigendian_compile=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $krb_cv_c_bigendian_compile" >&5 -echo "${ECHO_T}$krb_cv_c_bigendian_compile" >&6; } -{ echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5 -echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6; } -if test "${krb_cv_c_bigendian+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $krb_cv_c_bigendian_compile" >&5 +$as_echo "$krb_cv_c_bigendian_compile" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether byte ordering is bigendian" >&5 +$as_echo_n "checking whether byte ordering is bigendian... " >&6; } +if test "${krb_cv_c_bigendian+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test "$krb_cv_c_bigendian_compile" = "yes"; then - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -43648,43 +24277,17 @@ cat >>conftest.$ac_ext <<_ACEOF not big endian #endif _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : krb_cv_c_bigendian=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - krb_cv_c_bigendian=no + krb_cv_c_bigendian=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext else - if test "$cross_compiling" = yes; then - { { echo "$as_me:$LINENO: error: specify either --enable-bigendian or --enable-littleendian" >&5 -echo "$as_me: error: specify either --enable-bigendian or --enable-littleendian" >&2;} - { (exit 1); exit 1; }; } + if test "$cross_compiling" = yes; then : + as_fn_error "specify either --enable-bigendian or --enable-littleendian" "$LINENO" 5 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ main (int argc, char **argv) { /* Are we little or big endian? From Harbison&Steele. */ @@ -43697,71 +24300,38 @@ main (int argc, char **argv) { exit (u.c[sizeof (long) - 1] == 1); } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : krb_cv_c_bigendian=no else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -krb_cv_c_bigendian=yes + krb_cv_c_bigendian=yes fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - fi fi -{ echo "$as_me:$LINENO: result: $krb_cv_c_bigendian" >&5 -echo "${ECHO_T}$krb_cv_c_bigendian" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $krb_cv_c_bigendian" >&5 +$as_echo "$krb_cv_c_bigendian" >&6; } if test "$krb_cv_c_bigendian" = "yes"; then -cat >>confdefs.h <<\_ACEOF -#define WORDS_BIGENDIAN 1 -_ACEOF +$as_echo "#define WORDS_BIGENDIAN 1" >>confdefs.h fi if test "$krb_cv_c_bigendian_compile" = "yes"; then -cat >>confdefs.h <<\_ACEOF -#define ENDIANESS_IN_SYS_PARAM_H 1 -_ACEOF +$as_echo "#define ENDIANESS_IN_SYS_PARAM_H 1" >>confdefs.h fi - -{ echo "$as_me:$LINENO: checking for inline" >&5 -echo $ECHO_N "checking for inline... $ECHO_C" >&6; } -if test "${ac_cv_c_inline+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5 +$as_echo_n "checking for inline... " >&6; } +if test "${ac_cv_c_inline+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_cv_c_inline=no for ac_kw in inline __inline__ __inline; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifndef __cplusplus typedef int foo_t; @@ -43770,39 +24340,16 @@ $ac_kw foo_t foo () {return 0; } #endif _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_c_inline=$ac_kw -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext test "$ac_cv_c_inline" != no && break done fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_inline" >&5 -echo "${ECHO_T}$ac_cv_c_inline" >&6; } - +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5 +$as_echo "$ac_cv_c_inline" >&6; } case $ac_cv_c_inline in inline | yes) ;; @@ -43820,559 +24367,12 @@ _ACEOF esac - - - - -{ echo "$as_me:$LINENO: checking for dlopen" >&5 -echo $ECHO_N "checking for dlopen... $ECHO_C" >&6; } -if test "${ac_cv_funclib_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_dlopen\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" dl; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_DLFCN_H -#include -#endif -int -main () -{ -dlopen(0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_dlopen=$ac_lib; else ac_cv_funclib_dlopen=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_dlopen=\${ac_cv_funclib_dlopen-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_dlopen" - -if false; then - -for ac_func in dlopen -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# dlopen -eval "ac_tr_func=HAVE_`echo dlopen | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_dlopen=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_dlopen=yes" - eval "LIB_dlopen=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_dlopen=no" - eval "LIB_dlopen=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_dlopen=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - if test "$ac_cv_funclib_dlopen" != no; then - HAVE_DLOPEN_TRUE= - HAVE_DLOPEN_FALSE='#' -else - HAVE_DLOPEN_TRUE='#' - HAVE_DLOPEN_FALSE= -fi - - - - -aix=no -case "$host" in -*-*-aix3*) - aix=3 - ;; -*-*-aix4*|*-*-aix5*) - aix=4 - ;; -esac - - if test "$aix" != no; then - AIX_TRUE= - AIX_FALSE='#' -else - AIX_TRUE='#' - AIX_FALSE= -fi - if test "$aix" = 4; then - AIX4_TRUE= - AIX4_FALSE='#' -else - AIX4_TRUE='#' - AIX4_FALSE= -fi - - - -# Check whether --enable-dynamic-afs was given. -if test "${enable_dynamic_afs+set}" = set; then - enableval=$enable_dynamic_afs; -fi - - -if test "$aix" != no; then - if test "$enable_dynamic_afs" != no; then - - if test "$ac_cv_func_dlopen" = no; then - - - -{ echo "$as_me:$LINENO: checking for loadquery" >&5 -echo $ECHO_N "checking for loadquery... $ECHO_C" >&6; } -if test "${ac_cv_funclib_loadquery+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_loadquery\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ld; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -loadquery() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_loadquery=$ac_lib; else ac_cv_funclib_loadquery=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_loadquery=\${ac_cv_funclib_loadquery-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_loadquery" - -if false; then - -for ac_func in loadquery -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# loadquery -eval "ac_tr_func=HAVE_`echo loadquery | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_loadquery=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_loadquery=yes" - eval "LIB_loadquery=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_loadquery=no" - eval "LIB_loadquery=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_loadquery=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - fi - if test "$ac_cv_func_dlopen" != no; then - AIX_EXTRA_KAFS='$(LIB_dlopen)' - elif test "$ac_cv_func_loadquery" != no; then - AIX_EXTRA_KAFS='$(LIB_loadquery)' - else - { echo "$as_me:$LINENO: not using dynloaded AFS library" >&5 -echo "$as_me: not using dynloaded AFS library" >&6;} - AIX_EXTRA_KAFS= - enable_dynamic_afs=no - fi - else - AIX_EXTRA_KAFS= - fi -fi - - if test "$enable_dynamic_afs" != no; then - AIX_DYNAMIC_AFS_TRUE= - AIX_DYNAMIC_AFS_FALSE='#' -else - AIX_DYNAMIC_AFS_TRUE='#' - AIX_DYNAMIC_AFS_FALSE= -fi - - - - - - -irix=no -case "$host" in -*-*-irix4*) - -cat >>confdefs.h <<\_ACEOF -#define IRIX4 1 -_ACEOF - - irix=yes - ;; -*-*-irix*) - irix=yes - ;; -esac - if test "$irix" != no; then - IRIX_TRUE= - IRIX_FALSE='#' -else - IRIX_TRUE='#' - IRIX_FALSE= -fi - - - - - -sunos=no -case "$host" in -*-*-sunos4*) - sunos=40 - ;; -*-*-solaris2.7) - sunos=57 - ;; -*-*-solaris2.[89] | *-*-solaris2.10) - sunos=58 - ;; -*-*-solaris2*) - sunos=50 - ;; -esac -if test "$sunos" != no; then - -cat >>confdefs.h <<_ACEOF -#define SunOS $sunos -_ACEOF - -fi - - -{ echo "$as_me:$LINENO: checking for X" >&5 -echo $ECHO_N "checking for X... $ECHO_C" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for X" >&5 +$as_echo_n "checking for X... " >&6; } # Check whether --with-x was given. -if test "${with_x+set}" = set; then +if test "${with_x+set}" = set; then : withval=$with_x; fi @@ -44382,11 +24382,9 @@ if test "x$with_x" = xno; then have_x=disabled else case $x_includes,$x_libraries in #( - *\'*) { { echo "$as_me:$LINENO: error: Cannot use X directory names containing '" >&5 -echo "$as_me: error: Cannot use X directory names containing '" >&2;} - { (exit 1); exit 1; }; };; #( - *,NONE | NONE,*) if test "${ac_cv_have_x+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + *\'*) as_fn_error "cannot use X directory names containing '" "$LINENO" 5;; #( + *,NONE | NONE,*) if test "${ac_cv_have_x+set}" = set; then : + $as_echo_n "(cached) " >&6 else # One or both of the vars are not set, and there is no cached value. ac_x_includes=no ac_x_libraries=no @@ -44407,7 +24405,7 @@ _ACEOF eval "ac_im_$ac_var=\`\${MAKE-make} $ac_var 2>/dev/null | sed -n 's/^$ac_var=//p'\`" done # Open Windows xmkmf reportedly sets LIBDIR instead of USRLIBDIR. - for ac_extension in a so sl; do + for ac_extension in a so sl dylib la dll; do if test ! -f "$ac_im_usrlibdir/libX11.$ac_extension" && test -f "$ac_im_libdir/libX11.$ac_extension"; then ac_im_usrlibdir=$ac_im_libdir; break @@ -44421,7 +24419,7 @@ _ACEOF *) test -f "$ac_im_incroot/X11/Xos.h" && ac_x_includes=$ac_im_incroot;; esac case $ac_im_usrlibdir in - /usr/lib | /lib) ;; + /usr/lib | /usr/lib64 | /lib | /lib64) ;; *) test -d "$ac_im_usrlibdir" && ac_x_libraries=$ac_im_usrlibdir ;; esac fi @@ -44433,21 +24431,25 @@ fi # Check X11 before X11Rn because it is often a symlink to the current release. ac_x_header_dirs=' /usr/X11/include +/usr/X11R7/include /usr/X11R6/include /usr/X11R5/include /usr/X11R4/include /usr/include/X11 +/usr/include/X11R7 /usr/include/X11R6 /usr/include/X11R5 /usr/include/X11R4 /usr/local/X11/include +/usr/local/X11R7/include /usr/local/X11R6/include /usr/local/X11R5/include /usr/local/X11R4/include /usr/local/include/X11 +/usr/local/include/X11R7 /usr/local/include/X11R6 /usr/local/include/X11R5 /usr/local/include/X11R4 @@ -44469,36 +24471,14 @@ ac_x_header_dirs=' if test "$ac_x_includes" = no; then # Guess where to find include files, by looking for Xlib.h. # First, try using that file with no special directory specified. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then +if ac_fn_c_try_cpp "$LINENO"; then : # We can compile using X headers with no special include directory. ac_x_includes= else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - for ac_dir in $ac_x_header_dirs; do if test -r "$ac_dir/X11/Xlib.h"; then ac_x_includes=$ac_dir @@ -44506,7 +24486,6 @@ sed 's/^/| /' conftest.$ac_ext >&5 fi done fi - rm -f conftest.err conftest.$ac_ext fi # $ac_x_includes = no @@ -44516,11 +24495,7 @@ if test "$ac_x_libraries" = no; then # Don't add to $LIBS permanently. ac_save_LIBS=$LIBS LIBS="-lX11 $LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -44531,36 +24506,16 @@ XrmInitialize () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : LIBS=$ac_save_LIBS # We can link X programs with no special library path. ac_x_libraries= else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - LIBS=$ac_save_LIBS -for ac_dir in `echo "$ac_x_includes $ac_x_header_dirs" | sed s/include/lib/g` + LIBS=$ac_save_LIBS +for ac_dir in `$as_echo "$ac_x_includes $ac_x_header_dirs" | sed s/include/lib/g` do # Don't even attempt the hair of trying to link an X program! - for ac_extension in a so sl; do + for ac_extension in a so sl dylib la dll; do if test -r "$ac_dir/libX11.$ac_extension"; then ac_x_libraries=$ac_dir break 2 @@ -44568,9 +24523,8 @@ do done done fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi # $ac_x_libraries = no case $ac_x_includes,$ac_x_libraries in #( @@ -44591,8 +24545,8 @@ fi fi # $with_x != no if test "$have_x" != yes; then - { echo "$as_me:$LINENO: result: $have_x" >&5 -echo "${ECHO_T}$have_x" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $have_x" >&5 +$as_echo "$have_x" >&6; } no_x=yes else # If each of the values was on the command line, it overrides each guess. @@ -44602,17 +24556,15 @@ else ac_cv_have_x="have_x=yes\ ac_x_includes='$x_includes'\ ac_x_libraries='$x_libraries'" - { echo "$as_me:$LINENO: result: libraries $x_libraries, headers $x_includes" >&5 -echo "${ECHO_T}libraries $x_libraries, headers $x_includes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: libraries $x_libraries, headers $x_includes" >&5 +$as_echo "libraries $x_libraries, headers $x_includes" >&6; } fi if test "$no_x" = yes; then # Not all programs may use this symbol, but it does not hurt to define it. -cat >>confdefs.h <<\_ACEOF -#define X_DISPLAY_MISSING 1 -_ACEOF +$as_echo "#define X_DISPLAY_MISSING 1" >>confdefs.h X_CFLAGS= X_PRE_LIBS= X_LIBS= X_EXTRA_LIBS= else @@ -44625,16 +24577,12 @@ else X_LIBS="$X_LIBS -L$x_libraries" # For Solaris; some versions of Sun CC require a space after -R and # others require no space. Words are not sufficient . . . . - { echo "$as_me:$LINENO: checking whether -R must be followed by a space" >&5 -echo $ECHO_N "checking whether -R must be followed by a space... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether -R must be followed by a space" >&5 +$as_echo_n "checking whether -R must be followed by a space... " >&6; } ac_xsave_LIBS=$LIBS; LIBS="$LIBS -R$x_libraries" ac_xsave_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -44645,37 +24593,13 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } +if ac_fn_c_try_link "$LINENO"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } X_LIBS="$X_LIBS -R$x_libraries" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - LIBS="$ac_xsave_LIBS -R $x_libraries" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + LIBS="$ac_xsave_LIBS -R $x_libraries" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -44686,41 +24610,19 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } +if ac_fn_c_try_link "$LINENO"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } X_LIBS="$X_LIBS -R $x_libraries" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - { echo "$as_me:$LINENO: result: neither works" >&5 -echo "${ECHO_T}neither works" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: neither works" >&5 +$as_echo "neither works" >&6; } fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext ac_c_werror_flag=$ac_xsave_c_werror_flag LIBS=$ac_xsave_LIBS fi @@ -44736,11 +24638,7 @@ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ # libraries were built with DECnet support. And Karl Berry says # the Alpha needs dnet_stub (dnet does not exist). ac_xsave_LIBS="$LIBS"; LIBS="$LIBS $X_LIBS -lX11" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -44758,41 +24656,17 @@ return XOpenDisplay (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_c_try_link "$LINENO"; then : - { echo "$as_me:$LINENO: checking for dnet_ntoa in -ldnet" >&5 -echo $ECHO_N "checking for dnet_ntoa in -ldnet... $ECHO_C" >&6; } -if test "${ac_cv_lib_dnet_dnet_ntoa+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dnet_ntoa in -ldnet" >&5 +$as_echo_n "checking for dnet_ntoa in -ldnet... " >&6; } +if test "${ac_cv_lib_dnet_dnet_ntoa+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-ldnet $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -44810,55 +24684,30 @@ return dnet_ntoa (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_dnet_dnet_ntoa=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dnet_dnet_ntoa=no + ac_cv_lib_dnet_dnet_ntoa=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dnet_dnet_ntoa" >&5 -echo "${ECHO_T}$ac_cv_lib_dnet_dnet_ntoa" >&6; } -if test $ac_cv_lib_dnet_dnet_ntoa = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dnet_dnet_ntoa" >&5 +$as_echo "$ac_cv_lib_dnet_dnet_ntoa" >&6; } +if test "x$ac_cv_lib_dnet_dnet_ntoa" = x""yes; then : X_EXTRA_LIBS="$X_EXTRA_LIBS -ldnet" fi if test $ac_cv_lib_dnet_dnet_ntoa = no; then - { echo "$as_me:$LINENO: checking for dnet_ntoa in -ldnet_stub" >&5 -echo $ECHO_N "checking for dnet_ntoa in -ldnet_stub... $ECHO_C" >&6; } -if test "${ac_cv_lib_dnet_stub_dnet_ntoa+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dnet_ntoa in -ldnet_stub" >&5 +$as_echo_n "checking for dnet_ntoa in -ldnet_stub... " >&6; } +if test "${ac_cv_lib_dnet_stub_dnet_ntoa+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-ldnet_stub $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -44876,47 +24725,25 @@ return dnet_ntoa (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_dnet_stub_dnet_ntoa=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dnet_stub_dnet_ntoa=no + ac_cv_lib_dnet_stub_dnet_ntoa=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dnet_stub_dnet_ntoa" >&5 -echo "${ECHO_T}$ac_cv_lib_dnet_stub_dnet_ntoa" >&6; } -if test $ac_cv_lib_dnet_stub_dnet_ntoa = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dnet_stub_dnet_ntoa" >&5 +$as_echo "$ac_cv_lib_dnet_stub_dnet_ntoa" >&6; } +if test "x$ac_cv_lib_dnet_stub_dnet_ntoa" = x""yes; then : X_EXTRA_LIBS="$X_EXTRA_LIBS -ldnet_stub" fi fi fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS="$ac_xsave_LIBS" # msh@cis.ufl.edu says -lnsl (and -lsocket) are needed for his 386/AT, @@ -44927,101 +24754,20 @@ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ # on Irix 5.2, according to T.E. Dickey. # The functions gethostbyname, getservbyname, and inet_addr are # in -lbsd on LynxOS 3.0.1/i386, according to Lars Hecking. - { echo "$as_me:$LINENO: checking for gethostbyname" >&5 -echo $ECHO_N "checking for gethostbyname... $ECHO_C" >&6; } -if test "${ac_cv_func_gethostbyname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define gethostbyname to an innocuous variant, in case declares gethostbyname. - For example, HP-UX 11i declares gettimeofday. */ -#define gethostbyname innocuous_gethostbyname + ac_fn_c_check_func "$LINENO" "gethostbyname" "ac_cv_func_gethostbyname" +if test "x$ac_cv_func_gethostbyname" = x""yes; then : -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char gethostbyname (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef gethostbyname - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gethostbyname (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_gethostbyname || defined __stub___gethostbyname -choke me -#endif - -int -main () -{ -return gethostbyname (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_gethostbyname=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_gethostbyname=no fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_gethostbyname" >&5 -echo "${ECHO_T}$ac_cv_func_gethostbyname" >&6; } - if test $ac_cv_func_gethostbyname = no; then - { echo "$as_me:$LINENO: checking for gethostbyname in -lnsl" >&5 -echo $ECHO_N "checking for gethostbyname in -lnsl... $ECHO_C" >&6; } -if test "${ac_cv_lib_nsl_gethostbyname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gethostbyname in -lnsl" >&5 +$as_echo_n "checking for gethostbyname in -lnsl... " >&6; } +if test "${ac_cv_lib_nsl_gethostbyname+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lnsl $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -45039,55 +24785,30 @@ return gethostbyname (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_nsl_gethostbyname=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_nsl_gethostbyname=no + ac_cv_lib_nsl_gethostbyname=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_nsl_gethostbyname" >&5 -echo "${ECHO_T}$ac_cv_lib_nsl_gethostbyname" >&6; } -if test $ac_cv_lib_nsl_gethostbyname = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_nsl_gethostbyname" >&5 +$as_echo "$ac_cv_lib_nsl_gethostbyname" >&6; } +if test "x$ac_cv_lib_nsl_gethostbyname" = x""yes; then : X_EXTRA_LIBS="$X_EXTRA_LIBS -lnsl" fi if test $ac_cv_lib_nsl_gethostbyname = no; then - { echo "$as_me:$LINENO: checking for gethostbyname in -lbsd" >&5 -echo $ECHO_N "checking for gethostbyname in -lbsd... $ECHO_C" >&6; } -if test "${ac_cv_lib_bsd_gethostbyname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gethostbyname in -lbsd" >&5 +$as_echo_n "checking for gethostbyname in -lbsd... " >&6; } +if test "${ac_cv_lib_bsd_gethostbyname+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lbsd $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -45105,39 +24826,18 @@ return gethostbyname (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_bsd_gethostbyname=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_bsd_gethostbyname=no + ac_cv_lib_bsd_gethostbyname=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_bsd_gethostbyname" >&5 -echo "${ECHO_T}$ac_cv_lib_bsd_gethostbyname" >&6; } -if test $ac_cv_lib_bsd_gethostbyname = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_bsd_gethostbyname" >&5 +$as_echo "$ac_cv_lib_bsd_gethostbyname" >&6; } +if test "x$ac_cv_lib_bsd_gethostbyname" = x""yes; then : X_EXTRA_LIBS="$X_EXTRA_LIBS -lbsd" fi @@ -45151,101 +24851,20 @@ fi # variants that don't use the name server (or something). -lsocket # must be given before -lnsl if both are needed. We assume that # if connect needs -lnsl, so does gethostbyname. - { echo "$as_me:$LINENO: checking for connect" >&5 -echo $ECHO_N "checking for connect... $ECHO_C" >&6; } -if test "${ac_cv_func_connect+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define connect to an innocuous variant, in case declares connect. - For example, HP-UX 11i declares gettimeofday. */ -#define connect innocuous_connect + ac_fn_c_check_func "$LINENO" "connect" "ac_cv_func_connect" +if test "x$ac_cv_func_connect" = x""yes; then : -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char connect (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef connect - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char connect (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_connect || defined __stub___connect -choke me -#endif - -int -main () -{ -return connect (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_connect=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_connect=no fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_connect" >&5 -echo "${ECHO_T}$ac_cv_func_connect" >&6; } - if test $ac_cv_func_connect = no; then - { echo "$as_me:$LINENO: checking for connect in -lsocket" >&5 -echo $ECHO_N "checking for connect in -lsocket... $ECHO_C" >&6; } -if test "${ac_cv_lib_socket_connect+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for connect in -lsocket" >&5 +$as_echo_n "checking for connect in -lsocket... " >&6; } +if test "${ac_cv_lib_socket_connect+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lsocket $X_EXTRA_LIBS $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -45263,140 +24882,38 @@ return connect (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_socket_connect=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_socket_connect=no + ac_cv_lib_socket_connect=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_socket_connect" >&5 -echo "${ECHO_T}$ac_cv_lib_socket_connect" >&6; } -if test $ac_cv_lib_socket_connect = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_socket_connect" >&5 +$as_echo "$ac_cv_lib_socket_connect" >&6; } +if test "x$ac_cv_lib_socket_connect" = x""yes; then : X_EXTRA_LIBS="-lsocket $X_EXTRA_LIBS" fi fi # Guillermo Gomez says -lposix is necessary on A/UX. - { echo "$as_me:$LINENO: checking for remove" >&5 -echo $ECHO_N "checking for remove... $ECHO_C" >&6; } -if test "${ac_cv_func_remove+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define remove to an innocuous variant, in case declares remove. - For example, HP-UX 11i declares gettimeofday. */ -#define remove innocuous_remove + ac_fn_c_check_func "$LINENO" "remove" "ac_cv_func_remove" +if test "x$ac_cv_func_remove" = x""yes; then : -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char remove (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef remove - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char remove (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_remove || defined __stub___remove -choke me -#endif - -int -main () -{ -return remove (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_remove=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_remove=no fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_remove" >&5 -echo "${ECHO_T}$ac_cv_func_remove" >&6; } - if test $ac_cv_func_remove = no; then - { echo "$as_me:$LINENO: checking for remove in -lposix" >&5 -echo $ECHO_N "checking for remove in -lposix... $ECHO_C" >&6; } -if test "${ac_cv_lib_posix_remove+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for remove in -lposix" >&5 +$as_echo_n "checking for remove in -lposix... " >&6; } +if test "${ac_cv_lib_posix_remove+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lposix $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -45414,140 +24931,38 @@ return remove (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_posix_remove=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_posix_remove=no + ac_cv_lib_posix_remove=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_posix_remove" >&5 -echo "${ECHO_T}$ac_cv_lib_posix_remove" >&6; } -if test $ac_cv_lib_posix_remove = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_posix_remove" >&5 +$as_echo "$ac_cv_lib_posix_remove" >&6; } +if test "x$ac_cv_lib_posix_remove" = x""yes; then : X_EXTRA_LIBS="$X_EXTRA_LIBS -lposix" fi fi # BSDI BSD/OS 2.1 needs -lipc for XOpenDisplay. - { echo "$as_me:$LINENO: checking for shmat" >&5 -echo $ECHO_N "checking for shmat... $ECHO_C" >&6; } -if test "${ac_cv_func_shmat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define shmat to an innocuous variant, in case declares shmat. - For example, HP-UX 11i declares gettimeofday. */ -#define shmat innocuous_shmat + ac_fn_c_check_func "$LINENO" "shmat" "ac_cv_func_shmat" +if test "x$ac_cv_func_shmat" = x""yes; then : -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char shmat (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef shmat - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char shmat (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_shmat || defined __stub___shmat -choke me -#endif - -int -main () -{ -return shmat (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_shmat=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_shmat=no fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_shmat" >&5 -echo "${ECHO_T}$ac_cv_func_shmat" >&6; } - if test $ac_cv_func_shmat = no; then - { echo "$as_me:$LINENO: checking for shmat in -lipc" >&5 -echo $ECHO_N "checking for shmat in -lipc... $ECHO_C" >&6; } -if test "${ac_cv_lib_ipc_shmat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for shmat in -lipc" >&5 +$as_echo_n "checking for shmat in -lipc... " >&6; } +if test "${ac_cv_lib_ipc_shmat+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lipc $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -45565,39 +24980,18 @@ return shmat (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_ipc_shmat=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_ipc_shmat=no + ac_cv_lib_ipc_shmat=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_ipc_shmat" >&5 -echo "${ECHO_T}$ac_cv_lib_ipc_shmat" >&6; } -if test $ac_cv_lib_ipc_shmat = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ipc_shmat" >&5 +$as_echo "$ac_cv_lib_ipc_shmat" >&6; } +if test "x$ac_cv_lib_ipc_shmat" = x""yes; then : X_EXTRA_LIBS="$X_EXTRA_LIBS -lipc" fi @@ -45613,18 +25007,14 @@ fi # These have to be linked with before -lX11, unlike the other # libraries we check for below, so use a different variable. # John Interrante, Karl Berry - { echo "$as_me:$LINENO: checking for IceConnectionNumber in -lICE" >&5 -echo $ECHO_N "checking for IceConnectionNumber in -lICE... $ECHO_C" >&6; } -if test "${ac_cv_lib_ICE_IceConnectionNumber+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for IceConnectionNumber in -lICE" >&5 +$as_echo_n "checking for IceConnectionNumber in -lICE... " >&6; } +if test "${ac_cv_lib_ICE_IceConnectionNumber+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lICE $X_EXTRA_LIBS $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -45642,39 +25032,18 @@ return IceConnectionNumber (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_ICE_IceConnectionNumber=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_ICE_IceConnectionNumber=no + ac_cv_lib_ICE_IceConnectionNumber=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_ICE_IceConnectionNumber" >&5 -echo "${ECHO_T}$ac_cv_lib_ICE_IceConnectionNumber" >&6; } -if test $ac_cv_lib_ICE_IceConnectionNumber = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ICE_IceConnectionNumber" >&5 +$as_echo "$ac_cv_lib_ICE_IceConnectionNumber" >&6; } +if test "x$ac_cv_lib_ICE_IceConnectionNumber" = x""yes; then : X_PRE_LIBS="$X_PRE_LIBS -lSM -lICE" fi @@ -45686,10 +25055,10 @@ fi # try to figure out if we need any additional ld flags, like -R # and yes, the autoconf X test is utterly broken if test "$no_x" != yes; then - { echo "$as_me:$LINENO: checking for special X linker flags" >&5 -echo $ECHO_N "checking for special X linker flags... $ECHO_C" >&6; } -if test "${krb_cv_sys_x_libs_rpath+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for special X linker flags" >&5 +$as_echo_n "checking for special X linker flags... " >&6; } +if test "${krb_cv_sys_x_libs_rpath+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_save_libs="$LIBS" @@ -45714,10 +25083,11 @@ else done fi LIBS="$ac_save_libs $foo $X_PRE_LIBS -lX11 $X_EXTRA_LIBS" - if test "$cross_compiling" = yes; then + if test "$cross_compiling" = yes; then : krb_cv_sys_x_libs_rpath="" ; krb_cv_sys_x_libs="" ; break else - cat >conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ #include foo(void) @@ -45730,46 +25100,22 @@ else } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : krb_cv_sys_x_libs_rpath="$rflag"; krb_cv_sys_x_libs="$foo"; break else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -: + : fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - done LIBS="$ac_save_libs" CFLAGS="$ac_save_cflags" fi -{ echo "$as_me:$LINENO: result: $krb_cv_sys_x_libs_rpath" >&5 -echo "${ECHO_T}$krb_cv_sys_x_libs_rpath" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $krb_cv_sys_x_libs_rpath" >&5 +$as_echo "$krb_cv_sys_x_libs_rpath" >&6; } X_LIBS="$krb_cv_sys_x_libs" fi @@ -45799,10 +25145,10 @@ LDFLAGS="$LDFLAGS $X_LIBS" -{ echo "$as_me:$LINENO: checking for XauWriteAuth" >&5 -echo $ECHO_N "checking for XauWriteAuth... $ECHO_C" >&6; } -if test "${ac_cv_funclib_XauWriteAuth+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for XauWriteAuth" >&5 +$as_echo_n "checking for XauWriteAuth... " >&6; } +if test "${ac_cv_funclib_XauWriteAuth+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_XauWriteAuth\" != yes" ; then @@ -45816,11 +25162,7 @@ if eval "test \"\$ac_cv_func_XauWriteAuth\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -45831,34 +25173,11 @@ XauWriteAuth(0,0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauWriteAuth=$ac_lib; else ac_cv_funclib_XauWriteAuth=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_XauWriteAuth=\${ac_cv_funclib_XauWriteAuth-no}" LIBS="$ac_save_LIBS" @@ -45870,95 +25189,12 @@ fi eval "ac_res=\$ac_cv_funclib_XauWriteAuth" if false; then - -for ac_func in XauWriteAuth -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in XauWriteAuth +do : + ac_fn_c_check_func "$LINENO" "XauWriteAuth" "ac_cv_func_XauWriteAuth" +if test "x$ac_cv_func_XauWriteAuth" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_XAUWRITEAUTH 1 _ACEOF fi @@ -45978,14 +25214,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_XauWriteAuth=no" eval "LIB_XauWriteAuth=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_XauWriteAuth=yes" @@ -45998,8 +25234,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -46009,10 +25245,10 @@ LIBS="$LIB_XauWriteAuth $LIBS" -{ echo "$as_me:$LINENO: checking for XauReadAuth" >&5 -echo $ECHO_N "checking for XauReadAuth... $ECHO_C" >&6; } -if test "${ac_cv_funclib_XauReadAuth+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for XauReadAuth" >&5 +$as_echo_n "checking for XauReadAuth... " >&6; } +if test "${ac_cv_funclib_XauReadAuth+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_XauReadAuth\" != yes" ; then @@ -46026,11 +25262,7 @@ if eval "test \"\$ac_cv_func_XauReadAuth\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -46041,34 +25273,11 @@ XauReadAuth(0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauReadAuth=$ac_lib; else ac_cv_funclib_XauReadAuth=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_XauReadAuth=\${ac_cv_funclib_XauReadAuth-no}" LIBS="$ac_save_LIBS" @@ -46080,95 +25289,12 @@ fi eval "ac_res=\$ac_cv_funclib_XauReadAuth" if false; then - -for ac_func in XauReadAuth -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in XauReadAuth +do : + ac_fn_c_check_func "$LINENO" "XauReadAuth" "ac_cv_func_XauReadAuth" +if test "x$ac_cv_func_XauReadAuth" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_XAUREADAUTH 1 _ACEOF fi @@ -46188,14 +25314,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_XauReadAuth=no" eval "LIB_XauReadAuth=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_XauReadAuth=yes" @@ -46208,8 +25334,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -46218,10 +25344,10 @@ LIBS="$LIB_XauReadAauth $LIBS" -{ echo "$as_me:$LINENO: checking for XauFileName" >&5 -echo $ECHO_N "checking for XauFileName... $ECHO_C" >&6; } -if test "${ac_cv_funclib_XauFileName+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for XauFileName" >&5 +$as_echo_n "checking for XauFileName... " >&6; } +if test "${ac_cv_funclib_XauFileName+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_XauFileName\" != yes" ; then @@ -46235,11 +25361,7 @@ if eval "test \"\$ac_cv_func_XauFileName\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -46250,34 +25372,11 @@ XauFileName() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauFileName=$ac_lib; else ac_cv_funclib_XauFileName=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_XauFileName=\${ac_cv_funclib_XauFileName-no}" LIBS="$ac_save_LIBS" @@ -46289,95 +25388,12 @@ fi eval "ac_res=\$ac_cv_funclib_XauFileName" if false; then - -for ac_func in XauFileName -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in XauFileName +do : + ac_fn_c_check_func "$LINENO" "XauFileName" "ac_cv_func_XauFileName" +if test "x$ac_cv_func_XauFileName" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_XAUFILENAME 1 _ACEOF fi @@ -46397,14 +25413,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_XauFileName=no" eval "LIB_XauFileName=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_XauFileName=yes" @@ -46417,8 +25433,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -46472,16 +25488,12 @@ LDFLAGS=$save_LDFLAGS -{ echo "$as_me:$LINENO: checking for an ANSI C-conforming const" >&5 -echo $ECHO_N "checking for an ANSI C-conforming const... $ECHO_C" >&6; } -if test "${ac_cv_c_const+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5 +$as_echo_n "checking for an ANSI C-conforming const... " >&6; } +if test "${ac_cv_c_const+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -46541,98 +25553,24 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_c_const=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_c_const=no + ac_cv_c_const=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_const" >&5 -echo "${ECHO_T}$ac_cv_c_const" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5 +$as_echo "$ac_cv_c_const" >&6; } if test $ac_cv_c_const = no; then -cat >>confdefs.h <<\_ACEOF -#define const -_ACEOF +$as_echo "#define const /**/" >>confdefs.h fi -{ echo "$as_me:$LINENO: checking for off_t" >&5 -echo $ECHO_N "checking for off_t... $ECHO_C" >&6; } -if test "${ac_cv_type_off_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef off_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_off_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +ac_fn_c_check_type "$LINENO" "off_t" "ac_cv_type_off_t" "$ac_includes_default" +if test "x$ac_cv_type_off_t" = x""yes; then : - ac_cv_type_off_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_off_t" >&5 -echo "${ECHO_T}$ac_cv_type_off_t" >&6; } -if test $ac_cv_type_off_t = yes; then - : else cat >>confdefs.h <<_ACEOF @@ -46641,16 +25579,12 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for mode_t" >&5 -echo $ECHO_N "checking for mode_t... $ECHO_C" >&6; } -if test "${ac_cv_type_mode_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for mode_t" >&5 +$as_echo_n "checking for mode_t... " >&6; } +if test "${ac_cv_type_mode_t+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #if STDC_HEADERS @@ -46660,7 +25594,7 @@ cat >>conftest.$ac_ext <<_ACEOF _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "mode_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then + $EGREP "mode_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then : ac_cv_type_mode_t=yes else ac_cv_type_mode_t=no @@ -46668,26 +25602,20 @@ fi rm -f conftest* fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_mode_t" >&5 -echo "${ECHO_T}$ac_cv_type_mode_t" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_mode_t" >&5 +$as_echo "$ac_cv_type_mode_t" >&6; } if test $ac_cv_type_mode_t = no; then -cat >>confdefs.h <<\_ACEOF -#define mode_t unsigned short -_ACEOF +$as_echo "#define mode_t unsigned short" >>confdefs.h fi -{ echo "$as_me:$LINENO: checking for sig_atomic_t" >&5 -echo $ECHO_N "checking for sig_atomic_t... $ECHO_C" >&6; } -if test "${ac_cv_type_sig_atomic_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sig_atomic_t" >&5 +$as_echo_n "checking for sig_atomic_t... " >&6; } +if test "${ac_cv_type_sig_atomic_t+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #if STDC_HEADERS @@ -46697,7 +25625,7 @@ cat >>conftest.$ac_ext <<_ACEOF #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "sig_atomic_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then + $EGREP "sig_atomic_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then : ac_cv_type_sig_atomic_t=yes else ac_cv_type_sig_atomic_t=no @@ -46705,29 +25633,23 @@ fi rm -f conftest* fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_sig_atomic_t" >&5 -echo "${ECHO_T}$ac_cv_type_sig_atomic_t" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_sig_atomic_t" >&5 +$as_echo "$ac_cv_type_sig_atomic_t" >&6; } if test $ac_cv_type_sig_atomic_t = no; then -cat >>confdefs.h <<\_ACEOF -#define sig_atomic_t int -_ACEOF +$as_echo "#define sig_atomic_t int" >>confdefs.h fi cv=`echo "long long" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for long long" >&5 -echo $ECHO_N "checking for long long... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for long long" >&5 +$as_echo_n "checking for long long... " >&6; } +if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -46744,93 +25666,21 @@ long long foo; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_type_$cv=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" + eval "ac_cv_type_$cv=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_foo" >&5 +$as_echo "$ac_foo" >&6; } if test "$ac_foo" = yes; then ac_tr_hdr=HAVE_`echo long long | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` if false; then - { echo "$as_me:$LINENO: checking for long long" >&5 -echo $ECHO_N "checking for long long... $ECHO_C" >&6; } -if test "${ac_cv_type_long_long+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef long long ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_long_long=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_long_long=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_long_long" >&5 -echo "${ECHO_T}$ac_cv_type_long_long" >&6; } -if test $ac_cv_type_long_long = yes; then + ac_fn_c_check_type "$LINENO" "long long" "ac_cv_type_long_long" "$ac_includes_default" +if test "x$ac_cv_type_long_long" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LONG_LONG 1 @@ -46847,16 +25697,12 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5 -echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6; } -if test "${ac_cv_header_time+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether time.h and sys/time.h may both be included" >&5 +$as_echo_n "checking whether time.h and sys/time.h may both be included... " >&6; } +if test "${ac_cv_header_time+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -46871,53 +25717,27 @@ return 0; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_header_time=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_header_time=no + ac_cv_header_time=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_time" >&5 -echo "${ECHO_T}$ac_cv_header_time" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_time" >&5 +$as_echo "$ac_cv_header_time" >&6; } if test $ac_cv_header_time = yes; then -cat >>confdefs.h <<\_ACEOF -#define TIME_WITH_SYS_TIME 1 -_ACEOF +$as_echo "#define TIME_WITH_SYS_TIME 1" >>confdefs.h fi -{ echo "$as_me:$LINENO: checking whether struct tm is in sys/time.h or time.h" >&5 -echo $ECHO_N "checking whether struct tm is in sys/time.h or time.h... $ECHO_C" >&6; } -if test "${ac_cv_struct_tm+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether struct tm is in sys/time.h or time.h" >&5 +$as_echo_n "checking whether struct tm is in sys/time.h or time.h... " >&6; } +if test "${ac_cv_struct_tm+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -46927,59 +25747,33 @@ main () { struct tm tm; int *p = &tm.tm_sec; - return !p; + return !p; ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_struct_tm=time.h else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_struct_tm=sys/time.h + ac_cv_struct_tm=sys/time.h fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_struct_tm" >&5 -echo "${ECHO_T}$ac_cv_struct_tm" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_struct_tm" >&5 +$as_echo "$ac_cv_struct_tm" >&6; } if test $ac_cv_struct_tm = sys/time.h; then -cat >>confdefs.h <<\_ACEOF -#define TM_IN_SYS_TIME 1 -_ACEOF +$as_echo "#define TM_IN_SYS_TIME 1" >>confdefs.h fi -{ echo "$as_me:$LINENO: checking for ANSI C header files" >&5 -echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6; } -if test "${ac_cv_header_stdc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 +$as_echo_n "checking for ANSI C header files... " >&6; } +if test "${ac_cv_header_stdc+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -46994,47 +25788,23 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_header_stdc=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_header_stdc=no + ac_cv_header_stdc=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "memchr" >/dev/null 2>&1; then - : + $EGREP "memchr" >/dev/null 2>&1; then : + else ac_cv_header_stdc=no fi @@ -47044,18 +25814,14 @@ fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "free" >/dev/null 2>&1; then - : + $EGREP "free" >/dev/null 2>&1; then : + else ac_cv_header_stdc=no fi @@ -47065,14 +25831,10 @@ fi if test $ac_cv_header_stdc = yes; then # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. - if test "$cross_compiling" = yes; then + if test "$cross_compiling" = yes; then : : else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include @@ -47099,111 +25861,36 @@ main () return 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - : +if ac_fn_c_try_run "$LINENO"; then : + else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_header_stdc=no + ac_cv_header_stdc=no fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - fi fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5 -echo "${ECHO_T}$ac_cv_header_stdc" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 +$as_echo "$ac_cv_header_stdc" >&6; } if test $ac_cv_header_stdc = yes; then -cat >>confdefs.h <<\_ACEOF -#define STDC_HEADERS 1 -_ACEOF +$as_echo "#define STDC_HEADERS 1" >>confdefs.h fi - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - for ac_header in \ + CommonCrypto/CommonDigest.h \ + CommonCrypto/CommonCryptor.h \ arpa/ftp.h \ arpa/telnet.h \ bind/bitypes.h \ bsdsetjmp.h \ curses.h \ dlfcn.h \ + execinfo.h \ fnmatch.h \ inttypes.h \ io.h \ @@ -47212,7 +25899,6 @@ for ac_header in \ maillock.h \ netgroup.h \ netinet/in6_machtypes.h \ - netinfo/ni.h \ pthread.h \ pty.h \ sac.h \ @@ -47241,6 +25927,7 @@ for ac_header in \ sys/times.h \ sys/types.h \ sys/un.h \ + locale.h \ termcap.h \ termio.h \ termios.h \ @@ -47251,143 +25938,13 @@ for ac_header in \ utmp.h \ utmpx.h \ -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi @@ -47395,55 +25952,12 @@ fi done - for ac_header in term.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f conftest.err conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +do : + ac_fn_c_check_header_preproc "$LINENO" "term.h" "ac_cv_header_term_h" +if test "x$ac_cv_header_term_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_TERM_H 1 _ACEOF fi @@ -47451,61 +25965,34 @@ fi done +for ac_header in asl.h +do : + ac_fn_c_check_header_compile "$LINENO" "asl.h" "ac_cv_header_asl_h" " +#include +#ifndef ASL_STRING_EMERG +#error ASL_STRING_EMERG missing +#endif +" +if test "x$ac_cv_header_asl_h" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_ASL_H 1 +_ACEOF + +fi + +done + for ac_header in net/if.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default +do : + ac_fn_c_check_header_compile "$LINENO" "net/if.h" "ac_cv_header_net_if_h" "$ac_includes_default #if HAVE_SYS_SOCKET_H #include #endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_net_if_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_NET_IF_H 1 _ACEOF fi @@ -47513,61 +26000,16 @@ fi done - for ac_header in sys/ptyvar.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default +do : + ac_fn_c_check_header_compile "$LINENO" "sys/ptyvar.h" "ac_cv_header_sys_ptyvar_h" "$ac_includes_default #if HAVE_SYS_TTY_H #include #endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_sys_ptyvar_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_SYS_PTYVAR_H 1 _ACEOF fi @@ -47575,64 +26017,19 @@ fi done - for ac_header in sys/strtty.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default +do : + ac_fn_c_check_header_compile "$LINENO" "sys/strtty.h" "ac_cv_header_sys_strtty_h" "$ac_includes_default #if HAVE_TERMIOS_H #include #endif #if HAVE_SYS_STREAM_H #include #endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_sys_strtty_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_SYS_STRTTY_H 1 _ACEOF fi @@ -47640,64 +26037,19 @@ fi done - for ac_header in sys/ucred.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default +do : + ac_fn_c_check_header_compile "$LINENO" "sys/ucred.h" "ac_cv_header_sys_ucred_h" "$ac_includes_default #if HAVE_SYS_TYPES_H #include #endif #if HAVE_SYS_PARAM_H #include #endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_sys_ucred_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_SYS_UCRED_H 1 _ACEOF fi @@ -47705,60 +26057,15 @@ fi done - for ac_header in security/pam_modules.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default +do : + ac_fn_c_check_header_compile "$LINENO" "security/pam_modules.h" "ac_cv_header_security_pam_modules_h" "$ac_includes_default #include - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then +" +if test "x$ac_cv_header_security_pam_modules_h" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_SECURITY_PAM_MODULES_H 1 _ACEOF fi @@ -47766,19 +26073,6 @@ fi done -# Check whether --enable-netinfo was given. -if test "${enable_netinfo+set}" = set; then - enableval=$enable_netinfo; -fi - - -if test "$ac_cv_header_netinfo_ni_h" = yes -a "$enable_netinfo" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_NETINFO 1 -_ACEOF - -fi @@ -47787,12 +26081,10 @@ fi - - -{ echo "$as_me:$LINENO: checking for logwtmp" >&5 -echo $ECHO_N "checking for logwtmp... $ECHO_C" >&6; } -if test "${ac_cv_funclib_logwtmp+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for logwtmp" >&5 +$as_echo_n "checking for logwtmp... " >&6; } +if test "${ac_cv_funclib_logwtmp+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_logwtmp\" != yes" ; then @@ -47806,11 +26098,7 @@ if eval "test \"\$ac_cv_func_logwtmp\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_UTIL_H @@ -47825,34 +26113,11 @@ logwtmp(0,0,0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_logwtmp=$ac_lib; else ac_cv_funclib_logwtmp=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_logwtmp=\${ac_cv_funclib_logwtmp-no}" LIBS="$ac_save_LIBS" @@ -47864,95 +26129,12 @@ fi eval "ac_res=\$ac_cv_funclib_logwtmp" if false; then - -for ac_func in logwtmp -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in logwtmp +do : + ac_fn_c_check_func "$LINENO" "logwtmp" "ac_cv_func_logwtmp" +if test "x$ac_cv_func_logwtmp" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_LOGWTMP 1 _ACEOF fi @@ -47972,14 +26154,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_logwtmp=no" eval "LIB_logwtmp=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_logwtmp=yes" @@ -47992,8 +26174,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -48001,10 +26183,10 @@ esac -{ echo "$as_me:$LINENO: checking for logout" >&5 -echo $ECHO_N "checking for logout... $ECHO_C" >&6; } -if test "${ac_cv_funclib_logout+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for logout" >&5 +$as_echo_n "checking for logout... " >&6; } +if test "${ac_cv_funclib_logout+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_logout\" != yes" ; then @@ -48018,11 +26200,7 @@ if eval "test \"\$ac_cv_func_logout\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_UTIL_H @@ -48037,34 +26215,11 @@ logout(0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_logout=$ac_lib; else ac_cv_funclib_logout=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_logout=\${ac_cv_funclib_logout-no}" LIBS="$ac_save_LIBS" @@ -48076,95 +26231,12 @@ fi eval "ac_res=\$ac_cv_funclib_logout" if false; then - -for ac_func in logout -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in logout +do : + ac_fn_c_check_func "$LINENO" "logout" "ac_cv_func_logout" +if test "x$ac_cv_func_logout" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_LOGOUT 1 _ACEOF fi @@ -48184,14 +26256,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_logout=no" eval "LIB_logout=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_logout=yes" @@ -48204,8 +26276,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -48213,10 +26285,10 @@ esac -{ echo "$as_me:$LINENO: checking for openpty" >&5 -echo $ECHO_N "checking for openpty... $ECHO_C" >&6; } -if test "${ac_cv_funclib_openpty+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for openpty" >&5 +$as_echo_n "checking for openpty... " >&6; } +if test "${ac_cv_funclib_openpty+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_openpty\" != yes" ; then @@ -48230,11 +26302,7 @@ if eval "test \"\$ac_cv_func_openpty\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_UTIL_H @@ -48249,34 +26317,11 @@ openpty(0,0,0,0,0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_openpty=$ac_lib; else ac_cv_funclib_openpty=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_openpty=\${ac_cv_funclib_openpty-no}" LIBS="$ac_save_LIBS" @@ -48288,95 +26333,12 @@ fi eval "ac_res=\$ac_cv_funclib_openpty" if false; then - -for ac_func in openpty -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in openpty +do : + ac_fn_c_check_func "$LINENO" "openpty" "ac_cv_func_openpty" +if test "x$ac_cv_func_openpty" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_OPENPTY 1 _ACEOF fi @@ -48396,14 +26358,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_openpty=no" eval "LIB_openpty=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_openpty=yes" @@ -48416,8 +26378,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -48426,10 +26388,10 @@ esac -{ echo "$as_me:$LINENO: checking for tgetent" >&5 -echo $ECHO_N "checking for tgetent... $ECHO_C" >&6; } -if test "${ac_cv_funclib_tgetent+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for tgetent" >&5 +$as_echo_n "checking for tgetent... " >&6; } +if test "${ac_cv_funclib_tgetent+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_tgetent\" != yes" ; then @@ -48443,11 +26405,7 @@ if eval "test \"\$ac_cv_func_tgetent\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef HAVE_TERMCAP_H @@ -48465,34 +26423,11 @@ tgetent(0,0) return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_tgetent=$ac_lib; else ac_cv_funclib_tgetent=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_tgetent=\${ac_cv_funclib_tgetent-no}" LIBS="$ac_save_LIBS" @@ -48504,95 +26439,12 @@ fi eval "ac_res=\$ac_cv_funclib_tgetent" if false; then - -for ac_func in tgetent -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in tgetent +do : + ac_fn_c_check_func "$LINENO" "tgetent" "ac_cv_func_tgetent" +if test "x$ac_cv_func_tgetent" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_TGETENT 1 _ACEOF fi @@ -48612,14 +26464,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_tgetent=no" eval "LIB_tgetent=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_tgetent=yes" @@ -48632,48 +26484,19 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - for ac_func in \ _getpty \ _scrsize \ arc4random \ + backtrace \ fcntl \ getpeereid \ getpeerucred \ @@ -48702,352 +26525,70 @@ for ac_func in \ vhangup \ yp_get_default_domain \ -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +eval as_val=\$$as_ac_var + if test "x$as_val" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + +fi +done + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking checking for __sync_add_and_fetch" >&5 +$as_echo_n "checking checking for __sync_add_and_fetch... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - +#include int main () { -return $ac_func (); +unsigned int foo; __sync_add_and_fetch(&foo, 1); ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" +if ac_fn_c_try_link "$LINENO"; then : + ac_rk_have___sync_add_and_fetch=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" + ac_rk_have___sync_add_and_fetch=no fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +if test "$ac_rk_have___sync_add_and_fetch" = "yes" ; then -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +cat >>confdefs.h <<_ACEOF +#define HAVE___SYNC_ADD_AND_FETCH 1 _ACEOF fi -done - - - - -for ac_header in stdlib.h unistd.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_rk_have___sync_add_and_fetch" >&5 +$as_echo "$ac_rk_have___sync_add_and_fetch" >&6; } for ac_func in getpagesize -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then +do : + ac_fn_c_check_func "$LINENO" "getpagesize" "ac_cv_func_getpagesize" +if test "x$ac_cv_func_getpagesize" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_GETPAGESIZE 1 _ACEOF fi done -{ echo "$as_me:$LINENO: checking for working mmap" >&5 -echo $ECHO_N "checking for working mmap... $ECHO_C" >&6; } -if test "${ac_cv_func_mmap_fixed_mapped+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for working mmap" >&5 +$as_echo_n "checking for working mmap... " >&6; } +if test "${ac_cv_func_mmap_fixed_mapped+set}" = set; then : + $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then + if test "$cross_compiling" = yes; then : ac_cv_func_mmap_fixed_mapped=no else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default /* malloc might have been renamed as rpl_malloc. */ @@ -49084,11 +26625,6 @@ char *malloc (); /* This mess was copied from the GNU getpagesize.h. */ #ifndef HAVE_GETPAGESIZE -/* Assume that all systems that can run configure have sys/param.h. */ -# ifndef HAVE_SYS_PARAM_H -# define HAVE_SYS_PARAM_H 1 -# endif - # ifdef _SC_PAGESIZE # define getpagesize() sysconf(_SC_PAGESIZE) # else /* no _SC_PAGESIZE */ @@ -49124,7 +26660,7 @@ main () { char *data, *data2, *data3; int i, pagesize; - int fd; + int fd, fd2; pagesize = getpagesize (); @@ -49137,27 +26673,41 @@ main () umask (0); fd = creat ("conftest.mmap", 0600); if (fd < 0) - return 1; + return 2; if (write (fd, data, pagesize) != pagesize) - return 1; + return 3; close (fd); + /* Next, check that the tail of a page is zero-filled. File must have + non-zero length, otherwise we risk SIGBUS for entire page. */ + fd2 = open ("conftest.txt", O_RDWR | O_CREAT | O_TRUNC, 0600); + if (fd2 < 0) + return 4; + data2 = ""; + if (write (fd2, data2, 1) != 1) + return 5; + data2 = mmap (0, pagesize, PROT_READ | PROT_WRITE, MAP_SHARED, fd2, 0L); + if (data2 == MAP_FAILED) + return 6; + for (i = 0; i < pagesize; ++i) + if (*(data2 + i)) + return 7; + close (fd2); + if (munmap (data2, pagesize)) + return 8; + /* Next, try to mmap the file at a fixed address which already has something else allocated at it. If we can, also make sure that we see the same garbage. */ fd = open ("conftest.mmap", O_RDWR); if (fd < 0) - return 1; - data2 = (char *) malloc (2 * pagesize); - if (!data2) - return 1; - data2 += (pagesize - ((long int) data2 & (pagesize - 1))) & (pagesize - 1); + return 9; if (data2 != mmap (data2, pagesize, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_FIXED, fd, 0L)) - return 1; + return 10; for (i = 0; i < pagesize; ++i) if (*(data + i) != *(data2 + i)) - return 1; + return 11; /* Finally, make sure that changes to the mapped area do not percolate back to the file as seen by read(). (This is a bug on @@ -49166,204 +26716,46 @@ main () *(data2 + i) = *(data2 + i) + 1; data3 = (char *) malloc (pagesize); if (!data3) - return 1; + return 12; if (read (fd, data3, pagesize) != pagesize) - return 1; + return 13; for (i = 0; i < pagesize; ++i) if (*(data + i) != *(data3 + i)) - return 1; + return 14; close (fd); return 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : ac_cv_func_mmap_fixed_mapped=yes else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_mmap_fixed_mapped=no + ac_cv_func_mmap_fixed_mapped=no fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_mmap_fixed_mapped" >&5 -echo "${ECHO_T}$ac_cv_func_mmap_fixed_mapped" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_mmap_fixed_mapped" >&5 +$as_echo "$ac_cv_func_mmap_fixed_mapped" >&6; } if test $ac_cv_func_mmap_fixed_mapped = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_MMAP 1 -_ACEOF +$as_echo "#define HAVE_MMAP 1" >>confdefs.h fi -rm -f conftest.mmap - - +rm -f conftest.mmap conftest.txt for ac_header in capability.h sys/capability.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi @@ -49371,96 +26763,14 @@ fi done - - for ac_func in sgi_getcapabilitybyname cap_set_proc -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +eval as_val=\$$as_ac_var + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi @@ -49472,10 +26782,10 @@ done -{ echo "$as_me:$LINENO: checking for getpwnam_r" >&5 -echo $ECHO_N "checking for getpwnam_r... $ECHO_C" >&6; } -if test "${ac_cv_funclib_getpwnam_r+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for getpwnam_r" >&5 +$as_echo_n "checking for getpwnam_r... " >&6; } +if test "${ac_cv_funclib_getpwnam_r+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_getpwnam_r\" != yes" ; then @@ -49489,11 +26799,7 @@ if eval "test \"\$ac_cv_func_getpwnam_r\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -49504,34 +26810,11 @@ getpwnam_r() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_getpwnam_r=$ac_lib; else ac_cv_funclib_getpwnam_r=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_getpwnam_r=\${ac_cv_funclib_getpwnam_r-no}" LIBS="$ac_save_LIBS" @@ -49543,95 +26826,12 @@ fi eval "ac_res=\$ac_cv_funclib_getpwnam_r" if false; then - -for ac_func in getpwnam_r -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in getpwnam_r +do : + ac_fn_c_check_func "$LINENO" "getpwnam_r" "ac_cv_func_getpwnam_r" +if test "x$ac_cv_func_getpwnam_r" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_GETPWNAM_R 1 _ACEOF fi @@ -49651,14 +26851,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_getpwnam_r=no" eval "LIB_getpwnam_r=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_getpwnam_r=yes" @@ -49671,28 +26871,24 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac if test "$ac_cv_func_getpwnam_r" = yes; then - { echo "$as_me:$LINENO: checking if getpwnam_r is posix" >&5 -echo $ECHO_N "checking if getpwnam_r is posix... $ECHO_C" >&6; } -if test "${ac_cv_func_getpwnam_r_posix+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if getpwnam_r is posix" >&5 +$as_echo_n "checking if getpwnam_r is posix... " >&6; } +if test "${ac_cv_func_getpwnam_r_posix+set}" = set; then : + $as_echo_n "(cached) " >&6 else ac_libs="$LIBS" LIBS="$LIBS $LIB_getpwnam_r" - if test "$cross_compiling" = yes; then + if test "$cross_compiling" = yes; then : : else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #define _POSIX_PTHREAD_SEMANTICS @@ -49704,48 +26900,22 @@ int main(int argc, char **argv) } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : ac_cv_func_getpwnam_r_posix=yes else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_getpwnam_r_posix=no + ac_cv_func_getpwnam_r_posix=no fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - LIBS="$ac_libs" fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getpwnam_r_posix" >&5 -echo "${ECHO_T}$ac_cv_func_getpwnam_r_posix" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_getpwnam_r_posix" >&5 +$as_echo "$ac_cv_func_getpwnam_r_posix" >&6; } if test "$ac_cv_func_getpwnam_r_posix" = yes; then -cat >>confdefs.h <<\_ACEOF -#define POSIX_GETPWNAM_R 1 -_ACEOF +$as_echo "#define POSIX_GETPWNAM_R 1" >>confdefs.h fi fi @@ -49757,10 +26927,10 @@ if test "$enable_pthread_support" != no; then -{ echo "$as_me:$LINENO: checking for door_create" >&5 -echo $ECHO_N "checking for door_create... $ECHO_C" >&6; } -if test "${ac_cv_funclib_door_create+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for door_create" >&5 +$as_echo_n "checking for door_create... " >&6; } +if test "${ac_cv_funclib_door_create+set}" = set; then : + $as_echo_n "(cached) " >&6 else if eval "test \"\$ac_cv_func_door_create\" != yes" ; then @@ -49774,11 +26944,7 @@ if eval "test \"\$ac_cv_func_door_create\" != yes" ; then *) ac_lib="-l$ac_lib" ;; esac LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -49789,34 +26955,11 @@ door_create() return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : eval "if test -n \"$ac_lib\";then ac_cv_funclib_door_create=$ac_lib; else ac_cv_funclib_door_create=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext done eval "ac_cv_funclib_door_create=\${ac_cv_funclib_door_create-no}" LIBS="$ac_save_LIBS" @@ -49828,95 +26971,12 @@ fi eval "ac_res=\$ac_cv_funclib_door_create" if false; then - -for ac_func in door_create -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then + for ac_func in door_create +do : + ac_fn_c_check_func "$LINENO" "door_create" "ac_cv_func_door_create" +if test "x$ac_cv_func_door_create" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define HAVE_DOOR_CREATE 1 _ACEOF fi @@ -49936,14 +26996,14 @@ case "$ac_res" in #define $ac_tr_func 1 _ACEOF - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } ;; no) eval "ac_cv_func_door_create=no" eval "LIB_door_create=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; *) eval "ac_cv_func_door_create=yes" @@ -49956,8 +27016,8 @@ _ACEOF #define $ac_tr_lib 1 _ACEOF - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, in $ac_res" >&5 +$as_echo "yes, in $ac_res" >&6; } ;; esac @@ -49966,7 +27026,7 @@ esac fi # Check whether --enable-kcm was given. -if test "${enable_kcm+set}" = set; then +if test "${enable_kcm+set}" = set; then : enableval=$enable_kcm; else enable_kcm=yes @@ -49980,9 +27040,7 @@ if test "$enable_kcm" = yes ; then fi if test "$enable_kcm" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_KCM 1 -_ACEOF +$as_echo "#define HAVE_KCM 1" >>confdefs.h fi if test "$enable_kcm" = yes; then @@ -49996,96 +27054,14 @@ fi - - for ac_func in getudbnam setlim -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +eval as_val=\$$as_ac_var + if test "x$as_val" = x""yes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi @@ -50096,17 +27072,13 @@ done -{ echo "$as_me:$LINENO: checking for ut_addr in struct utmp" >&5 -echo $ECHO_N "checking for ut_addr in struct utmp... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmp_ut_addr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_addr in struct utmp" >&5 +$as_echo_n "checking for ut_addr in struct utmp... " >&6; } +if test "${ac_cv_type_struct_utmp_ut_addr+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -50117,42 +27089,20 @@ struct utmp x; memset(&x, 0, sizeof(x)); x.ut_addr return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_struct_utmp_ut_addr=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmp_ut_addr=no + ac_cv_type_struct_utmp_ut_addr=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmp_ut_addr" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmp_ut_addr" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmp_ut_addr" >&5 +$as_echo "$ac_cv_type_struct_utmp_ut_addr" >&6; } if test "$ac_cv_type_struct_utmp_ut_addr" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMP_UT_ADDR 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_UTMP_UT_ADDR 1" >>confdefs.h fi @@ -50160,17 +27110,13 @@ fi -{ echo "$as_me:$LINENO: checking for ut_host in struct utmp" >&5 -echo $ECHO_N "checking for ut_host in struct utmp... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmp_ut_host+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_host in struct utmp" >&5 +$as_echo_n "checking for ut_host in struct utmp... " >&6; } +if test "${ac_cv_type_struct_utmp_ut_host+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -50181,42 +27127,20 @@ struct utmp x; memset(&x, 0, sizeof(x)); x.ut_host return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_struct_utmp_ut_host=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmp_ut_host=no + ac_cv_type_struct_utmp_ut_host=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmp_ut_host" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmp_ut_host" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmp_ut_host" >&5 +$as_echo "$ac_cv_type_struct_utmp_ut_host" >&6; } if test "$ac_cv_type_struct_utmp_ut_host" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMP_UT_HOST 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_UTMP_UT_HOST 1" >>confdefs.h fi @@ -50224,17 +27148,13 @@ fi -{ echo "$as_me:$LINENO: checking for ut_id in struct utmp" >&5 -echo $ECHO_N "checking for ut_id in struct utmp... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmp_ut_id+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_id in struct utmp" >&5 +$as_echo_n "checking for ut_id in struct utmp... " >&6; } +if test "${ac_cv_type_struct_utmp_ut_id+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -50245,42 +27165,20 @@ struct utmp x; memset(&x, 0, sizeof(x)); x.ut_id return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_struct_utmp_ut_id=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmp_ut_id=no + ac_cv_type_struct_utmp_ut_id=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmp_ut_id" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmp_ut_id" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmp_ut_id" >&5 +$as_echo "$ac_cv_type_struct_utmp_ut_id" >&6; } if test "$ac_cv_type_struct_utmp_ut_id" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMP_UT_ID 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_UTMP_UT_ID 1" >>confdefs.h fi @@ -50288,17 +27186,13 @@ fi -{ echo "$as_me:$LINENO: checking for ut_pid in struct utmp" >&5 -echo $ECHO_N "checking for ut_pid in struct utmp... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmp_ut_pid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_pid in struct utmp" >&5 +$as_echo_n "checking for ut_pid in struct utmp... " >&6; } +if test "${ac_cv_type_struct_utmp_ut_pid+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -50309,42 +27203,20 @@ struct utmp x; memset(&x, 0, sizeof(x)); x.ut_pid return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_struct_utmp_ut_pid=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmp_ut_pid=no + ac_cv_type_struct_utmp_ut_pid=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmp_ut_pid" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmp_ut_pid" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmp_ut_pid" >&5 +$as_echo "$ac_cv_type_struct_utmp_ut_pid" >&6; } if test "$ac_cv_type_struct_utmp_ut_pid" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMP_UT_PID 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_UTMP_UT_PID 1" >>confdefs.h fi @@ -50352,17 +27224,13 @@ fi -{ echo "$as_me:$LINENO: checking for ut_type in struct utmp" >&5 -echo $ECHO_N "checking for ut_type in struct utmp... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmp_ut_type+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_type in struct utmp" >&5 +$as_echo_n "checking for ut_type in struct utmp... " >&6; } +if test "${ac_cv_type_struct_utmp_ut_type+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -50373,42 +27241,20 @@ struct utmp x; memset(&x, 0, sizeof(x)); x.ut_type return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_struct_utmp_ut_type=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmp_ut_type=no + ac_cv_type_struct_utmp_ut_type=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmp_ut_type" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmp_ut_type" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmp_ut_type" >&5 +$as_echo "$ac_cv_type_struct_utmp_ut_type" >&6; } if test "$ac_cv_type_struct_utmp_ut_type" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMP_UT_TYPE 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_UTMP_UT_TYPE 1" >>confdefs.h fi @@ -50416,17 +27262,13 @@ fi -{ echo "$as_me:$LINENO: checking for ut_user in struct utmp" >&5 -echo $ECHO_N "checking for ut_user in struct utmp... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmp_ut_user+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_user in struct utmp" >&5 +$as_echo_n "checking for ut_user in struct utmp... " >&6; } +if test "${ac_cv_type_struct_utmp_ut_user+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -50437,42 +27279,20 @@ struct utmp x; memset(&x, 0, sizeof(x)); x.ut_user return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_struct_utmp_ut_user=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmp_ut_user=no + ac_cv_type_struct_utmp_ut_user=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmp_ut_user" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmp_ut_user" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmp_ut_user" >&5 +$as_echo "$ac_cv_type_struct_utmp_ut_user" >&6; } if test "$ac_cv_type_struct_utmp_ut_user" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMP_UT_USER 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_UTMP_UT_USER 1" >>confdefs.h fi @@ -50480,17 +27300,279 @@ fi -{ echo "$as_me:$LINENO: checking for ut_exit in struct utmpx" >&5 -echo $ECHO_N "checking for ut_exit in struct utmpx... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmpx_ut_exit+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_host in struct utmpx" >&5 +$as_echo_n "checking for ut_host in struct utmpx... " >&6; } +if test "${ac_cv_type_struct_utmpx_ut_host+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +struct utmpx x; memset(&x, 0, sizeof(x)); x.ut_host + ; + return 0; +} _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_type_struct_utmpx_ut_host=yes +else + ac_cv_type_struct_utmpx_ut_host=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmpx_ut_host" >&5 +$as_echo "$ac_cv_type_struct_utmpx_ut_host" >&6; } +if test "$ac_cv_type_struct_utmpx_ut_host" = yes; then + + +$as_echo "#define HAVE_STRUCT_UTMPX_UT_HOST 1" >>confdefs.h + + +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_id in struct utmpx" >&5 +$as_echo_n "checking for ut_id in struct utmpx... " >&6; } +if test "${ac_cv_type_struct_utmpx_ut_id+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +struct utmpx x; memset(&x, 0, sizeof(x)); x.ut_id + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_type_struct_utmpx_ut_id=yes +else + ac_cv_type_struct_utmpx_ut_id=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmpx_ut_id" >&5 +$as_echo "$ac_cv_type_struct_utmpx_ut_id" >&6; } +if test "$ac_cv_type_struct_utmpx_ut_id" = yes; then + + +$as_echo "#define HAVE_STRUCT_UTMPX_UT_ID 1" >>confdefs.h + + +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_line in struct utmpx" >&5 +$as_echo_n "checking for ut_line in struct utmpx... " >&6; } +if test "${ac_cv_type_struct_utmpx_ut_line+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +struct utmpx x; memset(&x, 0, sizeof(x)); x.ut_line + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_type_struct_utmpx_ut_line=yes +else + ac_cv_type_struct_utmpx_ut_line=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmpx_ut_line" >&5 +$as_echo "$ac_cv_type_struct_utmpx_ut_line" >&6; } +if test "$ac_cv_type_struct_utmpx_ut_line" = yes; then + + +$as_echo "#define HAVE_STRUCT_UTMPX_UT_LINE 1" >>confdefs.h + + +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_pid in struct utmpx" >&5 +$as_echo_n "checking for ut_pid in struct utmpx... " >&6; } +if test "${ac_cv_type_struct_utmpx_ut_pid+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +struct utmpx x; memset(&x, 0, sizeof(x)); x.ut_pid + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_type_struct_utmpx_ut_pid=yes +else + ac_cv_type_struct_utmpx_ut_pid=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmpx_ut_pid" >&5 +$as_echo "$ac_cv_type_struct_utmpx_ut_pid" >&6; } +if test "$ac_cv_type_struct_utmpx_ut_pid" = yes; then + + +$as_echo "#define HAVE_STRUCT_UTMPX_UT_PID 1" >>confdefs.h + + +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_tv in struct utmpx" >&5 +$as_echo_n "checking for ut_tv in struct utmpx... " >&6; } +if test "${ac_cv_type_struct_utmpx_ut_tv+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +struct utmpx x; memset(&x, 0, sizeof(x)); x.ut_tv + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_type_struct_utmpx_ut_tv=yes +else + ac_cv_type_struct_utmpx_ut_tv=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmpx_ut_tv" >&5 +$as_echo "$ac_cv_type_struct_utmpx_ut_tv" >&6; } +if test "$ac_cv_type_struct_utmpx_ut_tv" = yes; then + + +$as_echo "#define HAVE_STRUCT_UTMPX_UT_TV 1" >>confdefs.h + + +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_type in struct utmpx" >&5 +$as_echo_n "checking for ut_type in struct utmpx... " >&6; } +if test "${ac_cv_type_struct_utmpx_ut_type+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +struct utmpx x; memset(&x, 0, sizeof(x)); x.ut_type + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_type_struct_utmpx_ut_type=yes +else + ac_cv_type_struct_utmpx_ut_type=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmpx_ut_type" >&5 +$as_echo "$ac_cv_type_struct_utmpx_ut_type" >&6; } +if test "$ac_cv_type_struct_utmpx_ut_type" = yes; then + + +$as_echo "#define HAVE_STRUCT_UTMPX_UT_TYPE 1" >>confdefs.h + + +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_user in struct utmpx" >&5 +$as_echo_n "checking for ut_user in struct utmpx... " >&6; } +if test "${ac_cv_type_struct_utmpx_ut_user+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +struct utmpx x; memset(&x, 0, sizeof(x)); x.ut_user + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_type_struct_utmpx_ut_user=yes +else + ac_cv_type_struct_utmpx_ut_user=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmpx_ut_user" >&5 +$as_echo "$ac_cv_type_struct_utmpx_ut_user" >&6; } +if test "$ac_cv_type_struct_utmpx_ut_user" = yes; then + + +$as_echo "#define HAVE_STRUCT_UTMPX_UT_USER 1" >>confdefs.h + + +fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_exit in struct utmpx" >&5 +$as_echo_n "checking for ut_exit in struct utmpx... " >&6; } +if test "${ac_cv_type_struct_utmpx_ut_exit+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -50501,42 +27583,20 @@ struct utmpx x; memset(&x, 0, sizeof(x)); x.ut_exit return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_struct_utmpx_ut_exit=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmpx_ut_exit=no + ac_cv_type_struct_utmpx_ut_exit=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmpx_ut_exit" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmpx_ut_exit" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmpx_ut_exit" >&5 +$as_echo "$ac_cv_type_struct_utmpx_ut_exit" >&6; } if test "$ac_cv_type_struct_utmpx_ut_exit" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMPX_UT_EXIT 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_UTMPX_UT_EXIT 1" >>confdefs.h fi @@ -50544,17 +27604,13 @@ fi -{ echo "$as_me:$LINENO: checking for ut_syslen in struct utmpx" >&5 -echo $ECHO_N "checking for ut_syslen in struct utmpx... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmpx_ut_syslen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_syslen in struct utmpx" >&5 +$as_echo_n "checking for ut_syslen in struct utmpx... " >&6; } +if test "${ac_cv_type_struct_utmpx_ut_syslen+set}" = set; then : + $as_echo_n "(cached) " >&6 else -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -50565,60 +27621,27 @@ struct utmpx x; memset(&x, 0, sizeof(x)); x.ut_syslen return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_struct_utmpx_ut_syslen=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmpx_ut_syslen=no + ac_cv_type_struct_utmpx_ut_syslen=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmpx_ut_syslen" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmpx_ut_syslen" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_struct_utmpx_ut_syslen" >&5 +$as_echo "$ac_cv_type_struct_utmpx_ut_syslen" >&6; } if test "$ac_cv_type_struct_utmpx_ut_syslen" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMPX_UT_SYSLEN 1 -_ACEOF +$as_echo "#define HAVE_STRUCT_UTMPX_UT_SYSLEN 1" >>confdefs.h fi -{ echo "$as_me:$LINENO: checking for int8_t" >&5 -echo $ECHO_N "checking for int8_t... $ECHO_C" >&6; } -if test "${ac_cv_type_int8_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +ac_fn_c_check_type "$LINENO" "int8_t" "ac_cv_type_int8_t" " #ifdef HAVE_INTTYPES_H #include #endif @@ -50635,49 +27658,8 @@ cat >>conftest.$ac_ext <<_ACEOF #include #endif - -typedef int8_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_int8_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_int8_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_int8_t" >&5 -echo "${ECHO_T}$ac_cv_type_int8_t" >&6; } -if test $ac_cv_type_int8_t = yes; then +" +if test "x$ac_cv_type_int8_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_INT8_T 1 @@ -50685,18 +27667,7 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for int16_t" >&5 -echo $ECHO_N "checking for int16_t... $ECHO_C" >&6; } -if test "${ac_cv_type_int16_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +ac_fn_c_check_type "$LINENO" "int16_t" "ac_cv_type_int16_t" " #ifdef HAVE_INTTYPES_H #include #endif @@ -50713,49 +27684,8 @@ cat >>conftest.$ac_ext <<_ACEOF #include #endif - -typedef int16_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_int16_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_int16_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_int16_t" >&5 -echo "${ECHO_T}$ac_cv_type_int16_t" >&6; } -if test $ac_cv_type_int16_t = yes; then +" +if test "x$ac_cv_type_int16_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_INT16_T 1 @@ -50763,18 +27693,7 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for int32_t" >&5 -echo $ECHO_N "checking for int32_t... $ECHO_C" >&6; } -if test "${ac_cv_type_int32_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +ac_fn_c_check_type "$LINENO" "int32_t" "ac_cv_type_int32_t" " #ifdef HAVE_INTTYPES_H #include #endif @@ -50791,49 +27710,8 @@ cat >>conftest.$ac_ext <<_ACEOF #include #endif - -typedef int32_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_int32_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_int32_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_int32_t" >&5 -echo "${ECHO_T}$ac_cv_type_int32_t" >&6; } -if test $ac_cv_type_int32_t = yes; then +" +if test "x$ac_cv_type_int32_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_INT32_T 1 @@ -50841,18 +27719,7 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for int64_t" >&5 -echo $ECHO_N "checking for int64_t... $ECHO_C" >&6; } -if test "${ac_cv_type_int64_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +ac_fn_c_check_type "$LINENO" "int64_t" "ac_cv_type_int64_t" " #ifdef HAVE_INTTYPES_H #include #endif @@ -50869,49 +27736,8 @@ cat >>conftest.$ac_ext <<_ACEOF #include #endif - -typedef int64_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_int64_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_int64_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_int64_t" >&5 -echo "${ECHO_T}$ac_cv_type_int64_t" >&6; } -if test $ac_cv_type_int64_t = yes; then +" +if test "x$ac_cv_type_int64_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_INT64_T 1 @@ -50919,18 +27745,7 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for u_int8_t" >&5 -echo $ECHO_N "checking for u_int8_t... $ECHO_C" >&6; } -if test "${ac_cv_type_u_int8_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +ac_fn_c_check_type "$LINENO" "u_int8_t" "ac_cv_type_u_int8_t" " #ifdef HAVE_INTTYPES_H #include #endif @@ -50947,49 +27762,8 @@ cat >>conftest.$ac_ext <<_ACEOF #include #endif - -typedef u_int8_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_u_int8_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_u_int8_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_u_int8_t" >&5 -echo "${ECHO_T}$ac_cv_type_u_int8_t" >&6; } -if test $ac_cv_type_u_int8_t = yes; then +" +if test "x$ac_cv_type_u_int8_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_U_INT8_T 1 @@ -50997,18 +27771,7 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for u_int16_t" >&5 -echo $ECHO_N "checking for u_int16_t... $ECHO_C" >&6; } -if test "${ac_cv_type_u_int16_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +ac_fn_c_check_type "$LINENO" "u_int16_t" "ac_cv_type_u_int16_t" " #ifdef HAVE_INTTYPES_H #include #endif @@ -51025,49 +27788,8 @@ cat >>conftest.$ac_ext <<_ACEOF #include #endif - -typedef u_int16_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_u_int16_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_u_int16_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_u_int16_t" >&5 -echo "${ECHO_T}$ac_cv_type_u_int16_t" >&6; } -if test $ac_cv_type_u_int16_t = yes; then +" +if test "x$ac_cv_type_u_int16_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_U_INT16_T 1 @@ -51075,18 +27797,7 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for u_int32_t" >&5 -echo $ECHO_N "checking for u_int32_t... $ECHO_C" >&6; } -if test "${ac_cv_type_u_int32_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +ac_fn_c_check_type "$LINENO" "u_int32_t" "ac_cv_type_u_int32_t" " #ifdef HAVE_INTTYPES_H #include #endif @@ -51103,49 +27814,8 @@ cat >>conftest.$ac_ext <<_ACEOF #include #endif - -typedef u_int32_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_u_int32_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_u_int32_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_u_int32_t" >&5 -echo "${ECHO_T}$ac_cv_type_u_int32_t" >&6; } -if test $ac_cv_type_u_int32_t = yes; then +" +if test "x$ac_cv_type_u_int32_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_U_INT32_T 1 @@ -51153,18 +27823,7 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for u_int64_t" >&5 -echo $ECHO_N "checking for u_int64_t... $ECHO_C" >&6; } -if test "${ac_cv_type_u_int64_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +ac_fn_c_check_type "$LINENO" "u_int64_t" "ac_cv_type_u_int64_t" " #ifdef HAVE_INTTYPES_H #include #endif @@ -51181,49 +27840,8 @@ cat >>conftest.$ac_ext <<_ACEOF #include #endif - -typedef u_int64_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_u_int64_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_u_int64_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_u_int64_t" >&5 -echo "${ECHO_T}$ac_cv_type_u_int64_t" >&6; } -if test $ac_cv_type_u_int64_t = yes; then +" +if test "x$ac_cv_type_u_int64_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_U_INT64_T 1 @@ -51231,18 +27849,7 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for uint8_t" >&5 -echo $ECHO_N "checking for uint8_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uint8_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +ac_fn_c_check_type "$LINENO" "uint8_t" "ac_cv_type_uint8_t" " #ifdef HAVE_INTTYPES_H #include #endif @@ -51259,49 +27866,8 @@ cat >>conftest.$ac_ext <<_ACEOF #include #endif - -typedef uint8_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uint8_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_uint8_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uint8_t" >&5 -echo "${ECHO_T}$ac_cv_type_uint8_t" >&6; } -if test $ac_cv_type_uint8_t = yes; then +" +if test "x$ac_cv_type_uint8_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_UINT8_T 1 @@ -51309,18 +27875,7 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for uint16_t" >&5 -echo $ECHO_N "checking for uint16_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uint16_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +ac_fn_c_check_type "$LINENO" "uint16_t" "ac_cv_type_uint16_t" " #ifdef HAVE_INTTYPES_H #include #endif @@ -51337,49 +27892,8 @@ cat >>conftest.$ac_ext <<_ACEOF #include #endif - -typedef uint16_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uint16_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_uint16_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uint16_t" >&5 -echo "${ECHO_T}$ac_cv_type_uint16_t" >&6; } -if test $ac_cv_type_uint16_t = yes; then +" +if test "x$ac_cv_type_uint16_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_UINT16_T 1 @@ -51387,18 +27901,7 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for uint32_t" >&5 -echo $ECHO_N "checking for uint32_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uint32_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +ac_fn_c_check_type "$LINENO" "uint32_t" "ac_cv_type_uint32_t" " #ifdef HAVE_INTTYPES_H #include #endif @@ -51415,49 +27918,8 @@ cat >>conftest.$ac_ext <<_ACEOF #include #endif - -typedef uint32_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uint32_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_uint32_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uint32_t" >&5 -echo "${ECHO_T}$ac_cv_type_uint32_t" >&6; } -if test $ac_cv_type_uint32_t = yes; then +" +if test "x$ac_cv_type_uint32_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_UINT32_T 1 @@ -51465,18 +27927,7 @@ _ACEOF fi -{ echo "$as_me:$LINENO: checking for uint64_t" >&5 -echo $ECHO_N "checking for uint64_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uint64_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - +ac_fn_c_check_type "$LINENO" "uint64_t" "ac_cv_type_uint64_t" " #ifdef HAVE_INTTYPES_H #include #endif @@ -51493,49 +27944,8 @@ cat >>conftest.$ac_ext <<_ACEOF #include #endif - -typedef uint64_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uint64_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_uint64_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uint64_t" >&5 -echo "${ECHO_T}$ac_cv_type_uint64_t" >&6; } -if test $ac_cv_type_uint64_t = yes; then +" +if test "x$ac_cv_type_uint64_t" = x""yes; then : cat >>confdefs.h <<_ACEOF #define HAVE_UINT64_T 1 @@ -51547,20 +27957,16 @@ fi -{ echo "$as_me:$LINENO: checking for framework security" >&5 -echo $ECHO_N "checking for framework security... $ECHO_C" >&6; } -if test "${rk_cv_framework_security+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for framework security" >&5 +$as_echo_n "checking for framework security... " >&6; } +if test "${rk_cv_framework_security+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test "$rk_cv_framework_security" != yes; then ac_save_LIBS="$LIBS" LIBS="$ac_save_LIBS -framework Security -framework CoreFoundation" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -51575,34 +27981,11 @@ CFRelease(&searchRef); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : rk_cv_framework_security=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS="$ac_save_LIBS" fi @@ -51611,15 +27994,13 @@ fi if test "$rk_cv_framework_security" = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_FRAMEWORK_SECURITY 1 -_ACEOF +$as_echo "#define HAVE_FRAMEWORK_SECURITY 1" >>confdefs.h - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi if test "$rk_cv_framework_security" = yes; then FRAMEWORK_SECURITY_TRUE= @@ -51633,16 +28014,12 @@ fi if test "$rk_cv_framework_security" = yes; then if test "$ac_cv_func_SecKeyGetCSPHandle+set" != set -o "$ac_cv_func_SecKeyGetCSPHandle" = yes; then -{ echo "$as_me:$LINENO: checking if SecKeyGetCSPHandle needs a prototype" >&5 -echo $ECHO_N "checking if SecKeyGetCSPHandle needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_SecKeyGetCSPHandle_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if SecKeyGetCSPHandle needs a prototype" >&5 +$as_echo_n "checking if SecKeyGetCSPHandle needs a prototype... " >&6; } +if test "${ac_cv_func_SecKeyGetCSPHandle_noproto+set}" = set; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include struct foo { int foo; } xx; @@ -51655,40 +28032,18 @@ SecKeyGetCSPHandle(&xx) return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : eval "ac_cv_func_SecKeyGetCSPHandle_noproto=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_SecKeyGetCSPHandle_noproto=no" + eval "ac_cv_func_SecKeyGetCSPHandle_noproto=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_SecKeyGetCSPHandle_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_SecKeyGetCSPHandle_noproto" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_SecKeyGetCSPHandle_noproto" >&5 +$as_echo "$ac_cv_func_SecKeyGetCSPHandle_noproto" >&6; } if test "$ac_cv_func_SecKeyGetCSPHandle_noproto" = yes; then -cat >>confdefs.h <<\_ACEOF -#define NEED_SECKEYGETCSPHANDLE_PROTO 1 -_ACEOF +$as_echo "#define NEED_SECKEYGETCSPHANDLE_PROTO 1" >>confdefs.h fi fi @@ -51700,326 +28055,45 @@ fi - -{ echo "$as_me:$LINENO: checking for el_init" >&5 -echo $ECHO_N "checking for el_init... $ECHO_C" >&6; } -if test "${ac_cv_funclib_el_init+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_el_init\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" edit; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $LIB_tgetent $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -el_init() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_el_init=$ac_lib; else ac_cv_funclib_el_init=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_el_init=\${ac_cv_funclib_el_init-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_el_init" - -if false; then - -for ac_func in el_init -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# el_init -eval "ac_tr_func=HAVE_`echo el_init | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_el_init=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_el_init=yes" - eval "LIB_el_init=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_el_init=no" - eval "LIB_el_init=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_el_init=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test "$ac_cv_func_el_init" = yes ; then - { echo "$as_me:$LINENO: checking for four argument el_init" >&5 -echo $ECHO_N "checking for four argument el_init... $ECHO_C" >&6; } -if test "${ac_cv_func_el_init_four+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - #include -int -main () -{ -el_init("", NULL, NULL, NULL); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_func_el_init_four=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_el_init_four=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_el_init_four" >&5 -echo "${ECHO_T}$ac_cv_func_el_init_four" >&6; } - if test "$ac_cv_func_el_init_four" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_FOUR_VALUED_EL_INIT 1 -_ACEOF - - fi -fi - - ac_foo=no +build_editline=no if test "$with_readline" = yes; then : +elif test "$with_libedit" = yes; then + LIB_readline="${LIB_libedit}" elif test "$ac_cv_func_readline" = yes; then : -elif test "$ac_cv_func_el_init" = yes; then - ac_foo=yes - LIB_readline="\$(top_builddir)/lib/editline/libel_compat.la \$(LIB_el_init) \$(LIB_tgetent)" else - LIB_readline="\$(top_builddir)/lib/editline/libeditline.la \$(LIB_tgetent)" + build_libedit=yes + LIB_readline="\$(top_builddir)/lib/libedit/src/libheimedit.la \$(LIB_tgetent)" fi - if test "$ac_foo" = yes; then - el_compat_TRUE= - el_compat_FALSE='#' + if test "$build_libedit" = yes; then + LIBEDIT_TRUE= + LIBEDIT_FALSE='#' else - el_compat_TRUE='#' - el_compat_FALSE= + LIBEDIT_TRUE='#' + LIBEDIT_FALSE= fi -cat >>confdefs.h <<\_ACEOF -#define HAVE_READLINE 1 -_ACEOF +$as_echo "#define HAVE_READLINE 1" >>confdefs.h -cat >>confdefs.h <<\_ACEOF -#define AUTHENTICATION 1 -_ACEOF +$as_echo "#define AUTHENTICATION 1" >>confdefs.h -cat >>confdefs.h <<\_ACEOF -#define ENCRYPTION 1 -_ACEOF +$as_echo "#define ENCRYPTION 1" >>confdefs.h -cat >>confdefs.h <<\_ACEOF -#define DES_ENCRYPTION 1 -_ACEOF +$as_echo "#define DES_ENCRYPTION 1" >>confdefs.h -cat >>confdefs.h <<\_ACEOF -#define DIAGNOSTICS 1 -_ACEOF +$as_echo "#define DIAGNOSTICS 1" >>confdefs.h -cat >>confdefs.h <<\_ACEOF -#define OLD_ENVIRON 1 -_ACEOF +$as_echo "#define OLD_ENVIRON 1" >>confdefs.h if false; then -cat >>confdefs.h <<\_ACEOF -#define ENV_HACK 1 -_ACEOF +$as_echo "#define ENV_HACK 1" >>confdefs.h fi @@ -52032,102 +28106,21 @@ case "$host" in *-*-aix3*|*-*-sunos4*|*-*-osf*|*-*-hpux1[01]*) ;; *) - { echo "$as_me:$LINENO: checking for getmsg" >&5 -echo $ECHO_N "checking for getmsg... $ECHO_C" >&6; } -if test "${ac_cv_func_getmsg+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getmsg to an innocuous variant, in case declares getmsg. - For example, HP-UX 11i declares gettimeofday. */ -#define getmsg innocuous_getmsg + ac_fn_c_check_func "$LINENO" "getmsg" "ac_cv_func_getmsg" +if test "x$ac_cv_func_getmsg" = x""yes; then : -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getmsg (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getmsg - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getmsg (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getmsg || defined __stub___getmsg -choke me -#endif - -int -main () -{ -return getmsg (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getmsg=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getmsg=no fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getmsg" >&5 -echo "${ECHO_T}$ac_cv_func_getmsg" >&6; } - if test "$ac_cv_func_getmsg" = "yes"; then - { echo "$as_me:$LINENO: checking if getmsg works" >&5 -echo $ECHO_N "checking if getmsg works... $ECHO_C" >&6; } -if test "${ac_cv_func_getmsg_works+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if getmsg works" >&5 +$as_echo_n "checking if getmsg works... " >&6; } +if test "${ac_cv_func_getmsg_works+set}" = set; then : + $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then + if test "$cross_compiling" = yes; then : ac_cv_func_getmsg_works=no else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -52143,52 +28136,24 @@ cat >>conftest.$ac_ext <<_ACEOF } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : ac_cv_func_getmsg_works=yes else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_getmsg_works=no + ac_cv_func_getmsg_works=no fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getmsg_works" >&5 -echo "${ECHO_T}$ac_cv_func_getmsg_works" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_getmsg_works" >&5 +$as_echo "$ac_cv_func_getmsg_works" >&6; } if test "$ac_cv_func_getmsg_works" = "yes"; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_GETMSG 1 -_ACEOF +$as_echo "#define HAVE_GETMSG 1" >>confdefs.h -cat >>confdefs.h <<\_ACEOF -#define STREAMSPTY 1 -_ACEOF +$as_echo "#define STREAMSPTY 1" >>confdefs.h fi fi @@ -52200,13 +28165,12 @@ esac - # Extract the first word of "compile_et", so it can be a program name with args. set dummy compile_et; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_COMPILE_ET+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_COMPILE_ET+set}" = set; then : + $as_echo_n "(cached) " >&6 else if test -n "$COMPILE_ET"; then ac_cv_prog_COMPILE_ET="$COMPILE_ET" # Let the user override the test. @@ -52216,25 +28180,25 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do + for ac_exec_ext in '' $ac_executable_extensions; do if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_COMPILE_ET="compile_et" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi COMPILE_ET=$ac_cv_prog_COMPILE_ET if test -n "$COMPILE_ET"; then - { echo "$as_me:$LINENO: result: $COMPILE_ET" >&5 -echo "${ECHO_T}$COMPILE_ET" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $COMPILE_ET" >&5 +$as_echo "$COMPILE_ET" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -52244,8 +28208,8 @@ krb_cv_com_err_need_r="" krb_cv_compile_et_cross=no if test "${COMPILE_ET}" = "compile_et"; then -{ echo "$as_me:$LINENO: checking whether compile_et has the features we need" >&5 -echo $ECHO_N "checking whether compile_et has the features we need... $ECHO_C" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether compile_et has the features we need" >&5 +$as_echo_n "checking whether compile_et has the features we need... " >&6; } cat > conftest_et.et <<'EOF' error_table test conf prefix CONFTEST @@ -52260,10 +28224,11 @@ if ${COMPILE_ET} conftest_et.et >/dev/null 2>&1; then if test -d "/usr/include/et"; then CPPFLAGS="-I/usr/include/et ${CPPFLAGS}" fi - if test "$cross_compiling" = yes; then + if test "$cross_compiling" = yes; then : krb_cv_compile_et="yes" krb_cv_compile_et_cross=yes else - cat >conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ #include #include @@ -52275,66 +28240,38 @@ int main(int argc, char **argv){ return (CONFTEST_CODE2 - CONFTEST_CODE1) != 127;} _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then +if ac_fn_c_try_run "$LINENO"; then : krb_cv_compile_et="yes" else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -CPPFLAGS="${save_CPPFLAGS}" + CPPFLAGS="${save_CPPFLAGS}" fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - fi -{ echo "$as_me:$LINENO: result: ${krb_cv_compile_et}" >&5 -echo "${ECHO_T}${krb_cv_compile_et}" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: ${krb_cv_compile_et}" >&5 +$as_echo "${krb_cv_compile_et}" >&6; } if test "${krb_cv_compile_et}" = "yes" -a "${krb_cv_compile_et_cross}" = no; then - { echo "$as_me:$LINENO: checking for if com_err generates a initialize_conf_error_table_r" >&5 -echo $ECHO_N "checking for if com_err generates a initialize_conf_error_table_r... $ECHO_C" >&6; } - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for if com_err generates a initialize_conf_error_table_r" >&5 +$as_echo_n "checking for if com_err generates a initialize_conf_error_table_r... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include "conftest_et.h" _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "initialize_conf_error_table_r.*struct et_list" >/dev/null 2>&1; then + $EGREP "initialize_conf_error_table_r.*struct et_list" >/dev/null 2>&1; then : krb_cv_com_err_need_r="ok" fi rm -f conftest* if test X"$krb_cv_com_err_need_r" = X ; then - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } krb_cv_compile_et=no else - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } fi fi rm -fr conftest* @@ -52345,13 +28282,9 @@ if test "${krb_cv_compile_et_cross}" = yes ; then elif test "${krb_cv_compile_et}" = "yes"; then krb_cv_save_LIBS="${LIBS}" LIBS="${LIBS} -lcom_err" - { echo "$as_me:$LINENO: checking for com_err" >&5 -echo $ECHO_N "checking for com_err... $ECHO_C" >&6; } - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for com_err" >&5 +$as_echo_n "checking for com_err... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -52361,41 +28294,21 @@ main () const char *p; p = error_message(0); initialize_error_table_r(0,0,0,0); + com_right_r(0, 0, 0, 0); ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : krb_cv_com_err="yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - krb_cv_com_err="no"; CPPFLAGS="${save_CPPFLAGS}" + krb_cv_com_err="no"; CPPFLAGS="${save_CPPFLAGS}" fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - { echo "$as_me:$LINENO: result: ${krb_cv_com_err}" >&5 -echo "${ECHO_T}${krb_cv_com_err}" >&6; } +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${krb_cv_com_err}" >&5 +$as_echo "${krb_cv_com_err}" >&6; } LIBS="${krb_cv_save_LIBS}" else krb_cv_com_err="no" @@ -52406,16 +28319,16 @@ if test "${krb_cv_com_err}" = "yes"; then LIB_com_err="-lcom_err" LIB_com_err_a="" LIB_com_err_so="" - { echo "$as_me:$LINENO: Using the already-installed com_err" >&5 -echo "$as_me: Using the already-installed com_err" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: Using the already-installed com_err" >&5 +$as_echo "$as_me: Using the already-installed com_err" >&6;} localcomerr=no elif test "${krb_cv_com_err}" = "cross"; then DIR_com_err="com_err" LIB_com_err="\$(top_builddir)/lib/com_err/libcom_err.la" LIB_com_err_a="\$(top_builddir)/lib/com_err/.libs/libcom_err.a" LIB_com_err_so="\$(top_builddir)/lib/com_err/.libs/libcom_err.so" - { echo "$as_me:$LINENO: Using our own com_err with toolchain compile_et" >&5 -echo "$as_me: Using our own com_err with toolchain compile_et" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: Using our own com_err with toolchain compile_et" >&5 +$as_echo "$as_me: Using our own com_err with toolchain compile_et" >&6;} localcomerr=yes else COMPILE_ET="\$(top_builddir)/lib/com_err/compile_et" @@ -52423,8 +28336,8 @@ else LIB_com_err="\$(top_builddir)/lib/com_err/libcom_err.la" LIB_com_err_a="\$(top_builddir)/lib/com_err/.libs/libcom_err.a" LIB_com_err_so="\$(top_builddir)/lib/com_err/.libs/libcom_err.so" - { echo "$as_me:$LINENO: Using our own com_err" >&5 -echo "$as_me: Using our own com_err" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: Using our own com_err" >&5 +$as_echo "$as_me: Using our own com_err" >&6;} localcomerr=yes fi if test "$localcomerr" = yes; then @@ -52442,8 +28355,8 @@ fi -{ echo "$as_me:$LINENO: checking which authentication modules should be built" >&5 -echo $ECHO_N "checking which authentication modules should be built... $ECHO_C" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking which authentication modules should be built" >&5 +$as_echo_n "checking which authentication modules should be built... " >&6; } z='sia afskauthlib' LIB_AUTH_SUBDIRS= @@ -52474,11 +28387,11 @@ esac esac done if test "$LIB_AUTH_SUBDIRS"; then - { echo "$as_me:$LINENO: result: $LIB_AUTH_SUBDIRS" >&5 -echo "${ECHO_T}$LIB_AUTH_SUBDIRS" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIB_AUTH_SUBDIRS" >&5 +$as_echo "$LIB_AUTH_SUBDIRS" >&6; } else - { echo "$as_me:$LINENO: result: none" >&5 -echo "${ECHO_T}none" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none" >&5 +$as_echo "none" >&6; } fi @@ -52560,7 +28473,7 @@ _ACEOF # Check whether --enable-developer was given. -if test "${enable_developer+set}" = set; then +if test "${enable_developer+set}" = set; then : enableval=$enable_developer; fi @@ -52576,6 +28489,7 @@ if test -z "$WFLAGS" -a "$GCC" = "yes"; then # -Wcast-align doesn't work well on alpha osf/1 # -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast # -Wmissing-declarations -Wnested-externs + # -Wstrict-overflow=5 WFLAGS="-Wall -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs $dwflags" WFLAGS_NOUNUSED="-Wno-unused" WFLAGS_NOIMPLICITINT="-Wno-implicit-int" @@ -52586,7 +28500,22 @@ fi -ac_config_files="$ac_config_files Makefile etc/Makefile include/Makefile include/gssapi/Makefile include/hcrypto/Makefile include/kadm5/Makefile lib/Makefile lib/45/Makefile lib/auth/Makefile lib/auth/afskauthlib/Makefile lib/auth/pam/Makefile lib/auth/sia/Makefile lib/asn1/Makefile lib/com_err/Makefile lib/hcrypto/Makefile lib/editline/Makefile lib/hx509/Makefile lib/gssapi/Makefile lib/ntlm/Makefile lib/hdb/Makefile lib/kadm5/Makefile lib/kafs/Makefile lib/kdfs/Makefile lib/krb5/Makefile lib/otp/Makefile lib/roken/Makefile lib/sl/Makefile lib/vers/Makefile kuser/Makefile kpasswd/Makefile kadmin/Makefile admin/Makefile kcm/Makefile kdc/Makefile appl/Makefile appl/afsutil/Makefile appl/ftp/Makefile appl/ftp/common/Makefile appl/ftp/ftp/Makefile appl/ftp/ftpd/Makefile appl/gssmask/Makefile appl/kx/Makefile appl/login/Makefile appl/otp/Makefile appl/popper/Makefile appl/push/Makefile appl/rsh/Makefile appl/rcp/Makefile appl/su/Makefile appl/xnlock/Makefile appl/telnet/Makefile appl/telnet/libtelnet/Makefile appl/telnet/telnet/Makefile appl/telnet/telnetd/Makefile appl/test/Makefile appl/kf/Makefile appl/dceutils/Makefile tests/Makefile tests/can/Makefile tests/db/Makefile tests/kdc/Makefile tests/ldap/Makefile tests/gss/Makefile tests/java/Makefile tests/plugin/Makefile packages/Makefile packages/mac/Makefile packages/debian/Makefile doc/Makefile tools/Makefile" + +# Check whether --enable-heimdal-documentation was given. +if test "${enable_heimdal_documentation+set}" = set; then : + enableval=$enable_heimdal_documentation; +fi + + if test "$enable_heimdal_documentation" != no; then + HEIMDAL_DOCUMENTATION_TRUE= + HEIMDAL_DOCUMENTATION_FALSE='#' +else + HEIMDAL_DOCUMENTATION_TRUE='#' + HEIMDAL_DOCUMENTATION_FALSE= +fi + + +ac_config_files="$ac_config_files Makefile etc/Makefile include/Makefile include/gssapi/Makefile include/hcrypto/Makefile include/kadm5/Makefile lib/Makefile base/Makefile lib/asn1/Makefile lib/com_err/Makefile lib/hcrypto/Makefile lib/hx509/Makefile lib/gssapi/Makefile lib/ntlm/Makefile lib/hdb/Makefile lib/ipc/Makefile lib/kadm5/Makefile lib/kafs/Makefile lib/kdfs/Makefile lib/krb5/Makefile lib/otp/Makefile lib/roken/Makefile lib/sl/Makefile lib/sqlite/Makefile lib/vers/Makefile lib/wind/Makefile po/Makefile kuser/Makefile kpasswd/Makefile kadmin/Makefile admin/Makefile kcm/Makefile kdc/Makefile appl/Makefile appl/afsutil/Makefile appl/ftp/Makefile appl/ftp/common/Makefile appl/ftp/ftp/Makefile appl/ftp/ftpd/Makefile appl/gssmask/Makefile appl/kx/Makefile appl/login/Makefile appl/otp/Makefile appl/popper/Makefile appl/push/Makefile appl/rsh/Makefile appl/rcp/Makefile appl/su/Makefile appl/xnlock/Makefile appl/telnet/Makefile appl/telnet/libtelnet/Makefile appl/telnet/telnet/Makefile appl/telnet/telnetd/Makefile appl/test/Makefile appl/kf/Makefile appl/dceutils/Makefile tests/Makefile tests/bin/Makefile tests/can/Makefile tests/db/Makefile tests/kdc/Makefile tests/ldap/Makefile tests/gss/Makefile tests/java/Makefile tests/plugin/Makefile packages/Makefile packages/mac/Makefile doc/Makefile tools/Makefile" cat >confcache <<\_ACEOF @@ -52616,12 +28545,13 @@ _ACEOF case $ac_val in #( *${as_nl}*) case $ac_var in #( - *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5 -echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;; + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( - *) $as_unset $ac_var ;; + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done @@ -52629,8 +28559,8 @@ echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;; (set) 2>&1 | case $as_nl`(ac_space=' '; set) 2>&1` in #( *${as_nl}ac_space=\ *) - # `set' does not quote correctly, so add quotes (double-quote - # substitution turns \\\\ into \\, and sed turns \\ into \). + # `set' does not quote correctly, so add quotes: double-quote + # substitution turns \\\\ into \\, and sed turns \\ into \. sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" @@ -52653,12 +28583,12 @@ echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;; if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then test "x$cache_file" != "x/dev/null" && - { echo "$as_me:$LINENO: updating cache $cache_file" >&5 -echo "$as_me: updating cache $cache_file" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 +$as_echo "$as_me: updating cache $cache_file" >&6;} cat confcache >$cache_file else - { echo "$as_me:$LINENO: not updating unwritable cache $cache_file" >&5 -echo "$as_me: not updating unwritable cache $cache_file" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 +$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} fi fi rm -f confcache @@ -52674,255 +28604,206 @@ ac_ltlibobjs= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' - ac_i=`echo "$ac_i" | sed "$ac_script"` + ac_i=`$as_echo "$ac_i" | sed "$ac_script"` # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR # will be set to the directory where LIBOBJS objects are built. - ac_libobjs="$ac_libobjs \${LIBOBJDIR}$ac_i\$U.$ac_objext" - ac_ltlibobjs="$ac_ltlibobjs \${LIBOBJDIR}$ac_i"'$U.lo' + as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" + as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' done LIBOBJS=$ac_libobjs LTLIBOBJS=$ac_ltlibobjs + if test -n "$EXEEXT"; then + am__EXEEXT_TRUE= + am__EXEEXT_FALSE='#' +else + am__EXEEXT_TRUE='#' + am__EXEEXT_FALSE= +fi + if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"MAINTAINER_MODE\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"MAINTAINER_MODE\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error "conditional \"MAINTAINER_MODE\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${ENABLE_SHARED_TRUE}" && test -z "${ENABLE_SHARED_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"ENABLE_SHARED\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"ENABLE_SHARED\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } +if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then + as_fn_error "conditional \"AMDEP\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${versionscript_TRUE}" && test -z "${versionscript_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"versionscript\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"versionscript\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${OPENLDAP_MODULE_TRUE}" && test -z "${OPENLDAP_MODULE_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"OPENLDAP_MODULE\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"OPENLDAP_MODULE\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${PKINIT_TRUE}" && test -z "${PKINIT_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"PKINIT\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"PKINIT\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${KRB4_TRUE}" && test -z "${KRB4_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"KRB4\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"KRB4\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${KRB5_TRUE}" && test -z "${KRB5_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"KRB5\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"KRB5\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${do_roken_rename_TRUE}" && test -z "${do_roken_rename_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"do_roken_rename\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"do_roken_rename\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${HAVE_OPENSSL_TRUE}" && test -z "${HAVE_OPENSSL_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"HAVE_OPENSSL\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"HAVE_OPENSSL\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${DCE_TRUE}" && test -z "${DCE_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"DCE\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"DCE\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${HAVE_DB1_TRUE}" && test -z "${HAVE_DB1_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"HAVE_DB1\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"HAVE_DB1\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${HAVE_DB3_TRUE}" && test -z "${HAVE_DB3_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"HAVE_DB3\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"HAVE_DB3\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${HAVE_NDBM_TRUE}" && test -z "${HAVE_NDBM_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"HAVE_NDBM\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"HAVE_NDBM\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_err_h_TRUE}" && test -z "${have_err_h_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_err_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_err_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_ifaddrs_h_TRUE}" && test -z "${have_ifaddrs_h_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_ifaddrs_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_ifaddrs_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_vis_h_TRUE}" && test -z "${have_vis_h_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_vis_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_vis_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_glob_h_TRUE}" && test -z "${have_glob_h_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_glob_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_glob_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_cgetent_TRUE}" && test -z "${have_cgetent_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_cgetent\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_cgetent\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_fnmatch_h_TRUE}" && test -z "${have_fnmatch_h_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_fnmatch_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_fnmatch_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_socket_wrapper_TRUE}" && test -z "${have_socket_wrapper_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_socket_wrapper\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_socket_wrapper\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${OTP_TRUE}" && test -z "${OTP_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"OTP\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"OTP\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${CATMAN_TRUE}" && test -z "${CATMAN_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"CATMAN\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"CATMAN\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } +if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then + as_fn_error "conditional \"am__fastdepCC\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${AIX_TRUE}" && test -z "${AIX_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"AIX\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"AIX\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error "conditional \"AIX\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${AIX4_TRUE}" && test -z "${AIX4_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"AIX4\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"AIX4\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error "conditional \"AIX4\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${HAVE_DLOPEN_TRUE}" && test -z "${HAVE_DLOPEN_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"HAVE_DLOPEN\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"HAVE_DLOPEN\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error "conditional \"HAVE_DLOPEN\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${AIX_DYNAMIC_AFS_TRUE}" && test -z "${AIX_DYNAMIC_AFS_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"AIX_DYNAMIC_AFS\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"AIX_DYNAMIC_AFS\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error "conditional \"AIX_DYNAMIC_AFS\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${IRIX_TRUE}" && test -z "${IRIX_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"IRIX\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"IRIX\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error "conditional \"IRIX\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${ENABLE_SHARED_TRUE}" && test -z "${ENABLE_SHARED_FALSE}"; then + as_fn_error "conditional \"ENABLE_SHARED\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${versionscript_TRUE}" && test -z "${versionscript_FALSE}"; then + as_fn_error "conditional \"versionscript\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${CROSS_COMPILE_TRUE}" && test -z "${CROSS_COMPILE_FALSE}"; then + as_fn_error "conditional \"CROSS_COMPILE\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${OPENLDAP_MODULE_TRUE}" && test -z "${OPENLDAP_MODULE_FALSE}"; then + as_fn_error "conditional \"OPENLDAP_MODULE\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${PKINIT_TRUE}" && test -z "${PKINIT_FALSE}"; then + as_fn_error "conditional \"PKINIT\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${HAVE_CAPNG_TRUE}" && test -z "${HAVE_CAPNG_FALSE}"; then + as_fn_error "conditional \"HAVE_CAPNG\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${SQLITE3_TRUE}" && test -z "${SQLITE3_FALSE}"; then + as_fn_error "conditional \"SQLITE3\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${have_scc_TRUE}" && test -z "${have_scc_FALSE}"; then + as_fn_error "conditional \"have_scc\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${KRB4_TRUE}" && test -z "${KRB4_FALSE}"; then + as_fn_error "conditional \"KRB4\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${KRB5_TRUE}" && test -z "${KRB5_FALSE}"; then + as_fn_error "conditional \"KRB5\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${do_roken_rename_TRUE}" && test -z "${do_roken_rename_FALSE}"; then + as_fn_error "conditional \"do_roken_rename\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${HAVE_OPENSSL_TRUE}" && test -z "${HAVE_OPENSSL_FALSE}"; then + as_fn_error "conditional \"HAVE_OPENSSL\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${DCE_TRUE}" && test -z "${DCE_FALSE}"; then + as_fn_error "conditional \"DCE\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${HAVE_DB1_TRUE}" && test -z "${HAVE_DB1_FALSE}"; then + as_fn_error "conditional \"HAVE_DB1\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${HAVE_DB3_TRUE}" && test -z "${HAVE_DB3_FALSE}"; then + as_fn_error "conditional \"HAVE_DB3\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${HAVE_NDBM_TRUE}" && test -z "${HAVE_NDBM_FALSE}"; then + as_fn_error "conditional \"HAVE_NDBM\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${HAVE_DBHEADER_TRUE}" && test -z "${HAVE_DBHEADER_FALSE}"; then + as_fn_error "conditional \"HAVE_DBHEADER\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${have_err_h_TRUE}" && test -z "${have_err_h_FALSE}"; then + as_fn_error "conditional \"have_err_h\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${have_ifaddrs_h_TRUE}" && test -z "${have_ifaddrs_h_FALSE}"; then + as_fn_error "conditional \"have_ifaddrs_h\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${have_search_h_TRUE}" && test -z "${have_search_h_FALSE}"; then + as_fn_error "conditional \"have_search_h\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${have_vis_h_TRUE}" && test -z "${have_vis_h_FALSE}"; then + as_fn_error "conditional \"have_vis_h\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${have_glob_h_TRUE}" && test -z "${have_glob_h_FALSE}"; then + as_fn_error "conditional \"have_glob_h\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${have_cgetent_TRUE}" && test -z "${have_cgetent_FALSE}"; then + as_fn_error "conditional \"have_cgetent\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${have_fnmatch_h_TRUE}" && test -z "${have_fnmatch_h_FALSE}"; then + as_fn_error "conditional \"have_fnmatch_h\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${have_socket_wrapper_TRUE}" && test -z "${have_socket_wrapper_FALSE}"; then + as_fn_error "conditional \"have_socket_wrapper\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${OTP_TRUE}" && test -z "${OTP_FALSE}"; then + as_fn_error "conditional \"OTP\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${have_gcd_TRUE}" && test -z "${have_gcd_FALSE}"; then + as_fn_error "conditional \"have_gcd\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${CATMAN_TRUE}" && test -z "${CATMAN_FALSE}"; then + as_fn_error "conditional \"CATMAN\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${HAVE_X_TRUE}" && test -z "${HAVE_X_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"HAVE_X\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"HAVE_X\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error "conditional \"HAVE_X\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${NEED_WRITEAUTH_TRUE}" && test -z "${NEED_WRITEAUTH_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"NEED_WRITEAUTH\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"NEED_WRITEAUTH\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error "conditional \"NEED_WRITEAUTH\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${KCM_TRUE}" && test -z "${KCM_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"KCM\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"KCM\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error "conditional \"KCM\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${FRAMEWORK_SECURITY_TRUE}" && test -z "${FRAMEWORK_SECURITY_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"FRAMEWORK_SECURITY\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"FRAMEWORK_SECURITY\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error "conditional \"FRAMEWORK_SECURITY\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${el_compat_TRUE}" && test -z "${el_compat_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"el_compat\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"el_compat\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } +if test -z "${LIBEDIT_TRUE}" && test -z "${LIBEDIT_FALSE}"; then + as_fn_error "conditional \"LIBEDIT\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${COM_ERR_TRUE}" && test -z "${COM_ERR_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"COM_ERR\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"COM_ERR\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error "conditional \"COM_ERR\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${HEIMDAL_DOCUMENTATION_TRUE}" && test -z "${HEIMDAL_DOCUMENTATION_FALSE}"; then + as_fn_error "conditional \"HEIMDAL_DOCUMENTATION\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi : ${CONFIG_STATUS=./config.status} +ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" -{ echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5 -echo "$as_me: creating $CONFIG_STATUS" >&6;} -cat >$CONFIG_STATUS <<_ACEOF +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 +$as_echo "$as_me: creating $CONFIG_STATUS" >&6;} +as_write_fail=0 +cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 #! $SHELL # Generated by $as_me. # Run this file to recreate the current configuration. @@ -52932,59 +28813,79 @@ cat >$CONFIG_STATUS <<_ACEOF debug=false ac_cs_recheck=false ac_cs_silent=false -SHELL=\${CONFIG_SHELL-$SHELL} -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF -## --------------------- ## -## M4sh Initialization. ## -## --------------------- ## +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; esac - fi - - -# PATH needs CR -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then - echo "#! /bin/sh" >conf$$.sh - echo "exit 0" >>conf$$.sh - chmod +x conf$$.sh - if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then - PATH_SEPARATOR=';' - else - PATH_SEPARATOR=: - fi - rm -f conf$$.sh -fi - -# Support unset when possible. -if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then - as_unset=unset -else - as_unset=false + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } fi @@ -52993,20 +28894,18 @@ fi # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) -as_nl=' -' IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. -case $0 in +case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break -done + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done IFS=$as_save_IFS ;; @@ -53017,32 +28916,111 @@ if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then - echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - { (exit 1); exit 1; } + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 fi -# Work around bugs in pre-3.0 UWIN ksh. -for as_var in ENV MAIL MAILPATH -do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. -for as_var in \ - LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ - LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ - LC_TELEPHONE LC_TIME -do - if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then - eval $as_var=C; export $as_var - else - ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var - fi -done +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + + +# as_fn_error ERROR [LINENO LOG_FD] +# --------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with status $?, using 1 if that was 0. +as_fn_error () +{ + as_status=$?; test $as_status -eq 0 && as_status=1 + if test "$3"; then + as_lineno=${as_lineno-"$2"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $1" >&$3 + fi + $as_echo "$as_me: error: $1" >&2 + as_fn_exit $as_status +} # as_fn_error + + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + -# Required to use basename. if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr @@ -53056,13 +29034,17 @@ else as_basename=false fi +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi -# Name of the executable. as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || -echo X/"$0" | +$as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q @@ -53077,104 +29059,103 @@ echo X/"$0" | } s/.*/./; q'` -# CDPATH. -$as_unset CDPATH - - - - as_lineno_1=$LINENO - as_lineno_2=$LINENO - test "x$as_lineno_1" != "x$as_lineno_2" && - test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2" || { - - # Create $as_me.lineno as a copy of $as_myself, but with $LINENO - # uniformly replaced by the line number. The first 'sed' inserts a - # line-number line after each line using $LINENO; the second 'sed' - # does the real work. The second script uses 'N' to pair each - # line-number line with the line containing $LINENO, and appends - # trailing '-' during substitution so that $LINENO is not a special - # case at line end. - # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the - # scripts with optimization help from Paolo Bonzini. Blame Lee - # E. McMahon (1931-1989) for sed's syntax. :-) - sed -n ' - p - /[$]LINENO/= - ' <$as_myself | - sed ' - s/[$]LINENO.*/&-/ - t lineno - b - :lineno - N - :loop - s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ - t loop - s/-\n.*// - ' >$as_me.lineno && - chmod +x "$as_me.lineno" || - { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2 - { (exit 1); exit 1; }; } - - # Don't try to exec as it changes $[0], causing all sort of problems - # (the dirname of $[0] is not the place where we might find the - # original and so on. Autoconf is especially sensitive to this). - . "./$as_me.lineno" - # Exit status is that of the last command. - exit -} - - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in +case `echo -n x` in #((((( -n*) - case `echo 'x\c'` in + case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. - *) ECHO_C='\c';; + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir - mkdir conf$$.dir + mkdir conf$$.dir 2>/dev/null fi -echo >conf$$.file -if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -p'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -p' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else as_ln_s='cp -p' -elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln + fi else as_ln_s='cp -p' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error "cannot create directory $as_dir" + + +} # as_fn_mkdir_p if mkdir -p . 2>/dev/null; then - as_mkdir_p=: + as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false @@ -53191,12 +29172,12 @@ else as_test_x=' eval sh -c '\'' if test -d "$1"; then - test -d "$1/."; + test -d "$1/."; else - case $1 in - -*)set "./$1";; + case $1 in #( + -*)set "./$1";; esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( ???[sx]*):;;*)false;;esac;fi '\'' sh ' @@ -53211,13 +29192,19 @@ as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" exec 6>&1 +## ----------------------------------- ## +## Main body of $CONFIG_STATUS script. ## +## ----------------------------------- ## +_ASEOF +test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 -# Save the log message, to keep $[0] and so on meaningful, and to +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by Heimdal $as_me 1.1, which was -generated by GNU Autoconf 2.61. Invocation command line was +This file was extended by Heimdal $as_me 1.5, which was +generated by GNU Autoconf 2.65. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -53230,29 +29217,42 @@ on `(hostname || uname -n) 2>/dev/null | sed 1q` _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +case $ac_config_files in *" +"*) set x $ac_config_files; shift; ac_config_files=$*;; +esac + +case $ac_config_headers in *" +"*) set x $ac_config_headers; shift; ac_config_headers=$*;; +esac + + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # Files that config.status was made for. config_files="$ac_config_files" config_headers="$ac_config_headers" +config_commands="$ac_config_commands" _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 ac_cs_usage="\ -\`$as_me' instantiates files from templates according to the -current configuration. +\`$as_me' instantiates files and other configuration actions +from templates according to the current configuration. Unless the files +and actions are specified as TAGs, all are instantiated by default. -Usage: $0 [OPTIONS] [FILE]... +Usage: $0 [OPTION]... [TAG]... -h, --help print this help, then exit -V, --version print version number and configuration settings, then exit - -q, --quiet do not print progress messages + --config print configuration, then exit + -q, --quiet, --silent + do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions - --file=FILE[:TEMPLATE] - instantiate the configuration file FILE - --header=FILE[:TEMPLATE] - instantiate the configuration header FILE + --file=FILE[:TEMPLATE] + instantiate the configuration file FILE + --header=FILE[:TEMPLATE] + instantiate the configuration header FILE Configuration files: $config_files @@ -53260,16 +29260,20 @@ $config_files Configuration headers: $config_headers -Report bugs to ." +Configuration commands: +$config_commands + +Report bugs to ." _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -Heimdal config.status 1.1 -configured by $0, generated by GNU Autoconf 2.61, - with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" +Heimdal config.status 1.5 +configured by $0, generated by GNU Autoconf 2.65, + with options \\"\$ac_cs_config\\" -Copyright (C) 2006 Free Software Foundation, Inc. +Copyright (C) 2009 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -53277,11 +29281,12 @@ ac_pwd='$ac_pwd' srcdir='$srcdir' INSTALL='$INSTALL' MKDIR_P='$MKDIR_P' +AWK='$AWK' +test -n "\$AWK" || AWK=awk _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF -# If no file are specified by the user, then we need to provide default -# value. By we need to know if files were specified by the user. +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# The default lists apply if the user does not specify any file. ac_need_defaults=: while test $# != 0 do @@ -53303,34 +29308,40 @@ do -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) - echo "$ac_cs_version"; exit ;; + $as_echo "$ac_cs_version"; exit ;; + --config | --confi | --conf | --con | --co | --c ) + $as_echo "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift - CONFIG_FILES="$CONFIG_FILES $ac_optarg" + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + as_fn_append CONFIG_FILES " '$ac_optarg'" ac_need_defaults=false;; --header | --heade | --head | --hea ) $ac_shift - CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg" + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + as_fn_append CONFIG_HEADERS " '$ac_optarg'" ac_need_defaults=false;; --he | --h) # Conflict between --help and --header - { echo "$as_me: error: ambiguous option: $1 -Try \`$0 --help' for more information." >&2 - { (exit 1); exit 1; }; };; + as_fn_error "ambiguous option: \`$1' +Try \`$0 --help' for more information.";; --help | --hel | -h ) - echo "$ac_cs_usage"; exit ;; + $as_echo "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; # This is an error. - -*) { echo "$as_me: error: unrecognized option: $1 -Try \`$0 --help' for more information." >&2 - { (exit 1); exit 1; }; } ;; + -*) as_fn_error "unrecognized option: \`$1' +Try \`$0 --help' for more information." ;; - *) ac_config_targets="$ac_config_targets $1" + *) as_fn_append ac_config_targets " $1" ac_need_defaults=false ;; esac @@ -53345,36 +29356,322 @@ if $ac_cs_silent; then fi _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then - echo "running CONFIG_SHELL=$SHELL $SHELL $0 "$ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6 - CONFIG_SHELL=$SHELL + set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + shift + \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 + CONFIG_SHELL='$SHELL' export CONFIG_SHELL - exec $SHELL "$0"$ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + exec "\$@" fi _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 exec 5>>config.log { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX - echo "$ac_log" + $as_echo "$ac_log" } >&5 _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +# +# INIT-COMMANDS +# +AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir" + + +# The HP-UX ksh and POSIX shell print the target directory to stdout +# if CDPATH is set. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +sed_quote_subst='$sed_quote_subst' +double_quote_subst='$double_quote_subst' +delay_variable_subst='$delay_variable_subst' +macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`' +macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`' +enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`' +enable_static='`$ECHO "$enable_static" | $SED "$delay_single_quote_subst"`' +pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`' +enable_fast_install='`$ECHO "$enable_fast_install" | $SED "$delay_single_quote_subst"`' +SHELL='`$ECHO "$SHELL" | $SED "$delay_single_quote_subst"`' +ECHO='`$ECHO "$ECHO" | $SED "$delay_single_quote_subst"`' +host_alias='`$ECHO "$host_alias" | $SED "$delay_single_quote_subst"`' +host='`$ECHO "$host" | $SED "$delay_single_quote_subst"`' +host_os='`$ECHO "$host_os" | $SED "$delay_single_quote_subst"`' +build_alias='`$ECHO "$build_alias" | $SED "$delay_single_quote_subst"`' +build='`$ECHO "$build" | $SED "$delay_single_quote_subst"`' +build_os='`$ECHO "$build_os" | $SED "$delay_single_quote_subst"`' +SED='`$ECHO "$SED" | $SED "$delay_single_quote_subst"`' +Xsed='`$ECHO "$Xsed" | $SED "$delay_single_quote_subst"`' +GREP='`$ECHO "$GREP" | $SED "$delay_single_quote_subst"`' +EGREP='`$ECHO "$EGREP" | $SED "$delay_single_quote_subst"`' +FGREP='`$ECHO "$FGREP" | $SED "$delay_single_quote_subst"`' +LD='`$ECHO "$LD" | $SED "$delay_single_quote_subst"`' +NM='`$ECHO "$NM" | $SED "$delay_single_quote_subst"`' +LN_S='`$ECHO "$LN_S" | $SED "$delay_single_quote_subst"`' +max_cmd_len='`$ECHO "$max_cmd_len" | $SED "$delay_single_quote_subst"`' +ac_objext='`$ECHO "$ac_objext" | $SED "$delay_single_quote_subst"`' +exeext='`$ECHO "$exeext" | $SED "$delay_single_quote_subst"`' +lt_unset='`$ECHO "$lt_unset" | $SED "$delay_single_quote_subst"`' +lt_SP2NL='`$ECHO "$lt_SP2NL" | $SED "$delay_single_quote_subst"`' +lt_NL2SP='`$ECHO "$lt_NL2SP" | $SED "$delay_single_quote_subst"`' +lt_cv_to_host_file_cmd='`$ECHO "$lt_cv_to_host_file_cmd" | $SED "$delay_single_quote_subst"`' +lt_cv_to_tool_file_cmd='`$ECHO "$lt_cv_to_tool_file_cmd" | $SED "$delay_single_quote_subst"`' +reload_flag='`$ECHO "$reload_flag" | $SED "$delay_single_quote_subst"`' +reload_cmds='`$ECHO "$reload_cmds" | $SED "$delay_single_quote_subst"`' +OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`' +deplibs_check_method='`$ECHO "$deplibs_check_method" | $SED "$delay_single_quote_subst"`' +file_magic_cmd='`$ECHO "$file_magic_cmd" | $SED "$delay_single_quote_subst"`' +file_magic_glob='`$ECHO "$file_magic_glob" | $SED "$delay_single_quote_subst"`' +want_nocaseglob='`$ECHO "$want_nocaseglob" | $SED "$delay_single_quote_subst"`' +DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`' +sharedlib_from_linklib_cmd='`$ECHO "$sharedlib_from_linklib_cmd" | $SED "$delay_single_quote_subst"`' +AR='`$ECHO "$AR" | $SED "$delay_single_quote_subst"`' +AR_FLAGS='`$ECHO "$AR_FLAGS" | $SED "$delay_single_quote_subst"`' +archiver_list_spec='`$ECHO "$archiver_list_spec" | $SED "$delay_single_quote_subst"`' +STRIP='`$ECHO "$STRIP" | $SED "$delay_single_quote_subst"`' +RANLIB='`$ECHO "$RANLIB" | $SED "$delay_single_quote_subst"`' +old_postinstall_cmds='`$ECHO "$old_postinstall_cmds" | $SED "$delay_single_quote_subst"`' +old_postuninstall_cmds='`$ECHO "$old_postuninstall_cmds" | $SED "$delay_single_quote_subst"`' +old_archive_cmds='`$ECHO "$old_archive_cmds" | $SED "$delay_single_quote_subst"`' +lock_old_archive_extraction='`$ECHO "$lock_old_archive_extraction" | $SED "$delay_single_quote_subst"`' +CC='`$ECHO "$CC" | $SED "$delay_single_quote_subst"`' +CFLAGS='`$ECHO "$CFLAGS" | $SED "$delay_single_quote_subst"`' +compiler='`$ECHO "$compiler" | $SED "$delay_single_quote_subst"`' +GCC='`$ECHO "$GCC" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_pipe='`$ECHO "$lt_cv_sys_global_symbol_pipe" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_to_cdecl='`$ECHO "$lt_cv_sys_global_symbol_to_cdecl" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_to_c_name_address='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address_lib_prefix" | $SED "$delay_single_quote_subst"`' +nm_file_list_spec='`$ECHO "$nm_file_list_spec" | $SED "$delay_single_quote_subst"`' +lt_sysroot='`$ECHO "$lt_sysroot" | $SED "$delay_single_quote_subst"`' +objdir='`$ECHO "$objdir" | $SED "$delay_single_quote_subst"`' +MAGIC_CMD='`$ECHO "$MAGIC_CMD" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_no_builtin_flag='`$ECHO "$lt_prog_compiler_no_builtin_flag" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_pic='`$ECHO "$lt_prog_compiler_pic" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_wl='`$ECHO "$lt_prog_compiler_wl" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_static='`$ECHO "$lt_prog_compiler_static" | $SED "$delay_single_quote_subst"`' +lt_cv_prog_compiler_c_o='`$ECHO "$lt_cv_prog_compiler_c_o" | $SED "$delay_single_quote_subst"`' +need_locks='`$ECHO "$need_locks" | $SED "$delay_single_quote_subst"`' +MANIFEST_TOOL='`$ECHO "$MANIFEST_TOOL" | $SED "$delay_single_quote_subst"`' +DSYMUTIL='`$ECHO "$DSYMUTIL" | $SED "$delay_single_quote_subst"`' +NMEDIT='`$ECHO "$NMEDIT" | $SED "$delay_single_quote_subst"`' +LIPO='`$ECHO "$LIPO" | $SED "$delay_single_quote_subst"`' +OTOOL='`$ECHO "$OTOOL" | $SED "$delay_single_quote_subst"`' +OTOOL64='`$ECHO "$OTOOL64" | $SED "$delay_single_quote_subst"`' +libext='`$ECHO "$libext" | $SED "$delay_single_quote_subst"`' +shrext_cmds='`$ECHO "$shrext_cmds" | $SED "$delay_single_quote_subst"`' +extract_expsyms_cmds='`$ECHO "$extract_expsyms_cmds" | $SED "$delay_single_quote_subst"`' +archive_cmds_need_lc='`$ECHO "$archive_cmds_need_lc" | $SED "$delay_single_quote_subst"`' +enable_shared_with_static_runtimes='`$ECHO "$enable_shared_with_static_runtimes" | $SED "$delay_single_quote_subst"`' +export_dynamic_flag_spec='`$ECHO "$export_dynamic_flag_spec" | $SED "$delay_single_quote_subst"`' +whole_archive_flag_spec='`$ECHO "$whole_archive_flag_spec" | $SED "$delay_single_quote_subst"`' +compiler_needs_object='`$ECHO "$compiler_needs_object" | $SED "$delay_single_quote_subst"`' +old_archive_from_new_cmds='`$ECHO "$old_archive_from_new_cmds" | $SED "$delay_single_quote_subst"`' +old_archive_from_expsyms_cmds='`$ECHO "$old_archive_from_expsyms_cmds" | $SED "$delay_single_quote_subst"`' +archive_cmds='`$ECHO "$archive_cmds" | $SED "$delay_single_quote_subst"`' +archive_expsym_cmds='`$ECHO "$archive_expsym_cmds" | $SED "$delay_single_quote_subst"`' +module_cmds='`$ECHO "$module_cmds" | $SED "$delay_single_quote_subst"`' +module_expsym_cmds='`$ECHO "$module_expsym_cmds" | $SED "$delay_single_quote_subst"`' +with_gnu_ld='`$ECHO "$with_gnu_ld" | $SED "$delay_single_quote_subst"`' +allow_undefined_flag='`$ECHO "$allow_undefined_flag" | $SED "$delay_single_quote_subst"`' +no_undefined_flag='`$ECHO "$no_undefined_flag" | $SED "$delay_single_quote_subst"`' +hardcode_libdir_flag_spec='`$ECHO "$hardcode_libdir_flag_spec" | $SED "$delay_single_quote_subst"`' +hardcode_libdir_flag_spec_ld='`$ECHO "$hardcode_libdir_flag_spec_ld" | $SED "$delay_single_quote_subst"`' +hardcode_libdir_separator='`$ECHO "$hardcode_libdir_separator" | $SED "$delay_single_quote_subst"`' +hardcode_direct='`$ECHO "$hardcode_direct" | $SED "$delay_single_quote_subst"`' +hardcode_direct_absolute='`$ECHO "$hardcode_direct_absolute" | $SED "$delay_single_quote_subst"`' +hardcode_minus_L='`$ECHO "$hardcode_minus_L" | $SED "$delay_single_quote_subst"`' +hardcode_shlibpath_var='`$ECHO "$hardcode_shlibpath_var" | $SED "$delay_single_quote_subst"`' +hardcode_automatic='`$ECHO "$hardcode_automatic" | $SED "$delay_single_quote_subst"`' +inherit_rpath='`$ECHO "$inherit_rpath" | $SED "$delay_single_quote_subst"`' +link_all_deplibs='`$ECHO "$link_all_deplibs" | $SED "$delay_single_quote_subst"`' +always_export_symbols='`$ECHO "$always_export_symbols" | $SED "$delay_single_quote_subst"`' +export_symbols_cmds='`$ECHO "$export_symbols_cmds" | $SED "$delay_single_quote_subst"`' +exclude_expsyms='`$ECHO "$exclude_expsyms" | $SED "$delay_single_quote_subst"`' +include_expsyms='`$ECHO "$include_expsyms" | $SED "$delay_single_quote_subst"`' +prelink_cmds='`$ECHO "$prelink_cmds" | $SED "$delay_single_quote_subst"`' +postlink_cmds='`$ECHO "$postlink_cmds" | $SED "$delay_single_quote_subst"`' +file_list_spec='`$ECHO "$file_list_spec" | $SED "$delay_single_quote_subst"`' +variables_saved_for_relink='`$ECHO "$variables_saved_for_relink" | $SED "$delay_single_quote_subst"`' +need_lib_prefix='`$ECHO "$need_lib_prefix" | $SED "$delay_single_quote_subst"`' +need_version='`$ECHO "$need_version" | $SED "$delay_single_quote_subst"`' +version_type='`$ECHO "$version_type" | $SED "$delay_single_quote_subst"`' +runpath_var='`$ECHO "$runpath_var" | $SED "$delay_single_quote_subst"`' +shlibpath_var='`$ECHO "$shlibpath_var" | $SED "$delay_single_quote_subst"`' +shlibpath_overrides_runpath='`$ECHO "$shlibpath_overrides_runpath" | $SED "$delay_single_quote_subst"`' +libname_spec='`$ECHO "$libname_spec" | $SED "$delay_single_quote_subst"`' +library_names_spec='`$ECHO "$library_names_spec" | $SED "$delay_single_quote_subst"`' +soname_spec='`$ECHO "$soname_spec" | $SED "$delay_single_quote_subst"`' +install_override_mode='`$ECHO "$install_override_mode" | $SED "$delay_single_quote_subst"`' +postinstall_cmds='`$ECHO "$postinstall_cmds" | $SED "$delay_single_quote_subst"`' +postuninstall_cmds='`$ECHO "$postuninstall_cmds" | $SED "$delay_single_quote_subst"`' +finish_cmds='`$ECHO "$finish_cmds" | $SED "$delay_single_quote_subst"`' +finish_eval='`$ECHO "$finish_eval" | $SED "$delay_single_quote_subst"`' +hardcode_into_libs='`$ECHO "$hardcode_into_libs" | $SED "$delay_single_quote_subst"`' +sys_lib_search_path_spec='`$ECHO "$sys_lib_search_path_spec" | $SED "$delay_single_quote_subst"`' +sys_lib_dlsearch_path_spec='`$ECHO "$sys_lib_dlsearch_path_spec" | $SED "$delay_single_quote_subst"`' +hardcode_action='`$ECHO "$hardcode_action" | $SED "$delay_single_quote_subst"`' +enable_dlopen='`$ECHO "$enable_dlopen" | $SED "$delay_single_quote_subst"`' +enable_dlopen_self='`$ECHO "$enable_dlopen_self" | $SED "$delay_single_quote_subst"`' +enable_dlopen_self_static='`$ECHO "$enable_dlopen_self_static" | $SED "$delay_single_quote_subst"`' +old_striplib='`$ECHO "$old_striplib" | $SED "$delay_single_quote_subst"`' +striplib='`$ECHO "$striplib" | $SED "$delay_single_quote_subst"`' + +LTCC='$LTCC' +LTCFLAGS='$LTCFLAGS' +compiler='$compiler_DEFAULT' + +# A function that is used when there is no print builtin or printf. +func_fallback_echo () +{ + eval 'cat <<_LTECHO_EOF +\$1 +_LTECHO_EOF' +} + +# Quote evaled strings. +for var in SHELL \ +ECHO \ +SED \ +GREP \ +EGREP \ +FGREP \ +LD \ +NM \ +LN_S \ +lt_SP2NL \ +lt_NL2SP \ +reload_flag \ +OBJDUMP \ +deplibs_check_method \ +file_magic_cmd \ +file_magic_glob \ +want_nocaseglob \ +DLLTOOL \ +sharedlib_from_linklib_cmd \ +AR \ +AR_FLAGS \ +archiver_list_spec \ +STRIP \ +RANLIB \ +CC \ +CFLAGS \ +compiler \ +lt_cv_sys_global_symbol_pipe \ +lt_cv_sys_global_symbol_to_cdecl \ +lt_cv_sys_global_symbol_to_c_name_address \ +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix \ +nm_file_list_spec \ +lt_prog_compiler_no_builtin_flag \ +lt_prog_compiler_pic \ +lt_prog_compiler_wl \ +lt_prog_compiler_static \ +lt_cv_prog_compiler_c_o \ +need_locks \ +MANIFEST_TOOL \ +DSYMUTIL \ +NMEDIT \ +LIPO \ +OTOOL \ +OTOOL64 \ +shrext_cmds \ +export_dynamic_flag_spec \ +whole_archive_flag_spec \ +compiler_needs_object \ +with_gnu_ld \ +allow_undefined_flag \ +no_undefined_flag \ +hardcode_libdir_flag_spec \ +hardcode_libdir_flag_spec_ld \ +hardcode_libdir_separator \ +exclude_expsyms \ +include_expsyms \ +file_list_spec \ +variables_saved_for_relink \ +libname_spec \ +library_names_spec \ +soname_spec \ +install_override_mode \ +finish_eval \ +old_striplib \ +striplib; do + case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in + *[\\\\\\\`\\"\\\$]*) + eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" + ;; + *) + eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" + ;; + esac +done + +# Double-quote double-evaled strings. +for var in reload_cmds \ +old_postinstall_cmds \ +old_postuninstall_cmds \ +old_archive_cmds \ +extract_expsyms_cmds \ +old_archive_from_new_cmds \ +old_archive_from_expsyms_cmds \ +archive_cmds \ +archive_expsym_cmds \ +module_cmds \ +module_expsym_cmds \ +export_symbols_cmds \ +prelink_cmds \ +postlink_cmds \ +postinstall_cmds \ +postuninstall_cmds \ +finish_cmds \ +sys_lib_search_path_spec \ +sys_lib_dlsearch_path_spec; do + case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in + *[\\\\\\\`\\"\\\$]*) + eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" + ;; + *) + eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" + ;; + esac +done + +ac_aux_dir='$ac_aux_dir' +xsi_shell='$xsi_shell' +lt_shell_append='$lt_shell_append' + +# See if we are running on zsh, and set the options which allow our +# commands through without removal of \ escapes INIT. +if test -n "\${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST +fi + + + PACKAGE='$PACKAGE' + VERSION='$VERSION' + TIMESTAMP='$TIMESTAMP' + RM='$RM' + ofile='$ofile' + + + + _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Handling of arguments. for ac_config_target in $ac_config_targets do case $ac_config_target in "include/config.h") CONFIG_HEADERS="$CONFIG_HEADERS include/config.h" ;; + "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;; + "libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;; "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; "etc/Makefile") CONFIG_FILES="$CONFIG_FILES etc/Makefile" ;; "include/Makefile") CONFIG_FILES="$CONFIG_FILES include/Makefile" ;; @@ -53382,19 +29679,15 @@ do "include/hcrypto/Makefile") CONFIG_FILES="$CONFIG_FILES include/hcrypto/Makefile" ;; "include/kadm5/Makefile") CONFIG_FILES="$CONFIG_FILES include/kadm5/Makefile" ;; "lib/Makefile") CONFIG_FILES="$CONFIG_FILES lib/Makefile" ;; - "lib/45/Makefile") CONFIG_FILES="$CONFIG_FILES lib/45/Makefile" ;; - "lib/auth/Makefile") CONFIG_FILES="$CONFIG_FILES lib/auth/Makefile" ;; - "lib/auth/afskauthlib/Makefile") CONFIG_FILES="$CONFIG_FILES lib/auth/afskauthlib/Makefile" ;; - "lib/auth/pam/Makefile") CONFIG_FILES="$CONFIG_FILES lib/auth/pam/Makefile" ;; - "lib/auth/sia/Makefile") CONFIG_FILES="$CONFIG_FILES lib/auth/sia/Makefile" ;; + "base/Makefile") CONFIG_FILES="$CONFIG_FILES base/Makefile" ;; "lib/asn1/Makefile") CONFIG_FILES="$CONFIG_FILES lib/asn1/Makefile" ;; "lib/com_err/Makefile") CONFIG_FILES="$CONFIG_FILES lib/com_err/Makefile" ;; "lib/hcrypto/Makefile") CONFIG_FILES="$CONFIG_FILES lib/hcrypto/Makefile" ;; - "lib/editline/Makefile") CONFIG_FILES="$CONFIG_FILES lib/editline/Makefile" ;; "lib/hx509/Makefile") CONFIG_FILES="$CONFIG_FILES lib/hx509/Makefile" ;; "lib/gssapi/Makefile") CONFIG_FILES="$CONFIG_FILES lib/gssapi/Makefile" ;; "lib/ntlm/Makefile") CONFIG_FILES="$CONFIG_FILES lib/ntlm/Makefile" ;; "lib/hdb/Makefile") CONFIG_FILES="$CONFIG_FILES lib/hdb/Makefile" ;; + "lib/ipc/Makefile") CONFIG_FILES="$CONFIG_FILES lib/ipc/Makefile" ;; "lib/kadm5/Makefile") CONFIG_FILES="$CONFIG_FILES lib/kadm5/Makefile" ;; "lib/kafs/Makefile") CONFIG_FILES="$CONFIG_FILES lib/kafs/Makefile" ;; "lib/kdfs/Makefile") CONFIG_FILES="$CONFIG_FILES lib/kdfs/Makefile" ;; @@ -53402,7 +29695,10 @@ do "lib/otp/Makefile") CONFIG_FILES="$CONFIG_FILES lib/otp/Makefile" ;; "lib/roken/Makefile") CONFIG_FILES="$CONFIG_FILES lib/roken/Makefile" ;; "lib/sl/Makefile") CONFIG_FILES="$CONFIG_FILES lib/sl/Makefile" ;; + "lib/sqlite/Makefile") CONFIG_FILES="$CONFIG_FILES lib/sqlite/Makefile" ;; "lib/vers/Makefile") CONFIG_FILES="$CONFIG_FILES lib/vers/Makefile" ;; + "lib/wind/Makefile") CONFIG_FILES="$CONFIG_FILES lib/wind/Makefile" ;; + "po/Makefile") CONFIG_FILES="$CONFIG_FILES po/Makefile" ;; "kuser/Makefile") CONFIG_FILES="$CONFIG_FILES kuser/Makefile" ;; "kpasswd/Makefile") CONFIG_FILES="$CONFIG_FILES kpasswd/Makefile" ;; "kadmin/Makefile") CONFIG_FILES="$CONFIG_FILES kadmin/Makefile" ;; @@ -53433,6 +29729,7 @@ do "appl/kf/Makefile") CONFIG_FILES="$CONFIG_FILES appl/kf/Makefile" ;; "appl/dceutils/Makefile") CONFIG_FILES="$CONFIG_FILES appl/dceutils/Makefile" ;; "tests/Makefile") CONFIG_FILES="$CONFIG_FILES tests/Makefile" ;; + "tests/bin/Makefile") CONFIG_FILES="$CONFIG_FILES tests/bin/Makefile" ;; "tests/can/Makefile") CONFIG_FILES="$CONFIG_FILES tests/can/Makefile" ;; "tests/db/Makefile") CONFIG_FILES="$CONFIG_FILES tests/db/Makefile" ;; "tests/kdc/Makefile") CONFIG_FILES="$CONFIG_FILES tests/kdc/Makefile" ;; @@ -53442,13 +29739,10 @@ do "tests/plugin/Makefile") CONFIG_FILES="$CONFIG_FILES tests/plugin/Makefile" ;; "packages/Makefile") CONFIG_FILES="$CONFIG_FILES packages/Makefile" ;; "packages/mac/Makefile") CONFIG_FILES="$CONFIG_FILES packages/mac/Makefile" ;; - "packages/debian/Makefile") CONFIG_FILES="$CONFIG_FILES packages/debian/Makefile" ;; "doc/Makefile") CONFIG_FILES="$CONFIG_FILES doc/Makefile" ;; "tools/Makefile") CONFIG_FILES="$CONFIG_FILES tools/Makefile" ;; - *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 -echo "$as_me: error: invalid argument: $ac_config_target" >&2;} - { (exit 1); exit 1; }; };; + *) as_fn_error "invalid argument: \`$ac_config_target'" "$LINENO" 5;; esac done @@ -53460,6 +29754,7 @@ done if $ac_need_defaults; then test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers + test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands fi # Have a temporary directory for convenience. Make it in the build tree @@ -53474,7 +29769,7 @@ $debug || trap 'exit_status=$? { test -z "$tmp" || test ! -d "$tmp" || rm -fr "$tmp"; } && exit $exit_status ' 0 - trap '{ (exit 1); exit 1; }' 1 2 13 15 + trap 'as_fn_exit 1' 1 2 13 15 } # Create a (secure) tmp directory for tmp files. @@ -53485,398 +29780,140 @@ $debug || { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") -} || -{ - echo "$me: cannot create a temporary directory in ." >&2 - { (exit 1); exit 1; } -} +} || as_fn_error "cannot create a temporary directory in ." "$LINENO" 5 -# -# Set up the sed scripts for CONFIG_FILES section. -# - -# No need to generate the scripts if there are no CONFIG_FILES. -# This happens for instance when ./config.status config.h +# Set up the scripts for CONFIG_FILES section. +# No need to generate them if there are no CONFIG_FILES. +# This happens for instance with `./config.status config.h'. if test -n "$CONFIG_FILES"; then + +ac_cr=`echo X | tr X '\015'` +# On cygwin, bash can eat \r inside `` if the user requested igncr. +# But we know of no other shell where ac_cr would be empty at this +# point, so we can use a bashism as a fallback. +if test "x$ac_cr" = x; then + eval ac_cr=\$\'\\r\' +fi +ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` +if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then + ac_cs_awk_cr='\r' +else + ac_cs_awk_cr=$ac_cr +fi + +echo 'BEGIN {' >"$tmp/subs1.awk" && _ACEOF - +{ + echo "cat >conf$$subs.awk <<_ACEOF" && + echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && + echo "_ACEOF" +} >conf$$subs.sh || + as_fn_error "could not make $CONFIG_STATUS" "$LINENO" 5 +ac_delim_num=`echo "$ac_subst_vars" | grep -c '$'` ac_delim='%!_!# ' for ac_last_try in false false false false false :; do - cat >conf$$subs.sed <<_ACEOF -SHELL!$SHELL$ac_delim -PATH_SEPARATOR!$PATH_SEPARATOR$ac_delim -PACKAGE_NAME!$PACKAGE_NAME$ac_delim -PACKAGE_TARNAME!$PACKAGE_TARNAME$ac_delim -PACKAGE_VERSION!$PACKAGE_VERSION$ac_delim -PACKAGE_STRING!$PACKAGE_STRING$ac_delim -PACKAGE_BUGREPORT!$PACKAGE_BUGREPORT$ac_delim -exec_prefix!$exec_prefix$ac_delim -prefix!$prefix$ac_delim -program_transform_name!$program_transform_name$ac_delim -bindir!$bindir$ac_delim -sbindir!$sbindir$ac_delim -libexecdir!$libexecdir$ac_delim -datarootdir!$datarootdir$ac_delim -datadir!$datadir$ac_delim -sysconfdir!$sysconfdir$ac_delim -sharedstatedir!$sharedstatedir$ac_delim -localstatedir!$localstatedir$ac_delim -includedir!$includedir$ac_delim -oldincludedir!$oldincludedir$ac_delim -docdir!$docdir$ac_delim -infodir!$infodir$ac_delim -htmldir!$htmldir$ac_delim -dvidir!$dvidir$ac_delim -pdfdir!$pdfdir$ac_delim -psdir!$psdir$ac_delim -libdir!$libdir$ac_delim -localedir!$localedir$ac_delim -mandir!$mandir$ac_delim -DEFS!$DEFS$ac_delim -ECHO_C!$ECHO_C$ac_delim -ECHO_N!$ECHO_N$ac_delim -ECHO_T!$ECHO_T$ac_delim -LIBS!$LIBS$ac_delim -build_alias!$build_alias$ac_delim -host_alias!$host_alias$ac_delim -target_alias!$target_alias$ac_delim -INSTALL_PROGRAM!$INSTALL_PROGRAM$ac_delim -INSTALL_SCRIPT!$INSTALL_SCRIPT$ac_delim -INSTALL_DATA!$INSTALL_DATA$ac_delim -am__isrc!$am__isrc$ac_delim -CYGPATH_W!$CYGPATH_W$ac_delim -PACKAGE!$PACKAGE$ac_delim -VERSION!$VERSION$ac_delim -ACLOCAL!$ACLOCAL$ac_delim -AUTOCONF!$AUTOCONF$ac_delim -AUTOMAKE!$AUTOMAKE$ac_delim -AUTOHEADER!$AUTOHEADER$ac_delim -MAKEINFO!$MAKEINFO$ac_delim -install_sh!$install_sh$ac_delim -STRIP!$STRIP$ac_delim -INSTALL_STRIP_PROGRAM!$INSTALL_STRIP_PROGRAM$ac_delim -mkdir_p!$mkdir_p$ac_delim -AWK!$AWK$ac_delim -SET_MAKE!$SET_MAKE$ac_delim -am__leading_dot!$am__leading_dot$ac_delim -AMTAR!$AMTAR$ac_delim -am__tar!$am__tar$ac_delim -am__untar!$am__untar$ac_delim -MAINTAINER_MODE_TRUE!$MAINTAINER_MODE_TRUE$ac_delim -MAINTAINER_MODE_FALSE!$MAINTAINER_MODE_FALSE$ac_delim -MAINT!$MAINT$ac_delim -CC!$CC$ac_delim -CFLAGS!$CFLAGS$ac_delim -LDFLAGS!$LDFLAGS$ac_delim -CPPFLAGS!$CPPFLAGS$ac_delim -ac_ct_CC!$ac_ct_CC$ac_delim -EXEEXT!$EXEEXT$ac_delim -OBJEXT!$OBJEXT$ac_delim -CPP!$CPP$ac_delim -build!$build$ac_delim -build_cpu!$build_cpu$ac_delim -build_vendor!$build_vendor$ac_delim -build_os!$build_os$ac_delim -host!$host$ac_delim -host_cpu!$host_cpu$ac_delim -host_vendor!$host_vendor$ac_delim -host_os!$host_os$ac_delim -CANONICAL_HOST!$CANONICAL_HOST$ac_delim -YACC!$YACC$ac_delim -YFLAGS!$YFLAGS$ac_delim -LEX!$LEX$ac_delim -LEX_OUTPUT_ROOT!$LEX_OUTPUT_ROOT$ac_delim -LEXLIB!$LEXLIB$ac_delim -LN_S!$LN_S$ac_delim -GREP!$GREP$ac_delim -EGREP!$EGREP$ac_delim -ECHO!$ECHO$ac_delim -AR!$AR$ac_delim -RANLIB!$RANLIB$ac_delim -CXX!$CXX$ac_delim -CXXFLAGS!$CXXFLAGS$ac_delim -ac_ct_CXX!$ac_ct_CXX$ac_delim -CXXCPP!$CXXCPP$ac_delim -F77!$F77$ac_delim -FFLAGS!$FFLAGS$ac_delim -ac_ct_F77!$ac_ct_F77$ac_delim -_ACEOF + . ./conf$$subs.sh || + as_fn_error "could not make $CONFIG_STATUS" "$LINENO" 5 - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then + ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` + if test $ac_delim_n = $ac_delim_num; then break elif $ac_last_try; then - { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 -echo "$as_me: error: could not make $CONFIG_STATUS" >&2;} - { (exit 1); exit 1; }; } + as_fn_error "could not make $CONFIG_STATUS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done +rm -f conf$$subs.sh -ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed` -if test -n "$ac_eof"; then - ac_eof=`echo "$ac_eof" | sort -nru | sed 1q` - ac_eof=`expr $ac_eof + 1` -fi - -cat >>$CONFIG_STATUS <<_ACEOF -cat >"\$tmp/subs-1.sed" <<\CEOF$ac_eof -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +cat >>"\$tmp/subs1.awk" <<\\_ACAWK && _ACEOF -sed ' -s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g -s/^/s,@/; s/!/@,|#_!!_#|/ -:n -t n -s/'"$ac_delim"'$/,g/; t -s/$/\\/; p -N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n -' >>$CONFIG_STATUS >$CONFIG_STATUS <<_ACEOF -CEOF$ac_eof +sed -n ' +h +s/^/S["/; s/!.*/"]=/ +p +g +s/^[^!]*!// +:repl +t repl +s/'"$ac_delim"'$// +t delim +:nl +h +s/\(.\{148\}\)..*/\1/ +t more1 +s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ +p +n +b repl +:more1 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t nl +:delim +h +s/\(.\{148\}\)..*/\1/ +t more2 +s/["\\]/\\&/g; s/^/"/; s/$/"/ +p +b +:more2 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t delim +' >$CONFIG_STATUS || ac_write_fail=1 +rm -f conf$$subs.awk +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACAWK +cat >>"\$tmp/subs1.awk" <<_ACAWK && + for (key in S) S_is_set[key] = 1 + FS = "" + +} +{ + line = $ 0 + nfields = split(line, field, "@") + substed = 0 + len = length(field[1]) + for (i = 2; i < nfields; i++) { + key = field[i] + keylen = length(key) + if (S_is_set[key]) { + value = S[key] + line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) + len += length(value) + length(field[++i]) + substed = 1 + } else + len += 1 + keylen + } + + print line +} + +_ACAWK _ACEOF - - -ac_delim='%!_!# ' -for ac_last_try in false false false false false :; do - cat >conf$$subs.sed <<_ACEOF -LIBTOOL!$LIBTOOL$ac_delim -ENABLE_SHARED_TRUE!$ENABLE_SHARED_TRUE$ac_delim -ENABLE_SHARED_FALSE!$ENABLE_SHARED_FALSE$ac_delim -VERSIONING!$VERSIONING$ac_delim -versionscript_TRUE!$versionscript_TRUE$ac_delim -versionscript_FALSE!$versionscript_FALSE$ac_delim -LDFLAGS_VERSION_SCRIPT!$LDFLAGS_VERSION_SCRIPT$ac_delim -INCLUDE_openldap!$INCLUDE_openldap$ac_delim -LIB_openldap!$LIB_openldap$ac_delim -OPENLDAP_MODULE_TRUE!$OPENLDAP_MODULE_TRUE$ac_delim -OPENLDAP_MODULE_FALSE!$OPENLDAP_MODULE_FALSE$ac_delim -PKINIT_TRUE!$PKINIT_TRUE$ac_delim -PKINIT_FALSE!$PKINIT_FALSE$ac_delim -DIR_hdbdir!$DIR_hdbdir$ac_delim -INCLUDE_krb4!$INCLUDE_krb4$ac_delim -LIB_krb4!$LIB_krb4$ac_delim -KRB4_TRUE!$KRB4_TRUE$ac_delim -KRB4_FALSE!$KRB4_FALSE$ac_delim -KRB5_TRUE!$KRB5_TRUE$ac_delim -KRB5_FALSE!$KRB5_FALSE$ac_delim -do_roken_rename_TRUE!$do_roken_rename_TRUE$ac_delim -do_roken_rename_FALSE!$do_roken_rename_FALSE$ac_delim -LIB_kdb!$LIB_kdb$ac_delim -HAVE_OPENSSL_TRUE!$HAVE_OPENSSL_TRUE$ac_delim -HAVE_OPENSSL_FALSE!$HAVE_OPENSSL_FALSE$ac_delim -DIR_hcrypto!$DIR_hcrypto$ac_delim -INCLUDE_hcrypto!$INCLUDE_hcrypto$ac_delim -LIB_hcrypto!$LIB_hcrypto$ac_delim -LIB_hcrypto_a!$LIB_hcrypto_a$ac_delim -LIB_hcrypto_so!$LIB_hcrypto_so$ac_delim -LIB_hcrypto_appl!$LIB_hcrypto_appl$ac_delim -PTHREADS_CFLAGS!$PTHREADS_CFLAGS$ac_delim -PTHREADS_LIBS!$PTHREADS_LIBS$ac_delim -DCE_TRUE!$DCE_TRUE$ac_delim -DCE_FALSE!$DCE_FALSE$ac_delim -dpagaix_cflags!$dpagaix_cflags$ac_delim -dpagaix_ldadd!$dpagaix_ldadd$ac_delim -dpagaix_ldflags!$dpagaix_ldflags$ac_delim -LIB_db_create!$LIB_db_create$ac_delim -LIB_dbopen!$LIB_dbopen$ac_delim -LIB_dbm_firstkey!$LIB_dbm_firstkey$ac_delim -HAVE_DB1_TRUE!$HAVE_DB1_TRUE$ac_delim -HAVE_DB1_FALSE!$HAVE_DB1_FALSE$ac_delim -HAVE_DB3_TRUE!$HAVE_DB3_TRUE$ac_delim -HAVE_DB3_FALSE!$HAVE_DB3_FALSE$ac_delim -HAVE_NDBM_TRUE!$HAVE_NDBM_TRUE$ac_delim -HAVE_NDBM_FALSE!$HAVE_NDBM_FALSE$ac_delim -DBLIB!$DBLIB$ac_delim -LIB_NDBM!$LIB_NDBM$ac_delim -WFLAGS!$WFLAGS$ac_delim -WFLAGS_NOUNUSED!$WFLAGS_NOUNUSED$ac_delim -WFLAGS_NOIMPLICITINT!$WFLAGS_NOIMPLICITINT$ac_delim -VOID_RETSIGTYPE!$VOID_RETSIGTYPE$ac_delim -have_err_h_TRUE!$have_err_h_TRUE$ac_delim -have_err_h_FALSE!$have_err_h_FALSE$ac_delim -have_ifaddrs_h_TRUE!$have_ifaddrs_h_TRUE$ac_delim -have_ifaddrs_h_FALSE!$have_ifaddrs_h_FALSE$ac_delim -have_vis_h_TRUE!$have_vis_h_TRUE$ac_delim -have_vis_h_FALSE!$have_vis_h_FALSE$ac_delim -LIB_socket!$LIB_socket$ac_delim -LIB_gethostbyname!$LIB_gethostbyname$ac_delim -LIB_syslog!$LIB_syslog$ac_delim -LIB_gethostbyname2!$LIB_gethostbyname2$ac_delim -LIB_res_search!$LIB_res_search$ac_delim -LIB_res_nsearch!$LIB_res_nsearch$ac_delim -LIB_res_ndestroy!$LIB_res_ndestroy$ac_delim -LIB_dn_expand!$LIB_dn_expand$ac_delim -LIBOBJS!$LIBOBJS$ac_delim -have_glob_h_TRUE!$have_glob_h_TRUE$ac_delim -have_glob_h_FALSE!$have_glob_h_FALSE$ac_delim -have_cgetent_TRUE!$have_cgetent_TRUE$ac_delim -have_cgetent_FALSE!$have_cgetent_FALSE$ac_delim -LIB_getsockopt!$LIB_getsockopt$ac_delim -LIB_setsockopt!$LIB_setsockopt$ac_delim -LIB_hstrerror!$LIB_hstrerror$ac_delim -LIB_bswap16!$LIB_bswap16$ac_delim -LIB_bswap32!$LIB_bswap32$ac_delim -LIB_pidfile!$LIB_pidfile$ac_delim -LIB_getaddrinfo!$LIB_getaddrinfo$ac_delim -LIB_getnameinfo!$LIB_getnameinfo$ac_delim -LIB_freeaddrinfo!$LIB_freeaddrinfo$ac_delim -LIB_gai_strerror!$LIB_gai_strerror$ac_delim -have_fnmatch_h_TRUE!$have_fnmatch_h_TRUE$ac_delim -have_fnmatch_h_FALSE!$have_fnmatch_h_FALSE$ac_delim -LIB_crypt!$LIB_crypt$ac_delim -have_socket_wrapper_TRUE!$have_socket_wrapper_TRUE$ac_delim -have_socket_wrapper_FALSE!$have_socket_wrapper_FALSE$ac_delim -DIR_roken!$DIR_roken$ac_delim -LIB_roken!$LIB_roken$ac_delim -INCLUDES_roken!$INCLUDES_roken$ac_delim -LIBADD_roken!$LIBADD_roken$ac_delim -LIB_otp!$LIB_otp$ac_delim -OTP_TRUE!$OTP_TRUE$ac_delim -OTP_FALSE!$OTP_FALSE$ac_delim -LIB_security!$LIB_security$ac_delim -NROFF!$NROFF$ac_delim -GROFF!$GROFF$ac_delim +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then + sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" +else + cat +fi < "$tmp/subs1.awk" > "$tmp/subs.awk" \ + || as_fn_error "could not setup config files machinery" "$LINENO" 5 _ACEOF - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then - break - elif $ac_last_try; then - { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 -echo "$as_me: error: could not make $CONFIG_STATUS" >&2;} - { (exit 1); exit 1; }; } - else - ac_delim="$ac_delim!$ac_delim _$ac_delim!! " - fi -done - -ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed` -if test -n "$ac_eof"; then - ac_eof=`echo "$ac_eof" | sort -nru | sed 1q` - ac_eof=`expr $ac_eof + 1` -fi - -cat >>$CONFIG_STATUS <<_ACEOF -cat >"\$tmp/subs-2.sed" <<\CEOF$ac_eof -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b -_ACEOF -sed ' -s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g -s/^/s,@/; s/!/@,|#_!!_#|/ -:n -t n -s/'"$ac_delim"'$/,g/; t -s/$/\\/; p -N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n -' >>$CONFIG_STATUS >$CONFIG_STATUS <<_ACEOF -CEOF$ac_eof -_ACEOF - - -ac_delim='%!_!# ' -for ac_last_try in false false false false false :; do - cat >conf$$subs.sed <<_ACEOF -CATMAN!$CATMAN$ac_delim -CATMAN_TRUE!$CATMAN_TRUE$ac_delim -CATMAN_FALSE!$CATMAN_FALSE$ac_delim -CATMANEXT!$CATMANEXT$ac_delim -INCLUDE_readline!$INCLUDE_readline$ac_delim -LIB_readline!$LIB_readline$ac_delim -INCLUDE_hesiod!$INCLUDE_hesiod$ac_delim -LIB_hesiod!$LIB_hesiod$ac_delim -AIX_TRUE!$AIX_TRUE$ac_delim -AIX_FALSE!$AIX_FALSE$ac_delim -AIX4_TRUE!$AIX4_TRUE$ac_delim -AIX4_FALSE!$AIX4_FALSE$ac_delim -LIB_dlopen!$LIB_dlopen$ac_delim -HAVE_DLOPEN_TRUE!$HAVE_DLOPEN_TRUE$ac_delim -HAVE_DLOPEN_FALSE!$HAVE_DLOPEN_FALSE$ac_delim -LIB_loadquery!$LIB_loadquery$ac_delim -AIX_DYNAMIC_AFS_TRUE!$AIX_DYNAMIC_AFS_TRUE$ac_delim -AIX_DYNAMIC_AFS_FALSE!$AIX_DYNAMIC_AFS_FALSE$ac_delim -AIX_EXTRA_KAFS!$AIX_EXTRA_KAFS$ac_delim -IRIX_TRUE!$IRIX_TRUE$ac_delim -IRIX_FALSE!$IRIX_FALSE$ac_delim -XMKMF!$XMKMF$ac_delim -X_CFLAGS!$X_CFLAGS$ac_delim -X_PRE_LIBS!$X_PRE_LIBS$ac_delim -X_LIBS!$X_LIBS$ac_delim -X_EXTRA_LIBS!$X_EXTRA_LIBS$ac_delim -HAVE_X_TRUE!$HAVE_X_TRUE$ac_delim -HAVE_X_FALSE!$HAVE_X_FALSE$ac_delim -LIB_XauWriteAuth!$LIB_XauWriteAuth$ac_delim -LIB_XauReadAuth!$LIB_XauReadAuth$ac_delim -LIB_XauFileName!$LIB_XauFileName$ac_delim -NEED_WRITEAUTH_TRUE!$NEED_WRITEAUTH_TRUE$ac_delim -NEED_WRITEAUTH_FALSE!$NEED_WRITEAUTH_FALSE$ac_delim -LIB_logwtmp!$LIB_logwtmp$ac_delim -LIB_logout!$LIB_logout$ac_delim -LIB_openpty!$LIB_openpty$ac_delim -LIB_tgetent!$LIB_tgetent$ac_delim -LIB_getpwnam_r!$LIB_getpwnam_r$ac_delim -LIB_door_create!$LIB_door_create$ac_delim -KCM_TRUE!$KCM_TRUE$ac_delim -KCM_FALSE!$KCM_FALSE$ac_delim -FRAMEWORK_SECURITY_TRUE!$FRAMEWORK_SECURITY_TRUE$ac_delim -FRAMEWORK_SECURITY_FALSE!$FRAMEWORK_SECURITY_FALSE$ac_delim -LIB_el_init!$LIB_el_init$ac_delim -el_compat_TRUE!$el_compat_TRUE$ac_delim -el_compat_FALSE!$el_compat_FALSE$ac_delim -COMPILE_ET!$COMPILE_ET$ac_delim -COM_ERR_TRUE!$COM_ERR_TRUE$ac_delim -COM_ERR_FALSE!$COM_ERR_FALSE$ac_delim -DIR_com_err!$DIR_com_err$ac_delim -LIB_com_err!$LIB_com_err$ac_delim -LIB_com_err_a!$LIB_com_err_a$ac_delim -LIB_com_err_so!$LIB_com_err_so$ac_delim -LIB_AUTH_SUBDIRS!$LIB_AUTH_SUBDIRS$ac_delim -LTLIBOBJS!$LTLIBOBJS$ac_delim -_ACEOF - - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 55; then - break - elif $ac_last_try; then - { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 -echo "$as_me: error: could not make $CONFIG_STATUS" >&2;} - { (exit 1); exit 1; }; } - else - ac_delim="$ac_delim!$ac_delim _$ac_delim!! " - fi -done - -ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed` -if test -n "$ac_eof"; then - ac_eof=`echo "$ac_eof" | sort -nru | sed 1q` - ac_eof=`expr $ac_eof + 1` -fi - -cat >>$CONFIG_STATUS <<_ACEOF -cat >"\$tmp/subs-3.sed" <<\CEOF$ac_eof -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b end -_ACEOF -sed ' -s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g -s/^/s,@/; s/!/@,|#_!!_#|/ -:n -t n -s/'"$ac_delim"'$/,g/; t -s/$/\\/; p -N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n -' >>$CONFIG_STATUS >$CONFIG_STATUS <<_ACEOF -:end -s/|#_!!_#|//g -CEOF$ac_eof -_ACEOF - - # VPATH may cause trouble with some makes, so we remove $(srcdir), # ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and # trailing colons and then remove the whole line if VPATH becomes empty @@ -53892,20 +29929,128 @@ s/^[^=]*=[ ]*$// }' fi -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 fi # test -n "$CONFIG_FILES" +# Set up the scripts for CONFIG_HEADERS section. +# No need to generate them if there are no CONFIG_HEADERS. +# This happens for instance with `./config.status Makefile'. +if test -n "$CONFIG_HEADERS"; then +cat >"$tmp/defines.awk" <<\_ACAWK || +BEGIN { +_ACEOF -for ac_tag in :F $CONFIG_FILES :H $CONFIG_HEADERS +# Transform confdefs.h into an awk script `defines.awk', embedded as +# here-document in config.status, that substitutes the proper values into +# config.h.in to produce config.h. + +# Create a delimiter string that does not exist in confdefs.h, to ease +# handling of long lines. +ac_delim='%!_!# ' +for ac_last_try in false false :; do + ac_t=`sed -n "/$ac_delim/p" confdefs.h` + if test -z "$ac_t"; then + break + elif $ac_last_try; then + as_fn_error "could not make $CONFIG_HEADERS" "$LINENO" 5 + else + ac_delim="$ac_delim!$ac_delim _$ac_delim!! " + fi +done + +# For the awk script, D is an array of macro values keyed by name, +# likewise P contains macro parameters if any. Preserve backslash +# newline sequences. + +ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* +sed -n ' +s/.\{148\}/&'"$ac_delim"'/g +t rset +:rset +s/^[ ]*#[ ]*define[ ][ ]*/ / +t def +d +:def +s/\\$// +t bsnl +s/["\\]/\\&/g +s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ +D["\1"]=" \3"/p +s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p +d +:bsnl +s/["\\]/\\&/g +s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ +D["\1"]=" \3\\\\\\n"\\/p +t cont +s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p +t cont +d +:cont +n +s/.\{148\}/&'"$ac_delim"'/g +t clear +:clear +s/\\$// +t bsnlc +s/["\\]/\\&/g; s/^/"/; s/$/"/p +d +:bsnlc +s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p +b cont +' >$CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + for (key in D) D_is_set[key] = 1 + FS = "" +} +/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { + line = \$ 0 + split(line, arg, " ") + if (arg[1] == "#") { + defundef = arg[2] + mac1 = arg[3] + } else { + defundef = substr(arg[1], 2) + mac1 = arg[2] + } + split(mac1, mac2, "(") #) + macro = mac2[1] + prefix = substr(line, 1, index(line, defundef) - 1) + if (D_is_set[macro]) { + # Preserve the white space surrounding the "#". + print prefix "define", macro P[macro] D[macro] + next + } else { + # Replace #undef with comments. This is necessary, for example, + # in the case of _POSIX_SOURCE, which is predefined and required + # on some systems where configure will not decide to define it. + if (defundef == "undef") { + print "/*", prefix defundef, macro, "*/" + next + } + } +} +{ print } +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + as_fn_error "could not setup config headers machinery" "$LINENO" 5 +fi # test -n "$CONFIG_HEADERS" + + +eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS" +shift +for ac_tag do case $ac_tag in :[FHLC]) ac_mode=$ac_tag; continue;; esac case $ac_mode$ac_tag in :[FHL]*:*);; - :L* | :C*:*) { { echo "$as_me:$LINENO: error: Invalid tag $ac_tag." >&5 -echo "$as_me: error: Invalid tag $ac_tag." >&2;} - { (exit 1); exit 1; }; };; + :L* | :C*:*) as_fn_error "invalid tag \`$ac_tag'" "$LINENO" 5;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac @@ -53933,26 +30078,34 @@ echo "$as_me: error: Invalid tag $ac_tag." >&2;} [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || - { { echo "$as_me:$LINENO: error: cannot find input file: $ac_f" >&5 -echo "$as_me: error: cannot find input file: $ac_f" >&2;} - { (exit 1); exit 1; }; };; + as_fn_error "cannot find input file: \`$ac_f'" "$LINENO" 5;; esac - ac_file_inputs="$ac_file_inputs $ac_f" + case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac + as_fn_append ac_file_inputs " '$ac_f'" done # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ - configure_input="Generated from "`IFS=: - echo $* | sed 's|^[^:]*/||;s|:[^:]*/|, |g'`" by configure." + configure_input='Generated from '` + $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' + `' by configure.' if test x"$ac_file" != x-; then configure_input="$ac_file. $configure_input" - { echo "$as_me:$LINENO: creating $ac_file" >&5 -echo "$as_me: creating $ac_file" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 +$as_echo "$as_me: creating $ac_file" >&6;} fi + # Neutralize special characters interpreted by sed in replacement strings. + case $configure_input in #( + *\&* | *\|* | *\\* ) + ac_sed_conf_input=`$as_echo "$configure_input" | + sed 's/[\\\\&|]/\\\\&/g'`;; #( + *) ac_sed_conf_input=$configure_input;; + esac case $ac_tag in - *:-:* | *:-) cat >"$tmp/stdin";; + *:-:* | *:-) cat >"$tmp/stdin" \ + || as_fn_error "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac @@ -53962,7 +30115,7 @@ $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || -echo X"$ac_file" | +$as_echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -53980,55 +30133,15 @@ echo X"$ac_file" | q } s/.*/./; q'` - { as_dir="$ac_dir" - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || { $as_mkdir_p && mkdir -p "$as_dir"; } || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -echo X"$as_dir" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - test -d "$as_dir" && break - done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || { { echo "$as_me:$LINENO: error: cannot create directory $as_dir" >&5 -echo "$as_me: error: cannot create directory $as_dir" >&2;} - { (exit 1); exit 1; }; }; } + as_dir="$ac_dir"; as_fn_mkdir_p ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) - ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'` + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; @@ -54073,12 +30186,12 @@ ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix esac _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # If the template does not know about datarootdir, expand it. # FIXME: This hack should be removed a few years after 2.60. ac_datarootdir_hack=; ac_datarootdir_seen= - -case `sed -n '/datarootdir/ { +ac_sed_dataroot=' +/datarootdir/ { p q } @@ -54086,36 +30199,37 @@ case `sed -n '/datarootdir/ { /@docdir@/p /@infodir@/p /@localedir@/p -/@mandir@/p -' $ac_file_inputs` in +/@mandir@/p' +case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in *datarootdir*) ac_datarootdir_seen=yes;; *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) - { echo "$as_me:$LINENO: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 -echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 +$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_datarootdir_hack=' s&@datadir@&$datadir&g s&@docdir@&$docdir&g s&@infodir@&$infodir&g s&@localedir@&$localedir&g s&@mandir@&$mandir&g - s&\\\${datarootdir}&$datarootdir&g' ;; + s&\\\${datarootdir}&$datarootdir&g' ;; esac _ACEOF # Neutralize VPATH when `$srcdir' = `.'. # Shell code in configure.ac might set extrasub. # FIXME: do we really want to maintain this feature? -cat >>$CONFIG_STATUS <<_ACEOF - sed "$ac_vpsub +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_sed_extra="$ac_vpsub $extrasub _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 :t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b -s&@configure_input@&$configure_input&;t t +s|@configure_input@|$ac_sed_conf_input|;t t s&@top_builddir@&$ac_top_builddir_sub&;t t +s&@top_build_prefix@&$ac_top_build_prefix&;t t s&@srcdir@&$ac_srcdir&;t t s&@abs_srcdir@&$ac_abs_srcdir&;t t s&@top_srcdir@&$ac_top_srcdir&;t t @@ -54126,135 +30240,65 @@ s&@abs_top_builddir@&$ac_abs_top_builddir&;t t s&@INSTALL@&$ac_INSTALL&;t t s&@MKDIR_P@&$ac_MKDIR_P&;t t $ac_datarootdir_hack -" $ac_file_inputs | sed -f "$tmp/subs-1.sed" | sed -f "$tmp/subs-2.sed" | sed -f "$tmp/subs-3.sed" >$tmp/out +" +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$tmp/subs.awk" >$tmp/out \ + || as_fn_error "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } && { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } && - { echo "$as_me:$LINENO: WARNING: $ac_file contains a reference to the variable \`datarootdir' + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined." >&5 -echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined." >&2;} rm -f "$tmp/stdin" case $ac_file in - -) cat "$tmp/out"; rm -f "$tmp/out";; - *) rm -f "$ac_file"; mv "$tmp/out" $ac_file;; - esac + -) cat "$tmp/out" && rm -f "$tmp/out";; + *) rm -f "$ac_file" && mv "$tmp/out" "$ac_file";; + esac \ + || as_fn_error "could not create $ac_file" "$LINENO" 5 ;; :H) # # CONFIG_HEADER # -_ACEOF - -# Transform confdefs.h into a sed script `conftest.defines', that -# substitutes the proper values into config.h.in to produce config.h. -rm -f conftest.defines conftest.tail -# First, append a space to every undef/define line, to ease matching. -echo 's/$/ /' >conftest.defines -# Then, protect against being on the right side of a sed subst, or in -# an unquoted here document, in config.status. If some macros were -# called several times there might be several #defines for the same -# symbol, which is useless. But do not sort them, since the last -# AC_DEFINE must be honored. -ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* -# These sed commands are passed to sed as "A NAME B PARAMS C VALUE D", where -# NAME is the cpp macro being defined, VALUE is the value it is being given. -# PARAMS is the parameter list in the macro definition--in most cases, it's -# just an empty string. -ac_dA='s,^\\([ #]*\\)[^ ]*\\([ ]*' -ac_dB='\\)[ (].*,\\1define\\2' -ac_dC=' ' -ac_dD=' ,' - -uniq confdefs.h | - sed -n ' - t rset - :rset - s/^[ ]*#[ ]*define[ ][ ]*// - t ok - d - :ok - s/[\\&,]/\\&/g - s/^\('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/ '"$ac_dA"'\1'"$ac_dB"'\2'"${ac_dC}"'\3'"$ac_dD"'/p - s/^\('"$ac_word_re"'\)[ ]*\(.*\)/'"$ac_dA"'\1'"$ac_dB$ac_dC"'\2'"$ac_dD"'/p - ' >>conftest.defines - -# Remove the space that was appended to ease matching. -# Then replace #undef with comments. This is necessary, for -# example, in the case of _POSIX_SOURCE, which is predefined and required -# on some systems where configure will not decide to define it. -# (The regexp can be short, since the line contains either #define or #undef.) -echo 's/ $// -s,^[ #]*u.*,/* & */,' >>conftest.defines - -# Break up conftest.defines: -ac_max_sed_lines=50 - -# First sed command is: sed -f defines.sed $ac_file_inputs >"$tmp/out1" -# Second one is: sed -f defines.sed "$tmp/out1" >"$tmp/out2" -# Third one will be: sed -f defines.sed "$tmp/out2" >"$tmp/out1" -# et cetera. -ac_in='$ac_file_inputs' -ac_out='"$tmp/out1"' -ac_nxt='"$tmp/out2"' - -while : -do - # Write a here document: - cat >>$CONFIG_STATUS <<_ACEOF - # First, check the format of the line: - cat >"\$tmp/defines.sed" <<\\CEOF -/^[ ]*#[ ]*undef[ ][ ]*$ac_word_re[ ]*\$/b def -/^[ ]*#[ ]*define[ ][ ]*$ac_word_re[( ]/b def -b -:def -_ACEOF - sed ${ac_max_sed_lines}q conftest.defines >>$CONFIG_STATUS - echo 'CEOF - sed -f "$tmp/defines.sed"' "$ac_in >$ac_out" >>$CONFIG_STATUS - ac_in=$ac_out; ac_out=$ac_nxt; ac_nxt=$ac_in - sed 1,${ac_max_sed_lines}d conftest.defines >conftest.tail - grep . conftest.tail >/dev/null || break - rm -f conftest.defines - mv conftest.tail conftest.defines -done -rm -f conftest.defines conftest.tail - -echo "ac_result=$ac_in" >>$CONFIG_STATUS -cat >>$CONFIG_STATUS <<\_ACEOF if test x"$ac_file" != x-; then - echo "/* $configure_input */" >"$tmp/config.h" - cat "$ac_result" >>"$tmp/config.h" - if diff $ac_file "$tmp/config.h" >/dev/null 2>&1; then - { echo "$as_me:$LINENO: $ac_file is unchanged" >&5 -echo "$as_me: $ac_file is unchanged" >&6;} + { + $as_echo "/* $configure_input */" \ + && eval '$AWK -f "$tmp/defines.awk"' "$ac_file_inputs" + } >"$tmp/config.h" \ + || as_fn_error "could not create $ac_file" "$LINENO" 5 + if diff "$ac_file" "$tmp/config.h" >/dev/null 2>&1; then + { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 +$as_echo "$as_me: $ac_file is unchanged" >&6;} else - rm -f $ac_file - mv "$tmp/config.h" $ac_file + rm -f "$ac_file" + mv "$tmp/config.h" "$ac_file" \ + || as_fn_error "could not create $ac_file" "$LINENO" 5 fi else - echo "/* $configure_input */" - cat "$ac_result" + $as_echo "/* $configure_input */" \ + && eval '$AWK -f "$tmp/defines.awk"' "$ac_file_inputs" \ + || as_fn_error "could not create -" "$LINENO" 5 fi - rm -f "$tmp/out12" -# Compute $ac_file's index in $config_headers. +# Compute "$ac_file"'s index in $config_headers. +_am_arg="$ac_file" _am_stamp_count=1 for _am_header in $config_headers :; do case $_am_header in - $ac_file | $ac_file:* ) + $_am_arg | $_am_arg:* ) break ;; * ) _am_stamp_count=`expr $_am_stamp_count + 1` ;; esac done -echo "timestamp for $ac_file" >`$as_dirname -- $ac_file || -$as_expr X$ac_file : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X$ac_file : 'X\(//\)[^/]' \| \ - X$ac_file : 'X\(//\)$' \| \ - X$ac_file : 'X\(/\)' \| . 2>/dev/null || -echo X$ac_file | +echo "timestamp for $_am_arg" >`$as_dirname -- "$_am_arg" || +$as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$_am_arg" : 'X\(//\)[^/]' \| \ + X"$_am_arg" : 'X\(//\)$' \| \ + X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$_am_arg" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -54274,17 +30318,751 @@ echo X$ac_file | s/.*/./; q'`/stamp-h$_am_stamp_count ;; - + :C) { $as_echo "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5 +$as_echo "$as_me: executing $ac_file commands" >&6;} + ;; esac + + case $ac_file$ac_mode in + "depfiles":C) test x"$AMDEP_TRUE" != x"" || { + # Autoconf 2.62 quotes --file arguments for eval, but not when files + # are listed without --file. Let's play safe and only enable the eval + # if we detect the quoting. + case $CONFIG_FILES in + *\'*) eval set x "$CONFIG_FILES" ;; + *) set x $CONFIG_FILES ;; + esac + shift + for mf + do + # Strip MF so we end up with the name of the file. + mf=`echo "$mf" | sed -e 's/:.*$//'` + # Check whether this is an Automake generated Makefile or not. + # We used to match only the files named `Makefile.in', but + # some people rename them; so instead we look at the file content. + # Grep'ing the first line is not enough: some people post-process + # each Makefile.in and add a new line on top of each file to say so. + # Grep'ing the whole file is not good either: AIX grep has a line + # limit of 2048, but all sed's we know have understand at least 4000. + if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then + dirpart=`$as_dirname -- "$mf" || +$as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$mf" : 'X\(//\)[^/]' \| \ + X"$mf" : 'X\(//\)$' \| \ + X"$mf" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$mf" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + else + continue + fi + # Extract the definition of DEPDIR, am__include, and am__quote + # from the Makefile without running `make'. + DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` + test -z "$DEPDIR" && continue + am__include=`sed -n 's/^am__include = //p' < "$mf"` + test -z "am__include" && continue + am__quote=`sed -n 's/^am__quote = //p' < "$mf"` + # When using ansi2knr, U may be empty or an underscore; expand it + U=`sed -n 's/^U = //p' < "$mf"` + # Find all dependency output files, they are included files with + # $(DEPDIR) in their names. We invoke sed twice because it is the + # simplest approach to changing $(DEPDIR) to its actual value in the + # expansion. + for file in `sed -n " + s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ + sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do + # Make sure the directory exists. + test -f "$dirpart/$file" && continue + fdir=`$as_dirname -- "$file" || +$as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$file" : 'X\(//\)[^/]' \| \ + X"$file" : 'X\(//\)$' \| \ + X"$file" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + as_dir=$dirpart/$fdir; as_fn_mkdir_p + # echo "creating $dirpart/$file" + echo '# dummy' > "$dirpart/$file" + done + done +} + ;; + "libtool":C) + + # See if we are running on zsh, and set the options which allow our + # commands through without removal of \ escapes. + if test -n "${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST + fi + + cfgfile="${ofile}T" + trap "$RM \"$cfgfile\"; exit 1" 1 2 15 + $RM "$cfgfile" + + cat <<_LT_EOF >> "$cfgfile" +#! $SHELL + +# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services. +# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION +# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: +# NOTE: Changes made to this file will be lost: look at ltmain.sh. +# +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, +# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, +# Inc. +# Written by Gordon Matzigkeit, 1996 +# +# This file is part of GNU Libtool. +# +# GNU Libtool is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of +# the License, or (at your option) any later version. +# +# As a special exception to the GNU General Public License, +# if you distribute this file as part of a program or library that +# is built using GNU Libtool, you may include this file under the +# same distribution terms that you use for the rest of that program. +# +# GNU Libtool is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GNU Libtool; see the file COPYING. If not, a copy +# can be downloaded from http://www.gnu.org/licenses/gpl.html, or +# obtained by writing to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + + +# The names of the tagged configurations supported by this script. +available_tags="" + +# ### BEGIN LIBTOOL CONFIG + +# Which release of libtool.m4 was used? +macro_version=$macro_version +macro_revision=$macro_revision + +# Whether or not to build shared libraries. +build_libtool_libs=$enable_shared + +# Whether or not to build static libraries. +build_old_libs=$enable_static + +# What type of objects to build. +pic_mode=$pic_mode + +# Whether or not to optimize for fast installation. +fast_install=$enable_fast_install + +# Shell to use when invoking shell scripts. +SHELL=$lt_SHELL + +# An echo program that protects backslashes. +ECHO=$lt_ECHO + +# The host system. +host_alias=$host_alias +host=$host +host_os=$host_os + +# The build system. +build_alias=$build_alias +build=$build +build_os=$build_os + +# A sed program that does not truncate output. +SED=$lt_SED + +# Sed that helps us avoid accidentally triggering echo(1) options like -n. +Xsed="\$SED -e 1s/^X//" + +# A grep program that handles long lines. +GREP=$lt_GREP + +# An ERE matcher. +EGREP=$lt_EGREP + +# A literal string matcher. +FGREP=$lt_FGREP + +# A BSD- or MS-compatible name lister. +NM=$lt_NM + +# Whether we need soft or hard links. +LN_S=$lt_LN_S + +# What is the maximum length of a command? +max_cmd_len=$max_cmd_len + +# Object file suffix (normally "o"). +objext=$ac_objext + +# Executable file suffix (normally ""). +exeext=$exeext + +# whether the shell understands "unset". +lt_unset=$lt_unset + +# turn spaces into newlines. +SP2NL=$lt_lt_SP2NL + +# turn newlines into spaces. +NL2SP=$lt_lt_NL2SP + +# convert \$build file names to \$host format. +to_host_file_cmd=$lt_cv_to_host_file_cmd + +# convert \$build files to toolchain format. +to_tool_file_cmd=$lt_cv_to_tool_file_cmd + +# An object symbol dumper. +OBJDUMP=$lt_OBJDUMP + +# Method to check whether dependent libraries are shared objects. +deplibs_check_method=$lt_deplibs_check_method + +# Command to use when deplibs_check_method = "file_magic". +file_magic_cmd=$lt_file_magic_cmd + +# How to find potential files when deplibs_check_method = "file_magic". +file_magic_glob=$lt_file_magic_glob + +# Find potential files using nocaseglob when deplibs_check_method = "file_magic". +want_nocaseglob=$lt_want_nocaseglob + +# DLL creation program. +DLLTOOL=$lt_DLLTOOL + +# Command to associate shared and link libraries. +sharedlib_from_linklib_cmd=$lt_sharedlib_from_linklib_cmd + +# The archiver. +AR=$lt_AR + +# Flags to create an archive. +AR_FLAGS=$lt_AR_FLAGS + +# How to feed a file listing to the archiver. +archiver_list_spec=$lt_archiver_list_spec + +# A symbol stripping program. +STRIP=$lt_STRIP + +# Commands used to install an old-style archive. +RANLIB=$lt_RANLIB +old_postinstall_cmds=$lt_old_postinstall_cmds +old_postuninstall_cmds=$lt_old_postuninstall_cmds + +# Whether to use a lock for old archive extraction. +lock_old_archive_extraction=$lock_old_archive_extraction + +# A C compiler. +LTCC=$lt_CC + +# LTCC compiler flags. +LTCFLAGS=$lt_CFLAGS + +# Take the output of nm and produce a listing of raw symbols and C names. +global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe + +# Transform the output of nm in a proper C declaration. +global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl + +# Transform the output of nm in a C name address pair. +global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address + +# Transform the output of nm in a C name address pair when lib prefix is needed. +global_symbol_to_c_name_address_lib_prefix=$lt_lt_cv_sys_global_symbol_to_c_name_address_lib_prefix + +# Specify filename containing input files for \$NM. +nm_file_list_spec=$lt_nm_file_list_spec + +# The root where to search for dependent libraries,and in which our libraries should be installed. +lt_sysroot=$lt_sysroot + +# The name of the directory that contains temporary libtool files. +objdir=$objdir + +# Used to examine libraries when file_magic_cmd begins with "file". +MAGIC_CMD=$MAGIC_CMD + +# Must we lock files when doing compilation? +need_locks=$lt_need_locks + +# Manifest tool. +MANIFEST_TOOL=$lt_MANIFEST_TOOL + +# Tool to manipulate archived DWARF debug symbol files on Mac OS X. +DSYMUTIL=$lt_DSYMUTIL + +# Tool to change global to local symbols on Mac OS X. +NMEDIT=$lt_NMEDIT + +# Tool to manipulate fat objects and archives on Mac OS X. +LIPO=$lt_LIPO + +# ldd/readelf like tool for Mach-O binaries on Mac OS X. +OTOOL=$lt_OTOOL + +# ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4. +OTOOL64=$lt_OTOOL64 + +# Old archive suffix (normally "a"). +libext=$libext + +# Shared library suffix (normally ".so"). +shrext_cmds=$lt_shrext_cmds + +# The commands to extract the exported symbol list from a shared archive. +extract_expsyms_cmds=$lt_extract_expsyms_cmds + +# Variables whose values should be saved in libtool wrapper scripts and +# restored at link time. +variables_saved_for_relink=$lt_variables_saved_for_relink + +# Do we need the "lib" prefix for modules? +need_lib_prefix=$need_lib_prefix + +# Do we need a version for libraries? +need_version=$need_version + +# Library versioning type. +version_type=$version_type + +# Shared library runtime path variable. +runpath_var=$runpath_var + +# Shared library path variable. +shlibpath_var=$shlibpath_var + +# Is shlibpath searched before the hard-coded library search path? +shlibpath_overrides_runpath=$shlibpath_overrides_runpath + +# Format of library name prefix. +libname_spec=$lt_libname_spec + +# List of archive names. First name is the real one, the rest are links. +# The last name is the one that the linker finds with -lNAME +library_names_spec=$lt_library_names_spec + +# The coded name of the library, if different from the real name. +soname_spec=$lt_soname_spec + +# Permission mode override for installation of shared libraries. +install_override_mode=$lt_install_override_mode + +# Command to use after installation of a shared archive. +postinstall_cmds=$lt_postinstall_cmds + +# Command to use after uninstallation of a shared archive. +postuninstall_cmds=$lt_postuninstall_cmds + +# Commands used to finish a libtool library installation in a directory. +finish_cmds=$lt_finish_cmds + +# As "finish_cmds", except a single script fragment to be evaled but +# not shown. +finish_eval=$lt_finish_eval + +# Whether we should hardcode library paths into libraries. +hardcode_into_libs=$hardcode_into_libs + +# Compile-time system search path for libraries. +sys_lib_search_path_spec=$lt_sys_lib_search_path_spec + +# Run-time system search path for libraries. +sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec + +# Whether dlopen is supported. +dlopen_support=$enable_dlopen + +# Whether dlopen of programs is supported. +dlopen_self=$enable_dlopen_self + +# Whether dlopen of statically linked programs is supported. +dlopen_self_static=$enable_dlopen_self_static + +# Commands to strip libraries. +old_striplib=$lt_old_striplib +striplib=$lt_striplib + + +# The linker used to build libraries. +LD=$lt_LD + +# How to create reloadable object files. +reload_flag=$lt_reload_flag +reload_cmds=$lt_reload_cmds + +# Commands used to build an old-style archive. +old_archive_cmds=$lt_old_archive_cmds + +# A language specific compiler. +CC=$lt_compiler + +# Is the compiler the GNU compiler? +with_gcc=$GCC + +# Compiler flag to turn off builtin functions. +no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag + +# Additional compiler flags for building library objects. +pic_flag=$lt_lt_prog_compiler_pic + +# How to pass a linker flag through the compiler. +wl=$lt_lt_prog_compiler_wl + +# Compiler flag to prevent dynamic linking. +link_static_flag=$lt_lt_prog_compiler_static + +# Does compiler simultaneously support -c and -o options? +compiler_c_o=$lt_lt_cv_prog_compiler_c_o + +# Whether or not to add -lc for building shared libraries. +build_libtool_need_lc=$archive_cmds_need_lc + +# Whether or not to disallow shared libs when runtime libs are static. +allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes + +# Compiler flag to allow reflexive dlopens. +export_dynamic_flag_spec=$lt_export_dynamic_flag_spec + +# Compiler flag to generate shared objects directly from archives. +whole_archive_flag_spec=$lt_whole_archive_flag_spec + +# Whether the compiler copes with passing no objects directly. +compiler_needs_object=$lt_compiler_needs_object + +# Create an old-style archive from a shared archive. +old_archive_from_new_cmds=$lt_old_archive_from_new_cmds + +# Create a temporary old-style archive to link instead of a shared archive. +old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds + +# Commands used to build a shared archive. +archive_cmds=$lt_archive_cmds +archive_expsym_cmds=$lt_archive_expsym_cmds + +# Commands used to build a loadable module if different from building +# a shared archive. +module_cmds=$lt_module_cmds +module_expsym_cmds=$lt_module_expsym_cmds + +# Whether we are building with GNU ld or not. +with_gnu_ld=$lt_with_gnu_ld + +# Flag that allows shared libraries with undefined symbols to be built. +allow_undefined_flag=$lt_allow_undefined_flag + +# Flag that enforces no undefined symbols. +no_undefined_flag=$lt_no_undefined_flag + +# Flag to hardcode \$libdir into a binary during linking. +# This must work even if \$libdir does not exist +hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec + +# If ld is used when linking, flag to hardcode \$libdir into a binary +# during linking. This must work even if \$libdir does not exist. +hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld + +# Whether we need a single "-rpath" flag with a separated argument. +hardcode_libdir_separator=$lt_hardcode_libdir_separator + +# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes +# DIR into the resulting binary. +hardcode_direct=$hardcode_direct + +# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes +# DIR into the resulting binary and the resulting library dependency is +# "absolute",i.e impossible to change by setting \${shlibpath_var} if the +# library is relocated. +hardcode_direct_absolute=$hardcode_direct_absolute + +# Set to "yes" if using the -LDIR flag during linking hardcodes DIR +# into the resulting binary. +hardcode_minus_L=$hardcode_minus_L + +# Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR +# into the resulting binary. +hardcode_shlibpath_var=$hardcode_shlibpath_var + +# Set to "yes" if building a shared library automatically hardcodes DIR +# into the library and all subsequent libraries and executables linked +# against it. +hardcode_automatic=$hardcode_automatic + +# Set to yes if linker adds runtime paths of dependent libraries +# to runtime path list. +inherit_rpath=$inherit_rpath + +# Whether libtool must link a program against all its dependency libraries. +link_all_deplibs=$link_all_deplibs + +# Set to "yes" if exported symbols are required. +always_export_symbols=$always_export_symbols + +# The commands to list exported symbols. +export_symbols_cmds=$lt_export_symbols_cmds + +# Symbols that should not be listed in the preloaded symbols. +exclude_expsyms=$lt_exclude_expsyms + +# Symbols that must always be exported. +include_expsyms=$lt_include_expsyms + +# Commands necessary for linking programs (against libraries) with templates. +prelink_cmds=$lt_prelink_cmds + +# Commands necessary for finishing linking programs. +postlink_cmds=$lt_postlink_cmds + +# Specify filename containing input files. +file_list_spec=$lt_file_list_spec + +# How to hardcode a shared library path into an executable. +hardcode_action=$hardcode_action + +# ### END LIBTOOL CONFIG + +_LT_EOF + + case $host_os in + aix3*) + cat <<\_LT_EOF >> "$cfgfile" +# AIX sometimes has problems with the GCC collect2 program. For some +# reason, if we set the COLLECT_NAMES environment variable, the problems +# vanish in a puff of smoke. +if test "X${COLLECT_NAMES+set}" != Xset; then + COLLECT_NAMES= + export COLLECT_NAMES +fi +_LT_EOF + ;; + esac + + +ltmain="$ac_aux_dir/ltmain.sh" + + + # We use sed instead of cat because bash on DJGPP gets confused if + # if finds mixed CR/LF and LF-only lines. Since sed operates in + # text mode, it properly converts lines to CR/LF. This bash problem + # is reportedly fixed, but why not run on old versions too? + sed '$q' "$ltmain" >> "$cfgfile" \ + || (rm -f "$cfgfile"; exit 1) + + if test x"$xsi_shell" = xyes; then + sed -e '/^func_dirname ()$/,/^} # func_dirname /c\ +func_dirname ()\ +{\ +\ case ${1} in\ +\ */*) func_dirname_result="${1%/*}${2}" ;;\ +\ * ) func_dirname_result="${3}" ;;\ +\ esac\ +} # Extended-shell func_dirname implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_basename ()$/,/^} # func_basename /c\ +func_basename ()\ +{\ +\ func_basename_result="${1##*/}"\ +} # Extended-shell func_basename implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_dirname_and_basename ()$/,/^} # func_dirname_and_basename /c\ +func_dirname_and_basename ()\ +{\ +\ case ${1} in\ +\ */*) func_dirname_result="${1%/*}${2}" ;;\ +\ * ) func_dirname_result="${3}" ;;\ +\ esac\ +\ func_basename_result="${1##*/}"\ +} # Extended-shell func_dirname_and_basename implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_stripname ()$/,/^} # func_stripname /c\ +func_stripname ()\ +{\ +\ # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are\ +\ # positional parameters, so assign one to ordinary parameter first.\ +\ func_stripname_result=${3}\ +\ func_stripname_result=${func_stripname_result#"${1}"}\ +\ func_stripname_result=${func_stripname_result%"${2}"}\ +} # Extended-shell func_stripname implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_split_long_opt ()$/,/^} # func_split_long_opt /c\ +func_split_long_opt ()\ +{\ +\ func_split_long_opt_name=${1%%=*}\ +\ func_split_long_opt_arg=${1#*=}\ +} # Extended-shell func_split_long_opt implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_split_short_opt ()$/,/^} # func_split_short_opt /c\ +func_split_short_opt ()\ +{\ +\ func_split_short_opt_arg=${1#??}\ +\ func_split_short_opt_name=${1%"$func_split_short_opt_arg"}\ +} # Extended-shell func_split_short_opt implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_lo2o ()$/,/^} # func_lo2o /c\ +func_lo2o ()\ +{\ +\ case ${1} in\ +\ *.lo) func_lo2o_result=${1%.lo}.${objext} ;;\ +\ *) func_lo2o_result=${1} ;;\ +\ esac\ +} # Extended-shell func_lo2o implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_xform ()$/,/^} # func_xform /c\ +func_xform ()\ +{\ + func_xform_result=${1%.*}.lo\ +} # Extended-shell func_xform implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_arith ()$/,/^} # func_arith /c\ +func_arith ()\ +{\ + func_arith_result=$(( $* ))\ +} # Extended-shell func_arith implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_len ()$/,/^} # func_len /c\ +func_len ()\ +{\ + func_len_result=${#1}\ +} # Extended-shell func_len implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + +fi + +if test x"$lt_shell_append" = xyes; then + sed -e '/^func_append ()$/,/^} # func_append /c\ +func_append ()\ +{\ + eval "${1}+=\\${2}"\ +} # Extended-shell func_append implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_append_quoted ()$/,/^} # func_append_quoted /c\ +func_append_quoted ()\ +{\ +\ func_quote_for_eval "${2}"\ +\ eval "${1}+=\\\\ \\$func_quote_for_eval_result"\ +} # Extended-shell func_append_quoted implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + # Save a `func_append' function call where possible by direct use of '+=' + sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +else + # Save a `func_append' function call even when '+=' is not available + sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +fi + +if test x"$_lt_function_replace_fail" = x":"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Unable to substitute extended shell functions in $ofile" >&5 +$as_echo "$as_me: WARNING: Unable to substitute extended shell functions in $ofile" >&2;} +fi + + + mv -f "$cfgfile" "$ofile" || + (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") + chmod +x "$ofile" + + ;; + + esac done # for ac_tag -{ (exit 0); exit 0; } +as_fn_exit 0 _ACEOF -chmod +x $CONFIG_STATUS ac_clean_files=$ac_clean_files_save +test $ac_write_fail = 0 || + as_fn_error "write failure creating $CONFIG_STATUS" "$LINENO" 5 + # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. @@ -54304,14 +31082,166 @@ if test "$no_create" != yes; then exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. - $ac_cs_success || { (exit 1); exit 1; } + $ac_cs_success || as_fn_exit $? +fi + +# +# CONFIG_SUBDIRS section. +# +if test "$no_recursion" != yes; then + + # Remove --cache-file, --srcdir, and --disable-option-checking arguments + # so they do not pile up. + ac_sub_configure_args= + ac_prev= + eval "set x $ac_configure_args" + shift + for ac_arg + do + if test -n "$ac_prev"; then + ac_prev= + continue + fi + case $ac_arg in + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* \ + | --c=*) + ;; + --config-cache | -C) + ;; + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + ;; + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + ;; + --disable-option-checking) + ;; + *) + case $ac_arg in + *\'*) ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + as_fn_append ac_sub_configure_args " '$ac_arg'" ;; + esac + done + + # Always prepend --prefix to ensure using the same prefix + # in subdir configurations. + ac_arg="--prefix=$prefix" + case $ac_arg in + *\'*) ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + ac_sub_configure_args="'$ac_arg' $ac_sub_configure_args" + + # Pass --silent + if test "$silent" = yes; then + ac_sub_configure_args="--silent $ac_sub_configure_args" + fi + + # Always prepend --disable-option-checking to silence warnings, since + # different subdirs can have different --enable and --with options. + ac_sub_configure_args="--disable-option-checking $ac_sub_configure_args" + + ac_popdir=`pwd` + for ac_dir in : $subdirs; do test "x$ac_dir" = x: && continue + + # Do not complain, so a configure script can configure whichever + # parts of a large source tree are present. + test -d "$srcdir/$ac_dir" || continue + + ac_msg="=== configuring in $ac_dir (`pwd`/$ac_dir)" + $as_echo "$as_me:${as_lineno-$LINENO}: $ac_msg" >&5 + $as_echo "$ac_msg" >&6 + as_dir="$ac_dir"; as_fn_mkdir_p + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + + cd "$ac_dir" + + # Check for guested configure; otherwise get Cygnus style configure. + if test -f "$ac_srcdir/configure.gnu"; then + ac_sub_configure=$ac_srcdir/configure.gnu + elif test -f "$ac_srcdir/configure"; then + ac_sub_configure=$ac_srcdir/configure + elif test -f "$ac_srcdir/configure.in"; then + # This should be Cygnus configure. + ac_sub_configure=$ac_aux_dir/configure + else + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: no configuration information is in $ac_dir" >&5 +$as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2;} + ac_sub_configure= + fi + + # The recursion is here. + if test -n "$ac_sub_configure"; then + # Make the cache file name correct relative to the subdirectory. + case $cache_file in + [\\/]* | ?:[\\/]* ) ac_sub_cache_file=$cache_file ;; + *) # Relative name. + ac_sub_cache_file=$ac_top_build_prefix$cache_file ;; + esac + + { $as_echo "$as_me:${as_lineno-$LINENO}: running $SHELL $ac_sub_configure $ac_sub_configure_args --cache-file=$ac_sub_cache_file --srcdir=$ac_srcdir" >&5 +$as_echo "$as_me: running $SHELL $ac_sub_configure $ac_sub_configure_args --cache-file=$ac_sub_cache_file --srcdir=$ac_srcdir" >&6;} + # The eval makes quoting arguments work. + eval "\$SHELL \"\$ac_sub_configure\" $ac_sub_configure_args \ + --cache-file=\"\$ac_sub_cache_file\" --srcdir=\"\$ac_srcdir\"" || + as_fn_error "$ac_sub_configure failed for $ac_dir" "$LINENO" 5 + fi + + cd "$ac_popdir" + done +fi +if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 +$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} fi cat > include/newversion.h.in < #include ], @@ -68,6 +113,10 @@ if test "$enable_hdb_openldap_module" = yes -a "$with_openldap" = yes; then fi AM_CONDITIONAL(OPENLDAP_MODULE, test "$enable_hdb_openldap_module" = yes -a "$with_openldap" = yes) +dnl +dnl Optional modules, pk-init, digest, kx509 +dnl + AC_ARG_ENABLE(pk-init, AS_HELP_STRING([--disable-pk-init], [if you want disable to PK-INIT support])) @@ -76,11 +125,71 @@ if test "$enable_pk_init" != no ;then fi AM_CONDITIONAL(PKINIT, test "$enable_pk_init" != no) +AC_ARG_ENABLE(digest, + AS_HELP_STRING([--disable-digest], + [if you want disable to DIGEST support])) +if test "$enable_digest" != no ;then + AC_DEFINE([DIGEST], 1, [Define to enable DIGEST.]) +fi + +AC_ARG_ENABLE(kx509, + AS_HELP_STRING([--disable-kx509], + [if you want disable to kx509 support])) +if test "$enable_kx509" != no ;then + AC_DEFINE([KX509], 1, [Define to enable kx509.]) +fi + +dnl Need to test if pkg-config exists +PKG_PROG_PKG_CONFIG + +dnl libcap-ng +AC_ARG_WITH([capng], + AC_HELP_STRING([--with-capng], [use libcap-ng to drop KDC privileges @<:@default=check@:>@]), + [], + [with_capng=check]) +if test "$with_capng" != "no"; then + PKG_CHECK_MODULES([CAPNG], [libcap-ng >= 0.4.0], + [with_capng=yes],[with_capng=no]) +fi +if test "$with_capng" = "yes"; then + AC_DEFINE_UNQUOTED([HAVE_CAPNG], 1, [whether capng is available for privilege reduction]) +fi +AM_CONDITIONAL([HAVE_CAPNG], [test "$with_capng" != "no"]) +AC_SUBST([CAPNG_CFLAGS]) +AC_SUBST([CAPNG_LIBS]) + +dnl Check for sqlite +rk_TEST_PACKAGE(sqlite3, +[#include +#ifndef SQLITE_OPEN_CREATE +#error "old version" +#endif], +[-lsqlite3],,,SQLITE3) + +if test "X$with_sqlite3" != Xyes ; then + INCLUDE_sqlite3="-I\$(top_srcdir)/lib/sqlite" + LIB_sqlite3="\$(top_builddir)/lib/sqlite/libheimsqlite.la" +fi +AM_CONDITIONAL(SQLITE3, test "X$with_sqlite3" = Xyes) + +AC_DEFINE(HAVE_SQLITE3, 1, [Define if you want support for sqlite in Heimdal.]) + +AC_ARG_ENABLE(sqlite-cache, + AS_HELP_STRING([--disable-sqlite-cache],[if you want support for cache in sqlite])) +if test "$enable_sqlite_cache" != no; then + AC_DEFINE(HAVE_SCC, 1, [Define if you want support for cache in sqlite.]) +fi +AM_CONDITIONAL(have_scc, test "$enable_sqlite_cache" != no) + + +dnl check for libintl +rk_TEST_PACKAGE(libintl, +[#include ], +[-lintl],,,LIBINTL) dnl path where the hdb directory is stored AC_ARG_WITH([hdbdir], - [AC_HELP_STRING([--with-hdbdir], - [Default location for KDC database @<:@default=/var/heimdal@:>@])], + [AS_HELP_STRING([--with-hdbdir],[Default location for KDC database @<:@default=/var/heimdal@:>@])], [], [with_hdbdir=/var/heimdal]) DIR_hdbdir="$with_hdbdir" @@ -96,6 +205,9 @@ AM_CONDITIONAL(KRB4, false) AM_CONDITIONAL(KRB5, true) AM_CONDITIONAL(do_roken_rename, true) +AC_DEFINE(SUPPORT_INETD, 1, [Enable use of inetd style startup.])dnl + + AC_DEFINE(KRB5, 1, [Enable Kerberos 5 support in applications.])dnl AC_SUBST(LIB_kdb)dnl @@ -125,11 +237,12 @@ AC_SUBST(dpagaix_ldadd) AC_SUBST(dpagaix_ldflags) AC_ARG_ENABLE([afs-support], - AC_HELP_STRING([--disable-afs-support], - [if you don't want support for AFS])) + AS_HELP_STRING([--disable-afs-support],[if you don't want support for AFS])) if test "$enable_afs_support" = no; then AC_DEFINE(NO_AFS, 1, [Define if you don't wan't support for AFS.]) + NO_AFS="1" fi +AC_SUBST(NO_AFS)dnl rk_DB @@ -142,6 +255,8 @@ LIB_roken="\$(top_builddir)/lib/vers/libvers.la $LIB_roken" rk_OTP +rk_LIBDISPATCH + AC_CHECK_OSFC2 AC_ARG_ENABLE(mmap, @@ -164,17 +279,29 @@ rk_CHECK_MAN rk_TEST_PACKAGE(readline, [#include - #include ],-lreadline,,, READLINE) +#if defined(HAVE_READLINE_READLINE_H) +#include +#elif defined(HAVE_READLINE_H) +#include +#endif +],-lreadline,,, READLINE,, [readline.h readline/readline.h]) + +rk_TEST_PACKAGE(libedit, +[#include +#if defined(HAVE_READLINE_READLINE_H) +#include +#elif defined(HAVE_READLINE_H) +#include +#endif +],-ledit,,, READLINE,, [readline.h readline/readline.h]) + +AC_CONFIG_SUBDIRS([lib/libedit]) rk_TEST_PACKAGE(hesiod,[#include ],-lhesiod,,, HESIOD) KRB_C_BIGENDIAN AC_C_INLINE -rk_AIX -rk_IRIX -rk_SUNOS - KRB_CHECK_X AM_CONDITIONAL(HAVE_X, test "$no_x" != yes) @@ -196,12 +323,15 @@ dnl Checks for header files. AC_HEADER_STDC AC_CHECK_HEADERS([\ + CommonCrypto/CommonDigest.h \ + CommonCrypto/CommonCryptor.h \ arpa/ftp.h \ arpa/telnet.h \ bind/bitypes.h \ bsdsetjmp.h \ curses.h \ dlfcn.h \ + execinfo.h \ fnmatch.h \ inttypes.h \ io.h \ @@ -210,7 +340,6 @@ AC_CHECK_HEADERS([\ maillock.h \ netgroup.h \ netinet/in6_machtypes.h \ - netinfo/ni.h \ pthread.h \ pty.h \ sac.h \ @@ -239,6 +368,7 @@ AC_CHECK_HEADERS([\ sys/times.h \ sys/types.h \ sys/un.h \ + locale.h \ termcap.h \ termio.h \ termios.h \ @@ -254,6 +384,13 @@ dnl On Solaris 8 there's a compilation warning for term.h because dnl it doesn't define `bool'. AC_CHECK_HEADERS(term.h, , , -) +dnl aix have asl.h (A/IX screen library) that we don't want +AC_CHECK_HEADERS(asl.h, , , [ +#include +#ifndef ASL_STRING_EMERG +#error ASL_STRING_EMERG missing +#endif]) + AC_CHECK_HEADERS(net/if.h, , , [AC_INCLUDES_DEFAULT #if HAVE_SYS_SOCKET_H #include @@ -284,17 +421,10 @@ AC_CHECK_HEADERS(security/pam_modules.h, , , [AC_INCLUDES_DEFAULT #include ]) -AC_ARG_ENABLE(netinfo, - AS_HELP_STRING([--enable-netinfo],[enable netinfo for configuration lookup])) - -if test "$ac_cv_header_netinfo_ni_h" = yes -a "$enable_netinfo" = yes; then - AC_DEFINE(HAVE_NETINFO, 1, - [Define if you want to use Netinfo instead of krb5.conf.]) -fi - dnl export symbols -rk_WIN32_EXPORT(BUILD_KRB5_LIB, KRB5_LIB_FUNCTION) -rk_WIN32_EXPORT(BUILD_ROKEN_LIB, ROKEN_LIB_FUNCTION) +rk_WIN32_EXPORT(BUILD_KRB5_LIB, KRB5_LIB) +rk_WIN32_EXPORT(BUILD_ROKEN_LIB, ROKEN_LIB) +rk_WIN32_EXPORT(BUILD_GSSAPI_LIB, GSSAPI_LIB) dnl Checks for libraries. @@ -329,6 +459,7 @@ AC_CHECK_FUNCS([ \ _getpty \ _scrsize \ arc4random \ + backtrace \ fcntl \ getpeereid \ getpeerucred \ @@ -358,6 +489,15 @@ AC_CHECK_FUNCS([ \ yp_get_default_domain \ ]) +AC_MSG_CHECKING([checking for __sync_add_and_fetch]) +AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], + [[unsigned int foo; __sync_add_and_fetch(&foo, 1);]])], + [ac_rk_have___sync_add_and_fetch=yes], [ac_rk_have___sync_add_and_fetch=no]) +if test "$ac_rk_have___sync_add_and_fetch" = "yes" ; then + AC_DEFINE_UNQUOTED(HAVE___SYNC_ADD_AND_FETCH, 1, [have __sync_add_and_fetch]) +fi +AC_MSG_RESULT($ac_rk_have___sync_add_and_fetch) + AC_FUNC_MMAP KRB_CAPABILITIES @@ -404,6 +544,13 @@ AC_HAVE_STRUCT_FIELD(struct utmp, ut_id, [#include ]) AC_HAVE_STRUCT_FIELD(struct utmp, ut_pid, [#include ]) AC_HAVE_STRUCT_FIELD(struct utmp, ut_type, [#include ]) AC_HAVE_STRUCT_FIELD(struct utmp, ut_user, [#include ]) +AC_HAVE_STRUCT_FIELD(struct utmpx, ut_host, [#include ]) +AC_HAVE_STRUCT_FIELD(struct utmpx, ut_id, [#include ]) +AC_HAVE_STRUCT_FIELD(struct utmpx, ut_line, [#include ]) +AC_HAVE_STRUCT_FIELD(struct utmpx, ut_pid, [#include ]) +AC_HAVE_STRUCT_FIELD(struct utmpx, ut_tv, [#include ]) +AC_HAVE_STRUCT_FIELD(struct utmpx, ut_type, [#include ]) +AC_HAVE_STRUCT_FIELD(struct utmpx, ut_user, [#include ]) AC_HAVE_STRUCT_FIELD(struct utmpx, ut_exit, [#include ]) AC_HAVE_STRUCT_FIELD(struct utmpx, ut_syslen, [#include ]) @@ -443,10 +590,19 @@ rk_DESTDIRS rk_WFLAGS([-Wall -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs]) +AH_BOTTOM([#ifdef __APPLE__ +#include +#endif]) + AH_BOTTOM([#ifdef ROKEN_RENAME #include "roken_rename.h" #endif]) +AC_ARG_ENABLE(heimdal-documentation, + AS_HELP_STRING([--disable-heimdal-documentation], + [if you want disable to heimdal documentation])) +AM_CONDITIONAL(HEIMDAL_DOCUMENTATION, test "$enable_heimdal_documentation" != no) + AC_CONFIG_FILES(Makefile \ etc/Makefile \ include/Makefile \ @@ -454,19 +610,15 @@ AC_CONFIG_FILES(Makefile \ include/hcrypto/Makefile \ include/kadm5/Makefile \ lib/Makefile \ - lib/45/Makefile \ - lib/auth/Makefile \ - lib/auth/afskauthlib/Makefile \ - lib/auth/pam/Makefile \ - lib/auth/sia/Makefile \ + base/Makefile \ lib/asn1/Makefile \ lib/com_err/Makefile \ lib/hcrypto/Makefile \ - lib/editline/Makefile \ lib/hx509/Makefile \ lib/gssapi/Makefile \ lib/ntlm/Makefile \ lib/hdb/Makefile \ + lib/ipc/Makefile \ lib/kadm5/Makefile \ lib/kafs/Makefile \ lib/kdfs/Makefile \ @@ -474,7 +626,10 @@ AC_CONFIG_FILES(Makefile \ lib/otp/Makefile \ lib/roken/Makefile \ lib/sl/Makefile \ + lib/sqlite/Makefile \ lib/vers/Makefile \ + lib/wind/Makefile \ + po/Makefile \ kuser/Makefile \ kpasswd/Makefile \ kadmin/Makefile \ @@ -505,6 +660,7 @@ AC_CONFIG_FILES(Makefile \ appl/kf/Makefile \ appl/dceutils/Makefile \ tests/Makefile \ + tests/bin/Makefile \ tests/can/Makefile \ tests/db/Makefile \ tests/kdc/Makefile \ @@ -514,7 +670,6 @@ AC_CONFIG_FILES(Makefile \ tests/plugin/Makefile \ packages/Makefile \ packages/mac/Makefile \ - packages/debian/Makefile \ doc/Makefile \ tools/Makefile \ ) @@ -526,8 +681,11 @@ dnl This is the release version name-number[beta] dnl cat > include/newversion.h.in <. + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# Originally written by Alexandre Oliva . + +case $1 in + '') + echo "$0: No command. Try \`$0 --help' for more information." 1>&2 + exit 1; + ;; + -h | --h*) + cat <<\EOF +Usage: depcomp [--help] [--version] PROGRAM [ARGS] + +Run PROGRAMS ARGS to compile a file, generating dependencies +as side-effects. + +Environment variables: + depmode Dependency tracking mode. + source Source file read by `PROGRAMS ARGS'. + object Object file output by `PROGRAMS ARGS'. + DEPDIR directory where to store dependencies. + depfile Dependency file to output. + tmpdepfile Temporary file to use when outputing dependencies. + libtool Whether libtool is used (yes/no). + +Report bugs to . +EOF + exit $? + ;; + -v | --v*) + echo "depcomp $scriptversion" + exit $? + ;; +esac + +if test -z "$depmode" || test -z "$source" || test -z "$object"; then + echo "depcomp: Variables source, object and depmode must be set" 1>&2 + exit 1 +fi + +# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po. +depfile=${depfile-`echo "$object" | + sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`} +tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`} + +rm -f "$tmpdepfile" + +# Some modes work just like other modes, but use different flags. We +# parameterize here, but still list the modes in the big case below, +# to make depend.m4 easier to write. Note that we *cannot* use a case +# here, because this file can only contain one case statement. +if test "$depmode" = hp; then + # HP compiler uses -M and no extra arg. + gccflag=-M + depmode=gcc +fi + +if test "$depmode" = dashXmstdout; then + # This is just like dashmstdout with a different argument. + dashmflag=-xM + depmode=dashmstdout +fi + +cygpath_u="cygpath -u -f -" +if test "$depmode" = msvcmsys; then + # This is just like msvisualcpp but w/o cygpath translation. + # Just convert the backslash-escaped backslashes to single forward + # slashes to satisfy depend.m4 + cygpath_u="sed s,\\\\\\\\,/,g" + depmode=msvisualcpp +fi + +case "$depmode" in +gcc3) +## gcc 3 implements dependency tracking that does exactly what +## we want. Yay! Note: for some reason libtool 1.4 doesn't like +## it if -MD -MP comes after the -MF stuff. Hmm. +## Unfortunately, FreeBSD c89 acceptance of flags depends upon +## the command line argument order; so add the flags where they +## appear in depend2.am. Note that the slowdown incurred here +## affects only configure: in makefiles, %FASTDEP% shortcuts this. + for arg + do + case $arg in + -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;; + *) set fnord "$@" "$arg" ;; + esac + shift # fnord + shift # $arg + done + "$@" + stat=$? + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile" + exit $stat + fi + mv "$tmpdepfile" "$depfile" + ;; + +gcc) +## There are various ways to get dependency output from gcc. Here's +## why we pick this rather obscure method: +## - Don't want to use -MD because we'd like the dependencies to end +## up in a subdir. Having to rename by hand is ugly. +## (We might end up doing this anyway to support other compilers.) +## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like +## -MM, not -M (despite what the docs say). +## - Using -M directly means running the compiler twice (even worse +## than renaming). + if test -z "$gccflag"; then + gccflag=-MD, + fi + "$@" -Wp,"$gccflag$tmpdepfile" + stat=$? + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + echo "$object : \\" > "$depfile" + alpha=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz +## The second -e expression handles DOS-style file names with drive letters. + sed -e 's/^[^:]*: / /' \ + -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile" +## This next piece of magic avoids the `deleted header file' problem. +## The problem is that when a header file which appears in a .P file +## is deleted, the dependency causes make to die (because there is +## typically no way to rebuild the header). We avoid this by adding +## dummy dependencies for each header file. Too bad gcc doesn't do +## this for us directly. + tr ' ' ' +' < "$tmpdepfile" | +## Some versions of gcc put a space before the `:'. On the theory +## that the space means something, we add a space to the output as +## well. +## Some versions of the HPUX 10.20 sed can't process this invocation +## correctly. Breaking it into two sed invocations is a workaround. + sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +hp) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + +sgi) + if test "$libtool" = yes; then + "$@" "-Wp,-MDupdate,$tmpdepfile" + else + "$@" -MDupdate "$tmpdepfile" + fi + stat=$? + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + + if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files + echo "$object : \\" > "$depfile" + + # Clip off the initial element (the dependent). Don't try to be + # clever and replace this with sed code, as IRIX sed won't handle + # lines with more than a fixed number of characters (4096 in + # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines; + # the IRIX cc adds comments like `#:fec' to the end of the + # dependency line. + tr ' ' ' +' < "$tmpdepfile" \ + | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' | \ + tr ' +' ' ' >> "$depfile" + echo >> "$depfile" + + # The second pass generates a dummy entry for each header file. + tr ' ' ' +' < "$tmpdepfile" \ + | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ + >> "$depfile" + else + # The sourcefile does not contain any dependencies, so just + # store a dummy comment line, to avoid errors with the Makefile + # "include basename.Plo" scheme. + echo "#dummy" > "$depfile" + fi + rm -f "$tmpdepfile" + ;; + +aix) + # The C for AIX Compiler uses -M and outputs the dependencies + # in a .u file. In older versions, this file always lives in the + # current directory. Also, the AIX compiler puts `$object:' at the + # start of each line; $object doesn't have directory information. + # Version 6 uses the directory in both cases. + dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` + test "x$dir" = "x$object" && dir= + base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` + if test "$libtool" = yes; then + tmpdepfile1=$dir$base.u + tmpdepfile2=$base.u + tmpdepfile3=$dir.libs/$base.u + "$@" -Wc,-M + else + tmpdepfile1=$dir$base.u + tmpdepfile2=$dir$base.u + tmpdepfile3=$dir$base.u + "$@" -M + fi + stat=$? + + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + do + test -f "$tmpdepfile" && break + done + if test -f "$tmpdepfile"; then + # Each line is of the form `foo.o: dependent.h'. + # Do two passes, one to just change these to + # `$object: dependent.h' and one to simply `dependent.h:'. + sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile" + # That's a tab and a space in the []. + sed -e 's,^.*\.[a-z]*:[ ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile" + else + # The sourcefile does not contain any dependencies, so just + # store a dummy comment line, to avoid errors with the Makefile + # "include basename.Plo" scheme. + echo "#dummy" > "$depfile" + fi + rm -f "$tmpdepfile" + ;; + +icc) + # Intel's C compiler understands `-MD -MF file'. However on + # icc -MD -MF foo.d -c -o sub/foo.o sub/foo.c + # ICC 7.0 will fill foo.d with something like + # foo.o: sub/foo.c + # foo.o: sub/foo.h + # which is wrong. We want: + # sub/foo.o: sub/foo.c + # sub/foo.o: sub/foo.h + # sub/foo.c: + # sub/foo.h: + # ICC 7.1 will output + # foo.o: sub/foo.c sub/foo.h + # and will wrap long lines using \ : + # foo.o: sub/foo.c ... \ + # sub/foo.h ... \ + # ... + + "$@" -MD -MF "$tmpdepfile" + stat=$? + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + # Each line is of the form `foo.o: dependent.h', + # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'. + # Do two passes, one to just change these to + # `$object: dependent.h' and one to simply `dependent.h:'. + sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile" + # Some versions of the HPUX 10.20 sed can't process this invocation + # correctly. Breaking it into two sed invocations is a workaround. + sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" | + sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +hp2) + # The "hp" stanza above does not work with aCC (C++) and HP's ia64 + # compilers, which have integrated preprocessors. The correct option + # to use with these is +Maked; it writes dependencies to a file named + # 'foo.d', which lands next to the object file, wherever that + # happens to be. + # Much of this is similar to the tru64 case; see comments there. + dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` + test "x$dir" = "x$object" && dir= + base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` + if test "$libtool" = yes; then + tmpdepfile1=$dir$base.d + tmpdepfile2=$dir.libs/$base.d + "$@" -Wc,+Maked + else + tmpdepfile1=$dir$base.d + tmpdepfile2=$dir$base.d + "$@" +Maked + fi + stat=$? + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile1" "$tmpdepfile2" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" + do + test -f "$tmpdepfile" && break + done + if test -f "$tmpdepfile"; then + sed -e "s,^.*\.[a-z]*:,$object:," "$tmpdepfile" > "$depfile" + # Add `dependent.h:' lines. + sed -ne '2,${ + s/^ *// + s/ \\*$// + s/$/:/ + p + }' "$tmpdepfile" >> "$depfile" + else + echo "#dummy" > "$depfile" + fi + rm -f "$tmpdepfile" "$tmpdepfile2" + ;; + +tru64) + # The Tru64 compiler uses -MD to generate dependencies as a side + # effect. `cc -MD -o foo.o ...' puts the dependencies into `foo.o.d'. + # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put + # dependencies in `foo.d' instead, so we check for that too. + # Subdirectories are respected. + dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` + test "x$dir" = "x$object" && dir= + base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` + + if test "$libtool" = yes; then + # With Tru64 cc, shared objects can also be used to make a + # static library. This mechanism is used in libtool 1.4 series to + # handle both shared and static libraries in a single compilation. + # With libtool 1.4, dependencies were output in $dir.libs/$base.lo.d. + # + # With libtool 1.5 this exception was removed, and libtool now + # generates 2 separate objects for the 2 libraries. These two + # compilations output dependencies in $dir.libs/$base.o.d and + # in $dir$base.o.d. We have to check for both files, because + # one of the two compilations can be disabled. We should prefer + # $dir$base.o.d over $dir.libs/$base.o.d because the latter is + # automatically cleaned when .libs/ is deleted, while ignoring + # the former would cause a distcleancheck panic. + tmpdepfile1=$dir.libs/$base.lo.d # libtool 1.4 + tmpdepfile2=$dir$base.o.d # libtool 1.5 + tmpdepfile3=$dir.libs/$base.o.d # libtool 1.5 + tmpdepfile4=$dir.libs/$base.d # Compaq CCC V6.2-504 + "$@" -Wc,-MD + else + tmpdepfile1=$dir$base.o.d + tmpdepfile2=$dir$base.d + tmpdepfile3=$dir$base.d + tmpdepfile4=$dir$base.d + "$@" -MD + fi + + stat=$? + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4" + do + test -f "$tmpdepfile" && break + done + if test -f "$tmpdepfile"; then + sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile" + # That's a tab and a space in the []. + sed -e 's,^.*\.[a-z]*:[ ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile" + else + echo "#dummy" > "$depfile" + fi + rm -f "$tmpdepfile" + ;; + +#nosideeffect) + # This comment above is used by automake to tell side-effect + # dependency tracking mechanisms from slower ones. + +dashmstdout) + # Important note: in order to support this mode, a compiler *must* + # always write the preprocessed file to stdout, regardless of -o. + "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + + # Remove `-o $object'. + IFS=" " + for arg + do + case $arg in + -o) + shift + ;; + $object) + shift + ;; + *) + set fnord "$@" "$arg" + shift # fnord + shift # $arg + ;; + esac + done + + test -z "$dashmflag" && dashmflag=-M + # Require at least two characters before searching for `:' + # in the target name. This is to cope with DOS-style filenames: + # a dependency such as `c:/foo/bar' could be seen as target `c' otherwise. + "$@" $dashmflag | + sed 's:^[ ]*[^: ][^:][^:]*\:[ ]*:'"$object"'\: :' > "$tmpdepfile" + rm -f "$depfile" + cat < "$tmpdepfile" > "$depfile" + tr ' ' ' +' < "$tmpdepfile" | \ +## Some versions of the HPUX 10.20 sed can't process this invocation +## correctly. Breaking it into two sed invocations is a workaround. + sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +dashXmstdout) + # This case only exists to satisfy depend.m4. It is never actually + # run, as this mode is specially recognized in the preamble. + exit 1 + ;; + +makedepend) + "$@" || exit $? + # Remove any Libtool call + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + # X makedepend + shift + cleared=no eat=no + for arg + do + case $cleared in + no) + set ""; shift + cleared=yes ;; + esac + if test $eat = yes; then + eat=no + continue + fi + case "$arg" in + -D*|-I*) + set fnord "$@" "$arg"; shift ;; + # Strip any option that makedepend may not understand. Remove + # the object too, otherwise makedepend will parse it as a source file. + -arch) + eat=yes ;; + -*|$object) + ;; + *) + set fnord "$@" "$arg"; shift ;; + esac + done + obj_suffix=`echo "$object" | sed 's/^.*\././'` + touch "$tmpdepfile" + ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@" + rm -f "$depfile" + cat < "$tmpdepfile" > "$depfile" + sed '1,2d' "$tmpdepfile" | tr ' ' ' +' | \ +## Some versions of the HPUX 10.20 sed can't process this invocation +## correctly. Breaking it into two sed invocations is a workaround. + sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" "$tmpdepfile".bak + ;; + +cpp) + # Important note: in order to support this mode, a compiler *must* + # always write the preprocessed file to stdout. + "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + + # Remove `-o $object'. + IFS=" " + for arg + do + case $arg in + -o) + shift + ;; + $object) + shift + ;; + *) + set fnord "$@" "$arg" + shift # fnord + shift # $arg + ;; + esac + done + + "$@" -E | + sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ + -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' | + sed '$ s: \\$::' > "$tmpdepfile" + rm -f "$depfile" + echo "$object : \\" > "$depfile" + cat < "$tmpdepfile" >> "$depfile" + sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +msvisualcpp) + # Important note: in order to support this mode, a compiler *must* + # always write the preprocessed file to stdout. + "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + + IFS=" " + for arg + do + case "$arg" in + -o) + shift + ;; + $object) + shift + ;; + "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI") + set fnord "$@" + shift + shift + ;; + *) + set fnord "$@" "$arg" + shift + shift + ;; + esac + done + "$@" -E 2>/dev/null | + sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile" + rm -f "$depfile" + echo "$object : \\" > "$depfile" + sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s:: \1 \\:p' >> "$depfile" + echo " " >> "$depfile" + sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +msvcmsys) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + +none) + exec "$@" + ;; + +*) + echo "Unknown depmode $depmode" 1>&2 + exit 1 + ;; +esac + +exit 0 + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/doc/Makefile.am b/doc/Makefile.am index 87473fe0a3d6..0f495704633c 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -1,10 +1,10 @@ -# $Id: Makefile.am 22284 2007-12-13 20:39:37Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common AUTOMAKE_OPTIONS = no-texinfo.tex -MAKEINFOFLAGS = --no-split --css-include=$(srcdir)/heimdal.css +MAKEINFOFLAGS = --css-include=$(srcdir)/heimdal.css TEXI2DVI = true # ARGH, make distcheck can't be disabled to not build dvifiles @@ -14,6 +14,26 @@ dxy_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ -e 's,[@]objdir[@],.,g' \ -e 's,[@]PACKAGE_VERSION[@],$(PACKAGE_VERSION),g' +hcrypto.dxy: hcrypto.din Makefile + $(dxy_subst) < $(srcdir)/hcrypto.din > hcrypto.dxy.tmp + chmod +x hcrypto.dxy.tmp + mv hcrypto.dxy.tmp hcrypto.dxy + +hdb.dxy: hdb.din Makefile + $(dxy_subst) < $(srcdir)/hdb.din > hdb.dxy.tmp + chmod +x hdb.dxy.tmp + mv hdb.dxy.tmp hdb.dxy + +hx509.dxy: hx509.din Makefile + $(dxy_subst) < $(srcdir)/hx509.din > hx509.dxy.tmp + chmod +x hx509.dxy.tmp + mv hx509.dxy.tmp hx509.dxy + +gssapi.dxy: gssapi.din Makefile + $(dxy_subst) < $(srcdir)/gssapi.din > gssapi.dxy.tmp + chmod +x gssapi.dxy.tmp + mv gssapi.dxy.tmp gssapi.dxy + krb5.dxy: krb5.din Makefile $(dxy_subst) < $(srcdir)/krb5.din > krb5.dxy.tmp chmod +x krb5.dxy.tmp @@ -24,16 +44,10 @@ ntlm.dxy: ntlm.din Makefile chmod +x ntlm.dxy.tmp mv ntlm.dxy.tmp ntlm.dxy -hx509.dxy: hx509.din Makefile - $(dxy_subst) < $(srcdir)/hx509.din > hx509.dxy.tmp - chmod +x hx509.dxy.tmp - mv hx509.dxy.tmp hx509.dxy - -hcrypto.dxy: hcrypto.din Makefile - $(dxy_subst) < $(srcdir)/hcrypto.din > hcrypto.dxy.tmp - chmod +x hcrypto.dxy.tmp - mv hcrypto.dxy.tmp hcrypto.dxy - +wind.dxy: wind.din Makefile + $(dxy_subst) < $(srcdir)/wind.din > wind.dxy.tmp + chmod +x wind.dxy.tmp + mv wind.dxy.tmp wind.dxy texi_subst = sed -e 's,[@]dbdir[@],$(localstatedir),g' \ -e 's,[@]PACKAGE_VERSION[@],$(PACKAGE_VERSION),g' @@ -43,15 +57,51 @@ vars.texi: vars.tin Makefile chmod +x vars.texi.tmp mv vars.texi.tmp vars.texi -doxygen: krb5.dxy ntlm.dxy hx509.dxy hcrypto.dxy - doxygen krb5.dxy - doxygen ntlm.dxy - doxygen hx509.dxy - doxygen hcrypto.dxy +PROJECTS = hcrypto hdb hx509 gssapi krb5 ntlm wind + +doxyout doxygen: hdb.dxy hx509.dxy hcrypto.dxy gssapi.dxy krb5.dxy ntlm.dxy wind.dxy + @find $(srcdir)/doxyout -type d ! -perm -200 -exec chmod u+w {} ';' ; \ + rm -rf $(srcdir)/doxyout ; \ + mkdir $(srcdir)/doxyout ; \ + for a in $(PROJECTS) ; do \ + echo $$a ; \ + doxygen $$a.dxy; \ + (cd $(srcdir)/doxyout && find $$a/man -type f > $$a/manpages ) ; \ + done + +install-data-hook: install-doxygen-manpage +uninstall-hook: uninstall-doxygen-manpage +dist-hook: doxygen + +install-doxygen-manpage: + for a in $(PROJECTS) ; do \ + f="$(srcdir)/doxyout/$$a/manpages" ; \ + test -f $$f || continue ; \ + echo "install $$a manual pages $$(wc -l < $$f)" ; \ + while read x ; do \ + section=`echo "$$x" | sed 's/.*\.\([0-9]\)/\1/'` ; \ + $(mkinstalldirs) "$(DESTDIR)$(mandir)/man$$section" ; \ + $(INSTALL_DATA) $(srcdir)/doxyout/$$x "$(DESTDIR)$(mandir)/man$$section" ; \ + done < $$f ; \ + done ; exit 0 + +uninstall-doxygen-manpage: + @for a in $(PROJECTS) ; do \ + f="$(srcdir)/doxyout/$$a/manpages" ; \ + test -f $$f || continue ; \ + echo "removing $$a manual pages" ; \ + while read x ; do \ + section=`echo "$$x" | sed 's/.*\.\([0-9]\)/\1/'` ; \ + base=`basename $$x` ; \ + rm "$(DESTDIR)$(mandir)/man$$section/$$base" ; \ + done < $$f ; \ + done + heimdal_TEXINFOS = \ ack.texi \ apps.texi \ + copyright.texi \ heimdal.texi \ install.texi \ intro.texi \ @@ -65,21 +115,30 @@ heimdal_TEXINFOS = \ win2k.texi EXTRA_DIST = \ + NTMakefile \ + doxyout \ + footer.html \ + gssapi.din \ + hdb.din \ + hcrypto.din \ + header.html \ + heimdal.css \ + hx509.din \ krb5.din \ ntlm.din \ - hx509.din \ - hcrypto.din \ - heimdal.css \ init-creds \ latin1.tex \ layman.asc \ doxytmpl.dxy \ + wind.din \ vars.tin CLEANFILES = \ + hcrypto.dxy* \ + hx509.dxy* \ + hdb.dxy* \ + gssapi.dxy* \ krb5.dxy* \ ntlm.dxy* \ - hx509.dxy* \ - hcrypto.dxy* \ + wind.dxy* \ vars.texi* - diff --git a/doc/Makefile.in b/doc/Makefile.in index b79a7e33ece5..01b5d7f6c16c 100644 --- a/doc/Makefile.in +++ b/doc/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +15,16 @@ @SET_MAKE@ -# $Id: Makefile.am 22284 2007-12-13 20:39:37Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -43,7 +45,7 @@ DIST_COMMON = $(heimdal_TEXINFOS) $(srcdir)/Makefile.am \ subdir = doc ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -58,7 +60,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -72,9 +74,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -82,14 +87,13 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = +CONFIG_CLEAN_VPATH_FILES = SOURCES = DIST_SOURCES = INFO_DEPS = $(srcdir)/heimdal.info $(srcdir)/hx509.info @@ -109,55 +113,79 @@ am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -181,10 +209,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -201,6 +230,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -216,31 +247,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -255,10 +300,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -299,32 +346,37 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la AUTOMAKE_OPTIONS = no-texinfo.tex -MAKEINFOFLAGS = --no-split --css-include=$(srcdir)/heimdal.css +MAKEINFOFLAGS = --css-include=$(srcdir)/heimdal.css TEXI2DVI = true # ARGH, make distcheck can't be disabled to not build dvifiles info_TEXINFOS = heimdal.texi hx509.texi dxy_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ @@ -334,9 +386,11 @@ dxy_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ texi_subst = sed -e 's,[@]dbdir[@],$(localstatedir),g' \ -e 's,[@]PACKAGE_VERSION[@],$(PACKAGE_VERSION),g' +PROJECTS = hcrypto hdb hx509 gssapi krb5 ntlm wind heimdal_TEXINFOS = \ ack.texi \ apps.texi \ + copyright.texi \ heimdal.texi \ install.texi \ intro.texi \ @@ -350,40 +404,50 @@ heimdal_TEXINFOS = \ win2k.texi EXTRA_DIST = \ + NTMakefile \ + doxyout \ + footer.html \ + gssapi.din \ + hdb.din \ + hcrypto.din \ + header.html \ + heimdal.css \ + hx509.din \ krb5.din \ ntlm.din \ - hx509.din \ - hcrypto.din \ - heimdal.css \ init-creds \ latin1.tex \ layman.asc \ doxytmpl.dxy \ + wind.din \ vars.tin CLEANFILES = \ + hcrypto.dxy* \ + hx509.dxy* \ + hdb.dxy* \ + gssapi.dxy* \ krb5.dxy* \ ntlm.dxy* \ - hx509.dxy* \ - hcrypto.dxy* \ + wind.dxy* \ vars.texi* all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .dvi .html .info .pdf .ps .texi +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .dvi .html .info .pdf .ps .texi $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps doc/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps doc/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign doc/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign doc/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -401,6 +465,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): mostlyclean-libtool: -rm -f *.lo @@ -410,7 +475,7 @@ clean-libtool: .texi.info: restore=: && backupdir="$(am__leading_dot)am$$$$" && \ - am__cwd=`pwd` && cd $(srcdir) && \ + am__cwd=`pwd` && $(am__cd) $(srcdir) && \ rm -rf $$backupdir && mkdir $$backupdir && \ if ($(MAKEINFO) --version) >/dev/null 2>&1; then \ for f in $@ $@-[0-9] $@-[0-9][0-9] $(@:.info=).i[0-9] $(@:.info=).i[0-9][0-9]; do \ @@ -422,10 +487,10 @@ clean-libtool: -o $@ $<; \ then \ rc=0; \ - cd $(srcdir); \ + $(am__cd) $(srcdir); \ else \ rc=$$?; \ - cd $(srcdir) && \ + $(am__cd) $(srcdir) && \ $$restore $$backupdir/* `echo "./$@" | sed 's|[^/]*$$||'`; \ fi; \ rm -rf $$backupdir; exit $$rc @@ -467,16 +532,18 @@ hx509.html: hx509.texi uninstall-dvi-am: @$(NORMAL_UNINSTALL) - @list='$(DVIS)'; for p in $$list; do \ - f=$(am__strip_dir) \ + @list='$(DVIS)'; test -n "$(dvidir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ echo " rm -f '$(DESTDIR)$(dvidir)/$$f'"; \ rm -f "$(DESTDIR)$(dvidir)/$$f"; \ done uninstall-html-am: @$(NORMAL_UNINSTALL) - @list='$(HTMLS)'; for p in $$list; do \ - f=$(am__strip_dir) \ + @list='$(HTMLS)'; test -n "$(htmldir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ echo " rm -rf '$(DESTDIR)$(htmldir)/$$f'"; \ rm -rf "$(DESTDIR)$(htmldir)/$$f"; \ done @@ -490,7 +557,8 @@ uninstall-info-am: for file in $$list; do \ relfile=`echo "$$file" | sed 's|^.*/||'`; \ echo " install-info --info-dir='$(DESTDIR)$(infodir)' --remove '$(DESTDIR)$(infodir)/$$relfile'"; \ - install-info --info-dir="$(DESTDIR)$(infodir)" --remove "$(DESTDIR)$(infodir)/$$relfile"; \ + if install-info --info-dir="$(DESTDIR)$(infodir)" --remove "$(DESTDIR)$(infodir)/$$relfile"; \ + then :; else test ! -f "$(DESTDIR)$(infodir)/$$relfile" || exit 1; fi; \ done; \ else :; fi @$(NORMAL_UNINSTALL) @@ -506,16 +574,18 @@ uninstall-info-am: uninstall-pdf-am: @$(NORMAL_UNINSTALL) - @list='$(PDFS)'; for p in $$list; do \ - f=$(am__strip_dir) \ + @list='$(PDFS)'; test -n "$(pdfdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ echo " rm -f '$(DESTDIR)$(pdfdir)/$$f'"; \ rm -f "$(DESTDIR)$(pdfdir)/$$f"; \ done uninstall-ps-am: @$(NORMAL_UNINSTALL) - @list='$(PSS)'; for p in $$list; do \ - f=$(am__strip_dir) \ + @list='$(PSS)'; test -n "$(psdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ echo " rm -f '$(DESTDIR)$(psdir)/$$f'"; \ rm -f "$(DESTDIR)$(psdir)/$$f"; \ done @@ -532,20 +602,25 @@ dist-info: $(INFO_DEPS) for file in $$d/$$base $$d/$$base-[0-9] $$d/$$base-[0-9][0-9] $$d/$$base_i[0-9] $$d/$$base_i[0-9][0-9]; do \ if test -f $$file; then \ relfile=`expr "$$file" : "$$d/\(.*\)"`; \ - test -f $(distdir)/$$relfile || \ - cp -p $$file $(distdir)/$$relfile; \ + test -f "$(distdir)/$$relfile" || \ + cp -p $$file "$(distdir)/$$relfile"; \ else :; fi; \ done; \ done mostlyclean-aminfo: - -rm -rf heimdal.aux heimdal.cp heimdal.cps heimdal.fn heimdal.fns heimdal.ky \ - heimdal.kys heimdal.log heimdal.pg heimdal.tmp heimdal.toc \ - heimdal.tp heimdal.tps heimdal.vr heimdal.vrs heimdal.dvi \ - heimdal.pdf heimdal.ps heimdal.html hx509.aux hx509.cp \ - hx509.cps hx509.fn hx509.fns hx509.ky hx509.kys hx509.log \ - hx509.pg hx509.tmp hx509.toc hx509.tp hx509.tps hx509.vr \ - hx509.vrs hx509.dvi hx509.pdf hx509.ps hx509.html + -rm -rf heimdal.aux heimdal.cp heimdal.cps heimdal.fn heimdal.fns \ + heimdal.ky heimdal.kys heimdal.log heimdal.pg heimdal.tmp \ + heimdal.toc heimdal.tp heimdal.tps heimdal.vr heimdal.vrs \ + hx509.aux hx509.cp hx509.cps hx509.fn hx509.fns hx509.ky \ + hx509.kys hx509.log hx509.pg hx509.tmp hx509.toc hx509.tp \ + hx509.tps hx509.vr hx509.vrs + +clean-aminfo: + -test -z "heimdal.dvi heimdal.pdf heimdal.ps heimdal.html hx509.dvi hx509.pdf \ + hx509.ps hx509.html" \ + || rm -rf heimdal.dvi heimdal.pdf heimdal.ps heimdal.html hx509.dvi hx509.pdf \ + hx509.ps hx509.html maintainer-clean-aminfo: @list='$(INFO_DEPS)'; for i in $$list; do \ @@ -576,13 +651,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -618,13 +697,14 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libtool mostlyclean-am +clean-am: clean-aminfo clean-generic clean-libtool mostlyclean-am distclean: distclean-am -rm -f Makefile @@ -645,47 +725,53 @@ info-am: $(INFO_DEPS) install-data-am: install-info-am @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am install-dvi-am: $(DVIS) @$(NORMAL_INSTALL) test -z "$(dvidir)" || $(MKDIR_P) "$(DESTDIR)$(dvidir)" - @list='$(DVIS)'; for p in $$list; do \ + @list='$(DVIS)'; test -n "$(dvidir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(INSTALL_DATA) '$$d$$p' '$(DESTDIR)$(dvidir)/$$f'"; \ - $(INSTALL_DATA) "$$d$$p" "$(DESTDIR)$(dvidir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(dvidir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(dvidir)" || exit $$?; \ done install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am install-html-am: $(HTMLS) @$(NORMAL_INSTALL) test -z "$(htmldir)" || $(MKDIR_P) "$(DESTDIR)$(htmldir)" - @list='$(HTMLS)'; for p in $$list; do \ + @list='$(HTMLS)'; list2=; test -n "$(htmldir)" || list=; \ + for p in $$list; do \ if test -f "$$p" || test -d "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ + $(am__strip_dir) \ if test -d "$$d$$p"; then \ echo " $(MKDIR_P) '$(DESTDIR)$(htmldir)/$$f'"; \ $(MKDIR_P) "$(DESTDIR)$(htmldir)/$$f" || exit 1; \ echo " $(INSTALL_DATA) '$$d$$p'/* '$(DESTDIR)$(htmldir)/$$f'"; \ - $(INSTALL_DATA) "$$d$$p"/* "$(DESTDIR)$(htmldir)/$$f"; \ + $(INSTALL_DATA) "$$d$$p"/* "$(DESTDIR)$(htmldir)/$$f" || exit $$?; \ else \ - echo " $(INSTALL_DATA) '$$d$$p' '$(DESTDIR)$(htmldir)/$$f'"; \ - $(INSTALL_DATA) "$$d$$p" "$(DESTDIR)$(htmldir)/$$f"; \ + list2="$$list2 $$d$$p"; \ fi; \ - done + done; \ + test -z "$$list2" || { echo "$$list2" | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(htmldir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(htmldir)" || exit $$?; \ + done; } install-info: install-info-am install-info-am: $(INFO_DEPS) @$(NORMAL_INSTALL) test -z "$(infodir)" || $(MKDIR_P) "$(DESTDIR)$(infodir)" @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - list='$(INFO_DEPS)'; \ + list='$(INFO_DEPS)'; test -n "$(infodir)" || list=; \ for file in $$list; do \ case $$file in \ $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ @@ -693,18 +779,19 @@ install-info-am: $(INFO_DEPS) if test -f $$file; then d=.; else d=$(srcdir); fi; \ file_i=`echo "$$file" | sed 's|\.info$$||;s|$$|.i|'`; \ for ifile in $$d/$$file $$d/$$file-[0-9] $$d/$$file-[0-9][0-9] \ - $$d/$$file_i[0-9] $$d/$$file_i[0-9][0-9] ; do \ + $$d/$$file_i[0-9] $$d/$$file_i[0-9][0-9] ; do \ if test -f $$ifile; then \ - relfile=`echo "$$ifile" | sed 's|^.*/||'`; \ - echo " $(INSTALL_DATA) '$$ifile' '$(DESTDIR)$(infodir)/$$relfile'"; \ - $(INSTALL_DATA) "$$ifile" "$(DESTDIR)$(infodir)/$$relfile"; \ + echo "$$ifile"; \ else : ; fi; \ done; \ - done + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(infodir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(infodir)" || exit $$?; done @$(POST_INSTALL) @if (install-info --version && \ install-info --version 2>&1 | sed 1q | grep -i -v debian) >/dev/null 2>&1; then \ - list='$(INFO_DEPS)'; \ + list='$(INFO_DEPS)'; test -n "$(infodir)" || list=; \ for file in $$list; do \ relfile=`echo "$$file" | sed 's|^.*/||'`; \ echo " install-info --info-dir='$(DESTDIR)$(infodir)' '$(DESTDIR)$(infodir)/$$relfile'";\ @@ -718,23 +805,27 @@ install-pdf: install-pdf-am install-pdf-am: $(PDFS) @$(NORMAL_INSTALL) test -z "$(pdfdir)" || $(MKDIR_P) "$(DESTDIR)$(pdfdir)" - @list='$(PDFS)'; for p in $$list; do \ + @list='$(PDFS)'; test -n "$(pdfdir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(INSTALL_DATA) '$$d$$p' '$(DESTDIR)$(pdfdir)/$$f'"; \ - $(INSTALL_DATA) "$$d$$p" "$(DESTDIR)$(pdfdir)/$$f"; \ - done + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pdfdir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(pdfdir)" || exit $$?; done install-ps: install-ps-am install-ps-am: $(PSS) @$(NORMAL_INSTALL) test -z "$(psdir)" || $(MKDIR_P) "$(DESTDIR)$(psdir)" - @list='$(PSS)'; for p in $$list; do \ + @list='$(PSS)'; test -n "$(psdir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(INSTALL_DATA) '$$d$$p' '$(DESTDIR)$(psdir)/$$f'"; \ - $(INSTALL_DATA) "$$d$$p" "$(DESTDIR)$(psdir)/$$f"; \ - done + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(psdir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(psdir)" || exit $$?; done installcheck-am: maintainer-clean: maintainer-clean-am @@ -759,20 +850,19 @@ uninstall-am: uninstall-dvi-am uninstall-html-am uninstall-info-am \ uninstall-pdf-am uninstall-ps-am @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook dist-info distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-aminfo \ + clean-aminfo clean-generic clean-libtool dist-hook dist-info \ + distclean distclean-generic distclean-libtool distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-data-hook install-dvi \ + install-dvi-am install-exec install-exec-am install-exec-hook \ + install-html install-html-am install-info install-info-am \ + install-man install-pdf install-pdf-am install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-aminfo \ maintainer-clean-generic mostlyclean mostlyclean-aminfo \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ uninstall uninstall-am uninstall-dvi-am uninstall-hook \ @@ -848,6 +938,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -933,7 +1026,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -947,6 +1040,26 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) fi ; \ done +hcrypto.dxy: hcrypto.din Makefile + $(dxy_subst) < $(srcdir)/hcrypto.din > hcrypto.dxy.tmp + chmod +x hcrypto.dxy.tmp + mv hcrypto.dxy.tmp hcrypto.dxy + +hdb.dxy: hdb.din Makefile + $(dxy_subst) < $(srcdir)/hdb.din > hdb.dxy.tmp + chmod +x hdb.dxy.tmp + mv hdb.dxy.tmp hdb.dxy + +hx509.dxy: hx509.din Makefile + $(dxy_subst) < $(srcdir)/hx509.din > hx509.dxy.tmp + chmod +x hx509.dxy.tmp + mv hx509.dxy.tmp hx509.dxy + +gssapi.dxy: gssapi.din Makefile + $(dxy_subst) < $(srcdir)/gssapi.din > gssapi.dxy.tmp + chmod +x gssapi.dxy.tmp + mv gssapi.dxy.tmp gssapi.dxy + krb5.dxy: krb5.din Makefile $(dxy_subst) < $(srcdir)/krb5.din > krb5.dxy.tmp chmod +x krb5.dxy.tmp @@ -957,26 +1070,54 @@ ntlm.dxy: ntlm.din Makefile chmod +x ntlm.dxy.tmp mv ntlm.dxy.tmp ntlm.dxy -hx509.dxy: hx509.din Makefile - $(dxy_subst) < $(srcdir)/hx509.din > hx509.dxy.tmp - chmod +x hx509.dxy.tmp - mv hx509.dxy.tmp hx509.dxy - -hcrypto.dxy: hcrypto.din Makefile - $(dxy_subst) < $(srcdir)/hcrypto.din > hcrypto.dxy.tmp - chmod +x hcrypto.dxy.tmp - mv hcrypto.dxy.tmp hcrypto.dxy +wind.dxy: wind.din Makefile + $(dxy_subst) < $(srcdir)/wind.din > wind.dxy.tmp + chmod +x wind.dxy.tmp + mv wind.dxy.tmp wind.dxy vars.texi: vars.tin Makefile $(texi_subst) < $(srcdir)/vars.tin > vars.texi.tmp chmod +x vars.texi.tmp mv vars.texi.tmp vars.texi -doxygen: krb5.dxy ntlm.dxy hx509.dxy hcrypto.dxy - doxygen krb5.dxy - doxygen ntlm.dxy - doxygen hx509.dxy - doxygen hcrypto.dxy +doxyout doxygen: hdb.dxy hx509.dxy hcrypto.dxy gssapi.dxy krb5.dxy ntlm.dxy wind.dxy + @find $(srcdir)/doxyout -type d ! -perm -200 -exec chmod u+w {} ';' ; \ + rm -rf $(srcdir)/doxyout ; \ + mkdir $(srcdir)/doxyout ; \ + for a in $(PROJECTS) ; do \ + echo $$a ; \ + doxygen $$a.dxy; \ + (cd $(srcdir)/doxyout && find $$a/man -type f > $$a/manpages ) ; \ + done + +install-data-hook: install-doxygen-manpage +uninstall-hook: uninstall-doxygen-manpage +dist-hook: doxygen + +install-doxygen-manpage: + for a in $(PROJECTS) ; do \ + f="$(srcdir)/doxyout/$$a/manpages" ; \ + test -f $$f || continue ; \ + echo "install $$a manual pages $$(wc -l < $$f)" ; \ + while read x ; do \ + section=`echo "$$x" | sed 's/.*\.\([0-9]\)/\1/'` ; \ + $(mkinstalldirs) "$(DESTDIR)$(mandir)/man$$section" ; \ + $(INSTALL_DATA) $(srcdir)/doxyout/$$x "$(DESTDIR)$(mandir)/man$$section" ; \ + done < $$f ; \ + done ; exit 0 + +uninstall-doxygen-manpage: + @for a in $(PROJECTS) ; do \ + f="$(srcdir)/doxyout/$$a/manpages" ; \ + test -f $$f || continue ; \ + echo "removing $$a manual pages" ; \ + while read x ; do \ + section=`echo "$$x" | sed 's/.*\.\([0-9]\)/\1/'` ; \ + base=`basename $$x` ; \ + rm "$(DESTDIR)$(mandir)/man$$section/$$base" ; \ + done < $$f ; \ + done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/doc/NTMakefile b/doc/NTMakefile new file mode 100644 index 000000000000..4894983cec50 --- /dev/null +++ b/doc/NTMakefile @@ -0,0 +1,119 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=doc + +!include ../windows/NTMakefile.w32 + +heimdal_TEXINFOS = \ + $(OBJ)\ack.texi \ + $(OBJ)\apps.texi \ + $(OBJ)\copyright.texi \ + $(OBJ)\heimdal.texi \ + $(OBJ)\install.texi \ + $(OBJ)\intro.texi \ + $(OBJ)\kerberos4.texi \ + $(OBJ)\migration.texi \ + $(OBJ)\misc.texi \ + $(OBJ)\programming.texi \ + $(OBJ)\setup.texi \ + $(OBJ)\vars.texi \ + $(OBJ)\whatis.texi \ + $(OBJ)\win2k.texi + +hx509_TEXINFOS = \ + $(OBJ)\hx509.texi + +{}.texi{$(OBJ)}.texi: + $(CP) $** $@ + +{}.tin{$(OBJ)}.texi: + $(SED) -e "s,[@]dbdir[@],x,g" \ + -e "s,[@]PACKAGE_VERSION[@],$(VER_PACKAGE_VERSION),g" < $** > $@ + +MAKEINFOFLAGS = --css-include=$(SRCDIR)/heimdal.css + +###################################################################### +# Build heimdal.chm + +# Copyrights-and-Licenses.html is where the table of contents ends up +# when generating HTML output using makeinfo. Same goes for +# How-to-use-the-PKCS11-module.html below. + +$(OBJ)\heimdal\index.html $(OBJ)\heimdal\Copyrights-and-Licenses.html: $(heimdal_TEXINFOS) + cd $(OBJ) + $(MAKEINFO) $(MAKEINFOFLAGS) --html heimdal.texi + cd $(SRCDIR) + +$(OBJ)\heimdal\toc.hhc: $(OBJ)\heimdal\Copyrights-and-Licenses.html + $(PERL) $(SRC)\cf\w32-hh-toc-from-info.pl -o$@ $** + +$(OBJ)\heimdal\heimdal.hhp: heimdal.hhp + $(CP) $** $@ + +$(DOCDIR)\heimdal.chm: $(OBJ)\heimdal\heimdal.hhp $(OBJ)\heimdal\toc.hhc + cd $(OBJ)\heimdal + -$(HHC) heimdal.hhp + $(CP) heimdal.chm $@ + cd $(SRCDIR) + +###################################################################### +# Build hx509.chm + +$(OBJ)\hx509\index.html $(OBJ)\hx509\How-to-use-the-PKCS11-module.html: $(hx509_TEXINFOS) + cd $(OBJ) + $(MAKEINFO) $(MAKEINFOFLAGS) --html hx509.texi + cd $(SRCDIR) + +$(OBJ)\hx509\toc.hhc: $(OBJ)\hx509\How-to-use-the-PKCS11-module.html + $(PERL) $(SRC)\cf\w32-hh-toc-from-info.pl -o$@ $** + +$(OBJ)\hx509\hx509.hhp: hx509.hhp + $(CP) $** $@ + +$(DOCDIR)\hx509.chm: $(OBJ)\hx509\hx509.hhp $(OBJ)\hx509\toc.hhc + cd $(OBJ)\hx509 + -$(HHC) hx509.hhp + $(CP) hx509.chm $@ + cd $(SRCDIR) + +!ifndef NO_DOC +all:: $(OBJ)\heimdal\index.html $(OBJ)\hx509\index.html \ + $(DOCDIR)\heimdal.chm $(DOCDIR)\hx509.chm +!endif + +clean:: + -$(RM) $(OBJ)\heimdal\*.* + -$(RM) $(OBJ)\hx509\*.* + -$(RM) $(DOCDIR)\heimdal.chm + -$(RM) $(DOCDIR)\hx509.chm + +.SUFFIXES: .texi .tin diff --git a/doc/ack.texi b/doc/ack.texi index 3c41f5000bc2..a9d2c6b7db3a 100644 --- a/doc/ack.texi +++ b/doc/ack.texi @@ -1,6 +1,6 @@ -@c $Id: ack.texi 21228 2007-06-20 10:18:03Z lha $ +@c $Id$ -@node Acknowledgments, , Migration, Top +@node Acknowledgments, Copyrights and Licenses, Migration, Top @comment node-name, next, previous, up @appendix Acknowledgments @@ -36,36 +36,86 @@ The @code{pkcs11.h} headerfile was written by the Scute project. Bugfixes, documentation, encouragement, and code has been contributed by: @table @asis -@item Alexander Boström -@item Andreaw Bartlett -@item Björn Sandell +@item Alexander Boström +@item Allan McRae +@item Andrew Bartlett +@item Andrew Cobaugh +@item Andrew Tridge +@item Anton Lundin +@item Asanka Herath +@item Björn Grönvall +@item Björn Sandell +@item Björn Schlögl @item Brandon S. Allbery KF8NH @item Brian A May +@item Buck Huppmann +@item Cacdric Schieli @item Chaskiel M Grundman +@item Christos Zoulas @item Cizzi Storm @item Daniel Kouril @item David Love +@item David Markey @item Derrick J Brashear +@item Donald Norwood @item Douglas E Engert @item Frank van der Linden +@item Gabor Gombas +@item Guido Günther +@item Guillaume Rousse +@item Harald Barth +@item Ingo Schwarze +@item Jacques A. Vidrine +@item Jaideep Padhye +@item Jan Rekorajski @item Jason McIntyre -@item Johan Ihrén +@item Jeffrey Altman +@item Jelmer Vernooij +@item Joerg Pulz +@item Johan Danielsson +@item Johan Gadsjö +@item Johan Ihrén +@item John Center @item Jun-ichiro itojun Hagino +@item KAMADA Ken'ichi +@item Kamen Mazdrashki +@item Karolin Seeger @item Ken Hornstein +@item Love Hörnquist Ã…strand +@item Luke Howard @item Magnus Ahltorp +@item Magnus Holmberg @item Marc Horowitz @item Mario Strasser @item Mark Eichin +@item Martin von Gagern +@item Matthias Dieter Wallnöfer +@item Matthieu Patou @item Mattias Amnefelt @item Michael B Allen @item Michael Fromberger @item Michal Vocu +@item Milosz Kmieciak @item Miroslav Ruda +@item Mustafa A. Hashmi +@item Nicolas Williams +@item Patrik Lundin @item Petr Holub @item Phil Fisher @item Rafal Malinowski +@item Rainer Toebbicke @item Richard Nyberg -@item Åke Sandgren +@item Roland C. Dowdeswell +@item Roman Divacky +@item Russ Allbery +@item Sho Hosoda, ç´°ç”° å°† +@item Simon Wilkinson +@item Stefan Metzmacher +@item Ted Percival +@item Tom Payerle +@item Victor Guerra +@item Zeqing Xia +@item Ã…ke Sandgren @item and we hope that those not mentioned here will forgive us. @end table diff --git a/doc/apps.texi b/doc/apps.texi index 9d451b60cd75..98585c4d0a72 100644 --- a/doc/apps.texi +++ b/doc/apps.texi @@ -1,4 +1,4 @@ -@c $Id: apps.texi 22071 2007-11-14 20:04:50Z lha $ +@c $Id$ @node Applications, Things in search for a better place, Setting up a realm, Top @@ -174,6 +174,32 @@ For more information about AFS see OpenAFS @url{http://www.openafs.org/} and Arla @url{http://www.stacken.kth.se/projekt/arla/}. +@subsection kafs and afslog +@cindex afslog + +@manpage{afslog,1} will obtains AFS tokens for a number of cells. What cells to get +tokens for can either be specified as an explicit list, as file paths to +get tokens for, or be left unspecified, in which case will use whatever +magic @manpage{kafs,3} decides upon. + +If not told what cell to get credentials for, @manpage{kafs,3} will +search for the files ThisCell and TheseCells in the locations +specified in @manpage{kafs,3} and try to get tokens for these cells +and the cells specified in $HOME/.TheseCells. + +More usefully it will look at and ~/.TheseCells in your home directory +and for each line which is a cell get afs token for these cells. + +The TheseCells file defines the the cells to which applications on the +local client machine should try to aquire tokens for. It must reside in +the directories searched by @manpage{kafs,3} on every AFS client machine. + +The file is in ASCII format and contains one character string, the cell +name, per line. Cell names are case sensitive, but most cell names +are lower case. + +See manpage for @manpage{kafs,3} for search locations of ThisCell and TheseCells. + @subsection How to get a KeyFile @file{ktutil -k AFSKEYFILE:KeyFile get afs@@MY.REALM} diff --git a/doc/copyright.texi b/doc/copyright.texi new file mode 100644 index 000000000000..490abbccee83 --- /dev/null +++ b/doc/copyright.texi @@ -0,0 +1,518 @@ + +@macro copynext{} +@vskip 20pt plus 1fil +@end macro + +@macro copyrightstart{} +@end macro + +@macro copyrightend{} +@end macro + + +@node Copyrights and Licenses, , Acknowledgments, Top +@comment node-name, next, previous, up +@appendix Copyrights and Licenses + +@heading Kungliga Tekniska Högskolan + +@copyrightstart +@verbatim + +Copyright (c) 1997-2011 Kungliga Tekniska Högskolan +(Royal Institute of Technology, Stockholm, Sweden). +All rights reserved. + +Portions Copyright (c) 2009 Apple Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +3. Neither the name of the Institute nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +@end verbatim +@copynext + +@heading Massachusetts Institute of Technology + +The parts of the libtelnet that handle Kerberos. + +@verbatim + +Copyright (C) 1990 by the Massachusetts Institute of Technology + +Export of this software from the United States of America may +require a specific license from the United States Government. +It is the responsibility of any person or organization contemplating +export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + +@end verbatim +@copynext + +@heading The Regents of the University of California + +The parts of the libroken, most of libtelnet, telnet, ftp, +and popper. + +@verbatim + +Copyright (c) 1988, 1990, 1993 + The Regents of the University of California. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +3. Neither the name of the University nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +@end verbatim +@copynext + +@heading The Regents of the University of California. + +libedit + +@verbatim + +Copyright (c) 1992, 1993 + The Regents of the University of California. All rights reserved. + +This code is derived from software contributed to Berkeley by +Christos Zoulas of Cornell University. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. Neither the name of the University nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +@end verbatim +@copynext + +@heading TomsFastMath / LibTomMath + +Tom's fast math (bignum support) and LibTomMath + +@verbatim + +LibTomMath is hereby released into the Public Domain. + +@end verbatim + +@copynext + +@heading Doug Rabson + +GSS-API mechglue layer. + +@verbatim + +Copyright (c) 2005 Doug Rabson +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +@end verbatim +@copynext + +@heading PADL Software Pty Ltd + +@table @asis +@item GSS-API CFX, SPNEGO, naming extensions, API extensions. +@item KCM credential cache. +@item HDB LDAP backend. +@end table + +@verbatim + +Copyright (c) 2003-2011, PADL Software Pty Ltd. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +3. Neither the name of PADL Software nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +@end verbatim +@copynext + +@heading Marko Kreen + +Fortuna in libhcrypto + +@verbatim + +Copyright (c) 2005 Marko Kreen +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +@end verbatim +@copynext + +@heading NTT (Nippon Telegraph and Telephone Corporation) + +Camellia in libhcrypto + +@verbatim + +Copyright (c) 2006,2007 +NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer as + the first lines of this file unmodified. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR +IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, +INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +@end verbatim +@copynext + +@heading The NetBSD Foundation, Inc. + +vis.c in libroken + +@verbatim + +Copyright (c) 1999, 2005 The NetBSD Foundation, Inc. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS +``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS +BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +@end verbatim +@copynext + +@heading Vincent Rijmen, Antoon Bosselaers, Paulo Barreto + +AES in libhcrypto + +@verbatim + +rijndael-alg-fst.c + +@version 3.0 (December 2000) + +Optimised ANSI C code for the Rijndael cipher (now AES) + +@author Vincent Rijmen +@author Antoon Bosselaers +@author Paulo Barreto + +This code is hereby placed in the public domain. + +THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS +OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, +EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +@end verbatim +@copynext + +@heading Apple, Inc + +kdc/announce.c + +@verbatim + +Copyright (c) 2008 Apple Inc. All Rights Reserved. + +Export of this software from the United States of America may require +a specific license from the United States Government. It is the +responsibility of any person or organization contemplating export to +obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of Apple Inc. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. Apple Inc. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + +@end verbatim + +@copynext + +@heading Richard Outerbridge + +DES core in libhcrypto + +@verbatim + +D3DES (V5.09) - + +A portable, public domain, version of the Data Encryption Standard. + +Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge. +Thanks to: Dan Hoey for his excellent Initial and Inverse permutation +code; Jim Gillogly & Phil Karn for the DES key schedule code; Dennis +Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau, +for humouring me on. + +Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge. +(GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992. + + +@end verbatim + +@copynext + +@heading Secure Endpoints Inc + +Windows support + +@verbatim + +Copyright (c) 2009, Secure Endpoints Inc. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +- Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +- Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +OF THE POSSIBILITY OF SUCH DAMAGE. + +@end verbatim + +@copynext + +@heading Novell, Inc + +lib/hcrypto/test_dh.c + +@verbatim + +Copyright (c) 2007, Novell, Inc. +Author: Matthias Koenig + +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +* Neither the name of the Novell nor the names of its contributors may be used + to endorse or promote products derived from this software without specific + prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + + +@end verbatim + +@copyrightend diff --git a/doc/doxyout/gssapi/html/doxygen.css b/doc/doxyout/gssapi/html/doxygen.css new file mode 100644 index 000000000000..22c484301dd1 --- /dev/null +++ b/doc/doxyout/gssapi/html/doxygen.css @@ -0,0 +1,473 @@ +BODY,H1,H2,H3,H4,H5,H6,P,CENTER,TD,TH,UL,DL,DIV { + font-family: Geneva, Arial, Helvetica, sans-serif; +} +BODY,TD { + font-size: 90%; +} +H1 { + text-align: center; + font-size: 160%; +} +H2 { + font-size: 120%; +} +H3 { + font-size: 100%; +} +CAPTION { + font-weight: bold +} +DIV.qindex { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navpath { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navtab { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +TD.navtab { + font-size: 70%; +} +A.qindex { + text-decoration: none; + font-weight: bold; + color: #1A419D; +} +A.qindex:visited { + text-decoration: none; + font-weight: bold; + color: #1A419D +} +A.qindex:hover { + text-decoration: none; + background-color: #ddddff; +} +A.qindexHL { + text-decoration: none; + font-weight: bold; + background-color: #6666cc; + color: #ffffff; + border: 1px double #9295C2; +} +A.qindexHL:hover { + text-decoration: none; + background-color: #6666cc; + color: #ffffff; +} +A.qindexHL:visited { + text-decoration: none; + background-color: #6666cc; + color: #ffffff +} +A.el { + text-decoration: none; + font-weight: bold +} +A.elRef { + font-weight: bold +} +A.code:link { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.code:visited { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.codeRef:link { + font-weight: normal; + color: #0000FF +} +A.codeRef:visited { + font-weight: normal; + color: #0000FF +} +A:hover { + text-decoration: none; + background-color: #f2f2ff +} +DL.el { + margin-left: -1cm +} +.fragment { + font-family: monospace, fixed; + font-size: 95%; +} +PRE.fragment { + border: 1px solid #CCCCCC; + background-color: #f5f5f5; + margin-top: 4px; + margin-bottom: 4px; + margin-left: 2px; + margin-right: 8px; + padding-left: 6px; + padding-right: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +DIV.ah { + background-color: black; + font-weight: bold; + color: #ffffff; + margin-bottom: 3px; + margin-top: 3px +} + +DIV.groupHeader { + margin-left: 16px; + margin-top: 12px; + margin-bottom: 6px; + font-weight: bold; +} +DIV.groupText { + margin-left: 16px; + font-style: italic; + font-size: 90% +} +BODY { + background: white; + color: black; + margin-right: 20px; + margin-left: 20px; +} +TD.indexkey { + background-color: #e8eef2; + font-weight: bold; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TD.indexvalue { + background-color: #e8eef2; + font-style: italic; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TR.memlist { + background-color: #f0f0f0; +} +P.formulaDsp { + text-align: center; +} +IMG.formulaDsp { +} +IMG.formulaInl { + vertical-align: middle; +} +SPAN.keyword { color: #008000 } +SPAN.keywordtype { color: #604020 } +SPAN.keywordflow { color: #e08000 } +SPAN.comment { color: #800000 } +SPAN.preprocessor { color: #806020 } +SPAN.stringliteral { color: #002080 } +SPAN.charliteral { color: #008080 } +SPAN.vhdldigit { color: #ff00ff } +SPAN.vhdlchar { color: #000000 } +SPAN.vhdlkeyword { color: #700070 } +SPAN.vhdllogic { color: #ff0000 } + +.mdescLeft { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.mdescRight { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.memItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplParams { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + color: #606060; + background-color: #FAFAFA; + font-size: 80%; +} +.search { + color: #003399; + font-weight: bold; +} +FORM.search { + margin-bottom: 0px; + margin-top: 0px; +} +INPUT.search { + font-size: 75%; + color: #000080; + font-weight: normal; + background-color: #e8eef2; +} +TD.tiny { + font-size: 75%; +} +a { + color: #1A41A8; +} +a:visited { + color: #2A3798; +} +.dirtab { + padding: 4px; + border-collapse: collapse; + border: 1px solid #84b0c7; +} +TH.dirtab { + background: #e8eef2; + font-weight: bold; +} +HR { + height: 1px; + border: none; + border-top: 1px solid black; +} + +/* Style for detailed member documentation */ +.memtemplate { + font-size: 80%; + color: #606060; + font-weight: normal; + margin-left: 3px; +} +.memnav { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +.memitem { + padding: 4px; + background-color: #eef3f5; + border-width: 1px; + border-style: solid; + border-color: #dedeee; + -moz-border-radius: 8px 8px 8px 8px; +} +.memname { + white-space: nowrap; + font-weight: bold; +} +.memdoc{ + padding-left: 10px; +} +.memproto { + background-color: #d5e1e8; + width: 100%; + border-width: 1px; + border-style: solid; + border-color: #84b0c7; + font-weight: bold; + -moz-border-radius: 8px 8px 8px 8px; +} +.paramkey { + text-align: right; +} +.paramtype { + white-space: nowrap; +} +.paramname { + color: #602020; + font-style: italic; + white-space: nowrap; +} +/* End Styling for detailed member documentation */ + +/* for the tree view */ +.ftvtree { + font-family: sans-serif; + margin:0.5em; +} +/* these are for tree view when used as main index */ +.directory { + font-size: 9pt; + font-weight: bold; +} +.directory h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} + +/* The following two styles can be used to replace the root node title */ +/* with an image of your choice. Simply uncomment the next two styles, */ +/* specify the name of your image and be sure to set 'height' to the */ +/* proper pixel height of your image. */ + +/* .directory h3.swap { */ +/* height: 61px; */ +/* background-repeat: no-repeat; */ +/* background-image: url("yourimage.gif"); */ +/* } */ +/* .directory h3.swap span { */ +/* display: none; */ +/* } */ + +.directory > h3 { + margin-top: 0; +} +.directory p { + margin: 0px; + white-space: nowrap; +} +.directory div { + display: none; + margin: 0px; +} +.directory img { + vertical-align: -30%; +} +/* these are for tree view when not used as main index */ +.directory-alt { + font-size: 100%; + font-weight: bold; +} +.directory-alt h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} +.directory-alt > h3 { + margin-top: 0; +} +.directory-alt p { + margin: 0px; + white-space: nowrap; +} +.directory-alt div { + display: none; + margin: 0px; +} +.directory-alt img { + vertical-align: -30%; +} + diff --git a/doc/doxyout/gssapi/html/doxygen.png b/doc/doxyout/gssapi/html/doxygen.png new file mode 100644 index 0000000000000000000000000000000000000000..f0a274bbaffdd67f6d784c894d9cf28729db0e14 GIT binary patch literal 1281 zcmaJ>ZA?>F7(Vx-ms?uoS`b@hdRtpo6o^%HU>M$hfGrBvQnk$LE?p^P!kn&ikhyq! zX~V@&tPF5Qt@V?oTL96Bi%aRiwbe1)9DWQI#?)=HxS7QSw`J`5fAJ*eJbB;uNuKA& zdERDo*{Y<(If(#(B$Lr#;nB(8Y#ia=ZCeW?JfPLuQY`=@cW$k}Rivq|vbxGrRq1Tl9;+(gNt?}UtVKM2`T5t1jLzuL@0UIs`S#vlhl4)^ zLgSYrPj@$+`|j?eSbXTmiHGkWxV8V}BzNR?pl9k_s4pDu9vd5a_UzZEPk)}Ad{AV_ zzddrjrh4=Imr`E06;LY{)YYt?o}L~H@7C}F^WB!Ra=v`Q0bj{>5&$66CWF>mf6vjP z2N>RRY6ZYa=K`76>+|_)Xdwko+7wv}7cN|btOhWb(*{sta~6b?S8Omrxw}!4`NhGr zZVpNqpu1@BE`QGWNTpEpcJVW5izu~2B^GlM?1(OPg)zwW;QcP@Ltcclm>XbJL9C|j z=9!2?ua=uIlf0%AndzHsRC}IyTL$EhAee(fdKB`?27KeS^2M8M_7b~PiCFO&r5LC7 z7gl1*a<8;SjNaw#h=843_AV9iZbWQOAp5YOC^&_F*9K0> zB|6%IDb?aM#3viTxkLU4aXg&@+CkNTOnQ1iMP*^?b|^lJy$4C)Zk4isV!|RZ*XhXh zw8q3$=*0LeGC!XI_Wc?dkT~3+*Gu%%yIqP+Wr3H$=&ROMQU6q}Ag^P~>c5vAEO;a- z_dK-3PPeKar%)6$j~vI2#*-YH!1h6HYVtwCX5_wM`iF#UKz&&@9Oo5w3%XGYrX zW>dY~)SG-((Yim%`InwgTvyRC?e=Wh^8KCao!R6Eg&TpVWUY1sN~4G}V?nFnEGo-; zHZ_$eW9-GnC%^WS9b z@p;-$oH#MtC0v>Q$HX%4^JdFdO$0cbv-W)Q TtK}Eh@>>I#ipmV1>S*>q-hkC} literal 0 HcmV?d00001 diff --git a/doc/doxyout/gssapi/html/graph_legend.dot b/doc/doxyout/gssapi/html/graph_legend.dot new file mode 100644 index 000000000000..4df0f1aa4864 --- /dev/null +++ b/doc/doxyout/gssapi/html/graph_legend.dot @@ -0,0 +1,22 @@ +digraph G +{ + edge [fontname="FreeSans",fontsize=10,labelfontname="FreeSans",labelfontsize=10]; + node [fontname="FreeSans",fontsize=10,shape=record]; + Node9 [shape="box",label="Inherited",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",fillcolor="grey75",style="filled" fontcolor="black"]; + Node10 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node10 [shape="box",label="PublicBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPublicBase.html"]; + Node11 -> Node10 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node11 [shape="box",label="Truncated",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="red",URL="$classTruncated.html"]; + Node13 -> Node9 [dir=back,color="darkgreen",fontsize=10,style="solid",fontname="FreeSans"]; + Node13 [shape="box",label="ProtectedBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classProtectedBase.html"]; + Node14 -> Node9 [dir=back,color="firebrick4",fontsize=10,style="solid",fontname="FreeSans"]; + Node14 [shape="box",label="PrivateBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPrivateBase.html"]; + Node15 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node15 [shape="box",label="Undocumented",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="grey75"]; + Node16 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node16 [shape="box",label="Templ< int >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node17 -> Node16 [dir=back,color="orange",fontsize=10,style="dashed",label="< int >",fontname="FreeSans"]; + Node17 [shape="box",label="Templ< T >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node18 -> Node9 [dir=back,color="darkorchid3",fontsize=10,style="dashed",label="m_usedClass",fontname="FreeSans"]; + Node18 [shape="box",label="Used",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classUsed.html"]; +} diff --git a/doc/doxyout/gssapi/html/graph_legend.html b/doc/doxyout/gssapi/html/graph_legend.html new file mode 100644 index 000000000000..681de5067e10 --- /dev/null +++ b/doc/doxyout/gssapi/html/graph_legend.html @@ -0,0 +1,88 @@ + + +HeimdalGSS-APIlibrary: Graph Legend + + + +

+keyhole logo +

+ + + +
+

Graph Legend

This page explains how to interpret the graphs that are generated by doxygen.

+Consider the following example: 

/*! Invisible class because of truncation */
+class Invisible { };
+
+/*! Truncated class, inheritance relation is hidden */
+class Truncated : public Invisible { };
+
+/* Class not documented with doxygen comments */
+class Undocumented { };
+
+/*! Class that is inherited using public inheritance */
+class PublicBase : public Truncated { };
+
+/*! A template class */
+template<class T> class Templ { };
+
+/*! Class that is inherited using protected inheritance */
+class ProtectedBase { };
+
+/*! Class that is inherited using private inheritance */
+class PrivateBase { };
+
+/*! Class that is used by the Inherited class */
+class Used { };
+
+/*! Super class that inherits a number of other classes */
+class Inherited : public PublicBase,
+                  protected ProtectedBase,
+                  private PrivateBase,
+                  public Undocumented,
+                  public Templ<int>
+{
+  private:
+    Used *m_usedClass;
+};
+
If the MAX_DOT_GRAPH_HEIGHT tag in the configuration file is set to 240 this will result in the following graph:

+

+graph_legend.png +
+

+The boxes in the above graph have the following meaning:

    +
  • +A filled gray box represents the struct or class for which the graph is generated.
    • +
  • +A box with a black border denotes a documented struct or class.
    • +
  • +A box with a grey border denotes an undocumented struct or class.
    • +
  • +A box with a red border denotes a documented struct or class forwhich not all inheritance/containment relations are shown. A graph is truncated if it does not fit within the specified boundaries.
    • +
+The arrows have the following meaning:
    +
  • +A dark blue arrow is used to visualize a public inheritance relation between two classes.
    • +
  • +A dark green arrow is used for protected inheritance.
    • +
  • +A dark red arrow is used for private inheritance.
    • +
  • +A purple dashed arrow is used if a class is contained or used by another class. The arrow is labeled with the variable(s) through which the pointed class or struct is accessible.
    • +
  • +A yellow dashed arrow denotes a relation between a template instance and the template class it was instantiated from. The arrow is labeled with the template parameters of the instance.
    • +
+
+
+Generated on Sat Jul 30 13:45:39 2011 for HeimdalGSS-APIlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/gssapi/html/graph_legend.png b/doc/doxyout/gssapi/html/graph_legend.png new file mode 100644 index 0000000000000000000000000000000000000000..9b96937bfd5f7a36ea8dbf2d64ed1bc0768f074d GIT binary patch literal 4256 zcmbVQdpOkH_8+NND!Jtq6-jtSR7_-I$|WI0?zfSY$_$d3afzvf+>+dd5k>AJ%rwTO zToWRpOjQk;SpA-vZaxFm|)qS zZ0&nc$jcV$urMS*mT>5$AW~=+0-V=-hk3d;65QJTE=oj@xp?1=Mih?*SJGP9x;tMV zMGEN%60bmjDaijL58nc4RjF^hegOwU1I*ccRUmxdMkPM4ng0%#|DsH zA6uS>izR^x-*dYB+Y^@(q_fm3bgQzJ)xH_6x>lGwshWF+C5$5dh3sYD)tK+C6U)CD z^Xomarii5PA4v8qF_zz#buUwD?ro`8dC&7V-sShflU~*CBDZ04x4+3qE16W{eL_xd z3YaO}b1qpA9YL|0YKdw~2PzM=1=7+ItLm0+tST@%D(MNDzHR)+2t0d#|s}$9i(3xGzT8VL8o-ltIwH zpspqZeXR&2qA6r=nJVuhHO>d5w2$gp9i$H^6ROz!yNTjvm&9kupV73|GPJbXR%Sq0{>>GOn}^wshXC&C~6F@ zQEtikDzl-h2C}qRulGQ3fxzQMGiQH>nv}zkLLPr|qAC;3@PP$cr?(+-t?Wl3jb0<+ z#bCd_jVJ74%s*@eBjHtio7tZ>$BFt@%$M_C#AZgnzPm@&TXYQgE_Vo-ac(6wcJS^F zq)^14asP#Se^m*cnG^`{K>nXv_jhChvr_3s{zCkoqlsf=o8GQ>m@l2)em-YYT;u5A zvL(o`$7n~F&}`E{@&v375BP8e8N#D`H-e$%bEytQt-6o^PA%Dz4c-UeB{`~c4E<$L zY5E6~rKXj#P=fpct4bMP!auX;p7jtP@Li|`r|L0{yav|CLqtLNI5sNFr)16{NP2=B zyY+-Wnh;%3ctC&{8FU{!e29-)s6j~L{~V=%0`Mo=V6^am+1%z2<9r3tD~6uUPff|k zVx!)!?zoJ8FYTDC+V^!??@ z4c>lSL|BU?N^?Ew@NJxJzG9eMGFyR)(2&@Nt!t3%JLT|%6obYCChp}`hP)dkti;UH zm+B_wyb0#h=*|iH4Fx&x>#k_WnyfzU(!KMagDGGLWwz39qG2@`w4@&@8MH}K=hcV> zo@xJdqtMHqtZ+UobNt|FkIRV*_Z#K{{Bb)#j z9XM+oNQX|Dn7$9c4;PX=9NRr)QYm+3 z zx^AyiP)aaJ#E<#aI_Z4M0qo~}6_b{Fw7LjYEpq&2eP4e=;`V;2lQjooTv3dWIpwWu z2b1z&DZD^dJ%5Ah@TPsb?SUP1RZa2=43!k>cAI`kktGdN*#k}_EFYJBtdo09U?xBs z9K9CSx_e{=df>B<4TT_=s52}n^1IKq){xhJIZR<%sQ$rL)Ww)Yt%WkDo#ad}s&Gx5 z={);tH9sSrJ>yD-tu!$ob?tPKmFU3SdDt@i5ULq$P+JZ&rBZXITMM2R4_v1ibgOiq zMgY#(>xF-;&)HonG+sHE@%)-B1*r)@ga3!db-Vc_x}smbXU4=Ycmit0F{Z9Z=q9*k zSY@ypaOs8`MX!BUZQ8*PNmX5$J|!1|LUar)5#Wv*4#g@nfsebEcx9@8Xwfb0Q9P(} z=SQ6#aIE*x06hjIS#Bd%McoJc%>SXksuJY|iLLCE2cQVDS=q0ExRn*~`i=fOw%XSg zjPMNGM@azaROpa|{rz4!=+zKM?qLTssH`{-E+@6Hhis|f3;+_M-ZtTHa|~uvmR1gf ztc+og%<|DBdt%HY{wmosZ0Dwo_$k|E-l5uc@dsfQXM7S|Iz@BxYy&z}hOFW|~F{vQ0Osp+?FjWk}l^^`$3d&Um1 z?&sxr?AAGlD4Khy<_>4od`Bblh?&9%UY#-Jq!c|?kU+hLL^MH@`5+jaq0btJpn7*b#Oeh1GEn6atjaCyIWfr0OqB$o*_K7>Hw0 z?BwrA^UZy(f_CdPoNz0!X6_EX?r80CuKuJ>x7Nfyd8EE%k&D?|=iJJfS>IQjndp+} zQwBq!$`>mvPmG!I^V(%R)Gym_|72^0&$a-L)TN^qtKvF!jlxIo?PRq6kTb-X53|%h z?IKy}wPh>cXPpl!CgqlED%v-a$)H5&WV66^EQctD_=l_ z8tuq$z=3tBNHyzQ{oqHd0c`bijo3DfaK&P6ljOYB*yU$_@k`qhq8=mtA4jS1B1K(j zvo2FBwlJ2mJRPCUqlyR$(a}O)y*2{y;Q!N$t<@I0rtBY~s9-^ohW}mp>mSLEID_fCC?)BC#xQVv6?MP3l1#chr!wPGR>M7_ma= zq&T4QLL#pPdxWMc8$@t?@@dX?v6SXk)pHf5YJBDF1J==c$=Ycr+-OyqR^Hvbl3sPR z*>|+VVnI4^ix_q({i~Ss$FYFSvqug*Szu}$jsTR7w#ajG&vB+e-65%XO$A}#xf?z1 zg)!qcIUN0peM-ZkW0&88#R#(`yIXN3nMRX3+scl<5eJ{+iXh{t%uA$^_(QR&k?6b}K!<(1P zqwP4`%br=wo_WfO34*7x=@)Qk8fo1(!f2_Wx<|KCf>TXR>Fs0He*PA|d0Gy2j)&Wm z%VnPoVWk((0ZN^Z;9t1nfauExQsXD8>~~^(ibEcj>iyB>^{0^bacb(gZMDZOg!?o2 zVa@4%Q3kdQ_jg7p|GidA+;Dh4mlhvBOEsuq(9T4mj7oc$7JRBo7sK z*E^0e%k=;_*U4pQ>$TPd_p@|Nm&X+6SCcizU6^Uhlfh+H#~(#zENDe!uqZ){ma3WhTpgE+}F#p~*bqL)ZYn`y8- zBOJ+jO4A2S!yO<}KP2QQ_3v@|Y0!qSg0~x9LPU!Rsy0*lW)2#guxB_)5P-_Hzz)sa zrnuTszvZ!oPt?A{2s%#E?qLUMss-0P-a={w>U|QXvO8{_pDLhOoY0}ZSU>&a#hJ<$ zf4Q&uT+Go7?*M0-NYFE>V%3O24hlHr&CvTIS_##QeB#n}e(gAe6vWs=NZv-DofbkO zu7$-h7Q@{+$HyEaDZEwf6AwUFq;NBnTgsf5s%mT33zz?)Ep+-3VmZ8*J#3y~)Ura$ zpPFz&43@7o6>!a?EZ!3?!?z=`K9*}HvAgu@#TSq?Ptjq6-{ylGIr3f2q%wW0|I7*vVROWS&K z1ujjlesAY3i{h8`HADO2qu*4TzqaC^gbVQY}Bcx zdccd&Kl-bUFIRb=gLuNk3HsaqMMi`2e%ujt?uM0xCs*bj=EwvJFU`+a_d(+X)YjtG z8ViTUA+`cG73Cc^6!T_s=HK)o?m&=mp;4>0A$DnH#54&G^7{I|FO#0N%dZAibZ>6* z?nPYXp5X^8B9a_9oS$PjT-x+F#$I{v>ysq>cBG2e?JyMGV2r`NPxrsx8;iIjX^q~Dr;D*ylh literal 0 HcmV?d00001 diff --git a/doc/doxyout/gssapi/html/group__gssapi.html b/doc/doxyout/gssapi/html/group__gssapi.html new file mode 100644 index 000000000000..d4250e95b1cd --- /dev/null +++ b/doc/doxyout/gssapi/html/group__gssapi.html @@ -0,0 +1,892 @@ + + +HeimdalGSS-APIlibrary: Heimdal GSS-API functions + + + +

+keyhole logo +

+ + + +
+

Heimdal GSS-API functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_add_oid_set_member (OM_uint32 *minor_status, const gss_OID member_oid, gss_OID_set *oid_set)
GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_wrap_iov (OM_uint32 *minor_status, gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, int *conf_state, gss_iov_buffer_desc *iov, int iov_count)
GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_unwrap_iov (OM_uint32 *minor_status, gss_ctx_id_t context_handle, int *conf_state, gss_qop_t *qop_state, gss_iov_buffer_desc *iov, int iov_count)
GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_wrap_iov_length (OM_uint32 *minor_status, gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, int *conf_state, gss_iov_buffer_desc *iov, int iov_count)
GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_release_iov_buffer (OM_uint32 *minor_status, gss_iov_buffer_desc *iov, int iov_count)
GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_canonicalize_name (OM_uint32 *minor_status, const gss_name_t input_name, const gss_OID mech_type, gss_name_t *output_name)
GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_import_name (OM_uint32 *minor_status, const gss_buffer_t input_name_buffer, const gss_OID input_name_type, gss_name_t *output_name)
GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_init_sec_context (OM_uint32 *minor_status, const gss_cred_id_t initiator_cred_handle, gss_ctx_id_t *context_handle, const gss_name_t target_name, const gss_OID input_mech_type, OM_uint32 req_flags, OM_uint32 time_req, const gss_channel_bindings_t input_chan_bindings, const gss_buffer_t input_token, gss_OID *actual_mech_type, gss_buffer_t output_token, OM_uint32 *ret_flags, OM_uint32 *time_rec)
GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_inquire_saslname_for_mech (OM_uint32 *minor_status, const gss_OID desired_mech, gss_buffer_t sasl_mech_name, gss_buffer_t mech_name, gss_buffer_t mech_description)
GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_inquire_attrs_for_mech (OM_uint32 *minor_status, gss_const_OID mech, gss_OID_set *mech_attr, gss_OID_set *known_mech_attrs)
GSSAPI_LIB_FUNCTION int
+GSSAPI_LIB_CALL 		gss_oid_equal (gss_const_OID a, gss_const_OID b)
GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_release_cred (OM_uint32 *minor_status, gss_cred_id_t *cred_handle)
GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_release_name (OM_uint32 *minor_status, gss_name_t *input_name)
GSSAPI_LIB_FUNCTION OM_uint32
+GSSAPI_LIB_CALL 		gss_wrap (OM_uint32 *minor_status, const gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, const gss_buffer_t input_message_buffer, int *conf_state, gss_buffer_t output_message_buffer)

Variables

gss_OID_desc GSSAPI_LIB_FUNCTION __gss_c_attr_stream_sizes_oid_desc
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_add_oid_set_member (OM_uint32 *  minor_status,
const gss_OID  member_oid,
gss_OID_set *  oid_set 
)
+
+
+ +

+Add a oid to the oid set, function does not make a copy of the oid, so the pointer to member_oid needs to be stable for the whole time oid_set is used.

+If there is a duplicate member of the oid, the new member is not added to to the set.

+

Parameters:
+ + + + +
minor_status minor status code.
member_oid member to add to the oid set
oid_set oid set to add the member too
+
+
Returns:
a gss_error code, see gss_display_status() about printing the error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_canonicalize_name (OM_uint32 *  minor_status,
const gss_name_t  input_name,
const gss_OID  mech_type,
gss_name_t *  output_name 
)
+
+
+ +

+gss_canonicalize_name takes a Internal Name (IN) and converts in into a mechanism specific Mechanism Name (MN).

+The input name may multiple name, or generic name types.

+If the input_name if of the GSS_C_NT_USER_NAME, and the Kerberos mechanism is specified, the resulting MN type is a GSS_KRB5_NT_PRINCIPAL_NAME.

+For more information about internalVSmechname.

+

Parameters:
+ + + + + +
minor_status minor status code.
input_name name to covert, unchanged by gss_canonicalize_name().
mech_type the type to convert Name too.
output_name the resulting type, release with gss_release_name(), independent of input_name.
+
+
Returns:
a gss_error code, see gss_display_status() about printing the error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_import_name (OM_uint32 *  minor_status,
const gss_buffer_t  input_name_buffer,
const gss_OID  input_name_type,
gss_name_t *  output_name 
)
+
+
+ +

+Import a name internal or mechanism name

+Type of name and their format:

    +
  • GSS_C_NO_OID
  • GSS_C_NT_USER_NAME
  • GSS_C_NT_HOSTBASED_SERVICE
  • GSS_C_NT_EXPORT_NAME
  • GSS_C_NT_ANONYMOUS
  • GSS_KRB5_NT_PRINCIPAL_NAME
+

+For more information about internalVSmechname.

+

Parameters:
+ + + + + +
minor_status minor status code
input_name_buffer import name buffer
input_name_type type of the import name buffer
output_name the resulting type, release with gss_release_name(), independent of input_name
+
+
Returns:
a gss_error code, see gss_display_status() about printing the error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_init_sec_context (OM_uint32 *  minor_status,
const gss_cred_id_t  initiator_cred_handle,
gss_ctx_id_t *  context_handle,
const gss_name_t  target_name,
const gss_OID  input_mech_type,
OM_uint32  req_flags,
OM_uint32  time_req,
const gss_channel_bindings_t  input_chan_bindings,
const gss_buffer_t  input_token,
gss_OID *  actual_mech_type,
gss_buffer_t  output_token,
OM_uint32 *  ret_flags,
OM_uint32 *  time_rec 
)
+
+
+ +

+As the initiator build a context with an acceptor.

+Returns in the major

    +
  • GSS_S_COMPLETE - if the context if build
  • GSS_S_CONTINUE_NEEDED - if the caller needs to continue another round of gss_i nit_sec_context
  • error code - any other error code
+

+

Parameters:
+ + + + + + + + + + + + + + +
minor_status minor status code.
initiator_cred_handle the credential to use when building the context, if GSS_C_NO_CREDENTIAL is passed, the default credential for the mechanism will be used.
context_handle a pointer to a context handle, will be returned as long as there is not an error.
target_name the target name of acceptor, created using gss_import_name(). The name is can be of any name types the mechanism supports, check supported name types with gss_inquire_names_for_mech().
input_mech_type mechanism type to use, if GSS_C_NO_OID is used, Kerberos (GSS_KRB5_MECHANISM) will be tried. Other available mechanism are listed in the GSS-API mechanisms section.
req_flags flags using when building the context, see Context creation flags
time_req time requested this context should be valid in seconds, common used value is GSS_C_INDEFINITE
input_chan_bindings Channel bindings used, if not exepected otherwise, used GSS_C_NO_CHANNEL_BINDINGS
input_token input token sent from the acceptor, for the initial packet the buffer of { NULL, 0 } should be used.
actual_mech_type the actual mech used, MUST NOT be freed since it pointing to static memory.
output_token if there is an output token, regardless of complete, continue_needed, or error it should be sent to the acceptor
ret_flags return what flags was negotitated, caller should check if they are accetable. For example, if GSS_C_MUTUAL_FLAG was negotiated with the acceptor or not.
time_rec amount of time this context is valid for
+
+
Returns:
a gss_error code, see gss_display_status() about printing the error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_attrs_for_mech (OM_uint32 *  minor_status,
gss_const_OID  mech,
gss_OID_set *  mech_attr,
gss_OID_set *  known_mech_attrs 
)
+
+
+ +

+List support attributes for a mech and/or all mechanisms.

+

Parameters:
+ + + + + +
minor_status minor status code
mech given together with mech_attr will return the list of attributes for mechanism, can optionally be GSS_C_NO_OID.
mech_attr see mech parameter, can optionally be NULL, release with gss_release_oid_set().
known_mech_attrs all attributes for mechanisms supported, release with gss_release_oid_set().
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_saslname_for_mech (OM_uint32 *  minor_status,
const gss_OID  desired_mech,
gss_buffer_t  sasl_mech_name,
gss_buffer_t  mech_name,
gss_buffer_t  mech_description 
)
+
+
+ +

+Returns different protocol names and description of the mechanism.

+

Parameters:
+ + + + + + +
minor_status minor status code
desired_mech mech list query
sasl_mech_name SASL GS2 protocol name
mech_name gssapi protocol name
mech_description description of gssapi mech
+
+
Returns:
returns GSS_S_COMPLETE or a error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL gss_oid_equal (gss_const_OID  a,
gss_const_OID  b 
)
+
+
+ +

+Compare two GSS-API OIDs with each other.

+GSS_C_NO_OID matches nothing, not even it-self.

+

Parameters:
+ + + +
a first oid to compare
b second oid to compare
+
+
Returns:
non-zero when both oid are the same OID, zero when they are not the same.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_cred (OM_uint32 *  minor_status,
gss_cred_id_t *  cred_handle 
)
+
+
+ +

+Release a credentials

+Its ok to release the GSS_C_NO_CREDENTIAL/NULL credential, it will return a GSS_S_COMPLETE error code. On return cred_handle is set ot GSS_C_NO_CREDENTIAL.

+Example:

+

 gss_cred_id_t cred = GSS_C_NO_CREDENTIAL;
+ major = gss_release_cred(&minor, &cred);
+

+

Parameters:
+ + + +
minor_status minor status return code, mech specific
cred_handle a pointer to the credential too release
+
+
Returns:
an gssapi error code
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_iov_buffer (OM_uint32 *  minor_status,
gss_iov_buffer_desc *  iov,
int  iov_count 
)
+
+
+ +

+Free all buffer allocated by gss_wrap_iov() or gss_unwrap_iov() by looking at the GSS_IOV_BUFFER_FLAG_ALLOCATED flag. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_name (OM_uint32 *  minor_status,
gss_name_t *  input_name 
)
+
+
+ +

+Free a name

+import_name can point to NULL or be NULL, or a pointer to a gss_name_t structure. If it was a pointer to gss_name_t, the pointer will be set to NULL on success and failure.

+

Parameters:
+ + + +
minor_status minor status code
input_name name to free
+
+
Returns:
a gss_error code, see gss_display_status() about printing the error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_unwrap_iov (OM_uint32 *  minor_status,
gss_ctx_id_t  context_handle,
int *  conf_state,
gss_qop_t *  qop_state,
gss_iov_buffer_desc *  iov,
int  iov_count 
)
+
+
+ +

+Decrypt or verifies the signature on the data. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap (OM_uint32 *  minor_status,
const gss_ctx_id_t  context_handle,
int  conf_req_flag,
gss_qop_t  qop_req,
const gss_buffer_t  input_message_buffer,
int *  conf_state,
gss_buffer_t  output_message_buffer 
)
+
+
+ +

+Wrap a message using either confidentiality (encryption + signature) or sealing (signature).

+

Parameters:
+ + + + + + + + +
minor_status minor status code.
context_handle context handle.
conf_req_flag if non zero, confidentiality is requestd.
qop_req type of protection needed, in most cases it GSS_C_QOP_DEFAULT should be passed in.
input_message_buffer messages to wrap
conf_state returns non zero if confidentiality was honoured.
output_message_buffer the resulting buffer, release with gss_release_buffer().
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap_iov (OM_uint32 *  minor_status,
gss_ctx_id_t  context_handle,
int  conf_req_flag,
gss_qop_t  qop_req,
int *  conf_state,
gss_iov_buffer_desc *  iov,
int  iov_count 
)
+
+
+ +

+Encrypts or sign the data.

+This is a more complicated version of gss_wrap(), it allows the caller to use AEAD data (signed header/trailer) and allow greater controll over where the encrypted data is placed.

+The maximum packet size is gss_context_stream_sizes.max_msg_size.

+The caller needs provide the folloing buffers when using in conf_req_flag=1 mode:

+

    +
  • HEADER (of size gss_context_stream_sizes.header) { DATA or SIGN_ONLY } (optional, zero or more) PADDING (of size gss_context_stream_sizes.blocksize, if zero padding is zero, can be omitted) TRAILER (of size gss_context_stream_sizes.trailer)
+

+

    +
  • on DCE-RPC mode, the caller can skip PADDING and TRAILER if the DATA elements is padded to a block bountry and header is of at least size gss_context_stream_sizes.header + gss_context_stream_sizes.trailer.
+

+HEADER, PADDING, TRAILER will be shrunken to the size required to transmit any of them too large.

+To generate gss_wrap() compatible packets, use: HEADER | DATA | PADDING | TRAILER

+When used in conf_req_flag=0,

+

    +
  • HEADER (of size gss_context_stream_sizes.header) { DATA or SIGN_ONLY } (optional, zero or more) PADDING (of size gss_context_stream_sizes.blocksize, if zero padding is zero, can be omitted) TRAILER (of size gss_context_stream_sizes.trailer)
+

+The input sizes of HEADER, PADDING and TRAILER can be fetched using gss_wrap_iov_length() or gss_context_query_attributes(). +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap_iov_length (OM_uint32 *  minor_status,
gss_ctx_id_t  context_handle,
int  conf_req_flag,
gss_qop_t  qop_req,
int *  conf_state,
gss_iov_buffer_desc *  iov,
int  iov_count 
)
+
+
+ +

+Update the length fields in iov buffer for the types:

    +
  • GSS_IOV_BUFFER_TYPE_HEADER
  • GSS_IOV_BUFFER_TYPE_PADDING
  • GSS_IOV_BUFFER_TYPE_TRAILER
+

+Consider using gss_context_query_attributes() to fetch the data instead. +

+

+

Variable Documentation

+ +
+
+ + + + +
gss_OID_desc GSSAPI_LIB_FUNCTION __gss_c_attr_stream_sizes_oid_desc
+
+
+ +

+Initial value:

+    {10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03")}
+
Query the context for parameters.

+SSPI equivalent if this function is QueryContextAttributes.

+

    +
  • GSS_C_ATTR_STREAM_SIZES data is a gss_context_stream_sizes.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:39 2011 for HeimdalGSS-APIlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/gssapi/html/gssapi_mechs_intro.html b/doc/doxyout/gssapi/html/gssapi_mechs_intro.html new file mode 100644 index 000000000000..41e861e7446d --- /dev/null +++ b/doc/doxyout/gssapi/html/gssapi_mechs_intro.html @@ -0,0 +1,30 @@ + + +HeimdalGSS-APIlibrary: GSS-API mechanisms + + + +

+keyhole logo +

+ + + +
+

GSS-API mechanisms

+GSS-API mechanisms

+
    +
  • Kerberos 5 - GSS_KRB5_MECHANISM
  • SPNEGO - GSS_SPNEGO_MECHANISM
  • NTLM - GSS_NTLM_MECHANISM
+
+
+Generated on Sat Jul 30 13:45:39 2011 for HeimdalGSS-APIlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/gssapi/html/gssapi_services_intro.html b/doc/doxyout/gssapi/html/gssapi_services_intro.html new file mode 100644 index 000000000000..cc779a0c7834 --- /dev/null +++ b/doc/doxyout/gssapi/html/gssapi_services_intro.html @@ -0,0 +1,43 @@ + + +HeimdalGSS-APIlibrary: Introduction to GSS-API services + + + +

+keyhole logo +

+ + + +
+

Introduction to GSS-API services

+GSS-API services

+

+Context creation

+
    +
  • delegation
  • mutual authentication
  • anonymous
  • use per message before context creation has completed
+

+return status:

    +
  • support conf
  • support int
+

+Context creation flags

+
    +
  • GSS_C_DELEG_FLAG
  • GSS_C_MUTUAL_FLAG
  • GSS_C_REPLAY_FLAG
  • GSS_C_SEQUENCE_FLAG
  • GSS_C_CONF_FLAG
  • GSS_C_INTEG_FLAG
  • GSS_C_ANON_FLAG
  • GSS_C_PROT_READY_FLAG
  • GSS_C_TRANS_FLAG
  • GSS_C_DCE_STYLE
  • GSS_C_IDENTIFY_FLAG
  • GSS_C_EXTENDED_ERROR_FLAG
  • GSS_C_DELEG_POLICY_FLAG
+

+Per-message services

+
    +
  • conf
  • int
  • message integrity
  • replay detection
  • out of sequence
+
+
+Generated on Sat Jul 30 13:45:39 2011 for HeimdalGSS-APIlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/gssapi/html/index.html b/doc/doxyout/gssapi/html/index.html new file mode 100644 index 000000000000..ccb0e98b1fda --- /dev/null +++ b/doc/doxyout/gssapi/html/index.html @@ -0,0 +1,36 @@ + + +HeimdalGSS-APIlibrary: Heimdal GSS-API Library + + + +

+keyhole logo +

+ + + +
+

Heimdal GSS-API Library

+

+

1.5

Heimdal implements the following mechanisms:

+

    +
  • Kerberos 5
  • SPNEGO
  • NTLM
+

+See GSS-API mechanisms for more describtion about these mechanisms.

+The project web page: http://www.h5l.org/

+

+
+
+Generated on Sat Jul 30 13:45:39 2011 for HeimdalGSS-APIlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/gssapi/html/internalvsmechname.html b/doc/doxyout/gssapi/html/internalvsmechname.html new file mode 100644 index 000000000000..59fce7f16580 --- /dev/null +++ b/doc/doxyout/gssapi/html/internalvsmechname.html @@ -0,0 +1,36 @@ + + +HeimdalGSS-APIlibrary: Internal names and mechanism names + + + +

+keyhole logo +

+ + + +
+

Internal names and mechanism names

+Name forms

+There are two forms of name in GSS-API, Internal form and Contiguous string ("flat") form. gss_export_name() and gss_import_name() can be used to convert between the two forms.

+

    +
  • The contiguous string form is described by an oid specificing the type and an octet string. A special form of the contiguous string form is the exported name object. The exported name defined for each mechanism, is something that can be stored and complared later. The exported name is what should be used for ACLs comparisons.
+

+

    +
  • The Internal form
+

+There is also special form of the Internal Name (IN), and that is the Mechanism Name (MN). In the mechanism name all the generic information is stripped of and only contain the information for one mechanism. In GSS-API some function return MN and some require MN as input. Each of these function is marked up as such.

+Describe relationship between import_name, canonicalize_name, export_name and friends.

+
+Generated on Sat Jul 30 13:45:39 2011 for HeimdalGSS-APIlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/gssapi/html/modules.html b/doc/doxyout/gssapi/html/modules.html new file mode 100644 index 000000000000..4bf4e61ed78f --- /dev/null +++ b/doc/doxyout/gssapi/html/modules.html @@ -0,0 +1,29 @@ + + +HeimdalGSS-APIlibrary: Module Index + + + +

+keyhole logo +

+ + + +
+

Modules

Here is a list of all modules: +
+
+Generated on Sat Jul 30 13:45:39 2011 for HeimdalGSS-APIlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/gssapi/html/pages.html b/doc/doxyout/gssapi/html/pages.html new file mode 100644 index 000000000000..97112f8f8f5c --- /dev/null +++ b/doc/doxyout/gssapi/html/pages.html @@ -0,0 +1,34 @@ + + +HeimdalGSS-APIlibrary: Page Index + + + +

+keyhole logo +

+ + + +
+

Related Pages

Here is a list of all related documentation pages: +
+
+Generated on Sat Jul 30 13:45:39 2011 for HeimdalGSS-APIlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/gssapi/html/tab_b.gif b/doc/doxyout/gssapi/html/tab_b.gif new file mode 100644 index 0000000000000000000000000000000000000000..0d623483ffdf5f9f96900108042a7ab0643fe2a3 GIT binary patch literal 35 ncmZ?wbhEHbWMp7uXkcJy*>IeJfk6j|fqX^=1|}vKMh0sDa2W*H literal 0 HcmV?d00001 diff --git a/doc/doxyout/gssapi/html/tab_l.gif b/doc/doxyout/gssapi/html/tab_l.gif new file mode 100644 index 0000000000000000000000000000000000000000..9b1e6337c9299a700401a2a78a2c6ffced475216 GIT binary patch literal 706 zcmZ?wbhEHbZT`}F1e&(Gg}Y(8=I;HA5#Z$3JI=gGB)FQ#odI(O&E^@q;x zK6mr*m3xOS-#u~t!I@i+u0DKm^U160k6t`|^WpV}&n+8{U%dD9&a>B#U%!9-@yol< zU%&tQ{rk_K|NsC0`}dE5ET99@1@a36+kb~?0UJ*yc&I3X_m z!ND^5$O7$#8OFRuDhG}!?8z?cdZK&!`PWjdR;Aj^wZ` zeK{IEYHBJ)6K8VIp1`BVt++swf6j+=L{p1*nO(VhE`pFexG@5$|>uaCcd z`0m=9m+yak{QmXN#Sc$^{$X9h9&q2jiKAI|&T)a;PPx2K9p`YIdw8HtR5k2Q$2-O2 z*;3y{MQ-RnJTgJfI&R5|O)AHxDf_00XbPvDZPy4t=hHd)nfLPvms&O`Ok(sD()5v$ z5U@&h;a=#xbxVbo2~X&Xj0Ie(f{v>vERH+qC+nTG=B8Nca=wU-O$?1&vUgV~9=!H; zx>3p9Yn%*<>t~sk+&0xfyS8RsPfYBd<~wWK%j-LmpU>O7yX^h#UCp1x-p#i7@bE;py8XI6 zmY<)m>~)W~yIWcMVoiPg{duuf<*)9qZ9l$m*Ph&W&$jlv*Vpa+{pH@n=IQ$L?0$ax ec60Ul|8o2P|NVbd{6P)#weSbE3}s?04AuZvx_~SI literal 0 HcmV?d00001 diff --git a/doc/doxyout/gssapi/html/tab_r.gif b/doc/doxyout/gssapi/html/tab_r.gif new file mode 100644 index 0000000000000000000000000000000000000000..ce9dd9f533cb5486d6941844f442b59d4a9e9175 GIT binary patch literal 2585 zcmbV}`9Bkk1ILFF--w5zJc=ZZT(zjE=;2|_S)Qm~rCWz1Pc)KPl;jv%A#&v2*x}yc zmf2~Jm~&=xjJY?PqwIN}f8qQ2{r$uH{c*nJbmr{cR5??*egHrs-B=MzCF`3%e{FAW z{oL5xTHn~5TM{jaB;@|_Ue5F&Zb@p(kMyG{*;gWDg zyeL|eZf7Qd8=#bXzSiR{yzRgLSj-fJS8>lBjVHN z^o-0eS=nE6a`W;LChBs=`+QAJP~{b93>H^eRb5kCSC1zUNezun%`L5M?RDzv#%jk7 zYVRX=vATPD`+oEfum^{RM@GjuP?-r=yh0!p;Vx^T9G7~`7%5ydH%70=jyJ;;`d;hv92x3R=z{xp+Lg2!*@OK*K15-t&okoPtSED)h&$RLxdbA zseWm^C3d%-yRNi-ryk^!ek+C`n&~cd$#ZWct_cUL{l~i+Nzx^5d!n94(>bW-iL~Rl z&8r)?q|1DIo=0=judQ{FaGcfLERz8gfn3-Qt<2lksh{mzpT}DXxUuR^z=^key&q4! z+wWI45vL0k$R^(F#{qfqhUsN@WA+w-V?LPH33!Q?WFSB3)WBojE@hK41Nb?KfS+Qo zXgrzfsP$wr4Qzy*{OD>uJBjdgGM@VMml5)2f~_}lD*YyOb}Hjeobhz#4c`w(l^>KK zr?Ud;W~Z}*w;%hZ|2^p^+f06gJDJQD zeIhGADbDmm&6arh(q>EZ<7mjzg7l|z$hRL8=1>)Nv=S7CY$B}iYJ&*T_-T_OG*L1q ztZ3Lana33?y3AKnyq^YCF|4x%Rb5WU&2qcl{TFKey%QJeMxn^SdT!hZ5+0i1zeusiYVp-phBl7b5+Px-X&LhByq z0F&<;K0l2+v>qiHlXb#$jXMv$uK-dEGE9L~qtdU(XeRXmvu*K2Q&6!fD**JxYP4b4BR7FdJ$Qx9G9`J%-_X!a#LGpp3g9)VWytGCa;7`S1_e8F~!R+aSJ zOF17p2`H?2kPs8Q`_;U}+D%3p zs2-0BTqFwpUoBk`?P;iPQ(IbEA|JmMx!P&YYG|R@S=5Mnw;-?A6rEEVyV%d7{iU4a zNk`i!%F(Ykpm`}#oH;BjY->@b8vQedv;pza2FL&*6ufjd+*3Ute&>kes~TU?^KkojsTh(o~(3tk1Y6>4(yn( z#U*ID9@eg-beKo1B;HXe+}{Z%n@7m0+yxivuqk9~;!1LGQlah)xYK4>wgL}l6dsaN zIxlRlq`*`j9PG4*0hD6YV_b_2w5b#)o7J?`q#{GjvvKlD`T*dWcZx<-s(ZvLB44E# z=!|sw!?)@%y$oRNL#25WS3lzdii}TuQ3?CLnvQ1_n};2sT_;Y;#d3=+-(O% zMN$>O!3;ke(UuLR%h_&)N zs^!-@A>QR}4yB1bPp`9S19ikTbZ~O{&FF-yHK{En;mmShDUIEw03`j(DBIsM}Rjki2J#SQa3gFZTKBPDeIiLt9Z z%bL3(B@Qw%(B`wSMS~dPh$=R`(}lBoFXKy(s|*{#ru$wjsBc_O#zxNk9w+UUHmx(U zmJ8+M+ndtnZ<7|VU9Mbt61zpo9T&3%Wx&XII=#QJxjR`CZf22ac3d51Z?GD%LEe_&*t46Qf;4`bZ7p2K(Ab5>GfT^}4! zBT&HZD`^PEgWoI&{~o-ID0F?O`75sm(87x%A{(}Ch1)QlzdJ)1B-eqe5a(weg0`4lQIf1evjvbBY50DVbzO7CLf|vP z2#0(U-|jZ`H{y5N^o7%iK6H>_HEGN->U6^!)1{XpJV!!4(Ig7wzZQ*9WYF4X1rG0x z=1uA@i`rIAciubDC{;~b(|&|A@xkjRP5aRcvRU9tvIm}jDB6J eQ0-6-y)mpwdT=ayS0tBxKDA*~;EWmo literal 0 HcmV?d00001 diff --git a/doc/doxyout/gssapi/html/tabs.css b/doc/doxyout/gssapi/html/tabs.css new file mode 100644 index 000000000000..95f00a91da30 --- /dev/null +++ b/doc/doxyout/gssapi/html/tabs.css @@ -0,0 +1,102 @@ +/* tabs styles, based on http://www.alistapart.com/articles/slidingdoors */ + +DIV.tabs +{ + float : left; + width : 100%; + background : url("tab_b.gif") repeat-x bottom; + margin-bottom : 4px; +} + +DIV.tabs UL +{ + margin : 0px; + padding-left : 10px; + list-style : none; +} + +DIV.tabs LI, DIV.tabs FORM +{ + display : inline; + margin : 0px; + padding : 0px; +} + +DIV.tabs FORM +{ + float : right; +} + +DIV.tabs A +{ + float : left; + background : url("tab_r.gif") no-repeat right top; + border-bottom : 1px solid #84B0C7; + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + +DIV.tabs A:hover +{ + background-position: 100% -150px; +} + +DIV.tabs A:link, DIV.tabs A:visited, +DIV.tabs A:active, DIV.tabs A:hover +{ + color: #1A419D; +} + +DIV.tabs SPAN +{ + float : left; + display : block; + background : url("tab_l.gif") no-repeat left top; + padding : 5px 9px; + white-space : nowrap; +} + +DIV.tabs INPUT +{ + float : right; + display : inline; + font-size : 1em; +} + +DIV.tabs TD +{ + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + + + +/* Commented Backslash Hack hides rule from IE5-Mac \*/ +DIV.tabs SPAN {float : none;} +/* End IE5-Mac hack */ + +DIV.tabs A:hover SPAN +{ + background-position: 0% -150px; +} + +DIV.tabs LI.current A +{ + background-position: 100% -150px; + border-width : 0px; +} + +DIV.tabs LI.current SPAN +{ + background-position: 0% -150px; + padding-bottom : 6px; +} + +DIV.navpath +{ + background : none; + border : none; + border-bottom : 1px solid #84B0C7; +} diff --git a/doc/doxyout/gssapi/man/man3/__gss_c_attr_stream_sizes_oid_desc.3 b/doc/doxyout/gssapi/man/man3/__gss_c_attr_stream_sizes_oid_desc.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/__gss_c_attr_stream_sizes_oid_desc.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_add_oid_set_member.3 b/doc/doxyout/gssapi/man/man3/gss_add_oid_set_member.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_add_oid_set_member.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_canonicalize_name.3 b/doc/doxyout/gssapi/man/man3/gss_canonicalize_name.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_canonicalize_name.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_import_name.3 b/doc/doxyout/gssapi/man/man3/gss_import_name.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_import_name.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_init_sec_context.3 b/doc/doxyout/gssapi/man/man3/gss_init_sec_context.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_init_sec_context.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_inquire_attrs_for_mech.3 b/doc/doxyout/gssapi/man/man3/gss_inquire_attrs_for_mech.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_inquire_attrs_for_mech.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_inquire_saslname_for_mech.3 b/doc/doxyout/gssapi/man/man3/gss_inquire_saslname_for_mech.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_inquire_saslname_for_mech.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_oid_equal.3 b/doc/doxyout/gssapi/man/man3/gss_oid_equal.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_oid_equal.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_release_cred.3 b/doc/doxyout/gssapi/man/man3/gss_release_cred.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_release_cred.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_release_iov_buffer.3 b/doc/doxyout/gssapi/man/man3/gss_release_iov_buffer.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_release_iov_buffer.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_release_name.3 b/doc/doxyout/gssapi/man/man3/gss_release_name.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_release_name.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_unwrap_iov.3 b/doc/doxyout/gssapi/man/man3/gss_unwrap_iov.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_unwrap_iov.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_wrap.3 b/doc/doxyout/gssapi/man/man3/gss_wrap.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_wrap.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_wrap_iov.3 b/doc/doxyout/gssapi/man/man3/gss_wrap_iov.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_wrap_iov.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gss_wrap_iov_length.3 b/doc/doxyout/gssapi/man/man3/gss_wrap_iov_length.3 new file mode 100644 index 000000000000..3dff74cffef0 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gss_wrap_iov_length.3 @@ -0,0 +1 @@ +.so man3/gssapi.3 diff --git a/doc/doxyout/gssapi/man/man3/gssapi.3 b/doc/doxyout/gssapi/man/man3/gssapi.3 new file mode 100644 index 000000000000..789f32f4d339 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gssapi.3 @@ -0,0 +1,389 @@ +.TH "Heimdal GSS-API functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalGSS-APIlibrary" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal GSS-API functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_add_oid_set_member\fP (OM_uint32 *minor_status, const gss_OID member_oid, gss_OID_set *oid_set)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_wrap_iov\fP (OM_uint32 *minor_status, gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, int *conf_state, gss_iov_buffer_desc *iov, int iov_count)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_unwrap_iov\fP (OM_uint32 *minor_status, gss_ctx_id_t context_handle, int *conf_state, gss_qop_t *qop_state, gss_iov_buffer_desc *iov, int iov_count)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_wrap_iov_length\fP (OM_uint32 *minor_status, gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, int *conf_state, gss_iov_buffer_desc *iov, int iov_count)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_release_iov_buffer\fP (OM_uint32 *minor_status, gss_iov_buffer_desc *iov, int iov_count)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_canonicalize_name\fP (OM_uint32 *minor_status, const gss_name_t input_name, const gss_OID mech_type, gss_name_t *output_name)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_import_name\fP (OM_uint32 *minor_status, const gss_buffer_t input_name_buffer, const gss_OID input_name_type, gss_name_t *output_name)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_init_sec_context\fP (OM_uint32 *minor_status, const gss_cred_id_t initiator_cred_handle, gss_ctx_id_t *context_handle, const gss_name_t target_name, const gss_OID input_mech_type, OM_uint32 req_flags, OM_uint32 time_req, const gss_channel_bindings_t input_chan_bindings, const gss_buffer_t input_token, gss_OID *actual_mech_type, gss_buffer_t output_token, OM_uint32 *ret_flags, OM_uint32 *time_rec)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_inquire_saslname_for_mech\fP (OM_uint32 *minor_status, const gss_OID desired_mech, gss_buffer_t sasl_mech_name, gss_buffer_t mech_name, gss_buffer_t mech_description)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_inquire_attrs_for_mech\fP (OM_uint32 *minor_status, gss_const_OID mech, gss_OID_set *mech_attr, gss_OID_set *known_mech_attrs)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL \fBgss_oid_equal\fP (gss_const_OID a, gss_const_OID b)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_release_cred\fP (OM_uint32 *minor_status, gss_cred_id_t *cred_handle)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_release_name\fP (OM_uint32 *minor_status, gss_name_t *input_name)" +.br +.ti -1c +.RI "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL \fBgss_wrap\fP (OM_uint32 *minor_status, const gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, const gss_buffer_t input_message_buffer, int *conf_state, gss_buffer_t output_message_buffer)" +.br +.in -1c +.SS "Variables" + +.in +1c +.ti -1c +.RI "gss_OID_desc GSSAPI_LIB_FUNCTION \fB__gss_c_attr_stream_sizes_oid_desc\fP" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_add_oid_set_member (OM_uint32 * minor_status, const gss_OID member_oid, gss_OID_set * oid_set)" +.PP +Add a oid to the oid set, function does not make a copy of the oid, so the pointer to member_oid needs to be stable for the whole time oid_set is used. +.PP +If there is a duplicate member of the oid, the new member is not added to to the set. +.PP +\fBParameters:\fP +.RS 4 +\fIminor_status\fP minor status code. +.br +\fImember_oid\fP member to add to the oid set +.br +\fIoid_set\fP oid set to add the member too +.RE +.PP +\fBReturns:\fP +.RS 4 +a gss_error code, see gss_display_status() about printing the error code. +.RE +.PP + +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_canonicalize_name (OM_uint32 * minor_status, const gss_name_t input_name, const gss_OID mech_type, gss_name_t * output_name)" +.PP +gss_canonicalize_name takes a Internal Name (IN) and converts in into a mechanism specific Mechanism Name (MN). +.PP +The input name may multiple name, or generic name types. +.PP +If the input_name if of the GSS_C_NT_USER_NAME, and the Kerberos mechanism is specified, the resulting MN type is a GSS_KRB5_NT_PRINCIPAL_NAME. +.PP +For more information about \fBinternalVSmechname\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIminor_status\fP minor status code. +.br +\fIinput_name\fP name to covert, unchanged by \fBgss_canonicalize_name()\fP. +.br +\fImech_type\fP the type to convert Name too. +.br +\fIoutput_name\fP the resulting type, release with \fBgss_release_name()\fP, independent of input_name. +.RE +.PP +\fBReturns:\fP +.RS 4 +a gss_error code, see gss_display_status() about printing the error code. +.RE +.PP + +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_import_name (OM_uint32 * minor_status, const gss_buffer_t input_name_buffer, const gss_OID input_name_type, gss_name_t * output_name)" +.PP +Import a name internal or mechanism name +.PP +Type of name and their format: +.IP "\(bu" 2 +GSS_C_NO_OID +.IP "\(bu" 2 +GSS_C_NT_USER_NAME +.IP "\(bu" 2 +GSS_C_NT_HOSTBASED_SERVICE +.IP "\(bu" 2 +GSS_C_NT_EXPORT_NAME +.IP "\(bu" 2 +GSS_C_NT_ANONYMOUS +.IP "\(bu" 2 +GSS_KRB5_NT_PRINCIPAL_NAME +.PP +.PP +For more information about \fBinternalVSmechname\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIminor_status\fP minor status code +.br +\fIinput_name_buffer\fP import name buffer +.br +\fIinput_name_type\fP type of the import name buffer +.br +\fIoutput_name\fP the resulting type, release with \fBgss_release_name()\fP, independent of input_name +.RE +.PP +\fBReturns:\fP +.RS 4 +a gss_error code, see gss_display_status() about printing the error code. +.RE +.PP + +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_init_sec_context (OM_uint32 * minor_status, const gss_cred_id_t initiator_cred_handle, gss_ctx_id_t * context_handle, const gss_name_t target_name, const gss_OID input_mech_type, OM_uint32 req_flags, OM_uint32 time_req, const gss_channel_bindings_t input_chan_bindings, const gss_buffer_t input_token, gss_OID * actual_mech_type, gss_buffer_t output_token, OM_uint32 * ret_flags, OM_uint32 * time_rec)" +.PP +As the initiator build a context with an acceptor. +.PP +Returns in the major +.IP "\(bu" 2 +GSS_S_COMPLETE - if the context if build +.IP "\(bu" 2 +GSS_S_CONTINUE_NEEDED - if the caller needs to continue another round of gss_i nit_sec_context +.IP "\(bu" 2 +error code - any other error code +.PP +.PP +\fBParameters:\fP +.RS 4 +\fIminor_status\fP minor status code. +.br +\fIinitiator_cred_handle\fP the credential to use when building the context, if GSS_C_NO_CREDENTIAL is passed, the default credential for the mechanism will be used. +.br +\fIcontext_handle\fP a pointer to a context handle, will be returned as long as there is not an error. +.br +\fItarget_name\fP the target name of acceptor, created using \fBgss_import_name()\fP. The name is can be of any name types the mechanism supports, check supported name types with gss_inquire_names_for_mech(). +.br +\fIinput_mech_type\fP mechanism type to use, if GSS_C_NO_OID is used, Kerberos (GSS_KRB5_MECHANISM) will be tried. Other available mechanism are listed in the \fBGSS-API mechanisms\fP section. +.br +\fIreq_flags\fP flags using when building the context, see \fBContext creation flags\fP +.br +\fItime_req\fP time requested this context should be valid in seconds, common used value is GSS_C_INDEFINITE +.br +\fIinput_chan_bindings\fP Channel bindings used, if not exepected otherwise, used GSS_C_NO_CHANNEL_BINDINGS +.br +\fIinput_token\fP input token sent from the acceptor, for the initial packet the buffer of { NULL, 0 } should be used. +.br +\fIactual_mech_type\fP the actual mech used, MUST NOT be freed since it pointing to static memory. +.br +\fIoutput_token\fP if there is an output token, regardless of complete, continue_needed, or error it should be sent to the acceptor +.br +\fIret_flags\fP return what flags was negotitated, caller should check if they are accetable. For example, if GSS_C_MUTUAL_FLAG was negotiated with the acceptor or not. +.br +\fItime_rec\fP amount of time this context is valid for +.RE +.PP +\fBReturns:\fP +.RS 4 +a gss_error code, see gss_display_status() about printing the error code. +.RE +.PP + +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_attrs_for_mech (OM_uint32 * minor_status, gss_const_OID mech, gss_OID_set * mech_attr, gss_OID_set * known_mech_attrs)" +.PP +List support attributes for a mech and/or all mechanisms. +.PP +\fBParameters:\fP +.RS 4 +\fIminor_status\fP minor status code +.br +\fImech\fP given together with mech_attr will return the list of attributes for mechanism, can optionally be GSS_C_NO_OID. +.br +\fImech_attr\fP see mech parameter, can optionally be NULL, release with gss_release_oid_set(). +.br +\fIknown_mech_attrs\fP all attributes for mechanisms supported, release with gss_release_oid_set(). +.RE +.PP + +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_saslname_for_mech (OM_uint32 * minor_status, const gss_OID desired_mech, gss_buffer_t sasl_mech_name, gss_buffer_t mech_name, gss_buffer_t mech_description)" +.PP +Returns different protocol names and description of the mechanism. +.PP +\fBParameters:\fP +.RS 4 +\fIminor_status\fP minor status code +.br +\fIdesired_mech\fP mech list query +.br +\fIsasl_mech_name\fP SASL GS2 protocol name +.br +\fImech_name\fP gssapi protocol name +.br +\fImech_description\fP description of gssapi mech +.RE +.PP +\fBReturns:\fP +.RS 4 +returns GSS_S_COMPLETE or a error code. +.RE +.PP + +.SS "GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL gss_oid_equal (gss_const_OID a, gss_const_OID b)" +.PP +Compare two GSS-API OIDs with each other. +.PP +GSS_C_NO_OID matches nothing, not even it-self. +.PP +\fBParameters:\fP +.RS 4 +\fIa\fP first oid to compare +.br +\fIb\fP second oid to compare +.RE +.PP +\fBReturns:\fP +.RS 4 +non-zero when both oid are the same OID, zero when they are not the same. +.RE +.PP + +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_cred (OM_uint32 * minor_status, gss_cred_id_t * cred_handle)" +.PP +Release a credentials +.PP +Its ok to release the GSS_C_NO_CREDENTIAL/NULL credential, it will return a GSS_S_COMPLETE error code. On return cred_handle is set ot GSS_C_NO_CREDENTIAL. +.PP +Example: +.PP +.PP +.nf + gss_cred_id_t cred = GSS_C_NO_CREDENTIAL; + major = gss_release_cred(&minor, &cred); +.fi +.PP +.PP +\fBParameters:\fP +.RS 4 +\fIminor_status\fP minor status return code, mech specific +.br +\fIcred_handle\fP a pointer to the credential too release +.RE +.PP +\fBReturns:\fP +.RS 4 +an gssapi error code +.RE +.PP + +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_iov_buffer (OM_uint32 * minor_status, gss_iov_buffer_desc * iov, int iov_count)" +.PP +Free all buffer allocated by \fBgss_wrap_iov()\fP or \fBgss_unwrap_iov()\fP by looking at the GSS_IOV_BUFFER_FLAG_ALLOCATED flag. +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_name (OM_uint32 * minor_status, gss_name_t * input_name)" +.PP +Free a name +.PP +import_name can point to NULL or be NULL, or a pointer to a gss_name_t structure. If it was a pointer to gss_name_t, the pointer will be set to NULL on success and failure. +.PP +\fBParameters:\fP +.RS 4 +\fIminor_status\fP minor status code +.br +\fIinput_name\fP name to free +.RE +.PP +\fBReturns:\fP +.RS 4 +a gss_error code, see gss_display_status() about printing the error code. +.RE +.PP + +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_unwrap_iov (OM_uint32 * minor_status, gss_ctx_id_t context_handle, int * conf_state, gss_qop_t * qop_state, gss_iov_buffer_desc * iov, int iov_count)" +.PP +Decrypt or verifies the signature on the data. +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, const gss_buffer_t input_message_buffer, int * conf_state, gss_buffer_t output_message_buffer)" +.PP +Wrap a message using either confidentiality (encryption + signature) or sealing (signature). +.PP +\fBParameters:\fP +.RS 4 +\fIminor_status\fP minor status code. +.br +\fIcontext_handle\fP context handle. +.br +\fIconf_req_flag\fP if non zero, confidentiality is requestd. +.br +\fIqop_req\fP type of protection needed, in most cases it GSS_C_QOP_DEFAULT should be passed in. +.br +\fIinput_message_buffer\fP messages to wrap +.br +\fIconf_state\fP returns non zero if confidentiality was honoured. +.br +\fIoutput_message_buffer\fP the resulting buffer, release with gss_release_buffer(). +.RE +.PP + +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap_iov (OM_uint32 * minor_status, gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, int * conf_state, gss_iov_buffer_desc * iov, int iov_count)" +.PP +Encrypts or sign the data. +.PP +This is a more complicated version of \fBgss_wrap()\fP, it allows the caller to use AEAD data (signed header/trailer) and allow greater controll over where the encrypted data is placed. +.PP +The maximum packet size is gss_context_stream_sizes.max_msg_size. +.PP +The caller needs provide the folloing buffers when using in conf_req_flag=1 mode: +.PP +.IP "\(bu" 2 +HEADER (of size gss_context_stream_sizes.header) { DATA or SIGN_ONLY } (optional, zero or more) PADDING (of size gss_context_stream_sizes.blocksize, if zero padding is zero, can be omitted) TRAILER (of size gss_context_stream_sizes.trailer) +.PP +.PP +.IP "\(bu" 2 +on DCE-RPC mode, the caller can skip PADDING and TRAILER if the DATA elements is padded to a block bountry and header is of at least size gss_context_stream_sizes.header + gss_context_stream_sizes.trailer. +.PP +.PP +HEADER, PADDING, TRAILER will be shrunken to the size required to transmit any of them too large. +.PP +To generate \fBgss_wrap()\fP compatible packets, use: HEADER | DATA | PADDING | TRAILER +.PP +When used in conf_req_flag=0, +.PP +.IP "\(bu" 2 +HEADER (of size gss_context_stream_sizes.header) { DATA or SIGN_ONLY } (optional, zero or more) PADDING (of size gss_context_stream_sizes.blocksize, if zero padding is zero, can be omitted) TRAILER (of size gss_context_stream_sizes.trailer) +.PP +.PP +The input sizes of HEADER, PADDING and TRAILER can be fetched using \fBgss_wrap_iov_length()\fP or gss_context_query_attributes(). +.SS "GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap_iov_length (OM_uint32 * minor_status, gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, int * conf_state, gss_iov_buffer_desc * iov, int iov_count)" +.PP +Update the length fields in iov buffer for the types: +.IP "\(bu" 2 +GSS_IOV_BUFFER_TYPE_HEADER +.IP "\(bu" 2 +GSS_IOV_BUFFER_TYPE_PADDING +.IP "\(bu" 2 +GSS_IOV_BUFFER_TYPE_TRAILER +.PP +.PP +Consider using gss_context_query_attributes() to fetch the data instead. +.SH "Variable Documentation" +.PP +.SS "gss_OID_desc GSSAPI_LIB_FUNCTION \fB__gss_c_attr_stream_sizes_oid_desc\fP" +.PP +\fBInitial value:\fP +.PP +.nf + + {10, rk_UNCONST('\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03')} +.fi +Query the context for parameters. +.PP +SSPI equivalent if this function is QueryContextAttributes. +.PP +.IP "\(bu" 2 +GSS_C_ATTR_STREAM_SIZES data is a gss_context_stream_sizes. +.PP + diff --git a/doc/doxyout/gssapi/man/man3/gssapi_mechs_intro.3 b/doc/doxyout/gssapi/man/man3/gssapi_mechs_intro.3 new file mode 100644 index 000000000000..5a79536ea552 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gssapi_mechs_intro.3 @@ -0,0 +1,15 @@ +.TH "gssapi_mechs_intro" 3 "30 Jul 2011" "Version 1.5" "HeimdalGSS-APIlibrary" \" -*- nroff -*- +.ad l +.nh +.SH NAME +gssapi_mechs_intro \- GSS-API mechanisms +.SH "GSS-API mechanisms" +.PP +.IP "\(bu" 2 +Kerberos 5 - GSS_KRB5_MECHANISM +.IP "\(bu" 2 +SPNEGO - GSS_SPNEGO_MECHANISM +.IP "\(bu" 2 +NTLM - GSS_NTLM_MECHANISM +.PP + diff --git a/doc/doxyout/gssapi/man/man3/gssapi_services_intro.3 b/doc/doxyout/gssapi/man/man3/gssapi_services_intro.3 new file mode 100644 index 000000000000..c0ef5385f2da --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/gssapi_services_intro.3 @@ -0,0 +1,65 @@ +.TH "gssapi_services_intro" 3 "30 Jul 2011" "Version 1.5" "HeimdalGSS-APIlibrary" \" -*- nroff -*- +.ad l +.nh +.SH NAME +gssapi_services_intro \- Introduction to GSS-API services +.SH "GSS-API services" +.PP +.SS "Context creation" +.IP "\(bu" 2 +delegation +.IP "\(bu" 2 +mutual authentication +.IP "\(bu" 2 +anonymous +.IP "\(bu" 2 +use per message before context creation has completed +.PP +.PP +return status: +.IP "\(bu" 2 +support conf +.IP "\(bu" 2 +support int +.PP +.SS "Context creation flags" +.IP "\(bu" 2 +GSS_C_DELEG_FLAG +.IP "\(bu" 2 +GSS_C_MUTUAL_FLAG +.IP "\(bu" 2 +GSS_C_REPLAY_FLAG +.IP "\(bu" 2 +GSS_C_SEQUENCE_FLAG +.IP "\(bu" 2 +GSS_C_CONF_FLAG +.IP "\(bu" 2 +GSS_C_INTEG_FLAG +.IP "\(bu" 2 +GSS_C_ANON_FLAG +.IP "\(bu" 2 +GSS_C_PROT_READY_FLAG +.IP "\(bu" 2 +GSS_C_TRANS_FLAG +.IP "\(bu" 2 +GSS_C_DCE_STYLE +.IP "\(bu" 2 +GSS_C_IDENTIFY_FLAG +.IP "\(bu" 2 +GSS_C_EXTENDED_ERROR_FLAG +.IP "\(bu" 2 +GSS_C_DELEG_POLICY_FLAG +.PP +.SS "Per-message services" +.IP "\(bu" 2 +conf +.IP "\(bu" 2 +int +.IP "\(bu" 2 +message integrity +.IP "\(bu" 2 +replay detection +.IP "\(bu" 2 +out of sequence +.PP + diff --git a/doc/doxyout/gssapi/man/man3/internalvsmechname.3 b/doc/doxyout/gssapi/man/man3/internalvsmechname.3 new file mode 100644 index 000000000000..5b602f5739b9 --- /dev/null +++ b/doc/doxyout/gssapi/man/man3/internalvsmechname.3 @@ -0,0 +1,20 @@ +.TH "internalvsmechname" 3 "30 Jul 2011" "Version 1.5" "HeimdalGSS-APIlibrary" \" -*- nroff -*- +.ad l +.nh +.SH NAME +internalvsmechname \- Internal names and mechanism names +.SH "Name forms" +.PP +There are two forms of name in GSS-API, Internal form and Contiguous string ('flat') form. gss_export_name() and \fBgss_import_name()\fP can be used to convert between the two forms. +.PP +.IP "\(bu" 2 +The contiguous string form is described by an oid specificing the type and an octet string. A special form of the contiguous string form is the exported name object. The exported name defined for each mechanism, is something that can be stored and complared later. The exported name is what should be used for ACLs comparisons. +.PP +.PP +.IP "\(bu" 2 +The Internal form +.PP +.PP +There is also special form of the Internal Name (IN), and that is the Mechanism Name (MN). In the mechanism name all the generic information is stripped of and only contain the information for one mechanism. In GSS-API some function return MN and some require MN as input. Each of these function is marked up as such. +.PP +Describe relationship between import_name, canonicalize_name, export_name and friends. diff --git a/doc/doxyout/gssapi/manpages b/doc/doxyout/gssapi/manpages new file mode 100644 index 000000000000..d55654dfaa91 --- /dev/null +++ b/doc/doxyout/gssapi/manpages @@ -0,0 +1,19 @@ +gssapi/man/man3/__gss_c_attr_stream_sizes_oid_desc.3 +gssapi/man/man3/gss_add_oid_set_member.3 +gssapi/man/man3/gss_canonicalize_name.3 +gssapi/man/man3/gss_import_name.3 +gssapi/man/man3/gss_init_sec_context.3 +gssapi/man/man3/gss_inquire_attrs_for_mech.3 +gssapi/man/man3/gss_inquire_saslname_for_mech.3 +gssapi/man/man3/gss_oid_equal.3 +gssapi/man/man3/gss_release_cred.3 +gssapi/man/man3/gss_release_iov_buffer.3 +gssapi/man/man3/gss_release_name.3 +gssapi/man/man3/gss_unwrap_iov.3 +gssapi/man/man3/gss_wrap.3 +gssapi/man/man3/gss_wrap_iov.3 +gssapi/man/man3/gss_wrap_iov_length.3 +gssapi/man/man3/gssapi.3 +gssapi/man/man3/gssapi_mechs_intro.3 +gssapi/man/man3/gssapi_services_intro.3 +gssapi/man/man3/internalvsmechname.3 diff --git a/doc/doxyout/hcrypto/html/doxygen.css b/doc/doxyout/hcrypto/html/doxygen.css new file mode 100644 index 000000000000..22c484301dd1 --- /dev/null +++ b/doc/doxyout/hcrypto/html/doxygen.css @@ -0,0 +1,473 @@ +BODY,H1,H2,H3,H4,H5,H6,P,CENTER,TD,TH,UL,DL,DIV { + font-family: Geneva, Arial, Helvetica, sans-serif; +} +BODY,TD { + font-size: 90%; +} +H1 { + text-align: center; + font-size: 160%; +} +H2 { + font-size: 120%; +} +H3 { + font-size: 100%; +} +CAPTION { + font-weight: bold +} +DIV.qindex { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navpath { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navtab { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +TD.navtab { + font-size: 70%; +} +A.qindex { + text-decoration: none; + font-weight: bold; + color: #1A419D; +} +A.qindex:visited { + text-decoration: none; + font-weight: bold; + color: #1A419D +} +A.qindex:hover { + text-decoration: none; + background-color: #ddddff; +} +A.qindexHL { + text-decoration: none; + font-weight: bold; + background-color: #6666cc; + color: #ffffff; + border: 1px double #9295C2; +} +A.qindexHL:hover { + text-decoration: none; + background-color: #6666cc; + color: #ffffff; +} +A.qindexHL:visited { + text-decoration: none; + background-color: #6666cc; + color: #ffffff +} +A.el { + text-decoration: none; + font-weight: bold +} +A.elRef { + font-weight: bold +} +A.code:link { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.code:visited { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.codeRef:link { + font-weight: normal; + color: #0000FF +} +A.codeRef:visited { + font-weight: normal; + color: #0000FF +} +A:hover { + text-decoration: none; + background-color: #f2f2ff +} +DL.el { + margin-left: -1cm +} +.fragment { + font-family: monospace, fixed; + font-size: 95%; +} +PRE.fragment { + border: 1px solid #CCCCCC; + background-color: #f5f5f5; + margin-top: 4px; + margin-bottom: 4px; + margin-left: 2px; + margin-right: 8px; + padding-left: 6px; + padding-right: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +DIV.ah { + background-color: black; + font-weight: bold; + color: #ffffff; + margin-bottom: 3px; + margin-top: 3px +} + +DIV.groupHeader { + margin-left: 16px; + margin-top: 12px; + margin-bottom: 6px; + font-weight: bold; +} +DIV.groupText { + margin-left: 16px; + font-style: italic; + font-size: 90% +} +BODY { + background: white; + color: black; + margin-right: 20px; + margin-left: 20px; +} +TD.indexkey { + background-color: #e8eef2; + font-weight: bold; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TD.indexvalue { + background-color: #e8eef2; + font-style: italic; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TR.memlist { + background-color: #f0f0f0; +} +P.formulaDsp { + text-align: center; +} +IMG.formulaDsp { +} +IMG.formulaInl { + vertical-align: middle; +} +SPAN.keyword { color: #008000 } +SPAN.keywordtype { color: #604020 } +SPAN.keywordflow { color: #e08000 } +SPAN.comment { color: #800000 } +SPAN.preprocessor { color: #806020 } +SPAN.stringliteral { color: #002080 } +SPAN.charliteral { color: #008080 } +SPAN.vhdldigit { color: #ff00ff } +SPAN.vhdlchar { color: #000000 } +SPAN.vhdlkeyword { color: #700070 } +SPAN.vhdllogic { color: #ff0000 } + +.mdescLeft { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.mdescRight { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.memItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplParams { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + color: #606060; + background-color: #FAFAFA; + font-size: 80%; +} +.search { + color: #003399; + font-weight: bold; +} +FORM.search { + margin-bottom: 0px; + margin-top: 0px; +} +INPUT.search { + font-size: 75%; + color: #000080; + font-weight: normal; + background-color: #e8eef2; +} +TD.tiny { + font-size: 75%; +} +a { + color: #1A41A8; +} +a:visited { + color: #2A3798; +} +.dirtab { + padding: 4px; + border-collapse: collapse; + border: 1px solid #84b0c7; +} +TH.dirtab { + background: #e8eef2; + font-weight: bold; +} +HR { + height: 1px; + border: none; + border-top: 1px solid black; +} + +/* Style for detailed member documentation */ +.memtemplate { + font-size: 80%; + color: #606060; + font-weight: normal; + margin-left: 3px; +} +.memnav { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +.memitem { + padding: 4px; + background-color: #eef3f5; + border-width: 1px; + border-style: solid; + border-color: #dedeee; + -moz-border-radius: 8px 8px 8px 8px; +} +.memname { + white-space: nowrap; + font-weight: bold; +} +.memdoc{ + padding-left: 10px; +} +.memproto { + background-color: #d5e1e8; + width: 100%; + border-width: 1px; + border-style: solid; + border-color: #84b0c7; + font-weight: bold; + -moz-border-radius: 8px 8px 8px 8px; +} +.paramkey { + text-align: right; +} +.paramtype { + white-space: nowrap; +} +.paramname { + color: #602020; + font-style: italic; + white-space: nowrap; +} +/* End Styling for detailed member documentation */ + +/* for the tree view */ +.ftvtree { + font-family: sans-serif; + margin:0.5em; +} +/* these are for tree view when used as main index */ +.directory { + font-size: 9pt; + font-weight: bold; +} +.directory h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} + +/* The following two styles can be used to replace the root node title */ +/* with an image of your choice. Simply uncomment the next two styles, */ +/* specify the name of your image and be sure to set 'height' to the */ +/* proper pixel height of your image. */ + +/* .directory h3.swap { */ +/* height: 61px; */ +/* background-repeat: no-repeat; */ +/* background-image: url("yourimage.gif"); */ +/* } */ +/* .directory h3.swap span { */ +/* display: none; */ +/* } */ + +.directory > h3 { + margin-top: 0; +} +.directory p { + margin: 0px; + white-space: nowrap; +} +.directory div { + display: none; + margin: 0px; +} +.directory img { + vertical-align: -30%; +} +/* these are for tree view when not used as main index */ +.directory-alt { + font-size: 100%; + font-weight: bold; +} +.directory-alt h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} +.directory-alt > h3 { + margin-top: 0; +} +.directory-alt p { + margin: 0px; + white-space: nowrap; +} +.directory-alt div { + display: none; + margin: 0px; +} +.directory-alt img { + vertical-align: -30%; +} + diff --git a/doc/doxyout/hcrypto/html/doxygen.png b/doc/doxyout/hcrypto/html/doxygen.png new file mode 100644 index 0000000000000000000000000000000000000000..f0a274bbaffdd67f6d784c894d9cf28729db0e14 GIT binary patch literal 1281 zcmaJ>ZA?>F7(Vx-ms?uoS`b@hdRtpo6o^%HU>M$hfGrBvQnk$LE?p^P!kn&ikhyq! zX~V@&tPF5Qt@V?oTL96Bi%aRiwbe1)9DWQI#?)=HxS7QSw`J`5fAJ*eJbB;uNuKA& zdERDo*{Y<(If(#(B$Lr#;nB(8Y#ia=ZCeW?JfPLuQY`=@cW$k}Rivq|vbxGrRq1Tl9;+(gNt?}UtVKM2`T5t1jLzuL@0UIs`S#vlhl4)^ zLgSYrPj@$+`|j?eSbXTmiHGkWxV8V}BzNR?pl9k_s4pDu9vd5a_UzZEPk)}Ad{AV_ zzddrjrh4=Imr`E06;LY{)YYt?o}L~H@7C}F^WB!Ra=v`Q0bj{>5&$66CWF>mf6vjP z2N>RRY6ZYa=K`76>+|_)Xdwko+7wv}7cN|btOhWb(*{sta~6b?S8Omrxw}!4`NhGr zZVpNqpu1@BE`QGWNTpEpcJVW5izu~2B^GlM?1(OPg)zwW;QcP@Ltcclm>XbJL9C|j z=9!2?ua=uIlf0%AndzHsRC}IyTL$EhAee(fdKB`?27KeS^2M8M_7b~PiCFO&r5LC7 z7gl1*a<8;SjNaw#h=843_AV9iZbWQOAp5YOC^&_F*9K0> zB|6%IDb?aM#3viTxkLU4aXg&@+CkNTOnQ1iMP*^?b|^lJy$4C)Zk4isV!|RZ*XhXh zw8q3$=*0LeGC!XI_Wc?dkT~3+*Gu%%yIqP+Wr3H$=&ROMQU6q}Ag^P~>c5vAEO;a- z_dK-3PPeKar%)6$j~vI2#*-YH!1h6HYVtwCX5_wM`iF#UKz&&@9Oo5w3%XGYrX zW>dY~)SG-((Yim%`InwgTvyRC?e=Wh^8KCao!R6Eg&TpVWUY1sN~4G}V?nFnEGo-; zHZ_$eW9-GnC%^WS9b z@p;-$oH#MtC0v>Q$HX%4^JdFdO$0cbv-W)Q TtK}Eh@>>I#ipmV1>S*>q-hkC} literal 0 HcmV?d00001 diff --git a/doc/doxyout/hcrypto/html/example__evp__cipher_8c-example.html b/doc/doxyout/hcrypto/html/example__evp__cipher_8c-example.html new file mode 100644 index 000000000000..bd9c2cc50ad3 --- /dev/null +++ b/doc/doxyout/hcrypto/html/example__evp__cipher_8c-example.html @@ -0,0 +1,173 @@ + + +Heimdal crypto library: example_evp_cipher.c + + + +

+keyhole logo +

+ + + +
+

example_evp_cipher.c

This is an example how to use EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex().

+

/*
+ * Copyright (c) 2008 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <krb5-types.h> /* should really be stdint.h */
+#include <hcrypto/evp.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <err.h>
+#include <assert.h>
+
+#include "roken.h"
+
+/* key and initial vector */
+static char key[16] =
+    "\xaa\xbb\x45\xd4\xaa\xbb\x45\xd4"
+    "\xaa\xbb\x45\xd4\xaa\xbb\x45\xd4";
+static char ivec[16] =
+    "\xaa\xbb\x45\xd4\xaa\xbb\x45\xd4"
+    "\xaa\xbb\x45\xd4\xaa\xbb\x45\xd4";
+
+static void
+usage(int exit_code) __attribute__((noreturn));
+
+static void
+usage(int exit_code)
+{
+    printf("usage: %s in out\n", getprogname());
+    exit(exit_code);
+}
+
+
+int
+main(int argc, char **argv)
+{
+    int encryptp = 1;
+    const char *ifn = NULL, *ofn = NULL;
+    FILE *in, *out;
+    void *ibuf, *obuf;
+    int ilen, olen;
+    size_t block_size = 0;
+    const EVP_CIPHER *c = EVP_aes_128_cbc();
+    EVP_CIPHER_CTX ctx;
+    int ret;
+
+    setprogname(argv[0]);
+
+    if (argc == 2) {
+        if (strcmp(argv[1], "--version") == 0) {
+            printf("version");
+            exit(0);
+        }
+        if (strcmp(argv[1], "--help") == 0)
+            usage(0);
+        usage(1);
+    } else if (argc == 4) {
+        block_size = atoi(argv[1]);
+        if (block_size == 0)
+            errx(1, "invalid blocksize %s", argv[1]);
+        ifn = argv[2];
+        ofn = argv[3];
+    } else
+        usage(1);
+
+    in = fopen(ifn, "r");
+    if (in == NULL)
+        errx(1, "failed to open input file");
+    out = fopen(ofn, "w+");
+    if (out == NULL)
+        errx(1, "failed to open output file");
+
+    /* Check that key and ivec are long enough */
+    assert(EVP_CIPHER_key_length(c) <= sizeof(key));
+    assert(EVP_CIPHER_iv_length(c) <= sizeof(ivec));
+
+    /*
+     * Allocate buffer, the output buffer is at least
+     * EVP_CIPHER_block_size() longer
+     */
+    ibuf = malloc(block_size);
+    obuf = malloc(block_size + EVP_CIPHER_block_size(c));
+
+    /*
+     * Init the memory used for EVP_CIPHER_CTX and set the key and
+     * ivec.
+     */
+    EVP_CIPHER_CTX_init(&ctx);
+    EVP_CipherInit_ex(&ctx, c, NULL, key, ivec, encryptp);
+
+    /* read in buffer */
+    while ((ilen = fread(ibuf, 1, block_size, in)) > 0) {
+        /* encrypto/decrypt */
+        ret = EVP_CipherUpdate(&ctx, obuf, &olen, ibuf, ilen);
+        if (ret != 1) {
+            EVP_CIPHER_CTX_cleanup(&ctx);
+            errx(1, "EVP_CipherUpdate failed");
+        }
+        /* write out to output file */
+        fwrite(obuf, 1, olen, out);
+    }
+    /* done reading */
+    fclose(in);
+
+    /* clear up any last bytes left in the output buffer */
+    ret = EVP_CipherFinal_ex(&ctx, obuf, &olen);
+    EVP_CIPHER_CTX_cleanup(&ctx);
+    if (ret != 1)
+        errx(1, "EVP_CipherFinal_ex failed");
+
+    /* write the last bytes out and close */
+    fwrite(obuf, 1, olen, out);
+    fclose(out);
+
+    return 0;
+}
+
+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/examples.html b/doc/doxyout/hcrypto/html/examples.html new file mode 100644 index 000000000000..c6079959c457 --- /dev/null +++ b/doc/doxyout/hcrypto/html/examples.html @@ -0,0 +1,29 @@ + + +Heimdal crypto library: Examples + + + +

+keyhole logo +

+ + + +
+

Examples

Here is a list of all examples: +
+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/graph_legend.dot b/doc/doxyout/hcrypto/html/graph_legend.dot new file mode 100644 index 000000000000..4df0f1aa4864 --- /dev/null +++ b/doc/doxyout/hcrypto/html/graph_legend.dot @@ -0,0 +1,22 @@ +digraph G +{ + edge [fontname="FreeSans",fontsize=10,labelfontname="FreeSans",labelfontsize=10]; + node [fontname="FreeSans",fontsize=10,shape=record]; + Node9 [shape="box",label="Inherited",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",fillcolor="grey75",style="filled" fontcolor="black"]; + Node10 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node10 [shape="box",label="PublicBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPublicBase.html"]; + Node11 -> Node10 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node11 [shape="box",label="Truncated",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="red",URL="$classTruncated.html"]; + Node13 -> Node9 [dir=back,color="darkgreen",fontsize=10,style="solid",fontname="FreeSans"]; + Node13 [shape="box",label="ProtectedBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classProtectedBase.html"]; + Node14 -> Node9 [dir=back,color="firebrick4",fontsize=10,style="solid",fontname="FreeSans"]; + Node14 [shape="box",label="PrivateBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPrivateBase.html"]; + Node15 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node15 [shape="box",label="Undocumented",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="grey75"]; + Node16 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node16 [shape="box",label="Templ< int >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node17 -> Node16 [dir=back,color="orange",fontsize=10,style="dashed",label="< int >",fontname="FreeSans"]; + Node17 [shape="box",label="Templ< T >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node18 -> Node9 [dir=back,color="darkorchid3",fontsize=10,style="dashed",label="m_usedClass",fontname="FreeSans"]; + Node18 [shape="box",label="Used",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classUsed.html"]; +} diff --git a/doc/doxyout/hcrypto/html/graph_legend.html b/doc/doxyout/hcrypto/html/graph_legend.html new file mode 100644 index 000000000000..307b5f89d5c9 --- /dev/null +++ b/doc/doxyout/hcrypto/html/graph_legend.html @@ -0,0 +1,88 @@ + + +Heimdal crypto library: Graph Legend + + + +

+keyhole logo +

+ + + +
+

Graph Legend

This page explains how to interpret the graphs that are generated by doxygen.

+Consider the following example: 

/*! Invisible class because of truncation */
+class Invisible { };
+
+/*! Truncated class, inheritance relation is hidden */
+class Truncated : public Invisible { };
+
+/* Class not documented with doxygen comments */
+class Undocumented { };
+
+/*! Class that is inherited using public inheritance */
+class PublicBase : public Truncated { };
+
+/*! A template class */
+template<class T> class Templ { };
+
+/*! Class that is inherited using protected inheritance */
+class ProtectedBase { };
+
+/*! Class that is inherited using private inheritance */
+class PrivateBase { };
+
+/*! Class that is used by the Inherited class */
+class Used { };
+
+/*! Super class that inherits a number of other classes */
+class Inherited : public PublicBase,
+                  protected ProtectedBase,
+                  private PrivateBase,
+                  public Undocumented,
+                  public Templ<int>
+{
+  private:
+    Used *m_usedClass;
+};
+
If the MAX_DOT_GRAPH_HEIGHT tag in the configuration file is set to 240 this will result in the following graph:

+

+graph_legend.png +
+

+The boxes in the above graph have the following meaning:

    +
  • +A filled gray box represents the struct or class for which the graph is generated.
    • +
  • +A box with a black border denotes a documented struct or class.
    • +
  • +A box with a grey border denotes an undocumented struct or class.
    • +
  • +A box with a red border denotes a documented struct or class forwhich not all inheritance/containment relations are shown. A graph is truncated if it does not fit within the specified boundaries.
    • +
+The arrows have the following meaning:
    +
  • +A dark blue arrow is used to visualize a public inheritance relation between two classes.
    • +
  • +A dark green arrow is used for protected inheritance.
    • +
  • +A dark red arrow is used for private inheritance.
    • +
  • +A purple dashed arrow is used if a class is contained or used by another class. The arrow is labeled with the variable(s) through which the pointed class or struct is accessible.
    • +
  • +A yellow dashed arrow denotes a relation between a template instance and the template class it was instantiated from. The arrow is labeled with the template parameters of the instance.
    • +
+
+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/graph_legend.png b/doc/doxyout/hcrypto/html/graph_legend.png new file mode 100644 index 0000000000000000000000000000000000000000..9b96937bfd5f7a36ea8dbf2d64ed1bc0768f074d GIT binary patch literal 4256 zcmbVQdpOkH_8+NND!Jtq6-jtSR7_-I$|WI0?zfSY$_$d3afzvf+>+dd5k>AJ%rwTO zToWRpOjQk;SpA-vZaxFm|)qS zZ0&nc$jcV$urMS*mT>5$AW~=+0-V=-hk3d;65QJTE=oj@xp?1=Mih?*SJGP9x;tMV zMGEN%60bmjDaijL58nc4RjF^hegOwU1I*ccRUmxdMkPM4ng0%#|DsH zA6uS>izR^x-*dYB+Y^@(q_fm3bgQzJ)xH_6x>lGwshWF+C5$5dh3sYD)tK+C6U)CD z^Xomarii5PA4v8qF_zz#buUwD?ro`8dC&7V-sShflU~*CBDZ04x4+3qE16W{eL_xd z3YaO}b1qpA9YL|0YKdw~2PzM=1=7+ItLm0+tST@%D(MNDzHR)+2t0d#|s}$9i(3xGzT8VL8o-ltIwH zpspqZeXR&2qA6r=nJVuhHO>d5w2$gp9i$H^6ROz!yNTjvm&9kupV73|GPJbXR%Sq0{>>GOn}^wshXC&C~6F@ zQEtikDzl-h2C}qRulGQ3fxzQMGiQH>nv}zkLLPr|qAC;3@PP$cr?(+-t?Wl3jb0<+ z#bCd_jVJ74%s*@eBjHtio7tZ>$BFt@%$M_C#AZgnzPm@&TXYQgE_Vo-ac(6wcJS^F zq)^14asP#Se^m*cnG^`{K>nXv_jhChvr_3s{zCkoqlsf=o8GQ>m@l2)em-YYT;u5A zvL(o`$7n~F&}`E{@&v375BP8e8N#D`H-e$%bEytQt-6o^PA%Dz4c-UeB{`~c4E<$L zY5E6~rKXj#P=fpct4bMP!auX;p7jtP@Li|`r|L0{yav|CLqtLNI5sNFr)16{NP2=B zyY+-Wnh;%3ctC&{8FU{!e29-)s6j~L{~V=%0`Mo=V6^am+1%z2<9r3tD~6uUPff|k zVx!)!?zoJ8FYTDC+V^!??@ z4c>lSL|BU?N^?Ew@NJxJzG9eMGFyR)(2&@Nt!t3%JLT|%6obYCChp}`hP)dkti;UH zm+B_wyb0#h=*|iH4Fx&x>#k_WnyfzU(!KMagDGGLWwz39qG2@`w4@&@8MH}K=hcV> zo@xJdqtMHqtZ+UobNt|FkIRV*_Z#K{{Bb)#j z9XM+oNQX|Dn7$9c4;PX=9NRr)QYm+3 z zx^AyiP)aaJ#E<#aI_Z4M0qo~}6_b{Fw7LjYEpq&2eP4e=;`V;2lQjooTv3dWIpwWu z2b1z&DZD^dJ%5Ah@TPsb?SUP1RZa2=43!k>cAI`kktGdN*#k}_EFYJBtdo09U?xBs z9K9CSx_e{=df>B<4TT_=s52}n^1IKq){xhJIZR<%sQ$rL)Ww)Yt%WkDo#ad}s&Gx5 z={);tH9sSrJ>yD-tu!$ob?tPKmFU3SdDt@i5ULq$P+JZ&rBZXITMM2R4_v1ibgOiq zMgY#(>xF-;&)HonG+sHE@%)-B1*r)@ga3!db-Vc_x}smbXU4=Ycmit0F{Z9Z=q9*k zSY@ypaOs8`MX!BUZQ8*PNmX5$J|!1|LUar)5#Wv*4#g@nfsebEcx9@8Xwfb0Q9P(} z=SQ6#aIE*x06hjIS#Bd%McoJc%>SXksuJY|iLLCE2cQVDS=q0ExRn*~`i=fOw%XSg zjPMNGM@azaROpa|{rz4!=+zKM?qLTssH`{-E+@6Hhis|f3;+_M-ZtTHa|~uvmR1gf ztc+og%<|DBdt%HY{wmosZ0Dwo_$k|E-l5uc@dsfQXM7S|Iz@BxYy&z}hOFW|~F{vQ0Osp+?FjWk}l^^`$3d&Um1 z?&sxr?AAGlD4Khy<_>4od`Bblh?&9%UY#-Jq!c|?kU+hLL^MH@`5+jaq0btJpn7*b#Oeh1GEn6atjaCyIWfr0OqB$o*_K7>Hw0 z?BwrA^UZy(f_CdPoNz0!X6_EX?r80CuKuJ>x7Nfyd8EE%k&D?|=iJJfS>IQjndp+} zQwBq!$`>mvPmG!I^V(%R)Gym_|72^0&$a-L)TN^qtKvF!jlxIo?PRq6kTb-X53|%h z?IKy}wPh>cXPpl!CgqlED%v-a$)H5&WV66^EQctD_=l_ z8tuq$z=3tBNHyzQ{oqHd0c`bijo3DfaK&P6ljOYB*yU$_@k`qhq8=mtA4jS1B1K(j zvo2FBwlJ2mJRPCUqlyR$(a}O)y*2{y;Q!N$t<@I0rtBY~s9-^ohW}mp>mSLEID_fCC?)BC#xQVv6?MP3l1#chr!wPGR>M7_ma= zq&T4QLL#pPdxWMc8$@t?@@dX?v6SXk)pHf5YJBDF1J==c$=Ycr+-OyqR^Hvbl3sPR z*>|+VVnI4^ix_q({i~Ss$FYFSvqug*Szu}$jsTR7w#ajG&vB+e-65%XO$A}#xf?z1 zg)!qcIUN0peM-ZkW0&88#R#(`yIXN3nMRX3+scl<5eJ{+iXh{t%uA$^_(QR&k?6b}K!<(1P zqwP4`%br=wo_WfO34*7x=@)Qk8fo1(!f2_Wx<|KCf>TXR>Fs0He*PA|d0Gy2j)&Wm z%VnPoVWk((0ZN^Z;9t1nfauExQsXD8>~~^(ibEcj>iyB>^{0^bacb(gZMDZOg!?o2 zVa@4%Q3kdQ_jg7p|GidA+;Dh4mlhvBOEsuq(9T4mj7oc$7JRBo7sK z*E^0e%k=;_*U4pQ>$TPd_p@|Nm&X+6SCcizU6^Uhlfh+H#~(#zENDe!uqZ){ma3WhTpgE+}F#p~*bqL)ZYn`y8- zBOJ+jO4A2S!yO<}KP2QQ_3v@|Y0!qSg0~x9LPU!Rsy0*lW)2#guxB_)5P-_Hzz)sa zrnuTszvZ!oPt?A{2s%#E?qLUMss-0P-a={w>U|QXvO8{_pDLhOoY0}ZSU>&a#hJ<$ zf4Q&uT+Go7?*M0-NYFE>V%3O24hlHr&CvTIS_##QeB#n}e(gAe6vWs=NZv-DofbkO zu7$-h7Q@{+$HyEaDZEwf6AwUFq;NBnTgsf5s%mT33zz?)Ep+-3VmZ8*J#3y~)Ura$ zpPFz&43@7o6>!a?EZ!3?!?z=`K9*}HvAgu@#TSq?Ptjq6-{ylGIr3f2q%wW0|I7*vVROWS&K z1ujjlesAY3i{h8`HADO2qu*4TzqaC^gbVQY}Bcx zdccd&Kl-bUFIRb=gLuNk3HsaqMMi`2e%ujt?uM0xCs*bj=EwvJFU`+a_d(+X)YjtG z8ViTUA+`cG73Cc^6!T_s=HK)o?m&=mp;4>0A$DnH#54&G^7{I|FO#0N%dZAibZ>6* z?nPYXp5X^8B9a_9oS$PjT-x+F#$I{v>ysq>cBG2e?JyMGV2r`NPxrsx8;iIjX^q~Dr;D*ylh literal 0 HcmV?d00001 diff --git a/doc/doxyout/hcrypto/html/group__hcrypto__core.html b/doc/doxyout/hcrypto/html/group__hcrypto__core.html new file mode 100644 index 000000000000..51cc1e0a8bc6 --- /dev/null +++ b/doc/doxyout/hcrypto/html/group__hcrypto__core.html @@ -0,0 +1,190 @@ + + +Heimdal crypto library: hcrypto function controlling behavior + + + +

+keyhole logo +

+ + + +
+

hcrypto function controlling behavior

+ + + + + + + + + + + + +

Functions

int EVP_CIPHER_CTX_rand_key (EVP_CIPHER_CTX *ctx, void *key)
int EVP_CIPHER_CTX_ctrl (EVP_CIPHER_CTX *ctx, int type, int arg, void *data)
void OpenSSL_add_all_algorithms (void)
void OpenSSL_add_all_algorithms_conf (void)
void OpenSSL_add_all_algorithms_noconf (void)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int EVP_CIPHER_CTX_ctrl (EVP_CIPHER_CTX *  ctx,
int  type,
int  arg,
void *  data 
)
+
+
+ +

+Perform a operation on a ctx

+

Parameters:
+ + + + + +
ctx context to perform operation on.
type type of operation.
arg argument to operation.
data addition data to operation.
+
+
Returns:
1 for success, 0 for failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int EVP_CIPHER_CTX_rand_key (EVP_CIPHER_CTX *  ctx,
void *  key 
)
+
+
+ +

+Generate a random key for the specificed EVP_CIPHER.

+

Parameters:
+ + + +
ctx EVP_CIPHER_CTX type to build the key for.
key return key, must be at least EVP_CIPHER_key_length() byte long.
+
+
Returns:
1 for success, 0 for failure.
+ +
+

+ +

+
+ + + + + + + + + +
void OpenSSL_add_all_algorithms (void   ) 
+
+
+ +

+Add all algorithms to the crypto core. +

+

+ +

+
+ + + + + + + + + +
void OpenSSL_add_all_algorithms_conf (void   ) 
+
+
+ +

+Add all algorithms to the crypto core using configuration file. +

+

+ +

+
+ + + + + + + + + +
void OpenSSL_add_all_algorithms_noconf (void   ) 
+
+
+ +

+Add all algorithms to the crypto core, but don't use the configuration file. +

+

+

+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/group__hcrypto__des.html b/doc/doxyout/hcrypto/html/group__hcrypto__des.html new file mode 100644 index 000000000000..a3f7be1a5674 --- /dev/null +++ b/doc/doxyout/hcrypto/html/group__hcrypto__des.html @@ -0,0 +1,910 @@ + + +Heimdal crypto library: DES crypto functions + + + +

+keyhole logo +

+ + + +
+

DES crypto functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

void DES_set_odd_parity (DES_cblock *key)
int HC_DEPRECATED DES_check_key_parity (DES_cblock *key)
int DES_is_weak_key (DES_cblock *key)
int HC_DEPRECATED DES_set_key (DES_cblock *key, DES_key_schedule *ks)
int DES_set_key_unchecked (DES_cblock *key, DES_key_schedule *ks)
int DES_set_key_checked (DES_cblock *key, DES_key_schedule *ks)
int DES_key_sched (DES_cblock *key, DES_key_schedule *ks)
void DES_encrypt (uint32_t u[2], DES_key_schedule *ks, int encp)
void DES_ecb_encrypt (DES_cblock *input, DES_cblock *output, DES_key_schedule *ks, int encp)
void DES_cbc_encrypt (const void *in, void *out, long length, DES_key_schedule *ks, DES_cblock *iv, int encp)
void DES_pcbc_encrypt (const void *in, void *out, long length, DES_key_schedule *ks, DES_cblock *iv, int encp)
void DES_ecb3_encrypt (DES_cblock *input, DES_cblock *output, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, int encp)
void DES_ede3_cbc_encrypt (const void *in, void *out, long length, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *iv, int encp)
void DES_cfb64_encrypt (const void *in, void *out, long length, DES_key_schedule *ks, DES_cblock *iv, int *num, int encp)
uint32_t DES_cbc_cksum (const void *in, DES_cblock *output, long length, DES_key_schedule *ks, DES_cblock *iv)
void DES_string_to_key (const char *str, DES_cblock *key)
int HC_DEPRECATED DES_new_random_key (DES_cblock *key)
void HC_DEPRECATED DES_init_random_number_generator (DES_cblock *seed)
void HC_DEPRECATED DES_random_key (DES_cblock *key)
+

Detailed Description

+See the DES - Data Encryption Standard crypto interface for description and examples.

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
uint32_t DES_cbc_cksum (const void *  in,
DES_cblock *  output,
long  length,
DES_key_schedule *  ks,
DES_cblock *  iv 
)
+
+
+ +

+Crete a checksum using DES in CBC encryption mode. This mode is only used for Kerberos 4, and it should stay that way.

+The IV must always be diffrent for diffrent input data blocks.

+

Parameters:
+ + + + + + +
in data to checksum
output the checksum
length length of data
ks key schedule to use
iv initial vector to use
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
void DES_cbc_encrypt (const void *  in,
void *  out,
long  length,
DES_key_schedule *  ks,
DES_cblock *  iv,
int  encp 
)
+
+
+ +

+Encrypt/decrypt a block using DES in Chain Block Cipher mode (cbc).

+The IV must always be diffrent for diffrent input data blocks.

+

Parameters:
+ + + + + + + +
in data to encrypt
out data to encrypt
length length of data
ks key schedule to use
iv initial vector to use
encp if non zero, encrypt. if zero, decrypt.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
void DES_cfb64_encrypt (const void *  in,
void *  out,
long  length,
DES_key_schedule *  ks,
DES_cblock *  iv,
int *  num,
int  encp 
)
+
+
+ +

+Encrypt/decrypt using DES in cipher feedback mode with 64 bit feedback.

+The IV must always be diffrent for diffrent input data blocks.

+

Parameters:
+ + + + + + + + +
in data to encrypt
out data to encrypt
length length of data
ks key schedule to use
iv initial vector to use
num offset into in cipher block encryption/decryption stop last time.
encp if non zero, encrypt. if zero, decrypt.
+
+ +
+

+ +

+
+ + + + + + + + + +
int HC_DEPRECATED DES_check_key_parity (DES_cblock *  key  ) 
+
+
+ +

+Check if the key have correct parity.

+

Parameters:
+ + +
key key to check the parity.
+
+
Returns:
1 on success, 0 on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
void DES_ecb3_encrypt (DES_cblock *  input,
DES_cblock *  output,
DES_key_schedule *  ks1,
DES_key_schedule *  ks2,
DES_key_schedule *  ks3,
int  encp 
)
+
+
+ +

+Encrypt/decrypt a block using triple DES using EDE mode, encrypt/decrypt/encrypt.

+

Parameters:
+ + + + + + + +
input data to encrypt
output data to encrypt
ks1 key schedule to use
ks2 key schedule to use
ks3 key schedule to use
encp if non zero, encrypt. if zero, decrypt.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
void DES_ecb_encrypt (DES_cblock *  input,
DES_cblock *  output,
DES_key_schedule *  ks,
int  encp 
)
+
+
+ +

+Encrypt/decrypt a block using DES.

+

Parameters:
+ + + + + +
input data to encrypt
output data to encrypt
ks key schedule to use
encp if non zero, encrypt. if zero, decrypt.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
void DES_ede3_cbc_encrypt (const void *  in,
void *  out,
long  length,
DES_key_schedule *  ks1,
DES_key_schedule *  ks2,
DES_key_schedule *  ks3,
DES_cblock *  iv,
int  encp 
)
+
+
+ +

+Encrypt/decrypt using Triple DES in Chain Block Cipher mode (cbc).

+The IV must always be diffrent for diffrent input data blocks.

+

Parameters:
+ + + + + + + + + +
in data to encrypt
out data to encrypt
length length of data
ks1 key schedule to use
ks2 key schedule to use
ks3 key schedule to use
iv initial vector to use
encp if non zero, encrypt. if zero, decrypt.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
void DES_encrypt (uint32_t  u[2],
DES_key_schedule *  ks,
int  encp 
)
+
+
+ +

+Encrypt/decrypt a block using DES. Also called ECB mode

+

Parameters:
+ + + + +
u data to encrypt
ks key schedule to use
encp if non zero, encrypt. if zero, decrypt.
+
+ +
+

+ +

+
+ + + + + + + + + +
void HC_DEPRECATED DES_init_random_number_generator (DES_cblock *  seed  ) 
+
+
+ +

+Seed the random number generator. Deprecated, use RAND - random number

+

Parameters:
+ + +
seed a seed to seed that random number generate with.
+
+ +
+

+ +

+
+ + + + + + + + + +
int DES_is_weak_key (DES_cblock *  key  ) 
+
+
+ +

+Checks if the key is any of the weaks keys that makes DES attacks trival.

+

Parameters:
+ + +
key key to check.
+
+
Returns:
1 if the key is weak, 0 otherwise.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int DES_key_sched (DES_cblock *  key,
DES_key_schedule *  ks 
)
+
+
+ +

+Compatibility function for eay libdes, works just like DES_set_key_checked().

+

Parameters:
+ + + +
key a key to initialize the key schedule with.
ks a key schedule to initialize.
+
+
Returns:
0 on success, -1 on invalid parity, -2 on weak key.
+ +
+

+ +

+
+ + + + + + + + + +
int HC_DEPRECATED DES_new_random_key (DES_cblock *  key  ) 
+
+
+ +

+Generate a random des key using a random block, fixup parity and skip weak keys.

+

Parameters:
+ + +
key is set to a random key.
+
+
Returns:
0 on success, non zero on random number generator failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
void DES_pcbc_encrypt (const void *  in,
void *  out,
long  length,
DES_key_schedule *  ks,
DES_cblock *  iv,
int  encp 
)
+
+
+ +

+Encrypt/decrypt a block using DES in Propagating Cipher Block Chaining mode. This mode is only used for Kerberos 4, and it should stay that way.

+The IV must always be diffrent for diffrent input data blocks.

+

Parameters:
+ + + + + + + +
in data to encrypt
out data to encrypt
length length of data
ks key schedule to use
iv initial vector to use
encp if non zero, encrypt. if zero, decrypt.
+
+ +
+

+ +

+
+ + + + + + + + + +
void HC_DEPRECATED DES_random_key (DES_cblock *  key  ) 
+
+
+ +

+Generate a random key, deprecated since it doesn't return an error code, use DES_new_random_key().

+

Parameters:
+ + +
key is set to a random key.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int HC_DEPRECATED DES_set_key (DES_cblock *  key,
DES_key_schedule *  ks 
)
+
+
+ +

+Setup a des key schedule from a key. Deprecated function, use DES_set_key_unchecked() or DES_set_key_checked() instead.

+

Parameters:
+ + + +
key a key to initialize the key schedule with.
ks a key schedule to initialize.
+
+
Returns:
0 on success
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int DES_set_key_checked (DES_cblock *  key,
DES_key_schedule *  ks 
)
+
+
+ +

+Just like DES_set_key_unchecked() except checking that the key is not weak for or have correct parity.

+

Parameters:
+ + + +
key a key to initialize the key schedule with.
ks a key schedule to initialize.
+
+
Returns:
0 on success, -1 on invalid parity, -2 on weak key.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int DES_set_key_unchecked (DES_cblock *  key,
DES_key_schedule *  ks 
)
+
+
+ +

+Setup a des key schedule from a key. The key is no longer needed after this transaction and can cleared.

+Does NOT check that the key is weak for or have wrong parity.

+

Parameters:
+ + + +
key a key to initialize the key schedule with.
ks a key schedule to initialize.
+
+
Returns:
0 on success
+ +
+

+ +

+
+ + + + + + + + + +
void DES_set_odd_parity (DES_cblock *  key  ) 
+
+
+ +

+Set the parity of the key block, used to generate a des key from a random key. See DES key generation.

+

Parameters:
+ + +
key key to fixup the parity for.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void DES_string_to_key (const char *  str,
DES_cblock *  key 
)
+
+
+ +

+Convert a string to a DES key. Use something like PKCS5_PBKDF2_HMAC_SHA1() to create key from passwords.

+

Parameters:
+ + + +
str The string to convert to a key
key the resulting key
+
+ +
+

+

+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/group__hcrypto__dh.html b/doc/doxyout/hcrypto/html/group__hcrypto__dh.html new file mode 100644 index 000000000000..4980f964c79c --- /dev/null +++ b/doc/doxyout/hcrypto/html/group__hcrypto__dh.html @@ -0,0 +1,581 @@ + + +Heimdal crypto library: Diffie-Hellman functions + + + +

+keyhole logo +

+ + + +
+

Diffie-Hellman functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

const DH_METHOD * DH_ltm_method (void)
DH * DH_new (void)
DH * DH_new_method (ENGINE *engine)
void DH_free (DH *dh)
int DH_up_ref (DH *dh)
int DH_size (const DH *dh)
int DH_set_ex_data (DH *dh, int idx, void *data)
void * DH_get_ex_data (DH *dh, int idx)
int DH_generate_parameters_ex (DH *dh, int prime_len, int generator, BN_GENCB *cb)
int DH_check_pubkey (const DH *dh, const BIGNUM *pub_key, int *codes)
int DH_generate_key (DH *dh)
int DH_compute_key (unsigned char *shared_key, const BIGNUM *peer_pub_key, DH *dh)
int DH_set_method (DH *dh, const DH_METHOD *method)
const DH_METHOD * DH_null_method (void)
void DH_set_default_method (const DH_METHOD *meth)
const DH_METHOD * DH_get_default_method (void)
+

Detailed Description

+See the DH - Diffie-Hellman key exchange for description and examples.

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int DH_check_pubkey (const DH *  dh,
const BIGNUM *  pub_key,
int *  codes 
)
+
+
+ +

+Check that the public key is sane.

+

Parameters:
+ + + + +
dh the local peer DH parameters.
pub_key the remote peer public key parameters.
codes return that the failures of the pub_key are.
+
+
Returns:
1 on success, 0 on failure and *codes is set the the combined fail check for the public key
+ +

+Checks that the function performs are:

    +
  • pub_key is not negative
+

+

    +
  • pub_key > 1 and pub_key < p - 1, to avoid small subgroups attack.
+

+

    +
  • if g == 2, pub_key have more then one bit set, if bits set is 1, log_2(pub_key) is trival
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int DH_compute_key (unsigned char *  shared_key,
const BIGNUM *  peer_pub_key,
DH *  dh 
)
+
+
+ +

+Complute the shared secret key.

+

Parameters:
+ + + + +
shared_key the resulting shared key, need to be at least DH_size() large.
peer_pub_key the peer's public key.
dh the dh key pair.
+
+
Returns:
1 on success.
+ +

+Checks that the pubkey passed in is valid using DH_check_pubkey(). +

+

+ +

+
+ + + + + + + + + +
void DH_free (DH *  dh  ) 
+
+
+ +

+Free a DH object and release related resources, like ENGINE, that the object was using.

+

Parameters:
+ + +
dh object to be freed.
+
+ +
+

+ +

+
+ + + + + + + + + +
int DH_generate_key (DH *  dh  ) 
+
+
+ +

+Generate a new DH private-public key pair. The dh parameter must be allocted first with DH_new(). dh->p and dp->g must be set.

+

Parameters:
+ + +
dh dh parameter.
+
+
Returns:
1 on success.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int DH_generate_parameters_ex (DH *  dh,
int  prime_len,
int  generator,
BN_GENCB *  cb 
)
+
+
+ +

+Generate DH parameters for the DH object give parameters.

+

Parameters:
+ + + + + +
dh The DH object to generate parameters for.
prime_len length of the prime
generator generator, g
cb Callback parameters to show progress, can be NULL.
+
+
Returns:
the maximum size in bytes of the out data.
+ +
+

+ +

+
+ + + + + + + + + +
const DH_METHOD* DH_get_default_method (void   ) 
+
+
+ +

+Return the default DH implementation.

+

Returns:
pointer to a DH_METHOD.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void* DH_get_ex_data (DH *  dh,
int  idx 
)
+
+
+ +

+Get the data for index idx in the DH object.

+

Parameters:
+ + + +
dh DH object.
idx index to get the data for.
+
+
Returns:
the object store in index idx
+ +
+

+ +

+
+ + + + + + + + + +
const DH_METHOD* DH_ltm_method (void   ) 
+
+
+ +

+DH implementation using libtommath.

+

Returns:
the DH_METHOD for the DH implementation using libtommath.
+ +
+

+ +

+
+ + + + + + + + + +
DH* DH_new (void   ) 
+
+
+ +

+Create a new DH object using DH_new_method(NULL), see DH_new_method().

+

Returns:
a newly allocated DH object.
+ +
+

+ +

+
+ + + + + + + + + +
DH* DH_new_method (ENGINE *  engine  ) 
+
+
+ +

+Create a new DH object from the given engine, if the NULL is used, the default engine is used. Free the DH object with DH_free().

+

Parameters:
+ + +
engine The engine to use to allocate the DH object.
+
+
Returns:
a newly allocated DH object.
+ +
+

+ +

+
+ + + + + + + + + +
const DH_METHOD* DH_null_method (void   ) 
+
+
+ +

+Return the dummy DH implementation.

+

Returns:
pointer to a DH_METHOD.
+ +
+

+ +

+
+ + + + + + + + + +
void DH_set_default_method (const DH_METHOD *  meth  ) 
+
+
+ +

+Set the default DH implementation.

+

Parameters:
+ + +
meth pointer to a DH_METHOD.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int DH_set_ex_data (DH *  dh,
int  idx,
void *  data 
)
+
+
+ +

+Set the data index idx in the DH object to data.

+

Parameters:
+ + + + +
dh DH object.
idx index to set the data for.
data data to store for the index idx.
+
+
Returns:
1 on success.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int DH_set_method (DH *  dh,
const DH_METHOD *  method 
)
+
+
+ +

+Set a new method for the DH keypair.

+

Parameters:
+ + + +
dh dh parameter.
method the new method for the DH parameter.
+
+
Returns:
1 on success.
+ +
+

+ +

+
+ + + + + + + + + +
int DH_size (const DH *  dh  ) 
+
+
+ +

+The maximum output size of the DH_compute_key() function.

+

Parameters:
+ + +
dh The DH object to get the size from.
+
+
Returns:
the maximum size in bytes of the out data.
+ +
+

+ +

+
+ + + + + + + + + +
int DH_up_ref (DH *  dh  ) 
+
+
+ +

+Add a reference to the DH object. The object should be free with DH_free() to drop the reference.

+

Parameters:
+ + +
dh the object to increase the reference count too.
+
+
Returns:
the updated reference count, can't safely be used except for debug printing.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/group__hcrypto__evp.html b/doc/doxyout/hcrypto/html/group__hcrypto__evp.html new file mode 100644 index 000000000000..fc22b7705f41 --- /dev/null +++ b/doc/doxyout/hcrypto/html/group__hcrypto__evp.html @@ -0,0 +1,2366 @@ + + +Heimdal crypto library: EVP generic crypto functions + + + +

+keyhole logo +

+ + + +
+

EVP generic crypto functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

const EVP_CIPHER * EVP_wincrypt_des_ede3_cbc (void)
const EVP_CIPHER * EVP_hcrypto_aes_128_cbc (void)
const EVP_CIPHER * EVP_hcrypto_aes_192_cbc (void)
const EVP_CIPHER * EVP_hcrypto_aes_256_cbc (void)
const EVP_CIPHER * EVP_hcrypto_aes_128_cfb8 (void)
const EVP_CIPHER * EVP_hcrypto_aes_192_cfb8 (void)
const EVP_CIPHER * EVP_hcrypto_aes_256_cfb8 (void)
const EVP_MD * EVP_hcrypto_sha256 (void)
const EVP_MD * EVP_hcrypto_sha384 (void)
const EVP_MD * EVP_hcrypto_sha512 (void)
const EVP_MD * EVP_hcrypto_sha1 (void)
const EVP_MD * EVP_hcrypto_md5 (void)
const EVP_MD * EVP_hcrypto_md4 (void)
const EVP_MD * EVP_hcrypto_md2 (void)
const EVP_CIPHER * EVP_hcrypto_des_cbc (void)
const EVP_CIPHER * EVP_hcrypto_des_ede3_cbc (void)
const EVP_CIPHER * EVP_hcrypto_rc2_cbc (void)
const EVP_CIPHER * EVP_hcrypto_rc2_40_cbc (void)
const EVP_CIPHER * EVP_hcrypto_rc2_64_cbc (void)
const EVP_CIPHER * EVP_hcrypto_camellia_128_cbc (void)
const EVP_CIPHER * EVP_hcrypto_camellia_192_cbc (void)
const EVP_CIPHER * EVP_hcrypto_camellia_256_cbc (void)
size_t EVP_MD_size (const EVP_MD *md)
size_t EVP_MD_block_size (const EVP_MD *md)
EVP_MD_CTX * EVP_MD_CTX_create (void)
void EVP_MD_CTX_init (EVP_MD_CTX *ctx) HC_DEPRECATED
void EVP_MD_CTX_destroy (EVP_MD_CTX *ctx)
int EVP_MD_CTX_cleanup (EVP_MD_CTX *ctx) HC_DEPRECATED
const EVP_MD * EVP_MD_CTX_md (EVP_MD_CTX *ctx)
size_t EVP_MD_CTX_size (EVP_MD_CTX *ctx)
size_t EVP_MD_CTX_block_size (EVP_MD_CTX *ctx)
int EVP_DigestInit_ex (EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine)
int EVP_DigestUpdate (EVP_MD_CTX *ctx, const void *data, size_t size)
int EVP_DigestFinal_ex (EVP_MD_CTX *ctx, void *hash, unsigned int *size)
int EVP_Digest (const void *data, size_t dsize, void *hash, unsigned int *hsize, const EVP_MD *md, ENGINE *engine)
const EVP_MD * EVP_sha256 (void)
const EVP_MD * EVP_sha384 (void)
const EVP_MD * EVP_sha512 (void)
const EVP_MD * EVP_sha1 (void)
const EVP_MD * EVP_sha (void)
const EVP_MD * EVP_md5 (void)
const EVP_MD * EVP_md4 (void)
const EVP_MD * EVP_md2 (void)
const EVP_MD * EVP_md_null (void)
size_t EVP_CIPHER_block_size (const EVP_CIPHER *c)
size_t EVP_CIPHER_key_length (const EVP_CIPHER *c)
size_t EVP_CIPHER_iv_length (const EVP_CIPHER *c)
void EVP_CIPHER_CTX_init (EVP_CIPHER_CTX *c)
int EVP_CIPHER_CTX_cleanup (EVP_CIPHER_CTX *c)
int EVP_CIPHER_CTX_set_key_length (EVP_CIPHER_CTX *c, int length)
const EVP_CIPHER * EVP_CIPHER_CTX_cipher (EVP_CIPHER_CTX *ctx)
size_t EVP_CIPHER_CTX_block_size (const EVP_CIPHER_CTX *ctx)
size_t EVP_CIPHER_CTX_key_length (const EVP_CIPHER_CTX *ctx)
size_t EVP_CIPHER_CTX_iv_length (const EVP_CIPHER_CTX *ctx)
unsigned long EVP_CIPHER_CTX_flags (const EVP_CIPHER_CTX *ctx)
int EVP_CIPHER_CTX_mode (const EVP_CIPHER_CTX *ctx)
void * EVP_CIPHER_CTX_get_app_data (EVP_CIPHER_CTX *ctx)
void EVP_CIPHER_CTX_set_app_data (EVP_CIPHER_CTX *ctx, void *data)
int EVP_CipherInit_ex (EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine, const void *key, const void *iv, int encp)
int EVP_CipherUpdate (EVP_CIPHER_CTX *ctx, void *out, int *outlen, void *in, size_t inlen)
int EVP_CipherFinal_ex (EVP_CIPHER_CTX *ctx, void *out, int *outlen)
const EVP_CIPHER * EVP_enc_null (void)
const EVP_CIPHER * EVP_rc2_cbc (void)
const EVP_CIPHER * EVP_rc2_40_cbc (void)
const EVP_CIPHER * EVP_rc2_64_cbc (void)
const EVP_CIPHER * EVP_rc4 (void)
const EVP_CIPHER * EVP_rc4_40 (void)
const EVP_CIPHER * EVP_des_cbc (void)
const EVP_CIPHER * EVP_des_ede3_cbc (void)
const EVP_CIPHER * EVP_aes_128_cbc (void)
const EVP_CIPHER * EVP_aes_192_cbc (void)
const EVP_CIPHER * EVP_aes_256_cbc (void)
const EVP_CIPHER * EVP_aes_128_cfb8 (void)
const EVP_CIPHER * EVP_aes_192_cfb8 (void)
const EVP_CIPHER * EVP_aes_256_cfb8 (void)
const EVP_CIPHER * EVP_camellia_128_cbc (void)
const EVP_CIPHER * EVP_camellia_192_cbc (void)
const EVP_CIPHER * EVP_camellia_256_cbc (void)
const EVP_CIPHER * EVP_get_cipherbyname (const char *name)
int EVP_BytesToKey (const EVP_CIPHER *type, const EVP_MD *md, const void *salt, const void *data, size_t datalen, unsigned int count, void *keydata, void *ivdata)
+

Detailed Description

+See the EVP - generic crypto interface for description and examples.

Function Documentation

+ +
+
+ + + + + + + + + +
const EVP_CIPHER* EVP_aes_128_cbc (void   ) 
+
+
+ +

+The AES-128 cipher type

+

Returns:
the AES-128 EVP_CIPHER pointer.
+
Examples:
+example_evp_cipher.c.
+
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_aes_128_cfb8 (void   ) 
+
+
+ +

+The AES-128 cipher type

+

Returns:
the AES-128 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_aes_192_cbc (void   ) 
+
+
+ +

+The AES-192 cipher type

+

Returns:
the AES-192 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_aes_192_cfb8 (void   ) 
+
+
+ +

+The AES-192 cipher type

+

Returns:
the AES-192 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_aes_256_cbc (void   ) 
+
+
+ +

+The AES-256 cipher type

+

Returns:
the AES-256 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_aes_256_cfb8 (void   ) 
+
+
+ +

+The AES-256 cipher type

+

Returns:
the AES-256 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int EVP_BytesToKey (const EVP_CIPHER *  type,
const EVP_MD *  md,
const void *  salt,
const void *  data,
size_t  datalen,
unsigned int  count,
void *  keydata,
void *  ivdata 
)
+
+
+ +

+Provides a legancy string to key function, used in PEM files.

+New protocols should use new string to key functions like NIST SP56-800A or PKCS#5 v2.0 (see PKCS5_PBKDF2_HMAC_SHA1()).

+

Parameters:
+ + + + + + + + + +
type type of cipher to use
md message digest to use
salt salt salt string, should be an binary 8 byte buffer.
data the password/input key string.
datalen length of data parameter.
count iteration counter.
keydata output keydata, needs to of the size EVP_CIPHER_key_length().
ivdata output ivdata, needs to of the size EVP_CIPHER_block_size().
+
+
Returns:
the size of derived key.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_camellia_128_cbc (void   ) 
+
+
+ +

+The Camellia-128 cipher type

+

Returns:
the Camellia-128 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_camellia_192_cbc (void   ) 
+
+
+ +

+The Camellia-198 cipher type

+

Returns:
the Camellia-198 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_camellia_256_cbc (void   ) 
+
+
+ +

+The Camellia-256 cipher type

+

Returns:
the Camellia-256 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
size_t EVP_CIPHER_block_size (const EVP_CIPHER *  c  ) 
+
+
+ +

+Return the block size of the cipher.

+

Parameters:
+ + +
c cipher to get the block size from.
+
+
Returns:
the block size of the cipher.
+
Examples:
+example_evp_cipher.c.
+
+

+ +

+
+ + + + + + + + + +
size_t EVP_CIPHER_CTX_block_size (const EVP_CIPHER_CTX *  ctx  ) 
+
+
+ +

+Return the block size of the cipher context.

+

Parameters:
+ + +
ctx cipher context to get the block size from.
+
+
Returns:
the block size of the cipher context.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_CIPHER_CTX_cipher (EVP_CIPHER_CTX *  ctx  ) 
+
+
+ +

+Return the EVP_CIPHER for a EVP_CIPHER_CTX context.

+

Parameters:
+ + +
ctx the context to get the cipher type from.
+
+
Returns:
the EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
int EVP_CIPHER_CTX_cleanup (EVP_CIPHER_CTX *  c  ) 
+
+
+ +

+Clean up the EVP_CIPHER_CTX context.

+

Parameters:
+ + +
c the cipher to clean up.
+
+
Returns:
1 on success.
+
Examples:
+example_evp_cipher.c.
+
+

+ +

+
+ + + + + + + + + +
unsigned long EVP_CIPHER_CTX_flags (const EVP_CIPHER_CTX *  ctx  ) 
+
+
+ +

+Get the flags for an EVP_CIPHER_CTX context.

+

Parameters:
+ + +
ctx the EVP_CIPHER_CTX to get the flags from
+
+
Returns:
the flags for an EVP_CIPHER_CTX.
+ +
+

+ +

+
+ + + + + + + + + +
void* EVP_CIPHER_CTX_get_app_data (EVP_CIPHER_CTX *  ctx  ) 
+
+
+ +

+Get the app data for an EVP_CIPHER_CTX context.

+

Parameters:
+ + +
ctx the EVP_CIPHER_CTX to get the app data from
+
+
Returns:
the app data for an EVP_CIPHER_CTX.
+ +
+

+ +

+
+ + + + + + + + + +
void EVP_CIPHER_CTX_init (EVP_CIPHER_CTX *  c  ) 
+
+
+ +

+Initiate a EVP_CIPHER_CTX context. Clean up with EVP_CIPHER_CTX_cleanup().

+

Parameters:
+ + +
c the cipher initiate.
+
+
Examples:
+example_evp_cipher.c.
+
+

+ +

+
+ + + + + + + + + +
size_t EVP_CIPHER_CTX_iv_length (const EVP_CIPHER_CTX *  ctx  ) 
+
+
+ +

+Return the IV size of the cipher context.

+

Parameters:
+ + +
ctx cipher context to get the IV size from.
+
+
Returns:
the IV size of the cipher context.
+ +
+

+ +

+
+ + + + + + + + + +
size_t EVP_CIPHER_CTX_key_length (const EVP_CIPHER_CTX *  ctx  ) 
+
+
+ +

+Return the key size of the cipher context.

+

Parameters:
+ + +
ctx cipher context to get the key size from.
+
+
Returns:
the key size of the cipher context.
+ +
+

+ +

+
+ + + + + + + + + +
int EVP_CIPHER_CTX_mode (const EVP_CIPHER_CTX *  ctx  ) 
+
+
+ +

+Get the mode for an EVP_CIPHER_CTX context.

+

Parameters:
+ + +
ctx the EVP_CIPHER_CTX to get the mode from
+
+
Returns:
the mode for an EVP_CIPHER_CTX.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void EVP_CIPHER_CTX_set_app_data (EVP_CIPHER_CTX *  ctx,
void *  data 
)
+
+
+ +

+Set the app data for an EVP_CIPHER_CTX context.

+

Parameters:
+ + + +
ctx the EVP_CIPHER_CTX to set the app data for
data the app data to set for an EVP_CIPHER_CTX.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int EVP_CIPHER_CTX_set_key_length (EVP_CIPHER_CTX *  c,
int  length 
)
+
+
+ +

+If the cipher type supports it, change the key length

+

Parameters:
+ + + +
c the cipher context to change the key length for
length new key length
+
+
Returns:
1 on success.
+ +
+

+ +

+
+ + + + + + + + + +
size_t EVP_CIPHER_iv_length (const EVP_CIPHER *  c  ) 
+
+
+ +

+Return the IV size of the cipher.

+

Parameters:
+ + +
c cipher to get the IV size from.
+
+
Returns:
the IV size of the cipher.
+
Examples:
+example_evp_cipher.c.
+
+

+ +

+
+ + + + + + + + + +
size_t EVP_CIPHER_key_length (const EVP_CIPHER *  c  ) 
+
+
+ +

+Return the key size of the cipher.

+

Parameters:
+ + +
c cipher to get the key size from.
+
+
Returns:
the key size of the cipher.
+
Examples:
+example_evp_cipher.c.
+
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int EVP_CipherFinal_ex (EVP_CIPHER_CTX *  ctx,
void *  out,
int *  outlen 
)
+
+
+ +

+Encipher/decipher final data

+

Parameters:
+ + + + +
ctx the cipher context.
out output data from the operation.
outlen output length
+
+The input length needs to be at least EVP_CIPHER_block_size() bytes long.

+See EVP Cipher for an example how to use this function.

+

Returns:
1 on success.
+
Examples:
+example_evp_cipher.c.
+
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int EVP_CipherInit_ex (EVP_CIPHER_CTX *  ctx,
const EVP_CIPHER *  c,
ENGINE *  engine,
const void *  key,
const void *  iv,
int  encp 
)
+
+
+ +

+Initiate the EVP_CIPHER_CTX context to encrypt or decrypt data. Clean up with EVP_CIPHER_CTX_cleanup().

+

Parameters:
+ + + + + + + +
ctx context to initiate
c cipher to use.
engine crypto engine to use, NULL to select default.
key the crypto key to use, NULL will use the previous value.
iv the IV to use, NULL will use the previous value.
encp non zero will encrypt, -1 use the previous value.
+
+
Returns:
1 on success.
+
Examples:
+example_evp_cipher.c.
+
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int EVP_CipherUpdate (EVP_CIPHER_CTX *  ctx,
void *  out,
int *  outlen,
void *  in,
size_t  inlen 
)
+
+
+ +

+Encipher/decipher partial data

+

Parameters:
+ + + + + + +
ctx the cipher context.
out output data from the operation.
outlen output length
in input data to the operation.
inlen length of data.
+
+The output buffer length should at least be EVP_CIPHER_block_size() byte longer then the input length.

+See EVP Cipher for an example how to use this function.

+

Returns:
1 on success.
+ +

+If there in no spare bytes in the left from last Update and the input length is on the block boundery, the EVP_CipherUpdate() function can take a shortcut (and preformance gain) and directly encrypt the data, otherwise we hav to fix it up and store extra it the EVP_CIPHER_CTX.

Examples:
+example_evp_cipher.c.
+
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_des_cbc (void   ) 
+
+
+ +

+The DES cipher type

+

Returns:
the DES-CBC EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_des_ede3_cbc (void   ) 
+
+
+ +

+The tripple DES cipher type

+

Returns:
the DES-EDE3-CBC EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int EVP_Digest (const void *  data,
size_t  dsize,
void *  hash,
unsigned int *  hsize,
const EVP_MD *  md,
ENGINE *  engine 
)
+
+
+ +

+Do the whole EVP_MD_CTX_create(), EVP_DigestInit_ex(), EVP_DigestUpdate(), EVP_DigestFinal_ex(), EVP_MD_CTX_destroy() dance in one call.

+

Parameters:
+ + + + + + + +
data the data to update the context with
dsize length of data
hash output data of at least EVP_MD_size() length.
hsize output length of hash.
md message digest to use
engine engine to use, NULL for default engine.
+
+
Returns:
1 on success.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int EVP_DigestFinal_ex (EVP_MD_CTX *  ctx,
void *  hash,
unsigned int *  size 
)
+
+
+ +

+Complete the message digest.

+

Parameters:
+ + + + +
ctx the context to complete.
hash the output of the message digest function. At least EVP_MD_size().
size the output size of hash.
+
+
Returns:
1 on success.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int EVP_DigestInit_ex (EVP_MD_CTX *  ctx,
const EVP_MD *  md,
ENGINE *  engine 
)
+
+
+ +

+Init a EVP_MD_CTX for use a specific message digest and engine.

+

Parameters:
+ + + + +
ctx the message digest context to init.
md the message digest to use.
engine the engine to use, NULL to use the default engine.
+
+
Returns:
1 on success.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int EVP_DigestUpdate (EVP_MD_CTX *  ctx,
const void *  data,
size_t  size 
)
+
+
+ +

+Update the digest with some data.

+

Parameters:
+ + + + +
ctx the context to update
data the data to update the context with
size length of data
+
+
Returns:
1 on success.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_enc_null (void   ) 
+
+
+ +

+The NULL cipher type, does no encryption/decryption.

+

Returns:
the null EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_get_cipherbyname (const char *  name  ) 
+
+
+ +

+Get the cipher type using their name.

+

Parameters:
+ + +
name the name of the cipher.
+
+
Returns:
the selected EVP_CIPHER pointer or NULL if not found.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_aes_128_cbc (void   ) 
+
+
+ +

+The AES-128 cipher type (hcrypto)

+

Returns:
the AES-128 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_aes_128_cfb8 (void   ) 
+
+
+ +

+The AES-128 CFB8 cipher type (hcrypto)

+

Returns:
the AES-128 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_aes_192_cbc (void   ) 
+
+
+ +

+The AES-192 cipher type (hcrypto)

+

Returns:
the AES-192 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_aes_192_cfb8 (void   ) 
+
+
+ +

+The AES-192 CFB8 cipher type (hcrypto)

+

Returns:
the AES-192 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_aes_256_cbc (void   ) 
+
+
+ +

+The AES-256 cipher type (hcrypto)

+

Returns:
the AES-256 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_aes_256_cfb8 (void   ) 
+
+
+ +

+The AES-256 CFB8 cipher type (hcrypto)

+

Returns:
the AES-256 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_camellia_128_cbc (void   ) 
+
+
+ +

+The Camellia-128 cipher type - hcrypto

+

Returns:
the Camellia-128 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_camellia_192_cbc (void   ) 
+
+
+ +

+The Camellia-198 cipher type - hcrypto

+

Returns:
the Camellia-198 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_camellia_256_cbc (void   ) 
+
+
+ +

+The Camellia-256 cipher type - hcrypto

+

Returns:
the Camellia-256 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_des_cbc (void   ) 
+
+
+ +

+The DES cipher type

+

Returns:
the DES-CBC EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_des_ede3_cbc (void   ) 
+
+
+ +

+The tripple DES cipher type - hcrypto

+

Returns:
the DES-EDE3-CBC EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_hcrypto_md2 (void   ) 
+
+
+ +

+The message digest MD2 - hcrypto

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_hcrypto_md4 (void   ) 
+
+
+ +

+The message digest MD4 - hcrypto

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_hcrypto_md5 (void   ) 
+
+
+ +

+The message digest MD5 - hcrypto

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_rc2_40_cbc (void   ) 
+
+
+ +

+The RC2-40 cipher type

+

Returns:
the RC2-40 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_rc2_64_cbc (void   ) 
+
+
+ +

+The RC2-64 cipher type

+

Returns:
the RC2-64 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_hcrypto_rc2_cbc (void   ) 
+
+
+ +

+The RC2 cipher type - hcrypto

+

Returns:
the RC2 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_hcrypto_sha1 (void   ) 
+
+
+ +

+The message digest SHA1 - hcrypto

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_hcrypto_sha256 (void   ) 
+
+
+ +

+The message digest SHA256 - hcrypto

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_hcrypto_sha384 (void   ) 
+
+
+ +

+The message digest SHA384 - hcrypto

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_hcrypto_sha512 (void   ) 
+
+
+ +

+The message digest SHA512 - hcrypto

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_md2 (void   ) 
+
+
+ +

+The message digest MD2

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_md4 (void   ) 
+
+
+ +

+The message digest MD4

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_md5 (void   ) 
+
+
+ +

+The message digest MD5

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
size_t EVP_MD_block_size (const EVP_MD *  md  ) 
+
+
+ +

+Return the blocksize of the message digest function.

+

Parameters:
+ + +
md the evp message
+
+
Returns:
size size of the message digest block size
+ +
+

+ +

+
+ + + + + + + + + +
size_t EVP_MD_CTX_block_size (EVP_MD_CTX *  ctx  ) 
+
+
+ +

+Return the blocksize of the message digest function.

+

Parameters:
+ + +
ctx the evp message digest context
+
+
Returns:
size size of the message digest block size
+ +
+

+ +

+
+ + + + + + + + + +
int EVP_MD_CTX_cleanup (EVP_MD_CTX *  ctx  ) 
+
+
+ +

+Free the resources used by the EVP_MD context.

+

Parameters:
+ + +
ctx the context to free the resources from.
+
+
Returns:
1 on success.
+ +
+

+ +

+
+ + + + + + + + + +
EVP_MD_CTX* EVP_MD_CTX_create (void   ) 
+
+
+ +

+Allocate a messsage digest context object. Free with EVP_MD_CTX_destroy().

+

Returns:
a newly allocated message digest context object.
+ +
+

+ +

+
+ + + + + + + + + +
void EVP_MD_CTX_destroy (EVP_MD_CTX *  ctx  ) 
+
+
+ +

+Free a messsage digest context object.

+

Parameters:
+ + +
ctx context to free.
+
+ +
+

+ +

+
+ + + + + + + + + +
void EVP_MD_CTX_init (EVP_MD_CTX *  ctx  ) 
+
+
+ +

+Initiate a messsage digest context object. Deallocate with EVP_MD_CTX_cleanup(). Please use EVP_MD_CTX_create() instead.

+

Parameters:
+ + +
ctx variable to initiate.
+
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_MD_CTX_md (EVP_MD_CTX *  ctx  ) 
+
+
+ +

+Get the EVP_MD use for a specified context.

+

Parameters:
+ + +
ctx the EVP_MD context to get the EVP_MD for.
+
+
Returns:
the EVP_MD used for the context.
+ +
+

+ +

+
+ + + + + + + + + +
size_t EVP_MD_CTX_size (EVP_MD_CTX *  ctx  ) 
+
+
+ +

+Return the output size of the message digest function.

+

Parameters:
+ + +
ctx the evp message digest context
+
+
Returns:
size output size of the message digest function.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_md_null (void   ) 
+
+
+ +

+The null message digest

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
size_t EVP_MD_size (const EVP_MD *  md  ) 
+
+
+ +

+Return the output size of the message digest function.

+

Parameters:
+ + +
md the evp message
+
+
Returns:
size output size of the message digest function.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_rc2_40_cbc (void   ) 
+
+
+ +

+The RC2 cipher type

+

Returns:
the RC2 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_rc2_64_cbc (void   ) 
+
+
+ +

+The RC2 cipher type

+

Returns:
the RC2 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_rc2_cbc (void   ) 
+
+
+ +

+The RC2 cipher type

+

Returns:
the RC2 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_rc4 (void   ) 
+
+
+ +

+The RC4 cipher type

+

Returns:
the RC4 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_rc4_40 (void   ) 
+
+
+ +

+The RC4-40 cipher type

+

Returns:
the RC4-40 EVP_CIPHER pointer.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_sha (void   ) 
+
+
+ +

+The message digest SHA1

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_sha1 (void   ) 
+
+
+ +

+The message digest SHA1

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_sha256 (void   ) 
+
+
+ +

+The message digest SHA256

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_sha384 (void   ) 
+
+
+ +

+The message digest SHA384

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_MD* EVP_sha512 (void   ) 
+
+
+ +

+The message digest SHA512

+

Returns:
the message digest type.
+ +
+

+ +

+
+ + + + + + + + + +
const EVP_CIPHER* EVP_wincrypt_des_ede3_cbc (void   ) 
+
+
+ +

+The tripple DES cipher type (Micrsoft crypt provider)

+

Returns:
the DES-EDE3-CBC EVP_CIPHER pointer.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/group__hcrypto__misc.html b/doc/doxyout/hcrypto/html/group__hcrypto__misc.html new file mode 100644 index 000000000000..5588023a7b80 --- /dev/null +++ b/doc/doxyout/hcrypto/html/group__hcrypto__misc.html @@ -0,0 +1,106 @@ + + +Heimdal crypto library: hcrypto miscellaneous functions + + + +

+keyhole logo +

+ + + +
+

hcrypto miscellaneous functions

+ + + + +

Functions

int PKCS5_PBKDF2_HMAC_SHA1 (const void *password, size_t password_len, const void *salt, size_t salt_len, unsigned long iter, size_t keylen, void *key)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int PKCS5_PBKDF2_HMAC_SHA1 (const void *  password,
size_t  password_len,
const void *  salt,
size_t  salt_len,
unsigned long  iter,
size_t  keylen,
void *  key 
)
+
+
+ +

+As descriped in PKCS5, convert a password, salt, and iteration counter into a crypto key.

+

Parameters:
+ + + + + + + + +
password Password.
password_len Length of password.
salt Salt
salt_len Length of salt.
iter iteration counter.
keylen the output key length.
key the output key.
+
+
Returns:
1 on success, non 1 on failure.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/group__hcrypto__rand.html b/doc/doxyout/hcrypto/html/group__hcrypto__rand.html new file mode 100644 index 000000000000..cf6d9a428706 --- /dev/null +++ b/doc/doxyout/hcrypto/html/group__hcrypto__rand.html @@ -0,0 +1,425 @@ + + +Heimdal crypto library: RAND crypto functions + + + +

+keyhole logo +

+ + + +
+

RAND crypto functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

void RAND_seed (const void *indata, size_t size)
int RAND_bytes (void *outdata, size_t size)
void RAND_cleanup (void)
void RAND_add (const void *indata, size_t size, double entropi)
int RAND_pseudo_bytes (void *outdata, size_t size)
int RAND_status (void)
int RAND_set_rand_method (const RAND_METHOD *meth)
const RAND_METHOD * RAND_get_rand_method (void)
int RAND_set_rand_engine (ENGINE *engine)
int RAND_load_file (const char *filename, size_t size)
int RAND_write_file (const char *filename)
const char * RAND_file_name (char *filename, size_t size)
+

Detailed Description

+See the RAND - random number for description and examples.

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + +
void RAND_add (const void *  indata,
size_t  size,
double  entropi 
)
+
+
+ +

+Seed that random number generator. Secret material can securely be feed into the function, they will never be returned.

+

Parameters:
+ + + + +
indata the input data.
size size of in data.
entropi entropi in data.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int RAND_bytes (void *  outdata,
size_t  size 
)
+
+
+ +

+Get a random block from the random generator, can be used for key material.

+

Parameters:
+ + + +
outdata random data
size length random data
+
+
Returns:
1 on success, 0 on failure.
+ +
+

+ +

+
+ + + + + + + + + +
void RAND_cleanup (void   ) 
+
+
+ +

+Reset and free memory used by the random generator. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
const char* RAND_file_name (char *  filename,
size_t  size 
)
+
+
+ +

+Return the default random state filename for a user to use for RAND_load_file(), and RAND_write_file().

+

Parameters:
+ + + +
filename buffer to hold file name.
size size of buffer filename.
+
+
Returns:
the buffer filename or NULL on failure.
+ +
+

+ +

+
+ + + + + + + + + +
const RAND_METHOD* RAND_get_rand_method (void   ) 
+
+
+ +

+Get the default random method. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int RAND_load_file (const char *  filename,
size_t  size 
)
+
+
+ +

+Load a a file and feed it into RAND_seed().

+

Parameters:
+ + + +
filename name of file to read.
size minimum size to read.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int RAND_pseudo_bytes (void *  outdata,
size_t  size 
)
+
+
+ +

+Get a random block from the random generator, should NOT be used for key material.

+

Parameters:
+ + + +
outdata random data
size length random data
+
+
Returns:
1 on success, 0 on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void RAND_seed (const void *  indata,
size_t  size 
)
+
+
+ +

+Seed that random number generator. Secret material can securely be feed into the function, they will never be returned.

+

Parameters:
+ + + +
indata seed data
size length seed data
+
+ +
+

+ +

+
+ + + + + + + + + +
int RAND_set_rand_engine (ENGINE *  engine  ) 
+
+
+ +

+Set the default random method from engine.

+

Parameters:
+ + +
engine use engine, if NULL is passed it, old method and engine is cleared.
+
+
Returns:
1 on success, 0 on failure.
+ +
+

+ +

+
+ + + + + + + + + +
int RAND_set_rand_method (const RAND_METHOD *  meth  ) 
+
+
+ +

+Set the default random method.

+

Parameters:
+ + +
meth set the new default method.
+
+
Returns:
1 on success.
+ +
+

+ +

+
+ + + + + + + + + +
int RAND_status (void   ) 
+
+
+ +

+Return status of the random generator

+

Returns:
1 if the random generator can deliver random data.
+ +
+

+ +

+
+ + + + + + + + + +
int RAND_write_file (const char *  filename  ) 
+
+
+ +

+Write of random numbers to a file to store for later initiation with RAND_load_file().

+

Parameters:
+ + +
filename name of file to write.
+
+
Returns:
1 on success and non-one on failure.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/group__hcrypto__rsa.html b/doc/doxyout/hcrypto/html/group__hcrypto__rsa.html new file mode 100644 index 000000000000..a4ff2a512195 --- /dev/null +++ b/doc/doxyout/hcrypto/html/group__hcrypto__rsa.html @@ -0,0 +1,278 @@ + + +Heimdal crypto library: RSA functions + + + +

+keyhole logo +

+ + + +
+

RSA functions

+ + + + + + + + + + + + + + + + + + +

Functions

RSA * RSA_new (void)
RSA * RSA_new_method (ENGINE *engine)
void RSA_free (RSA *rsa)
int RSA_up_ref (RSA *rsa)
const RSA_METHOD * RSA_get_method (const RSA *rsa)
int RSA_set_method (RSA *rsa, const RSA_METHOD *method)
int RSA_set_app_data (RSA *rsa, void *arg)
void * RSA_get_app_data (const RSA *rsa)
+

Detailed Description

+See the RSA - public-key cryptography for description and examples.

Function Documentation

+ +
+
+ + + + + + + + + +
void RSA_free (RSA *  rsa  ) 
+
+
+ +

+Free an allocation RSA object.

+

Parameters:
+ + +
rsa the RSA object to free.
+
+ +
+

+ +

+
+ + + + + + + + + +
void* RSA_get_app_data (const RSA *  rsa  ) 
+
+
+ +

+Get the application data for the RSA object.

+

Parameters:
+ + +
rsa the rsa object to get the parameter for
+
+
Returns:
the data object
+ +
+

+ +

+
+ + + + + + + + + +
const RSA_METHOD* RSA_get_method (const RSA *  rsa  ) 
+
+
+ +

+Return the RSA_METHOD used for this RSA object.

+

Parameters:
+ + +
rsa the object to get the method from.
+
+
Returns:
the method used for this RSA object.
+ +
+

+ +

+
+ + + + + + + + + +
RSA* RSA_new (void   ) 
+
+
+ +

+Same as RSA_new_method() using NULL as engine.

+

Returns:
a newly allocated RSA object. Free with RSA_free().
+ +
+

+ +

+
+ + + + + + + + + +
RSA* RSA_new_method (ENGINE *  engine  ) 
+
+
+ +

+Allocate a new RSA object using the engine, if NULL is specified as the engine, use the default RSA engine as returned by ENGINE_get_default_RSA().

+

Parameters:
+ + +
engine Specific what ENGINE RSA provider should be used.
+
+
Returns:
a newly allocated RSA object. Free with RSA_free().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int RSA_set_app_data (RSA *  rsa,
void *  arg 
)
+
+
+ +

+Set the application data for the RSA object.

+

Parameters:
+ + + +
rsa the rsa object to set the parameter for
arg the data object to store
+
+
Returns:
1 on success.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int RSA_set_method (RSA *  rsa,
const RSA_METHOD *  method 
)
+
+
+ +

+Set a new method for the RSA keypair.

+

Parameters:
+ + + +
rsa rsa parameter.
method the new method for the RSA parameter.
+
+
Returns:
1 on success.
+ +
+

+ +

+
+ + + + + + + + + +
int RSA_up_ref (RSA *  rsa  ) 
+
+
+ +

+Add an extra reference to the RSA object. The object should be free with RSA_free() to drop the reference.

+

Parameters:
+ + +
rsa the object to add reference counting too.
+
+
Returns:
the current reference count, can't safely be used except for debug printing.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/index.html b/doc/doxyout/hcrypto/html/index.html new file mode 100644 index 000000000000..26b61b7ad182 --- /dev/null +++ b/doc/doxyout/hcrypto/html/index.html @@ -0,0 +1,47 @@ + + +Heimdal crypto library: Heimdal crypto library + + + +

+keyhole logo +

+ + + +
+

Heimdal crypto library

+

+

1.5

+Introduction

+Heimdal libhcrypto library is a implementation many crypto algorithms, among others: AES, SHA, DES, RSA, Camellia and many help function.

+hcrypto provies a OpenSSL compatible interface libcrypto interface and is licensed under a 3 clause BSD license (GPL compatible).

+The project web page: http://www.h5l.org/

+Sections of this manual:

+

+

+Older interfaces that you should not use:

+

+

+Control functions

+Functions controlling general behavior, like adding algorithms, are documented in this module: hcrypto function controlling behavior .

+Return values

+Return values are diffrent in this module to be compatible with OpenSSL interface. The diffrence is that on success 1 is returned instead of the customary 0.

+History

+Eric Young implemented DES in the library libdes, that grew into libcrypto in the ssleay package. ssleay went into recession and then got picked up by the OpenSSL (htp://www.openssl.org/) project.

+libhcrypto is an independent implementation with no code decended from ssleay/openssl. Both includes some common imported code, for example the AES implementation.

+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/modules.html b/doc/doxyout/hcrypto/html/modules.html new file mode 100644 index 000000000000..64aeab137c04 --- /dev/null +++ b/doc/doxyout/hcrypto/html/modules.html @@ -0,0 +1,35 @@ + + +Heimdal crypto library: Module Index + + + +

+keyhole logo +

+ + + +
+

Modules

Here is a list of all modules: +
+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/page_des.html b/doc/doxyout/hcrypto/html/page_des.html new file mode 100644 index 000000000000..f8d180439a5b --- /dev/null +++ b/doc/doxyout/hcrypto/html/page_des.html @@ -0,0 +1,45 @@ + + +Heimdal crypto library: DES - Data Encryption Standard crypto interface + + + +

+keyhole logo +

+ + + +
+

DES - Data Encryption Standard crypto interface

See the library functions here: DES crypto functions

+DES was created by IBM, modififed by NSA and then adopted by NBS (now NIST) and published ad FIPS PUB 46 (updated by FIPS 46-1).

+Since the 19th May 2005 DES was withdrawn by NIST and should no longer be used. See EVP - generic crypto interface for replacement encryption algorithms and interfaces.

+Read more the iteresting history of DES on Wikipedia http://www.wikipedia.org/wiki/Data_Encryption_Standard .

+DES key generation

+To generate a DES key safely you have to use the code-snippet below. This is because the DES_random_key() can fail with an abort() in case of and failure to start the random generator.

+There is a replacement function DES_new_random_key(), however that function does not exists in OpenSSL.

+

 DES_cblock key;
+ do {
+     if (RAND_rand(&key, sizeof(key)) != 1)
+          goto failure;
+     DES_set_odd_parity(key);
+ } while (DES_is_weak_key(&key));
+

+DES implementation history

+There was no complete BSD licensed, fast, GPL compatible implementation of DES, so Love wrote the part that was missing, fast key schedule setup and adapted the interface to the orignal libdes.

+The document that got me started for real was "Efficient Implementation of the Data Encryption Standard" by Dag Arne Osvik. I never got to the PC1 transformation was working, instead I used table-lookup was used for all key schedule setup. The document was very useful since it de-mystified other implementations for me.

+The core DES function (SBOX + P transformation) is from Richard Outerbridge public domain DES implementation. My sanity is saved thanks to his work. Thank you Richard.

+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/page_dh.html b/doc/doxyout/hcrypto/html/page_dh.html new file mode 100644 index 000000000000..868f4452bab8 --- /dev/null +++ b/doc/doxyout/hcrypto/html/page_dh.html @@ -0,0 +1,30 @@ + + +Heimdal crypto library: DH - Diffie-Hellman key exchange + + + +

+keyhole logo +

+ + + +
+

DH - Diffie-Hellman key exchange

Diffie-Hellman key exchange is a protocol that allows two parties to establish a shared secret key.

+Include and example how to use DH_new() and friends here.

+See the library functions here: Diffie-Hellman functions

+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/page_evp.html b/doc/doxyout/hcrypto/html/page_evp.html new file mode 100644 index 000000000000..a6bd8119b1f6 --- /dev/null +++ b/doc/doxyout/hcrypto/html/page_evp.html @@ -0,0 +1,30 @@ + + +Heimdal crypto library: EVP - generic crypto interface + + + +

+keyhole logo +

+ + + +
+

EVP - generic crypto interface

See the library functions here: EVP generic crypto functions

+EVP Cipher

+The use of EVP_CipherInit_ex() and EVP_Cipher() is pretty easy to understand forward, then EVP_CipherUpdate() and EVP_CipherFinal_ex() really needs an example to explain example_evp_cipher::c .
+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/page_rand.html b/doc/doxyout/hcrypto/html/page_rand.html new file mode 100644 index 000000000000..a9de3a5d806d --- /dev/null +++ b/doc/doxyout/hcrypto/html/page_rand.html @@ -0,0 +1,28 @@ + + +Heimdal crypto library: RAND - random number + + + +

+keyhole logo +

+ + + +
+

RAND - random number

See the library functions here: RAND crypto functions
+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/page_rsa.html b/doc/doxyout/hcrypto/html/page_rsa.html new file mode 100644 index 000000000000..36faeed9cc7f --- /dev/null +++ b/doc/doxyout/hcrypto/html/page_rsa.html @@ -0,0 +1,31 @@ + + +Heimdal crypto library: RSA - public-key cryptography + + + +

+keyhole logo +

+ + + +
+

RSA - public-key cryptography

RSA is named by its inventors (Ron Rivest, Adi Shamir, and Leonard Adleman) (published in 1977), patented expired in 21 September 2000.

+Speed for RSA in seconds no key blinding 1000 iteration, same rsa keys (1024 and 2048) operation performed each eteration sign, verify, encrypt, decrypt on a random bit pattern

+name 1024 2048 4098 ================================= gmp: 0.73 6.60 44.80 tfm: 2.45 -- -- ltm: 3.79 20.74 105.41 (default in hcrypto) openssl: 4.04 11.90 82.59 cdsa: 15.89 102.89 721.40 imath: 40.62 -- --

+See the library functions here: RSA functions

+
+Generated on Sat Jul 30 13:45:37 2011 for Heimdal crypto library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hcrypto/html/tab_b.gif b/doc/doxyout/hcrypto/html/tab_b.gif new file mode 100644 index 0000000000000000000000000000000000000000..0d623483ffdf5f9f96900108042a7ab0643fe2a3 GIT binary patch literal 35 ncmZ?wbhEHbWMp7uXkcJy*>IeJfk6j|fqX^=1|}vKMh0sDa2W*H literal 0 HcmV?d00001 diff --git a/doc/doxyout/hcrypto/html/tab_l.gif b/doc/doxyout/hcrypto/html/tab_l.gif new file mode 100644 index 0000000000000000000000000000000000000000..9b1e6337c9299a700401a2a78a2c6ffced475216 GIT binary patch literal 706 zcmZ?wbhEHbZT`}F1e&(Gg}Y(8=I;HA5#Z$3JI=gGB)FQ#odI(O&E^@q;x zK6mr*m3xOS-#u~t!I@i+u0DKm^U160k6t`|^WpV}&n+8{U%dD9&a>B#U%!9-@yol< zU%&tQ{rk_K|NsC0`}dE5ET99@1@a36+kb~?0UJ*yc&I3X_m z!ND^5$O7$#8OFRuDhG}!?8z?cdZK&!`PWjdR;Aj^wZ` zeK{IEYHBJ)6K8VIp1`BVt++swf6j+=L{p1*nO(VhE`pFexG@5$|>uaCcd z`0m=9m+yak{QmXN#Sc$^{$X9h9&q2jiKAI|&T)a;PPx2K9p`YIdw8HtR5k2Q$2-O2 z*;3y{MQ-RnJTgJfI&R5|O)AHxDf_00XbPvDZPy4t=hHd)nfLPvms&O`Ok(sD()5v$ z5U@&h;a=#xbxVbo2~X&Xj0Ie(f{v>vERH+qC+nTG=B8Nca=wU-O$?1&vUgV~9=!H; zx>3p9Yn%*<>t~sk+&0xfyS8RsPfYBd<~wWK%j-LmpU>O7yX^h#UCp1x-p#i7@bE;py8XI6 zmY<)m>~)W~yIWcMVoiPg{duuf<*)9qZ9l$m*Ph&W&$jlv*Vpa+{pH@n=IQ$L?0$ax ec60Ul|8o2P|NVbd{6P)#weSbE3}s?04AuZvx_~SI literal 0 HcmV?d00001 diff --git a/doc/doxyout/hcrypto/html/tab_r.gif b/doc/doxyout/hcrypto/html/tab_r.gif new file mode 100644 index 0000000000000000000000000000000000000000..ce9dd9f533cb5486d6941844f442b59d4a9e9175 GIT binary patch literal 2585 zcmbV}`9Bkk1ILFF--w5zJc=ZZT(zjE=;2|_S)Qm~rCWz1Pc)KPl;jv%A#&v2*x}yc zmf2~Jm~&=xjJY?PqwIN}f8qQ2{r$uH{c*nJbmr{cR5??*egHrs-B=MzCF`3%e{FAW z{oL5xTHn~5TM{jaB;@|_Ue5F&Zb@p(kMyG{*;gWDg zyeL|eZf7Qd8=#bXzSiR{yzRgLSj-fJS8>lBjVHN z^o-0eS=nE6a`W;LChBs=`+QAJP~{b93>H^eRb5kCSC1zUNezun%`L5M?RDzv#%jk7 zYVRX=vATPD`+oEfum^{RM@GjuP?-r=yh0!p;Vx^T9G7~`7%5ydH%70=jyJ;;`d;hv92x3R=z{xp+Lg2!*@OK*K15-t&okoPtSED)h&$RLxdbA zseWm^C3d%-yRNi-ryk^!ek+C`n&~cd$#ZWct_cUL{l~i+Nzx^5d!n94(>bW-iL~Rl z&8r)?q|1DIo=0=judQ{FaGcfLERz8gfn3-Qt<2lksh{mzpT}DXxUuR^z=^key&q4! z+wWI45vL0k$R^(F#{qfqhUsN@WA+w-V?LPH33!Q?WFSB3)WBojE@hK41Nb?KfS+Qo zXgrzfsP$wr4Qzy*{OD>uJBjdgGM@VMml5)2f~_}lD*YyOb}Hjeobhz#4c`w(l^>KK zr?Ud;W~Z}*w;%hZ|2^p^+f06gJDJQD zeIhGADbDmm&6arh(q>EZ<7mjzg7l|z$hRL8=1>)Nv=S7CY$B}iYJ&*T_-T_OG*L1q ztZ3Lana33?y3AKnyq^YCF|4x%Rb5WU&2qcl{TFKey%QJeMxn^SdT!hZ5+0i1zeusiYVp-phBl7b5+Px-X&LhByq z0F&<;K0l2+v>qiHlXb#$jXMv$uK-dEGE9L~qtdU(XeRXmvu*K2Q&6!fD**JxYP4b4BR7FdJ$Qx9G9`J%-_X!a#LGpp3g9)VWytGCa;7`S1_e8F~!R+aSJ zOF17p2`H?2kPs8Q`_;U}+D%3p zs2-0BTqFwpUoBk`?P;iPQ(IbEA|JmMx!P&YYG|R@S=5Mnw;-?A6rEEVyV%d7{iU4a zNk`i!%F(Ykpm`}#oH;BjY->@b8vQedv;pza2FL&*6ufjd+*3Ute&>kes~TU?^KkojsTh(o~(3tk1Y6>4(yn( z#U*ID9@eg-beKo1B;HXe+}{Z%n@7m0+yxivuqk9~;!1LGQlah)xYK4>wgL}l6dsaN zIxlRlq`*`j9PG4*0hD6YV_b_2w5b#)o7J?`q#{GjvvKlD`T*dWcZx<-s(ZvLB44E# z=!|sw!?)@%y$oRNL#25WS3lzdii}TuQ3?CLnvQ1_n};2sT_;Y;#d3=+-(O% zMN$>O!3;ke(UuLR%h_&)N zs^!-@A>QR}4yB1bPp`9S19ikTbZ~O{&FF-yHK{En;mmShDUIEw03`j(DBIsM}Rjki2J#SQa3gFZTKBPDeIiLt9Z z%bL3(B@Qw%(B`wSMS~dPh$=R`(}lBoFXKy(s|*{#ru$wjsBc_O#zxNk9w+UUHmx(U zmJ8+M+ndtnZ<7|VU9Mbt61zpo9T&3%Wx&XII=#QJxjR`CZf22ac3d51Z?GD%LEe_&*t46Qf;4`bZ7p2K(Ab5>GfT^}4! zBT&HZD`^PEgWoI&{~o-ID0F?O`75sm(87x%A{(}Ch1)QlzdJ)1B-eqe5a(weg0`4lQIf1evjvbBY50DVbzO7CLf|vP z2#0(U-|jZ`H{y5N^o7%iK6H>_HEGN->U6^!)1{XpJV!!4(Ig7wzZQ*9WYF4X1rG0x z=1uA@i`rIAciubDC{;~b(|&|A@xkjRP5aRcvRU9tvIm}jDB6J eQ0-6-y)mpwdT=ayS0tBxKDA*~;EWmo literal 0 HcmV?d00001 diff --git a/doc/doxyout/hcrypto/html/tabs.css b/doc/doxyout/hcrypto/html/tabs.css new file mode 100644 index 000000000000..95f00a91da30 --- /dev/null +++ b/doc/doxyout/hcrypto/html/tabs.css @@ -0,0 +1,102 @@ +/* tabs styles, based on http://www.alistapart.com/articles/slidingdoors */ + +DIV.tabs +{ + float : left; + width : 100%; + background : url("tab_b.gif") repeat-x bottom; + margin-bottom : 4px; +} + +DIV.tabs UL +{ + margin : 0px; + padding-left : 10px; + list-style : none; +} + +DIV.tabs LI, DIV.tabs FORM +{ + display : inline; + margin : 0px; + padding : 0px; +} + +DIV.tabs FORM +{ + float : right; +} + +DIV.tabs A +{ + float : left; + background : url("tab_r.gif") no-repeat right top; + border-bottom : 1px solid #84B0C7; + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + +DIV.tabs A:hover +{ + background-position: 100% -150px; +} + +DIV.tabs A:link, DIV.tabs A:visited, +DIV.tabs A:active, DIV.tabs A:hover +{ + color: #1A419D; +} + +DIV.tabs SPAN +{ + float : left; + display : block; + background : url("tab_l.gif") no-repeat left top; + padding : 5px 9px; + white-space : nowrap; +} + +DIV.tabs INPUT +{ + float : right; + display : inline; + font-size : 1em; +} + +DIV.tabs TD +{ + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + + + +/* Commented Backslash Hack hides rule from IE5-Mac \*/ +DIV.tabs SPAN {float : none;} +/* End IE5-Mac hack */ + +DIV.tabs A:hover SPAN +{ + background-position: 0% -150px; +} + +DIV.tabs LI.current A +{ + background-position: 100% -150px; + border-width : 0px; +} + +DIV.tabs LI.current SPAN +{ + background-position: 0% -150px; + padding-bottom : 6px; +} + +DIV.navpath +{ + background : none; + border : none; + border-bottom : 1px solid #84B0C7; +} diff --git a/doc/doxyout/hcrypto/man/man3/DES_cbc_cksum.3 b/doc/doxyout/hcrypto/man/man3/DES_cbc_cksum.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_cbc_cksum.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_cbc_encrypt.3 b/doc/doxyout/hcrypto/man/man3/DES_cbc_encrypt.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_cbc_encrypt.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_cfb64_encrypt.3 b/doc/doxyout/hcrypto/man/man3/DES_cfb64_encrypt.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_cfb64_encrypt.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_check_key_parity.3 b/doc/doxyout/hcrypto/man/man3/DES_check_key_parity.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_check_key_parity.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_ecb3_encrypt.3 b/doc/doxyout/hcrypto/man/man3/DES_ecb3_encrypt.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_ecb3_encrypt.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_ecb_encrypt.3 b/doc/doxyout/hcrypto/man/man3/DES_ecb_encrypt.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_ecb_encrypt.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_ede3_cbc_encrypt.3 b/doc/doxyout/hcrypto/man/man3/DES_ede3_cbc_encrypt.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_ede3_cbc_encrypt.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_encrypt.3 b/doc/doxyout/hcrypto/man/man3/DES_encrypt.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_encrypt.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_init_random_number_generator.3 b/doc/doxyout/hcrypto/man/man3/DES_init_random_number_generator.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_init_random_number_generator.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_is_weak_key.3 b/doc/doxyout/hcrypto/man/man3/DES_is_weak_key.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_is_weak_key.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_key_sched.3 b/doc/doxyout/hcrypto/man/man3/DES_key_sched.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_key_sched.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_new_random_key.3 b/doc/doxyout/hcrypto/man/man3/DES_new_random_key.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_new_random_key.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_pcbc_encrypt.3 b/doc/doxyout/hcrypto/man/man3/DES_pcbc_encrypt.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_pcbc_encrypt.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_random_key.3 b/doc/doxyout/hcrypto/man/man3/DES_random_key.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_random_key.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_set_key.3 b/doc/doxyout/hcrypto/man/man3/DES_set_key.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_set_key.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_set_key_checked.3 b/doc/doxyout/hcrypto/man/man3/DES_set_key_checked.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_set_key_checked.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_set_key_unchecked.3 b/doc/doxyout/hcrypto/man/man3/DES_set_key_unchecked.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_set_key_unchecked.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_set_odd_parity.3 b/doc/doxyout/hcrypto/man/man3/DES_set_odd_parity.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_set_odd_parity.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DES_string_to_key.3 b/doc/doxyout/hcrypto/man/man3/DES_string_to_key.3 new file mode 100644 index 000000000000..427856f72d18 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DES_string_to_key.3 @@ -0,0 +1 @@ +.so man3/hcrypto_des.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_check_pubkey.3 b/doc/doxyout/hcrypto/man/man3/DH_check_pubkey.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_check_pubkey.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_compute_key.3 b/doc/doxyout/hcrypto/man/man3/DH_compute_key.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_compute_key.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_free.3 b/doc/doxyout/hcrypto/man/man3/DH_free.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_free.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_generate_key.3 b/doc/doxyout/hcrypto/man/man3/DH_generate_key.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_generate_key.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_generate_parameters_ex.3 b/doc/doxyout/hcrypto/man/man3/DH_generate_parameters_ex.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_generate_parameters_ex.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_get_default_method.3 b/doc/doxyout/hcrypto/man/man3/DH_get_default_method.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_get_default_method.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_get_ex_data.3 b/doc/doxyout/hcrypto/man/man3/DH_get_ex_data.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_get_ex_data.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_ltm_method.3 b/doc/doxyout/hcrypto/man/man3/DH_ltm_method.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_ltm_method.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_new.3 b/doc/doxyout/hcrypto/man/man3/DH_new.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_new.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_new_method.3 b/doc/doxyout/hcrypto/man/man3/DH_new_method.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_new_method.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_null_method.3 b/doc/doxyout/hcrypto/man/man3/DH_null_method.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_null_method.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_set_default_method.3 b/doc/doxyout/hcrypto/man/man3/DH_set_default_method.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_set_default_method.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_set_ex_data.3 b/doc/doxyout/hcrypto/man/man3/DH_set_ex_data.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_set_ex_data.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_set_method.3 b/doc/doxyout/hcrypto/man/man3/DH_set_method.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_set_method.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_size.3 b/doc/doxyout/hcrypto/man/man3/DH_size.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_size.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/DH_up_ref.3 b/doc/doxyout/hcrypto/man/man3/DH_up_ref.3 new file mode 100644 index 000000000000..ade37d85c123 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/DH_up_ref.3 @@ -0,0 +1 @@ +.so man3/hcrypto_dh.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_BytesToKey.3 b/doc/doxyout/hcrypto/man/man3/EVP_BytesToKey.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_BytesToKey.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_block_size.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_block_size.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_block_size.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_cipher.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_cipher.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_cipher.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_cleanup.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_cleanup.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_cleanup.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_ctrl.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_ctrl.3 new file mode 100644 index 000000000000..2245f894556f --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_ctrl.3 @@ -0,0 +1 @@ +.so man3/hcrypto_core.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_flags.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_flags.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_flags.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_get_app_data.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_get_app_data.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_get_app_data.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_init.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_init.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_init.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_iv_length.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_iv_length.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_iv_length.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_key_length.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_key_length.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_key_length.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_mode.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_mode.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_mode.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_rand_key.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_rand_key.3 new file mode 100644 index 000000000000..2245f894556f --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_rand_key.3 @@ -0,0 +1 @@ +.so man3/hcrypto_core.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_set_app_data.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_set_app_data.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_set_app_data.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_set_key_length.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_set_key_length.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_CTX_set_key_length.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_block_size.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_block_size.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_block_size.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_iv_length.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_iv_length.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_iv_length.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_key_length.3 b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_key_length.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CIPHER_key_length.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CipherFinal_ex.3 b/doc/doxyout/hcrypto/man/man3/EVP_CipherFinal_ex.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CipherFinal_ex.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CipherInit_ex.3 b/doc/doxyout/hcrypto/man/man3/EVP_CipherInit_ex.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CipherInit_ex.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_CipherUpdate.3 b/doc/doxyout/hcrypto/man/man3/EVP_CipherUpdate.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_CipherUpdate.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_Digest.3 b/doc/doxyout/hcrypto/man/man3/EVP_Digest.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_Digest.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_DigestFinal_ex.3 b/doc/doxyout/hcrypto/man/man3/EVP_DigestFinal_ex.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_DigestFinal_ex.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_DigestInit_ex.3 b/doc/doxyout/hcrypto/man/man3/EVP_DigestInit_ex.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_DigestInit_ex.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_DigestUpdate.3 b/doc/doxyout/hcrypto/man/man3/EVP_DigestUpdate.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_DigestUpdate.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_block_size.3 b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_block_size.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_block_size.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_cleanup.3 b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_cleanup.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_cleanup.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_create.3 b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_create.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_create.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_destroy.3 b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_destroy.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_destroy.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_init.3 b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_init.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_init.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_md.3 b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_md.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_md.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_size.3 b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_size.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_MD_CTX_size.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_MD_block_size.3 b/doc/doxyout/hcrypto/man/man3/EVP_MD_block_size.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_MD_block_size.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_MD_size.3 b/doc/doxyout/hcrypto/man/man3/EVP_MD_size.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_MD_size.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_aes_128_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_aes_128_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_aes_128_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_aes_128_cfb8.3 b/doc/doxyout/hcrypto/man/man3/EVP_aes_128_cfb8.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_aes_128_cfb8.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_aes_192_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_aes_192_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_aes_192_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_aes_192_cfb8.3 b/doc/doxyout/hcrypto/man/man3/EVP_aes_192_cfb8.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_aes_192_cfb8.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_aes_256_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_aes_256_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_aes_256_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_aes_256_cfb8.3 b/doc/doxyout/hcrypto/man/man3/EVP_aes_256_cfb8.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_aes_256_cfb8.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_camellia_128_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_camellia_128_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_camellia_128_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_camellia_192_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_camellia_192_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_camellia_192_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_camellia_256_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_camellia_256_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_camellia_256_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_des_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_des_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_des_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_des_ede3_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_des_ede3_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_des_ede3_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_enc_null.3 b/doc/doxyout/hcrypto/man/man3/EVP_enc_null.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_enc_null.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_get_cipherbyname.3 b/doc/doxyout/hcrypto/man/man3/EVP_get_cipherbyname.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_get_cipherbyname.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_128_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_128_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_128_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_128_cfb8.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_128_cfb8.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_128_cfb8.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_192_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_192_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_192_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_192_cfb8.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_192_cfb8.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_192_cfb8.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_256_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_256_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_256_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_256_cfb8.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_256_cfb8.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_aes_256_cfb8.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_camellia_128_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_camellia_128_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_camellia_128_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_camellia_192_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_camellia_192_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_camellia_192_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_camellia_256_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_camellia_256_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_camellia_256_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_des_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_des_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_des_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_des_ede3_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_des_ede3_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_des_ede3_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_md2.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_md2.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_md2.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_md4.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_md4.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_md4.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_md5.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_md5.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_md5.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_rc2_40_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_rc2_40_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_rc2_40_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_rc2_64_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_rc2_64_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_rc2_64_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_rc2_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_rc2_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_rc2_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha1.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha1.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha1.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha256.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha256.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha256.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha384.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha384.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha384.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha512.3 b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha512.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_hcrypto_sha512.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_md2.3 b/doc/doxyout/hcrypto/man/man3/EVP_md2.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_md2.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_md4.3 b/doc/doxyout/hcrypto/man/man3/EVP_md4.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_md4.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_md5.3 b/doc/doxyout/hcrypto/man/man3/EVP_md5.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_md5.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_md_null.3 b/doc/doxyout/hcrypto/man/man3/EVP_md_null.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_md_null.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_rc2_40_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_rc2_40_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_rc2_40_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_rc2_64_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_rc2_64_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_rc2_64_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_rc2_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_rc2_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_rc2_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_rc4.3 b/doc/doxyout/hcrypto/man/man3/EVP_rc4.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_rc4.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_rc4_40.3 b/doc/doxyout/hcrypto/man/man3/EVP_rc4_40.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_rc4_40.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_sha.3 b/doc/doxyout/hcrypto/man/man3/EVP_sha.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_sha.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_sha1.3 b/doc/doxyout/hcrypto/man/man3/EVP_sha1.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_sha1.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_sha256.3 b/doc/doxyout/hcrypto/man/man3/EVP_sha256.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_sha256.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_sha384.3 b/doc/doxyout/hcrypto/man/man3/EVP_sha384.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_sha384.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_sha512.3 b/doc/doxyout/hcrypto/man/man3/EVP_sha512.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_sha512.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/EVP_wincrypt_des_ede3_cbc.3 b/doc/doxyout/hcrypto/man/man3/EVP_wincrypt_des_ede3_cbc.3 new file mode 100644 index 000000000000..d526f956e4fb --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/EVP_wincrypt_des_ede3_cbc.3 @@ -0,0 +1 @@ +.so man3/hcrypto_evp.3 diff --git a/doc/doxyout/hcrypto/man/man3/OpenSSL_add_all_algorithms.3 b/doc/doxyout/hcrypto/man/man3/OpenSSL_add_all_algorithms.3 new file mode 100644 index 000000000000..2245f894556f --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/OpenSSL_add_all_algorithms.3 @@ -0,0 +1 @@ +.so man3/hcrypto_core.3 diff --git a/doc/doxyout/hcrypto/man/man3/OpenSSL_add_all_algorithms_conf.3 b/doc/doxyout/hcrypto/man/man3/OpenSSL_add_all_algorithms_conf.3 new file mode 100644 index 000000000000..2245f894556f --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/OpenSSL_add_all_algorithms_conf.3 @@ -0,0 +1 @@ +.so man3/hcrypto_core.3 diff --git a/doc/doxyout/hcrypto/man/man3/OpenSSL_add_all_algorithms_noconf.3 b/doc/doxyout/hcrypto/man/man3/OpenSSL_add_all_algorithms_noconf.3 new file mode 100644 index 000000000000..2245f894556f --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/OpenSSL_add_all_algorithms_noconf.3 @@ -0,0 +1 @@ +.so man3/hcrypto_core.3 diff --git a/doc/doxyout/hcrypto/man/man3/PKCS5_PBKDF2_HMAC_SHA1.3 b/doc/doxyout/hcrypto/man/man3/PKCS5_PBKDF2_HMAC_SHA1.3 new file mode 100644 index 000000000000..a6545bd8d828 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/PKCS5_PBKDF2_HMAC_SHA1.3 @@ -0,0 +1 @@ +.so man3/hcrypto_misc.3 diff --git a/doc/doxyout/hcrypto/man/man3/RAND_add.3 b/doc/doxyout/hcrypto/man/man3/RAND_add.3 new file mode 100644 index 000000000000..321ba4cdcba8 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RAND_add.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rand.3 diff --git a/doc/doxyout/hcrypto/man/man3/RAND_bytes.3 b/doc/doxyout/hcrypto/man/man3/RAND_bytes.3 new file mode 100644 index 000000000000..321ba4cdcba8 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RAND_bytes.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rand.3 diff --git a/doc/doxyout/hcrypto/man/man3/RAND_cleanup.3 b/doc/doxyout/hcrypto/man/man3/RAND_cleanup.3 new file mode 100644 index 000000000000..321ba4cdcba8 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RAND_cleanup.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rand.3 diff --git a/doc/doxyout/hcrypto/man/man3/RAND_file_name.3 b/doc/doxyout/hcrypto/man/man3/RAND_file_name.3 new file mode 100644 index 000000000000..321ba4cdcba8 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RAND_file_name.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rand.3 diff --git a/doc/doxyout/hcrypto/man/man3/RAND_get_rand_method.3 b/doc/doxyout/hcrypto/man/man3/RAND_get_rand_method.3 new file mode 100644 index 000000000000..321ba4cdcba8 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RAND_get_rand_method.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rand.3 diff --git a/doc/doxyout/hcrypto/man/man3/RAND_load_file.3 b/doc/doxyout/hcrypto/man/man3/RAND_load_file.3 new file mode 100644 index 000000000000..321ba4cdcba8 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RAND_load_file.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rand.3 diff --git a/doc/doxyout/hcrypto/man/man3/RAND_pseudo_bytes.3 b/doc/doxyout/hcrypto/man/man3/RAND_pseudo_bytes.3 new file mode 100644 index 000000000000..321ba4cdcba8 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RAND_pseudo_bytes.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rand.3 diff --git a/doc/doxyout/hcrypto/man/man3/RAND_seed.3 b/doc/doxyout/hcrypto/man/man3/RAND_seed.3 new file mode 100644 index 000000000000..321ba4cdcba8 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RAND_seed.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rand.3 diff --git a/doc/doxyout/hcrypto/man/man3/RAND_set_rand_engine.3 b/doc/doxyout/hcrypto/man/man3/RAND_set_rand_engine.3 new file mode 100644 index 000000000000..321ba4cdcba8 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RAND_set_rand_engine.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rand.3 diff --git a/doc/doxyout/hcrypto/man/man3/RAND_set_rand_method.3 b/doc/doxyout/hcrypto/man/man3/RAND_set_rand_method.3 new file mode 100644 index 000000000000..321ba4cdcba8 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RAND_set_rand_method.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rand.3 diff --git a/doc/doxyout/hcrypto/man/man3/RAND_status.3 b/doc/doxyout/hcrypto/man/man3/RAND_status.3 new file mode 100644 index 000000000000..321ba4cdcba8 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RAND_status.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rand.3 diff --git a/doc/doxyout/hcrypto/man/man3/RAND_write_file.3 b/doc/doxyout/hcrypto/man/man3/RAND_write_file.3 new file mode 100644 index 000000000000..321ba4cdcba8 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RAND_write_file.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rand.3 diff --git a/doc/doxyout/hcrypto/man/man3/RSA_free.3 b/doc/doxyout/hcrypto/man/man3/RSA_free.3 new file mode 100644 index 000000000000..9f1f31caccf9 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RSA_free.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rsa.3 diff --git a/doc/doxyout/hcrypto/man/man3/RSA_get_app_data.3 b/doc/doxyout/hcrypto/man/man3/RSA_get_app_data.3 new file mode 100644 index 000000000000..9f1f31caccf9 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RSA_get_app_data.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rsa.3 diff --git a/doc/doxyout/hcrypto/man/man3/RSA_get_method.3 b/doc/doxyout/hcrypto/man/man3/RSA_get_method.3 new file mode 100644 index 000000000000..9f1f31caccf9 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RSA_get_method.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rsa.3 diff --git a/doc/doxyout/hcrypto/man/man3/RSA_new.3 b/doc/doxyout/hcrypto/man/man3/RSA_new.3 new file mode 100644 index 000000000000..9f1f31caccf9 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RSA_new.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rsa.3 diff --git a/doc/doxyout/hcrypto/man/man3/RSA_new_method.3 b/doc/doxyout/hcrypto/man/man3/RSA_new_method.3 new file mode 100644 index 000000000000..9f1f31caccf9 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RSA_new_method.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rsa.3 diff --git a/doc/doxyout/hcrypto/man/man3/RSA_set_app_data.3 b/doc/doxyout/hcrypto/man/man3/RSA_set_app_data.3 new file mode 100644 index 000000000000..9f1f31caccf9 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RSA_set_app_data.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rsa.3 diff --git a/doc/doxyout/hcrypto/man/man3/RSA_set_method.3 b/doc/doxyout/hcrypto/man/man3/RSA_set_method.3 new file mode 100644 index 000000000000..9f1f31caccf9 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RSA_set_method.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rsa.3 diff --git a/doc/doxyout/hcrypto/man/man3/RSA_up_ref.3 b/doc/doxyout/hcrypto/man/man3/RSA_up_ref.3 new file mode 100644 index 000000000000..9f1f31caccf9 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/RSA_up_ref.3 @@ -0,0 +1 @@ +.so man3/hcrypto_rsa.3 diff --git a/doc/doxyout/hcrypto/man/man3/hcrypto_core.3 b/doc/doxyout/hcrypto/man/man3/hcrypto_core.3 new file mode 100644 index 000000000000..1dc73c2e586e --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/hcrypto_core.3 @@ -0,0 +1,76 @@ +.TH "hcrypto function controlling behavior" 3 "30 Jul 2011" "Version 1.5" "Heimdal crypto library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hcrypto function controlling behavior \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBEVP_CIPHER_CTX_rand_key\fP (EVP_CIPHER_CTX *ctx, void *key)" +.br +.ti -1c +.RI "int \fBEVP_CIPHER_CTX_ctrl\fP (EVP_CIPHER_CTX *ctx, int type, int arg, void *data)" +.br +.ti -1c +.RI "void \fBOpenSSL_add_all_algorithms\fP (void)" +.br +.ti -1c +.RI "void \fBOpenSSL_add_all_algorithms_conf\fP (void)" +.br +.ti -1c +.RI "void \fBOpenSSL_add_all_algorithms_noconf\fP (void)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "int EVP_CIPHER_CTX_ctrl (EVP_CIPHER_CTX * ctx, int type, int arg, void * data)" +.PP +Perform a operation on a ctx +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP context to perform operation on. +.br +\fItype\fP type of operation. +.br +\fIarg\fP argument to operation. +.br +\fIdata\fP addition data to operation. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 for success, 0 for failure. +.RE +.PP + +.SS "int EVP_CIPHER_CTX_rand_key (EVP_CIPHER_CTX * ctx, void * key)" +.PP +Generate a random key for the specificed EVP_CIPHER. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP EVP_CIPHER_CTX type to build the key for. +.br +\fIkey\fP return key, must be at least \fBEVP_CIPHER_key_length()\fP byte long. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 for success, 0 for failure. +.RE +.PP + +.SS "void OpenSSL_add_all_algorithms (void)" +.PP +Add all algorithms to the crypto core. +.SS "void OpenSSL_add_all_algorithms_conf (void)" +.PP +Add all algorithms to the crypto core using configuration file. +.SS "void OpenSSL_add_all_algorithms_noconf (void)" +.PP +Add all algorithms to the crypto core, but don't use the configuration file. diff --git a/doc/doxyout/hcrypto/man/man3/hcrypto_des.3 b/doc/doxyout/hcrypto/man/man3/hcrypto_des.3 new file mode 100644 index 000000000000..8afb15dfa117 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/hcrypto_des.3 @@ -0,0 +1,392 @@ +.TH "DES crypto functions" 3 "30 Jul 2011" "Version 1.5" "Heimdal crypto library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +DES crypto functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "void \fBDES_set_odd_parity\fP (DES_cblock *key)" +.br +.ti -1c +.RI "int HC_DEPRECATED \fBDES_check_key_parity\fP (DES_cblock *key)" +.br +.ti -1c +.RI "int \fBDES_is_weak_key\fP (DES_cblock *key)" +.br +.ti -1c +.RI "int HC_DEPRECATED \fBDES_set_key\fP (DES_cblock *key, DES_key_schedule *ks)" +.br +.ti -1c +.RI "int \fBDES_set_key_unchecked\fP (DES_cblock *key, DES_key_schedule *ks)" +.br +.ti -1c +.RI "int \fBDES_set_key_checked\fP (DES_cblock *key, DES_key_schedule *ks)" +.br +.ti -1c +.RI "int \fBDES_key_sched\fP (DES_cblock *key, DES_key_schedule *ks)" +.br +.ti -1c +.RI "void \fBDES_encrypt\fP (uint32_t u[2], DES_key_schedule *ks, int encp)" +.br +.ti -1c +.RI "void \fBDES_ecb_encrypt\fP (DES_cblock *input, DES_cblock *output, DES_key_schedule *ks, int encp)" +.br +.ti -1c +.RI "void \fBDES_cbc_encrypt\fP (const void *in, void *out, long length, DES_key_schedule *ks, DES_cblock *iv, int encp)" +.br +.ti -1c +.RI "void \fBDES_pcbc_encrypt\fP (const void *in, void *out, long length, DES_key_schedule *ks, DES_cblock *iv, int encp)" +.br +.ti -1c +.RI "void \fBDES_ecb3_encrypt\fP (DES_cblock *input, DES_cblock *output, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, int encp)" +.br +.ti -1c +.RI "void \fBDES_ede3_cbc_encrypt\fP (const void *in, void *out, long length, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *iv, int encp)" +.br +.ti -1c +.RI "void \fBDES_cfb64_encrypt\fP (const void *in, void *out, long length, DES_key_schedule *ks, DES_cblock *iv, int *num, int encp)" +.br +.ti -1c +.RI "uint32_t \fBDES_cbc_cksum\fP (const void *in, DES_cblock *output, long length, DES_key_schedule *ks, DES_cblock *iv)" +.br +.ti -1c +.RI "void \fBDES_string_to_key\fP (const char *str, DES_cblock *key)" +.br +.ti -1c +.RI "int HC_DEPRECATED \fBDES_new_random_key\fP (DES_cblock *key)" +.br +.ti -1c +.RI "void HC_DEPRECATED \fBDES_init_random_number_generator\fP (DES_cblock *seed)" +.br +.ti -1c +.RI "void HC_DEPRECATED \fBDES_random_key\fP (DES_cblock *key)" +.br +.in -1c +.SH "Detailed Description" +.PP +See the \fBDES - Data Encryption Standard crypto interface\fP for description and examples. +.SH "Function Documentation" +.PP +.SS "uint32_t DES_cbc_cksum (const void * in, DES_cblock * output, long length, DES_key_schedule * ks, DES_cblock * iv)" +.PP +Crete a checksum using DES in CBC encryption mode. This mode is only used for Kerberos 4, and it should stay that way. +.PP +The IV must always be diffrent for diffrent input data blocks. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP data to checksum +.br +\fIoutput\fP the checksum +.br +\fIlength\fP length of data +.br +\fIks\fP key schedule to use +.br +\fIiv\fP initial vector to use +.RE +.PP + +.SS "void DES_cbc_encrypt (const void * in, void * out, long length, DES_key_schedule * ks, DES_cblock * iv, int encp)" +.PP +Encrypt/decrypt a block using DES in Chain Block Cipher mode (cbc). +.PP +The IV must always be diffrent for diffrent input data blocks. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP data to encrypt +.br +\fIout\fP data to encrypt +.br +\fIlength\fP length of data +.br +\fIks\fP key schedule to use +.br +\fIiv\fP initial vector to use +.br +\fIencp\fP if non zero, encrypt. if zero, decrypt. +.RE +.PP + +.SS "void DES_cfb64_encrypt (const void * in, void * out, long length, DES_key_schedule * ks, DES_cblock * iv, int * num, int encp)" +.PP +Encrypt/decrypt using DES in cipher feedback mode with 64 bit feedback. +.PP +The IV must always be diffrent for diffrent input data blocks. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP data to encrypt +.br +\fIout\fP data to encrypt +.br +\fIlength\fP length of data +.br +\fIks\fP key schedule to use +.br +\fIiv\fP initial vector to use +.br +\fInum\fP offset into in cipher block encryption/decryption stop last time. +.br +\fIencp\fP if non zero, encrypt. if zero, decrypt. +.RE +.PP + +.SS "int HC_DEPRECATED DES_check_key_parity (DES_cblock * key)" +.PP +Check if the key have correct parity. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP key to check the parity. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success, 0 on failure. +.RE +.PP + +.SS "void DES_ecb3_encrypt (DES_cblock * input, DES_cblock * output, DES_key_schedule * ks1, DES_key_schedule * ks2, DES_key_schedule * ks3, int encp)" +.PP +Encrypt/decrypt a block using triple DES using EDE mode, encrypt/decrypt/encrypt. +.PP +\fBParameters:\fP +.RS 4 +\fIinput\fP data to encrypt +.br +\fIoutput\fP data to encrypt +.br +\fIks1\fP key schedule to use +.br +\fIks2\fP key schedule to use +.br +\fIks3\fP key schedule to use +.br +\fIencp\fP if non zero, encrypt. if zero, decrypt. +.RE +.PP + +.SS "void DES_ecb_encrypt (DES_cblock * input, DES_cblock * output, DES_key_schedule * ks, int encp)" +.PP +Encrypt/decrypt a block using DES. +.PP +\fBParameters:\fP +.RS 4 +\fIinput\fP data to encrypt +.br +\fIoutput\fP data to encrypt +.br +\fIks\fP key schedule to use +.br +\fIencp\fP if non zero, encrypt. if zero, decrypt. +.RE +.PP + +.SS "void DES_ede3_cbc_encrypt (const void * in, void * out, long length, DES_key_schedule * ks1, DES_key_schedule * ks2, DES_key_schedule * ks3, DES_cblock * iv, int encp)" +.PP +Encrypt/decrypt using Triple DES in Chain Block Cipher mode (cbc). +.PP +The IV must always be diffrent for diffrent input data blocks. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP data to encrypt +.br +\fIout\fP data to encrypt +.br +\fIlength\fP length of data +.br +\fIks1\fP key schedule to use +.br +\fIks2\fP key schedule to use +.br +\fIks3\fP key schedule to use +.br +\fIiv\fP initial vector to use +.br +\fIencp\fP if non zero, encrypt. if zero, decrypt. +.RE +.PP + +.SS "void DES_encrypt (uint32_t u[2], DES_key_schedule * ks, int encp)" +.PP +Encrypt/decrypt a block using DES. Also called ECB mode +.PP +\fBParameters:\fP +.RS 4 +\fIu\fP data to encrypt +.br +\fIks\fP key schedule to use +.br +\fIencp\fP if non zero, encrypt. if zero, decrypt. +.RE +.PP + +.SS "void HC_DEPRECATED DES_init_random_number_generator (DES_cblock * seed)" +.PP +Seed the random number generator. Deprecated, use \fBRAND - random number\fP +.PP +\fBParameters:\fP +.RS 4 +\fIseed\fP a seed to seed that random number generate with. +.RE +.PP + +.SS "int DES_is_weak_key (DES_cblock * key)" +.PP +Checks if the key is any of the weaks keys that makes DES attacks trival. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP key to check. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 if the key is weak, 0 otherwise. +.RE +.PP + +.SS "int DES_key_sched (DES_cblock * key, DES_key_schedule * ks)" +.PP +Compatibility function for eay libdes, works just like \fBDES_set_key_checked()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP a key to initialize the key schedule with. +.br +\fIks\fP a key schedule to initialize. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, -1 on invalid parity, -2 on weak key. +.RE +.PP + +.SS "int HC_DEPRECATED DES_new_random_key (DES_cblock * key)" +.PP +Generate a random des key using a random block, fixup parity and skip weak keys. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP is set to a random key. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, non zero on random number generator failure. +.RE +.PP + +.SS "void DES_pcbc_encrypt (const void * in, void * out, long length, DES_key_schedule * ks, DES_cblock * iv, int encp)" +.PP +Encrypt/decrypt a block using DES in Propagating Cipher Block Chaining mode. This mode is only used for Kerberos 4, and it should stay that way. +.PP +The IV must always be diffrent for diffrent input data blocks. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP data to encrypt +.br +\fIout\fP data to encrypt +.br +\fIlength\fP length of data +.br +\fIks\fP key schedule to use +.br +\fIiv\fP initial vector to use +.br +\fIencp\fP if non zero, encrypt. if zero, decrypt. +.RE +.PP + +.SS "void HC_DEPRECATED DES_random_key (DES_cblock * key)" +.PP +Generate a random key, deprecated since it doesn't return an error code, use \fBDES_new_random_key()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP is set to a random key. +.RE +.PP + +.SS "int HC_DEPRECATED DES_set_key (DES_cblock * key, DES_key_schedule * ks)" +.PP +Setup a des key schedule from a key. Deprecated function, use \fBDES_set_key_unchecked()\fP or \fBDES_set_key_checked()\fP instead. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP a key to initialize the key schedule with. +.br +\fIks\fP a key schedule to initialize. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success +.RE +.PP + +.SS "int DES_set_key_checked (DES_cblock * key, DES_key_schedule * ks)" +.PP +Just like \fBDES_set_key_unchecked()\fP except checking that the key is not weak for or have correct parity. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP a key to initialize the key schedule with. +.br +\fIks\fP a key schedule to initialize. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, -1 on invalid parity, -2 on weak key. +.RE +.PP + +.SS "int DES_set_key_unchecked (DES_cblock * key, DES_key_schedule * ks)" +.PP +Setup a des key schedule from a key. The key is no longer needed after this transaction and can cleared. +.PP +Does NOT check that the key is weak for or have wrong parity. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP a key to initialize the key schedule with. +.br +\fIks\fP a key schedule to initialize. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success +.RE +.PP + +.SS "void DES_set_odd_parity (DES_cblock * key)" +.PP +Set the parity of the key block, used to generate a des key from a random key. See \fBDES key generation\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP key to fixup the parity for. +.RE +.PP + +.SS "void DES_string_to_key (const char * str, DES_cblock * key)" +.PP +Convert a string to a DES key. Use something like \fBPKCS5_PBKDF2_HMAC_SHA1()\fP to create key from passwords. +.PP +\fBParameters:\fP +.RS 4 +\fIstr\fP The string to convert to a key +.br +\fIkey\fP the resulting key +.RE +.PP + diff --git a/doc/doxyout/hcrypto/man/man3/hcrypto_dh.3 b/doc/doxyout/hcrypto/man/man3/hcrypto_dh.3 new file mode 100644 index 000000000000..a1de3e2edff9 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/hcrypto_dh.3 @@ -0,0 +1,310 @@ +.TH "Diffie-Hellman functions" 3 "30 Jul 2011" "Version 1.5" "Heimdal crypto library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Diffie-Hellman functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "const DH_METHOD * \fBDH_ltm_method\fP (void)" +.br +.ti -1c +.RI "DH * \fBDH_new\fP (void)" +.br +.ti -1c +.RI "DH * \fBDH_new_method\fP (ENGINE *engine)" +.br +.ti -1c +.RI "void \fBDH_free\fP (DH *dh)" +.br +.ti -1c +.RI "int \fBDH_up_ref\fP (DH *dh)" +.br +.ti -1c +.RI "int \fBDH_size\fP (const DH *dh)" +.br +.ti -1c +.RI "int \fBDH_set_ex_data\fP (DH *dh, int idx, void *data)" +.br +.ti -1c +.RI "void * \fBDH_get_ex_data\fP (DH *dh, int idx)" +.br +.ti -1c +.RI "int \fBDH_generate_parameters_ex\fP (DH *dh, int prime_len, int generator, BN_GENCB *cb)" +.br +.ti -1c +.RI "int \fBDH_check_pubkey\fP (const DH *dh, const BIGNUM *pub_key, int *codes)" +.br +.ti -1c +.RI "int \fBDH_generate_key\fP (DH *dh)" +.br +.ti -1c +.RI "int \fBDH_compute_key\fP (unsigned char *shared_key, const BIGNUM *peer_pub_key, DH *dh)" +.br +.ti -1c +.RI "int \fBDH_set_method\fP (DH *dh, const DH_METHOD *method)" +.br +.ti -1c +.RI "const DH_METHOD * \fBDH_null_method\fP (void)" +.br +.ti -1c +.RI "void \fBDH_set_default_method\fP (const DH_METHOD *meth)" +.br +.ti -1c +.RI "const DH_METHOD * \fBDH_get_default_method\fP (void)" +.br +.in -1c +.SH "Detailed Description" +.PP +See the \fBDH - Diffie-Hellman key exchange\fP for description and examples. +.SH "Function Documentation" +.PP +.SS "int DH_check_pubkey (const DH * dh, const BIGNUM * pub_key, int * codes)" +.PP +Check that the public key is sane. +.PP +\fBParameters:\fP +.RS 4 +\fIdh\fP the local peer DH parameters. +.br +\fIpub_key\fP the remote peer public key parameters. +.br +\fIcodes\fP return that the failures of the pub_key are. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success, 0 on failure and *codes is set the the combined fail check for the public key +.RE +.PP + +.PP +Checks that the function performs are: +.IP "\(bu" 2 +pub_key is not negative +.PP +.PP +.IP "\(bu" 2 +pub_key > 1 and pub_key < p - 1, to avoid small subgroups attack. +.PP +.PP +.IP "\(bu" 2 +if g == 2, pub_key have more then one bit set, if bits set is 1, log_2(pub_key) is trival +.PP + +.SS "int DH_compute_key (unsigned char * shared_key, const BIGNUM * peer_pub_key, DH * dh)" +.PP +Complute the shared secret key. +.PP +\fBParameters:\fP +.RS 4 +\fIshared_key\fP the resulting shared key, need to be at least \fBDH_size()\fP large. +.br +\fIpeer_pub_key\fP the peer's public key. +.br +\fIdh\fP the dh key pair. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.PP +Checks that the pubkey passed in is valid using \fBDH_check_pubkey()\fP. +.SS "void DH_free (DH * dh)" +.PP +Free a DH object and release related resources, like ENGINE, that the object was using. +.PP +\fBParameters:\fP +.RS 4 +\fIdh\fP object to be freed. +.RE +.PP + +.SS "int DH_generate_key (DH * dh)" +.PP +Generate a new DH private-public key pair. The dh parameter must be allocted first with \fBDH_new()\fP. dh->p and dp->g must be set. +.PP +\fBParameters:\fP +.RS 4 +\fIdh\fP dh parameter. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.SS "int DH_generate_parameters_ex (DH * dh, int prime_len, int generator, BN_GENCB * cb)" +.PP +Generate DH parameters for the DH object give parameters. +.PP +\fBParameters:\fP +.RS 4 +\fIdh\fP The DH object to generate parameters for. +.br +\fIprime_len\fP length of the prime +.br +\fIgenerator\fP generator, g +.br +\fIcb\fP Callback parameters to show progress, can be NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +the maximum size in bytes of the out data. +.RE +.PP + +.SS "const DH_METHOD* DH_get_default_method (void)" +.PP +Return the default DH implementation. +.PP +\fBReturns:\fP +.RS 4 +pointer to a DH_METHOD. +.RE +.PP + +.SS "void* DH_get_ex_data (DH * dh, int idx)" +.PP +Get the data for index idx in the DH object. +.PP +\fBParameters:\fP +.RS 4 +\fIdh\fP DH object. +.br +\fIidx\fP index to get the data for. +.RE +.PP +\fBReturns:\fP +.RS 4 +the object store in index idx +.RE +.PP + +.SS "const DH_METHOD* DH_ltm_method (void)" +.PP +DH implementation using libtommath. +.PP +\fBReturns:\fP +.RS 4 +the DH_METHOD for the DH implementation using libtommath. +.RE +.PP + +.SS "DH* DH_new (void)" +.PP +Create a new DH object using DH_new_method(NULL), see \fBDH_new_method()\fP. +.PP +\fBReturns:\fP +.RS 4 +a newly allocated DH object. +.RE +.PP + +.SS "DH* DH_new_method (ENGINE * engine)" +.PP +Create a new DH object from the given engine, if the NULL is used, the default engine is used. Free the DH object with \fBDH_free()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIengine\fP The engine to use to allocate the DH object. +.RE +.PP +\fBReturns:\fP +.RS 4 +a newly allocated DH object. +.RE +.PP + +.SS "const DH_METHOD* DH_null_method (void)" +.PP +Return the dummy DH implementation. +.PP +\fBReturns:\fP +.RS 4 +pointer to a DH_METHOD. +.RE +.PP + +.SS "void DH_set_default_method (const DH_METHOD * meth)" +.PP +Set the default DH implementation. +.PP +\fBParameters:\fP +.RS 4 +\fImeth\fP pointer to a DH_METHOD. +.RE +.PP + +.SS "int DH_set_ex_data (DH * dh, int idx, void * data)" +.PP +Set the data index idx in the DH object to data. +.PP +\fBParameters:\fP +.RS 4 +\fIdh\fP DH object. +.br +\fIidx\fP index to set the data for. +.br +\fIdata\fP data to store for the index idx. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.SS "int DH_set_method (DH * dh, const DH_METHOD * method)" +.PP +Set a new method for the DH keypair. +.PP +\fBParameters:\fP +.RS 4 +\fIdh\fP dh parameter. +.br +\fImethod\fP the new method for the DH parameter. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.SS "int DH_size (const DH * dh)" +.PP +The maximum output size of the \fBDH_compute_key()\fP function. +.PP +\fBParameters:\fP +.RS 4 +\fIdh\fP The DH object to get the size from. +.RE +.PP +\fBReturns:\fP +.RS 4 +the maximum size in bytes of the out data. +.RE +.PP + +.SS "int DH_up_ref (DH * dh)" +.PP +Add a reference to the DH object. The object should be free with \fBDH_free()\fP to drop the reference. +.PP +\fBParameters:\fP +.RS 4 +\fIdh\fP the object to increase the reference count too. +.RE +.PP +\fBReturns:\fP +.RS 4 +the updated reference count, can't safely be used except for debug printing. +.RE +.PP + diff --git a/doc/doxyout/hcrypto/man/man3/hcrypto_evp.3 b/doc/doxyout/hcrypto/man/man3/hcrypto_evp.3 new file mode 100644 index 000000000000..692c96b94df1 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/hcrypto_evp.3 @@ -0,0 +1,1299 @@ +.TH "EVP generic crypto functions" 3 "30 Jul 2011" "Version 1.5" "Heimdal crypto library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +EVP generic crypto functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_wincrypt_des_ede3_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_aes_128_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_aes_192_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_aes_256_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_aes_128_cfb8\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_aes_192_cfb8\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_aes_256_cfb8\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_hcrypto_sha256\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_hcrypto_sha384\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_hcrypto_sha512\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_hcrypto_sha1\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_hcrypto_md5\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_hcrypto_md4\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_hcrypto_md2\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_des_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_des_ede3_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_rc2_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_rc2_40_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_rc2_64_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_camellia_128_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_camellia_192_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_hcrypto_camellia_256_cbc\fP (void)" +.br +.ti -1c +.RI "size_t \fBEVP_MD_size\fP (const EVP_MD *md)" +.br +.ti -1c +.RI "size_t \fBEVP_MD_block_size\fP (const EVP_MD *md)" +.br +.ti -1c +.RI "EVP_MD_CTX * \fBEVP_MD_CTX_create\fP (void)" +.br +.ti -1c +.RI "void \fBEVP_MD_CTX_init\fP (EVP_MD_CTX *ctx) HC_DEPRECATED" +.br +.ti -1c +.RI "void \fBEVP_MD_CTX_destroy\fP (EVP_MD_CTX *ctx)" +.br +.ti -1c +.RI "int \fBEVP_MD_CTX_cleanup\fP (EVP_MD_CTX *ctx) HC_DEPRECATED" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_MD_CTX_md\fP (EVP_MD_CTX *ctx)" +.br +.ti -1c +.RI "size_t \fBEVP_MD_CTX_size\fP (EVP_MD_CTX *ctx)" +.br +.ti -1c +.RI "size_t \fBEVP_MD_CTX_block_size\fP (EVP_MD_CTX *ctx)" +.br +.ti -1c +.RI "int \fBEVP_DigestInit_ex\fP (EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine)" +.br +.ti -1c +.RI "int \fBEVP_DigestUpdate\fP (EVP_MD_CTX *ctx, const void *data, size_t size)" +.br +.ti -1c +.RI "int \fBEVP_DigestFinal_ex\fP (EVP_MD_CTX *ctx, void *hash, unsigned int *size)" +.br +.ti -1c +.RI "int \fBEVP_Digest\fP (const void *data, size_t dsize, void *hash, unsigned int *hsize, const EVP_MD *md, ENGINE *engine)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_sha256\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_sha384\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_sha512\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_sha1\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_sha\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_md5\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_md4\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_md2\fP (void)" +.br +.ti -1c +.RI "const EVP_MD * \fBEVP_md_null\fP (void)" +.br +.ti -1c +.RI "size_t \fBEVP_CIPHER_block_size\fP (const EVP_CIPHER *c)" +.br +.ti -1c +.RI "size_t \fBEVP_CIPHER_key_length\fP (const EVP_CIPHER *c)" +.br +.ti -1c +.RI "size_t \fBEVP_CIPHER_iv_length\fP (const EVP_CIPHER *c)" +.br +.ti -1c +.RI "void \fBEVP_CIPHER_CTX_init\fP (EVP_CIPHER_CTX *c)" +.br +.ti -1c +.RI "int \fBEVP_CIPHER_CTX_cleanup\fP (EVP_CIPHER_CTX *c)" +.br +.ti -1c +.RI "int \fBEVP_CIPHER_CTX_set_key_length\fP (EVP_CIPHER_CTX *c, int length)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_CIPHER_CTX_cipher\fP (EVP_CIPHER_CTX *ctx)" +.br +.ti -1c +.RI "size_t \fBEVP_CIPHER_CTX_block_size\fP (const EVP_CIPHER_CTX *ctx)" +.br +.ti -1c +.RI "size_t \fBEVP_CIPHER_CTX_key_length\fP (const EVP_CIPHER_CTX *ctx)" +.br +.ti -1c +.RI "size_t \fBEVP_CIPHER_CTX_iv_length\fP (const EVP_CIPHER_CTX *ctx)" +.br +.ti -1c +.RI "unsigned long \fBEVP_CIPHER_CTX_flags\fP (const EVP_CIPHER_CTX *ctx)" +.br +.ti -1c +.RI "int \fBEVP_CIPHER_CTX_mode\fP (const EVP_CIPHER_CTX *ctx)" +.br +.ti -1c +.RI "void * \fBEVP_CIPHER_CTX_get_app_data\fP (EVP_CIPHER_CTX *ctx)" +.br +.ti -1c +.RI "void \fBEVP_CIPHER_CTX_set_app_data\fP (EVP_CIPHER_CTX *ctx, void *data)" +.br +.ti -1c +.RI "int \fBEVP_CipherInit_ex\fP (EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine, const void *key, const void *iv, int encp)" +.br +.ti -1c +.RI "int \fBEVP_CipherUpdate\fP (EVP_CIPHER_CTX *ctx, void *out, int *outlen, void *in, size_t inlen)" +.br +.ti -1c +.RI "int \fBEVP_CipherFinal_ex\fP (EVP_CIPHER_CTX *ctx, void *out, int *outlen)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_enc_null\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_rc2_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_rc2_40_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_rc2_64_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_rc4\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_rc4_40\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_des_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_des_ede3_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_aes_128_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_aes_192_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_aes_256_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_aes_128_cfb8\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_aes_192_cfb8\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_aes_256_cfb8\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_camellia_128_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_camellia_192_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_camellia_256_cbc\fP (void)" +.br +.ti -1c +.RI "const EVP_CIPHER * \fBEVP_get_cipherbyname\fP (const char *name)" +.br +.ti -1c +.RI "int \fBEVP_BytesToKey\fP (const EVP_CIPHER *type, const EVP_MD *md, const void *salt, const void *data, size_t datalen, unsigned int count, void *keydata, void *ivdata)" +.br +.in -1c +.SH "Detailed Description" +.PP +See the \fBEVP - generic crypto interface\fP for description and examples. +.SH "Function Documentation" +.PP +.SS "const EVP_CIPHER* EVP_aes_128_cbc (void)" +.PP +The AES-128 cipher type +.PP +\fBReturns:\fP +.RS 4 +the AES-128 EVP_CIPHER pointer. +.RE +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBexample_evp_cipher.c\fP. +.SS "const EVP_CIPHER* EVP_aes_128_cfb8 (void)" +.PP +The AES-128 cipher type +.PP +\fBReturns:\fP +.RS 4 +the AES-128 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_aes_192_cbc (void)" +.PP +The AES-192 cipher type +.PP +\fBReturns:\fP +.RS 4 +the AES-192 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_aes_192_cfb8 (void)" +.PP +The AES-192 cipher type +.PP +\fBReturns:\fP +.RS 4 +the AES-192 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_aes_256_cbc (void)" +.PP +The AES-256 cipher type +.PP +\fBReturns:\fP +.RS 4 +the AES-256 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_aes_256_cfb8 (void)" +.PP +The AES-256 cipher type +.PP +\fBReturns:\fP +.RS 4 +the AES-256 EVP_CIPHER pointer. +.RE +.PP + +.SS "int EVP_BytesToKey (const EVP_CIPHER * type, const EVP_MD * md, const void * salt, const void * data, size_t datalen, unsigned int count, void * keydata, void * ivdata)" +.PP +Provides a legancy string to key function, used in PEM files. +.PP +New protocols should use new string to key functions like NIST SP56-800A or PKCS#5 v2.0 (see \fBPKCS5_PBKDF2_HMAC_SHA1()\fP). +.PP +\fBParameters:\fP +.RS 4 +\fItype\fP type of cipher to use +.br +\fImd\fP message digest to use +.br +\fIsalt\fP salt salt string, should be an binary 8 byte buffer. +.br +\fIdata\fP the password/input key string. +.br +\fIdatalen\fP length of data parameter. +.br +\fIcount\fP iteration counter. +.br +\fIkeydata\fP output keydata, needs to of the size \fBEVP_CIPHER_key_length()\fP. +.br +\fIivdata\fP output ivdata, needs to of the size \fBEVP_CIPHER_block_size()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +the size of derived key. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_camellia_128_cbc (void)" +.PP +The Camellia-128 cipher type +.PP +\fBReturns:\fP +.RS 4 +the Camellia-128 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_camellia_192_cbc (void)" +.PP +The Camellia-198 cipher type +.PP +\fBReturns:\fP +.RS 4 +the Camellia-198 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_camellia_256_cbc (void)" +.PP +The Camellia-256 cipher type +.PP +\fBReturns:\fP +.RS 4 +the Camellia-256 EVP_CIPHER pointer. +.RE +.PP + +.SS "size_t EVP_CIPHER_block_size (const EVP_CIPHER * c)" +.PP +Return the block size of the cipher. +.PP +\fBParameters:\fP +.RS 4 +\fIc\fP cipher to get the block size from. +.RE +.PP +\fBReturns:\fP +.RS 4 +the block size of the cipher. +.RE +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBexample_evp_cipher.c\fP. +.SS "size_t EVP_CIPHER_CTX_block_size (const EVP_CIPHER_CTX * ctx)" +.PP +Return the block size of the cipher context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP cipher context to get the block size from. +.RE +.PP +\fBReturns:\fP +.RS 4 +the block size of the cipher context. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_CIPHER_CTX_cipher (EVP_CIPHER_CTX * ctx)" +.PP +Return the EVP_CIPHER for a EVP_CIPHER_CTX context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the context to get the cipher type from. +.RE +.PP +\fBReturns:\fP +.RS 4 +the EVP_CIPHER pointer. +.RE +.PP + +.SS "int EVP_CIPHER_CTX_cleanup (EVP_CIPHER_CTX * c)" +.PP +Clean up the EVP_CIPHER_CTX context. +.PP +\fBParameters:\fP +.RS 4 +\fIc\fP the cipher to clean up. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBexample_evp_cipher.c\fP. +.SS "unsigned long EVP_CIPHER_CTX_flags (const EVP_CIPHER_CTX * ctx)" +.PP +Get the flags for an EVP_CIPHER_CTX context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the EVP_CIPHER_CTX to get the flags from +.RE +.PP +\fBReturns:\fP +.RS 4 +the flags for an EVP_CIPHER_CTX. +.RE +.PP + +.SS "void* EVP_CIPHER_CTX_get_app_data (EVP_CIPHER_CTX * ctx)" +.PP +Get the app data for an EVP_CIPHER_CTX context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the EVP_CIPHER_CTX to get the app data from +.RE +.PP +\fBReturns:\fP +.RS 4 +the app data for an EVP_CIPHER_CTX. +.RE +.PP + +.SS "void EVP_CIPHER_CTX_init (EVP_CIPHER_CTX * c)" +.PP +Initiate a EVP_CIPHER_CTX context. Clean up with \fBEVP_CIPHER_CTX_cleanup()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIc\fP the cipher initiate. +.RE +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBexample_evp_cipher.c\fP. +.SS "size_t EVP_CIPHER_CTX_iv_length (const EVP_CIPHER_CTX * ctx)" +.PP +Return the IV size of the cipher context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP cipher context to get the IV size from. +.RE +.PP +\fBReturns:\fP +.RS 4 +the IV size of the cipher context. +.RE +.PP + +.SS "size_t EVP_CIPHER_CTX_key_length (const EVP_CIPHER_CTX * ctx)" +.PP +Return the key size of the cipher context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP cipher context to get the key size from. +.RE +.PP +\fBReturns:\fP +.RS 4 +the key size of the cipher context. +.RE +.PP + +.SS "int EVP_CIPHER_CTX_mode (const EVP_CIPHER_CTX * ctx)" +.PP +Get the mode for an EVP_CIPHER_CTX context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the EVP_CIPHER_CTX to get the mode from +.RE +.PP +\fBReturns:\fP +.RS 4 +the mode for an EVP_CIPHER_CTX. +.RE +.PP + +.SS "void EVP_CIPHER_CTX_set_app_data (EVP_CIPHER_CTX * ctx, void * data)" +.PP +Set the app data for an EVP_CIPHER_CTX context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the EVP_CIPHER_CTX to set the app data for +.br +\fIdata\fP the app data to set for an EVP_CIPHER_CTX. +.RE +.PP + +.SS "int EVP_CIPHER_CTX_set_key_length (EVP_CIPHER_CTX * c, int length)" +.PP +If the cipher type supports it, change the key length +.PP +\fBParameters:\fP +.RS 4 +\fIc\fP the cipher context to change the key length for +.br +\fIlength\fP new key length +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.SS "size_t EVP_CIPHER_iv_length (const EVP_CIPHER * c)" +.PP +Return the IV size of the cipher. +.PP +\fBParameters:\fP +.RS 4 +\fIc\fP cipher to get the IV size from. +.RE +.PP +\fBReturns:\fP +.RS 4 +the IV size of the cipher. +.RE +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBexample_evp_cipher.c\fP. +.SS "size_t EVP_CIPHER_key_length (const EVP_CIPHER * c)" +.PP +Return the key size of the cipher. +.PP +\fBParameters:\fP +.RS 4 +\fIc\fP cipher to get the key size from. +.RE +.PP +\fBReturns:\fP +.RS 4 +the key size of the cipher. +.RE +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBexample_evp_cipher.c\fP. +.SS "int EVP_CipherFinal_ex (EVP_CIPHER_CTX * ctx, void * out, int * outlen)" +.PP +Encipher/decipher final data +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the cipher context. +.br +\fIout\fP output data from the operation. +.br +\fIoutlen\fP output length +.RE +.PP +The input length needs to be at least \fBEVP_CIPHER_block_size()\fP bytes long. +.PP +See \fBEVP Cipher\fP for an example how to use this function. +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBexample_evp_cipher.c\fP. +.SS "int EVP_CipherInit_ex (EVP_CIPHER_CTX * ctx, const EVP_CIPHER * c, ENGINE * engine, const void * key, const void * iv, int encp)" +.PP +Initiate the EVP_CIPHER_CTX context to encrypt or decrypt data. Clean up with \fBEVP_CIPHER_CTX_cleanup()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP context to initiate +.br +\fIc\fP cipher to use. +.br +\fIengine\fP crypto engine to use, NULL to select default. +.br +\fIkey\fP the crypto key to use, NULL will use the previous value. +.br +\fIiv\fP the IV to use, NULL will use the previous value. +.br +\fIencp\fP non zero will encrypt, -1 use the previous value. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBexample_evp_cipher.c\fP. +.SS "int EVP_CipherUpdate (EVP_CIPHER_CTX * ctx, void * out, int * outlen, void * in, size_t inlen)" +.PP +Encipher/decipher partial data +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the cipher context. +.br +\fIout\fP output data from the operation. +.br +\fIoutlen\fP output length +.br +\fIin\fP input data to the operation. +.br +\fIinlen\fP length of data. +.RE +.PP +The output buffer length should at least be \fBEVP_CIPHER_block_size()\fP byte longer then the input length. +.PP +See \fBEVP Cipher\fP for an example how to use this function. +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.PP +If there in no spare bytes in the left from last Update and the input length is on the block boundery, the \fBEVP_CipherUpdate()\fP function can take a shortcut (and preformance gain) and directly encrypt the data, otherwise we hav to fix it up and store extra it the EVP_CIPHER_CTX. +.PP +\fBExamples: \fP +.in +1c +\fBexample_evp_cipher.c\fP. +.SS "const EVP_CIPHER* EVP_des_cbc (void)" +.PP +The DES cipher type +.PP +\fBReturns:\fP +.RS 4 +the DES-CBC EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_des_ede3_cbc (void)" +.PP +The tripple DES cipher type +.PP +\fBReturns:\fP +.RS 4 +the DES-EDE3-CBC EVP_CIPHER pointer. +.RE +.PP + +.SS "int EVP_Digest (const void * data, size_t dsize, void * hash, unsigned int * hsize, const EVP_MD * md, ENGINE * engine)" +.PP +Do the whole \fBEVP_MD_CTX_create()\fP, \fBEVP_DigestInit_ex()\fP, \fBEVP_DigestUpdate()\fP, \fBEVP_DigestFinal_ex()\fP, \fBEVP_MD_CTX_destroy()\fP dance in one call. +.PP +\fBParameters:\fP +.RS 4 +\fIdata\fP the data to update the context with +.br +\fIdsize\fP length of data +.br +\fIhash\fP output data of at least \fBEVP_MD_size()\fP length. +.br +\fIhsize\fP output length of hash. +.br +\fImd\fP message digest to use +.br +\fIengine\fP engine to use, NULL for default engine. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.SS "int EVP_DigestFinal_ex (EVP_MD_CTX * ctx, void * hash, unsigned int * size)" +.PP +Complete the message digest. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the context to complete. +.br +\fIhash\fP the output of the message digest function. At least \fBEVP_MD_size()\fP. +.br +\fIsize\fP the output size of hash. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.SS "int EVP_DigestInit_ex (EVP_MD_CTX * ctx, const EVP_MD * md, ENGINE * engine)" +.PP +Init a EVP_MD_CTX for use a specific message digest and engine. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the message digest context to init. +.br +\fImd\fP the message digest to use. +.br +\fIengine\fP the engine to use, NULL to use the default engine. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.SS "int EVP_DigestUpdate (EVP_MD_CTX * ctx, const void * data, size_t size)" +.PP +Update the digest with some data. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the context to update +.br +\fIdata\fP the data to update the context with +.br +\fIsize\fP length of data +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_enc_null (void)" +.PP +The NULL cipher type, does no encryption/decryption. +.PP +\fBReturns:\fP +.RS 4 +the null EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_get_cipherbyname (const char * name)" +.PP +Get the cipher type using their name. +.PP +\fBParameters:\fP +.RS 4 +\fIname\fP the name of the cipher. +.RE +.PP +\fBReturns:\fP +.RS 4 +the selected EVP_CIPHER pointer or NULL if not found. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_aes_128_cbc (void)" +.PP +The AES-128 cipher type (hcrypto) +.PP +\fBReturns:\fP +.RS 4 +the AES-128 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_aes_128_cfb8 (void)" +.PP +The AES-128 CFB8 cipher type (hcrypto) +.PP +\fBReturns:\fP +.RS 4 +the AES-128 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_aes_192_cbc (void)" +.PP +The AES-192 cipher type (hcrypto) +.PP +\fBReturns:\fP +.RS 4 +the AES-192 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_aes_192_cfb8 (void)" +.PP +The AES-192 CFB8 cipher type (hcrypto) +.PP +\fBReturns:\fP +.RS 4 +the AES-192 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_aes_256_cbc (void)" +.PP +The AES-256 cipher type (hcrypto) +.PP +\fBReturns:\fP +.RS 4 +the AES-256 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_aes_256_cfb8 (void)" +.PP +The AES-256 CFB8 cipher type (hcrypto) +.PP +\fBReturns:\fP +.RS 4 +the AES-256 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_camellia_128_cbc (void)" +.PP +The Camellia-128 cipher type - hcrypto +.PP +\fBReturns:\fP +.RS 4 +the Camellia-128 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_camellia_192_cbc (void)" +.PP +The Camellia-198 cipher type - hcrypto +.PP +\fBReturns:\fP +.RS 4 +the Camellia-198 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_camellia_256_cbc (void)" +.PP +The Camellia-256 cipher type - hcrypto +.PP +\fBReturns:\fP +.RS 4 +the Camellia-256 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_des_cbc (void)" +.PP +The DES cipher type +.PP +\fBReturns:\fP +.RS 4 +the DES-CBC EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_des_ede3_cbc (void)" +.PP +The tripple DES cipher type - hcrypto +.PP +\fBReturns:\fP +.RS 4 +the DES-EDE3-CBC EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_MD* EVP_hcrypto_md2 (void)" +.PP +The message digest MD2 - hcrypto +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_MD* EVP_hcrypto_md4 (void)" +.PP +The message digest MD4 - hcrypto +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_MD* EVP_hcrypto_md5 (void)" +.PP +The message digest MD5 - hcrypto +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_rc2_40_cbc (void)" +.PP +The RC2-40 cipher type +.PP +\fBReturns:\fP +.RS 4 +the RC2-40 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_rc2_64_cbc (void)" +.PP +The RC2-64 cipher type +.PP +\fBReturns:\fP +.RS 4 +the RC2-64 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_hcrypto_rc2_cbc (void)" +.PP +The RC2 cipher type - hcrypto +.PP +\fBReturns:\fP +.RS 4 +the RC2 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_MD* EVP_hcrypto_sha1 (void)" +.PP +The message digest SHA1 - hcrypto +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_MD* EVP_hcrypto_sha256 (void)" +.PP +The message digest SHA256 - hcrypto +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_MD* EVP_hcrypto_sha384 (void)" +.PP +The message digest SHA384 - hcrypto +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_MD* EVP_hcrypto_sha512 (void)" +.PP +The message digest SHA512 - hcrypto +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_MD* EVP_md2 (void)" +.PP +The message digest MD2 +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_MD* EVP_md4 (void)" +.PP +The message digest MD4 +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_MD* EVP_md5 (void)" +.PP +The message digest MD5 +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "size_t EVP_MD_block_size (const EVP_MD * md)" +.PP +Return the blocksize of the message digest function. +.PP +\fBParameters:\fP +.RS 4 +\fImd\fP the evp message +.RE +.PP +\fBReturns:\fP +.RS 4 +size size of the message digest block size +.RE +.PP + +.SS "size_t EVP_MD_CTX_block_size (EVP_MD_CTX * ctx)" +.PP +Return the blocksize of the message digest function. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the evp message digest context +.RE +.PP +\fBReturns:\fP +.RS 4 +size size of the message digest block size +.RE +.PP + +.SS "int EVP_MD_CTX_cleanup (EVP_MD_CTX * ctx)" +.PP +Free the resources used by the EVP_MD context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the context to free the resources from. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.SS "EVP_MD_CTX* EVP_MD_CTX_create (void)" +.PP +Allocate a messsage digest context object. Free with \fBEVP_MD_CTX_destroy()\fP. +.PP +\fBReturns:\fP +.RS 4 +a newly allocated message digest context object. +.RE +.PP + +.SS "void EVP_MD_CTX_destroy (EVP_MD_CTX * ctx)" +.PP +Free a messsage digest context object. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP context to free. +.RE +.PP + +.SS "void EVP_MD_CTX_init (EVP_MD_CTX * ctx)" +.PP +Initiate a messsage digest context object. Deallocate with \fBEVP_MD_CTX_cleanup()\fP. Please use \fBEVP_MD_CTX_create()\fP instead. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP variable to initiate. +.RE +.PP + +.SS "const EVP_MD* EVP_MD_CTX_md (EVP_MD_CTX * ctx)" +.PP +Get the EVP_MD use for a specified context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the EVP_MD context to get the EVP_MD for. +.RE +.PP +\fBReturns:\fP +.RS 4 +the EVP_MD used for the context. +.RE +.PP + +.SS "size_t EVP_MD_CTX_size (EVP_MD_CTX * ctx)" +.PP +Return the output size of the message digest function. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the evp message digest context +.RE +.PP +\fBReturns:\fP +.RS 4 +size output size of the message digest function. +.RE +.PP + +.SS "const EVP_MD* EVP_md_null (void)" +.PP +The null message digest +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "size_t EVP_MD_size (const EVP_MD * md)" +.PP +Return the output size of the message digest function. +.PP +\fBParameters:\fP +.RS 4 +\fImd\fP the evp message +.RE +.PP +\fBReturns:\fP +.RS 4 +size output size of the message digest function. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_rc2_40_cbc (void)" +.PP +The RC2 cipher type +.PP +\fBReturns:\fP +.RS 4 +the RC2 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_rc2_64_cbc (void)" +.PP +The RC2 cipher type +.PP +\fBReturns:\fP +.RS 4 +the RC2 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_rc2_cbc (void)" +.PP +The RC2 cipher type +.PP +\fBReturns:\fP +.RS 4 +the RC2 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_rc4 (void)" +.PP +The RC4 cipher type +.PP +\fBReturns:\fP +.RS 4 +the RC4 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_rc4_40 (void)" +.PP +The RC4-40 cipher type +.PP +\fBReturns:\fP +.RS 4 +the RC4-40 EVP_CIPHER pointer. +.RE +.PP + +.SS "const EVP_MD* EVP_sha (void)" +.PP +The message digest SHA1 +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_MD* EVP_sha1 (void)" +.PP +The message digest SHA1 +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_MD* EVP_sha256 (void)" +.PP +The message digest SHA256 +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_MD* EVP_sha384 (void)" +.PP +The message digest SHA384 +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_MD* EVP_sha512 (void)" +.PP +The message digest SHA512 +.PP +\fBReturns:\fP +.RS 4 +the message digest type. +.RE +.PP + +.SS "const EVP_CIPHER* EVP_wincrypt_des_ede3_cbc (void)" +.PP +The tripple DES cipher type (Micrsoft crypt provider) +.PP +\fBReturns:\fP +.RS 4 +the DES-EDE3-CBC EVP_CIPHER pointer. +.RE +.PP + diff --git a/doc/doxyout/hcrypto/man/man3/hcrypto_misc.3 b/doc/doxyout/hcrypto/man/man3/hcrypto_misc.3 new file mode 100644 index 000000000000..aba77a47a4a5 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/hcrypto_misc.3 @@ -0,0 +1,44 @@ +.TH "hcrypto miscellaneous functions" 3 "30 Jul 2011" "Version 1.5" "Heimdal crypto library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hcrypto miscellaneous functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBPKCS5_PBKDF2_HMAC_SHA1\fP (const void *password, size_t password_len, const void *salt, size_t salt_len, unsigned long iter, size_t keylen, void *key)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "int PKCS5_PBKDF2_HMAC_SHA1 (const void * password, size_t password_len, const void * salt, size_t salt_len, unsigned long iter, size_t keylen, void * key)" +.PP +As descriped in PKCS5, convert a password, salt, and iteration counter into a crypto key. +.PP +\fBParameters:\fP +.RS 4 +\fIpassword\fP Password. +.br +\fIpassword_len\fP Length of password. +.br +\fIsalt\fP Salt +.br +\fIsalt_len\fP Length of salt. +.br +\fIiter\fP iteration counter. +.br +\fIkeylen\fP the output key length. +.br +\fIkey\fP the output key. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success, non 1 on failure. +.RE +.PP + diff --git a/doc/doxyout/hcrypto/man/man3/hcrypto_rand.3 b/doc/doxyout/hcrypto/man/man3/hcrypto_rand.3 new file mode 100644 index 000000000000..d269c4a3043a --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/hcrypto_rand.3 @@ -0,0 +1,200 @@ +.TH "RAND crypto functions" 3 "30 Jul 2011" "Version 1.5" "Heimdal crypto library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +RAND crypto functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "void \fBRAND_seed\fP (const void *indata, size_t size)" +.br +.ti -1c +.RI "int \fBRAND_bytes\fP (void *outdata, size_t size)" +.br +.ti -1c +.RI "void \fBRAND_cleanup\fP (void)" +.br +.ti -1c +.RI "void \fBRAND_add\fP (const void *indata, size_t size, double entropi)" +.br +.ti -1c +.RI "int \fBRAND_pseudo_bytes\fP (void *outdata, size_t size)" +.br +.ti -1c +.RI "int \fBRAND_status\fP (void)" +.br +.ti -1c +.RI "int \fBRAND_set_rand_method\fP (const RAND_METHOD *meth)" +.br +.ti -1c +.RI "const RAND_METHOD * \fBRAND_get_rand_method\fP (void)" +.br +.ti -1c +.RI "int \fBRAND_set_rand_engine\fP (ENGINE *engine)" +.br +.ti -1c +.RI "int \fBRAND_load_file\fP (const char *filename, size_t size)" +.br +.ti -1c +.RI "int \fBRAND_write_file\fP (const char *filename)" +.br +.ti -1c +.RI "const char * \fBRAND_file_name\fP (char *filename, size_t size)" +.br +.in -1c +.SH "Detailed Description" +.PP +See the \fBRAND - random number\fP for description and examples. +.SH "Function Documentation" +.PP +.SS "void RAND_add (const void * indata, size_t size, double entropi)" +.PP +Seed that random number generator. Secret material can securely be feed into the function, they will never be returned. +.PP +\fBParameters:\fP +.RS 4 +\fIindata\fP the input data. +.br +\fIsize\fP size of in data. +.br +\fIentropi\fP entropi in data. +.RE +.PP + +.SS "int RAND_bytes (void * outdata, size_t size)" +.PP +Get a random block from the random generator, can be used for key material. +.PP +\fBParameters:\fP +.RS 4 +\fIoutdata\fP random data +.br +\fIsize\fP length random data +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success, 0 on failure. +.RE +.PP + +.SS "void RAND_cleanup (void)" +.PP +Reset and free memory used by the random generator. +.SS "const char* RAND_file_name (char * filename, size_t size)" +.PP +Return the default random state filename for a user to use for \fBRAND_load_file()\fP, and \fBRAND_write_file()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIfilename\fP buffer to hold file name. +.br +\fIsize\fP size of buffer filename. +.RE +.PP +\fBReturns:\fP +.RS 4 +the buffer filename or NULL on failure. +.RE +.PP + +.SS "const RAND_METHOD* RAND_get_rand_method (void)" +.PP +Get the default random method. +.SS "int RAND_load_file (const char * filename, size_t size)" +.PP +Load a a file and feed it into \fBRAND_seed()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIfilename\fP name of file to read. +.br +\fIsize\fP minimum size to read. +.RE +.PP + +.SS "int RAND_pseudo_bytes (void * outdata, size_t size)" +.PP +Get a random block from the random generator, should NOT be used for key material. +.PP +\fBParameters:\fP +.RS 4 +\fIoutdata\fP random data +.br +\fIsize\fP length random data +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success, 0 on failure. +.RE +.PP + +.SS "void RAND_seed (const void * indata, size_t size)" +.PP +Seed that random number generator. Secret material can securely be feed into the function, they will never be returned. +.PP +\fBParameters:\fP +.RS 4 +\fIindata\fP seed data +.br +\fIsize\fP length seed data +.RE +.PP + +.SS "int RAND_set_rand_engine (ENGINE * engine)" +.PP +Set the default random method from engine. +.PP +\fBParameters:\fP +.RS 4 +\fIengine\fP use engine, if NULL is passed it, old method and engine is cleared. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success, 0 on failure. +.RE +.PP + +.SS "int RAND_set_rand_method (const RAND_METHOD * meth)" +.PP +Set the default random method. +.PP +\fBParameters:\fP +.RS 4 +\fImeth\fP set the new default method. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.SS "int RAND_status (void)" +.PP +Return status of the random generator +.PP +\fBReturns:\fP +.RS 4 +1 if the random generator can deliver random data. +.RE +.PP + +.SS "int RAND_write_file (const char * filename)" +.PP +Write of random numbers to a file to store for later initiation with \fBRAND_load_file()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIfilename\fP name of file to write. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success and non-one on failure. +.RE +.PP + diff --git a/doc/doxyout/hcrypto/man/man3/hcrypto_rsa.3 b/doc/doxyout/hcrypto/man/man3/hcrypto_rsa.3 new file mode 100644 index 000000000000..5622e9ea0fff --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/hcrypto_rsa.3 @@ -0,0 +1,152 @@ +.TH "RSA functions" 3 "30 Jul 2011" "Version 1.5" "Heimdal crypto library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +RSA functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "RSA * \fBRSA_new\fP (void)" +.br +.ti -1c +.RI "RSA * \fBRSA_new_method\fP (ENGINE *engine)" +.br +.ti -1c +.RI "void \fBRSA_free\fP (RSA *rsa)" +.br +.ti -1c +.RI "int \fBRSA_up_ref\fP (RSA *rsa)" +.br +.ti -1c +.RI "const RSA_METHOD * \fBRSA_get_method\fP (const RSA *rsa)" +.br +.ti -1c +.RI "int \fBRSA_set_method\fP (RSA *rsa, const RSA_METHOD *method)" +.br +.ti -1c +.RI "int \fBRSA_set_app_data\fP (RSA *rsa, void *arg)" +.br +.ti -1c +.RI "void * \fBRSA_get_app_data\fP (const RSA *rsa)" +.br +.in -1c +.SH "Detailed Description" +.PP +See the \fBRSA - public-key cryptography\fP for description and examples. +.SH "Function Documentation" +.PP +.SS "void RSA_free (RSA * rsa)" +.PP +Free an allocation RSA object. +.PP +\fBParameters:\fP +.RS 4 +\fIrsa\fP the RSA object to free. +.RE +.PP + +.SS "void* RSA_get_app_data (const RSA * rsa)" +.PP +Get the application data for the RSA object. +.PP +\fBParameters:\fP +.RS 4 +\fIrsa\fP the rsa object to get the parameter for +.RE +.PP +\fBReturns:\fP +.RS 4 +the data object +.RE +.PP + +.SS "const RSA_METHOD* RSA_get_method (const RSA * rsa)" +.PP +Return the RSA_METHOD used for this RSA object. +.PP +\fBParameters:\fP +.RS 4 +\fIrsa\fP the object to get the method from. +.RE +.PP +\fBReturns:\fP +.RS 4 +the method used for this RSA object. +.RE +.PP + +.SS "RSA* RSA_new (void)" +.PP +Same as \fBRSA_new_method()\fP using NULL as engine. +.PP +\fBReturns:\fP +.RS 4 +a newly allocated RSA object. Free with \fBRSA_free()\fP. +.RE +.PP + +.SS "RSA* RSA_new_method (ENGINE * engine)" +.PP +Allocate a new RSA object using the engine, if NULL is specified as the engine, use the default RSA engine as returned by ENGINE_get_default_RSA(). +.PP +\fBParameters:\fP +.RS 4 +\fIengine\fP Specific what ENGINE RSA provider should be used. +.RE +.PP +\fBReturns:\fP +.RS 4 +a newly allocated RSA object. Free with \fBRSA_free()\fP. +.RE +.PP + +.SS "int RSA_set_app_data (RSA * rsa, void * arg)" +.PP +Set the application data for the RSA object. +.PP +\fBParameters:\fP +.RS 4 +\fIrsa\fP the rsa object to set the parameter for +.br +\fIarg\fP the data object to store +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.SS "int RSA_set_method (RSA * rsa, const RSA_METHOD * method)" +.PP +Set a new method for the RSA keypair. +.PP +\fBParameters:\fP +.RS 4 +\fIrsa\fP rsa parameter. +.br +\fImethod\fP the new method for the RSA parameter. +.RE +.PP +\fBReturns:\fP +.RS 4 +1 on success. +.RE +.PP + +.SS "int RSA_up_ref (RSA * rsa)" +.PP +Add an extra reference to the RSA object. The object should be free with \fBRSA_free()\fP to drop the reference. +.PP +\fBParameters:\fP +.RS 4 +\fIrsa\fP the object to add reference counting too. +.RE +.PP +\fBReturns:\fP +.RS 4 +the current reference count, can't safely be used except for debug printing. +.RE +.PP + diff --git a/doc/doxyout/hcrypto/man/man3/page_des.3 b/doc/doxyout/hcrypto/man/man3/page_des.3 new file mode 100644 index 000000000000..b1810a976e1b --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/page_des.3 @@ -0,0 +1,35 @@ +.TH "page_des" 3 "30 Jul 2011" "Version 1.5" "Heimdal crypto library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_des \- DES - Data Encryption Standard crypto interface +See the library functions here: \fBDES crypto functions\fP +.PP +DES was created by IBM, modififed by NSA and then adopted by NBS (now NIST) and published ad FIPS PUB 46 (updated by FIPS 46-1). +.PP +Since the 19th May 2005 DES was withdrawn by NIST and should no longer be used. See \fBEVP - generic crypto interface\fP for replacement encryption algorithms and interfaces. +.PP +Read more the iteresting history of DES on Wikipedia http://www.wikipedia.org/wiki/Data_Encryption_Standard . +.SH "DES key generation" +.PP +To generate a DES key safely you have to use the code-snippet below. This is because the \fBDES_random_key()\fP can fail with an abort() in case of and failure to start the random generator. +.PP +There is a replacement function \fBDES_new_random_key()\fP, however that function does not exists in OpenSSL. +.PP +.PP +.nf + DES_cblock key; + do { + if (RAND_rand(&key, sizeof(key)) != 1) + goto failure; + DES_set_odd_parity(key); + } while (DES_is_weak_key(&key)); +.fi +.PP +.SH "DES implementation history" +.PP +There was no complete BSD licensed, fast, GPL compatible implementation of DES, so Love wrote the part that was missing, fast key schedule setup and adapted the interface to the orignal libdes. +.PP +The document that got me started for real was 'Efficient Implementation of the Data Encryption Standard' by Dag Arne Osvik. I never got to the PC1 transformation was working, instead I used table-lookup was used for all key schedule setup. The document was very useful since it de-mystified other implementations for me. +.PP +The core DES function (SBOX + P transformation) is from Richard Outerbridge public domain DES implementation. My sanity is saved thanks to his work. Thank you Richard. diff --git a/doc/doxyout/hcrypto/man/man3/page_dh.3 b/doc/doxyout/hcrypto/man/man3/page_dh.3 new file mode 100644 index 000000000000..4dbfb4e16a56 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/page_dh.3 @@ -0,0 +1,10 @@ +.TH "page_dh" 3 "30 Jul 2011" "Version 1.5" "Heimdal crypto library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_dh \- DH - Diffie-Hellman key exchange +Diffie-Hellman key exchange is a protocol that allows two parties to establish a shared secret key. +.PP +Include and example how to use \fBDH_new()\fP and friends here. +.PP +See the library functions here: \fBDiffie-Hellman functions\fP diff --git a/doc/doxyout/hcrypto/man/man3/page_evp.3 b/doc/doxyout/hcrypto/man/man3/page_evp.3 new file mode 100644 index 000000000000..6714c903d509 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/page_evp.3 @@ -0,0 +1,9 @@ +.TH "page_evp" 3 "30 Jul 2011" "Version 1.5" "Heimdal crypto library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_evp \- EVP - generic crypto interface +See the library functions here: \fBEVP generic crypto functions\fP +.SH "EVP Cipher" +.PP +The use of \fBEVP_CipherInit_ex()\fP and EVP_Cipher() is pretty easy to understand forward, then \fBEVP_CipherUpdate()\fP and \fBEVP_CipherFinal_ex()\fP really needs an example to explain \fBexample_evp_cipher::c\fP . diff --git a/doc/doxyout/hcrypto/man/man3/page_rand.3 b/doc/doxyout/hcrypto/man/man3/page_rand.3 new file mode 100644 index 000000000000..bc6b4433b3c5 --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/page_rand.3 @@ -0,0 +1,6 @@ +.TH "page_rand" 3 "30 Jul 2011" "Version 1.5" "Heimdal crypto library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_rand \- RAND - random number +See the library functions here: \fBRAND crypto functions\fP diff --git a/doc/doxyout/hcrypto/man/man3/page_rsa.3 b/doc/doxyout/hcrypto/man/man3/page_rsa.3 new file mode 100644 index 000000000000..401184d978fd --- /dev/null +++ b/doc/doxyout/hcrypto/man/man3/page_rsa.3 @@ -0,0 +1,12 @@ +.TH "page_rsa" 3 "30 Jul 2011" "Version 1.5" "Heimdal crypto library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_rsa \- RSA - public-key cryptography +RSA is named by its inventors (Ron Rivest, Adi Shamir, and Leonard Adleman) (published in 1977), patented expired in 21 September 2000. +.PP +Speed for RSA in seconds no key blinding 1000 iteration, same rsa keys (1024 and 2048) operation performed each eteration sign, verify, encrypt, decrypt on a random bit pattern +.PP +name 1024 2048 4098 ================================= gmp: 0.73 6.60 44.80 tfm: 2.45 -- -- ltm: 3.79 20.74 105.41 (default in hcrypto) openssl: 4.04 11.90 82.59 cdsa: 15.89 102.89 721.40 imath: 40.62 -- -- +.PP +See the library functions here: \fBRSA functions\fP diff --git a/doc/doxyout/hcrypto/manpages b/doc/doxyout/hcrypto/manpages new file mode 100644 index 000000000000..fbd13d0ec2ac --- /dev/null +++ b/doc/doxyout/hcrypto/manpages @@ -0,0 +1,153 @@ +hcrypto/man/man3/DES_cbc_cksum.3 +hcrypto/man/man3/DES_cbc_encrypt.3 +hcrypto/man/man3/DES_cfb64_encrypt.3 +hcrypto/man/man3/DES_check_key_parity.3 +hcrypto/man/man3/DES_ecb3_encrypt.3 +hcrypto/man/man3/DES_ecb_encrypt.3 +hcrypto/man/man3/DES_ede3_cbc_encrypt.3 +hcrypto/man/man3/DES_encrypt.3 +hcrypto/man/man3/DES_init_random_number_generator.3 +hcrypto/man/man3/DES_is_weak_key.3 +hcrypto/man/man3/DES_key_sched.3 +hcrypto/man/man3/DES_new_random_key.3 +hcrypto/man/man3/DES_pcbc_encrypt.3 +hcrypto/man/man3/DES_random_key.3 +hcrypto/man/man3/DES_set_key.3 +hcrypto/man/man3/DES_set_key_checked.3 +hcrypto/man/man3/DES_set_key_unchecked.3 +hcrypto/man/man3/DES_set_odd_parity.3 +hcrypto/man/man3/DES_string_to_key.3 +hcrypto/man/man3/DH_check_pubkey.3 +hcrypto/man/man3/DH_compute_key.3 +hcrypto/man/man3/DH_free.3 +hcrypto/man/man3/DH_generate_key.3 +hcrypto/man/man3/DH_generate_parameters_ex.3 +hcrypto/man/man3/DH_get_default_method.3 +hcrypto/man/man3/DH_get_ex_data.3 +hcrypto/man/man3/DH_ltm_method.3 +hcrypto/man/man3/DH_new.3 +hcrypto/man/man3/DH_new_method.3 +hcrypto/man/man3/DH_null_method.3 +hcrypto/man/man3/DH_set_default_method.3 +hcrypto/man/man3/DH_set_ex_data.3 +hcrypto/man/man3/DH_set_method.3 +hcrypto/man/man3/DH_size.3 +hcrypto/man/man3/DH_up_ref.3 +hcrypto/man/man3/EVP_aes_128_cbc.3 +hcrypto/man/man3/EVP_aes_128_cfb8.3 +hcrypto/man/man3/EVP_aes_192_cbc.3 +hcrypto/man/man3/EVP_aes_192_cfb8.3 +hcrypto/man/man3/EVP_aes_256_cbc.3 +hcrypto/man/man3/EVP_aes_256_cfb8.3 +hcrypto/man/man3/EVP_BytesToKey.3 +hcrypto/man/man3/EVP_camellia_128_cbc.3 +hcrypto/man/man3/EVP_camellia_192_cbc.3 +hcrypto/man/man3/EVP_camellia_256_cbc.3 +hcrypto/man/man3/EVP_CIPHER_block_size.3 +hcrypto/man/man3/EVP_CIPHER_CTX_block_size.3 +hcrypto/man/man3/EVP_CIPHER_CTX_cipher.3 +hcrypto/man/man3/EVP_CIPHER_CTX_cleanup.3 +hcrypto/man/man3/EVP_CIPHER_CTX_ctrl.3 +hcrypto/man/man3/EVP_CIPHER_CTX_flags.3 +hcrypto/man/man3/EVP_CIPHER_CTX_get_app_data.3 +hcrypto/man/man3/EVP_CIPHER_CTX_init.3 +hcrypto/man/man3/EVP_CIPHER_CTX_iv_length.3 +hcrypto/man/man3/EVP_CIPHER_CTX_key_length.3 +hcrypto/man/man3/EVP_CIPHER_CTX_mode.3 +hcrypto/man/man3/EVP_CIPHER_CTX_rand_key.3 +hcrypto/man/man3/EVP_CIPHER_CTX_set_app_data.3 +hcrypto/man/man3/EVP_CIPHER_CTX_set_key_length.3 +hcrypto/man/man3/EVP_CIPHER_iv_length.3 +hcrypto/man/man3/EVP_CIPHER_key_length.3 +hcrypto/man/man3/EVP_CipherFinal_ex.3 +hcrypto/man/man3/EVP_CipherInit_ex.3 +hcrypto/man/man3/EVP_CipherUpdate.3 +hcrypto/man/man3/EVP_des_cbc.3 +hcrypto/man/man3/EVP_des_ede3_cbc.3 +hcrypto/man/man3/EVP_Digest.3 +hcrypto/man/man3/EVP_DigestFinal_ex.3 +hcrypto/man/man3/EVP_DigestInit_ex.3 +hcrypto/man/man3/EVP_DigestUpdate.3 +hcrypto/man/man3/EVP_enc_null.3 +hcrypto/man/man3/EVP_get_cipherbyname.3 +hcrypto/man/man3/EVP_hcrypto_aes_128_cbc.3 +hcrypto/man/man3/EVP_hcrypto_aes_128_cfb8.3 +hcrypto/man/man3/EVP_hcrypto_aes_192_cbc.3 +hcrypto/man/man3/EVP_hcrypto_aes_192_cfb8.3 +hcrypto/man/man3/EVP_hcrypto_aes_256_cbc.3 +hcrypto/man/man3/EVP_hcrypto_aes_256_cfb8.3 +hcrypto/man/man3/EVP_hcrypto_camellia_128_cbc.3 +hcrypto/man/man3/EVP_hcrypto_camellia_192_cbc.3 +hcrypto/man/man3/EVP_hcrypto_camellia_256_cbc.3 +hcrypto/man/man3/EVP_hcrypto_des_cbc.3 +hcrypto/man/man3/EVP_hcrypto_des_ede3_cbc.3 +hcrypto/man/man3/EVP_hcrypto_md2.3 +hcrypto/man/man3/EVP_hcrypto_md4.3 +hcrypto/man/man3/EVP_hcrypto_md5.3 +hcrypto/man/man3/EVP_hcrypto_rc2_40_cbc.3 +hcrypto/man/man3/EVP_hcrypto_rc2_64_cbc.3 +hcrypto/man/man3/EVP_hcrypto_rc2_cbc.3 +hcrypto/man/man3/EVP_hcrypto_sha1.3 +hcrypto/man/man3/EVP_hcrypto_sha256.3 +hcrypto/man/man3/EVP_hcrypto_sha384.3 +hcrypto/man/man3/EVP_hcrypto_sha512.3 +hcrypto/man/man3/EVP_md2.3 +hcrypto/man/man3/EVP_md4.3 +hcrypto/man/man3/EVP_md5.3 +hcrypto/man/man3/EVP_MD_block_size.3 +hcrypto/man/man3/EVP_MD_CTX_block_size.3 +hcrypto/man/man3/EVP_MD_CTX_cleanup.3 +hcrypto/man/man3/EVP_MD_CTX_create.3 +hcrypto/man/man3/EVP_MD_CTX_destroy.3 +hcrypto/man/man3/EVP_MD_CTX_init.3 +hcrypto/man/man3/EVP_MD_CTX_md.3 +hcrypto/man/man3/EVP_MD_CTX_size.3 +hcrypto/man/man3/EVP_md_null.3 +hcrypto/man/man3/EVP_MD_size.3 +hcrypto/man/man3/EVP_rc2_40_cbc.3 +hcrypto/man/man3/EVP_rc2_64_cbc.3 +hcrypto/man/man3/EVP_rc2_cbc.3 +hcrypto/man/man3/EVP_rc4.3 +hcrypto/man/man3/EVP_rc4_40.3 +hcrypto/man/man3/EVP_sha.3 +hcrypto/man/man3/EVP_sha1.3 +hcrypto/man/man3/EVP_sha256.3 +hcrypto/man/man3/EVP_sha384.3 +hcrypto/man/man3/EVP_sha512.3 +hcrypto/man/man3/EVP_wincrypt_des_ede3_cbc.3 +hcrypto/man/man3/hcrypto_core.3 +hcrypto/man/man3/hcrypto_des.3 +hcrypto/man/man3/hcrypto_dh.3 +hcrypto/man/man3/hcrypto_evp.3 +hcrypto/man/man3/hcrypto_misc.3 +hcrypto/man/man3/hcrypto_rand.3 +hcrypto/man/man3/hcrypto_rsa.3 +hcrypto/man/man3/OpenSSL_add_all_algorithms.3 +hcrypto/man/man3/OpenSSL_add_all_algorithms_conf.3 +hcrypto/man/man3/OpenSSL_add_all_algorithms_noconf.3 +hcrypto/man/man3/page_des.3 +hcrypto/man/man3/page_dh.3 +hcrypto/man/man3/page_evp.3 +hcrypto/man/man3/page_rand.3 +hcrypto/man/man3/page_rsa.3 +hcrypto/man/man3/PKCS5_PBKDF2_HMAC_SHA1.3 +hcrypto/man/man3/RAND_add.3 +hcrypto/man/man3/RAND_bytes.3 +hcrypto/man/man3/RAND_cleanup.3 +hcrypto/man/man3/RAND_file_name.3 +hcrypto/man/man3/RAND_get_rand_method.3 +hcrypto/man/man3/RAND_load_file.3 +hcrypto/man/man3/RAND_pseudo_bytes.3 +hcrypto/man/man3/RAND_seed.3 +hcrypto/man/man3/RAND_set_rand_engine.3 +hcrypto/man/man3/RAND_set_rand_method.3 +hcrypto/man/man3/RAND_status.3 +hcrypto/man/man3/RAND_write_file.3 +hcrypto/man/man3/RSA_free.3 +hcrypto/man/man3/RSA_get_app_data.3 +hcrypto/man/man3/RSA_get_method.3 +hcrypto/man/man3/RSA_new.3 +hcrypto/man/man3/RSA_new_method.3 +hcrypto/man/man3/RSA_set_app_data.3 +hcrypto/man/man3/RSA_set_method.3 +hcrypto/man/man3/RSA_up_ref.3 diff --git a/doc/doxyout/hdb/html/annotated.html b/doc/doxyout/hdb/html/annotated.html new file mode 100644 index 000000000000..90a64485ff08 --- /dev/null +++ b/doc/doxyout/hdb/html/annotated.html @@ -0,0 +1,35 @@ + + +Heimdalhdblibrary: Data Structures + + + +

+keyhole logo +

+ + + +
+

Data Structures

Here are the data structures with brief descriptions: + + +
HDB
hdb_entry_ex
+
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalhdblibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hdb/html/doxygen.css b/doc/doxyout/hdb/html/doxygen.css new file mode 100644 index 000000000000..22c484301dd1 --- /dev/null +++ b/doc/doxyout/hdb/html/doxygen.css @@ -0,0 +1,473 @@ +BODY,H1,H2,H3,H4,H5,H6,P,CENTER,TD,TH,UL,DL,DIV { + font-family: Geneva, Arial, Helvetica, sans-serif; +} +BODY,TD { + font-size: 90%; +} +H1 { + text-align: center; + font-size: 160%; +} +H2 { + font-size: 120%; +} +H3 { + font-size: 100%; +} +CAPTION { + font-weight: bold +} +DIV.qindex { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navpath { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navtab { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +TD.navtab { + font-size: 70%; +} +A.qindex { + text-decoration: none; + font-weight: bold; + color: #1A419D; +} +A.qindex:visited { + text-decoration: none; + font-weight: bold; + color: #1A419D +} +A.qindex:hover { + text-decoration: none; + background-color: #ddddff; +} +A.qindexHL { + text-decoration: none; + font-weight: bold; + background-color: #6666cc; + color: #ffffff; + border: 1px double #9295C2; +} +A.qindexHL:hover { + text-decoration: none; + background-color: #6666cc; + color: #ffffff; +} +A.qindexHL:visited { + text-decoration: none; + background-color: #6666cc; + color: #ffffff +} +A.el { + text-decoration: none; + font-weight: bold +} +A.elRef { + font-weight: bold +} +A.code:link { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.code:visited { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.codeRef:link { + font-weight: normal; + color: #0000FF +} +A.codeRef:visited { + font-weight: normal; + color: #0000FF +} +A:hover { + text-decoration: none; + background-color: #f2f2ff +} +DL.el { + margin-left: -1cm +} +.fragment { + font-family: monospace, fixed; + font-size: 95%; +} +PRE.fragment { + border: 1px solid #CCCCCC; + background-color: #f5f5f5; + margin-top: 4px; + margin-bottom: 4px; + margin-left: 2px; + margin-right: 8px; + padding-left: 6px; + padding-right: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +DIV.ah { + background-color: black; + font-weight: bold; + color: #ffffff; + margin-bottom: 3px; + margin-top: 3px +} + +DIV.groupHeader { + margin-left: 16px; + margin-top: 12px; + margin-bottom: 6px; + font-weight: bold; +} +DIV.groupText { + margin-left: 16px; + font-style: italic; + font-size: 90% +} +BODY { + background: white; + color: black; + margin-right: 20px; + margin-left: 20px; +} +TD.indexkey { + background-color: #e8eef2; + font-weight: bold; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TD.indexvalue { + background-color: #e8eef2; + font-style: italic; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TR.memlist { + background-color: #f0f0f0; +} +P.formulaDsp { + text-align: center; +} +IMG.formulaDsp { +} +IMG.formulaInl { + vertical-align: middle; +} +SPAN.keyword { color: #008000 } +SPAN.keywordtype { color: #604020 } +SPAN.keywordflow { color: #e08000 } +SPAN.comment { color: #800000 } +SPAN.preprocessor { color: #806020 } +SPAN.stringliteral { color: #002080 } +SPAN.charliteral { color: #008080 } +SPAN.vhdldigit { color: #ff00ff } +SPAN.vhdlchar { color: #000000 } +SPAN.vhdlkeyword { color: #700070 } +SPAN.vhdllogic { color: #ff0000 } + +.mdescLeft { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.mdescRight { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.memItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplParams { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + color: #606060; + background-color: #FAFAFA; + font-size: 80%; +} +.search { + color: #003399; + font-weight: bold; +} +FORM.search { + margin-bottom: 0px; + margin-top: 0px; +} +INPUT.search { + font-size: 75%; + color: #000080; + font-weight: normal; + background-color: #e8eef2; +} +TD.tiny { + font-size: 75%; +} +a { + color: #1A41A8; +} +a:visited { + color: #2A3798; +} +.dirtab { + padding: 4px; + border-collapse: collapse; + border: 1px solid #84b0c7; +} +TH.dirtab { + background: #e8eef2; + font-weight: bold; +} +HR { + height: 1px; + border: none; + border-top: 1px solid black; +} + +/* Style for detailed member documentation */ +.memtemplate { + font-size: 80%; + color: #606060; + font-weight: normal; + margin-left: 3px; +} +.memnav { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +.memitem { + padding: 4px; + background-color: #eef3f5; + border-width: 1px; + border-style: solid; + border-color: #dedeee; + -moz-border-radius: 8px 8px 8px 8px; +} +.memname { + white-space: nowrap; + font-weight: bold; +} +.memdoc{ + padding-left: 10px; +} +.memproto { + background-color: #d5e1e8; + width: 100%; + border-width: 1px; + border-style: solid; + border-color: #84b0c7; + font-weight: bold; + -moz-border-radius: 8px 8px 8px 8px; +} +.paramkey { + text-align: right; +} +.paramtype { + white-space: nowrap; +} +.paramname { + color: #602020; + font-style: italic; + white-space: nowrap; +} +/* End Styling for detailed member documentation */ + +/* for the tree view */ +.ftvtree { + font-family: sans-serif; + margin:0.5em; +} +/* these are for tree view when used as main index */ +.directory { + font-size: 9pt; + font-weight: bold; +} +.directory h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} + +/* The following two styles can be used to replace the root node title */ +/* with an image of your choice. Simply uncomment the next two styles, */ +/* specify the name of your image and be sure to set 'height' to the */ +/* proper pixel height of your image. */ + +/* .directory h3.swap { */ +/* height: 61px; */ +/* background-repeat: no-repeat; */ +/* background-image: url("yourimage.gif"); */ +/* } */ +/* .directory h3.swap span { */ +/* display: none; */ +/* } */ + +.directory > h3 { + margin-top: 0; +} +.directory p { + margin: 0px; + white-space: nowrap; +} +.directory div { + display: none; + margin: 0px; +} +.directory img { + vertical-align: -30%; +} +/* these are for tree view when not used as main index */ +.directory-alt { + font-size: 100%; + font-weight: bold; +} +.directory-alt h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} +.directory-alt > h3 { + margin-top: 0; +} +.directory-alt p { + margin: 0px; + white-space: nowrap; +} +.directory-alt div { + display: none; + margin: 0px; +} +.directory-alt img { + vertical-align: -30%; +} + diff --git a/doc/doxyout/hdb/html/doxygen.png b/doc/doxyout/hdb/html/doxygen.png new file mode 100644 index 0000000000000000000000000000000000000000..f0a274bbaffdd67f6d784c894d9cf28729db0e14 GIT binary patch literal 1281 zcmaJ>ZA?>F7(Vx-ms?uoS`b@hdRtpo6o^%HU>M$hfGrBvQnk$LE?p^P!kn&ikhyq! zX~V@&tPF5Qt@V?oTL96Bi%aRiwbe1)9DWQI#?)=HxS7QSw`J`5fAJ*eJbB;uNuKA& zdERDo*{Y<(If(#(B$Lr#;nB(8Y#ia=ZCeW?JfPLuQY`=@cW$k}Rivq|vbxGrRq1Tl9;+(gNt?}UtVKM2`T5t1jLzuL@0UIs`S#vlhl4)^ zLgSYrPj@$+`|j?eSbXTmiHGkWxV8V}BzNR?pl9k_s4pDu9vd5a_UzZEPk)}Ad{AV_ zzddrjrh4=Imr`E06;LY{)YYt?o}L~H@7C}F^WB!Ra=v`Q0bj{>5&$66CWF>mf6vjP z2N>RRY6ZYa=K`76>+|_)Xdwko+7wv}7cN|btOhWb(*{sta~6b?S8Omrxw}!4`NhGr zZVpNqpu1@BE`QGWNTpEpcJVW5izu~2B^GlM?1(OPg)zwW;QcP@Ltcclm>XbJL9C|j z=9!2?ua=uIlf0%AndzHsRC}IyTL$EhAee(fdKB`?27KeS^2M8M_7b~PiCFO&r5LC7 z7gl1*a<8;SjNaw#h=843_AV9iZbWQOAp5YOC^&_F*9K0> zB|6%IDb?aM#3viTxkLU4aXg&@+CkNTOnQ1iMP*^?b|^lJy$4C)Zk4isV!|RZ*XhXh zw8q3$=*0LeGC!XI_Wc?dkT~3+*Gu%%yIqP+Wr3H$=&ROMQU6q}Ag^P~>c5vAEO;a- z_dK-3PPeKar%)6$j~vI2#*-YH!1h6HYVtwCX5_wM`iF#UKz&&@9Oo5w3%XGYrX zW>dY~)SG-((Yim%`InwgTvyRC?e=Wh^8KCao!R6Eg&TpVWUY1sN~4G}V?nFnEGo-; zHZ_$eW9-GnC%^WS9b z@p;-$oH#MtC0v>Q$HX%4^JdFdO$0cbv-W)Q TtK}Eh@>>I#ipmV1>S*>q-hkC} literal 0 HcmV?d00001 diff --git a/doc/doxyout/hdb/html/functions.html b/doc/doxyout/hdb/html/functions.html new file mode 100644 index 000000000000..79beb71627dd --- /dev/null +++ b/doc/doxyout/hdb/html/functions.html @@ -0,0 +1,85 @@ + + +Heimdalhdblibrary: Data Fields + + + +

+keyhole logo +

+ + + +
+Here is a list of all documented struct and union fields with links to the struct/union documentation for each field: +

+

    +
  • hdb__del +: HDB +
  • hdb__get +: HDB +
  • hdb__put +: HDB +
  • hdb_auth_status +: HDB +
  • hdb_check_constrained_delegation +: HDB +
  • hdb_check_pkinit_ms_upn_match +: HDB +
  • hdb_check_s4u2self +: HDB +
  • hdb_close +: HDB +
  • hdb_destroy +: HDB +
  • hdb_fetch_kvno +: HDB +
  • hdb_firstkey +: HDB +
  • hdb_free +: HDB +
  • hdb_get_realms +: HDB +
  • hdb_lock +: HDB +
  • hdb_name +: HDB +
  • hdb_nextkey +: HDB +
  • hdb_open +: HDB +
  • hdb_password +: HDB +
  • hdb_remove +: HDB +
  • hdb_rename +: HDB +
  • hdb_store +: HDB +
  • hdb_unlock +: HDB +
+
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalhdblibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hdb/html/functions_vars.html b/doc/doxyout/hdb/html/functions_vars.html new file mode 100644 index 000000000000..3f095cc77433 --- /dev/null +++ b/doc/doxyout/hdb/html/functions_vars.html @@ -0,0 +1,85 @@ + + +Heimdalhdblibrary: Data Fields - Variables + + + +

+keyhole logo +

+ + + +
+  +

+

    +
  • hdb__del +: HDB +
  • hdb__get +: HDB +
  • hdb__put +: HDB +
  • hdb_auth_status +: HDB +
  • hdb_check_constrained_delegation +: HDB +
  • hdb_check_pkinit_ms_upn_match +: HDB +
  • hdb_check_s4u2self +: HDB +
  • hdb_close +: HDB +
  • hdb_destroy +: HDB +
  • hdb_fetch_kvno +: HDB +
  • hdb_firstkey +: HDB +
  • hdb_free +: HDB +
  • hdb_get_realms +: HDB +
  • hdb_lock +: HDB +
  • hdb_name +: HDB +
  • hdb_nextkey +: HDB +
  • hdb_open +: HDB +
  • hdb_password +: HDB +
  • hdb_remove +: HDB +
  • hdb_rename +: HDB +
  • hdb_store +: HDB +
  • hdb_unlock +: HDB +
+
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalhdblibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hdb/html/graph_legend.dot b/doc/doxyout/hdb/html/graph_legend.dot new file mode 100644 index 000000000000..4df0f1aa4864 --- /dev/null +++ b/doc/doxyout/hdb/html/graph_legend.dot @@ -0,0 +1,22 @@ +digraph G +{ + edge [fontname="FreeSans",fontsize=10,labelfontname="FreeSans",labelfontsize=10]; + node [fontname="FreeSans",fontsize=10,shape=record]; + Node9 [shape="box",label="Inherited",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",fillcolor="grey75",style="filled" fontcolor="black"]; + Node10 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node10 [shape="box",label="PublicBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPublicBase.html"]; + Node11 -> Node10 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node11 [shape="box",label="Truncated",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="red",URL="$classTruncated.html"]; + Node13 -> Node9 [dir=back,color="darkgreen",fontsize=10,style="solid",fontname="FreeSans"]; + Node13 [shape="box",label="ProtectedBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classProtectedBase.html"]; + Node14 -> Node9 [dir=back,color="firebrick4",fontsize=10,style="solid",fontname="FreeSans"]; + Node14 [shape="box",label="PrivateBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPrivateBase.html"]; + Node15 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node15 [shape="box",label="Undocumented",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="grey75"]; + Node16 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node16 [shape="box",label="Templ< int >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node17 -> Node16 [dir=back,color="orange",fontsize=10,style="dashed",label="< int >",fontname="FreeSans"]; + Node17 [shape="box",label="Templ< T >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node18 -> Node9 [dir=back,color="darkorchid3",fontsize=10,style="dashed",label="m_usedClass",fontname="FreeSans"]; + Node18 [shape="box",label="Used",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classUsed.html"]; +} diff --git a/doc/doxyout/hdb/html/graph_legend.html b/doc/doxyout/hdb/html/graph_legend.html new file mode 100644 index 000000000000..2f159e20f5df --- /dev/null +++ b/doc/doxyout/hdb/html/graph_legend.html @@ -0,0 +1,87 @@ + + +Heimdalhdblibrary: Graph Legend + + + +

+keyhole logo +

+ + + +
+

Graph Legend

This page explains how to interpret the graphs that are generated by doxygen.

+Consider the following example: 

/*! Invisible class because of truncation */
+class Invisible { };
+
+/*! Truncated class, inheritance relation is hidden */
+class Truncated : public Invisible { };
+
+/* Class not documented with doxygen comments */
+class Undocumented { };
+
+/*! Class that is inherited using public inheritance */
+class PublicBase : public Truncated { };
+
+/*! A template class */
+template<class T> class Templ { };
+
+/*! Class that is inherited using protected inheritance */
+class ProtectedBase { };
+
+/*! Class that is inherited using private inheritance */
+class PrivateBase { };
+
+/*! Class that is used by the Inherited class */
+class Used { };
+
+/*! Super class that inherits a number of other classes */
+class Inherited : public PublicBase,
+                  protected ProtectedBase,
+                  private PrivateBase,
+                  public Undocumented,
+                  public Templ<int>
+{
+  private:
+    Used *m_usedClass;
+};
+
If the MAX_DOT_GRAPH_HEIGHT tag in the configuration file is set to 240 this will result in the following graph:

+

+graph_legend.png +
+

+The boxes in the above graph have the following meaning:

    +
  • +A filled gray box represents the struct or class for which the graph is generated.
    • +
  • +A box with a black border denotes a documented struct or class.
    • +
  • +A box with a grey border denotes an undocumented struct or class.
    • +
  • +A box with a red border denotes a documented struct or class forwhich not all inheritance/containment relations are shown. A graph is truncated if it does not fit within the specified boundaries.
    • +
+The arrows have the following meaning:
    +
  • +A dark blue arrow is used to visualize a public inheritance relation between two classes.
    • +
  • +A dark green arrow is used for protected inheritance.
    • +
  • +A dark red arrow is used for private inheritance.
    • +
  • +A purple dashed arrow is used if a class is contained or used by another class. The arrow is labeled with the variable(s) through which the pointed class or struct is accessible.
    • +
  • +A yellow dashed arrow denotes a relation between a template instance and the template class it was instantiated from. The arrow is labeled with the template parameters of the instance.
    • +
+
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalhdblibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hdb/html/graph_legend.png b/doc/doxyout/hdb/html/graph_legend.png new file mode 100644 index 0000000000000000000000000000000000000000..9b96937bfd5f7a36ea8dbf2d64ed1bc0768f074d GIT binary patch literal 4256 zcmbVQdpOkH_8+NND!Jtq6-jtSR7_-I$|WI0?zfSY$_$d3afzvf+>+dd5k>AJ%rwTO zToWRpOjQk;SpA-vZaxFm|)qS zZ0&nc$jcV$urMS*mT>5$AW~=+0-V=-hk3d;65QJTE=oj@xp?1=Mih?*SJGP9x;tMV zMGEN%60bmjDaijL58nc4RjF^hegOwU1I*ccRUmxdMkPM4ng0%#|DsH zA6uS>izR^x-*dYB+Y^@(q_fm3bgQzJ)xH_6x>lGwshWF+C5$5dh3sYD)tK+C6U)CD z^Xomarii5PA4v8qF_zz#buUwD?ro`8dC&7V-sShflU~*CBDZ04x4+3qE16W{eL_xd z3YaO}b1qpA9YL|0YKdw~2PzM=1=7+ItLm0+tST@%D(MNDzHR)+2t0d#|s}$9i(3xGzT8VL8o-ltIwH zpspqZeXR&2qA6r=nJVuhHO>d5w2$gp9i$H^6ROz!yNTjvm&9kupV73|GPJbXR%Sq0{>>GOn}^wshXC&C~6F@ zQEtikDzl-h2C}qRulGQ3fxzQMGiQH>nv}zkLLPr|qAC;3@PP$cr?(+-t?Wl3jb0<+ z#bCd_jVJ74%s*@eBjHtio7tZ>$BFt@%$M_C#AZgnzPm@&TXYQgE_Vo-ac(6wcJS^F zq)^14asP#Se^m*cnG^`{K>nXv_jhChvr_3s{zCkoqlsf=o8GQ>m@l2)em-YYT;u5A zvL(o`$7n~F&}`E{@&v375BP8e8N#D`H-e$%bEytQt-6o^PA%Dz4c-UeB{`~c4E<$L zY5E6~rKXj#P=fpct4bMP!auX;p7jtP@Li|`r|L0{yav|CLqtLNI5sNFr)16{NP2=B zyY+-Wnh;%3ctC&{8FU{!e29-)s6j~L{~V=%0`Mo=V6^am+1%z2<9r3tD~6uUPff|k zVx!)!?zoJ8FYTDC+V^!??@ z4c>lSL|BU?N^?Ew@NJxJzG9eMGFyR)(2&@Nt!t3%JLT|%6obYCChp}`hP)dkti;UH zm+B_wyb0#h=*|iH4Fx&x>#k_WnyfzU(!KMagDGGLWwz39qG2@`w4@&@8MH}K=hcV> zo@xJdqtMHqtZ+UobNt|FkIRV*_Z#K{{Bb)#j z9XM+oNQX|Dn7$9c4;PX=9NRr)QYm+3 z zx^AyiP)aaJ#E<#aI_Z4M0qo~}6_b{Fw7LjYEpq&2eP4e=;`V;2lQjooTv3dWIpwWu z2b1z&DZD^dJ%5Ah@TPsb?SUP1RZa2=43!k>cAI`kktGdN*#k}_EFYJBtdo09U?xBs z9K9CSx_e{=df>B<4TT_=s52}n^1IKq){xhJIZR<%sQ$rL)Ww)Yt%WkDo#ad}s&Gx5 z={);tH9sSrJ>yD-tu!$ob?tPKmFU3SdDt@i5ULq$P+JZ&rBZXITMM2R4_v1ibgOiq zMgY#(>xF-;&)HonG+sHE@%)-B1*r)@ga3!db-Vc_x}smbXU4=Ycmit0F{Z9Z=q9*k zSY@ypaOs8`MX!BUZQ8*PNmX5$J|!1|LUar)5#Wv*4#g@nfsebEcx9@8Xwfb0Q9P(} z=SQ6#aIE*x06hjIS#Bd%McoJc%>SXksuJY|iLLCE2cQVDS=q0ExRn*~`i=fOw%XSg zjPMNGM@azaROpa|{rz4!=+zKM?qLTssH`{-E+@6Hhis|f3;+_M-ZtTHa|~uvmR1gf ztc+og%<|DBdt%HY{wmosZ0Dwo_$k|E-l5uc@dsfQXM7S|Iz@BxYy&z}hOFW|~F{vQ0Osp+?FjWk}l^^`$3d&Um1 z?&sxr?AAGlD4Khy<_>4od`Bblh?&9%UY#-Jq!c|?kU+hLL^MH@`5+jaq0btJpn7*b#Oeh1GEn6atjaCyIWfr0OqB$o*_K7>Hw0 z?BwrA^UZy(f_CdPoNz0!X6_EX?r80CuKuJ>x7Nfyd8EE%k&D?|=iJJfS>IQjndp+} zQwBq!$`>mvPmG!I^V(%R)Gym_|72^0&$a-L)TN^qtKvF!jlxIo?PRq6kTb-X53|%h z?IKy}wPh>cXPpl!CgqlED%v-a$)H5&WV66^EQctD_=l_ z8tuq$z=3tBNHyzQ{oqHd0c`bijo3DfaK&P6ljOYB*yU$_@k`qhq8=mtA4jS1B1K(j zvo2FBwlJ2mJRPCUqlyR$(a}O)y*2{y;Q!N$t<@I0rtBY~s9-^ohW}mp>mSLEID_fCC?)BC#xQVv6?MP3l1#chr!wPGR>M7_ma= zq&T4QLL#pPdxWMc8$@t?@@dX?v6SXk)pHf5YJBDF1J==c$=Ycr+-OyqR^Hvbl3sPR z*>|+VVnI4^ix_q({i~Ss$FYFSvqug*Szu}$jsTR7w#ajG&vB+e-65%XO$A}#xf?z1 zg)!qcIUN0peM-ZkW0&88#R#(`yIXN3nMRX3+scl<5eJ{+iXh{t%uA$^_(QR&k?6b}K!<(1P zqwP4`%br=wo_WfO34*7x=@)Qk8fo1(!f2_Wx<|KCf>TXR>Fs0He*PA|d0Gy2j)&Wm z%VnPoVWk((0ZN^Z;9t1nfauExQsXD8>~~^(ibEcj>iyB>^{0^bacb(gZMDZOg!?o2 zVa@4%Q3kdQ_jg7p|GidA+;Dh4mlhvBOEsuq(9T4mj7oc$7JRBo7sK z*E^0e%k=;_*U4pQ>$TPd_p@|Nm&X+6SCcizU6^Uhlfh+H#~(#zENDe!uqZ){ma3WhTpgE+}F#p~*bqL)ZYn`y8- zBOJ+jO4A2S!yO<}KP2QQ_3v@|Y0!qSg0~x9LPU!Rsy0*lW)2#guxB_)5P-_Hzz)sa zrnuTszvZ!oPt?A{2s%#E?qLUMss-0P-a={w>U|QXvO8{_pDLhOoY0}ZSU>&a#hJ<$ zf4Q&uT+Go7?*M0-NYFE>V%3O24hlHr&CvTIS_##QeB#n}e(gAe6vWs=NZv-DofbkO zu7$-h7Q@{+$HyEaDZEwf6AwUFq;NBnTgsf5s%mT33zz?)Ep+-3VmZ8*J#3y~)Ura$ zpPFz&43@7o6>!a?EZ!3?!?z=`K9*}HvAgu@#TSq?Ptjq6-{ylGIr3f2q%wW0|I7*vVROWS&K z1ujjlesAY3i{h8`HADO2qu*4TzqaC^gbVQY}Bcx zdccd&Kl-bUFIRb=gLuNk3HsaqMMi`2e%ujt?uM0xCs*bj=EwvJFU`+a_d(+X)YjtG z8ViTUA+`cG73Cc^6!T_s=HK)o?m&=mp;4>0A$DnH#54&G^7{I|FO#0N%dZAibZ>6* z?nPYXp5X^8B9a_9oS$PjT-x+F#$I{v>ysq>cBG2e?JyMGV2r`NPxrsx8;iIjX^q~Dr;D*ylh literal 0 HcmV?d00001 diff --git a/doc/doxyout/hdb/html/index.html b/doc/doxyout/hdb/html/index.html new file mode 100644 index 000000000000..b930240c76d9 --- /dev/null +++ b/doc/doxyout/hdb/html/index.html @@ -0,0 +1,33 @@ + + +Heimdalhdblibrary: Heimdal database backend library + + + +

+keyhole logo +

+ + + +
+

Heimdal database backend library

+

+

1.5

+Introduction

+Heimdal libhdb library provides the backend support for Heimdal kdc and kadmind. Its here where plugins for diffrent database engines can be pluged in and extend support for here Heimdal get the principal and policy data from.

+Example of Heimdal backend are:

    +
  • Berkeley DB 1.85
  • Berkeley DB 3.0
  • Berkeley DB 4.0
  • New Berkeley DB
  • LDAP
+

+The project web page: http://www.h5l.org/

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalhdblibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hdb/html/struct_h_d_b.html b/doc/doxyout/hdb/html/struct_h_d_b.html new file mode 100644 index 000000000000..1529a90c9c1d --- /dev/null +++ b/doc/doxyout/hdb/html/struct_h_d_b.html @@ -0,0 +1,430 @@ + + +Heimdalhdblibrary: HDB Struct Reference + + + +

+keyhole logo +

+ + + +
+

HDB Struct Reference

#include <hdb.h> +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Data Fields

char * hdb_name
krb5_error_code(* hdb_open )(krb5_context, struct HDB *, int, mode_t)
krb5_error_code(* hdb_close )(krb5_context, struct HDB *)
void(* hdb_free )(krb5_context, struct HDB *, hdb_entry_ex *)
krb5_error_code(* hdb_fetch_kvno )(krb5_context, struct HDB *, krb5_const_principal, unsigned, krb5_kvno, hdb_entry_ex *)
krb5_error_code(* hdb_store )(krb5_context, struct HDB *, unsigned, hdb_entry_ex *)
krb5_error_code(* hdb_remove )(krb5_context, struct HDB *, krb5_const_principal)
krb5_error_code(* hdb_firstkey )(krb5_context, struct HDB *, unsigned, hdb_entry_ex *)
krb5_error_code(* hdb_nextkey )(krb5_context, struct HDB *, unsigned, hdb_entry_ex *)
krb5_error_code(* hdb_lock )(krb5_context, struct HDB *, int)
krb5_error_code(* hdb_unlock )(krb5_context, struct HDB *)
krb5_error_code(* hdb_rename )(krb5_context, struct HDB *, const char *)
krb5_error_code(* hdb__get )(krb5_context, struct HDB *, krb5_data, krb5_data *)
krb5_error_code(* hdb__put )(krb5_context, struct HDB *, int, krb5_data, krb5_data)
krb5_error_code(* hdb__del )(krb5_context, struct HDB *, krb5_data)
krb5_error_code(* hdb_destroy )(krb5_context, struct HDB *)
krb5_error_code(* hdb_get_realms )(krb5_context, struct HDB *, krb5_realm **)
krb5_error_code(* hdb_password )(krb5_context, struct HDB *, hdb_entry_ex *, const char *, int)
krb5_error_code(* hdb_auth_status )(krb5_context, struct HDB *, hdb_entry_ex *, int)
krb5_error_code(* hdb_check_constrained_delegation )(krb5_context, struct HDB *, hdb_entry_ex *, krb5_const_principal)
krb5_error_code(* hdb_check_pkinit_ms_upn_match )(krb5_context, struct HDB *, hdb_entry_ex *, krb5_const_principal)
krb5_error_code(* hdb_check_s4u2self )(krb5_context, struct HDB *, hdb_entry_ex *, krb5_const_principal)
+

Detailed Description

+HDB backend function pointer structure

+The HDB structure is what the KDC and kadmind framework uses to query the backend database when talking about principals.

Field Documentation

+ +
+
+ + + + +
char* HDB::hdb_name
+
+
+ +

+don't use, only for DB3 +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_open)(krb5_context, struct HDB *, int, mode_t)
+
+
+ +

+Open (or create) the a Kerberos database.

+Open (or create) the a Kerberos database that was resolved with hdb_create(). The third and fourth flag to the function are the same as open(), thus passing O_CREAT will create the data base if it doesn't exists.

+Then done the caller should call hdb_close(), and to release all resources hdb_destroy(). +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_close)(krb5_context, struct HDB *)
+
+
+ +

+Close the database for transaction

+Closes the database for further transactions, wont release any permanant resources. the database can be ->hdb_open-ed again. +

+

+ +

+
+ + + + +
void(* HDB::hdb_free)(krb5_context, struct HDB *, hdb_entry_ex *)
+
+
+ +

+Free an entry after use. +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_fetch_kvno)(krb5_context, struct HDB *, krb5_const_principal, unsigned, krb5_kvno, hdb_entry_ex *)
+
+
+ +

+Fetch an entry from the backend

+Fetch an entry from the backend, flags are what type of entry should be fetch: client, server, krbtgt. knvo (if specified and flags HDB_F_KVNO_SPECIFIED set) is the kvno to get +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_store)(krb5_context, struct HDB *, unsigned, hdb_entry_ex *)
+
+
+ +

+Store an entry to database +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_remove)(krb5_context, struct HDB *, krb5_const_principal)
+
+
+ +

+Remove an entry from the database. +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_firstkey)(krb5_context, struct HDB *, unsigned, hdb_entry_ex *)
+
+
+ +

+As part of iteration, fetch one entry +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_nextkey)(krb5_context, struct HDB *, unsigned, hdb_entry_ex *)
+
+
+ +

+As part of iteration, fetch next entry +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_lock)(krb5_context, struct HDB *, int)
+
+
+ +

+Lock database

+A lock can only be held by one consumers. Transaction can still happen on the database while the lock is held, so the entry is only useful for syncroning creation of the database and renaming of the database. +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_unlock)(krb5_context, struct HDB *)
+
+
+ +

+Unlock database +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_rename)(krb5_context, struct HDB *, const char *)
+
+
+ +

+Rename the data base.

+Assume that the database is not hdb_open'ed and not locked. +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb__get)(krb5_context, struct HDB *, krb5_data, krb5_data *)
+
+
+ +

+Get an hdb_entry from a classical DB backend

+If the database is a classical DB (ie BDB, NDBM, GDBM, etc) backend, this function will take a principal key (krb5_data) and return all data related to principal in the return krb5_data. The returned encoded entry is of type hdb_entry or hdb_entry_alias. +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb__put)(krb5_context, struct HDB *, int, krb5_data, krb5_data)
+
+
+ +

+Store an hdb_entry from a classical DB backend

+Same discussion as in HDB::hdb__get +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb__del)(krb5_context, struct HDB *, krb5_data)
+
+
+ +

+Delete and hdb_entry from a classical DB backend

+Same discussion as in HDB::hdb__get +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_destroy)(krb5_context, struct HDB *)
+
+
+ +

+Destroy the handle to the database.

+Destroy the handle to the database, deallocate all memory and related resources. Does not remove any permanent data. Its the logical reverse of hdb_create() function that is the entry point for the module. +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_get_realms)(krb5_context, struct HDB *, krb5_realm **)
+
+
+ +

+Get the list of realms this backend handles. This call is optional to support. The returned realms are used for announcing the realms over bonjour. Free returned array with krb5_free_host_realm(). +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_password)(krb5_context, struct HDB *, hdb_entry_ex *, const char *, int)
+
+
+ +

+Change password.

+Will update keys for the entry when given password. The new keys must be written into the entry and will then later be ->hdb_store() into the database. The backend will still perform all other operations, increasing the kvno, and update modification timestamp.

+The backend needs to call _kadm5_set_keys() and perform password quality checks. +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_auth_status)(krb5_context, struct HDB *, hdb_entry_ex *, int)
+
+
+ +

+Auth feedback

+This is a feedback call that allows backends that provides lockout functionality to register failure and/or successes.

+In case the entry is locked out, the backend should set the hdb_entry.flags.locked-out flag. +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_check_constrained_delegation)(krb5_context, struct HDB *, hdb_entry_ex *, krb5_const_principal)
+
+
+ +

+Check if delegation is allowed. +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_check_pkinit_ms_upn_match)(krb5_context, struct HDB *, hdb_entry_ex *, krb5_const_principal)
+
+
+ +

+Check if this name is an alias for the supplied client for PKINIT userPrinicpalName logins +

+

+ +

+
+ + + + +
krb5_error_code(* HDB::hdb_check_s4u2self)(krb5_context, struct HDB *, hdb_entry_ex *, krb5_const_principal)
+
+
+ +

+Check if s4u2self is allowed from this client to this server +

+

+

The documentation for this struct was generated from the following file:
    +
  • /Users/lha/src/heimdal/heimdal-release/heimdal-1.5/lib/hdb/hdb.h
+
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalhdblibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hdb/html/structhdb__entry__ex.html b/doc/doxyout/hdb/html/structhdb__entry__ex.html new file mode 100644 index 000000000000..35641e4c856d --- /dev/null +++ b/doc/doxyout/hdb/html/structhdb__entry__ex.html @@ -0,0 +1,39 @@ + + +Heimdalhdblibrary: hdb_entry_ex Struct Reference + + + +

+keyhole logo +

+ + + +
+

hdb_entry_ex Struct Reference

#include <hdb.h> +

+ + +
+

Detailed Description

+hdb_entry_ex is a wrapper structure around the hdb_entry structure that allows backends to keep a pointer to the backing store, ie in ->hdb_fetch_kvno(), so that we the kadmin/kpasswd backend gets around to ->hdb_store(), the backend doesn't need to lookup the entry again.
The documentation for this struct was generated from the following file:
    +
  • /Users/lha/src/heimdal/heimdal-release/heimdal-1.5/lib/hdb/hdb.h
+
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalhdblibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hdb/html/tab_b.gif b/doc/doxyout/hdb/html/tab_b.gif new file mode 100644 index 0000000000000000000000000000000000000000..0d623483ffdf5f9f96900108042a7ab0643fe2a3 GIT binary patch literal 35 ncmZ?wbhEHbWMp7uXkcJy*>IeJfk6j|fqX^=1|}vKMh0sDa2W*H literal 0 HcmV?d00001 diff --git a/doc/doxyout/hdb/html/tab_l.gif b/doc/doxyout/hdb/html/tab_l.gif new file mode 100644 index 0000000000000000000000000000000000000000..9b1e6337c9299a700401a2a78a2c6ffced475216 GIT binary patch literal 706 zcmZ?wbhEHbZT`}F1e&(Gg}Y(8=I;HA5#Z$3JI=gGB)FQ#odI(O&E^@q;x zK6mr*m3xOS-#u~t!I@i+u0DKm^U160k6t`|^WpV}&n+8{U%dD9&a>B#U%!9-@yol< zU%&tQ{rk_K|NsC0`}dE5ET99@1@a36+kb~?0UJ*yc&I3X_m z!ND^5$O7$#8OFRuDhG}!?8z?cdZK&!`PWjdR;Aj^wZ` zeK{IEYHBJ)6K8VIp1`BVt++swf6j+=L{p1*nO(VhE`pFexG@5$|>uaCcd z`0m=9m+yak{QmXN#Sc$^{$X9h9&q2jiKAI|&T)a;PPx2K9p`YIdw8HtR5k2Q$2-O2 z*;3y{MQ-RnJTgJfI&R5|O)AHxDf_00XbPvDZPy4t=hHd)nfLPvms&O`Ok(sD()5v$ z5U@&h;a=#xbxVbo2~X&Xj0Ie(f{v>vERH+qC+nTG=B8Nca=wU-O$?1&vUgV~9=!H; zx>3p9Yn%*<>t~sk+&0xfyS8RsPfYBd<~wWK%j-LmpU>O7yX^h#UCp1x-p#i7@bE;py8XI6 zmY<)m>~)W~yIWcMVoiPg{duuf<*)9qZ9l$m*Ph&W&$jlv*Vpa+{pH@n=IQ$L?0$ax ec60Ul|8o2P|NVbd{6P)#weSbE3}s?04AuZvx_~SI literal 0 HcmV?d00001 diff --git a/doc/doxyout/hdb/html/tab_r.gif b/doc/doxyout/hdb/html/tab_r.gif new file mode 100644 index 0000000000000000000000000000000000000000..ce9dd9f533cb5486d6941844f442b59d4a9e9175 GIT binary patch literal 2585 zcmbV}`9Bkk1ILFF--w5zJc=ZZT(zjE=;2|_S)Qm~rCWz1Pc)KPl;jv%A#&v2*x}yc zmf2~Jm~&=xjJY?PqwIN}f8qQ2{r$uH{c*nJbmr{cR5??*egHrs-B=MzCF`3%e{FAW z{oL5xTHn~5TM{jaB;@|_Ue5F&Zb@p(kMyG{*;gWDg zyeL|eZf7Qd8=#bXzSiR{yzRgLSj-fJS8>lBjVHN z^o-0eS=nE6a`W;LChBs=`+QAJP~{b93>H^eRb5kCSC1zUNezun%`L5M?RDzv#%jk7 zYVRX=vATPD`+oEfum^{RM@GjuP?-r=yh0!p;Vx^T9G7~`7%5ydH%70=jyJ;;`d;hv92x3R=z{xp+Lg2!*@OK*K15-t&okoPtSED)h&$RLxdbA zseWm^C3d%-yRNi-ryk^!ek+C`n&~cd$#ZWct_cUL{l~i+Nzx^5d!n94(>bW-iL~Rl z&8r)?q|1DIo=0=judQ{FaGcfLERz8gfn3-Qt<2lksh{mzpT}DXxUuR^z=^key&q4! z+wWI45vL0k$R^(F#{qfqhUsN@WA+w-V?LPH33!Q?WFSB3)WBojE@hK41Nb?KfS+Qo zXgrzfsP$wr4Qzy*{OD>uJBjdgGM@VMml5)2f~_}lD*YyOb}Hjeobhz#4c`w(l^>KK zr?Ud;W~Z}*w;%hZ|2^p^+f06gJDJQD zeIhGADbDmm&6arh(q>EZ<7mjzg7l|z$hRL8=1>)Nv=S7CY$B}iYJ&*T_-T_OG*L1q ztZ3Lana33?y3AKnyq^YCF|4x%Rb5WU&2qcl{TFKey%QJeMxn^SdT!hZ5+0i1zeusiYVp-phBl7b5+Px-X&LhByq z0F&<;K0l2+v>qiHlXb#$jXMv$uK-dEGE9L~qtdU(XeRXmvu*K2Q&6!fD**JxYP4b4BR7FdJ$Qx9G9`J%-_X!a#LGpp3g9)VWytGCa;7`S1_e8F~!R+aSJ zOF17p2`H?2kPs8Q`_;U}+D%3p zs2-0BTqFwpUoBk`?P;iPQ(IbEA|JmMx!P&YYG|R@S=5Mnw;-?A6rEEVyV%d7{iU4a zNk`i!%F(Ykpm`}#oH;BjY->@b8vQedv;pza2FL&*6ufjd+*3Ute&>kes~TU?^KkojsTh(o~(3tk1Y6>4(yn( z#U*ID9@eg-beKo1B;HXe+}{Z%n@7m0+yxivuqk9~;!1LGQlah)xYK4>wgL}l6dsaN zIxlRlq`*`j9PG4*0hD6YV_b_2w5b#)o7J?`q#{GjvvKlD`T*dWcZx<-s(ZvLB44E# z=!|sw!?)@%y$oRNL#25WS3lzdii}TuQ3?CLnvQ1_n};2sT_;Y;#d3=+-(O% zMN$>O!3;ke(UuLR%h_&)N zs^!-@A>QR}4yB1bPp`9S19ikTbZ~O{&FF-yHK{En;mmShDUIEw03`j(DBIsM}Rjki2J#SQa3gFZTKBPDeIiLt9Z z%bL3(B@Qw%(B`wSMS~dPh$=R`(}lBoFXKy(s|*{#ru$wjsBc_O#zxNk9w+UUHmx(U zmJ8+M+ndtnZ<7|VU9Mbt61zpo9T&3%Wx&XII=#QJxjR`CZf22ac3d51Z?GD%LEe_&*t46Qf;4`bZ7p2K(Ab5>GfT^}4! zBT&HZD`^PEgWoI&{~o-ID0F?O`75sm(87x%A{(}Ch1)QlzdJ)1B-eqe5a(weg0`4lQIf1evjvbBY50DVbzO7CLf|vP z2#0(U-|jZ`H{y5N^o7%iK6H>_HEGN->U6^!)1{XpJV!!4(Ig7wzZQ*9WYF4X1rG0x z=1uA@i`rIAciubDC{;~b(|&|A@xkjRP5aRcvRU9tvIm}jDB6J eQ0-6-y)mpwdT=ayS0tBxKDA*~;EWmo literal 0 HcmV?d00001 diff --git a/doc/doxyout/hdb/html/tabs.css b/doc/doxyout/hdb/html/tabs.css new file mode 100644 index 000000000000..95f00a91da30 --- /dev/null +++ b/doc/doxyout/hdb/html/tabs.css @@ -0,0 +1,102 @@ +/* tabs styles, based on http://www.alistapart.com/articles/slidingdoors */ + +DIV.tabs +{ + float : left; + width : 100%; + background : url("tab_b.gif") repeat-x bottom; + margin-bottom : 4px; +} + +DIV.tabs UL +{ + margin : 0px; + padding-left : 10px; + list-style : none; +} + +DIV.tabs LI, DIV.tabs FORM +{ + display : inline; + margin : 0px; + padding : 0px; +} + +DIV.tabs FORM +{ + float : right; +} + +DIV.tabs A +{ + float : left; + background : url("tab_r.gif") no-repeat right top; + border-bottom : 1px solid #84B0C7; + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + +DIV.tabs A:hover +{ + background-position: 100% -150px; +} + +DIV.tabs A:link, DIV.tabs A:visited, +DIV.tabs A:active, DIV.tabs A:hover +{ + color: #1A419D; +} + +DIV.tabs SPAN +{ + float : left; + display : block; + background : url("tab_l.gif") no-repeat left top; + padding : 5px 9px; + white-space : nowrap; +} + +DIV.tabs INPUT +{ + float : right; + display : inline; + font-size : 1em; +} + +DIV.tabs TD +{ + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + + + +/* Commented Backslash Hack hides rule from IE5-Mac \*/ +DIV.tabs SPAN {float : none;} +/* End IE5-Mac hack */ + +DIV.tabs A:hover SPAN +{ + background-position: 0% -150px; +} + +DIV.tabs LI.current A +{ + background-position: 100% -150px; + border-width : 0px; +} + +DIV.tabs LI.current SPAN +{ + background-position: 0% -150px; + padding-bottom : 6px; +} + +DIV.navpath +{ + background : none; + border : none; + border-bottom : 1px solid #84B0C7; +} diff --git a/doc/doxyout/hdb/man/man3/HDB.3 b/doc/doxyout/hdb/man/man3/HDB.3 new file mode 100644 index 000000000000..3ff4404491c0 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/HDB.3 @@ -0,0 +1,185 @@ +.TH "HDB" 3 "30 Jul 2011" "Version 1.5" "Heimdalhdblibrary" \" -*- nroff -*- +.ad l +.nh +.SH NAME +HDB \- +.SH SYNOPSIS +.br +.PP +\fC#include \fP +.PP +.SS "Data Fields" + +.in +1c +.ti -1c +.RI "char * \fBhdb_name\fP" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_open\fP )(krb5_context, struct \fBHDB\fP *, int, mode_t)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_close\fP )(krb5_context, struct \fBHDB\fP *)" +.br +.ti -1c +.RI "void(* \fBhdb_free\fP )(krb5_context, struct \fBHDB\fP *, \fBhdb_entry_ex\fP *)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_fetch_kvno\fP )(krb5_context, struct \fBHDB\fP *, krb5_const_principal, unsigned, krb5_kvno, \fBhdb_entry_ex\fP *)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_store\fP )(krb5_context, struct \fBHDB\fP *, unsigned, \fBhdb_entry_ex\fP *)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_remove\fP )(krb5_context, struct \fBHDB\fP *, krb5_const_principal)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_firstkey\fP )(krb5_context, struct \fBHDB\fP *, unsigned, \fBhdb_entry_ex\fP *)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_nextkey\fP )(krb5_context, struct \fBHDB\fP *, unsigned, \fBhdb_entry_ex\fP *)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_lock\fP )(krb5_context, struct \fBHDB\fP *, int)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_unlock\fP )(krb5_context, struct \fBHDB\fP *)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_rename\fP )(krb5_context, struct \fBHDB\fP *, const char *)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb__get\fP )(krb5_context, struct \fBHDB\fP *, krb5_data, krb5_data *)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb__put\fP )(krb5_context, struct \fBHDB\fP *, int, krb5_data, krb5_data)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb__del\fP )(krb5_context, struct \fBHDB\fP *, krb5_data)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_destroy\fP )(krb5_context, struct \fBHDB\fP *)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_get_realms\fP )(krb5_context, struct \fBHDB\fP *, krb5_realm **)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_password\fP )(krb5_context, struct \fBHDB\fP *, \fBhdb_entry_ex\fP *, const char *, int)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_auth_status\fP )(krb5_context, struct \fBHDB\fP *, \fBhdb_entry_ex\fP *, int)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_check_constrained_delegation\fP )(krb5_context, struct \fBHDB\fP *, \fBhdb_entry_ex\fP *, krb5_const_principal)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_check_pkinit_ms_upn_match\fP )(krb5_context, struct \fBHDB\fP *, \fBhdb_entry_ex\fP *, krb5_const_principal)" +.br +.ti -1c +.RI "krb5_error_code(* \fBhdb_check_s4u2self\fP )(krb5_context, struct \fBHDB\fP *, \fBhdb_entry_ex\fP *, krb5_const_principal)" +.br +.in -1c +.SH "Detailed Description" +.PP +\fBHDB\fP backend function pointer structure +.PP +The \fBHDB\fP structure is what the KDC and kadmind framework uses to query the backend database when talking about principals. +.SH "Field Documentation" +.PP +.SS "char* \fBHDB::hdb_name\fP" +.PP +don't use, only for DB3 +.SS "krb5_error_code(* \fBHDB::hdb_open\fP)(krb5_context, struct \fBHDB\fP *, int, mode_t)" +.PP +Open (or create) the a Kerberos database. +.PP +Open (or create) the a Kerberos database that was resolved with hdb_create(). The third and fourth flag to the function are the same as open(), thus passing O_CREAT will create the data base if it doesn't exists. +.PP +Then done the caller should call \fBhdb_close()\fP, and to release all resources \fBhdb_destroy()\fP. +.SS "krb5_error_code(* \fBHDB::hdb_close\fP)(krb5_context, struct \fBHDB\fP *)" +.PP +Close the database for transaction +.PP +Closes the database for further transactions, wont release any permanant resources. the database can be ->hdb_open-ed again. +.SS "void(* \fBHDB::hdb_free\fP)(krb5_context, struct \fBHDB\fP *, \fBhdb_entry_ex\fP *)" +.PP +Free an entry after use. +.SS "krb5_error_code(* \fBHDB::hdb_fetch_kvno\fP)(krb5_context, struct \fBHDB\fP *, krb5_const_principal, unsigned, krb5_kvno, \fBhdb_entry_ex\fP *)" +.PP +Fetch an entry from the backend +.PP +Fetch an entry from the backend, flags are what type of entry should be fetch: client, server, krbtgt. knvo (if specified and flags HDB_F_KVNO_SPECIFIED set) is the kvno to get +.SS "krb5_error_code(* \fBHDB::hdb_store\fP)(krb5_context, struct \fBHDB\fP *, unsigned, \fBhdb_entry_ex\fP *)" +.PP +Store an entry to database +.SS "krb5_error_code(* \fBHDB::hdb_remove\fP)(krb5_context, struct \fBHDB\fP *, krb5_const_principal)" +.PP +Remove an entry from the database. +.SS "krb5_error_code(* \fBHDB::hdb_firstkey\fP)(krb5_context, struct \fBHDB\fP *, unsigned, \fBhdb_entry_ex\fP *)" +.PP +As part of iteration, fetch one entry +.SS "krb5_error_code(* \fBHDB::hdb_nextkey\fP)(krb5_context, struct \fBHDB\fP *, unsigned, \fBhdb_entry_ex\fP *)" +.PP +As part of iteration, fetch next entry +.SS "krb5_error_code(* \fBHDB::hdb_lock\fP)(krb5_context, struct \fBHDB\fP *, int)" +.PP +Lock database +.PP +A lock can only be held by one consumers. Transaction can still happen on the database while the lock is held, so the entry is only useful for syncroning creation of the database and renaming of the database. +.SS "krb5_error_code(* \fBHDB::hdb_unlock\fP)(krb5_context, struct \fBHDB\fP *)" +.PP +Unlock database +.SS "krb5_error_code(* \fBHDB::hdb_rename\fP)(krb5_context, struct \fBHDB\fP *, const char *)" +.PP +Rename the data base. +.PP +Assume that the database is not hdb_open'ed and not locked. +.SS "krb5_error_code(* \fBHDB::hdb__get\fP)(krb5_context, struct \fBHDB\fP *, krb5_data, krb5_data *)" +.PP +Get an hdb_entry from a classical DB backend +.PP +If the database is a classical DB (ie BDB, NDBM, GDBM, etc) backend, this function will take a principal key (krb5_data) and return all data related to principal in the return krb5_data. The returned encoded entry is of type hdb_entry or hdb_entry_alias. +.SS "krb5_error_code(* \fBHDB::hdb__put\fP)(krb5_context, struct \fBHDB\fP *, int, krb5_data, krb5_data)" +.PP +Store an hdb_entry from a classical DB backend +.PP +Same discussion as in \fBHDB::hdb__get\fP +.SS "krb5_error_code(* \fBHDB::hdb__del\fP)(krb5_context, struct \fBHDB\fP *, krb5_data)" +.PP +Delete and hdb_entry from a classical DB backend +.PP +Same discussion as in \fBHDB::hdb__get\fP +.SS "krb5_error_code(* \fBHDB::hdb_destroy\fP)(krb5_context, struct \fBHDB\fP *)" +.PP +Destroy the handle to the database. +.PP +Destroy the handle to the database, deallocate all memory and related resources. Does not remove any permanent data. Its the logical reverse of hdb_create() function that is the entry point for the module. +.SS "krb5_error_code(* \fBHDB::hdb_get_realms\fP)(krb5_context, struct \fBHDB\fP *, krb5_realm **)" +.PP +Get the list of realms this backend handles. This call is optional to support. The returned realms are used for announcing the realms over bonjour. Free returned array with krb5_free_host_realm(). +.SS "krb5_error_code(* \fBHDB::hdb_password\fP)(krb5_context, struct \fBHDB\fP *, \fBhdb_entry_ex\fP *, const char *, int)" +.PP +Change password. +.PP +Will update keys for the entry when given password. The new keys must be written into the entry and will then later be ->\fBhdb_store()\fP into the database. The backend will still perform all other operations, increasing the kvno, and update modification timestamp. +.PP +The backend needs to call _kadm5_set_keys() and perform password quality checks. +.SS "krb5_error_code(* \fBHDB::hdb_auth_status\fP)(krb5_context, struct \fBHDB\fP *, \fBhdb_entry_ex\fP *, int)" +.PP +Auth feedback +.PP +This is a feedback call that allows backends that provides lockout functionality to register failure and/or successes. +.PP +In case the entry is locked out, the backend should set the hdb_entry.flags.locked-out flag. +.SS "krb5_error_code(* \fBHDB::hdb_check_constrained_delegation\fP)(krb5_context, struct \fBHDB\fP *, \fBhdb_entry_ex\fP *, krb5_const_principal)" +.PP +Check if delegation is allowed. +.SS "krb5_error_code(* \fBHDB::hdb_check_pkinit_ms_upn_match\fP)(krb5_context, struct \fBHDB\fP *, \fBhdb_entry_ex\fP *, krb5_const_principal)" +.PP +Check if this name is an alias for the supplied client for PKINIT userPrinicpalName logins +.SS "krb5_error_code(* \fBHDB::hdb_check_s4u2self\fP)(krb5_context, struct \fBHDB\fP *, \fBhdb_entry_ex\fP *, krb5_const_principal)" +.PP +Check if s4u2self is allowed from this client to this server + +.SH "Author" +.PP +Generated automatically by Doxygen for Heimdalhdblibrary from the source code. diff --git a/doc/doxyout/hdb/man/man3/hdb__del.3 b/doc/doxyout/hdb/man/man3/hdb__del.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb__del.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb__get.3 b/doc/doxyout/hdb/man/man3/hdb__get.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb__get.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb__put.3 b/doc/doxyout/hdb/man/man3/hdb__put.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb__put.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_auth_status.3 b/doc/doxyout/hdb/man/man3/hdb_auth_status.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_auth_status.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_check_constrained_delegation.3 b/doc/doxyout/hdb/man/man3/hdb_check_constrained_delegation.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_check_constrained_delegation.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_check_pkinit_ms_upn_match.3 b/doc/doxyout/hdb/man/man3/hdb_check_pkinit_ms_upn_match.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_check_pkinit_ms_upn_match.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_check_s4u2self.3 b/doc/doxyout/hdb/man/man3/hdb_check_s4u2self.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_check_s4u2self.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_close.3 b/doc/doxyout/hdb/man/man3/hdb_close.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_close.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_destroy.3 b/doc/doxyout/hdb/man/man3/hdb_destroy.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_destroy.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_entry_ex.3 b/doc/doxyout/hdb/man/man3/hdb_entry_ex.3 new file mode 100644 index 000000000000..67334d6febd9 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_entry_ex.3 @@ -0,0 +1,17 @@ +.TH "hdb_entry_ex" 3 "30 Jul 2011" "Version 1.5" "Heimdalhdblibrary" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hdb_entry_ex \- +.SH SYNOPSIS +.br +.PP +\fC#include \fP +.PP +.SH "Detailed Description" +.PP +\fBhdb_entry_ex\fP is a wrapper structure around the hdb_entry structure that allows backends to keep a pointer to the backing store, ie in ->hdb_fetch_kvno(), so that we the kadmin/kpasswd backend gets around to ->hdb_store(), the backend doesn't need to lookup the entry again. + +.SH "Author" +.PP +Generated automatically by Doxygen for Heimdalhdblibrary from the source code. diff --git a/doc/doxyout/hdb/man/man3/hdb_fetch_kvno.3 b/doc/doxyout/hdb/man/man3/hdb_fetch_kvno.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_fetch_kvno.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_firstkey.3 b/doc/doxyout/hdb/man/man3/hdb_firstkey.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_firstkey.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_free.3 b/doc/doxyout/hdb/man/man3/hdb_free.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_free.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_get_realms.3 b/doc/doxyout/hdb/man/man3/hdb_get_realms.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_get_realms.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_lock.3 b/doc/doxyout/hdb/man/man3/hdb_lock.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_lock.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_name.3 b/doc/doxyout/hdb/man/man3/hdb_name.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_name.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_nextkey.3 b/doc/doxyout/hdb/man/man3/hdb_nextkey.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_nextkey.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_open.3 b/doc/doxyout/hdb/man/man3/hdb_open.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_open.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_password.3 b/doc/doxyout/hdb/man/man3/hdb_password.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_password.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_remove.3 b/doc/doxyout/hdb/man/man3/hdb_remove.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_remove.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_rename.3 b/doc/doxyout/hdb/man/man3/hdb_rename.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_rename.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_store.3 b/doc/doxyout/hdb/man/man3/hdb_store.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_store.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/man/man3/hdb_unlock.3 b/doc/doxyout/hdb/man/man3/hdb_unlock.3 new file mode 100644 index 000000000000..46f8e91739a1 --- /dev/null +++ b/doc/doxyout/hdb/man/man3/hdb_unlock.3 @@ -0,0 +1 @@ +.so man3/HDB.3 diff --git a/doc/doxyout/hdb/manpages b/doc/doxyout/hdb/manpages new file mode 100644 index 000000000000..c6d2fe2361fd --- /dev/null +++ b/doc/doxyout/hdb/manpages @@ -0,0 +1,24 @@ +hdb/man/man3/HDB.3 +hdb/man/man3/hdb__del.3 +hdb/man/man3/hdb__get.3 +hdb/man/man3/hdb__put.3 +hdb/man/man3/hdb_auth_status.3 +hdb/man/man3/hdb_check_constrained_delegation.3 +hdb/man/man3/hdb_check_pkinit_ms_upn_match.3 +hdb/man/man3/hdb_check_s4u2self.3 +hdb/man/man3/hdb_close.3 +hdb/man/man3/hdb_destroy.3 +hdb/man/man3/hdb_entry_ex.3 +hdb/man/man3/hdb_fetch_kvno.3 +hdb/man/man3/hdb_firstkey.3 +hdb/man/man3/hdb_free.3 +hdb/man/man3/hdb_get_realms.3 +hdb/man/man3/hdb_lock.3 +hdb/man/man3/hdb_name.3 +hdb/man/man3/hdb_nextkey.3 +hdb/man/man3/hdb_open.3 +hdb/man/man3/hdb_password.3 +hdb/man/man3/hdb_remove.3 +hdb/man/man3/hdb_rename.3 +hdb/man/man3/hdb_store.3 +hdb/man/man3/hdb_unlock.3 diff --git a/doc/doxyout/hx509/html/doxygen.css b/doc/doxyout/hx509/html/doxygen.css new file mode 100644 index 000000000000..22c484301dd1 --- /dev/null +++ b/doc/doxyout/hx509/html/doxygen.css @@ -0,0 +1,473 @@ +BODY,H1,H2,H3,H4,H5,H6,P,CENTER,TD,TH,UL,DL,DIV { + font-family: Geneva, Arial, Helvetica, sans-serif; +} +BODY,TD { + font-size: 90%; +} +H1 { + text-align: center; + font-size: 160%; +} +H2 { + font-size: 120%; +} +H3 { + font-size: 100%; +} +CAPTION { + font-weight: bold +} +DIV.qindex { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navpath { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navtab { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +TD.navtab { + font-size: 70%; +} +A.qindex { + text-decoration: none; + font-weight: bold; + color: #1A419D; +} +A.qindex:visited { + text-decoration: none; + font-weight: bold; + color: #1A419D +} +A.qindex:hover { + text-decoration: none; + background-color: #ddddff; +} +A.qindexHL { + text-decoration: none; + font-weight: bold; + background-color: #6666cc; + color: #ffffff; + border: 1px double #9295C2; +} +A.qindexHL:hover { + text-decoration: none; + background-color: #6666cc; + color: #ffffff; +} +A.qindexHL:visited { + text-decoration: none; + background-color: #6666cc; + color: #ffffff +} +A.el { + text-decoration: none; + font-weight: bold +} +A.elRef { + font-weight: bold +} +A.code:link { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.code:visited { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.codeRef:link { + font-weight: normal; + color: #0000FF +} +A.codeRef:visited { + font-weight: normal; + color: #0000FF +} +A:hover { + text-decoration: none; + background-color: #f2f2ff +} +DL.el { + margin-left: -1cm +} +.fragment { + font-family: monospace, fixed; + font-size: 95%; +} +PRE.fragment { + border: 1px solid #CCCCCC; + background-color: #f5f5f5; + margin-top: 4px; + margin-bottom: 4px; + margin-left: 2px; + margin-right: 8px; + padding-left: 6px; + padding-right: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +DIV.ah { + background-color: black; + font-weight: bold; + color: #ffffff; + margin-bottom: 3px; + margin-top: 3px +} + +DIV.groupHeader { + margin-left: 16px; + margin-top: 12px; + margin-bottom: 6px; + font-weight: bold; +} +DIV.groupText { + margin-left: 16px; + font-style: italic; + font-size: 90% +} +BODY { + background: white; + color: black; + margin-right: 20px; + margin-left: 20px; +} +TD.indexkey { + background-color: #e8eef2; + font-weight: bold; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TD.indexvalue { + background-color: #e8eef2; + font-style: italic; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TR.memlist { + background-color: #f0f0f0; +} +P.formulaDsp { + text-align: center; +} +IMG.formulaDsp { +} +IMG.formulaInl { + vertical-align: middle; +} +SPAN.keyword { color: #008000 } +SPAN.keywordtype { color: #604020 } +SPAN.keywordflow { color: #e08000 } +SPAN.comment { color: #800000 } +SPAN.preprocessor { color: #806020 } +SPAN.stringliteral { color: #002080 } +SPAN.charliteral { color: #008080 } +SPAN.vhdldigit { color: #ff00ff } +SPAN.vhdlchar { color: #000000 } +SPAN.vhdlkeyword { color: #700070 } +SPAN.vhdllogic { color: #ff0000 } + +.mdescLeft { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.mdescRight { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.memItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplParams { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + color: #606060; + background-color: #FAFAFA; + font-size: 80%; +} +.search { + color: #003399; + font-weight: bold; +} +FORM.search { + margin-bottom: 0px; + margin-top: 0px; +} +INPUT.search { + font-size: 75%; + color: #000080; + font-weight: normal; + background-color: #e8eef2; +} +TD.tiny { + font-size: 75%; +} +a { + color: #1A41A8; +} +a:visited { + color: #2A3798; +} +.dirtab { + padding: 4px; + border-collapse: collapse; + border: 1px solid #84b0c7; +} +TH.dirtab { + background: #e8eef2; + font-weight: bold; +} +HR { + height: 1px; + border: none; + border-top: 1px solid black; +} + +/* Style for detailed member documentation */ +.memtemplate { + font-size: 80%; + color: #606060; + font-weight: normal; + margin-left: 3px; +} +.memnav { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +.memitem { + padding: 4px; + background-color: #eef3f5; + border-width: 1px; + border-style: solid; + border-color: #dedeee; + -moz-border-radius: 8px 8px 8px 8px; +} +.memname { + white-space: nowrap; + font-weight: bold; +} +.memdoc{ + padding-left: 10px; +} +.memproto { + background-color: #d5e1e8; + width: 100%; + border-width: 1px; + border-style: solid; + border-color: #84b0c7; + font-weight: bold; + -moz-border-radius: 8px 8px 8px 8px; +} +.paramkey { + text-align: right; +} +.paramtype { + white-space: nowrap; +} +.paramname { + color: #602020; + font-style: italic; + white-space: nowrap; +} +/* End Styling for detailed member documentation */ + +/* for the tree view */ +.ftvtree { + font-family: sans-serif; + margin:0.5em; +} +/* these are for tree view when used as main index */ +.directory { + font-size: 9pt; + font-weight: bold; +} +.directory h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} + +/* The following two styles can be used to replace the root node title */ +/* with an image of your choice. Simply uncomment the next two styles, */ +/* specify the name of your image and be sure to set 'height' to the */ +/* proper pixel height of your image. */ + +/* .directory h3.swap { */ +/* height: 61px; */ +/* background-repeat: no-repeat; */ +/* background-image: url("yourimage.gif"); */ +/* } */ +/* .directory h3.swap span { */ +/* display: none; */ +/* } */ + +.directory > h3 { + margin-top: 0; +} +.directory p { + margin: 0px; + white-space: nowrap; +} +.directory div { + display: none; + margin: 0px; +} +.directory img { + vertical-align: -30%; +} +/* these are for tree view when not used as main index */ +.directory-alt { + font-size: 100%; + font-weight: bold; +} +.directory-alt h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} +.directory-alt > h3 { + margin-top: 0; +} +.directory-alt p { + margin: 0px; + white-space: nowrap; +} +.directory-alt div { + display: none; + margin: 0px; +} +.directory-alt img { + vertical-align: -30%; +} + diff --git a/doc/doxyout/hx509/html/doxygen.png b/doc/doxyout/hx509/html/doxygen.png new file mode 100644 index 0000000000000000000000000000000000000000..f0a274bbaffdd67f6d784c894d9cf28729db0e14 GIT binary patch literal 1281 zcmaJ>ZA?>F7(Vx-ms?uoS`b@hdRtpo6o^%HU>M$hfGrBvQnk$LE?p^P!kn&ikhyq! zX~V@&tPF5Qt@V?oTL96Bi%aRiwbe1)9DWQI#?)=HxS7QSw`J`5fAJ*eJbB;uNuKA& zdERDo*{Y<(If(#(B$Lr#;nB(8Y#ia=ZCeW?JfPLuQY`=@cW$k}Rivq|vbxGrRq1Tl9;+(gNt?}UtVKM2`T5t1jLzuL@0UIs`S#vlhl4)^ zLgSYrPj@$+`|j?eSbXTmiHGkWxV8V}BzNR?pl9k_s4pDu9vd5a_UzZEPk)}Ad{AV_ zzddrjrh4=Imr`E06;LY{)YYt?o}L~H@7C}F^WB!Ra=v`Q0bj{>5&$66CWF>mf6vjP z2N>RRY6ZYa=K`76>+|_)Xdwko+7wv}7cN|btOhWb(*{sta~6b?S8Omrxw}!4`NhGr zZVpNqpu1@BE`QGWNTpEpcJVW5izu~2B^GlM?1(OPg)zwW;QcP@Ltcclm>XbJL9C|j z=9!2?ua=uIlf0%AndzHsRC}IyTL$EhAee(fdKB`?27KeS^2M8M_7b~PiCFO&r5LC7 z7gl1*a<8;SjNaw#h=843_AV9iZbWQOAp5YOC^&_F*9K0> zB|6%IDb?aM#3viTxkLU4aXg&@+CkNTOnQ1iMP*^?b|^lJy$4C)Zk4isV!|RZ*XhXh zw8q3$=*0LeGC!XI_Wc?dkT~3+*Gu%%yIqP+Wr3H$=&ROMQU6q}Ag^P~>c5vAEO;a- z_dK-3PPeKar%)6$j~vI2#*-YH!1h6HYVtwCX5_wM`iF#UKz&&@9Oo5w3%XGYrX zW>dY~)SG-((Yim%`InwgTvyRC?e=Wh^8KCao!R6Eg&TpVWUY1sN~4G}V?nFnEGo-; zHZ_$eW9-GnC%^WS9b z@p;-$oH#MtC0v>Q$HX%4^JdFdO$0cbv-W)Q TtK}Eh@>>I#ipmV1>S*>q-hkC} literal 0 HcmV?d00001 diff --git a/doc/doxyout/hx509/html/graph_legend.dot b/doc/doxyout/hx509/html/graph_legend.dot new file mode 100644 index 000000000000..4df0f1aa4864 --- /dev/null +++ b/doc/doxyout/hx509/html/graph_legend.dot @@ -0,0 +1,22 @@ +digraph G +{ + edge [fontname="FreeSans",fontsize=10,labelfontname="FreeSans",labelfontsize=10]; + node [fontname="FreeSans",fontsize=10,shape=record]; + Node9 [shape="box",label="Inherited",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",fillcolor="grey75",style="filled" fontcolor="black"]; + Node10 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node10 [shape="box",label="PublicBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPublicBase.html"]; + Node11 -> Node10 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node11 [shape="box",label="Truncated",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="red",URL="$classTruncated.html"]; + Node13 -> Node9 [dir=back,color="darkgreen",fontsize=10,style="solid",fontname="FreeSans"]; + Node13 [shape="box",label="ProtectedBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classProtectedBase.html"]; + Node14 -> Node9 [dir=back,color="firebrick4",fontsize=10,style="solid",fontname="FreeSans"]; + Node14 [shape="box",label="PrivateBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPrivateBase.html"]; + Node15 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node15 [shape="box",label="Undocumented",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="grey75"]; + Node16 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node16 [shape="box",label="Templ< int >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node17 -> Node16 [dir=back,color="orange",fontsize=10,style="dashed",label="< int >",fontname="FreeSans"]; + Node17 [shape="box",label="Templ< T >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node18 -> Node9 [dir=back,color="darkorchid3",fontsize=10,style="dashed",label="m_usedClass",fontname="FreeSans"]; + Node18 [shape="box",label="Used",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classUsed.html"]; +} diff --git a/doc/doxyout/hx509/html/graph_legend.html b/doc/doxyout/hx509/html/graph_legend.html new file mode 100644 index 000000000000..ce8bcc878339 --- /dev/null +++ b/doc/doxyout/hx509/html/graph_legend.html @@ -0,0 +1,88 @@ + + +Heimdalx509library: Graph Legend + + + +

+keyhole logo +

+ + + +
+

Graph Legend

This page explains how to interpret the graphs that are generated by doxygen.

+Consider the following example: 

/*! Invisible class because of truncation */
+class Invisible { };
+
+/*! Truncated class, inheritance relation is hidden */
+class Truncated : public Invisible { };
+
+/* Class not documented with doxygen comments */
+class Undocumented { };
+
+/*! Class that is inherited using public inheritance */
+class PublicBase : public Truncated { };
+
+/*! A template class */
+template<class T> class Templ { };
+
+/*! Class that is inherited using protected inheritance */
+class ProtectedBase { };
+
+/*! Class that is inherited using private inheritance */
+class PrivateBase { };
+
+/*! Class that is used by the Inherited class */
+class Used { };
+
+/*! Super class that inherits a number of other classes */
+class Inherited : public PublicBase,
+                  protected ProtectedBase,
+                  private PrivateBase,
+                  public Undocumented,
+                  public Templ<int>
+{
+  private:
+    Used *m_usedClass;
+};
+
If the MAX_DOT_GRAPH_HEIGHT tag in the configuration file is set to 240 this will result in the following graph:

+

+graph_legend.png +
+

+The boxes in the above graph have the following meaning:

    +
  • +A filled gray box represents the struct or class for which the graph is generated.
    • +
  • +A box with a black border denotes a documented struct or class.
    • +
  • +A box with a grey border denotes an undocumented struct or class.
    • +
  • +A box with a red border denotes a documented struct or class forwhich not all inheritance/containment relations are shown. A graph is truncated if it does not fit within the specified boundaries.
    • +
+The arrows have the following meaning:
    +
  • +A dark blue arrow is used to visualize a public inheritance relation between two classes.
    • +
  • +A dark green arrow is used for protected inheritance.
    • +
  • +A dark red arrow is used for private inheritance.
    • +
  • +A purple dashed arrow is used if a class is contained or used by another class. The arrow is labeled with the variable(s) through which the pointed class or struct is accessible.
    • +
  • +A yellow dashed arrow denotes a relation between a template instance and the template class it was instantiated from. The arrow is labeled with the template parameters of the instance.
    • +
+
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/graph_legend.png b/doc/doxyout/hx509/html/graph_legend.png new file mode 100644 index 0000000000000000000000000000000000000000..9b96937bfd5f7a36ea8dbf2d64ed1bc0768f074d GIT binary patch literal 4256 zcmbVQdpOkH_8+NND!Jtq6-jtSR7_-I$|WI0?zfSY$_$d3afzvf+>+dd5k>AJ%rwTO zToWRpOjQk;SpA-vZaxFm|)qS zZ0&nc$jcV$urMS*mT>5$AW~=+0-V=-hk3d;65QJTE=oj@xp?1=Mih?*SJGP9x;tMV zMGEN%60bmjDaijL58nc4RjF^hegOwU1I*ccRUmxdMkPM4ng0%#|DsH zA6uS>izR^x-*dYB+Y^@(q_fm3bgQzJ)xH_6x>lGwshWF+C5$5dh3sYD)tK+C6U)CD z^Xomarii5PA4v8qF_zz#buUwD?ro`8dC&7V-sShflU~*CBDZ04x4+3qE16W{eL_xd z3YaO}b1qpA9YL|0YKdw~2PzM=1=7+ItLm0+tST@%D(MNDzHR)+2t0d#|s}$9i(3xGzT8VL8o-ltIwH zpspqZeXR&2qA6r=nJVuhHO>d5w2$gp9i$H^6ROz!yNTjvm&9kupV73|GPJbXR%Sq0{>>GOn}^wshXC&C~6F@ zQEtikDzl-h2C}qRulGQ3fxzQMGiQH>nv}zkLLPr|qAC;3@PP$cr?(+-t?Wl3jb0<+ z#bCd_jVJ74%s*@eBjHtio7tZ>$BFt@%$M_C#AZgnzPm@&TXYQgE_Vo-ac(6wcJS^F zq)^14asP#Se^m*cnG^`{K>nXv_jhChvr_3s{zCkoqlsf=o8GQ>m@l2)em-YYT;u5A zvL(o`$7n~F&}`E{@&v375BP8e8N#D`H-e$%bEytQt-6o^PA%Dz4c-UeB{`~c4E<$L zY5E6~rKXj#P=fpct4bMP!auX;p7jtP@Li|`r|L0{yav|CLqtLNI5sNFr)16{NP2=B zyY+-Wnh;%3ctC&{8FU{!e29-)s6j~L{~V=%0`Mo=V6^am+1%z2<9r3tD~6uUPff|k zVx!)!?zoJ8FYTDC+V^!??@ z4c>lSL|BU?N^?Ew@NJxJzG9eMGFyR)(2&@Nt!t3%JLT|%6obYCChp}`hP)dkti;UH zm+B_wyb0#h=*|iH4Fx&x>#k_WnyfzU(!KMagDGGLWwz39qG2@`w4@&@8MH}K=hcV> zo@xJdqtMHqtZ+UobNt|FkIRV*_Z#K{{Bb)#j z9XM+oNQX|Dn7$9c4;PX=9NRr)QYm+3 z zx^AyiP)aaJ#E<#aI_Z4M0qo~}6_b{Fw7LjYEpq&2eP4e=;`V;2lQjooTv3dWIpwWu z2b1z&DZD^dJ%5Ah@TPsb?SUP1RZa2=43!k>cAI`kktGdN*#k}_EFYJBtdo09U?xBs z9K9CSx_e{=df>B<4TT_=s52}n^1IKq){xhJIZR<%sQ$rL)Ww)Yt%WkDo#ad}s&Gx5 z={);tH9sSrJ>yD-tu!$ob?tPKmFU3SdDt@i5ULq$P+JZ&rBZXITMM2R4_v1ibgOiq zMgY#(>xF-;&)HonG+sHE@%)-B1*r)@ga3!db-Vc_x}smbXU4=Ycmit0F{Z9Z=q9*k zSY@ypaOs8`MX!BUZQ8*PNmX5$J|!1|LUar)5#Wv*4#g@nfsebEcx9@8Xwfb0Q9P(} z=SQ6#aIE*x06hjIS#Bd%McoJc%>SXksuJY|iLLCE2cQVDS=q0ExRn*~`i=fOw%XSg zjPMNGM@azaROpa|{rz4!=+zKM?qLTssH`{-E+@6Hhis|f3;+_M-ZtTHa|~uvmR1gf ztc+og%<|DBdt%HY{wmosZ0Dwo_$k|E-l5uc@dsfQXM7S|Iz@BxYy&z}hOFW|~F{vQ0Osp+?FjWk}l^^`$3d&Um1 z?&sxr?AAGlD4Khy<_>4od`Bblh?&9%UY#-Jq!c|?kU+hLL^MH@`5+jaq0btJpn7*b#Oeh1GEn6atjaCyIWfr0OqB$o*_K7>Hw0 z?BwrA^UZy(f_CdPoNz0!X6_EX?r80CuKuJ>x7Nfyd8EE%k&D?|=iJJfS>IQjndp+} zQwBq!$`>mvPmG!I^V(%R)Gym_|72^0&$a-L)TN^qtKvF!jlxIo?PRq6kTb-X53|%h z?IKy}wPh>cXPpl!CgqlED%v-a$)H5&WV66^EQctD_=l_ z8tuq$z=3tBNHyzQ{oqHd0c`bijo3DfaK&P6ljOYB*yU$_@k`qhq8=mtA4jS1B1K(j zvo2FBwlJ2mJRPCUqlyR$(a}O)y*2{y;Q!N$t<@I0rtBY~s9-^ohW}mp>mSLEID_fCC?)BC#xQVv6?MP3l1#chr!wPGR>M7_ma= zq&T4QLL#pPdxWMc8$@t?@@dX?v6SXk)pHf5YJBDF1J==c$=Ycr+-OyqR^Hvbl3sPR z*>|+VVnI4^ix_q({i~Ss$FYFSvqug*Szu}$jsTR7w#ajG&vB+e-65%XO$A}#xf?z1 zg)!qcIUN0peM-ZkW0&88#R#(`yIXN3nMRX3+scl<5eJ{+iXh{t%uA$^_(QR&k?6b}K!<(1P zqwP4`%br=wo_WfO34*7x=@)Qk8fo1(!f2_Wx<|KCf>TXR>Fs0He*PA|d0Gy2j)&Wm z%VnPoVWk((0ZN^Z;9t1nfauExQsXD8>~~^(ibEcj>iyB>^{0^bacb(gZMDZOg!?o2 zVa@4%Q3kdQ_jg7p|GidA+;Dh4mlhvBOEsuq(9T4mj7oc$7JRBo7sK z*E^0e%k=;_*U4pQ>$TPd_p@|Nm&X+6SCcizU6^Uhlfh+H#~(#zENDe!uqZ){ma3WhTpgE+}F#p~*bqL)ZYn`y8- zBOJ+jO4A2S!yO<}KP2QQ_3v@|Y0!qSg0~x9LPU!Rsy0*lW)2#guxB_)5P-_Hzz)sa zrnuTszvZ!oPt?A{2s%#E?qLUMss-0P-a={w>U|QXvO8{_pDLhOoY0}ZSU>&a#hJ<$ zf4Q&uT+Go7?*M0-NYFE>V%3O24hlHr&CvTIS_##QeB#n}e(gAe6vWs=NZv-DofbkO zu7$-h7Q@{+$HyEaDZEwf6AwUFq;NBnTgsf5s%mT33zz?)Ep+-3VmZ8*J#3y~)Ura$ zpPFz&43@7o6>!a?EZ!3?!?z=`K9*}HvAgu@#TSq?Ptjq6-{ylGIr3f2q%wW0|I7*vVROWS&K z1ujjlesAY3i{h8`HADO2qu*4TzqaC^gbVQY}Bcx zdccd&Kl-bUFIRb=gLuNk3HsaqMMi`2e%ujt?uM0xCs*bj=EwvJFU`+a_d(+X)YjtG z8ViTUA+`cG73Cc^6!T_s=HK)o?m&=mp;4>0A$DnH#54&G^7{I|FO#0N%dZAibZ>6* z?nPYXp5X^8B9a_9oS$PjT-x+F#$I{v>ysq>cBG2e?JyMGV2r`NPxrsx8;iIjX^q~Dr;D*ylh literal 0 HcmV?d00001 diff --git a/doc/doxyout/hx509/html/group__hx509.html b/doc/doxyout/hx509/html/group__hx509.html new file mode 100644 index 000000000000..57f2b7b9396f --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509.html @@ -0,0 +1,89 @@ + + +Heimdalx509library: hx509 library + + + +

+keyhole logo +

+ + + +
+

hx509 library

+ + + + + + +

Functions

int hx509_context_init (hx509_context *context)
void hx509_context_free (hx509_context *context)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + +
void hx509_context_free (hx509_context *  context  ) 
+
+
+ +

+Free the context allocated by hx509_context_init().

+

Parameters:
+ + +
context context to be freed.
+
+ +
+

+ +

+
+ + + + + + + + + +
int hx509_context_init (hx509_context *  context  ) 
+
+
+ +

+Creates a hx509 context that most functions in the library uses. The context is only allowed to be used by one thread at each moment. Free the context with hx509_context_free().

+

Parameters:
+ + +
context Returns a pointer to new hx509 context.
+
+
Returns:
Returns an hx509 error code.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__ca.html b/doc/doxyout/hx509/html/group__hx509__ca.html new file mode 100644 index 000000000000..36d354eb6414 --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__ca.html @@ -0,0 +1,1179 @@ + + +Heimdalx509library: hx509 CA functions + + + +

+keyhole logo +

+ + + +
+

hx509 CA functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

int hx509_ca_tbs_init (hx509_context context, hx509_ca_tbs *tbs)
void hx509_ca_tbs_free (hx509_ca_tbs *tbs)
int hx509_ca_tbs_set_notBefore (hx509_context context, hx509_ca_tbs tbs, time_t t)
int hx509_ca_tbs_set_notAfter (hx509_context context, hx509_ca_tbs tbs, time_t t)
int hx509_ca_tbs_set_notAfter_lifetime (hx509_context context, hx509_ca_tbs tbs, time_t delta)
struct units * hx509_ca_tbs_template_units (void)
int hx509_ca_tbs_set_template (hx509_context context, hx509_ca_tbs tbs, int flags, hx509_cert cert)
int hx509_ca_tbs_set_ca (hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)
int hx509_ca_tbs_set_proxy (hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)
int hx509_ca_tbs_set_domaincontroller (hx509_context context, hx509_ca_tbs tbs)
int hx509_ca_tbs_set_spki (hx509_context context, hx509_ca_tbs tbs, const SubjectPublicKeyInfo *spki)
int hx509_ca_tbs_set_serialnumber (hx509_context context, hx509_ca_tbs tbs, const heim_integer *serialNumber)
int hx509_ca_tbs_add_eku (hx509_context context, hx509_ca_tbs tbs, const heim_oid *oid)
int hx509_ca_tbs_add_crl_dp_uri (hx509_context context, hx509_ca_tbs tbs, const char *uri, hx509_name issuername)
int hx509_ca_tbs_add_san_otherName (hx509_context context, hx509_ca_tbs tbs, const heim_oid *oid, const heim_octet_string *os)
int hx509_ca_tbs_add_san_pkinit (hx509_context context, hx509_ca_tbs tbs, const char *principal)
int hx509_ca_tbs_add_san_ms_upn (hx509_context context, hx509_ca_tbs tbs, const char *principal)
int hx509_ca_tbs_add_san_jid (hx509_context context, hx509_ca_tbs tbs, const char *jid)
int hx509_ca_tbs_add_san_hostname (hx509_context context, hx509_ca_tbs tbs, const char *dnsname)
int hx509_ca_tbs_add_san_rfc822name (hx509_context context, hx509_ca_tbs tbs, const char *rfc822Name)
int hx509_ca_tbs_set_subject (hx509_context context, hx509_ca_tbs tbs, hx509_name subject)
int hx509_ca_tbs_set_unique (hx509_context context, hx509_ca_tbs tbs, const heim_bit_string *subjectUniqueID, const heim_bit_string *issuerUniqueID)
int hx509_ca_tbs_subject_expand (hx509_context context, hx509_ca_tbs tbs, hx509_env env)
int hx509_ca_sign (hx509_context context, hx509_ca_tbs tbs, hx509_cert signer, hx509_cert *certificate)
int hx509_ca_sign_self (hx509_context context, hx509_ca_tbs tbs, hx509_private_key signer, hx509_cert *certificate)
+

Detailed Description

+See the Hx509 CA functions for description and examples.

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_sign (hx509_context  context,
hx509_ca_tbs  tbs,
hx509_cert  signer,
hx509_cert *  certificate 
)
+
+
+ +

+Sign a to-be-signed certificate object with a issuer certificate.

+The caller needs to at least have called the following functions on the to-be-signed certificate object:

+

+When done the to-be-signed certificate object should be freed with hx509_ca_tbs_free().

+When creating self-signed certificate use hx509_ca_sign_self() instead.

+

Parameters:
+ + + + + +
context A hx509 context.
tbs object to be signed.
signer the CA certificate object to sign with (need private key).
certificate return cerificate, free with hx509_cert_free().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_sign_self (hx509_context  context,
hx509_ca_tbs  tbs,
hx509_private_key  signer,
hx509_cert *  certificate 
)
+
+
+ +

+Work just like hx509_ca_sign() but signs it-self.

+

Parameters:
+ + + + + +
context A hx509 context.
tbs object to be signed.
signer private key to sign with.
certificate return cerificate, free with hx509_cert_free().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_add_crl_dp_uri (hx509_context  context,
hx509_ca_tbs  tbs,
const char *  uri,
hx509_name  issuername 
)
+
+
+ +

+Add CRL distribution point URI to the to-be-signed certificate object.

+

Parameters:
+ + + + + +
context A hx509 context.
tbs object to be signed.
uri uri to the CRL.
issuername name of the issuer.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +

+issuername not supported +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_add_eku (hx509_context  context,
hx509_ca_tbs  tbs,
const heim_oid *  oid 
)
+
+
+ +

+An an extended key usage to the to-be-signed certificate object. Duplicates will detected and not added.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
oid extended key usage to add.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_add_san_hostname (hx509_context  context,
hx509_ca_tbs  tbs,
const char *  dnsname 
)
+
+
+ +

+Add a Subject Alternative Name hostname to to-be-signed certificate object. A domain match starts with ., an exact match does not.

+Example of a an domain match: .domain.se matches the hostname host.domain.se.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
dnsname a hostame.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_add_san_jid (hx509_context  context,
hx509_ca_tbs  tbs,
const char *  jid 
)
+
+
+ +

+Add a Jabber/XMPP jid Subject Alternative Name to the to-be-signed certificate object. The jid is an UTF8 string.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
jid string of an a jabber id in UTF8.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_add_san_ms_upn (hx509_context  context,
hx509_ca_tbs  tbs,
const char *  principal 
)
+
+
+ +

+Add Microsoft UPN Subject Alternative Name to the to-be-signed certificate object. The principal string is a UTF8 string.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
principal Microsoft UPN string.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_add_san_otherName (hx509_context  context,
hx509_ca_tbs  tbs,
const heim_oid *  oid,
const heim_octet_string *  os 
)
+
+
+ +

+Add Subject Alternative Name otherName to the to-be-signed certificate object.

+

Parameters:
+ + + + + +
context A hx509 context.
tbs object to be signed.
oid the oid of the OtherName.
os data in the other name.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_add_san_pkinit (hx509_context  context,
hx509_ca_tbs  tbs,
const char *  principal 
)
+
+
+ +

+Add Kerberos Subject Alternative Name to the to-be-signed certificate object. The principal string is a UTF8 string.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
principal Kerberos principal to add to the certificate.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_add_san_rfc822name (hx509_context  context,
hx509_ca_tbs  tbs,
const char *  rfc822Name 
)
+
+
+ +

+Add a Subject Alternative Name rfc822 (email address) to to-be-signed certificate object.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
rfc822Name a string to a email address.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + +
void hx509_ca_tbs_free (hx509_ca_tbs *  tbs  ) 
+
+
+ +

+Free an To Be Signed object.

+

Parameters:
+ + +
tbs object to free.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_init (hx509_context  context,
hx509_ca_tbs *  tbs 
)
+
+
+ +

+Allocate an to-be-signed certificate object that will be converted into an certificate.

+

Parameters:
+ + + +
context A hx509 context.
tbs returned to-be-signed certicate object, free with hx509_ca_tbs_free().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_set_ca (hx509_context  context,
hx509_ca_tbs  tbs,
int  pathLenConstraint 
)
+
+
+ +

+Make the to-be-signed certificate object a CA certificate. If the pathLenConstraint is negative path length constraint is used.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
pathLenConstraint path length constraint, negative, no constraint.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_set_domaincontroller (hx509_context  context,
hx509_ca_tbs  tbs 
)
+
+
+ +

+Make the to-be-signed certificate object a windows domain controller certificate.

+

Parameters:
+ + + +
context A hx509 context.
tbs object to be signed.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_set_notAfter (hx509_context  context,
hx509_ca_tbs  tbs,
time_t  t 
)
+
+
+ +

+Set the absolute time when the certificate is valid to.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
t time when the certificate will expire
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_set_notAfter_lifetime (hx509_context  context,
hx509_ca_tbs  tbs,
time_t  delta 
)
+
+
+ +

+Set the relative time when the certificiate is going to expire.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
delta seconds to the certificate is going to expire.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_set_notBefore (hx509_context  context,
hx509_ca_tbs  tbs,
time_t  t 
)
+
+
+ +

+Set the absolute time when the certificate is valid from. If not set the current time will be used.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
t time the certificated will start to be valid
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_set_proxy (hx509_context  context,
hx509_ca_tbs  tbs,
int  pathLenConstraint 
)
+
+
+ +

+Make the to-be-signed certificate object a proxy certificate. If the pathLenConstraint is negative path length constraint is used.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
pathLenConstraint path length constraint, negative, no constraint.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_set_serialnumber (hx509_context  context,
hx509_ca_tbs  tbs,
const heim_integer *  serialNumber 
)
+
+
+ +

+Set the serial number to use for to-be-signed certificate object.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
serialNumber serial number to use for the to-be-signed certificate object.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_set_spki (hx509_context  context,
hx509_ca_tbs  tbs,
const SubjectPublicKeyInfo *  spki 
)
+
+
+ +

+Set the subject public key info (SPKI) in the to-be-signed certificate object. SPKI is the public key and key related parameters in the certificate.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
spki subject public key info to use for the to-be-signed certificate object.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_set_subject (hx509_context  context,
hx509_ca_tbs  tbs,
hx509_name  subject 
)
+
+
+ +

+Set the subject name of a to-be-signed certificate object.

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
subject the name to set a subject.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_set_template (hx509_context  context,
hx509_ca_tbs  tbs,
int  flags,
hx509_cert  cert 
)
+
+
+ +

+Initialize the to-be-signed certificate object from a template certifiate.

+

Parameters:
+ + + + + +
context A hx509 context.
tbs object to be signed.
flags bit field selecting what to copy from the template certifiate.
cert template certificate.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_set_unique (hx509_context  context,
hx509_ca_tbs  tbs,
const heim_bit_string *  subjectUniqueID,
const heim_bit_string *  issuerUniqueID 
)
+
+
+ +

+Set the issuerUniqueID and subjectUniqueID

+These are only supposed to be used considered with version 2 certificates, replaced by the two extensions SubjectKeyIdentifier and IssuerKeyIdentifier. This function is to allow application using legacy protocol to issue them.

+

Parameters:
+ + + + + +
context A hx509 context.
tbs object to be signed.
issuerUniqueID to be set
subjectUniqueID to be set
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ca_tbs_subject_expand (hx509_context  context,
hx509_ca_tbs  tbs,
hx509_env  env 
)
+
+
+ +

+Expand the the subject name in the to-be-signed certificate object using hx509_name_expand().

+

Parameters:
+ + + + +
context A hx509 context.
tbs object to be signed.
env enviroment variable to expand variables in the subject name, see hx509_env_init().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + +
struct units* hx509_ca_tbs_template_units (void   )  [read]
+
+
+ +

+Make of template units, use to build flags argument to hx509_ca_tbs_set_template() with parse_units().

+

Returns:
an units structure.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__cert.html b/doc/doxyout/hx509/html/group__hx509__cert.html new file mode 100644 index 000000000000..4ebc2613f270 --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__cert.html @@ -0,0 +1,1425 @@ + + +Heimdalx509library: hx509 certificate functions + + + +

+keyhole logo +

+ + + +
+

hx509 certificate functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

int hx509_cert_init (hx509_context context, const Certificate *c, hx509_cert *cert)
int hx509_cert_init_data (hx509_context context, const void *ptr, size_t len, hx509_cert *cert)
void hx509_cert_free (hx509_cert cert)
hx509_cert hx509_cert_ref (hx509_cert cert)
void hx509_verify_ctx_f_allow_default_trustanchors (hx509_verify_ctx ctx, int boolean)
int hx509_cert_find_subjectAltName_otherName (hx509_context context, hx509_cert cert, const heim_oid *oid, hx509_octet_string_list *list)
int hx509_cert_cmp (hx509_cert p, hx509_cert q)
int hx509_cert_get_issuer (hx509_cert p, hx509_name *name)
int hx509_cert_get_subject (hx509_cert p, hx509_name *name)
int hx509_cert_get_base_subject (hx509_context context, hx509_cert c, hx509_name *name)
int hx509_cert_get_serialnumber (hx509_cert p, heim_integer *i)
time_t hx509_cert_get_notBefore (hx509_cert p)
time_t hx509_cert_get_notAfter (hx509_cert p)
int hx509_cert_get_SPKI (hx509_context context, hx509_cert p, SubjectPublicKeyInfo *spki)
int hx509_cert_get_SPKI_AlgorithmIdentifier (hx509_context context, hx509_cert p, AlgorithmIdentifier *alg)
int hx509_cert_get_issuer_unique_id (hx509_context context, hx509_cert p, heim_bit_string *issuer)
int hx509_cert_get_subject_unique_id (hx509_context context, hx509_cert p, heim_bit_string *subject)
int hx509_verify_hostname (hx509_context context, const hx509_cert cert, int flags, hx509_hostname_type type, const char *hostname, const struct sockaddr *sa, int sa_size)
hx509_cert_attribute hx509_cert_get_attribute (hx509_cert cert, const heim_oid *oid)
int hx509_cert_set_friendly_name (hx509_cert cert, const char *name)
const char * hx509_cert_get_friendly_name (hx509_cert cert)
int hx509_query_alloc (hx509_context context, hx509_query **q)
void hx509_query_match_option (hx509_query *q, hx509_query_option option)
int hx509_query_match_issuer_serial (hx509_query *q, const Name *issuer, const heim_integer *serialNumber)
int hx509_query_match_friendly_name (hx509_query *q, const char *name)
int hx509_query_match_eku (hx509_query *q, const heim_oid *eku)
int hx509_query_match_cmp_func (hx509_query *q, int(*func)(hx509_context, hx509_cert, void *), void *ctx)
void hx509_query_free (hx509_context context, hx509_query *q)
void hx509_query_statistic_file (hx509_context context, const char *fn)
void hx509_query_unparse_stats (hx509_context context, int printtype, FILE *out)
int hx509_cert_check_eku (hx509_context context, hx509_cert cert, const heim_oid *eku, int allow_any_eku)
int hx509_cert_binary (hx509_context context, hx509_cert c, heim_octet_string *os)
int hx509_print_cert (hx509_context context, hx509_cert cert, FILE *out)
+

Detailed Description

+See the The basic certificate for description and examples.

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cert_binary (hx509_context  context,
hx509_cert  c,
heim_octet_string *  os 
)
+
+
+ +

+Encodes the hx509 certificate as a DER encode binary.

+

Parameters:
+ + + + +
context A hx509 context.
c the certificate to encode.
os the encode certificate, set to NULL, 0 on case of error. Free the os->data with hx509_xfree().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cert_check_eku (hx509_context  context,
hx509_cert  cert,
const heim_oid *  eku,
int  allow_any_eku 
)
+
+
+ +

+Check the extended key usage on the hx509 certificate.

+

Parameters:
+ + + + + +
context A hx509 context.
cert A hx509 context.
eku the EKU to check for
allow_any_eku if the any EKU is set, allow that to be a substitute.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_cert_cmp (hx509_cert  p,
hx509_cert  q 
)
+
+
+ +

+Compare to hx509 certificate object, useful for sorting.

+

Parameters:
+ + + +
p a hx509 certificate object.
q a hx509 certificate object.
+
+
Returns:
0 the objects are the same, returns > 0 is p is "larger" then q, < 0 if p is "smaller" then q.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cert_find_subjectAltName_otherName (hx509_context  context,
hx509_cert  cert,
const heim_oid *  oid,
hx509_octet_string_list *  list 
)
+
+
+ +

+Return a list of subjectAltNames specified by oid in the certificate. On error the

+The returned list of octet string should be freed with hx509_free_octet_string_list().

+

Parameters:
+ + + + + +
context A hx509 context.
cert a hx509 certificate object.
oid an oid to for SubjectAltName.
list list of matching SubjectAltName.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + +
void hx509_cert_free (hx509_cert  cert  ) 
+
+
+ +

+Free reference to the hx509 certificate object, if the refcounter reaches 0, the object if freed. Its allowed to pass in NULL.

+

Parameters:
+ + +
cert the cert to free.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
hx509_cert_attribute hx509_cert_get_attribute (hx509_cert  cert,
const heim_oid *  oid 
)
+
+
+ +

+Get an external attribute for the certificate, examples are friendly name and id.

+

Parameters:
+ + + +
cert hx509 certificate object to search
oid an oid to search for.
+
+
Returns:
an hx509_cert_attribute, only valid as long as the certificate is referenced.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cert_get_base_subject (hx509_context  context,
hx509_cert  c,
hx509_name *  name 
)
+
+
+ +

+Return the name of the base subject of the hx509 certificate. If the certiicate is a verified proxy certificate, the this function return the base certificate (root of the proxy chain). If the proxy certificate is not verified with the base certificate HX509_PROXY_CERTIFICATE_NOT_CANONICALIZED is returned.

+

Parameters:
+ + + + +
context a hx509 context.
c a hx509 certificate object.
name a pointer to a hx509 name, should be freed by hx509_name_free(). See also hx509_cert_get_subject().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + +
const char* hx509_cert_get_friendly_name (hx509_cert  cert  ) 
+
+
+ +

+Get friendly name of the certificate.

+

Parameters:
+ + +
cert cert to get the friendly name from.
+
+
Returns:
an friendly name or NULL if there is. The friendly name is only valid as long as the certificate is referenced.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_cert_get_issuer (hx509_cert  p,
hx509_name *  name 
)
+
+
+ +

+Return the name of the issuer of the hx509 certificate.

+

Parameters:
+ + + +
p a hx509 certificate object.
name a pointer to a hx509 name, should be freed by hx509_name_free().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cert_get_issuer_unique_id (hx509_context  context,
hx509_cert  p,
heim_bit_string *  issuer 
)
+
+
+ +

+Get a copy of the Issuer Unique ID

+

Parameters:
+ + + + +
context a hx509_context
p a hx509 certificate
issuer the issuer id returned, free with der_free_bit_string()
+
+
Returns:
An hx509 error code, see hx509_get_error_string(). The error code HX509_EXTENSION_NOT_FOUND is returned if the certificate doesn't have a issuerUniqueID
+ +
+

+ +

+
+ + + + + + + + + +
time_t hx509_cert_get_notAfter (hx509_cert  p  ) 
+
+
+ +

+Get notAfter time of the certificate.

+

Parameters:
+ + +
p a hx509 certificate object.
+
+
Returns:
return not after time.
+ +
+

+ +

+
+ + + + + + + + + +
time_t hx509_cert_get_notBefore (hx509_cert  p  ) 
+
+
+ +

+Get notBefore time of the certificate.

+

Parameters:
+ + +
p a hx509 certificate object.
+
+
Returns:
return not before time
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_cert_get_serialnumber (hx509_cert  p,
heim_integer *  i 
)
+
+
+ +

+Get serial number of the certificate.

+

Parameters:
+ + + +
p a hx509 certificate object.
i serial number, should be freed ith der_free_heim_integer().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cert_get_SPKI (hx509_context  context,
hx509_cert  p,
SubjectPublicKeyInfo *  spki 
)
+
+
+ +

+Get the SubjectPublicKeyInfo structure from the hx509 certificate.

+

Parameters:
+ + + + +
context a hx509 context.
p a hx509 certificate object.
spki SubjectPublicKeyInfo, should be freed with free_SubjectPublicKeyInfo().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cert_get_SPKI_AlgorithmIdentifier (hx509_context  context,
hx509_cert  p,
AlgorithmIdentifier *  alg 
)
+
+
+ +

+Get the AlgorithmIdentifier from the hx509 certificate.

+

Parameters:
+ + + + +
context a hx509 context.
p a hx509 certificate object.
alg AlgorithmIdentifier, should be freed with free_AlgorithmIdentifier(). The algorithmidentifier is typicly rsaEncryption, or id-ecPublicKey, or some other public key mechanism.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_cert_get_subject (hx509_cert  p,
hx509_name *  name 
)
+
+
+ +

+Return the name of the subject of the hx509 certificate.

+

Parameters:
+ + + +
p a hx509 certificate object.
name a pointer to a hx509 name, should be freed by hx509_name_free(). See also hx509_cert_get_base_subject().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cert_get_subject_unique_id (hx509_context  context,
hx509_cert  p,
heim_bit_string *  subject 
)
+
+
+ +

+Get a copy of the Subect Unique ID

+

Parameters:
+ + + + +
context a hx509_context
p a hx509 certificate
subject the subject id returned, free with der_free_bit_string()
+
+
Returns:
An hx509 error code, see hx509_get_error_string(). The error code HX509_EXTENSION_NOT_FOUND is returned if the certificate doesn't have a subjectUniqueID
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cert_init (hx509_context  context,
const Certificate *  c,
hx509_cert *  cert 
)
+
+
+ +

+Allocate and init an hx509 certificate object from the decoded certificate `c´.

+

Parameters:
+ + + + +
context A hx509 context.
c 
cert 
+
+
Returns:
Returns an hx509 error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cert_init_data (hx509_context  context,
const void *  ptr,
size_t  len,
hx509_cert *  cert 
)
+
+
+ +

+Just like hx509_cert_init(), but instead of a decode certificate takes an pointer and length to a memory region that contains a DER/BER encoded certificate.

+If the memory region doesn't contain just the certificate and nothing more the function will fail with HX509_EXTRA_DATA_AFTER_STRUCTURE.

+

Parameters:
+ + + + + +
context A hx509 context.
ptr pointer to memory region containing encoded certificate.
len length of memory region.
cert a return pointer to a hx509 certificate object, will contain NULL on error.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + +
hx509_cert hx509_cert_ref (hx509_cert  cert  ) 
+
+
+ +

+Add a reference to a hx509 certificate object.

+

Parameters:
+ + +
cert a pointer to an hx509 certificate object.
+
+
Returns:
the same object as is passed in.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_cert_set_friendly_name (hx509_cert  cert,
const char *  name 
)
+
+
+ +

+Set the friendly name on the certificate.

+

Parameters:
+ + + +
cert The certificate to set the friendly name on
name Friendly name.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_print_cert (hx509_context  context,
hx509_cert  cert,
FILE *  out 
)
+
+
+ +

+Print a simple representation of a certificate

+

Parameters:
+ + + + +
context A hx509 context, can be NULL
cert certificate to print
out the stdio output stream, if NULL, stdout is used
+
+
Returns:
An hx509 error code
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_query_alloc (hx509_context  context,
hx509_query **  q 
)
+
+
+ +

+Allocate an query controller. Free using hx509_query_free().

+

Parameters:
+ + + +
context A hx509 context.
q return pointer to a hx509_query.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void hx509_query_free (hx509_context  context,
hx509_query *  q 
)
+
+
+ +

+Free the query controller.

+

Parameters:
+ + + +
context A hx509 context.
q a pointer to the query controller.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_query_match_cmp_func (hx509_query *  q,
int(*)(hx509_context, hx509_cert, void *)  func,
void *  ctx 
)
+
+
+ +

+Set the query controller to match using a specific match function.

+

Parameters:
+ + + + +
q a hx509 query controller.
func function to use for matching, if the argument is NULL, the match function is removed.
ctx context passed to the function.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_query_match_eku (hx509_query *  q,
const heim_oid *  eku 
)
+
+
+ +

+Set the query controller to require an one specific EKU (extended key usage). Any previous EKU matching is overwitten. If NULL is passed in as the eku, the EKU requirement is reset.

+

Parameters:
+ + + +
q a hx509 query controller.
eku an EKU to match on.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_query_match_friendly_name (hx509_query *  q,
const char *  name 
)
+
+
+ +

+Set the query controller to match on a friendly name

+

Parameters:
+ + + +
q a hx509 query controller.
name a friendly name to match on
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_query_match_issuer_serial (hx509_query *  q,
const Name *  issuer,
const heim_integer *  serialNumber 
)
+
+
+ +

+Set the issuer and serial number of match in the query controller. The function make copies of the isser and serial number.

+

Parameters:
+ + + + +
q a hx509 query controller
issuer issuer to search for
serialNumber the serialNumber of the issuer.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void hx509_query_match_option (hx509_query *  q,
hx509_query_option  option 
)
+
+
+ +

+Set match options for the hx509 query controller.

+

Parameters:
+ + + +
q query controller.
option options to control the query controller.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void hx509_query_statistic_file (hx509_context  context,
const char *  fn 
)
+
+
+ +

+Set a statistic file for the query statistics.

+

Parameters:
+ + + +
context A hx509 context.
fn statistics file name
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
void hx509_query_unparse_stats (hx509_context  context,
int  printtype,
FILE *  out 
)
+
+
+ +

+Unparse the statistics file and print the result on a FILE descriptor.

+

Parameters:
+ + + + +
context A hx509 context.
printtype tyep to print
out the FILE to write the data on.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void hx509_verify_ctx_f_allow_default_trustanchors (hx509_verify_ctx  ctx,
int  boolean 
)
+
+
+ +

+Allow using the operating system builtin trust anchors if no other trust anchors are configured.

+

Parameters:
+ + + +
ctx a verification context
boolean if non zero, useing the operating systems builtin trust anchors.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_verify_hostname (hx509_context  context,
const hx509_cert  cert,
int  flags,
hx509_hostname_type  type,
const char *  hostname,
const struct sockaddr *  sa,
int  sa_size 
)
+
+
+ +

+Verify that the certificate is allowed to be used for the hostname and address.

+

Parameters:
+ + + + + + + + +
context A hx509 context.
cert the certificate to match with
flags Flags to modify the behavior:
    +
  • HX509_VHN_F_ALLOW_NO_MATCH no match is ok
+
type type of hostname:
    +
  • HX509_HN_HOSTNAME for plain hostname.
  • HX509_HN_DNSSRV for DNS SRV names.
+
hostname the hostname to check
sa address of the host
sa_size length of address
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__cms.html b/doc/doxyout/hx509/html/group__hx509__cms.html new file mode 100644 index 000000000000..edcba13af2db --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__cms.html @@ -0,0 +1,504 @@ + + +Heimdalx509library: hx509 CMS/pkcs7 functions + + + +

+keyhole logo +

+ + + +
+

hx509 CMS/pkcs7 functions

+ + + + + + + + + + + + + + +

Functions

int hx509_cms_wrap_ContentInfo (const heim_oid *oid, const heim_octet_string *buf, heim_octet_string *res)
int hx509_cms_unwrap_ContentInfo (const heim_octet_string *in, heim_oid *oid, heim_octet_string *out, int *have_data)
int hx509_cms_unenvelope (hx509_context context, hx509_certs certs, int flags, const void *data, size_t length, const heim_octet_string *encryptedContent, time_t time_now, heim_oid *contentType, heim_octet_string *content)
int hx509_cms_envelope_1 (hx509_context context, int flags, hx509_cert cert, const void *data, size_t length, const heim_oid *encryption_type, const heim_oid *contentType, heim_octet_string *content)
int hx509_cms_verify_signed (hx509_context context, hx509_verify_ctx ctx, unsigned int flags, const void *data, size_t length, const heim_octet_string *signedContent, hx509_certs pool, heim_oid *contentType, heim_octet_string *content, hx509_certs *signer_certs)
int hx509_cms_create_signed_1 (hx509_context context, int flags, const heim_oid *eContentType, const void *data, size_t length, const AlgorithmIdentifier *digest_alg, hx509_cert cert, hx509_peer_info peer, hx509_certs anchors, hx509_certs pool, heim_octet_string *signed_data)
+

Detailed Description

+See the CMS/PKCS7 message functions. for description and examples.

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cms_create_signed_1 (hx509_context  context,
int  flags,
const heim_oid *  eContentType,
const void *  data,
size_t  length,
const AlgorithmIdentifier *  digest_alg,
hx509_cert  cert,
hx509_peer_info  peer,
hx509_certs  anchors,
hx509_certs  pool,
heim_octet_string *  signed_data 
)
+
+
+ +

+Decode SignedData and verify that the signature is correct.

+

Parameters:
+ + + + + + + + + + + + +
context A hx509 context.
flags 
eContentType the type of the data.
data data to sign
length length of the data that data point to.
digest_alg digest algorithm to use, use NULL to get the default or the peer determined algorithm.
cert certificate to use for sign the data.
peer info about the peer the message to send the message to, like what digest algorithm to use.
anchors trust anchors that the client will use, used to polulate the certificates included in the message
pool certificates to use in try to build the path to the trust anchors.
signed_data the output of the function, free with der_free_octet_string().
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cms_envelope_1 (hx509_context  context,
int  flags,
hx509_cert  cert,
const void *  data,
size_t  length,
const heim_oid *  encryption_type,
const heim_oid *  contentType,
heim_octet_string *  content 
)
+
+
+ +

+Encrypt end encode EnvelopedData.

+Encrypt and encode EnvelopedData. The data is encrypted with a random key and the the random key is encrypted with the certificates private key. This limits what private key type can be used to RSA.

+

Parameters:
+ + + + + + + + + +
context A hx509 context.
flags flags to control the behavior.
    +
  • HX509_CMS_EV_NO_KU_CHECK - Dont check KU on certificate
  • HX509_CMS_EV_ALLOW_WEAK - Allow weak crytpo
  • HX509_CMS_EV_ID_NAME - prefer issuer name and serial number
+
cert Certificate to encrypt the EnvelopedData encryption key with.
data pointer the data to encrypt.
length length of the data that data point to.
encryption_type Encryption cipher to use for the bulk data, use NULL to get default.
contentType type of the data that is encrypted
content the output of the function, free with der_free_octet_string().
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cms_unenvelope (hx509_context  context,
hx509_certs  certs,
int  flags,
const void *  data,
size_t  length,
const heim_octet_string *  encryptedContent,
time_t  time_now,
heim_oid *  contentType,
heim_octet_string *  content 
)
+
+
+ +

+Decode and unencrypt EnvelopedData.

+Extract data and parameteres from from the EnvelopedData. Also supports using detached EnvelopedData.

+

Parameters:
+ + + + + + + + + + +
context A hx509 context.
certs Certificate that can decrypt the EnvelopedData encryption key.
flags HX509_CMS_UE flags to control the behavior.
data pointer the structure the contains the DER/BER encoded EnvelopedData stucture.
length length of the data that data point to.
encryptedContent in case of detached signature, this contains the actual encrypted data, othersize its should be NULL.
time_now set the current time, if zero the library uses now as the date.
contentType output type oid, should be freed with der_free_oid().
content the data, free with der_free_octet_string().
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cms_unwrap_ContentInfo (const heim_octet_string *  in,
heim_oid *  oid,
heim_octet_string *  out,
int *  have_data 
)
+
+
+ +

+Decode an ContentInfo and unwrap data and oid it.

+

Parameters:
+ + + + + +
in the encoded buffer.
oid type of the content.
out data to be wrapped.
have_data since the data is optional, this flags show dthe diffrence between no data and the zero length data.
+
+
Returns:
Returns an hx509 error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cms_verify_signed (hx509_context  context,
hx509_verify_ctx  ctx,
unsigned int  flags,
const void *  data,
size_t  length,
const heim_octet_string *  signedContent,
hx509_certs  pool,
heim_oid *  contentType,
heim_octet_string *  content,
hx509_certs *  signer_certs 
)
+
+
+ +

+Decode SignedData and verify that the signature is correct.

+

Parameters:
+ + + + + + + + + + + +
context A hx509 context.
ctx a hx509 verify context.
flags to control the behaivor of the function.
    +
  • HX509_CMS_VS_NO_KU_CHECK - Don't check KeyUsage
  • HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH - allow oid mismatch
  • HX509_CMS_VS_ALLOW_ZERO_SIGNER - no signer, see below.
+
data pointer to CMS SignedData encoded data.
length length of the data that data point to.
signedContent external data used for signature.
pool certificate pool to build certificates paths.
contentType free with der_free_oid().
content the output of the function, free with der_free_octet_string().
signer_certs list of the cerficates used to sign this request, free with hx509_certs_free().
+
+ +

+If HX509_CMS_VS_NO_KU_CHECK is set, allow more liberal search for matching certificates by not considering KeyUsage bits on the certificates.

+If HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH, allow encapContentInfo mismatch with the oid in signedAttributes (or if no signedAttributes where use, pkcs7-data oid). This is only needed to work with broken CMS implementations that doesn't follow CMS signedAttributes rules.

+If HX509_CMS_VS_NO_VALIDATE flags is set, do not verify the signing certificates and leave that up to the caller.

+If HX509_CMS_VS_ALLOW_ZERO_SIGNER is set, allow empty SignerInfo (no signatures). If SignedData have no signatures, the function will return 0 with signer_certs set to NULL. Zero signers is allowed by the standard, but since its only useful in corner cases, it make into a flag that the caller have to turn on. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cms_wrap_ContentInfo (const heim_oid *  oid,
const heim_octet_string *  buf,
heim_octet_string *  res 
)
+
+
+ +

+Wrap data and oid in a ContentInfo and encode it.

+

Parameters:
+ + + + +
oid type of the content.
buf data to be wrapped. If a NULL pointer is passed in, the optional content field in the ContentInfo is not going be filled in.
res the encoded buffer, the result should be freed with der_free_octet_string().
+
+
Returns:
Returns an hx509 error code.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__crypto.html b/doc/doxyout/hx509/html/group__hx509__crypto.html new file mode 100644 index 000000000000..98029963db9b --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__crypto.html @@ -0,0 +1,92 @@ + + +Heimdalx509library: hx509 crypto functions + + + +

+keyhole logo +

+ + + +
+

hx509 crypto functions

+ + + + +

Functions

int hx509_verify_signature (hx509_context context, const hx509_cert signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_verify_signature (hx509_context  context,
const hx509_cert  signer,
const AlgorithmIdentifier *  alg,
const heim_octet_string *  data,
const heim_octet_string *  sig 
)
+
+
+ +

+Verify a signature made using the private key of an certificate.

+

Parameters:
+ + + + + + +
context A hx509 context.
signer the certificate that made the signature.
alg algorthm that was used to sign the data.
data the data that was signed.
sig the sigature to verify.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__env.html b/doc/doxyout/hx509/html/group__hx509__env.html new file mode 100644 index 000000000000..45c2cd13fc15 --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__env.html @@ -0,0 +1,311 @@ + + +Heimdalx509library: hx509 enviroment functions + + + +

+keyhole logo +

+ + + +
+

hx509 enviroment functions

+ + + + + + + + + + + + + + +

Functions

int hx509_env_add (hx509_context context, hx509_env *env, const char *key, const char *value)
int hx509_env_add_binding (hx509_context context, hx509_env *env, const char *key, hx509_env list)
const char * hx509_env_lfind (hx509_context context, hx509_env env, const char *key, size_t len)
const char * hx509_env_find (hx509_context context, hx509_env env, const char *key)
hx509_env hx509_env_find_binding (hx509_context context, hx509_env env, const char *key)
void hx509_env_free (hx509_env *env)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_env_add (hx509_context  context,
hx509_env *  env,
const char *  key,
const char *  value 
)
+
+
+ +

+Add a new key/value pair to the hx509_env.

+

Parameters:
+ + + + + +
context A hx509 context.
env enviroment to add the enviroment variable too.
key key to add
value value to add
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_env_add_binding (hx509_context  context,
hx509_env *  env,
const char *  key,
hx509_env  list 
)
+
+
+ +

+Add a new key/binding pair to the hx509_env.

+

Parameters:
+ + + + + +
context A hx509 context.
env enviroment to add the enviroment variable too.
key key to add
list binding list to add
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
const char* hx509_env_find (hx509_context  context,
hx509_env  env,
const char *  key 
)
+
+
+ +

+Search the hx509_env for a key.

+

Parameters:
+ + + + +
context A hx509 context.
env enviroment to add the enviroment variable too.
key key to search for.
+
+
Returns:
the value if the key is found, NULL otherwise.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
hx509_env hx509_env_find_binding (hx509_context  context,
hx509_env  env,
const char *  key 
)
+
+
+ +

+Search the hx509_env for a binding.

+

Parameters:
+ + + + +
context A hx509 context.
env enviroment to add the enviroment variable too.
key key to search for.
+
+
Returns:
the binding if the key is found, NULL if not found.
+ +
+

+ +

+
+ + + + + + + + + +
void hx509_env_free (hx509_env *  env  ) 
+
+
+ +

+Free an hx509_env enviroment context.

+

Parameters:
+ + +
env the enviroment to free.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
const char* hx509_env_lfind (hx509_context  context,
hx509_env  env,
const char *  key,
size_t  len 
)
+
+
+ +

+Search the hx509_env for a length based key.

+

Parameters:
+ + + + + +
context A hx509 context.
env enviroment to add the enviroment variable too.
key key to search for.
len length of key.
+
+
Returns:
the value if the key is found, NULL otherwise.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__error.html b/doc/doxyout/hx509/html/group__hx509__error.html new file mode 100644 index 000000000000..fe4bcdc5c323 --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__error.html @@ -0,0 +1,308 @@ + + +Heimdalx509library: hx509 error functions + + + +

+keyhole logo +

+ + + +
+

hx509 error functions

+ + + + + + + + + + + + + + +

Functions

void hx509_clear_error_string (hx509_context context)
void hx509_set_error_stringv (hx509_context context, int flags, int code, const char *fmt, va_list ap)
void hx509_set_error_string (hx509_context context, int flags, int code, const char *fmt,...)
char * hx509_get_error_string (hx509_context context, int error_code)
void hx509_free_error_string (char *str)
void hx509_err (hx509_context context, int exit_code, int error_code, const char *fmt,...)
+

Detailed Description

+See the Hx509 error reporting functions for description and examples.

Function Documentation

+ +
+
+ + + + + + + + + +
void hx509_clear_error_string (hx509_context  context  ) 
+
+
+ +

+Resets the error strings the hx509 context.

+

Parameters:
+ + +
context A hx509 context.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
void hx509_err (hx509_context  context,
int  exit_code,
int  error_code,
const char *  fmt,
  ... 
)
+
+
+ +

+Print error message and fatally exit from error code

+

Parameters:
+ + + + + + +
context A hx509 context.
exit_code exit() code from process.
error_code Error code for the reason to exit.
fmt format string with the exit message.
... argument to format string.
+
+ +
+

+ +

+
+ + + + + + + + + +
void hx509_free_error_string (char *  str  ) 
+
+
+ +

+Free error string returned by hx509_get_error_string().

+

Parameters:
+ + +
str error string to free.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
char* hx509_get_error_string (hx509_context  context,
int  error_code 
)
+
+
+ +

+Get an error string from context associated with error_code.

+

Parameters:
+ + + +
context A hx509 context.
error_code Get error message for this error code.
+
+
Returns:
error string, free with hx509_free_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
void hx509_set_error_string (hx509_context  context,
int  flags,
int  code,
const char *  fmt,
  ... 
)
+
+
+ +

+See hx509_set_error_stringv().

+

Parameters:
+ + + + + + +
context A hx509 context.
flags 
    +
  • HX509_ERROR_APPEND appends the error string to the old messages (code is updated).
+
code error code related to error message
fmt error message format
... arguments to error message format
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
void hx509_set_error_stringv (hx509_context  context,
int  flags,
int  code,
const char *  fmt,
va_list  ap 
)
+
+
+ +

+Add an error message to the hx509 context.

+

Parameters:
+ + + + + + +
context A hx509 context.
flags 
    +
  • HX509_ERROR_APPEND appends the error string to the old messages (code is updated).
+
code error code related to error message
fmt error message format
ap arguments to error message format
+
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__keyset.html b/doc/doxyout/hx509/html/group__hx509__keyset.html new file mode 100644 index 000000000000..2c050c1e24b0 --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__keyset.html @@ -0,0 +1,781 @@ + + +Heimdalx509library: hx509 certificate store functions + + + +

+keyhole logo +

+ + + +
+

hx509 certificate store functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

int hx509_certs_init (hx509_context context, const char *name, int flags, hx509_lock lock, hx509_certs *certs)
int hx509_certs_store (hx509_context context, hx509_certs certs, int flags, hx509_lock lock)
void hx509_certs_free (hx509_certs *certs)
int hx509_certs_start_seq (hx509_context context, hx509_certs certs, hx509_cursor *cursor)
int hx509_certs_next_cert (hx509_context context, hx509_certs certs, hx509_cursor cursor, hx509_cert *cert)
int hx509_certs_end_seq (hx509_context context, hx509_certs certs, hx509_cursor cursor)
int hx509_certs_iter_f (hx509_context context, hx509_certs certs, int(*func)(hx509_context, void *, hx509_cert), void *ctx)
int hx509_ci_print_names (hx509_context context, void *ctx, hx509_cert c)
int hx509_certs_add (hx509_context context, hx509_certs certs, hx509_cert cert)
int hx509_certs_find (hx509_context context, hx509_certs certs, const hx509_query *q, hx509_cert *r)
int hx509_certs_filter (hx509_context context, hx509_certs certs, const hx509_query *q, hx509_certs *result)
int hx509_certs_merge (hx509_context context, hx509_certs to, hx509_certs from)
int hx509_certs_append (hx509_context context, hx509_certs to, hx509_lock lock, const char *name)
int hx509_get_one_cert (hx509_context context, hx509_certs certs, hx509_cert *c)
int hx509_certs_info (hx509_context context, hx509_certs certs, int(*func)(void *, const char *), void *ctx)
+

Detailed Description

+See the Certificate store operations for description and examples.

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_certs_add (hx509_context  context,
hx509_certs  certs,
hx509_cert  cert 
)
+
+
+ +

+Add a certificate to the certificiate store.

+The receiving keyset certs will either increase reference counter of the cert or make a deep copy, either way, the caller needs to free the cert itself.

+

Parameters:
+ + + + +
context a hx509 context.
certs certificate store to add the certificate to.
cert certificate to add.
+
+
Returns:
Returns an hx509 error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_certs_append (hx509_context  context,
hx509_certs  to,
hx509_lock  lock,
const char *  name 
)
+
+
+ +

+Same a hx509_certs_merge() but use a lock and name to describe the from source.

+

Parameters:
+ + + + + +
context a hx509 context.
to the store to merge into.
lock a lock that unlocks the certificates store, use NULL to select no password/certifictes/prompt lock (see Locking and unlocking certificates and encrypted data.).
name name of the source store
+
+
Returns:
Returns an hx509 error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_certs_end_seq (hx509_context  context,
hx509_certs  certs,
hx509_cursor  cursor 
)
+
+
+ +

+End the iteration over certificates.

+

Parameters:
+ + + + +
context a hx509 context.
certs certificate store to iterate over.
cursor cursor that will keep track of progress, freed.
+
+
Returns:
Returns an hx509 error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_certs_filter (hx509_context  context,
hx509_certs  certs,
const hx509_query *  q,
hx509_certs *  result 
)
+
+
+ +

+Filter certificate matching the query.

+

Parameters:
+ + + + + +
context a hx509 context.
certs certificate store to search.
q query allocated with hx509 query functions functions.
result the filtered certificate store, caller must free with hx509_certs_free().
+
+
Returns:
Returns an hx509 error code.
+ +

+Return HX509_CERT_NOT_FOUND if no certificate in certs matched the query. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_certs_find (hx509_context  context,
hx509_certs  certs,
const hx509_query *  q,
hx509_cert *  r 
)
+
+
+ +

+Find a certificate matching the query.

+

Parameters:
+ + + + + +
context a hx509 context.
certs certificate store to search.
q query allocated with hx509 query functions functions.
r return certificate (or NULL on error), should be freed with hx509_cert_free().
+
+
Returns:
Returns an hx509 error code.
+ +

+Return HX509_CERT_NOT_FOUND if no certificate in certs matched the query. +

+

+ +

+
+ + + + + + + + + +
void hx509_certs_free (hx509_certs *  certs  ) 
+
+
+ +

+Free a certificate store.

+

Parameters:
+ + +
certs certificate store to free.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_certs_info (hx509_context  context,
hx509_certs  certs,
int(*)(void *, const char *)  func,
void *  ctx 
)
+
+
+ +

+Print some info about the certificate store.

+

Parameters:
+ + + + + +
context a hx509 context.
certs certificate store to print information about.
func function that will get each line of the information, if NULL is used the data is printed on a FILE descriptor that should be passed in ctx, if ctx also is NULL, stdout is used.
ctx parameter to func.
+
+
Returns:
Returns an hx509 error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_certs_init (hx509_context  context,
const char *  name,
int  flags,
hx509_lock  lock,
hx509_certs *  certs 
)
+
+
+ +

+Open or creates a new hx509 certificate store.

+

Parameters:
+ + + + + + +
context A hx509 context
name name of the store, format is TYPE:type-specific-string, if NULL is used the MEMORY store is used.
flags list of flags:
    +
  • HX509_CERTS_CREATE create a new keystore of the specific TYPE.
  • HX509_CERTS_UNPROTECT_ALL fails if any private key failed to be extracted.
+
lock a lock that unlocks the certificates store, use NULL to select no password/certifictes/prompt lock (see Locking and unlocking certificates and encrypted data.).
certs return pointer, free with hx509_certs_free().
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_certs_iter_f (hx509_context  context,
hx509_certs  certs,
int(*)(hx509_context, void *, hx509_cert)  func,
void *  ctx 
)
+
+
+ +

+Iterate over all certificates in a keystore and call an function for each fo them.

+

Parameters:
+ + + + + +
context a hx509 context.
certs certificate store to iterate over.
func function to call for each certificate. The function should return non-zero to abort the iteration, that value is passed back to the caller of hx509_certs_iter_f().
ctx context variable that will passed to the function.
+
+
Returns:
Returns an hx509 error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_certs_merge (hx509_context  context,
hx509_certs  to,
hx509_certs  from 
)
+
+
+ +

+Merge a certificate store into another. The from store is keep intact.

+

Parameters:
+ + + + +
context a hx509 context.
to the store to merge into.
from the store to copy the object from.
+
+
Returns:
Returns an hx509 error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_certs_next_cert (hx509_context  context,
hx509_certs  certs,
hx509_cursor  cursor,
hx509_cert *  cert 
)
+
+
+ +

+Get next ceritificate from the certificate keystore pointed out by cursor.

+

Parameters:
+ + + + + +
context a hx509 context.
certs certificate store to iterate over.
cursor cursor that keeps track of progress.
cert return certificate next in store, NULL if the store contains no more certificates. Free with hx509_cert_free().
+
+
Returns:
Returns an hx509 error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_certs_start_seq (hx509_context  context,
hx509_certs  certs,
hx509_cursor *  cursor 
)
+
+
+ +

+Start the integration

+

Parameters:
+ + + + +
context a hx509 context.
certs certificate store to iterate over
cursor cursor that will keep track of progress, free with hx509_certs_end_seq().
+
+
Returns:
Returns an hx509 error code. HX509_UNSUPPORTED_OPERATION is returned if the certificate store doesn't support the iteration operation.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_certs_store (hx509_context  context,
hx509_certs  certs,
int  flags,
hx509_lock  lock 
)
+
+
+ +

+Write the certificate store to stable storage.

+

Parameters:
+ + + + + +
context A hx509 context.
certs a certificate store to store.
flags currently unused, use 0.
lock a lock that unlocks the certificates store, use NULL to select no password/certifictes/prompt lock (see Locking and unlocking certificates and encrypted data.).
+
+
Returns:
Returns an hx509 error code. HX509_UNSUPPORTED_OPERATION if the certificate store doesn't support the store operation.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ci_print_names (hx509_context  context,
void *  ctx,
hx509_cert  c 
)
+
+
+ +

+Iterate over all certificates in a keystore and call an function for each fo them.

+

Parameters:
+ + + + +
context a hx509 context.
certs certificate store to iterate over.
func function to call for each certificate. The function should return non-zero to abort the iteration, that value is passed back to the caller of hx509_certs_iter().
+
+
Returns:
Returns an hx509 error code. Function to use to hx509_certs_iter_f() as a function argument, the ctx variable to hx509_certs_iter_f() should be a FILE file descriptor.
+
Parameters:
+ + + + +
context a hx509 context.
ctx used by hx509_certs_iter_f().
c a certificate
+
+
Returns:
Returns an hx509 error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_get_one_cert (hx509_context  context,
hx509_certs  certs,
hx509_cert *  c 
)
+
+
+ +

+Get one random certificate from the certificate store.

+

Parameters:
+ + + + +
context a hx509 context.
certs a certificate store to get the certificate from.
c return certificate, should be freed with hx509_cert_free().
+
+
Returns:
Returns an hx509 error code.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__lock.html b/doc/doxyout/hx509/html/group__hx509__lock.html new file mode 100644 index 000000000000..c46a30835663 --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__lock.html @@ -0,0 +1,29 @@ + + +Heimdalx509library: hx509 lock functions + + + +

+keyhole logo +

+ + + +
+

hx509 lock functions

+ +
+See the Locking and unlocking certificates and encrypted data. for description and examples.
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__misc.html b/doc/doxyout/hx509/html/group__hx509__misc.html new file mode 100644 index 000000000000..547db5ea235b --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__misc.html @@ -0,0 +1,88 @@ + + +Heimdalx509library: hx509 misc functions + + + +

+keyhole logo +

+ + + +
+

hx509 misc functions

+ + + + + + +

Functions

void hx509_free_octet_string_list (hx509_octet_string_list *list)
void hx509_xfree (void *ptr)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + +
void hx509_free_octet_string_list (hx509_octet_string_list *  list  ) 
+
+
+ +

+Free a list of octet strings returned by another hx509 library function.

+

Parameters:
+ + +
list list to be freed.
+
+ +
+

+ +

+
+ + + + + + + + + +
void hx509_xfree (void *  ptr  ) 
+
+
+ +

+Free a data element allocated in the library.

+

Parameters:
+ + +
ptr data to be freed.
+
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__name.html b/doc/doxyout/hx509/html/group__hx509__name.html new file mode 100644 index 000000000000..3cb3c8f78de0 --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__name.html @@ -0,0 +1,470 @@ + + +Heimdalx509library: hx509 name functions + + + +

+keyhole logo +

+ + + +
+

hx509 name functions

+ + + + + + + + + + + + + + + + + + + + + + + + +

Functions

int hx509_name_to_string (const hx509_name name, char **str)
int hx509_name_cmp (hx509_name n1, hx509_name n2)
int hx509_parse_name (hx509_context context, const char *str, hx509_name *name)
int hx509_name_copy (hx509_context context, const hx509_name from, hx509_name *to)
int hx509_name_to_Name (const hx509_name from, Name *to)
int hx509_name_expand (hx509_context context, hx509_name name, hx509_env env)
void hx509_name_free (hx509_name *name)
int hx509_unparse_der_name (const void *data, size_t length, char **str)
int hx509_name_binary (const hx509_name name, heim_octet_string *os)
int hx509_name_is_null_p (const hx509_name name)
int hx509_general_name_unparse (GeneralName *name, char **str)
+

Detailed Description

+See the PKIX/X.509 Names for description and examples.

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + +
int hx509_general_name_unparse (GeneralName *  name,
char **  str 
)
+
+
+ +

+Unparse the hx509 name in name into a string.

+

Parameters:
+ + + +
name the name to print
str an allocated string returns the name in string form
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_name_binary (const hx509_name  name,
heim_octet_string *  os 
)
+
+
+ +

+Convert a hx509_name object to DER encoded name.

+

Parameters:
+ + + +
name name to concert
os data to a DER encoded name, free the resulting octet string with hx509_xfree(os->data).
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_name_cmp (hx509_name  n1,
hx509_name  n2 
)
+
+
+ +

+Compare to hx509 name object, useful for sorting.

+

Parameters:
+ + + +
n1 a hx509 name object.
n2 a hx509 name object.
+
+
Returns:
0 the objects are the same, returns > 0 is n2 is "larger" then n2, < 0 if n1 is "smaller" then n2.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_name_copy (hx509_context  context,
const hx509_name  from,
hx509_name *  to 
)
+
+
+ +

+Copy a hx509 name object.

+

Parameters:
+ + + + +
context A hx509 cotext.
from the name to copy from
to the name to copy to
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_name_expand (hx509_context  context,
hx509_name  name,
hx509_env  env 
)
+
+
+ +

+Expands variables in the name using env. Variables are on the form ${name}. Useful when dealing with certificate templates.

+

Parameters:
+ + + + +
context A hx509 cotext.
name the name to expand.
env environment variable to expand.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +

+Only UTF8String rdnSequence names are allowed +

+

+ +

+
+ + + + + + + + + +
void hx509_name_free (hx509_name *  name  ) 
+
+
+ +

+Free a hx509 name object, upond return *name will be NULL.

+

Parameters:
+ + +
name a hx509 name object to be freed.
+
+ +
+

+ +

+
+ + + + + + + + + +
int hx509_name_is_null_p (const hx509_name  name  ) 
+
+
+ +

+Unparse the hx509 name in name into a string.

+

Parameters:
+ + +
name the name to check if its empty/null.
+
+
Returns:
non zero if the name is empty/null.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_name_to_Name (const hx509_name  from,
Name *  to 
)
+
+
+ +

+Convert a hx509_name into a Name.

+

Parameters:
+ + + +
from the name to copy from
to the name to copy to
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_name_to_string (const hx509_name  name,
char **  str 
)
+
+
+ +

+Convert the hx509 name object into a printable string. The resulting string should be freed with free().

+

Parameters:
+ + + +
name name to print
str the string to return
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_parse_name (hx509_context  context,
const char *  str,
hx509_name *  name 
)
+
+
+ +

+Parse a string into a hx509 name object.

+

Parameters:
+ + + + +
context A hx509 context.
str a string to parse.
name the resulting object, NULL in case of error.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_unparse_der_name (const void *  data,
size_t  length,
char **  str 
)
+
+
+ +

+Convert a DER encoded name info a string.

+

Parameters:
+ + + + +
data data to a DER/BER encoded name
length length of data
str the resulting string, is NULL on failure.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__peer.html b/doc/doxyout/hx509/html/group__hx509__peer.html new file mode 100644 index 000000000000..7f25d9057239 --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__peer.html @@ -0,0 +1,237 @@ + + +Heimdalx509library: hx509 certificate selecting functions + + + +

+keyhole logo +

+ + + +
+

hx509 certificate selecting functions

+ + + + + + + + + + + + +

Functions

int hx509_peer_info_alloc (hx509_context context, hx509_peer_info *peer)
void hx509_peer_info_free (hx509_peer_info peer)
int hx509_peer_info_set_cert (hx509_peer_info peer, hx509_cert cert)
int hx509_peer_info_add_cms_alg (hx509_context context, hx509_peer_info peer, const AlgorithmIdentifier *val)
int hx509_peer_info_set_cms_algs (hx509_context context, hx509_peer_info peer, const AlgorithmIdentifier *val, size_t len)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_peer_info_add_cms_alg (hx509_context  context,
hx509_peer_info  peer,
const AlgorithmIdentifier *  val 
)
+
+
+ +

+Add an additional algorithm that the peer supports.

+

Parameters:
+ + + + +
context A hx509 context.
peer the peer to set the new algorithms for
val an AlgorithmsIdentier to add
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_peer_info_alloc (hx509_context  context,
hx509_peer_info *  peer 
)
+
+
+ +

+Allocate a new peer info structure an init it to default values.

+

Parameters:
+ + + +
context A hx509 context.
peer return an allocated peer, free with hx509_peer_info_free().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + +
void hx509_peer_info_free (hx509_peer_info  peer  ) 
+
+
+ +

+Free a peer info structure.

+

Parameters:
+ + +
peer peer info to be freed.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_peer_info_set_cert (hx509_peer_info  peer,
hx509_cert  cert 
)
+
+
+ +

+Set the certificate that remote peer is using.

+

Parameters:
+ + + +
peer peer info to update
cert cerificate of the remote peer.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_peer_info_set_cms_algs (hx509_context  context,
hx509_peer_info  peer,
const AlgorithmIdentifier *  val,
size_t  len 
)
+
+
+ +

+Set the algorithms that the peer supports.

+

Parameters:
+ + + + + +
context A hx509 context.
peer the peer to set the new algorithms for
val array of supported AlgorithmsIdentiers
len length of array val.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__print.html b/doc/doxyout/hx509/html/group__hx509__print.html new file mode 100644 index 000000000000..4adaf2bbc1db --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__print.html @@ -0,0 +1,452 @@ + + +Heimdalx509library: hx509 printing functions + + + +

+keyhole logo +

+ + + +
+

hx509 printing functions

+ + + + + + + + + + + + + + + + + + + + + + +

Functions

void hx509_print_stdout (void *ctx, const char *fmt, va_list va)
int hx509_oid_sprint (const heim_oid *oid, char **str)
void hx509_oid_print (const heim_oid *oid, hx509_vprint_func func, void *ctx)
void hx509_bitstring_print (const heim_bit_string *b, hx509_vprint_func func, void *ctx)
int hx509_cert_keyusage_print (hx509_context context, hx509_cert c, char **s)
int hx509_validate_ctx_init (hx509_context context, hx509_validate_ctx *ctx)
void hx509_validate_ctx_set_print (hx509_validate_ctx ctx, hx509_vprint_func func, void *c)
void hx509_validate_ctx_add_flags (hx509_validate_ctx ctx, int flags)
void hx509_validate_ctx_free (hx509_validate_ctx ctx)
int hx509_validate_cert (hx509_context context, hx509_validate_ctx ctx, hx509_cert cert)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + +
void hx509_bitstring_print (const heim_bit_string *  b,
hx509_vprint_func  func,
void *  ctx 
)
+
+
+ +

+Print a bitstring using a hx509_vprint_func function. To print to stdout use hx509_print_stdout().

+

Parameters:
+ + + + +
b bit string to print.
func hx509_vprint_func to print with.
ctx context variable to hx509_vprint_func function.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_cert_keyusage_print (hx509_context  context,
hx509_cert  c,
char **  s 
)
+
+
+ +

+Print certificate usage for a certificate to a string.

+

Parameters:
+ + + + +
context A hx509 context.
c a certificate print the keyusage for.
s the return string with the keysage printed in to, free with hx509_xfree().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
void hx509_oid_print (const heim_oid *  oid,
hx509_vprint_func  func,
void *  ctx 
)
+
+
+ +

+Print a oid using a hx509_vprint_func function. To print to stdout use hx509_print_stdout().

+

Parameters:
+ + + + +
oid oid to print
func hx509_vprint_func to print with.
ctx context variable to hx509_vprint_func function.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_oid_sprint (const heim_oid *  oid,
char **  str 
)
+
+
+ +

+Print a oid to a string.

+

Parameters:
+ + + +
oid oid to print
str allocated string, free with hx509_xfree().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
void hx509_print_stdout (void *  ctx,
const char *  fmt,
va_list  va 
)
+
+
+ +

+Helper function to print on stdout for:

+

+

Parameters:
+ + + + +
ctx the context to the print function. If the ctx is NULL, stdout is used.
fmt the printing format.
va the argumet list.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_validate_cert (hx509_context  context,
hx509_validate_ctx  ctx,
hx509_cert  cert 
)
+
+
+ +

+Validate/Print the status of the certificate.

+

Parameters:
+ + + + +
context A hx509 context.
ctx A hx509 validation context.
cert the cerificate to validate/print.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void hx509_validate_ctx_add_flags (hx509_validate_ctx  ctx,
int  flags 
)
+
+
+ +

+Add flags to control the behaivor of the hx509_validate_cert() function.

+

Parameters:
+ + + +
ctx A hx509 validation context.
flags flags to add to the validation context.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + +
void hx509_validate_ctx_free (hx509_validate_ctx  ctx  ) 
+
+
+ +

+Free an hx509 validate context.

+

Parameters:
+ + +
ctx the hx509 validate context to free.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_validate_ctx_init (hx509_context  context,
hx509_validate_ctx *  ctx 
)
+
+
+ +

+Allocate a hx509 validation/printing context.

+

Parameters:
+ + + +
context A hx509 context.
ctx a new allocated hx509 validation context, free with hx509_validate_ctx_free().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
void hx509_validate_ctx_set_print (hx509_validate_ctx  ctx,
hx509_vprint_func  func,
void *  c 
)
+
+
+ +

+Set the printing functions for the validation context.

+

Parameters:
+ + + + +
ctx a hx509 valication context.
func the printing function to usea.
c the context variable to the printing function.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__query.html b/doc/doxyout/hx509/html/group__hx509__query.html new file mode 100644 index 000000000000..805215907dde --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__query.html @@ -0,0 +1,29 @@ + + +Heimdalx509library: hx509 query functions + + + +

+keyhole logo +

+ + + +
+

hx509 query functions

+ +
+
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__revoke.html b/doc/doxyout/hx509/html/group__hx509__revoke.html new file mode 100644 index 000000000000..43be74015db3 --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__revoke.html @@ -0,0 +1,378 @@ + + +Heimdalx509library: hx509 revokation checking functions + + + +

+keyhole logo +

+ + + +
+

hx509 revokation checking functions

+ + + + + + + + + + + + + + + + +

Functions

int hx509_revoke_init (hx509_context context, hx509_revoke_ctx *ctx)
void hx509_revoke_free (hx509_revoke_ctx *ctx)
int hx509_revoke_add_ocsp (hx509_context context, hx509_revoke_ctx ctx, const char *path)
int hx509_revoke_add_crl (hx509_context context, hx509_revoke_ctx ctx, const char *path)
int hx509_revoke_verify (hx509_context context, hx509_revoke_ctx ctx, hx509_certs certs, time_t now, hx509_cert cert, hx509_cert parent_cert)
int hx509_ocsp_request (hx509_context context, hx509_certs reqcerts, hx509_certs pool, hx509_cert signer, const AlgorithmIdentifier *digest, heim_octet_string *request, heim_octet_string *nonce)
int hx509_revoke_ocsp_print (hx509_context context, const char *path, FILE *out)
+

Detailed Description

+See the Revocation methods for description and examples.

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ocsp_request (hx509_context  context,
hx509_certs  reqcerts,
hx509_certs  pool,
hx509_cert  signer,
const AlgorithmIdentifier *  digest,
heim_octet_string *  request,
heim_octet_string *  nonce 
)
+
+
+ +

+Create an OCSP request for a set of certificates.

+

Parameters:
+ + + + + + + + +
context a hx509 context
reqcerts list of certificates to request ocsp data for
pool certificate pool to use when signing
signer certificate to use to sign the request
digest the signing algorithm in the request, if NULL use the default signature algorithm,
request the encoded request, free with free_heim_octet_string().
nonce nonce in the request, free with free_heim_octet_string().
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_revoke_add_crl (hx509_context  context,
hx509_revoke_ctx  ctx,
const char *  path 
)
+
+
+ +

+Add a CRL file to the revokation context.

+

Parameters:
+ + + + +
context hx509 context
ctx hx509 revokation context
path path to file that is going to be added to the context.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_revoke_add_ocsp (hx509_context  context,
hx509_revoke_ctx  ctx,
const char *  path 
)
+
+
+ +

+Add a OCSP file to the revokation context.

+

Parameters:
+ + + + +
context hx509 context
ctx hx509 revokation context
path path to file that is going to be added to the context.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + +
void hx509_revoke_free (hx509_revoke_ctx *  ctx  ) 
+
+
+ +

+Free a hx509 revokation context.

+

Parameters:
+ + +
ctx context to be freed
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_revoke_init (hx509_context  context,
hx509_revoke_ctx *  ctx 
)
+
+
+ +

+Allocate a revokation context. Free with hx509_revoke_free().

+

Parameters:
+ + + +
context A hx509 context.
ctx returns a newly allocated revokation context.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_revoke_ocsp_print (hx509_context  context,
const char *  path,
FILE *  out 
)
+
+
+ +

+Print the OCSP reply stored in a file.

+

Parameters:
+ + + + +
context a hx509 context
path path to a file with a OCSP reply
out the out FILE descriptor to print the reply on
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_revoke_verify (hx509_context  context,
hx509_revoke_ctx  ctx,
hx509_certs  certs,
time_t  now,
hx509_cert  cert,
hx509_cert  parent_cert 
)
+
+
+ +

+Check that a certificate is not expired according to a revokation context. Also need the parent certificte to the check OCSP parent identifier.

+

Parameters:
+ + + + + + + +
context hx509 context
ctx hx509 revokation context
certs 
now 
cert 
parent_cert 
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/group__hx509__verify.html b/doc/doxyout/hx509/html/group__hx509__verify.html new file mode 100644 index 000000000000..3b502946b960 --- /dev/null +++ b/doc/doxyout/hx509/html/group__hx509__verify.html @@ -0,0 +1,714 @@ + + +Heimdalx509library: hx509 verification functions + + + +

+keyhole logo +

+ + + +
+

hx509 verification functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

void hx509_context_set_missing_revoke (hx509_context context, int flag)
int hx509_verify_init_ctx (hx509_context context, hx509_verify_ctx *ctx)
void hx509_verify_destroy_ctx (hx509_verify_ctx ctx)
void hx509_verify_attach_anchors (hx509_verify_ctx ctx, hx509_certs set)
void hx509_verify_attach_revoke (hx509_verify_ctx ctx, hx509_revoke_ctx revoke_ctx)
void hx509_verify_set_time (hx509_verify_ctx ctx, time_t t)
void hx509_verify_set_max_depth (hx509_verify_ctx ctx, unsigned int max_depth)
void hx509_verify_set_proxy_certificate (hx509_verify_ctx ctx, int boolean)
void hx509_verify_set_strict_rfc3280_verification (hx509_verify_ctx ctx, int boolean)
int hx509_verify_path (hx509_context context, hx509_verify_ctx ctx, hx509_cert cert, hx509_certs pool)
int hx509_ocsp_verify (hx509_context context, time_t now, hx509_cert cert, int flags, const void *data, size_t length, time_t *expiration)
int hx509_crl_alloc (hx509_context context, hx509_crl *crl)
int hx509_crl_add_revoked_certs (hx509_context context, hx509_crl crl, hx509_certs certs)
int hx509_crl_lifetime (hx509_context context, hx509_crl crl, int delta)
void hx509_crl_free (hx509_context context, hx509_crl *crl)
int hx509_crl_sign (hx509_context context, hx509_cert signer, hx509_crl crl, heim_octet_string *os)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + +
void hx509_context_set_missing_revoke (hx509_context  context,
int  flag 
)
+
+
+ +

+Selects if the hx509_revoke_verify() function is going to require the existans of a revokation method (OCSP, CRL) or not. Note that hx509_verify_path(), hx509_cms_verify_signed(), and other function call hx509_revoke_verify().

+

Parameters:
+ + + +
context hx509 context to change the flag for.
flag zero, revokation method required, non zero missing revokation method ok
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_crl_add_revoked_certs (hx509_context  context,
hx509_crl  crl,
hx509_certs  certs 
)
+
+
+ +

+Add revoked certificate to an CRL context.

+

Parameters:
+ + + + +
context a hx509 context.
crl the CRL to add the revoked certificate to.
certs keyset of certificate to revoke.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_crl_alloc (hx509_context  context,
hx509_crl *  crl 
)
+
+
+ +

+Create a CRL context. Use hx509_crl_free() to free the CRL context.

+

Parameters:
+ + + +
context a hx509 context.
crl return pointer to a newly allocated CRL context.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void hx509_crl_free (hx509_context  context,
hx509_crl *  crl 
)
+
+
+ +

+Free a CRL context.

+

Parameters:
+ + + +
context a hx509 context.
crl a CRL context to free.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_crl_lifetime (hx509_context  context,
hx509_crl  crl,
int  delta 
)
+
+
+ +

+Set the lifetime of a CRL context.

+

Parameters:
+ + + + +
context a hx509 context.
crl a CRL context
delta delta time the certificate is valid, library adds the current time to this.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_crl_sign (hx509_context  context,
hx509_cert  signer,
hx509_crl  crl,
heim_octet_string *  os 
)
+
+
+ +

+Sign a CRL and return an encode certificate.

+

Parameters:
+ + + + + +
context a hx509 context.
signer certificate to sign the CRL with
crl the CRL to sign
os return the signed and encoded CRL, free with free_heim_octet_string()
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_ocsp_verify (hx509_context  context,
time_t  now,
hx509_cert  cert,
int  flags,
const void *  data,
size_t  length,
time_t *  expiration 
)
+
+
+ +

+Verify that the certificate is part of the OCSP reply and it's not expired. Doesn't verify signature the OCSP reply or it's done by a authorized sender, that is assumed to be already done.

+

Parameters:
+ + + + + + + + +
context a hx509 context
now the time right now, if 0, use the current time.
cert the certificate to verify
flags flags control the behavior
data pointer to the encode ocsp reply
length the length of the encode ocsp reply
expiration return the time the OCSP will expire and need to be rechecked.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void hx509_verify_attach_anchors (hx509_verify_ctx  ctx,
hx509_certs  set 
)
+
+
+ +

+Set the trust anchors in the verification context, makes an reference to the keyset, so the consumer can free the keyset independent of the destruction of the verification context (ctx). If there already is a keyset attached, it's released.

+

Parameters:
+ + + +
ctx a verification context
set a keyset containing the trust anchors.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void hx509_verify_attach_revoke (hx509_verify_ctx  ctx,
hx509_revoke_ctx  revoke_ctx 
)
+
+
+ +

+Attach an revocation context to the verfication context, , makes an reference to the revoke context, so the consumer can free the revoke context independent of the destruction of the verification context. If there is no revoke context, the verification process is NOT going to check any verification status.

+

Parameters:
+ + + +
ctx a verification context.
revoke_ctx a revoke context.
+
+ +
+

+ +

+
+ + + + + + + + + +
void hx509_verify_destroy_ctx (hx509_verify_ctx  ctx  ) 
+
+
+ +

+Free an hx509 verification context.

+

Parameters:
+ + +
ctx the context to be freed.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int hx509_verify_init_ctx (hx509_context  context,
hx509_verify_ctx *  ctx 
)
+
+
+ +

+Allocate an verification context that is used fo control the verification process.

+

Parameters:
+ + + +
context A hx509 context.
ctx returns a pointer to a hx509_verify_ctx object.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int hx509_verify_path (hx509_context  context,
hx509_verify_ctx  ctx,
hx509_cert  cert,
hx509_certs  pool 
)
+
+
+ +

+Build and verify the path for the certificate to the trust anchor specified in the verify context. The path is constructed from the certificate, the pool and the trust anchors.

+

Parameters:
+ + + + + +
context A hx509 context.
ctx A hx509 verification context.
cert the certificate to build the path from.
pool A keyset of certificates to build the chain from.
+
+
Returns:
An hx509 error code, see hx509_get_error_string().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void hx509_verify_set_max_depth (hx509_verify_ctx  ctx,
unsigned int  max_depth 
)
+
+
+ +

+Set the maximum depth of the certificate chain that the path builder is going to try.

+

Parameters:
+ + + +
ctx a verification context
max_depth maxium depth of the certificate chain, include trust anchor.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void hx509_verify_set_proxy_certificate (hx509_verify_ctx  ctx,
int  boolean 
)
+
+
+ +

+Allow or deny the use of proxy certificates

+

Parameters:
+ + + +
ctx a verification context
boolean if non zero, allow proxy certificates.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void hx509_verify_set_strict_rfc3280_verification (hx509_verify_ctx  ctx,
int  boolean 
)
+
+
+ +

+Select strict RFC3280 verification of certificiates. This means checking key usage on CA certificates, this will make version 1 certificiates unuseable.

+

Parameters:
+ + + +
ctx a verification context
boolean if non zero, use strict verification.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
void hx509_verify_set_time (hx509_verify_ctx  ctx,
time_t  t 
)
+
+
+ +

+Set the clock time the the verification process is going to use. Used to check certificate in the past and future time. If not set the current time will be used.

+

Parameters:
+ + + +
ctx a verification context.
t the time the verifiation is using.
+
+ +
+

+

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/index.html b/doc/doxyout/hx509/html/index.html new file mode 100644 index 000000000000..f38bb511c666 --- /dev/null +++ b/doc/doxyout/hx509/html/index.html @@ -0,0 +1,35 @@ + + +Heimdalx509library: Heimdal PKIX/X.509 library + + + +

+keyhole logo +

+ + + +
+

Heimdal PKIX/X.509 library

+

+

1.5

+Introduction

+Heimdal libhx509 library is a implementation of the PKIX/X.509 and related protocols.

+PKIX/X.509 is ...

+Sections in this manual are:

+

+The project web page: http://www.h5l.org/

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/modules.html b/doc/doxyout/hx509/html/modules.html new file mode 100644 index 000000000000..81cc5bec5564 --- /dev/null +++ b/doc/doxyout/hx509/html/modules.html @@ -0,0 +1,44 @@ + + +Heimdalx509library: Module Index + + + +

+keyhole logo +

+ + + +
+

Modules

Here is a list of all modules: +
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/page_ca.html b/doc/doxyout/hx509/html/page_ca.html new file mode 100644 index 000000000000..74cefdf2e2f4 --- /dev/null +++ b/doc/doxyout/hx509/html/page_ca.html @@ -0,0 +1,26 @@ + + +Heimdalx509library: Hx509 CA functions + + + +

+keyhole logo +

+ + + +
+

Hx509 CA functions

See the library functions here: hx509 CA functions
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/page_cert.html b/doc/doxyout/hx509/html/page_cert.html new file mode 100644 index 000000000000..6edf5848bfe9 --- /dev/null +++ b/doc/doxyout/hx509/html/page_cert.html @@ -0,0 +1,28 @@ + + +Heimdalx509library: The basic certificate + + + +

+keyhole logo +

+ + + +
+

The basic certificate

The basic hx509 cerificate object in hx509 is hx509_cert. The hx509_cert object is representing one X509/PKIX certificate and associated attributes; like private key, friendly name, etc.

+A hx509_cert object is usully found via the keyset interfaces (Certificate store operations), but its also possible to create a certificate directly from a parsed object with hx509_cert_init() and hx509_cert_init_data().

+See the library functions here: hx509 certificate functions

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/page_cms.html b/doc/doxyout/hx509/html/page_cms.html new file mode 100644 index 000000000000..52f082fbb209 --- /dev/null +++ b/doc/doxyout/hx509/html/page_cms.html @@ -0,0 +1,30 @@ + + +Heimdalx509library: CMS/PKCS7 message functions. + + + +

+keyhole logo +

+ + + +
+

CMS/PKCS7 message functions.

CMS is defined in RFC 3369 and is an continuation of the RSA Labs standard PKCS7. The basic messages in CMS is

+

    +
  • SignedData Data signed with private key (RSA, DSA, ECDSA) or secret (symmetric) key
  • EnvelopedData Data encrypted with private key (RSA)
  • EncryptedData Data encrypted with secret (symmetric) key.
  • ContentInfo Wrapper structure including type and data.
+

+See the library functions here: hx509 CMS/pkcs7 functions

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/page_env.html b/doc/doxyout/hx509/html/page_env.html new file mode 100644 index 000000000000..ec2ece063d9a --- /dev/null +++ b/doc/doxyout/hx509/html/page_env.html @@ -0,0 +1,26 @@ + + +Heimdalx509library: Hx509 enviroment functions + + + +

+keyhole logo +

+ + + +
+

Hx509 enviroment functions

See the library functions here: hx509 enviroment functions
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/page_error.html b/doc/doxyout/hx509/html/page_error.html new file mode 100644 index 000000000000..f3377d199775 --- /dev/null +++ b/doc/doxyout/hx509/html/page_error.html @@ -0,0 +1,26 @@ + + +Heimdalx509library: Hx509 error reporting functions + + + +

+keyhole logo +

+ + + +
+

Hx509 error reporting functions

See the library functions here: hx509 error functions
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/page_keyset.html b/doc/doxyout/hx509/html/page_keyset.html new file mode 100644 index 000000000000..8c8a6a43ba5b --- /dev/null +++ b/doc/doxyout/hx509/html/page_keyset.html @@ -0,0 +1,29 @@ + + +Heimdalx509library: Certificate store operations + + + +

+keyhole logo +

+ + + +
+

Certificate store operations

Type of certificates store:
    +
  • MEMORY In memory based format. Doesnt support storing.
  • FILE FILE supports raw DER certicates and PEM certicates. When PEM is used the file can contain may certificates and match private keys. Support storing the certificates. DER format only supports on certificate and no private key.
  • PEM-FILE Same as FILE, defaulting to PEM encoded certificates.
  • PEM-FILE Same as FILE, defaulting to DER encoded certificates.
  • PKCS11
  • PKCS12
  • DIR
  • KEYCHAIN Apple Mac OS X KeyChain backed keychain object.
+

+See the library functions here: hx509 certificate store functions

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/page_lock.html b/doc/doxyout/hx509/html/page_lock.html new file mode 100644 index 000000000000..ed88cf3d5ff0 --- /dev/null +++ b/doc/doxyout/hx509/html/page_lock.html @@ -0,0 +1,26 @@ + + +Heimdalx509library: Locking and unlocking certificates and encrypted data. + + + +

+keyhole logo +

+ + + +
+

Locking and unlocking certificates and encrypted data.

See the library functions here: hx509 lock functions
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/page_name.html b/doc/doxyout/hx509/html/page_name.html new file mode 100644 index 000000000000..3ca2020a9e98 --- /dev/null +++ b/doc/doxyout/hx509/html/page_name.html @@ -0,0 +1,32 @@ + + +Heimdalx509library: PKIX/X.509 Names + + + +

+keyhole logo +

+ + + +
+

PKIX/X.509 Names

There are several names in PKIX/X.509, GeneralName and Name.

+A Name consists of an ordered list of Relative Distinguished Names (RDN). Each RDN consists of an unordered list of typed strings. The types are defined by OID and have long and short description. For example id-at-commonName (2.5.4.3) have the long name CommonName and short name CN. The string itself can be of several encoding, UTF8, UTF16, Teltex string, etc. The type limit what encoding should be used.

+GeneralName is a broader nametype that can contains al kind of stuff like Name, IP addresses, partial Name, etc.

+Name is mapped into a hx509_name object.

+Parse and string name into a hx509_name object with hx509_parse_name(), make it back into string representation with hx509_name_to_string().

+Name string are defined rfc2253, rfc1779 and X.501.

+See the library functions here: hx509 name functions

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/page_peer.html b/doc/doxyout/hx509/html/page_peer.html new file mode 100644 index 000000000000..3dcbb2b17f09 --- /dev/null +++ b/doc/doxyout/hx509/html/page_peer.html @@ -0,0 +1,27 @@ + + +Heimdalx509library: Hx509 crypto selecting functions + + + +

+keyhole logo +

+ + + +
+

Hx509 crypto selecting functions

Peer info structures are used togeter with hx509_crypto_select() to select the best avaible crypto algorithm to use.

+See the library functions here: hx509 certificate selecting functions

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/page_print.html b/doc/doxyout/hx509/html/page_print.html new file mode 100644 index 000000000000..199c16705871 --- /dev/null +++ b/doc/doxyout/hx509/html/page_print.html @@ -0,0 +1,26 @@ + + +Heimdalx509library: Hx509 printing functions + + + +

+keyhole logo +

+ + + +
+

Hx509 printing functions

See the library functions here: hx509 printing functions
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/page_revoke.html b/doc/doxyout/hx509/html/page_revoke.html new file mode 100644 index 000000000000..5b358d347000 --- /dev/null +++ b/doc/doxyout/hx509/html/page_revoke.html @@ -0,0 +1,28 @@ + + +Heimdalx509library: Revocation methods + + + +

+keyhole logo +

+ + + +
+

Revocation methods

There are two revocation method for PKIX/X.509: CRL and OCSP. Revocation is needed if the private key is lost and stolen. Depending on how picky you are, you might want to make revocation for destroyed private keys too (smartcard broken), but that should not be a problem.

+CRL is a list of certifiates that have expired.

+OCSP is an online checking method where the requestor sends a list of certificates to the OCSP server to return a signed reply if they are valid or not. Some services sends a OCSP reply as part of the hand-shake to make the revoktion decision simpler/faster for the client.

+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/pages.html b/doc/doxyout/hx509/html/pages.html new file mode 100644 index 000000000000..f1aaf5a45d0b --- /dev/null +++ b/doc/doxyout/hx509/html/pages.html @@ -0,0 +1,50 @@ + + +Heimdalx509library: Page Index + + + +

+keyhole logo +

+ + + +
+

Related Pages

Here is a list of all related documentation pages: +
+
+Generated on Sat Jul 30 13:45:38 2011 for Heimdalx509library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/hx509/html/tab_b.gif b/doc/doxyout/hx509/html/tab_b.gif new file mode 100644 index 0000000000000000000000000000000000000000..0d623483ffdf5f9f96900108042a7ab0643fe2a3 GIT binary patch literal 35 ncmZ?wbhEHbWMp7uXkcJy*>IeJfk6j|fqX^=1|}vKMh0sDa2W*H literal 0 HcmV?d00001 diff --git a/doc/doxyout/hx509/html/tab_l.gif b/doc/doxyout/hx509/html/tab_l.gif new file mode 100644 index 0000000000000000000000000000000000000000..9b1e6337c9299a700401a2a78a2c6ffced475216 GIT binary patch literal 706 zcmZ?wbhEHbZT`}F1e&(Gg}Y(8=I;HA5#Z$3JI=gGB)FQ#odI(O&E^@q;x zK6mr*m3xOS-#u~t!I@i+u0DKm^U160k6t`|^WpV}&n+8{U%dD9&a>B#U%!9-@yol< zU%&tQ{rk_K|NsC0`}dE5ET99@1@a36+kb~?0UJ*yc&I3X_m z!ND^5$O7$#8OFRuDhG}!?8z?cdZK&!`PWjdR;Aj^wZ` zeK{IEYHBJ)6K8VIp1`BVt++swf6j+=L{p1*nO(VhE`pFexG@5$|>uaCcd z`0m=9m+yak{QmXN#Sc$^{$X9h9&q2jiKAI|&T)a;PPx2K9p`YIdw8HtR5k2Q$2-O2 z*;3y{MQ-RnJTgJfI&R5|O)AHxDf_00XbPvDZPy4t=hHd)nfLPvms&O`Ok(sD()5v$ z5U@&h;a=#xbxVbo2~X&Xj0Ie(f{v>vERH+qC+nTG=B8Nca=wU-O$?1&vUgV~9=!H; zx>3p9Yn%*<>t~sk+&0xfyS8RsPfYBd<~wWK%j-LmpU>O7yX^h#UCp1x-p#i7@bE;py8XI6 zmY<)m>~)W~yIWcMVoiPg{duuf<*)9qZ9l$m*Ph&W&$jlv*Vpa+{pH@n=IQ$L?0$ax ec60Ul|8o2P|NVbd{6P)#weSbE3}s?04AuZvx_~SI literal 0 HcmV?d00001 diff --git a/doc/doxyout/hx509/html/tab_r.gif b/doc/doxyout/hx509/html/tab_r.gif new file mode 100644 index 0000000000000000000000000000000000000000..ce9dd9f533cb5486d6941844f442b59d4a9e9175 GIT binary patch literal 2585 zcmbV}`9Bkk1ILFF--w5zJc=ZZT(zjE=;2|_S)Qm~rCWz1Pc)KPl;jv%A#&v2*x}yc zmf2~Jm~&=xjJY?PqwIN}f8qQ2{r$uH{c*nJbmr{cR5??*egHrs-B=MzCF`3%e{FAW z{oL5xTHn~5TM{jaB;@|_Ue5F&Zb@p(kMyG{*;gWDg zyeL|eZf7Qd8=#bXzSiR{yzRgLSj-fJS8>lBjVHN z^o-0eS=nE6a`W;LChBs=`+QAJP~{b93>H^eRb5kCSC1zUNezun%`L5M?RDzv#%jk7 zYVRX=vATPD`+oEfum^{RM@GjuP?-r=yh0!p;Vx^T9G7~`7%5ydH%70=jyJ;;`d;hv92x3R=z{xp+Lg2!*@OK*K15-t&okoPtSED)h&$RLxdbA zseWm^C3d%-yRNi-ryk^!ek+C`n&~cd$#ZWct_cUL{l~i+Nzx^5d!n94(>bW-iL~Rl z&8r)?q|1DIo=0=judQ{FaGcfLERz8gfn3-Qt<2lksh{mzpT}DXxUuR^z=^key&q4! z+wWI45vL0k$R^(F#{qfqhUsN@WA+w-V?LPH33!Q?WFSB3)WBojE@hK41Nb?KfS+Qo zXgrzfsP$wr4Qzy*{OD>uJBjdgGM@VMml5)2f~_}lD*YyOb}Hjeobhz#4c`w(l^>KK zr?Ud;W~Z}*w;%hZ|2^p^+f06gJDJQD zeIhGADbDmm&6arh(q>EZ<7mjzg7l|z$hRL8=1>)Nv=S7CY$B}iYJ&*T_-T_OG*L1q ztZ3Lana33?y3AKnyq^YCF|4x%Rb5WU&2qcl{TFKey%QJeMxn^SdT!hZ5+0i1zeusiYVp-phBl7b5+Px-X&LhByq z0F&<;K0l2+v>qiHlXb#$jXMv$uK-dEGE9L~qtdU(XeRXmvu*K2Q&6!fD**JxYP4b4BR7FdJ$Qx9G9`J%-_X!a#LGpp3g9)VWytGCa;7`S1_e8F~!R+aSJ zOF17p2`H?2kPs8Q`_;U}+D%3p zs2-0BTqFwpUoBk`?P;iPQ(IbEA|JmMx!P&YYG|R@S=5Mnw;-?A6rEEVyV%d7{iU4a zNk`i!%F(Ykpm`}#oH;BjY->@b8vQedv;pza2FL&*6ufjd+*3Ute&>kes~TU?^KkojsTh(o~(3tk1Y6>4(yn( z#U*ID9@eg-beKo1B;HXe+}{Z%n@7m0+yxivuqk9~;!1LGQlah)xYK4>wgL}l6dsaN zIxlRlq`*`j9PG4*0hD6YV_b_2w5b#)o7J?`q#{GjvvKlD`T*dWcZx<-s(ZvLB44E# z=!|sw!?)@%y$oRNL#25WS3lzdii}TuQ3?CLnvQ1_n};2sT_;Y;#d3=+-(O% zMN$>O!3;ke(UuLR%h_&)N zs^!-@A>QR}4yB1bPp`9S19ikTbZ~O{&FF-yHK{En;mmShDUIEw03`j(DBIsM}Rjki2J#SQa3gFZTKBPDeIiLt9Z z%bL3(B@Qw%(B`wSMS~dPh$=R`(}lBoFXKy(s|*{#ru$wjsBc_O#zxNk9w+UUHmx(U zmJ8+M+ndtnZ<7|VU9Mbt61zpo9T&3%Wx&XII=#QJxjR`CZf22ac3d51Z?GD%LEe_&*t46Qf;4`bZ7p2K(Ab5>GfT^}4! zBT&HZD`^PEgWoI&{~o-ID0F?O`75sm(87x%A{(}Ch1)QlzdJ)1B-eqe5a(weg0`4lQIf1evjvbBY50DVbzO7CLf|vP z2#0(U-|jZ`H{y5N^o7%iK6H>_HEGN->U6^!)1{XpJV!!4(Ig7wzZQ*9WYF4X1rG0x z=1uA@i`rIAciubDC{;~b(|&|A@xkjRP5aRcvRU9tvIm}jDB6J eQ0-6-y)mpwdT=ayS0tBxKDA*~;EWmo literal 0 HcmV?d00001 diff --git a/doc/doxyout/hx509/html/tabs.css b/doc/doxyout/hx509/html/tabs.css new file mode 100644 index 000000000000..95f00a91da30 --- /dev/null +++ b/doc/doxyout/hx509/html/tabs.css @@ -0,0 +1,102 @@ +/* tabs styles, based on http://www.alistapart.com/articles/slidingdoors */ + +DIV.tabs +{ + float : left; + width : 100%; + background : url("tab_b.gif") repeat-x bottom; + margin-bottom : 4px; +} + +DIV.tabs UL +{ + margin : 0px; + padding-left : 10px; + list-style : none; +} + +DIV.tabs LI, DIV.tabs FORM +{ + display : inline; + margin : 0px; + padding : 0px; +} + +DIV.tabs FORM +{ + float : right; +} + +DIV.tabs A +{ + float : left; + background : url("tab_r.gif") no-repeat right top; + border-bottom : 1px solid #84B0C7; + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + +DIV.tabs A:hover +{ + background-position: 100% -150px; +} + +DIV.tabs A:link, DIV.tabs A:visited, +DIV.tabs A:active, DIV.tabs A:hover +{ + color: #1A419D; +} + +DIV.tabs SPAN +{ + float : left; + display : block; + background : url("tab_l.gif") no-repeat left top; + padding : 5px 9px; + white-space : nowrap; +} + +DIV.tabs INPUT +{ + float : right; + display : inline; + font-size : 1em; +} + +DIV.tabs TD +{ + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + + + +/* Commented Backslash Hack hides rule from IE5-Mac \*/ +DIV.tabs SPAN {float : none;} +/* End IE5-Mac hack */ + +DIV.tabs A:hover SPAN +{ + background-position: 0% -150px; +} + +DIV.tabs LI.current A +{ + background-position: 100% -150px; + border-width : 0px; +} + +DIV.tabs LI.current SPAN +{ + background-position: 0% -150px; + padding-bottom : 6px; +} + +DIV.navpath +{ + background : none; + border : none; + border-bottom : 1px solid #84B0C7; +} diff --git a/doc/doxyout/hx509/man/man3/hx509.3 b/doc/doxyout/hx509/man/man3/hx509.3 new file mode 100644 index 000000000000..7fe04c71f6bf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509.3 @@ -0,0 +1,45 @@ +.TH "hx509 library" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 library \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBhx509_context_init\fP (hx509_context *context)" +.br +.ti -1c +.RI "void \fBhx509_context_free\fP (hx509_context *context)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "void hx509_context_free (hx509_context * context)" +.PP +Free the context allocated by \fBhx509_context_init()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP context to be freed. +.RE +.PP + +.SS "int hx509_context_init (hx509_context * context)" +.PP +Creates a hx509 context that most functions in the library uses. The context is only allowed to be used by one thread at each moment. Free the context with \fBhx509_context_free()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Returns a pointer to new hx509 context. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_bitstring_print.3 b/doc/doxyout/hx509/man/man3/hx509_bitstring_print.3 new file mode 100644 index 000000000000..2577d70ee906 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_bitstring_print.3 @@ -0,0 +1 @@ +.so man3/hx509_print.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca.3 b/doc/doxyout/hx509/man/man3/hx509_ca.3 new file mode 100644 index 000000000000..3f0c947cbfd3 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca.3 @@ -0,0 +1,573 @@ +.TH "hx509 CA functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 CA functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBhx509_ca_tbs_init\fP (hx509_context context, hx509_ca_tbs *tbs)" +.br +.ti -1c +.RI "void \fBhx509_ca_tbs_free\fP (hx509_ca_tbs *tbs)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_set_notBefore\fP (hx509_context context, hx509_ca_tbs tbs, time_t t)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_set_notAfter\fP (hx509_context context, hx509_ca_tbs tbs, time_t t)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_set_notAfter_lifetime\fP (hx509_context context, hx509_ca_tbs tbs, time_t delta)" +.br +.ti -1c +.RI "struct units * \fBhx509_ca_tbs_template_units\fP (void)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_set_template\fP (hx509_context context, hx509_ca_tbs tbs, int flags, hx509_cert cert)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_set_ca\fP (hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_set_proxy\fP (hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_set_domaincontroller\fP (hx509_context context, hx509_ca_tbs tbs)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_set_spki\fP (hx509_context context, hx509_ca_tbs tbs, const SubjectPublicKeyInfo *spki)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_set_serialnumber\fP (hx509_context context, hx509_ca_tbs tbs, const heim_integer *serialNumber)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_add_eku\fP (hx509_context context, hx509_ca_tbs tbs, const heim_oid *oid)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_add_crl_dp_uri\fP (hx509_context context, hx509_ca_tbs tbs, const char *uri, hx509_name issuername)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_add_san_otherName\fP (hx509_context context, hx509_ca_tbs tbs, const heim_oid *oid, const heim_octet_string *os)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_add_san_pkinit\fP (hx509_context context, hx509_ca_tbs tbs, const char *principal)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_add_san_ms_upn\fP (hx509_context context, hx509_ca_tbs tbs, const char *principal)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_add_san_jid\fP (hx509_context context, hx509_ca_tbs tbs, const char *jid)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_add_san_hostname\fP (hx509_context context, hx509_ca_tbs tbs, const char *dnsname)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_add_san_rfc822name\fP (hx509_context context, hx509_ca_tbs tbs, const char *rfc822Name)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_set_subject\fP (hx509_context context, hx509_ca_tbs tbs, hx509_name subject)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_set_unique\fP (hx509_context context, hx509_ca_tbs tbs, const heim_bit_string *subjectUniqueID, const heim_bit_string *issuerUniqueID)" +.br +.ti -1c +.RI "int \fBhx509_ca_tbs_subject_expand\fP (hx509_context context, hx509_ca_tbs tbs, hx509_env env)" +.br +.ti -1c +.RI "int \fBhx509_ca_sign\fP (hx509_context context, hx509_ca_tbs tbs, hx509_cert signer, hx509_cert *certificate)" +.br +.ti -1c +.RI "int \fBhx509_ca_sign_self\fP (hx509_context context, hx509_ca_tbs tbs, hx509_private_key signer, hx509_cert *certificate)" +.br +.in -1c +.SH "Detailed Description" +.PP +See the \fBHx509 CA functions\fP for description and examples. +.SH "Function Documentation" +.PP +.SS "int hx509_ca_sign (hx509_context context, hx509_ca_tbs tbs, hx509_cert signer, hx509_cert * certificate)" +.PP +Sign a to-be-signed certificate object with a issuer certificate. +.PP +The caller needs to at least have called the following functions on the to-be-signed certificate object: +.IP "\(bu" 2 +\fBhx509_ca_tbs_init()\fP +.IP "\(bu" 2 +\fBhx509_ca_tbs_set_subject()\fP +.IP "\(bu" 2 +\fBhx509_ca_tbs_set_spki()\fP +.PP +.PP +When done the to-be-signed certificate object should be freed with \fBhx509_ca_tbs_free()\fP. +.PP +When creating self-signed certificate use \fBhx509_ca_sign_self()\fP instead. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIsigner\fP the CA certificate object to sign with (need private key). +.br +\fIcertificate\fP return cerificate, free with \fBhx509_cert_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_sign_self (hx509_context context, hx509_ca_tbs tbs, hx509_private_key signer, hx509_cert * certificate)" +.PP +Work just like \fBhx509_ca_sign()\fP but signs it-self. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIsigner\fP private key to sign with. +.br +\fIcertificate\fP return cerificate, free with \fBhx509_cert_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_add_crl_dp_uri (hx509_context context, hx509_ca_tbs tbs, const char * uri, hx509_name issuername)" +.PP +Add CRL distribution point URI to the to-be-signed certificate object. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIuri\fP uri to the CRL. +.br +\fIissuername\fP name of the issuer. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.PP +issuername not supported +.SS "int hx509_ca_tbs_add_eku (hx509_context context, hx509_ca_tbs tbs, const heim_oid * oid)" +.PP +An an extended key usage to the to-be-signed certificate object. Duplicates will detected and not added. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIoid\fP extended key usage to add. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_add_san_hostname (hx509_context context, hx509_ca_tbs tbs, const char * dnsname)" +.PP +Add a Subject Alternative Name hostname to to-be-signed certificate object. A domain match starts with ., an exact match does not. +.PP +Example of a an domain match: .domain.se matches the hostname host.domain.se. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIdnsname\fP a hostame. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_add_san_jid (hx509_context context, hx509_ca_tbs tbs, const char * jid)" +.PP +Add a Jabber/XMPP jid Subject Alternative Name to the to-be-signed certificate object. The jid is an UTF8 string. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIjid\fP string of an a jabber id in UTF8. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_add_san_ms_upn (hx509_context context, hx509_ca_tbs tbs, const char * principal)" +.PP +Add Microsoft UPN Subject Alternative Name to the to-be-signed certificate object. The principal string is a UTF8 string. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIprincipal\fP Microsoft UPN string. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_add_san_otherName (hx509_context context, hx509_ca_tbs tbs, const heim_oid * oid, const heim_octet_string * os)" +.PP +Add Subject Alternative Name otherName to the to-be-signed certificate object. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIoid\fP the oid of the OtherName. +.br +\fIos\fP data in the other name. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_add_san_pkinit (hx509_context context, hx509_ca_tbs tbs, const char * principal)" +.PP +Add Kerberos Subject Alternative Name to the to-be-signed certificate object. The principal string is a UTF8 string. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIprincipal\fP Kerberos principal to add to the certificate. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_add_san_rfc822name (hx509_context context, hx509_ca_tbs tbs, const char * rfc822Name)" +.PP +Add a Subject Alternative Name rfc822 (email address) to to-be-signed certificate object. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIrfc822Name\fP a string to a email address. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_ca_tbs_free (hx509_ca_tbs * tbs)" +.PP +Free an To Be Signed object. +.PP +\fBParameters:\fP +.RS 4 +\fItbs\fP object to free. +.RE +.PP + +.SS "int hx509_ca_tbs_init (hx509_context context, hx509_ca_tbs * tbs)" +.PP +Allocate an to-be-signed certificate object that will be converted into an certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP returned to-be-signed certicate object, free with \fBhx509_ca_tbs_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_set_ca (hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)" +.PP +Make the to-be-signed certificate object a CA certificate. If the pathLenConstraint is negative path length constraint is used. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIpathLenConstraint\fP path length constraint, negative, no constraint. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_set_domaincontroller (hx509_context context, hx509_ca_tbs tbs)" +.PP +Make the to-be-signed certificate object a windows domain controller certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_set_notAfter (hx509_context context, hx509_ca_tbs tbs, time_t t)" +.PP +Set the absolute time when the certificate is valid to. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIt\fP time when the certificate will expire +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_set_notAfter_lifetime (hx509_context context, hx509_ca_tbs tbs, time_t delta)" +.PP +Set the relative time when the certificiate is going to expire. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIdelta\fP seconds to the certificate is going to expire. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_set_notBefore (hx509_context context, hx509_ca_tbs tbs, time_t t)" +.PP +Set the absolute time when the certificate is valid from. If not set the current time will be used. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIt\fP time the certificated will start to be valid +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_set_proxy (hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)" +.PP +Make the to-be-signed certificate object a proxy certificate. If the pathLenConstraint is negative path length constraint is used. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIpathLenConstraint\fP path length constraint, negative, no constraint. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_set_serialnumber (hx509_context context, hx509_ca_tbs tbs, const heim_integer * serialNumber)" +.PP +Set the serial number to use for to-be-signed certificate object. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIserialNumber\fP serial number to use for the to-be-signed certificate object. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_set_spki (hx509_context context, hx509_ca_tbs tbs, const SubjectPublicKeyInfo * spki)" +.PP +Set the subject public key info (SPKI) in the to-be-signed certificate object. SPKI is the public key and key related parameters in the certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIspki\fP subject public key info to use for the to-be-signed certificate object. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_set_subject (hx509_context context, hx509_ca_tbs tbs, hx509_name subject)" +.PP +Set the subject name of a to-be-signed certificate object. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIsubject\fP the name to set a subject. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_set_template (hx509_context context, hx509_ca_tbs tbs, int flags, hx509_cert cert)" +.PP +Initialize the to-be-signed certificate object from a template certifiate. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIflags\fP bit field selecting what to copy from the template certifiate. +.br +\fIcert\fP template certificate. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_set_unique (hx509_context context, hx509_ca_tbs tbs, const heim_bit_string * subjectUniqueID, const heim_bit_string * issuerUniqueID)" +.PP +Set the issuerUniqueID and subjectUniqueID +.PP +These are only supposed to be used considered with version 2 certificates, replaced by the two extensions SubjectKeyIdentifier and IssuerKeyIdentifier. This function is to allow application using legacy protocol to issue them. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIissuerUniqueID\fP to be set +.br +\fIsubjectUniqueID\fP to be set +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ca_tbs_subject_expand (hx509_context context, hx509_ca_tbs tbs, hx509_env env)" +.PP +Expand the the subject name in the to-be-signed certificate object using \fBhx509_name_expand()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fItbs\fP object to be signed. +.br +\fIenv\fP enviroment variable to expand variables in the subject name, see hx509_env_init(). +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "struct units* hx509_ca_tbs_template_units (void)\fC [read]\fP" +.PP +Make of template units, use to build flags argument to \fBhx509_ca_tbs_set_template()\fP with parse_units(). +.PP +\fBReturns:\fP +.RS 4 +an units structure. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_sign.3 b/doc/doxyout/hx509/man/man3/hx509_ca_sign.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_sign.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_sign_self.3 b/doc/doxyout/hx509/man/man3/hx509_ca_sign_self.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_sign_self.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_crl_dp_uri.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_crl_dp_uri.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_crl_dp_uri.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_eku.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_eku.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_eku.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_hostname.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_hostname.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_hostname.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_jid.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_jid.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_jid.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_ms_upn.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_ms_upn.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_ms_upn.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_otherName.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_otherName.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_otherName.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_pkinit.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_pkinit.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_pkinit.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_rfc822name.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_rfc822name.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_add_san_rfc822name.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_free.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_free.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_free.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_init.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_init.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_init.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_ca.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_ca.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_ca.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_domaincontroller.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_domaincontroller.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_domaincontroller.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_notAfter.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_notAfter.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_notAfter.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_notAfter_lifetime.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_notAfter_lifetime.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_notAfter_lifetime.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_notBefore.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_notBefore.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_notBefore.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_proxy.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_proxy.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_proxy.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_serialnumber.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_serialnumber.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_serialnumber.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_spki.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_spki.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_spki.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_subject.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_subject.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_subject.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_template.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_template.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_template.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_unique.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_unique.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_set_unique.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_subject_expand.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_subject_expand.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_subject_expand.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ca_tbs_template_units.3 b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_template_units.3 new file mode 100644 index 000000000000..8b46f5ce9b89 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ca_tbs_template_units.3 @@ -0,0 +1 @@ +.so man3/hx509_ca.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert.3 b/doc/doxyout/hx509/man/man3/hx509_cert.3 new file mode 100644 index 000000000000..8ecd598cb7d4 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert.3 @@ -0,0 +1,700 @@ +.TH "hx509 certificate functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 certificate functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBhx509_cert_init\fP (hx509_context context, const Certificate *c, hx509_cert *cert)" +.br +.ti -1c +.RI "int \fBhx509_cert_init_data\fP (hx509_context context, const void *ptr, size_t len, hx509_cert *cert)" +.br +.ti -1c +.RI "void \fBhx509_cert_free\fP (hx509_cert cert)" +.br +.ti -1c +.RI "hx509_cert \fBhx509_cert_ref\fP (hx509_cert cert)" +.br +.ti -1c +.RI "void \fBhx509_verify_ctx_f_allow_default_trustanchors\fP (hx509_verify_ctx ctx, int boolean)" +.br +.ti -1c +.RI "int \fBhx509_cert_find_subjectAltName_otherName\fP (hx509_context context, hx509_cert cert, const heim_oid *oid, hx509_octet_string_list *list)" +.br +.ti -1c +.RI "int \fBhx509_cert_cmp\fP (hx509_cert p, hx509_cert q)" +.br +.ti -1c +.RI "int \fBhx509_cert_get_issuer\fP (hx509_cert p, hx509_name *name)" +.br +.ti -1c +.RI "int \fBhx509_cert_get_subject\fP (hx509_cert p, hx509_name *name)" +.br +.ti -1c +.RI "int \fBhx509_cert_get_base_subject\fP (hx509_context context, hx509_cert c, hx509_name *name)" +.br +.ti -1c +.RI "int \fBhx509_cert_get_serialnumber\fP (hx509_cert p, heim_integer *i)" +.br +.ti -1c +.RI "time_t \fBhx509_cert_get_notBefore\fP (hx509_cert p)" +.br +.ti -1c +.RI "time_t \fBhx509_cert_get_notAfter\fP (hx509_cert p)" +.br +.ti -1c +.RI "int \fBhx509_cert_get_SPKI\fP (hx509_context context, hx509_cert p, SubjectPublicKeyInfo *spki)" +.br +.ti -1c +.RI "int \fBhx509_cert_get_SPKI_AlgorithmIdentifier\fP (hx509_context context, hx509_cert p, AlgorithmIdentifier *alg)" +.br +.ti -1c +.RI "int \fBhx509_cert_get_issuer_unique_id\fP (hx509_context context, hx509_cert p, heim_bit_string *issuer)" +.br +.ti -1c +.RI "int \fBhx509_cert_get_subject_unique_id\fP (hx509_context context, hx509_cert p, heim_bit_string *subject)" +.br +.ti -1c +.RI "int \fBhx509_verify_hostname\fP (hx509_context context, const hx509_cert cert, int flags, hx509_hostname_type type, const char *hostname, const struct sockaddr *sa, int sa_size)" +.br +.ti -1c +.RI "hx509_cert_attribute \fBhx509_cert_get_attribute\fP (hx509_cert cert, const heim_oid *oid)" +.br +.ti -1c +.RI "int \fBhx509_cert_set_friendly_name\fP (hx509_cert cert, const char *name)" +.br +.ti -1c +.RI "const char * \fBhx509_cert_get_friendly_name\fP (hx509_cert cert)" +.br +.ti -1c +.RI "int \fBhx509_query_alloc\fP (hx509_context context, hx509_query **q)" +.br +.ti -1c +.RI "void \fBhx509_query_match_option\fP (hx509_query *q, hx509_query_option option)" +.br +.ti -1c +.RI "int \fBhx509_query_match_issuer_serial\fP (hx509_query *q, const Name *issuer, const heim_integer *serialNumber)" +.br +.ti -1c +.RI "int \fBhx509_query_match_friendly_name\fP (hx509_query *q, const char *name)" +.br +.ti -1c +.RI "int \fBhx509_query_match_eku\fP (hx509_query *q, const heim_oid *eku)" +.br +.ti -1c +.RI "int \fBhx509_query_match_cmp_func\fP (hx509_query *q, int(*func)(hx509_context, hx509_cert, void *), void *ctx)" +.br +.ti -1c +.RI "void \fBhx509_query_free\fP (hx509_context context, hx509_query *q)" +.br +.ti -1c +.RI "void \fBhx509_query_statistic_file\fP (hx509_context context, const char *fn)" +.br +.ti -1c +.RI "void \fBhx509_query_unparse_stats\fP (hx509_context context, int printtype, FILE *out)" +.br +.ti -1c +.RI "int \fBhx509_cert_check_eku\fP (hx509_context context, hx509_cert cert, const heim_oid *eku, int allow_any_eku)" +.br +.ti -1c +.RI "int \fBhx509_cert_binary\fP (hx509_context context, hx509_cert c, heim_octet_string *os)" +.br +.ti -1c +.RI "int \fBhx509_print_cert\fP (hx509_context context, hx509_cert cert, FILE *out)" +.br +.in -1c +.SH "Detailed Description" +.PP +See the \fBThe basic certificate\fP for description and examples. +.SH "Function Documentation" +.PP +.SS "int hx509_cert_binary (hx509_context context, hx509_cert c, heim_octet_string * os)" +.PP +Encodes the hx509 certificate as a DER encode binary. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIc\fP the certificate to encode. +.br +\fIos\fP the encode certificate, set to NULL, 0 on case of error. Free the os->data with \fBhx509_xfree()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_cert_check_eku (hx509_context context, hx509_cert cert, const heim_oid * eku, int allow_any_eku)" +.PP +Check the extended key usage on the hx509 certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIcert\fP A hx509 context. +.br +\fIeku\fP the EKU to check for +.br +\fIallow_any_eku\fP if the any EKU is set, allow that to be a substitute. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_cert_cmp (hx509_cert p, hx509_cert q)" +.PP +Compare to hx509 certificate object, useful for sorting. +.PP +\fBParameters:\fP +.RS 4 +\fIp\fP a hx509 certificate object. +.br +\fIq\fP a hx509 certificate object. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 the objects are the same, returns > 0 is p is 'larger' then q, < 0 if p is 'smaller' then q. +.RE +.PP + +.SS "int hx509_cert_find_subjectAltName_otherName (hx509_context context, hx509_cert cert, const heim_oid * oid, hx509_octet_string_list * list)" +.PP +Return a list of subjectAltNames specified by oid in the certificate. On error the +.PP +The returned list of octet string should be freed with \fBhx509_free_octet_string_list()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIcert\fP a hx509 certificate object. +.br +\fIoid\fP an oid to for SubjectAltName. +.br +\fIlist\fP list of matching SubjectAltName. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_cert_free (hx509_cert cert)" +.PP +Free reference to the hx509 certificate object, if the refcounter reaches 0, the object if freed. Its allowed to pass in NULL. +.PP +\fBParameters:\fP +.RS 4 +\fIcert\fP the cert to free. +.RE +.PP + +.SS "hx509_cert_attribute hx509_cert_get_attribute (hx509_cert cert, const heim_oid * oid)" +.PP +Get an external attribute for the certificate, examples are friendly name and id. +.PP +\fBParameters:\fP +.RS 4 +\fIcert\fP hx509 certificate object to search +.br +\fIoid\fP an oid to search for. +.RE +.PP +\fBReturns:\fP +.RS 4 +an hx509_cert_attribute, only valid as long as the certificate is referenced. +.RE +.PP + +.SS "int hx509_cert_get_base_subject (hx509_context context, hx509_cert c, hx509_name * name)" +.PP +Return the name of the base subject of the hx509 certificate. If the certiicate is a verified proxy certificate, the this function return the base certificate (root of the proxy chain). If the proxy certificate is not verified with the base certificate HX509_PROXY_CERTIFICATE_NOT_CANONICALIZED is returned. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIc\fP a hx509 certificate object. +.br +\fIname\fP a pointer to a hx509 name, should be freed by \fBhx509_name_free()\fP. See also \fBhx509_cert_get_subject()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "const char* hx509_cert_get_friendly_name (hx509_cert cert)" +.PP +Get friendly name of the certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIcert\fP cert to get the friendly name from. +.RE +.PP +\fBReturns:\fP +.RS 4 +an friendly name or NULL if there is. The friendly name is only valid as long as the certificate is referenced. +.RE +.PP + +.SS "int hx509_cert_get_issuer (hx509_cert p, hx509_name * name)" +.PP +Return the name of the issuer of the hx509 certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIp\fP a hx509 certificate object. +.br +\fIname\fP a pointer to a hx509 name, should be freed by \fBhx509_name_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_cert_get_issuer_unique_id (hx509_context context, hx509_cert p, heim_bit_string * issuer)" +.PP +Get a copy of the Issuer Unique ID +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509_context +.br +\fIp\fP a hx509 certificate +.br +\fIissuer\fP the issuer id returned, free with der_free_bit_string() +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. The error code HX509_EXTENSION_NOT_FOUND is returned if the certificate doesn't have a issuerUniqueID +.RE +.PP + +.SS "time_t hx509_cert_get_notAfter (hx509_cert p)" +.PP +Get notAfter time of the certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIp\fP a hx509 certificate object. +.RE +.PP +\fBReturns:\fP +.RS 4 +return not after time. +.RE +.PP + +.SS "time_t hx509_cert_get_notBefore (hx509_cert p)" +.PP +Get notBefore time of the certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIp\fP a hx509 certificate object. +.RE +.PP +\fBReturns:\fP +.RS 4 +return not before time +.RE +.PP + +.SS "int hx509_cert_get_serialnumber (hx509_cert p, heim_integer * i)" +.PP +Get serial number of the certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIp\fP a hx509 certificate object. +.br +\fIi\fP serial number, should be freed ith der_free_heim_integer(). +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_cert_get_SPKI (hx509_context context, hx509_cert p, SubjectPublicKeyInfo * spki)" +.PP +Get the SubjectPublicKeyInfo structure from the hx509 certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIp\fP a hx509 certificate object. +.br +\fIspki\fP SubjectPublicKeyInfo, should be freed with free_SubjectPublicKeyInfo(). +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_cert_get_SPKI_AlgorithmIdentifier (hx509_context context, hx509_cert p, AlgorithmIdentifier * alg)" +.PP +Get the AlgorithmIdentifier from the hx509 certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIp\fP a hx509 certificate object. +.br +\fIalg\fP AlgorithmIdentifier, should be freed with free_AlgorithmIdentifier(). The algorithmidentifier is typicly rsaEncryption, or id-ecPublicKey, or some other public key mechanism. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_cert_get_subject (hx509_cert p, hx509_name * name)" +.PP +Return the name of the subject of the hx509 certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIp\fP a hx509 certificate object. +.br +\fIname\fP a pointer to a hx509 name, should be freed by \fBhx509_name_free()\fP. See also \fBhx509_cert_get_base_subject()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_cert_get_subject_unique_id (hx509_context context, hx509_cert p, heim_bit_string * subject)" +.PP +Get a copy of the Subect Unique ID +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509_context +.br +\fIp\fP a hx509 certificate +.br +\fIsubject\fP the subject id returned, free with der_free_bit_string() +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. The error code HX509_EXTENSION_NOT_FOUND is returned if the certificate doesn't have a subjectUniqueID +.RE +.PP + +.SS "int hx509_cert_init (hx509_context context, const Certificate * c, hx509_cert * cert)" +.PP +Allocate and init an hx509 certificate object from the decoded certificate `c´. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIc\fP +.br +\fIcert\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + +.SS "int hx509_cert_init_data (hx509_context context, const void * ptr, size_t len, hx509_cert * cert)" +.PP +Just like \fBhx509_cert_init()\fP, but instead of a decode certificate takes an pointer and length to a memory region that contains a DER/BER encoded certificate. +.PP +If the memory region doesn't contain just the certificate and nothing more the function will fail with HX509_EXTRA_DATA_AFTER_STRUCTURE. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIptr\fP pointer to memory region containing encoded certificate. +.br +\fIlen\fP length of memory region. +.br +\fIcert\fP a return pointer to a hx509 certificate object, will contain NULL on error. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "hx509_cert hx509_cert_ref (hx509_cert cert)" +.PP +Add a reference to a hx509 certificate object. +.PP +\fBParameters:\fP +.RS 4 +\fIcert\fP a pointer to an hx509 certificate object. +.RE +.PP +\fBReturns:\fP +.RS 4 +the same object as is passed in. +.RE +.PP + +.SS "int hx509_cert_set_friendly_name (hx509_cert cert, const char * name)" +.PP +Set the friendly name on the certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIcert\fP The certificate to set the friendly name on +.br +\fIname\fP Friendly name. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_print_cert (hx509_context context, hx509_cert cert, FILE * out)" +.PP +Print a simple representation of a certificate +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context, can be NULL +.br +\fIcert\fP certificate to print +.br +\fIout\fP the stdio output stream, if NULL, stdout is used +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code +.RE +.PP + +.SS "int hx509_query_alloc (hx509_context context, hx509_query ** q)" +.PP +Allocate an query controller. Free using \fBhx509_query_free()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIq\fP return pointer to a hx509_query. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_query_free (hx509_context context, hx509_query * q)" +.PP +Free the query controller. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIq\fP a pointer to the query controller. +.RE +.PP + +.SS "int hx509_query_match_cmp_func (hx509_query * q, int(*)(hx509_context, hx509_cert, void *) func, void * ctx)" +.PP +Set the query controller to match using a specific match function. +.PP +\fBParameters:\fP +.RS 4 +\fIq\fP a hx509 query controller. +.br +\fIfunc\fP function to use for matching, if the argument is NULL, the match function is removed. +.br +\fIctx\fP context passed to the function. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_query_match_eku (hx509_query * q, const heim_oid * eku)" +.PP +Set the query controller to require an one specific EKU (extended key usage). Any previous EKU matching is overwitten. If NULL is passed in as the eku, the EKU requirement is reset. +.PP +\fBParameters:\fP +.RS 4 +\fIq\fP a hx509 query controller. +.br +\fIeku\fP an EKU to match on. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_query_match_friendly_name (hx509_query * q, const char * name)" +.PP +Set the query controller to match on a friendly name +.PP +\fBParameters:\fP +.RS 4 +\fIq\fP a hx509 query controller. +.br +\fIname\fP a friendly name to match on +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_query_match_issuer_serial (hx509_query * q, const Name * issuer, const heim_integer * serialNumber)" +.PP +Set the issuer and serial number of match in the query controller. The function make copies of the isser and serial number. +.PP +\fBParameters:\fP +.RS 4 +\fIq\fP a hx509 query controller +.br +\fIissuer\fP issuer to search for +.br +\fIserialNumber\fP the serialNumber of the issuer. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_query_match_option (hx509_query * q, hx509_query_option option)" +.PP +Set match options for the hx509 query controller. +.PP +\fBParameters:\fP +.RS 4 +\fIq\fP query controller. +.br +\fIoption\fP options to control the query controller. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_query_statistic_file (hx509_context context, const char * fn)" +.PP +Set a statistic file for the query statistics. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIfn\fP statistics file name +.RE +.PP + +.SS "void hx509_query_unparse_stats (hx509_context context, int printtype, FILE * out)" +.PP +Unparse the statistics file and print the result on a FILE descriptor. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIprinttype\fP tyep to print +.br +\fIout\fP the FILE to write the data on. +.RE +.PP + +.SS "void hx509_verify_ctx_f_allow_default_trustanchors (hx509_verify_ctx ctx, int boolean)" +.PP +Allow using the operating system builtin trust anchors if no other trust anchors are configured. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP a verification context +.br +\fIboolean\fP if non zero, useing the operating systems builtin trust anchors. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_verify_hostname (hx509_context context, const hx509_cert cert, int flags, hx509_hostname_type type, const char * hostname, const struct sockaddr * sa, int sa_size)" +.PP +Verify that the certificate is allowed to be used for the hostname and address. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIcert\fP the certificate to match with +.br +\fIflags\fP Flags to modify the behavior: +.IP "\(bu" 2 +HX509_VHN_F_ALLOW_NO_MATCH no match is ok +.PP +.br +\fItype\fP type of hostname: +.IP "\(bu" 2 +HX509_HN_HOSTNAME for plain hostname. +.IP "\(bu" 2 +HX509_HN_DNSSRV for DNS SRV names. +.PP +.br +\fIhostname\fP the hostname to check +.br +\fIsa\fP address of the host +.br +\fIsa_size\fP length of address +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_binary.3 b/doc/doxyout/hx509/man/man3/hx509_cert_binary.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_binary.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_check_eku.3 b/doc/doxyout/hx509/man/man3/hx509_cert_check_eku.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_check_eku.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_cmp.3 b/doc/doxyout/hx509/man/man3/hx509_cert_cmp.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_cmp.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_find_subjectAltName_otherName.3 b/doc/doxyout/hx509/man/man3/hx509_cert_find_subjectAltName_otherName.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_find_subjectAltName_otherName.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_free.3 b/doc/doxyout/hx509/man/man3/hx509_cert_free.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_free.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_get_SPKI.3 b/doc/doxyout/hx509/man/man3/hx509_cert_get_SPKI.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_get_SPKI.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_get_SPKI_AlgorithmIdentifier.3 b/doc/doxyout/hx509/man/man3/hx509_cert_get_SPKI_AlgorithmIdentifier.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_get_SPKI_AlgorithmIdentifier.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_get_attribute.3 b/doc/doxyout/hx509/man/man3/hx509_cert_get_attribute.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_get_attribute.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_get_base_subject.3 b/doc/doxyout/hx509/man/man3/hx509_cert_get_base_subject.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_get_base_subject.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_get_friendly_name.3 b/doc/doxyout/hx509/man/man3/hx509_cert_get_friendly_name.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_get_friendly_name.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_get_issuer.3 b/doc/doxyout/hx509/man/man3/hx509_cert_get_issuer.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_get_issuer.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_get_issuer_unique_id.3 b/doc/doxyout/hx509/man/man3/hx509_cert_get_issuer_unique_id.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_get_issuer_unique_id.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_get_notAfter.3 b/doc/doxyout/hx509/man/man3/hx509_cert_get_notAfter.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_get_notAfter.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_get_notBefore.3 b/doc/doxyout/hx509/man/man3/hx509_cert_get_notBefore.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_get_notBefore.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_get_serialnumber.3 b/doc/doxyout/hx509/man/man3/hx509_cert_get_serialnumber.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_get_serialnumber.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_get_subject.3 b/doc/doxyout/hx509/man/man3/hx509_cert_get_subject.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_get_subject.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_get_subject_unique_id.3 b/doc/doxyout/hx509/man/man3/hx509_cert_get_subject_unique_id.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_get_subject_unique_id.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_init.3 b/doc/doxyout/hx509/man/man3/hx509_cert_init.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_init.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_init_data.3 b/doc/doxyout/hx509/man/man3/hx509_cert_init_data.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_init_data.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_keyusage_print.3 b/doc/doxyout/hx509/man/man3/hx509_cert_keyusage_print.3 new file mode 100644 index 000000000000..2577d70ee906 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_keyusage_print.3 @@ -0,0 +1 @@ +.so man3/hx509_print.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_ref.3 b/doc/doxyout/hx509/man/man3/hx509_cert_ref.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_ref.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cert_set_friendly_name.3 b/doc/doxyout/hx509/man/man3/hx509_cert_set_friendly_name.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cert_set_friendly_name.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_add.3 b/doc/doxyout/hx509/man/man3/hx509_certs_add.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_add.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_append.3 b/doc/doxyout/hx509/man/man3/hx509_certs_append.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_append.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_end_seq.3 b/doc/doxyout/hx509/man/man3/hx509_certs_end_seq.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_end_seq.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_filter.3 b/doc/doxyout/hx509/man/man3/hx509_certs_filter.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_filter.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_find.3 b/doc/doxyout/hx509/man/man3/hx509_certs_find.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_find.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_free.3 b/doc/doxyout/hx509/man/man3/hx509_certs_free.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_free.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_info.3 b/doc/doxyout/hx509/man/man3/hx509_certs_info.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_info.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_init.3 b/doc/doxyout/hx509/man/man3/hx509_certs_init.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_init.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_iter_f.3 b/doc/doxyout/hx509/man/man3/hx509_certs_iter_f.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_iter_f.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_merge.3 b/doc/doxyout/hx509/man/man3/hx509_certs_merge.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_merge.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_next_cert.3 b/doc/doxyout/hx509/man/man3/hx509_certs_next_cert.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_next_cert.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_start_seq.3 b/doc/doxyout/hx509/man/man3/hx509_certs_start_seq.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_start_seq.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_certs_store.3 b/doc/doxyout/hx509/man/man3/hx509_certs_store.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_certs_store.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ci_print_names.3 b/doc/doxyout/hx509/man/man3/hx509_ci_print_names.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ci_print_names.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_clear_error_string.3 b/doc/doxyout/hx509/man/man3/hx509_clear_error_string.3 new file mode 100644 index 000000000000..191f0f0843f0 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_clear_error_string.3 @@ -0,0 +1 @@ +.so man3/hx509_error.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cms.3 b/doc/doxyout/hx509/man/man3/hx509_cms.3 new file mode 100644 index 000000000000..77d681708c82 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cms.3 @@ -0,0 +1,206 @@ +.TH "hx509 CMS/pkcs7 functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 CMS/pkcs7 functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBhx509_cms_wrap_ContentInfo\fP (const heim_oid *oid, const heim_octet_string *buf, heim_octet_string *res)" +.br +.ti -1c +.RI "int \fBhx509_cms_unwrap_ContentInfo\fP (const heim_octet_string *in, heim_oid *oid, heim_octet_string *out, int *have_data)" +.br +.ti -1c +.RI "int \fBhx509_cms_unenvelope\fP (hx509_context context, hx509_certs certs, int flags, const void *data, size_t length, const heim_octet_string *encryptedContent, time_t time_now, heim_oid *contentType, heim_octet_string *content)" +.br +.ti -1c +.RI "int \fBhx509_cms_envelope_1\fP (hx509_context context, int flags, hx509_cert cert, const void *data, size_t length, const heim_oid *encryption_type, const heim_oid *contentType, heim_octet_string *content)" +.br +.ti -1c +.RI "int \fBhx509_cms_verify_signed\fP (hx509_context context, hx509_verify_ctx ctx, unsigned int flags, const void *data, size_t length, const heim_octet_string *signedContent, hx509_certs pool, heim_oid *contentType, heim_octet_string *content, hx509_certs *signer_certs)" +.br +.ti -1c +.RI "int \fBhx509_cms_create_signed_1\fP (hx509_context context, int flags, const heim_oid *eContentType, const void *data, size_t length, const AlgorithmIdentifier *digest_alg, hx509_cert cert, hx509_peer_info peer, hx509_certs anchors, hx509_certs pool, heim_octet_string *signed_data)" +.br +.in -1c +.SH "Detailed Description" +.PP +See the \fBCMS/PKCS7 message functions.\fP for description and examples. +.SH "Function Documentation" +.PP +.SS "int hx509_cms_create_signed_1 (hx509_context context, int flags, const heim_oid * eContentType, const void * data, size_t length, const AlgorithmIdentifier * digest_alg, hx509_cert cert, hx509_peer_info peer, hx509_certs anchors, hx509_certs pool, heim_octet_string * signed_data)" +.PP +Decode SignedData and verify that the signature is correct. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIflags\fP +.br +\fIeContentType\fP the type of the data. +.br +\fIdata\fP data to sign +.br +\fIlength\fP length of the data that data point to. +.br +\fIdigest_alg\fP digest algorithm to use, use NULL to get the default or the peer determined algorithm. +.br +\fIcert\fP certificate to use for sign the data. +.br +\fIpeer\fP info about the peer the message to send the message to, like what digest algorithm to use. +.br +\fIanchors\fP trust anchors that the client will use, used to polulate the certificates included in the message +.br +\fIpool\fP certificates to use in try to build the path to the trust anchors. +.br +\fIsigned_data\fP the output of the function, free with der_free_octet_string(). +.RE +.PP + +.SS "int hx509_cms_envelope_1 (hx509_context context, int flags, hx509_cert cert, const void * data, size_t length, const heim_oid * encryption_type, const heim_oid * contentType, heim_octet_string * content)" +.PP +Encrypt end encode EnvelopedData. +.PP +Encrypt and encode EnvelopedData. The data is encrypted with a random key and the the random key is encrypted with the certificates private key. This limits what private key type can be used to RSA. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIflags\fP flags to control the behavior. +.IP "\(bu" 2 +HX509_CMS_EV_NO_KU_CHECK - Dont check KU on certificate +.IP "\(bu" 2 +HX509_CMS_EV_ALLOW_WEAK - Allow weak crytpo +.IP "\(bu" 2 +HX509_CMS_EV_ID_NAME - prefer issuer name and serial number +.PP +.br +\fIcert\fP Certificate to encrypt the EnvelopedData encryption key with. +.br +\fIdata\fP pointer the data to encrypt. +.br +\fIlength\fP length of the data that data point to. +.br +\fIencryption_type\fP Encryption cipher to use for the bulk data, use NULL to get default. +.br +\fIcontentType\fP type of the data that is encrypted +.br +\fIcontent\fP the output of the function, free with der_free_octet_string(). +.RE +.PP + +.SS "int hx509_cms_unenvelope (hx509_context context, hx509_certs certs, int flags, const void * data, size_t length, const heim_octet_string * encryptedContent, time_t time_now, heim_oid * contentType, heim_octet_string * content)" +.PP +Decode and unencrypt EnvelopedData. +.PP +Extract data and parameteres from from the EnvelopedData. Also supports using detached EnvelopedData. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIcerts\fP Certificate that can decrypt the EnvelopedData encryption key. +.br +\fIflags\fP HX509_CMS_UE flags to control the behavior. +.br +\fIdata\fP pointer the structure the contains the DER/BER encoded EnvelopedData stucture. +.br +\fIlength\fP length of the data that data point to. +.br +\fIencryptedContent\fP in case of detached signature, this contains the actual encrypted data, othersize its should be NULL. +.br +\fItime_now\fP set the current time, if zero the library uses now as the date. +.br +\fIcontentType\fP output type oid, should be freed with der_free_oid(). +.br +\fIcontent\fP the data, free with der_free_octet_string(). +.RE +.PP + +.SS "int hx509_cms_unwrap_ContentInfo (const heim_octet_string * in, heim_oid * oid, heim_octet_string * out, int * have_data)" +.PP +Decode an ContentInfo and unwrap data and oid it. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP the encoded buffer. +.br +\fIoid\fP type of the content. +.br +\fIout\fP data to be wrapped. +.br +\fIhave_data\fP since the data is optional, this flags show dthe diffrence between no data and the zero length data. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + +.SS "int hx509_cms_verify_signed (hx509_context context, hx509_verify_ctx ctx, unsigned int flags, const void * data, size_t length, const heim_octet_string * signedContent, hx509_certs pool, heim_oid * contentType, heim_octet_string * content, hx509_certs * signer_certs)" +.PP +Decode SignedData and verify that the signature is correct. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIctx\fP a hx509 verify context. +.br +\fIflags\fP to control the behaivor of the function. +.IP "\(bu" 2 +HX509_CMS_VS_NO_KU_CHECK - Don't check KeyUsage +.IP "\(bu" 2 +HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH - allow oid mismatch +.IP "\(bu" 2 +HX509_CMS_VS_ALLOW_ZERO_SIGNER - no signer, see below. +.PP +.br +\fIdata\fP pointer to CMS SignedData encoded data. +.br +\fIlength\fP length of the data that data point to. +.br +\fIsignedContent\fP external data used for signature. +.br +\fIpool\fP certificate pool to build certificates paths. +.br +\fIcontentType\fP free with der_free_oid(). +.br +\fIcontent\fP the output of the function, free with der_free_octet_string(). +.br +\fIsigner_certs\fP list of the cerficates used to sign this request, free with \fBhx509_certs_free()\fP. +.RE +.PP + +.PP +If HX509_CMS_VS_NO_KU_CHECK is set, allow more liberal search for matching certificates by not considering KeyUsage bits on the certificates. +.PP +If HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH, allow encapContentInfo mismatch with the oid in signedAttributes (or if no signedAttributes where use, pkcs7-data oid). This is only needed to work with broken CMS implementations that doesn't follow CMS signedAttributes rules. +.PP +If HX509_CMS_VS_NO_VALIDATE flags is set, do not verify the signing certificates and leave that up to the caller. +.PP +If HX509_CMS_VS_ALLOW_ZERO_SIGNER is set, allow empty SignerInfo (no signatures). If SignedData have no signatures, the function will return 0 with signer_certs set to NULL. Zero signers is allowed by the standard, but since its only useful in corner cases, it make into a flag that the caller have to turn on. +.SS "int hx509_cms_wrap_ContentInfo (const heim_oid * oid, const heim_octet_string * buf, heim_octet_string * res)" +.PP +Wrap data and oid in a ContentInfo and encode it. +.PP +\fBParameters:\fP +.RS 4 +\fIoid\fP type of the content. +.br +\fIbuf\fP data to be wrapped. If a NULL pointer is passed in, the optional content field in the ContentInfo is not going be filled in. +.br +\fIres\fP the encoded buffer, the result should be freed with der_free_octet_string(). +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_cms_create_signed_1.3 b/doc/doxyout/hx509/man/man3/hx509_cms_create_signed_1.3 new file mode 100644 index 000000000000..ce2803ea99dc --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cms_create_signed_1.3 @@ -0,0 +1 @@ +.so man3/hx509_cms.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cms_envelope_1.3 b/doc/doxyout/hx509/man/man3/hx509_cms_envelope_1.3 new file mode 100644 index 000000000000..ce2803ea99dc --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cms_envelope_1.3 @@ -0,0 +1 @@ +.so man3/hx509_cms.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cms_unenvelope.3 b/doc/doxyout/hx509/man/man3/hx509_cms_unenvelope.3 new file mode 100644 index 000000000000..ce2803ea99dc --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cms_unenvelope.3 @@ -0,0 +1 @@ +.so man3/hx509_cms.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cms_unwrap_ContentInfo.3 b/doc/doxyout/hx509/man/man3/hx509_cms_unwrap_ContentInfo.3 new file mode 100644 index 000000000000..ce2803ea99dc --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cms_unwrap_ContentInfo.3 @@ -0,0 +1 @@ +.so man3/hx509_cms.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cms_verify_signed.3 b/doc/doxyout/hx509/man/man3/hx509_cms_verify_signed.3 new file mode 100644 index 000000000000..ce2803ea99dc --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cms_verify_signed.3 @@ -0,0 +1 @@ +.so man3/hx509_cms.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_cms_wrap_ContentInfo.3 b/doc/doxyout/hx509/man/man3/hx509_cms_wrap_ContentInfo.3 new file mode 100644 index 000000000000..ce2803ea99dc --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_cms_wrap_ContentInfo.3 @@ -0,0 +1 @@ +.so man3/hx509_cms.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_context_free.3 b/doc/doxyout/hx509/man/man3/hx509_context_free.3 new file mode 100644 index 000000000000..19c5e816ac65 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_context_free.3 @@ -0,0 +1 @@ +.so man3/hx509.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_context_init.3 b/doc/doxyout/hx509/man/man3/hx509_context_init.3 new file mode 100644 index 000000000000..19c5e816ac65 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_context_init.3 @@ -0,0 +1 @@ +.so man3/hx509.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_context_set_missing_revoke.3 b/doc/doxyout/hx509/man/man3/hx509_context_set_missing_revoke.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_context_set_missing_revoke.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_crl_add_revoked_certs.3 b/doc/doxyout/hx509/man/man3/hx509_crl_add_revoked_certs.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_crl_add_revoked_certs.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_crl_alloc.3 b/doc/doxyout/hx509/man/man3/hx509_crl_alloc.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_crl_alloc.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_crl_free.3 b/doc/doxyout/hx509/man/man3/hx509_crl_free.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_crl_free.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_crl_lifetime.3 b/doc/doxyout/hx509/man/man3/hx509_crl_lifetime.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_crl_lifetime.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_crl_sign.3 b/doc/doxyout/hx509/man/man3/hx509_crl_sign.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_crl_sign.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_crypto.3 b/doc/doxyout/hx509/man/man3/hx509_crypto.3 new file mode 100644 index 000000000000..7b9cdfc12c6d --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_crypto.3 @@ -0,0 +1,40 @@ +.TH "hx509 crypto functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 crypto functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBhx509_verify_signature\fP (hx509_context context, const hx509_cert signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "int hx509_verify_signature (hx509_context context, const hx509_cert signer, const AlgorithmIdentifier * alg, const heim_octet_string * data, const heim_octet_string * sig)" +.PP +Verify a signature made using the private key of an certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIsigner\fP the certificate that made the signature. +.br +\fIalg\fP algorthm that was used to sign the data. +.br +\fIdata\fP the data that was signed. +.br +\fIsig\fP the sigature to verify. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_env.3 b/doc/doxyout/hx509/man/man3/hx509_env.3 new file mode 100644 index 000000000000..eae0146c4251 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_env.3 @@ -0,0 +1,143 @@ +.TH "hx509 enviroment functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 enviroment functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBhx509_env_add\fP (hx509_context context, hx509_env *env, const char *key, const char *value)" +.br +.ti -1c +.RI "int \fBhx509_env_add_binding\fP (hx509_context context, hx509_env *env, const char *key, hx509_env list)" +.br +.ti -1c +.RI "const char * \fBhx509_env_lfind\fP (hx509_context context, hx509_env env, const char *key, size_t len)" +.br +.ti -1c +.RI "const char * \fBhx509_env_find\fP (hx509_context context, hx509_env env, const char *key)" +.br +.ti -1c +.RI "hx509_env \fBhx509_env_find_binding\fP (hx509_context context, hx509_env env, const char *key)" +.br +.ti -1c +.RI "void \fBhx509_env_free\fP (hx509_env *env)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "int hx509_env_add (hx509_context context, hx509_env * env, const char * key, const char * value)" +.PP +Add a new key/value pair to the hx509_env. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIenv\fP enviroment to add the enviroment variable too. +.br +\fIkey\fP key to add +.br +\fIvalue\fP value to add +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_env_add_binding (hx509_context context, hx509_env * env, const char * key, hx509_env list)" +.PP +Add a new key/binding pair to the hx509_env. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIenv\fP enviroment to add the enviroment variable too. +.br +\fIkey\fP key to add +.br +\fIlist\fP binding list to add +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "const char* hx509_env_find (hx509_context context, hx509_env env, const char * key)" +.PP +Search the hx509_env for a key. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIenv\fP enviroment to add the enviroment variable too. +.br +\fIkey\fP key to search for. +.RE +.PP +\fBReturns:\fP +.RS 4 +the value if the key is found, NULL otherwise. +.RE +.PP + +.SS "hx509_env hx509_env_find_binding (hx509_context context, hx509_env env, const char * key)" +.PP +Search the hx509_env for a binding. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIenv\fP enviroment to add the enviroment variable too. +.br +\fIkey\fP key to search for. +.RE +.PP +\fBReturns:\fP +.RS 4 +the binding if the key is found, NULL if not found. +.RE +.PP + +.SS "void hx509_env_free (hx509_env * env)" +.PP +Free an hx509_env enviroment context. +.PP +\fBParameters:\fP +.RS 4 +\fIenv\fP the enviroment to free. +.RE +.PP + +.SS "const char* hx509_env_lfind (hx509_context context, hx509_env env, const char * key, size_t len)" +.PP +Search the hx509_env for a length based key. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIenv\fP enviroment to add the enviroment variable too. +.br +\fIkey\fP key to search for. +.br +\fIlen\fP length of key. +.RE +.PP +\fBReturns:\fP +.RS 4 +the value if the key is found, NULL otherwise. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_env_add.3 b/doc/doxyout/hx509/man/man3/hx509_env_add.3 new file mode 100644 index 000000000000..cdf891871adf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_env_add.3 @@ -0,0 +1 @@ +.so man3/hx509_env.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_env_add_binding.3 b/doc/doxyout/hx509/man/man3/hx509_env_add_binding.3 new file mode 100644 index 000000000000..cdf891871adf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_env_add_binding.3 @@ -0,0 +1 @@ +.so man3/hx509_env.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_env_find.3 b/doc/doxyout/hx509/man/man3/hx509_env_find.3 new file mode 100644 index 000000000000..cdf891871adf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_env_find.3 @@ -0,0 +1 @@ +.so man3/hx509_env.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_env_find_binding.3 b/doc/doxyout/hx509/man/man3/hx509_env_find_binding.3 new file mode 100644 index 000000000000..cdf891871adf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_env_find_binding.3 @@ -0,0 +1 @@ +.so man3/hx509_env.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_env_free.3 b/doc/doxyout/hx509/man/man3/hx509_env_free.3 new file mode 100644 index 000000000000..cdf891871adf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_env_free.3 @@ -0,0 +1 @@ +.so man3/hx509_env.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_env_lfind.3 b/doc/doxyout/hx509/man/man3/hx509_env_lfind.3 new file mode 100644 index 000000000000..cdf891871adf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_env_lfind.3 @@ -0,0 +1 @@ +.so man3/hx509_env.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_err.3 b/doc/doxyout/hx509/man/man3/hx509_err.3 new file mode 100644 index 000000000000..191f0f0843f0 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_err.3 @@ -0,0 +1 @@ +.so man3/hx509_error.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_error.3 b/doc/doxyout/hx509/man/man3/hx509_error.3 new file mode 100644 index 000000000000..20f544ec431c --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_error.3 @@ -0,0 +1,129 @@ +.TH "hx509 error functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 error functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "void \fBhx509_clear_error_string\fP (hx509_context context)" +.br +.ti -1c +.RI "void \fBhx509_set_error_stringv\fP (hx509_context context, int flags, int code, const char *fmt, va_list ap)" +.br +.ti -1c +.RI "void \fBhx509_set_error_string\fP (hx509_context context, int flags, int code, const char *fmt,...)" +.br +.ti -1c +.RI "char * \fBhx509_get_error_string\fP (hx509_context context, int error_code)" +.br +.ti -1c +.RI "void \fBhx509_free_error_string\fP (char *str)" +.br +.ti -1c +.RI "void \fBhx509_err\fP (hx509_context context, int exit_code, int error_code, const char *fmt,...)" +.br +.in -1c +.SH "Detailed Description" +.PP +See the \fBHx509 error reporting functions\fP for description and examples. +.SH "Function Documentation" +.PP +.SS "void hx509_clear_error_string (hx509_context context)" +.PP +Resets the error strings the hx509 context. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.RE +.PP + +.SS "void hx509_err (hx509_context context, int exit_code, int error_code, const char * fmt, ...)" +.PP +Print error message and fatally exit from error code +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIexit_code\fP exit() code from process. +.br +\fIerror_code\fP Error code for the reason to exit. +.br +\fIfmt\fP format string with the exit message. +.br +\fI...\fP argument to format string. +.RE +.PP + +.SS "void hx509_free_error_string (char * str)" +.PP +Free error string returned by \fBhx509_get_error_string()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIstr\fP error string to free. +.RE +.PP + +.SS "char* hx509_get_error_string (hx509_context context, int error_code)" +.PP +Get an error string from context associated with error_code. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIerror_code\fP Get error message for this error code. +.RE +.PP +\fBReturns:\fP +.RS 4 +error string, free with \fBhx509_free_error_string()\fP. +.RE +.PP + +.SS "void hx509_set_error_string (hx509_context context, int flags, int code, const char * fmt, ...)" +.PP +See \fBhx509_set_error_stringv()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIflags\fP +.IP "\(bu" 2 +HX509_ERROR_APPEND appends the error string to the old messages (code is updated). +.PP +.br +\fIcode\fP error code related to error message +.br +\fIfmt\fP error message format +.br +\fI...\fP arguments to error message format +.RE +.PP + +.SS "void hx509_set_error_stringv (hx509_context context, int flags, int code, const char * fmt, va_list ap)" +.PP +Add an error message to the hx509 context. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIflags\fP +.IP "\(bu" 2 +HX509_ERROR_APPEND appends the error string to the old messages (code is updated). +.PP +.br +\fIcode\fP error code related to error message +.br +\fIfmt\fP error message format +.br +\fIap\fP arguments to error message format +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_free_error_string.3 b/doc/doxyout/hx509/man/man3/hx509_free_error_string.3 new file mode 100644 index 000000000000..191f0f0843f0 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_free_error_string.3 @@ -0,0 +1 @@ +.so man3/hx509_error.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_free_octet_string_list.3 b/doc/doxyout/hx509/man/man3/hx509_free_octet_string_list.3 new file mode 100644 index 000000000000..f58308e8cd15 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_free_octet_string_list.3 @@ -0,0 +1 @@ +.so man3/hx509_misc.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_general_name_unparse.3 b/doc/doxyout/hx509/man/man3/hx509_general_name_unparse.3 new file mode 100644 index 000000000000..926e21e01aaf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_general_name_unparse.3 @@ -0,0 +1 @@ +.so man3/hx509_name.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_get_error_string.3 b/doc/doxyout/hx509/man/man3/hx509_get_error_string.3 new file mode 100644 index 000000000000..191f0f0843f0 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_get_error_string.3 @@ -0,0 +1 @@ +.so man3/hx509_error.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_get_one_cert.3 b/doc/doxyout/hx509/man/man3/hx509_get_one_cert.3 new file mode 100644 index 000000000000..4543cfc8ff9a --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_get_one_cert.3 @@ -0,0 +1 @@ +.so man3/hx509_keyset.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_keyset.3 b/doc/doxyout/hx509/man/man3/hx509_keyset.3 new file mode 100644 index 000000000000..aff48bbd5044 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_keyset.3 @@ -0,0 +1,373 @@ +.TH "hx509 certificate store functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 certificate store functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBhx509_certs_init\fP (hx509_context context, const char *name, int flags, hx509_lock lock, hx509_certs *certs)" +.br +.ti -1c +.RI "int \fBhx509_certs_store\fP (hx509_context context, hx509_certs certs, int flags, hx509_lock lock)" +.br +.ti -1c +.RI "void \fBhx509_certs_free\fP (hx509_certs *certs)" +.br +.ti -1c +.RI "int \fBhx509_certs_start_seq\fP (hx509_context context, hx509_certs certs, hx509_cursor *cursor)" +.br +.ti -1c +.RI "int \fBhx509_certs_next_cert\fP (hx509_context context, hx509_certs certs, hx509_cursor cursor, hx509_cert *cert)" +.br +.ti -1c +.RI "int \fBhx509_certs_end_seq\fP (hx509_context context, hx509_certs certs, hx509_cursor cursor)" +.br +.ti -1c +.RI "int \fBhx509_certs_iter_f\fP (hx509_context context, hx509_certs certs, int(*func)(hx509_context, void *, hx509_cert), void *ctx)" +.br +.ti -1c +.RI "int \fBhx509_ci_print_names\fP (hx509_context context, void *ctx, hx509_cert c)" +.br +.ti -1c +.RI "int \fBhx509_certs_add\fP (hx509_context context, hx509_certs certs, hx509_cert cert)" +.br +.ti -1c +.RI "int \fBhx509_certs_find\fP (hx509_context context, hx509_certs certs, const hx509_query *q, hx509_cert *r)" +.br +.ti -1c +.RI "int \fBhx509_certs_filter\fP (hx509_context context, hx509_certs certs, const hx509_query *q, hx509_certs *result)" +.br +.ti -1c +.RI "int \fBhx509_certs_merge\fP (hx509_context context, hx509_certs to, hx509_certs from)" +.br +.ti -1c +.RI "int \fBhx509_certs_append\fP (hx509_context context, hx509_certs to, hx509_lock lock, const char *name)" +.br +.ti -1c +.RI "int \fBhx509_get_one_cert\fP (hx509_context context, hx509_certs certs, hx509_cert *c)" +.br +.ti -1c +.RI "int \fBhx509_certs_info\fP (hx509_context context, hx509_certs certs, int(*func)(void *, const char *), void *ctx)" +.br +.in -1c +.SH "Detailed Description" +.PP +See the \fBCertificate store operations\fP for description and examples. +.SH "Function Documentation" +.PP +.SS "int hx509_certs_add (hx509_context context, hx509_certs certs, hx509_cert cert)" +.PP +Add a certificate to the certificiate store. +.PP +The receiving keyset certs will either increase reference counter of the cert or make a deep copy, either way, the caller needs to free the cert itself. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcerts\fP certificate store to add the certificate to. +.br +\fIcert\fP certificate to add. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + +.SS "int hx509_certs_append (hx509_context context, hx509_certs to, hx509_lock lock, const char * name)" +.PP +Same a \fBhx509_certs_merge()\fP but use a lock and name to describe the from source. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIto\fP the store to merge into. +.br +\fIlock\fP a lock that unlocks the certificates store, use NULL to select no password/certifictes/prompt lock (see \fBLocking and unlocking certificates and encrypted data.\fP). +.br +\fIname\fP name of the source store +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + +.SS "int hx509_certs_end_seq (hx509_context context, hx509_certs certs, hx509_cursor cursor)" +.PP +End the iteration over certificates. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcerts\fP certificate store to iterate over. +.br +\fIcursor\fP cursor that will keep track of progress, freed. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + +.SS "int hx509_certs_filter (hx509_context context, hx509_certs certs, const hx509_query * q, hx509_certs * result)" +.PP +Filter certificate matching the query. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcerts\fP certificate store to search. +.br +\fIq\fP query allocated with \fBhx509 query functions\fP functions. +.br +\fIresult\fP the filtered certificate store, caller must free with \fBhx509_certs_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + +.PP +Return HX509_CERT_NOT_FOUND if no certificate in certs matched the query. +.SS "int hx509_certs_find (hx509_context context, hx509_certs certs, const hx509_query * q, hx509_cert * r)" +.PP +Find a certificate matching the query. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcerts\fP certificate store to search. +.br +\fIq\fP query allocated with \fBhx509 query functions\fP functions. +.br +\fIr\fP return certificate (or NULL on error), should be freed with \fBhx509_cert_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + +.PP +Return HX509_CERT_NOT_FOUND if no certificate in certs matched the query. +.SS "void hx509_certs_free (hx509_certs * certs)" +.PP +Free a certificate store. +.PP +\fBParameters:\fP +.RS 4 +\fIcerts\fP certificate store to free. +.RE +.PP + +.SS "int hx509_certs_info (hx509_context context, hx509_certs certs, int(*)(void *, const char *) func, void * ctx)" +.PP +Print some info about the certificate store. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcerts\fP certificate store to print information about. +.br +\fIfunc\fP function that will get each line of the information, if NULL is used the data is printed on a FILE descriptor that should be passed in ctx, if ctx also is NULL, stdout is used. +.br +\fIctx\fP parameter to func. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + +.SS "int hx509_certs_init (hx509_context context, const char * name, int flags, hx509_lock lock, hx509_certs * certs)" +.PP +Open or creates a new hx509 certificate store. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context +.br +\fIname\fP name of the store, format is TYPE:type-specific-string, if NULL is used the MEMORY store is used. +.br +\fIflags\fP list of flags: +.IP "\(bu" 2 +HX509_CERTS_CREATE create a new keystore of the specific TYPE. +.IP "\(bu" 2 +HX509_CERTS_UNPROTECT_ALL fails if any private key failed to be extracted. +.PP +.br +\fIlock\fP a lock that unlocks the certificates store, use NULL to select no password/certifictes/prompt lock (see \fBLocking and unlocking certificates and encrypted data.\fP). +.br +\fIcerts\fP return pointer, free with \fBhx509_certs_free()\fP. +.RE +.PP + +.SS "int hx509_certs_iter_f (hx509_context context, hx509_certs certs, int(*)(hx509_context, void *, hx509_cert) func, void * ctx)" +.PP +Iterate over all certificates in a keystore and call an function for each fo them. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcerts\fP certificate store to iterate over. +.br +\fIfunc\fP function to call for each certificate. The function should return non-zero to abort the iteration, that value is passed back to the caller of \fBhx509_certs_iter_f()\fP. +.br +\fIctx\fP context variable that will passed to the function. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + +.SS "int hx509_certs_merge (hx509_context context, hx509_certs to, hx509_certs from)" +.PP +Merge a certificate store into another. The from store is keep intact. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIto\fP the store to merge into. +.br +\fIfrom\fP the store to copy the object from. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + +.SS "int hx509_certs_next_cert (hx509_context context, hx509_certs certs, hx509_cursor cursor, hx509_cert * cert)" +.PP +Get next ceritificate from the certificate keystore pointed out by cursor. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcerts\fP certificate store to iterate over. +.br +\fIcursor\fP cursor that keeps track of progress. +.br +\fIcert\fP return certificate next in store, NULL if the store contains no more certificates. Free with \fBhx509_cert_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + +.SS "int hx509_certs_start_seq (hx509_context context, hx509_certs certs, hx509_cursor * cursor)" +.PP +Start the integration +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcerts\fP certificate store to iterate over +.br +\fIcursor\fP cursor that will keep track of progress, free with \fBhx509_certs_end_seq()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. HX509_UNSUPPORTED_OPERATION is returned if the certificate store doesn't support the iteration operation. +.RE +.PP + +.SS "int hx509_certs_store (hx509_context context, hx509_certs certs, int flags, hx509_lock lock)" +.PP +Write the certificate store to stable storage. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIcerts\fP a certificate store to store. +.br +\fIflags\fP currently unused, use 0. +.br +\fIlock\fP a lock that unlocks the certificates store, use NULL to select no password/certifictes/prompt lock (see \fBLocking and unlocking certificates and encrypted data.\fP). +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. HX509_UNSUPPORTED_OPERATION if the certificate store doesn't support the store operation. +.RE +.PP + +.SS "int hx509_ci_print_names (hx509_context context, void * ctx, hx509_cert c)" +.PP +Iterate over all certificates in a keystore and call an function for each fo them. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcerts\fP certificate store to iterate over. +.br +\fIfunc\fP function to call for each certificate. The function should return non-zero to abort the iteration, that value is passed back to the caller of hx509_certs_iter(). +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. Function to use to \fBhx509_certs_iter_f()\fP as a function argument, the ctx variable to \fBhx509_certs_iter_f()\fP should be a FILE file descriptor. +.RE +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIctx\fP used by \fBhx509_certs_iter_f()\fP. +.br +\fIc\fP a certificate +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + +.SS "int hx509_get_one_cert (hx509_context context, hx509_certs certs, hx509_cert * c)" +.PP +Get one random certificate from the certificate store. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcerts\fP a certificate store to get the certificate from. +.br +\fIc\fP return certificate, should be freed with \fBhx509_cert_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns an hx509 error code. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_lock.3 b/doc/doxyout/hx509/man/man3/hx509_lock.3 new file mode 100644 index 000000000000..07461fd35ec2 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_lock.3 @@ -0,0 +1,5 @@ +.TH "hx509 lock functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 lock functions \- See the \fBLocking and unlocking certificates and encrypted data.\fP for description and examples. diff --git a/doc/doxyout/hx509/man/man3/hx509_misc.3 b/doc/doxyout/hx509/man/man3/hx509_misc.3 new file mode 100644 index 000000000000..4c1fec567edc --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_misc.3 @@ -0,0 +1,40 @@ +.TH "hx509 misc functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 misc functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "void \fBhx509_free_octet_string_list\fP (hx509_octet_string_list *list)" +.br +.ti -1c +.RI "void \fBhx509_xfree\fP (void *ptr)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "void hx509_free_octet_string_list (hx509_octet_string_list * list)" +.PP +Free a list of octet strings returned by another hx509 library function. +.PP +\fBParameters:\fP +.RS 4 +\fIlist\fP list to be freed. +.RE +.PP + +.SS "void hx509_xfree (void * ptr)" +.PP +Free a data element allocated in the library. +.PP +\fBParameters:\fP +.RS 4 +\fIptr\fP data to be freed. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_name.3 b/doc/doxyout/hx509/man/man3/hx509_name.3 new file mode 100644 index 000000000000..141eab0d8057 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_name.3 @@ -0,0 +1,235 @@ +.TH "hx509 name functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 name functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBhx509_name_to_string\fP (const hx509_name name, char **str)" +.br +.ti -1c +.RI "int \fBhx509_name_cmp\fP (hx509_name n1, hx509_name n2)" +.br +.ti -1c +.RI "int \fBhx509_parse_name\fP (hx509_context context, const char *str, hx509_name *name)" +.br +.ti -1c +.RI "int \fBhx509_name_copy\fP (hx509_context context, const hx509_name from, hx509_name *to)" +.br +.ti -1c +.RI "int \fBhx509_name_to_Name\fP (const hx509_name from, Name *to)" +.br +.ti -1c +.RI "int \fBhx509_name_expand\fP (hx509_context context, hx509_name name, hx509_env env)" +.br +.ti -1c +.RI "void \fBhx509_name_free\fP (hx509_name *name)" +.br +.ti -1c +.RI "int \fBhx509_unparse_der_name\fP (const void *data, size_t length, char **str)" +.br +.ti -1c +.RI "int \fBhx509_name_binary\fP (const hx509_name name, heim_octet_string *os)" +.br +.ti -1c +.RI "int \fBhx509_name_is_null_p\fP (const hx509_name name)" +.br +.ti -1c +.RI "int \fBhx509_general_name_unparse\fP (GeneralName *name, char **str)" +.br +.in -1c +.SH "Detailed Description" +.PP +See the \fBPKIX/X.509 Names\fP for description and examples. +.SH "Function Documentation" +.PP +.SS "int hx509_general_name_unparse (GeneralName * name, char ** str)" +.PP +Unparse the hx509 name in name into a string. +.PP +\fBParameters:\fP +.RS 4 +\fIname\fP the name to print +.br +\fIstr\fP an allocated string returns the name in string form +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_name_binary (const hx509_name name, heim_octet_string * os)" +.PP +Convert a hx509_name object to DER encoded name. +.PP +\fBParameters:\fP +.RS 4 +\fIname\fP name to concert +.br +\fIos\fP data to a DER encoded name, free the resulting octet string with hx509_xfree(os->data). +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_name_cmp (hx509_name n1, hx509_name n2)" +.PP +Compare to hx509 name object, useful for sorting. +.PP +\fBParameters:\fP +.RS 4 +\fIn1\fP a hx509 name object. +.br +\fIn2\fP a hx509 name object. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 the objects are the same, returns > 0 is n2 is 'larger' then n2, < 0 if n1 is 'smaller' then n2. +.RE +.PP + +.SS "int hx509_name_copy (hx509_context context, const hx509_name from, hx509_name * to)" +.PP +Copy a hx509 name object. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 cotext. +.br +\fIfrom\fP the name to copy from +.br +\fIto\fP the name to copy to +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_name_expand (hx509_context context, hx509_name name, hx509_env env)" +.PP +Expands variables in the name using env. Variables are on the form ${name}. Useful when dealing with certificate templates. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 cotext. +.br +\fIname\fP the name to expand. +.br +\fIenv\fP environment variable to expand. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.PP +Only UTF8String rdnSequence names are allowed +.SS "void hx509_name_free (hx509_name * name)" +.PP +Free a hx509 name object, upond return *name will be NULL. +.PP +\fBParameters:\fP +.RS 4 +\fIname\fP a hx509 name object to be freed. +.RE +.PP + +.SS "int hx509_name_is_null_p (const hx509_name name)" +.PP +Unparse the hx509 name in name into a string. +.PP +\fBParameters:\fP +.RS 4 +\fIname\fP the name to check if its empty/null. +.RE +.PP +\fBReturns:\fP +.RS 4 +non zero if the name is empty/null. +.RE +.PP + +.SS "int hx509_name_to_Name (const hx509_name from, Name * to)" +.PP +Convert a hx509_name into a Name. +.PP +\fBParameters:\fP +.RS 4 +\fIfrom\fP the name to copy from +.br +\fIto\fP the name to copy to +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_name_to_string (const hx509_name name, char ** str)" +.PP +Convert the hx509 name object into a printable string. The resulting string should be freed with free(). +.PP +\fBParameters:\fP +.RS 4 +\fIname\fP name to print +.br +\fIstr\fP the string to return +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_parse_name (hx509_context context, const char * str, hx509_name * name)" +.PP +Parse a string into a hx509 name object. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIstr\fP a string to parse. +.br +\fIname\fP the resulting object, NULL in case of error. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_unparse_der_name (const void * data, size_t length, char ** str)" +.PP +Convert a DER encoded name info a string. +.PP +\fBParameters:\fP +.RS 4 +\fIdata\fP data to a DER/BER encoded name +.br +\fIlength\fP length of data +.br +\fIstr\fP the resulting string, is NULL on failure. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_name_binary.3 b/doc/doxyout/hx509/man/man3/hx509_name_binary.3 new file mode 100644 index 000000000000..926e21e01aaf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_name_binary.3 @@ -0,0 +1 @@ +.so man3/hx509_name.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_name_cmp.3 b/doc/doxyout/hx509/man/man3/hx509_name_cmp.3 new file mode 100644 index 000000000000..926e21e01aaf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_name_cmp.3 @@ -0,0 +1 @@ +.so man3/hx509_name.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_name_copy.3 b/doc/doxyout/hx509/man/man3/hx509_name_copy.3 new file mode 100644 index 000000000000..926e21e01aaf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_name_copy.3 @@ -0,0 +1 @@ +.so man3/hx509_name.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_name_expand.3 b/doc/doxyout/hx509/man/man3/hx509_name_expand.3 new file mode 100644 index 000000000000..926e21e01aaf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_name_expand.3 @@ -0,0 +1 @@ +.so man3/hx509_name.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_name_free.3 b/doc/doxyout/hx509/man/man3/hx509_name_free.3 new file mode 100644 index 000000000000..926e21e01aaf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_name_free.3 @@ -0,0 +1 @@ +.so man3/hx509_name.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_name_is_null_p.3 b/doc/doxyout/hx509/man/man3/hx509_name_is_null_p.3 new file mode 100644 index 000000000000..926e21e01aaf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_name_is_null_p.3 @@ -0,0 +1 @@ +.so man3/hx509_name.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_name_to_Name.3 b/doc/doxyout/hx509/man/man3/hx509_name_to_Name.3 new file mode 100644 index 000000000000..926e21e01aaf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_name_to_Name.3 @@ -0,0 +1 @@ +.so man3/hx509_name.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_name_to_string.3 b/doc/doxyout/hx509/man/man3/hx509_name_to_string.3 new file mode 100644 index 000000000000..926e21e01aaf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_name_to_string.3 @@ -0,0 +1 @@ +.so man3/hx509_name.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ocsp_request.3 b/doc/doxyout/hx509/man/man3/hx509_ocsp_request.3 new file mode 100644 index 000000000000..d7d6ccf0d939 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ocsp_request.3 @@ -0,0 +1 @@ +.so man3/hx509_revoke.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_ocsp_verify.3 b/doc/doxyout/hx509/man/man3/hx509_ocsp_verify.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_ocsp_verify.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_oid_print.3 b/doc/doxyout/hx509/man/man3/hx509_oid_print.3 new file mode 100644 index 000000000000..2577d70ee906 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_oid_print.3 @@ -0,0 +1 @@ +.so man3/hx509_print.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_oid_sprint.3 b/doc/doxyout/hx509/man/man3/hx509_oid_sprint.3 new file mode 100644 index 000000000000..2577d70ee906 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_oid_sprint.3 @@ -0,0 +1 @@ +.so man3/hx509_print.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_parse_name.3 b/doc/doxyout/hx509/man/man3/hx509_parse_name.3 new file mode 100644 index 000000000000..926e21e01aaf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_parse_name.3 @@ -0,0 +1 @@ +.so man3/hx509_name.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_peer.3 b/doc/doxyout/hx509/man/man3/hx509_peer.3 new file mode 100644 index 000000000000..3132594ba50f --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_peer.3 @@ -0,0 +1,113 @@ +.TH "hx509 certificate selecting functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 certificate selecting functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBhx509_peer_info_alloc\fP (hx509_context context, hx509_peer_info *peer)" +.br +.ti -1c +.RI "void \fBhx509_peer_info_free\fP (hx509_peer_info peer)" +.br +.ti -1c +.RI "int \fBhx509_peer_info_set_cert\fP (hx509_peer_info peer, hx509_cert cert)" +.br +.ti -1c +.RI "int \fBhx509_peer_info_add_cms_alg\fP (hx509_context context, hx509_peer_info peer, const AlgorithmIdentifier *val)" +.br +.ti -1c +.RI "int \fBhx509_peer_info_set_cms_algs\fP (hx509_context context, hx509_peer_info peer, const AlgorithmIdentifier *val, size_t len)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "int hx509_peer_info_add_cms_alg (hx509_context context, hx509_peer_info peer, const AlgorithmIdentifier * val)" +.PP +Add an additional algorithm that the peer supports. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIpeer\fP the peer to set the new algorithms for +.br +\fIval\fP an AlgorithmsIdentier to add +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_peer_info_alloc (hx509_context context, hx509_peer_info * peer)" +.PP +Allocate a new peer info structure an init it to default values. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIpeer\fP return an allocated peer, free with \fBhx509_peer_info_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_peer_info_free (hx509_peer_info peer)" +.PP +Free a peer info structure. +.PP +\fBParameters:\fP +.RS 4 +\fIpeer\fP peer info to be freed. +.RE +.PP + +.SS "int hx509_peer_info_set_cert (hx509_peer_info peer, hx509_cert cert)" +.PP +Set the certificate that remote peer is using. +.PP +\fBParameters:\fP +.RS 4 +\fIpeer\fP peer info to update +.br +\fIcert\fP cerificate of the remote peer. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_peer_info_set_cms_algs (hx509_context context, hx509_peer_info peer, const AlgorithmIdentifier * val, size_t len)" +.PP +Set the algorithms that the peer supports. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIpeer\fP the peer to set the new algorithms for +.br +\fIval\fP array of supported AlgorithmsIdentiers +.br +\fIlen\fP length of array val. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_peer_info_add_cms_alg.3 b/doc/doxyout/hx509/man/man3/hx509_peer_info_add_cms_alg.3 new file mode 100644 index 000000000000..b6a9f0fae0b9 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_peer_info_add_cms_alg.3 @@ -0,0 +1 @@ +.so man3/hx509_peer.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_peer_info_alloc.3 b/doc/doxyout/hx509/man/man3/hx509_peer_info_alloc.3 new file mode 100644 index 000000000000..b6a9f0fae0b9 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_peer_info_alloc.3 @@ -0,0 +1 @@ +.so man3/hx509_peer.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_peer_info_free.3 b/doc/doxyout/hx509/man/man3/hx509_peer_info_free.3 new file mode 100644 index 000000000000..b6a9f0fae0b9 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_peer_info_free.3 @@ -0,0 +1 @@ +.so man3/hx509_peer.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_peer_info_set_cert.3 b/doc/doxyout/hx509/man/man3/hx509_peer_info_set_cert.3 new file mode 100644 index 000000000000..b6a9f0fae0b9 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_peer_info_set_cert.3 @@ -0,0 +1 @@ +.so man3/hx509_peer.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_peer_info_set_cms_algs.3 b/doc/doxyout/hx509/man/man3/hx509_peer_info_set_cms_algs.3 new file mode 100644 index 000000000000..b6a9f0fae0b9 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_peer_info_set_cms_algs.3 @@ -0,0 +1 @@ +.so man3/hx509_peer.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_print.3 b/doc/doxyout/hx509/man/man3/hx509_print.3 new file mode 100644 index 000000000000..e615502bb477 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_print.3 @@ -0,0 +1,211 @@ +.TH "hx509 printing functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 printing functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "void \fBhx509_print_stdout\fP (void *ctx, const char *fmt, va_list va)" +.br +.ti -1c +.RI "int \fBhx509_oid_sprint\fP (const heim_oid *oid, char **str)" +.br +.ti -1c +.RI "void \fBhx509_oid_print\fP (const heim_oid *oid, hx509_vprint_func func, void *ctx)" +.br +.ti -1c +.RI "void \fBhx509_bitstring_print\fP (const heim_bit_string *b, hx509_vprint_func func, void *ctx)" +.br +.ti -1c +.RI "int \fBhx509_cert_keyusage_print\fP (hx509_context context, hx509_cert c, char **s)" +.br +.ti -1c +.RI "int \fBhx509_validate_ctx_init\fP (hx509_context context, hx509_validate_ctx *ctx)" +.br +.ti -1c +.RI "void \fBhx509_validate_ctx_set_print\fP (hx509_validate_ctx ctx, hx509_vprint_func func, void *c)" +.br +.ti -1c +.RI "void \fBhx509_validate_ctx_add_flags\fP (hx509_validate_ctx ctx, int flags)" +.br +.ti -1c +.RI "void \fBhx509_validate_ctx_free\fP (hx509_validate_ctx ctx)" +.br +.ti -1c +.RI "int \fBhx509_validate_cert\fP (hx509_context context, hx509_validate_ctx ctx, hx509_cert cert)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "void hx509_bitstring_print (const heim_bit_string * b, hx509_vprint_func func, void * ctx)" +.PP +Print a bitstring using a hx509_vprint_func function. To print to stdout use \fBhx509_print_stdout()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIb\fP bit string to print. +.br +\fIfunc\fP hx509_vprint_func to print with. +.br +\fIctx\fP context variable to hx509_vprint_func function. +.RE +.PP + +.SS "int hx509_cert_keyusage_print (hx509_context context, hx509_cert c, char ** s)" +.PP +Print certificate usage for a certificate to a string. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIc\fP a certificate print the keyusage for. +.br +\fIs\fP the return string with the keysage printed in to, free with \fBhx509_xfree()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_oid_print (const heim_oid * oid, hx509_vprint_func func, void * ctx)" +.PP +Print a oid using a hx509_vprint_func function. To print to stdout use \fBhx509_print_stdout()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIoid\fP oid to print +.br +\fIfunc\fP hx509_vprint_func to print with. +.br +\fIctx\fP context variable to hx509_vprint_func function. +.RE +.PP + +.SS "int hx509_oid_sprint (const heim_oid * oid, char ** str)" +.PP +Print a oid to a string. +.PP +\fBParameters:\fP +.RS 4 +\fIoid\fP oid to print +.br +\fIstr\fP allocated string, free with \fBhx509_xfree()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_print_stdout (void * ctx, const char * fmt, va_list va)" +.PP +Helper function to print on stdout for: +.IP "\(bu" 2 +\fBhx509_oid_print()\fP, +.IP "\(bu" 2 +\fBhx509_bitstring_print()\fP, +.IP "\(bu" 2 +\fBhx509_validate_ctx_set_print()\fP. +.PP +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the context to the print function. If the ctx is NULL, stdout is used. +.br +\fIfmt\fP the printing format. +.br +\fIva\fP the argumet list. +.RE +.PP + +.SS "int hx509_validate_cert (hx509_context context, hx509_validate_ctx ctx, hx509_cert cert)" +.PP +Validate/Print the status of the certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIctx\fP A hx509 validation context. +.br +\fIcert\fP the cerificate to validate/print. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_validate_ctx_add_flags (hx509_validate_ctx ctx, int flags)" +.PP +Add flags to control the behaivor of the \fBhx509_validate_cert()\fP function. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP A hx509 validation context. +.br +\fIflags\fP flags to add to the validation context. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_validate_ctx_free (hx509_validate_ctx ctx)" +.PP +Free an hx509 validate context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the hx509 validate context to free. +.RE +.PP + +.SS "int hx509_validate_ctx_init (hx509_context context, hx509_validate_ctx * ctx)" +.PP +Allocate a hx509 validation/printing context. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIctx\fP a new allocated hx509 validation context, free with \fBhx509_validate_ctx_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_validate_ctx_set_print (hx509_validate_ctx ctx, hx509_vprint_func func, void * c)" +.PP +Set the printing functions for the validation context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP a hx509 valication context. +.br +\fIfunc\fP the printing function to usea. +.br +\fIc\fP the context variable to the printing function. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_print_cert.3 b/doc/doxyout/hx509/man/man3/hx509_print_cert.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_print_cert.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_print_stdout.3 b/doc/doxyout/hx509/man/man3/hx509_print_stdout.3 new file mode 100644 index 000000000000..2577d70ee906 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_print_stdout.3 @@ -0,0 +1 @@ +.so man3/hx509_print.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_query.3 b/doc/doxyout/hx509/man/man3/hx509_query.3 new file mode 100644 index 000000000000..1cba6304302f --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_query.3 @@ -0,0 +1,5 @@ +.TH "hx509 query functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 query functions \- diff --git a/doc/doxyout/hx509/man/man3/hx509_query_alloc.3 b/doc/doxyout/hx509/man/man3/hx509_query_alloc.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_query_alloc.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_query_free.3 b/doc/doxyout/hx509/man/man3/hx509_query_free.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_query_free.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_query_match_cmp_func.3 b/doc/doxyout/hx509/man/man3/hx509_query_match_cmp_func.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_query_match_cmp_func.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_query_match_eku.3 b/doc/doxyout/hx509/man/man3/hx509_query_match_eku.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_query_match_eku.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_query_match_friendly_name.3 b/doc/doxyout/hx509/man/man3/hx509_query_match_friendly_name.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_query_match_friendly_name.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_query_match_issuer_serial.3 b/doc/doxyout/hx509/man/man3/hx509_query_match_issuer_serial.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_query_match_issuer_serial.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_query_match_option.3 b/doc/doxyout/hx509/man/man3/hx509_query_match_option.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_query_match_option.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_query_statistic_file.3 b/doc/doxyout/hx509/man/man3/hx509_query_statistic_file.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_query_statistic_file.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_query_unparse_stats.3 b/doc/doxyout/hx509/man/man3/hx509_query_unparse_stats.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_query_unparse_stats.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_revoke.3 b/doc/doxyout/hx509/man/man3/hx509_revoke.3 new file mode 100644 index 000000000000..7f18739e7ab3 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_revoke.3 @@ -0,0 +1,171 @@ +.TH "hx509 revokation checking functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 revokation checking functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBhx509_revoke_init\fP (hx509_context context, hx509_revoke_ctx *ctx)" +.br +.ti -1c +.RI "void \fBhx509_revoke_free\fP (hx509_revoke_ctx *ctx)" +.br +.ti -1c +.RI "int \fBhx509_revoke_add_ocsp\fP (hx509_context context, hx509_revoke_ctx ctx, const char *path)" +.br +.ti -1c +.RI "int \fBhx509_revoke_add_crl\fP (hx509_context context, hx509_revoke_ctx ctx, const char *path)" +.br +.ti -1c +.RI "int \fBhx509_revoke_verify\fP (hx509_context context, hx509_revoke_ctx ctx, hx509_certs certs, time_t now, hx509_cert cert, hx509_cert parent_cert)" +.br +.ti -1c +.RI "int \fBhx509_ocsp_request\fP (hx509_context context, hx509_certs reqcerts, hx509_certs pool, hx509_cert signer, const AlgorithmIdentifier *digest, heim_octet_string *request, heim_octet_string *nonce)" +.br +.ti -1c +.RI "int \fBhx509_revoke_ocsp_print\fP (hx509_context context, const char *path, FILE *out)" +.br +.in -1c +.SH "Detailed Description" +.PP +See the \fBRevocation methods\fP for description and examples. +.SH "Function Documentation" +.PP +.SS "int hx509_ocsp_request (hx509_context context, hx509_certs reqcerts, hx509_certs pool, hx509_cert signer, const AlgorithmIdentifier * digest, heim_octet_string * request, heim_octet_string * nonce)" +.PP +Create an OCSP request for a set of certificates. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context +.br +\fIreqcerts\fP list of certificates to request ocsp data for +.br +\fIpool\fP certificate pool to use when signing +.br +\fIsigner\fP certificate to use to sign the request +.br +\fIdigest\fP the signing algorithm in the request, if NULL use the default signature algorithm, +.br +\fIrequest\fP the encoded request, free with free_heim_octet_string(). +.br +\fInonce\fP nonce in the request, free with free_heim_octet_string(). +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_revoke_add_crl (hx509_context context, hx509_revoke_ctx ctx, const char * path)" +.PP +Add a CRL file to the revokation context. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP hx509 context +.br +\fIctx\fP hx509 revokation context +.br +\fIpath\fP path to file that is going to be added to the context. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_revoke_add_ocsp (hx509_context context, hx509_revoke_ctx ctx, const char * path)" +.PP +Add a OCSP file to the revokation context. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP hx509 context +.br +\fIctx\fP hx509 revokation context +.br +\fIpath\fP path to file that is going to be added to the context. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_revoke_free (hx509_revoke_ctx * ctx)" +.PP +Free a hx509 revokation context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP context to be freed +.RE +.PP + +.SS "int hx509_revoke_init (hx509_context context, hx509_revoke_ctx * ctx)" +.PP +Allocate a revokation context. Free with \fBhx509_revoke_free()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIctx\fP returns a newly allocated revokation context. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_revoke_ocsp_print (hx509_context context, const char * path, FILE * out)" +.PP +Print the OCSP reply stored in a file. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context +.br +\fIpath\fP path to a file with a OCSP reply +.br +\fIout\fP the out FILE descriptor to print the reply on +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_revoke_verify (hx509_context context, hx509_revoke_ctx ctx, hx509_certs certs, time_t now, hx509_cert cert, hx509_cert parent_cert)" +.PP +Check that a certificate is not expired according to a revokation context. Also need the parent certificte to the check OCSP parent identifier. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP hx509 context +.br +\fIctx\fP hx509 revokation context +.br +\fIcerts\fP +.br +\fInow\fP +.br +\fIcert\fP +.br +\fIparent_cert\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_revoke_add_crl.3 b/doc/doxyout/hx509/man/man3/hx509_revoke_add_crl.3 new file mode 100644 index 000000000000..d7d6ccf0d939 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_revoke_add_crl.3 @@ -0,0 +1 @@ +.so man3/hx509_revoke.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_revoke_add_ocsp.3 b/doc/doxyout/hx509/man/man3/hx509_revoke_add_ocsp.3 new file mode 100644 index 000000000000..d7d6ccf0d939 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_revoke_add_ocsp.3 @@ -0,0 +1 @@ +.so man3/hx509_revoke.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_revoke_free.3 b/doc/doxyout/hx509/man/man3/hx509_revoke_free.3 new file mode 100644 index 000000000000..d7d6ccf0d939 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_revoke_free.3 @@ -0,0 +1 @@ +.so man3/hx509_revoke.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_revoke_init.3 b/doc/doxyout/hx509/man/man3/hx509_revoke_init.3 new file mode 100644 index 000000000000..d7d6ccf0d939 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_revoke_init.3 @@ -0,0 +1 @@ +.so man3/hx509_revoke.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_revoke_ocsp_print.3 b/doc/doxyout/hx509/man/man3/hx509_revoke_ocsp_print.3 new file mode 100644 index 000000000000..d7d6ccf0d939 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_revoke_ocsp_print.3 @@ -0,0 +1 @@ +.so man3/hx509_revoke.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_revoke_verify.3 b/doc/doxyout/hx509/man/man3/hx509_revoke_verify.3 new file mode 100644 index 000000000000..d7d6ccf0d939 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_revoke_verify.3 @@ -0,0 +1 @@ +.so man3/hx509_revoke.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_set_error_string.3 b/doc/doxyout/hx509/man/man3/hx509_set_error_string.3 new file mode 100644 index 000000000000..191f0f0843f0 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_set_error_string.3 @@ -0,0 +1 @@ +.so man3/hx509_error.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_set_error_stringv.3 b/doc/doxyout/hx509/man/man3/hx509_set_error_stringv.3 new file mode 100644 index 000000000000..191f0f0843f0 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_set_error_stringv.3 @@ -0,0 +1 @@ +.so man3/hx509_error.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_unparse_der_name.3 b/doc/doxyout/hx509/man/man3/hx509_unparse_der_name.3 new file mode 100644 index 000000000000..926e21e01aaf --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_unparse_der_name.3 @@ -0,0 +1 @@ +.so man3/hx509_name.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_validate_cert.3 b/doc/doxyout/hx509/man/man3/hx509_validate_cert.3 new file mode 100644 index 000000000000..2577d70ee906 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_validate_cert.3 @@ -0,0 +1 @@ +.so man3/hx509_print.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_validate_ctx_add_flags.3 b/doc/doxyout/hx509/man/man3/hx509_validate_ctx_add_flags.3 new file mode 100644 index 000000000000..2577d70ee906 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_validate_ctx_add_flags.3 @@ -0,0 +1 @@ +.so man3/hx509_print.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_validate_ctx_free.3 b/doc/doxyout/hx509/man/man3/hx509_validate_ctx_free.3 new file mode 100644 index 000000000000..2577d70ee906 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_validate_ctx_free.3 @@ -0,0 +1 @@ +.so man3/hx509_print.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_validate_ctx_init.3 b/doc/doxyout/hx509/man/man3/hx509_validate_ctx_init.3 new file mode 100644 index 000000000000..2577d70ee906 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_validate_ctx_init.3 @@ -0,0 +1 @@ +.so man3/hx509_print.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_validate_ctx_set_print.3 b/doc/doxyout/hx509/man/man3/hx509_validate_ctx_set_print.3 new file mode 100644 index 000000000000..2577d70ee906 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_validate_ctx_set_print.3 @@ -0,0 +1 @@ +.so man3/hx509_print.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_verify.3 b/doc/doxyout/hx509/man/man3/hx509_verify.3 new file mode 100644 index 000000000000..a9fe40ddae48 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify.3 @@ -0,0 +1,309 @@ +.TH "hx509 verification functions" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +hx509 verification functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "void \fBhx509_context_set_missing_revoke\fP (hx509_context context, int flag)" +.br +.ti -1c +.RI "int \fBhx509_verify_init_ctx\fP (hx509_context context, hx509_verify_ctx *ctx)" +.br +.ti -1c +.RI "void \fBhx509_verify_destroy_ctx\fP (hx509_verify_ctx ctx)" +.br +.ti -1c +.RI "void \fBhx509_verify_attach_anchors\fP (hx509_verify_ctx ctx, hx509_certs set)" +.br +.ti -1c +.RI "void \fBhx509_verify_attach_revoke\fP (hx509_verify_ctx ctx, hx509_revoke_ctx revoke_ctx)" +.br +.ti -1c +.RI "void \fBhx509_verify_set_time\fP (hx509_verify_ctx ctx, time_t t)" +.br +.ti -1c +.RI "void \fBhx509_verify_set_max_depth\fP (hx509_verify_ctx ctx, unsigned int max_depth)" +.br +.ti -1c +.RI "void \fBhx509_verify_set_proxy_certificate\fP (hx509_verify_ctx ctx, int boolean)" +.br +.ti -1c +.RI "void \fBhx509_verify_set_strict_rfc3280_verification\fP (hx509_verify_ctx ctx, int boolean)" +.br +.ti -1c +.RI "int \fBhx509_verify_path\fP (hx509_context context, hx509_verify_ctx ctx, hx509_cert cert, hx509_certs pool)" +.br +.ti -1c +.RI "int \fBhx509_ocsp_verify\fP (hx509_context context, time_t now, hx509_cert cert, int flags, const void *data, size_t length, time_t *expiration)" +.br +.ti -1c +.RI "int \fBhx509_crl_alloc\fP (hx509_context context, hx509_crl *crl)" +.br +.ti -1c +.RI "int \fBhx509_crl_add_revoked_certs\fP (hx509_context context, hx509_crl crl, hx509_certs certs)" +.br +.ti -1c +.RI "int \fBhx509_crl_lifetime\fP (hx509_context context, hx509_crl crl, int delta)" +.br +.ti -1c +.RI "void \fBhx509_crl_free\fP (hx509_context context, hx509_crl *crl)" +.br +.ti -1c +.RI "int \fBhx509_crl_sign\fP (hx509_context context, hx509_cert signer, hx509_crl crl, heim_octet_string *os)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "void hx509_context_set_missing_revoke (hx509_context context, int flag)" +.PP +Selects if the \fBhx509_revoke_verify()\fP function is going to require the existans of a revokation method (OCSP, CRL) or not. Note that \fBhx509_verify_path()\fP, \fBhx509_cms_verify_signed()\fP, and other function call \fBhx509_revoke_verify()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP hx509 context to change the flag for. +.br +\fIflag\fP zero, revokation method required, non zero missing revokation method ok +.RE +.PP + +.SS "int hx509_crl_add_revoked_certs (hx509_context context, hx509_crl crl, hx509_certs certs)" +.PP +Add revoked certificate to an CRL context. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcrl\fP the CRL to add the revoked certificate to. +.br +\fIcerts\fP keyset of certificate to revoke. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_crl_alloc (hx509_context context, hx509_crl * crl)" +.PP +Create a CRL context. Use \fBhx509_crl_free()\fP to free the CRL context. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcrl\fP return pointer to a newly allocated CRL context. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_crl_free (hx509_context context, hx509_crl * crl)" +.PP +Free a CRL context. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcrl\fP a CRL context to free. +.RE +.PP + +.SS "int hx509_crl_lifetime (hx509_context context, hx509_crl crl, int delta)" +.PP +Set the lifetime of a CRL context. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIcrl\fP a CRL context +.br +\fIdelta\fP delta time the certificate is valid, library adds the current time to this. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_crl_sign (hx509_context context, hx509_cert signer, hx509_crl crl, heim_octet_string * os)" +.PP +Sign a CRL and return an encode certificate. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context. +.br +\fIsigner\fP certificate to sign the CRL with +.br +\fIcrl\fP the CRL to sign +.br +\fIos\fP return the signed and encoded CRL, free with free_heim_octet_string() +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_ocsp_verify (hx509_context context, time_t now, hx509_cert cert, int flags, const void * data, size_t length, time_t * expiration)" +.PP +Verify that the certificate is part of the OCSP reply and it's not expired. Doesn't verify signature the OCSP reply or it's done by a authorized sender, that is assumed to be already done. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a hx509 context +.br +\fInow\fP the time right now, if 0, use the current time. +.br +\fIcert\fP the certificate to verify +.br +\fIflags\fP flags control the behavior +.br +\fIdata\fP pointer to the encode ocsp reply +.br +\fIlength\fP the length of the encode ocsp reply +.br +\fIexpiration\fP return the time the OCSP will expire and need to be rechecked. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_verify_attach_anchors (hx509_verify_ctx ctx, hx509_certs set)" +.PP +Set the trust anchors in the verification context, makes an reference to the keyset, so the consumer can free the keyset independent of the destruction of the verification context (ctx). If there already is a keyset attached, it's released. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP a verification context +.br +\fIset\fP a keyset containing the trust anchors. +.RE +.PP + +.SS "void hx509_verify_attach_revoke (hx509_verify_ctx ctx, hx509_revoke_ctx revoke_ctx)" +.PP +Attach an revocation context to the verfication context, , makes an reference to the revoke context, so the consumer can free the revoke context independent of the destruction of the verification context. If there is no revoke context, the verification process is NOT going to check any verification status. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP a verification context. +.br +\fIrevoke_ctx\fP a revoke context. +.RE +.PP + +.SS "void hx509_verify_destroy_ctx (hx509_verify_ctx ctx)" +.PP +Free an hx509 verification context. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP the context to be freed. +.RE +.PP + +.SS "int hx509_verify_init_ctx (hx509_context context, hx509_verify_ctx * ctx)" +.PP +Allocate an verification context that is used fo control the verification process. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIctx\fP returns a pointer to a hx509_verify_ctx object. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "int hx509_verify_path (hx509_context context, hx509_verify_ctx ctx, hx509_cert cert, hx509_certs pool)" +.PP +Build and verify the path for the certificate to the trust anchor specified in the verify context. The path is constructed from the certificate, the pool and the trust anchors. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A hx509 context. +.br +\fIctx\fP A hx509 verification context. +.br +\fIcert\fP the certificate to build the path from. +.br +\fIpool\fP A keyset of certificates to build the chain from. +.RE +.PP +\fBReturns:\fP +.RS 4 +An hx509 error code, see \fBhx509_get_error_string()\fP. +.RE +.PP + +.SS "void hx509_verify_set_max_depth (hx509_verify_ctx ctx, unsigned int max_depth)" +.PP +Set the maximum depth of the certificate chain that the path builder is going to try. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP a verification context +.br +\fImax_depth\fP maxium depth of the certificate chain, include trust anchor. +.RE +.PP + +.SS "void hx509_verify_set_proxy_certificate (hx509_verify_ctx ctx, int boolean)" +.PP +Allow or deny the use of proxy certificates +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP a verification context +.br +\fIboolean\fP if non zero, allow proxy certificates. +.RE +.PP + +.SS "void hx509_verify_set_strict_rfc3280_verification (hx509_verify_ctx ctx, int boolean)" +.PP +Select strict RFC3280 verification of certificiates. This means checking key usage on CA certificates, this will make version 1 certificiates unuseable. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP a verification context +.br +\fIboolean\fP if non zero, use strict verification. +.RE +.PP + +.SS "void hx509_verify_set_time (hx509_verify_ctx ctx, time_t t)" +.PP +Set the clock time the the verification process is going to use. Used to check certificate in the past and future time. If not set the current time will be used. +.PP +\fBParameters:\fP +.RS 4 +\fIctx\fP a verification context. +.br +\fIt\fP the time the verifiation is using. +.RE +.PP + diff --git a/doc/doxyout/hx509/man/man3/hx509_verify_attach_anchors.3 b/doc/doxyout/hx509/man/man3/hx509_verify_attach_anchors.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify_attach_anchors.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_verify_attach_revoke.3 b/doc/doxyout/hx509/man/man3/hx509_verify_attach_revoke.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify_attach_revoke.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_verify_ctx_f_allow_default_trustanchors.3 b/doc/doxyout/hx509/man/man3/hx509_verify_ctx_f_allow_default_trustanchors.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify_ctx_f_allow_default_trustanchors.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_verify_destroy_ctx.3 b/doc/doxyout/hx509/man/man3/hx509_verify_destroy_ctx.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify_destroy_ctx.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_verify_hostname.3 b/doc/doxyout/hx509/man/man3/hx509_verify_hostname.3 new file mode 100644 index 000000000000..d65a4b6b4f63 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify_hostname.3 @@ -0,0 +1 @@ +.so man3/hx509_cert.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_verify_init_ctx.3 b/doc/doxyout/hx509/man/man3/hx509_verify_init_ctx.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify_init_ctx.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_verify_path.3 b/doc/doxyout/hx509/man/man3/hx509_verify_path.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify_path.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_verify_set_max_depth.3 b/doc/doxyout/hx509/man/man3/hx509_verify_set_max_depth.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify_set_max_depth.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_verify_set_proxy_certificate.3 b/doc/doxyout/hx509/man/man3/hx509_verify_set_proxy_certificate.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify_set_proxy_certificate.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_verify_set_strict_rfc3280_verification.3 b/doc/doxyout/hx509/man/man3/hx509_verify_set_strict_rfc3280_verification.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify_set_strict_rfc3280_verification.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_verify_set_time.3 b/doc/doxyout/hx509/man/man3/hx509_verify_set_time.3 new file mode 100644 index 000000000000..e52f771b5297 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify_set_time.3 @@ -0,0 +1 @@ +.so man3/hx509_verify.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_verify_signature.3 b/doc/doxyout/hx509/man/man3/hx509_verify_signature.3 new file mode 100644 index 000000000000..67b1f7fa6ea6 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_verify_signature.3 @@ -0,0 +1 @@ +.so man3/hx509_crypto.3 diff --git a/doc/doxyout/hx509/man/man3/hx509_xfree.3 b/doc/doxyout/hx509/man/man3/hx509_xfree.3 new file mode 100644 index 000000000000..f58308e8cd15 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/hx509_xfree.3 @@ -0,0 +1 @@ +.so man3/hx509_misc.3 diff --git a/doc/doxyout/hx509/man/man3/page_ca.3 b/doc/doxyout/hx509/man/man3/page_ca.3 new file mode 100644 index 000000000000..98401fb6ca57 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/page_ca.3 @@ -0,0 +1,6 @@ +.TH "page_ca" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_ca \- Hx509 CA functions +See the library functions here: \fBhx509 CA functions\fP diff --git a/doc/doxyout/hx509/man/man3/page_cert.3 b/doc/doxyout/hx509/man/man3/page_cert.3 new file mode 100644 index 000000000000..412edb3c0840 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/page_cert.3 @@ -0,0 +1,10 @@ +.TH "page_cert" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_cert \- The basic certificate +The basic hx509 cerificate object in hx509 is hx509_cert. The hx509_cert object is representing one X509/PKIX certificate and associated attributes; like private key, friendly name, etc. +.PP +A hx509_cert object is usully found via the keyset interfaces (\fBCertificate store operations\fP), but its also possible to create a certificate directly from a parsed object with \fBhx509_cert_init()\fP and \fBhx509_cert_init_data()\fP. +.PP +See the library functions here: \fBhx509 certificate functions\fP diff --git a/doc/doxyout/hx509/man/man3/page_cms.3 b/doc/doxyout/hx509/man/man3/page_cms.3 new file mode 100644 index 000000000000..bd19fc53c2a2 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/page_cms.3 @@ -0,0 +1,18 @@ +.TH "page_cms" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_cms \- CMS/PKCS7 message functions. +CMS is defined in RFC 3369 and is an continuation of the RSA Labs standard PKCS7. The basic messages in CMS is +.PP +.IP "\(bu" 2 +SignedData Data signed with private key (RSA, DSA, ECDSA) or secret (symmetric) key +.IP "\(bu" 2 +EnvelopedData Data encrypted with private key (RSA) +.IP "\(bu" 2 +EncryptedData Data encrypted with secret (symmetric) key. +.IP "\(bu" 2 +ContentInfo Wrapper structure including type and data. +.PP +.PP +See the library functions here: \fBhx509 CMS/pkcs7 functions\fP diff --git a/doc/doxyout/hx509/man/man3/page_env.3 b/doc/doxyout/hx509/man/man3/page_env.3 new file mode 100644 index 000000000000..8aff024935f2 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/page_env.3 @@ -0,0 +1,6 @@ +.TH "page_env" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_env \- Hx509 enviroment functions +See the library functions here: \fBhx509 enviroment functions\fP diff --git a/doc/doxyout/hx509/man/man3/page_error.3 b/doc/doxyout/hx509/man/man3/page_error.3 new file mode 100644 index 000000000000..5407c406bff7 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/page_error.3 @@ -0,0 +1,6 @@ +.TH "page_error" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_error \- Hx509 error reporting functions +See the library functions here: \fBhx509 error functions\fP diff --git a/doc/doxyout/hx509/man/man3/page_keyset.3 b/doc/doxyout/hx509/man/man3/page_keyset.3 new file mode 100644 index 000000000000..f0ea3a617f4c --- /dev/null +++ b/doc/doxyout/hx509/man/man3/page_keyset.3 @@ -0,0 +1,25 @@ +.TH "page_keyset" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_keyset \- Certificate store operations +Type of certificates store: +.IP "\(bu" 2 +MEMORY In memory based format. Doesnt support storing. +.IP "\(bu" 2 +FILE FILE supports raw DER certicates and PEM certicates. When PEM is used the file can contain may certificates and match private keys. Support storing the certificates. DER format only supports on certificate and no private key. +.IP "\(bu" 2 +PEM-FILE Same as FILE, defaulting to PEM encoded certificates. +.IP "\(bu" 2 +PEM-FILE Same as FILE, defaulting to DER encoded certificates. +.IP "\(bu" 2 +PKCS11 +.IP "\(bu" 2 +PKCS12 +.IP "\(bu" 2 +DIR +.IP "\(bu" 2 +KEYCHAIN Apple Mac OS X KeyChain backed keychain object. +.PP +.PP +See the library functions here: \fBhx509 certificate store functions\fP diff --git a/doc/doxyout/hx509/man/man3/page_lock.3 b/doc/doxyout/hx509/man/man3/page_lock.3 new file mode 100644 index 000000000000..95b30d4e6c10 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/page_lock.3 @@ -0,0 +1,6 @@ +.TH "page_lock" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_lock \- Locking and unlocking certificates and encrypted data. +See the library functions here: \fBhx509 lock functions\fP diff --git a/doc/doxyout/hx509/man/man3/page_name.3 b/doc/doxyout/hx509/man/man3/page_name.3 new file mode 100644 index 000000000000..e0cd007b07fb --- /dev/null +++ b/doc/doxyout/hx509/man/man3/page_name.3 @@ -0,0 +1,18 @@ +.TH "page_name" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_name \- PKIX/X.509 Names +There are several names in PKIX/X.509, GeneralName and Name. +.PP +A Name consists of an ordered list of Relative Distinguished Names (RDN). Each RDN consists of an unordered list of typed strings. The types are defined by OID and have long and short description. For example id-at-commonName (2.5.4.3) have the long name CommonName and short name CN. The string itself can be of several encoding, UTF8, UTF16, Teltex string, etc. The type limit what encoding should be used. +.PP +GeneralName is a broader nametype that can contains al kind of stuff like Name, IP addresses, partial Name, etc. +.PP +Name is mapped into a hx509_name object. +.PP +Parse and string name into a hx509_name object with \fBhx509_parse_name()\fP, make it back into string representation with \fBhx509_name_to_string()\fP. +.PP +Name string are defined rfc2253, rfc1779 and X.501. +.PP +See the library functions here: \fBhx509 name functions\fP diff --git a/doc/doxyout/hx509/man/man3/page_peer.3 b/doc/doxyout/hx509/man/man3/page_peer.3 new file mode 100644 index 000000000000..a58a0620e3bd --- /dev/null +++ b/doc/doxyout/hx509/man/man3/page_peer.3 @@ -0,0 +1,8 @@ +.TH "page_peer" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_peer \- Hx509 crypto selecting functions +Peer info structures are used togeter with hx509_crypto_select() to select the best avaible crypto algorithm to use. +.PP +See the library functions here: \fBhx509 certificate selecting functions\fP diff --git a/doc/doxyout/hx509/man/man3/page_print.3 b/doc/doxyout/hx509/man/man3/page_print.3 new file mode 100644 index 000000000000..1558729e9131 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/page_print.3 @@ -0,0 +1,6 @@ +.TH "page_print" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_print \- Hx509 printing functions +See the library functions here: \fBhx509 printing functions\fP diff --git a/doc/doxyout/hx509/man/man3/page_revoke.3 b/doc/doxyout/hx509/man/man3/page_revoke.3 new file mode 100644 index 000000000000..c432de3a5d96 --- /dev/null +++ b/doc/doxyout/hx509/man/man3/page_revoke.3 @@ -0,0 +1,10 @@ +.TH "page_revoke" 3 "30 Jul 2011" "Version 1.5" "Heimdalx509library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +page_revoke \- Revocation methods +There are two revocation method for PKIX/X.509: CRL and OCSP. Revocation is needed if the private key is lost and stolen. Depending on how picky you are, you might want to make revocation for destroyed private keys too (smartcard broken), but that should not be a problem. +.PP +CRL is a list of certifiates that have expired. +.PP +OCSP is an online checking method where the requestor sends a list of certificates to the OCSP server to return a signed reply if they are valid or not. Some services sends a OCSP reply as part of the hand-shake to make the revoktion decision simpler/faster for the client. diff --git a/doc/doxyout/hx509/manpages b/doc/doxyout/hx509/manpages new file mode 100644 index 000000000000..6c621d2482a2 --- /dev/null +++ b/doc/doxyout/hx509/manpages @@ -0,0 +1,172 @@ +hx509/man/man3/hx509.3 +hx509/man/man3/hx509_bitstring_print.3 +hx509/man/man3/hx509_ca.3 +hx509/man/man3/hx509_ca_sign.3 +hx509/man/man3/hx509_ca_sign_self.3 +hx509/man/man3/hx509_ca_tbs_add_crl_dp_uri.3 +hx509/man/man3/hx509_ca_tbs_add_eku.3 +hx509/man/man3/hx509_ca_tbs_add_san_hostname.3 +hx509/man/man3/hx509_ca_tbs_add_san_jid.3 +hx509/man/man3/hx509_ca_tbs_add_san_ms_upn.3 +hx509/man/man3/hx509_ca_tbs_add_san_otherName.3 +hx509/man/man3/hx509_ca_tbs_add_san_pkinit.3 +hx509/man/man3/hx509_ca_tbs_add_san_rfc822name.3 +hx509/man/man3/hx509_ca_tbs_free.3 +hx509/man/man3/hx509_ca_tbs_init.3 +hx509/man/man3/hx509_ca_tbs_set_ca.3 +hx509/man/man3/hx509_ca_tbs_set_domaincontroller.3 +hx509/man/man3/hx509_ca_tbs_set_notAfter.3 +hx509/man/man3/hx509_ca_tbs_set_notAfter_lifetime.3 +hx509/man/man3/hx509_ca_tbs_set_notBefore.3 +hx509/man/man3/hx509_ca_tbs_set_proxy.3 +hx509/man/man3/hx509_ca_tbs_set_serialnumber.3 +hx509/man/man3/hx509_ca_tbs_set_spki.3 +hx509/man/man3/hx509_ca_tbs_set_subject.3 +hx509/man/man3/hx509_ca_tbs_set_template.3 +hx509/man/man3/hx509_ca_tbs_set_unique.3 +hx509/man/man3/hx509_ca_tbs_subject_expand.3 +hx509/man/man3/hx509_ca_tbs_template_units.3 +hx509/man/man3/hx509_cert.3 +hx509/man/man3/hx509_cert_binary.3 +hx509/man/man3/hx509_cert_check_eku.3 +hx509/man/man3/hx509_cert_cmp.3 +hx509/man/man3/hx509_cert_find_subjectAltName_otherName.3 +hx509/man/man3/hx509_cert_free.3 +hx509/man/man3/hx509_cert_get_attribute.3 +hx509/man/man3/hx509_cert_get_base_subject.3 +hx509/man/man3/hx509_cert_get_friendly_name.3 +hx509/man/man3/hx509_cert_get_issuer.3 +hx509/man/man3/hx509_cert_get_issuer_unique_id.3 +hx509/man/man3/hx509_cert_get_notAfter.3 +hx509/man/man3/hx509_cert_get_notBefore.3 +hx509/man/man3/hx509_cert_get_serialnumber.3 +hx509/man/man3/hx509_cert_get_SPKI.3 +hx509/man/man3/hx509_cert_get_SPKI_AlgorithmIdentifier.3 +hx509/man/man3/hx509_cert_get_subject.3 +hx509/man/man3/hx509_cert_get_subject_unique_id.3 +hx509/man/man3/hx509_cert_init.3 +hx509/man/man3/hx509_cert_init_data.3 +hx509/man/man3/hx509_cert_keyusage_print.3 +hx509/man/man3/hx509_cert_ref.3 +hx509/man/man3/hx509_cert_set_friendly_name.3 +hx509/man/man3/hx509_certs_add.3 +hx509/man/man3/hx509_certs_append.3 +hx509/man/man3/hx509_certs_end_seq.3 +hx509/man/man3/hx509_certs_filter.3 +hx509/man/man3/hx509_certs_find.3 +hx509/man/man3/hx509_certs_free.3 +hx509/man/man3/hx509_certs_info.3 +hx509/man/man3/hx509_certs_init.3 +hx509/man/man3/hx509_certs_iter_f.3 +hx509/man/man3/hx509_certs_merge.3 +hx509/man/man3/hx509_certs_next_cert.3 +hx509/man/man3/hx509_certs_start_seq.3 +hx509/man/man3/hx509_certs_store.3 +hx509/man/man3/hx509_ci_print_names.3 +hx509/man/man3/hx509_clear_error_string.3 +hx509/man/man3/hx509_cms.3 +hx509/man/man3/hx509_cms_create_signed_1.3 +hx509/man/man3/hx509_cms_envelope_1.3 +hx509/man/man3/hx509_cms_unenvelope.3 +hx509/man/man3/hx509_cms_unwrap_ContentInfo.3 +hx509/man/man3/hx509_cms_verify_signed.3 +hx509/man/man3/hx509_cms_wrap_ContentInfo.3 +hx509/man/man3/hx509_context_free.3 +hx509/man/man3/hx509_context_init.3 +hx509/man/man3/hx509_context_set_missing_revoke.3 +hx509/man/man3/hx509_crl_add_revoked_certs.3 +hx509/man/man3/hx509_crl_alloc.3 +hx509/man/man3/hx509_crl_free.3 +hx509/man/man3/hx509_crl_lifetime.3 +hx509/man/man3/hx509_crl_sign.3 +hx509/man/man3/hx509_crypto.3 +hx509/man/man3/hx509_env.3 +hx509/man/man3/hx509_env_add.3 +hx509/man/man3/hx509_env_add_binding.3 +hx509/man/man3/hx509_env_find.3 +hx509/man/man3/hx509_env_find_binding.3 +hx509/man/man3/hx509_env_free.3 +hx509/man/man3/hx509_env_lfind.3 +hx509/man/man3/hx509_err.3 +hx509/man/man3/hx509_error.3 +hx509/man/man3/hx509_free_error_string.3 +hx509/man/man3/hx509_free_octet_string_list.3 +hx509/man/man3/hx509_general_name_unparse.3 +hx509/man/man3/hx509_get_error_string.3 +hx509/man/man3/hx509_get_one_cert.3 +hx509/man/man3/hx509_keyset.3 +hx509/man/man3/hx509_lock.3 +hx509/man/man3/hx509_misc.3 +hx509/man/man3/hx509_name.3 +hx509/man/man3/hx509_name_binary.3 +hx509/man/man3/hx509_name_cmp.3 +hx509/man/man3/hx509_name_copy.3 +hx509/man/man3/hx509_name_expand.3 +hx509/man/man3/hx509_name_free.3 +hx509/man/man3/hx509_name_is_null_p.3 +hx509/man/man3/hx509_name_to_Name.3 +hx509/man/man3/hx509_name_to_string.3 +hx509/man/man3/hx509_ocsp_request.3 +hx509/man/man3/hx509_ocsp_verify.3 +hx509/man/man3/hx509_oid_print.3 +hx509/man/man3/hx509_oid_sprint.3 +hx509/man/man3/hx509_parse_name.3 +hx509/man/man3/hx509_peer.3 +hx509/man/man3/hx509_peer_info_add_cms_alg.3 +hx509/man/man3/hx509_peer_info_alloc.3 +hx509/man/man3/hx509_peer_info_free.3 +hx509/man/man3/hx509_peer_info_set_cert.3 +hx509/man/man3/hx509_peer_info_set_cms_algs.3 +hx509/man/man3/hx509_print.3 +hx509/man/man3/hx509_print_cert.3 +hx509/man/man3/hx509_print_stdout.3 +hx509/man/man3/hx509_query.3 +hx509/man/man3/hx509_query_alloc.3 +hx509/man/man3/hx509_query_free.3 +hx509/man/man3/hx509_query_match_cmp_func.3 +hx509/man/man3/hx509_query_match_eku.3 +hx509/man/man3/hx509_query_match_friendly_name.3 +hx509/man/man3/hx509_query_match_issuer_serial.3 +hx509/man/man3/hx509_query_match_option.3 +hx509/man/man3/hx509_query_statistic_file.3 +hx509/man/man3/hx509_query_unparse_stats.3 +hx509/man/man3/hx509_revoke.3 +hx509/man/man3/hx509_revoke_add_crl.3 +hx509/man/man3/hx509_revoke_add_ocsp.3 +hx509/man/man3/hx509_revoke_free.3 +hx509/man/man3/hx509_revoke_init.3 +hx509/man/man3/hx509_revoke_ocsp_print.3 +hx509/man/man3/hx509_revoke_verify.3 +hx509/man/man3/hx509_set_error_string.3 +hx509/man/man3/hx509_set_error_stringv.3 +hx509/man/man3/hx509_unparse_der_name.3 +hx509/man/man3/hx509_validate_cert.3 +hx509/man/man3/hx509_validate_ctx_add_flags.3 +hx509/man/man3/hx509_validate_ctx_free.3 +hx509/man/man3/hx509_validate_ctx_init.3 +hx509/man/man3/hx509_validate_ctx_set_print.3 +hx509/man/man3/hx509_verify.3 +hx509/man/man3/hx509_verify_attach_anchors.3 +hx509/man/man3/hx509_verify_attach_revoke.3 +hx509/man/man3/hx509_verify_ctx_f_allow_default_trustanchors.3 +hx509/man/man3/hx509_verify_destroy_ctx.3 +hx509/man/man3/hx509_verify_hostname.3 +hx509/man/man3/hx509_verify_init_ctx.3 +hx509/man/man3/hx509_verify_path.3 +hx509/man/man3/hx509_verify_set_max_depth.3 +hx509/man/man3/hx509_verify_set_proxy_certificate.3 +hx509/man/man3/hx509_verify_set_strict_rfc3280_verification.3 +hx509/man/man3/hx509_verify_set_time.3 +hx509/man/man3/hx509_verify_signature.3 +hx509/man/man3/hx509_xfree.3 +hx509/man/man3/page_ca.3 +hx509/man/man3/page_cert.3 +hx509/man/man3/page_cms.3 +hx509/man/man3/page_env.3 +hx509/man/man3/page_error.3 +hx509/man/man3/page_keyset.3 +hx509/man/man3/page_lock.3 +hx509/man/man3/page_name.3 +hx509/man/man3/page_peer.3 +hx509/man/man3/page_print.3 +hx509/man/man3/page_revoke.3 diff --git a/doc/doxyout/krb5/html/annotated.html b/doc/doxyout/krb5/html/annotated.html new file mode 100644 index 000000000000..140140705785 --- /dev/null +++ b/doc/doxyout/krb5/html/annotated.html @@ -0,0 +1,35 @@ + + +HeimdalKerberos5library: Data Structures + + + +

+keyhole logo +

+ + + +
+

Data Structures

Here are the data structures with brief descriptions: + +
krb5_crypto_iov
+
+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/doxygen.css b/doc/doxyout/krb5/html/doxygen.css new file mode 100644 index 000000000000..22c484301dd1 --- /dev/null +++ b/doc/doxyout/krb5/html/doxygen.css @@ -0,0 +1,473 @@ +BODY,H1,H2,H3,H4,H5,H6,P,CENTER,TD,TH,UL,DL,DIV { + font-family: Geneva, Arial, Helvetica, sans-serif; +} +BODY,TD { + font-size: 90%; +} +H1 { + text-align: center; + font-size: 160%; +} +H2 { + font-size: 120%; +} +H3 { + font-size: 100%; +} +CAPTION { + font-weight: bold +} +DIV.qindex { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navpath { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navtab { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +TD.navtab { + font-size: 70%; +} +A.qindex { + text-decoration: none; + font-weight: bold; + color: #1A419D; +} +A.qindex:visited { + text-decoration: none; + font-weight: bold; + color: #1A419D +} +A.qindex:hover { + text-decoration: none; + background-color: #ddddff; +} +A.qindexHL { + text-decoration: none; + font-weight: bold; + background-color: #6666cc; + color: #ffffff; + border: 1px double #9295C2; +} +A.qindexHL:hover { + text-decoration: none; + background-color: #6666cc; + color: #ffffff; +} +A.qindexHL:visited { + text-decoration: none; + background-color: #6666cc; + color: #ffffff +} +A.el { + text-decoration: none; + font-weight: bold +} +A.elRef { + font-weight: bold +} +A.code:link { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.code:visited { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.codeRef:link { + font-weight: normal; + color: #0000FF +} +A.codeRef:visited { + font-weight: normal; + color: #0000FF +} +A:hover { + text-decoration: none; + background-color: #f2f2ff +} +DL.el { + margin-left: -1cm +} +.fragment { + font-family: monospace, fixed; + font-size: 95%; +} +PRE.fragment { + border: 1px solid #CCCCCC; + background-color: #f5f5f5; + margin-top: 4px; + margin-bottom: 4px; + margin-left: 2px; + margin-right: 8px; + padding-left: 6px; + padding-right: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +DIV.ah { + background-color: black; + font-weight: bold; + color: #ffffff; + margin-bottom: 3px; + margin-top: 3px +} + +DIV.groupHeader { + margin-left: 16px; + margin-top: 12px; + margin-bottom: 6px; + font-weight: bold; +} +DIV.groupText { + margin-left: 16px; + font-style: italic; + font-size: 90% +} +BODY { + background: white; + color: black; + margin-right: 20px; + margin-left: 20px; +} +TD.indexkey { + background-color: #e8eef2; + font-weight: bold; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TD.indexvalue { + background-color: #e8eef2; + font-style: italic; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TR.memlist { + background-color: #f0f0f0; +} +P.formulaDsp { + text-align: center; +} +IMG.formulaDsp { +} +IMG.formulaInl { + vertical-align: middle; +} +SPAN.keyword { color: #008000 } +SPAN.keywordtype { color: #604020 } +SPAN.keywordflow { color: #e08000 } +SPAN.comment { color: #800000 } +SPAN.preprocessor { color: #806020 } +SPAN.stringliteral { color: #002080 } +SPAN.charliteral { color: #008080 } +SPAN.vhdldigit { color: #ff00ff } +SPAN.vhdlchar { color: #000000 } +SPAN.vhdlkeyword { color: #700070 } +SPAN.vhdllogic { color: #ff0000 } + +.mdescLeft { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.mdescRight { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.memItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplParams { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + color: #606060; + background-color: #FAFAFA; + font-size: 80%; +} +.search { + color: #003399; + font-weight: bold; +} +FORM.search { + margin-bottom: 0px; + margin-top: 0px; +} +INPUT.search { + font-size: 75%; + color: #000080; + font-weight: normal; + background-color: #e8eef2; +} +TD.tiny { + font-size: 75%; +} +a { + color: #1A41A8; +} +a:visited { + color: #2A3798; +} +.dirtab { + padding: 4px; + border-collapse: collapse; + border: 1px solid #84b0c7; +} +TH.dirtab { + background: #e8eef2; + font-weight: bold; +} +HR { + height: 1px; + border: none; + border-top: 1px solid black; +} + +/* Style for detailed member documentation */ +.memtemplate { + font-size: 80%; + color: #606060; + font-weight: normal; + margin-left: 3px; +} +.memnav { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +.memitem { + padding: 4px; + background-color: #eef3f5; + border-width: 1px; + border-style: solid; + border-color: #dedeee; + -moz-border-radius: 8px 8px 8px 8px; +} +.memname { + white-space: nowrap; + font-weight: bold; +} +.memdoc{ + padding-left: 10px; +} +.memproto { + background-color: #d5e1e8; + width: 100%; + border-width: 1px; + border-style: solid; + border-color: #84b0c7; + font-weight: bold; + -moz-border-radius: 8px 8px 8px 8px; +} +.paramkey { + text-align: right; +} +.paramtype { + white-space: nowrap; +} +.paramname { + color: #602020; + font-style: italic; + white-space: nowrap; +} +/* End Styling for detailed member documentation */ + +/* for the tree view */ +.ftvtree { + font-family: sans-serif; + margin:0.5em; +} +/* these are for tree view when used as main index */ +.directory { + font-size: 9pt; + font-weight: bold; +} +.directory h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} + +/* The following two styles can be used to replace the root node title */ +/* with an image of your choice. Simply uncomment the next two styles, */ +/* specify the name of your image and be sure to set 'height' to the */ +/* proper pixel height of your image. */ + +/* .directory h3.swap { */ +/* height: 61px; */ +/* background-repeat: no-repeat; */ +/* background-image: url("yourimage.gif"); */ +/* } */ +/* .directory h3.swap span { */ +/* display: none; */ +/* } */ + +.directory > h3 { + margin-top: 0; +} +.directory p { + margin: 0px; + white-space: nowrap; +} +.directory div { + display: none; + margin: 0px; +} +.directory img { + vertical-align: -30%; +} +/* these are for tree view when not used as main index */ +.directory-alt { + font-size: 100%; + font-weight: bold; +} +.directory-alt h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} +.directory-alt > h3 { + margin-top: 0; +} +.directory-alt p { + margin: 0px; + white-space: nowrap; +} +.directory-alt div { + display: none; + margin: 0px; +} +.directory-alt img { + vertical-align: -30%; +} + diff --git a/doc/doxyout/krb5/html/doxygen.png b/doc/doxyout/krb5/html/doxygen.png new file mode 100644 index 0000000000000000000000000000000000000000..f0a274bbaffdd67f6d784c894d9cf28729db0e14 GIT binary patch literal 1281 zcmaJ>ZA?>F7(Vx-ms?uoS`b@hdRtpo6o^%HU>M$hfGrBvQnk$LE?p^P!kn&ikhyq! zX~V@&tPF5Qt@V?oTL96Bi%aRiwbe1)9DWQI#?)=HxS7QSw`J`5fAJ*eJbB;uNuKA& zdERDo*{Y<(If(#(B$Lr#;nB(8Y#ia=ZCeW?JfPLuQY`=@cW$k}Rivq|vbxGrRq1Tl9;+(gNt?}UtVKM2`T5t1jLzuL@0UIs`S#vlhl4)^ zLgSYrPj@$+`|j?eSbXTmiHGkWxV8V}BzNR?pl9k_s4pDu9vd5a_UzZEPk)}Ad{AV_ zzddrjrh4=Imr`E06;LY{)YYt?o}L~H@7C}F^WB!Ra=v`Q0bj{>5&$66CWF>mf6vjP z2N>RRY6ZYa=K`76>+|_)Xdwko+7wv}7cN|btOhWb(*{sta~6b?S8Omrxw}!4`NhGr zZVpNqpu1@BE`QGWNTpEpcJVW5izu~2B^GlM?1(OPg)zwW;QcP@Ltcclm>XbJL9C|j z=9!2?ua=uIlf0%AndzHsRC}IyTL$EhAee(fdKB`?27KeS^2M8M_7b~PiCFO&r5LC7 z7gl1*a<8;SjNaw#h=843_AV9iZbWQOAp5YOC^&_F*9K0> zB|6%IDb?aM#3viTxkLU4aXg&@+CkNTOnQ1iMP*^?b|^lJy$4C)Zk4isV!|RZ*XhXh zw8q3$=*0LeGC!XI_Wc?dkT~3+*Gu%%yIqP+Wr3H$=&ROMQU6q}Ag^P~>c5vAEO;a- z_dK-3PPeKar%)6$j~vI2#*-YH!1h6HYVtwCX5_wM`iF#UKz&&@9Oo5w3%XGYrX zW>dY~)SG-((Yim%`InwgTvyRC?e=Wh^8KCao!R6Eg&TpVWUY1sN~4G}V?nFnEGo-; zHZ_$eW9-GnC%^WS9b z@p;-$oH#MtC0v>Q$HX%4^JdFdO$0cbv-W)Q TtK}Eh@>>I#ipmV1>S*>q-hkC} literal 0 HcmV?d00001 diff --git a/doc/doxyout/krb5/html/graph_legend.dot b/doc/doxyout/krb5/html/graph_legend.dot new file mode 100644 index 000000000000..4df0f1aa4864 --- /dev/null +++ b/doc/doxyout/krb5/html/graph_legend.dot @@ -0,0 +1,22 @@ +digraph G +{ + edge [fontname="FreeSans",fontsize=10,labelfontname="FreeSans",labelfontsize=10]; + node [fontname="FreeSans",fontsize=10,shape=record]; + Node9 [shape="box",label="Inherited",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",fillcolor="grey75",style="filled" fontcolor="black"]; + Node10 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node10 [shape="box",label="PublicBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPublicBase.html"]; + Node11 -> Node10 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node11 [shape="box",label="Truncated",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="red",URL="$classTruncated.html"]; + Node13 -> Node9 [dir=back,color="darkgreen",fontsize=10,style="solid",fontname="FreeSans"]; + Node13 [shape="box",label="ProtectedBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classProtectedBase.html"]; + Node14 -> Node9 [dir=back,color="firebrick4",fontsize=10,style="solid",fontname="FreeSans"]; + Node14 [shape="box",label="PrivateBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPrivateBase.html"]; + Node15 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node15 [shape="box",label="Undocumented",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="grey75"]; + Node16 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node16 [shape="box",label="Templ< int >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node17 -> Node16 [dir=back,color="orange",fontsize=10,style="dashed",label="< int >",fontname="FreeSans"]; + Node17 [shape="box",label="Templ< T >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node18 -> Node9 [dir=back,color="darkorchid3",fontsize=10,style="dashed",label="m_usedClass",fontname="FreeSans"]; + Node18 [shape="box",label="Used",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classUsed.html"]; +} diff --git a/doc/doxyout/krb5/html/graph_legend.html b/doc/doxyout/krb5/html/graph_legend.html new file mode 100644 index 000000000000..540af13f2b3c --- /dev/null +++ b/doc/doxyout/krb5/html/graph_legend.html @@ -0,0 +1,89 @@ + + +HeimdalKerberos5library: Graph Legend + + + +

+keyhole logo +

+ + + +
+

Graph Legend

This page explains how to interpret the graphs that are generated by doxygen.

+Consider the following example: 

/*! Invisible class because of truncation */
+class Invisible { };
+
+/*! Truncated class, inheritance relation is hidden */
+class Truncated : public Invisible { };
+
+/* Class not documented with doxygen comments */
+class Undocumented { };
+
+/*! Class that is inherited using public inheritance */
+class PublicBase : public Truncated { };
+
+/*! A template class */
+template<class T> class Templ { };
+
+/*! Class that is inherited using protected inheritance */
+class ProtectedBase { };
+
+/*! Class that is inherited using private inheritance */
+class PrivateBase { };
+
+/*! Class that is used by the Inherited class */
+class Used { };
+
+/*! Super class that inherits a number of other classes */
+class Inherited : public PublicBase,
+                  protected ProtectedBase,
+                  private PrivateBase,
+                  public Undocumented,
+                  public Templ<int>
+{
+  private:
+    Used *m_usedClass;
+};
+
If the MAX_DOT_GRAPH_HEIGHT tag in the configuration file is set to 240 this will result in the following graph:

+

+graph_legend.png +
+

+The boxes in the above graph have the following meaning:

    +
  • +A filled gray box represents the struct or class for which the graph is generated.
    • +
  • +A box with a black border denotes a documented struct or class.
    • +
  • +A box with a grey border denotes an undocumented struct or class.
    • +
  • +A box with a red border denotes a documented struct or class forwhich not all inheritance/containment relations are shown. A graph is truncated if it does not fit within the specified boundaries.
    • +
+The arrows have the following meaning:
    +
  • +A dark blue arrow is used to visualize a public inheritance relation between two classes.
    • +
  • +A dark green arrow is used for protected inheritance.
    • +
  • +A dark red arrow is used for private inheritance.
    • +
  • +A purple dashed arrow is used if a class is contained or used by another class. The arrow is labeled with the variable(s) through which the pointed class or struct is accessible.
    • +
  • +A yellow dashed arrow denotes a relation between a template instance and the template class it was instantiated from. The arrow is labeled with the template parameters of the instance.
    • +
+
+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/graph_legend.png b/doc/doxyout/krb5/html/graph_legend.png new file mode 100644 index 0000000000000000000000000000000000000000..9b96937bfd5f7a36ea8dbf2d64ed1bc0768f074d GIT binary patch literal 4256 zcmbVQdpOkH_8+NND!Jtq6-jtSR7_-I$|WI0?zfSY$_$d3afzvf+>+dd5k>AJ%rwTO zToWRpOjQk;SpA-vZaxFm|)qS zZ0&nc$jcV$urMS*mT>5$AW~=+0-V=-hk3d;65QJTE=oj@xp?1=Mih?*SJGP9x;tMV zMGEN%60bmjDaijL58nc4RjF^hegOwU1I*ccRUmxdMkPM4ng0%#|DsH zA6uS>izR^x-*dYB+Y^@(q_fm3bgQzJ)xH_6x>lGwshWF+C5$5dh3sYD)tK+C6U)CD z^Xomarii5PA4v8qF_zz#buUwD?ro`8dC&7V-sShflU~*CBDZ04x4+3qE16W{eL_xd z3YaO}b1qpA9YL|0YKdw~2PzM=1=7+ItLm0+tST@%D(MNDzHR)+2t0d#|s}$9i(3xGzT8VL8o-ltIwH zpspqZeXR&2qA6r=nJVuhHO>d5w2$gp9i$H^6ROz!yNTjvm&9kupV73|GPJbXR%Sq0{>>GOn}^wshXC&C~6F@ zQEtikDzl-h2C}qRulGQ3fxzQMGiQH>nv}zkLLPr|qAC;3@PP$cr?(+-t?Wl3jb0<+ z#bCd_jVJ74%s*@eBjHtio7tZ>$BFt@%$M_C#AZgnzPm@&TXYQgE_Vo-ac(6wcJS^F zq)^14asP#Se^m*cnG^`{K>nXv_jhChvr_3s{zCkoqlsf=o8GQ>m@l2)em-YYT;u5A zvL(o`$7n~F&}`E{@&v375BP8e8N#D`H-e$%bEytQt-6o^PA%Dz4c-UeB{`~c4E<$L zY5E6~rKXj#P=fpct4bMP!auX;p7jtP@Li|`r|L0{yav|CLqtLNI5sNFr)16{NP2=B zyY+-Wnh;%3ctC&{8FU{!e29-)s6j~L{~V=%0`Mo=V6^am+1%z2<9r3tD~6uUPff|k zVx!)!?zoJ8FYTDC+V^!??@ z4c>lSL|BU?N^?Ew@NJxJzG9eMGFyR)(2&@Nt!t3%JLT|%6obYCChp}`hP)dkti;UH zm+B_wyb0#h=*|iH4Fx&x>#k_WnyfzU(!KMagDGGLWwz39qG2@`w4@&@8MH}K=hcV> zo@xJdqtMHqtZ+UobNt|FkIRV*_Z#K{{Bb)#j z9XM+oNQX|Dn7$9c4;PX=9NRr)QYm+3 z zx^AyiP)aaJ#E<#aI_Z4M0qo~}6_b{Fw7LjYEpq&2eP4e=;`V;2lQjooTv3dWIpwWu z2b1z&DZD^dJ%5Ah@TPsb?SUP1RZa2=43!k>cAI`kktGdN*#k}_EFYJBtdo09U?xBs z9K9CSx_e{=df>B<4TT_=s52}n^1IKq){xhJIZR<%sQ$rL)Ww)Yt%WkDo#ad}s&Gx5 z={);tH9sSrJ>yD-tu!$ob?tPKmFU3SdDt@i5ULq$P+JZ&rBZXITMM2R4_v1ibgOiq zMgY#(>xF-;&)HonG+sHE@%)-B1*r)@ga3!db-Vc_x}smbXU4=Ycmit0F{Z9Z=q9*k zSY@ypaOs8`MX!BUZQ8*PNmX5$J|!1|LUar)5#Wv*4#g@nfsebEcx9@8Xwfb0Q9P(} z=SQ6#aIE*x06hjIS#Bd%McoJc%>SXksuJY|iLLCE2cQVDS=q0ExRn*~`i=fOw%XSg zjPMNGM@azaROpa|{rz4!=+zKM?qLTssH`{-E+@6Hhis|f3;+_M-ZtTHa|~uvmR1gf ztc+og%<|DBdt%HY{wmosZ0Dwo_$k|E-l5uc@dsfQXM7S|Iz@BxYy&z}hOFW|~F{vQ0Osp+?FjWk}l^^`$3d&Um1 z?&sxr?AAGlD4Khy<_>4od`Bblh?&9%UY#-Jq!c|?kU+hLL^MH@`5+jaq0btJpn7*b#Oeh1GEn6atjaCyIWfr0OqB$o*_K7>Hw0 z?BwrA^UZy(f_CdPoNz0!X6_EX?r80CuKuJ>x7Nfyd8EE%k&D?|=iJJfS>IQjndp+} zQwBq!$`>mvPmG!I^V(%R)Gym_|72^0&$a-L)TN^qtKvF!jlxIo?PRq6kTb-X53|%h z?IKy}wPh>cXPpl!CgqlED%v-a$)H5&WV66^EQctD_=l_ z8tuq$z=3tBNHyzQ{oqHd0c`bijo3DfaK&P6ljOYB*yU$_@k`qhq8=mtA4jS1B1K(j zvo2FBwlJ2mJRPCUqlyR$(a}O)y*2{y;Q!N$t<@I0rtBY~s9-^ohW}mp>mSLEID_fCC?)BC#xQVv6?MP3l1#chr!wPGR>M7_ma= zq&T4QLL#pPdxWMc8$@t?@@dX?v6SXk)pHf5YJBDF1J==c$=Ycr+-OyqR^Hvbl3sPR z*>|+VVnI4^ix_q({i~Ss$FYFSvqug*Szu}$jsTR7w#ajG&vB+e-65%XO$A}#xf?z1 zg)!qcIUN0peM-ZkW0&88#R#(`yIXN3nMRX3+scl<5eJ{+iXh{t%uA$^_(QR&k?6b}K!<(1P zqwP4`%br=wo_WfO34*7x=@)Qk8fo1(!f2_Wx<|KCf>TXR>Fs0He*PA|d0Gy2j)&Wm z%VnPoVWk((0ZN^Z;9t1nfauExQsXD8>~~^(ibEcj>iyB>^{0^bacb(gZMDZOg!?o2 zVa@4%Q3kdQ_jg7p|GidA+;Dh4mlhvBOEsuq(9T4mj7oc$7JRBo7sK z*E^0e%k=;_*U4pQ>$TPd_p@|Nm&X+6SCcizU6^Uhlfh+H#~(#zENDe!uqZ){ma3WhTpgE+}F#p~*bqL)ZYn`y8- zBOJ+jO4A2S!yO<}KP2QQ_3v@|Y0!qSg0~x9LPU!Rsy0*lW)2#guxB_)5P-_Hzz)sa zrnuTszvZ!oPt?A{2s%#E?qLUMss-0P-a={w>U|QXvO8{_pDLhOoY0}ZSU>&a#hJ<$ zf4Q&uT+Go7?*M0-NYFE>V%3O24hlHr&CvTIS_##QeB#n}e(gAe6vWs=NZv-DofbkO zu7$-h7Q@{+$HyEaDZEwf6AwUFq;NBnTgsf5s%mT33zz?)Ep+-3VmZ8*J#3y~)Ura$ zpPFz&43@7o6>!a?EZ!3?!?z=`K9*}HvAgu@#TSq?Ptjq6-{ylGIr3f2q%wW0|I7*vVROWS&K z1ujjlesAY3i{h8`HADO2qu*4TzqaC^gbVQY}Bcx zdccd&Kl-bUFIRb=gLuNk3HsaqMMi`2e%ujt?uM0xCs*bj=EwvJFU`+a_d(+X)YjtG z8ViTUA+`cG73Cc^6!T_s=HK)o?m&=mp;4>0A$DnH#54&G^7{I|FO#0N%dZAibZ>6* z?nPYXp5X^8B9a_9oS$PjT-x+F#$I{v>ysq>cBG2e?JyMGV2r`NPxrsx8;iIjX^q~Dr;D*ylh literal 0 HcmV?d00001 diff --git a/doc/doxyout/krb5/html/group__krb5.html b/doc/doxyout/krb5/html/group__krb5.html new file mode 100644 index 000000000000..3f7a12d3c6bf --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5.html @@ -0,0 +1,2237 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 library + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 library

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_add_et_list (krb5_context context, void(*func)(struct et_list **))
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_set_password (krb5_context context, krb5_creds *creds, const char *newpw, krb5_principal targprinc, int *result_code, krb5_data *result_code_string, krb5_data *result_string)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_init_context (krb5_context *context)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_copy_context (krb5_context context, krb5_context *out)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_free_context (krb5_context context)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_set_config_files (krb5_context context, char **filenames)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_prepend_config_files_default (const char *filelist, char ***pfilenames)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_default_config_files (char ***pfilenames)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_free_config_files (char **filenames)
KRB5_LIB_FUNCTION const
+krb5_enctype *KRB5_LIB_CALL 		krb5_kerberos_enctypes (krb5_context context)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_set_default_in_tkt_etypes (krb5_context context, const krb5_enctype *etypes)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_default_in_tkt_etypes (krb5_context context, krb5_pdu pdu_type, krb5_enctype **etypes)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_init_ets (krb5_context context)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_set_use_admin_kdc (krb5_context context, krb5_boolean flag)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_get_use_admin_kdc (krb5_context context)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_add_extra_addresses (krb5_context context, krb5_addresses *addresses)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_set_extra_addresses (krb5_context context, const krb5_addresses *addresses)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_extra_addresses (krb5_context context, krb5_addresses *addresses)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_add_ignore_addresses (krb5_context context, krb5_addresses *addresses)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_set_ignore_addresses (krb5_context context, const krb5_addresses *addresses)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_ignore_addresses (krb5_context context, krb5_addresses *addresses)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_set_fcache_version (krb5_context context, int version)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_fcache_version (krb5_context context, int *version)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_is_thread_safe (void)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_set_dns_canonicalize_hostname (krb5_context context, krb5_boolean flag)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_get_dns_canonicalize_hostname (krb5_context context)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_kdc_sec_offset (krb5_context context, int32_t *sec, int32_t *usec)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_set_kdc_sec_offset (krb5_context context, int32_t sec, int32_t usec)
KRB5_LIB_FUNCTION time_t
+KRB5_LIB_CALL 		krb5_get_max_time_skew (krb5_context context)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_set_max_time_skew (krb5_context context, time_t t)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_set_home_dir_access (krb5_context context, krb5_boolean allow)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_copy_host_realm (krb5_context context, const krb5_realm *from, krb5_realm **to)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_free_cred_contents (krb5_context context, krb5_creds *c)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_copy_creds_contents (krb5_context context, const krb5_creds *incred, krb5_creds *c)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_copy_creds (krb5_context context, const krb5_creds *incred, krb5_creds **outcred)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_free_creds (krb5_context context, krb5_creds *c)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_compare_creds (krb5_context context, krb5_flags whichfields, const krb5_creds *mcreds, const krb5_creds *creds)
KRB5_LIB_FUNCTION unsigned
+long KRB5_LIB_CALL 		krb5_creds_get_ticket_flags (krb5_creds *creds)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_data_zero (krb5_data *p)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_data_free (krb5_data *p)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_free_data (krb5_context context, krb5_data *p)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_data_alloc (krb5_data *p, int len)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_data_realloc (krb5_data *p, int len)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_data_copy (krb5_data *p, const void *data, size_t len)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_copy_data (krb5_context context, const krb5_data *indata, krb5_data **outdata)
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_data_cmp (const krb5_data *data1, const krb5_data *data2)
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_data_ct_cmp (const krb5_data *data1, const krb5_data *data2)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_krbhst_get_addrinfo (krb5_context context, krb5_krbhst_info *host, struct addrinfo **ai)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_free_ticket (krb5_context context, krb5_ticket *ticket)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_copy_ticket (krb5_context context, const krb5_ticket *from, krb5_ticket **to)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ticket_get_client (krb5_context context, const krb5_ticket *ticket, krb5_principal *client)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ticket_get_server (krb5_context context, const krb5_ticket *ticket, krb5_principal *server)
KRB5_LIB_FUNCTION time_t
+KRB5_LIB_CALL 		krb5_ticket_get_endtime (krb5_context context, const krb5_ticket *ticket)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ticket_get_authorization_data_type (krb5_context context, krb5_ticket *ticket, int type, krb5_data *data)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_set_real_time (krb5_context context, krb5_timestamp sec, int32_t usec)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_et_list (krb5_context  context,
void(*)(struct et_list **)  func 
)
+
+
+ +

+Add a specified list of error messages to the et list in context. Call func (probably a comerr-generated function) with a pointer to the current et_list.

+

Parameters:
+ + + +
context A kerberos context.
func The generated com_err et function.
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_extra_addresses (krb5_context  context,
krb5_addresses *  addresses 
)
+
+
+ +

+Add extra address to the address list that the library will add to the client's address list when communicating with the KDC.

+

Parameters:
+ + + +
context Kerberos 5 context.
addresses addreses to add
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_ignore_addresses (krb5_context  context,
krb5_addresses *  addresses 
)
+
+
+ +

+Add extra addresses to ignore when fetching addresses from the underlaying operating system.

+

Parameters:
+ + + +
context Kerberos 5 context.
addresses addreses to ignore
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_compare_creds (krb5_context  context,
krb5_flags  whichfields,
const krb5_creds *  mcreds,
const krb5_creds *  creds 
)
+
+
+ +

+Return TRUE if `mcreds' and `creds' are equal (`whichfields' determines what equal means).

+The following flags, set in whichfields affects the comparison:

    +
  • KRB5_TC_MATCH_SRV_NAMEONLY Consider all realms equal when comparing the service principal.
  • KRB5_TC_MATCH_KEYTYPE Compare enctypes.
  • KRB5_TC_MATCH_FLAGS_EXACT Make sure that the ticket flags are identical.
  • KRB5_TC_MATCH_FLAGS Make sure that all ticket flags set in mcreds are also present in creds .
  • KRB5_TC_MATCH_TIMES_EXACT Compares the ticket times exactly.
  • KRB5_TC_MATCH_TIMES Compares only the expiration times of the creds.
  • KRB5_TC_MATCH_AUTHDATA Compares the authdata fields.
  • KRB5_TC_MATCH_2ND_TKT Compares the second tickets (used by user-to-user authentication).
  • KRB5_TC_MATCH_IS_SKEY Compares the existance of the second ticket.
+

+

Parameters:
+ + + + + +
context Kerberos 5 context.
whichfields which fields to compare.
mcreds cred to compare with.
creds cred to compare with.
+
+
Returns:
return TRUE if mcred and creds are equal, FALSE if not.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_context (krb5_context  context,
krb5_context *  out 
)
+
+
+ +

+Make a copy for the Kerberos 5 context, the new krb5_context shoud be freed with krb5_free_context().

+

Parameters:
+ + + +
context the Kerberos context to copy
out the copy of the Kerberos, set to NULL error.
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_creds (krb5_context  context,
const krb5_creds *  incred,
krb5_creds **  outcred 
)
+
+
+ +

+Copy krb5_creds.

+

Parameters:
+ + + + +
context Kerberos 5 context.
incred source credential
outcred destination credential, free with krb5_free_creds().
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_creds_contents (krb5_context  context,
const krb5_creds *  incred,
krb5_creds *  c 
)
+
+
+ +

+Copy content of krb5_creds.

+

Parameters:
+ + + + +
context Kerberos 5 context.
incred source credential
c destination credential, free with krb5_free_cred_contents().
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_data (krb5_context  context,
const krb5_data *  indata,
krb5_data **  outdata 
)
+
+
+ +

+Copy the data into a newly allocated krb5_data.

+

Parameters:
+ + + + +
context Kerberos 5 context.
indata the krb5_data data to copy
outdata new krb5_date to copy too. Free with krb5_free_data().
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_host_realm (krb5_context  context,
const krb5_realm *  from,
krb5_realm **  to 
)
+
+
+ +

+Copy the list of realms from `from' to `to'.

+

Parameters:
+ + + + +
context Kerberos 5 context.
from list of realms to copy from.
to list of realms to copy to, free list of krb5_free_host_realm().
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_ticket (krb5_context  context,
const krb5_ticket *  from,
krb5_ticket **  to 
)
+
+
+ +

+Copy ticket and content

+

Parameters:
+ + + + +
context a Kerberos 5 context
from ticket to copy
to new copy of ticket, free with krb5_free_ticket()
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL krb5_creds_get_ticket_flags (krb5_creds *  creds  ) 
+
+
+ +

+Returns the ticket flags for the credentials in creds. See also krb5_ticket_get_flags().

+

Parameters:
+ + +
creds credential to get ticket flags from
+
+
Returns:
ticket flags
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_data_alloc (krb5_data *  p,
int  len 
)
+
+
+ +

+Allocate data of and krb5_data.

+

Parameters:
+ + + +
p krb5_data to allocate.
len size to allocate.
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_data_cmp (const krb5_data *  data1,
const krb5_data *  data2 
)
+
+
+ +

+Compare to data.

+

Parameters:
+ + + +
data1 krb5_data to compare
data2 krb5_data to compare
+
+
Returns:
return the same way as memcmp(), useful when sorting.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_data_copy (krb5_data *  p,
const void *  data,
size_t  len 
)
+
+
+ +

+Copy the data of len into the krb5_data.

+

Parameters:
+ + + + +
p krb5_data to copy into.
data data to copy..
len new size.
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_data_ct_cmp (const krb5_data *  data1,
const krb5_data *  data2 
)
+
+
+ +

+Compare to data not exposing timing information from the checksum data

+

Parameters:
+ + + +
data1 krb5_data to compare
data2 krb5_data to compare
+
+
Returns:
returns zero for same data, otherwise non zero.
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_data_free (krb5_data *  p  ) 
+
+
+ +

+Free the content of krb5_data structure, its ok to free a zeroed structure (with memset() or krb5_data_zero()). When done, the structure will be zeroed. The same function is called krb5_free_data_contents() in MIT Kerberos.

+

Parameters:
+ + +
p krb5_data to free.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_data_realloc (krb5_data *  p,
int  len 
)
+
+
+ +

+Grow (or shrink) the content of krb5_data to a new size.

+

Parameters:
+ + + +
p krb5_data to free.
len new size.
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned.
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_data_zero (krb5_data *  p  ) 
+
+
+ +

+Reset the (potentially uninitalized) krb5_data structure.

+

Parameters:
+ + +
p krb5_data to reset.
+
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_config_files (char **  filenames  ) 
+
+
+ +

+Free a list of configuration files.

+

Parameters:
+ + +
filenames list, terminated with a NULL pointer, to be freed. NULL is an valid argument.
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_context (krb5_context  context  ) 
+
+
+ +

+Frees the krb5_context allocated by krb5_init_context().

+

Parameters:
+ + +
context context to be freed.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_cred_contents (krb5_context  context,
krb5_creds *  c 
)
+
+
+ +

+Free content of krb5_creds.

+

Parameters:
+ + + +
context Kerberos 5 context.
c krb5_creds to free.
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_creds (krb5_context  context,
krb5_creds *  c 
)
+
+
+ +

+Free krb5_creds.

+

Parameters:
+ + + +
context Kerberos 5 context.
c krb5_creds to free.
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_data (krb5_context  context,
krb5_data *  p 
)
+
+
+ +

+Free krb5_data (and its content).

+

Parameters:
+ + + +
context Kerberos 5 context.
p krb5_data to free.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_ticket (krb5_context  context,
krb5_ticket *  ticket 
)
+
+
+ +

+Free ticket and content

+

Parameters:
+ + + +
context a Kerberos 5 context
ticket ticket to free
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_config_files (char ***  pfilenames  ) 
+
+
+ +

+Get the global configuration list.

+

Parameters:
+ + +
pfilenames return array of filenames, should be freed with krb5_free_config_files().
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_in_tkt_etypes (krb5_context  context,
krb5_pdu  pdu_type,
krb5_enctype **  etypes 
)
+
+
+ +

+Get the default encryption types that will be use in communcation with the KDC, clients and servers.

+

Parameters:
+ + + +
context Kerberos 5 context.
etypes Encryption types, array terminated with ETYPE_NULL(0), caller should free array with krb5_xfree():
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_get_dns_canonicalize_hostname (krb5_context  context  ) 
+
+
+ +

+Get if the library uses DNS to canonicalize hostnames.

+

Parameters:
+ + +
context Kerberos 5 context.
+
+
Returns:
return non zero if the library uses DNS to canonicalize hostnames.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_extra_addresses (krb5_context  context,
krb5_addresses *  addresses 
)
+
+
+ +

+Get extra address to the address list that the library will add to the client's address list when communicating with the KDC.

+

Parameters:
+ + + +
context Kerberos 5 context.
addresses addreses to set
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_fcache_version (krb5_context  context,
int *  version 
)
+
+
+ +

+Get version of fcache that the library should use.

+

Parameters:
+ + + +
context Kerberos 5 context.
version version number.
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_ignore_addresses (krb5_context  context,
krb5_addresses *  addresses 
)
+
+
+ +

+Get extra addresses to ignore when fetching addresses from the underlaying operating system.

+

Parameters:
+ + + +
context Kerberos 5 context.
addresses list addreses ignored
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_kdc_sec_offset (krb5_context  context,
int32_t *  sec,
int32_t *  usec 
)
+
+
+ +

+Get current offset in time to the KDC.

+

Parameters:
+ + + + +
context Kerberos 5 context.
sec seconds part of offset.
usec micro seconds part of offset.
+
+
Returns:
returns zero
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL krb5_get_max_time_skew (krb5_context  context  ) 
+
+
+ +

+Get max time skew allowed.

+

Parameters:
+ + +
context Kerberos 5 context.
+
+
Returns:
timeskew in seconds.
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_get_use_admin_kdc (krb5_context  context  ) 
+
+
+ +

+Make the kerberos library default to the admin KDC.

+

Parameters:
+ + +
context Kerberos 5 context.
+
+
Returns:
boolean flag to telling the context will use admin KDC as the default KDC.
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_context (krb5_context *  context  ) 
+
+
+ +

+Initializes the context structure and reads the configuration file /etc/krb5.conf. The structure should be freed by calling krb5_free_context() when it is no longer being used.

+

Parameters:
+ + +
context pointer to returned context
+
+
Returns:
Returns 0 to indicate success. Otherwise an errno code is returned. Failure means either that something bad happened during initialization (typically ENOMEM) or that Kerberos should not be used ENXIO.
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_init_ets (krb5_context  context  ) 
+
+
+ +

+Init the built-in ets in the Kerberos library.

+

Parameters:
+ + +
context kerberos context to add the ets too
+
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_is_thread_safe (void   ) 
+
+
+ +

+Runtime check if the Kerberos library was complied with thread support.

+

Returns:
TRUE if the library was compiled with thread support, FALSE if not.
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION const krb5_enctype* KRB5_LIB_CALL krb5_kerberos_enctypes (krb5_context  context  ) 
+
+
+ +

+Returns the list of Kerberos encryption types sorted in order of most preferred to least preferred encryption type. Note that some encryption types might be disabled, so you need to check with krb5_enctype_valid() before using the encryption type.

+

Returns:
list of enctypes, terminated with ETYPE_NULL. Its a static array completed into the Kerberos library so the content doesn't need to be freed.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_get_addrinfo (krb5_context  context,
krb5_krbhst_info *  host,
struct addrinfo **  ai 
)
+
+
+ +

+Return an `struct addrinfo *' for a KDC host.

+Returns an the struct addrinfo in in that corresponds to the information in `host'. free:ing is handled by krb5_krbhst_free, so the returned ai must not be released. +

+First try this as an IP address, this allows us to add a dot at the end to stop using the search domains.

+If the hostname contains a dot, assumes it's a FQDN and don't use search domains since that might be painfully slow when machine is disconnected from that network. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_prepend_config_files_default (const char *  filelist,
char ***  pfilenames 
)
+
+
+ +

+Prepend the filename to the global configuration list.

+

Parameters:
+ + + +
filelist a filename to add to the default list of filename
pfilenames return array of filenames, should be freed with krb5_free_config_files().
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_config_files (krb5_context  context,
char **  filenames 
)
+
+
+ +

+Reinit the context from a new set of filenames.

+

Parameters:
+ + + +
context context to add configuration too.
filenames array of filenames, end of list is indicated with a NULL filename.
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_default_in_tkt_etypes (krb5_context  context,
const krb5_enctype *  etypes 
)
+
+
+ +

+Set the default encryption types that will be use in communcation with the KDC, clients and servers.

+

Parameters:
+ + + +
context Kerberos 5 context.
etypes Encryption types, array terminated with ETYPE_NULL (0).
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_dns_canonicalize_hostname (krb5_context  context,
krb5_boolean  flag 
)
+
+
+ +

+Set if the library should use DNS to canonicalize hostnames.

+

Parameters:
+ + + +
context Kerberos 5 context.
flag if its dns canonicalizion is used or not.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_extra_addresses (krb5_context  context,
const krb5_addresses *  addresses 
)
+
+
+ +

+Set extra address to the address list that the library will add to the client's address list when communicating with the KDC.

+

Parameters:
+ + + +
context Kerberos 5 context.
addresses addreses to set
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_fcache_version (krb5_context  context,
int  version 
)
+
+
+ +

+Set version of fcache that the library should use.

+

Parameters:
+ + + +
context Kerberos 5 context.
version version number.
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_set_home_dir_access (krb5_context  context,
krb5_boolean  allow 
)
+
+
+ +

+Enable and disable home directory access on either the global state or the krb5_context state. By calling krb5_set_home_dir_access() with context set to NULL, the global state is configured otherwise the state for the krb5_context is modified.

+For home directory access to be allowed, both the global state and the krb5_context state have to be allowed.

+Administrator (root user), never uses the home directory.

+

Parameters:
+ + + +
context a Kerberos 5 context or NULL
allow allow if TRUE home directory
+
+
Returns:
the old value
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_ignore_addresses (krb5_context  context,
const krb5_addresses *  addresses 
)
+
+
+ +

+Set extra addresses to ignore when fetching addresses from the underlaying operating system.

+

Parameters:
+ + + +
context Kerberos 5 context.
addresses addreses to ignore
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_kdc_sec_offset (krb5_context  context,
int32_t  sec,
int32_t  usec 
)
+
+
+ +

+Set current offset in time to the KDC.

+

Parameters:
+ + + + +
context Kerberos 5 context.
sec seconds part of offset.
usec micro seconds part of offset.
+
+
Returns:
returns zero
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_max_time_skew (krb5_context  context,
time_t  t 
)
+
+
+ +

+Set max time skew allowed.

+

Parameters:
+ + + +
context Kerberos 5 context.
t timeskew in seconds.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_password (krb5_context  context,
krb5_creds *  creds,
const char *  newpw,
krb5_principal  targprinc,
int *  result_code,
krb5_data *  result_code_string,
krb5_data *  result_string 
)
+
+
+ +

+Change password using creds.

+

Parameters:
+ + + + + + + + +
context a Keberos context
creds The initial kadmin/passwd for the principal or an admin principal
newpw The new password to set
targprinc if unset, the default principal is used.
result_code Result code, KRB5_KPASSWD_SUCCESS is when password is changed.
result_code_string binary message from the server, contains at least the result_code.
result_string A message from the kpasswd service or the library in human printable form. The string is NUL terminated.
+
+
Returns:
On sucess and *result_code is KRB5_KPASSWD_SUCCESS, the password is changed.
+@ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_real_time (krb5_context  context,
krb5_timestamp  sec,
int32_t  usec 
)
+
+
+ +

+Set the absolute time that the caller knows the kdc has so the kerberos library can calculate the relative diffrence beteen the KDC time and local system time.

+

Parameters:
+ + + + +
context Keberos 5 context.
sec The applications new of "now" in seconds
usec The applications new of "now" in micro seconds
+
+
Returns:
Kerberos 5 error code, see krb5_get_error_message().
+ +

+If the caller passes in a negative usec, its assumed to be unknown and the function will use the current time usec. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_use_admin_kdc (krb5_context  context,
krb5_boolean  flag 
)
+
+
+ +

+Make the kerberos library default to the admin KDC.

+

Parameters:
+ + + +
context Kerberos 5 context.
flag boolean flag to select if the use the admin KDC or not.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ticket_get_authorization_data_type (krb5_context  context,
krb5_ticket *  ticket,
int  type,
krb5_data *  data 
)
+
+
+ +

+Extract the authorization data type of type from the ticket. Store the field in data. This function is to use for kerberos applications.

+

Parameters:
+ + + + + +
context a Kerberos 5 context
ticket Kerberos ticket
type type to fetch
data returned data, free with krb5_data_free()
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ticket_get_client (krb5_context  context,
const krb5_ticket *  ticket,
krb5_principal *  client 
)
+
+
+ +

+Return client principal in ticket

+

Parameters:
+ + + + +
context a Kerberos 5 context
ticket ticket to copy
client client principal, free with krb5_free_principal()
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL krb5_ticket_get_endtime (krb5_context  context,
const krb5_ticket *  ticket 
)
+
+
+ +

+Return end time of ticket

+

Parameters:
+ + + +
context a Kerberos 5 context
ticket ticket to copy
+
+
Returns:
end time of ticket
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ticket_get_server (krb5_context  context,
const krb5_ticket *  ticket,
krb5_principal *  server 
)
+
+
+ +

+Return server principal in ticket

+

Parameters:
+ + + + +
context a Kerberos 5 context
ticket ticket to copy
server server principal, free with krb5_free_principal()
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__address.html b/doc/doxyout/krb5/html/group__krb5__address.html new file mode 100644 index 000000000000..59987ea8ee84 --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__address.html @@ -0,0 +1,1003 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 address functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 address functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_sockaddr2address (krb5_context context, const struct sockaddr *sa, krb5_address *addr)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_sockaddr2port (krb5_context context, const struct sockaddr *sa, int16_t *port)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_addr2sockaddr (krb5_context context, const krb5_address *addr, struct sockaddr *sa, krb5_socklen_t *sa_size, int port)
KRB5_LIB_FUNCTION size_t
+KRB5_LIB_CALL 		krb5_max_sockaddr_size (void)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_sockaddr_uninteresting (const struct sockaddr *sa)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_h_addr2sockaddr (krb5_context context, int af, const char *addr, struct sockaddr *sa, krb5_socklen_t *sa_size, int port)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_h_addr2addr (krb5_context context, int af, const char *haddr, krb5_address *addr)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_anyaddr (krb5_context context, int af, struct sockaddr *sa, krb5_socklen_t *sa_size, int port)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_print_address (const krb5_address *addr, char *str, size_t len, size_t *ret_len)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_parse_address (krb5_context context, const char *string, krb5_addresses *addresses)
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_address_order (krb5_context context, const krb5_address *addr1, const krb5_address *addr2)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_address_compare (krb5_context context, const krb5_address *addr1, const krb5_address *addr2)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_address_search (krb5_context context, const krb5_address *addr, const krb5_addresses *addrlist)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_free_address (krb5_context context, krb5_address *address)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_free_addresses (krb5_context context, krb5_addresses *addresses)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_copy_address (krb5_context context, const krb5_address *inaddr, krb5_address *outaddr)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_copy_addresses (krb5_context context, const krb5_addresses *inaddr, krb5_addresses *outaddr)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_append_addresses (krb5_context context, krb5_addresses *dest, const krb5_addresses *source)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_make_addrport (krb5_context context, krb5_address **res, const krb5_address *addr, int16_t port)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_address_prefixlen_boundary (krb5_context context, const krb5_address *inaddr, unsigned long prefixlen, krb5_address *low, krb5_address *high)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_addr2sockaddr (krb5_context  context,
const krb5_address *  addr,
struct sockaddr *  sa,
krb5_socklen_t *  sa_size,
int  port 
)
+
+
+ +

+krb5_addr2sockaddr sets the "struct sockaddr sockaddr" from addr and port. The argument sa_size should initially contain the size of the sa and after the call, it will contain the actual length of the address. In case of the sa is too small to fit the whole address, the up to *sa_size will be stored, and then *sa_size will be set to the required length.

+

Parameters:
+ + + + + + +
context a Keberos context
addr the address to copy the from
sa the struct sockaddr that will be filled in
sa_size pointer to length of sa, and after the call, it will contain the actual length of the address.
port set port in sa.
+
+
Returns:
Return an error code or 0. Will return KRB5_PROG_ATYPE_NOSUPP in case address type is not supported.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_address_compare (krb5_context  context,
const krb5_address *  addr1,
const krb5_address *  addr2 
)
+
+
+ +

+krb5_address_compare compares the addresses addr1 and addr2. Returns TRUE if the two addresses are the same.

+

Parameters:
+ + + + +
context a Keberos context
addr1 address to compare
addr2 address to compare
+
+
Returns:
Return an TRUE is the address are the same FALSE if not
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_address_order (krb5_context  context,
const krb5_address *  addr1,
const krb5_address *  addr2 
)
+
+
+ +

+krb5_address_order compares the addresses addr1 and addr2 so that it can be used for sorting addresses. If the addresses are the same address krb5_address_order will return 0. Behavies like memcmp(2).

+

Parameters:
+ + + + +
context a Keberos context
addr1 krb5_address to compare
addr2 krb5_address to compare
+
+
Returns:
< 0 if address addr1 in "less" then addr2. 0 if addr1 and addr2 is the same address, > 0 if addr2 is "less" then addr1.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_address_prefixlen_boundary (krb5_context  context,
const krb5_address *  inaddr,
unsigned long  prefixlen,
krb5_address *  low,
krb5_address *  high 
)
+
+
+ +

+Calculate the boundary addresses of `inaddr'/`prefixlen' and store them in `low' and `high'.

+

Parameters:
+ + + + + + +
context a Keberos context
inaddr address in prefixlen that the bondery searched
prefixlen width of boundery
low lowest address
high highest address
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_address_search (krb5_context  context,
const krb5_address *  addr,
const krb5_addresses *  addrlist 
)
+
+
+ +

+krb5_address_search checks if the address addr is a member of the address set list addrlist .

+

Parameters:
+ + + + +
context a Keberos context.
addr address to search for.
addrlist list of addresses to look in for addr.
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_anyaddr (krb5_context  context,
int  af,
struct sockaddr *  sa,
krb5_socklen_t *  sa_size,
int  port 
)
+
+
+ +

+krb5_anyaddr fills in a "struct sockaddr sa" that can be used to bind(2) to. The argument sa_size should initially contain the size of the sa, and after the call, it will contain the actual length of the address.

+

Parameters:
+ + + + + + +
context a Keberos context
af address family
sa sockaddr
sa_size lenght of sa.
port for to fill into sa.
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_append_addresses (krb5_context  context,
krb5_addresses *  dest,
const krb5_addresses *  source 
)
+
+
+ +

+krb5_append_addresses adds the set of addresses in source to dest. While copying the addresses, duplicates are also sorted out.

+

Parameters:
+ + + + +
context a Keberos context
dest destination of copy operation
source adresses that are going to be added to dest
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_address (krb5_context  context,
const krb5_address *  inaddr,
krb5_address *  outaddr 
)
+
+
+ +

+krb5_copy_address copies the content of address inaddr to outaddr.

+

Parameters:
+ + + + +
context a Keberos context
inaddr pointer to source address
outaddr pointer to destination address
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_addresses (krb5_context  context,
const krb5_addresses *  inaddr,
krb5_addresses *  outaddr 
)
+
+
+ +

+krb5_copy_addresses copies the content of addresses inaddr to outaddr.

+

Parameters:
+ + + + +
context a Keberos context
inaddr pointer to source addresses
outaddr pointer to destination addresses
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_address (krb5_context  context,
krb5_address *  address 
)
+
+
+ +

+krb5_free_address frees the data stored in the address that is alloced with any of the krb5_address functions.

+

Parameters:
+ + + +
context a Keberos context
address addresss to be freed.
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_addresses (krb5_context  context,
krb5_addresses *  addresses 
)
+
+
+ +

+krb5_free_addresses frees the data stored in the address that is alloced with any of the krb5_address functions.

+

Parameters:
+ + + +
context a Keberos context
addresses addressses to be freed.
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_h_addr2addr (krb5_context  context,
int  af,
const char *  haddr,
krb5_address *  addr 
)
+
+
+ +

+krb5_h_addr2addr works like krb5_h_addr2sockaddr with the exception that it operates on a krb5_address instead of a struct sockaddr.

+

Parameters:
+ + + + + +
context a Keberos context
af address family
haddr host address from struct hostent.
addr returned krb5_address.
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_h_addr2sockaddr (krb5_context  context,
int  af,
const char *  addr,
struct sockaddr *  sa,
krb5_socklen_t *  sa_size,
int  port 
)
+
+
+ +

+krb5_h_addr2sockaddr initializes a "struct sockaddr sa" from af and the "struct hostent" (see gethostbyname(3) ) h_addr_list component. The argument sa_size should initially contain the size of the sa, and after the call, it will contain the actual length of the address.

+

Parameters:
+ + + + + + + +
context a Keberos context
af addresses
addr address
sa returned struct sockaddr
sa_size size of sa
port port to set in sa.
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_make_addrport (krb5_context  context,
krb5_address **  res,
const krb5_address *  addr,
int16_t  port 
)
+
+
+ +

+Create an address of type KRB5_ADDRESS_ADDRPORT from (addr, port)

+

Parameters:
+ + + + + +
context a Keberos context
res built address from addr/port
addr address to use
port port to use
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL krb5_max_sockaddr_size (void   ) 
+
+
+ +

+krb5_max_sockaddr_size returns the max size of the .Li struct sockaddr that the Kerberos library will return.

+

Returns:
Return an size_t of the maximum struct sockaddr.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_address (krb5_context  context,
const char *  string,
krb5_addresses *  addresses 
)
+
+
+ +

+krb5_parse_address returns the resolved hostname in string to the krb5_addresses addresses .

+

Parameters:
+ + + + +
context a Keberos context
string 
addresses 
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_print_address (const krb5_address *  addr,
char *  str,
size_t  len,
size_t *  ret_len 
)
+
+
+ +

+krb5_print_address prints the address in addr to the string string that have the length len. If ret_len is not NULL, it will be filled with the length of the string if size were unlimited (not including the final NUL) .

+

Parameters:
+ + + + + +
addr address to be printed
str pointer string to print the address into
len length that will fit into area pointed to by "str".
ret_len return length the str.
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sockaddr2address (krb5_context  context,
const struct sockaddr *  sa,
krb5_address *  addr 
)
+
+
+ +

+krb5_sockaddr2address stores a address a "struct sockaddr" sa in the krb5_address addr.

+

Parameters:
+ + + + +
context a Keberos context
sa a struct sockaddr to extract the address from
addr an Kerberos 5 address to store the address in.
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sockaddr2port (krb5_context  context,
const struct sockaddr *  sa,
int16_t *  port 
)
+
+
+ +

+krb5_sockaddr2port extracts a port (if possible) from a "struct sockaddr.

+

Parameters:
+ + + + +
context a Keberos context
sa a struct sockaddr to extract the port from
port a pointer to an int16_t store the port in.
+
+
Returns:
Return an error code or 0. Will return KRB5_PROG_ATYPE_NOSUPP in case address type is not supported.
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_sockaddr_uninteresting (const struct sockaddr *  sa  ) 
+
+
+ +

+krb5_sockaddr_uninteresting returns TRUE for all .Fa sa that the kerberos library thinks are uninteresting. One example are link local addresses.

+

Parameters:
+ + +
sa pointer to struct sockaddr that might be interesting.
+
+
Returns:
Return a non zero for uninteresting addresses.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__auth.html b/doc/doxyout/krb5/html/group__krb5__auth.html new file mode 100644 index 000000000000..b10948cff6a1 --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__auth.html @@ -0,0 +1,320 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 authentication functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 authentication functions

+ + + + + + + + + + + + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_rd_req_in_ctx_alloc (krb5_context context, krb5_rd_req_in_ctx *ctx)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_rd_req_in_set_keytab (krb5_context context, krb5_rd_req_in_ctx in, krb5_keytab keytab)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_rd_req_in_set_pac_check (krb5_context context, krb5_rd_req_in_ctx in, krb5_boolean flag)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_rd_req_out_get_server (krb5_context context, krb5_rd_req_out_ctx out, krb5_principal *principal)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_rd_req_out_ctx_free (krb5_context context, krb5_rd_req_out_ctx ctx)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_rd_req_ctx (krb5_context context, krb5_auth_context *auth_context, const krb5_data *inbuf, krb5_const_principal server, krb5_rd_req_in_ctx inctx, krb5_rd_req_out_ctx *outctx)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_ctx (krb5_context  context,
krb5_auth_context *  auth_context,
const krb5_data *  inbuf,
krb5_const_principal  server,
krb5_rd_req_in_ctx  inctx,
krb5_rd_req_out_ctx *  outctx 
)
+
+
+ +

+The core server function that verify application authentication requests from clients.

+

Parameters:
+ + + + + + + +
context Keberos 5 context.
auth_context the authentication context, can be NULL, then default values for the authentication context will used.
inbuf the (AP-REQ) authentication buffer
server the server with authenticate as, if NULL the function will try to find any available credential in the keytab that will verify the reply. The function will prefer the server the server client specified in the AP-REQ, but if there is no mach, it will try all keytab entries for a match. This have serious performance issues for larger keytabs.
inctx control the behavior of the function, if NULL, the default behavior is used.
outctx the return outctx, free with krb5_rd_req_out_ctx_free().
+
+
Returns:
Kerberos 5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_ctx_alloc (krb5_context  context,
krb5_rd_req_in_ctx *  ctx 
)
+
+
+ +

+Allocate a krb5_rd_req_in_ctx as an input parameter to krb5_rd_req_ctx(). The caller should free the context with krb5_rd_req_in_ctx_free() when done with the context.

+

Parameters:
+ + + +
context Keberos 5 context.
ctx in ctx to krb5_rd_req_ctx().
+
+
Returns:
Kerberos 5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_set_keytab (krb5_context  context,
krb5_rd_req_in_ctx  in,
krb5_keytab  keytab 
)
+
+
+ +

+Set the keytab that krb5_rd_req_ctx() will use.

+

Parameters:
+ + + + +
context Keberos 5 context.
in in ctx to krb5_rd_req_ctx().
keytab keytab that krb5_rd_req_ctx() will use, only copy the pointer, so the caller must free they keytab after krb5_rd_req_in_ctx_free() is called.
+
+
Returns:
Kerberos 5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_set_pac_check (krb5_context  context,
krb5_rd_req_in_ctx  in,
krb5_boolean  flag 
)
+
+
+ +

+Set if krb5_rq_red() is going to check the Windows PAC or not

+

Parameters:
+ + + + +
context Keberos 5 context.
in krb5_rd_req_in_ctx to check the option on.
flag flag to select if to check the pac (TRUE) or not (FALSE).
+
+
Returns:
Kerberos 5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_rd_req_out_ctx_free (krb5_context  context,
krb5_rd_req_out_ctx  ctx 
)
+
+
+ +

+Free the krb5_rd_req_out_ctx.

+

Parameters:
+ + + +
context Keberos 5 context.
ctx krb5_rd_req_out_ctx context to free.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_out_get_server (krb5_context  context,
krb5_rd_req_out_ctx  out,
krb5_principal *  principal 
)
+
+
+ +

+Get the principal that was used in the request from the client. Might not match whats in the ticket if krb5_rd_req_ctx() searched in the keytab for a matching key.

+

Parameters:
+ + + + +
context a Kerberos 5 context.
out a krb5_rd_req_out_ctx from krb5_rd_req_ctx().
principal return principal, free with krb5_free_principal().
+
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__ccache.html b/doc/doxyout/krb5/html/group__krb5__ccache.html new file mode 100644 index 000000000000..487c8af1cb7b --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__ccache.html @@ -0,0 +1,2264 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 credential cache functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 credential cache functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_register (krb5_context context, const krb5_cc_ops *ops, krb5_boolean override)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_resolve (krb5_context context, const char *name, krb5_ccache *id)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_new_unique (krb5_context context, const char *type, const char *hint, krb5_ccache *id)
KRB5_LIB_FUNCTION const char
+*KRB5_LIB_CALL 		krb5_cc_get_name (krb5_context context, krb5_ccache id)
KRB5_LIB_FUNCTION const char
+*KRB5_LIB_CALL 		krb5_cc_get_type (krb5_context context, krb5_ccache id)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_get_full_name (krb5_context context, krb5_ccache id, char **str)
KRB5_LIB_FUNCTION const
+krb5_cc_ops *KRB5_LIB_CALL 		krb5_cc_get_ops (krb5_context context, krb5_ccache id)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_switch (krb5_context context, krb5_ccache id)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_cc_support_switch (krb5_context context, const char *type)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_set_default_name (krb5_context context, const char *name)
KRB5_LIB_FUNCTION const char
+*KRB5_LIB_CALL 		krb5_cc_default_name (krb5_context context)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_default (krb5_context context, krb5_ccache *id)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_initialize (krb5_context context, krb5_ccache id, krb5_principal primary_principal)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_destroy (krb5_context context, krb5_ccache id)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_close (krb5_context context, krb5_ccache id)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_store_cred (krb5_context context, krb5_ccache id, krb5_creds *creds)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_retrieve_cred (krb5_context context, krb5_ccache id, krb5_flags whichfields, const krb5_creds *mcreds, krb5_creds *creds)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_get_principal (krb5_context context, krb5_ccache id, krb5_principal *principal)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_start_seq_get (krb5_context context, const krb5_ccache id, krb5_cc_cursor *cursor)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_next_cred (krb5_context context, const krb5_ccache id, krb5_cc_cursor *cursor, krb5_creds *creds)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_end_seq_get (krb5_context context, const krb5_ccache id, krb5_cc_cursor *cursor)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_remove_cred (krb5_context context, krb5_ccache id, krb5_flags which, krb5_creds *cred)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_set_flags (krb5_context context, krb5_ccache id, krb5_flags flags)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_get_flags (krb5_context context, krb5_ccache id, krb5_flags *flags)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_copy_match_f (krb5_context context, const krb5_ccache from, krb5_ccache to, krb5_boolean(*match)(krb5_context, void *, const krb5_creds *), void *matchctx, unsigned int *matched)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_copy_cache (krb5_context context, const krb5_ccache from, krb5_ccache to)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_get_version (krb5_context context, const krb5_ccache id)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_cc_clear_mcred (krb5_creds *mcred)
KRB5_LIB_FUNCTION const
+krb5_cc_ops *KRB5_LIB_CALL 		krb5_cc_get_prefix_ops (krb5_context context, const char *prefix)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_cache_get_first (krb5_context context, const char *type, krb5_cc_cache_cursor *cursor)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_cache_next (krb5_context context, krb5_cc_cache_cursor cursor, krb5_ccache *id)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_cache_end_seq_get (krb5_context context, krb5_cc_cache_cursor cursor)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_cache_match (krb5_context context, krb5_principal client, krb5_ccache *id)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_move (krb5_context context, krb5_ccache from, krb5_ccache to)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_is_config_principal (krb5_context context, krb5_const_principal principal)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_set_config (krb5_context context, krb5_ccache id, krb5_const_principal principal, const char *name, krb5_data *data)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_get_config (krb5_context context, krb5_ccache id, krb5_const_principal principal, const char *name, krb5_data *data)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cccol_cursor_new (krb5_context context, krb5_cccol_cursor *cursor)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cccol_cursor_next (krb5_context context, krb5_cccol_cursor cursor, krb5_ccache *cache)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cccol_cursor_free (krb5_context context, krb5_cccol_cursor *cursor)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_last_change_time (krb5_context context, krb5_ccache id, krb5_timestamp *mtime)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cccol_last_change_time (krb5_context context, const char *type, krb5_timestamp *mtime)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_get_friendly_name (krb5_context context, krb5_ccache id, char **name)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_set_friendly_name (krb5_context context, krb5_ccache id, const char *name)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_get_lifetime (krb5_context context, krb5_ccache id, time_t *t)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_set_kdc_offset (krb5_context context, krb5_ccache id, krb5_deltat offset)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_get_kdc_offset (krb5_context context, krb5_ccache id, krb5_deltat *offset)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_gen_new (krb5_context context, const krb5_cc_ops *ops, krb5_ccache *id) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cc_copy_creds (krb5_context context, const krb5_ccache from, krb5_ccache to)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_validated_creds (krb5_context context, krb5_creds *creds, krb5_principal client, krb5_ccache ccache, char *service)

Variables

KRB5_LIB_VARIABLE const krb5_cc_ops krb5_acc_ops
KRB5_LIB_VARIABLE const krb5_cc_ops krb5_fcc_ops
KRB5_LIB_VARIABLE const krb5_cc_ops krb5_mcc_ops
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_end_seq_get (krb5_context  context,
krb5_cc_cache_cursor  cursor 
)
+
+
+ +

+Destroy the cursor `cursor'.

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_get_first (krb5_context  context,
const char *  type,
krb5_cc_cache_cursor *  cursor 
)
+
+
+ +

+Start iterating over all caches of specified type. See also krb5_cccol_cursor_new().

+

Parameters:
+ + + + +
context A Kerberos 5 context
type optional type to iterate over, if NULL, the default cache is used.
cursor cursor should be freed with krb5_cc_cache_end_seq_get().
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_match (krb5_context  context,
krb5_principal  client,
krb5_ccache *  id 
)
+
+
+ +

+Search for a matching credential cache that have the `principal' as the default principal. On success, `id' needs to be freed with krb5_cc_close() or krb5_cc_destroy().

+

Parameters:
+ + + + +
context A Kerberos 5 context
client The principal to search for
id the returned credential cache
+
+
Returns:
On failure, error code is returned and `id' is set to NULL.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_next (krb5_context  context,
krb5_cc_cache_cursor  cursor,
krb5_ccache *  id 
)
+
+
+ +

+Retrieve the next cache pointed to by (`cursor') in `id' and advance `cursor'.

+

Parameters:
+ + + + +
context A Kerberos 5 context
cursor the iterator cursor, returned by krb5_cc_cache_get_first()
id next ccache
+
+
Returns:
Return 0 or an error code. Returns KRB5_CC_END when the end of caches is reached, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_cc_clear_mcred (krb5_creds *  mcred  ) 
+
+
+ +

+Clear `mcreds' so it can be used with krb5_cc_retrieve_cred +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_close (krb5_context  context,
krb5_ccache  id 
)
+
+
+ +

+Stop using the ccache `id' and free the related resources.

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_copy_cache (krb5_context  context,
const krb5_ccache  from,
krb5_ccache  to 
)
+
+
+ +

+Just like krb5_cc_copy_match_f(), but copy everything.

+@ +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_copy_creds (krb5_context  context,
const krb5_ccache  from,
krb5_ccache  to 
)
+
+
+ +

+MIT compat glue +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_copy_match_f (krb5_context  context,
const krb5_ccache  from,
krb5_ccache  to,
krb5_boolean(*)(krb5_context, void *, const krb5_creds *)  match,
void *  matchctx,
unsigned int *  matched 
)
+
+
+ +

+Copy the contents of `from' to `to' if the given match function return true.

+

Parameters:
+ + + + + + + +
context A Kerberos 5 context.
from the cache to copy data from.
to the cache to copy data to.
match a match function that should return TRUE if cred argument should be copied, if NULL, all credentials are copied.
matchctx context passed to match function.
matched set to true if there was a credential that matched, may be NULL.
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_default (krb5_context  context,
krb5_ccache *  id 
)
+
+
+ +

+Open the default ccache in `id'.

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_cc_default_name (krb5_context  context  ) 
+
+
+ +

+Return a pointer to a context static string containing the default ccache name.

+

Returns:
String to the default credential cache name.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_destroy (krb5_context  context,
krb5_ccache  id 
)
+
+
+ +

+Remove the ccache `id'.

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_end_seq_get (krb5_context  context,
const krb5_ccache  id,
krb5_cc_cursor *  cursor 
)
+
+
+ +

+Destroy the cursor `cursor'. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_gen_new (krb5_context  context,
const krb5_cc_ops *  ops,
krb5_ccache *  id 
)
+
+
+ +

+Generate a new ccache of type `ops' in `id'.

+Deprecated: use krb5_cc_new_unique() instead.

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_config (krb5_context  context,
krb5_ccache  id,
krb5_const_principal  principal,
const char *  name,
krb5_data *  data 
)
+
+
+ +

+Get some configuration for the credential cache in the cache.

+

Parameters:
+ + + + + + +
context a Keberos context
id the credential cache to store the data for
principal configuration for a specific principal, if NULL, global for the whole cache.
name name under which the configuraion is stored.
data data to fetched, free with krb5_data_free()
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_flags (krb5_context  context,
krb5_ccache  id,
krb5_flags *  flags 
)
+
+
+ +

+Get the flags of `id', store them in `flags'. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_friendly_name (krb5_context  context,
krb5_ccache  id,
char **  name 
)
+
+
+ +

+Return a friendly name on credential cache. Free the result with krb5_xfree().

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_full_name (krb5_context  context,
krb5_ccache  id,
char **  str 
)
+
+
+ +

+Return the complete resolvable name the cache

+

Parameters:
+ + + + +
context a Keberos context
id return pointer to a found credential cache
str the returned name of a credential cache, free with krb5_xfree()
+
+
Returns:
Returns 0 or an error (and then *str is set to NULL).
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_kdc_offset (krb5_context  context,
krb5_ccache  id,
krb5_deltat *  offset 
)
+
+
+ +

+Get the time offset betwen the client and the KDC

+If the backend doesn't support KDC offset, use the context global setting.

+

Parameters:
+ + + + +
context A Kerberos 5 context.
id a credential cache
offset the offset in seconds
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_lifetime (krb5_context  context,
krb5_ccache  id,
time_t *  t 
)
+
+
+ +

+Get the lifetime of the initial ticket in the cache

+Get the lifetime of the initial ticket in the cache, if the initial ticket was not found, the error code KRB5_CC_END is returned.

+

Parameters:
+ + + + +
context A Kerberos 5 context.
id a credential cache
t the relative lifetime of the initial ticket
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_cc_get_name (krb5_context  context,
krb5_ccache  id 
)
+
+
+ +

+Return the name of the ccache `id' +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION const krb5_cc_ops* KRB5_LIB_CALL krb5_cc_get_ops (krb5_context  context,
krb5_ccache  id 
)
+
+
+ +

+Return krb5_cc_ops of a the ccache `id'. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION const krb5_cc_ops* KRB5_LIB_CALL krb5_cc_get_prefix_ops (krb5_context  context,
const char *  prefix 
)
+
+
+ +

+Get the cc ops that is registered in `context' to handle the prefix. prefix can be a complete credential cache name or a prefix, the function will only use part up to the first colon (:) if there is one. If prefix the argument is NULL, the default ccache implemtation is returned.

+

Returns:
Returns NULL if ops not found.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_principal (krb5_context  context,
krb5_ccache  id,
krb5_principal *  principal 
)
+
+
+ +

+Return the principal of `id' in `principal'.

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_cc_get_type (krb5_context  context,
krb5_ccache  id 
)
+
+
+ +

+Return the type of the ccache `id'. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_version (krb5_context  context,
const krb5_ccache  id 
)
+
+
+ +

+Return the version of `id'. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_initialize (krb5_context  context,
krb5_ccache  id,
krb5_principal  primary_principal 
)
+
+
+ +

+Create a new ccache in `id' for `primary_principal'.

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_last_change_time (krb5_context  context,
krb5_ccache  id,
krb5_timestamp *  mtime 
)
+
+
+ +

+Return the last time the credential cache was modified.

+

Parameters:
+ + + + +
context A Kerberos 5 context
id The credential cache to probe
mtime the last modification time, set to 0 on error.
+
+
Returns:
Return 0 or and error. See krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_move (krb5_context  context,
krb5_ccache  from,
krb5_ccache  to 
)
+
+
+ +

+Move the content from one credential cache to another. The operation is an atomic switch.

+

Parameters:
+ + + + +
context a Keberos context
from the credential cache to move the content from
to the credential cache to move the content to
+
+
Returns:
On sucess, from is freed. On failure, error code is returned and from and to are both still allocated, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_new_unique (krb5_context  context,
const char *  type,
const char *  hint,
krb5_ccache *  id 
)
+
+
+ +

+Generates a new unique ccache of `type` in `id'. If `type' is NULL, the library chooses the default credential cache type. The supplied `hint' (that can be NULL) is a string that the credential cache type can use to base the name of the credential on, this is to make it easier for the user to differentiate the credentials.

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_next_cred (krb5_context  context,
const krb5_ccache  id,
krb5_cc_cursor *  cursor,
krb5_creds *  creds 
)
+
+
+ +

+Retrieve the next cred pointed to by (`id', `cursor') in `creds' and advance `cursor'.

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_register (krb5_context  context,
const krb5_cc_ops *  ops,
krb5_boolean  override 
)
+
+
+ +

+Add a new ccache type with operations `ops', overwriting any existing one if `override'.

+

Parameters:
+ + + + +
context a Keberos context
ops type of plugin symbol
override flag to select if the registration is to overide an existing ops with the same name.
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_remove_cred (krb5_context  context,
krb5_ccache  id,
krb5_flags  which,
krb5_creds *  cred 
)
+
+
+ +

+Remove the credential identified by `cred', `which' from `id'. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_resolve (krb5_context  context,
const char *  name,
krb5_ccache *  id 
)
+
+
+ +

+Find and allocate a ccache in `id' from the specification in `residual'. If the ccache name doesn't contain any colon, interpret it as a file name.

+

Parameters:
+ + + + +
context a Keberos context.
name string name of a credential cache.
id return pointer to a found credential cache.
+
+
Returns:
Return 0 or an error code. In case of an error, id is set to NULL, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_retrieve_cred (krb5_context  context,
krb5_ccache  id,
krb5_flags  whichfields,
const krb5_creds *  mcreds,
krb5_creds *  creds 
)
+
+
+ +

+Retrieve the credential identified by `mcreds' (and `whichfields') from `id' in `creds'. 'creds' must be free by the caller using krb5_free_cred_contents.

+

Parameters:
+ + + + + + +
context A Kerberos 5 context
id a Kerberos 5 credential cache
whichfields what fields to use for matching credentials, same flags as whichfields in krb5_compare_creds()
mcreds template credential to use for comparing
creds returned credential, free with krb5_free_cred_contents()
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_config (krb5_context  context,
krb5_ccache  id,
krb5_const_principal  principal,
const char *  name,
krb5_data *  data 
)
+
+
+ +

+Store some configuration for the credential cache in the cache. Existing configuration under the same name is over-written.

+

Parameters:
+ + + + + + +
context a Keberos context
id the credential cache to store the data for
principal configuration for a specific principal, if NULL, global for the whole cache.
name name under which the configuraion is stored.
data data to store, if NULL, configure is removed.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_default_name (krb5_context  context,
const char *  name 
)
+
+
+ +

+Set the default cc name for `context' to `name'. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_flags (krb5_context  context,
krb5_ccache  id,
krb5_flags  flags 
)
+
+
+ +

+Set the flags of `id' to `flags'. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_friendly_name (krb5_context  context,
krb5_ccache  id,
const char *  name 
)
+
+
+ +

+Set the friendly name on credential cache.

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_kdc_offset (krb5_context  context,
krb5_ccache  id,
krb5_deltat  offset 
)
+
+
+ +

+Set the time offset betwen the client and the KDC

+If the backend doesn't support KDC offset, use the context global setting.

+

Parameters:
+ + + + +
context A Kerberos 5 context.
id a credential cache
offset the offset in seconds
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_start_seq_get (krb5_context  context,
const krb5_ccache  id,
krb5_cc_cursor *  cursor 
)
+
+
+ +

+Start iterating over `id', `cursor' is initialized to the beginning. Caller must free the cursor with krb5_cc_end_seq_get().

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_store_cred (krb5_context  context,
krb5_ccache  id,
krb5_creds *  creds 
)
+
+
+ +

+Store `creds' in the ccache `id'.

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_cc_support_switch (krb5_context  context,
const char *  type 
)
+
+
+ +

+Return true if the default credential cache support switch +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_switch (krb5_context  context,
krb5_ccache  id 
)
+
+
+ +

+Switch the default default credential cache for a specific credcache type (and name for some implementations).

+

Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cccol_cursor_free (krb5_context  context,
krb5_cccol_cursor *  cursor 
)
+
+
+ +

+End an iteration and free all resources, can be done before end is reached.

+

Parameters:
+ + + +
context A Kerberos 5 context
cursor the iteration cursor to be freed.
+
+
Returns:
Return 0 or and error, KRB5_CC_END is returned at the end of iteration. See krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cccol_cursor_new (krb5_context  context,
krb5_cccol_cursor *  cursor 
)
+
+
+ +

+Get a new cache interation cursor that will interate over all credentials caches independent of type.

+

Parameters:
+ + + +
context a Keberos context
cursor passed into krb5_cccol_cursor_next() and free with krb5_cccol_cursor_free().
+
+
Returns:
Returns 0 or and error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cccol_cursor_next (krb5_context  context,
krb5_cccol_cursor  cursor,
krb5_ccache *  cache 
)
+
+
+ +

+Get next credential cache from the iteration.

+

Parameters:
+ + + + +
context A Kerberos 5 context
cursor the iteration cursor
cache the returned cursor, pointer is set to NULL on failure and a cache on success. The returned cache needs to be freed with krb5_cc_close() or destroyed with krb5_cc_destroy(). MIT Kerberos behavies slightly diffrent and sets cache to NULL when all caches are iterated over and return 0.
+
+
Returns:
Return 0 or and error, KRB5_CC_END is returned at the end of iteration. See krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cccol_last_change_time (krb5_context  context,
const char *  type,
krb5_timestamp *  mtime 
)
+
+
+ +

+Return the last modfication time for a cache collection. The query can be limited to a specific cache type. If the function return 0 and mtime is 0, there was no credentials in the caches.

+

Parameters:
+ + + + +
context A Kerberos 5 context
type The credential cache to probe, if NULL, all type are traversed.
mtime the last modification time, set to 0 on error.
+
+
Returns:
Return 0 or and error. See krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_validated_creds (krb5_context  context,
krb5_creds *  creds,
krb5_principal  client,
krb5_ccache  ccache,
char *  service 
)
+
+
+ +

+Validate the newly fetch credential, see also krb5_verify_init_creds().

+

Parameters:
+ + + + + + +
context a Kerberos 5 context
creds the credentials to verify
client the client name to match up
ccache the credential cache to use
service a service name to use, used with krb5_sname_to_principal() to build a hostname to use to verify.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_is_config_principal (krb5_context  context,
krb5_const_principal  principal 
)
+
+
+ +

+Return TRUE (non zero) if the principal is a configuration principal (generated part of krb5_cc_set_config()). Returns FALSE (zero) if not a configuration principal.

+

Parameters:
+ + + +
context a Keberos context
principal principal to check if it a configuration principal
+
+ +
+

+

Variable Documentation

+ +
+
+ + + + +
KRB5_LIB_VARIABLE const krb5_cc_ops krb5_acc_ops
+
+
+ +

+Initial value:

 {
+    KRB5_CC_OPS_VERSION,
+    "API",
+    acc_get_name,
+    acc_resolve,
+    acc_gen_new,
+    acc_initialize,
+    acc_destroy,
+    acc_close,
+    acc_store_cred,
+    NULL, 
+    acc_get_principal,
+    acc_get_first,
+    acc_get_next,
+    acc_end_get,
+    acc_remove_cred,
+    acc_set_flags,
+    acc_get_version,
+    acc_get_cache_first,
+    acc_get_cache_next,
+    acc_end_cache_get,
+    acc_move,
+    acc_get_default_name,
+    acc_set_default,
+    acc_lastchange,
+    NULL,
+    NULL,
+}
+
Variable containing the API based credential cache implemention. +
+

+ +

+
+ + + + +
KRB5_LIB_VARIABLE const krb5_cc_ops krb5_fcc_ops
+
+
+ +

+Initial value:

 {
+    KRB5_CC_OPS_VERSION,
+    "FILE",
+    fcc_get_name,
+    fcc_resolve,
+    fcc_gen_new,
+    fcc_initialize,
+    fcc_destroy,
+    fcc_close,
+    fcc_store_cred,
+    NULL, 
+    fcc_get_principal,
+    fcc_get_first,
+    fcc_get_next,
+    fcc_end_get,
+    fcc_remove_cred,
+    fcc_set_flags,
+    fcc_get_version,
+    fcc_get_cache_first,
+    fcc_get_cache_next,
+    fcc_end_cache_get,
+    fcc_move,
+    fcc_get_default_name,
+    NULL,
+    fcc_lastchange,
+    fcc_set_kdc_offset,
+    fcc_get_kdc_offset
+}
+
Variable containing the FILE based credential cache implemention. +
+

+ +

+
+ + + + +
KRB5_LIB_VARIABLE const krb5_cc_ops krb5_mcc_ops
+
+
+ +

+Initial value:

 {
+    KRB5_CC_OPS_VERSION,
+    "MEMORY",
+    mcc_get_name,
+    mcc_resolve,
+    mcc_gen_new,
+    mcc_initialize,
+    mcc_destroy,
+    mcc_close,
+    mcc_store_cred,
+    NULL, 
+    mcc_get_principal,
+    mcc_get_first,
+    mcc_get_next,
+    mcc_end_get,
+    mcc_remove_cred,
+    mcc_set_flags,
+    NULL,
+    mcc_get_cache_first,
+    mcc_get_cache_next,
+    mcc_end_cache_get,
+    mcc_move,
+    mcc_default_name,
+    NULL,
+    mcc_lastchange,
+    mcc_set_kdc_offset,
+    mcc_get_kdc_offset
+}
+
Variable containing the MEMORY based credential cache implemention. +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__credential.html b/doc/doxyout/krb5/html/group__krb5__credential.html new file mode 100644 index 000000000000..0d2bd98b9db4 --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__credential.html @@ -0,0 +1,858 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 credential handing functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 credential handing functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_fwd_tgt_creds (krb5_context context, krb5_auth_context auth_context, const char *hostname, krb5_principal client, krb5_principal server, krb5_ccache ccache, int forwardable, krb5_data *out_data)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_forwarded_creds (krb5_context context, krb5_auth_context auth_context, krb5_ccache ccache, krb5_flags flags, const char *hostname, krb5_creds *in_creds, krb5_data *out_data)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_init_creds_opt_alloc (krb5_context context, krb5_get_init_creds_opt **opt)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_get_init_creds_opt_free (krb5_context context, krb5_get_init_creds_opt *opt)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_init_creds_init (krb5_context context, krb5_principal client, krb5_prompter_fct prompter, void *prompter_data, krb5_deltat start_time, krb5_get_init_creds_opt *options, krb5_init_creds_context *rctx)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_init_creds_set_service (krb5_context context, krb5_init_creds_context ctx, const char *service)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_init_creds_set_password (krb5_context context, krb5_init_creds_context ctx, const char *password)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_init_creds_set_keytab (krb5_context context, krb5_init_creds_context ctx, krb5_keytab keytab)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_init_creds_step (krb5_context context, krb5_init_creds_context ctx, krb5_data *in, krb5_data *out, krb5_krbhst_info *hostinfo, unsigned int *flags)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_init_creds_get_error (krb5_context context, krb5_init_creds_context ctx, KRB_ERROR *error)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_init_creds_free (krb5_context context, krb5_init_creds_context ctx)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_init_creds_get (krb5_context context, krb5_init_creds_context ctx)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_init_creds_password (krb5_context context, krb5_creds *creds, krb5_principal client, const char *password, krb5_prompter_fct prompter, void *data, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *options)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_init_creds_keyblock (krb5_context context, krb5_creds *creds, krb5_principal client, krb5_keyblock *keyblock, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *options)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_init_creds_keytab (krb5_context context, krb5_creds *creds, krb5_principal client, krb5_keytab keytab, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *options)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_fwd_tgt_creds (krb5_context  context,
krb5_auth_context  auth_context,
const char *  hostname,
krb5_principal  client,
krb5_principal  server,
krb5_ccache  ccache,
int  forwardable,
krb5_data *  out_data 
)
+
+
+ +

+Forward credentials for client to host hostname , making them forwardable if forwardable, and returning the blob of data to sent in out_data. If hostname == NULL, pick it from server.

+

Parameters:
+ + + + + + + + + +
context A kerberos 5 context.
auth_context the auth context with the key to encrypt the out_data.
hostname the host to forward the tickets too.
client the client to delegate from.
server the server to delegate the credential too.
ccache credential cache to use.
forwardable make the forwarded ticket forwabledable.
out_data the resulting credential.
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_forwarded_creds (krb5_context  context,
krb5_auth_context  auth_context,
krb5_ccache  ccache,
krb5_flags  flags,
const char *  hostname,
krb5_creds *  in_creds,
krb5_data *  out_data 
)
+
+
+ +

+Gets tickets forwarded to hostname. If the tickets that are forwarded are address-less, the forwarded tickets will also be address-less.

+If the ticket have any address, hostname will be used for figure out the address to forward the ticket too. This since this might use DNS, its insecure and also doesn't represent configured all addresses of the host. For example, the host might have two adresses, one IPv4 and one IPv6 address where the later is not published in DNS. This IPv6 address might be used communications and thus the resulting ticket useless.

+

Parameters:
+ + + + + + + + +
context A kerberos 5 context.
auth_context the auth context with the key to encrypt the out_data.
ccache credential cache to use
flags the flags to control the resulting ticket flags
hostname the host to forward the tickets too.
in_creds the in client and server ticket names. The client and server components forwarded to the remote host.
out_data the resulting credential.
+
+
Returns:
Return an error code or 0.
+ +

+Some older of the MIT gssapi library used clear-text tickets (warped inside AP-REQ encryption), use the krb5_auth_context flag KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED to support those tickets. The session key is used otherwise to encrypt the forwarded ticket. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_keyblock (krb5_context  context,
krb5_creds *  creds,
krb5_principal  client,
krb5_keyblock *  keyblock,
krb5_deltat  start_time,
const char *  in_tkt_service,
krb5_get_init_creds_opt *  options 
)
+
+
+ +

+Get new credentials using keyblock. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_keytab (krb5_context  context,
krb5_creds *  creds,
krb5_principal  client,
krb5_keytab  keytab,
krb5_deltat  start_time,
const char *  in_tkt_service,
krb5_get_init_creds_opt *  options 
)
+
+
+ +

+Get new credentials using keytab. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_alloc (krb5_context  context,
krb5_get_init_creds_opt **  opt 
)
+
+
+ +

+Allocate a new krb5_get_init_creds_opt structure, free with krb5_get_init_creds_opt_free(). +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_free (krb5_context  context,
krb5_get_init_creds_opt *  opt 
)
+
+
+ +

+Free krb5_get_init_creds_opt structure. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_password (krb5_context  context,
krb5_creds *  creds,
krb5_principal  client,
const char *  password,
krb5_prompter_fct  prompter,
void *  data,
krb5_deltat  start_time,
const char *  in_tkt_service,
krb5_get_init_creds_opt *  options 
)
+
+
+ +

+Get new credentials using password. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_init_creds_free (krb5_context  context,
krb5_init_creds_context  ctx 
)
+
+
+ +

+Free the krb5_init_creds_context allocated by krb5_init_creds_init().

+

Parameters:
+ + + +
context A Kerberos 5 context.
ctx The krb5_init_creds_context to free.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_get (krb5_context  context,
krb5_init_creds_context  ctx 
)
+
+
+ +

+Get new credentials as setup by the krb5_init_creds_context.

+

Parameters:
+ + + +
context A Kerberos 5 context.
ctx The krb5_init_creds_context to process.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_get_error (krb5_context  context,
krb5_init_creds_context  ctx,
KRB_ERROR *  error 
)
+
+
+ +

+Get the last error from the transaction.

+

Returns:
Returns 0 or an error code
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_init (krb5_context  context,
krb5_principal  client,
krb5_prompter_fct  prompter,
void *  prompter_data,
krb5_deltat  start_time,
krb5_get_init_creds_opt *  options,
krb5_init_creds_context *  rctx 
)
+
+
+ +

+Start a new context to get a new initial credential.

+

Parameters:
+ + + + + + + + +
context A Kerberos 5 context.
client The Kerberos principal to get the credential for, if NULL is given, the default principal is used as determined by krb5_get_default_principal().
prompter 
prompter_data 
start_time the time the ticket should start to be valid or 0 for now.
options a options structure, can be NULL for default options.
rctx A new allocated free with krb5_init_creds_free().
+
+
Returns:
0 for success or an Kerberos 5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_set_keytab (krb5_context  context,
krb5_init_creds_context  ctx,
krb5_keytab  keytab 
)
+
+
+ +

+Set the keytab to use for authentication.

+

Parameters:
+ + + + +
context a Kerberos 5 context.
ctx ctx krb5_init_creds_context context.
keytab the keytab to read the key from.
+
+
Returns:
0 for success, or an Kerberos 5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_set_password (krb5_context  context,
krb5_init_creds_context  ctx,
const char *  password 
)
+
+
+ +

+Sets the password that will use for the request.

+

Parameters:
+ + + + +
context a Kerberos 5 context.
ctx ctx krb5_init_creds_context context.
password the password to use.
+
+
Returns:
0 for success, or an Kerberos 5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_set_service (krb5_context  context,
krb5_init_creds_context  ctx,
const char *  service 
)
+
+
+ +

+Sets the service that the is requested. This call is only neede for special initial tickets, by default the a krbtgt is fetched in the default realm.

+

Parameters:
+ + + + +
context a Kerberos 5 context.
ctx a krb5_init_creds_context context.
service the service given as a string, for example "kadmind/admin". If NULL, the default krbtgt in the clients realm is set.
+
+
Returns:
0 for success, or an Kerberos 5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_step (krb5_context  context,
krb5_init_creds_context  ctx,
krb5_data *  in,
krb5_data *  out,
krb5_krbhst_info *  hostinfo,
unsigned int *  flags 
)
+
+
+ +

+The core loop if krb5_get_init_creds() function family. Create the packets and have the caller send them off to the KDC.

+If the caller want all work been done for them, use krb5_init_creds_get() instead.

+

Parameters:
+ + + + + + + +
context a Kerberos 5 context.
ctx ctx krb5_init_creds_context context.
in input data from KDC, first round it should be reset by krb5_data_zer().
out reply to KDC.
hostinfo KDC address info, first round it can be NULL.
flags status of the round, if KRB5_INIT_CREDS_STEP_FLAG_CONTINUE is set, continue one more round.
+
+
Returns:
0 for success, or an Kerberos 5 error code, see krb5_get_error_message().
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__crypto.html b/doc/doxyout/krb5/html/group__krb5__crypto.html new file mode 100644 index 000000000000..5374b3d7a68b --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__crypto.html @@ -0,0 +1,1262 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 cryptography functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 cryptography functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_enctype_valid (krb5_context context, krb5_enctype etype)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_cksumtype_to_enctype (krb5_context context, krb5_cksumtype ctype, krb5_enctype *etype)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_encrypt_iov_ivec (krb5_context context, krb5_crypto crypto, unsigned usage, krb5_crypto_iov *data, int num_data, void *ivec)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_decrypt_iov_ivec (krb5_context context, krb5_crypto crypto, unsigned usage, krb5_crypto_iov *data, unsigned int num_data, void *ivec)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_create_checksum_iov (krb5_context context, krb5_crypto crypto, unsigned usage, krb5_crypto_iov *data, unsigned int num_data, krb5_cksumtype *type)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_verify_checksum_iov (krb5_context context, krb5_crypto crypto, unsigned usage, krb5_crypto_iov *data, unsigned int num_data, krb5_cksumtype *type)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_crypto_init (krb5_context context, const krb5_keyblock *key, krb5_enctype etype, krb5_crypto *crypto)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_crypto_destroy (krb5_context context, krb5_crypto crypto)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_crypto_getblocksize (krb5_context context, krb5_crypto crypto, size_t *blocksize)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_crypto_getenctype (krb5_context context, krb5_crypto crypto, krb5_enctype *enctype)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_crypto_getpadsize (krb5_context context, krb5_crypto crypto, size_t *padsize)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_crypto_getconfoundersize (krb5_context context, krb5_crypto crypto, size_t *confoundersize)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_enctype_disable (krb5_context context, krb5_enctype enctype)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_enctype_enable (krb5_context context, krb5_enctype enctype)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_allow_weak_crypto (krb5_context context, krb5_boolean enable)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_random_to_key (krb5_context context, krb5_enctype type, const void *data, size_t size, krb5_keyblock *key)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_crypto_fx_cf2 (krb5_context context, const krb5_crypto crypto1, const krb5_crypto crypto2, krb5_data *pepper1, krb5_data *pepper2, krb5_enctype enctype, krb5_keyblock *res)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_generate_subkey_extended (krb5_context context, const krb5_keyblock *key, krb5_enctype etype, krb5_keyblock **subkey)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_keyblock_zero (krb5_keyblock *keyblock)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_free_keyblock_contents (krb5_context context, krb5_keyblock *keyblock)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_free_keyblock (krb5_context context, krb5_keyblock *keyblock)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_copy_keyblock_contents (krb5_context context, const krb5_keyblock *inblock, krb5_keyblock *to)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_copy_keyblock (krb5_context context, const krb5_keyblock *inblock, krb5_keyblock **to)
KRB5_LIB_FUNCTION krb5_enctype
+KRB5_LIB_CALL 		krb5_keyblock_get_enctype (const krb5_keyblock *block)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_keyblock_init (krb5_context context, krb5_enctype type, const void *data, size_t size, krb5_keyblock *key)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_allow_weak_crypto (krb5_context  context,
krb5_boolean  enable 
)
+
+
+ +

+Enable or disable all weak encryption types

+

Parameters:
+ + + +
context Kerberos 5 context
enable true to enable, false to disable
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cksumtype_to_enctype (krb5_context  context,
krb5_cksumtype  ctype,
krb5_enctype *  etype 
)
+
+
+ +

+Return the coresponding encryption type for a checksum type.

+

Parameters:
+ + + + +
context Kerberos context
ctype The checksum type to get the result enctype for
etype The returned encryption, when the matching etype is not found, etype is set to ETYPE_NULL.
+
+
Returns:
Return an error code for an failure or 0 on success.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_keyblock (krb5_context  context,
const krb5_keyblock *  inblock,
krb5_keyblock **  to 
)
+
+
+ +

+Copy a keyblock, free the output keyblock with krb5_free_keyblock().

+

Parameters:
+ + + + +
context a Kerberos 5 context
inblock the key to copy
to the output key.
+
+
Returns:
0 on success or a Kerberos 5 error code
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_keyblock_contents (krb5_context  context,
const krb5_keyblock *  inblock,
krb5_keyblock *  to 
)
+
+
+ +

+Copy a keyblock, free the output keyblock with krb5_free_keyblock_contents().

+

Parameters:
+ + + + +
context a Kerberos 5 context
inblock the key to copy
to the output key.
+
+
Returns:
0 on success or a Kerberos 5 error code
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_create_checksum_iov (krb5_context  context,
krb5_crypto  crypto,
unsigned  usage,
krb5_crypto_iov data,
unsigned int  num_data,
krb5_cksumtype *  type 
)
+
+
+ +

+Create a Kerberos message checksum.

+

Parameters:
+ + + + + + + +
context Kerberos context
crypto Kerberos crypto context
usage Key usage for this buffer
data array of buffers to process
num_data length of array
type output data
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_destroy (krb5_context  context,
krb5_crypto  crypto 
)
+
+
+ +

+Free a crypto context created by krb5_crypto_init().

+

Parameters:
+ + + +
context Kerberos context
crypto crypto context to free
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_fx_cf2 (krb5_context  context,
const krb5_crypto  crypto1,
const krb5_crypto  crypto2,
krb5_data *  pepper1,
krb5_data *  pepper2,
krb5_enctype  enctype,
krb5_keyblock *  res 
)
+
+
+ +

+The FX-CF2 key derivation function, used in FAST and preauth framework.

+

Parameters:
+ + + + + + + + +
context Kerberos 5 context
crypto1 first key to combine
crypto2 second key to combine
pepper1 factor to combine with first key to garante uniqueness
pepper2 factor to combine with second key to garante uniqueness
enctype the encryption type of the resulting key
res allocated key, free with krb5_free_keyblock_contents()
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getblocksize (krb5_context  context,
krb5_crypto  crypto,
size_t *  blocksize 
)
+
+
+ +

+Return the blocksize used algorithm referenced by the crypto context

+

Parameters:
+ + + + +
context Kerberos context
crypto crypto context to query
blocksize the resulting blocksize
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getconfoundersize (krb5_context  context,
krb5_crypto  crypto,
size_t *  confoundersize 
)
+
+
+ +

+Return the confounder size used by the crypto context

+

Parameters:
+ + + + +
context Kerberos context
crypto crypto context to query
confoundersize the returned confounder size
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getenctype (krb5_context  context,
krb5_crypto  crypto,
krb5_enctype *  enctype 
)
+
+
+ +

+Return the encryption type used by the crypto context

+

Parameters:
+ + + + +
context Kerberos context
crypto crypto context to query
enctype the resulting encryption type
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getpadsize (krb5_context  context,
krb5_crypto  crypto,
size_t *  padsize 
)
+
+
+ +

+Return the padding size used by the crypto context

+

Parameters:
+ + + + +
context Kerberos context
crypto crypto context to query
padsize the return padding size
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_init (krb5_context  context,
const krb5_keyblock *  key,
krb5_enctype  etype,
krb5_crypto *  crypto 
)
+
+
+ +

+Create a crypto context used for all encryption and signature operation. The encryption type to use is taken from the key, but can be overridden with the enctype parameter. This can be useful for encryptions types which is compatiable (DES for example).

+To free the crypto context, use krb5_crypto_destroy().

+

Parameters:
+ + + + + +
context Kerberos context
key the key block information with all key data
etype the encryption type
crypto the resulting crypto context
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decrypt_iov_ivec (krb5_context  context,
krb5_crypto  crypto,
unsigned  usage,
krb5_crypto_iov data,
unsigned int  num_data,
void *  ivec 
)
+
+
+ +

+Inline decrypt a Kerberos message.

+

Parameters:
+ + + + + + + +
context Kerberos context
crypto Kerberos crypto context
usage Key usage for this buffer
data array of buffers to process
num_data length of array
ivec initial cbc/cts vector
+
+
Returns:
Return an error code or 0.
+1. KRB5_CRYPTO_TYPE_HEADER 2. one KRB5_CRYPTO_TYPE_DATA and array [0,...] of KRB5_CRYPTO_TYPE_SIGN_ONLY in any order, however the receiver have to aware of the order. KRB5_CRYPTO_TYPE_SIGN_ONLY is commonly used unencrypoted protocol headers and trailers. The output data will be of same size as the input data or shorter. +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encrypt_iov_ivec (krb5_context  context,
krb5_crypto  crypto,
unsigned  usage,
krb5_crypto_iov data,
int  num_data,
void *  ivec 
)
+
+
+ +

+Inline encrypt a kerberos message

+

Parameters:
+ + + + + + + +
context Kerberos context
crypto Kerberos crypto context
usage Key usage for this buffer
data array of buffers to process
num_data length of array
ivec initial cbc/cts vector
+
+
Returns:
Return an error code or 0.
+Kerberos encrypted data look like this:

+1. KRB5_CRYPTO_TYPE_HEADER 2. array [1,...] KRB5_CRYPTO_TYPE_DATA and array [0,...] KRB5_CRYPTO_TYPE_SIGN_ONLY in any order, however the receiver have to aware of the order. KRB5_CRYPTO_TYPE_SIGN_ONLY is commonly used headers and trailers. 3. KRB5_CRYPTO_TYPE_PADDING, at least on padsize long if padsize > 1 4. KRB5_CRYPTO_TYPE_TRAILER +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_disable (krb5_context  context,
krb5_enctype  enctype 
)
+
+
+ +

+Disable encryption type

+

Parameters:
+ + + +
context Kerberos 5 context
enctype encryption type to disable
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_enable (krb5_context  context,
krb5_enctype  enctype 
)
+
+
+ +

+Enable encryption type

+

Parameters:
+ + + +
context Kerberos 5 context
enctype encryption type to enable
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_valid (krb5_context  context,
krb5_enctype  etype 
)
+
+
+ +

+Check if a enctype is valid, return 0 if it is.

+

Parameters:
+ + + +
context Kerberos context
etype enctype to check if its valid or not
+
+
Returns:
Return an error code for an failure or 0 on success (enctype valid).
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_keyblock (krb5_context  context,
krb5_keyblock *  keyblock 
)
+
+
+ +

+Free a keyblock, also zero out the content of the keyblock, uses krb5_free_keyblock_contents() to free the content.

+

Parameters:
+ + + +
context a Kerberos 5 context
keyblock keyblock to free, NULL is valid argument
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_keyblock_contents (krb5_context  context,
krb5_keyblock *  keyblock 
)
+
+
+ +

+Free a keyblock's content, also zero out the content of the keyblock.

+

Parameters:
+ + + +
context a Kerberos 5 context
keyblock keyblock content to free, NULL is valid argument
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_generate_subkey_extended (krb5_context  context,
const krb5_keyblock *  key,
krb5_enctype  etype,
krb5_keyblock **  subkey 
)
+
+
+ +

+Generate subkey, from keyblock

+

Parameters:
+ + + + + +
context kerberos context
key session key
etype encryption type of subkey, if ETYPE_NULL, use key's enctype
subkey returned new, free with krb5_free_keyblock().
+
+
Returns:
0 on success or a Kerberos 5 error code
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL krb5_keyblock_get_enctype (const krb5_keyblock *  block  ) 
+
+
+ +

+Get encryption type of a keyblock. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keyblock_init (krb5_context  context,
krb5_enctype  type,
const void *  data,
size_t  size,
krb5_keyblock *  key 
)
+
+
+ +

+Fill in `key' with key data of type `enctype' from `data' of length `size'. Key should be freed using krb5_free_keyblock_contents().

+

Returns:
0 on success or a Kerberos 5 error code
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_keyblock_zero (krb5_keyblock *  keyblock  ) 
+
+
+ +

+Zero out a keyblock

+

Parameters:
+ + +
keyblock keyblock to zero out
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_random_to_key (krb5_context  context,
krb5_enctype  type,
const void *  data,
size_t  size,
krb5_keyblock *  key 
)
+
+
+ +

+Converts the random bytestring to a protocol key according to Kerberos crypto frame work. It may be assumed that all the bits of the input string are equally random, even though the entropy present in the random source may be limited.

+

Parameters:
+ + + + + + +
context Kerberos 5 context
type the enctype resulting key will be of
data input random data to convert to a key
size size of input random data, at least krb5_enctype_keysize() long
key key, output key, free with krb5_free_keyblock_contents()
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_checksum_iov (krb5_context  context,
krb5_crypto  crypto,
unsigned  usage,
krb5_crypto_iov data,
unsigned int  num_data,
krb5_cksumtype *  type 
)
+
+
+ +

+Verify a Kerberos message checksum.

+

Parameters:
+ + + + + + + +
context Kerberos context
crypto Kerberos crypto context
usage Key usage for this buffer
data array of buffers to process
num_data length of array
type return checksum type if not NULL
+
+
Returns:
Return an error code or 0.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__deprecated.html b/doc/doxyout/krb5/html/group__krb5__deprecated.html new file mode 100644 index 000000000000..0d24300bf3a5 --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__deprecated.html @@ -0,0 +1,1289 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 deprecated functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 deprecated functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_change_password (krb5_context context, krb5_creds *creds, const char *newpw, int *result_code, krb5_data *result_code_string, krb5_data *result_string) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_config_parse_string_multi (krb5_context context, const char *string, krb5_config_section **res) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_keytype_to_enctypes (krb5_context context, krb5_keytype keytype, unsigned *len, krb5_enctype **val) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_enctypes_compatible_keys (krb5_context context, krb5_enctype etype1, krb5_enctype etype2) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_free_data_contents (krb5_context context, krb5_data *data) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_keytype_to_enctypes_default (krb5_context context, krb5_keytype keytype, unsigned *len, krb5_enctype **val) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_keytype_to_string (krb5_context context, krb5_keytype keytype, char **string) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_string_to_keytype (krb5_context context, const char *string, krb5_keytype *keytype) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_CALLCONV 		krb5_password_key_proc (krb5_context context, krb5_enctype type, krb5_salt salt, krb5_const_pointer keyseed, krb5_keyblock **key) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_in_tkt_with_password (krb5_context context, krb5_flags options, krb5_addresses *addrs, const krb5_enctype *etypes, const krb5_preauthtype *pre_auth_types, const char *password, krb5_ccache ccache, krb5_creds *creds, krb5_kdc_rep *ret_as_reply) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_in_tkt_with_skey (krb5_context context, krb5_flags options, krb5_addresses *addrs, const krb5_enctype *etypes, const krb5_preauthtype *pre_auth_types, const krb5_keyblock *key, krb5_ccache ccache, krb5_creds *creds, krb5_kdc_rep *ret_as_reply) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_CALLCONV 		krb5_keytab_key_proc (krb5_context context, krb5_enctype enctype, krb5_salt salt, krb5_const_pointer keyseed, krb5_keyblock **key) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_in_tkt_with_keytab (krb5_context context, krb5_flags options, krb5_addresses *addrs, const krb5_enctype *etypes, const krb5_preauthtype *pre_auth_types, krb5_keytab keytab, krb5_ccache ccache, krb5_creds *creds, krb5_kdc_rep *ret_as_reply) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION krb5_realm
+*KRB5_LIB_CALL 		krb5_princ_realm (krb5_context context, krb5_principal principal) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_princ_set_realm (krb5_context context, krb5_principal principal, krb5_realm *realm) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_free_creds_contents (krb5_context context, krb5_creds *c) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_free_error_string (krb5_context context, char *str) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_set_error_string (krb5_context context, const char *fmt,...) __attribute__((format(printf
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_vset_error_string (krb5_context context, const char *fmt, va_list args) __attribute__((format(printf
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_clear_error_string (krb5_context context) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_cred_from_kdc_opt (krb5_context context, krb5_ccache ccache, krb5_creds *in_creds, krb5_creds **out_creds, krb5_creds ***ret_tgts, krb5_flags flags) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_cred_from_kdc (krb5_context context, krb5_ccache ccache, krb5_creds *in_creds, krb5_creds **out_creds, krb5_creds ***ret_tgts) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_free_unparsed_name (krb5_context context, char *str) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_generate_subkey (krb5_context context, const krb5_keyblock *key, krb5_keyblock **subkey) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_auth_getremoteseqnumber (krb5_context context, krb5_auth_context auth_context, int32_t *seqnumber) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_get_init_creds_opt_init (krb5_get_init_creds_opt *opt) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_get_init_creds_opt_get_error (krb5_context context, krb5_get_init_creds_opt *opt, KRB_ERROR **error) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_c_enctype_compare (krb5_context context, krb5_enctype e1, krb5_enctype e2, krb5_boolean *similar) KRB5_DEPRECATED_FUNCTION("Use X instead")
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_getremoteseqnumber (krb5_context  context,
krb5_auth_context  auth_context,
int32_t *  seqnumber 
)
+
+
+ +

+Deprecated: use krb5_auth_con_getremoteseqnumber() +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_enctype_compare (krb5_context  context,
krb5_enctype  e1,
krb5_enctype  e2,
krb5_boolean *  similar 
)
+
+
+ +

+Deprecated: keytypes doesn't exists, they are really enctypes. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_change_password (krb5_context  context,
krb5_creds *  creds,
const char *  newpw,
int *  result_code,
krb5_data *  result_code_string,
krb5_data *  result_string 
)
+
+
+ +

+Deprecated: krb5_change_password() is deprecated, use krb5_set_password().

+

Parameters:
+ + + + + + + +
context a Keberos context
creds 
newpw 
result_code 
result_code_string 
result_string 
+
+
Returns:
On sucess password is changed.
+@ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_clear_error_string (krb5_context  context  ) 
+
+
+ +

+Clear the error message returned by krb5_get_error_string().

+Deprecated: use krb5_clear_error_message()

+

Parameters:
+ + +
context Kerberos context
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_parse_string_multi (krb5_context  context,
const char *  string,
krb5_config_section **  res 
)
+
+
+ +

+Deprecated: configuration files are not strings +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_enctypes_compatible_keys (krb5_context  context,
krb5_enctype  etype1,
krb5_enctype  etype2 
)
+
+
+ +

+Deprecated: keytypes doesn't exists, they are really enctypes. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_creds_contents (krb5_context  context,
krb5_creds *  c 
)
+
+
+ +

+Deprecated: use krb5_free_cred_contents() +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_data_contents (krb5_context  context,
krb5_data *  data 
)
+
+
+ +

+Same as krb5_data_free(). MIT compat.

+Deprecated: use krb5_data_free().

+

Parameters:
+ + + +
context Kerberos 5 context.
data krb5_data to free.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_error_string (krb5_context  context,
char *  str 
)
+
+
+ +

+Free the error message returned by krb5_get_error_string().

+Deprecated: use krb5_free_error_message()

+

Parameters:
+ + + +
context Kerberos context
str error message to free
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_unparsed_name (krb5_context  context,
char *  str 
)
+
+
+ +

+Deprecated: use krb5_xfree(). +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_generate_subkey (krb5_context  context,
const krb5_keyblock *  key,
krb5_keyblock **  subkey 
)
+
+
+ +

+Deprecated: use krb5_generate_subkey_extended() +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_cred_from_kdc (krb5_context  context,
krb5_ccache  ccache,
krb5_creds *  in_creds,
krb5_creds **  out_creds,
krb5_creds ***  ret_tgts 
)
+
+
+ +

+Deprecated: use krb5_get_credentials_with_flags(). +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_cred_from_kdc_opt (krb5_context  context,
krb5_ccache  ccache,
krb5_creds *  in_creds,
krb5_creds **  out_creds,
krb5_creds ***  ret_tgts,
krb5_flags  flags 
)
+
+
+ +

+Deprecated: use krb5_get_credentials_with_flags(). +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt_with_keytab (krb5_context  context,
krb5_flags  options,
krb5_addresses *  addrs,
const krb5_enctype *  etypes,
const krb5_preauthtype *  pre_auth_types,
krb5_keytab  keytab,
krb5_ccache  ccache,
krb5_creds *  creds,
krb5_kdc_rep *  ret_as_reply 
)
+
+
+ +

+Deprecated: use krb5_get_init_creds() and friends. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt_with_password (krb5_context  context,
krb5_flags  options,
krb5_addresses *  addrs,
const krb5_enctype *  etypes,
const krb5_preauthtype *  pre_auth_types,
const char *  password,
krb5_ccache  ccache,
krb5_creds *  creds,
krb5_kdc_rep *  ret_as_reply 
)
+
+
+ +

+Deprecated: use krb5_get_init_creds() and friends. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt_with_skey (krb5_context  context,
krb5_flags  options,
krb5_addresses *  addrs,
const krb5_enctype *  etypes,
const krb5_preauthtype *  pre_auth_types,
const krb5_keyblock *  key,
krb5_ccache  ccache,
krb5_creds *  creds,
krb5_kdc_rep *  ret_as_reply 
)
+
+
+ +

+Deprecated: use krb5_get_init_creds() and friends. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_get_error (krb5_context  context,
krb5_get_init_creds_opt *  opt,
KRB_ERROR **  error 
)
+
+
+ +

+Deprecated: use the new krb5_init_creds_init() and krb5_init_creds_get_error(). +

+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_init (krb5_get_init_creds_opt *  opt  ) 
+
+
+ +

+Deprecated: use krb5_get_init_creds_opt_alloc().

+The reason krb5_get_init_creds_opt_init() is deprecated is that krb5_get_init_creds_opt is a static structure and for ABI reason it can't grow, ie can't add new functionality. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV krb5_keytab_key_proc (krb5_context  context,
krb5_enctype  enctype,
krb5_salt  salt,
krb5_const_pointer  keyseed,
krb5_keyblock **  key 
)
+
+
+ +

+Deprecated: use krb5_get_init_creds() and friends. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keytype_to_enctypes (krb5_context  context,
krb5_keytype  keytype,
unsigned *  len,
krb5_enctype **  val 
)
+
+
+ +

+Deprecated: keytypes doesn't exists, they are really enctypes. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keytype_to_enctypes_default (krb5_context  context,
krb5_keytype  keytype,
unsigned *  len,
krb5_enctype **  val 
)
+
+
+ +

+Deprecated: keytypes doesn't exists, they are really enctypes. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keytype_to_string (krb5_context  context,
krb5_keytype  keytype,
char **  string 
)
+
+
+ +

+Deprecated: keytypes doesn't exists, they are really enctypes in most cases, use krb5_enctype_to_string(). +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV krb5_password_key_proc (krb5_context  context,
krb5_enctype  type,
krb5_salt  salt,
krb5_const_pointer  keyseed,
krb5_keyblock **  key 
)
+
+
+ +

+Deprecated: use krb5_get_init_creds() and friends. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_realm* KRB5_LIB_CALL krb5_princ_realm (krb5_context  context,
krb5_principal  principal 
)
+
+
+ +

+Deprecated: use krb5_principal_get_realm() +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_princ_set_realm (krb5_context  context,
krb5_principal  principal,
krb5_realm *  realm 
)
+
+
+ +

+Deprecated: use krb5_principal_set_realm() +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_error_string (krb5_context  context,
const char *  fmt,
  ... 
)
+
+
+ +

+Set the error message returned by krb5_get_error_string().

+Deprecated: use krb5_get_error_message()

+

Parameters:
+ + + +
context Kerberos context
fmt error message to free
+
+
Returns:
Return an error code or 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_keytype (krb5_context  context,
const char *  string,
krb5_keytype *  keytype 
)
+
+
+ +

+Deprecated: keytypes doesn't exists, they are really enctypes in most cases, use krb5_string_to_enctype(). +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vset_error_string (krb5_context  context,
const char *  fmt,
va_list  args 
)
+
+
+ +

+Set the error message returned by krb5_get_error_string(), deprecated, use krb5_set_error_message().

+Deprecated: use krb5_vset_error_message()

+

Parameters:
+ + + +
context Kerberos context
msg error message to free
+
+
Returns:
Return an error code or 0.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__digest.html b/doc/doxyout/krb5/html/group__krb5__digest.html new file mode 100644 index 000000000000..d1aa54c721bb --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__digest.html @@ -0,0 +1,87 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 digest service + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 digest service

+ + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_digest_probe (krb5_context context, krb5_realm realm, krb5_ccache ccache, unsigned *flags)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_probe (krb5_context  context,
krb5_realm  realm,
krb5_ccache  ccache,
unsigned *  flags 
)
+
+
+ +

+Get the supported/allowed mechanism for this principal.

+

Parameters:
+ + + + + +
context A Keberos context.
realm The realm of the KDC.
ccache The credential cache to use when talking to the KDC.
flags The supported mechanism.
+
+
Returns:
Return an error code or 0.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__error.html b/doc/doxyout/krb5/html/group__krb5__error.html new file mode 100644 index 000000000000..022281329147 --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__error.html @@ -0,0 +1,239 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 error reporting functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 error reporting functions

+ + + + + + + + + + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_eai_to_heim_errno (int eai_errno, int system_error)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_h_errno_to_heim_errno (int eai_errno)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_clear_error_message (krb5_context context)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_set_error_message (krb5_context context, krb5_error_code ret, const char *fmt,...) __attribute__((format(printf
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_vwarn (krb5_context context, krb5_error_code code, const char *fmt, va_list ap) __attribute__((format(printf
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_clear_error_message (krb5_context  context  ) 
+
+
+ +

+Clears the error message from the Kerberos 5 context.

+

Parameters:
+ + +
context The Kerberos 5 context to clear
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_eai_to_heim_errno (int  eai_errno,
int  system_error 
)
+
+
+ +

+Convert the getaddrinfo() error code to a Kerberos et error code.

+

Parameters:
+ + + +
eai_errno contains the error code from getaddrinfo().
system_error should have the value of errno after the failed getaddrinfo().
+
+
Returns:
Kerberos error code representing the EAI errors.
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_h_errno_to_heim_errno (int  eai_errno  ) 
+
+
+ +

+Convert the gethostname() error code (h_error) to a Kerberos et error code.

+

Parameters:
+ + +
eai_errno contains the error code from gethostname().
+
+
Returns:
Kerberos error code representing the gethostname errors.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_error_message (krb5_context  context,
krb5_error_code  ret,
const char *  fmt,
  ... 
)
+
+
+ +

+Set the context full error string for a specific error code. The error that is stored should be internationalized.

+The if context is NULL, no error string is stored.

+

Parameters:
+ + + + + +
context Kerberos 5 context
ret The error code
fmt Error string for the error code
... printf(3) style parameters.
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vwarn (krb5_context  context,
krb5_error_code  code,
const char *  fmt,
va_list  ap 
)
+
+
+ +

+Log a warning to the log, default stderr, include the error from the last failure.

+

Parameters:
+ + + + + +
context A Kerberos 5 context.
code error code of the last error
fmt message to print
ap arguments
+
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__keytab.html b/doc/doxyout/krb5/html/group__krb5__keytab.html new file mode 100644 index 000000000000..6a54e79361bc --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__keytab.html @@ -0,0 +1,1055 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 keytab handling functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 keytab handling functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_register (krb5_context context, const krb5_kt_ops *ops)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_resolve (krb5_context context, const char *name, krb5_keytab *id)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_default_name (krb5_context context, char *name, size_t namesize)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_default_modify_name (krb5_context context, char *name, size_t namesize)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_default (krb5_context context, krb5_keytab *id)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_read_service_key (krb5_context context, krb5_pointer keyprocarg, krb5_principal principal, krb5_kvno vno, krb5_enctype enctype, krb5_keyblock **key)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_get_type (krb5_context context, krb5_keytab keytab, char *prefix, size_t prefixsize)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_get_name (krb5_context context, krb5_keytab keytab, char *name, size_t namesize)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_get_full_name (krb5_context context, krb5_keytab keytab, char **str)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_close (krb5_context context, krb5_keytab id)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_destroy (krb5_context context, krb5_keytab id)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_kt_compare (krb5_context context, krb5_keytab_entry *entry, krb5_const_principal principal, krb5_kvno vno, krb5_enctype enctype)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_get_entry (krb5_context context, krb5_keytab id, krb5_const_principal principal, krb5_kvno kvno, krb5_enctype enctype, krb5_keytab_entry *entry)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_copy_entry_contents (krb5_context context, const krb5_keytab_entry *in, krb5_keytab_entry *out)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_free_entry (krb5_context context, krb5_keytab_entry *entry)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_start_seq_get (krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_next_entry (krb5_context context, krb5_keytab id, krb5_keytab_entry *entry, krb5_kt_cursor *cursor)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_end_seq_get (krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_add_entry (krb5_context context, krb5_keytab id, krb5_keytab_entry *entry)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_kt_remove_entry (krb5_context context, krb5_keytab id, krb5_keytab_entry *entry)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_kt_have_content (krb5_context context, krb5_keytab id)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_add_entry (krb5_context  context,
krb5_keytab  id,
krb5_keytab_entry *  entry 
)
+
+
+ +

+Add the entry in `entry' to the keytab `id'.

+

Parameters:
+ + + + +
context a Keberos context.
id a keytab.
entry the entry to add
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_close (krb5_context  context,
krb5_keytab  id 
)
+
+
+ +

+Finish using the keytab in `id'. All resources will be released, even on errors.

+

Parameters:
+ + + +
context a Keberos context.
id keytab to close.
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_kt_compare (krb5_context  context,
krb5_keytab_entry *  entry,
krb5_const_principal  principal,
krb5_kvno  vno,
krb5_enctype  enctype 
)
+
+
+ +

+Compare `entry' against `principal, vno, enctype'. Any of `principal, vno, enctype' might be 0 which acts as a wildcard. Return TRUE if they compare the same, FALSE otherwise.

+

Parameters:
+ + + + + + +
context a Keberos context.
entry an entry to match with.
principal principal to match, NULL matches all principals.
vno key version to match, 0 matches all key version numbers.
enctype encryption type to match, 0 matches all encryption types.
+
+
Returns:
Return TRUE or match, FALSE if not matched.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_copy_entry_contents (krb5_context  context,
const krb5_keytab_entry *  in,
krb5_keytab_entry *  out 
)
+
+
+ +

+Copy the contents of `in' into `out'.

+

Parameters:
+ + + + +
context a Keberos context.
in the keytab entry to copy.
out the copy of the keytab entry, free with krb5_kt_free_entry().
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_default (krb5_context  context,
krb5_keytab *  id 
)
+
+
+ +

+Set `id' to the default keytab.

+

Parameters:
+ + + +
context a Keberos context.
id the new default keytab.
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_default_modify_name (krb5_context  context,
char *  name,
size_t  namesize 
)
+
+
+ +

+Copy the name of the default modify keytab into `name'.

+

Parameters:
+ + + + +
context a Keberos context.
name buffer where the name will be written
namesize length of name
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_default_name (krb5_context  context,
char *  name,
size_t  namesize 
)
+
+
+ +

+copy the name of the default keytab into `name'.

+

Parameters:
+ + + + +
context a Keberos context.
name buffer where the name will be written
namesize length of name
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_destroy (krb5_context  context,
krb5_keytab  id 
)
+
+
+ +

+Destroy (remove) the keytab in `id'. All resources will be released, even on errors, does the equvalment of krb5_kt_close() on the resources.

+

Parameters:
+ + + +
context a Keberos context.
id keytab to destroy.
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_end_seq_get (krb5_context  context,
krb5_keytab  id,
krb5_kt_cursor *  cursor 
)
+
+
+ +

+Release all resources associated with `cursor'.

+

Parameters:
+ + + + +
context a Keberos context.
id a keytab.
cursor the cursor to free.
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_free_entry (krb5_context  context,
krb5_keytab_entry *  entry 
)
+
+
+ +

+Free the contents of `entry'.

+

Parameters:
+ + + +
context a Keberos context.
entry the entry to free
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_entry (krb5_context  context,
krb5_keytab  id,
krb5_const_principal  principal,
krb5_kvno  kvno,
krb5_enctype  enctype,
krb5_keytab_entry *  entry 
)
+
+
+ +

+Retrieve the keytab entry for `principal, kvno, enctype' into `entry' from the keytab `id'. Matching is done like krb5_kt_compare().

+

Parameters:
+ + + + + + + +
context a Keberos context.
id a keytab.
principal principal to match, NULL matches all principals.
kvno key version to match, 0 matches all key version numbers.
enctype encryption type to match, 0 matches all encryption types.
entry the returned entry, free with krb5_kt_free_entry().
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_full_name (krb5_context  context,
krb5_keytab  keytab,
char **  str 
)
+
+
+ +

+Retrieve the full name of the keytab `keytab' and store the name in `str'.

+

Parameters:
+ + + + +
context a Keberos context.
keytab keytab to get name for.
str the name of the keytab name, usee krb5_xfree() to free the string. On error, *str is set to NULL.
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_name (krb5_context  context,
krb5_keytab  keytab,
char *  name,
size_t  namesize 
)
+
+
+ +

+Retrieve the name of the keytab `keytab' into `name', `namesize'

+

Parameters:
+ + + + + +
context a Keberos context.
keytab the keytab to get the name for.
name name buffer.
namesize size of name buffer.
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_type (krb5_context  context,
krb5_keytab  keytab,
char *  prefix,
size_t  prefixsize 
)
+
+
+ +

+Return the type of the `keytab' in the string `prefix of length `prefixsize'.

+

Parameters:
+ + + + + +
context a Keberos context.
keytab the keytab to get the prefix for
prefix prefix buffer
prefixsize length of prefix buffer
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_kt_have_content (krb5_context  context,
krb5_keytab  id 
)
+
+
+ +

+Return true if the keytab exists and have entries

+

Parameters:
+ + + +
context a Keberos context.
id a keytab.
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_next_entry (krb5_context  context,
krb5_keytab  id,
krb5_keytab_entry *  entry,
krb5_kt_cursor *  cursor 
)
+
+
+ +

+Get the next entry from keytab, advance the cursor. On last entry the function will return KRB5_KT_END.

+

Parameters:
+ + + + + +
context a Keberos context.
id a keytab.
entry the returned entry, free with krb5_kt_free_entry().
cursor the cursor of the iteration.
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_read_service_key (krb5_context  context,
krb5_pointer  keyprocarg,
krb5_principal  principal,
krb5_kvno  vno,
krb5_enctype  enctype,
krb5_keyblock **  key 
)
+
+
+ +

+Read the key identified by `(principal, vno, enctype)' from the keytab in `keyprocarg' (the default if == NULL) into `*key'.

+

Parameters:
+ + + + + + + +
context a Keberos context.
keyprocarg 
principal 
vno 
enctype 
key 
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_register (krb5_context  context,
const krb5_kt_ops *  ops 
)
+
+
+ +

+Register a new keytab backend.

+

Parameters:
+ + + +
context a Keberos context.
ops a backend to register.
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_remove_entry (krb5_context  context,
krb5_keytab  id,
krb5_keytab_entry *  entry 
)
+
+
+ +

+Remove an entry from the keytab, matching is done using krb5_kt_compare().

+

Parameters:
+ + + + +
context a Keberos context.
id a keytab.
entry the entry to remove
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_resolve (krb5_context  context,
const char *  name,
krb5_keytab *  id 
)
+
+
+ +

+Resolve the keytab name (of the form `type:residual') in `name' into a keytab in `id'.

+

Parameters:
+ + + + +
context a Keberos context.
name name to resolve
id resulting keytab, free with krb5_kt_close().
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_start_seq_get (krb5_context  context,
krb5_keytab  id,
krb5_kt_cursor *  cursor 
)
+
+
+ +

+Set `cursor' to point at the beginning of `id'.

+

Parameters:
+ + + + +
context a Keberos context.
id a keytab.
cursor a newly allocated cursor, free with krb5_kt_end_seq_get().
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__pac.html b/doc/doxyout/krb5/html/group__krb5__pac.html new file mode 100644 index 000000000000..146d09a27e96 --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__pac.html @@ -0,0 +1,155 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 PAC handling functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 PAC handling functions

+ + + + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_pac_get_buffer (krb5_context context, krb5_pac p, uint32_t type, krb5_data *data)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_pac_verify (krb5_context context, const krb5_pac pac, time_t authtime, krb5_const_principal principal, const krb5_keyblock *server, const krb5_keyblock *privsvr)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_get_buffer (krb5_context  context,
krb5_pac  p,
uint32_t  type,
krb5_data *  data 
)
+
+
+ +

+Get the PAC buffer of specific type from the pac.

+

Parameters:
+ + + + + +
context Kerberos 5 context.
p the pac structure returned by krb5_pac_parse().
type type of buffer to get
data return data, free with krb5_data_free().
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_verify (krb5_context  context,
const krb5_pac  pac,
time_t  authtime,
krb5_const_principal  principal,
const krb5_keyblock *  server,
const krb5_keyblock *  privsvr 
)
+
+
+ +

+Verify the PAC.

+

Parameters:
+ + + + + + + +
context Kerberos 5 context.
pac the pac structure returned by krb5_pac_parse().
authtime The time of the ticket the PAC belongs to.
principal the principal to verify.
server The service key, most always be given.
privsvr The KDC key, may be given.
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__principal.html b/doc/doxyout/krb5/html/group__krb5__principal.html new file mode 100644 index 000000000000..4b56a1633772 --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__principal.html @@ -0,0 +1,1180 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 principal functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 principal functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_free_principal (krb5_context context, krb5_principal p)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_principal_set_type (krb5_context context, krb5_principal principal, int type)
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_principal_get_type (krb5_context context, krb5_const_principal principal)
KRB5_LIB_FUNCTION const char
+*KRB5_LIB_CALL 		krb5_principal_get_realm (krb5_context context, krb5_const_principal principal)
KRB5_LIB_FUNCTION unsigned int
+KRB5_LIB_CALL 		krb5_principal_get_num_comp (krb5_context context, krb5_const_principal principal)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_parse_name_flags (krb5_context context, const char *name, int flags, krb5_principal *principal)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_parse_name (krb5_context context, const char *name, krb5_principal *principal)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_unparse_name_fixed (krb5_context context, krb5_const_principal principal, char *name, size_t len)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_unparse_name_fixed_short (krb5_context context, krb5_const_principal principal, char *name, size_t len)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_unparse_name_fixed_flags (krb5_context context, krb5_const_principal principal, int flags, char *name, size_t len)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_unparse_name (krb5_context context, krb5_const_principal principal, char **name)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_unparse_name_flags (krb5_context context, krb5_const_principal principal, int flags, char **name)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_unparse_name_short (krb5_context context, krb5_const_principal principal, char **name)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_principal_set_realm (krb5_context context, krb5_principal principal, krb5_const_realm realm)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_build_principal (krb5_context context, krb5_principal *principal, int rlen, krb5_const_realm realm,...)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_make_principal (krb5_context context, krb5_principal *principal, krb5_const_realm realm,...)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_copy_principal (krb5_context context, krb5_const_principal inprinc, krb5_principal *outprinc)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_principal_compare_any_realm (krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_principal_compare (krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_realm_compare (krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_principal_match (krb5_context context, krb5_const_principal princ, krb5_const_principal pattern)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_sname_to_principal (krb5_context context, const char *hostname, const char *sname, int32_t type, krb5_principal *ret_princ)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_parse_nametype (krb5_context context, const char *str, int32_t *nametype)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_principal_is_krbtgt (krb5_context context, krb5_const_principal p)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_build_principal (krb5_context  context,
krb5_principal *  principal,
int  rlen,
krb5_const_realm  realm,
  ... 
)
+
+
+ +

+Build a principal using vararg style building

+

Parameters:
+ + + + + + +
context A Kerberos context.
principal returned principal
rlen length of realm
realm realm name
... a list of components ended with NULL.
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_principal (krb5_context  context,
krb5_const_principal  inprinc,
krb5_principal *  outprinc 
)
+
+
+ +

+Copy a principal

+

Parameters:
+ + + + +
context A Kerberos context.
inprinc principal to copy
outprinc copied principal, free with krb5_free_principal()
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_principal (krb5_context  context,
krb5_principal  p 
)
+
+
+ +

+Frees a Kerberos principal allocated by the library with krb5_parse_name(), krb5_make_principal() or any other related principal functions.

+

Parameters:
+ + + +
context A Kerberos context.
p a principal to free.
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_make_principal (krb5_context  context,
krb5_principal *  principal,
krb5_const_realm  realm,
  ... 
)
+
+
+ +

+Build a principal using vararg style building

+

Parameters:
+ + + + + +
context A Kerberos context.
principal returned principal
realm realm name
... a list of components ended with NULL.
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_name (krb5_context  context,
const char *  name,
krb5_principal *  principal 
)
+
+
+ +

+Parse a name into a krb5_principal structure

+

Parameters:
+ + + + +
context Kerberos 5 context
name name to parse into a Kerberos principal
principal returned principal, free with krb5_free_principal().
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_name_flags (krb5_context  context,
const char *  name,
int  flags,
krb5_principal *  principal 
)
+
+
+ +

+Parse a name into a krb5_principal structure, flags controls the behavior.

+

Parameters:
+ + + + + +
context Kerberos 5 context
name name to parse into a Kerberos principal
flags flags to control the behavior
principal returned principal, free with krb5_free_principal().
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_nametype (krb5_context  context,
const char *  str,
int32_t *  nametype 
)
+
+
+ +

+Parse nametype string and return a nametype integer +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_compare (krb5_context  context,
krb5_const_principal  princ1,
krb5_const_principal  princ2 
)
+
+
+ +

+Compares the two principals, including realm of the principals and returns TRUE if they are the same and FALSE if not.

+

Parameters:
+ + + + +
context Kerberos 5 context
princ1 first principal to compare
princ2 second principal to compare
+
+
See also:
krb5_principal_compare_any_realm()

+krb5_realm_compare()

+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_compare_any_realm (krb5_context  context,
krb5_const_principal  princ1,
krb5_const_principal  princ2 
)
+
+
+ +

+Return TRUE iff princ1 == princ2 (without considering the realm)

+

Parameters:
+ + + + +
context Kerberos 5 context
princ1 first principal to compare
princ2 second principal to compare
+
+
Returns:
non zero if equal, 0 if not
+
See also:
krb5_principal_compare()

+krb5_realm_compare()

+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION unsigned int KRB5_LIB_CALL krb5_principal_get_num_comp (krb5_context  context,
krb5_const_principal  principal 
)
+
+
+ +

+Get number of component is principal.

+

Parameters:
+ + + +
context Kerberos 5 context
principal principal to query
+
+
Returns:
number of components in string
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_principal_get_realm (krb5_context  context,
krb5_const_principal  principal 
)
+
+
+ +

+Get the realm of the principal

+

Parameters:
+ + + +
context A Kerberos context.
principal principal to get the realm for
+
+
Returns:
realm of the principal, don't free or use after krb5_principal is freed
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_principal_get_type (krb5_context  context,
krb5_const_principal  principal 
)
+
+
+ +

+Get the type of the principal

+

Parameters:
+ + + +
context A Kerberos context.
principal principal to get the type for
+
+
Returns:
the type of principal
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_is_krbtgt (krb5_context  context,
krb5_const_principal  p 
)
+
+
+ +

+Check if the cname part of the principal is a krbtgt principal +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_match (krb5_context  context,
krb5_const_principal  princ,
krb5_const_principal  pattern 
)
+
+
+ +

+return TRUE iff princ matches pattern +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_principal_set_realm (krb5_context  context,
krb5_principal  principal,
krb5_const_realm  realm 
)
+
+
+ +

+Set a new realm for a principal, and as a side-effect free the previous realm.

+

Parameters:
+ + + + +
context A Kerberos context.
principal principal set the realm for
realm the new realm to set
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_principal_set_type (krb5_context  context,
krb5_principal  principal,
int  type 
)
+
+
+ +

+Set the type of the principal

+

Parameters:
+ + + + +
context A Kerberos context.
principal principal to set the type for
type the new type
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_realm_compare (krb5_context  context,
krb5_const_principal  princ1,
krb5_const_principal  princ2 
)
+
+
+ +

+return TRUE iff realm(princ1) == realm(princ2)

+

Parameters:
+ + + + +
context Kerberos 5 context
princ1 first principal to compare
princ2 second principal to compare
+
+
See also:
krb5_principal_compare_any_realm()

+krb5_principal_compare()

+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sname_to_principal (krb5_context  context,
const char *  hostname,
const char *  sname,
int32_t  type,
krb5_principal *  ret_princ 
)
+
+
+ +

+Create a principal for the service running on hostname. If KRB5_NT_SRV_HST is used, the hostname is canonization using DNS (or some other service), this is potentially insecure.

+

Parameters:
+ + + + + + +
context A Kerberos context.
hostname hostname to use
sname Service name to use
type name type of pricipal, use KRB5_NT_SRV_HST or KRB5_NT_UNKNOWN.
ret_princ return principal, free with krb5_free_principal().
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name (krb5_context  context,
krb5_const_principal  principal,
char **  name 
)
+
+
+ +

+Unparse the Kerberos name into a string

+

Parameters:
+ + + + +
context Kerberos 5 context
principal principal to query
name resulting string, free with krb5_xfree()
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_fixed (krb5_context  context,
krb5_const_principal  principal,
char *  name,
size_t  len 
)
+
+
+ +

+Unparse the principal name to a fixed buffer

+

Parameters:
+ + + + + +
context A Kerberos context.
principal principal to unparse
name buffer to write name to
len length of buffer
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_fixed_flags (krb5_context  context,
krb5_const_principal  principal,
int  flags,
char *  name,
size_t  len 
)
+
+
+ +

+Unparse the principal name with unparse flags to a fixed buffer.

+

Parameters:
+ + + + + + +
context A Kerberos context.
principal principal to unparse
flags unparse flags
name buffer to write name to
len length of buffer
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_fixed_short (krb5_context  context,
krb5_const_principal  principal,
char *  name,
size_t  len 
)
+
+
+ +

+Unparse the principal name to a fixed buffer. The realm is skipped if its a default realm.

+

Parameters:
+ + + + + +
context A Kerberos context.
principal principal to unparse
name buffer to write name to
len length of buffer
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_flags (krb5_context  context,
krb5_const_principal  principal,
int  flags,
char **  name 
)
+
+
+ +

+Unparse the Kerberos name into a string

+

Parameters:
+ + + + + +
context Kerberos 5 context
principal principal to query
flags flag to determine the behavior
name resulting string, free with krb5_xfree()
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_short (krb5_context  context,
krb5_const_principal  principal,
char **  name 
)
+
+
+ +

+Unparse the principal name to a allocated buffer. The realm is skipped if its a default realm.

+

Parameters:
+ + + + +
context A Kerberos context.
principal principal to unparse
name returned buffer, free with krb5_xfree()
+
+
Returns:
An krb5 error code, see krb5_get_error_message().
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__storage.html b/doc/doxyout/krb5/html/group__krb5__storage.html new file mode 100644 index 000000000000..639dc36abfcb --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__storage.html @@ -0,0 +1,2092 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 storage functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 storage functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_storage_set_flags (krb5_storage *sp, krb5_flags flags)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_storage_clear_flags (krb5_storage *sp, krb5_flags flags)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_storage_is_flags (krb5_storage *sp, krb5_flags flags)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_storage_set_byteorder (krb5_storage *sp, krb5_flags byteorder)
KRB5_LIB_FUNCTION krb5_flags
+KRB5_LIB_CALL 		krb5_storage_get_byteorder (krb5_storage *sp)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_storage_set_max_alloc (krb5_storage *sp, size_t size)
KRB5_LIB_FUNCTION off_t
+KRB5_LIB_CALL 		krb5_storage_seek (krb5_storage *sp, off_t offset, int whence)
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_storage_truncate (krb5_storage *sp, off_t offset)
KRB5_LIB_FUNCTION krb5_ssize_t
+KRB5_LIB_CALL 		krb5_storage_read (krb5_storage *sp, void *buf, size_t len)
KRB5_LIB_FUNCTION krb5_ssize_t
+KRB5_LIB_CALL 		krb5_storage_write (krb5_storage *sp, const void *buf, size_t len)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_storage_set_eof_code (krb5_storage *sp, int code)
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_storage_get_eof_code (krb5_storage *sp)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_storage_free (krb5_storage *sp)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_storage_to_data (krb5_storage *sp, krb5_data *data)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_int32 (krb5_storage *sp, int32_t value)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_uint32 (krb5_storage *sp, uint32_t value)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_int32 (krb5_storage *sp, int32_t *value)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_uint32 (krb5_storage *sp, uint32_t *value)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_int16 (krb5_storage *sp, int16_t value)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_uint16 (krb5_storage *sp, uint16_t value)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_int16 (krb5_storage *sp, int16_t *value)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_uint16 (krb5_storage *sp, uint16_t *value)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_int8 (krb5_storage *sp, int8_t value)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_uint8 (krb5_storage *sp, uint8_t value)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_int8 (krb5_storage *sp, int8_t *value)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_uint8 (krb5_storage *sp, uint8_t *value)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_data (krb5_storage *sp, krb5_data data)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_data (krb5_storage *sp, krb5_data *data)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_string (krb5_storage *sp, const char *s)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_string (krb5_storage *sp, char **string)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_stringz (krb5_storage *sp, const char *s)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_stringz (krb5_storage *sp, char **string)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_principal (krb5_storage *sp, krb5_const_principal p)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_principal (krb5_storage *sp, krb5_principal *princ)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_keyblock (krb5_storage *sp, krb5_keyblock p)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_keyblock (krb5_storage *sp, krb5_keyblock *p)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_times (krb5_storage *sp, krb5_times times)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_times (krb5_storage *sp, krb5_times *times)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_address (krb5_storage *sp, krb5_address p)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_address (krb5_storage *sp, krb5_address *adr)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_addrs (krb5_storage *sp, krb5_addresses p)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_addrs (krb5_storage *sp, krb5_addresses *adr)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_authdata (krb5_storage *sp, krb5_authdata auth)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_authdata (krb5_storage *sp, krb5_authdata *auth)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_creds (krb5_storage *sp, krb5_creds *creds)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_creds (krb5_storage *sp, krb5_creds *creds)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_store_creds_tag (krb5_storage *sp, krb5_creds *creds)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_ret_creds_tag (krb5_storage *sp, krb5_creds *creds)
KRB5_LIB_FUNCTION krb5_storage
+*KRB5_LIB_CALL 		krb5_storage_emem (void)
KRB5_LIB_FUNCTION krb5_storage
+*KRB5_LIB_CALL 		krb5_storage_from_fd (krb5_socket_t fd_in)
KRB5_LIB_FUNCTION krb5_storage
+*KRB5_LIB_CALL 		krb5_storage_from_mem (void *buf, size_t len)
KRB5_LIB_FUNCTION krb5_storage
+*KRB5_LIB_CALL 		krb5_storage_from_data (krb5_data *data)
KRB5_LIB_FUNCTION krb5_storage
+*KRB5_LIB_CALL 		krb5_storage_from_readonly_mem (const void *buf, size_t len)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_address (krb5_storage *  sp,
krb5_address *  adr 
)
+
+
+ +

+Read a address block from the storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
adr the address block read from storage
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_addrs (krb5_storage *  sp,
krb5_addresses *  adr 
)
+
+
+ +

+Read a addresses block from the storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
adr the addresses block read from storage
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_authdata (krb5_storage *  sp,
krb5_authdata *  auth 
)
+
+
+ +

+Read a auth data from the storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
auth the auth data block read from storage
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_creds (krb5_storage *  sp,
krb5_creds *  creds 
)
+
+
+ +

+Read a credentials block from the storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
creds the credentials block read from storage
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_creds_tag (krb5_storage *  sp,
krb5_creds *  creds 
)
+
+
+ +

+Read a tagged credentials block from the storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
creds the credentials block read from storage
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_data (krb5_storage *  sp,
krb5_data *  data 
)
+
+
+ +

+Parse a data from the storage.

+

Parameters:
+ + + +
sp the storage buffer to read from
data the parsed data
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_int16 (krb5_storage *  sp,
int16_t *  value 
)
+
+
+ +

+Read a int16 from storage, byte order is controlled by the settings on the storage, see krb5_storage_set_byteorder().

+

Parameters:
+ + + +
sp the storage to write too
value the value read from the buffer
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_int32 (krb5_storage *  sp,
int32_t *  value 
)
+
+
+ +

+Read a int32 from storage, byte order is controlled by the settings on the storage, see krb5_storage_set_byteorder().

+

Parameters:
+ + + +
sp the storage to write too
value the value read from the buffer
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_int8 (krb5_storage *  sp,
int8_t *  value 
)
+
+
+ +

+Read a int8 from storage

+

Parameters:
+ + + +
sp the storage to write too
value the value read from the buffer
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_keyblock (krb5_storage *  sp,
krb5_keyblock *  p 
)
+
+
+ +

+Read a keyblock from the storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
p the keyblock read from storage, free using krb5_free_keyblock()
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_principal (krb5_storage *  sp,
krb5_principal *  princ 
)
+
+
+ +

+Parse principal from the storage.

+

Parameters:
+ + + +
sp the storage buffer to read from
princ the parsed principal
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_string (krb5_storage *  sp,
char **  string 
)
+
+
+ +

+Parse a string from the storage.

+

Parameters:
+ + + +
sp the storage buffer to read from
string the parsed string
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_stringz (krb5_storage *  sp,
char **  string 
)
+
+
+ +

+Parse zero terminated string from the storage.

+

Parameters:
+ + + +
sp the storage buffer to read from
string the parsed string
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_times (krb5_storage *  sp,
krb5_times *  times 
)
+
+
+ +

+Read a times block from the storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
times the times block read from storage
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_uint16 (krb5_storage *  sp,
uint16_t *  value 
)
+
+
+ +

+Read a int16 from storage, byte order is controlled by the settings on the storage, see krb5_storage_set_byteorder().

+

Parameters:
+ + + +
sp the storage to write too
value the value read from the buffer
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_uint32 (krb5_storage *  sp,
uint32_t *  value 
)
+
+
+ +

+Read a uint32 from storage, byte order is controlled by the settings on the storage, see krb5_storage_set_byteorder().

+

Parameters:
+ + + +
sp the storage to write too
value the value read from the buffer
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_uint8 (krb5_storage *  sp,
uint8_t *  value 
)
+
+
+ +

+Read a uint8 from storage

+

Parameters:
+ + + +
sp the storage to write too
value the value read from the buffer
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_clear_flags (krb5_storage *  sp,
krb5_flags  flags 
)
+
+
+ +

+Clear the flags on a storage buffer

+

Parameters:
+ + + +
sp the storage buffer to clear the flags on
flags the flags to clear
+
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_storage* KRB5_LIB_CALL krb5_storage_emem (void   ) 
+
+
+ +

+Create a elastic (allocating) memory storage backend. Memory is allocated on demand. Free returned krb5_storage with krb5_storage_free().

+

Returns:
A krb5_storage on success, or NULL on out of memory error.
+
See also:
krb5_storage_from_mem()

+krb5_storage_from_readonly_mem()

+krb5_storage_from_fd()

+krb5_storage_from_data()

+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_storage_free (krb5_storage *  sp  ) 
+
+
+ +

+Free a krb5 storage.

+

Parameters:
+ + +
sp the storage to free.
+
+
Returns:
An Kerberos 5 error code.
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_storage* KRB5_LIB_CALL krb5_storage_from_data (krb5_data *  data  ) 
+
+
+ +

+Create a fixed size memory storage block

+

Returns:
A krb5_storage on success, or NULL on out of memory error.
+
See also:
krb5_storage_mem()

+krb5_storage_from_mem()

+krb5_storage_from_readonly_mem()

+krb5_storage_from_fd()

+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_storage* KRB5_LIB_CALL krb5_storage_from_fd (krb5_socket_t  fd_in  ) 
+
+
+ +

+

Returns:
A krb5_storage on success, or NULL on out of memory error.
+
See also:
krb5_storage_emem()

+krb5_storage_from_mem()

+krb5_storage_from_readonly_mem()

+krb5_storage_from_data()

+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_storage* KRB5_LIB_CALL krb5_storage_from_mem (void *  buf,
size_t  len 
)
+
+
+ +

+Create a fixed size memory storage block

+

Returns:
A krb5_storage on success, or NULL on out of memory error.
+
See also:
krb5_storage_mem()

+krb5_storage_from_readonly_mem()

+krb5_storage_from_data()

+krb5_storage_from_fd()

+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_storage* KRB5_LIB_CALL krb5_storage_from_readonly_mem (const void *  buf,
size_t  len 
)
+
+
+ +

+Create a fixed size memory storage block that is read only

+

Returns:
A krb5_storage on success, or NULL on out of memory error.
+
See also:
krb5_storage_mem()

+krb5_storage_from_mem()

+krb5_storage_from_data()

+krb5_storage_from_fd()

+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL krb5_storage_get_byteorder (krb5_storage *  sp  ) 
+
+
+ +

+Return the current byteorder for the buffer. See krb5_storage_set_byteorder() for the list or byte order contants. +

+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_storage_get_eof_code (krb5_storage *  sp  ) 
+
+
+ +

+Get the return code that will be used when end of storage is reached.

+

Parameters:
+ + +
sp the storage
+
+
Returns:
storage error code
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_storage_is_flags (krb5_storage *  sp,
krb5_flags  flags 
)
+
+
+ +

+Return true or false depending on if the storage flags is set or not. NB testing for the flag 0 always return true.

+

Parameters:
+ + + +
sp the storage buffer to check flags on
flags The flags to test for
+
+
Returns:
true if all the flags are set, false if not.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_storage_read (krb5_storage *  sp,
void *  buf,
size_t  len 
)
+
+
+ +

+Read to the storage buffer.

+

Parameters:
+ + + + +
sp the storage buffer to read from
buf the buffer to store the data in
len the length to read
+
+
Returns:
The length of data read (can be shorter then len), or negative on error.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL krb5_storage_seek (krb5_storage *  sp,
off_t  offset,
int  whence 
)
+
+
+ +

+Seek to a new offset.

+

Parameters:
+ + + + +
sp the storage buffer to seek in.
offset the offset to seek
whence relateive searching, SEEK_CUR from the current position, SEEK_END from the end, SEEK_SET absolute from the start.
+
+
Returns:
The new current offset
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_byteorder (krb5_storage *  sp,
krb5_flags  byteorder 
)
+
+
+ +

+Set the new byte order of the storage buffer.

+

Parameters:
+ + + +
sp the storage buffer to set the byte order for.
byteorder the new byte order.
+
+The byte order are: KRB5_STORAGE_BYTEORDER_BE, KRB5_STORAGE_BYTEORDER_LE and KRB5_STORAGE_BYTEORDER_HOST. +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_eof_code (krb5_storage *  sp,
int  code 
)
+
+
+ +

+Set the return code that will be used when end of storage is reached.

+

Parameters:
+ + + +
sp the storage
code the error code to return on end of storage
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_flags (krb5_storage *  sp,
krb5_flags  flags 
)
+
+
+ +

+Add the flags on a storage buffer by or-ing in the flags to the buffer.

+

Parameters:
+ + + +
sp the storage buffer to set the flags on
flags the flags to set
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_max_alloc (krb5_storage *  sp,
size_t  size 
)
+
+
+ +

+Set the max alloc value

+

Parameters:
+ + + +
sp the storage buffer set the max allow for
size maximum size to allocate, use 0 to remove limit
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_storage_to_data (krb5_storage *  sp,
krb5_data *  data 
)
+
+
+ +

+Copy the contnent of storage

+

Parameters:
+ + + +
sp the storage to copy to a data
data the copied data, free with krb5_data_free()
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_storage_truncate (krb5_storage *  sp,
off_t  offset 
)
+
+
+ +

+Truncate the storage buffer in sp to offset.

+

Parameters:
+ + + +
sp the storage buffer to truncate.
offset the offset to truncate too.
+
+
Returns:
An Kerberos 5 error code.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_storage_write (krb5_storage *  sp,
const void *  buf,
size_t  len 
)
+
+
+ +

+Write to the storage buffer.

+

Parameters:
+ + + + +
sp the storage buffer to write to
buf the buffer to write to the storage buffer
len the length to write
+
+
Returns:
The length of data written (can be shorter then len), or negative on error.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_address (krb5_storage *  sp,
krb5_address  p 
)
+
+
+ +

+Write a address block to storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
p the address block to write.
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_addrs (krb5_storage *  sp,
krb5_addresses  p 
)
+
+
+ +

+Write a addresses block to storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
p the addresses block to write.
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_authdata (krb5_storage *  sp,
krb5_authdata  auth 
)
+
+
+ +

+Write a auth data block to storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
auth the auth data block to write.
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_creds (krb5_storage *  sp,
krb5_creds *  creds 
)
+
+
+ +

+Write a credentials block to storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
creds the creds block to write.
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_creds_tag (krb5_storage *  sp,
krb5_creds *  creds 
)
+
+
+ +

+Write a tagged credentials block to storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
creds the creds block to write.
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_data (krb5_storage *  sp,
krb5_data  data 
)
+
+
+ +

+Store a data to the storage. The data is stored with an int32 as lenght plus the data (not padded).

+

Parameters:
+ + + +
sp the storage buffer to write to
data the buffer to store.
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_int16 (krb5_storage *  sp,
int16_t  value 
)
+
+
+ +

+Store a int16 to storage, byte order is controlled by the settings on the storage, see krb5_storage_set_byteorder().

+

Parameters:
+ + + +
sp the storage to write too
value the value to store
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_int32 (krb5_storage *  sp,
int32_t  value 
)
+
+
+ +

+Store a int32 to storage, byte order is controlled by the settings on the storage, see krb5_storage_set_byteorder().

+

Parameters:
+ + + +
sp the storage to write too
value the value to store
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_int8 (krb5_storage *  sp,
int8_t  value 
)
+
+
+ +

+Store a int8 to storage.

+

Parameters:
+ + + +
sp the storage to write too
value the value to store
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_keyblock (krb5_storage *  sp,
krb5_keyblock  p 
)
+
+
+ +

+Store a keyblock to the storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
p the keyblock to write
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_principal (krb5_storage *  sp,
krb5_const_principal  p 
)
+
+
+ +

+Write a principal block to storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
p the principal block to write.
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_string (krb5_storage *  sp,
const char *  s 
)
+
+
+ +

+Store a string to the buffer. The data is formated as an len:uint32 plus the string itself (not padded).

+

Parameters:
+ + + +
sp the storage buffer to write to
s the string to store.
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_stringz (krb5_storage *  sp,
const char *  s 
)
+
+
+ +

+Store a zero terminated string to the buffer. The data is stored one character at a time until a NUL is stored.

+

Parameters:
+ + + +
sp the storage buffer to write to
s the string to store.
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_times (krb5_storage *  sp,
krb5_times  times 
)
+
+
+ +

+Write a times block to storage.

+

Parameters:
+ + + +
sp the storage buffer to write to
times the times block to write.
+
+
Returns:
0 on success, a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_uint16 (krb5_storage *  sp,
uint16_t  value 
)
+
+
+ +

+Store a uint16 to storage, byte order is controlled by the settings on the storage, see krb5_storage_set_byteorder().

+

Parameters:
+ + + +
sp the storage to write too
value the value to store
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_uint32 (krb5_storage *  sp,
uint32_t  value 
)
+
+
+ +

+Store a uint32 to storage, byte order is controlled by the settings on the storage, see krb5_storage_set_byteorder().

+

Parameters:
+ + + +
sp the storage to write too
value the value to store
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_uint8 (krb5_storage *  sp,
uint8_t  value 
)
+
+
+ +

+Store a uint8 to storage.

+

Parameters:
+ + + +
sp the storage to write too
value the value to store
+
+
Returns:
0 for success, or a Kerberos 5 error code on failure.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__support.html b/doc/doxyout/krb5/html/group__krb5__support.html new file mode 100644 index 000000000000..c67f634e9e70 --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__support.html @@ -0,0 +1,1320 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 support functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 support functions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_acl_match_string (krb5_context context, const char *string, const char *format,...)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_acl_match_file (krb5_context context, const char *file, const char *format,...)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_config_parse_file_multi (krb5_context context, const char *fname, krb5_config_section **res)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_config_file_free (krb5_context context, krb5_config_section *s)
KRB5_LIB_FUNCTION const
+krb5_config_binding
+*KRB5_LIB_CALL 		krb5_config_get_list (krb5_context context, const krb5_config_section *c,...)
KRB5_LIB_FUNCTION const
+krb5_config_binding
+*KRB5_LIB_CALL 		krb5_config_vget_list (krb5_context context, const krb5_config_section *c, va_list args)
KRB5_LIB_FUNCTION const char
+*KRB5_LIB_CALL 		krb5_config_get_string (krb5_context context, const krb5_config_section *c,...)
KRB5_LIB_FUNCTION const char
+*KRB5_LIB_CALL 		krb5_config_vget_string (krb5_context context, const krb5_config_section *c, va_list args)
KRB5_LIB_FUNCTION const char
+*KRB5_LIB_CALL 		krb5_config_vget_string_default (krb5_context context, const krb5_config_section *c, const char *def_value, va_list args)
KRB5_LIB_FUNCTION const char
+*KRB5_LIB_CALL 		krb5_config_get_string_default (krb5_context context, const krb5_config_section *c, const char *def_value,...)
KRB5_LIB_FUNCTION char
+**KRB5_LIB_CALL 		krb5_config_vget_strings (krb5_context context, const krb5_config_section *c, va_list args)
KRB5_LIB_FUNCTION char
+**KRB5_LIB_CALL 		krb5_config_get_strings (krb5_context context, const krb5_config_section *c,...)
KRB5_LIB_FUNCTION void
+KRB5_LIB_CALL 		krb5_config_free_strings (char **strings)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_config_vget_bool_default (krb5_context context, const krb5_config_section *c, krb5_boolean def_value, va_list args)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_config_vget_bool (krb5_context context, const krb5_config_section *c, va_list args)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_config_get_bool_default (krb5_context context, const krb5_config_section *c, krb5_boolean def_value,...)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_config_get_bool (krb5_context context, const krb5_config_section *c,...)
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_time_default (krb5_context context, const krb5_config_section *c, int def_value, va_list args)
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_time (krb5_context context, const krb5_config_section *c, va_list args)
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_time_default (krb5_context context, const krb5_config_section *c, int def_value,...)
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_time (krb5_context context, const krb5_config_section *c,...)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_expand_hostname (krb5_context context, const char *orig_hostname, char **new_hostname)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_expand_hostname_realms (krb5_context context, const char *orig_hostname, char **new_hostname, char ***realms)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_free_host_realm (krb5_context context, krb5_realm *realmlist)
KRB5_LIB_FUNCTION krb5_boolean
+KRB5_LIB_CALL 		krb5_kuserok (krb5_context context, krb5_principal principal, const char *luser)
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb5_plugin_register (krb5_context context, enum krb5_plugin_type type, const char *name, void *symbol)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_acl_match_file (krb5_context  context,
const char *  file,
const char *  format,
  ... 
)
+
+
+ +

+krb5_acl_match_file matches ACL format against each line in a file using krb5_acl_match_string(). Lines starting with # are treated like comments and ignored.

+

Parameters:
+ + + + + +
context Kerberos 5 context.
file file with acl listed in the file.
format format to match.
... parameter to format string.
+
+
Returns:
Return an error code or 0.
+
See also:
krb5_acl_match_string
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_acl_match_string (krb5_context  context,
const char *  string,
const char *  format,
  ... 
)
+
+
+ +

+krb5_acl_match_string matches ACL format against a string.

+The ACL format has three format specifiers: s, f, and r. Each specifier will retrieve one argument from the variable arguments for either matching or storing data. The input string is split up using " " (space) and "\t" (tab) as a delimiter; multiple and "\t" in a row are considered to be the same.

+List of format specifiers:

    +
  • s Matches a string using strcmp(3) (case sensitive).
  • f Matches the string with fnmatch(3). Theflags argument (the last argument) passed to the fnmatch function is 0.
  • r Returns a copy of the string in the char ** passed in; the copy must be freed with free(3). There is no need to free(3) the string on error: the function will clean up and set the pointer to NULL.
+

+

Parameters:
+ + + + + +
context Kerberos 5 context
string string to match with
format format to match
... parameter to format string
+
+
Returns:
Return an error code or 0.
+
 char *s;
+
+ ret = krb5_acl_match_string(context, "foo", "s", "foo");
+ if (ret)
+     krb5_errx(context, 1, "acl didn't match");
+ ret = krb5_acl_match_string(context, "foo foo baz/kaka",
+     "ss", "foo", &s, "foo/\\*");
+ if (ret) {
+     // no need to free(s) on error
+     assert(s == NULL);
+     krb5_errx(context, 1, "acl didn't match");
+ }
+ free(s);
+

+

See also:
krb5_acl_match_file
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_file_free (krb5_context  context,
krb5_config_section *  s 
)
+
+
+ +

+Free configuration file section, the result of krb5_config_parse_file() and krb5_config_parse_file_multi().

+

Parameters:
+ + + +
context A Kerberos 5 context
s the configuration section to free
+
+
Returns:
returns 0 on successes, otherwise an error code, see krb5_get_error_message()
+ +
+

+ +

+
+ + + + + + + + + +
KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_config_free_strings (char **  strings  ) 
+
+
+ +

+Free the resulting strings from krb5_config-get_strings() and krb5_config_vget_strings().

+

Parameters:
+ + +
strings strings to free
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_get_bool (krb5_context  context,
const krb5_config_section *  c,
  ... 
)
+
+
+ +

+Like krb5_config_get_bool() but with a va_list list of configuration selection.

+Configuration value to a boolean value, where yes/true and any non-zero number means TRUE and other value is FALSE.

+

Parameters:
+ + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
... a list of names, terminated with NULL.
+
+
Returns:
TRUE or FALSE
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_get_bool_default (krb5_context  context,
const krb5_config_section *  c,
krb5_boolean  def_value,
  ... 
)
+
+
+ +

+krb5_config_get_bool_default() will convert the configuration option value to a boolean value, where yes/true and any non-zero number means TRUE and other value is FALSE.

+

Parameters:
+ + + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
def_value the default value to return if no configuration found in the database.
... a list of names, terminated with NULL.
+
+
Returns:
TRUE or FALSE
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION const krb5_config_binding* KRB5_LIB_CALL krb5_config_get_list (krb5_context  context,
const krb5_config_section *  c,
  ... 
)
+
+
+ +

+Get a list of configuration binding list for more processing

+

Parameters:
+ + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
... a list of names, terminated with NULL.
+
+
Returns:
NULL if configuration list is not found, a list otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_get_string (krb5_context  context,
const krb5_config_section *  c,
  ... 
)
+
+
+ +

+Returns a "const char *" to a string in the configuration database. The string may not be valid after a reload of the configuration database so a caller should make a local copy if it needs to keep the string.

+

Parameters:
+ + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
... a list of names, terminated with NULL.
+
+
Returns:
NULL if configuration string not found, a string otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_get_string_default (krb5_context  context,
const krb5_config_section *  c,
const char *  def_value,
  ... 
)
+
+
+ +

+Like krb5_config_get_string(), but instead of returning NULL, instead return a default value.

+

Parameters:
+ + + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
def_value the default value to return if no configuration found in the database.
... a list of names, terminated with NULL.
+
+
Returns:
a configuration string
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION char** KRB5_LIB_CALL krb5_config_get_strings (krb5_context  context,
const krb5_config_section *  c,
  ... 
)
+
+
+ +

+Get a list of configuration strings, free the result with krb5_config_free_strings().

+

Parameters:
+ + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
... a list of names, terminated with NULL.
+
+
Returns:
TRUE or FALSE
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_time (krb5_context  context,
const krb5_config_section *  c,
  ... 
)
+
+
+ +

+Get the time from the configuration file using a relative time, for example: 1h30s

+

Parameters:
+ + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
... a list of names, terminated with NULL.
+
+
Returns:
parsed the time or -1 on error
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_time_default (krb5_context  context,
const krb5_config_section *  c,
int  def_value,
  ... 
)
+
+
+ +

+Get the time from the configuration file using a relative time, for example: 1h30s

+

Parameters:
+ + + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
def_value the default value to return if no configuration found in the database.
... a list of names, terminated with NULL.
+
+
Returns:
parsed the time (or def_value on parse error)
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_parse_file_multi (krb5_context  context,
const char *  fname,
krb5_config_section **  res 
)
+
+
+ +

+Parse a configuration file and add the result into res. This interface can be used to parse several configuration files into one resulting krb5_config_section by calling it repeatably.

+

Parameters:
+ + + + +
context a Kerberos 5 context.
fname a file name to a Kerberos configuration file
res the returned result, must be free with krb5_free_config_files().
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +

+If the fname starts with "~/" parse configuration file in the current users home directory. The behavior can be disabled and enabled by calling krb5_set_home_dir_access(). +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_vget_bool (krb5_context  context,
const krb5_config_section *  c,
va_list  args 
)
+
+
+ +

+krb5_config_get_bool() will convert the configuration option value to a boolean value, where yes/true and any non-zero number means TRUE and other value is FALSE.

+

Parameters:
+ + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
args a va_list of arguments
+
+
Returns:
TRUE or FALSE
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_vget_bool_default (krb5_context  context,
const krb5_config_section *  c,
krb5_boolean  def_value,
va_list  args 
)
+
+
+ +

+Like krb5_config_get_bool_default() but with a va_list list of configuration selection.

+Configuration value to a boolean value, where yes/true and any non-zero number means TRUE and other value is FALSE.

+

Parameters:
+ + + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
def_value the default value to return if no configuration found in the database.
args a va_list of arguments
+
+
Returns:
TRUE or FALSE
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION const krb5_config_binding* KRB5_LIB_CALL krb5_config_vget_list (krb5_context  context,
const krb5_config_section *  c,
va_list  args 
)
+
+
+ +

+Get a list of configuration binding list for more processing

+

Parameters:
+ + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
args a va_list of arguments
+
+
Returns:
NULL if configuration list is not found, a list otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_vget_string (krb5_context  context,
const krb5_config_section *  c,
va_list  args 
)
+
+
+ +

+Like krb5_config_get_string(), but uses a va_list instead of ...

+

Parameters:
+ + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
args a va_list of arguments
+
+
Returns:
NULL if configuration string not found, a string otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_vget_string_default (krb5_context  context,
const krb5_config_section *  c,
const char *  def_value,
va_list  args 
)
+
+
+ +

+Like krb5_config_vget_string(), but instead of returning NULL, instead return a default value.

+

Parameters:
+ + + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
def_value the default value to return if no configuration found in the database.
args a va_list of arguments
+
+
Returns:
a configuration string
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION char** KRB5_LIB_CALL krb5_config_vget_strings (krb5_context  context,
const krb5_config_section *  c,
va_list  args 
)
+
+
+ +

+Get a list of configuration strings, free the result with krb5_config_free_strings().

+

Parameters:
+ + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
args a va_list of arguments
+
+
Returns:
TRUE or FALSE
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_time (krb5_context  context,
const krb5_config_section *  c,
va_list  args 
)
+
+
+ +

+Get the time from the configuration file using a relative time, for example: 1h30s

+

Parameters:
+ + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
args a va_list of arguments
+
+
Returns:
parsed the time or -1 on error
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_time_default (krb5_context  context,
const krb5_config_section *  c,
int  def_value,
va_list  args 
)
+
+
+ +

+Get the time from the configuration file using a relative time.

+Like krb5_config_get_time_default() but with a va_list list of configuration selection.

+

Parameters:
+ + + + + +
context A Kerberos 5 context.
c a configuration section, or NULL to use the section from context
def_value the default value to return if no configuration found in the database.
args a va_list of arguments
+
+
Returns:
parsed the time (or def_value on parse error)
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_expand_hostname (krb5_context  context,
const char *  orig_hostname,
char **  new_hostname 
)
+
+
+ +

+krb5_expand_hostname() tries to make orig_hostname into a more canonical one in the newly allocated space returned in new_hostname.

+

Parameters:
+ + + + +
context a Keberos context
orig_hostname hostname to canonicalise.
new_hostname output hostname, caller must free hostname with krb5_xfree().
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_expand_hostname_realms (krb5_context  context,
const char *  orig_hostname,
char **  new_hostname,
char ***  realms 
)
+
+
+ +

+krb5_expand_hostname_realms() expands orig_hostname to a name we believe to be a hostname in newly allocated space in new_hostname and return the realms new_hostname is believed to belong to in realms.

+

Parameters:
+ + + + + +
context a Keberos context
orig_hostname hostname to canonicalise.
new_hostname output hostname, caller must free hostname with krb5_xfree().
realms output possible realms, is an array that is terminated with NULL. Caller must free with krb5_free_host_realm().
+
+
Returns:
Return an error code or 0, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_host_realm (krb5_context  context,
krb5_realm *  realmlist 
)
+
+
+ +

+Free all memory allocated by `realmlist'

+

Parameters:
+ + + +
context A Kerberos 5 context.
realmlist realmlist to free, NULL is ok
+
+
Returns:
a Kerberos error code, always 0.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_kuserok (krb5_context  context,
krb5_principal  principal,
const char *  luser 
)
+
+
+ +

+This function takes the name of a local user and checks if principal is allowed to log in as that user.

+The user may have a ~/.k5login file listing principals that are allowed to login as that user. If that file does not exist, all principals with a first component identical to the username, and a realm considered local, are allowed access.

+The .k5login file must contain one principal per line, be owned by user and not be writable by group or other (but must be readable by anyone).

+Note that if the file exists, no implicit access rights are given to user@LOCALREALM.

+Optionally, a set of files may be put in ~/.k5login.d (a directory), in which case they will all be checked in the same manner as .k5login. The files may be called anything, but files starting with a hash (#) , or ending with a tilde (~) are ignored. Subdirectories are not traversed. Note that this directory may not be checked by other Kerberos implementations.

+If no configuration file exists, match user against local domains, ie luser@LOCAL-REALMS-IN-CONFIGURATION-FILES.

+

Parameters:
+ + + + +
context Kerberos 5 context.
principal principal to check if allowed to login
luser local user id
+
+
Returns:
returns TRUE if access should be granted, FALSE otherwise.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_plugin_register (krb5_context  context,
enum krb5_plugin_type  type,
const char *  name,
void *  symbol 
)
+
+
+ +

+Register a plugin symbol name of specific type.

Parameters:
+ + + + + +
context a Keberos context
type type of plugin symbol
name name of plugin symbol
symbol a pointer to the named symbol
+
+
Returns:
In case of error a non zero error com_err error is returned and the Kerberos error string is set.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__ticket.html b/doc/doxyout/krb5/html/group__krb5__ticket.html new file mode 100644 index 000000000000..05d5a090ccc0 --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__ticket.html @@ -0,0 +1,73 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 ticket functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 ticket functions

+ + + + +

Functions

KRB5_LIB_FUNCTION unsigned
+long KRB5_LIB_CALL 		krb5_ticket_get_flags (krb5_context context, const krb5_ticket *ticket)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL krb5_ticket_get_flags (krb5_context  context,
const krb5_ticket *  ticket 
)
+
+
+ +

+Get the flags from the Kerberos ticket

+

Parameters:
+ + + +
context Kerberos context
ticket Kerberos ticket
+
+
Returns:
ticket flags
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/group__krb5__v4compat.html b/doc/doxyout/krb5/html/group__krb5__v4compat.html new file mode 100644 index 000000000000..0bf213bf7315 --- /dev/null +++ b/doc/doxyout/krb5/html/group__krb5__v4compat.html @@ -0,0 +1,134 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 4 compatiblity functions + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 4 compatiblity functions

+ + + + + + +

Functions

KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb524_convert_creds_kdc (krb5_context context, krb5_creds *in_cred, struct credentials *v4creds) KRB5_DEPRECATED_FUNCTION("Use X instead")
KRB5_LIB_FUNCTION
+krb5_error_code KRB5_LIB_CALL 		krb524_convert_creds_kdc_ccache (krb5_context context, krb5_ccache ccache, krb5_creds *in_cred, struct credentials *v4creds) KRB5_DEPRECATED_FUNCTION("Use X instead")
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb524_convert_creds_kdc (krb5_context  context,
krb5_creds *  in_cred,
struct credentials *  v4creds 
)
+
+
+ +

+Convert the v5 credentials in in_cred to v4-dito in v4creds. This is done by sending them to the 524 function in the KDC. If `in_cred' doesn't contain a DES session key, then a new one is gotten from the KDC and stored in the cred cache `ccache'.

+

Parameters:
+ + + + +
context Kerberos 5 context.
in_cred the credential to convert
v4creds the converted credential
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb524_convert_creds_kdc_ccache (krb5_context  context,
krb5_ccache  ccache,
krb5_creds *  in_cred,
struct credentials *  v4creds 
)
+
+
+ +

+Convert the v5 credentials in in_cred to v4-dito in v4creds, check the credential cache ccache before checking with the KDC.

+

Parameters:
+ + + + + +
context Kerberos 5 context.
ccache credential cache used to check for des-ticket.
in_cred the credential to convert
v4creds the converted credential
+
+
Returns:
Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message().
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/index.html b/doc/doxyout/krb5/html/index.html new file mode 100644 index 000000000000..db4d45aaee04 --- /dev/null +++ b/doc/doxyout/krb5/html/index.html @@ -0,0 +1,37 @@ + + +HeimdalKerberos5library: Heimdal Kerberos 5 library + + + +

+keyhole logo +

+ + + +
+

Heimdal Kerberos 5 library

+

+

1.5

+Introduction

+Heimdal libkrb5 library is a implementation of the Kerberos protocol.

+Kerberos is a system for authenticating users and services on a network. It is built upon the assumption that the network is ``unsafe''. For example, data sent over the network can be eavesdropped and altered, and addresses can also be faked. Therefore they cannot be used for authentication purposes.

+

+

+If you want to know more about the file formats that is used by Heimdal, please see: File formats

+The project web page: http://www.h5l.org/

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/krb5_ccache_intro.html b/doc/doxyout/krb5/html/krb5_ccache_intro.html new file mode 100644 index 000000000000..a56954a1fc44 --- /dev/null +++ b/doc/doxyout/krb5/html/krb5_ccache_intro.html @@ -0,0 +1,74 @@ + + +HeimdalKerberos5library: The credential cache functions + + + +

+keyhole logo +

+ + + +
+

The credential cache functions

+Kerberos credential caches

+krb5_ccache structure holds a Kerberos credential cache.

+Heimdal support the follow types of credential caches:

+

    +
  • SCC Store the credential in a database
  • FILE Store the credential in memory
  • MEMORY Store the credential in memory
  • API A credential cache server based solution for Mac OS X
  • KCM A credential cache server based solution for all platforms
+

+Example

+This is a minimalistic version of klist: 
#include <krb5.h>
+
+int
+main (int argc, char **argv)
+{
+    krb5_context context;
+    krb5_cc_cursor cursor;
+    krb5_error_code ret;
+    krb5_ccache id;
+    krb5_creds creds;
+
+    if (krb5_init_context (&context) != 0)
+        errx(1, "krb5_context");
+
+    ret = krb5_cc_default (context, &id);
+    if (ret)
+        krb5_err(context, 1, ret, "krb5_cc_default");
+
+    ret = krb5_cc_start_seq_get(context, id, &cursor);
+    if (ret)
+        krb5_err(context, 1, ret, "krb5_cc_start_seq_get");
+
+    while((ret = krb5_cc_next_cred(context, id, &cursor, &creds)) == 0){
+        char *principal;
+
+        krb5_unparse_name(context, creds.server, &principal);
+        printf("principal: %s\\n", principal);
+        free(principal);
+        krb5_free_cred_contents (context, &creds);
+    }
+    ret = krb5_cc_end_seq_get(context, id, &cursor);
+    if (ret)
+        krb5_err(context, 1, ret, "krb5_cc_end_seq_get");
+
+    krb5_cc_close(context, id);
+
+    krb5_free_context(context);
+    return 0;
+}
+
+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/krb5_fileformats.html b/doc/doxyout/krb5/html/krb5_fileformats.html new file mode 100644 index 000000000000..e4ca0f00b7ba --- /dev/null +++ b/doc/doxyout/krb5/html/krb5_fileformats.html @@ -0,0 +1,154 @@ + + +HeimdalKerberos5library: File formats + + + +

+keyhole logo +

+ + + +
+

File formats

+File formats

+This section documents the diffrent file formats that are used in Heimdal and other Kerberos implementations.

+keytab

+The keytab binary format is not a standard format. The format has evolved and may continue to. It is however understood by several Kerberos implementations including Heimdal, MIT, Sun's Java ktab and are created by the ktpass.exe utility from Windows. So it has established itself as the defacto format for storing Kerberos keys.

+The following C-like structure definitions illustrate the MIT keytab file format. All values are in network byte order. All text is ASCII.

+

   keytab {
+       uint16_t file_format_version;                    # 0x502
+       keytab_entry entries[*];
+   };
+
+   keytab_entry {
+       int32_t size;
+       uint16_t num_components;   # subtract 1 if version 0x501
+       counted_octet_string realm;
+       counted_octet_string components[num_components];
+       uint32_t name_type;       # not present if version 0x501
+       uint32_t timestamp;
+       uint8_t vno8;
+       keyblock key;
+       uint32_t vno; #only present if >= 4 bytes left in entry
+       uint32_t flags; #only present if >= 4 bytes left in entry
+   };
+
+   counted_octet_string {
+       uint16_t length;
+       uint8_t data[length];
+   };
+
+   keyblock {
+       uint16_t type;
+       counted_octet_string;
+   };
+

+All numbers are stored in network byteorder (big endian) format.

+The keytab file format begins with the 16 bit file_format_version which at the time this document was authored is 0x502. The format of older keytabs is described at the end of this document.

+The file_format_version is immediately followed by an array of keytab_entry structures which are prefixed with a 32 bit size indicating the number of bytes that follow in the entry. Note that the size should be evaluated as signed. This is because a negative value indicates that the entry is in fact empty (e.g. it has been deleted) and that the negative value of that negative value (which is of course a positive value) is the offset to the next keytab_entry. Based on these size values alone the entire keytab file can be traversed.

+The size is followed by a 16 bit num_components field indicating the number of counted_octet_string components in the components array.

+The num_components field is followed by a counted_octet_string representing the realm of the principal.

+A counted_octet_string is simply an array of bytes prefixed with a 16 bit length. For the realm and name components, the counted_octet_string bytes are ASCII encoded text with no zero terminator.

+Following the realm is the components array that represents the name of the principal. The text of these components may be joined with slashs to construct the typical SPN representation. For example, the service principal HTTP/www.foo.net@FOO.NET would consist of name components "HTTP" followed by "www.foo.net".

+Following the components array is the 32 bit name_type (e.g. 1 is KRB5_NT_PRINCIPAL, 2 is KRB5_NT_SRV_INST, 5 is KRB5_NT_UID, etc). In practice the name_type is almost certainly 1 meaning KRB5_NT_PRINCIPAL.

+The 32 bit timestamp indicates the time the key was established for that principal. The value represents the number of seconds since Jan 1, 1970.

+The 8 bit vno8 field is the version number of the key. This value is overridden by the 32 bit vno field if it is present. The vno8 field is filled with the lower 8 bits of the 32 bit protocol kvno field.

+The keyblock structure consists of a 16 bit value indicating the encryption type and is a counted_octet_string containing the key. The encryption type is the same as the Kerberos standard (e.g. 3 is des-cbc-md5, 23 is arcfour-hmac-md5, etc).

+The last field of the keytab_entry structure is optional. If the size of the keytab_entry indicates that there are at least 4 bytes remaining, a 32 bit value representing the key version number is present. This value supersedes the 8 bit vno8 value preceeding the keyblock.

+Older keytabs with a file_format_version of 0x501 are different in three ways:

+

    +
  • All integers are in host byte order [1].
  • The num_components field is 1 too large (i.e. after decoding, decrement by 1).
  • The 32 bit name_type field is not present.
+

+[1] The file_format_version field should really be treated as two separate 8 bit quantities representing the major and minor version number respectively.

+Heimdal database dump file

+Format of the Heimdal text dump file as of Heimdal 0.6.3:

+Each line in the dump file is one entry in the database.

+Each field of a line is separated by one or more spaces, with the exception of fields consisting of principals containing spaces, where space can be quoted with \ and \ is quoted by \.

+Fields and their types are:

+

        Quoted princial (quote character is \) [string]
+        Keys [keys]
+        Created by [event]
+        Modified by [event optional]
+        Valid start time [time optional]
+        Valid end time [time optional]
+        Password end valid time [time optional]
+        Max lifetime of ticket [time optional]
+        Max renew time of ticket [integer optional]
+        Flags [hdb flags]
+        Generation number [generation optional]
+        Extensions [extentions optional]
+

+Fields following these silently are ignored.

+All optional fields will be skipped if they fail to parse (or comprise the optional field marker of "-", w/o quotes).

+Example:

+

 fred\@CODE.COM 27:1:16:e8b4c8fc7e60b9e641dcf4cff3f08a701d982a2f89ba373733d26ca59ba6c789666f6b8bfcf169412bb1e5dceb9b33cda29f3412:-:1:3:4498a933881178c744f4232172dcd774c64e81fa6d05ecdf643a7e390624a0ebf3c7407a:-:1:2:b01934b13eb795d76f3a80717d469639b4da0cfb644161340ef44fdeb375e54d684dbb85:-:1:1:ea8e16d8078bf60c781da90f508d4deccba70595258b9d31888d33987cd31af0c9cced2e:- 20020415130120:admin\@CODE.COM 20041221112428:fred\@CODE.COM - - - 86400 604800 126 20020415130120:793707:28 -
+

+Encoding of types are as follows:

+

    +
  • keys
+

+

 kvno:[masterkvno:keytype:keydata:salt]{zero or more separated by :}
+

+kvno is the key version number.

+keydata is hex-encoded

+masterkvno is the kvno of the database master key. If this field is empty, the kadmin load and merge operations will encrypt the key data with the master key if there is one. Otherwise the key data will be imported asis.

+salt is encoded as "-" (no/default salt) or

+

 salt-type /
+ salt-type / "string"
+ salt-type / hex-encoded-data
+

+keytype is the protocol enctype number; see enum ENCTYPE in include/krb5_asn1.h for values.

+Example: 

 27:1:16:e8b4c8fc7e60b9e641dcf4cff3f08a701d982a2f89ba373733d26ca59ba6c789666f6b8bfcf169412bb1e5dceb9b33cda29f3412:-:1:3:4498a933881178c744f4232172dcd774c64e81fa6d05ecdf643a7e390624a0ebf3c7407a:-:1:2:b01934b13eb795d76f3a80717d469639b4da0cfb644161340ef44fdeb375e54d684dbb85:-:1:1:ea8e16d8078bf60c781da90f508d4deccba70595258b9d31888d33987cd31af0c9cced2e:-
+

+

 kvno=27,{key: masterkvno=1,keytype=des3-cbc-sha1,keydata=..., default salt}...
+

+

    +
  • time
+

+Format of the time is: YYYYmmddHHMMSS, corresponding to strftime format "%Y%m%d%k%M%S".

+Time is expressed in UTC.

+Time can be optional (using -), when the time 0 is used.

+Example:

+

 20041221112428
+

+

    +
  • event
+

+

        time:principal
+

+time is as given in format time

+principal is a string. Not quoting it may not work in earlier versions of Heimdal.

+Example: 

 20041221112428:bloggs\@CODE.COM
+

+

    +
  • hdb flags
+

+Integer encoding of HDB flags, see HDBFlags in lib/hdb/hdb.asn1. Each bit in the integer is the same as the bit in the specification.

+

    +
  • generation:
+

+

 time:usec:gen
+

+usec is a the microsecond, integer. gen is generation number, integer.

+The generation can be defaulted (using '-') or the empty string

+

    +
  • extensions:
+

+

 first-hex-encoded-HDB-Extension[:second-...]
+

+HDB-extension is encoded the DER encoded HDB-Extension from lib/hdb/hdb.asn1. Consumers HDB extensions should be aware that unknown entires needs to be preserved even thought the ASN.1 data content might be unknown. There is a critical flag in the data to show to the KDC that the entry MUST be understod if the entry is to be used.

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/krb5_init_creds_intro.html b/doc/doxyout/krb5/html/krb5_init_creds_intro.html new file mode 100644 index 000000000000..a9a100ea5722 --- /dev/null +++ b/doc/doxyout/krb5/html/krb5_init_creds_intro.html @@ -0,0 +1,29 @@ + + +HeimdalKerberos5library: The initial credential handing functions + + + +

+keyhole logo +

+ + + +
+

The initial credential handing functions

+Initial credential

+Functions to get initial credentials: Heimdal Kerberos 5 credential handing functions .
+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/krb5_introduction.html b/doc/doxyout/krb5/html/krb5_introduction.html new file mode 100644 index 000000000000..93a03d45eb41 --- /dev/null +++ b/doc/doxyout/krb5/html/krb5_introduction.html @@ -0,0 +1,204 @@ + + +HeimdalKerberos5library: Introduction to the Kerberos 5 API + + + +

+keyhole logo +

+ + + +
+

Introduction to the Kerberos 5 API

+Kerberos 5 API Overview

+All functions are documented in manual pages. This section tries to give an overview of the major components used in Kerberos library, and point to where to look for a specific function.

+Kerberos context

+A kerberos context (krb5_context) holds all per thread state. All global variables that are context specific are stored in this structure, including default encryption types, credential cache (for example, a ticket file), and default realms.

+The internals of the structure should never be accessed directly, functions exist for extracting information.

+See the manual page for krb5_init_context() how to create a context and module Heimdal Kerberos 5 library for more information about the functions.

+Kerberos authentication context

+Kerberos authentication context (krb5_auth_context) holds all context related to an authenticated connection, in a similar way to the kerberos context that holds the context for the thread or process.

+The krb5_auth_context is used by various functions that are directly related to authentication between the server/client. Example of data that this structure contains are various flags, addresses of client and server, port numbers, keyblocks (and subkeys), sequence numbers, replay cache, and checksum types.

+Kerberos principal

+The Kerberos principal is the structure that identifies a user or service in Kerberos. The structure that holds the principal is the krb5_principal. There are function to extract the realm and elements of the principal, but most applications have no reason to inspect the content of the structure.

+The are several ways to create a principal (with different degree of portability), and one way to free it.

+See also the page The principal handing functions. for more information and also module Heimdal Kerberos 5 principal functions.

+Credential cache

+A credential cache holds the tickets for a user. A given user can have several credential caches, one for each realm where the user have the initial tickets (the first krbtgt).

+The credential cache data can be stored internally in different way, each of them for different proposes. File credential (FILE) caches and processes based (KCM) caches are for permanent storage. While memory caches (MEMORY) are local caches to the local process.

+Caches are opened with krb5_cc_resolve() or created with krb5_cc_new_unique().

+If the cache needs to be opened again (using krb5_cc_resolve()) krb5_cc_close() will close the handle, but not the remove the cache. krb5_cc_destroy() will zero out the cache, remove the cache so it can no longer be referenced.

+See also The credential cache functions and Heimdal Kerberos 5 credential cache functions .

+Kerberos errors

+Kerberos errors are based on the com_err library. All error codes are 32-bit signed numbers, the first 24 bits define what subsystem the error originates from, and last 8 bits are 255 error codes within the library. Each error code have fixed string associated with it. For example, the error-code -1765328383 have the symbolic name KRB5KDC_ERR_NAME_EXP, and associated error string ``Client's entry in database has expired''.

+This is a great improvement compared to just getting one of the unix error-codes back. However, Heimdal have an extention to pass back customised errors messages. Instead of getting ``Key table entry not found'', the user might back ``failed to find host/host.example.com@EXAMLE.COM(kvno 3) in keytab /etc/krb5.keytab (des-cbc-crc)''. This improves the chance that the user find the cause of the error so you should use the customised error message whenever it's available.

+See also module Heimdal Kerberos 5 error reporting functions .

+Keytab management

+A keytab is a storage for locally stored keys. Heimdal includes keytab support for Kerberos 5 keytabs, Kerberos 4 srvtab, AFS-KeyFile's, and for storing keys in memory.

+Keytabs are used for servers and long-running services.

+See also The keytab handing functions and Heimdal Kerberos 5 keytab handling functions .

+Kerberos crypto

+Heimdal includes a implementation of the Kerberos crypto framework, all crypto operations. To create a crypto context call krb5_crypto_init().

+See also module Heimdal Kerberos 5 cryptography functions .

+Walkthrough of a sample Kerberos 5 client

+This example contains parts of a sample TCP Kerberos 5 clients, if you want a real working client, please look in appl/test directory in the Heimdal distribution.

+All Kerberos error-codes that are returned from kerberos functions in this program are passed to krb5_err, that will print a descriptive text of the error code and exit. Graphical programs can convert error-code to a human readable error-string with the krb5_get_error_message() function.

+Note that you should not use any Kerberos function before krb5_init_context() have completed successfully. That is the reason err() is used when krb5_init_context() fails.

+First the client needs to call krb5_init_context to initialise the Kerberos 5 library. This is only needed once per thread in the program. If the function returns a non-zero value it indicates that either the Kerberos implementation is failing or it's disabled on this host.

+

 #include <krb5.h>
+
+ int
+ main(int argc, char **argv)
+ {
+         krb5_context context;
+
+         if (krb5_init_context(&context))
+                 errx (1, "krb5_context");
+

+Now the client wants to connect to the host at the other end. The preferred way of doing this is using getaddrinfo (for operating system that have this function implemented), since getaddrinfo is neutral to the address type and can use any protocol that is available.

+

         struct addrinfo *ai, *a;
+         struct addrinfo hints;
+         int error;
+
+         memset (&hints, 0, sizeof(hints));
+         hints.ai_socktype = SOCK_STREAM;
+         hints.ai_protocol = IPPROTO_TCP;
+
+         error = getaddrinfo (hostname, "pop3", &hints, &ai);
+         if (error)
+                 errx (1, "%s: %s", hostname, gai_strerror(error));
+
+         for (a = ai; a != NULL; a = a->ai_next) {
+                 int s;
+
+                 s = socket (a->ai_family, a->ai_socktype, a->ai_protocol);
+                 if (s < 0)
+                         continue;
+                 if (connect (s, a->ai_addr, a->ai_addrlen) < 0) {
+                         warn ("connect(%s)", hostname);
+                             close (s);
+                             continue;
+                 }
+                 freeaddrinfo (ai);
+                 ai = NULL;
+         }
+         if (ai) {
+                     freeaddrinfo (ai);
+                     errx ("failed to contact %s", hostname);
+         }
+

+Before authenticating, an authentication context needs to be created. This context keeps all information for one (to be) authenticated connection (see krb5_auth_context).

+

         status = krb5_auth_con_init (context, &auth_context);
+         if (status)
+                 krb5_err (context, 1, status, "krb5_auth_con_init");
+

+For setting the address in the authentication there is a help function krb5_auth_con_setaddrs_from_fd() that does everything that is needed when given a connected file descriptor to the socket.

+

         status = krb5_auth_con_setaddrs_from_fd (context,
+                                                  auth_context,
+                                                  &sock);
+         if (status)
+                 krb5_err (context, 1, status,
+                           "krb5_auth_con_setaddrs_from_fd");
+

+The next step is to build a server principal for the service we want to connect to. (See also krb5_sname_to_principal().)

+

         status = krb5_sname_to_principal (context,
+                                           hostname,
+                                           service,
+                                           KRB5_NT_SRV_HST,
+                                           &server);
+         if (status)
+                 krb5_err (context, 1, status, "krb5_sname_to_principal");
+

+The client principal is not passed to krb5_sendauth() function, this causes the krb5_sendauth() function to try to figure it out itself.

+The server program is using the function krb5_recvauth() to receive the Kerberos 5 authenticator.

+In this case, mutual authentication will be tried. That means that the server will authenticate to the client. Using mutual authentication is good since it enables the user to verify that they are talking to the right server (a server that knows the key).

+If you are using a non-blocking socket you will need to do all work of krb5_sendauth() yourself. Basically you need to send over the authenticator from krb5_mk_req() and, in case of mutual authentication, verifying the result from the server with krb5_rd_rep().

+

         status = krb5_sendauth (context,
+                                 &auth_context,
+                                 &sock,
+                                 VERSION,
+                                 NULL,
+                                 server,
+                                 AP_OPTS_MUTUAL_REQUIRED,
+                                 NULL,
+                                 NULL,
+                                 NULL,
+                                 NULL,
+                                 NULL,
+                                 NULL);
+         if (status)
+                 krb5_err (context, 1, status, "krb5_sendauth");
+

+Once authentication has been performed, it is time to send some data. First we create a krb5_data structure, then we sign it with krb5_mk_safe() using the auth_context that contains the session-key that was exchanged in the krb5_sendauth()/krb5_recvauth() authentication sequence.

+

         data.data   = "hej";
+         data.length = 3;
+
+         krb5_data_zero (&packet);
+
+         status = krb5_mk_safe (context,
+                                auth_context,
+                                &data,
+                                &packet,
+                                NULL);
+         if (status)
+                 krb5_err (context, 1, status, "krb5_mk_safe");
+

+And send it over the network.

+

         len = packet.length;
+         net_len = htonl(len);
+
+         if (krb5_net_write (context, &sock, &net_len, 4) != 4)
+                 err (1, "krb5_net_write");
+         if (krb5_net_write (context, &sock, packet.data, len) != len)
+                 err (1, "krb5_net_write");
+

+To send encrypted (and signed) data krb5_mk_priv() should be used instead. krb5_mk_priv() works the same way as krb5_mk_safe(), with the exception that it encrypts the data in addition to signing it.

+

         data.data   = "hemligt";
+         data.length = 7;
+
+         krb5_data_free (&packet);
+
+         status = krb5_mk_priv (context,
+                                auth_context,
+                                &data,
+                                &packet,
+                                NULL);
+         if (status)
+                 krb5_err (context, 1, status, "krb5_mk_priv");
+

+And send it over the network.

+

         len = packet.length;
+         net_len = htonl(len);
+
+         if (krb5_net_write (context, &sock, &net_len, 4) != 4)
+                 err (1, "krb5_net_write");
+         if (krb5_net_write (context, &sock, packet.data, len) != len)
+                 err (1, "krb5_net_write");
+

+The server is using krb5_rd_safe() and krb5_rd_priv() to verify the signature and decrypt the packet.

+Validating a password in an application

+See the manual page for krb5_verify_user().

+API differences to MIT Kerberos

+This section is somewhat disorganised, but so far there is no overall structure to the differences, though some of the have their root in that Heimdal uses an ASN.1 compiler and MIT doesn't.

+Principal and realms

+Heimdal stores the realm as a krb5_realm, that is a char *. MIT Kerberos uses a krb5_data to store a realm.

+In Heimdal krb5_principal doesn't contain the component name_type; it's instead stored in component name.name_type. To get and set the nametype in Heimdal, use krb5_principal_get_type() and krb5_principal_set_type().

+For more information about principal and realms, see krb5_principal.

+Error messages

+To get the error string, Heimdal uses krb5_get_error_message(). This is to return custom error messages (like ``Can't find host/datan.example.com@CODE.COM in /etc/krb5.conf.'' instead of a ``Key table entry not found'' that error_message returns.

+Heimdal uses a threadsafe(r) version of the com_err interface; the global com_err table isn't initialised. Then error_message returns quite a boring error string (just the error code itself).

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/krb5_keytab_intro.html b/doc/doxyout/krb5/html/krb5_keytab_intro.html new file mode 100644 index 000000000000..321b0f339bac --- /dev/null +++ b/doc/doxyout/krb5/html/krb5_keytab_intro.html @@ -0,0 +1,82 @@ + + +HeimdalKerberos5library: The keytab handing functions + + + +

+keyhole logo +

+ + + +
+

The keytab handing functions

+Kerberos Keytabs

+See the library functions here: Heimdal Kerberos 5 keytab handling functions

+Keytabs are long term key storage for servers, their equvalment of password files.

+Normally the only function that useful for server are to specify what keytab to use to other core functions like krb5_rd_req() krb5_kt_resolve(), and krb5_kt_close().

+Keytab names

+A keytab name is on the form type:residual. The residual part is specific to each keytab-type.

+When a keytab-name is resolved, the type is matched with an internal list of keytab types. If there is no matching keytab type, the default keytab is used. The current default type is FILE.

+The default value can be changed in the configuration file /etc/krb5.conf by setting the variable [defaults]default_keytab_name.

+The keytab types that are implemented in Heimdal are:

    +
  • file store the keytab in a file, the type's name is FILE . The residual part is a filename. For compatibility with other Kerberos implemtation WRFILE and JAVA14 is also accepted. WRFILE has the same format as FILE. JAVA14 have a format that is compatible with older versions of MIT kerberos and SUN's Java based installation. They store a truncted kvno, so when the knvo excess 255, they are truncted in this format.
+

+

    +
  • keytab store the keytab in a AFS keyfile (usually /usr/afs/etc/KeyFile ), the type's name is AFSKEYFILE. The residual part is a filename.
+

+

    +
  • memory The keytab is stored in a memory segment. This allows sensitive and/or temporary data not to be stored on disk. The type's name is MEMORY. Each MEMORY keytab is referenced counted by and opened by the residual name, so two handles can point to the same memory area. When the last user closes using krb5_kt_close() the keytab, the keys in they keytab is memset() to zero and freed and can no longer be looked up by name.
+

+Keytab example

+This is a minimalistic version of ktutil.

+

int
+main (int argc, char **argv)
+{
+    krb5_context context;
+    krb5_keytab keytab;
+    krb5_kt_cursor cursor;
+    krb5_keytab_entry entry;
+    krb5_error_code ret;
+    char *principal;
+
+    if (krb5_init_context (&context) != 0)
+        errx(1, "krb5_context");
+
+    ret = krb5_kt_default (context, &keytab);
+    if (ret)
+        krb5_err(context, 1, ret, "krb5_kt_default");
+
+    ret = krb5_kt_start_seq_get(context, keytab, &cursor);
+    if (ret)
+        krb5_err(context, 1, ret, "krb5_kt_start_seq_get");
+    while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0){
+        krb5_unparse_name(context, entry.principal, &principal);
+        printf("principal: %s\n", principal);
+        free(principal);
+        krb5_kt_free_entry(context, &entry);
+    }
+    ret = krb5_kt_end_seq_get(context, keytab, &cursor);
+    if (ret)
+        krb5_err(context, 1, ret, "krb5_kt_end_seq_get");
+    ret = krb5_kt_close(context, keytab);
+    if (ret)
+        krb5_err(context, 1, ret, "krb5_kt_close");
+    krb5_free_context(context);
+    return 0;
+}
+
+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/krb5_principal_intro.html b/doc/doxyout/krb5/html/krb5_principal_intro.html new file mode 100644 index 000000000000..d559d0a0eacc --- /dev/null +++ b/doc/doxyout/krb5/html/krb5_principal_intro.html @@ -0,0 +1,32 @@ + + +HeimdalKerberos5library: The principal handing functions. + + + +

+keyhole logo +

+ + + +
+

The principal handing functions.

A Kerberos principal is a email address looking string that contains to parts separeted by a @. The later part is the kerbero realm the principal belongs to and the former is a list of 0 or more components. For example 
+lha@SU.SE
+host/hummel.it.su.se@SU.SE
+host/admin@H5L.ORG
+

+See the library functions here: Heimdal Kerberos 5 principal functions

+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/modules.html b/doc/doxyout/krb5/html/modules.html new file mode 100644 index 000000000000..0fe42026d456 --- /dev/null +++ b/doc/doxyout/krb5/html/modules.html @@ -0,0 +1,45 @@ + + +HeimdalKerberos5library: Module Index + + + +

+keyhole logo +

+ + + +
+

Modules

Here is a list of all modules: +
+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/pages.html b/doc/doxyout/krb5/html/pages.html new file mode 100644 index 000000000000..e71a524783f2 --- /dev/null +++ b/doc/doxyout/krb5/html/pages.html @@ -0,0 +1,41 @@ + + +HeimdalKerberos5library: Page Index + + + +

+keyhole logo +

+ + + +
+

Related Pages

Here is a list of all related documentation pages: +
+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/structkrb5__crypto__iov.html b/doc/doxyout/krb5/html/structkrb5__crypto__iov.html new file mode 100644 index 000000000000..af35226ff2c8 --- /dev/null +++ b/doc/doxyout/krb5/html/structkrb5__crypto__iov.html @@ -0,0 +1,40 @@ + + +HeimdalKerberos5library: krb5_crypto_iov Struct Reference + + + +

+keyhole logo +

+ + + +
+

krb5_crypto_iov Struct Reference

#include <krb5.h> +

+ + +
+

Detailed Description

+Semi private, not stable yet
The documentation for this struct was generated from the following file:
    +
  • /Users/lha/src/heimdal/heimdal-release/heimdal-1.5/lib/krb5/krb5.h
+
+
+Generated on Sat Jul 30 13:45:40 2011 for HeimdalKerberos5library by doxygen 1.5.6
+ + diff --git a/doc/doxyout/krb5/html/tab_b.gif b/doc/doxyout/krb5/html/tab_b.gif new file mode 100644 index 0000000000000000000000000000000000000000..0d623483ffdf5f9f96900108042a7ab0643fe2a3 GIT binary patch literal 35 ncmZ?wbhEHbWMp7uXkcJy*>IeJfk6j|fqX^=1|}vKMh0sDa2W*H literal 0 HcmV?d00001 diff --git a/doc/doxyout/krb5/html/tab_l.gif b/doc/doxyout/krb5/html/tab_l.gif new file mode 100644 index 0000000000000000000000000000000000000000..9b1e6337c9299a700401a2a78a2c6ffced475216 GIT binary patch literal 706 zcmZ?wbhEHbZT`}F1e&(Gg}Y(8=I;HA5#Z$3JI=gGB)FQ#odI(O&E^@q;x zK6mr*m3xOS-#u~t!I@i+u0DKm^U160k6t`|^WpV}&n+8{U%dD9&a>B#U%!9-@yol< zU%&tQ{rk_K|NsC0`}dE5ET99@1@a36+kb~?0UJ*yc&I3X_m z!ND^5$O7$#8OFRuDhG}!?8z?cdZK&!`PWjdR;Aj^wZ` zeK{IEYHBJ)6K8VIp1`BVt++swf6j+=L{p1*nO(VhE`pFexG@5$|>uaCcd z`0m=9m+yak{QmXN#Sc$^{$X9h9&q2jiKAI|&T)a;PPx2K9p`YIdw8HtR5k2Q$2-O2 z*;3y{MQ-RnJTgJfI&R5|O)AHxDf_00XbPvDZPy4t=hHd)nfLPvms&O`Ok(sD()5v$ z5U@&h;a=#xbxVbo2~X&Xj0Ie(f{v>vERH+qC+nTG=B8Nca=wU-O$?1&vUgV~9=!H; zx>3p9Yn%*<>t~sk+&0xfyS8RsPfYBd<~wWK%j-LmpU>O7yX^h#UCp1x-p#i7@bE;py8XI6 zmY<)m>~)W~yIWcMVoiPg{duuf<*)9qZ9l$m*Ph&W&$jlv*Vpa+{pH@n=IQ$L?0$ax ec60Ul|8o2P|NVbd{6P)#weSbE3}s?04AuZvx_~SI literal 0 HcmV?d00001 diff --git a/doc/doxyout/krb5/html/tab_r.gif b/doc/doxyout/krb5/html/tab_r.gif new file mode 100644 index 0000000000000000000000000000000000000000..ce9dd9f533cb5486d6941844f442b59d4a9e9175 GIT binary patch literal 2585 zcmbV}`9Bkk1ILFF--w5zJc=ZZT(zjE=;2|_S)Qm~rCWz1Pc)KPl;jv%A#&v2*x}yc zmf2~Jm~&=xjJY?PqwIN}f8qQ2{r$uH{c*nJbmr{cR5??*egHrs-B=MzCF`3%e{FAW z{oL5xTHn~5TM{jaB;@|_Ue5F&Zb@p(kMyG{*;gWDg zyeL|eZf7Qd8=#bXzSiR{yzRgLSj-fJS8>lBjVHN z^o-0eS=nE6a`W;LChBs=`+QAJP~{b93>H^eRb5kCSC1zUNezun%`L5M?RDzv#%jk7 zYVRX=vATPD`+oEfum^{RM@GjuP?-r=yh0!p;Vx^T9G7~`7%5ydH%70=jyJ;;`d;hv92x3R=z{xp+Lg2!*@OK*K15-t&okoPtSED)h&$RLxdbA zseWm^C3d%-yRNi-ryk^!ek+C`n&~cd$#ZWct_cUL{l~i+Nzx^5d!n94(>bW-iL~Rl z&8r)?q|1DIo=0=judQ{FaGcfLERz8gfn3-Qt<2lksh{mzpT}DXxUuR^z=^key&q4! z+wWI45vL0k$R^(F#{qfqhUsN@WA+w-V?LPH33!Q?WFSB3)WBojE@hK41Nb?KfS+Qo zXgrzfsP$wr4Qzy*{OD>uJBjdgGM@VMml5)2f~_}lD*YyOb}Hjeobhz#4c`w(l^>KK zr?Ud;W~Z}*w;%hZ|2^p^+f06gJDJQD zeIhGADbDmm&6arh(q>EZ<7mjzg7l|z$hRL8=1>)Nv=S7CY$B}iYJ&*T_-T_OG*L1q ztZ3Lana33?y3AKnyq^YCF|4x%Rb5WU&2qcl{TFKey%QJeMxn^SdT!hZ5+0i1zeusiYVp-phBl7b5+Px-X&LhByq z0F&<;K0l2+v>qiHlXb#$jXMv$uK-dEGE9L~qtdU(XeRXmvu*K2Q&6!fD**JxYP4b4BR7FdJ$Qx9G9`J%-_X!a#LGpp3g9)VWytGCa;7`S1_e8F~!R+aSJ zOF17p2`H?2kPs8Q`_;U}+D%3p zs2-0BTqFwpUoBk`?P;iPQ(IbEA|JmMx!P&YYG|R@S=5Mnw;-?A6rEEVyV%d7{iU4a zNk`i!%F(Ykpm`}#oH;BjY->@b8vQedv;pza2FL&*6ufjd+*3Ute&>kes~TU?^KkojsTh(o~(3tk1Y6>4(yn( z#U*ID9@eg-beKo1B;HXe+}{Z%n@7m0+yxivuqk9~;!1LGQlah)xYK4>wgL}l6dsaN zIxlRlq`*`j9PG4*0hD6YV_b_2w5b#)o7J?`q#{GjvvKlD`T*dWcZx<-s(ZvLB44E# z=!|sw!?)@%y$oRNL#25WS3lzdii}TuQ3?CLnvQ1_n};2sT_;Y;#d3=+-(O% zMN$>O!3;ke(UuLR%h_&)N zs^!-@A>QR}4yB1bPp`9S19ikTbZ~O{&FF-yHK{En;mmShDUIEw03`j(DBIsM}Rjki2J#SQa3gFZTKBPDeIiLt9Z z%bL3(B@Qw%(B`wSMS~dPh$=R`(}lBoFXKy(s|*{#ru$wjsBc_O#zxNk9w+UUHmx(U zmJ8+M+ndtnZ<7|VU9Mbt61zpo9T&3%Wx&XII=#QJxjR`CZf22ac3d51Z?GD%LEe_&*t46Qf;4`bZ7p2K(Ab5>GfT^}4! zBT&HZD`^PEgWoI&{~o-ID0F?O`75sm(87x%A{(}Ch1)QlzdJ)1B-eqe5a(weg0`4lQIf1evjvbBY50DVbzO7CLf|vP z2#0(U-|jZ`H{y5N^o7%iK6H>_HEGN->U6^!)1{XpJV!!4(Ig7wzZQ*9WYF4X1rG0x z=1uA@i`rIAciubDC{;~b(|&|A@xkjRP5aRcvRU9tvIm}jDB6J eQ0-6-y)mpwdT=ayS0tBxKDA*~;EWmo literal 0 HcmV?d00001 diff --git a/doc/doxyout/krb5/html/tabs.css b/doc/doxyout/krb5/html/tabs.css new file mode 100644 index 000000000000..95f00a91da30 --- /dev/null +++ b/doc/doxyout/krb5/html/tabs.css @@ -0,0 +1,102 @@ +/* tabs styles, based on http://www.alistapart.com/articles/slidingdoors */ + +DIV.tabs +{ + float : left; + width : 100%; + background : url("tab_b.gif") repeat-x bottom; + margin-bottom : 4px; +} + +DIV.tabs UL +{ + margin : 0px; + padding-left : 10px; + list-style : none; +} + +DIV.tabs LI, DIV.tabs FORM +{ + display : inline; + margin : 0px; + padding : 0px; +} + +DIV.tabs FORM +{ + float : right; +} + +DIV.tabs A +{ + float : left; + background : url("tab_r.gif") no-repeat right top; + border-bottom : 1px solid #84B0C7; + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + +DIV.tabs A:hover +{ + background-position: 100% -150px; +} + +DIV.tabs A:link, DIV.tabs A:visited, +DIV.tabs A:active, DIV.tabs A:hover +{ + color: #1A419D; +} + +DIV.tabs SPAN +{ + float : left; + display : block; + background : url("tab_l.gif") no-repeat left top; + padding : 5px 9px; + white-space : nowrap; +} + +DIV.tabs INPUT +{ + float : right; + display : inline; + font-size : 1em; +} + +DIV.tabs TD +{ + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + + + +/* Commented Backslash Hack hides rule from IE5-Mac \*/ +DIV.tabs SPAN {float : none;} +/* End IE5-Mac hack */ + +DIV.tabs A:hover SPAN +{ + background-position: 0% -150px; +} + +DIV.tabs LI.current A +{ + background-position: 100% -150px; + border-width : 0px; +} + +DIV.tabs LI.current SPAN +{ + background-position: 0% -150px; + padding-bottom : 6px; +} + +DIV.navpath +{ + background : none; + border : none; + border-bottom : 1px solid #84B0C7; +} diff --git a/doc/doxyout/krb5/man/man3/krb5.3 b/doc/doxyout/krb5/man/man3/krb5.3 new file mode 100644 index 000000000000..4026b09500b1 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5.3 @@ -0,0 +1,1092 @@ +.TH "Heimdal Kerberos 5 library" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 library \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_add_et_list\fP (krb5_context context, void(*func)(struct et_list **))" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_set_password\fP (krb5_context context, krb5_creds *creds, const char *newpw, krb5_principal targprinc, int *result_code, krb5_data *result_code_string, krb5_data *result_string)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_init_context\fP (krb5_context *context)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_copy_context\fP (krb5_context context, krb5_context *out)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_free_context\fP (krb5_context context)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_set_config_files\fP (krb5_context context, char **filenames)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_prepend_config_files_default\fP (const char *filelist, char ***pfilenames)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_default_config_files\fP (char ***pfilenames)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_free_config_files\fP (char **filenames)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const krb5_enctype *KRB5_LIB_CALL \fBkrb5_kerberos_enctypes\fP (krb5_context context)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_set_default_in_tkt_etypes\fP (krb5_context context, const krb5_enctype *etypes)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_default_in_tkt_etypes\fP (krb5_context context, krb5_pdu pdu_type, krb5_enctype **etypes)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_init_ets\fP (krb5_context context)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_set_use_admin_kdc\fP (krb5_context context, krb5_boolean flag)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_get_use_admin_kdc\fP (krb5_context context)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_add_extra_addresses\fP (krb5_context context, krb5_addresses *addresses)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_set_extra_addresses\fP (krb5_context context, const krb5_addresses *addresses)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_extra_addresses\fP (krb5_context context, krb5_addresses *addresses)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_add_ignore_addresses\fP (krb5_context context, krb5_addresses *addresses)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_set_ignore_addresses\fP (krb5_context context, const krb5_addresses *addresses)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_ignore_addresses\fP (krb5_context context, krb5_addresses *addresses)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_set_fcache_version\fP (krb5_context context, int version)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_fcache_version\fP (krb5_context context, int *version)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_is_thread_safe\fP (void)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_set_dns_canonicalize_hostname\fP (krb5_context context, krb5_boolean flag)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_get_dns_canonicalize_hostname\fP (krb5_context context)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_kdc_sec_offset\fP (krb5_context context, int32_t *sec, int32_t *usec)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_set_kdc_sec_offset\fP (krb5_context context, int32_t sec, int32_t usec)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL \fBkrb5_get_max_time_skew\fP (krb5_context context)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_set_max_time_skew\fP (krb5_context context, time_t t)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_set_home_dir_access\fP (krb5_context context, krb5_boolean allow)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_copy_host_realm\fP (krb5_context context, const krb5_realm *from, krb5_realm **to)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_free_cred_contents\fP (krb5_context context, krb5_creds *c)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_copy_creds_contents\fP (krb5_context context, const krb5_creds *incred, krb5_creds *c)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_copy_creds\fP (krb5_context context, const krb5_creds *incred, krb5_creds **outcred)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_free_creds\fP (krb5_context context, krb5_creds *c)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_compare_creds\fP (krb5_context context, krb5_flags whichfields, const krb5_creds *mcreds, const krb5_creds *creds)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL \fBkrb5_creds_get_ticket_flags\fP (krb5_creds *creds)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_data_zero\fP (krb5_data *p)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_data_free\fP (krb5_data *p)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_free_data\fP (krb5_context context, krb5_data *p)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_data_alloc\fP (krb5_data *p, int len)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_data_realloc\fP (krb5_data *p, int len)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_data_copy\fP (krb5_data *p, const void *data, size_t len)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_copy_data\fP (krb5_context context, const krb5_data *indata, krb5_data **outdata)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION int KRB5_LIB_CALL \fBkrb5_data_cmp\fP (const krb5_data *data1, const krb5_data *data2)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION int KRB5_LIB_CALL \fBkrb5_data_ct_cmp\fP (const krb5_data *data1, const krb5_data *data2)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_krbhst_get_addrinfo\fP (krb5_context context, krb5_krbhst_info *host, struct addrinfo **ai)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_free_ticket\fP (krb5_context context, krb5_ticket *ticket)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_copy_ticket\fP (krb5_context context, const krb5_ticket *from, krb5_ticket **to)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ticket_get_client\fP (krb5_context context, const krb5_ticket *ticket, krb5_principal *client)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ticket_get_server\fP (krb5_context context, const krb5_ticket *ticket, krb5_principal *server)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL \fBkrb5_ticket_get_endtime\fP (krb5_context context, const krb5_ticket *ticket)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ticket_get_authorization_data_type\fP (krb5_context context, krb5_ticket *ticket, int type, krb5_data *data)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_set_real_time\fP (krb5_context context, krb5_timestamp sec, int32_t usec)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_et_list (krb5_context context, void(*)(struct et_list **) func)" +.PP +Add a specified list of error messages to the et list in context. Call func (probably a comerr-generated function) with a pointer to the current et_list. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A kerberos context. +.br +\fIfunc\fP The generated com_err et function. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_extra_addresses (krb5_context context, krb5_addresses * addresses)" +.PP +Add extra address to the address list that the library will add to the client's address list when communicating with the KDC. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIaddresses\fP addreses to add +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_ignore_addresses (krb5_context context, krb5_addresses * addresses)" +.PP +Add extra addresses to ignore when fetching addresses from the underlaying operating system. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIaddresses\fP addreses to ignore +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_compare_creds (krb5_context context, krb5_flags whichfields, const krb5_creds * mcreds, const krb5_creds * creds)" +.PP +Return TRUE if `mcreds' and `creds' are equal (`whichfields' determines what equal means). +.PP +The following flags, set in whichfields affects the comparison: +.IP "\(bu" 2 +KRB5_TC_MATCH_SRV_NAMEONLY Consider all realms equal when comparing the service principal. +.IP "\(bu" 2 +KRB5_TC_MATCH_KEYTYPE Compare enctypes. +.IP "\(bu" 2 +KRB5_TC_MATCH_FLAGS_EXACT Make sure that the ticket flags are identical. +.IP "\(bu" 2 +KRB5_TC_MATCH_FLAGS Make sure that all ticket flags set in mcreds are also present in creds . +.IP "\(bu" 2 +KRB5_TC_MATCH_TIMES_EXACT Compares the ticket times exactly. +.IP "\(bu" 2 +KRB5_TC_MATCH_TIMES Compares only the expiration times of the creds. +.IP "\(bu" 2 +KRB5_TC_MATCH_AUTHDATA Compares the authdata fields. +.IP "\(bu" 2 +KRB5_TC_MATCH_2ND_TKT Compares the second tickets (used by user-to-user authentication). +.IP "\(bu" 2 +KRB5_TC_MATCH_IS_SKEY Compares the existance of the second ticket. +.PP +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIwhichfields\fP which fields to compare. +.br +\fImcreds\fP cred to compare with. +.br +\fIcreds\fP cred to compare with. +.RE +.PP +\fBReturns:\fP +.RS 4 +return TRUE if mcred and creds are equal, FALSE if not. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_context (krb5_context context, krb5_context * out)" +.PP +Make a copy for the Kerberos 5 context, the new krb5_context shoud be freed with \fBkrb5_free_context()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP the Kerberos context to copy +.br +\fIout\fP the copy of the Kerberos, set to NULL error. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_creds (krb5_context context, const krb5_creds * incred, krb5_creds ** outcred)" +.PP +Copy krb5_creds. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIincred\fP source credential +.br +\fIoutcred\fP destination credential, free with \fBkrb5_free_creds()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_creds_contents (krb5_context context, const krb5_creds * incred, krb5_creds * c)" +.PP +Copy content of krb5_creds. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIincred\fP source credential +.br +\fIc\fP destination credential, free with \fBkrb5_free_cred_contents()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_data (krb5_context context, const krb5_data * indata, krb5_data ** outdata)" +.PP +Copy the data into a newly allocated krb5_data. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIindata\fP the krb5_data data to copy +.br +\fIoutdata\fP new krb5_date to copy too. Free with \fBkrb5_free_data()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_host_realm (krb5_context context, const krb5_realm * from, krb5_realm ** to)" +.PP +Copy the list of realms from `from' to `to'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIfrom\fP list of realms to copy from. +.br +\fIto\fP list of realms to copy to, free list of \fBkrb5_free_host_realm()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_ticket (krb5_context context, const krb5_ticket * from, krb5_ticket ** to)" +.PP +Copy ticket and content +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context +.br +\fIfrom\fP ticket to copy +.br +\fIto\fP new copy of ticket, free with \fBkrb5_free_ticket()\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL krb5_creds_get_ticket_flags (krb5_creds * creds)" +.PP +Returns the ticket flags for the credentials in creds. See also \fBkrb5_ticket_get_flags()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcreds\fP credential to get ticket flags from +.RE +.PP +\fBReturns:\fP +.RS 4 +ticket flags +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_data_alloc (krb5_data * p, int len)" +.PP +Allocate data of and krb5_data. +.PP +\fBParameters:\fP +.RS 4 +\fIp\fP krb5_data to allocate. +.br +\fIlen\fP size to allocate. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_data_cmp (const krb5_data * data1, const krb5_data * data2)" +.PP +Compare to data. +.PP +\fBParameters:\fP +.RS 4 +\fIdata1\fP krb5_data to compare +.br +\fIdata2\fP krb5_data to compare +.RE +.PP +\fBReturns:\fP +.RS 4 +return the same way as memcmp(), useful when sorting. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_data_copy (krb5_data * p, const void * data, size_t len)" +.PP +Copy the data of len into the krb5_data. +.PP +\fBParameters:\fP +.RS 4 +\fIp\fP krb5_data to copy into. +.br +\fIdata\fP data to copy.. +.br +\fIlen\fP new size. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_data_ct_cmp (const krb5_data * data1, const krb5_data * data2)" +.PP +Compare to data not exposing timing information from the checksum data +.PP +\fBParameters:\fP +.RS 4 +\fIdata1\fP krb5_data to compare +.br +\fIdata2\fP krb5_data to compare +.RE +.PP +\fBReturns:\fP +.RS 4 +returns zero for same data, otherwise non zero. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_data_free (krb5_data * p)" +.PP +Free the content of krb5_data structure, its ok to free a zeroed structure (with memset() or \fBkrb5_data_zero()\fP). When done, the structure will be zeroed. The same function is called \fBkrb5_free_data_contents()\fP in MIT Kerberos. +.PP +\fBParameters:\fP +.RS 4 +\fIp\fP krb5_data to free. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_data_realloc (krb5_data * p, int len)" +.PP +Grow (or shrink) the content of krb5_data to a new size. +.PP +\fBParameters:\fP +.RS 4 +\fIp\fP krb5_data to free. +.br +\fIlen\fP new size. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_data_zero (krb5_data * p)" +.PP +Reset the (potentially uninitalized) krb5_data structure. +.PP +\fBParameters:\fP +.RS 4 +\fIp\fP krb5_data to reset. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_config_files (char ** filenames)" +.PP +Free a list of configuration files. +.PP +\fBParameters:\fP +.RS 4 +\fIfilenames\fP list, terminated with a NULL pointer, to be freed. NULL is an valid argument. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_context (krb5_context context)" +.PP +Frees the krb5_context allocated by \fBkrb5_init_context()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP context to be freed. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_cred_contents (krb5_context context, krb5_creds * c)" +.PP +Free content of krb5_creds. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIc\fP krb5_creds to free. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_creds (krb5_context context, krb5_creds * c)" +.PP +Free krb5_creds. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIc\fP krb5_creds to free. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_data (krb5_context context, krb5_data * p)" +.PP +Free krb5_data (and its content). +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIp\fP krb5_data to free. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_ticket (krb5_context context, krb5_ticket * ticket)" +.PP +Free ticket and content +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context +.br +\fIticket\fP ticket to free +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_config_files (char *** pfilenames)" +.PP +Get the global configuration list. +.PP +\fBParameters:\fP +.RS 4 +\fIpfilenames\fP return array of filenames, should be freed with \fBkrb5_free_config_files()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_in_tkt_etypes (krb5_context context, krb5_pdu pdu_type, krb5_enctype ** etypes)" +.PP +Get the default encryption types that will be use in communcation with the KDC, clients and servers. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIetypes\fP Encryption types, array terminated with ETYPE_NULL(0), caller should free array with krb5_xfree(): +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_get_dns_canonicalize_hostname (krb5_context context)" +.PP +Get if the library uses DNS to canonicalize hostnames. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.RE +.PP +\fBReturns:\fP +.RS 4 +return non zero if the library uses DNS to canonicalize hostnames. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_extra_addresses (krb5_context context, krb5_addresses * addresses)" +.PP +Get extra address to the address list that the library will add to the client's address list when communicating with the KDC. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIaddresses\fP addreses to set +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_fcache_version (krb5_context context, int * version)" +.PP +Get version of fcache that the library should use. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIversion\fP version number. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_ignore_addresses (krb5_context context, krb5_addresses * addresses)" +.PP +Get extra addresses to ignore when fetching addresses from the underlaying operating system. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIaddresses\fP list addreses ignored +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_kdc_sec_offset (krb5_context context, int32_t * sec, int32_t * usec)" +.PP +Get current offset in time to the KDC. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIsec\fP seconds part of offset. +.br +\fIusec\fP micro seconds part of offset. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns zero +.RE +.PP + +.SS "KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL krb5_get_max_time_skew (krb5_context context)" +.PP +Get max time skew allowed. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.RE +.PP +\fBReturns:\fP +.RS 4 +timeskew in seconds. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_get_use_admin_kdc (krb5_context context)" +.PP +Make the kerberos library default to the admin KDC. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.RE +.PP +\fBReturns:\fP +.RS 4 +boolean flag to telling the context will use admin KDC as the default KDC. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_context (krb5_context * context)" +.PP +Initializes the context structure and reads the configuration file /etc/krb5.conf. The structure should be freed by calling \fBkrb5_free_context()\fP when it is no longer being used. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP pointer to returned context +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an errno code is returned. Failure means either that something bad happened during initialization (typically ENOMEM) or that Kerberos should not be used ENXIO. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_init_ets (krb5_context context)" +.PP +Init the built-in ets in the Kerberos library. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP kerberos context to add the ets too +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_is_thread_safe (void)" +.PP +Runtime check if the Kerberos library was complied with thread support. +.PP +\fBReturns:\fP +.RS 4 +TRUE if the library was compiled with thread support, FALSE if not. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION const krb5_enctype* KRB5_LIB_CALL krb5_kerberos_enctypes (krb5_context context)" +.PP +Returns the list of Kerberos encryption types sorted in order of most preferred to least preferred encryption type. Note that some encryption types might be disabled, so you need to check with \fBkrb5_enctype_valid()\fP before using the encryption type. +.PP +\fBReturns:\fP +.RS 4 +list of enctypes, terminated with ETYPE_NULL. Its a static array completed into the Kerberos library so the content doesn't need to be freed. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_get_addrinfo (krb5_context context, krb5_krbhst_info * host, struct addrinfo ** ai)" +.PP +Return an `struct addrinfo *' for a KDC host. +.PP +Returns an the struct addrinfo in in that corresponds to the information in `host'. free:ing is handled by krb5_krbhst_free, so the returned ai must not be released. +.PP +First try this as an IP address, this allows us to add a dot at the end to stop using the search domains. +.PP +If the hostname contains a dot, assumes it's a FQDN and don't use search domains since that might be painfully slow when machine is disconnected from that network. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_prepend_config_files_default (const char * filelist, char *** pfilenames)" +.PP +Prepend the filename to the global configuration list. +.PP +\fBParameters:\fP +.RS 4 +\fIfilelist\fP a filename to add to the default list of filename +.br +\fIpfilenames\fP return array of filenames, should be freed with \fBkrb5_free_config_files()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_config_files (krb5_context context, char ** filenames)" +.PP +Reinit the context from a new set of filenames. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP context to add configuration too. +.br +\fIfilenames\fP array of filenames, end of list is indicated with a NULL filename. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_default_in_tkt_etypes (krb5_context context, const krb5_enctype * etypes)" +.PP +Set the default encryption types that will be use in communcation with the KDC, clients and servers. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIetypes\fP Encryption types, array terminated with ETYPE_NULL (0). +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_dns_canonicalize_hostname (krb5_context context, krb5_boolean flag)" +.PP +Set if the library should use DNS to canonicalize hostnames. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIflag\fP if its dns canonicalizion is used or not. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_extra_addresses (krb5_context context, const krb5_addresses * addresses)" +.PP +Set extra address to the address list that the library will add to the client's address list when communicating with the KDC. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIaddresses\fP addreses to set +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_fcache_version (krb5_context context, int version)" +.PP +Set version of fcache that the library should use. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIversion\fP version number. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_set_home_dir_access (krb5_context context, krb5_boolean allow)" +.PP +Enable and disable home directory access on either the global state or the krb5_context state. By calling \fBkrb5_set_home_dir_access()\fP with context set to NULL, the global state is configured otherwise the state for the krb5_context is modified. +.PP +For home directory access to be allowed, both the global state and the krb5_context state have to be allowed. +.PP +Administrator (root user), never uses the home directory. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context or NULL +.br +\fIallow\fP allow if TRUE home directory +.RE +.PP +\fBReturns:\fP +.RS 4 +the old value +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_ignore_addresses (krb5_context context, const krb5_addresses * addresses)" +.PP +Set extra addresses to ignore when fetching addresses from the underlaying operating system. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIaddresses\fP addreses to ignore +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_kdc_sec_offset (krb5_context context, int32_t sec, int32_t usec)" +.PP +Set current offset in time to the KDC. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIsec\fP seconds part of offset. +.br +\fIusec\fP micro seconds part of offset. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns zero +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_max_time_skew (krb5_context context, time_t t)" +.PP +Set max time skew allowed. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIt\fP timeskew in seconds. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_password (krb5_context context, krb5_creds * creds, const char * newpw, krb5_principal targprinc, int * result_code, krb5_data * result_code_string, krb5_data * result_string)" +.PP +Change password using creds. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIcreds\fP The initial kadmin/passwd for the principal or an admin principal +.br +\fInewpw\fP The new password to set +.br +\fItargprinc\fP if unset, the default principal is used. +.br +\fIresult_code\fP Result code, KRB5_KPASSWD_SUCCESS is when password is changed. +.br +\fIresult_code_string\fP binary message from the server, contains at least the result_code. +.br +\fIresult_string\fP A message from the kpasswd service or the library in human printable form. The string is NUL terminated. +.RE +.PP +\fBReturns:\fP +.RS 4 +On sucess and *result_code is KRB5_KPASSWD_SUCCESS, the password is changed. +.RE +.PP +@ +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_real_time (krb5_context context, krb5_timestamp sec, int32_t usec)" +.PP +Set the absolute time that the caller knows the kdc has so the kerberos library can calculate the relative diffrence beteen the KDC time and local system time. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Keberos 5 context. +.br +\fIsec\fP The applications new of 'now' in seconds +.br +\fIusec\fP The applications new of 'now' in micro seconds +.RE +.PP +\fBReturns:\fP +.RS 4 +Kerberos 5 error code, see krb5_get_error_message(). +.RE +.PP + +.PP +If the caller passes in a negative usec, its assumed to be unknown and the function will use the current time usec. +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_use_admin_kdc (krb5_context context, krb5_boolean flag)" +.PP +Make the kerberos library default to the admin KDC. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIflag\fP boolean flag to select if the use the admin KDC or not. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ticket_get_authorization_data_type (krb5_context context, krb5_ticket * ticket, int type, krb5_data * data)" +.PP +Extract the authorization data type of type from the ticket. Store the field in data. This function is to use for kerberos applications. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context +.br +\fIticket\fP Kerberos ticket +.br +\fItype\fP type to fetch +.br +\fIdata\fP returned data, free with \fBkrb5_data_free()\fP +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ticket_get_client (krb5_context context, const krb5_ticket * ticket, krb5_principal * client)" +.PP +Return client principal in ticket +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context +.br +\fIticket\fP ticket to copy +.br +\fIclient\fP client principal, free with \fBkrb5_free_principal()\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL krb5_ticket_get_endtime (krb5_context context, const krb5_ticket * ticket)" +.PP +Return end time of ticket +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context +.br +\fIticket\fP ticket to copy +.RE +.PP +\fBReturns:\fP +.RS 4 +end time of ticket +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ticket_get_server (krb5_context context, const krb5_ticket * ticket, krb5_principal * server)" +.PP +Return server principal in ticket +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context +.br +\fIticket\fP ticket to copy +.br +\fIserver\fP server principal, free with \fBkrb5_free_principal()\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb524_convert_creds_kdc.3 b/doc/doxyout/krb5/man/man3/krb524_convert_creds_kdc.3 new file mode 100644 index 000000000000..2f0545d0dd2a --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb524_convert_creds_kdc.3 @@ -0,0 +1 @@ +.so man3/krb5_v4compat.3 diff --git a/doc/doxyout/krb5/man/man3/krb524_convert_creds_kdc_ccache.3 b/doc/doxyout/krb5/man/man3/krb524_convert_creds_kdc_ccache.3 new file mode 100644 index 000000000000..2f0545d0dd2a --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb524_convert_creds_kdc_ccache.3 @@ -0,0 +1 @@ +.so man3/krb5_v4compat.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_acc_ops.3 b/doc/doxyout/krb5/man/man3/krb5_acc_ops.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_acc_ops.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_acl_match_file.3 b/doc/doxyout/krb5/man/man3/krb5_acl_match_file.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_acl_match_file.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_acl_match_string.3 b/doc/doxyout/krb5/man/man3/krb5_acl_match_string.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_acl_match_string.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_add_et_list.3 b/doc/doxyout/krb5/man/man3/krb5_add_et_list.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_add_et_list.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_add_extra_addresses.3 b/doc/doxyout/krb5/man/man3/krb5_add_extra_addresses.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_add_extra_addresses.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_add_ignore_addresses.3 b/doc/doxyout/krb5/man/man3/krb5_add_ignore_addresses.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_add_ignore_addresses.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_addr2sockaddr.3 b/doc/doxyout/krb5/man/man3/krb5_addr2sockaddr.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_addr2sockaddr.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_address.3 b/doc/doxyout/krb5/man/man3/krb5_address.3 new file mode 100644 index 000000000000..eb0acdbdd0dd --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_address.3 @@ -0,0 +1,461 @@ +.TH "Heimdal Kerberos 5 address functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 address functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_sockaddr2address\fP (krb5_context context, const struct sockaddr *sa, krb5_address *addr)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_sockaddr2port\fP (krb5_context context, const struct sockaddr *sa, int16_t *port)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_addr2sockaddr\fP (krb5_context context, const krb5_address *addr, struct sockaddr *sa, krb5_socklen_t *sa_size, int port)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL \fBkrb5_max_sockaddr_size\fP (void)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_sockaddr_uninteresting\fP (const struct sockaddr *sa)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_h_addr2sockaddr\fP (krb5_context context, int af, const char *addr, struct sockaddr *sa, krb5_socklen_t *sa_size, int port)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_h_addr2addr\fP (krb5_context context, int af, const char *haddr, krb5_address *addr)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_anyaddr\fP (krb5_context context, int af, struct sockaddr *sa, krb5_socklen_t *sa_size, int port)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_print_address\fP (const krb5_address *addr, char *str, size_t len, size_t *ret_len)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_parse_address\fP (krb5_context context, const char *string, krb5_addresses *addresses)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION int KRB5_LIB_CALL \fBkrb5_address_order\fP (krb5_context context, const krb5_address *addr1, const krb5_address *addr2)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_address_compare\fP (krb5_context context, const krb5_address *addr1, const krb5_address *addr2)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_address_search\fP (krb5_context context, const krb5_address *addr, const krb5_addresses *addrlist)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_free_address\fP (krb5_context context, krb5_address *address)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_free_addresses\fP (krb5_context context, krb5_addresses *addresses)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_copy_address\fP (krb5_context context, const krb5_address *inaddr, krb5_address *outaddr)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_copy_addresses\fP (krb5_context context, const krb5_addresses *inaddr, krb5_addresses *outaddr)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_append_addresses\fP (krb5_context context, krb5_addresses *dest, const krb5_addresses *source)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_make_addrport\fP (krb5_context context, krb5_address **res, const krb5_address *addr, int16_t port)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_address_prefixlen_boundary\fP (krb5_context context, const krb5_address *inaddr, unsigned long prefixlen, krb5_address *low, krb5_address *high)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_addr2sockaddr (krb5_context context, const krb5_address * addr, struct sockaddr * sa, krb5_socklen_t * sa_size, int port)" +.PP +krb5_addr2sockaddr sets the 'struct sockaddr sockaddr' from addr and port. The argument sa_size should initially contain the size of the sa and after the call, it will contain the actual length of the address. In case of the sa is too small to fit the whole address, the up to *sa_size will be stored, and then *sa_size will be set to the required length. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIaddr\fP the address to copy the from +.br +\fIsa\fP the struct sockaddr that will be filled in +.br +\fIsa_size\fP pointer to length of sa, and after the call, it will contain the actual length of the address. +.br +\fIport\fP set port in sa. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. Will return KRB5_PROG_ATYPE_NOSUPP in case address type is not supported. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_address_compare (krb5_context context, const krb5_address * addr1, const krb5_address * addr2)" +.PP +krb5_address_compare compares the addresses addr1 and addr2. Returns TRUE if the two addresses are the same. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIaddr1\fP address to compare +.br +\fIaddr2\fP address to compare +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an TRUE is the address are the same FALSE if not +.RE +.PP + +.SS "KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_address_order (krb5_context context, const krb5_address * addr1, const krb5_address * addr2)" +.PP +krb5_address_order compares the addresses addr1 and addr2 so that it can be used for sorting addresses. If the addresses are the same address krb5_address_order will return 0. Behavies like memcmp(2). +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIaddr1\fP krb5_address to compare +.br +\fIaddr2\fP krb5_address to compare +.RE +.PP +\fBReturns:\fP +.RS 4 +< 0 if address addr1 in 'less' then addr2. 0 if addr1 and addr2 is the same address, > 0 if addr2 is 'less' then addr1. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_address_prefixlen_boundary (krb5_context context, const krb5_address * inaddr, unsigned long prefixlen, krb5_address * low, krb5_address * high)" +.PP +Calculate the boundary addresses of `inaddr'/`prefixlen' and store them in `low' and `high'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIinaddr\fP address in prefixlen that the bondery searched +.br +\fIprefixlen\fP width of boundery +.br +\fIlow\fP lowest address +.br +\fIhigh\fP highest address +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_address_search (krb5_context context, const krb5_address * addr, const krb5_addresses * addrlist)" +.PP +krb5_address_search checks if the address addr is a member of the address set list addrlist . +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIaddr\fP address to search for. +.br +\fIaddrlist\fP list of addresses to look in for addr. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_anyaddr (krb5_context context, int af, struct sockaddr * sa, krb5_socklen_t * sa_size, int port)" +.PP +krb5_anyaddr fills in a 'struct sockaddr sa' that can be used to bind(2) to. The argument sa_size should initially contain the size of the sa, and after the call, it will contain the actual length of the address. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIaf\fP address family +.br +\fIsa\fP sockaddr +.br +\fIsa_size\fP lenght of sa. +.br +\fIport\fP for to fill into sa. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_append_addresses (krb5_context context, krb5_addresses * dest, const krb5_addresses * source)" +.PP +krb5_append_addresses adds the set of addresses in source to dest. While copying the addresses, duplicates are also sorted out. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIdest\fP destination of copy operation +.br +\fIsource\fP adresses that are going to be added to dest +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_address (krb5_context context, const krb5_address * inaddr, krb5_address * outaddr)" +.PP +krb5_copy_address copies the content of address inaddr to outaddr. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIinaddr\fP pointer to source address +.br +\fIoutaddr\fP pointer to destination address +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_addresses (krb5_context context, const krb5_addresses * inaddr, krb5_addresses * outaddr)" +.PP +krb5_copy_addresses copies the content of addresses inaddr to outaddr. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIinaddr\fP pointer to source addresses +.br +\fIoutaddr\fP pointer to destination addresses +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_address (krb5_context context, krb5_address * address)" +.PP +krb5_free_address frees the data stored in the address that is alloced with any of the krb5_address functions. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIaddress\fP addresss to be freed. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_addresses (krb5_context context, krb5_addresses * addresses)" +.PP +krb5_free_addresses frees the data stored in the address that is alloced with any of the krb5_address functions. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIaddresses\fP addressses to be freed. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_h_addr2addr (krb5_context context, int af, const char * haddr, krb5_address * addr)" +.PP +krb5_h_addr2addr works like krb5_h_addr2sockaddr with the exception that it operates on a krb5_address instead of a struct sockaddr. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIaf\fP address family +.br +\fIhaddr\fP host address from struct hostent. +.br +\fIaddr\fP returned krb5_address. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_h_addr2sockaddr (krb5_context context, int af, const char * addr, struct sockaddr * sa, krb5_socklen_t * sa_size, int port)" +.PP +krb5_h_addr2sockaddr initializes a 'struct sockaddr sa' from af and the 'struct hostent' (see gethostbyname(3) ) h_addr_list component. The argument sa_size should initially contain the size of the sa, and after the call, it will contain the actual length of the address. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIaf\fP addresses +.br +\fIaddr\fP address +.br +\fIsa\fP returned struct sockaddr +.br +\fIsa_size\fP size of sa +.br +\fIport\fP port to set in sa. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_make_addrport (krb5_context context, krb5_address ** res, const krb5_address * addr, int16_t port)" +.PP +Create an address of type KRB5_ADDRESS_ADDRPORT from (addr, port) +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIres\fP built address from addr/port +.br +\fIaddr\fP address to use +.br +\fIport\fP port to use +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL krb5_max_sockaddr_size (void)" +.PP +krb5_max_sockaddr_size returns the max size of the .Li struct sockaddr that the Kerberos library will return. +.PP +\fBReturns:\fP +.RS 4 +Return an size_t of the maximum struct sockaddr. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_address (krb5_context context, const char * string, krb5_addresses * addresses)" +.PP +krb5_parse_address returns the resolved hostname in string to the krb5_addresses addresses . +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIstring\fP +.br +\fIaddresses\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_print_address (const krb5_address * addr, char * str, size_t len, size_t * ret_len)" +.PP +krb5_print_address prints the address in addr to the string string that have the length len. If ret_len is not NULL, it will be filled with the length of the string if size were unlimited (not including the final NUL) . +.PP +\fBParameters:\fP +.RS 4 +\fIaddr\fP address to be printed +.br +\fIstr\fP pointer string to print the address into +.br +\fIlen\fP length that will fit into area pointed to by 'str'. +.br +\fIret_len\fP return length the str. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sockaddr2address (krb5_context context, const struct sockaddr * sa, krb5_address * addr)" +.PP +krb5_sockaddr2address stores a address a 'struct sockaddr' sa in the krb5_address addr. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIsa\fP a struct sockaddr to extract the address from +.br +\fIaddr\fP an Kerberos 5 address to store the address in. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sockaddr2port (krb5_context context, const struct sockaddr * sa, int16_t * port)" +.PP +krb5_sockaddr2port extracts a port (if possible) from a 'struct sockaddr. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIsa\fP a struct sockaddr to extract the port from +.br +\fIport\fP a pointer to an int16_t store the port in. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. Will return KRB5_PROG_ATYPE_NOSUPP in case address type is not supported. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_sockaddr_uninteresting (const struct sockaddr * sa)" +.PP +krb5_sockaddr_uninteresting returns TRUE for all .Fa sa that the kerberos library thinks are uninteresting. One example are link local addresses. +.PP +\fBParameters:\fP +.RS 4 +\fIsa\fP pointer to struct sockaddr that might be interesting. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return a non zero for uninteresting addresses. +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_address_compare.3 b/doc/doxyout/krb5/man/man3/krb5_address_compare.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_address_compare.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_address_order.3 b/doc/doxyout/krb5/man/man3/krb5_address_order.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_address_order.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_address_prefixlen_boundary.3 b/doc/doxyout/krb5/man/man3/krb5_address_prefixlen_boundary.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_address_prefixlen_boundary.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_address_search.3 b/doc/doxyout/krb5/man/man3/krb5_address_search.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_address_search.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_allow_weak_crypto.3 b/doc/doxyout/krb5/man/man3/krb5_allow_weak_crypto.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_allow_weak_crypto.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_anyaddr.3 b/doc/doxyout/krb5/man/man3/krb5_anyaddr.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_anyaddr.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_append_addresses.3 b/doc/doxyout/krb5/man/man3/krb5_append_addresses.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_append_addresses.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_auth.3 b/doc/doxyout/krb5/man/man3/krb5_auth.3 new file mode 100644 index 000000000000..072de42b67a5 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_auth.3 @@ -0,0 +1,138 @@ +.TH "Heimdal Kerberos 5 authentication functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 authentication functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_rd_req_in_ctx_alloc\fP (krb5_context context, krb5_rd_req_in_ctx *ctx)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_rd_req_in_set_keytab\fP (krb5_context context, krb5_rd_req_in_ctx in, krb5_keytab keytab)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_rd_req_in_set_pac_check\fP (krb5_context context, krb5_rd_req_in_ctx in, krb5_boolean flag)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_rd_req_out_get_server\fP (krb5_context context, krb5_rd_req_out_ctx out, krb5_principal *principal)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_rd_req_out_ctx_free\fP (krb5_context context, krb5_rd_req_out_ctx ctx)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_rd_req_ctx\fP (krb5_context context, krb5_auth_context *auth_context, const krb5_data *inbuf, krb5_const_principal server, krb5_rd_req_in_ctx inctx, krb5_rd_req_out_ctx *outctx)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_ctx (krb5_context context, krb5_auth_context * auth_context, const krb5_data * inbuf, krb5_const_principal server, krb5_rd_req_in_ctx inctx, krb5_rd_req_out_ctx * outctx)" +.PP +The core server function that verify application authentication requests from clients. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Keberos 5 context. +.br +\fIauth_context\fP the authentication context, can be NULL, then default values for the authentication context will used. +.br +\fIinbuf\fP the (AP-REQ) authentication buffer +.br +\fIserver\fP the server with authenticate as, if NULL the function will try to find any available credential in the keytab that will verify the reply. The function will prefer the server the server client specified in the AP-REQ, but if there is no mach, it will try all keytab entries for a match. This have serious performance issues for larger keytabs. +.br +\fIinctx\fP control the behavior of the function, if NULL, the default behavior is used. +.br +\fIoutctx\fP the return outctx, free with \fBkrb5_rd_req_out_ctx_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Kerberos 5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_ctx_alloc (krb5_context context, krb5_rd_req_in_ctx * ctx)" +.PP +Allocate a krb5_rd_req_in_ctx as an input parameter to \fBkrb5_rd_req_ctx()\fP. The caller should free the context with krb5_rd_req_in_ctx_free() when done with the context. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Keberos 5 context. +.br +\fIctx\fP in ctx to \fBkrb5_rd_req_ctx()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Kerberos 5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_set_keytab (krb5_context context, krb5_rd_req_in_ctx in, krb5_keytab keytab)" +.PP +Set the keytab that \fBkrb5_rd_req_ctx()\fP will use. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Keberos 5 context. +.br +\fIin\fP in ctx to \fBkrb5_rd_req_ctx()\fP. +.br +\fIkeytab\fP keytab that \fBkrb5_rd_req_ctx()\fP will use, only copy the pointer, so the caller must free they keytab after krb5_rd_req_in_ctx_free() is called. +.RE +.PP +\fBReturns:\fP +.RS 4 +Kerberos 5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_set_pac_check (krb5_context context, krb5_rd_req_in_ctx in, krb5_boolean flag)" +.PP +Set if krb5_rq_red() is going to check the Windows PAC or not +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Keberos 5 context. +.br +\fIin\fP krb5_rd_req_in_ctx to check the option on. +.br +\fIflag\fP flag to select if to check the pac (TRUE) or not (FALSE). +.RE +.PP +\fBReturns:\fP +.RS 4 +Kerberos 5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_rd_req_out_ctx_free (krb5_context context, krb5_rd_req_out_ctx ctx)" +.PP +Free the krb5_rd_req_out_ctx. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Keberos 5 context. +.br +\fIctx\fP krb5_rd_req_out_ctx context to free. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_out_get_server (krb5_context context, krb5_rd_req_out_ctx out, krb5_principal * principal)" +.PP +Get the principal that was used in the request from the client. Might not match whats in the ticket if \fBkrb5_rd_req_ctx()\fP searched in the keytab for a matching key. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context. +.br +\fIout\fP a krb5_rd_req_out_ctx from \fBkrb5_rd_req_ctx()\fP. +.br +\fIprincipal\fP return principal, free with \fBkrb5_free_principal()\fP. +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_auth_getremoteseqnumber.3 b/doc/doxyout/krb5/man/man3/krb5_auth_getremoteseqnumber.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_auth_getremoteseqnumber.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_build_principal.3 b/doc/doxyout/krb5/man/man3/krb5_build_principal.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_build_principal.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_c_enctype_compare.3 b/doc/doxyout/krb5/man/man3/krb5_c_enctype_compare.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_c_enctype_compare.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_cache_end_seq_get.3 b/doc/doxyout/krb5/man/man3/krb5_cc_cache_end_seq_get.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_cache_end_seq_get.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_cache_get_first.3 b/doc/doxyout/krb5/man/man3/krb5_cc_cache_get_first.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_cache_get_first.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_cache_match.3 b/doc/doxyout/krb5/man/man3/krb5_cc_cache_match.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_cache_match.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_cache_next.3 b/doc/doxyout/krb5/man/man3/krb5_cc_cache_next.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_cache_next.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_clear_mcred.3 b/doc/doxyout/krb5/man/man3/krb5_cc_clear_mcred.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_clear_mcred.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_close.3 b/doc/doxyout/krb5/man/man3/krb5_cc_close.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_close.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_copy_cache.3 b/doc/doxyout/krb5/man/man3/krb5_cc_copy_cache.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_copy_cache.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_copy_creds.3 b/doc/doxyout/krb5/man/man3/krb5_cc_copy_creds.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_copy_creds.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_copy_match_f.3 b/doc/doxyout/krb5/man/man3/krb5_cc_copy_match_f.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_copy_match_f.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_default.3 b/doc/doxyout/krb5/man/man3/krb5_cc_default.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_default.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_default_name.3 b/doc/doxyout/krb5/man/man3/krb5_cc_default_name.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_default_name.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_destroy.3 b/doc/doxyout/krb5/man/man3/krb5_cc_destroy.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_destroy.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_end_seq_get.3 b/doc/doxyout/krb5/man/man3/krb5_cc_end_seq_get.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_end_seq_get.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_gen_new.3 b/doc/doxyout/krb5/man/man3/krb5_cc_gen_new.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_gen_new.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_get_config.3 b/doc/doxyout/krb5/man/man3/krb5_cc_get_config.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_get_config.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_get_flags.3 b/doc/doxyout/krb5/man/man3/krb5_cc_get_flags.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_get_flags.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_get_friendly_name.3 b/doc/doxyout/krb5/man/man3/krb5_cc_get_friendly_name.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_get_friendly_name.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_get_full_name.3 b/doc/doxyout/krb5/man/man3/krb5_cc_get_full_name.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_get_full_name.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_get_kdc_offset.3 b/doc/doxyout/krb5/man/man3/krb5_cc_get_kdc_offset.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_get_kdc_offset.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_get_lifetime.3 b/doc/doxyout/krb5/man/man3/krb5_cc_get_lifetime.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_get_lifetime.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_get_name.3 b/doc/doxyout/krb5/man/man3/krb5_cc_get_name.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_get_name.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_get_ops.3 b/doc/doxyout/krb5/man/man3/krb5_cc_get_ops.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_get_ops.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_get_prefix_ops.3 b/doc/doxyout/krb5/man/man3/krb5_cc_get_prefix_ops.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_get_prefix_ops.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_get_principal.3 b/doc/doxyout/krb5/man/man3/krb5_cc_get_principal.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_get_principal.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_get_type.3 b/doc/doxyout/krb5/man/man3/krb5_cc_get_type.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_get_type.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_get_version.3 b/doc/doxyout/krb5/man/man3/krb5_cc_get_version.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_get_version.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_initialize.3 b/doc/doxyout/krb5/man/man3/krb5_cc_initialize.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_initialize.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_last_change_time.3 b/doc/doxyout/krb5/man/man3/krb5_cc_last_change_time.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_last_change_time.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_move.3 b/doc/doxyout/krb5/man/man3/krb5_cc_move.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_move.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_new_unique.3 b/doc/doxyout/krb5/man/man3/krb5_cc_new_unique.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_new_unique.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_next_cred.3 b/doc/doxyout/krb5/man/man3/krb5_cc_next_cred.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_next_cred.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_register.3 b/doc/doxyout/krb5/man/man3/krb5_cc_register.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_register.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_remove_cred.3 b/doc/doxyout/krb5/man/man3/krb5_cc_remove_cred.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_remove_cred.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_resolve.3 b/doc/doxyout/krb5/man/man3/krb5_cc_resolve.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_resolve.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_retrieve_cred.3 b/doc/doxyout/krb5/man/man3/krb5_cc_retrieve_cred.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_retrieve_cred.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_set_config.3 b/doc/doxyout/krb5/man/man3/krb5_cc_set_config.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_set_config.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_set_default_name.3 b/doc/doxyout/krb5/man/man3/krb5_cc_set_default_name.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_set_default_name.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_set_flags.3 b/doc/doxyout/krb5/man/man3/krb5_cc_set_flags.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_set_flags.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_set_friendly_name.3 b/doc/doxyout/krb5/man/man3/krb5_cc_set_friendly_name.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_set_friendly_name.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_set_kdc_offset.3 b/doc/doxyout/krb5/man/man3/krb5_cc_set_kdc_offset.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_set_kdc_offset.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_start_seq_get.3 b/doc/doxyout/krb5/man/man3/krb5_cc_start_seq_get.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_start_seq_get.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_store_cred.3 b/doc/doxyout/krb5/man/man3/krb5_cc_store_cred.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_store_cred.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_support_switch.3 b/doc/doxyout/krb5/man/man3/krb5_cc_support_switch.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_support_switch.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cc_switch.3 b/doc/doxyout/krb5/man/man3/krb5_cc_switch.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cc_switch.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ccache.3 b/doc/doxyout/krb5/man/man3/krb5_ccache.3 new file mode 100644 index 000000000000..302626a23995 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ccache.3 @@ -0,0 +1,888 @@ +.TH "Heimdal Kerberos 5 credential cache functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 credential cache functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_register\fP (krb5_context context, const krb5_cc_ops *ops, krb5_boolean override)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_resolve\fP (krb5_context context, const char *name, krb5_ccache *id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_new_unique\fP (krb5_context context, const char *type, const char *hint, krb5_ccache *id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const char *KRB5_LIB_CALL \fBkrb5_cc_get_name\fP (krb5_context context, krb5_ccache id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const char *KRB5_LIB_CALL \fBkrb5_cc_get_type\fP (krb5_context context, krb5_ccache id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_get_full_name\fP (krb5_context context, krb5_ccache id, char **str)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const krb5_cc_ops *KRB5_LIB_CALL \fBkrb5_cc_get_ops\fP (krb5_context context, krb5_ccache id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_switch\fP (krb5_context context, krb5_ccache id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_cc_support_switch\fP (krb5_context context, const char *type)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_set_default_name\fP (krb5_context context, const char *name)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const char *KRB5_LIB_CALL \fBkrb5_cc_default_name\fP (krb5_context context)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_default\fP (krb5_context context, krb5_ccache *id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_initialize\fP (krb5_context context, krb5_ccache id, krb5_principal primary_principal)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_destroy\fP (krb5_context context, krb5_ccache id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_close\fP (krb5_context context, krb5_ccache id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_store_cred\fP (krb5_context context, krb5_ccache id, krb5_creds *creds)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_retrieve_cred\fP (krb5_context context, krb5_ccache id, krb5_flags whichfields, const krb5_creds *mcreds, krb5_creds *creds)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_get_principal\fP (krb5_context context, krb5_ccache id, krb5_principal *principal)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_start_seq_get\fP (krb5_context context, const krb5_ccache id, krb5_cc_cursor *cursor)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_next_cred\fP (krb5_context context, const krb5_ccache id, krb5_cc_cursor *cursor, krb5_creds *creds)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_end_seq_get\fP (krb5_context context, const krb5_ccache id, krb5_cc_cursor *cursor)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_remove_cred\fP (krb5_context context, krb5_ccache id, krb5_flags which, krb5_creds *cred)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_set_flags\fP (krb5_context context, krb5_ccache id, krb5_flags flags)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_get_flags\fP (krb5_context context, krb5_ccache id, krb5_flags *flags)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_copy_match_f\fP (krb5_context context, const krb5_ccache from, krb5_ccache to, krb5_boolean(*match)(krb5_context, void *, const krb5_creds *), void *matchctx, unsigned int *matched)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_copy_cache\fP (krb5_context context, const krb5_ccache from, krb5_ccache to)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_get_version\fP (krb5_context context, const krb5_ccache id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_cc_clear_mcred\fP (krb5_creds *mcred)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const krb5_cc_ops *KRB5_LIB_CALL \fBkrb5_cc_get_prefix_ops\fP (krb5_context context, const char *prefix)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_cache_get_first\fP (krb5_context context, const char *type, krb5_cc_cache_cursor *cursor)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_cache_next\fP (krb5_context context, krb5_cc_cache_cursor cursor, krb5_ccache *id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_cache_end_seq_get\fP (krb5_context context, krb5_cc_cache_cursor cursor)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_cache_match\fP (krb5_context context, krb5_principal client, krb5_ccache *id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_move\fP (krb5_context context, krb5_ccache from, krb5_ccache to)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_is_config_principal\fP (krb5_context context, krb5_const_principal principal)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_set_config\fP (krb5_context context, krb5_ccache id, krb5_const_principal principal, const char *name, krb5_data *data)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_get_config\fP (krb5_context context, krb5_ccache id, krb5_const_principal principal, const char *name, krb5_data *data)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cccol_cursor_new\fP (krb5_context context, krb5_cccol_cursor *cursor)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cccol_cursor_next\fP (krb5_context context, krb5_cccol_cursor cursor, krb5_ccache *cache)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cccol_cursor_free\fP (krb5_context context, krb5_cccol_cursor *cursor)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_last_change_time\fP (krb5_context context, krb5_ccache id, krb5_timestamp *mtime)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cccol_last_change_time\fP (krb5_context context, const char *type, krb5_timestamp *mtime)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_get_friendly_name\fP (krb5_context context, krb5_ccache id, char **name)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_set_friendly_name\fP (krb5_context context, krb5_ccache id, const char *name)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_get_lifetime\fP (krb5_context context, krb5_ccache id, time_t *t)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_set_kdc_offset\fP (krb5_context context, krb5_ccache id, krb5_deltat offset)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_get_kdc_offset\fP (krb5_context context, krb5_ccache id, krb5_deltat *offset)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_gen_new\fP (krb5_context context, const krb5_cc_ops *ops, krb5_ccache *id) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cc_copy_creds\fP (krb5_context context, const krb5_ccache from, krb5_ccache to)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_validated_creds\fP (krb5_context context, krb5_creds *creds, krb5_principal client, krb5_ccache ccache, char *service)" +.br +.in -1c +.SS "Variables" + +.in +1c +.ti -1c +.RI "KRB5_LIB_VARIABLE const krb5_cc_ops \fBkrb5_acc_ops\fP" +.br +.ti -1c +.RI "KRB5_LIB_VARIABLE const krb5_cc_ops \fBkrb5_fcc_ops\fP" +.br +.ti -1c +.RI "KRB5_LIB_VARIABLE const krb5_cc_ops \fBkrb5_mcc_ops\fP" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_end_seq_get (krb5_context context, krb5_cc_cache_cursor cursor)" +.PP +Destroy the cursor `cursor'. +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_get_first (krb5_context context, const char * type, krb5_cc_cache_cursor * cursor)" +.PP +Start iterating over all caches of specified type. See also \fBkrb5_cccol_cursor_new()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context +.br +\fItype\fP optional type to iterate over, if NULL, the default cache is used. +.br +\fIcursor\fP cursor should be freed with \fBkrb5_cc_cache_end_seq_get()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_match (krb5_context context, krb5_principal client, krb5_ccache * id)" +.PP +Search for a matching credential cache that have the `principal' as the default principal. On success, `id' needs to be freed with \fBkrb5_cc_close()\fP or \fBkrb5_cc_destroy()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context +.br +\fIclient\fP The principal to search for +.br +\fIid\fP the returned credential cache +.RE +.PP +\fBReturns:\fP +.RS 4 +On failure, error code is returned and `id' is set to NULL. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_next (krb5_context context, krb5_cc_cache_cursor cursor, krb5_ccache * id)" +.PP +Retrieve the next cache pointed to by (`cursor') in `id' and advance `cursor'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context +.br +\fIcursor\fP the iterator cursor, returned by \fBkrb5_cc_cache_get_first()\fP +.br +\fIid\fP next ccache +.RE +.PP +\fBReturns:\fP +.RS 4 +Return 0 or an error code. Returns KRB5_CC_END when the end of caches is reached, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_cc_clear_mcred (krb5_creds * mcred)" +.PP +Clear `mcreds' so it can be used with krb5_cc_retrieve_cred +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_close (krb5_context context, krb5_ccache id)" +.PP +Stop using the ccache `id' and free the related resources. +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_copy_cache (krb5_context context, const krb5_ccache from, krb5_ccache to)" +.PP +Just like \fBkrb5_cc_copy_match_f()\fP, but copy everything. +.PP +@ +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_copy_creds (krb5_context context, const krb5_ccache from, krb5_ccache to)" +.PP +MIT compat glue +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_copy_match_f (krb5_context context, const krb5_ccache from, krb5_ccache to, krb5_boolean(*)(krb5_context, void *, const krb5_creds *) match, void * matchctx, unsigned int * matched)" +.PP +Copy the contents of `from' to `to' if the given match function return true. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIfrom\fP the cache to copy data from. +.br +\fIto\fP the cache to copy data to. +.br +\fImatch\fP a match function that should return TRUE if cred argument should be copied, if NULL, all credentials are copied. +.br +\fImatchctx\fP context passed to match function. +.br +\fImatched\fP set to true if there was a credential that matched, may be NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_default (krb5_context context, krb5_ccache * id)" +.PP +Open the default ccache in `id'. +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_cc_default_name (krb5_context context)" +.PP +Return a pointer to a context static string containing the default ccache name. +.PP +\fBReturns:\fP +.RS 4 +String to the default credential cache name. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_destroy (krb5_context context, krb5_ccache id)" +.PP +Remove the ccache `id'. +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_end_seq_get (krb5_context context, const krb5_ccache id, krb5_cc_cursor * cursor)" +.PP +Destroy the cursor `cursor'. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_gen_new (krb5_context context, const krb5_cc_ops * ops, krb5_ccache * id)" +.PP +Generate a new ccache of type `ops' in `id'. +.PP +Deprecated: use \fBkrb5_cc_new_unique()\fP instead. +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_config (krb5_context context, krb5_ccache id, krb5_const_principal principal, const char * name, krb5_data * data)" +.PP +Get some configuration for the credential cache in the cache. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIid\fP the credential cache to store the data for +.br +\fIprincipal\fP configuration for a specific principal, if NULL, global for the whole cache. +.br +\fIname\fP name under which the configuraion is stored. +.br +\fIdata\fP data to fetched, free with \fBkrb5_data_free()\fP +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_flags (krb5_context context, krb5_ccache id, krb5_flags * flags)" +.PP +Get the flags of `id', store them in `flags'. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_friendly_name (krb5_context context, krb5_ccache id, char ** name)" +.PP +Return a friendly name on credential cache. Free the result with krb5_xfree(). +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_full_name (krb5_context context, krb5_ccache id, char ** str)" +.PP +Return the complete resolvable name the cache +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIid\fP return pointer to a found credential cache +.br +\fIstr\fP the returned name of a credential cache, free with krb5_xfree() +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 or an error (and then *str is set to NULL). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_kdc_offset (krb5_context context, krb5_ccache id, krb5_deltat * offset)" +.PP +Get the time offset betwen the client and the KDC +.PP +If the backend doesn't support KDC offset, use the context global setting. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIid\fP a credential cache +.br +\fIoffset\fP the offset in seconds +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_lifetime (krb5_context context, krb5_ccache id, time_t * t)" +.PP +Get the lifetime of the initial ticket in the cache +.PP +Get the lifetime of the initial ticket in the cache, if the initial ticket was not found, the error code KRB5_CC_END is returned. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIid\fP a credential cache +.br +\fIt\fP the relative lifetime of the initial ticket +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_cc_get_name (krb5_context context, krb5_ccache id)" +.PP +Return the name of the ccache `id' +.SS "KRB5_LIB_FUNCTION const krb5_cc_ops* KRB5_LIB_CALL krb5_cc_get_ops (krb5_context context, krb5_ccache id)" +.PP +Return krb5_cc_ops of a the ccache `id'. +.SS "KRB5_LIB_FUNCTION const krb5_cc_ops* KRB5_LIB_CALL krb5_cc_get_prefix_ops (krb5_context context, const char * prefix)" +.PP +Get the cc ops that is registered in `context' to handle the prefix. prefix can be a complete credential cache name or a prefix, the function will only use part up to the first colon (:) if there is one. If prefix the argument is NULL, the default ccache implemtation is returned. +.PP +\fBReturns:\fP +.RS 4 +Returns NULL if ops not found. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_principal (krb5_context context, krb5_ccache id, krb5_principal * principal)" +.PP +Return the principal of `id' in `principal'. +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_cc_get_type (krb5_context context, krb5_ccache id)" +.PP +Return the type of the ccache `id'. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_version (krb5_context context, const krb5_ccache id)" +.PP +Return the version of `id'. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_initialize (krb5_context context, krb5_ccache id, krb5_principal primary_principal)" +.PP +Create a new ccache in `id' for `primary_principal'. +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_last_change_time (krb5_context context, krb5_ccache id, krb5_timestamp * mtime)" +.PP +Return the last time the credential cache was modified. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context +.br +\fIid\fP The credential cache to probe +.br +\fImtime\fP the last modification time, set to 0 on error. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return 0 or and error. See krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_move (krb5_context context, krb5_ccache from, krb5_ccache to)" +.PP +Move the content from one credential cache to another. The operation is an atomic switch. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIfrom\fP the credential cache to move the content from +.br +\fIto\fP the credential cache to move the content to +.RE +.PP +\fBReturns:\fP +.RS 4 +On sucess, from is freed. On failure, error code is returned and from and to are both still allocated, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_new_unique (krb5_context context, const char * type, const char * hint, krb5_ccache * id)" +.PP +Generates a new unique ccache of `type` in `id'. If `type' is NULL, the library chooses the default credential cache type. The supplied `hint' (that can be NULL) is a string that the credential cache type can use to base the name of the credential on, this is to make it easier for the user to differentiate the credentials. +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_next_cred (krb5_context context, const krb5_ccache id, krb5_cc_cursor * cursor, krb5_creds * creds)" +.PP +Retrieve the next cred pointed to by (`id', `cursor') in `creds' and advance `cursor'. +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_register (krb5_context context, const krb5_cc_ops * ops, krb5_boolean override)" +.PP +Add a new ccache type with operations `ops', overwriting any existing one if `override'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIops\fP type of plugin symbol +.br +\fIoverride\fP flag to select if the registration is to overide an existing ops with the same name. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_remove_cred (krb5_context context, krb5_ccache id, krb5_flags which, krb5_creds * cred)" +.PP +Remove the credential identified by `cred', `which' from `id'. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_resolve (krb5_context context, const char * name, krb5_ccache * id)" +.PP +Find and allocate a ccache in `id' from the specification in `residual'. If the ccache name doesn't contain any colon, interpret it as a file name. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIname\fP string name of a credential cache. +.br +\fIid\fP return pointer to a found credential cache. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return 0 or an error code. In case of an error, id is set to NULL, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_retrieve_cred (krb5_context context, krb5_ccache id, krb5_flags whichfields, const krb5_creds * mcreds, krb5_creds * creds)" +.PP +Retrieve the credential identified by `mcreds' (and `whichfields') from `id' in `creds'. 'creds' must be free by the caller using krb5_free_cred_contents. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context +.br +\fIid\fP a Kerberos 5 credential cache +.br +\fIwhichfields\fP what fields to use for matching credentials, same flags as whichfields in \fBkrb5_compare_creds()\fP +.br +\fImcreds\fP template credential to use for comparing +.br +\fIcreds\fP returned credential, free with \fBkrb5_free_cred_contents()\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_config (krb5_context context, krb5_ccache id, krb5_const_principal principal, const char * name, krb5_data * data)" +.PP +Store some configuration for the credential cache in the cache. Existing configuration under the same name is over-written. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIid\fP the credential cache to store the data for +.br +\fIprincipal\fP configuration for a specific principal, if NULL, global for the whole cache. +.br +\fIname\fP name under which the configuraion is stored. +.br +\fIdata\fP data to store, if NULL, configure is removed. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_default_name (krb5_context context, const char * name)" +.PP +Set the default cc name for `context' to `name'. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_flags (krb5_context context, krb5_ccache id, krb5_flags flags)" +.PP +Set the flags of `id' to `flags'. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_friendly_name (krb5_context context, krb5_ccache id, const char * name)" +.PP +Set the friendly name on credential cache. +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_kdc_offset (krb5_context context, krb5_ccache id, krb5_deltat offset)" +.PP +Set the time offset betwen the client and the KDC +.PP +If the backend doesn't support KDC offset, use the context global setting. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIid\fP a credential cache +.br +\fIoffset\fP the offset in seconds +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_start_seq_get (krb5_context context, const krb5_ccache id, krb5_cc_cursor * cursor)" +.PP +Start iterating over `id', `cursor' is initialized to the beginning. Caller must free the cursor with \fBkrb5_cc_end_seq_get()\fP. +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_store_cred (krb5_context context, krb5_ccache id, krb5_creds * creds)" +.PP +Store `creds' in the ccache `id'. +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_cc_support_switch (krb5_context context, const char * type)" +.PP +Return true if the default credential cache support switch +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_switch (krb5_context context, krb5_ccache id)" +.PP +Switch the default default credential cache for a specific credcache type (and name for some implementations). +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cccol_cursor_free (krb5_context context, krb5_cccol_cursor * cursor)" +.PP +End an iteration and free all resources, can be done before end is reached. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context +.br +\fIcursor\fP the iteration cursor to be freed. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return 0 or and error, KRB5_CC_END is returned at the end of iteration. See krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cccol_cursor_new (krb5_context context, krb5_cccol_cursor * cursor)" +.PP +Get a new cache interation cursor that will interate over all credentials caches independent of type. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIcursor\fP passed into \fBkrb5_cccol_cursor_next()\fP and free with \fBkrb5_cccol_cursor_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 or and error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cccol_cursor_next (krb5_context context, krb5_cccol_cursor cursor, krb5_ccache * cache)" +.PP +Get next credential cache from the iteration. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context +.br +\fIcursor\fP the iteration cursor +.br +\fIcache\fP the returned cursor, pointer is set to NULL on failure and a cache on success. The returned cache needs to be freed with \fBkrb5_cc_close()\fP or destroyed with \fBkrb5_cc_destroy()\fP. MIT Kerberos behavies slightly diffrent and sets cache to NULL when all caches are iterated over and return 0. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return 0 or and error, KRB5_CC_END is returned at the end of iteration. See krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cccol_last_change_time (krb5_context context, const char * type, krb5_timestamp * mtime)" +.PP +Return the last modfication time for a cache collection. The query can be limited to a specific cache type. If the function return 0 and mtime is 0, there was no credentials in the caches. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context +.br +\fItype\fP The credential cache to probe, if NULL, all type are traversed. +.br +\fImtime\fP the last modification time, set to 0 on error. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return 0 or and error. See krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_validated_creds (krb5_context context, krb5_creds * creds, krb5_principal client, krb5_ccache ccache, char * service)" +.PP +Validate the newly fetch credential, see also krb5_verify_init_creds(). +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context +.br +\fIcreds\fP the credentials to verify +.br +\fIclient\fP the client name to match up +.br +\fIccache\fP the credential cache to use +.br +\fIservice\fP a service name to use, used with \fBkrb5_sname_to_principal()\fP to build a hostname to use to verify. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_is_config_principal (krb5_context context, krb5_const_principal principal)" +.PP +Return TRUE (non zero) if the principal is a configuration principal (generated part of \fBkrb5_cc_set_config()\fP). Returns FALSE (zero) if not a configuration principal. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIprincipal\fP principal to check if it a configuration principal +.RE +.PP + +.SH "Variable Documentation" +.PP +.SS "KRB5_LIB_VARIABLE const krb5_cc_ops \fBkrb5_acc_ops\fP" +.PP +\fBInitial value:\fP +.PP +.nf + { + KRB5_CC_OPS_VERSION, + 'API', + acc_get_name, + acc_resolve, + acc_gen_new, + acc_initialize, + acc_destroy, + acc_close, + acc_store_cred, + NULL, + acc_get_principal, + acc_get_first, + acc_get_next, + acc_end_get, + acc_remove_cred, + acc_set_flags, + acc_get_version, + acc_get_cache_first, + acc_get_cache_next, + acc_end_cache_get, + acc_move, + acc_get_default_name, + acc_set_default, + acc_lastchange, + NULL, + NULL, +} +.fi +Variable containing the API based credential cache implemention. +.SS "KRB5_LIB_VARIABLE const krb5_cc_ops \fBkrb5_fcc_ops\fP" +.PP +\fBInitial value:\fP +.PP +.nf + { + KRB5_CC_OPS_VERSION, + 'FILE', + fcc_get_name, + fcc_resolve, + fcc_gen_new, + fcc_initialize, + fcc_destroy, + fcc_close, + fcc_store_cred, + NULL, + fcc_get_principal, + fcc_get_first, + fcc_get_next, + fcc_end_get, + fcc_remove_cred, + fcc_set_flags, + fcc_get_version, + fcc_get_cache_first, + fcc_get_cache_next, + fcc_end_cache_get, + fcc_move, + fcc_get_default_name, + NULL, + fcc_lastchange, + fcc_set_kdc_offset, + fcc_get_kdc_offset +} +.fi +Variable containing the FILE based credential cache implemention. +.SS "KRB5_LIB_VARIABLE const krb5_cc_ops \fBkrb5_mcc_ops\fP" +.PP +\fBInitial value:\fP +.PP +.nf + { + KRB5_CC_OPS_VERSION, + 'MEMORY', + mcc_get_name, + mcc_resolve, + mcc_gen_new, + mcc_initialize, + mcc_destroy, + mcc_close, + mcc_store_cred, + NULL, + mcc_get_principal, + mcc_get_first, + mcc_get_next, + mcc_end_get, + mcc_remove_cred, + mcc_set_flags, + NULL, + mcc_get_cache_first, + mcc_get_cache_next, + mcc_end_cache_get, + mcc_move, + mcc_default_name, + NULL, + mcc_lastchange, + mcc_set_kdc_offset, + mcc_get_kdc_offset +} +.fi +Variable containing the MEMORY based credential cache implemention. diff --git a/doc/doxyout/krb5/man/man3/krb5_ccache_intro.3 b/doc/doxyout/krb5/man/man3/krb5_ccache_intro.3 new file mode 100644 index 000000000000..47e73dd6bedb --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ccache_intro.3 @@ -0,0 +1,69 @@ +.TH "krb5_ccache_intro" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +krb5_ccache_intro \- The credential cache functions +.SH "Kerberos credential caches" +.PP +krb5_ccache structure holds a Kerberos credential cache. +.PP +Heimdal support the follow types of credential caches: +.PP +.IP "\(bu" 2 +SCC Store the credential in a database +.IP "\(bu" 2 +FILE Store the credential in memory +.IP "\(bu" 2 +MEMORY Store the credential in memory +.IP "\(bu" 2 +API A credential cache server based solution for Mac OS X +.IP "\(bu" 2 +KCM A credential cache server based solution for all platforms +.PP +.SS "Example" +This is a minimalistic version of klist: +.PP +.nf +#include + +int +main (int argc, char **argv) +{ + krb5_context context; + krb5_cc_cursor cursor; + krb5_error_code ret; + krb5_ccache id; + krb5_creds creds; + + if (krb5_init_context (&context) != 0) + errx(1, 'krb5_context'); + + ret = krb5_cc_default (context, &id); + if (ret) + krb5_err(context, 1, ret, 'krb5_cc_default'); + + ret = krb5_cc_start_seq_get(context, id, &cursor); + if (ret) + krb5_err(context, 1, ret, 'krb5_cc_start_seq_get'); + + while((ret = krb5_cc_next_cred(context, id, &cursor, &creds)) == 0){ + char *principal; + + krb5_unparse_name(context, creds.server, &principal); + printf('principal: %s\\n', principal); + free(principal); + krb5_free_cred_contents (context, &creds); + } + ret = krb5_cc_end_seq_get(context, id, &cursor); + if (ret) + krb5_err(context, 1, ret, 'krb5_cc_end_seq_get'); + + krb5_cc_close(context, id); + + krb5_free_context(context); + return 0; +} + +.fi +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_cccol_cursor_free.3 b/doc/doxyout/krb5/man/man3/krb5_cccol_cursor_free.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cccol_cursor_free.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cccol_cursor_new.3 b/doc/doxyout/krb5/man/man3/krb5_cccol_cursor_new.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cccol_cursor_new.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cccol_cursor_next.3 b/doc/doxyout/krb5/man/man3/krb5_cccol_cursor_next.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cccol_cursor_next.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cccol_last_change_time.3 b/doc/doxyout/krb5/man/man3/krb5_cccol_last_change_time.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cccol_last_change_time.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_change_password.3 b/doc/doxyout/krb5/man/man3/krb5_change_password.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_change_password.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_cksumtype_to_enctype.3 b/doc/doxyout/krb5/man/man3/krb5_cksumtype_to_enctype.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_cksumtype_to_enctype.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_clear_error_message.3 b/doc/doxyout/krb5/man/man3/krb5_clear_error_message.3 new file mode 100644 index 000000000000..f721fda2cd4b --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_clear_error_message.3 @@ -0,0 +1 @@ +.so man3/krb5_error.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_clear_error_string.3 b/doc/doxyout/krb5/man/man3/krb5_clear_error_string.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_clear_error_string.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_compare_creds.3 b/doc/doxyout/krb5/man/man3/krb5_compare_creds.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_compare_creds.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_file_free.3 b/doc/doxyout/krb5/man/man3/krb5_config_file_free.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_file_free.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_free_strings.3 b/doc/doxyout/krb5/man/man3/krb5_config_free_strings.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_free_strings.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_get_bool.3 b/doc/doxyout/krb5/man/man3/krb5_config_get_bool.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_get_bool.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_get_bool_default.3 b/doc/doxyout/krb5/man/man3/krb5_config_get_bool_default.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_get_bool_default.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_get_list.3 b/doc/doxyout/krb5/man/man3/krb5_config_get_list.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_get_list.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_get_string.3 b/doc/doxyout/krb5/man/man3/krb5_config_get_string.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_get_string.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_get_string_default.3 b/doc/doxyout/krb5/man/man3/krb5_config_get_string_default.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_get_string_default.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_get_strings.3 b/doc/doxyout/krb5/man/man3/krb5_config_get_strings.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_get_strings.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_get_time.3 b/doc/doxyout/krb5/man/man3/krb5_config_get_time.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_get_time.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_get_time_default.3 b/doc/doxyout/krb5/man/man3/krb5_config_get_time_default.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_get_time_default.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_parse_file_multi.3 b/doc/doxyout/krb5/man/man3/krb5_config_parse_file_multi.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_parse_file_multi.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_parse_string_multi.3 b/doc/doxyout/krb5/man/man3/krb5_config_parse_string_multi.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_parse_string_multi.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_vget_bool.3 b/doc/doxyout/krb5/man/man3/krb5_config_vget_bool.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_vget_bool.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_vget_bool_default.3 b/doc/doxyout/krb5/man/man3/krb5_config_vget_bool_default.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_vget_bool_default.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_vget_list.3 b/doc/doxyout/krb5/man/man3/krb5_config_vget_list.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_vget_list.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_vget_string.3 b/doc/doxyout/krb5/man/man3/krb5_config_vget_string.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_vget_string.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_vget_string_default.3 b/doc/doxyout/krb5/man/man3/krb5_config_vget_string_default.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_vget_string_default.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_vget_strings.3 b/doc/doxyout/krb5/man/man3/krb5_config_vget_strings.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_vget_strings.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_vget_time.3 b/doc/doxyout/krb5/man/man3/krb5_config_vget_time.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_vget_time.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_config_vget_time_default.3 b/doc/doxyout/krb5/man/man3/krb5_config_vget_time_default.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_config_vget_time_default.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_copy_address.3 b/doc/doxyout/krb5/man/man3/krb5_copy_address.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_copy_address.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_copy_addresses.3 b/doc/doxyout/krb5/man/man3/krb5_copy_addresses.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_copy_addresses.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_copy_context.3 b/doc/doxyout/krb5/man/man3/krb5_copy_context.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_copy_context.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_copy_creds.3 b/doc/doxyout/krb5/man/man3/krb5_copy_creds.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_copy_creds.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_copy_creds_contents.3 b/doc/doxyout/krb5/man/man3/krb5_copy_creds_contents.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_copy_creds_contents.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_copy_data.3 b/doc/doxyout/krb5/man/man3/krb5_copy_data.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_copy_data.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_copy_host_realm.3 b/doc/doxyout/krb5/man/man3/krb5_copy_host_realm.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_copy_host_realm.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_copy_keyblock.3 b/doc/doxyout/krb5/man/man3/krb5_copy_keyblock.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_copy_keyblock.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_copy_keyblock_contents.3 b/doc/doxyout/krb5/man/man3/krb5_copy_keyblock_contents.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_copy_keyblock_contents.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_copy_principal.3 b/doc/doxyout/krb5/man/man3/krb5_copy_principal.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_copy_principal.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_copy_ticket.3 b/doc/doxyout/krb5/man/man3/krb5_copy_ticket.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_copy_ticket.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_create_checksum_iov.3 b/doc/doxyout/krb5/man/man3/krb5_create_checksum_iov.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_create_checksum_iov.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_credential.3 b/doc/doxyout/krb5/man/man3/krb5_credential.3 new file mode 100644 index 000000000000..3731387d9d1a --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_credential.3 @@ -0,0 +1,279 @@ +.TH "Heimdal Kerberos 5 credential handing functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 credential handing functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_fwd_tgt_creds\fP (krb5_context context, krb5_auth_context auth_context, const char *hostname, krb5_principal client, krb5_principal server, krb5_ccache ccache, int forwardable, krb5_data *out_data)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_forwarded_creds\fP (krb5_context context, krb5_auth_context auth_context, krb5_ccache ccache, krb5_flags flags, const char *hostname, krb5_creds *in_creds, krb5_data *out_data)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_init_creds_opt_alloc\fP (krb5_context context, krb5_get_init_creds_opt **opt)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_get_init_creds_opt_free\fP (krb5_context context, krb5_get_init_creds_opt *opt)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_init_creds_init\fP (krb5_context context, krb5_principal client, krb5_prompter_fct prompter, void *prompter_data, krb5_deltat start_time, krb5_get_init_creds_opt *options, krb5_init_creds_context *rctx)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_init_creds_set_service\fP (krb5_context context, krb5_init_creds_context ctx, const char *service)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_init_creds_set_password\fP (krb5_context context, krb5_init_creds_context ctx, const char *password)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_init_creds_set_keytab\fP (krb5_context context, krb5_init_creds_context ctx, krb5_keytab keytab)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_init_creds_step\fP (krb5_context context, krb5_init_creds_context ctx, krb5_data *in, krb5_data *out, krb5_krbhst_info *hostinfo, unsigned int *flags)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_init_creds_get_error\fP (krb5_context context, krb5_init_creds_context ctx, KRB_ERROR *error)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_init_creds_free\fP (krb5_context context, krb5_init_creds_context ctx)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_init_creds_get\fP (krb5_context context, krb5_init_creds_context ctx)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_init_creds_password\fP (krb5_context context, krb5_creds *creds, krb5_principal client, const char *password, krb5_prompter_fct prompter, void *data, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *options)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_init_creds_keyblock\fP (krb5_context context, krb5_creds *creds, krb5_principal client, krb5_keyblock *keyblock, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *options)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_init_creds_keytab\fP (krb5_context context, krb5_creds *creds, krb5_principal client, krb5_keytab keytab, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *options)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_fwd_tgt_creds (krb5_context context, krb5_auth_context auth_context, const char * hostname, krb5_principal client, krb5_principal server, krb5_ccache ccache, int forwardable, krb5_data * out_data)" +.PP +Forward credentials for client to host hostname , making them forwardable if forwardable, and returning the blob of data to sent in out_data. If hostname == NULL, pick it from server. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A kerberos 5 context. +.br +\fIauth_context\fP the auth context with the key to encrypt the out_data. +.br +\fIhostname\fP the host to forward the tickets too. +.br +\fIclient\fP the client to delegate from. +.br +\fIserver\fP the server to delegate the credential too. +.br +\fIccache\fP credential cache to use. +.br +\fIforwardable\fP make the forwarded ticket forwabledable. +.br +\fIout_data\fP the resulting credential. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_forwarded_creds (krb5_context context, krb5_auth_context auth_context, krb5_ccache ccache, krb5_flags flags, const char * hostname, krb5_creds * in_creds, krb5_data * out_data)" +.PP +Gets tickets forwarded to hostname. If the tickets that are forwarded are address-less, the forwarded tickets will also be address-less. +.PP +If the ticket have any address, hostname will be used for figure out the address to forward the ticket too. This since this might use DNS, its insecure and also doesn't represent configured all addresses of the host. For example, the host might have two adresses, one IPv4 and one IPv6 address where the later is not published in DNS. This IPv6 address might be used communications and thus the resulting ticket useless. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A kerberos 5 context. +.br +\fIauth_context\fP the auth context with the key to encrypt the out_data. +.br +\fIccache\fP credential cache to use +.br +\fIflags\fP the flags to control the resulting ticket flags +.br +\fIhostname\fP the host to forward the tickets too. +.br +\fIin_creds\fP the in client and server ticket names. The client and server components forwarded to the remote host. +.br +\fIout_data\fP the resulting credential. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.PP +Some older of the MIT gssapi library used clear-text tickets (warped inside AP-REQ encryption), use the krb5_auth_context flag KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED to support those tickets. The session key is used otherwise to encrypt the forwarded ticket. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_keyblock (krb5_context context, krb5_creds * creds, krb5_principal client, krb5_keyblock * keyblock, krb5_deltat start_time, const char * in_tkt_service, krb5_get_init_creds_opt * options)" +.PP +Get new credentials using keyblock. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_keytab (krb5_context context, krb5_creds * creds, krb5_principal client, krb5_keytab keytab, krb5_deltat start_time, const char * in_tkt_service, krb5_get_init_creds_opt * options)" +.PP +Get new credentials using keytab. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_alloc (krb5_context context, krb5_get_init_creds_opt ** opt)" +.PP +Allocate a new krb5_get_init_creds_opt structure, free with \fBkrb5_get_init_creds_opt_free()\fP. +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_free (krb5_context context, krb5_get_init_creds_opt * opt)" +.PP +Free krb5_get_init_creds_opt structure. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_password (krb5_context context, krb5_creds * creds, krb5_principal client, const char * password, krb5_prompter_fct prompter, void * data, krb5_deltat start_time, const char * in_tkt_service, krb5_get_init_creds_opt * options)" +.PP +Get new credentials using password. +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_init_creds_free (krb5_context context, krb5_init_creds_context ctx)" +.PP +Free the krb5_init_creds_context allocated by \fBkrb5_init_creds_init()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIctx\fP The krb5_init_creds_context to free. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_get (krb5_context context, krb5_init_creds_context ctx)" +.PP +Get new credentials as setup by the krb5_init_creds_context. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIctx\fP The krb5_init_creds_context to process. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_get_error (krb5_context context, krb5_init_creds_context ctx, KRB_ERROR * error)" +.PP +Get the last error from the transaction. +.PP +\fBReturns:\fP +.RS 4 +Returns 0 or an error code +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_init (krb5_context context, krb5_principal client, krb5_prompter_fct prompter, void * prompter_data, krb5_deltat start_time, krb5_get_init_creds_opt * options, krb5_init_creds_context * rctx)" +.PP +Start a new context to get a new initial credential. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIclient\fP The Kerberos principal to get the credential for, if NULL is given, the default principal is used as determined by krb5_get_default_principal(). +.br +\fIprompter\fP +.br +\fIprompter_data\fP +.br +\fIstart_time\fP the time the ticket should start to be valid or 0 for now. +.br +\fIoptions\fP a options structure, can be NULL for default options. +.br +\fIrctx\fP A new allocated free with \fBkrb5_init_creds_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success or an Kerberos 5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_set_keytab (krb5_context context, krb5_init_creds_context ctx, krb5_keytab keytab)" +.PP +Set the keytab to use for authentication. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context. +.br +\fIctx\fP ctx krb5_init_creds_context context. +.br +\fIkeytab\fP the keytab to read the key from. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_set_password (krb5_context context, krb5_init_creds_context ctx, const char * password)" +.PP +Sets the password that will use for the request. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context. +.br +\fIctx\fP ctx krb5_init_creds_context context. +.br +\fIpassword\fP the password to use. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_set_service (krb5_context context, krb5_init_creds_context ctx, const char * service)" +.PP +Sets the service that the is requested. This call is only neede for special initial tickets, by default the a krbtgt is fetched in the default realm. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context. +.br +\fIctx\fP a krb5_init_creds_context context. +.br +\fIservice\fP the service given as a string, for example 'kadmind/admin'. If NULL, the default krbtgt in the clients realm is set. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_step (krb5_context context, krb5_init_creds_context ctx, krb5_data * in, krb5_data * out, krb5_krbhst_info * hostinfo, unsigned int * flags)" +.PP +The core loop if krb5_get_init_creds() function family. Create the packets and have the caller send them off to the KDC. +.PP +If the caller want all work been done for them, use \fBkrb5_init_creds_get()\fP instead. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context. +.br +\fIctx\fP ctx krb5_init_creds_context context. +.br +\fIin\fP input data from KDC, first round it should be reset by krb5_data_zer(). +.br +\fIout\fP reply to KDC. +.br +\fIhostinfo\fP KDC address info, first round it can be NULL. +.br +\fIflags\fP status of the round, if KRB5_INIT_CREDS_STEP_FLAG_CONTINUE is set, continue one more round. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_creds_get_ticket_flags.3 b/doc/doxyout/krb5/man/man3/krb5_creds_get_ticket_flags.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_creds_get_ticket_flags.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_crypto.3 b/doc/doxyout/krb5/man/man3/krb5_crypto.3 new file mode 100644 index 000000000000..bc66ab27d85a --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_crypto.3 @@ -0,0 +1,550 @@ +.TH "Heimdal Kerberos 5 cryptography functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 cryptography functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_enctype_valid\fP (krb5_context context, krb5_enctype etype)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_cksumtype_to_enctype\fP (krb5_context context, krb5_cksumtype ctype, krb5_enctype *etype)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_encrypt_iov_ivec\fP (krb5_context context, krb5_crypto crypto, unsigned usage, \fBkrb5_crypto_iov\fP *data, int num_data, void *ivec)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_decrypt_iov_ivec\fP (krb5_context context, krb5_crypto crypto, unsigned usage, \fBkrb5_crypto_iov\fP *data, unsigned int num_data, void *ivec)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_create_checksum_iov\fP (krb5_context context, krb5_crypto crypto, unsigned usage, \fBkrb5_crypto_iov\fP *data, unsigned int num_data, krb5_cksumtype *type)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_verify_checksum_iov\fP (krb5_context context, krb5_crypto crypto, unsigned usage, \fBkrb5_crypto_iov\fP *data, unsigned int num_data, krb5_cksumtype *type)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_crypto_init\fP (krb5_context context, const krb5_keyblock *key, krb5_enctype etype, krb5_crypto *crypto)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_crypto_destroy\fP (krb5_context context, krb5_crypto crypto)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_crypto_getblocksize\fP (krb5_context context, krb5_crypto crypto, size_t *blocksize)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_crypto_getenctype\fP (krb5_context context, krb5_crypto crypto, krb5_enctype *enctype)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_crypto_getpadsize\fP (krb5_context context, krb5_crypto crypto, size_t *padsize)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_crypto_getconfoundersize\fP (krb5_context context, krb5_crypto crypto, size_t *confoundersize)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_enctype_disable\fP (krb5_context context, krb5_enctype enctype)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_enctype_enable\fP (krb5_context context, krb5_enctype enctype)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_allow_weak_crypto\fP (krb5_context context, krb5_boolean enable)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_random_to_key\fP (krb5_context context, krb5_enctype type, const void *data, size_t size, krb5_keyblock *key)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_crypto_fx_cf2\fP (krb5_context context, const krb5_crypto crypto1, const krb5_crypto crypto2, krb5_data *pepper1, krb5_data *pepper2, krb5_enctype enctype, krb5_keyblock *res)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_generate_subkey_extended\fP (krb5_context context, const krb5_keyblock *key, krb5_enctype etype, krb5_keyblock **subkey)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_keyblock_zero\fP (krb5_keyblock *keyblock)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_free_keyblock_contents\fP (krb5_context context, krb5_keyblock *keyblock)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_free_keyblock\fP (krb5_context context, krb5_keyblock *keyblock)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_copy_keyblock_contents\fP (krb5_context context, const krb5_keyblock *inblock, krb5_keyblock *to)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_copy_keyblock\fP (krb5_context context, const krb5_keyblock *inblock, krb5_keyblock **to)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL \fBkrb5_keyblock_get_enctype\fP (const krb5_keyblock *block)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_keyblock_init\fP (krb5_context context, krb5_enctype type, const void *data, size_t size, krb5_keyblock *key)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_allow_weak_crypto (krb5_context context, krb5_boolean enable)" +.PP +Enable or disable all weak encryption types +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIenable\fP true to enable, false to disable +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cksumtype_to_enctype (krb5_context context, krb5_cksumtype ctype, krb5_enctype * etype)" +.PP +Return the coresponding encryption type for a checksum type. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIctype\fP The checksum type to get the result enctype for +.br +\fIetype\fP The returned encryption, when the matching etype is not found, etype is set to ETYPE_NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code for an failure or 0 on success. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_keyblock (krb5_context context, const krb5_keyblock * inblock, krb5_keyblock ** to)" +.PP +Copy a keyblock, free the output keyblock with \fBkrb5_free_keyblock()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context +.br +\fIinblock\fP the key to copy +.br +\fIto\fP the output key. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success or a Kerberos 5 error code +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_keyblock_contents (krb5_context context, const krb5_keyblock * inblock, krb5_keyblock * to)" +.PP +Copy a keyblock, free the output keyblock with \fBkrb5_free_keyblock_contents()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context +.br +\fIinblock\fP the key to copy +.br +\fIto\fP the output key. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success or a Kerberos 5 error code +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_create_checksum_iov (krb5_context context, krb5_crypto crypto, unsigned usage, \fBkrb5_crypto_iov\fP * data, unsigned int num_data, krb5_cksumtype * type)" +.PP +Create a Kerberos message checksum. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIcrypto\fP Kerberos crypto context +.br +\fIusage\fP Key usage for this buffer +.br +\fIdata\fP array of buffers to process +.br +\fInum_data\fP length of array +.br +\fItype\fP output data +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_destroy (krb5_context context, krb5_crypto crypto)" +.PP +Free a crypto context created by \fBkrb5_crypto_init()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIcrypto\fP crypto context to free +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_fx_cf2 (krb5_context context, const krb5_crypto crypto1, const krb5_crypto crypto2, krb5_data * pepper1, krb5_data * pepper2, krb5_enctype enctype, krb5_keyblock * res)" +.PP +The FX-CF2 key derivation function, used in FAST and preauth framework. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIcrypto1\fP first key to combine +.br +\fIcrypto2\fP second key to combine +.br +\fIpepper1\fP factor to combine with first key to garante uniqueness +.br +\fIpepper2\fP factor to combine with second key to garante uniqueness +.br +\fIenctype\fP the encryption type of the resulting key +.br +\fIres\fP allocated key, free with \fBkrb5_free_keyblock_contents()\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getblocksize (krb5_context context, krb5_crypto crypto, size_t * blocksize)" +.PP +Return the blocksize used algorithm referenced by the crypto context +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIcrypto\fP crypto context to query +.br +\fIblocksize\fP the resulting blocksize +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getconfoundersize (krb5_context context, krb5_crypto crypto, size_t * confoundersize)" +.PP +Return the confounder size used by the crypto context +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIcrypto\fP crypto context to query +.br +\fIconfoundersize\fP the returned confounder size +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getenctype (krb5_context context, krb5_crypto crypto, krb5_enctype * enctype)" +.PP +Return the encryption type used by the crypto context +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIcrypto\fP crypto context to query +.br +\fIenctype\fP the resulting encryption type +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getpadsize (krb5_context context, krb5_crypto crypto, size_t * padsize)" +.PP +Return the padding size used by the crypto context +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIcrypto\fP crypto context to query +.br +\fIpadsize\fP the return padding size +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_init (krb5_context context, const krb5_keyblock * key, krb5_enctype etype, krb5_crypto * crypto)" +.PP +Create a crypto context used for all encryption and signature operation. The encryption type to use is taken from the key, but can be overridden with the enctype parameter. This can be useful for encryptions types which is compatiable (DES for example). +.PP +To free the crypto context, use \fBkrb5_crypto_destroy()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIkey\fP the key block information with all key data +.br +\fIetype\fP the encryption type +.br +\fIcrypto\fP the resulting crypto context +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decrypt_iov_ivec (krb5_context context, krb5_crypto crypto, unsigned usage, \fBkrb5_crypto_iov\fP * data, unsigned int num_data, void * ivec)" +.PP +Inline decrypt a Kerberos message. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIcrypto\fP Kerberos crypto context +.br +\fIusage\fP Key usage for this buffer +.br +\fIdata\fP array of buffers to process +.br +\fInum_data\fP length of array +.br +\fIivec\fP initial cbc/cts vector +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP +1. KRB5_CRYPTO_TYPE_HEADER 2. one KRB5_CRYPTO_TYPE_DATA and array [0,...] of KRB5_CRYPTO_TYPE_SIGN_ONLY in any order, however the receiver have to aware of the order. KRB5_CRYPTO_TYPE_SIGN_ONLY is commonly used unencrypoted protocol headers and trailers. The output data will be of same size as the input data or shorter. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encrypt_iov_ivec (krb5_context context, krb5_crypto crypto, unsigned usage, \fBkrb5_crypto_iov\fP * data, int num_data, void * ivec)" +.PP +Inline encrypt a kerberos message +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIcrypto\fP Kerberos crypto context +.br +\fIusage\fP Key usage for this buffer +.br +\fIdata\fP array of buffers to process +.br +\fInum_data\fP length of array +.br +\fIivec\fP initial cbc/cts vector +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP +Kerberos encrypted data look like this: +.PP +1. KRB5_CRYPTO_TYPE_HEADER 2. array [1,...] KRB5_CRYPTO_TYPE_DATA and array [0,...] KRB5_CRYPTO_TYPE_SIGN_ONLY in any order, however the receiver have to aware of the order. KRB5_CRYPTO_TYPE_SIGN_ONLY is commonly used headers and trailers. 3. KRB5_CRYPTO_TYPE_PADDING, at least on padsize long if padsize > 1 4. KRB5_CRYPTO_TYPE_TRAILER +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_disable (krb5_context context, krb5_enctype enctype)" +.PP +Disable encryption type +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIenctype\fP encryption type to disable +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_enable (krb5_context context, krb5_enctype enctype)" +.PP +Enable encryption type +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIenctype\fP encryption type to enable +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_valid (krb5_context context, krb5_enctype etype)" +.PP +Check if a enctype is valid, return 0 if it is. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIetype\fP enctype to check if its valid or not +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code for an failure or 0 on success (enctype valid). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_keyblock (krb5_context context, krb5_keyblock * keyblock)" +.PP +Free a keyblock, also zero out the content of the keyblock, uses \fBkrb5_free_keyblock_contents()\fP to free the content. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context +.br +\fIkeyblock\fP keyblock to free, NULL is valid argument +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_keyblock_contents (krb5_context context, krb5_keyblock * keyblock)" +.PP +Free a keyblock's content, also zero out the content of the keyblock. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context +.br +\fIkeyblock\fP keyblock content to free, NULL is valid argument +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_generate_subkey_extended (krb5_context context, const krb5_keyblock * key, krb5_enctype etype, krb5_keyblock ** subkey)" +.PP +Generate subkey, from keyblock +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP kerberos context +.br +\fIkey\fP session key +.br +\fIetype\fP encryption type of subkey, if ETYPE_NULL, use key's enctype +.br +\fIsubkey\fP returned new, free with \fBkrb5_free_keyblock()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success or a Kerberos 5 error code +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL krb5_keyblock_get_enctype (const krb5_keyblock * block)" +.PP +Get encryption type of a keyblock. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keyblock_init (krb5_context context, krb5_enctype type, const void * data, size_t size, krb5_keyblock * key)" +.PP +Fill in `key' with key data of type `enctype' from `data' of length `size'. Key should be freed using \fBkrb5_free_keyblock_contents()\fP. +.PP +\fBReturns:\fP +.RS 4 +0 on success or a Kerberos 5 error code +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_keyblock_zero (krb5_keyblock * keyblock)" +.PP +Zero out a keyblock +.PP +\fBParameters:\fP +.RS 4 +\fIkeyblock\fP keyblock to zero out +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_random_to_key (krb5_context context, krb5_enctype type, const void * data, size_t size, krb5_keyblock * key)" +.PP +Converts the random bytestring to a protocol key according to Kerberos crypto frame work. It may be assumed that all the bits of the input string are equally random, even though the entropy present in the random source may be limited. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fItype\fP the enctype resulting key will be of +.br +\fIdata\fP input random data to convert to a key +.br +\fIsize\fP size of input random data, at least krb5_enctype_keysize() long +.br +\fIkey\fP key, output key, free with \fBkrb5_free_keyblock_contents()\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_checksum_iov (krb5_context context, krb5_crypto crypto, unsigned usage, \fBkrb5_crypto_iov\fP * data, unsigned int num_data, krb5_cksumtype * type)" +.PP +Verify a Kerberos message checksum. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIcrypto\fP Kerberos crypto context +.br +\fIusage\fP Key usage for this buffer +.br +\fIdata\fP array of buffers to process +.br +\fInum_data\fP length of array +.br +\fItype\fP return checksum type if not NULL +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_crypto_destroy.3 b/doc/doxyout/krb5/man/man3/krb5_crypto_destroy.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_crypto_destroy.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_crypto_fx_cf2.3 b/doc/doxyout/krb5/man/man3/krb5_crypto_fx_cf2.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_crypto_fx_cf2.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_crypto_getblocksize.3 b/doc/doxyout/krb5/man/man3/krb5_crypto_getblocksize.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_crypto_getblocksize.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_crypto_getconfoundersize.3 b/doc/doxyout/krb5/man/man3/krb5_crypto_getconfoundersize.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_crypto_getconfoundersize.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_crypto_getenctype.3 b/doc/doxyout/krb5/man/man3/krb5_crypto_getenctype.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_crypto_getenctype.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_crypto_getpadsize.3 b/doc/doxyout/krb5/man/man3/krb5_crypto_getpadsize.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_crypto_getpadsize.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_crypto_init.3 b/doc/doxyout/krb5/man/man3/krb5_crypto_init.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_crypto_init.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_crypto_iov.3 b/doc/doxyout/krb5/man/man3/krb5_crypto_iov.3 new file mode 100644 index 000000000000..f63737d7e7a4 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_crypto_iov.3 @@ -0,0 +1,17 @@ +.TH "krb5_crypto_iov" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +krb5_crypto_iov \- +.SH SYNOPSIS +.br +.PP +\fC#include \fP +.PP +.SH "Detailed Description" +.PP +Semi private, not stable yet + +.SH "Author" +.PP +Generated automatically by Doxygen for HeimdalKerberos5library from the source code. diff --git a/doc/doxyout/krb5/man/man3/krb5_data_alloc.3 b/doc/doxyout/krb5/man/man3/krb5_data_alloc.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_data_alloc.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_data_cmp.3 b/doc/doxyout/krb5/man/man3/krb5_data_cmp.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_data_cmp.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_data_copy.3 b/doc/doxyout/krb5/man/man3/krb5_data_copy.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_data_copy.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_data_ct_cmp.3 b/doc/doxyout/krb5/man/man3/krb5_data_ct_cmp.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_data_ct_cmp.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_data_free.3 b/doc/doxyout/krb5/man/man3/krb5_data_free.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_data_free.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_data_realloc.3 b/doc/doxyout/krb5/man/man3/krb5_data_realloc.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_data_realloc.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_data_zero.3 b/doc/doxyout/krb5/man/man3/krb5_data_zero.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_data_zero.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_decrypt_iov_ivec.3 b/doc/doxyout/krb5/man/man3/krb5_decrypt_iov_ivec.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_decrypt_iov_ivec.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_deprecated.3 b/doc/doxyout/krb5/man/man3/krb5_deprecated.3 new file mode 100644 index 000000000000..79755ee73f22 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_deprecated.3 @@ -0,0 +1,269 @@ +.TH "Heimdal Kerberos 5 deprecated functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 deprecated functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_change_password\fP (krb5_context context, krb5_creds *creds, const char *newpw, int *result_code, krb5_data *result_code_string, krb5_data *result_string) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_config_parse_string_multi\fP (krb5_context context, const char *string, krb5_config_section **res) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_keytype_to_enctypes\fP (krb5_context context, krb5_keytype keytype, unsigned *len, krb5_enctype **val) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_enctypes_compatible_keys\fP (krb5_context context, krb5_enctype etype1, krb5_enctype etype2) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_free_data_contents\fP (krb5_context context, krb5_data *data) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_keytype_to_enctypes_default\fP (krb5_context context, krb5_keytype keytype, unsigned *len, krb5_enctype **val) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_keytype_to_string\fP (krb5_context context, krb5_keytype keytype, char **string) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_string_to_keytype\fP (krb5_context context, const char *string, krb5_keytype *keytype) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV \fBkrb5_password_key_proc\fP (krb5_context context, krb5_enctype type, krb5_salt salt, krb5_const_pointer keyseed, krb5_keyblock **key) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_in_tkt_with_password\fP (krb5_context context, krb5_flags options, krb5_addresses *addrs, const krb5_enctype *etypes, const krb5_preauthtype *pre_auth_types, const char *password, krb5_ccache ccache, krb5_creds *creds, krb5_kdc_rep *ret_as_reply) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_in_tkt_with_skey\fP (krb5_context context, krb5_flags options, krb5_addresses *addrs, const krb5_enctype *etypes, const krb5_preauthtype *pre_auth_types, const krb5_keyblock *key, krb5_ccache ccache, krb5_creds *creds, krb5_kdc_rep *ret_as_reply) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV \fBkrb5_keytab_key_proc\fP (krb5_context context, krb5_enctype enctype, krb5_salt salt, krb5_const_pointer keyseed, krb5_keyblock **key) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_in_tkt_with_keytab\fP (krb5_context context, krb5_flags options, krb5_addresses *addrs, const krb5_enctype *etypes, const krb5_preauthtype *pre_auth_types, krb5_keytab keytab, krb5_ccache ccache, krb5_creds *creds, krb5_kdc_rep *ret_as_reply) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_realm *KRB5_LIB_CALL \fBkrb5_princ_realm\fP (krb5_context context, krb5_principal principal) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_princ_set_realm\fP (krb5_context context, krb5_principal principal, krb5_realm *realm) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_free_creds_contents\fP (krb5_context context, krb5_creds *c) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_free_error_string\fP (krb5_context context, char *str) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_set_error_string\fP (krb5_context context, const char *fmt,...) __attribute__((format(printf" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_vset_error_string\fP (krb5_context context, const char *fmt, va_list args) __attribute__((format(printf" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_clear_error_string\fP (krb5_context context) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_cred_from_kdc_opt\fP (krb5_context context, krb5_ccache ccache, krb5_creds *in_creds, krb5_creds **out_creds, krb5_creds ***ret_tgts, krb5_flags flags) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_cred_from_kdc\fP (krb5_context context, krb5_ccache ccache, krb5_creds *in_creds, krb5_creds **out_creds, krb5_creds ***ret_tgts) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_free_unparsed_name\fP (krb5_context context, char *str) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_generate_subkey\fP (krb5_context context, const krb5_keyblock *key, krb5_keyblock **subkey) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_auth_getremoteseqnumber\fP (krb5_context context, krb5_auth_context auth_context, int32_t *seqnumber) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_get_init_creds_opt_init\fP (krb5_get_init_creds_opt *opt) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_get_init_creds_opt_get_error\fP (krb5_context context, krb5_get_init_creds_opt *opt, KRB_ERROR **error) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_c_enctype_compare\fP (krb5_context context, krb5_enctype e1, krb5_enctype e2, krb5_boolean *similar) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_getremoteseqnumber (krb5_context context, krb5_auth_context auth_context, int32_t * seqnumber)" +.PP +Deprecated: use krb5_auth_con_getremoteseqnumber() +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_enctype_compare (krb5_context context, krb5_enctype e1, krb5_enctype e2, krb5_boolean * similar)" +.PP +Deprecated: keytypes doesn't exists, they are really enctypes. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_change_password (krb5_context context, krb5_creds * creds, const char * newpw, int * result_code, krb5_data * result_code_string, krb5_data * result_string)" +.PP +Deprecated: \fBkrb5_change_password()\fP is deprecated, use \fBkrb5_set_password()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIcreds\fP +.br +\fInewpw\fP +.br +\fIresult_code\fP +.br +\fIresult_code_string\fP +.br +\fIresult_string\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +On sucess password is changed. +.RE +.PP +@ +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_clear_error_string (krb5_context context)" +.PP +Clear the error message returned by krb5_get_error_string(). +.PP +Deprecated: use \fBkrb5_clear_error_message()\fP +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_parse_string_multi (krb5_context context, const char * string, krb5_config_section ** res)" +.PP +Deprecated: configuration files are not strings +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_enctypes_compatible_keys (krb5_context context, krb5_enctype etype1, krb5_enctype etype2)" +.PP +Deprecated: keytypes doesn't exists, they are really enctypes. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_creds_contents (krb5_context context, krb5_creds * c)" +.PP +Deprecated: use \fBkrb5_free_cred_contents()\fP +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_data_contents (krb5_context context, krb5_data * data)" +.PP +Same as \fBkrb5_data_free()\fP. MIT compat. +.PP +Deprecated: use \fBkrb5_data_free()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIdata\fP krb5_data to free. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_error_string (krb5_context context, char * str)" +.PP +Free the error message returned by krb5_get_error_string(). +.PP +Deprecated: use krb5_free_error_message() +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIstr\fP error message to free +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_unparsed_name (krb5_context context, char * str)" +.PP +Deprecated: use krb5_xfree(). +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_generate_subkey (krb5_context context, const krb5_keyblock * key, krb5_keyblock ** subkey)" +.PP +Deprecated: use \fBkrb5_generate_subkey_extended()\fP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_cred_from_kdc (krb5_context context, krb5_ccache ccache, krb5_creds * in_creds, krb5_creds ** out_creds, krb5_creds *** ret_tgts)" +.PP +Deprecated: use krb5_get_credentials_with_flags(). +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_cred_from_kdc_opt (krb5_context context, krb5_ccache ccache, krb5_creds * in_creds, krb5_creds ** out_creds, krb5_creds *** ret_tgts, krb5_flags flags)" +.PP +Deprecated: use krb5_get_credentials_with_flags(). +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt_with_keytab (krb5_context context, krb5_flags options, krb5_addresses * addrs, const krb5_enctype * etypes, const krb5_preauthtype * pre_auth_types, krb5_keytab keytab, krb5_ccache ccache, krb5_creds * creds, krb5_kdc_rep * ret_as_reply)" +.PP +Deprecated: use krb5_get_init_creds() and friends. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt_with_password (krb5_context context, krb5_flags options, krb5_addresses * addrs, const krb5_enctype * etypes, const krb5_preauthtype * pre_auth_types, const char * password, krb5_ccache ccache, krb5_creds * creds, krb5_kdc_rep * ret_as_reply)" +.PP +Deprecated: use krb5_get_init_creds() and friends. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt_with_skey (krb5_context context, krb5_flags options, krb5_addresses * addrs, const krb5_enctype * etypes, const krb5_preauthtype * pre_auth_types, const krb5_keyblock * key, krb5_ccache ccache, krb5_creds * creds, krb5_kdc_rep * ret_as_reply)" +.PP +Deprecated: use krb5_get_init_creds() and friends. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_get_error (krb5_context context, krb5_get_init_creds_opt * opt, KRB_ERROR ** error)" +.PP +Deprecated: use the new \fBkrb5_init_creds_init()\fP and \fBkrb5_init_creds_get_error()\fP. +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_init (krb5_get_init_creds_opt * opt)" +.PP +Deprecated: use \fBkrb5_get_init_creds_opt_alloc()\fP. +.PP +The reason \fBkrb5_get_init_creds_opt_init()\fP is deprecated is that krb5_get_init_creds_opt is a static structure and for ABI reason it can't grow, ie can't add new functionality. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV krb5_keytab_key_proc (krb5_context context, krb5_enctype enctype, krb5_salt salt, krb5_const_pointer keyseed, krb5_keyblock ** key)" +.PP +Deprecated: use krb5_get_init_creds() and friends. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keytype_to_enctypes (krb5_context context, krb5_keytype keytype, unsigned * len, krb5_enctype ** val)" +.PP +Deprecated: keytypes doesn't exists, they are really enctypes. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keytype_to_enctypes_default (krb5_context context, krb5_keytype keytype, unsigned * len, krb5_enctype ** val)" +.PP +Deprecated: keytypes doesn't exists, they are really enctypes. +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keytype_to_string (krb5_context context, krb5_keytype keytype, char ** string)" +.PP +Deprecated: keytypes doesn't exists, they are really enctypes in most cases, use krb5_enctype_to_string(). +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV krb5_password_key_proc (krb5_context context, krb5_enctype type, krb5_salt salt, krb5_const_pointer keyseed, krb5_keyblock ** key)" +.PP +Deprecated: use krb5_get_init_creds() and friends. +.SS "KRB5_LIB_FUNCTION krb5_realm* KRB5_LIB_CALL krb5_princ_realm (krb5_context context, krb5_principal principal)" +.PP +Deprecated: use \fBkrb5_principal_get_realm()\fP +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_princ_set_realm (krb5_context context, krb5_principal principal, krb5_realm * realm)" +.PP +Deprecated: use \fBkrb5_principal_set_realm()\fP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_error_string (krb5_context context, const char * fmt, ...)" +.PP +Set the error message returned by krb5_get_error_string(). +.PP +Deprecated: use krb5_get_error_message() +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIfmt\fP error message to free +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_keytype (krb5_context context, const char * string, krb5_keytype * keytype)" +.PP +Deprecated: keytypes doesn't exists, they are really enctypes in most cases, use krb5_string_to_enctype(). +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vset_error_string (krb5_context context, const char * fmt, va_list args)" +.PP +Set the error message returned by krb5_get_error_string(), deprecated, use \fBkrb5_set_error_message()\fP. +.PP +Deprecated: use krb5_vset_error_message() +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fImsg\fP error message to free +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_digest.3 b/doc/doxyout/krb5/man/man3/krb5_digest.3 new file mode 100644 index 000000000000..4913f6cd7728 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_digest.3 @@ -0,0 +1,38 @@ +.TH "Heimdal Kerberos 5 digest service" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 digest service \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_digest_probe\fP (krb5_context context, krb5_realm realm, krb5_ccache ccache, unsigned *flags)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_probe (krb5_context context, krb5_realm realm, krb5_ccache ccache, unsigned * flags)" +.PP +Get the supported/allowed mechanism for this principal. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Keberos context. +.br +\fIrealm\fP The realm of the KDC. +.br +\fIccache\fP The credential cache to use when talking to the KDC. +.br +\fIflags\fP The supported mechanism. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_digest_probe.3 b/doc/doxyout/krb5/man/man3/krb5_digest_probe.3 new file mode 100644 index 000000000000..d7f12b174eb0 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_digest_probe.3 @@ -0,0 +1 @@ +.so man3/krb5_digest.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_eai_to_heim_errno.3 b/doc/doxyout/krb5/man/man3/krb5_eai_to_heim_errno.3 new file mode 100644 index 000000000000..f721fda2cd4b --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_eai_to_heim_errno.3 @@ -0,0 +1 @@ +.so man3/krb5_error.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_encrypt_iov_ivec.3 b/doc/doxyout/krb5/man/man3/krb5_encrypt_iov_ivec.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_encrypt_iov_ivec.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_enctype_disable.3 b/doc/doxyout/krb5/man/man3/krb5_enctype_disable.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_enctype_disable.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_enctype_enable.3 b/doc/doxyout/krb5/man/man3/krb5_enctype_enable.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_enctype_enable.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_enctype_valid.3 b/doc/doxyout/krb5/man/man3/krb5_enctype_valid.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_enctype_valid.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_enctypes_compatible_keys.3 b/doc/doxyout/krb5/man/man3/krb5_enctypes_compatible_keys.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_enctypes_compatible_keys.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_error.3 b/doc/doxyout/krb5/man/man3/krb5_error.3 new file mode 100644 index 000000000000..3731464ae484 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_error.3 @@ -0,0 +1,105 @@ +.TH "Heimdal Kerberos 5 error reporting functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 error reporting functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_eai_to_heim_errno\fP (int eai_errno, int system_error)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_h_errno_to_heim_errno\fP (int eai_errno)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_clear_error_message\fP (krb5_context context)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_set_error_message\fP (krb5_context context, krb5_error_code ret, const char *fmt,...) __attribute__((format(printf" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_vwarn\fP (krb5_context context, krb5_error_code code, const char *fmt, va_list ap) __attribute__((format(printf" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_clear_error_message (krb5_context context)" +.PP +Clears the error message from the Kerberos 5 context. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP The Kerberos 5 context to clear +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_eai_to_heim_errno (int eai_errno, int system_error)" +.PP +Convert the getaddrinfo() error code to a Kerberos et error code. +.PP +\fBParameters:\fP +.RS 4 +\fIeai_errno\fP contains the error code from getaddrinfo(). +.br +\fIsystem_error\fP should have the value of errno after the failed getaddrinfo(). +.RE +.PP +\fBReturns:\fP +.RS 4 +Kerberos error code representing the EAI errors. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_h_errno_to_heim_errno (int eai_errno)" +.PP +Convert the gethostname() error code (h_error) to a Kerberos et error code. +.PP +\fBParameters:\fP +.RS 4 +\fIeai_errno\fP contains the error code from gethostname(). +.RE +.PP +\fBReturns:\fP +.RS 4 +Kerberos error code representing the gethostname errors. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_error_message (krb5_context context, krb5_error_code ret, const char * fmt, ...)" +.PP +Set the context full error string for a specific error code. The error that is stored should be internationalized. +.PP +The if context is NULL, no error string is stored. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIret\fP The error code +.br +\fIfmt\fP Error string for the error code +.br +\fI...\fP printf(3) style parameters. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vwarn (krb5_context context, krb5_error_code code, const char * fmt, va_list ap)" +.PP +Log a warning to the log, default stderr, include the error from the last failure. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIcode\fP error code of the last error +.br +\fIfmt\fP message to print +.br +\fIap\fP arguments +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_expand_hostname.3 b/doc/doxyout/krb5/man/man3/krb5_expand_hostname.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_expand_hostname.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_expand_hostname_realms.3 b/doc/doxyout/krb5/man/man3/krb5_expand_hostname_realms.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_expand_hostname_realms.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_fcc_ops.3 b/doc/doxyout/krb5/man/man3/krb5_fcc_ops.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_fcc_ops.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_fileformats.3 b/doc/doxyout/krb5/man/man3/krb5_fileformats.3 new file mode 100644 index 000000000000..6a106ca9e34d --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_fileformats.3 @@ -0,0 +1,233 @@ +.TH "krb5_fileformats" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +krb5_fileformats \- File formats +.SH "File formats" +.PP +This section documents the diffrent file formats that are used in Heimdal and other Kerberos implementations. +.SS "keytab" +The keytab binary format is not a standard format. The format has evolved and may continue to. It is however understood by several Kerberos implementations including Heimdal, MIT, Sun's Java ktab and are created by the ktpass.exe utility from Windows. So it has established itself as the defacto format for storing Kerberos keys. +.PP +The following C-like structure definitions illustrate the MIT keytab file format. All values are in network byte order. All text is ASCII. +.PP +.PP +.nf + keytab { + uint16_t file_format_version; # 0x502 + keytab_entry entries[*]; + }; + + keytab_entry { + int32_t size; + uint16_t num_components; # subtract 1 if version 0x501 + counted_octet_string realm; + counted_octet_string components[num_components]; + uint32_t name_type; # not present if version 0x501 + uint32_t timestamp; + uint8_t vno8; + keyblock key; + uint32_t vno; #only present if >= 4 bytes left in entry + uint32_t flags; #only present if >= 4 bytes left in entry + }; + + counted_octet_string { + uint16_t length; + uint8_t data[length]; + }; + + keyblock { + uint16_t type; + counted_octet_string; + }; +.fi +.PP +.PP +All numbers are stored in network byteorder (big endian) format. +.PP +The keytab file format begins with the 16 bit file_format_version which at the time this document was authored is 0x502. The format of older keytabs is described at the end of this document. +.PP +The file_format_version is immediately followed by an array of keytab_entry structures which are prefixed with a 32 bit size indicating the number of bytes that follow in the entry. Note that the size should be evaluated as signed. This is because a negative value indicates that the entry is in fact empty (e.g. it has been deleted) and that the negative value of that negative value (which is of course a positive value) is the offset to the next keytab_entry. Based on these size values alone the entire keytab file can be traversed. +.PP +The size is followed by a 16 bit num_components field indicating the number of counted_octet_string components in the components array. +.PP +The num_components field is followed by a counted_octet_string representing the realm of the principal. +.PP +A counted_octet_string is simply an array of bytes prefixed with a 16 bit length. For the realm and name components, the counted_octet_string bytes are ASCII encoded text with no zero terminator. +.PP +Following the realm is the components array that represents the name of the principal. The text of these components may be joined with slashs to construct the typical SPN representation. For example, the service principal HTTP/www.foo.net@FOO.NET would consist of name components 'HTTP' followed by 'www.foo.net'. +.PP +Following the components array is the 32 bit name_type (e.g. 1 is KRB5_NT_PRINCIPAL, 2 is KRB5_NT_SRV_INST, 5 is KRB5_NT_UID, etc). In practice the name_type is almost certainly 1 meaning KRB5_NT_PRINCIPAL. +.PP +The 32 bit timestamp indicates the time the key was established for that principal. The value represents the number of seconds since Jan 1, 1970. +.PP +The 8 bit vno8 field is the version number of the key. This value is overridden by the 32 bit vno field if it is present. The vno8 field is filled with the lower 8 bits of the 32 bit protocol kvno field. +.PP +The keyblock structure consists of a 16 bit value indicating the encryption type and is a counted_octet_string containing the key. The encryption type is the same as the Kerberos standard (e.g. 3 is des-cbc-md5, 23 is arcfour-hmac-md5, etc). +.PP +The last field of the keytab_entry structure is optional. If the size of the keytab_entry indicates that there are at least 4 bytes remaining, a 32 bit value representing the key version number is present. This value supersedes the 8 bit vno8 value preceeding the keyblock. +.PP +Older keytabs with a file_format_version of 0x501 are different in three ways: +.PP +.IP "\(bu" 2 +All integers are in host byte order [1]. +.IP "\(bu" 2 +The num_components field is 1 too large (i.e. after decoding, decrement by 1). +.IP "\(bu" 2 +The 32 bit name_type field is not present. +.PP +.PP +[1] The file_format_version field should really be treated as two separate 8 bit quantities representing the major and minor version number respectively. +.SS "Heimdal database dump file" +Format of the Heimdal text dump file as of Heimdal 0.6.3: +.PP +Each line in the dump file is one entry in the database. +.PP +Each field of a line is separated by one or more spaces, with the exception of fields consisting of principals containing spaces, where space can be quoted with \\ and \\ is quoted by \\. +.PP +Fields and their types are: +.PP +.PP +.nf + Quoted princial (quote character is \) [string] + Keys [keys] + Created by [event] + Modified by [event optional] + Valid start time [time optional] + Valid end time [time optional] + Password end valid time [time optional] + Max lifetime of ticket [time optional] + Max renew time of ticket [integer optional] + Flags [hdb flags] + Generation number [generation optional] + Extensions [extentions optional] +.fi +.PP +.PP +Fields following these silently are ignored. +.PP +All optional fields will be skipped if they fail to parse (or comprise the optional field marker of '-', w/o quotes). +.PP +Example: +.PP +.PP +.nf + fred\@CODE.COM 27:1:16:e8b4c8fc7e60b9e641dcf4cff3f08a701d982a2f89ba373733d26ca59ba6c789666f6b8bfcf169412bb1e5dceb9b33cda29f3412:-:1:3:4498a933881178c744f4232172dcd774c64e81fa6d05ecdf643a7e390624a0ebf3c7407a:-:1:2:b01934b13eb795d76f3a80717d469639b4da0cfb644161340ef44fdeb375e54d684dbb85:-:1:1:ea8e16d8078bf60c781da90f508d4deccba70595258b9d31888d33987cd31af0c9cced2e:- 20020415130120:admin\@CODE.COM 20041221112428:fred\@CODE.COM - - - 86400 604800 126 20020415130120:793707:28 - +.fi +.PP +.PP +Encoding of types are as follows: +.PP +.IP "\(bu" 2 +keys +.PP +.PP +.PP +.nf + kvno:[masterkvno:keytype:keydata:salt]{zero or more separated by :} +.fi +.PP +.PP +kvno is the key version number. +.PP +keydata is hex-encoded +.PP +masterkvno is the kvno of the database master key. If this field is empty, the kadmin load and merge operations will encrypt the key data with the master key if there is one. Otherwise the key data will be imported asis. +.PP +salt is encoded as '-' (no/default salt) or +.PP +.PP +.nf + salt-type / + salt-type / 'string' + salt-type / hex-encoded-data +.fi +.PP +.PP +keytype is the protocol enctype number; see enum ENCTYPE in include/krb5_asn1.h for values. +.PP +Example: +.PP +.nf + 27:1:16:e8b4c8fc7e60b9e641dcf4cff3f08a701d982a2f89ba373733d26ca59ba6c789666f6b8bfcf169412bb1e5dceb9b33cda29f3412:-:1:3:4498a933881178c744f4232172dcd774c64e81fa6d05ecdf643a7e390624a0ebf3c7407a:-:1:2:b01934b13eb795d76f3a80717d469639b4da0cfb644161340ef44fdeb375e54d684dbb85:-:1:1:ea8e16d8078bf60c781da90f508d4deccba70595258b9d31888d33987cd31af0c9cced2e:- + +.fi +.PP +.PP +.PP +.nf + kvno=27,{key: masterkvno=1,keytype=des3-cbc-sha1,keydata=..., default salt}... +.fi +.PP +.PP +.IP "\(bu" 2 +time +.PP +.PP +Format of the time is: YYYYmmddHHMMSS, corresponding to strftime format '%Y%m%d%k%M%S'. +.PP +Time is expressed in UTC. +.PP +Time can be optional (using -), when the time 0 is used. +.PP +Example: +.PP +.PP +.nf + 20041221112428 +.fi +.PP +.PP +.IP "\(bu" 2 +event +.PP +.PP +.PP +.nf + time:principal +.fi +.PP +.PP +time is as given in format time +.PP +principal is a string. Not quoting it may not work in earlier versions of Heimdal. +.PP +Example: +.PP +.nf + 20041221112428:bloggs\@CODE.COM + +.fi +.PP +.PP +.IP "\(bu" 2 +hdb flags +.PP +.PP +Integer encoding of HDB flags, see HDBFlags in lib/hdb/hdb.asn1. Each bit in the integer is the same as the bit in the specification. +.PP +.IP "\(bu" 2 +generation: +.PP +.PP +.PP +.nf + time:usec:gen +.fi +.PP +.PP +usec is a the microsecond, integer. gen is generation number, integer. +.PP +The generation can be defaulted (using '-') or the empty string +.PP +.IP "\(bu" 2 +extensions: +.PP +.PP +.PP +.nf + first-hex-encoded-HDB-Extension[:second-...] +.fi +.PP +.PP +HDB-extension is encoded the DER encoded HDB-Extension from lib/hdb/hdb.asn1. Consumers HDB extensions should be aware that unknown entires needs to be preserved even thought the ASN.1 data content might be unknown. There is a critical flag in the data to show to the KDC that the entry MUST be understod if the entry is to be used. diff --git a/doc/doxyout/krb5/man/man3/krb5_free_address.3 b/doc/doxyout/krb5/man/man3/krb5_free_address.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_address.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_addresses.3 b/doc/doxyout/krb5/man/man3/krb5_free_addresses.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_addresses.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_config_files.3 b/doc/doxyout/krb5/man/man3/krb5_free_config_files.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_config_files.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_context.3 b/doc/doxyout/krb5/man/man3/krb5_free_context.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_context.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_cred_contents.3 b/doc/doxyout/krb5/man/man3/krb5_free_cred_contents.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_cred_contents.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_creds.3 b/doc/doxyout/krb5/man/man3/krb5_free_creds.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_creds.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_creds_contents.3 b/doc/doxyout/krb5/man/man3/krb5_free_creds_contents.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_creds_contents.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_data.3 b/doc/doxyout/krb5/man/man3/krb5_free_data.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_data.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_data_contents.3 b/doc/doxyout/krb5/man/man3/krb5_free_data_contents.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_data_contents.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_error_string.3 b/doc/doxyout/krb5/man/man3/krb5_free_error_string.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_error_string.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_host_realm.3 b/doc/doxyout/krb5/man/man3/krb5_free_host_realm.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_host_realm.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_keyblock.3 b/doc/doxyout/krb5/man/man3/krb5_free_keyblock.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_keyblock.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_keyblock_contents.3 b/doc/doxyout/krb5/man/man3/krb5_free_keyblock_contents.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_keyblock_contents.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_principal.3 b/doc/doxyout/krb5/man/man3/krb5_free_principal.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_principal.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_ticket.3 b/doc/doxyout/krb5/man/man3/krb5_free_ticket.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_ticket.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_free_unparsed_name.3 b/doc/doxyout/krb5/man/man3/krb5_free_unparsed_name.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_free_unparsed_name.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_fwd_tgt_creds.3 b/doc/doxyout/krb5/man/man3/krb5_fwd_tgt_creds.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_fwd_tgt_creds.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_generate_subkey.3 b/doc/doxyout/krb5/man/man3/krb5_generate_subkey.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_generate_subkey.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_generate_subkey_extended.3 b/doc/doxyout/krb5/man/man3/krb5_generate_subkey_extended.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_generate_subkey_extended.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_cred_from_kdc.3 b/doc/doxyout/krb5/man/man3/krb5_get_cred_from_kdc.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_cred_from_kdc.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_cred_from_kdc_opt.3 b/doc/doxyout/krb5/man/man3/krb5_get_cred_from_kdc_opt.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_cred_from_kdc_opt.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_default_config_files.3 b/doc/doxyout/krb5/man/man3/krb5_get_default_config_files.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_default_config_files.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_default_in_tkt_etypes.3 b/doc/doxyout/krb5/man/man3/krb5_get_default_in_tkt_etypes.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_default_in_tkt_etypes.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_dns_canonicalize_hostname.3 b/doc/doxyout/krb5/man/man3/krb5_get_dns_canonicalize_hostname.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_dns_canonicalize_hostname.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_extra_addresses.3 b/doc/doxyout/krb5/man/man3/krb5_get_extra_addresses.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_extra_addresses.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_fcache_version.3 b/doc/doxyout/krb5/man/man3/krb5_get_fcache_version.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_fcache_version.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_forwarded_creds.3 b/doc/doxyout/krb5/man/man3/krb5_get_forwarded_creds.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_forwarded_creds.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_ignore_addresses.3 b/doc/doxyout/krb5/man/man3/krb5_get_ignore_addresses.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_ignore_addresses.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_in_tkt_with_keytab.3 b/doc/doxyout/krb5/man/man3/krb5_get_in_tkt_with_keytab.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_in_tkt_with_keytab.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_in_tkt_with_password.3 b/doc/doxyout/krb5/man/man3/krb5_get_in_tkt_with_password.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_in_tkt_with_password.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_in_tkt_with_skey.3 b/doc/doxyout/krb5/man/man3/krb5_get_in_tkt_with_skey.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_in_tkt_with_skey.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_init_creds_keyblock.3 b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_keyblock.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_keyblock.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_init_creds_keytab.3 b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_keytab.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_keytab.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_alloc.3 b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_alloc.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_alloc.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_free.3 b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_free.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_free.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_get_error.3 b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_get_error.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_get_error.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_init.3 b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_init.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_opt_init.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_init_creds_password.3 b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_password.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_init_creds_password.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_kdc_sec_offset.3 b/doc/doxyout/krb5/man/man3/krb5_get_kdc_sec_offset.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_kdc_sec_offset.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_max_time_skew.3 b/doc/doxyout/krb5/man/man3/krb5_get_max_time_skew.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_max_time_skew.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_use_admin_kdc.3 b/doc/doxyout/krb5/man/man3/krb5_get_use_admin_kdc.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_use_admin_kdc.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_get_validated_creds.3 b/doc/doxyout/krb5/man/man3/krb5_get_validated_creds.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_get_validated_creds.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_h_addr2addr.3 b/doc/doxyout/krb5/man/man3/krb5_h_addr2addr.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_h_addr2addr.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_h_addr2sockaddr.3 b/doc/doxyout/krb5/man/man3/krb5_h_addr2sockaddr.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_h_addr2sockaddr.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_h_errno_to_heim_errno.3 b/doc/doxyout/krb5/man/man3/krb5_h_errno_to_heim_errno.3 new file mode 100644 index 000000000000..f721fda2cd4b --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_h_errno_to_heim_errno.3 @@ -0,0 +1 @@ +.so man3/krb5_error.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_init_context.3 b/doc/doxyout/krb5/man/man3/krb5_init_context.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_init_context.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_init_creds_free.3 b/doc/doxyout/krb5/man/man3/krb5_init_creds_free.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_init_creds_free.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_init_creds_get.3 b/doc/doxyout/krb5/man/man3/krb5_init_creds_get.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_init_creds_get.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_init_creds_get_error.3 b/doc/doxyout/krb5/man/man3/krb5_init_creds_get_error.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_init_creds_get_error.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_init_creds_init.3 b/doc/doxyout/krb5/man/man3/krb5_init_creds_init.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_init_creds_init.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_init_creds_intro.3 b/doc/doxyout/krb5/man/man3/krb5_init_creds_intro.3 new file mode 100644 index 000000000000..e0a660a749ce --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_init_creds_intro.3 @@ -0,0 +1,8 @@ +.TH "krb5_init_creds_intro" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +krb5_init_creds_intro \- The initial credential handing functions +.SH "Initial credential" +.PP +Functions to get initial credentials: \fBHeimdal Kerberos 5 credential handing functions\fP . diff --git a/doc/doxyout/krb5/man/man3/krb5_init_creds_set_keytab.3 b/doc/doxyout/krb5/man/man3/krb5_init_creds_set_keytab.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_init_creds_set_keytab.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_init_creds_set_password.3 b/doc/doxyout/krb5/man/man3/krb5_init_creds_set_password.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_init_creds_set_password.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_init_creds_set_service.3 b/doc/doxyout/krb5/man/man3/krb5_init_creds_set_service.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_init_creds_set_service.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_init_creds_step.3 b/doc/doxyout/krb5/man/man3/krb5_init_creds_step.3 new file mode 100644 index 000000000000..9030ec942980 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_init_creds_step.3 @@ -0,0 +1 @@ +.so man3/krb5_credential.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_init_ets.3 b/doc/doxyout/krb5/man/man3/krb5_init_ets.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_init_ets.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_introduction.3 b/doc/doxyout/krb5/man/man3/krb5_introduction.3 new file mode 100644 index 000000000000..31fba82e25eb --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_introduction.3 @@ -0,0 +1,259 @@ +.TH "krb5_introduction" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +krb5_introduction \- Introduction to the Kerberos 5 API +.SH "Kerberos 5 API Overview" +.PP +All functions are documented in manual pages. This section tries to give an overview of the major components used in Kerberos library, and point to where to look for a specific function. +.SS "Kerberos context" +A kerberos context (krb5_context) holds all per thread state. All global variables that are context specific are stored in this structure, including default encryption types, credential cache (for example, a ticket file), and default realms. +.PP +The internals of the structure should never be accessed directly, functions exist for extracting information. +.PP +See the manual page for \fBkrb5_init_context()\fP how to create a context and module \fBHeimdal Kerberos 5 library\fP for more information about the functions. +.SS "Kerberos authentication context" +Kerberos authentication context (krb5_auth_context) holds all context related to an authenticated connection, in a similar way to the kerberos context that holds the context for the thread or process. +.PP +The krb5_auth_context is used by various functions that are directly related to authentication between the server/client. Example of data that this structure contains are various flags, addresses of client and server, port numbers, keyblocks (and subkeys), sequence numbers, replay cache, and checksum types. +.SS "Kerberos principal" +The Kerberos principal is the structure that identifies a user or service in Kerberos. The structure that holds the principal is the krb5_principal. There are function to extract the realm and elements of the principal, but most applications have no reason to inspect the content of the structure. +.PP +The are several ways to create a principal (with different degree of portability), and one way to free it. +.PP +See also the page \fBThe principal handing functions.\fP for more information and also module \fBHeimdal Kerberos 5 principal functions\fP. +.SS "Credential cache" +A credential cache holds the tickets for a user. A given user can have several credential caches, one for each realm where the user have the initial tickets (the first krbtgt). +.PP +The credential cache data can be stored internally in different way, each of them for different proposes. File credential (FILE) caches and processes based (KCM) caches are for permanent storage. While memory caches (MEMORY) are local caches to the local process. +.PP +Caches are opened with \fBkrb5_cc_resolve()\fP or created with \fBkrb5_cc_new_unique()\fP. +.PP +If the cache needs to be opened again (using \fBkrb5_cc_resolve()\fP) \fBkrb5_cc_close()\fP will close the handle, but not the remove the cache. \fBkrb5_cc_destroy()\fP will zero out the cache, remove the cache so it can no longer be referenced. +.PP +See also \fBThe credential cache functions\fP and \fBHeimdal Kerberos 5 credential cache functions\fP . +.SS "Kerberos errors" +Kerberos errors are based on the com_err library. All error codes are 32-bit signed numbers, the first 24 bits define what subsystem the error originates from, and last 8 bits are 255 error codes within the library. Each error code have fixed string associated with it. For example, the error-code -1765328383 have the symbolic name KRB5KDC_ERR_NAME_EXP, and associated error string ``Client's entry in database has expired''. +.PP +This is a great improvement compared to just getting one of the unix error-codes back. However, Heimdal have an extention to pass back customised errors messages. Instead of getting ``Key table entry not found'', the user might back ``failed to find host/host.example.com@EXAMLE.COM(kvno 3) in keytab /etc/krb5.keytab (des-cbc-crc)''. This improves the chance that the user find the cause of the error so you should use the customised error message whenever it's available. +.PP +See also module \fBHeimdal Kerberos 5 error reporting functions\fP . +.SS "Keytab management" +A keytab is a storage for locally stored keys. Heimdal includes keytab support for Kerberos 5 keytabs, Kerberos 4 srvtab, AFS-KeyFile's, and for storing keys in memory. +.PP +Keytabs are used for servers and long-running services. +.PP +See also \fBThe keytab handing functions\fP and \fBHeimdal Kerberos 5 keytab handling functions\fP . +.SS "Kerberos crypto" +Heimdal includes a implementation of the Kerberos crypto framework, all crypto operations. To create a crypto context call \fBkrb5_crypto_init()\fP. +.PP +See also module \fBHeimdal Kerberos 5 cryptography functions\fP . +.SH "Walkthrough of a sample Kerberos 5 client" +.PP +This example contains parts of a sample TCP Kerberos 5 clients, if you want a real working client, please look in appl/test directory in the Heimdal distribution. +.PP +All Kerberos error-codes that are returned from kerberos functions in this program are passed to krb5_err, that will print a descriptive text of the error code and exit. Graphical programs can convert error-code to a human readable error-string with the krb5_get_error_message() function. +.PP +Note that you should not use any Kerberos function before \fBkrb5_init_context()\fP have completed successfully. That is the reason err() is used when \fBkrb5_init_context()\fP fails. +.PP +First the client needs to call krb5_init_context to initialise the Kerberos 5 library. This is only needed once per thread in the program. If the function returns a non-zero value it indicates that either the Kerberos implementation is failing or it's disabled on this host. +.PP +.PP +.nf + #include + + int + main(int argc, char **argv) + { + krb5_context context; + + if (krb5_init_context(&context)) + errx (1, 'krb5_context'); +.fi +.PP +.PP +Now the client wants to connect to the host at the other end. The preferred way of doing this is using getaddrinfo (for operating system that have this function implemented), since getaddrinfo is neutral to the address type and can use any protocol that is available. +.PP +.PP +.nf + struct addrinfo *ai, *a; + struct addrinfo hints; + int error; + + memset (&hints, 0, sizeof(hints)); + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_TCP; + + error = getaddrinfo (hostname, 'pop3', &hints, &ai); + if (error) + errx (1, '%s: %s', hostname, gai_strerror(error)); + + for (a = ai; a != NULL; a = a->ai_next) { + int s; + + s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); + if (s < 0) + continue; + if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { + warn ('connect(%s)', hostname); + close (s); + continue; + } + freeaddrinfo (ai); + ai = NULL; + } + if (ai) { + freeaddrinfo (ai); + errx ('failed to contact %s', hostname); + } +.fi +.PP +.PP +Before authenticating, an authentication context needs to be created. This context keeps all information for one (to be) authenticated connection (see krb5_auth_context). +.PP +.PP +.nf + status = krb5_auth_con_init (context, &auth_context); + if (status) + krb5_err (context, 1, status, 'krb5_auth_con_init'); +.fi +.PP +.PP +For setting the address in the authentication there is a help function krb5_auth_con_setaddrs_from_fd() that does everything that is needed when given a connected file descriptor to the socket. +.PP +.PP +.nf + status = krb5_auth_con_setaddrs_from_fd (context, + auth_context, + &sock); + if (status) + krb5_err (context, 1, status, + 'krb5_auth_con_setaddrs_from_fd'); +.fi +.PP +.PP +The next step is to build a server principal for the service we want to connect to. (See also \fBkrb5_sname_to_principal()\fP.) +.PP +.PP +.nf + status = krb5_sname_to_principal (context, + hostname, + service, + KRB5_NT_SRV_HST, + &server); + if (status) + krb5_err (context, 1, status, 'krb5_sname_to_principal'); +.fi +.PP +.PP +The client principal is not passed to krb5_sendauth() function, this causes the krb5_sendauth() function to try to figure it out itself. +.PP +The server program is using the function krb5_recvauth() to receive the Kerberos 5 authenticator. +.PP +In this case, mutual authentication will be tried. That means that the server will authenticate to the client. Using mutual authentication is good since it enables the user to verify that they are talking to the right server (a server that knows the key). +.PP +If you are using a non-blocking socket you will need to do all work of krb5_sendauth() yourself. Basically you need to send over the authenticator from krb5_mk_req() and, in case of mutual authentication, verifying the result from the server with krb5_rd_rep(). +.PP +.PP +.nf + status = krb5_sendauth (context, + &auth_context, + &sock, + VERSION, + NULL, + server, + AP_OPTS_MUTUAL_REQUIRED, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL); + if (status) + krb5_err (context, 1, status, 'krb5_sendauth'); +.fi +.PP +.PP +Once authentication has been performed, it is time to send some data. First we create a krb5_data structure, then we sign it with krb5_mk_safe() using the auth_context that contains the session-key that was exchanged in the krb5_sendauth()/krb5_recvauth() authentication sequence. +.PP +.PP +.nf + data.data = 'hej'; + data.length = 3; + + krb5_data_zero (&packet); + + status = krb5_mk_safe (context, + auth_context, + &data, + &packet, + NULL); + if (status) + krb5_err (context, 1, status, 'krb5_mk_safe'); +.fi +.PP +.PP +And send it over the network. +.PP +.PP +.nf + len = packet.length; + net_len = htonl(len); + + if (krb5_net_write (context, &sock, &net_len, 4) != 4) + err (1, 'krb5_net_write'); + if (krb5_net_write (context, &sock, packet.data, len) != len) + err (1, 'krb5_net_write'); +.fi +.PP +.PP +To send encrypted (and signed) data krb5_mk_priv() should be used instead. krb5_mk_priv() works the same way as krb5_mk_safe(), with the exception that it encrypts the data in addition to signing it. +.PP +.PP +.nf + data.data = 'hemligt'; + data.length = 7; + + krb5_data_free (&packet); + + status = krb5_mk_priv (context, + auth_context, + &data, + &packet, + NULL); + if (status) + krb5_err (context, 1, status, 'krb5_mk_priv'); +.fi +.PP +.PP +And send it over the network. +.PP +.PP +.nf + len = packet.length; + net_len = htonl(len); + + if (krb5_net_write (context, &sock, &net_len, 4) != 4) + err (1, 'krb5_net_write'); + if (krb5_net_write (context, &sock, packet.data, len) != len) + err (1, 'krb5_net_write'); +.fi +.PP +.PP +The server is using krb5_rd_safe() and krb5_rd_priv() to verify the signature and decrypt the packet. +.SH "Validating a password in an application" +.PP +See the manual page for krb5_verify_user(). +.SH "API differences to MIT Kerberos" +.PP +This section is somewhat disorganised, but so far there is no overall structure to the differences, though some of the have their root in that Heimdal uses an ASN.1 compiler and MIT doesn't. +.SS "Principal and realms" +Heimdal stores the realm as a krb5_realm, that is a char *. MIT Kerberos uses a krb5_data to store a realm. +.PP +In Heimdal krb5_principal doesn't contain the component name_type; it's instead stored in component name.name_type. To get and set the nametype in Heimdal, use \fBkrb5_principal_get_type()\fP and \fBkrb5_principal_set_type()\fP. +.PP +For more information about principal and realms, see krb5_principal. +.SS "Error messages" +To get the error string, Heimdal uses krb5_get_error_message(). This is to return custom error messages (like ``Can't find host/datan.example.com@CODE.COM in /etc/krb5.conf.'' instead of a ``Key table entry not found'' that error_message returns. +.PP +Heimdal uses a threadsafe(r) version of the com_err interface; the global com_err table isn't initialised. Then error_message returns quite a boring error string (just the error code itself). diff --git a/doc/doxyout/krb5/man/man3/krb5_is_config_principal.3 b/doc/doxyout/krb5/man/man3/krb5_is_config_principal.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_is_config_principal.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_is_thread_safe.3 b/doc/doxyout/krb5/man/man3/krb5_is_thread_safe.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_is_thread_safe.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kerberos_enctypes.3 b/doc/doxyout/krb5/man/man3/krb5_kerberos_enctypes.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kerberos_enctypes.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_keyblock_get_enctype.3 b/doc/doxyout/krb5/man/man3/krb5_keyblock_get_enctype.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_keyblock_get_enctype.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_keyblock_init.3 b/doc/doxyout/krb5/man/man3/krb5_keyblock_init.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_keyblock_init.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_keyblock_zero.3 b/doc/doxyout/krb5/man/man3/krb5_keyblock_zero.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_keyblock_zero.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_keytab.3 b/doc/doxyout/krb5/man/man3/krb5_keytab.3 new file mode 100644 index 000000000000..f0d0cfade793 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_keytab.3 @@ -0,0 +1,486 @@ +.TH "Heimdal Kerberos 5 keytab handling functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 keytab handling functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_register\fP (krb5_context context, const krb5_kt_ops *ops)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_resolve\fP (krb5_context context, const char *name, krb5_keytab *id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_default_name\fP (krb5_context context, char *name, size_t namesize)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_default_modify_name\fP (krb5_context context, char *name, size_t namesize)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_default\fP (krb5_context context, krb5_keytab *id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_read_service_key\fP (krb5_context context, krb5_pointer keyprocarg, krb5_principal principal, krb5_kvno vno, krb5_enctype enctype, krb5_keyblock **key)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_get_type\fP (krb5_context context, krb5_keytab keytab, char *prefix, size_t prefixsize)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_get_name\fP (krb5_context context, krb5_keytab keytab, char *name, size_t namesize)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_get_full_name\fP (krb5_context context, krb5_keytab keytab, char **str)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_close\fP (krb5_context context, krb5_keytab id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_destroy\fP (krb5_context context, krb5_keytab id)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_kt_compare\fP (krb5_context context, krb5_keytab_entry *entry, krb5_const_principal principal, krb5_kvno vno, krb5_enctype enctype)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_get_entry\fP (krb5_context context, krb5_keytab id, krb5_const_principal principal, krb5_kvno kvno, krb5_enctype enctype, krb5_keytab_entry *entry)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_copy_entry_contents\fP (krb5_context context, const krb5_keytab_entry *in, krb5_keytab_entry *out)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_free_entry\fP (krb5_context context, krb5_keytab_entry *entry)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_start_seq_get\fP (krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_next_entry\fP (krb5_context context, krb5_keytab id, krb5_keytab_entry *entry, krb5_kt_cursor *cursor)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_end_seq_get\fP (krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_add_entry\fP (krb5_context context, krb5_keytab id, krb5_keytab_entry *entry)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_kt_remove_entry\fP (krb5_context context, krb5_keytab id, krb5_keytab_entry *entry)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_kt_have_content\fP (krb5_context context, krb5_keytab id)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_add_entry (krb5_context context, krb5_keytab id, krb5_keytab_entry * entry)" +.PP +Add the entry in `entry' to the keytab `id'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIid\fP a keytab. +.br +\fIentry\fP the entry to add +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_close (krb5_context context, krb5_keytab id)" +.PP +Finish using the keytab in `id'. All resources will be released, even on errors. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIid\fP keytab to close. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_kt_compare (krb5_context context, krb5_keytab_entry * entry, krb5_const_principal principal, krb5_kvno vno, krb5_enctype enctype)" +.PP +Compare `entry' against `principal, vno, enctype'. Any of `principal, vno, enctype' might be 0 which acts as a wildcard. Return TRUE if they compare the same, FALSE otherwise. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIentry\fP an entry to match with. +.br +\fIprincipal\fP principal to match, NULL matches all principals. +.br +\fIvno\fP key version to match, 0 matches all key version numbers. +.br +\fIenctype\fP encryption type to match, 0 matches all encryption types. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return TRUE or match, FALSE if not matched. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_copy_entry_contents (krb5_context context, const krb5_keytab_entry * in, krb5_keytab_entry * out)" +.PP +Copy the contents of `in' into `out'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIin\fP the keytab entry to copy. +.br +\fIout\fP the copy of the keytab entry, free with \fBkrb5_kt_free_entry()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_default (krb5_context context, krb5_keytab * id)" +.PP +Set `id' to the default keytab. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIid\fP the new default keytab. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_default_modify_name (krb5_context context, char * name, size_t namesize)" +.PP +Copy the name of the default modify keytab into `name'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIname\fP buffer where the name will be written +.br +\fInamesize\fP length of name +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_default_name (krb5_context context, char * name, size_t namesize)" +.PP +copy the name of the default keytab into `name'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIname\fP buffer where the name will be written +.br +\fInamesize\fP length of name +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_destroy (krb5_context context, krb5_keytab id)" +.PP +Destroy (remove) the keytab in `id'. All resources will be released, even on errors, does the equvalment of \fBkrb5_kt_close()\fP on the resources. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIid\fP keytab to destroy. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_end_seq_get (krb5_context context, krb5_keytab id, krb5_kt_cursor * cursor)" +.PP +Release all resources associated with `cursor'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIid\fP a keytab. +.br +\fIcursor\fP the cursor to free. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_free_entry (krb5_context context, krb5_keytab_entry * entry)" +.PP +Free the contents of `entry'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIentry\fP the entry to free +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_entry (krb5_context context, krb5_keytab id, krb5_const_principal principal, krb5_kvno kvno, krb5_enctype enctype, krb5_keytab_entry * entry)" +.PP +Retrieve the keytab entry for `principal, kvno, enctype' into `entry' from the keytab `id'. Matching is done like \fBkrb5_kt_compare()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIid\fP a keytab. +.br +\fIprincipal\fP principal to match, NULL matches all principals. +.br +\fIkvno\fP key version to match, 0 matches all key version numbers. +.br +\fIenctype\fP encryption type to match, 0 matches all encryption types. +.br +\fIentry\fP the returned entry, free with \fBkrb5_kt_free_entry()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_full_name (krb5_context context, krb5_keytab keytab, char ** str)" +.PP +Retrieve the full name of the keytab `keytab' and store the name in `str'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIkeytab\fP keytab to get name for. +.br +\fIstr\fP the name of the keytab name, usee krb5_xfree() to free the string. On error, *str is set to NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_name (krb5_context context, krb5_keytab keytab, char * name, size_t namesize)" +.PP +Retrieve the name of the keytab `keytab' into `name', `namesize' +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIkeytab\fP the keytab to get the name for. +.br +\fIname\fP name buffer. +.br +\fInamesize\fP size of name buffer. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_type (krb5_context context, krb5_keytab keytab, char * prefix, size_t prefixsize)" +.PP +Return the type of the `keytab' in the string `prefix of length `prefixsize'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIkeytab\fP the keytab to get the prefix for +.br +\fIprefix\fP prefix buffer +.br +\fIprefixsize\fP length of prefix buffer +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_kt_have_content (krb5_context context, krb5_keytab id)" +.PP +Return true if the keytab exists and have entries +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIid\fP a keytab. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_next_entry (krb5_context context, krb5_keytab id, krb5_keytab_entry * entry, krb5_kt_cursor * cursor)" +.PP +Get the next entry from keytab, advance the cursor. On last entry the function will return KRB5_KT_END. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIid\fP a keytab. +.br +\fIentry\fP the returned entry, free with \fBkrb5_kt_free_entry()\fP. +.br +\fIcursor\fP the cursor of the iteration. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_read_service_key (krb5_context context, krb5_pointer keyprocarg, krb5_principal principal, krb5_kvno vno, krb5_enctype enctype, krb5_keyblock ** key)" +.PP +Read the key identified by `(principal, vno, enctype)' from the keytab in `keyprocarg' (the default if == NULL) into `*key'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIkeyprocarg\fP +.br +\fIprincipal\fP +.br +\fIvno\fP +.br +\fIenctype\fP +.br +\fIkey\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_register (krb5_context context, const krb5_kt_ops * ops)" +.PP +Register a new keytab backend. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIops\fP a backend to register. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_remove_entry (krb5_context context, krb5_keytab id, krb5_keytab_entry * entry)" +.PP +Remove an entry from the keytab, matching is done using \fBkrb5_kt_compare()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIid\fP a keytab. +.br +\fIentry\fP the entry to remove +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_resolve (krb5_context context, const char * name, krb5_keytab * id)" +.PP +Resolve the keytab name (of the form `type:residual') in `name' into a keytab in `id'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIname\fP name to resolve +.br +\fIid\fP resulting keytab, free with \fBkrb5_kt_close()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_start_seq_get (krb5_context context, krb5_keytab id, krb5_kt_cursor * cursor)" +.PP +Set `cursor' to point at the beginning of `id'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context. +.br +\fIid\fP a keytab. +.br +\fIcursor\fP a newly allocated cursor, free with \fBkrb5_kt_end_seq_get()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_keytab_intro.3 b/doc/doxyout/krb5/man/man3/krb5_keytab_intro.3 new file mode 100644 index 000000000000..f5e0508de576 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_keytab_intro.3 @@ -0,0 +1,74 @@ +.TH "krb5_keytab_intro" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +krb5_keytab_intro \- The keytab handing functions +.SH "Kerberos Keytabs" +.PP +See the library functions here: \fBHeimdal Kerberos 5 keytab handling functions\fP +.PP +Keytabs are long term key storage for servers, their equvalment of password files. +.PP +Normally the only function that useful for server are to specify what keytab to use to other core functions like krb5_rd_req() \fBkrb5_kt_resolve()\fP, and \fBkrb5_kt_close()\fP. +.SS "Keytab names" +A keytab name is on the form type:residual. The residual part is specific to each keytab-type. +.PP +When a keytab-name is resolved, the type is matched with an internal list of keytab types. If there is no matching keytab type, the default keytab is used. The current default type is FILE. +.PP +The default value can be changed in the configuration file /etc/krb5.conf by setting the variable [defaults]default_keytab_name. +.PP +The keytab types that are implemented in Heimdal are: +.IP "\(bu" 2 +file store the keytab in a file, the type's name is FILE . The residual part is a filename. For compatibility with other Kerberos implemtation WRFILE and JAVA14 is also accepted. WRFILE has the same format as FILE. JAVA14 have a format that is compatible with older versions of MIT kerberos and SUN's Java based installation. They store a truncted kvno, so when the knvo excess 255, they are truncted in this format. +.PP +.PP +.IP "\(bu" 2 +keytab store the keytab in a AFS keyfile (usually /usr/afs/etc/KeyFile ), the type's name is AFSKEYFILE. The residual part is a filename. +.PP +.PP +.IP "\(bu" 2 +memory The keytab is stored in a memory segment. This allows sensitive and/or temporary data not to be stored on disk. The type's name is MEMORY. Each MEMORY keytab is referenced counted by and opened by the residual name, so two handles can point to the same memory area. When the last user closes using \fBkrb5_kt_close()\fP the keytab, the keys in they keytab is memset() to zero and freed and can no longer be looked up by name. +.PP +.SS "Keytab example" +This is a minimalistic version of ktutil. +.PP +.PP +.nf +int +main (int argc, char **argv) +{ + krb5_context context; + krb5_keytab keytab; + krb5_kt_cursor cursor; + krb5_keytab_entry entry; + krb5_error_code ret; + char *principal; + + if (krb5_init_context (&context) != 0) + errx(1, 'krb5_context'); + + ret = krb5_kt_default (context, &keytab); + if (ret) + krb5_err(context, 1, ret, 'krb5_kt_default'); + + ret = krb5_kt_start_seq_get(context, keytab, &cursor); + if (ret) + krb5_err(context, 1, ret, 'krb5_kt_start_seq_get'); + while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0){ + krb5_unparse_name(context, entry.principal, &principal); + printf('principal: %s\n', principal); + free(principal); + krb5_kt_free_entry(context, &entry); + } + ret = krb5_kt_end_seq_get(context, keytab, &cursor); + if (ret) + krb5_err(context, 1, ret, 'krb5_kt_end_seq_get'); + ret = krb5_kt_close(context, keytab); + if (ret) + krb5_err(context, 1, ret, 'krb5_kt_close'); + krb5_free_context(context); + return 0; +} +.fi +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_keytab_key_proc.3 b/doc/doxyout/krb5/man/man3/krb5_keytab_key_proc.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_keytab_key_proc.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_keytype_to_enctypes.3 b/doc/doxyout/krb5/man/man3/krb5_keytype_to_enctypes.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_keytype_to_enctypes.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_keytype_to_enctypes_default.3 b/doc/doxyout/krb5/man/man3/krb5_keytype_to_enctypes_default.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_keytype_to_enctypes_default.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_keytype_to_string.3 b/doc/doxyout/krb5/man/man3/krb5_keytype_to_string.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_keytype_to_string.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_krbhst_get_addrinfo.3 b/doc/doxyout/krb5/man/man3/krb5_krbhst_get_addrinfo.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_krbhst_get_addrinfo.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_add_entry.3 b/doc/doxyout/krb5/man/man3/krb5_kt_add_entry.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_add_entry.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_close.3 b/doc/doxyout/krb5/man/man3/krb5_kt_close.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_close.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_compare.3 b/doc/doxyout/krb5/man/man3/krb5_kt_compare.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_compare.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_copy_entry_contents.3 b/doc/doxyout/krb5/man/man3/krb5_kt_copy_entry_contents.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_copy_entry_contents.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_default.3 b/doc/doxyout/krb5/man/man3/krb5_kt_default.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_default.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_default_modify_name.3 b/doc/doxyout/krb5/man/man3/krb5_kt_default_modify_name.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_default_modify_name.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_default_name.3 b/doc/doxyout/krb5/man/man3/krb5_kt_default_name.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_default_name.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_destroy.3 b/doc/doxyout/krb5/man/man3/krb5_kt_destroy.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_destroy.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_end_seq_get.3 b/doc/doxyout/krb5/man/man3/krb5_kt_end_seq_get.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_end_seq_get.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_free_entry.3 b/doc/doxyout/krb5/man/man3/krb5_kt_free_entry.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_free_entry.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_get_entry.3 b/doc/doxyout/krb5/man/man3/krb5_kt_get_entry.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_get_entry.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_get_full_name.3 b/doc/doxyout/krb5/man/man3/krb5_kt_get_full_name.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_get_full_name.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_get_name.3 b/doc/doxyout/krb5/man/man3/krb5_kt_get_name.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_get_name.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_get_type.3 b/doc/doxyout/krb5/man/man3/krb5_kt_get_type.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_get_type.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_have_content.3 b/doc/doxyout/krb5/man/man3/krb5_kt_have_content.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_have_content.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_next_entry.3 b/doc/doxyout/krb5/man/man3/krb5_kt_next_entry.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_next_entry.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_read_service_key.3 b/doc/doxyout/krb5/man/man3/krb5_kt_read_service_key.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_read_service_key.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_register.3 b/doc/doxyout/krb5/man/man3/krb5_kt_register.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_register.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_remove_entry.3 b/doc/doxyout/krb5/man/man3/krb5_kt_remove_entry.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_remove_entry.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_resolve.3 b/doc/doxyout/krb5/man/man3/krb5_kt_resolve.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_resolve.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kt_start_seq_get.3 b/doc/doxyout/krb5/man/man3/krb5_kt_start_seq_get.3 new file mode 100644 index 000000000000..abf40bbf82b8 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kt_start_seq_get.3 @@ -0,0 +1 @@ +.so man3/krb5_keytab.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_kuserok.3 b/doc/doxyout/krb5/man/man3/krb5_kuserok.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_kuserok.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_make_addrport.3 b/doc/doxyout/krb5/man/man3/krb5_make_addrport.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_make_addrport.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_make_principal.3 b/doc/doxyout/krb5/man/man3/krb5_make_principal.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_make_principal.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_max_sockaddr_size.3 b/doc/doxyout/krb5/man/man3/krb5_max_sockaddr_size.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_max_sockaddr_size.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_mcc_ops.3 b/doc/doxyout/krb5/man/man3/krb5_mcc_ops.3 new file mode 100644 index 000000000000..e64747b9d073 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_mcc_ops.3 @@ -0,0 +1 @@ +.so man3/krb5_ccache.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_pac.3 b/doc/doxyout/krb5/man/man3/krb5_pac.3 new file mode 100644 index 000000000000..44a70aba3c13 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_pac.3 @@ -0,0 +1,66 @@ +.TH "Heimdal Kerberos 5 PAC handling functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 PAC handling functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_pac_get_buffer\fP (krb5_context context, krb5_pac p, uint32_t type, krb5_data *data)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_pac_verify\fP (krb5_context context, const krb5_pac pac, time_t authtime, krb5_const_principal principal, const krb5_keyblock *server, const krb5_keyblock *privsvr)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_get_buffer (krb5_context context, krb5_pac p, uint32_t type, krb5_data * data)" +.PP +Get the PAC buffer of specific type from the pac. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIp\fP the pac structure returned by krb5_pac_parse(). +.br +\fItype\fP type of buffer to get +.br +\fIdata\fP return data, free with \fBkrb5_data_free()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_verify (krb5_context context, const krb5_pac pac, time_t authtime, krb5_const_principal principal, const krb5_keyblock * server, const krb5_keyblock * privsvr)" +.PP +Verify the PAC. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIpac\fP the pac structure returned by krb5_pac_parse(). +.br +\fIauthtime\fP The time of the ticket the PAC belongs to. +.br +\fIprincipal\fP the principal to verify. +.br +\fIserver\fP The service key, most always be given. +.br +\fIprivsvr\fP The KDC key, may be given. +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_pac_get_buffer.3 b/doc/doxyout/krb5/man/man3/krb5_pac_get_buffer.3 new file mode 100644 index 000000000000..bd150f6be5b9 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_pac_get_buffer.3 @@ -0,0 +1 @@ +.so man3/krb5_pac.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_pac_verify.3 b/doc/doxyout/krb5/man/man3/krb5_pac_verify.3 new file mode 100644 index 000000000000..bd150f6be5b9 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_pac_verify.3 @@ -0,0 +1 @@ +.so man3/krb5_pac.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_parse_address.3 b/doc/doxyout/krb5/man/man3/krb5_parse_address.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_parse_address.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_parse_name.3 b/doc/doxyout/krb5/man/man3/krb5_parse_name.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_parse_name.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_parse_name_flags.3 b/doc/doxyout/krb5/man/man3/krb5_parse_name_flags.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_parse_name_flags.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_parse_nametype.3 b/doc/doxyout/krb5/man/man3/krb5_parse_nametype.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_parse_nametype.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_password_key_proc.3 b/doc/doxyout/krb5/man/man3/krb5_password_key_proc.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_password_key_proc.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_plugin_register.3 b/doc/doxyout/krb5/man/man3/krb5_plugin_register.3 new file mode 100644 index 000000000000..21a2567dc68c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_plugin_register.3 @@ -0,0 +1 @@ +.so man3/krb5_support.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_prepend_config_files_default.3 b/doc/doxyout/krb5/man/man3/krb5_prepend_config_files_default.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_prepend_config_files_default.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_princ_realm.3 b/doc/doxyout/krb5/man/man3/krb5_princ_realm.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_princ_realm.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_princ_set_realm.3 b/doc/doxyout/krb5/man/man3/krb5_princ_set_realm.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_princ_set_realm.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_principal.3 b/doc/doxyout/krb5/man/man3/krb5_principal.3 new file mode 100644 index 000000000000..5f79877e3a37 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_principal.3 @@ -0,0 +1,519 @@ +.TH "Heimdal Kerberos 5 principal functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 principal functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_free_principal\fP (krb5_context context, krb5_principal p)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_principal_set_type\fP (krb5_context context, krb5_principal principal, int type)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION int KRB5_LIB_CALL \fBkrb5_principal_get_type\fP (krb5_context context, krb5_const_principal principal)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const char *KRB5_LIB_CALL \fBkrb5_principal_get_realm\fP (krb5_context context, krb5_const_principal principal)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION unsigned int KRB5_LIB_CALL \fBkrb5_principal_get_num_comp\fP (krb5_context context, krb5_const_principal principal)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_parse_name_flags\fP (krb5_context context, const char *name, int flags, krb5_principal *principal)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_parse_name\fP (krb5_context context, const char *name, krb5_principal *principal)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_unparse_name_fixed\fP (krb5_context context, krb5_const_principal principal, char *name, size_t len)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_unparse_name_fixed_short\fP (krb5_context context, krb5_const_principal principal, char *name, size_t len)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_unparse_name_fixed_flags\fP (krb5_context context, krb5_const_principal principal, int flags, char *name, size_t len)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_unparse_name\fP (krb5_context context, krb5_const_principal principal, char **name)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_unparse_name_flags\fP (krb5_context context, krb5_const_principal principal, int flags, char **name)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_unparse_name_short\fP (krb5_context context, krb5_const_principal principal, char **name)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_principal_set_realm\fP (krb5_context context, krb5_principal principal, krb5_const_realm realm)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_build_principal\fP (krb5_context context, krb5_principal *principal, int rlen, krb5_const_realm realm,...)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_make_principal\fP (krb5_context context, krb5_principal *principal, krb5_const_realm realm,...)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_copy_principal\fP (krb5_context context, krb5_const_principal inprinc, krb5_principal *outprinc)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_principal_compare_any_realm\fP (krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_principal_compare\fP (krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_realm_compare\fP (krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_principal_match\fP (krb5_context context, krb5_const_principal princ, krb5_const_principal pattern)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_sname_to_principal\fP (krb5_context context, const char *hostname, const char *sname, int32_t type, krb5_principal *ret_princ)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_parse_nametype\fP (krb5_context context, const char *str, int32_t *nametype)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_principal_is_krbtgt\fP (krb5_context context, krb5_const_principal p)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_build_principal (krb5_context context, krb5_principal * principal, int rlen, krb5_const_realm realm, ...)" +.PP +Build a principal using vararg style building +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIprincipal\fP returned principal +.br +\fIrlen\fP length of realm +.br +\fIrealm\fP realm name +.br +\fI...\fP a list of components ended with NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_principal (krb5_context context, krb5_const_principal inprinc, krb5_principal * outprinc)" +.PP +Copy a principal +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIinprinc\fP principal to copy +.br +\fIoutprinc\fP copied principal, free with \fBkrb5_free_principal()\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_principal (krb5_context context, krb5_principal p)" +.PP +Frees a Kerberos principal allocated by the library with \fBkrb5_parse_name()\fP, \fBkrb5_make_principal()\fP or any other related principal functions. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIp\fP a principal to free. +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_make_principal (krb5_context context, krb5_principal * principal, krb5_const_realm realm, ...)" +.PP +Build a principal using vararg style building +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIprincipal\fP returned principal +.br +\fIrealm\fP realm name +.br +\fI...\fP a list of components ended with NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_name (krb5_context context, const char * name, krb5_principal * principal)" +.PP +Parse a name into a krb5_principal structure +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIname\fP name to parse into a Kerberos principal +.br +\fIprincipal\fP returned principal, free with \fBkrb5_free_principal()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_name_flags (krb5_context context, const char * name, int flags, krb5_principal * principal)" +.PP +Parse a name into a krb5_principal structure, flags controls the behavior. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIname\fP name to parse into a Kerberos principal +.br +\fIflags\fP flags to control the behavior +.br +\fIprincipal\fP returned principal, free with \fBkrb5_free_principal()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_nametype (krb5_context context, const char * str, int32_t * nametype)" +.PP +Parse nametype string and return a nametype integer +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_compare (krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2)" +.PP +Compares the two principals, including realm of the principals and returns TRUE if they are the same and FALSE if not. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIprinc1\fP first principal to compare +.br +\fIprinc2\fP second principal to compare +.RE +.PP +\fBSee also:\fP +.RS 4 +\fBkrb5_principal_compare_any_realm()\fP +.PP +\fBkrb5_realm_compare()\fP +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_compare_any_realm (krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2)" +.PP +Return TRUE iff princ1 == princ2 (without considering the realm) +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIprinc1\fP first principal to compare +.br +\fIprinc2\fP second principal to compare +.RE +.PP +\fBReturns:\fP +.RS 4 +non zero if equal, 0 if not +.RE +.PP +\fBSee also:\fP +.RS 4 +\fBkrb5_principal_compare()\fP +.PP +\fBkrb5_realm_compare()\fP +.RE +.PP + +.SS "KRB5_LIB_FUNCTION unsigned int KRB5_LIB_CALL krb5_principal_get_num_comp (krb5_context context, krb5_const_principal principal)" +.PP +Get number of component is principal. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIprincipal\fP principal to query +.RE +.PP +\fBReturns:\fP +.RS 4 +number of components in string +.RE +.PP + +.SS "KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_principal_get_realm (krb5_context context, krb5_const_principal principal)" +.PP +Get the realm of the principal +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIprincipal\fP principal to get the realm for +.RE +.PP +\fBReturns:\fP +.RS 4 +realm of the principal, don't free or use after krb5_principal is freed +.RE +.PP + +.SS "KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_principal_get_type (krb5_context context, krb5_const_principal principal)" +.PP +Get the type of the principal +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIprincipal\fP principal to get the type for +.RE +.PP +\fBReturns:\fP +.RS 4 +the type of principal +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_is_krbtgt (krb5_context context, krb5_const_principal p)" +.PP +Check if the cname part of the principal is a krbtgt principal +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_match (krb5_context context, krb5_const_principal princ, krb5_const_principal pattern)" +.PP +return TRUE iff princ matches pattern +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_principal_set_realm (krb5_context context, krb5_principal principal, krb5_const_realm realm)" +.PP +Set a new realm for a principal, and as a side-effect free the previous realm. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIprincipal\fP principal set the realm for +.br +\fIrealm\fP the new realm to set +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_principal_set_type (krb5_context context, krb5_principal principal, int type)" +.PP +Set the type of the principal +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIprincipal\fP principal to set the type for +.br +\fItype\fP the new type +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_realm_compare (krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2)" +.PP +return TRUE iff realm(princ1) == realm(princ2) +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIprinc1\fP first principal to compare +.br +\fIprinc2\fP second principal to compare +.RE +.PP +\fBSee also:\fP +.RS 4 +\fBkrb5_principal_compare_any_realm()\fP +.PP +\fBkrb5_principal_compare()\fP +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sname_to_principal (krb5_context context, const char * hostname, const char * sname, int32_t type, krb5_principal * ret_princ)" +.PP +Create a principal for the service running on hostname. If KRB5_NT_SRV_HST is used, the hostname is canonization using DNS (or some other service), this is potentially insecure. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIhostname\fP hostname to use +.br +\fIsname\fP Service name to use +.br +\fItype\fP name type of pricipal, use KRB5_NT_SRV_HST or KRB5_NT_UNKNOWN. +.br +\fIret_princ\fP return principal, free with \fBkrb5_free_principal()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name (krb5_context context, krb5_const_principal principal, char ** name)" +.PP +Unparse the Kerberos name into a string +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIprincipal\fP principal to query +.br +\fIname\fP resulting string, free with krb5_xfree() +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_fixed (krb5_context context, krb5_const_principal principal, char * name, size_t len)" +.PP +Unparse the principal name to a fixed buffer +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIprincipal\fP principal to unparse +.br +\fIname\fP buffer to write name to +.br +\fIlen\fP length of buffer +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_fixed_flags (krb5_context context, krb5_const_principal principal, int flags, char * name, size_t len)" +.PP +Unparse the principal name with unparse flags to a fixed buffer. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIprincipal\fP principal to unparse +.br +\fIflags\fP unparse flags +.br +\fIname\fP buffer to write name to +.br +\fIlen\fP length of buffer +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_fixed_short (krb5_context context, krb5_const_principal principal, char * name, size_t len)" +.PP +Unparse the principal name to a fixed buffer. The realm is skipped if its a default realm. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIprincipal\fP principal to unparse +.br +\fIname\fP buffer to write name to +.br +\fIlen\fP length of buffer +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_flags (krb5_context context, krb5_const_principal principal, int flags, char ** name)" +.PP +Unparse the Kerberos name into a string +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIprincipal\fP principal to query +.br +\fIflags\fP flag to determine the behavior +.br +\fIname\fP resulting string, free with krb5_xfree() +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_short (krb5_context context, krb5_const_principal principal, char ** name)" +.PP +Unparse the principal name to a allocated buffer. The realm is skipped if its a default realm. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos context. +.br +\fIprincipal\fP principal to unparse +.br +\fIname\fP returned buffer, free with krb5_xfree() +.RE +.PP +\fBReturns:\fP +.RS 4 +An krb5 error code, see krb5_get_error_message(). +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_principal_compare.3 b/doc/doxyout/krb5/man/man3/krb5_principal_compare.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_principal_compare.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_principal_compare_any_realm.3 b/doc/doxyout/krb5/man/man3/krb5_principal_compare_any_realm.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_principal_compare_any_realm.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_principal_get_num_comp.3 b/doc/doxyout/krb5/man/man3/krb5_principal_get_num_comp.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_principal_get_num_comp.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_principal_get_realm.3 b/doc/doxyout/krb5/man/man3/krb5_principal_get_realm.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_principal_get_realm.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_principal_get_type.3 b/doc/doxyout/krb5/man/man3/krb5_principal_get_type.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_principal_get_type.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_principal_intro.3 b/doc/doxyout/krb5/man/man3/krb5_principal_intro.3 new file mode 100644 index 000000000000..b9d11602b281 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_principal_intro.3 @@ -0,0 +1,17 @@ +.TH "krb5_principal_intro" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +krb5_principal_intro \- The principal handing functions. +A Kerberos principal is a email address looking string that contains to parts separeted by a @. The later part is the kerbero realm the principal belongs to and the former is a list of 0 or more components. For example +.PP +.nf + +lha@SU.SE +host/hummel.it.su.se@SU.SE +host/admin@H5L.ORG + +.fi +.PP +.PP +See the library functions here: \fBHeimdal Kerberos 5 principal functions\fP diff --git a/doc/doxyout/krb5/man/man3/krb5_principal_is_krbtgt.3 b/doc/doxyout/krb5/man/man3/krb5_principal_is_krbtgt.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_principal_is_krbtgt.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_principal_match.3 b/doc/doxyout/krb5/man/man3/krb5_principal_match.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_principal_match.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_principal_set_realm.3 b/doc/doxyout/krb5/man/man3/krb5_principal_set_realm.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_principal_set_realm.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_principal_set_type.3 b/doc/doxyout/krb5/man/man3/krb5_principal_set_type.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_principal_set_type.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_print_address.3 b/doc/doxyout/krb5/man/man3/krb5_print_address.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_print_address.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_random_to_key.3 b/doc/doxyout/krb5/man/man3/krb5_random_to_key.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_random_to_key.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_rd_req_ctx.3 b/doc/doxyout/krb5/man/man3/krb5_rd_req_ctx.3 new file mode 100644 index 000000000000..a329e38ee1a7 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_rd_req_ctx.3 @@ -0,0 +1 @@ +.so man3/krb5_auth.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_rd_req_in_ctx_alloc.3 b/doc/doxyout/krb5/man/man3/krb5_rd_req_in_ctx_alloc.3 new file mode 100644 index 000000000000..a329e38ee1a7 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_rd_req_in_ctx_alloc.3 @@ -0,0 +1 @@ +.so man3/krb5_auth.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_rd_req_in_set_keytab.3 b/doc/doxyout/krb5/man/man3/krb5_rd_req_in_set_keytab.3 new file mode 100644 index 000000000000..a329e38ee1a7 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_rd_req_in_set_keytab.3 @@ -0,0 +1 @@ +.so man3/krb5_auth.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_rd_req_in_set_pac_check.3 b/doc/doxyout/krb5/man/man3/krb5_rd_req_in_set_pac_check.3 new file mode 100644 index 000000000000..a329e38ee1a7 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_rd_req_in_set_pac_check.3 @@ -0,0 +1 @@ +.so man3/krb5_auth.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_rd_req_out_ctx_free.3 b/doc/doxyout/krb5/man/man3/krb5_rd_req_out_ctx_free.3 new file mode 100644 index 000000000000..a329e38ee1a7 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_rd_req_out_ctx_free.3 @@ -0,0 +1 @@ +.so man3/krb5_auth.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_rd_req_out_get_server.3 b/doc/doxyout/krb5/man/man3/krb5_rd_req_out_get_server.3 new file mode 100644 index 000000000000..a329e38ee1a7 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_rd_req_out_get_server.3 @@ -0,0 +1 @@ +.so man3/krb5_auth.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_realm_compare.3 b/doc/doxyout/krb5/man/man3/krb5_realm_compare.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_realm_compare.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_address.3 b/doc/doxyout/krb5/man/man3/krb5_ret_address.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_address.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_addrs.3 b/doc/doxyout/krb5/man/man3/krb5_ret_addrs.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_addrs.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_authdata.3 b/doc/doxyout/krb5/man/man3/krb5_ret_authdata.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_authdata.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_creds.3 b/doc/doxyout/krb5/man/man3/krb5_ret_creds.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_creds.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_creds_tag.3 b/doc/doxyout/krb5/man/man3/krb5_ret_creds_tag.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_creds_tag.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_data.3 b/doc/doxyout/krb5/man/man3/krb5_ret_data.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_data.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_int16.3 b/doc/doxyout/krb5/man/man3/krb5_ret_int16.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_int16.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_int32.3 b/doc/doxyout/krb5/man/man3/krb5_ret_int32.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_int32.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_int8.3 b/doc/doxyout/krb5/man/man3/krb5_ret_int8.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_int8.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_keyblock.3 b/doc/doxyout/krb5/man/man3/krb5_ret_keyblock.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_keyblock.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_principal.3 b/doc/doxyout/krb5/man/man3/krb5_ret_principal.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_principal.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_string.3 b/doc/doxyout/krb5/man/man3/krb5_ret_string.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_string.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_stringz.3 b/doc/doxyout/krb5/man/man3/krb5_ret_stringz.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_stringz.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_times.3 b/doc/doxyout/krb5/man/man3/krb5_ret_times.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_times.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_uint16.3 b/doc/doxyout/krb5/man/man3/krb5_ret_uint16.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_uint16.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_uint32.3 b/doc/doxyout/krb5/man/man3/krb5_ret_uint32.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_uint32.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ret_uint8.3 b/doc/doxyout/krb5/man/man3/krb5_ret_uint8.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ret_uint8.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_config_files.3 b/doc/doxyout/krb5/man/man3/krb5_set_config_files.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_config_files.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_default_in_tkt_etypes.3 b/doc/doxyout/krb5/man/man3/krb5_set_default_in_tkt_etypes.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_default_in_tkt_etypes.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_dns_canonicalize_hostname.3 b/doc/doxyout/krb5/man/man3/krb5_set_dns_canonicalize_hostname.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_dns_canonicalize_hostname.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_error_message.3 b/doc/doxyout/krb5/man/man3/krb5_set_error_message.3 new file mode 100644 index 000000000000..f721fda2cd4b --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_error_message.3 @@ -0,0 +1 @@ +.so man3/krb5_error.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_error_string.3 b/doc/doxyout/krb5/man/man3/krb5_set_error_string.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_error_string.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_extra_addresses.3 b/doc/doxyout/krb5/man/man3/krb5_set_extra_addresses.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_extra_addresses.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_fcache_version.3 b/doc/doxyout/krb5/man/man3/krb5_set_fcache_version.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_fcache_version.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_home_dir_access.3 b/doc/doxyout/krb5/man/man3/krb5_set_home_dir_access.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_home_dir_access.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_ignore_addresses.3 b/doc/doxyout/krb5/man/man3/krb5_set_ignore_addresses.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_ignore_addresses.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_kdc_sec_offset.3 b/doc/doxyout/krb5/man/man3/krb5_set_kdc_sec_offset.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_kdc_sec_offset.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_max_time_skew.3 b/doc/doxyout/krb5/man/man3/krb5_set_max_time_skew.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_max_time_skew.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_password.3 b/doc/doxyout/krb5/man/man3/krb5_set_password.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_password.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_real_time.3 b/doc/doxyout/krb5/man/man3/krb5_set_real_time.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_real_time.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_set_use_admin_kdc.3 b/doc/doxyout/krb5/man/man3/krb5_set_use_admin_kdc.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_set_use_admin_kdc.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_sname_to_principal.3 b/doc/doxyout/krb5/man/man3/krb5_sname_to_principal.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_sname_to_principal.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_sockaddr2address.3 b/doc/doxyout/krb5/man/man3/krb5_sockaddr2address.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_sockaddr2address.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_sockaddr2port.3 b/doc/doxyout/krb5/man/man3/krb5_sockaddr2port.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_sockaddr2port.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_sockaddr_uninteresting.3 b/doc/doxyout/krb5/man/man3/krb5_sockaddr_uninteresting.3 new file mode 100644 index 000000000000..de56fa15d113 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_sockaddr_uninteresting.3 @@ -0,0 +1 @@ +.so man3/krb5_address.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage.3 b/doc/doxyout/krb5/man/man3/krb5_storage.3 new file mode 100644 index 000000000000..576895de6669 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage.3 @@ -0,0 +1,1055 @@ +.TH "Heimdal Kerberos 5 storage functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 storage functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_storage_set_flags\fP (krb5_storage *sp, krb5_flags flags)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_storage_clear_flags\fP (krb5_storage *sp, krb5_flags flags)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_storage_is_flags\fP (krb5_storage *sp, krb5_flags flags)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_storage_set_byteorder\fP (krb5_storage *sp, krb5_flags byteorder)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL \fBkrb5_storage_get_byteorder\fP (krb5_storage *sp)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_storage_set_max_alloc\fP (krb5_storage *sp, size_t size)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL \fBkrb5_storage_seek\fP (krb5_storage *sp, off_t offset, int whence)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION int KRB5_LIB_CALL \fBkrb5_storage_truncate\fP (krb5_storage *sp, off_t offset)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL \fBkrb5_storage_read\fP (krb5_storage *sp, void *buf, size_t len)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL \fBkrb5_storage_write\fP (krb5_storage *sp, const void *buf, size_t len)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_storage_set_eof_code\fP (krb5_storage *sp, int code)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION int KRB5_LIB_CALL \fBkrb5_storage_get_eof_code\fP (krb5_storage *sp)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_storage_free\fP (krb5_storage *sp)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_storage_to_data\fP (krb5_storage *sp, krb5_data *data)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_int32\fP (krb5_storage *sp, int32_t value)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_uint32\fP (krb5_storage *sp, uint32_t value)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_int32\fP (krb5_storage *sp, int32_t *value)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_uint32\fP (krb5_storage *sp, uint32_t *value)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_int16\fP (krb5_storage *sp, int16_t value)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_uint16\fP (krb5_storage *sp, uint16_t value)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_int16\fP (krb5_storage *sp, int16_t *value)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_uint16\fP (krb5_storage *sp, uint16_t *value)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_int8\fP (krb5_storage *sp, int8_t value)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_uint8\fP (krb5_storage *sp, uint8_t value)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_int8\fP (krb5_storage *sp, int8_t *value)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_uint8\fP (krb5_storage *sp, uint8_t *value)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_data\fP (krb5_storage *sp, krb5_data data)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_data\fP (krb5_storage *sp, krb5_data *data)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_string\fP (krb5_storage *sp, const char *s)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_string\fP (krb5_storage *sp, char **string)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_stringz\fP (krb5_storage *sp, const char *s)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_stringz\fP (krb5_storage *sp, char **string)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_principal\fP (krb5_storage *sp, krb5_const_principal p)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_principal\fP (krb5_storage *sp, krb5_principal *princ)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_keyblock\fP (krb5_storage *sp, krb5_keyblock p)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_keyblock\fP (krb5_storage *sp, krb5_keyblock *p)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_times\fP (krb5_storage *sp, krb5_times times)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_times\fP (krb5_storage *sp, krb5_times *times)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_address\fP (krb5_storage *sp, krb5_address p)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_address\fP (krb5_storage *sp, krb5_address *adr)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_addrs\fP (krb5_storage *sp, krb5_addresses p)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_addrs\fP (krb5_storage *sp, krb5_addresses *adr)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_authdata\fP (krb5_storage *sp, krb5_authdata auth)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_authdata\fP (krb5_storage *sp, krb5_authdata *auth)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_creds\fP (krb5_storage *sp, krb5_creds *creds)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_creds\fP (krb5_storage *sp, krb5_creds *creds)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_store_creds_tag\fP (krb5_storage *sp, krb5_creds *creds)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_ret_creds_tag\fP (krb5_storage *sp, krb5_creds *creds)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_storage *KRB5_LIB_CALL \fBkrb5_storage_emem\fP (void)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_storage *KRB5_LIB_CALL \fBkrb5_storage_from_fd\fP (krb5_socket_t fd_in)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_storage *KRB5_LIB_CALL \fBkrb5_storage_from_mem\fP (void *buf, size_t len)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_storage *KRB5_LIB_CALL \fBkrb5_storage_from_data\fP (krb5_data *data)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_storage *KRB5_LIB_CALL \fBkrb5_storage_from_readonly_mem\fP (const void *buf, size_t len)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_address (krb5_storage * sp, krb5_address * adr)" +.PP +Read a address block from the storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIadr\fP the address block read from storage +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_addrs (krb5_storage * sp, krb5_addresses * adr)" +.PP +Read a addresses block from the storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIadr\fP the addresses block read from storage +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_authdata (krb5_storage * sp, krb5_authdata * auth)" +.PP +Read a auth data from the storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIauth\fP the auth data block read from storage +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_creds (krb5_storage * sp, krb5_creds * creds)" +.PP +Read a credentials block from the storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIcreds\fP the credentials block read from storage +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_creds_tag (krb5_storage * sp, krb5_creds * creds)" +.PP +Read a tagged credentials block from the storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIcreds\fP the credentials block read from storage +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_data (krb5_storage * sp, krb5_data * data)" +.PP +Parse a data from the storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to read from +.br +\fIdata\fP the parsed data +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_int16 (krb5_storage * sp, int16_t * value)" +.PP +Read a int16 from storage, byte order is controlled by the settings on the storage, see \fBkrb5_storage_set_byteorder()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to write too +.br +\fIvalue\fP the value read from the buffer +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_int32 (krb5_storage * sp, int32_t * value)" +.PP +Read a int32 from storage, byte order is controlled by the settings on the storage, see \fBkrb5_storage_set_byteorder()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to write too +.br +\fIvalue\fP the value read from the buffer +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_int8 (krb5_storage * sp, int8_t * value)" +.PP +Read a int8 from storage +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to write too +.br +\fIvalue\fP the value read from the buffer +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_keyblock (krb5_storage * sp, krb5_keyblock * p)" +.PP +Read a keyblock from the storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIp\fP the keyblock read from storage, free using \fBkrb5_free_keyblock()\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_principal (krb5_storage * sp, krb5_principal * princ)" +.PP +Parse principal from the storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to read from +.br +\fIprinc\fP the parsed principal +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_string (krb5_storage * sp, char ** string)" +.PP +Parse a string from the storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to read from +.br +\fIstring\fP the parsed string +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_stringz (krb5_storage * sp, char ** string)" +.PP +Parse zero terminated string from the storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to read from +.br +\fIstring\fP the parsed string +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_times (krb5_storage * sp, krb5_times * times)" +.PP +Read a times block from the storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fItimes\fP the times block read from storage +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_uint16 (krb5_storage * sp, uint16_t * value)" +.PP +Read a int16 from storage, byte order is controlled by the settings on the storage, see \fBkrb5_storage_set_byteorder()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to write too +.br +\fIvalue\fP the value read from the buffer +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_uint32 (krb5_storage * sp, uint32_t * value)" +.PP +Read a uint32 from storage, byte order is controlled by the settings on the storage, see \fBkrb5_storage_set_byteorder()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to write too +.br +\fIvalue\fP the value read from the buffer +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_uint8 (krb5_storage * sp, uint8_t * value)" +.PP +Read a uint8 from storage +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to write too +.br +\fIvalue\fP the value read from the buffer +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_clear_flags (krb5_storage * sp, krb5_flags flags)" +.PP +Clear the flags on a storage buffer +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to clear the flags on +.br +\fIflags\fP the flags to clear +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_storage* KRB5_LIB_CALL krb5_storage_emem (void)" +.PP +Create a elastic (allocating) memory storage backend. Memory is allocated on demand. Free returned krb5_storage with \fBkrb5_storage_free()\fP. +.PP +\fBReturns:\fP +.RS 4 +A krb5_storage on success, or NULL on out of memory error. +.RE +.PP +\fBSee also:\fP +.RS 4 +\fBkrb5_storage_from_mem()\fP +.PP +\fBkrb5_storage_from_readonly_mem()\fP +.PP +\fBkrb5_storage_from_fd()\fP +.PP +\fBkrb5_storage_from_data()\fP +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_storage_free (krb5_storage * sp)" +.PP +Free a krb5 storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to free. +.RE +.PP +\fBReturns:\fP +.RS 4 +An Kerberos 5 error code. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_storage* KRB5_LIB_CALL krb5_storage_from_data (krb5_data * data)" +.PP +Create a fixed size memory storage block +.PP +\fBReturns:\fP +.RS 4 +A krb5_storage on success, or NULL on out of memory error. +.RE +.PP +\fBSee also:\fP +.RS 4 +krb5_storage_mem() +.PP +\fBkrb5_storage_from_mem()\fP +.PP +\fBkrb5_storage_from_readonly_mem()\fP +.PP +\fBkrb5_storage_from_fd()\fP +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_storage* KRB5_LIB_CALL krb5_storage_from_fd (krb5_socket_t fd_in)" +.PP +\fBReturns:\fP +.RS 4 +A krb5_storage on success, or NULL on out of memory error. +.RE +.PP +\fBSee also:\fP +.RS 4 +\fBkrb5_storage_emem()\fP +.PP +\fBkrb5_storage_from_mem()\fP +.PP +\fBkrb5_storage_from_readonly_mem()\fP +.PP +\fBkrb5_storage_from_data()\fP +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_storage* KRB5_LIB_CALL krb5_storage_from_mem (void * buf, size_t len)" +.PP +Create a fixed size memory storage block +.PP +\fBReturns:\fP +.RS 4 +A krb5_storage on success, or NULL on out of memory error. +.RE +.PP +\fBSee also:\fP +.RS 4 +krb5_storage_mem() +.PP +\fBkrb5_storage_from_readonly_mem()\fP +.PP +\fBkrb5_storage_from_data()\fP +.PP +\fBkrb5_storage_from_fd()\fP +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_storage* KRB5_LIB_CALL krb5_storage_from_readonly_mem (const void * buf, size_t len)" +.PP +Create a fixed size memory storage block that is read only +.PP +\fBReturns:\fP +.RS 4 +A krb5_storage on success, or NULL on out of memory error. +.RE +.PP +\fBSee also:\fP +.RS 4 +krb5_storage_mem() +.PP +\fBkrb5_storage_from_mem()\fP +.PP +\fBkrb5_storage_from_data()\fP +.PP +\fBkrb5_storage_from_fd()\fP +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL krb5_storage_get_byteorder (krb5_storage * sp)" +.PP +Return the current byteorder for the buffer. See \fBkrb5_storage_set_byteorder()\fP for the list or byte order contants. +.SS "KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_storage_get_eof_code (krb5_storage * sp)" +.PP +Get the return code that will be used when end of storage is reached. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage +.RE +.PP +\fBReturns:\fP +.RS 4 +storage error code +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_storage_is_flags (krb5_storage * sp, krb5_flags flags)" +.PP +Return true or false depending on if the storage flags is set or not. NB testing for the flag 0 always return true. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to check flags on +.br +\fIflags\fP The flags to test for +.RE +.PP +\fBReturns:\fP +.RS 4 +true if all the flags are set, false if not. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_storage_read (krb5_storage * sp, void * buf, size_t len)" +.PP +Read to the storage buffer. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to read from +.br +\fIbuf\fP the buffer to store the data in +.br +\fIlen\fP the length to read +.RE +.PP +\fBReturns:\fP +.RS 4 +The length of data read (can be shorter then len), or negative on error. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL krb5_storage_seek (krb5_storage * sp, off_t offset, int whence)" +.PP +Seek to a new offset. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to seek in. +.br +\fIoffset\fP the offset to seek +.br +\fIwhence\fP relateive searching, SEEK_CUR from the current position, SEEK_END from the end, SEEK_SET absolute from the start. +.RE +.PP +\fBReturns:\fP +.RS 4 +The new current offset +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_byteorder (krb5_storage * sp, krb5_flags byteorder)" +.PP +Set the new byte order of the storage buffer. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to set the byte order for. +.br +\fIbyteorder\fP the new byte order. +.RE +.PP +The byte order are: KRB5_STORAGE_BYTEORDER_BE, KRB5_STORAGE_BYTEORDER_LE and KRB5_STORAGE_BYTEORDER_HOST. +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_eof_code (krb5_storage * sp, int code)" +.PP +Set the return code that will be used when end of storage is reached. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage +.br +\fIcode\fP the error code to return on end of storage +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_flags (krb5_storage * sp, krb5_flags flags)" +.PP +Add the flags on a storage buffer by or-ing in the flags to the buffer. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to set the flags on +.br +\fIflags\fP the flags to set +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_max_alloc (krb5_storage * sp, size_t size)" +.PP +Set the max alloc value +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer set the max allow for +.br +\fIsize\fP maximum size to allocate, use 0 to remove limit +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_storage_to_data (krb5_storage * sp, krb5_data * data)" +.PP +Copy the contnent of storage +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to copy to a data +.br +\fIdata\fP the copied data, free with \fBkrb5_data_free()\fP +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_storage_truncate (krb5_storage * sp, off_t offset)" +.PP +Truncate the storage buffer in sp to offset. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to truncate. +.br +\fIoffset\fP the offset to truncate too. +.RE +.PP +\fBReturns:\fP +.RS 4 +An Kerberos 5 error code. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_storage_write (krb5_storage * sp, const void * buf, size_t len)" +.PP +Write to the storage buffer. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIbuf\fP the buffer to write to the storage buffer +.br +\fIlen\fP the length to write +.RE +.PP +\fBReturns:\fP +.RS 4 +The length of data written (can be shorter then len), or negative on error. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_address (krb5_storage * sp, krb5_address p)" +.PP +Write a address block to storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIp\fP the address block to write. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_addrs (krb5_storage * sp, krb5_addresses p)" +.PP +Write a addresses block to storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIp\fP the addresses block to write. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_authdata (krb5_storage * sp, krb5_authdata auth)" +.PP +Write a auth data block to storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIauth\fP the auth data block to write. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_creds (krb5_storage * sp, krb5_creds * creds)" +.PP +Write a credentials block to storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIcreds\fP the creds block to write. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_creds_tag (krb5_storage * sp, krb5_creds * creds)" +.PP +Write a tagged credentials block to storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIcreds\fP the creds block to write. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_data (krb5_storage * sp, krb5_data data)" +.PP +Store a data to the storage. The data is stored with an int32 as lenght plus the data (not padded). +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIdata\fP the buffer to store. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_int16 (krb5_storage * sp, int16_t value)" +.PP +Store a int16 to storage, byte order is controlled by the settings on the storage, see \fBkrb5_storage_set_byteorder()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to write too +.br +\fIvalue\fP the value to store +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_int32 (krb5_storage * sp, int32_t value)" +.PP +Store a int32 to storage, byte order is controlled by the settings on the storage, see \fBkrb5_storage_set_byteorder()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to write too +.br +\fIvalue\fP the value to store +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_int8 (krb5_storage * sp, int8_t value)" +.PP +Store a int8 to storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to write too +.br +\fIvalue\fP the value to store +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_keyblock (krb5_storage * sp, krb5_keyblock p)" +.PP +Store a keyblock to the storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIp\fP the keyblock to write +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_principal (krb5_storage * sp, krb5_const_principal p)" +.PP +Write a principal block to storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIp\fP the principal block to write. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_string (krb5_storage * sp, const char * s)" +.PP +Store a string to the buffer. The data is formated as an len:uint32 plus the string itself (not padded). +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIs\fP the string to store. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_stringz (krb5_storage * sp, const char * s)" +.PP +Store a zero terminated string to the buffer. The data is stored one character at a time until a NUL is stored. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fIs\fP the string to store. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_times (krb5_storage * sp, krb5_times times)" +.PP +Write a times block to storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage buffer to write to +.br +\fItimes\fP the times block to write. +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_uint16 (krb5_storage * sp, uint16_t value)" +.PP +Store a uint16 to storage, byte order is controlled by the settings on the storage, see \fBkrb5_storage_set_byteorder()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to write too +.br +\fIvalue\fP the value to store +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_uint32 (krb5_storage * sp, uint32_t value)" +.PP +Store a uint32 to storage, byte order is controlled by the settings on the storage, see \fBkrb5_storage_set_byteorder()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to write too +.br +\fIvalue\fP the value to store +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_uint8 (krb5_storage * sp, uint8_t value)" +.PP +Store a uint8 to storage. +.PP +\fBParameters:\fP +.RS 4 +\fIsp\fP the storage to write too +.br +\fIvalue\fP the value to store +.RE +.PP +\fBReturns:\fP +.RS 4 +0 for success, or a Kerberos 5 error code on failure. +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_clear_flags.3 b/doc/doxyout/krb5/man/man3/krb5_storage_clear_flags.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_clear_flags.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_emem.3 b/doc/doxyout/krb5/man/man3/krb5_storage_emem.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_emem.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_free.3 b/doc/doxyout/krb5/man/man3/krb5_storage_free.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_free.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_from_data.3 b/doc/doxyout/krb5/man/man3/krb5_storage_from_data.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_from_data.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_from_fd.3 b/doc/doxyout/krb5/man/man3/krb5_storage_from_fd.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_from_fd.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_from_mem.3 b/doc/doxyout/krb5/man/man3/krb5_storage_from_mem.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_from_mem.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_from_readonly_mem.3 b/doc/doxyout/krb5/man/man3/krb5_storage_from_readonly_mem.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_from_readonly_mem.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_get_byteorder.3 b/doc/doxyout/krb5/man/man3/krb5_storage_get_byteorder.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_get_byteorder.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_get_eof_code.3 b/doc/doxyout/krb5/man/man3/krb5_storage_get_eof_code.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_get_eof_code.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_is_flags.3 b/doc/doxyout/krb5/man/man3/krb5_storage_is_flags.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_is_flags.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_read.3 b/doc/doxyout/krb5/man/man3/krb5_storage_read.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_read.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_seek.3 b/doc/doxyout/krb5/man/man3/krb5_storage_seek.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_seek.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_set_byteorder.3 b/doc/doxyout/krb5/man/man3/krb5_storage_set_byteorder.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_set_byteorder.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_set_eof_code.3 b/doc/doxyout/krb5/man/man3/krb5_storage_set_eof_code.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_set_eof_code.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_set_flags.3 b/doc/doxyout/krb5/man/man3/krb5_storage_set_flags.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_set_flags.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_set_max_alloc.3 b/doc/doxyout/krb5/man/man3/krb5_storage_set_max_alloc.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_set_max_alloc.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_to_data.3 b/doc/doxyout/krb5/man/man3/krb5_storage_to_data.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_to_data.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_truncate.3 b/doc/doxyout/krb5/man/man3/krb5_storage_truncate.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_truncate.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_storage_write.3 b/doc/doxyout/krb5/man/man3/krb5_storage_write.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_storage_write.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_address.3 b/doc/doxyout/krb5/man/man3/krb5_store_address.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_address.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_addrs.3 b/doc/doxyout/krb5/man/man3/krb5_store_addrs.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_addrs.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_authdata.3 b/doc/doxyout/krb5/man/man3/krb5_store_authdata.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_authdata.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_creds.3 b/doc/doxyout/krb5/man/man3/krb5_store_creds.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_creds.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_creds_tag.3 b/doc/doxyout/krb5/man/man3/krb5_store_creds_tag.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_creds_tag.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_data.3 b/doc/doxyout/krb5/man/man3/krb5_store_data.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_data.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_int16.3 b/doc/doxyout/krb5/man/man3/krb5_store_int16.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_int16.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_int32.3 b/doc/doxyout/krb5/man/man3/krb5_store_int32.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_int32.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_int8.3 b/doc/doxyout/krb5/man/man3/krb5_store_int8.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_int8.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_keyblock.3 b/doc/doxyout/krb5/man/man3/krb5_store_keyblock.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_keyblock.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_principal.3 b/doc/doxyout/krb5/man/man3/krb5_store_principal.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_principal.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_string.3 b/doc/doxyout/krb5/man/man3/krb5_store_string.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_string.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_stringz.3 b/doc/doxyout/krb5/man/man3/krb5_store_stringz.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_stringz.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_times.3 b/doc/doxyout/krb5/man/man3/krb5_store_times.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_times.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_uint16.3 b/doc/doxyout/krb5/man/man3/krb5_store_uint16.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_uint16.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_uint32.3 b/doc/doxyout/krb5/man/man3/krb5_store_uint32.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_uint32.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_store_uint8.3 b/doc/doxyout/krb5/man/man3/krb5_store_uint8.3 new file mode 100644 index 000000000000..de414358a467 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_store_uint8.3 @@ -0,0 +1 @@ +.so man3/krb5_storage.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_string_to_keytype.3 b/doc/doxyout/krb5/man/man3/krb5_string_to_keytype.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_string_to_keytype.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_support.3 b/doc/doxyout/krb5/man/man3/krb5_support.3 new file mode 100644 index 000000000000..7c1c5a62ebf2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_support.3 @@ -0,0 +1,650 @@ +.TH "Heimdal Kerberos 5 support functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 support functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_acl_match_string\fP (krb5_context context, const char *string, const char *format,...)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_acl_match_file\fP (krb5_context context, const char *file, const char *format,...)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_config_parse_file_multi\fP (krb5_context context, const char *fname, krb5_config_section **res)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_config_file_free\fP (krb5_context context, krb5_config_section *s)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const krb5_config_binding *KRB5_LIB_CALL \fBkrb5_config_get_list\fP (krb5_context context, const krb5_config_section *c,...)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const krb5_config_binding *KRB5_LIB_CALL \fBkrb5_config_vget_list\fP (krb5_context context, const krb5_config_section *c, va_list args)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const char *KRB5_LIB_CALL \fBkrb5_config_get_string\fP (krb5_context context, const krb5_config_section *c,...)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const char *KRB5_LIB_CALL \fBkrb5_config_vget_string\fP (krb5_context context, const krb5_config_section *c, va_list args)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const char *KRB5_LIB_CALL \fBkrb5_config_vget_string_default\fP (krb5_context context, const krb5_config_section *c, const char *def_value, va_list args)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION const char *KRB5_LIB_CALL \fBkrb5_config_get_string_default\fP (krb5_context context, const krb5_config_section *c, const char *def_value,...)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION char **KRB5_LIB_CALL \fBkrb5_config_vget_strings\fP (krb5_context context, const krb5_config_section *c, va_list args)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION char **KRB5_LIB_CALL \fBkrb5_config_get_strings\fP (krb5_context context, const krb5_config_section *c,...)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_config_free_strings\fP (char **strings)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_config_vget_bool_default\fP (krb5_context context, const krb5_config_section *c, krb5_boolean def_value, va_list args)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_config_vget_bool\fP (krb5_context context, const krb5_config_section *c, va_list args)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_config_get_bool_default\fP (krb5_context context, const krb5_config_section *c, krb5_boolean def_value,...)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_config_get_bool\fP (krb5_context context, const krb5_config_section *c,...)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION int KRB5_LIB_CALL \fBkrb5_config_vget_time_default\fP (krb5_context context, const krb5_config_section *c, int def_value, va_list args)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION int KRB5_LIB_CALL \fBkrb5_config_vget_time\fP (krb5_context context, const krb5_config_section *c, va_list args)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION int KRB5_LIB_CALL \fBkrb5_config_get_time_default\fP (krb5_context context, const krb5_config_section *c, int def_value,...)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION int KRB5_LIB_CALL \fBkrb5_config_get_time\fP (krb5_context context, const krb5_config_section *c,...)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_expand_hostname\fP (krb5_context context, const char *orig_hostname, char **new_hostname)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_expand_hostname_realms\fP (krb5_context context, const char *orig_hostname, char **new_hostname, char ***realms)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_free_host_realm\fP (krb5_context context, krb5_realm *realmlist)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL \fBkrb5_kuserok\fP (krb5_context context, krb5_principal principal, const char *luser)" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_plugin_register\fP (krb5_context context, enum krb5_plugin_type type, const char *name, void *symbol)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_acl_match_file (krb5_context context, const char * file, const char * format, ...)" +.PP +krb5_acl_match_file matches ACL format against each line in a file using \fBkrb5_acl_match_string()\fP. Lines starting with # are treated like comments and ignored. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIfile\fP file with acl listed in the file. +.br +\fIformat\fP format to match. +.br +\fI...\fP parameter to format string. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP +\fBSee also:\fP +.RS 4 +\fBkrb5_acl_match_string\fP +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_acl_match_string (krb5_context context, const char * string, const char * format, ...)" +.PP +krb5_acl_match_string matches ACL format against a string. +.PP +The ACL format has three format specifiers: s, f, and r. Each specifier will retrieve one argument from the variable arguments for either matching or storing data. The input string is split up using ' ' (space) and '\\t' (tab) as a delimiter; multiple and '\\t' in a row are considered to be the same. +.PP +List of format specifiers: +.IP "\(bu" 2 +s Matches a string using strcmp(3) (case sensitive). +.IP "\(bu" 2 +f Matches the string with fnmatch(3). Theflags argument (the last argument) passed to the fnmatch function is 0. +.IP "\(bu" 2 +r Returns a copy of the string in the char ** passed in; the copy must be freed with free(3). There is no need to free(3) the string on error: the function will clean up and set the pointer to NULL. +.PP +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context +.br +\fIstring\fP string to match with +.br +\fIformat\fP format to match +.br +\fI...\fP parameter to format string +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0. +.RE +.PP +.PP +.nf + char *s; + + ret = krb5_acl_match_string(context, 'foo', 's', 'foo'); + if (ret) + krb5_errx(context, 1, 'acl didn't match'); + ret = krb5_acl_match_string(context, 'foo foo baz/kaka', + 'ss', 'foo', &s, 'foo/\\*'); + if (ret) { + // no need to free(s) on error + assert(s == NULL); + krb5_errx(context, 1, 'acl didn't match'); + } + free(s); +.fi +.PP +.PP +\fBSee also:\fP +.RS 4 +\fBkrb5_acl_match_file\fP +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_file_free (krb5_context context, krb5_config_section * s)" +.PP +Free configuration file section, the result of krb5_config_parse_file() and \fBkrb5_config_parse_file_multi()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context +.br +\fIs\fP the configuration section to free +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on successes, otherwise an error code, see krb5_get_error_message() +.RE +.PP + +.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_config_free_strings (char ** strings)" +.PP +Free the resulting strings from krb5_config-get_strings() and \fBkrb5_config_vget_strings()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIstrings\fP strings to free +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_get_bool (krb5_context context, const krb5_config_section * c, ...)" +.PP +Like \fBkrb5_config_get_bool()\fP but with a va_list list of configuration selection. +.PP +Configuration value to a boolean value, where yes/true and any non-zero number means TRUE and other value is FALSE. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fI...\fP a list of names, terminated with NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +TRUE or FALSE +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_get_bool_default (krb5_context context, const krb5_config_section * c, krb5_boolean def_value, ...)" +.PP +\fBkrb5_config_get_bool_default()\fP will convert the configuration option value to a boolean value, where yes/true and any non-zero number means TRUE and other value is FALSE. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fIdef_value\fP the default value to return if no configuration found in the database. +.br +\fI...\fP a list of names, terminated with NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +TRUE or FALSE +.RE +.PP + +.SS "KRB5_LIB_FUNCTION const krb5_config_binding* KRB5_LIB_CALL krb5_config_get_list (krb5_context context, const krb5_config_section * c, ...)" +.PP +Get a list of configuration binding list for more processing +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fI...\fP a list of names, terminated with NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +NULL if configuration list is not found, a list otherwise +.RE +.PP + +.SS "KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_get_string (krb5_context context, const krb5_config_section * c, ...)" +.PP +Returns a 'const char *' to a string in the configuration database. The string may not be valid after a reload of the configuration database so a caller should make a local copy if it needs to keep the string. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fI...\fP a list of names, terminated with NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +NULL if configuration string not found, a string otherwise +.RE +.PP + +.SS "KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_get_string_default (krb5_context context, const krb5_config_section * c, const char * def_value, ...)" +.PP +Like \fBkrb5_config_get_string()\fP, but instead of returning NULL, instead return a default value. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fIdef_value\fP the default value to return if no configuration found in the database. +.br +\fI...\fP a list of names, terminated with NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +a configuration string +.RE +.PP + +.SS "KRB5_LIB_FUNCTION char** KRB5_LIB_CALL krb5_config_get_strings (krb5_context context, const krb5_config_section * c, ...)" +.PP +Get a list of configuration strings, free the result with \fBkrb5_config_free_strings()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fI...\fP a list of names, terminated with NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +TRUE or FALSE +.RE +.PP + +.SS "KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_time (krb5_context context, const krb5_config_section * c, ...)" +.PP +Get the time from the configuration file using a relative time, for example: 1h30s +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fI...\fP a list of names, terminated with NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +parsed the time or -1 on error +.RE +.PP + +.SS "KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_time_default (krb5_context context, const krb5_config_section * c, int def_value, ...)" +.PP +Get the time from the configuration file using a relative time, for example: 1h30s +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fIdef_value\fP the default value to return if no configuration found in the database. +.br +\fI...\fP a list of names, terminated with NULL. +.RE +.PP +\fBReturns:\fP +.RS 4 +parsed the time (or def_value on parse error) +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_parse_file_multi (krb5_context context, const char * fname, krb5_config_section ** res)" +.PP +Parse a configuration file and add the result into res. This interface can be used to parse several configuration files into one resulting krb5_config_section by calling it repeatably. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Kerberos 5 context. +.br +\fIfname\fP a file name to a Kerberos configuration file +.br +\fIres\fP the returned result, must be free with \fBkrb5_free_config_files()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.PP +If the fname starts with '~/' parse configuration file in the current users home directory. The behavior can be disabled and enabled by calling \fBkrb5_set_home_dir_access()\fP. +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_vget_bool (krb5_context context, const krb5_config_section * c, va_list args)" +.PP +\fBkrb5_config_get_bool()\fP will convert the configuration option value to a boolean value, where yes/true and any non-zero number means TRUE and other value is FALSE. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fIargs\fP a va_list of arguments +.RE +.PP +\fBReturns:\fP +.RS 4 +TRUE or FALSE +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_vget_bool_default (krb5_context context, const krb5_config_section * c, krb5_boolean def_value, va_list args)" +.PP +Like \fBkrb5_config_get_bool_default()\fP but with a va_list list of configuration selection. +.PP +Configuration value to a boolean value, where yes/true and any non-zero number means TRUE and other value is FALSE. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fIdef_value\fP the default value to return if no configuration found in the database. +.br +\fIargs\fP a va_list of arguments +.RE +.PP +\fBReturns:\fP +.RS 4 +TRUE or FALSE +.RE +.PP + +.SS "KRB5_LIB_FUNCTION const krb5_config_binding* KRB5_LIB_CALL krb5_config_vget_list (krb5_context context, const krb5_config_section * c, va_list args)" +.PP +Get a list of configuration binding list for more processing +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fIargs\fP a va_list of arguments +.RE +.PP +\fBReturns:\fP +.RS 4 +NULL if configuration list is not found, a list otherwise +.RE +.PP + +.SS "KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_vget_string (krb5_context context, const krb5_config_section * c, va_list args)" +.PP +Like \fBkrb5_config_get_string()\fP, but uses a va_list instead of ... +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fIargs\fP a va_list of arguments +.RE +.PP +\fBReturns:\fP +.RS 4 +NULL if configuration string not found, a string otherwise +.RE +.PP + +.SS "KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_vget_string_default (krb5_context context, const krb5_config_section * c, const char * def_value, va_list args)" +.PP +Like \fBkrb5_config_vget_string()\fP, but instead of returning NULL, instead return a default value. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fIdef_value\fP the default value to return if no configuration found in the database. +.br +\fIargs\fP a va_list of arguments +.RE +.PP +\fBReturns:\fP +.RS 4 +a configuration string +.RE +.PP + +.SS "KRB5_LIB_FUNCTION char** KRB5_LIB_CALL krb5_config_vget_strings (krb5_context context, const krb5_config_section * c, va_list args)" +.PP +Get a list of configuration strings, free the result with \fBkrb5_config_free_strings()\fP. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fIargs\fP a va_list of arguments +.RE +.PP +\fBReturns:\fP +.RS 4 +TRUE or FALSE +.RE +.PP + +.SS "KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_time (krb5_context context, const krb5_config_section * c, va_list args)" +.PP +Get the time from the configuration file using a relative time, for example: 1h30s +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fIargs\fP a va_list of arguments +.RE +.PP +\fBReturns:\fP +.RS 4 +parsed the time or -1 on error +.RE +.PP + +.SS "KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_time_default (krb5_context context, const krb5_config_section * c, int def_value, va_list args)" +.PP +Get the time from the configuration file using a relative time. +.PP +Like \fBkrb5_config_get_time_default()\fP but with a va_list list of configuration selection. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIc\fP a configuration section, or NULL to use the section from context +.br +\fIdef_value\fP the default value to return if no configuration found in the database. +.br +\fIargs\fP a va_list of arguments +.RE +.PP +\fBReturns:\fP +.RS 4 +parsed the time (or def_value on parse error) +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_expand_hostname (krb5_context context, const char * orig_hostname, char ** new_hostname)" +.PP +\fBkrb5_expand_hostname()\fP tries to make orig_hostname into a more canonical one in the newly allocated space returned in new_hostname. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIorig_hostname\fP hostname to canonicalise. +.br +\fInew_hostname\fP output hostname, caller must free hostname with krb5_xfree(). +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_expand_hostname_realms (krb5_context context, const char * orig_hostname, char ** new_hostname, char *** realms)" +.PP +\fBkrb5_expand_hostname_realms()\fP expands orig_hostname to a name we believe to be a hostname in newly allocated space in new_hostname and return the realms new_hostname is believed to belong to in realms. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fIorig_hostname\fP hostname to canonicalise. +.br +\fInew_hostname\fP output hostname, caller must free hostname with krb5_xfree(). +.br +\fIrealms\fP output possible realms, is an array that is terminated with NULL. Caller must free with \fBkrb5_free_host_realm()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +Return an error code or 0, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_host_realm (krb5_context context, krb5_realm * realmlist)" +.PP +Free all memory allocated by `realmlist' +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP A Kerberos 5 context. +.br +\fIrealmlist\fP realmlist to free, NULL is ok +.RE +.PP +\fBReturns:\fP +.RS 4 +a Kerberos error code, always 0. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_kuserok (krb5_context context, krb5_principal principal, const char * luser)" +.PP +This function takes the name of a local user and checks if principal is allowed to log in as that user. +.PP +The user may have a ~/.k5login file listing principals that are allowed to login as that user. If that file does not exist, all principals with a first component identical to the username, and a realm considered local, are allowed access. +.PP +The .k5login file must contain one principal per line, be owned by user and not be writable by group or other (but must be readable by anyone). +.PP +Note that if the file exists, no implicit access rights are given to user@LOCALREALM. +.PP +Optionally, a set of files may be put in ~/.k5login.d (a directory), in which case they will all be checked in the same manner as .k5login. The files may be called anything, but files starting with a hash (#) , or ending with a tilde (~) are ignored. Subdirectories are not traversed. Note that this directory may not be checked by other Kerberos implementations. +.PP +If no configuration file exists, match user against local domains, ie luser@LOCAL-REALMS-IN-CONFIGURATION-FILES. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIprincipal\fP principal to check if allowed to login +.br +\fIluser\fP local user id +.RE +.PP +\fBReturns:\fP +.RS 4 +returns TRUE if access should be granted, FALSE otherwise. +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_plugin_register (krb5_context context, enum krb5_plugin_type type, const char * name, void * symbol)" +.PP +Register a plugin symbol name of specific type. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP a Keberos context +.br +\fItype\fP type of plugin symbol +.br +\fIname\fP name of plugin symbol +.br +\fIsymbol\fP a pointer to the named symbol +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of error a non zero error com_err error is returned and the Kerberos error string is set. +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_ticket.3 b/doc/doxyout/krb5/man/man3/krb5_ticket.3 new file mode 100644 index 000000000000..36d17e6343ee --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ticket.3 @@ -0,0 +1,34 @@ +.TH "Heimdal Kerberos 5 ticket functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 5 ticket functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL \fBkrb5_ticket_get_flags\fP (krb5_context context, const krb5_ticket *ticket)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL krb5_ticket_get_flags (krb5_context context, const krb5_ticket * ticket)" +.PP +Get the flags from the Kerberos ticket +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos context +.br +\fIticket\fP Kerberos ticket +.RE +.PP +\fBReturns:\fP +.RS 4 +ticket flags +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_ticket_get_authorization_data_type.3 b/doc/doxyout/krb5/man/man3/krb5_ticket_get_authorization_data_type.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ticket_get_authorization_data_type.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ticket_get_client.3 b/doc/doxyout/krb5/man/man3/krb5_ticket_get_client.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ticket_get_client.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ticket_get_endtime.3 b/doc/doxyout/krb5/man/man3/krb5_ticket_get_endtime.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ticket_get_endtime.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ticket_get_flags.3 b/doc/doxyout/krb5/man/man3/krb5_ticket_get_flags.3 new file mode 100644 index 000000000000..7b8aa1908a1e --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ticket_get_flags.3 @@ -0,0 +1 @@ +.so man3/krb5_ticket.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_ticket_get_server.3 b/doc/doxyout/krb5/man/man3/krb5_ticket_get_server.3 new file mode 100644 index 000000000000..16c542ae4a70 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_ticket_get_server.3 @@ -0,0 +1 @@ +.so man3/krb5.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_unparse_name.3 b/doc/doxyout/krb5/man/man3/krb5_unparse_name.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_unparse_name.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_unparse_name_fixed.3 b/doc/doxyout/krb5/man/man3/krb5_unparse_name_fixed.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_unparse_name_fixed.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_unparse_name_fixed_flags.3 b/doc/doxyout/krb5/man/man3/krb5_unparse_name_fixed_flags.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_unparse_name_fixed_flags.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_unparse_name_fixed_short.3 b/doc/doxyout/krb5/man/man3/krb5_unparse_name_fixed_short.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_unparse_name_fixed_short.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_unparse_name_flags.3 b/doc/doxyout/krb5/man/man3/krb5_unparse_name_flags.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_unparse_name_flags.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_unparse_name_short.3 b/doc/doxyout/krb5/man/man3/krb5_unparse_name_short.3 new file mode 100644 index 000000000000..86ad45a98b4c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_unparse_name_short.3 @@ -0,0 +1 @@ +.so man3/krb5_principal.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_v4compat.3 b/doc/doxyout/krb5/man/man3/krb5_v4compat.3 new file mode 100644 index 000000000000..1347d8395ca7 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_v4compat.3 @@ -0,0 +1,60 @@ +.TH "Heimdal Kerberos 4 compatiblity functions" 3 "30 Jul 2011" "Version 1.5" "HeimdalKerberos5library" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal Kerberos 4 compatiblity functions \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb524_convert_creds_kdc\fP (krb5_context context, krb5_creds *in_cred, struct credentials *v4creds) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.ti -1c +.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb524_convert_creds_kdc_ccache\fP (krb5_context context, krb5_ccache ccache, krb5_creds *in_cred, struct credentials *v4creds) KRB5_DEPRECATED_FUNCTION('Use X instead')" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb524_convert_creds_kdc (krb5_context context, krb5_creds * in_cred, struct credentials * v4creds)" +.PP +Convert the v5 credentials in in_cred to v4-dito in v4creds. This is done by sending them to the 524 function in the KDC. If `in_cred' doesn't contain a DES session key, then a new one is gotten from the KDC and stored in the cred cache `ccache'. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIin_cred\fP the credential to convert +.br +\fIv4creds\fP the converted credential +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + +.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb524_convert_creds_kdc_ccache (krb5_context context, krb5_ccache ccache, krb5_creds * in_cred, struct credentials * v4creds)" +.PP +Convert the v5 credentials in in_cred to v4-dito in v4creds, check the credential cache ccache before checking with the KDC. +.PP +\fBParameters:\fP +.RS 4 +\fIcontext\fP Kerberos 5 context. +.br +\fIccache\fP credential cache used to check for des-ticket. +.br +\fIin_cred\fP the credential to convert +.br +\fIv4creds\fP the converted credential +.RE +.PP +\fBReturns:\fP +.RS 4 +Returns 0 to indicate success. Otherwise an kerberos et error code is returned, see krb5_get_error_message(). +.RE +.PP + diff --git a/doc/doxyout/krb5/man/man3/krb5_verify_checksum_iov.3 b/doc/doxyout/krb5/man/man3/krb5_verify_checksum_iov.3 new file mode 100644 index 000000000000..ebfd1cbfb9b2 --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_verify_checksum_iov.3 @@ -0,0 +1 @@ +.so man3/krb5_crypto.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_vset_error_string.3 b/doc/doxyout/krb5/man/man3/krb5_vset_error_string.3 new file mode 100644 index 000000000000..daa28323968c --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_vset_error_string.3 @@ -0,0 +1 @@ +.so man3/krb5_deprecated.3 diff --git a/doc/doxyout/krb5/man/man3/krb5_vwarn.3 b/doc/doxyout/krb5/man/man3/krb5_vwarn.3 new file mode 100644 index 000000000000..f721fda2cd4b --- /dev/null +++ b/doc/doxyout/krb5/man/man3/krb5_vwarn.3 @@ -0,0 +1 @@ +.so man3/krb5_error.3 diff --git a/doc/doxyout/krb5/manpages b/doc/doxyout/krb5/manpages new file mode 100644 index 000000000000..b5172637fdef --- /dev/null +++ b/doc/doxyout/krb5/manpages @@ -0,0 +1,360 @@ +krb5/man/man3/krb5.3 +krb5/man/man3/krb524_convert_creds_kdc.3 +krb5/man/man3/krb524_convert_creds_kdc_ccache.3 +krb5/man/man3/krb5_acc_ops.3 +krb5/man/man3/krb5_acl_match_file.3 +krb5/man/man3/krb5_acl_match_string.3 +krb5/man/man3/krb5_add_et_list.3 +krb5/man/man3/krb5_add_extra_addresses.3 +krb5/man/man3/krb5_add_ignore_addresses.3 +krb5/man/man3/krb5_addr2sockaddr.3 +krb5/man/man3/krb5_address.3 +krb5/man/man3/krb5_address_compare.3 +krb5/man/man3/krb5_address_order.3 +krb5/man/man3/krb5_address_prefixlen_boundary.3 +krb5/man/man3/krb5_address_search.3 +krb5/man/man3/krb5_allow_weak_crypto.3 +krb5/man/man3/krb5_anyaddr.3 +krb5/man/man3/krb5_append_addresses.3 +krb5/man/man3/krb5_auth.3 +krb5/man/man3/krb5_auth_getremoteseqnumber.3 +krb5/man/man3/krb5_build_principal.3 +krb5/man/man3/krb5_c_enctype_compare.3 +krb5/man/man3/krb5_cc_cache_end_seq_get.3 +krb5/man/man3/krb5_cc_cache_get_first.3 +krb5/man/man3/krb5_cc_cache_match.3 +krb5/man/man3/krb5_cc_cache_next.3 +krb5/man/man3/krb5_cc_clear_mcred.3 +krb5/man/man3/krb5_cc_close.3 +krb5/man/man3/krb5_cc_copy_cache.3 +krb5/man/man3/krb5_cc_copy_creds.3 +krb5/man/man3/krb5_cc_copy_match_f.3 +krb5/man/man3/krb5_cc_default.3 +krb5/man/man3/krb5_cc_default_name.3 +krb5/man/man3/krb5_cc_destroy.3 +krb5/man/man3/krb5_cc_end_seq_get.3 +krb5/man/man3/krb5_cc_gen_new.3 +krb5/man/man3/krb5_cc_get_config.3 +krb5/man/man3/krb5_cc_get_flags.3 +krb5/man/man3/krb5_cc_get_friendly_name.3 +krb5/man/man3/krb5_cc_get_full_name.3 +krb5/man/man3/krb5_cc_get_kdc_offset.3 +krb5/man/man3/krb5_cc_get_lifetime.3 +krb5/man/man3/krb5_cc_get_name.3 +krb5/man/man3/krb5_cc_get_ops.3 +krb5/man/man3/krb5_cc_get_prefix_ops.3 +krb5/man/man3/krb5_cc_get_principal.3 +krb5/man/man3/krb5_cc_get_type.3 +krb5/man/man3/krb5_cc_get_version.3 +krb5/man/man3/krb5_cc_initialize.3 +krb5/man/man3/krb5_cc_last_change_time.3 +krb5/man/man3/krb5_cc_move.3 +krb5/man/man3/krb5_cc_new_unique.3 +krb5/man/man3/krb5_cc_next_cred.3 +krb5/man/man3/krb5_cc_register.3 +krb5/man/man3/krb5_cc_remove_cred.3 +krb5/man/man3/krb5_cc_resolve.3 +krb5/man/man3/krb5_cc_retrieve_cred.3 +krb5/man/man3/krb5_cc_set_config.3 +krb5/man/man3/krb5_cc_set_default_name.3 +krb5/man/man3/krb5_cc_set_flags.3 +krb5/man/man3/krb5_cc_set_friendly_name.3 +krb5/man/man3/krb5_cc_set_kdc_offset.3 +krb5/man/man3/krb5_cc_start_seq_get.3 +krb5/man/man3/krb5_cc_store_cred.3 +krb5/man/man3/krb5_cc_support_switch.3 +krb5/man/man3/krb5_cc_switch.3 +krb5/man/man3/krb5_ccache.3 +krb5/man/man3/krb5_ccache_intro.3 +krb5/man/man3/krb5_cccol_cursor_free.3 +krb5/man/man3/krb5_cccol_cursor_new.3 +krb5/man/man3/krb5_cccol_cursor_next.3 +krb5/man/man3/krb5_cccol_last_change_time.3 +krb5/man/man3/krb5_change_password.3 +krb5/man/man3/krb5_cksumtype_to_enctype.3 +krb5/man/man3/krb5_clear_error_message.3 +krb5/man/man3/krb5_clear_error_string.3 +krb5/man/man3/krb5_compare_creds.3 +krb5/man/man3/krb5_config_file_free.3 +krb5/man/man3/krb5_config_free_strings.3 +krb5/man/man3/krb5_config_get_bool.3 +krb5/man/man3/krb5_config_get_bool_default.3 +krb5/man/man3/krb5_config_get_list.3 +krb5/man/man3/krb5_config_get_string.3 +krb5/man/man3/krb5_config_get_string_default.3 +krb5/man/man3/krb5_config_get_strings.3 +krb5/man/man3/krb5_config_get_time.3 +krb5/man/man3/krb5_config_get_time_default.3 +krb5/man/man3/krb5_config_parse_file_multi.3 +krb5/man/man3/krb5_config_parse_string_multi.3 +krb5/man/man3/krb5_config_vget_bool.3 +krb5/man/man3/krb5_config_vget_bool_default.3 +krb5/man/man3/krb5_config_vget_list.3 +krb5/man/man3/krb5_config_vget_string.3 +krb5/man/man3/krb5_config_vget_string_default.3 +krb5/man/man3/krb5_config_vget_strings.3 +krb5/man/man3/krb5_config_vget_time.3 +krb5/man/man3/krb5_config_vget_time_default.3 +krb5/man/man3/krb5_copy_address.3 +krb5/man/man3/krb5_copy_addresses.3 +krb5/man/man3/krb5_copy_context.3 +krb5/man/man3/krb5_copy_creds.3 +krb5/man/man3/krb5_copy_creds_contents.3 +krb5/man/man3/krb5_copy_data.3 +krb5/man/man3/krb5_copy_host_realm.3 +krb5/man/man3/krb5_copy_keyblock.3 +krb5/man/man3/krb5_copy_keyblock_contents.3 +krb5/man/man3/krb5_copy_principal.3 +krb5/man/man3/krb5_copy_ticket.3 +krb5/man/man3/krb5_create_checksum_iov.3 +krb5/man/man3/krb5_credential.3 +krb5/man/man3/krb5_creds_get_ticket_flags.3 +krb5/man/man3/krb5_crypto.3 +krb5/man/man3/krb5_crypto_destroy.3 +krb5/man/man3/krb5_crypto_fx_cf2.3 +krb5/man/man3/krb5_crypto_getblocksize.3 +krb5/man/man3/krb5_crypto_getconfoundersize.3 +krb5/man/man3/krb5_crypto_getenctype.3 +krb5/man/man3/krb5_crypto_getpadsize.3 +krb5/man/man3/krb5_crypto_init.3 +krb5/man/man3/krb5_crypto_iov.3 +krb5/man/man3/krb5_data_alloc.3 +krb5/man/man3/krb5_data_cmp.3 +krb5/man/man3/krb5_data_copy.3 +krb5/man/man3/krb5_data_ct_cmp.3 +krb5/man/man3/krb5_data_free.3 +krb5/man/man3/krb5_data_realloc.3 +krb5/man/man3/krb5_data_zero.3 +krb5/man/man3/krb5_decrypt_iov_ivec.3 +krb5/man/man3/krb5_deprecated.3 +krb5/man/man3/krb5_digest.3 +krb5/man/man3/krb5_digest_probe.3 +krb5/man/man3/krb5_eai_to_heim_errno.3 +krb5/man/man3/krb5_encrypt_iov_ivec.3 +krb5/man/man3/krb5_enctype_disable.3 +krb5/man/man3/krb5_enctype_enable.3 +krb5/man/man3/krb5_enctype_valid.3 +krb5/man/man3/krb5_enctypes_compatible_keys.3 +krb5/man/man3/krb5_error.3 +krb5/man/man3/krb5_expand_hostname.3 +krb5/man/man3/krb5_expand_hostname_realms.3 +krb5/man/man3/krb5_fcc_ops.3 +krb5/man/man3/krb5_fileformats.3 +krb5/man/man3/krb5_free_address.3 +krb5/man/man3/krb5_free_addresses.3 +krb5/man/man3/krb5_free_config_files.3 +krb5/man/man3/krb5_free_context.3 +krb5/man/man3/krb5_free_cred_contents.3 +krb5/man/man3/krb5_free_creds.3 +krb5/man/man3/krb5_free_creds_contents.3 +krb5/man/man3/krb5_free_data.3 +krb5/man/man3/krb5_free_data_contents.3 +krb5/man/man3/krb5_free_error_string.3 +krb5/man/man3/krb5_free_host_realm.3 +krb5/man/man3/krb5_free_keyblock.3 +krb5/man/man3/krb5_free_keyblock_contents.3 +krb5/man/man3/krb5_free_principal.3 +krb5/man/man3/krb5_free_ticket.3 +krb5/man/man3/krb5_free_unparsed_name.3 +krb5/man/man3/krb5_fwd_tgt_creds.3 +krb5/man/man3/krb5_generate_subkey.3 +krb5/man/man3/krb5_generate_subkey_extended.3 +krb5/man/man3/krb5_get_cred_from_kdc.3 +krb5/man/man3/krb5_get_cred_from_kdc_opt.3 +krb5/man/man3/krb5_get_default_config_files.3 +krb5/man/man3/krb5_get_default_in_tkt_etypes.3 +krb5/man/man3/krb5_get_dns_canonicalize_hostname.3 +krb5/man/man3/krb5_get_extra_addresses.3 +krb5/man/man3/krb5_get_fcache_version.3 +krb5/man/man3/krb5_get_forwarded_creds.3 +krb5/man/man3/krb5_get_ignore_addresses.3 +krb5/man/man3/krb5_get_in_tkt_with_keytab.3 +krb5/man/man3/krb5_get_in_tkt_with_password.3 +krb5/man/man3/krb5_get_in_tkt_with_skey.3 +krb5/man/man3/krb5_get_init_creds_keyblock.3 +krb5/man/man3/krb5_get_init_creds_keytab.3 +krb5/man/man3/krb5_get_init_creds_opt_alloc.3 +krb5/man/man3/krb5_get_init_creds_opt_free.3 +krb5/man/man3/krb5_get_init_creds_opt_get_error.3 +krb5/man/man3/krb5_get_init_creds_opt_init.3 +krb5/man/man3/krb5_get_init_creds_password.3 +krb5/man/man3/krb5_get_kdc_sec_offset.3 +krb5/man/man3/krb5_get_max_time_skew.3 +krb5/man/man3/krb5_get_use_admin_kdc.3 +krb5/man/man3/krb5_get_validated_creds.3 +krb5/man/man3/krb5_h_addr2addr.3 +krb5/man/man3/krb5_h_addr2sockaddr.3 +krb5/man/man3/krb5_h_errno_to_heim_errno.3 +krb5/man/man3/krb5_init_context.3 +krb5/man/man3/krb5_init_creds_free.3 +krb5/man/man3/krb5_init_creds_get.3 +krb5/man/man3/krb5_init_creds_get_error.3 +krb5/man/man3/krb5_init_creds_init.3 +krb5/man/man3/krb5_init_creds_intro.3 +krb5/man/man3/krb5_init_creds_set_keytab.3 +krb5/man/man3/krb5_init_creds_set_password.3 +krb5/man/man3/krb5_init_creds_set_service.3 +krb5/man/man3/krb5_init_creds_step.3 +krb5/man/man3/krb5_init_ets.3 +krb5/man/man3/krb5_introduction.3 +krb5/man/man3/krb5_is_config_principal.3 +krb5/man/man3/krb5_is_thread_safe.3 +krb5/man/man3/krb5_kerberos_enctypes.3 +krb5/man/man3/krb5_keyblock_get_enctype.3 +krb5/man/man3/krb5_keyblock_init.3 +krb5/man/man3/krb5_keyblock_zero.3 +krb5/man/man3/krb5_keytab.3 +krb5/man/man3/krb5_keytab_intro.3 +krb5/man/man3/krb5_keytab_key_proc.3 +krb5/man/man3/krb5_keytype_to_enctypes.3 +krb5/man/man3/krb5_keytype_to_enctypes_default.3 +krb5/man/man3/krb5_keytype_to_string.3 +krb5/man/man3/krb5_krbhst_get_addrinfo.3 +krb5/man/man3/krb5_kt_add_entry.3 +krb5/man/man3/krb5_kt_close.3 +krb5/man/man3/krb5_kt_compare.3 +krb5/man/man3/krb5_kt_copy_entry_contents.3 +krb5/man/man3/krb5_kt_default.3 +krb5/man/man3/krb5_kt_default_modify_name.3 +krb5/man/man3/krb5_kt_default_name.3 +krb5/man/man3/krb5_kt_destroy.3 +krb5/man/man3/krb5_kt_end_seq_get.3 +krb5/man/man3/krb5_kt_free_entry.3 +krb5/man/man3/krb5_kt_get_entry.3 +krb5/man/man3/krb5_kt_get_full_name.3 +krb5/man/man3/krb5_kt_get_name.3 +krb5/man/man3/krb5_kt_get_type.3 +krb5/man/man3/krb5_kt_have_content.3 +krb5/man/man3/krb5_kt_next_entry.3 +krb5/man/man3/krb5_kt_read_service_key.3 +krb5/man/man3/krb5_kt_register.3 +krb5/man/man3/krb5_kt_remove_entry.3 +krb5/man/man3/krb5_kt_resolve.3 +krb5/man/man3/krb5_kt_start_seq_get.3 +krb5/man/man3/krb5_kuserok.3 +krb5/man/man3/krb5_make_addrport.3 +krb5/man/man3/krb5_make_principal.3 +krb5/man/man3/krb5_max_sockaddr_size.3 +krb5/man/man3/krb5_mcc_ops.3 +krb5/man/man3/krb5_pac.3 +krb5/man/man3/krb5_pac_get_buffer.3 +krb5/man/man3/krb5_pac_verify.3 +krb5/man/man3/krb5_parse_address.3 +krb5/man/man3/krb5_parse_name.3 +krb5/man/man3/krb5_parse_name_flags.3 +krb5/man/man3/krb5_parse_nametype.3 +krb5/man/man3/krb5_password_key_proc.3 +krb5/man/man3/krb5_plugin_register.3 +krb5/man/man3/krb5_prepend_config_files_default.3 +krb5/man/man3/krb5_princ_realm.3 +krb5/man/man3/krb5_princ_set_realm.3 +krb5/man/man3/krb5_principal.3 +krb5/man/man3/krb5_principal_compare.3 +krb5/man/man3/krb5_principal_compare_any_realm.3 +krb5/man/man3/krb5_principal_get_num_comp.3 +krb5/man/man3/krb5_principal_get_realm.3 +krb5/man/man3/krb5_principal_get_type.3 +krb5/man/man3/krb5_principal_intro.3 +krb5/man/man3/krb5_principal_is_krbtgt.3 +krb5/man/man3/krb5_principal_match.3 +krb5/man/man3/krb5_principal_set_realm.3 +krb5/man/man3/krb5_principal_set_type.3 +krb5/man/man3/krb5_print_address.3 +krb5/man/man3/krb5_random_to_key.3 +krb5/man/man3/krb5_rd_req_ctx.3 +krb5/man/man3/krb5_rd_req_in_ctx_alloc.3 +krb5/man/man3/krb5_rd_req_in_set_keytab.3 +krb5/man/man3/krb5_rd_req_in_set_pac_check.3 +krb5/man/man3/krb5_rd_req_out_ctx_free.3 +krb5/man/man3/krb5_rd_req_out_get_server.3 +krb5/man/man3/krb5_realm_compare.3 +krb5/man/man3/krb5_ret_address.3 +krb5/man/man3/krb5_ret_addrs.3 +krb5/man/man3/krb5_ret_authdata.3 +krb5/man/man3/krb5_ret_creds.3 +krb5/man/man3/krb5_ret_creds_tag.3 +krb5/man/man3/krb5_ret_data.3 +krb5/man/man3/krb5_ret_int16.3 +krb5/man/man3/krb5_ret_int32.3 +krb5/man/man3/krb5_ret_int8.3 +krb5/man/man3/krb5_ret_keyblock.3 +krb5/man/man3/krb5_ret_principal.3 +krb5/man/man3/krb5_ret_string.3 +krb5/man/man3/krb5_ret_stringz.3 +krb5/man/man3/krb5_ret_times.3 +krb5/man/man3/krb5_ret_uint16.3 +krb5/man/man3/krb5_ret_uint32.3 +krb5/man/man3/krb5_ret_uint8.3 +krb5/man/man3/krb5_set_config_files.3 +krb5/man/man3/krb5_set_default_in_tkt_etypes.3 +krb5/man/man3/krb5_set_dns_canonicalize_hostname.3 +krb5/man/man3/krb5_set_error_message.3 +krb5/man/man3/krb5_set_error_string.3 +krb5/man/man3/krb5_set_extra_addresses.3 +krb5/man/man3/krb5_set_fcache_version.3 +krb5/man/man3/krb5_set_home_dir_access.3 +krb5/man/man3/krb5_set_ignore_addresses.3 +krb5/man/man3/krb5_set_kdc_sec_offset.3 +krb5/man/man3/krb5_set_max_time_skew.3 +krb5/man/man3/krb5_set_password.3 +krb5/man/man3/krb5_set_real_time.3 +krb5/man/man3/krb5_set_use_admin_kdc.3 +krb5/man/man3/krb5_sname_to_principal.3 +krb5/man/man3/krb5_sockaddr2address.3 +krb5/man/man3/krb5_sockaddr2port.3 +krb5/man/man3/krb5_sockaddr_uninteresting.3 +krb5/man/man3/krb5_storage.3 +krb5/man/man3/krb5_storage_clear_flags.3 +krb5/man/man3/krb5_storage_emem.3 +krb5/man/man3/krb5_storage_free.3 +krb5/man/man3/krb5_storage_from_data.3 +krb5/man/man3/krb5_storage_from_fd.3 +krb5/man/man3/krb5_storage_from_mem.3 +krb5/man/man3/krb5_storage_from_readonly_mem.3 +krb5/man/man3/krb5_storage_get_byteorder.3 +krb5/man/man3/krb5_storage_get_eof_code.3 +krb5/man/man3/krb5_storage_is_flags.3 +krb5/man/man3/krb5_storage_read.3 +krb5/man/man3/krb5_storage_seek.3 +krb5/man/man3/krb5_storage_set_byteorder.3 +krb5/man/man3/krb5_storage_set_eof_code.3 +krb5/man/man3/krb5_storage_set_flags.3 +krb5/man/man3/krb5_storage_set_max_alloc.3 +krb5/man/man3/krb5_storage_to_data.3 +krb5/man/man3/krb5_storage_truncate.3 +krb5/man/man3/krb5_storage_write.3 +krb5/man/man3/krb5_store_address.3 +krb5/man/man3/krb5_store_addrs.3 +krb5/man/man3/krb5_store_authdata.3 +krb5/man/man3/krb5_store_creds.3 +krb5/man/man3/krb5_store_creds_tag.3 +krb5/man/man3/krb5_store_data.3 +krb5/man/man3/krb5_store_int16.3 +krb5/man/man3/krb5_store_int32.3 +krb5/man/man3/krb5_store_int8.3 +krb5/man/man3/krb5_store_keyblock.3 +krb5/man/man3/krb5_store_principal.3 +krb5/man/man3/krb5_store_string.3 +krb5/man/man3/krb5_store_stringz.3 +krb5/man/man3/krb5_store_times.3 +krb5/man/man3/krb5_store_uint16.3 +krb5/man/man3/krb5_store_uint32.3 +krb5/man/man3/krb5_store_uint8.3 +krb5/man/man3/krb5_string_to_keytype.3 +krb5/man/man3/krb5_support.3 +krb5/man/man3/krb5_ticket.3 +krb5/man/man3/krb5_ticket_get_authorization_data_type.3 +krb5/man/man3/krb5_ticket_get_client.3 +krb5/man/man3/krb5_ticket_get_endtime.3 +krb5/man/man3/krb5_ticket_get_flags.3 +krb5/man/man3/krb5_ticket_get_server.3 +krb5/man/man3/krb5_unparse_name.3 +krb5/man/man3/krb5_unparse_name_fixed.3 +krb5/man/man3/krb5_unparse_name_fixed_flags.3 +krb5/man/man3/krb5_unparse_name_fixed_short.3 +krb5/man/man3/krb5_unparse_name_flags.3 +krb5/man/man3/krb5_unparse_name_short.3 +krb5/man/man3/krb5_v4compat.3 +krb5/man/man3/krb5_verify_checksum_iov.3 +krb5/man/man3/krb5_vset_error_string.3 +krb5/man/man3/krb5_vwarn.3 diff --git a/doc/doxyout/ntlm/html/annotated.html b/doc/doxyout/ntlm/html/annotated.html new file mode 100644 index 000000000000..d6a03542ff9f --- /dev/null +++ b/doc/doxyout/ntlm/html/annotated.html @@ -0,0 +1,39 @@ + + +Heimdalntlmlibrary: Data Structures + + + +

+keyhole logo +

+ + + +
+

Data Structures

Here are the data structures with brief descriptions: + + + + +
ntlm_buf
ntlm_type1
ntlm_type2
ntlm_type3
+
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/html/doxygen.css b/doc/doxyout/ntlm/html/doxygen.css new file mode 100644 index 000000000000..22c484301dd1 --- /dev/null +++ b/doc/doxyout/ntlm/html/doxygen.css @@ -0,0 +1,473 @@ +BODY,H1,H2,H3,H4,H5,H6,P,CENTER,TD,TH,UL,DL,DIV { + font-family: Geneva, Arial, Helvetica, sans-serif; +} +BODY,TD { + font-size: 90%; +} +H1 { + text-align: center; + font-size: 160%; +} +H2 { + font-size: 120%; +} +H3 { + font-size: 100%; +} +CAPTION { + font-weight: bold +} +DIV.qindex { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navpath { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navtab { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +TD.navtab { + font-size: 70%; +} +A.qindex { + text-decoration: none; + font-weight: bold; + color: #1A419D; +} +A.qindex:visited { + text-decoration: none; + font-weight: bold; + color: #1A419D +} +A.qindex:hover { + text-decoration: none; + background-color: #ddddff; +} +A.qindexHL { + text-decoration: none; + font-weight: bold; + background-color: #6666cc; + color: #ffffff; + border: 1px double #9295C2; +} +A.qindexHL:hover { + text-decoration: none; + background-color: #6666cc; + color: #ffffff; +} +A.qindexHL:visited { + text-decoration: none; + background-color: #6666cc; + color: #ffffff +} +A.el { + text-decoration: none; + font-weight: bold +} +A.elRef { + font-weight: bold +} +A.code:link { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.code:visited { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.codeRef:link { + font-weight: normal; + color: #0000FF +} +A.codeRef:visited { + font-weight: normal; + color: #0000FF +} +A:hover { + text-decoration: none; + background-color: #f2f2ff +} +DL.el { + margin-left: -1cm +} +.fragment { + font-family: monospace, fixed; + font-size: 95%; +} +PRE.fragment { + border: 1px solid #CCCCCC; + background-color: #f5f5f5; + margin-top: 4px; + margin-bottom: 4px; + margin-left: 2px; + margin-right: 8px; + padding-left: 6px; + padding-right: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +DIV.ah { + background-color: black; + font-weight: bold; + color: #ffffff; + margin-bottom: 3px; + margin-top: 3px +} + +DIV.groupHeader { + margin-left: 16px; + margin-top: 12px; + margin-bottom: 6px; + font-weight: bold; +} +DIV.groupText { + margin-left: 16px; + font-style: italic; + font-size: 90% +} +BODY { + background: white; + color: black; + margin-right: 20px; + margin-left: 20px; +} +TD.indexkey { + background-color: #e8eef2; + font-weight: bold; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TD.indexvalue { + background-color: #e8eef2; + font-style: italic; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TR.memlist { + background-color: #f0f0f0; +} +P.formulaDsp { + text-align: center; +} +IMG.formulaDsp { +} +IMG.formulaInl { + vertical-align: middle; +} +SPAN.keyword { color: #008000 } +SPAN.keywordtype { color: #604020 } +SPAN.keywordflow { color: #e08000 } +SPAN.comment { color: #800000 } +SPAN.preprocessor { color: #806020 } +SPAN.stringliteral { color: #002080 } +SPAN.charliteral { color: #008080 } +SPAN.vhdldigit { color: #ff00ff } +SPAN.vhdlchar { color: #000000 } +SPAN.vhdlkeyword { color: #700070 } +SPAN.vhdllogic { color: #ff0000 } + +.mdescLeft { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.mdescRight { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.memItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplParams { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + color: #606060; + background-color: #FAFAFA; + font-size: 80%; +} +.search { + color: #003399; + font-weight: bold; +} +FORM.search { + margin-bottom: 0px; + margin-top: 0px; +} +INPUT.search { + font-size: 75%; + color: #000080; + font-weight: normal; + background-color: #e8eef2; +} +TD.tiny { + font-size: 75%; +} +a { + color: #1A41A8; +} +a:visited { + color: #2A3798; +} +.dirtab { + padding: 4px; + border-collapse: collapse; + border: 1px solid #84b0c7; +} +TH.dirtab { + background: #e8eef2; + font-weight: bold; +} +HR { + height: 1px; + border: none; + border-top: 1px solid black; +} + +/* Style for detailed member documentation */ +.memtemplate { + font-size: 80%; + color: #606060; + font-weight: normal; + margin-left: 3px; +} +.memnav { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +.memitem { + padding: 4px; + background-color: #eef3f5; + border-width: 1px; + border-style: solid; + border-color: #dedeee; + -moz-border-radius: 8px 8px 8px 8px; +} +.memname { + white-space: nowrap; + font-weight: bold; +} +.memdoc{ + padding-left: 10px; +} +.memproto { + background-color: #d5e1e8; + width: 100%; + border-width: 1px; + border-style: solid; + border-color: #84b0c7; + font-weight: bold; + -moz-border-radius: 8px 8px 8px 8px; +} +.paramkey { + text-align: right; +} +.paramtype { + white-space: nowrap; +} +.paramname { + color: #602020; + font-style: italic; + white-space: nowrap; +} +/* End Styling for detailed member documentation */ + +/* for the tree view */ +.ftvtree { + font-family: sans-serif; + margin:0.5em; +} +/* these are for tree view when used as main index */ +.directory { + font-size: 9pt; + font-weight: bold; +} +.directory h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} + +/* The following two styles can be used to replace the root node title */ +/* with an image of your choice. Simply uncomment the next two styles, */ +/* specify the name of your image and be sure to set 'height' to the */ +/* proper pixel height of your image. */ + +/* .directory h3.swap { */ +/* height: 61px; */ +/* background-repeat: no-repeat; */ +/* background-image: url("yourimage.gif"); */ +/* } */ +/* .directory h3.swap span { */ +/* display: none; */ +/* } */ + +.directory > h3 { + margin-top: 0; +} +.directory p { + margin: 0px; + white-space: nowrap; +} +.directory div { + display: none; + margin: 0px; +} +.directory img { + vertical-align: -30%; +} +/* these are for tree view when not used as main index */ +.directory-alt { + font-size: 100%; + font-weight: bold; +} +.directory-alt h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} +.directory-alt > h3 { + margin-top: 0; +} +.directory-alt p { + margin: 0px; + white-space: nowrap; +} +.directory-alt div { + display: none; + margin: 0px; +} +.directory-alt img { + vertical-align: -30%; +} + diff --git a/doc/doxyout/ntlm/html/doxygen.png b/doc/doxyout/ntlm/html/doxygen.png new file mode 100644 index 0000000000000000000000000000000000000000..f0a274bbaffdd67f6d784c894d9cf28729db0e14 GIT binary patch literal 1281 zcmaJ>ZA?>F7(Vx-ms?uoS`b@hdRtpo6o^%HU>M$hfGrBvQnk$LE?p^P!kn&ikhyq! zX~V@&tPF5Qt@V?oTL96Bi%aRiwbe1)9DWQI#?)=HxS7QSw`J`5fAJ*eJbB;uNuKA& zdERDo*{Y<(If(#(B$Lr#;nB(8Y#ia=ZCeW?JfPLuQY`=@cW$k}Rivq|vbxGrRq1Tl9;+(gNt?}UtVKM2`T5t1jLzuL@0UIs`S#vlhl4)^ zLgSYrPj@$+`|j?eSbXTmiHGkWxV8V}BzNR?pl9k_s4pDu9vd5a_UzZEPk)}Ad{AV_ zzddrjrh4=Imr`E06;LY{)YYt?o}L~H@7C}F^WB!Ra=v`Q0bj{>5&$66CWF>mf6vjP z2N>RRY6ZYa=K`76>+|_)Xdwko+7wv}7cN|btOhWb(*{sta~6b?S8Omrxw}!4`NhGr zZVpNqpu1@BE`QGWNTpEpcJVW5izu~2B^GlM?1(OPg)zwW;QcP@Ltcclm>XbJL9C|j z=9!2?ua=uIlf0%AndzHsRC}IyTL$EhAee(fdKB`?27KeS^2M8M_7b~PiCFO&r5LC7 z7gl1*a<8;SjNaw#h=843_AV9iZbWQOAp5YOC^&_F*9K0> zB|6%IDb?aM#3viTxkLU4aXg&@+CkNTOnQ1iMP*^?b|^lJy$4C)Zk4isV!|RZ*XhXh zw8q3$=*0LeGC!XI_Wc?dkT~3+*Gu%%yIqP+Wr3H$=&ROMQU6q}Ag^P~>c5vAEO;a- z_dK-3PPeKar%)6$j~vI2#*-YH!1h6HYVtwCX5_wM`iF#UKz&&@9Oo5w3%XGYrX zW>dY~)SG-((Yim%`InwgTvyRC?e=Wh^8KCao!R6Eg&TpVWUY1sN~4G}V?nFnEGo-; zHZ_$eW9-GnC%^WS9b z@p;-$oH#MtC0v>Q$HX%4^JdFdO$0cbv-W)Q TtK}Eh@>>I#ipmV1>S*>q-hkC} literal 0 HcmV?d00001 diff --git a/doc/doxyout/ntlm/html/examples.html b/doc/doxyout/ntlm/html/examples.html new file mode 100644 index 000000000000..4382552adbd0 --- /dev/null +++ b/doc/doxyout/ntlm/html/examples.html @@ -0,0 +1,30 @@ + + +Heimdalntlmlibrary: Examples + + + +

+keyhole logo +

+ + + +
+

Examples

Here is a list of all examples: +
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/html/functions.html b/doc/doxyout/ntlm/html/functions.html new file mode 100644 index 000000000000..89a84285c468 --- /dev/null +++ b/doc/doxyout/ntlm/html/functions.html @@ -0,0 +1,78 @@ + + +Heimdalntlmlibrary: Data Fields + + + +

+keyhole logo +

+ + + +
+Here is a list of all documented struct and union fields with links to the struct/union documentation for each field: +

+

+
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/html/functions_vars.html b/doc/doxyout/ntlm/html/functions_vars.html new file mode 100644 index 000000000000..7452b716fb82 --- /dev/null +++ b/doc/doxyout/ntlm/html/functions_vars.html @@ -0,0 +1,78 @@ + + +Heimdalntlmlibrary: Data Fields - Variables + + + +

+keyhole logo +

+ + + +
+  +

+

+
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/html/graph_legend.dot b/doc/doxyout/ntlm/html/graph_legend.dot new file mode 100644 index 000000000000..4df0f1aa4864 --- /dev/null +++ b/doc/doxyout/ntlm/html/graph_legend.dot @@ -0,0 +1,22 @@ +digraph G +{ + edge [fontname="FreeSans",fontsize=10,labelfontname="FreeSans",labelfontsize=10]; + node [fontname="FreeSans",fontsize=10,shape=record]; + Node9 [shape="box",label="Inherited",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",fillcolor="grey75",style="filled" fontcolor="black"]; + Node10 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node10 [shape="box",label="PublicBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPublicBase.html"]; + Node11 -> Node10 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node11 [shape="box",label="Truncated",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="red",URL="$classTruncated.html"]; + Node13 -> Node9 [dir=back,color="darkgreen",fontsize=10,style="solid",fontname="FreeSans"]; + Node13 [shape="box",label="ProtectedBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classProtectedBase.html"]; + Node14 -> Node9 [dir=back,color="firebrick4",fontsize=10,style="solid",fontname="FreeSans"]; + Node14 [shape="box",label="PrivateBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPrivateBase.html"]; + Node15 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node15 [shape="box",label="Undocumented",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="grey75"]; + Node16 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node16 [shape="box",label="Templ< int >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node17 -> Node16 [dir=back,color="orange",fontsize=10,style="dashed",label="< int >",fontname="FreeSans"]; + Node17 [shape="box",label="Templ< T >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node18 -> Node9 [dir=back,color="darkorchid3",fontsize=10,style="dashed",label="m_usedClass",fontname="FreeSans"]; + Node18 [shape="box",label="Used",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classUsed.html"]; +} diff --git a/doc/doxyout/ntlm/html/graph_legend.html b/doc/doxyout/ntlm/html/graph_legend.html new file mode 100644 index 000000000000..d4b7360c2483 --- /dev/null +++ b/doc/doxyout/ntlm/html/graph_legend.html @@ -0,0 +1,89 @@ + + +Heimdalntlmlibrary: Graph Legend + + + +

+keyhole logo +

+ + + +
+

Graph Legend

This page explains how to interpret the graphs that are generated by doxygen.

+Consider the following example: 

/*! Invisible class because of truncation */
+class Invisible { };
+
+/*! Truncated class, inheritance relation is hidden */
+class Truncated : public Invisible { };
+
+/* Class not documented with doxygen comments */
+class Undocumented { };
+
+/*! Class that is inherited using public inheritance */
+class PublicBase : public Truncated { };
+
+/*! A template class */
+template<class T> class Templ { };
+
+/*! Class that is inherited using protected inheritance */
+class ProtectedBase { };
+
+/*! Class that is inherited using private inheritance */
+class PrivateBase { };
+
+/*! Class that is used by the Inherited class */
+class Used { };
+
+/*! Super class that inherits a number of other classes */
+class Inherited : public PublicBase,
+                  protected ProtectedBase,
+                  private PrivateBase,
+                  public Undocumented,
+                  public Templ<int>
+{
+  private:
+    Used *m_usedClass;
+};
+
If the MAX_DOT_GRAPH_HEIGHT tag in the configuration file is set to 240 this will result in the following graph:

+

+graph_legend.png +
+

+The boxes in the above graph have the following meaning:

    +
  • +A filled gray box represents the struct or class for which the graph is generated.
    • +
  • +A box with a black border denotes a documented struct or class.
    • +
  • +A box with a grey border denotes an undocumented struct or class.
    • +
  • +A box with a red border denotes a documented struct or class forwhich not all inheritance/containment relations are shown. A graph is truncated if it does not fit within the specified boundaries.
    • +
+The arrows have the following meaning:
    +
  • +A dark blue arrow is used to visualize a public inheritance relation between two classes.
    • +
  • +A dark green arrow is used for protected inheritance.
    • +
  • +A dark red arrow is used for private inheritance.
    • +
  • +A purple dashed arrow is used if a class is contained or used by another class. The arrow is labeled with the variable(s) through which the pointed class or struct is accessible.
    • +
  • +A yellow dashed arrow denotes a relation between a template instance and the template class it was instantiated from. The arrow is labeled with the template parameters of the instance.
    • +
+
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/html/graph_legend.png b/doc/doxyout/ntlm/html/graph_legend.png new file mode 100644 index 0000000000000000000000000000000000000000..9b96937bfd5f7a36ea8dbf2d64ed1bc0768f074d GIT binary patch literal 4256 zcmbVQdpOkH_8+NND!Jtq6-jtSR7_-I$|WI0?zfSY$_$d3afzvf+>+dd5k>AJ%rwTO zToWRpOjQk;SpA-vZaxFm|)qS zZ0&nc$jcV$urMS*mT>5$AW~=+0-V=-hk3d;65QJTE=oj@xp?1=Mih?*SJGP9x;tMV zMGEN%60bmjDaijL58nc4RjF^hegOwU1I*ccRUmxdMkPM4ng0%#|DsH zA6uS>izR^x-*dYB+Y^@(q_fm3bgQzJ)xH_6x>lGwshWF+C5$5dh3sYD)tK+C6U)CD z^Xomarii5PA4v8qF_zz#buUwD?ro`8dC&7V-sShflU~*CBDZ04x4+3qE16W{eL_xd z3YaO}b1qpA9YL|0YKdw~2PzM=1=7+ItLm0+tST@%D(MNDzHR)+2t0d#|s}$9i(3xGzT8VL8o-ltIwH zpspqZeXR&2qA6r=nJVuhHO>d5w2$gp9i$H^6ROz!yNTjvm&9kupV73|GPJbXR%Sq0{>>GOn}^wshXC&C~6F@ zQEtikDzl-h2C}qRulGQ3fxzQMGiQH>nv}zkLLPr|qAC;3@PP$cr?(+-t?Wl3jb0<+ z#bCd_jVJ74%s*@eBjHtio7tZ>$BFt@%$M_C#AZgnzPm@&TXYQgE_Vo-ac(6wcJS^F zq)^14asP#Se^m*cnG^`{K>nXv_jhChvr_3s{zCkoqlsf=o8GQ>m@l2)em-YYT;u5A zvL(o`$7n~F&}`E{@&v375BP8e8N#D`H-e$%bEytQt-6o^PA%Dz4c-UeB{`~c4E<$L zY5E6~rKXj#P=fpct4bMP!auX;p7jtP@Li|`r|L0{yav|CLqtLNI5sNFr)16{NP2=B zyY+-Wnh;%3ctC&{8FU{!e29-)s6j~L{~V=%0`Mo=V6^am+1%z2<9r3tD~6uUPff|k zVx!)!?zoJ8FYTDC+V^!??@ z4c>lSL|BU?N^?Ew@NJxJzG9eMGFyR)(2&@Nt!t3%JLT|%6obYCChp}`hP)dkti;UH zm+B_wyb0#h=*|iH4Fx&x>#k_WnyfzU(!KMagDGGLWwz39qG2@`w4@&@8MH}K=hcV> zo@xJdqtMHqtZ+UobNt|FkIRV*_Z#K{{Bb)#j z9XM+oNQX|Dn7$9c4;PX=9NRr)QYm+3 z zx^AyiP)aaJ#E<#aI_Z4M0qo~}6_b{Fw7LjYEpq&2eP4e=;`V;2lQjooTv3dWIpwWu z2b1z&DZD^dJ%5Ah@TPsb?SUP1RZa2=43!k>cAI`kktGdN*#k}_EFYJBtdo09U?xBs z9K9CSx_e{=df>B<4TT_=s52}n^1IKq){xhJIZR<%sQ$rL)Ww)Yt%WkDo#ad}s&Gx5 z={);tH9sSrJ>yD-tu!$ob?tPKmFU3SdDt@i5ULq$P+JZ&rBZXITMM2R4_v1ibgOiq zMgY#(>xF-;&)HonG+sHE@%)-B1*r)@ga3!db-Vc_x}smbXU4=Ycmit0F{Z9Z=q9*k zSY@ypaOs8`MX!BUZQ8*PNmX5$J|!1|LUar)5#Wv*4#g@nfsebEcx9@8Xwfb0Q9P(} z=SQ6#aIE*x06hjIS#Bd%McoJc%>SXksuJY|iLLCE2cQVDS=q0ExRn*~`i=fOw%XSg zjPMNGM@azaROpa|{rz4!=+zKM?qLTssH`{-E+@6Hhis|f3;+_M-ZtTHa|~uvmR1gf ztc+og%<|DBdt%HY{wmosZ0Dwo_$k|E-l5uc@dsfQXM7S|Iz@BxYy&z}hOFW|~F{vQ0Osp+?FjWk}l^^`$3d&Um1 z?&sxr?AAGlD4Khy<_>4od`Bblh?&9%UY#-Jq!c|?kU+hLL^MH@`5+jaq0btJpn7*b#Oeh1GEn6atjaCyIWfr0OqB$o*_K7>Hw0 z?BwrA^UZy(f_CdPoNz0!X6_EX?r80CuKuJ>x7Nfyd8EE%k&D?|=iJJfS>IQjndp+} zQwBq!$`>mvPmG!I^V(%R)Gym_|72^0&$a-L)TN^qtKvF!jlxIo?PRq6kTb-X53|%h z?IKy}wPh>cXPpl!CgqlED%v-a$)H5&WV66^EQctD_=l_ z8tuq$z=3tBNHyzQ{oqHd0c`bijo3DfaK&P6ljOYB*yU$_@k`qhq8=mtA4jS1B1K(j zvo2FBwlJ2mJRPCUqlyR$(a}O)y*2{y;Q!N$t<@I0rtBY~s9-^ohW}mp>mSLEID_fCC?)BC#xQVv6?MP3l1#chr!wPGR>M7_ma= zq&T4QLL#pPdxWMc8$@t?@@dX?v6SXk)pHf5YJBDF1J==c$=Ycr+-OyqR^Hvbl3sPR z*>|+VVnI4^ix_q({i~Ss$FYFSvqug*Szu}$jsTR7w#ajG&vB+e-65%XO$A}#xf?z1 zg)!qcIUN0peM-ZkW0&88#R#(`yIXN3nMRX3+scl<5eJ{+iXh{t%uA$^_(QR&k?6b}K!<(1P zqwP4`%br=wo_WfO34*7x=@)Qk8fo1(!f2_Wx<|KCf>TXR>Fs0He*PA|d0Gy2j)&Wm z%VnPoVWk((0ZN^Z;9t1nfauExQsXD8>~~^(ibEcj>iyB>^{0^bacb(gZMDZOg!?o2 zVa@4%Q3kdQ_jg7p|GidA+;Dh4mlhvBOEsuq(9T4mj7oc$7JRBo7sK z*E^0e%k=;_*U4pQ>$TPd_p@|Nm&X+6SCcizU6^Uhlfh+H#~(#zENDe!uqZ){ma3WhTpgE+}F#p~*bqL)ZYn`y8- zBOJ+jO4A2S!yO<}KP2QQ_3v@|Y0!qSg0~x9LPU!Rsy0*lW)2#guxB_)5P-_Hzz)sa zrnuTszvZ!oPt?A{2s%#E?qLUMss-0P-a={w>U|QXvO8{_pDLhOoY0}ZSU>&a#hJ<$ zf4Q&uT+Go7?*M0-NYFE>V%3O24hlHr&CvTIS_##QeB#n}e(gAe6vWs=NZv-DofbkO zu7$-h7Q@{+$HyEaDZEwf6AwUFq;NBnTgsf5s%mT33zz?)Ep+-3VmZ8*J#3y~)Ura$ zpPFz&43@7o6>!a?EZ!3?!?z=`K9*}HvAgu@#TSq?Ptjq6-{ylGIr3f2q%wW0|I7*vVROWS&K z1ujjlesAY3i{h8`HADO2qu*4TzqaC^gbVQY}Bcx zdccd&Kl-bUFIRb=gLuNk3HsaqMMi`2e%ujt?uM0xCs*bj=EwvJFU`+a_d(+X)YjtG z8ViTUA+`cG73Cc^6!T_s=HK)o?m&=mp;4>0A$DnH#54&G^7{I|FO#0N%dZAibZ>6* z?nPYXp5X^8B9a_9oS$PjT-x+F#$I{v>ysq>cBG2e?JyMGV2r`NPxrsx8;iIjX^q~Dr;D*ylh literal 0 HcmV?d00001 diff --git a/doc/doxyout/ntlm/html/group__ntlm__core.html b/doc/doxyout/ntlm/html/group__ntlm__core.html new file mode 100644 index 000000000000..99a1449ad93a --- /dev/null +++ b/doc/doxyout/ntlm/html/group__ntlm__core.html @@ -0,0 +1,936 @@ + + +Heimdalntlmlibrary: Heimdal NTLM library + + + +

+keyhole logo +

+ + + +
+

Heimdal NTLM library

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

void heim_ntlm_free_buf (struct ntlm_buf *p)
void heim_ntlm_free_targetinfo (struct ntlm_targetinfo *ti)
int heim_ntlm_encode_targetinfo (const struct ntlm_targetinfo *ti, int ucs2, struct ntlm_buf *data)
int heim_ntlm_decode_targetinfo (const struct ntlm_buf *data, int ucs2, struct ntlm_targetinfo *ti)
void heim_ntlm_free_type1 (struct ntlm_type1 *data)
int heim_ntlm_encode_type1 (const struct ntlm_type1 *type1, struct ntlm_buf *data)
void heim_ntlm_free_type2 (struct ntlm_type2 *data)
int heim_ntlm_encode_type2 (const struct ntlm_type2 *type2, struct ntlm_buf *data)
void heim_ntlm_free_type3 (struct ntlm_type3 *data)
int heim_ntlm_encode_type3 (const struct ntlm_type3 *type3, struct ntlm_buf *data)
int heim_ntlm_nt_key (const char *password, struct ntlm_buf *key)
int heim_ntlm_calculate_ntlm1 (void *key, size_t len, unsigned char challenge[8], struct ntlm_buf *answer)
int heim_ntlm_build_ntlm1_master (void *key, size_t len, struct ntlm_buf *session, struct ntlm_buf *master)
int heim_ntlm_build_ntlm2_master (void *key, size_t len, struct ntlm_buf *blob, struct ntlm_buf *session, struct ntlm_buf *master)
int heim_ntlm_keyex_unwrap (struct ntlm_buf *baseKey, struct ntlm_buf *encryptedSession, struct ntlm_buf *session)
int heim_ntlm_ntlmv2_key (const void *key, size_t len, const char *username, const char *target, unsigned char ntlmv2[16])
int heim_ntlm_calculate_lm2 (const void *key, size_t len, const char *username, const char *target, const unsigned char serverchallenge[8], unsigned char ntlmv2[16], struct ntlm_buf *answer)
int heim_ntlm_calculate_ntlm2 (const void *key, size_t len, const char *username, const char *target, const unsigned char serverchallenge[8], const struct ntlm_buf *infotarget, unsigned char ntlmv2[16], struct ntlm_buf *answer)
int heim_ntlm_verify_ntlm2 (const void *key, size_t len, const char *username, const char *target, time_t now, const unsigned char serverchallenge[8], const struct ntlm_buf *answer, struct ntlm_buf *infotarget, unsigned char ntlmv2[16])
+

Detailed Description

+The NTLM core functions implement the string2key generation function, message encode and decode function, and the hash function functions.

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int heim_ntlm_build_ntlm1_master (void *  key,
size_t  len,
struct ntlm_buf session,
struct ntlm_buf master 
)
+
+
+ +

+Generates an NTLMv1 session random with assosited session master key.

+

Parameters:
+ + + + + +
key the ntlm v1 key
len length of key
session generated session nonce, should be freed with heim_ntlm_free_buf().
master calculated session master key, should be freed with heim_ntlm_free_buf().
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int heim_ntlm_build_ntlm2_master (void *  key,
size_t  len,
struct ntlm_buf blob,
struct ntlm_buf session,
struct ntlm_buf master 
)
+
+
+ +

+Generates an NTLMv2 session random with associated session master key.

+

Parameters:
+ + + + + + +
key the NTLMv2 key
len length of key
blob the NTLMv2 "blob"
session generated session nonce, should be freed with heim_ntlm_free_buf().
master calculated session master key, should be freed with heim_ntlm_free_buf().
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int heim_ntlm_calculate_lm2 (const void *  key,
size_t  len,
const char *  username,
const char *  target,
const unsigned char  serverchallenge[8],
unsigned char  ntlmv2[16],
struct ntlm_buf answer 
)
+
+
+ +

+Calculate LMv2 response

+

Parameters:
+ + + + + + + + +
key the ntlm key
len length of key
username name of the user, as sent in the message, assumed to be in UTF8.
target the name of the target, assumed to be in UTF8.
serverchallenge challenge as sent by the server in the type2 message.
ntlmv2 calculated session key
answer ntlm response answer, should be freed with heim_ntlm_free_buf().
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int heim_ntlm_calculate_ntlm1 (void *  key,
size_t  len,
unsigned char  challenge[8],
struct ntlm_buf answer 
)
+
+
+ +

+Calculate NTLMv1 response hash

+

Parameters:
+ + + + + +
key the ntlm v1 key
len length of key
challenge sent by the server
answer calculated answer, should be freed with heim_ntlm_free_buf().
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int heim_ntlm_calculate_ntlm2 (const void *  key,
size_t  len,
const char *  username,
const char *  target,
const unsigned char  serverchallenge[8],
const struct ntlm_buf infotarget,
unsigned char  ntlmv2[16],
struct ntlm_buf answer 
)
+
+
+ +

+Calculate NTLMv2 response

+

Parameters:
+ + + + + + + + + +
key the ntlm key
len length of key
username name of the user, as sent in the message, assumed to be in UTF8.
target the name of the target, assumed to be in UTF8.
serverchallenge challenge as sent by the server in the type2 message.
infotarget infotarget as sent by the server in the type2 message.
ntlmv2 calculated session key
answer ntlm response answer, should be freed with heim_ntlm_free_buf().
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int heim_ntlm_decode_targetinfo (const struct ntlm_buf data,
int  ucs2,
struct ntlm_targetinfo *  ti 
)
+
+
+ +

+Decodes an NTLM targetinfo message

+

Parameters:
+ + + + +
data input data buffer with the encode NTLM targetinfo message
ucs2 if the strings should be encoded with ucs2 (selected by flag in message).
ti the decoded target info, should be freed with heim_ntlm_free_targetinfo().
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int heim_ntlm_encode_targetinfo (const struct ntlm_targetinfo *  ti,
int  ucs2,
struct ntlm_buf data 
)
+
+
+ +

+Encodes a ntlm_targetinfo message.

+

Parameters:
+ + + + +
ti the ntlm_targetinfo message to encode.
ucs2 ignored
data is the return buffer with the encoded message, should be freed with heim_ntlm_free_buf().
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int heim_ntlm_encode_type1 (const struct ntlm_type1 type1,
struct ntlm_buf data 
)
+
+
+ +

+Encodes an ntlm_type1 message.

+

Parameters:
+ + + +
type1 the ntlm_type1 message to encode.
data is the return buffer with the encoded message, should be freed with heim_ntlm_free_buf().
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int heim_ntlm_encode_type2 (const struct ntlm_type2 type2,
struct ntlm_buf data 
)
+
+
+ +

+Encodes an ntlm_type2 message.

+

Parameters:
+ + + +
type2 the ntlm_type2 message to encode.
data is the return buffer with the encoded message, should be freed with heim_ntlm_free_buf().
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int heim_ntlm_encode_type3 (const struct ntlm_type3 type3,
struct ntlm_buf data 
)
+
+
+ +

+Encodes an ntlm_type3 message.

+

Parameters:
+ + + +
type3 the ntlm_type3 message to encode.
data is the return buffer with the encoded message, should be freed with heim_ntlm_free_buf().
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+ +

+
+ + + + + + + + + +
void heim_ntlm_free_buf (struct ntlm_buf p  ) 
+
+
+ +

+heim_ntlm_free_buf frees the ntlm buffer

+

Parameters:
+ + +
p buffer to be freed
+
+ +
+

+ +

+
+ + + + + + + + + +
void heim_ntlm_free_targetinfo (struct ntlm_targetinfo *  ti  ) 
+
+
+ +

+Frees the ntlm_targetinfo message

+

Parameters:
+ + +
ti targetinfo to be freed
+
+ +
+

+ +

+
+ + + + + + + + + +
void heim_ntlm_free_type1 (struct ntlm_type1 data  ) 
+
+
+ +

+Frees the ntlm_type1 message

+

Parameters:
+ + +
data message to be freed
+
+ +
+

+ +

+
+ + + + + + + + + +
void heim_ntlm_free_type2 (struct ntlm_type2 data  ) 
+
+
+ +

+Frees the ntlm_type2 message

+

Parameters:
+ + +
data message to be freed
+
+ +
+

+ +

+
+ + + + + + + + + +
void heim_ntlm_free_type3 (struct ntlm_type3 data  ) 
+
+
+ +

+Frees the ntlm_type3 message

+

Parameters:
+ + +
data message to be freed
+
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int heim_ntlm_keyex_unwrap (struct ntlm_buf baseKey,
struct ntlm_buf encryptedSession,
struct ntlm_buf session 
)
+
+
+ +

+Given a key and encrypted session, unwrap the session key

+

Parameters:
+ + + + +
baseKey the sessionBaseKey
encryptedSession encrypted session, type3.session field.
session generated session nonce, should be freed with heim_ntlm_free_buf().
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int heim_ntlm_nt_key (const char *  password,
struct ntlm_buf key 
)
+
+
+ +

+Calculate the NTLM key, the password is assumed to be in UTF8.

+

Parameters:
+ + + +
password password to calcute the key for.
key calcuted key, should be freed with heim_ntlm_free_buf().
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int heim_ntlm_ntlmv2_key (const void *  key,
size_t  len,
const char *  username,
const char *  target,
unsigned char  ntlmv2[16] 
)
+
+
+ +

+Generates an NTLMv2 session key.

+

Parameters:
+ + + + + + +
key the ntlm key
len length of key
username name of the user, as sent in the message, assumed to be in UTF8.
target the name of the target, assumed to be in UTF8.
ntlmv2 the ntlmv2 session key
+
+
Returns:
0 on success, or an error code on failure.
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int heim_ntlm_verify_ntlm2 (const void *  key,
size_t  len,
const char *  username,
const char *  target,
time_t  now,
const unsigned char  serverchallenge[8],
const struct ntlm_buf answer,
struct ntlm_buf infotarget,
unsigned char  ntlmv2[16] 
)
+
+
+ +

+Verify NTLMv2 response.

+

Parameters:
+ + + + + + + + + + +
key the ntlm key
len length of key
username name of the user, as sent in the message, assumed to be in UTF8.
target the name of the target, assumed to be in UTF8.
now the time now (0 if the library should pick it up itself)
serverchallenge challenge as sent by the server in the type2 message.
answer ntlm response answer, should be freed with heim_ntlm_free_buf().
infotarget infotarget as sent by the server in the type2 message.
ntlmv2 calculated session key
+
+
Returns:
In case of success 0 is return, an errors, a errno in what went wrong.
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/html/index.html b/doc/doxyout/ntlm/html/index.html new file mode 100644 index 000000000000..4e45d312b11b --- /dev/null +++ b/doc/doxyout/ntlm/html/index.html @@ -0,0 +1,37 @@ + + +Heimdalntlmlibrary: Heimdal NTLM library + + + +

+keyhole logo +

+ + + +
+

Heimdal NTLM library

+

+

1.5

+Introduction

+Heimdal libheimntlm library is a implementation of the NTLM protocol, both version 1 and 2. The GSS-API mech that uses this library adds support for transport encryption and integrity checking.

+NTLM is a protocol for mutual authentication, its still used in many protocol where Kerberos is not support, one example is EAP/X802.1x mechanism LEAP from Microsoft and Cisco.

+This is a support library for the core protocol, its used in Heimdal to implement and GSS-API mechanism. There is also support in the KDC to do remote digest authenticiation, this to allow services to authenticate users w/o direct access to the users ntlm hashes (same as Kerberos arcfour enctype keys).

+More information about the NTLM protocol can found here http://davenport.sourceforge.net/ntlm.html .

+The Heimdal projects web page: http://www.h5l.org/

+NTLM Example

+Example to to use test_ntlm::c .
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/html/modules.html b/doc/doxyout/ntlm/html/modules.html new file mode 100644 index 000000000000..1baf0fa97a35 --- /dev/null +++ b/doc/doxyout/ntlm/html/modules.html @@ -0,0 +1,30 @@ + + +Heimdalntlmlibrary: Module Index + + + +

+keyhole logo +

+ + + +
+

Modules

Here is a list of all modules: +
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/html/structntlm__buf.html b/doc/doxyout/ntlm/html/structntlm__buf.html new file mode 100644 index 000000000000..547452789cc8 --- /dev/null +++ b/doc/doxyout/ntlm/html/structntlm__buf.html @@ -0,0 +1,82 @@ + + +Heimdalntlmlibrary: ntlm_buf Struct Reference + + + +

+keyhole logo +

+ + + +
+

ntlm_buf Struct Reference

#include <heimntlm.h> +

+ + + + + + + +

Data Fields

size_t length
void * data
+

Detailed Description

+Buffer for storing data in the NTLM library. When filled in by the library it should be freed with heim_ntlm_free_buf().
Examples:
+ +

+test_ntlm.c.

Field Documentation

+ +
+
+ + + + +
size_t ntlm_buf::length
+
+
+ +

+length buffer data

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
void* ntlm_buf::data
+
+
+ +

+pointer to the data itself

Examples:
+test_ntlm.c.
+
+

+

The documentation for this struct was generated from the following file:
    +
  • /Users/lha/src/heimdal/heimdal-release/heimdal-1.5/lib/ntlm/heimntlm.h
+
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/html/structntlm__type1.html b/doc/doxyout/ntlm/html/structntlm__type1.html new file mode 100644 index 000000000000..ea8cef32e1c0 --- /dev/null +++ b/doc/doxyout/ntlm/html/structntlm__type1.html @@ -0,0 +1,118 @@ + + +Heimdalntlmlibrary: ntlm_type1 Struct Reference + + + +

+keyhole logo +

+ + + +
+

ntlm_type1 Struct Reference

#include <heimntlm.h> +

+ + + + + + + + + + + +

Data Fields

uint32_t flags
char * domain
char * hostname
uint32_t os [2]
+

Detailed Description

+Struct for the NTLM type1 message info, the strings is assumed to be in UTF8. When filled in by the library it should be freed with heim_ntlm_free_type1().
Examples:
+ +

+test_ntlm.c.

Field Documentation

+ +
+
+ + + + +
uint32_t ntlm_type1::flags
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
char* ntlm_type1::domain
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
char* ntlm_type1::hostname
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
uint32_t ntlm_type1::os[2]
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+

The documentation for this struct was generated from the following file:
    +
  • /Users/lha/src/heimdal/heimdal-release/heimdal-1.5/lib/ntlm/heimntlm.h
+
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/html/structntlm__type2.html b/doc/doxyout/ntlm/html/structntlm__type2.html new file mode 100644 index 000000000000..f301e41d5529 --- /dev/null +++ b/doc/doxyout/ntlm/html/structntlm__type2.html @@ -0,0 +1,159 @@ + + +Heimdalntlmlibrary: ntlm_type2 Struct Reference + + + +

+keyhole logo +

+ + + +
+

ntlm_type2 Struct Reference

#include <heimntlm.h> +

+

+Collaboration diagram for ntlm_type2:
+
+

Collaboration graph
+ + +
[legend]
+ + + + + + + + + + + + + + + +

Data Fields

uint32_t flags
char * targetname
struct ntlm_buf targetinfo
unsigned char challenge [8]
uint32_t context [2]
uint32_t os [2]
+

Detailed Description

+Struct for the NTLM type2 message info, the strings is assumed to be in UTF8. When filled in by the library it should be freed with heim_ntlm_free_type2().
Examples:
+ +

+test_ntlm.c.

Field Documentation

+ +
+
+ + + + +
uint32_t ntlm_type2::flags
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
char* ntlm_type2::targetname
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
struct ntlm_buf ntlm_type2::targetinfo [read]
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
unsigned char ntlm_type2::challenge[8]
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
uint32_t ntlm_type2::context[2]
+
+
+ +

+ +

+

+ +

+
+ + + + +
uint32_t ntlm_type2::os[2]
+
+
+ +

+ +

+

+

The documentation for this struct was generated from the following file:
    +
  • /Users/lha/src/heimdal/heimdal-release/heimdal-1.5/lib/ntlm/heimntlm.h
+
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/html/structntlm__type2__coll__graph.map b/doc/doxyout/ntlm/html/structntlm__type2__coll__graph.map new file mode 100644 index 000000000000..9e6cd72b444e --- /dev/null +++ b/doc/doxyout/ntlm/html/structntlm__type2__coll__graph.map @@ -0,0 +1 @@ + diff --git a/doc/doxyout/ntlm/html/structntlm__type2__coll__graph.md5 b/doc/doxyout/ntlm/html/structntlm__type2__coll__graph.md5 new file mode 100644 index 000000000000..4340819135c3 --- /dev/null +++ b/doc/doxyout/ntlm/html/structntlm__type2__coll__graph.md5 @@ -0,0 +1 @@ +b5989391473842dda9191d0175c17177 \ No newline at end of file diff --git a/doc/doxyout/ntlm/html/structntlm__type2__coll__graph.png b/doc/doxyout/ntlm/html/structntlm__type2__coll__graph.png new file mode 100644 index 0000000000000000000000000000000000000000..14c79b434fb7ef5466409f4a94183e39173c77ae GIT binary patch literal 821 zcmV-51Iqk~P)CdCzrO$g z0RR90I`NFp00001bW%=J06^y0W&i*Jr%6OXRA_aBN51CKK}jj9Am)fsda4^d49BGo zofSF7?kCZ+M~X2P`PW6K?zUKDk;U9% zYSx*>tBPOZX|oigEJXQjJFr81z8@MVJ!Z0q+eO;N+=NRCQZ`U_vcv-%Sy5(?ntdK7 zW)eH8K&S-q(|l|_vxryN1+d8C zS;Q;cb68~YTH=;}FI@TkY%w)JlOV#PxO76A#+Z6c zt`ZHjpj(Ug3mV&i0%#kmiKAf4o#NF0pw&LAhN1&weZyu^S*1ga?#S1SV#Lw!+5kqS zRUe(YV|`oi5sjzp;9+U}mw#`HS;d + +Heimdalntlmlibrary: ntlm_type3 Struct Reference + + + +

+keyhole logo +

+ + + +
+

ntlm_type3 Struct Reference

#include <heimntlm.h> +

+

+Collaboration diagram for ntlm_type3:
+
+

Collaboration graph
+ + +
[legend]
+ + + + + + + + + + + + + + + + + + + +

Data Fields

uint32_t flags
char * username
char * targetname
struct ntlm_buf lm
struct ntlm_buf ntlm
struct ntlm_buf sessionkey
char * ws
uint32_t os [2]
+

Detailed Description

+Struct for the NTLM type3 message info, the strings is assumed to be in UTF8. When filled in by the library it should be freed with heim_ntlm_free_type3().
Examples:
+ +

+test_ntlm.c.

Field Documentation

+ +
+
+ + + + +
uint32_t ntlm_type3::flags
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
char* ntlm_type3::username
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
char* ntlm_type3::targetname
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
struct ntlm_buf ntlm_type3::lm [read]
+
+
+ +

+ +

+

+ +

+
+ + + + +
struct ntlm_buf ntlm_type3::ntlm [read]
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
struct ntlm_buf ntlm_type3::sessionkey [read]
+
+
+ +

+ +

+

+ +

+
+ + + + +
char* ntlm_type3::ws
+
+
+ +

+

Examples:
+test_ntlm.c.
+
+

+ +

+
+ + + + +
uint32_t ntlm_type3::os[2]
+
+
+ +

+ +

+

+

The documentation for this struct was generated from the following file:
    +
  • /Users/lha/src/heimdal/heimdal-release/heimdal-1.5/lib/ntlm/heimntlm.h
+
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/html/structntlm__type3__coll__graph.map b/doc/doxyout/ntlm/html/structntlm__type3__coll__graph.map new file mode 100644 index 000000000000..9e6cd72b444e --- /dev/null +++ b/doc/doxyout/ntlm/html/structntlm__type3__coll__graph.map @@ -0,0 +1 @@ + diff --git a/doc/doxyout/ntlm/html/structntlm__type3__coll__graph.md5 b/doc/doxyout/ntlm/html/structntlm__type3__coll__graph.md5 new file mode 100644 index 000000000000..1c9e7239dc0c --- /dev/null +++ b/doc/doxyout/ntlm/html/structntlm__type3__coll__graph.md5 @@ -0,0 +1 @@ +e51b24543271b5e19333877ec8086fcd \ No newline at end of file diff --git a/doc/doxyout/ntlm/html/structntlm__type3__coll__graph.png b/doc/doxyout/ntlm/html/structntlm__type3__coll__graph.png new file mode 100644 index 0000000000000000000000000000000000000000..6553470777e867e963e06dddf4943589b6138228 GIT binary patch literal 951 zcmV;o14#UdP)^jKRM@L^@Ul$h_cXxNEr>DQa zzW@LL|Ns9$to#Q60004WQchCOUXKLDy$FO0h z{h4WtEg=Vy(4Cic;PgFiEv1_c@Agvoo8C=Fl$YQ{EYrlp<^FxaF1}wVk)F zKpCtN``C8M_9t+T-Im)NZ-@3a?(*8fwnB{BnZVwMT@X8bTzhNS#h!Uj^yA9SHruzi zXN6>!zlr9BWcf#8*+~)$znvWkUu-8&w&UP;vXk@eDEN)+B#DUM$aa1NmTk7#zNQ^* zsex^_SAS&qo7YF!1K;`{X@7p}8`B;i*M`3ZWSi~y_QJsSE$nN~V~@4Rmu?TRXO1dS z?a8IvUG0gb+g~|c1L?vV4Lj=+t-}G2d?MuF7ds~9ohaP zKp1NkJxXP5?qYuH#xk6?RXd@(B&C|%h9*_|@JgGWrpW~!P|7q5v5@AWknX2%Oj2o^ zYH_MH?WDe<+>qm3?H0J{Fd^o)?qM?bs8KVa)8jvsv&pS8`dM%PPKC&2v&wBK7Pes; z=}#xApjrsI^VABt#kQ`NL(EVtYw1>kzFDiTW7qFxyrIp~{|Eray zwlb<}%I#u4rB`my=xZpot`ySvUMRP-EH~NOqo(uLt!Vdasqlxgx+`MZ8vu!E~1P2NV|Vb8oo}lXP+b6Y_sj{y}}Ipl)(1! Z;U7ou&kQ#A=NSM1002ovPDHLkV1fWC@pk|K literal 0 HcmV?d00001 diff --git a/doc/doxyout/ntlm/html/tab_b.gif b/doc/doxyout/ntlm/html/tab_b.gif new file mode 100644 index 0000000000000000000000000000000000000000..0d623483ffdf5f9f96900108042a7ab0643fe2a3 GIT binary patch literal 35 ncmZ?wbhEHbWMp7uXkcJy*>IeJfk6j|fqX^=1|}vKMh0sDa2W*H literal 0 HcmV?d00001 diff --git a/doc/doxyout/ntlm/html/tab_l.gif b/doc/doxyout/ntlm/html/tab_l.gif new file mode 100644 index 0000000000000000000000000000000000000000..9b1e6337c9299a700401a2a78a2c6ffced475216 GIT binary patch literal 706 zcmZ?wbhEHbZT`}F1e&(Gg}Y(8=I;HA5#Z$3JI=gGB)FQ#odI(O&E^@q;x zK6mr*m3xOS-#u~t!I@i+u0DKm^U160k6t`|^WpV}&n+8{U%dD9&a>B#U%!9-@yol< zU%&tQ{rk_K|NsC0`}dE5ET99@1@a36+kb~?0UJ*yc&I3X_m z!ND^5$O7$#8OFRuDhG}!?8z?cdZK&!`PWjdR;Aj^wZ` zeK{IEYHBJ)6K8VIp1`BVt++swf6j+=L{p1*nO(VhE`pFexG@5$|>uaCcd z`0m=9m+yak{QmXN#Sc$^{$X9h9&q2jiKAI|&T)a;PPx2K9p`YIdw8HtR5k2Q$2-O2 z*;3y{MQ-RnJTgJfI&R5|O)AHxDf_00XbPvDZPy4t=hHd)nfLPvms&O`Ok(sD()5v$ z5U@&h;a=#xbxVbo2~X&Xj0Ie(f{v>vERH+qC+nTG=B8Nca=wU-O$?1&vUgV~9=!H; zx>3p9Yn%*<>t~sk+&0xfyS8RsPfYBd<~wWK%j-LmpU>O7yX^h#UCp1x-p#i7@bE;py8XI6 zmY<)m>~)W~yIWcMVoiPg{duuf<*)9qZ9l$m*Ph&W&$jlv*Vpa+{pH@n=IQ$L?0$ax ec60Ul|8o2P|NVbd{6P)#weSbE3}s?04AuZvx_~SI literal 0 HcmV?d00001 diff --git a/doc/doxyout/ntlm/html/tab_r.gif b/doc/doxyout/ntlm/html/tab_r.gif new file mode 100644 index 0000000000000000000000000000000000000000..ce9dd9f533cb5486d6941844f442b59d4a9e9175 GIT binary patch literal 2585 zcmbV}`9Bkk1ILFF--w5zJc=ZZT(zjE=;2|_S)Qm~rCWz1Pc)KPl;jv%A#&v2*x}yc zmf2~Jm~&=xjJY?PqwIN}f8qQ2{r$uH{c*nJbmr{cR5??*egHrs-B=MzCF`3%e{FAW z{oL5xTHn~5TM{jaB;@|_Ue5F&Zb@p(kMyG{*;gWDg zyeL|eZf7Qd8=#bXzSiR{yzRgLSj-fJS8>lBjVHN z^o-0eS=nE6a`W;LChBs=`+QAJP~{b93>H^eRb5kCSC1zUNezun%`L5M?RDzv#%jk7 zYVRX=vATPD`+oEfum^{RM@GjuP?-r=yh0!p;Vx^T9G7~`7%5ydH%70=jyJ;;`d;hv92x3R=z{xp+Lg2!*@OK*K15-t&okoPtSED)h&$RLxdbA zseWm^C3d%-yRNi-ryk^!ek+C`n&~cd$#ZWct_cUL{l~i+Nzx^5d!n94(>bW-iL~Rl z&8r)?q|1DIo=0=judQ{FaGcfLERz8gfn3-Qt<2lksh{mzpT}DXxUuR^z=^key&q4! z+wWI45vL0k$R^(F#{qfqhUsN@WA+w-V?LPH33!Q?WFSB3)WBojE@hK41Nb?KfS+Qo zXgrzfsP$wr4Qzy*{OD>uJBjdgGM@VMml5)2f~_}lD*YyOb}Hjeobhz#4c`w(l^>KK zr?Ud;W~Z}*w;%hZ|2^p^+f06gJDJQD zeIhGADbDmm&6arh(q>EZ<7mjzg7l|z$hRL8=1>)Nv=S7CY$B}iYJ&*T_-T_OG*L1q ztZ3Lana33?y3AKnyq^YCF|4x%Rb5WU&2qcl{TFKey%QJeMxn^SdT!hZ5+0i1zeusiYVp-phBl7b5+Px-X&LhByq z0F&<;K0l2+v>qiHlXb#$jXMv$uK-dEGE9L~qtdU(XeRXmvu*K2Q&6!fD**JxYP4b4BR7FdJ$Qx9G9`J%-_X!a#LGpp3g9)VWytGCa;7`S1_e8F~!R+aSJ zOF17p2`H?2kPs8Q`_;U}+D%3p zs2-0BTqFwpUoBk`?P;iPQ(IbEA|JmMx!P&YYG|R@S=5Mnw;-?A6rEEVyV%d7{iU4a zNk`i!%F(Ykpm`}#oH;BjY->@b8vQedv;pza2FL&*6ufjd+*3Ute&>kes~TU?^KkojsTh(o~(3tk1Y6>4(yn( z#U*ID9@eg-beKo1B;HXe+}{Z%n@7m0+yxivuqk9~;!1LGQlah)xYK4>wgL}l6dsaN zIxlRlq`*`j9PG4*0hD6YV_b_2w5b#)o7J?`q#{GjvvKlD`T*dWcZx<-s(ZvLB44E# z=!|sw!?)@%y$oRNL#25WS3lzdii}TuQ3?CLnvQ1_n};2sT_;Y;#d3=+-(O% zMN$>O!3;ke(UuLR%h_&)N zs^!-@A>QR}4yB1bPp`9S19ikTbZ~O{&FF-yHK{En;mmShDUIEw03`j(DBIsM}Rjki2J#SQa3gFZTKBPDeIiLt9Z z%bL3(B@Qw%(B`wSMS~dPh$=R`(}lBoFXKy(s|*{#ru$wjsBc_O#zxNk9w+UUHmx(U zmJ8+M+ndtnZ<7|VU9Mbt61zpo9T&3%Wx&XII=#QJxjR`CZf22ac3d51Z?GD%LEe_&*t46Qf;4`bZ7p2K(Ab5>GfT^}4! zBT&HZD`^PEgWoI&{~o-ID0F?O`75sm(87x%A{(}Ch1)QlzdJ)1B-eqe5a(weg0`4lQIf1evjvbBY50DVbzO7CLf|vP z2#0(U-|jZ`H{y5N^o7%iK6H>_HEGN->U6^!)1{XpJV!!4(Ig7wzZQ*9WYF4X1rG0x z=1uA@i`rIAciubDC{;~b(|&|A@xkjRP5aRcvRU9tvIm}jDB6J eQ0-6-y)mpwdT=ayS0tBxKDA*~;EWmo literal 0 HcmV?d00001 diff --git a/doc/doxyout/ntlm/html/tabs.css b/doc/doxyout/ntlm/html/tabs.css new file mode 100644 index 000000000000..95f00a91da30 --- /dev/null +++ b/doc/doxyout/ntlm/html/tabs.css @@ -0,0 +1,102 @@ +/* tabs styles, based on http://www.alistapart.com/articles/slidingdoors */ + +DIV.tabs +{ + float : left; + width : 100%; + background : url("tab_b.gif") repeat-x bottom; + margin-bottom : 4px; +} + +DIV.tabs UL +{ + margin : 0px; + padding-left : 10px; + list-style : none; +} + +DIV.tabs LI, DIV.tabs FORM +{ + display : inline; + margin : 0px; + padding : 0px; +} + +DIV.tabs FORM +{ + float : right; +} + +DIV.tabs A +{ + float : left; + background : url("tab_r.gif") no-repeat right top; + border-bottom : 1px solid #84B0C7; + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + +DIV.tabs A:hover +{ + background-position: 100% -150px; +} + +DIV.tabs A:link, DIV.tabs A:visited, +DIV.tabs A:active, DIV.tabs A:hover +{ + color: #1A419D; +} + +DIV.tabs SPAN +{ + float : left; + display : block; + background : url("tab_l.gif") no-repeat left top; + padding : 5px 9px; + white-space : nowrap; +} + +DIV.tabs INPUT +{ + float : right; + display : inline; + font-size : 1em; +} + +DIV.tabs TD +{ + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + + + +/* Commented Backslash Hack hides rule from IE5-Mac \*/ +DIV.tabs SPAN {float : none;} +/* End IE5-Mac hack */ + +DIV.tabs A:hover SPAN +{ + background-position: 0% -150px; +} + +DIV.tabs LI.current A +{ + background-position: 100% -150px; + border-width : 0px; +} + +DIV.tabs LI.current SPAN +{ + background-position: 0% -150px; + padding-bottom : 6px; +} + +DIV.navpath +{ + background : none; + border : none; + border-bottom : 1px solid #84B0C7; +} diff --git a/doc/doxyout/ntlm/html/test__ntlm_8c-example.html b/doc/doxyout/ntlm/html/test__ntlm_8c-example.html new file mode 100644 index 000000000000..a64fdad3c89a --- /dev/null +++ b/doc/doxyout/ntlm/html/test__ntlm_8c-example.html @@ -0,0 +1,408 @@ + + +Heimdalntlmlibrary: test_ntlm.c + + + +

+keyhole logo +

+ + + +
+

test_ntlm.c

Example how to use the NTLM primitives.

+

/*
+ * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of KTH nor the names of its contributors may be
+ *    used to endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#include <stdio.h>
+#include <err.h>
+#include <roken.h>
+#include <getarg.h>
+
+#include <krb5-types.h> /* or <inttypes.h> */
+#include <heimntlm.h>
+
+static int
+test_parse(void)
+{
+    const char *user = "foo",
+        *domain = "mydomain",
+        *password = "digestpassword",
+        *target = "DOMAIN";
+    struct ntlm_type1 type1;
+    struct ntlm_type2 type2;
+    struct ntlm_type3 type3;
+    struct ntlm_buf data;
+    int ret, flags;
+
+    memset(&type1, 0, sizeof(type1));
+
+    type1.flags = NTLM_NEG_UNICODE|NTLM_NEG_TARGET|NTLM_NEG_NTLM;
+    type1.domain = rk_UNCONST(domain);
+    type1.hostname = NULL;
+    type1.os[0] = 0;
+    type1.os[1] = 0;
+
+    ret = heim_ntlm_encode_type1(&type1, &data);
+    if (ret)
+        errx(1, "heim_ntlm_encode_type1");
+
+    memset(&type1, 0, sizeof(type1));
+
+    ret = heim_ntlm_decode_type1(&data, &type1);
+    free(data.data);
+    if (ret)
+        errx(1, "heim_ntlm_encode_type1");
+
+    heim_ntlm_free_type1(&type1);
+
+    /*
+     *
+     */
+
+    memset(&type2, 0, sizeof(type2));
+
+    flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN;
+    type2.flags = flags;
+
+    memset(type2.challenge, 0x7f, sizeof(type2.challenge));
+    type2.targetname = rk_UNCONST(target);
+    type2.targetinfo.data = NULL;
+    type2.targetinfo.length = 0;
+
+    ret = heim_ntlm_encode_type2(&type2, &data);
+    if (ret)
+        errx(1, "heim_ntlm_encode_type2");
+
+    memset(&type2, 0, sizeof(type2));
+
+    ret = heim_ntlm_decode_type2(&data, &type2);
+    free(data.data);
+    if (ret)
+        errx(1, "heim_ntlm_decode_type2");
+
+    heim_ntlm_free_type2(&type2);
+
+    /*
+     *
+     */
+
+    memset(&type3, 0, sizeof(type3));
+
+    type3.flags = flags;
+    type3.username = rk_UNCONST(user);
+    type3.targetname = rk_UNCONST(target);
+    type3.ws = rk_UNCONST("workstation");
+
+    {
+        struct ntlm_buf key;
+        heim_ntlm_nt_key(password, &key);
+
+        heim_ntlm_calculate_ntlm1(key.data, key.length,
+                                  type2.challenge,
+                                  &type3.ntlm);
+        free(key.data);
+    }
+
+    ret = heim_ntlm_encode_type3(&type3, &data);
+    if (ret)
+        errx(1, "heim_ntlm_encode_type3");
+
+    free(type3.ntlm.data);
+
+    memset(&type3, 0, sizeof(type3));
+
+    ret = heim_ntlm_decode_type3(&data, 1, &type3);
+    free(data.data);
+    if (ret)
+        errx(1, "heim_ntlm_decode_type3");
+
+    if (strcmp("workstation", type3.ws) != 0)
+        errx(1, "type3 ws wrong");
+
+    if (strcmp(target, type3.targetname) != 0)
+        errx(1, "type3 targetname wrong");
+
+    if (strcmp(user, type3.username) != 0)
+        errx(1, "type3 username wrong");
+
+
+    heim_ntlm_free_type3(&type3);
+
+    /*
+     * NTLMv2
+     */
+
+    memset(&type2, 0, sizeof(type2));
+
+    flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN;
+    type2.flags = flags;
+
+    memset(type2.challenge, 0x7f, sizeof(type2.challenge));
+    type2.targetname = rk_UNCONST(target);
+    type2.targetinfo.data = "\x00\x00";
+    type2.targetinfo.length = 2;
+
+    ret = heim_ntlm_encode_type2(&type2, &data);
+    if (ret)
+        errx(1, "heim_ntlm_encode_type2");
+
+    memset(&type2, 0, sizeof(type2));
+
+    ret = heim_ntlm_decode_type2(&data, &type2);
+    free(data.data);
+    if (ret)
+        errx(1, "heim_ntlm_decode_type2");
+
+    heim_ntlm_free_type2(&type2);
+
+    return 0;
+}
+
+static int
+test_keys(void)
+{
+    const char
+        *username = "test",
+        *password = "test1234",
+        *target = "TESTNT";
+    const unsigned char
+        serverchallenge[8] = "\x67\x7f\x1c\x55\x7a\x5e\xe9\x6c";
+    struct ntlm_buf infotarget, infotarget2, answer, key;
+    unsigned char ntlmv2[16], ntlmv2_1[16];
+    int ret;
+
+    infotarget.length = 70;
+    infotarget.data =
+        "\x02\x00\x0c\x00\x54\x00\x45\x00\x53\x00\x54\x00\x4e\x00\x54\x00"
+        "\x01\x00\x0c\x00\x4d\x00\x45\x00\x4d\x00\x42\x00\x45\x00\x52\x00"
+        "\x03\x00\x1e\x00\x6d\x00\x65\x00\x6d\x00\x62\x00\x65\x00\x72\x00"
+            "\x2e\x00\x74\x00\x65\x00\x73\x00\x74\x00\x2e\x00\x63\x00\x6f"
+            "\x00\x6d\x00"
+        "\x00\x00\x00\x00";
+
+    answer.length = 0;
+    answer.data = NULL;
+
+    heim_ntlm_nt_key(password, &key);
+
+    ret = heim_ntlm_calculate_ntlm2(key.data,
+                                    key.length,
+                                    username,
+                                    target,
+                                    serverchallenge,
+                                    &infotarget,
+                                    ntlmv2,
+                                    &answer);
+    if (ret)
+        errx(1, "heim_ntlm_calculate_ntlm2");
+
+    ret = heim_ntlm_verify_ntlm2(key.data,
+                                 key.length,
+                                 username,
+                                 target,
+                                 0,
+                                 serverchallenge,
+                                 &answer,
+                                 &infotarget2,
+                                 ntlmv2_1);
+    if (ret)
+        errx(1, "heim_ntlm_verify_ntlm2");
+
+    if (memcmp(ntlmv2, ntlmv2_1, sizeof(ntlmv2)) != 0)
+        errx(1, "ntlm master key not same");
+
+    if (infotarget.length > infotarget2.length)
+        errx(1, "infotarget length");
+
+    if (memcmp(infotarget.data, infotarget2.data, infotarget.length) != 0)
+        errx(1, "infotarget not the same");
+
+    free(key.data);
+    free(answer.data);
+    free(infotarget2.data);
+
+    return 0;
+}
+
+static int
+test_ntlm2_session_resp(void)
+{
+    int ret;
+    struct ntlm_buf lm, ntlm;
+
+    const unsigned char lm_resp[24] =
+        "\xff\xff\xff\x00\x11\x22\x33\x44"
+        "\x00\x00\x00\x00\x00\x00\x00\x00"
+        "\x00\x00\x00\x00\x00\x00\x00\x00";
+    const unsigned char ntlm2_sess_resp[24] =
+        "\x10\xd5\x50\x83\x2d\x12\xb2\xcc"
+        "\xb7\x9d\x5a\xd1\xf4\xee\xd3\xdf"
+        "\x82\xac\xa4\xc3\x68\x1d\xd4\x55";
+
+    const unsigned char client_nonce[8] =
+        "\xff\xff\xff\x00\x11\x22\x33\x44";
+    const unsigned char server_challenge[8] =
+        "\x01\x23\x45\x67\x89\xab\xcd\xef";
+
+    const unsigned char ntlm_hash[16] =
+        "\xcd\x06\xca\x7c\x7e\x10\xc9\x9b"
+        "\x1d\x33\xb7\x48\x5a\x2e\xd8\x08";
+
+    ret = heim_ntlm_calculate_ntlm2_sess(client_nonce,
+                                         server_challenge,
+                                         ntlm_hash,
+                                         &lm,
+                                         &ntlm);
+    if (ret)
+        errx(1, "heim_ntlm_calculate_ntlm2_sess_resp");
+
+    if (lm.length != 24 || memcmp(lm.data, lm_resp, 24) != 0)
+        errx(1, "lm_resp wrong");
+    if (ntlm.length != 24 || memcmp(ntlm.data, ntlm2_sess_resp, 24) != 0)
+        errx(1, "ntlm2_sess_resp wrong");
+
+    free(lm.data);
+    free(ntlm.data);
+
+
+    return 0;
+}
+
+static int
+test_targetinfo(void)
+{
+    struct ntlm_targetinfo ti;
+    struct ntlm_buf buf;
+    const char *dnsservername = "dnsservername";
+    int ret;
+
+    memset(&ti, 0, sizeof(ti));
+
+    ti.dnsservername = rk_UNCONST(dnsservername);
+    ti.avflags = 1;
+    ret = heim_ntlm_encode_targetinfo(&ti, 1, &buf);
+    if (ret)
+        return ret;
+
+    memset(&ti, 0, sizeof(ti));
+
+    ret = heim_ntlm_decode_targetinfo(&buf, 1, &ti);
+    if (ret)
+        return ret;
+
+    if (ti.dnsservername == NULL ||
+        strcmp(ti.dnsservername, dnsservername) != 0)
+        errx(1, "ti.dnshostname != %s", dnsservername);
+    if (ti.avflags != 1)
+        errx(1, "ti.avflags != 1");
+
+    heim_ntlm_free_targetinfo(&ti);
+
+    return 0;
+}
+
+static int verbose_flag = 0;
+static int version_flag = 0;
+static int help_flag    = 0;
+
+static struct getargs args[] = {
+    {"verbose", 0,      arg_flag,       &verbose_flag, "verbose printing", NULL },
+    {"version", 0,      arg_flag,       &version_flag, "print version", NULL },
+    {"help",    0,      arg_flag,       &help_flag,  NULL, NULL }
+};
+
+static void
+usage (int ret)
+{
+    arg_printusage (args, sizeof(args)/sizeof(*args),
+                    NULL, "");
+    exit (ret);
+}
+
+int
+main(int argc, char **argv)
+{
+    int ret = 0, optind = 0;
+
+    setprogname(argv[0]);
+
+    if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind))
+        usage(1);
+
+    if (help_flag)
+        usage (0);
+
+    if(version_flag){
+        print_version(NULL);
+        exit(0);
+    }
+
+    argc -= optind;
+    argv += optind;
+
+    if (verbose_flag)
+        printf("test_parse\n");
+
+    ret += test_parse();
+    if (verbose_flag)
+        printf("test_keys\n");
+
+    ret += test_keys();
+    if (verbose_flag)
+        printf("test_ntlm2_session_resp\n");
+    ret += test_ntlm2_session_resp();
+
+    if (verbose_flag)
+        printf("test_targetinfo\n");
+    ret += test_targetinfo();
+
+    return ret;
+}
+
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalntlmlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/ntlm/man/man3/challenge.3 b/doc/doxyout/ntlm/man/man3/challenge.3 new file mode 100644 index 000000000000..a7659b3d1feb --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/challenge.3 @@ -0,0 +1 @@ +.so man3/ntlm_type2.3 diff --git a/doc/doxyout/ntlm/man/man3/context.3 b/doc/doxyout/ntlm/man/man3/context.3 new file mode 100644 index 000000000000..a7659b3d1feb --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/context.3 @@ -0,0 +1 @@ +.so man3/ntlm_type2.3 diff --git a/doc/doxyout/ntlm/man/man3/data.3 b/doc/doxyout/ntlm/man/man3/data.3 new file mode 100644 index 000000000000..340108f66d7b --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/data.3 @@ -0,0 +1 @@ +.so man3/ntlm_buf.3 diff --git a/doc/doxyout/ntlm/man/man3/domain.3 b/doc/doxyout/ntlm/man/man3/domain.3 new file mode 100644 index 000000000000..d1020b43b40d --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/domain.3 @@ -0,0 +1 @@ +.so man3/ntlm_type1.3 diff --git a/doc/doxyout/ntlm/man/man3/flags.3 b/doc/doxyout/ntlm/man/man3/flags.3 new file mode 100644 index 000000000000..d1020b43b40d --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/flags.3 @@ -0,0 +1 @@ +.so man3/ntlm_type1.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_build_ntlm1_master.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_build_ntlm1_master.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_build_ntlm1_master.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_build_ntlm2_master.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_build_ntlm2_master.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_build_ntlm2_master.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_calculate_lm2.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_calculate_lm2.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_calculate_lm2.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_calculate_ntlm1.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_calculate_ntlm1.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_calculate_ntlm1.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_calculate_ntlm2.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_calculate_ntlm2.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_calculate_ntlm2.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_decode_targetinfo.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_decode_targetinfo.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_decode_targetinfo.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_encode_targetinfo.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_encode_targetinfo.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_encode_targetinfo.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_encode_type1.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_encode_type1.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_encode_type1.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_encode_type2.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_encode_type2.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_encode_type2.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_encode_type3.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_encode_type3.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_encode_type3.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_free_buf.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_free_buf.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_free_buf.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_free_targetinfo.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_free_targetinfo.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_free_targetinfo.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_free_type1.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_free_type1.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_free_type1.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_free_type2.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_free_type2.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_free_type2.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_free_type3.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_free_type3.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_free_type3.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_keyex_unwrap.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_keyex_unwrap.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_keyex_unwrap.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_nt_key.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_nt_key.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_nt_key.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_ntlmv2_key.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_ntlmv2_key.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_ntlmv2_key.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/heim_ntlm_verify_ntlm2.3 b/doc/doxyout/ntlm/man/man3/heim_ntlm_verify_ntlm2.3 new file mode 100644 index 000000000000..c44afffe65ef --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/heim_ntlm_verify_ntlm2.3 @@ -0,0 +1 @@ +.so man3/ntlm_core.3 diff --git a/doc/doxyout/ntlm/man/man3/hostname.3 b/doc/doxyout/ntlm/man/man3/hostname.3 new file mode 100644 index 000000000000..d1020b43b40d --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/hostname.3 @@ -0,0 +1 @@ +.so man3/ntlm_type1.3 diff --git a/doc/doxyout/ntlm/man/man3/length.3 b/doc/doxyout/ntlm/man/man3/length.3 new file mode 100644 index 000000000000..340108f66d7b --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/length.3 @@ -0,0 +1 @@ +.so man3/ntlm_buf.3 diff --git a/doc/doxyout/ntlm/man/man3/lm.3 b/doc/doxyout/ntlm/man/man3/lm.3 new file mode 100644 index 000000000000..de392aede5fd --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/lm.3 @@ -0,0 +1 @@ +.so man3/ntlm_type3.3 diff --git a/doc/doxyout/ntlm/man/man3/ntlm.3 b/doc/doxyout/ntlm/man/man3/ntlm.3 new file mode 100644 index 000000000000..de392aede5fd --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/ntlm.3 @@ -0,0 +1 @@ +.so man3/ntlm_type3.3 diff --git a/doc/doxyout/ntlm/man/man3/ntlm_buf.3 b/doc/doxyout/ntlm/man/man3/ntlm_buf.3 new file mode 100644 index 000000000000..5e7fe858897f --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/ntlm_buf.3 @@ -0,0 +1,48 @@ +.TH "ntlm_buf" 3 "30 Jul 2011" "Version 1.5" "Heimdalntlmlibrary" \" -*- nroff -*- +.ad l +.nh +.SH NAME +ntlm_buf \- +.SH SYNOPSIS +.br +.PP +\fC#include \fP +.PP +.SS "Data Fields" + +.in +1c +.ti -1c +.RI "size_t \fBlength\fP" +.br +.ti -1c +.RI "void * \fBdata\fP" +.br +.in -1c +.SH "Detailed Description" +.PP +Buffer for storing data in the NTLM library. When filled in by the library it should be freed with \fBheim_ntlm_free_buf()\fP. +.PP +\fBExamples: \fP +.in +1c +.PP +\fBtest_ntlm.c\fP. +.SH "Field Documentation" +.PP +.SS "size_t \fBntlm_buf::length\fP" +.PP +length buffer data +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "void* \fBntlm_buf::data\fP" +.PP +pointer to the data itself +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. + +.SH "Author" +.PP +Generated automatically by Doxygen for Heimdalntlmlibrary from the source code. diff --git a/doc/doxyout/ntlm/man/man3/ntlm_core.3 b/doc/doxyout/ntlm/man/man3/ntlm_core.3 new file mode 100644 index 000000000000..20b2ec6756e7 --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/ntlm_core.3 @@ -0,0 +1,421 @@ +.TH "Heimdal NTLM library" 3 "30 Jul 2011" "Version 1.5" "Heimdalntlmlibrary" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal NTLM library \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "void \fBheim_ntlm_free_buf\fP (struct \fBntlm_buf\fP *p)" +.br +.ti -1c +.RI "void \fBheim_ntlm_free_targetinfo\fP (struct ntlm_targetinfo *ti)" +.br +.ti -1c +.RI "int \fBheim_ntlm_encode_targetinfo\fP (const struct ntlm_targetinfo *ti, int ucs2, struct \fBntlm_buf\fP *data)" +.br +.ti -1c +.RI "int \fBheim_ntlm_decode_targetinfo\fP (const struct \fBntlm_buf\fP *data, int ucs2, struct ntlm_targetinfo *ti)" +.br +.ti -1c +.RI "void \fBheim_ntlm_free_type1\fP (struct \fBntlm_type1\fP *data)" +.br +.ti -1c +.RI "int \fBheim_ntlm_encode_type1\fP (const struct \fBntlm_type1\fP *type1, struct \fBntlm_buf\fP *data)" +.br +.ti -1c +.RI "void \fBheim_ntlm_free_type2\fP (struct \fBntlm_type2\fP *data)" +.br +.ti -1c +.RI "int \fBheim_ntlm_encode_type2\fP (const struct \fBntlm_type2\fP *type2, struct \fBntlm_buf\fP *data)" +.br +.ti -1c +.RI "void \fBheim_ntlm_free_type3\fP (struct \fBntlm_type3\fP *data)" +.br +.ti -1c +.RI "int \fBheim_ntlm_encode_type3\fP (const struct \fBntlm_type3\fP *type3, struct \fBntlm_buf\fP *data)" +.br +.ti -1c +.RI "int \fBheim_ntlm_nt_key\fP (const char *password, struct \fBntlm_buf\fP *key)" +.br +.ti -1c +.RI "int \fBheim_ntlm_calculate_ntlm1\fP (void *key, size_t len, unsigned char challenge[8], struct \fBntlm_buf\fP *answer)" +.br +.ti -1c +.RI "int \fBheim_ntlm_build_ntlm1_master\fP (void *key, size_t len, struct \fBntlm_buf\fP *session, struct \fBntlm_buf\fP *master)" +.br +.ti -1c +.RI "int \fBheim_ntlm_build_ntlm2_master\fP (void *key, size_t len, struct \fBntlm_buf\fP *blob, struct \fBntlm_buf\fP *session, struct \fBntlm_buf\fP *master)" +.br +.ti -1c +.RI "int \fBheim_ntlm_keyex_unwrap\fP (struct \fBntlm_buf\fP *baseKey, struct \fBntlm_buf\fP *encryptedSession, struct \fBntlm_buf\fP *session)" +.br +.ti -1c +.RI "int \fBheim_ntlm_ntlmv2_key\fP (const void *key, size_t len, const char *username, const char *target, unsigned char ntlmv2[16])" +.br +.ti -1c +.RI "int \fBheim_ntlm_calculate_lm2\fP (const void *key, size_t len, const char *username, const char *target, const unsigned char serverchallenge[8], unsigned char ntlmv2[16], struct \fBntlm_buf\fP *answer)" +.br +.ti -1c +.RI "int \fBheim_ntlm_calculate_ntlm2\fP (const void *key, size_t len, const char *username, const char *target, const unsigned char serverchallenge[8], const struct \fBntlm_buf\fP *infotarget, unsigned char ntlmv2[16], struct \fBntlm_buf\fP *answer)" +.br +.ti -1c +.RI "int \fBheim_ntlm_verify_ntlm2\fP (const void *key, size_t len, const char *username, const char *target, time_t now, const unsigned char serverchallenge[8], const struct \fBntlm_buf\fP *answer, struct \fBntlm_buf\fP *infotarget, unsigned char ntlmv2[16])" +.br +.in -1c +.SH "Detailed Description" +.PP +The NTLM core functions implement the string2key generation function, message encode and decode function, and the hash function functions. +.SH "Function Documentation" +.PP +.SS "int heim_ntlm_build_ntlm1_master (void * key, size_t len, struct \fBntlm_buf\fP * session, struct \fBntlm_buf\fP * master)" +.PP +Generates an NTLMv1 session random with assosited session master key. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP the ntlm v1 key +.br +\fIlen\fP length of key +.br +\fIsession\fP generated session nonce, should be freed with \fBheim_ntlm_free_buf()\fP. +.br +\fImaster\fP calculated session master key, should be freed with \fBheim_ntlm_free_buf()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + +.SS "int heim_ntlm_build_ntlm2_master (void * key, size_t len, struct \fBntlm_buf\fP * blob, struct \fBntlm_buf\fP * session, struct \fBntlm_buf\fP * master)" +.PP +Generates an NTLMv2 session random with associated session master key. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP the NTLMv2 key +.br +\fIlen\fP length of key +.br +\fIblob\fP the NTLMv2 'blob' +.br +\fIsession\fP generated session nonce, should be freed with \fBheim_ntlm_free_buf()\fP. +.br +\fImaster\fP calculated session master key, should be freed with \fBheim_ntlm_free_buf()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + +.SS "int heim_ntlm_calculate_lm2 (const void * key, size_t len, const char * username, const char * target, const unsigned char serverchallenge[8], unsigned char ntlmv2[16], struct \fBntlm_buf\fP * answer)" +.PP +Calculate LMv2 response +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP the ntlm key +.br +\fIlen\fP length of key +.br +\fIusername\fP name of the user, as sent in the message, assumed to be in UTF8. +.br +\fItarget\fP the name of the target, assumed to be in UTF8. +.br +\fIserverchallenge\fP challenge as sent by the server in the type2 message. +.br +\fIntlmv2\fP calculated session key +.br +\fIanswer\fP ntlm response answer, should be freed with \fBheim_ntlm_free_buf()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + +.SS "int heim_ntlm_calculate_ntlm1 (void * key, size_t len, unsigned char challenge[8], struct \fBntlm_buf\fP * answer)" +.PP +Calculate NTLMv1 response hash +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP the ntlm v1 key +.br +\fIlen\fP length of key +.br +\fIchallenge\fP sent by the server +.br +\fIanswer\fP calculated answer, should be freed with \fBheim_ntlm_free_buf()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + +.SS "int heim_ntlm_calculate_ntlm2 (const void * key, size_t len, const char * username, const char * target, const unsigned char serverchallenge[8], const struct \fBntlm_buf\fP * infotarget, unsigned char ntlmv2[16], struct \fBntlm_buf\fP * answer)" +.PP +Calculate NTLMv2 response +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP the ntlm key +.br +\fIlen\fP length of key +.br +\fIusername\fP name of the user, as sent in the message, assumed to be in UTF8. +.br +\fItarget\fP the name of the target, assumed to be in UTF8. +.br +\fIserverchallenge\fP challenge as sent by the server in the type2 message. +.br +\fIinfotarget\fP infotarget as sent by the server in the type2 message. +.br +\fIntlmv2\fP calculated session key +.br +\fIanswer\fP ntlm response answer, should be freed with \fBheim_ntlm_free_buf()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + +.SS "int heim_ntlm_decode_targetinfo (const struct \fBntlm_buf\fP * data, int ucs2, struct ntlm_targetinfo * ti)" +.PP +Decodes an NTLM targetinfo message +.PP +\fBParameters:\fP +.RS 4 +\fIdata\fP input data buffer with the encode NTLM targetinfo message +.br +\fIucs2\fP if the strings should be encoded with ucs2 (selected by flag in message). +.br +\fIti\fP the decoded target info, should be freed with \fBheim_ntlm_free_targetinfo()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + +.SS "int heim_ntlm_encode_targetinfo (const struct ntlm_targetinfo * ti, int ucs2, struct \fBntlm_buf\fP * data)" +.PP +Encodes a ntlm_targetinfo message. +.PP +\fBParameters:\fP +.RS 4 +\fIti\fP the ntlm_targetinfo message to encode. +.br +\fIucs2\fP ignored +.br +\fIdata\fP is the return buffer with the encoded message, should be freed with \fBheim_ntlm_free_buf()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + +.SS "int heim_ntlm_encode_type1 (const struct \fBntlm_type1\fP * type1, struct \fBntlm_buf\fP * data)" +.PP +Encodes an \fBntlm_type1\fP message. +.PP +\fBParameters:\fP +.RS 4 +\fItype1\fP the \fBntlm_type1\fP message to encode. +.br +\fIdata\fP is the return buffer with the encoded message, should be freed with \fBheim_ntlm_free_buf()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + +.SS "int heim_ntlm_encode_type2 (const struct \fBntlm_type2\fP * type2, struct \fBntlm_buf\fP * data)" +.PP +Encodes an \fBntlm_type2\fP message. +.PP +\fBParameters:\fP +.RS 4 +\fItype2\fP the \fBntlm_type2\fP message to encode. +.br +\fIdata\fP is the return buffer with the encoded message, should be freed with \fBheim_ntlm_free_buf()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + +.SS "int heim_ntlm_encode_type3 (const struct \fBntlm_type3\fP * type3, struct \fBntlm_buf\fP * data)" +.PP +Encodes an \fBntlm_type3\fP message. +.PP +\fBParameters:\fP +.RS 4 +\fItype3\fP the \fBntlm_type3\fP message to encode. +.br +\fIdata\fP is the return buffer with the encoded message, should be freed with \fBheim_ntlm_free_buf()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + +.SS "void heim_ntlm_free_buf (struct \fBntlm_buf\fP * p)" +.PP +heim_ntlm_free_buf frees the ntlm buffer +.PP +\fBParameters:\fP +.RS 4 +\fIp\fP buffer to be freed +.RE +.PP + +.SS "void heim_ntlm_free_targetinfo (struct ntlm_targetinfo * ti)" +.PP +Frees the ntlm_targetinfo message +.PP +\fBParameters:\fP +.RS 4 +\fIti\fP targetinfo to be freed +.RE +.PP + +.SS "void heim_ntlm_free_type1 (struct \fBntlm_type1\fP * data)" +.PP +Frees the \fBntlm_type1\fP message +.PP +\fBParameters:\fP +.RS 4 +\fIdata\fP message to be freed +.RE +.PP + +.SS "void heim_ntlm_free_type2 (struct \fBntlm_type2\fP * data)" +.PP +Frees the \fBntlm_type2\fP message +.PP +\fBParameters:\fP +.RS 4 +\fIdata\fP message to be freed +.RE +.PP + +.SS "void heim_ntlm_free_type3 (struct \fBntlm_type3\fP * data)" +.PP +Frees the \fBntlm_type3\fP message +.PP +\fBParameters:\fP +.RS 4 +\fIdata\fP message to be freed +.RE +.PP + +.SS "int heim_ntlm_keyex_unwrap (struct \fBntlm_buf\fP * baseKey, struct \fBntlm_buf\fP * encryptedSession, struct \fBntlm_buf\fP * session)" +.PP +Given a key and encrypted session, unwrap the session key +.PP +\fBParameters:\fP +.RS 4 +\fIbaseKey\fP the sessionBaseKey +.br +\fIencryptedSession\fP encrypted session, type3.session field. +.br +\fIsession\fP generated session nonce, should be freed with \fBheim_ntlm_free_buf()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + +.SS "int heim_ntlm_nt_key (const char * password, struct \fBntlm_buf\fP * key)" +.PP +Calculate the NTLM key, the password is assumed to be in UTF8. +.PP +\fBParameters:\fP +.RS 4 +\fIpassword\fP password to calcute the key for. +.br +\fIkey\fP calcuted key, should be freed with \fBheim_ntlm_free_buf()\fP. +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + +.SS "int heim_ntlm_ntlmv2_key (const void * key, size_t len, const char * username, const char * target, unsigned char ntlmv2[16])" +.PP +Generates an NTLMv2 session key. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP the ntlm key +.br +\fIlen\fP length of key +.br +\fIusername\fP name of the user, as sent in the message, assumed to be in UTF8. +.br +\fItarget\fP the name of the target, assumed to be in UTF8. +.br +\fIntlmv2\fP the ntlmv2 session key +.RE +.PP +\fBReturns:\fP +.RS 4 +0 on success, or an error code on failure. +.RE +.PP + +.SS "int heim_ntlm_verify_ntlm2 (const void * key, size_t len, const char * username, const char * target, time_t now, const unsigned char serverchallenge[8], const struct \fBntlm_buf\fP * answer, struct \fBntlm_buf\fP * infotarget, unsigned char ntlmv2[16])" +.PP +Verify NTLMv2 response. +.PP +\fBParameters:\fP +.RS 4 +\fIkey\fP the ntlm key +.br +\fIlen\fP length of key +.br +\fIusername\fP name of the user, as sent in the message, assumed to be in UTF8. +.br +\fItarget\fP the name of the target, assumed to be in UTF8. +.br +\fInow\fP the time now (0 if the library should pick it up itself) +.br +\fIserverchallenge\fP challenge as sent by the server in the type2 message. +.br +\fIanswer\fP ntlm response answer, should be freed with \fBheim_ntlm_free_buf()\fP. +.br +\fIinfotarget\fP infotarget as sent by the server in the type2 message. +.br +\fIntlmv2\fP calculated session key +.RE +.PP +\fBReturns:\fP +.RS 4 +In case of success 0 is return, an errors, a errno in what went wrong. +.RE +.PP + diff --git a/doc/doxyout/ntlm/man/man3/ntlm_type1.3 b/doc/doxyout/ntlm/man/man3/ntlm_type1.3 new file mode 100644 index 000000000000..5afdd789c775 --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/ntlm_type1.3 @@ -0,0 +1,68 @@ +.TH "ntlm_type1" 3 "30 Jul 2011" "Version 1.5" "Heimdalntlmlibrary" \" -*- nroff -*- +.ad l +.nh +.SH NAME +ntlm_type1 \- +.SH SYNOPSIS +.br +.PP +\fC#include \fP +.PP +.SS "Data Fields" + +.in +1c +.ti -1c +.RI "uint32_t \fBflags\fP" +.br +.ti -1c +.RI "char * \fBdomain\fP" +.br +.ti -1c +.RI "char * \fBhostname\fP" +.br +.ti -1c +.RI "uint32_t \fBos\fP [2]" +.br +.in -1c +.SH "Detailed Description" +.PP +Struct for the NTLM type1 message info, the strings is assumed to be in UTF8. When filled in by the library it should be freed with \fBheim_ntlm_free_type1()\fP. +.PP +\fBExamples: \fP +.in +1c +.PP +\fBtest_ntlm.c\fP. +.SH "Field Documentation" +.PP +.SS "uint32_t \fBntlm_type1::flags\fP" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "char* \fBntlm_type1::domain\fP" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "char* \fBntlm_type1::hostname\fP" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "uint32_t \fBntlm_type1::os\fP[2]" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. + +.SH "Author" +.PP +Generated automatically by Doxygen for Heimdalntlmlibrary from the source code. diff --git a/doc/doxyout/ntlm/man/man3/ntlm_type2.3 b/doc/doxyout/ntlm/man/man3/ntlm_type2.3 new file mode 100644 index 000000000000..75ca8afe016d --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/ntlm_type2.3 @@ -0,0 +1,80 @@ +.TH "ntlm_type2" 3 "30 Jul 2011" "Version 1.5" "Heimdalntlmlibrary" \" -*- nroff -*- +.ad l +.nh +.SH NAME +ntlm_type2 \- +.SH SYNOPSIS +.br +.PP +\fC#include \fP +.PP +.SS "Data Fields" + +.in +1c +.ti -1c +.RI "uint32_t \fBflags\fP" +.br +.ti -1c +.RI "char * \fBtargetname\fP" +.br +.ti -1c +.RI "struct \fBntlm_buf\fP \fBtargetinfo\fP" +.br +.ti -1c +.RI "unsigned char \fBchallenge\fP [8]" +.br +.ti -1c +.RI "uint32_t \fBcontext\fP [2]" +.br +.ti -1c +.RI "uint32_t \fBos\fP [2]" +.br +.in -1c +.SH "Detailed Description" +.PP +Struct for the NTLM type2 message info, the strings is assumed to be in UTF8. When filled in by the library it should be freed with \fBheim_ntlm_free_type2()\fP. +.PP +\fBExamples: \fP +.in +1c +.PP +\fBtest_ntlm.c\fP. +.SH "Field Documentation" +.PP +.SS "uint32_t \fBntlm_type2::flags\fP" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "char* \fBntlm_type2::targetname\fP" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "struct \fBntlm_buf\fP \fBntlm_type2::targetinfo\fP\fC [read]\fP" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "unsigned char \fBntlm_type2::challenge\fP[8]" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "uint32_t \fBntlm_type2::context\fP[2]" +.PP + +.SS "uint32_t \fBntlm_type2::os\fP[2]" +.PP + + +.SH "Author" +.PP +Generated automatically by Doxygen for Heimdalntlmlibrary from the source code. diff --git a/doc/doxyout/ntlm/man/man3/ntlm_type3.3 b/doc/doxyout/ntlm/man/man3/ntlm_type3.3 new file mode 100644 index 000000000000..300de94d9444 --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/ntlm_type3.3 @@ -0,0 +1,96 @@ +.TH "ntlm_type3" 3 "30 Jul 2011" "Version 1.5" "Heimdalntlmlibrary" \" -*- nroff -*- +.ad l +.nh +.SH NAME +ntlm_type3 \- +.SH SYNOPSIS +.br +.PP +\fC#include \fP +.PP +.SS "Data Fields" + +.in +1c +.ti -1c +.RI "uint32_t \fBflags\fP" +.br +.ti -1c +.RI "char * \fBusername\fP" +.br +.ti -1c +.RI "char * \fBtargetname\fP" +.br +.ti -1c +.RI "struct \fBntlm_buf\fP \fBlm\fP" +.br +.ti -1c +.RI "struct \fBntlm_buf\fP \fBntlm\fP" +.br +.ti -1c +.RI "struct \fBntlm_buf\fP \fBsessionkey\fP" +.br +.ti -1c +.RI "char * \fBws\fP" +.br +.ti -1c +.RI "uint32_t \fBos\fP [2]" +.br +.in -1c +.SH "Detailed Description" +.PP +Struct for the NTLM type3 message info, the strings is assumed to be in UTF8. When filled in by the library it should be freed with \fBheim_ntlm_free_type3()\fP. +.PP +\fBExamples: \fP +.in +1c +.PP +\fBtest_ntlm.c\fP. +.SH "Field Documentation" +.PP +.SS "uint32_t \fBntlm_type3::flags\fP" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "char* \fBntlm_type3::username\fP" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "char* \fBntlm_type3::targetname\fP" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "struct \fBntlm_buf\fP \fBntlm_type3::lm\fP\fC [read]\fP" +.PP + +.SS "struct \fBntlm_buf\fP \fBntlm_type3::ntlm\fP\fC [read]\fP" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "struct \fBntlm_buf\fP \fBntlm_type3::sessionkey\fP\fC [read]\fP" +.PP + +.SS "char* \fBntlm_type3::ws\fP" +.PP + +.PP +\fBExamples: \fP +.in +1c +\fBtest_ntlm.c\fP. +.SS "uint32_t \fBntlm_type3::os\fP[2]" +.PP + + +.SH "Author" +.PP +Generated automatically by Doxygen for Heimdalntlmlibrary from the source code. diff --git a/doc/doxyout/ntlm/man/man3/os.3 b/doc/doxyout/ntlm/man/man3/os.3 new file mode 100644 index 000000000000..d1020b43b40d --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/os.3 @@ -0,0 +1 @@ +.so man3/ntlm_type1.3 diff --git a/doc/doxyout/ntlm/man/man3/sessionkey.3 b/doc/doxyout/ntlm/man/man3/sessionkey.3 new file mode 100644 index 000000000000..de392aede5fd --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/sessionkey.3 @@ -0,0 +1 @@ +.so man3/ntlm_type3.3 diff --git a/doc/doxyout/ntlm/man/man3/targetinfo.3 b/doc/doxyout/ntlm/man/man3/targetinfo.3 new file mode 100644 index 000000000000..a7659b3d1feb --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/targetinfo.3 @@ -0,0 +1 @@ +.so man3/ntlm_type2.3 diff --git a/doc/doxyout/ntlm/man/man3/targetname.3 b/doc/doxyout/ntlm/man/man3/targetname.3 new file mode 100644 index 000000000000..a7659b3d1feb --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/targetname.3 @@ -0,0 +1 @@ +.so man3/ntlm_type2.3 diff --git a/doc/doxyout/ntlm/man/man3/username.3 b/doc/doxyout/ntlm/man/man3/username.3 new file mode 100644 index 000000000000..de392aede5fd --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/username.3 @@ -0,0 +1 @@ +.so man3/ntlm_type3.3 diff --git a/doc/doxyout/ntlm/man/man3/ws.3 b/doc/doxyout/ntlm/man/man3/ws.3 new file mode 100644 index 000000000000..de392aede5fd --- /dev/null +++ b/doc/doxyout/ntlm/man/man3/ws.3 @@ -0,0 +1 @@ +.so man3/ntlm_type3.3 diff --git a/doc/doxyout/ntlm/manpages b/doc/doxyout/ntlm/manpages new file mode 100644 index 000000000000..d79b6dd9a43a --- /dev/null +++ b/doc/doxyout/ntlm/manpages @@ -0,0 +1,39 @@ +ntlm/man/man3/challenge.3 +ntlm/man/man3/context.3 +ntlm/man/man3/data.3 +ntlm/man/man3/domain.3 +ntlm/man/man3/flags.3 +ntlm/man/man3/heim_ntlm_build_ntlm1_master.3 +ntlm/man/man3/heim_ntlm_build_ntlm2_master.3 +ntlm/man/man3/heim_ntlm_calculate_lm2.3 +ntlm/man/man3/heim_ntlm_calculate_ntlm1.3 +ntlm/man/man3/heim_ntlm_calculate_ntlm2.3 +ntlm/man/man3/heim_ntlm_decode_targetinfo.3 +ntlm/man/man3/heim_ntlm_encode_targetinfo.3 +ntlm/man/man3/heim_ntlm_encode_type1.3 +ntlm/man/man3/heim_ntlm_encode_type2.3 +ntlm/man/man3/heim_ntlm_encode_type3.3 +ntlm/man/man3/heim_ntlm_free_buf.3 +ntlm/man/man3/heim_ntlm_free_targetinfo.3 +ntlm/man/man3/heim_ntlm_free_type1.3 +ntlm/man/man3/heim_ntlm_free_type2.3 +ntlm/man/man3/heim_ntlm_free_type3.3 +ntlm/man/man3/heim_ntlm_keyex_unwrap.3 +ntlm/man/man3/heim_ntlm_nt_key.3 +ntlm/man/man3/heim_ntlm_ntlmv2_key.3 +ntlm/man/man3/heim_ntlm_verify_ntlm2.3 +ntlm/man/man3/hostname.3 +ntlm/man/man3/length.3 +ntlm/man/man3/lm.3 +ntlm/man/man3/ntlm.3 +ntlm/man/man3/ntlm_buf.3 +ntlm/man/man3/ntlm_core.3 +ntlm/man/man3/ntlm_type1.3 +ntlm/man/man3/ntlm_type2.3 +ntlm/man/man3/ntlm_type3.3 +ntlm/man/man3/os.3 +ntlm/man/man3/sessionkey.3 +ntlm/man/man3/targetinfo.3 +ntlm/man/man3/targetname.3 +ntlm/man/man3/username.3 +ntlm/man/man3/ws.3 diff --git a/doc/doxyout/wind/html/doxygen.css b/doc/doxyout/wind/html/doxygen.css new file mode 100644 index 000000000000..22c484301dd1 --- /dev/null +++ b/doc/doxyout/wind/html/doxygen.css @@ -0,0 +1,473 @@ +BODY,H1,H2,H3,H4,H5,H6,P,CENTER,TD,TH,UL,DL,DIV { + font-family: Geneva, Arial, Helvetica, sans-serif; +} +BODY,TD { + font-size: 90%; +} +H1 { + text-align: center; + font-size: 160%; +} +H2 { + font-size: 120%; +} +H3 { + font-size: 100%; +} +CAPTION { + font-weight: bold +} +DIV.qindex { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navpath { + width: 100%; + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + padding: 2px; + line-height: 140%; +} +DIV.navtab { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +TD.navtab { + font-size: 70%; +} +A.qindex { + text-decoration: none; + font-weight: bold; + color: #1A419D; +} +A.qindex:visited { + text-decoration: none; + font-weight: bold; + color: #1A419D +} +A.qindex:hover { + text-decoration: none; + background-color: #ddddff; +} +A.qindexHL { + text-decoration: none; + font-weight: bold; + background-color: #6666cc; + color: #ffffff; + border: 1px double #9295C2; +} +A.qindexHL:hover { + text-decoration: none; + background-color: #6666cc; + color: #ffffff; +} +A.qindexHL:visited { + text-decoration: none; + background-color: #6666cc; + color: #ffffff +} +A.el { + text-decoration: none; + font-weight: bold +} +A.elRef { + font-weight: bold +} +A.code:link { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.code:visited { + text-decoration: none; + font-weight: normal; + color: #0000FF +} +A.codeRef:link { + font-weight: normal; + color: #0000FF +} +A.codeRef:visited { + font-weight: normal; + color: #0000FF +} +A:hover { + text-decoration: none; + background-color: #f2f2ff +} +DL.el { + margin-left: -1cm +} +.fragment { + font-family: monospace, fixed; + font-size: 95%; +} +PRE.fragment { + border: 1px solid #CCCCCC; + background-color: #f5f5f5; + margin-top: 4px; + margin-bottom: 4px; + margin-left: 2px; + margin-right: 8px; + padding-left: 6px; + padding-right: 6px; + padding-top: 4px; + padding-bottom: 4px; +} +DIV.ah { + background-color: black; + font-weight: bold; + color: #ffffff; + margin-bottom: 3px; + margin-top: 3px +} + +DIV.groupHeader { + margin-left: 16px; + margin-top: 12px; + margin-bottom: 6px; + font-weight: bold; +} +DIV.groupText { + margin-left: 16px; + font-style: italic; + font-size: 90% +} +BODY { + background: white; + color: black; + margin-right: 20px; + margin-left: 20px; +} +TD.indexkey { + background-color: #e8eef2; + font-weight: bold; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TD.indexvalue { + background-color: #e8eef2; + font-style: italic; + padding-right : 10px; + padding-top : 2px; + padding-left : 10px; + padding-bottom : 2px; + margin-left : 0px; + margin-right : 0px; + margin-top : 2px; + margin-bottom : 2px; + border: 1px solid #CCCCCC; +} +TR.memlist { + background-color: #f0f0f0; +} +P.formulaDsp { + text-align: center; +} +IMG.formulaDsp { +} +IMG.formulaInl { + vertical-align: middle; +} +SPAN.keyword { color: #008000 } +SPAN.keywordtype { color: #604020 } +SPAN.keywordflow { color: #e08000 } +SPAN.comment { color: #800000 } +SPAN.preprocessor { color: #806020 } +SPAN.stringliteral { color: #002080 } +SPAN.charliteral { color: #008080 } +SPAN.vhdldigit { color: #ff00ff } +SPAN.vhdlchar { color: #000000 } +SPAN.vhdlkeyword { color: #700070 } +SPAN.vhdllogic { color: #ff0000 } + +.mdescLeft { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.mdescRight { + padding: 0px 8px 4px 8px; + font-size: 80%; + font-style: italic; + background-color: #FAFAFA; + border-top: 1px none #E0E0E0; + border-right: 1px none #E0E0E0; + border-bottom: 1px none #E0E0E0; + border-left: 1px none #E0E0E0; + margin: 0px; +} +.memItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemLeft { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplItemRight { + padding: 1px 8px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: none; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + background-color: #FAFAFA; + font-size: 80%; +} +.memTemplParams { + padding: 1px 0px 0px 8px; + margin: 4px; + border-top-width: 1px; + border-right-width: 1px; + border-bottom-width: 1px; + border-left-width: 1px; + border-top-color: #E0E0E0; + border-right-color: #E0E0E0; + border-bottom-color: #E0E0E0; + border-left-color: #E0E0E0; + border-top-style: solid; + border-right-style: none; + border-bottom-style: none; + border-left-style: none; + color: #606060; + background-color: #FAFAFA; + font-size: 80%; +} +.search { + color: #003399; + font-weight: bold; +} +FORM.search { + margin-bottom: 0px; + margin-top: 0px; +} +INPUT.search { + font-size: 75%; + color: #000080; + font-weight: normal; + background-color: #e8eef2; +} +TD.tiny { + font-size: 75%; +} +a { + color: #1A41A8; +} +a:visited { + color: #2A3798; +} +.dirtab { + padding: 4px; + border-collapse: collapse; + border: 1px solid #84b0c7; +} +TH.dirtab { + background: #e8eef2; + font-weight: bold; +} +HR { + height: 1px; + border: none; + border-top: 1px solid black; +} + +/* Style for detailed member documentation */ +.memtemplate { + font-size: 80%; + color: #606060; + font-weight: normal; + margin-left: 3px; +} +.memnav { + background-color: #e8eef2; + border: 1px solid #84b0c7; + text-align: center; + margin: 2px; + margin-right: 15px; + padding: 2px; +} +.memitem { + padding: 4px; + background-color: #eef3f5; + border-width: 1px; + border-style: solid; + border-color: #dedeee; + -moz-border-radius: 8px 8px 8px 8px; +} +.memname { + white-space: nowrap; + font-weight: bold; +} +.memdoc{ + padding-left: 10px; +} +.memproto { + background-color: #d5e1e8; + width: 100%; + border-width: 1px; + border-style: solid; + border-color: #84b0c7; + font-weight: bold; + -moz-border-radius: 8px 8px 8px 8px; +} +.paramkey { + text-align: right; +} +.paramtype { + white-space: nowrap; +} +.paramname { + color: #602020; + font-style: italic; + white-space: nowrap; +} +/* End Styling for detailed member documentation */ + +/* for the tree view */ +.ftvtree { + font-family: sans-serif; + margin:0.5em; +} +/* these are for tree view when used as main index */ +.directory { + font-size: 9pt; + font-weight: bold; +} +.directory h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} + +/* The following two styles can be used to replace the root node title */ +/* with an image of your choice. Simply uncomment the next two styles, */ +/* specify the name of your image and be sure to set 'height' to the */ +/* proper pixel height of your image. */ + +/* .directory h3.swap { */ +/* height: 61px; */ +/* background-repeat: no-repeat; */ +/* background-image: url("yourimage.gif"); */ +/* } */ +/* .directory h3.swap span { */ +/* display: none; */ +/* } */ + +.directory > h3 { + margin-top: 0; +} +.directory p { + margin: 0px; + white-space: nowrap; +} +.directory div { + display: none; + margin: 0px; +} +.directory img { + vertical-align: -30%; +} +/* these are for tree view when not used as main index */ +.directory-alt { + font-size: 100%; + font-weight: bold; +} +.directory-alt h3 { + margin: 0px; + margin-top: 1em; + font-size: 11pt; +} +.directory-alt > h3 { + margin-top: 0; +} +.directory-alt p { + margin: 0px; + white-space: nowrap; +} +.directory-alt div { + display: none; + margin: 0px; +} +.directory-alt img { + vertical-align: -30%; +} + diff --git a/doc/doxyout/wind/html/doxygen.png b/doc/doxyout/wind/html/doxygen.png new file mode 100644 index 0000000000000000000000000000000000000000..f0a274bbaffdd67f6d784c894d9cf28729db0e14 GIT binary patch literal 1281 zcmaJ>ZA?>F7(Vx-ms?uoS`b@hdRtpo6o^%HU>M$hfGrBvQnk$LE?p^P!kn&ikhyq! zX~V@&tPF5Qt@V?oTL96Bi%aRiwbe1)9DWQI#?)=HxS7QSw`J`5fAJ*eJbB;uNuKA& zdERDo*{Y<(If(#(B$Lr#;nB(8Y#ia=ZCeW?JfPLuQY`=@cW$k}Rivq|vbxGrRq1Tl9;+(gNt?}UtVKM2`T5t1jLzuL@0UIs`S#vlhl4)^ zLgSYrPj@$+`|j?eSbXTmiHGkWxV8V}BzNR?pl9k_s4pDu9vd5a_UzZEPk)}Ad{AV_ zzddrjrh4=Imr`E06;LY{)YYt?o}L~H@7C}F^WB!Ra=v`Q0bj{>5&$66CWF>mf6vjP z2N>RRY6ZYa=K`76>+|_)Xdwko+7wv}7cN|btOhWb(*{sta~6b?S8Omrxw}!4`NhGr zZVpNqpu1@BE`QGWNTpEpcJVW5izu~2B^GlM?1(OPg)zwW;QcP@Ltcclm>XbJL9C|j z=9!2?ua=uIlf0%AndzHsRC}IyTL$EhAee(fdKB`?27KeS^2M8M_7b~PiCFO&r5LC7 z7gl1*a<8;SjNaw#h=843_AV9iZbWQOAp5YOC^&_F*9K0> zB|6%IDb?aM#3viTxkLU4aXg&@+CkNTOnQ1iMP*^?b|^lJy$4C)Zk4isV!|RZ*XhXh zw8q3$=*0LeGC!XI_Wc?dkT~3+*Gu%%yIqP+Wr3H$=&ROMQU6q}Ag^P~>c5vAEO;a- z_dK-3PPeKar%)6$j~vI2#*-YH!1h6HYVtwCX5_wM`iF#UKz&&@9Oo5w3%XGYrX zW>dY~)SG-((Yim%`InwgTvyRC?e=Wh^8KCao!R6Eg&TpVWUY1sN~4G}V?nFnEGo-; zHZ_$eW9-GnC%^WS9b z@p;-$oH#MtC0v>Q$HX%4^JdFdO$0cbv-W)Q TtK}Eh@>>I#ipmV1>S*>q-hkC} literal 0 HcmV?d00001 diff --git a/doc/doxyout/wind/html/graph_legend.dot b/doc/doxyout/wind/html/graph_legend.dot new file mode 100644 index 000000000000..4df0f1aa4864 --- /dev/null +++ b/doc/doxyout/wind/html/graph_legend.dot @@ -0,0 +1,22 @@ +digraph G +{ + edge [fontname="FreeSans",fontsize=10,labelfontname="FreeSans",labelfontsize=10]; + node [fontname="FreeSans",fontsize=10,shape=record]; + Node9 [shape="box",label="Inherited",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",fillcolor="grey75",style="filled" fontcolor="black"]; + Node10 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node10 [shape="box",label="PublicBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPublicBase.html"]; + Node11 -> Node10 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node11 [shape="box",label="Truncated",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="red",URL="$classTruncated.html"]; + Node13 -> Node9 [dir=back,color="darkgreen",fontsize=10,style="solid",fontname="FreeSans"]; + Node13 [shape="box",label="ProtectedBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classProtectedBase.html"]; + Node14 -> Node9 [dir=back,color="firebrick4",fontsize=10,style="solid",fontname="FreeSans"]; + Node14 [shape="box",label="PrivateBase",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classPrivateBase.html"]; + Node15 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node15 [shape="box",label="Undocumented",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="grey75"]; + Node16 -> Node9 [dir=back,color="midnightblue",fontsize=10,style="solid",fontname="FreeSans"]; + Node16 [shape="box",label="Templ< int >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node17 -> Node16 [dir=back,color="orange",fontsize=10,style="dashed",label="< int >",fontname="FreeSans"]; + Node17 [shape="box",label="Templ< T >",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classTempl.html"]; + Node18 -> Node9 [dir=back,color="darkorchid3",fontsize=10,style="dashed",label="m_usedClass",fontname="FreeSans"]; + Node18 [shape="box",label="Used",fontsize=10,height=0.2,width=0.4,fontname="FreeSans",color="black",URL="$classUsed.html"]; +} diff --git a/doc/doxyout/wind/html/graph_legend.html b/doc/doxyout/wind/html/graph_legend.html new file mode 100644 index 000000000000..544d88869b23 --- /dev/null +++ b/doc/doxyout/wind/html/graph_legend.html @@ -0,0 +1,87 @@ + + +Heimdalwindlibrary: Graph Legend + + + +

+keyhole logo +

+ + + +
+

Graph Legend

This page explains how to interpret the graphs that are generated by doxygen.

+Consider the following example: 

/*! Invisible class because of truncation */
+class Invisible { };
+
+/*! Truncated class, inheritance relation is hidden */
+class Truncated : public Invisible { };
+
+/* Class not documented with doxygen comments */
+class Undocumented { };
+
+/*! Class that is inherited using public inheritance */
+class PublicBase : public Truncated { };
+
+/*! A template class */
+template<class T> class Templ { };
+
+/*! Class that is inherited using protected inheritance */
+class ProtectedBase { };
+
+/*! Class that is inherited using private inheritance */
+class PrivateBase { };
+
+/*! Class that is used by the Inherited class */
+class Used { };
+
+/*! Super class that inherits a number of other classes */
+class Inherited : public PublicBase,
+                  protected ProtectedBase,
+                  private PrivateBase,
+                  public Undocumented,
+                  public Templ<int>
+{
+  private:
+    Used *m_usedClass;
+};
+
If the MAX_DOT_GRAPH_HEIGHT tag in the configuration file is set to 240 this will result in the following graph:

+

+graph_legend.png +
+

+The boxes in the above graph have the following meaning:

    +
  • +A filled gray box represents the struct or class for which the graph is generated.
    • +
  • +A box with a black border denotes a documented struct or class.
    • +
  • +A box with a grey border denotes an undocumented struct or class.
    • +
  • +A box with a red border denotes a documented struct or class forwhich not all inheritance/containment relations are shown. A graph is truncated if it does not fit within the specified boundaries.
    • +
+The arrows have the following meaning:
    +
  • +A dark blue arrow is used to visualize a public inheritance relation between two classes.
    • +
  • +A dark green arrow is used for protected inheritance.
    • +
  • +A dark red arrow is used for private inheritance.
    • +
  • +A purple dashed arrow is used if a class is contained or used by another class. The arrow is labeled with the variable(s) through which the pointed class or struct is accessible.
    • +
  • +A yellow dashed arrow denotes a relation between a template instance and the template class it was instantiated from. The arrow is labeled with the template parameters of the instance.
    • +
+
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalwindlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/wind/html/graph_legend.png b/doc/doxyout/wind/html/graph_legend.png new file mode 100644 index 0000000000000000000000000000000000000000..9b96937bfd5f7a36ea8dbf2d64ed1bc0768f074d GIT binary patch literal 4256 zcmbVQdpOkH_8+NND!Jtq6-jtSR7_-I$|WI0?zfSY$_$d3afzvf+>+dd5k>AJ%rwTO zToWRpOjQk;SpA-vZaxFm|)qS zZ0&nc$jcV$urMS*mT>5$AW~=+0-V=-hk3d;65QJTE=oj@xp?1=Mih?*SJGP9x;tMV zMGEN%60bmjDaijL58nc4RjF^hegOwU1I*ccRUmxdMkPM4ng0%#|DsH zA6uS>izR^x-*dYB+Y^@(q_fm3bgQzJ)xH_6x>lGwshWF+C5$5dh3sYD)tK+C6U)CD z^Xomarii5PA4v8qF_zz#buUwD?ro`8dC&7V-sShflU~*CBDZ04x4+3qE16W{eL_xd z3YaO}b1qpA9YL|0YKdw~2PzM=1=7+ItLm0+tST@%D(MNDzHR)+2t0d#|s}$9i(3xGzT8VL8o-ltIwH zpspqZeXR&2qA6r=nJVuhHO>d5w2$gp9i$H^6ROz!yNTjvm&9kupV73|GPJbXR%Sq0{>>GOn}^wshXC&C~6F@ zQEtikDzl-h2C}qRulGQ3fxzQMGiQH>nv}zkLLPr|qAC;3@PP$cr?(+-t?Wl3jb0<+ z#bCd_jVJ74%s*@eBjHtio7tZ>$BFt@%$M_C#AZgnzPm@&TXYQgE_Vo-ac(6wcJS^F zq)^14asP#Se^m*cnG^`{K>nXv_jhChvr_3s{zCkoqlsf=o8GQ>m@l2)em-YYT;u5A zvL(o`$7n~F&}`E{@&v375BP8e8N#D`H-e$%bEytQt-6o^PA%Dz4c-UeB{`~c4E<$L zY5E6~rKXj#P=fpct4bMP!auX;p7jtP@Li|`r|L0{yav|CLqtLNI5sNFr)16{NP2=B zyY+-Wnh;%3ctC&{8FU{!e29-)s6j~L{~V=%0`Mo=V6^am+1%z2<9r3tD~6uUPff|k zVx!)!?zoJ8FYTDC+V^!??@ z4c>lSL|BU?N^?Ew@NJxJzG9eMGFyR)(2&@Nt!t3%JLT|%6obYCChp}`hP)dkti;UH zm+B_wyb0#h=*|iH4Fx&x>#k_WnyfzU(!KMagDGGLWwz39qG2@`w4@&@8MH}K=hcV> zo@xJdqtMHqtZ+UobNt|FkIRV*_Z#K{{Bb)#j z9XM+oNQX|Dn7$9c4;PX=9NRr)QYm+3 z zx^AyiP)aaJ#E<#aI_Z4M0qo~}6_b{Fw7LjYEpq&2eP4e=;`V;2lQjooTv3dWIpwWu z2b1z&DZD^dJ%5Ah@TPsb?SUP1RZa2=43!k>cAI`kktGdN*#k}_EFYJBtdo09U?xBs z9K9CSx_e{=df>B<4TT_=s52}n^1IKq){xhJIZR<%sQ$rL)Ww)Yt%WkDo#ad}s&Gx5 z={);tH9sSrJ>yD-tu!$ob?tPKmFU3SdDt@i5ULq$P+JZ&rBZXITMM2R4_v1ibgOiq zMgY#(>xF-;&)HonG+sHE@%)-B1*r)@ga3!db-Vc_x}smbXU4=Ycmit0F{Z9Z=q9*k zSY@ypaOs8`MX!BUZQ8*PNmX5$J|!1|LUar)5#Wv*4#g@nfsebEcx9@8Xwfb0Q9P(} z=SQ6#aIE*x06hjIS#Bd%McoJc%>SXksuJY|iLLCE2cQVDS=q0ExRn*~`i=fOw%XSg zjPMNGM@azaROpa|{rz4!=+zKM?qLTssH`{-E+@6Hhis|f3;+_M-ZtTHa|~uvmR1gf ztc+og%<|DBdt%HY{wmosZ0Dwo_$k|E-l5uc@dsfQXM7S|Iz@BxYy&z}hOFW|~F{vQ0Osp+?FjWk}l^^`$3d&Um1 z?&sxr?AAGlD4Khy<_>4od`Bblh?&9%UY#-Jq!c|?kU+hLL^MH@`5+jaq0btJpn7*b#Oeh1GEn6atjaCyIWfr0OqB$o*_K7>Hw0 z?BwrA^UZy(f_CdPoNz0!X6_EX?r80CuKuJ>x7Nfyd8EE%k&D?|=iJJfS>IQjndp+} zQwBq!$`>mvPmG!I^V(%R)Gym_|72^0&$a-L)TN^qtKvF!jlxIo?PRq6kTb-X53|%h z?IKy}wPh>cXPpl!CgqlED%v-a$)H5&WV66^EQctD_=l_ z8tuq$z=3tBNHyzQ{oqHd0c`bijo3DfaK&P6ljOYB*yU$_@k`qhq8=mtA4jS1B1K(j zvo2FBwlJ2mJRPCUqlyR$(a}O)y*2{y;Q!N$t<@I0rtBY~s9-^ohW}mp>mSLEID_fCC?)BC#xQVv6?MP3l1#chr!wPGR>M7_ma= zq&T4QLL#pPdxWMc8$@t?@@dX?v6SXk)pHf5YJBDF1J==c$=Ycr+-OyqR^Hvbl3sPR z*>|+VVnI4^ix_q({i~Ss$FYFSvqug*Szu}$jsTR7w#ajG&vB+e-65%XO$A}#xf?z1 zg)!qcIUN0peM-ZkW0&88#R#(`yIXN3nMRX3+scl<5eJ{+iXh{t%uA$^_(QR&k?6b}K!<(1P zqwP4`%br=wo_WfO34*7x=@)Qk8fo1(!f2_Wx<|KCf>TXR>Fs0He*PA|d0Gy2j)&Wm z%VnPoVWk((0ZN^Z;9t1nfauExQsXD8>~~^(ibEcj>iyB>^{0^bacb(gZMDZOg!?o2 zVa@4%Q3kdQ_jg7p|GidA+;Dh4mlhvBOEsuq(9T4mj7oc$7JRBo7sK z*E^0e%k=;_*U4pQ>$TPd_p@|Nm&X+6SCcizU6^Uhlfh+H#~(#zENDe!uqZ){ma3WhTpgE+}F#p~*bqL)ZYn`y8- zBOJ+jO4A2S!yO<}KP2QQ_3v@|Y0!qSg0~x9LPU!Rsy0*lW)2#guxB_)5P-_Hzz)sa zrnuTszvZ!oPt?A{2s%#E?qLUMss-0P-a={w>U|QXvO8{_pDLhOoY0}ZSU>&a#hJ<$ zf4Q&uT+Go7?*M0-NYFE>V%3O24hlHr&CvTIS_##QeB#n}e(gAe6vWs=NZv-DofbkO zu7$-h7Q@{+$HyEaDZEwf6AwUFq;NBnTgsf5s%mT33zz?)Ep+-3VmZ8*J#3y~)Ura$ zpPFz&43@7o6>!a?EZ!3?!?z=`K9*}HvAgu@#TSq?Ptjq6-{ylGIr3f2q%wW0|I7*vVROWS&K z1ujjlesAY3i{h8`HADO2qu*4TzqaC^gbVQY}Bcx zdccd&Kl-bUFIRb=gLuNk3HsaqMMi`2e%ujt?uM0xCs*bj=EwvJFU`+a_d(+X)YjtG z8ViTUA+`cG73Cc^6!T_s=HK)o?m&=mp;4>0A$DnH#54&G^7{I|FO#0N%dZAibZ>6* z?nPYXp5X^8B9a_9oS$PjT-x+F#$I{v>ysq>cBG2e?JyMGV2r`NPxrsx8;iIjX^q~Dr;D*ylh literal 0 HcmV?d00001 diff --git a/doc/doxyout/wind/html/group__wind.html b/doc/doxyout/wind/html/group__wind.html new file mode 100644 index 000000000000..bd5cf09e38bc --- /dev/null +++ b/doc/doxyout/wind/html/group__wind.html @@ -0,0 +1,680 @@ + + +Heimdalwindlibrary: Heimdal wind library + + + +

+keyhole logo +

+ + + +
+

Heimdal wind library

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Functions

int wind_punycode_label_toascii (const uint32_t *in, size_t in_len, char *out, size_t *out_len)
int wind_stringprep (const uint32_t *in, size_t in_len, uint32_t *out, size_t *out_len, wind_profile_flags flags)
int wind_profile (const char *name, wind_profile_flags *flags)
int wind_utf8ucs4 (const char *in, uint32_t *out, size_t *out_len)
int wind_utf8ucs4_length (const char *in, size_t *out_len)
int wind_ucs4utf8 (const uint32_t *in, size_t in_len, char *out, size_t *out_len)
int wind_ucs4utf8_length (const uint32_t *in, size_t in_len, size_t *out_len)
int wind_ucs2read (const void *ptr, size_t len, unsigned int *flags, uint16_t *out, size_t *out_len)
int wind_ucs2write (const uint16_t *in, size_t in_len, unsigned int *flags, void *ptr, size_t *out_len)
int wind_utf8ucs2 (const char *in, uint16_t *out, size_t *out_len)
int wind_utf8ucs2_length (const char *in, size_t *out_len)
int wind_ucs2utf8 (const uint16_t *in, size_t in_len, char *out, size_t *out_len)
int wind_ucs2utf8_length (const uint16_t *in, size_t in_len, size_t *out_len)
+

Detailed Description

+

Function Documentation

+ +
+
+ + + + + + + + + + + + + + + + + + +
int wind_profile (const char *  name,
wind_profile_flags *  flags 
)
+
+
+ +

+Try to find the profile given a name.

+

Parameters:
+ + + +
name name of the profile.
flags the resulting profile.
+
+
Returns:
returns 0 on success, an wind error code otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int wind_punycode_label_toascii (const uint32_t *  in,
size_t  in_len,
char *  out,
size_t *  out_len 
)
+
+
+ +

+Convert an UCS4 string to a puny-coded DNS label string suitable when combined with delimiters and other labels for DNS lookup.

+

Parameters:
+ + + + + +
in an UCS4 string to convert
in_len the length of in.
out the resulting puny-coded string. The string is not NUL terminatied.
out_len before processing out_len should be the length of the out variable, after processing it will be the length of the out string.
+
+
Returns:
returns 0 on success, an wind error code otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int wind_stringprep (const uint32_t *  in,
size_t  in_len,
uint32_t *  out,
size_t *  out_len,
wind_profile_flags  flags 
)
+
+
+ +

+Process a input UCS4 string according a string-prep profile.

+

Parameters:
+ + + + + + +
in input UCS4 string to process
in_len length of the input string
out output UCS4 string
out_len length of the output string.
flags stringprep profile.
+
+
Returns:
returns 0 on success, an wind error code otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int wind_ucs2read (const void *  ptr,
size_t  len,
unsigned int *  flags,
uint16_t *  out,
size_t *  out_len 
)
+
+
+ +

+Read in an UCS2 from a buffer.

+

Parameters:
+ + + + + + +
ptr The input buffer to read from.
len the length of the input buffer.
flags Flags to control the behavior of the function.
out the output UCS2, the array must be at least out/2 long.
out_len the output length
+
+
Returns:
returns 0 on success, an wind error code otherwise.
+ +

+if len is zero, flags are unchanged

+if len is odd, WIND_ERR_LENGTH_NOT_MOD2 is returned

+If the flags WIND_RW_BOM is set, check for BOM. If not BOM is found, check is LE/BE flag is already and use that otherwise fail with WIND_ERR_NO_BOM. When done, clear WIND_RW_BOM and the LE/BE flag and set the resulting LE/BE flag. +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int wind_ucs2utf8 (const uint16_t *  in,
size_t  in_len,
char *  out,
size_t *  out_len 
)
+
+
+ +

+Convert an UCS2 string to a UTF-8 string.

+

Parameters:
+ + + + + +
in an UCS2 string to convert.
in_len the length of the in UCS2 string.
out the resulting UTF-8 strint, must be at least wind_ucs2utf8_length() long. If out is NULL, the function will calculate the needed space for the out variable (just like wind_ucs2utf8_length()).
out_len before processing out_len should be the length of the out variable, after processing it will be the length of the out string.
+
+
Returns:
returns 0 on success, an wind error code otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int wind_ucs2utf8_length (const uint16_t *  in,
size_t  in_len,
size_t *  out_len 
)
+
+
+ +

+Calculate the length of from converting a UCS2 string to an UTF-8 string.

+

Parameters:
+ + + + +
in an UCS2 string to convert.
in_len an UCS2 string length to convert.
out_len the length of the resulting UTF-8 string.
+
+
Returns:
returns 0 on success, an wind error code otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int wind_ucs2write (const uint16_t *  in,
size_t  in_len,
unsigned int *  flags,
void *  ptr,
size_t *  out_len 
)
+
+
+ +

+Write an UCS2 string to a buffer.

+

Parameters:
+ + + + + + +
in The input UCS2 string.
in_len the length of the input buffer.
flags Flags to control the behavior of the function.
ptr The input buffer to write to, the array must be at least (in + 1) * 2 bytes long.
out_len the output length
+
+
Returns:
returns 0 on success, an wind error code otherwise.
+ +

+If in buffer is not of length be mod 2, WIND_ERR_LENGTH_NOT_MOD2 is returned

+On zero input length, flags are preserved

+If flags have WIND_RW_BOM set, the byte order mark is written first to the output data

+If the output wont fit into out_len, WIND_ERR_OVERRUN is returned +

+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
int wind_ucs4utf8 (const uint32_t *  in,
size_t  in_len,
char *  out,
size_t *  out_len 
)
+
+
+ +

+Convert an UCS4 string to a UTF-8 string.

+

Parameters:
+ + + + + +
in an UCS4 string to convert.
in_len the length input array.
out the resulting UTF-8 strint, must be at least wind_ucs4utf8_length() + 1 long (the extra char for the NUL). If out is NULL, the function will calculate the needed space for the out variable (just like wind_ucs4utf8_length()).
out_len before processing out_len should be the length of the out variable, after processing it will be the length of the out string.
+
+
Returns:
returns 0 on success, an wind error code otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int wind_ucs4utf8_length (const uint32_t *  in,
size_t  in_len,
size_t *  out_len 
)
+
+
+ +

+Calculate the length of from converting a UCS4 string to an UTF-8 string.

+

Parameters:
+ + + + +
in an UCS4 string to convert.
in_len the length of UCS4 string to convert.
out_len the length of the resulting UTF-8 string.
+
+
Returns:
returns 0 on success, an wind error code otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int wind_utf8ucs2 (const char *  in,
uint16_t *  out,
size_t *  out_len 
)
+
+
+ +

+Convert an UTF-8 string to an UCS2 string.

+

Parameters:
+ + + + +
in an UTF-8 string to convert.
out the resulting UCS2 strint, must be at least wind_utf8ucs2_length() long. If out is NULL, the function will calculate the needed space for the out variable (just like wind_utf8ucs2_length()).
out_len before processing out_len should be the length of the out variable, after processing it will be the length of the out string.
+
+
Returns:
returns 0 on success, an wind error code otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int wind_utf8ucs2_length (const char *  in,
size_t *  out_len 
)
+
+
+ +

+Calculate the length of from converting a UTF-8 string to a UCS2 string.

+

Parameters:
+ + + +
in an UTF-8 string to convert.
out_len the length of the resulting UCS4 string.
+
+
Returns:
returns 0 on success, an wind error code otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
int wind_utf8ucs4 (const char *  in,
uint32_t *  out,
size_t *  out_len 
)
+
+
+ +

+Convert an UTF-8 string to an UCS4 string.

+

Parameters:
+ + + + +
in an UTF-8 string to convert.
out the resulting UCS4 strint, must be at least wind_utf8ucs4_length() long. If out is NULL, the function will calculate the needed space for the out variable (just like wind_utf8ucs4_length()).
out_len before processing out_len should be the length of the out variable, after processing it will be the length of the out string.
+
+
Returns:
returns 0 on success, an wind error code otherwise
+ +
+

+ +

+
+ + + + + + + + + + + + + + + + + + +
int wind_utf8ucs4_length (const char *  in,
size_t *  out_len 
)
+
+
+ +

+Calculate the length of from converting a UTF-8 string to a UCS4 string.

+

Parameters:
+ + + +
in an UTF-8 string to convert.
out_len the length of the resulting UCS4 string.
+
+
Returns:
returns 0 on success, an wind error code otherwise
+ +
+

+

+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalwindlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/wind/html/index.html b/doc/doxyout/wind/html/index.html new file mode 100644 index 000000000000..667e0d58951c --- /dev/null +++ b/doc/doxyout/wind/html/index.html @@ -0,0 +1,30 @@ + + +Heimdalwindlibrary: Heimdal wind library + + + +

+keyhole logo +

+ + + +
+

Heimdal wind library

+

+

1.5

+Introduction

+Heimdal wind library is a implementation of stringprep and some of its profiles.

+The project web page: http://www.h5l.org/

+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalwindlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/wind/html/modules.html b/doc/doxyout/wind/html/modules.html new file mode 100644 index 000000000000..65f91ab1c619 --- /dev/null +++ b/doc/doxyout/wind/html/modules.html @@ -0,0 +1,28 @@ + + +Heimdalwindlibrary: Module Index + + + +

+keyhole logo +

+ + + +
+

Modules

Here is a list of all modules: +
+
+Generated on Sat Jul 30 13:45:40 2011 for Heimdalwindlibrary by doxygen 1.5.6
+ + diff --git a/doc/doxyout/wind/html/tab_b.gif b/doc/doxyout/wind/html/tab_b.gif new file mode 100644 index 0000000000000000000000000000000000000000..0d623483ffdf5f9f96900108042a7ab0643fe2a3 GIT binary patch literal 35 ncmZ?wbhEHbWMp7uXkcJy*>IeJfk6j|fqX^=1|}vKMh0sDa2W*H literal 0 HcmV?d00001 diff --git a/doc/doxyout/wind/html/tab_l.gif b/doc/doxyout/wind/html/tab_l.gif new file mode 100644 index 0000000000000000000000000000000000000000..9b1e6337c9299a700401a2a78a2c6ffced475216 GIT binary patch literal 706 zcmZ?wbhEHbZT`}F1e&(Gg}Y(8=I;HA5#Z$3JI=gGB)FQ#odI(O&E^@q;x zK6mr*m3xOS-#u~t!I@i+u0DKm^U160k6t`|^WpV}&n+8{U%dD9&a>B#U%!9-@yol< zU%&tQ{rk_K|NsC0`}dE5ET99@1@a36+kb~?0UJ*yc&I3X_m z!ND^5$O7$#8OFRuDhG}!?8z?cdZK&!`PWjdR;Aj^wZ` zeK{IEYHBJ)6K8VIp1`BVt++swf6j+=L{p1*nO(VhE`pFexG@5$|>uaCcd z`0m=9m+yak{QmXN#Sc$^{$X9h9&q2jiKAI|&T)a;PPx2K9p`YIdw8HtR5k2Q$2-O2 z*;3y{MQ-RnJTgJfI&R5|O)AHxDf_00XbPvDZPy4t=hHd)nfLPvms&O`Ok(sD()5v$ z5U@&h;a=#xbxVbo2~X&Xj0Ie(f{v>vERH+qC+nTG=B8Nca=wU-O$?1&vUgV~9=!H; zx>3p9Yn%*<>t~sk+&0xfyS8RsPfYBd<~wWK%j-LmpU>O7yX^h#UCp1x-p#i7@bE;py8XI6 zmY<)m>~)W~yIWcMVoiPg{duuf<*)9qZ9l$m*Ph&W&$jlv*Vpa+{pH@n=IQ$L?0$ax ec60Ul|8o2P|NVbd{6P)#weSbE3}s?04AuZvx_~SI literal 0 HcmV?d00001 diff --git a/doc/doxyout/wind/html/tab_r.gif b/doc/doxyout/wind/html/tab_r.gif new file mode 100644 index 0000000000000000000000000000000000000000..ce9dd9f533cb5486d6941844f442b59d4a9e9175 GIT binary patch literal 2585 zcmbV}`9Bkk1ILFF--w5zJc=ZZT(zjE=;2|_S)Qm~rCWz1Pc)KPl;jv%A#&v2*x}yc zmf2~Jm~&=xjJY?PqwIN}f8qQ2{r$uH{c*nJbmr{cR5??*egHrs-B=MzCF`3%e{FAW z{oL5xTHn~5TM{jaB;@|_Ue5F&Zb@p(kMyG{*;gWDg zyeL|eZf7Qd8=#bXzSiR{yzRgLSj-fJS8>lBjVHN z^o-0eS=nE6a`W;LChBs=`+QAJP~{b93>H^eRb5kCSC1zUNezun%`L5M?RDzv#%jk7 zYVRX=vATPD`+oEfum^{RM@GjuP?-r=yh0!p;Vx^T9G7~`7%5ydH%70=jyJ;;`d;hv92x3R=z{xp+Lg2!*@OK*K15-t&okoPtSED)h&$RLxdbA zseWm^C3d%-yRNi-ryk^!ek+C`n&~cd$#ZWct_cUL{l~i+Nzx^5d!n94(>bW-iL~Rl z&8r)?q|1DIo=0=judQ{FaGcfLERz8gfn3-Qt<2lksh{mzpT}DXxUuR^z=^key&q4! z+wWI45vL0k$R^(F#{qfqhUsN@WA+w-V?LPH33!Q?WFSB3)WBojE@hK41Nb?KfS+Qo zXgrzfsP$wr4Qzy*{OD>uJBjdgGM@VMml5)2f~_}lD*YyOb}Hjeobhz#4c`w(l^>KK zr?Ud;W~Z}*w;%hZ|2^p^+f06gJDJQD zeIhGADbDmm&6arh(q>EZ<7mjzg7l|z$hRL8=1>)Nv=S7CY$B}iYJ&*T_-T_OG*L1q ztZ3Lana33?y3AKnyq^YCF|4x%Rb5WU&2qcl{TFKey%QJeMxn^SdT!hZ5+0i1zeusiYVp-phBl7b5+Px-X&LhByq z0F&<;K0l2+v>qiHlXb#$jXMv$uK-dEGE9L~qtdU(XeRXmvu*K2Q&6!fD**JxYP4b4BR7FdJ$Qx9G9`J%-_X!a#LGpp3g9)VWytGCa;7`S1_e8F~!R+aSJ zOF17p2`H?2kPs8Q`_;U}+D%3p zs2-0BTqFwpUoBk`?P;iPQ(IbEA|JmMx!P&YYG|R@S=5Mnw;-?A6rEEVyV%d7{iU4a zNk`i!%F(Ykpm`}#oH;BjY->@b8vQedv;pza2FL&*6ufjd+*3Ute&>kes~TU?^KkojsTh(o~(3tk1Y6>4(yn( z#U*ID9@eg-beKo1B;HXe+}{Z%n@7m0+yxivuqk9~;!1LGQlah)xYK4>wgL}l6dsaN zIxlRlq`*`j9PG4*0hD6YV_b_2w5b#)o7J?`q#{GjvvKlD`T*dWcZx<-s(ZvLB44E# z=!|sw!?)@%y$oRNL#25WS3lzdii}TuQ3?CLnvQ1_n};2sT_;Y;#d3=+-(O% zMN$>O!3;ke(UuLR%h_&)N zs^!-@A>QR}4yB1bPp`9S19ikTbZ~O{&FF-yHK{En;mmShDUIEw03`j(DBIsM}Rjki2J#SQa3gFZTKBPDeIiLt9Z z%bL3(B@Qw%(B`wSMS~dPh$=R`(}lBoFXKy(s|*{#ru$wjsBc_O#zxNk9w+UUHmx(U zmJ8+M+ndtnZ<7|VU9Mbt61zpo9T&3%Wx&XII=#QJxjR`CZf22ac3d51Z?GD%LEe_&*t46Qf;4`bZ7p2K(Ab5>GfT^}4! zBT&HZD`^PEgWoI&{~o-ID0F?O`75sm(87x%A{(}Ch1)QlzdJ)1B-eqe5a(weg0`4lQIf1evjvbBY50DVbzO7CLf|vP z2#0(U-|jZ`H{y5N^o7%iK6H>_HEGN->U6^!)1{XpJV!!4(Ig7wzZQ*9WYF4X1rG0x z=1uA@i`rIAciubDC{;~b(|&|A@xkjRP5aRcvRU9tvIm}jDB6J eQ0-6-y)mpwdT=ayS0tBxKDA*~;EWmo literal 0 HcmV?d00001 diff --git a/doc/doxyout/wind/html/tabs.css b/doc/doxyout/wind/html/tabs.css new file mode 100644 index 000000000000..95f00a91da30 --- /dev/null +++ b/doc/doxyout/wind/html/tabs.css @@ -0,0 +1,102 @@ +/* tabs styles, based on http://www.alistapart.com/articles/slidingdoors */ + +DIV.tabs +{ + float : left; + width : 100%; + background : url("tab_b.gif") repeat-x bottom; + margin-bottom : 4px; +} + +DIV.tabs UL +{ + margin : 0px; + padding-left : 10px; + list-style : none; +} + +DIV.tabs LI, DIV.tabs FORM +{ + display : inline; + margin : 0px; + padding : 0px; +} + +DIV.tabs FORM +{ + float : right; +} + +DIV.tabs A +{ + float : left; + background : url("tab_r.gif") no-repeat right top; + border-bottom : 1px solid #84B0C7; + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + +DIV.tabs A:hover +{ + background-position: 100% -150px; +} + +DIV.tabs A:link, DIV.tabs A:visited, +DIV.tabs A:active, DIV.tabs A:hover +{ + color: #1A419D; +} + +DIV.tabs SPAN +{ + float : left; + display : block; + background : url("tab_l.gif") no-repeat left top; + padding : 5px 9px; + white-space : nowrap; +} + +DIV.tabs INPUT +{ + float : right; + display : inline; + font-size : 1em; +} + +DIV.tabs TD +{ + font-size : x-small; + font-weight : bold; + text-decoration : none; +} + + + +/* Commented Backslash Hack hides rule from IE5-Mac \*/ +DIV.tabs SPAN {float : none;} +/* End IE5-Mac hack */ + +DIV.tabs A:hover SPAN +{ + background-position: 0% -150px; +} + +DIV.tabs LI.current A +{ + background-position: 100% -150px; + border-width : 0px; +} + +DIV.tabs LI.current SPAN +{ + background-position: 0% -150px; + padding-bottom : 6px; +} + +DIV.navpath +{ + background : none; + border : none; + border-bottom : 1px solid #84B0C7; +} diff --git a/doc/doxyout/wind/man/man3/wind.3 b/doc/doxyout/wind/man/man3/wind.3 new file mode 100644 index 000000000000..bfe41abe22c6 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind.3 @@ -0,0 +1,326 @@ +.TH "Heimdal wind library" 3 "30 Jul 2011" "Version 1.5" "Heimdalwindlibrary" \" -*- nroff -*- +.ad l +.nh +.SH NAME +Heimdal wind library \- +.SS "Functions" + +.in +1c +.ti -1c +.RI "int \fBwind_punycode_label_toascii\fP (const uint32_t *in, size_t in_len, char *out, size_t *out_len)" +.br +.ti -1c +.RI "int \fBwind_stringprep\fP (const uint32_t *in, size_t in_len, uint32_t *out, size_t *out_len, wind_profile_flags flags)" +.br +.ti -1c +.RI "int \fBwind_profile\fP (const char *name, wind_profile_flags *flags)" +.br +.ti -1c +.RI "int \fBwind_utf8ucs4\fP (const char *in, uint32_t *out, size_t *out_len)" +.br +.ti -1c +.RI "int \fBwind_utf8ucs4_length\fP (const char *in, size_t *out_len)" +.br +.ti -1c +.RI "int \fBwind_ucs4utf8\fP (const uint32_t *in, size_t in_len, char *out, size_t *out_len)" +.br +.ti -1c +.RI "int \fBwind_ucs4utf8_length\fP (const uint32_t *in, size_t in_len, size_t *out_len)" +.br +.ti -1c +.RI "int \fBwind_ucs2read\fP (const void *ptr, size_t len, unsigned int *flags, uint16_t *out, size_t *out_len)" +.br +.ti -1c +.RI "int \fBwind_ucs2write\fP (const uint16_t *in, size_t in_len, unsigned int *flags, void *ptr, size_t *out_len)" +.br +.ti -1c +.RI "int \fBwind_utf8ucs2\fP (const char *in, uint16_t *out, size_t *out_len)" +.br +.ti -1c +.RI "int \fBwind_utf8ucs2_length\fP (const char *in, size_t *out_len)" +.br +.ti -1c +.RI "int \fBwind_ucs2utf8\fP (const uint16_t *in, size_t in_len, char *out, size_t *out_len)" +.br +.ti -1c +.RI "int \fBwind_ucs2utf8_length\fP (const uint16_t *in, size_t in_len, size_t *out_len)" +.br +.in -1c +.SH "Detailed Description" +.PP + +.SH "Function Documentation" +.PP +.SS "int wind_profile (const char * name, wind_profile_flags * flags)" +.PP +Try to find the profile given a name. +.PP +\fBParameters:\fP +.RS 4 +\fIname\fP name of the profile. +.br +\fIflags\fP the resulting profile. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise +.RE +.PP + +.SS "int wind_punycode_label_toascii (const uint32_t * in, size_t in_len, char * out, size_t * out_len)" +.PP +Convert an UCS4 string to a puny-coded DNS label string suitable when combined with delimiters and other labels for DNS lookup. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP an UCS4 string to convert +.br +\fIin_len\fP the length of in. +.br +\fIout\fP the resulting puny-coded string. The string is not NUL terminatied. +.br +\fIout_len\fP before processing out_len should be the length of the out variable, after processing it will be the length of the out string. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise +.RE +.PP + +.SS "int wind_stringprep (const uint32_t * in, size_t in_len, uint32_t * out, size_t * out_len, wind_profile_flags flags)" +.PP +Process a input UCS4 string according a string-prep profile. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP input UCS4 string to process +.br +\fIin_len\fP length of the input string +.br +\fIout\fP output UCS4 string +.br +\fIout_len\fP length of the output string. +.br +\fIflags\fP stringprep profile. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise +.RE +.PP + +.SS "int wind_ucs2read (const void * ptr, size_t len, unsigned int * flags, uint16_t * out, size_t * out_len)" +.PP +Read in an UCS2 from a buffer. +.PP +\fBParameters:\fP +.RS 4 +\fIptr\fP The input buffer to read from. +.br +\fIlen\fP the length of the input buffer. +.br +\fIflags\fP Flags to control the behavior of the function. +.br +\fIout\fP the output UCS2, the array must be at least out/2 long. +.br +\fIout_len\fP the output length +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise. +.RE +.PP + +.PP +if len is zero, flags are unchanged +.PP +if len is odd, WIND_ERR_LENGTH_NOT_MOD2 is returned +.PP +If the flags WIND_RW_BOM is set, check for BOM. If not BOM is found, check is LE/BE flag is already and use that otherwise fail with WIND_ERR_NO_BOM. When done, clear WIND_RW_BOM and the LE/BE flag and set the resulting LE/BE flag. +.SS "int wind_ucs2utf8 (const uint16_t * in, size_t in_len, char * out, size_t * out_len)" +.PP +Convert an UCS2 string to a UTF-8 string. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP an UCS2 string to convert. +.br +\fIin_len\fP the length of the in UCS2 string. +.br +\fIout\fP the resulting UTF-8 strint, must be at least \fBwind_ucs2utf8_length()\fP long. If out is NULL, the function will calculate the needed space for the out variable (just like \fBwind_ucs2utf8_length()\fP). +.br +\fIout_len\fP before processing out_len should be the length of the out variable, after processing it will be the length of the out string. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise +.RE +.PP + +.SS "int wind_ucs2utf8_length (const uint16_t * in, size_t in_len, size_t * out_len)" +.PP +Calculate the length of from converting a UCS2 string to an UTF-8 string. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP an UCS2 string to convert. +.br +\fIin_len\fP an UCS2 string length to convert. +.br +\fIout_len\fP the length of the resulting UTF-8 string. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise +.RE +.PP + +.SS "int wind_ucs2write (const uint16_t * in, size_t in_len, unsigned int * flags, void * ptr, size_t * out_len)" +.PP +Write an UCS2 string to a buffer. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP The input UCS2 string. +.br +\fIin_len\fP the length of the input buffer. +.br +\fIflags\fP Flags to control the behavior of the function. +.br +\fIptr\fP The input buffer to write to, the array must be at least (in + 1) * 2 bytes long. +.br +\fIout_len\fP the output length +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise. +.RE +.PP + +.PP +If in buffer is not of length be mod 2, WIND_ERR_LENGTH_NOT_MOD2 is returned +.PP +On zero input length, flags are preserved +.PP +If flags have WIND_RW_BOM set, the byte order mark is written first to the output data +.PP +If the output wont fit into out_len, WIND_ERR_OVERRUN is returned +.SS "int wind_ucs4utf8 (const uint32_t * in, size_t in_len, char * out, size_t * out_len)" +.PP +Convert an UCS4 string to a UTF-8 string. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP an UCS4 string to convert. +.br +\fIin_len\fP the length input array. +.br +\fIout\fP the resulting UTF-8 strint, must be at least \fBwind_ucs4utf8_length()\fP + 1 long (the extra char for the NUL). If out is NULL, the function will calculate the needed space for the out variable (just like \fBwind_ucs4utf8_length()\fP). +.br +\fIout_len\fP before processing out_len should be the length of the out variable, after processing it will be the length of the out string. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise +.RE +.PP + +.SS "int wind_ucs4utf8_length (const uint32_t * in, size_t in_len, size_t * out_len)" +.PP +Calculate the length of from converting a UCS4 string to an UTF-8 string. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP an UCS4 string to convert. +.br +\fIin_len\fP the length of UCS4 string to convert. +.br +\fIout_len\fP the length of the resulting UTF-8 string. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise +.RE +.PP + +.SS "int wind_utf8ucs2 (const char * in, uint16_t * out, size_t * out_len)" +.PP +Convert an UTF-8 string to an UCS2 string. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP an UTF-8 string to convert. +.br +\fIout\fP the resulting UCS2 strint, must be at least \fBwind_utf8ucs2_length()\fP long. If out is NULL, the function will calculate the needed space for the out variable (just like \fBwind_utf8ucs2_length()\fP). +.br +\fIout_len\fP before processing out_len should be the length of the out variable, after processing it will be the length of the out string. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise +.RE +.PP + +.SS "int wind_utf8ucs2_length (const char * in, size_t * out_len)" +.PP +Calculate the length of from converting a UTF-8 string to a UCS2 string. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP an UTF-8 string to convert. +.br +\fIout_len\fP the length of the resulting UCS4 string. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise +.RE +.PP + +.SS "int wind_utf8ucs4 (const char * in, uint32_t * out, size_t * out_len)" +.PP +Convert an UTF-8 string to an UCS4 string. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP an UTF-8 string to convert. +.br +\fIout\fP the resulting UCS4 strint, must be at least \fBwind_utf8ucs4_length()\fP long. If out is NULL, the function will calculate the needed space for the out variable (just like \fBwind_utf8ucs4_length()\fP). +.br +\fIout_len\fP before processing out_len should be the length of the out variable, after processing it will be the length of the out string. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise +.RE +.PP + +.SS "int wind_utf8ucs4_length (const char * in, size_t * out_len)" +.PP +Calculate the length of from converting a UTF-8 string to a UCS4 string. +.PP +\fBParameters:\fP +.RS 4 +\fIin\fP an UTF-8 string to convert. +.br +\fIout_len\fP the length of the resulting UCS4 string. +.RE +.PP +\fBReturns:\fP +.RS 4 +returns 0 on success, an wind error code otherwise +.RE +.PP + diff --git a/doc/doxyout/wind/man/man3/wind_profile.3 b/doc/doxyout/wind/man/man3/wind_profile.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_profile.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/man/man3/wind_punycode_label_toascii.3 b/doc/doxyout/wind/man/man3/wind_punycode_label_toascii.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_punycode_label_toascii.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/man/man3/wind_stringprep.3 b/doc/doxyout/wind/man/man3/wind_stringprep.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_stringprep.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/man/man3/wind_ucs2read.3 b/doc/doxyout/wind/man/man3/wind_ucs2read.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_ucs2read.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/man/man3/wind_ucs2utf8.3 b/doc/doxyout/wind/man/man3/wind_ucs2utf8.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_ucs2utf8.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/man/man3/wind_ucs2utf8_length.3 b/doc/doxyout/wind/man/man3/wind_ucs2utf8_length.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_ucs2utf8_length.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/man/man3/wind_ucs2write.3 b/doc/doxyout/wind/man/man3/wind_ucs2write.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_ucs2write.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/man/man3/wind_ucs4utf8.3 b/doc/doxyout/wind/man/man3/wind_ucs4utf8.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_ucs4utf8.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/man/man3/wind_ucs4utf8_length.3 b/doc/doxyout/wind/man/man3/wind_ucs4utf8_length.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_ucs4utf8_length.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/man/man3/wind_utf8ucs2.3 b/doc/doxyout/wind/man/man3/wind_utf8ucs2.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_utf8ucs2.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/man/man3/wind_utf8ucs2_length.3 b/doc/doxyout/wind/man/man3/wind_utf8ucs2_length.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_utf8ucs2_length.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/man/man3/wind_utf8ucs4.3 b/doc/doxyout/wind/man/man3/wind_utf8ucs4.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_utf8ucs4.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/man/man3/wind_utf8ucs4_length.3 b/doc/doxyout/wind/man/man3/wind_utf8ucs4_length.3 new file mode 100644 index 000000000000..ea2c29233a61 --- /dev/null +++ b/doc/doxyout/wind/man/man3/wind_utf8ucs4_length.3 @@ -0,0 +1 @@ +.so man3/wind.3 diff --git a/doc/doxyout/wind/manpages b/doc/doxyout/wind/manpages new file mode 100644 index 000000000000..a6269d12ade7 --- /dev/null +++ b/doc/doxyout/wind/manpages @@ -0,0 +1,14 @@ +wind/man/man3/wind.3 +wind/man/man3/wind_profile.3 +wind/man/man3/wind_punycode_label_toascii.3 +wind/man/man3/wind_stringprep.3 +wind/man/man3/wind_ucs2read.3 +wind/man/man3/wind_ucs2utf8.3 +wind/man/man3/wind_ucs2utf8_length.3 +wind/man/man3/wind_ucs2write.3 +wind/man/man3/wind_ucs4utf8.3 +wind/man/man3/wind_ucs4utf8_length.3 +wind/man/man3/wind_utf8ucs2.3 +wind/man/man3/wind_utf8ucs2_length.3 +wind/man/man3/wind_utf8ucs4.3 +wind/man/man3/wind_utf8ucs4_length.3 diff --git a/doc/doxytmpl.dxy b/doc/doxytmpl.dxy index bb7f25cb85e1..a16b0d8ce66e 100644 --- a/doc/doxytmpl.dxy +++ b/doc/doxytmpl.dxy @@ -112,7 +112,6 @@ EXCLUDE = EXCLUDE_SYMLINKS = NO EXCLUDE_PATTERNS = */.svn EXCLUDE_SYMBOLS = -EXAMPLE_PATH = EXAMPLE_PATTERNS = * EXAMPLE_RECURSIVE = NO IMAGE_PATH = diff --git a/doc/footer.html b/doc/footer.html new file mode 100644 index 000000000000..48990aeb8f81 --- /dev/null +++ b/doc/footer.html @@ -0,0 +1,4 @@ +
+Generated on $datetime for $projectname by doxygen $doxygenversion
+ + diff --git a/doc/gssapi.din b/doc/gssapi.din new file mode 100644 index 000000000000..3dd8bb61256a --- /dev/null +++ b/doc/gssapi.din @@ -0,0 +1,16 @@ +# Doxyfile 1.5.3 + +PROJECT_NAME = Heimdal GSS-API library +PROJECT_NUMBER = @PACKAGE_VERSION@ +OUTPUT_DIRECTORY = @srcdir@/doxyout/gssapi +INPUT = @srcdir@/../lib/gssapi + +WARN_IF_UNDOCUMENTED = NO + +PERL_PATH = /usr/bin/perl + +HTML_HEADER = "@srcdir@/header.html" +HTML_FOOTER = "@srcdir@/footer.html" + +@INCLUDE = "@srcdir@/doxytmpl.dxy" + diff --git a/doc/hcrypto.din b/doc/hcrypto.din index 55f1ed7c6ae3..aeea17921afb 100644 --- a/doc/hcrypto.din +++ b/doc/hcrypto.din @@ -2,8 +2,9 @@ PROJECT_NAME = "Heimdal crypto library" PROJECT_NUMBER = @PACKAGE_VERSION@ -OUTPUT_DIRECTORY = @objdir@/hcrypto +OUTPUT_DIRECTORY = @srcdir@/doxyout/hcrypto INPUT = @srcdir@/../lib/hcrypto +EXAMPLE_PATH = @srcdir@/../lib/hcrypto WARN_IF_UNDOCUMENTED = YES diff --git a/doc/hdb.din b/doc/hdb.din new file mode 100644 index 000000000000..1b100f46f4cb --- /dev/null +++ b/doc/hdb.din @@ -0,0 +1,15 @@ +# Doxyfile 1.5.3 + +PROJECT_NAME = Heimdal hdb library +PROJECT_NUMBER = @PACKAGE_VERSION@ +OUTPUT_DIRECTORY = @srcdir@/doxyout/hdb +INPUT = @srcdir@/../lib/hdb + +WARN_IF_UNDOCUMENTED = YES + +PERL_PATH = /usr/bin/perl + +HTML_HEADER = "@srcdir@/header.html" +HTML_FOOTER = "@srcdir@/footer.html" + +@INCLUDE = "@srcdir@/doxytmpl.dxy" diff --git a/doc/header.html b/doc/header.html new file mode 100644 index 000000000000..b3401c8b8c88 --- /dev/null +++ b/doc/header.html @@ -0,0 +1,10 @@ + + +$title + + + +

+keyhole logo +

+ diff --git a/doc/heimdal.info b/doc/heimdal.info new file mode 100644 index 000000000000..20a5daa53c18 --- /dev/null +++ b/doc/heimdal.info @@ -0,0 +1,3519 @@ +Detta är heimdal.info, skapad av makeinfo version 4.8 frÃ¥n +heimdal.texi. + +INFO-DIR-SECTION Security +START-INFO-DIR-ENTRY +* Heimdal: (heimdal). The Kerberos 5 distribution from KTH +END-INFO-DIR-ENTRY + + +File: heimdal.info, Node: Top, Next: Introduction, Prev: (dir), Up: (dir) + +Heimdal +******* + +This manual for version 1.5 of Heimdal. + +* Menu: + +* Introduction:: +* What is Kerberos?:: +* Building and Installing:: +* Setting up a realm:: +* Applications:: +* Things in search for a better place:: +* Kerberos 4 issues:: +* Windows compatibility:: +* Programming with Kerberos:: +* Migration:: +* Acknowledgments:: +* Copyrights and Licenses:: + + --- The Detailed Node Listing --- + +Setting up a realm + +* Configuration file:: +* Creating the database:: +* Modifying the database:: +* keytabs:: +* Serving Kerberos 4/524/kaserver:: +* Remote administration:: +* Password changing:: +* Testing clients and servers:: +* Slave Servers:: +* Incremental propagation:: +* Encryption types and salting:: +* Credential cache server - KCM:: +* Cross realm:: +* Transit policy:: +* Setting up DNS:: +* Using LDAP to store the database:: +* Providing Kerberos credentials to servers and programs:: +* Setting up PK-INIT:: + +Applications + +* Authentication modules:: +* AFS:: + +Authentication modules + +* Digital SIA:: +* IRIX:: + +Kerberos 4 issues + +* Principal conversion issues:: +* Converting a version 4 database:: +* kaserver:: + +Windows compatibility + +* Configuring Windows to use a Heimdal KDC:: +* Inter-Realm keys (trust) between Windows and a Heimdal KDC:: +* Create account mappings:: +* Encryption types:: +* Authorisation data:: +* Quirks of Windows 2000 KDC:: +* Useful links when reading about the Windows:: + +Programming with Kerberos + + +File: heimdal.info, Node: Introduction, Next: What is Kerberos?, Prev: Top, Up: Top + +1 Introduction +************** + +What is Heimdal? +================ + +Heimdal is a free implementation of Kerberos 5. The goals are to: + + * have an implementation that can be freely used by anyone + + * be protocol compatible with existing implementations and, if not in + conflict, with RFC 4120 (and any future updated RFC). RFC 4120 + replaced RFC 1510. + + * be reasonably compatible with the M.I.T Kerberos V5 API + + * have support for Kerberos V5 over GSS-API (RFC1964) + + * include the most important and useful application programs (rsh, + telnet, popper, etc.) + + * include enough backwards compatibility with Kerberos V4 + +Status +====== + +Heimdal has the following features (this does not mean any of this +works): + + * a stub generator and a library to encode/decode/whatever ASN.1/DER + stuff + + * a `libkrb5' library that should be possible to get to work with + simple applications + + * a GSS-API library + + * `kinit', `klist', `kdestroy' + + * `telnet', `telnetd' + + * `rsh', `rshd' + + * `popper', `push' (a movemail equivalent) + + * `ftp', and `ftpd' + + * a library `libkafs' for authenticating to AFS and a program + `afslog' that uses it + + * some simple test programs + + * a KDC that supports most things; optionally, it may also support + Kerberos V4 and kaserver, + + * simple programs for distributing databases between a KDC master and + slaves + + * a password changing daemon `kpasswdd', library functions for + changing passwords and a simple client + + * some kind of administration system + + * Kerberos V4 support in many of the applications. + +Bug reports +=========== + +If you find bugs in this software, make sure it is a genuine bug and not +just a part of the code that isn't implemented. + +Bug reports should be sent to . Please include +information on what machine and operating system (including version) +you are running, what you are trying to do, what happens, what you +think should have happened, an example for us to repeat, the output you +get when trying the example, and a patch for the problem if you have +one. Please make any patches with `diff -u' or `diff -c'. + +Suggestions, comments and other non bug reports are also welcome. + +Mailing list +============ + +There are two mailing lists with talk about Heimdal. + is a low-volume announcement list, while + is for general discussion. Send a message to + to subscribe. + +Heimdal source code, binaries and the manual +============================================ + +The source code for heimdal, links to binaries and the manual (this +document) can be found on our web-page at +`http://www.pdc.kth.se/heimdal/'. + + +File: heimdal.info, Node: What is Kerberos?, Next: Building and Installing, Prev: Introduction, Up: Top + +2 What is Kerberos? +******************* + + Now this Cerberus had three heads of dogs, + the tail of a dragon, and on his back the + heads of all sorts of snakes. + -- Pseudo-Apollodorus Library 2.5.12 + +Kerberos is a system for authenticating users and services on a network. +It is built upon the assumption that the network is "unsafe". For +example, data sent over the network can be eavesdropped and altered, and +addresses can also be faked. Therefore they cannot be used for +authentication purposes. + +Kerberos is a trusted third-party service. That means that there is a +third party (the kerberos server) that is trusted by all the entities on +the network (users and services, usually called "principals"). All +principals share a secret password (or key) with the kerberos server and +this enables principals to verify that the messages from the kerberos +server are authentic. Thus trusting the kerberos server, users and +services can authenticate each other. + +2.1 Basic mechanism +=================== + + *Note* This discussion is about Kerberos version 4, but version 5 + works similarly. + +In Kerberos, principals use "tickets" to prove that they are who they +claim to be. In the following example, A is the initiator of the +authentication exchange, usually a user, and B is the service that A +wishes to use. + +To obtain a ticket for a specific service, A sends a ticket request to +the kerberos server. The request contains A's and B's names (along with +some other fields). The kerberos server checks that both A and B are +valid principals. + +Having verified the validity of the principals, it creates a packet +containing A's and B's names, A's network address (A), the +current time (T), the lifetime of the ticket (LIFE), and a +secret "session key" (K). This packet is encrypted with B's secret +key (K). The actual ticket (T) looks like this: ({A, B, +A, T, LIFE, K}K). + +The reply to A consists of the ticket (T), B's name, the current +time, the lifetime of the ticket, and the session key, all encrypted in +A's secret key ({B, T, LIFE, K, T}K). A decrypts the +reply and retains it for later use. + + +Before sending a message to B, A creates an authenticator consisting of +A's name, A's address, the current time, and a "checksum" chosen by A, +all encrypted with the secret session key ({A, A, T, +CHECKSUM}K). This is sent together with the ticket received from +the kerberos server to B. Upon reception, B decrypts the ticket using +B's secret key. Since the ticket contains the session key that the +authenticator was encrypted with, B can now also decrypt the +authenticator. To verify that A really is A, B now has to compare the +contents of the ticket with that of the authenticator. If everything +matches, B now considers A as properly authenticated. + +2.2 Different attacks +===================== + +Impersonating A +--------------- + +An impostor, C could steal the authenticator and the ticket as it is +transmitted across the network, and use them to impersonate A. The +address in the ticket and the authenticator was added to make it more +difficult to perform this attack. To succeed C will have to either use +the same machine as A or fake the source addresses of the packets. By +including the time stamp in the authenticator, C does not have much +time in which to mount the attack. + +Impersonating B +--------------- + +C can hijack B's network address, and when A sends her credentials, C +just pretend to verify them. C can't be sure that she is talking to A. + +2.3 Defence strategies +====================== + +It would be possible to add a "replay cache" to the server side. The +idea is to save the authenticators sent during the last few minutes, so +that B can detect when someone is trying to retransmit an already used +message. This is somewhat impractical (mostly regarding efficiency), +and is not part of Kerberos 4; MIT Kerberos 5 contains it. + +To authenticate B, A might request that B sends something back that +proves that B has access to the session key. An example of this is the +checksum that A sent as part of the authenticator. One typical +procedure is to add one to the checksum, encrypt it with the session +key and send it back to A. This is called "mutual authentication". + +The session key can also be used to add cryptographic checksums to the +messages sent between A and B (known as "message integrity"). +Encryption can also be added ("message confidentiality"). This is +probably the best approach in all cases. + +2.4 Further reading +=================== + +The original paper on Kerberos from 1988 is `Kerberos: An +Authentication Service for Open Network Systems', by Jennifer Steiner, +Clifford Neuman and Jeffrey I. Schiller. + +A less technical description can be found in `Designing an +Authentication System: a Dialogue in Four Scenes' by Bill Bryant, also +from 1988. + +These documents can be found on our web-page at +`http://www.pdc.kth.se/kth-krb/'. + + +File: heimdal.info, Node: Building and Installing, Next: Setting up a realm, Prev: What is Kerberos?, Up: Top + +3 Building and Installing +************************* + +Build and install instructions are located here: + +`http://www.h5l.org/compile.html' + +Prebuilt packages is located here: + +`http://www.h5l.org/binaries.html' + + +File: heimdal.info, Node: Setting up a realm, Next: Applications, Prev: Building and Installing, Up: Top + +4 Setting up a realm +******************** + +A realm is an administrative domain. The name of a Kerberos realm is +usually the Internet domain name in uppercase. Call your realm the same +as your Internet domain name if you do not have strong reasons for not +doing so. It will make life easier for you and everyone else. + +* Menu: + +* Configuration file:: +* Creating the database:: +* Modifying the database:: +* Checking the setup:: +* keytabs:: +* Serving Kerberos 4/524/kaserver:: +* Remote administration:: +* Password changing:: +* Testing clients and servers:: +* Slave Servers:: +* Incremental propagation:: +* Encryption types and salting:: +* Credential cache server - KCM:: +* Cross realm:: +* Transit policy:: +* Setting up DNS:: +* Using LDAP to store the database:: +* Providing Kerberos credentials to servers and programs:: +* Setting up PK-INIT:: +* Debugging Kerberos problems:: + + +File: heimdal.info, Node: Configuration file, Next: Creating the database, Prev: Setting up a realm, Up: Setting up a realm + +4.1 Configuration file +====================== + +To setup a realm you will first have to create a configuration file: +`/etc/krb5.conf'. The `krb5.conf' file can contain many configuration +options, some of which are described here. + +There is a sample `krb5.conf' supplied with the distribution. + +The configuration file is a hierarchical structure consisting of +sections, each containing a list of bindings (either variable +assignments or subsections). A section starts with `[`section-name']'. +A binding consists of a left hand side, an equal sign (`=') and a right +hand side (the left hand side tag must be separated from the equal sign +with some whitespace). Subsections have a `{' as the first +non-whitespace character after the equal sign. All other bindings are +treated as variable assignments. The value of a variable extends to the +end of the line. + + [section1] + a-subsection = { + var = value1 + other-var = value with {} + sub-sub-section = { + var = 123 + } + } + var = some other value + [section2] + var = yet another value + +In this manual, names of sections and bindings will be given as strings +separated by slashes (`/'). The `other-var' variable will thus be +`section1/a-subsection/other-var'. + +For in-depth information about the contents of the configuration file, +refer to the `krb5.conf' manual page. Some of the more important +sections are briefly described here. + +The `libdefaults' section contains a list of library configuration +parameters, such as the default realm and the timeout for KDC +responses. The `realms' section contains information about specific +realms, such as where they hide their KDC. This section serves the same +purpose as the Kerberos 4 `krb.conf' file, but can contain more +information. Finally the `domain_realm' section contains a list of +mappings from domains to realms, equivalent to the Kerberos 4 +`krb.realms' file. + +To continue with the realm setup, you will have to create a +configuration file, with contents similar to the following. + + [libdefaults] + default_realm = MY.REALM + [realms] + MY.REALM = { + kdc = my.kdc my.slave.kdc + kdc = my.third.kdc + kdc = 130.237.237.17 + kdc = [2001:6b0:1:ea::100]:88 + } + [domain_realm] + .my.domain = MY.REALM + +If you use a realm name equal to your domain name, you can omit the +`libdefaults', and `domain_realm', sections. If you have a DNS +SRV-record for your realm, or your Kerberos server has DNS CNAME +`kerberos.my.realm', you can omit the `realms' section too. + + +File: heimdal.info, Node: Creating the database, Next: Modifying the database, Prev: Configuration file, Up: Setting up a realm + +4.2 Creating the database +========================= + +The database library will look for the database in the directory +`/var/heimdal', so you should probably create that directory. Make +sure the directory has restrictive permissions. + + # mkdir /var/heimdal + +The keys of all the principals are stored in the database. If you +choose to, these can be encrypted with a master key. You do not have to +remember this key (or password), but just to enter it once and it will +be stored in a file (`/var/heimdal/m-key'). If you want to have a +master key, run `kstash' to create this master key: + + # kstash + Master key: + Verifying password - Master key: + +If you want to generate a random master key you can use the +`--random-key' flag to kstash. This will make sure you have a good key +on which attackers can't do a dictionary attack. + +If you have a master key, make sure you make a backup of your master +key file; without it backups of the database are of no use. + +To initialise the database use the `kadmin' program, with the `-l' +option (to enable local database mode). First issue a `init MY.REALM' +command. This will create the database and insert default principals +for that realm. You can have more than one realm in one database, so +`init' does not destroy any old database. + +Before creating the database, `init' will ask you some questions about +maximum ticket lifetimes. + +After creating the database you should probably add yourself to it. You +do this with the `add' command. It takes as argument the name of a +principal. The principal should contain a realm, so if you haven't set +up a default realm, you will need to explicitly include the realm. + + # kadmin -l + kadmin> init MY.REALM + Realm max ticket life [unlimited]: + Realm max renewable ticket life [unlimited]: + kadmin> add me + Max ticket life [unlimited]: + Max renewable life [unlimited]: + Attributes []: + Password: + Verifying password - Password: + +Now start the KDC and try getting a ticket. + + # kdc & + # kinit me + me@MY.REALMS's Password: + # klist + Credentials cache: /tmp/krb5cc_0 + Principal: me@MY.REALM + + Issued Expires Principal + Aug 25 07:25:55 Aug 25 17:25:55 krbtgt/MY.REALM@MY.REALM + +If you are curious you can use the `dump' command to list all the +entries in the database. It should look something similar to the +following example (note that the entries here are truncated for +typographical reasons): + + kadmin> dump + me@MY.REALM 1:0:1:0b01d3cb7c293b57:-:0:7:8aec316b9d1629e3baf8 ... + kadmin/admin@MY.REALM 1:0:1:e5c8a2675b37a443:-:0:7:cb913ebf85 ... + krbtgt/MY.REALM@MY.REALM 1:0:1:52b53b61c875ce16:-:0:7:c8943be ... + kadmin/changepw@MY.REALM 1:0:1:f48c8af2b340e9fb:-:0:7:e3e6088 ... + + +File: heimdal.info, Node: Modifying the database, Next: Checking the setup, Prev: Creating the database, Up: Setting up a realm + +4.3 Modifying the database +========================== + +All modifications of principals are done with with kadmin. + +A principal has several attributes and lifetimes associated with it. + +Principals are added, renamed, modified, and deleted with the kadmin +commands `add', `rename', `modify', `delete'. Both interactive editing +and command line flags can be used (use -help to list the available +options). + +There are different kinds of types for the fields in the database; +attributes, absolute time times and relative times. + +4.3.1 Attributes +---------------- + +When doing interactive editing, attributes are listed with `?'. + +The attributes are given in a comma (`,') separated list. Attributes +are removed from the list by prefixing them with `-'. + + kadmin> modify me + Max ticket life [1 day]: + Max renewable life [1 week]: + Principal expiration time [never]: + Password expiration time [never]: + Attributes [disallow-renewable]: requires-pre-auth,-disallow-renewable + kadmin> get me + Principal: me@MY.REALM + [...] + Attributes: requires-pre-auth + +4.3.2 Absolute times +-------------------- + +The format for absolute times are any of the following: + + never + now + YYYY-mm-dd + YYYY-mm-dd HH:MM:SS + +4.3.3 Relative times +-------------------- + +The format for relative times are any of the following combined: + + N year + M month + O day + P hour + Q minute + R second + + +File: heimdal.info, Node: Checking the setup, Next: keytabs, Prev: Modifying the database, Up: Setting up a realm + +4.4 Checking the setup +====================== + +There are two tools that can check the consistency of the Kerberos +configuration file and the Kerberos database. + +The Kerberos configuration file is checked using `verify_krb5_conf'. +The tool checks for common errors, but commonly there are several +uncommon configuration entries that are never added to the tool and +thus generates "unknown entry" warnings. This is usually nothing to +worry about. + +The database check is built into the kadmin tool. It will check for +common configuration error that will cause problems later. Common check +are for existence and flags on important principals. The database check +by run by the following command : + + kadmin -l check REALM.EXAMPLE.ORG + + +File: heimdal.info, Node: keytabs, Next: Serving Kerberos 4/524/kaserver, Prev: Checking the setup, Up: Setting up a realm + +4.5 keytabs +=========== + +To extract a service ticket from the database and put it in a keytab, +you need to first create the principal in the database with `add' +(using the `--random-key' flag to get a random key) and then extract it +with `ext_keytab'. + + kadmin> add --random-key host/my.host.name + Max ticket life [unlimited]: + Max renewable life [unlimited]: + Attributes []: + kadmin> ext host/my.host.name + kadmin> exit + # ktutil list + Version Type Principal + 1 des-cbc-md5 host/my.host.name@MY.REALM + 1 des-cbc-md4 host/my.host.name@MY.REALM + 1 des-cbc-crc host/my.host.name@MY.REALM + 1 des3-cbc-sha1 host/my.host.name@MY.REALM + + +File: heimdal.info, Node: Serving Kerberos 4/524/kaserver, Next: Remote administration, Prev: keytabs, Up: Setting up a realm + +4.6 Serving Kerberos 4/524/kaserver +=================================== + +Heimdal can be configured to support 524, Kerberos 4 or kaserver. All +these services are turned off by default. Kerberos 4 is always +supported by the KDC, but the Kerberos 4 client support also depends on +Kerberos 4 support having been included at compile-time, using +`--with-krb4=dir'. + +4.6.1 524 +--------- + +524 is a service that allows the KDC to convert Kerberos 5 tickets to +Kerberos 4 tickets for backward compatibility. See also Using 2b tokens +with AFS in *Note AFS::. + +524 can be turned on by adding this to the configuration file + + [kdc] + enable-524 = yes + +4.6.2 Kerberos 4 +---------------- + +Kerberos 4 is the predecessor to to Kerberos 5. It only supports single +DES. You should only enable Kerberos 4 support if you have needs for +compatibility with an installed base of Kerberos 4 clients/servers. + +Kerberos 4 can be turned on by adding this to the configuration file + + [kdc] + enable-kerberos4 = yes + +4.6.3 kaserver +-------------- + +Kaserver is a Kerberos 4 that is used in AFS. The protocol has some +extra features over plain Kerberos 4, but like Kerberos 4, only uses +single DES. + +You should only enable Kaserver support if you have needs for +compatibility with an installed base of AFS machines. + +Kaserver can be turned on by adding this to the configuration file + + [kdc] + enable-kaserver = yes + + +File: heimdal.info, Node: Remote administration, Next: Password changing, Prev: Serving Kerberos 4/524/kaserver, Up: Setting up a realm + +4.7 Remote administration +========================= + +The administration server, `kadmind', can be started by `inetd' (which +isn't recommended) or run as a normal daemon. If you want to start it +from `inetd' you should add a line similar to the one below to your +`/etc/inetd.conf'. + + kerberos-adm stream tcp nowait root /usr/heimdal/libexec/kadmind kadmind + +You might need to add `kerberos-adm' to your `/etc/services' as +`749/tcp'. + +Access to the administration server is controlled by an ACL file, +(default `/var/heimdal/kadmind.acl'.) The file has the following syntax: + principal [priv1,priv2,...] [glob-pattern] + +The matching is from top to bottom for matching principals (and if +given, glob-pattern). When there is a match, the access rights of that +line are applied. + +The privileges you can assign to a principal are: `add', +`change-password' (or `cpw' for short), `delete', `get', `list', and +`modify', or the special privilege `all'. All of these roughly +correspond to the different commands in `kadmin'. + +If a GLOB-PATTERN is given on a line, it restricts the access rights +for the principal to only apply for subjects that match the pattern. +The patterns are of the same type as those used in shell globbing, see +fnmatch(3). + +In the example below `lha/admin' can change every principal in the +database. `jimmy/admin' can only modify principals that belong to the +realm `E.KTH.SE'. `mille/admin' is working at the help desk, so he +should only be able to change the passwords for single component +principals (ordinary users). He will not be able to change any `/admin' +principal. + + lha/admin@E.KTH.SE all + jimmy/admin@E.KTH.SE all *@E.KTH.SE + jimmy/admin@E.KTH.SE all */*@E.KTH.SE + mille/admin@E.KTH.SE change-password *@E.KTH.SE + + +File: heimdal.info, Node: Password changing, Next: Testing clients and servers, Prev: Remote administration, Up: Setting up a realm + +4.8 Password changing +===================== + +To allow users to change their passwords, you should run `kpasswdd'. +It is not run from `inetd'. + +You might need to add `kpasswd' to your `/etc/services' as `464/udp'. +If your realm is not setup to use DNS, you might also need to add a +`kpasswd_server' entry to the realm configuration in `/etc/krb5.conf' +on client machines: + + [realms] + MY.REALM = { + kdc = my.kdc my.slave.kdc + kpasswd_server = my.kdc + } + +4.8.1 Password quality assurance +-------------------------------- + +It is important that users have good passwords, both to make it harder +to guess them and to avoid off-line attacks (although +pre-authentication provides some defence against off-line attacks). To +ensure that the users choose good passwords, you can enable password +quality controls in `kpasswdd' and `kadmind'. The controls themselves +are done in a shared library or an external program that is used by +`kpasswdd'. To configure in these controls, add lines similar to the +following to your `/etc/krb5.conf': + + [password_quality] + policies = external-check builtin:minimum-length modulename:policyname + external_program = /bin/false + policy_libraries = LIBRARY1.SO LIBRARY2.SO + +In `[password_quality]policies' the module name is optional if the +policy name is unique in all modules (members of `policy_libraries'). +All built-in policies can be qualified with a module name of `builtin' +to unambiguously specify the built-in policy and not a policy by the +same name from a loaded module. + +The built-in policies are + + * external-check + + Executes the program specified by + `[password_quality]external_program'. + + A number of key/value pairs are passed as input to the program, + one per line, ending with the string `end'. The key/value lines + are of the form + principal: PRINCIPAL + new-password: PASSWORD + where PASSWORD is the password to check for the previous PRINCIPAL. + + If the external application approves the password, it should return + `APPROVED' on standard out and exit with exit code 0. If it + doesn't approve the password, an one line error message explaining + the problem should be returned on standard error and the + application should exit with exit code 0. In case of a fatal + error, the application should, if possible, print an error message + on standard error and exit with a non-zero error code. + + * minimum-length + + The minimum length password quality check reads the configuration + file stanza `[password_quality]min_length' and requires the + password to be at least this length. + + * character-class + + The character-class password quality check reads the configuration + file stanza `[password_quality]min_classes'. The policy requires + the password to have characters from at least that many character + classes. Default value if not given is 3. + + The four different characters classes are, uppercase, lowercase, + number, special characters. + + +If you want to write your own shared object to check password policies, +see the manual page `kadm5_pwcheck(3)'. + +Code for a password quality checking function that uses the cracklib +library can be found in `lib/kadm5/sample_password_check.c' in the +source code distribution. It requires that the cracklib library be +built with the patch available at +`ftp://ftp.pdc.kth.se/pub/krb/src/cracklib.patch'. + +A sample policy external program is included in +`lib/kadm5/check-cracklib.pl'. + +If no password quality checking function is configured, the only check +performed is that the password is at least six characters long. + +To check the password policy settings, use the command +`verify-password-quality' in `kadmin' program. The password +verification is only performed locally, on the client. It may be +convenient to set the environment variable `KRB5_CONFIG' to point to a +test version of `krb5.conf' while you're testing the +`[password_quality]' stanza that way. + + +File: heimdal.info, Node: Testing clients and servers, Next: Slave Servers, Prev: Password changing, Up: Setting up a realm + +4.9 Testing clients and servers +=============================== + +Now you should be able to run all the clients and servers. Refer to the +appropriate man pages for information on how to use them. + + +File: heimdal.info, Node: Slave Servers, Next: Incremental propagation, Prev: Testing clients and servers, Up: Setting up a realm + +4.10 Slave servers, Incremental propagation, Testing clients and servers, Setting up a realm +============================================================================================ + +It is desirable to have at least one backup (slave) server in case the +master server fails. It is possible to have any number of such slave +servers but more than three usually doesn't buy much more redundancy. + +All Kerberos servers for a realm must have the same database so that +they present the same service to the users. The `hprop' program, +running on the master, will propagate the database to the slaves, +running `hpropd' processes. + +Every slave needs a database directory, the master key (if it was used +for the database) and a keytab with the principal `hprop/HOSTNAME'. +Add the principal with the `ktutil' command and start `hpropd', as +follows: + + slave# ktutil get -p foo/admin hprop/`hostname` + slave# mkdir /var/heimdal + slave# hpropd + +The master will use the principal `kadmin/hprop' to authenticate to the +slaves. This principal should be added when running `kadmin -l init' +but if you do not have it in your database for whatever reason, please +add it with `kadmin -l add'. + +Then run `hprop' on the master: + + master# hprop slave + +This was just an hands-on example to make sure that everything was +working properly. Doing it manually is of course the wrong way, and to +automate this you will want to start `hpropd' from `inetd' on the +slave(s) and regularly run `hprop' on the master to regularly propagate +the database. Starting the propagation once an hour from `cron' is +probably a good idea. + + +File: heimdal.info, Node: Incremental propagation, Next: Encryption types and salting, Prev: Slave Servers, Up: Setting up a realm + +4.11 Incremental propagation +============================ + +There is also a newer mechanism for doing incremental propagation in +Heimdal. Instead of sending the whole database regularly, it sends the +changes as they happen on the master to the slaves. The master keeps +track of all the changes by assigning a version number to every change +to the database. The slaves know which was the latest version they saw +and in this way it can be determined if they are in sync or not. A log +of all the changes is kept on the master, and when a slave is at an +older version than the oldest one in the log, the whole database has to +be sent. + +Protocol-wise, all the slaves connect to the master and as a greeting +tell it the latest version that they have (`IHAVE' message). The +master then responds by sending all the changes between that version and +the current version at the master (a series of `FORYOU' messages) or +the whole database in a `TELLYOUEVERYTHING' message. There is also a +keep-alive protocol that makes sure all slaves are up and running. + +In addition on listening on the network to get connection from new +slaves, the ipropd-master also listens on a status unix socket. kadmind +and kpasswdd both open that socket when a transation is done and +written a notification to the socket. That cause ipropd-master to check +for new version in the log file. As a fallback in case a notification +is lost by the unix socket, the log file is checked after 30 seconds of +no event. + +4.11.1 Configuring incremental propagation +------------------------------------------ + +The program that runs on the master is `ipropd-master' and all clients +run `ipropd-slave'. + +Create the file `/var/heimdal/slaves' on the master containing all the +slaves that the database should be propagated to. Each line contains +the full name of the principal (for example +`iprop/hemligare.foo.se@FOO.SE'). + +You should already have `iprop/tcp' defined as 2121, in your +`/etc/services'. Otherwise, or if you need to use a different port for +some peculiar reason, you can use the `--port' option. This is useful +when you have multiple realms to distribute from one server. + +Then you need to create those principals that you added in the +configuration file. Create one `iprop/hostname' for the master and for +every slave. + + master# /usr/heimdal/sbin/ktutil get iprop/`hostname` + + slave# /usr/heimdal/sbin/ktutil get iprop/`hostname` + +The next step is to start the `ipropd-master' process on the master +server. The `ipropd-master' listens on the UNIX domain socket +`/var/heimdal/signal' to know when changes have been made to the +database so they can be propagated to the slaves. There is also a +safety feature of testing the version number regularly (every 30 +seconds) to see if it has been modified by some means that do not raise +this signal. Then, start `ipropd-slave' on all the slaves: + + master# /usr/heimdal/libexec/ipropd-master & + slave# /usr/heimdal/libexec/ipropd-slave master & + +To manage the iprop log file you should use the `iprop-log' command. +With it you can dump, truncate and replay the logfile. + + +File: heimdal.info, Node: Encryption types and salting, Next: Credential cache server - KCM, Prev: Incremental propagation, Up: Setting up a realm + +4.12 Encryption types and salting +================================= + +The encryption types that the KDC is going to assign by default is +possible to change. Since the keys used for user authentication is +salted the encryption types are described together with the salt +strings. + +Salting is used to make it harder to pre-calculate all possible keys. +Using a salt increases the search space to make it almost impossible to +pre-calculate all keys. Salting is the process of mixing a public +string (the salt) with the password, then sending it through an +encryption type specific string-to-key function that will output the +fixed size encryption key. + +In Kerberos 5 the salt is determined by the encryption type, except in +some special cases. + +In `des' there is the Kerberos 4 salt (none at all) or the afs-salt +(using the cell (realm in AFS lingo)). + +In `arcfour' (the encryption type that Microsoft Windows 2000 uses) +there is no salt. This is to be compatible with NTLM keys in Windows NT +4. + +`[kadmin]default_keys' in `krb5.conf' controls what salting to use. + +The syntax of `[kadmin]default_keys' is +`[etype:]salt-type[:salt-string]'. `etype' is the encryption type +(des-cbc-crc, arcfour-hmac-md5, aes256-cts-hmac-sha1-96), `salt-type' +is the type of salt (pw-salt or afs3-salt), and the salt-string is the +string that will be used as salt (remember that if the salt is +appended/prepended, the empty salt "" is the same thing as no salt at +all). + +Common types of salting include + + * `v4' (or `des:pw-salt:') + + The Kerberos 4 salting is using no salt at all. Reason there is + colon at the end of the salt string is that it makes the salt the + empty string (same as no salt). + + * `v5' (or `pw-salt') + + `pw-salt' uses the default salt for each encryption type is + specified for. If the encryption type `etype' isn't given, all + default encryption will be used. + + * `afs3-salt' + + `afs3-salt' is the salt that is used with Transarc kaserver. It's + the cell name appended to the password. + + + +File: heimdal.info, Node: Credential cache server - KCM, Next: Cross realm, Prev: Encryption types and salting, Up: Setting up a realm + +4.13 Credential cache server - KCM +================================== + +When KCM running is easy for users to switch between different kerberos +principals using `kswitch' or built in support in application, like +OpenSSH's GSSAPIClientIdentity. + +Other advantages are that there is the long term credentials are not +written to disk and on reboot the credential is removed when kcm +process stopps running. + +Configure the system startup script to start the kcm process, +`/usr/heimdal/libexec/kcm' and then configure the system to use kcm in +`krb5.conf'. + + [libdefaults] + default_cc_type = KCM + +Now when you run `kinit' it doesn't overwrite your existing credentials +but rather just add them to the set of credentials. `klist -l' lists +the credentials and the star marks the default credential. + + $ kinit lha@KTH.SE + lha@KTH.SE's Password: + $ klist -l + Name Cache name Expires + lha@KTH.SE 0 Nov 22 23:09:40 * + lha@SU.SE Initial default ccache Nov 22 14:14:24 + +When switching between credentials you can use `kswitch'. + + $ kswitch -i + Principal + 1 lha@KTH.SE + 2 lha@SU.SE + Select number: 2 + +After switching, a new set of credentials are used as default. + + $ klist -l + Name Cache name Expires + lha@SU.SE Initial default ccache Nov 22 14:14:24 * + lha@KTH.SE 0 Nov 22 23:09:40 + +Som applications, like openssh with Simon Wilkinsons patch applied, +support specifiying that credential to use. The example below will +login to the host computer.kth.se using lha@KTH.SE (not the current +default credential). + + $ ssh \ + -o GSSAPIAuthentication=yes \ + -o GSSAPIKeyExchange=yes \ + -o GSSAPIClientIdentity=lha@KTH.SE \ + computer.kth.se + + +File: heimdal.info, Node: Cross realm, Next: Transit policy, Prev: Credential cache server - KCM, Up: Setting up a realm + +4.14 Cross realm +================ + +Suppose you reside in the realm `MY.REALM', how do you authenticate to +a server in `OTHER.REALM'? Having valid tickets in `MY.REALM' allows +you to communicate with Kerberised services in that realm. However, the +computer in the other realm does not have a secret key shared with the +Kerberos server in your realm. + +It is possible to share keys between two realms that trust each other. +When a client program, such as `telnet' or `ssh', finds that the other +computer is in a different realm, it will try to get a ticket granting +ticket for that other realm, but from the local Kerberos server. With +that ticket granting ticket, it will then obtain service tickets from +the Kerberos server in the other realm. + +For a two way trust between `MY.REALM' and `OTHER.REALM' add the +following principals to each realm. The principals should be +`krbtgt/OTHER.REALM@MY.REALM' and `krbtgt/MY.REALM@OTHER.REALM' in +`MY.REALM', and `krbtgt/MY.REALM@OTHER.REALM' and +`krbtgt/OTHER.REALM@MY.REALM'in `OTHER.REALM'. + +In Kerberos 5 the trust can be configured to be one way. So that users +from `MY.REALM' can authenticate to services in `OTHER.REALM', but not +the opposite. In the example above, the `krbtgt/MY.REALM@OTHER.REALM' +then should be removed. + +The two principals must have the same key, key version number, and the +same set of encryption types. Remember to transfer the two keys in a +safe manner. + + vr$ klist + Credentials cache: FILE:/tmp/krb5cc_913.console + Principal: lha@E.KTH.SE + + Issued Expires Principal + May 3 13:55:52 May 3 23:55:54 krbtgt/E.KTH.SE@E.KTH.SE + + vr$ telnet -l lha hummel.it.su.se + Trying 2001:6b0:5:1095:250:fcff:fe24:dbf... + Connected to hummel.it.su.se. + Escape character is '^]'. + Waiting for encryption to be negotiated... + [ Trying mutual KERBEROS5 (host/hummel.it.su.se@SU.SE)... ] + [ Kerberos V5 accepts you as ``lha@E.KTH.SE'' ] + Encryption negotiated. + Last login: Sat May 3 14:11:47 from vr.l.nxs.se + hummel$ exit + + vr$ klist + Credentials cache: FILE:/tmp/krb5cc_913.console + Principal: lha@E.KTH.SE + + Issued Expires Principal + May 3 13:55:52 May 3 23:55:54 krbtgt/E.KTH.SE@E.KTH.SE + May 3 13:55:56 May 3 23:55:54 krbtgt/SU.SE@E.KTH.SE + May 3 14:10:54 May 3 23:55:54 host/hummel.it.su.se@SU.SE + + +File: heimdal.info, Node: Transit policy, Next: Setting up DNS, Prev: Cross realm, Up: Setting up a realm + +4.15 Transit policy +=================== + +Under some circumstances, you may not wish to set up direct cross-realm +trust with every realm to which you wish to authenticate or from which +you wish to accept authentications. Kerberos supports multi-hop +cross-realm trust where a client principal in realm A authenticates to +a service in realm C through a realm B with which both A and C have +cross-realm trust relationships. In this situation, A and C need not +set up cross-realm principals between each other. + +If you want to use cross-realm authentication through an intermediate +realm, it must be explicitly allowed by either the KDCs for the realm +to which the client is authenticating (in this case, realm C), or the +server receiving the request. This is done in `krb5.conf' in the +`[capaths]' section. + +In addition, the client in realm A need to be configured to know how to +reach realm C via realm B. This can be done either on the client or via +KDC configuration in the KDC for realm A. + +4.15.1 Allowing cross-realm transits +------------------------------------ + +When the ticket transits through a realm to another realm, the +destination realm adds its peer to the "transited-realms" field in the +ticket. The field is unordered, since there is no way to know if know +if one of the transited-realms changed the order of the list. For the +authentication to be accepted by the final destination realm, all of +the transited realms must be listed as trusted in the `[capaths]' +configuration, either in the KDC for the destination realm or on the +server receiving the authentication. + +The syntax for `[capaths]' section is: + + [capaths] + CLIENT-REALM = { + SERVER-REALM = PERMITTED-CROSS-REALMS ... + } + +In the following example, the realm `STACKEN.KTH.SE' only has direct +cross-realm set up with `KTH.SE'. `KTH.SE' has direct cross-realm set +up with `STACKEN.KTH.SE' and `SU.SE'. `DSV.SU.SE' only has direct +cross-realm set up with `SU.SE'. The goal is to allow principals in +the `DSV.SU.SE' or `SU.SE' realms to authenticate to services in +`STACKEN.KTH.SE'. This is done with the following `[capaths]' entry on +either the server accepting authentication or on the KDC for +`STACKEN.KTH.SE'. + + [capaths] + SU.SE = { + STACKEN.KTH.SE = KTH.SE + } + DSV.SU.SE = { + STACKEN.KTH.SE = SU.SE KTH.SE + } + +The first entry allows cross-realm authentication from clients in +`SU.SE' transiting through `KTH.SE' to `STACKEN.KTH.SE'. The second +entry allows cross-realm authentication from clients in `DSV.SU.SE' +transiting through both `SU.SE' and `KTH.SE' to `STACKEN.KTH.SE'. + +Be careful of which realm goes where; it's easy to put realms in the +wrong place. The block is tagged with the client realm (the realm of +the principal authenticating), and the realm before the equal sign is +the final destination realm: the realm to which the client is +authenticating. After the equal sign go all the realms that the client +transits through. + +The order of the `PERMITTED-CROSS-REALMS' is not important when doing +transit cross realm verification. + +4.15.2 Configuring client cross-realm transits +---------------------------------------------- + +The `[capaths]' section is also used for another purpose: to tell +clients which realm to transit through to reach a realm with which +their local realm does not have cross-realm trust. This can be done by +either putting a `[capaths]' entry in the configuration of the client +or by putting the entry in the configuration of the KDC for the +client's local realm. In the latter case, the KDC will then hand back +a referral to the client when the client requests a cross-realm ticket +to the destination realm, telling the client to try to go through an +intermediate realm. + +For client configuration, the order of `PERMITTED-CROSS-REALMS' is +significant, since only the first realm in this section (after the +equal sign) is used by the client. + +For example, again consider the `[capaths]' entry above for the case of +a client in the `SU.SE' realm, and assume that the client or the +`SU.SE' KDC has that `[capaths]' entry. If the client attempts to +authenticate to a service in the `STACKEN.KTH.SE' realm, that entry +says to first authenticate cross-realm to the `KTH.SE' realm (the first +realm listed in the `PERMITTED-CROSS-REALMS' section), and then from +there to `STACKEN.KTH.SE'. + +Each entry in `[capaths]' can only give the next hop, since only the +first realm in `PERMITTED-CROSS-REALMS' is used. If, for instance, a +client in `DSV.SU.SE' had a `[capaths]' configuration as above but +without the first block for `SU.SE', they would not be able to reach +`STACKEN.KTH.SE'. They would get as far as `SU.SE' based on the +`DSV.SU.SE' entry in `[capaths]' and then attempt to go directly from +there to `STACKEN.KTH.SE' and get stuck (unless, of course, the `SU.SE' +KDC had the additional entry required to tell the client to go through +`KTH.SE'). + +4.15.3 Active Directory forest example +-------------------------------------- + +One common place where a `[capaths]' configuration is desirable is with +Windows Active Directory forests. One common Active Directory +configuration is to have one top-level Active Directory realm but then +divide systems, services, and users into child realms (perhaps based on +organizational unit). One generally establishes cross-realm trust only +with the top-level realm, and then uses transit policy to permit +authentications to and from the child realms. + +For example, suppose an organization has a Heimdal realm `EXAMPLE.COM', +a Windows Active Directory realm `WIN.EXAMPLE.COM', and then child +Active Directory realms `ENGR.WIN.EXAMPLE.COM' and +`SALES.WIN.EXAMPLE.COM'. The goal is to allow users in any of these +realms to authenticate to services in any of these realms. The +`EXAMPLE.COM' KDC (and possibly client) configuration should therefore +contain a `[capaths]' section as follows: + + [capaths] + ENGR.WIN.EXAMPLE.COM = { + EXAMPLE.COM = WIN.EXAMPLE.COM + } + SALES.WIN.EXAMPLE.COM = { + EXAMPLE.COM = WIN.EXAMPLE.COM + } + EXAMPLE.COM = { + ENGR.WIN.EXAMPLE.COM = WIN.EXAMPLE.COM + SALES.WIN.EXAMPLE.COM = WIN.EXAMPLE.COM + } + +The first two blocks allow clients in the `ENGR.WIN.EXAMPLE.COM' and +`SALES.WIN.EXAMPLE.COM' realms to authenticate to services in the +`EXAMPLE.COM' realm. The third block tells the client (or tells the +KDC to tell the client via referrals) to transit through +`WIN.EXAMPLE.COM' to reach these realms. Both sides of the +configuration are needed for bi-directional transited cross-realm +authentication. + + +File: heimdal.info, Node: Setting up DNS, Next: Using LDAP to store the database, Prev: Transit policy, Up: Setting up a realm + +4.16 Setting up DNS +=================== + +4.16.1 Using DNS to find KDC +---------------------------- + +If there is information about where to find the KDC or kadmind for a +realm in the `krb5.conf' for a realm, that information will be +preferred, and DNS will not be queried. + +Heimdal will try to use DNS to find the KDCs for a realm. First it will +try to find a `SRV' resource record (RR) for the realm. If no SRV RRs +are found, it will fall back to looking for an `A' RR for a machine +named kerberos.REALM, and then kerberos-1.REALM, etc + +Adding this information to DNS minimises the client configuration (in +the common case, resulting in no configuration needed) and allows the +system administrator to change the number of KDCs and on what machines +they are running without caring about clients. + +The downside of using DNS is that the client might be fooled to use the +wrong server if someone fakes DNS replies/data, but storing the IP +addresses of the KDC on all the clients makes it very hard to change +the infrastructure. + +An example of the configuration for the realm `EXAMPLE.COM': + + + $ORIGIN example.com. + _kerberos._tcp SRV 10 1 88 kerberos.example.com. + _kerberos._udp SRV 10 1 88 kerberos.example.com. + _kerberos._tcp SRV 10 1 88 kerberos-1.example.com. + _kerberos._udp SRV 10 1 88 kerberos-1.example.com. + _kpasswd._udp SRV 10 1 464 kerberos.example.com. + _kerberos-adm._tcp SRV 10 1 749 kerberos.example.com. + +More information about DNS SRV resource records can be found in +RFC-2782 (A DNS RR for specifying the location of services (DNS SRV)). + +4.16.2 Using DNS to map hostname to Kerberos realm +-------------------------------------------------- + +Heimdal also supports a way to lookup a realm from a hostname. This to +minimise configuration needed on clients. Using this has the drawback +that clients can be redirected by an attacker to realms within the same +cross realm trust and made to believe they are talking to the right +server (since Kerberos authentication will succeed). + +An example configuration that informs clients that for the realms +it.example.com and srv.example.com, they should use the realm +EXAMPLE.COM: + + + $ORIGIN example.com. + _kerberos.it TXT "EXAMPLE.COM" + _kerberos.srv TXT "EXAMPLE.COM" + + +File: heimdal.info, Node: Using LDAP to store the database, Next: Providing Kerberos credentials to servers and programs, Prev: Setting up DNS, Up: Setting up a realm + +4.17 Using LDAP to store the database +===================================== + +This document describes how to install the LDAP backend for Heimdal. +Note that before attempting to configure such an installation, you +should be aware of the implications of storing private information +(such as users' keys) in a directory service primarily designed for +public information. Nonetheless, with a suitable authorisation policy, +it is possible to set this up in a secure fashion. A knowledge of LDAP, +Kerberos, and C is necessary to install this backend. The HDB schema +was devised by Leif Johansson. + +This assumes, OpenLDAP 2.3 or later. + +Requirements: + + * A current release of Heimdal, configured with + `--with-openldap=/usr/local' (adjust according to where you have + installed OpenLDAP). + + You can verify that you manage to configure LDAP support by running + `kdc --builtin-hdb', and checking that `ldap:' is one entry in the + list. + + Its also possible to configure the ldap backend as a shared module, + see option -hdb-openldap-module to configure. + + * Configure OpenLDAP with `--enable-local' to enable the local + transport. + + * Add the hdb schema to the LDAP server, it's included in the + source-tree in `lib/hdb/hdb.schema'. Example from slapd.conf: + + include /usr/local/etc/openldap/schema/hdb.schema + + * Configure the LDAP server ACLs to accept writes from clients over + the local transport. For example: + + access to * + by dn.exact="uid=heimdal,dc=services,dc=example,dc=com" write + ... + + authz-regexp "gidNumber=.*\\\+uidNumber=0,cn=peercred,cn=external,cn=auth'' + "uid=heimdal,dc=services,dc=example,dc=com" + + The sasl-regexp is for mapping between the SASL/EXTERNAL and a + user in a tree. The user that the key is mapped to should be have + a krb5Principal aux object with krb5PrincipalName set so that the + "creator" and "modifier" is right in `kadmin'. + + Another option is to create an admins group and add the dn to that + group. + + Since Heimdal talks to the LDAP server over a UNIX domain socket, + and uses external sasl authentication, it's not possible to require + security layer quality (ssf in cyrus-sasl lingo). So that + requirement has to be turned off in OpenLDAP `slapd' configuration + file `slapd.conf'. + + sasl-secprops minssf=0 + + * Start `slapd' with the local listener (as well as the default + TCP/IP listener on port 389) as follows: + + slapd -h "ldapi:/// ldap:///" + + Note: These is a bug in `slapd' where it appears to corrupt the + krb5Key binary attribute on shutdown. This may be related to our + use of the V3 schema definition syntax instead of the old + UMich-style, V2 syntax. + + * You should specify the distinguished name under which your + principals will be stored in `krb5.conf'. Also you need to enter + the path to the kadmin acl file: + + [kdc] + database = { + dbname = ldap:ou=KerberosPrincipals,dc=example,dc=com + hdb-ldap-structural-object = inetOrgPerson + acl_file = /path/to/kadmind.acl + mkey_file = /path/to/mkey + } + + `mkey_file' can be excluded if you feel that you trust your ldap + directory to have the raw keys inside it. The + hdb-ldap-structural-object is not necessary if you do not need + Samba comatibility. + + * Once you have built Heimdal and started the LDAP server, run kadmin + (as usual) to initialise the database. Note that the instructions + for stashing a master key are as per any Heimdal installation. + + kdc# kadmin -l + kadmin> init EXAMPLE.COM + Realm max ticket life [unlimited]: + Realm max renewable ticket life [unlimited]: + kadmin> add lukeh + Max ticket life [1 day]: + Max renewable life [1 week]: + Principal expiration time [never]: + Password expiration time [never]: + Attributes []: + lukeh@EXAMPLE.COM's Password: + Verifying password - lukeh@EXAMPLE.COM's Password: + kadmin> exit + + Verify that the principal database has indeed been stored in the + directory with the following command: + + kdc# ldapsearch -L -h localhost -D cn=manager \ + -w secret -b ou=KerberosPrincipals,dc=example,dc=com \ + 'objectclass=krb5KDCEntry' + + * Now consider adding indexes to the database to speed up the + access, at least theses should be added to slapd.conf. + + index objectClass eq + index cn eq,sub,pres + index uid eq,sub,pres + index displayName eq,sub,pres + index krb5PrincipalName eq + + +4.17.1 smbk5pwd overlay +----------------------- + +The smbk5pwd overlay, updates the krb5Key and krb5KeyVersionNumber +appropriately when it receives an LDAP Password change Extended +Operation: + +`http://www.openldap.org/devel/cvsweb.cgi/contrib/slapd-modules/smbk5pwd/README?hideattic=1&sortbydate=0' + +4.17.2 Troubleshooting guide +---------------------------- + +`https://sec.miljovern.no/bin/view/Info/TroubleshootingGuide' + +4.17.3 Using Samba LDAP password database +----------------------------------------- + +The Samba domain and the Kerberos realm can have different names since +arcfour's string to key functions principal/realm independent. So now +will be your first and only chance name your Kerberos realm without +needing to deal with old configuration files. + +First, you should set up Samba and get that working with LDAP backend. + +Now you can proceed as in *Note Using LDAP to store the database::. +Heimdal will pick up the Samba LDAP entries if they are in the same +search space as the Kerberos entries. + + +File: heimdal.info, Node: Providing Kerberos credentials to servers and programs, Next: Setting up PK-INIT, Prev: Using LDAP to store the database, Up: Setting up a realm + +4.18 Providing Kerberos credentials to servers and programs +=========================================================== + +Some services require Kerberos credentials when they start to make +connections to other services or need to use them when they have +started. + +The easiest way to get tickets for a service is to store the key in a +keytab. Both ktutil get and kadmin ext can be used to get a keytab. +ktutil get is better in that way it changes the key/password for the +user. This is also the problem with ktutil. If ktutil is used for the +same service principal on several hosts, they keytab will only be +useful on the last host. In that case, run the extract command on one +host and then securely copy the keytab around to all other hosts that +need it. + + host# ktutil -k /etc/krb5-service.keytab \ + get -p lha/admin@EXAMPLE.ORG service-principal@EXAMPLE.ORG + lha/admin@EXAMPLE.ORG's Password: + +To get a Kerberos credential file for the service, use kinit in the +`--keytab' mode. This will not ask for a password but instead fetch the +key from the keytab. + + service@host$ kinit --cache=/var/run/service_krb5_cache \ + --keytab=/etc/krb5-service.keytab \ + service-principal@EXAMPLE.ORG + +Long running services might need credentials longer then the expiration +time of the tickets. kinit can run in a mode that refreshes the tickets +before they expire. This is useful for services that write into AFS and +other distributed file systems using Kerberos. To run the long running +script, just append the program and arguments (if any) after the +principal. kinit will stop refreshing credentials and remove the +credentials when the script-to-start-service exits. + + service@host$ kinit --cache=/var/run/service_krb5_cache \ + --keytab=/etc/krb5-service.keytab \ + service-principal@EXAMPLE.ORG \ + script-to-start-service argument1 argument2 + + +File: heimdal.info, Node: Setting up PK-INIT, Next: Debugging Kerberos problems, Prev: Providing Kerberos credentials to servers and programs, Up: Setting up a realm + +4.19 Setting up PK-INIT +======================= + +PK-INIT leverages an existing PKI (public key infrastructure), using +certificates to get the initial ticket (usually the krbtgt +ticket-granting ticket). + +To use PK-INIT you must first have a PKI. If you don't have one, it is +time to create it. You should first read the whole chapter of the +document to see the requirements imposed on the CA software. + +A mapping between the PKI certificate and what principals that +certificate is allowed to use must exist. There are several ways to do +this. The administrator can use a configuration file, store the +principal in the SubjectAltName extension of the certificate, or store +the mapping in the principals entry in the kerberos database. + +4.20 Certificates +================= + +This section documents the requirements on the KDC and client +certificates and the format used in the id-pkinit-san OtherName +extention. + +4.20.1 KDC certificate +---------------------- + +The certificate for the KDC has serveral requirements. + +First, the certificate should have an Extended Key Usage (EKU) +id-pkkdcekuoid (1.3.6.1.5.2.3.5) set. Second, there must be a +subjectAltName otherName using OID id-pkinit-san (1.3.6.1.5.2.2) in the +type field and a DER encoded KRB5PrincipalName that matches the name of +the TGS of the target realm. Also, if the certificate has a +nameConstraints extention with a Generalname with dNSName or iPAdress, +it must match the hostname or adress of the KDC. + +The client is not required by the standard to check the server +certificate for this information if the client has external information +confirming which certificate the KDC is supposed to be using. However, +adding this information to the KDC certificate removes the need to +specially configure the client to recognize the KDC certificate. + +Remember that if the client would accept any certificate as the KDC's +certificate, the client could be fooled into trusting something that +isn't a KDC and thus expose the user to giving away information (like a +password or other private information) that it is supposed to keep +secret. + +4.20.2 Client certificate +------------------------- + +The client certificate may need to have a EKU id-pkekuoid +(1.3.6.1.5.2.3.4) set depending on the certifiate on the KDC. + +It possible to store the principal (if allowed by the KDC) in the +certificate and thus delegate responsibility to do the mapping between +certificates and principals to the CA. + +This behavior is controlled by KDC configuration option: + + [kdc] + pkinit_principal_in_certificate = yes + +4.20.2.1 Using KRB5PrincipalName in id-pkinit-san +................................................. + +The OtherName extention in the GeneralName is used to do the mapping +between certificate and principal. For the KDC certificate, this +stores the krbtgt principal name for that KDC. For the client +certificate, this stores the principal for which that certificate is +allowed to get tickets. + +The principal is stored in a SubjectAltName in the certificate using +OtherName. The OID in the type is id-pkinit-san. + + id-pkinit-san OBJECT IDENTIFIER ::= { iso (1) org (3) dod (6) + internet (1) security (5) kerberosv5 (2) 2 } + +The data part of the OtherName is filled with the following DER encoded +ASN.1 structure: + + KRB5PrincipalName ::= SEQUENCE { + realm [0] Realm, + principalName [1] PrincipalName + } + +where Realm and PrincipalName is defined by the Kerberos ASN.1 +specification. + +4.21 Naming certificate using hx509 +=================================== + +hx509 is the X.509 software used in Heimdal to handle certificates. +hx509 supports several different syntaxes for specifying certificate +files or formats. Several formats may be used: PEM, certificates +embedded in PKCS#12 files, certificates embedded in PKCS#11 devices, +and raw DER encoded certificates. + +Those formats may be specified as follows: + +DIR: + DIR specifies a directory which contains certificates in the DER or + PEM format. + + The main feature of DIR is that the directory is read on demand + when iterating over certificates. This allows applications, in some + situations, to avoid having to store all certificates in memory. + It's very useful for tests that iterate over large numbers of + certificates. + + The syntax is: + + DIR:/path/to/der/files + +FILE: + FILE: specifies a file that contains a certificate or private key. + The file can be either a PEM (openssl) file or a raw DER encoded + certificate. If it's a PEM file, it can contain several keys and + certificates and the code will try to match the private key and + certificate together. Multiple files may be specified, separated by + commas. + + It's useful to have one PEM file that contains all the trust + anchors. + + The syntax is: + + FILE:certificate.pem,private-key.key,other-cert.pem,.... + +PKCS11: + PKCS11: is used to handle smartcards via PKCS#11 drivers, such as + soft-token, opensc, or muscle. The argument specifies a shared + object that implements the PKCS#11 API. The default is to use all + slots on the device/token. + + The syntax is: + + PKCS11:shared-object.so + +PKCS12: + PKCS12: is used to handle PKCS#12 files. PKCS#12 files commonly + have the extension pfx or p12. + + The syntax is: + + PKCS12:/path/to/file.pfx + + +4.22 Configure the Kerberos software +==================================== + +First configure the client's trust anchors and what parameters to +verify. See the subsections below for how to do that. Then, you can use +kinit to get yourself tickets. For example: + + $ kinit -C FILE:$HOME/.certs/lha.crt,$HOME/.certs/lha.key lha@EXAMPLE.ORG + Enter your private key passphrase: + : lha@nutcracker ; klist + Credentials cache: FILE:/tmp/krb5cc_19100a + Principal: lha@EXAMPLE.ORG + + Issued Expires Principal + Apr 20 02:08:08 Apr 20 12:08:08 krbtgt/EXAMPLE.ORG@EXAMPLE.ORG + +Using PKCS#11 it can look like this instead: + + $ kinit -C PKCS11:/usr/heimdal/lib/hx509.so lha@EXAMPLE.ORG + PIN code for SoftToken (slot): + $ klist + Credentials cache: API:4 + Principal: lha@EXAMPLE.ORG + + Issued Expires Principal + Mar 26 23:40:10 Mar 27 09:40:10 krbtgt/EXAMPLE.ORG@EXAMPLE.ORG + +TODO: Write about the KDC. + +4.23 Configure the client +========================= + + [appdefaults] + pkinit_anchors = FILE:/path/to/trust-anchors.pem + + [realms] + EXAMPLE.COM = { + pkinit_require_eku = true + pkinit_require_krbtgt_otherName = true + pkinit_win2k = no + pkinit_win2k_require_binding = yes + } + +4.24 Configure the KDC +====================== + + [kdc] + enable-pkinit = yes + pkinit_identity = FILE:/secure/kdc.crt,/secure/kdc.key + pkinit_anchors = FILE:/path/to/trust-anchors.pem + pkinit_pool = PKCS12:/path/to/useful-intermediate-certs.pfx + pkinit_pool = FILE:/path/to/other-useful-intermediate-certs.pem + pkinit_allow_proxy_certificate = no + pkinit_win2k_require_binding = yes + pkinit_principal_in_certificate = no + +4.24.1 Using pki-mapping file +----------------------------- + +Note that the file name is space sensitive. + + # cat /var/heimdal/pki-mapping + # comments starts with # + lha@EXAMPLE.ORG:C=SE,O=Stockholm universitet,CN=Love,UID=lha + lha@EXAMPLE.ORG:CN=Love,UID=lha + +4.24.2 Using the Kerberos database +---------------------------------- + +4.25 Use hxtool to create certificates +====================================== + +4.25.1 Generate certificates +---------------------------- + +First, you need to generate a CA certificate. This example creates a CA +certificate that will be valid for 10 years. + +You need to change -subject in the command below to something +appropriate for your site. + + hxtool issue-certificate \ + --self-signed \ + --issue-ca \ + --generate-key=rsa \ + --subject="CN=CA,DC=test,DC=h5l,DC=se" \ + --lifetime=10years \ + --certificate="FILE:ca.pem" + +The KDC needs to have a certificate, so generate a certificate of the +type "pkinit-kdc" and set the PK-INIT specifial SubjectAltName to the +name of the krbtgt of the realm. + +You need to change -subject and -pk-init-principal in the command below +to something appropriate for your site. + + hxtool issue-certificate \ + --ca-certificate=FILE:ca.pem \ + --generate-key=rsa \ + --type="pkinit-kdc" \ + --pk-init-principal="krbtgt/TEST.H5L.SE@TEST.H5L.SE" \ + --subject="uid=kdc,DC=test,DC=h5l,DC=se" \ + --certificate="FILE:kdc.pem" + +The users also needs to have certificates. For your first client, +generate a certificate of type "pkinit-client". The client doesn't need +to have the PK-INIT SubjectAltName set; you can have the Subject DN in +the ACL file (pki-mapping) instead. + +You need to change -subject and -pk-init-principal in the command below +to something appropriate for your site. You can omit -pk-init-principal +if you're going to use the ACL file instead. + + hxtool issue-certificate \ + --ca-certificate=FILE:ca.pem \ + --generate-key=rsa \ + --type="pkinit-client" \ + --pk-init-principal="lha@TEST.H5L.SE" \ + --subject="uid=lha,DC=test,DC=h5l,DC=se" \ + --certificate="FILE:user.pem" + +4.25.2 Validate the certificate +------------------------------- + +hxtool also contains a tool that will validate certificates according +to rules from the PKIX document. These checks are not complete, but +they provide a good test of whether you got all of the basic bits right +in your certificates. + + hxtool validate FILE:user.pem + +4.26 Use OpenSSL to create certificates +======================================= + +This section tries to give the CA owners hints how to create +certificates using OpenSSL (or CA software based on OpenSSL). + +4.26.1 Using OpenSSL to create certificates with krb5PrincipalName +------------------------------------------------------------------ + +To make OpenSSL create certificates with krb5PrincipalName, use an +`openssl.cnf' as described below. To see a complete example of creating +client and KDC certificates, see the test-data generation script +`lib/hx509/data/gen-req.sh' in the source-tree. The certicates it +creates are used to test the PK-INIT functionality in +`tests/kdc/check-kdc.in'. + +To use this example you have to use OpenSSL 0.9.8a or later. + + + [user_certificate] + subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:princ_name + + [princ_name] + realm = EXP:0, GeneralString:MY.REALM + principal_name = EXP:1, SEQUENCE:principal_seq + + [principal_seq] + name_type = EXP:0, INTEGER:1 + name_string = EXP:1, SEQUENCE:principals + + [principals] + princ1 = GeneralString:userid + +Command usage: + + openssl x509 -extensions user_certificate + openssl ca -extensions user_certificate + +4.27 Using PK-INIT with Windows +=============================== + +4.27.1 Client configration +-------------------------- + +Clients using a Windows KDC with PK-INIT need configuration since +windows uses pre-standard format and this can't be autodetected. + +The pkinit_win2k_require_binding option requires the reply for the KDC +to be of the new, secure, type that binds the request to reply. Before, +clients could fake the reply from the KDC. To use this option you have +to apply a fix from Microsoft. + + [realms] + MY.MS.REALM = { + pkinit_win2k = yes + pkinit_win2k_require_binding = no + } + +4.27.2 Certificates +------------------- + +The client certificates need to have the extended keyusage "Microsoft +Smartcardlogin" (openssl has the OID shortname msSmartcardLogin). + +See Microsoft Knowledge Base Article - 281245 "Guidelines for Enabling +Smart Card Logon with Third-Party Certification Authorities" for a more +extensive description of how set setup an external CA so that it +includes all the information required to make a Windows KDC happy. + +4.27.3 Configure Windows 2000 CA +-------------------------------- + +To enable Microsoft Smartcardlogin for certificates in your Windows +2000 CA, you want to look at Microsoft Knowledge Base Article - 313274 +"HOW TO: Configure a Certification Authority to Issue Smart Card +Certificates in Windows". + + +File: heimdal.info, Node: Debugging Kerberos problems, Prev: Setting up PK-INIT, Up: Setting up a realm + +4.28 Debugging Kerberos problems +================================ + +To debug Kerberos client and server problems you can enable debug +traceing by adding the following to `/etc/krb5,conf'. Note that the +trace logging is sparse at the moment, but will continue to improve. + + [logging] + libkrb5 = 0-/SYSLOG: + + +File: heimdal.info, Node: Applications, Next: Things in search for a better place, Prev: Setting up a realm, Up: Top + +5 Applications +************** + +* Menu: + +* Authentication modules:: +* AFS:: + + +File: heimdal.info, Node: Authentication modules, Next: AFS, Prev: Applications, Up: Applications + +5.1 Authentication modules +========================== + +The problem of having different authentication mechanisms has been +recognised by several vendors, and several solutions have appeared. In +most cases these solutions involve some kind of shared modules that are +loaded at run-time. Modules for some of these systems can be found in +`lib/auth'. Presently there are modules for Digital's SIA, and IRIX' +`login' and `xdm' (in `lib/auth/afskauthlib'). + +* Menu: + +* Digital SIA:: +* IRIX:: + + +File: heimdal.info, Node: Digital SIA, Next: IRIX, Prev: Authentication modules, Up: Authentication modules + +5.1.1 Digital SIA +----------------- + +How to install the SIA module depends on which OS version you're +running. Tru64 5.0 has a new command, `siacfg', which makes this +process quite simple. If you have this program, you should just be able +to run: + siacfg -a KRB5 /usr/athena/lib/libsia_krb5.so + +On older versions, or if you want to do it by hand, you have to do the +following (not tested by us on Tru64 5.0): + + * Make sure `libsia_krb5.so' is available in `/usr/athena/lib'. If + `/usr/athena' is not on local disk, you might want to put it in + `/usr/shlib' or someplace else. If you do, you'll have to edit + `krb5_matrix.conf' to reflect the new location (you will also have + to do this if you installed in some other directory than + `/usr/athena'). If you built with shared libraries, you will have + to copy the shared `libkrb.so', `libdes.so', `libkadm.so', and + `libkafs.so' to a place where the loader can find them (such as + `/usr/shlib'). + + * Copy (your possibly edited) `krb5_matrix.conf' to `/etc/sia'. + + * Apply `security.patch' to `/sbin/init.d/security'. + + * Turn on KRB5 security by issuing `rcmgr set SECURITY KRB5' and + `rcmgr set KRB5_MATRIX_CONF krb5_matrix.conf'. + + * Digital thinks you should reboot your machine, but that really + shouldn't be necessary. It's usually sufficient just to run + `/sbin/init.d/security start' (and restart any applications that + use SIA, like `xdm'.) + +Users with local passwords (like `root') should be able to login safely. + +When using Digital's xdm the `KRB5CCNAME' environment variable isn't +passed along as it should (since xdm zaps the environment). Instead you +have to set `KRB5CCNAME' to the correct value in +`/usr/lib/X11/xdm/Xsession'. Add a line similar to + KRB5CCNAME=FILE:/tmp/krb5cc`id -u`_`ps -o ppid= -p $$`; export KRB5CCNAME +If you use CDE, `dtlogin' allows you to specify which additional +environment variables it should export. To add `KRB5CCNAME' to this +list, edit `/usr/dt/config/Xconfig', and look for the definition of +`exportList'. You want to add something like: + Dtlogin.exportList: KRB5CCNAME + +Notes to users with Enhanced security +..................................... + +Digital's `ENHANCED' (C2) security, and Kerberos solve two different +problems. C2 deals with local security, adds better control of who can +do what, auditing, and similar things. Kerberos deals with network +security. + +To make C2 security work with Kerberos you will have to do the +following. + + * Replace all occurrences of `krb5_matrix.conf' with + `krb5+c2_matrix.conf' in the directions above. + + * You must enable "vouching" in the `default' database. This will + make the OSFC2 module trust other SIA modules, so you can login + without giving your C2 password. To do this use `edauth' to edit + the default entry `/usr/tcb/bin/edauth -dd default', and add a + `d_accept_alternate_vouching' capability, if not already present. + + * For each user who does _not_ have a local C2 password, you should + set the password expiration field to zero. You can do this for each + user, or in the `default' table. To do this use `edauth' to set + (or change) the `u_exp' capability to `u_exp#0'. + + * You also need to be aware that the shipped `login', `rcp', and + `rshd', don't do any particular C2 magic (such as checking for + various forms of disabled accounts), so if you rely on those + features, you shouldn't use those programs. If you configure with + `--enable-osfc2', these programs will, however, set the login UID. + Still: use at your own risk. + +At present `su' does not accept the vouching flag, so it will not work +as expected. + +Also, kerberised ftp will not work with C2 passwords. You can solve this +by using both Digital's ftpd and our on different ports. + +*Remember*, if you do these changes you will get a system that most +certainly does _not_ fulfil the requirements of a C2 system. If C2 is +what you want, for instance if someone else is forcing you to use it, +you're out of luck. If you use enhanced security because you want a +system that is more secure than it would otherwise be, you probably got +an even more secure system. Passwords will not be sent in the clear, +for instance. + + +File: heimdal.info, Node: IRIX, Prev: Digital SIA, Up: Authentication modules + +5.1.2 IRIX +---------- + +The IRIX support is a module that is compatible with Transarc's +`afskauthlib.so'. It should work with all programs that use this +library. This should include `login' and `xdm'. + +The interface is not very documented but it seems that you have to copy +`libkafs.so', `libkrb.so', and `libdes.so' to `/usr/lib', or build your +`afskauthlib.so' statically. + +The `afskauthlib.so' itself is able to reside in `/usr/vice/etc', +`/usr/afsws/lib', or the current directory (wherever that is). + +IRIX 6.4 and newer seem to have all programs (including `xdm' and +`login') in the N32 object format, whereas in older versions they were +O32. For it to work, the `afskauthlib.so' library has to be in the same +object format as the program that tries to load it. This might require +that you have to configure and build for O32 in addition to the default +N32. + +Apart from this it should "just work"; there are no configuration files. + +Note that recent Irix 6.5 versions (at least 6.5.22) have PAM, +including a `pam_krb5.so' module. Not all relevant programs use PAM, +though, e.g. `ssh'. In particular, for console graphical login you need +to turn off `visuallogin' and turn on `xdm' with `chkconfig'. + + +File: heimdal.info, Node: AFS, Prev: Authentication modules, Up: Applications + +5.2 AFS +======= + +AFS is a distributed filesystem that uses Kerberos for authentication. + +For more information about AFS see OpenAFS `http://www.openafs.org/' +and Arla `http://www.stacken.kth.se/projekt/arla/'. + +5.2.1 kafs and afslog +--------------------- + +`afslog(1)' will obtains AFS tokens for a number of cells. What cells +to get tokens for can either be specified as an explicit list, as file +paths to get tokens for, or be left unspecified, in which case will use +whatever magic `kafs(3)' decides upon. + +If not told what cell to get credentials for, `kafs(3)' will search for +the files ThisCell and TheseCells in the locations specified in +`kafs(3)' and try to get tokens for these cells and the cells specified +in $HOME/.TheseCells. + +More usefully it will look at and ~/.TheseCells in your home directory +and for each line which is a cell get afs token for these cells. + +The TheseCells file defines the the cells to which applications on the +local client machine should try to aquire tokens for. It must reside in +the directories searched by `kafs(3)' on every AFS client machine. + +The file is in ASCII format and contains one character string, the cell +name, per line. Cell names are case sensitive, but most cell names are +lower case. + +See manpage for `kafs(3)' for search locations of ThisCell and +TheseCells. + +5.2.2 How to get a KeyFile +-------------------------- + +`ktutil -k AFSKEYFILE:KeyFile get afs@MY.REALM' + +or you can extract it with kadmin + + kadmin> ext -k AFSKEYFILE:/usr/afs/etc/KeyFile afs@My.CELL.NAME + +You have to make sure you have a `des-cbc-md5' encryption type since +that is the enctype that will be converted. + +5.2.3 How to convert a srvtab to a KeyFile +------------------------------------------ + +You need a `/usr/vice/etc/ThisCell' containing the cellname of your +AFS-cell. + +`ktutil copy krb4:/root/afs-srvtab AFSKEYFILE:/usr/afs/etc/KeyFile'. + +If keyfile already exists, this will add the new key in afs-srvtab to +KeyFile. + +5.3 Using 2b tokens with AFS +============================ + +5.3.1 What is 2b ? +------------------ + +2b is the name of the proposal that was implemented to give basic +Kerberos 5 support to AFS in rxkad. It's not real Kerberos 5 support +since it still uses fcrypt for data encryption and not Kerberos +encryption types. + +Its only possible (in all cases) to do this for DES encryption types +because only then the token (the AFS equivalent of a ticket) will be +smaller than the maximum size that can fit in the token cache in the +OpenAFS/Transarc client. It is a so tight fit that some extra wrapping +on the ASN1/DER encoding is removed from the Kerberos ticket. + +2b uses a Kerberos 5 EncTicketPart instead of a Kerberos 4 ditto for +the part of the ticket that is encrypted with the service's key. The +client doesn't know what's inside the encrypted data so to the client +it doesn't matter. + +To differentiate between Kerberos 4 tickets and Kerberos 5 tickets, 2b +uses a special kvno, 213 for 2b tokens and 255 for Kerberos 5 tokens. + +Its a requirement that all AFS servers that support 2b also support +native Kerberos 5 in rxkad. + +5.3.2 Configuring a Heimdal kdc to use 2b tokens +------------------------------------------------ + +Support for 2b tokens in the kdc are turned on for specific principals +by adding them to the string list option `[kdc]use_2b' in the kdc's +`krb5.conf' file. + + [kdc] + use_2b = { + afs@SU.SE = yes + afs/it.su.se@SU.SE = yes + } + +5.3.3 Configuring AFS clients for 2b support +-------------------------------------------- + +There is no need to configure AFS clients for 2b support. The only +software that needs to be installed/upgrade is a Kerberos 5 enabled +`afslog'. + + +File: heimdal.info, Node: Things in search for a better place, Next: Kerberos 4 issues, Prev: Applications, Up: Top + +6 Things in search for a better place +************************************* + +6.1 Making things work on Ciscos +================================ + +Modern versions of Cisco IOS has some support for authenticating via +Kerberos 5. This can be used both by having the router get a ticket when +you login (boring), and by using Kerberos authenticated telnet to access +your router (less boring). The following has been tested on IOS +11.2(12), things might be different with other versions. Old versions +are known to have bugs. + +To make this work, you will first have to configure your router to use +Kerberos (this is explained in the documentation). A sample +configuration looks like the following: + + aaa new-model + aaa authentication login default krb5-telnet krb5 enable + aaa authorization exec krb5-instance + kerberos local-realm FOO.SE + kerberos srvtab entry host/router.foo.se 0 891725446 4 1 8 012345678901234567 + kerberos server FOO.SE 10.0.0.1 + kerberos instance map admin 15 + +This tells you (among other things) that when logging in, the router +should try to authenticate with kerberised telnet, and if that fails try +to verify a plain text password via a Kerberos ticket exchange (as +opposed to a local database, RADIUS or something similar), and if that +fails try the local enable password. If you're not careful when you +specify the `login default' authentication mechanism, you might not be +able to login at all. The `instance map' and `authorization exec' lines +says that people with `admin' instances should be given `enabled' shells +when logging in. + +The numbers after the principal on the `srvtab' line are principal type, +time stamp (in seconds since 1970), key version number (4), keytype (1 +== des), key length (always 8 with des), and then the key. + +To make the Heimdal KDC produce tickets that the Cisco can decode you +might have to turn on the `encode_as_rep_as_tgs_rep' flag in the KDC. +You will also have to specify that the router can't handle anything but +`des-cbc-crc'. This can be done with the `del_enctype' command of +`kadmin'. + +This all fine and so, but unless you have an IOS version with encryption +(available only in the U.S) it doesn't really solve any problems. Sure +you don't have to send your password over the wire, but since the telnet +connection isn't protected it's still possible for someone to steal your +session. This won't be fixed until someone adds integrity to the telnet +protocol. + +A working solution would be to hook up a machine with a real operating +system to the console of the Cisco and then use it as a backwards +terminal server. + + +File: heimdal.info, Node: Kerberos 4 issues, Next: Windows compatibility, Prev: Things in search for a better place, Up: Top + +7 Kerberos 4 issues +******************* + +The KDC has built-in version 4 support. It is not enabled by default, +see setup how to set it up. + +The KDC will also have kaserver emulation and be able to handle +AFS-clients that use `klog'. + +For more about AFS, see the section *Note AFS::. + +* Menu: + +* Principal conversion issues:: +* Converting a version 4 database:: +* kaserver:: + + +File: heimdal.info, Node: Principal conversion issues, Next: Converting a version 4 database, Prev: Kerberos 4 issues, Up: Kerberos 4 issues + +7.1 Principal conversion issues +=============================== + +First, Kerberos 4 and Kerberos 5 principals are different. A version 4 +principal consists of a name, an instance, and a realm. A version 5 +principal has one or more components, and a realm (the terms "name" and +"instance" are still used, for the first and second component, +respectively). Also, in some cases the name of a version 4 principal +differs from the first component of the corresponding version 5 +principal. One notable example is the "host" type principals, where the +version 4 name is `rcmd' (for "remote command"), and the version 5 name +is `host'. For the class of principals that has a hostname as instance, +there is an other major difference, Kerberos 4 uses only the first +component of the hostname, whereas Kerberos 5 uses the fully qualified +hostname. + +Because of this it can be hard or impossible to correctly convert a +version 4 principal to a version 5 principal (1). The biggest problem is +to know if the conversion resulted in a valid principal. To give an +example, suppose you want to convert the principal `rcmd.foo'. + +The `rcmd' name suggests that the instance is a hostname (even if there +are exceptions to this rule). To correctly convert the instance `foo' +to a hostname, you have to know which host it is referring to. You can +to this by either guessing (from the realm) which domain name to +append, or you have to have a list of possible hostnames. In the +simplest cases you can cover most principals with the first rule. If you +have several domains sharing a single realm this will not usually work. +If the exceptions are few you can probably come by with a lookup table +for the exceptions. + +In a complex scenario you will need some kind of host lookup mechanism. +Using DNS for this is tempting, but DNS is error prone, slow and unsafe +(2). + +Fortunately, the KDC has a trump on hand: it can easily tell if a +principal exists in the database. The KDC will use +`krb5_425_conv_principal_ext' to convert principals when handling to +version 4 requests. + +---------- Footnotes ---------- + +(1) the other way is not always trivial either, but usually easier + +(2) at least until secure DNS is commonly available + + +File: heimdal.info, Node: Converting a version 4 database, Next: kaserver, Prev: Principal conversion issues, Up: Kerberos 4 issues + +7.2 Converting a version 4 database +=================================== + +If you want to convert an existing version 4 database, the principal +conversion issue arises too. + +If you decide to convert your database once and for all, you will only +have to do this conversion once. It is also possible to run a version 5 +KDC as a slave to a version 4 KDC. In this case this conversion will +happen every time the database is propagated. When doing this +conversion, there are a few things to look out for. If you have stale +entries in the database, these entries will not be converted. This might +be because these principals are not used anymore, or it might be just +because the principal couldn't be converted. + +You might also see problems with a many-to-one mapping of principals. +For instance, if you are using DNS lookups and you have two principals +`rcmd.foo' and `rcmd.bar', where `foo' is a CNAME for `bar', the +resulting principals will be the same. Since the conversion function +can't tell which is correct, these conflicts will have to be resolved +manually. + +7.2.1 Conversion example +------------------------ + +Given the following set of hosts and services: + + foo.se rcmd + mail.foo.se rcmd, pop + ftp.bar.se rcmd, ftp + +you have a database that consists of the following principals: + +`rcmd.foo', `rcmd.mail', `pop.mail', `rcmd.ftp', and `ftp.ftp'. + +lets say you also got these extra principals: `rcmd.gone', +`rcmd.old-mail', where `gone.foo.se' was a machine that has now passed +away, and `old-mail.foo.se' was an old mail machine that is now a CNAME +for `mail.foo.se'. + +When you convert this database you want the following conversions to be +done: + rcmd.foo host/foo.se + rcmd.mail host/mail.foo.se + pop.mail pop/mail.foo.se + rcmd.ftp host/ftp.bar.se + ftp.ftp ftp/ftp.bar.se + rcmd.gone removed + rcmd.old-mail removed + +A `krb5.conf' that does this looks like: + + [realms] + FOO.SE = { + v4_name_convert = { + host = { + ftp = ftp + pop = pop + rcmd = host + } + } + v4_instance_convert = { + foo = foo.se + ftp = ftp.bar.se + } + default_domain = foo.se + } + +The `v4_name_convert' section says which names should be considered +having an instance consisting of a hostname, and it also says how the +names should be converted (for instance `rcmd' should be converted to +`host'). The `v4_instance_convert' section says how a hostname should +be qualified (this is just a hosts-file in disguise). Host-instances +that aren't covered by `v4_instance_convert' are qualified by appending +the contents of the `default_domain'. + +Actually, this example doesn't work. Or rather, it works to well. Since +it has no way of knowing which hostnames are valid and which are not, it +will happily convert `rcmd.gone' to `host/gone.foo.se'. This isn't a +big problem, but if you have run your kerberos realm for a few years, +chances are big that you have quite a few `junk' principals. + +If you don't want this you can remove the `default_domain' statement, +but then you will have to add entries for _all_ your hosts in the +`v4_instance_convert' section. + +Instead of doing this you can use DNS to convert instances. This is not +a solution without problems, but it is probably easier than adding lots +of static host entries. + +To enable DNS lookup you should turn on `v4_instance_resolve' in the +`[libdefaults]' section. + +7.2.2 Converting a database +--------------------------- + +The database conversion is done with `hprop'. You can run this command +to propagate the database to the machine called `slave-server' (which +should be running a `hpropd'). + + hprop --source=krb4-db --master-key=/.m slave-server + +This command can also be to use for converting the v4 database on the +server: + + hprop -n --source=krb4-db -d /var/kerberos/principal --master-key=/.m | hpropd -n + + +File: heimdal.info, Node: kaserver, Prev: Converting a version 4 database, Up: Kerberos 4 issues + +7.3 kaserver +============ + +7.3.1 kaserver emulation +------------------------ + +The Heimdal kdc can emulate a kaserver. The kaserver is a Kerberos 4 +server with pre-authentication using Rx as the on-wire protocol. The kdc +contains a minimalistic Rx implementation. + +There are three parts of the kaserver; KAA (Authentication), KAT (Ticket +Granting), and KAM (Maintenance). The KAA interface and KAT interface +both passes over DES encrypted data-blobs (just like the +Kerberos-protocol) and thus do not need any other protection. The KAM +interface uses `rxkad' (Kerberos authentication layer for Rx) for +security and data protection, and is used for example for changing +passwords. This part is not implemented in the kdc. + +Another difference between the ka-protocol and the Kerberos 4 protocol +is that the pass-phrase is salted with the cellname in the `string to +key' function in the ka-protocol, while in the Kerberos 4 protocol there +is no salting of the password at all. To make sure AFS-compatible keys +are added to each principals when they are created or their password are +changed, `afs3-salt' should be added to `[kadmin]default_keys'. + +For more about AFS, see the section *Note AFS::. + +7.3.2 Transarc AFS Windows client +--------------------------------- + +The Transarc Windows client uses Kerberos 4 to obtain tokens, and thus +does not need a kaserver. The Windows client assumes that the Kerberos +server is on the same machine as the AFS-database server. If you do not +like to do that you can add a small program that runs on the database +servers that forward all kerberos requests to the real kerberos server. +A program that does this is `krb-forward' +(`ftp://ftp.stacken.kth.se/pub/projekts/krb-forward'). + + +File: heimdal.info, Node: Windows compatibility, Next: Programming with Kerberos, Prev: Kerberos 4 issues, Up: Top + +8 Windows compatibility +*********************** + +Microsoft Windows, starting from version 2000 (formerly known as +Windows NT 5), implements Kerberos 5. Their implementation, however, +has some quirks, peculiarities, and bugs. This chapter is a short +summary of the compatibility issues between Heimdal and various Windows +versions. + +The big problem with the Kerberos implementation in Windows is that the +available documentation is more focused on getting things to work +rather than how they work, and not that useful in figuring out how +things really work. It's of course subject to change all the time and +mostly consists of our not so inspired guesses. Hopefully it's still +somewhat useful. + +* Menu: + +* Configuring Windows to use a Heimdal KDC:: +* Inter-Realm keys (trust) between Windows and a Heimdal KDC:: +* Create account mappings:: +* Encryption types:: +* Authorisation data:: +* Quirks of Windows 2000 KDC:: +* Useful links when reading about the Windows:: + + +File: heimdal.info, Node: Configuring Windows to use a Heimdal KDC, Next: Inter-Realm keys (trust) between Windows and a Heimdal KDC, Prev: Windows compatibility, Up: Windows compatibility + +8.1 Configuring Windows to use a Heimdal KDC +============================================ + +You need the command line program called `ksetup.exe'. This program +comes with the Windows Support Tools, available from either the +installation CD-ROM (`SUPPORT/TOOLS/SUPPORT.CAB'), or from Microsoft +web site. Starting from Windows 2008, it is already installed. This +program is used to configure the Kerberos settings on a Workstation. + +`Ksetup' store the domain information under the registry key: +`HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\Kerberos\Domains'. + +Use the `kadmin' program in Heimdal to create a host principal in the +Kerberos realm. + + unix% kadmin + kadmin> ank --password=password host/datan.example.com + +The name `datan.example.com' should be replaced with DNS name of the +workstation. + +You must configure the workstation as a member of a workgroup, as +opposed to a member in an NT domain, and specify the KDC server of the +realm as follows: + C:> ksetup /setdomain EXAMPLE.COM + C:> ksetup /addkdc EXAMPLE.COM kdc.example.com + +Set the machine password, i.e. create the local keytab: + C:> ksetup /SetComputerPassword password + +The password used in `ksetup /setmachpassword' must be the same as the +password used in the `kadmin ank' command. + +The workstation must now be rebooted. + +A mapping between local NT users and Kerberos principals must be +specified. You have two choices. First: + + C:> ksetup /mapuser user@MY.REALM nt_user + +This will map a user to a specific principal; this allows you to have +other usernames in the realm than in your NT user database. (Don't ask +me why on earth you would want that....) + +You can also say: + C:> ksetup /mapuser * * +The Windows machine will now map any user to the corresponding +principal, for example `nisse' to the principal `nisse@MY.REALM'. +(This is most likely what you want.) + + +File: heimdal.info, Node: Inter-Realm keys (trust) between Windows and a Heimdal KDC, Next: Create account mappings, Prev: Configuring Windows to use a Heimdal KDC, Up: Windows compatibility + +8.2 Inter-Realm keys (trust) between Windows and a Heimdal KDC +============================================================== + +See also the Step-by-Step guide from Microsoft, referenced below. + +Install Windows, and create a new controller (Active Directory Server) +for the domain. + +By default the trust will be non-transitive. This means that only users +directly from the trusted domain may authenticate. This can be changed +to transitive by using the `netdom.exe' tool. `netdom.exe' can also be +used to add the trust between two realms. + +You need to tell Windows on what hosts to find the KDCs for the +non-Windows realm with `ksetup', see *Note Configuring Windows to use a +Heimdal KDC::. + +This needs to be done on all computers that want enable cross-realm +login with `Mapped Names'. Then you need to add the inter-realm keys +on the Windows KDC. Start the Domain Tree Management tool (found in +Programs, Administrative tools, Active Directory Domains and Trusts). + +Right click on Properties of your domain, select the Trust tab. Press +Add on the appropriate trust windows and enter domain name and +password. When prompted if this is a non-Windows Kerberos realm, press +OK. + +Do not forget to add trusts in both directions (if that's what you +want). + +If you want to use `netdom.exe' instead of the Domain Tree Management +tool, you do it like this: + + netdom trust NT.REALM.EXAMPLE.COM /Domain:EXAMPLE.COM /add /realm /passwordt:TrustPassword + +You also need to add the inter-realm keys to the Heimdal KDC. But take +care to the encryption types and salting used for those keys. There +should be no encryption type stronger than the one configured on +Windows side for this relationship, itself limited to the ones +supported by this specific version of Windows, nor any Kerberos 4 +salted hashes, as Windows does not seem to understand them. Otherwise, +the trust will not works. + +Here are the version-specific needed information: + 1. Windows 2000: maximum encryption type is DES + + 2. Windows 2003: maximum encryption type is DES + + 3. Windows 2003RC2: maximum encryption type is RC4, relationship + defaults to DES + + 4. Windows 2008: maximum encryption type is AES, relationship + defaults to RC4 + +For Windows 2003RC2, to change the trust encryption type, you have to +use the `ktpass', from the Windows 2003 Resource kit *service pack2*, +available from Microsoft web site. + + C:> ktpass /MITRealmName UNIX.EXAMPLE.COM /TrustEncryp RC4 + +For Windows 2008, the same operation can be done with the `ksetup', +installed by default. + + C:> ksetup /SetEncTypeAttre EXAMPLE.COM AES256-SHA1 + +Once the relationship is correctly configured, you can add the required +inter-realm keys, using heimdal default encryption types: + + kadmin add krbtgt/NT.REALM.EXAMPLE.COM@EXAMPLE.COM + kadmin add krbtgt/REALM.EXAMPLE.COM@NT.EXAMPLE.COM + +Use the same passwords for both keys. + +And if needed, to remove unsupported encryptions, such as the following +ones for a Windows 2003RC2 server. + + kadmin del_enctype krbtgt/REALM.EXAMPLE.COM@NT.EXAMPLE.COM aes256-cts-hmac-sha1-96 + kadmin del_enctype krbtgt/REALM.EXAMPLE.COM@NT.EXAMPLE.COM des3-cbc-sha1 + kadmin del_enctype krbtgt/NT.EXAMPLE.COM@EXAMPLE.COM aes256-cts-hmac-sha1-96 + kadmin del_enctype krbtgt/NT.EXAMPLE.COM@EXAMPLE.COM des3-cbc-sha1 + +Do not forget to reboot before trying the new realm-trust (after +running `ksetup'). It looks like it might work, but packets are never +sent to the non-Windows KDC. + + +File: heimdal.info, Node: Create account mappings, Next: Encryption types, Prev: Inter-Realm keys (trust) between Windows and a Heimdal KDC, Up: Windows compatibility + +8.3 Create account mappings +=========================== + +Start the `Active Directory Users and Computers' tool. Select the View +menu, that is in the left corner just below the real menu (or press +Alt-V), and select Advanced Features. Right click on the user that you +are going to do a name mapping for and choose Name mapping. + +Click on the Kerberos Names tab and add a new principal from the +non-Windows domain. + +This adds `authorizationNames' entry to the users LDAP entry to the +Active Directory LDAP catalog. When you create users by script you can +add this entry instead. + + +File: heimdal.info, Node: Encryption types, Next: Authorisation data, Prev: Create account mappings, Up: Windows compatibility + +8.4 Encryption types +==================== + +Windows 2000 supports both the standard DES encryptions (`des-cbc-crc' +and `des-cbc-md5') and its own proprietary encryption that is based on +MD4 and RC4 that is documented in and is supposed to be described in +`draft-brezak-win2k-krb-rc4-hmac-03.txt'. New users will get both MD4 +and DES keys. Users that are converted from a NT4 database, will only +have MD4 passwords and will need a password change to get a DES key. + + +File: heimdal.info, Node: Authorisation data, Next: Quirks of Windows 2000 KDC, Prev: Encryption types, Up: Windows compatibility + +8.5 Authorisation data +====================== + +The Windows 2000 KDC also adds extra authorisation data in tickets. It +is at this point unclear what triggers it to do this. The format of +this data is only available under a "secret" license from Microsoft, +which prohibits you implementing it. + +A simple way of getting hold of the data to be able to understand it +better is described here. + + 1. Find the client example on using the SSPI in the SDK documentation. + + 2. Change "AuthSamp" in the source code to lowercase. + + 3. Build the program. + + 4. Add the "authsamp" principal with a known password to the + database. Make sure it has a DES key. + + 5. Run `ktutil add' to add the key for that principal to a keytab. + + 6. Run `appl/test/nt_gss_server -p 2000 -s authsamp --dump-auth=FILE' + where FILE is an appropriate file. + + 7. It should authenticate and dump for you the authorisation data in + the file. + + 8. The tool `lib/asn1/asn1_print' is somewhat useful for analysing + the data. + + +File: heimdal.info, Node: Quirks of Windows 2000 KDC, Next: Useful links when reading about the Windows, Prev: Authorisation data, Up: Windows compatibility + +8.6 Quirks of Windows 2000 KDC +============================== + +There are some issues with salts and Windows 2000. Using an empty +salt--which is the only one that Kerberos 4 supported, and is therefore +known as a Kerberos 4 compatible salt--does not work, as far as we can +tell from out experiments and users' reports. Therefore, you have to +make sure you keep around keys with all the different types of salts +that are required. Microsoft have fixed this issue post Windows 2003. + +Microsoft seems also to have forgotten to implement the checksum +algorithms `rsa-md4-des' and `rsa-md5-des'. This can make Name mapping +(*note Create account mappings::) fail if a `des-cbc-md5' key is used. +To make the KDC return only `des-cbc-crc' you must delete the +`des-cbc-md5' key from the kdc using the `kadmin del_enctype' command. + + kadmin del_enctype lha des-cbc-md5 + +You should also add the following entries to the `krb5.conf' file: + + [libdefaults] + default_etypes = des-cbc-crc + default_etypes_des = des-cbc-crc + +These configuration options will make sure that no checksums of the +unsupported types are generated. + + +File: heimdal.info, Node: Useful links when reading about the Windows, Prev: Quirks of Windows 2000 KDC, Up: Windows compatibility + +8.7 Useful links when reading about the Windows +=============================================== + +See also our paper presented at the 2001 Usenix Annual Technical +Conference, available in the proceedings or at +`http://www.usenix.org/publications/library/proceedings/usenix01/freenix01/westerlund.html'. + +There are lots of texts about Kerberos on Microsoft's web site, here is +a short list of the interesting documents that we have managed to find. + + * Step-by-Step Guide to Kerberos 5 (krb5 1.0) Interoperability: + `http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/kerbstep.mspx'. + Kerberos GSS-API (in Windows-eze SSPI), Windows as a client in a + non-Windows KDC realm, adding unix clients to a Windows 2000 KDC, + and adding cross-realm trust (*note Inter-Realm keys (trust) + between Windows and a Heimdal KDC::). + + * Windows 2000 Kerberos Authentication: + `www.microsoft.com/technet/prodtechnol/windows2000serv/deploy/confeat/kerberos.mspx'. + White paper that describes how Kerberos is used in Windows 2000. + + * Overview of Kerberos: + `http://support.microsoft.com/support/kb/articles/Q248/7/58.ASP'. + Links to useful other links. + + * Event logging for Kerberos: + `http://support.microsoft.com/support/kb/articles/Q262/1/77.ASP'. + Basically it say that you can add a registry key + `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters\LogLevel' + with value DWORD equal to 1, and then you'll get logging in the + Event Logger. + + +Other useful programs include these: + + * pwdump2 + `http://www.bindview.com/Support/RAZOR/Utilities/Windows/pwdump2_readme.cfm' + + +File: heimdal.info, Node: Programming with Kerberos, Next: Migration, Prev: Windows compatibility, Up: Top + +9 Programming with Kerberos +*************************** + +See the Kerberos 5 API introduction and documentation on the Heimdal +webpage. + + +File: heimdal.info, Node: Migration, Next: Acknowledgments, Prev: Programming with Kerberos, Up: Top + +10 Migration +************ + +10.1 Migration from MIT Kerberos to Heimdal +=========================================== + +hpropd can read MIT Kerberos dump, the format is the same as used in +mit-kerberos 1.0b7, and to dump that format use the following command: +`kdb5_util dump -b7'. + +To load the MIT Kerberos dump file, use the following command: + +`/usr/heimdal/libexec/hprop --database=dump-file +--master-key=/var/db/krb5kdc/mit_stash --source=mit-dump --decrypt +--stdout | /usr/heimdal/libexec/hpropd --stdin' + +10.2 General issues +=================== + +When migrating from a Kerberos 4 KDC. + +10.3 Order in what to do things: +================================ + + * Convert the database, check all principals that hprop complains + about. + + `hprop -n --source=| hpropd -n' + + Replace with whatever source you have, like krb4-db or + krb4-dump. + + * Run a Kerberos 5 slave for a while. + + * Figure out if it does everything you want it to. + + Make sure that all things that you use works for you. + + * Let a small number of controlled users use Kerberos 5 tools. + + Find a sample population of your users and check what programs + they use, you can also check the kdc-log to check what ticket are + checked out. + + * Burn the bridge and change the master. + + * Let all users use the Kerberos 5 tools by default. + + * Turn off services that do not need Kerberos 4 authentication. + + Things that might be hard to get away is old programs with support + for Kerberos 4. Example applications are old Eudora installations + using KPOP, and Zephyr. Eudora can use the Kerberos 4 kerberos in + the Heimdal kdc. + + + +File: heimdal.info, Node: Acknowledgments, Next: Copyrights and Licenses, Prev: Migration, Up: Top + +Appendix A Acknowledgments +************************** + +Eric Young wrote "libdes". Heimdal used to use libdes, without it +kth-krb would never have existed. Since there are no longer any Eric +Young code left in the library, we renamed it to libhcrypto. + +All functions in libhcrypto have been re-implemented or used available +public domain code. The core AES function where written by Vincent +Rijmen, Antoon Bosselaers and Paulo Barreto. The core DES SBOX +transformation was written by Richard Outerbridge. `imath' that is used +for public key crypto support is written by Michael J. Fromberger. + +The University of California at Berkeley initially wrote `telnet', and +`telnetd'. The authentication and encryption code of `telnet' and +`telnetd' was added by David Borman (then of Cray Research, Inc). The +encryption code was removed when this was exported and then added back +by Juha Eskelinen. + +The `popper' was also a Berkeley program initially. + +Some of the functions in `libroken' also come from Berkeley by way of +NetBSD/FreeBSD. + +`editline' was written by Simmule Turner and Rich Salz. Heimdal +contains a modifed copy. + +The `getifaddrs' implementation for Linux was written by Hideaki +YOSHIFUJI for the Usagi project. + +The `pkcs11.h' headerfile was written by the Scute project. + +Bugfixes, documentation, encouragement, and code has been contributed +by: +Alexander Boström + +Allan McRae + +Andrew Bartlett + +Andrew Cobaugh + +Andrew Tridge + +Anton Lundin + +Asanka Herath + +Björn Grönvall + +Björn Sandell + +Björn Schlögl + +Brandon S. Allbery KF8NH + +Brian A May + +Buck Huppmann + +Cacdric Schieli + +Chaskiel M Grundman + +Christos Zoulas + +Cizzi Storm + +Daniel Kouril + +David Love + +David Markey + +Derrick J Brashear + +Donald Norwood + +Douglas E Engert + +Frank van der Linden + +Gabor Gombas + +Guido Günther + +Guillaume Rousse + +Harald Barth + +Ingo Schwarze + +Jacques A. Vidrine + +Jaideep Padhye + +Jan Rekorajski + +Jason McIntyre + +Jeffrey Altman + +Jelmer Vernooij + +Joerg Pulz + +Johan Danielsson + +Johan Gadsjö + +Johan Ihrén + +John Center + +Jun-ichiro itojun Hagino + +KAMADA Ken'ichi + +Kamen Mazdrashki + +Karolin Seeger + +Ken Hornstein + +Love Hörnquist Ã…strand + +Luke Howard + +Magnus Ahltorp + +Magnus Holmberg + +Marc Horowitz + +Mario Strasser + +Mark Eichin + +Martin von Gagern + +Matthias Dieter Wallnöfer + +Matthieu Patou + +Mattias Amnefelt + +Michael B Allen + +Michael Fromberger + +Michal Vocu + +Milosz Kmieciak + +Miroslav Ruda + +Mustafa A. Hashmi + +Nicolas Williams + +Patrik Lundin + +Petr Holub + +Phil Fisher + +Rafal Malinowski + +Rainer Toebbicke + +Richard Nyberg + +Roland C. Dowdeswell + +Roman Divacky + +Russ Allbery + +Sho Hosoda, ç´°ç”° å°† + +Simon Wilkinson + +Stefan Metzmacher + +Ted Percival + +Tom Payerle + +Victor Guerra + +Zeqing Xia + +Ã…ke Sandgren + +and we hope that those not mentioned here will forgive us. + +All bugs were introduced by ourselves. + + +File: heimdal.info, Node: Copyrights and Licenses, Prev: Acknowledgments, Up: Top + +Appendix B Copyrights and Licenses +********************************** + +Kungliga Tekniska Högskolan +============================ + + + +Copyright (c) 1997-2011 Kungliga Tekniska Högskolan +(Royal Institute of Technology, Stockholm, Sweden). +All rights reserved. + +Portions Copyright (c) 2009 Apple Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +3. Neither the name of the Institute nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +Massachusetts Institute of Technology +===================================== + +The parts of the libtelnet that handle Kerberos. + + + +Copyright (C) 1990 by the Massachusetts Institute of Technology + +Export of this software from the United States of America may +require a specific license from the United States Government. +It is the responsibility of any person or organization contemplating +export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + +The Regents of the University of California +=========================================== + +The parts of the libroken, most of libtelnet, telnet, ftp, and popper. + + + +Copyright (c) 1988, 1990, 1993 + The Regents of the University of California. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +3. Neither the name of the University nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +The Regents of the University of California. +============================================ + +libedit + + + +Copyright (c) 1992, 1993 + The Regents of the University of California. All rights reserved. + +This code is derived from software contributed to Berkeley by +Christos Zoulas of Cornell University. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. Neither the name of the University nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +TomsFastMath / LibTomMath +========================= + +Tom's fast math (bignum support) and LibTomMath + + + +LibTomMath is hereby released into the Public Domain. + +Doug Rabson +=========== + +GSS-API mechglue layer. + + + +Copyright (c) 2005 Doug Rabson +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +PADL Software Pty Ltd +===================== + +GSS-API CFX, SPNEGO, naming extensions, API extensions. + +KCM credential cache. + +HDB LDAP backend. + + + +Copyright (c) 2003-2011, PADL Software Pty Ltd. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +3. Neither the name of PADL Software nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +Marko Kreen +=========== + +Fortuna in libhcrypto + + + +Copyright (c) 2005 Marko Kreen +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +NTT (Nippon Telegraph and Telephone Corporation) +================================================ + +Camellia in libhcrypto + + + +Copyright (c) 2006,2007 +NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer as + the first lines of this file unmodified. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR +IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, +INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +The NetBSD Foundation, Inc. +=========================== + +vis.c in libroken + + + +Copyright (c) 1999, 2005 The NetBSD Foundation, Inc. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS +``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS +BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +Vincent Rijmen, Antoon Bosselaers, Paulo Barreto +================================================ + +AES in libhcrypto + + + +rijndael-alg-fst.c + +@version 3.0 (December 2000) + +Optimised ANSI C code for the Rijndael cipher (now AES) + +@author Vincent Rijmen +@author Antoon Bosselaers +@author Paulo Barreto + +This code is hereby placed in the public domain. + +THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS +OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, +EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +Apple, Inc +========== + +kdc/announce.c + + + +Copyright (c) 2008 Apple Inc. All Rights Reserved. + +Export of this software from the United States of America may require +a specific license from the United States Government. It is the +responsibility of any person or organization contemplating export to +obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of Apple Inc. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. Apple Inc. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + +Richard Outerbridge +=================== + +DES core in libhcrypto + + + +D3DES (V5.09) - + +A portable, public domain, version of the Data Encryption Standard. + +Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge. +Thanks to: Dan Hoey for his excellent Initial and Inverse permutation +code; Jim Gillogly & Phil Karn for the DES key schedule code; Dennis +Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau, +for humouring me on. + +Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge. +(GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992. + +Secure Endpoints Inc +==================== + +Windows support + + + +Copyright (c) 2009, Secure Endpoints Inc. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +- Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +- Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +OF THE POSSIBILITY OF SUCH DAMAGE. + +Novell, Inc +=========== + +lib/hcrypto/test_dh.c + + + +Copyright (c) 2007, Novell, Inc. +Author: Matthias Koenig + +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +* Neither the name of the Novell nor the names of its contributors may be used + to endorse or promote products derived from this software without specific + prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + + + +Tag Table: +Node: Top212 +Node: Introduction1706 +Node: What is Kerberos?4515 +Node: Building and Installing9628 +Node: Setting up a realm9955 +Node: Configuration file10943 +Node: Creating the database13819 +Node: Modifying the database16751 +Node: Checking the setup18344 +Node: keytabs19199 +Node: Serving Kerberos 4/524/kaserver20067 +Node: Remote administration21611 +Node: Password changing23541 +Node: Testing clients and servers27729 +Node: Slave Servers28057 +Node: Incremental propagation29812 +Node: Encryption types and salting33056 +Node: Credential cache server - KCM35233 +Node: Cross realm37217 +Node: Transit policy39763 +Node: Setting up DNS46540 +Node: Using LDAP to store the database49015 +Node: Providing Kerberos credentials to servers and programs55020 +Node: Setting up PK-INIT57118 +Node: Debugging Kerberos problems69597 +Node: Applications70028 +Node: Authentication modules70228 +Node: Digital SIA70822 +Node: IRIX75206 +Node: AFS76496 +Node: Things in search for a better place80250 +Node: Kerberos 4 issues82979 +Node: Principal conversion issues83486 +Ref: Principal conversion issues-Footnote-185717 +Ref: Principal conversion issues-Footnote-285785 +Node: Converting a version 4 database85838 +Node: kaserver90168 +Node: Windows compatibility91989 +Node: Configuring Windows to use a Heimdal KDC93075 +Node: Inter-Realm keys (trust) between Windows and a Heimdal KDC95145 +Node: Create account mappings98816 +Node: Encryption types99568 +Node: Authorisation data100168 +Node: Quirks of Windows 2000 KDC101315 +Node: Useful links when reading about the Windows102609 +Node: Programming with Kerberos104413 +Node: Migration104663 +Node: Acknowledgments106424 +Node: Copyrights and Licenses109318 + +End Tag Table diff --git a/doc/heimdal.texi b/doc/heimdal.texi index 1b999d30108f..cebee5df792a 100644 --- a/doc/heimdal.texi +++ b/doc/heimdal.texi @@ -1,6 +1,6 @@ \input texinfo @c -*- texinfo -*- @c %**start of header -@c $Id: heimdal.texi 22191 2007-12-06 17:26:30Z lha $ +@c $Id$ @setfilename heimdal.info @settitle HEIMDAL @iftex @@ -16,7 +16,6 @@ @include vars.texi -@set UPDATED $Date: 2007-12-06 09:26:30 -0800 (Tor, 06 Dec 2007) $ @set VERSION @value{PACKAGE_VERSION} @set EDITION 1.0 @@ -32,227 +31,11 @@ @title Heimdal @subtitle Kerberos 5 from KTH @subtitle Edition @value{EDITION}, for version @value{VERSION} -@subtitle 2007 +@subtitle 2008 @author Johan Danielsson -@author Love Hörnquist Åstrand +@author Love Hörnquist Ã…strand @author Assar Westerlund -@author last updated @value{UPDATED} -@def@copynext{@vskip 20pt plus 1fil@penalty-1000} -@def@copyrightstart{} -@def@copyrightend{} -@page -@copyrightstart -Copyright (c) 1997-2007 Kungliga Tekniska Högskolan -(Royal Institute of Technology, Stockholm, Sweden). -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. Neither the name of the Institute nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright (C) 1990 by the Massachusetts Institute of Technology - -Export of this software from the United States of America may -require a specific license from the United States Government. -It is the responsibility of any person or organization contemplating -export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - -@copynext - -Copyright (c) 1988, 1990, 1993 - The Regents of the University of California. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. Neither the name of the University nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright 1992 Simmule Turner and Rich Salz. All rights reserved. - -This software is not subject to any license of the American Telephone -and Telegraph Company or of the Regents of the University of California. - -Permission is granted to anyone to use this software for any purpose on -any computer system, and to alter it and redistribute it freely, subject -to the following restrictions: - -1. The authors are not responsible for the consequences of use of this - software, no matter how awful, even if they arise from flaws in it. - -2. The origin of this software must not be misrepresented, either by - explicit claim or by omission. Since few users ever read sources, - credits must appear in the documentation. - -3. Altered versions must be plainly marked as such, and must not be - misrepresented as being the original software. Since few users - ever read sources, credits must appear in the documentation. - -4. This notice may not be removed or altered. - -@copynext - -IMath is Copyright 2002-2005 Michael J. Fromberger -You may use it subject to the following Licensing Terms: - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -@copynext - -Copyright (c) 2005 Doug Rabson -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright (c) 2005 Marko Kreen -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright (c) 2006,2007 -NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer as - the first lines of this file unmodified. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR -IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -@copyrightend @end titlepage @macro manpage{man, section} @@ -276,8 +59,7 @@ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. @top Heimdal @end ifnottex -This manual is last updated @value{UPDATED} for version -@value{VERSION} of Heimdal. +This manual for version @value{VERSION} of Heimdal. @menu * Introduction:: @@ -287,10 +69,11 @@ This manual is last updated @value{UPDATED} for version * Applications:: * Things in search for a better place:: * Kerberos 4 issues:: -* Windows 2000 compatability:: +* Windows compatibility:: * Programming with Kerberos:: * Migration:: * Acknowledgments:: +* Copyrights and Licenses:: @detailmenu --- The Detailed Node Listing --- @@ -308,6 +91,7 @@ Setting up a realm * Slave Servers:: * Incremental propagation:: * Encryption types and salting:: +* Credential cache server - KCM:: * Cross realm:: * Transit policy:: * Setting up DNS:: @@ -331,24 +115,18 @@ Kerberos 4 issues * Converting a version 4 database:: * kaserver:: -Windows 2000 compatability +Windows compatibility -* Configuring Windows 2000 to use a Heimdal KDC:: -* Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC:: +* Configuring Windows to use a Heimdal KDC:: +* Inter-Realm keys (trust) between Windows and a Heimdal KDC:: * Create account mappings:: * Encryption types:: * Authorisation data:: * Quirks of Windows 2000 KDC:: -* Useful links when reading about the Windows 2000:: +* Useful links when reading about the Windows:: Programming with Kerberos -* Kerberos 5 API Overview:: -* Walkthrough of a sample Kerberos 5 client:: -* Validating a password in a server application:: -* API differences to MIT Kerberos:: -* File formats:: - @end detailmenu @end menu @@ -363,6 +141,7 @@ Programming with Kerberos @include programming.texi @include migration.texi @include ack.texi +@include copyright.texi @c @shortcontents @contents diff --git a/doc/hx509.din b/doc/hx509.din index e28429f383bd..c6d02b287c1f 100644 --- a/doc/hx509.din +++ b/doc/hx509.din @@ -2,7 +2,7 @@ PROJECT_NAME = Heimdal x509 library PROJECT_NUMBER = @PACKAGE_VERSION@ -OUTPUT_DIRECTORY = @objdir@/hx509 +OUTPUT_DIRECTORY = @srcdir@/doxyout/hx509 INPUT = @srcdir@/../lib/hx509 WARN_IF_UNDOCUMENTED = YES diff --git a/doc/hx509.info b/doc/hx509.info new file mode 100644 index 000000000000..385b63a872ed --- /dev/null +++ b/doc/hx509.info @@ -0,0 +1,617 @@ +Detta är hx509.info, skapad av makeinfo version 4.8 frÃ¥n hx509.texi. + +INFO-DIR-SECTION Security +START-INFO-DIR-ENTRY +* hx509: (hx509). The X.509 distribution from KTH +END-INFO-DIR-ENTRY + + +File: hx509.info, Node: Top, Next: Introduction, Prev: (dir), Up: (dir) + +Heimdal +******* + +This manual is for version 1.5 of hx509. + +* Menu: + +* Introduction:: +* What is X.509 ?:: +* Setting up a CA:: +* CMS signing and encryption:: +* Certificate matching:: +* Software PKCS 11 module:: + + --- The Detailed Node Listing --- + +Setting up a CA + +* Creating a CA certificate:: +* Issuing certificates:: +* Issuing CRLs:: +* Application requirements:: + +CMS signing and encryption + +* CMS background:: + +Certificate matching + +* Matching syntax:: + +Software PKCS 11 module + +* How to use the PKCS11 module:: + + +File: hx509.info, Node: Introduction, Next: What is X.509 ?, Prev: Top, Up: Top + +1 Introduction +************** + +The goals of a PKI infrastructure (as defined in RFC 3280) is to meet +_the needs of deterministic, automated identification, authentication, +access control, and authorization_. + +The administrator should be aware of certain terminologies as explained +by the aforementioned RFC before attemping to put in place a PKI +infrastructure. Briefly, these are: + + * CA Certificate Authority + + * RA Registration Authority, i.e., an optional system to which a CA + delegates certain management functions. + + * CRL Issuer An optional system to which a CA delegates the + publication of certificate revocation lists. + + * Repository A system or collection of distributed systems that + stores certificates and CRLs and serves as a means of distributing + these certificates and CRLs to end entities + +hx509 (Heimdal x509 support) is a near complete X.509 stack that can +handle CMS messages (crypto system used in S/MIME and Kerberos PK-INIT) +and basic certificate processing tasks, path construction, path +validation, OCSP and CRL validation, PKCS10 message construction, CMS +Encrypted (shared secret encrypted), CMS SignedData (certificate +signed), and CMS EnvelopedData (certificate encrypted). + +hx509 can use PKCS11 tokens, PKCS12 files, PEM files, and/or DER encoded +files. + + +File: hx509.info, Node: What is X.509 ?, Next: Setting up a CA, Prev: Introduction, Up: Top + +2 What is X.509, PKIX, PKCS7 and CMS ? +************************************** + +X.509 was created by CCITT (later ITU) for the X.500 directory service. +Today, X.509 discussions and implementations commonly reference the +IETF's PKIX Certificate and CRL Profile of the X.509 v3 certificate +standard, as specified in RFC 3280. + +ITU continues to develop the X.509 standard together with the IETF in a +rather complicated dance. + +X.509 is a public key based security system that has associated data +stored within a so called certificate. Initially, X.509 was a strict +hierarchical system with one root. However, ever evolving requiments and +technology advancements saw the inclusion of multiple policy roots, +bridges and mesh solutions. + +x.509 can also be used as a peer to peer system, though often seen as a +common scenario. + +2.1 Type of certificates +======================== + +There are several flavors of certificate in X.509. + + * Trust anchors + + Trust anchors are strictly not certificates, but commonly stored + in a certificate format as they become easier to manage. Trust + anchors are the keys that an end entity would trust to validate + other certificates. This is done by building a path from the + certificate you want to validate to to any of the trust anchors + you have. + + * End Entity (EE) certificates + + End entity certificates are the most common types of certificates. + End entity certificates cannot issue (sign) certificate themselves + and are generally used to authenticate and authorize users and + services. + + * Certification Authority (CA) certificates + + Certificate authority certificates have the right to issue + additional certificates (be it sub-ordinate CA certificates to + build an trust anchors or end entity certificates). There is no + limit to how many certificates a CA may issue, but there might + other restrictions, like the maximum path depth. + + * Proxy certificates + + Remember the statement "End Entity certificates cannot issue + certificates"? Well that statement is not entirely true. There is + an extension called proxy certificates defined in RFC3820, that + allows certificates to be issued by end entity certificates. The + service that receives the proxy certificates must have explicitly + turned on support for proxy certificates, so their use is somewhat + limited. + + Proxy certificates can be limited by policies stored in the + certificate to what they can be used for. This allows users to + delegate the proxy certificate to services (by sending over the + certificate and private key) so the service can access services on + behalf of the user. + + One example of this would be a print service. The user wants to + print a large job in the middle of the night when the printer + isn't used that much, so the user creates a proxy certificate with + the policy that it can only be used to access files related to + this print job, creates the print job description and send both + the description and proxy certificate with key over to print + service. Later at night when the print service initializes + (without any user intervention), access to the files for the print + job is granted via the proxy certificate. As a result of (in-place) + policy limitations, the certificate cannot be used for any other + purposes. + + +2.2 Building a path +=================== + +Before validating a certificate path (or chain), the path needs to be +constructed. Given a certificate (EE, CA, Proxy, or any other type), +the path construction algorithm will try to find a path to one of the +trust anchors. + +The process starts by looking at the issuing CA of the certificate, by +Name or Key Identifier, and tries to find that certificate while at the +same time evaluting any policies in-place. + + +File: hx509.info, Node: Setting up a CA, Next: Creating a CA certificate, Prev: What is X.509 ?, Up: Top + +3 Setting up a CA +***************** + +Do not let information overload scare you off! If you are simply testing +or getting started with a PKI infrastructure, skip all this and go to +the next chapter (see: *note Creating a CA certificate::). + +Creating a CA certificate should be more the just creating a +certificate, CA's should define a policy. Again, if you are simply +testing a PKI, policies do not matter so much. However, when it comes to +trust in an organisation, it will probably matter more whom your users +and sysadmins will find it acceptable to trust. + +At the same time, try to keep things simple, it's not very hard to run a +Certificate authority and the process to get new certificates should be +simple. + +You may find it helpful to answer the following policy questions for +your organization at a later stage: + + * How do you trust your CA. + + * What is the CA responsibility. + + * Review of CA activity. + + * How much process should it be to issue certificate. + + * Who is allowed to issue certificates. + + * Who is allowed to requests certificates. + + * How to handle certificate revocation, issuing CRLs and maintain + OCSP services. + + +File: hx509.info, Node: Creating a CA certificate, Next: Issuing certificates, Prev: Setting up a CA, Up: Top + +3.1 Creating a CA certificate +============================= + +This section describes how to create a CA certificate and what to think +about. + +3.1.1 Lifetime CA certificate +----------------------------- + +You probably want to create a CA certificate with a long lifetime, 10 +years at the very minimum. This is because you don't want to push out +the certificate (as a trust anchor) to all you users again when the old +CA certificate expires. Although a trust anchor can't really expire, +not all software works in accordance with published standards. + +Keep in mind the security requirements might be different 10-20 years +into the future. For example, SHA1 is going to be withdrawn in 2010, so +make sure you have enough buffering in your choice of digest/hash +algorithms, signature algorithms and key lengths. + +3.1.2 Create a CA certificate +----------------------------- + +This command below can be used to generate a self-signed CA certificate. + + hxtool issue-certificate \ + --self-signed \ + --issue-ca \ + --generate-key=rsa \ + --subject="CN=CertificateAuthority,DC=test,DC=h5l,DC=se" \ + --lifetime=10years \ + --certificate="FILE:ca.pem" + +3.1.3 Extending the lifetime of a CA certificate +------------------------------------------------ + +You just realised that your CA certificate is going to expire soon and +that you need replace it with a new CA. The easiest way to do that is +to extend the lifetime of your existing CA certificate. + +The example below will extend the CA certificate's lifetime by 10 years. +You should compare this new certificate if it contains all the special +tweaks as the old certificate had. + + hxtool issue-certificate \ + --self-signed \ + --issue-ca \ + --lifetime="10years" \ + --template-certificate="FILE:ca.pem" \ + --template-fields="serialNumber,notBefore,subject,SPKI" \ + --ca-private-key=FILE:ca.pem \ + --certificate="FILE:new-ca.pem" + +3.1.4 Subordinate CA +-------------------- + +This example below creates a new subordinate certificate authority. + + hxtool issue-certificate \ + --ca-certificate=FILE:ca.pem \ + --issue-ca \ + --generate-key=rsa \ + --subject="CN=CertificateAuthority,DC=dev,DC=test,DC=h5l,DC=se" \ + --certificate="FILE:dev-ca.pem" + + +File: hx509.info, Node: Issuing certificates, Next: Issuing CRLs, Prev: Creating a CA certificate, Up: Top + +3.2 Issuing certificates +======================== + +First you'll create a CA certificate, after that you have to deal with +your users and servers and issue certificates to them. + + * Do all the work themself + + Generate the key for the user. This has the problme that the the CA + knows the private key of the user. For a paranoid user this might + leave feeling of disconfort. + + * Have the user do part of the work + + Receive PKCS10 certificate requests fromusers. PKCS10 is a request + for a certificate. The user may specify what DN they want as well + as provide a certificate signing request (CSR). To prove the user + have the key, the whole request is signed by the private key of + the user. + + +3.2.1 Name space management +--------------------------- + +What people might want to see. + +Re-issue certificates just because people moved within the organization. + +Expose privacy information. + +Using Sub-component name (+ notation). + +3.2.2 Certificate Revocation, CRL and OCSP +------------------------------------------ + +Certificates that a CA issues may need to be revoked at some stage. As +an example, an employee leaves the organization and does not bother +handing in his smart card (or even if the smart card is handed back - +the certificate on it must no longer be acceptable to services; the +employee has left). + +You may also want to revoke a certificate for a service which is no +longer being offered on your network. Overlooking these scenarios can +lead to security holes which will quickly become a nightmare to deal +with. + +There are two primary protocols for dealing with certificate +revokation. Namely: + + * Certificate Revocation List (CRL) + + * Online Certificate Status Protocol (OCSP) + +If however the certificate in qeustion has been destroyed, there is no +need to revoke the certificate because it can not be used by someone +else. This matter since for each certificate you add to CRL, the +download time and processing time for clients are longer. + +CRLs and OCSP responders however greatly help manage compatible services +which may authenticate and authorize users (or services) on an on-going +basis. As an example, VPN connectivity established via certificates for +connecting clients would require your VPN software to make use of a CRL +or an OCSP service to ensure revoked certificates belonging to former +clients are not allowed access to (formerly subscribed) network +services. + + +File: hx509.info, Node: Issuing CRLs, Next: Application requirements, Prev: Issuing certificates, Up: Top + +3.3 Issuing CRLs +================ + +Create an empty CRL with no certificates revoked. Default expiration +value is one year from now. + + hxtool crl-sign \ + --crl-file=crl.der \ + --signer=FILE:ca.pem + +Create a CRL with all certificates in the directory +`/path/to/revoked/dir' included in the CRL as revoked. Also make it +expire one month from now. + + hxtool crl-sign \ + --crl-file=crl.der \ + --signer=FILE:ca.pem \ + --lifetime='1 month' \ + DIR:/path/to/revoked/dir + + +File: hx509.info, Node: Application requirements, Next: CMS signing and encryption, Prev: Issuing CRLs, Up: Top + +3.4 Application requirements +============================ + +Application place different requirements on certificates. This section +tries to expand what they are and how to use hxtool to generate +certificates for those services. + +3.4.1 HTTPS - server +-------------------- + + hxtool issue-certificate \ + --subject="CN=www.test.h5l.se,DC=test,DC=h5l,DC=se" \ + --type="https-server" \ + --hostname="www.test.h5l.se" \ + --hostname="www2.test.h5l.se" \ + ... + +3.4.2 HTTPS - client +-------------------- + + hxtool issue-certificate \ + --subject="UID=testus,DC=test,DC=h5l,DC=se" \ + --type="https-client" \ + ... + +3.4.3 S/MIME - email +-------------------- + +There are two things that should be set in S/MIME certificates, one or +more email addresses and an extended eku usage (EKU), emailProtection. + +The email address format used in S/MIME certificates is defined in +RFC2822, section 3.4.1 and it should be an "addr-spec". + +There are two ways to specifify email address in certificates. The old +way is in the subject distinguished name, _this should not be used_. The +new way is using a Subject Alternative Name (SAN). + +Even though the email address is stored in certificates, they don't need +to be, email reader programs are required to accept certificates that +doesn't have either of the two methods of storing email in certificates +- in which case, the email client will try to protect the user by +printing the name of the certificate instead. + +S/MIME certificate can be used in another special way. They can be +issued with a NULL subject distinguished name plus the email in SAN, +this is a valid certificate. This is used when you wont want to share +more information then you need to. + +hx509 issue-certificate supports adding the email SAN to certificate by +using the -email option, -email also gives an implicit emailProtection +eku. If you want to create an certificate without an email address, the +option -type=email will add the emailProtection EKU. + + hxtool issue-certificate \ + --subject="UID=testus-email,DC=test,DC=h5l,DC=se" \ + --type=email \ + --email="testus@test.h5l.se" \ + ... + +An example of an certificate without and subject distinguished name with +an email address in a SAN. + + hxtool issue-certificate \ + --subject="" \ + --type=email \ + --email="testus@test.h5l.se" \ + ... + +3.4.4 PK-INIT +------------- + +A PK-INIT infrastructure allows users and services to pick up kerberos +credentials (tickets) based on their certificate. This, for example, +allows users to authenticate to their desktops using smartcards while +acquiring kerberos tickets in the process. + +As an example, an office network which offers centrally controlled +desktop logins, mail, messaging (xmpp) and openafs would give users +single sign-on facilities via smartcard based logins. Once the kerberos +ticket has been acquired, all kerberized services would immediately +become accessible based on deployed security policies. + +Let's go over the process of initializing a demo PK-INIT framework: + + hxtool issue-certificate \ + --type="pkinit-kdc" \ + --pk-init-principal="krbtgt/TEST.H5L.SE@TEST.H5L.SE" \ + --hostname=kerberos.test.h5l.se \ + --ca-certificate="FILE:ca.pem,ca.key" \ + --generate-key=rsa \ + --certificate="FILE:kdc.pem" \ + --subject="cn=kdc" + +How to create a certificate for a user. + + hxtool issue-certificate \ + --type="pkinit-client" \ + --pk-init-principal="user@TEST.H5L.SE" \ + --ca-certificate="FILE:ca.pem,ca.key" \ + --generate-key=rsa \ + --subject="cn=Test User" \ + --certificate="FILE:user.pem" + +The -type field can be specified multiple times. The same certificate +can hence house extensions for both pkinit-client as well as S/MIME. + +To use the PKCS11 module, please see the section: *note How to use the +PKCS11 module::. + +More about how to configure the KDC, see the documentation in the +Heimdal manual to set up the KDC. + +3.4.5 XMPP/Jabber +----------------- + +The jabber server certificate should have a dNSname that is the same as +the user entered into the application, not the same as the host name of +the machine. + + hxtool issue-certificate \ + --subject="CN=xmpp1.test.h5l.se,DC=test,DC=h5l,DC=se" \ + --hostname="xmpp1.test.h5l.se" \ + --hostname="test.h5l.se" \ + ... + +The certificate may also contain a jabber identifier (JID) that, if the +receiver allows it, authorises the server or client to use that JID. + +When storing a JID inside the certificate, both for server and client, +it's stored inside a UTF8String within an otherName entity inside the +subjectAltName, using the OID id-on-xmppAddr (1.3.6.1.5.5.7.8.5). + +To read more about the requirements, see RFC3920, Extensible Messaging +and Presence Protocol (XMPP): Core. + +hxtool issue-certificate have support to add jid to the certificate +using the option `--jid'. + + hxtool issue-certificate \ + --subject="CN=Love,DC=test,DC=h5l,DC=se" \ + --jid="lha@test.h5l.se" \ + ... + + +File: hx509.info, Node: CMS signing and encryption, Next: CMS background, Prev: Application requirements, Up: Top + +4 CMS signing and encryption +**************************** + +CMS is the Cryptographic Message System that among other, is used by +S/MIME (secure email) and Kerberos PK-INIT. It's an extended version of +the RSA, Inc standard PKCS7. + + +File: hx509.info, Node: CMS background, Next: Certificate matching, Prev: CMS signing and encryption, Up: Top + +4.1 CMS background +================== + + +File: hx509.info, Node: Certificate matching, Next: Matching syntax, Prev: CMS background, Up: Top + +5 Certificate matching +********************** + +To match certificates hx509 have a special query language to match +certifictes in queries and ACLs. + + +File: hx509.info, Node: Matching syntax, Next: Software PKCS 11 module, Prev: Certificate matching, Up: Top + +5.1 Matching syntax +=================== + +This is the language definitions somewhat slopply descriped: + + + expr = TRUE, + FALSE, + ! expr, + expr AND expr, + expr OR expr, + ( expr ) + compare + + compare = + word == word, + word != word, + word IN ( word [, word ...]) + word IN %{variable.subvariable} + + word = + STRING, + %{variable} + + +File: hx509.info, Node: Software PKCS 11 module, Next: How to use the PKCS11 module, Prev: Matching syntax, Up: Top + +6 Software PKCS 11 module +************************* + +PKCS11 is a standard created by RSA, Inc to support hardware and +software encryption modules. It can be used by smartcard to expose the +crypto primitives inside without exposing the crypto keys. + +Hx509 includes a software implementation of PKCS11 that runs within the +memory space of the process and thus exposes the keys to the +application. + + +File: hx509.info, Node: How to use the PKCS11 module, Prev: Software PKCS 11 module, Up: Top + +6.1 How to use the PKCS11 module +================================ + + $ cat > ~/.soft-pkcs11.rc <RFC 3280) is to meet +@emph{the needs of deterministic, automated identification, authentication, access control, and authorization}. -hx509 can use PKCS11 tokens, PKCS12 files, PEM files, DER encoded files. + +The administrator should be aware of certain terminologies as explained by the aforementioned +RFC before attemping to put in place a PKI infrastructure. Briefly, these are: + +@itemize @bullet +@item CA +Certificate Authority +@item RA +Registration Authority, i.e., an optional system to which a CA delegates certain management functions. +@item CRL Issuer +An optional system to which a CA delegates the publication of certificate revocation lists. +@item Repository +A system or collection of distributed systems that stores certificates and CRLs +and serves as a means of distributing these certificates and CRLs to end entities +@end itemize + +hx509 (Heimdal x509 support) is a near complete X.509 stack that can +handle CMS messages (crypto system used in S/MIME and Kerberos PK-INIT) +and basic certificate processing tasks, path construction, path +validation, OCSP and CRL validation, PKCS10 message construction, CMS +Encrypted (shared secret encrypted), CMS SignedData (certificate +signed), and CMS EnvelopedData (certificate encrypted). + +hx509 can use PKCS11 tokens, PKCS12 files, PEM files, and/or DER encoded +files. @node What is X.509 ?, Setting up a CA, Introduction, Top @chapter What is X.509, PKIX, PKCS7 and CMS ? -X.509 is from the beginning created by CCITT (later ITU) for the X.500 -directory service. But today when people are talking about X.509 they -are commonly referring to IETF's PKIX Certificate and CRL Profile of the -X.509 v3 certificate standard, as specified in RFC 3280. +X.509 was created by CCITT (later ITU) for the X.500 directory +service. Today, X.509 discussions and implementations commonly reference +the IETF's PKIX Certificate and CRL Profile of the X.509 v3 certificate +standard, as specified in RFC 3280. -ITU continues to develop the X.509 standard together in a complicated -dance with IETF. +ITU continues to develop the X.509 standard together with the IETF in a +rather complicated dance. -X.509 is public key based security system that have associated data -stored within a so called certificate. From the beginning X.509 was a -strict hierarchical system with one root. This didn't not work so over -time X.509 got support for multiple policy roots, bridges, and mesh -solutions. You can even use it as a peer to peer system, but this is not -very common. +X.509 is a public key based security system that has associated data +stored within a so called certificate. Initially, X.509 was a strict +hierarchical system with one root. However, ever evolving requiments and +technology advancements saw the inclusion of multiple policy roots, +bridges and mesh solutions. + +x.509 can also be used as a peer to peer system, though often seen as a +common scenario. @section Type of certificates @@ -263,36 +275,36 @@ There are several flavors of certificate in X.509. @item Trust anchors -Trust anchors are strictly not certificate, but commonly stored in -certificate since they are easier to handle then. Trust anchor are the -keys that you trust to validate other certificate. This is done by -building a path from the certificate you wan to validate to to any of -the trust anchors you have. +Trust anchors are strictly not certificates, but commonly stored in a +certificate format as they become easier to manage. Trust anchors are +the keys that an end entity would trust to validate other certificates. +This is done by building a path from the certificate you want to +validate to to any of the trust anchors you have. @item End Entity (EE) certificates -End entity certificates is the most common type of certificate. End -entity certificates can't issue certificate them-self and is used to -authenticate and authorize user and services. +End entity certificates are the most common types of certificates. End +entity certificates cannot issue (sign) certificate themselves and are generally +used to authenticate and authorize users and services. @item Certification Authority (CA) certificates -Certificate authority are certificates that have the right to issue -other certificate, they may be End entity certificates or Certificate -Authority certificates. There is no limit to how many certificates a CA +Certificate authority certificates have the right to issue additional +certificates (be it sub-ordinate CA certificates to build an trust anchors +or end entity certificates). There is no limit to how many certificates a CA may issue, but there might other restrictions, like the maximum path depth. @item Proxy certificates -Remember that End Entity can't issue certificates by them own, it's not -really true. There there is an extension called proxy certificates, -defined in RFC3820, that allows certificates to be issued by end entity -certificates. The service that receives the proxy certificates must have -explicitly turned on support for proxy certificates, so their use is -somewhat limited. +Remember the statement "End Entity certificates cannot issue +certificates"? Well that statement is not entirely true. There is an +extension called proxy certificates defined in RFC3820, that allows +certificates to be issued by end entity certificates. The service that +receives the proxy certificates must have explicitly turned on support +for proxy certificates, so their use is somewhat limited. -Proxy certificates can be limited by policy stored in the certificate to +Proxy certificates can be limited by policies stored in the certificate to what they can be used for. This allows users to delegate the proxy certificate to services (by sending over the certificate and private key) so the service can access services on behalf of the user. @@ -302,59 +314,52 @@ large job in the middle of the night when the printer isn't used that much, so the user creates a proxy certificate with the policy that it can only be used to access files related to this print job, creates the print job description and send both the description and proxy -certificate with key over to print service. Later at night will the -print service, without the help of the user, access the files for the -the print job using the proxy certificate and print the job. Because of -the policy (limitation) in the proxy certificate, it can't be used for -any other purposes. +certificate with key over to print service. Later at night when the +print service initializes (without any user intervention), access to the files +for the print job is granted via the proxy certificate. As a result of (in-place) +policy limitations, the certificate cannot be used for any other purposes. @end itemize @section Building a path -Before validating a path the path must be constructed. Given a -certificate (EE, CA, Proxy, or any other type), the path construction -algorithm will try to find a path to one of the trust anchors. +Before validating a certificate path (or chain), the path needs to be +constructed. Given a certificate (EE, CA, Proxy, or any other type), +the path construction algorithm will try to find a path to one of the +trust anchors. -It start with looking at whom issued the certificate, by name or Key -Identifier, and tries to find that certificate while at the same time -evaluates the policy. +The process starts by looking at the issuing CA of the certificate, by +Name or Key Identifier, and tries to find that certificate while at the +same time evaluting any policies in-place. @node Setting up a CA, Creating a CA certificate, What is X.509 ?, Top @chapter Setting up a CA -Do not let this chapter scare you off, it's just to give you an idea how -to complicated setting up a CA can be. If you are just playing around, -skip all this and go to the next chapter, @pxref{Creating a CA -certificate}. +Do not let information overload scare you off! If you are simply testing +or getting started with a PKI infrastructure, skip all this and go to +the next chapter (see: @pxref{Creating a CA certificate}). Creating a CA certificate should be more the just creating a -certificate, there is the policy of the CA. If it's just you and your -friend that is playing around then it probably doesn't matter what the -policy is. But then it comes to trust in an organisation, it will -probably matter more whom your users and sysadmins will find it -acceptable to trust. +certificate, CA's should define a policy. Again, if you are simply +testing a PKI, policies do not matter so much. However, when it comes to +trust in an organisation, it will probably matter more whom your users +and sysadmins will find it acceptable to trust. -At the same time, try to keep thing simple, it's not very hard to run a -Certificate authority and the process to get new certificates should -simple. +At the same time, try to keep things simple, it's not very hard to run a +Certificate authority and the process to get new certificates should be simple. -Fill all this in later. +You may find it helpful to answer the following policy questions for +your organization at a later stage: -How do you trust your CA. - -What is the CA responsibility. - -Review of CA activity. - -How much process should it be to issue certificate. - -Who is allowed to issue certificates. - -Who is allowed to requests certificates. - -How to handle certificate revocation, issuing CRLs and maintain OCSP -services. +@itemize @bullet +@item How do you trust your CA. +@item What is the CA responsibility. +@item Review of CA activity. +@item How much process should it be to issue certificate. +@item Who is allowed to issue certificates. +@item Who is allowed to requests certificates. +@item How to handle certificate revocation, issuing CRLs and maintain OCSP services. +@end itemize @node Creating a CA certificate, Issuing certificates, Setting up a CA, Top @section Creating a CA certificate @@ -365,10 +370,10 @@ about. @subsection Lifetime CA certificate You probably want to create a CA certificate with a long lifetime, 10 -years at the shortest. This because you don't want to push out the -certificate (as a trust anchor) to all you users once again when the old -one just expired. A trust anchor can't really expire, but not all -software works that way. +years at the very minimum. This is because you don't want to push out the +certificate (as a trust anchor) to all you users again when the old +CA certificate expires. Although a trust anchor can't really expire, not all +software works in accordance with published standards. Keep in mind the security requirements might be different 10-20 years into the future. For example, SHA1 is going to be withdrawn in 2010, so @@ -377,7 +382,7 @@ algorithms, signature algorithms and key lengths. @subsection Create a CA certificate -This command below will create a CA certificate in the file ca.pem. +This command below can be used to generate a self-signed CA certificate. @example hxtool issue-certificate \ @@ -389,14 +394,14 @@ hxtool issue-certificate \ --certificate="FILE:ca.pem" @end example -@subsection Extending lifetime of a CA certificate +@subsection Extending the lifetime of a CA certificate You just realised that your CA certificate is going to expire soon and -that you need replace it with something else, the easiest way to do that -is to extend the lifetime of your CA certificate. +that you need replace it with a new CA. The easiest way to do that +is to extend the lifetime of your existing CA certificate. -The example below will extend the CA certificate 10 years into the -future. You should compare this new certificate if it contains all the +The example below will extend the CA certificate's lifetime by 10 years. +You should compare this new certificate if it contains all the special tweaks as the old certificate had. @example @@ -412,7 +417,7 @@ hxtool issue-certificate \ @subsection Subordinate CA -This example create a new subordinate certificate authority. +This example below creates a new subordinate certificate authority. @example hxtool issue-certificate \ @@ -428,17 +433,34 @@ hxtool issue-certificate \ @section Issuing certificates First you'll create a CA certificate, after that you have to deal with -your users and servers and issue certificate to them. +your users and servers and issue certificates to them. -CA can generate the key for the user. +@c I think this section needs a bit of clarity. Can I add a separate +@c section which explains CSRs as well? -Can receive PKCS10 certificate requests from the users. PKCS10 is a -request for a certificate. The user can specified what DN the user wants -and what public key. To prove the user have the key, the whole request -is signed by the private key of the user. + +@itemize @bullet + +@item Do all the work themself + +Generate the key for the user. This has the problme that the the CA +knows the private key of the user. For a paranoid user this might leave +feeling of disconfort. + +@item Have the user do part of the work + +Receive PKCS10 certificate requests fromusers. PKCS10 is a request for a +certificate. The user may specify what DN they want as well as provide +a certificate signing request (CSR). To prove the user have the key, +the whole request is signed by the private key of the user. + +@end itemize @subsection Name space management +@c The explanation given below is slightly unclear. I will re-read the +@c RFC and document accordingly + What people might want to see. Re-issue certificates just because people moved within the organization. @@ -449,22 +471,43 @@ Using Sub-component name (+ notation). @subsection Certificate Revocation, CRL and OCSP -Sonetimes people loose smartcard or computers and certificates have to -be make not valid any more, this is called revoking certificates. There -are two main protocols for doing this Certificate Revocations Lists -(CRL) and Online Certificate Status Protocol (OCSP). +Certificates that a CA issues may need to be revoked at some stage. As +an example, an employee leaves the organization and does not bother +handing in his smart card (or even if the smart card is handed back -- +the certificate on it must no longer be acceptable to services; the +employee has left). -If you know that the certificate is destroyed then there is no need to -revoke the certificate because it can not be used by someone else. +You may also want to revoke a certificate for a service which is no +longer being offered on your network. Overlooking these scenarios can +lead to security holes which will quickly become a nightmare to deal +with. + +There are two primary protocols for dealing with certificate +revokation. Namely: + +@itemize @bullet +@item Certificate Revocation List (CRL) +@item Online Certificate Status Protocol (OCSP) +@end itemize + +If however the certificate in qeustion has been destroyed, there is no +need to revoke the certificate because it can not be used by someone +else. This matter since for each certificate you add to CRL, the +download time and processing time for clients are longer. + +CRLs and OCSP responders however greatly help manage compatible services +which may authenticate and authorize users (or services) on an on-going +basis. As an example, VPN connectivity established via certificates for +connecting clients would require your VPN software to make use of a CRL +or an OCSP service to ensure revoked certificates belonging to former +clients are not allowed access to (formerly subscribed) network +services. -The main reason you as a CA administrator have to deal with CRLs however -will be that some software require there to be CRLs. Example of this is -Windows, so you have to deal with this somehow. @node Issuing CRLs, Application requirements, Issuing certificates, Top @section Issuing CRLs -Create an empty CRL with not certificates revoked. Default expiration +Create an empty CRL with no certificates revoked. Default expiration value is one year from now. @example @@ -488,7 +531,7 @@ hxtool crl-sign \ @node Application requirements, CMS signing and encryption, Issuing CRLs, Top @section Application requirements -Application have different requirements on certificates. This section +Application place different requirements on certificates. This section tries to expand what they are and how to use hxtool to generate certificates for those services. @@ -521,14 +564,14 @@ The email address format used in S/MIME certificates is defined in RFC2822, section 3.4.1 and it should be an ``addr-spec''. There are two ways to specifify email address in certificates. The old -ways is in the subject distinguished name, this should not be used. The +way is in the subject distinguished name, @emph{this should not be used}. The new way is using a Subject Alternative Name (SAN). -But even though email address is stored in certificates, they don't need -to, email reader programs are required to accept certificates that -doesn't have either of the two methods of storing email in certificates. -In that case, they try to protect the user by printing the name of the -certificate instead. +Even though the email address is stored in certificates, they don't need +to be, email reader programs are required to accept certificates that +doesn't have either of the two methods of storing email in certificates +-- in which case, the email client will try to protect the user by +printing the name of the certificate instead. S/MIME certificate can be used in another special way. They can be issued with a NULL subject distinguished name plus the email in SAN, @@ -561,26 +604,51 @@ hxtool issue-certificate \ @subsection PK-INIT -How to create a certificate for a KDC. +A PK-INIT infrastructure allows users and services to pick up kerberos +credentials (tickets) based on their certificate. This, for example, +allows users to authenticate to their desktops using smartcards while +acquiring kerberos tickets in the process. + +As an example, an office network which offers centrally controlled +desktop logins, mail, messaging (xmpp) and openafs would give users +single sign-on facilities via smartcard based logins. Once the kerberos +ticket has been acquired, all kerberized services would immediately +become accessible based on deployed security policies. + +Let's go over the process of initializing a demo PK-INIT framework: @example hxtool issue-certificate \ - --type="pkinit-kdc" \ - --pk-init-principal="krbtgt/TEST.H5L.SE@@TEST.H5L.SE" \ - --hostname kerberos.test.h5l.se \ - --hostname pal.test.h5l.se \ - ... + --type="pkinit-kdc" \ + --pk-init-principal="krbtgt/TEST.H5L.SE@@TEST.H5L.SE" \ + --hostname=kerberos.test.h5l.se \ + --ca-certificate="FILE:ca.pem,ca.key" \ + --generate-key=rsa \ + --certificate="FILE:kdc.pem" \ + --subject="cn=kdc" @end example How to create a certificate for a user. @example hxtool issue-certificate \ - --type="pkinit-client" \ - --pk-init-principal="user@@TEST.H5L.SE" \ - ... + --type="pkinit-client" \ + --pk-init-principal="user@@TEST.H5L.SE" \ + --ca-certificate="FILE:ca.pem,ca.key" \ + --generate-key=rsa \ + --subject="cn=Test User" \ + --certificate="FILE:user.pem" @end example +The --type field can be specified multiple times. The same certificate +can hence house extensions for both pkinit-client as well as S/MIME. + +To use the PKCS11 module, please see the section: +@pxref{How to use the PKCS11 module}. + +More about how to configure the KDC, see the documentation in the +Heimdal manual to set up the KDC. + @subsection XMPP/Jabber The jabber server certificate should have a dNSname that is the same as @@ -623,10 +691,66 @@ CMS is the Cryptographic Message System that among other, is used by S/MIME (secure email) and Kerberos PK-INIT. It's an extended version of the RSA, Inc standard PKCS7. -@node CMS background, , CMS signing and encryption, Top +@node CMS background, Certificate matching, CMS signing and encryption, Top @section CMS background +@node Certificate matching, Matching syntax, CMS background, Top +@chapter Certificate matching + +To match certificates hx509 have a special query language to match +certifictes in queries and ACLs. + +@node Matching syntax, Software PKCS 11 module, Certificate matching, Top +@section Matching syntax + +This is the language definitions somewhat slopply descriped: + +@example + +expr = TRUE, + FALSE, + ! expr, + expr AND expr, + expr OR expr, + ( expr ) + compare + +compare = + word == word, + word != word, + word IN ( word [, word ...]) + word IN %@{variable.subvariable@} + +word = + STRING, + %@{variable@} + +@end example + +@node Software PKCS 11 module, How to use the PKCS11 module, Matching syntax, Top +@chapter Software PKCS 11 module + +PKCS11 is a standard created by RSA, Inc to support hardware and +software encryption modules. It can be used by smartcard to expose the +crypto primitives inside without exposing the crypto keys. + +Hx509 includes a software implementation of PKCS11 that runs within the +memory space of the process and thus exposes the keys to the +application. + +@node How to use the PKCS11 module, , Software PKCS 11 module, Top +@section How to use the PKCS11 module + +@example +$ cat > ~/.soft-pkcs11.rc < - -int -main(int argc, char **argv) -@{ - krb5_context context; - - if (krb5_context(&context)) - errx (1, "krb5_context"); -@end example - -Now the client wants to connect to the host at the other end. The -preferred way of doing this is using @manpage{getaddrinfo,3} (for -operating system that have this function implemented), since getaddrinfo -is neutral to the address type and can use any protocol that is available. - -@example - struct addrinfo *ai, *a; - struct addrinfo hints; - int error; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - error = getaddrinfo (hostname, "pop3", &hints, &ai); - if (error) - errx (1, "%s: %s", hostname, gai_strerror(error)); - - for (a = ai; a != NULL; a = a->ai_next) @{ - int s; - - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) @{ - warn ("connect(%s)", hostname); - close (s); - continue; - @} - freeaddrinfo (ai); - ai = NULL; - @} - if (ai) @{ - freeaddrinfo (ai); - errx ("failed to contact %s", hostname); - @} -@end example - -Before authenticating, an authentication context needs to be -created. This context keeps all information for one (to be) authenticated -connection (see @manpage{krb5_auth_context,3}). - -@example - status = krb5_auth_con_init (context, &auth_context); - if (status) - krb5_err (context, 1, status, "krb5_auth_con_init"); -@end example - -For setting the address in the authentication there is a help function -@code{krb5_auth_con_setaddrs_from_fd} that does everything that is needed -when given a connected file descriptor to the socket. - -@example - status = krb5_auth_con_setaddrs_from_fd (context, - auth_context, - &sock); - if (status) - krb5_err (context, 1, status, - "krb5_auth_con_setaddrs_from_fd"); -@end example - -The next step is to build a server principal for the service we want -to connect to. (See also @manpage{krb5_sname_to_principal,3}.) - -@example - status = krb5_sname_to_principal (context, - hostname, - service, - KRB5_NT_SRV_HST, - &server); - if (status) - krb5_err (context, 1, status, "krb5_sname_to_principal"); -@end example - -The client principal is not passed to @manpage{krb5_sendauth,3} -function, this causes the @code{krb5_sendauth} function to try to figure it -out itself. - -The server program is using the function @manpage{krb5_recvauth,3} to -receive the Kerberos 5 authenticator. - -In this case, mutual authentication will be tried. That means that the server -will authenticate to the client. Using mutual authentication -is good since it enables the user to verify that they are talking to the -right server (a server that knows the key). - -If you are using a non-blocking socket you will need to do all work of -@code{krb5_sendauth} yourself. Basically you need to send over the -authenticator from @manpage{krb5_mk_req,3} and, in case of mutual -authentication, verifying the result from the server with -@manpage{krb5_rd_rep,3}. - -@example - status = krb5_sendauth (context, - &auth_context, - &sock, - VERSION, - NULL, - server, - AP_OPTS_MUTUAL_REQUIRED, - NULL, - NULL, - NULL, - NULL, - NULL, - NULL); - if (status) - krb5_err (context, 1, status, "krb5_sendauth"); -@end example - -Once authentication has been performed, it is time to send some -data. First we create a krb5_data structure, then we sign it with -@manpage{krb5_mk_safe,3} using the @code{auth_context} that contains the -session-key that was exchanged in the -@manpage{krb5_sendauth,3}/@manpage{krb5_recvauth,3} authentication -sequence. - -@example - data.data = "hej"; - data.length = 3; - - krb5_data_zero (&packet); - - status = krb5_mk_safe (context, - auth_context, - &data, - &packet, - NULL); - if (status) - krb5_err (context, 1, status, "krb5_mk_safe"); -@end example - -And send it over the network. - -@example - len = packet.length; - net_len = htonl(len); - - if (krb5_net_write (context, &sock, &net_len, 4) != 4) - err (1, "krb5_net_write"); - if (krb5_net_write (context, &sock, packet.data, len) != len) - err (1, "krb5_net_write"); -@end example - -To send encrypted (and signed) data @manpage{krb5_mk_priv,3} should be -used instead. @manpage{krb5_mk_priv,3} works the same way as -@manpage{krb5_mk_safe,3}, with the exception that it encrypts the data -in addition to signing it. - -@example - data.data = "hemligt"; - data.length = 7; - - krb5_data_free (&packet); - - status = krb5_mk_priv (context, - auth_context, - &data, - &packet, - NULL); - if (status) - krb5_err (context, 1, status, "krb5_mk_priv"); -@end example - -And send it over the network. - -@example - len = packet.length; - net_len = htonl(len); - - if (krb5_net_write (context, &sock, &net_len, 4) != 4) - err (1, "krb5_net_write"); - if (krb5_net_write (context, &sock, packet.data, len) != len) - err (1, "krb5_net_write"); - -@end example - -The server is using @manpage{krb5_rd_safe,3} and -@manpage{krb5_rd_priv,3} to verify the signature and decrypt the packet. - -@node Validating a password in a server application, API differences to MIT Kerberos, Walkthrough of a sample Kerberos 5 client, Programming with Kerberos -@section Validating a password in an application - -See the manual page for @manpage{krb5_verify_user,3}. - -@node API differences to MIT Kerberos, File formats, Validating a password in a server application, Programming with Kerberos -@section API differences to MIT Kerberos - -This section is somewhat disorganised, but so far there is no overall -structure to the differences, though some of the have their root in -that Heimdal uses an ASN.1 compiler and MIT doesn't. - -@subsection Principal and realms - -Heimdal stores the realm as a @code{krb5_realm}, that is a @code{char *}. -MIT Kerberos uses a @code{krb5_data} to store a realm. - -In Heimdal @code{krb5_principal} doesn't contain the component -@code{name_type}; it's instead stored in component -@code{name.name_type}. To get and set the nametype in Heimdal, use -@manpage{krb5_principal_get_type,3} and -@manpage{krb5_principal_set_type,3}. - -For more information about principal and realms, see -@manpage{krb5_principal,3}. - -@subsection Error messages - -To get the error string, Heimdal uses -@manpage{krb5_get_error_string,3} or, if @code{NULL} is returned, -@manpage{krb5_get_err_text,3}. This is to return custom error messages -(like ``Can't find host/datan.example.com@@EXAMPLE.COM in -/etc/krb5.conf.'' instead of a ``Key table entry not found'' that -@manpage{error_message,3} returns. - -Heimdal uses a threadsafe(r) version of the com_err interface; the -global @code{com_err} table isn't initialised. Then -@manpage{error_message,3} returns quite a boring error string (just -the error code itself). - - -@c @node Why you should use GSS-API for new applications, Walkthrough of a sample GSS-API client, Validating a password in a server application, Programming with Kerberos -@c @section Why you should use GSS-API for new applications -@c -@c SSPI, bah, bah, microsoft, bah, bah, almost GSS-API. -@c -@c It would also be possible for other mechanisms then Kerberos, but that -@c doesn't exist any other GSS-API implementations today. -@c -@c @node Walkthrough of a sample GSS-API client, , Why you should use GSS-API for new applications, Programming with Kerberos -@c @section Walkthrough of a sample GSS-API client -@c -@c Write about how gssapi_clent.c works. - -@node File formats, , API differences to MIT Kerberos, Programming with Kerberos -@section File formats - -This section documents the diffrent file formats that are used in -Heimdal and other Kerberos implementations. - -@subsection keytab - -The keytab binary format is not a standard format. The format has -evolved and may continue to. It is however understood by several -Kerberos implementations including Heimdal, MIT, Sun's Java ktab and -are created by the ktpass.exe utility from Windows. So it has -established itself as the defacto format for storing Kerberos keys. - -The following C-like structure definitions illustrate the MIT keytab -file format. All values are in network byte order. All text is ASCII. - -@example - keytab @{ - uint16_t file_format_version; /* 0x502 */ - keytab_entry entries[*]; - @}; - - keytab_entry @{ - int32_t size; - uint16_t num_components; /* subtract 1 if version 0x501 */ - counted_octet_string realm; - counted_octet_string components[num_components]; - uint32_t name_type; /* not present if version 0x501 */ - uint32_t timestamp; - uint8_t vno8; - keyblock key; - uint32_t vno; /* only present if >= 4 bytes left in entry */ - @}; - - counted_octet_string @{ - uint16_t length; - uint8_t data[length]; - @}; - - keyblock @{ - uint16_t type; - counted_octet_string; - @}; -@end example - -All numbers are stored in network byteorder (big endian) format. - -The keytab file format begins with the 16 bit file_format_version which -at the time this document was authored is 0x502. The format of older -keytabs is described at the end of this document. - -The file_format_version is immediately followed by an array of -keytab_entry structures which are prefixed with a 32 bit size indicating -the number of bytes that follow in the entry. Note that the size should be -evaluated as signed. This is because a negative value indicates that the -entry is in fact empty (e.g. it has been deleted) and that the negative -value of that negative value (which is of course a positive value) is -the offset to the next keytab_entry. Based on these size values alone -the entire keytab file can be traversed. - -The size is followed by a 16 bit num_components field indicating the -number of counted_octet_string components in the components array. - -The num_components field is followed by a counted_octet_string -representing the realm of the principal. - -A counted_octet_string is simply an array of bytes prefixed with a 16 -bit length. For the realm and name components, the counted_octet_string -bytes are ASCII encoded text with no zero terminator. - -Following the realm is the components array that represents the name of -the principal. The text of these components may be joined with slashs -to construct the typical SPN representation. For example, the service -principal HTTP/www.foo.net@@FOO.NET would consist of name components -"HTTP" followed by "www.foo.net". - -Following the components array is the 32 bit name_type (e.g. 1 is -KRB5_NT_PRINCIPAL, 2 is KRB5_NT_SRV_INST, 5 is KRB5_NT_UID, etc). In -practice the name_type is almost certainly 1 meaning KRB5_NT_PRINCIPAL. - -The 32 bit timestamp indicates the time the key was established for that -principal. The value represents the number of seconds since Jan 1, 1970. - -The 8 bit vno8 field is the version number of the key. This value is -overridden by the 32 bit vno field if it is present. The vno8 field is -filled with the lower 8 bits of the 32 bit protocol kvno field. - -The keyblock structure consists of a 16 bit value indicating the -encryption type and is a counted_octet_string containing the key. The -encryption type is the same as the Kerberos standard (e.g. 3 is -des-cbc-md5, 23 is arcfour-hmac-md5, etc). - -The last field of the keytab_entry structure is optional. If the size of -the keytab_entry indicates that there are at least 4 bytes remaining, -a 32 bit value representing the key version number is present. This -value supersedes the 8 bit vno8 value preceeding the keyblock. - -Older keytabs with a file_format_version of 0x501 are different in -three ways: - -@table @asis -@item All integers are in host byte order [1]. -@item The num_components field is 1 too large (i.e. after decoding, decrement by 1). -@item The 32 bit name_type field is not present. -@end table - -[1] The file_format_version field should really be treated as two -separate 8 bit quantities representing the major and minor version -number respectively. - -@subsection Heimdal database dump file - -Format of the Heimdal text dump file as of Heimdal 0.6.3: - -Each line in the dump file is one entry in the database. - -Each field of a line is separated by one or more spaces, with the -exception of fields consisting of principals containing spaces, where -space can be quoted with \ and \ is quoted by \. - -Fields and their types are: - -@example - Quoted princial (quote character is \) [string] - Keys [keys] - Created by [event] - Modified by [event optional] - Valid start time [time optional] - Valid end time [time optional] - Password end valid time [time optional] - Max lifetime of ticket [time optional] - Max renew time of ticket [integer optional] - Flags [hdb flags] - Generation number [generation optional] - Extensions [extentions optional] -@end example - -Fields following these silently are ignored. - -All optional fields will be skipped if they fail to parse (or comprise -the optional field marker of "-", w/o quotes). - -Example: - -@example -fred@@EXAMPLE.COM 27:1:16:e8b4c8fc7e60b9e641dcf4cff3f08a701d982a2f89ba373733d26ca59ba6c789666f6b8bfcf169412bb1e5dceb9b33cda29f3412:-:1:3:4498a933881178c744f4232172dcd774c64e81fa6d05ecdf643a7e390624a0ebf3c7407a:-:1:2:b01934b13eb795d76f3a80717d469639b4da0cfb644161340ef44fdeb375e54d684dbb85:-:1:1:ea8e16d8078bf60c781da90f508d4deccba70595258b9d31888d33987cd31af0c9cced2e:- 20020415130120:admin@@EXAMPLE.COM 20041221112428:fred@@EXAMPLE.COM - - - 86400 604800 126 20020415130120:793707:28 - -@end example - -Encoding of types are as follows: - -@table @asis -@item keys - -@example -kvno:[masterkvno:keytype:keydata:salt]@{zero or more separated by :@} -@end example - -kvno is the key version number. - -keydata is hex-encoded - -masterkvno is the kvno of the database master key. If this field is -empty, the kadmin load and merge operations will encrypt the key data -with the master key if there is one. Otherwise the key data will be -imported asis. - -salt is encoded as "-" (no/default salt) or - -@example -salt-type / -salt-type / "string" -salt-type / hex-encoded-data -@end example - -keytype is the protocol enctype number; see enum ENCTYPE in -include/krb5_asn1.h for values. - -Example: -@example -27:1:16:e8b4c8fc7e60b9e641dcf4cff3f08a701d982a2f89ba373733d26ca59ba6c789666f6b8bfcf169412bb1e5dceb9b33cda29f3412:-:1:3:4498a933881178c744f4232172dcd774c64e81fa6d05ecdf643a7e390624a0ebf3c7407a:-:1:2:b01934b13eb795d76f3a80717d469639b4da0cfb644161340ef44fdeb375e54d684dbb85:-:1:1:ea8e16d8078bf60c781da90f508d4deccba70595258b9d31888d33987cd31af0c9cced2e:- -@end example - - -@example -kvno=27,@{key: masterkvno=1,keytype=des3-cbc-sha1,keydata=..., default salt@}... -@end example - -@item time - -Format of the time is: YYYYmmddHHMMSS, corresponding to strftime -format "%Y%m%d%k%M%S". - -Time is expressed in UTC. - -Time can be optional (using -), when the time 0 is used. - -Example: - -@example -20041221112428 -@end example - -@item event - -@example - time:principal -@end example - -time is as given in format time - -principal is a string. Not quoting it may not work in earlier -versions of Heimdal. - -Example: -@example -20041221112428:bloggs@@EXAMPLE.COM -@end example - -@item hdb flags - -Integer encoding of HDB flags, see HDBFlags in lib/hdb/hdb.asn1. Each -bit in the integer is the same as the bit in the specification. - -@item generation: - -@example -time:usec:gen -@end example - - -usec is a the microsecond, integer. -gen is generation number, integer. - -The generation can be defaulted (using '-') or the empty string - -@item extensions: - -@example -first-hex-encoded-HDB-Extension[:second-...] -@end example - -HDB-extension is encoded the DER encoded HDB-Extension from -lib/hdb/hdb.asn1. Consumers HDB extensions should be aware that -unknown entires needs to be preserved even thought the ASN.1 data -content might be unknown. There is a critical flag in the data to show -to the KDC that the entry MUST be understod if the entry is to be -used. - -@end table +See the Kerberos 5 API introduction and documentation on the Heimdal +webpage. diff --git a/doc/setup.texi b/doc/setup.texi index 02e7972c1dfe..48ff5e6dc6a7 100644 --- a/doc/setup.texi +++ b/doc/setup.texi @@ -1,4 +1,4 @@ -@c $Id: setup.texi 22191 2007-12-06 17:26:30Z lha $ +@c $Id$ @node Setting up a realm, Applications, Building and Installing, Top @@ -24,12 +24,14 @@ doing so. It will make life easier for you and everyone else. * Slave Servers:: * Incremental propagation:: * Encryption types and salting:: +* Credential cache server - KCM:: * Cross realm:: * Transit policy:: * Setting up DNS:: * Using LDAP to store the database:: * Providing Kerberos credentials to servers and programs:: * Setting up PK-INIT:: +* Debugging Kerberos problems:: @end menu @node Configuration file, Creating the database, Setting up a realm, Setting up a realm @@ -92,6 +94,8 @@ with contents similar to the following. MY.REALM = @{ kdc = my.kdc my.slave.kdc kdc = my.third.kdc + kdc = 130.237.237.17 + kdc = [2001:6b0:1:ea::100]:88 @} [domain_realm] .my.domain = MY.REALM @@ -267,14 +271,14 @@ check are for existence and flags on important principals. The database check by run by the following command : @example -kadmin check REALM.EXAMPLE.ORG +kadmin -l check REALM.EXAMPLE.ORG @end example @node keytabs, Serving Kerberos 4/524/kaserver, Checking the setup, Setting up a realm @section keytabs To extract a service ticket from the database and put it in a keytab, you -need to first create the principal in the database with @samp{ank} +need to first create the principal in the database with @samp{add} (using the @kbd{--random-key} flag to get a random key) and then extract it with @samp{ext_keytab}. @@ -306,7 +310,7 @@ on Kerberos 4 support having been included at compile-time, using 524 is a service that allows the KDC to convert Kerberos 5 tickets to Kerberos 4 tickets for backward compatibility. See also Using 2b -tokens with AFS in @xref{Things in search for a better place}. +tokens with AFS in @xref{AFS}. 524 can be turned on by adding this to the configuration file @@ -403,7 +407,17 @@ To allow users to change their passwords, you should run @command{kpasswdd}. It is not run from @command{inetd}. You might need to add @samp{kpasswd} to your @file{/etc/services} as -@samp{464/udp}. +@samp{464/udp}. If your realm is not setup to use DNS, you might also +need to add a @samp{kpasswd_server} entry to the realm configuration +in @file{/etc/krb5.conf} on client machines: + +@example +[realms] + MY.REALM = @{ + kdc = my.kdc my.slave.kdc + kpasswd_server = my.kdc + @} +@end example @subsection Password quality assurance @@ -419,16 +433,18 @@ controls, add lines similar to the following to your @example [password_quality] - policies = external-check builtin:minimum-length module:policyname + policies = external-check builtin:minimum-length modulename:policyname external_program = /bin/false policy_libraries = @var{library1.so} @var{library2.so} @end example In @samp{[password_quality]policies} the module name is optional if the policy name is unique in all modules (members of -@samp{policy_libraries}). +@samp{policy_libraries}). All built-in policies can be qualified with +a module name of @samp{builtin} to unambiguously specify the built-in +policy and not a policy by the same name from a loaded module. -The built-in polices are +The built-in policies are @itemize @bullet @@ -488,7 +504,7 @@ If no password quality checking function is configured, the only check performed is that the password is at least six characters long. To check the password policy settings, use the command -@command{password-quality} in @command{kadmin} program. The password +@command{verify-password-quality} in @command{kadmin} program. The password verification is only performed locally, on the client. It may be convenient to set the environment variable @samp{KRB5_CONFIG} to point to a test version of @file{krb5.conf} while you're testing the @@ -555,7 +571,7 @@ good idea. @node Incremental propagation, Encryption types and salting, Slave Servers, Setting up a realm @section Incremental propagation -There is also a newer, and still somewhat experimental, mechanism for +There is also a newer mechanism for doing incremental propagation in Heimdal. Instead of sending the whole database regularly, it sends the changes as they happen on the master to the slaves. The master keeps track of all the changes by assigning a @@ -572,6 +588,14 @@ the current version at the master (a series of @samp{FORYOU} messages) or the whole database in a @samp{TELLYOUEVERYTHING} message. There is also a keep-alive protocol that makes sure all slaves are up and running. +In addition on listening on the network to get connection from new +slaves, the ipropd-master also listens on a status unix +socket. kadmind and kpasswdd both open that socket when a transation +is done and written a notification to the socket. That cause +ipropd-master to check for new version in the log file. As a fallback in +case a notification is lost by the unix socket, the log file is +checked after 30 seconds of no event. + @subsection Configuring incremental propagation The program that runs on the master is @command{ipropd-master} and all @@ -596,6 +620,11 @@ for every slave. master# /usr/heimdal/sbin/ktutil get iprop/`hostname` @end example +@example +slave# /usr/heimdal/sbin/ktutil get iprop/`hostname` +@end example + + The next step is to start the @command{ipropd-master} process on the master server. The @command{ipropd-master} listens on the UNIX domain socket @file{/var/heimdal/signal} to know when changes have been made to the @@ -612,7 +641,7 @@ slave# /usr/heimdal/libexec/ipropd-slave master & To manage the iprop log file you should use the @command{iprop-log} command. With it you can dump, truncate and replay the logfile. -@node Encryption types and salting, Cross realm, Incremental propagation, Setting up a realm +@node Encryption types and salting, Credential cache server - KCM, Incremental propagation, Setting up a realm @section Encryption types and salting @cindex Salting @cindex Encryption types @@ -673,7 +702,76 @@ the cell name appended to the password. @end itemize -@node Cross realm, Transit policy, Encryption types and salting, Setting up a realm +@node Credential cache server - KCM, Cross realm, Encryption types and salting, Setting up a realm +@section Credential cache server - KCM +@cindex KCM +@cindex Credential cache server + +When KCM running is easy for users to switch between different +kerberos principals using @file{kswitch} or built in support in +application, like OpenSSH's GSSAPIClientIdentity. + +Other advantages are that there is the long term credentials are not +written to disk and on reboot the credential is removed when kcm +process stopps running. + +Configure the system startup script to start the kcm process, +@file{/usr/heimdal/libexec/kcm} and then configure the system to use kcm in @file{krb5.conf}. + +@example +[libdefaults] + default_cc_type = KCM +@end example + +Now when you run @command{kinit} it doesn't overwrite your existing +credentials but rather just add them to the set of +credentials. @command{klist -l} lists the credentials and the star +marks the default credential. + +@example +$ kinit lha@@KTH.SE +lha@@KTH.SE's Password: +$ klist -l + Name Cache name Expires +lha@@KTH.SE 0 Nov 22 23:09:40 * +lha@@SU.SE Initial default ccache Nov 22 14:14:24 +@end example + +When switching between credentials you can use @command{kswitch}. + +@example +$ kswitch -i + Principal +1 lha@@KTH.SE +2 lha@@SU.SE +Select number: 2 +@end example + +After switching, a new set of credentials are used as default. + +@example +$ klist -l + Name Cache name Expires +lha@@SU.SE Initial default ccache Nov 22 14:14:24 * +lha@@KTH.SE 0 Nov 22 23:09:40 +@end example + +Som applications, like openssh with Simon Wilkinsons patch applied, +support specifiying that credential to use. The example below will +login to the host computer.kth.se using lha@@KTH.SE (not the current +default credential). + +@example +$ ssh \ + -o GSSAPIAuthentication=yes \ + -o GSSAPIKeyExchange=yes \ + -o GSSAPIClientIdentity=lha@@KTH.SE \ + computer.kth.se +@end example + + + +@node Cross realm, Transit policy, Credential cache server - KCM, Setting up a realm @section Cross realm @cindex Cross realm @@ -740,17 +838,36 @@ May 3 14:10:54 May 3 23:55:54 host/hummel.it.su.se@@SU.SE @section Transit policy @cindex Transit policy -If you want to use cross realm authentication through an intermediate -realm, it must be explicitly allowed by either the KDCs or the server -receiving the request. This is done in @file{krb5.conf} in the +Under some circumstances, you may not wish to set up direct +cross-realm trust with every realm to which you wish to authenticate +or from which you wish to accept authentications. Kerberos supports +multi-hop cross-realm trust where a client principal in realm A +authenticates to a service in realm C through a realm B with which +both A and C have cross-realm trust relationships. In this situation, +A and C need not set up cross-realm principals between each other. + +If you want to use cross-realm authentication through an intermediate +realm, it must be explicitly allowed by either the KDCs for the realm +to which the client is authenticating (in this case, realm C), or the +server receiving the request. This is done in @file{krb5.conf} in the @code{[capaths]} section. +In addition, the client in realm A need to be configured to know how +to reach realm C via realm B. This can be done either on the client or +via KDC configuration in the KDC for realm A. + +@subsection Allowing cross-realm transits + When the ticket transits through a realm to another realm, the destination realm adds its peer to the "transited-realms" field in the -ticket. The field is unordered, since there is no way to know if -know if one of the transited-realms changed the order of the list. +ticket. The field is unordered, since there is no way to know if know +if one of the transited-realms changed the order of the list. For the +authentication to be accepted by the final destination realm, all of +the transited realms must be listed as trusted in the @code{[capaths]} +configuration, either in the KDC for the destination realm or on the +server receiving the authentication. -The syntax for @code{[capaths]} section: +The syntax for @code{[capaths]} section is: @example [capaths] @@ -759,11 +876,15 @@ The syntax for @code{[capaths]} section: @} @end example -The realm @code{STACKEN.KTH.SE} allows clients from @code{SU.SE} and -@code{DSV.SU.SE} to cross it. Since @code{STACKEN.KTH.SE} only has -direct cross realm setup with @code{KTH.SE}, and @code{DSV.SU.SE} only -has direct cross realm setup with @code{SU.SE} they need to use both -@code{SU.SE} and @code{KTH.SE} as transit realms. +In the following example, the realm @code{STACKEN.KTH.SE} only has +direct cross-realm set up with @code{KTH.SE}. @code{KTH.SE} has +direct cross-realm set up with @code{STACKEN.KTH.SE} and @code{SU.SE}. +@code{DSV.SU.SE} only has direct cross-realm set up with @code{SU.SE}. +The goal is to allow principals in the @code{DSV.SU.SE} or +@code{SU.SE} realms to authenticate to services in +@code{STACKEN.KTH.SE}. This is done with the following +@code{[capaths]} entry on either the server accepting authentication +or on the KDC for @code{STACKEN.KTH.SE}. @example [capaths] @@ -773,17 +894,100 @@ has direct cross realm setup with @code{SU.SE} they need to use both DSV.SU.SE = @{ STACKEN.KTH.SE = SU.SE KTH.SE @} - @end example +The first entry allows cross-realm authentication from clients in +@code{SU.SE} transiting through @code{KTH.SE} to +@code{STACKEN.KTH.SE}. The second entry allows cross-realm +authentication from clients in @code{DSV.SU.SE} transiting through +both @code{SU.SE} and @code{KTH.SE} to @code{STACKEN.KTH.SE}. + +Be careful of which realm goes where; it's easy to put realms in the +wrong place. The block is tagged with the client realm (the realm of +the principal authenticating), and the realm before the equal sign is +the final destination realm: the realm to which the client is +authenticating. After the equal sign go all the realms that the +client transits through. + The order of the @code{PERMITTED-CROSS-REALMS} is not important when doing transit cross realm verification. -However, the order is important when the @code{[capaths]} section is used -to figure out the intermediate realm to go to when doing multi-realm -transit. When figuring out the next realm, the first realm of the list -of @code{PERMITTED-CROSS-REALMS} is chosen. This is done in both the -client kerberos library and the KDC. +@subsection Configuring client cross-realm transits + +The @code{[capaths]} section is also used for another purpose: to tell +clients which realm to transit through to reach a realm with which +their local realm does not have cross-realm trust. This can be done +by either putting a @code{[capaths]} entry in the configuration of the +client or by putting the entry in the configuration of the KDC for the +client's local realm. In the latter case, the KDC will then hand back +a referral to the client when the client requests a cross-realm ticket +to the destination realm, telling the client to try to go through an +intermediate realm. + +For client configuration, the order of @code{PERMITTED-CROSS-REALMS} +is significant, since only the first realm in this section (after the +equal sign) is used by the client. + +For example, again consider the @code{[capaths]} entry above for the +case of a client in the @code{SU.SE} realm, and assume that the client +or the @code{SU.SE} KDC has that @code{[capaths]} entry. If the +client attempts to authenticate to a service in the +@code{STACKEN.KTH.SE} realm, that entry says to first authenticate +cross-realm to the @code{KTH.SE} realm (the first realm listed in the +@code{PERMITTED-CROSS-REALMS} section), and then from there to +@code{STACKEN.KTH.SE}. + +Each entry in @code{[capaths]} can only give the next hop, since only +the first realm in @code{PERMITTED-CROSS-REALMS} is used. If, for +instance, a client in @code{DSV.SU.SE} had a @code{[capaths]} +configuration as above but without the first block for @code{SU.SE}, +they would not be able to reach @code{STACKEN.KTH.SE}. They would get +as far as @code{SU.SE} based on the @code{DSV.SU.SE} entry in +@code{[capaths]} and then attempt to go directly from there to +@code{STACKEN.KTH.SE} and get stuck (unless, of course, the +@code{SU.SE} KDC had the additional entry required to tell the client +to go through @code{KTH.SE}). + +@subsection Active Directory forest example + +One common place where a @code{[capaths]} configuration is desirable +is with Windows Active Directory forests. One common Active Directory +configuration is to have one top-level Active Directory realm but then +divide systems, services, and users into child realms (perhaps based +on organizational unit). One generally establishes cross-realm trust +only with the top-level realm, and then uses transit policy to permit +authentications to and from the child realms. + +For example, suppose an organization has a Heimdal realm +@code{EXAMPLE.COM}, a Windows Active Directory realm +@code{WIN.EXAMPLE.COM}, and then child Active Directory realms +@code{ENGR.WIN.EXAMPLE.COM} and @code{SALES.WIN.EXAMPLE.COM}. The +goal is to allow users in any of these realms to authenticate to +services in any of these realms. The @code{EXAMPLE.COM} KDC (and +possibly client) configuration should therefore contain a +@code{[capaths]} section as follows: + +@example +[capaths] + ENGR.WIN.EXAMPLE.COM = @{ + EXAMPLE.COM = WIN.EXAMPLE.COM + @} + SALES.WIN.EXAMPLE.COM = @{ + EXAMPLE.COM = WIN.EXAMPLE.COM + @} + EXAMPLE.COM = @{ + ENGR.WIN.EXAMPLE.COM = WIN.EXAMPLE.COM + SALES.WIN.EXAMPLE.COM = WIN.EXAMPLE.COM + @} +@end example + +The first two blocks allow clients in the @code{ENGR.WIN.EXAMPLE.COM} +and @code{SALES.WIN.EXAMPLE.COM} realms to authenticate to services in +the @code{EXAMPLE.COM} realm. The third block tells the client (or +tells the KDC to tell the client via referrals) to transit through +@code{WIN.EXAMPLE.COM} to reach these realms. Both sides of the +configuration are needed for bi-directional transited cross-realm +authentication. @c To test the cross realm configuration, use: @c kmumble transit-check client server transit-realms ... @@ -863,6 +1067,8 @@ suitable authorisation policy, it is possible to set this up in a secure fashion. A knowledge of LDAP, Kerberos, and C is necessary to install this backend. The HDB schema was devised by Leif Johansson. +This assumes, OpenLDAP 2.3 or later. + Requirements: @itemize @bullet @@ -880,9 +1086,7 @@ Its also possible to configure the ldap backend as a shared module, see option --hdb-openldap-module to configure. @item -OpenLDAP 2.0.x. Configure OpenLDAP with @kbd{--enable-local} to enable the -local transport. (A patch to support SASL EXTERNAL authentication is -necessary in order to use OpenLDAP 2.1.x.) +Configure OpenLDAP with @kbd{--enable-local} to enable the local transport. @item Add the hdb schema to the LDAP server, it's included in the source-tree @@ -901,7 +1105,7 @@ access to * by dn.exact="uid=heimdal,dc=services,dc=example,dc=com" write ... -sasl-regexp "uidNumber=0\\\+gidNumber=.*,cn=peercred,cn=external,cn=auth" +authz-regexp "gidNumber=.*\\\+uidNumber=0,cn=peercred,cn=external,cn=auth'' "uid=heimdal,dc=services,dc=example,dc=com" @end example @@ -970,7 +1174,7 @@ kdc# kadmin -l kadmin> init EXAMPLE.COM Realm max ticket life [unlimited]: Realm max renewable ticket life [unlimited]: -kadmin> ank lukeh +kadmin> add lukeh Max ticket life [1 day]: Max renewable life [1 week]: Principal expiration time [never]: @@ -1004,6 +1208,14 @@ index krb5PrincipalName eq @end itemize +@subsection smbk5pwd overlay + +The smbk5pwd overlay, updates the krb5Key and krb5KeyVersionNumber +appropriately when it receives an LDAP Password change Extended +Operation: + +@url{http://www.openldap.org/devel/cvsweb.cgi/contrib/slapd-modules/smbk5pwd/README?hideattic=1&sortbydate=0} + @subsection Troubleshooting guide @url{https://sec.miljovern.no/bin/view/Info/TroubleshootingGuide} @@ -1073,21 +1285,22 @@ service@@host$ kinit --cache=/var/run/service_krb5_cache \ @end example -@node Setting up PK-INIT, , Providing Kerberos credentials to servers and programs, Setting up a realm +@node Setting up PK-INIT, Debugging Kerberos problems, Providing Kerberos credentials to servers and programs, Setting up a realm @section Setting up PK-INIT -PK-INIT is levering the existing PKI infrastructure to use -certificates to get the initial ticket, that is usually the krbtgt. +PK-INIT leverages an existing PKI (public key infrastructure), using +certificates to get the initial ticket (usually the krbtgt +ticket-granting ticket). -To use PK-INIT you must first have a PKI, so if you don't have one, -it is time to create it. Note that you should read the whole chapter -of the document to see the requirements on the CA software. +To use PK-INIT you must first have a PKI. If you don't have one, it is +time to create it. You should first read the whole chapter of the +document to see the requirements imposed on the CA software. -There needs to exist a mapping between the certificate and what -principals that certificate is allowed to use. There are several ways -to do this. The administrator can use a configuration file, storing -the principal in the SubjectAltName extension of the certificate, or store the -mapping in the principals entry in the kerberos database. +A mapping between the PKI certificate and what principals that +certificate is allowed to use must exist. There are several ways to do +this. The administrator can use a configuration file, store the +principal in the SubjectAltName extension of the certificate, or store +the mapping in the principals entry in the kerberos database. @section Certificates @@ -1097,27 +1310,28 @@ extention. @subsection KDC certificate -The certificate for the KDC have serveral requirements. +The certificate for the KDC has serveral requirements. -First the certificate should have an Extended Key Usage (EKU) -id-pkkdcekuoid (1.3.6.1.5.2.3.5) set. Second there must be a -subjectAltName otherName using oid id-pkinit-san (1.3.6.1.5.2.2) in +First, the certificate should have an Extended Key Usage (EKU) +id-pkkdcekuoid (1.3.6.1.5.2.3.5) set. Second, there must be a +subjectAltName otherName using OID id-pkinit-san (1.3.6.1.5.2.2) in the type field and a DER encoded KRB5PrincipalName that matches the -name of the TGS of the target realm. +name of the TGS of the target realm. Also, if the certificate has a +nameConstraints extention with a Generalname with dNSName or iPAdress, +it must match the hostname or adress of the KDC. -Both of these two requirements are not required by the standard to be -checked by the client if it have external information what the -certificate the KDC is supposed to be used. So it's in the interest of -minimum amount of configuration on the clients they should be included. +The client is not required by the standard to check the server +certificate for this information if the client has external +information confirming which certificate the KDC is supposed to be +using. However, adding this information to the KDC certificate removes +the need to specially configure the client to recognize the KDC +certificate. Remember that if the client would accept any certificate as the KDC's certificate, the client could be fooled into trusting something that isn't a KDC and thus expose the user to giving away information (like -password or other private information) that it is supposed to secret. - -Also, if the certificate has a nameConstraints extention with a -Generalname with dNSName or iPAdress it must match the hostname or -adress of the KDC. +a password or other private information) that it is supposed to keep +secret. @subsection Client certificate @@ -1128,14 +1342,23 @@ It possible to store the principal (if allowed by the KDC) in the certificate and thus delegate responsibility to do the mapping between certificates and principals to the CA. +This behavior is controlled by KDC configuration option: + +@example +[kdc] + pkinit_principal_in_certificate = yes +@end example + @subsubsection Using KRB5PrincipalName in id-pkinit-san -OtherName extention in the GeneralName is used to do the -mapping between certifiate and principal in the certifiate or storing -the krbtgt principal in the KDC certificate. +The OtherName extention in the GeneralName is used to do the mapping +between certificate and principal. For the KDC certificate, this +stores the krbtgt principal name for that KDC. For the client +certificate, this stores the principal for which that certificate is +allowed to get tickets. The principal is stored in a SubjectAltName in the certificate using -OtherName. The oid in the type is id-pkinit-san. +OtherName. The OID in the type is id-pkinit-san. @example id-pkinit-san OBJECT IDENTIFIER ::= @{ iso (1) org (3) dod (6) @@ -1152,32 +1375,32 @@ KRB5PrincipalName ::= SEQUENCE @{ @} @end example -where Realm and PrincipalName is defined by the Kerberos ASN.1 specification. +where Realm and PrincipalName is defined by the Kerberos ASN.1 +specification. @section Naming certificate using hx509 hx509 is the X.509 software used in Heimdal to handle -certificates. hx509 uses different syntaxes to specify the different -formats the certificates are stored in and what formats they exist in. - -There are several formats that can be used, PEM, embedded into PKCS12 -files, embedded into PKCS11 devices and raw DER encoded certificates. -Below is a list of types to use. +certificates. hx509 supports several different syntaxes for specifying +certificate files or formats. Several formats may be used: PEM, +certificates embedded in PKCS#12 files, certificates embedded in +PKCS#11 devices, and raw DER encoded certificates. +Those formats may be specified as follows: @table @asis @item DIR: -DIR is reading all certificates in a directory that is DER or PEM -formatted. +DIR specifies a directory which contains certificates in the DER or +PEM format. The main feature of DIR is that the directory is read on demand when -iterating over certificates, that way applictions can for some cases -avoid to store all certificates in memory. It's very useful for tests -that iterate over larger amount of certificates. +iterating over certificates. This allows applications, in some +situations, to avoid having to store all certificates in memory. It's +very useful for tests that iterate over large numbers of certificates. -Syntax is: +The syntax is: @example DIR:/path/to/der/files @@ -1185,15 +1408,16 @@ DIR:/path/to/der/files @item FILE: -FILE: is used to have the lib pick up a certificate chain and a -private key. The file can be either a PEM (openssl) file or a raw DER -encoded certificate. If it's a PEM file it can contain several keys and +FILE: specifies a file that contains a certificate or private key. +The file can be either a PEM (openssl) file or a raw DER encoded +certificate. If it's a PEM file, it can contain several keys and certificates and the code will try to match the private key and -certificate together. +certificate together. Multiple files may be specified, separated by +commas. -Its useful to have one PEM file that contains all the trust anchors. +It's useful to have one PEM file that contains all the trust anchors. -Syntax is: +The syntax is: @example FILE:certificate.pem,private-key.key,other-cert.pem,.... @@ -1201,11 +1425,12 @@ FILE:certificate.pem,private-key.key,other-cert.pem,.... @item PKCS11: -PKCS11: is used to handle smartcards via PKCS11 drivers, for example -soft-token, opensc, or muscle. The default is to use all slots on the -device/token. +PKCS11: is used to handle smartcards via PKCS#11 drivers, such as +soft-token, opensc, or muscle. The argument specifies a shared object +that implements the PKCS#11 API. The default is to use all slots on +the device/token. -Syntax is: +The syntax is: @example PKCS11:shared-object.so @@ -1213,10 +1438,10 @@ PKCS11:shared-object.so @item PKCS12: -PKCS12: is used to handle PKCS12 files. PKCS12 files commonly have the -extension pfx or p12. +PKCS12: is used to handle PKCS#12 files. PKCS#12 files commonly have +the extension pfx or p12. -Syntax is: +The syntax is: @example PKCS12:/path/to/file.pfx @@ -1227,8 +1452,8 @@ PKCS12:/path/to/file.pfx @section Configure the Kerberos software First configure the client's trust anchors and what parameters to -verify, see subsection below how to do that. Now you can use kinit to -get yourself tickets. One example how that can look like is: +verify. See the subsections below for how to do that. Then, you can +use kinit to get yourself tickets. For example: @example $ kinit -C FILE:$HOME/.certs/lha.crt,$HOME/.certs/lha.key lha@@EXAMPLE.ORG @@ -1241,10 +1466,10 @@ Credentials cache: FILE:/tmp/krb5cc_19100a Apr 20 02:08:08 Apr 20 12:08:08 krbtgt/EXAMPLE.ORG@@EXAMPLE.ORG @end example -Using PKCS11 it can look like this instead: +Using PKCS#11 it can look like this instead: @example -$ kinit -C PKCS11:/tmp/pkcs11/lib/soft-pkcs11.so lha@@EXAMPLE.ORG +$ kinit -C PKCS11:/usr/heimdal/lib/hx509.so lha@@EXAMPLE.ORG PIN code for SoftToken (slot): $ klist Credentials cache: API:4 @@ -1254,8 +1479,7 @@ Credentials cache: API:4 Mar 26 23:40:10 Mar 27 09:40:10 krbtgt/EXAMPLE.ORG@@EXAMPLE.ORG @end example - -Write about the kdc. +TODO: Write about the KDC. @section Configure the client @@ -1282,8 +1506,9 @@ Write about the kdc. pkinit_anchors = FILE:/path/to/trust-anchors.pem pkinit_pool = PKCS12:/path/to/useful-intermediate-certs.pfx pkinit_pool = FILE:/path/to/other-useful-intermediate-certs.pem - pkinit_allow_proxy_certificate = false + pkinit_allow_proxy_certificate = no pkinit_win2k_require_binding = yes + pkinit_principal_in_certificate = no @end example @subsection Using pki-mapping file @@ -1303,10 +1528,11 @@ lha@@EXAMPLE.ORG:CN=Love,UID=lha @subsection Generate certificates -First you need to generate a CA certificate, change the --subject to -something appropriate, the CA certificate will be valid for 10 years. +First, you need to generate a CA certificate. This example creates a +CA certificate that will be valid for 10 years. -You need to change --subject in the command below. +You need to change --subject in the command below to something +appropriate for your site. @example hxtool issue-certificate \ @@ -1322,7 +1548,8 @@ The KDC needs to have a certificate, so generate a certificate of the type ``pkinit-kdc'' and set the PK-INIT specifial SubjectAltName to the name of the krbtgt of the realm. -You need to change --subject and --pk-init-principal in the command below. +You need to change --subject and --pk-init-principal in the command +below to something appropriate for your site. @example hxtool issue-certificate \ @@ -1334,12 +1561,14 @@ hxtool issue-certificate \ --certificate="FILE:kdc.pem" @end example -The users also needs to have a certificate, so generate a certificate -of the type ``pkinit-client''. The client doesn't need to have the PK-INIT -SubjectAltName set, you can have the Subject DN in the ACL file -(pki-mapping) instead. +The users also needs to have certificates. For your first client, +generate a certificate of type ``pkinit-client''. The client doesn't +need to have the PK-INIT SubjectAltName set; you can have the Subject +DN in the ACL file (pki-mapping) instead. -You need to change --subject and --pk-init-principal in the command below. +You need to change --subject and --pk-init-principal in the command +below to something appropriate for your site. You can omit +--pk-init-principal if you're going to use the ACL file instead. @example hxtool issue-certificate \ @@ -1353,9 +1582,10 @@ hxtool issue-certificate \ @subsection Validate the certificate -hxtool also contains a tool that will validate certificates according to -rules from the PKIX document. These checks are not complete, but a good test -to check if you got all of the basic bits right in your certificates. +hxtool also contains a tool that will validate certificates according +to rules from the PKIX document. These checks are not complete, but +they provide a good test of whether you got all of the basic bits +right in your certificates. @example hxtool validate FILE:user.pem @@ -1368,7 +1598,7 @@ certificates using OpenSSL (or CA software based on OpenSSL). @subsection Using OpenSSL to create certificates with krb5PrincipalName -To make OpenSSL create certificates with krb5PrincipalName use +To make OpenSSL create certificates with krb5PrincipalName, use an @file{openssl.cnf} as described below. To see a complete example of creating client and KDC certificates, see the test-data generation script @file{lib/hx509/data/gen-req.sh} in the source-tree. The @@ -1395,7 +1625,7 @@ princ1 = GeneralString:userid @end example -Command usage +Command usage: @example openssl x509 -extensions user_certificate @@ -1425,9 +1655,9 @@ Clients using a Windows KDC with PK-INIT need configuration since windows uses pre-standard format and this can't be autodetected. The pkinit_win2k_require_binding option requires the reply for the KDC -to be of the new, secure, type that binds the request to reply. Before -clients should fake the reply from the KDC. To use this option you -have to apply a fix from Microsoft. +to be of the new, secure, type that binds the request to +reply. Before, clients could fake the reply from the KDC. To use this +option you have to apply a fix from Microsoft. @example [realms] @@ -1440,16 +1670,32 @@ have to apply a fix from Microsoft. @subsection Certificates The client certificates need to have the extended keyusage ``Microsoft -Smartcardlogin'' (openssl have the oid shortname msSmartcardLogin). +Smartcardlogin'' (openssl has the OID shortname msSmartcardLogin). See Microsoft Knowledge Base Article - 281245 ``Guidelines for Enabling Smart Card Logon with Third-Party Certification Authorities'' for a -more extensive description of how set setup an external CA to it -includes all information that will make a Windows KDC happy. +more extensive description of how set setup an external CA so that it +includes all the information required to make a Windows KDC happy. @subsection Configure Windows 2000 CA -To enable Microsoft Smartcardlogin> for certificates in your Windows -2000 CA, you want to look at Microsoft Knowledge Base Article - -313274 ``HOW TO: Configure a Certification Authority to Issue -Smart Card Certificates in Windows''. +To enable Microsoft Smartcardlogin for certificates in your Windows +2000 CA, you want to look at Microsoft Knowledge Base Article - 313274 +``HOW TO: Configure a Certification Authority to Issue Smart Card +Certificates in Windows''. + +@node Debugging Kerberos problems, , Setting up PK-INIT, Setting up a realm +@section Debugging Kerberos problems + +To debug Kerberos client and server problems you can enable debug +traceing by adding the following to @file{/etc/krb5,conf}. Note that the +trace logging is sparse at the moment, but will continue to improve. + +@example +[logging] + libkrb5 = 0-/SYSLOG: +@end example + + + + diff --git a/doc/vars.texi b/doc/vars.texi index c2e6671a68eb..392a6a9fb5c9 100755 --- a/doc/vars.texi +++ b/doc/vars.texi @@ -4,4 +4,4 @@ @c @set dbdir /var/heimdal -@set PACKAGE_VERSION 1.1 +@set PACKAGE_VERSION 1.5 diff --git a/doc/whatis.texi b/doc/whatis.texi index 307c5a20877a..8c1f45ddb516 100644 --- a/doc/whatis.texi +++ b/doc/whatis.texi @@ -1,4 +1,4 @@ -@c $Id: whatis.texi 16769 2006-02-27 12:26:50Z joda $ +@c $Id$ @node What is Kerberos?, Building and Installing, Introduction, Top @chapter What is Kerberos? diff --git a/doc/win2k.texi b/doc/win2k.texi index 7bc9b2a30b81..0452b4d80f2c 100644 --- a/doc/win2k.texi +++ b/doc/win2k.texi @@ -1,41 +1,36 @@ -@c $Id: win2k.texi 21991 2007-10-19 13:28:07Z lha $ +@c $Id$ -@node Windows 2000 compatability, Programming with Kerberos, Kerberos 4 issues, Top + +@node Windows compatibility, Programming with Kerberos, Kerberos 4 issues, Top @comment node-name, next, previous, up -@chapter Windows 2000 compatability +@chapter Windows compatibility -Windows 2000 (formerly known as Windows NT 5) from Microsoft implements -Kerberos 5. Their implementation, however, has some quirks, -peculiarities, and bugs. This chapter is a short summary of the things -that we have found out while trying to test Heimdal against Windows -2000. Another big problem with the Kerberos implementation in Windows -2000 is that the available documentation is more focused on getting +Microsoft Windows, starting from version 2000 (formerly known as Windows NT 5), implements Kerberos 5. Their implementation, however, has some quirks, +peculiarities, and bugs. This chapter is a short summary of the compatibility +issues between Heimdal and various Windows versions. + +The big problem with the Kerberos implementation in Windows +is that the available documentation is more focused on getting things to work rather than how they work, and not that useful in figuring -out how things really work. - -This information should apply to Heimdal @value{VERSION} and Windows -2000 Professional. It's of course subject to change all the time and +out how things really work. It's of course subject to change all the time and mostly consists of our not so inspired guesses. Hopefully it's still somewhat useful. @menu -* Configuring Windows 2000 to use a Heimdal KDC:: -* Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC:: +* Configuring Windows to use a Heimdal KDC:: +* Inter-Realm keys (trust) between Windows and a Heimdal KDC:: * Create account mappings:: * Encryption types:: * Authorisation data:: * Quirks of Windows 2000 KDC:: -* Useful links when reading about the Windows 2000:: +* Useful links when reading about the Windows:: @end menu -@node Configuring Windows 2000 to use a Heimdal KDC, Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC, Windows 2000 compatability, Windows 2000 compatability +@node Configuring Windows to use a Heimdal KDC, Inter-Realm keys (trust) between Windows and a Heimdal KDC, Windows compatibility, Windows compatibility @comment node-name, next, precious, up -@section Configuring Windows 2000 to use a Heimdal KDC +@section Configuring Windows to use a Heimdal KDC -You need the command line program called @command{ksetup.exe} which is available -in the file @file{SUPPORT/TOOLS/SUPPORT.CAB} on the Windows 2000 Professional -CD-ROM. This program is used to configure the Kerberos settings on a -Workstation. +You need the command line program called @command{ksetup.exe}. This program comes with the Windows Support Tools, available from either the installation CD-ROM (@file{SUPPORT/TOOLS/SUPPORT.CAB}), or from Microsoft web site. Starting from Windows 2008, it is already installed. This program is used to configure the Kerberos settings on a Workstation. @command{Ksetup} store the domain information under the registry key: @code{HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\Kerberos\Domains}. @@ -88,13 +83,13 @@ The Windows machine will now map any user to the corresponding principal, for example @samp{nisse} to the principal @samp{nisse@@MY.REALM}. (This is most likely what you want.) -@node Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC, Create account mappings, Configuring Windows 2000 to use a Heimdal KDC, Windows 2000 compatability +@node Inter-Realm keys (trust) between Windows and a Heimdal KDC, Create account mappings, Configuring Windows to use a Heimdal KDC, Windows compatibility @comment node-name, next, precious, up -@section Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC +@section Inter-Realm keys (trust) between Windows and a Heimdal KDC See also the Step-by-Step guide from Microsoft, referenced below. -Install Windows 2000, and create a new controller (Active Directory +Install Windows, and create a new controller (Active Directory Server) for the domain. By default the trust will be non-transitive. This means that only users @@ -102,8 +97,8 @@ directly from the trusted domain may authenticate. This can be changed to transitive by using the @command{netdom.exe} tool. @command{netdom.exe} can also be used to add the trust between two realms. -You need to tell Windows 2000 on what hosts to find the KDCs for the -non-Windows realm with @command{ksetup}, see @xref{Configuring Windows 2000 +You need to tell Windows on what hosts to find the KDCs for the +non-Windows realm with @command{ksetup}, see @xref{Configuring Windows to use a Heimdal KDC}. This needs to be done on all computers that want enable cross-realm @@ -127,33 +122,37 @@ Management tool, you do it like this: netdom trust NT.REALM.EXAMPLE.COM /Domain:EXAMPLE.COM /add /realm /passwordt:TrustPassword @end example -You also need to add the inter-realm keys to the Heimdal KDC. Make sure -you have matching encryption types (DES, Arcfour and AES in case of Longhorn) +You also need to add the inter-realm keys to the Heimdal KDC. But take +care to the encryption types and salting used for those keys. There should be +no encryption type stronger than the one configured on Windows side for this +relationship, itself limited to the ones supported by this specific version of +Windows, nor any Kerberos 4 salted hashes, as Windows does not seem to +understand them. Otherwise, the trust will not works. -Another issue is salting. Since Windows 2000 does not seem to -understand Kerberos 4 salted hashes you might need to turn off anything -similar to the following if you have it, at least while adding the -principals that are going to share keys with Windows 2000. +Here are the version-specific needed information: +@enumerate +@item Windows 2000: maximum encryption type is DES +@item Windows 2003: maximum encryption type is DES +@item Windows 2003RC2: maximum encryption type is RC4, relationship defaults to DES +@item Windows 2008: maximum encryption type is AES, relationship defaults to RC4 +@end enumerate + +For Windows 2003RC2, to change the trust encryption type, you have to use the +@command{ktpass}, from the Windows 2003 Resource kit *service pack2*, available +from Microsoft web site. @example -[kadmin] - default_keys = v5 v4 +C:> ktpass /MITRealmName UNIX.EXAMPLE.COM /TrustEncryp RC4 @end example -So remove v4 from default keys. - -What you probably want to use is this: +For Windows 2008, the same operation can be done with the @command{ksetup}, installed by default. @example -[kadmin] - default_keys = des-cbc-crc:pw-salt arcfour-hmac-md5:pw-salt +C:> ksetup /SetEncTypeAttre EXAMPLE.COM AES256-SHA1 @end example -@c XXX check this -@c It is definitely not supported in base 2003. I haven't been able to -@c get SP1 installed here, but it is supposed to work in that. - -Once that is also done, you can add the required inter-realm keys: +Once the relationship is correctly configured, you can add the required +inter-realm keys, using heimdal default encryption types: @example kadmin add krbtgt/NT.REALM.EXAMPLE.COM@@EXAMPLE.COM @@ -162,11 +161,20 @@ kadmin add krbtgt/REALM.EXAMPLE.COM@@NT.EXAMPLE.COM Use the same passwords for both keys. +And if needed, to remove unsupported encryptions, such as the following ones for a Windows 2003RC2 server. + +@example +kadmin del_enctype krbtgt/REALM.EXAMPLE.COM@@NT.EXAMPLE.COM aes256-cts-hmac-sha1-96 +kadmin del_enctype krbtgt/REALM.EXAMPLE.COM@@NT.EXAMPLE.COM des3-cbc-sha1 +kadmin del_enctype krbtgt/NT.EXAMPLE.COM@@EXAMPLE.COM aes256-cts-hmac-sha1-96 +kadmin del_enctype krbtgt/NT.EXAMPLE.COM@@EXAMPLE.COM des3-cbc-sha1 +@end example + Do not forget to reboot before trying the new realm-trust (after running @command{ksetup}). It looks like it might work, but packets are never sent to the non-Windows KDC. -@node Create account mappings, Encryption types, Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC, Windows 2000 compatability +@node Create account mappings, Encryption types, Inter-Realm keys (trust) between Windows and a Heimdal KDC, Windows compatibility @comment node-name, next, precious, up @section Create account mappings @@ -183,7 +191,7 @@ This adds @samp{authorizationNames} entry to the users LDAP entry to the Active Directory LDAP catalog. When you create users by script you can add this entry instead. -@node Encryption types, Authorisation data, Create account mappings, Windows 2000 compatability +@node Encryption types, Authorisation data, Create account mappings, Windows compatibility @comment node-name, next, previous, up @section Encryption types @@ -195,7 +203,7 @@ MD4 and DES keys. Users that are converted from a NT4 database, will only have MD4 passwords and will need a password change to get a DES key. -@node Authorisation data, Quirks of Windows 2000 KDC, Encryption types, Windows 2000 compatability +@node Authorisation data, Quirks of Windows 2000 KDC, Encryption types, Windows compatibility @comment node-name, next, previous, up @section Authorisation data @@ -223,7 +231,7 @@ the file. analysing the data. @end enumerate -@node Quirks of Windows 2000 KDC, Useful links when reading about the Windows 2000, Authorisation data, Windows 2000 compatability +@node Quirks of Windows 2000 KDC, Useful links when reading about the Windows, Authorisation data, Windows compatibility @comment node-name, next, previous, up @section Quirks of Windows 2000 KDC @@ -255,9 +263,9 @@ You should also add the following entries to the @file{krb5.conf} file: These configuration options will make sure that no checksums of the unsupported types are generated. -@node Useful links when reading about the Windows 2000, , Quirks of Windows 2000 KDC, Windows 2000 compatability +@node Useful links when reading about the Windows, , Quirks of Windows 2000 KDC, Windows compatibility @comment node-name, next, previous, up -@section Useful links when reading about the Windows 2000 +@section Useful links when reading about the Windows See also our paper presented at the 2001 Usenix Annual Technical Conference, available in the proceedings or at @@ -272,7 +280,7 @@ short list of the interesting documents that we have managed to find. @uref{http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/kerbstep.mspx}. Kerberos GSS-API (in Windows-eze SSPI), Windows as a client in a non-Windows KDC realm, adding unix clients to a Windows 2000 KDC, and -adding cross-realm trust (@pxref{Inter-Realm keys (trust) between Windows 2000 +adding cross-realm trust (@pxref{Inter-Realm keys (trust) between Windows and a Heimdal KDC}). @item Windows 2000 Kerberos Authentication: diff --git a/doc/wind.din b/doc/wind.din new file mode 100644 index 000000000000..da36dd1b7680 --- /dev/null +++ b/doc/wind.din @@ -0,0 +1,15 @@ +# Doxyfile 1.5.3 + +PROJECT_NAME = Heimdal wind library +PROJECT_NUMBER = @PACKAGE_VERSION@ +OUTPUT_DIRECTORY = @srcdir@/doxyout/wind +INPUT = @srcdir@/../lib/wind + +WARN_IF_UNDOCUMENTED = YES + +PERL_PATH = /usr/bin/perl + +HTML_HEADER = "@srcdir@/header.html" +HTML_FOOTER = "@srcdir@/footer.html" + +@INCLUDE = "@srcdir@/doxytmpl.dxy" diff --git a/etc/Makefile.am b/etc/Makefile.am index d5675d57a2ed..6736bbc8f272 100644 --- a/etc/Makefile.am +++ b/etc/Makefile.am @@ -1,5 +1,5 @@ -# $Id: Makefile.am 20565 2007-04-27 13:52:30Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -EXTRA_DIST = services.append +EXTRA_DIST = NTMakefile services.append diff --git a/etc/Makefile.in b/etc/Makefile.in index fef8bd2fa2dc..5b0a81269236 100644 --- a/etc/Makefile.in +++ b/etc/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +15,16 @@ @SET_MAKE@ -# $Id: Makefile.am 20565 2007-04-27 13:52:30Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -43,7 +45,7 @@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ subdir = etc ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -58,7 +60,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -72,9 +74,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -82,14 +87,13 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = +CONFIG_CLEAN_VPATH_FILES = SOURCES = DIST_SOURCES = DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -97,49 +101,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -163,10 +176,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -183,6 +197,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -198,31 +214,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -237,10 +267,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -281,47 +313,52 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -EXTRA_DIST = services.append +EXTRA_DIST = NTMakefile services.append all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps etc/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps etc/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign etc/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign etc/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -339,6 +376,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): mostlyclean-libtool: -rm -f *.lo @@ -368,13 +406,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -406,6 +448,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -424,6 +467,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -431,23 +476,31 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am @@ -469,9 +522,8 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: all all-am all-local check check-am check-local clean \ clean-generic clean-libtool dist-hook distclean \ @@ -555,6 +607,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -640,7 +695,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -653,6 +708,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/etc/NTMakefile b/etc/NTMakefile new file mode 100644 index 000000000000..aab3f7a170ef --- /dev/null +++ b/etc/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=etc + +!include ../windows/NTMakefile.w32 + diff --git a/etc/services.append b/etc/services.append index 2eff2f7a34d9..f63f2af97184 100644 --- a/etc/services.append +++ b/etc/services.append @@ -1,5 +1,5 @@ # -# $Id: services.append 10452 2001-08-08 15:48:37Z assar $ +# $Id$ # # Kerberos services # diff --git a/include/Makefile.am b/include/Makefile.am index a63c227d44af..c9425c8e5fce 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -1,85 +1,105 @@ -# $Id: Makefile.am 22396 2008-01-01 19:35:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common SUBDIRS = kadm5 hcrypto gssapi -noinst_PROGRAMS = bits make_crypto +noinst_PROGRAMS = bits CHECK_LOCAL = no-check-local AM_CPPFLAGS += -DHOST=\"$(CANONICAL_HOST)\" nodist_include_HEADERS = krb5-types.h -nodist_noinst_HEADERS = crypto-headers.h + +noinst_HEADERS = heim_threads.h crypto-headers.h + +EXTRA_DIST = NTMakefile krb5-types.cross + +if !CROSS_COMPILE krb5-types.h: bits$(EXEEXT) ./bits$(EXEEXT) krb5-types.h -crypto-headers.h: make_crypto$(EXEEXT) - ./make_crypto$(EXEEXT) crypto-headers.h +else + +krb5-types.h: krb5-types.cross + cp $(srcdir)/krb5-types.cross krb5-types.h + +endif CLEANFILES = \ - cms_asn1.h \ - der-protos.h \ - digest_asn1.h \ - hdb-protos.h \ - heim_asn1.h \ - heim_threads.h \ - hex.h \ - hx509-protos.h \ - hx509.h \ - hx509_err.h \ - kx509_asn1.h \ - kx509_err.h \ - k524_err.h \ - kdc-protos.h \ - kdc.h \ - krb5_asn1.h \ - krb5_ccapi.h \ - parse_bytes.h \ - pkcs12_asn1.h \ - pkcs8_asn1.h \ - pkcs9_asn1.h \ - pkinit_asn1.h \ - rfc2459_asn1.h \ - rtbl.h \ - test-mem.h \ - vers.h \ - vis.h \ asn1.h \ + asn1-common.h \ + asn1-template.h \ asn1_err.h \ base64.h \ + cms_asn1.h \ + crmf_asn1.h \ com_err.h \ com_right.h \ - crypto-headers.h \ + ccache_plugin.h \ + der-protos.h \ + der-private.h \ der.h \ + digest_asn1.h \ editline.h \ err.h \ getarg.h \ glob.h \ gssapi.h \ + hdb-protos.h \ hdb.h \ hdb_asn1.h \ hdb_err.h \ + heim-ipc.h \ + heim_asn1.h \ heim_err.h \ - heimntlm.h \ + heimbase.h \ heimntlm-protos.h \ + heimntlm.h \ + hex.h \ + hx509-protos.h \ + hx509.h \ + hx509_err.h \ + k524_err.h \ kafs.h \ - krb_err.h \ - krb5-protos.h \ + kdc-protos.h \ + kdc.h \ krb5-private.h \ + krb5-protos.h \ krb5-types.h \ krb5.h \ + krb5_asn1.h \ + krb5_ccapi.h \ krb5_err.h \ + krb_err.h \ + kx509_asn1.h \ + kx509_err.h \ + locate_plugin.h \ + ntlm_err.h \ + ocsp_asn1.h \ otp.h \ + parse_bytes.h \ parse_time.h \ parse_units.h \ + pkcs10_asn1.h \ + pkcs12_asn1.h \ + pkcs8_asn1.h \ + pkcs9_asn1.h \ + pkinit_asn1.h \ resolve.h \ + rfc2459_asn1.h \ roken-common.h \ roken.h \ + rtbl.h \ + send_to_kdc_plugin.h \ sl.h \ + test-mem.h \ + vers.h \ + vis.h \ + wind.h \ + wind_err.h \ windc_plugin.h \ - locate_plugin.h \ xdbm.h DISTCLEANFILES = \ diff --git a/include/Makefile.in b/include/Makefile.in index 382274419419..2fd7d70b999d 100644 --- a/include/Makefile.in +++ b/include/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,17 +15,18 @@ @SET_MAKE@ -# $Id: Makefile.am 22396 2008-01-01 19:35:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -39,14 +41,15 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(srcdir)/config.h.in $(top_srcdir)/Makefile.am.common \ +DIST_COMMON = $(noinst_HEADERS) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in $(srcdir)/config.h.in \ + $(top_srcdir)/Makefile.am.common \ $(top_srcdir)/cf/Makefile.am.common -noinst_PROGRAMS = bits$(EXEEXT) make_crypto$(EXEEXT) +noinst_PROGRAMS = bits$(EXEEXT) subdir = include ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -61,7 +64,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -75,9 +78,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -85,22 +91,20 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = PROGRAMS = $(noinst_PROGRAMS) bits_SOURCES = bits.c bits_OBJECTS = bits.$(OBJEXT) bits_LDADD = $(LDADD) -make_crypto_SOURCES = make_crypto.c -make_crypto_OBJECTS = make_crypto.$(OBJEXT) -make_crypto_LDADD = $(LDADD) -DEFAULT_INCLUDES = -I.@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -110,8 +114,8 @@ CCLD = $(CC) LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ -SOURCES = bits.c make_crypto.c -DIST_SOURCES = bits.c make_crypto.c +SOURCES = bits.c +DIST_SOURCES = bits.c RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ html-recursive info-recursive install-data-recursive \ install-dvi-recursive install-exec-recursive \ @@ -124,63 +128,114 @@ am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(includedir)" -nodist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(nodist_include_HEADERS) $(nodist_noinst_HEADERS) +HEADERS = $(nodist_include_HEADERS) $(noinst_HEADERS) RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive +AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \ + $(RECURSIVE_CLEAN_TARGETS:-recursive=) tags TAGS ctags CTAGS \ + distdir ETAGS = etags CTAGS = ctags DIST_SUBDIRS = $(SUBDIRS) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -204,10 +259,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -224,6 +280,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -239,31 +297,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -278,10 +350,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -322,97 +396,113 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -DHOST=\"$(CANONICAL_HOST)\" +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) -DHOST=\"$(CANONICAL_HOST)\" @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la SUBDIRS = kadm5 hcrypto gssapi CHECK_LOCAL = no-check-local nodist_include_HEADERS = krb5-types.h -nodist_noinst_HEADERS = crypto-headers.h +noinst_HEADERS = heim_threads.h crypto-headers.h +EXTRA_DIST = NTMakefile krb5-types.cross CLEANFILES = \ - cms_asn1.h \ - der-protos.h \ - digest_asn1.h \ - hdb-protos.h \ - heim_asn1.h \ - heim_threads.h \ - hex.h \ - hx509-protos.h \ - hx509.h \ - hx509_err.h \ - kx509_asn1.h \ - kx509_err.h \ - k524_err.h \ - kdc-protos.h \ - kdc.h \ - krb5_asn1.h \ - krb5_ccapi.h \ - parse_bytes.h \ - pkcs12_asn1.h \ - pkcs8_asn1.h \ - pkcs9_asn1.h \ - pkinit_asn1.h \ - rfc2459_asn1.h \ - rtbl.h \ - test-mem.h \ - vers.h \ - vis.h \ asn1.h \ + asn1-common.h \ + asn1-template.h \ asn1_err.h \ base64.h \ + cms_asn1.h \ + crmf_asn1.h \ com_err.h \ com_right.h \ - crypto-headers.h \ + ccache_plugin.h \ + der-protos.h \ + der-private.h \ der.h \ + digest_asn1.h \ editline.h \ err.h \ getarg.h \ glob.h \ gssapi.h \ + hdb-protos.h \ hdb.h \ hdb_asn1.h \ hdb_err.h \ + heim-ipc.h \ + heim_asn1.h \ heim_err.h \ - heimntlm.h \ + heimbase.h \ heimntlm-protos.h \ + heimntlm.h \ + hex.h \ + hx509-protos.h \ + hx509.h \ + hx509_err.h \ + k524_err.h \ kafs.h \ - krb_err.h \ - krb5-protos.h \ + kdc-protos.h \ + kdc.h \ krb5-private.h \ + krb5-protos.h \ krb5-types.h \ krb5.h \ + krb5_asn1.h \ + krb5_ccapi.h \ krb5_err.h \ + krb_err.h \ + kx509_asn1.h \ + kx509_err.h \ + locate_plugin.h \ + ntlm_err.h \ + ocsp_asn1.h \ otp.h \ + parse_bytes.h \ parse_time.h \ parse_units.h \ + pkcs10_asn1.h \ + pkcs12_asn1.h \ + pkcs8_asn1.h \ + pkcs9_asn1.h \ + pkinit_asn1.h \ resolve.h \ + rfc2459_asn1.h \ roken-common.h \ roken.h \ + rtbl.h \ + send_to_kdc_plugin.h \ sl.h \ + test-mem.h \ + vers.h \ + vis.h \ + wind.h \ + wind_err.h \ windc_plugin.h \ - locate_plugin.h \ xdbm.h DISTCLEANFILES = \ @@ -423,19 +513,19 @@ all: config.h $(MAKE) $(AM_MAKEFLAGS) all-recursive .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps include/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps include/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign include/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -453,6 +543,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): config.h: stamp-h1 @if test ! -f $@; then \ @@ -464,7 +555,7 @@ stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status @rm -f stamp-h1 cd $(top_builddir) && $(SHELL) ./config.status include/config.h $(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_srcdir) && $(AUTOHEADER) + ($(am__cd) $(top_srcdir) && $(AUTOHEADER)) rm -f stamp-h1 touch $@ @@ -472,17 +563,16 @@ distclean-hdr: -rm -f config.h stamp-h1 clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list bits$(EXEEXT): $(bits_OBJECTS) $(bits_DEPENDENCIES) @rm -f bits$(EXEEXT) $(LINK) $(bits_OBJECTS) $(bits_LDADD) $(LIBS) -make_crypto$(EXEEXT): $(make_crypto_OBJECTS) $(make_crypto_DEPENDENCIES) - @rm -f make_crypto$(EXEEXT) - $(LINK) $(make_crypto_OBJECTS) $(make_crypto_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -490,14 +580,28 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bits.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo @@ -507,20 +611,23 @@ clean-libtool: install-nodist_includeHEADERS: $(nodist_include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nodist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-nodist_includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files # This directory's subdirectories are mostly independent; you can cd # into them and run `make' without going through this Makefile. @@ -529,7 +636,7 @@ uninstall-nodist_includeHEADERS: # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. $(RECURSIVE_TARGETS): - @failcom='exit 1'; \ + @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ *=* | --[!k]*);; \ @@ -546,7 +653,7 @@ $(RECURSIVE_TARGETS): else \ local_target="$$target"; \ fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ @@ -554,7 +661,7 @@ $(RECURSIVE_TARGETS): fi; test -z "$$fail" $(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ + @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ *=* | --[!k]*);; \ @@ -580,16 +687,16 @@ $(RECURSIVE_CLEAN_TARGETS): else \ local_target="$$target"; \ fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ done ctags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ done ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) @@ -597,14 +704,14 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: tags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ include_option=--etags-include; \ @@ -616,39 +723,43 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: ctags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -669,29 +780,44 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test -d "$(distdir)/$$subdir" \ || $(MKDIR_P) "$(distdir)/$$subdir" \ || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ am__remove_distdir=: \ am__skip_length_check=: \ + am__skip_mode_fix=: \ distdir) \ || exit 1; \ fi; \ @@ -729,6 +855,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) -test -z "$(DISTCLEANFILES)" || rm -f $(DISTCLEANFILES) maintainer-clean-generic: @@ -740,6 +867,7 @@ clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \ mostlyclean-am distclean: distclean-recursive + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-hdr distclean-tags @@ -750,6 +878,8 @@ dvi-am: html: html-recursive +html-am: + info: info-recursive info-am: @@ -757,26 +887,35 @@ info-am: install-data-am: install-nodist_includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-recursive +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-recursive +install-html-am: + install-info: install-info-recursive +install-info-am: + install-man: install-pdf: install-pdf-recursive +install-pdf-am: + install-ps: install-ps-recursive +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-recursive + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -796,9 +935,9 @@ ps-am: uninstall-am: uninstall-nodist_includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am +.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) all check-am \ + ctags-recursive install-am install-data-am install-exec-am \ + install-strip tags-recursive uninstall-am .PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ all all-am all-local check check-am check-local clean \ @@ -887,6 +1026,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -972,7 +1114,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -986,11 +1128,12 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) fi ; \ done -krb5-types.h: bits$(EXEEXT) - ./bits$(EXEEXT) krb5-types.h +@CROSS_COMPILE_FALSE@krb5-types.h: bits$(EXEEXT) +@CROSS_COMPILE_FALSE@ ./bits$(EXEEXT) krb5-types.h + +@CROSS_COMPILE_TRUE@krb5-types.h: krb5-types.cross +@CROSS_COMPILE_TRUE@ cp $(srcdir)/krb5-types.cross krb5-types.h -crypto-headers.h: make_crypto$(EXEEXT) - ./make_crypto$(EXEEXT) crypto-headers.h # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/include/NTMakefile b/include/NTMakefile new file mode 100644 index 000000000000..85ea4e270921 --- /dev/null +++ b/include/NTMakefile @@ -0,0 +1,118 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=include + +SUBDIRS=kadm5 hcrypto gssapi + +!include ../windows/NTMakefile.w32 +!include ../windows/NTMakefile.config + +INCFILES= \ + $(INCDIR)\config.h \ + $(INCDIR)\crypto-headers.h \ + $(INCDIR)\heim_threads.h \ + $(INCDIR)\krb5-types.h \ + $(INCDIR)\version.h + +$(INCDIR)\krb5-types.h: $(OBJ)\bits.exe + $(OBJ)\bits.exe $(INCDIR)\krb5-types.h + +$(OBJ)\bits.exe: $(OBJ)\bits.obj + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(INCDIR)\config.h: config.h.w32 ..\windows\NTMakefile.config NTMakefile + $(PERL) << < config.h.w32 > $@ + +while(<>) { + + if (m/\@FEATURE_DEFS\@/) { + + if ("$(KRB5)") { print "#define KRB5 1\n"; } + if ("$(KRB4)") { print "#define KRB4 1\n"; } + if ("$(WEAK_CRYPTO)") { print "#define HEIM_WEAK_CRYPTO 1\n"; } + if ("$(PKINIT)") { print "#define PKINIT 1\n"; } + if ("$(NO_AFS)") { print "#define NO_AFS 1\n"; } + if ("$(OPENLDAP)") { print "#define OPENLDAP 1\n"; } + if ("$(OPENLDAP_MODULE)") { print "#define OPENLDAP_MODULE 1\n"; } + if ("$(OTP)") { print "#define OTP 1 \n"; } + if ("$(AUTHENTICATION)") { print "#define AUTHENTICATION 1\n"; } + if ("$(DIAGNOSTICS)") { print "#define DIAGNOSTICS 1\n"; } + if ("$(ENCRYPTION)") { print "#define ENCRYPTION 1\n"; } + if ("$(ENABLE_AFS_STRING_TO_KEY)") { print "#define ENABLE_AFS_STRING_TO_KEY 1\n"; } + if ("$(ENABLE_PTHREAD_SUPPORT)") { print "#define ENABLE_PTHREAD_SUPPORT 1\n"; } + if ("$(HAVE_PTHREAD_H)") { print "#define HAVE_PTHREAD_H 1\n"; } + if ("$(ENV_HACK)") { print "#define ENV_HACK 1\n"; } + if ("$(HAVE_KCM)") { print "#define HAVE_KCM 1\n"; } + if ("$(HAVE_SCC)") { print "#define HAVE_SCC 1\n"; } + if ("$(DIR_hdbdir)") { print "#define HDB_DB_DIR \"".'$(DIR_hdbdir)'."\"\n"; } + if ("$(HAVE_MSLSA_CACHE)") { print "#define HAVE_MSLSA_CACHE 1\n"; } + if ("$(NO_LOCALNAME)") { print "#define NO_LOCALNAME 1\n"; } + + } elsif (m/\@VERSION_OPTDEFS\@/) { + + if ("$(VER_PRERELEASE)") { print "#define VER_PRERELEASE 1\n"; } + if ("$(VER_PRIVATE)") { print "#define VER_PRIVATE \"$(VER_PRIVATE)\"\n"; } + if ("$(VER_SPECIAL)") { print "#define VER_SPECIAL \"$(VER_SPECIAL)\"\n"; } + if ("$(BUILD)" =~ "dbg") { print "#define VER_DEBUG 1\n"; } + print "#define HOST \"$(COMPUTERNAME)\"\n"; + + } else { + + s/\@PACKAGE\@/$(VER_PACKAGE)/; + s/\@PACKAGE_NAME\@/$(VER_PACKAGE_NAME)/; + s/\@PACKAGE_BUGREPORT\@/$(VER_PACKAGE_BUGREPORT:@=\@)/; + s/\@PACKAGE_VERSION\@/$(VER_PACKAGE_VERSION)/; + s/\@PACKAGE_COPYRIGHT\@/$(VER_PACKAGE_COPYRIGHT)/; + s/\@PACKAGE_COMPANY\@/$(VER_PACKAGE_COMPANY)/; + s/\@MAJOR\@/$(VER_PRODUCT_MAJOR)/; + s/\@MINOR\@/$(VER_PRODUCT_MINOR)/; + s/\@AUX\@/$(VER_PRODUCT_AUX)/; + s/\@PATCH\@/$(VER_PRODUCT_PATCH)/; + + print $_; + } +} + +<< + +$(INCDIR)\version.h: ..\windows\NTMakefile.config NTMakefile + $(CP) << $@ +const char *heimdal_long_version = "@(#)$$Version: $(VER_PACKAGE_NAME) $(VER_PACKAGE_VERSION) by $(USERNAME) on $(COMPUTERNAME) ($(CPU)-pc-windows) $$"; +const char *heimdal_version = "$(VER_PACKAGE_NAME) $(VER_PACKAGE_VERSION)"; +<< + +all:: $(INCFILES) + +clean:: + -$(RM) $(INCFILES) + diff --git a/include/bits.c b/include/bits.c index 3fdaee420bfd..7e76828b4e96 100644 --- a/include/bits.c +++ b/include/bits.c @@ -1,44 +1,50 @@ /* - * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: bits.c 18703 2006-10-20 20:33:58Z lha $"); +RCSID("$Id$"); #endif #include #include #include #include +#ifdef WIN32 +#include +#include +#endif #define BITSIZE(TYPE) \ { \ @@ -46,7 +52,7 @@ RCSID("$Id: bits.c 18703 2006-10-20 20:33:58Z lha $"); char tmp[128], tmp2[128]; \ while(x){ x <<= 1; b++; if(x < zero) pre=""; } \ if(b >= len){ \ - int tabs; \ + size_t tabs; \ sprintf(tmp, "%sint%d_t" , pre, len); \ sprintf(tmp2, "typedef %s %s;", #TYPE, tmp); \ tabs = 5 - strlen(tmp2) / 8; \ @@ -113,7 +119,7 @@ int main(int argc, char **argv) FILE *f; int flag; const char *fn, *hb; - + if (argc > 1 && strcmp(argv[1], "--version") == 0) { printf("some version"); return 0; @@ -136,8 +142,8 @@ int main(int argc, char **argv) f = fopen(argv[1], "w"); } fprintf(f, "/* %s -- this file was generated for %s by\n", fn, HOST); - fprintf(f, " %*s %s */\n\n", (int)strlen(fn), "", - "$Id: bits.c 18703 2006-10-20 20:33:58Z lha $"); + fprintf(f, " %*s %s */\n\n", (int)strlen(fn), "", + "$Id$"); fprintf(f, "#ifndef %s\n", hb); fprintf(f, "#define %s\n", hb); fprintf(f, "\n"); @@ -157,7 +163,12 @@ int main(int argc, char **argv) fprintf(f, "#include \n"); #endif #ifdef HAVE_SOCKLEN_T +#ifndef WIN32 fprintf(f, "#include \n"); +#else + fprintf(f, "#include \n"); + fprintf(f, "#include \n"); +#endif #endif fprintf(f, "\n"); @@ -234,7 +245,53 @@ int main(int argc, char **argv) fprintf(f, "typedef int krb5_ssize_t;\n"); #endif fprintf(f, "\n"); + +#if defined(_WIN32) + fprintf(f, "typedef SOCKET krb5_socket_t;\n"); +#else + fprintf(f, "typedef int krb5_socket_t;\n"); +#endif + fprintf(f, "\n"); + #endif /* KRB5 */ + + fprintf(f, "#ifndef HEIMDAL_DEPRECATED\n"); + fprintf(f, "#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 )))\n"); + fprintf(f, "#define HEIMDAL_DEPRECATED __attribute__((deprecated))\n"); + fprintf(f, "#elif defined(_MSC_VER) && (_MSC_VER>1200)\n"); + fprintf(f, "#define HEIMDAL_DEPRECATED __declspec(deprecated)\n"); + fprintf(f, "#else\n"); + fprintf(f, "#define HEIMDAL_DEPRECATED\n"); + fprintf(f, "#endif\n"); + fprintf(f, "#endif\n"); + + fprintf(f, "#ifndef HEIMDAL_PRINTF_ATTRIBUTE\n"); + fprintf(f, "#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 )))\n"); + fprintf(f, "#define HEIMDAL_PRINTF_ATTRIBUTE(x) __attribute__((format x))\n"); + fprintf(f, "#else\n"); + fprintf(f, "#define HEIMDAL_PRINTF_ATTRIBUTE(x)\n"); + fprintf(f, "#endif\n"); + fprintf(f, "#endif\n"); + + fprintf(f, "#ifndef HEIMDAL_NORETURN_ATTRIBUTE\n"); + fprintf(f, "#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 )))\n"); + fprintf(f, "#define HEIMDAL_NORETURN_ATTRIBUTE __attribute__((noreturn))\n"); + fprintf(f, "#else\n"); + fprintf(f, "#define HEIMDAL_NORETURN_ATTRIBUTE\n"); + fprintf(f, "#endif\n"); + fprintf(f, "#endif\n"); + + fprintf(f, "#ifndef HEIMDAL_UNUSED_ATTRIBUTE\n"); + fprintf(f, "#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 )))\n"); + fprintf(f, "#define HEIMDAL_UNUSED_ATTRIBUTE __attribute__((unused))\n"); + fprintf(f, "#else\n"); + fprintf(f, "#define HEIMDAL_UNUSED_ATTRIBUTE\n"); + fprintf(f, "#endif\n"); + fprintf(f, "#endif\n"); + fprintf(f, "#endif /* %s */\n", hb); + + if (f != stdout) + fclose(f); return 0; } diff --git a/include/config.h.in b/include/config.h.in index 50cf5b19001d..4bd0782249c3 100644 --- a/include/config.h.in +++ b/include/config.h.in @@ -1,4 +1,4 @@ -/* include/config.h.in. Generated from configure.in by autoheader. */ +/* include/config.h.in. Generated from configure.ac by autoheader. */ #ifndef RCSID #define RCSID(msg) \ @@ -12,22 +12,45 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } #ifdef BUILD_KRB5_LIB -#ifndef KRB5_LIB_FUNCTION +#ifndef KRB5_LIB #ifdef _WIN32_ -#define KRB5_LIB_FUNCTION _export _stdcall +#define KRB5_LIB_FUNCTION __declspec(dllexport) +#define KRB5_LIB_CALL __stdcall +#define KRB5_LIB_VARIABLE __declspec(dllexport) #else #define KRB5_LIB_FUNCTION +#define KRB5_LIB_CALL +#define KRB5_LIB_VARIABLE #endif #endif #endif #ifdef BUILD_ROKEN_LIB -#ifndef ROKEN_LIB_FUNCTION +#ifndef ROKEN_LIB #ifdef _WIN32_ -#define ROKEN_LIB_FUNCTION _export _stdcall +#define ROKEN_LIB_FUNCTION __declspec(dllexport) +#define ROKEN_LIB_CALL __stdcall +#define ROKEN_LIB_VARIABLE __declspec(dllexport) #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL +#define ROKEN_LIB_VARIABLE +#endif +#endif +#endif + + +#ifdef BUILD_GSSAPI_LIB +#ifndef GSSAPI_LIB +#ifdef _WIN32_ +#define GSSAPI_LIB_FUNCTION __declspec(dllexport) +#define GSSAPI_LIB_CALL __stdcall +#define GSSAPI_LIB_VARIABLE __declspec(dllexport) +#else +#define GSSAPI_LIB_FUNCTION +#define GSSAPI_LIB_CALL +#define GSSAPI_LIB_VARIABLE #endif #endif #endif @@ -51,6 +74,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define this to enable diagnostics in telnet. */ #undef DIAGNOSTICS +/* Define to enable DIGEST. */ +#undef DIGEST + /* Define if want to use the weak AFS string to key functions. */ #undef ENABLE_AFS_STRING_TO_KEY @@ -100,6 +126,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the header file. */ #undef HAVE_ARPA_TELNET_H +/* Define to 1 if you have the header file. */ +#undef HAVE_ASL_H + /* Define to 1 if you have the `asnprintf' function. */ #undef HAVE_ASNPRINTF @@ -109,6 +138,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the `atexit' function. */ #undef HAVE_ATEXIT +/* Define to 1 if you have the `backtrace' function. */ +#undef HAVE_BACKTRACE + /* Define to 1 if you have the header file. */ #undef HAVE_BIND_BITYPES_H @@ -124,6 +156,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the header file. */ #undef HAVE_CAPABILITY_H +/* whether capng is available for privilege reduction */ +#undef HAVE_CAPNG + /* Define to 1 if you have the `cap_set_proc' function. */ #undef HAVE_CAP_SET_PROC @@ -136,6 +171,12 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define if you have the function `closefrom'. */ #undef HAVE_CLOSEFROM +/* Define to 1 if you have the header file. */ +#undef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_COMMONCRYPTO_COMMONDIGEST_H + /* Define to 1 if you have the header file. */ #undef HAVE_CONFIG_H @@ -157,7 +198,7 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* define if you have a berkeley db1/2 library */ #undef HAVE_DB1 -/* define if you have a berkeley db3/4 library */ +/* define if you have a berkeley db3/4/5 library */ #undef HAVE_DB3 /* Define to 1 if you have the header file. */ @@ -166,6 +207,12 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the header file. */ #undef HAVE_DB4_DB_H +/* Define to 1 if you have the header file. */ +#undef HAVE_DB5_DB_H + +/* Define if you have user supplied header location */ +#undef HAVE_DBHEADER + /* Define to 1 if you have the `dbm_firstkey' function. */ #undef HAVE_DBM_FIRSTKEY @@ -175,9 +222,6 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the `dbopen' function. */ #undef HAVE_DBOPEN -/* Define to 1 if you have the header file. */ -#undef HAVE_DB_185_H - /* Define to 1 if you have the `db_create' function. */ #undef HAVE_DB_CREATE @@ -238,12 +282,30 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the header file. */ #undef HAVE_DIRENT_H +/* have a dirfd function/macro */ +#undef HAVE_DIRFD + +/* Define if DIR has field dd_fd. */ +#undef HAVE_DIR_DD_FD + +/* Define to 1 if you have the `dispatch_async_f' function. */ +#undef HAVE_DISPATCH_ASYNC_F + +/* Define to 1 if you have the header file. */ +#undef HAVE_DISPATCH_DISPATCH_H + /* Define to 1 if you have the header file. */ #undef HAVE_DLFCN_H /* Define to 1 if you have the `dlopen' function. */ #undef HAVE_DLOPEN +/* Define to 1 if you have the header file. */ +#undef HAVE_DNS_H + +/* Define to 1 if you have the `dns_search' function. */ +#undef HAVE_DNS_SEARCH + /* Define to 1 if you have the `dn_expand' function. */ #undef HAVE_DN_EXPAND @@ -253,9 +315,6 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define if you have the function `ecalloc'. */ #undef HAVE_ECALLOC -/* Define to 1 if you have the `el_init' function. */ -#undef HAVE_EL_INIT - /* Define if you have the function `emalloc'. */ #undef HAVE_EMALLOC @@ -277,6 +336,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define if you have the function `estrdup'. */ #undef HAVE_ESTRDUP +/* Define to 1 if you have the header file. */ +#undef HAVE_EXECINFO_H + /* Define if you have the function `fchown'. */ #undef HAVE_FCHOWN @@ -295,9 +357,6 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the header file. */ #undef HAVE_FNMATCH_H -/* Define if el_init takes four arguments. */ -#undef HAVE_FOUR_VALUED_EL_INIT - /* Have -framework Security */ #undef HAVE_FRAMEWORK_SECURITY @@ -310,6 +369,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the `gai_strerror' function. */ #undef HAVE_GAI_STRERROR +/* Define if os support gcd. */ +#undef HAVE_GCD + /* Define to 1 if you have the header file. */ #undef HAVE_GDBM_NDBM_H @@ -485,6 +547,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the `loadquery' function. */ #undef HAVE_LOADQUERY +/* Define to 1 if you have the header file. */ +#undef HAVE_LOCALE_H + /* Define if you have the function `localtime_r'. */ #undef HAVE_LOCALTIME_R @@ -554,12 +619,6 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_TCP_H -/* Define if you want to use Netinfo instead of krb5.conf. */ -#undef HAVE_NETINFO - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETINFO_NI_H - /* Define to 1 if you have the header file. */ #undef HAVE_NET_IF_H @@ -617,6 +676,13 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define if you have a readline compatible library. */ #undef HAVE_READLINE +/* Define to 1 if you have the + <[readline.h])[][]_AH_CHECK_HEADER([readline/readline.h]> header file. */ +#undef HAVE_READLINE_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_READLINE_READLINE_H_ + /* Define if you have the function `readv'. */ #undef HAVE_READV @@ -647,6 +713,12 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if the system has the type `sa_family_t'. */ #undef HAVE_SA_FAMILY_T +/* Define if you want support for cache in sqlite. */ +#undef HAVE_SCC + +/* Define to 1 if you have the header file. */ +#undef HAVE_SEARCH_H + /* Define to 1 if you have the header file. */ #undef HAVE_SECURITY_PAM_MODULES_H @@ -737,6 +809,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if the system has the type `socklen_t'. */ #undef HAVE_SOCKLEN_T +/* Define if you want support for sqlite in Heimdal. */ +#undef HAVE_SQLITE3 + /* Define to 1 if the system has the type `ssize_t'. */ #undef HAVE_SSIZE_T @@ -758,6 +833,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define if you have the function `strerror'. */ #undef HAVE_STRERROR +/* Define if you have the function strerror_r. */ +#undef HAVE_STRERROR_R + /* Define if you have the function `strftime'. */ #undef HAVE_STRFTIME @@ -803,6 +881,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the `strsvis' function. */ #undef HAVE_STRSVIS +/* Define to 1 if you have the `strsvisx' function. */ +#undef HAVE_STRSVISX + /* Define if you have the function `strtok_r'. */ #undef HAVE_STRTOK_R @@ -839,9 +920,30 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define if struct utmpx has field ut_exit. */ #undef HAVE_STRUCT_UTMPX_UT_EXIT +/* Define if struct utmpx has field ut_host. */ +#undef HAVE_STRUCT_UTMPX_UT_HOST + +/* Define if struct utmpx has field ut_id. */ +#undef HAVE_STRUCT_UTMPX_UT_ID + +/* Define if struct utmpx has field ut_line. */ +#undef HAVE_STRUCT_UTMPX_UT_LINE + +/* Define if struct utmpx has field ut_pid. */ +#undef HAVE_STRUCT_UTMPX_UT_PID + /* Define if struct utmpx has field ut_syslen. */ #undef HAVE_STRUCT_UTMPX_UT_SYSLEN +/* Define if struct utmpx has field ut_tv. */ +#undef HAVE_STRUCT_UTMPX_UT_TV + +/* Define if struct utmpx has field ut_type. */ +#undef HAVE_STRUCT_UTMPX_UT_TYPE + +/* Define if struct utmpx has field ut_user. */ +#undef HAVE_STRUCT_UTMPX_UT_USER + /* Define if struct utmp has field ut_addr. */ #undef HAVE_STRUCT_UTMP_UT_ADDR @@ -1001,6 +1103,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the header file. */ #undef HAVE_SYS_WAIT_H +/* Define to 1 if you have the `tdelete' function. */ +#undef HAVE_TDELETE + /* Define to 1 if you have the header file. */ #undef HAVE_TERMCAP_H @@ -1013,6 +1118,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the header file. */ #undef HAVE_TERM_H +/* Define to 1 if you have the `tfind' function. */ +#undef HAVE_TFIND + /* Define to 1 if you have the `tgetent' function. */ #undef HAVE_TGETENT @@ -1028,12 +1136,18 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to 1 if you have the header file. */ #undef HAVE_TMPDIR_H +/* Define if you have the function `tsearch'. */ +#undef HAVE_TSEARCH + /* Define to 1 if you have the `ttyname' function. */ #undef HAVE_TTYNAME /* Define to 1 if you have the `ttyslot' function. */ #undef HAVE_TTYSLOT +/* Define to 1 if you have the `twalk' function. */ +#undef HAVE_TWALK + /* Define to 1 if you have the header file. */ #undef HAVE_UDB_H @@ -1136,9 +1250,15 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define if you have the function `warnx'. */ #undef HAVE_WARNX +/* Define to 1 if you have the header file. */ +#undef HAVE_WINSOCK2_H + /* Define if you have the function `writev'. */ #undef HAVE_WRITEV +/* Define to 1 if you have the header file. */ +#undef HAVE_WS2TCPIP_H + /* define if struct winsize has ws_xpixel */ #undef HAVE_WS_XPIXEL @@ -1172,24 +1292,40 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define if you have the `__progname' variable. */ #undef HAVE___PROGNAME +/* have __sync_add_and_fetch */ +#undef HAVE___SYNC_ADD_AND_FETCH + +/* Define if you want support for weak crypto */ +#undef HEIM_WEAK_CRYPTO + /* Define if you have the hesiod package. */ #undef HESIOD -/* Define if you are running IRIX 4. */ -#undef IRIX4 - /* Enable Kerberos 5 support in applications. */ #undef KRB5 +/* Define to enable kx509. */ +#undef KX509 + /* path to lib */ #undef LIBDIR +/* Define if you have the libedit package. */ +#undef LIBEDIT + /* path to libexec */ #undef LIBEXECDIR +/* Define if you have the libintl package. */ +#undef LIBINTL + /* path to localstate */ #undef LOCALSTATEDIR +/* Define to the sub-directory in which libtool stores uninstalled libraries. + */ +#undef LT_OBJDIR + /* define if the system is missing a prototype for asnprintf() */ #undef NEED_ASNPRINTF_PROTO @@ -1223,6 +1359,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* define if the system is missing a prototype for mkstemp() */ #undef NEED_MKSTEMP_PROTO +/* if your qsort is not a stable sort */ +#undef NEED_QSORT + /* define if the system is missing a prototype for SecKeyGetCSPHandle() */ #undef NEED_SECKEYGETCSPHANDLE_PROTO @@ -1238,6 +1377,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* define if the system is missing a prototype for strsep() */ #undef NEED_STRSEP_PROTO +/* define if the system is missing a prototype for strsvisx() */ +#undef NEED_STRSVISX_PROTO + /* define if the system is missing a prototype for strsvis() */ #undef NEED_STRSVIS_PROTO @@ -1314,6 +1456,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to the one symbol short name of this package. */ #undef PACKAGE_TARNAME +/* Define to the home page for this package. */ +#undef PACKAGE_URL + /* Define to the version of this package. */ #undef PACKAGE_VERSION @@ -1338,12 +1483,25 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define if you want to use samba socket wrappers. */ #undef SOCKET_WRAPPER_REPLACE +/* Define if you have the sqlite3 package. */ +#undef SQLITE3 + /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS /* Define if you have streams ptys. */ #undef STREAMSPTY +/* define if prototype of strerror_r is compatible with int strerror_r(int, + char *, size_t) */ +#undef STRERROR_R_PROTO_COMPATIBLE + +/* Define if os support want to detach is daemonens. */ +#undef SUPPORT_DETACH + +/* Enable use of inetd style startup. */ +#undef SUPPORT_INETD + /* path to sysconf */ #undef SYSCONFDIR @@ -1372,6 +1530,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } `char[]'. */ #undef YYTEXT_POINTER +/* Required for functional/sane headers on AIX */ +#undef _ALL_SOURCE + /* Number of bits in a file offset, on hosts where this is settable. */ #undef _FILE_OFFSET_BITS @@ -1402,6 +1563,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to `int' if does not define. */ #undef pid_t +/* Path name delimiter */ +#undef rk_PATH_DELIM + /* Define this to what the type sig_atomic_t should be. */ #undef sig_atomic_t @@ -1411,6 +1575,18 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } /* Define to `int' if doesn't define. */ #undef uid_t +#if _AIX +/* XXX this is gross, but kills about a gazillion warnings */ +struct ether_addr; +struct sockaddr; +struct sockaddr_dl; +struct sockaddr_in; +#endif + +#ifdef __APPLE__ +#include +#endif + #ifdef ROKEN_RENAME #include "roken_rename.h" #endif @@ -1426,7 +1602,7 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } #endif -#if ENDIANESS_IN_SYS_PARAM_H +#ifdef ENDIANESS_IN_SYS_PARAM_H # include # include # if BYTE_ORDER == BIG_ENDIAN @@ -1435,27 +1611,8 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } #endif -#if _AIX -#define _ALL_SOURCE -/* XXX this is gross, but kills about a gazillion warnings */ -struct ether_addr; -struct sockaddr; -struct sockaddr_dl; -struct sockaddr_in; -#endif -/* IRIX 4 braindamage */ -#if IRIX == 4 && !defined(__STDC__) -#define __STDC__ 0 -#endif - - - -#if defined(ENCRYPTION) && !defined(AUTHENTICATION) -#define AUTHENTICATION 1 -#endif - /* Set this to the default system lead string for telnetd * can contain %-escapes: %s=sysname, %m=machine, %r=os-release * %v=os-version, %t=tty, %h=hostname, %d=date and time diff --git a/include/crypto-headers.h b/include/crypto-headers.h new file mode 100644 index 000000000000..a23aaf86e905 --- /dev/null +++ b/include/crypto-headers.h @@ -0,0 +1,57 @@ +#ifndef __crypto_header__ +#define __crypto_header__ + +#ifndef PACKAGE_NAME +#error "need config.h" +#endif + +#ifdef HAVE_OPENSSL + +#define OPENSSL_DES_LIBDES_COMPATIBILITY + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#ifndef BN_is_negative +#define BN_set_negative(bn, flag) ((bn)->neg=(flag)?1:0) +#define BN_is_negative(bn) ((bn)->neg != 0) +#endif + +#else /* !HAVE_OPENSSL */ + +#ifdef KRB5 +#include +#endif + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#endif /* HAVE_OPENSSL */ + +#endif /* __crypto_header__ */ diff --git a/include/gssapi/Makefile.am b/include/gssapi/Makefile.am index 717339557418..c0b050864339 100644 --- a/include/gssapi/Makefile.am +++ b/include/gssapi/Makefile.am @@ -1,6 +1,7 @@ -# $Id: Makefile.am 18701 2006-10-20 20:32:01Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -CLEANFILES = gssapi.h gssapi_krb5.h gssapi_spnego.h +CLEANFILES = gssapi.h gssapi_krb5.h gssapi_spnego.h gssapi_ntlm.h gssapi_oid.h +EXTRA_DIST = NTMakefile diff --git a/include/gssapi/Makefile.in b/include/gssapi/Makefile.in index 0aef05ddffe6..f8ef1bce6fc1 100644 --- a/include/gssapi/Makefile.in +++ b/include/gssapi/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +15,16 @@ @SET_MAKE@ -# $Id: Makefile.am 18701 2006-10-20 20:32:01Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -43,7 +45,7 @@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ subdir = include/gssapi ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -58,7 +60,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -72,9 +74,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -82,14 +87,13 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = +CONFIG_CLEAN_VPATH_FILES = SOURCES = DIST_SOURCES = DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -97,49 +101,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -163,10 +176,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -183,6 +197,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -198,31 +214,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -237,10 +267,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -281,47 +313,53 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -CLEANFILES = gssapi.h gssapi_krb5.h gssapi_spnego.h +CLEANFILES = gssapi.h gssapi_krb5.h gssapi_spnego.h gssapi_ntlm.h gssapi_oid.h +EXTRA_DIST = NTMakefile all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps include/gssapi/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps include/gssapi/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/gssapi/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign include/gssapi/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -339,6 +377,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): mostlyclean-libtool: -rm -f *.lo @@ -368,13 +407,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -407,6 +450,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -425,6 +469,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -432,23 +478,31 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am @@ -470,9 +524,8 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: all all-am all-local check check-am check-local clean \ clean-generic clean-libtool dist-hook distclean \ @@ -556,6 +609,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -641,7 +697,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -654,6 +710,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/include/gssapi/NTMakefile b/include/gssapi/NTMakefile new file mode 100644 index 000000000000..2f0e83b33104 --- /dev/null +++ b/include/gssapi/NTMakefile @@ -0,0 +1,34 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=include\gssapi + +!include ../../windows/NTMakefile.w32 diff --git a/include/hcrypto/Makefile.am b/include/hcrypto/Makefile.am index c5299a387cad..4b76909d6468 100644 --- a/include/hcrypto/Makefile.am +++ b/include/hcrypto/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 16553 2006-01-13 13:43:32Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -8,8 +8,13 @@ CLEANFILES = \ des.h \ dh.h \ dsa.h \ + ec.h \ + ecdsa.h \ + ecdh.h \ engine.h \ evp.h \ + evp-hcrypto.h \ + evp-cc.h \ hmac.h \ md2.h \ md4.h \ @@ -21,3 +26,5 @@ CLEANFILES = \ rsa.h \ sha.h \ ui.h + +EXTRA_DIST = NTMakefile diff --git a/include/hcrypto/Makefile.in b/include/hcrypto/Makefile.in index 9896a2ad03f2..a03944094996 100644 --- a/include/hcrypto/Makefile.in +++ b/include/hcrypto/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +15,16 @@ @SET_MAKE@ -# $Id: Makefile.am 16553 2006-01-13 13:43:32Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -43,7 +45,7 @@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ subdir = include/hcrypto ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -58,7 +60,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -72,9 +74,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -82,14 +87,13 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = +CONFIG_CLEAN_VPATH_FILES = SOURCES = DIST_SOURCES = DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -97,49 +101,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -163,10 +176,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -183,6 +197,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -198,31 +214,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -237,10 +267,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -281,29 +313,34 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la CLEANFILES = \ aes.h \ @@ -311,8 +348,13 @@ CLEANFILES = \ des.h \ dh.h \ dsa.h \ + ec.h \ + ecdsa.h \ + ecdh.h \ engine.h \ evp.h \ + evp-hcrypto.h \ + evp-cc.h \ hmac.h \ md2.h \ md4.h \ @@ -325,22 +367,23 @@ CLEANFILES = \ sha.h \ ui.h +EXTRA_DIST = NTMakefile all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps include/hcrypto/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps include/hcrypto/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/hcrypto/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign include/hcrypto/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -358,6 +401,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): mostlyclean-libtool: -rm -f *.lo @@ -387,13 +431,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -426,6 +474,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -444,6 +493,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -451,23 +502,31 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am @@ -489,9 +548,8 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: all all-am all-local check check-am check-local clean \ clean-generic clean-libtool dist-hook distclean \ @@ -575,6 +633,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -660,7 +721,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -673,6 +734,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/include/hcrypto/NTMakefile b/include/hcrypto/NTMakefile new file mode 100644 index 000000000000..fd56cec73442 --- /dev/null +++ b/include/hcrypto/NTMakefile @@ -0,0 +1,34 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=include\hcrypto + +!include ../../windows/NTMakefile.w32 diff --git a/lib/krb5/heim_threads.h b/include/heim_threads.h similarity index 82% rename from lib/krb5/heim_threads.h rename to include/heim_threads.h index 3c27d13d81b9..8ff677f3309c 100644 --- a/lib/krb5/heim_threads.h +++ b/include/heim_threads.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: heim_threads.h 14409 2004-12-18 16:03:38Z lha $ */ +/* $Id$ */ /* * Provide wrapper macros for thread synchronization primitives so we @@ -50,7 +50,7 @@ #if defined(__NetBSD__) && __NetBSD_Version__ >= 106120000 && __NetBSD_Version__< 299001200 && defined(ENABLE_PTHREAD_SUPPORT) -/* +/* * NetBSD have a thread lib that we can use that part of libc that * works regardless if application are linked to pthreads or not. * NetBSD newer then 2.99.11 just use pthread.h, and the same thing @@ -67,13 +67,13 @@ #define HEIMDAL_RWLOCK rwlock_t #define HEIMDAL_RWLOCK_INITIALIZER RWLOCK_INITIALIZER -#define HEIMDAL_RWLOCK_init(l) rwlock_init(l, NULL) -#define HEIMDAL_RWLOCK_rdlock(l) rwlock_rdlock(l) -#define HEIMDAL_RWLOCK_wrlock(l) rwlock_wrlock(l) -#define HEIMDAL_RWLOCK_tryrdlock(l) rwlock_tryrdlock(l) -#define HEIMDAL_RWLOCK_trywrlock(l) rwlock_trywrlock(l) -#define HEIMDAL_RWLOCK_unlock(l) rwlock_unlock(l) -#define HEIMDAL_RWLOCK_destroy(l) rwlock_destroy(l) +#define HEIMDAL_RWLOCK_init(l) rwlock_init(l, NULL) +#define HEIMDAL_RWLOCK_rdlock(l) rwlock_rdlock(l) +#define HEIMDAL_RWLOCK_wrlock(l) rwlock_wrlock(l) +#define HEIMDAL_RWLOCK_tryrdlock(l) rwlock_tryrdlock(l) +#define HEIMDAL_RWLOCK_trywrlock(l) rwlock_trywrlock(l) +#define HEIMDAL_RWLOCK_unlock(l) rwlock_unlock(l) +#define HEIMDAL_RWLOCK_destroy(l) rwlock_destroy(l) #define HEIMDAL_thread_key thread_key_t #define HEIMDAL_key_create(k,d,r) do { r = thr_keycreate(k,d); } while(0) @@ -94,13 +94,13 @@ #define HEIMDAL_RWLOCK rwlock_t #define HEIMDAL_RWLOCK_INITIALIZER RWLOCK_INITIALIZER -#define HEIMDAL_RWLOCK_init(l) pthread_rwlock_init(l, NULL) -#define HEIMDAL_RWLOCK_rdlock(l) pthread_rwlock_rdlock(l) -#define HEIMDAL_RWLOCK_wrlock(l) pthread_rwlock_wrlock(l) -#define HEIMDAL_RWLOCK_tryrdlock(l) pthread_rwlock_tryrdlock(l) -#define HEIMDAL_RWLOCK_trywrlock(l) pthread_rwlock_trywrlock(l) -#define HEIMDAL_RWLOCK_unlock(l) pthread_rwlock_unlock(l) -#define HEIMDAL_RWLOCK_destroy(l) pthread_rwlock_destroy(l) +#define HEIMDAL_RWLOCK_init(l) pthread_rwlock_init(l, NULL) +#define HEIMDAL_RWLOCK_rdlock(l) pthread_rwlock_rdlock(l) +#define HEIMDAL_RWLOCK_wrlock(l) pthread_rwlock_wrlock(l) +#define HEIMDAL_RWLOCK_tryrdlock(l) pthread_rwlock_tryrdlock(l) +#define HEIMDAL_RWLOCK_trywrlock(l) pthread_rwlock_trywrlock(l) +#define HEIMDAL_RWLOCK_unlock(l) pthread_rwlock_unlock(l) +#define HEIMDAL_RWLOCK_destroy(l) pthread_rwlock_destroy(l) #define HEIMDAL_thread_key pthread_key_t #define HEIMDAL_key_create(k,d,r) do { r = pthread_key_create(k,d); } while(0) diff --git a/include/kadm5/Makefile.am b/include/kadm5/Makefile.am index 6ccf564d30c2..d0ce25d3f67e 100644 --- a/include/kadm5/Makefile.am +++ b/include/kadm5/Makefile.am @@ -1,5 +1,8 @@ -# $Id: Makefile.am 18696 2006-10-20 20:25:13Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -CLEANFILES = admin.h kadm5_err.h private.h kadm5-private.h kadm5-protos.h +CLEANFILES = admin.h kadm5_err.h private.h +CLEANFILES += kadm5-private.h kadm5-protos.h kadm5-pwcheck.h + +EXTRA_DIST = NTMakefile diff --git a/include/kadm5/Makefile.in b/include/kadm5/Makefile.in index a553ab99d0c1..f0bccb1f2cc6 100644 --- a/include/kadm5/Makefile.in +++ b/include/kadm5/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +15,16 @@ @SET_MAKE@ -# $Id: Makefile.am 18696 2006-10-20 20:25:13Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -43,7 +45,7 @@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ subdir = include/kadm5 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -58,7 +60,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -72,9 +74,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -82,14 +87,13 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = +CONFIG_CLEAN_VPATH_FILES = SOURCES = DIST_SOURCES = DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -97,49 +101,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -163,10 +176,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -183,6 +197,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -198,31 +214,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -237,10 +267,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -281,47 +313,54 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -CLEANFILES = admin.h kadm5_err.h private.h kadm5-private.h kadm5-protos.h +CLEANFILES = admin.h kadm5_err.h private.h kadm5-private.h \ + kadm5-protos.h kadm5-pwcheck.h +EXTRA_DIST = NTMakefile all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps include/kadm5/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps include/kadm5/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/kadm5/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign include/kadm5/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -339,6 +378,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): mostlyclean-libtool: -rm -f *.lo @@ -368,13 +408,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -407,6 +451,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -425,6 +470,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -432,23 +479,31 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am @@ -470,9 +525,8 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: all all-am all-local check check-am check-local clean \ clean-generic clean-libtool dist-hook distclean \ @@ -556,6 +610,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -641,7 +698,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -654,6 +711,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/include/kadm5/NTMakefile b/include/kadm5/NTMakefile new file mode 100644 index 000000000000..26fc8d02b0d1 --- /dev/null +++ b/include/kadm5/NTMakefile @@ -0,0 +1,34 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=include\kadm5 + +!include ../../windows/NTMakefile.w32 diff --git a/include/krb5-types.cross b/include/krb5-types.cross new file mode 100644 index 000000000000..ee43abd4a6ef --- /dev/null +++ b/include/krb5-types.cross @@ -0,0 +1,61 @@ +/* + * generic krb5-types.h for cross compiling, assume system is posix/sus + */ + +#ifndef __krb5_types_h__ +#define __krb5_types_h__ + +#include +#include +#include + +typedef socklen_t krb5_socklen_t; +#include +typedef ssize_t krb5_ssize_t; + +#if !defined(__has_extension) +#define __has_extension(x) 0 +#endif + +#define KRB5TYPES_REQUIRE_GNUC(m,n,p) \ + (((__GNUC__ * 10000) + (__GNUC_MINOR__ * 100) + __GNUC_PATCHLEVEL__) >= \ + (((m) * 10000) + ((n) * 100) + (p))) + + +#ifndef HEIMDAL_DEPRECATED +#if __has_extension(deprecated) || KRB5TYPES_REQUIRE_GNUC(3,1,0) +#define HEIMDAL_DEPRECATED __attribute__((deprecated)) +#elif defined(_MSC_VER) && (_MSC_VER>1200) +#define HEIMDAL_DEPRECATED __declspec(deprecated) +#else +#define HEIMDAL_DEPRECATED +#endif +#endif + +#ifndef HEIMDAL_PRINTF_ATTRIBUTE +#if __has_extension(format) || KRB5TYPES_REQUIRE_GNUC(3,1,0) +#define HEIMDAL_PRINTF_ATTRIBUTE(x) __attribute__((format x)) +#else +#define HEIMDAL_PRINTF_ATTRIBUTE(x) +#endif +#endif + +#ifndef HEIMDAL_NORETURN_ATTRIBUTE +#if __has_extension(noreturn) || KRB5TYPES_REQUIRE_GNUC(3,1,0) +#define HEIMDAL_NORETURN_ATTRIBUTE __attribute__((noreturn)) +#else +#define HEIMDAL_NORETURN_ATTRIBUTE +#endif +#endif + +#ifndef HEIMDAL_UNUSED_ATTRIBUTE +#if __has_extension(unused) || KRB5TYPES_REQUIRE_GNUC(3,1,0) +#define HEIMDAL_UNUSED_ATTRIBUTE __attribute__((unused)) +#else +#define HEIMDAL_UNUSED_ATTRIBUTE +#endif +#endif + +typedef int krb5_socket_t; + +#endif /* __krb5_types_h__ */ diff --git a/include/make_crypto.c b/include/make_crypto.c deleted file mode 100644 index 2df17a555e88..000000000000 --- a/include/make_crypto.c +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Copyright (c) 2002 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: make_crypto.c 19477 2006-12-20 19:51:53Z lha $"); -#endif -#include -#include -#include -#include - -int -main(int argc, char **argv) -{ - char *p; - FILE *f; - if(argc != 2) { - fprintf(stderr, "Usage: make_crypto file\n"); - exit(1); - } - if (strcmp(argv[1], "--version") == 0) { - printf("some version"); - return 0; - } - f = fopen(argv[1], "w"); - if(f == NULL) { - perror(argv[1]); - exit(1); - } - for(p = argv[1]; *p; p++) - if(!isalnum((unsigned char)*p)) - *p = '_'; - fprintf(f, "#ifndef __%s__\n", argv[1]); - fprintf(f, "#define __%s__\n", argv[1]); -#ifdef HAVE_OPENSSL - fputs("#ifndef OPENSSL_DES_LIBDES_COMPATIBILITY\n", f); - fputs("#define OPENSSL_DES_LIBDES_COMPATIBILITY\n", f); - fputs("#endif\n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#ifndef BN_is_negative\n", f); - fputs("#define BN_set_negative(bn, flag) ((bn)->neg=(flag)?1:0)\n", f); - fputs("#define BN_is_negative(bn) ((bn)->neg != 0)\n", f); - fputs("#endif\n", f); -#else - fputs("#ifdef KRB5\n", f); - fputs("#include \n", f); - fputs("#endif\n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); -#endif - fprintf(f, "#endif /* __%s__ */\n", argv[1]); - fclose(f); - exit(0); -} diff --git a/install-sh b/install-sh index 4fbbae7b7ff9..6781b987bdbc 100755 --- a/install-sh +++ b/install-sh @@ -1,7 +1,7 @@ #!/bin/sh # install - install a program, script, or datafile -scriptversion=2006-10-14.15 +scriptversion=2009-04-28.21; # UTC # This originates from X11R5 (mit/util/scripts/install.sh), which was # later released in X11R6 (xc/config/util/install.sh) with the @@ -48,7 +48,7 @@ IFS=" "" $nl" # set DOITPROG to echo to test this script # Don't use :- since 4.3BSD and earlier shells don't like it. -doit="${DOITPROG-}" +doit=${DOITPROG-} if test -z "$doit"; then doit_exec=exec else @@ -58,34 +58,49 @@ fi # Put in absolute file names if you don't have them in your path; # or use environment vars. -mvprog="${MVPROG-mv}" -cpprog="${CPPROG-cp}" -chmodprog="${CHMODPROG-chmod}" -chownprog="${CHOWNPROG-chown}" -chgrpprog="${CHGRPPROG-chgrp}" -stripprog="${STRIPPROG-strip}" -rmprog="${RMPROG-rm}" -mkdirprog="${MKDIRPROG-mkdir}" +chgrpprog=${CHGRPPROG-chgrp} +chmodprog=${CHMODPROG-chmod} +chownprog=${CHOWNPROG-chown} +cmpprog=${CMPPROG-cmp} +cpprog=${CPPROG-cp} +mkdirprog=${MKDIRPROG-mkdir} +mvprog=${MVPROG-mv} +rmprog=${RMPROG-rm} +stripprog=${STRIPPROG-strip} + +posix_glob='?' +initialize_posix_glob=' + test "$posix_glob" != "?" || { + if (set -f) 2>/dev/null; then + posix_glob= + else + posix_glob=: + fi + } +' -posix_glob= posix_mkdir= # Desired mode of installed file. mode=0755 +chgrpcmd= chmodcmd=$chmodprog chowncmd= -chgrpcmd= -stripcmd= +mvcmd=$mvprog rmcmd="$rmprog -f" -mvcmd="$mvprog" +stripcmd= + src= dst= dir_arg= -dstarg= +dst_arg= + +copy_on_change=false no_target_directory= -usage="Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE +usage="\ +Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE or: $0 [OPTION]... SRCFILES... DIRECTORY or: $0 [OPTION]... -t DIRECTORY SRCFILES... or: $0 [OPTION]... -d DIRECTORIES... @@ -95,65 +110,55 @@ In the 2nd and 3rd, copy all SRCFILES to DIRECTORY. In the 4th, create DIRECTORIES. Options: --c (ignored) --d create directories instead of installing files. --g GROUP $chgrpprog installed files to GROUP. --m MODE $chmodprog installed files to MODE. --o USER $chownprog installed files to USER. --s $stripprog installed files. --t DIRECTORY install into DIRECTORY. --T report an error if DSTFILE is a directory. ---help display this help and exit. ---version display version info and exit. + --help display this help and exit. + --version display version info and exit. + + -c (ignored) + -C install only if different (preserve the last data modification time) + -d create directories instead of installing files. + -g GROUP $chgrpprog installed files to GROUP. + -m MODE $chmodprog installed files to MODE. + -o USER $chownprog installed files to USER. + -s $stripprog installed files. + -t DIRECTORY install into DIRECTORY. + -T report an error if DSTFILE is a directory. Environment variables override the default commands: - CHGRPPROG CHMODPROG CHOWNPROG CPPROG MKDIRPROG MVPROG RMPROG STRIPPROG + CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG + RMPROG STRIPPROG " while test $# -ne 0; do case $1 in - -c) shift - continue;; + -c) ;; - -d) dir_arg=true - shift - continue;; + -C) copy_on_change=true;; + + -d) dir_arg=true;; -g) chgrpcmd="$chgrpprog $2" - shift - shift - continue;; + shift;; --help) echo "$usage"; exit $?;; -m) mode=$2 - shift - shift case $mode in *' '* | *' '* | *' '* | *'*'* | *'?'* | *'['*) echo "$0: invalid mode: $mode" >&2 exit 1;; esac - continue;; + shift;; -o) chowncmd="$chownprog $2" - shift - shift - continue;; + shift;; - -s) stripcmd=$stripprog - shift - continue;; + -s) stripcmd=$stripprog;; - -t) dstarg=$2 - shift - shift - continue;; + -t) dst_arg=$2 + shift;; - -T) no_target_directory=true - shift - continue;; + -T) no_target_directory=true;; --version) echo "$0 $scriptversion"; exit $?;; @@ -165,21 +170,22 @@ while test $# -ne 0; do *) break;; esac + shift done -if test $# -ne 0 && test -z "$dir_arg$dstarg"; then +if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then # When -d is used, all remaining arguments are directories to create. # When -t is used, the destination is already specified. # Otherwise, the last argument is the destination. Remove it from $@. for arg do - if test -n "$dstarg"; then + if test -n "$dst_arg"; then # $@ is not empty: it contains at least $arg. - set fnord "$@" "$dstarg" + set fnord "$@" "$dst_arg" shift # fnord fi shift # arg - dstarg=$arg + dst_arg=$arg done fi @@ -224,7 +230,7 @@ for src do # Protect names starting with `-'. case $src in - -*) src=./$src ;; + -*) src=./$src;; esac if test -n "$dir_arg"; then @@ -242,22 +248,22 @@ do exit 1 fi - if test -z "$dstarg"; then + if test -z "$dst_arg"; then echo "$0: no destination specified." >&2 exit 1 fi - dst=$dstarg + dst=$dst_arg # Protect names starting with `-'. case $dst in - -*) dst=./$dst ;; + -*) dst=./$dst;; esac # If destination is a directory, append the input filename; won't work # if double slashes aren't ignored. if test -d "$dst"; then if test -n "$no_target_directory"; then - echo "$0: $dstarg: Is a directory" >&2 + echo "$0: $dst_arg: Is a directory" >&2 exit 1 fi dstdir=$dst @@ -378,26 +384,19 @@ do # directory the slow way, step by step, checking for races as we go. case $dstdir in - /*) prefix=/ ;; - -*) prefix=./ ;; - *) prefix= ;; + /*) prefix='/';; + -*) prefix='./';; + *) prefix='';; esac - case $posix_glob in - '') - if (set -f) 2>/dev/null; then - posix_glob=true - else - posix_glob=false - fi ;; - esac + eval "$initialize_posix_glob" oIFS=$IFS IFS=/ - $posix_glob && set -f + $posix_glob set -f set fnord $dstdir shift - $posix_glob && set +f + $posix_glob set +f IFS=$oIFS prefixes= @@ -459,41 +458,54 @@ do # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $cpprog $src $dsttmp" command. # - { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } \ - && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } \ - && { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } \ - && { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && + { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } && + { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } && + { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } && + { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && - # Now rename the file to the real destination. - { $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null \ - || { - # The rename failed, perhaps because mv can't rename something else - # to itself, or perhaps because mv is so ancient that it does not - # support -f. + # If -C, don't bother to copy if it wouldn't change the file. + if $copy_on_change && + old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` && + new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` && - # Now remove or move aside any old file at destination location. - # We try this two ways since rm can't unlink itself on some - # systems and the destination file might be busy for other - # reasons. In this case, the final cleanup might fail but the new - # file should still install successfully. - { - if test -f "$dst"; then - $doit $rmcmd -f "$dst" 2>/dev/null \ - || { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null \ - && { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }; }\ - || { - echo "$0: cannot unlink or rename $dst" >&2 - (exit 1); exit 1 - } - else - : - fi - } && + eval "$initialize_posix_glob" && + $posix_glob set -f && + set X $old && old=:$2:$4:$5:$6 && + set X $new && new=:$2:$4:$5:$6 && + $posix_glob set +f && - # Now rename the file to the real destination. - $doit $mvcmd "$dsttmp" "$dst" - } - } || exit 1 + test "$old" = "$new" && + $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1 + then + rm -f "$dsttmp" + else + # Rename the file to the real destination. + $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null || + + # The rename failed, perhaps because mv can't rename something else + # to itself, or perhaps because mv is so ancient that it does not + # support -f. + { + # Now remove or move aside any old file at destination location. + # We try this two ways since rm can't unlink itself on some + # systems and the destination file might be busy for other + # reasons. In this case, the final cleanup might fail but the new + # file should still install successfully. + { + test ! -f "$dst" || + $doit $rmcmd -f "$dst" 2>/dev/null || + { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null && + { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; } + } || + { echo "$0: cannot unlink or rename $dst" >&2 + (exit 1); exit 1 + } + } && + + # Now rename the file to the real destination. + $doit $mvcmd "$dsttmp" "$dst" + } + fi || exit 1 trap '' 0 fi @@ -503,5 +515,6 @@ done # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" # End: diff --git a/kadmin/ChangeLog b/kadmin/ChangeLog index ef1d458127fe..05dc1b1f11ce 100644 --- a/kadmin/ChangeLog +++ b/kadmin/ChangeLog @@ -1,20 +1,24 @@ -2007-12-09 Love Hörnquist Åstrand +2008-04-07 Love Hörnquist Ã…strand + + * kadm_conn.c: Use unsigned where appropriate. + +2007-12-09 Love Hörnquist Ã…strand * kadmin.c: Use hdb_db_dir(). * kadmind.c: Use hdb_db_dir(). -2007-07-26 Love Hörnquist Åstrand +2007-07-26 Love Hörnquist Ã…strand * util.c: Clear error string, just to be sure. -2007-05-10 Love Hörnquist Åstrand +2007-05-10 Love Hörnquist Ã…strand * kadmin-commands.in: modify --pkinit-acl * mod.c: add pk-init command -2007-02-22 Love Hörnquist Åstrand +2007-02-22 Love Hörnquist Ã…strand * kadmin.8: document kadmin add_enctype functionallity. @@ -25,7 +29,7 @@ * add_enctype.c: Add support for adding a random key enctype to a principal. -2007-02-17 Love Hörnquist Åstrand +2007-02-17 Love Hörnquist Ã…strand * mod.c: add setting and displaying aliases @@ -33,7 +37,7 @@ * kadmin-commands.in: add setting and displaying aliases -2006-12-22 Love Hörnquist Åstrand +2006-12-22 Love Hörnquist Ã…strand * util.c: Make str2time_t parser more robust. @@ -41,51 +45,51 @@ * test_util.c: Test str2time_t parser. -2006-12-05 Love Hörnquist Åstrand +2006-12-05 Love Hörnquist Ã…strand * add-random-users.c: Use strcspn to remove \n from fgets - result. Prompted by change by Ray Lai of OpenBSD via Björn + result. Prompted by change by Ray Lai of OpenBSD via Björn Sandell. -2006-10-22 Love Hörnquist Åstrand +2006-10-22 Love Hörnquist Ã…strand * mod.c: Try to not leak memory. * check.c: Try to not leak memory. -2006-10-07 Love Hörnquist Åstrand +2006-10-07 Love Hörnquist Ã…strand * Makefile.am: split build files into dist_ and noinst_ SOURCES -2006-08-28 Love Hörnquist Åstrand +2006-08-28 Love Hörnquist Ã…strand * kadmin.c (help): use sl_slc_help(). -2006-08-24 Love Hörnquist Åstrand +2006-08-24 Love Hörnquist Ã…strand * util.c: Add KRB5_KDB_ALLOW_DIGEST -2006-07-14 Love Hörnquist Åstrand +2006-07-14 Love Hörnquist Ã…strand * get.c (format_field): optionally print issuer and anchor. -2006-06-21 Love Hörnquist Åstrand +2006-06-21 Love Hörnquist Ã…strand * check.c: Check if afs@REALM and afs/cellname@REALM both exists. -2006-06-14 Love Hörnquist Åstrand +2006-06-14 Love Hörnquist Ã…strand * util.c (kdb_attrs): Add KRB5_KDB_ALLOW_KERBEROS4 -2006-06-07 Love Hörnquist Åstrand +2006-06-07 Love Hörnquist Ã…strand * mod.c (do_mod_entry): Add setting 1 delegation entry -2006-06-01 Love Hörnquist Åstrand +2006-06-01 Love Hörnquist Ã…strand * server.c: Less shadowing. -2006-05-13 Love Hörnquist Åstrand +2006-05-13 Love Hörnquist Ã…strand * Makefile.am: kadmin_SOURCES += add check.c @@ -98,32 +102,32 @@ * check.c: Check database for strange configurations on default principals. -2006-05-08 Love Hörnquist Åstrand +2006-05-08 Love Hörnquist Ã…strand * server.c (kadm_get_privs): one less "pointer targets in passing argument differ in signedness" warning. -2006-05-05 Love Hörnquist Åstrand +2006-05-05 Love Hörnquist Ã…strand * dump-format.txt: Moved to info documentation. * Rename u_intXX_t to uintXX_t -2006-05-01 Love Hörnquist Åstrand +2006-05-01 Love Hörnquist Ã…strand * kadmin.8: spelling, update .Dd -2006-04-12 Love Hörnquist Åstrand +2006-04-12 Love Hörnquist Ã…strand * add-random-users.c: Catch empty file case. From Tobias Stoeckmann. -2006-04-07 Love Hörnquist Åstrand +2006-04-07 Love Hörnquist Ã…strand * random_password.c (generate_password): memory leak in error condition case From Coverity NetBSD CID#1887 -2006-02-19 Love Hörnquist Åstrand +2006-02-19 Love Hörnquist Ã…strand * cpw.c (cpw_entry): make sure ret have a defined value @@ -132,7 +136,7 @@ * mod.c: Return error code so that toplevel function can catch them. -2006-01-25 Love Hörnquist Åstrand +2006-01-25 Love Hörnquist Ã…strand * cpw.c (cpw_entry): return 1 on failure. @@ -148,26 +152,26 @@ * util.c (foreach_principal): If any of calls to `func' failes, the first error is returned when all principals are processed. -2005-12-01 Love Hörnquist Åstrand +2005-12-01 Love Hörnquist Ã…strand * kadmin-commands.in: Add ank as an alias to add, it lost in - transition to slc, from Måns Nilsson. + transition to slc, from MÃ¥ns Nilsson. -2005-09-14 Love Hörquist Åstrand +2005-09-14 Love Hörquist Ã…strand * dump-format.txt: Add extensions, fill in missing fields. -2005-09-08 Love Hörquist Åstrand +2005-09-08 Love Hörquist Ã…strand * init.c (create_random_entry): create principal with random password even though its disabled. From Andrew Bartlet -2005-09-01 Love Hörquist Åstrand +2005-09-01 Love Hörquist Ã…strand * kadm_conn.c: Use socket_set_reuseaddr and socket_set_ipv6only. -2005-08-11 Love Hörquist Åstrand +2005-08-11 Love Hörquist Ã…strand * get.c: Remove structure that is never used (sneaked in the large TL_DATA patch). @@ -188,7 +192,7 @@ options and fix a dependency bug (keys needed principal to print the salting). -2005-07-08 Love Hörquist Åstrand +2005-07-08 Love Hörquist Ã…strand * lower amount of shadow and const warnings @@ -196,14 +200,14 @@ * dump-format.txt: Clarify, spelling and add examples. -2005-05-30 Love Hörquist Åstrand +2005-05-30 Love Hörquist Ã…strand * util.c (kdb_attrs): add ok-as-delegate * get.c (getit): init data.mask to 0. Problem found by Andrew Bartlett -2005-05-09 Love Hörquist Åstrand +2005-05-09 Love Hörquist Ã…strand * kadmin.c (main): catch -2 as EOF @@ -215,12 +219,12 @@ * kadmin.c (help): Don't use non-constant initializer for `fake'. -2005-04-20 Love Hörquist Åstrand +2005-04-20 Love Hörquist Ã…strand * util.c (foreach_principal): initialize ret to make sure it have a value -2005-04-04 Love Hörquist Åstrand +2005-04-04 Love Hörquist Ã…strand * kadmind.c: add verifier libraries with kadm5_add_passwd_quality_verifier @@ -231,50 +235,50 @@ * load.c: max-life and max-renew is of unsigned int in asn1 compiler, use that for the parser too -2005-03-26 Love Hörquist Åstrand +2005-03-26 Love Hörquist Ã…strand * kadmin.8: List of attributes, from James F. Hranicky -2005-01-19 Love Hörquist Åstrand +2005-01-19 Love Hörquist Ã…strand * dump.c (dump): handle errors -2005-01-08 Love Hörquist Åstrand +2005-01-08 Love Hörquist Ã…strand * dump-format.txt: text dump format -2004-12-08 Love Hörquist Åstrand +2004-12-08 Love Hörquist Ã…strand * kadmind.8: use keeps around options, from OpenBSD * kadmin.8: use keeps around options, "improve" spelling, from openbsd -2004-11-01 Love Hörquist Åstrand +2004-11-01 Love Hörquist Ã…strand * get.c (getit): always free columns * ank.c (add_one_principal): catch error from UI_UTIL_read_pw_string -2004-10-31 Love Hörquist Åstrand +2004-10-31 Love Hörquist Ã…strand * del_enctype.c (del_enctype): fix off-by-one error in del_enctype From: -2004-08-13 Love Hörquist Åstrand +2004-08-13 Love Hörquist Ã…strand * get.c: print keytypes on long format -2004-07-06 Love Hörquist Åstrand +2004-07-06 Love Hörquist Ã…strand * get.c (format_field): allow mod_name to be optional * ext.c (do_ext_keytab): if there isn't any keydata, try using kadm5_randkey_principal -2004-07-02 Love Hörquist Åstrand +2004-07-02 Love Hörquist Ã…strand * load.c: make merge/load work again @@ -282,7 +286,7 @@ * ank.c: fix slc lossage -2004-06-28 Love Hörquist Åstrand +2004-06-28 Love Hörquist Ã…strand * kadmin.c: use kadm5_ad_init_with_password_ctx @@ -303,11 +307,11 @@ * kadmin: convert to use slc; also add stash subcommand -2004-06-15 Love Hörquist Åstrand +2004-06-15 Love Hörquist Ã…strand * kadmin.c (main): keytab mode requires principal name -2004-06-12 Love Hörquist Åstrand +2004-06-12 Love Hörquist Ã…strand * kadmind.c: drop keyfile, not used, found by Elrond @@ -315,7 +319,7 @@ * kadmin.c: if keyfile is set, pass in to libkadm5 bug pointed out by Elrond -2004-05-31 Love Hörquist Åstrand +2004-05-31 Love Hörquist Ã…strand * kadmin.c: add --ad flag, XXX rewrite the init kadm5 interface @@ -328,7 +332,7 @@ * util.c (str2time_t): fix end-of-day logic, from Duncan McEwan/Mark Davies. -2004-04-29 Love Hörquist Åstrand +2004-04-29 Love Hörquist Ã…strand * version4.c (handle_v4): make sure length is longer then 2, Pointed out by Evgeny Demidov @@ -342,7 +346,7 @@ * mod.c: allow wildcarding principals, and make parameters a work same as if prompted -2004-03-08 Love Hörquist Åstrand +2004-03-08 Love Hörquist Ã…strand * kadmin.8: document password-quality @@ -354,40 +358,40 @@ * pw_quality.c: test run the password quality function -2004-03-07 Love Hörquist Åstrand +2004-03-07 Love Hörquist Ã…strand * ank.c (add_one_principal): even though the principal is disabled (creation of random key/keydata), create it with a random password -2003-12-07 Love Hörquist Åstrand +2003-12-07 Love Hörquist Ã…strand * init.c (create_random_entry): print error message on failure * ank.c (add_one_principal): pass right argument to kadm5_free_principal_ent From Panasas, Inc -2003-11-18 Love Hörquist Åstrand +2003-11-18 Love Hörquist Ã…strand * kadmind.c (main): move opening the logfile to after reading kdc.conf move the loading of hdb keytab ops closer to where its used From: Jeffrey Hutzelman -2003-10-04 Love Hörquist Åstrand +2003-10-04 Love Hörquist Ã…strand * util.c (str2time_t): allow whitespace between date and time From: Bob Beck and adharw@yahoo.com -2003-09-03 Love Hörquist Åstrand +2003-09-03 Love Hörquist Ã…strand * ank.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ * cpw.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ -2003-08-21 Love Hörquist Åstrand +2003-08-21 Love Hörquist Ã…strand * get.c (print_entry_terse): handle error when unparsing name -2003-08-18 Love Hörquist Åstrand +2003-08-18 Love Hörquist Ã…strand * kadmind.c (main): use krb5_prepend_config_files_default, now all options in kdc.conf is parsed, not just [kdc]key-file= @@ -395,16 +399,16 @@ * kadmin.c (main): use krb5_prepend_config_files_default, now all options in kdc.conf is parsed, not just [kdc]key-file= -2003-04-14 Love Hörquist Åstrand +2003-04-14 Love Hörquist Ã…strand * util.c: cast argument to tolower to unsigned char, from Christian Biere via NetBSD -2003-04-06 Love Hörquist Åstrand +2003-04-06 Love Hörquist Ã…strand * kadmind.8: s/kerberos/Kerberos/ -2003-03-31 Love Hörquist Åstrand +2003-03-31 Love Hörquist Ã…strand * kadmin.8: initialises -> initializes, from Perry E. Metzger" @@ -412,13 +416,13 @@ * kadmin.c: principal, not pricipal. From Thomas Klausner -2003-02-04 Love Hörquist Åstrand +2003-02-04 Love Hörquist Ã…strand * kadmind.8: spelling, from jmc * kadmin.8: spelling, from jmc -2003-01-29 Love Hörquist Åstrand +2003-01-29 Love Hörquist Ã…strand * server.c (kadmind_dispatch): kadm_chpass: require the password to pass the password quality check in case the user changes the diff --git a/kadmin/Makefile.am b/kadmin/Makefile.am index 323439a130d6..38f7ddecf8bf 100644 --- a/kadmin/Makefile.am +++ b/kadmin/Makefile.am @@ -1,15 +1,13 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -AM_CPPFLAGS += $(INCLUDE_readline) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 +AM_CPPFLAGS += $(INCLUDE_libintl) $(INCLUDE_readline) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 -I$(top_builddir)/include/gssapi sbin_PROGRAMS = kadmin libexec_PROGRAMS = kadmind -SLC = $(top_builddir)/lib/sl/slc - man_MANS = kadmin.8 kadmind.8 noinst_PROGRAMS = add_random_users @@ -47,10 +45,10 @@ kadmin-commands.c kadmin-commands.h: kadmin-commands.in $(SLC) $(srcdir)/kadmin-commands.in kadmind_SOURCES = \ - kadmind.c \ + rpc.c \ server.c \ + kadmind.c \ kadmin_locl.h \ - $(version4_c) \ kadm_conn.c add_random_users_SOURCES = add-random-users.c @@ -63,7 +61,6 @@ check_PROGRAMS = $(TESTS) LDADD_common = \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ @@ -71,6 +68,7 @@ LDADD_common = \ $(DBLIB) kadmind_LDADD = $(top_builddir)/lib/kadm5/libkadm5srv.la \ + ../lib/gssapi/libgssapi.la \ $(LDADD_common) \ $(LIB_pidfile) \ $(LIB_dlopen) @@ -91,4 +89,9 @@ add_random_users_LDADD = \ test_util_LDADD = $(kadmin_LDADD) -EXTRA_DIST = $(man_MANS) kadmin-commands.in +EXTRA_DIST = \ + NTMakefile \ + kadmin-version.rc \ + kadmind-version.rc \ + $(man_MANS) \ + kadmin-commands.in diff --git a/kadmin/Makefile.in b/kadmin/Makefile.in index 746cb48f664d..53c43d160222 100644 --- a/kadmin/Makefile.in +++ b/kadmin/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -49,7 +51,7 @@ check_PROGRAMS = $(am__EXEEXT_1) subdir = kadmin ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -64,7 +66,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -78,9 +80,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -88,25 +93,24 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__EXEEXT_1 = test_util$(EXEEXT) am__installdirs = "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(sbindir)" \ "$(DESTDIR)$(man8dir)" -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(libexec_PROGRAMS) $(noinst_PROGRAMS) $(sbin_PROGRAMS) am_add_random_users_OBJECTS = add-random-users.$(OBJEXT) add_random_users_OBJECTS = $(am_add_random_users_OBJECTS) am__DEPENDENCIES_1 = am__DEPENDENCIES_2 = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) + $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) add_random_users_DEPENDENCIES = \ $(top_builddir)/lib/kadm5/libkadm5clnt.la \ $(top_builddir)/lib/kadm5/libkadm5srv.la $(am__DEPENDENCIES_2) \ @@ -123,12 +127,12 @@ kadmin_DEPENDENCIES = $(top_builddir)/lib/kadm5/libkadm5clnt.la \ $(top_builddir)/lib/kadm5/libkadm5srv.la \ $(top_builddir)/lib/sl/libsl.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -am_kadmind_OBJECTS = kadmind.$(OBJEXT) server.$(OBJEXT) \ +am_kadmind_OBJECTS = rpc.$(OBJEXT) server.$(OBJEXT) kadmind.$(OBJEXT) \ kadm_conn.$(OBJEXT) kadmind_OBJECTS = $(am_kadmind_OBJECTS) kadmind_DEPENDENCIES = $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) + ../lib/gssapi/libgssapi.la $(am__DEPENDENCIES_2) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) am_test_util_OBJECTS = test_util.$(OBJEXT) util.$(OBJEXT) test_util_OBJECTS = $(am_test_util_OBJECTS) am__DEPENDENCIES_3 = $(top_builddir)/lib/kadm5/libkadm5clnt.la \ @@ -136,9 +140,9 @@ am__DEPENDENCIES_3 = $(top_builddir)/lib/kadm5/libkadm5clnt.la \ $(top_builddir)/lib/sl/libsl.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) test_util_DEPENDENCIES = $(am__DEPENDENCIES_3) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -153,58 +157,90 @@ SOURCES = $(add_random_users_SOURCES) $(dist_kadmin_SOURCES) \ $(test_util_SOURCES) DIST_SOURCES = $(add_random_users_SOURCES) $(dist_kadmin_SOURCES) \ $(kadmind_SOURCES) $(test_util_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man8dir = $(mandir)/man8 MANS = $(man_MANS) ETAGS = etags CTAGS = ctags +am__tty_colors = \ +red=; grn=; lgn=; blu=; std= DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -228,10 +264,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -248,6 +285,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -263,31 +302,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -302,10 +355,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -346,32 +401,37 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_readline) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_libintl) $(INCLUDE_readline) \ + $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 \ + -I$(top_builddir)/include/gssapi @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SLC = $(top_builddir)/lib/sl/slc man_MANS = kadmin.8 kadmind.8 dist_kadmin_SOURCES = \ ank.c \ @@ -400,17 +460,16 @@ nodist_kadmin_SOURCES = \ CLEANFILES = kadmin-commands.h kadmin-commands.c kadmind_SOURCES = \ - kadmind.c \ + rpc.c \ server.c \ + kadmind.c \ kadmin_locl.h \ - $(version4_c) \ kadm_conn.c add_random_users_SOURCES = add-random-users.c test_util_SOURCES = test_util.c util.c LDADD_common = \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ @@ -418,6 +477,7 @@ LDADD_common = \ $(DBLIB) kadmind_LDADD = $(top_builddir)/lib/kadm5/libkadm5srv.la \ + ../lib/gssapi/libgssapi.la \ $(LDADD_common) \ $(LIB_pidfile) \ $(LIB_dlopen) @@ -437,23 +497,29 @@ add_random_users_LDADD = \ $(LIB_dlopen) test_util_LDADD = $(kadmin_LDADD) -EXTRA_DIST = $(man_MANS) kadmin-commands.in +EXTRA_DIST = \ + NTMakefile \ + kadmin-version.rc \ + kadmind-version.rc \ + $(man_MANS) \ + kadmin-commands.in + all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps kadmin/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps kadmin/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign kadmin/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign kadmin/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -471,76 +537,111 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list install-sbinPROGRAMS: $(sbin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(sbindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(sbindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-sbinPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done + @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(sbindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(sbindir)" && rm -f $$files clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(sbin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list add_random_users$(EXEEXT): $(add_random_users_OBJECTS) $(add_random_users_DEPENDENCIES) @rm -f add_random_users$(EXEEXT) $(LINK) $(add_random_users_OBJECTS) $(add_random_users_LDADD) $(LIBS) @@ -560,118 +661,154 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/add-random-users.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/add_enctype.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ank.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cpw.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/del.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/del_enctype.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dump.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ext.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/get.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/init.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kadm_conn.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kadmin-commands.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kadmin.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kadmind.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/load.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pw_quality.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/random_password.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rename.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rpc.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/server.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/stash.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_util.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/util.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) +install-man8: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + uninstall-man8: @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ srcdir=$(srcdir); export srcdir; \ list=' $(TESTS) '; \ + $(am__tty_colors); \ if test -n "$$list"; then \ for tst in $$list; do \ if test -f ./$$tst; then dir=./; \ @@ -680,49 +817,63 @@ check-TESTS: $(TESTS) if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xpass=`expr $$xpass + 1`; \ failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ + col=$$red; res=XPASS; \ ;; \ *) \ - echo "PASS: $$tst"; \ + col=$$grn; res=PASS; \ ;; \ esac; \ elif test $$? -ne 77; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ + col=$$lgn; res=XFAIL; \ ;; \ *) \ failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ + col=$$red; res=FAIL; \ ;; \ esac; \ else \ skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ + col=$$blu; res=SKIP; \ fi; \ + echo "$${col}$$res$${std}: $$tst"; \ done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ if test "$$failed" -eq 0; then \ if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ + banner="$$All$$all $$tests passed"; \ else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ fi; \ else \ if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ + banner="$$failed of $$all $$tests failed"; \ else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ fi; \ fi; \ dashes="$$banner"; \ skipped=""; \ if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ dashes="$$skipped"; \ fi; \ @@ -733,15 +884,32 @@ check-TESTS: $(TESTS) dashes="$$report"; \ fi; \ dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ + if test "$$failed" -eq 0; then \ + echo "$$grn$$dashes"; \ + else \ + echo "$$red$$dashes"; \ + fi; \ echo "$$banner"; \ test -z "$$skipped" || echo "$$skipped"; \ test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ + echo "$$dashes$$std"; \ test "$$failed" -eq 0; \ else :; fi distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -757,13 +925,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -800,6 +972,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -811,6 +984,7 @@ clean-am: clean-checkPROGRAMS clean-generic clean-libexecPROGRAMS \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -821,6 +995,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -828,26 +1004,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-libexecPROGRAMS install-sbinPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -868,11 +1053,10 @@ uninstall-am: uninstall-libexecPROGRAMS uninstall-man \ uninstall-sbinPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man8 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ check-local clean clean-checkPROGRAMS clean-generic \ @@ -961,6 +1145,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -1046,7 +1233,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -1064,6 +1251,7 @@ $(kadmin_OBJECTS): kadmin-commands.h kadmin-commands.c kadmin-commands.h: kadmin-commands.in $(SLC) $(srcdir)/kadmin-commands.in + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/kadmin/NTMakefile b/kadmin/NTMakefile new file mode 100644 index 000000000000..f50e118be2d8 --- /dev/null +++ b/kadmin/NTMakefile @@ -0,0 +1,134 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=kadmin +cincdirs=-I$(OBJ) -I$(INCDIR)\gssapi + +!include ../windows/NTMakefile.w32 + +SBIN_PROGRAMS=$(SBINDIR)\kadmin.exe + +# Disable kadmind.exe since currently it doesn't build +#LIBEXEC_PROGRAMS=$(LIBEXECDIR)\kadmind.exe +# + +COMMON_LIBS= \ + $(LIBHDB) \ + $(LIBHEIMDAL) \ + $(LIBROKEN) + +KADMIN_OBJS= \ + $(OBJ)\ank.obj \ + $(OBJ)\add_enctype.obj \ + $(OBJ)\check.obj \ + $(OBJ)\cpw.obj \ + $(OBJ)\del.obj \ + $(OBJ)\del_enctype.obj \ + $(OBJ)\dump.obj \ + $(OBJ)\ext.obj \ + $(OBJ)\get.obj \ + $(OBJ)\init.obj \ + $(OBJ)\kadmin.obj \ + $(OBJ)\load.obj \ + $(OBJ)\mod.obj \ + $(OBJ)\rename.obj \ + $(OBJ)\stash.obj \ + $(OBJ)\util.obj \ + $(OBJ)\pw_quality.obj \ + $(OBJ)\random_password.obj \ + $(OBJ)\kadmin-commands.obj \ + $(OBJ)\kadmin-version.res + +KADMIN_LIBS= \ + $(LIBKADM5CLNT) \ + $(LIBKADM5SRV) \ + $(LIBSL) \ + $(COMMON_LIBS) \ + $(LIBVERS) \ + $(LIBCOMERR) + +INCFILES=$(OBJ)\kadmin-commands.h + +$(OBJ)\kadmin-commands.c $(OBJ)\kadmin-commands.h: kadmin-commands.in + cd $(OBJ) + $(CP) $(SRCDIR)\kadmin-commands.in $(OBJ) + $(BINDIR)\slc.exe kadmin-commands.in + cd $(SRCDIR) + +$(SBINDIR)\kadmin.exe: $(KADMIN_OBJS) $(KADMIN_LIBS) + $(EXECONLINK) + $(EXEPREP) + +KADMIND_OBJS= \ + $(OBJ)\rpc.obj \ + $(OBJ)\server.obj \ + $(OBJ)\kadmind.obj \ + $(OBJ)\kadm_conn.obj \ + $(OBJ)\kadmind-version.res + +KADMIND_LIBS=\ + $(LIBKADM5SRV) \ + $(LIBGSSAPI) \ + $(COMMON_LIBS) + +$(LIBEXECDIR)\kadmind.exe: $(KADMIND_OBJS) $(KADMIND_LIBS) + $(EXECONLINK) + $(EXEPREP) + +all:: $(INCFILES) $(SBIN_PROGRAMS) $(LIBEXEC_PROGRAMS) + +clean:: + -$(RM) $(SBIN_PROGRAMS:.exe=.*) + -$(RM) $(LIBEXEC_PROGRAMS:.exe=.*) + + + + +NOINST_PROGRAMS=$(OBJ)\add_random_users.exe + +$(OBJ)\add_random_users.exe: $(OBJ)\add_random_users.obj $(LIBKADM5SRV) $(LIBKADM5CLNT) $(COMMON_LIBS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +TEST_BINARIES=$(OBJ)\test_util.exe + +$(OBJ)\test_util.exe: $(OBJ)\test_util.obj $(OBJ)\util.obj $(KADMIN_LIBS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +test-binaries: $(TEST_BINARIES) + +test-run: + cd $(OBJ) + test_util.exe + cd $(SRCDIR) + +test:: test-binaries test-run diff --git a/kadmin/add-random-users.c b/kadmin/add-random-users.c index b7971434b25c..c3beaf206a6d 100644 --- a/kadmin/add-random-users.c +++ b/kadmin/add-random-users.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" -RCSID("$Id: add-random-users.c 19213 2006-12-04 23:36:36Z lha $"); - #define WORDS_FILENAME "/usr/share/dict/words" #define NUSERS 1000 @@ -74,6 +72,7 @@ read_words (const char *filename, char ***ret_w) if (n == 0) errx(1, "%s is an empty file, no words to try", filename); *ret_w = w; + fclose(f); return n; } @@ -119,17 +118,17 @@ add_users (const char *filename, unsigned n) ret = krb5_init_context(&context); if (ret) errx (1, "krb5_init_context failed: %d", ret); - ret = kadm5_s_init_with_password_ctx(context, + ret = kadm5_s_init_with_password_ctx(context, KADM5_ADMIN_SERVICE, NULL, KADM5_ADMIN_SERVICE, - NULL, 0, 0, + NULL, 0, 0, &kadm_handle); if(ret) krb5_err(context, 1, ret, "kadm5_init_with_password"); nwords = read_words (filename, &words); - + for (i = 0; i < n; ++i) add_user (context, kadm_handle, nwords, words); kadm5_destroy(kadm_handle); diff --git a/kadmin/add_enctype.c b/kadmin/add_enctype.c index 65337e62c001..233c4ab9498f 100644 --- a/kadmin/add_enctype.c +++ b/kadmin/add_enctype.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1999-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" -RCSID("$Id: add_enctype.c 20287 2007-02-22 03:12:30Z lha $"); - /* * del_enctype principal enctypes... */ @@ -102,6 +100,7 @@ add_enctype(struct add_enctype_options*opt, int argc, char **argv) if (etypes[j] == key->key_data_type[0]) { krb5_warnx(context, "enctype %d already exists", (int)etypes[j]); + free(new_key_data); goto out; } } diff --git a/kadmin/ank.c b/kadmin/ank.c index 7e7cfa8817e8..0b7ebc027434 100644 --- a/kadmin/ank.c +++ b/kadmin/ank.c @@ -1,61 +1,59 @@ /* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" -RCSID("$Id: ank.c 16658 2006-01-25 12:29:46Z lha $"); - /* * fetch the default principal corresponding to `princ' */ static krb5_error_code -get_default (kadm5_server_context *context, +get_default (kadm5_server_context *contextp, krb5_principal princ, kadm5_principal_ent_t default_ent) { krb5_error_code ret; krb5_principal def_principal; - krb5_realm *realm = krb5_princ_realm(context->context, princ); + krb5_const_realm realm = krb5_principal_get_realm(contextp->context, princ); - ret = krb5_make_principal (context->context, &def_principal, - *realm, "default", NULL); + ret = krb5_make_principal (contextp->context, &def_principal, + realm, "default", NULL); if (ret) return ret; - ret = kadm5_get_principal (context, def_principal, default_ent, + ret = kadm5_get_principal (contextp, def_principal, default_ent, KADM5_PRINCIPAL_NORMAL_MASK); - krb5_free_principal (context->context, def_principal); + krb5_free_principal (contextp->context, def_principal); return ret; } @@ -68,7 +66,7 @@ static krb5_error_code add_one_principal (const char *name, int rand_key, int rand_password, - int use_defaults, + int use_defaults, char *password, krb5_key_data *key_data, const char *max_ticket_life, @@ -95,7 +93,7 @@ add_one_principal (const char *name, mask |= KADM5_PRINCIPAL; ret = set_entry(context, &princ, &mask, - max_ticket_life, max_renewable_life, + max_ticket_life, max_renewable_life, expiration, pw_expiration, attributes); if (ret) goto out; @@ -110,7 +108,7 @@ add_one_principal (const char *name, KADM5_PRINC_EXPIRE_TIME | KADM5_PW_EXPIRATION; } - if(use_defaults) + if(use_defaults) set_defaults(&princ, &mask, default_ent, default_mask); else if(edit_entry(&princ, &mask, default_ent, default_mask)) @@ -133,13 +131,13 @@ add_one_principal (const char *name, ret = UI_UTIL_read_pw_string (pwbuf, sizeof(pwbuf), prompt, 1); free (prompt); if (ret) { - krb5_set_error_string(context, "failed to verify password"); ret = KRB5_LIBOS_BADPWDMATCH; + krb5_set_error_message(context, ret, "failed to verify password"); goto out; } password = pwbuf; } - + ret = kadm5_create_principal(kadm_handle, &princ, mask, password); if(ret) { krb5_warn(context, ret, "kadm5_create_principal"); @@ -148,7 +146,7 @@ add_one_principal (const char *name, if(rand_key) { krb5_keyblock *new_keys; int n_keys, i; - ret = kadm5_randkey_principal(kadm_handle, princ_ent, + ret = kadm5_randkey_principal(kadm_handle, princ_ent, &new_keys, &n_keys); if(ret){ krb5_warn(context, ret, "kadm5_randkey_principal"); @@ -158,11 +156,11 @@ add_one_principal (const char *name, krb5_free_keyblock_contents(context, &new_keys[i]); if (n_keys > 0) free(new_keys); - kadm5_get_principal(kadm_handle, princ_ent, &princ, + kadm5_get_principal(kadm_handle, princ_ent, &princ, KADM5_PRINCIPAL | KADM5_KVNO | KADM5_ATTRIBUTES); princ.attributes &= (~KRB5_KDB_DISALLOW_ALL_TIX); princ.kvno = 1; - kadm5_modify_principal(kadm_handle, &princ, + kadm5_modify_principal(kadm_handle, &princ, KADM5_ATTRIBUTES | KADM5_KVNO); kadm5_free_principal_ent(kadm_handle, &princ); } else if (key_data) { @@ -171,7 +169,7 @@ add_one_principal (const char *name, if (ret) { krb5_warn(context, ret, "kadm5_chpass_principal_with_key"); } - kadm5_get_principal(kadm_handle, princ_ent, &princ, + kadm5_get_principal(kadm_handle, princ_ent, &princ, KADM5_PRINCIPAL | KADM5_ATTRIBUTES); princ.attributes &= (~KRB5_KDB_DISALLOW_ALL_TIX); kadm5_modify_principal(kadm_handle, &princ, KADM5_ATTRIBUTES); @@ -234,7 +232,7 @@ add_new_key(struct add_options *opt, int argc, char **argv) const char *error; if (parse_des_key (opt->key_string, key_data, &error)) { - fprintf (stderr, "failed parsing key \"%s\": %s\n", + fprintf (stderr, "failed parsing key \"%s\": %s\n", opt->key_string, error); return 1; } @@ -242,10 +240,10 @@ add_new_key(struct add_options *opt, int argc, char **argv) } for(i = 0; i < argc; i++) { - ret = add_one_principal (argv[i], - opt->random_key_flag, + ret = add_one_principal (argv[i], + opt->random_key_flag, opt->random_password_flag, - opt->use_defaults_flag, + opt->use_defaults_flag, opt->password_string, kdp, opt->max_ticket_life_string, diff --git a/kadmin/check.c b/kadmin/check.c index bd4f270adb77..b5a03854ab72 100644 --- a/kadmin/check.c +++ b/kadmin/check.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /* @@ -38,8 +38,6 @@ #include "kadmin_locl.h" #include "kadmin-commands.h" -RCSID("$Id: check.c 20962 2007-06-07 05:09:24Z lha $"); - static int get_check_entry(const char *name, kadm5_principal_ent_rec *ent) { @@ -69,7 +67,7 @@ do_check_entry(krb5_principal principal, void *data) kadm5_principal_ent_rec princ; char *name; int i; - + ret = krb5_unparse_name(context, principal, &name); if (ret) return 1; @@ -85,10 +83,10 @@ do_check_entry(krb5_principal principal, void *data) for (i = 0; i < princ.n_key_data; i++) { size_t keysize; - ret = krb5_enctype_keysize(context, + ret = krb5_enctype_keysize(context, princ.key_data[i].key_data_type[0], &keysize); - if (ret == 0 && keysize != princ.key_data[i].key_data_length[0]) { + if (ret == 0 && keysize != (size_t)princ.key_data[i].key_data_length[0]) { krb5_warnx(context, "Principal %s enctype %d, wrong length: %lu\n", name, princ.key_data[i].key_data_type[0], @@ -142,7 +140,7 @@ check(void *opt, int argc, char **argv) free(p); goto fail; } - free(p); + free(p); kadm5_free_principal_ent(kadm_handle, &ent); @@ -187,13 +185,12 @@ check(void *opt, int argc, char **argv) kadm5_free_principal_ent(kadm_handle, &ent); /* - * Check for duplicate afs keys + * Check for duplicate afs keys */ p2 = strdup(realm); if (p2 == NULL) { krb5_warn(context, errno, "malloc"); - free(p); goto fail; } strlwr(p2); diff --git a/kadmin/cpw.c b/kadmin/cpw.c index c5fa9ed3994c..c5a2eb87e9f1 100644 --- a/kadmin/cpw.c +++ b/kadmin/cpw.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" -RCSID("$Id: cpw.c 16755 2006-02-18 23:30:32Z lha $"); - struct cpw_entry_data { int random_key; int random_password; @@ -120,7 +118,7 @@ static int do_cpw_entry(krb5_principal principal, void *data) { struct cpw_entry_data *e = data; - + if (e->random_key) return set_random_key (principal); else if (e->random_password) @@ -160,12 +158,12 @@ cpw_entry(struct passwd_options *opt, int argc, char **argv) "--random-key, --random-password, --password, --key\n"); return 1; } - + if (opt->key_string) { const char *error; if (parse_des_key (opt->key_string, key_data, &error)) { - fprintf (stderr, "failed parsing key \"%s\": %s\n", + fprintf (stderr, "failed parsing key \"%s\": %s\n", opt->key_string, error); return 1; } diff --git a/kadmin/del.c b/kadmin/del.c index a7db479135e6..a4cec7acbe14 100644 --- a/kadmin/del.c +++ b/kadmin/del.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" -RCSID("$Id: del.c 16754 2006-02-18 23:29:43Z lha $"); - static int do_del_entry(krb5_principal principal, void *data) { diff --git a/kadmin/del_enctype.c b/kadmin/del_enctype.c index 26921f2d42d6..01d2036a45c8 100644 --- a/kadmin/del_enctype.c +++ b/kadmin/del_enctype.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1999-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" -RCSID("$Id: del_enctype.c 16658 2006-01-25 12:29:46Z lha $"); - /* * del_enctype principal enctypes... */ @@ -84,7 +82,7 @@ del_enctype(void *opt, int argc, char **argv) } new_key_data = malloc(princ.n_key_data * sizeof(*new_key_data)); - if (new_key_data == NULL) { + if (new_key_data == NULL && princ.n_key_data != 0) { krb5_warnx (context, "out of memory"); goto out; } diff --git a/kadmin/dump.c b/kadmin/dump.c index 97ec667ba6f2..91a5ada86607 100644 --- a/kadmin/dump.c +++ b/kadmin/dump.c @@ -1,42 +1,40 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" #include -RCSID("$Id: dump.c 14518 2005-01-19 17:09:56Z lha $"); - extern int local_flag; int @@ -45,7 +43,7 @@ dump(struct dump_options *opt, int argc, char **argv) krb5_error_code ret; FILE *f; HDB *db = NULL; - + if(!local_flag) { krb5_warnx(context, "dump is only available in local (-l) mode"); return 0; @@ -57,7 +55,7 @@ dump(struct dump_options *opt, int argc, char **argv) f = stdout; else f = fopen(argv[0], "w"); - + if(f == NULL) { krb5_warn(context, errno, "open: %s", argv[0]); goto out; @@ -68,7 +66,7 @@ dump(struct dump_options *opt, int argc, char **argv) goto out; } - hdb_foreach(context, db, opt->decrypt_flag ? HDB_F_DECRYPT : 0, + hdb_foreach(context, db, opt->decrypt_flag ? HDB_F_DECRYPT : 0, hdb_print_entry, f); db->hdb_close(context, db); diff --git a/kadmin/ext.c b/kadmin/ext.c index f80272f65f1d..cce38bc175f6 100644 --- a/kadmin/ext.c +++ b/kadmin/ext.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" -RCSID("$Id: ext.c 16658 2006-01-25 12:29:46Z lha $"); - struct ext_keytab_data { krb5_keytab keytab; }; @@ -49,8 +47,8 @@ do_ext_keytab(krb5_principal principal, void *data) krb5_keytab_entry *keys = NULL; krb5_keyblock *k = NULL; int i, n_k; - - ret = kadm5_get_principal(kadm_handle, principal, &princ, + + ret = kadm5_get_principal(kadm_handle, principal, &princ, KADM5_PRINCIPAL|KADM5_KVNO|KADM5_KEY_DATA); if(ret) return ret; @@ -59,7 +57,7 @@ do_ext_keytab(krb5_principal principal, void *data) keys = malloc(sizeof(*keys) * princ.n_key_data); if (keys == NULL) { kadm5_free_principal_ent(kadm_handle, &princ); - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ENOMEM; } for (i = 0; i < princ.n_key_data; i++) { @@ -83,7 +81,7 @@ do_ext_keytab(krb5_principal principal, void *data) keys = malloc(sizeof(*keys) * n_k); if (keys == NULL) { kadm5_free_principal_ent(kadm_handle, &princ); - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ENOMEM; } for (i = 0; i < n_k; i++) { diff --git a/kadmin/get.c b/kadmin/get.c index 6e09f916d4f9..0895b53ccba2 100644 --- a/kadmin/get.c +++ b/kadmin/get.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" @@ -36,8 +36,6 @@ #include #include -RCSID("$Id: get.c 21745 2007-07-31 16:11:25Z lha $"); - static struct field_name { const char *fieldname; unsigned int fieldvalue; @@ -100,7 +98,7 @@ add_column(struct get_entry_data *data, struct field_name *ff, const char *heade data->mask |= ff->fieldvalue; data->extra_mask |= ff->extra_mask; if(data->table != NULL) - rtbl_add_column_by_id(data->table, ff->fieldvalue, + rtbl_add_column_by_id(data->table, ff->fieldvalue, header ? header : ff->default_header, ff->flags); return 0; } @@ -112,9 +110,9 @@ add_column(struct get_entry_data *data, struct field_name *ff, const char *heade static int cmp_salt (const krb5_salt *salt, const krb5_key_data *k) { - if (salt->salttype != k->key_data_type[1]) + if (salt->salttype != (size_t)k->key_data_type[1]) return 1; - if (salt->saltvalue.length != k->key_data_length[1]) + if (salt->saltvalue.length != (size_t)k->key_data_length[1]) return 1; return memcmp (salt->saltvalue.data, k->key_data_contents[1], salt->saltvalue.length); @@ -159,7 +157,7 @@ format_keytype(krb5_key_data *k, krb5_salt *def_salt, char *buf, size_t buf_len) } static void -format_field(kadm5_principal_ent_t princ, unsigned int field, +format_field(kadm5_principal_ent_t princ, unsigned int field, unsigned int subfield, char *buf, size_t buf_len, int condensed) { switch(field) { @@ -169,27 +167,27 @@ format_field(kadm5_principal_ent_t princ, unsigned int field, else krb5_unparse_name_fixed(context, princ->principal, buf, buf_len); break; - + case KADM5_PRINC_EXPIRE_TIME: time_t2str(princ->princ_expire_time, buf, buf_len, !condensed); break; - + case KADM5_PW_EXPIRATION: time_t2str(princ->pw_expiration, buf, buf_len, !condensed); break; - + case KADM5_LAST_PWD_CHANGE: time_t2str(princ->last_pwd_change, buf, buf_len, !condensed); break; - + case KADM5_MAX_LIFE: deltat2str(princ->max_life, buf, buf_len); break; - + case KADM5_MAX_RLIFE: deltat2str(princ->max_renewable_life, buf, buf_len); break; - + case KADM5_MOD_TIME: time_t2str(princ->mod_date, buf, buf_len, !condensed); break; @@ -209,7 +207,8 @@ format_field(kadm5_principal_ent_t princ, unsigned int field, snprintf(buf, buf_len, "%d", princ->kvno); break; case KADM5_MKVNO: - snprintf(buf, buf_len, "%d", princ->mkvno); + /* XXX libkadm5srv decrypts the keys, so mkvno is always 0. */ + strlcpy(buf, "unknown", buf_len); break; case KADM5_LAST_SUCCESS: time_t2str(princ->last_success, buf, buf_len, !condensed); @@ -246,7 +245,7 @@ format_field(kadm5_principal_ent_t princ, unsigned int field, krb5_tl_data *tl; for (tl = princ->tl_data; tl != NULL; tl = tl->tl_data_next) - if (tl->tl_data_type == subfield) + if ((unsigned)tl->tl_data_type == subfield) break; if (tl == NULL) { strlcpy(buf, "", buf_len); @@ -262,7 +261,8 @@ format_field(kadm5_principal_ent_t princ, unsigned int field, case KRB5_TL_PKINIT_ACL: { HDB_Ext_PKINIT_acl acl; size_t size; - int i, ret; + int ret; + size_t i; ret = decode_HDB_Ext_PKINIT_acl(tl->tl_data_contents, tl->tl_data_length, @@ -294,7 +294,8 @@ format_field(kadm5_principal_ent_t princ, unsigned int field, case KRB5_TL_ALIASES: { HDB_Ext_Aliases alias; size_t size; - int i, ret; + int ret; + size_t i; ret = decode_HDB_Ext_Aliases(tl->tl_data_contents, tl->tl_data_length, @@ -310,7 +311,7 @@ format_field(kadm5_principal_ent_t princ, unsigned int field, ret = krb5_unparse_name(context, &alias.aliases.val[i], &p); if (ret) break; - if (i < 0) + if (i > 0) strlcat(buf, " ", buf_len); strlcat(buf, p, buf_len); free(p); @@ -335,7 +336,7 @@ print_entry_short(struct get_entry_data *data, kadm5_principal_ent_t princ) { char buf[1024]; struct field_info *f; - + for(f = data->chead; f != NULL; f = f->next) { format_field(princ, f->ff->fieldvalue, f->ff->subvalue, buf, sizeof(buf), 1); rtbl_add_column_entry_by_id(data->table, f->ff->fieldvalue, buf); @@ -348,7 +349,7 @@ print_entry_long(struct get_entry_data *data, kadm5_principal_ent_t princ) char buf[1024]; struct field_info *f; int width = 0; - + for(f = data->chead; f != NULL; f = f->next) { int w = strlen(f->header ? f->header : f->ff->def_longheader); if(w > width) @@ -367,9 +368,9 @@ do_get_entry(krb5_principal principal, void *data) kadm5_principal_ent_rec princ; krb5_error_code ret; struct get_entry_data *e = data; - + memset(&princ, 0, sizeof(princ)); - ret = kadm5_get_principal(kadm_handle, principal, + ret = kadm5_get_principal(kadm_handle, principal, &princ, e->mask | e->extra_mask); if(ret) @@ -420,9 +421,35 @@ setup_columns(struct get_entry_data *data, const char *column_info) return 0; } +static int +do_list_entry(krb5_principal principal, void *data) +{ + char buf[1024]; + krb5_error_code ret; + + ret = krb5_unparse_name_fixed_short(context, principal, buf, sizeof(buf)); + if (ret != 0) + return ret; + printf("%s\n", buf); + return 0; +} + +static int +listit(const char *funcname, int argc, char **argv) +{ + int i; + krb5_error_code ret, saved_ret = 0; + + for (i = 0; i < argc; i++) { + ret = foreach_principal(argv[i], do_list_entry, funcname, NULL); + if (saved_ret == 0 && ret != 0) + saved_ret = ret; + } + return saved_ret != 0; +} + #define DEFAULT_COLUMNS_SHORT "principal,princ_expire_time,pw_expiration,last_pwd_change,max_life,max_rlife" #define DEFAULT_COLUMNS_LONG "principal,princ_expire_time,pw_expiration,last_pwd_change,max_life,max_rlife,kvno,mkvno,last_success,last_failed,fail_auth_count,mod_time,mod_name,attributes,keytypes,pkinit-acl,aliases" -#define DEFAULT_COLUMNS_TERSE "principal=" static int getit(struct get_options *opt, const char *name, int argc, char **argv) @@ -430,7 +457,7 @@ getit(struct get_options *opt, const char *name, int argc, char **argv) int i; krb5_error_code ret; struct get_entry_data data; - + if(opt->long_flag == -1 && (opt->short_flag == 1 || opt->terse_flag == 1)) opt->long_flag = 0; if(opt->short_flag == -1 && (opt->long_flag == 1 || opt->terse_flag == 1)) @@ -440,13 +467,16 @@ getit(struct get_options *opt, const char *name, int argc, char **argv) if(opt->long_flag == 0 && opt->short_flag == 0 && opt->terse_flag == 0) opt->short_flag = 1; + if (opt->terse_flag) + return listit(name, argc, argv); + data.table = NULL; data.chead = NULL; data.ctail = &data.chead; data.mask = 0; data.extra_mask = 0; - if(opt->short_flag || opt->terse_flag) { + if(opt->short_flag) { data.table = rtbl_create(); rtbl_set_separator(data.table, " "); data.format = print_entry_short; @@ -455,24 +485,20 @@ getit(struct get_options *opt, const char *name, int argc, char **argv) if(opt->column_info_string == NULL) { if(opt->long_flag) ret = setup_columns(&data, DEFAULT_COLUMNS_LONG); - else if(opt->short_flag) + else ret = setup_columns(&data, DEFAULT_COLUMNS_SHORT); - else { - ret = setup_columns(&data, DEFAULT_COLUMNS_TERSE); - rtbl_set_flags(data.table, RTBL_HEADER_STYLE_NONE); - } } else ret = setup_columns(&data, opt->column_info_string); - + if(ret != 0) { if(data.table != NULL) rtbl_destroy(data.table); return 0; } - + for(i = 0; i < argc; i++) - ret = foreach_principal(argv[i], do_get_entry, "get", &data); - + ret = foreach_principal(argv[i], do_get_entry, name, &data); + if(data.table != NULL) { rtbl_format(data.table, stdout); rtbl_destroy(data.table); diff --git a/kadmin/init.c b/kadmin/init.c index 8b512f94f2d3..19f7328fc17c 100644 --- a/kadmin/init.c +++ b/kadmin/init.c @@ -1,42 +1,42 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" #include -RCSID("$Id: init.c 17447 2006-05-05 10:52:01Z lha $"); - static kadm5_ret_t create_random_entry(krb5_principal princ, unsigned max_life, @@ -78,22 +78,22 @@ create_random_entry(krb5_principal princ, /* Create the entry with a random password */ ret = kadm5_create_principal(kadm_handle, &ent, mask, password); if(ret) { - krb5_warn(context, ret, "create_random_entry(%s): randkey failed", + krb5_warn(context, ret, "create_random_entry(%s): randkey failed", name); goto out; } - + /* Replace the string2key based keys with real random bytes */ ret = kadm5_randkey_principal(kadm_handle, princ, &keys, &n_keys); if(ret) { - krb5_warn(context, ret, "create_random_entry*%s): randkey failed", + krb5_warn(context, ret, "create_random_entry(%s): randkey failed", name); goto out; } for(i = 0; i < n_keys; i++) krb5_free_keyblock_contents(context, &keys[i]); free(keys); - ret = kadm5_get_principal(kadm_handle, princ, &ent, + ret = kadm5_get_principal(kadm_handle, princ, &ent, KADM5_PRINCIPAL | KADM5_ATTRIBUTES); if(ret) { krb5_warn(context, ret, "create_random_entry(%s): " @@ -102,7 +102,7 @@ create_random_entry(krb5_principal princ, } ent.attributes &= (~KRB5_KDB_DISALLOW_ALL_TIX); ent.kvno = 1; - ret = kadm5_modify_principal(kadm_handle, &ent, + ret = kadm5_modify_principal(kadm_handle, &ent, KADM5_ATTRIBUTES|KADM5_KVNO); kadm5_free_principal_ent (kadm_handle, &ent); if(ret) { @@ -123,23 +123,23 @@ init(struct init_options *opt, int argc, char **argv) kadm5_ret_t ret; int i; HDB *db; - krb5_deltat max_life, max_rlife; + krb5_deltat max_life = 0, max_rlife = 0; - if(!local_flag) { + if (!local_flag) { krb5_warnx(context, "init is only available in local (-l) mode"); return 0; } if (opt->realm_max_ticket_life_string) { if (str2deltat (opt->realm_max_ticket_life_string, &max_life) != 0) { - krb5_warnx (context, "unable to parse \"%s\"", + krb5_warnx (context, "unable to parse \"%s\"", opt->realm_max_ticket_life_string); return 0; } } if (opt->realm_max_renewable_life_string) { if (str2deltat (opt->realm_max_renewable_life_string, &max_rlife) != 0) { - krb5_warnx (context, "unable to parse \"%s\"", + krb5_warnx (context, "unable to parse \"%s\"", opt->realm_max_renewable_life_string); return 0; } @@ -157,15 +157,9 @@ init(struct init_options *opt, int argc, char **argv) krb5_principal princ; const char *realm = argv[i]; - /* Create `krbtgt/REALM' */ - ret = krb5_make_principal(context, &princ, realm, - KRB5_TGS_NAME, realm, NULL); - if(ret) - return 0; if (opt->realm_max_ticket_life_string == NULL) { max_life = 0; if(edit_deltat ("Realm max ticket life", &max_life, NULL, 0)) { - krb5_free_principal(context, princ); return 0; } } @@ -173,15 +167,24 @@ init(struct init_options *opt, int argc, char **argv) max_rlife = 0; if(edit_deltat("Realm max renewable ticket life", &max_rlife, NULL, 0)) { - krb5_free_principal(context, princ); return 0; } } + + /* Create `krbtgt/REALM' */ + ret = krb5_make_principal(context, &princ, realm, + KRB5_TGS_NAME, realm, NULL); + if(ret) + return 0; + create_random_entry(princ, max_life, max_rlife, 0); krb5_free_principal(context, princ); + if (opt->bare_flag) + continue; + /* Create `kadmin/changepw' */ - krb5_make_principal(context, &princ, realm, + krb5_make_principal(context, &princ, realm, "kadmin", "changepw", NULL); /* * The Windows XP (at least) password changing protocol @@ -189,7 +192,7 @@ init(struct init_options *opt, int argc, char **argv) * renewable, forwardable' and so fails if we disallow * forwardable here. */ - create_random_entry(princ, 5*60, 5*60, + create_random_entry(princ, 5*60, 5*60, KRB5_KDB_DISALLOW_TGT_BASED| KRB5_KDB_PWCHANGE_SERVICE| KRB5_KDB_DISALLOW_POSTDATED| @@ -199,7 +202,7 @@ init(struct init_options *opt, int argc, char **argv) krb5_free_principal(context, princ); /* Create `kadmin/admin' */ - krb5_make_principal(context, &princ, realm, + krb5_make_principal(context, &princ, realm, "kadmin", "admin", NULL); create_random_entry(princ, 60*60, 60*60, KRB5_KDB_REQUIRES_PRE_AUTH); krb5_free_principal(context, princ); @@ -221,6 +224,14 @@ init(struct init_options *opt, int argc, char **argv) KRB5_KDB_DISALLOW_TGT_BASED); krb5_free_principal(context, princ); + /* Create `WELLKNOWN/ANONYMOUS' for anonymous as-req */ + krb5_make_principal(context, &princ, realm, + KRB5_WELLKNOWN_NAME, KRB5_ANON_NAME, NULL); + create_random_entry(princ, 60*60, 60*60, + KRB5_KDB_REQUIRES_PRE_AUTH); + krb5_free_principal(context, princ); + + /* Create `default' */ { kadm5_principal_ent_rec ent; diff --git a/kadmin/kadm_conn.c b/kadmin/kadm_conn.c index f2a0828ed859..e959d0362ff3 100644 --- a/kadmin/kadm_conn.c +++ b/kadmin/kadm_conn.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" @@ -36,8 +36,6 @@ #include #endif -RCSID("$Id: kadm_conn.c 16007 2005-09-01 18:49:57Z lha $"); - struct kadm_port { char *port; unsigned short def_port; @@ -45,16 +43,16 @@ struct kadm_port { } *kadm_ports; static void -add_kadm_port(krb5_context context, const char *service, unsigned int port) +add_kadm_port(krb5_context contextp, const char *service, unsigned int port) { struct kadm_port *p; p = malloc(sizeof(*p)); if(p == NULL) { - krb5_warnx(context, "failed to allocate %lu bytes\n", + krb5_warnx(contextp, "failed to allocate %lu bytes\n", (unsigned long)sizeof(*p)); return; } - + p->port = strdup(service); p->def_port = port; @@ -63,9 +61,9 @@ add_kadm_port(krb5_context context, const char *service, unsigned int port) } static void -add_standard_ports (krb5_context context) +add_standard_ports (krb5_context contextp) { - add_kadm_port(context, "kerberos-adm", 749); + add_kadm_port(contextp, "kerberos-adm", 749); } /* @@ -75,15 +73,15 @@ add_standard_ports (krb5_context context) */ void -parse_ports(krb5_context context, const char *str) +parse_ports(krb5_context contextp, const char *str) { char p[128]; while(strsep_copy(&str, " \t", p, sizeof(p)) != -1) { if(strcmp(p, "+") == 0) - add_standard_ports(context); + add_standard_ports(contextp); else - add_kadm_port(context, p, 0); + add_kadm_port(contextp, p, 0); } } @@ -94,7 +92,12 @@ static RETSIGTYPE sigchld(int sig) { int status; - waitpid(-1, &status, 0); + /* + * waitpid() is async safe. will return -1 or 0 on no more zombie + * children + */ + while ((waitpid(-1, &status, WNOHANG)) > 0) + ; SIGRETURN(0); } @@ -117,68 +120,73 @@ terminate(int sig) } static int -spawn_child(krb5_context context, int *socks, int num_socks, int this_sock) +spawn_child(krb5_context contextp, int *socks, + unsigned int num_socks, int this_sock) { - int e, i; + int e; + size_t i; struct sockaddr_storage __ss; struct sockaddr *sa = (struct sockaddr *)&__ss; socklen_t sa_size = sizeof(__ss); - int s; + krb5_socket_t s; pid_t pid; krb5_address addr; char buf[128]; size_t buf_len; s = accept(socks[this_sock], sa, &sa_size); - if(s < 0) { - krb5_warn(context, errno, "accept"); + if(rk_IS_BAD_SOCKET(s)) { + krb5_warn(contextp, rk_SOCK_ERRNO, "accept"); return 1; } - e = krb5_sockaddr2address(context, sa, &addr); + e = krb5_sockaddr2address(contextp, sa, &addr); if(e) - krb5_warn(context, e, "krb5_sockaddr2address"); + krb5_warn(contextp, e, "krb5_sockaddr2address"); else { - e = krb5_print_address (&addr, buf, sizeof(buf), + e = krb5_print_address (&addr, buf, sizeof(buf), &buf_len); - if(e) - krb5_warn(context, e, "krb5_print_address"); + if(e) + krb5_warn(contextp, e, "krb5_print_address"); else - krb5_warnx(context, "connection from %s", buf); - krb5_free_address(context, &addr); + krb5_warnx(contextp, "connection from %s", buf); + krb5_free_address(contextp, &addr); } - + pid = fork(); if(pid == 0) { for(i = 0; i < num_socks; i++) - close(socks[i]); + rk_closesocket(socks[i]); dup2(s, STDIN_FILENO); dup2(s, STDOUT_FILENO); if(s != STDIN_FILENO && s != STDOUT_FILENO) - close(s); + rk_closesocket(s); return 0; } else { - close(s); + rk_closesocket(s); } return 1; } -static int -wait_for_connection(krb5_context context, - int *socks, int num_socks) +static void +wait_for_connection(krb5_context contextp, + krb5_socket_t *socks, unsigned int num_socks) { - int i, e; + unsigned int i; + int e; fd_set orig_read_set, read_set; - int max_fd = -1; - + int status, max_fd = -1; + FD_ZERO(&orig_read_set); - + for(i = 0; i < num_socks; i++) { +#ifdef FD_SETSIZE if (socks[i] >= FD_SETSIZE) errx (1, "fd too large"); +#endif FD_SET(socks[i], &orig_read_set); max_fd = max(max_fd, socks[i]); } - + pgrp = getpid(); if(setpgid(0, pgrp) < 0) @@ -191,41 +199,43 @@ wait_for_connection(krb5_context context, while (term_flag == 0) { read_set = orig_read_set; e = select(max_fd + 1, &read_set, NULL, NULL, NULL); - if(e < 0) { - if(errno != EINTR) - krb5_warn(context, errno, "select"); + if(rk_IS_SOCKET_ERROR(e)) { + if(rk_SOCK_ERRNO != EINTR) + krb5_warn(contextp, rk_SOCK_ERRNO, "select"); } else if(e == 0) - krb5_warnx(context, "select returned 0"); + krb5_warnx(contextp, "select returned 0"); else { for(i = 0; i < num_socks; i++) { if(FD_ISSET(socks[i], &read_set)) - if(spawn_child(context, socks, num_socks, i) == 0) - return 0; + if(spawn_child(contextp, socks, num_socks, i) == 0) + return; } } } signal(SIGCHLD, SIG_IGN); - while(1) { - int status; - pid_t pid; - pid = waitpid(-1, &status, 0); - if(pid == -1 && errno == ECHILD) - break; - } + + while ((waitpid(-1, &status, WNOHANG)) > 0) + ; + exit(0); } -int -start_server(krb5_context context) +void +start_server(krb5_context contextp, const char *port_str) { int e; struct kadm_port *p; - int *socks = NULL, *tmp; - int num_socks = 0; + krb5_socket_t *socks = NULL, *tmp; + unsigned int num_socks = 0; int i; + if (port_str == NULL) + port_str = "+"; + + parse_ports(contextp, port_str); + for(p = kadm_ports; p; p = p->next) { struct addrinfo hints, *ai, *ap; char portstr[32]; @@ -240,38 +250,38 @@ start_server(krb5_context context) } if(e) { - krb5_warn(context, krb5_eai_to_heim_errno(e, errno), + krb5_warn(contextp, krb5_eai_to_heim_errno(e, errno), "%s", portstr); continue; } i = 0; - for(ap = ai; ap; ap = ap->ai_next) + for(ap = ai; ap; ap = ap->ai_next) i++; tmp = realloc(socks, (num_socks + i) * sizeof(*socks)); if(tmp == NULL) { - krb5_warnx(context, "failed to reallocate %lu bytes", + krb5_warnx(contextp, "failed to reallocate %lu bytes", (unsigned long)(num_socks + i) * sizeof(*socks)); continue; } socks = tmp; for(ap = ai; ap; ap = ap->ai_next) { - int s = socket(ap->ai_family, ap->ai_socktype, ap->ai_protocol); - if(s < 0) { - krb5_warn(context, errno, "socket"); + krb5_socket_t s = socket(ap->ai_family, ap->ai_socktype, ap->ai_protocol); + if(rk_IS_BAD_SOCKET(s)) { + krb5_warn(contextp, rk_SOCK_ERRNO, "socket"); continue; } socket_set_reuseaddr(s, 1); socket_set_ipv6only(s, 1); - if (bind (s, ap->ai_addr, ap->ai_addrlen) < 0) { - krb5_warn(context, errno, "bind"); - close(s); + if (rk_IS_SOCKET_ERROR(bind (s, ap->ai_addr, ap->ai_addrlen))) { + krb5_warn(contextp, rk_SOCK_ERRNO, "bind"); + rk_closesocket(s); continue; } - if (listen (s, SOMAXCONN) < 0) { - krb5_warn(context, errno, "listen"); - close(s); + if (rk_IS_SOCKET_ERROR(listen (s, SOMAXCONN))) { + krb5_warn(contextp, rk_SOCK_ERRNO, "listen"); + rk_closesocket(s); continue; } socks[num_socks++] = s; @@ -279,6 +289,7 @@ start_server(krb5_context context) freeaddrinfo (ai); } if(num_socks == 0) - krb5_errx(context, 1, "no sockets to listen to - exiting"); - return wait_for_connection(context, socks, num_socks); + krb5_errx(contextp, 1, "no sockets to listen to - exiting"); + + wait_for_connection(contextp, socks, num_socks); } diff --git a/kadmin/kadmin-commands.in b/kadmin/kadmin-commands.in index 019b99ce14bc..4396ff800441 100644 --- a/kadmin/kadmin-commands.in +++ b/kadmin/kadmin-commands.in @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -30,7 +30,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ -/* $Id: kadmin-commands.in 21969 2007-10-18 18:51:11Z lha $ */ +/* $Id$ */ command = { name = "stash" @@ -54,6 +54,11 @@ command = { type = "flag" help = "just convert keyfile to new format" } + option = { + long = "random-password" + type = "flag" + help = "use a random password (and print the password to stdout)" + } option = { long = "master-key-fd" type = "integer" @@ -89,6 +94,11 @@ command = { type = "string" help = "realm max renewable lifetime" } + option = { + long = "bare" + type = "flag" + help = "only create krbtgt for realm" + } argument = "realm..." min_args = "1" help = "Initializes the default principals for a realm. Creates the database\nif necessary. Local (-l) mode only." diff --git a/kadmin/kadmin-version.rc b/kadmin/kadmin-version.rc new file mode 100644 index 000000000000..d0405886415b --- /dev/null +++ b/kadmin/kadmin-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Kerberos Administration Tool" +#define RC_FILE_ORIG_0409 "kadmin.exe" + +#include "../windows/version.rc" diff --git a/kadmin/kadmin.8 b/kadmin/kadmin.8 index 06fe3d09b262..bd2fd4e7363f 100644 --- a/kadmin/kadmin.8 +++ b/kadmin/kadmin.8 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2000 - 2007 Kungliga Tekniska Högskolan +.\" Copyright (c) 2000 - 2007 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: kadmin.8 21739 2007-07-31 15:55:32Z lha $ +.\" $Id$ .\" .Dd Feb 22, 2007 .Dt KADMIN 8 @@ -40,37 +40,16 @@ .Sh SYNOPSIS .Nm .Bk -words -.Oo Fl p Ar string \*(Ba Xo -.Fl -principal= Ns Ar string -.Xc -.Oc -.Oo Fl K Ar string \*(Ba Xo -.Fl -keytab= Ns Ar string -.Xc -.Oc -.Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file -.Xc -.Oc -.Oo Fl k Ar file \*(Ba Xo -.Fl -key-file= Ns Ar file -.Xc -.Oc -.Oo Fl r Ar realm \*(Ba Xo -.Fl -realm= Ns Ar realm -.Xc -.Oc -.Oo Fl a Ar host \*(Ba Xo -.Fl -admin-server= Ns Ar host -.Xc -.Oc -.Oo Fl s Ar port number \*(Ba Xo -.Fl -server-port= Ns Ar port number -.Xc -.Oc -.Op Fl l | Fl -local -.Op Fl h | Fl -help -.Op Fl v | Fl -version +.Op Fl p Ar string \*(Ba Fl Fl principal= Ns Ar string +.Op Fl K Ar string \*(Ba Fl Fl keytab= Ns Ar string +.Op Fl c Ar file \*(Ba Fl Fl config-file= Ns Ar file +.Op Fl k Ar file \*(Ba Fl Fl key-file= Ns Ar file +.Op Fl r Ar realm \*(Ba Fl Fl realm= Ns Ar realm +.Op Fl a Ar host \*(Ba Fl Fl admin-server= Ns Ar host +.Op Fl s Ar port number \*(Ba Fl Fl server-port= Ns Ar port number +.Op Fl l | Fl Fl local +.Op Fl h | Fl Fl help +.Op Fl v | Fl Fl version .Op Ar command .Ek .Sh DESCRIPTION @@ -84,45 +63,21 @@ option). .Pp Supported options: .Bl -tag -width Ds -.It Xo -.Fl p Ar string , -.Fl -principal= Ns Ar string -.Xc +.It Fl p Ar string , Fl Fl principal= Ns Ar string principal to authenticate as -.It Xo -.Fl K Ar string , -.Fl -keytab= Ns Ar string -.Xc +.It Fl K Ar string , Fl Fl keytab= Ns Ar string keytab for authentication principal -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc +.It Fl c Ar file , Fl Fl config-file= Ns Ar file location of config file -.It Xo -.Fl k Ar file , -.Fl -key-file= Ns Ar file -.Xc +.It Fl k Ar file , Fl Fl key-file= Ns Ar file location of master key file -.It Xo -.Fl r Ar realm , -.Fl -realm= Ns Ar realm -.Xc +.It Fl r Ar realm , Fl Fl realm= Ns Ar realm realm to use -.It Xo -.Fl a Ar host , -.Fl -admin-server= Ns Ar host -.Xc +.It Fl a Ar host , Fl Fl admin-server= Ns Ar host server to contact -.It Xo -.Fl s Ar port number , -.Fl -server-port= Ns Ar port number -.Xc +.It Fl s Ar port number , Fl Fl server-port= Ns Ar port number port to use -.It Xo -.Fl l , -.Fl -local -.Xc +.It Fl l , Fl Fl local local admin mode .El .Pp @@ -144,29 +99,25 @@ matching principals. Commands include: .\" not using a list here, since groff apparently gets confused .\" with nested Xo/Xc -.Bd -ragged -offset indent -.Nm add -.Op Fl r | Fl -random-key -.Op Fl -random-password -.Oo Fl p Ar string \*(Ba Xo -.Fl -password= Ns Ar string -.Xc -.Oc -.Op Fl -key= Ns Ar string -.Op Fl -max-ticket-life= Ns Ar lifetime -.Op Fl -max-renewable-life= Ns Ar lifetime -.Op Fl -attributes= Ns Ar attributes -.Op Fl -expiration-time= Ns Ar time -.Op Fl -pw-expiration-time= Ns Ar time -.Ar principal... .Pp +.Nm add +.Op Fl r | Fl Fl random-key +.Op Fl Fl random-password +.Op Fl p Ar string \*(Ba Fl Fl password= Ns Ar string +.Op Fl Fl key= Ns Ar string +.Op Fl Fl max-ticket-life= Ns Ar lifetime +.Op Fl Fl max-renewable-life= Ns Ar lifetime +.Op Fl Fl attributes= Ns Ar attributes +.Op Fl Fl expiration-time= Ns Ar time +.Op Fl Fl pw-expiration-time= Ns Ar time +.Ar principal... .Bd -ragged -offset indent Adds a new principal to the database. The options not passed on the command line will be promped for. .Ed .Pp .Nm add_enctype -.Op Fl r | Fl -random-key +.Op Fl r | Fl Fl random-key .Ar principal enctypes... .Pp .Bd -ragged -offset indent @@ -176,14 +127,12 @@ supported. .Pp .Nm delete .Ar principal... -.Pp .Bd -ragged -offset indent Removes a principal. .Ed .Pp .Nm del_enctype .Ar principal enctypes... -.Pp .Bd -ragged -offset indent Removes some enctypes from a principal; this can be useful if the service belonging to the principal is known to not handle certain @@ -192,22 +141,20 @@ enctypes. .Pp .Nm ext_keytab .Oo Fl k Ar string \*(Ba Xo -.Fl -keytab= Ns Ar string +.Fl Fl keytab= Ns Ar string .Xc .Oc .Ar principal... -.Pp .Bd -ragged -offset indent Creates a keytab with the keys of the specified principals. .Ed .Pp .Nm get -.Op Fl l | Fl -long -.Op Fl s | Fl -short -.Op Fl t | Fl -terse -.Op Fl o Ar string | Fl -column-info= Ns Ar string +.Op Fl l | Fl Fl long +.Op Fl s | Fl Fl short +.Op Fl t | Fl Fl terse +.Op Fl o Ar string | Fl Fl column-info= Ns Ar string .Ar principal... -.Pp .Bd -ragged -offset indent Lists the matching principals, short prints the result as a table, while long format produces a more verbose output. Which columns to @@ -245,16 +192,15 @@ and .Pp .Nm modify .Oo Fl a Ar attributes \*(Ba Xo -.Fl -attributes= Ns Ar attributes +.Fl Fl attributes= Ns Ar attributes .Xc .Oc -.Op Fl -max-ticket-life= Ns Ar lifetime -.Op Fl -max-renewable-life= Ns Ar lifetime -.Op Fl -expiration-time= Ns Ar time -.Op Fl -pw-expiration-time= Ns Ar time -.Op Fl -kvno= Ns Ar number +.Op Fl Fl max-ticket-life= Ns Ar lifetime +.Op Fl Fl max-renewable-life= Ns Ar lifetime +.Op Fl Fl expiration-time= Ns Ar time +.Op Fl Fl pw-expiration-time= Ns Ar time +.Op Fl Fl kvno= Ns Ar number .Ar principal... -.Pp .Bd -ragged -offset indent Modifies certain attributes of a principal. If run without command line options, you will be prompted. With command line options, it will @@ -276,21 +222,20 @@ Possible attributes are: .Li disallow-forwardable , .Li disallow-postdated .Pp -Attributes may be negated with a "-", e.g., -.Pp +Attributes may be negated with a "-", e.g., +.Pp kadmin -l modify -a -disallow-proxiable user .Ed .Pp .Nm passwd -.Op Fl r | Fl -random-key -.Op Fl -random-password +.Op Fl r | Fl Fl random-key +.Op Fl Fl random-password .Oo Fl p Ar string \*(Ba Xo -.Fl -password= Ns Ar string +.Fl Fl password= Ns Ar string .Xc .Oc -.Op Fl -key= Ns Ar string +.Op Fl Fl key= Ns Ar string .Ar principal... -.Pp .Bd -ragged -offset indent Changes the password of an existing principal. .Ed @@ -298,7 +243,6 @@ Changes the password of an existing principal. .Nm password-quality .Ar principal .Ar password -.Pp .Bd -ragged -offset indent Run the password quality check function locally. You can run this on the host that is configured to run the kadmind @@ -308,7 +252,6 @@ no rpc call is done to the server. .Ed .Pp .Nm privileges -.Pp .Bd -ragged -offset indent Lists the operations you are allowed to perform. These include .Li add , @@ -324,7 +267,6 @@ and .Pp .Nm rename .Ar from to -.Pp .Bd -ragged -offset indent Renames a principal. This is normally transparent, but since keys are salted with the principal name, they will have a non-standard salt, @@ -340,28 +282,24 @@ Check database for strange configurations on important principals. If no realm is given, the default realm is used. .Ed .Pp -.Ed -.Pp When running in local mode, the following commands can also be used: -.Bd -ragged -offset indent -.Nm dump -.Op Fl d | Fl -decrypt -.Op Ar dump-file .Pp +.Nm dump +.Op Fl d | Fl Fl decrypt +.Op Ar dump-file .Bd -ragged -offset indent Writes the database in .Dq human readable form to the specified file, or standard out. If the database is encrypted, the dump will also have encrypted keys, unless -.Fl -decrypt +.Fl Fl decrypt is used. .Ed .Pp .Nm init -.Op Fl -realm-max-ticket-life= Ns Ar string -.Op Fl -realm-max-renewable-life= Ns Ar string +.Op Fl Fl realm-max-ticket-life= Ns Ar string +.Op Fl Fl realm-max-renewable-life= Ns Ar string .Ar realm -.Pp .Bd -ragged -offset indent Initializes the Kerberos database with entries for a new realm. It's possible to have more than one realm served by one server. @@ -369,7 +307,6 @@ possible to have more than one realm served by one server. .Pp .Nm load .Ar file -.Pp .Bd -ragged -offset indent Reads a previously dumped database, and re-creates that database from scratch. @@ -377,7 +314,6 @@ scratch. .Pp .Nm merge .Ar file -.Pp .Bd -ragged -offset indent Similar to .Nm load @@ -386,21 +322,18 @@ but just modifies the database with the entries in the dump file. .Pp .Nm stash .Oo Fl e Ar enctype \*(Ba Xo -.Fl -enctype= Ns Ar enctype +.Fl Fl enctype= Ns Ar enctype .Xc .Oc .Oo Fl k Ar keyfile \*(Ba Xo -.Fl -key-file= Ns Ar keyfile +.Fl Fl key-file= Ns Ar keyfile .Xc .Oc -.Op Fl -convert-file -.Op Fl -master-key-fd= Ns Ar fd -.Pp +.Op Fl Fl convert-file +.Op Fl Fl master-key-fd= Ns Ar fd .Bd -ragged -offset indent Writes the Kerberos master key to a file used by the KDC. .Ed -.Pp -.Ed .\".Sh ENVIRONMENT .\".Sh FILES .\".Sh EXAMPLES diff --git a/kadmin/kadmin.c b/kadmin/kadmin.c index da9b894561d2..6e31828afa16 100644 --- a/kadmin/kadmin.c +++ b/kadmin/kadmin.c @@ -1,42 +1,40 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" #include -RCSID("$Id: kadmin.c 22253 2007-12-09 06:00:00Z lha $"); - static char *config_file; static char *keyfile; int local_flag; @@ -54,41 +52,42 @@ static getarg_strings policy_libraries = { 0, NULL }; static struct getargs args[] = { { "principal", 'p', arg_string, &client_name, - "principal to authenticate as" }, + "principal to authenticate as", NULL }, { "keytab", 'K', arg_string, &keytab, - "keytab for authentication principal" }, - { - "config-file", 'c', arg_string, &config_file, - "location of config file", "file" + "keytab for authentication principal", NULL }, + { + "config-file", 'c', arg_string, &config_file, + "location of config file", "file" }, { - "key-file", 'k', arg_string, &keyfile, + "key-file", 'k', arg_string, &keyfile, "location of master key file", "file" }, - { - "realm", 'r', arg_string, &realm, - "realm to use", "realm" + { + "realm", 'r', arg_string, &realm, + "realm to use", "realm" }, - { - "admin-server", 'a', arg_string, &admin_server, - "server to contact", "host" + { + "admin-server", 'a', arg_string, &admin_server, + "server to contact", "host" }, - { - "server-port", 's', arg_integer, &server_port, - "port to use", "port number" + { + "server-port", 's', arg_integer, &server_port, + "port to use", "port number" }, - { "ad", 0, arg_flag, &ad_flag, "active directory admin mode" }, + { "ad", 0, arg_flag, &ad_flag, "active directory admin mode", + NULL }, #ifdef HAVE_DLOPEN - { "check-library", 0, arg_string, &check_library, + { "check-library", 0, arg_string, &check_library, "library to load password check function from", "library" }, { "check-function", 0, arg_string, &check_function, "password check function to load", "function" }, { "policy-libraries", 0, arg_strings, &policy_libraries, "password check function to load", "function" }, #endif - { "local", 'l', arg_flag, &local_flag, "local admin mode" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 'v', arg_flag, &version_flag } + { "local", 'l', arg_flag, &local_flag, "local admin mode", NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 'v', arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); @@ -126,13 +125,16 @@ get_privs(void *opt, int argc, char **argv) uint32_t privs; char str[128]; kadm5_ret_t ret; - + ret = kadm5_get_privs(kadm_handle, &privs); if(ret) krb5_warn(context, ret, "kadm5_get_privs"); else{ ret =_kadm5_privs_to_string(privs, str, sizeof(str)); - printf("%s\n", str); + if (ret == 0) + printf("%s\n", str); + else + printf("privs: 0x%x\n", (unsigned int)privs); } return 0; } @@ -151,7 +153,7 @@ main(int argc, char **argv) ret = krb5_init_context(&context); if (ret) errx (1, "krb5_init_context failed: %d", ret); - + if(getarg(args, num_args, argc, argv, &optidx)) usage(1); @@ -175,12 +177,12 @@ main(int argc, char **argv) ret = krb5_prepend_config_files_default(config_file, &files); if (ret) krb5_err(context, 1, ret, "getting configuration files"); - + ret = krb5_set_config_files(context, files); krb5_free_config_files(files); - if(ret) + if(ret) krb5_err(context, 1, ret, "reading configuration files"); - + memset(&conf, 0, sizeof(conf)); if(realm) { krb5_set_default_realm(context, realm); /* XXX should be fixed @@ -207,11 +209,11 @@ main(int argc, char **argv) if(local_flag) { int i; - kadm5_setup_passwd_quality_check (context, + kadm5_setup_passwd_quality_check (context, check_library, check_function); - + for (i = 0; i < policy_libraries.num_strings; i++) { - ret = kadm5_add_passwd_quality_verifier(context, + ret = kadm5_add_passwd_quality_verifier(context, policy_libraries.strings[i]); if (ret) krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); @@ -219,12 +221,12 @@ main(int argc, char **argv) ret = kadm5_add_passwd_quality_verifier(context, NULL); if (ret) krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); - - ret = kadm5_s_init_with_password_ctx(context, + + ret = kadm5_s_init_with_password_ctx(context, KADM5_ADMIN_SERVICE, NULL, KADM5_ADMIN_SERVICE, - &conf, 0, 0, + &conf, 0, 0, &kadm_handle); } else if (ad_flag) { if (client_name == NULL) @@ -245,13 +247,13 @@ main(int argc, char **argv) &conf, 0, 0, &kadm_handle); } else - ret = kadm5_c_init_with_password_ctx(context, + ret = kadm5_c_init_with_password_ctx(context, client_name, NULL, KADM5_ADMIN_SERVICE, - &conf, 0, 0, + &conf, 0, 0, &kadm_handle); - + if(ret) krb5_err(context, 1, ret, "kadm5_init_with_password"); diff --git a/kadmin/kadmin.cat8 b/kadmin/kadmin.cat8 new file mode 100644 index 000000000000..03865678bc79 --- /dev/null +++ b/kadmin/kadmin.cat8 @@ -0,0 +1,180 @@ + +KADMIN(8) BSD System Manager's Manual KADMIN(8) + +NNAAMMEE + kkaaddmmiinn -- Kerberos administration utility + +SSYYNNOOPPSSIISS + kkaaddmmiinn [--pp _s_t_r_i_n_g | ----pprriinncciippaall==_s_t_r_i_n_g] [--KK _s_t_r_i_n_g | ----kkeeyyttaabb==_s_t_r_i_n_g] + [--cc _f_i_l_e | ----ccoonnffiigg--ffiillee==_f_i_l_e] [--kk _f_i_l_e | ----kkeeyy--ffiillee==_f_i_l_e] + [--rr _r_e_a_l_m | ----rreeaallmm==_r_e_a_l_m] [--aa _h_o_s_t | ----aaddmmiinn--sseerrvveerr==_h_o_s_t] + [--ss _p_o_r_t _n_u_m_b_e_r | ----sseerrvveerr--ppoorrtt==_p_o_r_t _n_u_m_b_e_r] [--ll | ----llooccaall] + [--hh | ----hheellpp] [--vv | ----vveerrssiioonn] [_c_o_m_m_a_n_d] + +DDEESSCCRRIIPPTTIIOONN + The kkaaddmmiinn program is used to make modifications to the Kerberos data- + base, either remotely via the kadmind(8) daemon, or locally (with the --ll + option). + + Supported options: + + --pp _s_t_r_i_n_g, ----pprriinncciippaall==_s_t_r_i_n_g + principal to authenticate as + + --KK _s_t_r_i_n_g, ----kkeeyyttaabb==_s_t_r_i_n_g + keytab for authentication principal + + --cc _f_i_l_e, ----ccoonnffiigg--ffiillee==_f_i_l_e + location of config file + + --kk _f_i_l_e, ----kkeeyy--ffiillee==_f_i_l_e + location of master key file + + --rr _r_e_a_l_m, ----rreeaallmm==_r_e_a_l_m + realm to use + + --aa _h_o_s_t, ----aaddmmiinn--sseerrvveerr==_h_o_s_t + server to contact + + --ss _p_o_r_t _n_u_m_b_e_r, ----sseerrvveerr--ppoorrtt==_p_o_r_t _n_u_m_b_e_r + port to use + + --ll, ----llooccaall + local admin mode + + If no _c_o_m_m_a_n_d is given on the command line, kkaaddmmiinn will prompt for com- + mands to process. Some of the commands that take one or more principals + as argument (ddeelleettee, eexxtt__kkeeyyttaabb, ggeett, mmooddiiffyy, and ppaasssswwdd) will accept a + glob style wildcard, and perform the operation on all matching princi- + pals. + + Commands include: + + aadddd [--rr | ----rraannddoomm--kkeeyy] [----rraannddoomm--ppaasssswwoorrdd] [--pp _s_t_r_i_n_g | + ----ppaasssswwoorrdd==_s_t_r_i_n_g] [----kkeeyy==_s_t_r_i_n_g] [----mmaaxx--ttiicckkeett--lliiffee==_l_i_f_e_t_i_m_e] + [----mmaaxx--rreenneewwaabbllee--lliiffee==_l_i_f_e_t_i_m_e] [----aattttrriibbuutteess==_a_t_t_r_i_b_u_t_e_s] + [----eexxppiirraattiioonn--ttiimmee==_t_i_m_e] [----ppww--eexxppiirraattiioonn--ttiimmee==_t_i_m_e] _p_r_i_n_c_i_p_a_l_._._. + + Adds a new principal to the database. The options not passed on the + command line will be promped for. + + aadddd__eennccttyyppee [--rr | ----rraannddoomm--kkeeyy] _p_r_i_n_c_i_p_a_l _e_n_c_t_y_p_e_s_._._. + + Adds a new encryption type to the principal, only random key are + supported. + + ddeelleettee _p_r_i_n_c_i_p_a_l_._._. + + Removes a principal. + + ddeell__eennccttyyppee _p_r_i_n_c_i_p_a_l _e_n_c_t_y_p_e_s_._._. + + Removes some enctypes from a principal; this can be useful if the + service belonging to the principal is known to not handle certain + enctypes. + + eexxtt__kkeeyyttaabb [--kk _s_t_r_i_n_g | ----kkeeyyttaabb==_s_t_r_i_n_g] _p_r_i_n_c_i_p_a_l_._._. + + Creates a keytab with the keys of the specified principals. + + ggeett [--ll | ----lloonngg] [--ss | ----sshhoorrtt] [--tt | ----tteerrssee] [--oo _s_t_r_i_n_g | + ----ccoolluummnn--iinnffoo==_s_t_r_i_n_g] _p_r_i_n_c_i_p_a_l_._._. + + Lists the matching principals, short prints the result as a table, + while long format produces a more verbose output. Which columns to + print can be selected with the --oo option. The argument is a comma + separated list of column names optionally appended with an equal + sign (`=') and a column header. Which columns are printed by + default differ slightly between short and long output. + + The default terse output format is similar to --ss --oo _p_r_i_n_c_i_p_a_l_=, + just printing the names of matched principals. + + Possible column names include: principal, princ_expire_time, + pw_expiration, last_pwd_change, max_life, max_rlife, mod_time, + mod_name, attributes, kvno, mkvno, last_success, last_failed, + fail_auth_count, policy, and keytypes. + + mmooddiiffyy [--aa _a_t_t_r_i_b_u_t_e_s | ----aattttrriibbuutteess==_a_t_t_r_i_b_u_t_e_s] + [----mmaaxx--ttiicckkeett--lliiffee==_l_i_f_e_t_i_m_e] [----mmaaxx--rreenneewwaabbllee--lliiffee==_l_i_f_e_t_i_m_e] + [----eexxppiirraattiioonn--ttiimmee==_t_i_m_e] [----ppww--eexxppiirraattiioonn--ttiimmee==_t_i_m_e] [----kkvvnnoo==_n_u_m_b_e_r] + _p_r_i_n_c_i_p_a_l_._._. + + Modifies certain attributes of a principal. If run without command + line options, you will be prompted. With command line options, it + will only change the ones specified. + + Possible attributes are: new-princ, support-desmd5, + pwchange-service, disallow-svr, requires-pw-change, + requires-hw-auth, requires-pre-auth, disallow-all-tix, + disallow-dup-skey, disallow-proxiable, disallow-renewable, + disallow-tgt-based, disallow-forwardable, disallow-postdated + + Attributes may be negated with a "-", e.g., + + kadmin -l modify -a -disallow-proxiable user + + ppaasssswwdd [--rr | ----rraannddoomm--kkeeyy] [----rraannddoomm--ppaasssswwoorrdd] [--pp _s_t_r_i_n_g | + ----ppaasssswwoorrdd==_s_t_r_i_n_g] [----kkeeyy==_s_t_r_i_n_g] _p_r_i_n_c_i_p_a_l_._._. + + Changes the password of an existing principal. + + ppaasssswwoorrdd--qquuaalliittyy _p_r_i_n_c_i_p_a_l _p_a_s_s_w_o_r_d + + Run the password quality check function locally. You can run this + on the host that is configured to run the kadmind process to verify + that your configuration file is correct. The verification is done + locally, if kadmin is run in remote mode, no rpc call is done to + the server. + + pprriivviilleeggeess + + Lists the operations you are allowed to perform. These include add, + add_enctype, change-password, delete, del_enctype, get, list, and + modify. + + rreennaammee _f_r_o_m _t_o + + Renames a principal. This is normally transparent, but since keys + are salted with the principal name, they will have a non-standard + salt, and clients which are unable to cope with this will fail. + Kerberos 4 suffers from this. + + cchheecckk [_r_e_a_l_m] + + Check database for strange configurations on important principals. + If no realm is given, the default realm is used. + + When running in local mode, the following commands can also be used: + + dduummpp [--dd | ----ddeeccrryypptt] [_d_u_m_p_-_f_i_l_e] + + Writes the database in ``human readable'' form to the specified + file, or standard out. If the database is encrypted, the dump will + also have encrypted keys, unless ----ddeeccrryypptt is used. + + iinniitt [----rreeaallmm--mmaaxx--ttiicckkeett--lliiffee==_s_t_r_i_n_g] [----rreeaallmm--mmaaxx--rreenneewwaabbllee--lliiffee==_s_t_r_i_n_g] + _r_e_a_l_m + + Initializes the Kerberos database with entries for a new realm. + It's possible to have more than one realm served by one server. + + llooaadd _f_i_l_e + + Reads a previously dumped database, and re-creates that database + from scratch. + + mmeerrggee _f_i_l_e + + Similar to llooaadd but just modifies the database with the entries in + the dump file. + + ssttaasshh [--ee _e_n_c_t_y_p_e | ----eennccttyyppee==_e_n_c_t_y_p_e] [--kk _k_e_y_f_i_l_e | ----kkeeyy--ffiillee==_k_e_y_f_i_l_e] + [----ccoonnvveerrtt--ffiillee] [----mmaasstteerr--kkeeyy--ffdd==_f_d] + + Writes the Kerberos master key to a file used by the KDC. + +SSEEEE AALLSSOO + kadmind(8), kdc(8) + +HEIMDAL Feb 22, 2007 HEIMDAL diff --git a/kadmin/kadmin_locl.h b/kadmin/kadmin_locl.h index 7d0f77438a65..bd92d9fbe9fd 100644 --- a/kadmin/kadmin_locl.h +++ b/kadmin/kadmin_locl.h @@ -1,46 +1,45 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* - * $Id: kadmin_locl.h 17580 2006-05-13 21:28:56Z lha $ +/* + * $Id$ */ #ifndef __ADMIN_LOCL_H__ #define __ADMIN_LOCL_H__ -#ifdef HAVE_CONFIG_H #include -#endif + #include #include #include @@ -127,16 +126,11 @@ int set_entry(krb5_context, kadm5_principal_ent_t, int *, const char *, const char *, const char *, const char *, const char *); int -foreach_principal(const char *, int (*)(krb5_principal, void*), +foreach_principal(const char *, int (*)(krb5_principal, void*), const char *, void *); int parse_des_key (const char *, krb5_key_data *, const char **); -/* server.c */ - -krb5_error_code -kadmind_loop (krb5_context, krb5_auth_context, krb5_keytab, int); - /* random_password.c */ void @@ -147,11 +141,17 @@ random_password(char *, size_t); extern sig_atomic_t term_flag, doing_useful_work; void parse_ports(krb5_context, const char*); -int start_server(krb5_context); +void start_server(krb5_context, const char*); /* server.c */ krb5_error_code -kadmind_loop (krb5_context, krb5_auth_context, krb5_keytab, int); +kadmind_loop (krb5_context, krb5_keytab, int); + +/* rpc.c */ + +int +handle_mit(krb5_context, void *, size_t, int); + #endif /* __ADMIN_LOCL_H__ */ diff --git a/kadmin/kadmind-version.rc b/kadmin/kadmind-version.rc new file mode 100644 index 000000000000..090bc816d3fc --- /dev/null +++ b/kadmin/kadmind-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Kerberos Administration Server" +#define RC_FILE_ORIG_0409 "kadmind.exe" + +#include "../windows/version.rc" diff --git a/kadmin/kadmind.8 b/kadmin/kadmind.8 index 4715da9be664..894340c24951 100644 --- a/kadmin/kadmind.8 +++ b/kadmin/kadmind.8 @@ -1,35 +1,35 @@ -.\" Copyright (c) 2002 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2002 - 2004 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kadmind.8 14370 2004-12-08 17:20:21Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd December 8, 2004 .Dt KADMIND 8 @@ -41,21 +41,21 @@ .Nm .Bk -words .Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file +.Fl Fl config-file= Ns Ar file .Xc .Oc .Oo Fl k Ar file \*(Ba Xo -.Fl -key-file= Ns Ar file +.Fl Fl key-file= Ns Ar file .Xc .Oc -.Op Fl -keytab= Ns Ar keytab +.Op Fl Fl keytab= Ns Ar keytab .Oo Fl r Ar realm \*(Ba Xo -.Fl -realm= Ns Ar realm +.Fl Fl realm= Ns Ar realm .Xc .Oc -.Op Fl d | Fl -debug +.Op Fl d | Fl Fl debug .Oo Fl p Ar port \*(Ba Xo -.Fl -ports= Ns Ar port +.Fl Fl ports= Ns Ar port .Xc .Oc .Ek @@ -67,7 +67,7 @@ assumes that it has been started by .Xr inetd 8 , otherwise it behaves as a daemon, forking processes for each new connection. The -.Fl -debug +.Fl Fl debug option causes .Nm to accept exactly one connection, which is useful for debugging. @@ -76,8 +76,7 @@ The .Xr kpasswdd 8 daemon is responsible for the Kerberos 5 password changing protocol (used by -.Xr kpasswd 1 ) -. +.Xr kpasswd 1 ) . .Pp This daemon should only be run on the master server, and not on any slaves. @@ -118,34 +117,17 @@ glob-style pattern. .Pp Supported options: .Bl -tag -width Ds -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc +.It Fl c Ar file , Fl Fl config-file= Ns Ar file location of config file -.It Xo -.Fl k Ar file , -.Fl -key-file= Ns Ar file -.Xc +.It Fl k Ar file , Fl Fl key-file= Ns Ar file location of master key file -.It Xo -.Fl -keytab= Ns Ar keytab -.Xc +.It Fl Fl keytab= Ns Ar keytab what keytab to use -.It Xo -.Fl r Ar realm , -.Fl -realm= Ns Ar realm -.Xc +.It Fl r Ar realm , Fl Fl realm= Ns Ar realm realm to use -.It Xo -.Fl d , -.Fl -debug -.Xc +.It Fl d , Fl Fl debug enable debugging -.It Xo -.Fl p Ar port , -.Fl -ports= Ns Ar port -.Xc +.It Fl p Ar port , Fl Fl ports= Ns Ar port ports to listen to. By default, if run as a daemon, it listens to port 749, but you can add any number of ports with this option. The port string is a whitespace separated list of port specifications, with the @@ -162,7 +144,7 @@ This will cause to listen to port 4711 in addition to any compiled in defaults: .Pp -.D1 Nm Fl -ports Ns Li "=\*[q]+ 4711\*[q] &" +.D1 Nm Fl Fl ports Ns Li "=\*[q]+ 4711\*[q] &" .Pp This acl file will grant Joe all rights, and allow Mallory to view and add host principals. diff --git a/kadmin/kadmind.c b/kadmin/kadmind.c index 4d1c2ecc2672..f99f9572334a 100644 --- a/kadmin/kadmind.c +++ b/kadmin/kadmind.c @@ -1,45 +1,44 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" -RCSID("$Id: kadmind.c 22250 2007-12-09 05:57:31Z lha $"); - static char *check_library = NULL; static char *check_function = NULL; static getarg_strings policy_libraries = { 0, NULL }; static char *config_file; -static char *keytab_str = "HDB:"; +static char sHDB[] = "HDB:"; +static char *keytab_str = sHDB; static int help_flag; static int version_flag; static int debug_flag; @@ -47,32 +46,32 @@ static char *port_str; char *realm; static struct getargs args[] = { - { - "config-file", 'c', arg_string, &config_file, - "location of config file", "file" + { + "config-file", 'c', arg_string, &config_file, + "location of config file", "file" }, { "keytab", 0, arg_string, &keytab_str, "what keytab to use", "keytab" }, - { "realm", 'r', arg_string, &realm, - "realm to use", "realm" + { "realm", 'r', arg_string, &realm, + "realm to use", "realm" }, #ifdef HAVE_DLOPEN - { "check-library", 0, arg_string, &check_library, + { "check-library", 0, arg_string, &check_library, "library to load password check function from", "library" }, { "check-function", 0, arg_string, &check_function, "password check function to load", "function" }, { "policy-libraries", 0, arg_strings, &policy_libraries, "password check function to load", "function" }, #endif - { "debug", 'd', arg_flag, &debug_flag, - "enable debugging" + { "debug", 'd', arg_flag, &debug_flag, + "enable debugging", NULL }, - { "ports", 'p', arg_string, &port_str, + { "ports", 'p', arg_string, &port_str, "ports to listen to", "port" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 'v', arg_flag, &version_flag } + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 'v', arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); @@ -92,9 +91,10 @@ main(int argc, char **argv) krb5_error_code ret; char **files; int optidx = 0; - int e, i; + int i; krb5_log_facility *logfacility; krb5_keytab keytab; + krb5_socket_t sfd = rk_INVALID_SOCKET; setprogname(argv[0]); @@ -102,8 +102,10 @@ main(int argc, char **argv) if (ret) errx (1, "krb5_init_context failed: %d", ret); - while((e = getarg(args, num_args, argc, argv, &optidx))) + if (getarg(args, num_args, argc, argv, &optidx)) { warnx("error at argument `%s'", argv[optidx]); + usage(1); + } if (help_flag) usage (0); @@ -121,16 +123,16 @@ main(int argc, char **argv) if (config_file == NULL) errx(1, "out of memory"); } - + ret = krb5_prepend_config_files_default(config_file, &files); if (ret) krb5_err(context, 1, ret, "getting configuration files"); - + ret = krb5_set_config_files(context, files); krb5_free_config_files(files); - if(ret) + if(ret) krb5_err(context, 1, ret, "reading configuration files"); - + ret = krb5_openlog(context, "kadmind", &logfacility); if (ret) krb5_err(context, 1, ret, "krb5_openlog"); @@ -149,7 +151,7 @@ main(int argc, char **argv) kadm5_setup_passwd_quality_check (context, check_library, check_function); for (i = 0; i < policy_libraries.num_strings; i++) { - ret = kadm5_add_passwd_quality_verifier(context, + ret = kadm5_add_passwd_quality_verifier(context, policy_libraries.strings[i]); if (ret) krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); @@ -158,30 +160,42 @@ main(int argc, char **argv) if (ret) krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); - { - int fd = 0; + if(debug_flag) { + int debug_port; + + if(port_str == NULL) + debug_port = krb5_getportbyname (context, "kerberos-adm", + "tcp", 749); + else + debug_port = htons(atoi(port_str)); + mini_inetd(debug_port, &sfd); + } else { +#ifdef _WIN32 + pidfile(NULL); + start_server(context, port_str); +#else struct sockaddr_storage __ss; struct sockaddr *sa = (struct sockaddr *)&__ss; socklen_t sa_size = sizeof(__ss); - krb5_auth_context ac = NULL; - int debug_port; - if(debug_flag) { - if(port_str == NULL) - debug_port = krb5_getportbyname (context, "kerberos-adm", - "tcp", 749); - else - debug_port = htons(atoi(port_str)); - mini_inetd(debug_port); - } else if(roken_getsockname(STDIN_FILENO, sa, &sa_size) < 0 && - errno == ENOTSOCK) { - parse_ports(context, port_str ? port_str : "+"); + /* + * Check if we are running inside inetd or not, if not, start + * our own server. + */ + + if(roken_getsockname(STDIN_FILENO, sa, &sa_size) < 0 && + rk_SOCK_ERRNO == ENOTSOCK) { pidfile(NULL); - start_server(context); + start_server(context, port_str); } - if(realm) - krb5_set_default_realm(context, realm); /* XXX */ - kadmind_loop(context, ac, keytab, fd); +#endif /* _WIN32 */ + sfd = STDIN_FILENO; } + + if(realm) + krb5_set_default_realm(context, realm); /* XXX */ + + kadmind_loop(context, keytab, sfd); + return 0; } diff --git a/kadmin/kadmind.cat8 b/kadmin/kadmind.cat8 new file mode 100644 index 000000000000..7f3565c687b8 --- /dev/null +++ b/kadmin/kadmind.cat8 @@ -0,0 +1,87 @@ + +KADMIND(8) BSD System Manager's Manual KADMIND(8) + +NNAAMMEE + kkaaddmmiinndd -- server for administrative access to Kerberos database + +SSYYNNOOPPSSIISS + kkaaddmmiinndd [--cc _f_i_l_e | ----ccoonnffiigg--ffiillee==_f_i_l_e] [--kk _f_i_l_e | ----kkeeyy--ffiillee==_f_i_l_e] + [----kkeeyyttaabb==_k_e_y_t_a_b] [--rr _r_e_a_l_m | ----rreeaallmm==_r_e_a_l_m] [--dd | ----ddeebbuugg] [--pp + _p_o_r_t | ----ppoorrttss==_p_o_r_t] + +DDEESSCCRRIIPPTTIIOONN + kkaaddmmiinndd listens for requests for changes to the Kerberos database and + performs these, subject to permissions. When starting, if stdin is a + socket it assumes that it has been started by inetd(8), otherwise it + behaves as a daemon, forking processes for each new connection. The + ----ddeebbuugg option causes kkaaddmmiinndd to accept exactly one connection, which is + useful for debugging. + + The kpasswdd(8) daemon is responsible for the Kerberos 5 password chang- + ing protocol (used by kpasswd(1)). + + This daemon should only be run on the master server, and not on any + slaves. + + Principals are always allowed to change their own password and list their + own principal. Apart from that, doing any operation requires permission + explicitly added in the ACL file _/_v_a_r_/_h_e_i_m_d_a_l_/_k_a_d_m_i_n_d_._a_c_l. The format of + this file is: + + _p_r_i_n_c_i_p_a_l _r_i_g_h_t_s [_p_r_i_n_c_i_p_a_l_-_p_a_t_t_e_r_n] + + Where rights is any (comma separated) combination of: + ++oo change-password or cpw + ++oo list + ++oo delete + ++oo modify + ++oo add + ++oo get + ++oo all + + And the optional _p_r_i_n_c_i_p_a_l_-_p_a_t_t_e_r_n restricts the rights to operations on + principals that match the glob-style pattern. + + Supported options: + + --cc _f_i_l_e, ----ccoonnffiigg--ffiillee==_f_i_l_e + location of config file + + --kk _f_i_l_e, ----kkeeyy--ffiillee==_f_i_l_e + location of master key file + + ----kkeeyyttaabb==_k_e_y_t_a_b + what keytab to use + + --rr _r_e_a_l_m, ----rreeaallmm==_r_e_a_l_m + realm to use + + --dd, ----ddeebbuugg + enable debugging + + --pp _p_o_r_t, ----ppoorrttss==_p_o_r_t + ports to listen to. By default, if run as a daemon, it listens to + port 749, but you can add any number of ports with this option. + The port string is a whitespace separated list of port specifica- + tions, with the special string ``+'' representing the default + port. + +FFIILLEESS + _/_v_a_r_/_h_e_i_m_d_a_l_/_k_a_d_m_i_n_d_._a_c_l + +EEXXAAMMPPLLEESS + This will cause kkaaddmmiinndd to listen to port 4711 in addition to any com- + piled in defaults: + + kkaaddmmiinndd ----ppoorrttss="+ 4711" & + + This acl file will grant Joe all rights, and allow Mallory to view and + add host principals. + + joe/admin@EXAMPLE.COM all + mallory/admin@EXAMPLE.COM add,get host/*@EXAMPLE.COM + +SSEEEE AALLSSOO + kpasswd(1), kadmin(8), kdc(8), kpasswdd(8) + +HEIMDAL December 8, 2004 HEIMDAL diff --git a/kadmin/load.c b/kadmin/load.c index 30e6d93c0898..eb33be77ac5f 100644 --- a/kadmin/load.c +++ b/kadmin/load.c @@ -1,42 +1,40 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" #include -RCSID("$Id: load.c 16658 2006-01-25 12:29:46Z lha $"); - struct entry { char *principal; char *key; @@ -55,7 +53,7 @@ struct entry { static char * skip_next(char *p) { - while(*p && !isspace((unsigned char)*p)) + while(*p && !isspace((unsigned char)*p)) p++; *p++ = 0; while(*p && isspace((unsigned char)*p)) @@ -78,7 +76,7 @@ parse_time_string(time_t *t, const char *s) if(strcmp(s, "-") == 0) return 0; - if(sscanf(s, "%04d%02d%02d%02d%02d%02d", + if(sscanf(s, "%04d%02d%02d%02d%02d%02d", &year, &month, &date, &hour, &minute, &second) != 6) return -1; tm.tm_year = year - 1900; @@ -155,8 +153,8 @@ parse_keys(hdb_entry *ent, char *str) krb5_error_code ret; int tmp; char *p; - int i; - + size_t i; + p = strsep(&str, ":"); if (sscanf(p, "%d", &tmp) != 1) return 1; @@ -164,7 +162,7 @@ parse_keys(hdb_entry *ent, char *str) p = strsep(&str, ":"); while(p){ Key *key; - key = realloc(ent->keys.val, + key = realloc(ent->keys.val, (ent->keys.len + 1) * sizeof(*ent->keys.val)); if(key == NULL) krb5_errx (context, 1, "realloc: out of memory"); @@ -203,11 +201,11 @@ parse_keys(hdb_entry *ent, char *str) p++; p_len = strlen(p); - key->salt = malloc(sizeof(*key->salt)); + key->salt = calloc(1, sizeof(*key->salt)); if (key->salt == NULL) krb5_errx (context, 1, "malloc: out of memory"); key->salt->type = type; - + if (p_len) { if(*p == '\"') { ret = krb5_data_copy(&key->salt->salt, p + 1, p_len - 2); @@ -333,8 +331,10 @@ parse_extensions(char *str, HDB_extensions **e) d = malloc(len); len = hex_decode(p, d, len); - if (len < 0) + if (len < 0) { + free(d); return -1; + } ret = decode_HDB_extension(d, len, &ext, NULL); free(d); @@ -395,7 +395,6 @@ doit(const char *filename, int mergep) line = 0; ret = 0; while(fgets(s, sizeof(s), f) != NULL) { - ret = 0; line++; p = s; @@ -412,7 +411,7 @@ doit(const char *filename, int mergep) } } p = skip_next(p); - + e.key = p; p = skip_next(p); @@ -444,26 +443,25 @@ doit(const char *filename, int mergep) p = skip_next(p); e.extensions = p; - p = skip_next(p); + skip_next(p); memset(&ent, 0, sizeof(ent)); ret = krb5_parse_name(context, e.principal, &ent.entry.principal); if(ret) { - fprintf(stderr, "%s:%d:%s (%s)\n", - filename, - line, - krb5_get_err_text(context, ret), - e.principal); + const char *msg = krb5_get_error_message(context, ret); + fprintf(stderr, "%s:%d:%s (%s)\n", + filename, line, msg, e.principal); + krb5_free_error_message(context, msg); continue; } - + if (parse_keys(&ent.entry, e.key)) { fprintf (stderr, "%s:%d:error parsing keys (%s)\n", filename, line, e.key); hdb_free_entry (context, &ent); continue; } - + if (parse_event(&ent.entry.created_by, e.created) == -1) { fprintf (stderr, "%s:%d:error parsing created event (%s)\n", filename, line, e.created); @@ -555,13 +553,13 @@ loadit(int mergep, const char *name, int argc, char **argv) return doit(argv[0], mergep); } - + int load(void *opt, int argc, char **argv) { return loadit(0, "load", argc, argv); } - + int merge(void *opt, int argc, char **argv) { diff --git a/kadmin/mod.c b/kadmin/mod.c index f5f9e0467a5b..940425f2a54b 100644 --- a/kadmin/mod.c +++ b/kadmin/mod.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" -RCSID("$Id: mod.c 21968 2007-10-18 18:50:33Z lha $"); - static void add_tl(kadm5_principal_ent_rec *princ, int type, krb5_data *data) { @@ -46,7 +44,7 @@ add_tl(kadm5_principal_ent_rec *princ, int type, krb5_data *data) tl->tl_data_type = KRB5_TL_EXTENSION; tl->tl_data_length = data->length; tl->tl_data_contents = data->data; - + princ->n_tl_data++; ptl = &princ->tl_data; while (*ptl != NULL) @@ -57,15 +55,15 @@ add_tl(kadm5_principal_ent_rec *princ, int type, krb5_data *data) } static void -add_constrained_delegation(krb5_context context, +add_constrained_delegation(krb5_context contextp, kadm5_principal_ent_rec *princ, struct getarg_strings *strings) { krb5_error_code ret; HDB_extension ext; krb5_data buf; - size_t size; - + size_t size = 0; + memset(&ext, 0, sizeof(ext)); ext.mandatory = FALSE; ext.data.element = choice_HDB_extension_data_allowed_to_delegate_to; @@ -77,15 +75,19 @@ add_constrained_delegation(krb5_context context, krb5_principal p; int i; - ext.data.u.allowed_to_delegate_to.val = - calloc(strings->num_strings, + ext.data.u.allowed_to_delegate_to.val = + calloc(strings->num_strings, sizeof(ext.data.u.allowed_to_delegate_to.val[0])); ext.data.u.allowed_to_delegate_to.len = strings->num_strings; - + for (i = 0; i < strings->num_strings; i++) { - ret = krb5_parse_name(context, strings->strings[i], &p); + ret = krb5_parse_name(contextp, strings->strings[i], &p); + if (ret) + abort(); ret = copy_Principal(p, &ext.data.u.allowed_to_delegate_to.val[i]); - krb5_free_principal(context, p); + if (ret) + abort(); + krb5_free_principal(contextp, p); } } @@ -101,16 +103,16 @@ add_constrained_delegation(krb5_context context, } static void -add_aliases(krb5_context context, kadm5_principal_ent_rec *princ, +add_aliases(krb5_context contextp, kadm5_principal_ent_rec *princ, struct getarg_strings *strings) { krb5_error_code ret; HDB_extension ext; krb5_data buf; krb5_principal p; - size_t size; + size_t size = 0; int i; - + memset(&ext, 0, sizeof(ext)); ext.mandatory = FALSE; ext.data.element = choice_HDB_extension_data_aliases; @@ -120,15 +122,15 @@ add_aliases(krb5_context context, kadm5_principal_ent_rec *princ, ext.data.u.aliases.aliases.val = NULL; ext.data.u.aliases.aliases.len = 0; } else { - ext.data.u.aliases.aliases.val = - calloc(strings->num_strings, + ext.data.u.aliases.aliases.val = + calloc(strings->num_strings, sizeof(ext.data.u.aliases.aliases.val[0])); ext.data.u.aliases.aliases.len = strings->num_strings; - + for (i = 0; i < strings->num_strings; i++) { - ret = krb5_parse_name(context, strings->strings[i], &p); + ret = krb5_parse_name(contextp, strings->strings[i], &p); ret = copy_Principal(p, &ext.data.u.aliases.aliases.val[i]); - krb5_free_principal(context, p); + krb5_free_principal(contextp, p); } } @@ -139,20 +141,20 @@ add_aliases(krb5_context context, kadm5_principal_ent_rec *princ, abort(); if (buf.length != size) abort(); - + add_tl(princ, KRB5_TL_EXTENSION, &buf); } static void -add_pkinit_acl(krb5_context context, kadm5_principal_ent_rec *princ, +add_pkinit_acl(krb5_context contextp, kadm5_principal_ent_rec *princ, struct getarg_strings *strings) { krb5_error_code ret; HDB_extension ext; krb5_data buf; - size_t size; + size_t size = 0; int i; - + memset(&ext, 0, sizeof(ext)); ext.mandatory = FALSE; ext.data.element = choice_HDB_extension_data_pkinit_acl; @@ -162,11 +164,11 @@ add_pkinit_acl(krb5_context context, kadm5_principal_ent_rec *princ, ext.data.u.pkinit_acl.val = NULL; ext.data.u.pkinit_acl.len = 0; } else { - ext.data.u.pkinit_acl.val = - calloc(strings->num_strings, + ext.data.u.pkinit_acl.val = + calloc(strings->num_strings, sizeof(ext.data.u.pkinit_acl.val[0])); ext.data.u.pkinit_acl.len = strings->num_strings; - + for (i = 0; i < strings->num_strings; i++) { ext.data.u.pkinit_acl.val[i].subject = estrdup(strings->strings[i]); } @@ -179,7 +181,7 @@ add_pkinit_acl(krb5_context context, kadm5_principal_ent_rec *princ, abort(); if (buf.length != size) abort(); - + add_tl(princ, KRB5_TL_EXTENSION, &buf); } @@ -190,17 +192,17 @@ do_mod_entry(krb5_principal principal, void *data) kadm5_principal_ent_rec princ; int mask = 0; struct modify_options *e = data; - + memset (&princ, 0, sizeof(princ)); ret = kadm5_get_principal(kadm_handle, principal, &princ, - KADM5_PRINCIPAL | KADM5_ATTRIBUTES | + KADM5_PRINCIPAL | KADM5_ATTRIBUTES | KADM5_MAX_LIFE | KADM5_MAX_RLIFE | KADM5_PRINC_EXPIRE_TIME | KADM5_PW_EXPIRATION); - if(ret) + if(ret) return ret; - if(e->max_ticket_life_string || + if(e->max_ticket_life_string || e->max_renewable_life_string || e->expiration_time_string || e->pw_expiration_time_string || @@ -209,11 +211,11 @@ do_mod_entry(krb5_principal principal, void *data) e->constrained_delegation_strings.num_strings || e->alias_strings.num_strings || e->pkinit_acl_strings.num_strings) { - ret = set_entry(context, &princ, &mask, - e->max_ticket_life_string, - e->max_renewable_life_string, - e->expiration_time_string, - e->pw_expiration_time_string, + ret = set_entry(context, &princ, &mask, + e->max_ticket_life_string, + e->max_renewable_life_string, + e->expiration_time_string, + e->pw_expiration_time_string, e->attributes_string); if(e->kvno_integer != -1) { princ.kvno = e->kvno_integer; @@ -240,7 +242,7 @@ do_mod_entry(krb5_principal principal, void *data) if(ret) krb5_warn(context, ret, "kadm5_modify_principal"); } - + kadm5_free_principal_ent(kadm_handle, &princ); return ret; } diff --git a/kadmin/pw_quality.c b/kadmin/pw_quality.c index 8d1e9cc11a88..23b136266860 100644 --- a/kadmin/pw_quality.c +++ b/kadmin/pw_quality.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 2003-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" -RCSID("$Id: pw_quality.c 14026 2004-07-05 11:41:22Z joda $"); - int password_quality(void *opt, int argc, char **argv) { diff --git a/kadmin/random_password.c b/kadmin/random_password.c index d56dd941f39f..970e99d34adb 100644 --- a/kadmin/random_password.c +++ b/kadmin/random_password.c @@ -1,45 +1,43 @@ /* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" -RCSID("$Id: random_password.c 21745 2007-07-31 16:11:25Z lha $"); - /* This file defines some a function that generates a random password, that can be used when creating a large amount of principals (such as for a batch of students). Since this is a political matter, you should think about how secure generated passwords has to be. - + Both methods defined here will give you at least 55 bits of entropy. */ @@ -65,9 +63,9 @@ random_password(char *pw, size_t len) } #else char *pass; - generate_password(&pass, 3, - "abcdefghijklmnopqrstuvwxyz", 7, - "ABCDEFGHIJKLMNOPQRSTUVWXYZ", 2, + generate_password(&pass, 3, + "abcdefghijklmnopqrstuvwxyz", 7, + "ABCDEFGHIJKLMNOPQRSTUVWXYZ", 2, "@$%&*()-+=:,/<>1234567890", 1); strlcpy(pw, pass, len); memset(pass, 0, strlen(pass)); @@ -104,11 +102,11 @@ RND(unsigned char *key, int keylen, int *left) | | ---- * | / | | | Ni! | /___ | i=1 \ i=1 / - + Since it uses the RND function above, neither the size of each class, nor the total length of the generated password should be larger than 127 (without fixing RND). - + */ static void generate_password(char **pw, int num_classes, ...) diff --git a/kadmin/rename.c b/kadmin/rename.c index 9309db5c229c..cdd7de24d842 100644 --- a/kadmin/rename.c +++ b/kadmin/rename.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" -RCSID("$Id: rename.c 17007 2006-04-07 13:11:24Z lha $"); - int rename_entry(void *opt, int argc, char **argv) { diff --git a/kadmin/rpc.c b/kadmin/rpc.c new file mode 100644 index 000000000000..445a96a54f51 --- /dev/null +++ b/kadmin/rpc.c @@ -0,0 +1,1106 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadmin_locl.h" + +#include +#include +#include + +#define CHECK(x) \ + do { \ + int __r; \ + if ((__r = (x))) { \ + krb5_errx(dcontext, 1, "Failed (%d) on %s:%d", \ + __r, __FILE__, __LINE__); \ + } \ + } while(0) + +static krb5_context dcontext; + +#define INSIST(x) CHECK(!(x)) + +#define VERSION2 0x12345702 + +#define LAST_FRAGMENT 0x80000000 + +#define RPC_VERSION 2 +#define KADM_SERVER 2112 +#define VVERSION 2 +#define FLAVOR_GSS 6 +#define FLAVOR_GSS_VERSION 1 + +struct opaque_auth { + uint32_t flavor; + krb5_data data; +}; + +struct call_header { + uint32_t xid; + uint32_t rpcvers; + uint32_t prog; + uint32_t vers; + uint32_t proc; + struct opaque_auth cred; + struct opaque_auth verf; +}; + +enum { + RPG_DATA = 0, + RPG_INIT = 1, + RPG_CONTINUE_INIT = 2, + RPG_DESTROY = 3 +}; + +enum { + rpg_privacy = 3 +}; + +/* +struct chrand_ret { + krb5_ui_4 api_version; + kadm5_ret_t ret; + int n_keys; + krb5_keyblock *keys; +}; +*/ + + +struct gcred { + uint32_t version; + uint32_t proc; + uint32_t seq_num; + uint32_t service; + krb5_data handle; +}; + +static int +parse_name(const unsigned char *p, size_t len, + const gss_OID oid, char **name) +{ + size_t l; + + if (len < 4) + return 1; + + /* TOK_ID */ + if (memcmp(p, "\x04\x01", 2) != 0) + return 1; + len -= 2; + p += 2; + + /* MECH_LEN */ + l = (p[0] << 8) | p[1]; + len -= 2; + p += 2; + if (l < 2 || len < l) + return 1; + + /* oid wrapping */ + if (p[0] != 6 || p[1] != l - 2) + return 1; + p += 2; + l -= 2; + len -= 2; + + /* MECH */ + if (l != oid->length || memcmp(p, oid->elements, oid->length) != 0) + return 1; + len -= l; + p += l; + + /* MECHNAME_LEN */ + if (len < 4) + return 1; + l = p[0] << 24 | p[1] << 16 | p[2] << 8 | p[3]; + len -= 4; + p += 4; + + /* MECH NAME */ + if (len != l) + return 1; + + *name = malloc(l + 1); + INSIST(*name != NULL); + memcpy(*name, p, l); + (*name)[l] = '\0'; + + return 0; +} + + + +static void +gss_error(krb5_context contextp, + gss_OID mech, OM_uint32 type, OM_uint32 error) +{ + OM_uint32 new_stat; + OM_uint32 msg_ctx = 0; + gss_buffer_desc status_string; + OM_uint32 ret; + + do { + ret = gss_display_status (&new_stat, + error, + type, + mech, + &msg_ctx, + &status_string); + krb5_warnx(contextp, "%.*s", + (int)status_string.length, + (char *)status_string.value); + gss_release_buffer (&new_stat, &status_string); + } while (!GSS_ERROR(ret) && msg_ctx != 0); +} + +static void +gss_print_errors (krb5_context contextp, + OM_uint32 maj_stat, OM_uint32 min_stat) +{ + gss_error(contextp, GSS_C_NO_OID, GSS_C_GSS_CODE, maj_stat); + gss_error(contextp, GSS_C_NO_OID, GSS_C_MECH_CODE, min_stat); +} + +static int +read_data(krb5_storage *sp, krb5_storage *msg, size_t len) +{ + char buf[1024]; + + while (len) { + size_t tlen = len; + ssize_t slen; + + if (tlen > sizeof(buf)) + tlen = sizeof(buf); + + slen = krb5_storage_read(sp, buf, tlen); + INSIST((size_t)slen == tlen); + + slen = krb5_storage_write(msg, buf, tlen); + INSIST((size_t)slen == tlen); + + len -= tlen; + } + return 0; +} + +static int +collect_framents(krb5_storage *sp, krb5_storage *msg) +{ + krb5_error_code ret; + uint32_t len; + int last_fragment; + size_t total_len = 0; + + do { + ret = krb5_ret_uint32(sp, &len); + if (ret) + return ret; + + last_fragment = (len & LAST_FRAGMENT); + len &= ~LAST_FRAGMENT; + + CHECK(read_data(sp, msg, len)); + total_len += len; + + } while(!last_fragment || total_len == 0); + + return 0; +} + +static krb5_error_code +store_data_xdr(krb5_storage *sp, krb5_data data) +{ + krb5_error_code ret; + size_t res; + + ret = krb5_store_data(sp, data); + if (ret) + return ret; + res = 4 - (data.length % 4); + if (res != 4) { + static const char zero[4] = { 0, 0, 0, 0 }; + + ret = krb5_storage_write(sp, zero, res); + if((size_t)ret != res) + return (ret < 0)? errno : krb5_storage_get_eof_code(sp); + } + return 0; +} + +static krb5_error_code +ret_data_xdr(krb5_storage *sp, krb5_data *data) +{ + krb5_error_code ret; + ret = krb5_ret_data(sp, data); + if (ret) + return ret; + + if ((data->length % 4) != 0) { + char buf[4]; + size_t res; + + res = 4 - (data->length % 4); + if (res != 4) { + ret = krb5_storage_read(sp, buf, res); + if((size_t)ret != res) + return (ret < 0)? errno : krb5_storage_get_eof_code(sp); + } + } + return 0; +} + +static krb5_error_code +ret_auth_opaque(krb5_storage *msg, struct opaque_auth *ao) +{ + krb5_error_code ret; + ret = krb5_ret_uint32(msg, &ao->flavor); + if (ret) return ret; + ret = ret_data_xdr(msg, &ao->data); + return ret; +} + +static int +ret_gcred(krb5_data *data, struct gcred *gcred) +{ + krb5_storage *sp; + + memset(gcred, 0, sizeof(*gcred)); + + sp = krb5_storage_from_data(data); + INSIST(sp != NULL); + + CHECK(krb5_ret_uint32(sp, &gcred->version)); + CHECK(krb5_ret_uint32(sp, &gcred->proc)); + CHECK(krb5_ret_uint32(sp, &gcred->seq_num)); + CHECK(krb5_ret_uint32(sp, &gcred->service)); + CHECK(ret_data_xdr(sp, &gcred->handle)); + + krb5_storage_free(sp); + + return 0; +} + +static krb5_error_code +store_gss_init_res(krb5_storage *sp, krb5_data handle, + OM_uint32 maj_stat, OM_uint32 min_stat, + uint32_t seq_window, gss_buffer_t gout) +{ + krb5_error_code ret; + krb5_data out; + + out.data = gout->value; + out.length = gout->length; + + ret = store_data_xdr(sp, handle); + if (ret) return ret; + ret = krb5_store_uint32(sp, maj_stat); + if (ret) return ret; + ret = krb5_store_uint32(sp, min_stat); + if (ret) return ret; + ret = store_data_xdr(sp, out); + return ret; +} + +static int +store_string_xdr(krb5_storage *sp, const char *str) +{ + krb5_data c; + if (str) { + c.data = rk_UNCONST(str); + c.length = strlen(str) + 1; + } else + krb5_data_zero(&c); + + return store_data_xdr(sp, c); +} + +static int +ret_string_xdr(krb5_storage *sp, char **str) +{ + krb5_data c; + *str = NULL; + CHECK(ret_data_xdr(sp, &c)); + if (c.length) { + *str = malloc(c.length + 1); + INSIST(*str != NULL); + memcpy(*str, c.data, c.length); + (*str)[c.length] = '\0'; + } + krb5_data_free(&c); + return 0; +} + +static int +store_principal_xdr(krb5_context contextp, + krb5_storage *sp, + krb5_principal p) +{ + char *str; + CHECK(krb5_unparse_name(contextp, p, &str)); + CHECK(store_string_xdr(sp, str)); + free(str); + return 0; +} + +static int +ret_principal_xdr(krb5_context contextp, + krb5_storage *sp, + krb5_principal *p) +{ + char *str; + *p = NULL; + CHECK(ret_string_xdr(sp, &str)); + if (str) { + CHECK(krb5_parse_name(contextp, str, p)); + free(str); + } + return 0; +} + +static int +store_principal_ent(krb5_context contextp, + krb5_storage *sp, + kadm5_principal_ent_rec *ent) +{ + int i; + + CHECK(store_principal_xdr(contextp, sp, ent->principal)); + CHECK(krb5_store_uint32(sp, ent->princ_expire_time)); + CHECK(krb5_store_uint32(sp, ent->pw_expiration)); + CHECK(krb5_store_uint32(sp, ent->last_pwd_change)); + CHECK(krb5_store_uint32(sp, ent->max_life)); + CHECK(krb5_store_int32(sp, ent->mod_name == NULL)); + if (ent->mod_name) + CHECK(store_principal_xdr(contextp, sp, ent->mod_name)); + CHECK(krb5_store_uint32(sp, ent->mod_date)); + CHECK(krb5_store_uint32(sp, ent->attributes)); + CHECK(krb5_store_uint32(sp, ent->kvno)); + CHECK(krb5_store_uint32(sp, ent->mkvno)); + CHECK(store_string_xdr(sp, ent->policy)); + CHECK(krb5_store_int32(sp, ent->aux_attributes)); + CHECK(krb5_store_int32(sp, ent->max_renewable_life)); + CHECK(krb5_store_int32(sp, ent->last_success)); + CHECK(krb5_store_int32(sp, ent->last_failed)); + CHECK(krb5_store_int32(sp, ent->fail_auth_count)); + CHECK(krb5_store_int32(sp, ent->n_key_data)); + CHECK(krb5_store_int32(sp, ent->n_tl_data)); + CHECK(krb5_store_int32(sp, ent->n_tl_data == 0)); + if (ent->n_tl_data) { + krb5_tl_data *tp; + + for (tp = ent->tl_data; tp; tp = tp->tl_data_next) { + krb5_data c; + c.length = tp->tl_data_length; + c.data = tp->tl_data_contents; + + CHECK(krb5_store_int32(sp, 0)); /* last item */ + CHECK(krb5_store_int32(sp, tp->tl_data_type)); + CHECK(store_data_xdr(sp, c)); + } + CHECK(krb5_store_int32(sp, 1)); /* last item */ + } + + CHECK(krb5_store_int32(sp, ent->n_key_data)); + for (i = 0; i < ent->n_key_data; i++) { + CHECK(krb5_store_uint32(sp, 2)); + CHECK(krb5_store_uint32(sp, ent->kvno)); + CHECK(krb5_store_uint32(sp, ent->key_data[i].key_data_type[0])); + CHECK(krb5_store_uint32(sp, ent->key_data[i].key_data_type[1])); + } + + return 0; +} + +static int +ret_principal_ent(krb5_context contextp, + krb5_storage *sp, + kadm5_principal_ent_rec *ent) +{ + uint32_t flag, num; + size_t i; + + memset(ent, 0, sizeof(*ent)); + + CHECK(ret_principal_xdr(contextp, sp, &ent->principal)); + CHECK(krb5_ret_uint32(sp, &flag)); + ent->princ_expire_time = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->pw_expiration = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->last_pwd_change = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->max_life = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + if (flag == 0) + ret_principal_xdr(contextp, sp, &ent->mod_name); + CHECK(krb5_ret_uint32(sp, &flag)); + ent->mod_date = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->attributes = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->kvno = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->mkvno = flag; + CHECK(ret_string_xdr(sp, &ent->policy)); + CHECK(krb5_ret_uint32(sp, &flag)); + ent->aux_attributes = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->max_renewable_life = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->last_success = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->last_failed = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->fail_auth_count = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->n_key_data = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->n_tl_data = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + if (flag == 0) { + krb5_tl_data **tp = &ent->tl_data; + size_t count = 0; + + while(1) { + krb5_data c; + CHECK(krb5_ret_uint32(sp, &flag)); /* last item */ + if (flag) + break; + *tp = calloc(1, sizeof(**tp)); + INSIST(*tp != NULL); + CHECK(krb5_ret_uint32(sp, &flag)); + (*tp)->tl_data_type = flag; + CHECK(ret_data_xdr(sp, &c)); + (*tp)->tl_data_length = c.length; + (*tp)->tl_data_contents = c.data; + tp = &(*tp)->tl_data_next; + + count++; + } + INSIST((size_t)ent->n_tl_data == count); + } else { + INSIST(ent->n_tl_data == 0); + } + + CHECK(krb5_ret_uint32(sp, &num)); + INSIST(num == (uint32_t)ent->n_key_data); + + ent->key_data = calloc(num, sizeof(ent->key_data[0])); + INSIST(ent->key_data != NULL); + + for (i = 0; i < num; i++) { + CHECK(krb5_ret_uint32(sp, &flag)); /* data version */ + INSIST(flag > 1); + CHECK(krb5_ret_uint32(sp, &flag)); + ent->kvno = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->key_data[i].key_data_type[0] = flag; + CHECK(krb5_ret_uint32(sp, &flag)); + ent->key_data[i].key_data_type[1] = flag; + } + + return 0; +} + +/* + * + */ + +static void +proc_create_principal(kadm5_server_context *contextp, + krb5_storage *in, + krb5_storage *out) +{ + uint32_t version, mask; + kadm5_principal_ent_rec ent; + krb5_error_code ret; + char *password; + + memset(&ent, 0, sizeof(ent)); + + CHECK(krb5_ret_uint32(in, &version)); + INSIST(version == VERSION2); + CHECK(ret_principal_ent(contextp->context, in, &ent)); + CHECK(krb5_ret_uint32(in, &mask)); + CHECK(ret_string_xdr(in, &password)); + + INSIST(ent.principal); + + + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_ADD, ent.principal); + if (ret) + goto fail; + + ret = kadm5_create_principal(contextp, &ent, mask, password); + + fail: + krb5_warn(contextp->context, ret, "create principal"); + CHECK(krb5_store_uint32(out, VERSION2)); /* api version */ + CHECK(krb5_store_uint32(out, ret)); /* code */ + + free(password); + kadm5_free_principal_ent(contextp, &ent); +} + +static void +proc_delete_principal(kadm5_server_context *contextp, + krb5_storage *in, + krb5_storage *out) +{ + uint32_t version; + krb5_principal princ; + krb5_error_code ret; + + CHECK(krb5_ret_uint32(in, &version)); + INSIST(version == VERSION2); + CHECK(ret_principal_xdr(contextp->context, in, &princ)); + + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_DELETE, princ); + if (ret) + goto fail; + + ret = kadm5_delete_principal(contextp, princ); + + fail: + krb5_warn(contextp->context, ret, "delete principal"); + CHECK(krb5_store_uint32(out, VERSION2)); /* api version */ + CHECK(krb5_store_uint32(out, ret)); /* code */ + + krb5_free_principal(contextp->context, princ); +} + +static void +proc_get_principal(kadm5_server_context *contextp, + krb5_storage *in, + krb5_storage *out) +{ + uint32_t version, mask; + krb5_principal princ; + kadm5_principal_ent_rec ent; + krb5_error_code ret; + + memset(&ent, 0, sizeof(ent)); + + CHECK(krb5_ret_uint32(in, &version)); + INSIST(version == VERSION2); + CHECK(ret_principal_xdr(contextp->context, in, &princ)); + CHECK(krb5_ret_uint32(in, &mask)); + + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_GET, princ); + if(ret) + goto fail; + + ret = kadm5_get_principal(contextp, princ, &ent, mask); + + fail: + krb5_warn(contextp->context, ret, "get principal principal"); + + CHECK(krb5_store_uint32(out, VERSION2)); /* api version */ + CHECK(krb5_store_uint32(out, ret)); /* code */ + if (ret == 0) { + CHECK(store_principal_ent(contextp->context, out, &ent)); + } + krb5_free_principal(contextp->context, princ); + kadm5_free_principal_ent(contextp, &ent); +} + +static void +proc_chrand_principal_v2(kadm5_server_context *contextp, + krb5_storage *in, + krb5_storage *out) +{ + krb5_error_code ret; + krb5_principal princ; + uint32_t version; + krb5_keyblock *new_keys; + int n_keys; + + CHECK(krb5_ret_uint32(in, &version)); + INSIST(version == VERSION2); + CHECK(ret_principal_xdr(contextp->context, in, &princ)); + + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_CPW, princ); + if(ret) + goto fail; + + ret = kadm5_randkey_principal(contextp, princ, + &new_keys, &n_keys); + + fail: + krb5_warn(contextp->context, ret, "rand key principal"); + + CHECK(krb5_store_uint32(out, VERSION2)); /* api version */ + CHECK(krb5_store_uint32(out, ret)); + if (ret == 0) { + int i; + CHECK(krb5_store_int32(out, n_keys)); + + for(i = 0; i < n_keys; i++){ + CHECK(krb5_store_uint32(out, new_keys[i].keytype)); + CHECK(store_data_xdr(out, new_keys[i].keyvalue)); + krb5_free_keyblock_contents(contextp->context, &new_keys[i]); + } + free(new_keys); + } + krb5_free_principal(contextp->context, princ); +} + +static void +proc_init(kadm5_server_context *contextp, + krb5_storage *in, + krb5_storage *out) +{ + CHECK(krb5_store_uint32(out, VERSION2)); /* api version */ + CHECK(krb5_store_uint32(out, 0)); /* code */ + CHECK(krb5_store_uint32(out, 0)); /* code */ +} + +struct krb5_proc { + const char *name; + void (*func)(kadm5_server_context *, krb5_storage *, krb5_storage *); +} procs[] = { + { "NULL", NULL }, + { "create principal", proc_create_principal }, + { "delete principal", proc_delete_principal }, + { "modify principal", NULL }, + { "rename principal", NULL }, + { "get principal", proc_get_principal }, + { "chpass principal", NULL }, + { "chrand principal", proc_chrand_principal_v2 }, + { "create policy", NULL }, + { "delete policy", NULL }, + { "modify policy", NULL }, + { "get policy", NULL }, + { "get privs", NULL }, + { "init", proc_init }, + { "get principals", NULL }, + { "get polices", NULL }, + { "setkey principal", NULL }, + { "setkey principal v4", NULL }, + { "create principal v3", NULL }, + { "chpass principal v3", NULL }, + { "chrand principal v3", NULL }, + { "setkey principal v3", NULL } +}; + +static krb5_error_code +copyheader(krb5_storage *sp, krb5_data *data) +{ + off_t off; + ssize_t sret; + + off = krb5_storage_seek(sp, 0, SEEK_CUR); + + CHECK(krb5_data_alloc(data, off)); + INSIST((size_t)off == data->length); + krb5_storage_seek(sp, 0, SEEK_SET); + sret = krb5_storage_read(sp, data->data, data->length); + INSIST(sret == off); + INSIST(off == krb5_storage_seek(sp, 0, SEEK_CUR)); + + return 0; +} + +struct gctx { + krb5_data handle; + gss_ctx_id_t ctx; + uint32_t seq_num; + int done; + int inprogress; +}; + +static int +process_stream(krb5_context contextp, + unsigned char *buf, size_t ilen, + krb5_storage *sp) +{ + krb5_error_code ret; + krb5_storage *msg, *reply, *dreply; + OM_uint32 maj_stat, min_stat; + gss_buffer_desc gin, gout; + struct gctx gctx; + void *server_handle = NULL; + + memset(&gctx, 0, sizeof(gctx)); + + msg = krb5_storage_emem(); + reply = krb5_storage_emem(); + dreply = krb5_storage_emem(); + + /* + * First packet comes partly from the caller + */ + + INSIST(ilen >= 4); + + while (1) { + struct call_header chdr; + struct gcred gcred; + uint32_t mtype; + krb5_data headercopy; + + krb5_storage_truncate(dreply, 0); + krb5_storage_truncate(reply, 0); + krb5_storage_truncate(msg, 0); + + krb5_data_zero(&headercopy); + memset(&chdr, 0, sizeof(chdr)); + memset(&gcred, 0, sizeof(gcred)); + + /* + * This is very icky to handle the the auto-detection between + * the Heimdal protocol and the MIT ONC-RPC based protocol. + */ + + if (ilen) { + int last_fragment; + unsigned long len; + ssize_t slen; + unsigned char tmp[4]; + + if (ilen < 4) { + memcpy(tmp, buf, ilen); + slen = krb5_storage_read(sp, tmp + ilen, sizeof(tmp) - ilen); + INSIST((size_t)slen == sizeof(tmp) - ilen); + + ilen = sizeof(tmp); + buf = tmp; + } + INSIST(ilen >= 4); + + _krb5_get_int(buf, &len, 4); + last_fragment = (len & LAST_FRAGMENT) != 0; + len &= ~LAST_FRAGMENT; + + ilen -= 4; + buf += 4; + + if (ilen) { + if (len < ilen) { + slen = krb5_storage_write(msg, buf, len); + INSIST((size_t)slen == len); + ilen -= len; + len = 0; + } else { + slen = krb5_storage_write(msg, buf, ilen); + INSIST((size_t)slen == ilen); + len -= ilen; + } + } + + CHECK(read_data(sp, msg, len)); + + if (!last_fragment) { + ret = collect_framents(sp, msg); + if (ret == HEIM_ERR_EOF) + krb5_errx(contextp, 0, "client disconnected"); + INSIST(ret == 0); + } + } else { + + ret = collect_framents(sp, msg); + if (ret == HEIM_ERR_EOF) + krb5_errx(contextp, 0, "client disconnected"); + INSIST(ret == 0); + } + krb5_storage_seek(msg, 0, SEEK_SET); + + CHECK(krb5_ret_uint32(msg, &chdr.xid)); + CHECK(krb5_ret_uint32(msg, &mtype)); + CHECK(krb5_ret_uint32(msg, &chdr.rpcvers)); + CHECK(krb5_ret_uint32(msg, &chdr.prog)); + CHECK(krb5_ret_uint32(msg, &chdr.vers)); + CHECK(krb5_ret_uint32(msg, &chdr.proc)); + CHECK(ret_auth_opaque(msg, &chdr.cred)); + CHECK(copyheader(msg, &headercopy)); + CHECK(ret_auth_opaque(msg, &chdr.verf)); + + INSIST(chdr.rpcvers == RPC_VERSION); + INSIST(chdr.prog == KADM_SERVER); + INSIST(chdr.vers == VVERSION); + INSIST(chdr.cred.flavor == FLAVOR_GSS); + + CHECK(ret_gcred(&chdr.cred.data, &gcred)); + + INSIST(gcred.version == FLAVOR_GSS_VERSION); + + if (gctx.done) { + INSIST(chdr.verf.flavor == FLAVOR_GSS); + + /* from first byte to last of credential */ + gin.value = headercopy.data; + gin.length = headercopy.length; + gout.value = chdr.verf.data.data; + gout.length = chdr.verf.data.length; + + maj_stat = gss_verify_mic(&min_stat, gctx.ctx, &gin, &gout, NULL); + INSIST(maj_stat == GSS_S_COMPLETE); + } + + switch(gcred.proc) { + case RPG_DATA: { + krb5_data data; + int conf_state; + uint32_t seq; + krb5_storage *sp1; + + INSIST(gcred.service == rpg_privacy); + + INSIST(gctx.done); + + INSIST(krb5_data_cmp(&gcred.handle, &gctx.handle) == 0); + + CHECK(ret_data_xdr(msg, &data)); + + gin.value = data.data; + gin.length = data.length; + + maj_stat = gss_unwrap(&min_stat, gctx.ctx, &gin, &gout, + &conf_state, NULL); + krb5_data_free(&data); + INSIST(maj_stat == GSS_S_COMPLETE); + INSIST(conf_state != 0); + + sp1 = krb5_storage_from_mem(gout.value, gout.length); + INSIST(sp1 != NULL); + + CHECK(krb5_ret_uint32(sp1, &seq)); + INSIST (seq == gcred.seq_num); + + /* + * Check sequence number + */ + INSIST(seq > gctx.seq_num); + gctx.seq_num = seq; + + /* + * If contextp is setup, priv data have the seq_num stored + * first in the block, so add it here before users data is + * added. + */ + CHECK(krb5_store_uint32(dreply, gctx.seq_num)); + + if (chdr.proc >= sizeof(procs)/sizeof(procs[0])) { + krb5_warnx(contextp, "proc number out of array"); + } else if (procs[chdr.proc].func == NULL) { + krb5_warnx(contextp, "proc '%s' never implemented", + procs[chdr.proc].name); + } else { + krb5_warnx(contextp, "proc %s", procs[chdr.proc].name); + INSIST(server_handle != NULL); + (*procs[chdr.proc].func)(server_handle, sp, dreply); + } + krb5_storage_free(sp); + gss_release_buffer(&min_stat, &gout); + + break; + } + case RPG_INIT: + INSIST(gctx.inprogress == 0); + INSIST(gctx.ctx == NULL); + + gctx.inprogress = 1; + /* FALL THOUGH */ + case RPG_CONTINUE_INIT: { + gss_name_t src_name = GSS_C_NO_NAME; + krb5_data in; + + INSIST(gctx.inprogress); + + CHECK(ret_data_xdr(msg, &in)); + + gin.value = in.data; + gin.length = in.length; + gout.value = NULL; + gout.length = 0; + + maj_stat = gss_accept_sec_context(&min_stat, + &gctx.ctx, + GSS_C_NO_CREDENTIAL, + &gin, + GSS_C_NO_CHANNEL_BINDINGS, + &src_name, + NULL, + &gout, + NULL, + NULL, + NULL); + if (GSS_ERROR(maj_stat)) { + gss_print_errors(contextp, maj_stat, min_stat); + krb5_errx(contextp, 1, "gss error, exit"); + } + if ((maj_stat & GSS_S_CONTINUE_NEEDED) == 0) { + kadm5_config_params realm_params; + gss_buffer_desc bufp; + char *client; + + gctx.done = 1; + + memset(&realm_params, 0, sizeof(realm_params)); + + maj_stat = gss_export_name(&min_stat, src_name, &bufp); + INSIST(maj_stat == GSS_S_COMPLETE); + + CHECK(parse_name(bufp.value, bufp.length, + GSS_KRB5_MECHANISM, &client)); + + gss_release_buffer(&min_stat, &bufp); + + krb5_warnx(contextp, "%s connected", client); + + ret = kadm5_s_init_with_password_ctx(contextp, + client, + NULL, + KADM5_ADMIN_SERVICE, + &realm_params, + 0, 0, + &server_handle); + INSIST(ret == 0); + } + + INSIST(gctx.ctx != GSS_C_NO_CONTEXT); + + CHECK(krb5_store_uint32(dreply, 0)); + CHECK(store_gss_init_res(dreply, gctx.handle, + maj_stat, min_stat, 1, &gout)); + if (gout.value) + gss_release_buffer(&min_stat, &gout); + if (src_name) + gss_release_name(&min_stat, &src_name); + + break; + } + case RPG_DESTROY: + krb5_errx(contextp, 1, "client destroyed gss contextp"); + default: + krb5_errx(contextp, 1, "client sent unknown gsscode %d", + (int)gcred.proc); + } + + krb5_data_free(&gcred.handle); + krb5_data_free(&chdr.cred.data); + krb5_data_free(&chdr.verf.data); + krb5_data_free(&headercopy); + + CHECK(krb5_store_uint32(reply, chdr.xid)); + CHECK(krb5_store_uint32(reply, 1)); /* REPLY */ + CHECK(krb5_store_uint32(reply, 0)); /* MSG_ACCEPTED */ + + if (!gctx.done) { + krb5_data data; + + CHECK(krb5_store_uint32(reply, 0)); /* flavor_none */ + CHECK(krb5_store_uint32(reply, 0)); /* length */ + + CHECK(krb5_store_uint32(reply, 0)); /* SUCCESS */ + + CHECK(krb5_storage_to_data(dreply, &data)); + INSIST((size_t)krb5_storage_write(reply, data.data, data.length) == data.length); + krb5_data_free(&data); + + } else { + uint32_t seqnum = htonl(gctx.seq_num); + krb5_data data; + + gin.value = &seqnum; + gin.length = sizeof(seqnum); + + maj_stat = gss_get_mic(&min_stat, gctx.ctx, 0, &gin, &gout); + INSIST(maj_stat == GSS_S_COMPLETE); + + data.data = gout.value; + data.length = gout.length; + + CHECK(krb5_store_uint32(reply, FLAVOR_GSS)); + CHECK(store_data_xdr(reply, data)); + gss_release_buffer(&min_stat, &gout); + + CHECK(krb5_store_uint32(reply, 0)); /* SUCCESS */ + + CHECK(krb5_storage_to_data(dreply, &data)); + + if (gctx.inprogress) { + ssize_t sret; + gctx.inprogress = 0; + sret = krb5_storage_write(reply, data.data, data.length); + INSIST((size_t)sret == data.length); + krb5_data_free(&data); + } else { + int conf_state; + + gin.value = data.data; + gin.length = data.length; + + maj_stat = gss_wrap(&min_stat, gctx.ctx, 1, 0, + &gin, &conf_state, &gout); + INSIST(maj_stat == GSS_S_COMPLETE); + INSIST(conf_state != 0); + krb5_data_free(&data); + + data.data = gout.value; + data.length = gout.length; + + store_data_xdr(reply, data); + gss_release_buffer(&min_stat, &gout); + } + } + + { + krb5_data data; + ssize_t sret; + CHECK(krb5_storage_to_data(reply, &data)); + CHECK(krb5_store_uint32(sp, data.length | LAST_FRAGMENT)); + sret = krb5_storage_write(sp, data.data, data.length); + INSIST((size_t)sret == data.length); + krb5_data_free(&data); + } + + } +} + + +int +handle_mit(krb5_context contextp, void *buf, size_t len, krb5_socket_t sock) +{ + krb5_storage *sp; + + dcontext = contextp; + + sp = krb5_storage_from_fd(sock); + INSIST(sp != NULL); + + process_stream(contextp, buf, len, sp); + + return 0; +} diff --git a/kadmin/server.c b/kadmin/server.c index 07dd9a5ad7b0..256c2bac89b7 100644 --- a/kadmin/server.c +++ b/kadmin/server.c @@ -1,50 +1,48 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include -RCSID("$Id: server.c 17611 2006-06-02 22:10:21Z lha $"); - static kadm5_ret_t -kadmind_dispatch(void *kadm_handle, krb5_boolean initial, +kadmind_dispatch(void *kadm_handlep, krb5_boolean initial, krb5_data *in, krb5_data *out) { kadm5_ret_t ret; int32_t cmd, mask, tmp; - kadm5_server_context *context = kadm_handle; + kadm5_server_context *contextp = kadm_handlep; char client[128], name[128], name2[128]; - char *op = ""; + const char *op = ""; krb5_principal princ, princ2; kadm5_principal_ent_rec ent; char *password, *expression; @@ -53,11 +51,13 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, char **princs; int n_princs; krb5_storage *sp; - - krb5_unparse_name_fixed(context->context, context->caller, + + krb5_unparse_name_fixed(contextp->context, contextp->caller, client, sizeof(client)); - + sp = krb5_storage_from_data(in); + if (sp == NULL) + krb5_errx(contextp->context, 1, "out of memory"); krb5_ret_int32(sp, &cmd); switch(cmd){ @@ -68,25 +68,26 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, goto fail; ret = krb5_ret_int32(sp, &mask); if(ret){ - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); goto fail; } - krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_GET, princ); + mask |= KADM5_PRINCIPAL; + krb5_unparse_name_fixed(contextp->context, princ, name, sizeof(name)); + krb5_warnx(contextp->context, "%s: %s %s", client, op, name); + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_GET, princ); if(ret){ - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); goto fail; } - ret = kadm5_get_principal(kadm_handle, princ, &ent, mask); + ret = kadm5_get_principal(kadm_handlep, princ, &ent, mask); krb5_storage_free(sp); sp = krb5_storage_emem(); krb5_store_int32(sp, ret); if(ret == 0){ kadm5_store_principal_ent(sp, &ent); - kadm5_free_principal_ent(kadm_handle, &ent); + kadm5_free_principal_ent(kadm_handlep, &ent); } - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); break; } case kadm_delete:{ @@ -94,15 +95,15 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, ret = krb5_ret_principal(sp, &princ); if(ret) goto fail; - krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_DELETE, princ); + krb5_unparse_name_fixed(contextp->context, princ, name, sizeof(name)); + krb5_warnx(contextp->context, "%s: %s %s", client, op, name); + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_DELETE, princ); if(ret){ - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); goto fail; } - ret = kadm5_delete_principal(kadm_handle, princ); - krb5_free_principal(context->context, princ); + ret = kadm5_delete_principal(kadm_handlep, princ); + krb5_free_principal(contextp->context, princ); krb5_storage_free(sp); sp = krb5_storage_emem(); krb5_store_int32(sp, ret); @@ -115,28 +116,28 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, goto fail; ret = krb5_ret_int32(sp, &mask); if(ret){ - kadm5_free_principal_ent(context->context, &ent); + kadm5_free_principal_ent(contextp->context, &ent); goto fail; } ret = krb5_ret_string(sp, &password); if(ret){ - kadm5_free_principal_ent(context->context, &ent); + kadm5_free_principal_ent(contextp->context, &ent); goto fail; } - krb5_unparse_name_fixed(context->context, ent.principal, + krb5_unparse_name_fixed(contextp->context, ent.principal, name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_ADD, + krb5_warnx(contextp->context, "%s: %s %s", client, op, name); + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_ADD, ent.principal); if(ret){ - kadm5_free_principal_ent(context->context, &ent); + kadm5_free_principal_ent(contextp->context, &ent); memset(password, 0, strlen(password)); free(password); goto fail; } - ret = kadm5_create_principal(kadm_handle, &ent, + ret = kadm5_create_principal(kadm_handlep, &ent, mask, password); - kadm5_free_principal_ent(kadm_handle, &ent); + kadm5_free_principal_ent(kadm_handlep, &ent); memset(password, 0, strlen(password)); free(password); krb5_storage_free(sp); @@ -151,20 +152,20 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, goto fail; ret = krb5_ret_int32(sp, &mask); if(ret){ - kadm5_free_principal_ent(context, &ent); + kadm5_free_principal_ent(contextp, &ent); goto fail; } - krb5_unparse_name_fixed(context->context, ent.principal, + krb5_unparse_name_fixed(contextp->context, ent.principal, name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_MODIFY, + krb5_warnx(contextp->context, "%s: %s %s", client, op, name); + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_MODIFY, ent.principal); if(ret){ - kadm5_free_principal_ent(context, &ent); + kadm5_free_principal_ent(contextp, &ent); goto fail; } - ret = kadm5_modify_principal(kadm_handle, &ent, mask); - kadm5_free_principal_ent(kadm_handle, &ent); + ret = kadm5_modify_principal(kadm_handlep, &ent, mask); + kadm5_free_principal_ent(kadm_handlep, &ent); krb5_storage_free(sp); sp = krb5_storage_emem(); krb5_store_int32(sp, ret); @@ -177,27 +178,27 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, goto fail; ret = krb5_ret_principal(sp, &princ2); if(ret){ - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); goto fail; } - krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); - krb5_unparse_name_fixed(context->context, princ2, name2, sizeof(name2)); - krb5_warnx(context->context, "%s: %s %s -> %s", + krb5_unparse_name_fixed(contextp->context, princ, name, sizeof(name)); + krb5_unparse_name_fixed(contextp->context, princ2, name2, sizeof(name2)); + krb5_warnx(contextp->context, "%s: %s %s -> %s", client, op, name, name2); - ret = _kadm5_acl_check_permission(context, + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_ADD, princ2) - || _kadm5_acl_check_permission(context, + || _kadm5_acl_check_permission(contextp, KADM5_PRIV_DELETE, princ); if(ret){ - krb5_free_principal(context->context, princ); - krb5_free_principal(context->context, princ2); + krb5_free_principal(contextp->context, princ); + krb5_free_principal(contextp->context, princ2); goto fail; } - ret = kadm5_rename_principal(kadm_handle, princ, princ2); - krb5_free_principal(context->context, princ); - krb5_free_principal(context->context, princ2); + ret = kadm5_rename_principal(kadm_handlep, princ, princ2); + krb5_free_principal(contextp->context, princ); + krb5_free_principal(contextp->context, princ2); krb5_storage_free(sp); sp = krb5_storage_emem(); krb5_store_int32(sp, ret); @@ -210,23 +211,26 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, goto fail; ret = krb5_ret_string(sp, &password); if(ret){ - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); goto fail; } - krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); + krb5_unparse_name_fixed(contextp->context, princ, name, sizeof(name)); + krb5_warnx(contextp->context, "%s: %s %s", client, op, name); /* * The change is allowed if at least one of: - - * a) it's for the principal him/herself and this was an + * + * a) allowed by sysadmin + * b) it's for the principal him/herself and this was an * initial ticket, but then, check with the password quality * function. - * b) the user is on the CPW ACL. + * c) the user is on the CPW ACL. */ - if (initial - && krb5_principal_compare (context->context, context->caller, + if (krb5_config_get_bool_default(contextp->context, NULL, TRUE, + "kadmin", "allow_self_change_password", NULL) + && initial + && krb5_principal_compare (contextp->context, contextp->caller, princ)) { krb5_data pwd_data; @@ -235,23 +239,23 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, pwd_data.data = password; pwd_data.length = strlen(password); - pwd_reason = kadm5_check_password_quality (context->context, + pwd_reason = kadm5_check_password_quality (contextp->context, princ, &pwd_data); if (pwd_reason != NULL) ret = KADM5_PASS_Q_DICT; else ret = 0; } else - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ); + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_CPW, princ); if(ret) { - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); memset(password, 0, strlen(password)); free(password); goto fail; } - ret = kadm5_chpass_principal(kadm_handle, princ, password); - krb5_free_principal(context->context, princ); + ret = kadm5_chpass_principal(kadm_handlep, princ, password); + krb5_free_principal(contextp->context, princ); memset(password, 0, strlen(password)); free(password); krb5_storage_free(sp); @@ -270,21 +274,21 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, goto fail; ret = krb5_ret_int32(sp, &n_key_data); if (ret) { - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); goto fail; } /* n_key_data will be squeezed into an int16_t below. */ if (n_key_data < 0 || n_key_data >= 1 << 16 || - n_key_data > UINT_MAX/sizeof(*key_data)) { + (size_t)n_key_data > UINT_MAX/sizeof(*key_data)) { ret = ERANGE; - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); goto fail; } key_data = malloc (n_key_data * sizeof(*key_data)); - if (key_data == NULL) { + if (key_data == NULL && n_key_data != 0) { ret = ENOMEM; - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); goto fail; } @@ -293,38 +297,38 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, if (ret) { int16_t dummy = i; - kadm5_free_key_data (context, &dummy, key_data); + kadm5_free_key_data (contextp, &dummy, key_data); free (key_data); - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); goto fail; } } - krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); + krb5_unparse_name_fixed(contextp->context, princ, name, sizeof(name)); + krb5_warnx(contextp->context, "%s: %s %s", client, op, name); /* * The change is only allowed if the user is on the CPW ACL, * this it to force password quality check on the user. */ - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ); + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_CPW, princ); if(ret) { int16_t dummy = n_key_data; - kadm5_free_key_data (context, &dummy, key_data); + kadm5_free_key_data (contextp, &dummy, key_data); free (key_data); - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); goto fail; } - ret = kadm5_chpass_principal_with_key(kadm_handle, princ, + ret = kadm5_chpass_principal_with_key(kadm_handlep, princ, n_key_data, key_data); { int16_t dummy = n_key_data; - kadm5_free_key_data (context, &dummy, key_data); + kadm5_free_key_data (contextp, &dummy, key_data); } free (key_data); - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); krb5_storage_free(sp); sp = krb5_storage_emem(); krb5_store_int32(sp, ret); @@ -335,8 +339,8 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, ret = krb5_ret_principal(sp, &princ); if(ret) goto fail; - krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); + krb5_unparse_name_fixed(contextp->context, princ, name, sizeof(name)); + krb5_warnx(contextp->context, "%s: %s %s", client, op, name); /* * The change is allowed if at least one of: * a) it's for the principal him/herself and this was an initial ticket @@ -344,19 +348,19 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, */ if (initial - && krb5_principal_compare (context->context, context->caller, + && krb5_principal_compare (contextp->context, contextp->caller, princ)) ret = 0; else - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ); + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_CPW, princ); if(ret) { - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); goto fail; } - ret = kadm5_randkey_principal(kadm_handle, princ, + ret = kadm5_randkey_principal(kadm_handlep, princ, &new_keys, &n_keys); - krb5_free_principal(context->context, princ); + krb5_free_principal(contextp->context, princ); krb5_storage_free(sp); sp = krb5_storage_emem(); krb5_store_int32(sp, ret); @@ -365,14 +369,15 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, krb5_store_int32(sp, n_keys); for(i = 0; i < n_keys; i++){ krb5_store_keyblock(sp, new_keys[i]); - krb5_free_keyblock_contents(context->context, &new_keys[i]); + krb5_free_keyblock_contents(contextp->context, &new_keys[i]); } + free(new_keys); } break; } case kadm_get_privs:{ uint32_t privs; - ret = kadm5_get_privs(kadm_handle, &privs); + ret = kadm5_get_privs(kadm_handlep, &privs); krb5_storage_free(sp); sp = krb5_storage_emem(); krb5_store_int32(sp, ret); @@ -391,14 +396,14 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, goto fail; }else expression = NULL; - krb5_warnx(context->context, "%s: %s %s", client, op, + krb5_warnx(contextp->context, "%s: %s %s", client, op, expression ? expression : "*"); - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_LIST, NULL); + ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_LIST, NULL); if(ret){ free(expression); goto fail; } - ret = kadm5_get_principals(kadm_handle, expression, &princs, &n_princs); + ret = kadm5_get_principals(kadm_handlep, expression, &princs, &n_princs); free(expression); krb5_storage_free(sp); sp = krb5_storage_emem(); @@ -408,12 +413,12 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, krb5_store_int32(sp, n_princs); for(i = 0; i < n_princs; i++) krb5_store_string(sp, princs[i]); - kadm5_free_name_list(kadm_handle, princs, &n_princs); + kadm5_free_name_list(kadm_handlep, princs, &n_princs); } break; } default: - krb5_warnx(context->context, "%s: UNKNOWN OP %d", client, cmd); + krb5_warnx(contextp->context, "%s: UNKNOWN OP %d", client, cmd); krb5_storage_free(sp); sp = krb5_storage_emem(); krb5_store_int32(sp, KADM5_FAILURE); @@ -423,7 +428,7 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, krb5_storage_free(sp); return 0; fail: - krb5_warn(context->context, ret, "%s", op); + krb5_warn(contextp->context, ret, "%s", op); krb5_storage_seek(sp, 0, SEEK_SET); krb5_store_int32(sp, ret); krb5_storage_to_data(sp, out); @@ -432,11 +437,11 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial, } static void -v5_loop (krb5_context context, +v5_loop (krb5_context contextp, krb5_auth_context ac, krb5_boolean initial, - void *kadm_handle, - int fd) + void *kadm_handlep, + krb5_socket_t fd) { krb5_error_code ret; krb5_data in, out; @@ -445,17 +450,17 @@ v5_loop (krb5_context context, doing_useful_work = 0; if(term_flag) exit(0); - ret = krb5_read_priv_message(context, ac, &fd, &in); + ret = krb5_read_priv_message(contextp, ac, &fd, &in); if(ret == HEIM_ERR_EOF) exit(0); if(ret) - krb5_err(context, 1, ret, "krb5_read_priv_message"); + krb5_err(contextp, 1, ret, "krb5_read_priv_message"); doing_useful_work = 1; - kadmind_dispatch(kadm_handle, initial, &in, &out); + kadmind_dispatch(kadm_handlep, initial, &in, &out); krb5_data_free(&in); - ret = krb5_write_priv_message(context, ac, &fd, &out); + ret = krb5_write_priv_message(contextp, ac, &fd, &out); if(ret) - krb5_err(context, 1, ret, "krb5_write_priv_message"); + krb5_err(contextp, 1, ret, "krb5_write_priv_message"); } } @@ -465,55 +470,41 @@ match_appl_version(const void *data, const char *appl_version) unsigned minor; if(sscanf(appl_version, "KADM0.%u", &minor) != 1) return 0; - *(unsigned*)data = minor; + /*XXX*/ + *(unsigned*)(intptr_t)data = minor; return 1; } static void -handle_v5(krb5_context context, - krb5_auth_context ac, +handle_v5(krb5_context contextp, krb5_keytab keytab, - int len, - int fd) + krb5_socket_t fd) { krb5_error_code ret; - u_char version[sizeof(KRB5_SENDAUTH_VERSION)]; krb5_ticket *ticket; char *server_name; char *client; - void *kadm_handle; - ssize_t n; + void *kadm_handlep; krb5_boolean initial; + krb5_auth_context ac = NULL; unsigned kadm_version; kadm5_config_params realm_params; - if (len != sizeof(KRB5_SENDAUTH_VERSION)) - krb5_errx(context, 1, "bad sendauth len %d", len); - n = krb5_net_read(context, &fd, version, len); - if (n < 0) - krb5_err (context, 1, errno, "reading sendauth version"); - if (n == 0) - krb5_errx (context, 1, "EOF reading sendauth version"); - if(memcmp(version, KRB5_SENDAUTH_VERSION, len) != 0) - krb5_errx(context, 1, "bad sendauth version %.8s", version); - - ret = krb5_recvauth_match_version(context, &ac, &fd, + ret = krb5_recvauth_match_version(contextp, &ac, &fd, match_appl_version, &kadm_version, - NULL, KRB5_RECVAUTH_IGNORE_VERSION, + NULL, KRB5_RECVAUTH_IGNORE_VERSION, keytab, &ticket); - if(ret == KRB5_KT_NOTFOUND) - krb5_errx(context, 1, "krb5_recvauth: key not found"); - if(ret) - krb5_err(context, 1, ret, "krb5_recvauth"); - - ret = krb5_unparse_name (context, ticket->server, &server_name); if (ret) - krb5_err (context, 1, ret, "krb5_unparse_name"); + krb5_err(contextp, 1, ret, "krb5_recvauth"); + + ret = krb5_unparse_name (contextp, ticket->server, &server_name); + if (ret) + krb5_err (contextp, 1, ret, "krb5_unparse_name"); if (strncmp (server_name, KADM5_ADMIN_SERVICE, strlen(KADM5_ADMIN_SERVICE)) != 0) - krb5_errx (context, 1, "ticket for strange principal (%s)", + krb5_errx (contextp, 1, "ticket for strange principal (%s)", server_name); free (server_name); @@ -522,56 +513,62 @@ handle_v5(krb5_context context, if(kadm_version == 1) { krb5_data params; - ret = krb5_read_priv_message(context, ac, &fd, ¶ms); + ret = krb5_read_priv_message(contextp, ac, &fd, ¶ms); if(ret) - krb5_err(context, 1, ret, "krb5_read_priv_message"); - _kadm5_unmarshal_params(context, ¶ms, &realm_params); + krb5_err(contextp, 1, ret, "krb5_read_priv_message"); + _kadm5_unmarshal_params(contextp, ¶ms, &realm_params); } initial = ticket->ticket.flags.initial; - ret = krb5_unparse_name(context, ticket->client, &client); + ret = krb5_unparse_name(contextp, ticket->client, &client); if (ret) - krb5_err (context, 1, ret, "krb5_unparse_name"); - krb5_free_ticket (context, ticket); - ret = kadm5_init_with_password_ctx(context, - client, - NULL, - KADM5_ADMIN_SERVICE, - &realm_params, - 0, 0, - &kadm_handle); + krb5_err (contextp, 1, ret, "krb5_unparse_name"); + krb5_free_ticket (contextp, ticket); + ret = kadm5_s_init_with_password_ctx(contextp, + client, + NULL, + KADM5_ADMIN_SERVICE, + &realm_params, + 0, 0, + &kadm_handlep); if(ret) - krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); - v5_loop (context, ac, initial, kadm_handle, fd); + krb5_err (contextp, 1, ret, "kadm5_init_with_password_ctx"); + v5_loop (contextp, ac, initial, kadm_handlep, fd); } krb5_error_code -kadmind_loop(krb5_context context, - krb5_auth_context ac, - krb5_keytab keytab, - int fd) +kadmind_loop(krb5_context contextp, + krb5_keytab keytab, + krb5_socket_t sock) { - unsigned char tmp[4]; + u_char buf[sizeof(KRB5_SENDAUTH_VERSION) + 4]; ssize_t n; unsigned long len; - n = krb5_net_read(context, &fd, tmp, 4); + n = krb5_net_read(contextp, &sock, buf, 4); if(n == 0) exit(0); if(n < 0) - krb5_err(context, 1, errno, "read"); - _krb5_get_int(tmp, &len, 4); - /* this v4 test could probably also go away */ - if(len > 0xffff && (len & 0xffff) == ('K' << 8) + 'A') { - unsigned char v4reply[] = { - 0x00, 0x0c, - 'K', 'Y', 'O', 'U', 'L', 'O', 'S', 'E', - 0x95, 0xb7, 0xa7, 0x08 /* KADM_BAD_VER */ - }; - krb5_net_write(context, &fd, v4reply, sizeof(v4reply)); - krb5_errx(context, 1, "packet appears to be version 4"); - } else { - handle_v5(context, ac, keytab, len, fd); - } + krb5_err(contextp, 1, errno, "read"); + _krb5_get_int(buf, &len, 4); + + if (len == sizeof(KRB5_SENDAUTH_VERSION)) { + + n = krb5_net_read(contextp, &sock, buf + 4, len); + if (n < 0) + krb5_err (contextp, 1, errno, "reading sendauth version"); + if (n == 0) + krb5_errx (contextp, 1, "EOF reading sendauth version"); + + if(memcmp(buf + 4, KRB5_SENDAUTH_VERSION, len) == 0) { + handle_v5(contextp, keytab, sock); + return 0; + } + len += 4; + } else + len = 4; + + handle_mit(contextp, buf, len, sock); + return 0; } diff --git a/kadmin/stash.c b/kadmin/stash.c index d5b65ee8d37a..f9b940ac5b7d 100644 --- a/kadmin/stash.c +++ b/kadmin/stash.c @@ -1,41 +1,41 @@ /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" -RCSID("$Id: stash.c 22251 2007-12-09 05:58:43Z lha $"); - extern int local_flag; int @@ -45,7 +45,7 @@ stash(struct stash_options *opt, int argc, char **argv) krb5_error_code ret; krb5_enctype enctype; hdb_master_key mkey; - + if(!local_flag) { krb5_warnx(context, "stash is only available in local (-l) mode"); return 0; @@ -65,14 +65,14 @@ stash(struct stash_options *opt, int argc, char **argv) ret = hdb_read_master_key(context, opt->key_file_string, &mkey); if(ret && ret != ENOENT) { - krb5_warn(context, ret, "reading master key from %s", + krb5_warn(context, ret, "reading master key from %s", opt->key_file_string); return 0; } if (opt->convert_file_flag) { if (ret) - krb5_warn(context, ret, "reading master key from %s", + krb5_warn(context, ret, "reading master key from %s", opt->key_file_string); return 0; } else { @@ -87,10 +87,15 @@ stash(struct stash_options *opt, int argc, char **argv) n = read(opt->master_key_fd_integer, buf, sizeof(buf)); if(n == 0) krb5_warnx(context, "end of file reading passphrase"); - else if(n < 0) + else if(n < 0) { krb5_warn(context, errno, "reading passphrase"); + n = 0; + } buf[n] = '\0'; buf[strcspn(buf, "\r\n")] = '\0'; + } else if (opt->random_password_flag) { + random_password (buf, sizeof(buf)); + printf("Using random master stash password: %s\n", buf); } else { if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Master key: ", 1)) { hdb_free_master_key(context, mkey); @@ -101,7 +106,7 @@ stash(struct stash_options *opt, int argc, char **argv) ret = hdb_add_master_key(context, &key, &mkey); krb5_free_keyblock_contents(context, &key); } - + { char *new, *old; asprintf(&old, "%s.old", opt->key_file_string); @@ -110,7 +115,7 @@ stash(struct stash_options *opt, int argc, char **argv) ret = ENOMEM; goto out; } - + if(unlink(new) < 0 && errno != ENOENT) { ret = errno; goto out; @@ -121,12 +126,18 @@ stash(struct stash_options *opt, int argc, char **argv) unlink(new); else { unlink(old); +#ifndef NO_POSIX_LINKS if(link(opt->key_file_string, old) < 0 && errno != ENOENT) { ret = errno; unlink(new); - } else if(rename(new, opt->key_file_string) < 0) { - ret = errno; + } else { +#endif + if(rename(new, opt->key_file_string) < 0) { + ret = errno; + } +#ifndef NO_POSIX_LINKS } +#endif } out: free(old); diff --git a/kadmin/test_util.c b/kadmin/test_util.c index 0f59f60782e7..56e4d1149441 100644 --- a/kadmin/test_util.c +++ b/kadmin/test_util.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,8 +32,6 @@ #include "kadmin_locl.h" -RCSID("$Id: test_util.c 19486 2006-12-22 17:25:59Z lha $"); - krb5_context context; void *kadm_handle; @@ -60,13 +58,13 @@ test_time(void) if (ret != ts[i].ret) { printf("%d: %d is wrong ret\n", i, ret); errors++; - } + } else if (t != ts[i].t) { printf("%d: %d is wrong time\n", i, (int)t); errors++; } } - + return errors; } @@ -89,4 +87,4 @@ main(int argc, char **argv) return ret; } - + diff --git a/kadmin/util.c b/kadmin/util.c index 3c12dcb835bc..480c82e7df9e 100644 --- a/kadmin/util.c +++ b/kadmin/util.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include -RCSID("$Id: util.c 21745 2007-07-31 16:11:25Z lha $"); - /* * util.c - functions for parsing, unparsing, and editing different * types of data used in kadmin. @@ -45,7 +43,7 @@ static int get_response(const char *prompt, const char *def, char *buf, size_t len); /* - * attributes + * attributes */ struct units kdb_attrs[] = { @@ -67,7 +65,7 @@ struct units kdb_attrs[] = { { "disallow-tgt-based", KRB5_KDB_DISALLOW_TGT_BASED }, { "disallow-forwardable", KRB5_KDB_DISALLOW_FORWARDABLE }, { "disallow-postdated", KRB5_KDB_DISALLOW_POSTDATED }, - { NULL } + { NULL, 0 } }; /* @@ -155,7 +153,7 @@ edit_attributes (const char *prompt, krb5_flags *attr, int *mask, int bit) /* * Convert the time `t' to a string representation in `str' (of max * size `len'). If include_time also include time, otherwise just - * date. + * date. */ void @@ -184,6 +182,18 @@ str2time_t (const char *str, time_t *t) memset (&tm, 0, sizeof (tm)); memset (&tm2, 0, sizeof (tm2)); + while(isspace((unsigned char)*str)) + str++; + + if (str[0] == '+') { + str++; + *t = parse_time(str, "month"); + if (*t < 0) + return -1; + *t += time(NULL); + return 0; + } + if(strcasecmp(str, "never") == 0) { *t = 0; return 0; @@ -233,7 +243,7 @@ parse_timet (const char *resp, krb5_timestamp *value, int *mask, int bit) if(mask) *mask |= bit; return 0; - } + } if(*resp != '?') fprintf (stderr, "Unable to parse time \"%s\"\n", resp); fprintf (stderr, "Print date on format YYYY-mm-dd [hh:mm:ss]\n"); @@ -393,7 +403,7 @@ edit_entry(kadm5_principal_ent_t ent, int *mask, if(edit_deltat ("Max ticket life", &ent->max_life, mask, KADM5_MAX_LIFE) != 0) return 1; - + if(edit_deltat ("Max renewable life", &ent->max_renewable_life, mask, KADM5_MAX_RLIFE) != 0) return 1; @@ -420,7 +430,7 @@ edit_entry(kadm5_principal_ent_t ent, int *mask, */ int -set_entry(krb5_context context, +set_entry(krb5_context contextp, kadm5_principal_ent_t ent, int *mask, const char *max_ticket_life, @@ -430,38 +440,38 @@ set_entry(krb5_context context, const char *attributes) { if (max_ticket_life != NULL) { - if (parse_deltat (max_ticket_life, &ent->max_life, + if (parse_deltat (max_ticket_life, &ent->max_life, mask, KADM5_MAX_LIFE)) { - krb5_warnx (context, "unable to parse `%s'", max_ticket_life); + krb5_warnx (contextp, "unable to parse `%s'", max_ticket_life); return 1; } } if (max_renewable_life != NULL) { - if (parse_deltat (max_renewable_life, &ent->max_renewable_life, + if (parse_deltat (max_renewable_life, &ent->max_renewable_life, mask, KADM5_MAX_RLIFE)) { - krb5_warnx (context, "unable to parse `%s'", max_renewable_life); + krb5_warnx (contextp, "unable to parse `%s'", max_renewable_life); return 1; } } if (expiration) { - if (parse_timet (expiration, &ent->princ_expire_time, + if (parse_timet (expiration, &ent->princ_expire_time, mask, KADM5_PRINC_EXPIRE_TIME)) { - krb5_warnx (context, "unable to parse `%s'", expiration); + krb5_warnx (contextp, "unable to parse `%s'", expiration); return 1; } } if (pw_expiration) { - if (parse_timet (pw_expiration, &ent->pw_expiration, + if (parse_timet (pw_expiration, &ent->pw_expiration, mask, KADM5_PW_EXPIRATION)) { - krb5_warnx (context, "unable to parse `%s'", pw_expiration); + krb5_warnx (contextp, "unable to parse `%s'", pw_expiration); return 1; } } if (attributes != NULL) { - if (parse_attributes (attributes, &ent->attributes, + if (parse_attributes (attributes, &ent->attributes, mask, KADM5_ATTRIBUTES)) { - krb5_warnx (context, "unable to parse `%s'", attributes); + krb5_warnx (contextp, "unable to parse `%s'", attributes); return 1; } } @@ -485,7 +495,7 @@ is_expression(const char *string) } if(*p == '\\') quote++; - else if(strchr("[]*?", *p) != NULL) + else if(strchr("[]*?", *p) != NULL) return 1; } return 0; @@ -497,13 +507,13 @@ is_expression(const char *string) * processed. */ int -foreach_principal(const char *exp_str, - int (*func)(krb5_principal, void*), +foreach_principal(const char *exp_str, + int (*func)(krb5_principal, void*), const char *funcname, void *data) { - char **princs; - int num_princs; + char **princs = NULL; + int num_princs = 0; int i; krb5_error_code saved_ret = 0, ret = 0; krb5_principal princ_ent; @@ -522,7 +532,7 @@ foreach_principal(const char *exp_str, if(princs == NULL) return ENOMEM; princs[0] = strdup(exp_str); - if(princs[0] == NULL){ + if(princs[0] == NULL){ free(princs); return ENOMEM; } @@ -538,7 +548,7 @@ foreach_principal(const char *exp_str, } ret = (*func)(princ_ent, data); if(ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); krb5_warn(context, ret, "%s %s", funcname, princs[i]); if (saved_ret == 0) saved_ret = ret; diff --git a/kcm/Makefile.am b/kcm/Makefile.am index baf89ac61926..68299701074f 100644 --- a/kcm/Makefile.am +++ b/kcm/Makefile.am @@ -1,8 +1,8 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -AM_CPPFLAGS += $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 +AM_CPPFLAGS += $(INCLUDE_libintl) $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 libexec_PROGRAMS = kcm @@ -13,32 +13,33 @@ kcm_SOURCES = \ client.c \ config.c \ connect.c \ - cursor.c \ events.c \ glue.c \ headers.h \ kcm_locl.h \ - kcm_protos.h \ + kcm-protos.h \ log.c \ main.c \ protocol.c \ + sessions.c \ renew.c -$(srcdir)/kcm_protos.h: - cd $(srcdir); perl ../cf/make-proto.pl -o kcm_protos.h -q -P comment $(kcm_SOURCES) || rm -f kcm_protos.h +$(srcdir)/kcm-protos.h: + cd $(srcdir); perl ../cf/make-proto.pl -o kcm-protos.h -q -P comment $(kcm_SOURCES) || rm -f kcm-protos.h -$(kcm_OBJECTS): $(srcdir)/kcm_protos.h +$(kcm_OBJECTS): $(srcdir)/kcm-protos.h man_MANS = kcm.8 LDADD = $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_krb4) \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/ntlm/libheimntlm.la \ + $(top_builddir)/lib/ipc/libheim-ipcs.la \ $(LIB_roken) \ $(LIB_door_create) \ $(LIB_pidfile) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) diff --git a/kcm/Makefile.in b/kcm/Makefile.in index c3996df70d65..1176033b3451 100644 --- a/kcm/Makefile.in +++ b/kcm/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,7 +47,7 @@ libexec_PROGRAMS = kcm$(EXEEXT) subdir = kcm ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -60,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -74,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -84,30 +89,31 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man8dir)" -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(libexec_PROGRAMS) am_kcm_OBJECTS = acl.$(OBJEXT) acquire.$(OBJEXT) cache.$(OBJEXT) \ client.$(OBJEXT) config.$(OBJEXT) connect.$(OBJEXT) \ - cursor.$(OBJEXT) events.$(OBJEXT) glue.$(OBJEXT) log.$(OBJEXT) \ - main.$(OBJEXT) protocol.$(OBJEXT) renew.$(OBJEXT) + events.$(OBJEXT) glue.$(OBJEXT) log.$(OBJEXT) main.$(OBJEXT) \ + protocol.$(OBJEXT) sessions.$(OBJEXT) renew.$(OBJEXT) kcm_OBJECTS = $(am_kcm_OBJECTS) kcm_LDADD = $(LDADD) am__DEPENDENCIES_1 = kcm_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/ntlm/libheimntlm.la \ + $(top_builddir)/lib/ipc/libheim-ipcs.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -119,6 +125,27 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(kcm_SOURCES) DIST_SOURCES = $(kcm_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man8dir = $(mandir)/man8 MANS = $(man_MANS) ETAGS = etags @@ -128,49 +155,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -194,10 +230,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -214,6 +251,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -229,31 +268,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -268,10 +321,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -312,30 +367,35 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_libintl) $(INCLUDE_krb4) \ + $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la kcm_SOURCES = \ acl.c \ @@ -344,45 +404,46 @@ kcm_SOURCES = \ client.c \ config.c \ connect.c \ - cursor.c \ events.c \ glue.c \ headers.h \ kcm_locl.h \ - kcm_protos.h \ + kcm-protos.h \ log.c \ main.c \ protocol.c \ + sessions.c \ renew.c man_MANS = kcm.8 LDADD = $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_krb4) \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/ntlm/libheimntlm.la \ + $(top_builddir)/lib/ipc/libheim-ipcs.la \ $(LIB_roken) \ $(LIB_door_create) \ $(LIB_pidfile) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps kcm/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps kcm/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign kcm/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign kcm/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -400,34 +461,50 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list kcm$(EXEEXT): $(kcm_OBJECTS) $(kcm_DEPENDENCIES) @rm -f kcm$(EXEEXT) $(LINK) $(kcm_OBJECTS) $(kcm_LDADD) $(LIBS) @@ -438,115 +515,151 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/acl.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/acquire.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cache.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/client.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/config.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/connect.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/events.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/glue.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/log.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/main.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/renew.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sessions.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) +install-man8: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + uninstall-man8: @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -562,13 +675,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -603,6 +720,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -613,6 +731,7 @@ clean-am: clean-generic clean-libexecPROGRAMS clean-libtool \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -623,6 +742,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -630,26 +751,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-libexecPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -669,11 +799,10 @@ ps-am: uninstall-am: uninstall-libexecPROGRAMS uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man8 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-generic clean-libexecPROGRAMS clean-libtool ctags \ @@ -760,6 +889,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -845,7 +977,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -859,10 +991,11 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) fi ; \ done -$(srcdir)/kcm_protos.h: - cd $(srcdir); perl ../cf/make-proto.pl -o kcm_protos.h -q -P comment $(kcm_SOURCES) || rm -f kcm_protos.h +$(srcdir)/kcm-protos.h: + cd $(srcdir); perl ../cf/make-proto.pl -o kcm-protos.h -q -P comment $(kcm_SOURCES) || rm -f kcm-protos.h + +$(kcm_OBJECTS): $(srcdir)/kcm-protos.h -$(kcm_OBJECTS): $(srcdir)/kcm_protos.h # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/kcm/NTMakefile b/kcm/NTMakefile new file mode 100644 index 000000000000..4f25946f61c2 --- /dev/null +++ b/kcm/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=kcm + +!include ../windows/NTMakefile.w32 + diff --git a/kcm/acl.c b/kcm/acl.c index 1b96204bd959..5102c1335965 100644 --- a/kcm/acl.c +++ b/kcm/acl.c @@ -2,6 +2,8 @@ * Copyright (c) 2005, PADL Software Pty Ltd. * All rights reserved. * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -32,8 +34,6 @@ #include "kcm_locl.h" -RCSID("$Id: acl.c 20472 2007-04-20 10:43:25Z lha $"); - krb5_error_code kcm_access(krb5_context context, kcm_client *client, @@ -57,6 +57,9 @@ kcm_access(krb5_context context, case KCM_OP_CHMOD: case KCM_OP_GET_INITIAL_TICKET: case KCM_OP_GET_TICKET: + case KCM_OP_MOVE_CACHE: + case KCM_OP_SET_DEFAULT_CACHE: + case KCM_OP_SET_KDC_OFFSET: write_p = 1; read_p = 0; break; @@ -66,52 +69,70 @@ kcm_access(krb5_context context, case KCM_OP_GEN_NEW: case KCM_OP_RETRIEVE: case KCM_OP_GET_PRINCIPAL: - case KCM_OP_GET_FIRST: - case KCM_OP_GET_NEXT: - case KCM_OP_END_GET: - case KCM_OP_MAX: + case KCM_OP_GET_CRED_UUID_LIST: + case KCM_OP_GET_CRED_BY_UUID: + case KCM_OP_GET_CACHE_UUID_LIST: + case KCM_OP_GET_CACHE_BY_UUID: + case KCM_OP_GET_DEFAULT_CACHE: + case KCM_OP_GET_KDC_OFFSET: write_p = 0; read_p = 1; break; + default: + ret = KRB5_FCC_PERM; + goto out; } if (ccache->flags & KCM_FLAGS_OWNER_IS_SYSTEM) { /* System caches cannot be reinitialized or destroyed by users */ if (opcode == KCM_OP_INITIALIZE || opcode == KCM_OP_DESTROY || - opcode == KCM_OP_REMOVE_CRED) { + opcode == KCM_OP_REMOVE_CRED || + opcode == KCM_OP_MOVE_CACHE) { ret = KRB5_FCC_PERM; goto out; } /* Let root always read system caches */ - if (client->uid == 0) { + if (CLIENT_IS_ROOT(client)) { ret = 0; goto out; } } - mask = 0; + /* start out with "other" mask */ + mask = S_IROTH|S_IWOTH; - /* Root may do whatever they like */ - if (client->uid == ccache->uid || CLIENT_IS_ROOT(client)) { + /* root can do anything */ + if (CLIENT_IS_ROOT(client)) { if (read_p) - mask |= S_IRUSR; + mask |= S_IRUSR|S_IRGRP|S_IROTH; if (write_p) - mask |= S_IWUSR; - } else if (client->gid == ccache->gid || CLIENT_IS_ROOT(client)) { - if (read_p) - mask |= S_IRGRP; - if (write_p) - mask |= S_IWGRP; - } else { + mask |= S_IWUSR|S_IWGRP|S_IWOTH; + } + /* same session same as owner */ + if (kcm_is_same_session(client, ccache->uid, ccache->session)) { if (read_p) mask |= S_IROTH; if (write_p) mask |= S_IWOTH; } + /* owner */ + if (client->uid == ccache->uid) { + if (read_p) + mask |= S_IRUSR; + if (write_p) + mask |= S_IWUSR; + } + /* group */ + if (client->gid == ccache->gid) { + if (read_p) + mask |= S_IRGRP; + if (write_p) + mask |= S_IWGRP; + } - ret = ((ccache->mode & mask) == mask) ? 0 : KRB5_FCC_PERM; + ret = (ccache->mode & mask) ? 0 : KRB5_FCC_PERM; out: if (ret) { diff --git a/kcm/acquire.c b/kcm/acquire.c index 416881a3a13b..68e6e685d4de 100644 --- a/kcm/acquire.c +++ b/kcm/acquire.c @@ -32,11 +32,6 @@ #include "kcm_locl.h" -RCSID("$Id: acquire.c 22118 2007-12-03 21:44:00Z lha $"); - -static krb5_error_code -change_pw_and_update_keytab(krb5_context context, kcm_ccache ccache); - /* * Get a new ticket using a keytab/cached key and swap it into * an existing redentials cache @@ -50,10 +45,9 @@ kcm_ccache_acquire(krb5_context context, krb5_error_code ret = 0; krb5_creds cred; krb5_const_realm realm; - krb5_get_init_creds_opt opt; + krb5_get_init_creds_opt *opt = NULL; krb5_ccache_data ccdata; char *in_tkt_service = NULL; - int done = 0; memset(&cred, 0, sizeof(cred)); @@ -73,7 +67,7 @@ kcm_ccache_acquire(krb5_context context, ccache->name); return KRB5_FCC_INTERNAL; } - + HEIMDAL_MUTEX_lock(&ccache->mutex); /* Fake up an internal ccache */ @@ -91,12 +85,14 @@ kcm_ccache_acquire(krb5_context context, realm = krb5_principal_get_realm(context, ccache->client); - krb5_get_init_creds_opt_init(&opt); - krb5_get_init_creds_opt_set_default_flags(context, "kcm", realm, &opt); + ret = krb5_get_init_creds_opt_alloc(context, &opt); + if (ret) + goto out; + krb5_get_init_creds_opt_set_default_flags(context, "kcm", realm, opt); if (ccache->tkt_life != 0) - krb5_get_init_creds_opt_set_tkt_life(&opt, ccache->tkt_life); + krb5_get_init_creds_opt_set_tkt_life(opt, ccache->tkt_life); if (ccache->renew_life != 0) - krb5_get_init_creds_opt_set_renew_life(&opt, ccache->renew_life); + krb5_get_init_creds_opt_set_renew_life(opt, ccache->renew_life); if (ccache->flags & KCM_FLAGS_USE_CACHED_KEY) { ret = krb5_get_init_creds_keyblock(context, @@ -105,34 +101,16 @@ kcm_ccache_acquire(krb5_context context, &ccache->key.keyblock, 0, in_tkt_service, - &opt); + opt); } else { /* loosely based on lib/krb5/init_creds_pw.c */ - while (!done) { - ret = krb5_get_init_creds_keytab(context, - &cred, - ccache->client, - ccache->key.keytab, - 0, - in_tkt_service, - &opt); - switch (ret) { - case KRB5KDC_ERR_KEY_EXPIRED: - if (in_tkt_service != NULL && - strcmp(in_tkt_service, "kadmin/changepw") == 0) { - goto out; - } - - ret = change_pw_and_update_keytab(context, ccache); - if (ret) - goto out; - break; - case 0: - default: - done = 1; - break; - } - } + ret = krb5_get_init_creds_keytab(context, + &cred, + ccache->client, + ccache->key.keytab, + 0, + in_tkt_service, + opt); } if (ret) { @@ -158,374 +136,10 @@ kcm_ccache_acquire(krb5_context context, } out: + if (opt) + krb5_get_init_creds_opt_free(context, opt); + HEIMDAL_MUTEX_unlock(&ccache->mutex); return ret; } - -static krb5_error_code -change_pw(krb5_context context, - kcm_ccache ccache, - char *cpn, - char *newpw) -{ - krb5_error_code ret; - krb5_creds cpw_cred; - int result_code; - krb5_data result_code_string; - krb5_data result_string; - krb5_get_init_creds_opt options; - - memset(&cpw_cred, 0, sizeof(cpw_cred)); - - krb5_get_init_creds_opt_init(&options); - krb5_get_init_creds_opt_set_tkt_life(&options, 60); - krb5_get_init_creds_opt_set_forwardable(&options, FALSE); - krb5_get_init_creds_opt_set_proxiable(&options, FALSE); - - krb5_data_zero(&result_code_string); - krb5_data_zero(&result_string); - - ret = krb5_get_init_creds_keytab(context, - &cpw_cred, - ccache->client, - ccache->key.keytab, - 0, - "kadmin/changepw", - &options); - if (ret) { - kcm_log(0, "Failed to acquire password change credentials " - "for principal %s: %s", - cpn, krb5_get_err_text(context, ret)); - goto out; - } - - ret = krb5_set_password(context, - &cpw_cred, - newpw, - ccache->client, - &result_code, - &result_code_string, - &result_string); - if (ret) { - kcm_log(0, "Failed to change password for principal %s: %s", - cpn, krb5_get_err_text(context, ret)); - goto out; - } - - if (result_code) { - kcm_log(0, "Failed to change password for principal %s: %.*s", - cpn, - (int)result_string.length, - result_string.length > 0 ? (char *)result_string.data : ""); - goto out; - } - -out: - krb5_data_free(&result_string); - krb5_data_free(&result_code_string); - krb5_free_cred_contents(context, &cpw_cred); - - return ret; -} - -struct kcm_keyseed_data { - krb5_salt salt; - const char *password; -}; - -static krb5_error_code -kcm_password_key_proc(krb5_context context, - krb5_enctype etype, - krb5_salt salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - krb5_error_code ret; - struct kcm_keyseed_data *s = (struct kcm_keyseed_data *)keyseed; - - /* we may be called multiple times */ - krb5_free_salt(context, s->salt); - krb5_data_zero(&s->salt.saltvalue); - - /* stash the salt */ - s->salt.salttype = salt.salttype; - - ret = krb5_data_copy(&s->salt.saltvalue, - salt.saltvalue.data, - salt.saltvalue.length); - if (ret) - return ret; - - *key = (krb5_keyblock *)malloc(sizeof(**key)); - if (*key == NULL) { - return ENOMEM; - } - - ret = krb5_string_to_key_salt(context, etype, s->password, - s->salt, *key); - if (ret) { - free(*key); - *key = NULL; - } - - return ret; -} - -static krb5_error_code -get_salt_and_kvno(krb5_context context, - kcm_ccache ccache, - krb5_enctype *etypes, - char *cpn, - char *newpw, - krb5_salt *salt, - unsigned *kvno) -{ - krb5_error_code ret; - krb5_creds creds; - krb5_ccache_data ccdata; - krb5_flags options = 0; - krb5_kdc_rep reply; - struct kcm_keyseed_data s; - - memset(&creds, 0, sizeof(creds)); - memset(&reply, 0, sizeof(reply)); - - s.password = NULL; - s.salt.salttype = (int)ETYPE_NULL; - krb5_data_zero(&s.salt.saltvalue); - - *kvno = 0; - kcm_internal_ccache(context, ccache, &ccdata); - s.password = newpw; - - /* Do an AS-REQ to determine salt and key version number */ - ret = krb5_copy_principal(context, ccache->client, &creds.client); - if (ret) - return ret; - - /* Yes, get a ticket to ourselves */ - ret = krb5_copy_principal(context, ccache->client, &creds.server); - if (ret) { - krb5_free_principal(context, creds.client); - return ret; - } - - ret = krb5_get_in_tkt(context, - options, - NULL, - etypes, - NULL, - kcm_password_key_proc, - &s, - NULL, - NULL, - &creds, - &ccdata, - &reply); - if (ret) { - kcm_log(0, "Failed to get self ticket for principal %s: %s", - cpn, krb5_get_err_text(context, ret)); - krb5_free_salt(context, s.salt); - } else { - *salt = s.salt; /* retrieve stashed salt */ - if (reply.kdc_rep.enc_part.kvno != NULL) - *kvno = *(reply.kdc_rep.enc_part.kvno); - } - /* ccache may have been modified but it will get trashed anyway */ - - krb5_free_cred_contents(context, &creds); - krb5_free_kdc_rep(context, &reply); - - return ret; -} - -static krb5_error_code -update_keytab_entry(krb5_context context, - kcm_ccache ccache, - krb5_enctype etype, - char *cpn, - char *spn, - char *newpw, - krb5_salt salt, - unsigned kvno) -{ - krb5_error_code ret; - krb5_keytab_entry entry; - krb5_data pw; - - memset(&entry, 0, sizeof(entry)); - - pw.data = (char *)newpw; - pw.length = strlen(newpw); - - ret = krb5_string_to_key_data_salt(context, etype, pw, - salt, &entry.keyblock); - if (ret) { - kcm_log(0, "String to key conversion failed for principal %s " - "and etype %d: %s", - cpn, etype, krb5_get_err_text(context, ret)); - return ret; - } - - if (spn == NULL) { - ret = krb5_copy_principal(context, ccache->client, - &entry.principal); - if (ret) { - kcm_log(0, "Failed to copy principal name %s: %s", - cpn, krb5_get_err_text(context, ret)); - return ret; - } - } else { - ret = krb5_parse_name(context, spn, &entry.principal); - if (ret) { - kcm_log(0, "Failed to parse SPN alias %s: %s", - spn, krb5_get_err_text(context, ret)); - return ret; - } - } - - entry.vno = kvno; - entry.timestamp = time(NULL); - - ret = krb5_kt_add_entry(context, ccache->key.keytab, &entry); - if (ret) { - kcm_log(0, "Failed to update keytab for principal %s " - "and etype %d: %s", - cpn, etype, krb5_get_err_text(context, ret)); - } - - krb5_kt_free_entry(context, &entry); - - return ret; -} - -static krb5_error_code -update_keytab_entries(krb5_context context, - kcm_ccache ccache, - krb5_enctype *etypes, - char *cpn, - char *spn, - char *newpw, - krb5_salt salt, - unsigned kvno) -{ - krb5_error_code ret = 0; - int i; - - for (i = 0; etypes[i] != ETYPE_NULL; i++) { - ret = update_keytab_entry(context, ccache, etypes[i], - cpn, spn, newpw, salt, kvno); - if (ret) - break; - } - - return ret; -} - -static void -generate_random_pw(krb5_context context, - char *buf, - size_t bufsiz) -{ - unsigned char x[512], *p; - size_t i; - - memset(x, 0, sizeof(x)); - krb5_generate_random_block(x, sizeof(x)); - p = x; - - for (i = 0; i < bufsiz; i++) { - while (isprint(*p) == 0) - p++; - - if (p - x >= sizeof(x)) { - krb5_generate_random_block(x, sizeof(x)); - p = x; - } - buf[i] = (char)*p++; - } - buf[bufsiz - 1] = '\0'; - memset(x, 0, sizeof(x)); -} - -static krb5_error_code -change_pw_and_update_keytab(krb5_context context, - kcm_ccache ccache) -{ - char newpw[121]; - krb5_error_code ret; - unsigned kvno; - krb5_salt salt; - krb5_enctype *etypes = NULL; - int i; - char *cpn = NULL; - char **spns = NULL; - - krb5_data_zero(&salt.saltvalue); - - ret = krb5_unparse_name(context, ccache->client, &cpn); - if (ret) { - kcm_log(0, "Failed to unparse name: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - ret = krb5_get_default_in_tkt_etypes(context, &etypes); - if (ret) { - kcm_log(0, "Failed to determine default encryption types: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - /* Generate a random password (there is no set keys protocol) */ - generate_random_pw(context, newpw, sizeof(newpw)); - - /* Change it */ - ret = change_pw(context, ccache, cpn, newpw); - if (ret) - goto out; - - /* Do an AS-REQ to determine salt and key version number */ - ret = get_salt_and_kvno(context, ccache, etypes, cpn, newpw, - &salt, &kvno); - if (ret) { - kcm_log(0, "Failed to determine salting principal for principal %s: %s", - cpn, krb5_get_err_text(context, ret)); - goto out; - } - - /* Add canonical name */ - ret = update_keytab_entries(context, ccache, etypes, cpn, - NULL, newpw, salt, kvno); - if (ret) - goto out; - - /* Add SPN aliases, if any */ - spns = krb5_config_get_strings(context, NULL, "kcm", - "system_ccache", "spn_aliases", NULL); - if (spns != NULL) { - for (i = 0; spns[i] != NULL; i++) { - ret = update_keytab_entries(context, ccache, etypes, cpn, - spns[i], newpw, salt, kvno); - if (ret) - goto out; - } - } - - kcm_log(0, "Changed expired password for principal %s in cache %s", - cpn, ccache->name); - -out: - if (cpn != NULL) - free(cpn); - if (spns != NULL) - krb5_config_free_strings(spns); - if (etypes != NULL) - free(etypes); - krb5_free_salt(context, salt); - memset(newpw, 0, sizeof(newpw)); - - return ret; -} - diff --git a/kcm/cache.c b/kcm/cache.c index aeb30cca1fe9..1bd220c8a70a 100644 --- a/kcm/cache.c +++ b/kcm/cache.c @@ -2,6 +2,8 @@ * Copyright (c) 2005, PADL Software Pty Ltd. * All rights reserved. * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -32,11 +34,9 @@ #include "kcm_locl.h" -RCSID("$Id: cache.c 14566 2005-02-06 01:22:49Z lukeh $"); - -static HEIMDAL_MUTEX ccache_mutex = HEIMDAL_MUTEX_INITIALIZER; -static kcm_ccache_data *ccache_head = NULL; -static unsigned int ccache_nextid = 0; +HEIMDAL_MUTEX ccache_mutex = HEIMDAL_MUTEX_INITIALIZER; +kcm_ccache_data *ccache_head = NULL; +static unsigned int ccache_nextid = 0; char *kcm_ccache_nextid(pid_t pid, uid_t uid, gid_t gid) { @@ -47,15 +47,15 @@ char *kcm_ccache_nextid(pid_t pid, uid_t uid, gid_t gid) n = ++ccache_nextid; HEIMDAL_MUTEX_unlock(&ccache_mutex); - asprintf(&name, "%d:%u", uid, n); + asprintf(&name, "%ld:%u", (long)uid, n); return name; } -static krb5_error_code -kcm_ccache_resolve_internal(krb5_context context, - const char *name, - kcm_ccache *ccache) +krb5_error_code +kcm_ccache_resolve(krb5_context context, + const char *name, + kcm_ccache *ccache) { kcm_ccache p; krb5_error_code ret; @@ -85,6 +85,66 @@ kcm_ccache_resolve_internal(krb5_context context, return ret; } +krb5_error_code +kcm_ccache_resolve_by_uuid(krb5_context context, + kcmuuid_t uuid, + kcm_ccache *ccache) +{ + kcm_ccache p; + krb5_error_code ret; + + *ccache = NULL; + + ret = KRB5_FCC_NOFILE; + + HEIMDAL_MUTEX_lock(&ccache_mutex); + + for (p = ccache_head; p != NULL; p = p->next) { + if ((p->flags & KCM_FLAGS_VALID) == 0) + continue; + if (memcmp(p->uuid, uuid, sizeof(uuid)) == 0) { + ret = 0; + break; + } + } + + if (ret == 0) { + kcm_retain_ccache(context, p); + *ccache = p; + } + + HEIMDAL_MUTEX_unlock(&ccache_mutex); + + return ret; +} + +krb5_error_code +kcm_ccache_get_uuids(krb5_context context, kcm_client *client, kcm_operation opcode, krb5_storage *sp) +{ + krb5_error_code ret; + kcm_ccache p; + + ret = KRB5_FCC_NOFILE; + + HEIMDAL_MUTEX_lock(&ccache_mutex); + + for (p = ccache_head; p != NULL; p = p->next) { + if ((p->flags & KCM_FLAGS_VALID) == 0) + continue; + ret = kcm_access(context, client, opcode, p); + if (ret) { + ret = 0; + continue; + } + krb5_storage_write(sp, p->uuid, sizeof(p->uuid)); + } + + HEIMDAL_MUTEX_unlock(&ccache_mutex); + + return ret; +} + + krb5_error_code kcm_debug_ccache(krb5_context context) { kcm_ccache p; @@ -108,7 +168,7 @@ krb5_error_code kcm_debug_ccache(krb5_context context) krb5_unparse_name(context, p->client, &cpn); if (p->server != NULL) krb5_unparse_name(context, p->server, &spn); - + kcm_log(7, "cache %08x: name %s refcnt %d flags %04x mode %04o " "uid %d gid %d client %s server %s ncreds %d", p, p->name, p->refcnt, p->flags, p->mode, p->uid, p->gid, @@ -125,10 +185,48 @@ krb5_error_code kcm_debug_ccache(krb5_context context) return 0; } -static krb5_error_code -kcm_ccache_destroy_internal(krb5_context context, const char *name) +static void +kcm_free_ccache_data_internal(krb5_context context, + kcm_ccache_data *cache) { - kcm_ccache *p; + KCM_ASSERT_VALID(cache); + + if (cache->name != NULL) { + free(cache->name); + cache->name = NULL; + } + + if (cache->flags & KCM_FLAGS_USE_KEYTAB) { + krb5_kt_close(context, cache->key.keytab); + cache->key.keytab = NULL; + } else if (cache->flags & KCM_FLAGS_USE_CACHED_KEY) { + krb5_free_keyblock_contents(context, &cache->key.keyblock); + krb5_keyblock_zero(&cache->key.keyblock); + } + + cache->flags = 0; + cache->mode = 0; + cache->uid = -1; + cache->gid = -1; + cache->session = -1; + + kcm_zero_ccache_data_internal(context, cache); + + cache->tkt_life = 0; + cache->renew_life = 0; + + cache->next = NULL; + cache->refcnt = 0; + + HEIMDAL_MUTEX_unlock(&cache->mutex); + HEIMDAL_MUTEX_destroy(&cache->mutex); +} + + +krb5_error_code +kcm_ccache_destroy(krb5_context context, const char *name) +{ + kcm_ccache *p, ccache; krb5_error_code ret; ret = KRB5_FCC_NOFILE; @@ -142,11 +240,18 @@ kcm_ccache_destroy_internal(krb5_context context, const char *name) break; } } - if (ret) goto out; - kcm_release_ccache(context, p); + if ((*p)->refcnt != 1) { + ret = EAGAIN; + goto out; + } + + ccache = *p; + *p = (*p)->next; + kcm_free_ccache_data_internal(context, ccache); + free(ccache); out: HEIMDAL_MUTEX_unlock(&ccache_mutex); @@ -182,29 +287,21 @@ kcm_ccache_alloc(krb5_context context, goto out; /* - * Then try and find an empty slot - * XXX we need to recycle slots for this to actually do anything + * Create an enpty slot for us. */ if (slot == NULL) { - for (; p != NULL; p = p->next) { - if ((p->flags & KCM_FLAGS_VALID) == 0) { - slot = p; - break; - } - } - + slot = (kcm_ccache_data *)malloc(sizeof(*slot)); if (slot == NULL) { - slot = (kcm_ccache_data *)malloc(sizeof(*slot)); - if (slot == NULL) { - ret = KRB5_CC_NOMEM; - goto out; - } - slot->next = ccache_head; - HEIMDAL_MUTEX_init(&slot->mutex); - new_slot = 1; + ret = KRB5_CC_NOMEM; + goto out; } + slot->next = ccache_head; + HEIMDAL_MUTEX_init(&slot->mutex); + new_slot = 1; } + RAND_bytes(slot->uuid, sizeof(slot->uuid)); + slot->name = strdup(name); if (slot->name == NULL) { ret = KRB5_CC_NOMEM; @@ -219,8 +316,6 @@ kcm_ccache_alloc(krb5_context context, slot->client = NULL; slot->server = NULL; slot->creds = NULL; - slot->n_cursor = 0; - slot->cursors = NULL; slot->key.keytab = NULL; slot->tkt_life = 0; slot->renew_life = 0; @@ -247,7 +342,6 @@ kcm_ccache_remove_creds_internal(krb5_context context, kcm_ccache ccache) { struct kcm_creds *k; - struct kcm_cursor *c; k = ccache->creds; while (k != NULL) { @@ -260,20 +354,6 @@ kcm_ccache_remove_creds_internal(krb5_context context, } ccache->creds = NULL; - /* remove anything that would have pointed into the creds too */ - - ccache->n_cursor = 0; - - c = ccache->cursors; - while (c != NULL) { - struct kcm_cursor *old; - - old = c; - c = c->next; - free(old); - } - ccache->cursors = NULL; - return 0; } @@ -326,44 +406,6 @@ kcm_zero_ccache_data(krb5_context context, return ret; } -static krb5_error_code -kcm_free_ccache_data_internal(krb5_context context, - kcm_ccache_data *cache) -{ - KCM_ASSERT_VALID(cache); - - if (cache->name != NULL) { - free(cache->name); - cache->name = NULL; - } - - if (cache->flags & KCM_FLAGS_USE_KEYTAB) { - krb5_kt_close(context, cache->key.keytab); - cache->key.keytab = NULL; - } else if (cache->flags & KCM_FLAGS_USE_CACHED_KEY) { - krb5_free_keyblock_contents(context, &cache->key.keyblock); - krb5_keyblock_zero(&cache->key.keyblock); - } - - cache->flags = 0; - cache->mode = 0; - cache->uid = -1; - cache->gid = -1; - - kcm_zero_ccache_data_internal(context, cache); - - cache->tkt_life = 0; - cache->renew_life = 0; - - cache->next = NULL; - cache->refcnt = 0; - - HEIMDAL_MUTEX_unlock(&cache->mutex); - HEIMDAL_MUTEX_destroy(&cache->mutex); - - return 0; -} - krb5_error_code kcm_retain_ccache(krb5_context context, kcm_ccache ccache) @@ -378,26 +420,21 @@ kcm_retain_ccache(krb5_context context, } krb5_error_code -kcm_release_ccache(krb5_context context, - kcm_ccache *ccache) +kcm_release_ccache(krb5_context context, kcm_ccache c) { - kcm_ccache c = *ccache; krb5_error_code ret = 0; KCM_ASSERT_VALID(c); HEIMDAL_MUTEX_lock(&c->mutex); if (c->refcnt == 1) { - ret = kcm_free_ccache_data_internal(context, c); - if (ret == 0) - free(c); + kcm_free_ccache_data_internal(context, c); + free(c); } else { c->refcnt--; HEIMDAL_MUTEX_unlock(&c->mutex); } - *ccache = NULL; - return ret; } @@ -441,29 +478,6 @@ kcm_ccache_new(krb5_context context, return ret; } -krb5_error_code -kcm_ccache_resolve(krb5_context context, - const char *name, - kcm_ccache *ccache) -{ - krb5_error_code ret; - - ret = kcm_ccache_resolve_internal(context, name, ccache); - - return ret; -} - -krb5_error_code -kcm_ccache_destroy(krb5_context context, - const char *name) -{ - krb5_error_code ret; - - ret = kcm_ccache_destroy_internal(context, name); - - return ret; -} - krb5_error_code kcm_ccache_destroy_if_empty(krb5_context context, kcm_ccache ccache) @@ -471,9 +485,9 @@ kcm_ccache_destroy_if_empty(krb5_context context, krb5_error_code ret; KCM_ASSERT_VALID(ccache); - + if (ccache->creds == NULL) { - ret = kcm_ccache_destroy_internal(context, ccache->name); + ret = kcm_ccache_destroy(context, ccache->name); } else ret = 0; @@ -490,7 +504,7 @@ kcm_ccache_store_cred(krb5_context context, krb5_creds *tmp; KCM_ASSERT_VALID(ccache); - + HEIMDAL_MUTEX_lock(&ccache->mutex); ret = kcm_ccache_store_cred_internal(context, ccache, creds, copy, &tmp); HEIMDAL_MUTEX_unlock(&ccache->mutex); @@ -498,6 +512,22 @@ kcm_ccache_store_cred(krb5_context context, return ret; } +struct kcm_creds * +kcm_ccache_find_cred_uuid(krb5_context context, + kcm_ccache ccache, + kcmuuid_t uuid) +{ + struct kcm_creds *c; + + for (c = ccache->creds; c != NULL; c = c->next) + if (memcmp(c->uuid, uuid, sizeof(c->uuid)) == 0) + return c; + + return NULL; +} + + + krb5_error_code kcm_ccache_store_cred_internal(krb5_context context, kcm_ccache ccache, @@ -511,10 +541,11 @@ kcm_ccache_store_cred_internal(krb5_context context, for (c = &ccache->creds; *c != NULL; c = &(*c)->next) ; - *c = (struct kcm_creds *)malloc(sizeof(struct kcm_creds)); - if (*c == NULL) { + *c = (struct kcm_creds *)calloc(1, sizeof(**c)); + if (*c == NULL) return KRB5_CC_NOMEM; - } + + RAND_bytes((*c)->uuid, sizeof((*c)->uuid)); *credp = &(*c)->cred; @@ -529,25 +560,9 @@ kcm_ccache_store_cred_internal(krb5_context context, ret = 0; } - (*c)->next = NULL; - return ret; } -static void -remove_cred(krb5_context context, - struct kcm_creds **c) -{ - struct kcm_creds *cred; - - cred = *c; - - *c = cred->next; - - krb5_free_cred_contents(context, &cred->cred); - free(cred); -} - krb5_error_code kcm_ccache_remove_cred_internal(krb5_context context, kcm_ccache ccache, @@ -561,8 +576,14 @@ kcm_ccache_remove_cred_internal(krb5_context context, for (c = &ccache->creds; *c != NULL; c = &(*c)->next) { if (krb5_compare_creds(context, whichfields, mcreds, &(*c)->cred)) { - remove_cred(context, c); + struct kcm_creds *cred = *c; + + *c = cred->next; + krb5_free_cred_contents(context, &cred->cred); + free(cred); ret = 0; + if (*c == NULL) + break; } } @@ -626,7 +647,7 @@ kcm_ccache_retrieve_cred(krb5_context context, krb5_error_code ret; KCM_ASSERT_VALID(ccache); - + HEIMDAL_MUTEX_lock(&ccache->mutex); ret = kcm_ccache_retrieve_cred_internal(context, ccache, whichfields, mcreds, credp); @@ -634,3 +655,21 @@ kcm_ccache_retrieve_cred(krb5_context context, return ret; } + +char * +kcm_ccache_first_name(kcm_client *client) +{ + kcm_ccache p; + char *name = NULL; + + HEIMDAL_MUTEX_lock(&ccache_mutex); + + for (p = ccache_head; p != NULL; p = p->next) { + if (kcm_is_same_session(client, p->uid, p->session)) + break; + } + if (p) + name = strdup(p->name); + HEIMDAL_MUTEX_unlock(&ccache_mutex); + return name; +} diff --git a/kcm/client.c b/kcm/client.c index f0758949bafa..38a844917858 100644 --- a/kcm/client.c +++ b/kcm/client.c @@ -2,6 +2,8 @@ * Copyright (c) 2005, PADL Software Pty Ltd. * All rights reserved. * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -33,8 +35,6 @@ #include "kcm_locl.h" #include -RCSID("$Id: client.c 20487 2007-04-21 06:25:06Z lha $"); - krb5_error_code kcm_ccache_resolve_client(krb5_context context, kcm_client *client, @@ -54,7 +54,7 @@ kcm_ccache_resolve_client(krb5_context context, ret = kcm_access(context, client, opcode, *ccache); if (ret) { ret = KRB5_FCC_NOFILE; /* don't disclose */ - kcm_release_ccache(context, ccache); + kcm_release_ccache(context, *ccache); } return ret; @@ -76,19 +76,12 @@ kcm_ccache_destroy_client(krb5_context context, } ret = kcm_access(context, client, KCM_OP_DESTROY, ccache); - if (ret) { - kcm_release_ccache(context, &ccache); + kcm_cleanup_events(context, ccache); + kcm_release_ccache(context, ccache); + if (ret) return ret; - } - ret = kcm_ccache_destroy(context, ccache->name); - if (ret == 0) { - /* don't leave any events dangling */ - kcm_cleanup_events(context, ccache); - } - - kcm_release_ccache(context, &ccache); - return ret; + return kcm_ccache_destroy(context, name); } krb5_error_code @@ -121,7 +114,7 @@ kcm_ccache_new_client(krb5_context context, if (bad && !CLIENT_IS_ROOT(client)) return KRB5_CC_BADNAME; } - + ret = kcm_ccache_resolve(context, name, &ccache); if (ret == 0) { if ((ccache->uid != client->uid || @@ -142,12 +135,13 @@ kcm_ccache_new_client(krb5_context context, /* bind to current client */ ccache->uid = client->uid; ccache->gid = client->gid; + ccache->session = client->session; } else { ret = kcm_zero_ccache_data(context, ccache); if (ret) { kcm_log(1, "Failed to empty cache %s: %s", name, krb5_get_err_text(context, ret)); - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); return ret; } kcm_cleanup_events(context, ccache); @@ -155,12 +149,12 @@ kcm_ccache_new_client(krb5_context context, ret = kcm_access(context, client, KCM_OP_INITIALIZE, ccache); if (ret) { - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); kcm_ccache_destroy(context, name); return ret; } - /* + /* * Finally, if the user is root and the cache was created under * another user's name, chown the cache to that user and their * default gid. @@ -178,7 +172,7 @@ kcm_ccache_new_client(krb5_context context, } } } - + *ccache_p = ccache; return 0; } diff --git a/kcm/config.c b/kcm/config.c index 5de797eb4b33..26c48be3c7d8 100644 --- a/kcm/config.c +++ b/kcm/config.c @@ -2,6 +2,8 @@ * Copyright (c) 2005, PADL Software Pty Ltd. * All rights reserved. * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,8 +36,6 @@ #include #include -RCSID("$Id: config.c 15296 2005-05-30 10:17:43Z lha $"); - static const char *config_file; /* location of kcm config file */ size_t max_request = 0; /* maximal size of a request */ @@ -44,8 +44,10 @@ char *door_path = NULL; static char *max_request_str; /* `max_request' as a string */ +#ifdef SUPPORT_DETACH int detach_from_console = -1; #define DETACH_IS_DEFAULT FALSE +#endif static const char *system_cache_name = NULL; static const char *system_keytab = NULL; @@ -58,44 +60,51 @@ static const char *system_group = NULL; static const char *renew_life = NULL; static const char *ticket_life = NULL; -int disallow_getting_krbtgt = -1; +int launchd_flag = 0; +int disallow_getting_krbtgt = 0; int name_constraints = -1; static int help_flag; static int version_flag; static struct getargs args[] = { - { - "cache-name", 0, arg_string, &system_cache_name, - "system cache name", "cachename" + { + "cache-name", 0, arg_string, &system_cache_name, + "system cache name", "cachename" }, - { - "config-file", 'c', arg_string, &config_file, - "location of config file", "file" + { + "config-file", 'c', arg_string, &config_file, + "location of config file", "file" }, - { - "group", 'g', arg_string, &system_group, - "system cache group", "group" + { + "group", 'g', arg_string, &system_group, + "system cache group", "group" }, - { - "max-request", 0, arg_string, &max_request, + { + "max-request", 0, arg_string, &max_request, "max size for a kcm-request", "size" }, + { + "launchd", 0, arg_flag, &launchd_flag, + "when in use by launchd" + }, +#ifdef SUPPORT_DETACH #if DETACH_IS_DEFAULT { - "detach", 'D', arg_negative_flag, &detach_from_console, + "detach", 'D', arg_negative_flag, &detach_from_console, "don't detach from console" }, #else { - "detach", 0 , arg_flag, &detach_from_console, + "detach", 0 , arg_flag, &detach_from_console, "detach from console" }, +#endif #endif { "help", 'h', arg_flag, &help_flag }, - { - "system-principal", 'k', arg_string, &system_principal, - "system principal name", "principal" + { + "system-principal", 'k', arg_string, &system_principal, + "system principal name", "principal" }, { "lifetime", 'l', arg_string, &ticket_life, @@ -131,13 +140,13 @@ static struct getargs args[] = { "server", 'S', arg_string, &system_server, "server to get system ticket for", "principal" }, - { - "keytab", 't', arg_string, &system_keytab, - "system keytab name", "keytab" + { + "keytab", 't', arg_string, &system_keytab, + "system keytab name", "keytab" }, - { - "user", 'u', arg_string, &system_user, - "system cache owner", "user" + { + "user", 'u', arg_string, &system_user, + "system cache owner", "user" }, { "version", 'v', arg_flag, &version_flag } }; @@ -236,7 +245,7 @@ ccache_init_system(void) ret = krb5_parse_name(kcm_context, system_principal, &ccache->client); if (ret) { - kcm_release_ccache(kcm_context, &ccache); + kcm_release_ccache(kcm_context, ccache); return ret; } @@ -246,7 +255,7 @@ ccache_init_system(void) if (system_server != NULL) { ret = krb5_parse_name(kcm_context, system_server, &ccache->server); if (ret) { - kcm_release_ccache(kcm_context, &ccache); + kcm_release_ccache(kcm_context, ccache); return ret; } } @@ -260,7 +269,7 @@ ccache_init_system(void) ret = krb5_kt_default(kcm_context, &ccache->key.keytab); } if (ret) { - kcm_release_ccache(kcm_context, &ccache); + kcm_release_ccache(kcm_context, ccache); return ret; } @@ -273,7 +282,7 @@ ccache_init_system(void) if (renew_life != NULL) { ccache->renew_life = parse_time(renew_life, "s"); if (ccache->renew_life < 0) { - kcm_release_ccache(kcm_context, &ccache); + kcm_release_ccache(kcm_context, ccache); return EINVAL; } } @@ -284,7 +293,7 @@ ccache_init_system(void) if (ticket_life != NULL) { ccache->tkt_life = parse_time(ticket_life, "s"); if (ccache->tkt_life < 0) { - kcm_release_ccache(kcm_context, &ccache); + kcm_release_ccache(kcm_context, ccache); return EINVAL; } } @@ -310,7 +319,7 @@ ccache_init_system(void) /* enqueue default actions for credentials cache */ ret = kcm_ccache_enqueue_default(kcm_context, ccache, NULL); - kcm_release_ccache(kcm_context, &ccache); /* retained by event queue */ + kcm_release_ccache(kcm_context, ccache); /* retained by event queue */ return ret; } @@ -321,7 +330,7 @@ kcm_configure(int argc, char **argv) krb5_error_code ret; int optind = 0; const char *p; - + while(getarg(args, num_args, argc, argv, &optind)) warnx("error at argument `%s'", argv[optind]); @@ -338,7 +347,7 @@ kcm_configure(int argc, char **argv) if (argc != 0) usage(1); - + { char **files; @@ -348,10 +357,10 @@ kcm_configure(int argc, char **argv) ret = krb5_prepend_config_files_default(config_file, &files); if (ret) krb5_err(kcm_context, 1, ret, "getting configuration files"); - + ret = krb5_set_config_files(kcm_context, files); krb5_free_config_files(files); - if(ret) + if(ret) krb5_err(kcm_context, 1, ret, "reading configuration files"); } @@ -378,11 +387,13 @@ kcm_configure(int argc, char **argv) krb5_err(kcm_context, 1, ret, "initializing system ccache"); } - if(detach_from_console == -1) +#ifdef SUPPORT_DETACH + if(detach_from_console == -1) detach_from_console = krb5_config_get_bool_default(kcm_context, NULL, DETACH_IS_DEFAULT, "kcm", "detach", NULL); +#endif kcm_openlog(); if(max_request == 0) max_request = 64 * 1024; diff --git a/kcm/connect.c b/kcm/connect.c index b3a21aa66a0b..ee09193b352b 100644 --- a/kcm/connect.c +++ b/kcm/connect.c @@ -1,688 +1,84 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kcm_locl.h" -RCSID("$Id: connect.c 16314 2005-11-29 19:03:50Z lha $"); - -struct descr { - int s; - int type; - char *path; - unsigned char *buf; - size_t size; - size_t len; - time_t timeout; - struct sockaddr_storage __ss; - struct sockaddr *sa; - socklen_t sock_len; +void +kcm_service(void *ctx, const heim_idata *req, + const heim_icred cred, + heim_ipc_complete complete, + heim_sipc_call cctx) +{ kcm_client peercred; -}; + krb5_error_code ret; + krb5_data request, rep; + unsigned char *buf; + size_t len; -static void -init_descr(struct descr *d) -{ - memset(d, 0, sizeof(*d)); - d->sa = (struct sockaddr *)&d->__ss; - d->s = -1; -} + krb5_data_zero(&rep); -/* - * re-initialize all `n' ->sa in `d'. - */ + peercred.uid = heim_ipc_cred_get_uid(cred); + peercred.gid = heim_ipc_cred_get_gid(cred); + peercred.pid = heim_ipc_cred_get_pid(cred); + peercred.session = heim_ipc_cred_get_session(cred); -static void -reinit_descrs (struct descr *d, int n) -{ - int i; - - for (i = 0; i < n; ++i) - d[i].sa = (struct sockaddr *)&d[i].__ss; -} - -/* - * Update peer credentials from socket. - * - * SCM_CREDS can only be updated the first time there is read data to - * read from the filedescriptor, so if we read do it before this - * point, the cred data might not be is not there yet. - */ - -static int -update_client_creds(int s, kcm_client *peer) -{ -#ifdef GETPEERUCRED - /* Solaris 10 */ - { - ucred_t *peercred; - - if (getpeerucred(s, &peercred) != 0) { - peer->uid = ucred_geteuid(peercred); - peer->gid = ucred_getegid(peercred); - peer->pid = 0; - ucred_free(peercred); - return 0; - } - } -#endif -#ifdef GETPEEREID - /* FreeBSD, OpenBSD */ - { - uid_t uid; - gid_t gid; - - if (getpeereid(s, &uid, &gid) == 0) { - peer->uid = uid; - peer->gid = gid; - peer->pid = 0; - return 0; - } - } -#endif -#ifdef SO_PEERCRED - /* Linux */ - { - struct ucred pc; - socklen_t pclen = sizeof(pc); - - if (getsockopt(s, SOL_SOCKET, SO_PEERCRED, (void *)&pc, &pclen) == 0) { - peer->uid = pc.uid; - peer->gid = pc.gid; - peer->pid = pc.pid; - return 0; - } - } -#endif -#if defined(LOCAL_PEERCRED) && defined(XUCRED_VERSION) - { - struct xucred peercred; - socklen_t peercredlen = sizeof(peercred); - - if (getsockopt(s, LOCAL_PEERCRED, 1, - (void *)&peercred, &peercredlen) == 0 - && peercred.cr_version == XUCRED_VERSION) - { - peer->uid = peercred.cr_uid; - peer->gid = peercred.cr_gid; - peer->pid = 0; - return 0; - } - } -#endif -#if defined(SOCKCREDSIZE) && defined(SCM_CREDS) - /* NetBSD */ - if (peer->uid == -1) { - struct msghdr msg; - socklen_t crmsgsize; - void *crmsg; - struct cmsghdr *cmp; - struct sockcred *sc; - - memset(&msg, 0, sizeof(msg)); - crmsgsize = CMSG_SPACE(SOCKCREDSIZE(NGROUPS)); - if (crmsgsize == 0) - return 1 ; - - crmsg = malloc(crmsgsize); - if (crmsg == NULL) - goto failed_scm_creds; - - memset(crmsg, 0, crmsgsize); - - msg.msg_control = crmsg; - msg.msg_controllen = crmsgsize; - - if (recvmsg(s, &msg, 0) < 0) { - free(crmsg); - goto failed_scm_creds; - } - - if (msg.msg_controllen == 0 || (msg.msg_flags & MSG_CTRUNC) != 0) { - free(crmsg); - goto failed_scm_creds; - } - - cmp = CMSG_FIRSTHDR(&msg); - if (cmp->cmsg_level != SOL_SOCKET || cmp->cmsg_type != SCM_CREDS) { - free(crmsg); - goto failed_scm_creds; - } - - sc = (struct sockcred *)(void *)CMSG_DATA(cmp); - - peer->uid = sc->sc_euid; - peer->gid = sc->sc_egid; - peer->pid = 0; - - free(crmsg); - return 0; - } else { - /* we already got the cred, just return it */ - return 0; - } - failed_scm_creds: -#endif - krb5_warn(kcm_context, errno, "failed to determine peer identity"); - return 1; -} - - -/* - * Create the socket (family, type, port) in `d' - */ - -static void -init_socket(struct descr *d) -{ - struct sockaddr_un un; - struct sockaddr *sa = (struct sockaddr *)&un; - krb5_socklen_t sa_size = sizeof(un); - - init_descr (d); - - un.sun_family = AF_UNIX; - - if (socket_path != NULL) - d->path = socket_path; - else - d->path = _PATH_KCM_SOCKET; - - strlcpy(un.sun_path, d->path, sizeof(un.sun_path)); - - d->s = socket(AF_UNIX, SOCK_STREAM, 0); - if (d->s < 0){ - krb5_warn(kcm_context, errno, "socket(%d, %d, 0)", AF_UNIX, SOCK_STREAM); - d->s = -1; - return; - } -#if defined(HAVE_SETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_REUSEADDR) - { - int one = 1; - setsockopt(d->s, SOL_SOCKET, SO_REUSEADDR, (void *)&one, sizeof(one)); - } -#endif -#ifdef LOCAL_CREDS - { - int one = 1; - setsockopt(d->s, 0, LOCAL_CREDS, (void *)&one, sizeof(one)); - } -#endif - - d->type = SOCK_STREAM; - - unlink(d->path); - - if (bind(d->s, sa, sa_size) < 0) { - krb5_warn(kcm_context, errno, "bind %s", un.sun_path); - close(d->s); - d->s = -1; + if (req->length < 4) { + kcm_log(1, "malformed request from process %d (too short)", + peercred.pid); + (*complete)(cctx, EINVAL, NULL); return; } - if (listen(d->s, SOMAXCONN) < 0) { - krb5_warn(kcm_context, errno, "listen %s", un.sun_path); - close(d->s); - d->s = -1; - return; - } - - chmod(d->path, 0777); - - return; -} - -/* - * Allocate descriptors for all the sockets that we should listen on - * and return the number of them. - */ - -static int -init_sockets(struct descr **desc) -{ - struct descr *d; - size_t num = 0; - - d = (struct descr *)malloc(sizeof(*d)); - if (d == NULL) { - krb5_errx(kcm_context, 1, "malloc failed"); - } - - init_socket(d); - if (d->s != -1) { - kcm_log(5, "listening on domain socket %s", d->path); - num++; - } - - reinit_descrs (d, num); - *desc = d; - - return num; -} - -/* - * handle the request in `buf, len', from `addr' (or `from' as a string), - * sending a reply in `reply'. - */ - -static int -process_request(unsigned char *buf, - size_t len, - krb5_data *reply, - kcm_client *client) -{ - krb5_data request; - - if (len < 4) { - kcm_log(1, "malformed request from process %d (too short)", - client->pid); - return -1; - } + buf = req->data; + len = req->length; if (buf[0] != KCM_PROTOCOL_VERSION_MAJOR || buf[1] != KCM_PROTOCOL_VERSION_MINOR) { kcm_log(1, "incorrect protocol version %d.%d from process %d", - buf[0], buf[1], client->pid); - return -1; + buf[0], buf[1], peercred.pid); + (*complete)(cctx, EINVAL, NULL); + return; } - buf += 2; - len -= 2; + request.data = buf + 2; + request.length = len - 2; /* buf is now pointing at opcode */ - request.data = buf; - request.length = len; + ret = kcm_dispatch(kcm_context, &peercred, &request, &rep); - return kcm_dispatch(kcm_context, client, &request, reply); + (*complete)(cctx, ret, &rep); + krb5_data_free(&rep); } - -/* - * Handle the request in `buf, len' to socket `d' - */ - -static void -do_request(void *buf, size_t len, struct descr *d) -{ - krb5_error_code ret; - krb5_data reply; - - reply.length = 0; - - ret = process_request(buf, len, &reply, &d->peercred); - if (reply.length != 0) { - unsigned char len[4]; - struct msghdr msghdr; - struct iovec iov[2]; - - kcm_log(5, "sending %lu bytes to process %d", - (unsigned long)reply.length, - (int)d->peercred.pid); - - memset (&msghdr, 0, sizeof(msghdr)); - msghdr.msg_name = NULL; - msghdr.msg_namelen = 0; - msghdr.msg_iov = iov; - msghdr.msg_iovlen = sizeof(iov)/sizeof(*iov); -#if 0 - msghdr.msg_control = NULL; - msghdr.msg_controllen = 0; -#endif - - len[0] = (reply.length >> 24) & 0xff; - len[1] = (reply.length >> 16) & 0xff; - len[2] = (reply.length >> 8) & 0xff; - len[3] = reply.length & 0xff; - - iov[0].iov_base = (void*)len; - iov[0].iov_len = 4; - iov[1].iov_base = reply.data; - iov[1].iov_len = reply.length; - - if (sendmsg (d->s, &msghdr, 0) < 0) { - kcm_log (0, "sendmsg(%d): %d %s", (int)d->peercred.pid, - errno, strerror(errno)); - krb5_data_free(&reply); - return; - } - - krb5_data_free(&reply); - } - - if (ret) { - kcm_log(0, "Failed processing %lu byte request from process %d", - (unsigned long)len, d->peercred.pid); - } -} - -static void -clear_descr(struct descr *d) -{ - if(d->buf) - memset(d->buf, 0, d->size); - d->len = 0; - if(d->s != -1) - close(d->s); - d->s = -1; -} - -#define STREAM_TIMEOUT 4 - -/* - * accept a new stream connection on `d[parent]' and store it in `d[child]' - */ - -static void -add_new_stream (struct descr *d, int parent, int child) -{ - int s; - - if (child == -1) - return; - - d[child].peercred.pid = -1; - d[child].peercred.uid = -1; - d[child].peercred.gid = -1; - - d[child].sock_len = sizeof(d[child].__ss); - s = accept(d[parent].s, d[child].sa, &d[child].sock_len); - if(s < 0) { - krb5_warn(kcm_context, errno, "accept"); - return; - } - - if (s >= FD_SETSIZE) { - krb5_warnx(kcm_context, "socket FD too large"); - close (s); - return; - } - - d[child].s = s; - d[child].timeout = time(NULL) + STREAM_TIMEOUT; - d[child].type = SOCK_STREAM; -} - -/* - * Grow `d' to handle at least `n'. - * Return != 0 if fails - */ - -static int -grow_descr (struct descr *d, size_t n) -{ - if (d->size - d->len < n) { - unsigned char *tmp; - size_t grow; - - grow = max(1024, d->len + n); - if (d->size + grow > max_request) { - kcm_log(0, "Request exceeds max request size (%lu bytes).", - (unsigned long)d->size + grow); - clear_descr(d); - return -1; - } - tmp = realloc (d->buf, d->size + grow); - if (tmp == NULL) { - kcm_log(0, "Failed to re-allocate %lu bytes.", - (unsigned long)d->size + grow); - clear_descr(d); - return -1; - } - d->size += grow; - d->buf = tmp; - } - return 0; -} - -/* - * Handle incoming data to the stream socket in `d[index]' - */ - -static void -handle_stream(struct descr *d, int index, int min_free) -{ - unsigned char buf[1024]; - int n; - int ret = 0; - - if (d[index].timeout == 0) { - add_new_stream (d, index, min_free); - return; - } - - if (update_client_creds(d[index].s, &d[index].peercred)) { - krb5_warnx(kcm_context, "failed to update peer identity"); - clear_descr(d + index); - return; - } - - if (d[index].peercred.uid == -1) { - krb5_warnx(kcm_context, "failed to determine peer identity"); - clear_descr (d + index); - return; - } - - n = recvfrom(d[index].s, buf, sizeof(buf), 0, NULL, NULL); - if (n < 0) { - krb5_warn(kcm_context, errno, "recvfrom"); - return; - } else if (n == 0) { - krb5_warnx(kcm_context, "connection closed before end of data " - "after %lu bytes from process %ld", - (unsigned long) d[index].len, (long) d[index].peercred.pid); - clear_descr (d + index); - return; - } - if (grow_descr (&d[index], n)) - return; - memcpy(d[index].buf + d[index].len, buf, n); - d[index].len += n; - if (d[index].len > 4) { - krb5_storage *sp; - int32_t len; - - sp = krb5_storage_from_mem(d[index].buf, d[index].len); - if (sp == NULL) { - kcm_log (0, "krb5_storage_from_mem failed"); - ret = -1; - } else { - krb5_ret_int32(sp, &len); - krb5_storage_free(sp); - if (d[index].len - 4 >= len) { - memmove(d[index].buf, d[index].buf + 4, d[index].len - 4); - ret = 1; - } else - ret = 0; - } - } - if (ret < 0) - return; - else if (ret == 1) { - do_request(d[index].buf, d[index].len, &d[index]); - clear_descr(d + index); - } -} - -#ifdef HAVE_DOOR_CREATE - -static void -kcm_door_server(void *cookie, char *argp, size_t arg_size, - door_desc_t *dp, uint_t n_desc) -{ - kcm_client peercred; - door_cred_t cred; - krb5_error_code ret; - krb5_data reply; - size_t length; - char *p; - - reply.length = 0; - - p = NULL; - length = 0; - - if (door_cred(&cred) != 0) { - kcm_log(0, "door_cred failed with %s", strerror(errno)); - goto out; - } - - peercred.uid = cred.dc_euid; - peercred.gid = cred.dc_egid; - peercred.pid = cred.dc_pid; - - ret = process_request((unsigned char*)argp, arg_size, &reply, &peercred); - if (reply.length != 0) { - p = alloca(reply.length); /* XXX don't use alloca */ - if (p) { - memcpy(p, reply.data, reply.length); - length = reply.length; - } - krb5_data_free(&reply); - } - - out: - door_return(p, length, NULL, 0); -} - -static void -kcm_setup_door(void) -{ - int fd, ret; - char *path; - - fd = door_create(kcm_door_server, NULL, 0); - if (fd < 0) - krb5_err(kcm_context, 1, errno, "Failed to create door"); - - if (door_path != NULL) - path = door_path; - else - path = _PATH_KCM_DOOR; - - unlink(path); - ret = open(path, O_RDWR | O_CREAT, 0666); - if (ret < 0) - krb5_err(kcm_context, 1, errno, "Failed to create/open door"); - close(ret); - - ret = fattach(fd, path); - if (ret < 0) - krb5_err(kcm_context, 1, errno, "Failed to attach door"); - -} -#endif /* HAVE_DOOR_CREATE */ - - -void -kcm_loop(void) -{ - struct descr *d; - int ndescr; - -#ifdef HAVE_DOOR_CREATE - kcm_setup_door(); -#endif - - ndescr = init_sockets(&d); - if (ndescr <= 0) { - krb5_warnx(kcm_context, "No sockets!"); -#ifndef HAVE_DOOR_CREATE - exit(1); -#endif - } - while (exit_flag == 0){ - struct timeval tmout; - fd_set fds; - int min_free = -1; - int max_fd = 0; - int i; - - FD_ZERO(&fds); - for(i = 0; i < ndescr; i++) { - if (d[i].s >= 0){ - if(d[i].type == SOCK_STREAM && - d[i].timeout && d[i].timeout < time(NULL)) { - kcm_log(1, "Stream connection from %d expired after %lu bytes", - d[i].peercred.pid, (unsigned long)d[i].len); - clear_descr(&d[i]); - continue; - } - if (max_fd < d[i].s) - max_fd = d[i].s; - if (max_fd >= FD_SETSIZE) - krb5_errx(kcm_context, 1, "fd too large"); - FD_SET(d[i].s, &fds); - } else if (min_free < 0 || i < min_free) - min_free = i; - } - if (min_free == -1) { - struct descr *tmp; - tmp = realloc(d, (ndescr + 4) * sizeof(*d)); - if(tmp == NULL) - krb5_warnx(kcm_context, "No memory"); - else { - d = tmp; - reinit_descrs (d, ndescr); - memset(d + ndescr, 0, 4 * sizeof(*d)); - for(i = ndescr; i < ndescr + 4; i++) - init_descr (&d[i]); - min_free = ndescr; - ndescr += 4; - } - } - - tmout.tv_sec = STREAM_TIMEOUT; - tmout.tv_usec = 0; - switch (select(max_fd + 1, &fds, 0, 0, &tmout)){ - case 0: - kcm_run_events(kcm_context, time(NULL)); - break; - case -1: - if (errno != EINTR) - krb5_warn(kcm_context, errno, "select"); - break; - default: - for(i = 0; i < ndescr; i++) { - if(d[i].s >= 0 && FD_ISSET(d[i].s, &fds)) { - if (d[i].type == SOCK_STREAM) - handle_stream(d, i, min_free); - } - } - kcm_run_events(kcm_context, time(NULL)); - break; - } - } - if (d->path != NULL) - unlink(d->path); - free(d); -} - diff --git a/kcm/cursor.c b/kcm/cursor.c deleted file mode 100644 index 701f770219ff..000000000000 --- a/kcm/cursor.c +++ /dev/null @@ -1,151 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" - -RCSID("$Id: cursor.c 17447 2006-05-05 10:52:01Z lha $"); - -krb5_error_code -kcm_cursor_new(krb5_context context, - pid_t pid, - kcm_ccache ccache, - uint32_t *cursor) -{ - kcm_cursor **p; - krb5_error_code ret; - - *cursor = 0; - - KCM_ASSERT_VALID(ccache); - - HEIMDAL_MUTEX_lock(&ccache->mutex); - for (p = &ccache->cursors; *p != NULL; p = &(*p)->next) - ; - - *p = (kcm_cursor *)malloc(sizeof(kcm_cursor)); - if (*p == NULL) { - ret = KRB5_CC_NOMEM; - goto out; - } - - (*p)->pid = pid; - (*p)->key = ++ccache->n_cursor; - (*p)->credp = ccache->creds; - (*p)->next = NULL; - - *cursor = (*p)->key; - - ret = 0; - -out: - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return ret; -} - -krb5_error_code -kcm_cursor_find(krb5_context context, - pid_t pid, - kcm_ccache ccache, - uint32_t key, - kcm_cursor **cursor) -{ - kcm_cursor *p; - krb5_error_code ret; - - KCM_ASSERT_VALID(ccache); - - if (key == 0) - return KRB5_CC_NOTFOUND; - - ret = KRB5_CC_END; - - HEIMDAL_MUTEX_lock(&ccache->mutex); - - for (p = ccache->cursors; p != NULL; p = p->next) { - if (p->key == key) { - if (p->pid != pid) - ret = KRB5_FCC_PERM; - else - ret = 0; - break; - } - } - - if (ret == 0) - *cursor = p; - - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return ret; -} - -krb5_error_code -kcm_cursor_delete(krb5_context context, - pid_t pid, - kcm_ccache ccache, - uint32_t key) -{ - kcm_cursor **p; - krb5_error_code ret; - - KCM_ASSERT_VALID(ccache); - - if (key == 0) - return KRB5_CC_NOTFOUND; - - ret = KRB5_CC_END; - - HEIMDAL_MUTEX_lock(&ccache->mutex); - - for (p = &ccache->cursors; *p != NULL; p = &(*p)->next) { - if ((*p)->key == key) { - if ((*p)->pid != pid) - ret = KRB5_FCC_PERM; - else - ret = 0; - break; - } - } - - if (ret == 0) { - kcm_cursor *x = *p; - - *p = x->next; - free(x); - } - - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return ret; -} - diff --git a/kcm/events.c b/kcm/events.c index f1110d110f20..e9c375f6a13e 100644 --- a/kcm/events.c +++ b/kcm/events.c @@ -32,7 +32,7 @@ #include "kcm_locl.h" -RCSID("$Id: events.c 15294 2005-05-30 01:43:23Z lukeh $"); +RCSID("$Id$"); /* thread-safe in case we multi-thread later */ static HEIMDAL_MUTEX events_mutex = HEIMDAL_MUTEX_INITIALIZER; @@ -161,7 +161,7 @@ kcm_remove_event_internal(krb5_context context, (*e)->fire_count = 0; (*e)->expire_time = 0; (*e)->backoff_time = 0; - kcm_release_ccache(context, &(*e)->ccache); + kcm_release_ccache(context, (*e)->ccache); (*e)->next = NULL; free(*e); @@ -206,7 +206,7 @@ kcm_ccache_make_default_event(krb5_context context, krb5_error_code ret = 0; kcm_ccache ccache = event->ccache; - event->fire_time = 0; + event->fire_time = 0; event->expire_time = 0; event->backoff_time = KCM_EVENT_DEFAULT_BACKOFF_TIME; @@ -353,7 +353,7 @@ kcm_fire_event(krb5_context context, event->fire_count++; if (ret) { - /* Reschedule failed event for another time */ + /* Reschedule failed event for another time */ event->fire_time += event->backoff_time; if (event->backoff_time < KCM_EVENT_MAX_BACKOFF_TIME) event->backoff_time *= 2; @@ -394,8 +394,7 @@ kcm_fire_event(krb5_context context, } krb5_error_code -kcm_run_events(krb5_context context, - time_t now) +kcm_run_events(krb5_context context, time_t now) { krb5_error_code ret; kcm_event **e; diff --git a/kcm/glue.c b/kcm/glue.c index be217f344f4b..8b0d17226445 100644 --- a/kcm/glue.c +++ b/kcm/glue.c @@ -32,7 +32,7 @@ #include "kcm_locl.h" -RCSID("$Id: glue.c 14566 2005-02-06 01:22:49Z lukeh $"); +RCSID("$Id$"); /* * Server-side loopback glue for credentials cache operations; this @@ -247,6 +247,7 @@ kcmss_get_version(krb5_context context, } static const krb5_cc_ops krb5_kcmss_ops = { + KRB5_CC_OPS_VERSION, "KCM", kcmss_get_name, kcmss_resolve, diff --git a/kcm/headers.h b/kcm/headers.h index 1042dd8d620d..603a6b811ed7 100644 --- a/kcm/headers.h +++ b/kcm/headers.h @@ -33,9 +33,9 @@ #ifndef __HEADERS_H__ #define __HEADERS_H__ -#ifdef HAVE_CONFIG_H + #include -#endif + #include #include #include @@ -70,20 +70,21 @@ #ifdef HAVE_LIBUTIL_H #include #endif -#ifdef HAVE_GETPEERUCRED -#include -#endif -#ifdef HAVE_DOOR_CREATE -#include -#include -#endif +#include #include #include #include #include #include +#include + + #include -#include +#include + +#include + +#include "crypto-headers.h" #endif /* __HEADERS_H__ */ diff --git a/kcm/kcm_protos.h b/kcm/kcm-protos.h similarity index 88% rename from kcm/kcm_protos.h rename to kcm/kcm-protos.h index 0fcea7511f95..1f985c601dd2 100644 --- a/kcm/kcm_protos.h +++ b/kcm/kcm-protos.h @@ -43,6 +43,15 @@ kcm_ccache_enqueue_default ( kcm_ccache /*ccache*/, krb5_creds */*newcred*/); +struct kcm_creds * +kcm_ccache_find_cred_uuid ( + krb5_context /*context*/, + kcm_ccache /*ccache*/, + kcmuuid_t /*uuid*/); + +char * +kcm_ccache_first_name (kcm_client */*client*/); + krb5_error_code kcm_ccache_gen_new ( krb5_context /*context*/, @@ -51,6 +60,13 @@ kcm_ccache_gen_new ( gid_t /*gid*/, kcm_ccache */*ccache*/); +krb5_error_code +kcm_ccache_get_uuids ( + krb5_context /*context*/, + kcm_client */*client*/, + kcm_operation /*opcode*/, + krb5_storage */*sp*/); + krb5_error_code kcm_ccache_new ( krb5_context /*context*/, @@ -105,6 +121,12 @@ kcm_ccache_resolve ( const char */*name*/, kcm_ccache */*ccache*/); +krb5_error_code +kcm_ccache_resolve_by_uuid ( + krb5_context /*context*/, + kcmuuid_t /*uuid*/, + kcm_ccache */*ccache*/); + krb5_error_code kcm_ccache_resolve_client ( krb5_context /*context*/, @@ -169,28 +191,6 @@ kcm_configure ( int /*argc*/, char **/*argv*/); -krb5_error_code -kcm_cursor_delete ( - krb5_context /*context*/, - pid_t /*pid*/, - kcm_ccache /*ccache*/, - uint32_t /*key*/); - -krb5_error_code -kcm_cursor_find ( - krb5_context /*context*/, - pid_t /*pid*/, - kcm_ccache /*ccache*/, - uint32_t /*key*/, - kcm_cursor **/*cursor*/); - -krb5_error_code -kcm_cursor_new ( - krb5_context /*context*/, - pid_t /*pid*/, - kcm_ccache /*ccache*/, - uint32_t */*cursor*/); - krb5_error_code kcm_debug_ccache (krb5_context /*context*/); @@ -225,6 +225,12 @@ kcm_internal_ccache ( kcm_ccache /*c*/, krb5_ccache /*id*/); +int +kcm_is_same_session ( + kcm_client */*client*/, + uid_t /*uid*/, + pid_t /*session*/); + void kcm_log ( int /*level*/, @@ -243,10 +249,8 @@ kcm_log_msg_va ( const char */*fmt*/, va_list /*ap*/); -void -kcm_loop (void); - -const char *kcm_op2string (kcm_operation /*opcode*/); +const char * +kcm_op2string (kcm_operation /*opcode*/); void kcm_openlog (void); @@ -254,7 +258,7 @@ kcm_openlog (void); krb5_error_code kcm_release_ccache ( krb5_context /*context*/, - kcm_ccache */*ccache*/); + kcm_ccache /*c*/); krb5_error_code kcm_remove_event ( @@ -271,6 +275,20 @@ kcm_run_events ( krb5_context /*context*/, time_t /*now*/); +void +kcm_service ( + void */*ctx*/, + const heim_idata */*req*/, + const heim_icred /*cred*/, + heim_ipc_complete /*complete*/, + heim_sipc_call /*cctx*/); + +void +kcm_session_add (pid_t /*session_id*/); + +void +kcm_session_setup_handler (void); + krb5_error_code kcm_zero_ccache_data ( krb5_context /*context*/, diff --git a/kcm/kcm.8 b/kcm/kcm.8 index 4a72eb382aa6..3ff9ea45abe1 100644 --- a/kcm/kcm.8 +++ b/kcm/kcm.8 @@ -1,96 +1,95 @@ -.\" Copyright (c) 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2005 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. .\" -.\" $Id: kcm.8 15497 2005-06-20 13:32:44Z lha $ +.\" $Id$ .\" .Dd May 29, 2005 .Dt KCM 8 .Os Heimdal .Sh NAME .Nm kcm -.Nd -is a process based credential cache for Kerberos tickets. +.Nd process-based credential cache for Kerberos tickets. .Sh SYNOPSIS .Nm -.Op Fl -cache-name= Ns Ar cachename +.Op Fl Fl cache-name= Ns Ar cachename .Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file +.Fl Fl config-file= Ns Ar file .Xc .Oc .Oo Fl g Ar group \*(Ba Xo -.Fl -group= Ns Ar group +.Fl Fl group= Ns Ar group .Xc .Oc -.Op Fl -max-request= Ns Ar size -.Op Fl -disallow-getting-krbtgt -.Op Fl -detach -.Op Fl h | Fl -help +.Op Fl Fl max-request= Ns Ar size +.Op Fl Fl disallow-getting-krbtgt +.Op Fl Fl detach +.Op Fl h | Fl Fl help .Oo Fl k Ar principal \*(Ba Xo -.Fl -system-principal= Ns Ar principal +.Fl Fl system-principal= Ns Ar principal .Xc .Oc .Oo Fl l Ar time \*(Ba Xo -.Fl -lifetime= Ns Ar time +.Fl Fl lifetime= Ns Ar time .Xc .Oc .Oo Fl m Ar mode \*(Ba Xo -.Fl -mode= Ns Ar mode +.Fl Fl mode= Ns Ar mode .Xc .Oc -.Op Fl n | Fl -no-name-constraints +.Op Fl n | Fl Fl no-name-constraints .Oo Fl r Ar time \*(Ba Xo -.Fl -renewable-life= Ns Ar time +.Fl Fl renewable-life= Ns Ar time .Xc .Oc .Oo Fl s Ar path \*(Ba Xo -.Fl -socket-path= Ns Ar path +.Fl Fl socket-path= Ns Ar path .Xc .Oc .Oo Xo -.Fl -door-path= Ns Ar path +.Fl Fl door-path= Ns Ar path .Xc .Oc .Oo Fl S Ar principal \*(Ba Xo -.Fl -server= Ns Ar principal +.Fl Fl server= Ns Ar principal .Xc .Oc .Oo Fl t Ar keytab \*(Ba Xo -.Fl -keytab= Ns Ar keytab +.Fl Fl keytab= Ns Ar keytab .Xc .Oc .Oo Fl u Ar user \*(Ba Xo -.Fl -user= Ns Ar user +.Fl Fl user= Ns Ar user .Xc .Oc -.Op Fl v | Fl -version +.Op Fl v | Fl Fl version .Sh DESCRIPTION .Nm is a process based credential cache. @@ -123,95 +122,46 @@ The daemon can also keep a SYSTEM credential that server processes can use to access services. One example of usage might be an nss_ldap module that quickly needs to get credentials and doesn't want to renew -the ticket itself. +the ticket itself. .Pp Supported options: .Bl -tag -width Ds -.It Xo -.Fl -cache-name= Ns Ar cachename -.Xc +.It Fl Fl cache-name= Ns Ar cachename system cache name -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc +.It Fl c Ar file , Fl Fl config-file= Ns Ar file location of config file -.It Xo -.Fl g Ar group , -.Fl -group= Ns Ar group -.Xc +.It Fl g Ar group , Fl Fl group= Ns Ar group system cache group -.It Xo -.Fl -max-request= Ns Ar size -.Xc +.It Fl Fl max-request= Ns Ar size max size for a kcm-request -.It Xo -.Fl -disallow-getting-krbtgt -.Xc +.It Fl Fl disallow-getting-krbtgt disallow extracting any krbtgt from the .Nm kcm daemon. -.It Xo -.Fl -detach -.Xc +.It Fl Fl detach detach from console -.It Xo -.Fl h , -.Fl -help -.Xc -.It Xo -.Fl k Ar principal , -.Fl -system-principal= Ns Ar principal -.Xc +.It Fl h , Fl Fl help +.It Fl k Ar principal , Fl Fl system-principal= Ns Ar principal system principal name -.It Xo -.Fl l Ar time , -.Fl -lifetime= Ns Ar time -.Xc +.It Fl l Ar time , Fl Fl lifetime= Ns Ar time lifetime of system tickets -.It Xo -.Fl m Ar mode , -.Fl -mode= Ns Ar mode -.Xc +.It Fl m Ar mode , Fl Fl mode= Ns Ar mode octal mode of system cache -.It Xo -.Fl n , -.Fl -no-name-constraints -.Xc +.It Fl n , Fl Fl no-name-constraints disable credentials cache name constraints -.It Xo -.Fl r Ar time , -.Fl -renewable-life= Ns Ar time -.Xc +.It Fl r Ar time , Fl Fl renewable-life= Ns Ar time renewable lifetime of system tickets -.It Xo -.Fl s Ar path , -.Fl -socket-path= Ns Ar path -.Xc +.It Fl s Ar path , Fl Fl socket-path= Ns Ar path path to kcm domain socket -.It Xo -.Fl -door-path= Ns Ar path -.Xc +.It Fl Fl door-path= Ns Ar path path to kcm door socket -.It Xo -.Fl S Ar principal , -.Fl -server= Ns Ar principal -.Xc +.It Fl S Ar principal , Fl Fl server= Ns Ar principal server to get system ticket for -.It Xo -.Fl t Ar keytab , -.Fl -keytab= Ns Ar keytab -.Xc +.It Fl t Ar keytab , Fl Fl keytab= Ns Ar keytab system keytab name -.It Xo -.Fl u Ar user , -.Fl -user= Ns Ar user -.Xc +.It Fl u Ar user , Fl Fl user= Ns Ar user system cache owner -.It Xo -.Fl v , -.Fl -version -.Xc +.It Fl v , Fl Fl version .El .\".Sh ENVIRONMENT .\".Sh FILES diff --git a/kcm/kcm.cat8 b/kcm/kcm.cat8 new file mode 100644 index 000000000000..21f5bcb6c669 --- /dev/null +++ b/kcm/kcm.cat8 @@ -0,0 +1,92 @@ + +KCM(8) BSD System Manager's Manual KCM(8) + +NNAAMMEE + kkccmm -- process-based credential cache for Kerberos tickets. + +SSYYNNOOPPSSIISS + kkccmm [----ccaacchhee--nnaammee==_c_a_c_h_e_n_a_m_e] [--cc _f_i_l_e | ----ccoonnffiigg--ffiillee==_f_i_l_e] [--gg _g_r_o_u_p | + ----ggrroouupp==_g_r_o_u_p] [----mmaaxx--rreeqquueesstt==_s_i_z_e] [----ddiissaallllooww--ggeettttiinngg--kkrrbbttggtt] + [----ddeettaacchh] [--hh | ----hheellpp] [--kk _p_r_i_n_c_i_p_a_l | + ----ssyysstteemm--pprriinncciippaall==_p_r_i_n_c_i_p_a_l] [--ll _t_i_m_e | ----lliiffeettiimmee==_t_i_m_e] [--mm _m_o_d_e | + ----mmooddee==_m_o_d_e] [--nn | ----nnoo--nnaammee--ccoonnssttrraaiinnttss] [--rr _t_i_m_e | + ----rreenneewwaabbllee--lliiffee==_t_i_m_e] [--ss _p_a_t_h | ----ssoocckkeett--ppaatthh==_p_a_t_h] + [----ddoooorr--ppaatthh==_p_a_t_h] [--SS _p_r_i_n_c_i_p_a_l | ----sseerrvveerr==_p_r_i_n_c_i_p_a_l] [--tt _k_e_y_t_a_b | + ----kkeeyyttaabb==_k_e_y_t_a_b] [--uu _u_s_e_r | ----uusseerr==_u_s_e_r] [--vv | ----vveerrssiioonn] + +DDEESSCCRRIIPPTTIIOONN + kkccmm is a process based credential cache. To use it, set the KRB5CCNAME + enviroment variable to `KCM:_u_i_d' or add the stanza + + + [libdefaults] + default_cc_name = KCM:%{uid} + + to the _/_e_t_c_/_k_r_b_5_._c_o_n_f configuration file and make sure kkccmm is started in + the system startup files. + + The kkccmm daemon can hold the credentials for all users in the system. + Access control is done with Unix-like permissions. The daemon checks the + access on all operations based on the uid and gid of the user. The tick- + ets are renewed as long as is permitted by the KDC's policy. + + The kkccmm daemon can also keep a SYSTEM credential that server processes + can use to access services. One example of usage might be an nss_ldap + module that quickly needs to get credentials and doesn't want to renew + the ticket itself. + + Supported options: + + ----ccaacchhee--nnaammee==_c_a_c_h_e_n_a_m_e + system cache name + + --cc _f_i_l_e, ----ccoonnffiigg--ffiillee==_f_i_l_e + location of config file + + --gg _g_r_o_u_p, ----ggrroouupp==_g_r_o_u_p + system cache group + + ----mmaaxx--rreeqquueesstt==_s_i_z_e + max size for a kcm-request + + ----ddiissaallllooww--ggeettttiinngg--kkrrbbttggtt + disallow extracting any krbtgt from the kkccmm daemon. + + ----ddeettaacchh + detach from console + + --hh, ----hheellpp + + --kk _p_r_i_n_c_i_p_a_l, ----ssyysstteemm--pprriinncciippaall==_p_r_i_n_c_i_p_a_l + system principal name + + --ll _t_i_m_e, ----lliiffeettiimmee==_t_i_m_e + lifetime of system tickets + + --mm _m_o_d_e, ----mmooddee==_m_o_d_e + octal mode of system cache + + --nn, ----nnoo--nnaammee--ccoonnssttrraaiinnttss + disable credentials cache name constraints + + --rr _t_i_m_e, ----rreenneewwaabbllee--lliiffee==_t_i_m_e + renewable lifetime of system tickets + + --ss _p_a_t_h, ----ssoocckkeett--ppaatthh==_p_a_t_h + path to kcm domain socket + + ----ddoooorr--ppaatthh==_p_a_t_h + path to kcm door socket + + --SS _p_r_i_n_c_i_p_a_l, ----sseerrvveerr==_p_r_i_n_c_i_p_a_l + server to get system ticket for + + --tt _k_e_y_t_a_b, ----kkeeyyttaabb==_k_e_y_t_a_b + system keytab name + + --uu _u_s_e_r, ----uusseerr==_u_s_e_r + system cache owner + + --vv, ----vveerrssiioonn + +Heimdal May 29, 2005 Heimdal diff --git a/kcm/kcm_locl.h b/kcm/kcm_locl.h index 75e55ee0b3f8..56bb7045b458 100644 --- a/kcm/kcm_locl.h +++ b/kcm/kcm_locl.h @@ -2,6 +2,8 @@ * Copyright (c) 2005, PADL Software Pty Ltd. * All rights reserved. * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -30,8 +32,8 @@ * SUCH DAMAGE. */ -/* - * $Id: kcm_locl.h 20470 2007-04-20 10:41:11Z lha $ +/* + * $Id$ */ #ifndef __KCM_LOCL_H__ @@ -65,30 +67,36 @@ struct kcm_ccache_data; struct kcm_creds; -typedef struct kcm_cursor { - pid_t pid; - uint32_t key; - struct kcm_creds *credp; /* pointer to next credential */ - struct kcm_cursor *next; -} kcm_cursor; +struct kcm_default_cache { + uid_t uid; + pid_t session; /* really au_asid_t */ + char *name; + struct kcm_default_cache *next; +}; + +extern struct kcm_default_cache *default_caches; + +struct kcm_creds { + kcmuuid_t uuid; + krb5_creds cred; + struct kcm_creds *next; +}; typedef struct kcm_ccache_data { char *name; + kcmuuid_t uuid; unsigned refcnt; uint16_t flags; uint16_t mode; uid_t uid; gid_t gid; + pid_t session; /* really au_asid_t */ krb5_principal client; /* primary client principal */ krb5_principal server; /* primary server principal (TGS if NULL) */ - struct kcm_creds { - krb5_creds cred; /* XXX would be useful for have ACLs on creds */ - struct kcm_creds *next; - } *creds; - uint32_t n_cursor; - kcm_cursor *cursors; + struct kcm_creds *creds; krb5_deltat tkt_life; krb5_deltat renew_life; + int32_t kdc_offset; union { krb5_keytab keytab; krb5_keyblock keyblock; @@ -138,6 +146,7 @@ typedef struct kcm_client { pid_t pid; uid_t uid; gid_t gid; + pid_t session; } kcm_client; #define CLIENT_IS_ROOT(client) ((client)->uid == 0) @@ -160,14 +169,20 @@ extern char *door_path; extern size_t max_request; extern sig_atomic_t exit_flag; extern int name_constraints; +#ifdef SUPPORT_DETACH extern int detach_from_console; +#endif +extern int launchd_flag; extern int disallow_getting_krbtgt; #if 0 extern const krb5_cc_ops krb5_kcmss_ops; #endif -#include +void kcm_service(void *, const heim_idata *, const heim_icred, + heim_ipc_complete, heim_sipc_call); + +#include #endif /* __KCM_LOCL_H__ */ diff --git a/kcm/log.c b/kcm/log.c index 351782eba87d..34f1bbf79015 100644 --- a/kcm/log.c +++ b/kcm/log.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997, 1998, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1998, 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kcm_locl.h" -RCSID("$Id: log.c 14566 2005-02-06 01:22:49Z lukeh $"); +RCSID("$Id$"); static krb5_log_facility *logf; diff --git a/kcm/main.c b/kcm/main.c index da88a2c653ce..2b3af2220392 100644 --- a/kcm/main.c +++ b/kcm/main.c @@ -1,44 +1,46 @@ /* - * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kcm_locl.h" -RCSID("$Id: main.c 15298 2005-05-30 10:58:14Z lha $"); +RCSID("$Id$"); sig_atomic_t exit_flag = 0; krb5_context kcm_context = NULL; +const char *service_name = "org.h5l.kcm"; + static RETSIGTYPE sigterm(int sig) { @@ -70,7 +72,7 @@ main(int argc, char **argv) } kcm_configure(argc, argv); - + #ifdef HAVE_SIGACTION { struct sigaction sa; @@ -98,10 +100,22 @@ main(int argc, char **argv) signal(SIGUSR2, sigusr2); signal(SIGPIPE, SIG_IGN); #endif +#ifdef SUPPORT_DETACH if (detach_from_console) daemon(0, 0); +#endif pidfile(NULL); - kcm_loop(); + + if (launchd_flag) { + heim_sipc mach; + heim_sipc_launchd_mach_init(service_name, kcm_service, NULL, &mach); + } else { + heim_sipc un; + heim_sipc_service_unix(service_name, kcm_service, NULL, &un); + } + + heim_ipc_main(); + krb5_free_context(kcm_context); return 0; } diff --git a/kcm/protocol.c b/kcm/protocol.c index bb3c6538f04c..0cf7157b7a71 100644 --- a/kcm/protocol.c +++ b/kcm/protocol.c @@ -2,6 +2,8 @@ * Copyright (c) 2005, PADL Software Pty Ltd. * All rights reserved. * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -31,8 +33,22 @@ */ #include "kcm_locl.h" +#include -RCSID("$Id: protocol.c 22112 2007-12-03 19:34:33Z lha $"); +static void +kcm_drop_default_cache(krb5_context context, kcm_client *client, char *name); + + +int +kcm_is_same_session(kcm_client *client, uid_t uid, pid_t session) +{ +#if 0 /* XXX pppd is running in diffrent session the user */ + if (session != -1) + return (client->session == session); + else +#endif + return (client->uid == uid); +} static krb5_error_code kcm_op_noop(krb5_context context, @@ -43,7 +59,7 @@ kcm_op_noop(krb5_context context, { KCM_LOG_REQUEST(context, client, opcode); - return 0; + return 0; } /* @@ -80,19 +96,19 @@ kcm_op_get_name(krb5_context context, ret = krb5_store_stringz(response, ccache->name); if (ret) { - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); free(name); return ret; } free(name); - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); return 0; } /* * Request: - * + * * Response: * NameZ */ @@ -123,9 +139,9 @@ kcm_op_gen_new(krb5_context context, * Request: * NameZ * Principal - * + * * Response: - * + * */ static krb5_error_code kcm_op_initialize(krb5_context context, @@ -181,7 +197,7 @@ kcm_op_initialize(krb5_context context, ret = kcm_enqueue_event_relative(context, &event); #endif - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); return ret; } @@ -189,9 +205,9 @@ kcm_op_initialize(krb5_context context, /* * Request: * NameZ - * + * * Response: - * + * */ static krb5_error_code kcm_op_destroy(krb5_context context, @@ -210,6 +226,8 @@ kcm_op_destroy(krb5_context context, KCM_LOG_REQUEST_NAME(context, client, opcode, name); ret = kcm_ccache_destroy_client(context, client, name); + if (ret == 0) + kcm_drop_default_cache(context, client, name); free(name); @@ -220,9 +238,9 @@ kcm_op_destroy(krb5_context context, * Request: * NameZ * Creds - * + * * Response: - * + * */ static krb5_error_code kcm_op_store(krb5_context context, @@ -260,14 +278,14 @@ kcm_op_store(krb5_context context, if (ret) { free(name); krb5_free_cred_contents(context, &creds); - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); return ret; } kcm_ccache_enqueue_default(context, ccache, &creds); free(name); - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); return 0; } @@ -280,7 +298,7 @@ kcm_op_store(krb5_context context, * * Response: * Creds - * + * */ static krb5_error_code kcm_op_retrieve(krb5_context context, @@ -334,7 +352,8 @@ kcm_op_retrieve(krb5_context context, ret = kcm_ccache_retrieve_cred(context, ccache, flags, &mcreds, &credp); - if (ret && ((flags & KRB5_GC_CACHED) == 0)) { + if (ret && ((flags & KRB5_GC_CACHED) == 0) && + !krb5_is_config_principal(context, mcreds.server)) { krb5_ccache_data ccdata; /* try and acquire */ @@ -357,7 +376,7 @@ kcm_op_retrieve(krb5_context context, free(name); krb5_free_cred_contents(context, &mcreds); - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); if (free_creds) krb5_free_cred_contents(context, credp); @@ -402,7 +421,7 @@ kcm_op_get_principal(krb5_context context, ret = krb5_store_principal(response, ccache->client); free(name); - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); return 0; } @@ -412,19 +431,19 @@ kcm_op_get_principal(krb5_context context, * NameZ * * Response: - * Cursor - * + * UUIDs + * */ static krb5_error_code -kcm_op_get_first(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) +kcm_op_get_cred_uuid_list(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) { + struct kcm_creds *creds; krb5_error_code ret; kcm_ccache ccache; - uint32_t cursor; char *name; ret = krb5_ret_stringz(request, &name); @@ -435,22 +454,20 @@ kcm_op_get_first(krb5_context context, ret = kcm_ccache_resolve_client(context, client, opcode, name, &ccache); - if (ret) { - free(name); - return ret; - } - - ret = kcm_cursor_new(context, client->pid, ccache, &cursor); - if (ret) { - kcm_release_ccache(context, &ccache); - free(name); - return ret; - } - - ret = krb5_store_int32(response, cursor); - free(name); - kcm_release_ccache(context, &ccache); + if (ret) + return ret; + + for (creds = ccache->creds ; creds ; creds = creds->next) { + ssize_t sret; + sret = krb5_storage_write(response, &creds->uuid, sizeof(creds->uuid)); + if (sret != sizeof(creds->uuid)) { + ret = ENOMEM; + break; + } + } + + kcm_release_ccache(context, ccache); return ret; } @@ -464,17 +481,18 @@ kcm_op_get_first(krb5_context context, * Creds */ static krb5_error_code -kcm_op_get_next(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) +kcm_op_get_cred_by_uuid(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) { krb5_error_code ret; kcm_ccache ccache; char *name; - uint32_t cursor; - kcm_cursor *c; + struct kcm_creds *c; + kcmuuid_t uuid; + ssize_t sret; ret = krb5_ret_stringz(request, &name); if (ret) @@ -482,84 +500,30 @@ kcm_op_get_next(krb5_context context, KCM_LOG_REQUEST_NAME(context, client, opcode, name); - ret = krb5_ret_uint32(request, &cursor); - if (ret) { - free(name); - return ret; - } - ret = kcm_ccache_resolve_client(context, client, opcode, name, &ccache); - if (ret) { - free(name); + free(name); + if (ret) return ret; + + sret = krb5_storage_read(request, &uuid, sizeof(uuid)); + if (sret != sizeof(uuid)) { + kcm_release_ccache(context, ccache); + krb5_clear_error_message(context); + return KRB5_CC_IO; } - ret = kcm_cursor_find(context, client->pid, ccache, cursor, &c); - if (ret) { - kcm_release_ccache(context, &ccache); - free(name); - return ret; + c = kcm_ccache_find_cred_uuid(context, ccache, uuid); + if (c == NULL) { + kcm_release_ccache(context, ccache); + return KRB5_CC_END; } HEIMDAL_MUTEX_lock(&ccache->mutex); - if (c->credp == NULL) { - ret = KRB5_CC_END; - } else { - ret = krb5_store_creds(response, &c->credp->cred); - c->credp = c->credp->next; - } + ret = krb5_store_creds(response, &c->cred); HEIMDAL_MUTEX_unlock(&ccache->mutex); - free(name); - kcm_release_ccache(context, &ccache); - - return ret; -} - -/* - * Request: - * NameZ - * Cursor - * - * Response: - * - */ -static krb5_error_code -kcm_op_end_get(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - krb5_error_code ret; - kcm_ccache ccache; - uint32_t cursor; - char *name; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = krb5_ret_uint32(request, &cursor); - if (ret) { - free(name); - return ret; - } - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - free(name); - return ret; - } - - ret = kcm_cursor_delete(context, client->pid, ccache, cursor); - - free(name); - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); return ret; } @@ -571,7 +535,7 @@ kcm_op_end_get(krb5_context context, * MatchCreds * * Response: - * + * */ static krb5_error_code kcm_op_remove_cred(krb5_context context, @@ -618,7 +582,7 @@ kcm_op_remove_cred(krb5_context context, free(name); krb5_free_cred_contents(context, &mcreds); - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); return ret; } @@ -629,7 +593,7 @@ kcm_op_remove_cred(krb5_context context, * Flags * * Response: - * + * */ static krb5_error_code kcm_op_set_flags(krb5_context context, @@ -664,7 +628,7 @@ kcm_op_set_flags(krb5_context context, /* we don't really support any flags yet */ free(name); - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); return 0; } @@ -676,7 +640,7 @@ kcm_op_set_flags(krb5_context context, * GID * * Response: - * + * */ static krb5_error_code kcm_op_chown(krb5_context context, @@ -719,7 +683,7 @@ kcm_op_chown(krb5_context context, ret = kcm_chown(context, client, ccache, uid, gid); free(name); - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); return ret; } @@ -730,7 +694,7 @@ kcm_op_chown(krb5_context context, * Mode * * Response: - * + * */ static krb5_error_code kcm_op_chmod(krb5_context context, @@ -766,7 +730,7 @@ kcm_op_chmod(krb5_context context, ret = kcm_chmod(context, client, ccache, mode); free(name); - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); return ret; } @@ -863,7 +827,7 @@ kcm_op_get_initial_ticket(krb5_context context, krb5_free_keyblock(context, &key); } - kcm_release_ccache(context, &ccache); + kcm_release_ccache(context, ccache); return ret; } @@ -926,7 +890,7 @@ kcm_op_get_ticket(krb5_context context, free(name); return ret; } - + HEIMDAL_MUTEX_lock(&ccache->mutex); /* Fake up an internal ccache */ @@ -942,14 +906,796 @@ kcm_op_get_ticket(krb5_context context, HEIMDAL_MUTEX_unlock(&ccache->mutex); + krb5_free_principal(context, server); + if (ret == 0) krb5_free_cred_contents(context, out); + kcm_release_ccache(context, ccache); free(name); return ret; } +/* + * Request: + * OldNameZ + * NewNameZ + * + * Repsonse: + * + */ +static krb5_error_code +kcm_op_move_cache(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) +{ + krb5_error_code ret; + kcm_ccache oldid, newid; + char *oldname, *newname; + + ret = krb5_ret_stringz(request, &oldname); + if (ret) + return ret; + + KCM_LOG_REQUEST_NAME(context, client, opcode, oldname); + + ret = krb5_ret_stringz(request, &newname); + if (ret) { + free(oldname); + return ret; + } + + /* move to ourself is simple, done! */ + if (strcmp(oldname, newname) == 0) { + free(oldname); + free(newname); + return 0; + } + + ret = kcm_ccache_resolve_client(context, client, opcode, oldname, &oldid); + if (ret) { + free(oldname); + free(newname); + return ret; + } + + /* Check if new credential cache exists, if not create one. */ + ret = kcm_ccache_resolve_client(context, client, opcode, newname, &newid); + if (ret == KRB5_FCC_NOFILE) + ret = kcm_ccache_new_client(context, client, newname, &newid); + free(newname); + + if (ret) { + free(oldname); + kcm_release_ccache(context, oldid); + return ret; + } + + HEIMDAL_MUTEX_lock(&oldid->mutex); + HEIMDAL_MUTEX_lock(&newid->mutex); + + /* move content */ + { + kcm_ccache_data tmp; + +#define MOVE(n,o,f) { tmp.f = n->f ; n->f = o->f; o->f = tmp.f; } + + MOVE(newid, oldid, flags); + MOVE(newid, oldid, client); + MOVE(newid, oldid, server); + MOVE(newid, oldid, creds); + MOVE(newid, oldid, tkt_life); + MOVE(newid, oldid, renew_life); + MOVE(newid, oldid, key); + MOVE(newid, oldid, kdc_offset); +#undef MOVE + } + + HEIMDAL_MUTEX_unlock(&oldid->mutex); + HEIMDAL_MUTEX_unlock(&newid->mutex); + + kcm_release_ccache(context, oldid); + kcm_release_ccache(context, newid); + + ret = kcm_ccache_destroy_client(context, client, oldname); + if (ret == 0) + kcm_drop_default_cache(context, client, oldname); + + free(oldname); + + return ret; +} + +static krb5_error_code +kcm_op_get_cache_uuid_list(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) +{ + KCM_LOG_REQUEST(context, client, opcode); + + return kcm_ccache_get_uuids(context, client, opcode, response); +} + +static krb5_error_code +kcm_op_get_cache_by_uuid(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) +{ + krb5_error_code ret; + kcmuuid_t uuid; + ssize_t sret; + kcm_ccache cache; + + KCM_LOG_REQUEST(context, client, opcode); + + sret = krb5_storage_read(request, &uuid, sizeof(uuid)); + if (sret != sizeof(uuid)) { + krb5_clear_error_message(context); + return KRB5_CC_IO; + } + + ret = kcm_ccache_resolve_by_uuid(context, uuid, &cache); + if (ret) + return ret; + + ret = kcm_access(context, client, opcode, cache); + if (ret) + ret = KRB5_FCC_NOFILE; + + if (ret == 0) + ret = krb5_store_stringz(response, cache->name); + + kcm_release_ccache(context, cache); + + return ret; +} + +struct kcm_default_cache *default_caches; + +static krb5_error_code +kcm_op_get_default_cache(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) +{ + struct kcm_default_cache *c; + krb5_error_code ret; + const char *name = NULL; + char *n = NULL; + + KCM_LOG_REQUEST(context, client, opcode); + + for (c = default_caches; c != NULL; c = c->next) { + if (kcm_is_same_session(client, c->uid, c->session)) { + name = c->name; + break; + } + } + if (name == NULL) + name = n = kcm_ccache_first_name(client); + + if (name == NULL) { + asprintf(&n, "%d", (int)client->uid); + name = n; + } + if (name == NULL) + return ENOMEM; + ret = krb5_store_stringz(response, name); + if (n) + free(n); + return ret; +} + +static void +kcm_drop_default_cache(krb5_context context, kcm_client *client, char *name) +{ + struct kcm_default_cache **c; + + for (c = &default_caches; *c != NULL; c = &(*c)->next) { + if (!kcm_is_same_session(client, (*c)->uid, (*c)->session)) + continue; + if (strcmp((*c)->name, name) == 0) { + struct kcm_default_cache *h = *c; + *c = (*c)->next; + free(h->name); + free(h); + break; + } + } +} + +static krb5_error_code +kcm_op_set_default_cache(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) +{ + struct kcm_default_cache *c; + krb5_error_code ret; + char *name; + + ret = krb5_ret_stringz(request, &name); + if (ret) + return ret; + + KCM_LOG_REQUEST_NAME(context, client, opcode, name); + + for (c = default_caches; c != NULL; c = c->next) { + if (kcm_is_same_session(client, c->uid, c->session)) + break; + } + if (c == NULL) { + c = malloc(sizeof(*c)); + if (c == NULL) + return ENOMEM; + c->session = client->session; + c->uid = client->uid; + c->name = strdup(name); + + c->next = default_caches; + default_caches = c; + } else { + free(c->name); + c->name = strdup(name); + } + + return 0; +} + +static krb5_error_code +kcm_op_get_kdc_offset(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) +{ + krb5_error_code ret; + kcm_ccache ccache; + char *name; + + ret = krb5_ret_stringz(request, &name); + if (ret) + return ret; + + KCM_LOG_REQUEST_NAME(context, client, opcode, name); + + ret = kcm_ccache_resolve_client(context, client, opcode, name, &ccache); + free(name); + if (ret) + return ret; + + HEIMDAL_MUTEX_lock(&ccache->mutex); + ret = krb5_store_int32(response, ccache->kdc_offset); + HEIMDAL_MUTEX_unlock(&ccache->mutex); + + kcm_release_ccache(context, ccache); + + return ret; +} + +static krb5_error_code +kcm_op_set_kdc_offset(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) +{ + krb5_error_code ret; + kcm_ccache ccache; + int32_t offset; + char *name; + + ret = krb5_ret_stringz(request, &name); + if (ret) + return ret; + + KCM_LOG_REQUEST_NAME(context, client, opcode, name); + + ret = krb5_ret_int32(request, &offset); + if (ret) { + free(name); + return ret; + } + + ret = kcm_ccache_resolve_client(context, client, opcode, name, &ccache); + free(name); + if (ret) + return ret; + + HEIMDAL_MUTEX_lock(&ccache->mutex); + ccache->kdc_offset = offset; + HEIMDAL_MUTEX_unlock(&ccache->mutex); + + kcm_release_ccache(context, ccache); + + return ret; +} + +struct kcm_ntlm_cred { + kcmuuid_t uuid; + char *user; + char *domain; + krb5_data nthash; + uid_t uid; + pid_t session; + struct kcm_ntlm_cred *next; +}; + +static struct kcm_ntlm_cred *ntlm_head; + +static void +free_cred(struct kcm_ntlm_cred *cred) +{ + free(cred->user); + free(cred->domain); + krb5_data_free(&cred->nthash); + free(cred); +} + + +/* + * name + * domain + * ntlm hash + * + * Reply: + * uuid + */ + +static struct kcm_ntlm_cred * +find_ntlm_cred(const char *user, const char *domain, kcm_client *client) +{ + struct kcm_ntlm_cred *c; + + for (c = ntlm_head; c != NULL; c = c->next) + if ((user[0] == '\0' || strcmp(user, c->user) == 0) && + (domain == NULL || strcmp(domain, c->domain) == 0) && + kcm_is_same_session(client, c->uid, c->session)) + return c; + + return NULL; +} + +static krb5_error_code +kcm_op_add_ntlm_cred(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) +{ + struct kcm_ntlm_cred *cred, *c; + krb5_error_code ret; + + cred = calloc(1, sizeof(*cred)); + if (cred == NULL) + return ENOMEM; + + RAND_bytes(cred->uuid, sizeof(cred->uuid)); + + ret = krb5_ret_stringz(request, &cred->user); + if (ret) + goto error; + + ret = krb5_ret_stringz(request, &cred->domain); + if (ret) + goto error; + + ret = krb5_ret_data(request, &cred->nthash); + if (ret) + goto error; + + /* search for dups */ + c = find_ntlm_cred(cred->user, cred->domain, client); + if (c) { + krb5_data hash = c->nthash; + c->nthash = cred->nthash; + cred->nthash = hash; + free_cred(cred); + cred = c; + } else { + cred->next = ntlm_head; + ntlm_head = cred; + } + + cred->uid = client->uid; + cred->session = client->session; + + /* write response */ + (void)krb5_storage_write(response, &cred->uuid, sizeof(cred->uuid)); + + return 0; + + error: + free_cred(cred); + + return ret; +} + +/* + * { "HAVE_NTLM_CRED", NULL }, + * + * input: + * name + * domain + */ + +static krb5_error_code +kcm_op_have_ntlm_cred(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) +{ + struct kcm_ntlm_cred *c; + char *user = NULL, *domain = NULL; + krb5_error_code ret; + + ret = krb5_ret_stringz(request, &user); + if (ret) + goto error; + + ret = krb5_ret_stringz(request, &domain); + if (ret) + goto error; + + if (domain[0] == '\0') { + free(domain); + domain = NULL; + } + + c = find_ntlm_cred(user, domain, client); + if (c == NULL) + ret = ENOENT; + + error: + free(user); + if (domain) + free(domain); + + return ret; +} + +/* + * { "DEL_NTLM_CRED", NULL }, + * + * input: + * name + * domain + */ + +static krb5_error_code +kcm_op_del_ntlm_cred(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) +{ + struct kcm_ntlm_cred **cp, *c; + char *user = NULL, *domain = NULL; + krb5_error_code ret; + + ret = krb5_ret_stringz(request, &user); + if (ret) + goto error; + + ret = krb5_ret_stringz(request, &domain); + if (ret) + goto error; + + for (cp = &ntlm_head; *cp != NULL; cp = &(*cp)->next) { + if (strcmp(user, (*cp)->user) == 0 && strcmp(domain, (*cp)->domain) == 0 && + kcm_is_same_session(client, (*cp)->uid, (*cp)->session)) + { + c = *cp; + *cp = c->next; + + free_cred(c); + break; + } + } + + error: + free(user); + free(domain); + + return ret; +} + +/* + * { "DO_NTLM_AUTH", NULL }, + * + * input: + * name:string + * domain:string + * type2:data + * + * reply: + * type3:data + * flags:int32 + * session-key:data + */ + +#define NTLM_FLAG_SESSIONKEY 1 +#define NTLM_FLAG_NTLM2_SESSION 2 +#define NTLM_FLAG_KEYEX 4 + +static krb5_error_code +kcm_op_do_ntlm(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) +{ + struct kcm_ntlm_cred *c; + struct ntlm_type2 type2; + struct ntlm_type3 type3; + char *user = NULL, *domain = NULL; + struct ntlm_buf ndata, sessionkey; + krb5_data data; + krb5_error_code ret; + uint32_t flags = 0; + + memset(&type2, 0, sizeof(type2)); + memset(&type3, 0, sizeof(type3)); + sessionkey.data = NULL; + sessionkey.length = 0; + + ret = krb5_ret_stringz(request, &user); + if (ret) + goto error; + + ret = krb5_ret_stringz(request, &domain); + if (ret) + goto error; + + if (domain[0] == '\0') { + free(domain); + domain = NULL; + } + + c = find_ntlm_cred(user, domain, client); + if (c == NULL) { + ret = EINVAL; + goto error; + } + + ret = krb5_ret_data(request, &data); + if (ret) + goto error; + + ndata.data = data.data; + ndata.length = data.length; + + ret = heim_ntlm_decode_type2(&ndata, &type2); + krb5_data_free(&data); + if (ret) + goto error; + + if (domain && strcmp(domain, type2.targetname) == 0) { + ret = EINVAL; + goto error; + } + + type3.username = c->user; + type3.flags = type2.flags; + type3.targetname = type2.targetname; + type3.ws = rk_UNCONST("workstation"); + + /* + * NTLM Version 1 if no targetinfo buffer. + */ + + if (1 || type2.targetinfo.length == 0) { + struct ntlm_buf sessionkey; + + if (type2.flags & NTLM_NEG_NTLM2_SESSION) { + unsigned char nonce[8]; + + if (RAND_bytes(nonce, sizeof(nonce)) != 1) { + ret = EINVAL; + goto error; + } + + ret = heim_ntlm_calculate_ntlm2_sess(nonce, + type2.challenge, + c->nthash.data, + &type3.lm, + &type3.ntlm); + } else { + ret = heim_ntlm_calculate_ntlm1(c->nthash.data, + c->nthash.length, + type2.challenge, + &type3.ntlm); + + } + if (ret) + goto error; + + ret = heim_ntlm_build_ntlm1_master(c->nthash.data, + c->nthash.length, + &sessionkey, + &type3.sessionkey); + if (ret) { + if (type3.lm.data) + free(type3.lm.data); + if (type3.ntlm.data) + free(type3.ntlm.data); + goto error; + } + + free(sessionkey.data); + if (ret) { + if (type3.lm.data) + free(type3.lm.data); + if (type3.ntlm.data) + free(type3.ntlm.data); + goto error; + } + flags |= NTLM_FLAG_SESSIONKEY; +#if 0 + } else { + struct ntlm_buf sessionkey; + unsigned char ntlmv2[16]; + struct ntlm_targetinfo ti; + + /* verify infotarget */ + + ret = heim_ntlm_decode_targetinfo(&type2.targetinfo, 1, &ti); + if(ret) { + _gss_ntlm_delete_sec_context(minor_status, + context_handle, NULL); + *minor_status = ret; + return GSS_S_FAILURE; + } + + if (ti.domainname && strcmp(ti.domainname, name->domain) != 0) { + _gss_ntlm_delete_sec_context(minor_status, + context_handle, NULL); + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + ret = heim_ntlm_calculate_ntlm2(ctx->client->key.data, + ctx->client->key.length, + type3.username, + name->domain, + type2.challenge, + &type2.targetinfo, + ntlmv2, + &type3.ntlm); + if (ret) { + _gss_ntlm_delete_sec_context(minor_status, + context_handle, NULL); + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = heim_ntlm_build_ntlm1_master(ntlmv2, sizeof(ntlmv2), + &sessionkey, + &type3.sessionkey); + memset(ntlmv2, 0, sizeof(ntlmv2)); + if (ret) { + _gss_ntlm_delete_sec_context(minor_status, + context_handle, NULL); + *minor_status = ret; + return GSS_S_FAILURE; + } + + flags |= NTLM_FLAG_NTLM2_SESSION | + NTLM_FLAG_SESSION; + + if (type3.flags & NTLM_NEG_KEYEX) + flags |= NTLM_FLAG_KEYEX; + + ret = krb5_data_copy(&ctx->sessionkey, + sessionkey.data, sessionkey.length); + free(sessionkey.data); + if (ret) { + _gss_ntlm_delete_sec_context(minor_status, + context_handle, NULL); + *minor_status = ret; + return GSS_S_FAILURE; + } +#endif + } + +#if 0 + if (flags & NTLM_FLAG_NTLM2_SESSION) { + _gss_ntlm_set_key(&ctx->u.v2.send, 0, (ctx->flags & NTLM_NEG_KEYEX), + ctx->sessionkey.data, + ctx->sessionkey.length); + _gss_ntlm_set_key(&ctx->u.v2.recv, 1, (ctx->flags & NTLM_NEG_KEYEX), + ctx->sessionkey.data, + ctx->sessionkey.length); + } else { + flags |= NTLM_FLAG_SESSION; + RC4_set_key(&ctx->u.v1.crypto_recv.key, + ctx->sessionkey.length, + ctx->sessionkey.data); + RC4_set_key(&ctx->u.v1.crypto_send.key, + ctx->sessionkey.length, + ctx->sessionkey.data); + } +#endif + + ret = heim_ntlm_encode_type3(&type3, &ndata); + if (ret) + goto error; + + data.data = ndata.data; + data.length = ndata.length; + ret = krb5_store_data(response, data); + heim_ntlm_free_buf(&ndata); + if (ret) goto error; + + ret = krb5_store_int32(response, flags); + if (ret) goto error; + + data.data = sessionkey.data; + data.length = sessionkey.length; + + ret = krb5_store_data(response, data); + if (ret) goto error; + + error: + free(type3.username); + heim_ntlm_free_type2(&type2); + free(user); + if (domain) + free(domain); + + return ret; +} + + +/* + * { "GET_NTLM_UUID_LIST", NULL } + * + * reply: + * 1 user domain + * 0 [ end of list ] + */ + +static krb5_error_code +kcm_op_get_ntlm_user_list(krb5_context context, + kcm_client *client, + kcm_operation opcode, + krb5_storage *request, + krb5_storage *response) +{ + struct kcm_ntlm_cred *c; + krb5_error_code ret; + + for (c = ntlm_head; c != NULL; c = c->next) { + if (!kcm_is_same_session(client, c->uid, c->session)) + continue; + + ret = krb5_store_uint32(response, 1); + if (ret) + return ret; + ret = krb5_store_stringz(response, c->user); + if (ret) + return ret; + ret = krb5_store_stringz(response, c->domain); + if (ret) + return ret; + } + return krb5_store_uint32(response, 0); +} + +/* + * + */ + static struct kcm_op kcm_ops[] = { { "NOOP", kcm_op_noop }, { "GET_NAME", kcm_op_get_name }, @@ -960,19 +1706,31 @@ static struct kcm_op kcm_ops[] = { { "STORE", kcm_op_store }, { "RETRIEVE", kcm_op_retrieve }, { "GET_PRINCIPAL", kcm_op_get_principal }, - { "GET_FIRST", kcm_op_get_first }, - { "GET_NEXT", kcm_op_get_next }, - { "END_GET", kcm_op_end_get }, + { "GET_CRED_UUID_LIST", kcm_op_get_cred_uuid_list }, + { "GET_CRED_BY_UUID", kcm_op_get_cred_by_uuid }, { "REMOVE_CRED", kcm_op_remove_cred }, { "SET_FLAGS", kcm_op_set_flags }, { "CHOWN", kcm_op_chown }, { "CHMOD", kcm_op_chmod }, { "GET_INITIAL_TICKET", kcm_op_get_initial_ticket }, - { "GET_TICKET", kcm_op_get_ticket } + { "GET_TICKET", kcm_op_get_ticket }, + { "MOVE_CACHE", kcm_op_move_cache }, + { "GET_CACHE_UUID_LIST", kcm_op_get_cache_uuid_list }, + { "GET_CACHE_BY_UUID", kcm_op_get_cache_by_uuid }, + { "GET_DEFAULT_CACHE", kcm_op_get_default_cache }, + { "SET_DEFAULT_CACHE", kcm_op_set_default_cache }, + { "GET_KDC_OFFSET", kcm_op_get_kdc_offset }, + { "SET_KDC_OFFSET", kcm_op_set_kdc_offset }, + { "ADD_NTLM_CRED", kcm_op_add_ntlm_cred }, + { "HAVE_USER_CRED", kcm_op_have_ntlm_cred }, + { "DEL_NTLM_CRED", kcm_op_del_ntlm_cred }, + { "DO_NTLM_AUTH", kcm_op_do_ntlm }, + { "GET_NTLM_USER_LIST", kcm_op_get_ntlm_user_list } }; -const char *kcm_op2string(kcm_operation opcode) +const char * +kcm_op2string(kcm_operation opcode) { if (opcode >= sizeof(kcm_ops)/sizeof(kcm_ops[0])) return "Unknown operation"; @@ -1024,6 +1782,12 @@ kcm_dispatch(krb5_context context, goto out; } method = kcm_ops[opcode].method; + if (method == NULL) { + kcm_log(0, "Process %d: operation code %s not implemented", + client->pid, kcm_op2string(opcode)); + ret = KRB5_FCC_INTERNAL; + goto out; + } /* seek past place for status code */ krb5_storage_seek(resp_sp, 4, SEEK_SET); diff --git a/kcm/renew.c b/kcm/renew.c index 945020913503..ea06208f3e86 100644 --- a/kcm/renew.c +++ b/kcm/renew.c @@ -32,7 +32,7 @@ #include "kcm_locl.h" -RCSID("$Id: renew.c 14566 2005-02-06 01:22:49Z lukeh $"); +RCSID("$Id$"); krb5_error_code kcm_ccache_refresh(krb5_context context, diff --git a/kcm/sessions.c b/kcm/sessions.c new file mode 100644 index 000000000000..c44e48c5b00d --- /dev/null +++ b/kcm/sessions.c @@ -0,0 +1,83 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kcm_locl.h" + +#if 0 +#include +#endif + +void +kcm_session_add(pid_t session_id) +{ + kcm_log(1, "monitor session: %d\n", session_id); +} + +void +kcm_session_setup_handler(void) +{ +#if 0 + au_sdev_handle_t *h; + dispatch_queue_t bgq; + + h = au_sdev_open(AU_SDEVF_ALLSESSIONS); + if (h == NULL) + return; + + bgq = dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_LOW, 0); + + dispatch_async(bgq, ^{ + for (;;) { + auditinfo_addr_t aio; + int event; + + if (au_sdev_read_aia(h, &event, &aio) != 0) + continue; + + /* + * Ignore everything but END. This should relly be + * CLOSE but since that is delayed until the credential + * is reused, we can't do that + * */ + if (event != AUE_SESSION_END) + continue; + + dispatch_async(dispatch_get_main_queue(), ^{ + kcm_cache_remove_session(aio.ai_asid); + }); + } + }); +#endif +} diff --git a/kdc/524.c b/kdc/524.c deleted file mode 100644 index 3e4ad292537b..000000000000 --- a/kdc/524.c +++ /dev/null @@ -1,400 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: 524.c 18270 2006-10-06 17:06:30Z lha $"); - -#include - -/* - * fetch the server from `t', returning the name in malloced memory in - * `spn' and the entry itself in `server' - */ - -static krb5_error_code -fetch_server (krb5_context context, - krb5_kdc_configuration *config, - const Ticket *t, - char **spn, - hdb_entry_ex **server, - const char *from) -{ - krb5_error_code ret; - krb5_principal sprinc; - - ret = _krb5_principalname2krb5_principal(context, &sprinc, - t->sname, t->realm); - if (ret) { - kdc_log(context, config, 0, "_krb5_principalname2krb5_principal: %s", - krb5_get_err_text(context, ret)); - return ret; - } - ret = krb5_unparse_name(context, sprinc, spn); - if (ret) { - krb5_free_principal(context, sprinc); - kdc_log(context, config, 0, "krb5_unparse_name: %s", - krb5_get_err_text(context, ret)); - return ret; - } - ret = _kdc_db_fetch(context, config, sprinc, HDB_F_GET_SERVER, - NULL, server); - krb5_free_principal(context, sprinc); - if (ret) { - kdc_log(context, config, 0, - "Request to convert ticket from %s for unknown principal %s: %s", - from, *spn, krb5_get_err_text(context, ret)); - if (ret == HDB_ERR_NOENTRY) - ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN; - return ret; - } - return 0; -} - -static krb5_error_code -log_524 (krb5_context context, - krb5_kdc_configuration *config, - const EncTicketPart *et, - const char *from, - const char *spn) -{ - krb5_principal client; - char *cpn; - krb5_error_code ret; - - ret = _krb5_principalname2krb5_principal(context, &client, - et->cname, et->crealm); - if (ret) { - kdc_log(context, config, 0, "_krb5_principalname2krb5_principal: %s", - krb5_get_err_text (context, ret)); - return ret; - } - ret = krb5_unparse_name(context, client, &cpn); - if (ret) { - krb5_free_principal(context, client); - kdc_log(context, config, 0, "krb5_unparse_name: %s", - krb5_get_err_text (context, ret)); - return ret; - } - kdc_log(context, config, 1, "524-REQ %s from %s for %s", cpn, from, spn); - free(cpn); - krb5_free_principal(context, client); - return 0; -} - -static krb5_error_code -verify_flags (krb5_context context, - krb5_kdc_configuration *config, - const EncTicketPart *et, - const char *spn) -{ - if(et->endtime < kdc_time){ - kdc_log(context, config, 0, "Ticket expired (%s)", spn); - return KRB5KRB_AP_ERR_TKT_EXPIRED; - } - if(et->flags.invalid){ - kdc_log(context, config, 0, "Ticket not valid (%s)", spn); - return KRB5KRB_AP_ERR_TKT_NYV; - } - return 0; -} - -/* - * set the `et->caddr' to the most appropriate address to use, where - * `addr' is the address the request was received from. - */ - -static krb5_error_code -set_address (krb5_context context, - krb5_kdc_configuration *config, - EncTicketPart *et, - struct sockaddr *addr, - const char *from) -{ - krb5_error_code ret; - krb5_address *v4_addr; - - v4_addr = malloc (sizeof(*v4_addr)); - if (v4_addr == NULL) - return ENOMEM; - - ret = krb5_sockaddr2address(context, addr, v4_addr); - if(ret) { - free (v4_addr); - kdc_log(context, config, 0, "Failed to convert address (%s)", from); - return ret; - } - - if (et->caddr && !krb5_address_search (context, v4_addr, et->caddr)) { - kdc_log(context, config, 0, "Incorrect network address (%s)", from); - krb5_free_address(context, v4_addr); - free (v4_addr); - return KRB5KRB_AP_ERR_BADADDR; - } - if(v4_addr->addr_type == KRB5_ADDRESS_INET) { - /* we need to collapse the addresses in the ticket to a - single address; best guess is to use the address the - connection came from */ - - if (et->caddr != NULL) { - free_HostAddresses(et->caddr); - } else { - et->caddr = malloc (sizeof (*et->caddr)); - if (et->caddr == NULL) { - krb5_free_address(context, v4_addr); - free(v4_addr); - return ENOMEM; - } - } - et->caddr->val = v4_addr; - et->caddr->len = 1; - } else { - krb5_free_address(context, v4_addr); - free(v4_addr); - } - return 0; -} - - -static krb5_error_code -encrypt_v4_ticket(krb5_context context, - krb5_kdc_configuration *config, - void *buf, - size_t len, - krb5_keyblock *skey, - EncryptedData *reply) -{ - krb5_crypto crypto; - krb5_error_code ret; - ret = krb5_crypto_init(context, skey, ETYPE_DES_PCBC_NONE, &crypto); - if (ret) { - free(buf); - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); - return ret; - } - - ret = krb5_encrypt_EncryptedData(context, - crypto, - KRB5_KU_TICKET, - buf, - len, - 0, - reply); - krb5_crypto_destroy(context, crypto); - if(ret) { - kdc_log(context, config, 0, "Failed to encrypt data: %s", - krb5_get_err_text(context, ret)); - return ret; - } - return 0; -} - -static krb5_error_code -encode_524_response(krb5_context context, - krb5_kdc_configuration *config, - const char *spn, const EncTicketPart et, - const Ticket *t, hdb_entry_ex *server, - EncryptedData *ticket, int *kvno) -{ - krb5_error_code ret; - int use_2b; - size_t len; - - use_2b = krb5_config_get_bool(context, NULL, "kdc", "use_2b", spn, NULL); - if(use_2b) { - ASN1_MALLOC_ENCODE(EncryptedData, - ticket->cipher.data, ticket->cipher.length, - &t->enc_part, &len, ret); - - if (ret) { - kdc_log(context, config, 0, - "Failed to encode v4 (2b) ticket (%s)", spn); - return ret; - } - - ticket->etype = 0; - ticket->kvno = NULL; - *kvno = 213; /* 2b's use this magic kvno */ - } else { - unsigned char buf[MAX_KTXT_LEN + 4 * 4]; - Key *skey; - - if (!config->enable_v4_cross_realm && strcmp (et.crealm, t->realm) != 0) { - kdc_log(context, config, 0, "524 cross-realm %s -> %s disabled", et.crealm, - t->realm); - return KRB5KDC_ERR_POLICY; - } - - ret = _kdc_encode_v4_ticket(context, config, - buf + sizeof(buf) - 1, sizeof(buf), - &et, &t->sname, &len); - if(ret){ - kdc_log(context, config, 0, - "Failed to encode v4 ticket (%s)", spn); - return ret; - } - ret = _kdc_get_des_key(context, server, TRUE, FALSE, &skey); - if(ret){ - kdc_log(context, config, 0, - "no suitable DES key for server (%s)", spn); - return ret; - } - ret = encrypt_v4_ticket(context, config, buf + sizeof(buf) - len, len, - &skey->key, ticket); - if(ret){ - kdc_log(context, config, 0, - "Failed to encrypt v4 ticket (%s)", spn); - return ret; - } - *kvno = server->entry.kvno; - } - - return 0; -} - -/* - * process a 5->4 request, based on `t', and received `from, addr', - * returning the reply in `reply' - */ - -krb5_error_code -_kdc_do_524(krb5_context context, - krb5_kdc_configuration *config, - const Ticket *t, krb5_data *reply, - const char *from, struct sockaddr *addr) -{ - krb5_error_code ret = 0; - krb5_crypto crypto; - hdb_entry_ex *server = NULL; - Key *skey; - krb5_data et_data; - EncTicketPart et; - EncryptedData ticket; - krb5_storage *sp; - char *spn = NULL; - unsigned char buf[MAX_KTXT_LEN + 4 * 4]; - size_t len; - int kvno = 0; - - if(!config->enable_524) { - ret = KRB5KDC_ERR_POLICY; - kdc_log(context, config, 0, - "Rejected ticket conversion request from %s", from); - goto out; - } - - ret = fetch_server (context, config, t, &spn, &server, from); - if (ret) { - goto out; - } - - ret = hdb_enctype2key(context, &server->entry, t->enc_part.etype, &skey); - if(ret){ - kdc_log(context, config, 0, - "No suitable key found for server (%s) from %s", spn, from); - goto out; - } - ret = krb5_crypto_init(context, &skey->key, 0, &crypto); - if (ret) { - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); - goto out; - } - ret = krb5_decrypt_EncryptedData (context, - crypto, - KRB5_KU_TICKET, - &t->enc_part, - &et_data); - krb5_crypto_destroy(context, crypto); - if(ret){ - kdc_log(context, config, 0, - "Failed to decrypt ticket from %s for %s", from, spn); - goto out; - } - ret = krb5_decode_EncTicketPart(context, et_data.data, et_data.length, - &et, &len); - krb5_data_free(&et_data); - if(ret){ - kdc_log(context, config, 0, - "Failed to decode ticket from %s for %s", from, spn); - goto out; - } - - ret = log_524 (context, config, &et, from, spn); - if (ret) { - free_EncTicketPart(&et); - goto out; - } - - ret = verify_flags (context, config, &et, spn); - if (ret) { - free_EncTicketPart(&et); - goto out; - } - - ret = set_address (context, config, &et, addr, from); - if (ret) { - free_EncTicketPart(&et); - goto out; - } - - ret = encode_524_response(context, config, spn, et, t, - server, &ticket, &kvno); - free_EncTicketPart(&et); - - out: - /* make reply */ - memset(buf, 0, sizeof(buf)); - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp) { - krb5_store_int32(sp, ret); - if(ret == 0){ - krb5_store_int32(sp, kvno); - krb5_store_data(sp, ticket.cipher); - /* Aargh! This is coded as a KTEXT_ST. */ - krb5_storage_seek(sp, MAX_KTXT_LEN - ticket.cipher.length, SEEK_CUR); - krb5_store_int32(sp, 0); /* mbz */ - free_EncryptedData(&ticket); - } - ret = krb5_storage_to_data(sp, reply); - reply->length = krb5_storage_seek(sp, 0, SEEK_CUR); - krb5_storage_free(sp); - } else - krb5_data_zero(reply); - if(spn) - free(spn); - if(server) - _kdc_free_ent (context, server); - return ret; -} diff --git a/kdc/Makefile.am b/kdc/Makefile.am index ff20bde9c572..5ef3cbec5d98 100644 --- a/kdc/Makefile.am +++ b/kdc/Makefile.am @@ -1,8 +1,8 @@ -# $Id: Makefile.am 22489 2008-01-21 11:49:06Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -AM_CPPFLAGS += $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 +AM_CPPFLAGS += $(INCLUDE_libintl) $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 lib_LTLIBRARIES = libkdc.la @@ -10,21 +10,25 @@ bin_PROGRAMS = string2key sbin_PROGRAMS = kstash -libexec_PROGRAMS = hprop hpropd kdc +libexec_PROGRAMS = hprop hpropd kdc digest-service noinst_PROGRAMS = kdc-replay man_MANS = kdc.8 kstash.8 hprop.8 hpropd.8 string2key.8 -hprop_SOURCES = hprop.c mit_dump.c v4_dump.c hprop.h kadb.h +hprop_SOURCES = hprop.c mit_dump.c hprop.h hpropd_SOURCES = hpropd.c hprop.h kstash_SOURCES = kstash.c headers.h string2key_SOURCES = string2key.c headers.h +digest_service_SOURCES = \ + digest-service.c + kdc_SOURCES = connect.c \ config.c \ + announce.c \ main.c libkdc_la_SOURCES = \ @@ -39,9 +43,6 @@ libkdc_la_SOURCES = \ pkinit.c \ log.c \ misc.c \ - 524.c \ - kerberos4.c \ - kaserver.c \ kx509.c \ process.c \ windc.c \ @@ -66,7 +67,6 @@ $(srcdir)/kdc-private.h: hprop_LDADD = \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_kdb) $(LIB_krb4) \ $(LIB_hcrypto) \ @@ -76,7 +76,6 @@ hprop_LDADD = \ hpropd_LDADD = \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_kdb) $(LIB_krb4) \ $(LIB_hcrypto) \ @@ -91,7 +90,6 @@ endif libkdc_la_LIBADD = \ $(LIB_pkinit) \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_kdb) $(LIB_krb4) \ $(top_builddir)/lib/ntlm/libheimntlm.la \ @@ -101,7 +99,6 @@ libkdc_la_LIBADD = \ $(DBLIB) LDADD = $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_krb4) \ $(LIB_hcrypto) \ @@ -109,14 +106,34 @@ LDADD = $(top_builddir)/lib/hdb/libhdb.la \ $(LIB_roken) \ $(DBLIB) -kdc_LDADD = libkdc.la $(LDADD) $(LIB_pidfile) -kdc_replay_LDADD = $(kdc_LDADD) +kdc_LDADD = libkdc.la $(LDADD) $(LIB_pidfile) $(CAPNG_LIBS) + +if FRAMEWORK_SECURITY +kdc_LDFLAGS = -framework SystemConfiguration -framework CoreFoundation +endif +kdc_CFLAGS = $(CAPNG_CFLAGS) + +digest_service_LDADD = \ + libkdc.la \ + $(top_builddir)/lib/ntlm/libheimntlm.la \ + $(top_builddir)/lib/ipc/libheim-ipcs.la \ + $(LDADD) $(LIB_pidfile) +kdc_replay_LDADD = libkdc.la $(LDADD) $(LIB_pidfile) include_HEADERS = kdc.h kdc-protos.h + krb5dir = $(includedir)/krb5 krb5_HEADERS = windc_plugin.h build_HEADERZ = $(krb5_HEADERS) # XXX -EXTRA_DIST = $(man_MANS) version-script.map +EXTRA_DIST = \ + hprop-version.rc \ + hpropd-version.rc \ + kdc-version.rc \ + kstash-version.rc \ + libkdc-version.rc \ + string2key-version.rc \ + libkdc-exports.def \ + NTMakefile $(man_MANS) version-script.map diff --git a/kdc/Makefile.in b/kdc/Makefile.in index d7e623afe7e3..57259cf151dd 100644 --- a/kdc/Makefile.in +++ b/kdc/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,18 +15,19 @@ @SET_MAKE@ -# $Id: Makefile.am 22489 2008-01-21 11:49:06Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,13 +47,14 @@ DIST_COMMON = $(include_HEADERS) $(krb5_HEADERS) $(srcdir)/Makefile.am \ $(top_srcdir)/cf/Makefile.am.common bin_PROGRAMS = string2key$(EXEEXT) sbin_PROGRAMS = kstash$(EXEEXT) -libexec_PROGRAMS = hprop$(EXEEXT) hpropd$(EXEEXT) kdc$(EXEEXT) +libexec_PROGRAMS = hprop$(EXEEXT) hpropd$(EXEEXT) kdc$(EXEEXT) \ + digest-service$(EXEEXT) noinst_PROGRAMS = kdc-replay$(EXEEXT) @versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map subdir = kdc ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -66,7 +69,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -80,9 +83,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -90,91 +96,108 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(sbindir)" \ "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(includedir)" \ "$(DESTDIR)$(krb5dir)" -libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) am__DEPENDENCIES_1 = libkdc_la_DEPENDENCIES = $(LIB_pkinit) \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/hdb/libhdb.la \ $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(top_builddir)/lib/ntlm/libheimntlm.la \ $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) am_libkdc_la_OBJECTS = default_config.lo set_dbinfo.lo digest.lo \ - kerberos5.lo krb5tgs.lo pkinit.lo log.lo misc.lo 524.lo \ - kerberos4.lo kaserver.lo kx509.lo process.lo windc.lo + kerberos5.lo krb5tgs.lo pkinit.lo log.lo misc.lo kx509.lo \ + process.lo windc.lo libkdc_la_OBJECTS = $(am_libkdc_la_OBJECTS) libkdc_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libkdc_la_LDFLAGS) $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) $(noinst_PROGRAMS) \ $(sbin_PROGRAMS) -am_hprop_OBJECTS = hprop.$(OBJEXT) mit_dump.$(OBJEXT) \ - v4_dump.$(OBJEXT) +am_digest_service_OBJECTS = digest-service.$(OBJEXT) +digest_service_OBJECTS = $(am_digest_service_OBJECTS) +am__DEPENDENCIES_2 = $(top_builddir)/lib/hdb/libhdb.la \ + $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +digest_service_DEPENDENCIES = libkdc.la \ + $(top_builddir)/lib/ntlm/libheimntlm.la \ + $(top_builddir)/lib/ipc/libheim-ipcs.la $(am__DEPENDENCIES_2) \ + $(am__DEPENDENCIES_1) +am_hprop_OBJECTS = hprop.$(OBJEXT) mit_dump.$(OBJEXT) hprop_OBJECTS = $(am_hprop_OBJECTS) hprop_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -am_hpropd_OBJECTS = hpropd.$(OBJEXT) -hpropd_OBJECTS = $(am_hpropd_OBJECTS) -hpropd_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -am_kdc_OBJECTS = connect.$(OBJEXT) config.$(OBJEXT) main.$(OBJEXT) -kdc_OBJECTS = $(am_kdc_OBJECTS) -am__DEPENDENCIES_2 = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ + $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) -kdc_DEPENDENCIES = libkdc.la $(am__DEPENDENCIES_2) \ +am_hpropd_OBJECTS = hpropd.$(OBJEXT) +hpropd_OBJECTS = $(am_hpropd_OBJECTS) +hpropd_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ + $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) +am_kdc_OBJECTS = kdc-connect.$(OBJEXT) kdc-config.$(OBJEXT) \ + kdc-announce.$(OBJEXT) kdc-main.$(OBJEXT) +kdc_OBJECTS = $(am_kdc_OBJECTS) +kdc_DEPENDENCIES = libkdc.la $(am__DEPENDENCIES_2) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +kdc_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(kdc_CFLAGS) $(CFLAGS) $(kdc_LDFLAGS) \ + $(LDFLAGS) -o $@ kdc_replay_SOURCES = kdc-replay.c kdc_replay_OBJECTS = kdc-replay.$(OBJEXT) -am__DEPENDENCIES_3 = libkdc.la $(am__DEPENDENCIES_2) \ +kdc_replay_DEPENDENCIES = libkdc.la $(am__DEPENDENCIES_2) \ $(am__DEPENDENCIES_1) -kdc_replay_DEPENDENCIES = $(am__DEPENDENCIES_3) am_kstash_OBJECTS = kstash.$(OBJEXT) kstash_OBJECTS = $(am_kstash_OBJECTS) kstash_LDADD = $(LDADD) kstash_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) + $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) am_string2key_OBJECTS = string2key.$(OBJEXT) string2key_OBJECTS = $(am_string2key_OBJECTS) string2key_LDADD = $(LDADD) string2key_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = + $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -184,16 +207,14 @@ CCLD = $(CC) LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ -SOURCES = $(libkdc_la_SOURCES) $(hprop_SOURCES) $(hpropd_SOURCES) \ - $(kdc_SOURCES) kdc-replay.c $(kstash_SOURCES) \ - $(string2key_SOURCES) -DIST_SOURCES = $(libkdc_la_SOURCES) $(hprop_SOURCES) $(hpropd_SOURCES) \ - $(kdc_SOURCES) kdc-replay.c $(kstash_SOURCES) \ - $(string2key_SOURCES) +SOURCES = $(libkdc_la_SOURCES) $(digest_service_SOURCES) \ + $(hprop_SOURCES) $(hpropd_SOURCES) $(kdc_SOURCES) kdc-replay.c \ + $(kstash_SOURCES) $(string2key_SOURCES) +DIST_SOURCES = $(libkdc_la_SOURCES) $(digest_service_SOURCES) \ + $(hprop_SOURCES) $(hpropd_SOURCES) $(kdc_SOURCES) kdc-replay.c \ + $(kstash_SOURCES) $(string2key_SOURCES) man8dir = $(mandir)/man8 MANS = $(man_MANS) -includeHEADERS_INSTALL = $(INSTALL_HEADER) -krb5HEADERS_INSTALL = $(INSTALL_HEADER) HEADERS = $(include_HEADERS) $(krb5_HEADERS) ETAGS = etags CTAGS = ctags @@ -202,49 +223,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -268,10 +298,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -288,6 +319,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -303,31 +336,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -342,10 +389,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -386,39 +435,48 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_libintl) $(INCLUDE_krb4) \ + $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la lib_LTLIBRARIES = libkdc.la man_MANS = kdc.8 kstash.8 hprop.8 hpropd.8 string2key.8 -hprop_SOURCES = hprop.c mit_dump.c v4_dump.c hprop.h kadb.h +hprop_SOURCES = hprop.c mit_dump.c hprop.h hpropd_SOURCES = hpropd.c hprop.h kstash_SOURCES = kstash.c headers.h string2key_SOURCES = string2key.c headers.h +digest_service_SOURCES = \ + digest-service.c + kdc_SOURCES = connect.c \ config.c \ + announce.c \ main.c libkdc_la_SOURCES = \ @@ -433,9 +491,6 @@ libkdc_la_SOURCES = \ pkinit.c \ log.c \ misc.c \ - 524.c \ - kerberos4.c \ - kaserver.c \ kx509.c \ process.c \ windc.c \ @@ -444,7 +499,6 @@ libkdc_la_SOURCES = \ libkdc_la_LDFLAGS = -version-info 2:0:0 $(am__append_1) hprop_LDADD = \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_kdb) $(LIB_krb4) \ $(LIB_hcrypto) \ @@ -454,7 +508,6 @@ hprop_LDADD = \ hpropd_LDADD = \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_kdb) $(LIB_krb4) \ $(LIB_hcrypto) \ @@ -466,7 +519,6 @@ hpropd_LDADD = \ libkdc_la_LIBADD = \ $(LIB_pkinit) \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_kdb) $(LIB_krb4) \ $(top_builddir)/lib/ntlm/libheimntlm.la \ @@ -476,7 +528,6 @@ libkdc_la_LIBADD = \ $(DBLIB) LDADD = $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_krb4) \ $(LIB_hcrypto) \ @@ -484,29 +535,46 @@ LDADD = $(top_builddir)/lib/hdb/libhdb.la \ $(LIB_roken) \ $(DBLIB) -kdc_LDADD = libkdc.la $(LDADD) $(LIB_pidfile) -kdc_replay_LDADD = $(kdc_LDADD) +kdc_LDADD = libkdc.la $(LDADD) $(LIB_pidfile) $(CAPNG_LIBS) +@FRAMEWORK_SECURITY_TRUE@kdc_LDFLAGS = -framework SystemConfiguration -framework CoreFoundation +kdc_CFLAGS = $(CAPNG_CFLAGS) +digest_service_LDADD = \ + libkdc.la \ + $(top_builddir)/lib/ntlm/libheimntlm.la \ + $(top_builddir)/lib/ipc/libheim-ipcs.la \ + $(LDADD) $(LIB_pidfile) + +kdc_replay_LDADD = libkdc.la $(LDADD) $(LIB_pidfile) include_HEADERS = kdc.h kdc-protos.h krb5dir = $(includedir)/krb5 krb5_HEADERS = windc_plugin.h build_HEADERZ = $(krb5_HEADERS) # XXX -EXTRA_DIST = $(man_MANS) version-script.map +EXTRA_DIST = \ + hprop-version.rc \ + hpropd-version.rc \ + kdc-version.rc \ + kstash-version.rc \ + libkdc-version.rc \ + string2key-version.rc \ + libkdc-exports.def \ + NTMakefile $(man_MANS) version-script.map + all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps kdc/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps kdc/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign kdc/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign kdc/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -524,23 +592,28 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -556,94 +629,144 @@ libkdc.la: $(libkdc_la_OBJECTS) $(libkdc_la_DEPENDENCIES) install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list install-sbinPROGRAMS: $(sbin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(sbindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(sbindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-sbinPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done + @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(sbindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(sbindir)" && rm -f $$files clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(sbin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +digest-service$(EXEEXT): $(digest_service_OBJECTS) $(digest_service_DEPENDENCIES) + @rm -f digest-service$(EXEEXT) + $(LINK) $(digest_service_OBJECTS) $(digest_service_LDADD) $(LIBS) hprop$(EXEEXT): $(hprop_OBJECTS) $(hprop_DEPENDENCIES) @rm -f hprop$(EXEEXT) $(LINK) $(hprop_OBJECTS) $(hprop_LDADD) $(LIBS) @@ -652,7 +775,7 @@ hpropd$(EXEEXT): $(hpropd_OBJECTS) $(hpropd_DEPENDENCIES) $(LINK) $(hpropd_OBJECTS) $(hpropd_LDADD) $(LIBS) kdc$(EXEEXT): $(kdc_OBJECTS) $(kdc_DEPENDENCIES) @rm -f kdc$(EXEEXT) - $(LINK) $(kdc_OBJECTS) $(kdc_LDADD) $(LIBS) + $(kdc_LINK) $(kdc_OBJECTS) $(kdc_LDADD) $(LIBS) kdc-replay$(EXEEXT): $(kdc_replay_OBJECTS) $(kdc_replay_DEPENDENCIES) @rm -f kdc-replay$(EXEEXT) $(LINK) $(kdc_replay_OBJECTS) $(kdc_replay_LDADD) $(LIBS) @@ -669,149 +792,256 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/default_config.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/digest-service.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/digest.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hprop.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hpropd.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kdc-announce.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kdc-config.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kdc-connect.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kdc-main.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kdc-replay.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kerberos5.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5tgs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kstash.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kx509.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/log.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mit_dump.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkinit.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/process.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/set_dbinfo.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/string2key.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/windc.Plo@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +kdc-connect.o: connect.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -MT kdc-connect.o -MD -MP -MF $(DEPDIR)/kdc-connect.Tpo -c -o kdc-connect.o `test -f 'connect.c' || echo '$(srcdir)/'`connect.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/kdc-connect.Tpo $(DEPDIR)/kdc-connect.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='connect.c' object='kdc-connect.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -c -o kdc-connect.o `test -f 'connect.c' || echo '$(srcdir)/'`connect.c + +kdc-connect.obj: connect.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -MT kdc-connect.obj -MD -MP -MF $(DEPDIR)/kdc-connect.Tpo -c -o kdc-connect.obj `if test -f 'connect.c'; then $(CYGPATH_W) 'connect.c'; else $(CYGPATH_W) '$(srcdir)/connect.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/kdc-connect.Tpo $(DEPDIR)/kdc-connect.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='connect.c' object='kdc-connect.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -c -o kdc-connect.obj `if test -f 'connect.c'; then $(CYGPATH_W) 'connect.c'; else $(CYGPATH_W) '$(srcdir)/connect.c'; fi` + +kdc-config.o: config.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -MT kdc-config.o -MD -MP -MF $(DEPDIR)/kdc-config.Tpo -c -o kdc-config.o `test -f 'config.c' || echo '$(srcdir)/'`config.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/kdc-config.Tpo $(DEPDIR)/kdc-config.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config.c' object='kdc-config.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -c -o kdc-config.o `test -f 'config.c' || echo '$(srcdir)/'`config.c + +kdc-config.obj: config.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -MT kdc-config.obj -MD -MP -MF $(DEPDIR)/kdc-config.Tpo -c -o kdc-config.obj `if test -f 'config.c'; then $(CYGPATH_W) 'config.c'; else $(CYGPATH_W) '$(srcdir)/config.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/kdc-config.Tpo $(DEPDIR)/kdc-config.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config.c' object='kdc-config.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -c -o kdc-config.obj `if test -f 'config.c'; then $(CYGPATH_W) 'config.c'; else $(CYGPATH_W) '$(srcdir)/config.c'; fi` + +kdc-announce.o: announce.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -MT kdc-announce.o -MD -MP -MF $(DEPDIR)/kdc-announce.Tpo -c -o kdc-announce.o `test -f 'announce.c' || echo '$(srcdir)/'`announce.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/kdc-announce.Tpo $(DEPDIR)/kdc-announce.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='announce.c' object='kdc-announce.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -c -o kdc-announce.o `test -f 'announce.c' || echo '$(srcdir)/'`announce.c + +kdc-announce.obj: announce.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -MT kdc-announce.obj -MD -MP -MF $(DEPDIR)/kdc-announce.Tpo -c -o kdc-announce.obj `if test -f 'announce.c'; then $(CYGPATH_W) 'announce.c'; else $(CYGPATH_W) '$(srcdir)/announce.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/kdc-announce.Tpo $(DEPDIR)/kdc-announce.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='announce.c' object='kdc-announce.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -c -o kdc-announce.obj `if test -f 'announce.c'; then $(CYGPATH_W) 'announce.c'; else $(CYGPATH_W) '$(srcdir)/announce.c'; fi` + +kdc-main.o: main.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -MT kdc-main.o -MD -MP -MF $(DEPDIR)/kdc-main.Tpo -c -o kdc-main.o `test -f 'main.c' || echo '$(srcdir)/'`main.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/kdc-main.Tpo $(DEPDIR)/kdc-main.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='main.c' object='kdc-main.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -c -o kdc-main.o `test -f 'main.c' || echo '$(srcdir)/'`main.c + +kdc-main.obj: main.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -MT kdc-main.obj -MD -MP -MF $(DEPDIR)/kdc-main.Tpo -c -o kdc-main.obj `if test -f 'main.c'; then $(CYGPATH_W) 'main.c'; else $(CYGPATH_W) '$(srcdir)/main.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/kdc-main.Tpo $(DEPDIR)/kdc-main.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='main.c' object='kdc-main.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(kdc_CFLAGS) $(CFLAGS) -c -o kdc-main.obj `if test -f 'main.c'; then $(CYGPATH_W) 'main.c'; else $(CYGPATH_W) '$(srcdir)/main.c'; fi` mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) +install-man8: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + uninstall-man8: @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files install-krb5HEADERS: $(krb5_HEADERS) @$(NORMAL_INSTALL) test -z "$(krb5dir)" || $(MKDIR_P) "$(DESTDIR)$(krb5dir)" - @list='$(krb5_HEADERS)'; for p in $$list; do \ + @list='$(krb5_HEADERS)'; test -n "$(krb5dir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(krb5HEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(krb5dir)/$$f'"; \ - $(krb5HEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(krb5dir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(krb5dir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(krb5dir)" || exit $$?; \ done uninstall-krb5HEADERS: @$(NORMAL_UNINSTALL) - @list='$(krb5_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(krb5dir)/$$f'"; \ - rm -f "$(DESTDIR)$(krb5dir)/$$f"; \ - done + @list='$(krb5_HEADERS)'; test -n "$(krb5dir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(krb5dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(krb5dir)" && rm -f $$files ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -827,13 +1057,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -871,6 +1105,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -882,6 +1117,7 @@ clean-am: clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \ clean-sbinPROGRAMS mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -892,6 +1128,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -900,27 +1138,36 @@ install-data-am: install-includeHEADERS install-krb5HEADERS \ install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS install-libLTLIBRARIES \ install-libexecPROGRAMS install-sbinPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -942,11 +1189,10 @@ uninstall-am: uninstall-binPROGRAMS uninstall-includeHEADERS \ uninstall-libexecPROGRAMS uninstall-man uninstall-sbinPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man8 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \ @@ -1039,6 +1285,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -1124,7 +1373,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -1146,6 +1395,7 @@ $(srcdir)/kdc-protos.h: $(srcdir)/kdc-private.h: cd $(srcdir) && perl ../cf/make-proto.pl -q -P comment -p kdc-private.h $(libkdc_la_SOURCES) || rm -f kdc-private.h + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/kdc/NTMakefile b/kdc/NTMakefile new file mode 100644 index 000000000000..bb5b51069a1d --- /dev/null +++ b/kdc/NTMakefile @@ -0,0 +1,161 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=kdc + +!include ../windows/NTMakefile.w32 + +BINPROGRAMS=$(BINDIR)\string2key.exe + +SBINPROGRAMS=$(SBINDIR)\kstash.exe + +LIBEXECPROGRAMS= \ + $(LIBEXECDIR)\hprop.exe \ + $(LIBEXECDIR)\hpropd.exe \ + $(LIBEXECDIR)\kdc.exe \ +# $(LIBEXECDIR)\digest-service.exe + +NOINST_PROGRAMS=$(OBJ)\kdc-replay.exe + +INCFILES=\ + $(INCDIR)\kdc.h \ + $(INCDIR)\kdc-protos.h \ + $(INCDIR)\kdc-private.h \ + $(INCDIR)\krb5\windc_plugin.h + +all:: $(INCFILES) $(LIBKDC) $(BINPROGRAMS) $(SBINPROGRAMS) $(LIBEXECPROGRAMS) + +clean:: + -$(RM) $(LIBKDC) + -$(RM) $(BINPROGRAMS:.exe=.*) $(SBINPROGRAMS:.exe=.*) $(LIBEXECPROGRAMS:.exe=.*) + +BIN_LIBS=\ + $(LIBHDB) \ + $(LIBHEIMDAL) \ + $(LIBROKEN) \ + $(LIBVERS) + +$(LIBEXECDIR)\hprop.exe: $(OBJ)\hprop.obj $(OBJ)\mit_dump.obj $(BIN_LIBS) $(OBJ)\hprop-version.res + $(EXECONLINK) + $(EXEPREP) + +!ifdef KRB4 +$(LIBEXECDIR)\hprop.exe: $(OBJ)\v4_dump.obj +!endif + + +$(LIBEXECDIR)\hpropd.exe: $(OBJ)\hpropd.obj $(BIN_LIBS) $(OBJ)\hpropd-version.res + $(EXECONLINK) + $(EXEPREP) + +$(SBINDIR)\kstash.exe: $(OBJ)\kstash.obj $(BIN_LIBS) $(OBJ)\kstash-version.res + $(EXECONLINK) + $(EXEPREP) + +$(BINDIR)\string2key.exe: $(OBJ)\string2key.obj $(BIN_LIBS) $(OBJ)\string2key-version.res + $(EXECONLINK) + $(EXEPREP) + +$(BINDIR)\digest-service.exe: $(OBJ)\digest-service.obj $(BIN_LIBS) + $(EXECONLINK) + $(EXEPREP) + +$(LIBEXECDIR)\kdc.exe: \ + $(OBJ)\connect.obj $(OBJ)\config.obj $(OBJ)\announce.obj \ + $(OBJ)\main.obj $(OBJ)\kdc-version.res \ + $(LIBKDC) $(BIN_LIBS) + $(EXECONLINK) + $(EXEPREP) + +LIBKDC_OBJS=\ + $(OBJ)\default_config.obj \ + $(OBJ)\set_dbinfo.obj \ + $(OBJ)\digest.obj \ + $(OBJ)\kerberos5.obj \ + $(OBJ)\krb5tgs.obj \ + $(OBJ)\pkinit.obj \ + $(OBJ)\log.obj \ + $(OBJ)\misc.obj \ + $(OBJ)\kx509.obj \ + $(OBJ)\process.obj \ + $(OBJ)\windc.obj + +!ifdef KRB4 +LIBKDC_OBJS=$(LIBKDC_OBJS) \ + $(OBJ)\524.obj \ + $(OBJ)\kerberos4.obj +!endif + +LIBKDC_LIBS=\ + $(LIBHDB) \ + $(LIBHEIMDAL) \ + $(LIBHEIMNTLM) \ + $(LIBROKEN) + +LIBKDCRES=$(OBJ)\libkdc-version.res + +$(LIBEXECDIR)\libkdc.dll: $(LIBKDC_OBJS) $(LIBKDC_LIBS) $(LIBKDCRES) + $(DLLGUILINK) -implib:$(LIBKDC) -def:libkdc-exports.def + $(DLLPREP) + +$(LIBKDC): $(LIBEXECDIR)\libkdc.dll + +clean:: + -$(RM) $(LIBEXECDIR)\libkdc.* + +libkdc_la_SOURCES = \ + default_config.c \ + set_dbinfo.c \ + digest.c \ + kdc_locl.h \ + kerberos5.c \ + krb5tgs.c \ + pkinit.c \ + log.c \ + misc.c \ + kx509.c \ + process.c \ + windc.c \ + rx.h + +!ifdef KRB4 +libkdc_la_SOURCES=$(libkdc_la_SOURCES) \ + 524.c \ + kerberos4.c +!endif + +$(OBJ)\kdc-protos.h: $(libkdc_la_SOURCES) + $(PERL) ..\cf\make-proto.pl -q -P remove -o $@ $(libkdc_la_SOURCES) \ + || $(RM) $@ + +$(OBJ)\kdc-private.h: $(libkdc_la_SOURCES) + $(PERL) ..\cf\make-proto.pl -q -P remove -p $@ $(libkdc_la_SOURCES) \ + || $(RM) $@ diff --git a/kdc/announce.c b/kdc/announce.c new file mode 100644 index 000000000000..cf3fdc363639 --- /dev/null +++ b/kdc/announce.c @@ -0,0 +1,544 @@ +/* + * Copyright (c) 2008 Apple Inc. All Rights Reserved. + * + * Export of this software from the United States of America may require + * a specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of Apple Inc. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Apple Inc. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED + * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + */ + +#include "kdc_locl.h" + +#if defined(__APPLE__) && defined(HAVE_GCD) + +#include +#include +#include +#include + +#include + +#include +#include + +#include +#include + +static krb5_kdc_configuration *announce_config; +static krb5_context announce_context; + +struct entry { + DNSRecordRef recordRef; + char *domain; + char *realm; +#define F_EXISTS 1 +#define F_PUSH 2 + int flags; + struct entry *next; +}; + +/* #define REGISTER_SRV_RR */ + +static struct entry *g_entries = NULL; +static CFStringRef g_hostname = NULL; +static DNSServiceRef g_dnsRef = NULL; +static SCDynamicStoreRef g_store = NULL; +static dispatch_queue_t g_queue = NULL; + +#define LOG(...) asl_log(NULL, NULL, ASL_LEVEL_INFO, __VA_ARGS__) + +static void create_dns_sd(void); +static void destroy_dns_sd(void); +static void update_all(SCDynamicStoreRef, CFArrayRef, void *); + + +/* parameters */ +static CFStringRef NetworkChangedKey_BackToMyMac = CFSTR("Setup:/Network/BackToMyMac"); + + +static char * +CFString2utf8(CFStringRef string) +{ + size_t size; + char *str; + + size = 1 + CFStringGetMaximumSizeForEncoding(CFStringGetLength(string), kCFStringEncodingUTF8); + str = malloc(size); + if (str == NULL) + return NULL; + + if (CFStringGetCString(string, str, size, kCFStringEncodingUTF8) == false) { + free(str); + return NULL; + } + return str; +} + +/* + * + */ + +static void +retry_timer(void) +{ + dispatch_source_t s; + dispatch_time_t t; + + s = dispatch_source_create(DISPATCH_SOURCE_TYPE_TIMER, + 0, 0, g_queue); + t = dispatch_time(DISPATCH_TIME_NOW, 5ull * NSEC_PER_SEC); + dispatch_source_set_timer(s, t, 0, NSEC_PER_SEC); + dispatch_source_set_event_handler(s, ^{ + create_dns_sd(); + dispatch_release(s); + }); + dispatch_resume(s); +} + +/* + * + */ + +static void +create_dns_sd(void) +{ + DNSServiceErrorType error; + dispatch_source_t s; + + error = DNSServiceCreateConnection(&g_dnsRef); + if (error) { + retry_timer(); + return; + } + + dispatch_suspend(g_queue); + + s = dispatch_source_create(DISPATCH_SOURCE_TYPE_READ, + DNSServiceRefSockFD(g_dnsRef), + 0, g_queue); + + dispatch_source_set_event_handler(s, ^{ + DNSServiceErrorType ret = DNSServiceProcessResult(g_dnsRef); + /* on error tear down and set timer to recreate */ + if (ret != kDNSServiceErr_NoError && ret != kDNSServiceErr_Transient) { + dispatch_source_cancel(s); + } + }); + + dispatch_source_set_cancel_handler(s, ^{ + destroy_dns_sd(); + retry_timer(); + dispatch_release(s); + }); + + dispatch_resume(s); + + /* Do the first update ourself */ + update_all(g_store, NULL, NULL); + dispatch_resume(g_queue); +} + +static void +domain_add(const char *domain, const char *realm, int flag) +{ + struct entry *e; + + for (e = g_entries; e != NULL; e = e->next) { + if (strcmp(domain, e->domain) == 0 && strcmp(realm, e->realm) == 0) { + e->flags |= flag; + return; + } + } + + LOG("Adding realm %s to domain %s", realm, domain); + + e = calloc(1, sizeof(*e)); + if (e == NULL) + return; + e->domain = strdup(domain); + e->realm = strdup(realm); + if (e->domain == NULL || e->realm == NULL) { + free(e->domain); + free(e->realm); + free(e); + return; + } + e->flags = flag | F_PUSH; /* if we allocate, we push */ + e->next = g_entries; + g_entries = e; +} + +struct addctx { + int flags; + const char *realm; +}; + +static void +domains_add(const void *key, const void *value, void *context) +{ + char *str = CFString2utf8((CFStringRef)value); + struct addctx *ctx = context; + + if (str == NULL) + return; + if (str[0] != '\0') + domain_add(str, ctx->realm, F_EXISTS | ctx->flags); + free(str); +} + + +static void +dnsCallback(DNSServiceRef sdRef __attribute__((unused)), + DNSRecordRef RecordRef __attribute__((unused)), + DNSServiceFlags flags __attribute__((unused)), + DNSServiceErrorType errorCode __attribute__((unused)), + void *context __attribute__((unused))) +{ +} + +#ifdef REGISTER_SRV_RR + +/* + * Register DNS SRV rr for the realm. + */ + +static const char *register_names[2] = { + "_kerberos._tcp", + "_kerberos._udp" +}; + +static struct { + DNSRecordRef *val; + size_t len; +} srvRefs = { NULL, 0 }; + +static void +register_srv(const char *realm, const char *hostname, int port) +{ + unsigned char target[1024]; + int i; + int size; + + /* skip registering LKDC realms */ + if (strncmp(realm, "LKDC:", 5) == 0) + return; + + /* encode SRV-RR */ + target[0] = 0; /* priority */ + target[1] = 0; /* priority */ + target[2] = 0; /* weight */ + target[3] = 0; /* weigth */ + target[4] = (port >> 8) & 0xff; /* port */ + target[5] = (port >> 0) & 0xff; /* port */ + + size = dn_comp(hostname, target + 6, sizeof(target) - 6, NULL, NULL); + if (size < 0) + return; + + size += 6; + + LOG("register SRV rr for realm %s hostname %s:%d", realm, hostname, port); + + for (i = 0; i < sizeof(register_names)/sizeof(register_names[0]); i++) { + char name[kDNSServiceMaxDomainName]; + DNSServiceErrorType error; + void *ptr; + + ptr = realloc(srvRefs.val, sizeof(srvRefs.val[0]) * (srvRefs.len + 1)); + if (ptr == NULL) + errx(1, "malloc: out of memory"); + srvRefs.val = ptr; + + DNSServiceConstructFullName(name, NULL, register_names[i], realm); + + error = DNSServiceRegisterRecord(g_dnsRef, + &srvRefs.val[srvRefs.len], + kDNSServiceFlagsUnique | kDNSServiceFlagsShareConnection, + 0, + name, + kDNSServiceType_SRV, + kDNSServiceClass_IN, + size, + target, + 0, + dnsCallback, + NULL); + if (error) { + LOG("Failed to register SRV rr for realm %s: %d", realm, error); + } else + srvRefs.len++; + } +} + +static void +unregister_srv_realms(void) +{ + if (g_dnsRef) { + for (i = 0; i < srvRefs.len; i++) + DNSServiceRemoveRecord(g_dnsRef, srvRefs.val[i], 0); + } + free(srvRefs.val); + srvRefs.len = 0; + srvRefs.val = NULL; +} + +static void +register_srv_realms(CFStringRef host) +{ + krb5_error_code ret; + char *hostname; + size_t i; + + /* first unregister old names */ + + hostname = CFString2utf8(host); + if (hostname == NULL) + return; + + for(i = 0; i < announce_config->num_db; i++) { + char **realms, **r; + + if (announce_config->db[i]->hdb_get_realms == NULL) + continue; + + ret = (announce_config->db[i]->hdb_get_realms)(announce_context, &realms); + if (ret == 0) { + for (r = realms; r && *r; r++) + register_srv(*r, hostname, 88); + krb5_free_host_realm(announce_context, realms); + } + } + + free(hostname); +} +#endif /* REGISTER_SRV_RR */ + +static void +update_dns(void) +{ + DNSServiceErrorType error; + struct entry **e = &g_entries; + char *hostname; + + hostname = CFString2utf8(g_hostname); + if (hostname == NULL) + return; + + while (*e != NULL) { + /* remove if this wasn't updated */ + if (((*e)->flags & F_EXISTS) == 0) { + struct entry *drop = *e; + *e = (*e)->next; + + LOG("Deleting realm %s from domain %s", + drop->realm, drop->domain); + + if (drop->recordRef && g_dnsRef) + DNSServiceRemoveRecord(g_dnsRef, drop->recordRef, 0); + free(drop->domain); + free(drop->realm); + free(drop); + continue; + } + if ((*e)->flags & F_PUSH) { + struct entry *update = *e; + char *dnsdata, *name; + size_t len; + + len = strlen(update->realm); + asprintf(&dnsdata, "%c%s", (int)len, update->realm); + if (dnsdata == NULL) + errx(1, "malloc"); + + asprintf(&name, "_kerberos.%s.%s", hostname, update->domain); + if (name == NULL) + errx(1, "malloc"); + + if (update->recordRef) + DNSServiceRemoveRecord(g_dnsRef, update->recordRef, 0); + + error = DNSServiceRegisterRecord(g_dnsRef, + &update->recordRef, + kDNSServiceFlagsShared | kDNSServiceFlagsAllowRemoteQuery, + 0, + name, + kDNSServiceType_TXT, + kDNSServiceClass_IN, + len+1, + dnsdata, + 0, + dnsCallback, + NULL); + free(name); + free(dnsdata); + if (error) + errx(1, "failure to update entry for %s/%s", + update->domain, update->realm); + } + e = &(*e)->next; + } + free(hostname); +} + +static void +update_entries(SCDynamicStoreRef store, const char *realm, int flags) +{ + CFDictionaryRef btmm; + + /* we always announce in the local domain */ + domain_add("local", realm, F_EXISTS | flags); + + /* announce btmm */ + btmm = SCDynamicStoreCopyValue(store, NetworkChangedKey_BackToMyMac); + if (btmm) { + struct addctx addctx; + + addctx.flags = flags; + addctx.realm = realm; + + CFDictionaryApplyFunction(btmm, domains_add, &addctx); + CFRelease(btmm); + } +} + +static void +update_all(SCDynamicStoreRef store, CFArrayRef changedKeys, void *info) +{ + struct entry *e; + CFStringRef host; + int i, flags = 0; + + LOG("something changed, running update"); + + host = SCDynamicStoreCopyLocalHostName(store); + if (host == NULL) + return; + + if (g_hostname == NULL || CFStringCompare(host, g_hostname, 0) != kCFCompareEqualTo) { + if (g_hostname) + CFRelease(g_hostname); + g_hostname = CFRetain(host); + flags = F_PUSH; /* if hostname has changed, force push */ + +#ifdef REGISTER_SRV_RR + register_srv_realms(g_hostname); +#endif + } + + for (e = g_entries; e != NULL; e = e->next) + e->flags &= ~(F_EXISTS|F_PUSH); + + for(i = 0; i < announce_config->num_db; i++) { + krb5_error_code ret; + char **realms, **r; + + if (announce_config->db[i]->hdb_get_realms == NULL) + continue; + + ret = (announce_config->db[i]->hdb_get_realms)(announce_context, announce_config->db[i], &realms); + if (ret == 0) { + for (r = realms; r && *r; r++) + update_entries(store, *r, flags); + krb5_free_host_realm(announce_context, realms); + } + } + + update_dns(); + + CFRelease(host); +} + +static void +delete_all(void) +{ + struct entry *e; + + for (e = g_entries; e != NULL; e = e->next) + e->flags &= ~(F_EXISTS|F_PUSH); + + update_dns(); + if (g_entries != NULL) + errx(1, "Failed to remove all bonjour entries"); +} + +static void +destroy_dns_sd(void) +{ + if (g_dnsRef == NULL) + return; + + delete_all(); +#ifdef REGISTER_SRV_RR + unregister_srv_realms(); +#endif + + DNSServiceRefDeallocate(g_dnsRef); + g_dnsRef = NULL; +} + + +static SCDynamicStoreRef +register_notification(void) +{ + SCDynamicStoreRef store; + CFStringRef computerNameKey; + CFMutableArrayRef keys; + + computerNameKey = SCDynamicStoreKeyCreateHostNames(kCFAllocatorDefault); + + store = SCDynamicStoreCreate(kCFAllocatorDefault, CFSTR("Network watcher"), + update_all, NULL); + if (store == NULL) + errx(1, "SCDynamicStoreCreate"); + + keys = CFArrayCreateMutable(kCFAllocatorDefault, 2, &kCFTypeArrayCallBacks); + if (keys == NULL) + errx(1, "CFArrayCreateMutable"); + + CFArrayAppendValue(keys, computerNameKey); + CFArrayAppendValue(keys, NetworkChangedKey_BackToMyMac); + + if (SCDynamicStoreSetNotificationKeys(store, keys, NULL) == false) + errx(1, "SCDynamicStoreSetNotificationKeys"); + + CFRelease(computerNameKey); + CFRelease(keys); + + if (!SCDynamicStoreSetDispatchQueue(store, g_queue)) + errx(1, "SCDynamicStoreSetDispatchQueue"); + + return store; +} +#endif + +void +bonjour_announce(krb5_context context, krb5_kdc_configuration *config) +{ +#if defined(__APPLE__) && defined(HAVE_GCD) + g_queue = dispatch_queue_create("com.apple.kdc_announce", NULL); + if (!g_queue) + errx(1, "dispatch_queue_create"); + + g_store = register_notification(); + announce_config = config; + announce_context = context; + + create_dns_sd(); +#endif +} diff --git a/kdc/config.c b/kdc/config.c index a4d40fce4fa9..a437bbd121b2 100644 --- a/kdc/config.c +++ b/kdc/config.c @@ -1,43 +1,42 @@ /* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * All rights reserved. + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" #include #include -RCSID("$Id: config.c 22248 2007-12-08 23:52:12Z lha $"); - struct dbinfo { char *realm; char *dbname; @@ -51,10 +50,6 @@ static int require_preauth = -1; /* 1 == require preauth for all principals */ static char *max_request_str; /* `max_request' as a string */ static int disable_des = -1; -static int enable_v4 = -1; -static int enable_kaserver = -1; -static int enable_524 = -1; -static int enable_v4_cross_realm = -1; static int builtin_hdb_flag; static int help_flag; @@ -62,62 +57,55 @@ static int version_flag; static struct getarg_strings addresses_str; /* addresses to listen on */ -static char *v4_realm; +char *runas_string; +char *chroot_string; + static struct getargs args[] = { - { - "config-file", 'c', arg_string, &config_file, - "location of config file", "file" + { + "config-file", 'c', arg_string, &config_file, + "location of config file", "file" }, - { - "require-preauth", 'p', arg_negative_flag, &require_preauth, - "don't require pa-data in as-reqs" + { + "require-preauth", 'p', arg_negative_flag, &require_preauth, + "don't require pa-data in as-reqs", NULL }, - { - "max-request", 0, arg_string, &max_request, + { + "max-request", 0, arg_string, &max_request_str, "max size for a kdc-request", "size" }, - { "enable-http", 'H', arg_flag, &enable_http, "turn on HTTP support" }, - { "524", 0, arg_negative_flag, &enable_524, - "don't respond to 524 requests" - }, - { - "kaserver", 'K', arg_flag, &enable_kaserver, - "enable kaserver support" - }, - { "kerberos4", 0, arg_flag, &enable_v4, - "respond to kerberos 4 requests" - }, - { - "v4-realm", 'r', arg_string, &v4_realm, - "realm to serve v4-requests for" - }, - { "kerberos4-cross-realm", 0, arg_flag, - &enable_v4_cross_realm, - "respond to kerberos 4 requests from foreign realms" - }, - { "ports", 'P', arg_string, &port_str, + { "enable-http", 'H', arg_flag, &enable_http, "turn on HTTP support", + NULL }, + { "ports", 'P', arg_string, rk_UNCONST(&port_str), "ports to listen to", "portspec" }, +#ifdef SUPPORT_DETACH #if DETACH_IS_DEFAULT { - "detach", 'D', arg_negative_flag, &detach_from_console, - "don't detach from console" + "detach", 'D', arg_negative_flag, &detach_from_console, + "don't detach from console", NULL }, #else { - "detach", 0 , arg_flag, &detach_from_console, - "detach from console" + "detach", 0 , arg_flag, &detach_from_console, + "detach from console", NULL }, +#endif #endif { "addresses", 0, arg_strings, &addresses_str, "addresses to listen on", "list of addresses" }, { "disable-des", 0, arg_flag, &disable_des, - "disable DES" }, + "disable DES", NULL }, { "builtin-hdb", 0, arg_flag, &builtin_hdb_flag, - "list builtin hdb backends"}, - { "help", 'h', arg_flag, &help_flag }, - { "version", 'v', arg_flag, &version_flag } + "list builtin hdb backends", NULL}, + { "runas-user", 0, arg_string, &runas_string, + "run as this user when connected to network", NULL + }, + { "chroot", 0, arg_string, &chroot_string, + "chroot directory to run in", NULL + }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 'v', arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); @@ -152,7 +140,7 @@ configure(krb5_context context, int argc, char **argv) krb5_error_code ret; int optidx = 0; const char *p; - + while(getarg(args, num_args, argc, argv, &optidx)) warnx("error at argument `%s'", argv[optidx]); @@ -179,7 +167,7 @@ configure(krb5_context context, int argc, char **argv) if (argc != 0) usage(1); - + { char **files; @@ -192,10 +180,10 @@ configure(krb5_context context, int argc, char **argv) ret = krb5_prepend_config_files_default(config_file, &files); if (ret) krb5_err(context, 1, ret, "getting configuration files"); - + ret = krb5_set_config_files(context, files); krb5_free_config_files(files); - if(ret) + if(ret) krb5_err(context, 1, ret, "reading configuration files"); } @@ -203,25 +191,25 @@ configure(krb5_context context, int argc, char **argv) if (ret) krb5_err(context, 1, ret, "krb5_kdc_default_config"); - kdc_openlog(context, config); + kdc_openlog(context, "kdc", config); ret = krb5_kdc_set_dbinfo(context, config); if (ret) krb5_err(context, 1, ret, "krb5_kdc_set_dbinfo"); if(max_request_str) - max_request = parse_bytes(max_request_str, NULL); + max_request_tcp = max_request_udp = parse_bytes(max_request_str, NULL); - if(max_request == 0){ + if(max_request_tcp == 0){ p = krb5_config_get_string (context, NULL, "kdc", "max-request", NULL); if(p) - max_request = parse_bytes(p, NULL); + max_request_tcp = max_request_udp = parse_bytes(p, NULL); } - + if(require_preauth != -1) config->require_preauth = require_preauth; @@ -250,53 +238,39 @@ configure(krb5_context context, int argc, char **argv) } } - if(enable_v4 != -1) - config->enable_v4 = enable_v4; - - if(enable_v4_cross_realm != -1) - config->enable_v4_cross_realm = enable_v4_cross_realm; - - if(enable_524 != -1) - config->enable_524 = enable_524; - if(enable_http == -1) - enable_http = krb5_config_get_bool(context, NULL, "kdc", + enable_http = krb5_config_get_bool(context, NULL, "kdc", "enable-http", NULL); if(request_log == NULL) - request_log = krb5_config_get_string(context, NULL, - "kdc", - "kdc-request-log", + request_log = krb5_config_get_string(context, NULL, + "kdc", + "kdc-request-log", NULL); - if (krb5_config_get_string(context, NULL, "kdc", + if (krb5_config_get_string(context, NULL, "kdc", "enforce-transited-policy", NULL)) krb5_errx(context, 1, "enforce-transited-policy deprecated, " "use [kdc]transited-policy instead"); - if (enable_kaserver != -1) - config->enable_kaserver = enable_kaserver; - - if(detach_from_console == -1) - detach_from_console = krb5_config_get_bool_default(context, NULL, +#ifdef SUPPORT_DETACH + if(detach_from_console == -1) + detach_from_console = krb5_config_get_bool_default(context, NULL, DETACH_IS_DEFAULT, "kdc", "detach", NULL); +#endif /* SUPPORT_DETACH */ - if(max_request == 0) - max_request = 64 * 1024; + if(max_request_tcp == 0) + max_request_tcp = 64 * 1024; + if(max_request_udp == 0) + max_request_udp = 64 * 1024; if (port_str == NULL) port_str = "+"; - if (v4_realm) - config->v4_realm = v4_realm; - - if(config->v4_realm == NULL && (config->enable_kaserver || config->enable_v4)) - krb5_errx(context, 1, "Kerberos 4 enabled but no realm configured"); - if(disable_des == -1) - disable_des = krb5_config_get_bool_default(context, NULL, + disable_des = krb5_config_get_bool_default(context, NULL, FALSE, "kdc", "disable-des", NULL); @@ -307,16 +281,11 @@ configure(krb5_context context, int argc, char **argv) krb5_enctype_disable(context, ETYPE_DES_CBC_NONE); krb5_enctype_disable(context, ETYPE_DES_CFB64_NONE); krb5_enctype_disable(context, ETYPE_DES_PCBC_NONE); - - kdc_log(context, config, - 0, "DES was disabled, turned off Kerberos V4, 524 " - "and kaserver"); - config->enable_v4 = 0; - config->enable_524 = 0; - config->enable_kaserver = 0; } krb5_kdc_windc_init(context); + krb5_kdc_pkinit_config(context, config); + return config; } diff --git a/kdc/connect.c b/kdc/connect.c index c2df088342f4..8ecf375b8d21 100644 --- a/kdc/connect.c +++ b/kdc/connect.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" -RCSID("$Id: connect.c 22434 2008-01-14 09:21:37Z lha $"); - /* Should we enable the HTTP hack? */ int enable_http = -1; @@ -46,7 +44,8 @@ const char *port_str; krb5_addresses explicit_addresses; -size_t max_request; /* maximal size of a request */ +size_t max_request_udp; +size_t max_request_tcp; /* * a tuple describing on what to listen @@ -61,18 +60,18 @@ struct port_desc{ /* the current ones */ static struct port_desc *ports; -static int num_ports; +static size_t num_ports; /* * add `family, port, protocol' to the list with duplicate suppresion. */ static void -add_port(krb5_context context, +add_port(krb5_context context, int family, int port, const char *protocol) { int type; - int i; + size_t i; if(strcmp(protocol, "udp") == 0) type = SOCK_DGRAM; @@ -101,7 +100,7 @@ add_port(krb5_context context, */ static void -add_port_service(krb5_context context, +add_port_service(krb5_context context, int family, const char *service, int port, const char *protocol) { @@ -115,7 +114,7 @@ add_port_service(krb5_context context, */ static void -add_port_string (krb5_context context, +add_port_string (krb5_context context, int family, const char *str, const char *protocol) { struct servent *sp; @@ -139,7 +138,7 @@ add_port_string (krb5_context context, */ static void -add_standard_ports (krb5_context context, +add_standard_ports (krb5_context context, krb5_kdc_configuration *config, int family) { @@ -149,16 +148,6 @@ add_standard_ports (krb5_context context, add_port_service(context, family, "kerberos-sec", 88, "tcp"); if(enable_http) add_port_service(context, family, "http", 80, "tcp"); - if(config->enable_524) { - add_port_service(context, family, "krb524", 4444, "udp"); - add_port_service(context, family, "krb524", 4444, "tcp"); - } - if(config->enable_v4) { - add_port_service(context, family, "kerberos-iv", 750, "udp"); - add_port_service(context, family, "kerberos-iv", 750, "tcp"); - } - if (config->enable_kaserver) - add_port_service(context, family, "afs3-kaserver", 7004, "udp"); if(config->enable_kx509) { add_port_service(context, family, "kca_service", 9878, "udp"); add_port_service(context, family, "kca_service", 9878, "tcp"); @@ -173,7 +162,7 @@ add_standard_ports (krb5_context context, */ static void -parse_ports(krb5_context context, +parse_ports(krb5_context context, krb5_kdc_configuration *config, const char *str) { @@ -205,7 +194,7 @@ parse_ports(krb5_context context, add_port_string(context, AF_INET, p, "tcp"); } } - + p = strtok_r(NULL, " \t", &pos); } free (str_copy); @@ -216,7 +205,7 @@ parse_ports(krb5_context context, */ struct descr { - int s; + krb5_socket_t s; int type; int port; unsigned char *buf; @@ -234,7 +223,7 @@ init_descr(struct descr *d) { memset(d, 0, sizeof(*d)); d->sa = (struct sockaddr *)&d->__ss; - d->s = -1; + d->s = rk_INVALID_SOCKET; } /* @@ -254,8 +243,8 @@ reinit_descrs (struct descr *d, int n) * Create the socket (family, type, port) in `d' */ -static void -init_socket(krb5_context context, +static void +init_socket(krb5_context context, krb5_kdc_configuration *config, struct descr *d, krb5_address *a, int family, int type, int port) { @@ -269,8 +258,8 @@ init_socket(krb5_context context, ret = krb5_addr2sockaddr (context, a, sa, &sa_size, port); if (ret) { krb5_warn(context, ret, "krb5_addr2sockaddr"); - close(d->s); - d->s = -1; + rk_closesocket(d->s); + d->s = rk_INVALID_SOCKET; return; } @@ -278,9 +267,9 @@ init_socket(krb5_context context, return; d->s = socket(family, type, 0); - if(d->s < 0){ + if(rk_IS_BAD_SOCKET(d->s)){ krb5_warn(context, errno, "socket(%d, %d, 0)", family, type); - d->s = -1; + d->s = rk_INVALID_SOCKET; return; } #if defined(HAVE_SETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_REUSEADDR) @@ -292,24 +281,24 @@ init_socket(krb5_context context, d->type = type; d->port = port; - if(bind(d->s, sa, sa_size) < 0){ + if(rk_IS_SOCKET_ERROR(bind(d->s, sa, sa_size))){ char a_str[256]; size_t len; krb5_print_address (a, a_str, sizeof(a_str), &len); krb5_warn(context, errno, "bind %s/%d", a_str, ntohs(port)); - close(d->s); - d->s = -1; + rk_closesocket(d->s); + d->s = rk_INVALID_SOCKET; return; } - if(type == SOCK_STREAM && listen(d->s, SOMAXCONN) < 0){ + if(type == SOCK_STREAM && rk_IS_SOCKET_ERROR(listen(d->s, SOMAXCONN))){ char a_str[256]; size_t len; krb5_print_address (a, a_str, sizeof(a_str), &len); krb5_warn(context, errno, "listen %s/%d", a_str, ntohs(port)); - close(d->s); - d->s = -1; + rk_closesocket(d->s); + d->s = rk_INVALID_SOCKET; return; } } @@ -320,12 +309,12 @@ init_socket(krb5_context context, */ static int -init_sockets(krb5_context context, +init_sockets(krb5_context context, krb5_kdc_configuration *config, struct descr **desc) { krb5_error_code ret; - int i, j; + size_t i, j; struct descr *d; int num = 0; krb5_addresses addresses; @@ -347,7 +336,7 @@ init_sockets(krb5_context context, for (j = 0; j < addresses.len; ++j) { init_socket(context, config, &d[num], &addresses.val[j], ports[i].family, ports[i].type, ports[i].port); - if(d[num].s != -1){ + if(d[num].s != rk_INVALID_SOCKET){ char a_str[80]; size_t len; @@ -356,7 +345,7 @@ init_sockets(krb5_context context, kdc_log(context, config, 5, "listening on %s port %u/%s", a_str, - ntohs(ports[i].port), + ntohs(ports[i].port), (ports[i].type == SOCK_STREAM) ? "tcp" : "udp"); /* XXX */ num++; @@ -388,7 +377,7 @@ descr_type(struct descr *d) } static void -addr_to_string(krb5_context context, +addr_to_string(krb5_context context, struct sockaddr *addr, size_t addr_len, char *str, size_t len) { krb5_address a; @@ -407,7 +396,7 @@ addr_to_string(krb5_context context, */ static void -send_reply(krb5_context context, +send_reply(krb5_context context, krb5_kdc_configuration *config, krb5_boolean prependlength, struct descr *d, @@ -422,15 +411,16 @@ send_reply(krb5_context context, l[1] = (reply->length >> 16) & 0xff; l[2] = (reply->length >> 8) & 0xff; l[3] = reply->length & 0xff; - if(sendto(d->s, l, sizeof(l), 0, d->sa, d->sock_len) < 0) { - kdc_log (context, config, - 0, "sendto(%s): %s", d->addr_string, strerror(errno)); + if(rk_IS_SOCKET_ERROR(sendto(d->s, l, sizeof(l), 0, d->sa, d->sock_len))) { + kdc_log (context, config, + 0, "sendto(%s): %s", d->addr_string, + strerror(rk_SOCK_ERRNO)); return; } } - if(sendto(d->s, reply->data, reply->length, 0, d->sa, d->sock_len) < 0) { - kdc_log (context, config, - 0, "sendto(%s): %s", d->addr_string, strerror(errno)); + if(rk_IS_SOCKET_ERROR(sendto(d->s, reply->data, reply->length, 0, d->sa, d->sock_len))) { + kdc_log (context, config, 0, "sendto(%s): %s", d->addr_string, + strerror(rk_SOCK_ERRNO)); return; } } @@ -440,7 +430,7 @@ send_reply(krb5_context context, */ static void -do_request(krb5_context context, +do_request(krb5_context context, krb5_kdc_configuration *config, void *buf, size_t len, krb5_boolean prependlength, struct descr *d) @@ -452,7 +442,7 @@ do_request(krb5_context context, krb5_kdc_update_time(NULL); krb5_data_zero(&reply); - ret = krb5_kdc_process_request(context, config, + ret = krb5_kdc_process_request(context, config, buf, len, &reply, &prependlength, d->addr_string, d->sa, datagram_reply); @@ -463,8 +453,8 @@ do_request(krb5_context context, krb5_data_free(&reply); } if(ret) - kdc_log(context, config, 0, - "Failed processing %lu byte request from %s", + kdc_log(context, config, 0, + "Failed processing %lu byte request from %s", (unsigned long)len, d->addr_string); } @@ -473,27 +463,45 @@ do_request(krb5_context context, */ static void -handle_udp(krb5_context context, +handle_udp(krb5_context context, krb5_kdc_configuration *config, struct descr *d) { unsigned char *buf; - int n; + ssize_t n; - buf = malloc(max_request); + buf = malloc(max_request_udp); if(buf == NULL){ - kdc_log(context, config, 0, "Failed to allocate %lu bytes", (unsigned long)max_request); + kdc_log(context, config, 0, "Failed to allocate %lu bytes", (unsigned long)max_request_udp); return; } d->sock_len = sizeof(d->__ss); - n = recvfrom(d->s, buf, max_request, 0, d->sa, &d->sock_len); - if(n < 0) - krb5_warn(context, errno, "recvfrom"); + n = recvfrom(d->s, buf, max_request_udp, 0, d->sa, &d->sock_len); + if(rk_IS_SOCKET_ERROR(n)) + krb5_warn(context, rk_SOCK_ERRNO, "recvfrom"); else { addr_to_string (context, d->sa, d->sock_len, d->addr_string, sizeof(d->addr_string)); - do_request(context, config, buf, n, FALSE, d); + if ((size_t)n == max_request_udp) { + krb5_data data; + krb5_warn(context, errno, + "recvfrom: truncated packet from %s, asking for TCP", + d->addr_string); + krb5_mk_error(context, + KRB5KRB_ERR_RESPONSE_TOO_BIG, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + &data); + send_reply(context, config, FALSE, d, &data); + krb5_data_free(&data); + } else { + do_request(context, config, buf, n, FALSE, d); + } } free (buf); } @@ -504,9 +512,9 @@ clear_descr(struct descr *d) if(d->buf) memset(d->buf, 0, d->size); d->len = 0; - if(d->s != -1) - close(d->s); - d->s = -1; + if(d->s != rk_INVALID_SOCKET) + rk_closesocket(d->s); + d->s = rk_INVALID_SOCKET; } @@ -536,32 +544,34 @@ de_http(char *buf) */ static void -add_new_tcp (krb5_context context, +add_new_tcp (krb5_context context, krb5_kdc_configuration *config, struct descr *d, int parent, int child) { - int s; + krb5_socket_t s; if (child == -1) return; d[child].sock_len = sizeof(d[child].__ss); s = accept(d[parent].s, d[child].sa, &d[child].sock_len); - if(s < 0) { - krb5_warn(context, errno, "accept"); + if(rk_IS_BAD_SOCKET(s)) { + krb5_warn(context, rk_SOCK_ERRNO, "accept"); return; } - + +#ifdef FD_SETSIZE if (s >= FD_SETSIZE) { krb5_warnx(context, "socket FD too large"); - close (s); + rk_closesocket (s); return; } +#endif d[child].s = s; d[child].timeout = time(NULL) + TCP_TIMEOUT; d[child].type = SOCK_STREAM; - addr_to_string (context, + addr_to_string (context, d[child].sa, d[child].sock_len, d[child].addr_string, sizeof(d[child].addr_string)); } @@ -572,16 +582,16 @@ add_new_tcp (krb5_context context, */ static int -grow_descr (krb5_context context, +grow_descr (krb5_context context, krb5_kdc_configuration *config, struct descr *d, size_t n) { if (d->size - d->len < n) { unsigned char *tmp; - size_t grow; + size_t grow; grow = max(1024, d->len + n); - if (d->size + grow > max_request) { + if (d->size + grow > max_request_tcp) { kdc_log(context, config, 0, "Request exceeds max request size (%lu bytes).", (unsigned long)d->size + grow); clear_descr(d); @@ -606,7 +616,7 @@ grow_descr (krb5_context context, */ static int -handle_vanilla_tcp (krb5_context context, +handle_vanilla_tcp (krb5_context context, krb5_kdc_configuration *config, struct descr *d) { @@ -634,7 +644,7 @@ handle_vanilla_tcp (krb5_context context, */ static int -handle_http_tcp (krb5_context context, +handle_http_tcp (krb5_context context, krb5_kdc_configuration *config, struct descr *d) { @@ -645,24 +655,26 @@ handle_http_tcp (krb5_context context, s = (char *)d->buf; + /* If its a multi line query, truncate off the first line */ p = strstr(s, "\r\n"); - if (p == NULL) { - kdc_log(context, config, 0, "Malformed HTTP request from %s", d->addr_string); - return -1; - } - *p = 0; + if (p) + *p = 0; p = NULL; t = strtok_r(s, " \t", &p); if (t == NULL) { - kdc_log(context, config, 0, "Malformed HTTP request from %s", d->addr_string); + kdc_log(context, config, 0, + "Missing HTTP operand (GET) request from %s", d->addr_string); return -1; } + t = strtok_r(NULL, " \t", &p); if(t == NULL) { - kdc_log(context, config, 0, "Malformed HTTP request from %s", d->addr_string); + kdc_log(context, config, 0, + "Missing HTTP GET data in request from %s", d->addr_string); return -1; } + data = malloc(strlen(t)); if (data == NULL) { kdc_log(context, config, 0, "Failed to allocate %lu bytes", @@ -685,7 +697,7 @@ handle_http_tcp (krb5_context context, } len = base64_decode(t, data); if(len <= 0){ - const char *msg = + const char *msg = " 404 Not found\r\n" "Server: Heimdal/" VERSION "\r\n" "Cache-Control: no-cache\r\n" @@ -699,37 +711,41 @@ handle_http_tcp (krb5_context context, kdc_log(context, config, 0, "HTTP request from %s is non KDC request", d->addr_string); kdc_log(context, config, 5, "HTTP request: %s", t); free(data); - if (write(d->s, proto, strlen(proto)) < 0) { - kdc_log(context, config, 0, "HTTP write failed: %s: %s", - d->addr_string, strerror(errno)); + if (rk_IS_SOCKET_ERROR(send(d->s, proto, strlen(proto), 0))) { + kdc_log(context, config, 0, "HTTP write failed: %s: %s", + d->addr_string, strerror(rk_SOCK_ERRNO)); return -1; } - if (write(d->s, msg, strlen(msg)) < 0) { - kdc_log(context, config, 0, "HTTP write failed: %s: %s", - d->addr_string, strerror(errno)); + if (rk_IS_SOCKET_ERROR(send(d->s, msg, strlen(msg), 0))) { + kdc_log(context, config, 0, "HTTP write failed: %s: %s", + d->addr_string, strerror(rk_SOCK_ERRNO)); return -1; } return -1; } { - const char *msg = + const char *msg = " 200 OK\r\n" "Server: Heimdal/" VERSION "\r\n" "Cache-Control: no-cache\r\n" "Pragma: no-cache\r\n" "Content-type: application/octet-stream\r\n" "Content-transfer-encoding: binary\r\n\r\n"; - if (write(d->s, proto, strlen(proto)) < 0) { - kdc_log(context, config, 0, "HTTP write failed: %s: %s", - d->addr_string, strerror(errno)); + if (rk_IS_SOCKET_ERROR(send(d->s, proto, strlen(proto), 0))) { + free(data); + kdc_log(context, config, 0, "HTTP write failed: %s: %s", + d->addr_string, strerror(rk_SOCK_ERRNO)); return -1; } - if (write(d->s, msg, strlen(msg)) < 0) { - kdc_log(context, config, 0, "HTTP write failed: %s: %s", - d->addr_string, strerror(errno)); + if (rk_IS_SOCKET_ERROR(send(d->s, msg, strlen(msg), 0))) { + free(data); + kdc_log(context, config, 0, "HTTP write failed: %s: %s", + d->addr_string, strerror(rk_SOCK_ERRNO)); return -1; } } + if ((size_t)len > d->len) + len = d->len; memcpy(d->buf, data, len); d->len = len; free(data); @@ -741,7 +757,7 @@ handle_http_tcp (krb5_context context, */ static void -handle_tcp(krb5_context context, +handle_tcp(krb5_context context, krb5_kdc_configuration *config, struct descr *d, int idx, int min_free) { @@ -755,15 +771,15 @@ handle_tcp(krb5_context context, } n = recvfrom(d[idx].s, buf, sizeof(buf), 0, NULL, NULL); - if(n < 0){ - krb5_warn(context, errno, "recvfrom failed from %s to %s/%d", - d[idx].addr_string, descr_type(d + idx), + if(rk_IS_SOCKET_ERROR(n)){ + krb5_warn(context, rk_SOCK_ERRNO, "recvfrom failed from %s to %s/%d", + d[idx].addr_string, descr_type(d + idx), ntohs(d[idx].port)); return; } else if (n == 0) { krb5_warnx(context, "connection closed before end of data after %lu " - "bytes from %s to %s/%d", (unsigned long)d[idx].len, - d[idx].addr_string, descr_type(d + idx), + "bytes from %s to %s/%d", (unsigned long)d[idx].len, + d[idx].addr_string, descr_type(d + idx), ntohs(d[idx].port)); clear_descr (d + idx); return; @@ -776,16 +792,20 @@ handle_tcp(krb5_context context, ret = handle_vanilla_tcp (context, config, &d[idx]); } else if(enable_http && d[idx].len >= 4 && - strncmp((char *)d[idx].buf, "GET ", 4) == 0 && + strncmp((char *)d[idx].buf, "GET ", 4) == 0 && strncmp((char *)d[idx].buf + d[idx].len - 4, "\r\n\r\n", 4) == 0) { + + /* remove the trailing \r\n\r\n so the string is NUL terminated */ + d[idx].buf[d[idx].len - 4] = '\0'; + ret = handle_http_tcp (context, config, &d[idx]); if (ret < 0) clear_descr (d + idx); } else if (d[idx].len > 4) { - kdc_log (context, config, + kdc_log (context, config, 0, "TCP data of strange type from %s to %s/%d", - d[idx].addr_string, descr_type(d + idx), + d[idx].addr_string, descr_type(d + idx), ntohs(d[idx].port)); if (d[idx].buf[0] & 0x80) { krb5_data reply; @@ -812,18 +832,18 @@ handle_tcp(krb5_context context, if (ret < 0) return; else if (ret == 1) { - do_request(context, config, + do_request(context, config, d[idx].buf, d[idx].len, TRUE, &d[idx]); clear_descr(d + idx); } } void -loop(krb5_context context, +loop(krb5_context context, krb5_kdc_configuration *config) { struct descr *d; - int ndescr; + unsigned int ndescr; ndescr = init_sockets(context, config, &d); if(ndescr <= 0) @@ -834,25 +854,29 @@ loop(krb5_context context, fd_set fds; int min_free = -1; int max_fd = 0; - int i; + size_t i; FD_ZERO(&fds); for(i = 0; i < ndescr; i++) { - if(d[i].s >= 0){ - if(d[i].type == SOCK_STREAM && + if(!rk_IS_BAD_SOCKET(d[i].s)){ + if(d[i].type == SOCK_STREAM && d[i].timeout && d[i].timeout < time(NULL)) { - kdc_log(context, config, 1, + kdc_log(context, config, 1, "TCP-connection from %s expired after %lu bytes", d[i].addr_string, (unsigned long)d[i].len); clear_descr(&d[i]); continue; } +#ifndef NO_LIMIT_FD_SETSIZE if(max_fd < d[i].s) max_fd = d[i].s; +#ifdef FD_SETSIZE if (max_fd >= FD_SETSIZE) krb5_errx(context, 1, "fd too large"); +#endif +#endif FD_SET(d[i].s, &fds); - } else if(min_free < 0 || i < min_free) + } else if(min_free < 0 || i < (size_t)min_free) min_free = i; } if(min_free == -1){ @@ -870,7 +894,7 @@ loop(krb5_context context, ndescr += 4; } } - + tmout.tv_sec = TCP_TIMEOUT; tmout.tv_usec = 0; switch(select(max_fd + 1, &fds, 0, 0, &tmout)){ @@ -878,11 +902,11 @@ loop(krb5_context context, break; case -1: if (errno != EINTR) - krb5_warn(context, errno, "select"); + krb5_warn(context, rk_SOCK_ERRNO, "select"); break; default: for(i = 0; i < ndescr; i++) - if(d[i].s >= 0 && FD_ISSET(d[i].s, &fds)) { + if(!rk_IS_BAD_SOCKET(d[i].s) && FD_ISSET(d[i].s, &fds)) { if(d[i].type == SOCK_DGRAM) handle_udp(context, config, &d[i]); else if(d[i].type == SOCK_STREAM) @@ -890,8 +914,11 @@ loop(krb5_context context, } } } - if(exit_flag == SIGXCPU) + if (0); +#ifdef SIGXCPU + else if(exit_flag == SIGXCPU) kdc_log(context, config, 0, "CPU time limit exceeded"); +#endif else if(exit_flag == SIGINT || exit_flag == SIGTERM) kdc_log(context, config, 0, "Terminated"); else diff --git a/kdc/default_config.c b/kdc/default_config.c index 5f336e3275db..6fbf5fdae156 100644 --- a/kdc/default_config.c +++ b/kdc/default_config.c @@ -1,43 +1,42 @@ /* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * All rights reserved. + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" #include #include -RCSID("$Id: default_config.c 21405 2007-07-04 10:35:45Z lha $"); - krb5_error_code krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config) { @@ -45,21 +44,21 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config) c = calloc(1, sizeof(*c)); if (c == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } c->require_preauth = TRUE; c->kdc_warn_pwexpire = 0; c->encode_as_rep_as_tgs_rep = FALSE; + c->as_use_strongest_session_key = FALSE; + c->preauth_use_strongest_session_key = FALSE; + c->tgs_use_strongest_session_key = FALSE; + c->use_strongest_server_key = TRUE; c->check_ticket_addresses = TRUE; c->allow_null_ticket_addresses = TRUE; c->allow_anonymous = FALSE; c->trpolicy = TRPOLICY_ALWAYS_CHECK; - c->enable_v4 = FALSE; - c->enable_kaserver = FALSE; - c->enable_524 = FALSE; - c->enable_v4_cross_realm = FALSE; c->enable_pkinit = FALSE; c->pkinit_princ_in_cert = TRUE; c->pkinit_require_binding = TRUE; @@ -68,32 +67,20 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config) c->logf = NULL; c->require_preauth = - krb5_config_get_bool_default(context, NULL, + krb5_config_get_bool_default(context, NULL, c->require_preauth, "kdc", "require-preauth", NULL); - c->enable_v4 = - krb5_config_get_bool_default(context, NULL, - c->enable_v4, - "kdc", "enable-kerberos4", NULL); - c->enable_v4_cross_realm = +#ifdef DIGEST + c->enable_digest = krb5_config_get_bool_default(context, NULL, - c->enable_v4_cross_realm, - "kdc", - "enable-kerberos4-cross-realm", NULL); - c->enable_524 = - krb5_config_get_bool_default(context, NULL, - c->enable_v4, - "kdc", "enable-524", NULL); - c->enable_digest = - krb5_config_get_bool_default(context, NULL, FALSE, "kdc", "enable-digest", NULL); { const char *digests; - digests = krb5_config_get_string(context, NULL, - "kdc", + digests = krb5_config_get_string(context, NULL, + "kdc", "digests_allowed", NULL); if (digests == NULL) digests = "ntlm-v2"; @@ -110,18 +97,20 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config) c->enable_digest = 0; } } +#endif - c->enable_kx509 = - krb5_config_get_bool_default(context, NULL, - FALSE, +#ifdef KX509 + c->enable_kx509 = + krb5_config_get_bool_default(context, NULL, + FALSE, "kdc", "enable-kx509", NULL); if (c->enable_kx509) { c->kx509_template = - krb5_config_get_string(context, NULL, + krb5_config_get_string(context, NULL, "kdc", "kx509_template", NULL); c->kx509_ca = - krb5_config_get_string(context, NULL, + krb5_config_get_string(context, NULL, "kdc", "kx509_ca", NULL); if (c->kx509_ca == NULL || c->kx509_template == NULL) { kdc_log(context, c, 0, @@ -129,27 +118,49 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config) c->enable_kx509 = FALSE; } } +#endif - c->check_ticket_addresses = - krb5_config_get_bool_default(context, NULL, - c->check_ticket_addresses, - "kdc", + c->as_use_strongest_session_key = + krb5_config_get_bool_default(context, NULL, + c->as_use_strongest_session_key, + "kdc", + "as-use-strongest-session-key", NULL); + c->preauth_use_strongest_session_key = + krb5_config_get_bool_default(context, NULL, + c->preauth_use_strongest_session_key, + "kdc", + "preauth-use-strongest-session-key", NULL); + c->tgs_use_strongest_session_key = + krb5_config_get_bool_default(context, NULL, + c->tgs_use_strongest_session_key, + "kdc", + "tgs-use-strongest-session-key", NULL); + c->use_strongest_server_key = + krb5_config_get_bool_default(context, NULL, + c->use_strongest_server_key, + "kdc", + "use-strongest-server-key", NULL); + + c->check_ticket_addresses = + krb5_config_get_bool_default(context, NULL, + c->check_ticket_addresses, + "kdc", "check-ticket-addresses", NULL); - c->allow_null_ticket_addresses = - krb5_config_get_bool_default(context, NULL, - c->allow_null_ticket_addresses, - "kdc", + c->allow_null_ticket_addresses = + krb5_config_get_bool_default(context, NULL, + c->allow_null_ticket_addresses, + "kdc", "allow-null-ticket-addresses", NULL); - c->allow_anonymous = - krb5_config_get_bool_default(context, NULL, + c->allow_anonymous = + krb5_config_get_bool_default(context, NULL, c->allow_anonymous, - "kdc", + "kdc", "allow-anonymous", NULL); c->max_datagram_reply_length = - krb5_config_get_int_default(context, - NULL, + krb5_config_get_int_default(context, + NULL, 1400, "kdc", "max-kdc-datagram-reply-length", @@ -158,8 +169,8 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config) { const char *trpolicy_str; - trpolicy_str = - krb5_config_get_string_default(context, NULL, "DEFAULT", "kdc", + trpolicy_str = + krb5_config_get_string_default(context, NULL, "DEFAULT", "kdc", "transited-policy", NULL); if(strcasecmp(trpolicy_str, "always-check") == 0) { c->trpolicy = TRPOLICY_ALWAYS_CHECK; @@ -167,119 +178,110 @@ krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config) c->trpolicy = TRPOLICY_ALLOW_PER_PRINCIPAL; } else if(strcasecmp(trpolicy_str, "always-honour-request") == 0) { c->trpolicy = TRPOLICY_ALWAYS_HONOUR_REQUEST; - } else if(strcasecmp(trpolicy_str, "DEFAULT") == 0) { + } else if(strcasecmp(trpolicy_str, "DEFAULT") == 0) { /* default */ } else { kdc_log(context, c, 0, "unknown transited-policy: %s, " - "reverting to default (always-check)", + "reverting to default (always-check)", trpolicy_str); } } - { - const char *p; - p = krb5_config_get_string (context, NULL, - "kdc", - "v4-realm", - NULL); - if(p != NULL) { - c->v4_realm = strdup(p); - if (c->v4_realm == NULL) - krb5_errx(context, 1, "out of memory"); - } else { - c->v4_realm = NULL; - } - } - - c->enable_kaserver = - krb5_config_get_bool_default(context, - NULL, - c->enable_kaserver, - "kdc", "enable-kaserver", NULL); - - c->encode_as_rep_as_tgs_rep = - krb5_config_get_bool_default(context, NULL, - c->encode_as_rep_as_tgs_rep, - "kdc", + krb5_config_get_bool_default(context, NULL, + c->encode_as_rep_as_tgs_rep, + "kdc", "encode_as_rep_as_tgs_rep", NULL); - + c->kdc_warn_pwexpire = krb5_config_get_time_default (context, NULL, c->kdc_warn_pwexpire, "kdc", "kdc_warn_pwexpire", NULL); -#ifdef PKINIT - c->enable_pkinit = - krb5_config_get_bool_default(context, - NULL, + c->enable_pkinit = + krb5_config_get_bool_default(context, + NULL, c->enable_pkinit, "kdc", "enable-pkinit", NULL); - if (c->enable_pkinit) { - const char *user_id, *anchors, *ocsp_file; - char **pool_list, **revoke_list; - user_id = - krb5_config_get_string(context, NULL, - "kdc", "pkinit_identity", NULL); - if (user_id == NULL) - krb5_errx(context, 1, "pkinit enabled but no identity"); - - anchors = krb5_config_get_string(context, NULL, - "kdc", "pkinit_anchors", NULL); - if (anchors == NULL) - krb5_errx(context, 1, "pkinit enabled but no X509 anchors"); - - pool_list = - krb5_config_get_strings(context, NULL, - "kdc", "pkinit_pool", NULL); - - revoke_list = - krb5_config_get_strings(context, NULL, - "kdc", "pkinit_revoke", NULL); - - ocsp_file = - krb5_config_get_string(context, NULL, - "kdc", "pkinit_kdc_ocsp", NULL); - if (ocsp_file) { - c->pkinit_kdc_ocsp_file = strdup(ocsp_file); - if (c->pkinit_kdc_ocsp_file == NULL) - krb5_errx(context, 1, "out of memory"); - } - - _kdc_pk_initialize(context, c, user_id, anchors, - pool_list, revoke_list); - - krb5_config_free_strings(pool_list); - krb5_config_free_strings(revoke_list); - - c->pkinit_princ_in_cert = - krb5_config_get_bool_default(context, NULL, - c->pkinit_princ_in_cert, - "kdc", - "pkinit_principal_in_certificate", - NULL); - - c->pkinit_require_binding = - krb5_config_get_bool_default(context, NULL, - c->pkinit_require_binding, - "kdc", - "pkinit_win2k_require_binding", - NULL); - } + c->pkinit_kdc_identity = + krb5_config_get_string(context, NULL, + "kdc", "pkinit_identity", NULL); + c->pkinit_kdc_anchors = + krb5_config_get_string(context, NULL, + "kdc", "pkinit_anchors", NULL); + c->pkinit_kdc_cert_pool = + krb5_config_get_strings(context, NULL, + "kdc", "pkinit_pool", NULL); + c->pkinit_kdc_revoke = + krb5_config_get_strings(context, NULL, + "kdc", "pkinit_revoke", NULL); + c->pkinit_kdc_ocsp_file = + krb5_config_get_string(context, NULL, + "kdc", "pkinit_kdc_ocsp", NULL); + c->pkinit_kdc_friendly_name = + krb5_config_get_string(context, NULL, + "kdc", "pkinit_kdc_friendly_name", NULL); + c->pkinit_princ_in_cert = + krb5_config_get_bool_default(context, NULL, + c->pkinit_princ_in_cert, + "kdc", + "pkinit_principal_in_certificate", + NULL); + c->pkinit_require_binding = + krb5_config_get_bool_default(context, NULL, + c->pkinit_require_binding, + "kdc", + "pkinit_win2k_require_binding", + NULL); c->pkinit_dh_min_bits = - krb5_config_get_int_default(context, NULL, + krb5_config_get_int_default(context, NULL, 0, "kdc", "pkinit_dh_min_bits", NULL); -#endif - *config = c; return 0; } + +krb5_error_code +krb5_kdc_pkinit_config(krb5_context context, krb5_kdc_configuration *config) +{ +#ifdef PKINIT +#ifdef __APPLE__ + config->enable_pkinit = 1; + + if (config->pkinit_kdc_identity == NULL) { + if (config->pkinit_kdc_friendly_name == NULL) + config->pkinit_kdc_friendly_name = + strdup("O=System Identity,CN=com.apple.kerberos.kdc"); + config->pkinit_kdc_identity = strdup("KEYCHAIN:"); + } + if (config->pkinit_kdc_anchors == NULL) + config->pkinit_kdc_anchors = strdup("KEYCHAIN:"); + +#endif /* __APPLE__ */ + + if (config->enable_pkinit) { + if (config->pkinit_kdc_identity == NULL) + krb5_errx(context, 1, "pkinit enabled but no identity"); + + if (config->pkinit_kdc_anchors == NULL) + krb5_errx(context, 1, "pkinit enabled but no X509 anchors"); + + krb5_kdc_pk_initialize(context, config, + config->pkinit_kdc_identity, + config->pkinit_kdc_anchors, + config->pkinit_kdc_cert_pool, + config->pkinit_kdc_revoke); + + } + + return 0; +#endif /* PKINIT */ +} diff --git a/kdc/digest-service.c b/kdc/digest-service.c new file mode 100644 index 000000000000..4d339a2ddd35 --- /dev/null +++ b/kdc/digest-service.c @@ -0,0 +1,282 @@ +/* + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#define HC_DEPRECATED_CRYPTO + +#include "headers.h" +#include +#include +#include +#include + +typedef struct pk_client_params pk_client_params; +struct DigestREQ; +struct Kx509Request; +#include + +krb5_kdc_configuration *config; + +static void +ntlm_service(void *ctx, const heim_idata *req, + const heim_icred cred, + heim_ipc_complete complete, + heim_sipc_call cctx) +{ + NTLMRequest2 ntq; + unsigned char sessionkey[16]; + heim_idata rep = { 0, NULL }; + krb5_context context = ctx; + hdb_entry_ex *user = NULL; + Key *key = NULL; + NTLMReply ntp; + size_t size; + int ret; + const char *domain; + + kdc_log(context, config, 1, "digest-request: uid=%d", + (int)heim_ipc_cred_get_uid(cred)); + + if (heim_ipc_cred_get_uid(cred) != 0) { + (*complete)(cctx, EPERM, NULL); + return; + } + + ntp.success = 0; + ntp.flags = 0; + ntp.sessionkey = NULL; + + ret = decode_NTLMRequest2(req->data, req->length, &ntq, NULL); + if (ret) + goto failed; + + /* XXX forward to NetrLogonSamLogonEx() if not a local domain */ + if (strcmp(ntq.loginDomainName, "BUILTIN") == 0) { + domain = ntq.loginDomainName; + } else if (strcmp(ntq.loginDomainName, "") == 0) { + domain = "BUILTIN"; + } else { + ret = EINVAL; + goto failed; + } + + kdc_log(context, config, 1, "digest-request: user=%s/%s", + ntq.loginUserName, domain); + + if (ntq.lmchallenge.length != 8) + goto failed; + + if (ntq.ntChallengeResponce.length == 0) + goto failed; + + { + krb5_principal client; + + ret = krb5_make_principal(context, &client, domain, + ntq.loginUserName, NULL); + if (ret) + goto failed; + + krb5_principal_set_type(context, client, KRB5_NT_NTLM); + + ret = _kdc_db_fetch(context, config, client, + HDB_F_GET_CLIENT, NULL, NULL, &user); + krb5_free_principal(context, client); + if (ret) + goto failed; + + ret = hdb_enctype2key(context, &user->entry, + ETYPE_ARCFOUR_HMAC_MD5, &key); + if (ret) { + krb5_set_error_message(context, ret, "NTLM missing arcfour key"); + goto failed; + } + } + + kdc_log(context, config, 2, + "digest-request: found user, processing ntlm request", ret); + + if (ntq.ntChallengeResponce.length != 24) { + struct ntlm_buf infotarget, answer; + + answer.length = ntq.ntChallengeResponce.length; + answer.data = ntq.ntChallengeResponce.data; + + ret = heim_ntlm_verify_ntlm2(key->key.keyvalue.data, + key->key.keyvalue.length, + ntq.loginUserName, + ntq.loginDomainName, + 0, + ntq.lmchallenge.data, + &answer, + &infotarget, + sessionkey); + if (ret) { + goto failed; + } + + free(infotarget.data); + /* XXX verify info target */ + + } else { + struct ntlm_buf answer; + + if (ntq.flags & NTLM_NEG_NTLM2_SESSION) { + unsigned char sessionhash[MD5_DIGEST_LENGTH]; + EVP_MD_CTX *md5ctx; + + /* the first first 8 bytes is the challenge, what is the other 16 bytes ? */ + if (ntq.lmChallengeResponce.length != 24) + goto failed; + + md5ctx = EVP_MD_CTX_create(); + EVP_DigestInit_ex(md5ctx, EVP_md5(), NULL); + EVP_DigestUpdate(md5ctx, ntq.lmchallenge.data, 8); + EVP_DigestUpdate(md5ctx, ntq.lmChallengeResponce.data, 8); + EVP_DigestFinal_ex(md5ctx, sessionhash, NULL); + EVP_MD_CTX_destroy(md5ctx); + memcpy(ntq.lmchallenge.data, sessionhash, ntq.lmchallenge.length); + } + + ret = heim_ntlm_calculate_ntlm1(key->key.keyvalue.data, + key->key.keyvalue.length, + ntq.lmchallenge.data, &answer); + if (ret) + goto failed; + + if (ntq.ntChallengeResponce.length != answer.length || + memcmp(ntq.ntChallengeResponce.data, answer.data, answer.length) != 0) { + free(answer.data); + ret = EINVAL; + goto failed; + } + free(answer.data); + + { + EVP_MD_CTX *ctxp; + + ctxp = EVP_MD_CTX_create(); + EVP_DigestInit_ex(ctxp, EVP_md4(), NULL); + EVP_DigestUpdate(ctxp, key->key.keyvalue.data, key->key.keyvalue.length); + EVP_DigestFinal_ex(ctxp, sessionkey, NULL); + EVP_MD_CTX_destroy(ctxp); + } + } + + ntp.success = 1; + + ASN1_MALLOC_ENCODE(NTLMReply, rep.data, rep.length, &ntp, &size, ret); + if (ret) + goto failed; + if (rep.length != size) + abort(); + + failed: + kdc_log(context, config, 1, "digest-request: %d", ret); + + (*complete)(cctx, ret, &rep); + + free(rep.data); + + free_NTLMRequest2(&ntq); + if (user) + _kdc_free_ent (context, user); +} + +static int help_flag; +static int version_flag; + +static struct getargs args[] = { + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 'v', arg_flag, &version_flag, NULL, NULL } +}; + +static int num_args = sizeof(args) / sizeof(args[0]); + +static void +usage(int ret) +{ + arg_printusage (args, num_args, NULL, ""); + exit (ret); +} + +int +main(int argc, char **argv) +{ + krb5_context context; + int ret, optidx = 0; + + setprogname(argv[0]); + + if (getarg(args, num_args, argc, argv, &optidx)) + usage(1); + + if (help_flag) + usage(0); + + if (version_flag) { + print_version(NULL); + exit(0); + } + + ret = krb5_init_context(&context); + if (ret) + krb5_errx(context, 1, "krb5_init_context"); + + ret = krb5_kdc_get_config(context, &config); + if (ret) + krb5_err(context, 1, ret, "krb5_kdc_default_config"); + + kdc_openlog(context, "digest-service", config); + + ret = krb5_kdc_set_dbinfo(context, config); + if (ret) + krb5_err(context, 1, ret, "krb5_kdc_set_dbinfo"); + +#if __APPLE__ + { + heim_sipc mach; + heim_sipc_launchd_mach_init("org.h5l.ntlm-service", + ntlm_service, context, &mach); + heim_sipc_timeout(60); + } +#endif + { + heim_sipc un; + heim_sipc_service_unix("org.h5l.ntlm-service", ntlm_service, NULL, &un); + } + + heim_ipc_main(); + return 0; +} diff --git a/kdc/digest.c b/kdc/digest.c index b845b0f9a894..5f0d27441a23 100644 --- a/kdc/digest.c +++ b/kdc/digest.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" #include -RCSID("$Id: digest.c 22374 2007-12-28 18:36:52Z lha $"); +#ifdef DIGEST #define MS_CHAP_V2 0x20 #define CHAP_MD5 0x10 @@ -44,13 +44,13 @@ RCSID("$Id: digest.c 22374 2007-12-28 18:36:52Z lha $"); #define NTLM_V1 0x01 const struct units _kdc_digestunits[] = { - {"ms-chap-v2", 1U << 5}, - {"chap-md5", 1U << 4}, - {"digest-md5", 1U << 3}, - {"ntlm-v2", 1U << 2}, - {"ntlm-v1-session", 1U << 1}, - {"ntlm-v1", 1U << 0}, - {NULL, 0} + {"ms-chap-v2", 1U << 5}, + {"chap-md5", 1U << 4}, + {"digest-md5", 1U << 3}, + {"ntlm-v2", 1U << 2}, + {"ntlm-v1-session", 1U << 1}, + {"ntlm-v1", 1U << 0}, + {NULL, 0} }; @@ -63,7 +63,7 @@ get_digest_key(krb5_context context, krb5_error_code ret; krb5_enctype enctype; Key *key; - + ret = _kdc_get_preferred_key(context, config, server, @@ -115,17 +115,17 @@ fill_targetinfo(krb5_context context, ti.domainname = targetname; p = client->entry.principal; str = krb5_principal_get_comp_string(context, p, 0); - if (str != NULL && - (strcmp("host", str) == 0 || + if (str != NULL && + (strcmp("host", str) == 0 || strcmp("ftp", str) == 0 || strcmp("imap", str) == 0 || strcmp("pop", str) == 0 || strcmp("smtp", str))) - { - str = krb5_principal_get_comp_string(context, p, 1); - ti.dnsservername = rk_UNCONST(str); - } - + { + str = krb5_principal_get_comp_string(context, p, 1); + ti.dnsservername = rk_UNCONST(str); + } + ret = heim_ntlm_encode_targetinfo(&ti, 1, &d); if (ret) return ret; @@ -177,7 +177,7 @@ get_password_entry(krb5_context context, return ret; ret = _kdc_db_fetch(context, config, clientprincipal, - HDB_F_GET_CLIENT, &db, &user); + HDB_F_GET_CLIENT, NULL, &db, &user); krb5_free_principal(context, clientprincipal); if (ret) return ret; @@ -186,7 +186,7 @@ get_password_entry(krb5_context context, if (ret || password == NULL) { if (ret == 0) { ret = EINVAL; - krb5_set_error_string(context, "password missing"); + krb5_set_error_message(context, ret, "password missing"); } memset(user, 0, sizeof(*user)); } @@ -199,9 +199,9 @@ get_password_entry(krb5_context context, */ krb5_error_code -_kdc_do_digest(krb5_context context, +_kdc_do_digest(krb5_context context, krb5_kdc_configuration *config, - const DigestREQ *req, krb5_data *reply, + const struct DigestREQ *req, krb5_data *reply, const char *from, struct sockaddr *addr) { krb5_error_code ret = 0; @@ -223,7 +223,7 @@ _kdc_do_digest(krb5_context context, krb5_data serverNonce; if(!config->enable_digest) { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "Rejected digest request (disabled) from %s", from); return KRB5KDC_ERR_POLICY; } @@ -234,6 +234,7 @@ _kdc_do_digest(krb5_context context, memset(&ireq, 0, sizeof(ireq)); memset(&r, 0, sizeof(r)); memset(&rep, 0, sizeof(rep)); + memset(&res, 0, sizeof(res)); kdc_log(context, config, 0, "Digest request from %s", from); @@ -243,7 +244,7 @@ _kdc_do_digest(krb5_context context, goto out; } - ret = krb5_rd_req(context, + ret = krb5_rd_req(context, &ac, &req->apReq, NULL, @@ -256,14 +257,14 @@ _kdc_do_digest(krb5_context context, /* check the server principal in the ticket matches digest/R@R */ { krb5_principal principal = NULL; - const char *p, *r; + const char *p, *rr; ret = krb5_ticket_get_server(context, ticket, &principal); if (ret) goto out; ret = EINVAL; - krb5_set_error_string(context, "Wrong digest server principal used"); + krb5_set_error_message(context, ret, "Wrong digest server principal used"); p = krb5_principal_get_comp_string(context, principal, 0); if (p == NULL) { krb5_free_principal(context, principal); @@ -279,19 +280,19 @@ _kdc_do_digest(krb5_context context, krb5_free_principal(context, principal); goto out; } - r = krb5_principal_get_realm(context, principal); - if (r == NULL) { + rr = krb5_principal_get_realm(context, principal); + if (rr == NULL) { krb5_free_principal(context, principal); goto out; } - if (strcmp(p, r) != 0) { + if (strcmp(p, rr) != 0) { krb5_free_principal(context, principal); goto out; } - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = _kdc_db_fetch(context, config, principal, - HDB_F_GET_SERVER, NULL, &server); + HDB_F_GET_SERVER, NULL, NULL, &server); if (ret) goto out; @@ -313,19 +314,19 @@ _kdc_do_digest(krb5_context context, } ret = _kdc_db_fetch(context, config, principal, - HDB_F_GET_CLIENT, NULL, &client); + HDB_F_GET_CLIENT, NULL, NULL, &client); krb5_free_principal(context, principal); if (ret) goto out; if (client->entry.flags.allow_digest == 0) { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "Client %s tried to use digest " - "but is not allowed to", + "but is not allowed to", client_name); - krb5_set_error_string(context, - "Client is not permitted to use digest"); ret = KRB5KDC_ERR_POLICY; + krb5_set_error_message(context, ret, + "Client is not permitted to use digest"); goto out; } } @@ -338,8 +339,8 @@ _kdc_do_digest(krb5_context context, if (ret) goto out; if (key == NULL) { - krb5_set_error_string(context, "digest: remote subkey not found"); ret = EINVAL; + krb5_set_error_message(context, ret, "digest: remote subkey not found"); goto out; } @@ -355,15 +356,15 @@ _kdc_do_digest(krb5_context context, crypto = NULL; if (ret) goto out; - + ret = decode_DigestReqInner(buf.data, buf.length, &ireq, NULL); krb5_data_free(&buf); if (ret) { - krb5_set_error_string(context, "Failed to decode digest inner request"); + krb5_set_error_message(context, ret, "Failed to decode digest inner request"); goto out; } - kdc_log(context, config, 0, "Valid digest request from %s (%s)", + kdc_log(context, config, 0, "Valid digest request from %s (%s)", client_name, from); /* @@ -386,20 +387,20 @@ _kdc_do_digest(krb5_context context, hex_encode(server_nonce, sizeof(server_nonce), &r.u.initReply.nonce); if (r.u.initReply.nonce == NULL) { - krb5_set_error_string(context, "Failed to decode server nonce"); ret = ENOMEM; + krb5_set_error_message(context, ret, "Failed to decode server nonce"); goto out; } sp = krb5_storage_emem(); if (sp == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } ret = krb5_store_stringz(sp, ireq.u.init.type); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } @@ -410,34 +411,34 @@ _kdc_do_digest(krb5_context context, ireq.u.init.channel->cb_type, ireq.u.init.channel->cb_binding); if (s == NULL) { - krb5_set_error_string(context, "Failed to allocate " - "channel binding"); ret = ENOMEM; + krb5_set_error_message(context, ret, + "Failed to allocate channel binding"); goto out; } free(r.u.initReply.nonce); r.u.initReply.nonce = s; } - + ret = krb5_store_stringz(sp, r.u.initReply.nonce); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } if (strcasecmp(ireq.u.init.type, "CHAP") == 0) { - r.u.initReply.identifier = + r.u.initReply.identifier = malloc(sizeof(*r.u.initReply.identifier)); if (r.u.initReply.identifier == NULL) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } asprintf(r.u.initReply.identifier, "%02X", identifier & 0xff); if (*r.u.initReply.identifier == NULL) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } @@ -447,14 +448,14 @@ _kdc_do_digest(krb5_context context, if (ireq.u.init.hostname) { ret = krb5_store_stringz(sp, *ireq.u.init.hostname); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } } ret = krb5_storage_to_data(sp, &buf); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } @@ -474,12 +475,12 @@ _kdc_do_digest(krb5_context context, krb5_data_free(&buf); if (ret) goto out; - + ASN1_MALLOC_ENCODE(Checksum, buf.data, buf.length, &res, &size, ret); free_Checksum(&res); if (ret) { - krb5_set_error_string(context, "Failed to encode " - "checksum in digest request"); + krb5_set_error_message(context, ret, "Failed to encode " + "checksum in digest request"); goto out; } if (size != buf.length) @@ -487,8 +488,9 @@ _kdc_do_digest(krb5_context context, hex_encode(buf.data, buf.length, &r.u.initReply.opaque); free(buf.data); + krb5_data_zero(&buf); if (r.u.initReply.opaque == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = ENOMEM; goto out; } @@ -502,12 +504,12 @@ _kdc_do_digest(krb5_context context, sp = krb5_storage_emem(); if (sp == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } ret = krb5_store_stringz(sp, ireq.u.digestRequest.type); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } @@ -516,7 +518,7 @@ _kdc_do_digest(krb5_context context, if (ireq.u.digestRequest.hostname) { ret = krb5_store_stringz(sp, *ireq.u.digestRequest.hostname); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } } @@ -524,52 +526,54 @@ _kdc_do_digest(krb5_context context, buf.length = strlen(ireq.u.digestRequest.opaque); buf.data = malloc(buf.length); if (buf.data == NULL) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } ret = hex_decode(ireq.u.digestRequest.opaque, buf.data, buf.length); if (ret <= 0) { - krb5_set_error_string(context, "Failed to decode opaque"); ret = ENOMEM; + krb5_set_error_message(context, ret, "Failed to decode opaque"); goto out; } buf.length = ret; ret = decode_Checksum(buf.data, buf.length, &res, NULL); free(buf.data); + krb5_data_zero(&buf); if (ret) { - krb5_set_error_string(context, "Failed to decode digest Checksum"); + krb5_set_error_message(context, ret, + "Failed to decode digest Checksum"); goto out; } - + ret = krb5_storage_to_data(sp, &buf); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } serverNonce.length = strlen(ireq.u.digestRequest.serverNonce); serverNonce.data = malloc(serverNonce.length); if (serverNonce.data == NULL) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } - + /* * CHAP does the checksum of the raw nonce, but do it for all * types, since we need to check the timestamp. */ { ssize_t ssize; - - ssize = hex_decode(ireq.u.digestRequest.serverNonce, + + ssize = hex_decode(ireq.u.digestRequest.serverNonce, serverNonce.data, serverNonce.length); if (ssize <= 0) { - krb5_set_error_string(context, "Failed to decode serverNonce"); ret = ENOMEM; + krb5_set_error_message(context, ret, "Failed to decode serverNonce"); goto out; } serverNonce.length = ssize; @@ -579,9 +583,11 @@ _kdc_do_digest(krb5_context context, if (ret) goto out; - ret = krb5_verify_checksum(context, crypto, + ret = krb5_verify_checksum(context, crypto, KRB5_KU_DIGEST_OPAQUE, buf.data, buf.length, &res); + free_Checksum(&res); + krb5_data_free(&buf); krb5_crypto_destroy(context, crypto); crypto = NULL; if (ret) @@ -591,26 +597,26 @@ _kdc_do_digest(krb5_context context, { unsigned char *p = serverNonce.data; uint32_t t; - + if (serverNonce.length < 4) { - krb5_set_error_string(context, "server nonce too short"); ret = EINVAL; + krb5_set_error_message(context, ret, "server nonce too short"); goto out; } t = p[0] | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); if (abs((kdc_time & 0xffffffff) - t) > context->max_skew) { - krb5_set_error_string(context, "time screw in server nonce "); ret = EINVAL; + krb5_set_error_message(context, ret, "time screw in server nonce "); goto out; } } if (strcasecmp(ireq.u.digestRequest.type, "CHAP") == 0) { - MD5_CTX ctx; + EVP_MD_CTX *ctx; unsigned char md[MD5_DIGEST_LENGTH]; char *mdx; - char id; + char idx; if ((config->digests_allowed & CHAP_MD5) == 0) { kdc_log(context, config, 0, "Digest CHAP MD5 not allowed"); @@ -618,33 +624,37 @@ _kdc_do_digest(krb5_context context, } if (ireq.u.digestRequest.identifier == NULL) { - krb5_set_error_string(context, "Identifier missing " - "from CHAP request"); ret = EINVAL; + krb5_set_error_message(context, ret, "Identifier missing " + "from CHAP request"); goto out; } - - if (hex_decode(*ireq.u.digestRequest.identifier, &id, 1) != 1) { - krb5_set_error_string(context, "failed to decode identifier"); + + if (hex_decode(*ireq.u.digestRequest.identifier, &idx, 1) != 1) { ret = EINVAL; + krb5_set_error_message(context, ret, "failed to decode identifier"); goto out; } - - ret = get_password_entry(context, config, + + ret = get_password_entry(context, config, ireq.u.digestRequest.username, &password); if (ret) goto out; - MD5_Init(&ctx); - MD5_Update(&ctx, &id, 1); - MD5_Update(&ctx, password, strlen(password)); - MD5_Update(&ctx, serverNonce.data, serverNonce.length); - MD5_Final(md, &ctx); + ctx = EVP_MD_CTX_create(); + + EVP_DigestInit_ex(ctx, EVP_md5(), NULL); + EVP_DigestUpdate(ctx, &idx, 1); + EVP_DigestUpdate(ctx, password, strlen(password)); + EVP_DigestUpdate(ctx, serverNonce.data, serverNonce.length); + EVP_DigestFinal_ex(ctx, md, NULL); + + EVP_MD_CTX_destroy(ctx); hex_encode(md, sizeof(md), &mdx); if (mdx == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = ENOMEM; goto out; } @@ -656,14 +666,14 @@ _kdc_do_digest(krb5_context context, if (ret == 0) { r.u.response.success = TRUE; } else { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "CHAP reply mismatch for %s", ireq.u.digestRequest.username); r.u.response.success = FALSE; } } else if (strcasecmp(ireq.u.digestRequest.type, "SASL-DIGEST-MD5") == 0) { - MD5_CTX ctx; + EVP_MD_CTX *ctx; unsigned char md[MD5_DIGEST_LENGTH]; char *mdx; char *A1, *A2; @@ -673,97 +683,104 @@ _kdc_do_digest(krb5_context context, goto out; } - if (ireq.u.digestRequest.nonceCount == NULL) + if (ireq.u.digestRequest.nonceCount == NULL) goto out; - if (ireq.u.digestRequest.clientNonce == NULL) + if (ireq.u.digestRequest.clientNonce == NULL) goto out; - if (ireq.u.digestRequest.qop == NULL) + if (ireq.u.digestRequest.qop == NULL) goto out; - if (ireq.u.digestRequest.realm == NULL) + if (ireq.u.digestRequest.realm == NULL) goto out; - - ret = get_password_entry(context, config, + + ret = get_password_entry(context, config, ireq.u.digestRequest.username, &password); if (ret) goto failed; - MD5_Init(&ctx); - MD5_Update(&ctx, ireq.u.digestRequest.username, + ctx = EVP_MD_CTX_create(); + + EVP_DigestInit_ex(ctx, EVP_md5(), NULL); + EVP_DigestUpdate(ctx, ireq.u.digestRequest.username, strlen(ireq.u.digestRequest.username)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, *ireq.u.digestRequest.realm, + EVP_DigestUpdate(ctx, ":", 1); + EVP_DigestUpdate(ctx, *ireq.u.digestRequest.realm, strlen(*ireq.u.digestRequest.realm)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, password, strlen(password)); - MD5_Final(md, &ctx); - - MD5_Init(&ctx); - MD5_Update(&ctx, md, sizeof(md)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, ireq.u.digestRequest.serverNonce, + EVP_DigestUpdate(ctx, ":", 1); + EVP_DigestUpdate(ctx, password, strlen(password)); + EVP_DigestFinal_ex(ctx, md, NULL); + + EVP_DigestInit_ex(ctx, EVP_md5(), NULL); + EVP_DigestUpdate(ctx, md, sizeof(md)); + EVP_DigestUpdate(ctx, ":", 1); + EVP_DigestUpdate(ctx, ireq.u.digestRequest.serverNonce, strlen(ireq.u.digestRequest.serverNonce)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, *ireq.u.digestRequest.nonceCount, + EVP_DigestUpdate(ctx, ":", 1); + EVP_DigestUpdate(ctx, *ireq.u.digestRequest.nonceCount, strlen(*ireq.u.digestRequest.nonceCount)); if (ireq.u.digestRequest.authid) { - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, *ireq.u.digestRequest.authid, + EVP_DigestUpdate(ctx, ":", 1); + EVP_DigestUpdate(ctx, *ireq.u.digestRequest.authid, strlen(*ireq.u.digestRequest.authid)); } - MD5_Final(md, &ctx); + EVP_DigestFinal_ex(ctx, md, NULL); hex_encode(md, sizeof(md), &A1); if (A1 == NULL) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); + EVP_MD_CTX_destroy(ctx); goto failed; } - - MD5_Init(&ctx); - MD5_Update(&ctx, "AUTHENTICATE:", sizeof("AUTHENTICATE:") - 1); - MD5_Update(&ctx, *ireq.u.digestRequest.uri, + + EVP_DigestInit_ex(ctx, EVP_md5(), NULL); + EVP_DigestUpdate(ctx, + "AUTHENTICATE:", sizeof("AUTHENTICATE:") - 1); + EVP_DigestUpdate(ctx, *ireq.u.digestRequest.uri, strlen(*ireq.u.digestRequest.uri)); - + /* conf|int */ if (strcmp(ireq.u.digestRequest.digest, "clear") != 0) { static char conf_zeros[] = ":00000000000000000000000000000000"; - MD5_Update(&ctx, conf_zeros, sizeof(conf_zeros) - 1); + EVP_DigestUpdate(ctx, conf_zeros, sizeof(conf_zeros) - 1); } - - MD5_Final(md, &ctx); + + EVP_DigestFinal_ex(ctx, md, NULL); + hex_encode(md, sizeof(md), &A2); if (A2 == NULL) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); free(A1); goto failed; } - MD5_Init(&ctx); - MD5_Update(&ctx, A1, strlen(A2)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, ireq.u.digestRequest.serverNonce, + EVP_DigestInit_ex(ctx, EVP_md5(), NULL); + EVP_DigestUpdate(ctx, A1, strlen(A2)); + EVP_DigestUpdate(ctx, ":", 1); + EVP_DigestUpdate(ctx, ireq.u.digestRequest.serverNonce, strlen(ireq.u.digestRequest.serverNonce)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, *ireq.u.digestRequest.nonceCount, + EVP_DigestUpdate(ctx, ":", 1); + EVP_DigestUpdate(ctx, *ireq.u.digestRequest.nonceCount, strlen(*ireq.u.digestRequest.nonceCount)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, *ireq.u.digestRequest.clientNonce, + EVP_DigestUpdate(ctx, ":", 1); + EVP_DigestUpdate(ctx, *ireq.u.digestRequest.clientNonce, strlen(*ireq.u.digestRequest.clientNonce)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, *ireq.u.digestRequest.qop, + EVP_DigestUpdate(ctx, ":", 1); + EVP_DigestUpdate(ctx, *ireq.u.digestRequest.qop, strlen(*ireq.u.digestRequest.qop)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, A2, strlen(A2)); + EVP_DigestUpdate(ctx, ":", 1); + EVP_DigestUpdate(ctx, A2, strlen(A2)); - MD5_Final(md, &ctx); + EVP_DigestFinal_ex(ctx, md, NULL); + + EVP_MD_CTX_destroy(ctx); free(A1); free(A2); hex_encode(md, sizeof(md), &mdx); if (mdx == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = ENOMEM; goto out; } @@ -774,7 +791,7 @@ _kdc_do_digest(krb5_context context, if (ret == 0) { r.u.response.success = TRUE; } else { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "DIGEST-MD5 reply mismatch for %s", ireq.u.digestRequest.username); r.u.response.success = FALSE; @@ -787,7 +804,7 @@ _kdc_do_digest(krb5_context context, const char *username; struct ntlm_buf answer; Key *key = NULL; - SHA_CTX ctx; + EVP_MD_CTX *ctp; if ((config->digests_allowed & MS_CHAP_V2) == 0) { kdc_log(context, config, 0, "MS-CHAP-V2 not allowed"); @@ -795,15 +812,15 @@ _kdc_do_digest(krb5_context context, } if (ireq.u.digestRequest.clientNonce == NULL) { - krb5_set_error_string(context, - "MS-CHAP-V2 clientNonce missing"); ret = EINVAL; + krb5_set_error_message(context, ret, + "MS-CHAP-V2 clientNonce missing"); goto failed; - } + } if (serverNonce.length != 16) { - krb5_set_error_string(context, - "MS-CHAP-V2 serverNonce wrong length"); ret = EINVAL; + krb5_set_error_message(context, ret, + "MS-CHAP-V2 serverNonce wrong length"); goto failed; } @@ -814,56 +831,64 @@ _kdc_do_digest(krb5_context context, else username++; + ctp = EVP_MD_CTX_create(); + /* ChallangeHash */ - SHA1_Init(&ctx); + EVP_DigestInit_ex(ctp, EVP_sha1(), NULL); { ssize_t ssize; krb5_data clientNonce; - + clientNonce.length = strlen(*ireq.u.digestRequest.clientNonce); clientNonce.data = malloc(clientNonce.length); if (clientNonce.data == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ret, + "malloc: out of memory"); + EVP_MD_CTX_destroy(ctp); goto out; } - ssize = hex_decode(*ireq.u.digestRequest.clientNonce, + ssize = hex_decode(*ireq.u.digestRequest.clientNonce, clientNonce.data, clientNonce.length); if (ssize != 16) { - krb5_set_error_string(context, - "Failed to decode clientNonce"); ret = ENOMEM; + krb5_set_error_message(context, ret, + "Failed to decode clientNonce"); + EVP_MD_CTX_destroy(ctp); goto out; } - SHA1_Update(&ctx, clientNonce.data, ssize); + EVP_DigestUpdate(ctp, clientNonce.data, ssize); free(clientNonce.data); } - SHA1_Update(&ctx, serverNonce.data, serverNonce.length); - SHA1_Update(&ctx, username, strlen(username)); - SHA1_Final(challange, &ctx); + EVP_DigestUpdate(ctp, serverNonce.data, serverNonce.length); + EVP_DigestUpdate(ctp, username, strlen(username)); + + EVP_DigestFinal_ex(ctp, challange, NULL); + + EVP_MD_CTX_destroy(ctp); /* NtPasswordHash */ ret = krb5_parse_name(context, username, &clientprincipal); if (ret) goto failed; - + ret = _kdc_db_fetch(context, config, clientprincipal, - HDB_F_GET_CLIENT, NULL, &user); + HDB_F_GET_CLIENT, NULL, NULL, &user); krb5_free_principal(context, clientprincipal); if (ret) { - krb5_set_error_string(context, - "MS-CHAP-V2 user %s not in database", - username); + krb5_set_error_message(context, ret, + "MS-CHAP-V2 user %s not in database", + username); goto failed; } - ret = hdb_enctype2key(context, &user->entry, + ret = hdb_enctype2key(context, &user->entry, ETYPE_ARCFOUR_HMAC_MD5, &key); if (ret) { - krb5_set_error_string(context, - "MS-CHAP-V2 missing arcfour key %s", - username); + krb5_set_error_message(context, ret, + "MS-CHAP-V2 missing arcfour key %s", + username); goto failed; } @@ -872,14 +897,14 @@ _kdc_do_digest(krb5_context context, key->key.keyvalue.length, challange, &answer); if (ret) { - krb5_set_error_string(context, "NTLM missing arcfour key"); + krb5_set_error_message(context, ret, "NTLM missing arcfour key"); goto failed; } - + hex_encode(answer.data, answer.length, &mdx); if (mdx == NULL) { free(answer.data); - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = ENOMEM; goto out; } @@ -889,7 +914,7 @@ _kdc_do_digest(krb5_context context, if (ret == 0) { r.u.response.success = TRUE; } else { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "MS-CHAP-V2 hash mismatch for %s", ireq.u.digestRequest.username); r.u.response.success = FALSE; @@ -898,34 +923,39 @@ _kdc_do_digest(krb5_context context, if (r.u.response.success) { unsigned char hashhash[MD4_DIGEST_LENGTH]; + EVP_MD_CTX *ctxp; + + ctxp = EVP_MD_CTX_create(); /* hashhash */ { - MD4_CTX hctx; - - MD4_Init(&hctx); - MD4_Update(&hctx, key->key.keyvalue.data, - key->key.keyvalue.length); - MD4_Final(hashhash, &hctx); + EVP_DigestInit_ex(ctxp, EVP_md4(), NULL); + EVP_DigestUpdate(ctxp, + key->key.keyvalue.data, + key->key.keyvalue.length); + EVP_DigestFinal_ex(ctxp, hashhash, NULL); } /* GenerateAuthenticatorResponse */ - SHA1_Init(&ctx); - SHA1_Update(&ctx, hashhash, sizeof(hashhash)); - SHA1_Update(&ctx, answer.data, answer.length); - SHA1_Update(&ctx, ms_chap_v2_magic1,sizeof(ms_chap_v2_magic1)); - SHA1_Final(md, &ctx); + EVP_DigestInit_ex(ctxp, EVP_sha1(), NULL); + EVP_DigestUpdate(ctxp, hashhash, sizeof(hashhash)); + EVP_DigestUpdate(ctxp, answer.data, answer.length); + EVP_DigestUpdate(ctxp, ms_chap_v2_magic1, + sizeof(ms_chap_v2_magic1)); + EVP_DigestFinal_ex(ctxp, md, NULL); - SHA1_Init(&ctx); - SHA1_Update(&ctx, md, sizeof(md)); - SHA1_Update(&ctx, challange, 8); - SHA1_Update(&ctx, ms_chap_v2_magic2, sizeof(ms_chap_v2_magic2)); - SHA1_Final(md, &ctx); + EVP_DigestInit_ex(ctxp, EVP_sha1(), NULL); + EVP_DigestUpdate(ctxp, md, sizeof(md)); + EVP_DigestUpdate(ctxp, challange, 8); + EVP_DigestUpdate(ctxp, ms_chap_v2_magic2, + sizeof(ms_chap_v2_magic2)); + EVP_DigestFinal_ex(ctxp, md, NULL); r.u.response.rsp = calloc(1, sizeof(*r.u.response.rsp)); if (r.u.response.rsp == NULL) { free(answer.data); - krb5_clear_error_string(context); + krb5_clear_error_message(context); + EVP_MD_CTX_destroy(ctxp); ret = ENOMEM; goto out; } @@ -933,42 +963,46 @@ _kdc_do_digest(krb5_context context, hex_encode(md, sizeof(md), r.u.response.rsp); if (r.u.response.rsp == NULL) { free(answer.data); - krb5_clear_error_string(context); + krb5_clear_error_message(context); + EVP_MD_CTX_destroy(ctxp); ret = ENOMEM; goto out; } /* get_master, rfc 3079 3.4 */ - SHA1_Init(&ctx); - SHA1_Update(&ctx, hashhash, 16); /* md4(hash) */ - SHA1_Update(&ctx, answer.data, answer.length); - SHA1_Update(&ctx, ms_rfc3079_magic1, sizeof(ms_rfc3079_magic1)); - SHA1_Final(md, &ctx); + EVP_DigestInit_ex(ctxp, EVP_sha1(), NULL); + EVP_DigestUpdate(ctxp, hashhash, 16); + EVP_DigestUpdate(ctxp, answer.data, answer.length); + EVP_DigestUpdate(ctxp, ms_rfc3079_magic1, + sizeof(ms_rfc3079_magic1)); + EVP_DigestFinal_ex(ctxp, md, NULL); free(answer.data); - r.u.response.session_key = + EVP_MD_CTX_destroy(ctxp); + + r.u.response.session_key = calloc(1, sizeof(*r.u.response.session_key)); if (r.u.response.session_key == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = ENOMEM; goto out; } ret = krb5_data_copy(r.u.response.session_key, md, 16); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } } } else { r.element = choice_DigestRepInner_error; - asprintf(&r.u.error.reason, "Unsupported digest type %s", + asprintf(&r.u.error.reason, "Unsupported digest type %s", ireq.u.digestRequest.type); if (r.u.error.reason == NULL) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } r.u.error.code = EINVAL; @@ -1002,7 +1036,7 @@ _kdc_do_digest(krb5_context context, goto failed; } - r.u.ntlmInitReply.flags |= + r.u.ntlmInitReply.flags |= NTLM_NEG_TARGET | NTLM_TARGET_DOMAIN | NTLM_ENC_128; @@ -1018,32 +1052,32 @@ _kdc_do_digest(krb5_context context, #undef ALL - r.u.ntlmInitReply.targetname = + r.u.ntlmInitReply.targetname = get_ntlm_targetname(context, client); if (r.u.ntlmInitReply.targetname == NULL) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } r.u.ntlmInitReply.challange.data = malloc(8); if (r.u.ntlmInitReply.challange.data == NULL) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } r.u.ntlmInitReply.challange.length = 8; if (RAND_bytes(r.u.ntlmInitReply.challange.data, - r.u.ntlmInitReply.challange.length) != 1) - { - krb5_set_error_string(context, "out of random error"); - ret = ENOMEM; - goto out; - } + r.u.ntlmInitReply.challange.length) != 1) + { + ret = ENOMEM; + krb5_set_error_message(context, ret, "out of random error"); + goto out; + } /* XXX fix targetinfo */ ALLOC(r.u.ntlmInitReply.targetinfo); if (r.u.ntlmInitReply.targetinfo == NULL) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } @@ -1052,37 +1086,37 @@ _kdc_do_digest(krb5_context context, client, r.u.ntlmInitReply.targetinfo); if (ret) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } - /* + /* * Save data encryted in opaque for the second part of the * ntlm authentication */ sp = krb5_storage_emem(); if (sp == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } - + ret = krb5_storage_write(sp, r.u.ntlmInitReply.challange.data, 8); if (ret != 8) { ret = ENOMEM; - krb5_set_error_string(context, "storage write challange"); + krb5_set_error_message(context, ret, "storage write challange"); goto out; } ret = krb5_store_uint32(sp, r.u.ntlmInitReply.flags); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } ret = krb5_storage_to_data(sp, &buf); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } @@ -1109,7 +1143,7 @@ _kdc_do_digest(krb5_context context, uint32_t flags; Key *key = NULL; int version; - + r.element = choice_DigestRepInner_ntlmResponse; r.u.ntlmResponse.success = 0; r.u.ntlmResponse.flags = 0; @@ -1124,11 +1158,11 @@ _kdc_do_digest(krb5_context context, goto failed; ret = _kdc_db_fetch(context, config, clientprincipal, - HDB_F_GET_CLIENT, NULL, &user); + HDB_F_GET_CLIENT, NULL, NULL, &user); krb5_free_principal(context, clientprincipal); if (ret) { - krb5_set_error_string(context, "NTLM user %s not in database", - ireq.u.ntlmRequest.username); + krb5_set_error_message(context, ret, "NTLM user %s not in database", + ireq.u.ntlmRequest.username); goto failed; } @@ -1142,7 +1176,7 @@ _kdc_do_digest(krb5_context context, krb5_crypto_destroy(context, crypto); crypto = NULL; if (ret) { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "Failed to decrypt nonce from %s", from); goto failed; } @@ -1150,33 +1184,35 @@ _kdc_do_digest(krb5_context context, sp = krb5_storage_from_data(&buf); if (sp == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } - + ret = krb5_storage_read(sp, challange, sizeof(challange)); if (ret != sizeof(challange)) { - krb5_set_error_string(context, "NTLM storage read challange"); ret = ENOMEM; + krb5_set_error_message(context, ret, "NTLM storage read challange"); goto out; } ret = krb5_ret_uint32(sp, &flags); if (ret) { - krb5_set_error_string(context, "NTLM storage read flags"); + krb5_set_error_message(context, ret, "NTLM storage read flags"); goto out; } + krb5_storage_free(sp); + sp = NULL; krb5_data_free(&buf); if ((flags & NTLM_NEG_NTLM) == 0) { ret = EINVAL; - krb5_set_error_string(context, "NTLM not negotiated"); + krb5_set_error_message(context, ret, "NTLM not negotiated"); goto out; } - ret = hdb_enctype2key(context, &user->entry, + ret = hdb_enctype2key(context, &user->entry, ETYPE_ARCFOUR_HMAC_MD5, &key); if (ret) { - krb5_set_error_string(context, "NTLM missing arcfour key"); + krb5_set_error_message(context, ret, "NTLM missing arcfour key"); goto out; } @@ -1194,8 +1230,8 @@ _kdc_do_digest(krb5_context context, targetname = get_ntlm_targetname(context, client); if (targetname == NULL) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } @@ -1213,7 +1249,7 @@ _kdc_do_digest(krb5_context context, sessionkey); free(targetname); if (ret) { - krb5_set_error_string(context, "NTLM v2 verify failed"); + krb5_set_error_message(context, ret, "NTLM v2 verify failed"); goto failed; } @@ -1229,8 +1265,8 @@ _kdc_do_digest(krb5_context context, if (flags & NTLM_NEG_NTLM2_SESSION) { unsigned char sessionhash[MD5_DIGEST_LENGTH]; - MD5_CTX md5ctx; - + EVP_MD_CTX *ctx; + if ((config->digests_allowed & NTLM_V1_SESSION) == 0) { kdc_log(context, config, 0, "NTLM v1-session not allowed"); ret = EINVAL; @@ -1238,91 +1274,105 @@ _kdc_do_digest(krb5_context context, } if (ireq.u.ntlmRequest.lm.length != 24) { - krb5_set_error_string(context, "LM hash have wrong length " - "for NTLM session key"); ret = EINVAL; + krb5_set_error_message(context, ret, "LM hash have wrong length " + "for NTLM session key"); goto failed; } - - MD5_Init(&md5ctx); - MD5_Update(&md5ctx, challange, sizeof(challange)); - MD5_Update(&md5ctx, ireq.u.ntlmRequest.lm.data, 8); - MD5_Final(sessionhash, &md5ctx); + + ctx = EVP_MD_CTX_create(); + + EVP_DigestInit_ex(ctx, EVP_md5(), NULL); + + EVP_DigestUpdate(ctx, challange, sizeof(challange)); + EVP_DigestUpdate(ctx, ireq.u.ntlmRequest.lm.data, 8); + EVP_DigestFinal_ex(ctx, sessionhash, NULL); memcpy(challange, sessionhash, sizeof(challange)); + + EVP_MD_CTX_destroy(ctx); + } else { if ((config->digests_allowed & NTLM_V1) == 0) { kdc_log(context, config, 0, "NTLM v1 not allowed"); goto failed; } } - + ret = heim_ntlm_calculate_ntlm1(key->key.keyvalue.data, key->key.keyvalue.length, challange, &answer); if (ret) { - krb5_set_error_string(context, "NTLM missing arcfour key"); + krb5_set_error_message(context, ret, "NTLM missing arcfour key"); goto failed; } - + if (ireq.u.ntlmRequest.ntlm.length != answer.length || memcmp(ireq.u.ntlmRequest.ntlm.data, answer.data, answer.length) != 0) - { - free(answer.data); - ret = EINVAL; - krb5_set_error_string(context, "NTLM hash mismatch"); - goto failed; - } + { + free(answer.data); + ret = EINVAL; + krb5_set_error_message(context, ret, "NTLM hash mismatch"); + goto failed; + } free(answer.data); { - MD4_CTX ctx; + EVP_MD_CTX *ctx; - MD4_Init(&ctx); - MD4_Update(&ctx, - key->key.keyvalue.data, key->key.keyvalue.length); - MD4_Final(sessionkey, &ctx); + ctx = EVP_MD_CTX_create(); + + EVP_DigestInit_ex(ctx, EVP_md4(), NULL); + EVP_DigestUpdate(ctx, + key->key.keyvalue.data, + key->key.keyvalue.length); + EVP_DigestFinal_ex(ctx, sessionkey, NULL); + + EVP_MD_CTX_destroy(ctx); } } if (ireq.u.ntlmRequest.sessionkey) { unsigned char masterkey[MD4_DIGEST_LENGTH]; - RC4_KEY rc4; + EVP_CIPHER_CTX rc4; size_t len; - + if ((flags & NTLM_NEG_KEYEX) == 0) { - krb5_set_error_string(context, - "NTLM client failed to neg key " - "exchange but still sent key"); ret = EINVAL; + krb5_set_error_message(context, ret, + "NTLM client failed to neg key " + "exchange but still sent key"); goto failed; } - + len = ireq.u.ntlmRequest.sessionkey->length; if (len != sizeof(masterkey)){ - krb5_set_error_string(context, - "NTLM master key wrong length: %lu", - (unsigned long)len); + ret = EINVAL; + krb5_set_error_message(context, ret, + "NTLM master key wrong length: %lu", + (unsigned long)len); goto failed; } - - RC4_set_key(&rc4, sizeof(sessionkey), sessionkey); - - RC4(&rc4, sizeof(masterkey), - ireq.u.ntlmRequest.sessionkey->data, - masterkey); - memset(&rc4, 0, sizeof(rc4)); - - r.u.ntlmResponse.sessionkey = + + + EVP_CIPHER_CTX_init(&rc4); + EVP_CipherInit_ex(&rc4, EVP_rc4(), NULL, sessionkey, NULL, 1); + EVP_Cipher(&rc4, + masterkey, ireq.u.ntlmRequest.sessionkey->data, + sizeof(masterkey)); + EVP_CIPHER_CTX_cleanup(&rc4); + + r.u.ntlmResponse.sessionkey = malloc(sizeof(*r.u.ntlmResponse.sessionkey)); if (r.u.ntlmResponse.sessionkey == NULL) { - krb5_set_error_string(context, "out of memory"); + ret = EINVAL; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } - + ret = krb5_data_copy(r.u.ntlmResponse.sessionkey, masterkey, sizeof(masterkey)); if (ret) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } } @@ -1354,26 +1404,26 @@ _kdc_do_digest(krb5_context context, break; default: { - char *s; - krb5_set_error_string(context, "unknown operation to digest"); + const char *s; ret = EINVAL; + krb5_set_error_message(context, ret, "unknown operation to digest"); - failed: + failed: s = krb5_get_error_message(context, ret); if (s == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } - + kdc_log(context, config, 0, "Digest failed with: %s", s); r.element = choice_DigestRepInner_error; r.u.error.reason = strdup("unknown error"); - krb5_free_error_string(context, s); + krb5_free_error_message(context, s); if (r.u.error.reason == NULL) { - krb5_set_error_string(context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } r.u.error.code = EINVAL; @@ -1383,7 +1433,7 @@ _kdc_do_digest(krb5_context context, ASN1_MALLOC_ENCODE(DigestRepInner, buf.data, buf.length, &r, &size, ret); if (ret) { - krb5_set_error_string(context, "Failed to encode inner digest reply"); + krb5_set_error_message(context, ret, "Failed to encode inner digest reply"); goto out; } if (size != buf.length) @@ -1408,20 +1458,20 @@ _kdc_do_digest(krb5_context context, goto out; } - ret = krb5_encrypt_EncryptedData(context, crypto, KRB5_KU_DIGEST_ENCRYPT, + ret = krb5_encrypt_EncryptedData(context, crypto, KRB5_KU_DIGEST_ENCRYPT, buf.data, buf.length, 0, &rep.innerRep); - + ASN1_MALLOC_ENCODE(DigestREP, reply->data, reply->length, &rep, &size, ret); if (ret) { - krb5_set_error_string(context, "Failed to encode digest reply"); + krb5_set_error_message(context, ret, "Failed to encode digest reply"); goto out; } if (size != reply->length) krb5_abortx(context, "ASN1 internal error"); - -out: + + out: if (ac) krb5_auth_con_free(context, ac); if (ret) @@ -1448,9 +1498,12 @@ _kdc_do_digest(krb5_context context, free (client_name); krb5_data_free(&buf); krb5_data_free(&serverNonce); + free_Checksum(&res); free_DigestREP(&rep); free_DigestRepInner(&r); free_DigestReqInner(&ireq); return ret; } + +#endif /* DIGEST */ diff --git a/kdc/headers.h b/kdc/headers.h index 64f6b6e438cb..aced5ce61707 100644 --- a/kdc/headers.h +++ b/kdc/headers.h @@ -1,46 +1,45 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* - * $Id: headers.h 19658 2007-01-04 00:15:34Z lha $ +/* + * $Id$ */ #ifndef __HEADERS_H__ #define __HEADERS_H__ -#ifdef HAVE_CONFIG_H #include -#endif + #include #include #include @@ -91,17 +90,24 @@ #include #include #include +#ifdef DIGEST #include +#endif +#ifdef KX509 #include +#endif #include #include #include +#ifndef NO_NTLM #include +#endif +#include #include #undef ALLOC -#define ALLOC(X) ((X) = malloc(sizeof(*(X)))) +#define ALLOC(X) ((X) = calloc(1, sizeof(*(X)))) #undef ALLOC_SEQ #define ALLOC_SEQ(X, N) do { (X)->len = (N); \ (X)->val = calloc((X)->len, sizeof(*(X)->val)); } while(0) diff --git a/kdc/hprop-version.rc b/kdc/hprop-version.rc new file mode 100644 index 000000000000..1e782f5d7e83 --- /dev/null +++ b/kdc/hprop-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "KDC Database Propagation Tool" +#define RC_FILE_ORIG_0409 "hprop.exe" + +#include "../windows/version.rc" diff --git a/kdc/hprop.8 b/kdc/hprop.8 index 99fc9784bd91..973235f2ae4c 100644 --- a/kdc/hprop.8 +++ b/kdc/hprop.8 @@ -1,35 +1,35 @@ -.\" Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: hprop.8 20456 2007-04-19 20:29:42Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd December 8, 2004 .Dt HPROP 8 @@ -41,37 +41,36 @@ .Nm .Bk -words .Oo Fl m Ar file \*(Ba Xo -.Fl -master-key= Ns Pa file +.Fl Fl master-key= Ns Pa file .Xc .Oc .Oo Fl d Ar file \*(Ba Xo -.Fl -database= Ns Pa file +.Fl Fl database= Ns Pa file .Xc .Oc -.Op Fl -source= Ns Ar heimdal|mit-dump|krb4-dump|kaserver +.Op Fl Fl source= Ns Ar heimdal|mit-dump .Oo Fl r Ar string \*(Ba Xo -.Fl -v4-realm= Ns Ar string +.Fl Fl v4-realm= Ns Ar string .Xc .Oc .Oo Fl c Ar cell \*(Ba Xo -.Fl -cell= Ns Ar cell +.Fl Fl cell= Ns Ar cell .Xc .Oc -.Op Fl S | Fl -kaspecials .Oo Fl k Ar keytab \*(Ba Xo -.Fl -keytab= Ns Ar keytab +.Fl Fl keytab= Ns Ar keytab .Xc .Oc .Oo Fl R Ar string \*(Ba Xo -.Fl -v5-realm= Ns Ar string +.Fl Fl v5-realm= Ns Ar string .Xc .Oc -.Op Fl D | Fl -decrypt -.Op Fl E | Fl -encrypt -.Op Fl n | Fl -stdout -.Op Fl v | Fl -verbose -.Op Fl -version -.Op Fl h | Fl -help +.Op Fl D | Fl Fl decrypt +.Op Fl E | Fl Fl encrypt +.Op Fl n | Fl Fl stdout +.Op Fl v | Fl Fl verbose +.Op Fl Fl version +.Op Fl h | Fl Fl help .Op Ar host Ns Op : Ns Ar port .Ar ... .Ek @@ -90,101 +89,42 @@ specified on the command by opening a TCP connection to port 754 .Pp Supported options: .Bl -tag -width Ds -.It Xo -.Fl m Ar file , -.Fl -master-key= Ns Pa file -.Xc +.It Fl m Ar file , Fl Fl master-key= Ns Pa file Where to find the master key to encrypt or decrypt keys with. -.It Xo -.Fl d Ar file , -.Fl -database= Ns Pa file -.Xc +.It Fl d Ar file , Fl Fl database= Ns Pa file The database to be propagated. -.It Xo -.Fl -source= Ns Ar heimdal|mit-dump|krb4-dump|kaserver -.Xc +.It Fl Fl source= Ns Ar heimdal|mit-dump|krb4-dump|kaserver Specifies the type of the source database. Alternatives include: .Pp -.Bl -tag -width krb4-dump -compact -offset indent +.Bl -tag -width mit-dump -compact -offset indent .It heimdal a Heimdal database .It mit-dump a MIT Kerberos 5 dump file -.It krb4-dump -a Kerberos 4 dump file -.It kaserver -an AFS kaserver database .El -.It Xo -.Fl k Ar keytab , -.Fl -keytab= Ns Ar keytab -.Xc ++.It Fl k Ar keytab , Fl Fl keytab= Ns Ar keytab The keytab to use for fetching the key to be used for authenticating to the propagation daemon(s). The key -.Pa kadmin/hprop +.Pa hprop/hostname is used from this keytab. The default is to fetch the key from the KDC database. -.It Xo -.Fl R Ar string , -.Fl -v5-realm= Ns Ar string -.Xc +.It Fl R Ar string , Fl Fl v5-realm= Ns Ar string Local realm override. -.It Xo -.Fl D , -.Fl -decrypt -.Xc +.It Fl D , Fl Fl decrypt The encryption keys in the database can either be in clear, or encrypted with a master key. This option transmits the database with unencrypted keys. -.It Xo -.Fl E , -.Fl -encrypt -.Xc +.It Fl E , Fl Fl encrypt This option transmits the database with encrypted keys. -.It Xo -.Fl n , -.Fl -stdout -.Xc +.It Fl n , Fl Fl stdout Dump the database on stdout, in a format that can be fed to hpropd. .El -.Pp -The following options are only valid if -.Nm hprop -is compiled with support for Kerberos 4 (kaserver). -.Bl -tag -width Ds -.It Xo -.Fl r Ar string , -.Fl -v4-realm= Ns Ar string -.Xc -v4 realm to use. -.It Xo -.Fl c Ar cell , -.Fl -cell= Ns Ar cell -.Xc -The AFS cell name, used if reading a kaserver database. -.It Xo -.Fl S , -.Fl -kaspecials -.Xc -Also dump the principals marked as special in the kaserver database. -.It Xo -.Fl K , -.Fl -ka-db -.Xc -Deprecated, identical to -.Sq --source=kaserver . -.El .Sh EXAMPLES The following will propagate a database to another machine (which should run -.Xr hpropd 8 ): +.Xr hpropd 8 ) : .Bd -literal -offset indent $ hprop slave-1 slave-2 .Ed -.Pp -Convert a Kerberos 4 dump-file for use with a Heimdal KDC: -.Bd -literal -offset indent -$ hprop -n --source=krb4-dump -d /var/kerberos/principal.dump --master-key=/.k | hpropd -n -.Ed .Sh SEE ALSO .Xr hpropd 8 diff --git a/kdc/hprop.c b/kdc/hprop.c index e5b7fd11fb40..b68f159ef234 100644 --- a/kdc/hprop.c +++ b/kdc/hprop.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "hprop.h" +#define KRB5_DEPRECATED /* uses v4 functions that will die */ -RCSID("$Id: hprop.c 21745 2007-07-31 16:11:25Z lha $"); +#include "hprop.h" static int version_flag; static int help_flag; @@ -48,12 +48,6 @@ static hdb_master_key mkey5; static char *source_type; -static char *afs_cell; -static char *v4_realm; - -static int kaspecials_flag; -static int ka_use_null_salt; - static char *local_realm=NULL; static int @@ -72,7 +66,7 @@ open_socket(krb5_context context, const char *hostname, const char *port) warnx ("%s: %s", hostname, gai_strerror(error)); return -1; } - + for (a = ai; a != NULL; a = a->ai_next) { int s; @@ -112,7 +106,7 @@ v5_prop(krb5_context context, HDB *db, hdb_entry_ex *entry, void *appdata) krb5_warn(context, ret, "hdb_unseal_keys_mkey"); return ret; } - } + } ret = hdb_entry2value(context, &entry->entry, &data); if(ret) { @@ -123,310 +117,29 @@ v5_prop(krb5_context context, HDB *db, hdb_entry_ex *entry, void *appdata) if(to_stdout) ret = krb5_write_message(context, &pd->sock, &data); else - ret = krb5_write_priv_message(context, pd->auth_context, + ret = krb5_write_priv_message(context, pd->auth_context, &pd->sock, &data); krb5_data_free(&data); return ret; } -int -v4_prop(void *arg, struct v4_principal *p) -{ - struct prop_data *pd = arg; - hdb_entry_ex ent; - krb5_error_code ret; - - memset(&ent, 0, sizeof(ent)); - - ret = krb5_425_conv_principal(pd->context, p->name, p->instance, v4_realm, - &ent.entry.principal); - if(ret) { - krb5_warn(pd->context, ret, - "krb5_425_conv_principal %s.%s@%s", - p->name, p->instance, v4_realm); - return 0; - } - - if(verbose_flag) { - char *s; - krb5_unparse_name_short(pd->context, ent.entry.principal, &s); - krb5_warnx(pd->context, "%s.%s -> %s", p->name, p->instance, s); - free(s); - } - - ent.entry.kvno = p->kvno; - ent.entry.keys.len = 3; - ent.entry.keys.val = malloc(ent.entry.keys.len * sizeof(*ent.entry.keys.val)); - if (ent.entry.keys.val == NULL) - krb5_errx(pd->context, ENOMEM, "malloc"); - if(p->mkvno != -1) { - ent.entry.keys.val[0].mkvno = malloc (sizeof(*ent.entry.keys.val[0].mkvno)); - if (ent.entry.keys.val[0].mkvno == NULL) - krb5_errx(pd->context, ENOMEM, "malloc"); - *(ent.entry.keys.val[0].mkvno) = p->mkvno; - } else - ent.entry.keys.val[0].mkvno = NULL; - ent.entry.keys.val[0].salt = calloc(1, sizeof(*ent.entry.keys.val[0].salt)); - if (ent.entry.keys.val[0].salt == NULL) - krb5_errx(pd->context, ENOMEM, "calloc"); - ent.entry.keys.val[0].salt->type = KRB5_PADATA_PW_SALT; - ent.entry.keys.val[0].key.keytype = ETYPE_DES_CBC_MD5; - krb5_data_alloc(&ent.entry.keys.val[0].key.keyvalue, DES_KEY_SZ); - memcpy(ent.entry.keys.val[0].key.keyvalue.data, p->key, 8); - - copy_Key(&ent.entry.keys.val[0], &ent.entry.keys.val[1]); - ent.entry.keys.val[1].key.keytype = ETYPE_DES_CBC_MD4; - copy_Key(&ent.entry.keys.val[0], &ent.entry.keys.val[2]); - ent.entry.keys.val[2].key.keytype = ETYPE_DES_CBC_CRC; - - { - int life = _krb5_krb_life_to_time(0, p->max_life); - if(life == NEVERDATE){ - ent.entry.max_life = NULL; - } else { - /* clean up lifetime a bit */ - if(life > 86400) - life = (life + 86399) / 86400 * 86400; - else if(life > 3600) - life = (life + 3599) / 3600 * 3600; - ALLOC(ent.entry.max_life); - *ent.entry.max_life = life; - } - } - - ALLOC(ent.entry.valid_end); - *ent.entry.valid_end = p->exp_date; - - ret = krb5_make_principal(pd->context, &ent.entry.created_by.principal, - v4_realm, - "kadmin", - "hprop", - NULL); - if(ret){ - krb5_warn(pd->context, ret, "krb5_make_principal"); - ret = 0; - goto out; - } - ent.entry.created_by.time = time(NULL); - ALLOC(ent.entry.modified_by); - ret = krb5_425_conv_principal(pd->context, p->mod_name, p->mod_instance, - v4_realm, &ent.entry.modified_by->principal); - if(ret){ - krb5_warn(pd->context, ret, "%s.%s@%s", p->name, p->instance, v4_realm); - ent.entry.modified_by->principal = NULL; - ret = 0; - goto out; - } - ent.entry.modified_by->time = p->mod_date; - - ent.entry.flags.forwardable = 1; - ent.entry.flags.renewable = 1; - ent.entry.flags.proxiable = 1; - ent.entry.flags.postdate = 1; - ent.entry.flags.client = 1; - ent.entry.flags.server = 1; - - /* special case password changing service */ - if(strcmp(p->name, "changepw") == 0 && - strcmp(p->instance, "kerberos") == 0) { - ent.entry.flags.forwardable = 0; - ent.entry.flags.renewable = 0; - ent.entry.flags.proxiable = 0; - ent.entry.flags.postdate = 0; - ent.entry.flags.initial = 1; - ent.entry.flags.change_pw = 1; - } - - ret = v5_prop(pd->context, NULL, &ent, pd); - - if (strcmp (p->name, "krbtgt") == 0 - && strcmp (v4_realm, p->instance) != 0) { - krb5_free_principal (pd->context, ent.entry.principal); - ret = krb5_425_conv_principal (pd->context, p->name, - v4_realm, p->instance, - &ent.entry.principal); - if (ret == 0) - ret = v5_prop (pd->context, NULL, &ent, pd); - } - - out: - hdb_free_entry(pd->context, &ent); - return ret; -} - -#include "kadb.h" - -/* read a `ka_entry' from `fd' at offset `pos' */ -static void -read_block(krb5_context context, int fd, int32_t pos, void *buf, size_t len) -{ - krb5_error_code ret; -#ifdef HAVE_PREAD - if((ret = pread(fd, buf, len, 64 + pos)) < 0) - krb5_err(context, 1, errno, "pread(%u)", 64 + pos); -#else - if(lseek(fd, 64 + pos, SEEK_SET) == (off_t)-1) - krb5_err(context, 1, errno, "lseek(%u)", 64 + pos); - ret = read(fd, buf, len); - if(ret < 0) - krb5_err(context, 1, errno, "read(%lu)", (unsigned long)len); -#endif - if(ret != len) - krb5_errx(context, 1, "read(%lu) = %u", (unsigned long)len, ret); -} - -static int -ka_convert(struct prop_data *pd, int fd, struct ka_entry *ent) -{ - int32_t flags = ntohl(ent->flags); - krb5_error_code ret; - hdb_entry_ex hdb; - - if(!kaspecials_flag - && (flags & KAFNORMAL) == 0) /* remove special entries */ - return 0; - memset(&hdb, 0, sizeof(hdb)); - ret = krb5_425_conv_principal(pd->context, ent->name, ent->instance, - v4_realm, &hdb.entry.principal); - if(ret) { - krb5_warn(pd->context, ret, - "krb5_425_conv_principal (%s.%s@%s)", - ent->name, ent->instance, v4_realm); - return 0; - } - hdb.entry.kvno = ntohl(ent->kvno); - hdb.entry.keys.len = 3; - hdb.entry.keys.val = - malloc(hdb.entry.keys.len * sizeof(*hdb.entry.keys.val)); - if (hdb.entry.keys.val == NULL) - krb5_errx(pd->context, ENOMEM, "malloc"); - hdb.entry.keys.val[0].mkvno = NULL; - hdb.entry.keys.val[0].salt = calloc(1, sizeof(*hdb.entry.keys.val[0].salt)); - if (hdb.entry.keys.val[0].salt == NULL) - krb5_errx(pd->context, ENOMEM, "calloc"); - if (ka_use_null_salt) { - hdb.entry.keys.val[0].salt->type = hdb_pw_salt; - hdb.entry.keys.val[0].salt->salt.data = NULL; - hdb.entry.keys.val[0].salt->salt.length = 0; - } else { - hdb.entry.keys.val[0].salt->type = hdb_afs3_salt; - hdb.entry.keys.val[0].salt->salt.data = strdup(afs_cell); - if (hdb.entry.keys.val[0].salt->salt.data == NULL) - krb5_errx(pd->context, ENOMEM, "strdup"); - hdb.entry.keys.val[0].salt->salt.length = strlen(afs_cell); - } - - hdb.entry.keys.val[0].key.keytype = ETYPE_DES_CBC_MD5; - krb5_data_copy(&hdb.entry.keys.val[0].key.keyvalue, - ent->key, - sizeof(ent->key)); - copy_Key(&hdb.entry.keys.val[0], &hdb.entry.keys.val[1]); - hdb.entry.keys.val[1].key.keytype = ETYPE_DES_CBC_MD4; - copy_Key(&hdb.entry.keys.val[0], &hdb.entry.keys.val[2]); - hdb.entry.keys.val[2].key.keytype = ETYPE_DES_CBC_CRC; - - ALLOC(hdb.entry.max_life); - *hdb.entry.max_life = ntohl(ent->max_life); - - if(ntohl(ent->valid_end) != NEVERDATE && ntohl(ent->valid_end) != 0xffffffff) { - ALLOC(hdb.entry.valid_end); - *hdb.entry.valid_end = ntohl(ent->valid_end); - } - - if (ntohl(ent->pw_change) != NEVERDATE && - ent->pw_expire != 255 && - ent->pw_expire != 0) { - ALLOC(hdb.entry.pw_end); - *hdb.entry.pw_end = ntohl(ent->pw_change) - + 24 * 60 * 60 * ent->pw_expire; - } - - ret = krb5_make_principal(pd->context, &hdb.entry.created_by.principal, - v4_realm, - "kadmin", - "hprop", - NULL); - hdb.entry.created_by.time = time(NULL); - - if(ent->mod_ptr){ - struct ka_entry mod; - ALLOC(hdb.entry.modified_by); - read_block(pd->context, fd, ntohl(ent->mod_ptr), &mod, sizeof(mod)); - - krb5_425_conv_principal(pd->context, mod.name, mod.instance, v4_realm, - &hdb.entry.modified_by->principal); - hdb.entry.modified_by->time = ntohl(ent->mod_time); - memset(&mod, 0, sizeof(mod)); - } - - hdb.entry.flags.forwardable = 1; - hdb.entry.flags.renewable = 1; - hdb.entry.flags.proxiable = 1; - hdb.entry.flags.postdate = 1; - /* XXX - AFS 3.4a creates krbtgt.REALMOFCELL as NOTGS+NOSEAL */ - if (strcmp(ent->name, "krbtgt") == 0 && - (flags & (KAFNOTGS|KAFNOSEAL)) == (KAFNOTGS|KAFNOSEAL)) - flags &= ~(KAFNOTGS|KAFNOSEAL); - - hdb.entry.flags.client = (flags & KAFNOTGS) == 0; - hdb.entry.flags.server = (flags & KAFNOSEAL) == 0; - - ret = v5_prop(pd->context, NULL, &hdb, pd); - hdb_free_entry(pd->context, &hdb); - return ret; -} - -static int -ka_dump(struct prop_data *pd, const char *file) -{ - struct ka_header header; - int i; - int fd = open(file, O_RDONLY); - - if(fd < 0) - krb5_err(pd->context, 1, errno, "open(%s)", file); - read_block(pd->context, fd, 0, &header, sizeof(header)); - if(header.version1 != header.version2) - krb5_errx(pd->context, 1, "Version mismatch in header: %ld/%ld", - (long)ntohl(header.version1), (long)ntohl(header.version2)); - if(ntohl(header.version1) != 5) - krb5_errx(pd->context, 1, "Unknown database version %ld (expected 5)", - (long)ntohl(header.version1)); - for(i = 0; i < ntohl(header.hashsize); i++){ - int32_t pos = ntohl(header.hash[i]); - while(pos){ - struct ka_entry ent; - read_block(pd->context, fd, pos, &ent, sizeof(ent)); - ka_convert(pd, fd, &ent); - pos = ntohl(ent.next); - } - } - return 0; -} - - - struct getargs args[] = { { "master-key", 'm', arg_string, &mkeyfile, "v5 master key file", "file" }, - { "database", 'd', arg_string, &database, "database", "file" }, - { "source", 0, arg_string, &source_type, "type of database to read", + { "database", 'd', arg_string, rk_UNCONST(&database), "database", "file" }, + { "source", 0, arg_string, &source_type, "type of database to read", "heimdal" "|mit-dump" - "|krb4-dump" - "|kaserver" }, - - { "v4-realm", 'r', arg_string, &v4_realm, "v4 realm to use" }, - { "cell", 'c', arg_string, &afs_cell, "name of AFS cell" }, - { "kaspecials", 'S', arg_flag, &kaspecials_flag, "dump KASPECIAL keys"}, - { "keytab", 'k', arg_string, &ktname, "keytab to use for authentication", "keytab" }, - { "v5-realm", 'R', arg_string, &local_realm, "v5 realm to use" }, - { "decrypt", 'D', arg_flag, &decrypt_flag, "decrypt keys" }, - { "encrypt", 'E', arg_flag, &encrypt_flag, "encrypt keys" }, - { "stdout", 'n', arg_flag, &to_stdout, "dump to stdout" }, - { "verbose", 'v', arg_flag, &verbose_flag }, - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag } + + { "keytab", 'k', arg_string, rk_UNCONST(&ktname), + "keytab to use for authentication", "keytab" }, + { "v5-realm", 'R', arg_string, &local_realm, "v5 realm to use", NULL }, + { "decrypt", 'D', arg_flag, &decrypt_flag, "decrypt keys", NULL }, + { "encrypt", 'E', arg_flag, &encrypt_flag, "encrypt keys", NULL }, + { "stdout", 'n', arg_flag, &to_stdout, "dump to stdout", NULL }, + { "verbose", 'v', arg_flag, &verbose_flag, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); @@ -447,14 +160,14 @@ get_creds(krb5_context context, krb5_ccache *cache) krb5_get_init_creds_opt *init_opts; krb5_preauthtype preauth = KRB5_PADATA_ENC_TIMESTAMP; krb5_creds creds; - + ret = krb5_kt_register(context, &hdb_kt_ops); if(ret) krb5_err(context, 1, ret, "krb5_kt_register"); ret = krb5_kt_resolve(context, ktname, &keytab); if(ret) krb5_err(context, 1, ret, "krb5_kt_resolve"); - - ret = krb5_make_principal(context, &client, NULL, + + ret = krb5_make_principal(context, &client, NULL, "kadmin", HPROP_NAME, NULL); if(ret) krb5_err(context, 1, ret, "krb5_make_principal"); @@ -466,12 +179,12 @@ get_creds(krb5_context context, krb5_ccache *cache) if(ret) krb5_err(context, 1, ret, "krb5_get_init_creds"); krb5_get_init_creds_opt_free(context, init_opts); - + ret = krb5_kt_close(context, keytab); if(ret) krb5_err(context, 1, ret, "krb5_kt_close"); - - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, cache); - if(ret) krb5_err(context, 1, ret, "krb5_cc_gen_new"); + + ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, cache); + if(ret) krb5_err(context, 1, ret, "krb5_cc_new_unique"); ret = krb5_cc_initialize(context, *cache, client); if(ret) krb5_err(context, 1, ret, "krb5_cc_initialize"); @@ -486,27 +199,21 @@ get_creds(krb5_context context, krb5_ccache *cache) enum hprop_source { HPROP_HEIMDAL = 1, - HPROP_KRB4_DUMP, - HPROP_KASERVER, HPROP_MIT_DUMP }; -#define IS_TYPE_V4(X) ((X) == HPROP_KRB4_DUMP || (X) == HPROP_KASERVER) - struct { int type; const char *name; } types[] = { { HPROP_HEIMDAL, "heimdal" }, - { HPROP_KRB4_DUMP, "krb4-dump" }, - { HPROP_KASERVER, "kaserver" }, { HPROP_MIT_DUMP, "mit-dump" } }; static int parse_source_type(const char *s) { - int i; + size_t i; for(i = 0; i < sizeof(types) / sizeof(types[0]); i++) { if(strstr(types[i].name, s) == types[i].name) return types[i].type; @@ -524,22 +231,10 @@ iterate (krb5_context context, int ret; switch(type) { - case HPROP_KRB4_DUMP: - ret = v4_prop_dump(pd, database_name); - if(ret) - krb5_warnx(context, "v4_prop_dump: %s", - krb5_get_err_text(context, ret)); - break; - case HPROP_KASERVER: - ret = ka_dump(pd, database_name); - if(ret) - krb5_warn(context, ret, "ka_dump"); - break; case HPROP_MIT_DUMP: ret = mit_prop_dump(pd, database_name); if (ret) - krb5_warnx(context, "mit_prop_dump: %s", - krb5_get_err_text(context, ret)); + krb5_warn(context, ret, "mit_prop_dump"); break; case HPROP_HEIMDAL: ret = hdb_foreach(context, db, HDB_F_DECRYPT, v5_prop, pd); @@ -563,7 +258,7 @@ dump_database (krb5_context context, int type, pd.context = context; pd.auth_context = NULL; pd.sock = STDOUT_FILENO; - + ret = iterate (context, database_name, db, type, &pd); if (ret) krb5_errx(context, 1, "iterate failure"); @@ -577,7 +272,7 @@ dump_database (krb5_context context, int type, static int propagate_database (krb5_context context, int type, - const char *database_name, + const char *database_name, HDB *db, krb5_ccache ccache, int optidx, int argc, char **argv) { @@ -596,8 +291,8 @@ propagate_database (krb5_context context, int type, port = strchr(host, ':'); if(port == NULL) { - snprintf(portstr, sizeof(portstr), "%u", - ntohs(krb5_getportbyname (context, "hprop", "tcp", + snprintf(portstr, sizeof(portstr), "%u", + ntohs(krb5_getportbyname (context, "hprop", "tcp", HPROP_PORT))); port = portstr; } else @@ -622,11 +317,10 @@ propagate_database (krb5_context context, int type, if (local_realm) { krb5_realm my_realm; krb5_get_default_realm(context,&my_realm); - - free (*krb5_princ_realm(context, server)); - krb5_princ_set_realm(context,server,&my_realm); + krb5_principal_set_realm(context,server,my_realm); + krb5_xfree(my_realm); } - + auth_context = NULL; ret = krb5_sendauth(context, &auth_context, @@ -650,7 +344,7 @@ propagate_database (krb5_context context, int type, close(fd); goto next_host; } - + pd.context = context; pd.auth_context = auth_context; pd.sock = fd; @@ -677,7 +371,7 @@ propagate_database (krb5_context context, int type, goto next_host; } else krb5_data_free (&data); - + next_host: krb5_auth_con_free(context, auth_context); close(fd); @@ -705,7 +399,7 @@ main(int argc, char **argv) if(help_flag) usage(0); - + if(version_flag){ print_version(NULL); exit(0); @@ -715,25 +409,16 @@ main(int argc, char **argv) if(ret) exit(1); + /* We may be reading an old database encrypted with a DES master key. */ + ret = krb5_allow_weak_crypto(context, 1); + if(ret) + krb5_err(context, 1, ret, "krb5_allow_weak_crypto"); + if(local_realm) krb5_set_default_realm(context, local_realm); - if(v4_realm == NULL) { - ret = krb5_get_default_realm(context, &v4_realm); - if(ret) - krb5_err(context, 1, ret, "krb5_get_default_realm"); - } - - if(afs_cell == NULL) { - afs_cell = strdup(v4_realm); - if(afs_cell == NULL) - krb5_errx(context, 1, "out of memory"); - strlwr(afs_cell); - } - - if(encrypt_flag && decrypt_flag) - krb5_errx(context, 1, + krb5_errx(context, 1, "only one of `--encrypt' and `--decrypt' is meaningful"); if(source_type != NULL) { @@ -745,7 +430,7 @@ main(int argc, char **argv) if(!to_stdout) get_creds(context, &ccache); - + if(decrypt_flag || encrypt_flag) { ret = hdb_read_master_key(context, mkeyfile, &mkey5); if(ret && ret != ENOENT) @@ -753,26 +438,8 @@ main(int argc, char **argv) if(ret) krb5_errx(context, 1, "No master key file found"); } - - if (IS_TYPE_V4(type) && v4_realm == NULL) - krb5_errx(context, 1, "Its a Kerberos 4 database " - "but no realm configured"); switch(type) { - case HPROP_KASERVER: - if (database == NULL) - database = DEFAULT_DATABASE; - ka_use_null_salt = krb5_config_get_bool_default(context, NULL, FALSE, - "hprop", - "afs_uses_null_salt", - NULL); - - break; - case HPROP_KRB4_DUMP: - if (database == NULL) - krb5_errx(context, 1, "no dump file specified"); - - break; case HPROP_MIT_DUMP: if (database == NULL) krb5_errx(context, 1, "no dump file specified"); @@ -793,12 +460,12 @@ main(int argc, char **argv) if (to_stdout) exit_code = dump_database (context, type, database, db); else - exit_code = propagate_database (context, type, database, + exit_code = propagate_database (context, type, database, db, ccache, optidx, argc, argv); if(ccache != NULL) krb5_cc_destroy(context, ccache); - + if(db != NULL) (*db->hdb_destroy)(context, db); diff --git a/kdc/hprop.cat8 b/kdc/hprop.cat8 new file mode 100644 index 000000000000..804dcf9db4e3 --- /dev/null +++ b/kdc/hprop.cat8 @@ -0,0 +1,67 @@ + +HPROP(8) BSD System Manager's Manual HPROP(8) + +NNAAMMEE + hhpprroopp -- propagate the KDC database + +SSYYNNOOPPSSIISS + hhpprroopp [--mm _f_i_l_e | ----mmaasstteerr--kkeeyy==_f_i_l_e] [--dd _f_i_l_e | ----ddaattaabbaassee==_f_i_l_e] + [----ssoouurrccee==_h_e_i_m_d_a_l_|_m_i_t_-_d_u_m_p] [--rr _s_t_r_i_n_g | ----vv44--rreeaallmm==_s_t_r_i_n_g] [--cc + _c_e_l_l | ----cceellll==_c_e_l_l] [--kk _k_e_y_t_a_b | ----kkeeyyttaabb==_k_e_y_t_a_b] [--RR _s_t_r_i_n_g | + ----vv55--rreeaallmm==_s_t_r_i_n_g] [--DD | ----ddeeccrryypptt] [--EE | ----eennccrryypptt] + [--nn | ----ssttddoouutt] [--vv | ----vveerrbboossee] [----vveerrssiioonn] [--hh | ----hheellpp] + [_h_o_s_t[:_p_o_r_t]] _._._. + +DDEESSCCRRIIPPTTIIOONN + hhpprroopp takes a principal database in a specified format and converts it + into a stream of Heimdal database records. This stream can either be + written to standard out, or (more commonly) be propagated to a hpropd(8) + server running on a different machine. + + If propagating, it connects to all _h_o_s_t_s specified on the command by + opening a TCP connection to port 754 (service hprop) and sends the data- + base in encrypted form. + + Supported options: + + --mm _f_i_l_e, ----mmaasstteerr--kkeeyy==_f_i_l_e + Where to find the master key to encrypt or decrypt keys with. + + --dd _f_i_l_e, ----ddaattaabbaassee==_f_i_l_e + The database to be propagated. + + ----ssoouurrccee==_h_e_i_m_d_a_l_|_m_i_t_-_d_u_m_p_|_k_r_b_4_-_d_u_m_p_|_k_a_s_e_r_v_e_r + Specifies the type of the source database. Alternatives include: + + heimdal a Heimdal database + mit-dump a MIT Kerberos 5 dump file + +.It Fl k Ar keytab , Fl Fl keytab= Ns Ar keytab The keytab to + use for fetching the key to be used for authenticating to the + propagation daemon(s). The key _h_p_r_o_p_/_h_o_s_t_n_a_m_e is used from this + keytab. The default is to fetch the key from the KDC database. + + --RR _s_t_r_i_n_g, ----vv55--rreeaallmm==_s_t_r_i_n_g + Local realm override. + + --DD, ----ddeeccrryypptt + The encryption keys in the database can either be in clear, or + encrypted with a master key. This option transmits the database + with unencrypted keys. + + --EE, ----eennccrryypptt + This option transmits the database with encrypted keys. + + --nn, ----ssttddoouutt + Dump the database on stdout, in a format that can be fed to + hpropd. + +EEXXAAMMPPLLEESS + The following will propagate a database to another machine (which should + run hpropd(8)): + + $ hprop slave-1 slave-2 + +SSEEEE AALLSSOO + hpropd(8) + +HEIMDAL December 8, 2004 HEIMDAL diff --git a/kdc/hprop.h b/kdc/hprop.h index d43d04c21539..59fe8bc16934 100644 --- a/kdc/hprop.h +++ b/kdc/hprop.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: hprop.h 16378 2005-12-12 12:40:12Z lha $ */ +/* $Id$ */ #ifndef __HPROP_H__ #define __HPROP_H__ diff --git a/kdc/hpropd-version.rc b/kdc/hpropd-version.rc new file mode 100644 index 000000000000..388d64d92ddd --- /dev/null +++ b/kdc/hpropd-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Propagated KDC database recipient" +#define RC_FILE_ORIG_0409 "hpropd.exe" + +#include "../windows/version.rc" diff --git a/kdc/hpropd.8 b/kdc/hpropd.8 index 74a3dad816d7..31b44e28a59c 100644 --- a/kdc/hpropd.8 +++ b/kdc/hpropd.8 @@ -1,35 +1,35 @@ -.\" Copyright (c) 1997, 2000 - 2003 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 1997, 2000 - 2003 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: hpropd.8 14381 2004-12-10 09:44:05Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd August 27, 1997 .Dt HPROPD 8 @@ -41,17 +41,17 @@ .Nm .Bk -words .Oo Fl d Ar file \*(Ba Xo -.Fl -database= Ns Ar file +.Fl Fl database= Ns Ar file .Xc .Oc -.Op Fl n | Fl -stdin -.Op Fl -print -.Op Fl i | Fl -no-inetd +.Op Fl n | Fl Fl stdin +.Op Fl Fl print +.Op Fl i | Fl Fl no-inetd .Oo Fl k Ar keytab \*(Ba Xo -.Fl -keytab= Ns Ar keytab +.Fl Fl keytab= Ns Ar keytab .Xc .Oc -.Op Fl 4 | Fl -v4dump +.Op Fl 4 | Fl Fl v4dump .Ek .Sh DESCRIPTION .Nm @@ -73,34 +73,17 @@ are accepted. .Pp Options supported: .Bl -tag -width Ds -.It Xo -.Fl d Ar file , -.Fl -database= Ns Ar file -.Xc +.It Fl d Ar file , Fl Fl database= Ns Ar file database -.It Xo -.Fl n , -.Fl -stdin -.Xc +.It Fl n , Fl Fl stdin read from stdin -.It Xo -.Fl -print -.Xc +.It Fl Fl print print dump to stdout -.It Xo -.Fl i , -.Fl -no-inetd -.Xc +.It Fl i , Fl Fl no-inetd not started from inetd -.It Xo -.Fl k Ar keytab , -.Fl -keytab= Ns Ar keytab -.Xc +.It Fl k Ar keytab , Fl Fl keytab= Ns Ar keytab keytab to use for authentication -.It Xo -.Fl 4 , -.Fl -v4dump -.Xc +.It Fl 4 , Fl Fl v4dump create v4 type DB .El .Sh SEE ALSO diff --git a/kdc/hpropd.c b/kdc/hpropd.c index 12a976657210..75b26a15f501 100644 --- a/kdc/hpropd.c +++ b/kdc/hpropd.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hprop.h" -RCSID("$Id: hpropd.c 22245 2007-12-08 23:48:52Z lha $"); - static int inetd_flag = -1; static int help_flag; static int version_flag; @@ -45,18 +43,21 @@ static char *local_realm; static char *ktname = NULL; struct getargs args[] = { - { "database", 'd', arg_string, &database, "database", "file" }, - { "stdin", 'n', arg_flag, &from_stdin, "read from stdin" }, - { "print", 0, arg_flag, &print_dump, "print dump to stdout" }, + { "database", 'd', arg_string, rk_UNCONST(&database), "database", "file" }, + { "stdin", 'n', arg_flag, &from_stdin, "read from stdin", NULL }, + { "print", 0, arg_flag, &print_dump, "print dump to stdout", NULL }, +#ifdef SUPPORT_INETD { "inetd", 'i', arg_negative_flag, &inetd_flag, - "Not started from inetd" }, + "Not started from inetd", NULL }, +#endif { "keytab", 'k', arg_string, &ktname, "keytab to use for authentication", "keytab" }, - { "realm", 'r', arg_string, &local_realm, "realm to use" }, + { "realm", 'r', arg_string, &local_realm, "realm to use", NULL }, { "version", 0, arg_flag, &version_flag, NULL, NULL }, { "help", 'h', arg_flag, &help_flag, NULL, NULL} }; static int num_args = sizeof(args) / sizeof(args[0]); +static char unparseable_name[] = "unparseable name"; static void usage(int ret) @@ -74,8 +75,8 @@ main(int argc, char **argv) krb5_principal c1, c2; krb5_authenticator authent; krb5_keytab keytab; - int fd; - HDB *db; + krb5_socket_t sock = rk_INVALID_SOCKET; + HDB *db = NULL; int optidx = 0; char *tmp_db; krb5_log_facility *fac; @@ -89,22 +90,22 @@ main(int argc, char **argv) ret = krb5_openlog(context, "hpropd", &fac); if(ret) - ; + errx(1, "krb5_openlog"); krb5_set_warn_dest(context, fac); - + if(getarg(args, num_args, argc, argv, &optidx)) usage(1); if(local_realm != NULL) krb5_set_default_realm(context, local_realm); - + if(help_flag) usage(0); if(version_flag) { print_version(NULL); exit(0); } - + argc -= optidx; argv += optidx; @@ -114,9 +115,9 @@ main(int argc, char **argv) if (database == NULL) database = hdb_default_db(context); - if(from_stdin) - fd = STDIN_FILENO; - else { + if(from_stdin) { + sock = STDIN_FILENO; + } else { struct sockaddr_storage ss; struct sockaddr *sa = (struct sockaddr *)&ss; socklen_t sin_len = sizeof(ss); @@ -124,19 +125,24 @@ main(int argc, char **argv) krb5_ticket *ticket; char *server; - fd = STDIN_FILENO; + sock = STDIN_FILENO; +#ifdef SUPPORT_INETD if (inetd_flag == -1) { - if (getpeername (fd, sa, &sin_len) < 0) + if (getpeername (sock, sa, &sin_len) < 0) { inetd_flag = 0; - else + } else { inetd_flag = 1; + } } +#else + inetd_flag = 0; +#endif if (!inetd_flag) { mini_inetd (krb5_getportbyname (context, "hprop", "tcp", - HPROP_PORT)); + HPROP_PORT), &sock); } sin_len = sizeof(ss); - if(getpeername(fd, sa, &sin_len) < 0) + if(getpeername(sock, sa, &sin_len) < 0) krb5_err(context, 1, errno, "getpeername"); if (inet_ntop(sa->sa_family, @@ -147,7 +153,7 @@ main(int argc, char **argv) sizeof(addr_name)); krb5_log(context, fac, 0, "Connection from %s", addr_name); - + ret = krb5_kt_register(context, &hdb_kt_ops); if(ret) krb5_err(context, 1, ret, "krb5_kt_register"); @@ -162,11 +168,11 @@ main(int argc, char **argv) krb5_err (context, 1, ret, "krb5_kt_default"); } - ret = krb5_recvauth(context, &ac, &fd, HPROP_VERSION, NULL, + ret = krb5_recvauth(context, &ac, &sock, HPROP_VERSION, NULL, 0, keytab, &ticket); if(ret) krb5_err(context, 1, ret, "krb5_recvauth"); - + ret = krb5_unparse_name(context, ticket->server, &server); if (ret) krb5_err(context, 1, ret, "krb5_unparse_name"); @@ -179,17 +185,17 @@ main(int argc, char **argv) ret = krb5_auth_con_getauthenticator(context, ac, &authent); if(ret) krb5_err(context, 1, ret, "krb5_auth_con_getauthenticator"); - + ret = krb5_make_principal(context, &c1, NULL, "kadmin", "hprop", NULL); if(ret) krb5_err(context, 1, ret, "krb5_make_principal"); - _krb5_principalname2krb5_principal(context, &c2, + _krb5_principalname2krb5_principal(context, &c2, authent->cname, authent->crealm); if(!krb5_principal_compare(context, c1, c2)) { char *s; ret = krb5_unparse_name(context, c2, &s); if (ret) - s = "unparseable name"; + s = unparseable_name; krb5_errx(context, 1, "Unauthorized connection from %s", s); } krb5_free_principal(context, c1); @@ -199,7 +205,7 @@ main(int argc, char **argv) if(ret) krb5_err(context, 1, ret, "krb5_kt_close"); } - + if(!print_dump) { asprintf(&tmp_db, "%s~", database); @@ -217,11 +223,11 @@ main(int argc, char **argv) hdb_entry_ex entry; if(from_stdin) { - ret = krb5_read_message(context, &fd, &data); + ret = krb5_read_message(context, &sock, &data); if(ret != 0 && ret != HEIM_ERR_EOF) krb5_err(context, 1, ret, "krb5_read_message"); } else { - ret = krb5_read_priv_message(context, ac, &fd, &data); + ret = krb5_read_priv_message(context, ac, &sock, &data); if(ret) krb5_err(context, 1, ret, "krb5_read_priv_message"); } @@ -230,15 +236,15 @@ main(int argc, char **argv) if(!from_stdin) { data.data = NULL; data.length = 0; - krb5_write_priv_message(context, ac, &fd, &data); + krb5_write_priv_message(context, ac, &sock, &data); } if(!print_dump) { - ret = db->hdb_rename(context, db, database); - if(ret) - krb5_err(context, 1, ret, "db_rename"); ret = db->hdb_close(context, db); if(ret) krb5_err(context, 1, ret, "db_close"); + ret = db->hdb_rename(context, db, database); + if(ret) + krb5_err(context, 1, ret, "db_rename"); } break; } @@ -255,10 +261,10 @@ main(int argc, char **argv) char *s; ret = krb5_unparse_name(context, entry.entry.principal, &s); if (ret) - s = strdup("unparseable name"); + s = strdup(unparseable_name); krb5_warnx(context, "Entry exists: %s", s); free(s); - } else if(ret) + } else if(ret) krb5_err(context, 1, ret, "db_store"); else nprincs++; @@ -267,5 +273,9 @@ main(int argc, char **argv) } if (!print_dump) krb5_log(context, fac, 0, "Received %d principals", nprincs); + + if (inetd_flag == 0) + rk_closesocket(sock); + exit(0); } diff --git a/kdc/hpropd.cat8 b/kdc/hpropd.cat8 new file mode 100644 index 000000000000..af618136b189 --- /dev/null +++ b/kdc/hpropd.cat8 @@ -0,0 +1,44 @@ + +HPROPD(8) BSD System Manager's Manual HPROPD(8) + +NNAAMMEE + hhpprrooppdd -- receive a propagated database + +SSYYNNOOPPSSIISS + hhpprrooppdd [--dd _f_i_l_e | ----ddaattaabbaassee==_f_i_l_e] [--nn | ----ssttddiinn] [----pprriinntt] + [--ii | ----nnoo--iinneettdd] [--kk _k_e_y_t_a_b | ----kkeeyyttaabb==_k_e_y_t_a_b] [--44 | ----vv44dduummpp] + +DDEESSCCRRIIPPTTIIOONN + hhpprrooppdd receives a database sent by hhpprroopp. and writes it as a local data- + base. + + By default, hhpprrooppdd expects to be started from iinneettdd if stdin is a socket + and expects to receive the dumped database over stdin otherwise. If the + database is sent over the network, it is authenticated and encrypted. + Only connections authenticated with the principal kkaaddmmiinn/hhpprroopp are + accepted. + + Options supported: + + --dd _f_i_l_e, ----ddaattaabbaassee==_f_i_l_e + database + + --nn, ----ssttddiinn + read from stdin + + ----pprriinntt + print dump to stdout + + --ii, ----nnoo--iinneettdd + not started from inetd + + --kk _k_e_y_t_a_b, ----kkeeyyttaabb==_k_e_y_t_a_b + keytab to use for authentication + + --44, ----vv44dduummpp + create v4 type DB + +SSEEEE AALLSSOO + hprop(8) + +HEIMDAL August 27, 1997 HEIMDAL diff --git a/kdc/kadb.h b/kdc/kadb.h deleted file mode 100644 index 4b59abe1cf97..000000000000 --- a/kdc/kadb.h +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kadb.h 7997 2000-03-03 12:36:26Z assar $ */ - -#ifndef __kadb_h__ -#define __kadb_h__ - -#define HASHSIZE 8191 - -struct ka_header { - int32_t version1; /* file format version, should - match version2 */ - int32_t size; - int32_t free_ptr; - int32_t eof_ptr; - int32_t kvno_ptr; - int32_t stats[8]; - int32_t admin_accounts; - int32_t special_keys_version; - int32_t hashsize; /* allocated size of hash */ - int32_t hash[HASHSIZE]; - int32_t version2; -}; - -struct ka_entry { - int32_t flags; /* see below */ - int32_t next; /* next in hash list */ - int32_t valid_end; /* expiration date */ - int32_t mod_time; /* time last modified */ - int32_t mod_ptr; /* pointer to modifier */ - int32_t pw_change; /* last pw change */ - int32_t max_life; /* max ticket life */ - int32_t kvno; - int32_t foo2[2]; /* huh? */ - char name[64]; - char instance[64]; - char key[8]; - u_char pw_expire; /* # days before password expires */ - u_char spare; - u_char attempts; - u_char locktime; -}; - -#define KAFNORMAL (1<<0) -#define KAFADMIN (1<<2) /* an administrator */ -#define KAFNOTGS (1<<3) /* ! allow principal to get or use TGT */ -#define KAFNOSEAL (1<<5) /* ! allow principal as server in GetTicket */ -#define KAFNOCPW (1<<6) /* ! allow principal to change its own key */ -#define KAFSPECIAL (1<<8) /* set if special AuthServer principal */ - -#define DEFAULT_DATABASE "/usr/afs/db/kaserver.DB0" - -#endif /* __kadb_h__ */ diff --git a/kdc/kaserver.c b/kdc/kaserver.c deleted file mode 100644 index 27f497ea6643..000000000000 --- a/kdc/kaserver.c +++ /dev/null @@ -1,951 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: kaserver.c 21654 2007-07-21 17:30:18Z lha $"); - -#include -#include - -#define KA_AUTHENTICATION_SERVICE 731 -#define KA_TICKET_GRANTING_SERVICE 732 -#define KA_MAINTENANCE_SERVICE 733 - -#define AUTHENTICATE_OLD 1 -#define CHANGEPASSWORD 2 -#define GETTICKET_OLD 3 -#define SETPASSWORD 4 -#define SETFIELDS 5 -#define CREATEUSER 6 -#define DELETEUSER 7 -#define GETENTRY 8 -#define LISTENTRY 9 -#define GETSTATS 10 -#define DEBUG 11 -#define GETPASSWORD 12 -#define GETRANDOMKEY 13 -#define AUTHENTICATE 21 -#define AUTHENTICATE_V2 22 -#define GETTICKET 23 - -/* XXX - Where do we get these? */ - -#define RXGEN_OPCODE (-455) - -#define KADATABASEINCONSISTENT (180480L) -#define KAEXIST (180481L) -#define KAIO (180482L) -#define KACREATEFAIL (180483L) -#define KANOENT (180484L) -#define KAEMPTY (180485L) -#define KABADNAME (180486L) -#define KABADINDEX (180487L) -#define KANOAUTH (180488L) -#define KAANSWERTOOLONG (180489L) -#define KABADREQUEST (180490L) -#define KAOLDINTERFACE (180491L) -#define KABADARGUMENT (180492L) -#define KABADCMD (180493L) -#define KANOKEYS (180494L) -#define KAREADPW (180495L) -#define KABADKEY (180496L) -#define KAUBIKINIT (180497L) -#define KAUBIKCALL (180498L) -#define KABADPROTOCOL (180499L) -#define KANOCELLS (180500L) -#define KANOCELL (180501L) -#define KATOOMANYUBIKS (180502L) -#define KATOOMANYKEYS (180503L) -#define KABADTICKET (180504L) -#define KAUNKNOWNKEY (180505L) -#define KAKEYCACHEINVALID (180506L) -#define KABADSERVER (180507L) -#define KABADUSER (180508L) -#define KABADCPW (180509L) -#define KABADCREATE (180510L) -#define KANOTICKET (180511L) -#define KAASSOCUSER (180512L) -#define KANOTSPECIAL (180513L) -#define KACLOCKSKEW (180514L) -#define KANORECURSE (180515L) -#define KARXFAIL (180516L) -#define KANULLPASSWORD (180517L) -#define KAINTERNALERROR (180518L) -#define KAPWEXPIRED (180519L) -#define KAREUSED (180520L) -#define KATOOSOON (180521L) -#define KALOCKED (180522L) - - -static krb5_error_code -decode_rx_header (krb5_storage *sp, - struct rx_header *h) -{ - krb5_error_code ret; - - ret = krb5_ret_uint32(sp, &h->epoch); - if (ret) return ret; - ret = krb5_ret_uint32(sp, &h->connid); - if (ret) return ret; - ret = krb5_ret_uint32(sp, &h->callid); - if (ret) return ret; - ret = krb5_ret_uint32(sp, &h->seqno); - if (ret) return ret; - ret = krb5_ret_uint32(sp, &h->serialno); - if (ret) return ret; - ret = krb5_ret_uint8(sp, &h->type); - if (ret) return ret; - ret = krb5_ret_uint8(sp, &h->flags); - if (ret) return ret; - ret = krb5_ret_uint8(sp, &h->status); - if (ret) return ret; - ret = krb5_ret_uint8(sp, &h->secindex); - if (ret) return ret; - ret = krb5_ret_uint16(sp, &h->reserved); - if (ret) return ret; - ret = krb5_ret_uint16(sp, &h->serviceid); - if (ret) return ret; - - return 0; -} - -static krb5_error_code -encode_rx_header (struct rx_header *h, - krb5_storage *sp) -{ - krb5_error_code ret; - - ret = krb5_store_uint32(sp, h->epoch); - if (ret) return ret; - ret = krb5_store_uint32(sp, h->connid); - if (ret) return ret; - ret = krb5_store_uint32(sp, h->callid); - if (ret) return ret; - ret = krb5_store_uint32(sp, h->seqno); - if (ret) return ret; - ret = krb5_store_uint32(sp, h->serialno); - if (ret) return ret; - ret = krb5_store_uint8(sp, h->type); - if (ret) return ret; - ret = krb5_store_uint8(sp, h->flags); - if (ret) return ret; - ret = krb5_store_uint8(sp, h->status); - if (ret) return ret; - ret = krb5_store_uint8(sp, h->secindex); - if (ret) return ret; - ret = krb5_store_uint16(sp, h->reserved); - if (ret) return ret; - ret = krb5_store_uint16(sp, h->serviceid); - if (ret) return ret; - - return 0; -} - -static void -init_reply_header (struct rx_header *hdr, - struct rx_header *reply_hdr, - u_char type, - u_char flags) -{ - reply_hdr->epoch = hdr->epoch; - reply_hdr->connid = hdr->connid; - reply_hdr->callid = hdr->callid; - reply_hdr->seqno = 1; - reply_hdr->serialno = 1; - reply_hdr->type = type; - reply_hdr->flags = flags; - reply_hdr->status = 0; - reply_hdr->secindex = 0; - reply_hdr->reserved = 0; - reply_hdr->serviceid = hdr->serviceid; -} - -/* - * Create an error `reply´ using for the packet `hdr' with the error - * `error´ code. - */ -static void -make_error_reply (struct rx_header *hdr, - uint32_t error, - krb5_data *reply) - -{ - struct rx_header reply_hdr; - krb5_error_code ret; - krb5_storage *sp; - - init_reply_header (hdr, &reply_hdr, HT_ABORT, HF_LAST); - sp = krb5_storage_emem(); - if (sp == NULL) - return; - ret = encode_rx_header (&reply_hdr, sp); - if (ret) - return; - krb5_store_int32(sp, error); - krb5_storage_to_data (sp, reply); - krb5_storage_free (sp); -} - -static krb5_error_code -krb5_ret_xdr_data(krb5_storage *sp, - krb5_data *data) -{ - int ret; - int size; - ret = krb5_ret_int32(sp, &size); - if(ret) - return ret; - if(size < 0) - return ERANGE; - data->length = size; - if (size) { - u_char foo[4]; - size_t pad = (4 - size % 4) % 4; - - data->data = malloc(size); - if (data->data == NULL) - return ENOMEM; - ret = krb5_storage_read(sp, data->data, size); - if(ret != size) - return (ret < 0)? errno : KRB5_CC_END; - if (pad) { - ret = krb5_storage_read(sp, foo, pad); - if (ret != pad) - return (ret < 0)? errno : KRB5_CC_END; - } - } else - data->data = NULL; - return 0; -} - -static krb5_error_code -krb5_store_xdr_data(krb5_storage *sp, - krb5_data data) -{ - u_char zero[4] = {0, 0, 0, 0}; - int ret; - size_t pad; - - ret = krb5_store_int32(sp, data.length); - if(ret < 0) - return ret; - ret = krb5_storage_write(sp, data.data, data.length); - if(ret != data.length){ - if(ret < 0) - return errno; - return KRB5_CC_END; - } - pad = (4 - data.length % 4) % 4; - if (pad) { - ret = krb5_storage_write(sp, zero, pad); - if (ret != pad) { - if (ret < 0) - return errno; - return KRB5_CC_END; - } - } - return 0; -} - - -static krb5_error_code -create_reply_ticket (krb5_context context, - struct rx_header *hdr, - Key *skey, - char *name, char *instance, char *realm, - struct sockaddr_in *addr, - int life, - int kvno, - int32_t max_seq_len, - const char *sname, const char *sinstance, - uint32_t challenge, - const char *label, - krb5_keyblock *key, - krb5_data *reply) -{ - krb5_error_code ret; - krb5_data ticket; - krb5_keyblock session; - krb5_storage *sp; - krb5_data enc_data; - struct rx_header reply_hdr; - char zero[8]; - size_t pad; - unsigned fyrtiosjuelva; - - /* create the ticket */ - - krb5_generate_random_keyblock(context, ETYPE_DES_PCBC_NONE, &session); - - _krb5_krb_create_ticket(context, - 0, - name, - instance, - realm, - addr->sin_addr.s_addr, - &session, - life, - kdc_time, - sname, - sinstance, - &skey->key, - &ticket); - - /* create the encrypted part of the reply */ - sp = krb5_storage_emem (); - krb5_generate_random_block(&fyrtiosjuelva, sizeof(fyrtiosjuelva)); - fyrtiosjuelva &= 0xffffffff; - krb5_store_int32 (sp, fyrtiosjuelva); - krb5_store_int32 (sp, challenge); - krb5_storage_write (sp, session.keyvalue.data, 8); - krb5_free_keyblock_contents(context, &session); - krb5_store_int32 (sp, kdc_time); - krb5_store_int32 (sp, kdc_time + _krb5_krb_life_to_time (0, life)); - krb5_store_int32 (sp, kvno); - krb5_store_int32 (sp, ticket.length); - krb5_store_stringz (sp, name); - krb5_store_stringz (sp, instance); -#if 1 /* XXX - Why shouldn't the realm go here? */ - krb5_store_stringz (sp, ""); -#else - krb5_store_stringz (sp, realm); -#endif - krb5_store_stringz (sp, sname); - krb5_store_stringz (sp, sinstance); - krb5_storage_write (sp, ticket.data, ticket.length); - krb5_storage_write (sp, label, strlen(label)); - - /* pad to DES block */ - memset (zero, 0, sizeof(zero)); - pad = (8 - krb5_storage_seek (sp, 0, SEEK_CUR) % 8) % 8; - krb5_storage_write (sp, zero, pad); - - krb5_storage_to_data (sp, &enc_data); - krb5_storage_free (sp); - - if (enc_data.length > max_seq_len) { - krb5_data_free (&enc_data); - make_error_reply (hdr, KAANSWERTOOLONG, reply); - return 0; - } - - /* encrypt it */ - { - DES_key_schedule schedule; - DES_cblock deskey; - - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - DES_set_key (&deskey, &schedule); - DES_pcbc_encrypt (enc_data.data, - enc_data.data, - enc_data.length, - &schedule, - &deskey, - DES_ENCRYPT); - memset (&schedule, 0, sizeof(schedule)); - memset (&deskey, 0, sizeof(deskey)); - } - - /* create the reply packet */ - init_reply_header (hdr, &reply_hdr, HT_DATA, HF_LAST); - sp = krb5_storage_emem (); - ret = encode_rx_header (&reply_hdr, sp); - krb5_store_int32 (sp, max_seq_len); - krb5_store_xdr_data (sp, enc_data); - krb5_data_free (&enc_data); - krb5_storage_to_data (sp, reply); - krb5_storage_free (sp); - return 0; -} - -static krb5_error_code -unparse_auth_args (krb5_storage *sp, - char **name, - char **instance, - time_t *start_time, - time_t *end_time, - krb5_data *request, - int32_t *max_seq_len) -{ - krb5_data data; - int32_t tmp; - - krb5_ret_xdr_data (sp, &data); - *name = malloc(data.length + 1); - if (*name == NULL) - return ENOMEM; - memcpy (*name, data.data, data.length); - (*name)[data.length] = '\0'; - krb5_data_free (&data); - - krb5_ret_xdr_data (sp, &data); - *instance = malloc(data.length + 1); - if (*instance == NULL) { - free (*name); - return ENOMEM; - } - memcpy (*instance, data.data, data.length); - (*instance)[data.length] = '\0'; - krb5_data_free (&data); - - krb5_ret_int32 (sp, &tmp); - *start_time = tmp; - krb5_ret_int32 (sp, &tmp); - *end_time = tmp; - krb5_ret_xdr_data (sp, request); - krb5_ret_int32 (sp, max_seq_len); - /* ignore the rest */ - return 0; -} - -static void -do_authenticate (krb5_context context, - krb5_kdc_configuration *config, - struct rx_header *hdr, - krb5_storage *sp, - struct sockaddr_in *addr, - const char *from, - krb5_data *reply) -{ - krb5_error_code ret; - char *name = NULL; - char *instance = NULL; - time_t start_time; - time_t end_time; - krb5_data request; - int32_t max_seq_len; - hdb_entry_ex *client_entry = NULL; - hdb_entry_ex *server_entry = NULL; - Key *ckey = NULL; - Key *skey = NULL; - krb5_storage *reply_sp; - time_t max_life; - uint8_t life; - int32_t chal; - char client_name[256]; - char server_name[256]; - - krb5_data_zero (&request); - - ret = unparse_auth_args (sp, &name, &instance, &start_time, &end_time, - &request, &max_seq_len); - if (ret != 0 || request.length < 8) { - make_error_reply (hdr, KABADREQUEST, reply); - goto out; - } - - snprintf (client_name, sizeof(client_name), "%s.%s@%s", - name, instance, config->v4_realm); - snprintf (server_name, sizeof(server_name), "%s.%s@%s", - "krbtgt", config->v4_realm, config->v4_realm); - - kdc_log(context, config, 0, "AS-REQ (kaserver) %s from %s for %s", - client_name, from, server_name); - - ret = _kdc_db_fetch4 (context, config, name, instance, - config->v4_realm, HDB_F_GET_CLIENT, - &client_entry); - if (ret) { - kdc_log(context, config, 0, "Client not found in database: %s: %s", - client_name, krb5_get_err_text(context, ret)); - make_error_reply (hdr, KANOENT, reply); - goto out; - } - - ret = _kdc_db_fetch4 (context, config, "krbtgt", - config->v4_realm, config->v4_realm, - HDB_F_GET_KRBTGT, &server_entry); - if (ret) { - kdc_log(context, config, 0, "Server not found in database: %s: %s", - server_name, krb5_get_err_text(context, ret)); - make_error_reply (hdr, KANOENT, reply); - goto out; - } - - ret = _kdc_check_flags (context, config, - client_entry, client_name, - server_entry, server_name, - TRUE); - if (ret) { - make_error_reply (hdr, KAPWEXPIRED, reply); - goto out; - } - - /* find a DES key */ - ret = _kdc_get_des_key(context, client_entry, FALSE, TRUE, &ckey); - if(ret){ - kdc_log(context, config, 0, "no suitable DES key for client"); - make_error_reply (hdr, KANOKEYS, reply); - goto out; - } - - /* find a DES key */ - ret = _kdc_get_des_key(context, server_entry, TRUE, TRUE, &skey); - if(ret){ - kdc_log(context, config, 0, "no suitable DES key for server"); - make_error_reply (hdr, KANOKEYS, reply); - goto out; - } - - { - DES_cblock key; - DES_key_schedule schedule; - - /* try to decode the `request' */ - memcpy (&key, ckey->key.keyvalue.data, sizeof(key)); - DES_set_key (&key, &schedule); - DES_pcbc_encrypt (request.data, - request.data, - request.length, - &schedule, - &key, - DES_DECRYPT); - memset (&schedule, 0, sizeof(schedule)); - memset (&key, 0, sizeof(key)); - } - - /* check for the magic label */ - if (memcmp ((char *)request.data + 4, "gTGS", 4) != 0) { - kdc_log(context, config, 0, "preauth failed for %s", client_name); - make_error_reply (hdr, KABADREQUEST, reply); - goto out; - } - - reply_sp = krb5_storage_from_mem (request.data, 4); - krb5_ret_int32 (reply_sp, &chal); - krb5_storage_free (reply_sp); - - if (abs(chal - kdc_time) > context->max_skew) { - make_error_reply (hdr, KACLOCKSKEW, reply); - goto out; - } - - /* life */ - max_life = end_time - kdc_time; - /* end_time - kdc_time can sometimes be non-positive due to slight - time skew between client and server. Let's make sure it is postive */ - if(max_life < 1) - max_life = 1; - if (client_entry->entry.max_life) - max_life = min(max_life, *client_entry->entry.max_life); - if (server_entry->entry.max_life) - max_life = min(max_life, *server_entry->entry.max_life); - - life = krb_time_to_life(kdc_time, kdc_time + max_life); - - create_reply_ticket (context, - hdr, skey, - name, instance, config->v4_realm, - addr, life, server_entry->entry.kvno, - max_seq_len, - "krbtgt", config->v4_realm, - chal + 1, "tgsT", - &ckey->key, reply); - - out: - if (request.length) { - memset (request.data, 0, request.length); - krb5_data_free (&request); - } - if (name) - free (name); - if (instance) - free (instance); - if (client_entry) - _kdc_free_ent (context, client_entry); - if (server_entry) - _kdc_free_ent (context, server_entry); -} - -static krb5_error_code -unparse_getticket_args (krb5_storage *sp, - int *kvno, - char **auth_domain, - krb5_data *ticket, - char **name, - char **instance, - krb5_data *times, - int32_t *max_seq_len) -{ - krb5_data data; - int32_t tmp; - - krb5_ret_int32 (sp, &tmp); - *kvno = tmp; - - krb5_ret_xdr_data (sp, &data); - *auth_domain = malloc(data.length + 1); - if (*auth_domain == NULL) - return ENOMEM; - memcpy (*auth_domain, data.data, data.length); - (*auth_domain)[data.length] = '\0'; - krb5_data_free (&data); - - krb5_ret_xdr_data (sp, ticket); - - krb5_ret_xdr_data (sp, &data); - *name = malloc(data.length + 1); - if (*name == NULL) { - free (*auth_domain); - return ENOMEM; - } - memcpy (*name, data.data, data.length); - (*name)[data.length] = '\0'; - krb5_data_free (&data); - - krb5_ret_xdr_data (sp, &data); - *instance = malloc(data.length + 1); - if (*instance == NULL) { - free (*auth_domain); - free (*name); - return ENOMEM; - } - memcpy (*instance, data.data, data.length); - (*instance)[data.length] = '\0'; - krb5_data_free (&data); - - krb5_ret_xdr_data (sp, times); - - krb5_ret_int32 (sp, max_seq_len); - /* ignore the rest */ - return 0; -} - -static void -do_getticket (krb5_context context, - krb5_kdc_configuration *config, - struct rx_header *hdr, - krb5_storage *sp, - struct sockaddr_in *addr, - const char *from, - krb5_data *reply) -{ - krb5_error_code ret; - int kvno; - char *auth_domain = NULL; - krb5_data aticket; - char *name = NULL; - char *instance = NULL; - krb5_data times; - int32_t max_seq_len; - hdb_entry_ex *server_entry = NULL; - hdb_entry_ex *client_entry = NULL; - hdb_entry_ex *krbtgt_entry = NULL; - Key *kkey = NULL; - Key *skey = NULL; - DES_cblock key; - DES_key_schedule schedule; - DES_cblock session; - time_t max_life; - int8_t life; - time_t start_time, end_time; - char server_name[256]; - char client_name[256]; - struct _krb5_krb_auth_data ad; - - krb5_data_zero (&aticket); - krb5_data_zero (×); - - memset(&ad, 0, sizeof(ad)); - - unparse_getticket_args (sp, &kvno, &auth_domain, &aticket, - &name, &instance, ×, &max_seq_len); - if (times.length < 8) { - make_error_reply (hdr, KABADREQUEST, reply); - goto out; - - } - - snprintf (server_name, sizeof(server_name), - "%s.%s@%s", name, instance, config->v4_realm); - - ret = _kdc_db_fetch4 (context, config, name, instance, - config->v4_realm, HDB_F_GET_SERVER, &server_entry); - if (ret) { - kdc_log(context, config, 0, "Server not found in database: %s: %s", - server_name, krb5_get_err_text(context, ret)); - make_error_reply (hdr, KANOENT, reply); - goto out; - } - - ret = _kdc_db_fetch4 (context, config, "krbtgt", - config->v4_realm, config->v4_realm, HDB_F_GET_KRBTGT, &krbtgt_entry); - if (ret) { - kdc_log(context, config, 0, - "Server not found in database: %s.%s@%s: %s", - "krbtgt", config->v4_realm, config->v4_realm, - krb5_get_err_text(context, ret)); - make_error_reply (hdr, KANOENT, reply); - goto out; - } - - /* find a DES key */ - ret = _kdc_get_des_key(context, krbtgt_entry, TRUE, TRUE, &kkey); - if(ret){ - kdc_log(context, config, 0, "no suitable DES key for krbtgt"); - make_error_reply (hdr, KANOKEYS, reply); - goto out; - } - - /* find a DES key */ - ret = _kdc_get_des_key(context, server_entry, TRUE, TRUE, &skey); - if(ret){ - kdc_log(context, config, 0, "no suitable DES key for server"); - make_error_reply (hdr, KANOKEYS, reply); - goto out; - } - - /* decrypt the incoming ticket */ - memcpy (&key, kkey->key.keyvalue.data, sizeof(key)); - - /* unpack the ticket */ - { - char *sname = NULL; - char *sinstance = NULL; - - ret = _krb5_krb_decomp_ticket(context, &aticket, &kkey->key, - config->v4_realm, &sname, - &sinstance, &ad); - if (ret) { - kdc_log(context, config, 0, - "kaserver: decomp failed for %s.%s with %d", - sname, sinstance, ret); - make_error_reply (hdr, KABADTICKET, reply); - goto out; - } - - if (strcmp (sname, "krbtgt") != 0 - || strcmp (sinstance, config->v4_realm) != 0) { - kdc_log(context, config, 0, "no TGT: %s.%s for %s.%s@%s", - sname, sinstance, - ad.pname, ad.pinst, ad.prealm); - make_error_reply (hdr, KABADTICKET, reply); - free(sname); - free(sinstance); - goto out; - } - free(sname); - free(sinstance); - - if (kdc_time > _krb5_krb_life_to_time(ad.time_sec, ad.life)) { - kdc_log(context, config, 0, "TGT expired: %s.%s@%s", - ad.pname, ad.pinst, ad.prealm); - make_error_reply (hdr, KABADTICKET, reply); - goto out; - } - } - - snprintf (client_name, sizeof(client_name), - "%s.%s@%s", ad.pname, ad.pinst, ad.prealm); - - kdc_log(context, config, 0, "TGS-REQ (kaserver) %s from %s for %s", - client_name, from, server_name); - - ret = _kdc_db_fetch4 (context, config, - ad.pname, ad.pinst, ad.prealm, HDB_F_GET_CLIENT, - &client_entry); - if(ret && ret != HDB_ERR_NOENTRY) { - kdc_log(context, config, 0, - "Client not found in database: (krb4) %s: %s", - client_name, krb5_get_err_text(context, ret)); - make_error_reply (hdr, KANOENT, reply); - goto out; - } - if (client_entry == NULL && strcmp(ad.prealm, config->v4_realm) == 0) { - kdc_log(context, config, 0, - "Local client not found in database: (krb4) " - "%s", client_name); - make_error_reply (hdr, KANOENT, reply); - goto out; - } - - ret = _kdc_check_flags (context, config, - client_entry, client_name, - server_entry, server_name, - FALSE); - if (ret) { - make_error_reply (hdr, KAPWEXPIRED, reply); - goto out; - } - - /* decrypt the times */ - memcpy(&session, ad.session.keyvalue.data, sizeof(session)); - DES_set_key (&session, &schedule); - DES_ecb_encrypt (times.data, - times.data, - &schedule, - DES_DECRYPT); - memset (&schedule, 0, sizeof(schedule)); - memset (&session, 0, sizeof(session)); - - /* and extract them */ - { - krb5_storage *tsp; - int32_t tmp; - - tsp = krb5_storage_from_mem (times.data, times.length); - krb5_ret_int32 (tsp, &tmp); - start_time = tmp; - krb5_ret_int32 (tsp, &tmp); - end_time = tmp; - krb5_storage_free (tsp); - } - - /* life */ - max_life = end_time - kdc_time; - /* end_time - kdc_time can sometimes be non-positive due to slight - time skew between client and server. Let's make sure it is postive */ - if(max_life < 1) - max_life = 1; - if (krbtgt_entry->entry.max_life) - max_life = min(max_life, *krbtgt_entry->entry.max_life); - if (server_entry->entry.max_life) - max_life = min(max_life, *server_entry->entry.max_life); - /* if this is a cross realm request, the client_entry will likely - be NULL */ - if (client_entry && client_entry->entry.max_life) - max_life = min(max_life, *client_entry->entry.max_life); - - life = _krb5_krb_time_to_life(kdc_time, kdc_time + max_life); - - create_reply_ticket (context, - hdr, skey, - ad.pname, ad.pinst, ad.prealm, - addr, life, server_entry->entry.kvno, - max_seq_len, - name, instance, - 0, "gtkt", - &ad.session, reply); - - out: - _krb5_krb_free_auth_data(context, &ad); - if (aticket.length) { - memset (aticket.data, 0, aticket.length); - krb5_data_free (&aticket); - } - if (times.length) { - memset (times.data, 0, times.length); - krb5_data_free (×); - } - if (auth_domain) - free (auth_domain); - if (name) - free (name); - if (instance) - free (instance); - if (krbtgt_entry) - _kdc_free_ent (context, krbtgt_entry); - if (server_entry) - _kdc_free_ent (context, server_entry); -} - -krb5_error_code -_kdc_do_kaserver(krb5_context context, - krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, - krb5_data *reply, - const char *from, - struct sockaddr_in *addr) -{ - krb5_error_code ret = 0; - struct rx_header hdr; - uint32_t op; - krb5_storage *sp; - - if (len < RX_HEADER_SIZE) - return -1; - sp = krb5_storage_from_mem (buf, len); - - ret = decode_rx_header (sp, &hdr); - if (ret) - goto out; - buf += RX_HEADER_SIZE; - len -= RX_HEADER_SIZE; - - switch (hdr.type) { - case HT_DATA : - break; - case HT_ACK : - case HT_BUSY : - case HT_ABORT : - case HT_ACKALL : - case HT_CHAL : - case HT_RESP : - case HT_DEBUG : - default: - /* drop */ - goto out; - } - - - if (hdr.serviceid != KA_AUTHENTICATION_SERVICE - && hdr.serviceid != KA_TICKET_GRANTING_SERVICE) { - ret = -1; - goto out; - } - - ret = krb5_ret_uint32(sp, &op); - if (ret) - goto out; - switch (op) { - case AUTHENTICATE : - case AUTHENTICATE_V2 : - do_authenticate (context, config, &hdr, sp, addr, from, reply); - break; - case GETTICKET : - do_getticket (context, config, &hdr, sp, addr, from, reply); - break; - case AUTHENTICATE_OLD : - case CHANGEPASSWORD : - case GETTICKET_OLD : - case SETPASSWORD : - case SETFIELDS : - case CREATEUSER : - case DELETEUSER : - case GETENTRY : - case LISTENTRY : - case GETSTATS : - case DEBUG : - case GETPASSWORD : - case GETRANDOMKEY : - default : - make_error_reply (&hdr, RXGEN_OPCODE, reply); - break; - } - -out: - krb5_storage_free (sp); - return ret; -} diff --git a/kdc/kdc-private.h b/kdc/kdc-private.h index 030be9ae58ba..aef929b26972 100644 --- a/kdc/kdc-private.h +++ b/kdc/kdc-private.h @@ -10,15 +10,16 @@ _kdc_add_KRB5SignedPath ( krb5_kdc_configuration */*config*/, hdb_entry_ex */*krbtgt*/, krb5_enctype /*enctype*/, + krb5_principal /*client*/, krb5_const_principal /*server*/, - KRB5SignedPathPrincipals */*principals*/, + krb5_principals /*principals*/, EncTicketPart */*tkt*/); krb5_error_code _kdc_add_inital_verified_cas ( krb5_context /*context*/, krb5_kdc_configuration */*config*/, - pk_client_params */*params*/, + pk_client_params */*cp*/, EncTicketPart */*tkt*/); krb5_error_code @@ -32,6 +33,17 @@ _kdc_as_rep ( struct sockaddr */*from_addr*/, int /*datagram_reply*/); +krb5_error_code +_kdc_check_access ( + krb5_context /*context*/, + krb5_kdc_configuration */*config*/, + hdb_entry_ex */*client_ex*/, + const char */*client_name*/, + hdb_entry_ex */*server_ex*/, + const char */*server_name*/, + KDC_REQ */*req*/, + krb5_data */*e_data*/); + krb5_boolean _kdc_check_addresses ( krb5_context /*context*/, @@ -39,82 +51,34 @@ _kdc_check_addresses ( HostAddresses */*addresses*/, const struct sockaddr */*from*/); -krb5_error_code -_kdc_check_flags ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - hdb_entry_ex */*client_ex*/, - const char */*client_name*/, - hdb_entry_ex */*server_ex*/, - const char */*server_name*/, - krb5_boolean /*is_as_req*/); - krb5_error_code _kdc_db_fetch ( krb5_context /*context*/, krb5_kdc_configuration */*config*/, krb5_const_principal /*principal*/, unsigned /*flags*/, + krb5uint32 */*kvno_ptr*/, HDB **/*db*/, hdb_entry_ex **/*h*/); -krb5_error_code -_kdc_db_fetch4 ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - const char */*name*/, - const char */*instance*/, - const char */*realm*/, - unsigned /*flags*/, - hdb_entry_ex **/*ent*/); - -krb5_error_code -_kdc_do_524 ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - const Ticket */*t*/, - krb5_data */*reply*/, - const char */*from*/, - struct sockaddr */*addr*/); - krb5_error_code _kdc_do_digest ( krb5_context /*context*/, krb5_kdc_configuration */*config*/, - const DigestREQ */*req*/, + const struct DigestREQ */*req*/, krb5_data */*reply*/, const char */*from*/, struct sockaddr */*addr*/); -krb5_error_code -_kdc_do_kaserver ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - unsigned char */*buf*/, - size_t /*len*/, - krb5_data */*reply*/, - const char */*from*/, - struct sockaddr_in */*addr*/); - krb5_error_code _kdc_do_kx509 ( krb5_context /*context*/, krb5_kdc_configuration */*config*/, - const Kx509Request */*req*/, + const struct Kx509Request */*req*/, krb5_data */*reply*/, const char */*from*/, struct sockaddr */*addr*/); -krb5_error_code -_kdc_do_version4 ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - unsigned char */*buf*/, - size_t /*len*/, - krb5_data */*reply*/, - const char */*from*/, - struct sockaddr_in */*addr*/); - krb5_error_code _kdc_encode_reply ( krb5_context /*context*/, @@ -126,28 +90,21 @@ _kdc_encode_reply ( int /*skvno*/, const EncryptionKey */*skey*/, int /*ckvno*/, - const EncryptionKey */*ckey*/, + const EncryptionKey */*reply_key*/, + int /*rk_is_subkey*/, const char **/*e_text*/, krb5_data */*reply*/); -krb5_error_code -_kdc_encode_v4_ticket ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - void */*buf*/, - size_t /*len*/, - const EncTicketPart */*et*/, - const PrincipalName */*service*/, - size_t */*size*/); - krb5_error_code _kdc_find_etype ( krb5_context /*context*/, - const hdb_entry_ex */*princ*/, + krb5_boolean /*use_strongest_session_key*/, + krb5_boolean /*is_preauth*/, + hdb_entry_ex */*princ*/, krb5_enctype */*etypes*/, unsigned /*len*/, - Key **/*ret_key*/, - krb5_enctype */*ret_etype*/); + krb5_enctype */*ret_enctype*/, + Key **/*ret_key*/); const PA_DATA* _kdc_find_padata ( @@ -163,14 +120,6 @@ _kdc_free_ent ( krb5_context /*context*/, hdb_entry_ex */*ent*/); -krb5_error_code -_kdc_get_des_key ( - krb5_context /*context*/, - hdb_entry_ex */*principal*/, - krb5_boolean /*is_server*/, - krb5_boolean /*prefer_afs_key*/, - Key **/*ret_key*/); - krb5_error_code _kdc_get_preferred_key ( krb5_context /*context*/, @@ -180,6 +129,16 @@ _kdc_get_preferred_key ( krb5_enctype */*enctype*/, Key **/*key*/); +krb5_boolean +_kdc_is_anonymous ( + krb5_context /*context*/, + krb5_principal /*principal*/); + +krb5_boolean +_kdc_is_weak_exception ( + krb5_principal /*principal*/, + krb5_enctype /*etype*/); + void _kdc_log_timestamp ( krb5_context /*context*/, @@ -193,11 +152,6 @@ _kdc_log_timestamp ( krb5_error_code _kdc_make_anonymous_principalname (PrincipalName */*pn*/); -int -_kdc_maybe_version4 ( - unsigned char */*buf*/, - int /*len*/); - krb5_error_code _kdc_pac_generate ( krb5_context /*context*/, @@ -208,41 +162,38 @@ krb5_error_code _kdc_pac_verify ( krb5_context /*context*/, const krb5_principal /*client_principal*/, + const krb5_principal /*delegated_proxy_principal*/, hdb_entry_ex */*client*/, hdb_entry_ex */*server*/, - krb5_pac */*pac*/); + hdb_entry_ex */*krbtgt*/, + krb5_pac */*pac*/, + int */*verified*/); krb5_error_code _kdc_pk_check_client ( krb5_context /*context*/, krb5_kdc_configuration */*config*/, - const hdb_entry_ex */*client*/, - pk_client_params */*client_params*/, + HDB */*clientdb*/, + hdb_entry_ex */*client*/, + pk_client_params */*cp*/, char **/*subject_name*/); void _kdc_pk_free_client_param ( krb5_context /*context*/, - pk_client_params */*client_params*/); - -krb5_error_code -_kdc_pk_initialize ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - const char */*user_id*/, - const char */*anchors*/, - char **/*pool*/, - char **/*revoke_list*/); + pk_client_params */*cp*/); krb5_error_code _kdc_pk_mk_pa_reply ( krb5_context /*context*/, krb5_kdc_configuration */*config*/, - pk_client_params */*client_params*/, + pk_client_params */*cp*/, const hdb_entry_ex */*client*/, + krb5_enctype /*sessionetype*/, const KDC_REQ */*req*/, const krb5_data */*req_buffer*/, krb5_keyblock **/*reply_key*/, + krb5_keyblock */*sessionkey*/, METHOD_DATA */*md*/); krb5_error_code @@ -251,6 +202,7 @@ _kdc_pk_rd_padata ( krb5_kdc_configuration */*config*/, const KDC_REQ */*req*/, const PA_DATA */*pa*/, + hdb_entry_ex */*client*/, pk_client_params **/*ret_params*/); krb5_error_code @@ -274,13 +226,7 @@ krb5_error_code _kdc_try_kx509_request ( void */*ptr*/, size_t /*len*/, - Kx509Request */*req*/, + struct Kx509Request */*req*/, size_t */*size*/); -krb5_error_code -_kdc_windc_client_access ( - krb5_context /*context*/, - struct hdb_entry_ex */*client*/, - KDC_REQ */*req*/); - #endif /* __kdc_private_h__ */ diff --git a/kdc/kdc-protos.h b/kdc/kdc-protos.h index 15e8c29f4cb1..a46993b6790e 100644 --- a/kdc/kdc-protos.h +++ b/kdc/kdc-protos.h @@ -8,6 +8,16 @@ extern "C" { #endif +krb5_error_code +kdc_check_flags ( + krb5_context /*context*/, + krb5_kdc_configuration */*config*/, + hdb_entry_ex */*client_ex*/, + const char */*client_name*/, + hdb_entry_ex */*server_ex*/, + const char */*server_name*/, + krb5_boolean /*is_as_req*/); + void kdc_log ( krb5_context /*context*/, @@ -35,6 +45,7 @@ kdc_log_msg_va ( void kdc_openlog ( krb5_context /*context*/, + const char */*service*/, krb5_kdc_configuration */*config*/); krb5_error_code @@ -42,6 +53,20 @@ krb5_kdc_get_config ( krb5_context /*context*/, krb5_kdc_configuration **/*config*/); +krb5_error_code +krb5_kdc_pk_initialize ( + krb5_context /*context*/, + krb5_kdc_configuration */*config*/, + const char */*user_id*/, + const char */*anchors*/, + char **/*pool*/, + char **/*revoke_list*/); + +krb5_error_code +krb5_kdc_pkinit_config ( + krb5_context /*context*/, + krb5_kdc_configuration */*config*/); + int krb5_kdc_process_krb5_request ( krb5_context /*context*/, diff --git a/kdc/kdc-replay.c b/kdc/kdc-replay.c index 966831dca3f0..b0510f408924 100644 --- a/kdc/kdc-replay.c +++ b/kdc/kdc-replay.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" -RCSID("$Id: kdc-replay.c 21945 2007-10-03 21:52:24Z lha $"); - static int version_flag; static int help_flag; @@ -62,13 +60,13 @@ main(int argc, char **argv) int fd, optidx = 0; setprogname(argv[0]); - + if(getarg(args, num_args, argc, argv, &optidx)) usage(1); if(help_flag) usage(0); - + if(version_flag){ print_version(NULL); exit(0); @@ -82,12 +80,29 @@ main(int argc, char **argv) if (ret) krb5_err(context, 1, ret, "krb5_kdc_default_config"); - kdc_openlog(context, config); + kdc_openlog(context, "kdc-replay", config); ret = krb5_kdc_set_dbinfo(context, config); if (ret) krb5_err(context, 1, ret, "krb5_kdc_set_dbinfo"); +#ifdef PKINIT + if (config->enable_pkinit) { + if (config->pkinit_kdc_identity == NULL) + krb5_errx(context, 1, "pkinit enabled but no identity"); + + if (config->pkinit_kdc_anchors == NULL) + krb5_errx(context, 1, "pkinit enabled but no X509 anchors"); + + krb5_kdc_pk_initialize(context, config, + config->pkinit_kdc_identity, + config->pkinit_kdc_anchors, + config->pkinit_kdc_cert_pool, + config->pkinit_kdc_revoke); + + } +#endif /* PKINIT */ + if (argc != 2) errx(1, "argc != 2"); @@ -145,7 +160,7 @@ main(int argc, char **argv) if (ret) krb5_err(context, 1, ret, "krb5_print_address"); - printf("processing request from %s, %lu bytes\n", + printf("processing request from %s, %lu bytes\n", astr, (unsigned long)d.length); r.length = 0; diff --git a/kdc/kdc-version.rc b/kdc/kdc-version.rc new file mode 100644 index 000000000000..662aff4755f0 --- /dev/null +++ b/kdc/kdc-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Heimdal Kerberos v5 Server" +#define RC_FILE_ORIG_0409 "kdc.exe" + +#include "../windows/version.rc" diff --git a/kdc/kdc.8 b/kdc/kdc.8 index 331682f1cd6b..4a69bda06790 100644 --- a/kdc/kdc.8 +++ b/kdc/kdc.8 @@ -1,35 +1,35 @@ -.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. .\" -.\" $Id: kdc.8 18419 2006-10-12 10:05:57Z lha $ +.\" $Id$ .\" .Dd August 24, 2006 .Dt KDC 8 @@ -41,27 +41,27 @@ .Nm .Bk -words .Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file +.Fl Fl config-file= Ns Ar file .Xc .Oc -.Op Fl p | Fl -no-require-preauth -.Op Fl -max-request= Ns Ar size -.Op Fl H | Fl -enable-http -.Op Fl -no-524 -.Op Fl -kerberos4 -.Op Fl -kerberos4-cross-realm +.Op Fl p | Fl Fl no-require-preauth +.Op Fl Fl max-request= Ns Ar size +.Op Fl H | Fl Fl enable-http +.Op Fl Fl no-524 +.Op Fl Fl kerberos4 +.Op Fl Fl kerberos4-cross-realm .Oo Fl r Ar string \*(Ba Xo -.Fl -v4-realm= Ns Ar string +.Fl Fl v4-realm= Ns Ar string .Xc .Oc -.Op Fl K | Fl -kaserver +.Op Fl K | Fl Fl kaserver .Oo Fl P Ar portspec \*(Ba Xo -.Fl -ports= Ns Ar portspec +.Fl Fl ports= Ns Ar portspec .Xc .Oc -.Op Fl -detach -.Op Fl -disable-DES -.Op Fl -addresses= Ns Ar list of addresses +.Op Fl Fl detach +.Op Fl Fl disable-des +.Op Fl Fl addresses= Ns Ar list of addresses .Ek .Sh DESCRIPTION .Nm @@ -72,17 +72,11 @@ or from a default compiled-in value. .Pp Options supported: .Bl -tag -width Ds -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc +.It Fl c Ar file , Fl Fl config-file= Ns Ar file Specifies the location of the config file, the default is .Pa /var/heimdal/kdc.conf . This is the only value that can't be specified in the config file. -.It Xo -.Fl p , -.Fl -no-require-preauth -.Xc +.It Fl p , Fl Fl no-require-preauth Turn off the requirement for pre-autentication in the initial AS-REQ for all principals. The use of pre-authentication makes it more difficult to do offline @@ -95,34 +89,20 @@ pre-athentication. The default is to require pre-authentication. Adding the require-preauth per principal is a more flexible way of handling this. -.It Xo -.Fl -max-request= Ns Ar size -.Xc +.It Fl Fl max-request= Ns Ar size Gives an upper limit on the size of the requests that the kdc is willing to handle. -.It Xo -.Fl H , -.Fl -enable-http -.Xc +.It Fl H , Fl Fl enable-http Makes the kdc listen on port 80 and handle requests encapsulated in HTTP. -.It Xo -.Fl -no-524 -.Xc +.It Fl Fl no-524 don't respond to 524 requests -.It Xo -.Fl -kerberos4 -.Xc +.It Fl Fl kerberos4 respond to Kerberos 4 requests -.It Xo -.Fl -kerberos4-cross-realm -.Xc +.It Fl Fl kerberos4-cross-realm respond to Kerberos 4 requests from foreign realms. This is a known security hole and should not be enabled unless you understand the consequences and are willing to live with them. -.It Xo -.Fl r Ar string , -.Fl -v4-realm= Ns Ar string -.Xc +.It Fl r Ar string , Fl Fl v4-realm= Ns Ar string What realm this server should act as when dealing with version 4 requests. The database can contain any number of realms, but since the version 4 @@ -130,29 +110,23 @@ protocol doesn't contain a realm for the server, it must be explicitly specified. The default is whatever is returned by .Fn krb_get_lrealm . -This option is only availabe if the KDC has been compiled with version +This option is only available if the KDC has been compiled with version 4 support. -.It Xo -.Fl K , -.Fl -kaserver -.Xc +.It Fl K , Fl Fl kaserver Enable kaserver emulation (in case it's compiled in). -.It Xo -.Fl P Ar portspec , -.Fl -ports= Ns Ar portspec -.Xc +.It Fl P Ar portspec , Fl Fl ports= Ns Ar portspec Specifies the set of ports the KDC should listen on. It is given as a white-space separated list of services or port numbers. -.It Fl -addresses= Ns Ar list of addresses +.It Fl Fl addresses= Ns Ar list of addresses The list of addresses to listen for requests on. By default, the kdc will listen on all the locally configured addresses. If only a subset is desired, or the automatic detection fails, this option might be used. -.It Fl -detach +.It Fl Fl detach detach from pty and run as a daemon. -.It Fl -disable-DES +.It Fl Fl disable-des disable add des encryption types, makes the kdc not use them. .El .Pp @@ -163,13 +137,13 @@ and The entity used for logging is .Nm kdc . .Sh CONFIGURATION FILE -The configuration file has the same syntax as +The configuration file has the same syntax as .Xr krb5.conf 5 , -but will be read before +but will be read before .Pa /etc/krb5.conf , so it may override settings found there. Options specific to the KDC only are found in the -.Dq [kdc] +.Dq [kdc] section. All the command-line options can preferably be added in the configuration file. @@ -179,7 +153,7 @@ specified as: .Dl require-preauth = no .Pp (in fact you can specify the option as -.Fl -require-preauth=no ) . +.Fl Fl require-preauth=no ) . .Pp And there are some configuration options which do not have command-line equivalents: @@ -198,11 +172,8 @@ Permit anonymous tickets with no addresses. .It Li max-kdc-datagram-reply-length = Va number Maximum packet size the UDP rely that the KDC will transmit, instead the KDC sends back a reply telling the client to use TCP instead. -.It Li transited-policy = Xo -.Li always-check \*(Ba -.Li allow-per-principal | -.Li always-honour-request -.Xc +.It Li transited-policy = Li always-check \*(Ba \ +Li allow-per-principal | Li always-honour-request This controls how KDC requests with the .Li disable-transited-check flag are handled. It can be one of: @@ -227,7 +198,7 @@ How long before password/principal expiration the KDC should start sending out warning messages. .El .Pp -The configuration file is only read when the +The configuration file is only read when the .Nm is started. If changes made to the configuration file are to take effect, the @@ -252,7 +223,7 @@ addresses, the best option is probably to listen to a wildcarded TCP socket, and make sure your clients use TCP to connect. For instance, this will listen to IPv4 TCP port 88 only: .Bd -literal -offset indent -kdc --addresses=0.0.0.0 --ports="88/tcp" +kdc --addresses=0.0.0.0 --ports="88/tcp" .Ed .Pp There should be a way to specify protocol, port, and address triplets, diff --git a/kdc/kdc.cat8 b/kdc/kdc.cat8 new file mode 100644 index 000000000000..8df1c3ebacbc --- /dev/null +++ b/kdc/kdc.cat8 @@ -0,0 +1,176 @@ + +KDC(8) BSD System Manager's Manual KDC(8) + +NNAAMMEE + kkddcc -- Kerberos 5 server + +SSYYNNOOPPSSIISS + kkddcc [--cc _f_i_l_e | ----ccoonnffiigg--ffiillee==_f_i_l_e] [--pp | ----nnoo--rreeqquuiirree--pprreeaauutthh] + [----mmaaxx--rreeqquueesstt==_s_i_z_e] [--HH | ----eennaabbllee--hhttttpp] [----nnoo--552244] [----kkeerrbbeerrooss44] + [----kkeerrbbeerrooss44--ccrroossss--rreeaallmm] [--rr _s_t_r_i_n_g | ----vv44--rreeaallmm==_s_t_r_i_n_g] + [--KK | ----kkaasseerrvveerr] [--PP _p_o_r_t_s_p_e_c | ----ppoorrttss==_p_o_r_t_s_p_e_c] [----ddeettaacchh] + [----ddiissaabbllee--ddeess] [----aaddddrreesssseess==_l_i_s_t _o_f _a_d_d_r_e_s_s_e_s] + +DDEESSCCRRIIPPTTIIOONN + kkddcc serves requests for tickets. When it starts, it first checks the + flags passed, any options that are not specified with a command line flag + are taken from a config file, or from a default compiled-in value. + + Options supported: + + --cc _f_i_l_e, ----ccoonnffiigg--ffiillee==_f_i_l_e + Specifies the location of the config file, the default is + _/_v_a_r_/_h_e_i_m_d_a_l_/_k_d_c_._c_o_n_f. This is the only value that can't be + specified in the config file. + + --pp, ----nnoo--rreeqquuiirree--pprreeaauutthh + Turn off the requirement for pre-autentication in the initial AS- + REQ for all principals. The use of pre-authentication makes it + more difficult to do offline password attacks. You might want to + turn it off if you have clients that don't support pre-authenti- + cation. Since the version 4 protocol doesn't support any pre- + authentication, serving version 4 clients is just about the same + as not requiring pre-athentication. The default is to require + pre-authentication. Adding the require-preauth per principal is + a more flexible way of handling this. + + ----mmaaxx--rreeqquueesstt==_s_i_z_e + Gives an upper limit on the size of the requests that the kdc is + willing to handle. + + --HH, ----eennaabbllee--hhttttpp + Makes the kdc listen on port 80 and handle requests encapsulated + in HTTP. + + ----nnoo--552244 + don't respond to 524 requests + + ----kkeerrbbeerrooss44 + respond to Kerberos 4 requests + + ----kkeerrbbeerrooss44--ccrroossss--rreeaallmm + respond to Kerberos 4 requests from foreign realms. This is a + known security hole and should not be enabled unless you under- + stand the consequences and are willing to live with them. + + --rr _s_t_r_i_n_g, ----vv44--rreeaallmm==_s_t_r_i_n_g + What realm this server should act as when dealing with version 4 + requests. The database can contain any number of realms, but + since the version 4 protocol doesn't contain a realm for the + server, it must be explicitly specified. The default is whatever + is returned by kkrrbb__ggeett__llrreeaallmm(). This option is only available + if the KDC has been compiled with version 4 support. + + --KK, ----kkaasseerrvveerr + Enable kaserver emulation (in case it's compiled in). + + --PP _p_o_r_t_s_p_e_c, ----ppoorrttss==_p_o_r_t_s_p_e_c + Specifies the set of ports the KDC should listen on. It is given + as a white-space separated list of services or port numbers. + + ----aaddddrreesssseess==_l_i_s_t _o_f _a_d_d_r_e_s_s_e_s + The list of addresses to listen for requests on. By default, the + kdc will listen on all the locally configured addresses. If only + a subset is desired, or the automatic detection fails, this + option might be used. + + ----ddeettaacchh + detach from pty and run as a daemon. + + ----ddiissaabbllee--ddeess + disable add des encryption types, makes the kdc not use them. + + All activities are logged to one or more destinations, see krb5.conf(5), + and krb5_openlog(3). The entity used for logging is kkddcc. + +CCOONNFFIIGGUURRAATTIIOONN FFIILLEE + The configuration file has the same syntax as krb5.conf(5), but will be + read before _/_e_t_c_/_k_r_b_5_._c_o_n_f, so it may override settings found there. + Options specific to the KDC only are found in the ``[kdc]'' section. All + the command-line options can preferably be added in the configuration + file. The only difference is the pre-authentication flag, which has to + be specified as: + + require-preauth = no + + (in fact you can specify the option as ----rreeqquuiirree--pprreeaauutthh==nnoo). + + And there are some configuration options which do not have command-line + equivalents: + + enable-digest = _b_o_o_l_e_a_n + turn on support for digest processing in the KDC. The default + is FALSE. + + check-ticket-addresses = _b_o_o_l_e_a_n + Check the addresses in the ticket when processing TGS + requests. The default is TRUE. + + allow-null-ticket-addresses = _b_o_o_l_e_a_n + Permit tickets with no addresses. This option is only rele- + vant when check-ticket-addresses is TRUE. + + allow-anonymous = _b_o_o_l_e_a_n + Permit anonymous tickets with no addresses. + + max-kdc-datagram-reply-length = _n_u_m_b_e_r + Maximum packet size the UDP rely that the KDC will transmit, + instead the KDC sends back a reply telling the client to use + TCP instead. + + transited-policy = always-check | allow-per-principal | + always-honour-request + This controls how KDC requests with the + disable-transited-check flag are handled. It can be one of: + + always-check + Always check transited encoding, this is the + default. + + allow-per-principal + Currently this is identical to always-check. In a + future release, it will be possible to mark a prin- + cipal as able to handle unchecked requests. + + always-honour-request + Always do what the client asked. In a future + release, it will be possible to force a check per + principal. + + encode_as_rep_as_tgs_rep = _b_o_o_l_e_a_n + Encode AS-Rep as TGS-Rep to be bug-compatible with old DCE + code. The Heimdal clients allow both. + + kdc_warn_pwexpire = _t_i_m_e + How long before password/principal expiration the KDC should + start sending out warning messages. + + The configuration file is only read when the kkddcc is started. If changes + made to the configuration file are to take effect, the kkddcc needs to be + restarted. + + An example of a config file: + + [kdc] + require-preauth = no + v4-realm = FOO.SE + +BBUUGGSS + If the machine running the KDC has new addresses added to it, the KDC + will have to be restarted to listen to them. The reason it doesn't just + listen to wildcarded (like INADDR_ANY) addresses, is that the replies has + to come from the same address they were sent to, and most OS:es doesn't + pass this information to the application. If your normal mode of opera- + tion require that you add and remove addresses, the best option is proba- + bly to listen to a wildcarded TCP socket, and make sure your clients use + TCP to connect. For instance, this will listen to IPv4 TCP port 88 only: + + kdc --addresses=0.0.0.0 --ports="88/tcp" + + There should be a way to specify protocol, port, and address triplets, + not just addresses and protocol, port tuples. + +SSEEEE AALLSSOO + kinit(1), krb5.conf(5) + +HEIMDAL August 24, 2006 HEIMDAL diff --git a/kdc/kdc.h b/kdc/kdc.h index 6c129f38f520..9d52fd4c2ec1 100644 --- a/kdc/kdc.h +++ b/kdc/kdc.h @@ -1,51 +1,52 @@ /* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * * Copyright (c) 2005 Andrew Bartlett - * - * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* - * $Id: kdc.h 21287 2007-06-25 14:09:03Z lha $ +/* + * $Id$ */ #ifndef __KDC_H__ #define __KDC_H__ +#include #include enum krb5_kdc_trpolicy { TRPOLICY_ALWAYS_CHECK, - TRPOLICY_ALLOW_PER_PRINCIPAL, + TRPOLICY_ALLOW_PER_PRINCIPAL, TRPOLICY_ALWAYS_HONOUR_REQUEST }; @@ -57,26 +58,28 @@ typedef struct krb5_kdc_configuration { int num_db; krb5_boolean encode_as_rep_as_tgs_rep; /* bug compatibility */ - + + krb5_boolean as_use_strongest_session_key; + krb5_boolean preauth_use_strongest_session_key; + krb5_boolean tgs_use_strongest_session_key; + krb5_boolean use_strongest_server_key; + krb5_boolean check_ticket_addresses; krb5_boolean allow_null_ticket_addresses; krb5_boolean allow_anonymous; enum krb5_kdc_trpolicy trpolicy; - char *v4_realm; - krb5_boolean enable_v4; - krb5_boolean enable_v4_cross_realm; - krb5_boolean enable_v4_per_principal; - - krb5_boolean enable_kaserver; - - krb5_boolean enable_524; - krb5_boolean enable_pkinit; krb5_boolean pkinit_princ_in_cert; - char *pkinit_kdc_ocsp_file; + const char *pkinit_kdc_identity; + const char *pkinit_kdc_anchors; + const char *pkinit_kdc_friendly_name; + const char *pkinit_kdc_ocsp_file; + char **pkinit_kdc_cert_pool; + char **pkinit_kdc_revoke; int pkinit_dh_min_bits; int pkinit_require_binding; + int pkinit_allow_proxy_certs; krb5_log_facility *logf; @@ -91,6 +94,20 @@ typedef struct krb5_kdc_configuration { } krb5_kdc_configuration; +struct krb5_kdc_service { + unsigned int flags; +#define KS_KRB5 1 +#define KS_NO_LENGTH 2 + krb5_error_code (*process)(krb5_context context, + krb5_kdc_configuration *config, + krb5_data *req_buffer, + krb5_data *reply, + const char *from, + struct sockaddr *addr, + int datagram_reply, + int *claim); +}; + #include #endif diff --git a/kdc/kdc_locl.h b/kdc/kdc_locl.h index fe0523665a4d..36d694dae5f9 100644 --- a/kdc/kdc_locl.h +++ b/kdc/kdc_locl.h @@ -1,60 +1,65 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* - * $Id: kdc_locl.h 22247 2007-12-08 23:49:41Z lha $ +/* + * $Id$ */ #ifndef __KDC_LOCL_H__ #define __KDC_LOCL_H__ #include "headers.h" -#include "kdc.h" typedef struct pk_client_params pk_client_params; +struct DigestREQ; +struct Kx509Request; #include extern sig_atomic_t exit_flag; -extern size_t max_request; +extern size_t max_request_udp; +extern size_t max_request_tcp; extern const char *request_log; extern const char *port_str; extern krb5_addresses explicit_addresses; extern int enable_http; +#ifdef SUPPORT_DETACH + #define DETACH_IS_DEFAULT FALSE extern int detach_from_console; +#endif extern const struct units _kdc_digestunits[]; @@ -63,10 +68,17 @@ extern const struct units _kdc_digestunits[]; extern struct timeval _kdc_now; #define kdc_time (_kdc_now.tv_sec) +extern char *runas_string; +extern char *chroot_string; + void loop(krb5_context context, krb5_kdc_configuration *config); krb5_kdc_configuration * configure(krb5_context context, int argc, char **argv); +#ifdef __APPLE__ +void bonjour_announce(krb5_context, krb5_kdc_configuration *); +#endif + #endif /* __KDC_LOCL_H__ */ diff --git a/kdc/kerberos4.c b/kdc/kerberos4.c deleted file mode 100644 index cbba64945b3e..000000000000 --- a/kdc/kerberos4.c +++ /dev/null @@ -1,805 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -#include - -RCSID("$Id: kerberos4.c 21577 2007-07-16 08:14:06Z lha $"); - -#ifndef swap32 -static uint32_t -swap32(uint32_t x) -{ - return ((x << 24) & 0xff000000) | - ((x << 8) & 0xff0000) | - ((x >> 8) & 0xff00) | - ((x >> 24) & 0xff); -} -#endif /* swap32 */ - -int -_kdc_maybe_version4(unsigned char *buf, int len) -{ - return len > 0 && *buf == 4; -} - -static void -make_err_reply(krb5_context context, krb5_data *reply, - int code, const char *msg) -{ - _krb5_krb_cr_err_reply(context, "", "", "", - kdc_time, code, msg, reply); -} - -struct valid_princ_ctx { - krb5_kdc_configuration *config; - unsigned flags; -}; - -static krb5_boolean -valid_princ(krb5_context context, - void *funcctx, - krb5_principal princ) -{ - struct valid_princ_ctx *ctx = funcctx; - krb5_error_code ret; - char *s; - hdb_entry_ex *ent; - - ret = krb5_unparse_name(context, princ, &s); - if (ret) - return FALSE; - ret = _kdc_db_fetch(context, ctx->config, princ, ctx->flags, NULL, &ent); - if (ret) { - kdc_log(context, ctx->config, 7, "Lookup %s failed: %s", s, - krb5_get_err_text (context, ret)); - free(s); - return FALSE; - } - kdc_log(context, ctx->config, 7, "Lookup %s succeeded", s); - free(s); - _kdc_free_ent(context, ent); - return TRUE; -} - -krb5_error_code -_kdc_db_fetch4(krb5_context context, - krb5_kdc_configuration *config, - const char *name, const char *instance, const char *realm, - unsigned flags, - hdb_entry_ex **ent) -{ - krb5_principal p; - krb5_error_code ret; - struct valid_princ_ctx ctx; - - ctx.config = config; - ctx.flags = flags; - - ret = krb5_425_conv_principal_ext2(context, name, instance, realm, - valid_princ, &ctx, 0, &p); - if(ret) - return ret; - ret = _kdc_db_fetch(context, config, p, flags, NULL, ent); - krb5_free_principal(context, p); - return ret; -} - -#define RCHECK(X, L) if(X){make_err_reply(context, reply, KFAILURE, "Packet too short"); goto L;} - -/* - * Process the v4 request in `buf, len' (received from `addr' - * (with string `from'). - * Return an error code and a reply in `reply'. - */ - -krb5_error_code -_kdc_do_version4(krb5_context context, - krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, - krb5_data *reply, - const char *from, - struct sockaddr_in *addr) -{ - krb5_storage *sp; - krb5_error_code ret; - hdb_entry_ex *client = NULL, *server = NULL; - Key *ckey, *skey; - int8_t pvno; - int8_t msg_type; - int lsb; - char *name = NULL, *inst = NULL, *realm = NULL; - char *sname = NULL, *sinst = NULL; - int32_t req_time; - time_t max_life; - uint8_t life; - char client_name[256]; - char server_name[256]; - - if(!config->enable_v4) { - kdc_log(context, config, 0, - "Rejected version 4 request from %s", from); - make_err_reply(context, reply, KRB4ET_KDC_GEN_ERR, - "Function not enabled"); - return 0; - } - - sp = krb5_storage_from_mem(buf, len); - RCHECK(krb5_ret_int8(sp, &pvno), out); - if(pvno != 4){ - kdc_log(context, config, 0, - "Protocol version mismatch (krb4) (%d)", pvno); - make_err_reply(context, reply, KRB4ET_KDC_PKT_VER, "protocol mismatch"); - goto out; - } - RCHECK(krb5_ret_int8(sp, &msg_type), out); - lsb = msg_type & 1; - msg_type &= ~1; - switch(msg_type){ - case AUTH_MSG_KDC_REQUEST: { - krb5_data ticket, cipher; - krb5_keyblock session; - - krb5_data_zero(&ticket); - krb5_data_zero(&cipher); - - RCHECK(krb5_ret_stringz(sp, &name), out1); - RCHECK(krb5_ret_stringz(sp, &inst), out1); - RCHECK(krb5_ret_stringz(sp, &realm), out1); - RCHECK(krb5_ret_int32(sp, &req_time), out1); - if(lsb) - req_time = swap32(req_time); - RCHECK(krb5_ret_uint8(sp, &life), out1); - RCHECK(krb5_ret_stringz(sp, &sname), out1); - RCHECK(krb5_ret_stringz(sp, &sinst), out1); - snprintf (client_name, sizeof(client_name), - "%s.%s@%s", name, inst, realm); - snprintf (server_name, sizeof(server_name), - "%s.%s@%s", sname, sinst, config->v4_realm); - - kdc_log(context, config, 0, "AS-REQ (krb4) %s from %s for %s", - client_name, from, server_name); - - ret = _kdc_db_fetch4(context, config, name, inst, realm, - HDB_F_GET_CLIENT, &client); - if(ret) { - kdc_log(context, config, 0, "Client not found in database: %s: %s", - client_name, krb5_get_err_text(context, ret)); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, - "principal unknown"); - goto out1; - } - ret = _kdc_db_fetch4(context, config, sname, sinst, config->v4_realm, - HDB_F_GET_SERVER, &server); - if(ret){ - kdc_log(context, config, 0, "Server not found in database: %s: %s", - server_name, krb5_get_err_text(context, ret)); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, - "principal unknown"); - goto out1; - } - - ret = _kdc_check_flags (context, config, - client, client_name, - server, server_name, - TRUE); - if (ret) { - /* good error code? */ - make_err_reply(context, reply, KRB4ET_KDC_NAME_EXP, - "operation not allowed"); - goto out1; - } - - if (config->enable_v4_per_principal && - client->entry.flags.allow_kerberos4 == 0) - { - kdc_log(context, config, 0, - "Per principal Kerberos 4 flag not turned on for %s", - client_name); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "allow kerberos4 flag required"); - goto out1; - } - - /* - * There's no way to do pre-authentication in v4 and thus no - * good error code to return if preauthentication is required. - */ - - if (config->require_preauth - || client->entry.flags.require_preauth - || server->entry.flags.require_preauth) { - kdc_log(context, config, 0, - "Pre-authentication required for v4-request: " - "%s for %s", - client_name, server_name); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "preauth required"); - goto out1; - } - - ret = _kdc_get_des_key(context, client, FALSE, FALSE, &ckey); - if(ret){ - kdc_log(context, config, 0, "no suitable DES key for client"); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "no suitable DES key for client"); - goto out1; - } - -#if 0 - /* this is not necessary with the new code in libkrb */ - /* find a properly salted key */ - while(ckey->salt == NULL || ckey->salt->salt.length != 0) - ret = hdb_next_keytype2key(context, &client->entry, KEYTYPE_DES, &ckey); - if(ret){ - kdc_log(context, config, 0, "No version-4 salted key in database -- %s.%s@%s", - name, inst, realm); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "No version-4 salted key in database"); - goto out1; - } -#endif - - ret = _kdc_get_des_key(context, server, TRUE, FALSE, &skey); - if(ret){ - kdc_log(context, config, 0, "no suitable DES key for server"); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "no suitable DES key for server"); - goto out1; - } - - max_life = _krb5_krb_life_to_time(0, life); - if(client->entry.max_life) - max_life = min(max_life, *client->entry.max_life); - if(server->entry.max_life) - max_life = min(max_life, *server->entry.max_life); - - life = krb_time_to_life(kdc_time, kdc_time + max_life); - - ret = krb5_generate_random_keyblock(context, - ETYPE_DES_PCBC_NONE, - &session); - if (ret) { - make_err_reply(context, reply, KFAILURE, - "Not enough random i KDC"); - goto out1; - } - - ret = _krb5_krb_create_ticket(context, - 0, - name, - inst, - config->v4_realm, - addr->sin_addr.s_addr, - &session, - life, - kdc_time, - sname, - sinst, - &skey->key, - &ticket); - if (ret) { - krb5_free_keyblock_contents(context, &session); - make_err_reply(context, reply, KFAILURE, - "failed to create v4 ticket"); - goto out1; - } - - ret = _krb5_krb_create_ciph(context, - &session, - sname, - sinst, - config->v4_realm, - life, - server->entry.kvno % 255, - &ticket, - kdc_time, - &ckey->key, - &cipher); - krb5_free_keyblock_contents(context, &session); - krb5_data_free(&ticket); - if (ret) { - make_err_reply(context, reply, KFAILURE, - "Failed to create v4 cipher"); - goto out1; - } - - ret = _krb5_krb_create_auth_reply(context, - name, - inst, - realm, - req_time, - 0, - client->entry.pw_end ? *client->entry.pw_end : 0, - client->entry.kvno % 256, - &cipher, - reply); - krb5_data_free(&cipher); - - out1: - break; - } - case AUTH_MSG_APPL_REQUEST: { - struct _krb5_krb_auth_data ad; - int8_t kvno; - int8_t ticket_len; - int8_t req_len; - krb5_data auth; - int32_t address; - size_t pos; - krb5_principal tgt_princ = NULL; - hdb_entry_ex *tgt = NULL; - Key *tkey; - time_t max_end, actual_end, issue_time; - - memset(&ad, 0, sizeof(ad)); - krb5_data_zero(&auth); - - RCHECK(krb5_ret_int8(sp, &kvno), out2); - RCHECK(krb5_ret_stringz(sp, &realm), out2); - - ret = krb5_425_conv_principal(context, "krbtgt", realm, - config->v4_realm, - &tgt_princ); - if(ret){ - kdc_log(context, config, 0, - "Converting krbtgt principal (krb4): %s", - krb5_get_err_text(context, ret)); - make_err_reply(context, reply, KFAILURE, - "Failed to convert v4 principal (krbtgt)"); - goto out2; - } - - ret = _kdc_db_fetch(context, config, tgt_princ, - HDB_F_GET_KRBTGT, NULL, &tgt); - if(ret){ - char *s; - s = kdc_log_msg(context, config, 0, "Ticket-granting ticket not " - "found in database (krb4): krbtgt.%s@%s: %s", - realm, config->v4_realm, - krb5_get_err_text(context, ret)); - make_err_reply(context, reply, KFAILURE, s); - free(s); - goto out2; - } - - if(tgt->entry.kvno % 256 != kvno){ - kdc_log(context, config, 0, - "tgs-req (krb4) with old kvno %d (current %d) for " - "krbtgt.%s@%s", kvno, tgt->entry.kvno % 256, - realm, config->v4_realm); - make_err_reply(context, reply, KRB4ET_KDC_AUTH_EXP, - "old krbtgt kvno used"); - goto out2; - } - - ret = _kdc_get_des_key(context, tgt, TRUE, FALSE, &tkey); - if(ret){ - kdc_log(context, config, 0, - "no suitable DES key for krbtgt (krb4)"); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "no suitable DES key for krbtgt"); - goto out2; - } - - RCHECK(krb5_ret_int8(sp, &ticket_len), out2); - RCHECK(krb5_ret_int8(sp, &req_len), out2); - - pos = krb5_storage_seek(sp, ticket_len + req_len, SEEK_CUR); - - auth.data = buf; - auth.length = pos; - - if (config->check_ticket_addresses) - address = addr->sin_addr.s_addr; - else - address = 0; - - ret = _krb5_krb_rd_req(context, &auth, "krbtgt", realm, - config->v4_realm, - address, &tkey->key, &ad); - if(ret){ - kdc_log(context, config, 0, "krb_rd_req: %d", ret); - make_err_reply(context, reply, ret, "failed to parse request"); - goto out2; - } - - RCHECK(krb5_ret_int32(sp, &req_time), out2); - if(lsb) - req_time = swap32(req_time); - RCHECK(krb5_ret_uint8(sp, &life), out2); - RCHECK(krb5_ret_stringz(sp, &sname), out2); - RCHECK(krb5_ret_stringz(sp, &sinst), out2); - snprintf (server_name, sizeof(server_name), - "%s.%s@%s", - sname, sinst, config->v4_realm); - snprintf (client_name, sizeof(client_name), - "%s.%s@%s", - ad.pname, ad.pinst, ad.prealm); - - kdc_log(context, config, 0, "TGS-REQ (krb4) %s from %s for %s", - client_name, from, server_name); - - if(strcmp(ad.prealm, realm)){ - kdc_log(context, config, 0, - "Can't hop realms (krb4) %s -> %s", realm, ad.prealm); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, - "Can't hop realms"); - goto out2; - } - - if (!config->enable_v4_cross_realm && strcmp(realm, config->v4_realm) != 0) { - kdc_log(context, config, 0, - "krb4 Cross-realm %s -> %s disabled", - realm, config->v4_realm); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, - "Can't hop realms"); - goto out2; - } - - if(strcmp(sname, "changepw") == 0){ - kdc_log(context, config, 0, - "Bad request for changepw ticket (krb4)"); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, - "Can't authorize password change based on TGT"); - goto out2; - } - - ret = _kdc_db_fetch4(context, config, ad.pname, ad.pinst, ad.prealm, - HDB_F_GET_CLIENT, &client); - if(ret && ret != HDB_ERR_NOENTRY) { - char *s; - s = kdc_log_msg(context, config, 0, - "Client not found in database: (krb4) %s: %s", - client_name, krb5_get_err_text(context, ret)); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, s); - free(s); - goto out2; - } - if (client == NULL && strcmp(ad.prealm, config->v4_realm) == 0) { - char *s; - s = kdc_log_msg(context, config, 0, - "Local client not found in database: (krb4) " - "%s", client_name); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, s); - free(s); - goto out2; - } - - ret = _kdc_db_fetch4(context, config, sname, sinst, config->v4_realm, - HDB_F_GET_SERVER, &server); - if(ret){ - char *s; - s = kdc_log_msg(context, config, 0, - "Server not found in database (krb4): %s: %s", - server_name, krb5_get_err_text(context, ret)); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, s); - free(s); - goto out2; - } - - ret = _kdc_check_flags (context, config, - client, client_name, - server, server_name, - FALSE); - if (ret) { - make_err_reply(context, reply, KRB4ET_KDC_NAME_EXP, - "operation not allowed"); - goto out2; - } - - ret = _kdc_get_des_key(context, server, TRUE, FALSE, &skey); - if(ret){ - kdc_log(context, config, 0, - "no suitable DES key for server (krb4)"); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "no suitable DES key for server"); - goto out2; - } - - max_end = _krb5_krb_life_to_time(ad.time_sec, ad.life); - max_end = min(max_end, _krb5_krb_life_to_time(kdc_time, life)); - if(server->entry.max_life) - max_end = min(max_end, kdc_time + *server->entry.max_life); - if(client && client->entry.max_life) - max_end = min(max_end, kdc_time + *client->entry.max_life); - life = min(life, krb_time_to_life(kdc_time, max_end)); - - issue_time = kdc_time; - actual_end = _krb5_krb_life_to_time(issue_time, life); - while (actual_end > max_end && life > 1) { - /* move them into the next earlier lifetime bracket */ - life--; - actual_end = _krb5_krb_life_to_time(issue_time, life); - } - if (actual_end > max_end) { - /* if life <= 1 and it's still too long, backdate the ticket */ - issue_time -= actual_end - max_end; - } - - { - krb5_data ticket, cipher; - krb5_keyblock session; - - krb5_data_zero(&ticket); - krb5_data_zero(&cipher); - - ret = krb5_generate_random_keyblock(context, - ETYPE_DES_PCBC_NONE, - &session); - if (ret) { - make_err_reply(context, reply, KFAILURE, - "Not enough random i KDC"); - goto out2; - } - - ret = _krb5_krb_create_ticket(context, - 0, - ad.pname, - ad.pinst, - ad.prealm, - addr->sin_addr.s_addr, - &session, - life, - issue_time, - sname, - sinst, - &skey->key, - &ticket); - if (ret) { - krb5_free_keyblock_contents(context, &session); - make_err_reply(context, reply, KFAILURE, - "failed to create v4 ticket"); - goto out2; - } - - ret = _krb5_krb_create_ciph(context, - &session, - sname, - sinst, - config->v4_realm, - life, - server->entry.kvno % 255, - &ticket, - issue_time, - &ad.session, - &cipher); - krb5_free_keyblock_contents(context, &session); - if (ret) { - make_err_reply(context, reply, KFAILURE, - "failed to create v4 cipher"); - goto out2; - } - - ret = _krb5_krb_create_auth_reply(context, - ad.pname, - ad.pinst, - ad.prealm, - req_time, - 0, - 0, - 0, - &cipher, - reply); - krb5_data_free(&cipher); - } - out2: - _krb5_krb_free_auth_data(context, &ad); - if(tgt_princ) - krb5_free_principal(context, tgt_princ); - if(tgt) - _kdc_free_ent(context, tgt); - break; - } - case AUTH_MSG_ERR_REPLY: - break; - default: - kdc_log(context, config, 0, "Unknown message type (krb4): %d from %s", - msg_type, from); - - make_err_reply(context, reply, KFAILURE, "Unknown message type"); - } - out: - if(name) - free(name); - if(inst) - free(inst); - if(realm) - free(realm); - if(sname) - free(sname); - if(sinst) - free(sinst); - if(client) - _kdc_free_ent(context, client); - if(server) - _kdc_free_ent(context, server); - krb5_storage_free(sp); - return 0; -} - -krb5_error_code -_kdc_encode_v4_ticket(krb5_context context, - krb5_kdc_configuration *config, - void *buf, size_t len, const EncTicketPart *et, - const PrincipalName *service, size_t *size) -{ - krb5_storage *sp; - krb5_error_code ret; - char name[40], inst[40], realm[40]; - char sname[40], sinst[40]; - - { - krb5_principal princ; - _krb5_principalname2krb5_principal(context, - &princ, - *service, - et->crealm); - ret = krb5_524_conv_principal(context, - princ, - sname, - sinst, - realm); - krb5_free_principal(context, princ); - if(ret) - return ret; - - _krb5_principalname2krb5_principal(context, - &princ, - et->cname, - et->crealm); - - ret = krb5_524_conv_principal(context, - princ, - name, - inst, - realm); - krb5_free_principal(context, princ); - } - if(ret) - return ret; - - sp = krb5_storage_emem(); - - krb5_store_int8(sp, 0); /* flags */ - krb5_store_stringz(sp, name); - krb5_store_stringz(sp, inst); - krb5_store_stringz(sp, realm); - { - unsigned char tmp[4] = { 0, 0, 0, 0 }; - int i; - if(et->caddr){ - for(i = 0; i < et->caddr->len; i++) - if(et->caddr->val[i].addr_type == AF_INET && - et->caddr->val[i].address.length == 4){ - memcpy(tmp, et->caddr->val[i].address.data, 4); - break; - } - } - krb5_storage_write(sp, tmp, sizeof(tmp)); - } - - if((et->key.keytype != ETYPE_DES_CBC_MD5 && - et->key.keytype != ETYPE_DES_CBC_MD4 && - et->key.keytype != ETYPE_DES_CBC_CRC) || - et->key.keyvalue.length != 8) - return -1; - krb5_storage_write(sp, et->key.keyvalue.data, 8); - - { - time_t start = et->starttime ? *et->starttime : et->authtime; - krb5_store_int8(sp, krb_time_to_life(start, et->endtime)); - krb5_store_int32(sp, start); - } - - krb5_store_stringz(sp, sname); - krb5_store_stringz(sp, sinst); - - { - krb5_data data; - krb5_storage_to_data(sp, &data); - krb5_storage_free(sp); - *size = (data.length + 7) & ~7; /* pad to 8 bytes */ - if(*size > len) - return -1; - memset((unsigned char*)buf - *size + 1, 0, *size); - memcpy((unsigned char*)buf - *size + 1, data.data, data.length); - krb5_data_free(&data); - } - return 0; -} - -krb5_error_code -_kdc_get_des_key(krb5_context context, - hdb_entry_ex *principal, krb5_boolean is_server, - krb5_boolean prefer_afs_key, Key **ret_key) -{ - Key *v5_key = NULL, *v4_key = NULL, *afs_key = NULL, *server_key = NULL; - int i; - krb5_enctype etypes[] = { ETYPE_DES_CBC_MD5, - ETYPE_DES_CBC_MD4, - ETYPE_DES_CBC_CRC }; - - for(i = 0; - i < sizeof(etypes)/sizeof(etypes[0]) - && (v5_key == NULL || v4_key == NULL || - afs_key == NULL || server_key == NULL); - ++i) { - Key *key = NULL; - while(hdb_next_enctype2key(context, &principal->entry, etypes[i], &key) == 0) { - if(key->salt == NULL) { - if(v5_key == NULL) - v5_key = key; - } else if(key->salt->type == hdb_pw_salt && - key->salt->salt.length == 0) { - if(v4_key == NULL) - v4_key = key; - } else if(key->salt->type == hdb_afs3_salt) { - if(afs_key == NULL) - afs_key = key; - } else if(server_key == NULL) - server_key = key; - } - } - - if(prefer_afs_key) { - if(afs_key) - *ret_key = afs_key; - else if(v4_key) - *ret_key = v4_key; - else if(v5_key) - *ret_key = v5_key; - else if(is_server && server_key) - *ret_key = server_key; - else - return KRB4ET_KDC_NULL_KEY; - } else { - if(v4_key) - *ret_key = v4_key; - else if(afs_key) - *ret_key = afs_key; - else if(v5_key) - *ret_key = v5_key; - else if(is_server && server_key) - *ret_key = server_key; - else - return KRB4ET_KDC_NULL_KEY; - } - - if((*ret_key)->key.keyvalue.length == 0) - return KRB4ET_KDC_NULL_KEY; - return 0; -} - diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c index 9582cd85ec38..c13abb7ce0bb 100644 --- a/kdc/kerberos5.c +++ b/kdc/kerberos5.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" -RCSID("$Id: kerberos5.c 22071 2007-11-14 20:04:50Z lha $"); - #define MAX_TIME ((time_t)((1U << 31) - 1)) void @@ -60,13 +58,13 @@ realloc_method_data(METHOD_DATA *md) } static void -set_salt_padata (METHOD_DATA *md, Salt *salt) +set_salt_padata(METHOD_DATA *md, Salt *salt) { if (salt) { - realloc_method_data(md); - md->val[md->len - 1].padata_type = salt->type; - der_copy_octet_string(&salt->salt, - &md->val[md->len - 1].padata_value); + realloc_method_data(md); + md->val[md->len - 1].padata_type = salt->type; + der_copy_octet_string(&salt->salt, + &md->val[md->len - 1].padata_value); } } @@ -76,14 +74,32 @@ _kdc_find_padata(const KDC_REQ *req, int *start, int type) if (req->padata == NULL) return NULL; - while(*start < req->padata->len){ + while((size_t)*start < req->padata->len){ (*start)++; - if(req->padata->val[*start - 1].padata_type == type) + if(req->padata->val[*start - 1].padata_type == (unsigned)type) return &req->padata->val[*start - 1]; } return NULL; } +/* + * This is a hack to allow predefined weak services, like afs to + * still use weak types + */ + +krb5_boolean +_kdc_is_weak_exception(krb5_principal principal, krb5_enctype etype) +{ + if (principal->name.name_string.len > 0 && + strcmp(principal->name.name_string.val[0], "afs") == 0 && + (etype == ETYPE_DES_CBC_CRC + || etype == ETYPE_DES_CBC_MD4 + || etype == ETYPE_DES_CBC_MD5)) + return TRUE; + return FALSE; +} + + /* * Detect if `key' is the using the the precomputed `default_salt'. */ @@ -107,36 +123,103 @@ is_default_salt_p(const krb5_salt *default_salt, const Key *key) */ krb5_error_code -_kdc_find_etype(krb5_context context, const hdb_entry_ex *princ, - krb5_enctype *etypes, unsigned len, - Key **ret_key, krb5_enctype *ret_etype) +_kdc_find_etype(krb5_context context, krb5_boolean use_strongest_session_key, + krb5_boolean is_preauth, hdb_entry_ex *princ, + krb5_enctype *etypes, unsigned len, + krb5_enctype *ret_enctype, Key **ret_key) { - int i; - krb5_error_code ret = KRB5KDC_ERR_ETYPE_NOSUPP; + krb5_error_code ret; krb5_salt def_salt; + krb5_enctype enctype = ETYPE_NULL; + Key *key; + int i; - krb5_get_pw_salt (context, princ->entry.principal, &def_salt); + /* We'll want to avoid keys with v4 salted keys in the pre-auth case... */ + ret = krb5_get_pw_salt(context, princ->entry.principal, &def_salt); + if (ret) + return ret; - for(i = 0; ret != 0 && i < len ; i++) { - Key *key = NULL; + ret = KRB5KDC_ERR_ETYPE_NOSUPP; - if (krb5_enctype_valid(context, etypes[i]) != 0) - continue; + if (use_strongest_session_key) { + const krb5_enctype *p; + krb5_enctype clientbest = ETYPE_NULL; + int j; - while (hdb_next_enctype2key(context, &princ->entry, etypes[i], &key) == 0) { - if (key->key.keyvalue.length == 0) { - ret = KRB5KDC_ERR_NULL_KEY; + /* + * Pick the strongest key that the KDC, target service, and + * client all support, using the local cryptosystem enctype + * list in strongest-to-weakest order to drive the search. + * + * This is not what RFC4120 says to do, but it encourages + * adoption of stronger enctypes. This doesn't play well with + * clients that have multiple Kerberos client implementations + * available with different supported enctype lists. + */ + + /* drive the search with local supported enctypes list */ + p = krb5_kerberos_enctypes(context); + for (i = 0; p[i] != ETYPE_NULL && enctype == ETYPE_NULL; i++) { + if (krb5_enctype_valid(context, p[i]) != 0) continue; + + /* check that the client supports it too */ + for (j = 0; j < len && enctype == ETYPE_NULL; j++) { + if (p[i] != etypes[j]) + continue; + /* save best of union of { client, crypto system } */ + if (clientbest == ETYPE_NULL) + clientbest = p[i]; + /* check target princ support */ + ret = hdb_enctype2key(context, &princ->entry, p[i], &key); + if (ret) + continue; + if (is_preauth && !is_default_salt_p(&def_salt, key)) + continue; + enctype = p[i]; } - *ret_key = key; - *ret_etype = etypes[i]; - ret = 0; - if (is_default_salt_p(&def_salt, key)) { - krb5_free_salt (context, def_salt); - return ret; + } + if (clientbest != ETYPE_NULL && enctype == ETYPE_NULL) + enctype = clientbest; + else if (enctype == ETYPE_NULL) + ret = KRB5KDC_ERR_ETYPE_NOSUPP; + if (ret == 0 && ret_enctype != NULL) + *ret_enctype = enctype; + if (ret == 0 && ret_key != NULL) + *ret_key = key; + } else { + /* + * Pick the first key from the client's enctype list that is + * supported by the cryptosystem and by the given principal. + * + * RFC4120 says we SHOULD pick the first _strong_ key from the + * client's list... not the first key... If the admin disallows + * weak enctypes in krb5.conf and selects this key selection + * algorithm, then we get exactly what RFC4120 says. + */ + for(key = NULL, i = 0; ret != 0 && i < len; i++, key = NULL) { + + if (krb5_enctype_valid(context, etypes[i]) != 0 && + !_kdc_is_weak_exception(princ->entry.principal, etypes[i])) + continue; + + while (hdb_next_enctype2key(context, &princ->entry, etypes[i], &key) == 0) { + if (key->key.keyvalue.length == 0) { + ret = KRB5KDC_ERR_NULL_KEY; + continue; + } + if (ret_key != NULL) + *ret_key = key; + if (ret_enctype != NULL) + *ret_enctype = etypes[i]; + ret = 0; + if (is_preauth && is_default_salt_p(&def_salt, key)) + goto out; } } } + +out: krb5_free_salt (context, def_salt); return ret; } @@ -159,44 +242,44 @@ _kdc_make_anonymous_principalname (PrincipalName *pn) } void -_kdc_log_timestamp(krb5_context context, +_kdc_log_timestamp(krb5_context context, krb5_kdc_configuration *config, const char *type, - KerberosTime authtime, KerberosTime *starttime, + KerberosTime authtime, KerberosTime *starttime, KerberosTime endtime, KerberosTime *renew_till) { - char authtime_str[100], starttime_str[100], + char authtime_str[100], starttime_str[100], endtime_str[100], renewtime_str[100]; - - krb5_format_time(context, authtime, - authtime_str, sizeof(authtime_str), TRUE); + + krb5_format_time(context, authtime, + authtime_str, sizeof(authtime_str), TRUE); if (starttime) - krb5_format_time(context, *starttime, - starttime_str, sizeof(starttime_str), TRUE); + krb5_format_time(context, *starttime, + starttime_str, sizeof(starttime_str), TRUE); else strlcpy(starttime_str, "unset", sizeof(starttime_str)); - krb5_format_time(context, endtime, - endtime_str, sizeof(endtime_str), TRUE); + krb5_format_time(context, endtime, + endtime_str, sizeof(endtime_str), TRUE); if (renew_till) - krb5_format_time(context, *renew_till, - renewtime_str, sizeof(renewtime_str), TRUE); + krb5_format_time(context, *renew_till, + renewtime_str, sizeof(renewtime_str), TRUE); else strlcpy(renewtime_str, "unset", sizeof(renewtime_str)); - + kdc_log(context, config, 5, "%s authtime: %s starttime: %s endtime: %s renew till: %s", type, authtime_str, starttime_str, endtime_str, renewtime_str); } static void -log_patypes(krb5_context context, +log_patypes(krb5_context context, krb5_kdc_configuration *config, METHOD_DATA *padata) { struct rk_strpool *p = NULL; char *str; - int i; - + size_t i; + for (i = 0; i < padata->len; i++) { switch(padata->val[i].padata_type) { case KRB5_PADATA_PK_AS_REQ: @@ -224,7 +307,7 @@ log_patypes(krb5_context context, } if (p == NULL) p = rk_strpoolprintf(p, "none"); - + str = rk_strpoolcollect(p); kdc_log(context, config, 0, "Client sent patypes: %s", str); free(str); @@ -238,23 +321,25 @@ log_patypes(krb5_context context, krb5_error_code _kdc_encode_reply(krb5_context context, krb5_kdc_configuration *config, - KDC_REP *rep, const EncTicketPart *et, EncKDCRepPart *ek, - krb5_enctype etype, + KDC_REP *rep, const EncTicketPart *et, EncKDCRepPart *ek, + krb5_enctype etype, int skvno, const EncryptionKey *skey, - int ckvno, const EncryptionKey *ckey, + int ckvno, const EncryptionKey *reply_key, + int rk_is_subkey, const char **e_text, krb5_data *reply) { unsigned char *buf; size_t buf_size; - size_t len; + size_t len = 0; krb5_error_code ret; krb5_crypto crypto; ASN1_MALLOC_ENCODE(EncTicketPart, buf, buf_size, et, &len, ret); if(ret) { - kdc_log(context, config, 0, "Failed to encode ticket: %s", - krb5_get_err_text(context, ret)); + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, "Failed to encode ticket: %s", msg); + krb5_free_error_message(context, msg); return ret; } if(buf_size != len) { @@ -266,13 +351,15 @@ _kdc_encode_reply(krb5_context context, ret = krb5_crypto_init(context, skey, etype, &crypto); if (ret) { + const char *msg; free(buf); - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); + msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, "krb5_crypto_init failed: %s", msg); + krb5_free_error_message(context, msg); return ret; } - ret = krb5_encrypt_EncryptedData(context, + ret = krb5_encrypt_EncryptedData(context, crypto, KRB5_KU_TICKET, buf, @@ -282,18 +369,20 @@ _kdc_encode_reply(krb5_context context, free(buf); krb5_crypto_destroy(context, crypto); if(ret) { - kdc_log(context, config, 0, "Failed to encrypt data: %s", - krb5_get_err_text(context, ret)); + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, "Failed to encrypt data: %s", msg); + krb5_free_error_message(context, msg); return ret; } - + if(rep->msg_type == krb_as_rep && !config->encode_as_rep_as_tgs_rep) ASN1_MALLOC_ENCODE(EncASRepPart, buf, buf_size, ek, &len, ret); else ASN1_MALLOC_ENCODE(EncTGSRepPart, buf, buf_size, ek, &len, ret); if(ret) { - kdc_log(context, config, 0, "Failed to encode KDC-REP: %s", - krb5_get_err_text(context, ret)); + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, "Failed to encode KDC-REP: %s", msg); + krb5_free_error_message(context, msg); return ret; } if(buf_size != len) { @@ -302,11 +391,12 @@ _kdc_encode_reply(krb5_context context, *e_text = "KDC internal error"; return KRB5KRB_ERR_GENERIC; } - ret = krb5_crypto_init(context, ckey, 0, &crypto); + ret = krb5_crypto_init(context, reply_key, 0, &crypto); if (ret) { + const char *msg = krb5_get_error_message(context, ret); free(buf); - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); + kdc_log(context, config, 0, "krb5_crypto_init failed: %s", msg); + krb5_free_error_message(context, msg); return ret; } if(rep->msg_type == krb_as_rep) { @@ -322,7 +412,7 @@ _kdc_encode_reply(krb5_context context, } else { krb5_encrypt_EncryptedData(context, crypto, - KRB5_KU_TGS_REP_ENC_PART_SESSION, + rk_is_subkey ? KRB5_KU_TGS_REP_ENC_PART_SUB_KEY : KRB5_KU_TGS_REP_ENC_PART_SESSION, buf, len, ckvno, @@ -332,8 +422,9 @@ _kdc_encode_reply(krb5_context context, } krb5_crypto_destroy(context, crypto); if(ret) { - kdc_log(context, config, 0, "Failed to encode KDC-REP: %s", - krb5_get_err_text(context, ret)); + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, "Failed to encode KDC-REP: %s", msg); + krb5_free_error_message(context, msg); return ret; } if(buf_size != len) { @@ -362,7 +453,7 @@ older_enctype(krb5_enctype enctype) case ETYPE_DES3_CBC_SHA1: case ETYPE_ARCFOUR_HMAC_MD5: case ETYPE_ARCFOUR_HMAC_MD5_56: - /* + /* * The following three is "old" windows enctypes and is needed for * windows 2000 hosts. */ @@ -375,18 +466,6 @@ older_enctype(krb5_enctype enctype) } } -static int -only_older_enctype_p(const KDC_REQ *req) -{ - int i; - - for(i = 0; i < req->req_body.etype.len; i++) { - if (!older_enctype(req->req_body.etype.val[i])) - return 0; - } - return 1; -} - /* * */ @@ -404,7 +483,7 @@ make_etype_info_entry(krb5_context context, ETYPE_INFO_ENTRY *ent, Key *key) else if(key->salt->type == hdb_afs3_salt) *ent->salttype = 2; else { - kdc_log(context, config, 0, "unknown salt-type: %d", + kdc_log(context, config, 0, "unknown salt-type: %d", key->salt->type); return KRB5KRB_ERR_GENERIC; } @@ -417,7 +496,7 @@ make_etype_info_entry(krb5_context context, ETYPE_INFO_ENTRY *ent, Key *key) ALLOC(ent->salttype); *ent->salttype = key->salt->type; #else - /* + /* * We shouldn't sent salttype since it is incompatible with the * specification and it breaks windows clients. The afs * salting problem is solved by using KRB5-PADATA-AFS3-SALT @@ -440,74 +519,25 @@ make_etype_info_entry(krb5_context context, ETYPE_INFO_ENTRY *ent, Key *key) } static krb5_error_code -get_pa_etype_info(krb5_context context, +get_pa_etype_info(krb5_context context, krb5_kdc_configuration *config, - METHOD_DATA *md, hdb_entry *client, - ENCTYPE *etypes, unsigned int etypes_len) + METHOD_DATA *md, Key *ckey) { krb5_error_code ret = 0; - int i, j; - unsigned int n = 0; ETYPE_INFO pa; unsigned char *buf; size_t len; - - pa.len = client->keys.len; - if(pa.len > UINT_MAX/sizeof(*pa.val)) - return ERANGE; - pa.val = malloc(pa.len * sizeof(*pa.val)); + + pa.len = 1; + pa.val = calloc(1, sizeof(pa.val[0])); if(pa.val == NULL) return ENOMEM; - memset(pa.val, 0, pa.len * sizeof(*pa.val)); - for(i = 0; i < client->keys.len; i++) { - for (j = 0; j < n; j++) - if (pa.val[j].etype == client->keys.val[i].key.keytype) - goto skip1; - for(j = 0; j < etypes_len; j++) { - if(client->keys.val[i].key.keytype == etypes[j]) { - if (krb5_enctype_valid(context, etypes[j]) != 0) - continue; - if (!older_enctype(etypes[j])) - continue; - if (n >= pa.len) - krb5_abortx(context, "internal error: n >= p.len"); - if((ret = make_etype_info_entry(context, - &pa.val[n++], - &client->keys.val[i])) != 0) { - free_ETYPE_INFO(&pa); - return ret; - } - break; - } - } - skip1:; - } - for(i = 0; i < client->keys.len; i++) { - /* already added? */ - for(j = 0; j < etypes_len; j++) { - if(client->keys.val[i].key.keytype == etypes[j]) - goto skip2; - } - if (krb5_enctype_valid(context, client->keys.val[i].key.keytype) != 0) - continue; - if (!older_enctype(etypes[j])) - continue; - if (n >= pa.len) - krb5_abortx(context, "internal error: n >= p.len"); - if((ret = make_etype_info_entry(context, - &pa.val[n++], - &client->keys.val[i])) != 0) { - free_ETYPE_INFO(&pa); - return ret; - } - skip2:; - } - - if(n < pa.len) { - /* stripped out dups, newer enctypes, and not valid enctypes */ - pa.len = n; + ret = make_etype_info_entry(context, &pa.val[0], ckey); + if (ret) { + free_ETYPE_INFO(&pa); + return ret; } ASN1_MALLOC_ENCODE(ETYPE_INFO, buf, len, &pa, &len, ret); @@ -565,8 +595,8 @@ make_etype_info2_entry(ETYPE_INFO2_ENTRY *ent, Key *key) ent->s2kparams = NULL; return ENOMEM; } - _krb5_put_int(ent->s2kparams->data, - _krb5_AES_string_to_default_iterator, + _krb5_put_int(ent->s2kparams->data, + _krb5_AES_string_to_default_iterator, ent->s2kparams->length); break; case ETYPE_DES_CBC_CRC: @@ -584,7 +614,7 @@ make_etype_info2_entry(ETYPE_INFO2_ENTRY *ent, Key *key) ent->s2kparams = NULL; return ENOMEM; } - _krb5_put_int(ent->s2kparams->data, + _krb5_put_int(ent->s2kparams->data, 1, ent->s2kparams->length); } @@ -602,68 +632,24 @@ make_etype_info2_entry(ETYPE_INFO2_ENTRY *ent, Key *key) */ static krb5_error_code -get_pa_etype_info2(krb5_context context, +get_pa_etype_info2(krb5_context context, krb5_kdc_configuration *config, - METHOD_DATA *md, hdb_entry *client, - ENCTYPE *etypes, unsigned int etypes_len) + METHOD_DATA *md, Key *ckey) { krb5_error_code ret = 0; - int i, j; - unsigned int n = 0; ETYPE_INFO2 pa; unsigned char *buf; size_t len; - pa.len = client->keys.len; - if(pa.len > UINT_MAX/sizeof(*pa.val)) - return ERANGE; - pa.val = malloc(pa.len * sizeof(*pa.val)); + pa.len = 1; + pa.val = calloc(1, sizeof(pa.val[0])); if(pa.val == NULL) return ENOMEM; - memset(pa.val, 0, pa.len * sizeof(*pa.val)); - for(i = 0; i < client->keys.len; i++) { - for (j = 0; j < n; j++) - if (pa.val[j].etype == client->keys.val[i].key.keytype) - goto skip1; - for(j = 0; j < etypes_len; j++) { - if(client->keys.val[i].key.keytype == etypes[j]) { - if (krb5_enctype_valid(context, etypes[j]) != 0) - continue; - if (n >= pa.len) - krb5_abortx(context, "internal error: n >= p.len"); - if((ret = make_etype_info2_entry(&pa.val[n++], - &client->keys.val[i])) != 0) { - free_ETYPE_INFO2(&pa); - return ret; - } - break; - } - } - skip1:; - } - /* send enctypes that the client doesn't know about too */ - for(i = 0; i < client->keys.len; i++) { - /* already added? */ - for(j = 0; j < etypes_len; j++) { - if(client->keys.val[i].key.keytype == etypes[j]) - goto skip2; - } - if (krb5_enctype_valid(context, client->keys.val[i].key.keytype) != 0) - continue; - if (n >= pa.len) - krb5_abortx(context, "internal error: n >= p.len"); - if((ret = make_etype_info2_entry(&pa.val[n++], - &client->keys.val[i])) != 0) { - free_ETYPE_INFO2(&pa); - return ret; - } - skip2:; - } - - if(n < pa.len) { - /* stripped out dups, and not valid enctypes */ - pa.len = n; + ret = make_etype_info2_entry(&pa.val[0], ckey); + if (ret) { + free_ETYPE_INFO2(&pa); + return ret; } ASN1_MALLOC_ENCODE(ETYPE_INFO2, buf, len, &pa, &len, ret); @@ -693,10 +679,12 @@ log_as_req(krb5_context context, const KDC_REQ_BODY *b) { krb5_error_code ret; - struct rk_strpool *p = NULL; + struct rk_strpool *p; char *str; - int i; - + size_t i; + + p = rk_strpoolprintf(NULL, "%s", "Client supported enctypes: "); + for (i = 0; i < b->etype.len; i++) { ret = krb5_enctype_to_string(context, b->etype.val[i], &str); if (ret == 0) { @@ -713,10 +701,6 @@ log_as_req(krb5_context context, } if (p == NULL) p = rk_strpoolprintf(p, "no encryption types"); - - str = rk_strpoolcollect(p); - kdc_log(context, config, 0, "Client supported enctypes: %s", str); - free(str); { char *cet; @@ -726,21 +710,26 @@ log_as_req(krb5_context context, if(ret == 0) { ret = krb5_enctype_to_string(context, setype, &set); if (ret == 0) { - kdc_log(context, config, 5, "Using %s/%s", cet, set); + p = rk_strpoolprintf(p, ", using %s/%s", cet, set); free(set); } free(cet); } if (ret != 0) - kdc_log(context, config, 5, "Using e-types %d/%d", cetype, setype); + p = rk_strpoolprintf(p, ", using enctypes %d/%d", + cetype, setype); } - + + str = rk_strpoolcollect(p); + kdc_log(context, config, 0, "%s", str); + free(str); + { char fixedstr[128]; - unparse_flags(KDCOptions2int(b->kdc_options), asn1_KDCOptions_units(), + unparse_flags(KDCOptions2int(b->kdc_options), asn1_KDCOptions_units(), fixedstr, sizeof(fixedstr)); if(*fixedstr) - kdc_log(context, config, 2, "Requested flags: %s", fixedstr); + kdc_log(context, config, 0, "Requested flags: %s", fixedstr); } } @@ -751,65 +740,76 @@ log_as_req(krb5_context context, */ krb5_error_code -_kdc_check_flags(krb5_context context, - krb5_kdc_configuration *config, - hdb_entry_ex *client_ex, const char *client_name, - hdb_entry_ex *server_ex, const char *server_name, - krb5_boolean is_as_req) +kdc_check_flags(krb5_context context, + krb5_kdc_configuration *config, + hdb_entry_ex *client_ex, const char *client_name, + hdb_entry_ex *server_ex, const char *server_name, + krb5_boolean is_as_req) { if(client_ex != NULL) { hdb_entry *client = &client_ex->entry; /* check client */ + if (client->flags.locked_out) { + kdc_log(context, config, 0, + "Client (%s) is locked out", client_name); + return KRB5KDC_ERR_POLICY; + } + if (client->flags.invalid) { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "Client (%s) has invalid bit set", client_name); return KRB5KDC_ERR_POLICY; } - + if(!client->flags.client){ kdc_log(context, config, 0, "Principal may not act as client -- %s", client_name); return KRB5KDC_ERR_POLICY; } - + if (client->valid_start && *client->valid_start > kdc_time) { char starttime_str[100]; - krb5_format_time(context, *client->valid_start, - starttime_str, sizeof(starttime_str), TRUE); + krb5_format_time(context, *client->valid_start, + starttime_str, sizeof(starttime_str), TRUE); kdc_log(context, config, 0, - "Client not yet valid until %s -- %s", + "Client not yet valid until %s -- %s", starttime_str, client_name); return KRB5KDC_ERR_CLIENT_NOTYET; } - + if (client->valid_end && *client->valid_end < kdc_time) { char endtime_str[100]; - krb5_format_time(context, *client->valid_end, - endtime_str, sizeof(endtime_str), TRUE); + krb5_format_time(context, *client->valid_end, + endtime_str, sizeof(endtime_str), TRUE); kdc_log(context, config, 0, "Client expired at %s -- %s", endtime_str, client_name); return KRB5KDC_ERR_NAME_EXP; } - - if (client->pw_end && *client->pw_end < kdc_time + + if (client->pw_end && *client->pw_end < kdc_time && (server_ex == NULL || !server_ex->entry.flags.change_pw)) { char pwend_str[100]; - krb5_format_time(context, *client->pw_end, - pwend_str, sizeof(pwend_str), TRUE); + krb5_format_time(context, *client->pw_end, + pwend_str, sizeof(pwend_str), TRUE); kdc_log(context, config, 0, - "Client's key has expired at %s -- %s", + "Client's key has expired at %s -- %s", pwend_str, client_name); return KRB5KDC_ERR_KEY_EXPIRED; } } /* check server */ - + if (server_ex != NULL) { hdb_entry *server = &server_ex->entry; + if (server->flags.locked_out) { + kdc_log(context, config, 0, + "Client server locked out -- %s", server_name); + return KRB5KDC_ERR_POLICY; + } if (server->flags.invalid) { kdc_log(context, config, 0, "Server has invalid flag set -- %s", server_name); @@ -830,8 +830,8 @@ _kdc_check_flags(krb5_context context, if (server->valid_start && *server->valid_start > kdc_time) { char starttime_str[100]; - krb5_format_time(context, *server->valid_start, - starttime_str, sizeof(starttime_str), TRUE); + krb5_format_time(context, *server->valid_start, + starttime_str, sizeof(starttime_str), TRUE); kdc_log(context, config, 0, "Server not yet valid until %s -- %s", starttime_str, server_name); @@ -840,20 +840,20 @@ _kdc_check_flags(krb5_context context, if (server->valid_end && *server->valid_end < kdc_time) { char endtime_str[100]; - krb5_format_time(context, *server->valid_end, - endtime_str, sizeof(endtime_str), TRUE); + krb5_format_time(context, *server->valid_end, + endtime_str, sizeof(endtime_str), TRUE); kdc_log(context, config, 0, - "Server expired at %s -- %s", + "Server expired at %s -- %s", endtime_str, server_name); return KRB5KDC_ERR_SERVICE_EXP; } if (server->pw_end && *server->pw_end < kdc_time) { char pwend_str[100]; - krb5_format_time(context, *server->pw_end, - pwend_str, sizeof(pwend_str), TRUE); + krb5_format_time(context, *server->pw_end, + pwend_str, sizeof(pwend_str), TRUE); kdc_log(context, config, 0, - "Server's key has expired at -- %s", + "Server's key has expired at -- %s", pwend_str, server_name); return KRB5KDC_ERR_KEY_EXPIRED; } @@ -868,7 +868,7 @@ _kdc_check_flags(krb5_context context, */ krb5_boolean -_kdc_check_addresses(krb5_context context, +_kdc_check_addresses(krb5_context context, krb5_kdc_configuration *config, HostAddresses *addresses, const struct sockaddr *from) { @@ -876,14 +876,14 @@ _kdc_check_addresses(krb5_context context, krb5_address addr; krb5_boolean result; krb5_boolean only_netbios = TRUE; - int i; - + size_t i; + if(config->check_ticket_addresses == 0) return TRUE; if(addresses == NULL) return config->allow_null_ticket_addresses; - + for (i = 0; i < addresses->len; ++i) { if (addresses->val[i].addr_type != KRB5_ADDRESS_NETBIOS) { only_netbios = FALSE; @@ -919,7 +919,7 @@ send_pac_p(krb5_context context, KDC_REQ *req) PA_PAC_REQUEST pacreq; const PA_DATA *pa; int i = 0; - + pa = _kdc_find_padata(req, &i, KRB5_PADATA_PA_PAC_REQUEST); if (pa == NULL) return TRUE; @@ -937,15 +937,26 @@ send_pac_p(krb5_context context, KDC_REQ *req) return TRUE; } +krb5_boolean +_kdc_is_anonymous(krb5_context context, krb5_principal principal) +{ + if (principal->name.name_type != KRB5_NT_WELLKNOWN || + principal->name.name_string.len != 2 || + strcmp(principal->name.name_string.val[0], KRB5_WELLKNOWN_NAME) != 0 || + strcmp(principal->name.name_string.val[1], KRB5_ANON_NAME) != 0) + return 0; + return 1; +} + /* * */ krb5_error_code -_kdc_as_rep(krb5_context context, +_kdc_as_rep(krb5_context context, krb5_kdc_configuration *config, - KDC_REQ *req, - const krb5_data *req_buffer, + KDC_REQ *req, + const krb5_data *req_buffer, krb5_data *reply, const char *from, struct sockaddr *from_addr, @@ -955,7 +966,8 @@ _kdc_as_rep(krb5_context context, AS_REP rep; KDCOptions f = b->kdc_options; hdb_entry_ex *client = NULL, *server = NULL; - krb5_enctype cetype, setype, sessionetype; + HDB *clientdb; + krb5_enctype setype, sessionetype; krb5_data e_data; EncTicketPart et; EncKDCRepPart ek; @@ -965,15 +977,20 @@ _kdc_as_rep(krb5_context context, const char *e_text = NULL; krb5_crypto crypto; Key *ckey, *skey; - EncryptionKey *reply_key; - int flags = 0; + EncryptionKey *reply_key = NULL, session_key; + int flags = HDB_F_FOR_AS_REQ; #ifdef PKINIT pk_client_params *pkp = NULL; #endif memset(&rep, 0, sizeof(rep)); + memset(&session_key, 0, sizeof(session_key)); krb5_data_zero(&e_data); + ALLOC(rep.padata); + rep.padata->len = 0; + rep.padata->val = NULL; + if (f.canonicalize) flags |= HDB_F_CANON; @@ -989,37 +1006,21 @@ _kdc_as_rep(krb5_context context, ret = krb5_unparse_name(context, server_princ, &server_name); } if (ret) { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "AS-REQ malformed server name from %s", from); goto out; } - if(b->cname == NULL){ ret = KRB5KRB_ERR_GENERIC; e_text = "No client in request"; } else { + ret = _krb5_principalname2krb5_principal (context, + &client_princ, + *(b->cname), + b->realm); + if (ret) + goto out; - if (b->cname->name_type == KRB5_NT_ENTERPRISE_PRINCIPAL) { - if (b->cname->name_string.len != 1) { - kdc_log(context, config, 0, - "AS-REQ malformed canon request from %s, " - "enterprise name with %d name components", - from, b->cname->name_string.len); - ret = KRB5_PARSE_MALFORMED; - goto out; - } - ret = krb5_parse_name(context, b->cname->name_string.val[0], - &client_princ); - if (ret) - goto out; - } else { - ret = _krb5_principalname2krb5_principal (context, - &client_princ, - *(b->cname), - b->realm); - if (ret) - goto out; - } ret = krb5_unparse_name(context, client_princ, &client_name); } if (ret) { @@ -1028,42 +1029,92 @@ _kdc_as_rep(krb5_context context, goto out; } - kdc_log(context, config, 0, "AS-REQ %s from %s for %s", + kdc_log(context, config, 0, "AS-REQ %s from %s for %s", client_name, from, server_name); - ret = _kdc_db_fetch(context, config, client_princ, - HDB_F_GET_CLIENT | flags, NULL, &client); - if(ret){ - kdc_log(context, config, 0, "UNKNOWN -- %s: %s", client_name, - krb5_get_err_text(context, ret)); + /* + * + */ + + if (_kdc_is_anonymous(context, client_princ)) { + if (!b->kdc_options.request_anonymous) { + kdc_log(context, config, 0, "Anonymous ticket w/o anonymous flag"); + ret = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN; + goto out; + } + } else if (b->kdc_options.request_anonymous) { + kdc_log(context, config, 0, + "Request for a anonymous ticket with non " + "anonymous client name: %s", client_name); ret = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN; goto out; } + /* + * + */ + + ret = _kdc_db_fetch(context, config, client_princ, + HDB_F_GET_CLIENT | flags, NULL, + &clientdb, &client); + if(ret == HDB_ERR_NOT_FOUND_HERE) { + kdc_log(context, config, 5, "client %s does not have secrets at this KDC, need to proxy", client_name); + goto out; + } else if(ret){ + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, "UNKNOWN -- %s: %s", client_name, msg); + krb5_free_error_message(context, msg); + ret = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN; + goto out; + } ret = _kdc_db_fetch(context, config, server_princ, - HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, - NULL, &server); - if(ret){ - kdc_log(context, config, 0, "UNKNOWN -- %s: %s", server_name, - krb5_get_err_text(context, ret)); + HDB_F_GET_SERVER|HDB_F_GET_KRBTGT | flags, + NULL, NULL, &server); + if(ret == HDB_ERR_NOT_FOUND_HERE) { + kdc_log(context, config, 5, "target %s does not have secrets at this KDC, need to proxy", server_name); + goto out; + } else if(ret){ + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, "UNKNOWN -- %s: %s", server_name, msg); + krb5_free_error_message(context, msg); ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN; goto out; } - ret = _kdc_windc_client_access(context, client, req); - if(ret) - goto out; - - ret = _kdc_check_flags(context, config, - client, client_name, - server, server_name, - TRUE); - if(ret) - goto out; - memset(&et, 0, sizeof(et)); memset(&ek, 0, sizeof(ek)); + /* + * Select a session enctype from the list of the crypto system + * supported enctypes that is supported by the client and is one of + * the enctype of the enctype of the service (likely krbtgt). + * + * The latter is used as a hint of what enctypes all KDC support, + * to make sure a newer version of KDC won't generate a session + * enctype that an older version of a KDC in the same realm can't + * decrypt. + */ + ret = _kdc_find_etype(context, config->as_use_strongest_session_key, FALSE, + client, b->etype.val, b->etype.len, &sessionetype, + NULL); + if (ret) { + kdc_log(context, config, 0, + "Client (%s) from %s has no common enctypes with KDC " + "to use for the session key", + client_name, from); + goto out; + } + /* + * But if the KDC admin is paranoid and doesn't want to have "not + * the best" enctypes on the krbtgt, lets save the best pick from + * the client list and hope that that will work for any other + * KDCs. + */ + + /* + * Pre-auth processing + */ + if(req->padata){ int i; const PA_DATA *pa; @@ -1072,27 +1123,25 @@ _kdc_as_rep(krb5_context context, log_patypes(context, config, req->padata); #ifdef PKINIT - kdc_log(context, config, 5, + kdc_log(context, config, 5, "Looking for PKINIT pa-data -- %s", client_name); e_text = "No PKINIT PA found"; i = 0; - if ((pa = _kdc_find_padata(req, &i, KRB5_PADATA_PK_AS_REQ))) - ; + pa = _kdc_find_padata(req, &i, KRB5_PADATA_PK_AS_REQ); if (pa == NULL) { i = 0; - if((pa = _kdc_find_padata(req, &i, KRB5_PADATA_PK_AS_REQ_WIN))) - ; + pa = _kdc_find_padata(req, &i, KRB5_PADATA_PK_AS_REQ_WIN); } if (pa) { char *client_cert = NULL; - ret = _kdc_pk_rd_padata(context, config, req, pa, &pkp); + ret = _kdc_pk_rd_padata(context, config, req, pa, client, &pkp); if (ret) { ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - kdc_log(context, config, 5, - "Failed to decode PKINIT PA-DATA -- %s", + kdc_log(context, config, 5, + "Failed to decode PKINIT PA-DATA -- %s", client_name); goto ts_enc; } @@ -1101,6 +1150,7 @@ _kdc_as_rep(krb5_context context, ret = _kdc_pk_check_client(context, config, + clientdb, client, pkp, &client_cert); @@ -1113,10 +1163,11 @@ _kdc_as_rep(krb5_context context, pkp = NULL; goto out; } + found_pa = 1; et.flags.pre_authent = 1; kdc_log(context, config, 0, - "PKINIT pre-authentication succeeded -- %s using %s", + "PKINIT pre-authentication succeeded -- %s using %s", client_name, client_cert); free(client_cert); if (pkp) @@ -1124,7 +1175,7 @@ _kdc_as_rep(krb5_context context, } ts_enc: #endif - kdc_log(context, config, 5, "Looking for ENC-TS pa-data -- %s", + kdc_log(context, config, 5, "Looking for ENC-TS pa-data -- %s", client_name); i = 0; @@ -1136,21 +1187,27 @@ _kdc_as_rep(krb5_context context, EncryptedData enc_data; Key *pa_key; char *str; - + found_pa = 1; - + + if (b->kdc_options.request_anonymous) { + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; + kdc_log(context, config, 0, "ENC-TS doesn't support anon"); + goto out; + } + ret = decode_EncryptedData(pa->padata_value.data, pa->padata_value.length, &enc_data, &len); if (ret) { ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - kdc_log(context, config, 5, "Failed to decode PA-DATA -- %s", + kdc_log(context, config, 5, "Failed to decode PA-DATA -- %s", client_name); goto out; } - - ret = hdb_enctype2key(context, &client->entry, + + ret = hdb_enctype2key(context, &client->entry, enc_data.etype, &pa_key); if(ret){ char *estr; @@ -1159,24 +1216,25 @@ _kdc_as_rep(krb5_context context, if(krb5_enctype_to_string(context, enc_data.etype, &estr)) estr = NULL; if(estr == NULL) - kdc_log(context, config, 5, - "No client key matching pa-data (%d) -- %s", + kdc_log(context, config, 5, + "No client key matching pa-data (%d) -- %s", enc_data.etype, client_name); else kdc_log(context, config, 5, - "No client key matching pa-data (%s) -- %s", + "No client key matching pa-data (%s) -- %s", estr, client_name); free(estr); - free_EncryptedData(&enc_data); + continue; } try_next_key: ret = krb5_crypto_init(context, &pa_key->key, 0, &crypto); if (ret) { - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, "krb5_crypto_init failed: %s", msg); + krb5_free_error_message(context, msg); free_EncryptedData(&enc_data); continue; } @@ -1187,26 +1245,36 @@ _kdc_as_rep(krb5_context context, &enc_data, &ts_data); krb5_crypto_destroy(context, crypto); + /* + * Since the user might have several keys with the same + * enctype but with diffrent salting, we need to try all + * the keys with the same enctype. + */ if(ret){ krb5_error_code ret2; - ret2 = krb5_enctype_to_string(context, + const char *msg = krb5_get_error_message(context, ret); + + ret2 = krb5_enctype_to_string(context, pa_key->key.keytype, &str); if (ret2) str = NULL; - kdc_log(context, config, 5, + kdc_log(context, config, 5, "Failed to decrypt PA-DATA -- %s " "(enctype %s) error %s", - client_name, - str ? str : "unknown enctype", - krb5_get_err_text(context, ret)); + client_name, str ? str : "unknown enctype", msg); + krb5_free_error_message(context, msg); free(str); - if(hdb_next_enctype2key(context, &client->entry, + if(hdb_next_enctype2key(context, &client->entry, enc_data.etype, &pa_key) == 0) goto try_next_key; e_text = "Failed to decrypt PA-DATA"; free_EncryptedData(&enc_data); + + if (clientdb->hdb_auth_status) + (clientdb->hdb_auth_status)(context, clientdb, client, HDB_AUTH_WRONG_PASSWORD); + ret = KRB5KDC_ERR_PREAUTH_FAILED; continue; } @@ -1219,7 +1287,7 @@ _kdc_as_rep(krb5_context context, if(ret){ e_text = "Failed to decode PA-ENC-TS-ENC"; ret = KRB5KDC_ERR_PREAUTH_FAILED; - kdc_log(context, config, + kdc_log(context, config, 5, "Failed to decode PA-ENC-TS_ENC -- %s", client_name); continue; @@ -1227,41 +1295,39 @@ _kdc_as_rep(krb5_context context, free_PA_ENC_TS_ENC(&p); if (abs(kdc_time - p.patimestamp) > context->max_skew) { char client_time[100]; - - krb5_format_time(context, p.patimestamp, - client_time, sizeof(client_time), TRUE); + + krb5_format_time(context, p.patimestamp, + client_time, sizeof(client_time), TRUE); ret = KRB5KRB_AP_ERR_SKEW; kdc_log(context, config, 0, "Too large time skew, " - "client time %s is out by %u > %u seconds -- %s", - client_time, - (unsigned)abs(kdc_time - p.patimestamp), + "client time %s is out by %u > %u seconds -- %s", + client_time, + (unsigned)abs(kdc_time - p.patimestamp), context->max_skew, client_name); -#if 0 - /* This code is from samba, needs testing */ - /* - * the following is needed to make windows clients - * to retry using the timestamp in the error message - * - * this is maybe a bug in windows to not trying when e_text - * is present... + + /* + * The following is needed to make windows clients to + * retry using the timestamp in the error message, if + * there is a e_text, they become unhappy. */ e_text = NULL; -#else - e_text = "Too large time skew"; -#endif goto out; } et.flags.pre_authent = 1; - ret = krb5_enctype_to_string(context,pa_key->key.keytype, &str); + set_salt_padata(rep.padata, pa_key->salt); + + reply_key = &pa_key->key; + + ret = krb5_enctype_to_string(context, pa_key->key.keytype, &str); if (ret) str = NULL; kdc_log(context, config, 2, - "ENC-TS Pre-authentication succeeded -- %s using %s", + "ENC-TS Pre-authentication succeeded -- %s using %s", client_name, str ? str : "unknown enctype"); free(str); break; @@ -1279,6 +1345,7 @@ _kdc_as_rep(krb5_context context, goto out; } }else if (config->require_preauth + || b->kdc_options.request_anonymous /* hack to force anon */ || client->entry.flags.require_preauth || server->entry.flags.require_preauth) { METHOD_DATA method_data; @@ -1286,11 +1353,15 @@ _kdc_as_rep(krb5_context context, unsigned char *buf; size_t len; - use_pa: + use_pa: method_data.len = 0; method_data.val = NULL; ret = realloc_method_data(&method_data); + if (ret) { + free_METHOD_DATA(&method_data); + goto out; + } pa = &method_data.val[method_data.len-1]; pa->padata_type = KRB5_PADATA_ENC_TIMESTAMP; pa->padata_value.length = 0; @@ -1298,36 +1369,62 @@ _kdc_as_rep(krb5_context context, #ifdef PKINIT ret = realloc_method_data(&method_data); + if (ret) { + free_METHOD_DATA(&method_data); + goto out; + } pa = &method_data.val[method_data.len-1]; pa->padata_type = KRB5_PADATA_PK_AS_REQ; pa->padata_value.length = 0; pa->padata_value.data = NULL; ret = realloc_method_data(&method_data); + if (ret) { + free_METHOD_DATA(&method_data); + goto out; + } pa = &method_data.val[method_data.len-1]; pa->padata_type = KRB5_PADATA_PK_AS_REQ_WIN; pa->padata_value.length = 0; pa->padata_value.data = NULL; #endif - /* - * RFC4120 requires: - * - If the client only knows about old enctypes, then send - * both info replies (we send 'info' first in the list). - * - If the client is 'modern', because it knows about 'new' - * enctype types, then only send the 'info2' reply. + /* + * If there is a client key, send ETYPE_INFO{,2} */ + ret = _kdc_find_etype(context, + config->preauth_use_strongest_session_key, TRUE, + client, b->etype.val, b->etype.len, NULL, &ckey); + if (ret == 0) { - /* XXX check ret */ - if (only_older_enctype_p(req)) - ret = get_pa_etype_info(context, config, - &method_data, &client->entry, - b->etype.val, b->etype.len); - /* XXX check ret */ - ret = get_pa_etype_info2(context, config, &method_data, - &client->entry, b->etype.val, b->etype.len); + /* + * RFC4120 requires: + * - If the client only knows about old enctypes, then send + * both info replies (we send 'info' first in the list). + * - If the client is 'modern', because it knows about 'new' + * enctype types, then only send the 'info2' reply. + * + * Before we send the full list of etype-info data, we pick + * the client key we would have used anyway below, just pick + * that instead. + */ + + if (older_enctype(ckey->key.keytype)) { + ret = get_pa_etype_info(context, config, + &method_data, ckey); + if (ret) { + free_METHOD_DATA(&method_data); + goto out; + } + } + ret = get_pa_etype_info2(context, config, + &method_data, ckey); + if (ret) { + free_METHOD_DATA(&method_data); + goto out; + } + } - ASN1_MALLOC_ENCODE(METHOD_DATA, buf, len, &method_data, &len, ret); free_METHOD_DATA(&method_data); @@ -1342,103 +1439,54 @@ _kdc_as_rep(krb5_context context, client_name); goto out; } - + + if (clientdb->hdb_auth_status) + (clientdb->hdb_auth_status)(context, clientdb, client, + HDB_AUTH_SUCCESS); + /* - * Find the client key (for preauth ENC-TS verification and reply - * encryption). Then the best encryption type for the KDC and - * last the best session key that shared between the client and - * KDC runtime enctypes. + * Verify flags after the user been required to prove its identity + * with in a preauth mech. */ - ret = _kdc_find_etype(context, client, b->etype.val, b->etype.len, - &ckey, &cetype); - if (ret) { - kdc_log(context, config, 0, - "Client (%s) has no support for etypes", client_name); + ret = _kdc_check_access(context, config, client, client_name, + server, server_name, + req, &e_data); + if(ret) goto out; - } - + + /* + * Selelct the best encryption type for the KDC with out regard to + * the client since the client never needs to read that data. + */ + ret = _kdc_get_preferred_key(context, config, server, server_name, &setype, &skey); if(ret) goto out; - /* - * Select a session enctype from the list of the crypto systems - * supported enctype, is supported by the client and is one of the - * enctype of the enctype of the krbtgt. - * - * The later is used as a hint what enctype all KDC are supporting - * to make sure a newer version of KDC wont generate a session - * enctype that and older version of a KDC in the same realm can't - * decrypt. - * - * But if the KDC admin is paranoid and doesn't want to have "no - * the best" enctypes on the krbtgt, lets save the best pick from - * the client list and hope that that will work for any other - * KDCs. - */ - { - const krb5_enctype *p; - krb5_enctype clientbest = ETYPE_NULL; - int i, j; - - p = krb5_kerberos_enctypes(context); - - sessionetype = ETYPE_NULL; - - for (i = 0; p[i] != ETYPE_NULL && sessionetype == ETYPE_NULL; i++) { - if (krb5_enctype_valid(context, p[i]) != 0) - continue; - - for (j = 0; j < b->etype.len && sessionetype == ETYPE_NULL; j++) { - Key *dummy; - /* check with client */ - if (p[i] != b->etype.val[j]) - continue; - /* save best of union of { client, crypto system } */ - if (clientbest == ETYPE_NULL) - clientbest = p[i]; - /* check with krbtgt */ - ret = hdb_enctype2key(context, &server->entry, p[i], &dummy); - if (ret) - continue; - sessionetype = p[i]; - } - } - /* if krbtgt had no shared keys with client, pick clients best */ - if (clientbest != ETYPE_NULL && sessionetype == ETYPE_NULL) { - sessionetype = clientbest; - } else if (sessionetype == ETYPE_NULL) { - kdc_log(context, config, 0, - "Client (%s) from %s has no common enctypes with KDC" - "to use for the session key", - client_name, from); - goto out; - } - } - - log_as_req(context, config, cetype, setype, b); - if(f.renew || f.validate || f.proxy || f.forwarded || f.enc_tkt_in_skey || (f.request_anonymous && !config->allow_anonymous)) { ret = KRB5KDC_ERR_BADOPTION; + e_text = "Bad KDC options"; kdc_log(context, config, 0, "Bad KDC options -- %s", client_name); goto out; } - + rep.pvno = 5; rep.msg_type = krb_as_rep; - copy_Realm(&client->entry.principal->realm, &rep.crealm); - if (f.request_anonymous) - _kdc_make_anonymous_principalname (&rep.cname); - else - _krb5_principal2principalname(&rep.cname, - client->entry.principal); + + ret = copy_Realm(&client->entry.principal->realm, &rep.crealm); + if (ret) + goto out; + ret = _krb5_principal2principalname(&rep.cname, client->entry.principal); + if (ret) + goto out; + rep.ticket.tkt_vno = 5; copy_Realm(&server->entry.principal->realm, &rep.ticket.realm); - _krb5_principal2principalname(&rep.ticket.sname, + _krb5_principal2principalname(&rep.ticket.sname, server->entry.principal); /* java 1.6 expects the name to be the same type, lets allow that * uncomplicated name-types. */ @@ -1451,6 +1499,7 @@ _kdc_as_rep(krb5_context context, if(client->entry.flags.forwardable && server->entry.flags.forwardable) et.flags.forwardable = f.forwardable; else if (f.forwardable) { + e_text = "Ticket may not be forwardable"; ret = KRB5KDC_ERR_POLICY; kdc_log(context, config, 0, "Ticket may not be forwardable -- %s", client_name); @@ -1459,14 +1508,16 @@ _kdc_as_rep(krb5_context context, if(client->entry.flags.proxiable && server->entry.flags.proxiable) et.flags.proxiable = f.proxiable; else if (f.proxiable) { + e_text = "Ticket may not be proxiable"; ret = KRB5KDC_ERR_POLICY; - kdc_log(context, config, 0, + kdc_log(context, config, 0, "Ticket may not be proxiable -- %s", client_name); goto out; } if(client->entry.flags.postdate && server->entry.flags.postdate) et.flags.may_postdate = f.allow_postdate; else if (f.allow_postdate){ + e_text = "Ticket may not be postdate"; ret = KRB5KDC_ERR_POLICY; kdc_log(context, config, 0, "Ticket may not be postdatable -- %s", client_name); @@ -1475,24 +1526,26 @@ _kdc_as_rep(krb5_context context, /* check for valid set of addresses */ if(!_kdc_check_addresses(context, config, b->addresses, from_addr)) { + e_text = "Bad address list in requested"; ret = KRB5KRB_AP_ERR_BADADDR; kdc_log(context, config, 0, "Bad address list requested -- %s", client_name); goto out; } - ret = krb5_generate_random_keyblock(context, sessionetype, &et.key); + ret = copy_PrincipalName(&rep.cname, &et.cname); if (ret) goto out; - copy_PrincipalName(&rep.cname, &et.cname); - copy_Realm(&rep.crealm, &et.crealm); - + ret = copy_Realm(&rep.crealm, &et.crealm); + if (ret) + goto out; + { time_t start; time_t t; - + start = et.authtime = kdc_time; - + if(f.postdated && req->req_body.from){ ALLOC(et.starttime); start = *et.starttime = *req->req_body.from; @@ -1540,16 +1593,14 @@ _kdc_as_rep(krb5_context context, if (f.request_anonymous) et.flags.anonymous = 1; - + if(b->addresses){ ALLOC(et.caddr); copy_HostAddresses(b->addresses, et.caddr); } - + et.transited.tr_type = DOMAIN_X500_COMPRESS; - krb5_data_zero(&et.transited.contents); - - copy_EncryptionKey(&et.key, &ek.key); + krb5_data_zero(&et.transited.contents); /* The MIT ASN.1 library (obviously) doesn't tell lengths encoded * as 0 and as 0x80 (meaning indefinite length) apart, and is thus @@ -1588,7 +1639,7 @@ _kdc_as_rep(krb5_context context, ALLOC(ek.key_expiration); if (client->entry.valid_end) { if (client->entry.pw_end) - *ek.key_expiration = min(*client->entry.valid_end, + *ek.key_expiration = min(*client->entry.valid_end, *client->entry.pw_end); else *ek.key_expiration = *client->entry.valid_end; @@ -1614,16 +1665,12 @@ _kdc_as_rep(krb5_context context, copy_HostAddresses(et.caddr, ek.caddr); } - ALLOC(rep.padata); - rep.padata->len = 0; - rep.padata->val = NULL; - - reply_key = &ckey->key; #if PKINIT if (pkp) { - ret = _kdc_pk_mk_pa_reply(context, config, pkp, client, - req, req_buffer, - &reply_key, rep.padata); + e_text = "Failed to build PK-INIT reply"; + ret = _kdc_pk_mk_pa_reply(context, config, pkp, client, + sessionetype, req, req_buffer, + &reply_key, &et.key, rep.padata); if (ret) goto out; ret = _kdc_add_inital_verified_cas(context, @@ -1632,51 +1679,65 @@ _kdc_as_rep(krb5_context context, &et); if (ret) goto out; - } -#endif - set_salt_padata (rep.padata, ckey->salt); + } else +#endif + { + ret = krb5_generate_random_keyblock(context, sessionetype, &et.key); + if (ret) + goto out; + } + + if (reply_key == NULL) { + e_text = "Client have no reply key"; + ret = KRB5KDC_ERR_CLIENT_NOTYET; + goto out; + } + + ret = copy_EncryptionKey(&et.key, &ek.key); + if (ret) + goto out; /* Add signing of alias referral */ if (f.canonicalize) { PA_ClientCanonicalized canon; krb5_data data; PA_DATA pa; - krb5_crypto crypto; - size_t len; + krb5_crypto cryptox; + size_t len = 0; memset(&canon, 0, sizeof(canon)); canon.names.requested_name = *b->cname; - canon.names.real_name = client->entry.principal->name; + canon.names.mapped_name = client->entry.principal->name; ASN1_MALLOC_ENCODE(PA_ClientCanonicalizedNames, data.data, data.length, &canon.names, &len, ret); - if (ret) + if (ret) goto out; if (data.length != len) krb5_abortx(context, "internal asn.1 error"); /* sign using "returned session key" */ - ret = krb5_crypto_init(context, &et.key, 0, &crypto); + ret = krb5_crypto_init(context, &et.key, 0, &cryptox); if (ret) { free(data.data); goto out; } - ret = krb5_create_checksum(context, crypto, + ret = krb5_create_checksum(context, cryptox, KRB5_KU_CANONICALIZED_NAMES, 0, data.data, data.length, &canon.canon_checksum); free(data.data); - krb5_crypto_destroy(context, crypto); + krb5_crypto_destroy(context, cryptox); if (ret) goto out; - + ASN1_MALLOC_ENCODE(PA_ClientCanonicalized, data.data, data.length, &canon, &len, ret); free_Checksum(&canon.canon_checksum); - if (ret) + if (ret) goto out; if (data.length != len) krb5_abortx(context, "internal asn.1 error"); @@ -1701,19 +1762,19 @@ _kdc_as_rep(krb5_context context, ret = _kdc_pac_generate(context, client, &p); if (ret) { - kdc_log(context, config, 0, "PAC generation failed for -- %s", + kdc_log(context, config, 0, "PAC generation failed for -- %s", client_name); goto out; } if (p != NULL) { ret = _krb5_pac_sign(context, p, et.authtime, client->entry.principal, - &skey->key, /* Server key */ + &skey->key, /* Server key */ &skey->key, /* FIXME: should be krbtgt key */ &data); krb5_pac_free(context, p); if (ret) { - kdc_log(context, config, 0, "PAC signing failed for -- %s", + kdc_log(context, config, 0, "PAC signing failed for -- %s", client_name); goto out; } @@ -1727,7 +1788,7 @@ _kdc_as_rep(krb5_context context, } } - _kdc_log_timestamp(context, config, "AS-REQ", et.authtime, et.starttime, + _kdc_log_timestamp(context, config, "AS-REQ", et.authtime, et.starttime, et.endtime, et.renew_till); /* do this as the last thing since this signs the EncTicketPart */ @@ -1735,16 +1796,19 @@ _kdc_as_rep(krb5_context context, config, server, setype, + client->entry.principal, NULL, NULL, &et); if (ret) goto out; - ret = _kdc_encode_reply(context, config, - &rep, &et, &ek, setype, server->entry.kvno, - &skey->key, client->entry.kvno, - reply_key, &e_text, reply); + log_as_req(context, config, reply_key->keytype, setype, b); + + ret = _kdc_encode_reply(context, config, + &rep, &et, &ek, setype, server->entry.kvno, + &skey->key, client->entry.kvno, + reply_key, 0, &e_text, reply); free_EncTicketPart(&et); free_EncKDCRepPart(&ek); if (ret) @@ -1759,7 +1823,7 @@ _kdc_as_rep(krb5_context context, out: free_AS_REP(&rep); - if(ret){ + if(ret != 0 && ret != HDB_ERR_NOT_FOUND_HERE){ krb5_mk_error(context, ret, e_text, @@ -1791,8 +1855,8 @@ _kdc_as_rep(krb5_context context, } /* - * Add the AuthorizationData `data´ of `type´ to the last element in - * the sequence of authorization_data in `tkt´ wrapped in an IF_RELEVANT + * Add the AuthorizationData `data´ of `type´ to the last element in + * the sequence of authorization_data in `tkt´ wrapped in an IF_RELEVANT */ krb5_error_code @@ -1802,16 +1866,16 @@ _kdc_tkt_add_if_relevant_ad(krb5_context context, const krb5_data *data) { krb5_error_code ret; - size_t size; + size_t size = 0; if (tkt->authorization_data == NULL) { tkt->authorization_data = calloc(1, sizeof(*tkt->authorization_data)); if (tkt->authorization_data == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, "out of memory"); return ENOMEM; } } - + /* add the entry to the last element */ { AuthorizationData ad = { 0, NULL }; @@ -1822,28 +1886,28 @@ _kdc_tkt_add_if_relevant_ad(krb5_context context, ret = add_AuthorizationData(&ad, &ade); if (ret) { - krb5_set_error_string(context, "add AuthorizationData failed"); + krb5_set_error_message(context, ret, "add AuthorizationData failed"); return ret; } ade.ad_type = KRB5_AUTHDATA_IF_RELEVANT; - ASN1_MALLOC_ENCODE(AuthorizationData, - ade.ad_data.data, ade.ad_data.length, + ASN1_MALLOC_ENCODE(AuthorizationData, + ade.ad_data.data, ade.ad_data.length, &ad, &size, ret); free_AuthorizationData(&ad); if (ret) { - krb5_set_error_string(context, "ASN.1 encode of " - "AuthorizationData failed"); + krb5_set_error_message(context, ret, "ASN.1 encode of " + "AuthorizationData failed"); return ret; } if (ade.ad_data.length != size) krb5_abortx(context, "internal asn.1 encoder error"); - + ret = add_AuthorizationData(tkt->authorization_data, &ade); der_free_octet_string(&ade.ad_data); if (ret) { - krb5_set_error_string(context, "add AuthorizationData failed"); + krb5_set_error_message(context, ret, "add AuthorizationData failed"); return ret; } } diff --git a/kdc/krb5tgs.c b/kdc/krb5tgs.c index 32bdee9799ca..5bf68cdfdc23 100644 --- a/kdc/krb5tgs.c +++ b/kdc/krb5tgs.c @@ -1,45 +1,43 @@ /* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" -RCSID("$Id: krb5tgs.c 22071 2007-11-14 20:04:50Z lha $"); - /* * return the realm of a krbtgt-ticket or NULL */ -static Realm +static Realm get_krbtgt_realm(const PrincipalName *p) { if(p->name_string.len == 2 @@ -66,7 +64,7 @@ find_KRB5SignedPath(krb5_context context, AuthorizationData child; krb5_error_code ret; int pos; - + if (ad == NULL || ad->len == 0) return KRB5KDC_ERR_PADATA_TYPE_NOSUPP; @@ -80,8 +78,8 @@ find_KRB5SignedPath(krb5_context context, &child, NULL); if (ret) { - krb5_set_error_string(context, "Failed to decode " - "IF_RELEVANT with %d", ret); + krb5_set_error_message(context, ret, "Failed to decode " + "IF_RELEVANT with %d", ret); return ret; } @@ -106,28 +104,31 @@ _kdc_add_KRB5SignedPath(krb5_context context, krb5_kdc_configuration *config, hdb_entry_ex *krbtgt, krb5_enctype enctype, + krb5_principal client, krb5_const_principal server, - KRB5SignedPathPrincipals *principals, + krb5_principals principals, EncTicketPart *tkt) { krb5_error_code ret; KRB5SignedPath sp; krb5_data data; krb5_crypto crypto = NULL; - size_t size; + size_t size = 0; if (server && principals) { - ret = add_KRB5SignedPathPrincipals(principals, server); + ret = add_Principals(principals, server); if (ret) return ret; } { KRB5SignedPathData spd; - - spd.encticket = *tkt; + + spd.client = client; + spd.authtime = tkt->authtime; spd.delegated = principals; - + spd.method_data = NULL; + ASN1_MALLOC_ENCODE(KRB5SignedPathData, data.data, data.length, &spd, &size, ret); if (ret) @@ -153,6 +154,7 @@ _kdc_add_KRB5SignedPath(krb5_context context, sp.etype = enctype; sp.delegated = principals; + sp.method_data = NULL; ret = krb5_create_checksum(context, crypto, KRB5_KU_KRB5SIGNEDPATH, 0, data.data, data.length, &sp.cksum); @@ -168,7 +170,7 @@ _kdc_add_KRB5SignedPath(krb5_context context, if (data.length != size) krb5_abortx(context, "internal asn.1 encoder error"); - + /* * Add IF-RELEVANT(KRB5SignedPath) to the last slot in * authorization data field. @@ -185,39 +187,36 @@ static krb5_error_code check_KRB5SignedPath(krb5_context context, krb5_kdc_configuration *config, hdb_entry_ex *krbtgt, + krb5_principal cp, EncTicketPart *tkt, - KRB5SignedPathPrincipals **delegated, - int require_signedpath) + krb5_principals *delegated, + int *signedpath) { krb5_error_code ret; krb5_data data; krb5_crypto crypto = NULL; - *delegated = NULL; + if (delegated) + *delegated = NULL; ret = find_KRB5SignedPath(context, tkt->authorization_data, &data); if (ret == 0) { KRB5SignedPathData spd; KRB5SignedPath sp; - AuthorizationData *ad; - size_t size; + size_t size = 0; ret = decode_KRB5SignedPath(data.data, data.length, &sp, NULL); krb5_data_free(&data); if (ret) return ret; - spd.encticket = *tkt; - /* the KRB5SignedPath is the last entry */ - ad = spd.encticket.authorization_data; - if (--ad->len == 0) - spd.encticket.authorization_data = NULL; + spd.client = cp; + spd.authtime = tkt->authtime; spd.delegated = sp.delegated; + spd.method_data = sp.method_data; ASN1_MALLOC_ENCODE(KRB5SignedPathData, data.data, data.length, &spd, &size, ret); - ad->len++; - spd.encticket.authorization_data = ad; if (ret) { free_KRB5SignedPath(&sp); return ret; @@ -236,17 +235,19 @@ check_KRB5SignedPath(krb5_context context, return ret; } } - ret = krb5_verify_checksum(context, crypto, KRB5_KU_KRB5SIGNEDPATH, - data.data, data.length, + ret = krb5_verify_checksum(context, crypto, KRB5_KU_KRB5SIGNEDPATH, + data.data, data.length, &sp.cksum); krb5_crypto_destroy(context, crypto); free(data.data); if (ret) { free_KRB5SignedPath(&sp); - return ret; + kdc_log(context, config, 5, + "KRB5SignedPath not signed correctly, not marking as signed"); + return 0; } - if (sp.delegated) { + if (delegated && sp.delegated) { *delegated = malloc(sizeof(*sp.delegated)); if (*delegated == NULL) { @@ -254,7 +255,7 @@ check_KRB5SignedPath(krb5_context context, return ENOMEM; } - ret = copy_KRB5SignedPathPrincipals(*delegated, sp.delegated); + ret = copy_Principals(*delegated, sp.delegated); if (ret) { free_KRB5SignedPath(&sp); free(*delegated); @@ -263,10 +264,8 @@ check_KRB5SignedPath(krb5_context context, } } free_KRB5SignedPath(&sp); - - } else { - if (require_signedpath) - return KRB5KDC_ERR_BADOPTION; + + *signedpath = 1; } return 0; @@ -280,13 +279,17 @@ static krb5_error_code check_PAC(krb5_context context, krb5_kdc_configuration *config, const krb5_principal client_principal, + const krb5_principal delegated_proxy_principal, hdb_entry_ex *client, hdb_entry_ex *server, - const EncryptionKey *server_key, - const EncryptionKey *krbtgt_key, + hdb_entry_ex *krbtgt, + const EncryptionKey *server_check_key, + const EncryptionKey *krbtgt_check_key, + const EncryptionKey *server_sign_key, + const EncryptionKey *krbtgt_sign_key, EncTicketPart *tkt, krb5_data *rspac, - int *require_signedpath) + int *signedpath) { AuthorizationData *ad = tkt->authorization_data; unsigned i, j; @@ -306,13 +309,14 @@ check_PAC(krb5_context context, &child, NULL); if (ret) { - krb5_set_error_string(context, "Failed to decode " - "IF_RELEVANT with %d", ret); + krb5_set_error_message(context, ret, "Failed to decode " + "IF_RELEVANT with %d", ret); return ret; } for (j = 0; j < child.len; j++) { if (child.val[j].ad_type == KRB5_AUTHDATA_WIN2K_PAC) { + int signed_pac = 0; krb5_pac pac; /* Found PAC */ @@ -324,26 +328,34 @@ check_PAC(krb5_context context, if (ret) return ret; - ret = krb5_pac_verify(context, pac, tkt->authtime, + ret = krb5_pac_verify(context, pac, tkt->authtime, client_principal, - krbtgt_key, NULL); + server_check_key, krbtgt_check_key); if (ret) { krb5_pac_free(context, pac); return ret; } - ret = _kdc_pac_verify(context, client_principal, - client, server, &pac); + ret = _kdc_pac_verify(context, client_principal, + delegated_proxy_principal, + client, server, krbtgt, &pac, &signed_pac); if (ret) { krb5_pac_free(context, pac); return ret; } - *require_signedpath = 0; - - ret = _krb5_pac_sign(context, pac, tkt->authtime, - client_principal, - server_key, krbtgt_key, rspac); + /* + * Only re-sign PAC if we could verify it with the PAC + * function. The no-verify case happens when we get in + * a PAC from cross realm from a Windows domain and + * that there is no PAC verification function. + */ + if (signed_pac) { + *signedpath = 1; + ret = _krb5_pac_sign(context, pac, tkt->authtime, + client_principal, + server_sign_key, krbtgt_sign_key, rspac); + } krb5_pac_free(context, pac); return ret; @@ -359,12 +371,12 @@ check_PAC(krb5_context context, */ static krb5_error_code -check_tgs_flags(krb5_context context, +check_tgs_flags(krb5_context context, krb5_kdc_configuration *config, KDC_REQ_BODY *b, const EncTicketPart *tgt, EncTicketPart *et) { KDCOptions f = b->kdc_options; - + if(f.validate){ if(!tgt->flags.invalid || tgt->starttime == NULL){ kdc_log(context, config, 0, @@ -379,7 +391,7 @@ check_tgs_flags(krb5_context context, /* XXX tkt = tgt */ et->flags.invalid = 0; }else if(tgt->flags.invalid){ - kdc_log(context, config, 0, + kdc_log(context, config, 0, "Ticket-granting ticket has INVALID flag set"); return KRB5KRB_AP_ERR_TKT_INVALID; } @@ -403,7 +415,7 @@ check_tgs_flags(krb5_context context, } if(tgt->flags.forwarded) et->flags.forwarded = 1; - + if(f.proxiable){ if(!tgt->flags.proxiable){ kdc_log(context, config, 0, @@ -448,7 +460,7 @@ check_tgs_flags(krb5_context context, } if(f.renewable){ - if(!tgt->flags.renewable){ + if(!tgt->flags.renewable || tgt->renew_till == NULL){ kdc_log(context, config, 0, "Bad request for renewable ticket"); return KRB5KDC_ERR_BADOPTION; @@ -473,8 +485,8 @@ check_tgs_flags(krb5_context context, et->endtime = *et->starttime + old_life; if (et->renew_till != NULL) et->endtime = min(*et->renew_till, et->endtime); - } - + } + #if 0 /* checks for excess flags */ if(f.request_anonymous && !config->allow_anonymous){ @@ -487,34 +499,90 @@ check_tgs_flags(krb5_context context, } /* - * + * Determine if constrained delegation is allowed from this client to this server */ static krb5_error_code -check_constrained_delegation(krb5_context context, +check_constrained_delegation(krb5_context context, krb5_kdc_configuration *config, + HDB *clientdb, hdb_entry_ex *client, - krb5_const_principal server) + hdb_entry_ex *server, + krb5_const_principal target) { const HDB_Ext_Constrained_delegation_acl *acl; krb5_error_code ret; - int i; + size_t i; - ret = hdb_entry_get_ConstrainedDelegACL(&client->entry, &acl); - if (ret) { - krb5_clear_error_string(context); + /* + * constrained_delegation (S4U2Proxy) only works within + * the same realm. We use the already canonicalized version + * of the principals here, while "target" is the principal + * provided by the client. + */ + if(!krb5_realm_compare(context, client->entry.principal, server->entry.principal)) { + ret = KRB5KDC_ERR_BADOPTION; + kdc_log(context, config, 0, + "Bad request for constrained delegation"); return ret; } - if (acl) { - for (i = 0; i < acl->len; i++) { - if (krb5_principal_compare(context, server, &acl->val[i]) == TRUE) - return 0; + if (clientdb->hdb_check_constrained_delegation) { + ret = clientdb->hdb_check_constrained_delegation(context, clientdb, client, target); + if (ret == 0) + return 0; + } else { + /* if client delegates to itself, that ok */ + if (krb5_principal_compare(context, client->entry.principal, server->entry.principal) == TRUE) + return 0; + + ret = hdb_entry_get_ConstrainedDelegACL(&client->entry, &acl); + if (ret) { + krb5_clear_error_message(context); + return ret; } + + if (acl) { + for (i = 0; i < acl->len; i++) { + if (krb5_principal_compare(context, target, &acl->val[i]) == TRUE) + return 0; + } + } + ret = KRB5KDC_ERR_BADOPTION; } kdc_log(context, config, 0, "Bad request for constrained delegation"); - return KRB5KDC_ERR_BADOPTION; + return ret; +} + +/* + * Determine if s4u2self is allowed from this client to this server + * + * For example, regardless of the principal being impersonated, if the + * 'client' and 'server' are the same, then it's safe. + */ + +static krb5_error_code +check_s4u2self(krb5_context context, + krb5_kdc_configuration *config, + HDB *clientdb, + hdb_entry_ex *client, + krb5_const_principal server) +{ + krb5_error_code ret; + + /* if client does a s4u2self to itself, that ok */ + if (krb5_principal_compare(context, client->entry.principal, server) == TRUE) + return 0; + + if (clientdb->hdb_check_s4u2self) { + ret = clientdb->hdb_check_s4u2self(context, clientdb, client, server); + if (ret == 0) + return 0; + } else { + ret = KRB5KDC_ERR_BADOPTION; + } + return ret; } /* @@ -522,7 +590,7 @@ check_constrained_delegation(krb5_context context, */ static krb5_error_code -verify_flags (krb5_context context, +verify_flags (krb5_context context, krb5_kdc_configuration *config, const EncTicketPart *et, const char *pstr) @@ -543,19 +611,19 @@ verify_flags (krb5_context context, */ static krb5_error_code -fix_transited_encoding(krb5_context context, +fix_transited_encoding(krb5_context context, krb5_kdc_configuration *config, krb5_boolean check_policy, - const TransitedEncoding *tr, - EncTicketPart *et, - const char *client_realm, - const char *server_realm, + const TransitedEncoding *tr, + EncTicketPart *et, + const char *client_realm, + const char *server_realm, const char *tgt_realm) { krb5_error_code ret = 0; char **realms, **tmp; - int num_realms; - int i; + unsigned int num_realms; + size_t i; switch (tr->tr_type) { case DOMAIN_X500_COMPRESS: @@ -576,9 +644,9 @@ fix_transited_encoding(krb5_context context, return KRB5KDC_ERR_TRTYPE_NOSUPP; } - ret = krb5_domain_x500_decode(context, + ret = krb5_domain_x500_decode(context, tr->contents, - &realms, + &realms, &num_realms, client_realm, server_realm); @@ -589,7 +657,7 @@ fix_transited_encoding(krb5_context context, } if(strcmp(client_realm, tgt_realm) && strcmp(server_realm, tgt_realm)) { /* not us, so add the previous realm to transited set */ - if (num_realms < 0 || num_realms + 1 > UINT_MAX/sizeof(*realms)) { + if (num_realms + 1 > UINT_MAX/sizeof(*realms)) { ret = ERANGE; goto free_realms; } @@ -607,7 +675,7 @@ fix_transited_encoding(krb5_context context, num_realms++; } if(num_realms == 0) { - if(strcmp(client_realm, server_realm)) + if(strcmp(client_realm, server_realm)) kdc_log(context, config, 0, "cross-realm %s -> %s", client_realm, server_realm); } else { @@ -630,11 +698,11 @@ fix_transited_encoding(krb5_context context, } } if(check_policy) { - ret = krb5_check_transited(context, client_realm, - server_realm, + ret = krb5_check_transited(context, client_realm, + server_realm, realms, num_realms, NULL); if(ret) { - krb5_warn(context, ret, "cross-realm %s -> %s", + krb5_warn(context, ret, "cross-realm %s -> %s", client_realm, server_realm); goto free_realms; } @@ -653,23 +721,27 @@ fix_transited_encoding(krb5_context context, static krb5_error_code -tgs_make_reply(krb5_context context, +tgs_make_reply(krb5_context context, krb5_kdc_configuration *config, - KDC_REQ_BODY *b, + KDC_REQ_BODY *b, krb5_const_principal tgt_name, - const EncTicketPart *tgt, + const EncTicketPart *tgt, + const krb5_keyblock *replykey, + int rk_is_subkey, const EncryptionKey *serverkey, const krb5_keyblock *sessionkey, krb5_kvno kvno, AuthorizationData *auth_data, - hdb_entry_ex *server, - const char *server_name, - hdb_entry_ex *client, - krb5_principal client_principal, + hdb_entry_ex *server, + krb5_principal server_principal, + const char *server_name, + hdb_entry_ex *client, + krb5_principal client_principal, hdb_entry_ex *krbtgt, krb5_enctype krbtgt_etype, - KRB5SignedPathPrincipals *spp, + krb5_principals spp, const krb5_data *rspac, + const METHOD_DATA *enc_pa_data, const char **e_text, krb5_data *reply) { @@ -678,11 +750,12 @@ tgs_make_reply(krb5_context context, EncTicketPart et; KDCOptions f = b->kdc_options; krb5_error_code ret; - + int is_weak = 0; + memset(&rep, 0, sizeof(rep)); memset(&et, 0, sizeof(et)); memset(&ek, 0, sizeof(ek)); - + rep.pvno = 5; rep.msg_type = krb_tgs_rep; @@ -691,7 +764,7 @@ tgs_make_reply(krb5_context context, et.endtime = min(tgt->endtime, *b->till); ALLOC(et.starttime); *et.starttime = kdc_time; - + ret = check_tgs_flags(context, config, b, tgt, &et); if(ret) goto out; @@ -715,23 +788,22 @@ tgs_make_reply(krb5_context context, #define PRINCIPAL_FORCE_TRANSITED_CHECK(P) 0 #define PRINCIPAL_ALLOW_DISABLE_TRANSITED_CHECK(P) 0 - ret = fix_transited_encoding(context, config, + ret = fix_transited_encoding(context, config, !f.disable_transited_check || GLOBAL_FORCE_TRANSITED_CHECK || PRINCIPAL_FORCE_TRANSITED_CHECK(server) || - !((GLOBAL_ALLOW_PER_PRINCIPAL && + !((GLOBAL_ALLOW_PER_PRINCIPAL && PRINCIPAL_ALLOW_DISABLE_TRANSITED_CHECK(server)) || GLOBAL_ALLOW_DISABLE_TRANSITED_CHECK), &tgt->transited, &et, - *krb5_princ_realm(context, client_principal), - *krb5_princ_realm(context, server->entry.principal), - *krb5_princ_realm(context, krbtgt->entry.principal)); + krb5_principal_get_realm(context, client_principal), + krb5_principal_get_realm(context, server->entry.principal), + krb5_principal_get_realm(context, krbtgt->entry.principal)); if(ret) goto out; - copy_Realm(krb5_princ_realm(context, server->entry.principal), - &rep.ticket.realm); - _krb5_principal2principalname(&rep.ticket.sname, server->entry.principal); + copy_Realm(&server_principal->realm, &rep.ticket.realm); + _krb5_principal2principalname(&rep.ticket.sname, server_principal); copy_Realm(&tgt_name->realm, &rep.crealm); /* if (f.request_anonymous) @@ -754,8 +826,10 @@ tgs_make_reply(krb5_context context, life = min(life, *server->entry.max_life); et.endtime = *et.starttime + life; } - if(f.renewable_ok && tgt->flags.renewable && - et.renew_till == NULL && et.endtime < *b->till){ + if(f.renewable_ok && tgt->flags.renewable && + et.renew_till == NULL && et.endtime < *b->till && + tgt->renew_till != NULL) + { et.flags.renewable = 1; ALLOC(et.renew_till); *et.renew_till = *b->till; @@ -769,13 +843,13 @@ tgs_make_reply(krb5_context context, renew = min(renew, *server->entry.max_renew); *et.renew_till = et.authtime + renew; } - + if(et.renew_till){ *et.renew_till = min(*et.renew_till, *tgt->renew_till); *et.starttime = min(*et.starttime, *et.renew_till); et.endtime = min(et.endtime, *et.renew_till); } - + *et.starttime = min(*et.starttime, et.endtime); if(*et.starttime == et.endtime){ @@ -787,22 +861,43 @@ tgs_make_reply(krb5_context context, et.renew_till = NULL; et.flags.renewable = 0; } - + et.flags.pre_authent = tgt->flags.pre_authent; et.flags.hw_authent = tgt->flags.hw_authent; et.flags.anonymous = tgt->flags.anonymous; et.flags.ok_as_delegate = server->entry.flags.ok_as_delegate; - - if (auth_data) { - /* XXX Check enc-authorization-data */ - et.authorization_data = calloc(1, sizeof(*et.authorization_data)); - if (et.authorization_data == NULL) { - ret = ENOMEM; - goto out; - } - ret = copy_AuthorizationData(auth_data, et.authorization_data); + + if(rspac->length) { + /* + * No not need to filter out the any PAC from the + * auth_data since it's signed by the KDC. + */ + ret = _kdc_tkt_add_if_relevant_ad(context, &et, + KRB5_AUTHDATA_WIN2K_PAC, rspac); if (ret) goto out; + } + + if (auth_data) { + unsigned int i = 0; + + /* XXX check authdata */ + + if (et.authorization_data == NULL) { + et.authorization_data = calloc(1, sizeof(*et.authorization_data)); + if (et.authorization_data == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); + goto out; + } + } + for(i = 0; i < auth_data->len ; i++) { + ret = add_AuthorizationData(et.authorization_data, &auth_data->val[i]); + if (ret) { + krb5_set_error_message(context, ret, "malloc: out of memory"); + goto out; + } + } /* Filter out type KRB5SignedPath */ ret = find_KRB5SignedPath(context, et.authorization_data, NULL); @@ -819,24 +914,12 @@ tgs_make_reply(krb5_context context, } } - if(rspac->length) { - /* - * No not need to filter out the any PAC from the - * auth_data since it's signed by the KDC. - */ - ret = _kdc_tkt_add_if_relevant_ad(context, &et, - KRB5_AUTHDATA_WIN2K_PAC, - rspac); - if (ret) - goto out; - } - ret = krb5_copy_keyblock_contents(context, sessionkey, &et.key); if (ret) goto out; - et.crealm = tgt->crealm; + et.crealm = tgt_name->realm; et.cname = tgt_name->name; - + ek.key = et.key; /* MIT must have at least one last_req */ ek.last_req.len = 1; @@ -853,8 +936,8 @@ tgs_make_reply(krb5_context context, ek.renew_till = et.renew_till; ek.srealm = rep.ticket.realm; ek.sname = rep.ticket.sname; - - _kdc_log_timestamp(context, config, "TGS-REQ", et.authtime, et.starttime, + + _kdc_log_timestamp(context, config, "TGS-REQ", et.authtime, et.starttime, et.endtime, et.renew_till); /* Don't sign cross realm tickets, they can't be checked anyway */ @@ -866,6 +949,7 @@ tgs_make_reply(krb5_context context, config, krbtgt, krbtgt_etype, + client_principal, NULL, spp, &et); @@ -874,6 +958,25 @@ tgs_make_reply(krb5_context context, } } + if (enc_pa_data->len) { + rep.padata = calloc(1, sizeof(*rep.padata)); + if (rep.padata == NULL) { + ret = ENOMEM; + goto out; + } + ret = copy_METHOD_DATA(enc_pa_data, rep.padata); + if (ret) + goto out; + } + + if (krb5_enctype_valid(context, et.key.keytype) != 0 + && _kdc_is_weak_exception(server->entry.principal, et.key.keytype)) + { + krb5_enctype_enable(context, et.key.keytype); + is_weak = 1; + } + + /* It is somewhat unclear where the etype in the following encryption should come from. What we have is a session key in the passed tgt, and a list of preferred etypes @@ -884,10 +987,14 @@ tgs_make_reply(krb5_context context, CAST session key. Should the DES3 etype be added to the etype list, even if we don't want a session key with DES3? */ - ret = _kdc_encode_reply(context, config, + ret = _kdc_encode_reply(context, config, &rep, &et, &ek, et.key.keytype, - kvno, - serverkey, 0, &tgt->key, e_text, reply); + kvno, + serverkey, 0, replykey, rk_is_subkey, + e_text, reply); + if (is_weak) + krb5_enctype_disable(context, et.key.keytype); + out: free_TGS_REP(&rep); free_TransitedEncoding(&et.transited); @@ -906,20 +1013,20 @@ tgs_make_reply(krb5_context context, } static krb5_error_code -tgs_check_authenticator(krb5_context context, +tgs_check_authenticator(krb5_context context, krb5_kdc_configuration *config, krb5_auth_context ac, - KDC_REQ_BODY *b, + KDC_REQ_BODY *b, const char **e_text, krb5_keyblock *key) { krb5_authenticator auth; - size_t len; + size_t len = 0; unsigned char *buf; size_t buf_size; krb5_error_code ret; krb5_crypto crypto; - + krb5_auth_con_getauthenticator(context, ac, &auth); if(auth->cksum == NULL){ kdc_log(context, config, 0, "No authenticator in request"); @@ -936,17 +1043,18 @@ tgs_check_authenticator(krb5_context context, || #endif !krb5_checksum_is_collision_proof(context, auth->cksum->cksumtype)) { - kdc_log(context, config, 0, "Bad checksum type in authenticator: %d", + kdc_log(context, config, 0, "Bad checksum type in authenticator: %d", auth->cksum->cksumtype); ret = KRB5KRB_AP_ERR_INAPP_CKSUM; goto out; } - + /* XXX should not re-encode this */ ASN1_MALLOC_ENCODE(KDC_REQ_BODY, buf, buf_size, b, &len, ret); if(ret){ - kdc_log(context, config, 0, "Failed to encode KDC-REQ-BODY: %s", - krb5_get_err_text(context, ret)); + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, "Failed to encode KDC-REQ-BODY: %s", msg); + krb5_free_error_message(context, msg); goto out; } if(buf_size != len) { @@ -958,23 +1066,25 @@ tgs_check_authenticator(krb5_context context, } ret = krb5_crypto_init(context, key, 0, &crypto); if (ret) { + const char *msg = krb5_get_error_message(context, ret); free(buf); - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); + kdc_log(context, config, 0, "krb5_crypto_init failed: %s", msg); + krb5_free_error_message(context, msg); goto out; } ret = krb5_verify_checksum(context, crypto, KRB5_KU_TGS_REQ_AUTH_CKSUM, - buf, + buf, len, auth->cksum); free(buf); krb5_crypto_destroy(context, crypto); if(ret){ + const char *msg = krb5_get_error_message(context, ret); kdc_log(context, config, 0, - "Failed to verify authenticator checksum: %s", - krb5_get_err_text(context, ret)); + "Failed to verify authenticator checksum: %s", msg); + krb5_free_error_message(context, msg); } out: free_Authenticator(auth); @@ -991,27 +1101,38 @@ find_rpath(krb5_context context, Realm crealm, Realm srealm) { const char *new_realm = krb5_config_get_string(context, NULL, - "capaths", + "capaths", crealm, srealm, NULL); return new_realm; } - + static krb5_boolean -need_referral(krb5_context context, krb5_principal server, krb5_realm **realms) +need_referral(krb5_context context, krb5_kdc_configuration *config, + const KDCOptions * const options, krb5_principal server, + krb5_realm **realms) { - if(server->name.name_type != KRB5_NT_SRV_INST || - server->name.name_string.len != 2) + const char *name; + + if(!options->canonicalize && server->name.name_type != KRB5_NT_SRV_INST) return FALSE; - - return _krb5_get_host_realm_int(context, server->name.name_string.val[1], - FALSE, realms) == 0; + + if (server->name.name_string.len == 1) + name = server->name.name_string.val[0]; + else if (server->name.name_string.len > 1) + name = server->name.name_string.val[1]; + else + return FALSE; + + kdc_log(context, config, 0, "Searching referral for %s", name); + + return _krb5_get_host_realm_int(context, name, FALSE, realms) == 0; } static krb5_error_code -tgs_parse_request(krb5_context context, +tgs_parse_request(krb5_context context, krb5_kdc_configuration *config, KDC_REQ_BODY *b, const PA_DATA *tgs_req, @@ -1023,8 +1144,11 @@ tgs_parse_request(krb5_context context, const struct sockaddr *from_addr, time_t **csec, int **cusec, - AuthorizationData **auth_data) + AuthorizationData **auth_data, + krb5_keyblock **replykey, + int *rk_is_subkey) { + static char failed[] = ""; krb5_ap_req ap_req; krb5_error_code ret; krb5_principal princ; @@ -1033,16 +1157,20 @@ tgs_parse_request(krb5_context context, krb5_flags verify_ap_req_flags; krb5_crypto crypto; Key *tkey; + krb5_keyblock *subkey = NULL; + unsigned usage; *auth_data = NULL; *csec = NULL; *cusec = NULL; + *replykey = NULL; memset(&ap_req, 0, sizeof(ap_req)); ret = krb5_decode_ap_req(context, &tgs_req->padata_value, &ap_req); if(ret){ - kdc_log(context, config, 0, "Failed to decode AP-REQ: %s", - krb5_get_err_text(context, ret)); + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, "Failed to decode AP-REQ: %s", msg); + krb5_free_error_message(context, msg); goto out; } @@ -1052,39 +1180,51 @@ tgs_parse_request(krb5_context context, ret = KRB5KDC_ERR_POLICY; /* ? */ goto out; } - + _krb5_principalname2krb5_principal(context, &princ, ap_req.ticket.sname, ap_req.ticket.realm); - - ret = _kdc_db_fetch(context, config, princ, HDB_F_GET_KRBTGT, NULL, krbtgt); - if(ret) { + ret = _kdc_db_fetch(context, config, princ, HDB_F_GET_KRBTGT, ap_req.ticket.enc_part.kvno, NULL, krbtgt); + + if(ret == HDB_ERR_NOT_FOUND_HERE) { char *p; ret = krb5_unparse_name(context, princ, &p); if (ret != 0) - p = ""; + p = failed; + krb5_free_principal(context, princ); + kdc_log(context, config, 5, "Ticket-granting ticket account %s does not have secrets at this KDC, need to proxy", p); + if (ret == 0) + free(p); + ret = HDB_ERR_NOT_FOUND_HERE; + goto out; + } else if(ret){ + const char *msg = krb5_get_error_message(context, ret); + char *p; + ret = krb5_unparse_name(context, princ, &p); + if (ret != 0) + p = failed; krb5_free_principal(context, princ); kdc_log(context, config, 0, - "Ticket-granting ticket not found in database: %s: %s", - p, krb5_get_err_text(context, ret)); + "Ticket-granting ticket not found in database: %s", msg); + krb5_free_error_message(context, msg); if (ret == 0) free(p); ret = KRB5KRB_AP_ERR_NOT_US; goto out; } - - if(ap_req.ticket.enc_part.kvno && + + if(ap_req.ticket.enc_part.kvno && *ap_req.ticket.enc_part.kvno != (*krbtgt)->entry.kvno){ char *p; ret = krb5_unparse_name (context, princ, &p); krb5_free_principal(context, princ); if (ret != 0) - p = ""; + p = failed; kdc_log(context, config, 0, - "Ticket kvno = %d, DB kvno = %d (%s)", + "Ticket kvno = %d, DB kvno = %d (%s)", *ap_req.ticket.enc_part.kvno, (*krbtgt)->entry.kvno, p); @@ -1096,7 +1236,7 @@ tgs_parse_request(krb5_context context, *krbtgt_etype = ap_req.ticket.enc_part.etype; - ret = hdb_enctype2key(context, &(*krbtgt)->entry, + ret = hdb_enctype2key(context, &(*krbtgt)->entry, ap_req.ticket.enc_part.etype, &tkey); if(ret){ char *str = NULL, *p = NULL; @@ -1112,7 +1252,7 @@ tgs_parse_request(krb5_context context, ret = KRB5KRB_AP_ERR_BADKEYVER; goto out; } - + if (b->kdc_options.validate) verify_ap_req_flags = KRB5_VERIFY_AP_REQ_IGNORE_INVALID; else @@ -1127,11 +1267,12 @@ tgs_parse_request(krb5_context context, &ap_req_options, ticket, KRB5_KU_TGS_REQ_AUTH); - + krb5_free_principal(context, princ); if(ret) { - kdc_log(context, config, 0, "Failed to verify AP-REQ: %s", - krb5_get_err_text(context, ret)); + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, "Failed to verify AP-REQ: %s", msg); + krb5_free_error_message(context, msg); goto out; } @@ -1158,49 +1299,56 @@ tgs_parse_request(krb5_context context, } } - ret = tgs_check_authenticator(context, config, + ret = tgs_check_authenticator(context, config, ac, b, e_text, &(*ticket)->ticket.key); if (ret) { krb5_auth_con_free(context, ac); goto out; } + usage = KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY; + *rk_is_subkey = 1; + + ret = krb5_auth_con_getremotesubkey(context, ac, &subkey); + if(ret){ + const char *msg = krb5_get_error_message(context, ret); + krb5_auth_con_free(context, ac); + kdc_log(context, config, 0, "Failed to get remote subkey: %s", msg); + krb5_free_error_message(context, msg); + goto out; + } + if(subkey == NULL){ + usage = KRB5_KU_TGS_REQ_AUTH_DAT_SESSION; + *rk_is_subkey = 0; + + ret = krb5_auth_con_getkey(context, ac, &subkey); + if(ret) { + const char *msg = krb5_get_error_message(context, ret); + krb5_auth_con_free(context, ac); + kdc_log(context, config, 0, "Failed to get session key: %s", msg); + krb5_free_error_message(context, msg); + goto out; + } + } + if(subkey == NULL){ + krb5_auth_con_free(context, ac); + kdc_log(context, config, 0, + "Failed to get key for enc-authorization-data"); + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; /* ? */ + goto out; + } + + *replykey = subkey; + if (b->enc_authorization_data) { - unsigned usage = KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY; - krb5_keyblock *subkey; krb5_data ad; - ret = krb5_auth_con_getremotesubkey(context, - ac, - &subkey); - if(ret){ - krb5_auth_con_free(context, ac); - kdc_log(context, config, 0, "Failed to get remote subkey: %s", - krb5_get_err_text(context, ret)); - goto out; - } - if(subkey == NULL){ - usage = KRB5_KU_TGS_REQ_AUTH_DAT_SESSION; - ret = krb5_auth_con_getkey(context, ac, &subkey); - if(ret) { - krb5_auth_con_free(context, ac); - kdc_log(context, config, 0, "Failed to get session key: %s", - krb5_get_err_text(context, ret)); - goto out; - } - } - if(subkey == NULL){ - krb5_auth_con_free(context, ac); - kdc_log(context, config, 0, - "Failed to get key for enc-authorization-data"); - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; /* ? */ - goto out; - } ret = krb5_crypto_init(context, subkey, 0, &crypto); if (ret) { + const char *msg = krb5_get_error_message(context, ret); krb5_auth_con_free(context, ac); - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); + kdc_log(context, config, 0, "krb5_crypto_init failed: %s", msg); + krb5_free_error_message(context, msg); goto out; } ret = krb5_decrypt_EncryptedData (context, @@ -1211,12 +1359,11 @@ tgs_parse_request(krb5_context context, krb5_crypto_destroy(context, crypto); if(ret){ krb5_auth_con_free(context, ac); - kdc_log(context, config, 0, + kdc_log(context, config, 0, "Failed to decrypt enc-authorization-data"); ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; /* ? */ goto out; } - krb5_free_keyblock(context, subkey); ALLOC(*auth_data); if (*auth_data == NULL) { krb5_auth_con_free(context, ac); @@ -1235,62 +1382,154 @@ tgs_parse_request(krb5_context context, } krb5_auth_con_free(context, ac); - + out: free_AP_REQ(&ap_req); - + return ret; } static krb5_error_code -tgs_build_reply(krb5_context context, +build_server_referral(krb5_context context, + krb5_kdc_configuration *config, + krb5_crypto session, + krb5_const_realm referred_realm, + const PrincipalName *true_principal_name, + const PrincipalName *requested_principal, + krb5_data *outdata) +{ + PA_ServerReferralData ref; + krb5_error_code ret; + EncryptedData ed; + krb5_data data; + size_t size = 0; + + memset(&ref, 0, sizeof(ref)); + + if (referred_realm) { + ALLOC(ref.referred_realm); + if (ref.referred_realm == NULL) + goto eout; + *ref.referred_realm = strdup(referred_realm); + if (*ref.referred_realm == NULL) + goto eout; + } + if (true_principal_name) { + ALLOC(ref.true_principal_name); + if (ref.true_principal_name == NULL) + goto eout; + ret = copy_PrincipalName(true_principal_name, ref.true_principal_name); + if (ret) + goto eout; + } + if (requested_principal) { + ALLOC(ref.requested_principal_name); + if (ref.requested_principal_name == NULL) + goto eout; + ret = copy_PrincipalName(requested_principal, + ref.requested_principal_name); + if (ret) + goto eout; + } + + ASN1_MALLOC_ENCODE(PA_ServerReferralData, + data.data, data.length, + &ref, &size, ret); + free_PA_ServerReferralData(&ref); + if (ret) + return ret; + if (data.length != size) + krb5_abortx(context, "internal asn.1 encoder error"); + + ret = krb5_encrypt_EncryptedData(context, session, + KRB5_KU_PA_SERVER_REFERRAL, + data.data, data.length, + 0 /* kvno */, &ed); + free(data.data); + if (ret) + return ret; + + ASN1_MALLOC_ENCODE(EncryptedData, + outdata->data, outdata->length, + &ed, &size, ret); + free_EncryptedData(&ed); + if (ret) + return ret; + if (outdata->length != size) + krb5_abortx(context, "internal asn.1 encoder error"); + + return 0; +eout: + free_PA_ServerReferralData(&ref); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; +} + +static krb5_error_code +tgs_build_reply(krb5_context context, krb5_kdc_configuration *config, - KDC_REQ *req, + KDC_REQ *req, KDC_REQ_BODY *b, hdb_entry_ex *krbtgt, krb5_enctype krbtgt_etype, + const krb5_keyblock *replykey, + int rk_is_subkey, krb5_ticket *ticket, krb5_data *reply, const char *from, const char **e_text, - AuthorizationData *auth_data, - const struct sockaddr *from_addr, - int datagram_reply) + AuthorizationData **auth_data, + const struct sockaddr *from_addr) { krb5_error_code ret; - krb5_principal cp = NULL, sp = NULL; - krb5_principal client_principal = NULL; - char *spn = NULL, *cpn = NULL; - hdb_entry_ex *server = NULL, *client = NULL; + krb5_principal cp = NULL, sp = NULL, rsp = NULL, tp = NULL, dp = NULL; + krb5_principal krbtgt_principal = NULL; + char *spn = NULL, *cpn = NULL, *tpn = NULL, *dpn = NULL; + hdb_entry_ex *server = NULL, *client = NULL, *s4u2self_impersonated_client = NULL; + HDB *clientdb, *s4u2self_impersonated_clientdb; + krb5_realm ref_realm = NULL; EncTicketPart *tgt = &ticket->ticket; - KRB5SignedPathPrincipals *spp = NULL; + krb5_principals spp = NULL; const EncryptionKey *ekey; krb5_keyblock sessionkey; krb5_kvno kvno; krb5_data rspac; - int cross_realm = 0; + + hdb_entry_ex *krbtgt_out = NULL; + + METHOD_DATA enc_pa_data; PrincipalName *s; Realm r; int nloop = 0; EncTicketPart adtkt; char opt_str[128]; - int require_signedpath = 0; + int signedpath = 0; + + Key *tkey_check; + Key *tkey_sign; + int flags = HDB_F_FOR_TGS_REQ; memset(&sessionkey, 0, sizeof(sessionkey)); memset(&adtkt, 0, sizeof(adtkt)); krb5_data_zero(&rspac); + memset(&enc_pa_data, 0, sizeof(enc_pa_data)); s = b->sname; r = b->realm; + /* + * Always to do CANON, see comment below about returned server principal (rsp). + */ + flags |= HDB_F_CANON; + if(b->kdc_options.enc_tkt_in_skey){ Ticket *t; hdb_entry_ex *uu; krb5_principal p; Key *uukey; - - if(b->additional_tickets == NULL || + + if(b->additional_tickets == NULL || b->additional_tickets->len == 0){ ret = KRB5KDC_ERR_BADOPTION; /* ? */ kdc_log(context, config, 0, @@ -1305,8 +1544,8 @@ tgs_build_reply(krb5_context context, goto out; } _krb5_principalname2krb5_principal(context, &p, t->sname, t->realm); - ret = _kdc_db_fetch(context, config, p, - HDB_F_GET_CLIENT|HDB_F_GET_SERVER, + ret = _kdc_db_fetch(context, config, p, + HDB_F_GET_KRBTGT, t->enc_part.kvno, NULL, &uu); krb5_free_principal(context, p); if(ret){ @@ -1314,7 +1553,7 @@ tgs_build_reply(krb5_context context, ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN; goto out; } - ret = hdb_enctype2key(context, &uu->entry, + ret = hdb_enctype2key(context, &uu->entry, t->enc_part.etype, &uukey); if(ret){ _kdc_free_ent(context, uu); @@ -1335,7 +1574,7 @@ tgs_build_reply(krb5_context context, } _krb5_principalname2krb5_principal(context, &sp, *s, r); - ret = krb5_unparse_name(context, sp, &spn); + ret = krb5_unparse_name(context, sp, &spn); if (ret) goto out; _krb5_principalname2krb5_principal(context, &cp, tgt->cname, tgt->crealm); @@ -1347,7 +1586,7 @@ tgs_build_reply(krb5_context context, opt_str, sizeof(opt_str)); if(*opt_str) kdc_log(context, config, 0, - "TGS-REQ %s from %s for %s [%s]", + "TGS-REQ %s from %s for %s [%s]", cpn, from, spn, opt_str); else kdc_log(context, config, 0, @@ -1358,10 +1597,14 @@ tgs_build_reply(krb5_context context, */ server_lookup: - ret = _kdc_db_fetch(context, config, sp, HDB_F_GET_SERVER, NULL, &server); + ret = _kdc_db_fetch(context, config, sp, HDB_F_GET_SERVER | flags, + NULL, NULL, &server); - if(ret){ - const char *new_rlm; + if(ret == HDB_ERR_NOT_FOUND_HERE) { + kdc_log(context, config, 5, "target %s does not have secrets at this KDC, need to proxy", sp); + goto out; + } else if(ret){ + const char *new_rlm, *msg; Realm req_rlm; krb5_realm *realms; @@ -1370,20 +1613,23 @@ tgs_build_reply(krb5_context context, new_rlm = find_rpath(context, tgt->crealm, req_rlm); if(new_rlm) { kdc_log(context, config, 5, "krbtgt for realm %s " - "not found, trying %s", + "not found, trying %s", req_rlm, new_rlm); krb5_free_principal(context, sp); free(spn); - krb5_make_principal(context, &sp, r, + krb5_make_principal(context, &sp, r, KRB5_TGS_NAME, new_rlm, NULL); - ret = krb5_unparse_name(context, sp, &spn); + ret = krb5_unparse_name(context, sp, &spn); if (ret) goto out; - auth_data = NULL; /* ms don't handle AD in referals */ + + if (ref_realm) + free(ref_realm); + ref_realm = strdup(new_rlm); goto server_lookup; } } - } else if(need_referral(context, sp, &realms)) { + } else if(need_referral(context, config, &b->kdc_options, sp, &realms)) { if (strcmp(realms[0], sp->realm) != 0) { kdc_log(context, config, 5, "Returning a referral to realm %s for " @@ -1396,23 +1642,167 @@ tgs_build_reply(krb5_context context, ret = krb5_unparse_name(context, sp, &spn); if (ret) goto out; + + if (ref_realm) + free(ref_realm); + ref_realm = strdup(realms[0]); + krb5_free_host_realm(context, realms); - auth_data = NULL; /* ms don't handle AD in referals */ goto server_lookup; } krb5_free_host_realm(context, realms); } + msg = krb5_get_error_message(context, ret); kdc_log(context, config, 0, - "Server not found in database: %s: %s", spn, - krb5_get_err_text(context, ret)); + "Server not found in database: %s: %s", spn, msg); + krb5_free_error_message(context, msg); if (ret == HDB_ERR_NOENTRY) ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN; goto out; } - ret = _kdc_db_fetch(context, config, cp, HDB_F_GET_CLIENT, NULL, &client); + /* the name returned to the client depend on what was asked for, + * return canonical name if kdc_options.canonicalize was set, the + * client wants the true name of the principal, if not it just + * wants the name its asked for. + */ + + if (b->kdc_options.canonicalize) + rsp = server->entry.principal; + else + rsp = sp; + + + /* + * Select enctype, return key and kvno. + */ + + { + krb5_enctype etype; + + if(b->kdc_options.enc_tkt_in_skey) { + size_t i; + ekey = &adtkt.key; + for(i = 0; i < b->etype.len; i++) + if (b->etype.val[i] == adtkt.key.keytype) + break; + if(i == b->etype.len) { + kdc_log(context, config, 0, + "Addition ticket have not matching etypes"); + krb5_clear_error_message(context); + ret = KRB5KDC_ERR_ETYPE_NOSUPP; + goto out; + } + etype = b->etype.val[i]; + kvno = 0; + } else { + Key *skey; + + ret = _kdc_find_etype(context, + config->tgs_use_strongest_session_key, FALSE, + server, b->etype.val, b->etype.len, NULL, + &skey); + if(ret) { + kdc_log(context, config, 0, + "Server (%s) has no support for etypes", spn); + goto out; + } + ekey = &skey->key; + etype = skey->key.keytype; + kvno = server->entry.kvno; + } + + ret = krb5_generate_random_keyblock(context, etype, &sessionkey); + if (ret) + goto out; + } + + /* + * Check that service is in the same realm as the krbtgt. If it's + * not the same, it's someone that is using a uni-directional trust + * backward. + */ + + /* + * Validate authoriation data + */ + + ret = hdb_enctype2key(context, &krbtgt->entry, + krbtgt_etype, &tkey_check); if(ret) { - const char *krbtgt_realm; + kdc_log(context, config, 0, + "Failed to find key for krbtgt PAC check"); + goto out; + } + + /* Now refetch the primary krbtgt, and get the current kvno (the + * sign check may have been on an old kvno, and the server may + * have been an incoming trust) */ + ret = krb5_make_principal(context, &krbtgt_principal, + krb5_principal_get_comp_string(context, + krbtgt->entry.principal, + 1), + KRB5_TGS_NAME, + krb5_principal_get_comp_string(context, + krbtgt->entry.principal, + 1), NULL); + if(ret) { + kdc_log(context, config, 0, + "Failed to generate krbtgt principal"); + goto out; + } + + ret = _kdc_db_fetch(context, config, krbtgt_principal, HDB_F_GET_KRBTGT, NULL, NULL, &krbtgt_out); + krb5_free_principal(context, krbtgt_principal); + if (ret) { + krb5_error_code ret2; + char *ktpn, *ktpn2; + ret = krb5_unparse_name(context, krbtgt->entry.principal, &ktpn); + ret2 = krb5_unparse_name(context, krbtgt_principal, &ktpn2); + kdc_log(context, config, 0, + "Request with wrong krbtgt: %s, %s not found in our database", + (ret == 0) ? ktpn : "", (ret2 == 0) ? ktpn2 : ""); + if(ret == 0) + free(ktpn); + if(ret2 == 0) + free(ktpn2); + ret = KRB5KRB_AP_ERR_NOT_US; + goto out; + } + + /* The first realm is the realm of the service, the second is + * krbtgt//@REALM component of the krbtgt DN the request was + * encrypted to. The redirection via the krbtgt_out entry allows + * the DB to possibly correct the case of the realm (Samba4 does + * this) before the strcmp() */ + if (strcmp(krb5_principal_get_realm(context, server->entry.principal), + krb5_principal_get_realm(context, krbtgt_out->entry.principal)) != 0) { + char *ktpn; + ret = krb5_unparse_name(context, krbtgt_out->entry.principal, &ktpn); + kdc_log(context, config, 0, + "Request with wrong krbtgt: %s", + (ret == 0) ? ktpn : ""); + if(ret == 0) + free(ktpn); + ret = KRB5KRB_AP_ERR_NOT_US; + } + + ret = hdb_enctype2key(context, &krbtgt_out->entry, + krbtgt_etype, &tkey_sign); + if(ret) { + kdc_log(context, config, 0, + "Failed to find key for krbtgt PAC signature"); + goto out; + } + + ret = _kdc_db_fetch(context, config, cp, HDB_F_GET_CLIENT | flags, + NULL, &clientdb, &client); + if(ret == HDB_ERR_NOT_FOUND_HERE) { + /* This is OK, we are just trying to find out if they have + * been disabled or deleted in the meantime, missing secrets + * is OK */ + } else if(ret){ + const char *krbtgt_realm, *msg; /* * If the client belongs to the same realm as our krbtgt, it @@ -1420,9 +1810,7 @@ tgs_build_reply(krb5_context context, * */ - krbtgt_realm = - krb5_principal_get_comp_string(context, - krbtgt->entry.principal, 1); + krbtgt_realm = krb5_principal_get_realm(context, krbtgt_out->entry.principal); if(strcmp(krb5_principal_get_realm(context, cp), krbtgt_realm) == 0) { if (ret == HDB_ERR_NOENTRY) @@ -1431,53 +1819,63 @@ tgs_build_reply(krb5_context context, cpn); goto out; } - - kdc_log(context, config, 1, "Client not found in database: %s: %s", - cpn, krb5_get_err_text(context, ret)); - cross_realm = 1; + msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 1, "Client not found in database: %s", msg); + krb5_free_error_message(context, msg); } - - /* - * Check that service is in the same realm as the krbtgt. If it's - * not the same, it's someone that is using a uni-directional trust - * backward. - */ - - if (strcmp(krb5_principal_get_realm(context, sp), - krb5_principal_get_comp_string(context, - krbtgt->entry.principal, - 1)) != 0) { - char *tpn; - ret = krb5_unparse_name(context, krbtgt->entry.principal, &tpn); + + ret = check_PAC(context, config, cp, NULL, + client, server, krbtgt, + &tkey_check->key, &tkey_check->key, + ekey, &tkey_sign->key, + tgt, &rspac, &signedpath); + if (ret) { + const char *msg = krb5_get_error_message(context, ret); kdc_log(context, config, 0, - "Request with wrong krbtgt: %s", - (ret == 0) ? tpn : ""); - if(ret == 0) - free(tpn); - ret = KRB5KRB_AP_ERR_NOT_US; + "Verify PAC failed for %s (%s) from %s with %s", + spn, cpn, from, msg); + krb5_free_error_message(context, msg); + goto out; + } + + /* also check the krbtgt for signature */ + ret = check_KRB5SignedPath(context, + config, + krbtgt, + cp, + tgt, + &spp, + &signedpath); + if (ret) { + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, + "KRB5SignedPath check failed for %s (%s) from %s with %s", + spn, cpn, from, msg); + krb5_free_error_message(context, msg); goto out; } /* - * + * Process request */ - client_principal = cp; + /* by default the tgt principal matches the client principal */ + tp = cp; + tpn = cpn; if (client) { const PA_DATA *sdata; int i = 0; - sdata = _kdc_find_padata(req, &i, KRB5_PADATA_S4U2SELF); + sdata = _kdc_find_padata(req, &i, KRB5_PADATA_FOR_USER); if (sdata) { krb5_crypto crypto; krb5_data datack; PA_S4U2Self self; - char *selfcpn = NULL; const char *str; - ret = decode_PA_S4U2Self(sdata->padata_value.data, + ret = decode_PA_S4U2Self(sdata->padata_value.data, sdata->padata_value.length, &self, NULL); if (ret) { @@ -1491,52 +1889,97 @@ tgs_build_reply(krb5_context context, ret = krb5_crypto_init(context, &tgt->key, 0, &crypto); if (ret) { + const char *msg = krb5_get_error_message(context, ret); free_PA_S4U2Self(&self); krb5_data_free(&datack); - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); + kdc_log(context, config, 0, "krb5_crypto_init failed: %s", msg); + krb5_free_error_message(context, msg); goto out; } ret = krb5_verify_checksum(context, crypto, KRB5_KU_OTHER_CKSUM, - datack.data, - datack.length, + datack.data, + datack.length, &self.cksum); krb5_data_free(&datack); krb5_crypto_destroy(context, crypto); if (ret) { + const char *msg = krb5_get_error_message(context, ret); free_PA_S4U2Self(&self); - kdc_log(context, config, 0, - "krb5_verify_checksum failed for S4U2Self: %s", - krb5_get_err_text(context, ret)); + kdc_log(context, config, 0, + "krb5_verify_checksum failed for S4U2Self: %s", msg); + krb5_free_error_message(context, msg); goto out; } ret = _krb5_principalname2krb5_principal(context, - &client_principal, + &tp, self.name, self.realm); free_PA_S4U2Self(&self); if (ret) goto out; - ret = krb5_unparse_name(context, client_principal, &selfcpn); + ret = krb5_unparse_name(context, tp, &tpn); if (ret) goto out; + /* If we were about to put a PAC into the ticket, we better fix it to be the right PAC */ + if(rspac.data) { + krb5_pac p = NULL; + krb5_data_free(&rspac); + ret = _kdc_db_fetch(context, config, tp, HDB_F_GET_CLIENT | flags, + NULL, &s4u2self_impersonated_clientdb, &s4u2self_impersonated_client); + if (ret) { + const char *msg; + + /* + * If the client belongs to the same realm as our krbtgt, it + * should exist in the local database. + * + */ + + if (ret == HDB_ERR_NOENTRY) + ret = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN; + msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 1, + "S2U4Self principal to impersonate %s not found in database: %s", + tpn, msg); + krb5_free_error_message(context, msg); + goto out; + } + ret = _kdc_pac_generate(context, s4u2self_impersonated_client, &p); + if (ret) { + kdc_log(context, config, 0, "PAC generation failed for -- %s", + tpn); + goto out; + } + if (p != NULL) { + ret = _krb5_pac_sign(context, p, ticket->ticket.authtime, + s4u2self_impersonated_client->entry.principal, + ekey, &tkey_sign->key, + &rspac); + krb5_pac_free(context, p); + if (ret) { + kdc_log(context, config, 0, "PAC signing failed for -- %s", + tpn); + goto out; + } + } + } + /* * Check that service doing the impersonating is * requesting a ticket to it-self. */ - if (krb5_principal_compare(context, cp, sp) != TRUE) { + ret = check_s4u2self(context, config, clientdb, client, sp); + if (ret) { kdc_log(context, config, 0, "S4U2Self: %s is not allowed " - "to impersonate some other user " + "to impersonate to service " "(tried for user %s to service %s)", - cpn, selfcpn, spn); - free(selfcpn); - ret = KRB5KDC_ERR_BADOPTION; /* ? */ + cpn, tpn, spn); goto out; } @@ -1552,8 +1995,7 @@ tgs_build_reply(krb5_context context, str = ""; } kdc_log(context, config, 0, "s4u2self %s impersonating %s to " - "service %s %s", cpn, selfcpn, spn, str); - free(selfcpn); + "service %s %s", cpn, tpn, spn, str); } } @@ -1566,13 +2008,25 @@ tgs_build_reply(krb5_context context, && b->additional_tickets->len != 0 && b->kdc_options.enc_tkt_in_skey == 0) { + int ad_signedpath = 0; Key *clientkey; Ticket *t; - char *str; + + /* + * Require that the KDC have issued the service's krbtgt (not + * self-issued ticket with kimpersonate(1). + */ + if (!signedpath) { + ret = KRB5KDC_ERR_BADOPTION; + kdc_log(context, config, 0, + "Constrained delegation done on service ticket %s/%s", + cpn, spn); + goto out; + } t = &b->additional_tickets->val[0]; - ret = hdb_enctype2key(context, &client->entry, + ret = hdb_enctype2key(context, &client->entry, t->enc_part.etype, &clientkey); if(ret){ ret = KRB5KDC_ERR_ETYPE_NOSUPP; /* XXX */ @@ -1583,90 +2037,127 @@ tgs_build_reply(krb5_context context, if (ret) { kdc_log(context, config, 0, "failed to decrypt ticket for " - "constrained delegation from %s to %s ", spn, cpn); - goto out; - } - - /* check that ticket is valid */ - - if (adtkt.flags.forwardable == 0) { - kdc_log(context, config, 0, - "Missing forwardable flag on ticket for " - "constrained delegation from %s to %s ", spn, cpn); - ret = KRB5KDC_ERR_ETYPE_NOSUPP; /* XXX */ - goto out; - } - - ret = check_constrained_delegation(context, config, client, sp); - if (ret) { - kdc_log(context, config, 0, - "constrained delegation from %s to %s not allowed", - spn, cpn); + "constrained delegation from %s to %s ", cpn, spn); goto out; } ret = _krb5_principalname2krb5_principal(context, - &client_principal, + &tp, adtkt.cname, adtkt.crealm); if (ret) goto out; - ret = krb5_unparse_name(context, client_principal, &str); + ret = krb5_unparse_name(context, tp, &tpn); if (ret) goto out; - ret = verify_flags(context, config, &adtkt, str); + ret = _krb5_principalname2krb5_principal(context, + &dp, + t->sname, + t->realm); + if (ret) + goto out; + + ret = krb5_unparse_name(context, dp, &dpn); + if (ret) + goto out; + + /* check that ticket is valid */ + if (adtkt.flags.forwardable == 0) { + kdc_log(context, config, 0, + "Missing forwardable flag on ticket for " + "constrained delegation from %s (%s) as %s to %s ", + cpn, dpn, tpn, spn); + ret = KRB5KDC_ERR_BADOPTION; + goto out; + } + + ret = check_constrained_delegation(context, config, clientdb, + client, server, sp); if (ret) { - free(str); + kdc_log(context, config, 0, + "constrained delegation from %s (%s) as %s to %s not allowed", + cpn, dpn, tpn, spn); + goto out; + } + + ret = verify_flags(context, config, &adtkt, tpn); + if (ret) { + goto out; + } + + krb5_data_free(&rspac); + + /* + * generate the PAC for the user. + * + * TODO: pass in t->sname and t->realm and build + * a S4U_DELEGATION_INFO blob to the PAC. + */ + ret = check_PAC(context, config, tp, dp, + client, server, krbtgt, + &clientkey->key, &tkey_check->key, + ekey, &tkey_sign->key, + &adtkt, &rspac, &ad_signedpath); + if (ret) { + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, + "Verify delegated PAC failed to %s for client" + "%s (%s) as %s from %s with %s", + spn, cpn, dpn, tpn, from, msg); + krb5_free_error_message(context, msg); goto out; } /* - * Check KRB5SignedPath in authorization data and add new entry to - * make sure servers can't fake a ticket to us. + * Check that the KDC issued the user's ticket. */ - ret = check_KRB5SignedPath(context, config, krbtgt, + cp, &adtkt, - &spp, - 1); + NULL, + &ad_signedpath); if (ret) { + const char *msg = krb5_get_error_message(context, ret); kdc_log(context, config, 0, "KRB5SignedPath check from service %s failed " - "for delegation to %s for client %s " + "for delegation to %s for client %s (%s)" "from %s failed with %s", - spn, str, cpn, from, krb5_get_err_text(context, ret)); - free(str); + spn, tpn, dpn, cpn, from, msg); + krb5_free_error_message(context, msg); + goto out; + } + + if (!ad_signedpath) { + ret = KRB5KDC_ERR_BADOPTION; + kdc_log(context, config, 0, + "Ticket not signed with PAC nor SignedPath service %s failed " + "for delegation to %s for client %s (%s)" + "from %s", + spn, tpn, dpn, cpn, from); goto out; } kdc_log(context, config, 0, "constrained delegation for %s " - "from %s to %s", str, cpn, spn); - free(str); - - /* - * Also require that the KDC have issue the service's krbtgt - * used to do the request. - */ - require_signedpath = 1; + "from %s (%s) to %s", tpn, cpn, dpn, spn); } /* * Check flags */ - ret = _kdc_check_flags(context, config, - client, cpn, - server, spn, - FALSE); + ret = kdc_check_flags(context, config, + client, cpn, + server, spn, + FALSE); if(ret) goto out; - if((b->kdc_options.validate || b->kdc_options.renew) && - !krb5_principal_compare(context, + if((b->kdc_options.validate || b->kdc_options.renew) && + !krb5_principal_compare(context, krbtgt->entry.principal, server->entry.principal)){ kdc_log(context, config, 0, "Inconsistent request."); @@ -1680,80 +2171,39 @@ tgs_build_reply(krb5_context context, kdc_log(context, config, 0, "Request from wrong address"); goto out; } - + /* - * Select enctype, return key and kvno. + * If this is an referral, add server referral data to the + * auth_data reply . */ + if (ref_realm) { + PA_DATA pa; + krb5_crypto crypto; - { - krb5_enctype etype; + kdc_log(context, config, 0, + "Adding server referral to %s", ref_realm); - if(b->kdc_options.enc_tkt_in_skey) { - int i; - ekey = &adtkt.key; - for(i = 0; i < b->etype.len; i++) - if (b->etype.val[i] == adtkt.key.keytype) - break; - if(i == b->etype.len) { - krb5_clear_error_string(context); - return KRB5KDC_ERR_ETYPE_NOSUPP; - } - etype = b->etype.val[i]; - kvno = 0; - } else { - Key *skey; - - ret = _kdc_find_etype(context, server, b->etype.val, b->etype.len, - &skey, &etype); - if(ret) { - kdc_log(context, config, 0, - "Server (%s) has no support for etypes", spp); - return ret; - } - ekey = &skey->key; - kvno = server->entry.kvno; - } - - ret = krb5_generate_random_keyblock(context, etype, &sessionkey); + ret = krb5_crypto_init(context, &sessionkey, 0, &crypto); if (ret) goto out; - } - /* check PAC if not cross realm and if there is one */ - if (!cross_realm) { - Key *tkey; - - ret = hdb_enctype2key(context, &krbtgt->entry, - krbtgt_etype, &tkey); - if(ret) { - kdc_log(context, config, 0, - "Failed to find key for krbtgt PAC check"); - goto out; - } - - ret = check_PAC(context, config, client_principal, - client, server, ekey, &tkey->key, - tgt, &rspac, &require_signedpath); + ret = build_server_referral(context, config, crypto, ref_realm, + NULL, s, &pa.padata_value); + krb5_crypto_destroy(context, crypto); if (ret) { kdc_log(context, config, 0, - "Verify PAC failed for %s (%s) from %s with %s", - spn, cpn, from, krb5_get_err_text(context, ret)); + "Failed building server referral"); goto out; } - } + pa.padata_type = KRB5_PADATA_SERVER_REFERRAL; - /* also check the krbtgt for signature */ - ret = check_KRB5SignedPath(context, - config, - krbtgt, - tgt, - &spp, - require_signedpath); - if (ret) { - kdc_log(context, config, 0, - "KRB5SignedPath check failed for %s (%s) from %s with %s", - spn, cpn, from, krb5_get_err_text(context, ret)); - goto out; + ret = add_METHOD_DATA(&enc_pa_data, &pa); + krb5_data_free(&pa.padata_value); + if (ret) { + kdc_log(context, config, 0, + "Add server referral METHOD-DATA failed"); + goto out; + } } /* @@ -1761,42 +2211,59 @@ tgs_build_reply(krb5_context context, */ ret = tgs_make_reply(context, - config, - b, - client_principal, - tgt, + config, + b, + tp, + tgt, + replykey, + rk_is_subkey, ekey, &sessionkey, kvno, - auth_data, - server, + *auth_data, + server, + rsp, spn, - client, - cp, - krbtgt, + client, + cp, + krbtgt_out, krbtgt_etype, spp, &rspac, + &enc_pa_data, e_text, reply); - + out: + if (tpn != cpn) + free(tpn); free(spn); free(cpn); - + if (dpn) + free(dpn); + krb5_data_free(&rspac); krb5_free_keyblock_contents(context, &sessionkey); + if(krbtgt_out) + _kdc_free_ent(context, krbtgt_out); if(server) _kdc_free_ent(context, server); if(client) _kdc_free_ent(context, client); + if(s4u2self_impersonated_client) + _kdc_free_ent(context, s4u2self_impersonated_client); - if (client_principal && client_principal != cp) - krb5_free_principal(context, client_principal); + if (tp && tp != cp) + krb5_free_principal(context, tp); if (cp) krb5_free_principal(context, cp); + if (dp) + krb5_free_principal(context, dp); if (sp) krb5_free_principal(context, sp); + if (ref_realm) + free(ref_realm); + free_METHOD_DATA(&enc_pa_data); free_EncTicketPart(&adtkt); @@ -1808,9 +2275,9 @@ tgs_build_reply(krb5_context context, */ krb5_error_code -_kdc_tgs_rep(krb5_context context, +_kdc_tgs_rep(krb5_context context, krb5_kdc_configuration *config, - KDC_REQ *req, + KDC_REQ *req, krb5_data *data, const char *from, struct sockaddr *from_addr, @@ -1826,6 +2293,8 @@ _kdc_tgs_rep(krb5_context context, const char *e_text = NULL; krb5_enctype krbtgt_etype = ETYPE_NULL; + krb5_keyblock *replykey = NULL; + int rk_is_subkey = 0; time_t *csec = NULL; int *cusec = NULL; @@ -1835,17 +2304,17 @@ _kdc_tgs_rep(krb5_context context, "TGS-REQ from %s without PA-DATA", from); goto out; } - + tgs_req = _kdc_find_padata(req, &i, KRB5_PADATA_TGS_REQ); if(tgs_req == NULL){ ret = KRB5KDC_ERR_PADATA_TYPE_NOSUPP; - - kdc_log(context, config, 0, + + kdc_log(context, config, 0, "TGS-REQ from %s without PA-TGS-REQ", from); goto out; } - ret = tgs_parse_request(context, config, + ret = tgs_parse_request(context, config, &req->req_body, tgs_req, &krbtgt, &krbtgt_etype, @@ -1853,9 +2322,15 @@ _kdc_tgs_rep(krb5_context context, &e_text, from, from_addr, &csec, &cusec, - &auth_data); + &auth_data, + &replykey, + &rk_is_subkey); + if (ret == HDB_ERR_NOT_FOUND_HERE) { + /* kdc_log() is called in tgs_parse_request() */ + goto out; + } if (ret) { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "Failed parsing TGS-REQ from %s", from); goto out; } @@ -1866,15 +2341,16 @@ _kdc_tgs_rep(krb5_context context, &req->req_body, krbtgt, krbtgt_etype, + replykey, + rk_is_subkey, ticket, data, from, &e_text, - auth_data, - from_addr, - datagram_reply); + &auth_data, + from_addr); if (ret) { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "Failed building TGS-REP to %s", from); goto out; } @@ -1887,7 +2363,9 @@ _kdc_tgs_rep(krb5_context context, } out: - if(ret && data->data == NULL){ + if (replykey) + krb5_free_keyblock(context, replykey); + if(ret && ret != HDB_ERR_NOT_FOUND_HERE && data->data == NULL){ krb5_mk_error(context, ret, NULL, @@ -1897,6 +2375,7 @@ _kdc_tgs_rep(krb5_context context, csec, cusec, data); + ret = 0; } free(csec); free(cusec); @@ -1910,5 +2389,5 @@ _kdc_tgs_rep(krb5_context context, free(auth_data); } - return 0; + return ret; } diff --git a/kdc/kstash-version.rc b/kdc/kstash-version.rc new file mode 100644 index 000000000000..c3d221466b85 --- /dev/null +++ b/kdc/kstash-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "KDC Master Password Stash Tool" +#define RC_FILE_ORIG_0409 "kstash.exe" + +#include "../windows/version.rc" diff --git a/kdc/kstash.8 b/kdc/kstash.8 index f30eac693d0a..615132b8d011 100644 --- a/kdc/kstash.8 +++ b/kdc/kstash.8 @@ -1,35 +1,35 @@ -.\" Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. .\" -.\" $Id: kstash.8 20316 2007-04-11 11:53:20Z lha $ +.\" $Id$ .\" .Dd April 10, 2007 .Dt KSTASH 8 @@ -41,19 +41,19 @@ .Nm .Bk -words .Oo Fl e Ar string \*(Ba Xo -.Fl -enctype= Ns Ar string +.Fl Fl enctype= Ns Ar string .Xc .Oc .Oo Fl k Ar file \*(Ba Xo -.Fl -key-file= Ns Ar file +.Fl Fl key-file= Ns Ar file .Xc .Oc -.Op Fl -convert-file -.Op Fl -random-key -.Op Fl -master-key-fd= Ns Ar fd -.Op Fl -random-key -.Op Fl h | Fl -help -.Op Fl -version +.Op Fl Fl convert-file +.Op Fl Fl random-key +.Op Fl Fl master-key-fd= Ns Ar fd +.Op Fl Fl random-key +.Op Fl h | Fl Fl help +.Op Fl Fl version .Ek .Sh DESCRIPTION .Nm @@ -62,28 +62,16 @@ used by the KDC. .Pp Supported options: .Bl -tag -width Ds -.It Xo -.Fl e Ar string , -.Fl -enctype= Ns Ar string -.Xc +.It Fl e Ar string , Fl Fl enctype= Ns Ar string the encryption type to use, defaults to DES3-CBC-SHA1. -.It Xo -.Fl k Ar file , -.Fl -key-file= Ns Ar file -.Xc +.It Fl k Ar file , Fl Fl key-file= Ns Ar file the name of the master key file. -.It Xo -.Fl -convert-file -.Xc +.It Fl Fl convert-file don't ask for a new master key, just read an old master key file, and write it back in the new keyfile format. -.It Xo -.Fl -random-key -.Xc +.It Fl Fl random-key generate a random master key. -.It Xo -.Fl -master-key-fd= Ns Ar fd -.Xc +.It Fl Fl master-key-fd= Ns Ar fd filedescriptor to read passphrase from, if not specified the passphrase will be read from the terminal. .El diff --git a/kdc/kstash.c b/kdc/kstash.c index 9e499a1093a2..0b75fb8d84a1 100644 --- a/kdc/kstash.c +++ b/kdc/kstash.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "headers.h" -RCSID("$Id: kstash.c 22244 2007-12-08 23:47:42Z lha $"); - krb5_context context; static char *keyfile; @@ -48,15 +46,17 @@ static int random_key_flag; static const char *enctype_str = "des3-cbc-sha1"; static struct getargs args[] = { - { "enctype", 'e', arg_string, &enctype_str, "encryption type" }, + { "enctype", 'e', arg_string, rk_UNCONST(&enctype_str), "encryption type", + NULL }, { "key-file", 'k', arg_string, &keyfile, "master key file", "file" }, - { "convert-file", 0, arg_flag, &convert_flag, - "just convert keyfile to new format" }, - { "master-key-fd", 0, arg_integer, &master_key_fd, + { "convert-file", 0, arg_flag, &convert_flag, + "just convert keyfile to new format", NULL }, + { "master-key-fd", 0, arg_integer, &master_key_fd, "filedescriptor to read passphrase from", "fd" }, - { "random-key", 0, arg_flag, &random_key_flag, "generate a random master key" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } + { "random-key", 0, arg_flag, &random_key_flag, + "generate a random master key", NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL } }; int num_args = sizeof(args) / sizeof(args[0]); @@ -66,11 +66,11 @@ main(int argc, char **argv) { char buf[1024]; krb5_error_code ret; - + krb5_enctype enctype; hdb_master_key mkey; - + krb5_program_setup(&context, argc, argv, args, num_args, NULL); if(help_flag) @@ -118,7 +118,7 @@ main(int argc, char **argv) krb5_err(context, 1, errno, "failed to read passphrase"); buf[n] = '\0'; buf[strcspn(buf, "\r\n")] = '\0'; - + } else { if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Master key: ", 1)) exit(1); @@ -126,11 +126,11 @@ main(int argc, char **argv) krb5_string_to_key_salt(context, enctype, buf, salt, &key); } ret = hdb_add_master_key(context, &key, &mkey); - + krb5_free_keyblock_contents(context, &key); } - + { char *new, *old; asprintf(&old, "%s.old", keyfile); @@ -144,13 +144,19 @@ main(int argc, char **argv) if(ret) unlink(new); else { +#ifndef NO_POSIX_LINKS unlink(old); if(link(keyfile, old) < 0 && errno != ENOENT) { ret = errno; unlink(new); - } else if(rename(new, keyfile) < 0) { - ret = errno; + } else { +#endif + if(rename(new, keyfile) < 0) { + ret = errno; + } +#ifndef NO_POSIX_LINKS } +#endif } out: free(old); diff --git a/kdc/kstash.cat8 b/kdc/kstash.cat8 new file mode 100644 index 000000000000..b3bdf655d310 --- /dev/null +++ b/kdc/kstash.cat8 @@ -0,0 +1,43 @@ + +KSTASH(8) BSD System Manager's Manual KSTASH(8) + +NNAAMMEE + kkssttaasshh -- store the KDC master password in a file + +SSYYNNOOPPSSIISS + kkssttaasshh [--ee _s_t_r_i_n_g | ----eennccttyyppee==_s_t_r_i_n_g] [--kk _f_i_l_e | ----kkeeyy--ffiillee==_f_i_l_e] + [----ccoonnvveerrtt--ffiillee] [----rraannddoomm--kkeeyy] [----mmaasstteerr--kkeeyy--ffdd==_f_d] + [----rraannddoomm--kkeeyy] [--hh | ----hheellpp] [----vveerrssiioonn] + +DDEESSCCRRIIPPTTIIOONN + kkssttaasshh reads the Kerberos master key and stores it in a file that will be + used by the KDC. + + Supported options: + + --ee _s_t_r_i_n_g, ----eennccttyyppee==_s_t_r_i_n_g + the encryption type to use, defaults to DES3-CBC-SHA1. + + --kk _f_i_l_e, ----kkeeyy--ffiillee==_f_i_l_e + the name of the master key file. + + ----ccoonnvveerrtt--ffiillee + don't ask for a new master key, just read an old master key file, + and write it back in the new keyfile format. + + ----rraannddoomm--kkeeyy + generate a random master key. + + ----mmaasstteerr--kkeeyy--ffdd==_f_d + filedescriptor to read passphrase from, if not specified the + passphrase will be read from the terminal. + +FFIILLEESS + _/_v_a_r_/_h_e_i_m_d_a_l_/_m_-_k_e_y is the default keyfile if no other keyfile is speci- + fied. The format of a Heimdal master key is the same as a keytab, so + kkttuuttiill list can be used to list the content of the file. + +SSEEEE AALLSSOO + kdc(8) + +HEIMDAL April 10, 2007 HEIMDAL diff --git a/kdc/kx509.c b/kdc/kx509.c index b1b861efef88..8d683d50a375 100644 --- a/kdc/kx509.c +++ b/kdc/kx509.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" @@ -36,14 +36,14 @@ #include #include -RCSID("$Id: kx509.c 21607 2007-07-17 07:04:52Z lha $"); +#ifdef KX509 /* * */ krb5_error_code -_kdc_try_kx509_request(void *ptr, size_t len, Kx509Request *req, size_t *size) +_kdc_try_kx509_request(void *ptr, size_t len, struct Kx509Request *req, size_t *size) { if (len < 4) return -1; @@ -59,22 +59,23 @@ _kdc_try_kx509_request(void *ptr, size_t len, Kx509Request *req, size_t *size) static const unsigned char version_2_0[4] = {0 , 0, 2, 0}; static krb5_error_code -verify_req_hash(krb5_context context, +verify_req_hash(krb5_context context, const Kx509Request *req, krb5_keyblock *key) { unsigned char digest[SHA_DIGEST_LENGTH]; HMAC_CTX ctx; - + if (req->pk_hash.length != sizeof(digest)) { - krb5_set_error_string(context, "pk-hash have wrong length: %lu", - (unsigned long)req->pk_hash.length); + krb5_set_error_message(context, KRB5KDC_ERR_PREAUTH_FAILED, + "pk-hash have wrong length: %lu", + (unsigned long)req->pk_hash.length); return KRB5KDC_ERR_PREAUTH_FAILED; } HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, - key->keyvalue.data, key->keyvalue.length, + HMAC_Init_ex(&ctx, + key->keyvalue.data, key->keyvalue.length, EVP_sha1(), NULL); if (sizeof(digest) != HMAC_size(&ctx)) krb5_abortx(context, "runtime error, hmac buffer wrong size in kx509"); @@ -84,7 +85,8 @@ verify_req_hash(krb5_context context, HMAC_CTX_cleanup(&ctx); if (memcmp(req->pk_hash.data, digest, sizeof(digest)) != 0) { - krb5_set_error_string(context, "pk-hash is not correct"); + krb5_set_error_message(context, KRB5KDC_ERR_PREAUTH_FAILED, + "pk-hash is not correct"); return KRB5KDC_ERR_PREAUTH_FAILED; } return 0; @@ -95,18 +97,17 @@ calculate_reply_hash(krb5_context context, krb5_keyblock *key, Kx509Response *rep) { + krb5_error_code ret; HMAC_CTX ctx; - + HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, - key->keyvalue.data, key->keyvalue.length, + HMAC_Init_ex(&ctx, key->keyvalue.data, key->keyvalue.length, EVP_sha1(), NULL); - rep->hash->length = HMAC_size(&ctx); - rep->hash->data = malloc(rep->hash->length); - if (rep->hash->data == NULL) { + ret = krb5_data_alloc(rep->hash, HMAC_size(&ctx)); + if (ret) { HMAC_CTX_cleanup(&ctx); - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } @@ -131,18 +132,17 @@ calculate_reply_hash(krb5_context context, } /* - * Build a certifate for `principal´ that will expire at `endtime´. + * Build a certifate for `principal´ that will expire at `endtime´. */ static krb5_error_code -build_certificate(krb5_context context, +build_certificate(krb5_context context, krb5_kdc_configuration *config, const krb5_data *key, time_t endtime, krb5_principal principal, krb5_data *certificate) { - hx509_context hxctx = NULL; hx509_ca_tbs tbs = NULL; hx509_env env = NULL; hx509_cert cert = NULL; @@ -154,15 +154,7 @@ build_certificate(krb5_context context, return EINVAL; } - ret = hx509_context_init(&hxctx); - if (ret) - goto out; - - ret = hx509_env_init(hxctx, &env); - if (ret) - goto out; - - ret = hx509_env_add(hxctx, env, "principal-name", + ret = hx509_env_add(context->hx509ctx, &env, "principal-name", krb5_principal_get_comp_string(context, principal, 0)); if (ret) goto out; @@ -171,14 +163,14 @@ build_certificate(krb5_context context, hx509_certs certs; hx509_query *q; - ret = hx509_certs_init(hxctx, config->kx509_ca, 0, + ret = hx509_certs_init(context->hx509ctx, config->kx509_ca, 0, NULL, &certs); if (ret) { kdc_log(context, config, 0, "Failed to load CA %s", config->kx509_ca); goto out; } - ret = hx509_query_alloc(hxctx, &q); + ret = hx509_query_alloc(context->hx509ctx, &q); if (ret) { hx509_certs_free(&certs); goto out; @@ -187,8 +179,8 @@ build_certificate(krb5_context context, hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); hx509_query_match_option(q, HX509_QUERY_OPTION_KU_KEYCERTSIGN); - ret = hx509_certs_find(hxctx, certs, q, &signer); - hx509_query_free(hxctx, q); + ret = hx509_certs_find(context->hx509ctx, certs, q, &signer); + hx509_query_free(context->hx509ctx, q); hx509_certs_free(&certs); if (ret) { kdc_log(context, config, 0, "Failed to find a CA in %s", @@ -197,7 +189,7 @@ build_certificate(krb5_context context, } } - ret = hx509_ca_tbs_init(hxctx, &tbs); + ret = hx509_ca_tbs_init(context->hx509ctx, &tbs); if (ret) goto out; @@ -210,14 +202,14 @@ build_certificate(krb5_context context, spki.subjectPublicKey.data = key->data; spki.subjectPublicKey.length = key->length * 8; - ret = der_copy_oid(oid_id_pkcs1_rsaEncryption(), + ret = der_copy_oid(&asn1_oid_id_pkcs1_rsaEncryption, &spki.algorithm.algorithm); any.data = "\x05\x00"; any.length = 2; spki.algorithm.parameters = &any; - ret = hx509_ca_tbs_set_spki(hxctx, tbs, &spki); + ret = hx509_ca_tbs_set_spki(context->hx509ctx, tbs, &spki); der_free_oid(&spki.algorithm.algorithm); if (ret) goto out; @@ -227,21 +219,21 @@ build_certificate(krb5_context context, hx509_certs certs; hx509_cert template; - ret = hx509_certs_init(hxctx, config->kx509_template, 0, + ret = hx509_certs_init(context->hx509ctx, config->kx509_template, 0, NULL, &certs); if (ret) { kdc_log(context, config, 0, "Failed to load template %s", config->kx509_template); goto out; } - ret = hx509_get_one_cert(hxctx, certs, &template); + ret = hx509_get_one_cert(context->hx509ctx, certs, &template); hx509_certs_free(&certs); if (ret) { kdc_log(context, config, 0, "Failed to find template in %s", config->kx509_template); goto out; } - ret = hx509_ca_tbs_set_template(hxctx, tbs, + ret = hx509_ca_tbs_set_template(context->hx509ctx, tbs, HX509_CA_TEMPLATE_SUBJECT| HX509_CA_TEMPLATE_KU| HX509_CA_TEMPLATE_EKU, @@ -251,24 +243,22 @@ build_certificate(krb5_context context, goto out; } - hx509_ca_tbs_set_notAfter(hxctx, tbs, endtime); + hx509_ca_tbs_set_notAfter(context->hx509ctx, tbs, endtime); - hx509_ca_tbs_subject_expand(hxctx, tbs, env); + hx509_ca_tbs_subject_expand(context->hx509ctx, tbs, env); hx509_env_free(&env); - ret = hx509_ca_sign(hxctx, tbs, signer, &cert); + ret = hx509_ca_sign(context->hx509ctx, tbs, signer, &cert); hx509_cert_free(signer); if (ret) goto out; hx509_ca_tbs_free(&tbs); - ret = hx509_cert_binary(hxctx, cert, certificate); + ret = hx509_cert_binary(context->hx509ctx, cert, certificate); hx509_cert_free(cert); if (ret) goto out; - - hx509_context_free(&hxctx); return 0; out: @@ -278,9 +268,7 @@ build_certificate(krb5_context context, hx509_ca_tbs_free(&tbs); if (signer) hx509_cert_free(signer); - if (hxctx) - hx509_context_free(&hxctx); - krb5_set_error_string(context, "cert creation failed"); + krb5_set_error_message(context, ret, "cert creation failed"); return ret; } @@ -289,9 +277,9 @@ build_certificate(krb5_context context, */ krb5_error_code -_kdc_do_kx509(krb5_context context, +_kdc_do_kx509(krb5_context context, krb5_kdc_configuration *config, - const Kx509Request *req, krb5_data *reply, + const struct Kx509Request *req, krb5_data *reply, const char *from, struct sockaddr *addr) { krb5_error_code ret; @@ -309,7 +297,7 @@ _kdc_do_kx509(krb5_context context, memset(&rep, 0, sizeof(rep)); if(!config->enable_kx509) { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "Rejected kx509 request (disabled) from %s", from); return KRB5KDC_ERR_POLICY; } @@ -322,7 +310,7 @@ _kdc_do_kx509(krb5_context context, goto out; } - ret = krb5_rd_req(context, + ret = krb5_rd_req(context, &ac, &req->authenticator, NULL, @@ -339,7 +327,7 @@ _kdc_do_kx509(krb5_context context, ret = krb5_unparse_name(context, cprincipal, &cname); if (ret) goto out; - + /* verify server principal */ ret = krb5_sname_to_principal(context, NULL, "kca_service", @@ -357,20 +345,36 @@ _kdc_do_kx509(krb5_context context, ret = krb5_principal_compare(context, sprincipal, principal); krb5_free_principal(context, principal); if (ret != TRUE) { + char *expected, *used; + + ret = krb5_unparse_name(context, sprincipal, &expected); + if (ret) + goto out; + ret = krb5_unparse_name(context, principal, &used); + if (ret) { + krb5_xfree(expected); + goto out; + } + ret = KRB5KDC_ERR_SERVER_NOMATCH; - krb5_set_error_string(context, - "User %s used wrong Kx509 service principal", - cname); + krb5_set_error_message(context, ret, + "User %s used wrong Kx509 service " + "principal, expected: %s, used %s", + cname, expected, used); + krb5_xfree(expected); + krb5_xfree(used); goto out; } } - + ret = krb5_auth_con_getkey(context, ac, &key); - if (ret || key == NULL) { - krb5_set_error_string(context, "Kx509 can't get session key"); + if (ret == 0 && key == NULL) + ret = KRB5KDC_ERR_NULL_KEY; + if (ret) { + krb5_set_error_message(context, ret, "Kx509 can't get session key"); goto out; } - + ret = verify_req_hash(context, req, key); if (ret) goto out; @@ -385,8 +389,10 @@ _kdc_do_kx509(krb5_context context, if (ret) goto out; free_RSAPublicKey(&key); - if (size != req->pk_key.length) - ; + if (size != req->pk_key.length) { + ret = ASN1_EXTRA_DATA; + goto out; + } } ALLOC(rep.certificate); @@ -398,7 +404,7 @@ _kdc_do_kx509(krb5_context context, goto out; krb5_data_zero(rep.hash); - ret = build_certificate(context, config, &req->pk_key, + ret = build_certificate(context, config, &req->pk_key, krb5_ticket_get_endtime(context, ticket), cprincipal, rep.certificate); if (ret) @@ -418,7 +424,7 @@ _kdc_do_kx509(krb5_context context, ASN1_MALLOC_ENCODE(Kx509Response, data.data, data.length, &rep, &size, ret); if (ret) { - krb5_set_error_string(context, "Failed to encode kx509 reply"); + krb5_set_error_message(context, ret, "Failed to encode kx509 reply"); goto out; } if (size != data.length) @@ -458,3 +464,5 @@ _kdc_do_kx509(krb5_context context, return 0; } + +#endif /* KX509 */ diff --git a/kdc/libkdc-exports.def b/kdc/libkdc-exports.def new file mode 100644 index 000000000000..282fbd44fb5f --- /dev/null +++ b/kdc/libkdc-exports.def @@ -0,0 +1,14 @@ +EXPORTS + kdc_log + kdc_log_msg + kdc_log_msg_va + kdc_openlog + krb5_kdc_windc_init + krb5_kdc_get_config + krb5_kdc_pkinit_config + krb5_kdc_set_dbinfo + krb5_kdc_process_krb5_request + krb5_kdc_process_request + krb5_kdc_save_request + krb5_kdc_update_time + krb5_kdc_pk_initialize diff --git a/kdc/libkdc-version.rc b/kdc/libkdc-version.rc new file mode 100644 index 000000000000..fee5004159ce --- /dev/null +++ b/kdc/libkdc-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_DLL +#define RC_FILE_DESC_0409 "Heimdal KDC Library" +#define RC_FILE_ORIG_0409 "libkdc.dll" + +#include "../windows/version.rc" diff --git a/kdc/log.c b/kdc/log.c index 8cf967fbfb8b..6d85729f514c 100644 --- a/kdc/log.c +++ b/kdc/log.c @@ -1,63 +1,67 @@ /* - * Copyright (c) 1997, 1998, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1998, 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" -RCSID("$Id: log.c 22254 2007-12-09 06:01:05Z lha $"); void -kdc_openlog(krb5_context context, +kdc_openlog(krb5_context context, + const char *service, krb5_kdc_configuration *config) { char **s = NULL, **p; krb5_initlog(context, "kdc", &config->logf); - s = krb5_config_get_strings(context, NULL, "kdc", "logging", NULL); + s = krb5_config_get_strings(context, NULL, service, "logging", NULL); if(s == NULL) - s = krb5_config_get_strings(context, NULL, "logging", "kdc", NULL); + s = krb5_config_get_strings(context, NULL, "logging", service, NULL); if(s){ for(p = s; *p; p++) krb5_addlog_dest(context, config->logf, *p); krb5_config_free_strings(s); }else { - char *s; - asprintf(&s, "0-1/FILE:%s/%s", hdb_db_dir(context), KDC_LOG_FILE); - krb5_addlog_dest(context, config->logf, s); - free(s); + char *ss; + if (asprintf(&ss, "0-1/FILE:%s/%s", hdb_db_dir(context), + KDC_LOG_FILE) < 0) + err(1, NULL); + krb5_addlog_dest(context, config->logf, ss); + free(ss); } krb5_set_warn_dest(context, config->logf); } char* -kdc_log_msg_va(krb5_context context, +kdc_log_msg_va(krb5_context context, krb5_kdc_configuration *config, int level, const char *fmt, va_list ap) { @@ -67,7 +71,7 @@ kdc_log_msg_va(krb5_context context, } char* -kdc_log_msg(krb5_context context, +kdc_log_msg(krb5_context context, krb5_kdc_configuration *config, int level, const char *fmt, ...) { @@ -80,7 +84,7 @@ kdc_log_msg(krb5_context context, } void -kdc_log(krb5_context context, +kdc_log(krb5_context context, krb5_kdc_configuration *config, int level, const char *fmt, ...) { diff --git a/kdc/main.c b/kdc/main.c index 9195b0488952..fc42e9dcdebf 100644 --- a/kdc/main.c +++ b/kdc/main.c @@ -1,34 +1,36 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" @@ -36,11 +38,15 @@ #include #endif -RCSID("$Id: main.c 20454 2007-04-19 20:21:51Z lha $"); +#ifdef HAVE_CAPNG +#include +#endif sig_atomic_t exit_flag = 0; +#ifdef SUPPORT_DETACH int detach_from_console = -1; +#endif static RETSIGTYPE sigterm(int sig) @@ -48,6 +54,54 @@ sigterm(int sig) exit_flag = sig; } +/* + * Allow dropping root bit, since heimdal reopens the database all the + * time the database needs to be owned by the user you are switched + * too. A better solution is to split the kdc in to more processes and + * run the network facing part with very low privilege. + */ + +static void +switch_environment(void) +{ +#ifdef HAVE_GETEUID + if ((runas_string || chroot_string) && geteuid() != 0) + errx(1, "no running as root, can't switch user/chroot"); + + if (chroot_string && chroot(chroot_string) != 0) + errx(1, "chroot(%s)", "chroot_string failed"); + + if (runas_string) { + struct passwd *pw; + + pw = getpwnam(runas_string); + if (pw == NULL) + errx(1, "unknown user %s", runas_string); + + if (initgroups(pw->pw_name, pw->pw_gid) < 0) + err(1, "initgroups failed"); + +#ifndef HAVE_CAPNG + if (setgid(pw->pw_gid) < 0) + err(1, "setgid(%s) failed", runas_string); + + if (setuid(pw->pw_uid) < 0) + err(1, "setuid(%s)", runas_string); +#else + capng_clear (CAPNG_EFFECTIVE | CAPNG_PERMITTED); + if (capng_updatev (CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, + CAP_NET_BIND_SERVICE, CAP_SETPCAP, -1) < 0) + err(1, "capng_updateev"); + + if (capng_change_id(pw->pw_uid, pw->pw_gid, + CAPNG_CLEAR_BOUNDING) < 0) + err(1, "capng_change_id(%s)", runas_string); +#endif + } +#endif +} + + int main(int argc, char **argv) { @@ -56,7 +110,7 @@ main(int argc, char **argv) krb5_kdc_configuration *config; setprogname(argv[0]); - + ret = krb5_init_context(&context); if (ret == KRB5_CONFIG_BADFORMAT) errx (1, "krb5_init_context failed to parse configuration file"); @@ -79,20 +133,36 @@ main(int argc, char **argv) sigaction(SIGINT, &sa, NULL); sigaction(SIGTERM, &sa, NULL); +#ifdef SIGXCPU sigaction(SIGXCPU, &sa, NULL); +#endif sa.sa_handler = SIG_IGN; +#ifdef SIGPIPE sigaction(SIGPIPE, &sa, NULL); +#endif } #else signal(SIGINT, sigterm); signal(SIGTERM, sigterm); +#ifdef SIGXCPU signal(SIGXCPU, sigterm); +#endif +#ifdef SIGPIPE signal(SIGPIPE, SIG_IGN); #endif +#endif +#ifdef SUPPORT_DETACH if (detach_from_console) daemon(0, 0); +#endif +#ifdef __APPLE__ + bonjour_announce(context, config); +#endif pidfile(NULL); + + switch_environment(); + loop(context, config); krb5_free_context(context); return 0; diff --git a/kdc/misc.c b/kdc/misc.c index 072df4404297..1b2c44000598 100644 --- a/kdc/misc.c +++ b/kdc/misc.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" -RCSID("$Id: misc.c 21106 2007-06-18 10:18:11Z lha $"); - struct timeval _kdc_now; krb5_error_code @@ -42,31 +40,66 @@ _kdc_db_fetch(krb5_context context, krb5_kdc_configuration *config, krb5_const_principal principal, unsigned flags, + krb5uint32 *kvno_ptr, HDB **db, hdb_entry_ex **h) { hdb_entry_ex *ent; - krb5_error_code ret; + krb5_error_code ret = HDB_ERR_NOENTRY; int i; + unsigned kvno = 0; + + if (kvno_ptr) { + kvno = *kvno_ptr; + flags |= HDB_F_KVNO_SPECIFIED; + } ent = calloc (1, sizeof (*ent)); if (ent == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } for(i = 0; i < config->num_db; i++) { + krb5_principal enterprise_principal = NULL; + if (!(config->db[i]->hdb_capability_flags & HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL) + && principal->name.name_type == KRB5_NT_ENTERPRISE_PRINCIPAL) { + if (principal->name.name_string.len != 1) { + ret = KRB5_PARSE_MALFORMED; + krb5_set_error_message(context, ret, + "malformed request: " + "enterprise name with %d name components", + principal->name.name_string.len); + free(ent); + return ret; + } + ret = krb5_parse_name(context, principal->name.name_string.val[0], + &enterprise_principal); + if (ret) { + free(ent); + return ret; + } + + principal = enterprise_principal; + } + ret = config->db[i]->hdb_open(context, config->db[i], O_RDONLY, 0); if (ret) { - kdc_log(context, config, 0, "Failed to open database: %s", - krb5_get_err_text(context, ret)); + const char *msg = krb5_get_error_message(context, ret); + kdc_log(context, config, 0, "Failed to open database: %s", msg); + krb5_free_error_message(context, msg); continue; } - ret = config->db[i]->hdb_fetch(context, - config->db[i], - principal, - flags | HDB_F_DECRYPT, - ent); + + ret = config->db[i]->hdb_fetch_kvno(context, + config->db[i], + principal, + flags | HDB_F_DECRYPT, + kvno, + ent); + + krb5_free_principal(context, enterprise_principal); + config->db[i]->hdb_close(context, config->db[i]); if(ret == 0) { if (db) @@ -76,8 +109,9 @@ _kdc_db_fetch(krb5_context context, } } free(ent); - krb5_set_error_string(context, "no such entry found in hdb"); - return HDB_ERR_NOENTRY; + krb5_set_error_message(context, ret, + "no such entry found in hdb"); + return ret; } void @@ -100,23 +134,41 @@ _kdc_get_preferred_key(krb5_context context, krb5_enctype *enctype, Key **key) { - const krb5_enctype *p; krb5_error_code ret; int i; - p = krb5_kerberos_enctypes(context); + if (config->use_strongest_server_key) { + const krb5_enctype *p = krb5_kerberos_enctypes(context); - for (i = 0; p[i] != ETYPE_NULL; i++) { - if (krb5_enctype_valid(context, p[i]) != 0) - continue; - ret = hdb_enctype2key(context, &h->entry, p[i], key); - if (ret == 0) { - *enctype = p[i]; + for (i = 0; p[i] != ETYPE_NULL; i++) { + if (krb5_enctype_valid(context, p[i]) != 0) + continue; + ret = hdb_enctype2key(context, &h->entry, p[i], key); + if (ret != 0) + continue; + if (enctype != NULL) + *enctype = p[i]; + return 0; + } + } else { + *key = NULL; + + for (i = 0; i < h->entry.keys.len; i++) { + if (krb5_enctype_valid(context, h->entry.keys.val[i].key.keytype) + != 0) + continue; + ret = hdb_enctype2key(context, &h->entry, + h->entry.keys.val[i].key.keytype, key); + if (ret != 0) + continue; + if (enctype != NULL) + *enctype = (*key)->key.keytype; return 0; } } - krb5_set_error_string(context, "No valid kerberos key found for %s", name); - return EINVAL; + krb5_set_error_message(context, EINVAL, + "No valid kerberos key found for %s", name); + return EINVAL; /* XXX */ } diff --git a/kdc/mit_dump.c b/kdc/mit_dump.c index dd2f5d78c8e9..f28e932b15b4 100644 --- a/kdc/mit_dump.c +++ b/kdc/mit_dump.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2000 Kungliga Tekniska Högskolan + * Copyright (c) 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -33,8 +33,6 @@ #include "hprop.h" -RCSID("$Id: mit_dump.c 21745 2007-07-31 16:11:25Z lha $"); - /* can have any number of princ stanzas. format is as follows (only \n indicates newlines) @@ -42,13 +40,13 @@ princ\t%d\t (%d is KRB5_KDB_V1_BASE_LENGTH, always 38) %d\t (strlen of principal e.g. shadow/foo@ANDREW.CMU.EDU) %d\t (number of tl_data) %d\t (number of key data, e.g. how many keys for this user) -%d\t (extra data length) +%d\t (extra data length) %s\t (principal name) %d\t (attributes) %d\t (max lifetime, seconds) %d\t (max renewable life, seconds) %d\t (expiration, seconds since epoch or 2145830400 for never) -%d\t (password expiration, seconds, 0 for never) +%d\t (password expiration, seconds, 0 for never) %d\t (last successful auth, seconds since epoch) %d\t (last failed auth, per above) %d\t (failed auth count) @@ -67,7 +65,7 @@ foreach key 0 to number of keys - 1 as above %02x (key data contents[element n]) except if key_data length is 0 %d (always -1) - \t + \t foreach extra data length 0 to length - 1 %02x (extra data part) unless no extra data @@ -79,7 +77,7 @@ unless no extra data static int hex_to_octet_string(const char *ptr, krb5_data *data) { - int i; + size_t i; unsigned int v; for(i = 0; i < data->length; i++) { if(sscanf(ptr + 2 * i, "%02x", &v) != 1) @@ -137,7 +135,7 @@ attr_to_flags(unsigned attr, HDBFlags *flags) /* DUP_SKEY */ flags->invalid = !!(attr & KRB5_KDB_DISALLOW_ALL_TIX); flags->require_preauth = !!(attr & KRB5_KDB_REQUIRES_PRE_AUTH); - /* HW_AUTH */ + flags->require_hwauth = !!(attr & KRB5_KDB_REQUIRES_HW_AUTH); flags->server = !(attr & KRB5_KDB_DISALLOW_SVR); flags->change_pw = !!(attr & KRB5_KDB_PWCHANGE_SERVICE); flags->client = 1; /* XXX */ @@ -167,9 +165,9 @@ fix_salt(krb5_context context, hdb_entry *ent, int key_num) case KRB5_KDB_SALTTYPE_NOREALM: { size_t len; - int i; + size_t i; char *p; - + len = 0; for (i = 0; i < ent->principal->name.name_string.len; ++i) len += strlen(ent->principal->name.name_string.val[i]); @@ -189,8 +187,8 @@ fix_salt(krb5_context context, hdb_entry *ent, int key_num) } case KRB5_KDB_SALTTYPE_ONLYREALM: krb5_data_free(&salt->salt); - ret = krb5_data_copy(&salt->salt, - ent->principal->realm, + ret = krb5_data_copy(&salt->salt, + ent->principal->realm, strlen(ent->principal->realm)); if(ret) return ret; @@ -201,8 +199,8 @@ fix_salt(krb5_context context, hdb_entry *ent, int key_num) break; case KRB5_KDB_SALTTYPE_AFS3: krb5_data_free(&salt->salt); - ret = krb5_data_copy(&salt->salt, - ent->principal->realm, + ret = krb5_data_copy(&salt->salt, + ent->principal->realm, strlen(ent->principal->realm)); if(ret) return ret; @@ -228,7 +226,7 @@ mit_prop_dump(void *arg, const char *file) f = fopen(file, "r"); if(f == NULL) return errno; - + while(fgets(line, sizeof(line), f)) { char *p = line, *q; @@ -236,7 +234,7 @@ mit_prop_dump(void *arg, const char *file) int num_tl_data; int num_key_data; - int extra_data_length; + int high_kvno; int attributes; int tmp; @@ -257,8 +255,11 @@ mit_prop_dump(void *arg, const char *file) q = nexttoken(&p); /* x.0 */ if(sscanf(q, "%d", &major) != 1) errx(1, "line %d: unknown version", lineno); - if(major != 4) - errx(1, "unknown dump file format, got %d, expected 4", major); + if(major != 4 && major != 5 && major != 6) + errx(1, "unknown dump file format, got %d, expected 4-6", + major); + continue; + } else if(strcmp(q, "policy") == 0) { continue; } else if(strcmp(q, "princ") != 0) { warnx("line %d: not a principal", lineno); @@ -269,10 +270,10 @@ mit_prop_dump(void *arg, const char *file) warnx("line %d: bad base length %d != 38", lineno, tmp); continue; } - q = nexttoken(&p); /* length of principal */ + nexttoken(&p); /* length of principal */ num_tl_data = getint(&p); /* number of tl-data */ num_key_data = getint(&p); /* number of key-data */ - extra_data_length = getint(&p); /* length of extra data */ + getint(&p); /* length of extra data */ q = nexttoken(&p); /* principal name */ krb5_parse_name(pd->context, q, &ent.entry.principal); attributes = getint(&p); /* attributes */ @@ -297,9 +298,9 @@ mit_prop_dump(void *arg, const char *file) ALLOC(ent.entry.pw_end); *ent.entry.pw_end = tmp; } - q = nexttoken(&p); /* last auth */ - q = nexttoken(&p); /* last failed auth */ - q = nexttoken(&p); /* fail auth count */ + nexttoken(&p); /* last auth */ + nexttoken(&p); /* last failed auth */ + nexttoken(&p); /* fail auth count */ for(i = 0; i < num_tl_data; i++) { unsigned long val; int tl_type, tl_length; @@ -312,6 +313,20 @@ mit_prop_dump(void *arg, const char *file) #define mit_KRB5_TL_LAST_PWD_CHANGE 1 #define mit_KRB5_TL_MOD_PRINC 2 switch(tl_type) { + case mit_KRB5_TL_LAST_PWD_CHANGE: + buf = malloc(tl_length); + if (buf == NULL) + errx(ENOMEM, "malloc"); + getdata(&p, buf, tl_length); /* data itself */ + val = buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); + free(buf); + ALLOC(ent.entry.extensions); + ALLOC_SEQ(ent.entry.extensions, 1); + ent.entry.extensions->val[0].mandatory = 0; + ent.entry.extensions->val[0].data.element + = choice_HDB_extension_data_last_pw_change; + ent.entry.extensions->val[0].data.u.last_pw_change = val; + break; case mit_KRB5_TL_MOD_PRINC: buf = malloc(tl_length); if (buf == NULL) @@ -319,6 +334,9 @@ mit_prop_dump(void *arg, const char *file) getdata(&p, buf, tl_length); /* data itself */ val = buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); ret = krb5_parse_name(pd->context, (char *)buf + 4, &princ); + if (ret) + krb5_err(pd->context, 1, ret, + "parse_name: %s", (char *)buf + 4); free(buf); ALLOC(ent.entry.modified_by); ent.entry.modified_by->time = val; @@ -330,14 +348,40 @@ mit_prop_dump(void *arg, const char *file) } } ALLOC_SEQ(&ent.entry.keys, num_key_data); + high_kvno = -1; for(i = 0; i < num_key_data; i++) { int key_versions; + int kvno; key_versions = getint(&p); /* key data version */ - ent.entry.kvno = getint(&p); /* XXX kvno */ - + kvno = getint(&p); + + /* + * An MIT dump file may contain multiple sets of keys with + * different kvnos. Since the Heimdal database can only represent + * one kvno per principal, we only want the highest set. Assume + * that set will be given first, and discard all keys with lower + * kvnos. + */ + if (kvno > high_kvno && high_kvno != -1) + errx(1, "line %d: high kvno keys given after low kvno keys", + lineno); + else if (kvno < high_kvno) { + nexttoken(&p); /* key type */ + nexttoken(&p); /* key length */ + nexttoken(&p); /* key */ + if (key_versions > 1) { + nexttoken(&p); /* salt type */ + nexttoken(&p); /* salt length */ + nexttoken(&p); /* salt */ + } + ent.entry.keys.len--; + continue; + } + ent.entry.kvno = kvno; + high_kvno = kvno; ALLOC(ent.entry.keys.val[i].mkvno); - *ent.entry.keys.val[i].mkvno = 0; - + *ent.entry.keys.val[i].mkvno = 1; + /* key version 0 -- actual key */ ent.entry.keys.val[i].key.keytype = getint(&p); /* key type */ tmp = getint(&p); /* key length */ @@ -360,12 +404,12 @@ mit_prop_dump(void *arg, const char *file) } else { ent.entry.keys.val[i].salt->salt.length = 0; ent.entry.keys.val[i].salt->salt.data = NULL; - tmp = getint(&p); /* -1, if no data. */ + getint(&p); /* -1, if no data. */ } fix_salt(pd->context, &ent.entry, i); } } - q = nexttoken(&p); /* extra data */ + nexttoken(&p); /* extra data */ v5_prop(pd->context, NULL, &ent, arg); } fclose(f); diff --git a/kdc/pkinit.c b/kdc/pkinit.c index bf248af588fc..d85b15650073 100644 --- a/kdc/pkinit.c +++ b/kdc/pkinit.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" -RCSID("$Id: pkinit.c 22243 2007-12-08 23:39:30Z lha $"); - #ifdef PKINIT #include @@ -45,31 +45,28 @@ RCSID("$Id: pkinit.c 22243 2007-12-08 23:39:30Z lha $"); #include #include "crypto-headers.h" -/* XXX copied from lib/krb5/pkinit.c */ -struct krb5_pk_identity { - hx509_context hx509ctx; - hx509_verify_ctx verify_ctx; - hx509_certs certs; - hx509_certs anchors; - hx509_certs certpool; - hx509_revoke_ctx revoke; -}; - -enum pkinit_type { - PKINIT_COMPAT_WIN2K = 1, - PKINIT_COMPAT_27 = 3 -}; - struct pk_client_params { - enum pkinit_type type; - BIGNUM *dh_public_key; + enum krb5_pk_type type; + enum { USE_RSA, USE_DH, USE_ECDH } keyex; + union { + struct { + BIGNUM *public_key; + DH *key; + } dh; +#ifdef HAVE_OPENSSL + struct { + EC_KEY *public_key; + EC_KEY *key; + } ecdh; +#endif + } u; hx509_cert cert; unsigned nonce; - DH *dh; EncryptionKey reply_key; char *dh_group_name; hx509_peer_info peer; hx509_certs client_anchors; + hx509_verify_ctx verify_ctx; }; struct pk_principal_mapping { @@ -105,7 +102,7 @@ pk_check_pkauthenticator_win2k(krb5_context context, /* XXX cusec */ if (a->ctime == 0 || abs(a->ctime - now) > context->max_skew) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return KRB5KRB_AP_ERR_SKEW; } return 0; @@ -119,7 +116,7 @@ pk_check_pkauthenticator(krb5_context context, u_char *buf = NULL; size_t buf_size; krb5_error_code ret; - size_t len; + size_t len = 0; krb5_timestamp now; Checksum checksum; @@ -127,13 +124,13 @@ pk_check_pkauthenticator(krb5_context context, /* XXX cusec */ if (a->ctime == 0 || abs(a->ctime - now) > context->max_skew) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return KRB5KRB_AP_ERR_SKEW; } ASN1_MALLOC_ENCODE(KDC_REQ_BODY, buf, buf_size, &req->req_body, &len, ret); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } if (buf_size != len) @@ -148,18 +145,18 @@ pk_check_pkauthenticator(krb5_context context, &checksum); free(buf); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } - + if (a->paChecksum == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = KRB5_KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED; goto out; } if (der_heim_octet_string_cmp(a->paChecksum, &checksum.checksum) != 0) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = KRB5KRB_ERR_GENERIC; } @@ -170,29 +167,43 @@ pk_check_pkauthenticator(krb5_context context, } void -_kdc_pk_free_client_param(krb5_context context, - pk_client_params *client_params) +_kdc_pk_free_client_param(krb5_context context, pk_client_params *cp) { - if (client_params->cert) - hx509_cert_free(client_params->cert); - if (client_params->dh) - DH_free(client_params->dh); - if (client_params->dh_public_key) - BN_free(client_params->dh_public_key); - krb5_free_keyblock_contents(context, &client_params->reply_key); - if (client_params->dh_group_name) - free(client_params->dh_group_name); - if (client_params->peer) - hx509_peer_info_free(client_params->peer); - if (client_params->client_anchors) - hx509_certs_free(&client_params->client_anchors); - memset(client_params, 0, sizeof(*client_params)); - free(client_params); + if (cp == NULL) + return; + if (cp->cert) + hx509_cert_free(cp->cert); + if (cp->verify_ctx) + hx509_verify_destroy_ctx(cp->verify_ctx); + if (cp->keyex == USE_DH) { + if (cp->u.dh.key) + DH_free(cp->u.dh.key); + if (cp->u.dh.public_key) + BN_free(cp->u.dh.public_key); + } +#ifdef HAVE_OPENSSL + if (cp->keyex == USE_ECDH) { + if (cp->u.ecdh.key) + EC_KEY_free(cp->u.ecdh.key); + if (cp->u.ecdh.public_key) + EC_KEY_free(cp->u.ecdh.public_key); + } +#endif + krb5_free_keyblock_contents(context, &cp->reply_key); + if (cp->dh_group_name) + free(cp->dh_group_name); + if (cp->peer) + hx509_peer_info_free(cp->peer); + if (cp->client_anchors) + hx509_certs_free(&cp->client_anchors); + memset(cp, 0, sizeof(*cp)); + free(cp); } static krb5_error_code -generate_dh_keyblock(krb5_context context, pk_client_params *client_params, - krb5_enctype enctype, krb5_keyblock *reply_key) +generate_dh_keyblock(krb5_context context, + pk_client_params *client_params, + krb5_enctype enctype) { unsigned char *dh_gen_key = NULL; krb5_keyblock key; @@ -201,36 +212,84 @@ generate_dh_keyblock(krb5_context context, pk_client_params *client_params, memset(&key, 0, sizeof(key)); - if (!DH_generate_key(client_params->dh)) { - krb5_set_error_string(context, "Can't generate Diffie-Hellman keys"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - if (client_params->dh_public_key == NULL) { - krb5_set_error_string(context, "dh_public_key"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } + if (client_params->keyex == USE_DH) { - dh_gen_keylen = DH_size(client_params->dh); - size = BN_num_bytes(client_params->dh->p); - if (size < dh_gen_keylen) - size = dh_gen_keylen; + if (client_params->u.dh.public_key == NULL) { + ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, "public_key"); + goto out; + } - dh_gen_key = malloc(size); - if (dh_gen_key == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - memset(dh_gen_key, 0, size - dh_gen_keylen); + if (!DH_generate_key(client_params->u.dh.key)) { + ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, + "Can't generate Diffie-Hellman keys"); + goto out; + } - dh_gen_keylen = DH_compute_key(dh_gen_key + (size - dh_gen_keylen), - client_params->dh_public_key, - client_params->dh); - if (dh_gen_keylen == -1) { - krb5_set_error_string(context, "Can't compute Diffie-Hellman key"); + size = DH_size(client_params->u.dh.key); + + dh_gen_key = malloc(size); + if (dh_gen_key == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); + goto out; + } + + dh_gen_keylen = DH_compute_key(dh_gen_key,client_params->u.dh.public_key, client_params->u.dh.key); + if (dh_gen_keylen == (size_t)-1) { + ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, + "Can't compute Diffie-Hellman key"); + goto out; + } + if (dh_gen_keylen < size) { + size -= dh_gen_keylen; + memmove(dh_gen_key + size, dh_gen_key, dh_gen_keylen); + memset(dh_gen_key, 0, size); + } + + ret = 0; +#ifdef HAVE_OPENSSL + } else if (client_params->keyex == USE_ECDH) { + + if (client_params->u.ecdh.public_key == NULL) { + ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, "public_key"); + goto out; + } + + client_params->u.ecdh.key = EC_KEY_new(); + if (client_params->u.ecdh.key == NULL) { + ret = ENOMEM; + goto out; + } + EC_KEY_set_group(client_params->u.ecdh.key, + EC_KEY_get0_group(client_params->u.ecdh.public_key)); + + if (EC_KEY_generate_key(client_params->u.ecdh.key) != 1) { + ret = ENOMEM; + goto out; + } + + size = (EC_GROUP_get_degree(EC_KEY_get0_group(client_params->u.ecdh.key)) + 7) / 8; + dh_gen_key = malloc(size); + if (dh_gen_key == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); + goto out; + } + + dh_gen_keylen = ECDH_compute_key(dh_gen_key, size, + EC_KEY_get0_public_key(client_params->u.ecdh.public_key), + client_params->u.ecdh.key, NULL); + +#endif /* HAVE_OPENSSL */ + } else { ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, + "Diffie-Hellman not selected keys"); goto out; } @@ -238,7 +297,7 @@ generate_dh_keyblock(krb5_context context, pk_client_params *client_params, enctype, dh_gen_key, dh_gen_keylen, NULL, NULL, - reply_key); + &client_params->reply_key); out: if (dh_gen_key) @@ -256,7 +315,8 @@ integer_to_BN(krb5_context context, const char *field, heim_integer *f) bn = BN_bin2bn((const unsigned char *)f->data, f->length, NULL); if (bn == NULL) { - krb5_set_error_string(context, "PKINIT: parsing BN failed %s", field); + krb5_set_error_message(context, KRB5_BADMSGTYPE, + "PKINIT: parsing BN failed %s", field); return NULL; } BN_set_negative(bn, f->negative); @@ -275,14 +335,17 @@ get_dh_param(krb5_context context, memset(&dhparam, 0, sizeof(dhparam)); - if (der_heim_oid_cmp(&dh_key_info->algorithm.algorithm, oid_id_dhpublicnumber())) { - krb5_set_error_string(context, - "PKINIT invalid oid in clientPublicValue"); - return KRB5_BADMSGTYPE; + if ((dh_key_info->subjectPublicKey.length % 8) != 0) { + ret = KRB5_BADMSGTYPE; + krb5_set_error_message(context, ret, + "PKINIT: subjectPublicKey not aligned " + "to 8 bit boundary"); + goto out; } if (dh_key_info->algorithm.parameters == NULL) { - krb5_set_error_string(context, "PKINIT missing algorithm parameter " + krb5_set_error_message(context, KRB5_BADMSGTYPE, + "PKINIT missing algorithm parameter " "in clientPublicValue"); return KRB5_BADMSGTYPE; } @@ -292,20 +355,12 @@ get_dh_param(krb5_context context, &dhparam, NULL); if (ret) { - krb5_set_error_string(context, "Can't decode algorithm " - "parameters in clientPublicValue"); + krb5_set_error_message(context, ret, "Can't decode algorithm " + "parameters in clientPublicValue"); goto out; } - if ((dh_key_info->subjectPublicKey.length % 8) != 0) { - ret = KRB5_BADMSGTYPE; - krb5_set_error_string(context, "PKINIT: subjectPublicKey not aligned " - "to 8 bit boundary"); - goto out; - } - - - ret = _krb5_dh_group_ok(context, config->pkinit_dh_min_bits, + ret = _krb5_dh_group_ok(context, config->pkinit_dh_min_bits, &dhparam.p, &dhparam.g, &dhparam.q, moduli, &client_params->dh_group_name); if (ret) { @@ -315,8 +370,8 @@ get_dh_param(krb5_context context, dh = DH_new(); if (dh == NULL) { - krb5_set_error_string(context, "Cannot create DH structure"); ret = ENOMEM; + krb5_set_error_message(context, ret, "Cannot create DH structure"); goto out; } ret = KRB5_BADMSGTYPE; @@ -339,22 +394,24 @@ get_dh_param(krb5_context context, &glue, &size); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } - client_params->dh_public_key = integer_to_BN(context, - "subjectPublicKey", - &glue); + client_params->u.dh.public_key = integer_to_BN(context, + "subjectPublicKey", + &glue); der_free_heim_integer(&glue); - if (client_params->dh_public_key == NULL) + if (client_params->u.dh.public_key == NULL) { + ret = KRB5_BADMSGTYPE; goto out; + } } - client_params->dh = dh; + client_params->u.dh.key = dh; dh = NULL; ret = 0; - + out: if (dh) DH_free(dh); @@ -362,60 +419,182 @@ get_dh_param(krb5_context context, return ret; } +#ifdef HAVE_OPENSSL + +static krb5_error_code +get_ecdh_param(krb5_context context, + krb5_kdc_configuration *config, + SubjectPublicKeyInfo *dh_key_info, + pk_client_params *client_params) +{ + ECParameters ecp; + EC_KEY *public = NULL; + krb5_error_code ret; + const unsigned char *p; + size_t len; + int nid; + + if (dh_key_info->algorithm.parameters == NULL) { + krb5_set_error_message(context, KRB5_BADMSGTYPE, + "PKINIT missing algorithm parameter " + "in clientPublicValue"); + return KRB5_BADMSGTYPE; + } + + memset(&ecp, 0, sizeof(ecp)); + + ret = decode_ECParameters(dh_key_info->algorithm.parameters->data, + dh_key_info->algorithm.parameters->length, &ecp, &len); + if (ret) + goto out; + + if (ecp.element != choice_ECParameters_namedCurve) { + ret = KRB5_BADMSGTYPE; + goto out; + } + + if (der_heim_oid_cmp(&ecp.u.namedCurve, &asn1_oid_id_ec_group_secp256r1) == 0) + nid = NID_X9_62_prime256v1; + else { + ret = KRB5_BADMSGTYPE; + goto out; + } + + /* XXX verify group is ok */ + + public = EC_KEY_new_by_curve_name(nid); + + p = dh_key_info->subjectPublicKey.data; + len = dh_key_info->subjectPublicKey.length / 8; + if (o2i_ECPublicKey(&public, &p, len) == NULL) { + ret = KRB5_BADMSGTYPE; + krb5_set_error_message(context, ret, + "PKINIT failed to decode ECDH key"); + goto out; + } + client_params->u.ecdh.public_key = public; + public = NULL; + + out: + if (public) + EC_KEY_free(public); + free_ECParameters(&ecp); + return ret; +} + +#endif /* HAVE_OPENSSL */ + krb5_error_code _kdc_pk_rd_padata(krb5_context context, krb5_kdc_configuration *config, const KDC_REQ *req, const PA_DATA *pa, + hdb_entry_ex *client, pk_client_params **ret_params) { - pk_client_params *client_params; + pk_client_params *cp; krb5_error_code ret; heim_oid eContentType = { 0, NULL }, contentInfoOid = { 0, NULL }; krb5_data eContent = { 0, NULL }; krb5_data signed_content = { 0, NULL }; const char *type = "unknown type"; + hx509_certs trust_anchors; int have_data = 0; + const HDB_Ext_PKINIT_cert *pc; *ret_params = NULL; - + if (!config->enable_pkinit) { kdc_log(context, config, 0, "PK-INIT request but PK-INIT not enabled"); - krb5_clear_error_string(context); + krb5_clear_error_message(context); return 0; } - hx509_verify_set_time(kdc_identity->verify_ctx, _kdc_now.tv_sec); - - client_params = calloc(1, sizeof(*client_params)); - if (client_params == NULL) { - krb5_clear_error_string(context); + cp = calloc(1, sizeof(*cp)); + if (cp == NULL) { + krb5_clear_error_message(context); ret = ENOMEM; goto out; } + ret = hx509_certs_init(context->hx509ctx, + "MEMORY:trust-anchors", + 0, NULL, &trust_anchors); + if (ret) { + krb5_set_error_message(context, ret, "failed to create trust anchors"); + goto out; + } + + ret = hx509_certs_merge(context->hx509ctx, trust_anchors, + kdc_identity->anchors); + if (ret) { + hx509_certs_free(&trust_anchors); + krb5_set_error_message(context, ret, "failed to create verify context"); + goto out; + } + + /* Add any registered certificates for this client as trust anchors */ + ret = hdb_entry_get_pkinit_cert(&client->entry, &pc); + if (ret == 0 && pc != NULL) { + hx509_cert cert; + unsigned int i; + + for (i = 0; i < pc->len; i++) { + ret = hx509_cert_init_data(context->hx509ctx, + pc->val[i].cert.data, + pc->val[i].cert.length, + &cert); + if (ret) + continue; + hx509_certs_add(context->hx509ctx, trust_anchors, cert); + hx509_cert_free(cert); + } + } + + ret = hx509_verify_init_ctx(context->hx509ctx, &cp->verify_ctx); + if (ret) { + hx509_certs_free(&trust_anchors); + krb5_set_error_message(context, ret, "failed to create verify context"); + goto out; + } + + hx509_verify_set_time(cp->verify_ctx, kdc_time); + hx509_verify_attach_anchors(cp->verify_ctx, trust_anchors); + hx509_certs_free(&trust_anchors); + + if (config->pkinit_allow_proxy_certs) + hx509_verify_set_proxy_certificate(cp->verify_ctx, 1); + if (pa->padata_type == KRB5_PADATA_PK_AS_REQ_WIN) { PA_PK_AS_REQ_Win2k r; type = "PK-INIT-Win2k"; + if (req->req_body.kdc_options.request_anonymous) { + ret = KRB5_KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED; + krb5_set_error_message(context, ret, + "Anon not supported in RSA mode"); + goto out; + } + ret = decode_PA_PK_AS_REQ_Win2k(pa->padata_value.data, pa->padata_value.length, &r, NULL); if (ret) { - krb5_set_error_string(context, "Can't decode " - "PK-AS-REQ-Win2k: %d", ret); + krb5_set_error_message(context, ret, "Can't decode " + "PK-AS-REQ-Win2k: %d", ret); goto out; } - + ret = hx509_cms_unwrap_ContentInfo(&r.signed_auth_pack, &contentInfoOid, &signed_content, &have_data); free_PA_PK_AS_REQ_Win2k(&r); if (ret) { - krb5_set_error_string(context, "Can't decode PK-AS-REQ: %d", ret); + krb5_set_error_message(context, ret, + "Can't unwrap ContentInfo(win): %d", ret); goto out; } @@ -429,25 +608,35 @@ _kdc_pk_rd_padata(krb5_context context, &r, NULL); if (ret) { - krb5_set_error_string(context, "Can't decode PK-AS-REQ: %d", ret); + krb5_set_error_message(context, ret, + "Can't decode PK-AS-REQ: %d", ret); goto out; } - + /* XXX look at r.kdcPkId */ if (r.trustedCertifiers) { ExternalPrincipalIdentifiers *edi = r.trustedCertifiers; - unsigned int i; + unsigned int i, maxedi; - ret = hx509_certs_init(kdc_identity->hx509ctx, + ret = hx509_certs_init(context->hx509ctx, "MEMORY:client-anchors", 0, NULL, - &client_params->client_anchors); + &cp->client_anchors); if (ret) { - krb5_set_error_string(context, "Can't allocate client anchors: %d", ret); + krb5_set_error_message(context, ret, + "Can't allocate client anchors: %d", + ret); goto out; } - for (i = 0; i < edi->len; i++) { + /* + * If the client sent more then 10 EDI, don't bother + * looking more then 10 of performance reasons. + */ + maxedi = edi->len; + if (maxedi > 10) + maxedi = 10; + for (i = 0; i < maxedi; i++) { IssuerAndSerialNumber iasn; hx509_query *q; hx509_cert cert; @@ -456,35 +645,37 @@ _kdc_pk_rd_padata(krb5_context context, if (edi->val[i].issuerAndSerialNumber == NULL) continue; - ret = hx509_query_alloc(kdc_identity->hx509ctx, &q); + ret = hx509_query_alloc(context->hx509ctx, &q); if (ret) { - krb5_set_error_string(context, + krb5_set_error_message(context, ret, "Failed to allocate hx509_query"); goto out; } - + ret = decode_IssuerAndSerialNumber(edi->val[i].issuerAndSerialNumber->data, edi->val[i].issuerAndSerialNumber->length, &iasn, &size); if (ret) { - hx509_query_free(kdc_identity->hx509ctx, q); + hx509_query_free(context->hx509ctx, q); continue; } ret = hx509_query_match_issuer_serial(q, &iasn.issuer, &iasn.serialNumber); free_IssuerAndSerialNumber(&iasn); - if (ret) + if (ret) { + hx509_query_free(context->hx509ctx, q); continue; + } - ret = hx509_certs_find(kdc_identity->hx509ctx, + ret = hx509_certs_find(context->hx509ctx, kdc_identity->certs, q, &cert); - hx509_query_free(kdc_identity->hx509ctx, q); + hx509_query_free(context->hx509ctx, q); if (ret) continue; - hx509_certs_add(kdc_identity->hx509ctx, - client_params->client_anchors, cert); + hx509_certs_add(context->hx509ctx, + cp->client_anchors, cert); hx509_cert_free(cert); } } @@ -495,36 +686,42 @@ _kdc_pk_rd_padata(krb5_context context, &have_data); free_PA_PK_AS_REQ(&r); if (ret) { - krb5_set_error_string(context, "Can't unwrap ContentInfo: %d", ret); + krb5_set_error_message(context, ret, + "Can't unwrap ContentInfo: %d", ret); goto out; } - } else { - krb5_clear_error_string(context); + } else { + krb5_clear_error_message(context); ret = KRB5KDC_ERR_PADATA_TYPE_NOSUPP; goto out; } - ret = der_heim_oid_cmp(&contentInfoOid, oid_id_pkcs7_signedData()); + ret = der_heim_oid_cmp(&contentInfoOid, &asn1_oid_id_pkcs7_signedData); if (ret != 0) { - krb5_set_error_string(context, "PK-AS-REQ-Win2k invalid content " - "type oid"); ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, + "PK-AS-REQ-Win2k invalid content type oid"); goto out; } - + if (!have_data) { - krb5_set_error_string(context, - "PK-AS-REQ-Win2k no signed auth pack"); ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, + "PK-AS-REQ-Win2k no signed auth pack"); goto out; } { hx509_certs signer_certs; + int flags = HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH; /* BTMM */ - ret = hx509_cms_verify_signed(kdc_identity->hx509ctx, - kdc_identity->verify_ctx, + if (req->req_body.kdc_options.request_anonymous) + flags |= HX509_CMS_VS_ALLOW_ZERO_SIGNER; + + ret = hx509_cms_verify_signed(context->hx509ctx, + cp->verify_ctx, + flags, signed_content.data, signed_content.length, NULL, @@ -533,26 +730,28 @@ _kdc_pk_rd_padata(krb5_context context, &eContent, &signer_certs); if (ret) { - char *s = hx509_get_error_string(kdc_identity->hx509ctx, ret); + char *s = hx509_get_error_string(context->hx509ctx, ret); krb5_warnx(context, "PKINIT: failed to verify signature: %s: %d", s, ret); free(s); goto out; } - ret = hx509_get_one_cert(kdc_identity->hx509ctx, signer_certs, - &client_params->cert); - hx509_certs_free(&signer_certs); + if (signer_certs) { + ret = hx509_get_one_cert(context->hx509ctx, signer_certs, + &cp->cert); + hx509_certs_free(&signer_certs); + } if (ret) goto out; } /* Signature is correct, now verify the signed message */ - if (der_heim_oid_cmp(&eContentType, oid_id_pkcs7_data()) != 0 && - der_heim_oid_cmp(&eContentType, oid_id_pkauthdata()) != 0) + if (der_heim_oid_cmp(&eContentType, &asn1_oid_id_pkcs7_data) != 0 && + der_heim_oid_cmp(&eContentType, &asn1_oid_id_pkauthdata) != 0) { - krb5_set_error_string(context, "got wrong oid for pkauthdata"); ret = KRB5_BADMSGTYPE; + krb5_set_error_message(context, ret, "got wrong oid for pkauthdata"); goto out; } @@ -564,11 +763,12 @@ _kdc_pk_rd_padata(krb5_context context, &ap, NULL); if (ret) { - krb5_set_error_string(context, "can't decode AuthPack: %d", ret); + krb5_set_error_message(context, ret, + "Can't decode AuthPack: %d", ret); goto out; } - - ret = pk_check_pkauthenticator_win2k(context, + + ret = pk_check_pkauthenticator_win2k(context, &ap.pkAuthenticator, req); if (ret) { @@ -576,12 +776,13 @@ _kdc_pk_rd_padata(krb5_context context, goto out; } - client_params->type = PKINIT_COMPAT_WIN2K; - client_params->nonce = ap.pkAuthenticator.nonce; + cp->type = PKINIT_WIN2K; + cp->nonce = ap.pkAuthenticator.nonce; if (ap.clientPublicValue) { - krb5_set_error_string(context, "DH not supported for windows"); ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, + "DH not supported for windows"); goto out; } free_AuthPack_Win2k(&ap); @@ -594,12 +795,22 @@ _kdc_pk_rd_padata(krb5_context context, &ap, NULL); if (ret) { - krb5_set_error_string(context, "can't decode AuthPack: %d", ret); + krb5_set_error_message(context, ret, + "Can't decode AuthPack: %d", ret); free_AuthPack(&ap); goto out; } - - ret = pk_check_pkauthenticator(context, + + if (req->req_body.kdc_options.request_anonymous && + ap.clientPublicValue == NULL) { + free_AuthPack(&ap); + ret = KRB5_KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED; + krb5_set_error_message(context, ret, + "Anon not supported in RSA mode"); + goto out; + } + + ret = pk_check_pkauthenticator(context, &ap.pkAuthenticator, req); if (ret) { @@ -607,33 +818,55 @@ _kdc_pk_rd_padata(krb5_context context, goto out; } - client_params->type = PKINIT_COMPAT_27; - client_params->nonce = ap.pkAuthenticator.nonce; + cp->type = PKINIT_27; + cp->nonce = ap.pkAuthenticator.nonce; if (ap.clientPublicValue) { - ret = get_dh_param(context, config, - ap.clientPublicValue, client_params); + if (der_heim_oid_cmp(&ap.clientPublicValue->algorithm.algorithm, &asn1_oid_id_dhpublicnumber) == 0) { + cp->keyex = USE_DH; + ret = get_dh_param(context, config, + ap.clientPublicValue, cp); +#ifdef HAVE_OPENSSL + } else if (der_heim_oid_cmp(&ap.clientPublicValue->algorithm.algorithm, &asn1_oid_id_ecPublicKey) == 0) { + cp->keyex = USE_ECDH; + ret = get_ecdh_param(context, config, + ap.clientPublicValue, cp); +#endif /* HAVE_OPENSSL */ + } else { + ret = KRB5_BADMSGTYPE; + krb5_set_error_message(context, ret, "PKINIT unknown DH mechanism"); + } if (ret) { free_AuthPack(&ap); goto out; } + } else + cp->keyex = USE_RSA; + + ret = hx509_peer_info_alloc(context->hx509ctx, + &cp->peer); + if (ret) { + free_AuthPack(&ap); + goto out; } if (ap.supportedCMSTypes) { - ret = hx509_peer_info_alloc(kdc_identity->hx509ctx, - &client_params->peer); - if (ret) { - free_AuthPack(&ap); - goto out; - } - ret = hx509_peer_info_set_cms_algs(kdc_identity->hx509ctx, - client_params->peer, + ret = hx509_peer_info_set_cms_algs(context->hx509ctx, + cp->peer, ap.supportedCMSTypes->val, ap.supportedCMSTypes->len); if (ret) { free_AuthPack(&ap); goto out; } + } else { + /* assume old client */ + hx509_peer_info_add_cms_alg(context->hx509ctx, cp->peer, + hx509_crypto_des_rsdi_ede3_cbc()); + hx509_peer_info_add_cms_alg(context->hx509ctx, cp->peer, + hx509_signature_rsa_with_sha1()); + hx509_peer_info_add_cms_alg(context->hx509ctx, cp->peer, + hx509_signature_sha1()); } free_AuthPack(&ap); } else @@ -650,10 +883,10 @@ _kdc_pk_rd_padata(krb5_context context, krb5_data_free(&eContent); der_free_oid(&eContentType); der_free_oid(&contentInfoOid); - if (ret) - _kdc_pk_free_client_param(context, client_params); - else - *ret_params = client_params; + if (ret) { + _kdc_pk_free_client_param(context, cp); + } else + *ret_params = cp; return ret; } @@ -667,7 +900,7 @@ BN_to_integer(krb5_context context, BIGNUM *bn, heim_integer *integer) integer->length = BN_num_bytes(bn); integer->data = malloc(integer->length); if (integer->data == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ENOMEM; } BN_bn2bin(bn, integer->data); @@ -678,58 +911,63 @@ BN_to_integer(krb5_context context, BIGNUM *bn, heim_integer *integer) static krb5_error_code pk_mk_pa_reply_enckey(krb5_context context, krb5_kdc_configuration *config, - pk_client_params *client_params, + pk_client_params *cp, const KDC_REQ *req, const krb5_data *req_buffer, krb5_keyblock *reply_key, - ContentInfo *content_info) + ContentInfo *content_info, + hx509_cert *kdc_cert) { - const heim_oid *envelopedAlg = NULL, *sdAlg = NULL; + const heim_oid *envelopedAlg = NULL, *sdAlg = NULL, *evAlg = NULL; krb5_error_code ret; krb5_data buf, signed_data; - size_t size; + size_t size = 0; int do_win2k = 0; krb5_data_zero(&buf); krb5_data_zero(&signed_data); + *kdc_cert = NULL; + /* * If the message client is a win2k-type but it send pa data * 09-binding it expects a IETF (checksum) reply so there can be * no replay attacks. */ - switch (client_params->type) { - case PKINIT_COMPAT_WIN2K: { + switch (cp->type) { + case PKINIT_WIN2K: { int i = 0; if (_kdc_find_padata(req, &i, KRB5_PADATA_PK_AS_09_BINDING) == NULL && config->pkinit_require_binding == 0) { do_win2k = 1; } + sdAlg = &asn1_oid_id_pkcs7_data; + evAlg = &asn1_oid_id_pkcs7_data; + envelopedAlg = &asn1_oid_id_rsadsi_des_ede3_cbc; break; } - case PKINIT_COMPAT_27: + case PKINIT_27: + sdAlg = &asn1_oid_id_pkrkeydata; + evAlg = &asn1_oid_id_pkcs7_signedData; break; default: krb5_abortx(context, "internal pkinit error"); - } + } if (do_win2k) { ReplyKeyPack_Win2k kp; memset(&kp, 0, sizeof(kp)); - envelopedAlg = oid_id_rsadsi_des_ede3_cbc(); - sdAlg = oid_id_pkcs7_data(); - ret = copy_EncryptionKey(reply_key, &kp.replyKey); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } - kp.nonce = client_params->nonce; - - ASN1_MALLOC_ENCODE(ReplyKeyPack_Win2k, + kp.nonce = cp->nonce; + + ASN1_MALLOC_ENCODE(ReplyKeyPack_Win2k, buf.data, buf.length, &kp, &size,ret); free_ReplyKeyPack_Win2k(&kp); @@ -738,17 +976,15 @@ pk_mk_pa_reply_enckey(krb5_context context, ReplyKeyPack kp; memset(&kp, 0, sizeof(kp)); - sdAlg = oid_id_pkrkeydata(); - ret = copy_EncryptionKey(reply_key, &kp.replyKey); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } ret = krb5_crypto_init(context, reply_key, 0, &ascrypto); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } @@ -756,21 +992,21 @@ pk_mk_pa_reply_enckey(krb5_context context, req_buffer->data, req_buffer->length, &kp.asChecksum); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } - + ret = krb5_crypto_destroy(context, ascrypto); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } ASN1_MALLOC_ENCODE(ReplyKeyPack, buf.data, buf.length, &kp, &size,ret); free_ReplyKeyPack(&kp); } if (ret) { - krb5_set_error_string(context, "ASN.1 encoding of ReplyKeyPack " - "failed (%d)", ret); + krb5_set_error_message(context, ret, "ASN.1 encoding of ReplyKeyPack " + "failed (%d)", ret); goto out; } if (buf.length != size) @@ -779,42 +1015,43 @@ pk_mk_pa_reply_enckey(krb5_context context, { hx509_query *q; hx509_cert cert; - - ret = hx509_query_alloc(kdc_identity->hx509ctx, &q); + + ret = hx509_query_alloc(context->hx509ctx, &q); if (ret) goto out; - + hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); - - ret = hx509_certs_find(kdc_identity->hx509ctx, - kdc_identity->certs, - q, + if (config->pkinit_kdc_friendly_name) + hx509_query_match_friendly_name(q, config->pkinit_kdc_friendly_name); + + ret = hx509_certs_find(context->hx509ctx, + kdc_identity->certs, + q, &cert); - hx509_query_free(kdc_identity->hx509ctx, q); + hx509_query_free(context->hx509ctx, q); if (ret) goto out; - - ret = hx509_cms_create_signed_1(kdc_identity->hx509ctx, + + ret = hx509_cms_create_signed_1(context->hx509ctx, 0, sdAlg, buf.data, buf.length, NULL, cert, - client_params->peer, - client_params->client_anchors, + cp->peer, + cp->client_anchors, kdc_identity->certpool, &signed_data); - hx509_cert_free(cert); + *kdc_cert = cert; } krb5_data_free(&buf); - if (ret) + if (ret) goto out; - if (client_params->type == PKINIT_COMPAT_WIN2K) { - ret = hx509_cms_wrap_ContentInfo(oid_id_pkcs7_signedData(), + if (cp->type == PKINIT_WIN2K) { + ret = hx509_cms_wrap_ContentInfo(&asn1_oid_id_pkcs7_signedData, &signed_data, &buf); if (ret) @@ -823,20 +1060,25 @@ pk_mk_pa_reply_enckey(krb5_context context, signed_data = buf; } - ret = hx509_cms_envelope_1(kdc_identity->hx509ctx, - 0, - client_params->cert, - signed_data.data, signed_data.length, + ret = hx509_cms_envelope_1(context->hx509ctx, + HX509_CMS_EV_NO_KU_CHECK, + cp->cert, + signed_data.data, signed_data.length, envelopedAlg, - oid_id_pkcs7_signedData(), &buf); + evAlg, &buf); if (ret) goto out; - + ret = _krb5_pk_mk_ContentInfo(context, &buf, - oid_id_pkcs7_envelopedData(), + &asn1_oid_id_pkcs7_envelopedData, content_info); out: + if (ret && *kdc_cert) { + hx509_cert_free(*kdc_cert); + *kdc_cert = NULL; + } + krb5_data_free(&buf); krb5_data_free(&signed_data); return ret; @@ -848,9 +1090,8 @@ pk_mk_pa_reply_enckey(krb5_context context, static krb5_error_code pk_mk_pa_reply_dh(krb5_context context, - DH *kdc_dh, - pk_client_params *client_params, - krb5_keyblock *reply_key, + krb5_kdc_configuration *config, + pk_client_params *cp, ContentInfo *content_info, hx509_cert *kdc_cert) { @@ -858,88 +1099,115 @@ pk_mk_pa_reply_dh(krb5_context context, krb5_data signed_data, buf; ContentInfo contentinfo; krb5_error_code ret; - size_t size; - heim_integer i; + hx509_cert cert; + hx509_query *q; + size_t size = 0; memset(&contentinfo, 0, sizeof(contentinfo)); memset(&dh_info, 0, sizeof(dh_info)); - krb5_data_zero(&buf); krb5_data_zero(&signed_data); + krb5_data_zero(&buf); *kdc_cert = NULL; - ret = BN_to_integer(context, kdc_dh->pub_key, &i); - if (ret) - return ret; + if (cp->keyex == USE_DH) { + DH *kdc_dh = cp->u.dh.key; + heim_integer i; - ASN1_MALLOC_ENCODE(DHPublicKey, buf.data, buf.length, &i, &size, ret); - if (ret) { - krb5_set_error_string(context, "ASN.1 encoding of " - "DHPublicKey failed (%d)", ret); - krb5_clear_error_string(context); - return ret; - } - if (buf.length != size) - krb5_abortx(context, "Internal ASN.1 encoder error"); + ret = BN_to_integer(context, kdc_dh->pub_key, &i); + if (ret) + return ret; - dh_info.subjectPublicKey.length = buf.length * 8; - dh_info.subjectPublicKey.data = buf.data; - - dh_info.nonce = client_params->nonce; + ASN1_MALLOC_ENCODE(DHPublicKey, buf.data, buf.length, &i, &size, ret); + der_free_heim_integer(&i); + if (ret) { + krb5_set_error_message(context, ret, "ASN.1 encoding of " + "DHPublicKey failed (%d)", ret); + return ret; + } + if (buf.length != size) + krb5_abortx(context, "Internal ASN.1 encoder error"); - ASN1_MALLOC_ENCODE(KDCDHKeyInfo, buf.data, buf.length, &dh_info, &size, + dh_info.subjectPublicKey.length = buf.length * 8; + dh_info.subjectPublicKey.data = buf.data; + krb5_data_zero(&buf); +#ifdef HAVE_OPENSSL + } else if (cp->keyex == USE_ECDH) { + unsigned char *p; + int len; + + len = i2o_ECPublicKey(cp->u.ecdh.key, NULL); + if (len <= 0) + abort(); + + p = malloc(len); + if (p == NULL) + abort(); + + dh_info.subjectPublicKey.length = len * 8; + dh_info.subjectPublicKey.data = p; + + len = i2o_ECPublicKey(cp->u.ecdh.key, &p); + if (len <= 0) + abort(); +#endif + } else + krb5_abortx(context, "no keyex selected ?"); + + + dh_info.nonce = cp->nonce; + + ASN1_MALLOC_ENCODE(KDCDHKeyInfo, buf.data, buf.length, &dh_info, &size, ret); if (ret) { - krb5_set_error_string(context, "ASN.1 encoding of " - "KdcDHKeyInfo failed (%d)", ret); + krb5_set_error_message(context, ret, "ASN.1 encoding of " + "KdcDHKeyInfo failed (%d)", ret); goto out; } if (buf.length != size) krb5_abortx(context, "Internal ASN.1 encoder error"); - /* + /* * Create the SignedData structure and sign the KdcDHKeyInfo * filled in above */ - { - hx509_query *q; - hx509_cert cert; - - ret = hx509_query_alloc(kdc_identity->hx509ctx, &q); - if (ret) - goto out; - - hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); - - ret = hx509_certs_find(kdc_identity->hx509ctx, - kdc_identity->certs, - q, - &cert); - hx509_query_free(kdc_identity->hx509ctx, q); - if (ret) - goto out; - - ret = hx509_cms_create_signed_1(kdc_identity->hx509ctx, - 0, - oid_id_pkdhkeydata(), - buf.data, - buf.length, - NULL, - cert, - client_params->peer, - client_params->client_anchors, - kdc_identity->certpool, - &signed_data); - *kdc_cert = cert; - } + ret = hx509_query_alloc(context->hx509ctx, &q); if (ret) goto out; + hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); + if (config->pkinit_kdc_friendly_name) + hx509_query_match_friendly_name(q, config->pkinit_kdc_friendly_name); + + ret = hx509_certs_find(context->hx509ctx, + kdc_identity->certs, + q, + &cert); + hx509_query_free(context->hx509ctx, q); + if (ret) + goto out; + + ret = hx509_cms_create_signed_1(context->hx509ctx, + 0, + &asn1_oid_id_pkdhkeydata, + buf.data, + buf.length, + NULL, + cert, + cp->peer, + cp->client_anchors, + kdc_identity->certpool, + &signed_data); + if (ret) { + kdc_log(context, config, 0, "Failed signing the DH* reply: %d", ret); + goto out; + } + *kdc_cert = cert; + ret = _krb5_pk_mk_ContentInfo(context, &signed_data, - oid_id_pkcs7_signedData(), + &asn1_oid_id_pkcs7_signedData, content_info); if (ret) goto out; @@ -964,23 +1232,25 @@ pk_mk_pa_reply_dh(krb5_context context, krb5_error_code _kdc_pk_mk_pa_reply(krb5_context context, krb5_kdc_configuration *config, - pk_client_params *client_params, + pk_client_params *cp, const hdb_entry_ex *client, + krb5_enctype sessionetype, const KDC_REQ *req, const krb5_data *req_buffer, krb5_keyblock **reply_key, + krb5_keyblock *sessionkey, METHOD_DATA *md) { krb5_error_code ret; - void *buf; - size_t len, size; + void *buf = NULL; + size_t len = 0, size = 0; krb5_enctype enctype; int pa_type; hx509_cert kdc_cert = NULL; - int i; + size_t i; if (!config->enable_pkinit) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return 0; } @@ -990,15 +1260,15 @@ _kdc_pk_mk_pa_reply(krb5_context context, break; if (req->req_body.etype.len <= i) { ret = KRB5KRB_ERR_GENERIC; - krb5_set_error_string(context, - "No valid enctype available from client"); + krb5_set_error_message(context, ret, + "No valid enctype available from client"); goto out; - } + } enctype = req->req_body.etype.val[i]; } else enctype = ETYPE_DES3_CBC_SHA1; - if (client_params->type == PKINIT_COMPAT_27) { + if (cp->type == PKINIT_27) { PA_PK_AS_REP rep; const char *type, *other = ""; @@ -1006,87 +1276,129 @@ _kdc_pk_mk_pa_reply(krb5_context context, pa_type = KRB5_PADATA_PK_AS_REP; - if (client_params->dh == NULL) { + if (cp->keyex == USE_RSA) { ContentInfo info; type = "enckey"; rep.element = choice_PA_PK_AS_REP_encKeyPack; - ret = krb5_generate_random_keyblock(context, enctype, - &client_params->reply_key); + ret = krb5_generate_random_keyblock(context, enctype, + &cp->reply_key); if (ret) { free_PA_PK_AS_REP(&rep); goto out; } ret = pk_mk_pa_reply_enckey(context, config, - client_params, + cp, req, req_buffer, - &client_params->reply_key, - &info); + &cp->reply_key, + &info, + &kdc_cert); if (ret) { free_PA_PK_AS_REP(&rep); goto out; } - ASN1_MALLOC_ENCODE(ContentInfo, rep.u.encKeyPack.data, - rep.u.encKeyPack.length, &info, &size, + ASN1_MALLOC_ENCODE(ContentInfo, rep.u.encKeyPack.data, + rep.u.encKeyPack.length, &info, &size, ret); free_ContentInfo(&info); if (ret) { - krb5_set_error_string(context, "encoding of Key ContentInfo " - "failed %d", ret); + krb5_set_error_message(context, ret, "encoding of Key ContentInfo " + "failed %d", ret); free_PA_PK_AS_REP(&rep); goto out; } if (rep.u.encKeyPack.length != size) krb5_abortx(context, "Internal ASN.1 encoder error"); + ret = krb5_generate_random_keyblock(context, sessionetype, + sessionkey); + if (ret) { + free_PA_PK_AS_REP(&rep); + goto out; + } + } else { ContentInfo info; - type = "dh"; - if (client_params->dh_group_name) - other = client_params->dh_group_name; + switch (cp->keyex) { + case USE_DH: type = "dh"; break; +#ifdef HAVE_OPENSSL + case USE_ECDH: type = "ecdh"; break; +#endif + default: krb5_abortx(context, "unknown keyex"); break; + } + + if (cp->dh_group_name) + other = cp->dh_group_name; rep.element = choice_PA_PK_AS_REP_dhInfo; - ret = generate_dh_keyblock(context, client_params, enctype, - &client_params->reply_key); + ret = generate_dh_keyblock(context, cp, enctype); if (ret) return ret; - ret = pk_mk_pa_reply_dh(context, client_params->dh, - client_params, - &client_params->reply_key, + ret = pk_mk_pa_reply_dh(context, config, + cp, &info, &kdc_cert); + if (ret) { + free_PA_PK_AS_REP(&rep); + krb5_set_error_message(context, ret, + "create pa-reply-dh " + "failed %d", ret); + goto out; + } ASN1_MALLOC_ENCODE(ContentInfo, rep.u.dhInfo.dhSignedData.data, rep.u.dhInfo.dhSignedData.length, &info, &size, ret); free_ContentInfo(&info); if (ret) { - krb5_set_error_string(context, "encoding of Key ContentInfo " - "failed %d", ret); + krb5_set_error_message(context, ret, + "encoding of Key ContentInfo " + "failed %d", ret); free_PA_PK_AS_REP(&rep); goto out; } if (rep.u.encKeyPack.length != size) krb5_abortx(context, "Internal ASN.1 encoder error"); - } - if (ret) { - free_PA_PK_AS_REP(&rep); - goto out; + /* XXX KRB-FX-CF2 */ + ret = krb5_generate_random_keyblock(context, sessionetype, + sessionkey); + if (ret) { + free_PA_PK_AS_REP(&rep); + goto out; + } + + /* XXX Add PA-PKINIT-KX */ + + } + +#define use_btmm_with_enckey 0 + if (use_btmm_with_enckey && rep.element == choice_PA_PK_AS_REP_encKeyPack) { + PA_PK_AS_REP_BTMM btmm; + heim_any any; + + any.data = rep.u.encKeyPack.data; + any.length = rep.u.encKeyPack.length; + + btmm.dhSignedData = NULL; + btmm.encKeyPack = &any; + + ASN1_MALLOC_ENCODE(PA_PK_AS_REP_BTMM, buf, len, &btmm, &size, ret); + } else { + ASN1_MALLOC_ENCODE(PA_PK_AS_REP, buf, len, &rep, &size, ret); } - ASN1_MALLOC_ENCODE(PA_PK_AS_REP, buf, len, &rep, &size, ret); free_PA_PK_AS_REP(&rep); if (ret) { - krb5_set_error_string(context, "encode PA-PK-AS-REP failed %d", - ret); + krb5_set_error_message(context, ret, + "encode PA-PK-AS-REP failed %d", ret); goto out; } if (len != size) @@ -1094,44 +1406,46 @@ _kdc_pk_mk_pa_reply(krb5_context context, kdc_log(context, config, 0, "PK-INIT using %s %s", type, other); - } else if (client_params->type == PKINIT_COMPAT_WIN2K) { + } else if (cp->type == PKINIT_WIN2K) { PA_PK_AS_REP_Win2k rep; ContentInfo info; - if (client_params->dh) { - krb5_set_error_string(context, "Windows PK-INIT doesn't support DH"); + if (cp->keyex != USE_RSA) { ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, + "Windows PK-INIT doesn't support DH"); goto out; } memset(&rep, 0, sizeof(rep)); pa_type = KRB5_PADATA_PK_AS_REP_19; - rep.element = choice_PA_PK_AS_REP_encKeyPack; + rep.element = choice_PA_PK_AS_REP_Win2k_encKeyPack; - ret = krb5_generate_random_keyblock(context, enctype, - &client_params->reply_key); + ret = krb5_generate_random_keyblock(context, enctype, + &cp->reply_key); if (ret) { free_PA_PK_AS_REP_Win2k(&rep); goto out; } ret = pk_mk_pa_reply_enckey(context, config, - client_params, + cp, req, req_buffer, - &client_params->reply_key, - &info); + &cp->reply_key, + &info, + &kdc_cert); if (ret) { free_PA_PK_AS_REP_Win2k(&rep); goto out; } - ASN1_MALLOC_ENCODE(ContentInfo, rep.u.encKeyPack.data, - rep.u.encKeyPack.length, &info, &size, + ASN1_MALLOC_ENCODE(ContentInfo, rep.u.encKeyPack.data, + rep.u.encKeyPack.length, &info, &size, ret); free_ContentInfo(&info); if (ret) { - krb5_set_error_string(context, "encoding of Key ContentInfo " + krb5_set_error_message(context, ret, "encoding of Key ContentInfo " "failed %d", ret); free_PA_PK_AS_REP_Win2k(&rep); goto out; @@ -1142,20 +1456,28 @@ _kdc_pk_mk_pa_reply(krb5_context context, ASN1_MALLOC_ENCODE(PA_PK_AS_REP_Win2k, buf, len, &rep, &size, ret); free_PA_PK_AS_REP_Win2k(&rep); if (ret) { - krb5_set_error_string(context, + krb5_set_error_message(context, ret, "encode PA-PK-AS-REP-Win2k failed %d", ret); goto out; } if (len != size) krb5_abortx(context, "Internal ASN.1 encoder error"); + ret = krb5_generate_random_keyblock(context, sessionetype, + sessionkey); + if (ret) { + free(buf); + goto out; + } + } else krb5_abortx(context, "PK-INIT internal error"); ret = krb5_padata_add(context, md, pa_type, buf, len); if (ret) { - krb5_set_error_string(context, "failed adding PA-PK-AS-REP %d", ret); + krb5_set_error_message(context, ret, + "Failed adding PA-PK-AS-REP %d", ret); free(buf); goto out; } @@ -1173,7 +1495,7 @@ _kdc_pk_mk_pa_reply(krb5_context context, fd = open(config->pkinit_kdc_ocsp_file, O_RDONLY); if (fd < 0) { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "PK-INIT failed to open ocsp data file %d", errno); goto out_ocsp; } @@ -1181,15 +1503,15 @@ _kdc_pk_mk_pa_reply(krb5_context context, if (ret) { ret = errno; close(fd); - kdc_log(context, config, 0, + kdc_log(context, config, 0, "PK-INIT failed to stat ocsp data %d", ret); goto out_ocsp; } - + ret = krb5_data_alloc(&ocsp.data, sb.st_size); if (ret) { close(fd); - kdc_log(context, config, 0, + kdc_log(context, config, 0, "PK-INIT failed to stat ocsp data %d", ret); goto out_ocsp; } @@ -1197,19 +1519,19 @@ _kdc_pk_mk_pa_reply(krb5_context context, ret = read(fd, ocsp.data.data, sb.st_size); close(fd); if (ret != sb.st_size) { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "PK-INIT failed to read ocsp data %d", errno); goto out_ocsp; } - ret = hx509_ocsp_verify(kdc_identity->hx509ctx, + ret = hx509_ocsp_verify(context->hx509ctx, kdc_time, kdc_cert, 0, ocsp.data.data, ocsp.data.length, &ocsp.expire); if (ret) { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "PK-INIT failed to verify ocsp data %d", ret); krb5_data_free(&ocsp.data); ocsp.expire = 0; @@ -1225,12 +1547,12 @@ _kdc_pk_mk_pa_reply(krb5_context context, if (ocsp.expire != 0 && ocsp.expire > kdc_time) { - ret = krb5_padata_add(context, md, + ret = krb5_padata_add(context, md, KRB5_PADATA_PA_PK_OCSP_RESPONSE, ocsp.data.data, ocsp.data.length); if (ret) { - krb5_set_error_string(context, - "Failed adding OCSP response %d", ret); + krb5_set_error_message(context, ret, + "Failed adding OCSP response %d", ret); goto out; } } @@ -1241,25 +1563,26 @@ _kdc_pk_mk_pa_reply(krb5_context context, hx509_cert_free(kdc_cert); if (ret == 0) - *reply_key = &client_params->reply_key; + *reply_key = &cp->reply_key; return ret; } static int -match_rfc_san(krb5_context context, +match_rfc_san(krb5_context context, krb5_kdc_configuration *config, hx509_context hx509ctx, - hx509_cert client_cert, + hx509_cert client_cert, krb5_const_principal match) { hx509_octet_string_list list; - int ret, i, found = 0; + int ret, found = 0; + size_t i; memset(&list, 0 , sizeof(list)); ret = hx509_cert_find_subjectAltName_otherName(hx509ctx, client_cert, - oid_id_pkinit_san(), + &asn1_oid_id_pkinit_san, &list); if (ret) goto out; @@ -1269,13 +1592,14 @@ match_rfc_san(krb5_context context, KRB5PrincipalName kn; size_t size; - ret = decode_KRB5PrincipalName(list.val[i].data, + ret = decode_KRB5PrincipalName(list.val[i].data, list.val[i].length, &kn, &size); if (ret) { + const char *msg = krb5_get_error_message(context, ret); kdc_log(context, config, 0, - "Decoding kerberos name in certificate failed: %s", - krb5_get_err_text(context, ret)); + "Decoding kerberos name in certificate failed: %s", msg); + krb5_free_error_message(context, msg); break; } if (size != list.val[i].length) { @@ -1293,7 +1617,7 @@ match_rfc_san(krb5_context context, } out: - hx509_free_octet_string_list(&list); + hx509_free_octet_string_list(&list); if (ret) return ret; @@ -1304,15 +1628,16 @@ match_rfc_san(krb5_context context, } static int -match_ms_upn_san(krb5_context context, +match_ms_upn_san(krb5_context context, krb5_kdc_configuration *config, hx509_context hx509ctx, - hx509_cert client_cert, - krb5_const_principal match) + hx509_cert client_cert, + HDB *clientdb, + hdb_entry_ex *client) { hx509_octet_string_list list; krb5_principal principal = NULL; - int ret, found = 0; + int ret; MS_UPN_SAN upn; size_t size; @@ -1320,7 +1645,7 @@ match_ms_upn_san(krb5_context context, ret = hx509_cert_find_subjectAltName_otherName(hx509ctx, client_cert, - oid_id_pkinit_ms_san(), + &asn1_oid_id_pkinit_ms_san, &list); if (ret) goto out; @@ -1336,6 +1661,12 @@ match_ms_upn_san(krb5_context context, kdc_log(context, config, 0, "Decode of MS-UPN-SAN failed"); goto out; } + if (size != list.val[0].length) { + free_MS_UPN_SAN(&upn); + kdc_log(context, config, 0, "Trailing data in "); + ret = KRB5_KDC_ERR_CLIENT_NAME_MISMATCH; + goto out; + } kdc_log(context, config, 0, "found MS UPN SAN: %s", upn); @@ -1346,42 +1677,51 @@ match_ms_upn_san(krb5_context context, goto out; } - /* - * This is very wrong, but will do for now, should really and a - * plugin to the windc layer to very this ACL. - */ - strupr(principal->realm); + if (clientdb->hdb_check_pkinit_ms_upn_match) { + ret = clientdb->hdb_check_pkinit_ms_upn_match(context, clientdb, client, principal); + } else { - if (krb5_principal_compare(context, principal, match) == TRUE) - found = 1; + /* + * This is very wrong, but will do for a fallback + */ + strupr(principal->realm); + + if (krb5_principal_compare(context, principal, client->entry.principal) == FALSE) + ret = KRB5_KDC_ERR_CLIENT_NAME_MISMATCH; + } out: if (principal) krb5_free_principal(context, principal); - hx509_free_octet_string_list(&list); - if (ret) - return ret; + hx509_free_octet_string_list(&list); - if (!found) - return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH; - - return 0; + return ret; } krb5_error_code _kdc_pk_check_client(krb5_context context, krb5_kdc_configuration *config, - const hdb_entry_ex *client, - pk_client_params *client_params, + HDB *clientdb, + hdb_entry_ex *client, + pk_client_params *cp, char **subject_name) { const HDB_Ext_PKINIT_acl *acl; + const HDB_Ext_PKINIT_cert *pc; krb5_error_code ret; hx509_name name; - int i; + size_t i; - ret = hx509_cert_get_base_subject(kdc_identity->hx509ctx, - client_params->cert, + if (cp->cert == NULL) { + + *subject_name = strdup("anonymous client client"); + if (*subject_name == NULL) + return ENOMEM; + return 0; + } + + ret = hx509_cert_get_base_subject(context->hx509ctx, + cp->cert, &name); if (ret) return ret; @@ -1392,13 +1732,36 @@ _kdc_pk_check_client(krb5_context context, return ret; kdc_log(context, config, 0, - "Trying to authorize PK-INIT subject DN %s", + "Trying to authorize PK-INIT subject DN %s", *subject_name); + ret = hdb_entry_get_pkinit_cert(&client->entry, &pc); + if (ret == 0 && pc) { + hx509_cert cert; + size_t j; + + for (j = 0; j < pc->len; j++) { + ret = hx509_cert_init_data(context->hx509ctx, + pc->val[j].cert.data, + pc->val[j].cert.length, + &cert); + if (ret) + continue; + ret = hx509_cert_cmp(cert, cp->cert); + hx509_cert_free(cert); + if (ret == 0) { + kdc_log(context, config, 5, + "Found matching PK-INIT cert in hdb"); + return 0; + } + } + } + + if (config->pkinit_princ_in_cert) { ret = match_rfc_san(context, config, - kdc_identity->hx509ctx, - client_params->cert, + context->hx509ctx, + cp->cert, client->entry.principal); if (ret == 0) { kdc_log(context, config, 5, @@ -1406,9 +1769,10 @@ _kdc_pk_check_client(krb5_context context, return 0; } ret = match_ms_upn_san(context, config, - kdc_identity->hx509ctx, - client_params->cert, - client->entry.principal); + context->hx509ctx, + cp->cert, + clientdb, + client); if (ret == 0) { kdc_log(context, config, 5, "Found matching MS UPN SAN in certificate"); @@ -1453,7 +1817,8 @@ _kdc_pk_check_client(krb5_context context, return 0; } - krb5_set_error_string(context, + ret = KRB5_KDC_ERR_CLIENT_NAME_MISMATCH; + krb5_set_error_message(context, ret, "PKINIT no matching principals for %s", *subject_name); @@ -1464,11 +1829,11 @@ _kdc_pk_check_client(krb5_context context, free(*subject_name); *subject_name = NULL; - return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH; + return ret; } static krb5_error_code -add_principal_mapping(krb5_context context, +add_principal_mapping(krb5_context context, const char *principal_name, const char * subject) { @@ -1501,16 +1866,16 @@ add_principal_mapping(krb5_context context, krb5_error_code _kdc_add_inital_verified_cas(krb5_context context, krb5_kdc_configuration *config, - pk_client_params *params, + pk_client_params *cp, EncTicketPart *tkt) { AD_INITIAL_VERIFIED_CAS cas; krb5_error_code ret; krb5_data data; - size_t size; + size_t size = 0; memset(&cas, 0, sizeof(cas)); - + /* XXX add CAs to cas here */ ASN1_MALLOC_ENCODE(AD_INITIAL_VERIFIED_CAS, data.data, data.length, @@ -1520,7 +1885,7 @@ _kdc_add_inital_verified_cas(krb5_context context, if (data.length != size) krb5_abortx(context, "internal asn.1 encoder error"); - ret = _kdc_tkt_add_if_relevant_ad(context, tkt, + ret = _kdc_tkt_add_if_relevant_ad(context, tkt, KRB5_AUTHDATA_INITIAL_VERIFIED_CAS, &data); krb5_data_free(&data); @@ -1545,7 +1910,7 @@ load_mappings(krb5_context context, const char *fn) while (fgets(buf, sizeof(buf), f) != NULL) { char *subject_name, *p; - + buf[strcspn(buf, "\n")] = '\0'; lineno++; @@ -1569,22 +1934,22 @@ load_mappings(krb5_context context, const char *fn) lineno, buf); continue; } - } + } fclose(f); } - + /* * */ krb5_error_code -_kdc_pk_initialize(krb5_context context, - krb5_kdc_configuration *config, - const char *user_id, - const char *anchors, - char **pool, - char **revoke_list) +krb5_kdc_pk_initialize(krb5_context context, + krb5_kdc_configuration *config, + const char *user_id, + const char *anchors, + char **pool, + char **revoke_list) { const char *file; char *fn = NULL; @@ -1618,42 +1983,52 @@ _kdc_pk_initialize(krb5_context context, { hx509_query *q; hx509_cert cert; - - ret = hx509_query_alloc(kdc_identity->hx509ctx, &q); + + ret = hx509_query_alloc(context->hx509ctx, &q); if (ret) { krb5_warnx(context, "PKINIT: out of memory"); return ENOMEM; } - + hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); - - ret = hx509_certs_find(kdc_identity->hx509ctx, + if (config->pkinit_kdc_friendly_name) + hx509_query_match_friendly_name(q, config->pkinit_kdc_friendly_name); + + ret = hx509_certs_find(context->hx509ctx, kdc_identity->certs, q, &cert); - hx509_query_free(kdc_identity->hx509ctx, q); + hx509_query_free(context->hx509ctx, q); if (ret == 0) { - if (hx509_cert_check_eku(kdc_identity->hx509ctx, cert, - oid_id_pkkdcekuoid(), 0)) - krb5_warnx(context, "WARNING Found KDC certificate " - "is missing the PK-INIT KDC EKU, this is bad for " - "interoperability."); + if (hx509_cert_check_eku(context->hx509ctx, cert, + &asn1_oid_id_pkkdcekuoid, 0)) { + hx509_name name; + char *str; + ret = hx509_cert_get_subject(cert, &name); + if (ret == 0) { + hx509_name_to_string(name, &str); + krb5_warnx(context, "WARNING Found KDC certificate (%s)" + "is missing the PK-INIT KDC EKU, this is bad for " + "interoperability.", str); + hx509_name_free(&name); + free(str); + } + } hx509_cert_free(cert); } else krb5_warnx(context, "PKINIT: failed to find a signing " "certifiate with a public key"); } - ret = krb5_config_get_bool_default(context, - NULL, - FALSE, - "kdc", - "pkinit_allow_proxy_certificate", - NULL); - _krb5_pk_allow_proxy_certificate(kdc_identity, ret); + if (krb5_config_get_bool_default(context, + NULL, + FALSE, + "kdc", + "pkinit_allow_proxy_certificate", + NULL)) + config->pkinit_allow_proxy_certs = 1; - file = krb5_config_get_string(context, + file = krb5_config_get_string(context, NULL, "kdc", "pkinit_mappings_file", diff --git a/kdc/process.c b/kdc/process.c index 1d0a01a215d1..6f36915800bb 100644 --- a/kdc/process.c +++ b/kdc/process.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * - * All rights reserved. + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" -RCSID("$Id: process.c 20959 2007-06-07 04:46:06Z lha $"); - /* * */ @@ -49,66 +47,167 @@ krb5_kdc_update_time(struct timeval *tv) _kdc_now = *tv; } +static krb5_error_code +kdc_as_req(krb5_context context, + krb5_kdc_configuration *config, + krb5_data *req_buffer, + krb5_data *reply, + const char *from, + struct sockaddr *addr, + int datagram_reply, + int *claim) +{ + krb5_error_code ret; + KDC_REQ req; + size_t len; + + ret = decode_AS_REQ(req_buffer->data, req_buffer->length, &req, &len); + if (ret) + return ret; + + *claim = 1; + + ret = _kdc_as_rep(context, config, &req, req_buffer, + reply, from, addr, datagram_reply); + free_AS_REQ(&req); + return ret; +} + + +static krb5_error_code +kdc_tgs_req(krb5_context context, + krb5_kdc_configuration *config, + krb5_data *req_buffer, + krb5_data *reply, + const char *from, + struct sockaddr *addr, + int datagram_reply, + int *claim) +{ + krb5_error_code ret; + KDC_REQ req; + size_t len; + + ret = decode_TGS_REQ(req_buffer->data, req_buffer->length, &req, &len); + if (ret) + return ret; + + *claim = 1; + + ret = _kdc_tgs_rep(context, config, &req, reply, + from, addr, datagram_reply); + free_TGS_REQ(&req); + return ret; +} + +#ifdef DIGEST + +static krb5_error_code +kdc_digest(krb5_context context, + krb5_kdc_configuration *config, + krb5_data *req_buffer, + krb5_data *reply, + const char *from, + struct sockaddr *addr, + int datagram_reply, + int *claim) +{ + DigestREQ digestreq; + krb5_error_code ret; + size_t len; + + ret = decode_DigestREQ(req_buffer->data, req_buffer->length, + &digestreq, &len); + if (ret) + return ret; + + *claim = 1; + + ret = _kdc_do_digest(context, config, &digestreq, reply, from, addr); + free_DigestREQ(&digestreq); + return ret; +} + +#endif + +#ifdef KX509 + +static krb5_error_code +kdc_kx509(krb5_context context, + krb5_kdc_configuration *config, + krb5_data *req_buffer, + krb5_data *reply, + const char *from, + struct sockaddr *addr, + int datagram_reply, + int *claim) +{ + Kx509Request kx509req; + krb5_error_code ret; + size_t len; + + ret = _kdc_try_kx509_request(req_buffer->data, req_buffer->length, + &kx509req, &len); + if (ret) + return ret; + + *claim = 1; + + ret = _kdc_do_kx509(context, config, &kx509req, reply, from, addr); + free_Kx509Request(&kx509req); + return ret; +} + +#endif + + +static struct krb5_kdc_service services[] = { + { KS_KRB5, kdc_as_req }, + { KS_KRB5, kdc_tgs_req }, +#ifdef DIGEST + { 0, kdc_digest }, +#endif +#ifdef KX509 + { 0, kdc_kx509 }, +#endif + { 0, NULL } +}; + /* * handle the request in `buf, len', from `addr' (or `from' as a string), * sending a reply in `reply'. */ int -krb5_kdc_process_request(krb5_context context, +krb5_kdc_process_request(krb5_context context, krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, + unsigned char *buf, + size_t len, krb5_data *reply, krb5_boolean *prependlength, const char *from, struct sockaddr *addr, int datagram_reply) { - KDC_REQ req; - Ticket ticket; - DigestREQ digestreq; - Kx509Request kx509req; krb5_error_code ret; - size_t i; + unsigned int i; + krb5_data req_buffer; + int claim = 0; - if(decode_AS_REQ(buf, len, &req, &i) == 0){ - krb5_data req_buffer; + req_buffer.data = buf; + req_buffer.length = len; - req_buffer.data = buf; - req_buffer.length = len; - - ret = _kdc_as_rep(context, config, &req, &req_buffer, - reply, from, addr, datagram_reply); - free_AS_REQ(&req); - return ret; - }else if(decode_TGS_REQ(buf, len, &req, &i) == 0){ - ret = _kdc_tgs_rep(context, config, &req, reply, from, addr, datagram_reply); - free_TGS_REQ(&req); - return ret; - }else if(decode_Ticket(buf, len, &ticket, &i) == 0){ - ret = _kdc_do_524(context, config, &ticket, reply, from, addr); - free_Ticket(&ticket); - return ret; - }else if(decode_DigestREQ(buf, len, &digestreq, &i) == 0){ - ret = _kdc_do_digest(context, config, &digestreq, reply, from, addr); - free_DigestREQ(&digestreq); - return ret; - } else if (_kdc_try_kx509_request(buf, len, &kx509req, &i) == 0) { - ret = _kdc_do_kx509(context, config, &kx509req, reply, from, addr); - free_Kx509Request(&kx509req); - return ret; - } else if(_kdc_maybe_version4(buf, len)){ - *prependlength = FALSE; /* elbitapmoc sdrawkcab XXX */ - _kdc_do_version4(context, config, buf, len, reply, from, - (struct sockaddr_in*)addr); - return 0; - } else if (config->enable_kaserver) { - ret = _kdc_do_kaserver(context, config, buf, len, reply, from, - (struct sockaddr_in*)addr); - return ret; + for (i = 0; services[i].process != NULL; i++) { + ret = (*services[i].process)(context, config, &req_buffer, + reply, from, addr, datagram_reply, + &claim); + if (claim) { + if (services[i].flags & KS_NO_LENGTH) + *prependlength = 0; + return ret; + } } - + return -1; } @@ -120,34 +219,33 @@ krb5_kdc_process_request(krb5_context context, */ int -krb5_kdc_process_krb5_request(krb5_context context, +krb5_kdc_process_krb5_request(krb5_context context, krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, + unsigned char *buf, + size_t len, krb5_data *reply, const char *from, struct sockaddr *addr, int datagram_reply) { - KDC_REQ req; krb5_error_code ret; - size_t i; + unsigned int i; + krb5_data req_buffer; + int claim = 0; - if(decode_AS_REQ(buf, len, &req, &i) == 0){ - krb5_data req_buffer; + req_buffer.data = buf; + req_buffer.length = len; - req_buffer.data = buf; - req_buffer.length = len; - - ret = _kdc_as_rep(context, config, &req, &req_buffer, - reply, from, addr, datagram_reply); - free_AS_REQ(&req); - return ret; - }else if(decode_TGS_REQ(buf, len, &req, &i) == 0){ - ret = _kdc_tgs_rep(context, config, &req, reply, from, addr, datagram_reply); - free_TGS_REQ(&req); - return ret; + for (i = 0; services[i].process != NULL; i++) { + if ((services[i].flags & KS_KRB5) == 0) + continue; + ret = (*services[i].process)(context, config, &req_buffer, + reply, from, addr, datagram_reply, + &claim); + if (claim) + return ret; } + return -1; } @@ -156,7 +254,7 @@ krb5_kdc_process_krb5_request(krb5_context context, */ int -krb5_kdc_save_request(krb5_context context, +krb5_kdc_save_request(krb5_context context, const char *fn, const unsigned char *buf, size_t len, @@ -177,14 +275,15 @@ krb5_kdc_save_request(krb5_context context, fd = open(fn, O_WRONLY|O_CREAT|O_APPEND, 0600); if (fd < 0) { - krb5_set_error_string(context, "Failed to open: %s", fn); - return errno; + int saved_errno = errno; + krb5_set_error_message(context, saved_errno, "Failed to open: %s", fn); + return saved_errno; } - + sp = krb5_storage_from_fd(fd); close(fd); if (sp == NULL) { - krb5_set_error_string(context, "Storage failed to open fd"); + krb5_set_error_message(context, ENOMEM, "Storage failed to open fd"); return ENOMEM; } diff --git a/kdc/rx.h b/kdc/rx.h index 18806d79dae6..f914e93e6efc 100644 --- a/kdc/rx.h +++ b/kdc/rx.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: rx.h 17447 2006-05-05 10:52:01Z lha $ */ +/* $Id$ */ #ifndef __RX_H__ #define __RX_H__ diff --git a/kdc/set_dbinfo.c b/kdc/set_dbinfo.c index 651f4c4a4b21..d22e083f7d5e 100644 --- a/kdc/set_dbinfo.c +++ b/kdc/set_dbinfo.c @@ -1,40 +1,68 @@ /* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * All rights reserved. + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" -RCSID("$Id: default_config.c 21296 2007-06-25 14:49:11Z lha $"); +static krb5_error_code +add_db(krb5_context context, struct krb5_kdc_configuration *c, + const char *conf, const char *master_key) +{ + krb5_error_code ret; + void *ptr; + + ptr = realloc(c->db, (c->num_db + 1) * sizeof(*c->db)); + if (ptr == NULL) { + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + c->db = ptr; + + ret = hdb_create(context, &c->db[c->num_db], conf); + if(ret) + return ret; + + c->num_db++; + + if (master_key) { + ret = hdb_set_master_keyfile(context, c->db[c->num_db - 1], master_key); + if (ret) + return ret; + } + + return 0; +} krb5_error_code krb5_kdc_set_dbinfo(krb5_context context, struct krb5_kdc_configuration *c) @@ -47,30 +75,15 @@ krb5_kdc_set_dbinfo(krb5_context context, struct krb5_kdc_configuration *c) ret = hdb_get_dbinfo(context, &info); if (ret) return ret; - + d = NULL; while ((d = hdb_dbinfo_get_next(info, d)) != NULL) { - void *ptr; - - ptr = realloc(c->db, (c->num_db + 1) * sizeof(*c->db)); - if (ptr == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); - goto out; - } - c->db = ptr; - - ret = hdb_create(context, &c->db[c->num_db], - hdb_dbinfo_get_dbname(context, d)); - if(ret) - goto out; - - ret = hdb_set_master_keyfile(context, c->db[c->num_db], - hdb_dbinfo_get_mkey_file(context, d)); + + ret = add_db(context, c, + hdb_dbinfo_get_dbname(context, d), + hdb_dbinfo_get_mkey_file(context, d)); if (ret) goto out; - - c->num_db++; kdc_log(context, c, 0, "label: %s", hdb_dbinfo_get_label(context, d)); @@ -91,7 +104,7 @@ krb5_kdc_set_dbinfo(krb5_context context, struct krb5_kdc_configuration *c) c->num_db = 0; free(c->db); c->db = NULL; - + hdb_free_dbinfo(context, &info); return ret; diff --git a/kdc/string2key-version.rc b/kdc/string2key-version.rc new file mode 100644 index 000000000000..120ef4b22ab9 --- /dev/null +++ b/kdc/string2key-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Password to Key Mapper" +#define RC_FILE_ORIG_0409 "string2key.exe" + +#include "../windows/version.rc" diff --git a/kdc/string2key.8 b/kdc/string2key.8 index 8f2d562cc809..1b38d3322827 100644 --- a/kdc/string2key.8 +++ b/kdc/string2key.8 @@ -1,35 +1,35 @@ -.\" Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: string2key.8 11648 2003-02-16 21:10:32Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd March 4, 2000 .Dt STRING2KEY 8 @@ -39,23 +39,23 @@ .Nd map a password into a key .Sh SYNOPSIS .Nm -.Op Fl 5 | Fl -version5 -.Op Fl 4 | Fl -version4 -.Op Fl a | Fl -afs +.Op Fl 5 | Fl Fl version5 +.Op Fl 4 | Fl Fl version4 +.Op Fl a | Fl Fl afs .Oo Fl c Ar cell \*(Ba Xo -.Fl -cell= Ns Ar cell +.Fl Fl cell= Ns Ar cell .Xc .Oc .Oo Fl w Ar password \*(Ba Xo -.Fl -password= Ns Ar password +.Fl Fl password= Ns Ar password .Xc .Oc .Oo Fl p Ar principal \*(Ba Xo -.Fl -principal= Ns Ar principal +.Fl Fl principal= Ns Ar principal .Xc .Oc .Oo Fl k Ar string \*(Ba Xo -.Fl -keytype= Ns Ar string +.Fl Fl keytype= Ns Ar string .Xc .Oc .Ar password @@ -65,46 +65,21 @@ performs the string-to-key function. This is useful when you want to handle the raw key instead of the password. Supported options: .Bl -tag -width Ds -.It Xo -.Fl 5 , -.Fl -version5 -.Xc +.It Fl 5 , Fl Fl version5 Output Kerberos v5 string-to-key -.It Xo -.Fl 4 , -.Fl -version4 -.Xc +.It Fl 4 , Fl Fl version4 Output Kerberos v4 string-to-key -.It Xo -.Fl a , -.Fl -afs -.Xc +.It Fl a , Fl Fl afs Output AFS string-to-key -.It Xo -.Fl c Ar cell , -.Fl -cell= Ns Ar cell -.Xc +.It Fl c Ar cell , Fl Fl cell= Ns Ar cell AFS cell to use -.It Xo -.Fl w Ar password , -.Fl -password= Ns Ar password -.Xc +.It Fl w Ar password , Fl Fl password= Ns Ar password Password to use -.It Xo -.Fl p Ar principal , -.Fl -principal= Ns Ar principal -.Xc +.It Fl p Ar principal , Fl Fl principal= Ns Ar principal Kerberos v5 principal to use -.It Xo -.Fl k Ar string , -.Fl -keytype= Ns Ar string -.Xc +.It Fl k Ar string , Fl Fl keytype= Ns Ar string Keytype -.It Xo -.Fl -version -.Xc +.It Fl Fl version print version -.It Xo -.Fl -help -.Xc +.It Fl Fl help .El diff --git a/kdc/string2key.c b/kdc/string2key.c index 4211bf7a93f5..6f24c27a29a0 100644 --- a/kdc/string2key.c +++ b/kdc/string2key.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "headers.h" #include -RCSID("$Id: string2key.c 19213 2006-12-04 23:36:36Z lha $"); - int version5; int version4; int afs; @@ -47,15 +45,17 @@ int version; int help; struct getargs args[] = { - { "version5", '5', arg_flag, &version5, "Output Kerberos v5 string-to-key" }, - { "version4", '4', arg_flag, &version4, "Output Kerberos v4 string-to-key" }, - { "afs", 'a', arg_flag, &afs, "Output AFS string-to-key" }, + { "version5", '5', arg_flag, &version5, "Output Kerberos v5 string-to-key", + NULL }, + { "version4", '4', arg_flag, &version4, "Output Kerberos v4 string-to-key", + NULL }, + { "afs", 'a', arg_flag, &afs, "Output AFS string-to-key", NULL }, { "cell", 'c', arg_string, &cell, "AFS cell to use", "cell" }, { "password", 'w', arg_string, &password, "Password to use", "password" }, { "principal",'p', arg_string, &principal, "Kerberos v5 principal to use", "principal" }, - { "keytype", 'k', arg_string, &keytype_str, "Keytype" }, - { "version", 0, arg_flag, &version, "print version" }, - { "help", 0, arg_flag, &help, NULL } + { "keytype", 'k', arg_string, rk_UNCONST(&keytype_str), "Keytype", NULL }, + { "version", 0, arg_flag, &version, "print version", NULL }, + { "help", 0, arg_flag, &help, NULL, NULL } }; int num_args = sizeof(args) / sizeof(args[0]); @@ -68,14 +68,14 @@ usage(int status) } static void -tokey(krb5_context context, - krb5_enctype enctype, - const char *pw, - krb5_salt salt, +tokey(krb5_context context, + krb5_enctype enctype, + const char *pw, + krb5_salt salt, const char *label) { krb5_error_code ret; - int i; + size_t i; krb5_keyblock key; char *e; @@ -109,7 +109,7 @@ main(int argc, char **argv) if(help) usage(0); - + if(version){ print_version (NULL); return 0; @@ -125,26 +125,9 @@ main(int argc, char **argv) version5 = 1; ret = krb5_string_to_enctype(context, keytype_str, &etype); - if(ret) { - krb5_keytype keytype; - int *etypes; - unsigned num; - char *str; - ret = krb5_string_to_keytype(context, keytype_str, &keytype); - if(ret) - krb5_err(context, 1, ret, "%s", keytype_str); - ret = krb5_keytype_to_enctypes(context, keytype, &num, &etypes); - if(ret) - krb5_err(context, 1, ret, "%s", keytype_str); - if(num == 0) - krb5_errx(context, 1, "there are no encryption types for that keytype"); - etype = etypes[0]; - krb5_enctype_to_string(context, etype, &str); - keytype_str = str; - if(num > 1 && version5) - krb5_warnx(context, "ambiguous keytype, using %s", keytype_str); - } - + if(ret) + krb5_err(context, 1, ret, "krb5_string_to_enctype"); + if((etype != ETYPE_DES_CBC_CRC && etype != ETYPE_DES_CBC_MD4 && etype != ETYPE_DES_CBC_MD5) && @@ -152,7 +135,7 @@ main(int argc, char **argv) if(!version5) { etype = ETYPE_DES_CBC_CRC; } else { - krb5_errx(context, 1, + krb5_errx(context, 1, "DES is the only valid keytype for AFS and Kerberos 4"); } } @@ -178,7 +161,7 @@ main(int argc, char **argv) return 1; password = buf; } - + if(version5){ krb5_parse_name(context, principal, &princ); krb5_get_pw_salt(context, princ, &salt); diff --git a/kdc/string2key.cat8 b/kdc/string2key.cat8 new file mode 100644 index 000000000000..97c5923230a9 --- /dev/null +++ b/kdc/string2key.cat8 @@ -0,0 +1,43 @@ + +STRING2KEY(8) BSD System Manager's Manual STRING2KEY(8) + +NNAAMMEE + ssttrriinngg22kkeeyy -- map a password into a key + +SSYYNNOOPPSSIISS + ssttrriinngg22kkeeyy [--55 | ----vveerrssiioonn55] [--44 | ----vveerrssiioonn44] [--aa | ----aaffss] [--cc _c_e_l_l | + ----cceellll==_c_e_l_l] [--ww _p_a_s_s_w_o_r_d | ----ppaasssswwoorrdd==_p_a_s_s_w_o_r_d] [--pp _p_r_i_n_c_i_p_a_l + | ----pprriinncciippaall==_p_r_i_n_c_i_p_a_l] [--kk _s_t_r_i_n_g | ----kkeeyyttyyppee==_s_t_r_i_n_g] + _p_a_s_s_w_o_r_d + +DDEESSCCRRIIPPTTIIOONN + ssttrriinngg22kkeeyy performs the string-to-key function. This is useful when you + want to handle the raw key instead of the password. Supported options: + + --55, ----vveerrssiioonn55 + Output Kerberos v5 string-to-key + + --44, ----vveerrssiioonn44 + Output Kerberos v4 string-to-key + + --aa, ----aaffss + Output AFS string-to-key + + --cc _c_e_l_l, ----cceellll==_c_e_l_l + AFS cell to use + + --ww _p_a_s_s_w_o_r_d, ----ppaasssswwoorrdd==_p_a_s_s_w_o_r_d + Password to use + + --pp _p_r_i_n_c_i_p_a_l, ----pprriinncciippaall==_p_r_i_n_c_i_p_a_l + Kerberos v5 principal to use + + --kk _s_t_r_i_n_g, ----kkeeyyttyyppee==_s_t_r_i_n_g + Keytype + + ----vveerrssiioonn + print version + + ----hheellpp + +HEIMDAL March 4, 2000 HEIMDAL diff --git a/kdc/v4_dump.c b/kdc/v4_dump.c deleted file mode 100644 index 93c56f87f27f..000000000000 --- a/kdc/v4_dump.c +++ /dev/null @@ -1,143 +0,0 @@ -/* - * Copyright (c) 2000 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hprop.h" - -RCSID("$Id: v4_dump.c 17023 2006-04-09 17:41:47Z lha $"); - -static time_t -time_parse(const char *cp) -{ - char wbuf[5]; - struct tm tp; - int local; - - memset(&tp, 0, sizeof(tp)); /* clear out the struct */ - - /* new format is YYYYMMDDHHMM UTC, - old format is YYMMDDHHMM local time */ - if (strlen(cp) > 10) { /* new format */ - strlcpy(wbuf, cp, sizeof(wbuf)); - tp.tm_year = atoi(wbuf) - 1900; - cp += 4; - local = 0; - } else { - wbuf[0] = *cp++; - wbuf[1] = *cp++; - wbuf[2] = '\0'; - tp.tm_year = atoi(wbuf); - if(tp.tm_year < 38) - tp.tm_year += 100; - local = 1; - } - - wbuf[0] = *cp++; - wbuf[1] = *cp++; - wbuf[2] = 0; - tp.tm_mon = atoi(wbuf) - 1; - - wbuf[0] = *cp++; - wbuf[1] = *cp++; - tp.tm_mday = atoi(wbuf); - - wbuf[0] = *cp++; - wbuf[1] = *cp++; - tp.tm_hour = atoi(wbuf); - - wbuf[0] = *cp++; - wbuf[1] = *cp++; - tp.tm_min = atoi(wbuf); - - return(tm2time(tp, local)); -} - -/* convert a version 4 dump file */ -int -v4_prop_dump(void *arg, const char *file) -{ - char buf [1024]; - FILE *f; - int lineno = 0; - - f = fopen(file, "r"); - if(f == NULL) - return errno; - - while(fgets(buf, sizeof(buf), f)) { - int ret; - unsigned long key[2]; /* yes, long */ - char exp_date[64], mod_date[64]; - struct v4_principal pr; - int attributes; - - memset(&pr, 0, sizeof(pr)); - errno = 0; - lineno++; - ret = sscanf(buf, "%63s %63s %d %d %d %d %lx %lx %63s %63s %63s %63s", - pr.name, pr.instance, - &pr.max_life, &pr.mkvno, &pr.kvno, - &attributes, - &key[0], &key[1], - exp_date, mod_date, - pr.mod_name, pr.mod_instance); - if(ret != 12){ - warnx("Line %d malformed (ignored)", lineno); - continue; - } - if(attributes != 0) { - warnx("Line %d (%s.%s) has non-zero attributes - skipping", - lineno, pr.name, pr.instance); - continue; - } - pr.key[0] = (key[0] >> 24) & 0xff; - pr.key[1] = (key[0] >> 16) & 0xff; - pr.key[2] = (key[0] >> 8) & 0xff; - pr.key[3] = (key[0] >> 0) & 0xff; - pr.key[4] = (key[1] >> 24) & 0xff; - pr.key[5] = (key[1] >> 16) & 0xff; - pr.key[6] = (key[1] >> 8) & 0xff; - pr.key[7] = (key[1] >> 0) & 0xff; - pr.exp_date = time_parse(exp_date); - pr.mod_date = time_parse(mod_date); - if (pr.instance[0] == '*') - pr.instance[0] = '\0'; - if (pr.mod_name[0] == '*') - pr.mod_name[0] = '\0'; - if (pr.mod_instance[0] == '*') - pr.mod_instance[0] = '\0'; - v4_prop(arg, &pr); - memset(&pr, 0, sizeof(pr)); - } - fclose(f); - return 0; -} diff --git a/kdc/version-script.map b/kdc/version-script.map index 2612b8ed261e..ae16f39faad6 100644 --- a/kdc/version-script.map +++ b/kdc/version-script.map @@ -1,4 +1,4 @@ -# $Id: version-script.map 21110 2007-06-18 10:52:20Z lha $ +# $Id$ HEIMDAL_KDC_1.0 { global: @@ -6,13 +6,20 @@ HEIMDAL_KDC_1.0 { kdc_log_msg; kdc_log_msg_va; kdc_openlog; + kdc_check_flags; krb5_kdc_windc_init; krb5_kdc_get_config; + krb5_kdc_pkinit_config; krb5_kdc_set_dbinfo; krb5_kdc_process_krb5_request; krb5_kdc_process_request; krb5_kdc_save_request; krb5_kdc_update_time; + krb5_kdc_pk_initialize; + + # needed for digest-service + _kdc_db_fetch; + _kdc_free_ent; local: *; }; diff --git a/kdc/windc.c b/kdc/windc.c index 395ab7343284..ba87abb7cc0b 100644 --- a/kdc/windc.c +++ b/kdc/windc.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" -RCSID("$Id: windc.c 20559 2007-04-24 16:00:07Z lha $"); - static krb5plugin_windc_ftable *windcft; static void *windcctx; @@ -55,15 +53,15 @@ krb5_kdc_windc_init(krb5_context context) for (e = list; e != NULL; e = _krb5_plugin_get_next(e)) { windcft = _krb5_plugin_get_symbol(e); - if (windcft->minor_version < KRB5_WINDC_PLUGING_MINOR) + if (windcft->minor_version < KRB5_WINDC_PLUGIN_MINOR) continue; - + (*windcft->init)(context, &windcctx); break; } + _krb5_plugin_free(list); if (e == NULL) { - _krb5_plugin_free(list); - krb5_set_error_string(context, "Did not find any WINDC plugin"); + krb5_set_error_message(context, ENOENT, "Did not find any WINDC plugin"); windcft = NULL; return ENOENT; } @@ -72,9 +70,9 @@ krb5_kdc_windc_init(krb5_context context) } -krb5_error_code +krb5_error_code _kdc_pac_generate(krb5_context context, - hdb_entry_ex *client, + hdb_entry_ex *client, krb5_pac *pac) { *pac = NULL; @@ -83,27 +81,47 @@ _kdc_pac_generate(krb5_context context, return (windcft->pac_generate)(windcctx, context, client, pac); } -krb5_error_code -_kdc_pac_verify(krb5_context context, +krb5_error_code +_kdc_pac_verify(krb5_context context, const krb5_principal client_principal, + const krb5_principal delegated_proxy_principal, hdb_entry_ex *client, hdb_entry_ex *server, - krb5_pac *pac) + hdb_entry_ex *krbtgt, + krb5_pac *pac, + int *verified) { - if (windcft == NULL) { - krb5_set_error_string(context, "Can't verify PAC, no function"); - return EINVAL; - } - return (windcft->pac_verify)(windcctx, context, - client_principal, client, server, pac); + krb5_error_code ret; + + if (windcft == NULL) + return 0; + + ret = windcft->pac_verify(windcctx, context, + client_principal, + delegated_proxy_principal, + client, server, krbtgt, pac); + if (ret == 0) + *verified = 1; + return ret; } krb5_error_code -_kdc_windc_client_access(krb5_context context, - struct hdb_entry_ex *client, - KDC_REQ *req) +_kdc_check_access(krb5_context context, + krb5_kdc_configuration *config, + hdb_entry_ex *client_ex, const char *client_name, + hdb_entry_ex *server_ex, const char *server_name, + KDC_REQ *req, + krb5_data *e_data) { if (windcft == NULL) - return 0; - return (windcft->client_access)(windcctx, context, client, req); + return kdc_check_flags(context, config, + client_ex, client_name, + server_ex, server_name, + req->msg_type == krb_as_req); + + return (windcft->client_access)(windcctx, + context, config, + client_ex, client_name, + server_ex, server_name, + req, e_data); } diff --git a/kdc/windc_plugin.h b/kdc/windc_plugin.h index ec480cf950c6..fa4ba434f3ed 100644 --- a/kdc/windc_plugin.h +++ b/kdc/windc_plugin.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: windc_plugin.h 19798 2007-01-10 15:24:51Z lha $ */ +/* $Id$ */ #ifndef HEIMDAL_KRB5_PAC_PLUGIN_H #define HEIMDAL_KRB5_PAC_PLUGIN_H 1 @@ -51,23 +51,30 @@ struct hdb_entry_ex; -typedef krb5_error_code +typedef krb5_error_code (*krb5plugin_windc_pac_generate)(void *, krb5_context, struct hdb_entry_ex *, krb5_pac *); -typedef krb5_error_code +typedef krb5_error_code (*krb5plugin_windc_pac_verify)(void *, krb5_context, - const krb5_principal, - struct hdb_entry_ex *, - struct hdb_entry_ex *, + const krb5_principal, /* new ticket client */ + const krb5_principal, /* delegation proxy */ + struct hdb_entry_ex *,/* client */ + struct hdb_entry_ex *,/* server */ + struct hdb_entry_ex *,/* krbtgt */ krb5_pac *); -typedef krb5_error_code +typedef krb5_error_code (*krb5plugin_windc_client_access)( - void *, krb5_context, struct hdb_entry_ex *, KDC_REQ *); + void *, krb5_context, + krb5_kdc_configuration *config, + hdb_entry_ex *, const char *, + hdb_entry_ex *, const char *, + KDC_REQ *, krb5_data *); -#define KRB5_WINDC_PLUGING_MINOR 2 +#define KRB5_WINDC_PLUGIN_MINOR 6 +#define KRB5_WINDC_PLUGING_MINOR KRB5_WINDC_PLUGIN_MINOR typedef struct krb5plugin_windc_ftable { int minor_version; diff --git a/kpasswd/Makefile.am b/kpasswd/Makefile.am index ecfb752e39dd..4965cea3cfff 100644 --- a/kpasswd/Makefile.am +++ b/kpasswd/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -19,7 +19,6 @@ kpasswdd_SOURCES = kpasswdd.c kpasswd_locl.h kpasswdd_LDADD = \ $(top_builddir)/lib/kadm5/libkadm5srv.la \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(LDADD) \ $(LIB_pidfile) \ $(LIB_dlopen) \ @@ -30,4 +29,4 @@ LDADD = $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) diff --git a/kpasswd/Makefile.in b/kpasswd/Makefile.in index 5c0e6db071db..01d418fd6ec8 100644 --- a/kpasswd/Makefile.in +++ b/kpasswd/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -47,7 +49,7 @@ noinst_PROGRAMS = kpasswd-generator$(EXEEXT) subdir = kpasswd ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -62,7 +64,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -76,9 +78,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -86,16 +91,15 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" \ "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) $(noinst_PROGRAMS) am_kpasswd_OBJECTS = kpasswd.$(OBJEXT) kpasswd_OBJECTS = $(am_kpasswd_OBJECTS) @@ -116,12 +120,12 @@ am__DEPENDENCIES_2 = $(top_builddir)/lib/krb5/libkrb5.la \ $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ $(am__DEPENDENCIES_1) kpasswdd_DEPENDENCIES = $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = + $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_2) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -134,6 +138,27 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ SOURCES = $(kpasswd_SOURCES) kpasswd-generator.c $(kpasswdd_SOURCES) DIST_SOURCES = $(kpasswd_SOURCES) kpasswd-generator.c \ $(kpasswdd_SOURCES) +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man1dir = $(mandir)/man1 man8dir = $(mandir)/man8 MANS = $(man_MANS) @@ -144,49 +169,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -210,10 +244,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -230,6 +265,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -245,31 +282,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -284,10 +335,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -328,30 +381,34 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_hcrypto) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_hcrypto) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la man_MANS = kpasswd.1 kpasswdd.8 kpasswd_SOURCES = kpasswd.c kpasswd_locl.h @@ -359,7 +416,6 @@ kpasswdd_SOURCES = kpasswdd.c kpasswd_locl.h kpasswdd_LDADD = \ $(top_builddir)/lib/kadm5/libkadm5srv.la \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(LDADD) \ $(LIB_pidfile) \ $(LIB_dlopen) \ @@ -370,23 +426,23 @@ LDADD = $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) +EXTRA_DIST = NTMakefile $(man_MANS) all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps kpasswd/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps kpasswd/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign kpasswd/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign kpasswd/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -404,69 +460,102 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list kpasswd$(EXEEXT): $(kpasswd_OBJECTS) $(kpasswd_DEPENDENCIES) @rm -f kpasswd$(EXEEXT) $(LINK) $(kpasswd_OBJECTS) $(kpasswd_LDADD) $(LIBS) @@ -483,160 +572,179 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kpasswd-generator.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kpasswd.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kpasswdd.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) +install-man1: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + uninstall-man1: @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } +install-man8: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + uninstall-man8: @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -652,13 +760,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -693,6 +805,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -703,6 +816,7 @@ clean-am: clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ clean-libtool clean-noinstPROGRAMS mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -713,6 +827,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -720,26 +836,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS install-libexecPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man1 install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -760,11 +885,10 @@ uninstall-am: uninstall-binPROGRAMS uninstall-libexecPROGRAMS \ uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man1 uninstall-man8 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ @@ -853,6 +977,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -938,7 +1065,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -951,6 +1078,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/kpasswd/NTMakefile b/kpasswd/NTMakefile new file mode 100644 index 000000000000..382ae083ccec --- /dev/null +++ b/kpasswd/NTMakefile @@ -0,0 +1,51 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=kpasswd + +!include ../windows/NTMakefile.w32 + +BINPROGRAMS=\ + $(BINDIR)\kpasswd.exe + +KPASSWDLIBS=\ + $(LIBROKEN) \ + $(LIBHEIMDAL) \ + $(LIBVERS) + +$(BINDIR)\kpasswd.exe: $(OBJ)\kpasswd.obj $(KPASSWDLIBS) + $(EXECONLINK) + $(EXEPREP) + +all:: $(BINPROGRAMS) + +clean:: + -$(RM) $(BINPROGRAMS) diff --git a/kpasswd/kpasswd-generator.c b/kpasswd/kpasswd-generator.c index e37f86980fe6..952531d3048a 100644 --- a/kpasswd/kpasswd-generator.c +++ b/kpasswd/kpasswd-generator.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kpasswd_locl.h" -RCSID("$Id: kpasswd-generator.c 19233 2006-12-06 08:04:05Z lha $"); +RCSID("$Id$"); static unsigned read_words (const char *filename, char ***ret_w) @@ -58,6 +58,7 @@ read_words (const char *filename, char ***ret_w) *ret_w = w; if (n == 0) errx(1, "%s is an empty file, no words to try", filename); + fclose(f); return n; } @@ -140,10 +141,14 @@ generate_requests (const char *filename, unsigned nreq) krb5_free_principal (context, principal); - ret = krb5_change_password (context, &cred, new_pwd, - &result_code, - &result_code_string, - &result_string); + + ret = krb5_set_password (context, + &cred, + new_pwd, + NULL, + &result_code, + &result_code_string, + &result_string); if (ret) krb5_err (context, 1, ret, "krb5_change_password"); diff --git a/kpasswd/kpasswd.1 b/kpasswd/kpasswd.1 index 6d2c7c9227dc..679b38924f32 100644 --- a/kpasswd/kpasswd.1 +++ b/kpasswd/kpasswd.1 @@ -1,35 +1,35 @@ -.\" Copyright (c) 1997, 2000 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 1997, 2000 - 2005 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kpasswd.1 14478 2005-01-05 16:08:58Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd January 5, 2005 .Dt KPASSWD 1 @@ -39,9 +39,9 @@ .Nd Kerberos 5 password changing program .Sh SYNOPSIS .Nm -.Op Fl -admin-principal= Ns Ar principal +.Op Fl Fl admin-principal= Ns Ar principal .Oo Fl c Ar cache \*(Ba Xo -.Fl -cache= Ns Ar cache +.Fl Fl cache= Ns Ar cache .Xc .Oc .Op Ar principal ... @@ -58,7 +58,7 @@ If the administrator isn't specified on the command prompt, the principal of the default credential cache will be used. .Pp If a credential cache is given, the -.Fl -admin-principal +.Fl Fl admin-principal flag is ignored and use the default name of the credential cache is used instead. .Sh DIAGNOSTICS diff --git a/kpasswd/kpasswd.c b/kpasswd/kpasswd.c index b844628f6f08..e681a359d464 100644 --- a/kpasswd/kpasswd.c +++ b/kpasswd/kpasswd.c @@ -1,38 +1,38 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kpasswd_locl.h" -RCSID("$Id: kpasswd.c 19078 2006-11-20 18:12:41Z lha $"); +RCSID("$Id$"); static int version_flag; static int help_flag; @@ -40,10 +40,11 @@ static char *admin_principal_str; static char *cred_cache_str; static struct getargs args[] = { - { "admin-principal", 0, arg_string, &admin_principal_str }, - { "cache", 'c', arg_string, &cred_cache_str }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "admin-principal", 0, arg_string, &admin_principal_str, NULL, + NULL }, + { "cache", 'c', arg_string, &cred_cache_str, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static void @@ -117,33 +118,32 @@ main (int argc, char **argv) krb5_error_code ret; krb5_context context; krb5_principal principal; - int optind = 0; krb5_get_init_creds_opt *opt; krb5_ccache id = NULL; int exit_value; + int optidx = 0; - optind = krb5_program_setup(&context, argc, argv, - args, sizeof(args) / sizeof(args[0]), usage); + setprogname(argv[0]); + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) + usage(1, args, sizeof(args) / sizeof(args[0])); if (help_flag) - usage (0, args, sizeof(args) / sizeof(args[0])); - - if(version_flag){ - print_version (NULL); - exit(0); + usage(0, args, sizeof(args) / sizeof(args[0])); + if (version_flag) { + print_version(NULL); + return 0; } - - argc -= optind; - argv += optind; + argc -= optidx; + argv += optidx; ret = krb5_init_context (&context); if (ret) errx (1, "krb5_init_context failed: %d", ret); - + ret = krb5_get_init_creds_opt_alloc (context, &opt); if (ret) krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc"); - + krb5_get_init_creds_opt_set_tkt_life (opt, 300); krb5_get_init_creds_opt_set_forwardable (opt, FALSE); krb5_get_init_creds_opt_set_proxiable (opt, FALSE); @@ -153,9 +153,9 @@ main (int argc, char **argv) if (ret) krb5_err (context, 1, ret, "krb5_cc_resolve"); } else { - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); + ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, &id); if (ret) - krb5_err (context, 1, ret, "krb5_cc_gen_new"); + krb5_err (context, 1, ret, "krb5_cc_new_unique"); } if (cred_cache_str == NULL) { @@ -198,18 +198,18 @@ main (int argc, char **argv) default: krb5_err(context, 1, ret, "krb5_get_init_creds"); } - + krb5_get_init_creds_opt_free(context, opt); - + ret = krb5_cc_initialize(context, id, admin_principal); krb5_free_principal(context, admin_principal); if (ret) krb5_err(context, 1, ret, "krb5_cc_initialize"); - ret = krb5_cc_store_cred(context, id, &cred); + ret = krb5_cc_store_cred(context, id, &cred); if (ret) krb5_err(context, 1, ret, "krb5_cc_store_cred"); - + krb5_free_cred_contents (context, &cred); } @@ -243,5 +243,5 @@ main (int argc, char **argv) } krb5_free_context (context); - return ret; + return exit_value; } diff --git a/kpasswd/kpasswd.cat1 b/kpasswd/kpasswd.cat1 new file mode 100644 index 000000000000..50fc44f30b7a --- /dev/null +++ b/kpasswd/kpasswd.cat1 @@ -0,0 +1,32 @@ + +KPASSWD(1) BSD General Commands Manual KPASSWD(1) + +NNAAMMEE + kkppaasssswwdd -- Kerberos 5 password changing program + +SSYYNNOOPPSSIISS + kkppaasssswwdd [----aaddmmiinn--pprriinncciippaall==_p_r_i_n_c_i_p_a_l] [--cc _c_a_c_h_e | ----ccaacchhee==_c_a_c_h_e] + [_p_r_i_n_c_i_p_a_l _._._.] + +DDEESSCCRRIIPPTTIIOONN + kkppaasssswwdd is the client for changing passwords. + + If administrator principal is given that principal is used to change the + password. + + Multiple passwords for different users can be changed at the same time, + then the administrator principal will be used. If the administrator + isn't specified on the command prompt, the principal of the default cre- + dential cache will be used. + + If a credential cache is given, the ----aaddmmiinn--pprriinncciippaall flag is ignored and + use the default name of the credential cache is used instead. + +DDIIAAGGNNOOSSTTIICCSS + If the password quality check fails or some other error occurs, an expla- + nation is printed. + +SSEEEE AALLSSOO + kpasswdd(8) + +HEIMDAL January 5, 2005 HEIMDAL diff --git a/kpasswd/kpasswd_locl.h b/kpasswd/kpasswd_locl.h index b797ceb26de9..a1ed2e3762bf 100644 --- a/kpasswd/kpasswd_locl.h +++ b/kpasswd/kpasswd_locl.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: kpasswd_locl.h 11444 2002-09-10 20:03:49Z joda $ */ +/* $Id$ */ #ifndef __KPASSWD_LOCL_H__ #define __KPASSWD_LOCL_H__ diff --git a/kpasswd/kpasswdd.8 b/kpasswd/kpasswdd.8 index ab750bd4993c..d68aca256316 100644 --- a/kpasswd/kpasswdd.8 +++ b/kpasswd/kpasswdd.8 @@ -1,4 +1,33 @@ -.\" $Id: kpasswdd.8 14481 2005-01-05 18:07:44Z lha $ +.\" Copyright (c) 1997, 2000 - 2005 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. .\" .Dd April 19, 1999 .Dt KPASSWDD 8 @@ -9,23 +38,23 @@ .Sh SYNOPSIS .Nm .Bk -words -.Op Fl -addresses= Ns Ar address -.Op Fl -check-library= Ns Ar library -.Op Fl -check-function= Ns Ar function +.Op Fl Fl addresses= Ns Ar address +.Op Fl Fl check-library= Ns Ar library +.Op Fl Fl check-function= Ns Ar function .Oo Fl k Ar kspec \*(Ba Xo -.Fl -keytab= Ns Ar kspec +.Fl Fl keytab= Ns Ar kspec .Xc .Oc .Oo Fl r Ar realm \*(Ba Xo -.Fl -realm= Ns Ar realm +.Fl Fl realm= Ns Ar realm .Xc .Oc .Oo Fl p Ar string \*(Ba Xo -.Fl -port= Ns Ar string +.Fl Fl port= Ns Ar string .Xc .Oc -.Op Fl -version -.Op Fl -help +.Op Fl Fl version +.Op Fl Fl help .Ek .Sh DESCRIPTION .Nm @@ -35,20 +64,14 @@ the database directly and should thus only run on the master KDC. .Pp Supported options: .Bl -tag -width Ds -.It Xo -.Fl -addresses= Ns Ar address -.Xc +.It Fl Fl addresses= Ns Ar address For each till the argument is given, add the address to what kpasswdd should listen too. -.It Xo -.Fl -check-library= Ns Ar library -.Xc +.It Fl Fl check-library= Ns Ar library If your system has support for dynamic loading of shared libraries, you can use an external function to check password quality. This option specifies which library to load. -.It Xo -.Fl -check-function= Ns Ar function -.Xc +.It Fl Fl check-function= Ns Ar function This is the function to call in the loaded library. The function should look like this: .Pp @@ -63,20 +86,11 @@ is the one who tries to change passwords, and is the new password. Note that the password (in .Fa password->data ) is not zero terminated. -.It Xo -.Fl k Ar kspec , -.Fl -keytab= Ns Ar kspec -.Xc +.It Fl k Ar kspec , Fl Fl keytab= Ns Ar kspec Keytab to get authentication key from. -.It Xo -.Fl r Ar realm , -.Fl -realm= Ns Ar realm -.Xc +.It Fl r Ar realm , Fl Fl realm= Ns Ar realm Default realm. -.It Xo -.Fl p Ar string , -.Fl -port= Ns Ar string -.Xc +.It Fl p Ar string , Fl Fl port= Ns Ar string Port to listen on (default service kpasswd - 464). .El .Sh DIAGNOSTICS diff --git a/kpasswd/kpasswdd.c b/kpasswd/kpasswdd.c index 5b4119c897b5..cc1ac25f30d3 100644 --- a/kpasswd/kpasswdd.c +++ b/kpasswd/kpasswdd.c @@ -1,38 +1,38 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kpasswd_locl.h" -RCSID("$Id: kpasswdd.c 22252 2007-12-09 05:59:34Z lha $"); +RCSID("$Id$"); #include #ifdef HAVE_SYS_UN_H @@ -244,14 +244,14 @@ change (krb5_auth_context auth_context, const char *pwd_reason; kadm5_config_params conf; void *kadm5_handle = NULL; - krb5_principal principal; + krb5_principal principal = NULL; krb5_data *pwd_data = NULL; char *tmp; ChangePasswdDataMS chpw; memset (&conf, 0, sizeof(conf)); memset(&chpw, 0, sizeof(chpw)); - + if (version == KRB5_KPASSWD_VERS_CHANGEPW) { ret = krb5_copy_data(context, in_data, &pwd_data); if (ret) { @@ -272,7 +272,7 @@ change (krb5_auth_context auth_context, "malformed ChangePasswdData"); return; } - + ret = krb5_copy_data(context, &chpw.newpasswd, &pwd_data); if (ret) { @@ -284,7 +284,7 @@ change (krb5_auth_context auth_context, if (chpw.targname == NULL && chpw.targrealm != NULL) { krb5_warn (context, ret, "kadm5_init_with_password_ctx"); - reply_priv (auth_context, s, sa, sa_size, + reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_MALFORMED, "targrealm but not targname"); goto out; @@ -299,10 +299,10 @@ change (krb5_auth_context auth_context, ret = krb5_get_default_realm(context, &princ.realm); if (ret) { - krb5_warnx (context, + krb5_warnx (context, "kadm5_init_with_password_ctx: " "failed to allocate realm"); - reply_priv (auth_context, s, sa, sa_size, + reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_SOFTERROR, "failed to allocate realm"); goto out; @@ -313,7 +313,7 @@ change (krb5_auth_context auth_context, free(princ.realm); if (ret) { krb5_warn(context, ret, "krb5_copy_principal"); - reply_priv(auth_context, s, sa, sa_size, + reply_priv(auth_context, s, sa, sa_size, KRB5_KPASSWD_HARDERROR, "failed to allocate principal"); goto out; @@ -322,7 +322,7 @@ change (krb5_auth_context auth_context, principal = admin_principal; } else { krb5_warnx (context, "kadm5_init_with_password_ctx: unknown proto"); - reply_priv (auth_context, s, sa, sa_size, + reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_HARDERROR, "Unknown protocol used"); return; @@ -331,7 +331,7 @@ change (krb5_auth_context auth_context, ret = krb5_unparse_name (context, admin_principal, &admin); if (ret) { krb5_warn (context, ret, "unparse_name failed"); - reply_priv (auth_context, s, sa, sa_size, + reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_HARDERROR, "out of memory error"); goto out; } @@ -339,11 +339,11 @@ change (krb5_auth_context auth_context, conf.realm = principal->realm; conf.mask |= KADM5_CONFIG_REALM; - ret = kadm5_init_with_password_ctx(context, + ret = kadm5_init_with_password_ctx(context, admin, NULL, KADM5_ADMIN_SERVICE, - &conf, 0, 0, + &conf, 0, 0, &kadm5_handle); if (ret) { krb5_warn (context, ret, "kadm5_init_with_password_ctx"); @@ -355,7 +355,7 @@ change (krb5_auth_context auth_context, ret = krb5_unparse_name(context, principal, &client); if (ret) { krb5_warn (context, ret, "unparse_name failed"); - reply_priv (auth_context, s, sa, sa_size, + reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_HARDERROR, "out of memory error"); goto out; } @@ -366,25 +366,25 @@ change (krb5_auth_context auth_context, if (krb5_principal_compare(context, admin_principal, principal) == TRUE) { - pwd_reason = kadm5_check_password_quality (context, principal, + pwd_reason = kadm5_check_password_quality (context, principal, pwd_data); if (pwd_reason != NULL ) { - krb5_warnx (context, + krb5_warnx (context, "%s didn't pass password quality check with error: %s", client, pwd_reason); - reply_priv (auth_context, s, sa, sa_size, + reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_SOFTERROR, pwd_reason); goto out; } krb5_warnx (context, "Changing password for %s", client); } else { - ret = _kadm5_acl_check_permission(kadm5_handle, KADM5_PRIV_CPW, + ret = _kadm5_acl_check_permission(kadm5_handle, KADM5_PRIV_CPW, principal); if (ret) { - krb5_warn (context, ret, + krb5_warn (context, ret, "Check ACL failed for %s for changing %s password", admin, client); - reply_priv (auth_context, s, sa, sa_size, + reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_HARDERROR, "permission denied"); goto out; } @@ -405,17 +405,19 @@ change (krb5_auth_context auth_context, krb5_free_data (context, pwd_data); pwd_data = NULL; if (ret) { - char *str = krb5_get_error_message(context, ret); + const char *str = krb5_get_error_message(context, ret); krb5_warnx(context, "kadm5_s_chpass_principal_cond: %s", str); reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_SOFTERROR, str ? str : "Internal error"); - krb5_free_error_string(context, str); + krb5_free_error_message(context, str); goto out; } reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_SUCCESS, "Password changed"); out: free_ChangePasswdDataMS(&chpw); + if (principal != admin_principal) + krb5_free_principal(context, principal); if (admin) free(admin); if (client) @@ -445,13 +447,27 @@ verify (krb5_auth_context *auth_context, krb5_data krb_priv_data; krb5_realm *r; + /* + * Only send an error reply if the request passes basic length + * verification. Otherwise, kpasswdd would reply to every UDP packet, + * allowing an attacker to set up a ping-pong DoS attack via a spoofed UDP + * packet with a source address of another UDP service that also replies + * to every packet. + * + * Also suppress the error reply if ap_req_len is 0, which indicates + * either an invalid request or an error packet. An error packet may be + * the result of a ping-pong attacker pointing us at another kpasswdd. + */ pkt_len = (msg[0] << 8) | (msg[1]); pkt_ver = (msg[2] << 8) | (msg[3]); ap_req_len = (msg[4] << 8) | (msg[5]); if (pkt_len != len) { - krb5_warnx (context, "Strange len: %ld != %ld", + krb5_warnx (context, "Strange len: %ld != %ld", (long)pkt_len, (long)len); - reply_error (NULL, s, sa, sa_size, 0, 1, "Bad request"); + return 1; + } + if (ap_req_len == 0) { + krb5_warnx (context, "Request is error packet (ap_req_len == 0)"); return 1; } if (pkt_ver != KRB5_KPASSWD_VERS_CHANGEPW && @@ -483,7 +499,7 @@ verify (krb5_auth_context *auth_context, krb5_principal principal; krb5_boolean same; - ret = krb5_make_principal (context, + ret = krb5_make_principal (context, &principal, *r, "kadmin", @@ -529,10 +545,10 @@ verify (krb5_auth_context *auth_context, &krb_priv_data, out_data, NULL); - + if (ret) { krb5_warn (context, ret, "krb5_rd_priv"); - reply_error ((*ticket)->server->realm, s, sa, sa_size, ret, 3, + reply_error ((*ticket)->server->realm, s, sa, sa_size, ret, 3, "Bad request"); goto out; } @@ -640,7 +656,7 @@ doit (krb5_keytab keytab, int port) krb5_socklen_t sa_size = sizeof(__ss); krb5_addr2sockaddr (context, &addrs.val[i], sa, &sa_size, port); - + sockets[i] = socket (sa->sa_family, SOCK_DGRAM, 0); if (sockets[i] < 0) krb5_err (context, 1, errno, "socket"); @@ -664,11 +680,11 @@ doit (krb5_keytab keytab, int port) krb5_errx (context, 1, "No sockets!"); while(exit_flag == 0) { - int ret; + krb5_ssize_t retx; fd_set fdset = real_fdset; - ret = select (maxfd + 1, &fdset, NULL, NULL, NULL); - if (ret < 0) { + retx = select (maxfd + 1, &fdset, NULL, NULL, NULL); + if (retx < 0) { if (errno == EINTR) continue; else @@ -679,9 +695,9 @@ doit (krb5_keytab keytab, int port) u_char buf[BUFSIZ]; socklen_t addrlen = sizeof(__ss); - ret = recvfrom (sockets[i], buf, sizeof(buf), 0, + retx = recvfrom(sockets[i], buf, sizeof(buf), 0, sa, &addrlen); - if (ret < 0) { + if (retx < 0) { if(errno == EINTR) break; else @@ -691,7 +707,7 @@ doit (krb5_keytab keytab, int port) process (realms, keytab, sockets[i], &addrs.val[i], sa, addrlen, - buf, ret); + buf, retx); } } @@ -714,7 +730,8 @@ sigterm(int sig) static const char *check_library = NULL; static const char *check_function = NULL; static getarg_strings policy_libraries = { 0, NULL }; -static char *keytab_str = "HDB:"; +static char sHDB[] = "HDB:"; +static char *keytab_str = sHDB; static char *realm_str; static int version_flag; static int help_flag; @@ -723,7 +740,7 @@ static char *config_file; struct getargs args[] = { #ifdef HAVE_DLOPEN - { "check-library", 0, arg_string, &check_library, + { "check-library", 0, arg_string, &check_library, "library to load password check function from", "library" }, { "check-function", 0, arg_string, &check_function, "password check function to load", "function" }, @@ -732,27 +749,26 @@ struct getargs args[] = { #endif { "addresses", 0, arg_strings, &addresses_str, "addresses to listen on", "list of addresses" }, - { "keytab", 'k', arg_string, &keytab_str, + { "keytab", 'k', arg_string, &keytab_str, "keytab to get authentication key from", "kspec" }, - { "config-file", 'c', arg_string, &config_file }, + { "config-file", 'c', arg_string, &config_file, NULL, NULL }, { "realm", 'r', arg_string, &realm_str, "default realm", "realm" }, - { "port", 'p', arg_string, &port_str, "port" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "port", 'p', arg_string, &port_str, "port", NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; int num_args = sizeof(args) / sizeof(args[0]); int main (int argc, char **argv) { - int optind; krb5_keytab keytab; krb5_error_code ret; char **files; int port, i; - - optind = krb5_program_setup(&context, argc, argv, args, num_args, NULL); - + + krb5_program_setup(&context, argc, argv, args, num_args, NULL); + if(help_flag) krb5_std_usage(0, args, num_args); if(version_flag) { @@ -777,7 +793,7 @@ main (int argc, char **argv) if(realm_str) krb5_set_default_realm(context, realm_str); - + krb5_openlog (context, "kpasswdd", &log_facility); krb5_set_warn_dest(context, log_facility); @@ -804,11 +820,11 @@ main (int argc, char **argv) ret = krb5_kt_resolve(context, keytab_str, &keytab); if(ret) krb5_err(context, 1, ret, "%s", keytab_str); - + kadm5_setup_passwd_quality_check (context, check_library, check_function); for (i = 0; i < policy_libraries.num_strings; i++) { - ret = kadm5_add_passwd_quality_verifier(context, + ret = kadm5_add_passwd_quality_verifier(context, policy_libraries.strings[i]); if (ret) krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); @@ -821,10 +837,10 @@ main (int argc, char **argv) explicit_addresses.len = 0; if (addresses_str.num_strings) { - int i; + int j; - for (i = 0; i < addresses_str.num_strings; ++i) - add_one_address (addresses_str.strings[i], i == 0); + for (j = 0; j < addresses_str.num_strings; ++j) + add_one_address (addresses_str.strings[j], j == 0); free_getarg_strings (&addresses_str); } else { char **foo = krb5_config_get_strings (context, NULL, diff --git a/kpasswd/kpasswdd.cat8 b/kpasswd/kpasswdd.cat8 new file mode 100644 index 000000000000..88b93e81b826 --- /dev/null +++ b/kpasswd/kpasswdd.cat8 @@ -0,0 +1,59 @@ + +KPASSWDD(8) BSD System Manager's Manual KPASSWDD(8) + +NNAAMMEE + kkppaasssswwdddd -- Kerberos 5 password changing server + +SSYYNNOOPPSSIISS + kkppaasssswwdddd [----aaddddrreesssseess==_a_d_d_r_e_s_s] [----cchheecckk--lliibbrraarryy==_l_i_b_r_a_r_y] + [----cchheecckk--ffuunnccttiioonn==_f_u_n_c_t_i_o_n] [--kk _k_s_p_e_c | ----kkeeyyttaabb==_k_s_p_e_c] [--rr + _r_e_a_l_m | ----rreeaallmm==_r_e_a_l_m] [--pp _s_t_r_i_n_g | ----ppoorrtt==_s_t_r_i_n_g] [----vveerrssiioonn] + [----hheellpp] + +DDEESSCCRRIIPPTTIIOONN + kkppaasssswwdddd serves request for password changes. It listens on UDP port 464 + (service kpasswd) and processes requests when they arrive. It changes the + database directly and should thus only run on the master KDC. + + Supported options: + + ----aaddddrreesssseess==_a_d_d_r_e_s_s + For each till the argument is given, add the address to what + kpasswdd should listen too. + + ----cchheecckk--lliibbrraarryy==_l_i_b_r_a_r_y + If your system has support for dynamic loading of shared + libraries, you can use an external function to check password + quality. This option specifies which library to load. + + ----cchheecckk--ffuunnccttiioonn==_f_u_n_c_t_i_o_n + This is the function to call in the loaded library. The function + should look like this: + + _c_o_n_s_t _c_h_a_r _* ppaasssswwdd__cchheecckk(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l + _p_r_i_n_c_i_p_a_l, _k_r_b_5___d_a_t_a _*_p_a_s_s_w_o_r_d) + + _c_o_n_t_e_x_t is an initialized context; _p_r_i_n_c_i_p_a_l is the one who tries + to change passwords, and _p_a_s_s_w_o_r_d is the new password. Note that + the password (in _p_a_s_s_w_o_r_d_-_>_d_a_t_a) is not zero terminated. + + --kk _k_s_p_e_c, ----kkeeyyttaabb==_k_s_p_e_c + Keytab to get authentication key from. + + --rr _r_e_a_l_m, ----rreeaallmm==_r_e_a_l_m + Default realm. + + --pp _s_t_r_i_n_g, ----ppoorrtt==_s_t_r_i_n_g + Port to listen on (default service kpasswd - 464). + +DDIIAAGGNNOOSSTTIICCSS + If an error occurs, the error message is returned to the user and/or + logged to syslog. + +BBUUGGSS + The default password quality checks are too basic. + +SSEEEE AALLSSOO + kpasswd(1), kdc(8) + +HEIMDAL April 19, 1999 HEIMDAL diff --git a/kuser/Makefile.am b/kuser/Makefile.am index 619d8f8562dd..72f01d3ca69f 100644 --- a/kuser/Makefile.am +++ b/kuser/Makefile.am @@ -1,22 +1,24 @@ -# $Id: Makefile.am 22285 2007-12-13 20:40:57Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -AM_CPPFLAGS += $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 +AM_CPPFLAGS += $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 \ + $(INCLUDE_libintl) \ + -DHEIMDAL_LOCALEDIR='"$(localedir)"' man_MANS = \ kinit.1 \ klist.1 \ kdestroy.1 \ + kswitch.1 \ + kdigest.8 \ kgetcred.1 \ - kimpersonate.1 + kimpersonate.8 -SLC = $(top_builddir)/lib/sl/slc - -bin_PROGRAMS = kinit klist kdestroy kgetcred +bin_PROGRAMS = kinit kdestroy kgetcred kcc libexec_PROGRAMS = kdigest kimpersonate -noinst_PROGRAMS = kverify kdecode_ticket generate-requests copy_cred_cache +noinst_PROGRAMS = kverify kdecode_ticket generate-requests kinit_LDADD = \ $(LIB_kafs) \ @@ -24,14 +26,23 @@ kinit_LDADD = \ $(top_builddir)/lib/ntlm/libheimntlm.la \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_libintl) \ $(LIB_roken) kdestroy_LDADD = $(kinit_LDADD) -klist_LDADD = $(kinit_LDADD) - kimpersonate_LDADD = $(kinit_LDADD) +kcc_LDADD = \ + $(top_builddir)/lib/sl/libsl.la \ + $(kinit_LDADD) \ + $(LIB_readline) + +dist_kcc_SOURCES = kcc.c klist.c kswitch.c copy_cred_cache.c +nodist_kcc_SOURCES = kcc-commands.c + +$(kcc_OBJECTS): kcc-commands.h + dist_kdigest_SOURCES = kdigest.c nodist_kdigest_SOURCES = kdigest-commands.c @@ -45,20 +56,33 @@ kdigest_LDADD = \ $(kdigest_OBJECTS): kdigest-commands.h -CLEANFILES = kdigest-commands.h kdigest-commands.c +CLEANFILES = \ + kdigest-commands.h kdigest-commands.c \ + kcc-commands.h kcc-commands.c kdigest-commands.c kdigest-commands.h: kdigest-commands.in $(SLC) $(srcdir)/kdigest-commands.in +kcc-commands.c kcc-commands.h: kcc-commands.in + $(SLC) $(srcdir)/kcc-commands.in + LDADD = \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) +EXTRA_DIST = NTMakefile $(man_MANS) \ + kcc-version.rc \ + kdestroy-version.rc \ + kdigest-version.rc \ + kgetcred-version.rc \ + kimpersonate-version.rc \ + kinit-version.rc \ + kuser_locl.h kcc-commands.in kdigest-commands.in copy_cred_cache.1 + # make sure install-exec-hook doesn't have any commands in Makefile.am.common install-exec-hook: - (cd $(DESTDIR)$(bindir) && rm -f kauth && $(LN_S) kinit kauth) - -EXTRA_DIST = $(man_MANS) kuser_locl.h kdigest-commands.in copy_cred_cache.1 + (cd $(DESTDIR)$(bindir) && rm -f klist && $(LN_S) kcc klist) + (cd $(DESTDIR)$(bindir) && rm -f kswitch && $(LN_S) kcc kswitch) diff --git a/kuser/Makefile.in b/kuser/Makefile.in index 8616bf3869ef..f3ab34c959f3 100644 --- a/kuser/Makefile.in +++ b/kuser/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 22285 2007-12-13 20:40:57Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -41,15 +43,15 @@ host_triplet = @host@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ $(top_srcdir)/Makefile.am.common \ $(top_srcdir)/cf/Makefile.am.common -bin_PROGRAMS = kinit$(EXEEXT) klist$(EXEEXT) kdestroy$(EXEEXT) \ - kgetcred$(EXEEXT) +bin_PROGRAMS = kinit$(EXEEXT) kdestroy$(EXEEXT) kgetcred$(EXEEXT) \ + kcc$(EXEEXT) libexec_PROGRAMS = kdigest$(EXEEXT) kimpersonate$(EXEEXT) noinst_PROGRAMS = kverify$(EXEEXT) kdecode_ticket$(EXEEXT) \ - generate-requests$(EXEEXT) copy_cred_cache$(EXEEXT) + generate-requests$(EXEEXT) subdir = kuser ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -64,7 +66,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -78,9 +80,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -88,30 +93,36 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" \ - "$(DESTDIR)$(man1dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) + "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)" PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) $(noinst_PROGRAMS) -copy_cred_cache_SOURCES = copy_cred_cache.c -copy_cred_cache_OBJECTS = copy_cred_cache.$(OBJEXT) -copy_cred_cache_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -copy_cred_cache_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) generate_requests_SOURCES = generate-requests.c generate_requests_OBJECTS = generate-requests.$(OBJEXT) generate_requests_LDADD = $(LDADD) +am__DEPENDENCIES_1 = generate_requests_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ $(am__DEPENDENCIES_1) +dist_kcc_OBJECTS = kcc.$(OBJEXT) klist.$(OBJEXT) kswitch.$(OBJEXT) \ + copy_cred_cache.$(OBJEXT) +nodist_kcc_OBJECTS = kcc-commands.$(OBJEXT) +kcc_OBJECTS = $(dist_kcc_OBJECTS) $(nodist_kcc_OBJECTS) +am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ + $(am__DEPENDENCIES_1) +am__DEPENDENCIES_3 = $(am__DEPENDENCIES_2) \ + $(top_builddir)/lib/krb5/libkrb5.la \ + $(top_builddir)/lib/ntlm/libheimntlm.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) +kcc_DEPENDENCIES = $(top_builddir)/lib/sl/libsl.la \ + $(am__DEPENDENCIES_3) $(am__DEPENDENCIES_1) kdecode_ticket_SOURCES = kdecode_ticket.c kdecode_ticket_OBJECTS = kdecode_ticket.$(OBJEXT) kdecode_ticket_LDADD = $(LDADD) @@ -120,12 +131,6 @@ kdecode_ticket_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ $(am__DEPENDENCIES_1) kdestroy_SOURCES = kdestroy.c kdestroy_OBJECTS = kdestroy.$(OBJEXT) -am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ - $(am__DEPENDENCIES_1) -am__DEPENDENCIES_3 = $(am__DEPENDENCIES_2) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/ntlm/libheimntlm.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) kdestroy_DEPENDENCIES = $(am__DEPENDENCIES_3) dist_kdigest_OBJECTS = kdigest.$(OBJEXT) nodist_kdigest_OBJECTS = kdigest-commands.$(OBJEXT) @@ -148,19 +153,17 @@ kinit_OBJECTS = kinit.$(OBJEXT) kinit_DEPENDENCIES = $(am__DEPENDENCIES_2) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/ntlm/libheimntlm.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -klist_SOURCES = klist.c -klist_OBJECTS = klist.$(OBJEXT) -klist_DEPENDENCIES = $(am__DEPENDENCIES_3) + $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) kverify_SOURCES = kverify.c kverify_OBJECTS = kverify.$(OBJEXT) kverify_LDADD = $(LDADD) kverify_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -170,13 +173,36 @@ CCLD = $(CC) LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ -SOURCES = copy_cred_cache.c generate-requests.c kdecode_ticket.c \ - kdestroy.c $(dist_kdigest_SOURCES) $(nodist_kdigest_SOURCES) \ - kgetcred.c kimpersonate.c kinit.c klist.c kverify.c -DIST_SOURCES = copy_cred_cache.c generate-requests.c kdecode_ticket.c \ - kdestroy.c $(dist_kdigest_SOURCES) kgetcred.c kimpersonate.c \ - kinit.c klist.c kverify.c +SOURCES = generate-requests.c $(dist_kcc_SOURCES) \ + $(nodist_kcc_SOURCES) kdecode_ticket.c kdestroy.c \ + $(dist_kdigest_SOURCES) $(nodist_kdigest_SOURCES) kgetcred.c \ + kimpersonate.c kinit.c kverify.c +DIST_SOURCES = generate-requests.c $(dist_kcc_SOURCES) \ + kdecode_ticket.c kdestroy.c $(dist_kdigest_SOURCES) kgetcred.c \ + kimpersonate.c kinit.c kverify.c +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' man1dir = $(mandir)/man1 +man8dir = $(mandir)/man8 MANS = $(man_MANS) ETAGS = etags CTAGS = ctags @@ -185,49 +211,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -251,10 +286,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -271,6 +307,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -286,31 +324,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -325,10 +377,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -369,50 +423,64 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_hcrypto) \ + -I$(srcdir)/../lib/krb5 $(INCLUDE_libintl) \ + -DHEIMDAL_LOCALEDIR='"$(localedir)"' @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la man_MANS = \ kinit.1 \ klist.1 \ kdestroy.1 \ + kswitch.1 \ + kdigest.8 \ kgetcred.1 \ - kimpersonate.1 + kimpersonate.8 -SLC = $(top_builddir)/lib/sl/slc kinit_LDADD = \ $(LIB_kafs) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/ntlm/libheimntlm.la \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_libintl) \ $(LIB_roken) kdestroy_LDADD = $(kinit_LDADD) -klist_LDADD = $(kinit_LDADD) kimpersonate_LDADD = $(kinit_LDADD) +kcc_LDADD = \ + $(top_builddir)/lib/sl/libsl.la \ + $(kinit_LDADD) \ + $(LIB_readline) + +dist_kcc_SOURCES = kcc.c klist.c kswitch.c copy_cred_cache.c +nodist_kcc_SOURCES = kcc-commands.c dist_kdigest_SOURCES = kdigest.c nodist_kdigest_SOURCES = kdigest-commands.c kdigest_LDADD = \ @@ -423,30 +491,41 @@ kdigest_LDADD = \ $(top_builddir)/lib/sl/libsl.la \ $(LIB_roken) -CLEANFILES = kdigest-commands.h kdigest-commands.c +CLEANFILES = \ + kdigest-commands.h kdigest-commands.c \ + kcc-commands.h kcc-commands.c + LDADD = \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) -EXTRA_DIST = $(man_MANS) kuser_locl.h kdigest-commands.in copy_cred_cache.1 +EXTRA_DIST = NTMakefile $(man_MANS) \ + kcc-version.rc \ + kdestroy-version.rc \ + kdigest-version.rc \ + kgetcred-version.rc \ + kimpersonate-version.rc \ + kinit-version.rc \ + kuser_locl.h kcc-commands.in kdigest-commands.in copy_cred_cache.1 + all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps kuser/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps kuser/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign kuser/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign kuser/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -464,75 +543,108 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -copy_cred_cache$(EXEEXT): $(copy_cred_cache_OBJECTS) $(copy_cred_cache_DEPENDENCIES) - @rm -f copy_cred_cache$(EXEEXT) - $(LINK) $(copy_cred_cache_OBJECTS) $(copy_cred_cache_LDADD) $(LIBS) + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list generate-requests$(EXEEXT): $(generate_requests_OBJECTS) $(generate_requests_DEPENDENCIES) @rm -f generate-requests$(EXEEXT) $(LINK) $(generate_requests_OBJECTS) $(generate_requests_LDADD) $(LIBS) +kcc$(EXEEXT): $(kcc_OBJECTS) $(kcc_DEPENDENCIES) + @rm -f kcc$(EXEEXT) + $(LINK) $(kcc_OBJECTS) $(kcc_LDADD) $(LIBS) kdecode_ticket$(EXEEXT): $(kdecode_ticket_OBJECTS) $(kdecode_ticket_DEPENDENCIES) @rm -f kdecode_ticket$(EXEEXT) $(LINK) $(kdecode_ticket_OBJECTS) $(kdecode_ticket_LDADD) $(LIBS) @@ -551,9 +663,6 @@ kimpersonate$(EXEEXT): $(kimpersonate_OBJECTS) $(kimpersonate_DEPENDENCIES) kinit$(EXEEXT): $(kinit_OBJECTS) $(kinit_DEPENDENCIES) @rm -f kinit$(EXEEXT) $(LINK) $(kinit_OBJECTS) $(kinit_LDADD) $(LIBS) -klist$(EXEEXT): $(klist_OBJECTS) $(klist_DEPENDENCIES) - @rm -f klist$(EXEEXT) - $(LINK) $(klist_OBJECTS) $(klist_LDADD) $(LIBS) kverify$(EXEEXT): $(kverify_OBJECTS) $(kverify_DEPENDENCIES) @rm -f kverify$(EXEEXT) $(LINK) $(kverify_OBJECTS) $(kverify_LDADD) $(LIBS) @@ -564,115 +673,190 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/copy_cred_cache.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/generate-requests.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kcc-commands.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kcc.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kdecode_ticket.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kdestroy.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kdigest-commands.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kdigest.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kgetcred.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kimpersonate.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kinit.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/klist.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kswitch.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kverify.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) +install-man1: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man1dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + uninstall-man1: @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man1dir)" && rm -f $$files; } +install-man8: $(man_MANS) + @$(NORMAL_INSTALL) + test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + +uninstall-man8: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -688,13 +872,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -706,7 +894,7 @@ check-am: all-am check: check-am all-am: Makefile $(PROGRAMS) $(MANS) all-local installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man1dir)"; do \ + for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am @@ -730,6 +918,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -740,6 +929,7 @@ clean-am: clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ clean-libtool clean-noinstPROGRAMS mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -750,6 +940,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -757,26 +949,35 @@ info-am: install-data-am: install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS install-libexecPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am -install-man: install-man1 +install-info-am: + +install-man: install-man1 install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -797,11 +998,10 @@ uninstall-am: uninstall-binPROGRAMS uninstall-libexecPROGRAMS \ uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook +uninstall-man: uninstall-man1 uninstall-man8 -uninstall-man: uninstall-man1 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ @@ -812,14 +1012,14 @@ uninstall-man: uninstall-man1 install-data-am install-data-hook install-dvi install-dvi-am \ install-exec install-exec-am install-exec-hook install-html \ install-html-am install-info install-info-am \ - install-libexecPROGRAMS install-man install-man1 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-hook uninstall-libexecPROGRAMS uninstall-man \ - uninstall-man1 + install-libexecPROGRAMS install-man install-man1 install-man8 \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-binPROGRAMS uninstall-hook uninstall-libexecPROGRAMS \ + uninstall-man uninstall-man1 uninstall-man8 install-suid-programs: @@ -890,6 +1090,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -975,7 +1178,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -989,14 +1192,21 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) fi ; \ done +$(kcc_OBJECTS): kcc-commands.h + $(kdigest_OBJECTS): kdigest-commands.h kdigest-commands.c kdigest-commands.h: kdigest-commands.in $(SLC) $(srcdir)/kdigest-commands.in +kcc-commands.c kcc-commands.h: kcc-commands.in + $(SLC) $(srcdir)/kcc-commands.in + # make sure install-exec-hook doesn't have any commands in Makefile.am.common install-exec-hook: - (cd $(DESTDIR)$(bindir) && rm -f kauth && $(LN_S) kinit kauth) + (cd $(DESTDIR)$(bindir) && rm -f klist && $(LN_S) kcc klist) + (cd $(DESTDIR)$(bindir) && rm -f kswitch && $(LN_S) kcc kswitch) + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/kuser/NTMakefile b/kuser/NTMakefile new file mode 100644 index 000000000000..bc12ad2cfb57 --- /dev/null +++ b/kuser/NTMakefile @@ -0,0 +1,132 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=kuser + +intcflags=-I$(OBJ) + +!include ../windows/NTMakefile.w32 + +BINPROGRAMS=\ + $(BINDIR)\kinit.exe \ + $(BINDIR)\kcc.exe \ + $(BINDIR)\kdestroy.exe \ + $(BINDIR)\kgetcred.exe \ + $(BINDIR)\kvno.exe \ + $(BINDIR)\kcpytkt.exe \ + $(BINDIR)\kdeltkt.exe + +LIBEXECPROGRAMS=\ + $(LIBEXECDIR)\kdigest.exe \ + $(LIBEXECDIR)\kimpersonate.exe + +NOINSTPROGRAMS=\ + $(OBJ)\kverify.exe \ + $(OBJ)\kdecode_ticket.exe \ + $(OBJ)\generate-requests.exe + + +BINLIBS=\ + $(LIBHEIMDAL) \ + $(LIBHEIMNTLM) \ + $(LIBROKEN) \ + $(LIBVERS) + +all:: $(BINPROGRAMS) $(LIBEXECPROGRAMS) + +clean:: + -$(RM) $(BINPROGRAMS:.exe=.*) $(LIBEXECPROGRAMS:.exe=.*) + + +$(BINDIR)\kinit.exe: $(OBJ)\kinit.obj $(BINLIBS) $(OBJ)\kinit-version.res + $(EXECONLINK) + $(EXEPREP) + +KCC_OBJS = \ + $(OBJ)\kcc-commands.obj \ + $(OBJ)\kcc.obj \ + $(OBJ)\kswitch.obj \ + $(OBJ)\klist.obj \ + $(OBJ)\copy_cred_cache.obj + +KCCLIBS=\ + $(BINLIBS) \ + $(LIBSL) + +$(BINDIR)\kcc.exe: $(KCC_OBJS) $(KCCLIBS) $(OBJ)\kcc-version.res + $(EXECONLINK) + $(EXEPREP) + + +$(BINDIR)\kdestroy.exe: $(OBJ)\kdestroy.obj $(BINLIBS) $(OBJ)\kdestroy-version.res + $(EXECONLINK) + $(EXEPREP) + + +$(BINDIR)\kgetcred.exe: $(OBJ)\kgetcred.obj $(BINLIBS) $(OBJ)\kgetcred-version.res + $(EXECONLINK) + $(EXEPREP) + + +$(LIBEXECDIR)\kdigest.exe: $(OBJ)\kdigest-commands.obj $(OBJ)\kdigest.obj $(BINLIBS) $(LIBSL) $(OBJ)\kdigest-version.res + $(EXECONLINK) + $(EXEPREP) + +$(OBJ)\kdigest.obj: kdigest.c + $(C2OBJ) -I$(OBJ) + +$(OBJ)\kdigest-commands.c $(OBJ)\kdigest-commands.h: kdigest-commands.in + cd $(OBJ) + $(CP) $(SRCDIR)\kdigest-commands.in $(OBJ) + $(BINDIR)\slc.exe kdigest-commands.in + cd $(SRCDIR) + +$(OBJ)\kcc-commands.c $(OBJ)\kcc-commands.h: kcc-commands.in + cd $(OBJ) + $(CP) $(SRCDIR)\kcc-commands.in $(OBJ) + $(BINDIR)\slc.exe kcc-commands.in + cd $(SRCDIR) + +$(LIBEXECDIR)\kimpersonate.exe: $(OBJ)\kimpersonate.obj $(BINLIBS) $(OBJ)\kimpersonate-version.res + $(EXECONLINK) + $(EXEPREP) + +$(BINDIR)\kvno.exe: $(OBJ)\kvno.obj $(BINLIBS) + $(EXECONLINK) + $(EXEPREP) + +$(BINDIR)\kcpytkt.exe: $(OBJ)\kcpytkt.obj $(BINLIBS) + $(EXECONLINK) + $(EXEPREP) + +$(BINDIR)\kdeltkt.exe: $(OBJ)\kdeltkt.obj $(BINLIBS) + $(EXECONLINK) + $(EXEPREP) \ No newline at end of file diff --git a/kuser/copy_cred_cache.1 b/kuser/copy_cred_cache.1 index b589735b7888..0a3f46fbe850 100644 --- a/kuser/copy_cred_cache.1 +++ b/kuser/copy_cred_cache.1 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,23 +29,22 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: copy_cred_cache.1 13783 2004-04-25 16:03:45Z joda $ +.\" $Id$ .\" .Dd April 24, 2004 .Dt COPY_CRED_CACHE 1 .Os HEIMDAL .Sh NAME .Nm copy_cred_cache -.Nd -copy credentials from one cache to another +.Nd copy credentials from one cache to another .Sh SYNOPSIS .Nm -.Op Fl -krbtgt-only -.Op Fl -service= Ns Ar principal -.Op Fl -enctype= Ns Ar enctype -.Op Fl -flags= Ns Ar ticketflags -.Op Fl -valid-for= Ns Ar time -.Op Fl -fcache-version= Ns Ar integer +.Op Fl Fl krbtgt-only +.Op Fl Fl service= Ns Ar principal +.Op Fl Fl enctype= Ns Ar enctype +.Op Fl Fl flags= Ns Ar ticketflags +.Op Fl Fl valid-for= Ns Ar time +.Op Fl Fl fcache-version= Ns Ar integer .Op Aq Ar from-cache .Aq Ar to-cache .Sh DESCRIPTION @@ -57,20 +56,20 @@ copies credentials from .Pp Supported options: .Bl -tag -width Ds -.It Fl -krbtgt-only +.It Fl Fl krbtgt-only Copies only krbtgt credentials for the client's realm. This is equivalent to -.Fl -service= Ns Li krbtgt/ Ns Ao Ar CLIENTREALM Ac Ns Li @ Ns Ao Ar CLIENTREALM Ac . -.It Fl -service= Ns Ar principal +.Fl Fl service= Ns Li krbtgt/ Ns Ao Ar CLIENTREALM Ac Ns Li @ Ns Ao Ar CLIENTREALM Ac . +.It Fl Fl service= Ns Ar principal Copies only credentials matching this service principal. -.It Fl -enctype= Ns Ar enctype +.It Fl Fl enctype= Ns Ar enctype Copies only credentials a matching enctype. -.It Fl -flags= Ns Ar ticketflags +.It Fl Fl flags= Ns Ar ticketflags Copies only credentials with these ticket flags set. -.It Fl -valid-for= Ns Ar time +.It Fl Fl valid-for= Ns Ar time Copies only credentials that are valid for at least this long. This does not take renewable creds into account. -.It Fl -fcache-version= Ns Ar integer +.It Fl Fl fcache-version= Ns Ar integer The created cache, If a standard .Li FILE cache is created, it will have this file format version. @@ -88,7 +87,7 @@ $ copy_cred_cache --valid-for=1d --flags=initial FILE:/some/cache .Sh DIAGNOSTICS The .Nm -utility exits 0 on success, and \*[Gt]0 if an error occurs, or of no +utility exits 0 on success, and \*[Gt]0 if an error occurs, or if no credentials where actually copied. .\".Sh SEE ALSO .\".Sh STANDARDS diff --git a/kuser/copy_cred_cache.c b/kuser/copy_cred_cache.c index 8faf82d41ff4..21149d3b91e5 100644 --- a/kuser/copy_cred_cache.c +++ b/kuser/copy_cred_cache.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan + * Copyright (c) 2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,53 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H +#include "kuser_locl.h" #include -RCSID("$Id: copy_cred_cache.c 15542 2005-07-01 07:20:54Z lha $"); -#endif - -#include -#include -#include -#include #include #include - -static int krbtgt_only_flag; -static char *service_string; -static char *enctype_string; -static char *flags_string; -static char *valid_string; -static int fcache_version; -static int help_flag; -static int version_flag; - -static struct getargs args[] = { - { "krbtgt-only", 0, arg_flag, &krbtgt_only_flag, - "only copy local krbtgt" }, - { "service", 0, arg_string, &service_string, - "limit to this service", "principal" }, - { "enctype", 0, arg_string, &enctype_string, - "limit to this enctype", "enctype" }, - { "flags", 0, arg_string, &flags_string, - "limit to these flags", "ticketflags" }, - { "valid-for", 0, arg_string, &valid_string, - "limit to creds valid for at least this long", "time" }, - { "fcache-version", 0, arg_integer, &fcache_version, - "file cache version to create" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag } -}; - -static void -usage(int ret) -{ - arg_printusage(args, - sizeof(args) / sizeof(*args), - NULL, - "[from-cache] to-cache"); - exit(ret); -} +#include "kcc-commands.h" static int32_t bitswap32(int32_t b) @@ -102,114 +60,104 @@ parse_ticket_flags(krb5_context context, memset(&ff, 0, sizeof(ff)); ff.proxy = 1; - if (parse_flags("proxy", asn1_TicketFlags_units(), 0) == TicketFlags2int(ff)) + if ((size_t)parse_flags("proxy", asn1_TicketFlags_units(), 0) == TicketFlags2int(ff)) ret_flags->i = flags; else ret_flags->i = bitswap32(flags); } +struct ctx { + krb5_flags whichfields; + krb5_creds mcreds; +}; + +static krb5_boolean +matchfunc(krb5_context context, void *ptr, const krb5_creds *creds) +{ + struct ctx *ctx = ptr; + if (krb5_compare_creds(context, ctx->whichfields, &ctx->mcreds, creds)) + return TRUE; + return FALSE; +} + int -main(int argc, char **argv) +copy_cred_cache(struct copy_cred_cache_options *opt, int argc, char **argv) { krb5_error_code ret; - krb5_context context; - int optidx = 0; const char *from_name, *to_name; krb5_ccache from_ccache, to_ccache; - krb5_flags whichfields = 0; - krb5_creds mcreds; unsigned int matched; + struct ctx ctx; - setprogname(argv[0]); + memset(&ctx, 0, sizeof(ctx)); - memset(&mcreds, 0, sizeof(mcreds)); - - if (getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage(0); - - if (version_flag) { - print_version(NULL); - exit(0); - } - argc -= optidx; - argv += optidx; - - if (argc < 1 || argc > 2) - usage(1); - - if (krb5_init_context(&context)) - errx(1, "krb5_init_context failed"); - - if (service_string) { - ret = krb5_parse_name(context, service_string, &mcreds.server); + if (opt->service_string) { + ret = krb5_parse_name(kcc_context, opt->service_string, &ctx.mcreds.server); if (ret) - krb5_err(context, 1, ret, "%s", service_string); + krb5_err(kcc_context, 1, ret, "%s", opt->service_string); } - if (enctype_string) { + if (opt->enctype_string) { krb5_enctype enctype; - ret = krb5_string_to_enctype(context, enctype_string, &enctype); + ret = krb5_string_to_enctype(kcc_context, opt->enctype_string, &enctype); if (ret) - krb5_err(context, 1, ret, "%s", enctype_string); - whichfields |= KRB5_TC_MATCH_KEYTYPE; - mcreds.session.keytype = enctype; + krb5_err(kcc_context, 1, ret, "%s", opt->enctype_string); + ctx.whichfields |= KRB5_TC_MATCH_KEYTYPE; + ctx.mcreds.session.keytype = enctype; } - if (flags_string) { - parse_ticket_flags(context, flags_string, &mcreds.flags); - whichfields |= KRB5_TC_MATCH_FLAGS; + if (opt->flags_string) { + parse_ticket_flags(kcc_context, opt->flags_string, &ctx.mcreds.flags); + ctx.whichfields |= KRB5_TC_MATCH_FLAGS; } - if (valid_string) { - time_t t = parse_time(valid_string, "s"); + if (opt->valid_for_string) { + time_t t = parse_time(opt->valid_for_string, "s"); if(t < 0) - errx(1, "unknown time \"%s\"", valid_string); - mcreds.times.endtime = time(NULL) + t; - whichfields |= KRB5_TC_MATCH_TIMES; + errx(1, "unknown time \"%s\"", opt->valid_for_string); + ctx.mcreds.times.endtime = time(NULL) + t; + ctx.whichfields |= KRB5_TC_MATCH_TIMES; } - if (fcache_version) - krb5_set_fcache_version(context, fcache_version); + if (opt->fcache_version_integer) + krb5_set_fcache_version(kcc_context, opt->fcache_version_integer); if (argc == 1) { - from_name = krb5_cc_default_name(context); + from_name = krb5_cc_default_name(kcc_context); to_name = argv[0]; } else { from_name = argv[0]; to_name = argv[1]; } - ret = krb5_cc_resolve(context, from_name, &from_ccache); + ret = krb5_cc_resolve(kcc_context, from_name, &from_ccache); if (ret) - krb5_err(context, 1, ret, "%s", from_name); + krb5_err(kcc_context, 1, ret, "%s", from_name); - if (krbtgt_only_flag) { + if (opt->krbtgt_only_flag) { krb5_principal client; - ret = krb5_cc_get_principal(context, from_ccache, &client); + ret = krb5_cc_get_principal(kcc_context, from_ccache, &client); if (ret) - krb5_err(context, 1, ret, "getting default principal"); - ret = krb5_make_principal(context, &mcreds.server, - krb5_principal_get_realm(context, client), + krb5_err(kcc_context, 1, ret, "getting default principal"); + ret = krb5_make_principal(kcc_context, &ctx.mcreds.server, + krb5_principal_get_realm(kcc_context, client), KRB5_TGS_NAME, - krb5_principal_get_realm(context, client), + krb5_principal_get_realm(kcc_context, client), NULL); if (ret) - krb5_err(context, 1, ret, "constructing krbtgt principal"); - krb5_free_principal(context, client); + krb5_err(kcc_context, 1, ret, "constructing krbtgt principal"); + krb5_free_principal(kcc_context, client); } - ret = krb5_cc_resolve(context, to_name, &to_ccache); + ret = krb5_cc_resolve(kcc_context, to_name, &to_ccache); if (ret) - krb5_err(context, 1, ret, "%s", to_name); + krb5_err(kcc_context, 1, ret, "%s", to_name); - ret = krb5_cc_copy_cache_match(context, from_ccache, to_ccache, - whichfields, &mcreds, &matched); + ret = krb5_cc_copy_match_f(kcc_context, from_ccache, to_ccache, + matchfunc, &ctx, &matched); if (ret) - krb5_err(context, 1, ret, "copying cred cache"); + krb5_err(kcc_context, 1, ret, "copying cred cache"); - krb5_cc_close(context, from_ccache); + krb5_cc_close(kcc_context, from_ccache); if(matched == 0) - krb5_cc_destroy(context, to_ccache); + krb5_cc_destroy(kcc_context, to_ccache); else - krb5_cc_close(context, to_ccache); - krb5_free_context(context); + krb5_cc_close(kcc_context, to_ccache); + return matched == 0; } diff --git a/kuser/generate-requests.c b/kuser/generate-requests.c index 95d8dc968bbf..8f50427adca1 100644 --- a/kuser/generate-requests.c +++ b/kuser/generate-requests.c @@ -1,50 +1,38 @@ /* - * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kuser_locl.h" -RCSID("$Id: generate-requests.c 19233 2006-12-06 08:04:05Z lha $"); - -static krb5_error_code -null_key_proc (krb5_context context, - krb5_enctype type, - krb5_salt salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - return ENOTTY; -} - static unsigned read_words (const char *filename, char ***ret_w) { @@ -68,12 +56,14 @@ read_words (const char *filename, char ***ret_w) *ret_w = w; if (n == 0) errx(1, "%s is an empty file, no words to try", filename); + fclose(f); return n; } static void generate_requests (const char *filename, unsigned nreq) { + krb5_principal client; krb5_context context; krb5_error_code ret; krb5_creds cred; @@ -89,24 +79,18 @@ generate_requests (const char *filename, unsigned nreq) for (i = 0; i < nreq; ++i) { char *name = words[rand() % nwords]; - krb5_realm *client_realm; memset(&cred, 0, sizeof(cred)); - ret = krb5_parse_name (context, name, &cred.client); + ret = krb5_parse_name (context, name, &client); if (ret) krb5_err (context, 1, ret, "krb5_parse_name %s", name); - client_realm = krb5_princ_realm (context, cred.client); - ret = krb5_make_principal(context, &cred.server, *client_realm, - KRB5_TGS_NAME, *client_realm, NULL); + ret = krb5_get_init_creds_password (context, &cred, client, "", + NULL, NULL, 0, NULL, NULL); if (ret) - krb5_err (context, 1, ret, "krb5_make_principal"); - - ret = krb5_get_in_cred (context, 0, NULL, NULL, NULL, NULL, - null_key_proc, NULL, NULL, NULL, - &cred, NULL); - krb5_free_cred_contents (context, &cred); + krb5_free_cred_contents (context, &cred); + krb5_free_principal(context, client); } } diff --git a/kuser/kcc-commands.in b/kuser/kcc-commands.in new file mode 100644 index 000000000000..70967d4486ea --- /dev/null +++ b/kuser/kcc-commands.in @@ -0,0 +1,239 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +command = { + name = "klist" + name = "list" + help = "List kerberos tickets" + option = { + long = "cache" + short = "c" + type = "string" + help = "credential cache to list" + } + option = { + name = "flags" + short = "f" + type = "flag" + help = "list flags" + } + option = { + long = "test" + short = "t" + type = "flag" + help = "test for having tickets" + } + option = { + name = "s" + short = "s" + type = "flag" + } + option = { + long = "tokens" + short = "T" + type = "flag" + help = "display AFS tokens" + } + option = { + long = "v5" + short = "5" + type = "flag" + default = "1" + help = "display v5 credential tokens" + } + option = { + long = "all-content" + short = "A" + type = "flag" + help = "List all caches with their content" + } + option = { + long = "list-all" + short = "l" + type = "flag" + help = "List all caches" + } + option = { + long = "verbose" + short = "v" + type = "flag" + help = "Verbose output" + } + option = { + name = "a" + short = "a" + type = "flag" + } + option = { + name = "n" + short = "n" + type = "flag" + } + option = { + long = "hidden" + type = "flag" + help = "Verbose output" + } +} +command = { + name = "kgetcred" + help = "Acquire a Kerberos ticket" + option = { + long = "enctype" + short = "e" + type = "string" + argument = "enctype" + help = "Encryption type to use" + } + option = { + long = "cache" + short = "c" + type = "string" + argument = "cachename" + help = "Credentials cache" + } +} +command = { + name = "kswitch" + name = "switch" + help = "Switch default kerberos cache" + option = { + long = "type" + short = "t" + type = "string" + help = "type of credential cache" + } + option = { + long = "cache" + short = "c" + type = "string" + help = "name of credential cache" + } + option = { + long = "principal" + short = "p" + type = "string" + help = "name of principal" + } + option = { + long = "interactive" + short = "i" + type = "flag" + help = "interactive selection" + } +}; +command = { + name = "kvno" + help = "Acquire a Kerberos ticket" + option = { + long = "enctype" + short = "e" + type = "string" + argument = "enctype" + help = "Encryption type to use" + } + option = { + long = "cache" + short = "c" + type = "string" + argument = "cachename" + help = "Credentials cache" + } + option = { + long = "keytab" + short = "k" + type = "string" + argument = "keytabname" + help = "Keytab to use" + } + option = { + long = "server" + short = "S" + type = "string" + argument = "principal" + help = "Server to get ticket for" + } + option = { + long = "quiet" + short = "q" + type = "flag" + help = "Quiet" + } +} +command = { + name = "copy_cred_cache" + option = { + long = "krbtgt-only" + type = "flag" + help = "only copy local krbtgt" + } + option = { + long = "service" + type = "string" + help = "limit to this service" + argument = "service" + } + option = { + long = "enctype" + type = "string" + help = "limit to this enctype" + argument = "enctype" + } + option = { + long = "flags" + type = "string" + help = "limit to these flags" + } + option = { + long = "valid-for" + type = "string" + help = "limit to creds valid for at least this long" + argument = "time" + } + option = { + long = "fcache-version" + type = "integer" + help = "file cache version to create" + } + min_args = "1" + max_args = "2" + help = "Copies credential caches" +} +command = { + name = "help" + name = "?" + argument = "[command]" + min_args = "0" + max_args = "1" + help = "Help! I need somebody." +} diff --git a/kuser/kcc-version.rc b/kuser/kcc-version.rc new file mode 100644 index 000000000000..6c47c500da47 --- /dev/null +++ b/kuser/kcc-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Ticket tool" +#define RC_FILE_ORIG_0409 "kcc.exe" + +#include "../windows/version.rc" diff --git a/kuser/kcc.c b/kuser/kcc.c new file mode 100644 index 000000000000..511398c92808 --- /dev/null +++ b/kuser/kcc.c @@ -0,0 +1,165 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kuser_locl.h" +#include +#include "kcc-commands.h" + +krb5_context kcc_context; +static int version_flag; +static int help_flag; + +static struct getargs args[] = { + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } +}; + +static void +usage(int ret) +{ + arg_printusage_i18n(args, + sizeof(args)/sizeof(*args), + N_("Usage: ", ""), + NULL, + "command ..", + getarg_i18n); + exit (ret); +} + +int +help(void *opt, int argc, char **argv) +{ + sl_slc_help(commands, argc, argv); + return 0; +} + +int +kgetcred(struct kgetcred_options *opt, int argc, char **argv) +{ + return 0; +} + +/* + * Wrapper for command line compatiblity + */ + +int +kvno(struct kvno_options *opt, int argc, char **argv) +{ + struct kgetcred_options k; + memset(&k, 0, sizeof(k)); + + k.cache_string = opt->cache_string; + k.enctype_string = opt->enctype_string; + + return kgetcred(&k, argc, argv); +} + +static int +command_alias(const char *name) +{ + const char *aliases[] = { + "kinit", "klist", "kswitch", "kgetcred", "kvno", "kdeltkt", + "kdestroy", "kcpytkt", NULL + }, **p = aliases; + + while (*p && strcmp(name, *p) != 0) + p++; + return *p != NULL; +} + + +int +main(int argc, char **argv) +{ + krb5_error_code ret; + int optidx = 0; + int exit_status = 0; + + setprogname (argv[0]); + + setlocale (LC_ALL, ""); + bindtextdomain ("heimdal_kuser", HEIMDAL_LOCALEDIR); + textdomain("heimdal_kuser"); + + ret = krb5_init_context(&kcc_context); + if (ret == KRB5_CONFIG_BADFORMAT) + errx (1, "krb5_init_context failed to parse configuration file"); + else if (ret) + errx(1, "krb5_init_context failed: %d", ret); + + /* + * Support linking of kcc to commands + */ + + if (!command_alias(getprogname())) { + + if (argc == 1) { + sl_slc_help(commands, 0, NULL); + return 1; + } + + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) + usage(1); + + if (help_flag) + usage (0); + + if(version_flag) { + print_version(NULL); + exit(0); + } + + } else { + argv[0] = rk_UNCONST(getprogname()); + } + + argc -= optidx; + argv += optidx; + + if (argc != 0) { + ret = sl_command(commands, argc, argv); + if(ret == -1) + krb5_warnx(kcc_context, "unrecognized command: %s", argv[0]); + else if (ret == -2) + ret = 0; + if(ret != 0) + exit_status = 1; + } else { + sl_slc_help(commands, argc, argv); + exit_status = 1; + } + + krb5_free_context(kcc_context); + return exit_status; +} diff --git a/kuser/kdecode_ticket.c b/kuser/kdecode_ticket.c index 968478d34779..2d30b5f388cd 100644 --- a/kuser/kdecode_ticket.c +++ b/kuser/kdecode_ticket.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kuser_locl.h" -RCSID("$Id: kdecode_ticket.c 15541 2005-07-01 07:14:58Z lha $"); - static char *etype_str; static int version_flag; static int help_flag; @@ -70,11 +68,12 @@ print_and_decode_tkt (krb5_context context, krb5_crypto_destroy (context, crypto); if (ret) krb5_err (context, 1, ret, "krb5_decrypt_EncryptedData"); - ret = krb5_decode_EncTicketPart (context, dec_data.data, dec_data.length, - &decr_part, &len); + ret = decode_EncTicketPart (dec_data.data, dec_data.length, + &decr_part, &len); krb5_data_free (&dec_data); if (ret) krb5_err (context, 1, ret, "krb5_decode_EncTicketPart"); + free_EncTicketPart(&decr_part); } struct getargs args[] = { @@ -108,10 +107,10 @@ main(int argc, char **argv) ret = krb5_init_context (&context); if (ret) errx(1, "krb5_init_context failed: %d", ret); - + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); diff --git a/kuser/kdestroy-version.rc b/kuser/kdestroy-version.rc new file mode 100644 index 000000000000..9ccbdef9e4e7 --- /dev/null +++ b/kuser/kdestroy-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Destroy Kerberos Tickets" +#define RC_FILE_ORIG_0409 "kdestroy.exe" + +#include "../windows/version.rc" diff --git a/kuser/kdestroy.1 b/kuser/kdestroy.1 index 5e187019ba45..3c936652f10a 100644 --- a/kuser/kdestroy.1 +++ b/kuser/kdestroy.1 @@ -1,56 +1,57 @@ -.\" Copyright (c) 1997, 1999, 2001, 2004, 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 1997, 1999, 2001, 2004, 2006 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kdestroy.1 22071 2007-11-14 20:04:50Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd April 27, 2006 .Dt KDESTROY 1 .Os HEIMDAL .Sh NAME .Nm kdestroy -.Nd remove one credental or destroy the current ticket file +.Nd remove one credential or destroy the current ticket file .Sh SYNOPSIS .Nm .Bk -words .Op Fl c Ar cachefile -.Op Fl -credential= Ns Ar principal -.Op Fl -cache= Ns Ar cachefile -.Op Fl -no-unlog -.Op Fl -no-delete-v4 -.Op Fl -version -.Op Fl -help +.Op Fl Fl credential= Ns Ar principal +.Op Fl Fl cache= Ns Ar cachefile +.Op Fl A | Fl Fl all +.Op Fl Fl no-unlog +.Op Fl Fl no-delete-v4 +.Op Fl Fl version +.Op Fl Fl help .Ek .Sh DESCRIPTION .Nm -remove one or the current set of tickets. +removes one credential or the current set of tickets. .Pp Supported options: .Bl -tag -width Ds @@ -61,9 +62,12 @@ from the credential cache if it exists. .It Fl c Ar cachefile .It Fl cache= Ns Ar cachefile The cache file to remove. -.It Fl -no-unlog +.It Fl A +.It Fl Fl all +remove all credential caches. +.It Fl Fl no-unlog Do not remove AFS tokens. -.It Fl -no-delete-v4 +.It Fl Fl no-delete-v4 Do not remove v4 tickets. .El .Sh SEE ALSO diff --git a/kuser/kdestroy.c b/kuser/kdestroy.c index 5358fcd67d92..1823bf56ca48 100644 --- a/kuser/kdestroy.c +++ b/kuser/kdestroy.c @@ -1,52 +1,57 @@ /* - * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kuser_locl.h" -RCSID("$Id: kdestroy.c 20458 2007-04-19 20:41:27Z lha $"); static const char *cache; static const char *credential; static int help_flag; static int version_flag; +#ifndef NO_AFS static int unlog_flag = 1; +#endif static int dest_tkt_flag = 1; +static int all_flag = 0; struct getargs args[] = { - { "credential", 0, arg_string, &credential, + { "credential", 0, arg_string, rk_UNCONST(&credential), "remove one credential", "principal" }, - { "cache", 'c', arg_string, &cache, "cache to destroy", "cache" }, + { "cache", 'c', arg_string, rk_UNCONST(&cache), "cache to destroy", "cache" }, + { "all", 'A', arg_flag, &all_flag, "destroy all caches", NULL }, +#ifndef NO_AFS { "unlog", 0, arg_negative_flag, &unlog_flag, "do not destroy tokens", NULL }, +#endif { "delete-v4", 0, arg_negative_flag, &dest_tkt_flag, "do not destroy v4 tickets", NULL }, { "version", 0, arg_flag, &version_flag, NULL, NULL }, @@ -75,15 +80,15 @@ main (int argc, char **argv) if(getarg(args, num_args, argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); - + if(version_flag){ print_version(NULL); exit(0); } - + argc -= optidx; argv += optidx; @@ -93,58 +98,75 @@ main (int argc, char **argv) ret = krb5_init_context (&context); if (ret) errx (1, "krb5_init_context failed: %d", ret); - - if(cache == NULL) { - cache = krb5_cc_default_name(context); - if (cache == NULL) { - warnx ("krb5_cc_default_name: %s", krb5_get_err_text(context, ret)); - exit(1); + + if (all_flag) { + krb5_cccol_cursor cursor; + + ret = krb5_cccol_cursor_new (context, &cursor); + if (ret) + krb5_err(context, 1, ret, "krb5_cccol_cursor_new"); + + while (krb5_cccol_cursor_next (context, cursor, &ccache) == 0 && ccache != NULL) { + + ret = krb5_cc_destroy (context, ccache); + if (ret) { + krb5_warn(context, ret, "krb5_cc_destroy"); + exit_val = 1; + } } - } + krb5_cccol_cursor_free(context, &cursor); - ret = krb5_cc_resolve(context, - cache, - &ccache); - - if (ret == 0) { - if (credential) { - krb5_creds mcred; - - krb5_cc_clear_mcred(&mcred); - - ret = krb5_parse_name(context, credential, &mcred.server); - if (ret) - krb5_err(context, 1, ret, - "Can't parse principal %s", credential); - - ret = krb5_cc_remove_cred(context, ccache, 0, &mcred); - if (ret) - krb5_err(context, 1, ret, - "Failed to remove principal %s", credential); - - krb5_cc_close(context, ccache); - krb5_free_principal(context, mcred.server); - krb5_free_context(context); - return 0; - } - - ret = krb5_cc_destroy (context, ccache); - if (ret) { - warnx ("krb5_cc_destroy: %s", krb5_get_err_text(context, ret)); - exit_val = 1; - } } else { - warnx ("krb5_cc_resolve(%s): %s", cache, - krb5_get_err_text(context, ret)); - exit_val = 1; + if(cache == NULL) { + ret = krb5_cc_default(context, &ccache); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_default"); + } else { + ret = krb5_cc_resolve(context, + cache, + &ccache); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_resolve"); + } + + if (ret == 0) { + if (credential) { + krb5_creds mcred; + + krb5_cc_clear_mcred(&mcred); + + ret = krb5_parse_name(context, credential, &mcred.server); + if (ret) + krb5_err(context, 1, ret, + "Can't parse principal %s", credential); + + ret = krb5_cc_remove_cred(context, ccache, 0, &mcred); + if (ret) + krb5_err(context, 1, ret, + "Failed to remove principal %s", credential); + + krb5_cc_close(context, ccache); + krb5_free_principal(context, mcred.server); + krb5_free_context(context); + return 0; + } + + ret = krb5_cc_destroy (context, ccache); + if (ret) { + krb5_warn(context, ret, "krb5_cc_destroy"); + exit_val = 1; + } + } } krb5_free_context (context); +#ifndef NO_AFS if (unlog_flag && k_hasafs ()) { if (k_unlog ()) exit_val = 1; } +#endif return exit_val; } diff --git a/kuser/kdestroy.cat1 b/kuser/kdestroy.cat1 new file mode 100644 index 000000000000..434271e41d6d --- /dev/null +++ b/kuser/kdestroy.cat1 @@ -0,0 +1,37 @@ + +KDESTROY(1) BSD General Commands Manual KDESTROY(1) + +NNAAMMEE + kkddeessttrrooyy -- remove one credential or destroy the current ticket file + +SSYYNNOOPPSSIISS + kkddeessttrrooyy [--cc _c_a_c_h_e_f_i_l_e] [----ccrreeddeennttiiaall==_p_r_i_n_c_i_p_a_l] [----ccaacchhee==_c_a_c_h_e_f_i_l_e] + [--AA | ----aallll] [----nnoo--uunnlloogg] [----nnoo--ddeelleettee--vv44] [----vveerrssiioonn] [----hheellpp] + +DDEESSCCRRIIPPTTIIOONN + kkddeessttrrooyy removes one credential or the current set of tickets. + + Supported options: + + --ccrreeddeennttiiaall==_p_r_i_n_c_i_p_a_l + remove _p_r_i_n_c_i_p_a_l from the credential cache if it exists. + + --cc _c_a_c_h_e_f_i_l_e + + --ccaacchhee==_c_a_c_h_e_f_i_l_e + The cache file to remove. + + --AA + + ----aallll remove all credential caches. + + ----nnoo--uunnlloogg + Do not remove AFS tokens. + + ----nnoo--ddeelleettee--vv44 + Do not remove v4 tickets. + +SSEEEE AALLSSOO + kinit(1), klist(1) + +HEIMDAL April 27, 2006 HEIMDAL diff --git a/kuser/kdigest-commands.in b/kuser/kdigest-commands.in index c980b188eddd..3f73f5bd55e1 100644 --- a/kuser/kdigest-commands.in +++ b/kuser/kdigest-commands.in @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan + * Copyright (c) 2006 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -30,7 +30,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ -/* $Id: kdigest-commands.in 22157 2007-12-04 20:03:29Z lha $ */ +/* $Id$ */ command = { name = "digest-probe" diff --git a/kuser/kdigest-version.rc b/kuser/kdigest-version.rc new file mode 100644 index 000000000000..8e5b16ee2d1c --- /dev/null +++ b/kuser/kdigest-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "KDC Digest Interface Tool" +#define RC_FILE_ORIG_0409 "kdigest.exe" + +#include "../windows/version.rc" diff --git a/kuser/kdigest.8 b/kuser/kdigest.8 new file mode 100644 index 000000000000..c792241416d1 --- /dev/null +++ b/kuser/kdigest.8 @@ -0,0 +1,256 @@ +.\" Copyright (c) 2008 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd September 25, 2008 +.Dt KDIGEST 8 +.Os HEIMDAL +.Sh NAME +.Nm kdigest +.Nd userland tool to access digest interface in the KDC +.Sh SYNOPSIS +.Nm +.Op Fl Fl ccache= Ns Ar string +.Op Fl Fl version +.Op Fl Fl help +command +.Op arguments +.Sh DESCRIPTION +Supported options: +.Bl -tag -width Ds +.It Xo +.Fl Fl ccache= Ns Ar string +.Xc +credential cache +.It Xo +.Fl Fl version +.Xc +print version +.It Xo +.Fl Fl help +.Xc +.El +.Pp +Available commands are: +.Bl -tag -width Ds +.It Xo digest-probe +.Op Fl Fl realm= Ns Ar string +.Op Fl h | Fl Fl help +.Xc +.Bl -tag -width Ds +.It Xo +.Fl Fl realm= Ns Ar string +.Xc +Kerberos realm to communicate with +.El +.It Xo digest-server-init +.Op Fl Fl type= Ns Ar string +.Op Fl Fl kerberos-realm= Ns Ar realm +.Op Fl Fl digest= Ns Ar digest-type +.Op Fl Fl cb-type= Ns Ar type +.Op Fl Fl cb-value= Ns Ar value +.Op Fl Fl hostname= Ns Ar hostname +.Op Fl Fl realm= Ns Ar string +.Xc +.Bl -tag -width Ds +.It Xo +.Fl Fl type= Ns Ar string +.Xc +digest type +.It Xo +.Fl Fl kerberos-realm= Ns Ar realm +.Xc +.It Xo +.Fl Fl digest= Ns Ar digest-type +.Xc +digest type to use in the algorithm +.It Xo +.Fl Fl cb-type= Ns Ar type +.Xc +type of channel bindings +.It Xo +.Fl Fl cb-value= Ns Ar value +.Xc +value of channel bindings +.It Xo +.Fl Fl hostname= Ns Ar hostname +.Xc +hostname of the server +.It Xo +.Fl Fl realm= Ns Ar string +.Xc +Kerberos realm to communicate with +.El +.It Xo digest-server-request +.Op Fl Fl type= Ns Ar string +.Op Fl Fl kerberos-realm= Ns Ar realm +.Op Fl Fl username= Ns Ar name +.Op Fl Fl server-nonce= Ns Ar nonce +.Op Fl Fl server-identifier= Ns Ar nonce +.Op Fl Fl client-nonce= Ns Ar nonce +.Op Fl Fl client-response= Ns Ar response +.Op Fl Fl opaque= Ns Ar string +.Op Fl Fl authentication-name= Ns Ar name +.Op Fl Fl realm= Ns Ar realm +.Op Fl Fl method= Ns Ar method +.Op Fl Fl uri= Ns Ar uri +.Op Fl Fl nounce-count= Ns Ar count +.Op Fl Fl qop= Ns Ar qop +.Op Fl Fl ccache= Ns Ar ccache +.Xc +.Bl -tag -width Ds +.It Xo +.Fl Fl type= Ns Ar string +.Xc +digest type +.It Xo +.Fl Fl kerberos-realm= Ns Ar realm +.Xc +.It Xo +.Fl Fl username= Ns Ar name +.Xc +digest type +.It Xo +.Fl Fl server-nonce= Ns Ar nonce +.Xc +.It Xo +.Fl Fl server-identifier= Ns Ar nonce +.Xc +.It Xo +.Fl Fl client-nonce= Ns Ar nonce +.Xc +.It Xo +.Fl Fl client-response= Ns Ar response +.Xc +.It Xo +.Fl Fl opaque= Ns Ar string +.Xc +.It Xo +.Fl Fl authentication-name= Ns Ar name +.Xc +.It Xo +.Fl Fl realm= Ns Ar realm +.Xc +.It Xo +.Fl Fl method= Ns Ar method +.Xc +.It Xo +.Fl Fl uri= Ns Ar uri +.Xc +.It Xo +.Fl Fl nounce-count= Ns Ar count +.Xc +.It Xo +.Fl Fl qop= Ns Ar qop +.Xc +.It Xo +.Fl Fl ccache= Ns Ar ccache +.Xc +Where the the credential cache is created when the KDC returns tickets +.El +.It Xo digest-client-request +.Op Fl Fl type= Ns Ar string +.Op Fl Fl username= Ns Ar name +.Op Fl Fl password= Ns Ar password +.Op Fl Fl server-nonce= Ns Ar nonce +.Op Fl Fl server-identifier= Ns Ar nonce +.Op Fl Fl client-nonce= Ns Ar nonce +.Op Fl Fl opaque= Ns Ar string +.Op Fl Fl realm= Ns Ar realm +.Op Fl Fl method= Ns Ar method +.Op Fl Fl uri= Ns Ar uri +.Op Fl Fl nounce-count= Ns Ar count +.Op Fl Fl qop= Ns Ar qop +.Xc +.Bl -tag -width Ds +.It Xo +.Fl Fl type= Ns Ar string +.Xc +digest type +.It Xo +.Fl Fl username= Ns Ar name +.Xc +digest type +.It Xo +.Fl Fl password= Ns Ar password +.Xc +.It Xo +.Fl Fl server-nonce= Ns Ar nonce +.Xc +.It Xo +.Fl Fl server-identifier= Ns Ar nonce +.Xc +.It Xo +.Fl Fl client-nonce= Ns Ar nonce +.Xc +.It Xo +.Fl Fl opaque= Ns Ar string +.Xc +.It Xo +.Fl Fl realm= Ns Ar realm +.Xc +.It Xo +.Fl Fl method= Ns Ar method +.Xc +.It Xo +.Fl Fl uri= Ns Ar uri +.Xc +.It Xo +.Fl Fl nounce-count= Ns Ar count +.Xc +.It Xo +.Fl Fl qop= Ns Ar qop +.Xc +.El +.It Xo ntlm-server-init +.Op Fl Fl version= Ns Ar integer +.Op Fl Fl kerberos-realm= Ns Ar string +.Xc +.Bl -tag -width Ds +.It Xo +.Fl Fl version= Ns Ar integer +.Xc +ntlm version +.It Xo +.Fl Fl kerberos-realm= Ns Ar string +.Xc +Kerberos realm to communicate with +.El +.\".Sh ENVIRONMENT +.\".Sh FILES +.\".Sh EXAMPLES +.\".Sh DIAGNOSTICS +.\".Sh SEE ALSO +.\".Sh STANDARDS +.\".Sh HISTORY +.\".Sh AUTHORS +.\".Sh BUGS diff --git a/kuser/kdigest.c b/kuser/kdigest.c index 418aedb71441..f15b661a0dce 100644 --- a/kuser/kdigest.c +++ b/kuser/kdigest.c @@ -1,38 +1,40 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ +#define HC_DEPRECATED_CRYPTO + #include "kuser_locl.h" -RCSID("$Id: kdigest.c 22158 2007-12-04 20:04:01Z lha $"); + #include #include #include @@ -98,7 +100,7 @@ digest_server_init(struct digest_server_init_options *opt, krb5_err(context, 1, ret, "krb5_digest_set_type"); if (opt->cb_type_string && opt->cb_value_string) { - ret = krb5_digest_set_server_cb(context, digest, + ret = krb5_digest_set_server_cb(context, digest, opt->cb_type_string, opt->cb_value_string); if (ret) @@ -112,7 +114,7 @@ digest_server_init(struct digest_server_init_options *opt, krb5_err(context, 1, ret, "krb5_digest_init_request"); printf("type=%s\n", opt->type_string); - printf("server-nonce=%s\n", + printf("server-nonce=%s\n", krb5_digest_get_server_nonce(context, digest)); { const char *s = krb5_digest_get_identifier(context, digest); @@ -121,11 +123,13 @@ digest_server_init(struct digest_server_init_options *opt, } printf("opaque=%s\n", krb5_digest_get_opaque(context, digest)); + krb5_digest_free(digest); + return 0; } int -digest_server_request(struct digest_server_request_options *opt, +digest_server_request(struct digest_server_request_options *opt, int argc, char **argv) { krb5_error_code ret; @@ -150,7 +154,7 @@ digest_server_request(struct digest_server_request_options *opt, if (opt->server_identifier_string == NULL) errx(1, "server identifier missing"); - ret = krb5_digest_set_identifier(context, digest, + ret = krb5_digest_set_identifier(context, digest, opt->server_identifier_string); if (ret) krb5_err(context, 1, ret, "krb5_digest_set_type"); @@ -164,13 +168,13 @@ digest_server_request(struct digest_server_request_options *opt, if (ret) krb5_err(context, 1, ret, "krb5_digest_set_username"); - ret = krb5_digest_set_server_nonce(context, digest, + ret = krb5_digest_set_server_nonce(context, digest, opt->server_nonce_string); if (ret) krb5_err(context, 1, ret, "krb5_digest_set_server_nonce"); if(opt->client_nonce_string) { - ret = krb5_digest_set_client_nonce(context, digest, + ret = krb5_digest_set_client_nonce(context, digest, opt->client_nonce_string); if (ret) krb5_err(context, 1, ret, "krb5_digest_set_client_nonce"); @@ -181,7 +185,7 @@ digest_server_request(struct digest_server_request_options *opt, if (ret) krb5_err(context, 1, ret, "krb5_digest_set_opaque"); - ret = krb5_digest_set_responseData(context, digest, + ret = krb5_digest_set_responseData(context, digest, opt->client_response_string); if (ret) krb5_err(context, 1, ret, "krb5_digest_set_responseData"); @@ -213,6 +217,8 @@ digest_server_request(struct digest_server_request_options *opt, free(key); } + krb5_digest_free(digest); + return 0; } @@ -221,15 +227,19 @@ client_chap(const void *server_nonce, size_t snoncelen, unsigned char server_identifier, const char *password) { - MD5_CTX ctx; + EVP_MD_CTX *ctx; unsigned char md[MD5_DIGEST_LENGTH]; char *h; - MD5_Init(&ctx); - MD5_Update(&ctx, &server_identifier, 1); - MD5_Update(&ctx, password, strlen(password)); - MD5_Update(&ctx, server_nonce, snoncelen); - MD5_Final(md, &ctx); + ctx = EVP_MD_CTX_create(); + EVP_DigestInit_ex(ctx, EVP_md5(), NULL); + + EVP_DigestUpdate(ctx, &server_identifier, 1); + EVP_DigestUpdate(ctx, password, strlen(password)); + EVP_DigestUpdate(ctx, server_nonce, snoncelen); + EVP_DigestFinal_ex(ctx, md, NULL); + + EVP_MD_CTX_destroy(ctx); hex_encode(md, 16, &h); @@ -262,27 +272,31 @@ client_mschapv2(const void *server_nonce, size_t snoncelen, const char *username, const char *password) { - SHA_CTX ctx; - MD4_CTX hctx; - unsigned char md[SHA_DIGEST_LENGTH], challange[SHA_DIGEST_LENGTH]; + EVP_MD_CTX *hctx, *ctx; + unsigned char md[SHA_DIGEST_LENGTH], challenge[SHA_DIGEST_LENGTH]; unsigned char hmd[MD4_DIGEST_LENGTH]; struct ntlm_buf answer; int i, len, ret; char *h; - SHA1_Init(&ctx); - SHA1_Update(&ctx, client_nonce, cnoncelen); - SHA1_Update(&ctx, server_nonce, snoncelen); - SHA1_Update(&ctx, username, strlen(username)); - SHA1_Final(md, &ctx); + ctx = EVP_MD_CTX_create(); + EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); - MD4_Init(&hctx); + EVP_DigestUpdate(ctx, client_nonce, cnoncelen); + EVP_DigestUpdate(ctx, server_nonce, snoncelen); + EVP_DigestUpdate(ctx, username, strlen(username)); + EVP_DigestFinal_ex(ctx, md, NULL); + + + hctx = EVP_MD_CTX_create(); + EVP_DigestInit_ex(hctx, EVP_md4(), NULL); len = strlen(password); for (i = 0; i < len; i++) { - MD4_Update(&hctx, &password[i], 1); - MD4_Update(&hctx, &password[len], 1); - } - MD4_Final(hmd, &hctx); + EVP_DigestUpdate(hctx, &password[i], 1); + EVP_DigestUpdate(hctx, &password[len], 1); + } + EVP_DigestFinal_ex(hctx, hmd, NULL); + /* ChallengeResponse */ ret = heim_ntlm_calculate_ntlm1(hmd, sizeof(hmd), md, &answer); @@ -294,51 +308,55 @@ client_mschapv2(const void *server_nonce, size_t snoncelen, free(h); /* PasswordHash */ - MD4_Init(&hctx); - MD4_Update(&hctx, hmd, sizeof(hmd)); - MD4_Final(hmd, &hctx); + EVP_DigestInit_ex(hctx, EVP_md4(), NULL); + EVP_DigestUpdate(hctx, hmd, sizeof(hmd)); + EVP_DigestFinal_ex(hctx, hmd, NULL); + /* GenerateAuthenticatorResponse */ - SHA1_Init(&ctx); - SHA1_Update(&ctx, hmd, sizeof(hmd)); - SHA1_Update(&ctx, answer.data, answer.length); - SHA1_Update(&ctx, ms_chap_v2_magic1, sizeof(ms_chap_v2_magic1)); - SHA1_Final(md, &ctx); - - /* ChallengeHash */ - SHA1_Init(&ctx); - SHA1_Update(&ctx, client_nonce, cnoncelen); - SHA1_Update(&ctx, server_nonce, snoncelen); - SHA1_Update(&ctx, username, strlen(username)); - SHA1_Final(challange, &ctx); + EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); + EVP_DigestUpdate(ctx, hmd, sizeof(hmd)); + EVP_DigestUpdate(ctx, answer.data, answer.length); + EVP_DigestUpdate(ctx, ms_chap_v2_magic1, sizeof(ms_chap_v2_magic1)); + EVP_DigestFinal_ex(ctx, md, NULL); - SHA1_Init(&ctx); - SHA1_Update(&ctx, md, sizeof(md)); - SHA1_Update(&ctx, challange, 8); - SHA1_Update(&ctx, ms_chap_v2_magic2, sizeof(ms_chap_v2_magic2)); - SHA1_Final(md, &ctx); + /* ChallengeHash */ + EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); + EVP_DigestUpdate(ctx, client_nonce, cnoncelen); + EVP_DigestUpdate(ctx, server_nonce, snoncelen); + EVP_DigestUpdate(ctx, username, strlen(username)); + EVP_DigestFinal_ex(ctx, challenge, NULL); + + EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); + EVP_DigestUpdate(ctx, md, sizeof(md)); + EVP_DigestUpdate(ctx, challenge, 8); + EVP_DigestUpdate(ctx, ms_chap_v2_magic2, sizeof(ms_chap_v2_magic2)); + EVP_DigestFinal_ex(ctx, md, NULL); hex_encode(md, sizeof(md), &h); printf("AuthenticatorResponse=%s\n", h); free(h); /* get_master, rfc 3079 3.4 */ - SHA1_Init(&ctx); - SHA1_Update(&ctx, hmd, sizeof(hmd)); - SHA1_Update(&ctx, answer.data, answer.length); - SHA1_Update(&ctx, ms_rfc3079_magic1, sizeof(ms_rfc3079_magic1)); - SHA1_Final(md, &ctx); + EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); + EVP_DigestUpdate(ctx, hmd, sizeof(hmd)); + EVP_DigestUpdate(ctx, answer.data, answer.length); + EVP_DigestUpdate(ctx, ms_rfc3079_magic1, sizeof(ms_rfc3079_magic1)); + EVP_DigestFinal_ex(ctx, md, NULL); free(answer.data); hex_encode(md, 16, &h); printf("session-key=%s\n", h); free(h); + + EVP_MD_CTX_destroy(hctx); + EVP_MD_CTX_destroy(ctx); } int -digest_client_request(struct digest_client_request_options *opt, +digest_client_request(struct digest_client_request_options *opt, int argc, char **argv) { char *server_nonce, *client_nonce = NULL, server_identifier; @@ -358,7 +376,7 @@ digest_client_request(struct digest_client_request_options *opt, errx(1, "server_nonce"); snoncelen = hex_decode(opt->server_nonce_string, server_nonce, snoncelen); - if (snoncelen <= 0) + if (snoncelen <= 0) errx(1, "server nonce wrong"); if (opt->client_nonce_string) { @@ -366,10 +384,10 @@ digest_client_request(struct digest_client_request_options *opt, client_nonce = malloc(cnoncelen); if (client_nonce == NULL) errx(1, "client_nonce"); - - cnoncelen = hex_decode(opt->client_nonce_string, + + cnoncelen = hex_decode(opt->client_nonce_string, client_nonce, cnoncelen); - if (cnoncelen <= 0) + if (cnoncelen <= 0) errx(1, "client nonce wrong"); } @@ -385,7 +403,7 @@ digest_client_request(struct digest_client_request_options *opt, if (opt->server_identifier_string == NULL) errx(1, "server identifier missing"); - client_chap(server_nonce, snoncelen, server_identifier, + client_chap(server_nonce, snoncelen, server_identifier, opt->password_string); } else if (strcasecmp(opt->type_string, "MS-CHAP-V2") == 0) { @@ -395,11 +413,13 @@ digest_client_request(struct digest_client_request_options *opt, errx(1, "client nonce missing"); client_mschapv2(server_nonce, snoncelen, - client_nonce, cnoncelen, + client_nonce, cnoncelen, opt->username_string, opt->password_string); } - + if (client_nonce) + free(client_nonce); + free(server_nonce); return 0; } @@ -413,9 +433,10 @@ ntlm_server_init(struct ntlm_server_init_options *opt, krb5_error_code ret; krb5_ntlm ntlm; struct ntlm_type2 type2; - krb5_data challange, opaque; + krb5_data challenge, opaque; struct ntlm_buf data; char *s; + static char zero2[] = "\x00\x00"; memset(&type2, 0, sizeof(type2)); @@ -423,7 +444,7 @@ ntlm_server_init(struct ntlm_server_init_options *opt, if (ret) krb5_err(context, 1, ret, "krb5_ntlm_alloc"); - ret = krb5_ntlm_init_request(context, + ret = krb5_ntlm_init_request(context, ntlm, opt->kerberos_realm_string, id, @@ -437,29 +458,29 @@ ntlm_server_init(struct ntlm_server_init_options *opt, * */ - ret = krb5_ntlm_init_get_challange(context, ntlm, &challange); + ret = krb5_ntlm_init_get_challange(context, ntlm, &challenge); if (ret) krb5_err(context, 1, ret, "krb5_ntlm_init_get_challange"); - if (challange.length != sizeof(type2.challange)) - krb5_errx(context, 1, "ntlm challange have wrong length"); - memcpy(type2.challange, challange.data, sizeof(type2.challange)); - krb5_data_free(&challange); + if (challenge.length != sizeof(type2.challenge)) + krb5_errx(context, 1, "ntlm challenge have wrong length"); + memcpy(type2.challenge, challenge.data, sizeof(type2.challenge)); + krb5_data_free(&challenge); ret = krb5_ntlm_init_get_flags(context, ntlm, &type2.flags); if (ret) krb5_err(context, 1, ret, "krb5_ntlm_init_get_flags"); krb5_ntlm_init_get_targetname(context, ntlm, &type2.targetname); - type2.targetinfo.data = "\x00\x00"; + type2.targetinfo.data = zero2; type2.targetinfo.length = 2; - + ret = heim_ntlm_encode_type2(&type2, &data); if (ret) krb5_errx(context, 1, "heim_ntlm_encode_type2"); free(type2.targetname); - + /* * */ @@ -519,7 +540,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); diff --git a/kuser/kdigest.cat8 b/kuser/kdigest.cat8 new file mode 100644 index 000000000000..aa1174daada3 --- /dev/null +++ b/kuser/kdigest.cat8 @@ -0,0 +1,133 @@ + +KDIGEST(8) BSD System Manager's Manual KDIGEST(8) + +NNAAMMEE + kkddiiggeesstt -- userland tool to access digest interface in the KDC + +SSYYNNOOPPSSIISS + kkddiiggeesstt [----ccccaacchhee==_s_t_r_i_n_g] [----vveerrssiioonn] [----hheellpp] command [arguments] + +DDEESSCCRRIIPPTTIIOONN + Supported options: + + ----ccccaacchhee==_s_t_r_i_n_g + credential cache + + ----vveerrssiioonn + print version + + ----hheellpp + + Available commands are: + + digest-probe [----rreeaallmm==_s_t_r_i_n_g] [--hh | ----hheellpp] + + ----rreeaallmm==_s_t_r_i_n_g + Kerberos realm to communicate with + + digest-server-init [----ttyyppee==_s_t_r_i_n_g] [----kkeerrbbeerrooss--rreeaallmm==_r_e_a_l_m] + [----ddiiggeesstt==_d_i_g_e_s_t_-_t_y_p_e] [----ccbb--ttyyppee==_t_y_p_e] [----ccbb--vvaalluuee==_v_a_l_u_e] + [----hhoossttnnaammee==_h_o_s_t_n_a_m_e] [----rreeaallmm==_s_t_r_i_n_g] + + ----ttyyppee==_s_t_r_i_n_g + digest type + + ----kkeerrbbeerrooss--rreeaallmm==_r_e_a_l_m + + ----ddiiggeesstt==_d_i_g_e_s_t_-_t_y_p_e + digest type to use in the algorithm + + ----ccbb--ttyyppee==_t_y_p_e + type of channel bindings + + ----ccbb--vvaalluuee==_v_a_l_u_e + value of channel bindings + + ----hhoossttnnaammee==_h_o_s_t_n_a_m_e + hostname of the server + + ----rreeaallmm==_s_t_r_i_n_g + Kerberos realm to communicate with + + digest-server-request [----ttyyppee==_s_t_r_i_n_g] [----kkeerrbbeerrooss--rreeaallmm==_r_e_a_l_m] + [----uusseerrnnaammee==_n_a_m_e] [----sseerrvveerr--nnoonnccee==_n_o_n_c_e] + [----sseerrvveerr--iiddeennttiiffiieerr==_n_o_n_c_e] [----cclliieenntt--nnoonnccee==_n_o_n_c_e] + [----cclliieenntt--rreessppoonnssee==_r_e_s_p_o_n_s_e] [----ooppaaqquuee==_s_t_r_i_n_g] + [----aauutthheennttiiccaattiioonn--nnaammee==_n_a_m_e] [----rreeaallmm==_r_e_a_l_m] [----mmeetthhoodd==_m_e_t_h_o_d] + [----uurrii==_u_r_i] [----nnoouunnccee--ccoouunntt==_c_o_u_n_t] [----qqoopp==_q_o_p] [----ccccaacchhee==_c_c_a_c_h_e] + + ----ttyyppee==_s_t_r_i_n_g + digest type + + ----kkeerrbbeerrooss--rreeaallmm==_r_e_a_l_m + + ----uusseerrnnaammee==_n_a_m_e + digest type + + ----sseerrvveerr--nnoonnccee==_n_o_n_c_e + + ----sseerrvveerr--iiddeennttiiffiieerr==_n_o_n_c_e + + ----cclliieenntt--nnoonnccee==_n_o_n_c_e + + ----cclliieenntt--rreessppoonnssee==_r_e_s_p_o_n_s_e + + ----ooppaaqquuee==_s_t_r_i_n_g + + ----aauutthheennttiiccaattiioonn--nnaammee==_n_a_m_e + + ----rreeaallmm==_r_e_a_l_m + + ----mmeetthhoodd==_m_e_t_h_o_d + + ----uurrii==_u_r_i + + ----nnoouunnccee--ccoouunntt==_c_o_u_n_t + + ----qqoopp==_q_o_p + + ----ccccaacchhee==_c_c_a_c_h_e + Where the the credential cache is created when the KDC + returns tickets + + digest-client-request [----ttyyppee==_s_t_r_i_n_g] [----uusseerrnnaammee==_n_a_m_e] + [----ppaasssswwoorrdd==_p_a_s_s_w_o_r_d] [----sseerrvveerr--nnoonnccee==_n_o_n_c_e] + [----sseerrvveerr--iiddeennttiiffiieerr==_n_o_n_c_e] [----cclliieenntt--nnoonnccee==_n_o_n_c_e] + [----ooppaaqquuee==_s_t_r_i_n_g] [----rreeaallmm==_r_e_a_l_m] [----mmeetthhoodd==_m_e_t_h_o_d] [----uurrii==_u_r_i] + [----nnoouunnccee--ccoouunntt==_c_o_u_n_t] [----qqoopp==_q_o_p] + + ----ttyyppee==_s_t_r_i_n_g + digest type + + ----uusseerrnnaammee==_n_a_m_e + digest type + + ----ppaasssswwoorrdd==_p_a_s_s_w_o_r_d + + ----sseerrvveerr--nnoonnccee==_n_o_n_c_e + + ----sseerrvveerr--iiddeennttiiffiieerr==_n_o_n_c_e + + ----cclliieenntt--nnoonnccee==_n_o_n_c_e + + ----ooppaaqquuee==_s_t_r_i_n_g + + ----rreeaallmm==_r_e_a_l_m + + ----mmeetthhoodd==_m_e_t_h_o_d + + ----uurrii==_u_r_i + + ----nnoouunnccee--ccoouunntt==_c_o_u_n_t + + ----qqoopp==_q_o_p + + ntlm-server-init [----vveerrssiioonn==_i_n_t_e_g_e_r] [----kkeerrbbeerrooss--rreeaallmm==_s_t_r_i_n_g] + + ----vveerrssiioonn==_i_n_t_e_g_e_r + ntlm version + + ----kkeerrbbeerrooss--rreeaallmm==_s_t_r_i_n_g + Kerberos realm to communicate with + +HEIMDAL September 25, 2008 HEIMDAL diff --git a/kuser/kgetcred-version.rc b/kuser/kgetcred-version.rc new file mode 100644 index 000000000000..cd3064935f78 --- /dev/null +++ b/kuser/kgetcred-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Get Kerberos Ticket For Service" +#define RC_FILE_ORIG_0409 "kgetcred.exe" + +#include "../windows/version.rc" diff --git a/kuser/kgetcred.1 b/kuser/kgetcred.1 index 1949ff7e0bbb..5c1b212e2be3 100644 --- a/kuser/kgetcred.1 +++ b/kuser/kgetcred.1 @@ -1,35 +1,35 @@ -.\" Copyright (c) 1999, 2001 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 1999, 2001 - 2002 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kgetcred.1 14090 2004-08-05 18:49:47Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd March 12, 2004 .Dt KGETCRED 1 @@ -39,18 +39,18 @@ .Nd "get a ticket for a particular service" .Sh SYNOPSIS .Nm -.Op Fl -canonicalize +.Op Fl Fl canonicalize .Oo Fl c cache \*(Ba Xo -.Fl -cache= Ns Ar cache +.Fl Fl cache= Ns Ar cache .Xc .Oc .Oo Fl e Ar enctype \*(Ba Xo -.Fl -enctype= Ns Ar enctype +.Fl Fl enctype= Ns Ar enctype .Xc .Oc -.Op Fl -no-transit-check -.Op Fl -version -.Op Fl -help +.Op Fl Fl no-transit-check +.Op Fl Fl version +.Op Fl Fl help .Ar service .Sh DESCRIPTION .Nm @@ -61,30 +61,16 @@ ticket or of a special type. .Pp Supported options: .Bl -tag -width Ds -.It Xo -.Fl -canonicalize -.Xc +.It Fl Fl canonicalize requests that the KDC canonicalize the principal. -.It Xo -.Fl c Ar cache , -.Fl -cache= Ns Ar cache -.Xc +.It Fl c Ar cache , Fl Fl cache= Ns Ar cache the credential cache to use. -.It Xo -.Fl e Ar enctype , -.Fl -enctype= Ns Ar enctype -.Xc +.It Fl e Ar enctype , Fl Fl enctype= Ns Ar enctype encryption type to use. -.It Xo -.Fl -no-transit-check -.Xc -requests that the KDC doesn't do trasnit checking. -.It Xo -.Fl -version -.Xc -.It Xo -.Fl -help -.Xc +.It Fl Fl no-transit-check +requests that the KDC doesn't do transit checking. +.It Fl Fl version +.It Fl Fl help .El .Sh SEE ALSO .Xr kinit 1 , diff --git a/kuser/kgetcred.c b/kuser/kgetcred.c index a842e002da54..7742eca4087d 100644 --- a/kuser/kgetcred.c +++ b/kuser/kgetcred.c @@ -1,46 +1,45 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kuser_locl.h" -RCSID("$Id: kgetcred.c 22276 2007-12-12 02:42:31Z lha $"); - static char *cache_str; static char *out_cache_str; static char *delegation_cred_str; static char *etype_str; static int transit_flag = 1; static int forwardable_flag; +static int canonicalize_flag; static char *impersonate_str; static char *nametype_str; static int version_flag; @@ -48,21 +47,23 @@ static int help_flag; struct getargs args[] = { { "cache", 'c', arg_string, &cache_str, - "credential cache to use", "cache"}, + NP_("credential cache to use", ""), "cache"}, { "out-cache", 0, arg_string, &out_cache_str, - "credential cache to store credential in", "cache"}, + NP_("credential cache to store credential in", ""), "cache"}, { "delegation-credential-cache",0,arg_string, &delegation_cred_str, - "where to find the ticket use for delegation", "cache"}, + NP_("where to find the ticket use for delegation", ""), "cache"}, + { "canonicalize", 0, arg_flag, &canonicalize_flag, + NP_("canonicalize the principal", ""), NULL }, { "forwardable", 0, arg_flag, &forwardable_flag, - "forwardable ticket requested"}, - { "transit-check", 0, arg_negative_flag, &transit_flag }, + NP_("forwardable ticket requested", ""), NULL}, + { "transit-check", 0, arg_negative_flag, &transit_flag, NULL, NULL }, { "enctype", 'e', arg_string, &etype_str, - "encryption type to use", "enctype"}, + NP_("encryption type to use", ""), "enctype"}, { "impersonate", 0, arg_string, &impersonate_str, - "client to impersonate", "principal"}, - { "name-type", 0, arg_string, &nametype_str }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + NP_("client to impersonate", ""), "principal"}, + { "name-type", 0, arg_string, &nametype_str, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static void @@ -92,10 +93,10 @@ main(int argc, char **argv) ret = krb5_init_context (&context); if (ret) errx(1, "krb5_init_context failed: %d", ret); - + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -129,7 +130,8 @@ main(int argc, char **argv) ret = krb5_string_to_enctype(context, etype_str, &enctype); if (ret) - krb5_errx (context, 1, "unrecognized enctype: %s", etype_str); + krb5_errx (context, 1, N_("unrecognized enctype: %s", ""), + etype_str); krb5_get_creds_opt_set_enctype(context, opt, enctype); } @@ -148,6 +150,8 @@ main(int argc, char **argv) krb5_get_creds_opt_add_options(context, opt, KRB5_GC_FORWARDABLE); if (!transit_flag) krb5_get_creds_opt_add_options(context, opt, KRB5_GC_NO_TRANSIT_CHECK); + if (canonicalize_flag) + krb5_get_creds_opt_add_options(context, opt, KRB5_GC_CANONICALIZE); if (delegation_cred_str) { krb5_ccache id; @@ -169,7 +173,7 @@ main(int argc, char **argv) ret = decode_Ticket(c.ticket.data, c.ticket.length, &ticket, NULL); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); krb5_err (context, 1, ret, "decode_Ticket"); } krb5_free_cred_contents(context, &c); @@ -182,7 +186,7 @@ main(int argc, char **argv) krb5_cc_close (context, id); krb5_free_principal(context, mc.server); - krb5_get_creds_opt_add_options(context, opt, + krb5_get_creds_opt_add_options(context, opt, KRB5_GC_CONSTRAINED_DELEGATION); } @@ -191,10 +195,13 @@ main(int argc, char **argv) krb5_err (context, 1, ret, "krb5_parse_name %s", argv[0]); if (nametype_str) { - ret = krb5_parse_nametype(context, nametype_str, - &server->name.name_type); + int32_t nametype; + + ret = krb5_parse_nametype(context, nametype_str, &nametype); if (ret) krb5_err(context, 1, ret, "krb5_parse_nametype"); + + server->name.name_type = (NAME_TYPE)nametype; } ret = krb5_get_creds(context, opt, cache, server, &out); diff --git a/kuser/kgetcred.cat1 b/kuser/kgetcred.cat1 new file mode 100644 index 000000000000..04472c513caa --- /dev/null +++ b/kuser/kgetcred.cat1 @@ -0,0 +1,38 @@ + +KGETCRED(1) BSD General Commands Manual KGETCRED(1) + +NNAAMMEE + kkggeettccrreedd -- get a ticket for a particular service + +SSYYNNOOPPSSIISS + kkggeettccrreedd [----ccaannoonniiccaalliizzee] [--cc --ccaacchhee | ----ccaacchhee==_c_a_c_h_e] [--ee _e_n_c_t_y_p_e | + ----eennccttyyppee==_e_n_c_t_y_p_e] [----nnoo--ttrraannssiitt--cchheecckk] [----vveerrssiioonn] [----hheellpp] + _s_e_r_v_i_c_e + +DDEESSCCRRIIPPTTIIOONN + kkggeettccrreedd obtains a ticket for a service. Usually tickets for services + are obtained automatically when needed but sometimes for some odd reason + you want to obtain a particular ticket or of a special type. + + Supported options: + + ----ccaannoonniiccaalliizzee + requests that the KDC canonicalize the principal. + + --cc _c_a_c_h_e, ----ccaacchhee==_c_a_c_h_e + the credential cache to use. + + --ee _e_n_c_t_y_p_e, ----eennccttyyppee==_e_n_c_t_y_p_e + encryption type to use. + + ----nnoo--ttrraannssiitt--cchheecckk + requests that the KDC doesn't do transit checking. + + ----vveerrssiioonn + + ----hheellpp + +SSEEEE AALLSSOO + kinit(1), klist(1) + +HEIMDAL March 12, 2004 HEIMDAL diff --git a/kuser/kimpersonate-version.rc b/kuser/kimpersonate-version.rc new file mode 100644 index 000000000000..8552b05df759 --- /dev/null +++ b/kuser/kimpersonate-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Impersonate a Kerberos Principal" +#define RC_FILE_ORIG_0409 "kimpersonate.exe" + +#include "../windows/version.rc" diff --git a/kuser/kimpersonate.1 b/kuser/kimpersonate.8 similarity index 56% rename from kuser/kimpersonate.1 rename to kuser/kimpersonate.8 index b9cd8d61488f..df83b5ded159 100644 --- a/kuser/kimpersonate.1 +++ b/kuser/kimpersonate.8 @@ -1,70 +1,55 @@ -.\" Copyright (c) 2002 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2002 - 2007 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kimpersonate.1 20259 2007-02-17 23:49:54Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd September 18, 2006 -.Dt KERBEROS 1 +.Dt KIMPERSONATE 8 .Os Heimdal .Sh NAME .Nm kimpersonate -.Nd -impersonate a user when there exist a srvtab, keyfile or KeyFile +.Nd impersonate a user when there exist a srvtab, keyfile or KeyFile .Sh SYNOPSIS .Nm -.Oo Fl s Ar string \*(Ba Xo -.Fl -server= Ns Ar string Oc -.Xc -.Oo Fl c Ar string \*(Ba Xo -.Fl -client= Ns Ar string Oc -.Xc -.Oo Fl k Ar string \*(Ba Xo -.Fl -keytab= Ns Ar string Oc -.Xc -.Op Fl 5 | Fl -krb5 -.Oo Fl e Ar integer \*(Ba Xo -.Fl -expire-time= Ns Ar integer Oc -.Xc -.Oo Fl a Ar string \*(Ba Xo -.Fl -client-address= Ns Ar string Oc -.Xc -.Oo Fl t Ar string \*(Ba Xo -.Fl -enc-type= Ns Ar string Oc -.Xc -.Oo Fl f Ar string \*(Ba Xo -.Fl -ticket-flags= Ns Ar string Oc -.Xc -.Op Fl -verbose -.Op Fl -version -.Op Fl -help +.Op Fl s Ar string \*(Ba Fl Fl server= Ns Ar string +.Op Fl c Ar string \*(Ba Fl Fl client= Ns Ar string +.Op Fl k Ar string \*(Ba Fl Fl keytab= Ns Ar string +.Op Fl 5 | Fl Fl krb5 +.Op Fl e Ar integer \*(Ba Fl Fl expire-time= Ns Ar integer +.Op Fl a Ar string \*(Ba Fl Fl client-address= Ns Ar string +.Op Fl t Ar string \*(Ba Fl Fl enc-type= Ns Ar string +.Op Fl f Ar string \*(Ba Fl Fl ticket-flags= Ns Ar string +.Op Fl Fl verbose +.Op Fl Fl version +.Op Fl Fl help .Sh DESCRIPTION The .Nm @@ -73,57 +58,27 @@ The service key can be read from a Kerberos 5 keytab, AFS KeyFile or (if compiled with support for Kerberos 4) a Kerberos 4 srvtab. Supported options: .Bl -tag -width Ds -.It Xo -.Fl s Ar string Ns , -.Fl -server= Ns Ar string -.Xc +.It Fl s Ar string Ns , Fl Fl server= Ns Ar string name of server principal -.It Xo -.Fl c Ar string Ns , -.Fl -client= Ns Ar string -.Xc +.It Fl c Ar string Ns , Fl Fl client= Ns Ar string name of client principal -.It Xo -.Fl k Ar string Ns , -.Fl -keytab= Ns Ar string -.Xc +.It Fl k Ar string Ns , Fl Fl keytab= Ns Ar string name of keytab file -.It Xo -.Fl 5 Ns , -.Fl -krb5 -.Xc +.It Fl 5 Ns , Fl Fl krb5 create a Kerberos 5 ticket -.It Xo -.Fl e Ar integer Ns , -.Fl -expire-time= Ns Ar integer -.Xc +.It Fl e Ar integer Ns , Fl Fl expire-time= Ns Ar integer lifetime of ticket in seconds -.It Xo -.Fl a Ar string Ns , -.Fl -client-address= Ns Ar string -.Xc +.It Fl a Ar string Ns , Fl Fl client-address= Ns Ar string address of client -.It Xo -.Fl t Ar string Ns , -.Fl -enc-type= Ns Ar string -.Xc +.It Fl t Ar string Ns , Fl Fl enc-type= Ns Ar string encryption type -.It Xo -.Fl f Ar string Ns , -.Fl -ticket-flags= Ns Ar string -.Xc +.It Fl f Ar string Ns , Fl Fl ticket-flags= Ns Ar string ticket flags for krb5 ticket -.It Xo -.Fl -verbose -.Xc +.It Fl Fl verbose Verbose output -.It Xo -.Fl -version -.Xc +.It Fl Fl version Print version -.It Xo -.Fl -help -.Xc +.It Fl Fl help .El .Sh FILES Uses @@ -131,9 +86,9 @@ Uses .Pa /etc/srvtab and .Pa /usr/afs/etc/KeyFile -when avalible and the the +when available and the .Fl k -is used with appropriate prefix. +option is used with an appropriate prefix. .Sh EXAMPLES .Nm can be used in diff --git a/kuser/kimpersonate.c b/kuser/kimpersonate.c index 9ef99aff9f11..af1e9f43035d 100644 --- a/kuser/kimpersonate.c +++ b/kuser/kimpersonate.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2000 - 2007 Kungliga Tekniska Högskolan + * Copyright (c) 2000 - 2007 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -32,7 +32,6 @@ */ #include "kuser_locl.h" -RCSID("$Id: kimpersonate.c 22117 2007-12-03 21:24:16Z lha $"); #include static char *client_principal_str = NULL; @@ -45,19 +44,21 @@ static char *ccache_str = NULL; static char *ticket_flags_str = NULL; static TicketFlags ticket_flags; static char *keytab_file = NULL; -static char *enc_type = "des-cbc-md5"; +static char *enctype_string = NULL; static int expiration_time = 3600; static struct getarg_strings client_addresses; static int version_flag = 0; static int help_flag = 0; static int use_krb5 = 1; +static const char *enc_type = "des-cbc-md5"; + /* * */ static void -encode_ticket (krb5_context context, +encode_ticket (krb5_context context, EncryptionKey *skey, krb5_enctype etype, int skvno, @@ -68,24 +69,24 @@ encode_ticket (krb5_context context, krb5_error_code ret; krb5_crypto crypto; EncryptedData enc_part; - EncTicketPart et; + EncTicketPart et; Ticket ticket; memset (&enc_part, 0, sizeof(enc_part)); memset (&ticket, 0, sizeof(ticket)); - + /* * Set up `enc_part' */ et.flags = cred->flags.b; et.key = cred->session; - et.crealm = *krb5_princ_realm (context, cred->client); + et.crealm = cred->client->realm; copy_PrincipalName(&cred->client->name, &et.cname); { krb5_data empty_string; - - krb5_data_zero(&empty_string); + + krb5_data_zero(&empty_string); et.transited.tr_type = DOMAIN_X500_COMPRESS; et.transited.contents = empty_string; } @@ -104,14 +105,19 @@ encode_ticket (krb5_context context, if (ret) krb5_err(context, 1, ret, "EncTicketPart"); - krb5_crypto_init(context, skey, etype, &crypto); - krb5_encrypt_EncryptedData (context, - crypto, - KRB5_KU_TICKET, - buf, - len, - skvno, - &ticket.enc_part); + ret = krb5_crypto_init(context, skey, etype, &crypto); + if (ret) + krb5_err(context, 1, ret, "krb5_crypto_init"); + ret = krb5_encrypt_EncryptedData (context, + crypto, + KRB5_KU_TICKET, + buf, + len, + skvno, + &ticket.enc_part); + if (ret) + krb5_err(context, 1, ret, "krb5_encrypt_EncryptedData"); + free(buf); krb5_crypto_destroy(context, crypto); @@ -120,14 +126,15 @@ encode_ticket (krb5_context context, */ ticket.tkt_vno = 5; - ticket.realm = *krb5_princ_realm (context, cred->server); + ticket.realm = cred->server->realm; copy_PrincipalName(&cred->server->name, &ticket.sname); - + ASN1_MALLOC_ENCODE(Ticket, buf, len, &ticket, &size, ret); if(ret) krb5_err (context, 1, ret, "encode_Ticket"); krb5_data_copy(&cred->ticket, buf, len); + free(buf); } /* @@ -142,13 +149,13 @@ create_krb5_tickets (krb5_context context, krb5_keytab kt) krb5_creds cred; krb5_enctype etype; krb5_ccache ccache; - + memset (&cred, 0, sizeof(cred)); - + ret = krb5_string_to_enctype (context, enc_type, &etype); if (ret) krb5_err (context, 1, ret, "krb5_string_to_enctype"); - ret = krb5_kt_get_entry (context, kt, server_principal, + ret = krb5_kt_get_entry (context, kt, server_principal, 0, etype, &entry); if (ret) krb5_err (context, 1, ret, "krb5_kt_get_entry"); @@ -162,27 +169,27 @@ create_krb5_tickets (krb5_context context, krb5_keytab kt) if (ret) krb5_err (context, 1, ret, "krb5_copy_principal"); ret = krb5_copy_principal (context, server_principal, &cred.server); - if (ret) + if (ret) krb5_err (context, 1, ret, "krb5_copy_principal"); - krb5_generate_random_keyblock(context, etype, &cred.session); + krb5_generate_random_keyblock(context, etype, &cred.session); cred.times.authtime = time(NULL); cred.times.starttime = time(NULL); cred.times.endtime = time(NULL) + expiration_time; cred.times.renew_till = 0; - krb5_data_zero(&cred.second_ticket); + krb5_data_zero(&cred.second_ticket); ret = krb5_get_all_client_addrs (context, &cred.addresses); if (ret) krb5_err (context, 1, ret, "krb5_get_all_client_addrs"); cred.flags.b = ticket_flags; - - + + /* * Encode encrypted part of ticket */ - encode_ticket (context, &entry.keyblock, etype, entry.vno, &cred); + encode_ticket (context, &entry.keyblock, etype, entry.vno, &cred); /* * Write to cc @@ -201,14 +208,14 @@ create_krb5_tickets (krb5_context context, krb5_keytab kt) ret = krb5_cc_initialize (context, ccache, cred.client); if (ret) krb5_err (context, 1, ret, "krb5_cc_initialize"); - + ret = krb5_cc_store_cred (context, ccache, &cred); if (ret) krb5_err (context, 1, ret, "krb5_cc_store_cred"); krb5_free_cred_contents (context, &cred); krb5_cc_close (context, ccache); - + return 0; } @@ -243,7 +250,7 @@ setup_env (krb5_context context, krb5_keytab *kt) if (ticket_flags_str) { int ticket_flags_int; - ticket_flags_int = parse_flags(ticket_flags_str, + ticket_flags_int = parse_flags(ticket_flags_str, asn1_TicketFlags_units(), 0); if (ticket_flags_int <= 0) { krb5_warnx (context, "bad ticket flags: `%s'", ticket_flags_str); @@ -262,22 +269,22 @@ setup_env (krb5_context context, krb5_keytab *kt) struct getargs args[] = { { "ccache", 0, arg_string, &ccache_str, "name of kerberos 5 credential cache", "cache-name"}, - { "server", 's', arg_string, &server_principal_str, - "name of server principal" }, - { "client", 'c', arg_string, &client_principal_str, - "name of client principal" }, + { "server", 's', arg_string, &server_principal_str, + "name of server principal", NULL }, + { "client", 'c', arg_string, &client_principal_str, + "name of client principal", NULL }, { "keytab", 'k', arg_string, &keytab_file, - "name of keytab file" }, + "name of keytab file", NULL }, { "krb5", '5', arg_flag, &use_krb5, - "create a kerberos 5 ticket"}, + "create a kerberos 5 ticket", NULL }, { "expire-time", 'e', arg_integer, &expiration_time, - "lifetime of ticket in seconds" }, + "lifetime of ticket in seconds", NULL }, { "client-addresses", 'a', arg_strings, &client_addresses, - "addresses of client" }, - { "enc-type", 't', arg_string, &enc_type, - "encryption type" }, + "addresses of client", NULL }, + { "enc-type", 't', arg_string, &enctype_string, + "encryption type", NULL }, { "ticket-flags", 'f', arg_string, &ticket_flags_str, - "ticket flags for krb5 ticket" }, + "ticket flags for krb5 ticket", NULL }, { "version", 0, arg_flag, &version_flag, "Print version", NULL }, { "help", 0, arg_flag, &help_flag, NULL, @@ -297,7 +304,7 @@ usage (int ret) int main (int argc, char **argv) { - int optind = 0; + int optidx = 0; krb5_error_code ret; krb5_context context; krb5_keytab kt; @@ -308,23 +315,26 @@ main (int argc, char **argv) if (ret) errx(1, "krb5_init_context failed: %u", ret); - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, - &optind)) - usage (1); + if (getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) + usage(1); if (help_flag) - usage (0); + usage(0); if (version_flag) { print_version(NULL); return 0; } - setup_env (context, &kt); + if (enctype_string) + enc_type = enctype_string; + + setup_env(context, &kt); if (use_krb5) - create_krb5_tickets (context, kt); + create_krb5_tickets(context, kt); + + krb5_kt_close(context, kt); - krb5_kt_close (context, kt); return 0; } diff --git a/kuser/kimpersonate.cat8 b/kuser/kimpersonate.cat8 new file mode 100644 index 000000000000..7916958662ba --- /dev/null +++ b/kuser/kimpersonate.cat8 @@ -0,0 +1,71 @@ + +KIMPERSONATE(8) BSD System Manager's Manual KIMPERSONATE(8) + +NNAAMMEE + kkiimmppeerrssoonnaattee -- impersonate a user when there exist a srvtab, keyfile or + KeyFile + +SSYYNNOOPPSSIISS + kkiimmppeerrssoonnaattee [--ss _s_t_r_i_n_g | ----sseerrvveerr==_s_t_r_i_n_g] [--cc _s_t_r_i_n_g | ----cclliieenntt==_s_t_r_i_n_g] + [--kk _s_t_r_i_n_g | ----kkeeyyttaabb==_s_t_r_i_n_g] [--55 | ----kkrrbb55] + [--ee _i_n_t_e_g_e_r | ----eexxppiirree--ttiimmee==_i_n_t_e_g_e_r] + [--aa _s_t_r_i_n_g | ----cclliieenntt--aaddddrreessss==_s_t_r_i_n_g] + [--tt _s_t_r_i_n_g | ----eenncc--ttyyppee==_s_t_r_i_n_g] + [--ff _s_t_r_i_n_g | ----ttiicckkeett--ffllaaggss==_s_t_r_i_n_g] [----vveerrbboossee] [----vveerrssiioonn] + [----hheellpp] + +DDEESSCCRRIIPPTTIIOONN + The kkiimmppeerrssoonnaattee program creates a "fake" ticket using the service-key of + the service. The service key can be read from a Kerberos 5 keytab, AFS + KeyFile or (if compiled with support for Kerberos 4) a Kerberos 4 srvtab. + Supported options: + + --ss _s_t_r_i_n_g, ----sseerrvveerr==_s_t_r_i_n_g + name of server principal + + --cc _s_t_r_i_n_g, ----cclliieenntt==_s_t_r_i_n_g + name of client principal + + --kk _s_t_r_i_n_g, ----kkeeyyttaabb==_s_t_r_i_n_g + name of keytab file + + --55, ----kkrrbb55 + create a Kerberos 5 ticket + + --ee _i_n_t_e_g_e_r, ----eexxppiirree--ttiimmee==_i_n_t_e_g_e_r + lifetime of ticket in seconds + + --aa _s_t_r_i_n_g, ----cclliieenntt--aaddddrreessss==_s_t_r_i_n_g + address of client + + --tt _s_t_r_i_n_g, ----eenncc--ttyyppee==_s_t_r_i_n_g + encryption type + + --ff _s_t_r_i_n_g, ----ttiicckkeett--ffllaaggss==_s_t_r_i_n_g + ticket flags for krb5 ticket + + ----vveerrbboossee + Verbose output + + ----vveerrssiioonn + Print version + + ----hheellpp + +FFIILLEESS + Uses _/_e_t_c_/_k_r_b_5_._k_e_y_t_a_b_, _/_e_t_c_/_s_r_v_t_a_b and _/_u_s_r_/_a_f_s_/_e_t_c_/_K_e_y_F_i_l_e when avail- + able and the --kk option is used with an appropriate prefix. + +EEXXAAMMPPLLEESS + kkiimmppeerrssoonnaattee can be used in ssaammbbaa root preexec option or for debugging. + kkiimmppeerrssoonnaattee -s host/hummel.e.kth.se@E.KTH.SE -c lha@E.KTH.SE -5 will + create a Kerberos 5 ticket for lha@E.KTH.SE for the host hummel.e.kth.se + if there exists a keytab entry for it in _/_e_t_c_/_k_r_b_5_._k_e_y_t_a_b. + +SSEEEE AALLSSOO + kinit(1), klist(1) + +AAUUTTHHOORRSS + Love Hornquist Astrand + +Heimdal September 18, 2006 Heimdal diff --git a/kuser/kinit-version.rc b/kuser/kinit-version.rc new file mode 100644 index 000000000000..3eb53e25a56c --- /dev/null +++ b/kuser/kinit-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Acquire Initial Kerberos Tickets" +#define RC_FILE_ORIG_0409 "kinit.exe" + +#include "../windows/version.rc" diff --git a/kuser/kinit.1 b/kuser/kinit.1 index 01fac262a685..56ad66dd40f4 100644 --- a/kuser/kinit.1 +++ b/kuser/kinit.1 @@ -1,92 +1,90 @@ -.\" Copyright (c) 1998 - 2003, 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 1998 - 2003, 2006 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kinit.1 17822 2006-07-10 14:46:58Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd April 25, 2006 .Dt KINIT 1 .Os HEIMDAL .Sh NAME .Nm kinit -.Nm kauth .Nd acquire initial tickets .Sh SYNOPSIS .Nm kinit -.Op Fl 4 | Fl -524init -.Op Fl 9 | Fl -524convert -.Op Fl -afslog +.Op Fl Fl afslog .Oo Fl c Ar cachename \*(Ba Xo -.Fl -cache= Ns Ar cachename +.Fl Fl cache= Ns Ar cachename .Xc .Oc -.Op Fl f | Fl -forwardable +.Op Fl f | Fl Fl no-forwardable .Oo Fl t Ar keytabname \*(Ba Xo -.Fl -keytab= Ns Ar keytabname +.Fl Fl keytab= Ns Ar keytabname .Xc .Oc .Oo Fl l Ar time \*(Ba Xo -.Fl -lifetime= Ns Ar time +.Fl Fl lifetime= Ns Ar time .Xc .Oc -.Op Fl p | Fl -proxiable -.Op Fl R | Fl -renew -.Op Fl -renewable +.Op Fl p | Fl Fl proxiable +.Op Fl R | Fl Fl renew +.Op Fl Fl renewable .Oo Fl r Ar time \*(Ba Xo -.Fl -renewable-life= Ns Ar time +.Fl Fl renewable-life= Ns Ar time .Xc .Oc .Oo Fl S Ar principal \*(Ba Xo -.Fl -server= Ns Ar principal +.Fl Fl server= Ns Ar principal .Xc .Oc .Oo Fl s Ar time \*(Ba Xo -.Fl -start-time= Ns Ar time +.Fl Fl start-time= Ns Ar time .Xc .Oc -.Op Fl k | Fl -use-keytab -.Op Fl v | Fl -validate +.Op Fl k | Fl Fl use-keytab +.Op Fl v | Fl Fl validate .Oo Fl e Ar enctypes \*(Ba Xo -.Fl -enctypes= Ns Ar enctypes +.Fl Fl enctypes= Ns Ar enctypes .Xc .Oc .Oo Fl a Ar addresses \*(Ba Xo -.Fl -extra-addresses= Ns Ar addresses +.Fl Fl extra-addresses= Ns Ar addresses .Xc .Oc -.Op Fl -password-file= Ns Ar filename -.Op Fl -fcache-version= Ns Ar version-number -.Op Fl A | Fl -no-addresses -.Op Fl -anonymous -.Op Fl -version -.Op Fl -help +.Op Fl Fl password-file= Ns Ar filename +.Op Fl Fl fcache-version= Ns Ar version-number +.Op Fl A | Fl Fl no-addresses +.Op Fl Fl anonymous +.Op Fl Fl enterprise +.Op Fl Fl version +.Op Fl Fl help .Op Ar principal Op Ar command .Sh DESCRIPTION .Nm @@ -96,97 +94,53 @@ or if none is given, a system generated default (typically your login name at the default realm), and acquire a ticket granting ticket that can later be used to obtain tickets for other services. .Pp -If you have compiled -.Nm kinit -with Kerberos 4 support and you have a -Kerberos 4 server, -.Nm -will detect this and get you Kerberos 4 tickets. -.Pp Supported options: .Bl -tag -width Ds -.It Xo -.Fl c Ar cachename -.Fl -cache= Ns Ar cachename -.Xc +.It Fl c Ar cachename Fl Fl cache= Ns Ar cachename The credentials cache to put the acquired ticket in, if other than default. -.It Xo -.Fl f , -.Fl -forwardable -.Xc -Get ticket that can be forwarded to another host. -.It Xo -.Fl t Ar keytabname , -.Fl -keytab= Ns Ar keytabname -.Xc +.It Fl f Fl Fl no-forwardable +Get ticket that can be forwarded to another host, or if the negative +flags use, don't get a forwardable flag. +.It Fl t Ar keytabname , Fl Fl keytab= Ns Ar keytabname Don't ask for a password, but instead get the key from the specified keytab. -.It Xo -.Fl l Ar time , -.Fl -lifetime= Ns Ar time -.Xc +.It Fl l Ar time , Fl Fl lifetime= Ns Ar time Specifies the lifetime of the ticket. The argument can either be in seconds, or a more human readable string like .Sq 1h . -.It Xo -.Fl p , -.Fl -proxiable -.Xc +.It Fl p , Fl Fl proxiable Request tickets with the proxiable flag set. -.It Xo -.Fl R , -.Fl -renew -.Xc +.It Fl R , Fl Fl renew Try to renew ticket. The ticket must have the .Sq renewable flag set, and must not be expired. -.It Fl -renewable +.It Fl Fl renewable The same as -.Fl -renewable-life , +.Fl Fl renewable-life , with an infinite time. -.It Xo -.Fl r Ar time , -.Fl -renewable-life= Ns Ar time -.Xc +.It Fl r Ar time , Fl Fl renewable-life= Ns Ar time The max renewable ticket life. -.It Xo -.Fl S Ar principal , -.Fl -server= Ns Ar principal -.Xc +.It Fl S Ar principal , Fl Fl server= Ns Ar principal Get a ticket for a service other than krbtgt/LOCAL.REALM. -.It Xo -.Fl s Ar time , -.Fl -start-time= Ns Ar time -.Xc +.It Fl s Ar time , Fl Fl start-time= Ns Ar time Obtain a ticket that starts to be valid .Ar time (which can really be a generic time specification, like .Sq 1h ) seconds into the future. -.It Xo -.Fl k , -.Fl -use-keytab -.Xc +.It Fl k , Fl Fl use-keytab The same as -.Fl -keytab , +.Fl Fl keytab , but with the default keytab name (normally .Ar FILE:/etc/krb5.keytab ) . -.It Xo -.Fl v , -.Fl -validate -.Xc +.It Fl v , Fl Fl validate Try to validate an invalid ticket. -.It Xo -.Fl e , -.Fl -enctypes= Ns Ar enctypes -.Xc +.It Fl e , Fl Fl enctypes= Ns Ar enctypes Request tickets with this particular enctype. -.It Xo -.Fl -password-file= Ns Ar filename -.Xc +.It Fl Fl password-file= Ns Ar filename read the password from the first line of .Ar filename . If the @@ -194,15 +148,10 @@ If the is .Ar STDIN , the password will be read from the standard input. -.It Xo -.Fl -fcache-version= Ns Ar version-number -.Xc +.It Fl Fl fcache-version= Ns Ar version-number Create a credentials cache of version .Ar version-number . -.It Xo -.Fl a , -.Fl -extra-addresses= Ns Ar enctypes -.Xc +.It Fl a , Fl Fl extra-addresses= Ns Ar enctypes Adds a set of addresses that will, in addition to the systems local addresses, be put in the ticket. This can be useful if all addresses a client can use can't be @@ -212,36 +161,23 @@ Also settable via .Li libdefaults/extra_addresses in .Xr krb5.conf 5 . -.It Xo -.Fl A , -.Fl -no-addresses -.Xc +.It Fl A , Fl Fl no-addresses Request a ticket with no addresses. -.It Xo -.Fl -anonymous -.Xc +.It Fl Fl anonymous Request an anonymous ticket (which means that the ticket will be issued to an anonymous principal, typically .Dq anonymous@REALM ) . -.El -.Pp -The following options are only available if -.Nm -has been compiled with support for Kerberos 4. -.Bl -tag -width Ds -.It Xo -.Fl 4 , -.Fl -524init -.Xc -Try to convert the obtained Kerberos 5 krbtgt to a version 4 -compatible ticket. -It will store this ticket in the default Kerberos 4 ticket file. -.It Xo -.Fl 9 , -.Fl -524convert -.Xc -only convert ticket to version 4 -.It Fl -afslog +.It Fl Fl enterprise +Parse principal as a enterprise (KRB5-NT-ENTERPRISE) name. Enterprise +names are email like principals that are stored in the name part of +the principal, and since there are two @ characters the parser needs +to know that the first is not a realm. +An example of an enterprise name is +.Dq lha@e.kth.se@KTH.SE , +and this option is usually used with canonicalize so that the +principal returned from the KDC will typically be the real principal +name. +.It Fl Fl afslog Gets AFS tickets, converts them to version 4 format, and stores them in the kernel. Only useful if you have AFS. @@ -261,7 +197,7 @@ section in krb5.conf, see If a .Ar command is given, -.Nm kinit +.Nm will set up new credentials caches, and AFS PAG, and then run the given command. When it finishes the credentials will be removed. diff --git a/kuser/kinit.c b/kuser/kinit.c index 267630985908..0b3876dcc5ed 100644 --- a/kuser/kinit.c +++ b/kuser/kinit.c @@ -1,42 +1,47 @@ /* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kuser_locl.h" -RCSID("$Id: kinit.c 22116 2007-12-03 21:22:58Z lha $"); -#include "krb5-v4compat.h" +#ifdef __APPLE__ +#include +#endif +#ifndef NO_NTLM #include "heimntlm.h" +#endif int forwardable_flag = -1; int proxiable_flag = -1; @@ -54,124 +59,153 @@ char *renew_life = NULL; char *server_str = NULL; char *cred_cache = NULL; char *start_str = NULL; +static int switch_cache_flags = 1; struct getarg_strings etype_str; int use_keytab = 0; char *keytab_str = NULL; int do_afslog = -1; -int get_v4_tgt = -1; -int convert_524 = 0; int fcache_version; char *password_file = NULL; char *pk_user_id = NULL; +int pk_enterprise_flag = 0; +struct hx509_certs_data *ent_user_id = NULL; char *pk_x509_anchors = NULL; int pk_use_enckey = 0; static int canonicalize_flag = 0; +static int enterprise_flag = 0; +static int ok_as_delegate_flag = 0; +static int use_referrals_flag = 0; +static int windows_flag = 0; +#ifndef NO_NTLM static char *ntlm_domain; +#endif -static char *krb4_cc_name; static struct getargs args[] = { - /* + /* * used by MIT * a: ~A * V: verbose * F: ~f * P: ~p * C: v4 cache name? - * 5: + * 5: + * + * old flags + * 4: + * 9: */ - { "524init", '4', arg_flag, &get_v4_tgt, - "obtain version 4 TGT" }, - - { "524convert", '9', arg_flag, &convert_524, - "only convert ticket to version 4" }, - { "afslog", 0 , arg_flag, &do_afslog, - "obtain afs tokens" }, + NP_("obtain afs tokens", ""), NULL }, { "cache", 'c', arg_string, &cred_cache, - "credentials cache", "cachename" }, + NP_("credentials cache", ""), "cachename" }, - { "forwardable", 'f', arg_flag, &forwardable_flag, - "get forwardable tickets"}, + { "forwardable", 0, arg_negative_flag, &forwardable_flag, + NP_("get tickets not forwardable", ""), NULL }, + + { NULL, 'f', arg_flag, &forwardable_flag, + NP_("get forwardable tickets", ""), NULL }, { "keytab", 't', arg_string, &keytab_str, - "keytab to use", "keytabname" }, + NP_("keytab to use", ""), "keytabname" }, { "lifetime", 'l', arg_string, &lifetime, - "lifetime of tickets", "time"}, + NP_("lifetime of tickets", ""), "time" }, { "proxiable", 'p', arg_flag, &proxiable_flag, - "get proxiable tickets" }, + NP_("get proxiable tickets", ""), NULL }, { "renew", 'R', arg_flag, &renew_flag, - "renew TGT" }, + NP_("renew TGT", ""), NULL }, { "renewable", 0, arg_flag, &renewable_flag, - "get renewable tickets" }, + NP_("get renewable tickets", ""), NULL }, { "renewable-life", 'r', arg_string, &renew_life, - "renewable lifetime of tickets", "time" }, + NP_("renewable lifetime of tickets", ""), "time" }, { "server", 'S', arg_string, &server_str, - "server to get ticket for", "principal" }, + NP_("server to get ticket for", ""), "principal" }, { "start-time", 's', arg_string, &start_str, - "when ticket gets valid", "time" }, + NP_("when ticket gets valid", ""), "time" }, { "use-keytab", 'k', arg_flag, &use_keytab, - "get key from keytab" }, + NP_("get key from keytab", ""), NULL }, { "validate", 'v', arg_flag, &validate_flag, - "validate TGT" }, + NP_("validate TGT", ""), NULL }, { "enctypes", 'e', arg_strings, &etype_str, - "encryption types to use", "enctypes" }, + NP_("encryption types to use", ""), "enctypes" }, { "fcache-version", 0, arg_integer, &fcache_version, - "file cache version to create" }, + NP_("file cache version to create", ""), NULL }, { "addresses", 'A', arg_negative_flag, &addrs_flag, - "request a ticket with no addresses" }, + NP_("request a ticket with no addresses", ""), NULL }, { "extra-addresses",'a', arg_strings, &extra_addresses, - "include these extra addresses", "addresses" }, + NP_("include these extra addresses", ""), "addresses" }, { "anonymous", 0, arg_flag, &anonymous_flag, - "request an anonymous ticket" }, + NP_("request an anonymous ticket", ""), NULL }, { "request-pac", 0, arg_flag, &pac_flag, - "request a Windows PAC" }, + NP_("request a Windows PAC", ""), NULL }, { "password-file", 0, arg_string, &password_file, - "read the password from a file" }, + NP_("read the password from a file", ""), NULL }, { "canonicalize",0, arg_flag, &canonicalize_flag, - "canonicalize client principal" }, + NP_("canonicalize client principal", ""), NULL }, + + { "enterprise",0, arg_flag, &enterprise_flag, + NP_("parse principal as a KRB5-NT-ENTERPRISE name", ""), NULL }, #ifdef PKINIT + { "pk-enterprise", 0, arg_flag, &pk_enterprise_flag, + NP_("use enterprise name from certificate", ""), NULL }, + { "pk-user", 'C', arg_string, &pk_user_id, - "principal's public/private/certificate identifier", "id" }, + NP_("principal's public/private/certificate identifier", ""), "id" }, { "x509-anchors", 'D', arg_string, &pk_x509_anchors, - "directory with CA certificates", "directory" }, + NP_("directory with CA certificates", ""), "directory" }, { "pk-use-enckey", 0, arg_flag, &pk_use_enckey, - "Use RSA encrypted reply (instead of DH)" }, + NP_("Use RSA encrypted reply (instead of DH)", ""), NULL }, #endif +#ifndef NO_NTLM { "ntlm-domain", 0, arg_string, &ntlm_domain, - "NTLM domain", "domain" }, + NP_("NTLM domain", ""), "domain" }, +#endif - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "change-default", 0, arg_negative_flag, &switch_cache_flags, + NP_("switch the default cache to the new credentials cache", ""), NULL }, + + { "ok-as-delegate", 0, arg_flag, &ok_as_delegate_flag, + NP_("honor ok-as-delegate on tickets", ""), NULL }, + + { "use-referrals", 0, arg_flag, &use_referrals_flag, + NP_("only use referrals, no dns canalisation", ""), NULL }, + + { "windows", 0, arg_flag, &windows_flag, + NP_("get windows behavior", ""), NULL }, + + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static void usage (int ret) { - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "[principal [command]]"); + arg_printusage_i18n (args, + sizeof(args)/sizeof(*args), + N_("Usage: ", ""), + NULL, + "[principal [command]]", + getarg_i18n); exit (ret); } @@ -181,63 +215,20 @@ get_server(krb5_context context, const char *server, krb5_principal *princ) { - krb5_realm *client_realm; + krb5_const_realm realm; if(server) return krb5_parse_name(context, server, princ); - client_realm = krb5_princ_realm (context, client); - return krb5_make_principal(context, princ, *client_realm, - KRB5_TGS_NAME, *client_realm, NULL); -} - -static krb5_error_code -do_524init(krb5_context context, krb5_ccache ccache, - krb5_creds *creds, const char *server) -{ - krb5_error_code ret; - - struct credentials c; - krb5_creds in_creds, *real_creds; - - if(creds != NULL) - real_creds = creds; - else { - krb5_principal client; - krb5_cc_get_principal(context, ccache, &client); - memset(&in_creds, 0, sizeof(in_creds)); - ret = get_server(context, client, server, &in_creds.server); - if(ret) { - krb5_free_principal(context, client); - return ret; - } - in_creds.client = client; - ret = krb5_get_credentials(context, 0, ccache, &in_creds, &real_creds); - krb5_free_principal(context, client); - krb5_free_principal(context, in_creds.server); - if(ret) - return ret; - } - ret = krb524_convert_creds_kdc_ccache(context, ccache, real_creds, &c); - if(ret) - krb5_warn(context, ret, "converting creds"); - else { - krb5_error_code tret = _krb5_krb_tf_setup(context, &c, NULL, 0); - if(tret) - krb5_warn(context, tret, "saving v4 creds"); - } - - if(creds == NULL) - krb5_free_creds(context, real_creds); - memset(&c, 0, sizeof(c)); - - return ret; + realm = krb5_principal_get_realm(context, client); + return krb5_make_principal(context, princ, realm, + KRB5_TGS_NAME, realm, NULL); } static int -renew_validate(krb5_context context, +renew_validate(krb5_context context, int renew, int validate, - krb5_ccache cache, + krb5_ccache cache, const char *server, krb5_deltat life) { @@ -259,8 +250,8 @@ renew_validate(krb5_context context, } if (renew) { - /* - * no need to check the error here, it's only to be + /* + * no need to check the error here, it's only to be * friendly to the user */ krb5_get_credentials(context, KRB5_GC_CACHED, cache, &in, &out); @@ -280,7 +271,7 @@ renew_validate(krb5_context context, else if (out) flags.b.proxiable = out->flags.b.proxiable; - if (anonymous_flag != -1) + if (anonymous_flag) flags.b.request_anonymous = anonymous_flag; if(life) in.times.endtime = time(NULL) + life; @@ -312,10 +303,10 @@ renew_validate(krb5_context context, if(ret == 0 && server == NULL) { /* only do this if it's a general renew-my-tgt request */ - if(get_v4_tgt) - do_524init(context, cache, out, NULL); +#ifndef NO_AFS if(do_afslog && k_hasafs()) krb5_afslog(context, cache, NULL, NULL); +#endif } krb5_free_creds (context, out); @@ -328,41 +319,33 @@ renew_validate(krb5_context context, return ret; } +#ifndef NO_NTLM + static krb5_error_code -store_ntlmkey(krb5_context context, krb5_ccache id, - const char *domain, krb5_const_principal client, - struct ntlm_buf *buf) +store_ntlmkey(krb5_context context, krb5_ccache id, + const char *domain, struct ntlm_buf *buf) { krb5_error_code ret; - krb5_creds cred; - - memset(&cred, 0, sizeof(cred)); + krb5_data data; + char *name; - ret = krb5_make_principal(context, &cred.server, - krb5_principal_get_realm(context, client), - "@ntlm-key", domain, NULL); - if (ret) - goto out; - ret = krb5_copy_principal(context, client, &cred.client); - if (ret) - goto out; - - cred.times.authtime = time(NULL); - cred.times.endtime = time(NULL) + 3600 * 24 * 30; /* XXX */ - cred.session.keytype = ENCTYPE_ARCFOUR_HMAC_MD5; - ret = krb5_data_copy(&cred.session.keyvalue, buf->data, buf->length); - if (ret) - goto out; + asprintf(&name, "ntlm-key-%s", domain); + if (name == NULL) { + krb5_clear_error_message(context); + return ENOMEM; + } - ret = krb5_cc_store_cred(context, id, &cred); + data.length = buf->length; + data.data = buf->data; -out: - krb5_free_cred_contents (context, &cred); - return 0; + ret = krb5_cc_set_config(context, id, NULL, name, &data); + free(name); + return ret; } +#endif static krb5_error_code -get_new_tickets(krb5_context context, +get_new_tickets(krb5_context context, krb5_principal principal, krb5_ccache ccache, krb5_deltat ticket_life, @@ -374,12 +357,13 @@ get_new_tickets(krb5_context context, char passwd[256]; krb5_deltat start_time = 0; krb5_deltat renew = 0; - char *renewstr = NULL; + const char *renewstr = NULL; krb5_enctype *enctype = NULL; - struct ntlm_buf ntlmkey; krb5_ccache tempccache; - +#ifndef NO_NTLM + struct ntlm_buf ntlmkey; memset(&ntlmkey, 0, sizeof(ntlmkey)); +#endif passwd[0] = '\0'; if (password_file) { @@ -394,20 +378,48 @@ get_new_tickets(krb5_context context, password_file); if (fgets(passwd, sizeof(passwd), f) == NULL) - krb5_errx(context, 1, - "Failed to read password from file %s", password_file); + krb5_errx(context, 1, + N_("Failed to read password from file %s", ""), + password_file); if (f != stdin) fclose(f); passwd[strcspn(passwd, "\n")] = '\0'; } +#ifdef __APPLE__ + if (passwd[0] == '\0') { + const char *realm; + OSStatus osret; + UInt32 length; + void *buffer; + char *name; + + realm = krb5_principal_get_realm(context, principal); + + ret = krb5_unparse_name_flags(context, principal, + KRB5_PRINCIPAL_UNPARSE_NO_REALM, &name); + if (ret) + goto nopassword; + + osret = SecKeychainFindGenericPassword(NULL, strlen(realm), realm, + strlen(name), name, + &length, &buffer, NULL); + free(name); + if (osret == noErr && length < sizeof(passwd) - 1) { + memcpy(passwd, buffer, length); + passwd[length] = '\0'; + } + nopassword: + do { } while(0); + } +#endif memset(&cred, 0, sizeof(cred)); ret = krb5_get_init_creds_opt_alloc (context, &opt); if (ret) krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc"); - + krb5_get_init_creds_opt_set_default_flags(context, "kinit", krb5_principal_get_realm(context, principal), opt); @@ -415,30 +427,35 @@ get_new_tickets(krb5_context context, krb5_get_init_creds_opt_set_forwardable (opt, forwardable_flag); if(proxiable_flag != -1) krb5_get_init_creds_opt_set_proxiable (opt, proxiable_flag); - if(anonymous_flag != -1) + if(anonymous_flag) krb5_get_init_creds_opt_set_anonymous (opt, anonymous_flag); if (pac_flag != -1) - krb5_get_init_creds_opt_set_pac_request(context, opt, + krb5_get_init_creds_opt_set_pac_request(context, opt, pac_flag ? TRUE : FALSE); if (canonicalize_flag) krb5_get_init_creds_opt_set_canonicalize(context, opt, TRUE); - if (pk_user_id) { + if (pk_enterprise_flag || enterprise_flag || canonicalize_flag || windows_flag) + krb5_get_init_creds_opt_set_win2k(context, opt, TRUE); + if (pk_user_id || ent_user_id || anonymous_flag) { ret = krb5_get_init_creds_opt_set_pkinit(context, opt, principal, pk_user_id, pk_x509_anchors, NULL, NULL, - pk_use_enckey ? 2 : 0, + pk_use_enckey ? 2 : 0 | + anonymous_flag ? 4 : 0, krb5_prompter_posix, NULL, passwd); if (ret) krb5_err(context, 1, ret, "krb5_get_init_creds_opt_set_pkinit"); + if (ent_user_id) + krb5_get_init_creds_opt_set_pkinit_user_certs(context, opt, ent_user_id); } if (addrs_flag != -1) - krb5_get_init_creds_opt_set_addressless(context, opt, + krb5_get_init_creds_opt_set_addressless(context, opt, addrs_flag ? FALSE : TRUE); if (renew_life == NULL && renewable_flag) @@ -449,7 +466,7 @@ get_new_tickets(krb5_context context, renew = parse_time (renewstr, "s"); if (renew < 0) errx (1, "unparsable time: %s", renewstr); - + krb5_get_init_creds_opt_set_renew_life (opt, renew); } @@ -459,7 +476,7 @@ get_new_tickets(krb5_context context, if(start_str) { int tmp = parse_time (start_str, "s"); if (tmp < 0) - errx (1, "unparsable time: %s", start_str); + errx (1, N_("unparsable time: %s", ""), start_str); start_time = tmp; } @@ -471,13 +488,13 @@ get_new_tickets(krb5_context context, if(enctype == NULL) errx(1, "out of memory"); for(i = 0; i < etype_str.num_strings; i++) { - ret = krb5_string_to_enctype(context, - etype_str.strings[i], + ret = krb5_string_to_enctype(context, + etype_str.strings[i], &enctype[i]); if(ret) errx(1, "unrecognized enctype: %s", etype_str.strings[i]); } - krb5_get_init_creds_opt_set_etype_list(opt, enctype, + krb5_get_init_creds_opt_set_etype_list(opt, enctype, etype_str.num_strings); } @@ -497,7 +514,7 @@ get_new_tickets(krb5_context context, server_str, opt); krb5_kt_close(context, kt); - } else if (pk_user_id) { + } else if (pk_user_id || ent_user_id || anonymous_flag) { ret = krb5_get_init_creds_password (context, &cred, principal, @@ -515,11 +532,11 @@ get_new_tickets(krb5_context context, if (passwd[0] == '\0') { char *p, *prompt; - + krb5_unparse_name (context, principal, &p); - asprintf (&prompt, "%s's Password: ", p); + asprintf (&prompt, N_("%s's Password: ", ""), p); free (p); - + if (UI_UTIL_read_pw_string(passwd, sizeof(passwd)-1, prompt, 0)){ memset(passwd, 0, sizeof(passwd)); exit(1); @@ -527,7 +544,7 @@ get_new_tickets(krb5_context context, free (prompt); } - + ret = krb5_get_init_creds_password (context, &cred, principal, @@ -539,8 +556,10 @@ get_new_tickets(krb5_context context, opt); } krb5_get_init_creds_opt_free(context, opt); +#ifndef NO_NTLM if (ntlm_domain && passwd[0]) heim_ntlm_nt_key(passwd, &ntlmkey); +#endif memset(passwd, 0, sizeof(passwd)); switch(ret){ @@ -551,10 +570,10 @@ get_new_tickets(krb5_context context, case KRB5KRB_AP_ERR_BAD_INTEGRITY: case KRB5KRB_AP_ERR_MODIFIED: case KRB5KDC_ERR_PREAUTH_FAILED: - krb5_errx(context, 1, "Password incorrect"); + krb5_errx(context, 1, N_("Password incorrect", "")); break; case KRB5KRB_AP_ERR_V4_REPLY: - krb5_errx(context, 1, "Looks like a Kerberos 4 reply"); + krb5_errx(context, 1, N_("Looks like a Kerberos 4 reply", "")); break; default: krb5_err(context, 1, ret, "krb5_get_init_creds"); @@ -563,22 +582,23 @@ get_new_tickets(krb5_context context, if(ticket_life != 0) { if(abs(cred.times.endtime - cred.times.starttime - ticket_life) > 30) { char life[64]; - unparse_time_approx(cred.times.endtime - cred.times.starttime, + unparse_time_approx(cred.times.endtime - cred.times.starttime, life, sizeof(life)); - krb5_warnx(context, "NOTICE: ticket lifetime is %s", life); + krb5_warnx(context, N_("NOTICE: ticket lifetime is %s", ""), life); } } if(renew_life) { if(abs(cred.times.renew_till - cred.times.starttime - renew) > 30) { char life[64]; - unparse_time_approx(cred.times.renew_till - cred.times.starttime, + unparse_time_approx(cred.times.renew_till - cred.times.starttime, life, sizeof(life)); - krb5_warnx(context, "NOTICE: ticket renewable lifetime is %s", + krb5_warnx(context, + N_("NOTICE: ticket renewable lifetime is %s", ""), life); } } - ret = krb5_cc_new_unique(context, krb5_cc_get_type(context, ccache), + ret = krb5_cc_new_unique(context, krb5_cc_get_type(context, ccache), NULL, &tempccache); if (ret) krb5_err (context, 1, ret, "krb5_cc_new_unique"); @@ -586,7 +606,7 @@ get_new_tickets(krb5_context context, ret = krb5_cc_initialize (context, tempccache, cred.client); if (ret) krb5_err (context, 1, ret, "krb5_cc_initialize"); - + ret = krb5_cc_store_cred (context, tempccache, &cred); if (ret) krb5_err (context, 1, ret, "krb5_cc_store_cred"); @@ -597,8 +617,29 @@ get_new_tickets(krb5_context context, if (ret) krb5_err (context, 1, ret, "krb5_cc_move"); + if (switch_cache_flags) + krb5_cc_switch(context, ccache); + +#ifndef NO_NTLM if (ntlm_domain && ntlmkey.data) - store_ntlmkey(context, ccache, ntlm_domain, principal, &ntlmkey); + store_ntlmkey(context, ccache, ntlm_domain, &ntlmkey); +#endif + + if (ok_as_delegate_flag || windows_flag || use_referrals_flag) { + unsigned char d = 0; + krb5_data data; + + if (ok_as_delegate_flag || windows_flag) + d |= 1; + if (use_referrals_flag || windows_flag) + d |= 2; + + data.length = 1; + data.data = &d; + + krb5_cc_set_config(context, ccache, NULL, "realm-config", &data); + } + if (enctype) free(enctype); @@ -607,7 +648,7 @@ get_new_tickets(krb5_context context, } static time_t -ticket_lifetime(krb5_context context, krb5_ccache cache, +ticket_lifetime(krb5_context context, krb5_ccache cache, krb5_principal client, const char *server) { krb5_creds in_cred, *cred; @@ -667,13 +708,13 @@ renew_func(void *ptr) new_tickets = 1; if (new_tickets) - get_new_tickets(ctx->context, ctx->principal, + get_new_tickets(ctx->context, ctx->principal, ctx->ccache, ctx->ticket_life, 0); - if(get_v4_tgt || convert_524) - do_524init(ctx->context, ctx->ccache, NULL, server_str); +#ifndef NO_AFS if(do_afslog && k_hasafs()) krb5_afslog(ctx->context, ctx->ccache, NULL, NULL); +#endif expire = ticket_lifetime(ctx->context, ctx->ccache, ctx->principal, server_str) / 2; @@ -692,16 +733,20 @@ main (int argc, char **argv) int parseflags = 0; setprogname (argv[0]); - + + setlocale (LC_ALL, ""); + bindtextdomain ("heimdal_kuser", HEIMDAL_LOCALEDIR); + textdomain("heimdal_kuser"); + ret = krb5_init_context (&context); if (ret == KRB5_CONFIG_BADFORMAT) errx (1, "krb5_init_context failed to parse configuration file"); else if (ret) errx(1, "krb5_init_context failed: %d", ret); - + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -713,17 +758,38 @@ main (int argc, char **argv) argc -= optidx; argv += optidx; - if (canonicalize_flag) + if (canonicalize_flag || enterprise_flag) parseflags |= KRB5_PRINCIPAL_PARSE_ENTERPRISE; - if (argv[0]) { - ret = krb5_parse_name_flags (context, argv[0], parseflags, &principal); + if (pk_enterprise_flag) { + ret = krb5_pk_enterprise_cert(context, pk_user_id, + argv[0], &principal, + &ent_user_id); if (ret) - krb5_err (context, 1, ret, "krb5_parse_name"); + krb5_err(context, 1, ret, "krb5_pk_enterprise_certs"); + + pk_user_id = NULL; + + } else if (anonymous_flag) { + + ret = krb5_make_principal(context, &principal, argv[0], + KRB5_WELLKNOWN_NAME, KRB5_ANON_NAME, + NULL); + if (ret) + krb5_err(context, 1, ret, "krb5_make_principal"); + krb5_principal_set_type(context, principal, KRB5_NT_WELLKNOWN); + } else { - ret = krb5_get_default_principal (context, &principal); - if (ret) - krb5_err (context, 1, ret, "krb5_get_default_principal"); + if (argv[0]) { + ret = krb5_parse_name_flags (context, argv[0], parseflags, + &principal); + if (ret) + krb5_err (context, 1, ret, "krb5_parse_name"); + } else { + ret = krb5_get_default_principal (context, &principal); + if (ret) + krb5_err (context, 1, ret, "krb5_get_default_principal"); + } } if(fcache_version) @@ -734,68 +800,70 @@ main (int argc, char **argv) krb5_appdefault_boolean(context, "kinit", krb5_principal_get_realm(context, principal), "renewable", FALSE, &renewable_flag); - if(get_v4_tgt == -1) - krb5_appdefault_boolean(context, "kinit", - krb5_principal_get_realm(context, principal), - "krb4_get_tickets", FALSE, &get_v4_tgt); if(do_afslog == -1) - krb5_appdefault_boolean(context, "kinit", - krb5_principal_get_realm(context, principal), + krb5_appdefault_boolean(context, "kinit", + krb5_principal_get_realm(context, principal), "afslog", TRUE, &do_afslog); - if(cred_cache) + if(cred_cache) ret = krb5_cc_resolve(context, cred_cache, &ccache); else { if(argc > 1) { char s[1024]; - ret = krb5_cc_gen_new(context, &krb5_fcc_ops, &ccache); + ret = krb5_cc_new_unique(context, NULL, NULL, &ccache); if(ret) krb5_err(context, 1, ret, "creating cred cache"); snprintf(s, sizeof(s), "%s:%s", krb5_cc_get_type(context, ccache), krb5_cc_get_name(context, ccache)); setenv("KRB5CCNAME", s, 1); - if (get_v4_tgt) { - int fd; - if (asprintf(&krb4_cc_name, "%s_XXXXXX", TKT_ROOT) < 0) - krb5_errx(context, 1, "out of memory"); - if((fd = mkstemp(krb4_cc_name)) >= 0) { - close(fd); - setenv("KRBTKFILE", krb4_cc_name, 1); - } else { - free(krb4_cc_name); - krb4_cc_name = NULL; + } else { + ret = krb5_cc_cache_match(context, principal, &ccache); + if (ret) { + const char *type; + ret = krb5_cc_default (context, &ccache); + if (ret) + krb5_err (context, 1, ret, N_("resolving credentials cache", "")); + + /* + * Check if the type support switching, and we do, + * then do that instead over overwriting the current + * default credential + */ + type = krb5_cc_get_type(context, ccache); + if (krb5_cc_support_switch(context, type)) { + krb5_cc_close(context, ccache); + ret = krb5_cc_new_unique(context, type, NULL, &ccache); } } - } else { - ret = krb5_cc_cache_match(context, principal, NULL, &ccache); - if (ret) - ret = krb5_cc_default (context, &ccache); } } if (ret) - krb5_err (context, 1, ret, "resolving credentials cache"); + krb5_err (context, 1, ret, N_("resolving credentials cache", "")); +#ifndef NO_AFS if(argc > 1 && k_hasafs ()) k_setpag(); +#endif if (lifetime) { int tmp = parse_time (lifetime, "s"); if (tmp < 0) - errx (1, "unparsable time: %s", lifetime); + errx (1, N_("unparsable time: %s", ""), lifetime); ticket_life = tmp; } if(addrs_flag == 0 && extra_addresses.num_strings > 0) - krb5_errx(context, 1, "specifying both extra addresses and " - "no addresses makes no sense"); + krb5_errx(context, 1, + N_("specifying both extra addresses and " + "no addresses makes no sense", "")); { int i; krb5_addresses addresses; memset(&addresses, 0, sizeof(addresses)); for(i = 0; i < extra_addresses.num_strings; i++) { - ret = krb5_parse_address(context, extra_addresses.strings[i], + ret = krb5_parse_address(context, extra_addresses.strings[i], &addresses); if (ret == 0) { krb5_add_extra_addresses(context, &addresses); @@ -806,18 +874,17 @@ main (int argc, char **argv) } if(renew_flag || validate_flag) { - ret = renew_validate(context, renew_flag, validate_flag, + ret = renew_validate(context, renew_flag, validate_flag, ccache, server_str, ticket_life); exit(ret != 0); } - if(!convert_524) - get_new_tickets(context, principal, ccache, ticket_life, 1); + get_new_tickets(context, principal, ccache, ticket_life, 1); - if(get_v4_tgt || convert_524) - do_524init(context, ccache, NULL, server_str); +#ifndef NO_AFS if(do_afslog && k_hasafs()) krb5_afslog(context, ccache, NULL, NULL); +#endif if(argc > 1) { struct renew_ctx ctx; time_t timeout; @@ -829,19 +896,20 @@ main (int argc, char **argv) ctx.principal = principal; ctx.ticket_life = ticket_life; - ret = simple_execvp_timed(argv[1], argv+1, + ret = simple_execvp_timed(argv[1], argv+1, renew_func, &ctx, timeout); #define EX_NOEXEC 126 #define EX_NOTFOUND 127 if(ret == EX_NOEXEC) - krb5_warnx(context, "permission denied: %s", argv[1]); + krb5_warnx(context, N_("permission denied: %s", ""), argv[1]); else if(ret == EX_NOTFOUND) - krb5_warnx(context, "command not found: %s", argv[1]); - + krb5_warnx(context, N_("command not found: %s", ""), argv[1]); + krb5_cc_destroy(context, ccache); - _krb5_krb_dest_tkt(context, krb4_cc_name); +#ifndef NO_AFS if(k_hasafs()) k_unlog(); +#endif } else { krb5_cc_close (context, ccache); ret = 0; diff --git a/kuser/kinit.cat1 b/kuser/kinit.cat1 new file mode 100644 index 000000000000..f6e951e2fb03 --- /dev/null +++ b/kuser/kinit.cat1 @@ -0,0 +1,130 @@ + +KINIT(1) BSD General Commands Manual KINIT(1) + +NNAAMMEE + kkiinniitt -- acquire initial tickets + +SSYYNNOOPPSSIISS + kkiinniitt [----aaffsslloogg] [--cc _c_a_c_h_e_n_a_m_e | ----ccaacchhee==_c_a_c_h_e_n_a_m_e] + [--ff | ----nnoo--ffoorrwwaarrddaabbllee] [--tt _k_e_y_t_a_b_n_a_m_e | ----kkeeyyttaabb==_k_e_y_t_a_b_n_a_m_e] [--ll + _t_i_m_e | ----lliiffeettiimmee==_t_i_m_e] [--pp | ----pprrooxxiiaabbllee] [--RR | ----rreenneeww] + [----rreenneewwaabbllee] [--rr _t_i_m_e | ----rreenneewwaabbllee--lliiffee==_t_i_m_e] [--SS _p_r_i_n_c_i_p_a_l | + ----sseerrvveerr==_p_r_i_n_c_i_p_a_l] [--ss _t_i_m_e | ----ssttaarrtt--ttiimmee==_t_i_m_e] + [--kk | ----uussee--kkeeyyttaabb] [--vv | ----vvaalliiddaattee] [--ee _e_n_c_t_y_p_e_s | + ----eennccttyyppeess==_e_n_c_t_y_p_e_s] [--aa _a_d_d_r_e_s_s_e_s | ----eexxttrraa--aaddddrreesssseess==_a_d_d_r_e_s_s_e_s] + [----ppaasssswwoorrdd--ffiillee==_f_i_l_e_n_a_m_e] [----ffccaacchhee--vveerrssiioonn==_v_e_r_s_i_o_n_-_n_u_m_b_e_r] + [--AA | ----nnoo--aaddddrreesssseess] [----aannoonnyymmoouuss] [----eenntteerrpprriissee] [----vveerrssiioonn] + [----hheellpp] [_p_r_i_n_c_i_p_a_l [_c_o_m_m_a_n_d]] + +DDEESSCCRRIIPPTTIIOONN + kkiinniitt is used to authenticate to the Kerberos server as _p_r_i_n_c_i_p_a_l, or if + none is given, a system generated default (typically your login name at + the default realm), and acquire a ticket granting ticket that can later + be used to obtain tickets for other services. + + Supported options: + + --cc _c_a_c_h_e_n_a_m_e ----ccaacchhee==_c_a_c_h_e_n_a_m_e + The credentials cache to put the acquired ticket in, if other + than default. + + --ff ----nnoo--ffoorrwwaarrddaabbllee + Get ticket that can be forwarded to another host, or if the nega- + tive flags use, don't get a forwardable flag. + + --tt _k_e_y_t_a_b_n_a_m_e, ----kkeeyyttaabb==_k_e_y_t_a_b_n_a_m_e + Don't ask for a password, but instead get the key from the speci- + fied keytab. + + --ll _t_i_m_e, ----lliiffeettiimmee==_t_i_m_e + Specifies the lifetime of the ticket. The argument can either be + in seconds, or a more human readable string like `1h'. + + --pp, ----pprrooxxiiaabbllee + Request tickets with the proxiable flag set. + + --RR, ----rreenneeww + Try to renew ticket. The ticket must have the `renewable' flag + set, and must not be expired. + + ----rreenneewwaabbllee + The same as ----rreenneewwaabbllee--lliiffee, with an infinite time. + + --rr _t_i_m_e, ----rreenneewwaabbllee--lliiffee==_t_i_m_e + The max renewable ticket life. + + --SS _p_r_i_n_c_i_p_a_l, ----sseerrvveerr==_p_r_i_n_c_i_p_a_l + Get a ticket for a service other than krbtgt/LOCAL.REALM. + + --ss _t_i_m_e, ----ssttaarrtt--ttiimmee==_t_i_m_e + Obtain a ticket that starts to be valid _t_i_m_e (which can really be + a generic time specification, like `1h') seconds into the future. + + --kk, ----uussee--kkeeyyttaabb + The same as ----kkeeyyttaabb, but with the default keytab name (normally + _F_I_L_E_:_/_e_t_c_/_k_r_b_5_._k_e_y_t_a_b). + + --vv, ----vvaalliiddaattee + Try to validate an invalid ticket. + + --ee, ----eennccttyyppeess==_e_n_c_t_y_p_e_s + Request tickets with this particular enctype. + + ----ppaasssswwoorrdd--ffiillee==_f_i_l_e_n_a_m_e + read the password from the first line of _f_i_l_e_n_a_m_e. If the + _f_i_l_e_n_a_m_e is _S_T_D_I_N, the password will be read from the standard + input. + + ----ffccaacchhee--vveerrssiioonn==_v_e_r_s_i_o_n_-_n_u_m_b_e_r + Create a credentials cache of version _v_e_r_s_i_o_n_-_n_u_m_b_e_r. + + --aa, ----eexxttrraa--aaddddrreesssseess==_e_n_c_t_y_p_e_s + Adds a set of addresses that will, in addition to the systems + local addresses, be put in the ticket. This can be useful if all + addresses a client can use can't be automatically figured out. + One such example is if the client is behind a firewall. Also + settable via libdefaults/extra_addresses in krb5.conf(5). + + --AA, ----nnoo--aaddddrreesssseess + Request a ticket with no addresses. + + ----aannoonnyymmoouuss + Request an anonymous ticket (which means that the ticket will be + issued to an anonymous principal, typically ``anonymous@REALM''). + + ----eenntteerrpprriissee + Parse principal as a enterprise (KRB5-NT-ENTERPRISE) name. Enter- + prise names are email like principals that are stored in the name + part of the principal, and since there are two @ characters the + parser needs to know that the first is not a realm. An example + of an enterprise name is ``lha@e.kth.se@KTH.SE'', and this option + is usually used with canonicalize so that the principal returned + from the KDC will typically be the real principal name. + + ----aaffsslloogg + Gets AFS tickets, converts them to version 4 format, and stores + them in the kernel. Only useful if you have AFS. + + The _f_o_r_w_a_r_d_a_b_l_e, _p_r_o_x_i_a_b_l_e, _t_i_c_k_e_t___l_i_f_e, and _r_e_n_e_w_a_b_l_e___l_i_f_e options can + be set to a default value from the appdefaults section in krb5.conf, see + krb5_appdefault(3). + + If a _c_o_m_m_a_n_d is given, kkiinniitt will set up new credentials caches, and AFS + PAG, and then run the given command. When it finishes the credentials + will be removed. + +EENNVVIIRROONNMMEENNTT + KRB5CCNAME + Specifies the default credentials cache. + + KRB5_CONFIG + The file name of _k_r_b_5_._c_o_n_f, the default being _/_e_t_c_/_k_r_b_5_._c_o_n_f. + + KRBTKFILE + Specifies the Kerberos 4 ticket file to store version 4 tickets + in. + +SSEEEE AALLSSOO + kdestroy(1), klist(1), krb5_appdefault(3), krb5.conf(5) + +HEIMDAL April 25, 2006 HEIMDAL diff --git a/kuser/klist.1 b/kuser/klist.1 index 65ed7d36aa17..8ebad7d1bac8 100644 --- a/kuser/klist.1 +++ b/kuser/klist.1 @@ -1,35 +1,35 @@ -.\" Copyright (c) 2000 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2000 - 2005 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: klist.1 20458 2007-04-19 20:41:27Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd October 6, 2005 .Dt KLIST 1 @@ -41,17 +41,17 @@ .Nm .Bk -words .Oo Fl c Ar cache \*(Ba Xo -.Fl -cache= Ns Ar cache +.Fl Fl cache= Ns Ar cache .Xc .Oc -.Op Fl s | Fl t | Fl -test -.Op Fl T | Fl -tokens -.Op Fl 5 | Fl -v5 -.Op Fl v | Fl -verbose -.Op Fl l | Fl -list-caches +.Op Fl s | Fl t | Fl Fl test +.Op Fl T | Fl Fl tokens +.Op Fl 5 | Fl Fl v5 +.Op Fl v | Fl Fl verbose +.Op Fl l | Fl Fl list-caches .Op Fl f -.Op Fl -version -.Op Fl -help +.Op Fl Fl version +.Op Fl Fl help .Ek .Sh DESCRIPTION .Nm @@ -60,27 +60,14 @@ known as the ticket file). .Pp Options supported: .Bl -tag -width Ds -.It Xo -.Fl c Ar cache , -.Fl -cache= Ns Ar cache -.Xc +.It Fl c Ar cache , Fl Fl cache= Ns Ar cache credential cache to list -.It Xo -.Fl s , -.Fl t , -.Fl -test -.Xc +.It Fl s , Fl t , Fl Fl test Test for there being an active and valid TGT for the local realm of the user in the credential cache. -.It Xo -.Fl T , -.Fl -tokens -.Xc +.It Fl T , Fl Fl tokens display AFS tokens -.It Xo -.Fl 5 , -.Fl -v5 -.Xc +.It Fl 5 , Fl Fl v5 display v5 cred cache (this is the default) .It Fl f Include ticket flags in short form, each character stands for a @@ -111,12 +98,9 @@ hardware authenticated .El .Pp This information is also output with the -.Fl -verbose +.Fl Fl verbose option, but in a more verbose way. -.It Xo -.Fl v , -.Fl -verbose -.Xc +.It Fl v , Fl Fl verbose Verbose output. Include all possible information: .Bl -tag -width XXXX -offset indent .It Server @@ -141,10 +125,7 @@ the flags set on the ticket .It Addresses the set of addresses from which this ticket is valid .El -.It Xo -.Fl l , -.Fl -list-caches -.Xc +.It Fl l , Fl Fl list-caches List the credential caches for the current users, not all cache types supports listing multiple caches. .Pp diff --git a/kuser/klist.c b/kuser/klist.c index 3148ddc275e2..895a74937765 100644 --- a/kuser/klist.c +++ b/kuser/klist.c @@ -1,65 +1,77 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kuser_locl.h" #include "rtbl.h" +#include "parse_units.h" +#include "kcc-commands.h" -RCSID("$Id: klist.c 20516 2007-04-22 10:40:41Z lha $"); +static char* +printable_time_internal(time_t t, int x) +{ + static char s[128]; + char *p; + + if ((p = ctime(&t)) == NULL) + strlcpy(s, "?", sizeof(s)); + else + strlcpy(s, p + 4, sizeof(s)); + s[x] = 0; + return s; +} static char* printable_time(time_t t) { - static char s[128]; - strlcpy(s, ctime(&t)+ 4, sizeof(s)); - s[15] = 0; - return s; + return printable_time_internal(t, 20); } static char* printable_time_long(time_t t) { - static char s[128]; - strlcpy(s, ctime(&t)+ 4, sizeof(s)); - s[20] = 0; - return s; + return printable_time_internal(t, 20); } -#define COL_ISSUED " Issued" -#define COL_EXPIRES " Expires" -#define COL_FLAGS "Flags" -#define COL_PRINCIPAL " Principal" -#define COL_PRINCIPAL_KVNO " Principal (kvno)" -#define COL_CACHENAME " Cache name" +#define COL_ISSUED NP_(" Issued","") +#define COL_EXPIRES NP_(" Expires", "") +#define COL_FLAGS NP_("Flags", "") +#define COL_NAME NP_(" Name", "") +#define COL_PRINCIPAL NP_(" Principal", "in klist output") +#define COL_PRINCIPAL_KVNO NP_(" Principal (kvno)", "in klist output") +#define COL_CACHENAME NP_(" Cache name", "name in klist output") +#define COL_DEFCACHE NP_("", "") static void print_cred(krb5_context context, krb5_creds *cred, rtbl_t ct, int do_flags) @@ -77,12 +89,12 @@ print_cred(krb5_context context, krb5_creds *cred, rtbl_t ct, int do_flags) else rtbl_add_column_entry(ct, COL_ISSUED, printable_time(cred->times.authtime)); - + if(cred->times.endtime > sec) rtbl_add_column_entry(ct, COL_EXPIRES, printable_time(cred->times.endtime)); else - rtbl_add_column_entry(ct, COL_EXPIRES, ">>>Expired<<<"); + rtbl_add_column_entry(ct, COL_EXPIRES, N_(">>>Expired<<<", "")); ret = krb5_unparse_name (context, cred->server, &str); if (ret) krb5_err(context, 1, ret, "krb5_unparse_name"); @@ -111,7 +123,7 @@ print_cred(krb5_context context, krb5_creds *cred, rtbl_t ct, int do_flags) *sp++ = 'A'; if(cred->flags.b.hw_authent) *sp++ = 'H'; - *sp++ = '\0'; + *sp = '\0'; rtbl_add_column_entry(ct, COL_FLAGS, s); } free(str); @@ -120,10 +132,9 @@ print_cred(krb5_context context, krb5_creds *cred, rtbl_t ct, int do_flags) static void print_cred_verbose(krb5_context context, krb5_creds *cred) { - int j; + size_t j; char *str; krb5_error_code ret; - int first_flag; krb5_timestamp sec; krb5_timeofday (context, &sec); @@ -131,13 +142,13 @@ print_cred_verbose(krb5_context context, krb5_creds *cred) ret = krb5_unparse_name(context, cred->server, &str); if(ret) exit(1); - printf("Server: %s\n", str); + printf(N_("Server: %s\n", ""), str); free (str); ret = krb5_unparse_name(context, cred->client, &str); if(ret) exit(1); - printf("Client: %s\n", str); + printf(N_("Client: %s\n", ""), str); free (str); { @@ -147,71 +158,63 @@ print_cred_verbose(krb5_context context, krb5_creds *cred) decode_Ticket(cred->ticket.data, cred->ticket.length, &t, &len); ret = krb5_enctype_to_string(context, t.enc_part.etype, &s); - printf("Ticket etype: "); + printf(N_("Ticket etype: ", "")); if (ret == 0) { printf("%s", s); free(s); } else { - printf("unknown(%d)", t.enc_part.etype); + printf(N_("unknown-enctype(%d)", ""), t.enc_part.etype); } if(t.enc_part.kvno) - printf(", kvno %d", *t.enc_part.kvno); + printf(N_(", kvno %d", ""), *t.enc_part.kvno); printf("\n"); if(cred->session.keytype != t.enc_part.etype) { ret = krb5_enctype_to_string(context, cred->session.keytype, &str); if(ret) krb5_warn(context, ret, "session keytype"); else { - printf("Session key: %s\n", str); + printf(N_("Session key: %s\n", "enctype"), str); free(str); } } free_Ticket(&t); - printf("Ticket length: %lu\n", (unsigned long)cred->ticket.length); + printf(N_("Ticket length: %lu\n", ""), + (unsigned long)cred->ticket.length); } - printf("Auth time: %s\n", printable_time_long(cred->times.authtime)); + printf(N_("Auth time: %s\n", ""), + printable_time_long(cred->times.authtime)); if(cred->times.authtime != cred->times.starttime) - printf("Start time: %s\n", printable_time_long(cred->times.starttime)); - printf("End time: %s", printable_time_long(cred->times.endtime)); + printf(N_("Start time: %s\n", ""), + printable_time_long(cred->times.starttime)); + printf(N_("End time: %s", ""), + printable_time_long(cred->times.endtime)); if(sec > cred->times.endtime) - printf(" (expired)"); + printf(N_(" (expired)", "")); printf("\n"); if(cred->flags.b.renewable) - printf("Renew till: %s\n", + printf(N_("Renew till: %s\n", ""), printable_time_long(cred->times.renew_till)); - printf("Ticket flags: "); -#define PRINT_FLAG2(f, s) if(cred->flags.b.f) { if(!first_flag) printf(", "); printf("%s", #s); first_flag = 0; } -#define PRINT_FLAG(f) PRINT_FLAG2(f, f) - first_flag = 1; - PRINT_FLAG(forwardable); - PRINT_FLAG(forwarded); - PRINT_FLAG(proxiable); - PRINT_FLAG(proxy); - PRINT_FLAG2(may_postdate, may-postdate); - PRINT_FLAG(postdated); - PRINT_FLAG(invalid); - PRINT_FLAG(renewable); - PRINT_FLAG(initial); - PRINT_FLAG2(pre_authent, pre-authenticated); - PRINT_FLAG2(hw_authent, hw-authenticated); - PRINT_FLAG2(transited_policy_checked, transited-policy-checked); - PRINT_FLAG2(ok_as_delegate, ok-as-delegate); - PRINT_FLAG(anonymous); - printf("\n"); - printf("Addresses: "); + { + char flags[1024]; + unparse_flags(TicketFlags2int(cred->flags.b), + asn1_TicketFlags_units(), + flags, sizeof(flags)); + printf(N_("Ticket flags: %s\n", ""), flags); + } + printf(N_("Addresses: ", "")); if (cred->addresses.len != 0) { for(j = 0; j < cred->addresses.len; j++){ char buf[128]; size_t len; if(j) printf(", "); - ret = krb5_print_address(&cred->addresses.val[j], + ret = krb5_print_address(&cred->addresses.val[j], buf, sizeof(buf), &len); - + if(ret == 0) printf("%s", buf); } } else { - printf("addressless"); + printf(N_("addressless", "")); } printf("\n\n"); } @@ -229,10 +232,10 @@ print_tickets (krb5_context context, int do_hidden) { krb5_error_code ret; - char *str; + char *str, *name; krb5_cc_cursor cursor; krb5_creds creds; - int32_t sec, usec; + krb5_deltat sec; rtbl_t ct = NULL; @@ -240,20 +243,30 @@ print_tickets (krb5_context context, if (ret) krb5_err (context, 1, ret, "krb5_unparse_name"); - printf ("%17s: %s:%s\n", - "Credentials cache", + printf ("%17s: %s:%s\n", + N_("Credentials cache", ""), krb5_cc_get_type(context, ccache), krb5_cc_get_name(context, ccache)); - printf ("%17s: %s\n", "Principal", str); - free (str); - - if(do_verbose) - printf ("%17s: %d\n", "Cache version", - krb5_cc_get_version(context, ccache)); - - krb5_get_kdc_sec_offset(context, &sec, &usec); + printf ("%17s: %s\n", N_("Principal", ""), str); - if (do_verbose && sec != 0) { + ret = krb5_cc_get_friendly_name(context, ccache, &name); + if (ret == 0) { + if (strcmp(name, str) != 0) + printf ("%17s: %s\n", N_("Friendly name", ""), name); + free(name); + } + free (str); + + if(do_verbose) { + printf ("%17s: %d\n", N_("Cache version", ""), + krb5_cc_get_version(context, ccache)); + } else { + krb5_cc_set_flags(context, ccache, KRB5_TC_NOTICKET); + } + + ret = krb5_cc_get_kdc_offset(context, ccache, &sec); + + if (ret == 0 && do_verbose && sec != 0) { char buf[BUFSIZ]; int val; int sig; @@ -264,10 +277,10 @@ print_tickets (krb5_context context, sig = -1; val = -val; } - + unparse_time (val, buf, sizeof(buf)); - printf ("%17s: %s%s\n", "KDC time offset", + printf ("%17s: %s%s\n", N_("KDC time offset", ""), sig == -1 ? "-" : "", buf); } @@ -290,9 +303,7 @@ print_tickets (krb5_context context, ccache, &cursor, &creds)) == 0) { - const char *str; - str = krb5_principal_get_comp_string(context, creds.server, 0); - if (!do_hidden && str && str[0] == '@') { + if (!do_hidden && krb5_is_config_principal(context, creds.server)) { ; }else if(do_verbose){ print_cred_verbose(context, &creds); @@ -326,16 +337,15 @@ check_for_tgt (krb5_context context, krb5_error_code ret; krb5_creds pattern; krb5_creds creds; - krb5_realm *client_realm; + krb5_const_realm client_realm; int expired; krb5_cc_clear_mcred(&pattern); - client_realm = krb5_princ_realm (context, principal); + client_realm = krb5_principal_get_realm(context, principal); ret = krb5_make_principal (context, &pattern.server, - *client_realm, KRB5_TGS_NAME, *client_realm, - NULL); + client_realm, KRB5_TGS_NAME, client_realm, NULL); if (ret) krb5_err (context, 1, ret, "krb5_make_principal"); pattern.client = principal; @@ -362,6 +372,8 @@ check_for_tgt (krb5_context context, * Print a list of all AFS tokens */ +#ifndef NO_AFS + static void display_tokens(int do_verbose) { @@ -414,53 +426,40 @@ display_tokens(int do_verbose) strlcpy (buf2, printable_time(ct.EndTimestamp), sizeof(buf2)); else - strlcpy (buf2, ">>> Expired <<<", sizeof(buf2)); + strlcpy (buf2, N_(">>> Expired <<<", ""), sizeof(buf2)); printf("%s %s ", buf1, buf2); if ((ct.EndTimestamp - ct.BeginTimestamp) & 1) - printf("User's (AFS ID %d) tokens for %s", ct.ViceId, cell); + printf(N_("User's (AFS ID %d) tokens for %s", ""), ct.ViceId, cell); else - printf("Tokens for %s", cell); + printf(N_("Tokens for %s", ""), cell); if (do_verbose) printf(" (%d)", ct.AuthHandle); putchar('\n'); } } +#endif /* * display the ccache in `cred_cache' */ static int -display_v5_ccache (const char *cred_cache, int do_test, int do_verbose, +display_v5_ccache (krb5_context context, krb5_ccache ccache, + int do_test, int do_verbose, int do_flags, int do_hidden) { krb5_error_code ret; - krb5_context context; - krb5_ccache ccache; krb5_principal principal; int exit_status = 0; - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - if(cred_cache) { - ret = krb5_cc_resolve(context, cred_cache, &ccache); - if (ret) - krb5_err (context, 1, ret, "%s", cred_cache); - } else { - ret = krb5_cc_default (context, &ccache); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_resolve"); - } ret = krb5_cc_get_principal (context, ccache, &principal); if (ret) { if(ret == ENOENT) { if (!do_test) - krb5_warnx(context, "No ticket file: %s", + krb5_warnx(context, N_("No ticket file: %s", ""), krb5_cc_get_name(context, ccache)); return 1; } else @@ -477,7 +476,7 @@ display_v5_ccache (const char *cred_cache, int do_test, int do_verbose, krb5_err (context, 1, ret, "krb5_cc_close"); krb5_free_principal (context, principal); - krb5_free_context (context); + return exit_status; } @@ -486,17 +485,19 @@ display_v5_ccache (const char *cred_cache, int do_test, int do_verbose, */ static int -list_caches(void) +list_caches(krb5_context context) { krb5_cc_cache_cursor cursor; - krb5_context context; + const char *cdef_name; + char *def_name; krb5_error_code ret; krb5_ccache id; rtbl_t ct; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); + + cdef_name = krb5_cc_default_name(context); + if (cdef_name == NULL) + krb5_errx(context, 1, "krb5_cc_default_name"); + def_name = strdup(cdef_name); ret = krb5_cc_cache_get_first (context, NULL, &cursor); if (ret == KRB5_CC_NOSUPP) @@ -505,41 +506,61 @@ list_caches(void) krb5_err (context, 1, ret, "krb5_cc_cache_get_first"); ct = rtbl_create(); - rtbl_add_column(ct, COL_PRINCIPAL, 0); + rtbl_add_column(ct, COL_NAME, 0); rtbl_add_column(ct, COL_CACHENAME, 0); rtbl_add_column(ct, COL_EXPIRES, 0); + rtbl_add_column(ct, COL_DEFCACHE, 0); rtbl_set_prefix(ct, " "); - rtbl_set_column_prefix(ct, COL_PRINCIPAL, ""); + rtbl_set_column_prefix(ct, COL_NAME, ""); - while ((ret = krb5_cc_cache_next (context, cursor, &id)) == 0) { - krb5_principal principal; + while (krb5_cc_cache_next (context, cursor, &id) == 0) { + krb5_principal principal = NULL; + int expired = 0; char *name; + time_t t; ret = krb5_cc_get_principal(context, id, &principal); - if (ret == 0) { - time_t t; - int expired = check_for_tgt (context, id, principal, &t); + if (ret) + continue; - ret = krb5_unparse_name(context, principal, &name); - if (ret == 0) { - rtbl_add_column_entry(ct, COL_PRINCIPAL, name); - rtbl_add_column_entry(ct, COL_CACHENAME, - krb5_cc_get_name(context, id)); - rtbl_add_column_entry(ct, COL_EXPIRES, - expired ? ">>> Expired <<<" : - printable_time(t)); - free(name); - krb5_free_principal(context, principal); - } + expired = check_for_tgt (context, id, principal, &t); + + ret = krb5_cc_get_friendly_name(context, id, &name); + if (ret == 0) { + const char *str; + char *fname; + rtbl_add_column_entry(ct, COL_NAME, name); + rtbl_add_column_entry(ct, COL_CACHENAME, + krb5_cc_get_name(context, id)); + if (expired) + str = N_(">>> Expired <<<", ""); + else + str = printable_time(t); + rtbl_add_column_entry(ct, COL_EXPIRES, str); + free(name); + + ret = krb5_cc_get_full_name(context, id, &fname); + if (ret) + krb5_err (context, 1, ret, "krb5_cc_get_full_name"); + + if (strcmp(fname, def_name) == 0) + rtbl_add_column_entry(ct, COL_DEFCACHE, "*"); + else + rtbl_add_column_entry(ct, COL_DEFCACHE, ""); + + krb5_xfree(fname); } krb5_cc_close(context, id); + + krb5_free_principal(context, principal); } krb5_cc_cache_end_seq_get(context, cursor); + free(def_name); rtbl_format(ct, stdout); rtbl_destroy(ct); - + return 0; } @@ -547,92 +568,68 @@ list_caches(void) * */ -static int version_flag = 0; -static int help_flag = 0; -static int do_verbose = 0; -static int do_list_caches = 0; -static int do_test = 0; -static int do_tokens = 0; -static int do_v5 = 1; -static char *cred_cache; -static int do_flags = 0; -static int do_hidden = 0; - -static struct getargs args[] = { - { NULL, 'f', arg_flag, &do_flags }, - { "cache", 'c', arg_string, &cred_cache, - "credentials cache to list", "cache" }, - { "test", 't', arg_flag, &do_test, - "test for having tickets", NULL }, - { NULL, 's', arg_flag, &do_test }, - { "tokens", 'T', arg_flag, &do_tokens, - "display AFS tokens", NULL }, - { "v5", '5', arg_flag, &do_v5, - "display v5 cred cache", NULL}, - { "list-caches", 'l', arg_flag, &do_list_caches, - "verbose output", NULL }, - { "verbose", 'v', arg_flag, &do_verbose, - "verbose output", NULL }, - { "hidden", 0, arg_flag, &do_hidden, - "display hidden credentials", NULL }, - { NULL, 'a', arg_flag, &do_verbose }, - { NULL, 'n', arg_flag, &do_verbose }, - { "version", 0, arg_flag, &version_flag, - "print version", NULL }, - { "help", 0, arg_flag, &help_flag, - NULL, NULL} -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - ""); - exit (ret); -} - int -main (int argc, char **argv) +klist(struct klist_options *opt, int argc, char **argv) { - int optidx = 0; + krb5_error_code ret; int exit_status = 0; - setprogname (argv[0]); + int do_verbose = + opt->verbose_flag || + opt->a_flag || + opt->n_flag; + int do_test = + opt->test_flag || + opt->s_flag; - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc != 0) - usage (1); - - if (do_list_caches) { - exit_status = list_caches(); + if (opt->list_all_flag) { + exit_status = list_caches(kcc_context); return exit_status; } - if (do_v5) - exit_status = display_v5_ccache (cred_cache, do_test, - do_verbose, do_flags, do_hidden); + if (opt->v5_flag) { + krb5_ccache id; + + if (opt->all_content_flag) { + krb5_cc_cache_cursor cursor; + + ret = krb5_cc_cache_get_first(kcc_context, NULL, &cursor); + if (ret) + krb5_err(kcc_context, 1, ret, "krb5_cc_cache_get_first"); + + + while (krb5_cc_cache_next(kcc_context, cursor, &id) == 0) { + exit_status |= display_v5_ccache(kcc_context, id, do_test, + do_verbose, opt->flags_flag, + opt->hidden_flag); + printf("\n\n"); + } + krb5_cc_cache_end_seq_get(kcc_context, cursor); + + } else { + if(opt->cache_string) { + ret = krb5_cc_resolve(kcc_context, opt->cache_string, &id); + if (ret) + krb5_err(kcc_context, 1, ret, "%s", opt->cache_string); + } else { + ret = krb5_cc_default(kcc_context, &id); + if (ret) + krb5_err(kcc_context, 1, ret, "krb5_cc_resolve"); + } + exit_status = display_v5_ccache(kcc_context, id, do_test, + do_verbose, opt->flags_flag, + opt->hidden_flag); + } + } if (!do_test) { - if (do_tokens && k_hasafs ()) { - if (do_v5) - printf ("\n"); - display_tokens (do_verbose); +#ifndef NO_AFS + if (opt->tokens_flag && k_hasafs()) { + if (opt->v5_flag) + printf("\n"); + display_tokens(opt->verbose_flag); } +#endif } return exit_status; diff --git a/kuser/klist.cat1 b/kuser/klist.cat1 new file mode 100644 index 000000000000..11b63d5c2261 --- /dev/null +++ b/kuser/klist.cat1 @@ -0,0 +1,90 @@ + +KLIST(1) BSD General Commands Manual KLIST(1) + +NNAAMMEE + kklliisstt -- list Kerberos credentials + +SSYYNNOOPPSSIISS + kklliisstt [--cc _c_a_c_h_e | ----ccaacchhee==_c_a_c_h_e] [--ss | --tt | ----tteesstt] [--TT | ----ttookkeennss] + [--55 | ----vv55] [--vv | ----vveerrbboossee] [--ll | ----lliisstt--ccaacchheess] [--ff] [----vveerrssiioonn] + [----hheellpp] + +DDEESSCCRRIIPPTTIIOONN + kklliisstt reads and displays the current tickets in the credential cache + (also known as the ticket file). + + Options supported: + + --cc _c_a_c_h_e, ----ccaacchhee==_c_a_c_h_e + credential cache to list + + --ss, --tt, ----tteesstt + Test for there being an active and valid TGT for the local realm + of the user in the credential cache. + + --TT, ----ttookkeennss + display AFS tokens + + --55, ----vv55 + display v5 cred cache (this is the default) + + --ff Include ticket flags in short form, each character stands for a + specific flag, as follows: + F forwardable + f forwarded + P proxiable + p proxied + D postdate-able + d postdated + R renewable + I initial + i invalid + A pre-authenticated + H hardware authenticated + + This information is also output with the ----vveerrbboossee option, but in + a more verbose way. + + --vv, ----vveerrbboossee + Verbose output. Include all possible information: + + Server + the principal the ticket is for + + Ticket etype + the encryption type used in the ticket, followed by + the key version of the ticket, if it is available + + Session key + the encryption type of the session key, if it's dif- + ferent from the encryption type of the ticket + + Auth time + the time the authentication exchange took place + + Start time + the time that this ticket is valid from (only printed + if it's different from the auth time) + + End time + when the ticket expires, if it has already expired + this is also noted + + Renew till + the maximum possible end time of any ticket derived + from this one + + Ticket flags + the flags set on the ticket + + Addresses + the set of addresses from which this ticket is valid + + --ll, ----lliisstt--ccaacchheess + List the credential caches for the current users, not all cache + types supports listing multiple caches. + +SSEEEE AALLSSOO + kdestroy(1), kinit(1) + +HEIMDAL October 6, 2005 HEIMDAL diff --git a/lib/krb5/krb5_context.3 b/kuser/kswitch.1 similarity index 65% rename from lib/krb5/krb5_context.3 rename to kuser/kswitch.1 index 5bfcc26c7103..e98d0e2bf5ea 100644 --- a/lib/krb5/krb5_context.3 +++ b/kuser/kswitch.1 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2001 - 2003 Kungliga Tekniska Högskolan +.\" Copyright (c) 2009 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,28 +29,57 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_context.3 12329 2003-05-26 14:09:04Z lha $ -.\" -.Dd January 21, 2001 -.Dt KRB5_CONTEXT 3 -.Os HEIMDAL +.Dd Augusti 25, 2009 +.Dt KSWITCH SECTION +.Os OPERATING_SYSTEM .Sh NAME -.Nm krb5_context -.Nd krb5 state structure -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) +.Nm kswitch +.Nd switch between default credential caches .Sh SYNOPSIS -.In krb5.h -.Sh DESCRIPTION -The .Nm -structure is designed to hold all per thread state. All global -variables that are context specific are stored in this structure, -including default encryption types, credentials-cache (ticket file), and -default realms. -.Pp -The internals of the structure should never be accessed directly, -functions exist for extracting information. -.Sh SEE ALSO -.Xr krb5_init_context 3 , -.Xr kerberos 8 +.Oo Fl t Ar type \*(Ba Xo +.Fl Fl type= Ns Ar type +.Xc +.Oc +.Oo Fl c Ar cache \*(Ba Xo +.Fl Fl cache= Ns Ar cache +.Xc +.Oc +.Oo Fl p Ar principal \*(Ba Xo +.Fl Fl principal= Ns Ar principal +.Xc +.Oc +.Op Fl i | Fl Fl interactive +.Op Fl Fl version +.Op Fl Fl help +.Sh DESCRIPTION +Supported options: +.Bl -tag -width Ds +.It Xo +.Fl t Ar type , +.Fl Fl type= Ns Ar type +.Xc +type of credential cache +.It Xo +.Fl c Ar cache , +.Fl Fl cache= Ns Ar cache +.Xc +name of credential cache to switch to +.It Xo +.Fl p Ar principal , +.Fl Fl principal= Ns Ar principal +.Xc +name of principal to switch to +.It Xo +.Fl i , +.Fl Fl interactive +.Xc +interactive switching between credentials. +.It Xo +.Fl Fl version +.Xc +print version +.It Xo +.Fl Fl help +.Xc +.El diff --git a/kuser/kswitch.c b/kuser/kswitch.c new file mode 100644 index 000000000000..974af85ac380 --- /dev/null +++ b/kuser/kswitch.c @@ -0,0 +1,169 @@ +/* + * Copyright (c) 2008 - 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kuser_locl.h" +#include "kcc-commands.h" + +#ifdef HAVE_READLINE +char *readline(const char *prompt); +#else + +static char * +readline(const char *prompt) +{ + char buf[BUFSIZ]; + printf ("%s", prompt); + fflush (stdout); + if(fgets(buf, sizeof(buf), stdin) == NULL) + return NULL; + buf[strcspn(buf, "\r\n")] = '\0'; + return strdup(buf); +} + +#endif + +/* + * + */ + +int +kswitch(struct kswitch_options *opt, int argc, char **argv) +{ + krb5_error_code ret; + krb5_ccache id = NULL; + + if (opt->cache_string && opt->principal_string) + krb5_errx(kcc_context, 1, + N_("Both --cache and --principal given, choose one", "")); + + if (opt->interactive_flag) { + krb5_cc_cache_cursor cursor; + krb5_ccache *ids = NULL; + size_t i, len = 0; + char *name; + rtbl_t ct; + + ct = rtbl_create(); + + rtbl_add_column(ct, "", 0); + rtbl_add_column(ct, "Principal", 0); + rtbl_set_column_prefix(ct, "Principal", " "); + + ret = krb5_cc_cache_get_first(kcc_context, NULL, &cursor); + if (ret) + krb5_err(kcc_context, 1, ret, "krb5_cc_cache_get_first"); + + while (krb5_cc_cache_next(kcc_context, cursor, &id) == 0) { + krb5_principal p; + char num[10]; + + ret = krb5_cc_get_principal(kcc_context, id, &p); + if (ret) + continue; + + ret = krb5_unparse_name(kcc_context, p, &name); + krb5_free_principal(kcc_context, p); + + snprintf(num, sizeof(num), "%d", (int)(len + 1)); + rtbl_add_column_entry(ct, "", num); + rtbl_add_column_entry(ct, "Principal", name); + free(name); + + ids = erealloc(ids, (len + 1) * sizeof(ids[0])); + ids[len] = id; + len++; + } + krb5_cc_cache_end_seq_get(kcc_context, cursor); + + rtbl_format(ct, stdout); + rtbl_destroy(ct); + + name = readline("Select number: "); + if (name) { + i = atoi(name); + if (i == 0) + krb5_errx(kcc_context, 1, "Cache number '%s' is invalid", name); + if (i > len) + krb5_errx(kcc_context, 1, "Cache number '%s' is too large", name); + + id = ids[i - 1]; + ids[i - 1] = NULL; + } else + krb5_errx(kcc_context, 1, "No cache selected"); + for (i = 0; i < len; i++) + if (ids[i]) + krb5_cc_close(kcc_context, ids[i]); + + } else if (opt->principal_string) { + krb5_principal p; + + ret = krb5_parse_name(kcc_context, opt->principal_string, &p); + if (ret) + krb5_err(kcc_context, 1, ret, "krb5_parse_name: %s", + opt->principal_string); + + ret = krb5_cc_cache_match(kcc_context, p, &id); + if (ret) + krb5_err(kcc_context, 1, ret, + N_("Did not find principal: %s", ""), + opt->principal_string); + + krb5_free_principal(kcc_context, p); + + } else if (opt->cache_string) { + const krb5_cc_ops *ops; + char *str; + + ops = krb5_cc_get_prefix_ops(kcc_context, opt->type_string); + if (ops == NULL) + krb5_err(kcc_context, 1, 0, "krb5_cc_get_prefix_ops"); + + asprintf(&str, "%s:%s", ops->prefix, opt->cache_string); + if (str == NULL) + krb5_errx(kcc_context, 1, N_("out of memory", "")); + + ret = krb5_cc_resolve(kcc_context, str, &id); + if (ret) + krb5_err(kcc_context, 1, ret, "krb5_cc_resolve: %s", str); + + free(str); + } else { + krb5_errx(kcc_context, 1, "missing option for kswitch"); + } + + ret = krb5_cc_switch(kcc_context, id); + if (ret) + krb5_err(kcc_context, 1, ret, "krb5_cc_switch"); + + return 0; +} diff --git a/kuser/kswitch.cat1 b/kuser/kswitch.cat1 new file mode 100644 index 000000000000..98232eb6627f --- /dev/null +++ b/kuser/kswitch.cat1 @@ -0,0 +1,32 @@ + +KSWITCH(SECTION) LOCAL KSWITCH(SECTION) + +NNAAMMEE + kksswwiittcchh -- switch between default credential caches + +SSYYNNOOPPSSIISS + kksswwiittcchh [--tt _t_y_p_e | ----ttyyppee==_t_y_p_e] [--cc _c_a_c_h_e | ----ccaacchhee==_c_a_c_h_e] [--pp _p_r_i_n_c_i_p_a_l + | ----pprriinncciippaall==_p_r_i_n_c_i_p_a_l] [--ii | ----iinntteerraaccttiivvee] [----vveerrssiioonn] + [----hheellpp] + +DDEESSCCRRIIPPTTIIOONN + Supported options: + + --tt _t_y_p_e, ----ttyyppee==_t_y_p_e + type of credential cache + + --cc _c_a_c_h_e, ----ccaacchhee==_c_a_c_h_e + name of credential cache to switch to + + --pp _p_r_i_n_c_i_p_a_l, ----pprriinncciippaall==_p_r_i_n_c_i_p_a_l + name of principal to switch to + + --ii, ----iinntteerraaccttiivvee + interactive switching between credentials. + + ----vveerrssiioonn + print version + + ----hheellpp + +OPERATING_SYSTEM Augusti 25, 2009 OPERATING_SYSTEM diff --git a/kuser/kuser_locl.h b/kuser/kuser_locl.h index 36ea01a9a59f..82e6eb2e22b9 100644 --- a/kuser/kuser_locl.h +++ b/kuser/kuser_locl.h @@ -1,44 +1,42 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: kuser_locl.h 20458 2007-04-19 20:41:27Z lha $ */ +/* $Id$ */ #ifndef __KUSER_LOCL_H__ #define __KUSER_LOCL_H__ -#ifdef HAVE_CONFIG_H #include -#endif #include #include @@ -81,7 +79,30 @@ #ifdef HAVE_SYS_IOCCOM_H #include #endif +#ifndef NO_AFS #include -#include "crypto-headers.h" /* for des_read_pw_string */ +#endif +#include "crypto-headers.h" /* for UI_UTIL_read_pw_string */ + +#include + +#ifdef HAVE_LOCALE_H +#include +#endif + +#ifdef LIBINTL +#include +#define N_(x,y) gettext(x) +#define NP_(x,y) (x) +#define getarg_i18n gettext +#else +#define N_(x,y) (x) +#define NP_(x,y) (x) +#define getarg_i18n NULL +#define bindtextdomain(package, localedir) +#define textdomain(package) +#endif + +extern krb5_context kcc_context; #endif /* __KUSER_LOCL_H__ */ diff --git a/kuser/kverify.c b/kuser/kverify.c index 888658d95294..64bd54a2bea8 100644 --- a/kuser/kverify.c +++ b/kuser/kverify.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2005, 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005, 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kuser_locl.h" -RCSID("$Id: kverify.c 19920 2007-01-15 23:21:32Z lha $"); - static int help_flag = 0; static int version_flag = 0; @@ -69,7 +67,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -77,7 +75,7 @@ main(int argc, char **argv) print_version(NULL); exit(0); } - + argc -= optidx; argv += optidx; @@ -94,11 +92,16 @@ main(int argc, char **argv) 1); krb5_verify_init_creds_opt_init (&verify_options); - + if (argc) { ret = krb5_parse_name(context, argv[0], &principal); if (ret) krb5_err(context, 1, ret, "krb5_parse_name: %s", argv[0]); + } else { + ret = krb5_get_default_principal(context, &principal); + if (ret) + krb5_err(context, 1, ret, "krb5_get_default_principal"); + } ret = krb5_get_init_creds_password (context, @@ -111,7 +114,7 @@ main(int argc, char **argv) NULL, get_options); if (ret) - errx (1, "krb5_get_init_creds: %s", krb5_get_err_text(context, ret)); + krb5_err(context, 1, ret, "krb5_get_init_creds"); ret = krb5_verify_init_creds (context, &cred, @@ -120,8 +123,7 @@ main(int argc, char **argv) NULL, &verify_options); if (ret) - errx (1, "krb5_verify_init_creds: %s", - krb5_get_err_text(context, ret)); + krb5_err(context, 1, ret, "krb5_verify_init_creds"); krb5_free_cred_contents (context, &cred); krb5_free_context (context); return 0; diff --git a/lib/45/Makefile.am b/lib/45/Makefile.am deleted file mode 100644 index 7ffa8c3ba67a..000000000000 --- a/lib/45/Makefile.am +++ /dev/null @@ -1,11 +0,0 @@ -# $Id: Makefile.am 14164 2004-08-26 11:55:29Z joda $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) - -lib_LIBRARIES = @EXTRA_LIB45@ - -EXTRA_LIBRARIES = lib45.a - -lib45_a_SOURCES = get_ad_tkt.c mk_req.c 45_locl.h diff --git a/lib/45/get_ad_tkt.c b/lib/45/get_ad_tkt.c deleted file mode 100644 index 0d142353eb64..000000000000 --- a/lib/45/get_ad_tkt.c +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "45_locl.h" - -RCSID("$Id: get_ad_tkt.c 10113 2001-06-18 13:11:33Z assar $"); - -/* get an additional version 4 ticket via the 524 protocol */ - -#ifndef NEVERDATE -#define NEVERDATE ((unsigned long)0x7fffffffL) -#endif - -int -get_ad_tkt(char *service, char *sinstance, char *realm, int lifetime) -{ - krb5_error_code ret; - int code; - krb5_context context; - krb5_ccache id; - krb5_creds in_creds, *out_creds; - CREDENTIALS cred; - time_t now; - char pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ]; - - ret = krb5_init_context(&context); - if(ret) - return KFAILURE; - ret = krb5_cc_default(context, &id); - if(ret){ - krb5_free_context(context); - return KFAILURE; - } - memset(&in_creds, 0, sizeof(in_creds)); - now = time(NULL); - in_creds.times.endtime = krb_life_to_time(time(NULL), lifetime); - if(in_creds.times.endtime == NEVERDATE) - in_creds.times.endtime = 0; - ret = krb5_cc_get_principal(context, id, &in_creds.client); - if(ret){ - krb5_cc_close(context, id); - krb5_free_context(context); - return KFAILURE; - } - ret = krb5_524_conv_principal(context, in_creds.client, - pname, pinst, prealm); - if(ret){ - krb5_free_principal(context, in_creds.client); - krb5_cc_close(context, id); - krb5_free_context(context); - return KFAILURE; - } - ret = krb5_425_conv_principal(context, service, sinstance, realm, - &in_creds.server); - if(ret){ - krb5_free_principal(context, in_creds.client); - krb5_cc_close(context, id); - krb5_free_context(context); - return KFAILURE; - } - ret = krb5_get_credentials(context, - 0, - id, - &in_creds, - &out_creds); - krb5_free_principal(context, in_creds.client); - krb5_free_principal(context, in_creds.server); - if(ret){ - krb5_cc_close(context, id); - krb5_free_context(context); - return KFAILURE; - } - ret = krb524_convert_creds_kdc_ccache(context, id, out_creds, &cred); - krb5_cc_close(context, id); - krb5_free_context(context); - krb5_free_creds(context, out_creds); - if(ret) - return KFAILURE; - code = save_credentials(cred.service, cred.instance, cred.realm, - cred.session, cred.lifetime, cred.kvno, - &cred.ticket_st, now); - if(code == NO_TKT_FIL) - code = tf_setup(&cred, pname, pinst); - memset(&cred.session, 0, sizeof(cred.session)); - return code; -} diff --git a/lib/45/mk_req.c b/lib/45/mk_req.c deleted file mode 100644 index af63f0b653b8..000000000000 --- a/lib/45/mk_req.c +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 1997 - 2000, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* implementation of krb_mk_req that uses 524 protocol */ - -#include "45_locl.h" - -RCSID("$Id: mk_req.c 17445 2006-05-05 10:37:46Z lha $"); - -static int lifetime = 255; - -static void -build_request(KTEXT req, - const char *name, const char *inst, const char *realm, - uint32_t checksum) -{ - struct timeval tv; - krb5_storage *sp; - krb5_data data; - sp = krb5_storage_emem(); - krb5_store_stringz(sp, name); - krb5_store_stringz(sp, inst); - krb5_store_stringz(sp, realm); - krb5_store_int32(sp, checksum); - gettimeofday(&tv, NULL); - krb5_store_int8(sp, tv.tv_usec / 5000); - krb5_store_int32(sp, tv.tv_sec); - krb5_storage_to_data(sp, &data); - krb5_storage_free(sp); - memcpy(req->dat, data.data, data.length); - req->length = (data.length + 7) & ~7; - krb5_data_free(&data); -} - -#ifdef KRB_MK_REQ_CONST -int -krb_mk_req(KTEXT authent, - const char *service, const char *instance, const char *realm, - int32_t checksum) -#else -int -krb_mk_req(KTEXT authent, - char *service, char *instance, char *realm, - int32_t checksum) - -#endif -{ - CREDENTIALS cr; - KTEXT_ST req; - krb5_storage *sp; - int code; - /* XXX get user realm */ - const char *myrealm = realm; - krb5_data a; - - code = krb_get_cred(service, instance, realm, &cr); - if(code || time(NULL) > krb_life_to_time(cr.issue_date, cr.lifetime)){ - code = get_ad_tkt((char *)service, - (char *)instance, (char *)realm, lifetime); - if(code == KSUCCESS) - code = krb_get_cred(service, instance, realm, &cr); - } - - if(code) - return code; - - sp = krb5_storage_emem(); - - krb5_store_int8(sp, KRB_PROT_VERSION); - krb5_store_int8(sp, AUTH_MSG_APPL_REQUEST); - - krb5_store_int8(sp, cr.kvno); - krb5_store_stringz(sp, realm); - krb5_store_int8(sp, cr.ticket_st.length); - - build_request(&req, cr.pname, cr.pinst, myrealm, checksum); - encrypt_ktext(&req, &cr.session, DES_ENCRYPT); - - krb5_store_int8(sp, req.length); - - krb5_storage_write(sp, cr.ticket_st.dat, cr.ticket_st.length); - krb5_storage_write(sp, req.dat, req.length); - krb5_storage_to_data(sp, &a); - krb5_storage_free(sp); - memcpy(authent->dat, a.data, a.length); - authent->length = a.length; - krb5_data_free(&a); - - memset(&cr, 0, sizeof(cr)); - memset(&req, 0, sizeof(req)); - - return KSUCCESS; -} - -/* - * krb_set_lifetime sets the default lifetime for additional tickets - * obtained via krb_mk_req(). - * - * It returns the previous value of the default lifetime. - */ - -int -krb_set_lifetime(int newval) -{ - int olife = lifetime; - - lifetime = newval; - return(olife); -} diff --git a/lib/Makefile.am b/lib/Makefile.am index f1e26e1f2a05..bed19304addf 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -1,9 +1,9 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -if KRB4 -dir_45 = 45 +if LIBEDIT +dir_editline = libedit endif if OTP dir_otp = otp @@ -17,6 +17,29 @@ endif if !HAVE_OPENSSL dir_hcrypto = hcrypto endif +if !SQLITE3 +dir_sqlite = sqlite +endif -SUBDIRS = roken vers editline $(dir_com_err) sl asn1 $(dir_hcrypto) hx509 \ - krb5 ntlm kafs gssapi hdb kadm5 auth $(dir_45) $(dir_otp) $(dir_dce) +SUBDIRS = \ + roken \ + vers \ + $(dir_editline) \ + $(dir_com_err) \ + sl \ + wind \ + asn1 \ + $(dir_sqlite) \ + $(dir_hcrypto) \ + ipc \ + hx509 \ + krb5 \ + ntlm \ + kafs \ + gssapi \ + hdb \ + kadm5 \ + $(dir_otp) \ + $(dir_dce) + +EXTRA_DIST = NTMakefile heimdal \ No newline at end of file diff --git a/lib/Makefile.in b/lib/Makefile.in index 6884c24a0e2b..d1d771a4011b 100644 --- a/lib/Makefile.in +++ b/lib/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +15,16 @@ @SET_MAKE@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -43,7 +45,7 @@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ subdir = lib ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -58,7 +60,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -72,9 +74,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -82,14 +87,13 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = +CONFIG_CLEAN_VPATH_FILES = SOURCES = DIST_SOURCES = RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ @@ -101,58 +105,95 @@ RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ ps-recursive uninstall-recursive RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive +AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \ + $(RECURSIVE_CLEAN_TARGETS:-recursive=) tags TAGS ctags CTAGS \ + distdir ETAGS = etags CTAGS = ctags -DIST_SUBDIRS = roken vers editline com_err sl asn1 hcrypto hx509 krb5 \ - ntlm kafs gssapi hdb kadm5 auth 45 otp kdfs +DIST_SUBDIRS = roken vers libedit com_err sl wind asn1 sqlite hcrypto \ + ipc hx509 krb5 ntlm kafs gssapi hdb kadm5 otp kdfs DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -176,10 +217,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -196,6 +238,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -211,31 +255,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -250,10 +308,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -294,54 +354,79 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -@KRB4_TRUE@dir_45 = 45 +@LIBEDIT_TRUE@dir_editline = libedit @OTP_TRUE@dir_otp = otp @DCE_TRUE@dir_dce = kdfs @COM_ERR_TRUE@dir_com_err = com_err @HAVE_OPENSSL_FALSE@dir_hcrypto = hcrypto -SUBDIRS = roken vers editline $(dir_com_err) sl asn1 $(dir_hcrypto) hx509 \ - krb5 ntlm kafs gssapi hdb kadm5 auth $(dir_45) $(dir_otp) $(dir_dce) +@SQLITE3_FALSE@dir_sqlite = sqlite +SUBDIRS = \ + roken \ + vers \ + $(dir_editline) \ + $(dir_com_err) \ + sl \ + wind \ + asn1 \ + $(dir_sqlite) \ + $(dir_hcrypto) \ + ipc \ + hx509 \ + krb5 \ + ntlm \ + kafs \ + gssapi \ + hdb \ + kadm5 \ + $(dir_otp) \ + $(dir_dce) +EXTRA_DIST = NTMakefile heimdal all: all-recursive .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -359,6 +444,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): mostlyclean-libtool: -rm -f *.lo @@ -373,7 +459,7 @@ clean-libtool: # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. $(RECURSIVE_TARGETS): - @failcom='exit 1'; \ + @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ *=* | --[!k]*);; \ @@ -390,7 +476,7 @@ $(RECURSIVE_TARGETS): else \ local_target="$$target"; \ fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ @@ -398,7 +484,7 @@ $(RECURSIVE_TARGETS): fi; test -z "$$fail" $(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ + @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ *=* | --[!k]*);; \ @@ -424,16 +510,16 @@ $(RECURSIVE_CLEAN_TARGETS): else \ local_target="$$target"; \ fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ done ctags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ done ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) @@ -441,14 +527,14 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ include_option=--etags-include; \ @@ -460,39 +546,43 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -513,29 +603,44 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test -d "$(distdir)/$$subdir" \ || $(MKDIR_P) "$(distdir)/$$subdir" \ || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ am__remove_distdir=: \ am__skip_length_check=: \ + am__skip_mode_fix=: \ distdir) \ || exit 1; \ fi; \ @@ -569,6 +674,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -587,6 +693,8 @@ dvi-am: html: html-recursive +html-am: + info: info-recursive info-am: @@ -594,23 +702,31 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-recursive +install-dvi-am: + install-exec-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-recursive +install-html-am: + install-info: install-info-recursive +install-info-am: + install-man: install-pdf: install-pdf-recursive +install-pdf-am: + install-ps: install-ps-recursive +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-recursive @@ -632,9 +748,9 @@ ps-am: uninstall-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am +.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) check-am \ + ctags-recursive install-am install-data-am install-exec-am \ + install-strip tags-recursive uninstall-am .PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ all all-am all-local check check-am check-local clean \ @@ -720,6 +836,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -805,7 +924,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -818,6 +937,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/NTMakefile b/lib/NTMakefile new file mode 100644 index 000000000000..62d9754ab3c8 --- /dev/null +++ b/lib/NTMakefile @@ -0,0 +1,72 @@ +######################################################################## +# +# Copyright (c) 2009,2011, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + + +!ifdef KRB4 +dir_45 = 45 +!endif +!ifdef OTP +dir_otp = otp +!endif +!ifdef DCE +dir_dce = kdfs +!endif +!ifndef HAVE_OPENSSL +dir_hcrypto = hcrypto +!endif + +SUBDIRS = vers com_err sl wind asn1 sqlite \ + $(dir_hcrypto) hx509 krb5 heimdal ntlm kafs gssapi hdb \ + kadm5 $(dir_45) $(dir_otp) $(dir_dce) ..\packages\windows\assembly + +!include ../windows/NTMakefile.w32 + +# We can't build some of the lib tools until after we have LIBHEIMDAL. +# So we build tools in a separate build step: + +all:: all-tools + +all-tools:: asn1-tools hx509-tools krb5-tools kadm5-tools gss-tools + +asn1-tools: + @( cd asn1 && $(RMAKE) all-tools && cd .. ) || exit /b 1 + +hx509-tools: + @( cd hx509 && $(RMAKE) all-tools && cd .. ) || exit /b 1 + +krb5-tools: + @( cd krb5 && $(RMAKE) all-tools && cd .. ) || exit /b 1 + +kadm5-tools: + @( cd kadm5 && $(RMAKE) all-tools && cd .. ) || exit /b 1 + +gss-tools: + @( cd gssapi && $(RMAKE) all-tools && cd ..) || exit /b 1 diff --git a/lib/asn1/ChangeLog b/lib/asn1/ChangeLog index 9039e253fedf..523e24bad03a 100644 --- a/lib/asn1/ChangeLog +++ b/lib/asn1/ChangeLog @@ -1,43 +1,59 @@ -2008-01-13 Love Hörnquist Åstrand +2008-04-09 Love Hörnquist Ã…strand + + * pkinit.asn1: add id-pkinit-kdf + + * pkinit.asn1: add PkinitSP80056AOtherInfo + +2008-04-07 Love Hörnquist Ã…strand + + * gen.c: Use unsigned where appropriate. + +2008-03-22 Love Hörnquist Ã…strand + + * k5.asn1: Match name in ClientCanonicalizedNames with -10 + + * k5.asn1: add referral-valid-until + +2008-01-13 Love Hörnquist Ã…strand * asn1-common.h gen.c der.c gen_encode.c: add and use der_{malloc,free} -2007-12-13 Love Hörnquist Åstrand +2007-12-13 Love Hörnquist Ã…strand * libasn1.h: remove, not used. -2007-12-04 Love Hörnquist Åstrand +2007-12-04 Love Hörnquist Ã…strand * Makefile.am: Add DigestTypes, add --seq to antoher type. * digest.asn1: Add supportedMechs request. - -2007-10-18 Love Hörnquist Åstrand + +2007-10-18 Love Hörnquist Ã…strand * k5.asn1: Some "old" windows enctypes. From Andy Polyakov. - -2007-07-23 Love Hörnquist Åstrand + +2007-07-23 Love Hörnquist Ã…strand * Makefile.am: Fold in pk-init-alg-agilty. * pkinit.asn1: Fold in pk-init-alg-agilty. -2007-07-16 Love Hörnquist Åstrand +2007-07-16 Love Hörnquist Ã…strand * parse.y: Passe object id is its part of the module defintion statement. -2007-07-14 Love Hörnquist Åstrand +2007-07-14 Love Hörnquist Ã…strand * check-gen.c: test SEQ OF SIZE (...) * Makefile.am: Include more sizeof tests. -2007-07-12 Love Hörnquist Åstrand +2007-07-12 Love Hörnquist Ã…strand * try to avoid aliasing of pointers enum {} vs int -2007-07-10 Love Hörnquist Åstrand +2007-07-10 Love Hörnquist Ã…strand * test.asn1: Test SIZE attribute for SEQ and OCTET STRING @@ -45,10 +61,10 @@ * Makefile.am: New library version. -2007-07-02 Love Hörnquist Åstrand +2007-07-02 Love Hörnquist Ã…strand + + * rfc2459.asn1: Re-add size limits. - * rfc2459.asn1: Re-add size limits. - * k5.asn1: Add size limits from RFC 4120. * gen_decode.c: Check range on SEQ OF and OCTET STRING. @@ -57,17 +73,17 @@ * parse.y: Parse size limitations to SEQ OF. -2007-06-28 Love Hörnquist Åstrand +2007-06-28 Love Hörnquist Ã…strand * Makefile.am: Add AuthorityInfoAccessSyntax. * rfc2459.asn1: Add AuthorityInfoAccessSyntax. * rfc2459.asn1: Add authorityInfoAccess, rename proxyCertInfo. - + * Makefile.am: Add authorityInfoAccess, rename proxyCertInfo. -2007-06-27 Love Hörnquist Åstrand +2007-06-27 Love Hörnquist Ã…strand * der_get.c (der_get_time): avoid using wrapping of octet_string and realloc. @@ -95,20 +111,20 @@ * check-der.c: Test zero length integer. -2007-06-18 Love Hörnquist Åstrand +2007-06-18 Love Hörnquist Ã…strand * check-der.c: Init data to something. -2007-06-15 Love Hörnquist Åstrand +2007-06-15 Love Hörnquist Ã…strand * k5.asn1: Add KRB5-AUTHDATA-INITIAL-VERIFIED-CAS. -2007-06-13 Love Hörnquist Åstrand +2007-06-13 Love Hörnquist Ã…strand * pkinit.asn1: Make the pkinit nonce signed (like the kerberos nonce). -2007-06-03 Love Hörnquist Åstrand +2007-06-03 Love Hörnquist Ã…strand * check-der.c: Free more memory. @@ -122,10 +138,10 @@ * der_format.c (der_parse_hex_heim_integer): check length before reading data. - + * check-gen.c (test_authenticator): free memory - -2007-05-31 Love Hörnquist Åstrand + +2007-05-31 Love Hörnquist Ã…strand * Makefile.am: add MS-UPN-SAN @@ -133,13 +149,13 @@ * rfc2459.asn1: Do evil things to handle IMPLICIT encoded structures. Add id-ms-client-authentication. - -2007-05-30 Love Hörnquist Åstrand + +2007-05-30 Love Hörnquist Ã…strand * Makefile.am: Add asn1_id_ms_cert_enroll_domaincontroller.x - -2007-05-10 Love Hörnquist Åstrand - + +2007-05-10 Love Hörnquist Ã…strand + * gen.c: Add struct units; as a forward declaration. Pointed out by Marcus Watts. @@ -148,65 +164,65 @@ * Makefile.am: add U.S. Federal PKI Common Policy Framework * rfc2459.asn1: add U.S. Federal PKI Common Policy Framework - -2007-04-24 Love Hörnquist Åstrand + +2007-04-24 Love Hörnquist Ã…strand * gen_seq.c: Handle the case of resize to 0 and realloc that returns NULL. * check-gen.c (check_seq): free seq. - -2007-04-19 Love Hörnquist Åstrand + +2007-04-19 Love Hörnquist Ã…strand * check-der.c (test_heim_oid_format_same): avoid leaking memory in the non failure case too - -2007-04-16 Love Hörnquist Åstrand - + +2007-04-16 Love Hörnquist Ã…strand + * Makefile.am: remove extra ^Q - -2007-04-11 Love Hörnquist Åstrand - + +2007-04-11 Love Hörnquist Ã…strand + * der_get.c: Allow trailing NULs. We allow this since MIT Kerberos sends an strings in the NEED_PREAUTH case that includes a trailing NUL. - -2007-02-17 Love Hörnquist Åstrand - - + +2007-02-17 Love Hörnquist Ã…strand + + * Makefile.am: Add PA-ClientCanonicalized and friends. * k5.asn1: Add PA-ClientCanonicalized and friends. - -2007-02-08 Love Hörnquist Åstrand + +2007-02-08 Love Hörnquist Ã…strand * check-der.c: Drop one over INT_MAX test-case. - -2007-02-05 Love Hörnquist Åstrand - + +2007-02-05 Love Hörnquist Ã…strand + * pkinit.asn1: add id-pkinit-ms-eku - + * pkinit.asn1: fill in more bits of id-pkinit-ms-san - -2007-02-02 Love Hörnquist Åstrand - + +2007-02-02 Love Hörnquist Ã…strand + * digest.asn1: rename hash-a1 to session key - -2007-02-01 Love Hörnquist Åstrand - + +2007-02-01 Love Hörnquist Ã…strand + * digest.asn1: Add elements to send in requestResponse to KDC and get status of the request. - -2007-01-31 Love Hörnquist Åstrand - + +2007-01-31 Love Hörnquist Ã…strand + * Makefile.am: seq rules for CRLDistributionPoints - -2007-01-30 Love Hörnquist Åstrand - + +2007-01-30 Love Hörnquist Ã…strand + * Makefile.am: add CRLDistributionPoints and friends - -2007-01-20 Love Hörnquist Åstrand - + +2007-01-20 Love Hörnquist Ã…strand + * check-der.c: check BMPstring oddlength more * check-der.c: Test for NUL char in string in GENERAL STRING. @@ -215,24 +231,24 @@ ASN1_BAD_CHARACTER error-code if we find them. * asn1_err.et: Add BAD_CHARACTER error. - -2007-01-16 Love Hörnquist Åstrand - + +2007-01-16 Love Hörnquist Ã…strand + * Makefile.am: Add id-at-streetAddress. * rfc2459.asn1: Add id-at-streetAddress. - -2007-01-12 Love Hörnquist Åstrand - + +2007-01-12 Love Hörnquist Ã…strand + * rfc2459.asn1: Add PKIXXmppAddr and id-pkix-on-xmppAddr. - -2006-12-30 Love Hörnquist Åstrand - + +2006-12-30 Love Hörnquist Ã…strand + * Makefile.am: Add id-pkix-kp oids. * rfc2459.asn1: Add id-pkix-kp oids. - -2006-12-29 Love Hörnquist Åstrand + +2006-12-29 Love Hörnquist Ã…strand * gen_encode.c: Named bit strings have this horrible, disgusting, compress bits until they are no longer really there but stuff in @@ -242,56 +258,56 @@ * check-gen.c: Check all other silly bitstring combinations. * Makefile.am: Add --sequence=Extensions to rfc2459. - -2006-12-28 Love Hörnquist Åstrand - + +2006-12-28 Love Hörnquist Ã…strand + * kx509.asn1: Add kx509. * Makefile.am: Add kx509. * Add VisibleString parsing -2006-12-15 Love Hörnquist Åstrand +2006-12-15 Love Hörnquist Ã…strand * Makefile.am: Add ntlm files. * digest.asn1: Add bits for handling NTLM. - -2006-12-08 Love Hörnquist Åstrand + +2006-12-08 Love Hörnquist Ã…strand * Makefile.am: add pkix proxy cert policy lang oids * rfc2459.asn1: add pkix proxy cert policy lang oids - -2006-12-07 Love Hörnquist Åstrand - + +2006-12-07 Love Hörnquist Ã…strand + * rfc2459.asn1: unbreak id-pe-proxyCertInfo * rfc2459.asn1: Add id-pkix-on-dnsSRV and related oids -2006-11-28 Love Hörnquist Åstrand - +2006-11-28 Love Hörnquist Ã…strand + * Makefile.am: Add explicit depenency to LIB_roken for libasn1.la, make AIX happy. - -2006-11-27 Love Hörnquist Åstrand + +2006-11-27 Love Hörnquist Ã…strand * der_format.c (der_print_heim_oid): oid with zero length is invalid, fail to print. - -2006-11-24 Love Hörnquist Åstrand - + +2006-11-24 Love Hörnquist Ã…strand + * der_format.c (der_print_heim_oid): use delim when printing. - -2006-11-21 Love Hörnquist Åstrand - + +2006-11-21 Love Hörnquist Ã…strand + * k5.asn1: Make KRB5-PADATA-S4U2SELF pa type 129. - -2006-10-24 Love Hörnquist Åstrand + +2006-10-24 Love Hörnquist Ã…strand * asn1_err.et: add EXTRA_DATA - -2006-10-21 Love Hörnquist Åstrand + +2006-10-21 Love Hörnquist Ã…strand * check-gen.c: avoid leaking memory @@ -305,18 +321,18 @@ unaligned. * lex.l: add missing */ - + * lex.c: need %e for hpux lex -2006-10-20 Love Hörnquist Åstrand - +2006-10-20 Love Hörnquist Ã…strand + * Makefile.am: remove dups from gen_files_test, add check-timegm. - + * Makefile.am: include more test.asn1 built files * Makefile.am: More files, now for make check. - -2006-10-19 Love Hörnquist Åstrand + +2006-10-19 Love Hörnquist Ã…strand * Makefile.am: Add missing files @@ -329,17 +345,17 @@ * timegm.c: make more strict * der_locl.h: Rename timegm to _der_timegm. - -2006-10-17 Love Hörnquist Åstrand - + +2006-10-17 Love Hörnquist Ã…strand + * timegm.c: vJust fail if tm_mon is out of range for now XXXX this is wrong. - -2006-10-16 Love Hörnquist Åstrand - + +2006-10-16 Love Hörnquist Ã…strand + * Makefile.am: extra depencies on der-protos.h - -2006-10-14 Love Hörnquist Åstrand + +2006-10-14 Love Hörnquist Ã…strand * check-der.c: Prefix primitive types with der_. @@ -348,7 +364,7 @@ * heim_asn1.h: move prototype away from here. * der_format.c: Add der_parse_heim_oid - + * gen_free.c: prefix primitive types with der_ * der_copy.c: prefix primitive types with der_ @@ -368,7 +384,7 @@ * der_copy.c: rename copy_ to der_copy_ * Makefile.am: Add der-protos.h to nodist_include_HEADERS. - + * der.h: use newly built * Makefile.am: Generate der prototypes. @@ -384,29 +400,29 @@ * check-der.c: New der_print_heim_oid signature. Test der_parse_heim_oid - -2006-10-07 Love Hörnquist Åstrand - + +2006-10-07 Love Hörnquist Ã…strand + * lex.l: Grow an even larger output table size. * Makefile.am: split build files into dist_ and noinst_ SOURCES - -2006-10-04 Love Hörnquist Åstrand + +2006-10-04 Love Hörnquist Ã…strand * gen_seq.c: In generation of remove_TYPE: if you just removed the last element, you must not memmove memory beyond the array. From Andrew Bartlett - -2006-10-01 Love Hörnquist Åstrand + +2006-10-01 Love Hörnquist Ã…strand * lex.l: Grow (%p, %a, %n) tables for Solaris 10 lex. From Harald Barth. - -2006-09-24 Love Hörnquist Åstrand + +2006-09-24 Love Hörnquist Ã…strand * gen_decode.c (decode_type): drop unused variable realtype. - -2006-09-11 Love Hörnquist Åstrand + +2006-09-11 Love Hörnquist Ã…strand * Makefile.am: Add KRB5SignedPath and friends. @@ -414,12 +430,12 @@ * Makefile.am: Add new sequence generation for GeneralNames. -2006-09-07 Love Hörnquist Åstrand +2006-09-07 Love Hörnquist Ã…strand * CMS.asn1 (CMSVersion): rename versions from v0 to CMSVersion_v0, ... - -2006-09-05 Love Hörnquist Åstrand + +2006-09-05 Love Hörnquist Ã…strand * Makefile.am: Add TESTSeqOf for testing sequence generation code. @@ -446,23 +462,23 @@ TType". I'm tried of writing realloc(foo->data, sizeof(foo->data[0]) + (foo->len + 1)); Only generated for those type that is enabled by the command flag --sequence. - -2006-08-25 Love Hörnquist Åstrand + +2006-08-25 Love Hörnquist Ã…strand * digest.asn1 (DigestRequest): add authid * digest.asn1: Comment describing on how to communicate the sasl int/conf mode. - -2006-08-23 Love Hörnquist Åstrand + +2006-08-23 Love Hörnquist Ã…strand * digest.asn1: Add some missing fields needed for digest. - -2006-08-21 Love Hörnquist Åstrand + +2006-08-21 Love Hörnquist Ã…strand * digest.asn1: Tweak to make consisten and more easier to use. - -2006-07-20 Love Hörnquist Åstrand + +2006-07-20 Love Hörnquist Ã…strand * Makefile.am: Remove CMS symmetric encryption support. Add DigestProtocol. @@ -470,9 +486,9 @@ * digest.asn1: DigestProtocol * k5.asn1: Remove CMS symmetric encryption support. - -2006-06-22 Love Hörnquist Åstrand - + +2006-06-22 Love Hörnquist Ã…strand + * check-der.c (check_fail_heim_integer): disable test * der_get.c (der_get_heim_integer): revert part of previous @@ -485,58 +501,58 @@ * check-der.c: Add one check for heim_int, add checking for oid printing - -2006-06-06 Love Hörnquist Åstrand + +2006-06-06 Love Hörnquist Ã…strand * Makefile.am: Impersonation support bits (and sort) * k5.asn1: Impersonation support bits. - -2006-05-13 Love Hörnquist Åstrand + +2006-05-13 Love Hörnquist Ã…strand * der_format.c (der_parse_hex_heim_integer): avoid shadowing. - -2006-04-29 Love Hörnquist Åstrand - + +2006-04-29 Love Hörnquist Ã…strand + * Makefile.am: Add ExternalPrincipalIdentifiers, shared between several elements. * pkinit.asn1: Add ExternalPrincipalIdentifiers, shared between several elements. - -2006-04-28 Love Hörnquist Åstrand + +2006-04-28 Love Hörnquist Ã…strand * parse.y: Add missing ;'s, found by bison on a SuSE 8.2 machine. - -2006-04-26 Love Hörnquist Åstrand + +2006-04-26 Love Hörnquist Ã…strand * Makefile.am: Add definitions from RFC 3820, Proxy Certificate Profile. * rfc2459.asn1: Add definitions from RFC 3820, Proxy Certificate Profile. - -2006-04-24 Love Hörnquist Åstrand + +2006-04-24 Love Hörnquist Ã…strand * rfc2459.asn1: Add id-Userid * Makefile.am: Add UID and email * pkcs9.asn1: Add id-pkcs9-emailAddress - + * Makefile.am: Add attribute type oids from X520 and RFC 2247 DC oid * rfc2459.asn1: Add attribute type oids from X520 and RFC 2247 DC oid - -2006-04-21 Love Hörnquist Åstrand + +2006-04-21 Love Hörnquist Ã…strand * Makefile.am: add sha-1 and sha-2 * rfc2459.asn1: add sha-1 and sha-2 - -2006-04-15 Love Hörnquist Åstrand + +2006-04-15 Love Hörnquist Ã…strand * Makefile.am: Add id-pkcs1-sha256WithRSAEncryption and friends @@ -544,50 +560,50 @@ * CMS.asn1: Turn CMSRC2CBCParameter.rc2ParameterVersion into a constrained integer - -2006-04-08 Love Hörnquist Åstrand + +2006-04-08 Love Hörnquist Ã…strand * hash.c (hashtabnew): check for NULL before setting structure. Coverity, NetBSD CID#4 - -2006-03-31 Love Hörnquist Åstrand + +2006-03-31 Love Hörnquist Ã…strand * Makefile.am: gen_files_rfc2459 += asn1_ExtKeyUsage.x - + * rfc2459.asn1: Add ExtKeyUsage. * gen.c (generate_header_of_codefile): remove unused variable. - -2006-03-30 Love Hörnquist Åstrand + +2006-03-30 Love Hörnquist Ã…strand * gen.c: Put all the IMPORTed headers into the headerfile to avoid hidden depencies. - -2006-03-27 Love Hörnquist Åstrand + +2006-03-27 Love Hörnquist Ã…strand * Makefile.am: Add id-pkinit-ms-san. * pkinit.asn1: Add id-pkinit-ms-san. * k5.asn1 (PADATA-TYPE): Add KRB5-PADATA-PA-PK-OCSP-RESPONSE - -2006-03-26 Love Hörnquist Åstrand + +2006-03-26 Love Hörnquist Ã…strand * Makefile.am: Add pkinit-san. * pkinit.asn1: Rename id-pksan to id-pkinit-san - -2006-03-08 Love Hörnquist Åstrand + +2006-03-08 Love Hörnquist Ã…strand * gen.c (init_generate): Nothing in the generated files needs timegm(), so no need to provide a prototype for it. - -2006-02-13 Love Hörnquist Åstrand + +2006-02-13 Love Hörnquist Ã…strand * pkinit.asn1: paChecksum is now OPTIONAL so it can be upgraded to something better then SHA1 - -2006-01-31 Love Hörnquist Åstrand + +2006-01-31 Love Hörnquist Ã…strand * extra.c: Stub-generator now generates alloc statements for tagless ANY OPTIONAL, remove workaround. @@ -595,25 +611,25 @@ * check-gen.c: check for "tagless ANY OPTIONAL" * test.asn1: check for "tagless ANY OPTIONAL" - -2006-01-30 Love Hörnquist Åstrand + +2006-01-30 Love Hörnquist Ã…strand * der.h: UniversalString and BMPString are both implemented. * der.h: Remove , after the last element of enum. * asn1_gen.c: Spelling. - -2006-01-20 Love Hörnquist Åstrand - + +2006-01-20 Love Hörnquist Ã…strand + * der_length.c (length_heim_integer): Try handle negative length of integers better. * der_get.c (der_get_heim_integer): handle negative integers. - + * check-der.c: check heim_integer. - -2006-01-18 Love Hörnquist Åstrand + +2006-01-18 Love Hörnquist Ã…strand * Makefile.am: Its cRLReason, not cRLReasons @@ -630,8 +646,8 @@ * der_cmp.c (heim_integer_cmp): make it work with negative numbers. - -2006-01-17 Love Hörnquist Åstrand + +2006-01-17 Love Hörnquist Ã…strand * check-der.c: check that der_parse_hex_heim_integer() handles odd length numbers. @@ -639,21 +655,21 @@ * der_format.c (der_parse_hex_heim_integer): make more resiliant to errors, handle odd length numbers. -2006-01-13 Love Hörnquist Åstrand - +2006-01-13 Love Hörnquist Ã…strand + * Makefile.am: Add RSAPrivateKey - + * rfc2459.asn1: Add RSAPrivateKey. - -2006-01-05 Love Hörnquist Åstrand - + +2006-01-05 Love Hörnquist Ã…strand + * der_copy.c (copy_heim_integer): copy the negative flag - -2005-12-14 Love Hörnquist Åstrand + +2005-12-14 Love Hörnquist Ã…strand * parse.y: Drop ExceptionSpec for now, its not used. - -2005-12-06 Love Hörnquist Åstrand + +2005-12-06 Love Hörnquist Ã…strand * test.asn1: Add test string for constraints. @@ -663,71 +679,71 @@ constructed types. * parse.y: Add support for parsing part of the Constraint-s - -2005-10-29 Love Hörnquist Åstrand - + +2005-10-29 Love Hörnquist Ã…strand + * Makefile.am: Add some X9.57 (DSA) oids, sort lines * rfc2459.asn1: Add some X9.57 (DSA) oids. - -2005-10-07 Love Hörnquist Åstrand + +2005-10-07 Love Hörnquist Ã…strand * Makefile.am: Remove pk-init-19 support. - + * pkinit.asn1: Fix comment - + * check-der.c: Add tests for parse and print functions for heim_integer. * Makefile.am: Add parse and print functions for heim_integer. - + * der_format.c: Add parse and print functions for heim_integer. * der.h: Add parse and print functions for heim_integer. - -2005-09-22 Love Hörnquist Åstrand + +2005-09-22 Love Hörnquist Ã…strand * Makefile.am (gen_files_rfc2459) += asn1_DHPublicKey.x - + * rfc2459.asn1: Add DHPublicKey, and INTEGER to for storing the DH public key in the SubjectPublicKeyInfo.subjectPublicKey BIT STRING. - -2005-09-20 Love Hörnquist Åstrand + +2005-09-20 Love Hörnquist Ã…strand * gen_decode.c: TSequenceOf/TSetOf: Increase the length of the array after successful decoding the next element, so that the array don't contain heap-data. - -2005-09-13 Love Hörnquist Åstrand + +2005-09-13 Love Hörnquist Ã…strand * check-der.c: Avoid empty array initiators. - + * pkcs8.asn1 (PKCS8PrivateKeyInfo): Inline SET OF to avoid compiler "feature" - + * check-common.c: Avoid signedness warnings. - + * check-common.h: Makes bytes native platform signed to avoid casting everywhere - + * check-der.c: Don't depend on malloc(very-very-larger-value) will fail. Cast to unsigned long before printing size_t. - + * check-gen.c: Don't depend on malloc(very-very-larger-value) will fail. - + * check-gen.c: Fix signedness warnings. - + * lex.l: unput() have to hanppen in actions for flex 2.5.31, can do them in user code sesction, so move up handle_comment and handle_string into action, not much sharing was done anyway. - -2005-09-09 Love Hörnquist Åstrand + +2005-09-09 Love Hörnquist Ã…strand * check-der.c (test_one_int): len and len_len is size_t -2005-08-23 Love Hörnquist Åstrand +2005-08-23 Love Hörnquist Ã…strand * gen_encode.c: Change name of oldret for each instance its used to avoid shadow warning. From: Stefan Metzmacher @@ -740,61 +756,61 @@ * gen_decode.c: Change name of oldret for each instance its used to avoid shadow warning. From: Stefan Metzmacher . - + * parse.y: Const poision yyerror. * gen.c: Const poision. - -2005-08-22 Love Hörnquist Åstrand + +2005-08-22 Love Hörnquist Ã…strand * k5.asn1: Add KRB5-PADATA-PK-AS-09-BINDING, client send this (with an empty pa-data.padata-value) to tell the KDC that the client support the binding the PA-REP to the AS-REQ packet. This is to fix the problem lack of binding the AS-REQ to the PK-AS-REP in pre PK-INIT-27. The nonce is replaced with a asCheckSum. - -2005-08-11 Love Hörnquist Åstrand + +2005-08-11 Love Hörnquist Ã…strand * canthandle.asn1: Allocation is done on CONTEXT tags. * asn1_gen.c: rename optind to optidx to avoid shadow warnings -2005-07-28 Love Hörnquist Åstrand +2005-07-28 Love Hörnquist Ã…strand * rfc2459.asn1: add id-rsadsi-rc2-cbc * Makefile.am: add another oid for rc2 -2005-07-27 Love Hörnquist Åstrand +2005-07-27 Love Hörnquist Ã…strand * check-der.c: Make variable initiation constant by moving them to global context * check-gen.c: change to c89 comment -2005-07-27 Love Hörnquist Åstrand +2005-07-27 Love Hörnquist Ã…strand * Makefile.am: remove duplicate asn1_CMSAttributes.x -2005-07-26 Love Hörnquist Åstrand +2005-07-26 Love Hörnquist Ã…strand * asn1_print.c: rename optind to optidx * Makefile.am: Update to pkinit-27 * pkinit.asn1: Update to pkinit-27 - -2005-07-25 Love Hörnquist Åstrand + +2005-07-25 Love Hörnquist Ã…strand * check-der.c: make it work for non c99 compilers too - + * check-der.c: start testing BIT STRING * der_cmp.c (heim_bit_string_cmp): try handle corner cases better - + * gen_free.c (free_type): free bignum integers -2005-07-23 Love Hörnquist Åstrand +2005-07-23 Love Hörnquist Ã…strand * Makefile.am: add PKCS12-OctetString @@ -807,24 +823,24 @@ * CMS.asn1: handle IMPLICIT and share some common structures -2005-07-21 Love Hörnquist Åstrand +2005-07-21 Love Hörnquist Ã…strand * rfc2459.asn1: Include enough workarounds that this even might work. * check-gen.c: Two implicit tests, one with all structures inlined - + * test.asn1: fix workaround for IMPLICIT CONS case - + * canthandle.asn1: fix workaround for IMPLICIT CONS case - + * asn1_print.c: hint that there are IMPLICIT content when we find it * check-gen.c: Added #ifdef out test for IMPLICIT tagging. * Makefile.am: test several IMPLICIT tag level deep - + * test.asn1: test several IMPLICIT tag level deep * test.asn1: tests for IMPLICIT @@ -837,7 +853,7 @@ * rfc2459.asn1: some of the structure are in the IMPLICIT TAGS module -2005-07-19 Love Hörnquist Åstrand +2005-07-19 Love Hörnquist Ã…strand * asn1_print.c: print size_t by casting to unsigned long and use right printf format tags are unsigned integers @@ -869,7 +885,7 @@ * gen_decode.c (find_tag): Fix return in TType case. -2005-07-13 Love Hörnquist Åstrand +2005-07-13 Love Hörnquist Ã…strand * gen_encode.c (TChoice): add () to make sure variable expression is evaluated correctly @@ -880,7 +896,7 @@ * k5.asn1: reapply 1.43 that got lost in the merge: rename pvno to krb5-pvno -2005-07-12 Love Hörnquist Åstrand +2005-07-12 Love Hörnquist Ã…strand * gen_decode.c (decode_type): TChoice: set the label @@ -931,7 +947,7 @@ Make sure that malloc(0) returning NULL is not treated as an error. -2005-07-10 Love Hörnquist Åstrand +2005-07-10 Love Hörnquist Ã…strand * check-gen.c: test cases for CHOICE, its too liberal right now, it don't fail hard on failure on after it successfully decoded the @@ -958,7 +974,7 @@ * der.h: Add class/type/tag string<->num converter. Prototypes/structures for new time bits. -2005-07-09 Love Hörnquist Åstrand +2005-07-09 Love Hörnquist Ã…strand * der_get.c (der_get_unsigned) check for length overflow (der_get_integer) ditto @@ -979,13 +995,13 @@ * check-common.c (map_alloc): make input buffer const (generic_decode_fail): verify decoding failures -2005-07-05 Love Hörnquist Åstrand +2005-07-05 Love Hörnquist Ã…strand * gen_encode.c: split up the printf for SET OF, also use the generate name for the symbol in the SET OF, if not, the name might contain non valid variable name characters (like -) -2005-07-04 Love Hörnquist Åstrand +2005-07-04 Love Hörnquist Ã…strand * Makefile.am: move pkcs12 defines into their own namespace @@ -1004,7 +1020,7 @@ * gen_decode.c: use less context so lower indentention level, add missing {} where needed -2005-07-02 Love Hörnquist Åstrand +2005-07-02 Love Hörnquist Ã…strand * gen_copy.c: Use a global variable to keep track of if the 'goto fail' was used, and use that to only generate the label if needed. @@ -1017,7 +1033,7 @@ (missing EndOfContent tag) add (negative) indent flag to speed up testing -2005-07-01 Love Hörnquist Åstrand +2005-07-01 Love Hörnquist Ã…strand * canthandle.asn1: Can't handle primitives in CHOICE @@ -1028,12 +1044,12 @@ * gen_decode.c: Check if malloc failes, rename "reallen" to tagdatalen since that is what it is. -2005-05-29 Love Hörnquist Åstrand +2005-05-29 Love Hörnquist Ã…strand * prefix Der_class with ASN1_C_ to avoid problems with system headerfiles that pollute the name space -2005-05-20 Love Hörnquist Åstrand +2005-05-20 Love Hörnquist Ã…strand * pkcs12.asn1: add PKCS12CertBag @@ -1047,16 +1063,16 @@ * Makefile.am: add PKCS12Attributes -2005-05-10 Love Hörnquist Åstrand +2005-05-10 Love Hörnquist Ã…strand * canthandle.asn1: fix tags in example -2005-05-02 Love Hörnquist Åstrand +2005-05-02 Love Hörnquist Ã…strand * pkinit.asn1: Let the Windows nonce be an int32 (signed), if not it will fail when using Windows PK-INIT. -2005-05-01 Love Hörnquist Åstrand +2005-05-01 Love Hörnquist Ã…strand * Makefile.am: add pkcs12-PBEParams @@ -1064,14 +1080,14 @@ * parse.y: objid_element: exit when the condition fails -2005-04-26 Love Hörnquist Åstrand +2005-04-26 Love Hörnquist Ã…strand * gen_glue.c: 1.8: switch the units variable to a function. gcc-4.1 needs the size of the structure if its defined as extern struct units foo_units[] an we don't want to include in the generate headerfile -2005-03-20 Love Hörnquist Åstrand +2005-03-20 Love Hörnquist Ã…strand * Makefile.am: add the des-ede3-cbc oid that ansi x9.52 uses @@ -1081,23 +1097,23 @@ * rfc2459.asn1: add oids now when the compiler can handle them -2005-03-19 Love Hörnquist Åstrand +2005-03-19 Love Hörnquist Ã…strand * Makefile.am: add pkcs9 files * pkcs9.asn1: add small number of oids from pkcs9 -2005-03-14 Love Hörnquist Åstrand +2005-03-14 Love Hörnquist Ã…strand * Makefile.am: add a bunch of pkcs1/pkcs2/pkcs3/aes oids * rfc2459.asn1: add a bunch of pkcs1/pkcs2/pkcs3/aes oids -2005-03-10 Love Hörnquist Åstrand +2005-03-10 Love Hörnquist Ã…strand * k5.asn1: merge pa-numbers -2005-03-09 Love Hörnquist Åstrand +2005-03-09 Love Hörnquist Ã…strand * Makefile.am: add oid's @@ -1109,7 +1125,7 @@ * CMS.asn1: add pkcs7 oids -2005-03-08 Love Hörnquist Åstrand +2005-03-08 Love Hörnquist Ã…strand * gen.c (generate_header_of_codefile): break out the header section generation @@ -1120,12 +1136,12 @@ * parse.y: handle OBJECT IDENTIFIER as value construct -2005-02-24 Love Hörnquist Åstrand +2005-02-24 Love Hörnquist Ã…strand * Preserve content of CHOICE element that is unknown if ellipsis was used when defining the structure -2005-02-13 Love Hörnquist Åstrand +2005-02-13 Love Hörnquist Ã…strand * parse.y: use ANS1_TAILQ macros @@ -1134,43 +1150,43 @@ * asn1_queue.h: inline bsd sys/queue.h and rename TAILQ to ASN1_TAILQ to avoid problems with name polluting headerfiles -2005-01-19 Love Hörnquist Åstrand +2005-01-19 Love Hörnquist Ã…strand * gen.c: pull in -2005-01-10 Love Hörnquist Åstrand +2005-01-10 Love Hörnquist Ã…strand * Add BMPString and UniversalString * k5.asn1 (EtypeList): make INTEGER constrained (use krb5int32) -2005-01-07 Love Hörnquist Åstrand +2005-01-07 Love Hörnquist Ã…strand * rfc2459.asn1: add GeneralNames -2004-11-21 Love Hörnquist Åstrand +2004-11-21 Love Hörnquist Ã…strand * gen.c: use unsigned integer for len of SequenceOf/SetOf and bitstring names -2004-11-10 Love Hörnquist Åstrand +2004-11-10 Love Hörnquist Ã…strand * Makefile.am: switch to krb5int32 and krb5uint32 * Unify that three integer types TInteger TUInteger and TBigInteger. Start to use constrained integers where appropriate. -2004-10-13 Love Hörnquist Åstrand +2004-10-13 Love Hörnquist Ã…strand * CMS.asn1: remove no longer used commented out elements * gen_glue.c: make units structures const -2004-10-12 Love Hörnquist Åstrand +2004-10-12 Love Hörnquist Ã…strand * lex.l: handle hex number with [a-fA-F] in them -2004-10-07 Love Hörnquist Åstrand +2004-10-07 Love Hörnquist Ã…strand * gen_free.c: free _save for CHOICE too @@ -1187,7 +1203,7 @@ name is CMSIdentifier and add glue for that so we can share code use Name and not heim_any -2004-10-03 Love Hörnquist Åstrand +2004-10-03 Love Hörnquist Ã…strand * Makefile.am: drop AlgorithmIdentifierNonOpt add {RC2CBC,}CBCParameter here where they belong @@ -1199,7 +1215,7 @@ * rfc2459.asn1: stop using AlgorithmIdentifierNonOpt hint that we really want to use Name and some MS stuff -2004-09-05 Love Hörnquist Åstrand +2004-09-05 Love Hörnquist Ã…strand * asn1_print.c: handle end of content, this is part BER support, however, OCTET STRING need some tweeking too. @@ -1244,7 +1260,7 @@ * CMS.asn1: add EncryptedData -2004-08-26 Love Hörnquist Åstrand +2004-08-26 Love Hörnquist Ã…strand * gen_decode.c (decode_type): if the entry is already optional when parsing a tag and we allocate the structure, not pass down @@ -1252,12 +1268,12 @@ allocate an entry. and we'll leak an entry. Bug from Luke Howard . While here, use calloc. -2004-04-29 Love Hörnquist Åstrand +2004-04-29 Love Hörnquist Ã…strand * k5.asn1: shift the last added etypes one step so rc2 doesn't stomp on cram-md5 -2004-04-26 Love Hörnquist Åstrand +2004-04-26 Love Hörnquist Ã…strand * k5.asn1: add ETYPE_AESNNN_CBC_NONE @@ -1266,17 +1282,17 @@ * k5.asn1: add CMS symmetrical parameters here, more nametypes enctype rc2-cbc -2004-04-25 Love Hörnquist Åstrand +2004-04-25 Love Hörnquist Ã…strand * gen_decode.c: free data on decode failure -2004-04-24 Love Hörnquist Åstrand +2004-04-24 Love Hörnquist Ã…strand * Makefile.am: add CBCParameter and RC2CBCParameter * CMS.asn1: add CBCParameter and RC2CBCParameter -2004-04-20 Love Hörnquist Åstrand +2004-04-20 Love Hörnquist Ã…strand * check-der.c: add simple test for oid's, used to trigger malloc bugs in you have picky malloc (like valgrind/purify/third) @@ -1285,7 +1301,7 @@ then 127 and allocate one extra element since first byte is split to to elements. -2004-04-16 Love Hörnquist Åstrand +2004-04-16 Love Hörnquist Ã…strand * canthandle.asn1: one thing handled @@ -1295,7 +1311,7 @@ an unsigned, do the length counting here. ("unsigned" is zero padded when most significate bit is set, length is not) -2004-04-12 Love Hörnquist Åstrand +2004-04-12 Love Hörnquist Ã…strand * canthandle.asn1: document by example what the encoder can't handle right now @@ -1344,7 +1360,7 @@ * der.h: hide away more symbols, add more _cmp functions -2004-03-06 Love Hörnquist Åstrand +2004-03-06 Love Hörnquist Ã…strand * Makefile.am: add more pkix types make k5 use rfc150 bitstrings, everything else use der bitstrings @@ -1365,7 +1381,7 @@ * rfc2459.asn1: add Certificates and KeyUsage -2004-02-22 Love Hörnquist Åstrand +2004-02-22 Love Hörnquist Ã…strand * pkinit.asn1: use Name from PKIX @@ -1398,7 +1414,7 @@ * gen_length.c: 1.14: (length_type): TSequenceOf: add up the size of all the elements, don't use just the size of the last element. -2004-02-20 Love Hörnquist Åstrand +2004-02-20 Love Hörnquist Ã…strand * rfc2459.asn1: include defintion of Name @@ -1410,7 +1426,7 @@ * Makefile.am: align with pk-init-18, move contentinfo to cms -2004-02-17 Love Hörnquist Åstrand +2004-02-17 Love Hörnquist Ã…strand * der_get.c: rewrite previous commit @@ -1461,17 +1477,17 @@ * asn1-common.h: add signedness flag to heim_integer, add ia5string and printablestring -2004-02-13 Love Hörnquist Åstrand +2004-02-13 Love Hörnquist Ã…strand * rfc2459.asn1: use BIGINTEGER where appropriate * setchgpw2.asn1: spelling and add op-req again -2004-02-12 Love Hörnquist Åstrand +2004-02-12 Love Hörnquist Ã…strand * Makefile.am: clean up better -2004-02-11 Love Hörnquist Åstrand +2004-02-11 Love Hörnquist Ã…strand * gen_decode.c (decode_type): TTag, don't overshare the reallen variable @@ -1480,7 +1496,7 @@ * gen.c: genereate log file name based on base name -2003-11-26 Love Hörnquist Åstrand +2003-11-26 Love Hörnquist Ã…strand * Makefile.am: += asn1_AlgorithmIdentifierNonOpt.x @@ -1491,7 +1507,7 @@ * pkinit.asn1: don't import AlgorithmIdentifier -2003-11-25 Love Hörnquist Åstrand +2003-11-25 Love Hörnquist Ã…strand * der_put.c (der_put_bit_string): make it work somewhat better (should really prune off all trailing zeros) @@ -1501,7 +1517,7 @@ * der_length.c (length_bit_string): calculate right length for bitstrings -2003-11-24 Love Hörnquist Åstrand +2003-11-24 Love Hörnquist Ã…strand * der_cmp.c (oid_cmp): compare the whole array, not just length/sizeof(component) @@ -1524,11 +1540,11 @@ * asn1_print.c: check end of tag_names loop into APPL class tags -2003-11-23 Love Hörnquist Åstrand +2003-11-23 Love Hörnquist Ã…strand * der_put.c (der_put_generalized_time): check size, not *size -2003-11-11 Love Hörnquist Åstrand +2003-11-11 Love Hörnquist Ã…strand * gen_decode.c (decode_type/TBitString): skip over skipped-bits-in-last-octet octet @@ -1536,7 +1552,7 @@ * gen_glue.c (generate_units): generate units in reverse order to keep unparse_units happy -2003-11-08 Love Hörnquist Åstrand +2003-11-08 Love Hörnquist Ã…strand * Makefile.am: generate all silly pkinit files @@ -1592,7 +1608,7 @@ * pkinit.asn1: add KdcDHKeyInfo-Win2k -2003-11-07 Love Hörnquist Åstrand +2003-11-07 Love Hörnquist Ã…strand * der_copy.c (copy_oid): copy all components @@ -1612,29 +1628,29 @@ steping out in the void, parse SET, only go down CONTEXT of type CONS (not PRIM) -2003-09-17 Love Hörnquist Åstrand +2003-09-17 Love Hörnquist Ã…strand * gen_encode.c (TChoice, TSequence): code element in reverse order... -2003-09-16 Love Hörnquist Åstrand +2003-09-16 Love Hörnquist Ã…strand * gen.c: store NULL's as int's for now * parse.y: remove dup of type def of UsefulType -2003-09-11 Love Hörnquist Åstrand +2003-09-11 Love Hörnquist Ã…strand * gen_decode.c (decode_type): if malloc failes, return ENOMEM -2003-09-10 Love Hörnquist Åstrand +2003-09-10 Love Hörnquist Ã…strand * parse.y: kw_UTF8String is a token put tag around the OID * asn1_print.c (UT_Integer): when the integer is larger then int can handle, just print BIG INT and its size -2003-09-10 Love Hörnquist Åstrand +2003-09-10 Love Hörnquist Ã…strand * gen_decode.c (decode_type): TTag, try to generate prettier code in the non optional case, also remember to update length diff --git a/lib/asn1/Makefile.am b/lib/asn1/Makefile.am index af300f0679cd..47158b88aa42 100644 --- a/lib/asn1/Makefile.am +++ b/lib/asn1/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 22445 2008-01-14 21:23:36Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -7,456 +7,62 @@ YFLAGS = -d -t lib_LTLIBRARIES = libasn1.la libasn1_la_LDFLAGS = -version-info 8:0:0 +noinst_LTLIBRARIES = libasn1base.la + +if versionscript +libasn1_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map +endif + + libasn1_la_LIBADD = \ + libasn1base.la \ @LIB_com_err@ \ $(LIBADD_roken) BUILT_SOURCES = \ $(gen_files_rfc2459:.x=.c) \ $(gen_files_cms:.x=.c) \ - $(gen_files_k5:.x=.c) \ + $(gen_files_krb5:.x=.c) \ $(gen_files_pkinit:.x=.c) \ $(gen_files_pkcs8:.x=.c) \ $(gen_files_pkcs9:.x=.c) \ $(gen_files_pkcs12:.x=.c) \ $(gen_files_digest:.x=.c) \ - $(gen_files_kx509:.x=.c) \ - asn1_err.h \ - asn1_err.c + $(gen_files_kx509:.x=.c) -gen_files_k5 = \ - asn1_AD_AND_OR.x \ - asn1_AD_IF_RELEVANT.x \ - asn1_AD_KDCIssued.x \ - asn1_AD_MANDATORY_FOR_KDC.x \ - asn1_AD_LoginAlias.x \ - asn1_APOptions.x \ - asn1_AP_REP.x \ - asn1_AP_REQ.x \ - asn1_AS_REP.x \ - asn1_AS_REQ.x \ - asn1_AUTHDATA_TYPE.x \ - asn1_Authenticator.x \ - asn1_AuthorizationData.x \ - asn1_AuthorizationDataElement.x \ - asn1_CKSUMTYPE.x \ - asn1_ChangePasswdDataMS.x \ - asn1_Checksum.x \ - asn1_ENCTYPE.x \ - asn1_ETYPE_INFO.x \ - asn1_ETYPE_INFO2.x \ - asn1_ETYPE_INFO2_ENTRY.x \ - asn1_ETYPE_INFO_ENTRY.x \ - asn1_EncAPRepPart.x \ - asn1_EncASRepPart.x \ - asn1_EncKDCRepPart.x \ - asn1_EncKrbCredPart.x \ - asn1_EncKrbPrivPart.x \ - asn1_EncTGSRepPart.x \ - asn1_EncTicketPart.x \ - asn1_EncryptedData.x \ - asn1_EncryptionKey.x \ - asn1_EtypeList.x \ - asn1_HostAddress.x \ - asn1_HostAddresses.x \ - asn1_KDCOptions.x \ - asn1_KDC_REP.x \ - asn1_KDC_REQ.x \ - asn1_KDC_REQ_BODY.x \ - asn1_KRB_CRED.x \ - asn1_KRB_ERROR.x \ - asn1_KRB_PRIV.x \ - asn1_KRB_SAFE.x \ - asn1_KRB_SAFE_BODY.x \ - asn1_KerberosString.x \ - asn1_KerberosTime.x \ - asn1_KrbCredInfo.x \ - asn1_LR_TYPE.x \ - asn1_LastReq.x \ - asn1_MESSAGE_TYPE.x \ - asn1_METHOD_DATA.x \ - asn1_NAME_TYPE.x \ - asn1_PADATA_TYPE.x \ - asn1_PA_DATA.x \ - asn1_PA_ENC_SAM_RESPONSE_ENC.x \ - asn1_PA_ENC_TS_ENC.x \ - asn1_PA_PAC_REQUEST.x \ - asn1_PA_S4U2Self.x \ - asn1_PA_SAM_CHALLENGE_2.x \ - asn1_PA_SAM_CHALLENGE_2_BODY.x \ - asn1_PA_SAM_REDIRECT.x \ - asn1_PA_SAM_RESPONSE_2.x \ - asn1_PA_SAM_TYPE.x \ - asn1_PA_ClientCanonicalized.x \ - asn1_PA_ClientCanonicalizedNames.x \ - asn1_PA_SvrReferralData.x \ - asn1_PROV_SRV_LOCATION.x \ - asn1_Principal.x \ - asn1_PrincipalName.x \ - asn1_Realm.x \ - asn1_SAMFlags.x \ - asn1_TGS_REP.x \ - asn1_TGS_REQ.x \ - asn1_TYPED_DATA.x \ - asn1_Ticket.x \ - asn1_TicketFlags.x \ - asn1_TransitedEncoding.x \ - asn1_TypedData.x \ - asn1_krb5int32.x \ - asn1_krb5uint32.x \ - asn1_KRB5SignedPathData.x \ - asn1_KRB5SignedPathPrincipals.x \ - asn1_KRB5SignedPath.x +gen_files_krb5 = asn1_krb5_asn1.x +gen_files_cms = asn1_cms_asn1.x +gen_files_rfc2459 = asn1_rfc2459_asn1.x +gen_files_pkinit = asn1_pkinit_asn1.x +gen_files_pkcs12 = asn1_pkcs12_asn1.x +gen_files_pkcs8 = asn1_pkcs8_asn1.x +gen_files_pkcs9 = asn1_pkcs9_asn1.x +gen_files_test = asn1_test_asn1.x +gen_files_digest = asn1_digest_asn1.x +gen_files_kx509 = asn1_kx509_asn1.x -gen_files_cms = \ - asn1_CMSAttributes.x \ - asn1_CMSCBCParameter.x \ - asn1_CMSEncryptedData.x \ - asn1_CMSIdentifier.x \ - asn1_CMSRC2CBCParameter.x \ - asn1_CMSVersion.x \ - asn1_CertificateList.x \ - asn1_CertificateRevocationLists.x \ - asn1_CertificateSet.x \ - asn1_ContentEncryptionAlgorithmIdentifier.x \ - asn1_ContentInfo.x \ - asn1_ContentType.x \ - asn1_DigestAlgorithmIdentifier.x \ - asn1_DigestAlgorithmIdentifiers.x \ - asn1_EncapsulatedContentInfo.x \ - asn1_EncryptedContent.x \ - asn1_EncryptedContentInfo.x \ - asn1_EncryptedKey.x \ - asn1_EnvelopedData.x \ - asn1_IssuerAndSerialNumber.x \ - asn1_KeyEncryptionAlgorithmIdentifier.x \ - asn1_KeyTransRecipientInfo.x \ - asn1_MessageDigest.x \ - asn1_OriginatorInfo.x \ - asn1_RecipientIdentifier.x \ - asn1_RecipientInfo.x \ - asn1_RecipientInfos.x \ - asn1_SignatureAlgorithmIdentifier.x \ - asn1_SignatureValue.x \ - asn1_SignedData.x \ - asn1_SignerIdentifier.x \ - asn1_SignerInfo.x \ - asn1_SignerInfos.x \ - asn1_id_pkcs7.x \ - asn1_id_pkcs7_data.x \ - asn1_id_pkcs7_digestedData.x \ - asn1_id_pkcs7_encryptedData.x \ - asn1_id_pkcs7_envelopedData.x \ - asn1_id_pkcs7_signedAndEnvelopedData.x \ - asn1_id_pkcs7_signedData.x \ - asn1_UnprotectedAttributes.x +noinst_PROGRAMS = asn1_gen -gen_files_rfc2459 = \ - asn1_Version.x \ - asn1_id_pkcs_1.x \ - asn1_id_pkcs1_rsaEncryption.x \ - asn1_id_pkcs1_md2WithRSAEncryption.x \ - asn1_id_pkcs1_md5WithRSAEncryption.x \ - asn1_id_pkcs1_sha1WithRSAEncryption.x \ - asn1_id_pkcs1_sha256WithRSAEncryption.x \ - asn1_id_pkcs1_sha384WithRSAEncryption.x \ - asn1_id_pkcs1_sha512WithRSAEncryption.x \ - asn1_id_heim_rsa_pkcs1_x509.x \ - asn1_id_pkcs_2.x \ - asn1_id_pkcs2_md2.x \ - asn1_id_pkcs2_md4.x \ - asn1_id_pkcs2_md5.x \ - asn1_id_rsa_digestAlgorithm.x \ - asn1_id_rsa_digest_md2.x \ - asn1_id_rsa_digest_md4.x \ - asn1_id_rsa_digest_md5.x \ - asn1_id_pkcs_3.x \ - asn1_id_pkcs3_rc2_cbc.x \ - asn1_id_pkcs3_rc4.x \ - asn1_id_pkcs3_des_ede3_cbc.x \ - asn1_id_rsadsi_encalg.x \ - asn1_id_rsadsi_rc2_cbc.x \ - asn1_id_rsadsi_des_ede3_cbc.x \ - asn1_id_secsig_sha_1.x \ - asn1_id_nistAlgorithm.x \ - asn1_id_nist_aes_algs.x \ - asn1_id_aes_128_cbc.x \ - asn1_id_aes_192_cbc.x \ - asn1_id_aes_256_cbc.x \ - asn1_id_nist_sha_algs.x \ - asn1_id_sha256.x \ - asn1_id_sha224.x \ - asn1_id_sha384.x \ - asn1_id_sha512.x \ - asn1_id_dhpublicnumber.x \ - asn1_id_x9_57.x \ - asn1_id_dsa.x \ - asn1_id_dsa_with_sha1.x \ - asn1_id_x520_at.x \ - asn1_id_at_commonName.x \ - asn1_id_at_surname.x \ - asn1_id_at_serialNumber.x \ - asn1_id_at_countryName.x \ - asn1_id_at_localityName.x \ - asn1_id_at_streetAddress.x \ - asn1_id_at_stateOrProvinceName.x \ - asn1_id_at_organizationName.x \ - asn1_id_at_organizationalUnitName.x \ - asn1_id_at_name.x \ - asn1_id_at_givenName.x \ - asn1_id_at_initials.x \ - asn1_id_at_generationQualifier.x \ - asn1_id_at_pseudonym.x \ - asn1_id_Userid.x \ - asn1_id_domainComponent.x \ - asn1_id_x509_ce.x \ - asn1_id_uspkicommon_card_id.x \ - asn1_id_uspkicommon_piv_interim.x \ - asn1_id_netscape.x \ - asn1_id_netscape_cert_comment.x \ - asn1_id_ms_cert_enroll_domaincontroller.x \ - asn1_id_ms_client_authentication.x \ - asn1_AlgorithmIdentifier.x \ - asn1_AttributeType.x \ - asn1_AttributeValue.x \ - asn1_TeletexStringx.x \ - asn1_DirectoryString.x \ - asn1_Attribute.x \ - asn1_AttributeTypeAndValue.x \ - asn1_AuthorityInfoAccessSyntax.x \ - asn1_AccessDescription.x \ - asn1_RelativeDistinguishedName.x \ - asn1_RDNSequence.x \ - asn1_Name.x \ - asn1_CertificateSerialNumber.x \ - asn1_Time.x \ - asn1_Validity.x \ - asn1_UniqueIdentifier.x \ - asn1_SubjectPublicKeyInfo.x \ - asn1_Extension.x \ - asn1_Extensions.x \ - asn1_TBSCertificate.x \ - asn1_Certificate.x \ - asn1_Certificates.x \ - asn1_ValidationParms.x \ - asn1_DomainParameters.x \ - asn1_DHPublicKey.x \ - asn1_OtherName.x \ - asn1_GeneralName.x \ - asn1_GeneralNames.x \ - asn1_id_x509_ce_keyUsage.x \ - asn1_KeyUsage.x \ - asn1_id_x509_ce_authorityKeyIdentifier.x \ - asn1_KeyIdentifier.x \ - asn1_AuthorityKeyIdentifier.x \ - asn1_id_x509_ce_subjectKeyIdentifier.x \ - asn1_SubjectKeyIdentifier.x \ - asn1_id_x509_ce_basicConstraints.x \ - asn1_BasicConstraints.x \ - asn1_id_x509_ce_nameConstraints.x \ - asn1_BaseDistance.x \ - asn1_GeneralSubtree.x \ - asn1_GeneralSubtrees.x \ - asn1_NameConstraints.x \ - asn1_id_x509_ce_privateKeyUsagePeriod.x \ - asn1_id_x509_ce_certificatePolicies.x \ - asn1_id_x509_ce_policyMappings.x \ - asn1_id_x509_ce_subjectAltName.x \ - asn1_id_x509_ce_issuerAltName.x \ - asn1_id_x509_ce_subjectDirectoryAttributes.x \ - asn1_id_x509_ce_policyConstraints.x \ - asn1_id_x509_ce_extKeyUsage.x \ - asn1_ExtKeyUsage.x \ - asn1_id_x509_ce_cRLDistributionPoints.x \ - asn1_id_x509_ce_deltaCRLIndicator.x \ - asn1_id_x509_ce_issuingDistributionPoint.x \ - asn1_id_x509_ce_holdInstructionCode.x \ - asn1_id_x509_ce_invalidityDate.x \ - asn1_id_x509_ce_certificateIssuer.x \ - asn1_id_x509_ce_inhibitAnyPolicy.x \ - asn1_DistributionPointReasonFlags.x \ - asn1_DistributionPointName.x \ - asn1_DistributionPoint.x \ - asn1_CRLDistributionPoints.x \ - asn1_DSASigValue.x \ - asn1_DSAPublicKey.x \ - asn1_DSAParams.x \ - asn1_RSAPublicKey.x \ - asn1_RSAPrivateKey.x \ - asn1_DigestInfo.x \ - asn1_TBSCRLCertList.x \ - asn1_CRLCertificateList.x \ - asn1_id_x509_ce_cRLNumber.x \ - asn1_id_x509_ce_freshestCRL.x \ - asn1_id_x509_ce_cRLReason.x \ - asn1_CRLReason.x \ - asn1_PKIXXmppAddr.x \ - asn1_id_pkix.x \ - asn1_id_pkix_on.x \ - asn1_id_pkix_on_dnsSRV.x \ - asn1_id_pkix_on_xmppAddr.x \ - asn1_id_pkix_kp.x \ - asn1_id_pkix_kp_serverAuth.x \ - asn1_id_pkix_kp_clientAuth.x \ - asn1_id_pkix_kp_emailProtection.x \ - asn1_id_pkix_kp_timeStamping.x \ - asn1_id_pkix_kp_OCSPSigning.x \ - asn1_id_pkix_pe.x \ - asn1_id_pkix_pe_authorityInfoAccess.x \ - asn1_id_pkix_pe_proxyCertInfo.x \ - asn1_id_pkix_ppl.x \ - asn1_id_pkix_ppl_anyLanguage.x \ - asn1_id_pkix_ppl_inheritAll.x \ - asn1_id_pkix_ppl_independent.x \ - asn1_ProxyPolicy.x \ - asn1_ProxyCertInfo.x +libexec_heimdal_PROGRAMS = asn1_compile asn1_print -gen_files_pkinit = \ - asn1_id_pkinit.x \ - asn1_id_pkauthdata.x \ - asn1_id_pkdhkeydata.x \ - asn1_id_pkrkeydata.x \ - asn1_id_pkekuoid.x \ - asn1_id_pkkdcekuoid.x \ - asn1_id_pkinit_san.x \ - asn1_id_pkinit_ms_eku.x \ - asn1_id_pkinit_ms_san.x \ - asn1_MS_UPN_SAN.x \ - asn1_DHNonce.x \ - asn1_KDFAlgorithmId.x \ - asn1_TrustedCA.x \ - asn1_ExternalPrincipalIdentifier.x \ - asn1_ExternalPrincipalIdentifiers.x \ - asn1_PA_PK_AS_REQ.x \ - asn1_PKAuthenticator.x \ - asn1_AuthPack.x \ - asn1_TD_TRUSTED_CERTIFIERS.x \ - asn1_TD_INVALID_CERTIFICATES.x \ - asn1_KRB5PrincipalName.x \ - asn1_AD_INITIAL_VERIFIED_CAS.x \ - asn1_DHRepInfo.x \ - asn1_PA_PK_AS_REP.x \ - asn1_KDCDHKeyInfo.x \ - asn1_ReplyKeyPack.x \ - asn1_TD_DH_PARAMETERS.x \ - asn1_PKAuthenticator_Win2k.x \ - asn1_AuthPack_Win2k.x \ - asn1_TrustedCA_Win2k.x \ - asn1_PA_PK_AS_REQ_Win2k.x \ - asn1_PA_PK_AS_REP_Win2k.x \ - asn1_KDCDHKeyInfo_Win2k.x \ - asn1_ReplyKeyPack_Win2k.x \ - asn1_PkinitSuppPubInfo.x - -gen_files_pkcs12 = \ - asn1_id_pkcs_12.x \ - asn1_id_pkcs_12PbeIds.x \ - asn1_id_pbeWithSHAAnd128BitRC4.x \ - asn1_id_pbeWithSHAAnd40BitRC4.x \ - asn1_id_pbeWithSHAAnd3_KeyTripleDES_CBC.x \ - asn1_id_pbeWithSHAAnd2_KeyTripleDES_CBC.x \ - asn1_id_pbeWithSHAAnd128BitRC2_CBC.x \ - asn1_id_pbewithSHAAnd40BitRC2_CBC.x \ - asn1_id_pkcs12_bagtypes.x \ - asn1_id_pkcs12_keyBag.x \ - asn1_id_pkcs12_pkcs8ShroudedKeyBag.x \ - asn1_id_pkcs12_certBag.x \ - asn1_id_pkcs12_crlBag.x \ - asn1_id_pkcs12_secretBag.x \ - asn1_id_pkcs12_safeContentsBag.x \ - asn1_PKCS12_MacData.x \ - asn1_PKCS12_PFX.x \ - asn1_PKCS12_AuthenticatedSafe.x \ - asn1_PKCS12_CertBag.x \ - asn1_PKCS12_Attribute.x \ - asn1_PKCS12_Attributes.x \ - asn1_PKCS12_SafeBag.x \ - asn1_PKCS12_SafeContents.x \ - asn1_PKCS12_OctetString.x \ - asn1_PKCS12_PBEParams.x - -gen_files_pkcs8 = \ - asn1_PKCS8PrivateKeyAlgorithmIdentifier.x \ - asn1_PKCS8PrivateKey.x \ - asn1_PKCS8PrivateKeyInfo.x \ - asn1_PKCS8Attributes.x \ - asn1_PKCS8EncryptedPrivateKeyInfo.x \ - asn1_PKCS8EncryptedData.x - -gen_files_pkcs9 = \ - asn1_id_pkcs_9.x \ - asn1_id_pkcs9_contentType.x \ - asn1_id_pkcs9_emailAddress.x \ - asn1_id_pkcs9_messageDigest.x \ - asn1_id_pkcs9_signingTime.x \ - asn1_id_pkcs9_countersignature.x \ - asn1_id_pkcs_9_at_friendlyName.x \ - asn1_id_pkcs_9_at_localKeyId.x \ - asn1_id_pkcs_9_at_certTypes.x \ - asn1_id_pkcs_9_at_certTypes_x509.x \ - asn1_PKCS9_BMPString.x \ - asn1_PKCS9_friendlyName.x - -gen_files_test = \ - asn1_TESTAlloc.x \ - asn1_TESTAllocInner.x \ - asn1_TESTCONTAINING.x \ - asn1_TESTCONTAININGENCODEDBY.x \ - asn1_TESTCONTAININGENCODEDBY2.x \ - asn1_TESTChoice1.x \ - asn1_TESTChoice2.x \ - asn1_TESTDer.x \ - asn1_TESTENCODEDBY.x \ - asn1_TESTImplicit.x \ - asn1_TESTImplicit2.x \ - asn1_TESTInteger.x \ - asn1_TESTInteger2.x \ - asn1_TESTInteger3.x \ - asn1_TESTLargeTag.x \ - asn1_TESTSeq.x \ - asn1_TESTUSERCONSTRAINED.x \ - asn1_TESTSeqOf.x \ - asn1_TESTOSSize1.x \ - asn1_TESTSeqSizeOf1.x \ - asn1_TESTSeqSizeOf2.x \ - asn1_TESTSeqSizeOf3.x \ - asn1_TESTSeqSizeOf4.x - -gen_files_digest = \ - asn1_DigestError.x \ - asn1_DigestInit.x \ - asn1_DigestInitReply.x \ - asn1_DigestREP.x \ - asn1_DigestREQ.x \ - asn1_DigestRepInner.x \ - asn1_DigestReqInner.x \ - asn1_DigestRequest.x \ - asn1_DigestResponse.x \ - asn1_DigestTypes.x \ - asn1_NTLMInit.x \ - asn1_NTLMInitReply.x \ - asn1_NTLMRequest.x \ - asn1_NTLMResponse.x - -gen_files_kx509 = \ - asn1_Kx509Response.x \ - asn1_Kx509Request.x - -noinst_PROGRAMS = asn1_compile asn1_print asn1_gen - -TESTS = check-der check-gen check-timegm +TESTS = check-der check-gen check-timegm check-ber check-template check_PROGRAMS = $(TESTS) asn1_gen_SOURCES = asn1_gen.c asn1_print_SOURCES = asn1_print.c check_der_SOURCES = check-der.c check-common.c check-common.h +check_template_SOURCES = check-template.c check-common.c check-common.h +nodist_check_template_SOURCES = $(gen_files_test:.x=.c) + dist_check_gen_SOURCES = check-gen.c check-common.c check-common.h nodist_check_gen_SOURCES = $(gen_files_test:.x=.c) +build_HEADERZ = asn1-template.h + asn1_compile_SOURCES = \ - asn1-common.h \ asn1_queue.h \ + asn1parse.y \ der.h \ gen.c \ gen_copy.c \ @@ -467,17 +73,17 @@ asn1_compile_SOURCES = \ gen_length.c \ gen_locl.h \ gen_seq.c \ + gen_template.c \ hash.c \ hash.h \ lex.l \ lex.h \ main.c \ - parse.y \ + asn1-template.h \ symbol.c \ symbol.h -dist_libasn1_la_SOURCES = \ - der-protos.h \ +dist_libasn1base_la_SOURCES = \ der_locl.h \ der.c \ der.h \ @@ -490,27 +96,38 @@ dist_libasn1_la_SOURCES = \ der_format.c \ heim_asn1.h \ extra.c \ + template.c \ timegm.c +nodist_libasn1base_la_SOURCES = \ + asn1_err.h \ + asn1_err.c + nodist_libasn1_la_SOURCES = $(BUILT_SOURCES) asn1_compile_LDADD = \ $(LIB_roken) $(LEXLIB) check_der_LDADD = \ + libasn1base.la \ + $(LIB_roken) + +check_template_LDADD = $(check_der_LDADD) +asn1_print_LDADD = $(check_der_LDADD) $(LIB_com_err) +asn1_gen_LDADD = $(check_der_LDADD) +check_timegm_LDADD = $(check_der_LDADD) + +check_gen_LDADD = \ libasn1.la \ $(LIB_roken) -check_gen_LDADD = $(check_der_LDADD) -asn1_print_LDADD = $(check_der_LDADD) -asn1_gen_LDADD = $(check_der_LDADD) -check_timegm_LDADD = $(check_der_LDADD) +check_ber_LDADD = $(check_gen_LDADD) CLEANFILES = \ $(BUILT_SOURCES) \ $(gen_files_rfc2459) \ $(gen_files_cms) \ - $(gen_files_k5) \ + $(gen_files_krb5) \ $(gen_files_pkinit) \ $(gen_files_pkcs8) \ $(gen_files_pkcs9) \ @@ -518,18 +135,20 @@ CLEANFILES = \ $(gen_files_digest) \ $(gen_files_kx509) \ $(gen_files_test) $(nodist_check_gen_SOURCES) \ - rfc2459_asn1_files rfc2459_asn1.h \ - cms_asn1_files cms_asn1.h \ - krb5_asn1_files krb5_asn1.h \ - pkinit_asn1_files pkinit_asn1.h \ - pkcs8_asn1_files pkcs8_asn1.h \ - pkcs9_asn1_files pkcs9_asn1.h \ - pkcs12_asn1_files pkcs12_asn1.h \ - digest_asn1_files digest_asn1.h \ - kx509_asn1_files kx509_asn1.h \ - test_asn1_files test_asn1.h + asn1_err.c asn1_err.h \ + rfc2459_asn1_files rfc2459_asn1*.h* \ + cms_asn1_files cms_asn1*.h* \ + krb5_asn1_files krb5_asn1*.h* \ + pkinit_asn1_files pkinit_asn1*.h* \ + pkcs8_asn1_files pkcs8_asn1*.h* \ + pkcs9_asn1_files pkcs9_asn1*.h* \ + pkcs12_asn1_files pkcs12_asn1*.h* \ + digest_asn1_files digest_asn1*.h* \ + kx509_asn1_files kx509_asn1*.h* \ + test_asn1_files test_asn1*.h* -dist_include_HEADERS = der.h heim_asn1.h der-protos.h +dist_include_HEADERS = der.h heim_asn1.h der-protos.h der-private.h +dist_include_HEADERS += asn1-common.h nodist_include_HEADERS = asn1_err.h nodist_include_HEADERS += krb5_asn1.h @@ -542,69 +161,94 @@ nodist_include_HEADERS += pkcs12_asn1.h nodist_include_HEADERS += digest_asn1.h nodist_include_HEADERS += kx509_asn1.h -$(asn1_compile_OBJECTS): parse.h parse.c $(srcdir)/der-protos.h -$(libasn1_la_OBJECTS): krb5_asn1.h asn1_err.h $(srcdir)/der-protos.h +priv_headers = krb5_asn1-priv.h +priv_headers += pkinit_asn1-priv.h +priv_headers += cms_asn1-priv.h +priv_headers += rfc2459_asn1-priv.h +priv_headers += pkcs8_asn1-priv.h +priv_headers += pkcs9_asn1-priv.h +priv_headers += pkcs12_asn1-priv.h +priv_headers += digest_asn1-priv.h +priv_headers += kx509_asn1-priv.h +priv_headers += test_asn1.h test_asn1-priv.h + + + +$(asn1_compile_OBJECTS): asn1parse.h asn1parse.c $(srcdir)/der-protos.h $(srcdir)/der-private.h +$(libasn1_la_OBJECTS): $(nodist_include_HEADERS) $(priv_headers) asn1_err.h $(srcdir)/der-protos.h $(srcdir)/der-private.h +$(libasn1base_la_OBJECTS): asn1_err.h $(srcdir)/der-protos.h $(srcdir)/der-private.h $(check_gen_OBJECTS): test_asn1.h +$(check_template_OBJECTS): test_asn1_files $(asn1_print_OBJECTS): krb5_asn1.h -parse.h: parse.c +asn1parse.h: asn1parse.c -$(gen_files_k5) krb5_asn1.h: krb5_asn1_files -$(gen_files_pkinit) pkinit_asn1.h: pkinit_asn1_files -$(gen_files_pkcs8) pkcs8_asn1.h: pkcs8_asn1_files -$(gen_files_pkcs9) pkcs9_asn1.h: pkcs9_asn1_files -$(gen_files_pkcs12) pkcs12_asn1.h: pkcs12_asn1_files -$(gen_files_digest) digest_asn1.h: digest_asn1_files -$(gen_files_kx509) kx509_asn1.h: kx509_asn1_files -$(gen_files_rfc2459) rfc2459_asn1.h: rfc2459_asn1_files -$(gen_files_cms) cms_asn1.h: cms_asn1_files -$(gen_files_test) test_asn1.h: test_asn1_files +$(gen_files_krb5) krb5_asn1.hx krb5_asn1-priv.hx: krb5_asn1_files +$(gen_files_pkinit) pkinit_asn1.hx pkinit_asn1-priv.hx: pkinit_asn1_files +$(gen_files_pkcs8) pkcs8_asn1.hx pkcs8_asn1-priv.hx: pkcs8_asn1_files +$(gen_files_pkcs9) pkcs9_asn1.hx pkcs9_asn1-priv.hx: pkcs9_asn1_files +$(gen_files_pkcs12) pkcs12_asn1.hx pkcs12_asn1-priv.hx: pkcs12_asn1_files +$(gen_files_digest) digest_asn1.hx digest_asn1-priv.hx: digest_asn1_files +$(gen_files_kx509) kx509_asn1.hx kx509_asn1-priv.hx: kx509_asn1_files +$(gen_files_rfc2459) rfc2459_asn1.hx rfc2459_asn1-priv.hx: rfc2459_asn1_files +$(gen_files_cms) cms_asn1.hx cms_asn1-priv.hx: cms_asn1_files +$(gen_files_test) test_asn1.hx test_asn1-priv.hx: test_asn1_files rfc2459_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/rfc2459.asn1 - ./asn1_compile$(EXEEXT) --preserve-binary=TBSCertificate --preserve-binary=TBSCRLCertList --preserve-binary=Name --sequence=GeneralNames --sequence=Extensions --sequence=CRLDistributionPoints $(srcdir)/rfc2459.asn1 rfc2459_asn1 || (rm -f rfc2459_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file --preserve-binary=TBSCertificate --preserve-binary=TBSCRLCertList --preserve-binary=Name --sequence=GeneralNames --sequence=Extensions --sequence=CRLDistributionPoints $(srcdir)/rfc2459.asn1 rfc2459_asn1 || (rm -f rfc2459_asn1_files ; exit 1) -cms_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/CMS.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/CMS.asn1 cms_asn1 || (rm -f cms_asn1_files ; exit 1) +cms_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/cms.asn1 $(srcdir)/cms.opt + $(ASN1_COMPILE) --one-code-file --option-file=$(srcdir)/cms.opt $(srcdir)/cms.asn1 cms_asn1 || (rm -f cms_asn1_files ; exit 1) -krb5_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/k5.asn1 - ./asn1_compile$(EXEEXT) --encode-rfc1510-bit-string --sequence=KRB5SignedPathPrincipals --sequence=AuthorizationData --sequence=METHOD-DATA --sequence=ETYPE-INFO --sequence=ETYPE-INFO2 $(srcdir)/k5.asn1 krb5_asn1 || (rm -f krb5_asn1_files ; exit 1) +krb5_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/krb5.asn1 $(srcdir)/krb5.opt + $(ASN1_COMPILE) --one-code-file --option-file=$(srcdir)/krb5.opt $(srcdir)/krb5.asn1 krb5_asn1 || (rm -f krb5_asn1_files ; exit 1) pkinit_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkinit.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkinit.asn1 pkinit_asn1 || (rm -f pkinit_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file $(srcdir)/pkinit.asn1 pkinit_asn1 || (rm -f pkinit_asn1_files ; exit 1) pkcs8_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs8.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkcs8.asn1 pkcs8_asn1 || (rm -f pkcs8_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file $(srcdir)/pkcs8.asn1 pkcs8_asn1 || (rm -f pkcs8_asn1_files ; exit 1) pkcs9_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs9.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkcs9.asn1 pkcs9_asn1 || (rm -f pkcs9_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file $(srcdir)/pkcs9.asn1 pkcs9_asn1 || (rm -f pkcs9_asn1_files ; exit 1) pkcs12_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs12.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkcs12.asn1 pkcs12_asn1 || (rm -f pkcs12_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file $(srcdir)/pkcs12.asn1 pkcs12_asn1 || (rm -f pkcs12_asn1_files ; exit 1) digest_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/digest.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/digest.asn1 digest_asn1 || (rm -f digest_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file $(srcdir)/digest.asn1 digest_asn1 || (rm -f digest_asn1_files ; exit 1) kx509_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/kx509.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/kx509.asn1 kx509_asn1 || (rm -f kx509_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file $(srcdir)/kx509.asn1 kx509_asn1 || (rm -f kx509_asn1_files ; exit 1) test_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/test.asn1 - ./asn1_compile$(EXEEXT) --sequence=TESTSeqOf $(srcdir)/test.asn1 test_asn1 || (rm -f test_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file --sequence=TESTSeqOf $(srcdir)/test.asn1 test_asn1 || (rm -f test_asn1_files ; exit 1) + EXTRA_DIST = \ + NTMakefile \ + asn1_compile-version.rc \ + libasn1-exports.def \ + cms.asn1 \ + cms.opt \ asn1_err.et \ canthandle.asn1 \ - CMS.asn1 \ digest.asn1 \ - k5.asn1 \ + krb5.asn1 \ + krb5.opt \ kx509.asn1 \ - test.asn1 \ - setchgpw2.asn1 \ pkcs12.asn1 \ pkcs8.asn1 \ pkcs9.asn1 \ pkinit.asn1 \ rfc2459.asn1 \ - test.gen + setchgpw2.asn1 \ + test.asn1 \ + test.gen \ + version-script.map $(srcdir)/der-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o der-protos.h $(dist_libasn1_la_SOURCES) || rm -f der-protos.h + cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o der-protos.h $(dist_libasn1base_la_SOURCES) || rm -f der-protos.h + +$(srcdir)/der-private.h: + cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p der-private.h $(dist_libasn1base_la_SOURCES) || rm -f der-private.h diff --git a/lib/asn1/Makefile.in b/lib/asn1/Makefile.in index 0a3783a9b601..ab377b3090f2 100644 --- a/lib/asn1/Makefile.in +++ b/lib/asn1/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,18 +15,19 @@ @SET_MAKE@ -# $Id: Makefile.am 22445 2008-01-14 21:23:36Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -42,16 +44,18 @@ build_triplet = @build@ host_triplet = @host@ DIST_COMMON = $(dist_include_HEADERS) $(srcdir)/Makefile.am \ $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog lex.c parse.c \ - parse.h -noinst_PROGRAMS = asn1_compile$(EXEEXT) asn1_print$(EXEEXT) \ - asn1_gen$(EXEEXT) -TESTS = check-der$(EXEEXT) check-gen$(EXEEXT) check-timegm$(EXEEXT) + $(top_srcdir)/cf/Makefile.am.common ChangeLog asn1parse.c \ + asn1parse.h lex.c +@versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map +noinst_PROGRAMS = asn1_gen$(EXEEXT) +libexec_heimdal_PROGRAMS = asn1_compile$(EXEEXT) asn1_print$(EXEEXT) +TESTS = check-der$(EXEEXT) check-gen$(EXEEXT) check-timegm$(EXEEXT) \ + check-ber$(EXEEXT) check-template$(EXEEXT) check_PROGRAMS = $(am__EXEEXT_1) subdir = lib/asn1 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -66,7 +70,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -80,9 +84,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -90,281 +97,108 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" \ +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__installdirs = "$(DESTDIR)$(libdir)" \ + "$(DESTDIR)$(libexec_heimdaldir)" "$(DESTDIR)$(includedir)" \ "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) +LTLIBRARIES = $(lib_LTLIBRARIES) $(noinst_LTLIBRARIES) am__DEPENDENCIES_1 = -libasn1_la_DEPENDENCIES = $(am__DEPENDENCIES_1) -dist_libasn1_la_OBJECTS = der.lo der_get.lo der_put.lo der_free.lo \ - der_length.lo der_copy.lo der_cmp.lo der_format.lo extra.lo \ - timegm.lo -am__objects_1 = asn1_Version.lo asn1_id_pkcs_1.lo \ - asn1_id_pkcs1_rsaEncryption.lo \ - asn1_id_pkcs1_md2WithRSAEncryption.lo \ - asn1_id_pkcs1_md5WithRSAEncryption.lo \ - asn1_id_pkcs1_sha1WithRSAEncryption.lo \ - asn1_id_pkcs1_sha256WithRSAEncryption.lo \ - asn1_id_pkcs1_sha384WithRSAEncryption.lo \ - asn1_id_pkcs1_sha512WithRSAEncryption.lo \ - asn1_id_heim_rsa_pkcs1_x509.lo asn1_id_pkcs_2.lo \ - asn1_id_pkcs2_md2.lo asn1_id_pkcs2_md4.lo asn1_id_pkcs2_md5.lo \ - asn1_id_rsa_digestAlgorithm.lo asn1_id_rsa_digest_md2.lo \ - asn1_id_rsa_digest_md4.lo asn1_id_rsa_digest_md5.lo \ - asn1_id_pkcs_3.lo asn1_id_pkcs3_rc2_cbc.lo \ - asn1_id_pkcs3_rc4.lo asn1_id_pkcs3_des_ede3_cbc.lo \ - asn1_id_rsadsi_encalg.lo asn1_id_rsadsi_rc2_cbc.lo \ - asn1_id_rsadsi_des_ede3_cbc.lo asn1_id_secsig_sha_1.lo \ - asn1_id_nistAlgorithm.lo asn1_id_nist_aes_algs.lo \ - asn1_id_aes_128_cbc.lo asn1_id_aes_192_cbc.lo \ - asn1_id_aes_256_cbc.lo asn1_id_nist_sha_algs.lo \ - asn1_id_sha256.lo asn1_id_sha224.lo asn1_id_sha384.lo \ - asn1_id_sha512.lo asn1_id_dhpublicnumber.lo asn1_id_x9_57.lo \ - asn1_id_dsa.lo asn1_id_dsa_with_sha1.lo asn1_id_x520_at.lo \ - asn1_id_at_commonName.lo asn1_id_at_surname.lo \ - asn1_id_at_serialNumber.lo asn1_id_at_countryName.lo \ - asn1_id_at_localityName.lo asn1_id_at_streetAddress.lo \ - asn1_id_at_stateOrProvinceName.lo \ - asn1_id_at_organizationName.lo \ - asn1_id_at_organizationalUnitName.lo asn1_id_at_name.lo \ - asn1_id_at_givenName.lo asn1_id_at_initials.lo \ - asn1_id_at_generationQualifier.lo asn1_id_at_pseudonym.lo \ - asn1_id_Userid.lo asn1_id_domainComponent.lo \ - asn1_id_x509_ce.lo asn1_id_uspkicommon_card_id.lo \ - asn1_id_uspkicommon_piv_interim.lo asn1_id_netscape.lo \ - asn1_id_netscape_cert_comment.lo \ - asn1_id_ms_cert_enroll_domaincontroller.lo \ - asn1_id_ms_client_authentication.lo \ - asn1_AlgorithmIdentifier.lo asn1_AttributeType.lo \ - asn1_AttributeValue.lo asn1_TeletexStringx.lo \ - asn1_DirectoryString.lo asn1_Attribute.lo \ - asn1_AttributeTypeAndValue.lo \ - asn1_AuthorityInfoAccessSyntax.lo asn1_AccessDescription.lo \ - asn1_RelativeDistinguishedName.lo asn1_RDNSequence.lo \ - asn1_Name.lo asn1_CertificateSerialNumber.lo asn1_Time.lo \ - asn1_Validity.lo asn1_UniqueIdentifier.lo \ - asn1_SubjectPublicKeyInfo.lo asn1_Extension.lo \ - asn1_Extensions.lo asn1_TBSCertificate.lo asn1_Certificate.lo \ - asn1_Certificates.lo asn1_ValidationParms.lo \ - asn1_DomainParameters.lo asn1_DHPublicKey.lo asn1_OtherName.lo \ - asn1_GeneralName.lo asn1_GeneralNames.lo \ - asn1_id_x509_ce_keyUsage.lo asn1_KeyUsage.lo \ - asn1_id_x509_ce_authorityKeyIdentifier.lo \ - asn1_KeyIdentifier.lo asn1_AuthorityKeyIdentifier.lo \ - asn1_id_x509_ce_subjectKeyIdentifier.lo \ - asn1_SubjectKeyIdentifier.lo \ - asn1_id_x509_ce_basicConstraints.lo asn1_BasicConstraints.lo \ - asn1_id_x509_ce_nameConstraints.lo asn1_BaseDistance.lo \ - asn1_GeneralSubtree.lo asn1_GeneralSubtrees.lo \ - asn1_NameConstraints.lo \ - asn1_id_x509_ce_privateKeyUsagePeriod.lo \ - asn1_id_x509_ce_certificatePolicies.lo \ - asn1_id_x509_ce_policyMappings.lo \ - asn1_id_x509_ce_subjectAltName.lo \ - asn1_id_x509_ce_issuerAltName.lo \ - asn1_id_x509_ce_subjectDirectoryAttributes.lo \ - asn1_id_x509_ce_policyConstraints.lo \ - asn1_id_x509_ce_extKeyUsage.lo asn1_ExtKeyUsage.lo \ - asn1_id_x509_ce_cRLDistributionPoints.lo \ - asn1_id_x509_ce_deltaCRLIndicator.lo \ - asn1_id_x509_ce_issuingDistributionPoint.lo \ - asn1_id_x509_ce_holdInstructionCode.lo \ - asn1_id_x509_ce_invalidityDate.lo \ - asn1_id_x509_ce_certificateIssuer.lo \ - asn1_id_x509_ce_inhibitAnyPolicy.lo \ - asn1_DistributionPointReasonFlags.lo \ - asn1_DistributionPointName.lo asn1_DistributionPoint.lo \ - asn1_CRLDistributionPoints.lo asn1_DSASigValue.lo \ - asn1_DSAPublicKey.lo asn1_DSAParams.lo asn1_RSAPublicKey.lo \ - asn1_RSAPrivateKey.lo asn1_DigestInfo.lo \ - asn1_TBSCRLCertList.lo asn1_CRLCertificateList.lo \ - asn1_id_x509_ce_cRLNumber.lo asn1_id_x509_ce_freshestCRL.lo \ - asn1_id_x509_ce_cRLReason.lo asn1_CRLReason.lo \ - asn1_PKIXXmppAddr.lo asn1_id_pkix.lo asn1_id_pkix_on.lo \ - asn1_id_pkix_on_dnsSRV.lo asn1_id_pkix_on_xmppAddr.lo \ - asn1_id_pkix_kp.lo asn1_id_pkix_kp_serverAuth.lo \ - asn1_id_pkix_kp_clientAuth.lo \ - asn1_id_pkix_kp_emailProtection.lo \ - asn1_id_pkix_kp_timeStamping.lo asn1_id_pkix_kp_OCSPSigning.lo \ - asn1_id_pkix_pe.lo asn1_id_pkix_pe_authorityInfoAccess.lo \ - asn1_id_pkix_pe_proxyCertInfo.lo asn1_id_pkix_ppl.lo \ - asn1_id_pkix_ppl_anyLanguage.lo asn1_id_pkix_ppl_inheritAll.lo \ - asn1_id_pkix_ppl_independent.lo asn1_ProxyPolicy.lo \ - asn1_ProxyCertInfo.lo -am__objects_2 = asn1_CMSAttributes.lo asn1_CMSCBCParameter.lo \ - asn1_CMSEncryptedData.lo asn1_CMSIdentifier.lo \ - asn1_CMSRC2CBCParameter.lo asn1_CMSVersion.lo \ - asn1_CertificateList.lo asn1_CertificateRevocationLists.lo \ - asn1_CertificateSet.lo \ - asn1_ContentEncryptionAlgorithmIdentifier.lo \ - asn1_ContentInfo.lo asn1_ContentType.lo \ - asn1_DigestAlgorithmIdentifier.lo \ - asn1_DigestAlgorithmIdentifiers.lo \ - asn1_EncapsulatedContentInfo.lo asn1_EncryptedContent.lo \ - asn1_EncryptedContentInfo.lo asn1_EncryptedKey.lo \ - asn1_EnvelopedData.lo asn1_IssuerAndSerialNumber.lo \ - asn1_KeyEncryptionAlgorithmIdentifier.lo \ - asn1_KeyTransRecipientInfo.lo asn1_MessageDigest.lo \ - asn1_OriginatorInfo.lo asn1_RecipientIdentifier.lo \ - asn1_RecipientInfo.lo asn1_RecipientInfos.lo \ - asn1_SignatureAlgorithmIdentifier.lo asn1_SignatureValue.lo \ - asn1_SignedData.lo asn1_SignerIdentifier.lo asn1_SignerInfo.lo \ - asn1_SignerInfos.lo asn1_id_pkcs7.lo asn1_id_pkcs7_data.lo \ - asn1_id_pkcs7_digestedData.lo asn1_id_pkcs7_encryptedData.lo \ - asn1_id_pkcs7_envelopedData.lo \ - asn1_id_pkcs7_signedAndEnvelopedData.lo \ - asn1_id_pkcs7_signedData.lo asn1_UnprotectedAttributes.lo -am__objects_3 = asn1_AD_AND_OR.lo asn1_AD_IF_RELEVANT.lo \ - asn1_AD_KDCIssued.lo asn1_AD_MANDATORY_FOR_KDC.lo \ - asn1_AD_LoginAlias.lo asn1_APOptions.lo asn1_AP_REP.lo \ - asn1_AP_REQ.lo asn1_AS_REP.lo asn1_AS_REQ.lo \ - asn1_AUTHDATA_TYPE.lo asn1_Authenticator.lo \ - asn1_AuthorizationData.lo asn1_AuthorizationDataElement.lo \ - asn1_CKSUMTYPE.lo asn1_ChangePasswdDataMS.lo asn1_Checksum.lo \ - asn1_ENCTYPE.lo asn1_ETYPE_INFO.lo asn1_ETYPE_INFO2.lo \ - asn1_ETYPE_INFO2_ENTRY.lo asn1_ETYPE_INFO_ENTRY.lo \ - asn1_EncAPRepPart.lo asn1_EncASRepPart.lo \ - asn1_EncKDCRepPart.lo asn1_EncKrbCredPart.lo \ - asn1_EncKrbPrivPart.lo asn1_EncTGSRepPart.lo \ - asn1_EncTicketPart.lo asn1_EncryptedData.lo \ - asn1_EncryptionKey.lo asn1_EtypeList.lo asn1_HostAddress.lo \ - asn1_HostAddresses.lo asn1_KDCOptions.lo asn1_KDC_REP.lo \ - asn1_KDC_REQ.lo asn1_KDC_REQ_BODY.lo asn1_KRB_CRED.lo \ - asn1_KRB_ERROR.lo asn1_KRB_PRIV.lo asn1_KRB_SAFE.lo \ - asn1_KRB_SAFE_BODY.lo asn1_KerberosString.lo \ - asn1_KerberosTime.lo asn1_KrbCredInfo.lo asn1_LR_TYPE.lo \ - asn1_LastReq.lo asn1_MESSAGE_TYPE.lo asn1_METHOD_DATA.lo \ - asn1_NAME_TYPE.lo asn1_PADATA_TYPE.lo asn1_PA_DATA.lo \ - asn1_PA_ENC_SAM_RESPONSE_ENC.lo asn1_PA_ENC_TS_ENC.lo \ - asn1_PA_PAC_REQUEST.lo asn1_PA_S4U2Self.lo \ - asn1_PA_SAM_CHALLENGE_2.lo asn1_PA_SAM_CHALLENGE_2_BODY.lo \ - asn1_PA_SAM_REDIRECT.lo asn1_PA_SAM_RESPONSE_2.lo \ - asn1_PA_SAM_TYPE.lo asn1_PA_ClientCanonicalized.lo \ - asn1_PA_ClientCanonicalizedNames.lo asn1_PA_SvrReferralData.lo \ - asn1_PROV_SRV_LOCATION.lo asn1_Principal.lo \ - asn1_PrincipalName.lo asn1_Realm.lo asn1_SAMFlags.lo \ - asn1_TGS_REP.lo asn1_TGS_REQ.lo asn1_TYPED_DATA.lo \ - asn1_Ticket.lo asn1_TicketFlags.lo asn1_TransitedEncoding.lo \ - asn1_TypedData.lo asn1_krb5int32.lo asn1_krb5uint32.lo \ - asn1_KRB5SignedPathData.lo asn1_KRB5SignedPathPrincipals.lo \ - asn1_KRB5SignedPath.lo -am__objects_4 = asn1_id_pkinit.lo asn1_id_pkauthdata.lo \ - asn1_id_pkdhkeydata.lo asn1_id_pkrkeydata.lo \ - asn1_id_pkekuoid.lo asn1_id_pkkdcekuoid.lo \ - asn1_id_pkinit_san.lo asn1_id_pkinit_ms_eku.lo \ - asn1_id_pkinit_ms_san.lo asn1_MS_UPN_SAN.lo asn1_DHNonce.lo \ - asn1_KDFAlgorithmId.lo asn1_TrustedCA.lo \ - asn1_ExternalPrincipalIdentifier.lo \ - asn1_ExternalPrincipalIdentifiers.lo asn1_PA_PK_AS_REQ.lo \ - asn1_PKAuthenticator.lo asn1_AuthPack.lo \ - asn1_TD_TRUSTED_CERTIFIERS.lo asn1_TD_INVALID_CERTIFICATES.lo \ - asn1_KRB5PrincipalName.lo asn1_AD_INITIAL_VERIFIED_CAS.lo \ - asn1_DHRepInfo.lo asn1_PA_PK_AS_REP.lo asn1_KDCDHKeyInfo.lo \ - asn1_ReplyKeyPack.lo asn1_TD_DH_PARAMETERS.lo \ - asn1_PKAuthenticator_Win2k.lo asn1_AuthPack_Win2k.lo \ - asn1_TrustedCA_Win2k.lo asn1_PA_PK_AS_REQ_Win2k.lo \ - asn1_PA_PK_AS_REP_Win2k.lo asn1_KDCDHKeyInfo_Win2k.lo \ - asn1_ReplyKeyPack_Win2k.lo asn1_PkinitSuppPubInfo.lo -am__objects_5 = asn1_PKCS8PrivateKeyAlgorithmIdentifier.lo \ - asn1_PKCS8PrivateKey.lo asn1_PKCS8PrivateKeyInfo.lo \ - asn1_PKCS8Attributes.lo asn1_PKCS8EncryptedPrivateKeyInfo.lo \ - asn1_PKCS8EncryptedData.lo -am__objects_6 = asn1_id_pkcs_9.lo asn1_id_pkcs9_contentType.lo \ - asn1_id_pkcs9_emailAddress.lo asn1_id_pkcs9_messageDigest.lo \ - asn1_id_pkcs9_signingTime.lo asn1_id_pkcs9_countersignature.lo \ - asn1_id_pkcs_9_at_friendlyName.lo \ - asn1_id_pkcs_9_at_localKeyId.lo asn1_id_pkcs_9_at_certTypes.lo \ - asn1_id_pkcs_9_at_certTypes_x509.lo asn1_PKCS9_BMPString.lo \ - asn1_PKCS9_friendlyName.lo -am__objects_7 = asn1_id_pkcs_12.lo asn1_id_pkcs_12PbeIds.lo \ - asn1_id_pbeWithSHAAnd128BitRC4.lo \ - asn1_id_pbeWithSHAAnd40BitRC4.lo \ - asn1_id_pbeWithSHAAnd3_KeyTripleDES_CBC.lo \ - asn1_id_pbeWithSHAAnd2_KeyTripleDES_CBC.lo \ - asn1_id_pbeWithSHAAnd128BitRC2_CBC.lo \ - asn1_id_pbewithSHAAnd40BitRC2_CBC.lo \ - asn1_id_pkcs12_bagtypes.lo asn1_id_pkcs12_keyBag.lo \ - asn1_id_pkcs12_pkcs8ShroudedKeyBag.lo \ - asn1_id_pkcs12_certBag.lo asn1_id_pkcs12_crlBag.lo \ - asn1_id_pkcs12_secretBag.lo asn1_id_pkcs12_safeContentsBag.lo \ - asn1_PKCS12_MacData.lo asn1_PKCS12_PFX.lo \ - asn1_PKCS12_AuthenticatedSafe.lo asn1_PKCS12_CertBag.lo \ - asn1_PKCS12_Attribute.lo asn1_PKCS12_Attributes.lo \ - asn1_PKCS12_SafeBag.lo asn1_PKCS12_SafeContents.lo \ - asn1_PKCS12_OctetString.lo asn1_PKCS12_PBEParams.lo -am__objects_8 = asn1_DigestError.lo asn1_DigestInit.lo \ - asn1_DigestInitReply.lo asn1_DigestREP.lo asn1_DigestREQ.lo \ - asn1_DigestRepInner.lo asn1_DigestReqInner.lo \ - asn1_DigestRequest.lo asn1_DigestResponse.lo \ - asn1_DigestTypes.lo asn1_NTLMInit.lo asn1_NTLMInitReply.lo \ - asn1_NTLMRequest.lo asn1_NTLMResponse.lo -am__objects_9 = asn1_Kx509Response.lo asn1_Kx509Request.lo +libasn1_la_DEPENDENCIES = libasn1base.la $(am__DEPENDENCIES_1) +am__objects_1 = asn1_rfc2459_asn1.lo +am__objects_2 = asn1_cms_asn1.lo +am__objects_3 = asn1_krb5_asn1.lo +am__objects_4 = asn1_pkinit_asn1.lo +am__objects_5 = asn1_pkcs8_asn1.lo +am__objects_6 = asn1_pkcs9_asn1.lo +am__objects_7 = asn1_pkcs12_asn1.lo +am__objects_8 = asn1_digest_asn1.lo +am__objects_9 = asn1_kx509_asn1.lo am__objects_10 = $(am__objects_1) $(am__objects_2) $(am__objects_3) \ $(am__objects_4) $(am__objects_5) $(am__objects_6) \ - $(am__objects_7) $(am__objects_8) $(am__objects_9) asn1_err.lo + $(am__objects_7) $(am__objects_8) $(am__objects_9) nodist_libasn1_la_OBJECTS = $(am__objects_10) -libasn1_la_OBJECTS = $(dist_libasn1_la_OBJECTS) \ - $(nodist_libasn1_la_OBJECTS) +libasn1_la_OBJECTS = $(nodist_libasn1_la_OBJECTS) libasn1_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libasn1_la_LDFLAGS) $(LDFLAGS) -o $@ +libasn1base_la_LIBADD = +dist_libasn1base_la_OBJECTS = der.lo der_get.lo der_put.lo der_free.lo \ + der_length.lo der_copy.lo der_cmp.lo der_format.lo extra.lo \ + template.lo timegm.lo +nodist_libasn1base_la_OBJECTS = asn1_err.lo +libasn1base_la_OBJECTS = $(dist_libasn1base_la_OBJECTS) \ + $(nodist_libasn1base_la_OBJECTS) am__EXEEXT_1 = check-der$(EXEEXT) check-gen$(EXEEXT) \ - check-timegm$(EXEEXT) -PROGRAMS = $(noinst_PROGRAMS) -am_asn1_compile_OBJECTS = gen.$(OBJEXT) gen_copy.$(OBJEXT) \ - gen_decode.$(OBJEXT) gen_encode.$(OBJEXT) gen_free.$(OBJEXT) \ - gen_glue.$(OBJEXT) gen_length.$(OBJEXT) gen_seq.$(OBJEXT) \ - hash.$(OBJEXT) lex.$(OBJEXT) main.$(OBJEXT) parse.$(OBJEXT) \ - symbol.$(OBJEXT) + check-timegm$(EXEEXT) check-ber$(EXEEXT) \ + check-template$(EXEEXT) +PROGRAMS = $(libexec_heimdal_PROGRAMS) $(noinst_PROGRAMS) +am_asn1_compile_OBJECTS = asn1parse.$(OBJEXT) gen.$(OBJEXT) \ + gen_copy.$(OBJEXT) gen_decode.$(OBJEXT) gen_encode.$(OBJEXT) \ + gen_free.$(OBJEXT) gen_glue.$(OBJEXT) gen_length.$(OBJEXT) \ + gen_seq.$(OBJEXT) gen_template.$(OBJEXT) hash.$(OBJEXT) \ + lex.$(OBJEXT) main.$(OBJEXT) symbol.$(OBJEXT) asn1_compile_OBJECTS = $(am_asn1_compile_OBJECTS) asn1_compile_DEPENDENCIES = $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) am_asn1_gen_OBJECTS = asn1_gen.$(OBJEXT) asn1_gen_OBJECTS = $(am_asn1_gen_OBJECTS) -am__DEPENDENCIES_2 = libasn1.la $(am__DEPENDENCIES_1) +am__DEPENDENCIES_2 = libasn1base.la $(am__DEPENDENCIES_1) asn1_gen_DEPENDENCIES = $(am__DEPENDENCIES_2) am_asn1_print_OBJECTS = asn1_print.$(OBJEXT) asn1_print_OBJECTS = $(am_asn1_print_OBJECTS) -asn1_print_DEPENDENCIES = $(am__DEPENDENCIES_2) +asn1_print_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) +check_ber_SOURCES = check-ber.c +check_ber_OBJECTS = check-ber.$(OBJEXT) +am__DEPENDENCIES_3 = libasn1.la $(am__DEPENDENCIES_1) +check_ber_DEPENDENCIES = $(am__DEPENDENCIES_3) am_check_der_OBJECTS = check-der.$(OBJEXT) check-common.$(OBJEXT) check_der_OBJECTS = $(am_check_der_OBJECTS) -check_der_DEPENDENCIES = libasn1.la $(am__DEPENDENCIES_1) +check_der_DEPENDENCIES = libasn1base.la $(am__DEPENDENCIES_1) dist_check_gen_OBJECTS = check-gen.$(OBJEXT) check-common.$(OBJEXT) -am__objects_11 = asn1_TESTAlloc.$(OBJEXT) \ - asn1_TESTAllocInner.$(OBJEXT) asn1_TESTCONTAINING.$(OBJEXT) \ - asn1_TESTCONTAININGENCODEDBY.$(OBJEXT) \ - asn1_TESTCONTAININGENCODEDBY2.$(OBJEXT) \ - asn1_TESTChoice1.$(OBJEXT) asn1_TESTChoice2.$(OBJEXT) \ - asn1_TESTDer.$(OBJEXT) asn1_TESTENCODEDBY.$(OBJEXT) \ - asn1_TESTImplicit.$(OBJEXT) asn1_TESTImplicit2.$(OBJEXT) \ - asn1_TESTInteger.$(OBJEXT) asn1_TESTInteger2.$(OBJEXT) \ - asn1_TESTInteger3.$(OBJEXT) asn1_TESTLargeTag.$(OBJEXT) \ - asn1_TESTSeq.$(OBJEXT) asn1_TESTUSERCONSTRAINED.$(OBJEXT) \ - asn1_TESTSeqOf.$(OBJEXT) asn1_TESTOSSize1.$(OBJEXT) \ - asn1_TESTSeqSizeOf1.$(OBJEXT) asn1_TESTSeqSizeOf2.$(OBJEXT) \ - asn1_TESTSeqSizeOf3.$(OBJEXT) asn1_TESTSeqSizeOf4.$(OBJEXT) +am__objects_11 = asn1_test_asn1.$(OBJEXT) nodist_check_gen_OBJECTS = $(am__objects_11) check_gen_OBJECTS = $(dist_check_gen_OBJECTS) \ $(nodist_check_gen_OBJECTS) -check_gen_DEPENDENCIES = $(am__DEPENDENCIES_2) +check_gen_DEPENDENCIES = libasn1.la $(am__DEPENDENCIES_1) +am_check_template_OBJECTS = check-template.$(OBJEXT) \ + check-common.$(OBJEXT) +nodist_check_template_OBJECTS = $(am__objects_11) +check_template_OBJECTS = $(am_check_template_OBJECTS) \ + $(nodist_check_template_OBJECTS) +check_template_DEPENDENCIES = $(am__DEPENDENCIES_2) check_timegm_SOURCES = check-timegm.c check_timegm_OBJECTS = check-timegm.$(OBJEXT) check_timegm_DEPENDENCIES = $(am__DEPENDENCIES_2) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -383,67 +217,78 @@ YLWRAP = $(top_srcdir)/ylwrap YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS) LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=compile $(YACC) $(YFLAGS) $(AM_YFLAGS) -SOURCES = $(dist_libasn1_la_SOURCES) $(nodist_libasn1_la_SOURCES) \ - $(asn1_compile_SOURCES) $(asn1_gen_SOURCES) \ - $(asn1_print_SOURCES) $(check_der_SOURCES) \ - $(dist_check_gen_SOURCES) $(nodist_check_gen_SOURCES) \ - check-timegm.c -DIST_SOURCES = $(dist_libasn1_la_SOURCES) $(asn1_compile_SOURCES) \ - $(asn1_gen_SOURCES) $(asn1_print_SOURCES) $(check_der_SOURCES) \ - $(dist_check_gen_SOURCES) check-timegm.c -dist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -nodist_includeHEADERS_INSTALL = $(INSTALL_HEADER) +SOURCES = $(nodist_libasn1_la_SOURCES) $(dist_libasn1base_la_SOURCES) \ + $(nodist_libasn1base_la_SOURCES) $(asn1_compile_SOURCES) \ + $(asn1_gen_SOURCES) $(asn1_print_SOURCES) check-ber.c \ + $(check_der_SOURCES) $(dist_check_gen_SOURCES) \ + $(nodist_check_gen_SOURCES) $(check_template_SOURCES) \ + $(nodist_check_template_SOURCES) check-timegm.c +DIST_SOURCES = $(dist_libasn1base_la_SOURCES) $(asn1_compile_SOURCES) \ + $(asn1_gen_SOURCES) $(asn1_print_SOURCES) check-ber.c \ + $(check_der_SOURCES) $(dist_check_gen_SOURCES) \ + $(check_template_SOURCES) check-timegm.c HEADERS = $(dist_include_HEADERS) $(nodist_include_HEADERS) ETAGS = etags CTAGS = ctags +am__tty_colors = \ +red=; grn=; lgn=; blu=; std= DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -467,10 +312,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -487,6 +333,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -502,31 +350,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -541,10 +403,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -585,475 +449,75 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la lib_LTLIBRARIES = libasn1.la -libasn1_la_LDFLAGS = -version-info 8:0:0 +libasn1_la_LDFLAGS = -version-info 8:0:0 $(am__append_1) +noinst_LTLIBRARIES = libasn1base.la libasn1_la_LIBADD = \ + libasn1base.la \ @LIB_com_err@ \ $(LIBADD_roken) BUILT_SOURCES = \ $(gen_files_rfc2459:.x=.c) \ $(gen_files_cms:.x=.c) \ - $(gen_files_k5:.x=.c) \ + $(gen_files_krb5:.x=.c) \ $(gen_files_pkinit:.x=.c) \ $(gen_files_pkcs8:.x=.c) \ $(gen_files_pkcs9:.x=.c) \ $(gen_files_pkcs12:.x=.c) \ $(gen_files_digest:.x=.c) \ - $(gen_files_kx509:.x=.c) \ - asn1_err.h \ - asn1_err.c - -gen_files_k5 = \ - asn1_AD_AND_OR.x \ - asn1_AD_IF_RELEVANT.x \ - asn1_AD_KDCIssued.x \ - asn1_AD_MANDATORY_FOR_KDC.x \ - asn1_AD_LoginAlias.x \ - asn1_APOptions.x \ - asn1_AP_REP.x \ - asn1_AP_REQ.x \ - asn1_AS_REP.x \ - asn1_AS_REQ.x \ - asn1_AUTHDATA_TYPE.x \ - asn1_Authenticator.x \ - asn1_AuthorizationData.x \ - asn1_AuthorizationDataElement.x \ - asn1_CKSUMTYPE.x \ - asn1_ChangePasswdDataMS.x \ - asn1_Checksum.x \ - asn1_ENCTYPE.x \ - asn1_ETYPE_INFO.x \ - asn1_ETYPE_INFO2.x \ - asn1_ETYPE_INFO2_ENTRY.x \ - asn1_ETYPE_INFO_ENTRY.x \ - asn1_EncAPRepPart.x \ - asn1_EncASRepPart.x \ - asn1_EncKDCRepPart.x \ - asn1_EncKrbCredPart.x \ - asn1_EncKrbPrivPart.x \ - asn1_EncTGSRepPart.x \ - asn1_EncTicketPart.x \ - asn1_EncryptedData.x \ - asn1_EncryptionKey.x \ - asn1_EtypeList.x \ - asn1_HostAddress.x \ - asn1_HostAddresses.x \ - asn1_KDCOptions.x \ - asn1_KDC_REP.x \ - asn1_KDC_REQ.x \ - asn1_KDC_REQ_BODY.x \ - asn1_KRB_CRED.x \ - asn1_KRB_ERROR.x \ - asn1_KRB_PRIV.x \ - asn1_KRB_SAFE.x \ - asn1_KRB_SAFE_BODY.x \ - asn1_KerberosString.x \ - asn1_KerberosTime.x \ - asn1_KrbCredInfo.x \ - asn1_LR_TYPE.x \ - asn1_LastReq.x \ - asn1_MESSAGE_TYPE.x \ - asn1_METHOD_DATA.x \ - asn1_NAME_TYPE.x \ - asn1_PADATA_TYPE.x \ - asn1_PA_DATA.x \ - asn1_PA_ENC_SAM_RESPONSE_ENC.x \ - asn1_PA_ENC_TS_ENC.x \ - asn1_PA_PAC_REQUEST.x \ - asn1_PA_S4U2Self.x \ - asn1_PA_SAM_CHALLENGE_2.x \ - asn1_PA_SAM_CHALLENGE_2_BODY.x \ - asn1_PA_SAM_REDIRECT.x \ - asn1_PA_SAM_RESPONSE_2.x \ - asn1_PA_SAM_TYPE.x \ - asn1_PA_ClientCanonicalized.x \ - asn1_PA_ClientCanonicalizedNames.x \ - asn1_PA_SvrReferralData.x \ - asn1_PROV_SRV_LOCATION.x \ - asn1_Principal.x \ - asn1_PrincipalName.x \ - asn1_Realm.x \ - asn1_SAMFlags.x \ - asn1_TGS_REP.x \ - asn1_TGS_REQ.x \ - asn1_TYPED_DATA.x \ - asn1_Ticket.x \ - asn1_TicketFlags.x \ - asn1_TransitedEncoding.x \ - asn1_TypedData.x \ - asn1_krb5int32.x \ - asn1_krb5uint32.x \ - asn1_KRB5SignedPathData.x \ - asn1_KRB5SignedPathPrincipals.x \ - asn1_KRB5SignedPath.x - -gen_files_cms = \ - asn1_CMSAttributes.x \ - asn1_CMSCBCParameter.x \ - asn1_CMSEncryptedData.x \ - asn1_CMSIdentifier.x \ - asn1_CMSRC2CBCParameter.x \ - asn1_CMSVersion.x \ - asn1_CertificateList.x \ - asn1_CertificateRevocationLists.x \ - asn1_CertificateSet.x \ - asn1_ContentEncryptionAlgorithmIdentifier.x \ - asn1_ContentInfo.x \ - asn1_ContentType.x \ - asn1_DigestAlgorithmIdentifier.x \ - asn1_DigestAlgorithmIdentifiers.x \ - asn1_EncapsulatedContentInfo.x \ - asn1_EncryptedContent.x \ - asn1_EncryptedContentInfo.x \ - asn1_EncryptedKey.x \ - asn1_EnvelopedData.x \ - asn1_IssuerAndSerialNumber.x \ - asn1_KeyEncryptionAlgorithmIdentifier.x \ - asn1_KeyTransRecipientInfo.x \ - asn1_MessageDigest.x \ - asn1_OriginatorInfo.x \ - asn1_RecipientIdentifier.x \ - asn1_RecipientInfo.x \ - asn1_RecipientInfos.x \ - asn1_SignatureAlgorithmIdentifier.x \ - asn1_SignatureValue.x \ - asn1_SignedData.x \ - asn1_SignerIdentifier.x \ - asn1_SignerInfo.x \ - asn1_SignerInfos.x \ - asn1_id_pkcs7.x \ - asn1_id_pkcs7_data.x \ - asn1_id_pkcs7_digestedData.x \ - asn1_id_pkcs7_encryptedData.x \ - asn1_id_pkcs7_envelopedData.x \ - asn1_id_pkcs7_signedAndEnvelopedData.x \ - asn1_id_pkcs7_signedData.x \ - asn1_UnprotectedAttributes.x - -gen_files_rfc2459 = \ - asn1_Version.x \ - asn1_id_pkcs_1.x \ - asn1_id_pkcs1_rsaEncryption.x \ - asn1_id_pkcs1_md2WithRSAEncryption.x \ - asn1_id_pkcs1_md5WithRSAEncryption.x \ - asn1_id_pkcs1_sha1WithRSAEncryption.x \ - asn1_id_pkcs1_sha256WithRSAEncryption.x \ - asn1_id_pkcs1_sha384WithRSAEncryption.x \ - asn1_id_pkcs1_sha512WithRSAEncryption.x \ - asn1_id_heim_rsa_pkcs1_x509.x \ - asn1_id_pkcs_2.x \ - asn1_id_pkcs2_md2.x \ - asn1_id_pkcs2_md4.x \ - asn1_id_pkcs2_md5.x \ - asn1_id_rsa_digestAlgorithm.x \ - asn1_id_rsa_digest_md2.x \ - asn1_id_rsa_digest_md4.x \ - asn1_id_rsa_digest_md5.x \ - asn1_id_pkcs_3.x \ - asn1_id_pkcs3_rc2_cbc.x \ - asn1_id_pkcs3_rc4.x \ - asn1_id_pkcs3_des_ede3_cbc.x \ - asn1_id_rsadsi_encalg.x \ - asn1_id_rsadsi_rc2_cbc.x \ - asn1_id_rsadsi_des_ede3_cbc.x \ - asn1_id_secsig_sha_1.x \ - asn1_id_nistAlgorithm.x \ - asn1_id_nist_aes_algs.x \ - asn1_id_aes_128_cbc.x \ - asn1_id_aes_192_cbc.x \ - asn1_id_aes_256_cbc.x \ - asn1_id_nist_sha_algs.x \ - asn1_id_sha256.x \ - asn1_id_sha224.x \ - asn1_id_sha384.x \ - asn1_id_sha512.x \ - asn1_id_dhpublicnumber.x \ - asn1_id_x9_57.x \ - asn1_id_dsa.x \ - asn1_id_dsa_with_sha1.x \ - asn1_id_x520_at.x \ - asn1_id_at_commonName.x \ - asn1_id_at_surname.x \ - asn1_id_at_serialNumber.x \ - asn1_id_at_countryName.x \ - asn1_id_at_localityName.x \ - asn1_id_at_streetAddress.x \ - asn1_id_at_stateOrProvinceName.x \ - asn1_id_at_organizationName.x \ - asn1_id_at_organizationalUnitName.x \ - asn1_id_at_name.x \ - asn1_id_at_givenName.x \ - asn1_id_at_initials.x \ - asn1_id_at_generationQualifier.x \ - asn1_id_at_pseudonym.x \ - asn1_id_Userid.x \ - asn1_id_domainComponent.x \ - asn1_id_x509_ce.x \ - asn1_id_uspkicommon_card_id.x \ - asn1_id_uspkicommon_piv_interim.x \ - asn1_id_netscape.x \ - asn1_id_netscape_cert_comment.x \ - asn1_id_ms_cert_enroll_domaincontroller.x \ - asn1_id_ms_client_authentication.x \ - asn1_AlgorithmIdentifier.x \ - asn1_AttributeType.x \ - asn1_AttributeValue.x \ - asn1_TeletexStringx.x \ - asn1_DirectoryString.x \ - asn1_Attribute.x \ - asn1_AttributeTypeAndValue.x \ - asn1_AuthorityInfoAccessSyntax.x \ - asn1_AccessDescription.x \ - asn1_RelativeDistinguishedName.x \ - asn1_RDNSequence.x \ - asn1_Name.x \ - asn1_CertificateSerialNumber.x \ - asn1_Time.x \ - asn1_Validity.x \ - asn1_UniqueIdentifier.x \ - asn1_SubjectPublicKeyInfo.x \ - asn1_Extension.x \ - asn1_Extensions.x \ - asn1_TBSCertificate.x \ - asn1_Certificate.x \ - asn1_Certificates.x \ - asn1_ValidationParms.x \ - asn1_DomainParameters.x \ - asn1_DHPublicKey.x \ - asn1_OtherName.x \ - asn1_GeneralName.x \ - asn1_GeneralNames.x \ - asn1_id_x509_ce_keyUsage.x \ - asn1_KeyUsage.x \ - asn1_id_x509_ce_authorityKeyIdentifier.x \ - asn1_KeyIdentifier.x \ - asn1_AuthorityKeyIdentifier.x \ - asn1_id_x509_ce_subjectKeyIdentifier.x \ - asn1_SubjectKeyIdentifier.x \ - asn1_id_x509_ce_basicConstraints.x \ - asn1_BasicConstraints.x \ - asn1_id_x509_ce_nameConstraints.x \ - asn1_BaseDistance.x \ - asn1_GeneralSubtree.x \ - asn1_GeneralSubtrees.x \ - asn1_NameConstraints.x \ - asn1_id_x509_ce_privateKeyUsagePeriod.x \ - asn1_id_x509_ce_certificatePolicies.x \ - asn1_id_x509_ce_policyMappings.x \ - asn1_id_x509_ce_subjectAltName.x \ - asn1_id_x509_ce_issuerAltName.x \ - asn1_id_x509_ce_subjectDirectoryAttributes.x \ - asn1_id_x509_ce_policyConstraints.x \ - asn1_id_x509_ce_extKeyUsage.x \ - asn1_ExtKeyUsage.x \ - asn1_id_x509_ce_cRLDistributionPoints.x \ - asn1_id_x509_ce_deltaCRLIndicator.x \ - asn1_id_x509_ce_issuingDistributionPoint.x \ - asn1_id_x509_ce_holdInstructionCode.x \ - asn1_id_x509_ce_invalidityDate.x \ - asn1_id_x509_ce_certificateIssuer.x \ - asn1_id_x509_ce_inhibitAnyPolicy.x \ - asn1_DistributionPointReasonFlags.x \ - asn1_DistributionPointName.x \ - asn1_DistributionPoint.x \ - asn1_CRLDistributionPoints.x \ - asn1_DSASigValue.x \ - asn1_DSAPublicKey.x \ - asn1_DSAParams.x \ - asn1_RSAPublicKey.x \ - asn1_RSAPrivateKey.x \ - asn1_DigestInfo.x \ - asn1_TBSCRLCertList.x \ - asn1_CRLCertificateList.x \ - asn1_id_x509_ce_cRLNumber.x \ - asn1_id_x509_ce_freshestCRL.x \ - asn1_id_x509_ce_cRLReason.x \ - asn1_CRLReason.x \ - asn1_PKIXXmppAddr.x \ - asn1_id_pkix.x \ - asn1_id_pkix_on.x \ - asn1_id_pkix_on_dnsSRV.x \ - asn1_id_pkix_on_xmppAddr.x \ - asn1_id_pkix_kp.x \ - asn1_id_pkix_kp_serverAuth.x \ - asn1_id_pkix_kp_clientAuth.x \ - asn1_id_pkix_kp_emailProtection.x \ - asn1_id_pkix_kp_timeStamping.x \ - asn1_id_pkix_kp_OCSPSigning.x \ - asn1_id_pkix_pe.x \ - asn1_id_pkix_pe_authorityInfoAccess.x \ - asn1_id_pkix_pe_proxyCertInfo.x \ - asn1_id_pkix_ppl.x \ - asn1_id_pkix_ppl_anyLanguage.x \ - asn1_id_pkix_ppl_inheritAll.x \ - asn1_id_pkix_ppl_independent.x \ - asn1_ProxyPolicy.x \ - asn1_ProxyCertInfo.x - -gen_files_pkinit = \ - asn1_id_pkinit.x \ - asn1_id_pkauthdata.x \ - asn1_id_pkdhkeydata.x \ - asn1_id_pkrkeydata.x \ - asn1_id_pkekuoid.x \ - asn1_id_pkkdcekuoid.x \ - asn1_id_pkinit_san.x \ - asn1_id_pkinit_ms_eku.x \ - asn1_id_pkinit_ms_san.x \ - asn1_MS_UPN_SAN.x \ - asn1_DHNonce.x \ - asn1_KDFAlgorithmId.x \ - asn1_TrustedCA.x \ - asn1_ExternalPrincipalIdentifier.x \ - asn1_ExternalPrincipalIdentifiers.x \ - asn1_PA_PK_AS_REQ.x \ - asn1_PKAuthenticator.x \ - asn1_AuthPack.x \ - asn1_TD_TRUSTED_CERTIFIERS.x \ - asn1_TD_INVALID_CERTIFICATES.x \ - asn1_KRB5PrincipalName.x \ - asn1_AD_INITIAL_VERIFIED_CAS.x \ - asn1_DHRepInfo.x \ - asn1_PA_PK_AS_REP.x \ - asn1_KDCDHKeyInfo.x \ - asn1_ReplyKeyPack.x \ - asn1_TD_DH_PARAMETERS.x \ - asn1_PKAuthenticator_Win2k.x \ - asn1_AuthPack_Win2k.x \ - asn1_TrustedCA_Win2k.x \ - asn1_PA_PK_AS_REQ_Win2k.x \ - asn1_PA_PK_AS_REP_Win2k.x \ - asn1_KDCDHKeyInfo_Win2k.x \ - asn1_ReplyKeyPack_Win2k.x \ - asn1_PkinitSuppPubInfo.x - -gen_files_pkcs12 = \ - asn1_id_pkcs_12.x \ - asn1_id_pkcs_12PbeIds.x \ - asn1_id_pbeWithSHAAnd128BitRC4.x \ - asn1_id_pbeWithSHAAnd40BitRC4.x \ - asn1_id_pbeWithSHAAnd3_KeyTripleDES_CBC.x \ - asn1_id_pbeWithSHAAnd2_KeyTripleDES_CBC.x \ - asn1_id_pbeWithSHAAnd128BitRC2_CBC.x \ - asn1_id_pbewithSHAAnd40BitRC2_CBC.x \ - asn1_id_pkcs12_bagtypes.x \ - asn1_id_pkcs12_keyBag.x \ - asn1_id_pkcs12_pkcs8ShroudedKeyBag.x \ - asn1_id_pkcs12_certBag.x \ - asn1_id_pkcs12_crlBag.x \ - asn1_id_pkcs12_secretBag.x \ - asn1_id_pkcs12_safeContentsBag.x \ - asn1_PKCS12_MacData.x \ - asn1_PKCS12_PFX.x \ - asn1_PKCS12_AuthenticatedSafe.x \ - asn1_PKCS12_CertBag.x \ - asn1_PKCS12_Attribute.x \ - asn1_PKCS12_Attributes.x \ - asn1_PKCS12_SafeBag.x \ - asn1_PKCS12_SafeContents.x \ - asn1_PKCS12_OctetString.x \ - asn1_PKCS12_PBEParams.x - -gen_files_pkcs8 = \ - asn1_PKCS8PrivateKeyAlgorithmIdentifier.x \ - asn1_PKCS8PrivateKey.x \ - asn1_PKCS8PrivateKeyInfo.x \ - asn1_PKCS8Attributes.x \ - asn1_PKCS8EncryptedPrivateKeyInfo.x \ - asn1_PKCS8EncryptedData.x - -gen_files_pkcs9 = \ - asn1_id_pkcs_9.x \ - asn1_id_pkcs9_contentType.x \ - asn1_id_pkcs9_emailAddress.x \ - asn1_id_pkcs9_messageDigest.x \ - asn1_id_pkcs9_signingTime.x \ - asn1_id_pkcs9_countersignature.x \ - asn1_id_pkcs_9_at_friendlyName.x \ - asn1_id_pkcs_9_at_localKeyId.x \ - asn1_id_pkcs_9_at_certTypes.x \ - asn1_id_pkcs_9_at_certTypes_x509.x \ - asn1_PKCS9_BMPString.x \ - asn1_PKCS9_friendlyName.x - -gen_files_test = \ - asn1_TESTAlloc.x \ - asn1_TESTAllocInner.x \ - asn1_TESTCONTAINING.x \ - asn1_TESTCONTAININGENCODEDBY.x \ - asn1_TESTCONTAININGENCODEDBY2.x \ - asn1_TESTChoice1.x \ - asn1_TESTChoice2.x \ - asn1_TESTDer.x \ - asn1_TESTENCODEDBY.x \ - asn1_TESTImplicit.x \ - asn1_TESTImplicit2.x \ - asn1_TESTInteger.x \ - asn1_TESTInteger2.x \ - asn1_TESTInteger3.x \ - asn1_TESTLargeTag.x \ - asn1_TESTSeq.x \ - asn1_TESTUSERCONSTRAINED.x \ - asn1_TESTSeqOf.x \ - asn1_TESTOSSize1.x \ - asn1_TESTSeqSizeOf1.x \ - asn1_TESTSeqSizeOf2.x \ - asn1_TESTSeqSizeOf3.x \ - asn1_TESTSeqSizeOf4.x - -gen_files_digest = \ - asn1_DigestError.x \ - asn1_DigestInit.x \ - asn1_DigestInitReply.x \ - asn1_DigestREP.x \ - asn1_DigestREQ.x \ - asn1_DigestRepInner.x \ - asn1_DigestReqInner.x \ - asn1_DigestRequest.x \ - asn1_DigestResponse.x \ - asn1_DigestTypes.x \ - asn1_NTLMInit.x \ - asn1_NTLMInitReply.x \ - asn1_NTLMRequest.x \ - asn1_NTLMResponse.x - -gen_files_kx509 = \ - asn1_Kx509Response.x \ - asn1_Kx509Request.x + $(gen_files_kx509:.x=.c) +gen_files_krb5 = asn1_krb5_asn1.x +gen_files_cms = asn1_cms_asn1.x +gen_files_rfc2459 = asn1_rfc2459_asn1.x +gen_files_pkinit = asn1_pkinit_asn1.x +gen_files_pkcs12 = asn1_pkcs12_asn1.x +gen_files_pkcs8 = asn1_pkcs8_asn1.x +gen_files_pkcs9 = asn1_pkcs9_asn1.x +gen_files_test = asn1_test_asn1.x +gen_files_digest = asn1_digest_asn1.x +gen_files_kx509 = asn1_kx509_asn1.x asn1_gen_SOURCES = asn1_gen.c asn1_print_SOURCES = asn1_print.c check_der_SOURCES = check-der.c check-common.c check-common.h +check_template_SOURCES = check-template.c check-common.c check-common.h +nodist_check_template_SOURCES = $(gen_files_test:.x=.c) dist_check_gen_SOURCES = check-gen.c check-common.c check-common.h nodist_check_gen_SOURCES = $(gen_files_test:.x=.c) +build_HEADERZ = asn1-template.h asn1_compile_SOURCES = \ - asn1-common.h \ asn1_queue.h \ + asn1parse.y \ der.h \ gen.c \ gen_copy.c \ @@ -1064,17 +528,17 @@ asn1_compile_SOURCES = \ gen_length.c \ gen_locl.h \ gen_seq.c \ + gen_template.c \ hash.c \ hash.h \ lex.l \ lex.h \ main.c \ - parse.y \ + asn1-template.h \ symbol.c \ symbol.h -dist_libasn1_la_SOURCES = \ - der-protos.h \ +dist_libasn1base_la_SOURCES = \ der_locl.h \ der.c \ der.h \ @@ -1087,25 +551,35 @@ dist_libasn1_la_SOURCES = \ der_format.c \ heim_asn1.h \ extra.c \ + template.c \ timegm.c +nodist_libasn1base_la_SOURCES = \ + asn1_err.h \ + asn1_err.c + nodist_libasn1_la_SOURCES = $(BUILT_SOURCES) asn1_compile_LDADD = \ $(LIB_roken) $(LEXLIB) check_der_LDADD = \ + libasn1base.la \ + $(LIB_roken) + +check_template_LDADD = $(check_der_LDADD) +asn1_print_LDADD = $(check_der_LDADD) $(LIB_com_err) +asn1_gen_LDADD = $(check_der_LDADD) +check_timegm_LDADD = $(check_der_LDADD) +check_gen_LDADD = \ libasn1.la \ $(LIB_roken) -check_gen_LDADD = $(check_der_LDADD) -asn1_print_LDADD = $(check_der_LDADD) -asn1_gen_LDADD = $(check_der_LDADD) -check_timegm_LDADD = $(check_der_LDADD) +check_ber_LDADD = $(check_gen_LDADD) CLEANFILES = \ $(BUILT_SOURCES) \ $(gen_files_rfc2459) \ $(gen_files_cms) \ - $(gen_files_k5) \ + $(gen_files_krb5) \ $(gen_files_pkinit) \ $(gen_files_pkcs8) \ $(gen_files_pkcs9) \ @@ -1113,54 +587,66 @@ CLEANFILES = \ $(gen_files_digest) \ $(gen_files_kx509) \ $(gen_files_test) $(nodist_check_gen_SOURCES) \ - rfc2459_asn1_files rfc2459_asn1.h \ - cms_asn1_files cms_asn1.h \ - krb5_asn1_files krb5_asn1.h \ - pkinit_asn1_files pkinit_asn1.h \ - pkcs8_asn1_files pkcs8_asn1.h \ - pkcs9_asn1_files pkcs9_asn1.h \ - pkcs12_asn1_files pkcs12_asn1.h \ - digest_asn1_files digest_asn1.h \ - kx509_asn1_files kx509_asn1.h \ - test_asn1_files test_asn1.h + asn1_err.c asn1_err.h \ + rfc2459_asn1_files rfc2459_asn1*.h* \ + cms_asn1_files cms_asn1*.h* \ + krb5_asn1_files krb5_asn1*.h* \ + pkinit_asn1_files pkinit_asn1*.h* \ + pkcs8_asn1_files pkcs8_asn1*.h* \ + pkcs9_asn1_files pkcs9_asn1*.h* \ + pkcs12_asn1_files pkcs12_asn1*.h* \ + digest_asn1_files digest_asn1*.h* \ + kx509_asn1_files kx509_asn1*.h* \ + test_asn1_files test_asn1*.h* -dist_include_HEADERS = der.h heim_asn1.h der-protos.h +dist_include_HEADERS = der.h heim_asn1.h der-protos.h der-private.h \ + asn1-common.h nodist_include_HEADERS = asn1_err.h krb5_asn1.h pkinit_asn1.h \ cms_asn1.h rfc2459_asn1.h pkcs8_asn1.h pkcs9_asn1.h \ pkcs12_asn1.h digest_asn1.h kx509_asn1.h +priv_headers = krb5_asn1-priv.h pkinit_asn1-priv.h cms_asn1-priv.h \ + rfc2459_asn1-priv.h pkcs8_asn1-priv.h pkcs9_asn1-priv.h \ + pkcs12_asn1-priv.h digest_asn1-priv.h kx509_asn1-priv.h \ + test_asn1.h test_asn1-priv.h EXTRA_DIST = \ + NTMakefile \ + asn1_compile-version.rc \ + libasn1-exports.def \ + cms.asn1 \ + cms.opt \ asn1_err.et \ canthandle.asn1 \ - CMS.asn1 \ digest.asn1 \ - k5.asn1 \ + krb5.asn1 \ + krb5.opt \ kx509.asn1 \ - test.asn1 \ - setchgpw2.asn1 \ pkcs12.asn1 \ pkcs8.asn1 \ pkcs9.asn1 \ pkinit.asn1 \ rfc2459.asn1 \ - test.gen + setchgpw2.asn1 \ + test.asn1 \ + test.gen \ + version-script.map all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .l .lo .o .obj .y +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .l .lo .o .obj .y $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/asn1/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/asn1/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/asn1/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/asn1/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -1178,23 +664,28 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -1205,22 +696,80 @@ clean-libLTLIBRARIES: echo "rm -f \"$${dir}/so_locations\""; \ rm -f "$${dir}/so_locations"; \ done + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done libasn1.la: $(libasn1_la_OBJECTS) $(libasn1_la_DEPENDENCIES) $(libasn1_la_LINK) -rpath $(libdir) $(libasn1_la_OBJECTS) $(libasn1_la_LIBADD) $(LIBS) +libasn1base.la: $(libasn1base_la_OBJECTS) $(libasn1base_la_DEPENDENCIES) + $(LINK) $(libasn1base_la_OBJECTS) $(libasn1base_la_LIBADD) $(LIBS) clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +install-libexec_heimdalPROGRAMS: $(libexec_heimdal_PROGRAMS) + @$(NORMAL_INSTALL) + test -z "$(libexec_heimdaldir)" || $(MKDIR_P) "$(DESTDIR)$(libexec_heimdaldir)" + @list='$(libexec_heimdal_PROGRAMS)'; test -n "$(libexec_heimdaldir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexec_heimdaldir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexec_heimdaldir)$$dir" || exit $$?; \ + } \ + ; done + +uninstall-libexec_heimdalPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(libexec_heimdal_PROGRAMS)'; test -n "$(libexec_heimdaldir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexec_heimdaldir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexec_heimdaldir)" && rm -f $$files + +clean-libexec_heimdalPROGRAMS: + @list='$(libexec_heimdal_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list asn1_compile$(EXEEXT): $(asn1_compile_OBJECTS) $(asn1_compile_DEPENDENCIES) @rm -f asn1_compile$(EXEEXT) $(LINK) $(asn1_compile_OBJECTS) $(asn1_compile_LDADD) $(LIBS) @@ -1230,12 +779,18 @@ asn1_gen$(EXEEXT): $(asn1_gen_OBJECTS) $(asn1_gen_DEPENDENCIES) asn1_print$(EXEEXT): $(asn1_print_OBJECTS) $(asn1_print_DEPENDENCIES) @rm -f asn1_print$(EXEEXT) $(LINK) $(asn1_print_OBJECTS) $(asn1_print_LDADD) $(LIBS) +check-ber$(EXEEXT): $(check_ber_OBJECTS) $(check_ber_DEPENDENCIES) + @rm -f check-ber$(EXEEXT) + $(LINK) $(check_ber_OBJECTS) $(check_ber_LDADD) $(LIBS) check-der$(EXEEXT): $(check_der_OBJECTS) $(check_der_DEPENDENCIES) @rm -f check-der$(EXEEXT) $(LINK) $(check_der_OBJECTS) $(check_der_LDADD) $(LIBS) check-gen$(EXEEXT): $(check_gen_OBJECTS) $(check_gen_DEPENDENCIES) @rm -f check-gen$(EXEEXT) $(LINK) $(check_gen_OBJECTS) $(check_gen_LDADD) $(LIBS) +check-template$(EXEEXT): $(check_template_OBJECTS) $(check_template_DEPENDENCIES) + @rm -f check-template$(EXEEXT) + $(LINK) $(check_template_OBJECTS) $(check_template_LDADD) $(LIBS) check-timegm$(EXEEXT): $(check_timegm_OBJECTS) $(check_timegm_DEPENDENCIES) @rm -f check-timegm$(EXEEXT) $(LINK) $(check_timegm_OBJECTS) $(check_timegm_LDADD) $(LIBS) @@ -1246,14 +801,71 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_cms_asn1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_digest_asn1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_err.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_gen.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_krb5_asn1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_kx509_asn1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_pkcs12_asn1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_pkcs8_asn1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_pkcs9_asn1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_pkinit_asn1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_print.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_rfc2459_asn1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_test_asn1.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1parse.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check-ber.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check-common.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check-der.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check-gen.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check-template.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check-timegm.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_cmp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_copy.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_format.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_free.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_get.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_length.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_put.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/extra.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_copy.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_decode.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_encode.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_free.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_glue.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_length.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_seq.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_template.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hash.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lex.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/main.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/symbol.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/template.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/timegm.Plo@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< .l.c: $(am__skiplex) $(SHELL) $(YLWRAP) $< $(LEX_OUTPUT_ROOT).c $@ -- $(LEXCOMPILE) @@ -1269,90 +881,101 @@ clean-libtool: install-dist_includeHEADERS: $(dist_include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(dist_include_HEADERS)'; for p in $$list; do \ + @list='$(dist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(dist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(dist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-dist_includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(dist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(dist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files install-nodist_includeHEADERS: $(nodist_include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nodist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-nodist_includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ srcdir=$(srcdir); export srcdir; \ list=' $(TESTS) '; \ + $(am__tty_colors); \ if test -n "$$list"; then \ for tst in $$list; do \ if test -f ./$$tst; then dir=./; \ @@ -1361,49 +984,63 @@ check-TESTS: $(TESTS) if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xpass=`expr $$xpass + 1`; \ failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ + col=$$red; res=XPASS; \ ;; \ *) \ - echo "PASS: $$tst"; \ + col=$$grn; res=PASS; \ ;; \ esac; \ elif test $$? -ne 77; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ + col=$$lgn; res=XFAIL; \ ;; \ *) \ failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ + col=$$red; res=FAIL; \ ;; \ esac; \ else \ skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ + col=$$blu; res=SKIP; \ fi; \ + echo "$${col}$$res$${std}: $$tst"; \ done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ if test "$$failed" -eq 0; then \ if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ + banner="$$All$$all $$tests passed"; \ else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ fi; \ else \ if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ + banner="$$failed of $$all $$tests failed"; \ else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ fi; \ fi; \ dashes="$$banner"; \ skipped=""; \ if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ dashes="$$skipped"; \ fi; \ @@ -1414,11 +1051,15 @@ check-TESTS: $(TESTS) dashes="$$report"; \ fi; \ dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ + if test "$$failed" -eq 0; then \ + echo "$$grn$$dashes"; \ + else \ + echo "$$red$$dashes"; \ + fi; \ echo "$$banner"; \ test -z "$$skipped" || echo "$$skipped"; \ test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ + echo "$$dashes$$std"; \ test "$$failed" -eq 0; \ else :; fi @@ -1438,13 +1079,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -1458,7 +1103,7 @@ check: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) check-am all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)"; do \ + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(libexec_heimdaldir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: $(BUILT_SOURCES) @@ -1483,20 +1128,23 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." + -rm -f asn1parse.c + -rm -f asn1parse.h -rm -f lex.c - -rm -f parse.c - -rm -f parse.h -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) clean: clean-am clean-am: clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ - clean-libtool clean-noinstPROGRAMS mostlyclean-am + clean-libexec_heimdalPROGRAMS clean-libtool \ + clean-noinstLTLIBRARIES clean-noinstPROGRAMS mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -1507,6 +1155,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -1515,26 +1165,36 @@ install-data-am: install-dist_includeHEADERS \ install-nodist_includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am -install-exec-am: install-libLTLIBRARIES +install-dvi-am: + +install-exec-am: install-libLTLIBRARIES \ + install-libexec_heimdalPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -1552,23 +1212,25 @@ ps: ps-am ps-am: uninstall-am: uninstall-dist_includeHEADERS uninstall-libLTLIBRARIES \ + uninstall-libexec_heimdalPROGRAMS \ uninstall-nodist_includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: all check check-am install install-am install-data-am \ + install-exec-am install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ check-local clean clean-checkPROGRAMS clean-generic \ - clean-libLTLIBRARIES clean-libtool clean-noinstPROGRAMS ctags \ - dist-hook distclean distclean-compile distclean-generic \ + clean-libLTLIBRARIES clean-libexec_heimdalPROGRAMS \ + clean-libtool clean-noinstLTLIBRARIES clean-noinstPROGRAMS \ + ctags dist-hook distclean distclean-compile distclean-generic \ distclean-libtool distclean-tags distdir dvi dvi-am html \ html-am info info-am install install-am install-data \ install-data-am install-data-hook install-dist_includeHEADERS \ install-dvi install-dvi-am install-exec install-exec-am \ install-exec-hook install-html install-html-am install-info \ - install-info-am install-libLTLIBRARIES install-man \ + install-info-am install-libLTLIBRARIES \ + install-libexec_heimdalPROGRAMS install-man \ install-nodist_includeHEADERS install-pdf install-pdf-am \ install-ps install-ps-am install-strip installcheck \ installcheck-am installdirs maintainer-clean \ @@ -1576,6 +1238,7 @@ uninstall-am: uninstall-dist_includeHEADERS uninstall-libLTLIBRARIES \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ tags uninstall uninstall-am uninstall-dist_includeHEADERS \ uninstall-hook uninstall-libLTLIBRARIES \ + uninstall-libexec_heimdalPROGRAMS \ uninstall-nodist_includeHEADERS @@ -1647,6 +1310,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -1732,7 +1398,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -1746,56 +1412,62 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) fi ; \ done -$(asn1_compile_OBJECTS): parse.h parse.c $(srcdir)/der-protos.h -$(libasn1_la_OBJECTS): krb5_asn1.h asn1_err.h $(srcdir)/der-protos.h +$(asn1_compile_OBJECTS): asn1parse.h asn1parse.c $(srcdir)/der-protos.h $(srcdir)/der-private.h +$(libasn1_la_OBJECTS): $(nodist_include_HEADERS) $(priv_headers) asn1_err.h $(srcdir)/der-protos.h $(srcdir)/der-private.h +$(libasn1base_la_OBJECTS): asn1_err.h $(srcdir)/der-protos.h $(srcdir)/der-private.h $(check_gen_OBJECTS): test_asn1.h +$(check_template_OBJECTS): test_asn1_files $(asn1_print_OBJECTS): krb5_asn1.h -parse.h: parse.c +asn1parse.h: asn1parse.c -$(gen_files_k5) krb5_asn1.h: krb5_asn1_files -$(gen_files_pkinit) pkinit_asn1.h: pkinit_asn1_files -$(gen_files_pkcs8) pkcs8_asn1.h: pkcs8_asn1_files -$(gen_files_pkcs9) pkcs9_asn1.h: pkcs9_asn1_files -$(gen_files_pkcs12) pkcs12_asn1.h: pkcs12_asn1_files -$(gen_files_digest) digest_asn1.h: digest_asn1_files -$(gen_files_kx509) kx509_asn1.h: kx509_asn1_files -$(gen_files_rfc2459) rfc2459_asn1.h: rfc2459_asn1_files -$(gen_files_cms) cms_asn1.h: cms_asn1_files -$(gen_files_test) test_asn1.h: test_asn1_files +$(gen_files_krb5) krb5_asn1.hx krb5_asn1-priv.hx: krb5_asn1_files +$(gen_files_pkinit) pkinit_asn1.hx pkinit_asn1-priv.hx: pkinit_asn1_files +$(gen_files_pkcs8) pkcs8_asn1.hx pkcs8_asn1-priv.hx: pkcs8_asn1_files +$(gen_files_pkcs9) pkcs9_asn1.hx pkcs9_asn1-priv.hx: pkcs9_asn1_files +$(gen_files_pkcs12) pkcs12_asn1.hx pkcs12_asn1-priv.hx: pkcs12_asn1_files +$(gen_files_digest) digest_asn1.hx digest_asn1-priv.hx: digest_asn1_files +$(gen_files_kx509) kx509_asn1.hx kx509_asn1-priv.hx: kx509_asn1_files +$(gen_files_rfc2459) rfc2459_asn1.hx rfc2459_asn1-priv.hx: rfc2459_asn1_files +$(gen_files_cms) cms_asn1.hx cms_asn1-priv.hx: cms_asn1_files +$(gen_files_test) test_asn1.hx test_asn1-priv.hx: test_asn1_files rfc2459_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/rfc2459.asn1 - ./asn1_compile$(EXEEXT) --preserve-binary=TBSCertificate --preserve-binary=TBSCRLCertList --preserve-binary=Name --sequence=GeneralNames --sequence=Extensions --sequence=CRLDistributionPoints $(srcdir)/rfc2459.asn1 rfc2459_asn1 || (rm -f rfc2459_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file --preserve-binary=TBSCertificate --preserve-binary=TBSCRLCertList --preserve-binary=Name --sequence=GeneralNames --sequence=Extensions --sequence=CRLDistributionPoints $(srcdir)/rfc2459.asn1 rfc2459_asn1 || (rm -f rfc2459_asn1_files ; exit 1) -cms_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/CMS.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/CMS.asn1 cms_asn1 || (rm -f cms_asn1_files ; exit 1) +cms_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/cms.asn1 $(srcdir)/cms.opt + $(ASN1_COMPILE) --one-code-file --option-file=$(srcdir)/cms.opt $(srcdir)/cms.asn1 cms_asn1 || (rm -f cms_asn1_files ; exit 1) -krb5_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/k5.asn1 - ./asn1_compile$(EXEEXT) --encode-rfc1510-bit-string --sequence=KRB5SignedPathPrincipals --sequence=AuthorizationData --sequence=METHOD-DATA --sequence=ETYPE-INFO --sequence=ETYPE-INFO2 $(srcdir)/k5.asn1 krb5_asn1 || (rm -f krb5_asn1_files ; exit 1) +krb5_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/krb5.asn1 $(srcdir)/krb5.opt + $(ASN1_COMPILE) --one-code-file --option-file=$(srcdir)/krb5.opt $(srcdir)/krb5.asn1 krb5_asn1 || (rm -f krb5_asn1_files ; exit 1) pkinit_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkinit.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkinit.asn1 pkinit_asn1 || (rm -f pkinit_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file $(srcdir)/pkinit.asn1 pkinit_asn1 || (rm -f pkinit_asn1_files ; exit 1) pkcs8_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs8.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkcs8.asn1 pkcs8_asn1 || (rm -f pkcs8_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file $(srcdir)/pkcs8.asn1 pkcs8_asn1 || (rm -f pkcs8_asn1_files ; exit 1) pkcs9_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs9.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkcs9.asn1 pkcs9_asn1 || (rm -f pkcs9_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file $(srcdir)/pkcs9.asn1 pkcs9_asn1 || (rm -f pkcs9_asn1_files ; exit 1) pkcs12_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs12.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkcs12.asn1 pkcs12_asn1 || (rm -f pkcs12_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file $(srcdir)/pkcs12.asn1 pkcs12_asn1 || (rm -f pkcs12_asn1_files ; exit 1) digest_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/digest.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/digest.asn1 digest_asn1 || (rm -f digest_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file $(srcdir)/digest.asn1 digest_asn1 || (rm -f digest_asn1_files ; exit 1) kx509_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/kx509.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/kx509.asn1 kx509_asn1 || (rm -f kx509_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file $(srcdir)/kx509.asn1 kx509_asn1 || (rm -f kx509_asn1_files ; exit 1) test_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/test.asn1 - ./asn1_compile$(EXEEXT) --sequence=TESTSeqOf $(srcdir)/test.asn1 test_asn1 || (rm -f test_asn1_files ; exit 1) + $(ASN1_COMPILE) --one-code-file --sequence=TESTSeqOf $(srcdir)/test.asn1 test_asn1 || (rm -f test_asn1_files ; exit 1) $(srcdir)/der-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o der-protos.h $(dist_libasn1_la_SOURCES) || rm -f der-protos.h + cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o der-protos.h $(dist_libasn1base_la_SOURCES) || rm -f der-protos.h + +$(srcdir)/der-private.h: + cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p der-private.h $(dist_libasn1base_la_SOURCES) || rm -f der-private.h + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/asn1/NTMakefile b/lib/asn1/NTMakefile new file mode 100644 index 000000000000..1ee62b198795 --- /dev/null +++ b/lib/asn1/NTMakefile @@ -0,0 +1,356 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\asn1 + +intcflags=-I$(SRCDIR) -I$(OBJ) + +!include ../../windows/NTMakefile.w32 + +gen_files_krb5 = $(OBJ)\asn1_krb5_asn1.x + +gen_files_cms = $(OBJ)\asn1_cms_asn1.x + +gen_files_rfc2459 = $(OBJ)\asn1_rfc2459_asn1.x + +gen_files_pkinit = $(OBJ)\asn1_pkinit_asn1.x + +gen_files_pkcs12 = $(OBJ)\asn1_pkcs12_asn1.x + +gen_files_pkcs8 = $(OBJ)\asn1_pkcs8_asn1.x + +gen_files_pkcs9 = $(OBJ)\asn1_pkcs9_asn1.x + +gen_files_test = $(OBJ)\asn1_test_asn1.x + +gen_files_digest = $(OBJ)\asn1_digest_asn1.x + +gen_files_kx509 = $(OBJ)\asn1_kx509_asn1.x + +ASN1_BINARIES = \ + $(LIBEXECDIR)\asn1_compile.exe + +$(BINDIR)\asn1_compile.exe: \ + $(OBJ)\asn1parse.obj \ + $(OBJ)\gen.obj \ + $(OBJ)\gen_copy.obj \ + $(OBJ)\gen_decode.obj \ + $(OBJ)\gen_encode.obj \ + $(OBJ)\gen_free.obj \ + $(OBJ)\gen_glue.obj \ + $(OBJ)\gen_length.obj \ + $(OBJ)\gen_seq.obj \ + $(OBJ)\gen_template.obj \ + $(OBJ)\hash.obj \ + $(OBJ)\lex.obj \ + $(OBJ)\main.obj \ + $(OBJ)\symbol.obj \ + $(OBJ)\asn1_compile-version.res + $(EXECONLINK) $(LIBROKEN) $(LIBVERS) + $(EXEPREP_NOHEIM) + +$(OBJ)\lex.c: lex.l $(OBJ)\asn1parse.h + $(LEX) -o$@ lex.l + +$(OBJ)\lex.obj: $(OBJ)\lex.c + $(C2OBJ) -DYY_NO_UNISTD_H + +$(OBJ)\asn1parse.c $(OBJ)\asn1parse.h: asn1parse.y + $(YACC) -o $(OBJ)\asn1parse.c --defines=$(OBJ)\asn1parse.h $** + +$(OBJ)\asn1_err.c $(OBJ)\asn1_err.h: asn1_err.et + cd $(OBJ) + $(BINDIR)\compile_et.exe $(SRCDIR)\asn1_err.et + cd $(SRCDIR) + +$(BINDIR)\asn1_print.exe: $(OBJ)\asn1_print.obj $(LIBHEIMDAL) + $(EXECONLINK) $(LIBVERS) $(LIBROKEN) $(LIBCOMERR) + $(EXEPREP) + +$(BINDIR)\asn1_gen.exe: $(OBJ)\asn1_gen.obj $(LIBHEIMDAL) + $(EXECONLINK) $(LIBVERS) $(LIBROKEN) + $(EXEPREP) + +LIBASN1_OBJS= \ + $(OBJ)\der.obj \ + $(OBJ)\der_get.obj \ + $(OBJ)\der_put.obj \ + $(OBJ)\der_free.obj \ + $(OBJ)\der_length.obj \ + $(OBJ)\der_copy.obj \ + $(OBJ)\der_cmp.obj \ + $(OBJ)\der_format.obj \ + $(OBJ)\extra.obj \ + $(OBJ)\timegm.obj \ + $(gen_files_rfc2459:.x=.obj) \ + $(gen_files_cms:.x=.obj) \ + $(gen_files_krb5:.x=.obj) \ + $(gen_files_pkinit:.x=.obj) \ + $(gen_files_pkcs8:.x=.obj) \ + $(gen_files_pkcs9:.x=.obj) \ + $(gen_files_pkcs12:.x=.obj) \ + $(gen_files_digest:.x=.obj) \ + $(gen_files_kx509:.x=.obj) \ + $(OBJ)\asn1_err.obj + +$(LIBASN1): $(LIBASN1_OBJS) + $(LIBCON_C) -out:$@ @<< +$(**: = +) +<< + +clean:: + -$(RM) $(LIBASN1) + +# +# Generate list of exports +# +# This target is only used during development to generate a list of +# symbols that are exported from all the object files in LIBASN1_OBJS. +# +exports-list.txt: $(LIBASN1_OBJS) + $(PERL) ..\..\cf\w32-list-externs-from-objs.pl -q -u @<< > $@ +$(**: = +) +<< + +$(gen_files_krb5:.x=.c) : $$(@R).x + +$(gen_files_pkinit:.x=.c) : $$(@R).x + +$(gen_files_pkcs8:.x=.c) : $$(@R).x + +$(gen_files_pkcs9:.x=.c) : $$(@R).x + +$(gen_files_pkcs12:.x=.c) : $$(@R).x + +$(gen_files_digest:.x=.c) : $$(@R).x + +$(gen_files_kx509:.x=.c) : $$(@R).x + +$(gen_files_rfc2459:.x=.c) : $$(@R).x + +$(gen_files_cms:.x=.c) : $$(@R).x + +$(gen_files_test:.x=.c) : $$(@R).x + +$(gen_files_krb5) $(OBJ)\krb5_asn1.hx: $(BINDIR)\asn1_compile.exe krb5.asn1 krb5.opt + cd $(OBJ) + $(BINDIR)\asn1_compile.exe \ + --one-code-file \ + --option-file=$(SRCDIR)\krb5.opt \ + $(SRCDIR)\krb5.asn1 krb5_asn1 \ + || ($(RM) $(OBJ)\krb5_asn1.h ; exit /b 1) + cd $(SRCDIR) + +$(gen_files_pkinit) $(OBJ)\pkinit_asn1.hx: $(BINDIR)\asn1_compile.exe pkinit.asn1 + cd $(OBJ) + $(BINDIR)\asn1_compile.exe --one-code-file $(SRCDIR)\pkinit.asn1 pkinit_asn1 \ + || ($(RM) $(OBJ)\pkinit_asn1.h ; exit /b 1) + cd $(SRCDIR) + +$(gen_files_pkcs8) $(OBJ)\pkcs8_asn1.hx: $(BINDIR)\asn1_compile.exe pkcs8.asn1 + cd $(OBJ) + $(BINDIR)\asn1_compile.exe --one-code-file $(SRCDIR)\pkcs8.asn1 pkcs8_asn1 \ + || ($(RM) $(OBJ)\pkcs8_asn1.h ; exit /b 1) + cd $(SRCDIR) + +$(gen_files_pkcs9) $(OBJ)\pkcs9_asn1.hx: $(BINDIR)\asn1_compile.exe pkcs9.asn1 + cd $(OBJ) + $(BINDIR)\asn1_compile.exe --one-code-file $(SRCDIR)\pkcs9.asn1 pkcs9_asn1 \ + || ($(RM) $(OBJ)\pkcs9_asn1.h ; exit /b 1) + cd $(SRCDIR) + +$(gen_files_pkcs12) $(OBJ)\pkcs12_asn1.hx: $(BINDIR)\asn1_compile.exe pkcs12.asn1 + cd $(OBJ) + $(BINDIR)\asn1_compile.exe --one-code-file $(SRCDIR)\pkcs12.asn1 pkcs12_asn1 \ + || ($(RM) $(OBJ)\pkcs12_asn1.h ; exit /b 1) + cd $(SRCDIR) + +$(gen_files_digest) $(OBJ)\digest_asn1.hx: $(BINDIR)\asn1_compile.exe digest.asn1 + cd $(OBJ) + $(BINDIR)\asn1_compile.exe --one-code-file $(SRCDIR)\digest.asn1 digest_asn1 \ + || ($(RM) $(OBJ)\digest_asn1.h ; exit /b 1) + cd $(SRCDIR) + +$(gen_files_kx509) $(OBJ)\kx509_asn1.hx: $(BINDIR)\asn1_compile.exe kx509.asn1 + cd $(OBJ) + $(BINDIR)\asn1_compile.exe --one-code-file $(SRCDIR)\kx509.asn1 kx509_asn1 \ + || ($(RM) $(OBJ)\kx509_asn1.h ; exit /b 1) + cd $(SRCDIR) + +$(gen_files_rfc2459) $(OBJ)\rfc2459_asn1.hx: $(BINDIR)\asn1_compile.exe rfc2459.asn1 + cd $(OBJ) + $(BINDIR)\asn1_compile.exe \ + --one-code-file \ + --preserve-binary=TBSCertificate \ + --preserve-binary=TBSCRLCertList \ + --preserve-binary=Name \ + --sequence=GeneralNames \ + --sequence=Extensions \ + --sequence=CRLDistributionPoints \ + $(SRCDIR)\rfc2459.asn1 rfc2459_asn1 \ + || ($(RM) $(OBJ)\rfc2459_asn1.h ; exit /b 1) + cd $(SRCDIR) + +$(gen_files_cms) $(OBJ)\cms_asn1.hx: $(BINDIR)\asn1_compile.exe cms.asn1 cms.opt + cd $(OBJ) + $(BINDIR)\asn1_compile.exe \ + --one-code-file --option-file=$(SRCDIR)\cms.opt \ + $(SRCDIR)\cms.asn1 cms_asn1 \ + || ($(RM) $(OBJ)\cms_asn1.h ; exit /b 1) + cd $(SRCDIR) + +$(gen_files_test) $(OBJ)\test_asn1.hx: $(BINDIR)\asn1_compile.exe test.asn1 + cd $(OBJ) + $(BINDIR)\asn1_compile.exe \ + --one-code-file --sequence=TESTSeqOf \ + $(SRCDIR)\test.asn1 test_asn1 \ + || ($(RM) $(OBJ)\test_asn1.h ; exit /b 1) + cd $(SRCDIR) + +INCFILES= \ + $(INCDIR)\der.h \ + $(INCDIR)\heim_asn1.h \ + $(INCDIR)\der-protos.h \ + $(INCDIR)\der-private.h \ + $(INCDIR)\asn1-common.h \ + $(INCDIR)\asn1-template.h \ + $(OBJ)\asn1_err.h + +$(INCDIR)\der-protos.h: $(OBJ)\der-protos.h + +GENINCFILES= \ + $(INCDIR)\asn1_err.h \ + $(INCDIR)\cms_asn1.h \ + $(INCDIR)\digest_asn1.h \ + $(INCDIR)\krb5_asn1.h \ + $(INCDIR)\kx509_asn1.h \ + $(INCDIR)\pkcs12_asn1.h \ + $(INCDIR)\pkcs8_asn1.h \ + $(INCDIR)\pkcs9_asn1.h \ + $(INCDIR)\pkinit_asn1.h \ + $(INCDIR)\rfc2459_asn1.h \ + $(OBJ)\krb5_asn1-priv.h \ + $(OBJ)\pkinit_asn1-priv.h \ + $(OBJ)\cms_asn1-priv.h \ + $(OBJ)\rfc2459_asn1-priv.h \ + $(OBJ)\pkcs8_asn1-priv.h \ + $(OBJ)\pkcs9_asn1-priv.h \ + $(OBJ)\pkcs12_asn1-priv.h \ + $(OBJ)\digest_asn1-priv.h \ + $(OBJ)\kx509_asn1-priv.h \ + $(OBJ)\test_asn1.h \ + $(OBJ)\test_asn1-priv.h + +libasn1_SOURCES= \ + der_locl.h \ + der.c \ + der.h \ + der_get.c \ + der_put.c \ + der_free.c \ + der_length.c \ + der_copy.c \ + der_cmp.c \ + der_format.c \ + heim_asn1.h \ + extra.c \ + timegm.c + +$(OBJ)\der-protos.h: $(libasn1_SOURCES) + $(PERL) ..\..\cf\make-proto.pl -q -P remove -o $(OBJ)\der-protos.h $(libasn1_SOURCES) || $(RM) $(OBJ)\der-protos.h + +$(OBJ)\der-private.h: $(libasn1_SOURCES) + $(PERL) ..\..\cf\make-proto.pl -q -P remove -p $(OBJ)\der-private.h $(libasn1_SOURCES) || $(RM) $(OBJ)\der-private.h + +clean:: + -$(RM) $(INCDIR)\der-protos.h + +all:: $(INCFILES) $(GENINCFILES) $(ASN1_BINARIES) $(LIBASN1) + +all-tools:: $(LIBEXECDIR)\asn1_print.exe $(BINDIR)\asn1_gen.exe + +clean:: + -$(RM) $(INCFILES) + -$(RM) $(GENINCFILES) + -$(RM) $(ASN1_BINARIES:.exe=.*) + -$(RM) $(LIBASN1) + -$(RM) $(LIBEXECDIR)\asn1_print.* + -$(RM) $(LIBEXECDIR)\asn1_gen.* + +TEST_BINARIES=\ + $(OBJ)\check-der.exe \ + $(OBJ)\check-gen.exe \ + $(OBJ)\check-timegm.exe \ + $(OBJ)\check-ber.exe \ + $(OBJ)\check-template.exe \ + +test-binaries: $(TEST_BINARIES) + +test-run: + cd $(OBJ) + check-der.exe + check-gen.exe + check-timegm.exe + check-ber.exe + check-template.exe + cd $(SRC) + +test:: test-binaries test-run + +clean:: + -$(RM) $(TEST_BINARIES:.exe=*) + +$(OBJ)\check-ber.exe: $(OBJ)\check-ber.obj \ + $(LIBHEIMDAL) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\check-der.exe: $(OBJ)\check-der.obj $(OBJ)\check-common.obj \ + $(LIBHEIMDAL) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\check-gen.exe: $(OBJ)\check-gen.obj $(OBJ)\check-common.obj \ + $(LIBHEIMDAL) $(LIBROKEN) $(gen_files_test:.x=.obj) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\check-timegm.exe: $(OBJ)\check-timegm.obj \ + $(LIBHEIMDAL) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\check-template.exe: $(OBJ)\check-template.obj $(OBJ)\check-common.obj \ + $(LIBHEIMDAL) $(LIBROKEN) $(gen_files_test:.x=.obj) + $(EXECONLINK) + $(EXEPREP_NODIST) diff --git a/lib/asn1/asn1-common.h b/lib/asn1/asn1-common.h index 5789e0f22dfb..4083ebc23dd6 100644 --- a/lib/asn1/asn1-common.h +++ b/lib/asn1/asn1-common.h @@ -1,7 +1,8 @@ -/* $Id: asn1-common.h 22429 2008-01-13 10:25:50Z lha $ */ +/* $Id$ */ #include #include +#include #ifndef __asn1_common_definitions__ #define __asn1_common_definitions__ @@ -19,8 +20,8 @@ typedef struct heim_octet_string { typedef char *heim_general_string; typedef char *heim_utf8_string; -typedef char *heim_printable_string; -typedef char *heim_ia5_string; +typedef struct heim_octet_string heim_printable_string; +typedef struct heim_octet_string heim_ia5_string; typedef struct heim_bmp_string { size_t length; @@ -63,4 +64,16 @@ typedef struct heim_octet_string heim_any_set; } \ } while (0) +#ifdef _WIN32 +#ifndef ASN1_LIB +#define ASN1EXP __declspec(dllimport) +#else +#define ASN1EXP +#endif +#define ASN1CALL __stdcall +#else +#define ASN1EXP +#define ASN1CALL +#endif + #endif diff --git a/lib/asn1/asn1-template.h b/lib/asn1/asn1-template.h new file mode 100644 index 000000000000..107706ce8340 --- /dev/null +++ b/lib/asn1/asn1-template.h @@ -0,0 +1,141 @@ +/* + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* asn1 templates */ + +#ifndef __TEMPLATE_H__ +#define __TEMPLATE_H__ + +/* tag: + * 0..20 tag + * 21 type + * 22..23 class + * 24..27 flags + * 28..31 op + */ + +/* parse: + * 0..11 type + * 12..23 unused + * 24..27 flags + * 28..31 op + */ + +#define A1_OP_MASK (0xf0000000) +#define A1_OP_TYPE (0x10000000) +#define A1_OP_TYPE_EXTERN (0x20000000) +#define A1_OP_TAG (0x30000000) +#define A1_OP_PARSE (0x40000000) +#define A1_OP_SEQOF (0x50000000) +#define A1_OP_SETOF (0x60000000) +#define A1_OP_BMEMBER (0x70000000) +#define A1_OP_CHOICE (0x80000000) + +#define A1_FLAG_MASK (0x0f000000) +#define A1_FLAG_OPTIONAL (0x01000000) +#define A1_FLAG_IMPLICIT (0x02000000) + +#define A1_TAG_T(CLASS,TYPE,TAG) ((A1_OP_TAG) | (((CLASS) << 22) | ((TYPE) << 21) | (TAG))) +#define A1_TAG_CLASS(x) (((x) >> 22) & 0x3) +#define A1_TAG_TYPE(x) (((x) >> 21) & 0x1) +#define A1_TAG_TAG(x) ((x) & 0x1fffff) + +#define A1_TAG_LEN(t) ((uintptr_t)(t)->ptr) +#define A1_HEADER_LEN(t) ((uintptr_t)(t)->ptr) + +#define A1_PARSE_T(type) ((A1_OP_PARSE) | (type)) +#define A1_PARSE_TYPE_MASK 0xfff +#define A1_PARSE_TYPE(x) (A1_PARSE_TYPE_MASK & (x)) + +#define A1_PF_INDEFINTE 0x1 +#define A1_PF_ALLOW_BER 0x2 + +#define A1_HF_PRESERVE 0x1 +#define A1_HF_ELLIPSIS 0x2 + +#define A1_HBF_RFC1510 0x1 + + +struct asn1_template { + uint32_t tt; + size_t offset; + const void *ptr; +}; + +typedef int (*asn1_type_decode)(const unsigned char *, size_t, void *, size_t *); +typedef int (*asn1_type_encode)(unsigned char *, size_t, const void *, size_t *); +typedef size_t (*asn1_type_length)(const void *); +typedef void (*asn1_type_release)(void *); +typedef int (*asn1_type_copy)(const void *, void *); + +struct asn1_type_func { + asn1_type_encode encode; + asn1_type_decode decode; + asn1_type_length length; + asn1_type_copy copy; + asn1_type_release release; + size_t size; +}; + +struct template_of { + unsigned int len; + void *val; +}; + +enum template_types { + A1T_IMEMBER = 0, + A1T_HEIM_INTEGER, + A1T_INTEGER, + A1T_UNSIGNED, + A1T_GENERAL_STRING, + A1T_OCTET_STRING, + A1T_OCTET_STRING_BER, + A1T_IA5_STRING, + A1T_BMP_STRING, + A1T_UNIVERSAL_STRING, + A1T_PRINTABLE_STRING, + A1T_VISIBLE_STRING, + A1T_UTF8_STRING, + A1T_GENERALIZED_TIME, + A1T_UTC_TIME, + A1T_HEIM_BIT_STRING, + A1T_BOOLEAN, + A1T_OID, + A1T_TELETEX_STRING, + A1T_NULL +}; + + +#endif diff --git a/lib/asn1/asn1_compile-version.rc b/lib/asn1/asn1_compile-version.rc new file mode 100644 index 000000000000..120fb85c47db --- /dev/null +++ b/lib/asn1/asn1_compile-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "ASN.1 Compiler" +#define RC_FILE_ORIG_0409 "asn1_compile.exe" + +#include "../../windows/version.rc" diff --git a/lib/asn1/asn1_err.et b/lib/asn1/asn1_err.et index c624e218e7cc..ac7a9ebaa527 100644 --- a/lib/asn1/asn1_err.et +++ b/lib/asn1/asn1_err.et @@ -3,7 +3,7 @@ # # This might look like a com_err file, but is not # -id "$Id: asn1_err.et 21394 2007-07-02 10:14:43Z lha $" +id "$Id$" error_table asn1 prefix ASN1 @@ -22,4 +22,8 @@ error_code BAD_CHARACTER, "ASN.1 invalid character in string" error_code MIN_CONSTRAINT, "ASN.1 too few elements" error_code MAX_CONSTRAINT, "ASN.1 too many elements" error_code EXACT_CONSTRAINT, "ASN.1 wrong number of elements" +error_code INDEF_OVERRUN, "ASN.1 BER indefinte encoding overrun" +error_code INDEF_UNDERRUN, "ASN.1 BER indefinte encoding underun" +error_code GOT_BER, "ASN.1 got BER encoded when expected DER" +error_code INDEF_EXTRA_DATA, "ASN.1 EoC tag contained data" end diff --git a/lib/asn1/asn1_gen.c b/lib/asn1/asn1_gen.c index 65b382e6daf0..01dc68051622 100644 --- a/lib/asn1/asn1_gen.c +++ b/lib/asn1/asn1_gen.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" @@ -40,13 +40,13 @@ #include #include -RCSID("$Id: asn1_gen.c 16666 2006-01-30 15:06:03Z lha $"); +RCSID("$Id$"); static int doit(const char *fn) { char buf[2048]; - char *fnout; + char *fnout = NULL; const char *bname; unsigned long line = 0; FILE *f, *fout; @@ -62,8 +62,7 @@ doit(const char *fn) else bname = fn; - asprintf(&fnout, "%s.out", bname); - if (fnout == NULL) + if (asprintf(&fnout, "%s.out", bname) < 0 || fnout == NULL) errx(1, "malloc"); fout = fopen(fnout, "w"); @@ -107,8 +106,8 @@ doit(const char *fn) l = atoi(length); printf("line: %3lu offset: %3lu class: %d type: %d " - "tag: %3d length: %3d %s\n", - line, (unsigned long)offset, c, ty, ta, l, + "tag: %3d length: %3d %s\n", + line, (unsigned long)offset, c, ty, ta, l, data ? "" : ""); ret = der_put_length_and_tag(p + sizeof(p) - 1, sizeof(p), @@ -119,29 +118,29 @@ doit(const char *fn) &sz); if (ret) errx(1, "der_put_length_and_tag: %d", ret); - + if (fwrite(p + sizeof(p) - sz , sz, 1, fout) != 1) err(1, "fwrite length/tag failed"); offset += sz; - + if (data) { size_t datalen; - + datalen = strlen(data) / 2; pdata = emalloc(sz); - + if (hex_decode(data, pdata, datalen) != datalen) errx(1, "failed to decode data"); - + if (fwrite(pdata, datalen, 1, fout) != 1) err(1, "fwrite data failed"); offset += datalen; - + free(pdata); } } printf("line: eof offset: %lu\n", (unsigned long)offset); - + fclose(fout); fclose(f); return 0; diff --git a/lib/asn1/asn1_print.c b/lib/asn1/asn1_print.c index e00bf10c80f4..84446e0d8b98 100644 --- a/lib/asn1/asn1_print.c +++ b/lib/asn1/asn1_print.c @@ -1,34 +1,36 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" @@ -39,9 +41,8 @@ #include #include -RCSID("$Id: asn1_print.c 19539 2006-12-28 17:15:05Z lha $"); - static int indent_flag = 1; +static int inner_flag = 0; static unsigned long indefinite_form_loop; static unsigned long indefinite_form_loop_max = 10000; @@ -151,13 +152,13 @@ loop (unsigned char *buf, size_t len, int indent) ret = der_get_heim_integer(buf, length, &vali, NULL); if (ret) - errx (1, "der_get_heim_integer: %s", + errx (1, "der_get_heim_integer: %s", error_message (ret)); ret = der_print_hex_heim_integer(&vali, &p); if (ret) - errx (1, "der_print_hex_heim_integer: %s", + errx (1, "der_print_hex_heim_integer: %s", error_message (ret)); - printf ("BIG NUM integer: length %lu %s\n", + printf ("BIG NUM integer: length %lu %s\n", (unsigned long)length, p); free(p); } @@ -165,24 +166,70 @@ loop (unsigned char *buf, size_t len, int indent) } case UT_OctetString : { heim_octet_string str; - int i; - unsigned char *uc; + size_t i; ret = der_get_octet_string (buf, length, &str, NULL); if (ret) errx (1, "der_get_octet_string: %s", error_message (ret)); printf ("(length %lu), ", (unsigned long)length); - uc = (unsigned char *)str.data; - for (i = 0; i < min(16,length); ++i) - printf ("%02x", uc[i]); - printf ("\n"); + + if (inner_flag) { + Der_class class; + Der_type type; + unsigned int tag; + + ret = der_get_tag(str.data, str.length, + &class, &type, &tag, &sz); + if (ret || sz > str.length || + type != CONS || tag != UT_Sequence) + goto just_an_octet_string; + + printf("{\n"); + loop (str.data, str.length, indent + 2); + for (i = 0; i < indent; ++i) + printf (" "); + printf ("}\n"); + + } else { + unsigned char *uc; + + just_an_octet_string: + uc = (unsigned char *)str.data; + for (i = 0; i < min(16,length); ++i) + printf ("%02x", uc[i]); + printf ("\n"); + } free (str.data); break; } + case UT_IA5String : + case UT_PrintableString : { + heim_printable_string str; + unsigned char *s; + size_t n; + + memset(&str, 0, sizeof(str)); + + ret = der_get_printable_string (buf, length, &str, NULL); + if (ret) + errx (1, "der_get_general_string: %s", + error_message (ret)); + s = str.data; + printf("\""); + for (n = 0; n < str.length; n++) { + if (isprint((int)s[n])) + printf ("%c", s[n]); + else + printf ("#%02x", s[n]); + } + printf("\"\n"); + der_free_printable_string(&str); + break; + } case UT_GeneralizedTime : case UT_GeneralString : - case UT_PrintableString : - case UT_VisibleString : { + case UT_VisibleString : + case UT_UTF8String : { heim_general_string str; ret = der_get_general_string (buf, length, &str, NULL); @@ -215,7 +262,7 @@ loop (unsigned char *buf, size_t len, int indent) ret = der_get_integer (buf, length, &num, NULL); if (ret) errx (1, "der_get_enum: %s", error_message (ret)); - + printf("%u\n", num); break; } @@ -226,7 +273,7 @@ loop (unsigned char *buf, size_t len, int indent) } if (end_tag) { if (loop_length == 0) - errx(1, "zero length INDEFINITE data ? indent = %d\n", + errx(1, "zero length INDEFINITE data ? indent = %d\n", indent / 2); if (loop_length < length) length = loop_length; @@ -261,7 +308,7 @@ doit (const char *filename) close (fd); ret = loop (buf, len, 0); free (buf); - return 0; + return ret; } @@ -269,6 +316,7 @@ static int version_flag; static int help_flag; struct getargs args[] = { { "indent", 0, arg_negative_flag, &indent_flag }, + { "inner", 0, arg_flag, &inner_flag, "try to parse inner structures of OCTET STRING" }, { "version", 0, arg_flag, &version_flag }, { "help", 0, arg_flag, &help_flag } }; diff --git a/lib/asn1/asn1_queue.h b/lib/asn1/asn1_queue.h index 3659b3859d0d..73eb50f8b825 100644 --- a/lib/asn1/asn1_queue.h +++ b/lib/asn1/asn1_queue.h @@ -1,5 +1,5 @@ /* $NetBSD: queue.h,v 1.38 2004/04/18 14:12:05 lukem Exp $ */ -/* $Id: asn1_queue.h 15617 2005-07-12 06:27:42Z lha $ */ +/* $Id$ */ /* * Copyright (c) 1991, 1993 diff --git a/lib/asn1/parse.c b/lib/asn1/asn1parse.c similarity index 75% rename from lib/asn1/parse.c rename to lib/asn1/asn1parse.c index 9800d54de838..0e04fabf6296 100644 --- a/lib/asn1/parse.c +++ b/lib/asn1/asn1parse.c @@ -248,11 +248,11 @@ /* Copy the first part of user declarations. */ -#line 36 "parse.y" +#line 38 "asn1parse.y" + -#ifdef HAVE_CONFIG_H #include -#endif + #include #include #include @@ -261,7 +261,7 @@ #include "gen_locl.h" #include "der.h" -RCSID("$Id: parse.y 21597 2007-07-16 18:48:58Z lha $"); +RCSID("$Id$"); static Type *new_type (Typetype t); static struct constraint_spec *new_constraint_spec(enum ctype); @@ -276,6 +276,10 @@ struct string_list { struct string_list *next; }; +/* Declarations for Bison */ +#define YYMALLOC malloc +#define YYFREE free + /* Enabling traces. */ @@ -298,7 +302,7 @@ struct string_list { #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE -#line 65 "parse.y" +#line 71 "asn1parse.y" { int constant; struct value *value; @@ -314,7 +318,7 @@ typedef union YYSTYPE struct constraint_spec *constraint_spec; } /* Line 193 of yacc.c. */ -#line 318 "parse.c" +#line 322 "asn1parse.c" YYSTYPE; # define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 @@ -327,7 +331,7 @@ typedef union YYSTYPE /* Line 216 of yacc.c. */ -#line 331 "parse.c" +#line 335 "asn1parse.c" #ifdef short # undef short @@ -542,16 +546,16 @@ union yyalloc /* YYFINAL -- State number of the termination state. */ #define YYFINAL 6 /* YYLAST -- Last index in YYTABLE. */ -#define YYLAST 195 +#define YYLAST 203 /* YYNTOKENS -- Number of terminals. */ #define YYNTOKENS 98 /* YYNNTS -- Number of nonterminals. */ -#define YYNNTS 68 +#define YYNNTS 69 /* YYNRULES -- Number of rules. */ -#define YYNRULES 136 +#define YYNRULES 140 /* YYNRULES -- Number of states. */ -#define YYNSTATES 214 +#define YYNSTATES 220 /* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */ #define YYUNDEFTOK 2 @@ -606,82 +610,85 @@ static const yytype_uint8 yytranslate[] = static const yytype_uint16 yyprhs[] = { 0, 0, 3, 13, 16, 19, 22, 23, 26, 27, - 30, 31, 35, 36, 38, 39, 41, 44, 49, 51, - 54, 56, 58, 62, 64, 68, 70, 72, 74, 76, - 78, 80, 82, 84, 86, 88, 90, 92, 94, 96, - 98, 100, 102, 104, 110, 116, 122, 126, 128, 131, - 136, 138, 142, 146, 151, 156, 158, 161, 167, 170, - 174, 176, 177, 180, 185, 189, 194, 199, 203, 207, - 212, 214, 216, 218, 220, 222, 225, 229, 231, 233, - 235, 238, 242, 248, 253, 257, 262, 263, 265, 267, - 269, 270, 272, 274, 279, 281, 283, 285, 287, 289, - 291, 293, 295, 297, 301, 305, 308, 310, 313, 317, - 319, 323, 328, 330, 331, 335, 336, 339, 344, 346, - 348, 350, 352, 354, 356, 358, 360, 362, 364, 366, - 368, 370, 372, 374, 376, 378, 380 + 31, 32, 36, 37, 39, 40, 42, 45, 50, 54, + 57, 58, 60, 63, 65, 67, 71, 73, 77, 79, + 81, 83, 85, 87, 89, 91, 93, 95, 97, 99, + 101, 103, 105, 107, 109, 111, 113, 119, 125, 131, + 135, 137, 140, 145, 147, 151, 155, 160, 165, 167, + 170, 176, 179, 183, 185, 186, 189, 194, 198, 203, + 208, 212, 216, 221, 223, 225, 227, 229, 231, 234, + 238, 240, 242, 244, 247, 251, 257, 262, 266, 271, + 272, 274, 276, 278, 279, 281, 283, 288, 290, 292, + 294, 296, 298, 300, 302, 304, 306, 308, 312, 316, + 319, 321, 324, 328, 330, 334, 339, 341, 342, 346, + 347, 350, 355, 357, 359, 361, 363, 365, 367, 369, + 371, 373, 375, 377, 379, 381, 383, 385, 387, 389, + 391 }; /* YYRHS -- A `-1'-separated list of the rules' RHS. */ static const yytype_int16 yyrhs[] = { - 99, 0, -1, 86, 151, 21, 100, 101, 84, 8, + 99, 0, -1, 86, 152, 21, 100, 101, 84, 8, 102, 24, -1, 27, 70, -1, 38, 70, -1, 7, - 70, -1, -1, 29, 39, -1, -1, 103, 107, -1, - -1, 40, 104, 90, -1, -1, 105, -1, -1, 106, - -1, 105, 106, -1, 109, 32, 86, 151, -1, 108, - -1, 108, 107, -1, 110, -1, 143, -1, 86, 91, - 109, -1, 86, -1, 86, 84, 111, -1, 112, -1, - 130, -1, 133, -1, 120, -1, 113, -1, 144, -1, - 129, -1, 118, -1, 115, -1, 123, -1, 121, -1, - 122, -1, 125, -1, 126, -1, 127, -1, 128, -1, - 139, -1, 11, -1, 92, 155, 83, 155, 93, -1, - 92, 155, 83, 46, 93, -1, 92, 47, 83, 155, - 93, -1, 92, 155, 93, -1, 43, -1, 43, 114, - -1, 43, 94, 116, 95, -1, 117, -1, 116, 91, - 117, -1, 116, 91, 85, -1, 86, 92, 163, 93, - -1, 25, 94, 119, 95, -1, 116, -1, 9, 67, - -1, 9, 67, 94, 149, 95, -1, 51, 37, -1, - 52, 67, 124, -1, 49, -1, -1, 66, 114, -1, - 64, 94, 146, 95, -1, 64, 94, 95, -1, 64, - 124, 53, 111, -1, 65, 94, 146, 95, -1, 65, - 94, 95, -1, 65, 53, 111, -1, 14, 94, 146, - 95, -1, 131, -1, 132, -1, 86, -1, 34, -1, - 77, -1, 111, 134, -1, 92, 135, 93, -1, 136, - -1, 137, -1, 138, -1, 19, 111, -1, 23, 12, - 155, -1, 19, 111, 23, 12, 155, -1, 18, 12, - 94, 95, -1, 140, 142, 111, -1, 96, 141, 89, - 97, -1, -1, 76, -1, 6, -1, 60, -1, -1, - 27, -1, 38, -1, 86, 111, 84, 155, -1, 145, - -1, 33, -1, 78, -1, 61, -1, 81, -1, 36, - -1, 10, -1, 79, -1, 148, -1, 146, 91, 148, - -1, 146, 91, 85, -1, 86, 111, -1, 147, -1, - 147, 54, -1, 147, 20, 155, -1, 150, -1, 149, - 91, 150, -1, 86, 92, 89, 93, -1, 152, -1, - -1, 94, 153, 95, -1, -1, 154, 153, -1, 86, - 92, 89, 93, -1, 86, -1, 89, -1, 156, -1, - 157, -1, 161, -1, 160, -1, 162, -1, 165, -1, - 164, -1, 158, -1, 159, -1, 86, -1, 88, -1, - 71, -1, 31, -1, 163, -1, 89, -1, 49, -1, - 152, -1 + 70, -1, -1, 29, 39, -1, -1, 107, 103, 108, + -1, -1, 40, 104, 90, -1, -1, 105, -1, -1, + 106, -1, 105, 106, -1, 110, 32, 86, 152, -1, + 28, 110, 90, -1, 28, 5, -1, -1, 109, -1, + 109, 108, -1, 111, -1, 144, -1, 86, 91, 110, + -1, 86, -1, 86, 84, 112, -1, 113, -1, 131, + -1, 134, -1, 121, -1, 114, -1, 145, -1, 130, + -1, 119, -1, 116, -1, 124, -1, 122, -1, 123, + -1, 126, -1, 127, -1, 128, -1, 129, -1, 140, + -1, 11, -1, 92, 156, 83, 156, 93, -1, 92, + 156, 83, 46, 93, -1, 92, 47, 83, 156, 93, + -1, 92, 156, 93, -1, 43, -1, 43, 115, -1, + 43, 94, 117, 95, -1, 118, -1, 117, 91, 118, + -1, 117, 91, 85, -1, 86, 92, 164, 93, -1, + 25, 94, 120, 95, -1, 117, -1, 9, 67, -1, + 9, 67, 94, 150, 95, -1, 51, 37, -1, 52, + 67, 125, -1, 49, -1, -1, 66, 115, -1, 64, + 94, 147, 95, -1, 64, 94, 95, -1, 64, 125, + 53, 112, -1, 65, 94, 147, 95, -1, 65, 94, + 95, -1, 65, 53, 112, -1, 14, 94, 147, 95, + -1, 132, -1, 133, -1, 86, -1, 34, -1, 77, + -1, 112, 135, -1, 92, 136, 93, -1, 137, -1, + 138, -1, 139, -1, 19, 112, -1, 23, 12, 156, + -1, 19, 112, 23, 12, 156, -1, 18, 12, 94, + 95, -1, 141, 143, 112, -1, 96, 142, 89, 97, + -1, -1, 76, -1, 6, -1, 60, -1, -1, 27, + -1, 38, -1, 86, 112, 84, 156, -1, 146, -1, + 33, -1, 73, -1, 78, -1, 61, -1, 81, -1, + 36, -1, 10, -1, 79, -1, 149, -1, 147, 91, + 149, -1, 147, 91, 85, -1, 86, 112, -1, 148, + -1, 148, 54, -1, 148, 20, 156, -1, 151, -1, + 150, 91, 151, -1, 86, 92, 89, 93, -1, 153, + -1, -1, 94, 154, 95, -1, -1, 155, 154, -1, + 86, 92, 89, 93, -1, 86, -1, 89, -1, 157, + -1, 158, -1, 162, -1, 161, -1, 163, -1, 166, + -1, 165, -1, 159, -1, 160, -1, 86, -1, 88, + -1, 71, -1, 31, -1, 164, -1, 89, -1, 49, + -1, 153, -1 }; /* YYRLINE[YYN] -- source line where rule number YYN was defined. */ static const yytype_uint16 yyrline[] = { - 0, 233, 233, 240, 241, 243, 245, 248, 250, 253, - 254, 257, 258, 261, 262, 265, 266, 269, 280, 281, - 284, 285, 288, 294, 302, 312, 313, 314, 317, 318, - 319, 320, 321, 322, 323, 324, 325, 326, 327, 328, - 329, 330, 333, 340, 350, 358, 366, 377, 382, 388, - 396, 402, 407, 411, 424, 432, 435, 442, 450, 456, - 465, 473, 474, 479, 485, 493, 502, 508, 516, 524, - 531, 532, 535, 546, 551, 558, 574, 580, 583, 584, - 587, 593, 601, 611, 617, 630, 639, 642, 646, 650, - 657, 660, 664, 671, 682, 685, 690, 695, 700, 705, - 710, 715, 723, 729, 734, 745, 756, 762, 768, 776, - 782, 789, 802, 803, 806, 813, 816, 827, 831, 842, - 848, 849, 852, 853, 854, 855, 856, 859, 862, 865, - 876, 884, 890, 898, 906, 909, 914 + 0, 239, 239, 246, 247, 249, 251, 254, 256, 259, + 260, 263, 264, 267, 268, 271, 272, 275, 287, 293, + 294, 297, 298, 301, 302, 305, 311, 319, 329, 330, + 331, 334, 335, 336, 337, 338, 339, 340, 341, 342, + 343, 344, 345, 346, 347, 350, 357, 367, 375, 383, + 394, 399, 405, 413, 419, 424, 428, 441, 449, 452, + 459, 467, 473, 482, 490, 491, 496, 502, 510, 519, + 525, 533, 541, 548, 549, 552, 563, 568, 575, 591, + 597, 600, 601, 604, 610, 618, 628, 634, 647, 656, + 659, 663, 667, 674, 677, 681, 688, 699, 702, 707, + 712, 717, 722, 727, 732, 737, 745, 751, 756, 767, + 778, 784, 790, 798, 804, 811, 824, 825, 828, 835, + 838, 849, 853, 864, 870, 871, 874, 875, 876, 877, + 878, 881, 884, 887, 898, 906, 912, 920, 928, 931, + 936 }; #endif @@ -713,19 +720,20 @@ static const char *const yytname[] = "NUMBER", "';'", "','", "'('", "')'", "'{'", "'}'", "'['", "']'", "$accept", "ModuleDefinition", "TagDefault", "ExtensionDefault", "ModuleBody", "Imports", "SymbolsImported", "SymbolsFromModuleList", - "SymbolsFromModule", "AssignmentList", "Assignment", "referencenames", - "TypeAssignment", "Type", "BuiltinType", "BooleanType", "range", - "IntegerType", "NamedNumberList", "NamedNumber", "EnumeratedType", - "Enumerations", "BitStringType", "ObjectIdentifierType", - "OctetStringType", "NullType", "size", "SequenceType", "SequenceOfType", - "SetType", "SetOfType", "ChoiceType", "ReferencedType", "DefinedType", - "UsefulType", "ConstrainedType", "Constraint", "ConstraintSpec", - "GeneralConstraint", "ContentsConstraint", "UserDefinedConstraint", - "TaggedType", "Tag", "Class", "tagenv", "ValueAssignment", - "CharacterStringType", "RestrictedCharactedStringType", - "ComponentTypeList", "NamedType", "ComponentType", "NamedBitList", - "NamedBit", "objid_opt", "objid", "objid_list", "objid_element", "Value", - "BuiltinValue", "ReferencedValue", "DefinedValue", "Valuereference", + "SymbolsFromModule", "Exports", "AssignmentList", "Assignment", + "referencenames", "TypeAssignment", "Type", "BuiltinType", "BooleanType", + "range", "IntegerType", "NamedNumberList", "NamedNumber", + "EnumeratedType", "Enumerations", "BitStringType", + "ObjectIdentifierType", "OctetStringType", "NullType", "size", + "SequenceType", "SequenceOfType", "SetType", "SetOfType", "ChoiceType", + "ReferencedType", "DefinedType", "UsefulType", "ConstrainedType", + "Constraint", "ConstraintSpec", "GeneralConstraint", + "ContentsConstraint", "UserDefinedConstraint", "TaggedType", "Tag", + "Class", "tagenv", "ValueAssignment", "CharacterStringType", + "RestrictedCharactedStringType", "ComponentTypeList", "NamedType", + "ComponentType", "NamedBitList", "NamedBit", "objid_opt", "objid", + "objid_list", "objid_element", "Value", "BuiltinValue", + "ReferencedValue", "DefinedValue", "Valuereference", "CharacterStringValue", "BooleanValue", "IntegerValue", "SignedNumber", "NullValue", "ObjectIdentifierValue", 0 }; @@ -754,37 +762,39 @@ static const yytype_uint8 yyr1[] = { 0, 98, 99, 100, 100, 100, 100, 101, 101, 102, 102, 103, 103, 104, 104, 105, 105, 106, 107, 107, - 108, 108, 109, 109, 110, 111, 111, 111, 112, 112, - 112, 112, 112, 112, 112, 112, 112, 112, 112, 112, - 112, 112, 113, 114, 114, 114, 114, 115, 115, 115, - 116, 116, 116, 117, 118, 119, 120, 120, 121, 122, - 123, 124, 124, 125, 125, 126, 127, 127, 128, 129, - 130, 130, 131, 132, 132, 133, 134, 135, 136, 136, - 137, 137, 137, 138, 139, 140, 141, 141, 141, 141, - 142, 142, 142, 143, 144, 145, 145, 145, 145, 145, - 145, 145, 146, 146, 146, 147, 148, 148, 148, 149, - 149, 150, 151, 151, 152, 153, 153, 154, 154, 154, - 155, 155, 156, 156, 156, 156, 156, 157, 158, 159, - 160, 161, 161, 162, 163, 164, 165 + 107, 108, 108, 109, 109, 110, 110, 111, 112, 112, + 112, 113, 113, 113, 113, 113, 113, 113, 113, 113, + 113, 113, 113, 113, 113, 114, 115, 115, 115, 115, + 116, 116, 116, 117, 117, 117, 118, 119, 120, 121, + 121, 122, 123, 124, 125, 125, 126, 126, 127, 128, + 128, 129, 130, 131, 131, 132, 133, 133, 134, 135, + 136, 137, 137, 138, 138, 138, 139, 140, 141, 142, + 142, 142, 142, 143, 143, 143, 144, 145, 146, 146, + 146, 146, 146, 146, 146, 146, 147, 147, 147, 148, + 149, 149, 149, 150, 150, 151, 152, 152, 153, 154, + 154, 155, 155, 155, 156, 156, 157, 157, 157, 157, + 157, 158, 159, 160, 161, 162, 162, 163, 164, 165, + 166 }; /* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */ static const yytype_uint8 yyr2[] = { - 0, 2, 9, 2, 2, 2, 0, 2, 0, 2, - 0, 3, 0, 1, 0, 1, 2, 4, 1, 2, - 1, 1, 3, 1, 3, 1, 1, 1, 1, 1, + 0, 2, 9, 2, 2, 2, 0, 2, 0, 3, + 0, 3, 0, 1, 0, 1, 2, 4, 3, 2, + 0, 1, 2, 1, 1, 3, 1, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 5, 5, 5, 3, 1, 2, 4, - 1, 3, 3, 4, 4, 1, 2, 5, 2, 3, - 1, 0, 2, 4, 3, 4, 4, 3, 3, 4, - 1, 1, 1, 1, 1, 2, 3, 1, 1, 1, - 2, 3, 5, 4, 3, 4, 0, 1, 1, 1, - 0, 1, 1, 4, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 3, 3, 2, 1, 2, 3, 1, - 3, 4, 1, 0, 3, 0, 2, 4, 1, 1, + 1, 1, 1, 1, 1, 1, 5, 5, 5, 3, + 1, 2, 4, 1, 3, 3, 4, 4, 1, 2, + 5, 2, 3, 1, 0, 2, 4, 3, 4, 4, + 3, 3, 4, 1, 1, 1, 1, 1, 2, 3, + 1, 1, 1, 2, 3, 5, 4, 3, 4, 0, + 1, 1, 1, 0, 1, 1, 4, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 3, 3, 2, + 1, 2, 3, 1, 3, 4, 1, 0, 3, 0, + 2, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1 + 1 }; /* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state @@ -792,162 +802,164 @@ static const yytype_uint8 yyr2[] = means the default is an error. */ static const yytype_uint8 yydefact[] = { - 0, 113, 0, 115, 0, 112, 1, 118, 119, 0, - 115, 6, 0, 114, 116, 0, 0, 0, 8, 0, - 5, 3, 4, 0, 0, 117, 7, 0, 10, 14, - 0, 0, 23, 0, 13, 15, 0, 2, 0, 9, - 18, 20, 21, 0, 11, 16, 0, 0, 100, 42, - 0, 0, 95, 73, 99, 47, 60, 0, 0, 97, - 61, 0, 74, 96, 101, 98, 0, 72, 86, 0, - 25, 29, 33, 32, 28, 35, 36, 34, 37, 38, - 39, 40, 31, 26, 70, 71, 27, 41, 90, 30, - 94, 19, 22, 113, 56, 0, 0, 0, 0, 48, - 58, 61, 0, 0, 0, 0, 0, 24, 88, 89, - 87, 0, 0, 0, 75, 91, 92, 0, 17, 0, - 0, 0, 106, 102, 0, 55, 50, 0, 132, 0, - 135, 131, 129, 130, 134, 136, 0, 120, 121, 127, - 128, 123, 122, 124, 133, 126, 125, 0, 59, 62, - 64, 0, 0, 68, 67, 0, 0, 93, 0, 0, - 0, 0, 77, 78, 79, 84, 0, 0, 109, 105, - 0, 69, 0, 107, 0, 0, 54, 0, 0, 46, - 49, 63, 65, 66, 85, 0, 80, 0, 76, 0, - 0, 57, 104, 103, 108, 0, 52, 51, 0, 0, - 0, 0, 0, 81, 0, 110, 53, 45, 44, 43, - 83, 0, 111, 82 + 0, 117, 0, 119, 0, 116, 1, 122, 123, 0, + 119, 6, 0, 118, 120, 0, 0, 0, 8, 0, + 5, 3, 4, 0, 0, 121, 7, 0, 20, 0, + 0, 12, 19, 26, 0, 2, 14, 0, 0, 18, + 0, 13, 15, 0, 0, 9, 21, 23, 24, 25, + 11, 16, 0, 0, 104, 45, 0, 0, 98, 76, + 103, 50, 63, 0, 0, 101, 64, 0, 99, 77, + 100, 105, 102, 0, 75, 89, 0, 28, 32, 36, + 35, 31, 38, 39, 37, 40, 41, 42, 43, 34, + 29, 73, 74, 30, 44, 93, 33, 97, 22, 117, + 59, 0, 0, 0, 0, 51, 61, 64, 0, 0, + 0, 0, 0, 27, 91, 92, 90, 0, 0, 0, + 78, 94, 95, 0, 17, 0, 0, 0, 110, 106, + 0, 58, 53, 0, 136, 0, 139, 135, 133, 134, + 138, 140, 0, 124, 125, 131, 132, 127, 126, 128, + 137, 130, 129, 0, 62, 65, 67, 0, 0, 71, + 70, 0, 0, 96, 0, 0, 0, 0, 80, 81, + 82, 87, 0, 0, 113, 109, 0, 72, 0, 111, + 0, 0, 57, 0, 0, 49, 52, 66, 68, 69, + 88, 0, 83, 0, 79, 0, 0, 60, 108, 107, + 112, 0, 55, 54, 0, 0, 0, 0, 0, 84, + 0, 114, 56, 48, 47, 46, 86, 0, 115, 85 }; /* YYDEFGOTO[NTERM-NUM]. */ static const yytype_int16 yydefgoto[] = { - -1, 2, 18, 24, 30, 31, 33, 34, 35, 39, - 40, 36, 41, 69, 70, 71, 99, 72, 125, 126, - 73, 127, 74, 75, 76, 77, 104, 78, 79, 80, - 81, 82, 83, 84, 85, 86, 114, 161, 162, 163, - 164, 87, 88, 111, 117, 42, 89, 90, 121, 122, - 123, 167, 168, 4, 135, 9, 10, 136, 137, 138, - 139, 140, 141, 142, 143, 144, 145, 146 + -1, 2, 18, 24, 30, 37, 40, 41, 42, 31, + 45, 46, 43, 47, 76, 77, 78, 105, 79, 131, + 132, 80, 133, 81, 82, 83, 84, 110, 85, 86, + 87, 88, 89, 90, 91, 92, 93, 120, 167, 168, + 169, 170, 94, 95, 117, 123, 48, 96, 97, 127, + 128, 129, 173, 174, 4, 141, 9, 10, 142, 143, + 144, 145, 146, 147, 148, 149, 150, 151, 152 }; /* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing STATE-NUM. */ -#define YYPACT_NINF -113 +#define YYPACT_NINF -119 static const yytype_int16 yypact[] = { - -74, -67, 38, -69, 23, -113, -113, -44, -113, -41, - -69, 4, -26, -113, -113, -3, 1, 10, 52, -10, - -113, -113, -113, 45, 13, -113, -113, 77, -35, 15, - 64, 19, 17, 20, 15, -113, 85, -113, 25, -113, - 19, -113, -113, 15, -113, -113, 27, 47, -113, -113, - 26, 29, -113, -113, -113, -30, -113, 89, 61, -113, - -57, -47, -113, -113, -113, -113, 82, -113, -4, -68, - -113, -113, -113, -113, -113, -113, -113, -113, -113, -113, - -113, -113, -113, -113, -113, -113, -113, -113, -17, -113, - -113, -113, -113, -67, 35, 33, 46, 51, 46, -113, - -113, 69, 44, -73, 88, 82, -72, 56, -113, -113, - -113, 49, 93, 7, -113, -113, -113, 82, -113, 58, - 82, -76, -13, -113, 57, 59, -113, 60, -113, 68, - -113, -113, -113, -113, -113, -113, -75, -113, -113, -113, - -113, -113, -113, -113, -113, -113, -113, -63, -113, -113, - -113, -62, 82, 56, -113, -46, 65, -113, 141, 82, - 142, 63, -113, -113, -113, 56, 66, -38, -113, 56, - -16, -113, 93, -113, 76, -7, -113, 93, 81, -113, - -113, -113, 56, -113, -113, 72, -19, 93, -113, 83, - 58, -113, -113, -113, -113, 78, -113, -113, 80, 84, - 87, 62, 162, -113, 90, -113, -113, -113, -113, -113, - -113, 93, -113, -113 + -43, -56, 47, -65, 29, -119, -119, -31, -119, -25, + -65, 4, -1, -119, -119, 17, 20, 26, 50, 13, + -119, -119, -119, 63, 24, -119, -119, 104, 8, -2, + 89, 74, -119, 33, 25, -119, 34, 39, 34, -119, + 37, 34, -119, 98, 58, -119, 39, -119, -119, -119, + -119, -119, 52, 66, -119, -119, 51, 53, -119, -119, + -119, -79, -119, 109, 81, -119, -60, -48, -119, -119, + -119, -119, -119, 107, -119, 2, -74, -119, -119, -119, + -119, -119, -119, -119, -119, -119, -119, -119, -119, -119, + -119, -119, -119, -119, -119, -18, -119, -119, -119, -56, + 55, 65, 67, -12, 67, -119, -119, 86, 68, -70, + 102, 107, -69, 69, -119, -119, -119, 73, 40, 10, + -119, -119, -119, 107, -119, 71, 107, -47, -13, -119, + 72, 75, -119, 70, -119, 80, -119, -119, -119, -119, + -119, -119, -71, -119, -119, -119, -119, -119, -119, -119, + -119, -119, -119, -46, -119, -119, -119, -39, 107, 69, + -119, -38, 76, -119, 155, 107, 157, 77, -119, -119, + -119, 69, 82, -10, -119, 69, -22, -119, 40, -119, + 87, 19, -119, 40, 9, -119, -119, -119, 69, -119, + -119, 83, -19, 40, -119, 90, 71, -119, -119, -119, + -119, 85, -119, -119, 88, 94, 96, 95, 163, -119, + 99, -119, -119, -119, -119, -119, -119, 40, -119, -119 }; /* YYPGOTO[NTERM-NUM]. */ static const yytype_int16 yypgoto[] = { - -113, -113, -113, -113, -113, -113, -113, -113, 150, 136, - -113, 143, -113, -65, -113, -113, 86, -113, 91, 16, - -113, -113, -113, -113, -113, -113, 92, -113, -113, -113, - -113, -113, -113, -113, -113, -113, -113, -113, -113, -113, - -113, -113, -113, -113, -113, -113, -113, -113, -60, -113, - 22, -113, -5, 97, 2, 184, -113, -112, -113, -113, - -113, -113, -113, -113, -113, 21, -113, -113 + -119, -119, -119, -119, -119, -119, -119, -119, 141, -119, + 137, -119, -15, -119, -72, -119, -119, 91, -119, 92, + 14, -119, -119, -119, -119, -119, -119, 84, -119, -119, + -119, -119, -119, -119, -119, -119, -119, -119, -119, -119, + -119, -119, -119, -119, -119, -119, -119, -119, -119, -82, + -119, 18, -119, 5, 101, 1, 187, -119, -118, -119, + -119, -119, -119, -119, -119, -119, 22, -119, -119 }; /* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If positive, shift that token. If negative, reduce the rule which number is the opposite. If zero, do what YYDEFACT says. If YYTABLE_NINF, syntax error. */ -#define YYTABLE_NINF -13 +#define YYTABLE_NINF -11 static const yytype_int16 yytable[] = { - 157, 107, 108, 5, 202, 29, 105, 172, 178, 102, - 115, 15, 1, 120, 120, 170, 112, 7, 179, 171, - 8, 116, 150, 154, 113, 158, 159, 3, 175, 170, - 160, 16, 180, 181, 47, 48, 49, 103, 6, 50, - 153, 173, 17, 151, 11, 170, 155, 106, 12, 183, - 51, -12, 165, 190, 13, 169, 109, 191, 52, 53, - 194, 54, 97, 19, 98, 198, 200, 20, 55, 192, - 120, 21, 110, 113, 56, 203, 57, 58, 196, 124, - 22, 23, 128, 25, 26, 28, 59, 182, 37, 60, - 61, 47, 48, 49, 186, 5, 50, 27, 129, 213, - 130, 32, 62, 63, 64, 38, 65, 51, 43, 66, - 44, 67, 128, 93, 94, 52, 53, 46, 54, 120, - 95, 68, 131, 96, 128, 55, 100, 199, 101, 119, - 130, 56, 124, 57, 58, 102, 97, 132, 156, 133, - 134, 152, 130, 59, 166, 3, 60, 61, 113, 174, - 175, 177, 131, 185, 187, 176, 188, 210, 189, 62, - 63, 64, 184, 65, 131, 134, 201, 132, 67, 133, - 134, 206, 204, 207, 211, 3, 91, 208, 68, 132, - 209, 133, 134, 212, 45, 205, 92, 3, 149, 147, - 118, 197, 193, 148, 14, 195 + 163, 113, 5, 32, 208, 111, 108, 178, 114, 121, + 118, 15, 184, 103, 34, 104, 126, 126, 119, 134, + 122, 7, 185, 49, 8, 156, 160, 157, 164, 165, + 161, 16, -10, 166, 109, 135, 29, 136, 3, 159, + 134, 179, 17, 1, 176, 181, 112, 6, 177, 186, + 11, 171, 176, 176, 175, 205, 187, 189, 136, 137, + 200, 12, 115, 198, 126, 204, 206, 53, 54, 55, + 13, 134, 56, 119, 138, 209, 139, 140, 116, 23, + 137, 196, 3, 57, 33, 197, 188, 20, 19, 136, + 21, 58, 59, 192, 60, 138, 22, 139, 140, 219, + 5, 61, 26, 3, 202, 130, 25, 62, 27, 63, + 64, 137, 28, 35, 36, 39, 53, 54, 55, 65, + 33, 56, 66, 67, 38, 44, 138, 50, 139, 140, + 52, 68, 57, 100, 3, 69, 70, 71, 99, 72, + 58, 59, 73, 60, 74, 101, 106, 102, 107, 125, + 61, 126, 108, 130, 75, 158, 62, 172, 63, 64, + 103, 119, 162, 183, 180, 182, 181, 191, 65, 193, + 194, 66, 67, 190, 195, 217, 140, 207, 212, 210, + 68, 213, 51, 98, 69, 70, 71, 214, 72, 215, + 216, 154, 218, 74, 199, 203, 153, 14, 0, 155, + 124, 211, 201, 75 }; -static const yytype_uint8 yycheck[] = +static const yytype_int16 yycheck[] = { - 112, 66, 6, 1, 23, 40, 53, 20, 83, 66, - 27, 7, 86, 86, 86, 91, 84, 86, 93, 95, - 89, 38, 95, 95, 92, 18, 19, 94, 91, 91, - 23, 27, 95, 95, 9, 10, 11, 94, 0, 14, - 105, 54, 38, 103, 21, 91, 106, 94, 92, 95, - 25, 86, 117, 91, 95, 120, 60, 95, 33, 34, - 172, 36, 92, 89, 94, 177, 178, 70, 43, 85, - 86, 70, 76, 92, 49, 187, 51, 52, 85, 86, - 70, 29, 31, 93, 39, 8, 61, 152, 24, 64, - 65, 9, 10, 11, 159, 93, 14, 84, 47, 211, - 49, 86, 77, 78, 79, 86, 81, 25, 91, 84, - 90, 86, 31, 86, 67, 33, 34, 32, 36, 86, - 94, 96, 71, 94, 31, 43, 37, 46, 67, 94, - 49, 49, 86, 51, 52, 66, 92, 86, 89, 88, - 89, 53, 49, 61, 86, 94, 64, 65, 92, 92, - 91, 83, 71, 12, 12, 95, 93, 95, 92, 77, - 78, 79, 97, 81, 71, 89, 94, 86, 86, 88, - 89, 93, 89, 93, 12, 94, 40, 93, 96, 86, - 93, 88, 89, 93, 34, 190, 43, 94, 102, 98, - 93, 175, 170, 101, 10, 174 + 118, 73, 1, 5, 23, 53, 66, 20, 6, 27, + 84, 7, 83, 92, 29, 94, 86, 86, 92, 31, + 38, 86, 93, 38, 89, 95, 95, 109, 18, 19, + 112, 27, 24, 23, 94, 47, 28, 49, 94, 111, + 31, 54, 38, 86, 91, 91, 94, 0, 95, 95, + 21, 123, 91, 91, 126, 46, 95, 95, 49, 71, + 178, 92, 60, 85, 86, 183, 184, 9, 10, 11, + 95, 31, 14, 92, 86, 193, 88, 89, 76, 29, + 71, 91, 94, 25, 86, 95, 158, 70, 89, 49, + 70, 33, 34, 165, 36, 86, 70, 88, 89, 217, + 99, 43, 39, 94, 85, 86, 93, 49, 84, 51, + 52, 71, 8, 24, 40, 90, 9, 10, 11, 61, + 86, 14, 64, 65, 91, 86, 86, 90, 88, 89, + 32, 73, 25, 67, 94, 77, 78, 79, 86, 81, + 33, 34, 84, 36, 86, 94, 37, 94, 67, 94, + 43, 86, 66, 86, 96, 53, 49, 86, 51, 52, + 92, 92, 89, 83, 92, 95, 91, 12, 61, 12, + 93, 64, 65, 97, 92, 12, 89, 94, 93, 89, + 73, 93, 41, 46, 77, 78, 79, 93, 81, 93, + 95, 107, 93, 86, 176, 181, 104, 10, -1, 108, + 99, 196, 180, 96 }; /* YYSTOS[STATE-NUM] -- The (internal number of the) accessing symbol of state STATE-NUM. */ static const yytype_uint8 yystos[] = { - 0, 86, 99, 94, 151, 152, 0, 86, 89, 153, - 154, 21, 92, 95, 153, 7, 27, 38, 100, 89, - 70, 70, 70, 29, 101, 93, 39, 84, 8, 40, - 102, 103, 86, 104, 105, 106, 109, 24, 86, 107, - 108, 110, 143, 91, 90, 106, 32, 9, 10, 11, - 14, 25, 33, 34, 36, 43, 49, 51, 52, 61, - 64, 65, 77, 78, 79, 81, 84, 86, 96, 111, - 112, 113, 115, 118, 120, 121, 122, 123, 125, 126, - 127, 128, 129, 130, 131, 132, 133, 139, 140, 144, - 145, 107, 109, 86, 67, 94, 94, 92, 94, 114, - 37, 67, 66, 94, 124, 53, 94, 111, 6, 60, - 76, 141, 84, 92, 134, 27, 38, 142, 151, 94, - 86, 146, 147, 148, 86, 116, 117, 119, 31, 47, - 49, 71, 86, 88, 89, 152, 155, 156, 157, 158, - 159, 160, 161, 162, 163, 164, 165, 116, 124, 114, - 95, 146, 53, 111, 95, 146, 89, 155, 18, 19, - 23, 135, 136, 137, 138, 111, 86, 149, 150, 111, - 91, 95, 20, 54, 92, 91, 95, 83, 83, 93, - 95, 95, 111, 95, 97, 12, 111, 12, 93, 92, - 91, 95, 85, 148, 155, 163, 85, 117, 155, 46, - 155, 94, 23, 155, 89, 150, 93, 93, 93, 93, - 95, 12, 93, 155 + 0, 86, 99, 94, 152, 153, 0, 86, 89, 154, + 155, 21, 92, 95, 154, 7, 27, 38, 100, 89, + 70, 70, 70, 29, 101, 93, 39, 84, 8, 28, + 102, 107, 5, 86, 110, 24, 40, 103, 91, 90, + 104, 105, 106, 110, 86, 108, 109, 111, 144, 110, + 90, 106, 32, 9, 10, 11, 14, 25, 33, 34, + 36, 43, 49, 51, 52, 61, 64, 65, 73, 77, + 78, 79, 81, 84, 86, 96, 112, 113, 114, 116, + 119, 121, 122, 123, 124, 126, 127, 128, 129, 130, + 131, 132, 133, 134, 140, 141, 145, 146, 108, 86, + 67, 94, 94, 92, 94, 115, 37, 67, 66, 94, + 125, 53, 94, 112, 6, 60, 76, 142, 84, 92, + 135, 27, 38, 143, 152, 94, 86, 147, 148, 149, + 86, 117, 118, 120, 31, 47, 49, 71, 86, 88, + 89, 153, 156, 157, 158, 159, 160, 161, 162, 163, + 164, 165, 166, 117, 125, 115, 95, 147, 53, 112, + 95, 147, 89, 156, 18, 19, 23, 136, 137, 138, + 139, 112, 86, 150, 151, 112, 91, 95, 20, 54, + 92, 91, 95, 83, 83, 93, 95, 95, 112, 95, + 97, 12, 112, 12, 93, 92, 91, 95, 85, 149, + 156, 164, 85, 118, 156, 46, 156, 94, 23, 156, + 89, 151, 93, 93, 93, 93, 95, 12, 93, 156 }; #define yyerrok (yyerrstatus = 0) @@ -1762,41 +1774,51 @@ yyparse () switch (yyn) { case 2: -#line 235 "parse.y" +#line 241 "asn1parse.y" { checkundefined(); } break; case 4: -#line 242 "parse.y" - { error_message("implicit tagging is not supported"); } +#line 248 "asn1parse.y" + { lex_error_message("implicit tagging is not supported"); } break; case 5: -#line 244 "parse.y" - { error_message("automatic tagging is not supported"); } +#line 250 "asn1parse.y" + { lex_error_message("automatic tagging is not supported"); } break; case 7: -#line 249 "parse.y" - { error_message("no extensibility options supported"); } +#line 255 "asn1parse.y" + { lex_error_message("no extensibility options supported"); } break; case 17: -#line 270 "parse.y" - { +#line 276 "asn1parse.y" + { struct string_list *sl; for(sl = (yyvsp[(1) - (4)].sl); sl != NULL; sl = sl->next) { Symbol *s = addsym(sl->string); s->stype = Stype; + gen_template_import(s); } add_import((yyvsp[(3) - (4)].name)); } break; - case 22: -#line 289 "parse.y" + case 18: +#line 288 "asn1parse.y" + { + struct string_list *sl; + for(sl = (yyvsp[(2) - (3)].sl); sl != NULL; sl = sl->next) + add_export(sl->string); + } + break; + + case 25: +#line 306 "asn1parse.y" { (yyval.sl) = emalloc(sizeof(*(yyval.sl))); (yyval.sl)->string = (yyvsp[(1) - (3)].name); @@ -1804,8 +1826,8 @@ yyparse () } break; - case 23: -#line 295 "parse.y" + case 26: +#line 312 "asn1parse.y" { (yyval.sl) = emalloc(sizeof(*(yyval.sl))); (yyval.sl)->string = (yyvsp[(1) - (1)].name); @@ -1813,8 +1835,8 @@ yyparse () } break; - case 24: -#line 303 "parse.y" + case 27: +#line 320 "asn1parse.y" { Symbol *s = addsym ((yyvsp[(1) - (3)].name)); s->stype = Stype; @@ -1824,70 +1846,70 @@ yyparse () } break; - case 42: -#line 334 "parse.y" + case 45: +#line 351 "asn1parse.y" { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Boolean, + (yyval.type) = new_tag(ASN1_C_UNIV, UT_Boolean, TE_EXPLICIT, new_type(TBoolean)); } break; - case 43: -#line 341 "parse.y" + case 46: +#line 358 "asn1parse.y" { if((yyvsp[(2) - (5)].value)->type != integervalue) - error_message("Non-integer used in first part of range"); + lex_error_message("Non-integer used in first part of range"); if((yyvsp[(2) - (5)].value)->type != integervalue) - error_message("Non-integer in second part of range"); + lex_error_message("Non-integer in second part of range"); (yyval.range) = ecalloc(1, sizeof(*(yyval.range))); (yyval.range)->min = (yyvsp[(2) - (5)].value)->u.integervalue; (yyval.range)->max = (yyvsp[(4) - (5)].value)->u.integervalue; } break; - case 44: -#line 351 "parse.y" - { + case 47: +#line 368 "asn1parse.y" + { if((yyvsp[(2) - (5)].value)->type != integervalue) - error_message("Non-integer in first part of range"); + lex_error_message("Non-integer in first part of range"); (yyval.range) = ecalloc(1, sizeof(*(yyval.range))); (yyval.range)->min = (yyvsp[(2) - (5)].value)->u.integervalue; (yyval.range)->max = (yyvsp[(2) - (5)].value)->u.integervalue - 1; } break; - case 45: -#line 359 "parse.y" - { + case 48: +#line 376 "asn1parse.y" + { if((yyvsp[(4) - (5)].value)->type != integervalue) - error_message("Non-integer in second part of range"); + lex_error_message("Non-integer in second part of range"); (yyval.range) = ecalloc(1, sizeof(*(yyval.range))); (yyval.range)->min = (yyvsp[(4) - (5)].value)->u.integervalue + 2; (yyval.range)->max = (yyvsp[(4) - (5)].value)->u.integervalue; } break; - case 46: -#line 367 "parse.y" + case 49: +#line 384 "asn1parse.y" { if((yyvsp[(2) - (3)].value)->type != integervalue) - error_message("Non-integer used in limit"); + lex_error_message("Non-integer used in limit"); (yyval.range) = ecalloc(1, sizeof(*(yyval.range))); (yyval.range)->min = (yyvsp[(2) - (3)].value)->u.integervalue; (yyval.range)->max = (yyvsp[(2) - (3)].value)->u.integervalue; } break; - case 47: -#line 378 "parse.y" + case 50: +#line 395 "asn1parse.y" { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Integer, + (yyval.type) = new_tag(ASN1_C_UNIV, UT_Integer, TE_EXPLICIT, new_type(TInteger)); } break; - case 48: -#line 383 "parse.y" + case 51: +#line 400 "asn1parse.y" { (yyval.type) = new_type(TInteger); (yyval.type)->range = (yyvsp[(2) - (2)].range); @@ -1895,8 +1917,8 @@ yyparse () } break; - case 49: -#line 389 "parse.y" + case 52: +#line 406 "asn1parse.y" { (yyval.type) = new_type(TInteger); (yyval.type)->members = (yyvsp[(3) - (4)].members); @@ -1904,8 +1926,8 @@ yyparse () } break; - case 50: -#line 397 "parse.y" + case 53: +#line 414 "asn1parse.y" { (yyval.members) = emalloc(sizeof(*(yyval.members))); ASN1_TAILQ_INIT((yyval.members)); @@ -1913,21 +1935,21 @@ yyparse () } break; - case 51: -#line 403 "parse.y" + case 54: +#line 420 "asn1parse.y" { ASN1_TAILQ_INSERT_TAIL((yyvsp[(1) - (3)].members), (yyvsp[(3) - (3)].member), members); (yyval.members) = (yyvsp[(1) - (3)].members); } break; - case 52: -#line 408 "parse.y" + case 55: +#line 425 "asn1parse.y" { (yyval.members) = (yyvsp[(1) - (3)].members); } break; - case 53: -#line 412 "parse.y" + case 56: +#line 429 "asn1parse.y" { (yyval.member) = emalloc(sizeof(*(yyval.member))); (yyval.member)->name = (yyvsp[(1) - (4)].name); @@ -1940,8 +1962,8 @@ yyparse () } break; - case 54: -#line 425 "parse.y" + case 57: +#line 442 "asn1parse.y" { (yyval.type) = new_type(TInteger); (yyval.type)->members = (yyvsp[(3) - (4)].members); @@ -1949,8 +1971,8 @@ yyparse () } break; - case 56: -#line 436 "parse.y" + case 59: +#line 453 "asn1parse.y" { (yyval.type) = new_type(TBitString); (yyval.type)->members = emalloc(sizeof(*(yyval.type)->members)); @@ -1959,8 +1981,8 @@ yyparse () } break; - case 57: -#line 443 "parse.y" + case 60: +#line 460 "asn1parse.y" { (yyval.type) = new_type(TBitString); (yyval.type)->members = (yyvsp[(4) - (5)].members); @@ -1968,44 +1990,44 @@ yyparse () } break; - case 58: -#line 451 "parse.y" + case 61: +#line 468 "asn1parse.y" { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_OID, + (yyval.type) = new_tag(ASN1_C_UNIV, UT_OID, TE_EXPLICIT, new_type(TOID)); } break; - case 59: -#line 457 "parse.y" + case 62: +#line 474 "asn1parse.y" { Type *t = new_type(TOctetString); t->range = (yyvsp[(3) - (3)].range); - (yyval.type) = new_tag(ASN1_C_UNIV, UT_OctetString, + (yyval.type) = new_tag(ASN1_C_UNIV, UT_OctetString, TE_EXPLICIT, t); } break; - case 60: -#line 466 "parse.y" + case 63: +#line 483 "asn1parse.y" { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Null, + (yyval.type) = new_tag(ASN1_C_UNIV, UT_Null, TE_EXPLICIT, new_type(TNull)); } break; - case 61: -#line 473 "parse.y" + case 64: +#line 490 "asn1parse.y" { (yyval.range) = NULL; } break; - case 62: -#line 475 "parse.y" + case 65: +#line 492 "asn1parse.y" { (yyval.range) = (yyvsp[(2) - (2)].range); } break; - case 63: -#line 480 "parse.y" + case 66: +#line 497 "asn1parse.y" { (yyval.type) = new_type(TSequence); (yyval.type)->members = (yyvsp[(3) - (4)].members); @@ -2013,8 +2035,8 @@ yyparse () } break; - case 64: -#line 486 "parse.y" + case 67: +#line 503 "asn1parse.y" { (yyval.type) = new_type(TSequence); (yyval.type)->members = NULL; @@ -2022,8 +2044,8 @@ yyparse () } break; - case 65: -#line 494 "parse.y" + case 68: +#line 511 "asn1parse.y" { (yyval.type) = new_type(TSequenceOf); (yyval.type)->range = (yyvsp[(2) - (4)].range); @@ -2032,8 +2054,8 @@ yyparse () } break; - case 66: -#line 503 "parse.y" + case 69: +#line 520 "asn1parse.y" { (yyval.type) = new_type(TSet); (yyval.type)->members = (yyvsp[(3) - (4)].members); @@ -2041,8 +2063,8 @@ yyparse () } break; - case 67: -#line 509 "parse.y" + case 70: +#line 526 "asn1parse.y" { (yyval.type) = new_type(TSet); (yyval.type)->members = NULL; @@ -2050,8 +2072,8 @@ yyparse () } break; - case 68: -#line 517 "parse.y" + case 71: +#line 534 "asn1parse.y" { (yyval.type) = new_type(TSetOf); (yyval.type)->subtype = (yyvsp[(3) - (3)].type); @@ -2059,44 +2081,44 @@ yyparse () } break; - case 69: -#line 525 "parse.y" + case 72: +#line 542 "asn1parse.y" { (yyval.type) = new_type(TChoice); (yyval.type)->members = (yyvsp[(3) - (4)].members); } break; - case 72: -#line 536 "parse.y" + case 75: +#line 553 "asn1parse.y" { Symbol *s = addsym((yyvsp[(1) - (1)].name)); (yyval.type) = new_type(TType); if(s->stype != Stype && s->stype != SUndefined) - error_message ("%s is not a type\n", (yyvsp[(1) - (1)].name)); + lex_error_message ("%s is not a type\n", (yyvsp[(1) - (1)].name)); else (yyval.type)->symbol = s; } break; - case 73: -#line 547 "parse.y" + case 76: +#line 564 "asn1parse.y" { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_GeneralizedTime, + (yyval.type) = new_tag(ASN1_C_UNIV, UT_GeneralizedTime, TE_EXPLICIT, new_type(TGeneralizedTime)); } break; - case 74: -#line 552 "parse.y" + case 77: +#line 569 "asn1parse.y" { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_UTCTime, + (yyval.type) = new_tag(ASN1_C_UNIV, UT_UTCTime, TE_EXPLICIT, new_type(TUTCTime)); } break; - case 75: -#line 559 "parse.y" + case 78: +#line 576 "asn1parse.y" { /* if (Constraint.type == contentConstrant) { assert(Constraint.u.constraint.type == octetstring|bitstring-w/o-NamedBitList); // remember to check type reference too @@ -2111,15 +2133,15 @@ yyparse () } break; - case 76: -#line 575 "parse.y" + case 79: +#line 592 "asn1parse.y" { (yyval.constraint_spec) = (yyvsp[(2) - (3)].constraint_spec); } break; - case 80: -#line 588 "parse.y" + case 83: +#line 605 "asn1parse.y" { (yyval.constraint_spec) = new_constraint_spec(CT_CONTENTS); (yyval.constraint_spec)->u.content.type = (yyvsp[(2) - (2)].type); @@ -2127,37 +2149,37 @@ yyparse () } break; - case 81: -#line 594 "parse.y" + case 84: +#line 611 "asn1parse.y" { if ((yyvsp[(3) - (3)].value)->type != objectidentifiervalue) - error_message("Non-OID used in ENCODED BY constraint"); + lex_error_message("Non-OID used in ENCODED BY constraint"); (yyval.constraint_spec) = new_constraint_spec(CT_CONTENTS); (yyval.constraint_spec)->u.content.type = NULL; (yyval.constraint_spec)->u.content.encoding = (yyvsp[(3) - (3)].value); } break; - case 82: -#line 602 "parse.y" + case 85: +#line 619 "asn1parse.y" { if ((yyvsp[(5) - (5)].value)->type != objectidentifiervalue) - error_message("Non-OID used in ENCODED BY constraint"); + lex_error_message("Non-OID used in ENCODED BY constraint"); (yyval.constraint_spec) = new_constraint_spec(CT_CONTENTS); (yyval.constraint_spec)->u.content.type = (yyvsp[(2) - (5)].type); (yyval.constraint_spec)->u.content.encoding = (yyvsp[(5) - (5)].value); } break; - case 83: -#line 612 "parse.y" + case 86: +#line 629 "asn1parse.y" { (yyval.constraint_spec) = new_constraint_spec(CT_USER); } break; - case 84: -#line 618 "parse.y" + case 87: +#line 635 "asn1parse.y" { (yyval.type) = new_type(TTag); (yyval.type)->tag = (yyvsp[(1) - (3)].tag); @@ -2170,8 +2192,8 @@ yyparse () } break; - case 85: -#line 631 "parse.y" + case 88: +#line 648 "asn1parse.y" { (yyval.tag).tagclass = (yyvsp[(2) - (4)].constant); (yyval.tag).tagvalue = (yyvsp[(3) - (4)].constant); @@ -2179,57 +2201,57 @@ yyparse () } break; - case 86: -#line 639 "parse.y" + case 89: +#line 656 "asn1parse.y" { (yyval.constant) = ASN1_C_CONTEXT; } break; - case 87: -#line 643 "parse.y" + case 90: +#line 660 "asn1parse.y" { (yyval.constant) = ASN1_C_UNIV; } break; - case 88: -#line 647 "parse.y" + case 91: +#line 664 "asn1parse.y" { (yyval.constant) = ASN1_C_APPL; } break; - case 89: -#line 651 "parse.y" + case 92: +#line 668 "asn1parse.y" { (yyval.constant) = ASN1_C_PRIVATE; } break; - case 90: -#line 657 "parse.y" + case 93: +#line 674 "asn1parse.y" { (yyval.constant) = TE_EXPLICIT; } break; - case 91: -#line 661 "parse.y" + case 94: +#line 678 "asn1parse.y" { (yyval.constant) = TE_EXPLICIT; } break; - case 92: -#line 665 "parse.y" + case 95: +#line 682 "asn1parse.y" { (yyval.constant) = TE_IMPLICIT; } break; - case 93: -#line 672 "parse.y" + case 96: +#line 689 "asn1parse.y" { Symbol *s; s = addsym ((yyvsp[(1) - (4)].name)); @@ -2240,64 +2262,72 @@ yyparse () } break; - case 95: -#line 686 "parse.y" + case 98: +#line 703 "asn1parse.y" { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_GeneralString, + (yyval.type) = new_tag(ASN1_C_UNIV, UT_GeneralString, TE_EXPLICIT, new_type(TGeneralString)); } break; - case 96: -#line 691 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_UTF8String, - TE_EXPLICIT, new_type(TUTF8String)); - } - break; - - case 97: -#line 696 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_PrintableString, - TE_EXPLICIT, new_type(TPrintableString)); - } - break; - - case 98: -#line 701 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_VisibleString, - TE_EXPLICIT, new_type(TVisibleString)); - } - break; - case 99: -#line 706 "parse.y" +#line 708 "asn1parse.y" { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_IA5String, - TE_EXPLICIT, new_type(TIA5String)); + (yyval.type) = new_tag(ASN1_C_UNIV, UT_TeletexString, + TE_EXPLICIT, new_type(TTeletexString)); } break; case 100: -#line 711 "parse.y" +#line 713 "asn1parse.y" { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_BMPString, - TE_EXPLICIT, new_type(TBMPString)); + (yyval.type) = new_tag(ASN1_C_UNIV, UT_UTF8String, + TE_EXPLICIT, new_type(TUTF8String)); } break; case 101: -#line 716 "parse.y" +#line 718 "asn1parse.y" { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_UniversalString, - TE_EXPLICIT, new_type(TUniversalString)); + (yyval.type) = new_tag(ASN1_C_UNIV, UT_PrintableString, + TE_EXPLICIT, new_type(TPrintableString)); } break; case 102: -#line 724 "parse.y" +#line 723 "asn1parse.y" + { + (yyval.type) = new_tag(ASN1_C_UNIV, UT_VisibleString, + TE_EXPLICIT, new_type(TVisibleString)); + } + break; + + case 103: +#line 728 "asn1parse.y" + { + (yyval.type) = new_tag(ASN1_C_UNIV, UT_IA5String, + TE_EXPLICIT, new_type(TIA5String)); + } + break; + + case 104: +#line 733 "asn1parse.y" + { + (yyval.type) = new_tag(ASN1_C_UNIV, UT_BMPString, + TE_EXPLICIT, new_type(TBMPString)); + } + break; + + case 105: +#line 738 "asn1parse.y" + { + (yyval.type) = new_tag(ASN1_C_UNIV, UT_UniversalString, + TE_EXPLICIT, new_type(TUniversalString)); + } + break; + + case 106: +#line 746 "asn1parse.y" { (yyval.members) = emalloc(sizeof(*(yyval.members))); ASN1_TAILQ_INIT((yyval.members)); @@ -2305,16 +2335,16 @@ yyparse () } break; - case 103: -#line 730 "parse.y" + case 107: +#line 752 "asn1parse.y" { ASN1_TAILQ_INSERT_TAIL((yyvsp[(1) - (3)].members), (yyvsp[(3) - (3)].member), members); (yyval.members) = (yyvsp[(1) - (3)].members); } break; - case 104: -#line 735 "parse.y" + case 108: +#line 757 "asn1parse.y" { struct member *m = ecalloc(1, sizeof(*m)); m->name = estrdup("..."); @@ -2325,8 +2355,8 @@ yyparse () } break; - case 105: -#line 746 "parse.y" + case 109: +#line 768 "asn1parse.y" { (yyval.member) = emalloc(sizeof(*(yyval.member))); (yyval.member)->name = (yyvsp[(1) - (2)].name); @@ -2337,8 +2367,8 @@ yyparse () } break; - case 106: -#line 757 "parse.y" + case 110: +#line 779 "asn1parse.y" { (yyval.member) = (yyvsp[(1) - (1)].member); (yyval.member)->optional = 0; @@ -2346,8 +2376,8 @@ yyparse () } break; - case 107: -#line 763 "parse.y" + case 111: +#line 785 "asn1parse.y" { (yyval.member) = (yyvsp[(1) - (2)].member); (yyval.member)->optional = 1; @@ -2355,8 +2385,8 @@ yyparse () } break; - case 108: -#line 769 "parse.y" + case 112: +#line 791 "asn1parse.y" { (yyval.member) = (yyvsp[(1) - (3)].member); (yyval.member)->optional = 0; @@ -2364,8 +2394,8 @@ yyparse () } break; - case 109: -#line 777 "parse.y" + case 113: +#line 799 "asn1parse.y" { (yyval.members) = emalloc(sizeof(*(yyval.members))); ASN1_TAILQ_INIT((yyval.members)); @@ -2373,16 +2403,16 @@ yyparse () } break; - case 110: -#line 783 "parse.y" + case 114: +#line 805 "asn1parse.y" { ASN1_TAILQ_INSERT_TAIL((yyvsp[(1) - (3)].members), (yyvsp[(3) - (3)].member), members); (yyval.members) = (yyvsp[(1) - (3)].members); } break; - case 111: -#line 790 "parse.y" + case 115: +#line 812 "asn1parse.y" { (yyval.member) = emalloc(sizeof(*(yyval.member))); (yyval.member)->name = (yyvsp[(1) - (4)].name); @@ -2395,27 +2425,27 @@ yyparse () } break; - case 113: -#line 803 "parse.y" + case 117: +#line 825 "asn1parse.y" { (yyval.objid) = NULL; } break; - case 114: -#line 807 "parse.y" + case 118: +#line 829 "asn1parse.y" { (yyval.objid) = (yyvsp[(2) - (3)].objid); } break; - case 115: -#line 813 "parse.y" + case 119: +#line 835 "asn1parse.y" { (yyval.objid) = NULL; } break; - case 116: -#line 817 "parse.y" + case 120: +#line 839 "asn1parse.y" { if ((yyvsp[(2) - (2)].objid)) { (yyval.objid) = (yyvsp[(2) - (2)].objid); @@ -2426,20 +2456,20 @@ yyparse () } break; - case 117: -#line 828 "parse.y" + case 121: +#line 850 "asn1parse.y" { (yyval.objid) = new_objid((yyvsp[(1) - (4)].name), (yyvsp[(3) - (4)].constant)); } break; - case 118: -#line 832 "parse.y" + case 122: +#line 854 "asn1parse.y" { Symbol *s = addsym((yyvsp[(1) - (1)].name)); if(s->stype != SValue || s->value->type != objectidentifiervalue) { - error_message("%s is not an object identifier\n", + lex_error_message("%s is not an object identifier\n", s->name); exit(1); } @@ -2447,27 +2477,27 @@ yyparse () } break; - case 119: -#line 843 "parse.y" + case 123: +#line 865 "asn1parse.y" { (yyval.objid) = new_objid(NULL, (yyvsp[(1) - (1)].constant)); } break; - case 129: -#line 866 "parse.y" + case 133: +#line 888 "asn1parse.y" { Symbol *s = addsym((yyvsp[(1) - (1)].name)); if(s->stype != SValue) - error_message ("%s is not a value\n", + lex_error_message ("%s is not a value\n", s->name); else (yyval.value) = s->value; } break; - case 130: -#line 877 "parse.y" + case 134: +#line 899 "asn1parse.y" { (yyval.value) = emalloc(sizeof(*(yyval.value))); (yyval.value)->type = stringvalue; @@ -2475,8 +2505,8 @@ yyparse () } break; - case 131: -#line 885 "parse.y" + case 135: +#line 907 "asn1parse.y" { (yyval.value) = emalloc(sizeof(*(yyval.value))); (yyval.value)->type = booleanvalue; @@ -2484,8 +2514,8 @@ yyparse () } break; - case 132: -#line 891 "parse.y" + case 136: +#line 913 "asn1parse.y" { (yyval.value) = emalloc(sizeof(*(yyval.value))); (yyval.value)->type = booleanvalue; @@ -2493,8 +2523,8 @@ yyparse () } break; - case 133: -#line 899 "parse.y" + case 137: +#line 921 "asn1parse.y" { (yyval.value) = emalloc(sizeof(*(yyval.value))); (yyval.value)->type = integervalue; @@ -2502,14 +2532,14 @@ yyparse () } break; - case 135: -#line 910 "parse.y" + case 139: +#line 932 "asn1parse.y" { } break; - case 136: -#line 915 "parse.y" + case 140: +#line 937 "asn1parse.y" { (yyval.value) = emalloc(sizeof(*(yyval.value))); (yyval.value)->type = objectidentifiervalue; @@ -2519,7 +2549,7 @@ yyparse () /* Line 1267 of yacc.c. */ -#line 2523 "parse.c" +#line 2553 "asn1parse.c" default: break; } YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); @@ -2733,13 +2763,13 @@ yyparse () } -#line 922 "parse.y" +#line 944 "asn1parse.y" void yyerror (const char *s) { - error_message ("%s\n", s); + lex_error_message ("%s\n", s); } static Type * @@ -2751,7 +2781,7 @@ new_tag(int tagclass, int tagvalue, int tagenv, Type *oldtype) oldtype = oldtype->subtype; /* XXX */ } else t = new_type (TTag); - + t->tag.tagclass = tagclass; t->tag.tagvalue = tagvalue; t->tag.tagenv = tagenv; @@ -2804,7 +2834,8 @@ static void fix_labels1(struct memhead *members, const char *prefix) if(members == NULL) return; ASN1_TAILQ_FOREACH(m, members, members) { - asprintf(&m->label, "%s_%s", prefix, m->gen_name); + if (asprintf(&m->label, "%s_%s", prefix, m->gen_name) < 0) + errx(1, "malloc"); if (m->label == NULL) errx(1, "malloc"); if(m->type != NULL) @@ -2821,9 +2852,8 @@ static void fix_labels2(Type *t, const char *prefix) static void fix_labels(Symbol *s) { - char *p; - asprintf(&p, "choice_%s", s->gen_name); - if (p == NULL) + char *p = NULL; + if (asprintf(&p, "choice_%s", s->gen_name) < 0 || p == NULL) errx(1, "malloc"); fix_labels2(s->type, p); free(p); diff --git a/lib/asn1/parse.h b/lib/asn1/asn1parse.h similarity index 99% rename from lib/asn1/parse.h rename to lib/asn1/asn1parse.h index 45b06c59d5d6..69b7d6dc1a4a 100644 --- a/lib/asn1/parse.h +++ b/lib/asn1/asn1parse.h @@ -222,7 +222,7 @@ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE -#line 65 "parse.y" +#line 71 "asn1parse.y" { int constant; struct value *value; @@ -238,7 +238,7 @@ typedef union YYSTYPE struct constraint_spec *constraint_spec; } /* Line 1529 of yacc.c. */ -#line 242 "parse.h" +#line 242 "asn1parse.h" YYSTYPE; # define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 diff --git a/lib/asn1/parse.y b/lib/asn1/asn1parse.y similarity index 87% rename from lib/asn1/parse.y rename to lib/asn1/asn1parse.y index 772f2b1bc1c3..e3bea6ce0ac9 100644 --- a/lib/asn1/parse.y +++ b/lib/asn1/asn1parse.y @@ -1,42 +1,44 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: parse.y 21597 2007-07-16 18:48:58Z lha $ */ +/* $Id$ */ %{ -#ifdef HAVE_CONFIG_H + #include -#endif + #include #include #include @@ -45,7 +47,7 @@ #include "gen_locl.h" #include "der.h" -RCSID("$Id: parse.y 21597 2007-07-16 18:48:58Z lha $"); +RCSID("$Id$"); static Type *new_type (Typetype t); static struct constraint_spec *new_constraint_spec(enum ctype); @@ -60,6 +62,10 @@ struct string_list { struct string_list *next; }; +/* Declarations for Bison */ +#define YYMALLOC malloc +#define YYFREE free + %} %union { @@ -208,7 +214,7 @@ struct string_list { %type NamedBit %type NamedNumber %type NamedType -%type ComponentTypeList +%type ComponentTypeList %type Enumerations %type NamedBitList %type NamedNumberList @@ -239,18 +245,18 @@ ModuleDefinition: IDENTIFIER objid_opt kw_DEFINITIONS TagDefault ExtensionDefaul TagDefault : kw_EXPLICIT kw_TAGS | kw_IMPLICIT kw_TAGS - { error_message("implicit tagging is not supported"); } + { lex_error_message("implicit tagging is not supported"); } | kw_AUTOMATIC kw_TAGS - { error_message("automatic tagging is not supported"); } + { lex_error_message("automatic tagging is not supported"); } | /* empty */ ; ExtensionDefault: kw_EXTENSIBILITY kw_IMPLIED - { error_message("no extensibility options supported"); } + { lex_error_message("no extensibility options supported"); } | /* empty */ ; -ModuleBody : /* Exports */ Imports AssignmentList +ModuleBody : Exports Imports AssignmentList | /* empty */ ; @@ -267,16 +273,27 @@ SymbolsFromModuleList: SymbolsFromModule ; SymbolsFromModule: referencenames kw_FROM IDENTIFIER objid_opt - { + { struct string_list *sl; for(sl = $1; sl != NULL; sl = sl->next) { Symbol *s = addsym(sl->string); s->stype = Stype; + gen_template_import(s); } add_import($3); } ; +Exports : kw_EXPORTS referencenames ';' + { + struct string_list *sl; + for(sl = $2; sl != NULL; sl = sl->next) + add_export(sl->string); + } + | kw_EXPORTS kw_ALL + | /* empty */ + ; + AssignmentList : Assignment | Assignment AssignmentList ; @@ -332,7 +349,7 @@ BuiltinType : BitStringType BooleanType : kw_BOOLEAN { - $$ = new_tag(ASN1_C_UNIV, UT_Boolean, + $$ = new_tag(ASN1_C_UNIV, UT_Boolean, TE_EXPLICIT, new_type(TBoolean)); } ; @@ -340,25 +357,25 @@ BooleanType : kw_BOOLEAN range : '(' Value RANGE Value ')' { if($2->type != integervalue) - error_message("Non-integer used in first part of range"); + lex_error_message("Non-integer used in first part of range"); if($2->type != integervalue) - error_message("Non-integer in second part of range"); + lex_error_message("Non-integer in second part of range"); $$ = ecalloc(1, sizeof(*$$)); $$->min = $2->u.integervalue; $$->max = $4->u.integervalue; } | '(' Value RANGE kw_MAX ')' - { + { if($2->type != integervalue) - error_message("Non-integer in first part of range"); + lex_error_message("Non-integer in first part of range"); $$ = ecalloc(1, sizeof(*$$)); $$->min = $2->u.integervalue; $$->max = $2->u.integervalue - 1; } | '(' kw_MIN RANGE Value ')' - { + { if($4->type != integervalue) - error_message("Non-integer in second part of range"); + lex_error_message("Non-integer in second part of range"); $$ = ecalloc(1, sizeof(*$$)); $$->min = $4->u.integervalue + 2; $$->max = $4->u.integervalue; @@ -366,7 +383,7 @@ range : '(' Value RANGE Value ')' | '(' Value ')' { if($2->type != integervalue) - error_message("Non-integer used in limit"); + lex_error_message("Non-integer used in limit"); $$ = ecalloc(1, sizeof(*$$)); $$->min = $2->u.integervalue; $$->max = $2->u.integervalue; @@ -376,7 +393,7 @@ range : '(' Value RANGE Value ')' IntegerType : kw_INTEGER { - $$ = new_tag(ASN1_C_UNIV, UT_Integer, + $$ = new_tag(ASN1_C_UNIV, UT_Integer, TE_EXPLICIT, new_type(TInteger)); } | kw_INTEGER range @@ -449,7 +466,7 @@ BitStringType : kw_BIT kw_STRING ObjectIdentifierType: kw_OBJECT kw_IDENTIFIER { - $$ = new_tag(ASN1_C_UNIV, UT_OID, + $$ = new_tag(ASN1_C_UNIV, UT_OID, TE_EXPLICIT, new_type(TOID)); } ; @@ -457,14 +474,14 @@ OctetStringType : kw_OCTET kw_STRING size { Type *t = new_type(TOctetString); t->range = $3; - $$ = new_tag(ASN1_C_UNIV, UT_OctetString, + $$ = new_tag(ASN1_C_UNIV, UT_OctetString, TE_EXPLICIT, t); } ; NullType : kw_NULL { - $$ = new_tag(ASN1_C_UNIV, UT_Null, + $$ = new_tag(ASN1_C_UNIV, UT_Null, TE_EXPLICIT, new_type(TNull)); } ; @@ -537,7 +554,7 @@ DefinedType : IDENTIFIER Symbol *s = addsym($1); $$ = new_type(TType); if(s->stype != Stype && s->stype != SUndefined) - error_message ("%s is not a type\n", $1); + lex_error_message ("%s is not a type\n", $1); else $$->symbol = s; } @@ -545,12 +562,12 @@ DefinedType : IDENTIFIER UsefulType : kw_GeneralizedTime { - $$ = new_tag(ASN1_C_UNIV, UT_GeneralizedTime, + $$ = new_tag(ASN1_C_UNIV, UT_GeneralizedTime, TE_EXPLICIT, new_type(TGeneralizedTime)); } | kw_UTCTime { - $$ = new_tag(ASN1_C_UNIV, UT_UTCTime, + $$ = new_tag(ASN1_C_UNIV, UT_UTCTime, TE_EXPLICIT, new_type(TUTCTime)); } ; @@ -593,7 +610,7 @@ ContentsConstraint: kw_CONTAINING Type | kw_ENCODED kw_BY Value { if ($3->type != objectidentifiervalue) - error_message("Non-OID used in ENCODED BY constraint"); + lex_error_message("Non-OID used in ENCODED BY constraint"); $$ = new_constraint_spec(CT_CONTENTS); $$->u.content.type = NULL; $$->u.content.encoding = $3; @@ -601,7 +618,7 @@ ContentsConstraint: kw_CONTAINING Type | kw_CONTAINING Type kw_ENCODED kw_BY Value { if ($5->type != objectidentifiervalue) - error_message("Non-OID used in ENCODED BY constraint"); + lex_error_message("Non-OID used in ENCODED BY constraint"); $$ = new_constraint_spec(CT_CONTENTS); $$->u.content.type = $2; $$->u.content.encoding = $5; @@ -684,37 +701,42 @@ CharacterStringType: RestrictedCharactedStringType RestrictedCharactedStringType: kw_GeneralString { - $$ = new_tag(ASN1_C_UNIV, UT_GeneralString, + $$ = new_tag(ASN1_C_UNIV, UT_GeneralString, TE_EXPLICIT, new_type(TGeneralString)); } + | kw_TeletexString + { + $$ = new_tag(ASN1_C_UNIV, UT_TeletexString, + TE_EXPLICIT, new_type(TTeletexString)); + } | kw_UTF8String { - $$ = new_tag(ASN1_C_UNIV, UT_UTF8String, + $$ = new_tag(ASN1_C_UNIV, UT_UTF8String, TE_EXPLICIT, new_type(TUTF8String)); } | kw_PrintableString { - $$ = new_tag(ASN1_C_UNIV, UT_PrintableString, + $$ = new_tag(ASN1_C_UNIV, UT_PrintableString, TE_EXPLICIT, new_type(TPrintableString)); } | kw_VisibleString { - $$ = new_tag(ASN1_C_UNIV, UT_VisibleString, + $$ = new_tag(ASN1_C_UNIV, UT_VisibleString, TE_EXPLICIT, new_type(TVisibleString)); } | kw_IA5String { - $$ = new_tag(ASN1_C_UNIV, UT_IA5String, + $$ = new_tag(ASN1_C_UNIV, UT_IA5String, TE_EXPLICIT, new_type(TIA5String)); } | kw_BMPString { - $$ = new_tag(ASN1_C_UNIV, UT_BMPString, + $$ = new_tag(ASN1_C_UNIV, UT_BMPString, TE_EXPLICIT, new_type(TBMPString)); } | kw_UniversalString { - $$ = new_tag(ASN1_C_UNIV, UT_UniversalString, + $$ = new_tag(ASN1_C_UNIV, UT_UniversalString, TE_EXPLICIT, new_type(TUniversalString)); } @@ -833,7 +855,7 @@ objid_element : IDENTIFIER '(' NUMBER ')' Symbol *s = addsym($1); if(s->stype != SValue || s->value->type != objectidentifiervalue) { - error_message("%s is not an object identifier\n", + lex_error_message("%s is not an object identifier\n", s->name); exit(1); } @@ -866,7 +888,7 @@ Valuereference : IDENTIFIER { Symbol *s = addsym($1); if(s->stype != SValue) - error_message ("%s is not a value\n", + lex_error_message ("%s is not a value\n", s->name); else $$ = s->value; @@ -924,7 +946,7 @@ ObjectIdentifierValue: objid void yyerror (const char *s) { - error_message ("%s\n", s); + lex_error_message ("%s\n", s); } static Type * @@ -936,7 +958,7 @@ new_tag(int tagclass, int tagvalue, int tagenv, Type *oldtype) oldtype = oldtype->subtype; /* XXX */ } else t = new_type (TTag); - + t->tag.tagclass = tagclass; t->tag.tagvalue = tagvalue; t->tag.tagenv = tagenv; @@ -989,7 +1011,8 @@ static void fix_labels1(struct memhead *members, const char *prefix) if(members == NULL) return; ASN1_TAILQ_FOREACH(m, members, members) { - asprintf(&m->label, "%s_%s", prefix, m->gen_name); + if (asprintf(&m->label, "%s_%s", prefix, m->gen_name) < 0) + errx(1, "malloc"); if (m->label == NULL) errx(1, "malloc"); if(m->type != NULL) @@ -1006,9 +1029,8 @@ static void fix_labels2(Type *t, const char *prefix) static void fix_labels(Symbol *s) { - char *p; - asprintf(&p, "choice_%s", s->gen_name); - if (p == NULL) + char *p = NULL; + if (asprintf(&p, "choice_%s", s->gen_name) < 0 || p == NULL) errx(1, "malloc"); fix_labels2(s->type, p); free(p); diff --git a/lib/asn1/canthandle.asn1 b/lib/asn1/canthandle.asn1 index 5ba3e3880c2e..a335ee89e348 100644 --- a/lib/asn1/canthandle.asn1 +++ b/lib/asn1/canthandle.asn1 @@ -1,4 +1,4 @@ --- $Id: canthandle.asn1 22071 2007-11-14 20:04:50Z lha $ -- +-- $Id$ -- CANTHANDLE DEFINITIONS ::= BEGIN @@ -7,7 +7,7 @@ CANTHANDLE DEFINITIONS ::= BEGIN -- Code the tag [2] but it should be primitive since KAKA3 is -- Workaround: use the INTEGER type directly -Kaka2 ::= SEQUENCE { +Kaka2 ::= SEQUENCE { kaka2-1 [0] INTEGER } diff --git a/lib/asn1/check-ber.c b/lib/asn1/check-ber.c new file mode 100644 index 000000000000..7b4a49252bac --- /dev/null +++ b/lib/asn1/check-ber.c @@ -0,0 +1,279 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include +#include + + +RCSID("$Id$"); + +static const unsigned char *contentdata = (unsigned char *) + "\x30\x80\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x07\x02\xa0\x80\x30" + "\x80\x02\x01\x03\x31\x0b\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05" + "\x00\x30\x80\x06\x07\x2b\x06\x01\x05\x02\x03\x01\xa0\x80\x24\x80" + "\x04\x40\x30\x3e\xa0\x3c\x30\x3a\xa0\x05\x02\x03\x0e\x03\x86\xa1" + "\x11\x18\x0f\x32\x30\x30\x38\x31\x32\x31\x33\x31\x39\x34\x35\x34" + "\x32\x5a\xa2\x06\x02\x04\xba\xbd\x97\x8a\xa3\x16\x04\x14\x41\x28" + "\x79\xa8\xd0\xe4\xb1\x0f\xb1\xfc\xa6\x0b\x4d\x2b\x85\x3d\xd9\x17" + "\x3f\xdc\x00\x00\x00\x00\x00\x00\xa0\x82\x0b\x6c\x30\x82\x05\x57" + "\x30\x82\x04\x3f\xa0\x03\x02\x01\x02\x02\x03\x47\x3d\x05\x30\x0d" + "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x30\x81\x86" + "\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31\x1d\x30" + "\x1b\x06\x03\x55\x04\x0a\x13\x14\x41\x70\x70\x6c\x65\x20\x43\x6f" + "\x6d\x70\x75\x74\x65\x72\x2c\x20\x49\x6e\x63\x2e\x31\x2d\x30\x2b" + "\x06\x03\x55\x04\x0b\x13\x24\x41\x70\x70\x6c\x65\x20\x43\x6f\x6d" + "\x70\x75\x74\x65\x72\x20\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74" + "\x65\x20\x41\x75\x74\x68\x6f\x72\x69\x74\x79\x31\x29\x30\x27\x06" + "\x03\x55\x04\x03\x13\x20\x41\x70\x70\x6c\x65\x20\x2e\x4d\x61\x63" + "\x20\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x65\x20\x41\x75\x74" + "\x68\x6f\x72\x69\x74\x79\x30\x1e\x17\x0d\x30\x38\x31\x30\x30\x31" + "\x30\x38\x30\x36\x33\x33\x5a\x17\x0d\x30\x39\x31\x30\x30\x32\x30" + "\x38\x30\x36\x33\x33\x5a\x30\x71\x31\x0b\x30\x09\x06\x03\x55\x04" + "\x06\x13\x02\x55\x53\x31\x13\x30\x11\x06\x03\x55\x04\x0a\x13\x0a" + "\x41\x70\x70\x6c\x65\x20\x49\x6e\x63\x2e\x31\x0f\x30\x0d\x06\x03" + "\x55\x04\x0b\x13\x06\x6d\x65\x2e\x63\x6f\x6d\x31\x15\x30\x13\x06" + "\x03\x55\x04\x03\x13\x0c\x62\x69\x74\x63\x6f\x6c\x6c\x65\x63\x74" + "\x6f\x72\x31\x25\x30\x23\x06\x03\x55\x04\x0d\x13\x1c\x4d\x6f\x62" + "\x69\x6c\x65\x4d\x65\x20\x53\x68\x61\x72\x69\x6e\x67\x20\x43\x65" + "\x72\x74\x69\x66\x69\x63\x61\x74\x65\x30\x81\xa3\x30\x0d\x06\x09" + "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x81\x91\x00\x30" + "\x81\x8d\x02\x81\x81\x00\xe1\x15\xd8\xfa\xe9\xc2\xb7\x2e\xf0\xd9" + "\xbe\xdb\x0c\xd8\xcb\xf3\x88\x13\xd7\x22\xf8\x4d\xf4\xb6\x31\x17" + "\xe5\x92\x42\xef\x15\xe4\x5f\x12\x58\x3d\x8d\x0b\xa4\x03\x76\xe0" + "\xd0\xf2\x46\xb4\x4b\x14\x78\x23\x1c\x38\xb0\x99\xff\x36\x6f\x0e" + "\x26\xdf\x76\xd0\x01\x03\x7a\xd9\xcd\x1c\x92\xa6\x10\x5e\xed\x8a" + "\xb0\xfe\x9b\x8c\x96\xb0\x91\x9f\x97\xd0\xf4\x9c\x81\x8e\xbf\xb5" + "\x41\x24\x81\xb0\x1b\xb3\x8c\xd3\x92\x5c\xfd\x2b\x04\x61\xc3\x21" + "\x6c\xa9\xe4\xa0\xfe\xa5\x1c\x76\xfd\xda\x3b\x81\x7c\xa0\x5c\x2c" + "\xf6\x8f\x6e\x74\x52\x35\x02\x07\x01\x00\x01\x00\x01\x00\x01\xa3" + "\x82\x02\x60\x30\x82\x02\x5c\x30\x0c\x06\x03\x55\x1d\x13\x01\x01" + "\xff\x04\x02\x30\x00\x30\x0e\x06\x03\x55\x1d\x0f\x01\x01\xff\x04" + "\x04\x03\x02\x03\x88\x30\x28\x06\x03\x55\x1d\x25\x04\x21\x30\x1f" + "\x06\x08\x2b\x06\x01\x05\x05\x07\x03\x02\x06\x0a\x2a\x86\x48\x86" + "\xf7\x63\x64\x03\x02\x01\x06\x07\x2b\x06\x01\x05\x02\x03\x04\x30" + "\x1d\x06\x03\x55\x1d\x0e\x04\x16\x04\x14\x11\xb3\x15\xb5\xab\x31" + "\xbb\xa5\x48\xee\xd6\x33\xd2\x86\xc3\x0b\x2a\x4c\x5e\x94\x30\x1f" + "\x06\x03\x55\x1d\x23\x04\x18\x30\x16\x80\x14\x7a\x7d\x90\xb1\x30" + "\x59\x08\x92\x91\xf9\x53\xb9\x71\x1d\x35\x33\x67\x34\x8b\xd5\x30" + "\x81\xa5\x06\x08\x2b\x06\x01\x05\x05\x07\x01\x01\x04\x81\x98\x30" + "\x81\x95\x30\x27\x06\x08\x2b\x06\x01\x05\x05\x07\x30\x01\x86\x1b" + "\x68\x74\x74\x70\x3a\x2f\x2f\x63\x65\x72\x74\x69\x6e\x66\x6f\x2e" + "\x6d\x65\x2e\x63\x6f\x6d\x2f\x6f\x63\x73\x70\x30\x44\x06\x08\x2b" + "\x06\x01\x05\x05\x07\x30\x02\x86\x38\x68\x74\x74\x70\x3a\x2f\x2f" + "\x77\x77\x77\x2e\x61\x70\x70\x6c\x65\x2e\x63\x6f\x6d\x2f\x63\x65" + "\x72\x74\x69\x66\x69\x63\x61\x74\x65\x61\x75\x74\x68\x6f\x72\x69" + "\x74\x79\x2f\x63\x61\x73\x69\x67\x6e\x65\x72\x73\x2e\x68\x74\x6d" + "\x6c\x30\x24\x06\x03\x55\x1d\x12\x86\x1d\x68\x74\x74\x70\x3a\x2f" + "\x2f\x63\x65\x72\x74\x69\x6e\x66\x6f\x2e\x6d\x65\x2e\x63\x6f\x6d" + "\x2f\x43\x41\x2e\x63\x65\x72\x30\x82\x01\x28\x06\x03\x55\x1d\x20" + "\x04\x82\x01\x1f\x30\x82\x01\x1b\x30\x82\x01\x17\x06\x09\x2a\x86" + "\x48\x86\xf7\x63\x64\x05\x02\x30\x82\x01\x08\x30\x40\x06\x08\x2b" + "\x06\x01\x05\x05\x07\x02\x01\x16\x34\x68\x74\x74\x70\x3a\x2f\x2f" + "\x77\x77\x77\x2e\x61\x70\x70\x6c\x65\x2e\x63\x6f\x6d\x2f\x63\x65" + "\x72\x74\x69\x66\x69\x63\x61\x74\x65\x61\x75\x74\x68\x6f\x72\x69" + "\x74\x79\x2f\x74\x65\x72\x6d\x73\x2e\x68\x74\x6d\x6c\x30\x81\xc3" + "\x06\x08\x2b\x06\x01\x05\x05\x07\x02\x02\x30\x81\xb6\x1a\x81\xb3" + "\x52\x65\x6c\x69\x61\x6e\x63\x65\x20\x6f\x6e\x20\x74\x68\x69\x73" + "\x20\x63\x65\x72\x74\x69\x66\x69\x63\x61\x74\x65\x20\x62\x79\x20" + "\x61\x6e\x79\x20\x70\x61\x72\x74\x79\x20\x61\x73\x73\x75\x6d\x65" + "\x73\x20\x61\x63\x63\x65\x70\x74\x61\x6e\x63\x65\x20\x6f\x66\x20" + "\x74\x68\x65\x20\x74\x68\x65\x6e\x20\x61\x70\x70\x6c\x69\x63\x61" + "\x62\x6c\x65\x20\x73\x74\x61\x6e\x64\x61\x72\x64\x20\x74\x65\x72" + "\x6d\x73\x20\x61\x6e\x64\x20\x63\x6f\x6e\x64\x69\x74\x69\x6f\x6e" + "\x73\x20\x6f\x66\x20\x75\x73\x65\x2c\x20\x63\x65\x72\x74\x69\x66" + "\x69\x63\x61\x74\x65\x20\x70\x6f\x6c\x69\x63\x79\x20\x61\x6e\x64" + "\x20\x63\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6f\x6e\x20\x70" + "\x72\x61\x63\x74\x69\x63\x65\x20\x73\x74\x61\x74\x65\x6d\x65\x6e" + "\x74\x73\x2e\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05" + "\x05\x00\x03\x82\x01\x01\x00\x39\xb1\x81\xbe\x55\xf1\xb1\xe4\x16" + "\x5d\x7c\x5b\x6a\xe8\xcf\xee\xaa\x87\x91\x81\xf2\x57\x0d\x32\x6c" + "\xc6\x47\xdc\x71\x70\xfa\x7c\x47\x84\x7f\xa5\x69\x1b\x4c\x52\x98" + "\x7f\xc8\x1f\x62\x06\x83\xae\x0a\xef\x55\x29\x35\xb3\xa0\x04\x88" + "\xa6\x45\x0a\xd0\xd7\x4e\x5c\x63\x3e\xe7\xb2\x28\x85\xd3\x01\x56" + "\x2b\x89\xb5\x60\x9a\xa5\x9d\x85\x0d\x76\x9e\xe1\x4a\x54\x8b\x6f" + "\xad\xc4\xc2\x43\x2f\x18\xaa\x18\x1a\x64\x2f\x2e\xe3\xc9\xb8\xa8" + "\xdd\xba\x53\xc4\x18\xcf\x4e\x30\xbf\x06\xa7\xdb\x12\x34\x24\x5c" + "\x71\x60\x2a\xd2\x93\xef\x54\x83\x4e\x5d\xc5\x5f\x00\x8d\x02\x85" + "\xe5\x17\x68\x46\xfa\xd4\x45\x96\x71\xf7\x93\x58\x4d\x83\x6b\x01" + "\xcb\xdb\x7d\x61\x67\x69\xbe\xf1\x4c\x4b\xe2\x3e\xf6\x4e\x62\x77" + "\x26\x86\xc4\x3b\x96\x38\x27\x0b\x02\x0d\x07\xc9\x95\x53\x6d\x03" + "\xff\x61\xfb\x67\x7f\x8a\x2e\x2f\xc5\xff\x5a\xf9\x53\xd8\xb3\xae" + "\xf1\x05\x27\x92\x79\x22\xd5\x55\x6e\xd6\xbf\xdb\x9d\xad\xbf\xbf" + "\x7d\x15\xd8\x1c\x3d\x63\x86\xf1\xf1\x78\xfe\xfb\x62\x06\x8c\xf4" + "\x0f\xa8\x91\xa8\x7c\xef\x51\x96\x09\x52\x68\xec\x09\xdd\xb9\x9a" + "\x62\x49\xac\xbe\x20\x20\x9b\x30\x82\x06\x0d\x30\x82\x04\xf5\xa0" + "\x03\x02\x01\x02\x02\x01\x0f\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7" + "\x0d\x01\x01\x05\x05\x00\x30\x81\x86\x31\x0b\x30\x09\x06\x03\x55" + "\x04\x06\x13\x02\x55\x53\x31\x1d\x30\x1b\x06\x03\x55\x04\x0a\x13" + "\x14\x41\x70\x70\x6c\x65\x20\x43\x6f\x6d\x70\x75\x74\x65\x72\x2c" + "\x20\x49\x6e\x63\x2e\x31\x2d\x30\x2b\x06\x03\x55\x04\x0b\x13\x24" + "\x41\x70\x70\x6c\x65\x20\x43\x6f\x6d\x70\x75\x74\x65\x72\x20\x43" + "\x65\x72\x74\x69\x66\x69\x63\x61\x74\x65\x20\x41\x75\x74\x68\x6f" + "\x72\x69\x74\x79\x31\x29\x30\x27\x06\x03\x55\x04\x03\x13\x20\x41" + "\x70\x70\x6c\x65\x20\x52\x6f\x6f\x74\x20\x43\x65\x72\x74\x69\x66" + "\x69\x63\x61\x74\x65\x20\x41\x75\x74\x68\x6f\x72\x69\x74\x79\x30" + "\x1e\x17\x0d\x30\x35\x30\x32\x31\x30\x32\x30\x33\x38\x32\x37\x5a" + "\x17\x0d\x31\x31\x31\x31\x31\x30\x32\x30\x33\x38\x32\x37\x5a\x30" + "\x81\x86\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31" + "\x1d\x30\x1b\x06\x03\x55\x04\x0a\x13\x14\x41\x70\x70\x6c\x65\x20" + "\x43\x6f\x6d\x70\x75\x74\x65\x72\x2c\x20\x49\x6e\x63\x2e\x31\x2d" + "\x30\x2b\x06\x03\x55\x04\x0b\x13\x24\x41\x70\x70\x6c\x65\x20\x43" + "\x6f\x6d\x70\x75\x74\x65\x72\x20\x43\x65\x72\x74\x69\x66\x69\x63" + "\x61\x74\x65\x20\x41\x75\x74\x68\x6f\x72\x69\x74\x79\x31\x29\x30" + "\x27\x06\x03\x55\x04\x03\x13\x20\x41\x70\x70\x6c\x65\x20\x2e\x4d" + "\x61\x63\x20\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x65\x20\x41" + "\x75\x74\x68\x6f\x72\x69\x74\x79\x30\x82\x01\x22\x30\x0d\x06\x09" + "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x00" + "\x30\x82\x01\x0a\x02\x82\x01\x01\x00\xbb\x73\x84\xb0\x48\x36\x64" + "\xf8\x1f\xa2\x57\x89\xb6\xe2\x71\x3c\x36\x5e\x56\xeb\xdb\x96\x16" + "\x23\x1c\x81\xd0\x14\x2d\xd6\xf0\x4b\x22\x9b\x3f\xb7\x7a\x2c\xa2" + "\xf0\x69\x48\x33\xb7\x9e\xef\x68\xe7\xbc\x30\x07\x73\xbc\x61\xb0" + "\x01\x51\xef\x44\xdf\xdb\x45\x04\x96\x80\x2c\x7b\xe8\x93\x1f\x89" + "\x92\x60\x21\xcd\x34\x55\x00\x66\x31\x03\x01\x01\x44\x25\x94\x0b" + "\x42\x78\xca\x5a\x05\x1e\x77\x73\x24\x75\x6a\xc8\x45\x9c\xef\x2b" + "\x2a\x51\x29\x8f\xeb\x7e\x62\xd7\xfa\xcd\x32\xfd\x31\xe8\xcd\xde" + "\xab\x0d\xb5\xb4\x56\xc2\x68\x51\x09\x0c\x29\xe5\x38\x7b\x50\x68" + "\xbe\x00\x87\x8c\x56\xef\xd3\x1b\xa3\xc9\x6e\xa6\x74\x43\xeb\x83" + "\xd4\x63\x5f\x13\x79\x1e\xf8\x85\xbf\xbf\x73\x69\x36\xc5\x56\x12" + "\x6c\xe4\xee\xaf\x86\xab\x65\xb6\x04\xf0\x5a\x63\x2d\xa3\x31\x6c" + "\xe8\x48\x10\x65\xc0\x74\x45\x0d\x97\x58\x90\x3d\x91\x83\x14\xf2" + "\x6f\xba\xad\x2f\x6c\x41\x6e\x3c\xb7\x8f\x72\x4a\x1d\xf0\xb7\x1a" + "\xc0\xf0\x72\x0b\x3d\x9d\x7a\x8b\x4d\xb0\x33\xb7\x5f\x83\xef\x08" + "\x5b\x5f\x35\x35\x3b\x52\xdf\x30\xb1\x00\x6c\xa6\x3a\x86\xc4\xf4" + "\x7c\xe1\x79\x74\x5f\x0b\x35\xb8\xe1\x02\x03\x01\x00\x01\xa3\x82" + "\x02\x82\x30\x82\x02\x7e\x30\x0e\x06\x03\x55\x1d\x0f\x01\x01\xff" + "\x04\x04\x03\x02\x01\x86\x30\x0f\x06\x03\x55\x1d\x13\x01\x01\xff" + "\x04\x05\x30\x03\x01\x01\xff\x30\x1d\x06\x03\x55\x1d\x0e\x04\x16" + "\x04\x14\x7a\x7d\x90\xb1\x30\x59\x08\x92\x91\xf9\x53\xb9\x71\x1d" + "\x35\x33\x67\x34\x8b\xd5\x30\x1f\x06\x03\x55\x1d\x23\x04\x18\x30" + "\x16\x80\x14\x2b\xd0\x69\x47\x94\x76\x09\xfe\xf4\x6b\x8d\x2e\x40" + "\xa6\xf7\x47\x4d\x7f\x08\x5e\x30\x82\x01\x28\x06\x03\x55\x1d\x20" + "\x04\x82\x01\x1f\x30\x82\x01\x1b\x30\x82\x01\x17\x06\x09\x2a\x86" + "\x48\x86\xf7\x63\x64\x05\x02\x30\x82\x01\x08\x30\x40\x06\x08\x2b" + "\x06\x01\x05\x05\x07\x02\x01\x16\x34\x68\x74\x74\x70\x3a\x2f\x2f" + "\x77\x77\x77\x2e\x61\x70\x70\x6c\x65\x2e\x63\x6f\x6d\x2f\x63\x65" + "\x72\x74\x69\x66\x69\x63\x61\x74\x65\x61\x75\x74\x68\x6f\x72\x69" + "\x74\x79\x2f\x74\x65\x72\x6d\x73\x2e\x68\x74\x6d\x6c\x30\x81\xc3" + "\x06\x08\x2b\x06\x01\x05\x05\x07\x02\x02\x30\x81\xb6\x1a\x81\xb3" + "\x52\x65\x6c\x69\x61\x6e\x63\x65\x20\x6f\x6e\x20\x74\x68\x69\x73" + "\x20\x63\x65\x72\x74\x69\x66\x69\x63\x61\x74\x65\x20\x62\x79\x20" + "\x61\x6e\x79\x20\x70\x61\x72\x74\x79\x20\x61\x73\x73\x75\x6d\x65" + "\x73\x20\x61\x63\x63\x65\x70\x74\x61\x6e\x63\x65\x20\x6f\x66\x20" + "\x74\x68\x65\x20\x74\x68\x65\x6e\x20\x61\x70\x70\x6c\x69\x63\x61" + "\x62\x6c\x65\x20\x73\x74\x61\x6e\x64\x61\x72\x64\x20\x74\x65\x72" + "\x6d\x73\x20\x61\x6e\x64\x20\x63\x6f\x6e\x64\x69\x74\x69\x6f\x6e" + "\x73\x20\x6f\x66\x20\x75\x73\x65\x2c\x20\x63\x65\x72\x74\x69\x66" + "\x69\x63\x61\x74\x65\x20\x70\x6f\x6c\x69\x63\x79\x20\x61\x6e\x64" + "\x20\x63\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6f\x6e\x20\x70" + "\x72\x61\x63\x74\x69\x63\x65\x20\x73\x74\x61\x74\x65\x6d\x65\x6e" + "\x74\x73\x2e\x30\x43\x06\x03\x55\x1d\x1f\x04\x3c\x30\x3a\x30\x38" + "\xa0\x36\xa0\x34\x86\x32\x68\x74\x74\x70\x3a\x2f\x2f\x77\x77\x77" + "\x2e\x61\x70\x70\x6c\x65\x2e\x63\x6f\x6d\x2f\x63\x65\x72\x74\x69" + "\x66\x69\x63\x61\x74\x65\x61\x75\x74\x68\x6f\x72\x69\x74\x79\x2f" + "\x72\x6f\x6f\x74\x2e\x63\x72\x6c\x30\x81\xa9\x06\x08\x2b\x06\x01" + "\x05\x05\x07\x01\x01\x04\x81\x9c\x30\x81\x99\x30\x44\x06\x08\x2b" + "\x06\x01\x05\x05\x07\x30\x02\x86\x38\x68\x74\x74\x70\x3a\x2f\x2f" + "\x77\x77\x77\x2e\x61\x70\x70\x6c\x65\x2e\x63\x6f\x6d\x2f\x63\x65" + "\x72\x74\x69\x66\x69\x63\x61\x74\x65\x61\x75\x74\x68\x6f\x72\x69" + "\x74\x79\x2f\x63\x61\x73\x69\x67\x6e\x65\x72\x73\x2e\x68\x74\x6d" + "\x6c\x30\x51\x06\x03\x55\x1d\x12\x86\x4a\x68\x74\x74\x70\x3a\x2f" + "\x2f\x77\x77\x77\x2e\x61\x70\x70\x6c\x65\x2e\x63\x6f\x6d\x2f\x63" + "\x65\x72\x74\x69\x66\x69\x63\x61\x74\x65\x61\x75\x74\x68\x6f\x72" + "\x69\x74\x79\x2f\x41\x70\x70\x6c\x65\x43\x6f\x6d\x70\x75\x74\x65" + "\x72\x52\x6f\x6f\x74\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x65" + "\x2e\x63\x65\x72\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01" + "\x05\x05\x00\x03\x82\x01\x01\x00\x16\x06\xe5\x56\x65\x44\x7d\xd0" + "\xaa\x99\x29\xe5\xc6\x97\x0b\x02\x43\x25\x88\x8c\x42\xba\xfb\xd6" + "\x5b\xb7\x20\x10\x69\x04\x4e\x91\x81\x08\xec\xf5\x23\x1f\xd2\x6d" + "\x3f\x35\xae\xdb\xff\xb8\xc9\x2b\x4b\x28\x73\xc4\x26\x03\xe1\x92" + "\x5e\xb2\x84\x0d\xa7\x13\xc6\x34\x54\xf1\x49\x1f\xa9\x47\x88\xb1" + "\x40\x9b\xd3\x61\x93\x5b\xcf\xc7\x53\xe7\x9f\x54\x7b\x30\xc6\xb8" + "\x3a\x89\x6f\x06\x09\x45\xa1\x94\x98\xbe\x8b\xea\x25\x7d\x91\x89" + "\xf9\x27\x62\xb9\x5f\x2d\xea\xa9\xe7\x96\x5c\xbe\xe5\x84\x6d\xe8" + "\x50\x27\xb4\xb1\xea\x9f\xf7\x92\x0d\x54\x86\xf0\x37\x31\x47\x0d" + "\x54\xde\x91\xe8\x78\xe8\x61\x27\x7c\xc3\xea\xd0\xfc\x21\xa1\x08" + "\xc8\xe5\x01\x0e\x15\xf5\x61\x60\xce\xff\xbd\x44\xd6\x8a\x1b\x67" + "\xf8\x1f\x82\xe2\xa6\xb3\xfc\x3a\xc7\x30\xae\x93\x89\x29\x2e\x81" + "\x43\x0c\x9b\xd5\x18\xa6\x74\x66\x7d\x1c\x79\xe6\x22\xef\xba\xf8" + "\x23\xb3\xd3\x50\x76\x20\xde\x7a\x93\x91\x40\xcd\x16\xad\x82\x6a" + "\xe6\xe7\x25\xf5\xb3\xbb\x36\x61\x38\x8f\xaf\x36\x5f\x4b\xae\xc1" + "\xc6\x89\x99\xb1\xb1\xd9\xf1\xa3\x51\x50\xa1\x00\x3d\xdd\x16\x89" + "\xcf\x35\x05\x62\xa0\x8b\x48\x0a\x31\x82\x01\x35\x30\x82\x01\x31" + "\x02\x01\x01\x30\x81\x8e\x30\x81\x86\x31\x0b\x30\x09\x06\x03\x55" + "\x04\x06\x13\x02\x55\x53\x31\x1d\x30\x1b\x06\x03\x55\x04\x0a\x13" + "\x14\x41\x70\x70\x6c\x65\x20\x43\x6f\x6d\x70\x75\x74\x65\x72\x2c" + "\x20\x49\x6e\x63\x2e\x31\x2d\x30\x2b\x06\x03\x55\x04\x0b\x13\x24" + "\x41\x70\x70\x6c\x65\x20\x43\x6f\x6d\x70\x75\x74\x65\x72\x20\x43" + "\x65\x72\x74\x69\x66\x69\x63\x61\x74\x65\x20\x41\x75\x74\x68\x6f" + "\x72\x69\x74\x79\x31\x29\x30\x27\x06\x03\x55\x04\x03\x13\x20\x41" + "\x70\x70\x6c\x65\x20\x2e\x4d\x61\x63\x20\x43\x65\x72\x74\x69\x66" + "\x69\x63\x61\x74\x65\x20\x41\x75\x74\x68\x6f\x72\x69\x74\x79\x02" + "\x03\x47\x3d\x05\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x30" + "\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x04\x81" + "\x80\x6d\xba\xa5\x44\x89\x98\x2d\x5e\xc4\xf6\xc0\x1e\x36\x70\x63" + "\x43\xf6\x61\x3c\x0b\x43\x32\x50\x54\x95\x1e\x51\x41\x17\xd2\x7f" + "\x47\x00\x21\x92\x61\xbf\x42\x63\xa4\xc8\x3a\x7f\x8d\x36\xea\xf1" + "\x2d\x9f\x0c\x30\xbc\xe1\x5e\x16\xea\xcc\x01\xdf\xbd\x6b\xc8\xc3" + "\xad\x12\x0e\x6a\x4d\xd5\xad\x15\x41\xcd\xde\xb9\xf9\xf5\xf2\xdc" + "\x65\xaf\x61\x28\x68\x40\x52\x59\xf8\xb8\xa6\xec\xce\xed\x5e\x16" + "\x7b\xbd\x72\x5e\x6a\x6e\x8b\x29\xb2\x97\x22\xe9\x99\xa3\xd6\xa9" + "\x0e\xb3\x5e\xd3\x18\x24\x06\x20\x78\xc8\xa7\xa8\xe7\x76\x3a\x8a" + "\x19\x00\x00\x00\x00\x00\x00"; + +static size_t contentlen = 3367; + + +static int +test_ber(void) +{ + ContentInfo ci; + size_t size; + int ret; + + ret = decode_ContentInfo(contentdata, contentlen, &ci, &size); + if (ret) + return 1; + + return 0; +} + +int +main(int argc, char **argv) +{ + int ret = 0; + + ret += test_ber(); + + return ret; +} diff --git a/lib/asn1/check-common.c b/lib/asn1/check-common.c index adf95f6a9f63..ac96b91b18ea 100644 --- a/lib/asn1/check-common.c +++ b/lib/asn1/check-common.c @@ -1,34 +1,36 @@ /* - * Copyright (c) 1999 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #ifdef HAVE_CONFIG_H @@ -42,9 +44,10 @@ #include #include +#include "asn1-common.h" #include "check-common.h" -RCSID("$Id: check-common.c 18751 2006-10-21 14:49:13Z lha $"); +RCSID("$Id$"); struct map_page { void *start; @@ -57,14 +60,14 @@ struct map_page { /* #undef HAVE_MMAP */ void * -map_alloc(enum map_type type, const void *buf, +map_alloc(enum map_type type, const void *buf, size_t size, struct map_page **map) { #ifndef HAVE_MMAP unsigned char *p; size_t len = size + sizeof(long) * 2; int i; - + *map = ecalloc(1, sizeof(**map)); p = emalloc(len); @@ -136,18 +139,18 @@ map_free(struct map_page *map, const char *test_name, const char *map_name) #ifndef HAVE_MMAP unsigned char *p = map->start; int i; - + for (i = sizeof(long); i > 0; i--) if (p[sizeof(long) - i] != 0xff - i) errx(1, "%s: %s underrun %d\n", test_name, map_name, i); for (i = sizeof(long); i > 0; i--) if (p[map->size - i] != 0xff - i) - errx(1, "%s: %s overrun %lu\n", test_name, map_name, + errx(1, "%s: %s overrun %lu\n", test_name, map_name, (unsigned long)map->size - i); free(map->start); #else int ret; - + ret = munmap (map->start, map->size); if (ret < 0) err (1, "munmap"); @@ -176,7 +179,7 @@ segv_handler(int sig) { int fd; char msg[] = "SIGSEGV i current test: "; - + fd = open("/dev/stdout", O_WRONLY, 0600); if (fd >= 0) { write(fd, msg, sizeof(msg)); @@ -193,11 +196,12 @@ int generic_test (const struct test_case *tests, unsigned ntests, size_t data_size, - int (*encode)(unsigned char *, size_t, void *, size_t *), - int (*length)(void *), - int (*decode)(unsigned char *, size_t, void *, size_t *), - int (*free_data)(void *), - int (*cmp)(void *a, void *b)) + int (ASN1CALL *encode)(unsigned char *, size_t, void *, size_t *), + int (ASN1CALL *length)(void *), + int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *), + int (ASN1CALL *free_data)(void *), + int (*cmp)(void *a, void *b), + int (ASN1CALL *copy)(const void *from, void *to)) { unsigned char *buf, *buf2; int i; @@ -205,16 +209,20 @@ generic_test (const struct test_case *tests, void *data; struct map_page *data_map, *buf_map, *buf2_map; +#ifdef HAVE_SIGACTION struct sigaction sa, osa; +#endif for (i = 0; i < ntests; ++i) { int ret; size_t sz, consumed_sz, length_sz, buf_sz; + void *to = NULL; current_test = tests[i].name; current_state = "init"; +#ifdef HAVE_SIGACTION sigemptyset (&sa.sa_mask); sa.sa_flags = 0; #ifdef SA_RESETHAND @@ -222,6 +230,7 @@ generic_test (const struct test_case *tests, #endif sa.sa_handler = segv_handler; sigaction (SIGSEGV, &sa, &osa); +#endif data = map_alloc(OVERRUN, NULL, data_size, &data_map); @@ -237,8 +246,8 @@ generic_test (const struct test_case *tests, continue; } if (sz != tests[i].byte_len) { - printf ("encoding of %s has wrong len (%lu != %lu)\n", - tests[i].name, + printf ("encoding of %s has wrong len (%lu != %lu)\n", + tests[i].name, (unsigned long)sz, (unsigned long)tests[i].byte_len); ++failures; continue; @@ -261,6 +270,11 @@ generic_test (const struct test_case *tests, printf ("\nactual: "); print_bytes (buf, sz); printf ("\n"); +#if 0 + rk_dumpdata("correct", tests[i].bytes, tests[i].byte_len); + rk_dumpdata("actual", buf, sz); + exit (1); +#endif ++failures; continue; } @@ -276,7 +290,7 @@ generic_test (const struct test_case *tests, } if (sz != consumed_sz) { printf ("different length decoding %s (%ld != %ld)\n", - tests[i].name, + tests[i].name, (unsigned long)sz, (unsigned long)consumed_sz); ++failures; continue; @@ -287,16 +301,42 @@ generic_test (const struct test_case *tests, ++failures; continue; } + + current_state = "copy"; + if (copy) { + to = emalloc(data_size); + ret = (*copy)(data, to); + if (ret != 0) { + printf ("copy of %s failed %d\n", tests[i].name, ret); + ++failures; + continue; + } + + current_state = "cmp-copy"; + if ((*cmp)(data, to) != 0) { + printf ("%s: copy comparison failed\n", tests[i].name); + ++failures; + continue; + } + } + current_state = "free"; - if (free_data) + if (free_data) { (*free_data)(data); + if (to) { + (*free_data)(to); + free(to); + } + } current_state = "free"; map_free(buf_map, tests[i].name, "encode"); map_free(buf2_map, tests[i].name, "decode"); map_free(data_map, tests[i].name, "data"); +#ifdef HAVE_SIGACTION sigaction (SIGSEGV, &osa, NULL); +#endif } current_state = "done"; return failures; @@ -304,7 +344,7 @@ generic_test (const struct test_case *tests, /* * check for failures - * + * * a test size (byte_len) of -1 means that the test tries to trigger a * integer overflow (and later a malloc of to little memory), just * allocate some memory and hope that is enough for that test. @@ -314,7 +354,7 @@ int generic_decode_fail (const struct test_case *tests, unsigned ntests, size_t data_size, - int (*decode)(unsigned char *, size_t, void *, size_t *)) + int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *)) { unsigned char *buf; int i; @@ -322,17 +362,20 @@ generic_decode_fail (const struct test_case *tests, void *data; struct map_page *data_map, *buf_map; +#ifdef HAVE_SIGACTION struct sigaction sa, osa; +#endif for (i = 0; i < ntests; ++i) { int ret; size_t sz; const void *bytes; - + current_test = tests[i].name; current_state = "init"; +#ifdef HAVE_SIGACTION sigemptyset (&sa.sa_mask); sa.sa_flags = 0; #ifdef SA_RESETHAND @@ -340,6 +383,7 @@ generic_decode_fail (const struct test_case *tests, #endif sa.sa_handler = segv_handler; sigaction (SIGSEGV, &sa, &osa); +#endif data = map_alloc(OVERRUN, NULL, data_size, &data_map); @@ -350,7 +394,7 @@ generic_decode_fail (const struct test_case *tests, sz = 4096; bytes = NULL; } - + buf = map_alloc(OVERRUN, bytes, sz, &buf_map); if (tests[i].byte_len == -1) @@ -369,7 +413,9 @@ generic_decode_fail (const struct test_case *tests, map_free(buf_map, tests[i].name, "encode"); map_free(data_map, tests[i].name, "data"); +#ifdef HAVE_SIGACTION sigaction (SIGSEGV, &osa, NULL); +#endif } current_state = "done"; return failures; diff --git a/lib/asn1/check-common.h b/lib/asn1/check-common.h index b1cb647e6ab6..9ecbdbc35ded 100644 --- a/lib/asn1/check-common.h +++ b/lib/asn1/check-common.h @@ -1,34 +1,36 @@ /* - * Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ struct test_case { @@ -38,26 +40,28 @@ struct test_case { char *name; }; -typedef int (*generic_encode)(unsigned char *, size_t, void *, size_t *); -typedef int (*generic_length)(void *); -typedef int (*generic_decode)(unsigned char *, size_t, void *, size_t *); -typedef int (*generic_free)(void *); +typedef int (ASN1CALL *generic_encode)(unsigned char *, size_t, void *, size_t *); +typedef int (ASN1CALL *generic_length)(void *); +typedef int (ASN1CALL *generic_decode)(unsigned char *, size_t, void *, size_t *); +typedef int (ASN1CALL *generic_free)(void *); +typedef int (ASN1CALL *generic_copy)(const void *, void *); int generic_test (const struct test_case *tests, unsigned ntests, size_t data_size, - int (*encode)(unsigned char *, size_t, void *, size_t *), - int (*length)(void *), - int (*decode)(unsigned char *, size_t, void *, size_t *), - int (*free_data)(void *), - int (*cmp)(void *a, void *b)); + int (ASN1CALL *encode)(unsigned char *, size_t, void *, size_t *), + int (ASN1CALL *length)(void *), + int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *), + int (ASN1CALL *free_data)(void *), + int (*cmp)(void *a, void *b), + int (ASN1CALL *copy)(const void *a, void *b)); int generic_decode_fail(const struct test_case *tests, unsigned ntests, size_t data_size, - int (*decode)(unsigned char *, size_t, void *, size_t *)); + int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *)); struct map_page; diff --git a/lib/asn1/check-der.c b/lib/asn1/check-der.c index 9ba260145e1d..fa80a425410f 100644 --- a/lib/asn1/check-der.c +++ b/lib/asn1/check-der.c @@ -1,34 +1,36 @@ /* - * Copyright (c) 1999 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" @@ -41,7 +43,7 @@ #include "check-common.h" -RCSID("$Id: check-der.c 21359 2007-06-27 08:15:41Z lha $"); +RCSID("$Id$"); static int cmp_integer (void *a, void *b) @@ -75,17 +77,19 @@ test_integer (void) for (i = 0; i < ntests; ++i) { tests[i].val = &values[i]; - asprintf (&tests[i].name, "integer %d", values[i]); + if (asprintf (&tests[i].name, "integer %d", values[i]) < 0) + errx(1, "malloc"); if (tests[i].name == NULL) errx(1, "malloc"); } ret = generic_test (tests, ntests, sizeof(int), (generic_encode)der_put_integer, - (generic_length) der_length_integer, - (generic_decode)der_get_integer, - (generic_free)NULL, - cmp_integer); + (generic_length) der_length_integer, + (generic_decode)der_get_integer, + (generic_free)NULL, + cmp_integer, + NULL); for (i = 0; i < ntests; ++i) free (tests[i].name); @@ -190,14 +194,15 @@ test_unsigned (void) {NULL, 4, "\x7f\xff\xff\xff"} }; - unsigned int values[] = {0, 127, 128, 256, 512, 32768, + unsigned int values[] = {0, 127, 128, 256, 512, 32768, 0x80000000, 0x7fffffff}; int i, ret; int ntests = sizeof(tests) / sizeof(*tests); for (i = 0; i < ntests; ++i) { tests[i].val = &values[i]; - asprintf (&tests[i].name, "unsigned %u", values[i]); + if (asprintf (&tests[i].name, "unsigned %u", values[i]) < 0) + errx(1, "malloc"); if (tests[i].name == NULL) errx(1, "malloc"); } @@ -207,8 +212,9 @@ test_unsigned (void) (generic_length)der_length_unsigned, (generic_decode)der_get_unsigned, (generic_free)NULL, - cmp_unsigned); - for (i = 0; i < ntests; ++i) + cmp_unsigned, + NULL); + for (i = 0; i < ntests; ++i) free (tests[i].name); return ret; } @@ -237,7 +243,8 @@ test_octet_string (void) int ret; tests[0].val = &s1; - asprintf (&tests[0].name, "a octet string"); + if (asprintf (&tests[0].name, "a octet string") < 0) + errx(1, "malloc"); if (tests[0].name == NULL) errx(1, "malloc"); @@ -246,7 +253,8 @@ test_octet_string (void) (generic_length)der_length_octet_string, (generic_decode)der_get_octet_string, (generic_free)der_free_octet_string, - cmp_octet_string); + cmp_octet_string, + NULL); free(tests[0].name); return ret; } @@ -277,11 +285,13 @@ test_bmp_string (void) int ret; tests[0].val = &s1; - asprintf (&tests[0].name, "a bmp string"); + if (asprintf (&tests[0].name, "a bmp string") < 0) + errx(1, "malloc"); if (tests[0].name == NULL) errx(1, "malloc"); tests[1].val = &s2; - asprintf (&tests[1].name, "second bmp string"); + if (asprintf (&tests[1].name, "second bmp string") < 0) + errx(1, "malloc"); if (tests[1].name == NULL) errx(1, "malloc"); @@ -290,7 +300,8 @@ test_bmp_string (void) (generic_length)der_length_bmp_string, (generic_decode)der_get_bmp_string, (generic_free)der_free_bmp_string, - cmp_bmp_string); + cmp_bmp_string, + NULL); free(tests[0].name); free(tests[1].name); return ret; @@ -322,11 +333,13 @@ test_universal_string (void) int ret; tests[0].val = &s1; - asprintf (&tests[0].name, "a universal string"); + if (asprintf (&tests[0].name, "a universal string") < 0) + errx(1, "malloc"); if (tests[0].name == NULL) errx(1, "malloc"); tests[1].val = &s2; - asprintf (&tests[1].name, "second universal string"); + if (asprintf (&tests[1].name, "second universal string") < 0) + errx(1, "malloc"); if (tests[1].name == NULL) errx(1, "malloc"); @@ -335,7 +348,8 @@ test_universal_string (void) (generic_length)der_length_universal_string, (generic_decode)der_get_universal_string, (generic_free)der_free_universal_string, - cmp_universal_string); + cmp_universal_string, + NULL); free(tests[0].name); free(tests[1].name); return ret; @@ -361,7 +375,8 @@ test_general_string (void) int ret, ntests = sizeof(tests) / sizeof(*tests); tests[0].val = &s1; - asprintf (&tests[0].name, "the string \"%s\"", s1); + if (asprintf (&tests[0].name, "the string \"%s\"", s1) < 0) + errx(1, "malloc"); if (tests[0].name == NULL) errx(1, "malloc"); @@ -370,7 +385,8 @@ test_general_string (void) (generic_length)der_length_general_string, (generic_decode)der_get_general_string, (generic_free)der_free_general_string, - cmp_general_string); + cmp_general_string, + NULL); free(tests[0].name); return ret; } @@ -397,7 +413,8 @@ test_generalized_time (void) for (i = 0; i < ntests; ++i) { tests[i].val = &values[i]; - asprintf (&tests[i].name, "time %d", (int)values[i]); + if (asprintf (&tests[i].name, "time %d", (int)values[i]) < 0) + errx(1, "malloc"); if (tests[i].name == NULL) errx(1, "malloc"); } @@ -407,7 +424,8 @@ test_generalized_time (void) (generic_length)der_length_generalized_time, (generic_decode)der_get_generalized_time, (generic_free)NULL, - cmp_generalized_time); + cmp_generalized_time, + NULL); for (i = 0; i < ntests; ++i) free(tests[i].name); return ret; @@ -444,7 +462,8 @@ test_oid (void) for (i = 0; i < ntests; ++i) { tests[i].val = &values[i]; - asprintf (&tests[i].name, "oid %d", i); + if (asprintf (&tests[i].name, "oid %d", i) < 0) + errx(1, "malloc"); if (tests[i].name == NULL) errx(1, "malloc"); } @@ -454,7 +473,8 @@ test_oid (void) (generic_length)der_length_oid, (generic_decode)der_get_oid, (generic_free)der_free_oid, - test_cmp_oid); + test_cmp_oid, + NULL); for (i = 0; i < ntests; ++i) free(tests[i].name); return ret; @@ -480,7 +500,8 @@ test_bit_string (void) for (i = 0; i < ntests; ++i) { tests[i].val = &values[i]; - asprintf (&tests[i].name, "bit_string %d", i); + if (asprintf (&tests[i].name, "bit_string %d", i) < 0) + errx(1, "malloc"); if (tests[i].name == NULL) errx(1, "malloc"); } @@ -490,7 +511,8 @@ test_bit_string (void) (generic_length)der_length_bit_string, (generic_decode)der_get_bit_string, (generic_free)der_free_bit_string, - test_cmp_bit_string); + test_cmp_bit_string, + NULL); for (i = 0; i < ntests; ++i) free(tests[i].name); return ret; @@ -531,7 +553,8 @@ test_heim_integer (void) for (i = 0; i < ntests; ++i) { tests[i].val = &values[i]; - asprintf (&tests[i].name, "heim_integer %d", i); + if (asprintf (&tests[i].name, "heim_integer %d", i) < 0) + errx(1, "malloc"); if (tests[i].name == NULL) errx(1, "malloc"); } @@ -541,8 +564,9 @@ test_heim_integer (void) (generic_length)der_length_heim_integer, (generic_decode)der_get_heim_integer, (generic_free)der_free_heim_integer, - test_cmp_heim_integer); - for (i = 0; i < ntests; ++i) + test_cmp_heim_integer, + NULL); + for (i = 0; i < ntests; ++i) free (tests[i].name); if (ret) return ret; @@ -580,7 +604,8 @@ test_boolean (void) for (i = 0; i < ntests; ++i) { tests[i].val = &values[i]; - asprintf (&tests[i].name, "heim_boolean %d", i); + if (asprintf (&tests[i].name, "heim_boolean %d", i) < 0) + errx(1, "malloc"); if (tests[i].name == NULL) errx(1, "malloc"); } @@ -590,8 +615,9 @@ test_boolean (void) (generic_length)der_length_boolean, (generic_decode)der_get_boolean, (generic_free)NULL, - test_cmp_boolean); - for (i = 0; i < ntests; ++i) + test_cmp_boolean, + NULL); + for (i = 0; i < ntests; ++i) free (tests[i].name); if (ret) return ret; @@ -733,7 +759,7 @@ check_fail_oid(void) struct test_case tests[] = { {NULL, 0, "", "empty input data"}, {NULL, 2, "\x00\x80", "last byte continuation" }, - {NULL, 11, "\x00\x81\x80\x80\x80\x80\x80\x80\x80\x80\x00", + {NULL, 11, "\x00\x81\x80\x80\x80\x80\x80\x80\x80\x80\x00", "oid element overflow" } }; int ntests = sizeof(tests) / sizeof(*tests); @@ -808,7 +834,7 @@ test_heim_int_format(void) "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE65381" "FFFFFFFF" "FFFFFFFF"; heim_integer bni = { - 128, + 128, "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xC9\x0F\xDA\xA2" "\x21\x68\xC2\x34\xC4\xC6\x62\x8B\x80\xDC\x1C\xD1" "\x29\x02\x4E\x08\x8A\x67\xCC\x74\x02\x0B\xBE\xA6" @@ -916,7 +942,7 @@ check_trailing_nul(void) { 0, (const unsigned char *)"foo\0", 4, "foo", 4 }, { 0, (const unsigned char *)"foo", 3, "foo", 3 } }; - + for (i = 0; i < sizeof(foo)/sizeof(foo[0]); i++) { char *s; size_t size; @@ -1024,7 +1050,7 @@ corner_tag(void) int ok; const char *ptr; size_t len; - } tests[] = { + } tests[] = { { 1, "\x00", 1 }, { 0, "\xff", 1 }, { 0, "\xff\xff\xff\xff\xff\xff\xff\xff", 8 } @@ -1036,7 +1062,7 @@ corner_tag(void) size_t size; for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { - ret = der_get_tag((const unsigned char*)tests[i].ptr, + ret = der_get_tag((const unsigned char*)tests[i].ptr, tests[i].len, &cl, &ty, &tag, &size); if (ret) { if (tests[i].ok) diff --git a/lib/asn1/check-gen.c b/lib/asn1/check-gen.c index a18a21d087e5..e686f166cfa0 100644 --- a/lib/asn1/check-gen.c +++ b/lib/asn1/check-gen.c @@ -1,34 +1,36 @@ /* - * Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #ifdef HAVE_CONFIG_H @@ -49,7 +51,7 @@ #include "check-common.h" -RCSID("$Id: check-gen.c 21539 2007-07-14 16:12:04Z lha $"); +RCSID("$Id$"); static char *lha_principal[] = { "lha" }; static char *lharoot_princ[] = { "lha", "root" }; @@ -67,6 +69,8 @@ static char *nada_tgt_principal[] = { "krbtgt", "NADA.KTH.SE" }; do { if (strcmp((ac)->e, (bc)->e) != 0) return 1; } while(0) #define COMPARE_INTEGER(ac,bc,e) \ do { if ((ac)->e != (bc)->e) return 1; } while(0) +#define COMPARE_OPT_INTEGER(ac,bc,e) \ + do { if (*(ac)->e != *(bc)->e) return 1; } while(0) #define COMPARE_MEM(ac,bc,e,len) \ do { if (memcmp((ac)->e, (bc)->e,len) != 0) return 1; } while(0) @@ -92,7 +96,7 @@ test_principal (void) { struct test_case tests[] = { - { NULL, 29, + { NULL, 29, "\x30\x1b\xa0\x10\x30\x0e\xa0\x03\x02\x01\x01\xa1\x07\x30\x05\x1b" "\x03\x6c\x68\x61\xa1\x07\x1b\x05\x53\x55\x2e\x53\x45" }, @@ -101,7 +105,7 @@ test_principal (void) "\x03\x6c\x68\x61\x1b\x04\x72\x6f\x6f\x74\xa1\x07\x1b\x05\x53\x55" "\x2e\x53\x45" }, - { NULL, 54, + { NULL, 54, "\x30\x34\xa0\x26\x30\x24\xa0\x03\x02\x01\x03\xa1\x1d\x30\x1b\x1b" "\x04\x68\x6f\x73\x74\x1b\x13\x6e\x75\x74\x63\x72\x61\x63\x6b\x65" "\x72\x2e\x65\x2e\x6b\x74\x68\x2e\x73\x65\xa1\x0a\x1b\x08\x45\x2e" @@ -110,7 +114,7 @@ test_principal (void) }; - Principal values[] = { + Principal values[] = { { { KRB5_NT_PRINCIPAL, { 1, lha_principal } }, "SU.SE" }, { { KRB5_NT_PRINCIPAL, { 2, lharoot_princ } }, "SU.SE" }, { { KRB5_NT_SRV_HST, { 2, datan_princ } }, "E.KTH.SE" } @@ -120,7 +124,10 @@ test_principal (void) for (i = 0; i < ntests; ++i) { tests[i].val = &values[i]; - asprintf (&tests[i].name, "Principal %d", i); + if (asprintf (&tests[i].name, "Principal %d", i) < 0) + errx(1, "malloc"); + if (tests[i].name == NULL) + errx(1, "malloc"); } ret = generic_test (tests, ntests, sizeof(Principal), @@ -128,7 +135,8 @@ test_principal (void) (generic_length)length_Principal, (generic_decode)decode_Principal, (generic_free)free_Principal, - cmp_principal); + cmp_principal, + NULL); for (i = 0; i < ntests; ++i) free (tests[i].name); @@ -158,14 +166,14 @@ static int test_authenticator (void) { struct test_case tests[] = { - { NULL, 63, + { NULL, 63, "\x62\x3d\x30\x3b\xa0\x03\x02\x01\x05\xa1\x0a\x1b\x08" "\x45\x2e\x4b\x54\x48\x2e\x53\x45\xa2\x10\x30\x0e\xa0" "\x03\x02\x01\x01\xa1\x07\x30\x05\x1b\x03\x6c\x68\x61" "\xa4\x03\x02\x01\x0a\xa5\x11\x18\x0f\x31\x39\x37\x30" "\x30\x31\x30\x31\x30\x30\x30\x31\x33\x39\x5a" }, - { NULL, 67, + { NULL, 67, "\x62\x41\x30\x3f\xa0\x03\x02\x01\x05\xa1\x07\x1b\x05" "\x53\x55\x2e\x53\x45\xa2\x16\x30\x14\xa0\x03\x02\x01" "\x01\xa1\x0d\x30\x0b\x1b\x03\x6c\x68\x61\x1b\x04\x72" @@ -186,7 +194,10 @@ test_authenticator (void) for (i = 0; i < ntests; ++i) { tests[i].val = &values[i]; - asprintf (&tests[i].name, "Authenticator %d", i); + if (asprintf (&tests[i].name, "Authenticator %d", i) < 0) + errx(1, "malloc"); + if (tests[i].name == NULL) + errx(1, "malloc"); } ret = generic_test (tests, ntests, sizeof(Authenticator), @@ -194,7 +205,8 @@ test_authenticator (void) (generic_length)length_Authenticator, (generic_decode)decode_Authenticator, (generic_free)free_Authenticator, - cmp_authenticator); + cmp_authenticator, + (generic_copy)copy_Authenticator); for (i = 0; i < ntests; ++i) free(tests[i].name); @@ -249,7 +261,7 @@ static int test_krb_error (void) { struct test_case tests[] = { - { NULL, 127, + { NULL, 127, "\x7e\x7d\x30\x7b\xa0\x03\x02\x01\x05\xa1\x03\x02\x01\x1e\xa4\x11" "\x18\x0f\x32\x30\x30\x33\x31\x31\x32\x34\x30\x30\x31\x31\x31\x39" "\x5a\xa5\x05\x02\x03\x04\xed\xa5\xa6\x03\x02\x01\x1f\xa7\x0d\x1b" @@ -288,7 +300,8 @@ test_krb_error (void) (generic_length)length_KRB_ERROR, (generic_decode)decode_KRB_ERROR, (generic_free)free_KRB_ERROR, - cmp_KRB_ERROR); + cmp_KRB_ERROR, + (generic_copy)copy_KRB_ERROR); } static int @@ -306,13 +319,13 @@ static int test_Name (void) { struct test_case tests[] = { - { NULL, 35, + { NULL, 35, "\x30\x21\x31\x1f\x30\x0b\x06\x03\x55\x04\x03\x13\x04\x4c\x6f\x76" "\x65\x30\x10\x06\x03\x55\x04\x07\x13\x09\x53\x54\x4f\x43\x4b\x48" "\x4f\x4c\x4d", "Name CN=Love+L=STOCKHOLM" }, - { NULL, 35, + { NULL, 35, "\x30\x21\x31\x1f\x30\x0b\x06\x03\x55\x04\x03\x13\x04\x4c\x6f\x76" "\x65\x30\x10\x06\x03\x55\x04\x07\x13\x09\x53\x54\x4f\x43\x4b\x48" "\x4f\x4c\x4d", @@ -339,12 +352,14 @@ test_Name (void) atv1[0].type.length = sizeof(cmp_CN)/sizeof(cmp_CN[0]); atv1[0].type.components = cmp_CN; atv1[0].value.element = choice_DirectoryString_printableString; - atv1[0].value.u.printableString = "Love"; + atv1[0].value.u.printableString.data = "Love"; + atv1[0].value.u.printableString.length = 4; atv1[1].type.length = sizeof(cmp_L)/sizeof(cmp_L[0]); atv1[1].type.components = cmp_L; atv1[1].value.element = choice_DirectoryString_printableString; - atv1[1].value.u.printableString = "STOCKHOLM"; + atv1[1].value.u.printableString.data = "STOCKHOLM"; + atv1[1].value.u.printableString.length = 9; /* n2 */ n2.element = choice_Name_rdnSequence; @@ -356,12 +371,14 @@ test_Name (void) atv2[0].type.length = sizeof(cmp_L)/sizeof(cmp_L[0]); atv2[0].type.components = cmp_L; atv2[0].value.element = choice_DirectoryString_printableString; - atv2[0].value.u.printableString = "STOCKHOLM"; + atv2[0].value.u.printableString.data = "STOCKHOLM"; + atv2[0].value.u.printableString.length = 9; atv2[1].type.length = sizeof(cmp_CN)/sizeof(cmp_CN[0]); atv2[1].type.components = cmp_CN; atv2[1].value.element = choice_DirectoryString_printableString; - atv2[1].value.u.printableString = "Love"; + atv2[1].value.u.printableString.data = "Love"; + atv2[1].value.u.printableString.length = 4; /* */ tests[0].val = &n1; @@ -372,7 +389,8 @@ test_Name (void) (generic_length)length_Name, (generic_decode)decode_Name, (generic_free)free_Name, - cmp_Name); + cmp_Name, + (generic_copy)copy_Name); } static int @@ -431,9 +449,226 @@ test_bit_string (void) (generic_length)length_KeyUsage, (generic_decode)decode_KeyUsage, (generic_free)free_KeyUsage, - cmp_KeyUsage); + cmp_KeyUsage, + (generic_copy)copy_KeyUsage); } +static int +cmp_TicketFlags (void *a, void *b) +{ + TicketFlags *aa = a; + TicketFlags *ab = b; + + return TicketFlags2int(*aa) != TicketFlags2int(*ab); +} + +static int +test_bit_string_rfc1510 (void) +{ + struct test_case tests[] = { + { NULL, 7, + "\x03\x05\x00\x80\x00\x00\x00", + "TF bitstring 1" + }, + { NULL, 7, + "\x03\x05\x00\x40\x20\x00\x00", + "TF bitstring 2" + }, + { NULL, 7, + "\x03\x05\x00\x00\x20\x00\x00", + "TF bitstring 3" + }, + { NULL, 7, + "\x03\x05\x00\x00\x00\x00\x00", + "TF bitstring 4" + } + }; + + int ntests = sizeof(tests) / sizeof(*tests); + TicketFlags tf1, tf2, tf3, tf4; + + memset(&tf1, 0, sizeof(tf1)); + tf1.reserved = 1; + tests[0].val = &tf1; + + memset(&tf2, 0, sizeof(tf2)); + tf2.forwardable = 1; + tf2.pre_authent = 1; + tests[1].val = &tf2; + + memset(&tf3, 0, sizeof(tf3)); + tf3.pre_authent = 1; + tests[2].val = &tf3; + + memset(&tf4, 0, sizeof(tf4)); + tests[3].val = &tf4; + + + return generic_test (tests, ntests, sizeof(TicketFlags), + (generic_encode)encode_TicketFlags, + (generic_length)length_TicketFlags, + (generic_decode)decode_TicketFlags, + (generic_free)free_TicketFlags, + cmp_TicketFlags, + (generic_copy)copy_TicketFlags); +} + +static int +cmp_KerberosTime (void *a, void *b) +{ + KerberosTime *aa = a; + KerberosTime *ab = b; + + return *aa != *ab; +} + +static int +test_time (void) +{ + struct test_case tests[] = { + { NULL, 17, + "\x18\x0f\x31\x39\x37\x30\x30\x31\x30\x31\x30\x31\x31\x38\x33\x31" + "\x5a", + "time 1" }, + { NULL, 17, + "\x18\x0f\x32\x30\x30\x39\x30\x35\x32\x34\x30\x32\x30\x32\x34\x30" + "\x5a" + "time 2" } + }; + + int ntests = sizeof(tests) / sizeof(*tests); + KerberosTime times[] = { + 4711, + 1243130560 + }; + + tests[0].val = ×[0]; + tests[1].val = ×[1]; + + return generic_test (tests, ntests, sizeof(KerberosTime), + (generic_encode)encode_KerberosTime, + (generic_length)length_KerberosTime, + (generic_decode)decode_KerberosTime, + (generic_free)free_KerberosTime, + cmp_KerberosTime, + (generic_copy)copy_KerberosTime); +} + +struct { + const char *cert; + size_t len; +} certs[] = { + { + "\x30\x82\x02\x6c\x30\x82\x01\xd5\xa0\x03\x02\x01\x02\x02\x09\x00" + "\x99\x32\xde\x61\x0e\x40\x19\x8a\x30\x0d\x06\x09\x2a\x86\x48\x86" + "\xf7\x0d\x01\x01\x05\x05\x00\x30\x2a\x31\x1b\x30\x19\x06\x03\x55" + "\x04\x03\x0c\x12\x68\x78\x35\x30\x39\x20\x54\x65\x73\x74\x20\x52" + "\x6f\x6f\x74\x20\x43\x41\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13" + "\x02\x53\x45\x30\x1e\x17\x0d\x30\x39\x30\x34\x32\x36\x32\x30\x32" + "\x39\x34\x30\x5a\x17\x0d\x31\x39\x30\x34\x32\x34\x32\x30\x32\x39" + "\x34\x30\x5a\x30\x2a\x31\x1b\x30\x19\x06\x03\x55\x04\x03\x0c\x12" + "\x68\x78\x35\x30\x39\x20\x54\x65\x73\x74\x20\x52\x6f\x6f\x74\x20" + "\x43\x41\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x53\x45\x30" + "\x81\x9f\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05" + "\x00\x03\x81\x8d\x00\x30\x81\x89\x02\x81\x81\x00\xb9\xd3\x1b\x67" + "\x1c\xf7\x5e\x26\x81\x3b\x82\xff\x03\xa4\x43\xb5\xb2\x63\x0b\x89" + "\x58\x43\xfe\x3d\xe0\x38\x7d\x93\x74\xbb\xad\x21\xa4\x29\xd9\x34" + "\x79\xf3\x1c\x8c\x5a\xd6\xb0\xd7\x19\xea\xcc\xaf\xe0\xa8\x40\x02" + "\x1d\x91\xf1\xac\x36\xb0\xfb\x08\xbd\xcc\x9a\xe1\xb7\x6e\xee\x0a" + "\x69\xbf\x6d\x2b\xee\x20\x82\x61\x06\xf2\x18\xcc\x89\x11\x64\x7e" + "\xb2\xff\x47\xd1\x3b\x52\x73\xeb\x5a\xc0\x03\xa6\x4b\xc7\x40\x7e" + "\xbc\xe1\x0e\x65\x44\x3f\x40\x8b\x02\x82\x54\x04\xd9\xcc\x2c\x67" + "\x01\xb6\x16\x82\xd8\x33\x53\x17\xd7\xde\x8d\x5d\x02\x03\x01\x00" + "\x01\xa3\x81\x99\x30\x81\x96\x30\x1d\x06\x03\x55\x1d\x0e\x04\x16" + "\x04\x14\x6e\x48\x13\xdc\xbf\x8b\x95\x4c\x13\xf3\x1f\x97\x30\xdd" + "\x27\x96\x59\x9b\x0e\x68\x30\x5a\x06\x03\x55\x1d\x23\x04\x53\x30" + "\x51\x80\x14\x6e\x48\x13\xdc\xbf\x8b\x95\x4c\x13\xf3\x1f\x97\x30" + "\xdd\x27\x96\x59\x9b\x0e\x68\xa1\x2e\xa4\x2c\x30\x2a\x31\x1b\x30" + "\x19\x06\x03\x55\x04\x03\x0c\x12\x68\x78\x35\x30\x39\x20\x54\x65" + "\x73\x74\x20\x52\x6f\x6f\x74\x20\x43\x41\x31\x0b\x30\x09\x06\x03" + "\x55\x04\x06\x13\x02\x53\x45\x82\x09\x00\x99\x32\xde\x61\x0e\x40" + "\x19\x8a\x30\x0c\x06\x03\x55\x1d\x13\x04\x05\x30\x03\x01\x01\xff" + "\x30\x0b\x06\x03\x55\x1d\x0f\x04\x04\x03\x02\x01\xe6\x30\x0d\x06" + "\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x81\x81\x00" + "\x52\x9b\xe4\x0e\xee\xc2\x5d\xb7\xf1\xba\x47\xe3\xfe\xaf\x3d\x51" + "\x10\xfd\xe8\x0d\x14\x58\x05\x36\xa7\xeb\xd8\x05\xe5\x27\x6f\x51" + "\xb8\xec\x90\xd9\x03\xe1\xbc\x9c\x93\x38\x21\x5c\xaf\x4e\x6c\x7b" + "\x6c\x65\xa9\x92\xcd\x94\xef\xa8\xae\x90\x12\x14\x78\x2d\xa3\x15" + "\xaa\x42\xf1\xd9\x44\x64\x2c\x3c\xc0\xbd\x3a\x48\xd8\x80\x45\x8b" + "\xd1\x79\x82\xe0\x0f\xdf\x08\x3c\x60\x21\x6f\x31\x47\x98\xae\x2f" + "\xcb\xb1\xa1\xb9\xc1\xa3\x71\x5e\x4a\xc2\x67\xdf\x66\x0a\x51\xb5" + "\xad\x60\x05\xdb\x02\xd4\x1a\xd2\xb9\x4e\x01\x08\x2b\xc3\x57\xaf", + 624 }, + { + "\x30\x82\x02\x54\x30\x82\x01\xbd\xa0\x03\x02\x01\x02\x02\x01\x08" + "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x30" + "\x2a\x31\x1b\x30\x19\x06\x03\x55\x04\x03\x0c\x12\x68\x78\x35\x30" + "\x39\x20\x54\x65\x73\x74\x20\x52\x6f\x6f\x74\x20\x43\x41\x31\x0b" + "\x30\x09\x06\x03\x55\x04\x06\x13\x02\x53\x45\x30\x1e\x17\x0d\x30" + "\x39\x30\x34\x32\x36\x32\x30\x32\x39\x34\x30\x5a\x17\x0d\x31\x39" + "\x30\x34\x32\x34\x32\x30\x32\x39\x34\x30\x5a\x30\x1b\x31\x0b\x30" + "\x09\x06\x03\x55\x04\x06\x13\x02\x53\x45\x31\x0c\x30\x0a\x06\x03" + "\x55\x04\x03\x0c\x03\x6b\x64\x63\x30\x81\x9f\x30\x0d\x06\x09\x2a" + "\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x81\x8d\x00\x30\x81" + "\x89\x02\x81\x81\x00\xd2\x41\x7a\xf8\x4b\x55\xb2\xaf\x11\xf9\x43" + "\x9b\x43\x81\x09\x3b\x9a\x94\xcf\x00\xf4\x85\x75\x92\xd7\x2a\xa5" + "\x11\xf1\xa8\x50\x6e\xc6\x84\x74\x24\x17\xda\x84\xc8\x03\x37\xb2" + "\x20\xf3\xba\xb5\x59\x36\x21\x4d\xab\x70\xe2\xc3\x09\x93\x68\x14" + "\x12\x79\xc5\xbb\x9e\x1b\x4a\xf0\xc6\x24\x59\x25\xc3\x1c\xa8\x70" + "\x66\x5b\x3e\x41\x8e\xe3\x25\x71\x9a\x94\xa0\x5b\x46\x91\x6f\xdd" + "\x58\x14\xec\x89\xe5\x8c\x96\xc5\x38\x60\xe4\xab\xf2\x75\xee\x6e" + "\x62\xfc\xe1\xbd\x03\x47\xff\xc4\xbe\x0f\xca\x70\x73\xe3\x74\x58" + "\x3a\x2f\x04\x2d\x39\x02\x03\x01\x00\x01\xa3\x81\x98\x30\x81\x95" + "\x30\x09\x06\x03\x55\x1d\x13\x04\x02\x30\x00\x30\x0b\x06\x03\x55" + "\x1d\x0f\x04\x04\x03\x02\x05\xe0\x30\x12\x06\x03\x55\x1d\x25\x04" + "\x0b\x30\x09\x06\x07\x2b\x06\x01\x05\x02\x03\x05\x30\x1d\x06\x03" + "\x55\x1d\x0e\x04\x16\x04\x14\x3a\xd3\x73\xff\xab\xdb\x7d\x8d\xc6" + "\x3a\xa2\x26\x3e\xae\x78\x95\x80\xc9\xe6\x31\x30\x48\x06\x03\x55" + "\x1d\x11\x04\x41\x30\x3f\xa0\x3d\x06\x06\x2b\x06\x01\x05\x02\x02" + "\xa0\x33\x30\x31\xa0\x0d\x1b\x0b\x54\x45\x53\x54\x2e\x48\x35\x4c" + "\x2e\x53\x45\xa1\x20\x30\x1e\xa0\x03\x02\x01\x01\xa1\x17\x30\x15" + "\x1b\x06\x6b\x72\x62\x74\x67\x74\x1b\x0b\x54\x45\x53\x54\x2e\x48" + "\x35\x4c\x2e\x53\x45\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01" + "\x01\x05\x05\x00\x03\x81\x81\x00\x83\xf4\x14\xa7\x6e\x59\xff\x80" + "\x64\xe7\xfa\xcf\x13\x80\x86\xe1\xed\x02\x38\xad\x96\x72\x25\xe5" + "\x06\x7a\x9a\xbc\x24\x74\xa9\x75\x55\xb2\x49\x80\x69\x45\x95\x4a" + "\x4c\x76\xa9\xe3\x4e\x49\xd3\xc2\x69\x5a\x95\x03\xeb\xba\x72\x23" + "\x9c\xfd\x3d\x8b\xc6\x07\x82\x3b\xf4\xf3\xef\x6c\x2e\x9e\x0b\xac" + "\x9e\x6c\xbb\x37\x4a\xa1\x9e\x73\xd1\xdc\x97\x61\xba\xfc\xd3\x49" + "\xa6\xc2\x4c\x55\x2e\x06\x37\x76\xb5\xef\x57\xe7\x57\x58\x8a\x71" + "\x63\xf3\xeb\xe7\x55\x68\x0d\xf6\x46\x4c\xfb\xf9\x43\xbb\x0c\x92" + "\x4f\x4e\x22\x7b\x63\xe8\x4f\x9c", + 600 + } +}; + +static int +test_cert(void) +{ + Certificate c, c2; + size_t size; + size_t i; + int ret; + + for (i = 0; i < sizeof(certs)/sizeof(certs[0]); i++) { + + ret = decode_Certificate((unsigned char *)certs[i].cert, + certs[i].len, &c, &size); + if (ret) + return ret; + + ret = copy_Certificate(&c, &c2); + free_Certificate(&c); + if (ret) + return ret; + + free_Certificate(&c2); + } + + return 0; +} + + static int cmp_TESTLargeTag (void *a, void *b) { @@ -441,6 +676,7 @@ cmp_TESTLargeTag (void *a, void *b) TESTLargeTag *ab = b; COMPARE_INTEGER(aa,ab,foo); + COMPARE_INTEGER(aa,ab,bar); return 0; } @@ -448,7 +684,7 @@ static int test_large_tag (void) { struct test_case tests[] = { - { NULL, 8, "\x30\x06\xbf\x7f\x03\x02\x01\x01", "large tag 1" } + { NULL, 15, "\x30\x0d\xbf\x7f\x03\x02\x01\x01\xbf\x81\x00\x03\x02\x01\x02", "large tag 1" } }; int ntests = sizeof(tests) / sizeof(*tests); @@ -456,6 +692,7 @@ test_large_tag (void) memset(<1, 0, sizeof(lt1)); lt1.foo = 1; + lt1.bar = 2; tests[0].val = <1; @@ -464,7 +701,8 @@ test_large_tag (void) (generic_length)length_TESTLargeTag, (generic_decode)decode_TESTLargeTag, (generic_free)free_TESTLargeTag, - cmp_TESTLargeTag); + cmp_TESTLargeTag, + (generic_copy)copy_TESTLargeTag); } struct test_data { @@ -490,9 +728,9 @@ check_tag_length(void) { 0, 5, 0, "\x02\xff\x7f\x02\x00"} }; size_t sz; - krb5uint32 values[] = {0, 127, 128, 256, 512, + TESTuint32 values[] = {0, 127, 128, 256, 512, 0, 127, 128, 256, 512 }; - krb5uint32 u; + TESTuint32 u; int i, ret, failed = 0; void *buf; @@ -501,7 +739,7 @@ check_tag_length(void) buf = map_alloc(OVERRUN, td[i].data, td[i].len, &page); - ret = decode_krb5uint32(buf, td[i].len, &u, &sz); + ret = decode_TESTuint32(buf, td[i].len, &u, &sz); if (ret) { if (td[i].ok) { printf("failed with tag len test %d\n", i); @@ -560,7 +798,8 @@ test_choice (void) (generic_length)length_TESTChoice1, (generic_decode)decode_TESTChoice1, (generic_free)free_TESTChoice1, - cmp_TESTChoice); + cmp_TESTChoice, + (generic_copy)copy_TESTChoice1); memset(&c2_2, 0, sizeof(c2_2)); c2_2.element = choice_TESTChoice2_asn1_ellipsis; @@ -573,7 +812,8 @@ test_choice (void) (generic_length)length_TESTChoice2, (generic_decode)decode_TESTChoice2, (generic_free)free_TESTChoice2, - cmp_TESTChoice); + cmp_TESTChoice, + (generic_copy)copy_TESTChoice2); return ret; } @@ -603,9 +843,9 @@ static int test_implicit (void) { struct test_case tests[] = { - { NULL, 16, + { NULL, 16, "\x30\x0e\x80\x01\x00\xa1\x06\xbf" - "\x7f\x03\x02\x01\x02\x82\x01\x03", + "\x7f\x03\x02\x01\x02\x82\x01\x03", "implicit 1" } }; @@ -623,7 +863,8 @@ test_implicit (void) (generic_length)length_TESTImplicit, (generic_decode)decode_TESTImplicit, (generic_free)free_TESTImplicit, - cmp_TESTImplicit); + cmp_TESTImplicit, + (generic_copy)copy_TESTImplicit); #ifdef IMPLICIT_TAGGING_WORKS ret += generic_test (tests, ntests, sizeof(TESTImplicit2), @@ -631,7 +872,8 @@ test_implicit (void) (generic_length)length_TESTImplicit2, (generic_decode)decode_TESTImplicit2, (generic_free)free_TESTImplicit2, - cmp_TESTImplicit); + cmp_TESTImplicit, + NULL); #endif /* IMPLICIT_TAGGING_WORKS */ return ret; @@ -679,14 +921,14 @@ static int test_taglessalloc (void) { struct test_case tests[] = { - { NULL, 14, - "\x30\x0c\x30\x05\xa0\x03\x02\x01\x01\xa1\x03\x02\x01\x03", + { NULL, 14, + "\x30\x0c\x30\x05\xa0\x03\x02\x01\x01\xa1\x03\x02\x01\x03", "alloc 1" }, - { NULL, 7, - "\x30\x05\xa1\x03\x02\x01\x03", + { NULL, 7, + "\x30\x05\xa1\x03\x02\x01\x03", "alloc 2" }, - { NULL, 10, - "\x30\x08\xa1\x03\x02\x01\x04\x02\x01\x05", + { NULL, 10, + "\x30\x08\xa1\x03\x02\x01\x04\x02\x01\x05", "alloc 3" } }; @@ -718,13 +960,95 @@ test_taglessalloc (void) (generic_length)length_TESTAlloc, (generic_decode)decode_TESTAlloc, (generic_free)free_TESTAlloc, - cmp_TESTAlloc); + cmp_TESTAlloc, + (generic_copy)copy_TESTAlloc); free(c1.tagless); return ret; } +static int +cmp_TESTOptional (void *a, void *b) +{ + TESTOptional *aa = a; + TESTOptional *ab = b; + + IF_OPT_COMPARE(aa,ab,zero) { + COMPARE_OPT_INTEGER(aa,ab,zero); + } + IF_OPT_COMPARE(aa,ab,one) { + COMPARE_OPT_INTEGER(aa,ab,one); + } + return 0; +} + +/* +UNIV CONS Sequence 5 + CONTEXT CONS 0 3 + UNIV PRIM Integer 1 00 + +UNIV CONS Sequence 5 + CONTEXT CONS 1 3 + UNIV PRIM Integer 1 03 + +UNIV CONS Sequence 10 + CONTEXT CONS 0 3 + UNIV PRIM Integer 1 00 + CONTEXT CONS 1 3 + UNIV PRIM Integer 1 01 + +*/ + +static int +test_optional (void) +{ + struct test_case tests[] = { + { NULL, 2, + "\x30\x00", + "optional 0" }, + { NULL, 7, + "\x30\x05\xa0\x03\x02\x01\x00", + "optional 1" }, + { NULL, 7, + "\x30\x05\xa1\x03\x02\x01\x01", + "optional 2" }, + { NULL, 12, + "\x30\x0a\xa0\x03\x02\x01\x00\xa1\x03\x02\x01\x01", + "optional 3" } + }; + + int ret = 0, ntests = sizeof(tests) / sizeof(*tests); + TESTOptional c0, c1, c2, c3; + int zero = 0; + int one = 1; + + c0.zero = NULL; + c0.one = NULL; + tests[0].val = &c0; + + c1.zero = &zero; + c1.one = NULL; + tests[1].val = &c1; + + c2.zero = NULL; + c2.one = &one; + tests[2].val = &c2; + + c3.zero = &zero; + c3.one = &one; + tests[3].val = &c3; + + ret += generic_test (tests, ntests, sizeof(TESTOptional), + (generic_encode)encode_TESTOptional, + (generic_length)length_TESTOptional, + (generic_decode)decode_TESTOptional, + (generic_free)free_TESTOptional, + cmp_TESTOptional, + (generic_copy)copy_TESTOptional); + + return ret; +} static int check_fail_largetag(void) @@ -768,7 +1092,7 @@ check_fail_sequence(void) { struct test_case tests[] = { {NULL, 0, "", "empty buffer"}, - {NULL, 24, + {NULL, 24, "\x30\x16\xa0\x03\x02\x01\x01\xa1\x08\x30\x06\xbf\x7f\x03\x02\x01\x01" "\x02\x01\x01\xa2\x03\x02\x01\x01" "missing one byte from the end, internal length ok"}, @@ -776,7 +1100,7 @@ check_fail_sequence(void) "\x30\x18\xa0\x03\x02\x01\x01\xa1\x08\x30\x06\xbf\x7f\x03\x02\x01\x01" "\x02\x01\x01\xa2\x03\x02\x01\x01", "inner length one byte too long"}, - {NULL, 24, + {NULL, 24, "\x30\x17\xa0\x03\x02\x01\x01\xa1\x08\x30\x06\xbf\x7f\x03\x02\x01" "\x01\x02\x01\x01\xa2\x03\x02\x01\x01", "correct buffer but missing one too short"} @@ -793,10 +1117,10 @@ check_fail_choice(void) struct test_case tests[] = { {NULL, 6, "\xa1\x02\x02\x01\x01", - "one too short"}, + "choice one too short"}, {NULL, 6, "\xa1\x03\x02\x02\x01", - "one too short inner"} + "choice one too short inner"} }; int ntests = sizeof(tests) / sizeof(*tests); @@ -877,6 +1201,7 @@ check_seq(void) static int check_seq_of_size(void) { +#if 0 /* template */ TESTInteger integers[4] = { 1, 2, 3, 4 }; int ret; @@ -894,7 +1219,7 @@ check_seq_of_size(void) TESTSeqSizeOf2 ssof2ok1 = { 1, integers }; TESTSeqSizeOf2 ssof2ok2 = { 2, integers }; TESTSeqSizeOf2 ssof2f2 = { 3, integers }; - + test_seq_of(TESTSeqSizeOf2, 0, &ssof2f1); test_seq_of(TESTSeqSizeOf2, 1, &ssof2ok1); test_seq_of(TESTSeqSizeOf2, 1, &ssof2ok2); @@ -904,7 +1229,7 @@ check_seq_of_size(void) TESTSeqSizeOf3 ssof3f1 = { 0, NULL }; TESTSeqSizeOf3 ssof3ok1 = { 1, integers }; TESTSeqSizeOf3 ssof3ok2 = { 2, integers }; - + test_seq_of(TESTSeqSizeOf3, 0, &ssof3f1); test_seq_of(TESTSeqSizeOf3, 1, &ssof3ok1); test_seq_of(TESTSeqSizeOf3, 1, &ssof3ok2); @@ -914,17 +1239,42 @@ check_seq_of_size(void) TESTSeqSizeOf4 ssof4ok2 = { 1, integers }; TESTSeqSizeOf4 ssof4ok3 = { 2, integers }; TESTSeqSizeOf4 ssof4f1 = { 3, integers }; - + test_seq_of(TESTSeqSizeOf4, 1, &ssof4ok1); - test_seq_of(TESTSeqSizeOf4, 1, &ssof4ok2); + test_seq_of(TESTSeqSizeOf4, 1, &ssof4ok2); test_seq_of(TESTSeqSizeOf4, 1, &ssof4ok3); test_seq_of(TESTSeqSizeOf4, 0, &ssof4f1); } - +#endif return 0; } +static int +check_TESTMechTypeList(void) +{ + TESTMechTypeList tl; + unsigned oid1[] = { 1, 2, 840, 48018, 1, 2, 2}; + unsigned oid2[] = { 1, 2, 840, 113554, 1, 2, 2}; + unsigned oid3[] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 30}; + unsigned oid4[] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10}; + TESTMechType array[] = {{ 7, oid1 }, + { 7, oid2 }, + { 10, oid3 }, + { 10, oid4 }}; + size_t size, len; + void *ptr; + int ret; + tl.len = 4; + tl.val = array; + + ASN1_MALLOC_ENCODE(TESTMechTypeList, ptr, len, &tl, &size, ret); + if (ret) + errx(1, "TESTMechTypeList: %d", ret); + if (len != size) + abort(); + return 0; +} int main(int argc, char **argv) @@ -936,6 +1286,9 @@ main(int argc, char **argv) ret += test_krb_error(); ret += test_Name(); ret += test_bit_string(); + ret += test_bit_string_rfc1510(); + ret += test_time(); + ret += test_cert(); ret += check_tag_length(); ret += test_large_tag(); @@ -943,6 +1296,7 @@ main(int argc, char **argv) ret += test_implicit(); ret += test_taglessalloc(); + ret += test_optional(); ret += check_fail_largetag(); ret += check_fail_sequence(); @@ -951,5 +1305,7 @@ main(int argc, char **argv) ret += check_seq(); ret += check_seq_of_size(); + ret += check_TESTMechTypeList(); + return ret; } diff --git a/lib/asn1/check-template.c b/lib/asn1/check-template.c new file mode 100644 index 000000000000..44d50168a963 --- /dev/null +++ b/lib/asn1/check-template.c @@ -0,0 +1,255 @@ +/* + * Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include + +#include +#include +#include +#include + +#include "check-common.h" + +static int +cmp_dummy (void *a, void *b) +{ + return 0; +} + +static int +test_seqofseq(void) +{ + struct test_case tests[] = { + { NULL, 2, + "\x30\x00", + "seqofseq 0" }, + { NULL, 9, + "\x30\x07\x30\x05\xa0\x03\x02\x01\x00", + "seqofseq 1" }, + { NULL, 16, + "\x30\x0e\x30\x05\xa0\x03\x02\x01\x00\x30\x05\xa0\x03\x02\x01\x01", + "seqofseq 2" } + }; + + int ret = 0, ntests = sizeof(tests) / sizeof(*tests); + TESTSeqOfSeq c0, c1, c2; + struct TESTSeqOfSeq_val i[2]; + + i[0].zero = 0; + i[1].zero = 1; + + c0.len = 0; + c0.val = NULL; + tests[0].val = &c0; + + c1.len = 1; + c1.val = i; + tests[1].val = &c1; + + c2.len = 2; + c2.val = i; + tests[2].val = &c2; + + ret += generic_test (tests, ntests, sizeof(TESTSeqOfSeq), + (generic_encode)encode_TESTSeqOfSeq, + (generic_length)length_TESTSeqOfSeq, + (generic_decode)decode_TESTSeqOfSeq, + (generic_free)free_TESTSeqOfSeq, + cmp_dummy, + NULL); + return ret; +} + +static int +test_seqofseq2(void) +{ + struct test_case tests[] = { + { NULL, 2, + "\x30\x00", + "seqofseq2 0" }, + { NULL, 11, + "\x30\x09\x30\x07\xa0\x05\x1b\x03\x65\x74\x74", + "seqofseq2 1" }, + { NULL, 21, + "\x30\x13\x30\x07\xa0\x05\x1b\x03\x65\x74\x74\x30\x08\xa0" + "\x06\x1b\x04\x74\x76\x61\x61", + "seqofseq2 2" } + }; + + int ret = 0, ntests = sizeof(tests) / sizeof(*tests); + TESTSeqOfSeq2 c0, c1, c2; + struct TESTSeqOfSeq2_val i[2]; + + i[0].string = "ett"; + i[1].string = "tvaa"; + + c0.len = 0; + c0.val = NULL; + tests[0].val = &c0; + + c1.len = 1; + c1.val = i; + tests[1].val = &c1; + + c2.len = 2; + c2.val = i; + tests[2].val = &c2; + + ret += generic_test (tests, ntests, sizeof(TESTSeqOfSeq2), + (generic_encode)encode_TESTSeqOfSeq2, + (generic_length)length_TESTSeqOfSeq2, + (generic_decode)decode_TESTSeqOfSeq2, + (generic_free)free_TESTSeqOfSeq2, + cmp_dummy, + NULL); + return ret; +} + +static int +test_seqof2(void) +{ + struct test_case tests[] = { + { NULL, 4, + "\x30\x02\x30\x00", + "seqof2 1" }, + { NULL, 9, + "\x30\x07\x30\x05\x1b\x03\x66\x6f\x6f", + "seqof2 2" }, + { NULL, 14, + "\x30\x0c\x30\x0a\x1b\x03\x66\x6f\x6f\x1b\x03\x62\x61\x72", + "seqof2 3" } + }; + + int ret = 0, ntests = sizeof(tests) / sizeof(*tests); + TESTSeqOf2 c0, c1, c2; + heim_general_string i[2]; + + i[0] = "foo"; + i[1] = "bar"; + + c0.strings.val = NULL; + c0.strings.len = 0; + tests[0].val = &c0; + + c1.strings.len = 1; + c1.strings.val = i; + tests[1].val = &c1; + + c2.strings.len = 2; + c2.strings.val = i; + tests[2].val = &c2; + + ret += generic_test (tests, ntests, sizeof(TESTSeqOf2), + (generic_encode)encode_TESTSeqOf2, + (generic_length)length_TESTSeqOf2, + (generic_decode)decode_TESTSeqOf2, + (generic_free)free_TESTSeqOf2, + cmp_dummy, + NULL); + return ret; +} + +static int +test_seqof3(void) +{ + struct test_case tests[] = { + { NULL, 2, + "\x30\x00", + "seqof3 0" }, + { NULL, 4, + "\x30\x02\x30\x00", + "seqof3 1" }, + { NULL, 9, + "\x30\x07\x30\x05\x1b\x03\x66\x6f\x6f", + "seqof3 2" }, + { NULL, 14, + "\x30\x0c\x30\x0a\x1b\x03\x66\x6f\x6f\x1b\x03\x62\x61\x72", + "seqof3 3" } + }; + + int ret = 0, ntests = sizeof(tests) / sizeof(*tests); + TESTSeqOf3 c0, c1, c2, c3; + struct TESTSeqOf3_strings s1, s2, s3; + heim_general_string i[2]; + + i[0] = "foo"; + i[1] = "bar"; + + c0.strings = NULL; + tests[0].val = &c0; + + s1.val = NULL; + s1.len = 0; + c1.strings = &s1; + tests[1].val = &c1; + + s2.len = 1; + s2.val = i; + c2.strings = &s2; + tests[2].val = &c2; + + s3.len = 2; + s3.val = i; + c3.strings = &s3; + tests[3].val = &c3; + + ret += generic_test (tests, ntests, sizeof(TESTSeqOf3), + (generic_encode)encode_TESTSeqOf3, + (generic_length)length_TESTSeqOf3, + (generic_decode)decode_TESTSeqOf3, + (generic_free)free_TESTSeqOf3, + cmp_dummy, + NULL); + return ret; +} + + +int +main(int argc, char **argv) +{ + int ret = 0; + + ret += test_seqofseq(); + ret += test_seqofseq2(); + ret += test_seqof2(); + ret += test_seqof3(); + + return ret; +} diff --git a/lib/asn1/check-timegm.c b/lib/asn1/check-timegm.c index 7d33455a3c56..13d3abcf1fa5 100644 --- a/lib/asn1/check-timegm.c +++ b/lib/asn1/check-timegm.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include -RCSID("$Id: check-timegm.c 18610 2006-10-19 16:33:24Z lha $"); +RCSID("$Id$"); static int test_timegm(void) @@ -58,6 +58,15 @@ test_timegm(void) if (t != -1) ret += 1; + _der_gmtime(1159696980, &tm); + if (tm.tm_year != 106 || + tm.tm_mon != 9 || + tm.tm_mday != 1 || + tm.tm_hour != 10 || + tm.tm_min != 3 || + tm.tm_sec != 0) + errx(1, "tmtime failes"); + return ret; } diff --git a/lib/asn1/CMS.asn1 b/lib/asn1/cms.asn1 similarity index 92% rename from lib/asn1/CMS.asn1 rename to lib/asn1/cms.asn1 index 685f0b189831..ccbe68383825 100644 --- a/lib/asn1/CMS.asn1 +++ b/lib/asn1/cms.asn1 @@ -1,10 +1,10 @@ -- From RFC 3369 -- --- $Id: CMS.asn1 18054 2006-09-07 12:20:42Z lha $ -- +-- $Id$ -- CMS DEFINITIONS ::= BEGIN IMPORTS CertificateSerialNumber, AlgorithmIdentifier, Name, - Attribute, Certificate, Name, SubjectKeyIdentifier FROM rfc2459 + Attribute, Certificate, SubjectKeyIdentifier FROM rfc2459 heim_any, heim_any_set FROM heim; id-pkcs7 OBJECT IDENTIFIER ::= { iso(1) member-body(2) @@ -18,8 +18,8 @@ id-pkcs7-digestedData OBJECT IDENTIFIER ::= { id-pkcs7 5 } id-pkcs7-encryptedData OBJECT IDENTIFIER ::= { id-pkcs7 6 } CMSVersion ::= INTEGER { - CMSVersion_v0(0), - CMSVersion_v1(1), + CMSVersion_v0(0), + CMSVersion_v1(1), CMSVersion_v2(2), CMSVersion_v3(3), CMSVersion_v4(4) @@ -34,7 +34,7 @@ MessageDigest ::= OCTET STRING ContentInfo ::= SEQUENCE { contentType ContentType, - content [0] EXPLICIT heim_any OPTIONAL -- DEFINED BY contentType + content [0] EXPLICIT heim_any OPTIONAL -- DEFINED BY contentType } EncapsulatedContentInfo ::= SEQUENCE { @@ -53,7 +53,7 @@ IssuerAndSerialNumber ::= SEQUENCE { serialNumber CertificateSerialNumber } --- RecipientIdentifier is same as SignerIdentifier, +-- RecipientIdentifier is same as SignerIdentifier, -- lets glue them togheter and save some bytes and share code for them CMSIdentifier ::= CHOICE { @@ -67,7 +67,7 @@ RecipientIdentifier ::= CMSIdentifier --- CMSAttributes are the combined UnsignedAttributes and SignedAttributes --- to store space and share code -CMSAttributes ::= SET OF Attribute -- SIZE (1..MAX) +CMSAttributes ::= SET OF Attribute -- SIZE (1..MAX) SignatureValue ::= OCTET STRING @@ -79,7 +79,7 @@ SignerInfo ::= SEQUENCE { SET OF Attribute OPTIONAL, signatureAlgorithm SignatureAlgorithmIdentifier, signature SignatureValue, - unsignedAttrs [1] IMPLICIT -- CMSAttributes -- + unsignedAttrs [1] IMPLICIT -- CMSAttributes -- SET OF Attribute OPTIONAL } diff --git a/lib/asn1/cms.opt b/lib/asn1/cms.opt new file mode 100644 index 000000000000..49333e53a758 --- /dev/null +++ b/lib/asn1/cms.opt @@ -0,0 +1,2 @@ +--decode-dce-ber +--sequence=DigestAlgorithmIdentifiers diff --git a/lib/asn1/der-private.h b/lib/asn1/der-private.h new file mode 100644 index 000000000000..555f71bd004d --- /dev/null +++ b/lib/asn1/der-private.h @@ -0,0 +1,82 @@ +/* This is a generated file */ +#ifndef __der_private_h__ +#define __der_private_h__ + +#include + +int +_asn1_copy ( + const struct asn1_template */*t*/, + const void */*from*/, + void */*to*/); + +int +_asn1_copy_top ( + const struct asn1_template */*t*/, + const void */*from*/, + void */*to*/); + +int +_asn1_decode ( + const struct asn1_template */*t*/, + unsigned /*flags*/, + const unsigned char */*p*/, + size_t /*len*/, + void */*data*/, + size_t */*size*/); + +int +_asn1_decode_top ( + const struct asn1_template */*t*/, + unsigned /*flags*/, + const unsigned char */*p*/, + size_t /*len*/, + void */*data*/, + size_t */*size*/); + +int +_asn1_encode ( + const struct asn1_template */*t*/, + unsigned char */*p*/, + size_t /*len*/, + const void */*data*/, + size_t */*size*/); + +void +_asn1_free ( + const struct asn1_template */*t*/, + void */*data*/); + +size_t +_asn1_length ( + const struct asn1_template */*t*/, + const void */*data*/); + +struct tm * +_der_gmtime ( + time_t /*t*/, + struct tm */*tm*/); + +int +_heim_der_set_sort ( + const void */*a1*/, + const void */*a2*/); + +int +_heim_fix_dce ( + size_t /*reallen*/, + size_t */*len*/); + +size_t +_heim_len_int (int /*val*/); + +size_t +_heim_len_unsigned (unsigned /*val*/); + +int +_heim_time2generalizedtime ( + time_t /*t*/, + heim_octet_string */*s*/, + int /*gtimep*/); + +#endif /* __der_private_h__ */ diff --git a/lib/asn1/der-protos.h b/lib/asn1/der-protos.h index 7bfe02ebb449..3b3d81d175fb 100644 --- a/lib/asn1/der-protos.h +++ b/lib/asn1/der-protos.h @@ -47,6 +47,11 @@ der_copy_general_string ( const heim_general_string */*from*/, heim_general_string */*to*/); +int +der_copy_generalized_time ( + const time_t */*from*/, + time_t */*to*/); + int der_copy_heim_integer ( const heim_integer */*from*/, @@ -54,8 +59,13 @@ der_copy_heim_integer ( int der_copy_ia5_string ( - const heim_printable_string */*from*/, - heim_printable_string */*to*/); + const heim_ia5_string */*from*/, + heim_ia5_string */*to*/); + +int +der_copy_integer ( + const int */*from*/, + int */*to*/); int der_copy_octet_string ( @@ -77,6 +87,16 @@ der_copy_universal_string ( const heim_universal_string */*from*/, heim_universal_string */*to*/); +int +der_copy_unsigned ( + const unsigned */*from*/, + unsigned */*to*/); + +int +der_copy_utctime ( + const time_t */*from*/, + time_t */*to*/); + int der_copy_utf8string ( const heim_utf8_string */*from*/, @@ -96,12 +116,18 @@ der_free_bmp_string (heim_bmp_string */*k*/); void der_free_general_string (heim_general_string */*str*/); +void +der_free_generalized_time (time_t */*t*/); + void der_free_heim_integer (heim_integer */*k*/); void der_free_ia5_string (heim_ia5_string */*str*/); +void +der_free_integer (int */*i*/); + void der_free_octet_string (heim_octet_string */*k*/); @@ -114,6 +140,12 @@ der_free_printable_string (heim_printable_string */*str*/); void der_free_universal_string (heim_universal_string */*k*/); +void +der_free_unsigned (unsigned */*u*/); + +void +der_free_utctime (time_t */*t*/); + void der_free_utf8string (heim_utf8_string */*str*/); @@ -196,6 +228,13 @@ der_get_octet_string ( heim_octet_string */*data*/, size_t */*size*/); +int +der_get_octet_string_ber ( + const unsigned char */*p*/, + size_t /*len*/, + heim_octet_string */*data*/, + size_t */*size*/); + int der_get_oid ( const unsigned char */*p*/, @@ -296,6 +335,11 @@ der_heim_universal_string_cmp ( const heim_universal_string */*p*/, const heim_universal_string */*q*/); +int +der_ia5_string_cmp ( + const heim_ia5_string */*p*/, + const heim_ia5_string */*q*/); + size_t der_length_bit_string (const heim_bit_string */*k*/); @@ -335,6 +379,9 @@ der_length_oid (const heim_oid */*k*/); size_t der_length_printable_string (const heim_printable_string */*data*/); +size_t +der_length_tag (unsigned int /*tag*/); + size_t der_length_universal_string (const heim_universal_string */*data*/); @@ -359,12 +406,21 @@ der_match_tag ( unsigned int /*tag*/, size_t */*size*/); +int +der_match_tag2 ( + const unsigned char */*p*/, + size_t /*len*/, + Der_class /*class*/, + Der_type */*type*/, + unsigned int /*tag*/, + size_t */*size*/); + int der_match_tag_and_length ( const unsigned char */*p*/, size_t /*len*/, Der_class /*class*/, - Der_type /*type*/, + Der_type */*type*/, unsigned int /*tag*/, size_t */*length_ret*/, size_t */*size*/); @@ -391,6 +447,11 @@ der_print_hex_heim_integer ( const heim_integer */*data*/, char **/*p*/); +int +der_printable_string_cmp ( + const heim_printable_string */*p*/, + const heim_printable_string */*q*/); + int der_put_bit_string ( unsigned char */*p*/, diff --git a/lib/asn1/der.c b/lib/asn1/der.c index 120dc086afc9..0c59e6f6409b 100644 --- a/lib/asn1/der.c +++ b/lib/asn1/der.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" @@ -38,7 +38,7 @@ #include #include -RCSID("$Id: der.c 22429 2008-01-13 10:25:50Z lha $"); +RCSID("$Id$"); static const char *class_names[] = { diff --git a/lib/asn1/der.h b/lib/asn1/der.h index 13e39320d4ec..f20cdb83ca51 100644 --- a/lib/asn1/der.h +++ b/lib/asn1/der.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: der.h 18437 2006-10-14 05:16:08Z lha $ */ +/* $Id$ */ #ifndef __DER_H__ #define __DER_H__ @@ -52,7 +52,7 @@ typedef enum {PRIM = 0, CONS = 1} Der_type; enum { UT_EndOfContent = 0, UT_Boolean = 1, - UT_Integer = 2, + UT_Integer = 2, UT_BitString = 3, UT_OctetString = 4, UT_Null = 5, @@ -94,6 +94,8 @@ typedef struct heim_ber_time_t { int bt_zone; } heim_ber_time_t; +struct asn1_template; + #include int _heim_fix_dce(size_t reallen, size_t *len); diff --git a/lib/asn1/der_cmp.c b/lib/asn1/der_cmp.c index f27f03c02bd3..468ccb2d040c 100644 --- a/lib/asn1/der_cmp.c +++ b/lib/asn1/der_cmp.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" @@ -38,13 +38,13 @@ der_heim_oid_cmp(const heim_oid *p, const heim_oid *q) { if (p->length != q->length) return p->length - q->length; - return memcmp(p->components, + return memcmp(p->components, q->components, p->length * sizeof(*p->components)); } int -der_heim_octet_string_cmp(const heim_octet_string *p, +der_heim_octet_string_cmp(const heim_octet_string *p, const heim_octet_string *q) { if (p->length != q->length) @@ -52,6 +52,20 @@ der_heim_octet_string_cmp(const heim_octet_string *p, return memcmp(p->data, q->data, p->length); } +int +der_printable_string_cmp(const heim_printable_string *p, + const heim_printable_string *q) +{ + return der_heim_octet_string_cmp(p, q); +} + +int +der_ia5_string_cmp(const heim_ia5_string *p, + const heim_ia5_string *q) +{ + return der_heim_octet_string_cmp(p, q); +} + int der_heim_bit_string_cmp(const heim_bit_string *p, const heim_bit_string *q) @@ -93,7 +107,7 @@ der_heim_bmp_string_cmp(const heim_bmp_string *p, const heim_bmp_string *q) } int -der_heim_universal_string_cmp(const heim_universal_string *p, +der_heim_universal_string_cmp(const heim_universal_string *p, const heim_universal_string *q) { if (p->length != q->length) diff --git a/lib/asn1/der_copy.c b/lib/asn1/der_copy.c index 04c4531ca578..3a0a8c5ffa6a 100644 --- a/lib/asn1/der_copy.c +++ b/lib/asn1/der_copy.c @@ -1,42 +1,44 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" -RCSID("$Id: der_copy.c 19539 2006-12-28 17:15:05Z lha $"); +RCSID("$Id$"); int -der_copy_general_string (const heim_general_string *from, +der_copy_general_string (const heim_general_string *from, heim_general_string *to) { *to = strdup(*from); @@ -45,6 +47,34 @@ der_copy_general_string (const heim_general_string *from, return 0; } +int +der_copy_integer (const int *from, int *to) +{ + *to = *from; + return 0; +} + +int +der_copy_unsigned (const unsigned *from, unsigned *to) +{ + *to = *from; + return 0; +} + +int +der_copy_generalized_time (const time_t *from, time_t *to) +{ + *to = *from; + return 0; +} + +int +der_copy_utctime (const time_t *from, time_t *to) +{ + *to = *from; + return 0; +} + int der_copy_utf8string (const heim_utf8_string *from, heim_utf8_string *to) { @@ -52,17 +82,23 @@ der_copy_utf8string (const heim_utf8_string *from, heim_utf8_string *to) } int -der_copy_printable_string (const heim_printable_string *from, +der_copy_printable_string (const heim_printable_string *from, heim_printable_string *to) { - return der_copy_general_string(from, to); + to->length = from->length; + to->data = malloc(to->length + 1); + if(to->data == NULL) + return ENOMEM; + memcpy(to->data, from->data, to->length); + ((char *)to->data)[to->length] = '\0'; + return 0; } int -der_copy_ia5_string (const heim_printable_string *from, - heim_printable_string *to) +der_copy_ia5_string (const heim_ia5_string *from, + heim_ia5_string *to) { - return der_copy_general_string(from, to); + return der_copy_printable_string(from, to); } int @@ -89,7 +125,7 @@ der_copy_universal_string (const heim_universal_string *from, } int -der_copy_visible_string (const heim_visible_string *from, +der_copy_visible_string (const heim_visible_string *from, heim_visible_string *to) { return der_copy_general_string(from, to); diff --git a/lib/asn1/der_format.c b/lib/asn1/der_format.c index 6908bddcc26e..4f06c1b01fd9 100644 --- a/lib/asn1/der_format.c +++ b/lib/asn1/der_format.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" #include -RCSID("$Id: der_format.c 20861 2007-06-03 20:18:29Z lha $"); +RCSID("$Id$"); int der_parse_hex_heim_integer (const char *p, heim_integer *data) @@ -56,7 +56,7 @@ der_parse_hex_heim_integer (const char *p, heim_integer *data) data->length = 0; return EINVAL; } - + data->length = (len / 2) + 1; data->data = malloc(data->length); if (data->data == NULL) { @@ -108,7 +108,7 @@ int der_print_heim_oid (const heim_oid *oid, char delim, char **str) { struct rk_strpool *p = NULL; - int i; + size_t i; if (oid->length == 0) return EINVAL; @@ -144,8 +144,8 @@ der_parse_heim_oid (const char *str, const char *sep, heim_oid *data) s = strdup(str); - for (w = strtok_r(s, sep, &brkt); - w != NULL; + for (w = strtok_r(s, sep, &brkt); + w != NULL; w = strtok_r(NULL, sep, &brkt)) { c = realloc(data->components, diff --git a/lib/asn1/der_free.c b/lib/asn1/der_free.c index 851cb1d40775..4bae5fc2338f 100644 --- a/lib/asn1/der_free.c +++ b/lib/asn1/der_free.c @@ -1,39 +1,41 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" -RCSID("$Id: der_free.c 19539 2006-12-28 17:15:05Z lha $"); +RCSID("$Id$"); void der_free_general_string (heim_general_string *str) @@ -42,6 +44,31 @@ der_free_general_string (heim_general_string *str) *str = NULL; } +void +der_free_integer (int *i) +{ + *i = 0; +} + +void +der_free_unsigned (unsigned *u) +{ + *u = 0; +} + +void +der_free_generalized_time(time_t *t) +{ + *t = 0; +} + +void +der_free_utctime(time_t *t) +{ + *t = 0; +} + + void der_free_utf8string (heim_utf8_string *str) { @@ -52,15 +79,13 @@ der_free_utf8string (heim_utf8_string *str) void der_free_printable_string (heim_printable_string *str) { - free(*str); - *str = NULL; + der_free_octet_string(str); } void der_free_ia5_string (heim_ia5_string *str) { - free(*str); - *str = NULL; + der_free_octet_string(str); } void diff --git a/lib/asn1/der_get.c b/lib/asn1/der_get.c index f232ce9a296d..3112da86f93b 100644 --- a/lib/asn1/der_get.c +++ b/lib/asn1/der_get.c @@ -1,43 +1,39 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" -RCSID("$Id: der_get.c 21369 2007-06-27 10:14:39Z lha $"); - -#include - -/* +/* * All decoding functions take a pointer `p' to first position in * which to read, from the left, `len' which means the maximum number * of characters we are able to read, `ret' were the value will be @@ -132,7 +128,7 @@ der_get_boolean(const unsigned char *p, size_t len, int *data, size_t *size) } int -der_get_general_string (const unsigned char *p, size_t len, +der_get_general_string (const unsigned char *p, size_t len, heim_general_string *str, size_t *size) { const unsigned char *p1; @@ -140,14 +136,14 @@ der_get_general_string (const unsigned char *p, size_t len, p1 = memchr(p, 0, len); if (p1 != NULL) { - /* + /* * Allow trailing NULs. We allow this since MIT Kerberos sends * an strings in the NEED_PREAUTH case that includes a * trailing NUL. */ - while (p1 - p < len && *p1 == '\0') + while ((size_t)(p1 - p) < len && *p1 == '\0') p1++; - if (p1 - p != len) + if ((size_t)(p1 - p) != len) return ASN1_BAD_CHARACTER; } if (len > len + 1) @@ -164,28 +160,35 @@ der_get_general_string (const unsigned char *p, size_t len, } int -der_get_utf8string (const unsigned char *p, size_t len, +der_get_utf8string (const unsigned char *p, size_t len, heim_utf8_string *str, size_t *size) { return der_get_general_string(p, len, str, size); } int -der_get_printable_string (const unsigned char *p, size_t len, - heim_printable_string *str, size_t *size) +der_get_printable_string(const unsigned char *p, size_t len, + heim_printable_string *str, size_t *size) { - return der_get_general_string(p, len, str, size); + str->length = len; + str->data = malloc(len + 1); + if (str->data == NULL) + return ENOMEM; + memcpy(str->data, p, len); + ((char *)str->data)[len] = '\0'; + if(size) *size = len; + return 0; } int -der_get_ia5_string (const unsigned char *p, size_t len, - heim_ia5_string *str, size_t *size) +der_get_ia5_string(const unsigned char *p, size_t len, + heim_ia5_string *str, size_t *size) { - return der_get_general_string(p, len, str, size); + return der_get_printable_string(p, len, str, size); } int -der_get_bmp_string (const unsigned char *p, size_t len, +der_get_bmp_string (const unsigned char *p, size_t len, heim_bmp_string *data, size_t *size) { size_t i; @@ -202,6 +205,13 @@ der_get_bmp_string (const unsigned char *p, size_t len, for (i = 0; i < data->length; i++) { data->data[i] = (p[0] << 8) | p[1]; p += 2; + /* check for NUL in the middle of the string */ + if (data->data[i] == 0 && i != (data->length - 1)) { + free(data->data); + data->data = NULL; + data->length = 0; + return ASN1_BAD_CHARACTER; + } } if (size) *size = len; @@ -209,7 +219,7 @@ der_get_bmp_string (const unsigned char *p, size_t len, } int -der_get_universal_string (const unsigned char *p, size_t len, +der_get_universal_string (const unsigned char *p, size_t len, heim_universal_string *data, size_t *size) { size_t i; @@ -226,20 +236,27 @@ der_get_universal_string (const unsigned char *p, size_t len, for (i = 0; i < data->length; i++) { data->data[i] = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; p += 4; + /* check for NUL in the middle of the string */ + if (data->data[i] == 0 && i != (data->length - 1)) { + free(data->data); + data->data = NULL; + data->length = 0; + return ASN1_BAD_CHARACTER; + } } if (size) *size = len; return 0; } int -der_get_visible_string (const unsigned char *p, size_t len, +der_get_visible_string (const unsigned char *p, size_t len, heim_visible_string *str, size_t *size) { return der_get_general_string(p, len, str, size); } int -der_get_octet_string (const unsigned char *p, size_t len, +der_get_octet_string (const unsigned char *p, size_t len, heim_octet_string *data, size_t *size) { data->length = len; @@ -252,7 +269,76 @@ der_get_octet_string (const unsigned char *p, size_t len, } int -der_get_heim_integer (const unsigned char *p, size_t len, +der_get_octet_string_ber (const unsigned char *p, size_t len, + heim_octet_string *data, size_t *size) +{ + int e; + Der_type type; + Der_class class; + unsigned int tag, depth = 0; + size_t l, datalen, oldlen = len; + + data->length = 0; + data->data = NULL; + + while (len) { + e = der_get_tag (p, len, &class, &type, &tag, &l); + if (e) goto out; + if (class != ASN1_C_UNIV) { + e = ASN1_BAD_ID; + goto out; + } + if (type == PRIM && tag == UT_EndOfContent) { + if (depth == 0) + break; + depth--; + } + if (tag != UT_OctetString) { + e = ASN1_BAD_ID; + goto out; + } + + p += l; + len -= l; + e = der_get_length (p, len, &datalen, &l); + if (e) goto out; + p += l; + len -= l; + + if (datalen > len) + return ASN1_OVERRUN; + + if (type == PRIM) { + void *ptr; + + ptr = realloc(data->data, data->length + datalen); + if (ptr == NULL) { + e = ENOMEM; + goto out; + } + data->data = ptr; + memcpy(((unsigned char *)data->data) + data->length, p, datalen); + data->length += datalen; + } else + depth++; + + p += datalen; + len -= datalen; + } + if (depth != 0) + return ASN1_INDEF_OVERRUN; + if(size) *size = oldlen - len; + return 0; + out: + free(data->data); + data->data = NULL; + data->length = 0; + return e; +} + + +int +der_get_heim_integer (const unsigned char *p, size_t len, heim_integer *data, size_t *size) { data->length = 0; @@ -338,7 +424,7 @@ generalizedtime2time (const char *s, time_t *t) } static int -der_get_time (const unsigned char *p, size_t len, +der_get_time (const unsigned char *p, size_t len, time_t *data, size_t *size) { char *times; @@ -359,14 +445,14 @@ der_get_time (const unsigned char *p, size_t len, } int -der_get_generalized_time (const unsigned char *p, size_t len, +der_get_generalized_time (const unsigned char *p, size_t len, time_t *data, size_t *size) { return der_get_time(p, len, data, size); } int -der_get_utctime (const unsigned char *p, size_t len, +der_get_utctime (const unsigned char *p, size_t len, time_t *data, size_t *size) { return der_get_time(p, len, data, size); @@ -397,7 +483,7 @@ der_get_oid (const unsigned char *p, size_t len, ++p; for (n = 2; len > 0; ++n) { unsigned u = 0, u1; - + do { --len; u1 = u * 128 + (*p++ % 128); @@ -456,16 +542,29 @@ int der_match_tag (const unsigned char *p, size_t len, Der_class class, Der_type type, unsigned int tag, size_t *size) +{ + Der_type thistype; + int e; + + e = der_match_tag2(p, len, class, &thistype, tag, size); + if (e) return e; + if (thistype != type) return ASN1_BAD_ID; + return 0; +} + +int +der_match_tag2 (const unsigned char *p, size_t len, + Der_class class, Der_type *type, + unsigned int tag, size_t *size) { size_t l; Der_class thisclass; - Der_type thistype; unsigned int thistag; int e; - e = der_get_tag (p, len, &thisclass, &thistype, &thistag, &l); + e = der_get_tag (p, len, &thisclass, type, &thistag, &l); if (e) return e; - if (class != thisclass || type != thistype) + if (class != thisclass) return ASN1_BAD_ID; if(tag > thistag) return ASN1_MISPLACED_FIELD; @@ -477,27 +576,26 @@ der_match_tag (const unsigned char *p, size_t len, int der_match_tag_and_length (const unsigned char *p, size_t len, - Der_class class, Der_type type, unsigned int tag, + Der_class class, Der_type *type, unsigned int tag, size_t *length_ret, size_t *size) { size_t l, ret = 0; int e; - e = der_match_tag (p, len, class, type, tag, &l); + e = der_match_tag2 (p, len, class, type, tag, &l); if (e) return e; p += l; len -= l; ret += l; e = der_get_length (p, len, length_ret, &l); if (e) return e; - p += l; - len -= l; - ret += l; - if(size) *size = ret; + if(size) *size = ret + l; return 0; } -/* + + +/* * Old versions of DCE was based on a very early beta of the MIT code, * which used MAVROS for ASN.1 encoding. MAVROS had the interesting * feature that it encoded data in the forward direction, which has @@ -507,7 +605,7 @@ der_match_tag_and_length (const unsigned char *p, size_t len, * to indefinite, BER style, lengths. The version of MAVROS used by * the DCE people could apparently generate correct X.509 DER encodings, and * did this by making space for the length after encoding, but - * unfortunately this feature wasn't used with Kerberos. + * unfortunately this feature wasn't used with Kerberos. */ int @@ -522,7 +620,7 @@ _heim_fix_dce(size_t reallen, size_t *len) } int -der_get_bit_string (const unsigned char *p, size_t len, +der_get_bit_string (const unsigned char *p, size_t len, heim_bit_string *data, size_t *size) { if (len < 1) @@ -539,8 +637,11 @@ der_get_bit_string (const unsigned char *p, size_t len, data->data = malloc(len - 1); if (data->data == NULL && (len - 1) != 0) return ENOMEM; - memcpy (data->data, p + 1, len - 1); - data->length -= p[0]; + /* copy data is there is data to copy */ + if (len - 1 != 0) { + memcpy (data->data, p + 1, len - 1); + data->length -= p[0]; + } if(size) *size = len; return 0; } diff --git a/lib/asn1/der_length.c b/lib/asn1/der_length.c index a7f8f593a20e..db82025861ea 100644 --- a/lib/asn1/der_length.c +++ b/lib/asn1/der_length.c @@ -1,46 +1,48 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" -RCSID("$Id: der_length.c 19539 2006-12-28 17:15:05Z lha $"); +RCSID("$Id$"); size_t _heim_len_unsigned (unsigned val) { size_t ret = 0; int last_val_gt_128; - + do { ++ret; last_val_gt_128 = (val >= 128); @@ -84,7 +86,7 @@ static size_t len_oid (const heim_oid *oid) { size_t ret = 1; - int n; + size_t n; for (n = 2; n < oid->length; ++n) { unsigned u = oid->components[n]; @@ -112,6 +114,20 @@ der_length_len (size_t len) } } +size_t +der_length_tag(unsigned int tag) +{ + size_t len = 0; + + if(tag <= 30) + return 1; + while(tag) { + tag /= 128; + len++; + } + return len + 1; +} + size_t der_length_integer (const int *data) { @@ -145,13 +161,13 @@ der_length_utf8string (const heim_utf8_string *data) size_t der_length_printable_string (const heim_printable_string *data) { - return strlen(*data); + return data->length; } size_t der_length_ia5_string (const heim_ia5_string *data) { - return strlen(*data); + return data->length; } size_t diff --git a/lib/asn1/der_locl.h b/lib/asn1/der_locl.h index 5b97557d74a3..a086e18fa4a4 100644 --- a/lib/asn1/der_locl.h +++ b/lib/asn1/der_locl.h @@ -1,44 +1,44 @@ /* - * Copyright (c) 1997 - 2002, 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2002, 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: der_locl.h 18608 2006-10-19 16:24:02Z lha $ */ +/* $Id$ */ #ifndef __DER_LOCL_H__ #define __DER_LOCL_H__ -#ifdef HAVE_CONFIG_H + #include -#endif + #include #include #include @@ -52,8 +52,11 @@ #include #include #include +#include +#include "asn1-template.h" time_t _der_timegm (struct tm *); +struct tm * _der_gmtime(time_t t, struct tm *); size_t _heim_len_unsigned (unsigned); size_t _heim_len_int (int); diff --git a/lib/asn1/der_put.c b/lib/asn1/der_put.c index 1fdbfe1305d6..0b276d1ebdce 100644 --- a/lib/asn1/der_put.c +++ b/lib/asn1/der_put.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" -RCSID("$Id: der_put.c 19539 2006-12-28 17:15:05Z lha $"); +RCSID("$Id$"); /* * All encoding functions take a pointer `p' to first position in @@ -157,7 +157,7 @@ der_put_boolean(unsigned char *p, size_t len, const int *data, size_t *size) } int -der_put_general_string (unsigned char *p, size_t len, +der_put_general_string (unsigned char *p, size_t len, const heim_general_string *str, size_t *size) { size_t slen = strlen(*str); @@ -165,42 +165,40 @@ der_put_general_string (unsigned char *p, size_t len, if (len < slen) return ASN1_OVERFLOW; p -= slen; - len -= slen; memcpy (p+1, *str, slen); *size = slen; return 0; } int -der_put_utf8string (unsigned char *p, size_t len, +der_put_utf8string (unsigned char *p, size_t len, const heim_utf8_string *str, size_t *size) { return der_put_general_string(p, len, str, size); } int -der_put_printable_string (unsigned char *p, size_t len, +der_put_printable_string (unsigned char *p, size_t len, const heim_printable_string *str, size_t *size) { - return der_put_general_string(p, len, str, size); + return der_put_octet_string(p, len, str, size); } int -der_put_ia5_string (unsigned char *p, size_t len, +der_put_ia5_string (unsigned char *p, size_t len, const heim_ia5_string *str, size_t *size) { - return der_put_general_string(p, len, str, size); + return der_put_octet_string(p, len, str, size); } int -der_put_bmp_string (unsigned char *p, size_t len, +der_put_bmp_string (unsigned char *p, size_t len, const heim_bmp_string *data, size_t *size) { size_t i; if (len / 2 < data->length) return ASN1_OVERFLOW; p -= data->length * 2; - len -= data->length * 2; for (i = 0; i < data->length; i++) { p[1] = (data->data[i] >> 8) & 0xff; p[2] = data->data[i] & 0xff; @@ -211,14 +209,13 @@ der_put_bmp_string (unsigned char *p, size_t len, } int -der_put_universal_string (unsigned char *p, size_t len, +der_put_universal_string (unsigned char *p, size_t len, const heim_universal_string *data, size_t *size) { size_t i; if (len / 4 < data->length) return ASN1_OVERFLOW; p -= data->length * 4; - len -= data->length * 4; for (i = 0; i < data->length; i++) { p[1] = (data->data[i] >> 24) & 0xff; p[2] = (data->data[i] >> 16) & 0xff; @@ -231,27 +228,26 @@ der_put_universal_string (unsigned char *p, size_t len, } int -der_put_visible_string (unsigned char *p, size_t len, +der_put_visible_string (unsigned char *p, size_t len, const heim_visible_string *str, size_t *size) { return der_put_general_string(p, len, str, size); } int -der_put_octet_string (unsigned char *p, size_t len, +der_put_octet_string (unsigned char *p, size_t len, const heim_octet_string *data, size_t *size) { if (len < data->length) return ASN1_OVERFLOW; p -= data->length; - len -= data->length; memcpy (p+1, data->data, data->length); *size = data->length; return 0; } int -der_put_heim_integer (unsigned char *p, size_t len, +der_put_heim_integer (unsigned char *p, size_t len, const heim_integer *data, size_t *size) { unsigned char *buf = data->data; @@ -303,7 +299,7 @@ der_put_heim_integer (unsigned char *p, size_t len, } int -der_put_generalized_time (unsigned char *p, size_t len, +der_put_generalized_time (unsigned char *p, size_t len, const time_t *data, size_t *size) { heim_octet_string k; @@ -323,7 +319,7 @@ der_put_generalized_time (unsigned char *p, size_t len, } int -der_put_utctime (unsigned char *p, size_t len, +der_put_utctime (unsigned char *p, size_t len, const time_t *data, size_t *size) { heim_octet_string k; @@ -384,7 +380,7 @@ der_put_tag (unsigned char *p, size_t len, Der_class class, Der_type type, } else { size_t ret = 0; unsigned int continuation = 0; - + do { if (len < 1) return ASN1_OVERFLOW; @@ -405,7 +401,7 @@ der_put_tag (unsigned char *p, size_t len, Der_class class, Der_type type, int der_put_length_and_tag (unsigned char *p, size_t len, size_t len_val, - Der_class class, Der_type type, + Der_class class, Der_type type, unsigned int tag, size_t *size) { size_t ret = 0; @@ -421,8 +417,7 @@ der_put_length_and_tag (unsigned char *p, size_t len, size_t len_val, e = der_put_tag (p, len, class, type, tag, &l); if(e) return e; - p -= l; - len -= l; + ret += l; *size = ret; return 0; @@ -431,35 +426,36 @@ der_put_length_and_tag (unsigned char *p, size_t len, size_t len_val, int _heim_time2generalizedtime (time_t t, heim_octet_string *s, int gtimep) { - struct tm *tm; + struct tm tm; const size_t len = gtimep ? 15 : 13; s->data = malloc(len + 1); if (s->data == NULL) return ENOMEM; s->length = len; - tm = gmtime (&t); + if (_der_gmtime(t, &tm) == NULL) + return ASN1_BAD_TIMEFORMAT; if (gtimep) - snprintf (s->data, len + 1, "%04d%02d%02d%02d%02d%02dZ", - tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, - tm->tm_hour, tm->tm_min, tm->tm_sec); + snprintf (s->data, len + 1, "%04d%02d%02d%02d%02d%02dZ", + tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday, + tm.tm_hour, tm.tm_min, tm.tm_sec); else - snprintf (s->data, len + 1, "%02d%02d%02d%02d%02d%02dZ", - tm->tm_year % 100, tm->tm_mon + 1, tm->tm_mday, - tm->tm_hour, tm->tm_min, tm->tm_sec); + snprintf (s->data, len + 1, "%02d%02d%02d%02d%02d%02dZ", + tm.tm_year % 100, tm.tm_mon + 1, tm.tm_mday, + tm.tm_hour, tm.tm_min, tm.tm_sec); return 0; } int -der_put_bit_string (unsigned char *p, size_t len, +der_put_bit_string (unsigned char *p, size_t len, const heim_bit_string *data, size_t *size) { size_t data_size = (data->length + 7) / 8; if (len < data_size + 1) return ASN1_OVERFLOW; p -= data_size + 1; - len -= data_size + 1; + memcpy (p+2, data->data, data_size); if (data->length && (data->length % 8) != 0) p[1] = 8 - (data->length % 8); @@ -469,13 +465,13 @@ der_put_bit_string (unsigned char *p, size_t len, return 0; } -int +int _heim_der_set_sort(const void *a1, const void *a2) { const struct heim_octet_string *s1 = a1, *s2 = a2; int ret; - ret = memcmp(s1->data, s2->data, + ret = memcmp(s1->data, s2->data, s1->length < s2->length ? s1->length : s2->length); if(ret) return ret; diff --git a/lib/asn1/digest.asn1 b/lib/asn1/digest.asn1 index eafe48ea5aee..027402f1efe2 100644 --- a/lib/asn1/digest.asn1 +++ b/lib/asn1/digest.asn1 @@ -1,4 +1,4 @@ --- $Id: digest.asn1 22152 2007-12-04 19:59:18Z lha $ +-- $Id$ DIGEST DEFINITIONS ::= BEGIN @@ -100,6 +100,21 @@ NTLMResponse ::= SEQUENCE { tickets [3] SEQUENCE OF OCTET STRING OPTIONAL } +NTLMRequest2 ::= SEQUENCE { + loginUserName [0] UTF8String, + loginDomainName [1] UTF8String, + flags [2] INTEGER (0..4294967295), + lmchallenge [3] OCTET STRING SIZE (8), + ntChallengeResponce [4] OCTET STRING, + lmChallengeResponce [5] OCTET STRING +} + +NTLMReply ::= SEQUENCE { + success [0] BOOLEAN, + flags [1] INTEGER (0..4294967295), + sessionkey [2] OCTET STRING OPTIONAL +} + DigestReqInner ::= CHOICE { init [0] DigestInit, digestRequest [1] DigestRequest, @@ -139,7 +154,7 @@ DigestREP ::= [APPLICATION 129] SEQUENCE { -- qop == auth -- A2 = Method ":" digest-uri-value -- qop == auth-int --- A2 = Method ":" digest-uri-value ":" H(entity-body) +-- A2 = Method ":" digest-uri-value ":" H(entity-body) -- request-digest = HEX(KD(HEX(H(A1)), -- unq(nonce-value) ":" nc-value ":" unq(cnonce-value) ":" unq(qop-value) ":" HEX(H(A2)))) diff --git a/lib/asn1/extra.c b/lib/asn1/extra.c index e29a43787851..a18797ec2594 100644 --- a/lib/asn1/extra.c +++ b/lib/asn1/extra.c @@ -1,56 +1,52 @@ /* - * Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" #include "heim_asn1.h" -RCSID("$Id: extra.c 16672 2006-01-31 09:44:54Z lha $"); +RCSID("$Id$"); int -encode_heim_any(unsigned char *p, size_t len, +encode_heim_any(unsigned char *p, size_t len, const heim_any *data, size_t *size) { - if (data->length > len) - return ASN1_OVERFLOW; - p -= data->length; - len -= data->length; - memcpy (p+1, data->data, data->length); - *size = data->length; - return 0; + return der_put_octet_string (p, len, data, size); } int -decode_heim_any(const unsigned char *p, size_t len, +decode_heim_any(const unsigned char *p, size_t len, heim_any *data, size_t *size) { size_t len_len, length, l; @@ -67,8 +63,14 @@ decode_heim_any(const unsigned char *p, size_t len, return ASN1_OVERFLOW; e = der_get_length(p + l, len - l, &length, &len_len); if (e) return e; - if (length + len_len + l > len) - return ASN1_OVERFLOW; + if (length == ASN1_INDEFINITE) { + if (len < len_len + l) + return ASN1_OVERFLOW; + length = len - (len_len + l); + } else { + if (len < length + len_len + l) + return ASN1_OVERFLOW; + } data->data = malloc(length + len_len + l); if (data->data == NULL) @@ -85,8 +87,7 @@ decode_heim_any(const unsigned char *p, size_t len, void free_heim_any(heim_any *data) { - free(data->data); - data->data = NULL; + der_free_octet_string(data); } size_t @@ -98,58 +99,43 @@ length_heim_any(const heim_any *data) int copy_heim_any(const heim_any *from, heim_any *to) { - to->data = malloc(from->length); - if (to->data == NULL && from->length != 0) - return ENOMEM; - memcpy(to->data, from->data, from->length); - to->length = from->length; - return 0; + return der_copy_octet_string(from, to); } int -encode_heim_any_set(unsigned char *p, size_t len, +encode_heim_any_set(unsigned char *p, size_t len, const heim_any_set *data, size_t *size) { - return encode_heim_any(p, len, data, size); + return der_put_octet_string (p, len, data, size); } - int -decode_heim_any_set(const unsigned char *p, size_t len, +decode_heim_any_set(const unsigned char *p, size_t len, heim_any_set *data, size_t *size) { - memset(data, 0, sizeof(*data)); - data->data = malloc(len); - if (data->data == NULL && len != 0) - return ENOMEM; - data->length = len; - memcpy(data->data, p, len); - if (size) *size = len; - return 0; + return der_get_octet_string(p, len, data, size); } void free_heim_any_set(heim_any_set *data) { - free_heim_any(data); + der_free_octet_string(data); } size_t length_heim_any_set(const heim_any *data) { - return length_heim_any(data); + return data->length; } int copy_heim_any_set(const heim_any_set *from, heim_any_set *to) { - return copy_heim_any(from, to); + return der_copy_octet_string(from, to); } int heim_any_cmp(const heim_any_set *p, const heim_any_set *q) { - if (p->length != q->length) - return p->length - q->length; - return memcmp(p->data, q->data, p->length); + return der_heim_octet_string_cmp(p, q); } diff --git a/lib/asn1/gen.c b/lib/asn1/gen.c index 499f8eab363b..2194b329ce1d 100644 --- a/lib/asn1/gen.c +++ b/lib/asn1/gen.c @@ -1,46 +1,48 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "gen_locl.h" -RCSID("$Id: gen.c 22429 2008-01-13 10:25:50Z lha $"); +RCSID("$Id$"); -FILE *headerfile, *codefile, *logfile; +FILE *privheaderfile, *headerfile, *codefile, *logfile, *templatefile; #define STEM "asn1" static const char *orig_filename; -static char *header; +static char *privheader, *header, *template; static const char *headerbase = STEM; /* @@ -66,6 +68,45 @@ add_import (const char *module) fprintf (headerfile, "#include <%s_asn1.h>\n", module); } +/* + * List of all exported symbols + */ + +struct sexport { + const char *name; + int defined; + struct sexport *next; +}; + +static struct sexport *exports = NULL; + +void +add_export (const char *name) +{ + struct sexport *tmp = emalloc (sizeof(*tmp)); + + tmp->name = name; + tmp->next = exports; + exports = tmp; +} + +int +is_export(const char *name) +{ + struct sexport *tmp; + + if (exports == NULL) /* no export list, all exported */ + return 1; + + for (tmp = exports; tmp != NULL; tmp = tmp->next) { + if (strcmp(tmp->name, name) == 0) { + tmp->defined = 1; + return 1; + } + } + return 0; +} + const char * get_filename (void) { @@ -75,7 +116,7 @@ get_filename (void) void init_generate (const char *filename, const char *base) { - char *fn; + char *fn = NULL; orig_filename = filename; if (base != NULL) { @@ -83,20 +124,40 @@ init_generate (const char *filename, const char *base) if (headerbase == NULL) errx(1, "strdup"); } - asprintf(&header, "%s.h", headerbase); - if (header == NULL) + + /* public header file */ + if (asprintf(&header, "%s.h", headerbase) < 0 || header == NULL) errx(1, "malloc"); - headerfile = fopen (header, "w"); + if (asprintf(&fn, "%s.hx", headerbase) < 0 || fn == NULL) + errx(1, "malloc"); + headerfile = fopen (fn, "w"); if (headerfile == NULL) - err (1, "open %s", header); + err (1, "open %s", fn); + free(fn); + fn = NULL; + + /* private header file */ + if (asprintf(&privheader, "%s-priv.h", headerbase) < 0 || privheader == NULL) + errx(1, "malloc"); + if (asprintf(&fn, "%s-priv.hx", headerbase) < 0 || fn == NULL) + errx(1, "malloc"); + privheaderfile = fopen (fn, "w"); + if (privheaderfile == NULL) + err (1, "open %s", fn); + free(fn); + fn = NULL; + + /* template file */ + if (asprintf(&template, "%s-template.c", headerbase) < 0 || template == NULL) + errx(1, "malloc"); fprintf (headerfile, "/* Generated from %s */\n" "/* Do not edit */\n\n", filename); - fprintf (headerfile, + fprintf (headerfile, "#ifndef __%s_h__\n" "#define __%s_h__\n\n", headerbase, headerbase); - fprintf (headerfile, + fprintf (headerfile, "#include \n" "#include \n\n"); fprintf (headerfile, @@ -120,10 +181,10 @@ init_generate (const char *filename, const char *base) "typedef char *heim_utf8_string;\n\n" ); fprintf (headerfile, - "typedef char *heim_printable_string;\n\n" + "typedef struct heim_octet_string heim_printable_string;\n\n" ); fprintf (headerfile, - "typedef char *heim_ia5_string;\n\n" + "typedef struct heim_octet_string heim_ia5_string;\n\n" ); fprintf (headerfile, "typedef struct heim_bmp_string {\n" @@ -167,14 +228,55 @@ init_generate (const char *filename, const char *base) " } \\\n" " } while (0)\n\n", headerfile); + fputs("#ifdef _WIN32\n" + "#ifndef ASN1_LIB\n" + "#define ASN1EXP __declspec(dllimport)\n" + "#else\n" + "#define ASN1EXP\n" + "#endif\n" + "#define ASN1CALL __stdcall\n" + "#else\n" + "#define ASN1EXP\n" + "#define ASN1CALL\n" + "#endif\n", + headerfile); fprintf (headerfile, "struct units;\n\n"); fprintf (headerfile, "#endif\n\n"); - asprintf(&fn, "%s_files", base); - if (fn == NULL) + if (asprintf(&fn, "%s_files", base) < 0 || fn == NULL) errx(1, "malloc"); logfile = fopen(fn, "w"); if (logfile == NULL) err (1, "open %s", fn); + + /* if one code file, write into the one codefile */ + if (one_code_file) + return; + + templatefile = fopen (template, "w"); + if (templatefile == NULL) + err (1, "open %s", template); + + fprintf (templatefile, + "/* Generated from %s */\n" + "/* Do not edit */\n\n" + "#include \n" + "#include \n" + "#include \n" + "#include \n" + "#include \n" + "#include \n" + "#include \n", + filename); + + fprintf (templatefile, + "#include <%s>\n" + "#include <%s>\n" + "#include \n" + "#include \n" + "#include \n", + header, privheader); + + } void @@ -182,9 +284,15 @@ close_generate (void) { fprintf (headerfile, "#endif /* __%s_h__ */\n", headerbase); - fclose (headerfile); - fprintf (logfile, "\n"); - fclose (logfile); + if (headerfile) + fclose (headerfile); + if (privheaderfile) + fclose (privheaderfile); + if (templatefile) + fclose (templatefile); + if (logfile) + fprintf (logfile, "\n"); + fclose (logfile); } void @@ -229,25 +337,26 @@ gen_compare_defval(const char *var, struct value *val) } } -static void +void generate_header_of_codefile(const char *name) { - char *filename; + char *filename = NULL; if (codefile != NULL) abort(); - asprintf (&filename, "%s_%s.x", STEM, name); - if (filename == NULL) + if (asprintf (&filename, "%s_%s.x", STEM, name) < 0 || filename == NULL) errx(1, "malloc"); codefile = fopen (filename, "w"); if (codefile == NULL) err (1, "fopen %s", filename); fprintf(logfile, "%s ", filename); free(filename); - fprintf (codefile, + filename = NULL; + fprintf (codefile, "/* Generated from %s */\n" "/* Do not edit */\n\n" + "#define ASN1_LIB\n\n" "#include \n" "#include \n" "#include \n" @@ -258,16 +367,19 @@ generate_header_of_codefile(const char *name) orig_filename); fprintf (codefile, - "#include <%s.h>\n", - headerbase); + "#include <%s>\n" + "#include <%s>\n", + header, privheader); fprintf (codefile, "#include \n" "#include \n" + "#include \n" + "#include \n" "#include \n\n"); } -static void +void close_codefile(void) { if (codefile == NULL) @@ -294,13 +406,20 @@ generate_constant (const Symbol *s) break; case objectidentifiervalue: { struct objid *o, **list; - int i, len; + unsigned int i, len; + char *gen_upper; - generate_header_of_codefile(s->gen_name); + if (!one_code_file) + generate_header_of_codefile(s->gen_name); len = 0; for (o = s->value->u.objectidentifiervalue; o != NULL; o = o->next) len++; + if (len == 0) { + printf("s->gen_name: %s",s->gen_name); + fflush(stdout); + break; + } list = emalloc(sizeof(*list) * len); i = 0; @@ -308,34 +427,44 @@ generate_constant (const Symbol *s) list[i++] = o; fprintf (headerfile, "/* OBJECT IDENTIFIER %s ::= { ", s->name); - for (i = len - 1 ; i >= 0; i--) { - o = list[i]; + for (i = len ; i > 0; i--) { + o = list[i - 1]; fprintf(headerfile, "%s(%d) ", o->label ? o->label : "label-less", o->value); } - fprintf (headerfile, "} */\n"); - fprintf (headerfile, "const heim_oid *oid_%s(void);\n\n", - s->gen_name); - fprintf (codefile, "static unsigned oid_%s_variable_num[%d] = {", s->gen_name, len); - for (i = len - 1 ; i >= 0; i--) { - fprintf(codefile, "%d%s ", list[i]->value, i > 0 ? "," : ""); + for (i = len ; i > 0; i--) { + fprintf(codefile, "%d%s ", list[i - 1]->value, i > 1 ? "," : ""); } fprintf(codefile, "};\n"); - fprintf (codefile, "static const heim_oid oid_%s_variable = " - "{ %d, oid_%s_variable_num };\n\n", + fprintf (codefile, "const heim_oid asn1_oid_%s = " + "{ %d, oid_%s_variable_num };\n\n", s->gen_name, len, s->gen_name); - fprintf (codefile, "const heim_oid *oid_%s(void)\n" - "{\n" - "return &oid_%s_variable;\n" - "}\n\n", - s->gen_name, s->gen_name); + free(list); - close_codefile(); + /* header file */ + + gen_upper = strdup(s->gen_name); + len = strlen(gen_upper); + for (i = 0; i < len; i++) + gen_upper[i] = toupper((int)s->gen_name[i]); + + fprintf (headerfile, "} */\n"); + fprintf (headerfile, + "extern ASN1EXP const heim_oid asn1_oid_%s;\n" + "#define ASN1_OID_%s (&asn1_oid_%s)\n\n", + s->gen_name, + gen_upper, + s->gen_name); + + free(gen_upper); + + if (!one_code_file) + close_codefile(); break; } @@ -344,6 +473,33 @@ generate_constant (const Symbol *s) } } +int +is_primitive_type(int type) +{ + switch(type) { + case TInteger: + case TBoolean: + case TOctetString: + case TBitString: + case TEnumerated: + case TGeneralizedTime: + case TGeneralString: + case TTeletexString: + case TOID: + case TUTCTime: + case TUTF8String: + case TPrintableString: + case TIA5String: + case TBMPString: + case TUniversalString: + case TVisibleString: + case TNull: + return 1; + default: + return 0; + } +} + static void space(int level) { @@ -391,7 +547,7 @@ define_asn1 (int level, Type *t) fprintf (headerfile, "INTEGER {\n"); ASN1_TAILQ_FOREACH(m, t->members, members) { space (level + 1); - fprintf(headerfile, "%s(%d)%s\n", m->gen_name, m->val, + fprintf(headerfile, "%s(%d)%s\n", m->gen_name, m->val, last_member_p(m)); } space(level); @@ -415,7 +571,7 @@ define_asn1 (int level, Type *t) fprintf (headerfile, "ENUMERATED {\n"); ASN1_TAILQ_FOREACH(m, t->members, members) { space(level + 1); - fprintf (headerfile, "%s(%d)%s\n", m->name, m->val, + fprintf (headerfile, "%s(%d)%s\n", m->name, m->val, last_member_p(m)); } space(level); @@ -474,11 +630,14 @@ define_asn1 (int level, Type *t) case TGeneralString: fprintf (headerfile, "GeneralString"); break; + case TTeletexString: + fprintf (headerfile, "TeletexString"); + break; case TTag: { - const char *classnames[] = { "UNIVERSAL ", "APPLICATION ", + const char *classnames[] = { "UNIVERSAL ", "APPLICATION ", "" /* CONTEXT */, "PRIVATE " }; if(t->tag.tagclass != ASN1_C_UNIV) - fprintf (headerfile, "[%s%d] ", + fprintf (headerfile, "[%s%d] ", classnames[t->tag.tagclass], t->tag.tagvalue); if(t->tag.tagenv == TE_IMPLICIT) @@ -527,8 +686,25 @@ define_asn1 (int level, Type *t) } static void -define_type (int level, const char *name, Type *t, int typedefp, int preservep) +getnewbasename(char **newbasename, int typedefp, const char *basename, const char *name) { + if (typedefp) + *newbasename = strdup(name); + else { + if (name[0] == '*') + name++; + if (asprintf(newbasename, "%s_%s", basename, name) < 0) + errx(1, "malloc"); + } + if (*newbasename == NULL) + err(1, "malloc"); +} + +static void +define_type (int level, const char *name, const char *basename, Type *t, int typedefp, int preservep) +{ + char *newbasename = NULL; + switch (t->type) { case TType: space(level); @@ -541,7 +717,7 @@ define_type (int level, const char *name, Type *t, int typedefp, int preservep) fprintf (headerfile, "enum %s {\n", typedefp ? name : ""); ASN1_TAILQ_FOREACH(m, t->members, members) { space (level + 1); - fprintf(headerfile, "%s = %d%s\n", m->gen_name, m->val, + fprintf(headerfile, "%s = %d%s\n", m->gen_name, m->val, last_member_p(m)); } fprintf (headerfile, "} %s;\n", name); @@ -554,7 +730,7 @@ define_type (int level, const char *name, Type *t, int typedefp, int preservep) } else if (t->range->min == 0 && t->range->max == INT_MAX) { fprintf (headerfile, "unsigned int %s;\n", name); } else - errx(1, "%s: unsupported range %d -> %d", + errx(1, "%s: unsupported range %d -> %d", name, t->range->min, t->range->max); break; case TBoolean: @@ -576,19 +752,43 @@ define_type (int level, const char *name, Type *t, int typedefp, int preservep) i.constraint = NULL; space(level); - if(ASN1_TAILQ_EMPTY(t->members)) + if(ASN1_TAILQ_EMPTY(t->members)) fprintf (headerfile, "heim_bit_string %s;\n", name); else { - fprintf (headerfile, "struct %s {\n", typedefp ? name : ""); + int pos = 0; + getnewbasename(&newbasename, typedefp, basename, name); + + fprintf (headerfile, "struct %s {\n", newbasename); ASN1_TAILQ_FOREACH(m, t->members, members) { - char *n; - - asprintf (&n, "%s:1", m->gen_name); - if (n == NULL) + char *n = NULL; + + /* pad unused */ + while (pos < m->val) { + if (asprintf (&n, "_unused%d:1", pos) < 0 || n == NULL) + errx(1, "malloc"); + define_type (level + 1, n, newbasename, &i, FALSE, FALSE); + free(n); + pos++; + } + + n = NULL; + if (asprintf (&n, "%s:1", m->gen_name) < 0 || n == NULL) errx(1, "malloc"); - define_type (level + 1, n, &i, FALSE, FALSE); + define_type (level + 1, n, newbasename, &i, FALSE, FALSE); free (n); + n = NULL; + pos++; } + /* pad to 32 elements */ + while (pos < 32) { + char *n = NULL; + if (asprintf (&n, "_unused%d:1", pos) < 0 || n == NULL) + errx(1, "malloc"); + define_type (level + 1, n, newbasename, &i, FALSE, FALSE); + free(n); + pos++; + } + space(level); fprintf (headerfile, "} %s;\n\n", name); } @@ -615,8 +815,10 @@ define_type (int level, const char *name, Type *t, int typedefp, int preservep) case TSequence: { Member *m; + getnewbasename(&newbasename, typedefp, basename, name); + space(level); - fprintf (headerfile, "struct %s {\n", typedefp ? name : ""); + fprintf (headerfile, "struct %s {\n", newbasename); if (t->type == TSequence && preservep) { space(level + 1); fprintf(headerfile, "heim_octet_string _save;\n"); @@ -625,15 +827,14 @@ define_type (int level, const char *name, Type *t, int typedefp, int preservep) if (m->ellipsis) { ; } else if (m->optional) { - char *n; + char *n = NULL; - asprintf (&n, "*%s", m->gen_name); - if (n == NULL) + if (asprintf (&n, "*%s", m->gen_name) < 0 || n == NULL) errx(1, "malloc"); - define_type (level + 1, n, m->type, FALSE, FALSE); + define_type (level + 1, n, newbasename, m->type, FALSE, FALSE); free (n); } else - define_type (level + 1, m->gen_name, m->type, FALSE, FALSE); + define_type (level + 1, m->gen_name, newbasename, m->type, FALSE, FALSE); } space(level); fprintf (headerfile, "} %s;\n", name); @@ -644,15 +845,17 @@ define_type (int level, const char *name, Type *t, int typedefp, int preservep) Type i; struct range range = { 0, INT_MAX }; + getnewbasename(&newbasename, typedefp, basename, name); + i.type = TInteger; i.range = ⦥ i.members = NULL; i.constraint = NULL; space(level); - fprintf (headerfile, "struct %s {\n", typedefp ? name : ""); - define_type (level + 1, "len", &i, FALSE, FALSE); - define_type (level + 1, "*val", t->subtype, FALSE, FALSE); + fprintf (headerfile, "struct %s {\n", newbasename); + define_type (level + 1, "len", newbasename, &i, FALSE, FALSE); + define_type (level + 1, "*val", newbasename, t->subtype, FALSE, FALSE); space(level); fprintf (headerfile, "} %s;\n", name); break; @@ -665,15 +868,21 @@ define_type (int level, const char *name, Type *t, int typedefp, int preservep) space(level); fprintf (headerfile, "heim_general_string %s;\n", name); break; + case TTeletexString: + space(level); + fprintf (headerfile, "heim_general_string %s;\n", name); + break; case TTag: - define_type (level, name, t->subtype, typedefp, preservep); + define_type (level, name, basename, t->subtype, typedefp, preservep); break; case TChoice: { int first = 1; Member *m; + getnewbasename(&newbasename, typedefp, basename, name); + space(level); - fprintf (headerfile, "struct %s {\n", typedefp ? name : ""); + fprintf (headerfile, "struct %s {\n", newbasename); if (preservep) { space(level + 1); fprintf(headerfile, "heim_octet_string _save;\n"); @@ -683,7 +892,7 @@ define_type (int level, const char *name, Type *t, int typedefp, int preservep) m = have_ellipsis(t); if (m) { space(level + 2); - fprintf (headerfile, "%s = 0,\n", m->label); + fprintf (headerfile, "%s = 0,\n", m->label); first = 0; } ASN1_TAILQ_FOREACH(m, t->members, members) { @@ -691,8 +900,8 @@ define_type (int level, const char *name, Type *t, int typedefp, int preservep) if (m->ellipsis) fprintf (headerfile, "/* ... */\n"); else - fprintf (headerfile, "%s%s%s\n", m->label, - first ? " = 1" : "", + fprintf (headerfile, "%s%s%s\n", m->label, + first ? " = 1" : "", last_member_p(m)); first = 0; } @@ -705,15 +914,14 @@ define_type (int level, const char *name, Type *t, int typedefp, int preservep) space(level + 2); fprintf(headerfile, "heim_octet_string asn1_ellipsis;\n"); } else if (m->optional) { - char *n; + char *n = NULL; - asprintf (&n, "*%s", m->gen_name); - if (n == NULL) + if (asprintf (&n, "*%s", m->gen_name) < 0 || n == NULL) errx(1, "malloc"); - define_type (level + 2, n, m->type, FALSE, FALSE); + define_type (level + 2, n, newbasename, m->type, FALSE, FALSE); free (n); } else - define_type (level + 2, m->gen_name, m->type, FALSE, FALSE); + define_type (level + 2, m->gen_name, newbasename, m->type, FALSE, FALSE); } space(level + 1); fprintf (headerfile, "} u;\n"); @@ -760,6 +968,8 @@ define_type (int level, const char *name, Type *t, int typedefp, int preservep) default: abort (); } + if (newbasename) + free(newbasename); } static void @@ -773,25 +983,72 @@ generate_type_header (const Symbol *s) fprintf (headerfile, "\n*/\n\n"); fprintf (headerfile, "typedef "); - define_type (0, s->gen_name, s->type, TRUE, preservep); + define_type (0, s->gen_name, s->gen_name, s->type, TRUE, preservep); fprintf (headerfile, "\n"); } - void generate_type (const Symbol *s) { - generate_header_of_codefile(s->gen_name); + FILE *h; + const char * exp; + + if (!one_code_file) + generate_header_of_codefile(s->gen_name); generate_type_header (s); - generate_type_encode (s); - generate_type_decode (s); - generate_type_free (s); - generate_type_length (s); - generate_type_copy (s); + + if (template_flag) + generate_template(s); + + if (template_flag == 0 || is_template_compat(s) == 0) { + generate_type_encode (s); + generate_type_decode (s); + generate_type_free (s); + generate_type_length (s); + generate_type_copy (s); + } generate_type_seq (s); generate_glue (s->type, s->gen_name); - fprintf(headerfile, "\n\n"); - close_codefile(); + + /* generate prototypes */ + + if (is_export(s->name)) { + h = headerfile; + exp = "ASN1EXP "; + } else { + h = privheaderfile; + exp = ""; + } + + fprintf (h, + "%sint ASN1CALL " + "decode_%s(const unsigned char *, size_t, %s *, size_t *);\n", + exp, + s->gen_name, s->gen_name); + fprintf (h, + "%sint ASN1CALL " + "encode_%s(unsigned char *, size_t, const %s *, size_t *);\n", + exp, + s->gen_name, s->gen_name); + fprintf (h, + "%ssize_t ASN1CALL length_%s(const %s *);\n", + exp, + s->gen_name, s->gen_name); + fprintf (h, + "%sint ASN1CALL copy_%s (const %s *, %s *);\n", + exp, + s->gen_name, s->gen_name, s->gen_name); + fprintf (h, + "%svoid ASN1CALL free_%s (%s *);\n", + exp, + s->gen_name, s->gen_name); + + fprintf(h, "\n\n"); + + if (!one_code_file) { + fprintf(codefile, "\n\n"); + close_codefile(); + } } diff --git a/lib/asn1/gen_copy.c b/lib/asn1/gen_copy.c index abf11859d5f4..36f68ee5d99c 100644 --- a/lib/asn1/gen_copy.c +++ b/lib/asn1/gen_copy.c @@ -1,46 +1,46 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "gen_locl.h" -RCSID("$Id: gen_copy.c 19539 2006-12-28 17:15:05Z lha $"); +RCSID("$Id$"); static int used_fail; static void copy_primitive (const char *typename, const char *from, const char *to) { - fprintf (codefile, "if(der_copy_%s(%s, %s)) goto fail;\n", + fprintf (codefile, "if(der_copy_%s(%s, %s)) goto fail;\n", typename, from, to); used_fail++; } @@ -53,7 +53,7 @@ copy_type (const char *from, const char *to, const Type *t, int preserve) #if 0 copy_type (from, to, t->symbol->type, preserve); #endif - fprintf (codefile, "if(copy_%s(%s, %s)) goto fail;\n", + fprintf (codefile, "if(copy_%s(%s, %s)) goto fail;\n", t->symbol->gen_name, from, to); used_fail++; break; @@ -82,7 +82,7 @@ copy_type (const char *from, const char *to, const Type *t, int preserve) if(t->members == NULL) break; - + if ((t->type == TSequence || t->type == TChoice) && preserve) { fprintf(codefile, "{ int ret;\n" @@ -110,14 +110,16 @@ copy_type (const char *from, const char *to, const Type *t, int preserve) if(t->type == TChoice) fprintf(codefile, "case %s:\n", m->label); - asprintf (&fs, "%s(%s)->%s%s", - m->optional ? "" : "&", from, - t->type == TChoice ? "u." : "", m->gen_name); + if (asprintf (&fs, "%s(%s)->%s%s", + m->optional ? "" : "&", from, + t->type == TChoice ? "u." : "", m->gen_name) < 0) + errx(1, "malloc"); if (fs == NULL) errx(1, "malloc"); - asprintf (&ts, "%s(%s)->%s%s", - m->optional ? "" : "&", to, - t->type == TChoice ? "u." : "", m->gen_name); + if (asprintf (&ts, "%s(%s)->%s%s", + m->optional ? "" : "&", to, + t->type == TChoice ? "u." : "", m->gen_name) < 0) + errx(1, "malloc"); if (ts == NULL) errx(1, "malloc"); if(m->optional){ @@ -145,31 +147,32 @@ copy_type (const char *from, const char *to, const Type *t, int preserve) "break;\n" "}\n", have_ellipsis->label, - from, have_ellipsis->gen_name, + from, have_ellipsis->gen_name, to, have_ellipsis->gen_name); used_fail++; } - fprintf(codefile, "}\n"); + fprintf(codefile, "}\n"); } break; } case TSetOf: case TSequenceOf: { - char *f; - char *T; + char *f = NULL, *T = NULL; fprintf (codefile, "if(((%s)->val = " - "malloc((%s)->len * sizeof(*(%s)->val))) == NULL && (%s)->len != 0)\n", + "malloc((%s)->len * sizeof(*(%s)->val))) == NULL && (%s)->len != 0)\n", to, from, to, from); fprintf (codefile, "goto fail;\n"); used_fail++; fprintf(codefile, "for((%s)->len = 0; (%s)->len < (%s)->len; (%s)->len++){\n", to, to, from, to); - asprintf(&f, "&(%s)->val[(%s)->len]", from, to); + if (asprintf(&f, "&(%s)->val[(%s)->len]", from, to) < 0) + errx(1, "malloc"); if (f == NULL) errx(1, "malloc"); - asprintf(&T, "&(%s)->val[(%s)->len]", to, to); + if (asprintf(&T, "&(%s)->val[(%s)->len]", to, to) < 0) + errx(1, "malloc"); if (T == NULL) errx(1, "malloc"); copy_type(f, T, t->subtype, FALSE); @@ -184,6 +187,9 @@ copy_type (const char *from, const char *to, const Type *t, int preserve) case TGeneralString: copy_primitive ("general_string", from, to); break; + case TTeletexString: + copy_primitive ("general_string", from, to); + break; case TUTCTime: fprintf(codefile, "*(%s) = *(%s);\n", to, from); break; @@ -225,11 +231,7 @@ generate_type_copy (const Symbol *s) used_fail = 0; - fprintf (headerfile, - "int copy_%s (const %s *, %s *);\n", - s->gen_name, s->gen_name, s->gen_name); - - fprintf (codefile, "int\n" + fprintf (codefile, "int ASN1CALL\n" "copy_%s(const %s *from, %s *to)\n" "{\n" "memset(to, 0, sizeof(*to));\n", diff --git a/lib/asn1/gen_decode.c b/lib/asn1/gen_decode.c index face9ba47a04..9d816d5400d7 100644 --- a/lib/asn1/gen_decode.c +++ b/lib/asn1/gen_decode.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "gen_locl.h" #include "lex.h" -RCSID("$Id: gen_decode.c 21503 2007-07-12 11:57:19Z lha $"); +RCSID("$Id$"); static void decode_primitive (const char *typename, const char *name, const char *forwstr) @@ -56,32 +56,6 @@ decode_primitive (const char *typename, const char *name, const char *forwstr) #endif } -static int -is_primitive_type(int type) -{ - switch(type) { - case TInteger: - case TBoolean: - case TOctetString: - case TBitString: - case TEnumerated: - case TGeneralizedTime: - case TGeneralString: - case TOID: - case TUTCTime: - case TUTF8String: - case TPrintableString: - case TIA5String: - case TBMPString: - case TUniversalString: - case TVisibleString: - case TNull: - return 1; - default: - return 0; - } -} - static void find_tag (const Type *t, Der_class *cl, Der_type *ty, unsigned *tag) @@ -97,19 +71,24 @@ find_tag (const Type *t, *ty = PRIM; *tag = UT_Boolean; break; - case TChoice: + case TChoice: errx(1, "Cannot have recursive CHOICE"); case TEnumerated: *cl = ASN1_C_UNIV; *ty = PRIM; *tag = UT_Enumerated; break; - case TGeneralString: + case TGeneralString: *cl = ASN1_C_UNIV; *ty = PRIM; *tag = UT_GeneralString; break; - case TGeneralizedTime: + case TTeletexString: + *cl = ASN1_C_UNIV; + *ty = PRIM; + *tag = UT_TeletexString; + break; + case TGeneralizedTime: *cl = ASN1_C_UNIV; *ty = PRIM; *tag = UT_GeneralizedTime; @@ -119,7 +98,7 @@ find_tag (const Type *t, *ty = PRIM; *tag = UT_IA5String; break; - case TInteger: + case TInteger: *cl = ASN1_C_UNIV; *ty = PRIM; *tag = UT_Integer; @@ -129,12 +108,12 @@ find_tag (const Type *t, *ty = PRIM; *tag = UT_Null; break; - case TOID: + case TOID: *cl = ASN1_C_UNIV; *ty = PRIM; *tag = UT_OID; break; - case TOctetString: + case TOctetString: *cl = ASN1_C_UNIV; *ty = PRIM; *tag = UT_OctetString; @@ -144,35 +123,35 @@ find_tag (const Type *t, *ty = PRIM; *tag = UT_PrintableString; break; - case TSequence: + case TSequence: case TSequenceOf: *cl = ASN1_C_UNIV; *ty = CONS; *tag = UT_Sequence; break; - case TSet: + case TSet: case TSetOf: *cl = ASN1_C_UNIV; *ty = CONS; *tag = UT_Set; break; - case TTag: + case TTag: *cl = t->tag.tagclass; *ty = is_primitive_type(t->subtype->type) ? PRIM : CONS; *tag = t->tag.tagvalue; break; - case TType: + case TType: if ((t->symbol->stype == Stype && t->symbol->type == NULL) || t->symbol->stype == SUndefined) { - error_message("%s is imported or still undefined, " - " can't generate tag checking data in CHOICE " - "without this information", - t->symbol->name); + lex_error_message("%s is imported or still undefined, " + " can't generate tag checking data in CHOICE " + "without this information", + t->symbol->name); exit(1); } find_tag(t->symbol->type, cl, ty, tag); return; - case TUTCTime: + case TUTCTime: *cl = ASN1_C_UNIV; *ty = PRIM; *tag = UT_UTCTime; @@ -205,7 +184,7 @@ find_tag (const Type *t, static void range_check(const char *name, const char *length, - const char *forwstr, + const char *forwstr, struct range *r) { if (r->min == r->max + 2 || r->min < r->max) @@ -229,13 +208,14 @@ range_check(const char *name, } static int -decode_type (const char *name, const Type *t, int optional, - const char *forwstr, const char *tmpstr) +decode_type (const char *name, const Type *t, int optional, + const char *forwstr, const char *tmpstr, const char *dertype, + unsigned int depth) { switch (t->type) { case TType: { if (optional) - fprintf(codefile, + fprintf(codefile, "%s = calloc(1, sizeof(*%s));\n" "if (%s == NULL) %s;\n", name, name, name, forwstr); @@ -279,7 +259,7 @@ decode_type (const char *name, const Type *t, int optional, } else if (t->range->min == 0 && t->range->max == INT_MAX) { decode_primitive ("unsigned", name, forwstr); } else - errx(1, "%s: unsupported range %d -> %d", + errx(1, "%s: unsupported range %d -> %d", name, t->range->min, t->range->max); break; case TBoolean: @@ -289,7 +269,17 @@ decode_type (const char *name, const Type *t, int optional, decode_primitive ("enumerated", name, forwstr); break; case TOctetString: + if (dertype) { + fprintf(codefile, + "if (%s == CONS) {\n", + dertype); + decode_primitive("octet_string_ber", name, forwstr); + fprintf(codefile, + "} else {\n"); + } decode_primitive ("octet_string", name, forwstr); + if (dertype) + fprintf(codefile, "}\n"); if (t->range) range_check(name, "length", forwstr, t->range); break; @@ -331,19 +321,19 @@ decode_type (const char *name, const Type *t, int optional, break; ASN1_TAILQ_FOREACH(m, t->members, members) { - char *s; + char *s = NULL; if (m->ellipsis) continue; - asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", - name, m->gen_name); - if (s == NULL) + if (asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", + name, m->gen_name) < 0 || s == NULL) errx(1, "malloc"); - decode_type (s, m->type, m->optional, forwstr, m->gen_name); + decode_type (s, m->type, m->optional, forwstr, m->gen_name, NULL, + depth + 1); free (s); } - + break; } case TSet: { @@ -356,7 +346,7 @@ decode_type (const char *name, const Type *t, int optional, fprintf(codefile, "{\n"); fprintf(codefile, "unsigned int members = 0;\n"); fprintf(codefile, "while(len > 0) {\n"); - fprintf(codefile, + fprintf(codefile, "Der_class class;\n" "Der_type type;\n" "int tag;\n" @@ -374,22 +364,21 @@ decode_type (const char *name, const Type *t, int optional, is_primitive_type(m->type->subtype->type) ? "PRIM" : "CONS", valuename(m->type->tag.tagclass, m->type->tag.tagvalue)); - asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name); - if (s == NULL) + if (asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name) < 0 || s == NULL) errx(1, "malloc"); if(m->optional) - fprintf(codefile, + fprintf(codefile, "%s = calloc(1, sizeof(*%s));\n" "if (%s == NULL) { e = ENOMEM; %s; }\n", s, s, s, forwstr); - decode_type (s, m->type, 0, forwstr, m->gen_name); + decode_type (s, m->type, 0, forwstr, m->gen_name, NULL, depth + 1); free (s); fprintf(codefile, "members |= (1 << %d);\n", memno); memno++; fprintf(codefile, "break;\n"); } - fprintf(codefile, + fprintf(codefile, "default:\n" "return ASN1_MISPLACED_FIELD;\n" "break;\n"); @@ -399,8 +388,7 @@ decode_type (const char *name, const Type *t, int optional, ASN1_TAILQ_FOREACH(m, t->members, members) { char *s; - asprintf (&s, "%s->%s", name, m->gen_name); - if (s == NULL) + if (asprintf (&s, "%s->%s", name, m->gen_name) < 0 || s == NULL) errx(1, "malloc"); fprintf(codefile, "if((members & (1 << %d)) == 0)\n", memno); if(m->optional) @@ -417,8 +405,8 @@ decode_type (const char *name, const Type *t, int optional, } case TSetOf: case TSequenceOf: { - char *n; - char *sname; + char *n = NULL; + char *sname = NULL; fprintf (codefile, "{\n" @@ -449,17 +437,15 @@ decode_type (const char *name, const Type *t, int optional, tmpstr, tmpstr, forwstr, tmpstr, tmpstr, tmpstr, name, tmpstr, - tmpstr, forwstr, + tmpstr, forwstr, name, tmpstr); - asprintf (&n, "&(%s)->val[(%s)->len]", name, name); - if (n == NULL) + if (asprintf (&n, "&(%s)->val[(%s)->len]", name, name) < 0 || n == NULL) errx(1, "malloc"); - asprintf (&sname, "%s_s_of", tmpstr); - if (sname == NULL) + if (asprintf (&sname, "%s_s_of", tmpstr) < 0 || sname == NULL) errx(1, "malloc"); - decode_type (n, t->subtype, 0, forwstr, sname); - fprintf (codefile, + decode_type (n, t->subtype, 0, forwstr, sname, NULL, depth + 1); + fprintf (codefile, "(%s)->len++;\n" "len = %s_origlen - ret;\n" "}\n" @@ -479,24 +465,44 @@ decode_type (const char *name, const Type *t, int optional, case TGeneralString: decode_primitive ("general_string", name, forwstr); break; + case TTeletexString: + decode_primitive ("general_string", name, forwstr); + break; case TTag:{ - char *tname; + char *tname = NULL, *typestring = NULL; + char *ide = NULL; - fprintf(codefile, + if (asprintf(&typestring, "%s_type", tmpstr) < 0 || typestring == NULL) + errx(1, "malloc"); + + fprintf(codefile, "{\n" - "size_t %s_datalen, %s_oldlen;\n", - tmpstr, tmpstr); - if(dce_fix) - fprintf(codefile, - "int dce_fix;\n"); - fprintf(codefile, "e = der_match_tag_and_length(p, len, %s, %s, %s, " + "size_t %s_datalen, %s_oldlen;\n" + "Der_type %s;\n", + tmpstr, tmpstr, typestring); + if(support_ber) + fprintf(codefile, + "int is_indefinite%u;\n", depth); + + fprintf(codefile, "e = der_match_tag_and_length(p, len, %s, &%s, %s, " "&%s_datalen, &l);\n", classname(t->tag.tagclass), - is_primitive_type(t->subtype->type) ? "PRIM" : "CONS", + typestring, valuename(t->tag.tagclass, t->tag.tagvalue), tmpstr); + + /* XXX hardcode for now */ + if (support_ber && t->subtype->type == TOctetString) { + ide = typestring; + } else { + fprintf(codefile, + "if (e == 0 && %s != %s) { e = ASN1_BAD_ID; }\n", + typestring, + is_primitive_type(t->subtype->type) ? "PRIM" : "CONS"); + } + if(optional) { - fprintf(codefile, + fprintf(codefile, "if(e) {\n" "%s = NULL;\n" "} else {\n" @@ -510,36 +516,45 @@ decode_type (const char *name, const Type *t, int optional, "p += l; len -= l; ret += l;\n" "%s_oldlen = len;\n", tmpstr); - if(dce_fix) + if(support_ber) fprintf (codefile, - "if((dce_fix = _heim_fix_dce(%s_datalen, &len)) < 0)\n" - "{ e = ASN1_BAD_FORMAT; %s; }\n", - tmpstr, forwstr); + "if((is_indefinite%u = _heim_fix_dce(%s_datalen, &len)) < 0)\n" + "{ e = ASN1_BAD_FORMAT; %s; }\n" + "if (is_indefinite%u) { if (len < 2) { e = ASN1_OVERRUN; %s; } len -= 2; }", + depth, tmpstr, forwstr, depth, forwstr); else - fprintf(codefile, + fprintf(codefile, "if (%s_datalen > len) { e = ASN1_OVERRUN; %s; }\n" "len = %s_datalen;\n", tmpstr, forwstr, tmpstr); - asprintf (&tname, "%s_Tag", tmpstr); - if (tname == NULL) + if (asprintf (&tname, "%s_Tag", tmpstr) < 0 || tname == NULL) errx(1, "malloc"); - decode_type (name, t->subtype, 0, forwstr, tname); - if(dce_fix) + decode_type (name, t->subtype, 0, forwstr, tname, ide, depth + 1); + if(support_ber) fprintf(codefile, - "if(dce_fix){\n" - "e = der_match_tag_and_length (p, len, " - "(Der_class)0,(Der_type)0, UT_EndOfContent, " + "if(is_indefinite%u){\n" + "len += 2;\n" + "e = der_match_tag_and_length(p, len, " + "(Der_class)0, &%s, UT_EndOfContent, " "&%s_datalen, &l);\n" - "if(e) %s;\np += l; len -= l; ret += l;\n" - "} else \n", tmpstr, forwstr); - fprintf(codefile, + "if(e) %s;\n" + "p += l; len -= l; ret += l;\n" + "if (%s != (Der_type)0) { e = ASN1_BAD_ID; %s; }\n" + "} else \n", + depth, + typestring, + tmpstr, + forwstr, + typestring, forwstr); + fprintf(codefile, "len = %s_oldlen - %s_datalen;\n", tmpstr, tmpstr); if(optional) - fprintf(codefile, + fprintf(codefile, "}\n"); - fprintf(codefile, + fprintf(codefile, "}\n"); free(tname); + free(typestring); break; } case TChoice: { @@ -551,11 +566,11 @@ decode_type (const char *name, const Type *t, int optional, ASN1_TAILQ_FOREACH(m, t->members, members) { const Type *tt = m->type; - char *s; + char *s = NULL; Der_class cl; Der_type ty; unsigned tag; - + if (m->ellipsis) { have_ellipsis = m; continue; @@ -569,11 +584,11 @@ decode_type (const char *name, const Type *t, int optional, classname(cl), ty ? "CONS" : "PRIM", valuename(cl, tag)); - asprintf (&s, "%s(%s)->u.%s", m->optional ? "" : "&", - name, m->gen_name); - if (s == NULL) + if (asprintf (&s, "%s(%s)->u.%s", m->optional ? "" : "&", + name, m->gen_name) < 0 || s == NULL) errx(1, "malloc"); - decode_type (s, m->type, m->optional, forwstr, m->gen_name); + decode_type (s, m->type, m->optional, forwstr, m->gen_name, NULL, + depth + 1); fprintf(codefile, "(%s)->element = %s;\n", name, m->label); @@ -594,11 +609,11 @@ decode_type (const char *name, const Type *t, int optional, "(%s)->element = %s;\n" "p += len;\n" "ret += len;\n" - "len -= len;\n" + "len = 0;\n" "}\n", name, have_ellipsis->gen_name, name, have_ellipsis->gen_name, - forwstr, + forwstr, name, have_ellipsis->gen_name, name, have_ellipsis->gen_name, name, have_ellipsis->label); @@ -650,14 +665,9 @@ generate_type_decode (const Symbol *s) { int preserve = preserve_type(s->name) ? TRUE : FALSE; - fprintf (headerfile, - "int " - "decode_%s(const unsigned char *, size_t, %s *, size_t *);\n", - s->gen_name, s->gen_name); - - fprintf (codefile, "int\n" - "decode_%s(const unsigned char *p," - " size_t len, %s *data, size_t *size)\n" + fprintf (codefile, "int ASN1CALL\n" + "decode_%s(const unsigned char *p HEIMDAL_UNUSED_ATTRIBUTE," + " size_t len HEIMDAL_UNUSED_ATTRIBUTE, %s *data, size_t *size)\n" "{\n", s->gen_name, s->gen_name); @@ -668,6 +678,7 @@ generate_type_decode (const Symbol *s) case TOID: case TGeneralizedTime: case TGeneralString: + case TTeletexString: case TUTF8String: case TPrintableString: case TIA5String: @@ -687,15 +698,15 @@ generate_type_decode (const Symbol *s) case TChoice: fprintf (codefile, "size_t ret = 0;\n" - "size_t l;\n" - "int e;\n"); + "size_t l HEIMDAL_UNUSED_ATTRIBUTE;\n" + "int e HEIMDAL_UNUSED_ATTRIBUTE;\n"); if (preserve) fprintf (codefile, "const unsigned char *begin = p;\n"); fprintf (codefile, "\n"); fprintf (codefile, "memset(data, 0, sizeof(*data));\n"); /* hack to avoid `unused variable' */ - decode_type ("data", s->type, 0, "goto fail", "Top"); + decode_type ("data", s->type, 0, "goto fail", "Top", NULL, 1); if (preserve) fprintf (codefile, "data->_save.data = calloc(1, ret);\n" @@ -704,7 +715,7 @@ generate_type_decode (const Symbol *s) "}\n" "data->_save.length = ret;\n" "memcpy(data->_save.data, begin, ret);\n"); - fprintf (codefile, + fprintf (codefile, "if(size) *size = ret;\n" "return 0;\n"); fprintf (codefile, diff --git a/lib/asn1/gen_encode.c b/lib/asn1/gen_encode.c index 08f1a9449f8b..1bd47484d83a 100644 --- a/lib/asn1/gen_encode.c +++ b/lib/asn1/gen_encode.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "gen_locl.h" -RCSID("$Id: gen_encode.c 22429 2008-01-13 10:25:50Z lha $"); +RCSID("$Id$"); static void encode_primitive (const char *typename, const char *name) @@ -60,7 +60,7 @@ const char * valuename(Der_class class, int value) { static char s[32]; - struct { + struct { int value; const char *s; } *p, values[] = { @@ -136,7 +136,7 @@ encode_type (const char *name, const Type *t, const char *tmpstr) } else if (t->range->min == 0 && t->range->max == INT_MAX) { encode_primitive ("unsigned", name); } else - errx(1, "%s: unsupported range %d -> %d", + errx(1, "%s: unsupported range %d -> %d", name, t->range->min, t->range->max); constructed = 0; break; @@ -209,7 +209,7 @@ encode_type (const char *name, const Type *t, const char *tmpstr) } fprintf (codefile, "if((%s)->%s) {\n" - "c |= 1<<%d;\n", + "c |= 1<<%d;\n", name, m->gen_name, 7 - m->val % 8); fprintf (codefile, "}\n"); @@ -218,7 +218,7 @@ encode_type (const char *name, const Type *t, const char *tmpstr) if (!rfc1510_bitstring) fprintf (codefile, "if (c != 0 || bit_set) {\n"); - fprintf (codefile, + fprintf (codefile, "if (len < 1) return ASN1_OVERFLOW;\n" "*p-- = c; len--; ret++;\n"); if (!rfc1510_bitstring) @@ -235,7 +235,7 @@ encode_type (const char *name, const Type *t, const char *tmpstr) "}\n" "}\n"); - fprintf (codefile, + fprintf (codefile, "if (len < 1) return ASN1_OVERFLOW;\n" "*p-- = %s;\n" "len -= 1;\n" @@ -257,15 +257,14 @@ encode_type (const char *name, const Type *t, const char *tmpstr) if (t->members == NULL) break; - + ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) { - char *s; + char *s = NULL; if (m->ellipsis) continue; - asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name); - if (s == NULL) + if (asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name) < 0 || s == NULL) errx(1, "malloc"); fprintf(codefile, "/* %s */\n", m->name); if (m->optional) @@ -275,7 +274,7 @@ encode_type (const char *name, const Type *t, const char *tmpstr) else if(m->defval) gen_compare_defval(s + 1, m->defval); fprintf (codefile, "{\n"); - fprintf (codefile, "size_t %s_oldret = ret;\n", tmpstr); + fprintf (codefile, "size_t %s_oldret HEIMDAL_UNUSED_ATTRIBUTE = ret;\n", tmpstr); fprintf (codefile, "ret = 0;\n"); encode_type (s, m->type, m->gen_name); fprintf (codefile, "ret += %s_oldret;\n", tmpstr); @@ -289,8 +288,8 @@ encode_type (const char *name, const Type *t, const char *tmpstr) fprintf(codefile, "{\n" "struct heim_octet_string *val;\n" - "size_t elen, totallen = 0;\n" - "int eret;\n"); + "size_t elen = 0, totallen = 0;\n" + "int eret = 0;\n"); fprintf(codefile, "if ((%s)->len > UINT_MAX/sizeof(val[0]))\n" @@ -303,7 +302,7 @@ encode_type (const char *name, const Type *t, const char *tmpstr) name, name); fprintf(codefile, - "for(i = 0; i < (%s)->len; i++) {\n", + "for(i = 0; i < (int)(%s)->len; i++) {\n", name); fprintf(codefile, @@ -327,7 +326,7 @@ encode_type (const char *name, const Type *t, const char *tmpstr) fprintf(codefile, "if (totallen > len) {\n" - "for (i = 0; i < (%s)->len; i++) {\n" + "for (i = 0; i < (int)(%s)->len; i++) {\n" "free(val[i].data);\n" "}\n" "free(val);\n" @@ -340,7 +339,7 @@ encode_type (const char *name, const Type *t, const char *tmpstr) name); fprintf (codefile, - "for(i = (%s)->len - 1; i >= 0; --i) {\n" + "for(i = (int)(%s)->len - 1; i >= 0; --i) {\n" "p -= val[i].length;\n" "ret += val[i].length;\n" "memcpy(p + 1, val[i].data, val[i].length);\n" @@ -352,19 +351,17 @@ encode_type (const char *name, const Type *t, const char *tmpstr) break; } case TSequenceOf: { - char *n; - char *sname; + char *sname = NULL; + char *n = NULL; fprintf (codefile, - "for(i = (%s)->len - 1; i >= 0; --i) {\n" + "for(i = (int)(%s)->len - 1; i >= 0; --i) {\n" "size_t %s_for_oldret = ret;\n" "ret = 0;\n", name, tmpstr); - asprintf (&n, "&(%s)->val[i]", name); - if (n == NULL) + if (asprintf (&n, "&(%s)->val[i]", name) < 0 || n == NULL) errx(1, "malloc"); - asprintf (&sname, "%s_S_Of", tmpstr); - if (sname == NULL) + if (asprintf (&sname, "%s_S_Of", tmpstr) < 0 || sname == NULL) errx(1, "malloc"); encode_type (n, t->subtype, sname); fprintf (codefile, @@ -383,48 +380,49 @@ encode_type (const char *name, const Type *t, const char *tmpstr) encode_primitive ("general_string", name); constructed = 0; break; + case TTeletexString: + encode_primitive ("general_string", name); + constructed = 0; + break; case TTag: { - char *tname; + char *tname = NULL; int c; - asprintf (&tname, "%s_tag", tmpstr); - if (tname == NULL) - errx(1, "malloc"); + if (asprintf (&tname, "%s_tag", tmpstr) < 0 || tname == NULL) + errx(1, "malloc"); c = encode_type (name, t->subtype, tname); fprintf (codefile, "e = der_put_length_and_tag (p, len, ret, %s, %s, %s, &l);\n" "if (e) return e;\np -= l; len -= l; ret += l;\n\n", classname(t->tag.tagclass), - c ? "CONS" : "PRIM", + c ? "CONS" : "PRIM", valuename(t->tag.tagclass, t->tag.tagvalue)); free (tname); break; } case TChoice:{ Member *m, *have_ellipsis = NULL; - char *s; + char *s = NULL; if (t->members == NULL) break; fprintf(codefile, "\n"); - asprintf (&s, "(%s)", name); - if (s == NULL) + if (asprintf (&s, "(%s)", name) < 0 || s == NULL) errx(1, "malloc"); fprintf(codefile, "switch(%s->element) {\n", s); ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) { - char *s2; + char *s2 = NULL; if (m->ellipsis) { have_ellipsis = m; continue; } - fprintf (codefile, "case %s: {", m->label); - asprintf(&s2, "%s(%s)->u.%s", m->optional ? "" : "&", - s, m->gen_name); - if (s2 == NULL) + fprintf (codefile, "case %s: {", m->label); + if (asprintf(&s2, "%s(%s)->u.%s", m->optional ? "" : "&", + s, m->gen_name) < 0 || s2 == NULL) errx(1, "malloc"); if (m->optional) fprintf (codefile, "if(%s) {\n", s2); @@ -504,13 +502,8 @@ encode_type (const char *name, const Type *t, const char *tmpstr) void generate_type_encode (const Symbol *s) { - fprintf (headerfile, - "int " - "encode_%s(unsigned char *, size_t, const %s *, size_t *);\n", - s->gen_name, s->gen_name); - - fprintf (codefile, "int\n" - "encode_%s(unsigned char *p, size_t len," + fprintf (codefile, "int ASN1CALL\n" + "encode_%s(unsigned char *p HEIMDAL_UNUSED_ATTRIBUTE, size_t len HEIMDAL_UNUSED_ATTRIBUTE," " const %s *data, size_t *size)\n" "{\n", s->gen_name, s->gen_name); @@ -521,6 +514,7 @@ generate_type_encode (const Symbol *s) case TOctetString: case TGeneralizedTime: case TGeneralString: + case TTeletexString: case TUTCTime: case TUTF8String: case TPrintableString: @@ -540,11 +534,10 @@ generate_type_encode (const Symbol *s) case TType: case TChoice: fprintf (codefile, - "size_t ret = 0;\n" - "size_t l;\n" - "int i, e;\n\n"); - fprintf(codefile, "i = 0;\n"); /* hack to avoid `unused variable' */ - + "size_t ret HEIMDAL_UNUSED_ATTRIBUTE = 0;\n" + "size_t l HEIMDAL_UNUSED_ATTRIBUTE;\n" + "int i HEIMDAL_UNUSED_ATTRIBUTE, e HEIMDAL_UNUSED_ATTRIBUTE;\n\n"); + encode_type("data", s->type, "Top"); fprintf (codefile, "*size = ret;\n" diff --git a/lib/asn1/gen_free.c b/lib/asn1/gen_free.c index d667c5d31aad..b9cae7533b17 100644 --- a/lib/asn1/gen_free.c +++ b/lib/asn1/gen_free.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "gen_locl.h" -RCSID("$Id: gen_free.c 19539 2006-12-28 17:15:05Z lha $"); +RCSID("$Id$"); static void free_primitive (const char *typename, const char *name) @@ -82,7 +82,7 @@ free_type (const char *name, const Type *t, int preserve) if(t->type == TChoice) fprintf(codefile, "switch((%s)->element) {\n", name); - + ASN1_TAILQ_FOREACH(m, t->members, members) { char *s; @@ -93,16 +93,15 @@ free_type (const char *name, const Type *t, int preserve) if(t->type == TChoice) fprintf(codefile, "case %s:\n", m->label); - asprintf (&s, "%s(%s)->%s%s", - m->optional ? "" : "&", name, - t->type == TChoice ? "u." : "", m->gen_name); - if (s == NULL) + if (asprintf (&s, "%s(%s)->%s%s", + m->optional ? "" : "&", name, + t->type == TChoice ? "u." : "", m->gen_name) < 0 || s == NULL) errx(1, "malloc"); if(m->optional) fprintf(codefile, "if(%s) {\n", s); free_type (s, m->type, FALSE); if(m->optional) - fprintf(codefile, + fprintf(codefile, "free(%s);\n" "%s = NULL;\n" "}\n",s, s); @@ -110,7 +109,7 @@ free_type (const char *name, const Type *t, int preserve) if(t->type == TChoice) fprintf(codefile, "break;\n"); } - + if(t->type == TChoice) { if (have_ellipsis) fprintf(codefile, @@ -128,11 +127,10 @@ free_type (const char *name, const Type *t, int preserve) char *n; fprintf (codefile, "while((%s)->len){\n", name); - asprintf (&n, "&(%s)->val[(%s)->len-1]", name, name); - if (n == NULL) + if (asprintf (&n, "&(%s)->val[(%s)->len-1]", name, name) < 0 || n == NULL) errx(1, "malloc"); free_type(n, t->subtype, FALSE); - fprintf(codefile, + fprintf(codefile, "(%s)->len--;\n" "}\n", name); @@ -145,6 +143,9 @@ free_type (const char *name, const Type *t, int preserve) case TGeneralString: free_primitive ("general_string", name); break; + case TTeletexString: + free_primitive ("general_string", name); + break; case TUTF8String: free_primitive ("utf8string", name); break; @@ -177,18 +178,14 @@ free_type (const char *name, const Type *t, int preserve) void generate_type_free (const Symbol *s) { - int preserve = preserve_type(s->name) ? TRUE : FALSE; + int preserve = preserve_type(s->name) ? TRUE : FALSE; - fprintf (headerfile, - "void free_%s (%s *);\n", - s->gen_name, s->gen_name); + fprintf (codefile, "void ASN1CALL\n" + "free_%s(%s *data)\n" + "{\n", + s->gen_name, s->gen_name); - fprintf (codefile, "void\n" - "free_%s(%s *data)\n" - "{\n", - s->gen_name, s->gen_name); - - free_type ("data", s->type, preserve); - fprintf (codefile, "}\n\n"); + free_type ("data", s->type, preserve); + fprintf (codefile, "}\n\n"); } diff --git a/lib/asn1/gen_glue.c b/lib/asn1/gen_glue.c index 8d8bd152a3b7..5ab93305a24e 100644 --- a/lib/asn1/gen_glue.c +++ b/lib/asn1/gen_glue.c @@ -1,39 +1,41 @@ /* - * Copyright (c) 1997, 1999, 2000, 2003 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1999, 2000, 2003 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "gen_locl.h" -RCSID("$Id: gen_glue.c 15617 2005-07-12 06:27:42Z lha $"); +RCSID("$Id$"); static void generate_2int (const Type *t, const char *gen_name) @@ -70,7 +72,8 @@ generate_int2 (const Type *t, const char *gen_name) fprintf (codefile, "%s int2%s(unsigned n)\n" "{\n" - "\t%s flags;\n\n", + "\t%s flags;\n\n" + "\tmemset(&flags, 0, sizeof(flags));\n\n", gen_name, gen_name, gen_name); if(t->members) { @@ -92,9 +95,17 @@ generate_units (const Type *t, const char *gen_name) { Member *m; - fprintf (headerfile, - "const struct units * asn1_%s_units(void);", - gen_name); + if (template_flag) { + fprintf (headerfile, + "extern const struct units *asn1_%s_table_units;\n", + gen_name); + fprintf (headerfile, "#define asn1_%s_units() (asn1_%s_table_units)\n", + gen_name, gen_name); + } else { + fprintf (headerfile, + "const struct units * asn1_%s_units(void);\n", + gen_name); + } fprintf (codefile, "static struct units %s_units[] = {\n", @@ -103,7 +114,7 @@ generate_units (const Type *t, const char *gen_name) if(t->members) { ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) { fprintf (codefile, - "\t{\"%s\",\t1U << %d},\n", m->gen_name, m->val); + "\t{\"%s\",\t1U << %d},\n", m->name, m->val); } } @@ -111,11 +122,16 @@ generate_units (const Type *t, const char *gen_name) "\t{NULL,\t0}\n" "};\n\n"); - fprintf (codefile, - "const struct units * asn1_%s_units(void){\n" - "return %s_units;\n" - "}\n\n", - gen_name, gen_name); + if (template_flag) + fprintf (codefile, + "const struct units * asn1_%s_table_units = %s_units;\n", + gen_name, gen_name); + else + fprintf (codefile, + "const struct units * asn1_%s_units(void){\n" + "return %s_units;\n" + "}\n\n", + gen_name, gen_name); } diff --git a/lib/asn1/gen_length.c b/lib/asn1/gen_length.c index 4cb5d45089f5..20b5adfe5d02 100644 --- a/lib/asn1/gen_length.c +++ b/lib/asn1/gen_length.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "gen_locl.h" -RCSID("$Id: gen_length.c 21503 2007-07-12 11:57:19Z lha $"); +RCSID("$Id$"); static void length_primitive (const char *typename, @@ -43,11 +43,12 @@ length_primitive (const char *typename, fprintf (codefile, "%s += der_length_%s(%s);\n", variable, typename, name); } +/* XXX same as der_length_tag */ static size_t length_tag(unsigned int tag) { size_t len = 0; - + if(tag <= 30) return 1; while(tag) { @@ -59,7 +60,7 @@ length_tag(unsigned int tag) static int -length_type (const char *name, const Type *t, +length_type (const char *name, const Type *t, const char *variable, const char *tmpstr) { switch (t->type) { @@ -86,7 +87,7 @@ length_type (const char *name, const Type *t, } else if (t->range->min == 0 && t->range->max == INT_MAX) { length_primitive ("unsigned", name, variable); } else - errx(1, "%s: unsupported range %d -> %d", + errx(1, "%s: unsupported range %d -> %d", name, t->range->min, t->range->max); break; @@ -133,13 +134,13 @@ length_type (const char *name, const Type *t, if (t->members == NULL) break; - + if(t->type == TChoice) fprintf (codefile, "switch((%s)->element) {\n", name); ASN1_TAILQ_FOREACH(m, t->members, members) { char *s; - + if (m->ellipsis) { have_ellipsis = m; continue; @@ -148,10 +149,9 @@ length_type (const char *name, const Type *t, if(t->type == TChoice) fprintf(codefile, "case %s:\n", m->label); - asprintf (&s, "%s(%s)->%s%s", - m->optional ? "" : "&", name, - t->type == TChoice ? "u." : "", m->gen_name); - if (s == NULL) + if (asprintf (&s, "%s(%s)->%s%s", + m->optional ? "" : "&", name, + t->type == TChoice ? "u." : "", m->gen_name) < 0 || s == NULL) errx(1, "malloc"); if (m->optional) fprintf (codefile, "if(%s)", s); @@ -182,24 +182,22 @@ length_type (const char *name, const Type *t, } case TSetOf: case TSequenceOf: { - char *n; - char *sname; + char *n = NULL; + char *sname = NULL; fprintf (codefile, "{\n" - "int %s_oldret = %s;\n" + "size_t %s_oldret = %s;\n" "int i;\n" "%s = 0;\n", tmpstr, variable, variable); fprintf (codefile, "for(i = (%s)->len - 1; i >= 0; --i){\n", name); - fprintf (codefile, "int %s_for_oldret = %s;\n" + fprintf (codefile, "size_t %s_for_oldret = %s;\n" "%s = 0;\n", tmpstr, variable, variable); - asprintf (&n, "&(%s)->val[i]", name); - if (n == NULL) + if (asprintf (&n, "&(%s)->val[i]", name) < 0 || n == NULL) errx(1, "malloc"); - asprintf (&sname, "%s_S_Of", tmpstr); - if (sname == NULL) + if (asprintf (&sname, "%s_S_Of", tmpstr) < 0 || sname == NULL) errx(1, "malloc"); length_type(n, t->subtype, variable, sname); fprintf (codefile, "%s += %s_for_oldret;\n", @@ -219,6 +217,9 @@ length_type (const char *name, const Type *t, case TGeneralString: length_primitive ("general_string", name, variable); break; + case TTeletexString: + length_primitive ("general_string", name, variable); + break; case TUTCTime: length_primitive ("utctime", name, variable); break; @@ -244,12 +245,11 @@ length_type (const char *name, const Type *t, fprintf (codefile, "/* NULL */\n"); break; case TTag:{ - char *tname; - asprintf(&tname, "%s_tag", tmpstr); - if (tname == NULL) + char *tname = NULL; + if (asprintf(&tname, "%s_tag", tmpstr) < 0 || tname == NULL) errx(1, "malloc"); length_type (name, t->subtype, variable, tname); - fprintf (codefile, "ret += %lu + der_length_len (ret);\n", + fprintf (codefile, "ret += %lu + der_length_len (ret);\n", (unsigned long)length_tag(t->tag.tagvalue)); free(tname); break; @@ -266,17 +266,13 @@ length_type (const char *name, const Type *t, void generate_type_length (const Symbol *s) { - fprintf (headerfile, - "size_t length_%s(const %s *);\n", - s->gen_name, s->gen_name); - fprintf (codefile, - "size_t\n" + "size_t ASN1CALL\n" "length_%s(const %s *data)\n" "{\n" "size_t ret = 0;\n", s->gen_name, s->gen_name); - + length_type ("data", s->type, "ret", "Top"); fprintf (codefile, "return ret;\n}\n\n"); } diff --git a/lib/asn1/gen_locl.h b/lib/asn1/gen_locl.h index 8cd4dbad5a84..9e87b0c578c7 100644 --- a/lib/asn1/gen_locl.h +++ b/lib/asn1/gen_locl.h @@ -1,44 +1,43 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: gen_locl.h 18008 2006-09-05 12:29:18Z lha $ */ +/* $Id$ */ #ifndef __GEN_LOCL_H__ #define __GEN_LOCL_H__ -#ifdef HAVE_CONFIG_H #include -#endif + #include #include #include @@ -53,6 +52,7 @@ #include "symbol.h" #include "asn1-common.h" #include "der.h" +#include "der-private.h" void generate_type (const Symbol *); void generate_constant (const Symbol *); @@ -75,14 +75,27 @@ void init_generate (const char *, const char *); const char *get_filename (void); void close_generate(void); void add_import(const char *); +void add_export(const char *); +int is_export(const char *); int yyparse(void); +int is_primitive_type(int); int preserve_type(const char *); int seq_type(const char *); -extern FILE *headerfile, *codefile, *logfile; -extern int dce_fix; +void generate_header_of_codefile(const char *); +void close_codefile(void); + +int is_template_compat (const Symbol *); +void generate_template(const Symbol *); +void gen_template_import(const Symbol *); + + +extern FILE *privheaderfile, *headerfile, *codefile, *logfile, *templatefile; +extern int support_ber; +extern int template_flag; extern int rfc1510_bitstring; +extern int one_code_file; extern int error_flag; diff --git a/lib/asn1/gen_seq.c b/lib/asn1/gen_seq.c index 54776752c2e3..ac7b9ed0ba17 100644 --- a/lib/asn1/gen_seq.c +++ b/lib/asn1/gen_seq.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "gen_locl.h" -RCSID("$Id: gen_seq.c 20561 2007-04-24 16:14:30Z lha $"); +RCSID("$Id$"); void generate_type_seq (const Symbol *s) @@ -47,8 +47,8 @@ generate_type_seq (const Symbol *s) while(type->type == TTag) type = type->subtype; - if (type->type != TSequenceOf) { - printf("%s not seq of %d\n", s->name, (int)type->type); + if (type->type != TSequenceOf && type->type != TSetOf) { + fprintf(stderr, "%s not seq of %d\n", s->name, (int)type->type); return; } @@ -56,7 +56,7 @@ generate_type_seq (const Symbol *s) * Require the subtype to be a type so we can name it and use * copy_/free_ */ - + if (type->subtype->type != TType) { fprintf(stderr, "%s subtype is not a type, can't generate " "sequence code for this case: %d\n", @@ -67,17 +67,17 @@ generate_type_seq (const Symbol *s) subname = type->subtype->symbol->gen_name; fprintf (headerfile, - "int add_%s (%s *, const %s *);\n" - "int remove_%s (%s *, unsigned int);\n", + "ASN1EXP int ASN1CALL add_%s (%s *, const %s *);\n" + "ASN1EXP int ASN1CALL remove_%s (%s *, unsigned int);\n", s->gen_name, s->gen_name, subname, s->gen_name, s->gen_name); - fprintf (codefile, "int\n" + fprintf (codefile, "int ASN1CALL\n" "add_%s(%s *data, const %s *element)\n" "{\n", s->gen_name, s->gen_name, subname); - fprintf (codefile, + fprintf (codefile, "int ret;\n" "void *ptr;\n" "\n" @@ -92,13 +92,13 @@ generate_type_seq (const Symbol *s) subname); fprintf (codefile, "}\n\n"); - - fprintf (codefile, "int\n" + + fprintf (codefile, "int ASN1CALL\n" "remove_%s(%s *data, unsigned int element)\n" "{\n", s->gen_name, s->gen_name); - fprintf (codefile, + fprintf (codefile, "void *ptr;\n" "\n" "if (data->len == 0 || element >= data->len)\n" diff --git a/lib/asn1/gen_template.c b/lib/asn1/gen_template.c new file mode 100644 index 000000000000..edd68e122380 --- /dev/null +++ b/lib/asn1/gen_template.c @@ -0,0 +1,918 @@ +/* + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gen_locl.h" + +static const char *symbol_name(const char *, const Type *); +static void generate_template_type(const char *, const char **, const char *, const char *, const char *, + Type *, int, int, int); + +static const char * +ttype_symbol(const char *basename, const Type *t) +{ + return t->symbol->gen_name; +} + +static const char * +integer_symbol(const char *basename, const Type *t) +{ + if (t->members) + return "int"; /* XXX enum foo */ + else if (t->range == NULL) + return "heim_integer"; + else if (t->range->min == INT_MIN && t->range->max == INT_MAX) + return "int"; + else if (t->range->min == 0 && t->range->max == UINT_MAX) + return "unsigned"; + else if (t->range->min == 0 && t->range->max == INT_MAX) + return "unsigned"; + else { + abort(); + UNREACHABLE(return NULL); + } +} + +static const char * +boolean_symbol(const char *basename, const Type *t) +{ + return "int"; +} + + +static const char * +octetstring_symbol(const char *basename, const Type *t) +{ + return "heim_octet_string"; +} + +static const char * +sequence_symbol(const char *basename, const Type *t) +{ + return basename; +} + +static const char * +time_symbol(const char *basename, const Type *t) +{ + return "time_t"; +} + +static const char * +tag_symbol(const char *basename, const Type *t) +{ + return symbol_name(basename, t->subtype); +} + +static const char * +generalstring_symbol(const char *basename, const Type *t) +{ + return "heim_general_string"; +} + +static const char * +printablestring_symbol(const char *basename, const Type *t) +{ + return "heim_printable_string"; +} + +static const char * +ia5string_symbol(const char *basename, const Type *t) +{ + return "heim_ia5_string"; +} + +static const char * +visiblestring_symbol(const char *basename, const Type *t) +{ + return "heim_visible_string"; +} + +static const char * +utf8string_symbol(const char *basename, const Type *t) +{ + return "heim_utf8_string"; +} + +static const char * +bmpstring_symbol(const char *basename, const Type *t) +{ + return "heim_bmp_string"; +} + +static const char * +universalstring_symbol(const char *basename, const Type *t) +{ + return "heim_universal_string"; +} + +static const char * +oid_symbol(const char *basename, const Type *t) +{ + return "heim_oid"; +} + +static const char * +bitstring_symbol(const char *basename, const Type *t) +{ + if (t->members) + return basename; + return "heim_bit_string"; +} + + + +struct { + enum typetype type; + const char *(*symbol_name)(const char *, const Type *); + int is_struct; +} types[] = { + { TBMPString, bmpstring_symbol, 0 }, + { TBitString, bitstring_symbol, 0 }, + { TBoolean, boolean_symbol, 0 }, + { TGeneralString, generalstring_symbol, 0 }, + { TGeneralizedTime, time_symbol, 0 }, + { TIA5String, ia5string_symbol, 0 }, + { TInteger, integer_symbol, 0 }, + { TOID, oid_symbol, 0 }, + { TOctetString, octetstring_symbol, 0 }, + { TPrintableString, printablestring_symbol, 0 }, + { TSequence, sequence_symbol, 1 }, + { TSequenceOf, tag_symbol, 1 }, + { TSetOf, tag_symbol, 1 }, + { TTag, tag_symbol, 1 }, + { TType, ttype_symbol, 1 }, + { TUTCTime, time_symbol, 0 }, + { TUniversalString, universalstring_symbol, 0 }, + { TVisibleString, visiblestring_symbol, 0 }, + { TUTF8String, utf8string_symbol, 0 }, + { TChoice, sequence_symbol, 1 }, + { TNull, integer_symbol, 1 } +}; + +static FILE * +get_code_file(void) +{ + if (!one_code_file) + return templatefile; + return codefile; +} + + +static int +is_supported_type_p(const Type *t) +{ + size_t i; + + for (i = 0; i < sizeof(types)/sizeof(types[0]); i++) + if (t->type == types[i].type) + return 1; + return 0; +} + +int +is_template_compat (const Symbol *s) +{ + return is_supported_type_p(s->type); +} + +static const char * +symbol_name(const char *basename, const Type *t) +{ + size_t i; + + for (i = 0; i < sizeof(types)/sizeof(types[0]); i++) + if (t->type == types[i].type) + return (types[i].symbol_name)(basename, t); + printf("unknown der type: %d\n", t->type); + exit(1); +} + + +static char * +partial_offset(const char *basetype, const char *name, int need_offset) +{ + char *str; + if (name == NULL || need_offset == 0) + return strdup("0"); + if (asprintf(&str, "offsetof(struct %s, %s)", basetype, name) < 0 || str == NULL) + errx(1, "malloc"); + return str; +} + +struct template { + char *line; + char *tt; + char *offset; + char *ptr; + ASN1_TAILQ_ENTRY(template) members; +}; + +ASN1_TAILQ_HEAD(templatehead, template); + +struct tlist { + char *name; + char *header; + struct templatehead template; + ASN1_TAILQ_ENTRY(tlist) tmembers; +}; + +ASN1_TAILQ_HEAD(tlisthead, tlist); + +static void tlist_header(struct tlist *, const char *, ...) __attribute__((__format__(__printf__, 2, 3))); +static struct template * + add_line(struct templatehead *, const char *, ...) __attribute__((__format__(__printf__, 2, 3))); +static int tlist_cmp(const struct tlist *, const struct tlist *); + +static void add_line_pointer(struct templatehead *, const char *, const char *, const char *, ...) + __attribute__((__format__(__printf__, 4, 5))); + + +static struct tlisthead tlistmaster = ASN1_TAILQ_HEAD_INITIALIZER(tlistmaster); +static unsigned long numdups = 0; + +static struct tlist * +tlist_new(const char *name) +{ + struct tlist *tl = calloc(1, sizeof(*tl)); + tl->name = strdup(name); + ASN1_TAILQ_INIT(&tl->template); + return tl; +} + +static void +tlist_header(struct tlist *t, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + if (vasprintf(&t->header, fmt, ap) < 0 || t->header == NULL) + errx(1, "malloc"); + va_end(ap); +} + +static unsigned long +tlist_count(struct tlist *tl) +{ + unsigned int count = 0; + struct template *q; + + ASN1_TAILQ_FOREACH(q, &tl->template, members) { + count++; + } + return count; +} + +static void +tlist_add(struct tlist *tl) +{ + ASN1_TAILQ_INSERT_TAIL(&tlistmaster, tl, tmembers); +} + +static void +tlist_print(struct tlist *tl) +{ + struct template *q; + unsigned int i = 1; + FILE *f = get_code_file(); + + fprintf(f, "static const struct asn1_template asn1_%s[] = {\n", tl->name); + fprintf(f, "/* 0 */ %s,\n", tl->header); + ASN1_TAILQ_FOREACH(q, &tl->template, members) { + int last = (ASN1_TAILQ_LAST(&tl->template, templatehead) == q); + fprintf(f, "/* %lu */ %s%s\n", (unsigned long)i++, q->line, last ? "" : ","); + } + fprintf(f, "};\n"); +} + +static struct tlist * +tlist_find_by_name(const char *name) +{ + struct tlist *ql; + ASN1_TAILQ_FOREACH(ql, &tlistmaster, tmembers) { + if (strcmp(ql->name, name) == 0) + return ql; + } + return NULL; +} + +static int +tlist_cmp_name(const char *tname, const char *qname) +{ + struct tlist *tl = tlist_find_by_name(tname); + struct tlist *ql = tlist_find_by_name(qname); + return tlist_cmp(tl, ql); +} + +static int +tlist_cmp(const struct tlist *tl, const struct tlist *ql) +{ + int ret; + struct template *t, *q; + + ret = strcmp(tl->header, ql->header); + if (ret) return ret; + + q = ASN1_TAILQ_FIRST(&ql->template); + ASN1_TAILQ_FOREACH(t, &tl->template, members) { + if (q == NULL) return 1; + + if (t->ptr == NULL || q->ptr == NULL) { + ret = strcmp(t->line, q->line); + if (ret) return ret; + } else { + ret = strcmp(t->tt, q->tt); + if (ret) return ret; + + ret = strcmp(t->offset, q->offset); + if (ret) return ret; + + if ((ret = strcmp(t->ptr, q->ptr)) != 0 || + (ret = tlist_cmp_name(t->ptr, q->ptr)) != 0) + return ret; + } + q = ASN1_TAILQ_NEXT(q, members); + } + if (q != NULL) return -1; + return 0; +} + + +static const char * +tlist_find_dup(const struct tlist *tl) +{ + struct tlist *ql; + + ASN1_TAILQ_FOREACH(ql, &tlistmaster, tmembers) { + if (tlist_cmp(ql, tl) == 0) { + numdups++; + return ql->name; + } + } + return NULL; +} + + +/* + * + */ + +static struct template * +add_line(struct templatehead *t, const char *fmt, ...) +{ + struct template *q = calloc(1, sizeof(*q)); + va_list ap; + va_start(ap, fmt); + if (vasprintf(&q->line, fmt, ap) < 0 || q->line == NULL) + errx(1, "malloc"); + va_end(ap); + ASN1_TAILQ_INSERT_TAIL(t, q, members); + return q; +} + +static void +add_line_pointer(struct templatehead *t, + const char *ptr, + const char *offset, + const char *ttfmt, + ...) +{ + struct template *q; + va_list ap; + char *tt = NULL; + + va_start(ap, ttfmt); + if (vasprintf(&tt, ttfmt, ap) < 0 || tt == NULL) + errx(1, "malloc"); + va_end(ap); + + q = add_line(t, "{ %s, %s, asn1_%s }", tt, offset, ptr); + q->tt = tt; + q->offset = strdup(offset); + q->ptr = strdup(ptr); +} + +static int +use_extern(const Symbol *s) +{ + if (s->type == NULL) + return 1; + return 0; +} + +static int +is_struct(Type *t, int isstruct) +{ + size_t i; + + if (t->type == TType) + return 0; + if (t->type == TSequence || t->type == TSet || t->type == TChoice) + return 1; + if (t->type == TTag) + return is_struct(t->subtype, isstruct); + + for (i = 0; i < sizeof(types)/sizeof(types[0]); i++) { + if (t->type == types[i].type) { + if (types[i].is_struct == 0) + return 0; + else + break; + } + } + + return isstruct; +} + +static const Type * +compact_tag(const Type *t) +{ + while (t->type == TTag) + t = t->subtype; + return t; +} + +static void +template_members(struct templatehead *temp, const char *basetype, const char *name, const Type *t, int optional, int isstruct, int need_offset) +{ + char *poffset = NULL; + + if (optional && t->type != TTag && t->type != TType) + errx(1, "%s...%s is optional and not a (TTag or TType)", basetype, name); + + poffset = partial_offset(basetype, name, need_offset); + + switch (t->type) { + case TType: + if (use_extern(t->symbol)) { + add_line(temp, "{ A1_OP_TYPE_EXTERN %s, %s, &asn1_extern_%s}", + optional ? "|A1_FLAG_OPTIONAL" : "", + poffset, t->symbol->gen_name); + } else { + add_line_pointer(temp, t->symbol->gen_name, poffset, + "A1_OP_TYPE %s", optional ? "|A1_FLAG_OPTIONAL" : ""); + } + break; + case TInteger: { + char *itype = NULL; + + if (t->members) + itype = "IMEMBER"; + else if (t->range == NULL) + itype = "HEIM_INTEGER"; + else if (t->range->min == INT_MIN && t->range->max == INT_MAX) + itype = "INTEGER"; + else if (t->range->min == 0 && t->range->max == UINT_MAX) + itype = "UNSIGNED"; + else if (t->range->min == 0 && t->range->max == INT_MAX) + itype = "UNSIGNED"; + else + errx(1, "%s: unsupported range %d -> %d", + name, t->range->min, t->range->max); + + add_line(temp, "{ A1_PARSE_T(A1T_%s), %s, NULL }", itype, poffset); + break; + } + case TGeneralString: + add_line(temp, "{ A1_PARSE_T(A1T_GENERAL_STRING), %s, NULL }", poffset); + break; + case TTeletexString: + add_line(temp, "{ A1_PARSE_T(A1T_TELETEX_STRING), %s, NULL }", poffset); + break; + case TPrintableString: + add_line(temp, "{ A1_PARSE_T(A1T_PRINTABLE_STRING), %s, NULL }", poffset); + break; + case TOctetString: + add_line(temp, "{ A1_PARSE_T(A1T_OCTET_STRING), %s, NULL }", poffset); + break; + case TIA5String: + add_line(temp, "{ A1_PARSE_T(A1T_IA5_STRING), %s, NULL }", poffset); + break; + case TBMPString: + add_line(temp, "{ A1_PARSE_T(A1T_BMP_STRING), %s, NULL }", poffset); + break; + case TUniversalString: + add_line(temp, "{ A1_PARSE_T(A1T_UNIVERSAL_STRING), %s, NULL }", poffset); + break; + case TVisibleString: + add_line(temp, "{ A1_PARSE_T(A1T_VISIBLE_STRING), %s, NULL }", poffset); + break; + case TUTF8String: + add_line(temp, "{ A1_PARSE_T(A1T_UTF8_STRING), %s, NULL }", poffset); + break; + case TGeneralizedTime: + add_line(temp, "{ A1_PARSE_T(A1T_GENERALIZED_TIME), %s, NULL }", poffset); + break; + case TUTCTime: + add_line(temp, "{ A1_PARSE_T(A1T_UTC_TIME), %s, NULL }", poffset); + break; + case TBoolean: + add_line(temp, "{ A1_PARSE_T(A1T_BOOLEAN), %s, NULL }", poffset); + break; + case TOID: + add_line(temp, "{ A1_PARSE_T(A1T_OID), %s, NULL }", poffset); + break; + case TNull: + break; + case TBitString: { + struct templatehead template = ASN1_TAILQ_HEAD_INITIALIZER(template); + struct template *q; + Member *m; + size_t count = 0, i; + char *bname = NULL; + FILE *f = get_code_file(); + + if (ASN1_TAILQ_EMPTY(t->members)) { + add_line(temp, "{ A1_PARSE_T(A1T_HEIM_BIT_STRING), %s, NULL }", poffset); + break; + } + + if (asprintf(&bname, "bmember_%s_%p", name ? name : "", t) < 0 || bname == NULL) + errx(1, "malloc"); + output_name(bname); + + ASN1_TAILQ_FOREACH(m, t->members, members) { + add_line(&template, "{ 0, %d, 0 } /* %s */", m->val, m->gen_name); + } + + ASN1_TAILQ_FOREACH(q, &template, members) { + count++; + } + + fprintf(f, "static const struct asn1_template asn1_%s_%s[] = {\n", basetype, bname); + fprintf(f, "/* 0 */ { 0%s, sizeof(%s), ((void *)%lu) },\n", + rfc1510_bitstring ? "|A1_HBF_RFC1510" : "", + basetype, (unsigned long)count); + i = 1; + ASN1_TAILQ_FOREACH(q, &template, members) { + int last = (ASN1_TAILQ_LAST(&template, templatehead) == q); + fprintf(f, "/* %lu */ %s%s\n", (unsigned long)i++, q->line, last ? "" : ","); + } + fprintf(f, "};\n"); + + add_line(temp, "{ A1_OP_BMEMBER, %s, asn1_%s_%s }", poffset, basetype, bname); + + free(bname); + + break; + } + case TSequence: { + Member *m; + + ASN1_TAILQ_FOREACH(m, t->members, members) { + char *newbasename = NULL; + + if (m->ellipsis) + continue; + + if (name) { + if (asprintf(&newbasename, "%s_%s", basetype, name) < 0) + errx(1, "malloc"); + } else + newbasename = strdup(basetype); + if (newbasename == NULL) + errx(1, "malloc"); + + template_members(temp, newbasename, m->gen_name, m->type, m->optional, isstruct, 1); + + free(newbasename); + } + + break; + } + case TTag: { + char *tname = NULL, *elname = NULL; + const char *sename, *dupname; + int subtype_is_struct = is_struct(t->subtype, isstruct); + + if (subtype_is_struct) + sename = basetype; + else + sename = symbol_name(basetype, t->subtype); + + if (asprintf(&tname, "tag_%s_%p", name ? name : "", t) < 0 || tname == NULL) + errx(1, "malloc"); + output_name(tname); + + if (asprintf(&elname, "%s_%s", basetype, tname) < 0 || elname == NULL) + errx(1, "malloc"); + + generate_template_type(elname, &dupname, NULL, sename, name, + t->subtype, 0, subtype_is_struct, 0); + + add_line_pointer(temp, dupname, poffset, + "A1_TAG_T(%s,%s,%s)%s", + classname(t->tag.tagclass), + is_primitive_type(t->subtype->type) ? "PRIM" : "CONS", + valuename(t->tag.tagclass, t->tag.tagvalue), + optional ? "|A1_FLAG_OPTIONAL" : ""); + + free(tname); + free(elname); + + break; + } + case TSetOf: + case TSequenceOf: { + const char *type = NULL, *tname, *dupname; + char *sename = NULL, *elname = NULL; + int subtype_is_struct = is_struct(t->subtype, 0); + + if (name && subtype_is_struct) { + tname = "seofTstruct"; + if (asprintf(&sename, "%s_%s_val", basetype, name) < 0) + errx(1, "malloc"); + } else if (subtype_is_struct) { + tname = "seofTstruct"; + if (asprintf(&sename, "%s_val", symbol_name(basetype, t->subtype)) < 0) + errx(1, "malloc"); + } else { + if (name) + tname = name; + else + tname = "seofTstruct"; + sename = strdup(symbol_name(basetype, t->subtype)); + } + if (sename == NULL) + errx(1, "malloc"); + + if (t->type == TSetOf) type = "A1_OP_SETOF"; + else if (t->type == TSequenceOf) type = "A1_OP_SEQOF"; + else abort(); + + if (asprintf(&elname, "%s_%s_%p", basetype, tname, t) < 0 || elname == NULL) + errx(1, "malloc"); + + generate_template_type(elname, &dupname, NULL, sename, NULL, t->subtype, + 0, subtype_is_struct, need_offset); + + add_line(temp, "{ %s, %s, asn1_%s }", type, poffset, dupname); + free(sename); + break; + } + case TChoice: { + struct templatehead template = ASN1_TAILQ_HEAD_INITIALIZER(template); + struct template *q; + size_t count = 0, i; + char *tname = NULL; + FILE *f = get_code_file(); + Member *m; + int ellipsis = 0; + char *e; + + if (asprintf(&tname, "asn1_choice_%s_%s%x", + basetype, name ? name : "", (unsigned int)(uintptr_t)t) < 0 || tname == NULL) + errx(1, "malloc"); + + ASN1_TAILQ_FOREACH(m, t->members, members) { + const char *dupname; + char *elname = NULL; + char *newbasename = NULL; + int subtype_is_struct; + + if (m->ellipsis) { + ellipsis = 1; + continue; + } + + subtype_is_struct = is_struct(m->type, 0); + + if (asprintf(&elname, "%s_choice_%s", basetype, m->gen_name) < 0 || elname == NULL) + errx(1, "malloc"); + + if (subtype_is_struct) { + if (asprintf(&newbasename, "%s_%s", basetype, m->gen_name) < 0) + errx(1, "malloc"); + } else + newbasename = strdup(basetype); + + if (newbasename == NULL) + errx(1, "malloc"); + + + generate_template_type(elname, &dupname, NULL, + symbol_name(newbasename, m->type), + NULL, m->type, 0, subtype_is_struct, 1); + + add_line(&template, "{ %s, offsetof(%s%s, u.%s), asn1_%s }", + m->label, isstruct ? "struct " : "", + basetype, m->gen_name, + dupname); + + free(elname); + free(newbasename); + } + + e = NULL; + if (ellipsis) { + if (asprintf(&e, "offsetof(%s%s, u.asn1_ellipsis)", isstruct ? "struct " : "", basetype) < 0 || e == NULL) + errx(1, "malloc"); + } + + ASN1_TAILQ_FOREACH(q, &template, members) { + count++; + } + + fprintf(f, "static const struct asn1_template %s[] = {\n", tname); + fprintf(f, "/* 0 */ { %s, offsetof(%s%s, element), ((void *)%lu) },\n", + e ? e : "0", isstruct ? "struct " : "", basetype, (unsigned long)count); + i = 1; + ASN1_TAILQ_FOREACH(q, &template, members) { + int last = (ASN1_TAILQ_LAST(&template, templatehead) == q); + fprintf(f, "/* %lu */ %s%s\n", (unsigned long)i++, q->line, last ? "" : ","); + } + fprintf(f, "};\n"); + + add_line(temp, "{ A1_OP_CHOICE, %s, %s }", poffset, tname); + + free(e); + free(tname); + break; + } + default: + abort (); + } + if (poffset) + free(poffset); +} + +static void +gen_extern_stubs(FILE *f, const char *name) +{ + fprintf(f, + "static const struct asn1_type_func asn1_extern_%s = {\n" + "\t(asn1_type_encode)encode_%s,\n" + "\t(asn1_type_decode)decode_%s,\n" + "\t(asn1_type_length)length_%s,\n" + "\t(asn1_type_copy)copy_%s,\n" + "\t(asn1_type_release)free_%s,\n" + "\tsizeof(%s)\n" + "};\n", + name, name, name, name, + name, name, name); +} + +void +gen_template_import(const Symbol *s) +{ + FILE *f = get_code_file(); + + if (template_flag == 0) + return; + + gen_extern_stubs(f, s->gen_name); +} + +static void +generate_template_type(const char *varname, + const char **dupname, + const char *symname, + const char *basetype, + const char *name, + Type *type, + int optional, int isstruct, int need_offset) +{ + struct tlist *tl; + const char *dup; + int have_ellipsis = 0; + + tl = tlist_new(varname); + + template_members(&tl->template, basetype, name, type, optional, isstruct, need_offset); + + /* if its a sequence or set type, check if there is a ellipsis */ + if (type->type == TSequence || type->type == TSet) { + Member *m; + ASN1_TAILQ_FOREACH(m, type->members, members) { + if (m->ellipsis) + have_ellipsis = 1; + } + } + + if (ASN1_TAILQ_EMPTY(&tl->template) && compact_tag(type)->type != TNull) + errx(1, "Tag %s...%s with no content ?", basetype, name ? name : ""); + + tlist_header(tl, "{ 0%s%s, sizeof(%s%s), ((void *)%lu) }", + (symname && preserve_type(symname)) ? "|A1_HF_PRESERVE" : "", + have_ellipsis ? "|A1_HF_ELLIPSIS" : "", + isstruct ? "struct " : "", basetype, tlist_count(tl)); + + dup = tlist_find_dup(tl); + if (dup) { + if (strcmp(dup, tl->name) == 0) + errx(1, "found dup of ourself"); + *dupname = dup; + } else { + *dupname = tl->name; + tlist_print(tl); + tlist_add(tl); + } +} + + +void +generate_template(const Symbol *s) +{ + FILE *f = get_code_file(); + const char *dupname; + + if (use_extern(s)) { + gen_extern_stubs(f, s->gen_name); + return; + } + + generate_template_type(s->gen_name, &dupname, s->name, s->gen_name, NULL, s->type, 0, 0, 1); + + fprintf(f, + "\n" + "int\n" + "decode_%s(const unsigned char *p, size_t len, %s *data, size_t *size)\n" + "{\n" + " return _asn1_decode_top(asn1_%s, 0|%s, p, len, data, size);\n" + "}\n" + "\n", + s->gen_name, + s->gen_name, + dupname, + support_ber ? "A1_PF_ALLOW_BER" : "0"); + + fprintf(f, + "\n" + "int\n" + "encode_%s(unsigned char *p, size_t len, const %s *data, size_t *size)\n" + "{\n" + " return _asn1_encode(asn1_%s, p, len, data, size);\n" + "}\n" + "\n", + s->gen_name, + s->gen_name, + dupname); + + fprintf(f, + "\n" + "size_t\n" + "length_%s(const %s *data)\n" + "{\n" + " return _asn1_length(asn1_%s, data);\n" + "}\n" + "\n", + s->gen_name, + s->gen_name, + dupname); + + + fprintf(f, + "\n" + "void\n" + "free_%s(%s *data)\n" + "{\n" + " _asn1_free(asn1_%s, data);\n" + "}\n" + "\n", + s->gen_name, + s->gen_name, + dupname); + + fprintf(f, + "\n" + "int\n" + "copy_%s(const %s *from, %s *to)\n" + "{\n" + " return _asn1_copy_top(asn1_%s, from, to);\n" + "}\n" + "\n", + s->gen_name, + s->gen_name, + s->gen_name, + dupname); +} diff --git a/lib/asn1/hash.c b/lib/asn1/hash.c index eeb6b6d63dc9..73b6cf97c423 100644 --- a/lib/asn1/hash.c +++ b/lib/asn1/hash.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /* @@ -37,7 +37,7 @@ #include "gen_locl.h" -RCSID("$Id: hash.c 17016 2006-04-07 22:16:00Z lha $"); +RCSID("$Id$"); static Hashentry *_search(Hashtab * htab, /* The hash table */ void *ptr); /* And key */ diff --git a/lib/asn1/hash.h b/lib/asn1/hash.h index 10d8ce99b0b5..f37bdbb84967 100644 --- a/lib/asn1/hash.h +++ b/lib/asn1/hash.h @@ -1,41 +1,41 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /* * hash.h. Header file for hash table functions */ -/* $Id: hash.h 7464 1999-12-02 17:05:13Z joda $ */ +/* $Id$ */ struct hashentry { /* Entry in bucket */ struct hashentry **prev; @@ -56,7 +56,7 @@ typedef struct hashtab Hashtab; /* prototypes */ -Hashtab *hashtabnew(int sz, +Hashtab *hashtabnew(int sz, int (*cmp)(void *, void *), unsigned (*hash)(void *)); /* Make new hash table */ diff --git a/lib/asn1/heim_asn1.h b/lib/asn1/heim_asn1.h index afee6f421886..4eeafc20f94a 100644 --- a/lib/asn1/heim_asn1.h +++ b/lib/asn1/heim_asn1.h @@ -1,34 +1,34 @@ /* - * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #ifndef __HEIM_ANY_H__ diff --git a/lib/asn1/k5.asn1 b/lib/asn1/krb5.asn1 similarity index 72% rename from lib/asn1/k5.asn1 rename to lib/asn1/krb5.asn1 index 18f1e1541b5f..568fe0cd04b4 100644 --- a/lib/asn1/k5.asn1 +++ b/lib/asn1/krb5.asn1 @@ -1,7 +1,79 @@ --- $Id: k5.asn1 21965 2007-10-18 18:24:36Z lha $ +-- $Id$ KERBEROS5 DEFINITIONS ::= BEGIN +EXPORTS + AD-AND-OR, + AD-IF-RELEVANT, + AD-KDCIssued, + AD-LoginAlias, + AP-REP, + AP-REQ, + AS-REP, + AS-REQ, + AUTHDATA-TYPE, + Authenticator, + AuthorizationData, + AuthorizationDataElement, + CKSUMTYPE, + ChangePasswdDataMS, + Checksum, + ENCTYPE, + ETYPE-INFO, + ETYPE-INFO-ENTRY, + ETYPE-INFO2, + ETYPE-INFO2-ENTRY, + EncAPRepPart, + EncASRepPart, + EncKDCRepPart, + EncKrbCredPart, + EncKrbPrivPart, + EncTGSRepPart, + EncTicketPart, + EncryptedData, + EncryptionKey, + EtypeList, + HostAddress, + HostAddresses, + KDC-REQ-BODY, + KDCOptions, + KDC-REP, + KRB-CRED, + KRB-ERROR, + KRB-PRIV, + KRB-SAFE, + KRB-SAFE-BODY, + KRB5SignedPath, + KRB5SignedPathData, + KRB5SignedPathPrincipals, + KerberosString, + KerberosTime, + KrbCredInfo, + LR-TYPE, + LastReq, + METHOD-DATA, + NAME-TYPE, + PA-ClientCanonicalized, + PA-ClientCanonicalizedNames, + PA-DATA, + PA-ENC-TS-ENC, + PA-PAC-REQUEST, + PA-S4U2Self, + PA-SERVER-REFERRAL-DATA, + PA-ServerReferralData, + PA-SvrReferralData, + PADATA-TYPE, + Principal, + PrincipalName, + Principals, + Realm, + TGS-REP, + TGS-REQ, + Ticket, + TicketFlags, + TransitedEncoding, + TypedData + ; NAME-TYPE ::= INTEGER { KRB5_NT_UNKNOWN(0), -- Name type not known @@ -13,9 +85,11 @@ NAME-TYPE ::= INTEGER { KRB5_NT_X500_PRINCIPAL(6), -- PKINIT KRB5_NT_SMTP_NAME(7), -- Name in form of SMTP email name KRB5_NT_ENTERPRISE_PRINCIPAL(10), -- Windows 2000 UPN + KRB5_NT_WELLKNOWN(11), -- Wellknown KRB5_NT_ENT_PRINCIPAL_AND_ID(-130), -- Windows 2000 UPN and SID KRB5_NT_MS_PRINCIPAL(-128), -- NT 4 style name - KRB5_NT_MS_PRINCIPAL_AND_ID(-129) -- NT style name and SID + KRB5_NT_MS_PRINCIPAL_AND_ID(-129), -- NT style name and SID + KRB5_NT_NTLM(-1200) -- NTLM name, realm is domain } -- message types @@ -64,6 +138,10 @@ PADATA-TYPE ::= INTEGER { KRB5-PADATA-GET-FROM-TYPED-DATA(22), KRB5-PADATA-SAM-ETYPE-INFO(23), KRB5-PADATA-SERVER-REFERRAL(25), + KRB5-PADATA-ALT-PRINC(24), -- (crawdad@fnal.gov) + KRB5-PADATA-SAM-CHALLENGE2(30), -- (kenh@pobox.com) + KRB5-PADATA-SAM-RESPONSE2(31), -- (kenh@pobox.com) + KRB5-PA-EXTRA-TGT(41), -- Reserved extra TGT KRB5-PADATA-TD-KRB-PRINCIPAL(102), -- PrincipalName KRB5-PADATA-PK-TD-TRUSTED-CERTIFIERS(104), -- PKINIT KRB5-PADATA-PK-TD-CERTIFICATE-INDEX(105), -- PKINIT @@ -71,12 +149,31 @@ PADATA-TYPE ::= INTEGER { KRB5-PADATA-TD-REQ-NONCE(107), -- INTEGER KRB5-PADATA-TD-REQ-SEQ(108), -- INTEGER KRB5-PADATA-PA-PAC-REQUEST(128), -- jbrezak@exchange.microsoft.com - KRB5-PADATA-S4U2SELF(129), - KRB5-PADATA-PK-AS-09-BINDING(132), -- client send this to - -- tell KDC that is supports + KRB5-PADATA-FOR-USER(129), -- MS-KILE + KRB5-PADATA-FOR-X509-USER(130), -- MS-KILE + KRB5-PADATA-FOR-CHECK-DUPS(131), -- MS-KILE + KRB5-PADATA-AS-CHECKSUM(132), -- MS-KILE + KRB5-PADATA-PK-AS-09-BINDING(132), -- client send this to + -- tell KDC that is supports -- the asCheckSum in the -- PK-AS-REP - KRB5-PADATA-CLIENT-CANONICALIZED(133) -- + KRB5-PADATA-CLIENT-CANONICALIZED(133), -- referals + KRB5-PADATA-FX-COOKIE(133), -- krb-wg-preauth-framework + KRB5-PADATA-AUTHENTICATION-SET(134), -- krb-wg-preauth-framework + KRB5-PADATA-AUTH-SET-SELECTED(135), -- krb-wg-preauth-framework + KRB5-PADATA-FX-FAST(136), -- krb-wg-preauth-framework + KRB5-PADATA-FX-ERROR(137), -- krb-wg-preauth-framework + KRB5-PADATA-ENCRYPTED-CHALLENGE(138), -- krb-wg-preauth-framework + KRB5-PADATA-OTP-CHALLENGE(141), -- (gareth.richards@rsa.com) + KRB5-PADATA-OTP-REQUEST(142), -- (gareth.richards@rsa.com) + KBB5-PADATA-OTP-CONFIRM(143), -- (gareth.richards@rsa.com) + KRB5-PADATA-OTP-PIN-CHANGE(144), -- (gareth.richards@rsa.com) + KRB5-PADATA-EPAK-AS-REQ(145), + KRB5-PADATA-EPAK-AS-REP(146), + KRB5-PADATA-PKINIT-KX(147), -- krb-wg-anon + KRB5-PADATA-PKU2U-NAME(148), -- zhu-pku2u + KRB5-PADATA-REQ-ENC-PA-REP(149), -- + KRB5-PADATA-SUPPORTED-ETYPES(165) -- MS-KILE } AUTHDATA-TYPE ::= INTEGER { @@ -94,7 +191,9 @@ AUTHDATA-TYPE ::= INTEGER { KRB5-AUTHDATA-OSF-DCE-PKI-CERTID(66), KRB5-AUTHDATA-WIN2K-PAC(128), KRB5-AUTHDATA-GSS-API-ETYPE-NEGOTIATION(129), -- Authenticator only - KRB5-AUTHDATA-SIGNTICKET(-17) + KRB5-AUTHDATA-SIGNTICKET-OLDER(-17), + KRB5-AUTHDATA-SIGNTICKET-OLD(142), + KRB5-AUTHDATA-SIGNTICKET(512) } -- checksumtypes @@ -122,32 +221,32 @@ CKSUMTYPE ::= INTEGER { --enctypes ENCTYPE ::= INTEGER { - ETYPE_NULL(0), - ETYPE_DES_CBC_CRC(1), - ETYPE_DES_CBC_MD4(2), - ETYPE_DES_CBC_MD5(3), - ETYPE_DES3_CBC_MD5(5), - ETYPE_OLD_DES3_CBC_SHA1(7), - ETYPE_SIGN_DSA_GENERATE(8), - ETYPE_ENCRYPT_RSA_PRIV(9), - ETYPE_ENCRYPT_RSA_PUB(10), - ETYPE_DES3_CBC_SHA1(16), -- with key derivation - ETYPE_AES128_CTS_HMAC_SHA1_96(17), - ETYPE_AES256_CTS_HMAC_SHA1_96(18), - ETYPE_ARCFOUR_HMAC_MD5(23), - ETYPE_ARCFOUR_HMAC_MD5_56(24), - ETYPE_ENCTYPE_PK_CROSS(48), + KRB5_ENCTYPE_NULL(0), + KRB5_ENCTYPE_DES_CBC_CRC(1), + KRB5_ENCTYPE_DES_CBC_MD4(2), + KRB5_ENCTYPE_DES_CBC_MD5(3), + KRB5_ENCTYPE_DES3_CBC_MD5(5), + KRB5_ENCTYPE_OLD_DES3_CBC_SHA1(7), + KRB5_ENCTYPE_SIGN_DSA_GENERATE(8), + KRB5_ENCTYPE_ENCRYPT_RSA_PRIV(9), + KRB5_ENCTYPE_ENCRYPT_RSA_PUB(10), + KRB5_ENCTYPE_DES3_CBC_SHA1(16), -- with key derivation + KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96(17), + KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96(18), + KRB5_ENCTYPE_ARCFOUR_HMAC_MD5(23), + KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56(24), + KRB5_ENCTYPE_ENCTYPE_PK_CROSS(48), -- some "old" windows types - ETYPE_ARCFOUR_MD4(-128), - ETYPE_ARCFOUR_HMAC_OLD(-133), - ETYPE_ARCFOUR_HMAC_OLD_EXP(-135), + KRB5_ENCTYPE_ARCFOUR_MD4(-128), + KRB5_ENCTYPE_ARCFOUR_HMAC_OLD(-133), + KRB5_ENCTYPE_ARCFOUR_HMAC_OLD_EXP(-135), -- these are for Heimdal internal use - ETYPE_DES_CBC_NONE(-0x1000), - ETYPE_DES3_CBC_NONE(-0x1001), - ETYPE_DES_CFB64_NONE(-0x1002), - ETYPE_DES_PCBC_NONE(-0x1003), - ETYPE_DIGEST_MD5_NONE(-0x1004), -- private use, lukeh@padl.com - ETYPE_CRAM_MD5_NONE(-0x1005) -- private use, lukeh@padl.com + KRB5_ENCTYPE_DES_CBC_NONE(-0x1000), + KRB5_ENCTYPE_DES3_CBC_NONE(-0x1001), + KRB5_ENCTYPE_DES_CFB64_NONE(-0x1002), + KRB5_ENCTYPE_DES_PCBC_NONE(-0x1003), + KRB5_ENCTYPE_DIGEST_MD5_NONE(-0x1004), -- private use, lukeh@padl.com + KRB5_ENCTYPE_CRAM_MD5_NONE(-0x1005) -- private use, lukeh@padl.com } @@ -172,6 +271,8 @@ Principal ::= SEQUENCE { realm[1] Realm } +Principals ::= SEQUENCE OF Principal + HostAddress ::= SEQUENCE { addr-type[0] krb5int32, address[1] OCTET STRING @@ -218,7 +319,8 @@ TicketFlags ::= BIT STRING { hw-authent(11), transited-policy-checked(12), ok-as-delegate(13), - anonymous(14) + anonymous(14), + enc-pa-rep(15) } KDCOptions ::= BIT STRING { @@ -229,11 +331,7 @@ KDCOptions ::= BIT STRING { proxy(4), allow-postdate(5), postdated(6), - unused7(7), renewable(8), - unused9(9), - unused10(10), - unused11(11), request-anonymous(14), canonicalize(15), constrained-delegation(16), -- ms extension @@ -263,7 +361,7 @@ LastReq ::= SEQUENCE OF SEQUENCE { EncryptedData ::= SEQUENCE { etype[0] ENCTYPE, -- EncryptionType - kvno[1] krb5int32 OPTIONAL, + kvno[1] krb5uint32 OPTIONAL, cipher[2] OCTET STRING -- ciphertext } @@ -385,7 +483,7 @@ PA-ENC-TS-ENC ::= SEQUENCE { -- draft-brezak-win2k-krb-authz-01 PA-PAC-REQUEST ::= SEQUENCE { - include-pac[0] BOOLEAN -- Indicates whether a PAC + include-pac[0] BOOLEAN -- Indicates whether a PAC -- should be included or not } @@ -527,7 +625,7 @@ ChangePasswdDataMS ::= SEQUENCE { targrealm[2] Realm OPTIONAL } -EtypeList ::= SEQUENCE OF krb5int32 +EtypeList ::= SEQUENCE OF ENCTYPE -- the client's proposed enctype list in -- decreasing preference order, favorite choice first @@ -616,36 +714,37 @@ PA-S4U2Self ::= SEQUENCE { auth[3] GeneralString } -KRB5SignedPathPrincipals ::= SEQUENCE OF Principal - -- never encoded on the wire, just used to checksum over KRB5SignedPathData ::= SEQUENCE { - encticket[0] EncTicketPart, - delegated[1] KRB5SignedPathPrincipals OPTIONAL + client[0] Principal OPTIONAL, + authtime[1] KerberosTime, + delegated[2] Principals OPTIONAL, + method_data[3] METHOD-DATA OPTIONAL } KRB5SignedPath ::= SEQUENCE { -- DERcoded KRB5SignedPathData - -- krbtgt key (etype), KeyUsage = XXX + -- krbtgt key (etype), KeyUsage = XXX etype[0] ENCTYPE, cksum[1] Checksum, -- srvs delegated though - delegated[2] KRB5SignedPathPrincipals OPTIONAL + delegated[2] Principals OPTIONAL, + method_data[3] METHOD-DATA OPTIONAL } PA-ClientCanonicalizedNames ::= SEQUENCE{ - requested-name [0] PrincipalName, - real-name [1] PrincipalName + requested-name [0] PrincipalName, + mapped-name [1] PrincipalName } PA-ClientCanonicalized ::= SEQUENCE { - names [0] PA-ClientCanonicalizedNames, - canon-checksum [1] Checksum + names [0] PA-ClientCanonicalizedNames, + canon-checksum [1] Checksum } AD-LoginAlias ::= SEQUENCE { -- ad-type number TBD -- - login-alias [0] PrincipalName, - checksum [1] Checksum + login-alias [0] PrincipalName, + checksum [1] Checksum } -- old ms referral @@ -654,6 +753,73 @@ PA-SvrReferralData ::= SEQUENCE { referred-realm [0] Realm } +PA-SERVER-REFERRAL-DATA ::= EncryptedData + +PA-ServerReferralData ::= SEQUENCE { + referred-realm [0] Realm OPTIONAL, + true-principal-name [1] PrincipalName OPTIONAL, + requested-principal-name [2] PrincipalName OPTIONAL, + referral-valid-until [3] KerberosTime OPTIONAL, + ... +} + +FastOptions ::= BIT STRING { + reserved(0), + hide-client-names(1), + kdc-follow--referrals(16) +} + +KrbFastReq ::= SEQUENCE { + fast-options [0] FastOptions, + padata [1] SEQUENCE OF PA-DATA, + req-body [2] KDC-REQ-BODY, + ... +} + +KrbFastArmor ::= SEQUENCE { + armor-type [0] krb5int32, + armor-value [1] OCTET STRING, + ... +} + +KrbFastArmoredReq ::= SEQUENCE { + armor [0] KrbFastArmor OPTIONAL, + req-checksum [1] Checksum, + enc-fast-req [2] EncryptedData -- KrbFastReq -- +} + +PA-FX-FAST-REQUEST ::= CHOICE { + armored-data [0] KrbFastArmoredReq, + ... +} + +KrbFastFinished ::= SEQUENCE { + timestamp [0] KerberosTime, + usec [1] krb5int32, + crealm [2] Realm, + cname [3] PrincipalName, + checksum [4] Checksum, + ticket-checksum [5] Checksum, + ... +} + +KrbFastResponse ::= SEQUENCE { + padata [0] SEQUENCE OF PA-DATA, + rep-key [1] EncryptionKey OPTIONAL, + finished [2] KrbFastFinished OPTIONAL, + ... +} + +KrbFastArmoredRep ::= SEQUENCE { + enc-fast-rep [0] EncryptedData, -- KrbFastResponse -- + ... +} + +PA-FX-FAST-REPLY ::= CHOICE { + armored-data [0] KrbFastArmoredRep, + ... +} + END -- etags -r '/\([A-Za-z][-A-Za-z0-9]*\).*::=/\1/' k5.asn1 diff --git a/lib/asn1/krb5.opt b/lib/asn1/krb5.opt new file mode 100644 index 000000000000..1d6d5e8989f1 --- /dev/null +++ b/lib/asn1/krb5.opt @@ -0,0 +1,6 @@ +--encode-rfc1510-bit-string +--sequence=Principals +--sequence=AuthorizationData +--sequence=METHOD-DATA +--sequence=ETYPE-INFO +--sequence=ETYPE-INFO2 diff --git a/lib/asn1/kx509.asn1 b/lib/asn1/kx509.asn1 index fc6a696dab3a..14ebf50ecdbc 100644 --- a/lib/asn1/kx509.asn1 +++ b/lib/asn1/kx509.asn1 @@ -1,8 +1,19 @@ --- $Id: kx509.asn1 19546 2006-12-28 21:05:23Z lha $ +-- $Id$ KX509 DEFINITIONS ::= BEGIN +KX509-ERROR-CODE ::= INTEGER { + KX509-STATUS-GOOD(0), + KX509-STATUS-CLIENT-BAD(1), + KX509-STATUS-CLIENT-FIX(2), + KX509-STATUS-CLIENT-TEMP(3), + KX509-STATUS-SERVER-BAD(4), + KX509-STATUS-SERVER-TEMP(5), + -- 6 is used internally in the umich client, avoid that + KX509-STATUS-SERVER-KEY(7) +} + Kx509Request ::= SEQUENCE { authenticator OCTET STRING, pk-hash OCTET STRING, diff --git a/lib/asn1/lex.c b/lib/asn1/lex.c index 812bce16acb9..3f2dc92e2775 100644 --- a/lib/asn1/lex.c +++ b/lib/asn1/lex.c @@ -8,7 +8,7 @@ #define FLEX_SCANNER #define YY_FLEX_MAJOR_VERSION 2 #define YY_FLEX_MINOR_VERSION 5 -#define YY_FLEX_SUBMINOR_VERSION 33 +#define YY_FLEX_SUBMINOR_VERSION 35 #if YY_FLEX_SUBMINOR_VERSION > 0 #define FLEX_BETA #endif @@ -30,7 +30,7 @@ /* C99 systems have . Non-C99 systems may or may not. */ -#if __STDC_VERSION__ >= 199901L +#if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L /* C99 says to define __STDC_LIMIT_MACROS before including stdint.h, * if you want the limit (max/min) macros for int types. @@ -93,11 +93,12 @@ typedef unsigned int flex_uint32_t; #else /* ! __cplusplus */ -#if __STDC__ +/* C99 requires __STDC__ to be defined as 1. */ +#if defined (__STDC__) #define YY_USE_CONST -#endif /* __STDC__ */ +#endif /* defined (__STDC__) */ #endif /* ! __cplusplus */ #ifdef YY_USE_CONST @@ -151,7 +152,12 @@ typedef unsigned int flex_uint32_t; typedef struct yy_buffer_state *YY_BUFFER_STATE; #endif -extern int yyleng; +#ifndef YY_TYPEDEF_YY_SIZE_T +#define YY_TYPEDEF_YY_SIZE_T +typedef size_t yy_size_t; +#endif + +extern yy_size_t yyleng; extern FILE *yyin, *yyout; @@ -177,16 +183,6 @@ extern FILE *yyin, *yyout; #define unput(c) yyunput( c, (yytext_ptr) ) -/* The following is because we cannot portably get our hands on size_t - * (without autoconf's help, which isn't available because we want - * flex-generated scanners to compile on their own). - */ - -#ifndef YY_TYPEDEF_YY_SIZE_T -#define YY_TYPEDEF_YY_SIZE_T -typedef unsigned int yy_size_t; -#endif - #ifndef YY_STRUCT_YY_BUFFER_STATE #define YY_STRUCT_YY_BUFFER_STATE struct yy_buffer_state @@ -204,7 +200,7 @@ struct yy_buffer_state /* Number of characters read into yy_ch_buf, not including EOB * characters. */ - int yy_n_chars; + yy_size_t yy_n_chars; /* Whether we "own" the buffer - i.e., we know we created it, * and can realloc() it to grow it, and should free() it to @@ -274,8 +270,8 @@ static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */ /* yy_hold_char holds the character lost when yytext is formed. */ static char yy_hold_char; -static int yy_n_chars; /* number of characters read into yy_ch_buf */ -int yyleng; +static yy_size_t yy_n_chars; /* number of characters read into yy_ch_buf */ +yy_size_t yyleng; /* Points to current character in buffer. */ static char *yy_c_buf_p = (char *) 0; @@ -303,7 +299,7 @@ static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file ); YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size ); YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str ); -YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,int len ); +YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,yy_size_t len ); void *yyalloc (yy_size_t ); void *yyrealloc (void *,yy_size_t ); @@ -794,39 +790,39 @@ char *yytext; #line 1 "lex.l" #line 2 "lex.l" /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: lex.l 18738 2006-10-21 11:57:22Z lha $ */ +/* $Id$ */ #ifdef HAVE_CONFIG_H #include @@ -840,7 +836,7 @@ char *yytext; #endif #undef ECHO #include "symbol.h" -#include "parse.h" +#include "asn1parse.h" #include "lex.h" #include "gen_locl.h" @@ -851,7 +847,7 @@ static unsigned lineno = 1; static void unterminated(const char *, unsigned); /* This is for broken old lexes (solaris 10 and hpux) */ -#line 855 "lex.c" +#line 851 "lex.c" #define INITIAL 0 @@ -869,6 +865,35 @@ static void unterminated(const char *, unsigned); static int yy_init_globals (void ); +/* Accessor methods to globals. + These are made visible to non-reentrant scanners for convenience. */ + +int yylex_destroy (void ); + +int yyget_debug (void ); + +void yyset_debug (int debug_flag ); + +YY_EXTRA_TYPE yyget_extra (void ); + +void yyset_extra (YY_EXTRA_TYPE user_defined ); + +FILE *yyget_in (void ); + +void yyset_in (FILE * in_str ); + +FILE *yyget_out (void ); + +void yyset_out (FILE * out_str ); + +yy_size_t yyget_leng (void ); + +char *yyget_text (void ); + +int yyget_lineno (void ); + +void yyset_lineno (int line_number ); + /* Macros after this point can all be overridden by user definitions in * section 1. */ @@ -911,7 +936,7 @@ static int input (void ); /* This used to be an fputs(), but since the string might contain NUL's, * we now use fwrite(). */ -#define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) +#define ECHO fwrite( yytext, yyleng, 1, yyout ) #endif /* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, @@ -922,7 +947,7 @@ static int input (void ); if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \ { \ int c = '*'; \ - size_t n; \ + yy_size_t n; \ for ( n = 0; n < max_size && \ (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ buf[n] = (char) c; \ @@ -1006,7 +1031,7 @@ YY_DECL #line 68 "lex.l" -#line 1010 "lex.c" +#line 1035 "lex.c" if ( !(yy_init) ) { @@ -1512,7 +1537,7 @@ YY_RULE_SETUP case 85: YY_RULE_SETUP #line 153 "lex.l" -{ +{ int c, start_lineno = lineno; int f = 0; while((c = input()) != EOF) { @@ -1535,7 +1560,7 @@ YY_RULE_SETUP case 86: YY_RULE_SETUP #line 172 "lex.l" -{ +{ int c, start_lineno = lineno; int level = 1; int seen_star = 0; @@ -1562,7 +1587,7 @@ YY_RULE_SETUP level++; seen_star = seen_slash = 0; continue; - } + } seen_star = 1; continue; } @@ -1579,14 +1604,14 @@ YY_RULE_SETUP case 87: YY_RULE_SETUP #line 212 "lex.l" -{ +{ int start_lineno = lineno; int c; char buf[1024]; char *p = buf; int f = 0; int skip_ws = 0; - + while((c = input()) != EOF) { if(isspace(c) && skip_ws) { if(c == '\n') @@ -1594,7 +1619,7 @@ YY_RULE_SETUP continue; } skip_ws = 0; - + if(c == '"') { if(f) { *p++ = '"'; @@ -1621,7 +1646,7 @@ YY_RULE_SETUP *p++ = '\0'; fprintf(stderr, "string -- %s\n", buf); yylval.name = estrdup(buf); - return STRING; + return STRING; } YY_BREAK case 88: @@ -1630,8 +1655,8 @@ YY_RULE_SETUP { char *e, *y = yytext; yylval.constant = strtol((const char *)yytext, &e, 0); - if(e == y) - error_message("malformed constant (%s)", yytext); + if(e == y) + lex_error_message("malformed constant (%s)", yytext); else return NUMBER; } @@ -1668,14 +1693,14 @@ YY_RULE_SETUP case 94: YY_RULE_SETUP #line 273 "lex.l" -{ error_message("Ignoring char(%c)\n", *yytext); } +{ lex_error_message("Ignoring char(%c)\n", *yytext); } YY_BREAK case 95: YY_RULE_SETUP #line 274 "lex.l" ECHO; YY_BREAK -#line 1679 "lex.c" +#line 1704 "lex.c" case YY_STATE_EOF(INITIAL): yyterminate(); @@ -1861,7 +1886,7 @@ static int yy_get_next_buffer (void) else { - int num_to_read = + yy_size_t num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; while ( num_to_read <= 0 ) @@ -1875,7 +1900,7 @@ static int yy_get_next_buffer (void) if ( b->yy_is_our_buffer ) { - int new_size = b->yy_buf_size * 2; + yy_size_t new_size = b->yy_buf_size * 2; if ( new_size <= 0 ) b->yy_buf_size += b->yy_buf_size / 8; @@ -1930,6 +1955,14 @@ static int yy_get_next_buffer (void) else ret_val = EOB_ACT_CONTINUE_SCAN; + if ((yy_size_t) ((yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) { + /* Extend the array by 50%, plus the number we really need. */ + yy_size_t new_size = (yy_n_chars) + number_to_move + ((yy_n_chars) >> 1); + YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) yyrealloc((void *) YY_CURRENT_BUFFER_LVALUE->yy_ch_buf,new_size ); + if ( ! YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) + YY_FATAL_ERROR( "out of dynamic memory in yy_get_next_buffer()" ); + } + (yy_n_chars) += number_to_move; YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR; YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR; @@ -2008,7 +2041,7 @@ static int yy_get_next_buffer (void) if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) { /* need to shift things up to make room */ /* +2 for EOB chars. */ - register int number_to_move = (yy_n_chars) + 2; + register yy_size_t number_to_move = (yy_n_chars) + 2; register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[ YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2]; register char *source = @@ -2057,7 +2090,7 @@ static int yy_get_next_buffer (void) else { /* need more input */ - int offset = (yy_c_buf_p) - (yytext_ptr); + yy_size_t offset = (yy_c_buf_p) - (yytext_ptr); ++(yy_c_buf_p); switch ( yy_get_next_buffer( ) ) @@ -2333,7 +2366,7 @@ void yypop_buffer_state (void) */ static void yyensure_buffer_stack (void) { - int num_to_alloc; + yy_size_t num_to_alloc; if (!(yy_buffer_stack)) { @@ -2345,7 +2378,9 @@ static void yyensure_buffer_stack (void) (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc (num_to_alloc * sizeof(struct yy_buffer_state*) ); - + if ( ! (yy_buffer_stack) ) + YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); + memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*)); (yy_buffer_stack_max) = num_to_alloc; @@ -2363,6 +2398,8 @@ static void yyensure_buffer_stack (void) ((yy_buffer_stack), num_to_alloc * sizeof(struct yy_buffer_state*) ); + if ( ! (yy_buffer_stack) ) + YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); /* zero only the new slots.*/ memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*)); @@ -2407,7 +2444,7 @@ YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size ) /** Setup the input buffer state to scan a string. The next call to yylex() will * scan from a @e copy of @a str. - * @param str a NUL-terminated string to scan + * @param yystr a NUL-terminated string to scan * * @return the newly allocated buffer state object. * @note If you want to scan bytes that may contain NUL values, then use @@ -2426,12 +2463,11 @@ YY_BUFFER_STATE yy_scan_string (yyconst char * yystr ) * * @return the newly allocated buffer state object. */ -YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, int _yybytes_len ) +YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, yy_size_t _yybytes_len ) { YY_BUFFER_STATE b; char *buf; - yy_size_t n; - int i; + yy_size_t n, i; /* Get memory for full buffer, including space for trailing EOB's. */ n = _yybytes_len + 2; @@ -2513,7 +2549,7 @@ FILE *yyget_out (void) /** Get the length of the current token. * */ -int yyget_leng (void) +yy_size_t yyget_leng (void) { return yyleng; } @@ -2667,14 +2703,14 @@ void yyfree (void * ptr ) #ifndef yywrap /* XXX */ int -yywrap () +yywrap () { return 1; } #endif void -error_message (const char *format, ...) +lex_error_message (const char *format, ...) { va_list args; @@ -2688,6 +2724,6 @@ error_message (const char *format, ...) static void unterminated(const char *type, unsigned start_lineno) { - error_message("unterminated %s, possibly started on line %d\n", type, start_lineno); + lex_error_message("unterminated %s, possibly started on line %d\n", type, start_lineno); } diff --git a/lib/asn1/lex.h b/lib/asn1/lex.h index 7aececf6d7a0..1ee534178996 100644 --- a/lib/asn1/lex.h +++ b/lib/asn1/lex.h @@ -1,41 +1,41 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: lex.h 15617 2005-07-12 06:27:42Z lha $ */ +/* $Id$ */ #include -void error_message (const char *, ...) +void lex_error_message (const char *, ...) __attribute__ ((format (printf, 1, 2))); extern int error_flag; diff --git a/lib/asn1/lex.l b/lib/asn1/lex.l index ec744220e9c0..2d32020266c8 100644 --- a/lib/asn1/lex.l +++ b/lib/asn1/lex.l @@ -1,38 +1,38 @@ %{ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: lex.l 18738 2006-10-21 11:57:22Z lha $ */ +/* $Id$ */ #ifdef HAVE_CONFIG_H #include @@ -46,7 +46,7 @@ #endif #undef ECHO #include "symbol.h" -#include "parse.h" +#include "asn1parse.h" #include "lex.h" #include "gen_locl.h" @@ -150,7 +150,7 @@ WITH { return kw_WITH; } "[" { return *yytext; } "]" { return *yytext; } ::= { return EEQUAL; } --- { +-- { int c, start_lineno = lineno; int f = 0; while((c = input()) != EOF) { @@ -169,7 +169,7 @@ WITH { return kw_WITH; } if(c == EOF) unterminated("comment", start_lineno); } -\/\* { +\/\* { int c, start_lineno = lineno; int level = 1; int seen_star = 0; @@ -196,7 +196,7 @@ WITH { return kw_WITH; } level++; seen_star = seen_slash = 0; continue; - } + } seen_star = 1; continue; } @@ -209,14 +209,14 @@ WITH { return kw_WITH; } if(c == EOF) unterminated("comment", start_lineno); } -"\"" { +"\"" { int start_lineno = lineno; int c; char buf[1024]; char *p = buf; int f = 0; int skip_ws = 0; - + while((c = input()) != EOF) { if(isspace(c) && skip_ws) { if(c == '\n') @@ -224,7 +224,7 @@ WITH { return kw_WITH; } continue; } skip_ws = 0; - + if(c == '"') { if(f) { *p++ = '"'; @@ -251,14 +251,14 @@ WITH { return kw_WITH; } *p++ = '\0'; fprintf(stderr, "string -- %s\n", buf); yylval.name = estrdup(buf); - return STRING; + return STRING; } -?0x[0-9A-Fa-f]+|-?[0-9]+ { char *e, *y = yytext; yylval.constant = strtol((const char *)yytext, &e, 0); - if(e == y) - error_message("malformed constant (%s)", yytext); + if(e == y) + lex_error_message("malformed constant (%s)", yytext); else return NUMBER; } @@ -270,19 +270,19 @@ WITH { return kw_WITH; } \n { ++lineno; } \.\.\. { return ELLIPSIS; } \.\. { return RANGE; } -. { error_message("Ignoring char(%c)\n", *yytext); } +. { lex_error_message("Ignoring char(%c)\n", *yytext); } %% #ifndef yywrap /* XXX */ int -yywrap () +yywrap () { return 1; } #endif void -error_message (const char *format, ...) +lex_error_message (const char *format, ...) { va_list args; @@ -296,5 +296,5 @@ error_message (const char *format, ...) static void unterminated(const char *type, unsigned start_lineno) { - error_message("unterminated %s, possibly started on line %d\n", type, start_lineno); + lex_error_message("unterminated %s, possibly started on line %d\n", type, start_lineno); } diff --git a/lib/asn1/libasn1-exports.def b/lib/asn1/libasn1-exports.def new file mode 100644 index 000000000000..6dfb93ea054c --- /dev/null +++ b/lib/asn1/libasn1-exports.def @@ -0,0 +1,1578 @@ +EXPORTS + APOptions2int + DigestTypes2int + DistributionPointReasonFlags2int + FastOptions2int + KDCOptions2int + KeyUsage2int + SAMFlags2int + TicketFlags2int + _der_timegm + _der_gmtime + _heim_der_set_sort + _heim_fix_dce + _heim_len_int + _heim_len_unsigned + _heim_time2generalizedtime + add_AuthorizationData + add_CRLDistributionPoints + add_DigestAlgorithmIdentifiers + add_ETYPE_INFO + add_ETYPE_INFO2 + add_Extensions + add_GeneralNames + add_METHOD_DATA + add_Principals + asn1_APOptions_units + asn1_DigestTypes_units + asn1_DistributionPointReasonFlags_units + asn1_FastOptions_units + asn1_KDCOptions_units + asn1_KeyUsage_units + asn1_SAMFlags_units + asn1_TicketFlags_units + asn1_oid_id_Userid DATA + asn1_oid_id_aes_128_cbc DATA + asn1_oid_id_aes_192_cbc DATA + asn1_oid_id_aes_256_cbc DATA + asn1_oid_id_at_commonName DATA + asn1_oid_id_at_countryName DATA + asn1_oid_id_at_generationQualifier DATA + asn1_oid_id_at_givenName DATA + asn1_oid_id_at_initials DATA + asn1_oid_id_at_localityName DATA + asn1_oid_id_at_name DATA + asn1_oid_id_at_organizationName DATA + asn1_oid_id_at_organizationalUnitName DATA + asn1_oid_id_at_pseudonym DATA + asn1_oid_id_at_serialNumber DATA + asn1_oid_id_at_stateOrProvinceName DATA + asn1_oid_id_at_streetAddress DATA + asn1_oid_id_at_surname DATA + asn1_oid_id_dhpublicnumber DATA + asn1_oid_id_domainComponent DATA + asn1_oid_id_dsa DATA + asn1_oid_id_dsa_with_sha1 DATA + asn1_oid_id_ecDH DATA + asn1_oid_id_ecMQV DATA + asn1_oid_id_ecPublicKey DATA + asn1_oid_id_ec_group_secp160r1 DATA + asn1_oid_id_ec_group_secp160r2 DATA + asn1_oid_id_ec_group_secp256r1 DATA + asn1_oid_id_ecdsa_with_SHA1 DATA + asn1_oid_id_ecdsa_with_SHA256 DATA + asn1_oid_id_heim_rsa_pkcs1_x509 DATA + asn1_oid_id_ms_cert_enroll_domaincontroller DATA + asn1_oid_id_ms_client_authentication DATA + asn1_oid_id_netscape DATA + asn1_oid_id_netscape_cert_comment DATA + asn1_oid_id_nistAlgorithm DATA + asn1_oid_id_nist_aes_algs DATA + asn1_oid_id_nist_sha_algs DATA + asn1_oid_id_pbeWithSHAAnd128BitRC2_CBC DATA + asn1_oid_id_pbeWithSHAAnd128BitRC4 DATA + asn1_oid_id_pbeWithSHAAnd2_KeyTripleDES_CBC DATA + asn1_oid_id_pbeWithSHAAnd3_KeyTripleDES_CBC DATA + asn1_oid_id_pbeWithSHAAnd40BitRC4 DATA + asn1_oid_id_pbewithSHAAnd40BitRC2_CBC DATA + asn1_oid_id_pkauthdata DATA + asn1_oid_id_pkcs12_bagtypes DATA + asn1_oid_id_pkcs12_certBag DATA + asn1_oid_id_pkcs12_crlBag DATA + asn1_oid_id_pkcs12_keyBag DATA + asn1_oid_id_pkcs12_pkcs8ShroudedKeyBag DATA + asn1_oid_id_pkcs12_safeContentsBag DATA + asn1_oid_id_pkcs12_secretBag DATA + asn1_oid_id_pkcs1_md2WithRSAEncryption DATA + asn1_oid_id_pkcs1_md5WithRSAEncryption DATA + asn1_oid_id_pkcs1_rsaEncryption DATA + asn1_oid_id_pkcs1_sha1WithRSAEncryption DATA + asn1_oid_id_pkcs1_sha256WithRSAEncryption DATA + asn1_oid_id_pkcs1_sha384WithRSAEncryption DATA + asn1_oid_id_pkcs1_sha512WithRSAEncryption DATA + asn1_oid_id_pkcs2_md2 DATA + asn1_oid_id_pkcs2_md4 DATA + asn1_oid_id_pkcs2_md5 DATA + asn1_oid_id_pkcs3_des_ede3_cbc DATA + asn1_oid_id_pkcs3_rc2_cbc DATA + asn1_oid_id_pkcs3_rc4 DATA + asn1_oid_id_pkcs7 DATA + asn1_oid_id_pkcs7_data DATA + asn1_oid_id_pkcs7_digestedData DATA + asn1_oid_id_pkcs7_encryptedData DATA + asn1_oid_id_pkcs7_envelopedData DATA + asn1_oid_id_pkcs7_signedAndEnvelopedData DATA + asn1_oid_id_pkcs7_signedData DATA + asn1_oid_id_pkcs9_contentType DATA + asn1_oid_id_pkcs9_countersignature DATA + asn1_oid_id_pkcs9_emailAddress DATA + asn1_oid_id_pkcs9_messageDigest DATA + asn1_oid_id_pkcs9_signingTime DATA + asn1_oid_id_pkcs_1 DATA + asn1_oid_id_pkcs_12 DATA + asn1_oid_id_pkcs_12PbeIds DATA + asn1_oid_id_pkcs_2 DATA + asn1_oid_id_pkcs_3 DATA + asn1_oid_id_pkcs_9 DATA + asn1_oid_id_pkcs_9_at_certTypes DATA + asn1_oid_id_pkcs_9_at_certTypes_x509 DATA + asn1_oid_id_pkcs_9_at_friendlyName DATA + asn1_oid_id_pkcs_9_at_localKeyId DATA + asn1_oid_id_pkdhkeydata DATA + asn1_oid_id_pkekuoid DATA + asn1_oid_id_pkinit DATA + asn1_oid_id_pkinit_kdf DATA + asn1_oid_id_pkinit_kdf_ah_sha1 DATA + asn1_oid_id_pkinit_kdf_ah_sha256 DATA + asn1_oid_id_pkinit_kdf_ah_sha512 DATA + asn1_oid_id_pkinit_ms_eku DATA + asn1_oid_id_pkinit_ms_san DATA + asn1_oid_id_pkinit_san DATA + asn1_oid_id_pkix DATA + asn1_oid_id_pkix_kp DATA + asn1_oid_id_pkix_kp_OCSPSigning DATA + asn1_oid_id_pkix_kp_clientAuth DATA + asn1_oid_id_pkix_kp_emailProtection DATA + asn1_oid_id_pkix_kp_serverAuth DATA + asn1_oid_id_pkix_kp_timeStamping DATA + asn1_oid_id_pkix_on DATA + asn1_oid_id_pkix_on_dnsSRV DATA + asn1_oid_id_pkix_on_xmppAddr DATA + asn1_oid_id_pkix_pe DATA + asn1_oid_id_pkix_pe_authorityInfoAccess DATA + asn1_oid_id_pkix_pe_proxyCertInfo DATA + asn1_oid_id_pkix_ppl DATA + asn1_oid_id_pkix_ppl_anyLanguage DATA + asn1_oid_id_pkix_ppl_independent DATA + asn1_oid_id_pkix_ppl_inheritAll DATA + asn1_oid_id_pkkdcekuoid DATA + asn1_oid_id_pkrkeydata DATA + asn1_oid_id_rsa_digestAlgorithm DATA + asn1_oid_id_rsa_digest_md2 DATA + asn1_oid_id_rsa_digest_md4 DATA + asn1_oid_id_rsa_digest_md5 DATA + asn1_oid_id_rsadsi_des_ede3_cbc DATA + asn1_oid_id_rsadsi_encalg DATA + asn1_oid_id_rsadsi_rc2_cbc DATA + asn1_oid_id_secsig_sha_1 DATA + asn1_oid_id_secsig_sha_1WithRSAEncryption DATA + asn1_oid_id_sha224 DATA + asn1_oid_id_sha256 DATA + asn1_oid_id_sha384 DATA + asn1_oid_id_sha512 DATA + asn1_oid_id_uspkicommon_card_id DATA + asn1_oid_id_uspkicommon_piv_interim DATA + asn1_oid_id_x509_ce DATA + asn1_oid_id_x509_ce_authorityKeyIdentifier DATA + asn1_oid_id_x509_ce_basicConstraints DATA + asn1_oid_id_x509_ce_cRLDistributionPoints DATA + asn1_oid_id_x509_ce_cRLNumber DATA + asn1_oid_id_x509_ce_cRLReason DATA + asn1_oid_id_x509_ce_certificateIssuer DATA + asn1_oid_id_x509_ce_certificatePolicies DATA + asn1_oid_id_x509_ce_deltaCRLIndicator DATA + asn1_oid_id_x509_ce_extKeyUsage DATA + asn1_oid_id_x509_ce_freshestCRL DATA + asn1_oid_id_x509_ce_holdInstructionCode DATA + asn1_oid_id_x509_ce_inhibitAnyPolicy DATA + asn1_oid_id_x509_ce_invalidityDate DATA + asn1_oid_id_x509_ce_issuerAltName DATA + asn1_oid_id_x509_ce_issuingDistributionPoint DATA + asn1_oid_id_x509_ce_keyUsage DATA + asn1_oid_id_x509_ce_nameConstraints DATA + asn1_oid_id_x509_ce_policyConstraints DATA + asn1_oid_id_x509_ce_policyMappings DATA + asn1_oid_id_x509_ce_privateKeyUsagePeriod DATA + asn1_oid_id_x509_ce_subjectAltName DATA + asn1_oid_id_x509_ce_subjectDirectoryAttributes DATA + asn1_oid_id_x509_ce_subjectKeyIdentifier DATA + asn1_oid_id_x520_at DATA + asn1_oid_id_x9_57 DATA + copy_AD_AND_OR + copy_AD_IF_RELEVANT + copy_AD_INITIAL_VERIFIED_CAS + copy_AD_KDCIssued + copy_AD_LoginAlias + copy_AD_MANDATORY_FOR_KDC + copy_APOptions + copy_AP_REP + copy_AP_REQ + copy_AS_REP + copy_AS_REQ + copy_AUTHDATA_TYPE + copy_AccessDescription + copy_AlgorithmIdentifier + copy_Attribute + copy_AttributeType + copy_AttributeTypeAndValue + copy_AttributeValue + copy_AuthPack + copy_AuthPack_Win2k + copy_Authenticator + copy_AuthorityInfoAccessSyntax + copy_AuthorityKeyIdentifier + copy_AuthorizationData + copy_AuthorizationDataElement + copy_BaseDistance + copy_BasicConstraints + copy_CKSUMTYPE + copy_CMSAttributes + copy_CMSCBCParameter + copy_CMSEncryptedData + copy_CMSIdentifier + copy_CMSRC2CBCParameter + copy_CMSVersion + copy_CRLCertificateList + copy_CRLDistributionPoints + copy_CRLReason + copy_Certificate + copy_CertificateList + copy_CertificateRevocationLists + copy_CertificateSerialNumber + copy_CertificateSet + copy_Certificates + copy_ChangePasswdDataMS + copy_Checksum + copy_ContentEncryptionAlgorithmIdentifier + copy_ContentInfo + copy_ContentType + copy_DHNonce + copy_DHParameter + copy_DHPublicKey + copy_DHRepInfo + copy_DSAParams + copy_DSAPublicKey + copy_DSASigValue + copy_DigestAlgorithmIdentifier + copy_DigestAlgorithmIdentifiers + copy_DigestError + copy_DigestInfo + copy_DigestInit + copy_DigestInitReply + copy_DigestREP + copy_DigestREQ + copy_DigestRepInner + copy_DigestReqInner + copy_DigestRequest + copy_DigestResponse + copy_DigestTypes + copy_DirectoryString + copy_DistributionPoint + copy_DistributionPointName + copy_DistributionPointReasonFlags + copy_DomainParameters + copy_ECDSA_Sig_Value + copy_ECParameters + copy_ECPoint + copy_ENCTYPE + copy_ETYPE_INFO + copy_ETYPE_INFO2 + copy_ETYPE_INFO2_ENTRY + copy_ETYPE_INFO_ENTRY + copy_EncAPRepPart + copy_EncASRepPart + copy_EncKDCRepPart + copy_EncKrbCredPart + copy_EncKrbPrivPart + copy_EncTGSRepPart + copy_EncTicketPart + copy_EncapsulatedContentInfo + copy_EncryptedContent + copy_EncryptedContentInfo + copy_EncryptedData + copy_EncryptedKey + copy_EncryptionKey + copy_EnvelopedData + copy_EtypeList + copy_ExtKeyUsage + copy_Extension + copy_Extensions + copy_ExternalPrincipalIdentifier + copy_ExternalPrincipalIdentifiers + copy_FastOptions + copy_GeneralName + copy_GeneralNames + copy_GeneralSubtree + copy_GeneralSubtrees + copy_HostAddress + copy_HostAddresses + copy_IssuerAndSerialNumber + copy_KDCDHKeyInfo + copy_KDCDHKeyInfo_Win2k + copy_KDCOptions + copy_KDC_REP + copy_KDC_REQ + copy_KDC_REQ_BODY + copy_KDFAlgorithmId + copy_KRB5PrincipalName + copy_KRB5SignedPath + copy_KRB5SignedPathData + copy_KRB_CRED + copy_KRB_ERROR + copy_KRB_PRIV + copy_KRB_SAFE + copy_KRB_SAFE_BODY + copy_KX509_ERROR_CODE + copy_KerberosString + copy_KerberosTime + copy_KeyEncryptionAlgorithmIdentifier + copy_KeyIdentifier + copy_KeyTransRecipientInfo + copy_KeyUsage + copy_KrbCredInfo + copy_KrbFastArmor + copy_KrbFastArmoredRep + copy_KrbFastArmoredReq + copy_KrbFastFinished + copy_KrbFastReq + copy_KrbFastResponse + copy_Kx509Request + copy_Kx509Response + copy_LR_TYPE + copy_LastReq + copy_MESSAGE_TYPE + copy_METHOD_DATA + copy_MS_UPN_SAN + copy_MessageDigest + copy_NAME_TYPE + copy_NTLMInit + copy_NTLMInitReply + copy_NTLMReply + copy_NTLMRequest + copy_NTLMRequest2 + copy_NTLMResponse + copy_Name + copy_NameConstraints + copy_OriginatorInfo + copy_OtherName + copy_PADATA_TYPE + copy_PA_ClientCanonicalized + copy_PA_ClientCanonicalizedNames + copy_PA_DATA + copy_PA_ENC_SAM_RESPONSE_ENC + copy_PA_ENC_TS_ENC + copy_PA_FX_FAST_REPLY + copy_PA_FX_FAST_REQUEST + copy_PA_PAC_REQUEST + copy_PA_PK_AS_REP + copy_PA_PK_AS_REP_BTMM + copy_PA_PK_AS_REP_Win2k + copy_PA_PK_AS_REQ + copy_PA_PK_AS_REQ_Win2k + copy_PA_S4U2Self + copy_PA_SAM_CHALLENGE_2 + copy_PA_SAM_CHALLENGE_2_BODY + copy_PA_SAM_REDIRECT + copy_PA_SAM_RESPONSE_2 + copy_PA_SAM_TYPE + copy_PA_SERVER_REFERRAL_DATA + copy_PA_ServerReferralData + copy_PA_SvrReferralData + copy_PKAuthenticator + copy_PKAuthenticator_Win2k + copy_PKCS12_Attribute + copy_PKCS12_Attributes + copy_PKCS12_AuthenticatedSafe + copy_PKCS12_CertBag + copy_PKCS12_MacData + copy_PKCS12_OctetString + copy_PKCS12_PBEParams + copy_PKCS12_PFX + copy_PKCS12_SafeBag + copy_PKCS12_SafeContents + copy_PKCS8Attributes + copy_PKCS8EncryptedData + copy_PKCS8EncryptedPrivateKeyInfo + copy_PKCS8PrivateKey + copy_PKCS8PrivateKeyAlgorithmIdentifier + copy_PKCS8PrivateKeyInfo + copy_PKCS9_BMPString + copy_PKCS9_friendlyName + copy_PKIXXmppAddr + copy_PROV_SRV_LOCATION + copy_PkinitSP80056AOtherInfo + copy_PkinitSuppPubInfo + copy_Principal + copy_PrincipalName + copy_Principals + copy_ProxyCertInfo + copy_ProxyPolicy + copy_RDNSequence + copy_RSAPrivateKey + copy_RSAPublicKey + copy_Realm + copy_RecipientIdentifier + copy_RecipientInfo + copy_RecipientInfos + copy_RelativeDistinguishedName + copy_ReplyKeyPack + copy_ReplyKeyPack_Win2k + copy_SAMFlags + copy_SignatureAlgorithmIdentifier + copy_SignatureValue + copy_SignedData + copy_SignerIdentifier + copy_SignerInfo + copy_SignerInfos + copy_SubjectKeyIdentifier + copy_SubjectPublicKeyInfo + copy_TBSCRLCertList + copy_TBSCertificate + copy_TD_DH_PARAMETERS + copy_TD_INVALID_CERTIFICATES + copy_TD_TRUSTED_CERTIFIERS + copy_TGS_REP + copy_TGS_REQ + copy_TYPED_DATA + copy_Ticket + copy_TicketFlags + copy_Time + copy_TransitedEncoding + copy_TrustedCA + copy_TrustedCA_Win2k + copy_TypedData + copy_UniqueIdentifier + copy_UnprotectedAttributes + copy_ValidationParms + copy_Validity + copy_Version + copy_heim_any + copy_heim_any_set + copy_krb5int32 + copy_krb5uint32 + decode_AD_AND_OR + decode_AD_IF_RELEVANT + decode_AD_INITIAL_VERIFIED_CAS + decode_AD_KDCIssued + decode_AD_LoginAlias + decode_AD_MANDATORY_FOR_KDC + decode_APOptions + decode_AP_REP + decode_AP_REQ + decode_AS_REP + decode_AS_REQ + decode_AUTHDATA_TYPE + decode_AccessDescription + decode_AlgorithmIdentifier + decode_Attribute + decode_AttributeType + decode_AttributeTypeAndValue + decode_AttributeValue + decode_AuthPack + decode_AuthPack_Win2k + decode_Authenticator + decode_AuthorityInfoAccessSyntax + decode_AuthorityKeyIdentifier + decode_AuthorizationData + decode_AuthorizationDataElement + decode_BaseDistance + decode_BasicConstraints + decode_CKSUMTYPE + decode_CMSAttributes + decode_CMSCBCParameter + decode_CMSEncryptedData + decode_CMSIdentifier + decode_CMSRC2CBCParameter + decode_CMSVersion + decode_CRLCertificateList + decode_CRLDistributionPoints + decode_CRLReason + decode_Certificate + decode_CertificateList + decode_CertificateRevocationLists + decode_CertificateSerialNumber + decode_CertificateSet + decode_Certificates + decode_ChangePasswdDataMS + decode_Checksum + decode_ContentEncryptionAlgorithmIdentifier + decode_ContentInfo + decode_ContentType + decode_DHNonce + decode_DHParameter + decode_DHPublicKey + decode_DHRepInfo + decode_DSAParams + decode_DSAPublicKey + decode_DSASigValue + decode_DigestAlgorithmIdentifier + decode_DigestAlgorithmIdentifiers + decode_DigestError + decode_DigestInfo + decode_DigestInit + decode_DigestInitReply + decode_DigestREP + decode_DigestREQ + decode_DigestRepInner + decode_DigestReqInner + decode_DigestRequest + decode_DigestResponse + decode_DigestTypes + decode_DirectoryString + decode_DistributionPoint + decode_DistributionPointName + decode_DistributionPointReasonFlags + decode_DomainParameters + decode_ECDSA_Sig_Value + decode_ECParameters + decode_ECPoint + decode_ENCTYPE + decode_ETYPE_INFO + decode_ETYPE_INFO2 + decode_ETYPE_INFO2_ENTRY + decode_ETYPE_INFO_ENTRY + decode_EncAPRepPart + decode_EncASRepPart + decode_EncKDCRepPart + decode_EncKrbCredPart + decode_EncKrbPrivPart + decode_EncTGSRepPart + decode_EncTicketPart + decode_EncapsulatedContentInfo + decode_EncryptedContent + decode_EncryptedContentInfo + decode_EncryptedData + decode_EncryptedKey + decode_EncryptionKey + decode_EnvelopedData + decode_EtypeList + decode_ExtKeyUsage + decode_Extension + decode_Extensions + decode_ExternalPrincipalIdentifier + decode_ExternalPrincipalIdentifiers + decode_FastOptions + decode_GeneralName + decode_GeneralNames + decode_GeneralSubtree + decode_GeneralSubtrees + decode_HostAddress + decode_HostAddresses + decode_IssuerAndSerialNumber + decode_KDCDHKeyInfo + decode_KDCDHKeyInfo_Win2k + decode_KDCOptions + decode_KDC_REP + decode_KDC_REQ + decode_KDC_REQ_BODY + decode_KDFAlgorithmId + decode_KRB5PrincipalName + decode_KRB5SignedPath + decode_KRB5SignedPathData + decode_KRB_CRED + decode_KRB_ERROR + decode_KRB_PRIV + decode_KRB_SAFE + decode_KRB_SAFE_BODY + decode_KX509_ERROR_CODE + decode_KerberosString + decode_KerberosTime + decode_KeyEncryptionAlgorithmIdentifier + decode_KeyIdentifier + decode_KeyTransRecipientInfo + decode_KeyUsage + decode_KrbCredInfo + decode_KrbFastArmor + decode_KrbFastArmoredRep + decode_KrbFastArmoredReq + decode_KrbFastFinished + decode_KrbFastReq + decode_KrbFastResponse + decode_Kx509Request + decode_Kx509Response + decode_LR_TYPE + decode_LastReq + decode_MESSAGE_TYPE + decode_METHOD_DATA + decode_MS_UPN_SAN + decode_MessageDigest + decode_NAME_TYPE + decode_NTLMInit + decode_NTLMInitReply + decode_NTLMReply + decode_NTLMRequest + decode_NTLMRequest2 + decode_NTLMResponse + decode_Name + decode_NameConstraints + decode_OriginatorInfo + decode_OtherName + decode_PADATA_TYPE + decode_PA_ClientCanonicalized + decode_PA_ClientCanonicalizedNames + decode_PA_DATA + decode_PA_ENC_SAM_RESPONSE_ENC + decode_PA_ENC_TS_ENC + decode_PA_FX_FAST_REPLY + decode_PA_FX_FAST_REQUEST + decode_PA_PAC_REQUEST + decode_PA_PK_AS_REP + decode_PA_PK_AS_REP_BTMM + decode_PA_PK_AS_REP_Win2k + decode_PA_PK_AS_REQ + decode_PA_PK_AS_REQ_Win2k + decode_PA_S4U2Self + decode_PA_SAM_CHALLENGE_2 + decode_PA_SAM_CHALLENGE_2_BODY + decode_PA_SAM_REDIRECT + decode_PA_SAM_RESPONSE_2 + decode_PA_SAM_TYPE + decode_PA_SERVER_REFERRAL_DATA + decode_PA_ServerReferralData + decode_PA_SvrReferralData + decode_PKAuthenticator + decode_PKAuthenticator_Win2k + decode_PKCS12_Attribute + decode_PKCS12_Attributes + decode_PKCS12_AuthenticatedSafe + decode_PKCS12_CertBag + decode_PKCS12_MacData + decode_PKCS12_OctetString + decode_PKCS12_PBEParams + decode_PKCS12_PFX + decode_PKCS12_SafeBag + decode_PKCS12_SafeContents + decode_PKCS8Attributes + decode_PKCS8EncryptedData + decode_PKCS8EncryptedPrivateKeyInfo + decode_PKCS8PrivateKey + decode_PKCS8PrivateKeyAlgorithmIdentifier + decode_PKCS8PrivateKeyInfo + decode_PKCS9_BMPString + decode_PKCS9_friendlyName + decode_PKIXXmppAddr + decode_PROV_SRV_LOCATION + decode_PkinitSP80056AOtherInfo + decode_PkinitSuppPubInfo + decode_Principal + decode_PrincipalName + decode_Principals + decode_ProxyCertInfo + decode_ProxyPolicy + decode_RDNSequence + decode_RSAPrivateKey + decode_RSAPublicKey + decode_Realm + decode_RecipientIdentifier + decode_RecipientInfo + decode_RecipientInfos + decode_RelativeDistinguishedName + decode_ReplyKeyPack + decode_ReplyKeyPack_Win2k + decode_SAMFlags + decode_SignatureAlgorithmIdentifier + decode_SignatureValue + decode_SignedData + decode_SignerIdentifier + decode_SignerInfo + decode_SignerInfos + decode_SubjectKeyIdentifier + decode_SubjectPublicKeyInfo + decode_TBSCRLCertList + decode_TBSCertificate + decode_TD_DH_PARAMETERS + decode_TD_INVALID_CERTIFICATES + decode_TD_TRUSTED_CERTIFIERS + decode_TGS_REP + decode_TGS_REQ + decode_TYPED_DATA + decode_Ticket + decode_TicketFlags + decode_Time + decode_TransitedEncoding + decode_TrustedCA + decode_TrustedCA_Win2k + decode_TypedData + decode_UniqueIdentifier + decode_UnprotectedAttributes + decode_ValidationParms + decode_Validity + decode_Version + decode_heim_any + decode_heim_any_set + decode_krb5int32 + decode_krb5uint32 + der_copy_bit_string + der_copy_bmp_string + der_copy_general_string + der_copy_generalized_time + der_copy_heim_integer + der_copy_ia5_string + der_copy_integer + der_copy_octet_string + der_copy_oid + der_copy_printable_string + der_copy_universal_string + der_copy_unsigned + der_copy_utctime + der_copy_utf8string + der_copy_visible_string + der_free_bit_string + der_free_bmp_string + der_free_general_string + der_free_generalized_time + der_free_heim_integer + der_free_ia5_string + der_free_integer + der_free_octet_string + der_free_oid + der_free_printable_string + der_free_universal_string + der_free_unsigned + der_free_utctime + der_free_utf8string + der_free_visible_string + der_get_bit_string + der_get_bmp_string + der_get_boolean + der_get_class_name + der_get_class_num + der_get_general_string + der_get_generalized_time + der_get_heim_integer + der_get_ia5_string + der_get_integer + der_get_length + der_get_octet_string + der_get_octet_string_ber + der_get_oid + der_get_printable_string + der_get_tag + der_get_tag_name + der_get_tag_num + der_get_type_name + der_get_type_num + der_get_universal_string + der_get_unsigned + der_get_utctime + der_get_utf8string + der_get_visible_string + der_heim_bit_string_cmp + der_heim_bmp_string_cmp + der_heim_integer_cmp + der_heim_octet_string_cmp + der_heim_oid_cmp + der_heim_universal_string_cmp + der_ia5_string_cmp + der_length_bit_string + der_length_bmp_string + der_length_boolean + der_length_enumerated + der_length_general_string + der_length_generalized_time + der_length_heim_integer + der_length_ia5_string + der_length_integer + der_length_len + der_length_octet_string + der_length_oid + der_length_printable_string + der_length_tag + der_length_universal_string + der_length_unsigned + der_length_utctime + der_length_utf8string + der_length_visible_string + der_match_tag + der_match_tag2 + der_match_tag_and_length + der_parse_heim_oid + der_parse_hex_heim_integer + der_print_heim_oid + der_print_hex_heim_integer + der_printable_string_cmp + der_put_bit_string + der_put_bmp_string + der_put_boolean + der_put_general_string + der_put_generalized_time + der_put_heim_integer + der_put_ia5_string + der_put_integer + der_put_length + der_put_length_and_tag + der_put_octet_string + der_put_oid + der_put_printable_string + der_put_tag + der_put_universal_string + der_put_unsigned + der_put_utctime + der_put_utf8string + der_put_visible_string + encode_AD_AND_OR + encode_AD_IF_RELEVANT + encode_AD_INITIAL_VERIFIED_CAS + encode_AD_KDCIssued + encode_AD_LoginAlias + encode_AD_MANDATORY_FOR_KDC + encode_APOptions + encode_AP_REP + encode_AP_REQ + encode_AS_REP + encode_AS_REQ + encode_AUTHDATA_TYPE + encode_AccessDescription + encode_AlgorithmIdentifier + encode_Attribute + encode_AttributeType + encode_AttributeTypeAndValue + encode_AttributeValue + encode_AuthPack + encode_AuthPack_Win2k + encode_Authenticator + encode_AuthorityInfoAccessSyntax + encode_AuthorityKeyIdentifier + encode_AuthorizationData + encode_AuthorizationDataElement + encode_BaseDistance + encode_BasicConstraints + encode_CKSUMTYPE + encode_CMSAttributes + encode_CMSCBCParameter + encode_CMSEncryptedData + encode_CMSIdentifier + encode_CMSRC2CBCParameter + encode_CMSVersion + encode_CRLCertificateList + encode_CRLDistributionPoints + encode_CRLReason + encode_Certificate + encode_CertificateList + encode_CertificateRevocationLists + encode_CertificateSerialNumber + encode_CertificateSet + encode_Certificates + encode_ChangePasswdDataMS + encode_Checksum + encode_ContentEncryptionAlgorithmIdentifier + encode_ContentInfo + encode_ContentType + encode_DHNonce + encode_DHParameter + encode_DHPublicKey + encode_DHRepInfo + encode_DSAParams + encode_DSAPublicKey + encode_DSASigValue + encode_DigestAlgorithmIdentifier + encode_DigestAlgorithmIdentifiers + encode_DigestError + encode_DigestInfo + encode_DigestInit + encode_DigestInitReply + encode_DigestREP + encode_DigestREQ + encode_DigestRepInner + encode_DigestReqInner + encode_DigestRequest + encode_DigestResponse + encode_DigestTypes + encode_DirectoryString + encode_DistributionPoint + encode_DistributionPointName + encode_DistributionPointReasonFlags + encode_DomainParameters + encode_ECDSA_Sig_Value + encode_ECParameters + encode_ECPoint + encode_ENCTYPE + encode_ETYPE_INFO + encode_ETYPE_INFO2 + encode_ETYPE_INFO2_ENTRY + encode_ETYPE_INFO_ENTRY + encode_EncAPRepPart + encode_EncASRepPart + encode_EncKDCRepPart + encode_EncKrbCredPart + encode_EncKrbPrivPart + encode_EncTGSRepPart + encode_EncTicketPart + encode_EncapsulatedContentInfo + encode_EncryptedContent + encode_EncryptedContentInfo + encode_EncryptedData + encode_EncryptedKey + encode_EncryptionKey + encode_EnvelopedData + encode_EtypeList + encode_ExtKeyUsage + encode_Extension + encode_Extensions + encode_ExternalPrincipalIdentifier + encode_ExternalPrincipalIdentifiers + encode_FastOptions + encode_GeneralName + encode_GeneralNames + encode_GeneralSubtree + encode_GeneralSubtrees + encode_HostAddress + encode_HostAddresses + encode_IssuerAndSerialNumber + encode_KDCDHKeyInfo + encode_KDCDHKeyInfo_Win2k + encode_KDCOptions + encode_KDC_REP + encode_KDC_REQ + encode_KDC_REQ_BODY + encode_KDFAlgorithmId + encode_KRB5PrincipalName + encode_KRB5SignedPath + encode_KRB5SignedPathData + encode_KRB_CRED + encode_KRB_ERROR + encode_KRB_PRIV + encode_KRB_SAFE + encode_KRB_SAFE_BODY + encode_KX509_ERROR_CODE + encode_KerberosString + encode_KerberosTime + encode_KeyEncryptionAlgorithmIdentifier + encode_KeyIdentifier + encode_KeyTransRecipientInfo + encode_KeyUsage + encode_KrbCredInfo + encode_KrbFastArmor + encode_KrbFastArmoredRep + encode_KrbFastArmoredReq + encode_KrbFastFinished + encode_KrbFastReq + encode_KrbFastResponse + encode_Kx509Request + encode_Kx509Response + encode_LR_TYPE + encode_LastReq + encode_MESSAGE_TYPE + encode_METHOD_DATA + encode_MS_UPN_SAN + encode_MessageDigest + encode_NAME_TYPE + encode_NTLMInit + encode_NTLMInitReply + encode_NTLMReply + encode_NTLMRequest + encode_NTLMRequest2 + encode_NTLMResponse + encode_Name + encode_NameConstraints + encode_OriginatorInfo + encode_OtherName + encode_PADATA_TYPE + encode_PA_ClientCanonicalized + encode_PA_ClientCanonicalizedNames + encode_PA_DATA + encode_PA_ENC_SAM_RESPONSE_ENC + encode_PA_ENC_TS_ENC + encode_PA_FX_FAST_REPLY + encode_PA_FX_FAST_REQUEST + encode_PA_PAC_REQUEST + encode_PA_PK_AS_REP + encode_PA_PK_AS_REP_BTMM + encode_PA_PK_AS_REP_Win2k + encode_PA_PK_AS_REQ + encode_PA_PK_AS_REQ_Win2k + encode_PA_S4U2Self + encode_PA_SAM_CHALLENGE_2 + encode_PA_SAM_CHALLENGE_2_BODY + encode_PA_SAM_REDIRECT + encode_PA_SAM_RESPONSE_2 + encode_PA_SAM_TYPE + encode_PA_SERVER_REFERRAL_DATA + encode_PA_ServerReferralData + encode_PA_SvrReferralData + encode_PKAuthenticator + encode_PKAuthenticator_Win2k + encode_PKCS12_Attribute + encode_PKCS12_Attributes + encode_PKCS12_AuthenticatedSafe + encode_PKCS12_CertBag + encode_PKCS12_MacData + encode_PKCS12_OctetString + encode_PKCS12_PBEParams + encode_PKCS12_PFX + encode_PKCS12_SafeBag + encode_PKCS12_SafeContents + encode_PKCS8Attributes + encode_PKCS8EncryptedData + encode_PKCS8EncryptedPrivateKeyInfo + encode_PKCS8PrivateKey + encode_PKCS8PrivateKeyAlgorithmIdentifier + encode_PKCS8PrivateKeyInfo + encode_PKCS9_BMPString + encode_PKCS9_friendlyName + encode_PKIXXmppAddr + encode_PROV_SRV_LOCATION + encode_PkinitSP80056AOtherInfo + encode_PkinitSuppPubInfo + encode_Principal + encode_PrincipalName + encode_Principals + encode_ProxyCertInfo + encode_ProxyPolicy + encode_RDNSequence + encode_RSAPrivateKey + encode_RSAPublicKey + encode_Realm + encode_RecipientIdentifier + encode_RecipientInfo + encode_RecipientInfos + encode_RelativeDistinguishedName + encode_ReplyKeyPack + encode_ReplyKeyPack_Win2k + encode_SAMFlags + encode_SignatureAlgorithmIdentifier + encode_SignatureValue + encode_SignedData + encode_SignerIdentifier + encode_SignerInfo + encode_SignerInfos + encode_SubjectKeyIdentifier + encode_SubjectPublicKeyInfo + encode_TBSCRLCertList + encode_TBSCertificate + encode_TD_DH_PARAMETERS + encode_TD_INVALID_CERTIFICATES + encode_TD_TRUSTED_CERTIFIERS + encode_TGS_REP + encode_TGS_REQ + encode_TYPED_DATA + encode_Ticket + encode_TicketFlags + encode_Time + encode_TransitedEncoding + encode_TrustedCA + encode_TrustedCA_Win2k + encode_TypedData + encode_UniqueIdentifier + encode_UnprotectedAttributes + encode_ValidationParms + encode_Validity + encode_Version + encode_heim_any + encode_heim_any_set + encode_krb5int32 + encode_krb5uint32 + free_AD_AND_OR + free_AD_IF_RELEVANT + free_AD_INITIAL_VERIFIED_CAS + free_AD_KDCIssued + free_AD_LoginAlias + free_AD_MANDATORY_FOR_KDC + free_APOptions + free_AP_REP + free_AP_REQ + free_AS_REP + free_AS_REQ + free_AUTHDATA_TYPE + free_AccessDescription + free_AlgorithmIdentifier + free_Attribute + free_AttributeType + free_AttributeTypeAndValue + free_AttributeValue + free_AuthPack + free_AuthPack_Win2k + free_Authenticator + free_AuthorityInfoAccessSyntax + free_AuthorityKeyIdentifier + free_AuthorizationData + free_AuthorizationDataElement + free_BaseDistance + free_BasicConstraints + free_CKSUMTYPE + free_CMSAttributes + free_CMSCBCParameter + free_CMSEncryptedData + free_CMSIdentifier + free_CMSRC2CBCParameter + free_CMSVersion + free_CRLCertificateList + free_CRLDistributionPoints + free_CRLReason + free_Certificate + free_CertificateList + free_CertificateRevocationLists + free_CertificateSerialNumber + free_CertificateSet + free_Certificates + free_ChangePasswdDataMS + free_Checksum + free_ContentEncryptionAlgorithmIdentifier + free_ContentInfo + free_ContentType + free_DHNonce + free_DHParameter + free_DHPublicKey + free_DHRepInfo + free_DSAParams + free_DSAPublicKey + free_DSASigValue + free_DigestAlgorithmIdentifier + free_DigestAlgorithmIdentifiers + free_DigestError + free_DigestInfo + free_DigestInit + free_DigestInitReply + free_DigestREP + free_DigestREQ + free_DigestRepInner + free_DigestReqInner + free_DigestRequest + free_DigestResponse + free_DigestTypes + free_DirectoryString + free_DistributionPoint + free_DistributionPointName + free_DistributionPointReasonFlags + free_DomainParameters + free_ECDSA_Sig_Value + free_ECParameters + free_ECPoint + free_ENCTYPE + free_ETYPE_INFO + free_ETYPE_INFO2 + free_ETYPE_INFO2_ENTRY + free_ETYPE_INFO_ENTRY + free_EncAPRepPart + free_EncASRepPart + free_EncKDCRepPart + free_EncKrbCredPart + free_EncKrbPrivPart + free_EncTGSRepPart + free_EncTicketPart + free_EncapsulatedContentInfo + free_EncryptedContent + free_EncryptedContentInfo + free_EncryptedData + free_EncryptedKey + free_EncryptionKey + free_EnvelopedData + free_EtypeList + free_ExtKeyUsage + free_Extension + free_Extensions + free_ExternalPrincipalIdentifier + free_ExternalPrincipalIdentifiers + free_FastOptions + free_GeneralName + free_GeneralNames + free_GeneralSubtree + free_GeneralSubtrees + free_HostAddress + free_HostAddresses + free_IssuerAndSerialNumber + free_KDCDHKeyInfo + free_KDCDHKeyInfo_Win2k + free_KDCOptions + free_KDC_REP + free_KDC_REQ + free_KDC_REQ_BODY + free_KDFAlgorithmId + free_KRB5PrincipalName + free_KRB5SignedPath + free_KRB5SignedPathData + free_KRB_CRED + free_KRB_ERROR + free_KRB_PRIV + free_KRB_SAFE + free_KRB_SAFE_BODY + free_KX509_ERROR_CODE + free_KerberosString + free_KerberosTime + free_KeyEncryptionAlgorithmIdentifier + free_KeyIdentifier + free_KeyTransRecipientInfo + free_KeyUsage + free_KrbCredInfo + free_KrbFastArmor + free_KrbFastArmoredRep + free_KrbFastArmoredReq + free_KrbFastFinished + free_KrbFastReq + free_KrbFastResponse + free_Kx509Request + free_Kx509Response + free_LR_TYPE + free_LastReq + free_MESSAGE_TYPE + free_METHOD_DATA + free_MS_UPN_SAN + free_MessageDigest + free_NAME_TYPE + free_NTLMInit + free_NTLMInitReply + free_NTLMReply + free_NTLMRequest + free_NTLMRequest2 + free_NTLMResponse + free_Name + free_NameConstraints + free_OriginatorInfo + free_OtherName + free_PADATA_TYPE + free_PA_ClientCanonicalized + free_PA_ClientCanonicalizedNames + free_PA_DATA + free_PA_ENC_SAM_RESPONSE_ENC + free_PA_ENC_TS_ENC + free_PA_FX_FAST_REPLY + free_PA_FX_FAST_REQUEST + free_PA_PAC_REQUEST + free_PA_PK_AS_REP + free_PA_PK_AS_REP_BTMM + free_PA_PK_AS_REP_Win2k + free_PA_PK_AS_REQ + free_PA_PK_AS_REQ_Win2k + free_PA_S4U2Self + free_PA_SAM_CHALLENGE_2 + free_PA_SAM_CHALLENGE_2_BODY + free_PA_SAM_REDIRECT + free_PA_SAM_RESPONSE_2 + free_PA_SAM_TYPE + free_PA_SERVER_REFERRAL_DATA + free_PA_ServerReferralData + free_PA_SvrReferralData + free_PKAuthenticator + free_PKAuthenticator_Win2k + free_PKCS12_Attribute + free_PKCS12_Attributes + free_PKCS12_AuthenticatedSafe + free_PKCS12_CertBag + free_PKCS12_MacData + free_PKCS12_OctetString + free_PKCS12_PBEParams + free_PKCS12_PFX + free_PKCS12_SafeBag + free_PKCS12_SafeContents + free_PKCS8Attributes + free_PKCS8EncryptedData + free_PKCS8EncryptedPrivateKeyInfo + free_PKCS8PrivateKey + free_PKCS8PrivateKeyAlgorithmIdentifier + free_PKCS8PrivateKeyInfo + free_PKCS9_BMPString + free_PKCS9_friendlyName + free_PKIXXmppAddr + free_PROV_SRV_LOCATION + free_PkinitSP80056AOtherInfo + free_PkinitSuppPubInfo + free_Principal + free_PrincipalName + free_Principals + free_ProxyCertInfo + free_ProxyPolicy + free_RDNSequence + free_RSAPrivateKey + free_RSAPublicKey + free_Realm + free_RecipientIdentifier + free_RecipientInfo + free_RecipientInfos + free_RelativeDistinguishedName + free_ReplyKeyPack + free_ReplyKeyPack_Win2k + free_SAMFlags + free_SignatureAlgorithmIdentifier + free_SignatureValue + free_SignedData + free_SignerIdentifier + free_SignerInfo + free_SignerInfos + free_SubjectKeyIdentifier + free_SubjectPublicKeyInfo + free_TBSCRLCertList + free_TBSCertificate + free_TD_DH_PARAMETERS + free_TD_INVALID_CERTIFICATES + free_TD_TRUSTED_CERTIFIERS + free_TGS_REP + free_TGS_REQ + free_TYPED_DATA + free_Ticket + free_TicketFlags + free_Time + free_TransitedEncoding + free_TrustedCA + free_TrustedCA_Win2k + free_TypedData + free_UniqueIdentifier + free_UnprotectedAttributes + free_ValidationParms + free_Validity + free_Version + free_heim_any + free_heim_any_set + free_krb5int32 + free_krb5uint32 + heim_any_cmp + initialize_asn1_error_table + initialize_asn1_error_table_r + int2APOptions + int2DigestTypes + int2DistributionPointReasonFlags + int2FastOptions + int2KDCOptions + int2KeyUsage + int2SAMFlags + int2TicketFlags + length_AD_AND_OR + length_AD_IF_RELEVANT + length_AD_INITIAL_VERIFIED_CAS + length_AD_KDCIssued + length_AD_LoginAlias + length_AD_MANDATORY_FOR_KDC + length_APOptions + length_AP_REP + length_AP_REQ + length_AS_REP + length_AS_REQ + length_AUTHDATA_TYPE + length_AccessDescription + length_AlgorithmIdentifier + length_Attribute + length_AttributeType + length_AttributeTypeAndValue + length_AttributeValue + length_AuthPack + length_AuthPack_Win2k + length_Authenticator + length_AuthorityInfoAccessSyntax + length_AuthorityKeyIdentifier + length_AuthorizationData + length_AuthorizationDataElement + length_BaseDistance + length_BasicConstraints + length_CKSUMTYPE + length_CMSAttributes + length_CMSCBCParameter + length_CMSEncryptedData + length_CMSIdentifier + length_CMSRC2CBCParameter + length_CMSVersion + length_CRLCertificateList + length_CRLDistributionPoints + length_CRLReason + length_Certificate + length_CertificateList + length_CertificateRevocationLists + length_CertificateSerialNumber + length_CertificateSet + length_Certificates + length_ChangePasswdDataMS + length_Checksum + length_ContentEncryptionAlgorithmIdentifier + length_ContentInfo + length_ContentType + length_DHNonce + length_DHParameter + length_DHPublicKey + length_DHRepInfo + length_DSAParams + length_DSAPublicKey + length_DSASigValue + length_DigestAlgorithmIdentifier + length_DigestAlgorithmIdentifiers + length_DigestError + length_DigestInfo + length_DigestInit + length_DigestInitReply + length_DigestREP + length_DigestREQ + length_DigestRepInner + length_DigestReqInner + length_DigestRequest + length_DigestResponse + length_DigestTypes + length_DirectoryString + length_DistributionPoint + length_DistributionPointName + length_DistributionPointReasonFlags + length_DomainParameters + length_ECDSA_Sig_Value + length_ECParameters + length_ECPoint + length_ENCTYPE + length_ETYPE_INFO + length_ETYPE_INFO2 + length_ETYPE_INFO2_ENTRY + length_ETYPE_INFO_ENTRY + length_EncAPRepPart + length_EncASRepPart + length_EncKDCRepPart + length_EncKrbCredPart + length_EncKrbPrivPart + length_EncTGSRepPart + length_EncTicketPart + length_EncapsulatedContentInfo + length_EncryptedContent + length_EncryptedContentInfo + length_EncryptedData + length_EncryptedKey + length_EncryptionKey + length_EnvelopedData + length_EtypeList + length_ExtKeyUsage + length_Extension + length_Extensions + length_ExternalPrincipalIdentifier + length_ExternalPrincipalIdentifiers + length_FastOptions + length_GeneralName + length_GeneralNames + length_GeneralSubtree + length_GeneralSubtrees + length_HostAddress + length_HostAddresses + length_IssuerAndSerialNumber + length_KDCDHKeyInfo + length_KDCDHKeyInfo_Win2k + length_KDCOptions + length_KDC_REP + length_KDC_REQ + length_KDC_REQ_BODY + length_KDFAlgorithmId + length_KRB5PrincipalName + length_KRB5SignedPath + length_KRB5SignedPathData + length_KRB_CRED + length_KRB_ERROR + length_KRB_PRIV + length_KRB_SAFE + length_KRB_SAFE_BODY + length_KX509_ERROR_CODE + length_KerberosString + length_KerberosTime + length_KeyEncryptionAlgorithmIdentifier + length_KeyIdentifier + length_KeyTransRecipientInfo + length_KeyUsage + length_KrbCredInfo + length_KrbFastArmor + length_KrbFastArmoredRep + length_KrbFastArmoredReq + length_KrbFastFinished + length_KrbFastReq + length_KrbFastResponse + length_Kx509Request + length_Kx509Response + length_LR_TYPE + length_LastReq + length_MESSAGE_TYPE + length_METHOD_DATA + length_MS_UPN_SAN + length_MessageDigest + length_NAME_TYPE + length_NTLMInit + length_NTLMInitReply + length_NTLMReply + length_NTLMRequest + length_NTLMRequest2 + length_NTLMResponse + length_Name + length_NameConstraints + length_OriginatorInfo + length_OtherName + length_PADATA_TYPE + length_PA_ClientCanonicalized + length_PA_ClientCanonicalizedNames + length_PA_DATA + length_PA_ENC_SAM_RESPONSE_ENC + length_PA_ENC_TS_ENC + length_PA_FX_FAST_REPLY + length_PA_FX_FAST_REQUEST + length_PA_PAC_REQUEST + length_PA_PK_AS_REP + length_PA_PK_AS_REP_BTMM + length_PA_PK_AS_REP_Win2k + length_PA_PK_AS_REQ + length_PA_PK_AS_REQ_Win2k + length_PA_S4U2Self + length_PA_SAM_CHALLENGE_2 + length_PA_SAM_CHALLENGE_2_BODY + length_PA_SAM_REDIRECT + length_PA_SAM_RESPONSE_2 + length_PA_SAM_TYPE + length_PA_SERVER_REFERRAL_DATA + length_PA_ServerReferralData + length_PA_SvrReferralData + length_PKAuthenticator + length_PKAuthenticator_Win2k + length_PKCS12_Attribute + length_PKCS12_Attributes + length_PKCS12_AuthenticatedSafe + length_PKCS12_CertBag + length_PKCS12_MacData + length_PKCS12_OctetString + length_PKCS12_PBEParams + length_PKCS12_PFX + length_PKCS12_SafeBag + length_PKCS12_SafeContents + length_PKCS8Attributes + length_PKCS8EncryptedData + length_PKCS8EncryptedPrivateKeyInfo + length_PKCS8PrivateKey + length_PKCS8PrivateKeyAlgorithmIdentifier + length_PKCS8PrivateKeyInfo + length_PKCS9_BMPString + length_PKCS9_friendlyName + length_PKIXXmppAddr + length_PROV_SRV_LOCATION + length_PkinitSP80056AOtherInfo + length_PkinitSuppPubInfo + length_Principal + length_PrincipalName + length_Principals + length_ProxyCertInfo + length_ProxyPolicy + length_RDNSequence + length_RSAPrivateKey + length_RSAPublicKey + length_Realm + length_RecipientIdentifier + length_RecipientInfo + length_RecipientInfos + length_RelativeDistinguishedName + length_ReplyKeyPack + length_ReplyKeyPack_Win2k + length_SAMFlags + length_SignatureAlgorithmIdentifier + length_SignatureValue + length_SignedData + length_SignerIdentifier + length_SignerInfo + length_SignerInfos + length_SubjectKeyIdentifier + length_SubjectPublicKeyInfo + length_TBSCRLCertList + length_TBSCertificate + length_TD_DH_PARAMETERS + length_TD_INVALID_CERTIFICATES + length_TD_TRUSTED_CERTIFIERS + length_TGS_REP + length_TGS_REQ + length_TYPED_DATA + length_Ticket + length_TicketFlags + length_Time + length_TransitedEncoding + length_TrustedCA + length_TrustedCA_Win2k + length_TypedData + length_UniqueIdentifier + length_UnprotectedAttributes + length_ValidationParms + length_Validity + length_Version + length_heim_any + length_heim_any_set + length_krb5int32 + length_krb5uint32 + remove_AuthorizationData + remove_CRLDistributionPoints + remove_DigestAlgorithmIdentifiers + remove_ETYPE_INFO + remove_ETYPE_INFO2 + remove_Extensions + remove_GeneralNames + remove_METHOD_DATA + remove_Principals diff --git a/lib/asn1/main.c b/lib/asn1/main.c index 3b4a8122cada..f22dc8792c27 100644 --- a/lib/asn1/main.c +++ b/lib/asn1/main.c @@ -1,41 +1,41 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "gen_locl.h" #include #include "lex.h" -RCSID("$Id: main.c 20858 2007-06-03 18:56:41Z lha $"); +RCSID("$Id$"); extern FILE *yyin; @@ -62,15 +62,22 @@ seq_type(const char *p) return 0; } -int dce_fix; +int support_ber; +int template_flag; int rfc1510_bitstring; +int one_code_file; +char *option_file; int version_flag; int help_flag; struct getargs args[] = { + { "template", 0, arg_flag, &template_flag }, { "encode-rfc1510-bit-string", 0, arg_flag, &rfc1510_bitstring }, - { "decode-dce-ber", 0, arg_flag, &dce_fix }, + { "decode-dce-ber", 0, arg_flag, &support_ber }, + { "support-ber", 0, arg_flag, &support_ber }, { "preserve-binary", 0, arg_strings, &preserve }, { "sequence", 0, arg_strings, &seq }, + { "one-code-file", 0, arg_flag, &one_code_file }, + { "option-file", 0, arg_string, &option_file }, { "version", 0, arg_flag, &version_flag }, { "help", 0, arg_flag, &help_flag } }; @@ -92,6 +99,8 @@ main(int argc, char **argv) const char *file; const char *name = NULL; int optidx = 0; + char **arg = NULL; + size_t len = 0, i; setprogname(argv[0]); if(getarg(args, num_args, argc, argv, &optidx)) @@ -121,7 +130,62 @@ main(int argc, char **argv) name = argv[optidx + 1]; } + /* + * Parse extra options file + */ + if (option_file) { + char buf[1024]; + FILE *opt; + + opt = fopen(option_file, "r"); + if (opt == NULL) { + perror("open"); + exit(1); + } + + arg = calloc(2, sizeof(arg[0])); + if (arg == NULL) { + perror("calloc"); + exit(1); + } + arg[0] = option_file; + arg[1] = NULL; + len = 1; + + while (fgets(buf, sizeof(buf), opt) != NULL) { + buf[strcspn(buf, "\n\r")] = '\0'; + + arg = realloc(arg, (len + 2) * sizeof(arg[0])); + if (arg == NULL) { + perror("malloc"); + exit(1); + } + arg[len] = strdup(buf); + if (arg[len] == NULL) { + perror("strdup"); + exit(1); + } + arg[len + 1] = NULL; + len++; + } + fclose(opt); + + optidx = 0; + if(getarg(args, num_args, len, arg, &optidx)) + usage(1); + + if (len != optidx) { + fprintf(stderr, "extra args"); + exit(1); + } + } + + init_generate (file, name); + + if (one_code_file) + generate_header_of_codefile(name); + initsym (); ret = yyparse (); if(ret != 0 || error_flag != 0) @@ -129,5 +193,15 @@ main(int argc, char **argv) close_generate (); if (argc != optidx) fclose(yyin); + + if (one_code_file) + close_codefile(); + + if (arg) { + for (i = 1; i < len; i++) + free(arg[i]); + free(arg); + } + return 0; } diff --git a/lib/asn1/pkcs12.asn1 b/lib/asn1/pkcs12.asn1 index 37fe03e58e8a..8b604c68d7e4 100644 --- a/lib/asn1/pkcs12.asn1 +++ b/lib/asn1/pkcs12.asn1 @@ -1,4 +1,4 @@ --- $Id: pkcs12.asn1 15715 2005-07-23 11:08:47Z lha $ -- +-- $Id$ -- PKCS12 DEFINITIONS ::= @@ -50,7 +50,7 @@ PKCS12-AuthenticatedSafe ::= SEQUENCE OF ContentInfo PKCS12-Attribute ::= SEQUENCE { attrId OBJECT IDENTIFIER, - attrValues -- SET OF -- heim_any_set + attrValues -- SET OF -- heim_any_set } PKCS12-Attributes ::= SET OF PKCS12-Attribute diff --git a/lib/asn1/pkcs8.asn1 b/lib/asn1/pkcs8.asn1 index 911e727c7085..45a7d715dfce 100644 --- a/lib/asn1/pkcs8.asn1 +++ b/lib/asn1/pkcs8.asn1 @@ -1,4 +1,4 @@ --- $Id: pkcs8.asn1 16060 2005-09-13 19:41:29Z lha $ -- +-- $Id$ -- PKCS8 DEFINITIONS ::= @@ -24,7 +24,7 @@ PKCS8EncryptedData ::= OCTET STRING PKCS8EncryptedPrivateKeyInfo ::= SEQUENCE { encryptionAlgorithm AlgorithmIdentifier, - encryptedData PKCS8EncryptedData + encryptedData PKCS8EncryptedData } END diff --git a/lib/asn1/pkcs9.asn1 b/lib/asn1/pkcs9.asn1 index d985e91f3c03..50bf9dd1cd71 100644 --- a/lib/asn1/pkcs9.asn1 +++ b/lib/asn1/pkcs9.asn1 @@ -1,4 +1,4 @@ --- $Id: pkcs9.asn1 17202 2006-04-24 08:59:10Z lha $ -- +-- $Id$ -- PKCS9 DEFINITIONS ::= diff --git a/lib/asn1/pkinit.asn1 b/lib/asn1/pkinit.asn1 index 989b26581b3a..f36ebf0b32fb 100644 --- a/lib/asn1/pkinit.asn1 +++ b/lib/asn1/pkinit.asn1 @@ -17,16 +17,21 @@ id-pkrkeydata OBJECT IDENTIFIER ::= { id-pkinit 3 } id-pkekuoid OBJECT IDENTIFIER ::= { id-pkinit 4 } id-pkkdcekuoid OBJECT IDENTIFIER ::= { id-pkinit 5 } +id-pkinit-kdf OBJECT IDENTIFIER ::= { id-pkinit 6 } +id-pkinit-kdf-ah-sha1 OBJECT IDENTIFIER ::= { id-pkinit-kdf 1 } +id-pkinit-kdf-ah-sha256 OBJECT IDENTIFIER ::= { id-pkinit-kdf 2 } +id-pkinit-kdf-ah-sha512 OBJECT IDENTIFIER ::= { id-pkinit-kdf 3 } + id-pkinit-san OBJECT IDENTIFIER ::= { iso(1) org(3) dod(6) internet(1) security(5) kerberosv5(2) x509-sanan(2) } id-pkinit-ms-eku OBJECT IDENTIFIER ::= - { iso(1) org(3) dod(6) internet(1) private(4) + { iso(1) org(3) dod(6) internet(1) private(4) enterprise(1) microsoft(311) 20 2 2 } id-pkinit-ms-san OBJECT IDENTIFIER ::= - { iso(1) org(3) dod(6) internet(1) private(4) + { iso(1) org(3) dod(6) internet(1) private(4) enterprise(1) microsoft(311) 20 2 3 } MS-UPN-SAN ::= UTF8String @@ -147,19 +152,18 @@ TrustedCA-Win2k ::= CHOICE { issuerAndSerial [2] IssuerAndSerialNumber } -PA-PK-AS-REQ-Win2k ::= SEQUENCE { - signed-auth-pack [0] IMPLICIT OCTET STRING, - trusted-certifiers [2] SEQUENCE OF TrustedCA-Win2k OPTIONAL, - kdc-cert [3] IMPLICIT OCTET STRING OPTIONAL, +PA-PK-AS-REQ-Win2k ::= SEQUENCE { + signed-auth-pack [0] IMPLICIT OCTET STRING, + trusted-certifiers [2] SEQUENCE OF TrustedCA-Win2k OPTIONAL, + kdc-cert [3] IMPLICIT OCTET STRING OPTIONAL, encryption-cert [4] IMPLICIT OCTET STRING OPTIONAL } PA-PK-AS-REP-Win2k ::= CHOICE { - dhSignedData [0] IMPLICIT OCTET STRING, + dhSignedData [0] IMPLICIT OCTET STRING, encKeyPack [1] IMPLICIT OCTET STRING } - KDCDHKeyInfo-Win2k ::= SEQUENCE { nonce [0] INTEGER (-2147483648..2147483647), subjectPublicKey [2] BIT STRING @@ -171,6 +175,20 @@ ReplyKeyPack-Win2k ::= SEQUENCE { ... } +PA-PK-AS-REP-BTMM ::= SEQUENCE { + dhSignedData [0] heim_any OPTIONAL, + encKeyPack [1] heim_any OPTIONAL +} + + +PkinitSP80056AOtherInfo ::= SEQUENCE { + algorithmID AlgorithmIdentifier, + partyUInfo [0] OCTET STRING, + partyVInfo [1] OCTET STRING, + suppPubInfo [2] OCTET STRING OPTIONAL, + suppPrivInfo [3] OCTET STRING OPTIONAL +} + PkinitSuppPubInfo ::= SEQUENCE { enctype [0] INTEGER (-2147483648..2147483647), as-REQ [1] OCTET STRING, diff --git a/lib/asn1/rfc2459.asn1 b/lib/asn1/rfc2459.asn1 index 8e24f0740b8a..5df9e41fffd2 100644 --- a/lib/asn1/rfc2459.asn1 +++ b/lib/asn1/rfc2459.asn1 @@ -6,7 +6,7 @@ RFC2459 DEFINITIONS ::= BEGIN IMPORTS heim_any FROM heim; Version ::= INTEGER { - rfc3280_version_1(0), + rfc3280_version_1(0), rfc3280_version_2(1), rfc3280_version_3(2) } @@ -29,7 +29,7 @@ id-pkcs2-md2 OBJECT IDENTIFIER ::= { id-pkcs-2 2 } id-pkcs2-md4 OBJECT IDENTIFIER ::= { id-pkcs-2 4 } id-pkcs2-md5 OBJECT IDENTIFIER ::= { id-pkcs-2 5 } -id-rsa-digestAlgorithm OBJECT IDENTIFIER ::= +id-rsa-digestAlgorithm OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) 2 } id-rsa-digest-md2 OBJECT IDENTIFIER ::= { id-rsa-digestAlgorithm 2 } @@ -52,9 +52,12 @@ id-rsadsi-des-ede3-cbc OBJECT IDENTIFIER ::= { id-rsadsi-encalg 7 } id-secsig-sha-1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithm(2) 26 } +id-secsig-sha-1WithRSAEncryption OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) + oiw(14) secsig(3) algorithm(2) 29 } + id-nistAlgorithm OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) 4 } - + id-nist-aes-algs OBJECT IDENTIFIER ::= { id-nistAlgorithm 1 } id-aes-128-cbc OBJECT IDENTIFIER ::= { id-nist-aes-algs 2 } @@ -72,9 +75,42 @@ id-dhpublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 } +-- ECC + +id-ecPublicKey OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } + +id-ecDH OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) schemes(1) + ecdh(12) } + +id-ecMQV OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) schemes(1) + ecmqv(13) } + +id-ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + ecdsa-with-SHA2(3) 2 } + +id-ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 1 } + +-- some EC group ids + +id-ec-group-secp256r1 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) + prime(1) 7 } + +id-ec-group-secp160r1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) 0 8 } + +id-ec-group-secp160r2 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) certicom(132) 0 30 } + +-- DSA + id-x9-57 OBJECT IDENTIFIER ::= { - iso(1) member-body(2) us(840) ansi-x942(10046) - 4 } + iso(1) member-body(2) us(840) ansi-x942(10046) 4 } id-dsa OBJECT IDENTIFIER ::= { id-x9-57 1 } id-dsa-with-sha1 OBJECT IDENTIFIER ::= { id-x9-57 3 } @@ -117,11 +153,9 @@ AttributeType ::= OBJECT IDENTIFIER AttributeValue ::= heim_any -TeletexStringx ::= [UNIVERSAL 20] IMPLICIT OCTET STRING - DirectoryString ::= CHOICE { ia5String IA5String, - teletexString TeletexStringx, + teletexString TeletexString, printableString PrintableString, universalString UniversalString, utf8String UTF8String, @@ -210,6 +244,13 @@ DomainParameters ::= SEQUENCE { validationParms ValidationParms OPTIONAL -- ValidationParms } +-- As defined by PKCS3 +DHParameter ::= SEQUENCE { + prime INTEGER, -- odd prime, p=jq +1 + base INTEGER, -- generator, g + privateValueLength INTEGER OPTIONAL +} + DHPublicKey ::= INTEGER OtherName ::= SEQUENCE { @@ -256,8 +297,8 @@ KeyIdentifier ::= OCTET STRING AuthorityKeyIdentifier ::= SEQUENCE { keyIdentifier [0] IMPLICIT OCTET STRING OPTIONAL, - authorityCertIssuer [1] IMPLICIT -- GeneralName -- - SEQUENCE -- SIZE (1..MAX) -- OF GeneralName OPTIONAL, + authorityCertIssuer [1] IMPLICIT -- GeneralName -- + SEQUENCE -- SIZE (1..MAX) -- OF GeneralName OPTIONAL, authorityCertSerialNumber [2] IMPLICIT INTEGER OPTIONAL } @@ -269,7 +310,7 @@ id-x509-ce-basicConstraints OBJECT IDENTIFIER ::= { id-x509-ce 19 } BasicConstraints ::= SEQUENCE { cA BOOLEAN OPTIONAL -- DEFAULT FALSE --, - pathLenConstraint INTEGER (0..4294967295) OPTIONAL + pathLenConstraint INTEGER (0..4294967295) OPTIONAL } id-x509-ce-nameConstraints OBJECT IDENTIFIER ::= { id-x509-ce 30 } @@ -350,6 +391,21 @@ DSAParams ::= SEQUENCE { g INTEGER } +-- draft-ietf-pkix-ecc-subpubkeyinfo-11 + +ECPoint ::= OCTET STRING + +ECParameters ::= CHOICE { + namedCurve OBJECT IDENTIFIER + -- implicitCurve NULL + -- specifiedCurve SpecifiedECDomain +} + +ECDSA-Sig-Value ::= SEQUENCE { + r INTEGER, + s INTEGER +} + -- really pkcs1 RSAPublicKey ::= SEQUENCE { @@ -382,7 +438,7 @@ DigestInfo ::= SEQUENCE { -- szOID_CERTIFICATE_TEMPLATE "1.3.6.1.4.1.311.21.7" is Encoded as: --- TemplateVersion ::= INTEGER (0..4294967295) +-- TemplateVersion ::= INTEGER (0..4294967295) -- CertificateTemplate ::= SEQUENCE { -- templateID OBJECT IDENTIFIER, @@ -393,7 +449,7 @@ DigestInfo ::= SEQUENCE { -- -- CRL --- +-- TBSCRLCertList ::= SEQUENCE { version Version OPTIONAL, -- if present, MUST be v2 @@ -489,16 +545,16 @@ id-uspkicommon-piv-interim OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 6 9 1 } --- Netscape extentions -id-netscape OBJECT IDENTIFIER ::= +id-netscape OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) netscape(113730) } id-netscape-cert-comment OBJECT IDENTIFIER ::= { id-netscape 1 13 } --- MS extentions -id-ms-cert-enroll-domaincontroller OBJECT IDENTIFIER ::= +id-ms-cert-enroll-domaincontroller OBJECT IDENTIFIER ::= { 1 3 6 1 4 1 311 20 2 } -id-ms-client-authentication OBJECT IDENTIFIER ::= +id-ms-client-authentication OBJECT IDENTIFIER ::= { 1 3 6 1 5 5 7 3 2 } -- DER:1e:20:00:44:00:6f:00:6d:00:61:00:69:00:6e:00:43:00:6f:00:6e:00:74:00:72:00:6f:00:6c:00:6c:00:65:00:72 diff --git a/lib/asn1/setchgpw2.asn1 b/lib/asn1/setchgpw2.asn1 index 7db385423383..2f52cb1ceb1a 100644 --- a/lib/asn1/setchgpw2.asn1 +++ b/lib/asn1/setchgpw2.asn1 @@ -1,4 +1,4 @@ --- $Id: setchgpw2.asn1 18010 2006-09-05 12:31:59Z lha $ +-- $Id$ SETCHGPW2 DEFINITIONS ::= BEGIN @@ -138,7 +138,7 @@ Op-req ::= CHOICE { get-supported-etypes[5] Req-get-supported-etypes, ... } - + Op-rep ::= CHOICE { null[0] Rep-null, change-pw[1] Rep-change-pw, diff --git a/lib/asn1/symbol.c b/lib/asn1/symbol.c index 9407915c19b7..b05f68fa74a9 100644 --- a/lib/asn1/symbol.c +++ b/lib/asn1/symbol.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -34,8 +34,6 @@ #include "gen_locl.h" #include "lex.h" -RCSID("$Id: symbol.c 15617 2005-07-12 06:27:42Z lha $"); - static Hashtab *htab; static int @@ -68,7 +66,7 @@ output_name(char *s) char *p; for (p = s; *p; ++p) - if (*p == '-') + if (*p == '-' || *p == '.') *p = '_'; } @@ -95,7 +93,7 @@ checkfunc(void *ptr, void *arg) { Symbol *s = ptr; if (s->stype == SUndefined) { - error_message("%s is still undefined\n", s->name); + lex_error_message("%s is still undefined\n", s->name); *(int *) arg = 1; } return 0; diff --git a/lib/asn1/symbol.h b/lib/asn1/symbol.h index d07caf559042..a39c8f46512d 100644 --- a/lib/asn1/symbol.h +++ b/lib/asn1/symbol.h @@ -1,63 +1,64 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: symbol.h 19539 2006-12-28 17:15:05Z lha $ */ +/* $Id$ */ #ifndef _SYMBOL_H #define _SYMBOL_H #include "asn1_queue.h" -enum typetype { +enum typetype { TBitString, TBoolean, - TChoice, + TChoice, TEnumerated, - TGeneralString, - TGeneralizedTime, + TGeneralString, + TTeletexString, + TGeneralizedTime, TIA5String, - TInteger, + TInteger, TNull, - TOID, - TOctetString, + TOID, + TOctetString, TPrintableString, - TSequence, + TSequence, TSequenceOf, - TSet, + TSet, TSetOf, - TTag, - TType, - TUTCTime, + TTag, + TType, + TUTCTime, TUTF8String, TBMPString, TUniversalString, @@ -69,10 +70,10 @@ typedef enum typetype Typetype; struct type; struct value { - enum { booleanvalue, - nullvalue, - integervalue, - stringvalue, + enum { booleanvalue, + nullvalue, + integervalue, + stringvalue, objectidentifiervalue } type; union { diff --git a/lib/asn1/template.c b/lib/asn1/template.c new file mode 100644 index 000000000000..3e0b6932357e --- /dev/null +++ b/lib/asn1/template.c @@ -0,0 +1,1119 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "der_locl.h" +#include + +#if 0 +#define ABORT_ON_ERROR() abort() +#else +#define ABORT_ON_ERROR() do { } while(0) +#endif + +#define DPOC(data,offset) ((const void *)(((const unsigned char *)data) + offset)) +#define DPO(data,offset) ((void *)(((unsigned char *)data) + offset)) + + +static struct asn1_type_func prim[] = { +#define el(name, type) { \ + (asn1_type_encode)der_put_##name, \ + (asn1_type_decode)der_get_##name, \ + (asn1_type_length)der_length_##name, \ + (asn1_type_copy)der_copy_##name, \ + (asn1_type_release)der_free_##name, \ + sizeof(type) \ + } +#define elber(name, type) { \ + (asn1_type_encode)der_put_##name, \ + (asn1_type_decode)der_get_##name##_ber, \ + (asn1_type_length)der_length_##name, \ + (asn1_type_copy)der_copy_##name, \ + (asn1_type_release)der_free_##name, \ + sizeof(type) \ + } + el(integer, int), + el(heim_integer, heim_integer), + el(integer, int), + el(unsigned, unsigned), + el(general_string, heim_general_string), + el(octet_string, heim_octet_string), + elber(octet_string, heim_octet_string), + el(ia5_string, heim_ia5_string), + el(bmp_string, heim_bmp_string), + el(universal_string, heim_universal_string), + el(printable_string, heim_printable_string), + el(visible_string, heim_visible_string), + el(utf8string, heim_utf8_string), + el(generalized_time, time_t), + el(utctime, time_t), + el(bit_string, heim_bit_string), + { (asn1_type_encode)der_put_boolean, (asn1_type_decode)der_get_boolean, + (asn1_type_length)der_length_boolean, (asn1_type_copy)der_copy_integer, + (asn1_type_release)der_free_integer, sizeof(int) + }, + el(oid, heim_oid), + el(general_string, heim_general_string), +#undef el +#undef elber +}; + +static size_t +sizeofType(const struct asn1_template *t) +{ + return t->offset; +} + +/* + * Here is abstraction to not so well evil fact of bit fields in C, + * they are endian dependent, so when getting and setting bits in the + * host local structure we need to know the endianness of the host. + * + * Its not the first time in Heimdal this have bitten us, and some day + * we'll grow up and use #defined constant, but bit fields are still + * so pretty and shiny. + */ + +static void +bmember_get_bit(const unsigned char *p, void *data, + unsigned int bit, size_t size) +{ + unsigned int localbit = bit % 8; + if ((*p >> (7 - localbit)) & 1) { +#ifdef WORDS_BIGENDIAN + *(unsigned int *)data |= (1 << ((size * 8) - bit - 1)); +#else + *(unsigned int *)data |= (1 << bit); +#endif + } +} + +static int +bmember_isset_bit(const void *data, unsigned int bit, size_t size) +{ +#ifdef WORDS_BIGENDIAN + if ((*(unsigned int *)data) & (1 << ((size * 8) - bit - 1))) + return 1; + return 0; +#else + if ((*(unsigned int *)data) & (1 << bit)) + return 1; + return 0; +#endif +} + +static void +bmember_put_bit(unsigned char *p, const void *data, unsigned int bit, + size_t size, unsigned int *bitset) +{ + unsigned int localbit = bit % 8; + + if (bmember_isset_bit(data, bit, size)) { + *p |= (1 << (7 - localbit)); + if (*bitset == 0) + *bitset = (7 - localbit) + 1; + } +} + +int +_asn1_decode(const struct asn1_template *t, unsigned flags, + const unsigned char *p, size_t len, void *data, size_t *size) +{ + size_t elements = A1_HEADER_LEN(t); + size_t oldlen = len; + int ret = 0; + const unsigned char *startp = NULL; + unsigned int template_flags = t->tt; + + /* skip over header */ + t++; + + if (template_flags & A1_HF_PRESERVE) + startp = p; + + while (elements) { + switch (t->tt & A1_OP_MASK) { + case A1_OP_TYPE: + case A1_OP_TYPE_EXTERN: { + size_t newsize, size; + void *el = DPO(data, t->offset); + void **pel = (void **)el; + + if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) { + size = sizeofType(t->ptr); + } else { + const struct asn1_type_func *f = t->ptr; + size = f->size; + } + + if (t->tt & A1_FLAG_OPTIONAL) { + *pel = calloc(1, size); + if (*pel == NULL) + return ENOMEM; + el = *pel; + } + if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) { + ret = _asn1_decode(t->ptr, flags, p, len, el, &newsize); + } else { + const struct asn1_type_func *f = t->ptr; + ret = (f->decode)(p, len, el, &newsize); + } + if (ret) { + if (t->tt & A1_FLAG_OPTIONAL) { + free(*pel); + *pel = NULL; + break; + } + return ret; + } + p += newsize; len -= newsize; + + break; + } + case A1_OP_TAG: { + Der_type dertype; + size_t newsize; + size_t datalen, l; + void *olddata = data; + int is_indefinite = 0; + int subflags = flags; + + ret = der_match_tag_and_length(p, len, A1_TAG_CLASS(t->tt), + &dertype, A1_TAG_TAG(t->tt), + &datalen, &l); + if (ret) { + if (t->tt & A1_FLAG_OPTIONAL) + break; + return ret; + } + + p += l; len -= l; + + /* + * Only allow indefinite encoding for OCTET STRING and BER + * for now. Should handle BIT STRING too. + */ + + if (dertype != A1_TAG_TYPE(t->tt) && (flags & A1_PF_ALLOW_BER)) { + const struct asn1_template *subtype = t->ptr; + subtype++; /* skip header */ + + if (((subtype->tt & A1_OP_MASK) == A1_OP_PARSE) && + A1_PARSE_TYPE(subtype->tt) == A1T_OCTET_STRING) + subflags |= A1_PF_INDEFINTE; + } + + if (datalen == ASN1_INDEFINITE) { + if ((flags & A1_PF_ALLOW_BER) == 0) + return ASN1_GOT_BER; + is_indefinite = 1; + datalen = len; + if (datalen < 2) + return ASN1_OVERRUN; + /* hide EndOfContent for sub-decoder, catching it below */ + datalen -= 2; + } else if (datalen > len) + return ASN1_OVERRUN; + + data = DPO(data, t->offset); + + if (t->tt & A1_FLAG_OPTIONAL) { + void **el = (void **)data; + size_t ellen = sizeofType(t->ptr); + + *el = calloc(1, ellen); + if (*el == NULL) + return ENOMEM; + data = *el; + } + + ret = _asn1_decode(t->ptr, subflags, p, datalen, data, &newsize); + if (ret) + return ret; + + if (newsize != datalen) + return ASN1_EXTRA_DATA; + + len -= datalen; + p += datalen; + + /* + * Indefinite encoding needs a trailing EndOfContent, + * check for that. + */ + if (is_indefinite) { + ret = der_match_tag_and_length(p, len, ASN1_C_UNIV, + &dertype, UT_EndOfContent, + &datalen, &l); + if (ret) + return ret; + if (dertype != PRIM) + return ASN1_BAD_ID; + if (datalen != 0) + return ASN1_INDEF_EXTRA_DATA; + p += l; len -= l; + } + data = olddata; + + break; + } + case A1_OP_PARSE: { + unsigned int type = A1_PARSE_TYPE(t->tt); + size_t newsize; + void *el = DPO(data, t->offset); + + /* + * INDEFINITE primitive types are one element after the + * same type but non-INDEFINITE version. + */ + if (flags & A1_PF_INDEFINTE) + type++; + + if (type >= sizeof(prim)/sizeof(prim[0])) { + ABORT_ON_ERROR(); + return ASN1_PARSE_ERROR; + } + + ret = (prim[type].decode)(p, len, el, &newsize); + if (ret) + return ret; + p += newsize; len -= newsize; + + break; + } + case A1_OP_SETOF: + case A1_OP_SEQOF: { + struct template_of *el = DPO(data, t->offset); + size_t newsize; + size_t ellen = sizeofType(t->ptr); + size_t vallength = 0; + + while (len > 0) { + void *tmp; + size_t newlen = vallength + ellen; + if (vallength > newlen) + return ASN1_OVERFLOW; + + tmp = realloc(el->val, newlen); + if (tmp == NULL) + return ENOMEM; + + memset(DPO(tmp, vallength), 0, ellen); + el->val = tmp; + + ret = _asn1_decode(t->ptr, flags & (~A1_PF_INDEFINTE), p, len, + DPO(el->val, vallength), &newsize); + if (ret) + return ret; + vallength = newlen; + el->len++; + p += newsize; len -= newsize; + } + + break; + } + case A1_OP_BMEMBER: { + const struct asn1_template *bmember = t->ptr; + size_t size = bmember->offset; + size_t elements = A1_HEADER_LEN(bmember); + size_t pos = 0; + + bmember++; + + memset(data, 0, size); + + if (len < 1) + return ASN1_OVERRUN; + p++; len--; + + while (elements && len) { + while (bmember->offset / 8 > pos / 8) { + if (len < 1) + break; + p++; len--; + pos += 8; + } + if (len) { + bmember_get_bit(p, data, bmember->offset, size); + elements--; bmember++; + } + } + len = 0; + break; + } + case A1_OP_CHOICE: { + const struct asn1_template *choice = t->ptr; + unsigned int *element = DPO(data, choice->offset); + size_t datalen; + unsigned int i; + + for (i = 1; i < A1_HEADER_LEN(choice) + 1; i++) { + /* should match first tag instead, store it in choice.tt */ + ret = _asn1_decode(choice[i].ptr, 0, p, len, + DPO(data, choice[i].offset), &datalen); + if (ret == 0) { + *element = i; + p += datalen; len -= datalen; + break; + } else if (ret != ASN1_BAD_ID && ret != ASN1_MISPLACED_FIELD && ret != ASN1_MISSING_FIELD) { + return ret; + } + } + if (i >= A1_HEADER_LEN(choice) + 1) { + if (choice->tt == 0) + return ASN1_BAD_ID; + + *element = 0; + ret = der_get_octet_string(p, len, + DPO(data, choice->tt), &datalen); + if (ret) + return ret; + p += datalen; len -= datalen; + } + + break; + } + default: + ABORT_ON_ERROR(); + return ASN1_PARSE_ERROR; + } + t++; + elements--; + } + /* if we are using padding, eat up read of context */ + if (template_flags & A1_HF_ELLIPSIS) + len = 0; + + oldlen -= len; + + if (size) + *size = oldlen; + + /* + * saved the raw bits if asked for it, useful for signature + * verification. + */ + if (startp) { + heim_octet_string *save = data; + + save->data = malloc(oldlen); + if (save->data == NULL) + return ENOMEM; + else { + save->length = oldlen; + memcpy(save->data, startp, oldlen); + } + } + return 0; +} + +int +_asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, const void *data, size_t *size) +{ + size_t elements = A1_HEADER_LEN(t); + int ret = 0; + size_t oldlen = len; + + t += A1_HEADER_LEN(t); + + while (elements) { + switch (t->tt & A1_OP_MASK) { + case A1_OP_TYPE: + case A1_OP_TYPE_EXTERN: { + size_t newsize; + const void *el = DPOC(data, t->offset); + + if (t->tt & A1_FLAG_OPTIONAL) { + void **pel = (void **)el; + if (*pel == NULL) + break; + el = *pel; + } + + if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) { + ret = _asn1_encode(t->ptr, p, len, el, &newsize); + } else { + const struct asn1_type_func *f = t->ptr; + ret = (f->encode)(p, len, el, &newsize); + } + + if (ret) + return ret; + p -= newsize; len -= newsize; + + break; + } + case A1_OP_TAG: { + const void *olddata = data; + size_t l, datalen; + + data = DPOC(data, t->offset); + + if (t->tt & A1_FLAG_OPTIONAL) { + void **el = (void **)data; + if (*el == NULL) { + data = olddata; + break; + } + data = *el; + } + + ret = _asn1_encode(t->ptr, p, len, data, &datalen); + if (ret) + return ret; + + len -= datalen; p -= datalen; + + ret = der_put_length_and_tag(p, len, datalen, + A1_TAG_CLASS(t->tt), + A1_TAG_TYPE(t->tt), + A1_TAG_TAG(t->tt), &l); + if (ret) + return ret; + + p -= l; len -= l; + + data = olddata; + + break; + } + case A1_OP_PARSE: { + unsigned int type = A1_PARSE_TYPE(t->tt); + size_t newsize; + const void *el = DPOC(data, t->offset); + + if (type > sizeof(prim)/sizeof(prim[0])) { + ABORT_ON_ERROR(); + return ASN1_PARSE_ERROR; + } + + ret = (prim[type].encode)(p, len, el, &newsize); + if (ret) + return ret; + p -= newsize; len -= newsize; + + break; + } + case A1_OP_SETOF: { + const struct template_of *el = DPOC(data, t->offset); + size_t ellen = sizeofType(t->ptr); + struct heim_octet_string *val; + unsigned char *elptr = el->val; + size_t i, totallen; + + if (el->len == 0) + break; + + if (el->len > UINT_MAX/sizeof(val[0])) + return ERANGE; + + val = malloc(sizeof(val[0]) * el->len); + if (val == NULL) + return ENOMEM; + + for(totallen = 0, i = 0; i < el->len; i++) { + unsigned char *next; + size_t l; + + val[i].length = _asn1_length(t->ptr, elptr); + val[i].data = malloc(val[i].length); + + ret = _asn1_encode(t->ptr, DPO(val[i].data, val[i].length - 1), + val[i].length, elptr, &l); + if (ret) + break; + + next = elptr + ellen; + if (next < elptr) { + ret = ASN1_OVERFLOW; + break; + } + elptr = next; + totallen += val[i].length; + } + if (ret == 0 && totallen > len) + ret = ASN1_OVERFLOW; + if (ret) { + do { + free(val[i].data); + } while(i-- > 0); + free(val); + return ret; + } + + len -= totallen; + + qsort(val, el->len, sizeof(val[0]), _heim_der_set_sort); + + i = el->len - 1; + do { + p -= val[i].length; + memcpy(p + 1, val[i].data, val[i].length); + free(val[i].data); + } while(i-- > 0); + free(val); + + break; + + } + case A1_OP_SEQOF: { + struct template_of *el = DPO(data, t->offset); + size_t ellen = sizeofType(t->ptr); + size_t newsize; + unsigned int i; + unsigned char *elptr = el->val; + + if (el->len == 0) + break; + + elptr += ellen * (el->len - 1); + + for (i = 0; i < el->len; i++) { + ret = _asn1_encode(t->ptr, p, len, + elptr, + &newsize); + if (ret) + return ret; + p -= newsize; len -= newsize; + elptr -= ellen; + } + + break; + } + case A1_OP_BMEMBER: { + const struct asn1_template *bmember = t->ptr; + size_t size = bmember->offset; + size_t elements = A1_HEADER_LEN(bmember); + size_t pos; + unsigned char c = 0; + unsigned int bitset = 0; + int rfc1510 = (bmember->tt & A1_HBF_RFC1510); + + bmember += elements; + + if (rfc1510) + pos = 31; + else + pos = bmember->offset; + + while (elements && len) { + while (bmember->offset / 8 < pos / 8) { + if (rfc1510 || bitset || c) { + if (len < 1) + return ASN1_OVERFLOW; + *p-- = c; len--; + } + c = 0; + pos -= 8; + } + bmember_put_bit(&c, data, bmember->offset, size, &bitset); + elements--; bmember--; + } + if (rfc1510 || bitset) { + if (len < 1) + return ASN1_OVERFLOW; + *p-- = c; len--; + } + + if (len < 1) + return ASN1_OVERFLOW; + if (rfc1510 || bitset == 0) + *p-- = 0; + else + *p-- = bitset - 1; + + len--; + + break; + } + case A1_OP_CHOICE: { + const struct asn1_template *choice = t->ptr; + const unsigned int *element = DPOC(data, choice->offset); + size_t datalen; + const void *el; + + if (*element > A1_HEADER_LEN(choice)) { + printf("element: %d\n", *element); + return ASN1_PARSE_ERROR; + } + + if (*element == 0) { + ret += der_put_octet_string(p, len, + DPOC(data, choice->tt), &datalen); + } else { + choice += *element; + el = DPOC(data, choice->offset); + ret = _asn1_encode(choice->ptr, p, len, el, &datalen); + if (ret) + return ret; + } + len -= datalen; p -= datalen; + + break; + } + default: + ABORT_ON_ERROR(); + } + t--; + elements--; + } + if (size) + *size = oldlen - len; + + return 0; +} + +size_t +_asn1_length(const struct asn1_template *t, const void *data) +{ + size_t elements = A1_HEADER_LEN(t); + size_t ret = 0; + + t += A1_HEADER_LEN(t); + + while (elements) { + switch (t->tt & A1_OP_MASK) { + case A1_OP_TYPE: + case A1_OP_TYPE_EXTERN: { + const void *el = DPOC(data, t->offset); + + if (t->tt & A1_FLAG_OPTIONAL) { + void **pel = (void **)el; + if (*pel == NULL) + break; + el = *pel; + } + + if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) { + ret += _asn1_length(t->ptr, el); + } else { + const struct asn1_type_func *f = t->ptr; + ret += (f->length)(el); + } + break; + } + case A1_OP_TAG: { + size_t datalen; + const void *olddata = data; + + data = DPO(data, t->offset); + + if (t->tt & A1_FLAG_OPTIONAL) { + void **el = (void **)data; + if (*el == NULL) { + data = olddata; + break; + } + data = *el; + } + datalen = _asn1_length(t->ptr, data); + ret += der_length_tag(A1_TAG_TAG(t->tt)) + der_length_len(datalen); + ret += datalen; + data = olddata; + break; + } + case A1_OP_PARSE: { + unsigned int type = A1_PARSE_TYPE(t->tt); + const void *el = DPOC(data, t->offset); + + if (type > sizeof(prim)/sizeof(prim[0])) { + ABORT_ON_ERROR(); + break; + } + ret += (prim[type].length)(el); + break; + } + case A1_OP_SETOF: + case A1_OP_SEQOF: { + const struct template_of *el = DPOC(data, t->offset); + size_t ellen = sizeofType(t->ptr); + const unsigned char *element = el->val; + unsigned int i; + + for (i = 0; i < el->len; i++) { + ret += _asn1_length(t->ptr, element); + element += ellen; + } + + break; + } + case A1_OP_BMEMBER: { + const struct asn1_template *bmember = t->ptr; + size_t size = bmember->offset; + size_t elements = A1_HEADER_LEN(bmember); + int rfc1510 = (bmember->tt & A1_HBF_RFC1510); + + if (rfc1510) { + ret += 5; + } else { + + ret += 1; + + bmember += elements; + + while (elements) { + if (bmember_isset_bit(data, bmember->offset, size)) { + ret += (bmember->offset / 8) + 1; + break; + } + elements--; bmember--; + } + } + break; + } + case A1_OP_CHOICE: { + const struct asn1_template *choice = t->ptr; + const unsigned int *element = DPOC(data, choice->offset); + + if (*element > A1_HEADER_LEN(choice)) + break; + + if (*element == 0) { + ret += der_length_octet_string(DPOC(data, choice->tt)); + } else { + choice += *element; + ret += _asn1_length(choice->ptr, DPOC(data, choice->offset)); + } + break; + } + default: + ABORT_ON_ERROR(); + break; + } + elements--; + t--; + } + return ret; +} + +void +_asn1_free(const struct asn1_template *t, void *data) +{ + size_t elements = A1_HEADER_LEN(t); + + if (t->tt & A1_HF_PRESERVE) + der_free_octet_string(data); + + t++; + + while (elements) { + switch (t->tt & A1_OP_MASK) { + case A1_OP_TYPE: + case A1_OP_TYPE_EXTERN: { + void *el = DPO(data, t->offset); + + if (t->tt & A1_FLAG_OPTIONAL) { + void **pel = (void **)el; + if (*pel == NULL) + break; + el = *pel; + } + + if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) { + _asn1_free(t->ptr, el); + } else { + const struct asn1_type_func *f = t->ptr; + (f->release)(el); + } + if (t->tt & A1_FLAG_OPTIONAL) + free(el); + + break; + } + case A1_OP_PARSE: { + unsigned int type = A1_PARSE_TYPE(t->tt); + void *el = DPO(data, t->offset); + + if (type > sizeof(prim)/sizeof(prim[0])) { + ABORT_ON_ERROR(); + break; + } + (prim[type].release)(el); + break; + } + case A1_OP_TAG: { + void *el = DPO(data, t->offset); + + if (t->tt & A1_FLAG_OPTIONAL) { + void **pel = (void **)el; + if (*pel == NULL) + break; + el = *pel; + } + + _asn1_free(t->ptr, el); + + if (t->tt & A1_FLAG_OPTIONAL) + free(el); + + break; + } + case A1_OP_SETOF: + case A1_OP_SEQOF: { + struct template_of *el = DPO(data, t->offset); + size_t ellen = sizeofType(t->ptr); + unsigned char *element = el->val; + unsigned int i; + + for (i = 0; i < el->len; i++) { + _asn1_free(t->ptr, element); + element += ellen; + } + free(el->val); + el->val = NULL; + el->len = 0; + + break; + } + case A1_OP_BMEMBER: + break; + case A1_OP_CHOICE: { + const struct asn1_template *choice = t->ptr; + const unsigned int *element = DPOC(data, choice->offset); + + if (*element > A1_HEADER_LEN(choice)) + break; + + if (*element == 0) { + der_free_octet_string(DPO(data, choice->tt)); + } else { + choice += *element; + _asn1_free(choice->ptr, DPO(data, choice->offset)); + } + break; + } + default: + ABORT_ON_ERROR(); + break; + } + t++; + elements--; + } +} + +int +_asn1_copy(const struct asn1_template *t, const void *from, void *to) +{ + size_t elements = A1_HEADER_LEN(t); + int ret = 0; + int preserve = (t->tt & A1_HF_PRESERVE); + + t++; + + if (preserve) { + ret = der_copy_octet_string(from, to); + if (ret) + return ret; + } + + while (elements) { + switch (t->tt & A1_OP_MASK) { + case A1_OP_TYPE: + case A1_OP_TYPE_EXTERN: { + const void *fel = DPOC(from, t->offset); + void *tel = DPO(to, t->offset); + void **ptel = (void **)tel; + size_t size; + + if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) { + size = sizeofType(t->ptr); + } else { + const struct asn1_type_func *f = t->ptr; + size = f->size; + } + + if (t->tt & A1_FLAG_OPTIONAL) { + void **pfel = (void **)fel; + if (*pfel == NULL) + break; + fel = *pfel; + + tel = *ptel = calloc(1, size); + if (tel == NULL) + return ENOMEM; + } + + if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) { + ret = _asn1_copy(t->ptr, fel, tel); + } else { + const struct asn1_type_func *f = t->ptr; + ret = (f->copy)(fel, tel); + } + + if (ret) { + if (t->tt & A1_FLAG_OPTIONAL) { + free(*ptel); + *ptel = NULL; + } + return ret; + } + break; + } + case A1_OP_PARSE: { + unsigned int type = A1_PARSE_TYPE(t->tt); + const void *fel = DPOC(from, t->offset); + void *tel = DPO(to, t->offset); + + if (type > sizeof(prim)/sizeof(prim[0])) { + ABORT_ON_ERROR(); + return ASN1_PARSE_ERROR; + } + ret = (prim[type].copy)(fel, tel); + if (ret) + return ret; + break; + } + case A1_OP_TAG: { + const void *oldfrom = from; + void *oldto = to; + void **tel = NULL; + + from = DPOC(from, t->offset); + to = DPO(to, t->offset); + + if (t->tt & A1_FLAG_OPTIONAL) { + void **fel = (void **)from; + tel = (void **)to; + if (*fel == NULL) { + from = oldfrom; + to = oldto; + break; + } + from = *fel; + + to = *tel = calloc(1, sizeofType(t->ptr)); + if (to == NULL) + return ENOMEM; + } + + ret = _asn1_copy(t->ptr, from, to); + if (ret) { + if (t->tt & A1_FLAG_OPTIONAL) { + free(*tel); + *tel = NULL; + } + return ret; + } + + from = oldfrom; + to = oldto; + + break; + } + case A1_OP_SETOF: + case A1_OP_SEQOF: { + const struct template_of *fel = DPOC(from, t->offset); + struct template_of *tel = DPO(to, t->offset); + size_t ellen = sizeofType(t->ptr); + unsigned int i; + + tel->val = calloc(fel->len, ellen); + if (tel->val == NULL) + return ENOMEM; + + tel->len = fel->len; + + for (i = 0; i < fel->len; i++) { + ret = _asn1_copy(t->ptr, + DPOC(fel->val, (i * ellen)), + DPO(tel->val, (i *ellen))); + if (ret) + return ret; + } + break; + } + case A1_OP_BMEMBER: { + const struct asn1_template *bmember = t->ptr; + size_t size = bmember->offset; + memcpy(to, from, size); + break; + } + case A1_OP_CHOICE: { + const struct asn1_template *choice = t->ptr; + const unsigned int *felement = DPOC(from, choice->offset); + unsigned int *telement = DPO(to, choice->offset); + + if (*felement > A1_HEADER_LEN(choice)) + return ASN1_PARSE_ERROR; + + *telement = *felement; + + if (*felement == 0) { + ret = der_copy_octet_string(DPOC(from, choice->tt), DPO(to, choice->tt)); + } else { + choice += *felement; + ret = _asn1_copy(choice->ptr, + DPOC(from, choice->offset), + DPO(to, choice->offset)); + } + if (ret) + return ret; + break; + } + default: + ABORT_ON_ERROR(); + break; + } + t++; + elements--; + } + return 0; +} + +int +_asn1_decode_top(const struct asn1_template *t, unsigned flags, const unsigned char *p, size_t len, void *data, size_t *size) +{ + int ret; + memset(data, 0, t->offset); + ret = _asn1_decode(t, flags, p, len, data, size); + if (ret) { + _asn1_free(t, data); + memset(data, 0, t->offset); + } + + return ret; +} + +int +_asn1_copy_top(const struct asn1_template *t, const void *from, void *to) +{ + int ret; + memset(to, 0, t->offset); + ret = _asn1_copy(t, from, to); + if (ret) { + _asn1_free(t, to); + memset(to, 0, t->offset); + } + return ret; +} diff --git a/lib/asn1/test.asn1 b/lib/asn1/test.asn1 index b2f58a20c2ce..89154e337c8f 100644 --- a/lib/asn1/test.asn1 +++ b/lib/asn1/test.asn1 @@ -1,4 +1,4 @@ --- $Id: test.asn1 21455 2007-07-10 12:51:19Z lha $ -- +-- $Id$ -- TEST DEFINITIONS ::= @@ -6,8 +6,11 @@ BEGIN IMPORTS heim_any FROM heim; +TESTuint32 ::= INTEGER (0..4294967295) + TESTLargeTag ::= SEQUENCE { - foo[127] INTEGER (-2147483648..2147483647) + foo[127] INTEGER (-2147483648..2147483647), + bar[128] INTEGER (-2147483648..2147483647) } TESTSeq ::= SEQUENCE { @@ -20,12 +23,12 @@ TESTSeq ::= SEQUENCE { TESTChoice1 ::= CHOICE { i1[1] INTEGER (-2147483648..2147483647), i2[2] INTEGER (-2147483648..2147483647), - ... + ... } TESTChoice2 ::= CHOICE { i1[1] INTEGER (-2147483648..2147483647), - ... + ... } TESTInteger ::= INTEGER (-2147483648..2147483647) @@ -35,7 +38,7 @@ TESTInteger3 ::= [5] IMPLICIT TESTInteger2 TESTImplicit ::= SEQUENCE { ti1[0] IMPLICIT INTEGER (-2147483648..2147483647), - ti2[1] IMPLICIT SEQUENCE { + ti2[1] IMPLICIT SEQUENCE { foo[127] INTEGER (-2147483648..2147483647) }, ti3[2] IMPLICIT [5] IMPLICIT [4] IMPLICIT INTEGER (-2147483648..2147483647) @@ -57,21 +60,26 @@ TESTAlloc ::= SEQUENCE { tagless2 heim_any OPTIONAL } +TESTOptional ::= SEQUENCE { + zero [0] INTEGER (-2147483648..2147483647) OPTIONAL, + one [1] INTEGER (-2147483648..2147483647) OPTIONAL +} + TESTCONTAINING ::= OCTET STRING ( CONTAINING INTEGER ) -TESTENCODEDBY ::= OCTET STRING ( ENCODED BY +TESTENCODEDBY ::= OCTET STRING ( ENCODED BY { joint-iso-itu-t(2) asn(1) ber-derived(2) distinguished-encoding(1) } ) -TESTDer OBJECT IDENTIFIER ::= { +TESTDer OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) asn(1) ber-derived(2) distinguished-encoding(1) } -TESTCONTAININGENCODEDBY ::= OCTET STRING ( CONTAINING INTEGER ENCODED BY +TESTCONTAININGENCODEDBY ::= OCTET STRING ( CONTAINING INTEGER ENCODED BY { joint-iso-itu-t(2) asn(1) ber-derived(2) distinguished-encoding(1) } ) -TESTCONTAININGENCODEDBY2 ::= OCTET STRING ( +TESTCONTAININGENCODEDBY2 ::= OCTET STRING ( CONTAINING INTEGER ENCODED BY TESTDer ) @@ -92,4 +100,39 @@ TESTSeqSizeOf4 ::= SEQUENCE SIZE (MIN..2) OF TESTInteger TESTOSSize1 ::= OCTET STRING SIZE (1..2) +TESTSeqOfSeq ::= SEQUENCE OF SEQUENCE { + zero [0] TESTInteger +} + +TESTSeqOfSeq2 ::= SEQUENCE OF SEQUENCE { + string [0] GeneralString +} + +TESTSeqOfSeq3 ::= SEQUENCE OF SEQUENCE { + zero [0] TESTInteger, + string [0] GeneralString +} + +TESTSeqOf2 ::= SEQUENCE { + strings SEQUENCE OF GeneralString +} + +TESTSeqOf3 ::= SEQUENCE { + strings SEQUENCE OF GeneralString OPTIONAL +} + +TESTPreserve ::= SEQUENCE { + zero [0] TESTInteger, + one [1] TESTInteger +} + +TESTBitString ::= BIT STRING { + zero(0), + eight(8), + thirtyone(31) +} + +TESTMechType::= OBJECT IDENTIFIER +TESTMechTypeList ::= SEQUENCE OF TESTMechType + END diff --git a/lib/asn1/test.gen b/lib/asn1/test.gen index d0fc7d98a44b..bfb04864818f 100644 --- a/lib/asn1/test.gen +++ b/lib/asn1/test.gen @@ -1,4 +1,4 @@ -# $Id: test.gen 15617 2005-07-12 06:27:42Z lha $ +# $Id$ # Sample for TESTSeq in test.asn1 # diff --git a/lib/asn1/timegm.c b/lib/asn1/timegm.c index 33b9684a5d87..d9f4adbd5591 100644 --- a/lib/asn1/timegm.c +++ b/lib/asn1/timegm.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "der_locl.h" -RCSID("$Id: timegm.c 21366 2007-06-27 10:06:22Z lha $"); +#define ASN1_MAX_YEAR 2000 static int is_leap(unsigned y) @@ -42,7 +42,11 @@ is_leap(unsigned y) return (y % 4) == 0 && ((y % 100) != 0 || (y % 400) == 0); } -/* +static const unsigned ndays[2][12] ={ + {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}, + {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}}; + +/* * This is a simplifed version of timegm(3) that doesn't accept out of * bound values that timegm(3) normally accepts but those are not * valid in asn1 encodings. @@ -51,23 +55,26 @@ is_leap(unsigned y) time_t _der_timegm (struct tm *tm) { - static const unsigned ndays[2][12] ={ - {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}, - {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}}; time_t res = 0; - unsigned i; + int i; - if (tm->tm_year < 0) + /* + * See comment in _der_gmtime + */ + if (tm->tm_year > ASN1_MAX_YEAR) + return 0; + + if (tm->tm_year < 0) return -1; - if (tm->tm_mon < 0 || tm->tm_mon > 11) + if (tm->tm_mon < 0 || tm->tm_mon > 11) return -1; - if (tm->tm_mday < 1 || tm->tm_mday > ndays[is_leap(tm->tm_year)][tm->tm_mon]) + if (tm->tm_mday < 1 || tm->tm_mday > (int)ndays[is_leap(tm->tm_year)][tm->tm_mon]) return -1; - if (tm->tm_hour < 0 || tm->tm_hour > 23) + if (tm->tm_hour < 0 || tm->tm_hour > 23) return -1; - if (tm->tm_min < 0 || tm->tm_min > 59) + if (tm->tm_min < 0 || tm->tm_min > 59) return -1; - if (tm->tm_sec < 0 || tm->tm_sec > 59) + if (tm->tm_sec < 0 || tm->tm_sec > 59) return -1; for (i = 70; i < tm->tm_year; ++i) @@ -84,3 +91,46 @@ _der_timegm (struct tm *tm) res += tm->tm_sec; return res; } + +struct tm * +_der_gmtime(time_t t, struct tm *tm) +{ + time_t secday = t % (3600 * 24); + time_t days = t / (3600 * 24); + + memset(tm, 0, sizeof(*tm)); + + tm->tm_sec = secday % 60; + tm->tm_min = (secday % 3600) / 60; + tm->tm_hour = secday / 3600; + + /* + * Refuse to calculate time ~ 2000 years into the future, this is + * not possible for systems where time_t is a int32_t, however, + * when time_t is a int64_t, that can happen, and this becomes a + * denial of sevice. + */ + if (days > (ASN1_MAX_YEAR * 365)) + return NULL; + + tm->tm_year = 70; + while(1) { + unsigned dayinyear = (is_leap(tm->tm_year) ? 366 : 365); + if (days < dayinyear) + break; + tm->tm_year += 1; + days -= dayinyear; + } + tm->tm_mon = 0; + + while (1) { + unsigned daysinmonth = ndays[is_leap(tm->tm_year)][tm->tm_mon]; + if (days < daysinmonth) + break; + days -= daysinmonth; + tm->tm_mon++; + } + tm->tm_mday = days + 1; + + return tm; +} diff --git a/lib/asn1/version-script.map b/lib/asn1/version-script.map new file mode 100644 index 000000000000..67f9ff0983a3 --- /dev/null +++ b/lib/asn1/version-script.map @@ -0,0 +1,6 @@ +# Export everything, but put a tag on is so that we make ourself incompatible with older versions + +HEIMDAL_ASN1_1.0 { + global: + *; +}; diff --git a/lib/auth/ChangeLog b/lib/auth/ChangeLog deleted file mode 100644 index 1ef62c092f49..000000000000 --- a/lib/auth/ChangeLog +++ /dev/null @@ -1,206 +0,0 @@ -2007-12-14 Love Hörnquist Åstrand - - * sia/Makefile.am: One EXTRA_DIST is enought, from dave love. - - * pam/Makefile.am: Add SRCS to EXTRA_DIST - - * afskauthlib/Makefile.am: SRCS - -2006-10-22 Love Hörnquist Åstrand - - * pam/Makefile.am: use libtool to build binaries - -2005-05-02 Dave Love - - * afskauthlib/Makefile.am (afskauthlib.so): Use libtool. - (.c.o): Use CC (like SIA module), not COMPILE. - -2005-04-19 Love Hörnquist Åstrand - - * sia/sia.c: fix getpw*_r calls, they return 0 even when the entry - isn't found and instead make it with setting return pointer to - NULL. From Luke Mewburn - -2004-09-08 Johan Danielsson - - * afskauthlib/verify.c: use krb5_appdefault_boolean instead of - krb5_config_get_bool - -2003-09-23 Love Hörnquist Åstrand - - * sia/sia.c: Add support for AFS when using Kerberos 5, From: - Sergio.Gelato@astro.su.se - -2003-07-07 Love Hörnquist Åstrand - - * pam/Makefile.am: XXX inline COMPILE since automake wont add it - - * afskauthlib/verify.c (verify_krb5): use krb5_cc_clear_mcred - -2003-05-08 Love Hörnquist Åstrand - - * sia/Makefile.am: inline COMPILE since (modern) automake doesn't - add it by itself for some reason - -2003-04-30 Love Hörnquist Åstrand - - * afskauthlib/Makefile.am: always includes kafs now that its built - -2003-03-27 Love Hörnquist Åstrand - - * sia/Makefile.am: libkafs is always built now, lets include it - -2002-05-19 Johan Danielsson - - * pam/Makefile.am: set SUFFIXES with += - -2001-10-27 Assar Westerlund - - * pam/Makefile.am: actually build the pam module - -2001-09-18 Johan Danielsson - - * sia/Makefile.am: also don't compress krb5 library, at least - siacfg fails with compressed libraries - -2001-09-13 Assar Westerlund - - * sia/sia.c: move krb5_error_code inside a ifdef KRB5 - * sia/sia_locl.h: move roken.h earlier to grab definition of - socklen_t - -2001-08-28 Johan Danielsson - - * sia/krb5_matrix.conf: athena -> heimdal - -2001-07-17 Assar Westerlund - - * sia/Makefile.am: use make-rpath to sort rpath arguments - -2001-07-15 Assar Westerlund - - * afskauthlib/Makefile.am: use LIB_des, so that we link with - libcrypto/libdes from krb4 - -2001-07-12 Assar Westerlund - - * sia/Makefile.am: use $(CC) instead of ld for linking - -2001-07-06 Assar Westerlund - - * sia/Makefile.am: use LDFLAGS, and conditional libdes - -2001-03-06 Assar Westerlund - - * sia/Makefile.am: make sure of using -rpath and not -R when - calling ld - -2001-02-15 Assar Westerlund - - * pam/pam.c (psyslog): do not log to console - -2001-01-29 Assar Westerlund - - * sia/Makefile.am (libsia_krb5.so): actually run ld in the case - shared library case - -2000-12-31 Assar Westerlund - - * sia/sia.c (siad_ses_init): handle krb5_init_context failure - consistently - * afskauthlib/verify.c (verify_krb5): handle krb5_init_context - failure consistently - -2000-11-30 Johan Danielsson - - * afskauthlib/Makefile.am: use libtool - - * afskauthlib/Makefile.am: work with krb4 only - -2000-07-30 Johan Danielsson - - * sia/Makefile.am: don't compress library, since 5.0 seems to have - a problem with this - -2000-07-02 Assar Westerlund - - * afskauthlib/verify.c: fixes for pag setting - -1999-12-30 Assar Westerlund - - * sia/Makefile.am: try to link with shared libraries if we don't - find any static ones - -1999-12-20 Johan Danielsson - - * sia/sia.c: don't use string concatenation with TKT_ROOT - -1999-11-15 Assar Westerlund - - * */lib/Makefile.in: set LIBNAME. From Enrico Scholz - - -1999-10-17 Assar Westerlund - - * afskauthlib/verify.c (verify_krb5): need realm for v5 -> v4 - -1999-10-03 Assar Westerlund - - * afskauthlib/verify.c (verify_krb5): update to new - krb524_convert_creds_kdc - -1999-09-28 Assar Westerlund - - * sia/sia.c (doauth): use krb5_get_local_realms and - krb5_verify_user_lrealm - - * afskauthlib/verify.c (verify_krb5): remove krb5_kuserok. use - krb5_verify_user_lrealm - -1999-08-27 Johan Danielsson - - * pam/Makefile.in: link with res_search/dn_expand libraries - -1999-08-11 Johan Danielsson - - * afskauthlib/verify.c: make this compile w/o krb4 - -1999-08-04 Assar Westerlund - - * afskauthlib/verify.c: incorporate patches from Miroslav Ruda - - -Thu Apr 8 14:35:34 1999 Johan Danielsson - - * sia/sia.c: remove definition of KRB_VERIFY_USER (moved to - config.h) - - * sia/Makefile.am: make it build w/o krb4 - - * afskauthlib/verify.c: add krb5 support - - * afskauthlib/Makefile.am: build afskauthlib.so - -Wed Apr 7 14:06:22 1999 Johan Danielsson - - * sia/sia.c: make it compile w/o krb4 - - * sia/Makefile.am: make it compile w/o krb4 - -Thu Apr 1 18:09:23 1999 Johan Danielsson - - * sia/sia_locl.h: POSIX_GETPWNAM_R is defined in config.h - -Sun Mar 21 14:08:30 1999 Johan Danielsson - - * sia/Makefile.in: add posix_getpw.c - - * sia/Makefile.am: makefile for sia - - * sia/posix_getpw.c: move from sia.c - - * sia/sia_locl.h: merge with krb5 version - - * sia/sia.c: merge with krb5 version - - * sia/sia5.c: remove unused variables diff --git a/lib/auth/Makefile.am b/lib/auth/Makefile.am deleted file mode 100644 index c62903c7d1b3..000000000000 --- a/lib/auth/Makefile.am +++ /dev/null @@ -1,6 +0,0 @@ -# $Id: Makefile.am 5683 1999-03-21 17:11:08Z joda $ - -include $(top_srcdir)/Makefile.am.common - -SUBDIRS = @LIB_AUTH_SUBDIRS@ -DIST_SUBDIRS = afskauthlib pam sia diff --git a/lib/auth/afskauthlib/Makefile.am b/lib/auth/afskauthlib/Makefile.am deleted file mode 100644 index 1eec4f5d1633..000000000000 --- a/lib/auth/afskauthlib/Makefile.am +++ /dev/null @@ -1,51 +0,0 @@ -# $Id: Makefile.am 22298 2007-12-14 06:38:06Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) - -DEFS = @DEFS@ - -foodir = $(libdir) -foo_DATA = afskauthlib.so - -SUFFIXES += .c .o - -SRCS = verify.c -OBJS = verify.o - -CLEANFILES = $(foo_DATA) $(OBJS) so_locations - -afskauthlib.so: $(OBJS) - $(LIBTOOL) --mode=link $(CC) -shared -o $@ $(OBJS) $(L) $(LDFLAGS) - -.c.o: - $(CC) $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ - -c `test -f '$<' || echo '$(srcdir)/'`$< - -KAFS = $(top_builddir)/lib/kafs/libkafs.la - -if KRB5 -L = \ - $(KAFS) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/roken/libroken.la \ - -lc - -else - -L = \ - $(KAFS) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/roken/libroken.la \ - -lc -endif - -$(OBJS): $(top_builddir)/include/config.h - -EXTRA_DIST = $(SRCS) diff --git a/lib/auth/afskauthlib/verify.c b/lib/auth/afskauthlib/verify.c deleted file mode 100644 index ff0141b2f6b2..000000000000 --- a/lib/auth/afskauthlib/verify.c +++ /dev/null @@ -1,307 +0,0 @@ -/* - * Copyright (c) 1995-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: verify.c 14203 2004-09-08 09:02:59Z joda $"); -#endif -#include -#include -#include -#ifdef KRB5 -#include -#endif -#ifdef KRB4 -#include -#include -#endif -#include - -#ifdef KRB5 -static char krb5ccname[128]; -#endif -#ifdef KRB4 -static char krbtkfile[128]; -#endif - -/* - In some cases is afs_gettktstring called twice (once before - afs_verify and once after afs_verify). - In some cases (rlogin with access allowed via .rhosts) - afs_verify is not called! - So we can't rely on correct value in krbtkfile in some - cases! -*/ - -static int correct_tkfilename=0; -static int pag_set=0; - -#ifdef KRB4 -static void -set_krbtkfile(uid_t uid) -{ - snprintf (krbtkfile, sizeof(krbtkfile), "%s%d", TKT_ROOT, (unsigned)uid); - krb_set_tkt_string (krbtkfile); - correct_tkfilename = 1; -} -#endif - -/* XXX this has to be the default cache name, since the KRB5CCNAME - * environment variable isn't exported by login/xdm - */ - -#ifdef KRB5 -static void -set_krb5ccname(uid_t uid) -{ - snprintf (krb5ccname, sizeof(krb5ccname), "FILE:/tmp/krb5cc_%d", uid); -#ifdef KRB4 - snprintf (krbtkfile, sizeof(krbtkfile), "%s%d", TKT_ROOT, (unsigned)uid); -#endif - correct_tkfilename = 1; -} -#endif - -static void -set_spec_krbtkfile(void) -{ - int fd; -#ifdef KRB4 - snprintf (krbtkfile, sizeof(krbtkfile), "%s_XXXXXX", TKT_ROOT); - fd = mkstemp(krbtkfile); - close(fd); - unlink(krbtkfile); - krb_set_tkt_string (krbtkfile); -#endif -#ifdef KRB5 - snprintf(krb5ccname, sizeof(krb5ccname),"FILE:/tmp/krb5cc_XXXXXX"); - fd=mkstemp(krb5ccname+5); - close(fd); - unlink(krb5ccname+5); -#endif -} - -#ifdef KRB5 -static int -verify_krb5(struct passwd *pwd, - char *password, - int32_t *exp, - int quiet) -{ - krb5_context context; - krb5_error_code ret; - krb5_ccache ccache; - krb5_principal principal; - - ret = krb5_init_context(&context); - if (ret) { - syslog(LOG_AUTH|LOG_DEBUG, "krb5_init_context failed: %d", ret); - goto out; - } - - ret = krb5_parse_name (context, pwd->pw_name, &principal); - if (ret) { - syslog(LOG_AUTH|LOG_DEBUG, "krb5_parse_name: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - set_krb5ccname(pwd->pw_uid); - ret = krb5_cc_resolve(context, krb5ccname, &ccache); - if(ret) { - syslog(LOG_AUTH|LOG_DEBUG, "krb5_cc_resolve: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - ret = krb5_verify_user_lrealm(context, - principal, - ccache, - password, - TRUE, - NULL); - if(ret) { - syslog(LOG_AUTH|LOG_DEBUG, "krb5_verify_user: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - if(chown(krb5_cc_get_name(context, ccache), pwd->pw_uid, pwd->pw_gid)) { - syslog(LOG_AUTH|LOG_DEBUG, "chown: %s", - krb5_get_err_text(context, errno)); - goto out; - } - -#ifdef KRB4 - { - krb5_realm realm = NULL; - krb5_boolean get_v4_tgt; - - krb5_get_default_realm(context, &realm); - krb5_appdefault_boolean(context, "afskauthlib", - realm, - "krb4_get_tickets", FALSE, &get_v4_tgt); - if (get_v4_tgt) { - CREDENTIALS c; - krb5_creds mcred, cred; - - krb5_cc_clear_mcred(&mcred); - - krb5_make_principal(context, &mcred.server, realm, - "krbtgt", - realm, - NULL); - ret = krb5_cc_retrieve_cred(context, ccache, 0, &mcred, &cred); - if(ret == 0) { - ret = krb524_convert_creds_kdc_ccache(context, ccache, &cred, &c); - if(ret) - krb5_warn(context, ret, "converting creds"); - else { - set_krbtkfile(pwd->pw_uid); - tf_setup(&c, c.pname, c.pinst); - } - memset(&c, 0, sizeof(c)); - krb5_free_cred_contents(context, &cred); - } else - syslog(LOG_AUTH|LOG_DEBUG, "krb5_cc_retrieve_cred: %s", - krb5_get_err_text(context, ret)); - - krb5_free_principal(context, mcred.server); - } - free (realm); - if (!pag_set && k_hasafs()) { - k_setpag(); - pag_set = 1; - } - - if (pag_set) - krb5_afslog_uid_home(context, ccache, NULL, NULL, - pwd->pw_uid, pwd->pw_dir); - } -#endif - out: - if(ret && !quiet) - printf ("%s\n", krb5_get_err_text (context, ret)); - return ret; -} -#endif - -#ifdef KRB4 -static int -verify_krb4(struct passwd *pwd, - char *password, - int32_t *exp, - int quiet) -{ - int ret = 1; - char lrealm[REALM_SZ]; - - if (krb_get_lrealm (lrealm, 1) != KFAILURE) { - set_krbtkfile(pwd->pw_uid); - ret = krb_verify_user (pwd->pw_name, "", lrealm, password, - KRB_VERIFY_SECURE, NULL); - if (ret == KSUCCESS) { - if (!pag_set && k_hasafs()) { - k_setpag (); - pag_set = 1; - } - if (pag_set) - krb_afslog_uid_home (0, 0, pwd->pw_uid, pwd->pw_dir); - } else if (!quiet) - printf ("%s\n", krb_get_err_text (ret)); - } - return ret; -} -#endif - -int -afs_verify(char *name, - char *password, - int32_t *exp, - int quiet) -{ - int ret = 1; - struct passwd *pwd = k_getpwnam (name); - - if(pwd == NULL) - return 1; - - if (!pag_set && k_hasafs()) { - k_setpag(); - pag_set=1; - } - - if (ret) - ret = unix_verify_user (name, password); -#ifdef KRB5 - if (ret) - ret = verify_krb5(pwd, password, exp, quiet); -#endif -#ifdef KRB4 - if(ret) - ret = verify_krb4(pwd, password, exp, quiet); -#endif - return ret; -} - -char * -afs_gettktstring (void) -{ - char *ptr; - struct passwd *pwd; - - if (!correct_tkfilename) { - ptr = getenv("LOGNAME"); - if (ptr != NULL && ((pwd = getpwnam(ptr)) != NULL)) { - set_krb5ccname(pwd->pw_uid); -#ifdef KRB4 - set_krbtkfile(pwd->pw_uid); - if (!pag_set && k_hasafs()) { - k_setpag(); - pag_set=1; - } -#endif - } else { - set_spec_krbtkfile(); - } - } -#ifdef KRB5 - esetenv("KRB5CCNAME",krb5ccname,1); -#endif -#ifdef KRB4 - esetenv("KRBTKFILE",krbtkfile,1); - return krbtkfile; -#else - return ""; -#endif -} diff --git a/lib/auth/pam/Makefile.am b/lib/auth/pam/Makefile.am deleted file mode 100644 index c4d0eb545b7e..000000000000 --- a/lib/auth/pam/Makefile.am +++ /dev/null @@ -1,69 +0,0 @@ -# $Id: Makefile.am 22299 2007-12-14 06:39:19Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) - -WFLAGS += $(WFLAGS_NOIMPLICITINT) - -DEFS = @DEFS@ - -## this is horribly ugly, but automake/libtool doesn't allow us to -## unconditionally build shared libraries, and it does not allow us to -## link with non-installed libraries - -if KRB4 -KAFS=$(top_builddir)/lib/kafs/.libs/libkafs.a -KAFS_S=$(top_builddir)/lib/kafs/.libs/libkafs.so - -L = \ - $(KAFS) \ - $(top_builddir)/lib/krb/.libs/libkrb.a \ - $(LIB_hcrypto_a) \ - $(top_builddir)/lib/roken/.libs/libroken.a \ - -lc - -L_shared = \ - $(KAFS_S) \ - $(top_builddir)/lib/krb/.libs/libkrb.so \ - $(LIB_hcrypto_so) \ - $(top_builddir)/lib/roken/.libs/libroken.so \ - $(LIB_getpwnam_r) \ - -lc - -MOD = pam_krb4.so - -endif - -foodir = $(libdir) -foo_DATA = $(MOD) - -LDFLAGS = @LDFLAGS@ - -SRCS = pam.c -OBJS = pam.o - -pam_krb4.so: $(OBJS) - @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \ - echo "$(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \ - $(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ - elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \ - echo "$(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \ - $(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ - else \ - echo "missing libraries"; exit 1; \ - fi - -CLEANFILES = $(MOD) $(OBJS) - -SUFFIXES += .c .o - -# XXX inline COMPILE since automake wont add it - -.c.o: - $(LIBTOOL) --mode=compile --tag=CC $(CC) \ - $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ - -c `test -f '$<' || echo '$(srcdir)/'`$< - -EXTRA_DIST = pam.conf.add $(SRCS) diff --git a/lib/auth/pam/pam.c b/lib/auth/pam/pam.c deleted file mode 100644 index ed5071b78851..000000000000 --- a/lib/auth/pam/pam.c +++ /dev/null @@ -1,443 +0,0 @@ -/* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: pam.c 11417 2002-09-09 15:57:24Z joda $"); -#endif - -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#ifndef PAM_AUTHTOK_RECOVERY_ERR /* Fix linsux typo. */ -#define PAM_AUTHTOK_RECOVERY_ERR PAM_AUTHTOK_RECOVER_ERR -#endif - -#include -#include -#include - -#if 0 -/* Debugging PAM modules is a royal pain, truss helps. */ -#define DEBUG(msg) (access(msg " at line", __LINE__)) -#endif - -static void -psyslog(int level, const char *format, ...) -{ - va_list args; - va_start(args, format); - openlog("pam_krb4", LOG_PID, LOG_AUTH); - vsyslog(level, format, args); - va_end(args); - closelog(); -} - -enum { - KRB4_DEBUG, - KRB4_USE_FIRST_PASS, - KRB4_TRY_FIRST_PASS, - KRB4_IGNORE_ROOT, - KRB4_NO_VERIFY, - KRB4_REAFSLOG, - KRB4_CTRLS /* Number of ctrl arguments defined. */ -}; - -#define KRB4_DEFAULTS 0 - -static int ctrl_flags = KRB4_DEFAULTS; -#define ctrl_on(x) (krb4_args[x].flag & ctrl_flags) -#define ctrl_off(x) (!ctrl_on(x)) - -typedef struct -{ - const char *token; - unsigned int flag; -} krb4_ctrls_t; - -static krb4_ctrls_t krb4_args[KRB4_CTRLS] = -{ - /* KRB4_DEBUG */ { "debug", 0x01 }, - /* KRB4_USE_FIRST_PASS */ { "use_first_pass", 0x02 }, - /* KRB4_TRY_FIRST_PASS */ { "try_first_pass", 0x04 }, - /* KRB4_IGNORE_ROOT */ { "ignore_root", 0x08 }, - /* KRB4_NO_VERIFY */ { "no_verify", 0x10 }, - /* KRB4_REAFSLOG */ { "reafslog", 0x20 }, -}; - -static void -parse_ctrl(int argc, const char **argv) -{ - int i, j; - - ctrl_flags = KRB4_DEFAULTS; - for (i = 0; i < argc; i++) - { - for (j = 0; j < KRB4_CTRLS; j++) - if (strcmp(argv[i], krb4_args[j].token) == 0) - break; - - if (j >= KRB4_CTRLS) - psyslog(LOG_ALERT, "unrecognized option [%s]", *argv); - else - ctrl_flags |= krb4_args[j].flag; - } -} - -static void -pdeb(const char *format, ...) -{ - va_list args; - if (ctrl_off(KRB4_DEBUG)) - return; - va_start(args, format); - openlog("pam_krb4", LOG_PID, LOG_AUTH); - vsyslog(LOG_DEBUG, format, args); - va_end(args); - closelog(); -} - -#define ENTRY(func) pdeb("%s() flags = %d ruid = %d euid = %d", func, flags, getuid(), geteuid()) - -static void -set_tkt_string(uid_t uid) -{ - char buf[128]; - - snprintf(buf, sizeof(buf), "%s%u", TKT_ROOT, (unsigned)uid); - krb_set_tkt_string(buf); - -#if 0 - /* pam_set_data+pam_get_data are not guaranteed to work, grr. */ - pam_set_data(pamh, "KRBTKFILE", strdup(t), cleanup); - if (pam_get_data(pamh, "KRBTKFILE", (const void**)&tkt) == PAM_SUCCESS) - { - pam_putenv(pamh, var); - } -#endif - - /* We don't want to inherit this variable. - * If we still do, it must have a sane value. */ - if (getenv("KRBTKFILE") != 0) - { - char *var = malloc(sizeof(buf)); - snprintf(var, sizeof(buf), "KRBTKFILE=%s", tkt_string()); - putenv(var); - /* free(var); XXX */ - } -} - -static int -verify_pass(pam_handle_t *pamh, - const char *name, - const char *inst, - const char *pass) -{ - char realm[REALM_SZ]; - int ret, krb_verify, old_euid, old_ruid; - - krb_get_lrealm(realm, 1); - if (ctrl_on(KRB4_NO_VERIFY)) - krb_verify = KRB_VERIFY_SECURE_FAIL; - else - krb_verify = KRB_VERIFY_SECURE; - old_ruid = getuid(); - old_euid = geteuid(); - setreuid(0, 0); - ret = krb_verify_user(name, inst, realm, pass, krb_verify, NULL); - pdeb("krb_verify_user(`%s', `%s', `%s', pw, %d, NULL) returns %s", - name, inst, realm, krb_verify, - krb_get_err_text(ret)); - setreuid(old_ruid, old_euid); - if (getuid() != old_ruid || geteuid() != old_euid) - { - psyslog(LOG_ALERT , "setreuid(%d, %d) failed at line %d", - old_ruid, old_euid, __LINE__); - exit(1); - } - - switch(ret) { - case KSUCCESS: - return PAM_SUCCESS; - case KDC_PR_UNKNOWN: - return PAM_USER_UNKNOWN; - case SKDC_CANT: - case SKDC_RETRY: - case RD_AP_TIME: - return PAM_AUTHINFO_UNAVAIL; - default: - return PAM_AUTH_ERR; - } -} - -static int -krb4_auth(pam_handle_t *pamh, - int flags, - const char *name, - const char *inst, - struct pam_conv *conv) -{ - struct pam_response *resp; - char prompt[128]; - struct pam_message msg, *pmsg = &msg; - int ret; - - if (ctrl_on(KRB4_TRY_FIRST_PASS) || ctrl_on(KRB4_USE_FIRST_PASS)) - { - char *pass = 0; - ret = pam_get_item(pamh, PAM_AUTHTOK, (void **) &pass); - if (ret != PAM_SUCCESS) - { - psyslog(LOG_ERR , "pam_get_item returned error to get-password"); - return ret; - } - else if (pass != 0 && verify_pass(pamh, name, inst, pass) == PAM_SUCCESS) - return PAM_SUCCESS; - else if (ctrl_on(KRB4_USE_FIRST_PASS)) - return PAM_AUTHTOK_RECOVERY_ERR; /* Wrong password! */ - else - /* We tried the first password but it didn't work, cont. */; - } - - msg.msg_style = PAM_PROMPT_ECHO_OFF; - if (*inst == 0) - snprintf(prompt, sizeof(prompt), "%s's Password: ", name); - else - snprintf(prompt, sizeof(prompt), "%s.%s's Password: ", name, inst); - msg.msg = prompt; - - ret = conv->conv(1, &pmsg, &resp, conv->appdata_ptr); - if (ret != PAM_SUCCESS) - return ret; - - ret = verify_pass(pamh, name, inst, resp->resp); - if (ret == PAM_SUCCESS) - { - memset(resp->resp, 0, strlen(resp->resp)); /* Erase password! */ - free(resp->resp); - free(resp); - } - else - { - pam_set_item(pamh, PAM_AUTHTOK, resp->resp); /* Save password. */ - /* free(resp->resp); XXX */ - /* free(resp); XXX */ - } - - return ret; -} - -int -pam_sm_authenticate(pam_handle_t *pamh, - int flags, - int argc, - const char **argv) -{ - char *user; - int ret; - struct pam_conv *conv; - struct passwd *pw; - uid_t uid = -1; - const char *name, *inst; - char realm[REALM_SZ]; - realm[0] = 0; - - parse_ctrl(argc, argv); - ENTRY("pam_sm_authenticate"); - - ret = pam_get_user(pamh, &user, "login: "); - if (ret != PAM_SUCCESS) - return ret; - - if (ctrl_on(KRB4_IGNORE_ROOT) && strcmp(user, "root") == 0) - return PAM_AUTHINFO_UNAVAIL; - - ret = pam_get_item(pamh, PAM_CONV, (void*)&conv); - if (ret != PAM_SUCCESS) - return ret; - - pw = getpwnam(user); - if (pw != 0) - { - uid = pw->pw_uid; - set_tkt_string(uid); - } - - if (strcmp(user, "root") == 0 && getuid() != 0) - { - pw = getpwuid(getuid()); - if (pw != 0) - { - name = strdup(pw->pw_name); - inst = "root"; - } - } - else - { - name = user; - inst = ""; - } - - ret = krb4_auth(pamh, flags, name, inst, conv); - - /* - * The realm was lost inside krb_verify_user() so we can't simply do - * a krb_kuserok() when inst != "". - */ - if (ret == PAM_SUCCESS && inst[0] != 0) - { - uid_t old_euid = geteuid(); - uid_t old_ruid = getuid(); - - setreuid(0, 0); /* To read ticket file. */ - if (krb_get_tf_fullname(tkt_string(), 0, 0, realm) != KSUCCESS) - ret = PAM_SERVICE_ERR; - else if (krb_kuserok(name, inst, realm, user) != KSUCCESS) - { - setreuid(0, uid); /* To read ~/.klogin. */ - if (krb_kuserok(name, inst, realm, user) != KSUCCESS) - ret = PAM_PERM_DENIED; - } - - if (ret != PAM_SUCCESS) - { - dest_tkt(); /* Passwd known, ok to kill ticket. */ - psyslog(LOG_NOTICE, - "%s.%s@%s is not allowed to log in as %s", - name, inst, realm, user); - } - - setreuid(old_ruid, old_euid); - if (getuid() != old_ruid || geteuid() != old_euid) - { - psyslog(LOG_ALERT , "setreuid(%d, %d) failed at line %d", - old_ruid, old_euid, __LINE__); - exit(1); - } - } - - if (ret == PAM_SUCCESS) - { - psyslog(LOG_INFO, - "%s.%s@%s authenticated as user %s", - name, inst, realm, user); - if (chown(tkt_string(), uid, -1) == -1) - { - dest_tkt(); - psyslog(LOG_ALERT , "chown(%s, %d, -1) failed", tkt_string(), uid); - exit(1); - } - } - - /* - * Kludge alert!!! Sun dtlogin unlock screen fails to call - * pam_setcred(3) with PAM_REFRESH_CRED after a successful - * authentication attempt, sic. - * - * This hack is designed as a workaround to that problem. - */ - if (ctrl_on(KRB4_REAFSLOG)) - if (ret == PAM_SUCCESS) - pam_sm_setcred(pamh, PAM_REFRESH_CRED, argc, argv); - - return ret; -} - -int -pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) -{ - parse_ctrl(argc, argv); - ENTRY("pam_sm_setcred"); - - switch (flags & ~PAM_SILENT) { - case 0: - case PAM_ESTABLISH_CRED: - if (k_hasafs()) - k_setpag(); - /* Fall through, fill PAG with credentials below. */ - case PAM_REINITIALIZE_CRED: - case PAM_REFRESH_CRED: - if (k_hasafs()) - { - void *user = 0; - - if (pam_get_item(pamh, PAM_USER, &user) == PAM_SUCCESS) - { - struct passwd *pw = getpwnam((char *)user); - if (pw != 0) - krb_afslog_uid_home(/*cell*/ 0,/*realm_hint*/ 0, - pw->pw_uid, pw->pw_dir); - } - } - break; - case PAM_DELETE_CRED: - dest_tkt(); - if (k_hasafs()) - k_unlog(); - break; - default: - psyslog(LOG_ALERT , "pam_sm_setcred: unknown flags 0x%x", flags); - break; - } - - return PAM_SUCCESS; -} - -int -pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) -{ - parse_ctrl(argc, argv); - ENTRY("pam_sm_open_session"); - - return PAM_SUCCESS; -} - - -int -pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char**argv) -{ - parse_ctrl(argc, argv); - ENTRY("pam_sm_close_session"); - - /* This isn't really kosher, but it's handy. */ - pam_sm_setcred(pamh, PAM_DELETE_CRED, argc, argv); - - return PAM_SUCCESS; -} diff --git a/lib/auth/pam/pam.conf.add b/lib/auth/pam/pam.conf.add deleted file mode 100644 index 7db3e3d85a30..000000000000 --- a/lib/auth/pam/pam.conf.add +++ /dev/null @@ -1,97 +0,0 @@ -To enable PAM in dtlogin and /bin/login under SunOS 5.6 apply this patch: - ---- /etc/pam.conf.DIST Mon Jul 20 15:37:46 1998 -+++ /etc/pam.conf Tue Feb 15 19:39:12 2000 -@@ -4,15 +4,19 @@ - # - # Authentication management - # -+login auth sufficient /usr/athena/lib/pam_krb4.so - login auth required /usr/lib/security/pam_unix.so.1 - login auth required /usr/lib/security/pam_dial_auth.so.1 - # - rlogin auth sufficient /usr/lib/security/pam_rhosts_auth.so.1 - rlogin auth required /usr/lib/security/pam_unix.so.1 - # -+dtlogin auth sufficient /usr/athena/lib/pam_krb4.so - dtlogin auth required /usr/lib/security/pam_unix.so.1 - # - rsh auth required /usr/lib/security/pam_rhosts_auth.so.1 -+# Reafslog is for dtlogin lock display -+other auth sufficient /usr/athena/lib/pam_krb4.so reafslog - other auth required /usr/lib/security/pam_unix.so.1 - # - # Account management -@@ -24,6 +28,8 @@ - # - # Session management - # -+dtlogin session required /usr/athena/lib/pam_krb4.so -+login session required /usr/athena/lib/pam_krb4.so - other session required /usr/lib/security/pam_unix.so.1 - # - # Password management ---------------------------------------------------------------------------- -To enable PAM in /bin/login and xdm under Red Hat 6.? apply these patches: - ---- /etc/pam.d/login~ Tue Dec 7 12:01:35 1999 -+++ /etc/pam.d/login Wed May 31 16:27:55 2000 -@@ -1,9 +1,12 @@ - #%PAM-1.0 -+# Updated to work with kerberos -+auth sufficient /usr/athena/lib/pam_krb4.so.1.0.1 - auth required /lib/security/pam_securetty.so - auth required /lib/security/pam_pwdb.so shadow nullok - auth required /lib/security/pam_nologin.so - account required /lib/security/pam_pwdb.so - password required /lib/security/pam_cracklib.so - password required /lib/security/pam_pwdb.so nullok use_authtok md5 shadow -+session required /usr/athena/lib/pam_krb4.so.1.0.1 - session required /lib/security/pam_pwdb.so - session optional /lib/security/pam_console.so ---- /etc/pam.d/xdm~ Wed May 31 16:33:54 2000 -+++ /etc/pam.d/xdm Wed May 31 16:28:29 2000 -@@ -1,8 +1,11 @@ - #%PAM-1.0 -+# Updated to work with kerberos -+auth sufficient /usr/athena/lib/pam_krb4.so.1.0.1 - auth required /lib/security/pam_pwdb.so shadow nullok - auth required /lib/security/pam_nologin.so - account required /lib/security/pam_pwdb.so - password required /lib/security/pam_cracklib.so - password required /lib/security/pam_pwdb.so shadow nullok use_authtok -+session required /usr/athena/lib/pam_krb4.so.1.0.1 - session required /lib/security/pam_pwdb.so - session optional /lib/security/pam_console.so ---- /etc/pam.d/gdm~ Wed May 31 16:33:54 2000 -+++ /etc/pam.d/gdm Wed May 31 16:34:28 2000 -@@ -1,8 +1,11 @@ - #%PAM-1.0 -+# Updated to work with kerberos -+auth sufficient /usr/athena/lib/pam_krb4.so.1.0.1 - auth required /lib/security/pam_pwdb.so shadow nullok - auth required /lib/security/pam_nologin.so - account required /lib/security/pam_pwdb.so - password required /lib/security/pam_cracklib.so - password required /lib/security/pam_pwdb.so shadow nullok use_authtok -+session required /usr/athena/lib/pam_krb4.so.1.0.1 - session required /lib/security/pam_pwdb.so - session optional /lib/security/pam_console.so - --------------------------------------------------------------------------- - -This stuff may work under some other system. - -# To get this to work, you will have to add entries to /etc/pam.conf -# -# To make login kerberos-aware, you might change pam.conf to look -# like: - -# login authorization -login auth sufficient /lib/security/pam_krb4.so -login auth required /lib/security/pam_securetty.so -login auth required /lib/security/pam_unix_auth.so -login account required /lib/security/pam_unix_acct.so -login password required /lib/security/pam_unix_passwd.so -login session required /lib/security/pam_krb4.so -login session required /lib/security/pam_unix_session.so diff --git a/lib/auth/sia/Makefile.am b/lib/auth/sia/Makefile.am deleted file mode 100644 index 7b6aeddf2f6a..000000000000 --- a/lib/auth/sia/Makefile.am +++ /dev/null @@ -1,116 +0,0 @@ -# $Id: Makefile.am 22304 2007-12-14 12:18:18Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) - -WFLAGS += $(WFLAGS_NOIMPLICITINT) - -DEFS = @DEFS@ - -## this is horribly ugly, but automake/libtool doesn't allow us to -## unconditionally build shared libraries, and it does not allow us to -## link with non-installed libraries - -KAFS=$(top_builddir)/lib/kafs/.libs/libkafs.a -KAFS_S=$(top_builddir)/lib/kafs/.libs/libkafs.so - -if KRB5 -L = \ - $(KAFS) \ - $(top_builddir)/lib/krb5/.libs/libkrb5.a \ - $(top_builddir)/lib/asn1/.libs/libasn1.a \ - $(LIB_krb4) \ - $(LIB_hcrypto_a) \ - $(LIB_com_err_a) \ - $(top_builddir)/lib/roken/.libs/libroken.a \ - $(LIB_getpwnam_r) \ - -lc - -L_shared = \ - $(KAFS_S) \ - $(top_builddir)/lib/krb5/.libs/libkrb5.so \ - $(top_builddir)/lib/asn1/.libs/libasn1.so \ - $(LIB_krb4) \ - $(LIB_hcrypto_so) \ - $(LIB_com_err_so) \ - $(top_builddir)/lib/roken/.libs/libroken.so \ - $(LIB_getpwnam_r) \ - -lc - -MOD = libsia_krb5.so - -else - -L = \ - $(KAFS) \ - $(top_builddir)/lib/kadm/.libs/libkadm.a \ - $(top_builddir)/lib/krb/.libs/libkrb.a \ - $(LIB_hcrypto_a) \ - $(top_builddir)/lib/com_err/.libs/libcom_err.a \ - $(top_builddir)/lib/roken/.libs/libroken.a \ - $(LIB_getpwnam_r) \ - -lc - -L_shared = \ - $(KAFS_S) \ - $(top_builddir)/lib/kadm/.libs/libkadm.so \ - $(top_builddir)/lib/krb/.libs/libkrb.so \ - $(LIB_hcrypto_so) \ - $(top_builddir)/lib/com_err/.libs/libcom_err.so \ - $(top_builddir)/lib/roken/.libs/libroken.so \ - $(LIB_getpwnam_r) \ - -lc - -MOD = libsia_krb4.so - -endif - -foodir = $(libdir) -foo_DATA = $(MOD) - -LDFLAGS = @LDFLAGS@ -rpath $(libdir) -Wl,-hidden -Wl,-exported_symbol -Wl,siad_\* - -SRCS = sia.c posix_getpw.c sia_locl.h -OBJS = sia.o posix_getpw.o - -libsia_krb5.so: $(OBJS) - @if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`; \ - elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`; \ - else \ - echo "missing libraries"; exit 1; \ - fi - ostrip -x $@ - -libsia_krb4.so: $(OBJS) - @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`; \ - elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`; \ - else \ - echo "missing libraries"; exit 1; \ - fi - ostrip -x $@ - -CLEANFILES = $(MOD) $(OBJS) so_locations - -SUFFIXES += .c .o - -# XXX inline COMPILE since automake wont add it - -.c.o: - $(CC) $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ - -c `test -f '$<' || echo '$(srcdir)/'`$< - -EXTRA_DIST = sia.c sia_locl.h posix_getpw.c \ - krb4_matrix.conf krb4+c2_matrix.conf \ - krb5_matrix.conf krb5+c2_matrix.conf \ - security.patch \ - make-rpath $(SRCS) diff --git a/lib/auth/sia/krb5+c2_matrix.conf b/lib/auth/sia/krb5+c2_matrix.conf deleted file mode 100644 index ada8ba507abb..000000000000 --- a/lib/auth/sia/krb5+c2_matrix.conf +++ /dev/null @@ -1,27 +0,0 @@ -# $Id: krb5+c2_matrix.conf 5254 1998-11-26 20:58:18Z assar $ - -# sia matrix configuration file (Kerberos 5 + C2) - -siad_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) -siad_chk_invoker=(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_authent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_estab=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_launch=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_suauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_reauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_finger=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_password=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_shell=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_getpwent=(BSD,libc.so) -siad_getpwuid=(BSD,libc.so) -siad_getpwnam=(BSD,libc.so) -siad_setpwent=(BSD,libc.so) -siad_endpwent=(BSD,libc.so) -siad_getgrent=(BSD,libc.so) -siad_getgrgid=(BSD,libc.so) -siad_getgrnam=(BSD,libc.so) -siad_setgrent=(BSD,libc.so) -siad_endgrent=(BSD,libc.so) -siad_ses_release=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chk_user=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) diff --git a/lib/auth/sia/krb5_matrix.conf b/lib/auth/sia/krb5_matrix.conf deleted file mode 100644 index ab07956fb9ce..000000000000 --- a/lib/auth/sia/krb5_matrix.conf +++ /dev/null @@ -1,27 +0,0 @@ -# $Id: krb5_matrix.conf 10576 2001-08-28 08:49:20Z joda $ - -# sia matrix configuration file (Kerberos 5 + BSD) - -siad_init=(KRB5,/usr/heimdal/lib/libsia_krb5.so)(BSD,libc.so) -siad_chk_invoker=(BSD,libc.so) -siad_ses_init=(KRB5,/usr/heimdal/lib/libsia_krb5.so) -siad_ses_authent=(KRB5,/usr/heimdal/lib/libsia_krb5.so)(BSD,libc.so) -siad_ses_estab=(BSD,libc.so) -siad_ses_launch=(KRB5,/usr/heimdal/lib/libsia_krb5.so)(BSD,libc.so) -siad_ses_suauthent=(KRB5,/usr/heimdal/lib/libsia_krb5.so)(BSD,libc.so) -siad_ses_reauthent=(BSD,libc.so) -siad_chg_finger=(BSD,libc.so) -siad_chg_password=(BSD,libc.so) -siad_chg_shell=(BSD,libc.so) -siad_getpwent=(BSD,libc.so) -siad_getpwuid=(BSD,libc.so) -siad_getpwnam=(BSD,libc.so) -siad_setpwent=(BSD,libc.so) -siad_endpwent=(BSD,libc.so) -siad_getgrent=(BSD,libc.so) -siad_getgrgid=(BSD,libc.so) -siad_getgrnam=(BSD,libc.so) -siad_setgrent=(BSD,libc.so) -siad_endgrent=(BSD,libc.so) -siad_ses_release=(KRB5,/usr/heimdal/lib/libsia_krb5.so)(BSD,libc.so) -siad_chk_user=(BSD,libc.so) diff --git a/lib/auth/sia/make-rpath b/lib/auth/sia/make-rpath deleted file mode 100755 index 4aa297eeeb62..000000000000 --- a/lib/auth/sia/make-rpath +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -# $Id: make-rpath 10345 2001-07-17 15:15:31Z assar $ -rlist= -rest= -while test $# -gt 0; do -case $1 in --R|-rpath) - if test "$rlist"; then - rlist="${rlist}:$2" - else - rlist="$2" - fi - shift 2 - ;; --R*) - d=`echo $1 | sed 's,^-R,,'` - if test "$rlist"; then - rlist="${rlist}:${d}" - else - rlist="${d}" - fi - shift - ;; -*) - rest="${rest} $1" - shift - ;; -esac -done -rpath= -if test "$rlist"; then - rpath="-rpath $rlist " -fi -echo "${rpath}${rest}" diff --git a/lib/auth/sia/posix_getpw.c b/lib/auth/sia/posix_getpw.c deleted file mode 100644 index 65d7a2ef1d3c..000000000000 --- a/lib/auth/sia/posix_getpw.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "sia_locl.h" - -RCSID("$Id: posix_getpw.c 5680 1999-03-21 17:07:02Z joda $"); - -#ifndef POSIX_GETPWNAM_R -/* - * These functions translate from the old Digital UNIX 3.x interface - * to POSIX.1c. - */ - -int -posix_getpwnam_r(const char *name, struct passwd *pwd, - char *buffer, int len, struct passwd **result) -{ - int ret = getpwnam_r(name, pwd, buffer, len); - if(ret == 0) - *result = pwd; - else{ - *result = NULL; - ret = _Geterrno(); - if(ret == 0){ - ret = ERANGE; - _Seterrno(ret); - } - } - return ret; -} - -int -posix_getpwuid_r(uid_t uid, struct passwd *pwd, - char *buffer, int len, struct passwd **result) -{ - int ret = getpwuid_r(uid, pwd, buffer, len); - if(ret == 0) - *result = pwd; - else{ - *result = NULL; - ret = _Geterrno(); - if(ret == 0){ - ret = ERANGE; - _Seterrno(ret); - } - } - return ret; -} -#endif /* POSIX_GETPWNAM_R */ diff --git a/lib/auth/sia/security.patch b/lib/auth/sia/security.patch deleted file mode 100644 index c407876d6362..000000000000 --- a/lib/auth/sia/security.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- /sbin/init.d/security~ Tue Aug 20 22:44:09 1996 -+++ /sbin/init.d/security Fri Nov 1 14:52:56 1996 -@@ -49,7 +49,7 @@ - SECURITY=BASE - fi - ;; -- BASE) -+ BASE|KRB4) - ;; - *) - echo "security configuration set to default (BASE)." diff --git a/lib/auth/sia/sia.c b/lib/auth/sia/sia.c deleted file mode 100644 index 640b868cb61a..000000000000 --- a/lib/auth/sia/sia.c +++ /dev/null @@ -1,703 +0,0 @@ -/* - * Copyright (c) 1995-2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "sia_locl.h" - -RCSID("$Id: sia.c 14838 2005-04-19 04:41:07Z lha $"); - -int -siad_init(void) -{ - return SIADSUCCESS; -} - -int -siad_chk_invoker(void) -{ - SIA_DEBUG(("DEBUG", "siad_chk_invoker")); - return SIADFAIL; -} - -int -siad_ses_init(SIAENTITY *entity, int pkgind) -{ - struct state *s = malloc(sizeof(*s)); - - SIA_DEBUG(("DEBUG", "siad_ses_init")); - if(s == NULL) - return SIADFAIL; - memset(s, 0, sizeof(*s)); -#ifdef SIA_KRB5 - { - krb5_error_code ret; - ret = krb5_init_context(&s->context); - if (ret) - return SIADFAIL; - } -#endif - entity->mech[pkgind] = (int*)s; - return SIADSUCCESS; -} - -static int -setup_name(SIAENTITY *e, prompt_t *p) -{ - SIA_DEBUG(("DEBUG", "setup_name")); - e->name = malloc(SIANAMEMIN + 1); - if(e->name == NULL){ - SIA_DEBUG(("DEBUG", "failed to malloc %u bytes", SIANAMEMIN+1)); - return SIADFAIL; - } - p->prompt = (unsigned char*)"login: "; - p->result = (unsigned char*)e->name; - p->min_result_length = 1; - p->max_result_length = SIANAMEMIN; - p->control_flags = 0; - return SIADSUCCESS; -} - -static int -setup_password(SIAENTITY *e, prompt_t *p) -{ - SIA_DEBUG(("DEBUG", "setup_password")); - e->password = malloc(SIAMXPASSWORD + 1); - if(e->password == NULL){ - SIA_DEBUG(("DEBUG", "failed to malloc %u bytes", SIAMXPASSWORD+1)); - return SIADFAIL; - } - p->prompt = (unsigned char*)"Password: "; - p->result = (unsigned char*)e->password; - p->min_result_length = 0; - p->max_result_length = SIAMXPASSWORD; - p->control_flags = SIARESINVIS; - return SIADSUCCESS; -} - - -static int -doauth(SIAENTITY *entity, int pkgind, char *name) -{ - struct passwd pw, *pwd; - char pwbuf[1024]; - struct state *s = (struct state*)entity->mech[pkgind]; -#ifdef SIA_KRB5 - krb5_realm *realms, *r; - krb5_principal principal; - krb5_ccache ccache; - krb5_error_code ret; -#endif -#ifdef SIA_KRB4 - char realm[REALM_SZ]; - char *toname, *toinst; - int ret; - struct passwd fpw, *fpwd; - char fpwbuf[1024]; - int secure; -#endif - - if(getpwnam_r(name, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0 || pwd == NULL){ - SIA_DEBUG(("DEBUG", "failed to getpwnam(%s)", name)); - return SIADFAIL; - } - -#ifdef SIA_KRB5 - ret = krb5_get_default_realms(s->context, &realms); - - for (r = realms; *r != NULL; ++r) { - krb5_make_principal (s->context, &principal, *r, entity->name, NULL); - - if(krb5_kuserok(s->context, principal, entity->name)) - break; - } - krb5_free_host_realm (s->context, realms); - if (*r == NULL) - return SIADFAIL; - - sprintf(s->ticket, "FILE:/tmp/krb5_cc%d_%d", pwd->pw_uid, getpid()); - ret = krb5_cc_resolve(s->context, s->ticket, &ccache); - if(ret) - return SIADFAIL; -#endif - -#ifdef SIA_KRB4 - snprintf(s->ticket, sizeof(s->ticket), - "%s%u_%u", TKT_ROOT, (unsigned)pwd->pw_uid, (unsigned)getpid()); - krb_get_lrealm(realm, 1); - toname = name; - toinst = ""; - if(entity->authtype == SIA_A_SUAUTH){ - uid_t ouid; -#ifdef HAVE_SIAENTITY_OUID - ouid = entity->ouid; -#else - ouid = getuid(); -#endif - if(getpwuid_r(ouid, &fpw, fpwbuf, sizeof(fpwbuf), &fpwd) != 0 || fpwd == NULL){ - SIA_DEBUG(("DEBUG", "failed to getpwuid(%u)", ouid)); - return SIADFAIL; - } - snprintf(s->ticket, sizeof(s->ticket), "%s_%s_to_%s_%d", - TKT_ROOT, fpwd->pw_name, pwd->pw_name, getpid()); - if(strcmp(pwd->pw_name, "root") == 0){ - toname = fpwd->pw_name; - toinst = pwd->pw_name; - } - } - if(entity->authtype == SIA_A_REAUTH) - snprintf(s->ticket, sizeof(s->ticket), "%s", tkt_string()); - - krb_set_tkt_string(s->ticket); - - setuid(0); /* XXX fix for fix in tf_util.c */ - if(krb_kuserok(toname, toinst, realm, name)){ - SIA_DEBUG(("DEBUG", "%s.%s@%s is not allowed to login as %s", - toname, toinst, realm, name)); - return SIADFAIL; - } -#endif -#ifdef SIA_KRB5 - ret = krb5_verify_user_lrealm(s->context, principal, ccache, - entity->password, 1, NULL); - if(ret){ - /* if this is most likely a local user (such as - root), just silently return failure when the - principal doesn't exist */ - if(ret != KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN && - ret != KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN) - SIALOG("WARNING", "krb5_verify_user(%s): %s", - entity->name, error_message(ret)); - return SIADFAIL; - } -#endif -#ifdef SIA_KRB4 - if (getuid () == 0) - secure = KRB_VERIFY_SECURE; - else - secure = KRB_VERIFY_NOT_SECURE; - - ret = krb_verify_user(toname, toinst, realm, - entity->password, secure, NULL); - if(ret){ - SIA_DEBUG(("DEBUG", "krb_verify_user: %s", krb_get_err_text(ret))); - if(ret != KDC_PR_UNKNOWN) - /* since this is most likely a local user (such as - root), just silently return failure when the - principal doesn't exist */ - SIALOG("WARNING", "krb_verify_user(%s.%s): %s", - toname, toinst, krb_get_err_text(ret)); - return SIADFAIL; - } -#endif - if(sia_make_entity_pwd(pwd, entity) == SIAFAIL) - return SIADFAIL; - s->valid = 1; - return SIADSUCCESS; -} - - -static int -common_auth(sia_collect_func_t *collect, - SIAENTITY *entity, - int siastat, - int pkgind) -{ - prompt_t prompts[2], *pr; - char *name; - - SIA_DEBUG(("DEBUG", "common_auth")); - if((siastat == SIADSUCCESS) && (geteuid() == 0)) - return SIADSUCCESS; - if(entity == NULL) { - SIA_DEBUG(("DEBUG", "entity == NULL")); - return SIADFAIL | SIADSTOP; - } - name = entity->name; - if(entity->acctname) - name = entity->acctname; - - if((collect != NULL) && entity->colinput) { - int num; - pr = prompts; - if(name == NULL){ - if(setup_name(entity, pr) != SIADSUCCESS) - return SIADFAIL; - pr++; - } - if(entity->password == NULL){ - if(setup_password(entity, pr) != SIADSUCCESS) - return SIADFAIL; - pr++; - } - num = pr - prompts; - if(num == 1){ - if((*collect)(240, SIAONELINER, (unsigned char*)"", num, - prompts) != SIACOLSUCCESS){ - SIA_DEBUG(("DEBUG", "collect failed")); - return SIADFAIL | SIADSTOP; - } - } else if(num > 0){ - if((*collect)(0, SIAFORM, (unsigned char*)"", num, - prompts) != SIACOLSUCCESS){ - SIA_DEBUG(("DEBUG", "collect failed")); - return SIADFAIL | SIADSTOP; - } - } - } - if(name == NULL) - name = entity->name; - if(name == NULL || name[0] == '\0'){ - SIA_DEBUG(("DEBUG", "name is null")); - return SIADFAIL; - } - - if(entity->password == NULL || strlen(entity->password) > SIAMXPASSWORD){ - SIA_DEBUG(("DEBUG", "entity->password is null")); - return SIADFAIL; - } - - return doauth(entity, pkgind, name); -} - - -int -siad_ses_authent(sia_collect_func_t *collect, - SIAENTITY *entity, - int siastat, - int pkgind) -{ - SIA_DEBUG(("DEBUG", "siad_ses_authent")); - return common_auth(collect, entity, siastat, pkgind); -} - -int -siad_ses_estab(sia_collect_func_t *collect, - SIAENTITY *entity, int pkgind) -{ - SIA_DEBUG(("DEBUG", "siad_ses_estab")); - return SIADFAIL; -} - -int -siad_ses_launch(sia_collect_func_t *collect, - SIAENTITY *entity, - int pkgind) -{ - static char env[MaxPathLen]; - struct state *s = (struct state*)entity->mech[pkgind]; - SIA_DEBUG(("DEBUG", "siad_ses_launch")); - if(s->valid){ -#ifdef SIA_KRB5 - chown(s->ticket + sizeof("FILE:") - 1, - entity->pwd->pw_uid, - entity->pwd->pw_gid); - snprintf(env, sizeof(env), "KRB5CCNAME=%s", s->ticket); -#endif -#ifdef SIA_KRB4 - chown(s->ticket, entity->pwd->pw_uid, entity->pwd->pw_gid); - snprintf(env, sizeof(env), "KRBTKFILE=%s", s->ticket); -#endif - putenv(env); - } -#ifdef SIA_KRB5 - if (k_hasafs()) { - char cell[64]; - krb5_ccache ccache; - if(krb5_cc_resolve(s->context, s->ticket, &ccache) == 0) { - k_setpag(); - if(k_afs_cell_of_file(entity->pwd->pw_dir, cell, sizeof(cell)) == 0) - krb5_afslog(s->context, ccache, cell, 0); - krb5_afslog_home(s->context, ccache, 0, 0, entity->pwd->pw_dir); - } - } -#endif -#ifdef SIA_KRB4 - if (k_hasafs()) { - char cell[64]; - k_setpag(); - if(k_afs_cell_of_file(entity->pwd->pw_dir, cell, sizeof(cell)) == 0) - krb_afslog(cell, 0); - krb_afslog_home(0, 0, entity->pwd->pw_dir); - } -#endif - return SIADSUCCESS; -} - -int -siad_ses_release(SIAENTITY *entity, int pkgind) -{ - SIA_DEBUG(("DEBUG", "siad_ses_release")); - if(entity->mech[pkgind]){ -#ifdef SIA_KRB5 - struct state *s = (struct state*)entity->mech[pkgind]; - krb5_free_context(s->context); -#endif - free(entity->mech[pkgind]); - } - return SIADSUCCESS; -} - -int -siad_ses_suauthent(sia_collect_func_t *collect, - SIAENTITY *entity, - int siastat, - int pkgind) -{ - SIA_DEBUG(("DEBUG", "siad_ses_suauth")); - if(geteuid() != 0) - return SIADFAIL; - if(entity->name == NULL) - return SIADFAIL; - if(entity->name[0] == '\0') { - free(entity->name); - entity->name = strdup("root"); - if (entity->name == NULL) - return SIADFAIL; - } - return common_auth(collect, entity, siastat, pkgind); -} - -int -siad_ses_reauthent (sia_collect_func_t *collect, - SIAENTITY *entity, - int siastat, - int pkgind) -{ - int ret; - SIA_DEBUG(("DEBUG", "siad_ses_reauthent")); - if(entity == NULL || entity->name == NULL) - return SIADFAIL; - ret = common_auth(collect, entity, siastat, pkgind); - if((ret & SIADSUCCESS)){ - /* launch isn't (always?) called when doing reauth, so we must - duplicate some code here... */ - struct state *s = (struct state*)entity->mech[pkgind]; - chown(s->ticket, entity->pwd->pw_uid, entity->pwd->pw_gid); -#ifdef SIA_KRB5 - if (k_hasafs()) { - char cell[64]; - krb5_ccache ccache; - if(krb5_cc_resolve(s->context, s->ticket, &ccache) == 0) { - k_setpag(); - if(k_afs_cell_of_file(entity->pwd->pw_dir, - cell, sizeof(cell)) == 0) - krb5_afslog(s->context, ccache, cell, 0); - krb5_afslog_home(s->context, ccache, 0, 0, entity->pwd->pw_dir); - } - } -#endif -#ifdef SIA_KRB4 - if(k_hasafs()) { - char cell[64]; - if(k_afs_cell_of_file(entity->pwd->pw_dir, - cell, sizeof(cell)) == 0) - krb_afslog(cell, 0); - krb_afslog_home(0, 0, entity->pwd->pw_dir); - } -#endif - } - return ret; -} - -int -siad_chg_finger (sia_collect_func_t *collect, - const char *username, - int argc, - char *argv[]) -{ - SIA_DEBUG(("DEBUG", "siad_chg_finger")); - return SIADFAIL; -} - -#ifdef SIA_KRB5 -int -siad_chg_password (sia_collect_func_t *collect, - const char *username, - int argc, - char *argv[]) -{ - return SIADFAIL; -} -#endif - -#ifdef SIA_KRB4 -static void -sia_message(sia_collect_func_t *collect, int rendition, - const char *title, const char *message) -{ - prompt_t prompt; - prompt.prompt = (unsigned char*)message; - (*collect)(0, rendition, (unsigned char*)title, 1, &prompt); -} - -static int -init_change(sia_collect_func_t *collect, krb_principal *princ) -{ - prompt_t prompt; - char old_pw[MAX_KPW_LEN+1]; - char *msg; - char tktstring[128]; - int ret; - - SIA_DEBUG(("DEBUG", "init_change")); - prompt.prompt = (unsigned char*)"Old password: "; - prompt.result = (unsigned char*)old_pw; - prompt.min_result_length = 0; - prompt.max_result_length = sizeof(old_pw) - 1; - prompt.control_flags = SIARESINVIS; - asprintf(&msg, "Changing password for %s", krb_unparse_name(princ)); - if(msg == NULL){ - SIA_DEBUG(("DEBUG", "out of memory")); - return SIADFAIL; - } - ret = (*collect)(60, SIAONELINER, (unsigned char*)msg, 1, &prompt); - free(msg); - SIA_DEBUG(("DEBUG", "ret = %d", ret)); - if(ret != SIACOLSUCCESS) - return SIADFAIL; - snprintf(tktstring, sizeof(tktstring), - "%s_cpw_%u", TKT_ROOT, (unsigned)getpid()); - krb_set_tkt_string(tktstring); - - ret = krb_get_pw_in_tkt(princ->name, princ->instance, princ->realm, - PWSERV_NAME, KADM_SINST, 1, old_pw); - if (ret != KSUCCESS) { - SIA_DEBUG(("DEBUG", "krb_get_pw_in_tkt: %s", krb_get_err_text(ret))); - if (ret == INTK_BADPW) - sia_message(collect, SIAWARNING, "", "Incorrect old password."); - else - sia_message(collect, SIAWARNING, "", "Kerberos error."); - memset(old_pw, 0, sizeof(old_pw)); - return SIADFAIL; - } - if(chown(tktstring, getuid(), -1) < 0){ - dest_tkt(); - return SIADFAIL; - } - memset(old_pw, 0, sizeof(old_pw)); - return SIADSUCCESS; -} - -int -siad_chg_password (sia_collect_func_t *collect, - const char *username, - int argc, - char *argv[]) -{ - prompt_t prompts[2]; - krb_principal princ; - int ret; - char new_pw1[MAX_KPW_LEN+1]; - char new_pw2[MAX_KPW_LEN+1]; - static struct et_list *et_list; - - setprogname(argv[0]); - - SIA_DEBUG(("DEBUG", "siad_chg_password")); - if(collect == NULL) - return SIADFAIL; - - if(username == NULL) - username = getlogin(); - - ret = krb_parse_name(username, &princ); - if(ret) - return SIADFAIL; - if(princ.realm[0] == '\0') - krb_get_lrealm(princ.realm, 1); - - if(et_list == NULL) { - initialize_kadm_error_table_r(&et_list); - initialize_krb_error_table_r(&et_list); - } - - ret = init_change(collect, &princ); - if(ret != SIADSUCCESS) - return ret; - -again: - prompts[0].prompt = (unsigned char*)"New password: "; - prompts[0].result = (unsigned char*)new_pw1; - prompts[0].min_result_length = MIN_KPW_LEN; - prompts[0].max_result_length = sizeof(new_pw1) - 1; - prompts[0].control_flags = SIARESINVIS; - prompts[1].prompt = (unsigned char*)"Verify new password: "; - prompts[1].result = (unsigned char*)new_pw2; - prompts[1].min_result_length = MIN_KPW_LEN; - prompts[1].max_result_length = sizeof(new_pw2) - 1; - prompts[1].control_flags = SIARESINVIS; - if((*collect)(120, SIAFORM, (unsigned char*)"", 2, prompts) != - SIACOLSUCCESS) { - dest_tkt(); - return SIADFAIL; - } - if(strcmp(new_pw1, new_pw2) != 0){ - sia_message(collect, SIAWARNING, "", "Password mismatch."); - goto again; - } - ret = kadm_check_pw(new_pw1); - if(ret) { - sia_message(collect, SIAWARNING, "", com_right(et_list, ret)); - goto again; - } - - memset(new_pw2, 0, sizeof(new_pw2)); - ret = kadm_init_link (PWSERV_NAME, KRB_MASTER, princ.realm); - if (ret != KADM_SUCCESS) - sia_message(collect, SIAWARNING, "Error initing kadmin connection", - com_right(et_list, ret)); - else { - des_cblock newkey; - char *pw_msg; /* message from server */ - - des_string_to_key(new_pw1, &newkey); - ret = kadm_change_pw_plain((unsigned char*)&newkey, new_pw1, &pw_msg); - memset(newkey, 0, sizeof(newkey)); - - if (ret == KADM_INSECURE_PW) - sia_message(collect, SIAWARNING, "Insecure password", pw_msg); - else if (ret != KADM_SUCCESS) - sia_message(collect, SIAWARNING, "Error changing password", - com_right(et_list, ret)); - } - memset(new_pw1, 0, sizeof(new_pw1)); - - if (ret != KADM_SUCCESS) - sia_message(collect, SIAWARNING, "", "Password NOT changed."); - else - sia_message(collect, SIAINFO, "", "Password changed."); - - dest_tkt(); - if(ret) - return SIADFAIL; - return SIADSUCCESS; -} -#endif - -int -siad_chg_shell (sia_collect_func_t *collect, - const char *username, - int argc, - char *argv[]) -{ - return SIADFAIL; -} - -int -siad_getpwent(struct passwd *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getpwuid (uid_t uid, - struct passwd *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getpwnam (const char *name, - struct passwd *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_setpwent (struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_endpwent (struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getgrent(struct group *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getgrgid (gid_t gid, - struct group *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getgrnam (const char *name, - struct group *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_setgrent (struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_endgrent (struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_chk_user (const char *logname, int checkflag) -{ - if(checkflag != CHGPASSWD) - return SIADFAIL; - return SIADSUCCESS; -} diff --git a/lib/com_err/ChangeLog b/lib/com_err/ChangeLog index dbeb8fb6bedd..ad8d3e943aa6 100644 --- a/lib/com_err/ChangeLog +++ b/lib/com_err/ChangeLog @@ -1,34 +1,34 @@ -2007-07-17 Love Hörnquist Åstrand +2007-07-17 Love Hörnquist Ã…strand * Makefile.am: split source files in dist and nodist. -2007-07-16 Love Hörnquist Åstrand +2007-07-16 Love Hörnquist Ã…strand * Makefile.am: Only do roken rename for the library. -2007-07-15 Love Hörnquist Åstrand +2007-07-15 Love Hörnquist Ã…strand * Makefile.am: use version script. * version-script.map: use version script. -2007-07-10 Love Hörnquist Åstrand +2007-07-10 Love Hörnquist Ã…strand * Makefile.am: New library version. -2006-10-19 Love Hörnquist Åstrand +2006-10-19 Love Hörnquist Ã…strand * Makefile.am (compile_et_SOURCES): add lex.h -2005-12-12 Love Hörnquist Åstrand +2005-12-12 Love Hörnquist Ã…strand * com_err.3: Document the _r functions. -2005-07-07 Love Hörnquist Åstrand +2005-07-07 Love Hörnquist Ã…strand * com_err.h: Include for va_list to help AIX 5.2. -2005-06-16 Love Hörnquist Åstrand +2005-06-16 Love Hörnquist Ã…strand * parse.y: rename base to base_id since flex defines a function with the argument base @@ -43,7 +43,7 @@ * compile_et.c: rename optind to optidx -2005-05-16 Love Hörnquist Åstrand +2005-05-16 Love Hörnquist Ã…strand * parse.y: check allocation errors @@ -57,11 +57,11 @@ * Makefile.am (LDADD): Add libcom_err.la -2005-04-24 Love Hörnquist Åstrand +2005-04-24 Love Hörnquist Ã…strand * include strlcpy and *printf and use them -2005-02-03 Love Hörnquist Åstrand +2005-02-03 Love Hörnquist Ã…strand * com_right.h: de-__P diff --git a/lib/com_err/Makefile.am b/lib/com_err/Makefile.am index 64d497656fec..a970b640a4b3 100644 --- a/lib/com_err/Makefile.am +++ b/lib/com_err/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 21619 2007-07-17 07:34:00Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -11,19 +11,23 @@ if versionscript libcom_err_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map endif +libcom_err_la_LIBADD = $(LIB_libintl) + bin_PROGRAMS = compile_et include_HEADERS = com_err.h com_right.h compile_et_SOURCES = compile_et.c compile_et.h parse.y lex.l lex.h -libcom_err_la_CPPFLAGS = $(ROKEN_RENAME) +libcom_err_la_CPPFLAGS = $(ROKEN_RENAME) $(INCLUDE_libintl) dist_libcom_err_la_SOURCES = error.c com_err.c roken_rename.h if do_roken_rename nodist_libcom_err_la_SOURCES = snprintf.c strlcpy.c endif +libcom_err_la_DEPENDENCIES = version-script.map + $(compile_et_OBJECTS): parse.h parse.c ## XXX broken automake 1.4s compile_et_LDADD = \ @@ -36,4 +40,9 @@ snprintf.c: strlcpy.c: $(LN_S) $(srcdir)/../roken/strlcpy.c . -EXTRA_DIST = version-script.map +EXTRA_DIST = \ + NTMakefile \ + compile_et-version.rc \ + libcom_err-version.rc \ + libcom_err-exports.def \ + version-script.map diff --git a/lib/com_err/Makefile.in b/lib/com_err/Makefile.in index 2581001abd20..b8323c6e2041 100644 --- a/lib/com_err/Makefile.in +++ b/lib/com_err/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,18 +15,19 @@ @SET_MAKE@ -# $Id: Makefile.am 21619 2007-07-17 07:34:00Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -49,7 +51,7 @@ bin_PROGRAMS = compile_et$(EXEEXT) subdir = lib/com_err ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -64,7 +66,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -78,9 +80,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -88,23 +93,38 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) -libcom_err_la_LIBADD = +am__DEPENDENCIES_1 = dist_libcom_err_la_OBJECTS = libcom_err_la-error.lo \ libcom_err_la-com_err.lo @do_roken_rename_TRUE@nodist_libcom_err_la_OBJECTS = \ @@ -115,17 +135,15 @@ libcom_err_la_OBJECTS = $(dist_libcom_err_la_OBJECTS) \ libcom_err_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libcom_err_la_LDFLAGS) $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(bin_PROGRAMS) am_compile_et_OBJECTS = compile_et.$(OBJEXT) parse.$(OBJEXT) \ lex.$(OBJEXT) compile_et_OBJECTS = $(am_compile_et_OBJECTS) -am__DEPENDENCIES_1 = compile_et_DEPENDENCIES = libcom_err.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -147,7 +165,6 @@ LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ SOURCES = $(dist_libcom_err_la_SOURCES) \ $(nodist_libcom_err_la_SOURCES) $(compile_et_SOURCES) DIST_SOURCES = $(dist_libcom_err_la_SOURCES) $(compile_et_SOURCES) -includeHEADERS_INSTALL = $(INSTALL_HEADER) HEADERS = $(include_HEADERS) ETAGS = etags CTAGS = ctags @@ -156,49 +173,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -222,10 +248,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -242,6 +269,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -257,31 +286,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -296,10 +339,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -340,59 +385,72 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la lib_LTLIBRARIES = libcom_err.la libcom_err_la_LDFLAGS = -version-info 2:3:1 $(am__append_1) +libcom_err_la_LIBADD = $(LIB_libintl) include_HEADERS = com_err.h com_right.h compile_et_SOURCES = compile_et.c compile_et.h parse.y lex.l lex.h -libcom_err_la_CPPFLAGS = $(ROKEN_RENAME) +libcom_err_la_CPPFLAGS = $(ROKEN_RENAME) $(INCLUDE_libintl) dist_libcom_err_la_SOURCES = error.c com_err.c roken_rename.h @do_roken_rename_TRUE@nodist_libcom_err_la_SOURCES = snprintf.c strlcpy.c +libcom_err_la_DEPENDENCIES = version-script.map compile_et_LDADD = \ libcom_err.la \ $(LIB_roken) \ $(LEXLIB) -EXTRA_DIST = version-script.map +EXTRA_DIST = \ + NTMakefile \ + compile_et-version.rc \ + libcom_err-version.rc \ + libcom_err-exports.def \ + version-script.map + all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .l .lo .o .obj .y +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .l .lo .o .obj .y $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/com_err/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/com_err/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/com_err/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/com_err/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -410,23 +468,28 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -442,31 +505,46 @@ libcom_err.la: $(libcom_err_la_OBJECTS) $(libcom_err_la_DEPENDENCIES) install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list parse.h: parse.c @if test ! -f $@; then \ rm -f parse.c; \ @@ -482,26 +560,62 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/compile_et.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lex.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcom_err_la-com_err.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcom_err_la-error.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcom_err_la-snprintf.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcom_err_la-strlcpy.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parse.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< libcom_err_la-error.lo: error.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libcom_err_la-error.lo `test -f 'error.c' || echo '$(srcdir)/'`error.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libcom_err_la-error.lo -MD -MP -MF $(DEPDIR)/libcom_err_la-error.Tpo -c -o libcom_err_la-error.lo `test -f 'error.c' || echo '$(srcdir)/'`error.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libcom_err_la-error.Tpo $(DEPDIR)/libcom_err_la-error.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='error.c' object='libcom_err_la-error.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libcom_err_la-error.lo `test -f 'error.c' || echo '$(srcdir)/'`error.c libcom_err_la-com_err.lo: com_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libcom_err_la-com_err.lo `test -f 'com_err.c' || echo '$(srcdir)/'`com_err.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libcom_err_la-com_err.lo -MD -MP -MF $(DEPDIR)/libcom_err_la-com_err.Tpo -c -o libcom_err_la-com_err.lo `test -f 'com_err.c' || echo '$(srcdir)/'`com_err.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libcom_err_la-com_err.Tpo $(DEPDIR)/libcom_err_la-com_err.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='com_err.c' object='libcom_err_la-com_err.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libcom_err_la-com_err.lo `test -f 'com_err.c' || echo '$(srcdir)/'`com_err.c libcom_err_la-snprintf.lo: snprintf.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libcom_err_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libcom_err_la-snprintf.lo -MD -MP -MF $(DEPDIR)/libcom_err_la-snprintf.Tpo -c -o libcom_err_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libcom_err_la-snprintf.Tpo $(DEPDIR)/libcom_err_la-snprintf.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='snprintf.c' object='libcom_err_la-snprintf.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libcom_err_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c libcom_err_la-strlcpy.lo: strlcpy.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libcom_err_la-strlcpy.lo `test -f 'strlcpy.c' || echo '$(srcdir)/'`strlcpy.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libcom_err_la-strlcpy.lo -MD -MP -MF $(DEPDIR)/libcom_err_la-strlcpy.Tpo -c -o libcom_err_la-strlcpy.lo `test -f 'strlcpy.c' || echo '$(srcdir)/'`strlcpy.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libcom_err_la-strlcpy.Tpo $(DEPDIR)/libcom_err_la-strlcpy.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='strlcpy.c' object='libcom_err_la-strlcpy.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libcom_err_la-strlcpy.lo `test -f 'strlcpy.c' || echo '$(srcdir)/'`strlcpy.c .l.c: $(am__skiplex) $(SHELL) $(YLWRAP) $< $(LEX_OUTPUT_ROOT).c $@ -- $(LEXCOMPILE) @@ -517,65 +631,72 @@ clean-libtool: install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -596,13 +717,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -639,6 +764,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -652,6 +778,7 @@ clean-am: clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \ clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -662,6 +789,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -669,26 +798,35 @@ info-am: install-data-am: install-includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS install-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -709,9 +847,8 @@ uninstall-am: uninstall-binPROGRAMS uninstall-includeHEADERS \ uninstall-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \ @@ -800,6 +937,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -885,7 +1025,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -905,6 +1045,7 @@ snprintf.c: $(LN_S) $(srcdir)/../roken/snprintf.c . strlcpy.c: $(LN_S) $(srcdir)/../roken/strlcpy.c . + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/com_err/NTMakefile b/lib/com_err/NTMakefile new file mode 100644 index 000000000000..531b8ab417ac --- /dev/null +++ b/lib/com_err/NTMakefile @@ -0,0 +1,91 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR = lib\com_err + +intcflags=-DBUILD_KRB5_LIB + +!include ../../windows/NTMakefile.w32 + +INCFILES=$(INCDIR)\com_err.h $(INCDIR)\com_right.h + +libcomerr_OBJs=$(OBJ)\error.obj $(OBJ)\com_err.obj + +COMERRDLL=$(BINDIR)\com_err.dll + +!ifdef STATICLIBS + +$(LIBCOMERR): $(libcomerr_OBJs) + $(LIBCON) + +!else + +$(LIBCOMERR): $(COMERRDLL) + +$(COMERRDLL): $(libcomerr_OBJs) $(OBJ)\libcom_err-version.res + $(DLLGUILINK_C) -out:$(COMERRDLL) -implib:$(LIBCOMERR) $** \ + $(LIBROKEN) \ + -def:libcom_err-exports.def + $(DLLPREP_NODIST) + +!endif + +$(BINDIR)\compile_et.exe: $(OBJ)\parse.obj $(OBJ)\lex.obj $(OBJ)\compile_et.obj $(OBJ)\compile_et-version.res + $(EXECONLINK) $(LIBROKEN) $(LIBVERS) + $(EXEPREP_NOHEIM) + +$(OBJ)\parse.obj: $(OBJ)\parse.c + $(C2OBJ) -I$(SRC)\$(RELDIR) + +$(OBJ)\lex.obj: $(OBJ)\lex.c + $(C2OBJ) -I$(SRC)\$(RELDIR) -DYY_NO_UNISTD_H + +$(OBJ)\compile_et.obj: compile_et.c + $(C2OBJ) -I$(OBJ) + +$(OBJ)\parse.c: parse.y + $(YACC) -o $@ --defines=$(OBJ)\parse.h parse.y + +$(OBJ)\lex.c: lex.l + $(LEX) -o$@ lex.l + +all:: $(INCFILES) $(LIBCOMERR) $(BINDIR)\compile_et.exe + +clean:: + -$(RM) $(LIBCOMERR) + -$(RM) $(INCFILES) + -$(RM) $(COMERRDLL:.dll=.*) + -$(RM) $(BINDIR)\compile_et.* + +test-exports: + $(PERL) ..\..\cf\w32-check-exported-symbols.pl --vs version-script.map --def libcom_err-exports.def + +test:: test-exports diff --git a/lib/com_err/com_err.c b/lib/com_err/com_err.c index faf4294cdd8f..fe4cc2983c50 100644 --- a/lib/com_err/com_err.c +++ b/lib/com_err/com_err.c @@ -1,40 +1,39 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H + #include -RCSID("$Id: com_err.c 14930 2005-04-24 19:43:06Z lha $"); -#endif + #include #include #include @@ -44,7 +43,7 @@ RCSID("$Id: com_err.c 14930 2005-04-24 19:43:06Z lha $"); struct et_list *_et_list = NULL; -const char * +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL error_message (long code) { static char msg[128]; @@ -57,23 +56,23 @@ error_message (long code) } if (p != NULL && *p != '\0') { strlcpy(msg, p, sizeof(msg)); - } else + } else snprintf(msg, sizeof(msg), "Unknown error %ld", code); return msg; } -int +KRB5_LIB_FUNCTION int KRB5_LIB_CALL init_error_table(const char **msgs, long base, int count) { initialize_error_table_r(&_et_list, msgs, count, base); return 0; } -static void +static void KRB5_CALLCONV default_proc (const char *whoami, long code, const char *fmt, va_list args) __attribute__((__format__(__printf__, 3, 0))); - -static void + +static void KRB5_CALLCONV default_proc (const char *whoami, long code, const char *fmt, va_list args) { if (whoami) @@ -87,19 +86,19 @@ default_proc (const char *whoami, long code, const char *fmt, va_list args) static errf com_err_hook = default_proc; -void -com_err_va (const char *whoami, - long code, - const char *fmt, +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +com_err_va (const char *whoami, + long code, + const char *fmt, va_list args) { (*com_err_hook) (whoami, code, fmt, args); } -void +KRB5_LIB_FUNCTION void KRB5_LIB_CALL com_err (const char *whoami, long code, - const char *fmt, + const char *fmt, ...) { va_list ap; @@ -108,7 +107,7 @@ com_err (const char *whoami, va_end(ap); } -errf +KRB5_LIB_FUNCTION errf KRB5_LIB_CALL set_com_err_hook (errf new) { errf old = com_err_hook; @@ -117,12 +116,12 @@ set_com_err_hook (errf new) com_err_hook = new; else com_err_hook = default_proc; - + return old; } -errf -reset_com_err_hook (void) +KRB5_LIB_FUNCTION errf KRB5_LIB_CALL +reset_com_err_hook (void) { return set_com_err_hook(NULL); } @@ -135,7 +134,7 @@ static const char char_set[] = static char buf[6]; -const char * +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL error_table_name(int num) { int ch; @@ -157,7 +156,7 @@ error_table_name(int num) return(buf); } -void +KRB5_LIB_FUNCTION void KRB5_LIB_CALL add_to_error_table(struct et_list *new_table) { struct et_list *et; diff --git a/lib/com_err/com_err.h b/lib/com_err/com_err.h index bdd764f7e982..5b8b7e28f778 100644 --- a/lib/com_err/com_err.h +++ b/lib/com_err/com_err.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: com_err.h 15566 2005-07-07 14:58:07Z lha $ */ +/* $Id$ */ /* MIT compatible com_err library */ @@ -45,22 +45,32 @@ #define __attribute__(X) #endif -typedef void (*errf) (const char *, long, const char *, va_list); +typedef void (KRB5_CALLCONV *errf) (const char *, long, const char *, va_list); -const char * error_message (long); -int init_error_table (const char**, long, int); +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL +error_message (long); -void com_err_va (const char *, long, const char *, va_list) +KRB5_LIB_FUNCTION int KRB5_LIB_CALL +init_error_table (const char**, long, int); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +com_err_va (const char *, long, const char *, va_list) __attribute__((format(printf, 3, 0))); -void com_err (const char *, long, const char *, ...) +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +com_err (const char *, long, const char *, ...) __attribute__((format(printf, 3, 4))); -errf set_com_err_hook (errf); -errf reset_com_err_hook (void); +KRB5_LIB_FUNCTION errf KRB5_LIB_CALL +set_com_err_hook (errf); -const char *error_table_name (int num); +KRB5_LIB_FUNCTION errf KRB5_LIB_CALL +reset_com_err_hook (void); -void add_to_error_table (struct et_list *new_table); +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL +error_table_name (int num); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +add_to_error_table (struct et_list *new_table); #endif /* __COM_ERR_H__ */ diff --git a/lib/com_err/com_right.h b/lib/com_err/com_right.h index 4d929da866b3..b0857d283acf 100644 --- a/lib/com_err/com_right.h +++ b/lib/com_err/com_right.h @@ -1,41 +1,61 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: com_right.h 14551 2005-02-03 08:45:13Z lha $ */ +/* $Id$ */ #ifndef __COM_RIGHT_H__ #define __COM_RIGHT_H__ +#ifndef KRB5_LIB +#ifndef KRB5_LIB_FUNCTION +#if defined(_WIN32) +#define KRB5_LIB_FUNCTION __declspec(dllimport) +#define KRB5_LIB_CALL __stdcall +#define KRB5_LIB_VARIABLE __declspec(dllimport) +#else +#define KRB5_LIB_FUNCTION +#define KRB5_LIB_CALL +#define KRB5_LIB_VARIABLE +#endif +#endif +#endif + +#ifdef _WIN32 +#define KRB5_CALLCONV __stdcall +#else +#define KRB5_CALLCONV +#endif + #ifdef __STDC__ #include #endif @@ -51,8 +71,16 @@ struct et_list { }; extern struct et_list *_et_list; -const char *com_right (struct et_list *list, long code); -void initialize_error_table_r (struct et_list **, const char **, int, long); -void free_error_table (struct et_list *); +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL +com_right (struct et_list *list, long code); + +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL +com_right_r (struct et_list *list, long code, char *, size_t); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +initialize_error_table_r (struct et_list **, const char **, int, long); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +free_error_table (struct et_list *); #endif /* __COM_RIGHT_H__ */ diff --git a/lib/com_err/compile_et-version.rc b/lib/com_err/compile_et-version.rc new file mode 100644 index 000000000000..5b0b91abe42f --- /dev/null +++ b/lib/com_err/compile_et-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Error Table Compiler" +#define RC_FILE_ORIG_0409 "compile_et.exe" + +#include "../../windows/version.rc" diff --git a/lib/com_err/compile_et.c b/lib/com_err/compile_et.c index 105765482265..c72abdecc863 100644 --- a/lib/com_err/compile_et.c +++ b/lib/com_err/compile_et.c @@ -1,42 +1,43 @@ /* - * Copyright (c) 1998-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998-2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #undef ROKEN_RENAME + +#include "config.h" + #include "compile_et.h" #include -RCSID("$Id: compile_et.c 15426 2005-06-16 19:21:42Z lha $"); - #include #include #include "parse.h" @@ -75,13 +76,15 @@ generate_c(void) return 1; fprintf(c_file, "/* Generated from %s */\n", filename); - if(id_str) + if(id_str) fprintf(c_file, "/* %s */\n", id_str); fprintf(c_file, "\n"); fprintf(c_file, "#include \n"); fprintf(c_file, "#include \n"); fprintf(c_file, "#include \"%s\"\n", hfn); fprintf(c_file, "\n"); + fprintf(c_file, "#define N_(x) (x)\n"); + fprintf(c_file, "\n"); fprintf(c_file, "static const char *%s_error_strings[] = {\n", name); @@ -90,9 +93,10 @@ generate_c(void) fprintf(c_file, "\t/* %03d */ \"Reserved %s error (%d)\",\n", n, name, n); n++; - + } - fprintf(c_file, "\t/* %03d */ \"%s\",\n", ec->number, ec->string); + fprintf(c_file, "\t/* %03d */ N_(\"%s\"),\n", + ec->number, ec->string); } fprintf(c_file, "\tNULL\n"); @@ -100,11 +104,11 @@ generate_c(void) fprintf(c_file, "\n"); fprintf(c_file, "#define num_errors %d\n", number); fprintf(c_file, "\n"); - fprintf(c_file, - "void initialize_%s_error_table_r(struct et_list **list)\n", + fprintf(c_file, + "void initialize_%s_error_table_r(struct et_list **list)\n", name); fprintf(c_file, "{\n"); - fprintf(c_file, + fprintf(c_file, " initialize_error_table_r(list, %s_error_strings, " "num_errors, ERROR_TABLE_BASE_%s);\n", name, name); fprintf(c_file, "}\n"); @@ -135,9 +139,9 @@ generate_h(void) for(p = fn; *p; p++) if(!isalnum((unsigned char)*p)) *p = '_'; - + fprintf(h_file, "/* Generated from %s */\n", filename); - if(id_str) + if(id_str) fprintf(h_file, "/* %s */\n", id_str); fprintf(h_file, "\n"); fprintf(h_file, "#ifndef %s\n", fn); @@ -145,18 +149,18 @@ generate_h(void) fprintf(h_file, "\n"); fprintf(h_file, "struct et_list;\n"); fprintf(h_file, "\n"); - fprintf(h_file, + fprintf(h_file, "void initialize_%s_error_table_r(struct et_list **);\n", name); fprintf(h_file, "\n"); fprintf(h_file, "void initialize_%s_error_table(void);\n", name); - fprintf(h_file, "#define init_%s_err_tbl initialize_%s_error_table\n", + fprintf(h_file, "#define init_%s_err_tbl initialize_%s_error_table\n", name, name); fprintf(h_file, "\n"); fprintf(h_file, "typedef enum %s_error_number{\n", name); for(ec = codes; ec; ec = ec->next) { - fprintf(h_file, "\t%s = %ld%s\n", ec->name, base_id + ec->number, + fprintf(h_file, "\t%s = %ld%s\n", ec->name, base_id + ec->number, (ec->next != NULL) ? "," : ""); } @@ -164,6 +168,8 @@ generate_h(void) fprintf(h_file, "\n"); fprintf(h_file, "#define ERROR_TABLE_BASE_%s %ld\n", name, base_id); fprintf(h_file, "\n"); + fprintf(h_file, "#define COM_ERR_BINDDOMAIN_%s \"heim_com_err%ld\"\n", name, base_id); + fprintf(h_file, "\n"); fprintf(h_file, "#endif /* %s */\n", fn); @@ -208,26 +214,26 @@ main(int argc, char **argv) exit(0); } - if(optidx == argc) + if(optidx == argc) usage(1); filename = argv[optidx]; yyin = fopen(filename, "r"); if(yyin == NULL) err(1, "%s", filename); - - - p = strrchr(filename, '/'); + + + p = strrchr(filename, rk_PATH_DELIM); if(p) p++; else p = filename; strlcpy(Basename, p, sizeof(Basename)); - + Basename[strcspn(Basename, ".")] = '\0'; - + snprintf(hfn, sizeof(hfn), "%s.h", Basename); snprintf(cfn, sizeof(cfn), "%s.c", Basename); - + yyparse(); if(numerror) return 1; diff --git a/lib/com_err/compile_et.h b/lib/com_err/compile_et.h index 1c7de5a08b69..b0b8e21da166 100644 --- a/lib/com_err/compile_et.h +++ b/lib/com_err/compile_et.h @@ -1,44 +1,42 @@ /* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: compile_et.h 15426 2005-06-16 19:21:42Z lha $ */ +/* $Id$ */ #ifndef __COMPILE_ET_H__ #define __COMPILE_ET_H__ -#ifdef HAVE_CONFIG_H #include -#endif #include #include diff --git a/lib/com_err/error.c b/lib/com_err/error.c index 051078025c56..6864e870a41e 100644 --- a/lib/com_err/error.c +++ b/lib/com_err/error.c @@ -1,52 +1,75 @@ /* - * Copyright (c) 1997, 1998, 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1998, 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H + #include -RCSID("$Id: error.c 9724 2001-02-28 20:00:13Z joda $"); -#endif + #include #include #include #include +#include -const char * +#ifdef LIBINTL +#include +#else +#define dgettext(d,s) (s) +#endif + +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL com_right(struct et_list *list, long code) { struct et_list *p; - for (p = list; p; p = p->next) { + for (p = list; p; p = p->next) if (code >= p->table->base && code < p->table->base + p->table->n_msgs) return p->table->msgs[code - p->table->base]; + return NULL; +} + +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL +com_right_r(struct et_list *list, long code, char *str, size_t len) +{ + struct et_list *p; + for (p = list; p; p = p->next) { + if (code >= p->table->base && code < p->table->base + p->table->n_msgs) { + const char *msg = p->table->msgs[code - p->table->base]; +#ifdef LIBINTL + char domain[12 + 20]; + snprintf(domain, sizeof(domain), "heim_com_err%d", p->table->base); +#endif + strlcpy(str, dgettext(domain, msg), len); + return str; + } } return NULL; } @@ -56,9 +79,9 @@ struct foobar { struct error_table et; }; -void -initialize_error_table_r(struct et_list **list, - const char **messages, +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +initialize_error_table_r(struct et_list **list, + const char **messages, int num_errors, long base) { @@ -78,9 +101,9 @@ initialize_error_table_r(struct et_list **list, et->next = NULL; *end = et; } - -void + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL free_error_table(struct et_list *et) { while(et){ diff --git a/lib/com_err/lex.c b/lib/com_err/lex.c index 8f756d39c998..42b5f64fae3f 100644 --- a/lib/com_err/lex.c +++ b/lib/com_err/lex.c @@ -8,7 +8,7 @@ #define FLEX_SCANNER #define YY_FLEX_MAJOR_VERSION 2 #define YY_FLEX_MINOR_VERSION 5 -#define YY_FLEX_SUBMINOR_VERSION 33 +#define YY_FLEX_SUBMINOR_VERSION 35 #if YY_FLEX_SUBMINOR_VERSION > 0 #define FLEX_BETA #endif @@ -30,7 +30,7 @@ /* C99 systems have . Non-C99 systems may or may not. */ -#if __STDC_VERSION__ >= 199901L +#if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L /* C99 says to define __STDC_LIMIT_MACROS before including stdint.h, * if you want the limit (max/min) macros for int types. @@ -93,11 +93,12 @@ typedef unsigned int flex_uint32_t; #else /* ! __cplusplus */ -#if __STDC__ +/* C99 requires __STDC__ to be defined as 1. */ +#if defined (__STDC__) #define YY_USE_CONST -#endif /* __STDC__ */ +#endif /* defined (__STDC__) */ #endif /* ! __cplusplus */ #ifdef YY_USE_CONST @@ -151,7 +152,12 @@ typedef unsigned int flex_uint32_t; typedef struct yy_buffer_state *YY_BUFFER_STATE; #endif -extern int yyleng; +#ifndef YY_TYPEDEF_YY_SIZE_T +#define YY_TYPEDEF_YY_SIZE_T +typedef size_t yy_size_t; +#endif + +extern yy_size_t yyleng; extern FILE *yyin, *yyout; @@ -177,16 +183,6 @@ extern FILE *yyin, *yyout; #define unput(c) yyunput( c, (yytext_ptr) ) -/* The following is because we cannot portably get our hands on size_t - * (without autoconf's help, which isn't available because we want - * flex-generated scanners to compile on their own). - */ - -#ifndef YY_TYPEDEF_YY_SIZE_T -#define YY_TYPEDEF_YY_SIZE_T -typedef unsigned int yy_size_t; -#endif - #ifndef YY_STRUCT_YY_BUFFER_STATE #define YY_STRUCT_YY_BUFFER_STATE struct yy_buffer_state @@ -204,7 +200,7 @@ struct yy_buffer_state /* Number of characters read into yy_ch_buf, not including EOB * characters. */ - int yy_n_chars; + yy_size_t yy_n_chars; /* Whether we "own" the buffer - i.e., we know we created it, * and can realloc() it to grow it, and should free() it to @@ -274,8 +270,8 @@ static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */ /* yy_hold_char holds the character lost when yytext is formed. */ static char yy_hold_char; -static int yy_n_chars; /* number of characters read into yy_ch_buf */ -int yyleng; +static yy_size_t yy_n_chars; /* number of characters read into yy_ch_buf */ +yy_size_t yyleng; /* Points to current character in buffer. */ static char *yy_c_buf_p = (char *) 0; @@ -303,7 +299,7 @@ static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file ); YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size ); YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str ); -YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,int len ); +YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,yy_size_t len ); void *yyalloc (yy_size_t ); void *yyrealloc (void *,yy_size_t ); @@ -479,36 +475,36 @@ char *yytext; #line 1 "lex.l" #line 2 "lex.l" /* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /* @@ -523,8 +519,6 @@ char *yytext; #include "parse.h" #include "lex.h" -RCSID("$Id: lex.l 15143 2005-05-16 08:52:54Z lha $"); - static unsigned lineno = 1; static int getstring(void); @@ -532,7 +526,7 @@ static int getstring(void); #undef ECHO -#line 536 "lex.c" +#line 530 "lex.c" #define INITIAL 0 @@ -550,6 +544,35 @@ static int getstring(void); static int yy_init_globals (void ); +/* Accessor methods to globals. + These are made visible to non-reentrant scanners for convenience. */ + +int yylex_destroy (void ); + +int yyget_debug (void ); + +void yyset_debug (int debug_flag ); + +YY_EXTRA_TYPE yyget_extra (void ); + +void yyset_extra (YY_EXTRA_TYPE user_defined ); + +FILE *yyget_in (void ); + +void yyset_in (FILE * in_str ); + +FILE *yyget_out (void ); + +void yyset_out (FILE * out_str ); + +yy_size_t yyget_leng (void ); + +char *yyget_text (void ); + +int yyget_lineno (void ); + +void yyset_lineno (int line_number ); + /* Macros after this point can all be overridden by user definitions in * section 1. */ @@ -562,8 +585,6 @@ extern int yywrap (void ); #endif #endif - static void yyunput (int c,char *buf_ptr ); - #ifndef yytext_ptr static void yy_flex_strncpy (char *,yyconst char *,int ); #endif @@ -592,7 +613,7 @@ static int input (void ); /* This used to be an fputs(), but since the string might contain NUL's, * we now use fwrite(). */ -#define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) +#define ECHO fwrite( yytext, yyleng, 1, yyout ) #endif /* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, @@ -603,7 +624,7 @@ static int input (void ); if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \ { \ int c = '*'; \ - size_t n; \ + yy_size_t n; \ for ( n = 0; n < max_size && \ (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ buf[n] = (char) c; \ @@ -685,9 +706,9 @@ YY_DECL register char *yy_cp, *yy_bp; register int yy_act; -#line 59 "lex.l" +#line 58 "lex.l" -#line 691 "lex.c" +#line 712 "lex.c" if ( !(yy_init) ) { @@ -772,86 +793,86 @@ YY_DECL case 1: YY_RULE_SETUP -#line 60 "lex.l" +#line 59 "lex.l" { return ET; } YY_BREAK case 2: YY_RULE_SETUP -#line 61 "lex.l" +#line 60 "lex.l" { return ET; } YY_BREAK case 3: YY_RULE_SETUP -#line 62 "lex.l" +#line 61 "lex.l" { return EC; } YY_BREAK case 4: YY_RULE_SETUP -#line 63 "lex.l" +#line 62 "lex.l" { return EC; } YY_BREAK case 5: YY_RULE_SETUP -#line 64 "lex.l" +#line 63 "lex.l" { return PREFIX; } YY_BREAK case 6: YY_RULE_SETUP -#line 65 "lex.l" +#line 64 "lex.l" { return INDEX; } YY_BREAK case 7: YY_RULE_SETUP -#line 66 "lex.l" +#line 65 "lex.l" { return ID; } YY_BREAK case 8: YY_RULE_SETUP -#line 67 "lex.l" +#line 66 "lex.l" { return END; } YY_BREAK case 9: YY_RULE_SETUP -#line 68 "lex.l" +#line 67 "lex.l" { yylval.number = atoi(yytext); return NUMBER; } YY_BREAK case 10: YY_RULE_SETUP -#line 69 "lex.l" +#line 68 "lex.l" ; YY_BREAK case 11: YY_RULE_SETUP -#line 70 "lex.l" +#line 69 "lex.l" ; YY_BREAK case 12: /* rule 12 can match eol */ YY_RULE_SETUP -#line 71 "lex.l" +#line 70 "lex.l" { lineno++; } YY_BREAK case 13: YY_RULE_SETUP -#line 72 "lex.l" +#line 71 "lex.l" { return getstring(); } YY_BREAK case 14: YY_RULE_SETUP -#line 73 "lex.l" +#line 72 "lex.l" { yylval.string = strdup(yytext); return STRING; } YY_BREAK case 15: YY_RULE_SETUP -#line 74 "lex.l" +#line 73 "lex.l" { return *yytext; } YY_BREAK case 16: YY_RULE_SETUP -#line 75 "lex.l" +#line 74 "lex.l" ECHO; YY_BREAK -#line 855 "lex.c" +#line 876 "lex.c" case YY_STATE_EOF(INITIAL): yyterminate(); @@ -1037,7 +1058,7 @@ static int yy_get_next_buffer (void) else { - int num_to_read = + yy_size_t num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; while ( num_to_read <= 0 ) @@ -1051,7 +1072,7 @@ static int yy_get_next_buffer (void) if ( b->yy_is_our_buffer ) { - int new_size = b->yy_buf_size * 2; + yy_size_t new_size = b->yy_buf_size * 2; if ( new_size <= 0 ) b->yy_buf_size += b->yy_buf_size / 8; @@ -1106,6 +1127,14 @@ static int yy_get_next_buffer (void) else ret_val = EOB_ACT_CONTINUE_SCAN; + if ((yy_size_t) ((yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) { + /* Extend the array by 50%, plus the number we really need. */ + yy_size_t new_size = (yy_n_chars) + number_to_move + ((yy_n_chars) >> 1); + YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) yyrealloc((void *) YY_CURRENT_BUFFER_LVALUE->yy_ch_buf,new_size ); + if ( ! YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) + YY_FATAL_ERROR( "out of dynamic memory in yy_get_next_buffer()" ); + } + (yy_n_chars) += number_to_move; YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR; YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR; @@ -1172,43 +1201,6 @@ static int yy_get_next_buffer (void) return yy_is_jam ? 0 : yy_current_state; } - static void yyunput (int c, register char * yy_bp ) -{ - register char *yy_cp; - - yy_cp = (yy_c_buf_p); - - /* undo effects of setting up yytext */ - *yy_cp = (yy_hold_char); - - if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) - { /* need to shift things up to make room */ - /* +2 for EOB chars. */ - register int number_to_move = (yy_n_chars) + 2; - register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[ - YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2]; - register char *source = - &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]; - - while ( source > YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) - *--dest = *--source; - - yy_cp += (int) (dest - source); - yy_bp += (int) (dest - source); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_buf_size; - - if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) - YY_FATAL_ERROR( "flex scanner push-back overflow" ); - } - - *--yy_cp = (char) c; - - (yytext_ptr) = yy_bp; - (yy_hold_char) = *yy_cp; - (yy_c_buf_p) = yy_cp; -} - #ifndef YY_NO_INPUT #ifdef __cplusplus static int yyinput (void) @@ -1233,7 +1225,7 @@ static int yy_get_next_buffer (void) else { /* need more input */ - int offset = (yy_c_buf_p) - (yytext_ptr); + yy_size_t offset = (yy_c_buf_p) - (yytext_ptr); ++(yy_c_buf_p); switch ( yy_get_next_buffer( ) ) @@ -1509,7 +1501,7 @@ void yypop_buffer_state (void) */ static void yyensure_buffer_stack (void) { - int num_to_alloc; + yy_size_t num_to_alloc; if (!(yy_buffer_stack)) { @@ -1521,7 +1513,9 @@ static void yyensure_buffer_stack (void) (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc (num_to_alloc * sizeof(struct yy_buffer_state*) ); - + if ( ! (yy_buffer_stack) ) + YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); + memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*)); (yy_buffer_stack_max) = num_to_alloc; @@ -1539,6 +1533,8 @@ static void yyensure_buffer_stack (void) ((yy_buffer_stack), num_to_alloc * sizeof(struct yy_buffer_state*) ); + if ( ! (yy_buffer_stack) ) + YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); /* zero only the new slots.*/ memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*)); @@ -1583,7 +1579,7 @@ YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size ) /** Setup the input buffer state to scan a string. The next call to yylex() will * scan from a @e copy of @a str. - * @param str a NUL-terminated string to scan + * @param yystr a NUL-terminated string to scan * * @return the newly allocated buffer state object. * @note If you want to scan bytes that may contain NUL values, then use @@ -1602,12 +1598,11 @@ YY_BUFFER_STATE yy_scan_string (yyconst char * yystr ) * * @return the newly allocated buffer state object. */ -YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, int _yybytes_len ) +YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, yy_size_t _yybytes_len ) { YY_BUFFER_STATE b; char *buf; - yy_size_t n; - int i; + yy_size_t n, i; /* Get memory for full buffer, including space for trailing EOB's. */ n = _yybytes_len + 2; @@ -1689,7 +1684,7 @@ FILE *yyget_out (void) /** Get the length of the current token. * */ -int yyget_leng (void) +yy_size_t yyget_leng (void) { return yyleng; } @@ -1837,13 +1832,13 @@ void yyfree (void * ptr ) #define YYTABLES_NAME "yytables" -#line 75 "lex.l" +#line 74 "lex.l" #ifndef yywrap /* XXX */ int -yywrap () +yywrap () { return 1; } @@ -1863,7 +1858,7 @@ getstring(void) continue; } if(c == '\n'){ - error_message("unterminated string"); + _lex_error_message("unterminated string"); lineno++; break; } @@ -1883,7 +1878,7 @@ getstring(void) } void -error_message (const char *format, ...) +_lex_error_message (const char *format, ...) { va_list args; diff --git a/lib/com_err/lex.h b/lib/com_err/lex.h index 89f0387655f4..e158816bbb6b 100644 --- a/lib/com_err/lex.h +++ b/lib/com_err/lex.h @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: lex.h 8451 2000-06-22 00:42:52Z assar $ */ +/* $Id$ */ -void error_message (const char *, ...) +void _lex_error_message (const char *, ...) __attribute__ ((format (printf, 1, 2))); int yylex(void); diff --git a/lib/com_err/lex.l b/lib/com_err/lex.l index 08aef516b304..eb39e0cfb832 100644 --- a/lib/com_err/lex.l +++ b/lib/com_err/lex.l @@ -1,35 +1,35 @@ %{ /* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /* @@ -44,8 +44,6 @@ #include "parse.h" #include "lex.h" -RCSID("$Id: lex.l 15143 2005-05-16 08:52:54Z lha $"); - static unsigned lineno = 1; static int getstring(void); @@ -55,6 +53,7 @@ static int getstring(void); %} +%option nounput %% et { return ET; } @@ -76,7 +75,7 @@ end { return END; } #ifndef yywrap /* XXX */ int -yywrap () +yywrap () { return 1; } @@ -96,7 +95,7 @@ getstring(void) continue; } if(c == '\n'){ - error_message("unterminated string"); + _lex_error_message("unterminated string"); lineno++; break; } @@ -116,7 +115,7 @@ getstring(void) } void -error_message (const char *format, ...) +_lex_error_message (const char *format, ...) { va_list args; diff --git a/lib/com_err/libcom_err-exports.def b/lib/com_err/libcom_err-exports.def new file mode 100644 index 000000000000..a4db1940a93d --- /dev/null +++ b/lib/com_err/libcom_err-exports.def @@ -0,0 +1,14 @@ +EXPORTS + com_right + com_right_r + free_error_table + initialize_error_table_r + add_to_error_table + com_err + com_err_va + error_message + error_table_name + init_error_table + reset_com_err_hook + set_com_err_hook + _et_list DATA diff --git a/lib/com_err/libcom_err-version.rc b/lib/com_err/libcom_err-version.rc new file mode 100644 index 000000000000..7fe64323e791 --- /dev/null +++ b/lib/com_err/libcom_err-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2009, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_DLL +#define RC_FILE_DESC_0409 "Common Error Library" +#define RC_FILE_ORIG_0409 "com_err.dll" + +#include "../../windows/version.rc" diff --git a/lib/com_err/parse.c b/lib/com_err/parse.c index 32cff630d407..ca1ef60b0f84 100644 --- a/lib/com_err/parse.c +++ b/lib/com_err/parse.c @@ -93,43 +93,41 @@ #line 1 "parse.y" /* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "compile_et.h" #include "lex.h" -RCSID("$Id: parse.y 15426 2005-06-16 19:21:42Z lha $"); - void yyerror (char *s); static long name2number(const char *str); @@ -141,6 +139,9 @@ extern char *yytext; #define alloca(x) malloc(x) #endif +#define YYMALLOC malloc +#define YYFREE free + /* Enabling traces. */ @@ -163,13 +164,13 @@ extern char *yytext; #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE -#line 53 "parse.y" +#line 54 "parse.y" { char *string; int number; } /* Line 193 of yacc.c. */ -#line 173 "parse.c" +#line 174 "parse.c" YYSTYPE; # define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 @@ -182,7 +183,7 @@ typedef union YYSTYPE /* Line 216 of yacc.c. */ -#line 186 "parse.c" +#line 187 "parse.c" #ifdef short # undef short @@ -469,8 +470,8 @@ static const yytype_int8 yyrhs[] = /* YYRLINE[YYN] -- source line where rule number YYN was defined. */ static const yytype_uint8 yyrline[] = { - 0, 64, 64, 65, 68, 69, 72, 78, 84, 93, - 94, 97, 101, 109, 116, 136 + 0, 65, 65, 66, 69, 70, 73, 79, 85, 94, + 95, 98, 102, 110, 117, 137 }; #endif @@ -1381,14 +1382,14 @@ yyparse () switch (yyn) { case 6: -#line 73 "parse.y" +#line 74 "parse.y" { id_str = (yyvsp[(2) - (2)].string); } break; case 7: -#line 79 "parse.y" +#line 80 "parse.y" { base_id = name2number((yyvsp[(2) - (2)].string)); strlcpy(name, (yyvsp[(2) - (2)].string), sizeof(name)); @@ -1397,7 +1398,7 @@ yyparse () break; case 8: -#line 85 "parse.y" +#line 86 "parse.y" { base_id = name2number((yyvsp[(2) - (3)].string)); strlcpy(name, (yyvsp[(3) - (3)].string), sizeof(name)); @@ -1407,14 +1408,14 @@ yyparse () break; case 11: -#line 98 "parse.y" +#line 99 "parse.y" { number = (yyvsp[(2) - (2)].number); } break; case 12: -#line 102 "parse.y" +#line 103 "parse.y" { free(prefix); asprintf (&prefix, "%s_", (yyvsp[(2) - (2)].string)); @@ -1425,7 +1426,7 @@ yyparse () break; case 13: -#line 110 "parse.y" +#line 111 "parse.y" { prefix = realloc(prefix, 1); if (prefix == NULL) @@ -1435,10 +1436,10 @@ yyparse () break; case 14: -#line 117 "parse.y" +#line 118 "parse.y" { struct error_code *ec = malloc(sizeof(*ec)); - + if (ec == NULL) errx(1, "malloc"); @@ -1458,7 +1459,7 @@ yyparse () break; case 15: -#line 137 "parse.y" +#line 138 "parse.y" { YYACCEPT; } @@ -1466,7 +1467,7 @@ yyparse () /* Line 1267 of yacc.c. */ -#line 1470 "parse.c" +#line 1471 "parse.c" default: break; } YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); @@ -1680,7 +1681,7 @@ yyparse () } -#line 142 "parse.y" +#line 143 "parse.y" static long @@ -1711,6 +1712,6 @@ name2number(const char *str) void yyerror (char *s) { - error_message ("%s\n", s); + _lex_error_message ("%s\n", s); } diff --git a/lib/com_err/parse.h b/lib/com_err/parse.h index 23d7e0c7d98c..763a331f1621 100644 --- a/lib/com_err/parse.h +++ b/lib/com_err/parse.h @@ -64,7 +64,7 @@ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE -#line 53 "parse.y" +#line 54 "parse.y" { char *string; int number; diff --git a/lib/com_err/parse.y b/lib/com_err/parse.y index 315931389fe4..0c2e5084b51f 100644 --- a/lib/com_err/parse.y +++ b/lib/com_err/parse.y @@ -1,42 +1,40 @@ %{ /* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "compile_et.h" #include "lex.h" -RCSID("$Id: parse.y 15426 2005-06-16 19:21:42Z lha $"); - void yyerror (char *s); static long name2number(const char *str); @@ -48,6 +46,9 @@ extern char *yytext; #define alloca(x) malloc(x) #endif +#define YYMALLOC malloc +#define YYFREE free + %} %union { @@ -61,7 +62,7 @@ extern char *yytext; %% -file : /* */ +file : /* */ | header statements ; @@ -94,7 +95,7 @@ statements : statement | statements statement ; -statement : INDEX NUMBER +statement : INDEX NUMBER { number = $2; } @@ -116,7 +117,7 @@ statement : INDEX NUMBER | EC STRING ',' STRING { struct error_code *ec = malloc(sizeof(*ec)); - + if (ec == NULL) errx(1, "malloc"); @@ -169,5 +170,5 @@ name2number(const char *str) void yyerror (char *s) { - error_message ("%s\n", s); + _lex_error_message ("%s\n", s); } diff --git a/lib/com_err/roken_rename.h b/lib/com_err/roken_rename.h index 7c9b0ee10e94..3da2948a64dc 100644 --- a/lib/com_err/roken_rename.h +++ b/lib/com_err/roken_rename.h @@ -1,61 +1,61 @@ /* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: roken_rename.h 14930 2005-04-24 19:43:06Z lha $ */ +/* $Id$ */ #ifndef __roken_rename_h__ #define __roken_rename_h__ #ifndef HAVE_SNPRINTF -#define snprintf _com_err_snprintf +#define rk_snprintf _com_err_snprintf #endif #ifndef HAVE_VSNPRINTF -#define vsnprintf _com_err_vsnprintf +#define rk_vsnprintf _com_err_vsnprintf #endif #ifndef HAVE_ASPRINTF -#define asprintf _com_err_asprintf +#define rk_asprintf _com_err_asprintf #endif #ifndef HAVE_ASNPRINTF -#define asnprintf _com_err_asnprintf +#define rk_asnprintf _com_err_asnprintf #endif #ifndef HAVE_VASPRINTF -#define vasprintf _com_err_vasprintf +#define rk_vasprintf _com_err_vasprintf #endif #ifndef HAVE_VASNPRINTF -#define vasnprintf _com_err_vasnprintf +#define rk_vasnprintf _com_err_vasnprintf #endif #ifndef HAVE_STRLCPY -#define strlcpy _com_err_strlcpy +#define rk_strlcpy _com_err_strlcpy #endif diff --git a/lib/com_err/version-script.map b/lib/com_err/version-script.map index 43e2e020c0ce..8da2fef6dd4d 100644 --- a/lib/com_err/version-script.map +++ b/lib/com_err/version-script.map @@ -3,6 +3,7 @@ HEIMDAL_COM_ERR_1.0 { global: com_right; + com_right_r; free_error_table; initialize_error_table_r; add_to_error_table; @@ -13,6 +14,7 @@ HEIMDAL_COM_ERR_1.0 { init_error_table; reset_com_err_hook; set_com_err_hook; + _et_list; local: *; }; diff --git a/lib/gssapi/ChangeLog b/lib/gssapi/ChangeLog index 3a0c39f8763b..5c25d699c997 100644 --- a/lib/gssapi/ChangeLog +++ b/lib/gssapi/ChangeLog @@ -1,18 +1,125 @@ -2008-01-13 Love Hörnquist Åstrand +2008-08-14 Love Hornquist Astrand + + * krb5/accept_sec_context.c: If there is a initiator subkey, copy + that to acceptor subkey to match windows behavior. From Metze. + +2008-08-02 Love Hörnquist Ã…strand + + * ntlm/init_sec_context.c: Catch error + + * krb5/inquire_sec_context_by_oid.c: Catch store failure. + + * mech/gss_canonicalize_name.c: Not init m, return never + used (overwritten later). + +2008-07-25 Love Hörnquist Ã…strand + + * ntlm/init_sec_context.c: Use krb5_cc_get_config. + +2008-07-25 Love Hörnquist Ã…strand + + * krb5/init_sec_context.c: Match the orignal patch I got from + metze, seems that DCE-STYLE is even more weirer then what I though + when I merged the patch. + +2008-06-02 Love Hörnquist Ã…strand + + * krb5/init_sec_context.c: Don't add asn1 wrapping to token when + using DCE_STYLE. Patch from Stefan Metzmacher. + +2008-05-27 Love Hörnquist Ã…strand + + * ntlm/init_sec_context.c: use krb5_get_error_message + +2008-05-05 Love Hörnquist Ã…strand + + * spnego/spnego_locl.h: Add back "mech/utils.h", its needed for + oid/buffer functions. + +2008-05-02 Love Hörnquist Ã…strand + + * spnego: Changes from doug barton to make spnego indepedant of + the heimdal version of the plugin system. + +2008-04-27 Love Hörnquist Ã…strand + + * krb5: use DES_set_key_unchecked() + +2008-04-17 Love Hörnquist Ã…strand + + * add __declspec() for windows. + +2008-04-15 Love Hörnquist Ã…strand + + * krb5/import_sec_context.c: Use tmp to read ac->flags value to + avoid warning. + +2008-04-07 Love Hörnquist Ã…strand + + * mech/gss_mech_switch.c: Use unsigned where appropriate. + +2008-03-14 Love Hörnquist Ã…strand + + * test_context.c: Add test for gsskrb5_register_acceptor_identity. + +2008-03-09 Love Hörnquist Ã…strand + + * krb5/init_sec_context.c (init_auth): use right variable to + detect if we want to free or not. + +2008-02-26 Love Hörnquist Ã…strand + + * Makefile.am: add missing \ + + * Makefile.am: reshuffle depenencies + + * Add flag to krb5 to not add GSS-API INT|CONF to the negotiation + +2008-02-21 Love Hörnquist Ã…strand + + * make the SPNEGO mech store the error itself instead, works for + everything except other stackable mechs + +2008-02-18 Love Hörnquist Ã…strand + + * spnego/init_sec_context.c (spnego_reply): if the reply token was + of length 0, make it the same as no token. Pointed out by Zeqing + Xia. + + * krb5/acquire_cred.c (acquire_initiator_cred): handle the + credential cache better, use destroy/close when appriate and for + all cases. Thanks to Michael Allen for point out the memory-leak + that I also fixed. + +2008-02-03 Love Hörnquist Ã…strand + + * spnego/accept_sec_context.c: Make error reporting somewhat more + correct for SPNEGO. + +2008-01-27 Love Hörnquist Ã…strand + + * test_common.c: Improve the error message. + +2008-01-24 Love Hörnquist Ã…strand + + * ntlm/accept_sec_context.c: Avoid free-ing type1 message before + its allocated. + +2008-01-13 Love Hörnquist Ã…strand * test_ntlm.c: Test source name (and make the acceptor in ntlm gss mech useful). -2007-12-30 Love Hörnquist Åstrand +2007-12-30 Love Hörnquist Ã…strand * ntlm/init_sec_context.c: Don't confuse target name and source name, make regressiont tests pass again. -2007-12-29 Love Hörnquist Åstrand +2007-12-29 Love Hörnquist Ã…strand * ntlm: clean up name handling -2007-12-04 Love Hörnquist Åstrand +2007-12-04 Love Hörnquist Ã…strand * ntlm/init_sec_context.c: Use credential if it was passed in. @@ -30,26 +137,26 @@ * mech/gss_release_oid_set.c: Avoid trying to deref NULL, from Phil Fisher. -2007-12-03 Love Hörnquist Åstrand +2007-12-03 Love Hörnquist Ã…strand * test_acquire_cred.c: Always try to fetch cred (even with GSS_C_NO_NAME). -2007-08-09 Love Hörnquist Åstrand +2007-08-09 Love Hörnquist Ã…strand * mech/gss_krb5.c: Readd gss_krb5_get_tkt_flags. -2007-08-08 Love Hörnquist Åstrand +2007-08-08 Love Hörnquist Ã…strand * spnego/compat.c (_gss_spnego_internal_delete_sec_context): release ctx->target_name too From Rafal Malinowski. -2007-07-26 Love Hörnquist Åstrand +2007-07-26 Love Hörnquist Ã…strand * mech/gss_mech_switch.c: Don't try to do dlopen if system doesn't have dlopen. From Rune of Chalmers. -2007-07-10 Love Hörnquist Åstrand +2007-07-10 Love Hörnquist Ã…strand * mech/gss_duplicate_name.c: New signature of _gss_find_mn. @@ -73,7 +180,7 @@ * Makefile.am: New library version. -2007-07-04 Love Hörnquist Åstrand +2007-07-04 Love Hörnquist Ã…strand * mech/gss_oid_to_str.c: Refuse to print GSS_C_NULL_OID, from Rafal Malinowski. @@ -81,7 +188,7 @@ * spnego/spnego.asn1: Indent and make NegTokenInit and NegTokenResp extendable. -2007-06-21 Love Hörnquist Åstrand +2007-06-21 Love Hörnquist Ã…strand * ntlm/inquire_cred.c: Implement _gss_ntlm_inquire_cred. @@ -90,7 +197,7 @@ * mech/context.c: If the canned string is "", its no use to the user, make it fall back to the default error string. -2007-06-20 Love Hörnquist Åstrand +2007-06-20 Love Hörnquist Ã…strand * mech/gss_display_name.c (gss_display_name): no name -> fail. From Rafal Malinswski. @@ -124,7 +231,7 @@ Rafal Malinowski, also while here moved to use NegotiationToken for decoding. -2007-06-18 Love Hörnquist Åstrand +2007-06-18 Love Hörnquist Ã…strand * krb5/prf.c (_gsskrb5_pseudo_random): add missing break. @@ -142,14 +249,14 @@ * mech/gss_krb5.c: Free memory in error case, found by beam. -2007-06-12 Love Hörnquist Åstrand +2007-06-12 Love Hörnquist Ã…strand * ntlm/inquire_context.c: Use ctx->gssflags for flags. * krb5/display_name.c: Use KRB5_PRINCIPAL_UNPARSE_DISPLAY, this is not ment for machine consumption. -2007-06-09 Love Hörnquist Åstrand +2007-06-09 Love Hörnquist Ã…strand * ntlm/digest.c (kdc_alloc): free memory on failure, pointed out by Rafal Malinowski. @@ -160,11 +267,11 @@ * spnego/context_stubs.c (_gss_spnego_display_name): if input_name is null, fail. From Rafal Malinowski. -2007-06-04 Love Hörnquist Åstrand +2007-06-04 Love Hörnquist Ã…strand * ntlm/digest.c: Free memory when done. -2007-06-02 Love Hörnquist Åstrand +2007-06-02 Love Hörnquist Ã…strand * test_ntlm.c: Test both with and without keyex. @@ -173,7 +280,7 @@ * test_ntlm.c: Set keyex flag and calculate session key. -2007-05-31 Love Hörnquist Åstrand +2007-05-31 Love Hörnquist Ã…strand * spnego/accept_sec_context.c: Use the return value before is overwritten by later calls. From Rafal Malinowski @@ -181,14 +288,14 @@ * krb5/release_cred.c: Give an minor_status argument to gss_release_oid_set. From Rafal Malinowski -2007-05-30 Love Hörnquist Åstrand +2007-05-30 Love Hörnquist Ã…strand * ntlm/accept_sec_context.c: Catch errors and return the up the stack. * test_kcred.c: more testing of lifetimes -2007-05-17 Love Hörnquist Åstrand +2007-05-17 Love Hörnquist Ã…strand * Makefile.am: Drop the gss oid_set function for the krb5 mech, use the mech glue versions instead. Pointed out by Rafal @@ -196,22 +303,22 @@ * krb5: Use gss oid_set functions from mechglue -2007-05-14 Love Hörnquist Åstrand +2007-05-14 Love Hörnquist Ã…strand * ntlm/accept_sec_context.c: Set session key only if we are returned a session key. Found by David Love. -2007-05-13 Love Hörnquist Åstrand +2007-05-13 Love Hörnquist Ã…strand * krb5/prf.c: switched MIN to min to make compile on solaris, pointed out by David Love. -2007-05-09 Love Hörnquist Åstrand +2007-05-09 Love Hörnquist Ã…strand * krb5/inquire_cred_by_mech.c: Fill in all of the variables if they are passed in. Pointed out by Phil Fisher. -2007-05-08 Love Hörnquist Åstrand +2007-05-08 Love Hörnquist Ã…strand * krb5/inquire_cred.c: Fix copy and paste error, bug spotted by from Phil Fisher. @@ -232,7 +339,7 @@ * krb5/inquire_cred_by_mech.c: reimplement -2007-05-07 Love Hörnquist Åstrand +2007-05-07 Love Hörnquist Ã…strand * ntlm/acquire_cred.c: drop unused variable. @@ -242,19 +349,19 @@ * ntlm: split out backend ntlm server processing -2007-04-24 Love Hörnquist Åstrand +2007-04-24 Love Hörnquist Ã…strand * ntlm/delete_sec_context.c (_gss_ntlm_delete_sec_context): free credcache when done -2007-04-22 Love Hörnquist Åstrand +2007-04-22 Love Hörnquist Ã…strand * ntlm/init_sec_context.c: ntlm-key credential entry is prefix with @ * ntlm/init_sec_context.c (get_user_ccache): pick up the ntlm creds from the krb5 credential cache. -2007-04-21 Love Hörnquist Åstrand +2007-04-21 Love Hörnquist Ã…strand * ntlm/delete_sec_context.c: free the key stored in the context @@ -262,14 +369,14 @@ * test_oid.c: Switch oid to one that is exported. -2007-04-20 Love Hörnquist Åstrand +2007-04-20 Love Hörnquist Ã…strand * ntlm/init_sec_context.c: move where hash is calculated to make it easier to add ccache support. * Makefile.am: Add version-script.map to EXTRA_DIST. -2007-04-19 Love Hörnquist Åstrand +2007-04-19 Love Hörnquist Ã…strand * Makefile.am: Unconfuse newer versions of automake that doesn't know the diffrence between depenences and setting variables. foo: @@ -283,7 +390,7 @@ * version-script.map: add version script if ld supports it -2007-04-18 Love Hörnquist Åstrand +2007-04-18 Love Hörnquist Ã…strand * Makefile.am: test_acquire_cred need test_common.[ch] @@ -298,7 +405,7 @@ * mech/gss_krb5.c: reimplement gss_krb5_ccache_name -2007-04-17 Love Hörnquist Åstrand +2007-04-17 Love Hörnquist Ã…strand * spnego/cred_stubs.c: Need to import spnego name before we can use it as a gss_name_t. @@ -309,27 +416,27 @@ * mech/gss_acquire_cred.c (gss_acquire_cred): dont init cred->gc_mc every time in the loop. -2007-04-15 Love Hörnquist Åstrand +2007-04-15 Love Hörnquist Ã…strand * Makefile.am: add test_common.h -2007-02-16 Love Hörnquist Åstrand +2007-02-16 Love Hörnquist Ã…strand * gss_acquire_cred.3: Add link for gsskrb5_register_acceptor_identity. -2007-02-08 Love Hörnquist Åstrand +2007-02-08 Love Hörnquist Ã…strand * krb5/copy_ccache.c: Try to leak less memory in the failure case. -2007-01-31 Love Hörnquist Åstrand +2007-01-31 Love Hörnquist Ã…strand * mech/gss_display_status.c: Use right printf formater. * test_*.[ch]: split out the error printing function and try to return better errors -2007-01-30 Love Hörnquist Åstrand +2007-01-30 Love Hörnquist Ã…strand * krb5/init_sec_context.c: revert 1.75: (init_auth): only turn on GSS_C_CONF_FLAG and GSS_C_INT_FLAG if the caller requseted it. @@ -337,7 +444,7 @@ This is because Kerberos always support INT|CONF, matches behavior with MS and MIT. The creates problems for the GSS-SPNEGO mech. -2007-01-24 Love Hörnquist Åstrand +2007-01-24 Love Hörnquist Ã…strand * krb5/prf.c: constrain desired_output_len @@ -364,7 +471,7 @@ * gssapi_mech.h: Add hook for gm_pseudo_random. -2007-01-17 Love Hörnquist Åstrand +2007-01-17 Love Hörnquist Ã…strand * test_context.c: Don't assume bufer from gss_display_status is ok. @@ -443,7 +550,7 @@ * mech/mech_locl.h (_mg_buffer_zero): new macro that zaps a gss_buffer_t -2007-01-16 Love Hörnquist Åstrand +2007-01-16 Love Hörnquist Ã…strand * mech: sprinkel _gss_mg_error @@ -463,17 +570,17 @@ * gss.c: Detect NTLM. -2007-01-11 Love Hörnquist Åstrand +2007-01-11 Love Hörnquist Ã…strand * mech/gss_accept_sec_context.c: spelling -2007-01-04 Love Hörnquist Åstrand +2007-01-04 Love Hörnquist Ã…strand * Makefile.am: Include build (private) prototypes header files. * Makefile.am (ntlmsrc): add ntlm/ntlm-private.h -2006-12-28 Love Hörnquist Åstrand +2006-12-28 Love Hörnquist Ã…strand * ntlm/accept_sec_context.c: Pass signseal argument to _gss_ntlm_set_key. @@ -495,7 +602,7 @@ * ntlm/crypto.c: NTLMv2 sign and verify. -2006-12-20 Love Hörnquist Åstrand +2006-12-20 Love Hörnquist Ã…strand * ntlm/accept_sec_context.c: Don't send targetinfo now. @@ -508,7 +615,7 @@ * ntlm/init_sec_context.c: Add NTLM_NEG_NTLM2_SESSION, NTLMv2 session security (disable because missing sign and seal). -2006-12-19 Love Hörnquist Åstrand +2006-12-19 Love Hörnquist Ã…strand * ntlm/accept_sec_context.c: split RC4 send and recv keystreams @@ -540,7 +647,7 @@ on the opportunistic token instead of guessing the acceptor name and do gss_acquire_cred, this make SPNEGO work like before. -2006-12-18 Love Hörnquist Åstrand +2006-12-18 Love Hörnquist Ã…strand * ntlm/init_sec_context.c: Calculate the NTLM version 1 "master" key. @@ -592,11 +699,11 @@ that there are no credentials for) split NegTokenInit and NegTokenResp in acceptor -2006-12-16 Love Hörnquist Åstrand +2006-12-16 Love Hörnquist Ã…strand * ntlm/import_name.c: Allocate the buffer from the right length. -2006-12-15 Love Hörnquist Åstrand +2006-12-15 Love Hörnquist Ã…strand * ntlm/init_sec_context.c (init_sec_context): Tell the other side what domain we think we are talking to. @@ -633,33 +740,33 @@ * ntlm/accept_sec_context.c: Check after a credential to use. -2006-12-14 Love Hörnquist Åstrand +2006-12-14 Love Hörnquist Ã…strand * krb5/set_sec_context_option.c (GSS_KRB5_SET_DEFAULT_REALM_X): don't fail on success. Bug report from Stefan Metzmacher. -2006-12-13 Love Hörnquist Åstrand +2006-12-13 Love Hörnquist Ã…strand * krb5/init_sec_context.c (init_auth): only turn on GSS_C_CONF_FLAG and GSS_C_INT_FLAG if the caller requseted it. From Stefan Metzmacher. -2006-12-11 Love Hörnquist Åstrand +2006-12-11 Love Hörnquist Ã…strand * Makefile.am (libgssapi_la_OBJECTS): depends on gssapi_asn1.h spnego_asn1.h. -2006-11-20 Love Hörnquist Åstrand +2006-11-20 Love Hörnquist Ã…strand * krb5/acquire_cred.c: Make krb5_get_init_creds_opt_free take a context argument. -2006-11-16 Love Hörnquist Åstrand +2006-11-16 Love Hörnquist Ã…strand * test_context.c: Test that token keys are the same, return actual_mech. -2006-11-15 Love Hörnquist Åstrand +2006-11-15 Love Hörnquist Ã…strand * spnego/spnego_locl.h: Make bitfields unsigned, add maybe_open. @@ -689,14 +796,14 @@ supported mechs list and make sure we don't select that for the preferred mechamism. -2006-11-14 Love Hörnquist Åstrand +2006-11-14 Love Hörnquist Ã…strand * mech/gss_init_sec_context.c (_gss_mech_cred_find): break out the cred finding to its own function * krb5/wrap.c: Better error strings, from Andrew Bartlet. -2006-11-13 Love Hörnquist Åstrand +2006-11-13 Love Hörnquist Ã…strand * test_context.c: Create our own krb5_context. @@ -708,13 +815,13 @@ * mech/gss_set_cred_option.c: When calling ->gm_set_cred_option and checking for success, use GSS_S_COMPLETE. From Andrew Bartlet. -2006-11-12 Love Hörnquist Åstrand +2006-11-12 Love Hörnquist Ã…strand * Makefile.am: Help solaris make even more. * Makefile.am: Help solaris make. -2006-11-09 Love Hörnquist Åstrand +2006-11-09 Love Hörnquist Ã…strand * Makefile.am: remove include $(srcdir)/Makefile-digest.am for now @@ -738,7 +845,7 @@ * krb5/gkrb5_err.et: Move the GSS_KRB5_S error here. -2006-11-08 Love Hörnquist Åstrand +2006-11-08 Love Hörnquist Ã…strand * mech/gss_krb5.c: Add gsskrb5_set_default_realm. @@ -749,7 +856,7 @@ * krb5/external.c: add GSS_KRB5_SET_DEFAULT_REALM_X -2006-11-07 Love Hörnquist Åstrand +2006-11-07 Love Hörnquist Ã…strand * test_context.c: rename krb5_[gs]et_time_wrap to krb5_[gs]et_max_time_skew @@ -784,12 +891,12 @@ * krb5/inquire_sec_context_by_oid.c: check if there is any key at all -2006-11-06 Love Hörnquist Åstrand +2006-11-06 Love Hörnquist Ã…strand * krb5/inquire_sec_context_by_oid.c: Set more error strings, use right enum for acceptor subkey. From Andrew Bartlett. -2006-11-04 Love Hörnquist Åstrand +2006-11-04 Love Hörnquist Ã…strand * test_context.c: Test gsskrb5_extract_service_keyblock, needed in PAC valication. From Andrew Bartlett @@ -802,7 +909,7 @@ * krb5/external.c: Add GSS_KRB5_GET_SERVICE_KEYBLOCK_X -2006-11-03 Love Hörnquist Åstrand +2006-11-03 Love Hörnquist Ã…strand * test_context.c: Rename various routines and constants from canonize to canonicalize. From Andrew Bartlett @@ -819,12 +926,12 @@ * gssapi/gssapi_krb5.h: Rename various routines and constants from canonize to canonicalize. From Andrew Bartlett -2006-10-25 Love Hörnquist Åstrand +2006-10-25 Love Hörnquist Ã…strand * krb5/accept_sec_context.c (gsskrb5_accept_delegated_token): need to free ccache -2006-10-24 Love Hörnquist Åstrand +2006-10-24 Love Hörnquist Ã…strand * test_context.c (loop): free target_name @@ -843,7 +950,7 @@ * krb5/set_cred_option.c (import_cred): free sp -2006-10-22 Love Hörnquist Åstrand +2006-10-22 Love Hörnquist Ã…strand * mech/gss_add_oid_set_member.c: Use old implementation of gss_add_oid_set_member, it leaks less memory. @@ -855,7 +962,7 @@ * mech/gss_release_name.c (gss_release_name): free input_name it-self. -2006-10-21 Love Hörnquist Åstrand +2006-10-21 Love Hörnquist Ã…strand * test_context.c: Call setprogname. @@ -864,7 +971,7 @@ * gssapi/gssapi_krb5.h: add gsskrb5_extract_authtime_from_sec_context -2006-10-20 Love Hörnquist Åstrand +2006-10-20 Love Hörnquist Ã…strand * krb5/inquire_sec_context_by_oid.c: Add get_authtime. @@ -883,7 +990,7 @@ * Makefile.am: more files -2006-10-19 Love Hörnquist Åstrand +2006-10-19 Love Hörnquist Ã…strand * Makefile.am: remove spnego/gssapi_spnego.h, its now in gssapi/ @@ -894,7 +1001,7 @@ * gssapi/gssapi.h: Rename GSS_DIGEST_MECHANISM to GSS_SASL_DIGEST_MD5_MECHANISM -2006-10-18 Love Hörnquist Åstrand +2006-10-18 Love Hörnquist Ã…strand * mech/gssapi.asn1: Make it into a heim_any_set, its doesn't except a tag. @@ -911,7 +1018,7 @@ * krb5/external.c: add GSS_KRB5_GET_INITIATOR_SUBKEY_X, GSS_KRB5_GET_SUBKEY_X -2006-10-17 Love Hörnquist Åstrand +2006-10-17 Love Hörnquist Ã…strand * test_context.c: Support switching on name type oid's @@ -932,7 +1039,7 @@ * mech/gss_krb5.c: add bits to make lucid context work -2006-10-14 Love Hörnquist Åstrand +2006-10-14 Love Hörnquist Ã…strand * mech/gss_oid_to_str.c: Prefix der primitives with der_. @@ -943,7 +1050,7 @@ * mech/gss_oid_to_str.c: New der_print_heim_oid signature. -2006-10-12 Love Hörnquist Åstrand +2006-10-12 Love Hörnquist Ã…strand * Makefile.am: add test_context @@ -964,11 +1071,11 @@ * spnego/spnego_locl.h: Maybe include . -2006-10-09 Love Hörnquist Åstrand +2006-10-09 Love Hörnquist Ã…strand * mech/gss_mech_switch.c: define RTLD_LOCAL to 0 if not defined. -2006-10-08 Love Hörnquist Åstrand +2006-10-08 Love Hörnquist Ã…strand * Makefile.am: install gssapi_krb5.H and gssapi_spnego.h @@ -982,7 +1089,7 @@ * krb5: reference all include files using 'krb5/' -2006-10-07 Love Hörnquist Åstrand +2006-10-07 Love Hörnquist Ã…strand * gssapi.h: Add file inclusion protection. @@ -997,14 +1104,14 @@ * Makefile.am: split build files into dist_ and noinst_ SOURCES -2006-10-06 Love Hörnquist Åstrand +2006-10-06 Love Hörnquist Ã…strand * gss.c: #if 0 out unused code. * mech/gss_mech_switch.c: Cast argument to ctype(3) functions to (unsigned char). -2006-10-05 Love Hörnquist Åstrand +2006-10-05 Love Hörnquist Ã…strand * mech/name.h: remove @@ -1012,7 +1119,7 @@ * mech/cred.h: remove -2006-10-02 Love Hörnquist Åstrand +2006-10-02 Love Hörnquist Ã…strand * krb5/arcfour.c: Thinker more with header lengths. @@ -1030,14 +1137,14 @@ * spnego/context_stubs.c: Make internal function static (and rename). -2006-10-01 Love Hörnquist Åstrand +2006-10-01 Love Hörnquist Ã…strand * krb5/inquire_cred.c: Fix "if (x) lock(y)" bug. From Harald Barth. * spnego/spnego_locl.h: Include for MAXHOSTNAMELEN. -2006-09-25 Love Hörnquist Åstrand +2006-09-25 Love Hörnquist Ã…strand * krb5/arcfour.c: Add wrap support, interrop with itself but not w2k3s-sp1 @@ -1055,7 +1162,7 @@ protocol. It should be possible to detach the Kerberos DCE-style since it starts with a AP-REQ PDU, but that have to wait for now. -2006-09-22 Love Hörnquist Åstrand +2006-09-22 Love Hörnquist Ã…strand * gssapi.h: Add GSS_C flags from draft-brezak-win2k-krb-rc4-hmac-04.txt. @@ -1072,18 +1179,18 @@ initiator part from the samba patch by Stefan Metzmacher and Andrew Bartlet (still missing DCE/RPC support) -2006-08-28 Love Hörnquist Åstrand +2006-08-28 Love Hörnquist Ã…strand * gss.c (help): use sl_slc_help(). -2006-07-22 Love Hörnquist Åstrand +2006-07-22 Love Hörnquist Ã…strand * gss-commands.in: rename command to supported-mechanisms * Makefile.am: Make gss objects depend on the slc built gss-commands.h -2006-07-20 Love Hörnquist Åstrand +2006-07-20 Love Hörnquist Ã…strand * gss-commands.in: add slc commands for gss @@ -1116,7 +1223,7 @@ * mech/name.h: no need to mark _gss_find_mn extern. -2006-07-19 Love Hörnquist Åstrand +2006-07-19 Love Hörnquist Ã…strand * krb5/cfx.c: Redo the wrap length calculations. @@ -1124,7 +1231,7 @@ * mech/gss_display_status.c: Handle more error codes. -2006-07-07 Love Hörnquist Åstrand +2006-07-07 Love Hörnquist Ã…strand * mech/mech_locl.h: Include and "mechqueue.h" @@ -1146,7 +1253,7 @@ convert the name to a MN, fail with GSS_S_BAD_NAME rather then a NULL de-reference. -2006-07-06 Love Hörnquist Åstrand +2006-07-06 Love Hörnquist Ã…strand * spnego/external.c: readd gss_spnego_inquire_names_for_mech @@ -1171,7 +1278,7 @@ desired_mechs, get our own list with indicate_mechs and remove ourself. -2006-07-05 Love Hörnquist Åstrand +2006-07-05 Love Hörnquist Ã…strand * spnego/external.c: remove gss_spnego_inquire_names_for_mech, let the mechglue layer implement it @@ -1182,11 +1289,11 @@ * spnego/spnego_locl.c: remove gss_spnego_inquire_names_for_mech, let the mechglue layer implement it -2006-07-01 Love Hörnquist Åstrand +2006-07-01 Love Hörnquist Ã…strand * mech/gss_set_cred_option.c: fix argument to gss_release_cred -2006-06-30 Love Hörnquist Åstrand +2006-06-30 Love Hörnquist Ã…strand * krb5/init_sec_context.c: Make work on compilers that are somewhat more picky then gcc4 (like gcc2.95) @@ -1232,7 +1339,7 @@ preferred_mech_type and negotiated_mech_type, they where never allocated from the begining. -2006-06-29 Love Hörnquist Åstrand +2006-06-29 Love Hörnquist Ã…strand * mech/gss_import_name.c (gss_import_name): avoid type-punned/strict aliasing rules @@ -1254,7 +1361,7 @@ * mech/gss_acquire_cred.c (gss_acquire_cred): if desired_mechs is NO_OID_SET, there is a need to load the mechs, so always do that. -2006-06-28 Love Hörnquist Åstrand +2006-06-28 Love Hörnquist Ã…strand * krb5/inquire_cred_by_oid.c: Reimplement GSS_KRB5_COPY_CCACHE_X to instead pass a fullname to the credential, then resolve and @@ -1295,7 +1402,7 @@ * spnego: Import Luke Howard's SPNEGO from the mechglue branch -2006-06-22 Love Hörnquist Åstrand +2006-06-22 Love Hörnquist Ã…strand * gssapi.h: Add oid_to_str. @@ -1305,7 +1412,7 @@ * test_oid.c: Add test for gss_oid_to_str() -2006-05-13 Love Hörnquist Åstrand +2006-05-13 Love Hörnquist Ã…strand * verify_mic.c: Less pointer signedness warnings. @@ -1331,21 +1438,21 @@ * import_sec_context.c: Less pointer signedness warnings. -2006-05-09 Love Hörnquist Åstrand +2006-05-09 Love Hörnquist Ã…strand * accept_sec_context.c (gsskrb5_is_cfx): always set is_cfx. From Andrew Abartlet. -2006-05-08 Love Hörnquist Åstrand +2006-05-08 Love Hörnquist Ã…strand * get_mic.c (mic_des3): make sure message_buffer doesn't point to free()ed memory on failure. Pointed out by IBM checker. -2006-05-05 Love Hörnquist Åstrand +2006-05-05 Love Hörnquist Ã…strand * Rename u_intXX_t to uintXX_t -2006-05-04 Love Hörnquist Åstrand +2006-05-04 Love Hörnquist Ã…strand * cfx.c: Less pointer signedness warnings. @@ -1355,7 +1462,7 @@ * 8003.c (gssapi_decode_*): make data argument const void * -2006-04-12 Love Hörnquist Åstrand +2006-04-12 Love Hörnquist Ã…strand * export_sec_context.c: Export sequence order element. From Wynn Wilkes . @@ -1369,12 +1476,12 @@ * test_sequence.c: Add test for import/export sequence. -2006-04-09 Love Hörnquist Åstrand +2006-04-09 Love Hörnquist Ã…strand * add_cred.c: Check that cred != GSS_C_NO_CREDENTIAL, this is a standard conformance failure, but much better then a crash. -2006-04-02 Love Hörnquist Åstrand +2006-04-02 Love Hörnquist Ã…strand * get_mic.c (get_mic*)_: make sure message_token is cleaned on error, found by IBM checker. @@ -1382,22 +1489,22 @@ * wrap.c (wrap*): Reset output_buffer on error, found by IBM checker. -2006-02-15 Love Hörnquist Åstrand +2006-02-15 Love Hörnquist Ã…strand * import_name.c: Accept both GSS_C_NT_HOSTBASED_SERVICE and GSS_C_NT_HOSTBASED_SERVICE_X as nametype for hostbased names. -2006-01-16 Love Hörnquist Åstrand +2006-01-16 Love Hörnquist Ã…strand * delete_sec_context.c (gss_delete_sec_context): if the context handle is GSS_C_NO_CONTEXT, don't fall over. -2005-12-12 Love Hörnquist Åstrand +2005-12-12 Love Hörnquist Ã…strand * gss_acquire_cred.3: Replace gss_krb5_import_ccache with gss_krb5_import_cred and add more references -2005-12-05 Love Hörnquist Åstrand +2005-12-05 Love Hörnquist Ã…strand * gssapi.h: Change gss_krb5_import_ccache to gss_krb5_import_cred, it can handle keytabs too. @@ -1407,7 +1514,7 @@ * context_time.c (gssapi_lifetime_left): define the 0 lifetime as GSS_C_INDEFINITE. -2005-12-01 Love Hörnquist Åstrand +2005-12-01 Love Hörnquist Ã…strand * acquire_cred.c (acquire_acceptor_cred): only check if principal exists if we got called with principal as an argument. @@ -1415,12 +1522,12 @@ * acquire_cred.c (acquire_acceptor_cred): check that the acceptor exists in the keytab before returning ok. -2005-11-29 Love Hörnquist Åstrand +2005-11-29 Love Hörnquist Ã…strand * copy_ccache.c (gss_krb5_import_cred): fix buglet, from Andrew Bartlett. -2005-11-25 Love Hörnquist Åstrand +2005-11-25 Love Hörnquist Ã…strand * test_kcred.c: Rename gss_krb5_import_ccache to gss_krb5_import_cred. @@ -1428,7 +1535,7 @@ * copy_ccache.c: Rename gss_krb5_import_ccache to gss_krb5_import_cred and let it grow code to handle keytabs too. -2005-11-02 Love Hörnquist Åstrand +2005-11-02 Love Hörnquist Ã…strand * init_sec_context.c: Change sematics of ok-as-delegate to match windows if @@ -1445,11 +1552,11 @@ * accept_sec_context.c (gsskrb5_accept_delegated_token): rewrite to use gss_krb5_import_ccache -2005-11-01 Love Hörnquist Åstrand +2005-11-01 Love Hörnquist Ã…strand * arcfour.c: Remove signedness warnings. -2005-10-31 Love Hörnquist Åstrand +2005-10-31 Love Hörnquist Ã…strand * gss_acquire_cred.3: Document that gss_krb5_import_ccache is copy by reference. @@ -1462,7 +1569,7 @@ * test_kcred.c: Remove memory leaks. -2005-10-26 Love Hörnquist Åstrand +2005-10-26 Love Hörnquist Ã…strand * Makefile.am: build test_kcred @@ -1484,13 +1591,13 @@ * test_kcred.c: test gss_krb5_import_ccache -2005-10-21 Love Hörnquist Åstrand +2005-10-21 Love Hörnquist Ã…strand * acquire_cred.c (acquire_initiator_cred): use krb5_cc_cache_match to find a matching creditial cache, if that failes, fallback to the default cache. -2005-10-12 Love Hörnquist Åstrand +2005-10-12 Love Hörnquist Ã…strand * gssapi_locl.h: Add gssapi_krb5_set_status and gssapi_krb5_clear_status @@ -1501,17 +1608,17 @@ * display_status.c: Add gssapi_krb5_clear_status, gssapi_krb5_set_status for handling error messages. -2005-08-23 Love Hörnquist Åstrand +2005-08-23 Love Hörnquist Ã…strand * external.c: Use rk_UNCONST to avoid const warning. * display_status.c: Constify strings to avoid warnings. -2005-08-11 Love Hörnquist Åstrand +2005-08-11 Love Hörnquist Ã…strand * init_sec_context.c: avoid warnings, update (c) -2005-07-13 Love Hörnquist Åstrand +2005-07-13 Love Hörnquist Ã…strand * init_sec_context.c (spnego_initial): use NegotiationToken encoder now that we have one with the new asn1. compiler. @@ -1519,7 +1626,7 @@ * Makefile.am: the new asn.1 compiler includes the modules name in the depend file -2005-06-16 Love Hörnquist Åstrand +2005-06-16 Love Hörnquist Ã…strand * decapsulate.c: use rk_UNCONST @@ -1531,7 +1638,7 @@ * test_cred.c: rename optind to optidx -2005-05-30 Love Hörnquist Åstrand +2005-05-30 Love Hörnquist Ã…strand * init_sec_context.c (init_auth): honor ok-as-delegate if local configuration approves @@ -1540,7 +1647,7 @@ * compat.c: export check_compat as _gss_check_compat -2005-05-29 Love Hörnquist Åstrand +2005-05-29 Love Hörnquist Ã…strand * init_sec_context.c: Prefix Der_class with ASN1_C_ to avoid problems with system headerfiles that pollute the name space. @@ -1548,13 +1655,13 @@ * accept_sec_context.c: Prefix Der_class with ASN1_C_ to avoid problems with system headerfiles that pollute the name space. -2005-05-17 Love Hörnquist Åstrand +2005-05-17 Love Hörnquist Ã…strand * init_sec_context.c (init_auth): set KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED (for java compatibility), also while here, use krb5_auth_con_addflags -2005-05-06 Love Hörnquist Åstrand +2005-05-06 Love Hörnquist Ã…strand * arcfour.c (_gssapi_wrap_arcfour): fix calculating the encap length. From: Tom Maher @@ -1563,12 +1670,12 @@ * test_cred.c (main): Call setprogname. -2005-04-27 Love Hörnquist Åstrand +2005-04-27 Love Hörnquist Ã…strand * prefix all sequence symbols with _, they are not part of the GSS-API api. By comment from Wynn Wilkes -2005-04-10 Love Hörnquist Åstrand +2005-04-10 Love Hörnquist Ã…strand * accept_sec_context.c: break out the processing of the delegated credential to a separate function to make error handling easier, @@ -1578,26 +1685,26 @@ * Makefile.am: add test_sequence to TESTS -2005-04-01 Love Hörnquist Åstrand +2005-04-01 Love Hörnquist Ã…strand * 8003.c (gssapi_krb5_verify_8003_checksum): check that cksum isn't NULL From: Nicolas Pouvesle -2005-03-21 Love Hörnquist Åstrand +2005-03-21 Love Hörnquist Ã…strand * Makefile.am: use $(LIB_roken) -2005-03-16 Love Hörnquist Åstrand +2005-03-16 Love Hörnquist Ã…strand * display_status.c (gssapi_krb5_set_error_string): pass in the krb5_context to krb5_free_error_string -2005-03-15 Love Hörnquist Åstrand +2005-03-15 Love Hörnquist Ã…strand * display_status.c (gssapi_krb5_set_error_string): don't misuse the krb5_get_error_string api -2005-03-01 Love Hörnquist Åstrand +2005-03-01 Love Hörnquist Ã…strand * compat.c (_gss_DES3_get_mic_compat): don't unlock mutex here. Bug reported by Stefan Metzmacher @@ -1643,33 +1750,33 @@ * wrap.c: use gss_krb5_get_subkey(), support KEYTYPE_ARCFOUR_56 -2004-11-30 Love Hörnquist Åstrand +2004-11-30 Love Hörnquist Ã…strand * inquire_cred.c: Reverse order of HEIMDAL_MUTEX_unlock and gss_release_cred to avoid deadlock, from Luke Howard . -2004-09-06 Love Hörnquist Åstrand +2004-09-06 Love Hörnquist Ã…strand * gss_acquire_cred.3: gss_krb5_extract_authz_data_from_sec_context was renamed to gsskrb5_extract_authz_data_from_sec_context -2004-08-07 Love Hörnquist Åstrand +2004-08-07 Love Hörnquist Ã…strand * unwrap.c: mutex buglet, From: Luke Howard * arcfour.c: mutex buglet, From: Luke Howard -2004-05-06 Love Hörnquist Åstrand +2004-05-06 Love Hörnquist Ã…strand * gssapi.3: spelling from Josef El-Rayes while here, write some text about the SPNEGO situation -2004-04-08 Love Hörnquist Åstrand +2004-04-08 Love Hörnquist Ã…strand * cfx.c: s/CTXAcceptorSubkey/CFXAcceptorSubkey/ -2004-04-07 Love Hörnquist Åstrand +2004-04-07 Love Hörnquist Ã…strand * gssapi.h: add GSS_C_EXPECTING_MECH_LIST_MIC_FLAG From: Luke Howard @@ -1688,7 +1795,7 @@ * compat.c: add _gss_spnego_require_mechlist_mic for compatibility with MS SPNEGO, From: Luke Howard -2004-04-05 Love Hörnquist Åstrand +2004-04-05 Love Hörnquist Ã…strand * accept_sec_context.c (gsskrb5_is_cfx): krb5_keyblock->keytype is an enctype, not keytype @@ -1700,7 +1807,7 @@ * init_sec_context.c (spnego_initial): handle mech_token better -2004-03-19 Love Hörnquist Åstrand +2004-03-19 Love Hörnquist Ã…strand * gssapi.h: add gss_krb5_get_tkt_flags @@ -1711,7 +1818,7 @@ * gss_acquire_cred.3: document gss_krb5_get_tkt_flags -2004-03-14 Love Hörnquist Åstrand +2004-03-14 Love Hörnquist Ã…strand * acquire_cred.c (gss_acquire_cred): check usage before even bothering to process it, add both keytab and initial tgt if @@ -1744,7 +1851,7 @@ * test_acquire_cred.c: fix comment -2004-03-07 Love Hörnquist Åstrand +2004-03-07 Love Hörnquist Ã…strand * arcfour.h: drop structures for message formats, no longer used @@ -1762,7 +1869,7 @@ * Makefile.am: spnego_files += asn1_NegotiationToken.x -2004-01-25 Love Hörnquist Åstrand +2004-01-25 Love Hörnquist Ã…strand * gssapi.h: add gss_krb5_ccache_name @@ -1776,51 +1883,51 @@ * gss_acquire_cred.3: document gss_krb5_ccache_name -2003-12-12 Love Hörnquist Åstrand +2003-12-12 Love Hörnquist Ã…strand * cfx.c: make rrc a modulus operation if its longer then the length of the message, noticed by Sam Hartman -2003-12-07 Love Hörnquist Åstrand +2003-12-07 Love Hörnquist Ã…strand * accept_sec_context.c: use krb5_auth_con_addflags -2003-12-05 Love Hörnquist Åstrand +2003-12-05 Love Hörnquist Ã…strand * cfx.c: Wrap token id was in wrong order, found by Sam Hartman -2003-12-04 Love Hörnquist Åstrand +2003-12-04 Love Hörnquist Ã…strand * cfx.c: add AcceptorSubkey (but no code understand it yet) ignore unknown token flags -2003-11-22 Love Hörnquist Åstrand +2003-11-22 Love Hörnquist Ã…strand * accept_sec_context.c: Don't require timestamp to be set on delegated token, its already protected by the outer token (and windows doesn't alway send it) Pointed out by Zi-Bin Yang on heimdal-discuss -2003-11-14 Love Hörnquist Åstrand +2003-11-14 Love Hörnquist Ã…strand * cfx.c: fix {} error, pointed out by Liqiang Zhu -2003-11-10 Love Hörnquist Åstrand +2003-11-10 Love Hörnquist Ã…strand * cfx.c: Sequence number should be stored in bigendian order From: Luke Howard -2003-11-09 Love Hörnquist Åstrand +2003-11-09 Love Hörnquist Ã…strand * delete_sec_context.c (gss_delete_sec_context): don't free ticket, krb5_free_ticket does that now -2003-11-06 Love Hörnquist Åstrand +2003-11-06 Love Hörnquist Ã…strand * cfx.c: checksum the header last in MIC token, update to -03 From: Luke Howard -2003-10-07 Love Hörnquist Åstrand +2003-10-07 Love Hörnquist Ã…strand * add_cred.c: If its a MEMORY cc, make a copy. We need to do this since now gss_release_cred will destroy the cred. This should be @@ -1833,12 +1940,12 @@ * acquire_cred.c (acquire_initiator_cred): use kret instead of ret where appropriate -2003-09-30 Love Hörnquist Åstrand +2003-09-30 Love Hörnquist Ã…strand * gss_acquire_cred.3: spelling From: jmc -2003-09-23 Love Hörnquist Åstrand +2003-09-23 Love Hörnquist Ã…strand * cfx.c: - EC and RRC are big-endian, not little-endian - The default is now to rotate regardless of GSS_C_DCE_STYLE. There are @@ -1846,7 +1953,7 @@ avoids allocating memory on the heap if rrc <= 256 From: Luke Howard -2003-09-22 Love Hörnquist Åstrand +2003-09-22 Love Hörnquist Ã…strand * cfx.[ch]: rrc_rotate() was untested and broken, fix it. Set and verify wrap Token->Filler. @@ -1854,12 +1961,12 @@ were accidentally swapped with delete tokens. From: Luke Howard -2003-09-21 Love Hörnquist Åstrand +2003-09-21 Love Hörnquist Ã…strand * cfx.[ch]: no ASN.1-ish header on per-message tokens From: Luke Howard -2003-09-19 Love Hörnquist Åstrand +2003-09-19 Love Hörnquist Ã…strand * arcfour.h: remove depenency on gss_arcfour_mic_token and gss_arcfour_warp_token @@ -1867,11 +1974,11 @@ * arcfour.c: remove depenency on gss_arcfour_mic_token and gss_arcfour_warp_token -2003-09-18 Love Hörnquist Åstrand +2003-09-18 Love Hörnquist Ã…strand * 8003.c: remove #if 0'ed code -2003-09-17 Love Hörnquist Åstrand +2003-09-17 Love Hörnquist Ã…strand * accept_sec_context.c (gsskrb5_accept_sec_context): set sequence number when not requesting mutual auth From: Luke Howard @@ -1880,7 +1987,7 @@ * init_sec_context.c (init_auth): set sequence number when not requesting mutual auth From: Luke Howard -2003-09-16 Love Hörnquist Åstrand +2003-09-16 Love Hörnquist Ã…strand * arcfour.c (*): set minor_status (gss_wrap): set conf_state to conf_req_flags on success @@ -1889,14 +1996,14 @@ * wrap.c (gss_wrap_size_limit): use existing function From: Luke Howard -2003-09-12 Love Hörnquist Åstrand +2003-09-12 Love Hörnquist Ã…strand * indicate_mechs.c (gss_indicate_mechs): in case of error, free mech_set * indicate_mechs.c (gss_indicate_mechs): add SPNEGO -2003-09-10 Love Hörnquist Åstrand +2003-09-10 Love Hörnquist Ã…strand * init_sec_context.c (spnego_initial): catch errors and return them @@ -1905,7 +2012,7 @@ the CHOICE branch encoding, also where here, free no longer used memory -2003-09-09 Love Hörnquist Åstrand +2003-09-09 Love Hörnquist Ã…strand * gss_acquire_cred.3: support GSS_SPNEGO_MECHANISM @@ -1934,22 +2041,22 @@ * Makefile.am: build SPNEGO file -2003-09-08 Love Hörnquist Åstrand +2003-09-08 Love Hörnquist Ã…strand * external.c: SPENGO and IAKERB oids * spnego.asn1: SPENGO ASN1 -2003-09-05 Love Hörnquist Åstrand +2003-09-05 Love Hörnquist Ã…strand * cfx.c: RRC also need to be zero before wraping them From: Luke Howard -2003-09-04 Love Hörnquist Åstrand +2003-09-04 Love Hörnquist Ã…strand * encapsulate.c (gssapi_krb5_encap_length): don't return void -2003-09-03 Love Hörnquist Åstrand +2003-09-03 Love Hörnquist Ã…strand * verify_mic.c: switch from the des_ to the DES_ api @@ -1965,7 +2072,7 @@ * acquire_cred.c: use krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free -2003-09-01 Love Hörnquist Åstrand +2003-09-01 Love Hörnquist Ã…strand * copy_ccache.c: rename gss_krb5_extract_authz_data_from_sec_context to @@ -1974,7 +2081,7 @@ * gssapi.h: rename gss_krb5_extract_authz_data_from_sec_context to gsskrb5_extract_authz_data_from_sec_context -2003-08-31 Love Hörnquist Åstrand +2003-08-31 Love Hörnquist Ã…strand * copy_ccache.c (gss_krb5_extract_authz_data_from_sec_context): check that we have a ticket before we start to use it @@ -1991,12 +2098,12 @@ * verify_mic.c (gss_verify_mic_internal): switch type and key argument -2003-08-30 Love Hörnquist Åstrand +2003-08-30 Love Hörnquist Ã…strand * cfx.[ch]: draft-ietf-krb-wg-gssapi-cfx-01.txt implemetation From: Luke Howard -2003-08-28 Love Hörnquist Åstrand +2003-08-28 Love Hörnquist Ã…strand * arcfour.c (arcfour_mic_cksum): use free_Checksum to free the checksum @@ -2048,7 +2155,7 @@ * 8003.c: add gssapi_{en,de}code_be_om_uint32 -2003-08-27 Love Hörnquist Åstrand +2003-08-27 Love Hörnquist Ã…strand * arcfour.c (_gssapi_verify_mic_arcfour): Do the checksum on right area. Swap filler check, it was reversed. @@ -2061,7 +2168,7 @@ * arcfour.h: arcfour gss-api mech, get_mic/verify_mic working -2003-08-26 Love Hörnquist Åstrand +2003-08-26 Love Hörnquist Ã…strand * gssapi_locl.h: always include cfx.h add prototype for _gssapi_decapsulate @@ -2072,7 +2179,7 @@ * decapsulate.c: add _gssapi_decapsulate, from Luke Howard -2003-08-25 Love Hörnquist Åstrand +2003-08-25 Love Hörnquist Ã…strand * unwrap.c: encap/decap now takes a oid if the enctype/keytype is arcfour, return error add hook for cfx @@ -2104,17 +2211,17 @@ * inquire_cred.c (gss_inquire_cred): handle cred_handle being GSS_C_NO_CREDENTIAL and use the default cred then. -2003-08-19 Love Hörnquist Åstrand +2003-08-19 Love Hörnquist Ã…strand * gss_acquire_cred.3: break out extensions and document gsskrb5_register_acceptor_identity -2003-08-18 Love Hörnquist Åstrand +2003-08-18 Love Hörnquist Ã…strand * test_acquire_cred.c (print_time): time is returned in seconds from now, not unix time -2003-08-17 Love Hörnquist Åstrand +2003-08-17 Love Hörnquist Ã…strand * compat.c (check_compat): avoid leaking principal when finding a match @@ -2125,7 +2232,7 @@ * acquire_cred.c (gss_acquire_cred): 4th argument to gss_test_oid_set_member is a int -2003-07-22 Love Hörnquist Åstrand +2003-07-22 Love Hörnquist Ã…strand * init_sec_context.c (repl_mutual): don't set kerberos error where there was no kerberos error @@ -2140,12 +2247,12 @@ krb5_context. Add destruction/creation functions for the thread specific storage that the error string handling is using. -2003-07-20 Love Hörnquist Åstrand +2003-07-20 Love Hörnquist Ã…strand * gss_acquire_cred.3: add missing prototype and missing .Ft arguments -2003-06-17 Love Hörnquist Åstrand +2003-06-17 Love Hörnquist Ã…strand * verify_mic.c: reorder code so sequence numbers can can be used @@ -2173,7 +2280,7 @@ * Makefile.am: can't have sequence.c in two different places -2003-06-06 Love Hörnquist Åstrand +2003-06-06 Love Hörnquist Ã…strand * test_sequence.c: check rollover, print summery @@ -2184,7 +2291,7 @@ From: Luke Howard -2003-06-05 Love Hörnquist Åstrand +2003-06-05 Love Hörnquist Ã…strand * gssapi_locl.h: add prototypes for sequence.c @@ -2194,7 +2301,7 @@ * sequence.c: sequence number checks, order and replay * test_sequence.c: sequence number checks, order and replay -2003-06-03 Love Hörnquist Åstrand +2003-06-03 Love Hörnquist Ã…strand * accept_sec_context.c (gss_accept_sec_context): make sure time is returned in seconds from now, not in kerberos time @@ -2213,7 +2320,7 @@ * verify_mic.c: make sure minor_status is always set, pointed out by Luke Howard -2003-05-21 Love Hörnquist Åstrand +2003-05-21 Love Hörnquist Ã…strand * *.[ch]: do some basic locking (no reference counting so contexts can be removed while still used) @@ -2224,16 +2331,16 @@ * gss_acquire_cred.3: document argument lifetime_rec to function gss_inquire_context -2003-05-17 Love Hörnquist Åstrand +2003-05-17 Love Hörnquist Ã…strand * test_acquire_cred.c: test gss_add_cred more then once -2003-05-06 Love Hörnquist Åstrand +2003-05-06 Love Hörnquist Ã…strand * gssapi.h: if __cplusplus, wrap the extern variable (just to be safe) and functions in extern "C" { } -2003-04-30 Love Hörnquist Åstrand +2003-04-30 Love Hörnquist Ã…strand * gssapi.3: more about the des3 mic mess @@ -2245,14 +2352,14 @@ * verify_mic.c (verify_mic_des3): If MIC verification fails, retry using the `old' MIC computation (with zero IV). -2003-04-26 Love Hörnquist Åstrand +2003-04-26 Love Hörnquist Ã…strand * gss_acquire_cred.3: more about difference between comparing IN and MN * gss_acquire_cred.3: more about name type and access control -2003-04-25 Love Hörnquist Åstrand +2003-04-25 Love Hörnquist Ã…strand * gss_acquire_cred.3: document gss_context_time @@ -2273,17 +2380,17 @@ (GSS_C_KRB5_COMPAT_DES3_MIC): cpp symbol that exists if gss_krb5_compat_des3_mic exists -2003-04-24 Love Hörnquist Åstrand +2003-04-24 Love Hörnquist Ã…strand * Makefile.am: (libgssapi_la_LDFLAGS): update major version of gssapi for incompatiblity in 3des getmic support -2003-04-23 Love Hörnquist Åstrand +2003-04-23 Love Hörnquist Ã…strand * Makefile.am: test_acquire_cred_LDADD: use libgssapi.la not ./libgssapi.la (make make -jN work) -2003-04-16 Love Hörnquist Åstrand +2003-04-16 Love Hörnquist Ã…strand * gssapi.3: spelling @@ -2291,7 +2398,7 @@ header.h, from Thomas Klausner -2003-04-06 Love Hörnquist Åstrand +2003-04-06 Love Hörnquist Ã…strand * gss_acquire_cred.3: spelling @@ -2307,26 +2414,26 @@ * test_acquire_cred.c: test gss_add_cred too -2003-04-03 Love Hörnquist Åstrand +2003-04-03 Love Hörnquist Ã…strand * Makefile.am: build test_acquire_cred * test_acquire_cred.c: simple gss_acquire_cred test -2003-04-02 Love Hörnquist Åstrand +2003-04-02 Love Hörnquist Ã…strand * gss_acquire_cred.3: s/gssapi/GSS-API/ -2003-03-19 Love Hörnquist Åstrand +2003-03-19 Love Hörnquist Ã…strand * gss_acquire_cred.3: document v1 interface (and that they are obsolete) -2003-03-18 Love Hörnquist Åstrand +2003-03-18 Love Hörnquist Ã…strand * gss_acquire_cred.3: list supported mechanism and nametypes -2003-03-16 Love Hörnquist Åstrand +2003-03-16 Love Hörnquist Ã…strand * gss_acquire_cred.3: text about gss_display_name @@ -2438,7 +2545,7 @@ * gssapi.h: comment out the argument names -2003-03-15 Love Hörnquist Åstrand +2003-03-15 Love Hörnquist Ã…strand * gssapi.3: add LIST OF FUNCTIONS and copyright/license @@ -2446,29 +2553,29 @@ * Makefile.am: man_MANS += gss_aquire_cred.3 -2003-03-14 Love Hörnquist Åstrand +2003-03-14 Love Hörnquist Ã…strand * gss_aquire_cred.3: the gssapi api manpage -2003-03-03 Love Hörnquist Åstrand +2003-03-03 Love Hörnquist Ã…strand * inquire_context.c: (gss_inquire_context): rename argument open to open_context * gssapi.h (gss_inquire_context): rename argument open to open_context -2003-02-27 Love Hörnquist Åstrand +2003-02-27 Love Hörnquist Ã…strand * init_sec_context.c (do_delegation): remove unused variable subkey * gssapi.3: all 0.5.x version had broken token delegation -2003-02-21 Love Hörnquist Åstrand +2003-02-21 Love Hörnquist Ã…strand * (init_auth): only generate one subkey -2003-01-27 Love Hörnquist Åstrand +2003-01-27 Love Hörnquist Ã…strand * verify_mic.c (verify_mic_des3): fix 3des verify_mic to conform to rfc (and mit kerberos), provide backward compat hook diff --git a/lib/gssapi/Makefile.am b/lib/gssapi/Makefile.am index 23264828221c..919799fa80b2 100644 --- a/lib/gssapi/Makefile.am +++ b/lib/gssapi/Makefile.am @@ -1,12 +1,18 @@ -# $Id: Makefile.am 22399 2008-01-11 14:25:47Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common AUTOMAKE_OPTIONS = subdir-objects -AM_CPPFLAGS += -I$(srcdir)/../krb5 \ +AM_CPPFLAGS += \ + -I$(srcdir)/../krb5 \ -I$(srcdir) \ + -I$(srcdir)/gssapi \ -I$(srcdir)/mech \ + -I$(srcdir)/ntlm \ + -I$(srcdir)/krb5 \ + -I$(srcdir)/spnego \ + $(INCLUDE_libintl) \ $(INCLUDE_hcrypto) \ $(INCLUDE_krb4) @@ -18,8 +24,10 @@ krb5src = \ krb5/acquire_cred.c \ krb5/add_cred.c \ krb5/address_to_krb5addr.c \ + krb5/aeap.c \ krb5/arcfour.c \ krb5/canonicalize_name.c \ + krb5/creds.c \ krb5/ccache_name.c \ krb5/cfx.c \ krb5/cfx.h \ @@ -51,17 +59,19 @@ krb5src = \ krb5/inquire_mechs_for_name.c \ krb5/inquire_names_for_mech.c \ krb5/inquire_sec_context_by_oid.c \ + krb5/pname_to_uid.c \ krb5/process_context_token.c \ krb5/prf.c \ krb5/release_buffer.c \ krb5/release_cred.c \ krb5/release_name.c \ krb5/sequence.c \ + krb5/store_cred.c \ krb5/set_cred_option.c \ krb5/set_sec_context_option.c \ krb5/ticket_flags.c \ krb5/unwrap.c \ - krb5/v1.c \ + krb5/authorize_localname.c \ krb5/verify_mic.c \ krb5/wrap.c @@ -69,25 +79,36 @@ mechsrc = \ mech/context.h \ mech/context.c \ mech/cred.h \ + mech/compat.h \ + mech/doxygen.c \ mech/gss_accept_sec_context.c \ mech/gss_acquire_cred.c \ + mech/gss_acquire_cred_ext.c \ + mech/gss_acquire_cred_with_password.c \ mech/gss_add_cred.c \ + mech/gss_add_cred_with_password.c \ mech/gss_add_oid_set_member.c \ + mech/gss_aeap.c \ mech/gss_buffer_set.c \ mech/gss_canonicalize_name.c \ mech/gss_compare_name.c \ mech/gss_context_time.c \ mech/gss_create_empty_oid_set.c \ + mech/gss_cred.c \ mech/gss_decapsulate_token.c \ + mech/gss_delete_name_attribute.c \ mech/gss_delete_sec_context.c \ mech/gss_display_name.c \ + mech/gss_display_name_ext.c \ mech/gss_display_status.c \ mech/gss_duplicate_name.c \ mech/gss_duplicate_oid.c \ mech/gss_encapsulate_token.c \ mech/gss_export_name.c \ + mech/gss_export_name_composite.c \ mech/gss_export_sec_context.c \ mech/gss_get_mic.c \ + mech/gss_get_name_attribute.c \ mech/gss_import_name.c \ mech/gss_import_sec_context.c \ mech/gss_indicate_mechs.c \ @@ -97,12 +118,16 @@ mechsrc = \ mech/gss_inquire_cred_by_mech.c \ mech/gss_inquire_cred_by_oid.c \ mech/gss_inquire_mechs_for_name.c \ + mech/gss_inquire_name.c \ mech/gss_inquire_names_for_mech.c \ mech/gss_krb5.c \ mech/gss_mech_switch.c \ + mech/gss_mo.c \ mech/gss_names.c \ + mech/gss_oid.c \ mech/gss_oid_equal.c \ mech/gss_oid_to_str.c \ + mech/gss_pname_to_uid.c \ mech/gss_process_context_token.c \ mech/gss_pseudo_random.c \ mech/gss_release_buffer.c \ @@ -112,11 +137,14 @@ mechsrc = \ mech/gss_release_oid_set.c \ mech/gss_seal.c \ mech/gss_set_cred_option.c \ + mech/gss_set_name_attribute.c \ mech/gss_set_sec_context_option.c \ mech/gss_sign.c \ + mech/gss_store_cred.c \ mech/gss_test_oid_set_member.c \ mech/gss_unseal.c \ mech/gss_unwrap.c \ + mech/gss_authorize_localname.c \ mech/gss_utils.c \ mech/gss_verify.c \ mech/gss_verify_mic.c \ @@ -146,6 +174,7 @@ ntlmsrc = \ ntlm/canonicalize_name.c \ ntlm/compare_name.c \ ntlm/context_time.c \ + ntlm/creds.c \ ntlm/crypto.c \ ntlm/delete_sec_context.c \ ntlm/display_name.c \ @@ -161,14 +190,15 @@ ntlmsrc = \ ntlm/indicate_mechs.c \ ntlm/init_sec_context.c \ ntlm/inquire_context.c \ - ntlm/inquire_cred.c \ ntlm/inquire_cred_by_mech.c \ ntlm/inquire_mechs_for_name.c \ ntlm/inquire_names_for_mech.c \ + ntlm/inquire_sec_context_by_oid.c \ + ntlm/iter_cred.c \ ntlm/process_context_token.c \ ntlm/release_cred.c \ ntlm/release_name.c \ - ntlm/digest.c + ntlm/kdc.c $(srcdir)/ntlm/ntlm-private.h: cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p ntlm/ntlm-private.h $(ntlmsrc) || rm -f ntlm/ntlm-private.h @@ -184,7 +214,9 @@ nodist_libgssapi_la_SOURCES = \ gkrb5_err.h \ $(BUILT_SOURCES) -libgssapi_la_LDFLAGS = -version-info 2:0:0 +libgssapi_la_DEPENDENCIES = version-script.map + +libgssapi_la_LDFLAGS = -version-info 3:0:0 if versionscript libgssapi_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map @@ -206,9 +238,12 @@ noinst_HEADERS = \ ntlm/ntlm-private.h \ spnego/spnego-private.h \ krb5/gsskrb5-private.h + nobase_include_HEADERS = \ gssapi/gssapi.h \ gssapi/gssapi_krb5.h \ + gssapi/gssapi_ntlm.h \ + gssapi/gssapi_oid.h \ gssapi/gssapi_spnego.h gssapidir = $(includedir)/gssapi @@ -227,9 +262,13 @@ spnego_files = \ asn1_NegTokenInitWin.x \ asn1_NegTokenResp.x -$(libgssapi_la_OBJECTS): $(srcdir)/krb5/gsskrb5-private.h -$(libgssapi_la_OBJECTS): $(srcdir)/spnego/spnego-private.h -$(libgssapi_la_OBJECTS): $(srcdir)/ntlm/ntlm-private.h +BUILTHEADERS = \ + $(srcdir)/krb5/gsskrb5-private.h \ + $(srcdir)/spnego/spnego-private.h \ + $(srcdir)/ntlm/ntlm-private.h + +$(libgssapi_la_OBJECTS): $(BUILTHEADERS) +$(test_context_OBJECTS): $(BUILTHEADERS) $(libgssapi_la_OBJECTS): $(srcdir)/version-script.map @@ -237,18 +276,18 @@ BUILT_SOURCES = $(spnego_files:.x=.c) $(gssapi_files:.x=.c) CLEANFILES = $(BUILT_SOURCES) \ gkrb5_err.h gkrb5_err.c \ - $(spnego_files) spnego_asn1.h spnego_asn1_files \ - $(gssapi_files) gssapi_asn1.h gssapi_asn1_files \ + $(spnego_files) spnego_asn1*.h* spnego_asn1_files spnego_asn1-template.c \ + $(gssapi_files) gssapi_asn1*.h* gssapi_asn1_files gssapi_asn1-template.c \ gss-commands.h gss-commands.c -$(spnego_files) spnego_asn1.h: spnego_asn1_files -$(gssapi_files) gssapi_asn1.h: gssapi_asn1_files +$(spnego_files) spnego_asn1.hx spnego_asn1-priv.hx: spnego_asn1_files +$(gssapi_files) gssapi_asn1.hx gssapi_asn1-priv.hx: gssapi_asn1_files -spnego_asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/spnego/spnego.asn1 - ../asn1/asn1_compile$(EXEEXT) --sequence=MechTypeList $(srcdir)/spnego/spnego.asn1 spnego_asn1 +spnego_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/spnego/spnego.asn1 $(srcdir)/spnego/spnego.opt + $(ASN1_COMPILE) --option-file=$(srcdir)/spnego/spnego.opt $(srcdir)/spnego/spnego.asn1 spnego_asn1 -gssapi_asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/mech/gssapi.asn1 - ../asn1/asn1_compile$(EXEEXT) $(srcdir)/mech/gssapi.asn1 gssapi_asn1 +gssapi_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/mech/gssapi.asn1 + $(ASN1_COMPILE) $(srcdir)/mech/gssapi.asn1 gssapi_asn1 $(srcdir)/krb5/gsskrb5-private.h: cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p krb5/gsskrb5-private.h $(krb5src) || rm -f krb5/gsskrb5-private.h @@ -264,7 +303,7 @@ test_cfx_SOURCES = krb5/test_cfx.c check_PROGRAMS = test_acquire_cred $(TESTS) -bin_PROGRAMS = gss +bin_PROGRAMS = gsstool noinst_PROGRAMS = test_cred test_kcred test_context test_ntlm test_context_SOURCES = test_context.c test_common.c test_common.h @@ -281,33 +320,39 @@ LDADD = libgssapi.la \ # gss -dist_gss_SOURCES = gss.c -nodist_gss_SOURCES = gss-commands.c gss-commands.h +dist_gsstool_SOURCES = gsstool.c +nodist_gsstool_SOURCES = gss-commands.c gss-commands.h -gss_LDADD = libgssapi.la \ +gsstool_LDADD = libgssapi.la \ $(top_builddir)/lib/sl/libsl.la \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_readline) \ $(LIB_roken) -SLC = $(top_builddir)/lib/sl/slc - gss-commands.c gss-commands.h: gss-commands.in $(SLC) $(srcdir)/gss-commands.in -$(gss_OBJECTS): gss-commands.h +$(gsstool_OBJECTS): gss-commands.h EXTRA_DIST = \ + NTMakefile \ + libgssapi-version.rc \ + libgssapi-exports.def \ $(man_MANS) \ krb5/gkrb5_err.et \ mech/gssapi.asn1 \ spnego/spnego.asn1 \ + spnego/spnego.opt \ version-script.map \ gss-commands.in -# to help stupid solaris make - -$(libgssapi_la_OBJECTS): gkrb5_err.h gssapi_asn1.h spnego_asn1.h +$(libgssapi_la_OBJECTS): gkrb5_err.h gssapi_asn1.h gssapi_asn1-priv.h +$(libgssapi_la_OBJECTS): spnego_asn1.h spnego_asn1-priv.h +$(libgssapi_la_OBJECTS): $(srcdir)/gssapi/gssapi_oid.h gkrb5_err.h gkrb5_err.c: $(srcdir)/krb5/gkrb5_err.et $(COMPILE_ET) $(srcdir)/krb5/gkrb5_err.et + +$(srcdir)/gssapi/gssapi_oid.h $(srcdir)/mech/gss_oid.c: + perl $(srcdir)/gen-oid.pl -b base -h $(srcdir)/oid.txt > $(srcdir)/gssapi/gssapi_oid.h + perl $(srcdir)/gen-oid.pl -b base $(srcdir)/oid.txt > $(srcdir)/mech/gss_oid.c diff --git a/lib/gssapi/Makefile.in b/lib/gssapi/Makefile.in index 9886d49b185b..46499032d33d 100644 --- a/lib/gssapi/Makefile.in +++ b/lib/gssapi/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,18 +15,19 @@ @SET_MAKE@ -# $Id: Makefile.am 22399 2008-01-11 14:25:47Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -47,13 +49,13 @@ DIST_COMMON = $(include_HEADERS) $(nobase_include_HEADERS) \ @versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map TESTS = test_oid$(EXEEXT) test_names$(EXEEXT) test_cfx$(EXEEXT) check_PROGRAMS = test_acquire_cred$(EXEEXT) $(am__EXEEXT_1) -bin_PROGRAMS = gss$(EXEEXT) +bin_PROGRAMS = gsstool$(EXEEXT) noinst_PROGRAMS = test_cred$(EXEEXT) test_kcred$(EXEEXT) \ test_context$(EXEEXT) test_ntlm$(EXEEXT) subdir = lib/gssapi ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -68,7 +70,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -82,9 +84,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -92,36 +97,47 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" \ "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)" \ "$(DESTDIR)$(gssapidir)" -libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) am__DEPENDENCIES_1 = -libgssapi_la_DEPENDENCIES = $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) am__dirstamp = $(am__leading_dot)dirstamp am__objects_1 = krb5/8003.lo krb5/accept_sec_context.lo \ krb5/acquire_cred.lo krb5/add_cred.lo \ - krb5/address_to_krb5addr.lo krb5/arcfour.lo \ - krb5/canonicalize_name.lo krb5/ccache_name.lo krb5/cfx.lo \ - krb5/compare_name.lo krb5/compat.lo krb5/context_time.lo \ - krb5/copy_ccache.lo krb5/decapsulate.lo \ + krb5/address_to_krb5addr.lo krb5/aeap.lo krb5/arcfour.lo \ + krb5/canonicalize_name.lo krb5/creds.lo krb5/ccache_name.lo \ + krb5/cfx.lo krb5/compare_name.lo krb5/compat.lo \ + krb5/context_time.lo krb5/copy_ccache.lo krb5/decapsulate.lo \ krb5/delete_sec_context.lo krb5/display_name.lo \ krb5/display_status.lo krb5/duplicate_name.lo \ krb5/encapsulate.lo krb5/export_name.lo \ @@ -131,54 +147,66 @@ am__objects_1 = krb5/8003.lo krb5/accept_sec_context.lo \ krb5/inquire_context.lo krb5/inquire_cred.lo \ krb5/inquire_cred_by_mech.lo krb5/inquire_cred_by_oid.lo \ krb5/inquire_mechs_for_name.lo krb5/inquire_names_for_mech.lo \ - krb5/inquire_sec_context_by_oid.lo \ + krb5/inquire_sec_context_by_oid.lo krb5/pname_to_uid.lo \ krb5/process_context_token.lo krb5/prf.lo \ krb5/release_buffer.lo krb5/release_cred.lo \ - krb5/release_name.lo krb5/sequence.lo krb5/set_cred_option.lo \ - krb5/set_sec_context_option.lo krb5/ticket_flags.lo \ - krb5/unwrap.lo krb5/v1.lo krb5/verify_mic.lo krb5/wrap.lo -am__objects_2 = mech/context.lo mech/gss_accept_sec_context.lo \ - mech/gss_acquire_cred.lo mech/gss_add_cred.lo \ - mech/gss_add_oid_set_member.lo mech/gss_buffer_set.lo \ - mech/gss_canonicalize_name.lo mech/gss_compare_name.lo \ - mech/gss_context_time.lo mech/gss_create_empty_oid_set.lo \ - mech/gss_decapsulate_token.lo mech/gss_delete_sec_context.lo \ - mech/gss_display_name.lo mech/gss_display_status.lo \ + krb5/release_name.lo krb5/sequence.lo krb5/store_cred.lo \ + krb5/set_cred_option.lo krb5/set_sec_context_option.lo \ + krb5/ticket_flags.lo krb5/unwrap.lo \ + krb5/authorize_localname.lo krb5/verify_mic.lo krb5/wrap.lo +am__objects_2 = mech/context.lo mech/doxygen.lo \ + mech/gss_accept_sec_context.lo mech/gss_acquire_cred.lo \ + mech/gss_acquire_cred_ext.lo \ + mech/gss_acquire_cred_with_password.lo mech/gss_add_cred.lo \ + mech/gss_add_cred_with_password.lo \ + mech/gss_add_oid_set_member.lo mech/gss_aeap.lo \ + mech/gss_buffer_set.lo mech/gss_canonicalize_name.lo \ + mech/gss_compare_name.lo mech/gss_context_time.lo \ + mech/gss_create_empty_oid_set.lo mech/gss_cred.lo \ + mech/gss_decapsulate_token.lo \ + mech/gss_delete_name_attribute.lo \ + mech/gss_delete_sec_context.lo mech/gss_display_name.lo \ + mech/gss_display_name_ext.lo mech/gss_display_status.lo \ mech/gss_duplicate_name.lo mech/gss_duplicate_oid.lo \ mech/gss_encapsulate_token.lo mech/gss_export_name.lo \ + mech/gss_export_name_composite.lo \ mech/gss_export_sec_context.lo mech/gss_get_mic.lo \ - mech/gss_import_name.lo mech/gss_import_sec_context.lo \ - mech/gss_indicate_mechs.lo mech/gss_init_sec_context.lo \ - mech/gss_inquire_context.lo mech/gss_inquire_cred.lo \ - mech/gss_inquire_cred_by_mech.lo \ + mech/gss_get_name_attribute.lo mech/gss_import_name.lo \ + mech/gss_import_sec_context.lo mech/gss_indicate_mechs.lo \ + mech/gss_init_sec_context.lo mech/gss_inquire_context.lo \ + mech/gss_inquire_cred.lo mech/gss_inquire_cred_by_mech.lo \ mech/gss_inquire_cred_by_oid.lo \ - mech/gss_inquire_mechs_for_name.lo \ + mech/gss_inquire_mechs_for_name.lo mech/gss_inquire_name.lo \ mech/gss_inquire_names_for_mech.lo mech/gss_krb5.lo \ - mech/gss_mech_switch.lo mech/gss_names.lo \ - mech/gss_oid_equal.lo mech/gss_oid_to_str.lo \ - mech/gss_process_context_token.lo mech/gss_pseudo_random.lo \ - mech/gss_release_buffer.lo mech/gss_release_cred.lo \ - mech/gss_release_name.lo mech/gss_release_oid.lo \ - mech/gss_release_oid_set.lo mech/gss_seal.lo \ - mech/gss_set_cred_option.lo mech/gss_set_sec_context_option.lo \ - mech/gss_sign.lo mech/gss_test_oid_set_member.lo \ - mech/gss_unseal.lo mech/gss_unwrap.lo mech/gss_utils.lo \ + mech/gss_mech_switch.lo mech/gss_mo.lo mech/gss_names.lo \ + mech/gss_oid.lo mech/gss_oid_equal.lo mech/gss_oid_to_str.lo \ + mech/gss_pname_to_uid.lo mech/gss_process_context_token.lo \ + mech/gss_pseudo_random.lo mech/gss_release_buffer.lo \ + mech/gss_release_cred.lo mech/gss_release_name.lo \ + mech/gss_release_oid.lo mech/gss_release_oid_set.lo \ + mech/gss_seal.lo mech/gss_set_cred_option.lo \ + mech/gss_set_name_attribute.lo \ + mech/gss_set_sec_context_option.lo mech/gss_sign.lo \ + mech/gss_store_cred.lo mech/gss_test_oid_set_member.lo \ + mech/gss_unseal.lo mech/gss_unwrap.lo \ + mech/gss_authorize_localname.lo mech/gss_utils.lo \ mech/gss_verify.lo mech/gss_verify_mic.lo mech/gss_wrap.lo \ mech/gss_wrap_size_limit.lo \ mech/gss_inquire_sec_context_by_oid.lo am__objects_3 = ntlm/accept_sec_context.lo ntlm/acquire_cred.lo \ ntlm/add_cred.lo ntlm/canonicalize_name.lo \ - ntlm/compare_name.lo ntlm/context_time.lo ntlm/crypto.lo \ - ntlm/delete_sec_context.lo ntlm/display_name.lo \ + ntlm/compare_name.lo ntlm/context_time.lo ntlm/creds.lo \ + ntlm/crypto.lo ntlm/delete_sec_context.lo ntlm/display_name.lo \ ntlm/display_status.lo ntlm/duplicate_name.lo \ ntlm/export_name.lo ntlm/export_sec_context.lo \ ntlm/external.lo ntlm/import_name.lo \ ntlm/import_sec_context.lo ntlm/indicate_mechs.lo \ ntlm/init_sec_context.lo ntlm/inquire_context.lo \ - ntlm/inquire_cred.lo ntlm/inquire_cred_by_mech.lo \ - ntlm/inquire_mechs_for_name.lo ntlm/inquire_names_for_mech.lo \ + ntlm/inquire_cred_by_mech.lo ntlm/inquire_mechs_for_name.lo \ + ntlm/inquire_names_for_mech.lo \ + ntlm/inquire_sec_context_by_oid.lo ntlm/iter_cred.lo \ ntlm/process_context_token.lo ntlm/release_cred.lo \ - ntlm/release_name.lo ntlm/digest.lo + ntlm/release_name.lo ntlm/kdc.lo am__objects_4 = spnego/accept_sec_context.lo spnego/compat.lo \ spnego/context_stubs.lo spnego/cred_stubs.lo \ spnego/external.lo spnego/init_sec_context.lo @@ -197,13 +225,12 @@ libgssapi_la_OBJECTS = $(dist_libgssapi_la_OBJECTS) \ libgssapi_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libgssapi_la_LDFLAGS) $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) am__EXEEXT_1 = test_oid$(EXEEXT) test_names$(EXEEXT) test_cfx$(EXEEXT) PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) -dist_gss_OBJECTS = gss.$(OBJEXT) -nodist_gss_OBJECTS = gss-commands.$(OBJEXT) -gss_OBJECTS = $(dist_gss_OBJECTS) $(nodist_gss_OBJECTS) -gss_DEPENDENCIES = libgssapi.la $(top_builddir)/lib/sl/libsl.la \ +dist_gsstool_OBJECTS = gsstool.$(OBJEXT) +nodist_gsstool_OBJECTS = gss-commands.$(OBJEXT) +gsstool_OBJECTS = $(dist_gsstool_OBJECTS) $(nodist_gsstool_OBJECTS) +gsstool_DEPENDENCIES = libgssapi.la $(top_builddir)/lib/sl/libsl.la \ $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) am_test_acquire_cred_OBJECTS = test_acquire_cred.$(OBJEXT) \ @@ -248,9 +275,9 @@ test_oid_OBJECTS = test_oid.$(OBJEXT) test_oid_LDADD = $(LDADD) test_oid_DEPENDENCIES = libgssapi.la \ $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -261,72 +288,80 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(dist_libgssapi_la_SOURCES) $(nodist_libgssapi_la_SOURCES) \ - $(dist_gss_SOURCES) $(nodist_gss_SOURCES) \ + $(dist_gsstool_SOURCES) $(nodist_gsstool_SOURCES) \ $(test_acquire_cred_SOURCES) $(test_cfx_SOURCES) \ $(test_context_SOURCES) test_cred.c test_kcred.c test_names.c \ $(test_ntlm_SOURCES) test_oid.c -DIST_SOURCES = $(dist_libgssapi_la_SOURCES) $(dist_gss_SOURCES) \ +DIST_SOURCES = $(dist_libgssapi_la_SOURCES) $(dist_gsstool_SOURCES) \ $(test_acquire_cred_SOURCES) $(test_cfx_SOURCES) \ $(test_context_SOURCES) test_cred.c test_kcred.c test_names.c \ $(test_ntlm_SOURCES) test_oid.c man3dir = $(mandir)/man3 man5dir = $(mandir)/man5 MANS = $(man_MANS) -includeHEADERS_INSTALL = $(INSTALL_HEADER) -nobase_includeHEADERS_INSTALL = $(install_sh_DATA) -nodist_gssapiHEADERS_INSTALL = $(INSTALL_HEADER) HEADERS = $(include_HEADERS) $(nobase_include_HEADERS) \ $(nodist_gssapi_HEADERS) $(noinst_HEADERS) ETAGS = etags CTAGS = ctags +am__tty_colors = \ +red=; grn=; lgn=; blu=; std= DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -350,10 +385,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -370,6 +406,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -385,31 +423,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -424,10 +476,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -468,31 +522,37 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -I$(srcdir)/../krb5 -I$(srcdir) -I$(srcdir)/mech \ +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) -I$(srcdir)/../krb5 -I$(srcdir) \ + -I$(srcdir)/gssapi -I$(srcdir)/mech -I$(srcdir)/ntlm \ + -I$(srcdir)/krb5 -I$(srcdir)/spnego $(INCLUDE_libintl) \ $(INCLUDE_hcrypto) $(INCLUDE_krb4) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la AUTOMAKE_OPTIONS = subdir-objects lib_LTLIBRARIES = libgssapi.la @@ -502,8 +562,10 @@ krb5src = \ krb5/acquire_cred.c \ krb5/add_cred.c \ krb5/address_to_krb5addr.c \ + krb5/aeap.c \ krb5/arcfour.c \ krb5/canonicalize_name.c \ + krb5/creds.c \ krb5/ccache_name.c \ krb5/cfx.c \ krb5/cfx.h \ @@ -535,17 +597,19 @@ krb5src = \ krb5/inquire_mechs_for_name.c \ krb5/inquire_names_for_mech.c \ krb5/inquire_sec_context_by_oid.c \ + krb5/pname_to_uid.c \ krb5/process_context_token.c \ krb5/prf.c \ krb5/release_buffer.c \ krb5/release_cred.c \ krb5/release_name.c \ krb5/sequence.c \ + krb5/store_cred.c \ krb5/set_cred_option.c \ krb5/set_sec_context_option.c \ krb5/ticket_flags.c \ krb5/unwrap.c \ - krb5/v1.c \ + krb5/authorize_localname.c \ krb5/verify_mic.c \ krb5/wrap.c @@ -553,25 +617,36 @@ mechsrc = \ mech/context.h \ mech/context.c \ mech/cred.h \ + mech/compat.h \ + mech/doxygen.c \ mech/gss_accept_sec_context.c \ mech/gss_acquire_cred.c \ + mech/gss_acquire_cred_ext.c \ + mech/gss_acquire_cred_with_password.c \ mech/gss_add_cred.c \ + mech/gss_add_cred_with_password.c \ mech/gss_add_oid_set_member.c \ + mech/gss_aeap.c \ mech/gss_buffer_set.c \ mech/gss_canonicalize_name.c \ mech/gss_compare_name.c \ mech/gss_context_time.c \ mech/gss_create_empty_oid_set.c \ + mech/gss_cred.c \ mech/gss_decapsulate_token.c \ + mech/gss_delete_name_attribute.c \ mech/gss_delete_sec_context.c \ mech/gss_display_name.c \ + mech/gss_display_name_ext.c \ mech/gss_display_status.c \ mech/gss_duplicate_name.c \ mech/gss_duplicate_oid.c \ mech/gss_encapsulate_token.c \ mech/gss_export_name.c \ + mech/gss_export_name_composite.c \ mech/gss_export_sec_context.c \ mech/gss_get_mic.c \ + mech/gss_get_name_attribute.c \ mech/gss_import_name.c \ mech/gss_import_sec_context.c \ mech/gss_indicate_mechs.c \ @@ -581,12 +656,16 @@ mechsrc = \ mech/gss_inquire_cred_by_mech.c \ mech/gss_inquire_cred_by_oid.c \ mech/gss_inquire_mechs_for_name.c \ + mech/gss_inquire_name.c \ mech/gss_inquire_names_for_mech.c \ mech/gss_krb5.c \ mech/gss_mech_switch.c \ + mech/gss_mo.c \ mech/gss_names.c \ + mech/gss_oid.c \ mech/gss_oid_equal.c \ mech/gss_oid_to_str.c \ + mech/gss_pname_to_uid.c \ mech/gss_process_context_token.c \ mech/gss_pseudo_random.c \ mech/gss_release_buffer.c \ @@ -596,11 +675,14 @@ mechsrc = \ mech/gss_release_oid_set.c \ mech/gss_seal.c \ mech/gss_set_cred_option.c \ + mech/gss_set_name_attribute.c \ mech/gss_set_sec_context_option.c \ mech/gss_sign.c \ + mech/gss_store_cred.c \ mech/gss_test_oid_set_member.c \ mech/gss_unseal.c \ mech/gss_unwrap.c \ + mech/gss_authorize_localname.c \ mech/gss_utils.c \ mech/gss_verify.c \ mech/gss_verify_mic.c \ @@ -630,6 +712,7 @@ ntlmsrc = \ ntlm/canonicalize_name.c \ ntlm/compare_name.c \ ntlm/context_time.c \ + ntlm/creds.c \ ntlm/crypto.c \ ntlm/delete_sec_context.c \ ntlm/display_name.c \ @@ -645,14 +728,15 @@ ntlmsrc = \ ntlm/indicate_mechs.c \ ntlm/init_sec_context.c \ ntlm/inquire_context.c \ - ntlm/inquire_cred.c \ ntlm/inquire_cred_by_mech.c \ ntlm/inquire_mechs_for_name.c \ ntlm/inquire_names_for_mech.c \ + ntlm/inquire_sec_context_by_oid.c \ + ntlm/iter_cred.c \ ntlm/process_context_token.c \ ntlm/release_cred.c \ ntlm/release_name.c \ - ntlm/digest.c + ntlm/kdc.c dist_libgssapi_la_SOURCES = \ $(krb5src) \ @@ -665,7 +749,8 @@ nodist_libgssapi_la_SOURCES = \ gkrb5_err.h \ $(BUILT_SOURCES) -libgssapi_la_LDFLAGS = -version-info 2:0:0 $(am__append_1) +libgssapi_la_DEPENDENCIES = version-script.map +libgssapi_la_LDFLAGS = -version-info 3:0:0 $(am__append_1) libgssapi_la_LIBADD = \ $(top_builddir)/lib/ntlm/libheimntlm.la \ $(top_builddir)/lib/krb5/libkrb5.la \ @@ -685,6 +770,8 @@ noinst_HEADERS = \ nobase_include_HEADERS = \ gssapi/gssapi.h \ gssapi/gssapi_krb5.h \ + gssapi/gssapi_ntlm.h \ + gssapi/gssapi_oid.h \ gssapi/gssapi_spnego.h gssapidir = $(includedir)/gssapi @@ -701,11 +788,16 @@ spnego_files = \ asn1_NegTokenInitWin.x \ asn1_NegTokenResp.x +BUILTHEADERS = \ + $(srcdir)/krb5/gsskrb5-private.h \ + $(srcdir)/spnego/spnego-private.h \ + $(srcdir)/ntlm/ntlm-private.h + BUILT_SOURCES = $(spnego_files:.x=.c) $(gssapi_files:.x=.c) CLEANFILES = $(BUILT_SOURCES) \ gkrb5_err.h gkrb5_err.c \ - $(spnego_files) spnego_asn1.h spnego_asn1_files \ - $(gssapi_files) gssapi_asn1.h gssapi_asn1_files \ + $(spnego_files) spnego_asn1*.h* spnego_asn1_files spnego_asn1-template.c \ + $(gssapi_files) gssapi_asn1*.h* gssapi_asn1_files gssapi_asn1-template.c \ gss-commands.h gss-commands.c # test_sequence @@ -723,20 +815,23 @@ LDADD = libgssapi.la \ # gss -dist_gss_SOURCES = gss.c -nodist_gss_SOURCES = gss-commands.c gss-commands.h -gss_LDADD = libgssapi.la \ +dist_gsstool_SOURCES = gsstool.c +nodist_gsstool_SOURCES = gss-commands.c gss-commands.h +gsstool_LDADD = libgssapi.la \ $(top_builddir)/lib/sl/libsl.la \ $(top_builddir)/lib/krb5/libkrb5.la \ $(LIB_readline) \ $(LIB_roken) -SLC = $(top_builddir)/lib/sl/slc EXTRA_DIST = \ + NTMakefile \ + libgssapi-version.rc \ + libgssapi-exports.def \ $(man_MANS) \ krb5/gkrb5_err.et \ mech/gssapi.asn1 \ spnego/spnego.asn1 \ + spnego/spnego.opt \ version-script.map \ gss-commands.in @@ -744,19 +839,19 @@ all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/gssapi/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/gssapi/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/gssapi/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/gssapi/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -774,23 +869,28 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -804,202 +904,384 @@ clean-libLTLIBRARIES: krb5/$(am__dirstamp): @$(MKDIR_P) krb5 @: > krb5/$(am__dirstamp) -krb5/8003.lo: krb5/$(am__dirstamp) -krb5/accept_sec_context.lo: krb5/$(am__dirstamp) -krb5/acquire_cred.lo: krb5/$(am__dirstamp) -krb5/add_cred.lo: krb5/$(am__dirstamp) -krb5/address_to_krb5addr.lo: krb5/$(am__dirstamp) -krb5/arcfour.lo: krb5/$(am__dirstamp) -krb5/canonicalize_name.lo: krb5/$(am__dirstamp) -krb5/ccache_name.lo: krb5/$(am__dirstamp) -krb5/cfx.lo: krb5/$(am__dirstamp) -krb5/compare_name.lo: krb5/$(am__dirstamp) -krb5/compat.lo: krb5/$(am__dirstamp) -krb5/context_time.lo: krb5/$(am__dirstamp) -krb5/copy_ccache.lo: krb5/$(am__dirstamp) -krb5/decapsulate.lo: krb5/$(am__dirstamp) -krb5/delete_sec_context.lo: krb5/$(am__dirstamp) -krb5/display_name.lo: krb5/$(am__dirstamp) -krb5/display_status.lo: krb5/$(am__dirstamp) -krb5/duplicate_name.lo: krb5/$(am__dirstamp) -krb5/encapsulate.lo: krb5/$(am__dirstamp) -krb5/export_name.lo: krb5/$(am__dirstamp) -krb5/export_sec_context.lo: krb5/$(am__dirstamp) -krb5/external.lo: krb5/$(am__dirstamp) -krb5/get_mic.lo: krb5/$(am__dirstamp) -krb5/import_name.lo: krb5/$(am__dirstamp) -krb5/import_sec_context.lo: krb5/$(am__dirstamp) -krb5/indicate_mechs.lo: krb5/$(am__dirstamp) -krb5/init.lo: krb5/$(am__dirstamp) -krb5/init_sec_context.lo: krb5/$(am__dirstamp) -krb5/inquire_context.lo: krb5/$(am__dirstamp) -krb5/inquire_cred.lo: krb5/$(am__dirstamp) -krb5/inquire_cred_by_mech.lo: krb5/$(am__dirstamp) -krb5/inquire_cred_by_oid.lo: krb5/$(am__dirstamp) -krb5/inquire_mechs_for_name.lo: krb5/$(am__dirstamp) -krb5/inquire_names_for_mech.lo: krb5/$(am__dirstamp) -krb5/inquire_sec_context_by_oid.lo: krb5/$(am__dirstamp) -krb5/process_context_token.lo: krb5/$(am__dirstamp) -krb5/prf.lo: krb5/$(am__dirstamp) -krb5/release_buffer.lo: krb5/$(am__dirstamp) -krb5/release_cred.lo: krb5/$(am__dirstamp) -krb5/release_name.lo: krb5/$(am__dirstamp) -krb5/sequence.lo: krb5/$(am__dirstamp) -krb5/set_cred_option.lo: krb5/$(am__dirstamp) -krb5/set_sec_context_option.lo: krb5/$(am__dirstamp) -krb5/ticket_flags.lo: krb5/$(am__dirstamp) -krb5/unwrap.lo: krb5/$(am__dirstamp) -krb5/v1.lo: krb5/$(am__dirstamp) -krb5/verify_mic.lo: krb5/$(am__dirstamp) -krb5/wrap.lo: krb5/$(am__dirstamp) +krb5/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) krb5/$(DEPDIR) + @: > krb5/$(DEPDIR)/$(am__dirstamp) +krb5/8003.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/accept_sec_context.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/acquire_cred.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/add_cred.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/address_to_krb5addr.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/aeap.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/arcfour.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/canonicalize_name.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/creds.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/ccache_name.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/cfx.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/compare_name.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/compat.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/context_time.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/copy_ccache.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/decapsulate.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/delete_sec_context.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/display_name.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/display_status.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/duplicate_name.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/encapsulate.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/export_name.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/export_sec_context.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/external.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/get_mic.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/import_name.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/import_sec_context.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/indicate_mechs.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/init.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/init_sec_context.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/inquire_context.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/inquire_cred.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/inquire_cred_by_mech.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/inquire_cred_by_oid.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/inquire_mechs_for_name.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/inquire_names_for_mech.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/inquire_sec_context_by_oid.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/pname_to_uid.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/process_context_token.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/prf.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/release_buffer.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/release_cred.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/release_name.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/sequence.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/store_cred.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/set_cred_option.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/set_sec_context_option.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/ticket_flags.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/unwrap.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) +krb5/authorize_localname.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/verify_mic.lo: krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) +krb5/wrap.lo: krb5/$(am__dirstamp) krb5/$(DEPDIR)/$(am__dirstamp) mech/$(am__dirstamp): @$(MKDIR_P) mech @: > mech/$(am__dirstamp) -mech/context.lo: mech/$(am__dirstamp) -mech/gss_accept_sec_context.lo: mech/$(am__dirstamp) -mech/gss_acquire_cred.lo: mech/$(am__dirstamp) -mech/gss_add_cred.lo: mech/$(am__dirstamp) -mech/gss_add_oid_set_member.lo: mech/$(am__dirstamp) -mech/gss_buffer_set.lo: mech/$(am__dirstamp) -mech/gss_canonicalize_name.lo: mech/$(am__dirstamp) -mech/gss_compare_name.lo: mech/$(am__dirstamp) -mech/gss_context_time.lo: mech/$(am__dirstamp) -mech/gss_create_empty_oid_set.lo: mech/$(am__dirstamp) -mech/gss_decapsulate_token.lo: mech/$(am__dirstamp) -mech/gss_delete_sec_context.lo: mech/$(am__dirstamp) -mech/gss_display_name.lo: mech/$(am__dirstamp) -mech/gss_display_status.lo: mech/$(am__dirstamp) -mech/gss_duplicate_name.lo: mech/$(am__dirstamp) -mech/gss_duplicate_oid.lo: mech/$(am__dirstamp) -mech/gss_encapsulate_token.lo: mech/$(am__dirstamp) -mech/gss_export_name.lo: mech/$(am__dirstamp) -mech/gss_export_sec_context.lo: mech/$(am__dirstamp) -mech/gss_get_mic.lo: mech/$(am__dirstamp) -mech/gss_import_name.lo: mech/$(am__dirstamp) -mech/gss_import_sec_context.lo: mech/$(am__dirstamp) -mech/gss_indicate_mechs.lo: mech/$(am__dirstamp) -mech/gss_init_sec_context.lo: mech/$(am__dirstamp) -mech/gss_inquire_context.lo: mech/$(am__dirstamp) -mech/gss_inquire_cred.lo: mech/$(am__dirstamp) -mech/gss_inquire_cred_by_mech.lo: mech/$(am__dirstamp) -mech/gss_inquire_cred_by_oid.lo: mech/$(am__dirstamp) -mech/gss_inquire_mechs_for_name.lo: mech/$(am__dirstamp) -mech/gss_inquire_names_for_mech.lo: mech/$(am__dirstamp) -mech/gss_krb5.lo: mech/$(am__dirstamp) -mech/gss_mech_switch.lo: mech/$(am__dirstamp) -mech/gss_names.lo: mech/$(am__dirstamp) -mech/gss_oid_equal.lo: mech/$(am__dirstamp) -mech/gss_oid_to_str.lo: mech/$(am__dirstamp) -mech/gss_process_context_token.lo: mech/$(am__dirstamp) -mech/gss_pseudo_random.lo: mech/$(am__dirstamp) -mech/gss_release_buffer.lo: mech/$(am__dirstamp) -mech/gss_release_cred.lo: mech/$(am__dirstamp) -mech/gss_release_name.lo: mech/$(am__dirstamp) -mech/gss_release_oid.lo: mech/$(am__dirstamp) -mech/gss_release_oid_set.lo: mech/$(am__dirstamp) -mech/gss_seal.lo: mech/$(am__dirstamp) -mech/gss_set_cred_option.lo: mech/$(am__dirstamp) -mech/gss_set_sec_context_option.lo: mech/$(am__dirstamp) -mech/gss_sign.lo: mech/$(am__dirstamp) -mech/gss_test_oid_set_member.lo: mech/$(am__dirstamp) -mech/gss_unseal.lo: mech/$(am__dirstamp) -mech/gss_unwrap.lo: mech/$(am__dirstamp) -mech/gss_utils.lo: mech/$(am__dirstamp) -mech/gss_verify.lo: mech/$(am__dirstamp) -mech/gss_verify_mic.lo: mech/$(am__dirstamp) -mech/gss_wrap.lo: mech/$(am__dirstamp) -mech/gss_wrap_size_limit.lo: mech/$(am__dirstamp) -mech/gss_inquire_sec_context_by_oid.lo: mech/$(am__dirstamp) +mech/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) mech/$(DEPDIR) + @: > mech/$(DEPDIR)/$(am__dirstamp) +mech/context.lo: mech/$(am__dirstamp) mech/$(DEPDIR)/$(am__dirstamp) +mech/doxygen.lo: mech/$(am__dirstamp) mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_accept_sec_context.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_acquire_cred.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_acquire_cred_ext.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_acquire_cred_with_password.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_add_cred.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_add_cred_with_password.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_add_oid_set_member.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_aeap.lo: mech/$(am__dirstamp) mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_buffer_set.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_canonicalize_name.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_compare_name.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_context_time.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_create_empty_oid_set.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_cred.lo: mech/$(am__dirstamp) mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_decapsulate_token.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_delete_name_attribute.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_delete_sec_context.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_display_name.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_display_name_ext.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_display_status.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_duplicate_name.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_duplicate_oid.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_encapsulate_token.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_export_name.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_export_name_composite.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_export_sec_context.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_get_mic.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_get_name_attribute.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_import_name.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_import_sec_context.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_indicate_mechs.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_init_sec_context.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_inquire_context.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_inquire_cred.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_inquire_cred_by_mech.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_inquire_cred_by_oid.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_inquire_mechs_for_name.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_inquire_name.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_inquire_names_for_mech.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_krb5.lo: mech/$(am__dirstamp) mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_mech_switch.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_mo.lo: mech/$(am__dirstamp) mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_names.lo: mech/$(am__dirstamp) mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_oid.lo: mech/$(am__dirstamp) mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_oid_equal.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_oid_to_str.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_pname_to_uid.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_process_context_token.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_pseudo_random.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_release_buffer.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_release_cred.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_release_name.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_release_oid.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_release_oid_set.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_seal.lo: mech/$(am__dirstamp) mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_set_cred_option.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_set_name_attribute.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_set_sec_context_option.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_sign.lo: mech/$(am__dirstamp) mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_store_cred.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_test_oid_set_member.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_unseal.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_unwrap.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_authorize_localname.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_utils.lo: mech/$(am__dirstamp) mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_verify.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_verify_mic.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_wrap.lo: mech/$(am__dirstamp) mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_wrap_size_limit.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) +mech/gss_inquire_sec_context_by_oid.lo: mech/$(am__dirstamp) \ + mech/$(DEPDIR)/$(am__dirstamp) ntlm/$(am__dirstamp): @$(MKDIR_P) ntlm @: > ntlm/$(am__dirstamp) -ntlm/accept_sec_context.lo: ntlm/$(am__dirstamp) -ntlm/acquire_cred.lo: ntlm/$(am__dirstamp) -ntlm/add_cred.lo: ntlm/$(am__dirstamp) -ntlm/canonicalize_name.lo: ntlm/$(am__dirstamp) -ntlm/compare_name.lo: ntlm/$(am__dirstamp) -ntlm/context_time.lo: ntlm/$(am__dirstamp) -ntlm/crypto.lo: ntlm/$(am__dirstamp) -ntlm/delete_sec_context.lo: ntlm/$(am__dirstamp) -ntlm/display_name.lo: ntlm/$(am__dirstamp) -ntlm/display_status.lo: ntlm/$(am__dirstamp) -ntlm/duplicate_name.lo: ntlm/$(am__dirstamp) -ntlm/export_name.lo: ntlm/$(am__dirstamp) -ntlm/export_sec_context.lo: ntlm/$(am__dirstamp) -ntlm/external.lo: ntlm/$(am__dirstamp) -ntlm/import_name.lo: ntlm/$(am__dirstamp) -ntlm/import_sec_context.lo: ntlm/$(am__dirstamp) -ntlm/indicate_mechs.lo: ntlm/$(am__dirstamp) -ntlm/init_sec_context.lo: ntlm/$(am__dirstamp) -ntlm/inquire_context.lo: ntlm/$(am__dirstamp) -ntlm/inquire_cred.lo: ntlm/$(am__dirstamp) -ntlm/inquire_cred_by_mech.lo: ntlm/$(am__dirstamp) -ntlm/inquire_mechs_for_name.lo: ntlm/$(am__dirstamp) -ntlm/inquire_names_for_mech.lo: ntlm/$(am__dirstamp) -ntlm/process_context_token.lo: ntlm/$(am__dirstamp) -ntlm/release_cred.lo: ntlm/$(am__dirstamp) -ntlm/release_name.lo: ntlm/$(am__dirstamp) -ntlm/digest.lo: ntlm/$(am__dirstamp) +ntlm/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) ntlm/$(DEPDIR) + @: > ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/accept_sec_context.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/acquire_cred.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/add_cred.lo: ntlm/$(am__dirstamp) ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/canonicalize_name.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/compare_name.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/context_time.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/creds.lo: ntlm/$(am__dirstamp) ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/crypto.lo: ntlm/$(am__dirstamp) ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/delete_sec_context.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/display_name.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/display_status.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/duplicate_name.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/export_name.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/export_sec_context.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/external.lo: ntlm/$(am__dirstamp) ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/import_name.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/import_sec_context.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/indicate_mechs.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/init_sec_context.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/inquire_context.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/inquire_cred_by_mech.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/inquire_mechs_for_name.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/inquire_names_for_mech.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/inquire_sec_context_by_oid.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/iter_cred.lo: ntlm/$(am__dirstamp) ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/process_context_token.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/release_cred.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/release_name.lo: ntlm/$(am__dirstamp) \ + ntlm/$(DEPDIR)/$(am__dirstamp) +ntlm/kdc.lo: ntlm/$(am__dirstamp) ntlm/$(DEPDIR)/$(am__dirstamp) spnego/$(am__dirstamp): @$(MKDIR_P) spnego @: > spnego/$(am__dirstamp) -spnego/accept_sec_context.lo: spnego/$(am__dirstamp) -spnego/compat.lo: spnego/$(am__dirstamp) -spnego/context_stubs.lo: spnego/$(am__dirstamp) -spnego/cred_stubs.lo: spnego/$(am__dirstamp) -spnego/external.lo: spnego/$(am__dirstamp) -spnego/init_sec_context.lo: spnego/$(am__dirstamp) +spnego/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) spnego/$(DEPDIR) + @: > spnego/$(DEPDIR)/$(am__dirstamp) +spnego/accept_sec_context.lo: spnego/$(am__dirstamp) \ + spnego/$(DEPDIR)/$(am__dirstamp) +spnego/compat.lo: spnego/$(am__dirstamp) \ + spnego/$(DEPDIR)/$(am__dirstamp) +spnego/context_stubs.lo: spnego/$(am__dirstamp) \ + spnego/$(DEPDIR)/$(am__dirstamp) +spnego/cred_stubs.lo: spnego/$(am__dirstamp) \ + spnego/$(DEPDIR)/$(am__dirstamp) +spnego/external.lo: spnego/$(am__dirstamp) \ + spnego/$(DEPDIR)/$(am__dirstamp) +spnego/init_sec_context.lo: spnego/$(am__dirstamp) \ + spnego/$(DEPDIR)/$(am__dirstamp) libgssapi.la: $(libgssapi_la_OBJECTS) $(libgssapi_la_DEPENDENCIES) $(libgssapi_la_LINK) -rpath $(libdir) $(libgssapi_la_OBJECTS) $(libgssapi_la_LIBADD) $(LIBS) install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -gss$(EXEEXT): $(gss_OBJECTS) $(gss_DEPENDENCIES) - @rm -f gss$(EXEEXT) - $(LINK) $(gss_OBJECTS) $(gss_LDADD) $(LIBS) + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +gsstool$(EXEEXT): $(gsstool_OBJECTS) $(gsstool_DEPENDENCIES) + @rm -f gsstool$(EXEEXT) + $(LINK) $(gsstool_OBJECTS) $(gsstool_LDADD) $(LIBS) test_acquire_cred$(EXEEXT): $(test_acquire_cred_OBJECTS) $(test_acquire_cred_DEPENDENCIES) @rm -f test_acquire_cred$(EXEEXT) $(LINK) $(test_acquire_cred_OBJECTS) $(test_acquire_cred_LDADD) $(LIBS) -krb5/test_cfx.$(OBJEXT): krb5/$(am__dirstamp) +krb5/test_cfx.$(OBJEXT): krb5/$(am__dirstamp) \ + krb5/$(DEPDIR)/$(am__dirstamp) test_cfx$(EXEEXT): $(test_cfx_OBJECTS) $(test_cfx_DEPENDENCIES) @rm -f test_cfx$(EXEEXT) $(LINK) $(test_cfx_OBJECTS) $(test_cfx_LDADD) $(LIBS) @@ -1034,8 +1316,12 @@ mostlyclean-compile: -rm -f krb5/add_cred.lo -rm -f krb5/address_to_krb5addr.$(OBJEXT) -rm -f krb5/address_to_krb5addr.lo + -rm -f krb5/aeap.$(OBJEXT) + -rm -f krb5/aeap.lo -rm -f krb5/arcfour.$(OBJEXT) -rm -f krb5/arcfour.lo + -rm -f krb5/authorize_localname.$(OBJEXT) + -rm -f krb5/authorize_localname.lo -rm -f krb5/canonicalize_name.$(OBJEXT) -rm -f krb5/canonicalize_name.lo -rm -f krb5/ccache_name.$(OBJEXT) @@ -1050,6 +1336,8 @@ mostlyclean-compile: -rm -f krb5/context_time.lo -rm -f krb5/copy_ccache.$(OBJEXT) -rm -f krb5/copy_ccache.lo + -rm -f krb5/creds.$(OBJEXT) + -rm -f krb5/creds.lo -rm -f krb5/decapsulate.$(OBJEXT) -rm -f krb5/decapsulate.lo -rm -f krb5/delete_sec_context.$(OBJEXT) @@ -1094,6 +1382,8 @@ mostlyclean-compile: -rm -f krb5/inquire_names_for_mech.lo -rm -f krb5/inquire_sec_context_by_oid.$(OBJEXT) -rm -f krb5/inquire_sec_context_by_oid.lo + -rm -f krb5/pname_to_uid.$(OBJEXT) + -rm -f krb5/pname_to_uid.lo -rm -f krb5/prf.$(OBJEXT) -rm -f krb5/prf.lo -rm -f krb5/process_context_token.$(OBJEXT) @@ -1110,27 +1400,39 @@ mostlyclean-compile: -rm -f krb5/set_cred_option.lo -rm -f krb5/set_sec_context_option.$(OBJEXT) -rm -f krb5/set_sec_context_option.lo + -rm -f krb5/store_cred.$(OBJEXT) + -rm -f krb5/store_cred.lo -rm -f krb5/test_cfx.$(OBJEXT) -rm -f krb5/ticket_flags.$(OBJEXT) -rm -f krb5/ticket_flags.lo -rm -f krb5/unwrap.$(OBJEXT) -rm -f krb5/unwrap.lo - -rm -f krb5/v1.$(OBJEXT) - -rm -f krb5/v1.lo -rm -f krb5/verify_mic.$(OBJEXT) -rm -f krb5/verify_mic.lo -rm -f krb5/wrap.$(OBJEXT) -rm -f krb5/wrap.lo -rm -f mech/context.$(OBJEXT) -rm -f mech/context.lo + -rm -f mech/doxygen.$(OBJEXT) + -rm -f mech/doxygen.lo -rm -f mech/gss_accept_sec_context.$(OBJEXT) -rm -f mech/gss_accept_sec_context.lo -rm -f mech/gss_acquire_cred.$(OBJEXT) -rm -f mech/gss_acquire_cred.lo + -rm -f mech/gss_acquire_cred_ext.$(OBJEXT) + -rm -f mech/gss_acquire_cred_ext.lo + -rm -f mech/gss_acquire_cred_with_password.$(OBJEXT) + -rm -f mech/gss_acquire_cred_with_password.lo -rm -f mech/gss_add_cred.$(OBJEXT) -rm -f mech/gss_add_cred.lo + -rm -f mech/gss_add_cred_with_password.$(OBJEXT) + -rm -f mech/gss_add_cred_with_password.lo -rm -f mech/gss_add_oid_set_member.$(OBJEXT) -rm -f mech/gss_add_oid_set_member.lo + -rm -f mech/gss_aeap.$(OBJEXT) + -rm -f mech/gss_aeap.lo + -rm -f mech/gss_authorize_localname.$(OBJEXT) + -rm -f mech/gss_authorize_localname.lo -rm -f mech/gss_buffer_set.$(OBJEXT) -rm -f mech/gss_buffer_set.lo -rm -f mech/gss_canonicalize_name.$(OBJEXT) @@ -1141,12 +1443,18 @@ mostlyclean-compile: -rm -f mech/gss_context_time.lo -rm -f mech/gss_create_empty_oid_set.$(OBJEXT) -rm -f mech/gss_create_empty_oid_set.lo + -rm -f mech/gss_cred.$(OBJEXT) + -rm -f mech/gss_cred.lo -rm -f mech/gss_decapsulate_token.$(OBJEXT) -rm -f mech/gss_decapsulate_token.lo + -rm -f mech/gss_delete_name_attribute.$(OBJEXT) + -rm -f mech/gss_delete_name_attribute.lo -rm -f mech/gss_delete_sec_context.$(OBJEXT) -rm -f mech/gss_delete_sec_context.lo -rm -f mech/gss_display_name.$(OBJEXT) -rm -f mech/gss_display_name.lo + -rm -f mech/gss_display_name_ext.$(OBJEXT) + -rm -f mech/gss_display_name_ext.lo -rm -f mech/gss_display_status.$(OBJEXT) -rm -f mech/gss_display_status.lo -rm -f mech/gss_duplicate_name.$(OBJEXT) @@ -1157,10 +1465,14 @@ mostlyclean-compile: -rm -f mech/gss_encapsulate_token.lo -rm -f mech/gss_export_name.$(OBJEXT) -rm -f mech/gss_export_name.lo + -rm -f mech/gss_export_name_composite.$(OBJEXT) + -rm -f mech/gss_export_name_composite.lo -rm -f mech/gss_export_sec_context.$(OBJEXT) -rm -f mech/gss_export_sec_context.lo -rm -f mech/gss_get_mic.$(OBJEXT) -rm -f mech/gss_get_mic.lo + -rm -f mech/gss_get_name_attribute.$(OBJEXT) + -rm -f mech/gss_get_name_attribute.lo -rm -f mech/gss_import_name.$(OBJEXT) -rm -f mech/gss_import_name.lo -rm -f mech/gss_import_sec_context.$(OBJEXT) @@ -1179,6 +1491,8 @@ mostlyclean-compile: -rm -f mech/gss_inquire_cred_by_oid.lo -rm -f mech/gss_inquire_mechs_for_name.$(OBJEXT) -rm -f mech/gss_inquire_mechs_for_name.lo + -rm -f mech/gss_inquire_name.$(OBJEXT) + -rm -f mech/gss_inquire_name.lo -rm -f mech/gss_inquire_names_for_mech.$(OBJEXT) -rm -f mech/gss_inquire_names_for_mech.lo -rm -f mech/gss_inquire_sec_context_by_oid.$(OBJEXT) @@ -1187,12 +1501,18 @@ mostlyclean-compile: -rm -f mech/gss_krb5.lo -rm -f mech/gss_mech_switch.$(OBJEXT) -rm -f mech/gss_mech_switch.lo + -rm -f mech/gss_mo.$(OBJEXT) + -rm -f mech/gss_mo.lo -rm -f mech/gss_names.$(OBJEXT) -rm -f mech/gss_names.lo + -rm -f mech/gss_oid.$(OBJEXT) + -rm -f mech/gss_oid.lo -rm -f mech/gss_oid_equal.$(OBJEXT) -rm -f mech/gss_oid_equal.lo -rm -f mech/gss_oid_to_str.$(OBJEXT) -rm -f mech/gss_oid_to_str.lo + -rm -f mech/gss_pname_to_uid.$(OBJEXT) + -rm -f mech/gss_pname_to_uid.lo -rm -f mech/gss_process_context_token.$(OBJEXT) -rm -f mech/gss_process_context_token.lo -rm -f mech/gss_pseudo_random.$(OBJEXT) @@ -1211,10 +1531,14 @@ mostlyclean-compile: -rm -f mech/gss_seal.lo -rm -f mech/gss_set_cred_option.$(OBJEXT) -rm -f mech/gss_set_cred_option.lo + -rm -f mech/gss_set_name_attribute.$(OBJEXT) + -rm -f mech/gss_set_name_attribute.lo -rm -f mech/gss_set_sec_context_option.$(OBJEXT) -rm -f mech/gss_set_sec_context_option.lo -rm -f mech/gss_sign.$(OBJEXT) -rm -f mech/gss_sign.lo + -rm -f mech/gss_store_cred.$(OBJEXT) + -rm -f mech/gss_store_cred.lo -rm -f mech/gss_test_oid_set_member.$(OBJEXT) -rm -f mech/gss_test_oid_set_member.lo -rm -f mech/gss_unseal.$(OBJEXT) @@ -1243,12 +1567,12 @@ mostlyclean-compile: -rm -f ntlm/compare_name.lo -rm -f ntlm/context_time.$(OBJEXT) -rm -f ntlm/context_time.lo + -rm -f ntlm/creds.$(OBJEXT) + -rm -f ntlm/creds.lo -rm -f ntlm/crypto.$(OBJEXT) -rm -f ntlm/crypto.lo -rm -f ntlm/delete_sec_context.$(OBJEXT) -rm -f ntlm/delete_sec_context.lo - -rm -f ntlm/digest.$(OBJEXT) - -rm -f ntlm/digest.lo -rm -f ntlm/display_name.$(OBJEXT) -rm -f ntlm/display_name.lo -rm -f ntlm/display_status.$(OBJEXT) @@ -1271,14 +1595,18 @@ mostlyclean-compile: -rm -f ntlm/init_sec_context.lo -rm -f ntlm/inquire_context.$(OBJEXT) -rm -f ntlm/inquire_context.lo - -rm -f ntlm/inquire_cred.$(OBJEXT) - -rm -f ntlm/inquire_cred.lo -rm -f ntlm/inquire_cred_by_mech.$(OBJEXT) -rm -f ntlm/inquire_cred_by_mech.lo -rm -f ntlm/inquire_mechs_for_name.$(OBJEXT) -rm -f ntlm/inquire_mechs_for_name.lo -rm -f ntlm/inquire_names_for_mech.$(OBJEXT) -rm -f ntlm/inquire_names_for_mech.lo + -rm -f ntlm/inquire_sec_context_by_oid.$(OBJEXT) + -rm -f ntlm/inquire_sec_context_by_oid.lo + -rm -f ntlm/iter_cred.$(OBJEXT) + -rm -f ntlm/iter_cred.lo + -rm -f ntlm/kdc.$(OBJEXT) + -rm -f ntlm/kdc.lo -rm -f ntlm/process_context_token.$(OBJEXT) -rm -f ntlm/process_context_token.lo -rm -f ntlm/release_cred.$(OBJEXT) @@ -1301,14 +1629,211 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_ContextFlags.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_GSSAPIContextToken.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_MechType.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_MechTypeList.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_NegHints.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_NegTokenInit.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_NegTokenInitWin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_NegTokenResp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_NegotiationToken.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_NegotiationTokenWin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gkrb5_err.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gss-commands.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gsstool.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_acquire_cred.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_common.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_context.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_cred.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_kcred.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_names.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_ntlm.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_oid.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/8003.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/accept_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/acquire_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/add_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/address_to_krb5addr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/aeap.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/arcfour.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/authorize_localname.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/canonicalize_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/ccache_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/cfx.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/compare_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/compat.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/context_time.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/copy_ccache.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/creds.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/decapsulate.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/delete_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/display_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/display_status.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/duplicate_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/encapsulate.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/export_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/export_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/external.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/get_mic.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/import_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/import_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/indicate_mechs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/init.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/init_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/inquire_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/inquire_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/inquire_cred_by_mech.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/inquire_cred_by_oid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/inquire_mechs_for_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/inquire_names_for_mech.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/inquire_sec_context_by_oid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/pname_to_uid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/prf.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/process_context_token.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/release_buffer.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/release_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/release_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/sequence.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/set_cred_option.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/set_sec_context_option.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/store_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/test_cfx.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/ticket_flags.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/unwrap.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/verify_mic.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@krb5/$(DEPDIR)/wrap.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/doxygen.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_accept_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_acquire_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_acquire_cred_ext.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_acquire_cred_with_password.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_add_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_add_cred_with_password.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_add_oid_set_member.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_aeap.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_authorize_localname.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_buffer_set.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_canonicalize_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_compare_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_context_time.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_create_empty_oid_set.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_decapsulate_token.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_delete_name_attribute.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_delete_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_display_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_display_name_ext.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_display_status.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_duplicate_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_duplicate_oid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_encapsulate_token.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_export_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_export_name_composite.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_export_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_get_mic.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_get_name_attribute.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_import_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_import_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_indicate_mechs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_init_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_inquire_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_inquire_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_inquire_cred_by_mech.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_inquire_cred_by_oid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_inquire_mechs_for_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_inquire_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_inquire_names_for_mech.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_inquire_sec_context_by_oid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_krb5.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_mech_switch.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_mo.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_names.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_oid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_oid_equal.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_oid_to_str.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_pname_to_uid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_process_context_token.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_pseudo_random.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_release_buffer.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_release_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_release_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_release_oid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_release_oid_set.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_seal.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_set_cred_option.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_set_name_attribute.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_set_sec_context_option.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_sign.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_store_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_test_oid_set_member.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_unseal.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_unwrap.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_utils.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_verify.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_verify_mic.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_wrap.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mech/$(DEPDIR)/gss_wrap_size_limit.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/accept_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/acquire_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/add_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/canonicalize_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/compare_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/context_time.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/creds.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/crypto.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/delete_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/display_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/display_status.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/duplicate_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/export_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/export_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/external.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/import_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/import_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/indicate_mechs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/init_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/inquire_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/inquire_cred_by_mech.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/inquire_mechs_for_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/inquire_names_for_mech.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/inquire_sec_context_by_oid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/iter_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/kdc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/process_context_token.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/release_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ntlm/$(DEPDIR)/release_name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@spnego/$(DEPDIR)/accept_sec_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@spnego/$(DEPDIR)/compat.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@spnego/$(DEPDIR)/context_stubs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@spnego/$(DEPDIR)/cred_stubs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@spnego/$(DEPDIR)/external.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@spnego/$(DEPDIR)/init_sec_context.Plo@am__quote@ + .c.o: - $(COMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c -o $@ $< .c.obj: - $(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo @@ -1319,202 +1844,203 @@ clean-libtool: -rm -rf mech/.libs mech/_libs -rm -rf ntlm/.libs ntlm/_libs -rm -rf spnego/.libs spnego/_libs -install-man3: $(man3_MANS) $(man_MANS) +install-man3: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)" - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man3dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.3[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ + done; } + uninstall-man3: @$(NORMAL_UNINSTALL) - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man3dir)/$$inst"; \ - done -install-man5: $(man5_MANS) $(man_MANS) + @list=''; test -n "$(man3dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.3[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man3dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man3dir)" && rm -f $$files; } +install-man5: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)" - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man5dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.5[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ + done; } + uninstall-man5: @$(NORMAL_UNINSTALL) - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man5dir)/$$inst"; \ - done + @list=''; test -n "$(man5dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.5[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man5dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man5dir)" && rm -f $$files; } install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files install-nobase_includeHEADERS: $(nobase_include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @$(am__vpath_adj_setup) \ - list='$(nobase_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - $(am__vpath_adj) \ - echo " $(nobase_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nobase_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + @list='$(nobase_include_HEADERS)'; test -n "$(includedir)" || list=; \ + $(am__nobase_list) | while read dir files; do \ + xfiles=; for file in $$files; do \ + if test -f "$$file"; then xfiles="$$xfiles $$file"; \ + else xfiles="$$xfiles $(srcdir)/$$file"; fi; done; \ + test -z "$$xfiles" || { \ + test "x$$dir" = x. || { \ + echo "$(MKDIR_P) '$(DESTDIR)$(includedir)/$$dir'"; \ + $(MKDIR_P) "$(DESTDIR)$(includedir)/$$dir"; }; \ + echo " $(INSTALL_HEADER) $$xfiles '$(DESTDIR)$(includedir)/$$dir'"; \ + $(INSTALL_HEADER) $$xfiles "$(DESTDIR)$(includedir)/$$dir" || exit $$?; }; \ done uninstall-nobase_includeHEADERS: @$(NORMAL_UNINSTALL) - @$(am__vpath_adj_setup) \ - list='$(nobase_include_HEADERS)'; for p in $$list; do \ - $(am__vpath_adj) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(nobase_include_HEADERS)'; test -n "$(includedir)" || list=; \ + $(am__nobase_strip_setup); files=`$(am__nobase_strip)`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files install-nodist_gssapiHEADERS: $(nodist_gssapi_HEADERS) @$(NORMAL_INSTALL) test -z "$(gssapidir)" || $(MKDIR_P) "$(DESTDIR)$(gssapidir)" - @list='$(nodist_gssapi_HEADERS)'; for p in $$list; do \ + @list='$(nodist_gssapi_HEADERS)'; test -n "$(gssapidir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_gssapiHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(gssapidir)/$$f'"; \ - $(nodist_gssapiHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(gssapidir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(gssapidir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(gssapidir)" || exit $$?; \ done uninstall-nodist_gssapiHEADERS: @$(NORMAL_UNINSTALL) - @list='$(nodist_gssapi_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(gssapidir)/$$f'"; \ - rm -f "$(DESTDIR)$(gssapidir)/$$f"; \ - done + @list='$(nodist_gssapi_HEADERS)'; test -n "$(gssapidir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(gssapidir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(gssapidir)" && rm -f $$files ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ srcdir=$(srcdir); export srcdir; \ list=' $(TESTS) '; \ + $(am__tty_colors); \ if test -n "$$list"; then \ for tst in $$list; do \ if test -f ./$$tst; then dir=./; \ @@ -1523,49 +2049,63 @@ check-TESTS: $(TESTS) if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xpass=`expr $$xpass + 1`; \ failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ + col=$$red; res=XPASS; \ ;; \ *) \ - echo "PASS: $$tst"; \ + col=$$grn; res=PASS; \ ;; \ esac; \ elif test $$? -ne 77; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ + col=$$lgn; res=XFAIL; \ ;; \ *) \ failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ + col=$$red; res=FAIL; \ ;; \ esac; \ else \ skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ + col=$$blu; res=SKIP; \ fi; \ + echo "$${col}$$res$${std}: $$tst"; \ done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ if test "$$failed" -eq 0; then \ if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ + banner="$$All$$all $$tests passed"; \ else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ fi; \ else \ if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ + banner="$$failed of $$all $$tests failed"; \ else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ fi; \ fi; \ dashes="$$banner"; \ skipped=""; \ if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ dashes="$$skipped"; \ fi; \ @@ -1576,15 +2116,32 @@ check-TESTS: $(TESTS) dashes="$$report"; \ fi; \ dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ + if test "$$failed" -eq 0; then \ + echo "$$grn$$dashes"; \ + else \ + echo "$$red$$dashes"; \ + fi; \ echo "$$banner"; \ test -z "$$skipped" || echo "$$skipped"; \ test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ + echo "$$dashes$$std"; \ test "$$failed" -eq 0; \ else :; fi distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -1600,13 +2157,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -1648,9 +2209,14 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + -rm -f krb5/$(DEPDIR)/$(am__dirstamp) -rm -f krb5/$(am__dirstamp) + -rm -f mech/$(DEPDIR)/$(am__dirstamp) -rm -f mech/$(am__dirstamp) + -rm -f ntlm/$(DEPDIR)/$(am__dirstamp) -rm -f ntlm/$(am__dirstamp) + -rm -f spnego/$(DEPDIR)/$(am__dirstamp) -rm -f spnego/$(am__dirstamp) maintainer-clean-generic: @@ -1664,6 +2230,7 @@ clean-am: clean-binPROGRAMS clean-checkPROGRAMS clean-generic \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) krb5/$(DEPDIR) mech/$(DEPDIR) ntlm/$(DEPDIR) spnego/$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -1674,6 +2241,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -1682,26 +2251,35 @@ install-data-am: install-includeHEADERS install-man \ install-nobase_includeHEADERS install-nodist_gssapiHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS install-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man3 install-man5 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) krb5/$(DEPDIR) mech/$(DEPDIR) ntlm/$(DEPDIR) spnego/$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -1723,11 +2301,10 @@ uninstall-am: uninstall-binPROGRAMS uninstall-includeHEADERS \ uninstall-nobase_includeHEADERS uninstall-nodist_gssapiHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man3 uninstall-man5 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: all check check-am install install-am install-data-am \ + install-exec-am install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ check-local clean clean-binPROGRAMS clean-checkPROGRAMS \ @@ -1821,6 +2398,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -1906,7 +2486,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -1923,20 +2503,19 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) $(srcdir)/ntlm/ntlm-private.h: cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p ntlm/ntlm-private.h $(ntlmsrc) || rm -f ntlm/ntlm-private.h -$(libgssapi_la_OBJECTS): $(srcdir)/krb5/gsskrb5-private.h -$(libgssapi_la_OBJECTS): $(srcdir)/spnego/spnego-private.h -$(libgssapi_la_OBJECTS): $(srcdir)/ntlm/ntlm-private.h +$(libgssapi_la_OBJECTS): $(BUILTHEADERS) +$(test_context_OBJECTS): $(BUILTHEADERS) $(libgssapi_la_OBJECTS): $(srcdir)/version-script.map -$(spnego_files) spnego_asn1.h: spnego_asn1_files -$(gssapi_files) gssapi_asn1.h: gssapi_asn1_files +$(spnego_files) spnego_asn1.hx spnego_asn1-priv.hx: spnego_asn1_files +$(gssapi_files) gssapi_asn1.hx gssapi_asn1-priv.hx: gssapi_asn1_files -spnego_asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/spnego/spnego.asn1 - ../asn1/asn1_compile$(EXEEXT) --sequence=MechTypeList $(srcdir)/spnego/spnego.asn1 spnego_asn1 +spnego_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/spnego/spnego.asn1 $(srcdir)/spnego/spnego.opt + $(ASN1_COMPILE) --option-file=$(srcdir)/spnego/spnego.opt $(srcdir)/spnego/spnego.asn1 spnego_asn1 -gssapi_asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/mech/gssapi.asn1 - ../asn1/asn1_compile$(EXEEXT) $(srcdir)/mech/gssapi.asn1 gssapi_asn1 +gssapi_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/mech/gssapi.asn1 + $(ASN1_COMPILE) $(srcdir)/mech/gssapi.asn1 gssapi_asn1 $(srcdir)/krb5/gsskrb5-private.h: cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p krb5/gsskrb5-private.h $(krb5src) || rm -f krb5/gsskrb5-private.h @@ -1947,14 +2526,19 @@ $(srcdir)/spnego/spnego-private.h: gss-commands.c gss-commands.h: gss-commands.in $(SLC) $(srcdir)/gss-commands.in -$(gss_OBJECTS): gss-commands.h +$(gsstool_OBJECTS): gss-commands.h -# to help stupid solaris make - -$(libgssapi_la_OBJECTS): gkrb5_err.h gssapi_asn1.h spnego_asn1.h +$(libgssapi_la_OBJECTS): gkrb5_err.h gssapi_asn1.h gssapi_asn1-priv.h +$(libgssapi_la_OBJECTS): spnego_asn1.h spnego_asn1-priv.h +$(libgssapi_la_OBJECTS): $(srcdir)/gssapi/gssapi_oid.h gkrb5_err.h gkrb5_err.c: $(srcdir)/krb5/gkrb5_err.et $(COMPILE_ET) $(srcdir)/krb5/gkrb5_err.et + +$(srcdir)/gssapi/gssapi_oid.h $(srcdir)/mech/gss_oid.c: + perl $(srcdir)/gen-oid.pl -b base -h $(srcdir)/oid.txt > $(srcdir)/gssapi/gssapi_oid.h + perl $(srcdir)/gen-oid.pl -b base $(srcdir)/oid.txt > $(srcdir)/mech/gss_oid.c + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/gssapi/NTMakefile b/lib/gssapi/NTMakefile new file mode 100644 index 000000000000..ecf44ba4d856 --- /dev/null +++ b/lib/gssapi/NTMakefile @@ -0,0 +1,639 @@ +######################################################################## +# +# Copyright (c) 2009-2011, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\gssapi + +!include ../../windows/NTMakefile.w32 + +krb5src = \ + krb5/8003.c \ + krb5/accept_sec_context.c \ + krb5/acquire_cred.c \ + krb5/add_cred.c \ + krb5/address_to_krb5addr.c \ + krb5/aeap.c \ + krb5/arcfour.c \ + krb5/authorize_localname.c \ + krb5/canonicalize_name.c \ + krb5/creds.c \ + krb5/ccache_name.c \ + krb5/cfx.c \ + krb5/cfx.h \ + krb5/compare_name.c \ + krb5/compat.c \ + krb5/context_time.c \ + krb5/copy_ccache.c \ + krb5/decapsulate.c \ + krb5/delete_sec_context.c \ + krb5/display_name.c \ + krb5/display_status.c \ + krb5/duplicate_name.c \ + krb5/encapsulate.c \ + krb5/export_name.c \ + krb5/export_sec_context.c \ + krb5/external.c \ + krb5/get_mic.c \ + krb5/gsskrb5_locl.h \ + krb5/import_name.c \ + krb5/import_sec_context.c \ + krb5/indicate_mechs.c \ + krb5/init.c \ + krb5/init_sec_context.c \ + krb5/inquire_context.c \ + krb5/inquire_cred.c \ + krb5/inquire_cred_by_mech.c \ + krb5/inquire_cred_by_oid.c \ + krb5/inquire_mechs_for_name.c \ + krb5/inquire_names_for_mech.c \ + krb5/inquire_sec_context_by_oid.c \ + krb5/pname_to_uid.c \ + krb5/process_context_token.c \ + krb5/prf.c \ + krb5/release_buffer.c \ + krb5/release_cred.c \ + krb5/release_name.c \ + krb5/sequence.c \ + krb5/store_cred.c \ + krb5/set_cred_option.c \ + krb5/set_sec_context_option.c \ + krb5/ticket_flags.c \ + krb5/unwrap.c \ + krb5/verify_mic.c \ + krb5/wrap.c + +mechsrc = \ + mech/context.h \ + mech/context.c \ + mech/cred.h \ + mech/gss_accept_sec_context.c \ + mech/gss_acquire_cred.c \ + mech/gss_acquire_cred_ext.c \ + mech/gss_acquire_cred_with_password.c \ + mech/gss_add_cred.c \ + mech/gss_add_cred_with_password.c \ + mech/gss_add_oid_set_member.c \ + mech/gss_aeap.c \ + mech/gss_authorize_localname.c \ + mech/gss_buffer_set.c \ + mech/gss_canonicalize_name.c \ + mech/gss_compare_name.c \ + mech/gss_context_time.c \ + mech/gss_create_empty_oid_set.c \ + mech/gss_cred.c \ + mech/gss_decapsulate_token.c \ + mech/gss_delete_name_attribute.c \ + mech/gss_delete_sec_context.c \ + mech/gss_display_name.c \ + mech/gss_display_name_ext.c \ + mech/gss_display_status.c \ + mech/gss_duplicate_name.c \ + mech/gss_duplicate_oid.c \ + mech/gss_encapsulate_token.c \ + mech/gss_export_name.c \ + mech/gss_export_name_composite.c \ + mech/gss_export_sec_context.c \ + mech/gss_get_mic.c \ + mech/gss_get_name_attribute.c \ + mech/gss_import_name.c \ + mech/gss_import_sec_context.c \ + mech/gss_indicate_mechs.c \ + mech/gss_init_sec_context.c \ + mech/gss_inquire_context.c \ + mech/gss_inquire_cred.c \ + mech/gss_inquire_cred_by_mech.c \ + mech/gss_inquire_cred_by_oid.c \ + mech/gss_inquire_mechs_for_name.c \ + mech/gss_inquire_name.c \ + mech/gss_inquire_names_for_mech.c \ + mech/gss_krb5.c \ + mech/gss_mech_switch.c \ + mech/gss_mo.c \ + mech/gss_names.c \ + mech/gss_oid.c \ + mech/gss_oid_equal.c \ + mech/gss_oid_to_str.c \ + mech/gss_pname_to_uid.c \ + mech/gss_process_context_token.c \ + mech/gss_pseudo_random.c \ + mech/gss_release_buffer.c \ + mech/gss_release_cred.c \ + mech/gss_release_name.c \ + mech/gss_release_oid.c \ + mech/gss_release_oid_set.c \ + mech/gss_seal.c \ + mech/gss_set_cred_option.c \ + mech/gss_set_name_attribute.c \ + mech/gss_set_sec_context_option.c \ + mech/gss_sign.c \ + mech/gss_store_cred.c \ + mech/gss_test_oid_set_member.c \ + mech/gss_unseal.c \ + mech/gss_unwrap.c \ + mech/gss_utils.c \ + mech/gss_verify.c \ + mech/gss_verify_mic.c \ + mech/gss_wrap.c \ + mech/gss_wrap_size_limit.c \ + mech/gss_inquire_sec_context_by_oid.c \ + mech/mech_switch.h \ + mech/mechqueue.h \ + mech/mech_locl.h \ + mech/name.h \ + mech/utils.h + +spnegosrc = \ + spnego/accept_sec_context.c \ + spnego/compat.c \ + spnego/context_stubs.c \ + spnego/cred_stubs.c \ + spnego/external.c \ + spnego/init_sec_context.c \ + spnego/spnego_locl.h + +ntlmsrc = \ + ntlm/accept_sec_context.c \ + ntlm/acquire_cred.c \ + ntlm/add_cred.c \ + ntlm/canonicalize_name.c \ + ntlm/compare_name.c \ + ntlm/context_time.c \ + ntlm/creds.c \ + ntlm/crypto.c \ + ntlm/delete_sec_context.c \ + ntlm/display_name.c \ + ntlm/display_status.c \ + ntlm/duplicate_name.c \ + ntlm/export_name.c \ + ntlm/export_sec_context.c \ + ntlm/external.c \ + ntlm/ntlm.h \ + ntlm/import_name.c \ + ntlm/import_sec_context.c \ + ntlm/indicate_mechs.c \ + ntlm/init_sec_context.c \ + ntlm/inquire_context.c \ + ntlm/inquire_cred_by_mech.c \ + ntlm/inquire_mechs_for_name.c \ + ntlm/inquire_names_for_mech.c \ + ntlm/inquire_sec_context_by_oid.c \ + ntlm/iter_cred.c \ + ntlm/process_context_token.c \ + ntlm/release_cred.c \ + ntlm/release_name.c \ + ntlm/kdc.c + +$(OBJ)\ntlm\ntlm-private.h: $(ntlmsrc) + $(PERL) ../../cf/make-proto.pl -q -P remove -p $@ $(ntlmsrc) + +$(OBJ)\krb5\gsskrb5-private.h: $(krb5src) + $(PERL) ../../cf/make-proto.pl -q -P remove -p $@ $(krb5src) + +$(OBJ)\spnego\spnego-private.h: $(spnegosrc) + $(PERL) ../../cf/make-proto.pl -q -P remove -p $@ $(spnegosrc) + +gssapi_files = $(OBJ)\gssapi\asn1_gssapi_asn1.x + +spnego_files = $(OBJ)\spnego\asn1_spnego_asn1.x + +$(gssapi_files:.x=.c): $$(@R).x + +$(spnego_files:.x=.c): $$(@R).x + +$(gssapi_files) $(OBJ)\gssapi\gssapi_asn1.hx $(OBJ)\gssapi\gssapi_asn1-priv.hx: \ +$(BINDIR)\asn1_compile.exe mech\gssapi.asn1 + cd $(OBJ)\gssapi + $(BINDIR)\asn1_compile.exe --one-code-file $(SRCDIR)\mech\gssapi.asn1 gssapi_asn1 \ + || ( $(RM) $(OBJ)\gssapi\gssapi_asn1.h ; exit /b 1 ) + cd $(SRCDIR) + +$(spnego_files) $(OBJ)\spnego\spnego_asn1.hx $(OBJ)\spnego\spnego_asn1-priv.hx: \ +$(BINDIR)\asn1_compile.exe spnego\spnego.asn1 + cd $(OBJ)\spnego + $(BINDIR)\asn1_compile --one-code-file --sequence=MechTypeList \ + $(SRCDIR)\spnego\spnego.asn1 spnego_asn1 \ + || ( $(RM) $(OBJ)\spnego\spnego_asn1.h ; exit /b 1 ) + cd $(SRCDIR) + +$(OBJ)\gkrb5_err.c $(OBJ)\gkrb5_err.h: krb5\gkrb5_err.et + cd $(OBJ) + $(BINDIR)\compile_et.exe $(SRCDIR)\krb5\gkrb5_err.et + cd $(SRCDIR) + +INCFILES= \ + $(INCDIR)\gssapi.h \ + $(INCDIR)\gssapi\gssapi.h \ + $(INCDIR)\gssapi\gssapi_krb5.h \ + $(INCDIR)\gssapi\gssapi_oid.h \ + $(INCDIR)\gssapi\gssapi_ntlm.h \ + $(INCDIR)\gssapi\gssapi_spnego.h \ + $(INCDIR)\gssapi\gkrb5_err.h \ + $(OBJ)\ntlm\ntlm-private.h \ + $(OBJ)\spnego\spnego-private.h \ + $(OBJ)\krb5\gsskrb5-private.h \ + $(OBJ)\gkrb5_err.h \ + $(OBJ)\gssapi\gssapi_asn1.h \ + $(OBJ)\gssapi\gssapi_asn1-priv.h \ + $(OBJ)\spnego\spnego_asn1.h \ + $(OBJ)\spnego\spnego_asn1-priv.h + +all:: $(INCFILES) + +libgssapi_OBJs = \ + $(OBJ)\krb5/8003.obj \ + $(OBJ)\krb5/accept_sec_context.obj \ + $(OBJ)\krb5/acquire_cred.obj \ + $(OBJ)\krb5/add_cred.obj \ + $(OBJ)\krb5/address_to_krb5addr.obj \ + $(OBJ)\krb5/authorize_localname.obj \ + $(OBJ)\krb5/aeap.obj \ + $(OBJ)\krb5/arcfour.obj \ + $(OBJ)\krb5/canonicalize_name.obj \ + $(OBJ)\krb5/creds.obj \ + $(OBJ)\krb5/ccache_name.obj \ + $(OBJ)\krb5/cfx.obj \ + $(OBJ)\krb5/compare_name.obj \ + $(OBJ)\krb5/compat.obj \ + $(OBJ)\krb5/context_time.obj \ + $(OBJ)\krb5/copy_ccache.obj \ + $(OBJ)\krb5/decapsulate.obj \ + $(OBJ)\krb5/delete_sec_context.obj \ + $(OBJ)\krb5/display_name.obj \ + $(OBJ)\krb5/display_status.obj \ + $(OBJ)\krb5/duplicate_name.obj \ + $(OBJ)\krb5/encapsulate.obj \ + $(OBJ)\krb5/export_name.obj \ + $(OBJ)\krb5/export_sec_context.obj \ + $(OBJ)\krb5/external.obj \ + $(OBJ)\krb5/get_mic.obj \ + $(OBJ)\krb5/import_name.obj \ + $(OBJ)\krb5/import_sec_context.obj \ + $(OBJ)\krb5/indicate_mechs.obj \ + $(OBJ)\krb5/init.obj \ + $(OBJ)\krb5/init_sec_context.obj \ + $(OBJ)\krb5/inquire_context.obj \ + $(OBJ)\krb5/inquire_cred.obj \ + $(OBJ)\krb5/inquire_cred_by_mech.obj \ + $(OBJ)\krb5/inquire_cred_by_oid.obj \ + $(OBJ)\krb5/inquire_mechs_for_name.obj \ + $(OBJ)\krb5/inquire_names_for_mech.obj \ + $(OBJ)\krb5/inquire_sec_context_by_oid.obj \ + $(OBJ)\krb5/pname_to_uid.obj \ + $(OBJ)\krb5/process_context_token.obj \ + $(OBJ)\krb5/prf.obj \ + $(OBJ)\krb5/release_buffer.obj \ + $(OBJ)\krb5/release_cred.obj \ + $(OBJ)\krb5/release_name.obj \ + $(OBJ)\krb5/sequence.obj \ + $(OBJ)\krb5/store_cred.obj \ + $(OBJ)\krb5/set_cred_option.obj \ + $(OBJ)\krb5/set_sec_context_option.obj \ + $(OBJ)\krb5/ticket_flags.obj \ + $(OBJ)\krb5/unwrap.obj \ + $(OBJ)\krb5/verify_mic.obj \ + $(OBJ)\krb5/wrap.obj \ + $(OBJ)\mech/context.obj \ + $(OBJ)\mech/gss_accept_sec_context.obj \ + $(OBJ)\mech/gss_acquire_cred.obj \ + $(OBJ)\mech/gss_acquire_cred_ext.obj \ + $(OBJ)\mech/gss_acquire_cred_with_password.obj \ + $(OBJ)\mech/gss_add_cred.obj \ + $(OBJ)\mech/gss_add_cred_with_password.obj \ + $(OBJ)\mech/gss_add_oid_set_member.obj \ + $(OBJ)\mech/gss_aeap.obj \ + $(OBJ)\mech/gss_authorize_localname.obj \ + $(OBJ)\mech/gss_buffer_set.obj \ + $(OBJ)\mech/gss_canonicalize_name.obj \ + $(OBJ)\mech/gss_compare_name.obj \ + $(OBJ)\mech/gss_context_time.obj \ + $(OBJ)\mech/gss_create_empty_oid_set.obj \ + $(OBJ)\mech/gss_cred.obj \ + $(OBJ)\mech/gss_decapsulate_token.obj \ + $(OBJ)\mech/gss_delete_name_attribute.obj \ + $(OBJ)\mech/gss_delete_sec_context.obj \ + $(OBJ)\mech/gss_display_name.obj \ + $(OBJ)\mech/gss_display_name_ext.obj \ + $(OBJ)\mech/gss_display_status.obj \ + $(OBJ)\mech/gss_duplicate_name.obj \ + $(OBJ)\mech/gss_duplicate_oid.obj \ + $(OBJ)\mech/gss_encapsulate_token.obj \ + $(OBJ)\mech/gss_export_name.obj \ + $(OBJ)\mech/gss_export_name_composite.obj \ + $(OBJ)\mech/gss_export_sec_context.obj \ + $(OBJ)\mech/gss_get_mic.obj \ + $(OBJ)\mech/gss_get_name_attribute.obj \ + $(OBJ)\mech/gss_import_name.obj \ + $(OBJ)\mech/gss_import_sec_context.obj \ + $(OBJ)\mech/gss_indicate_mechs.obj \ + $(OBJ)\mech/gss_init_sec_context.obj \ + $(OBJ)\mech/gss_inquire_context.obj \ + $(OBJ)\mech/gss_inquire_cred.obj \ + $(OBJ)\mech/gss_inquire_cred_by_mech.obj \ + $(OBJ)\mech/gss_inquire_cred_by_oid.obj \ + $(OBJ)\mech/gss_inquire_mechs_for_name.obj \ + $(OBJ)\mech/gss_inquire_name.obj \ + $(OBJ)\mech/gss_inquire_names_for_mech.obj \ + $(OBJ)\mech/gss_krb5.obj \ + $(OBJ)\mech/gss_mech_switch.obj \ + $(OBJ)\mech/gss_mo.obj \ + $(OBJ)\mech/gss_names.obj \ + $(OBJ)\mech/gss_oid.obj \ + $(OBJ)\mech/gss_oid_equal.obj \ + $(OBJ)\mech/gss_oid_to_str.obj \ + $(OBJ)\mech/gss_pname_to_uid.obj \ + $(OBJ)\mech/gss_process_context_token.obj \ + $(OBJ)\mech/gss_pseudo_random.obj \ + $(OBJ)\mech/gss_release_buffer.obj \ + $(OBJ)\mech/gss_release_cred.obj \ + $(OBJ)\mech/gss_release_name.obj \ + $(OBJ)\mech/gss_release_oid.obj \ + $(OBJ)\mech/gss_release_oid_set.obj \ + $(OBJ)\mech/gss_seal.obj \ + $(OBJ)\mech/gss_set_cred_option.obj \ + $(OBJ)\mech/gss_set_name_attribute.obj \ + $(OBJ)\mech/gss_set_sec_context_option.obj \ + $(OBJ)\mech/gss_sign.obj \ + $(OBJ)\mech/gss_store_cred.obj \ + $(OBJ)\mech/gss_test_oid_set_member.obj \ + $(OBJ)\mech/gss_unseal.obj \ + $(OBJ)\mech/gss_unwrap.obj \ + $(OBJ)\mech/gss_utils.obj \ + $(OBJ)\mech/gss_verify.obj \ + $(OBJ)\mech/gss_verify_mic.obj \ + $(OBJ)\mech/gss_wrap.obj \ + $(OBJ)\mech/gss_wrap_size_limit.obj \ + $(OBJ)\mech/gss_inquire_sec_context_by_oid.obj \ + $(OBJ)\spnego/accept_sec_context.obj \ + $(OBJ)\spnego/compat.obj \ + $(OBJ)\spnego/context_stubs.obj \ + $(OBJ)\spnego/cred_stubs.obj \ + $(OBJ)\spnego/external.obj \ + $(OBJ)\spnego/init_sec_context.obj \ + $(OBJ)\ntlm/accept_sec_context.obj \ + $(OBJ)\ntlm/acquire_cred.obj \ + $(OBJ)\ntlm/add_cred.obj \ + $(OBJ)\ntlm/canonicalize_name.obj \ + $(OBJ)\ntlm/compare_name.obj \ + $(OBJ)\ntlm/context_time.obj \ + $(OBJ)\ntlm/creds.obj \ + $(OBJ)\ntlm/crypto.obj \ + $(OBJ)\ntlm/delete_sec_context.obj \ + $(OBJ)\ntlm/display_name.obj \ + $(OBJ)\ntlm/display_status.obj \ + $(OBJ)\ntlm/duplicate_name.obj \ + $(OBJ)\ntlm/export_name.obj \ + $(OBJ)\ntlm/export_sec_context.obj \ + $(OBJ)\ntlm/external.obj \ + $(OBJ)\ntlm/import_name.obj \ + $(OBJ)\ntlm/import_sec_context.obj \ + $(OBJ)\ntlm/indicate_mechs.obj \ + $(OBJ)\ntlm/init_sec_context.obj \ + $(OBJ)\ntlm/inquire_context.obj \ + $(OBJ)\ntlm/inquire_cred_by_mech.obj \ + $(OBJ)\ntlm/inquire_mechs_for_name.obj \ + $(OBJ)\ntlm/inquire_names_for_mech.obj \ + $(OBJ)\ntlm/inquire_sec_context_by_oid.obj \ + $(OBJ)\ntlm/iter_cred.obj \ + $(OBJ)\ntlm/process_context_token.obj \ + $(OBJ)\ntlm/release_cred.obj \ + $(OBJ)\ntlm/release_name.obj \ + $(OBJ)\ntlm/kdc.obj \ + $(OBJ)\gkrb5_err.obj \ + $(spnego_files:.x=.obj) \ + $(gssapi_files:.x=.obj) + +GCOPTS=-I$(SRCDIR) -I$(OBJ) -Igssapi -DBUILD_GSSAPI_LIB + +{$(OBJ)\krb5}.c{$(OBJ)\krb5}.obj:: + $(C2OBJ_NP) -Fo$(OBJ)\krb5\ -Fd$(OBJ)\krb5\ -I$(OBJ)\krb5 $(GCOPTS) + +{krb5}.c{$(OBJ)\krb5}.obj:: + $(C2OBJ_NP) -Fo$(OBJ)\krb5\ -Fd$(OBJ)\krb5\ -I$(OBJ)\krb5 $(GCOPTS) -DASN1_LIB + +{$(OBJ)\mech}.c{$(OBJ)\mech}.obj:: + $(C2OBJ_NP) -Fo$(OBJ)\mech\ -Fd$(OBJ)\mech\ -I$(OBJ)\mech $(GCOPTS) + +{mech}.c{$(OBJ)\mech}.obj:: + $(C2OBJ_NP) -Fo$(OBJ)\mech\ -Fd$(OBJ)\mech\ -I$(OBJ)\mech -I$(OBJ)\gssapi $(GCOPTS) -DASN1_LIB + +{$(OBJ)\ntlm}.c{$(OBJ)\ntlm}.obj:: + $(C2OBJ_NP) -Fo$(OBJ)\ntlm\ -Fd$(OBJ)\ntlm\ -I$(OBJ)\ntlm $(GCOPTS) + +{ntlm}.c{$(OBJ)\ntlm}.obj:: + $(C2OBJ_NP) -Fo$(OBJ)\ntlm\ -Fd$(OBJ)\ntlm\ -I$(OBJ)\ntlm $(GCOPTS) -DASN1_LIB + +{$(OBJ)\spnego}.c{$(OBJ)\spnego}.obj:: + $(C2OBJ_NP) -Fo$(OBJ)\spnego\ -Fd$(OBJ)\spnego\ -I$(OBJ)\spnego $(GCOPTS) + +{spnego}.c{$(OBJ)\spnego}.obj:: + $(C2OBJ_NP) -Fo$(OBJ)\spnego\ -Fd$(OBJ)\spnego\ -I$(OBJ)\spnego -Imech $(GCOPTS) -DASN1_LIB + +{$(OBJ)\gssapi}.c{$(OBJ)\gssapi}.obj:: + $(C2OBJ_NP) -Fo$(OBJ)\gssapi\ -Fd$(OBJ)\gssapi\ -I$(OBJ)\gssapi $(GCOPTS) + +{$(OBJ)}.c{$(OBJ)}.obj:: + $(C2OBJ_P) $(GCOPTS) + +{$(OBJ)\spnego}.x{$(OBJ)\spnego}.c: + $(CP) $** $@ + +{$(OBJ)\gssapi}.x{$(OBJ)\gssapi}.c: + $(CP) $** $@ + +{gssapi}.h{$(INCDIR)\gssapi}.h: + $(CP) $** $@ + +{$(OBJ)}.h{$(INCDIR)\gssapi}.h: + $(CP) $** $@ + +{$(OBJ)\gssapi}.hx{$(OBJ)\gssapi}.h: + $(CP) $** $@ + +{$(OBJ)\spnego}.hx{$(OBJ)\spnego}.h: + $(CP) $** $@ + +LIBGSSAPI_LIBS=\ + $(LIBHEIMBASE) \ + $(LIBROKEN) \ + $(LIBHEIMDAL) \ + $(LIBHEIMNTLM) \ + $(LIBCOMERR) + +LIBGSSAPI_SDKLIBS=\ + $(PTHREAD_LIB) + +!ifndef STATICLIBS + +RES=$(OBJ)\libgssapi-version.res + +$(BINDIR)\gssapi.dll: $(libgssapi_OBJs) $(RES) + $(DLLGUILINK_C) -implib:$(LIBGSSAPI) \ + -out:$(BINDIR)\gssapi.dll \ + -def:libgssapi-exports.def \ + $(LIBGSSAPI_LIBS) $(RES) $(LIBGSSAPI_SDKLIBS) @<< +$(libgssapi_OBJs: = +) +<< + $(DLLPREP_NODIST) + +$(LIBGSSAPI): $(BINDIR)\gssapi.dll + +clean:: + -$(RM) $(BINDIR)\gssapi.* + +!else + +$(LIBGSSAPI): $(libgssapi_OBJs) + $(LIBCON_C) -OUT:$@ $(LIBGSSAPI_LIBS) $(LIBGSSAPI_SDKLIBS) @<< +$(libgssapi_OBJs: = +) +<< + +!endif + +all:: $(LIBGSSAPI) + +clean:: + -$(RM) $(LIBGSSAPI) + +prep:: mkdirs-gss + +mkdirs-gss: +!if !exist($(OBJ)\ntlm) + $(MKDIR) $(OBJ)\ntlm +!endif +!if !exist($(OBJ)\krb5) + $(MKDIR) $(OBJ)\krb5 +!endif +!if !exist($(OBJ)\spnego) + $(MKDIR) $(OBJ)\spnego +!endif +!if !exist($(OBJ)\mech) + $(MKDIR) $(OBJ)\mech +!endif +!if !exist($(OBJ)\gssapi) + $(MKDIR) $(OBJ)\gssapi +!endif + +clean:: + -$(RM) $(OBJ)\ntlm\*.* + -$(RM) $(OBJ)\krb5\*.* + -$(RM) $(OBJ)\spnego\*.* + -$(RM) $(OBJ)\mech\*.* + -$(RM) $(OBJ)\gssapi\*.* + +all-tools:: $(BINDIR)\gsstool.exe + +$(BINDIR)\gsstool.exe: $(OBJ)\gsstool.obj $(OBJ)\gss-commands.obj $(LIBGSSAPI) $(LIBROKEN) $(LIBSL) $(LIBVERS) + $(EXECONLINK) + +$(OBJ)\gss-commands.c $(OBJ)\gss-commands.h: gss-commands.in + cd $(OBJ) + $(CP) $(SRCDIR)\gss-commands.in gss-commands.in + $(BINDIR)\slc.exe gss-commands.in + cd $(SRCDIR) + +!ifdef ELISP +# This macro invocation is used to update the libgssapi_OBJs +# definition below (generate-obj-macro is defined in maint.el): + +(generate-obj-macro "libgssapi_OBJs" + (concat "\t$(OBJ)\\gkrb5_err.obj \\\n" + "\t$(spnego_files:.x=.obj) \\\n" + "\t$(gssapi_files:.x=.obj)") + "krb5src" "mechsrc" "spnegosrc" "ntlmsrc") +!endif + +test-exports: + $(PERL) ..\..\cf\w32-check-exported-symbols.pl --vs version-script.map --def libgssapi-exports.def + +test:: test-exports + + +TEST_BINARIES=\ + $(OBJ)\test_oid.exe \ + $(OBJ)\test_names.exe \ + $(OBJ)\test_cfx.exe \ + $(OBJ)\test_acquire_cred.exe \ + $(OBJ)\test_cred.exe \ + $(OBJ)\test_kcred.exe \ + $(OBJ)\test_context.exe \ + $(OBJ)\test_ntlm.exe + +$(OBJ)\test_oid.exe: $(OBJ)\test_oid.obj $(LIBGSSAPI) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_names.exe: $(OBJ)\test_names.obj $(LIBGSSAPI) $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_cfx.exe: $(OBJ)\krb5\test_cfx.obj $(LIBHEIMDAL) $(LIBGSSAPI) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_acquire_cred.exe: $(OBJ)\test_acquire_cred.obj $(OBJ)\test_common.obj \ + $(LIBGSSAPI) $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_cred.exe: $(OBJ)\test_cred.obj $(LIBGSSAPI) $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_kcred.exe: $(OBJ)\test_kcred.obj $(LIBGSSAPI) $(LIBHEIMDAL) \ + $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_context.exe: $(OBJ)\test_context.obj $(OBJ)\test_common.obj \ + $(LIBGSSAPI) $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_ntlm.exe: $(OBJ)\test_ntlm.obj $(OBJ)\test_common.obj \ + $(LIBGSSAPI) $(LIBHEIMNTLM) $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +{}.c{$(OBJ)}.obj:: + $(C2OBJ_P) -I$(OBJ)\krb5 -I$(OBJ) -I$(SRCDIR) -I$(SRCDIR)\gssapi + +test-binaries: $(LIBGSSAPI) $(TEST_BINARIES) + +run-test: + cd $(OBJ) + test_oid + test_names + test_cfx + test_kcred + cd $(SRCDIR) + +test:: test-binaries run-test diff --git a/lib/gssapi/gss-commands.in b/lib/gssapi/gss-commands.in index 2204f2afa89a..a2fc2288ee43 100644 --- a/lib/gssapi/gss-commands.in +++ b/lib/gssapi/gss-commands.in @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan + * Copyright (c) 2006 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -30,12 +30,25 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ -/* $Id: gss-commands.in 17870 2006-07-22 14:48:58Z lha $ */ +/* $Id$ */ command = { name = "supported-mechanisms" help = "Print the supported mechanisms" } +command = { + name = "attrs-for-mech" + help = "Print the attributes for mechs" + option = { + long = "all" + type = "flag" + } + option = { + long = "mech" + type = "string" + argument = "mechanism" + } +} command = { name = "help" name = "?" diff --git a/lib/gssapi/gss_acquire_cred.3 b/lib/gssapi/gss_acquire_cred.3 index d2a04d93fbb4..25d7b4d7ffdb 100644 --- a/lib/gssapi/gss_acquire_cred.3 +++ b/lib/gssapi/gss_acquire_cred.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan +.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: gss_acquire_cred.3 20235 2007-02-16 11:19:03Z lha $ +.\" $Id$ .\" .Dd October 26, 2005 .Dt GSS_ACQUIRE_CRED 3 @@ -513,7 +513,7 @@ In GSS-API an contiguous string name is stored in a .Dv gss_buffer_t . .Pp Exported names also have the property that they are specified by the -mechanism itself and compatible between diffrent GSS-API +mechanism itself and compatible between different GSS-API implementations. .El .Sh ACCESS CONTROL diff --git a/lib/gssapi/gss_acquire_cred.cat3 b/lib/gssapi/gss_acquire_cred.cat3 new file mode 100644 index 000000000000..b793918c1850 --- /dev/null +++ b/lib/gssapi/gss_acquire_cred.cat3 @@ -0,0 +1,406 @@ + +GSS_ACQUIRE_CRED(3) BSD Library Functions Manual GSS_ACQUIRE_CRED(3) + +NNAAMMEE + ggssss__aacccceepptt__sseecc__ccoonntteexxtt, ggssss__aaccqquuiirree__ccrreedd, ggssss__aadddd__ccrreedd, + ggssss__aadddd__ooiidd__sseett__mmeemmbbeerr, ggssss__ccaannoonniiccaalliizzee__nnaammee, ggssss__ccoommppaarree__nnaammee, + ggssss__ccoonntteexxtt__ttiimmee, ggssss__ccrreeaattee__eemmppttyy__ooiidd__sseett, ggssss__ddeelleettee__sseecc__ccoonntteexxtt, + ggssss__ddiissppllaayy__nnaammee, ggssss__ddiissppllaayy__ssttaattuuss, ggssss__dduupplliiccaattee__nnaammee, + ggssss__eexxppoorrtt__nnaammee, ggssss__eexxppoorrtt__sseecc__ccoonntteexxtt, ggssss__ggeett__mmiicc, ggssss__iimmppoorrtt__nnaammee, + ggssss__iimmppoorrtt__sseecc__ccoonntteexxtt, ggssss__iinnddiiccaattee__mmeecchhss, ggssss__iinniitt__sseecc__ccoonntteexxtt, + ggssss__iinnqquuiirree__ccoonntteexxtt, ggssss__iinnqquuiirree__ccrreedd, ggssss__iinnqquuiirree__ccrreedd__bbyy__mmeecchh, + ggssss__iinnqquuiirree__mmeecchhss__ffoorr__nnaammee, ggssss__iinnqquuiirree__nnaammeess__ffoorr__mmeecchh, + ggssss__kkrrbb55__ccccaacchhee__nnaammee, ggssss__kkrrbb55__ccoommppaatt__ddeess33__mmiicc, ggssss__kkrrbb55__ccooppyy__ccccaacchhee, + ggssss__kkrrbb55__iimmppoorrtt__ccrreedd ggsssskkrrbb55__eexxttrraacctt__aauutthhzz__ddaattaa__ffrroomm__sseecc__ccoonntteexxtt, + ggsssskkrrbb55__rreeggiisstteerr__aacccceeppttoorr__iiddeennttiittyy, ggssss__kkrrbb55__iimmppoorrtt__ccccaacchhee, + ggssss__kkrrbb55__ggeett__ttkktt__ffllaaggss, ggssss__pprroocceessss__ccoonntteexxtt__ttookkeenn, ggssss__rreelleeaassee__bbuuffffeerr, + ggssss__rreelleeaassee__ccrreedd, ggssss__rreelleeaassee__nnaammee, ggssss__rreelleeaassee__ooiidd__sseett, ggssss__sseeaall, + ggssss__ssiiggnn, ggssss__tteesstt__ooiidd__sseett__mmeemmbbeerr, ggssss__uunnsseeaall, ggssss__uunnwwrraapp, ggssss__vveerriiffyy, + ggssss__vveerriiffyy__mmiicc, ggssss__wwrraapp, ggssss__wwrraapp__ssiizzee__lliimmiitt -- Generic Security Service + Application Program Interface library + +LLIIBBRRAARRYY + GSS-API library (libgssapi, -lgssapi) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _O_M___u_i_n_t_3_2 + ggssss__aacccceepptt__sseecc__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _g_s_s___c_t_x___i_d___t _* _c_o_n_t_e_x_t___h_a_n_d_l_e, + _c_o_n_s_t _g_s_s___c_r_e_d___i_d___t _a_c_c_e_p_t_o_r___c_r_e_d___h_a_n_d_l_e, + _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___t_o_k_e_n___b_u_f_f_e_r, + _c_o_n_s_t _g_s_s___c_h_a_n_n_e_l___b_i_n_d_i_n_g_s___t _i_n_p_u_t___c_h_a_n___b_i_n_d_i_n_g_s, + _g_s_s___n_a_m_e___t _* _s_r_c___n_a_m_e, _g_s_s___O_I_D _* _m_e_c_h___t_y_p_e, + _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___t_o_k_e_n, _O_M___u_i_n_t_3_2 _* _r_e_t___f_l_a_g_s, + _O_M___u_i_n_t_3_2 _* _t_i_m_e___r_e_c, _g_s_s___c_r_e_d___i_d___t _* _d_e_l_e_g_a_t_e_d___c_r_e_d___h_a_n_d_l_e); + + _O_M___u_i_n_t_3_2 + ggssss__aaccqquuiirree__ccrreedd(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___n_a_m_e___t _d_e_s_i_r_e_d___n_a_m_e, + _O_M___u_i_n_t_3_2 _t_i_m_e___r_e_q, _c_o_n_s_t _g_s_s___O_I_D___s_e_t _d_e_s_i_r_e_d___m_e_c_h_s, + _g_s_s___c_r_e_d___u_s_a_g_e___t _c_r_e_d___u_s_a_g_e, _g_s_s___c_r_e_d___i_d___t _* _o_u_t_p_u_t___c_r_e_d___h_a_n_d_l_e, + _g_s_s___O_I_D___s_e_t _* _a_c_t_u_a_l___m_e_c_h_s, _O_M___u_i_n_t_3_2 _* _t_i_m_e___r_e_c); + + _O_M___u_i_n_t_3_2 + ggssss__aadddd__ccrreedd(_O_M___u_i_n_t_3_2 _*_m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___c_r_e_d___i_d___t _i_n_p_u_t___c_r_e_d___h_a_n_d_l_e, _c_o_n_s_t _g_s_s___n_a_m_e___t _d_e_s_i_r_e_d___n_a_m_e, + _c_o_n_s_t _g_s_s___O_I_D _d_e_s_i_r_e_d___m_e_c_h, _g_s_s___c_r_e_d___u_s_a_g_e___t _c_r_e_d___u_s_a_g_e, + _O_M___u_i_n_t_3_2 _i_n_i_t_i_a_t_o_r___t_i_m_e___r_e_q, _O_M___u_i_n_t_3_2 _a_c_c_e_p_t_o_r___t_i_m_e___r_e_q, + _g_s_s___c_r_e_d___i_d___t _*_o_u_t_p_u_t___c_r_e_d___h_a_n_d_l_e, _g_s_s___O_I_D___s_e_t _*_a_c_t_u_a_l___m_e_c_h_s, + _O_M___u_i_n_t_3_2 _*_i_n_i_t_i_a_t_o_r___t_i_m_e___r_e_c, _O_M___u_i_n_t_3_2 _*_a_c_c_e_p_t_o_r___t_i_m_e___r_e_c); + + _O_M___u_i_n_t_3_2 + ggssss__aadddd__ooiidd__sseett__mmeemmbbeerr(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___O_I_D _m_e_m_b_e_r___o_i_d, _g_s_s___O_I_D___s_e_t _* _o_i_d___s_e_t); + + _O_M___u_i_n_t_3_2 + ggssss__ccaannoonniiccaalliizzee__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___n_a_m_e___t _i_n_p_u_t___n_a_m_e, _c_o_n_s_t _g_s_s___O_I_D _m_e_c_h___t_y_p_e, + _g_s_s___n_a_m_e___t _* _o_u_t_p_u_t___n_a_m_e); + + _O_M___u_i_n_t_3_2 + ggssss__ccoommppaarree__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___n_a_m_e___t _n_a_m_e_1, + _c_o_n_s_t _g_s_s___n_a_m_e___t _n_a_m_e_2, _i_n_t _* _n_a_m_e___e_q_u_a_l); + + _O_M___u_i_n_t_3_2 + ggssss__ccoonntteexxtt__ttiimmee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, _O_M___u_i_n_t_3_2 _* _t_i_m_e___r_e_c); + + _O_M___u_i_n_t_3_2 + ggssss__ccrreeaattee__eemmppttyy__ooiidd__sseett(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _g_s_s___O_I_D___s_e_t _* _o_i_d___s_e_t); + + _O_M___u_i_n_t_3_2 + ggssss__ddeelleettee__sseecc__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _g_s_s___c_t_x___i_d___t _* _c_o_n_t_e_x_t___h_a_n_d_l_e, _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___t_o_k_e_n); + + _O_M___u_i_n_t_3_2 + ggssss__ddiissppllaayy__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___n_a_m_e___t _i_n_p_u_t___n_a_m_e, + _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___n_a_m_e___b_u_f_f_e_r, _g_s_s___O_I_D _* _o_u_t_p_u_t___n_a_m_e___t_y_p_e); + + _O_M___u_i_n_t_3_2 + ggssss__ddiissppllaayy__ssttaattuuss(_O_M___u_i_n_t_3_2 _*_m_i_n_o_r___s_t_a_t_u_s, _O_M___u_i_n_t_3_2 _s_t_a_t_u_s___v_a_l_u_e, + _i_n_t _s_t_a_t_u_s___t_y_p_e, _c_o_n_s_t _g_s_s___O_I_D _m_e_c_h___t_y_p_e, _O_M___u_i_n_t_3_2 _*_m_e_s_s_a_g_e___c_o_n_t_e_x_t, + _g_s_s___b_u_f_f_e_r___t _s_t_a_t_u_s___s_t_r_i_n_g); + + _O_M___u_i_n_t_3_2 + ggssss__dduupplliiccaattee__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___n_a_m_e___t _s_r_c___n_a_m_e, + _g_s_s___n_a_m_e___t _* _d_e_s_t___n_a_m_e); + + _O_M___u_i_n_t_3_2 + ggssss__eexxppoorrtt__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___n_a_m_e___t _i_n_p_u_t___n_a_m_e, + _g_s_s___b_u_f_f_e_r___t _e_x_p_o_r_t_e_d___n_a_m_e); + + _O_M___u_i_n_t_3_2 + ggssss__eexxppoorrtt__sseecc__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _g_s_s___c_t_x___i_d___t _* _c_o_n_t_e_x_t___h_a_n_d_l_e, _g_s_s___b_u_f_f_e_r___t _i_n_t_e_r_p_r_o_c_e_s_s___t_o_k_e_n); + + _O_M___u_i_n_t_3_2 + ggssss__ggeett__mmiicc(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, + _g_s_s___q_o_p___t _q_o_p___r_e_q, _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _m_e_s_s_a_g_e___b_u_f_f_e_r, + _g_s_s___b_u_f_f_e_r___t _m_e_s_s_a_g_e___t_o_k_e_n); + + _O_M___u_i_n_t_3_2 + ggssss__iimmppoorrtt__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___n_a_m_e___b_u_f_f_e_r, _c_o_n_s_t _g_s_s___O_I_D _i_n_p_u_t___n_a_m_e___t_y_p_e, + _g_s_s___n_a_m_e___t _* _o_u_t_p_u_t___n_a_m_e); + + _O_M___u_i_n_t_3_2 + ggssss__iimmppoorrtt__sseecc__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _i_n_t_e_r_p_r_o_c_e_s_s___t_o_k_e_n, + _g_s_s___c_t_x___i_d___t _* _c_o_n_t_e_x_t___h_a_n_d_l_e); + + _O_M___u_i_n_t_3_2 + ggssss__iinnddiiccaattee__mmeecchhss(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___O_I_D___s_e_t _* _m_e_c_h___s_e_t); + + _O_M___u_i_n_t_3_2 + ggssss__iinniitt__sseecc__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___c_r_e_d___i_d___t _i_n_i_t_i_a_t_o_r___c_r_e_d___h_a_n_d_l_e, + _g_s_s___c_t_x___i_d___t _* _c_o_n_t_e_x_t___h_a_n_d_l_e, _c_o_n_s_t _g_s_s___n_a_m_e___t _t_a_r_g_e_t___n_a_m_e, + _c_o_n_s_t _g_s_s___O_I_D _m_e_c_h___t_y_p_e, _O_M___u_i_n_t_3_2 _r_e_q___f_l_a_g_s, _O_M___u_i_n_t_3_2 _t_i_m_e___r_e_q, + _c_o_n_s_t _g_s_s___c_h_a_n_n_e_l___b_i_n_d_i_n_g_s___t _i_n_p_u_t___c_h_a_n___b_i_n_d_i_n_g_s, + _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___t_o_k_e_n, _g_s_s___O_I_D _* _a_c_t_u_a_l___m_e_c_h___t_y_p_e, + _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___t_o_k_e_n, _O_M___u_i_n_t_3_2 _* _r_e_t___f_l_a_g_s, + _O_M___u_i_n_t_3_2 _* _t_i_m_e___r_e_c); + + _O_M___u_i_n_t_3_2 + ggssss__iinnqquuiirree__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, _g_s_s___n_a_m_e___t _* _s_r_c___n_a_m_e, + _g_s_s___n_a_m_e___t _* _t_a_r_g___n_a_m_e, _O_M___u_i_n_t_3_2 _* _l_i_f_e_t_i_m_e___r_e_c, + _g_s_s___O_I_D _* _m_e_c_h___t_y_p_e, _O_M___u_i_n_t_3_2 _* _c_t_x___f_l_a_g_s, _i_n_t _* _l_o_c_a_l_l_y___i_n_i_t_i_a_t_e_d, + _i_n_t _* _o_p_e_n___c_o_n_t_e_x_t); + + _O_M___u_i_n_t_3_2 + ggssss__iinnqquuiirree__ccrreedd(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___c_r_e_d___i_d___t _c_r_e_d___h_a_n_d_l_e, _g_s_s___n_a_m_e___t _* _n_a_m_e, + _O_M___u_i_n_t_3_2 _* _l_i_f_e_t_i_m_e, _g_s_s___c_r_e_d___u_s_a_g_e___t _* _c_r_e_d___u_s_a_g_e, + _g_s_s___O_I_D___s_e_t _* _m_e_c_h_a_n_i_s_m_s); + + _O_M___u_i_n_t_3_2 + ggssss__iinnqquuiirree__ccrreedd__bbyy__mmeecchh(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___c_r_e_d___i_d___t _c_r_e_d___h_a_n_d_l_e, _c_o_n_s_t _g_s_s___O_I_D _m_e_c_h___t_y_p_e, + _g_s_s___n_a_m_e___t _* _n_a_m_e, _O_M___u_i_n_t_3_2 _* _i_n_i_t_i_a_t_o_r___l_i_f_e_t_i_m_e, + _O_M___u_i_n_t_3_2 _* _a_c_c_e_p_t_o_r___l_i_f_e_t_i_m_e, _g_s_s___c_r_e_d___u_s_a_g_e___t _* _c_r_e_d___u_s_a_g_e); + + _O_M___u_i_n_t_3_2 + ggssss__iinnqquuiirree__mmeecchhss__ffoorr__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___n_a_m_e___t _i_n_p_u_t___n_a_m_e, _g_s_s___O_I_D___s_e_t _* _m_e_c_h___t_y_p_e_s); + + _O_M___u_i_n_t_3_2 + ggssss__iinnqquuiirree__nnaammeess__ffoorr__mmeecchh(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___O_I_D _m_e_c_h_a_n_i_s_m, _g_s_s___O_I_D___s_e_t _* _n_a_m_e___t_y_p_e_s); + + _O_M___u_i_n_t_3_2 + ggssss__kkrrbb55__ccccaacchhee__nnaammee(_O_M___u_i_n_t_3_2 _*_m_i_n_o_r, _c_o_n_s_t _c_h_a_r _*_n_a_m_e, + _c_o_n_s_t _c_h_a_r _*_*_o_l_d___n_a_m_e); + + _O_M___u_i_n_t_3_2 + ggssss__kkrrbb55__ccooppyy__ccccaacchhee(_O_M___u_i_n_t_3_2 _*_m_i_n_o_r, _g_s_s___c_r_e_d___i_d___t _c_r_e_d, + _k_r_b_5___c_c_a_c_h_e _o_u_t); + + _O_M___u_i_n_t_3_2 + ggssss__kkrrbb55__iimmppoorrtt__ccrreedd(_O_M___u_i_n_t_3_2 _*_m_i_n_o_r___s_t_a_t_u_s, _k_r_b_5___c_c_a_c_h_e _i_d, + _k_r_b_5___p_r_i_n_c_i_p_a_l _k_e_y_t_a_b___p_r_i_n_c_i_p_a_l, _k_r_b_5___k_e_y_t_a_b _k_e_y_t_a_b, + _g_s_s___c_r_e_d___i_d___t _*_c_r_e_d); + + _O_M___u_i_n_t_3_2 + ggssss__kkrrbb55__ccoommppaatt__ddeess33__mmiicc(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, _i_n_t _o_n_o_f_f); + + _O_M___u_i_n_t_3_2 + ggsssskkrrbb55__eexxttrraacctt__aauutthhzz__ddaattaa__ffrroomm__sseecc__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _*_m_i_n_o_r___s_t_a_t_u_s, + _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, _i_n_t _a_d___t_y_p_e, _g_s_s___b_u_f_f_e_r___t _a_d___d_a_t_a); + + _O_M___u_i_n_t_3_2 + ggsssskkrrbb55__rreeggiisstteerr__aacccceeppttoorr__iiddeennttiittyy(_c_o_n_s_t _c_h_a_r _*_i_d_e_n_t_i_t_y); + + _O_M___u_i_n_t_3_2 + ggssss__kkrrbb55__iimmppoorrtt__ccaacchhee(_O_M___u_i_n_t_3_2 _*_m_i_n_o_r, _k_r_b_5___c_c_a_c_h_e _i_d, + _k_r_b_5___k_e_y_t_a_b _k_e_y_t_a_b, _g_s_s___c_r_e_d___i_d___t _*_c_r_e_d); + + _O_M___u_i_n_t_3_2 + ggssss__kkrrbb55__ggeett__ttkktt__ffllaaggss(_O_M___u_i_n_t_3_2 _*_m_i_n_o_r___s_t_a_t_u_s, + _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, _O_M___u_i_n_t_3_2 _*_t_k_t___f_l_a_g_s); + + _O_M___u_i_n_t_3_2 + ggssss__pprroocceessss__ccoonntteexxtt__ttookkeenn(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _t_o_k_e_n___b_u_f_f_e_r); + + _O_M___u_i_n_t_3_2 + ggssss__rreelleeaassee__bbuuffffeerr(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___b_u_f_f_e_r___t _b_u_f_f_e_r); + + _O_M___u_i_n_t_3_2 + ggssss__rreelleeaassee__ccrreedd(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___c_r_e_d___i_d___t _* _c_r_e_d___h_a_n_d_l_e); + + _O_M___u_i_n_t_3_2 + ggssss__rreelleeaassee__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___n_a_m_e___t _* _i_n_p_u_t___n_a_m_e); + + _O_M___u_i_n_t_3_2 + ggssss__rreelleeaassee__ooiidd__sseett(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___O_I_D___s_e_t _* _s_e_t); + + _O_M___u_i_n_t_3_2 + ggssss__sseeaall(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, + _i_n_t _c_o_n_f___r_e_q___f_l_a_g, _i_n_t _q_o_p___r_e_q, _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r, + _i_n_t _* _c_o_n_f___s_t_a_t_e, _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r); + + _O_M___u_i_n_t_3_2 + ggssss__ssiiggnn(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, + _i_n_t _q_o_p___r_e_q, _g_s_s___b_u_f_f_e_r___t _m_e_s_s_a_g_e___b_u_f_f_e_r, + _g_s_s___b_u_f_f_e_r___t _m_e_s_s_a_g_e___t_o_k_e_n); + + _O_M___u_i_n_t_3_2 + ggssss__tteesstt__ooiidd__sseett__mmeemmbbeerr(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___O_I_D _m_e_m_b_e_r, + _c_o_n_s_t _g_s_s___O_I_D___s_e_t _s_e_t, _i_n_t _* _p_r_e_s_e_n_t); + + _O_M___u_i_n_t_3_2 + ggssss__uunnsseeaall(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, + _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r, + _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r, _i_n_t _* _c_o_n_f___s_t_a_t_e, + _i_n_t _* _q_o_p___s_t_a_t_e); + + _O_M___u_i_n_t_3_2 + ggssss__uunnwwrraapp(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, + _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r, + _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r, _i_n_t _* _c_o_n_f___s_t_a_t_e, + _g_s_s___q_o_p___t _* _q_o_p___s_t_a_t_e); + + _O_M___u_i_n_t_3_2 + ggssss__vveerriiffyy(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, + _g_s_s___b_u_f_f_e_r___t _m_e_s_s_a_g_e___b_u_f_f_e_r, _g_s_s___b_u_f_f_e_r___t _t_o_k_e_n___b_u_f_f_e_r, + _i_n_t _* _q_o_p___s_t_a_t_e); + + _O_M___u_i_n_t_3_2 + ggssss__vveerriiffyy__mmiicc(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _m_e_s_s_a_g_e___b_u_f_f_e_r, + _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _t_o_k_e_n___b_u_f_f_e_r, _g_s_s___q_o_p___t _* _q_o_p___s_t_a_t_e); + + _O_M___u_i_n_t_3_2 + ggssss__wwrraapp(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, + _i_n_t _c_o_n_f___r_e_q___f_l_a_g, _g_s_s___q_o_p___t _q_o_p___r_e_q, + _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r, _i_n_t _* _c_o_n_f___s_t_a_t_e, + _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r); + + _O_M___u_i_n_t_3_2 + ggssss__wwrraapp__ssiizzee__lliimmiitt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, + _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, _i_n_t _c_o_n_f___r_e_q___f_l_a_g, + _g_s_s___q_o_p___t _q_o_p___r_e_q, _O_M___u_i_n_t_3_2 _r_e_q___o_u_t_p_u_t___s_i_z_e, + _O_M___u_i_n_t_3_2 _* _m_a_x___i_n_p_u_t___s_i_z_e); + +DDEESSCCRRIIPPTTIIOONN + Generic Security Service API (GSS-API) version 2, and its C binding, is + described in RFC2743 and RFC2744. Version 1 (deprecated) of the C bind- + ing is described in RFC1509. + + Heimdals GSS-API implementation supports the following mechanisms + + ++oo GSS_KRB5_MECHANISM + + ++oo GSS_SPNEGO_MECHANISM + + GSS-API have generic name types that all mechanism are supposed to imple- + ment (if possible): + + ++oo GSS_C_NT_USER_NAME + + ++oo GSS_C_NT_MACHINE_UID_NAME + + ++oo GSS_C_NT_STRING_UID_NAME + + ++oo GSS_C_NT_HOSTBASED_SERVICE + + ++oo GSS_C_NT_ANONYMOUS + + ++oo GSS_C_NT_EXPORT_NAME + + GSS-API implementations that supports Kerberos 5 have some additional + name types: + + ++oo GSS_KRB5_NT_PRINCIPAL_NAME + + ++oo GSS_KRB5_NT_USER_NAME + + ++oo GSS_KRB5_NT_MACHINE_UID_NAME + + ++oo GSS_KRB5_NT_STRING_UID_NAME + + In GSS-API, names have two forms, internal names and contiguous string + names. + + ++oo Internal name and mechanism name + + Internal names are implementation specific representation of a GSS- + API name. Mechanism names special form of internal names corresponds + to one and only one mechanism. + + In GSS-API an internal name is stored in a gss_name_t. + + ++oo Contiguous string name and exported name + + Contiguous string names are gssapi names stored in a OCTET STRING + that together with a name type identifier (OID) uniquely specifies a + gss-name. A special form of the contiguous string name is the + exported name that have a OID embedded in the string to make it + unique. Exported name have the nametype GSS_C_NT_EXPORT_NAME. + + In GSS-API an contiguous string name is stored in a gss_buffer_t. + + Exported names also have the property that they are specified by the + mechanism itself and compatible between different GSS-API implementa- + tions. + +AACCCCEESSSS CCOONNTTRROOLL + There are two ways of comparing GSS-API names, either comparing two + internal names with each other or two contiguous string names with either + other. + + To compare two internal names with each other, import (if needed) the + names with ggssss__iimmppoorrtt__nnaammee() into the GSS-API implementation and the com- + pare the imported name with ggssss__ccoommppaarree__nnaammee(). + + Importing names can be slow, so when its possible to store exported names + in the access control list, comparing contiguous string name might be + better. + + when comparing contiguous string name, first export them into a + GSS_C_NT_EXPORT_NAME name with ggssss__eexxppoorrtt__nnaammee() and then compare with + memcmp(3). + + Note that there are might be a difference between the two methods of com- + paring names. The first (using ggssss__ccoommppaarree__nnaammee()) will compare to + (unauthenticated) names are the same. The second will compare if a mech- + anism will authenticate them as the same principal. + + For example, if ggssss__iimmppoorrtt__nnaammee() name was used with GSS_C_NO_OID the + default syntax is used for all mechanism the GSS-API implementation sup- + ports. When compare the imported name of GSS_C_NO_OID it may match + serveral mechanism names (MN). + + The resulting name from ggssss__ddiissppllaayy__nnaammee() must not be used for acccess + control. + +FFUUNNCCTTIIOONNSS + ggssss__ddiissppllaayy__nnaammee() takes the gss name in _i_n_p_u_t___n_a_m_e and puts a printable + form in _o_u_t_p_u_t___n_a_m_e___b_u_f_f_e_r. _o_u_t_p_u_t___n_a_m_e___b_u_f_f_e_r should be freed when done + using ggssss__rreelleeaassee__bbuuffffeerr(). _o_u_t_p_u_t___n_a_m_e___t_y_p_e can either be NULL or a + pointer to a gss_OID and will in the latter case contain the OID type of + the name. The name must only be used for printing. If access control is + needed, see section _A_C_C_E_S_S _C_O_N_T_R_O_L. + + ggssss__iinnqquuiirree__ccoonntteexxtt() returns information about the context. Information + is available even after the context have expired. _l_i_f_e_t_i_m_e___r_e_c argument + is set to GSS_C_INDEFINITE (dont expire) or the number of seconds that + the context is still valid. A value of 0 means that the context is + expired. _m_e_c_h___t_y_p_e argument should be considered readonly and must not + be released. _s_r_c___n_a_m_e and ddeesstt__nnaammee() are both mechanims names and must + be released with ggssss__rreelleeaassee__nnaammee() when no longer used. + + ggssss__ccoonntteexxtt__ttiimmee will return the amount of time (in seconds) of the con- + text is still valid. If its expired _t_i_m_e___r_e_c will be set to 0 and + GSS_S_CONTEXT_EXPIRED returned. + + ggssss__ssiiggnn(), ggssss__vveerriiffyy(), ggssss__sseeaall(), and ggssss__uunnsseeaall() are part of the + GSS-API V1 interface and are obsolete. The functions should not be used + for new applications. They are provided so that version 1 applications + can link against the library. + +EEXXTTEENNSSIIOONNSS + ggssss__kkrrbb55__ccccaacchhee__nnaammee() sets the internal kerberos 5 credential cache name + to _n_a_m_e. The old name is returned in _o_l_d___n_a_m_e, and must not be freed. + The data allocated for _o_l_d___n_a_m_e is free upon next call to + ggssss__kkrrbb55__ccccaacchhee__nnaammee(). This function is not threadsafe if _o_l_d___n_a_m_e + argument is used. + + ggssss__kkrrbb55__ccooppyy__ccccaacchhee() will extract the krb5 credentials that are trans- + ferred from the initiator to the acceptor when using token delegation in + the Kerberos mechanism. The acceptor receives the delegated token in the + last argument to ggssss__aacccceepptt__sseecc__ccoonntteexxtt(). + + ggssss__kkrrbb55__iimmppoorrtt__ccrreedd() will import the krb5 credentials (both keytab + and/or credential cache) into gss credential so it can be used withing + GSS-API. The _c_c_a_c_h_e is copied by reference and thus shared, so if the + credential is destroyed with _k_r_b_5___c_c___d_e_s_t_r_o_y, all users of thep + _g_s_s___c_r_e_d___i_d___t returned by ggssss__kkrrbb55__iimmppoorrtt__ccccaacchhee() will fail. + + ggsssskkrrbb55__rreeggiisstteerr__aacccceeppttoorr__iiddeennttiittyy() sets the Kerberos 5 filebased keytab + that the acceptor will use. The _i_d_e_n_t_i_f_i_e_r is the file name. + + ggsssskkrrbb55__eexxttrraacctt__aauutthhzz__ddaattaa__ffrroomm__sseecc__ccoonntteexxtt() extracts the Kerberos + authorizationdata that may be stored within the context. Tha caller must + free the returned buffer _a_d___d_a_t_a with ggssss__rreelleeaassee__bbuuffffeerr() upon success. + + ggssss__kkrrbb55__ggeett__ttkktt__ffllaaggss() return the ticket flags for the kerberos ticket + receive when authenticating the initiator. Only valid on the acceptor + context. + + ggssss__kkrrbb55__ccoommppaatt__ddeess33__mmiicc() turns on or off the compatibility with older + version of Heimdal using des3 get and verify mic, this is way to program- + matically set the [gssapi]broken_des3_mic and [gssapi]correct_des3_mic + flags (see COMPATIBILITY section in gssapi(3)). If the CPP symbol + GSS_C_KRB5_COMPAT_DES3_MIC is present, ggssss__kkrrbb55__ccoommppaatt__ddeess33__mmiicc() exists. + ggssss__kkrrbb55__ccoommppaatt__ddeess33__mmiicc() will be removed in a later version of the GSS- + API library. + +SSEEEE AALLSSOO + gssapi(3), krb5(3), krb5_ccache(3), kerberos(8) + +HEIMDAL October 26, 2005 HEIMDAL diff --git a/lib/gssapi/gssapi.3 b/lib/gssapi/gssapi.3 index 0241ee786a16..089f751e9e6e 100644 --- a/lib/gssapi/gssapi.3 +++ b/lib/gssapi/gssapi.3 @@ -1,35 +1,35 @@ -.\" Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: gssapi.3 22071 2007-11-14 20:04:50Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd April 20, 2005 .Dt GSSAPI 3 @@ -53,57 +53,52 @@ These functions constitute the gssapi library, .Em libgssapi . Declarations for these functions may be obtained from the include file .Pa gssapi.h . -.sp 2 -.nf -.ta \w'gss_inquire_names_for_mech'u+2n +\w'Description goes here'u -\fIName/Page\fP \fIDescription\fP -.ta \w'gss_inquire_names_for_mech'u+2n +\w'Description goes here'u+6nC -.sp 5p -gss_accept_sec_context.3 -gss_acquire_cred.3 -gss_add_cred.3 -gss_add_oid_set_member.3 -gss_canonicalize_name.3 -gss_compare_name.3 -gss_context_time.3 -gss_create_empty_oid_set.3 -gss_delete_sec_context.3 -gss_display_name.3 -gss_display_status.3 -gss_duplicate_name.3 -gss_export_name.3 -gss_export_sec_context.3 -gss_get_mic.3 -gss_import_name.3 -gss_import_sec_context.3 -gss_indicate_mechs.3 -gss_init_sec_context.3 -gss_inquire_context.3 -gss_inquire_cred.3 -gss_inquire_cred_by_mech.3 -gss_inquire_mechs_for_name.3 -gss_inquire_names_for_mech.3 -gss_krb5_ccache_name.3 -gss_krb5_compat_des3_mic.3 -gss_krb5_copy_ccache.3 -gss_krb5_extract_authz_data_from_sec_context.3 -gss_krb5_import_ccache.3 -gss_process_context_token.3 -gss_release_buffer.3 -gss_release_cred.3 -gss_release_name.3 -gss_release_oid_set.3 -gss_seal.3 -gss_sign.3 -gss_test_oid_set_member.3 -gss_unseal.3 -gss_unwrap.3 -gss_verify.3 -gss_verify_mic.3 -gss_wrap.3 -gss_wrap_size_limit.3 -.ta -.Fi +.Bl -column -compact +.It Sy Name/Page +.It Xr gss_accept_sec_context 3 +.It Xr gss_acquire_cred 3 +.It Xr gss_add_cred 3 +.It Xr gss_add_oid_set_member 3 +.It Xr gss_canonicalize_name 3 +.It Xr gss_compare_name 3 +.It Xr gss_context_time 3 +.It Xr gss_create_empty_oid_set 3 +.It Xr gss_delete_sec_context 3 +.It Xr gss_display_name 3 +.It Xr gss_display_status 3 +.It Xr gss_duplicate_name 3 +.It Xr gss_export_name 3 +.It Xr gss_export_sec_context 3 +.It Xr gss_get_mic 3 +.It Xr gss_import_name 3 +.It Xr gss_import_sec_context 3 +.It Xr gss_indicate_mechs 3 +.It Xr gss_init_sec_context 3 +.It Xr gss_inquire_context 3 +.It Xr gss_inquire_cred 3 +.It Xr gss_inquire_cred_by_mech 3 +.It Xr gss_inquire_mechs_for_name 3 +.It Xr gss_inquire_names_for_mech 3 +.It Xr gss_krb5_ccache_name 3 +.It Xr gss_krb5_compat_des3_mic 3 +.It Xr gss_krb5_copy_ccache 3 +.It Xr gss_krb5_extract_authz_data_from_sec_context 3 +.It Xr gss_krb5_import_ccache 3 +.It Xr gss_process_context_token 3 +.It Xr gss_release_buffer 3 +.It Xr gss_release_cred 3 +.It Xr gss_release_name 3 +.It Xr gss_release_oid_set 3 +.It Xr gss_seal 3 +.It Xr gss_sign 3 +.It Xr gss_test_oid_set_member 3 +.It Xr gss_unseal 3 +.It Xr gss_unwrap 3 +.It Xr gss_verify 3 +.It Xr gss_verify_mic 3 +.It Xr gss_wrap 3 +.It Xr gss_wrap_size_limit 3 +.El .Sh COMPATIBILITY The .Nm Heimdal @@ -147,7 +142,7 @@ the later will override. .Pp This config option modifies behaviour for both clients and servers. .Pp -Microsoft implemented SPNEGO to Windows2000, however, they manage to +Microsoft implemented SPNEGO to Windows2000, however, they managed to get it wrong, their implementation didn't fill in the MechListMIC in the reply token with the right content. There is a work around for this problem, but not all implementation diff --git a/lib/gssapi/gssapi.cat3 b/lib/gssapi/gssapi.cat3 new file mode 100644 index 000000000000..82901ad0efbd --- /dev/null +++ b/lib/gssapi/gssapi.cat3 @@ -0,0 +1,115 @@ + +GSSAPI(3) BSD Library Functions Manual GSSAPI(3) + +NNAAMMEE + ggssssaappii -- Generic Security Service Application Program Interface library + +LLIIBBRRAARRYY + GSS-API Library (libgssapi, -lgssapi) + +DDEESSCCRRIIPPTTIIOONN + The Generic Security Service Application Program Interface (GSS-API) pro- + vides security services to callers in a generic fashion, supportable with + a range of underlying mechanisms and technologies and hence allowing + source-level portability of applications to different environments. + + The GSS-API implementation in Heimdal implements the Kerberos 5 and the + SPNEGO GSS-API security mechanisms. + +LLIISSTT OOFF FFUUNNCCTTIIOONNSS + These functions constitute the gssapi library, _l_i_b_g_s_s_a_p_i. Declarations + for these functions may be obtained from the include file _g_s_s_a_p_i_._h. + NNaammee//PPaaggee + gss_accept_sec_context(3) + gss_acquire_cred(3) + gss_add_cred(3) + gss_add_oid_set_member(3) + gss_canonicalize_name(3) + gss_compare_name(3) + gss_context_time(3) + gss_create_empty_oid_set(3) + gss_delete_sec_context(3) + gss_display_name(3) + gss_display_status(3) + gss_duplicate_name(3) + gss_export_name(3) + gss_export_sec_context(3) + gss_get_mic(3) + gss_import_name(3) + gss_import_sec_context(3) + gss_indicate_mechs(3) + gss_init_sec_context(3) + gss_inquire_context(3) + gss_inquire_cred(3) + gss_inquire_cred_by_mech(3) + gss_inquire_mechs_for_name(3) + gss_inquire_names_for_mech(3) + gss_krb5_ccache_name(3) + gss_krb5_compat_des3_mic(3) + gss_krb5_copy_ccache(3) + gss_krb5_extract_authz_data_from_sec_context(3) + gss_krb5_import_ccache(3) + gss_process_context_token(3) + gss_release_buffer(3) + gss_release_cred(3) + gss_release_name(3) + gss_release_oid_set(3) + gss_seal(3) + gss_sign(3) + gss_test_oid_set_member(3) + gss_unseal(3) + gss_unwrap(3) + gss_verify(3) + gss_verify_mic(3) + gss_wrap(3) + gss_wrap_size_limit(3) + +CCOOMMPPAATTIIBBIILLIITTYY + The HHeeiimmddaall GSS-API implementation had a bug in releases before 0.6 that + made it fail to inter-operate when using DES3 with other GSS-API imple- + mentations when using ggssss__ggeett__mmiicc() / ggssss__vveerriiffyy__mmiicc(). It is possible + to modify the behavior of the generator of the MIC with the _k_r_b_5_._c_o_n_f + configuration file so that old clients/servers will still work. + + New clients/servers will try both the old and new MIC in Heimdal 0.6. In + 0.7 it will check only if configured - the compatibility code will be + removed in 0.8. + + Heimdal 0.6 still generates by default the broken GSS-API DES3 mic, this + will change in 0.7 to generate correct des3 mic. + + To turn on compatibility with older clients and servers, change the + [[ggssssaappii]] _b_r_o_k_e_n___d_e_s_3___m_i_c in _k_r_b_5_._c_o_n_f that contains a list of globbing + expressions that will be matched against the server name. To turn off + generation of the old (incompatible) mic of the MIC use [[ggssssaappii]] + _c_o_r_r_e_c_t___d_e_s_3___m_i_c. + + If a match for a entry is in both [[ggssssaappii]] _c_o_r_r_e_c_t___d_e_s_3___m_i_c and [[ggssssaappii]] + _b_r_o_k_e_n___d_e_s_3___m_i_c, the later will override. + + This config option modifies behaviour for both clients and servers. + + Microsoft implemented SPNEGO to Windows2000, however, they managed to get + it wrong, their implementation didn't fill in the MechListMIC in the + reply token with the right content. There is a work around for this + problem, but not all implementation support it. + + Heimdal defaults to correct SPNEGO when the the kerberos implementation + uses CFX, or when it is configured by the user. To turn on compatibility + with peers, use option [[ggssssaappii]] _r_e_q_u_i_r_e___m_e_c_h_l_i_s_t___m_i_c. + +EEXXAAMMPPLLEESS + [gssapi] + broken_des3_mic = cvs/*@SU.SE + broken_des3_mic = host/*@E.KTH.SE + correct_des3_mic = host/*@SU.SE + require_mechlist_mic = host/*@SU.SE + +BBUUGGSS + All of 0.5.x versions of hheeiimmddaall had broken token delegations in the + client side, the server side was correct. + +SSEEEE AALLSSOO + krb5(3), krb5.conf(5), kerberos(8) + +BSD April 20, 2005 BSD diff --git a/lib/gssapi/gssapi.h b/lib/gssapi/gssapi.h index ae0274fd6bba..d2f039a5d552 100644 --- a/lib/gssapi/gssapi.h +++ b/lib/gssapi/gssapi.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: gssapi.h 18332 2006-10-07 20:57:15Z lha $ */ +/* $Id$ */ #ifndef GSSAPI_H_ #define GSSAPI_H_ diff --git a/lib/gssapi/gssapi/gssapi.h b/lib/gssapi/gssapi/gssapi.h index fbc638c48fca..bbb2fd54c9bd 100644 --- a/lib/gssapi/gssapi/gssapi.h +++ b/lib/gssapi/gssapi/gssapi.h @@ -1,38 +1,36 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: gssapi.h 21004 2007-06-08 01:53:10Z lha $ */ - #ifndef GSSAPI_GSSAPI_H_ #define GSSAPI_GSSAPI_H_ @@ -43,6 +41,45 @@ #include +#ifndef BUILD_GSSAPI_LIB +#if defined(_WIN32) +#define GSSAPI_LIB_FUNCTION __declspec(dllimport) +#define GSSAPI_LIB_CALL __stdcall +#define GSSAPI_LIB_VARIABLE __declspec(dllimport) +#else +#define GSSAPI_LIB_FUNCTION +#define GSSAPI_LIB_CALL +#define GSSAPI_LIB_VARIABLE +#endif +#endif + +#ifndef GSSAPI_DEPRECATED_FUNCTION +#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) +#define GSSAPI_DEPRECATED_FUNCTION(X) __attribute__((deprecated)) +#else +#define GSSAPI_DEPRECATED_FUNCTION(X) +#endif +#endif + +/* Compatiblity with MIT Kerberos on the Mac */ +#if defined(__APPLE__) && (defined(__ppc__) || defined(__ppc64__) || defined(__i386__) || defined(__x86_64__)) +#pragma pack(push,2) +#endif + +#ifdef __cplusplus +#define GSSAPI_CPP_START extern "C" { +#define GSSAPI_CPP_END } +#else +#define GSSAPI_CPP_START +#define GSSAPI_CPP_END +#endif + +#ifdef _WIN32 +#define GSSAPI_CALLCONV __stdcall +#else +#define GSSAPI_CALLCONV +#endif + /* * Now define the three implementation-dependent types. */ @@ -54,29 +91,35 @@ typedef uint32_t gss_uint32; struct gss_name_t_desc_struct; typedef struct gss_name_t_desc_struct *gss_name_t; +typedef const struct gss_name_t_desc_struct *gss_const_name_t; struct gss_ctx_id_t_desc_struct; typedef struct gss_ctx_id_t_desc_struct *gss_ctx_id_t; +typedef const struct gss_ctx_id_t_desc_struct gss_const_ctx_id_t; typedef struct gss_OID_desc_struct { OM_uint32 length; void *elements; } gss_OID_desc, *gss_OID; +typedef const gss_OID_desc * gss_const_OID; typedef struct gss_OID_set_desc_struct { size_t count; gss_OID elements; } gss_OID_set_desc, *gss_OID_set; +typedef const gss_OID_set_desc * gss_const_OID_set; typedef int gss_cred_usage_t; struct gss_cred_id_t_desc_struct; typedef struct gss_cred_id_t_desc_struct *gss_cred_id_t; +typedef const struct gss_cred_id_t_desc_struct *gss_const_cred_id_t; typedef struct gss_buffer_desc_struct { size_t length; void *value; } gss_buffer_desc, *gss_buffer_t; +typedef const gss_buffer_desc * gss_const_buffer_t; typedef struct gss_channel_bindings_struct { OM_uint32 initiator_addrtype; @@ -85,6 +128,7 @@ typedef struct gss_channel_bindings_struct { gss_buffer_desc acceptor_address; gss_buffer_desc application_data; } *gss_channel_bindings_t; +typedef const struct gss_channel_bindings_struct *gss_const_channel_bindings_t; /* GGF extension data types */ typedef struct gss_buffer_set_desc_struct { @@ -92,11 +136,18 @@ typedef struct gss_buffer_set_desc_struct { gss_buffer_desc *elements; } gss_buffer_set_desc, *gss_buffer_set_t; +typedef struct gss_iov_buffer_desc_struct { + OM_uint32 type; + gss_buffer_desc buffer; +} gss_iov_buffer_desc, *gss_iov_buffer_t; + /* * For now, define a QOP-type as an OM_uint32 */ typedef OM_uint32 gss_qop_t; + + /* * Flag bits for context-level services. */ @@ -113,6 +164,7 @@ typedef OM_uint32 gss_qop_t; #define GSS_C_DCE_STYLE 4096 #define GSS_C_IDENTIFY_FLAG 8192 #define GSS_C_EXTENDED_ERROR_FLAG 16384 +#define GSS_C_DELEG_POLICY_FLAG 32768 /* * Credential usage options @@ -167,6 +219,7 @@ typedef OM_uint32 gss_qop_t; #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) #define GSS_C_EMPTY_BUFFER {0, NULL} +#define GSS_C_NO_IOV_BUFFER ((gss_iov_buffer_t)0) /* * Some alternate names for a couple of the above @@ -195,9 +248,33 @@ typedef OM_uint32 gss_qop_t; */ #define GSS_C_INDEFINITE 0xfffffffful -#ifdef __cplusplus -extern "C" { -#endif +/* + * Type of gss_wrap_iov()/gss_unwrap_iov(). + */ + +#define GSS_IOV_BUFFER_TYPE_EMPTY 0 +#define GSS_IOV_BUFFER_TYPE_DATA 1 +#define GSS_IOV_BUFFER_TYPE_HEADER 2 +#define GSS_IOV_BUFFER_TYPE_MECH_PARAMS 3 + +#define GSS_IOV_BUFFER_TYPE_TRAILER 7 +#define GSS_IOV_BUFFER_TYPE_PADDING 9 +#define GSS_IOV_BUFFER_TYPE_STREAM 10 +#define GSS_IOV_BUFFER_TYPE_SIGN_ONLY 11 + +#define GSS_IOV_BUFFER_TYPE_FLAG_MASK 0xffff0000 +#define GSS_IOV_BUFFER_FLAG_ALLOCATE 0x00010000 +#define GSS_IOV_BUFFER_FLAG_ALLOCATED 0x00020000 + +#define GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE 0x00010000 /* old name */ +#define GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATED 0x00020000 /* old name */ + +#define GSS_IOV_BUFFER_TYPE(_t) ((_t) & ~GSS_IOV_BUFFER_TYPE_FLAG_MASK) +#define GSS_IOV_BUFFER_FLAGS(_t) ((_t) & GSS_IOV_BUFFER_TYPE_FLAG_MASK) + +GSSAPI_CPP_START + +#include /* * The implementation must reserve static storage for a @@ -210,7 +287,8 @@ extern "C" { * GSS_C_NT_USER_NAME should be initialized to point * to that gss_OID_desc. */ -extern gss_OID GSS_C_NT_USER_NAME; +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_user_name_oid_desc; +#define GSS_C_NT_USER_NAME (&__gss_c_nt_user_name_oid_desc) /* * The implementation must reserve static storage for a @@ -223,7 +301,8 @@ extern gss_OID GSS_C_NT_USER_NAME; * The constant GSS_C_NT_MACHINE_UID_NAME should be * initialized to point to that gss_OID_desc. */ -extern gss_OID GSS_C_NT_MACHINE_UID_NAME; +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_machine_uid_name_oid_desc; +#define GSS_C_NT_MACHINE_UID_NAME (&__gss_c_nt_machine_uid_name_oid_desc) /* * The implementation must reserve static storage for a @@ -236,7 +315,8 @@ extern gss_OID GSS_C_NT_MACHINE_UID_NAME; * The constant GSS_C_NT_STRING_UID_NAME should be * initialized to point to that gss_OID_desc. */ -extern gss_OID GSS_C_NT_STRING_UID_NAME; +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_string_uid_name_oid_desc; +#define GSS_C_NT_STRING_UID_NAME (&__gss_c_nt_string_uid_name_oid_desc) /* * The implementation must reserve static storage for a @@ -255,7 +335,8 @@ extern gss_OID GSS_C_NT_STRING_UID_NAME; * parameter, but should not be emitted by GSS-API * implementations */ -extern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X; +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_hostbased_service_x_oid_desc; +#define GSS_C_NT_HOSTBASED_SERVICE_X (&__gss_c_nt_hostbased_service_x_oid_desc) /* * The implementation must reserve static storage for a @@ -268,7 +349,8 @@ extern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X; * GSS_C_NT_HOSTBASED_SERVICE should be initialized * to point to that gss_OID_desc. */ -extern gss_OID GSS_C_NT_HOSTBASED_SERVICE; +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_hostbased_service_oid_desc; +#define GSS_C_NT_HOSTBASED_SERVICE (&__gss_c_nt_hostbased_service_oid_desc) /* * The implementation must reserve static storage for a @@ -280,7 +362,8 @@ extern gss_OID GSS_C_NT_HOSTBASED_SERVICE; * and GSS_C_NT_ANONYMOUS should be initialized to point * to that gss_OID_desc. */ -extern gss_OID GSS_C_NT_ANONYMOUS; +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_anonymous_oid_desc; +#define GSS_C_NT_ANONYMOUS (&__gss_c_nt_anonymous_oid_desc) /* * The implementation must reserve static storage for a @@ -292,19 +375,8 @@ extern gss_OID GSS_C_NT_ANONYMOUS; * GSS_C_NT_EXPORT_NAME should be initialized to point * to that gss_OID_desc. */ -extern gss_OID GSS_C_NT_EXPORT_NAME; - -/* - * Digest mechanism - */ - -extern gss_OID GSS_SASL_DIGEST_MD5_MECHANISM; - -/* - * NTLM mechanism - */ - -extern gss_OID GSS_NTLM_MECHANISM; +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_export_name_oid_desc; +#define GSS_C_NT_EXPORT_NAME (&__gss_c_nt_export_name_oid_desc) /* Major status codes */ @@ -373,6 +445,12 @@ extern gss_OID GSS_NTLM_MECHANISM; #define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_MECH_ATTR (19ul << GSS_C_ROUTINE_ERROR_OFFSET) + +/* + * Apparently awating spec fix. + */ +#define GSS_S_CRED_UNAVAIL GSS_S_FAILURE /* * Supplementary info bits: @@ -387,7 +465,10 @@ extern gss_OID GSS_NTLM_MECHANISM; * Finally, function prototypes for the GSS-API routines. */ -OM_uint32 gss_acquire_cred +#define GSS_C_OPTION_MASK 0xffff +#define GSS_C_CRED_NO_UI 0x10000 + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_acquire_cred (OM_uint32 * /*minor_status*/, const gss_name_t /*desired_name*/, OM_uint32 /*time_req*/, @@ -398,12 +479,12 @@ OM_uint32 gss_acquire_cred OM_uint32 * /*time_rec*/ ); -OM_uint32 gss_release_cred +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_cred (OM_uint32 * /*minor_status*/, gss_cred_id_t * /*cred_handle*/ ); -OM_uint32 gss_init_sec_context +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_init_sec_context (OM_uint32 * /*minor_status*/, const gss_cred_id_t /*initiator_cred_handle*/, gss_ctx_id_t * /*context_handle*/, @@ -419,7 +500,7 @@ OM_uint32 gss_init_sec_context OM_uint32 * /*time_rec*/ ); -OM_uint32 gss_accept_sec_context +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_accept_sec_context (OM_uint32 * /*minor_status*/, gss_ctx_id_t * /*context_handle*/, const gss_cred_id_t /*acceptor_cred_handle*/, @@ -433,25 +514,25 @@ OM_uint32 gss_accept_sec_context gss_cred_id_t * /*delegated_cred_handle*/ ); -OM_uint32 gss_process_context_token +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_process_context_token (OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, const gss_buffer_t /*token_buffer*/ ); -OM_uint32 gss_delete_sec_context +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_delete_sec_context (OM_uint32 * /*minor_status*/, gss_ctx_id_t * /*context_handle*/, gss_buffer_t /*output_token*/ ); -OM_uint32 gss_context_time +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_context_time (OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, OM_uint32 * /*time_rec*/ ); -OM_uint32 gss_get_mic +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_get_mic (OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, gss_qop_t /*qop_req*/, @@ -459,7 +540,7 @@ OM_uint32 gss_get_mic gss_buffer_t /*message_token*/ ); -OM_uint32 gss_verify_mic +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_verify_mic (OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, const gss_buffer_t /*message_buffer*/, @@ -467,7 +548,7 @@ OM_uint32 gss_verify_mic gss_qop_t * /*qop_state*/ ); -OM_uint32 gss_wrap +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap (OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, int /*conf_req_flag*/, @@ -477,7 +558,7 @@ OM_uint32 gss_wrap gss_buffer_t /*output_message_buffer*/ ); -OM_uint32 gss_unwrap +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_unwrap (OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, const gss_buffer_t /*input_message_buffer*/, @@ -486,7 +567,7 @@ OM_uint32 gss_unwrap gss_qop_t * /*qop_state*/ ); -OM_uint32 gss_display_status +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_display_status (OM_uint32 * /*minor_status*/, OM_uint32 /*status_value*/, int /*status_type*/, @@ -495,54 +576,54 @@ OM_uint32 gss_display_status gss_buffer_t /*status_string*/ ); -OM_uint32 gss_indicate_mechs +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_indicate_mechs (OM_uint32 * /*minor_status*/, gss_OID_set * /*mech_set*/ ); -OM_uint32 gss_compare_name +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_compare_name (OM_uint32 * /*minor_status*/, const gss_name_t /*name1*/, const gss_name_t /*name2*/, int * /*name_equal*/ ); -OM_uint32 gss_display_name +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_display_name (OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, gss_buffer_t /*output_name_buffer*/, gss_OID * /*output_name_type*/ ); -OM_uint32 gss_import_name +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_import_name (OM_uint32 * /*minor_status*/, const gss_buffer_t /*input_name_buffer*/, const gss_OID /*input_name_type*/, gss_name_t * /*output_name*/ ); -OM_uint32 gss_export_name +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_export_name (OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, gss_buffer_t /*exported_name*/ ); -OM_uint32 gss_release_name +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_name (OM_uint32 * /*minor_status*/, gss_name_t * /*input_name*/ ); -OM_uint32 gss_release_buffer +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_buffer (OM_uint32 * /*minor_status*/, gss_buffer_t /*buffer*/ ); -OM_uint32 gss_release_oid_set +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_oid_set (OM_uint32 * /*minor_status*/, gss_OID_set * /*set*/ ); -OM_uint32 gss_inquire_cred +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_cred (OM_uint32 * /*minor_status*/, const gss_cred_id_t /*cred_handle*/, gss_name_t * /*name*/, @@ -551,7 +632,7 @@ OM_uint32 gss_inquire_cred gss_OID_set * /*mechanisms*/ ); -OM_uint32 gss_inquire_context ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_context ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, gss_name_t * /*src_name*/, @@ -563,7 +644,7 @@ OM_uint32 gss_inquire_context ( int * /*open_context*/ ); -OM_uint32 gss_wrap_size_limit ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap_size_limit ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, int /*conf_req_flag*/, @@ -572,7 +653,7 @@ OM_uint32 gss_wrap_size_limit ( OM_uint32 * /*max_input_size*/ ); -OM_uint32 gss_add_cred ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_add_cred ( OM_uint32 * /*minor_status*/, const gss_cred_id_t /*input_cred_handle*/, const gss_name_t /*desired_name*/, @@ -586,7 +667,7 @@ OM_uint32 gss_add_cred ( OM_uint32 * /*acceptor_time_rec*/ ); -OM_uint32 gss_inquire_cred_by_mech ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_cred_by_mech ( OM_uint32 * /*minor_status*/, const gss_cred_id_t /*cred_handle*/, const gss_OID /*mech_type*/, @@ -596,80 +677,81 @@ OM_uint32 gss_inquire_cred_by_mech ( gss_cred_usage_t * /*cred_usage*/ ); -OM_uint32 gss_export_sec_context ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_export_sec_context ( OM_uint32 * /*minor_status*/, gss_ctx_id_t * /*context_handle*/, gss_buffer_t /*interprocess_token*/ ); -OM_uint32 gss_import_sec_context ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_import_sec_context ( OM_uint32 * /*minor_status*/, const gss_buffer_t /*interprocess_token*/, gss_ctx_id_t * /*context_handle*/ ); -OM_uint32 gss_create_empty_oid_set ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_create_empty_oid_set ( OM_uint32 * /*minor_status*/, gss_OID_set * /*oid_set*/ ); -OM_uint32 gss_add_oid_set_member ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_add_oid_set_member ( OM_uint32 * /*minor_status*/, const gss_OID /*member_oid*/, gss_OID_set * /*oid_set*/ ); -OM_uint32 gss_test_oid_set_member ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_test_oid_set_member ( OM_uint32 * /*minor_status*/, const gss_OID /*member*/, const gss_OID_set /*set*/, int * /*present*/ ); -OM_uint32 gss_inquire_names_for_mech ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_names_for_mech ( OM_uint32 * /*minor_status*/, const gss_OID /*mechanism*/, gss_OID_set * /*name_types*/ ); -OM_uint32 gss_inquire_mechs_for_name ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_mechs_for_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, gss_OID_set * /*mech_types*/ ); -OM_uint32 gss_canonicalize_name ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_canonicalize_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, const gss_OID /*mech_type*/, gss_name_t * /*output_name*/ ); -OM_uint32 gss_duplicate_name ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_duplicate_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*src_name*/, gss_name_t * /*dest_name*/ ); -OM_uint32 gss_duplicate_oid ( +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_duplicate_oid ( OM_uint32 * /* minor_status */, gss_OID /* src_oid */, gss_OID * /* dest_oid */ ); -OM_uint32 + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_oid (OM_uint32 * /*minor_status*/, gss_OID * /* oid */ ); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_oid_to_str( OM_uint32 * /*minor_status*/, gss_OID /* oid */, gss_buffer_t /* str */ ); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_sec_context_by_oid( OM_uint32 * minor_status, const gss_ctx_id_t context_handle, @@ -677,38 +759,38 @@ gss_inquire_sec_context_by_oid( gss_buffer_set_t *data_set ); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_set_sec_context_option (OM_uint32 *minor_status, gss_ctx_id_t *context_handle, const gss_OID desired_object, const gss_buffer_t value); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_set_cred_option (OM_uint32 *minor_status, gss_cred_id_t *cred_handle, const gss_OID object, const gss_buffer_t value); -int -gss_oid_equal(const gss_OID a, const gss_OID b); +GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL +gss_oid_equal(gss_const_OID a, gss_const_OID b); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_create_empty_buffer_set (OM_uint32 * minor_status, gss_buffer_set_t *buffer_set); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_add_buffer_set_member (OM_uint32 * minor_status, const gss_buffer_t member_buffer, gss_buffer_set_t *buffer_set); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_buffer_set (OM_uint32 * minor_status, gss_buffer_set_t *buffer_set); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_cred_by_oid(OM_uint32 *minor_status, const gss_cred_id_t cred_handle, const gss_OID desired_object, @@ -721,7 +803,7 @@ gss_inquire_cred_by_oid(OM_uint32 *minor_status, #define GSS_C_PRF_KEY_FULL 0 #define GSS_C_PRF_KEY_PARTIAL 1 -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_pseudo_random (OM_uint32 *minor_status, gss_ctx_id_t context, @@ -731,6 +813,41 @@ gss_pseudo_random gss_buffer_t prf_out ); +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_store_cred(OM_uint32 * /* minor_status */, + gss_cred_id_t /* input_cred_handle */, + gss_cred_usage_t /* cred_usage */, + const gss_OID /* desired_mech */, + OM_uint32 /* overwrite_cred */, + OM_uint32 /* default_cred */, + gss_OID_set * /* elements_stored */, + gss_cred_usage_t * /* cred_usage_stored */); + + +/* + * Query functions + */ + +typedef struct { + size_t header; /**< size of header */ + size_t trailer; /**< size of trailer */ + size_t max_msg_size; /**< maximum message size */ + size_t buffers; /**< extra GSS_IOV_BUFFER_TYPE_EMPTY buffer to pass */ + size_t blocksize; /**< Specificed optimal size of messages, also + is the maximum padding size + (GSS_IOV_BUFFER_TYPE_PADDING) */ +} gss_context_stream_sizes; + +extern gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_attr_stream_sizes_oid_desc; +#define GSS_C_ATTR_STREAM_SIZES (&__gss_c_attr_stream_sizes_oid_desc) + + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_context_query_attributes(OM_uint32 * /* minor_status */, + const gss_ctx_id_t /* context_handle */, + const gss_OID /* attribute */, + void * /*data*/, + size_t /* len */); /* * The following routines are obsolete variants of gss_get_mic, * gss_verify_mic, gss_wrap and gss_unwrap. They should be @@ -742,23 +859,23 @@ gss_pseudo_random * obsolete versions of these routines and their current forms. */ -OM_uint32 gss_sign +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_sign (OM_uint32 * /*minor_status*/, gss_ctx_id_t /*context_handle*/, int /*qop_req*/, gss_buffer_t /*message_buffer*/, gss_buffer_t /*message_token*/ - ); + ) GSSAPI_DEPRECATED_FUNCTION("Use gss_get_mic"); -OM_uint32 gss_verify +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_verify (OM_uint32 * /*minor_status*/, gss_ctx_id_t /*context_handle*/, gss_buffer_t /*message_buffer*/, gss_buffer_t /*token_buffer*/, int * /*qop_state*/ - ); + ) GSSAPI_DEPRECATED_FUNCTION("Use gss_verify_mic"); -OM_uint32 gss_seal +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_seal (OM_uint32 * /*minor_status*/, gss_ctx_id_t /*context_handle*/, int /*conf_req_flag*/, @@ -766,44 +883,238 @@ OM_uint32 gss_seal gss_buffer_t /*input_message_buffer*/, int * /*conf_state*/, gss_buffer_t /*output_message_buffer*/ - ); + ) GSSAPI_DEPRECATED_FUNCTION("Use gss_wrap"); -OM_uint32 gss_unseal +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_unseal (OM_uint32 * /*minor_status*/, gss_ctx_id_t /*context_handle*/, gss_buffer_t /*input_message_buffer*/, gss_buffer_t /*output_message_buffer*/, int * /*conf_state*/, int * /*qop_state*/ + ) GSSAPI_DEPRECATED_FUNCTION("Use gss_unwrap"); + +/** + * + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_encapsulate_token(gss_const_buffer_t /* input_token */, + gss_const_OID /* oid */, + gss_buffer_t /* output_token */); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_decapsulate_token(gss_const_buffer_t /* input_token */, + gss_const_OID /* oid */, + gss_buffer_t /* output_token */); + + + +/* + * AEAD support + */ + +/* + * GSS_IOV + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_wrap_iov(OM_uint32 *, gss_ctx_id_t, int, gss_qop_t, int *, + gss_iov_buffer_desc *, int); + + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_unwrap_iov(OM_uint32 *, gss_ctx_id_t, int *, gss_qop_t *, + gss_iov_buffer_desc *, int); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_wrap_iov_length(OM_uint32 *, gss_ctx_id_t, int, gss_qop_t, int *, + gss_iov_buffer_desc *, int); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_release_iov_buffer(OM_uint32 *, gss_iov_buffer_desc *, int); + + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_export_cred(OM_uint32 * /* minor_status */, + gss_cred_id_t /* cred_handle */, + gss_buffer_t /* cred_token */); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_import_cred(OM_uint32 * /* minor_status */, + gss_buffer_t /* cred_token */, + gss_cred_id_t * /* cred_handle */); + +/* + * mech option + */ + +GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL +gss_mo_set(gss_const_OID mech, gss_const_OID option, + int enable, gss_buffer_t value); + +GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL +gss_mo_get(gss_const_OID mech, gss_const_OID option, gss_buffer_t value); + +GSSAPI_LIB_FUNCTION void GSSAPI_LIB_CALL +gss_mo_list(gss_const_OID mech, gss_OID_set *options); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_mo_name(gss_const_OID mech, gss_const_OID options, gss_buffer_t name); + +/* + * SASL glue functions and mech inquire + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_saslname_for_mech(OM_uint32 *minor_status, + const gss_OID desired_mech, + gss_buffer_t sasl_mech_name, + gss_buffer_t mech_name, + gss_buffer_t mech_description); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_mech_for_saslname(OM_uint32 *minor_status, + const gss_buffer_t sasl_mech_name, + gss_OID *mech_type); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_indicate_mechs_by_attrs(OM_uint32 * minor_status, + gss_const_OID_set desired_mech_attrs, + gss_const_OID_set except_mech_attrs, + gss_const_OID_set critical_mech_attrs, + gss_OID_set *mechs); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_attrs_for_mech(OM_uint32 * minor_status, + gss_const_OID mech, + gss_OID_set *mech_attr, + gss_OID_set *known_mech_attrs); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_display_mech_attr(OM_uint32 * minor_status, + gss_const_OID mech_attr, + gss_buffer_t name, + gss_buffer_t short_desc, + gss_buffer_t long_desc); + +/* + * Solaris compat + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_acquire_cred_with_password + (OM_uint32 * /*minor_status*/, + const gss_name_t /*desired_name*/, + const gss_buffer_t /*password*/, + OM_uint32 /*time_req*/, + const gss_OID_set /*desired_mechs*/, + gss_cred_usage_t /*cred_usage*/, + gss_cred_id_t * /*output_cred_handle*/, + gss_OID_set * /*actual_mechs*/, + OM_uint32 * /*time_rec*/ ); +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_add_cred_with_password ( + OM_uint32 * /*minor_status*/, + const gss_cred_id_t /*input_cred_handle*/, + const gss_name_t /*desired_name*/, + const gss_OID /*desired_mech*/, + const gss_buffer_t /*password*/, + gss_cred_usage_t /*cred_usage*/, + OM_uint32 /*initiator_time_req*/, + OM_uint32 /*acceptor_time_req*/, + gss_cred_id_t * /*output_cred_handle*/, + gss_OID_set * /*actual_mechs*/, + OM_uint32 * /*initiator_time_rec*/, + OM_uint32 * /*acceptor_time_rec*/ + ); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_pname_to_uid( + OM_uint32 *minor, + const gss_name_t name, + const gss_OID mech_type, + uid_t *uidOut); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_authorize_localname( + OM_uint32 *minor, + const gss_name_t name, + const gss_name_t user); + +GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL +gss_userok(const gss_name_t name, + const char *user); + +extern GSSAPI_LIB_VARIABLE gss_buffer_desc __gss_c_attr_local_login_user; +#define GSS_C_ATTR_LOCAL_LOGIN_USER (&__gss_c_attr_local_login_user) + +/* + * Naming extensions + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_display_name_ext ( + OM_uint32 *, /* minor_status */ + gss_name_t, /* name */ + gss_OID, /* display_as_name_type */ + gss_buffer_t /* display_name */ + ); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_name ( + OM_uint32 *, /* minor_status */ + gss_name_t, /* name */ + int *, /* name_is_MN */ + gss_OID *, /* MN_mech */ + gss_buffer_set_t * /* attrs */ + ); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_get_name_attribute ( + OM_uint32 *, /* minor_status */ + gss_name_t, /* name */ + gss_buffer_t, /* attr */ + int *, /* authenticated */ + int *, /* complete */ + gss_buffer_t, /* value */ + gss_buffer_t, /* display_value */ + int * /* more */ + ); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_set_name_attribute ( + OM_uint32 *, /* minor_status */ + gss_name_t, /* name */ + int, /* complete */ + gss_buffer_t, /* attr */ + gss_buffer_t /* value */ + ); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_delete_name_attribute ( + OM_uint32 *, /* minor_status */ + gss_name_t, /* name */ + gss_buffer_t /* attr */ + ); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_export_name_composite ( + OM_uint32 *, /* minor_status */ + gss_name_t, /* name */ + gss_buffer_t /* exp_composite_name */ + ); + /* * */ -OM_uint32 -gss_inquire_sec_context_by_oid (OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_OID desired_object, - gss_buffer_set_t *data_set); +GSSAPI_LIB_FUNCTION const char * GSSAPI_LIB_CALL +gss_oid_to_name(gss_const_OID oid); -OM_uint32 -gss_encapsulate_token(gss_buffer_t /* input_token */, - gss_OID /* oid */, - gss_buffer_t /* output_token */); +GSSAPI_LIB_FUNCTION gss_OID GSSAPI_LIB_CALL +gss_name_to_oid(const char *name); -OM_uint32 -gss_decapsulate_token(gss_buffer_t /* input_token */, - gss_OID /* oid */, - gss_buffer_t /* output_token */); +GSSAPI_CPP_END - - -#ifdef __cplusplus -} +#if defined(__APPLE__) && (defined(__ppc__) || defined(__ppc64__) || defined(__i386__) || defined(__x86_64__)) +#pragma pack(pop) #endif -#include -#include +#undef GSSAPI_DEPRECATED_FUNCTION #endif /* GSSAPI_GSSAPI_H_ */ diff --git a/lib/gssapi/gssapi/gssapi_krb5.h b/lib/gssapi/gssapi/gssapi_krb5.h index cca529fe26ff..2f605f5ee113 100644 --- a/lib/gssapi/gssapi/gssapi_krb5.h +++ b/lib/gssapi/gssapi/gssapi_krb5.h @@ -1,86 +1,73 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: gssapi_krb5.h 20385 2007-04-18 08:51:32Z lha $ */ +/* $Id$ */ #ifndef GSSAPI_KRB5_H_ #define GSSAPI_KRB5_H_ -#include +#include -#ifdef __cplusplus -extern "C" { +GSSAPI_CPP_START + +#if !defined(__GNUC__) && !defined(__attribute__) +#define __attribute__(x) #endif +#ifndef GSSKRB5_FUNCTION_DEPRECATED +#define GSSKRB5_FUNCTION_DEPRECATED __attribute__((deprecated)) +#endif + + /* * This is for kerberos5 names. */ -extern gss_OID GSS_KRB5_NT_PRINCIPAL_NAME; -extern gss_OID GSS_KRB5_NT_USER_NAME; -extern gss_OID GSS_KRB5_NT_MACHINE_UID_NAME; -extern gss_OID GSS_KRB5_NT_STRING_UID_NAME; +extern gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_nt_principal_name_oid_desc; +#define GSS_KRB5_NT_PRINCIPAL_NAME (&__gss_krb5_nt_principal_name_oid_desc) -extern gss_OID GSS_KRB5_MECHANISM; +#define GSS_KRB5_NT_USER_NAME (&__gss_c_nt_user_name_oid_desc) +#define GSS_KRB5_NT_MACHINE_UID_NAME (&__gss_c_nt_machine_uid_name_oid_desc) +#define GSS_KRB5_NT_STRING_UID_NAME (&__gss_c_nt_string_uid_name_oid_desc) + +extern gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_mechanism_oid_desc; +#define GSS_KRB5_MECHANISM (&__gss_krb5_mechanism_oid_desc) /* for compatibility with MIT api */ #define gss_mech_krb5 GSS_KRB5_MECHANISM #define gss_krb5_nt_general_name GSS_KRB5_NT_PRINCIPAL_NAME -/* Extensions set contexts options */ -extern gss_OID GSS_KRB5_COPY_CCACHE_X; -extern gss_OID GSS_KRB5_COMPAT_DES3_MIC_X; -extern gss_OID GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X; -extern gss_OID GSS_KRB5_SET_DNS_CANONICALIZE_X; -extern gss_OID GSS_KRB5_SEND_TO_KDC_X; -extern gss_OID GSS_KRB5_SET_DEFAULT_REALM_X; -extern gss_OID GSS_KRB5_CCACHE_NAME_X; -/* Extensions inquire context */ -extern gss_OID GSS_KRB5_GET_TKT_FLAGS_X; -extern gss_OID GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X; -extern gss_OID GSS_C_PEER_HAS_UPDATED_SPNEGO; -extern gss_OID GSS_KRB5_EXPORT_LUCID_CONTEXT_X; -extern gss_OID GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X; -extern gss_OID GSS_KRB5_GET_SUBKEY_X; -extern gss_OID GSS_KRB5_GET_INITIATOR_SUBKEY_X; -extern gss_OID GSS_KRB5_GET_ACCEPTOR_SUBKEY_X; -extern gss_OID GSS_KRB5_GET_AUTHTIME_X; -extern gss_OID GSS_KRB5_GET_SERVICE_KEYBLOCK_X; -/* Extensions creds */ -extern gss_OID GSS_KRB5_IMPORT_CRED_X; -extern gss_OID GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X; - /* * kerberos mechanism specific functions */ @@ -89,39 +76,42 @@ struct krb5_keytab_data; struct krb5_ccache_data; struct Principal; -OM_uint32 -gss_krb5_ccache_name(OM_uint32 * /*minor_status*/, +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_krb5_ccache_name(OM_uint32 * /*minor_status*/, const char * /*name */, const char ** /*out_name */); -OM_uint32 gsskrb5_register_acceptor_identity - (const char */*identity*/); +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gsskrb5_register_acceptor_identity + (const char * /*identity*/); -OM_uint32 gss_krb5_copy_ccache - (OM_uint32 */*minor*/, +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL krb5_gss_register_acceptor_identity + (const char * /*identity*/); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_krb5_copy_ccache + (OM_uint32 * /*minor*/, gss_cred_id_t /*cred*/, - struct krb5_ccache_data */*out*/); + struct krb5_ccache_data * /*out*/); -OM_uint32 -gss_krb5_import_cred(OM_uint32 */*minor*/, +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_krb5_import_cred(OM_uint32 * /*minor*/, struct krb5_ccache_data * /*in*/, struct Principal * /*keytab_principal*/, struct krb5_keytab_data * /*keytab*/, - gss_cred_id_t */*out*/); + gss_cred_id_t * /*out*/); -OM_uint32 gss_krb5_get_tkt_flags - (OM_uint32 */*minor*/, +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_krb5_get_tkt_flags + (OM_uint32 * /*minor*/, gss_ctx_id_t /*context_handle*/, - OM_uint32 */*tkt_flags*/); + OM_uint32 * /*tkt_flags*/); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gsskrb5_extract_authz_data_from_sec_context (OM_uint32 * /*minor_status*/, gss_ctx_id_t /*context_handle*/, int /*ad_type*/, gss_buffer_t /*ad_data*/); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gsskrb5_set_dns_canonicalize(int); struct gsskrb5_send_to_kdc { @@ -129,30 +119,47 @@ struct gsskrb5_send_to_kdc { void *ptr; }; -OM_uint32 -gsskrb5_set_send_to_kdc(struct gsskrb5_send_to_kdc *); +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_set_send_to_kdc(struct gsskrb5_send_to_kdc *) + GSSKRB5_FUNCTION_DEPRECATED; -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gsskrb5_set_default_realm(const char *); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gsskrb5_extract_authtime_from_sec_context(OM_uint32 *, gss_ctx_id_t, time_t *); struct EncryptionKey; -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gsskrb5_extract_service_keyblock(OM_uint32 *minor_status, gss_ctx_id_t context_handle, struct EncryptionKey **out); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gsskrb5_get_initiator_subkey(OM_uint32 *minor_status, gss_ctx_id_t context_handle, struct EncryptionKey **out); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gsskrb5_get_subkey(OM_uint32 *minor_status, gss_ctx_id_t context_handle, struct EncryptionKey **out); +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_set_time_offset(int); + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_get_time_offset(int *); + +struct gsskrb5_krb5_plugin { + int type; + char *name; + void *symbol; +}; + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_plugin_register(struct gsskrb5_krb5_plugin *); + + /* * Lucid - NFSv4 interface to GSS-API KRB5 to expose key material to * do GSS content token handling in-kernel. @@ -195,26 +202,24 @@ typedef struct gss_krb5_lucid_context_version { * Function declarations */ -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_krb5_export_lucid_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, OM_uint32 version, void **kctx); -OM_uint32 +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_krb5_free_lucid_sec_context(OM_uint32 *minor_status, void *kctx); -OM_uint32 -gss_krb5_set_allowable_enctypes(OM_uint32 *minor_status, +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_krb5_set_allowable_enctypes(OM_uint32 *minor_status, gss_cred_id_t cred, OM_uint32 num_enctypes, int32_t *enctypes); -#ifdef __cplusplus -} -#endif +GSSAPI_CPP_END #endif /* GSSAPI_SPNEGO_H_ */ diff --git a/lib/gssapi/gssapi/gssapi_ntlm.h b/lib/gssapi/gssapi/gssapi_ntlm.h new file mode 100644 index 000000000000..e37c003c7db0 --- /dev/null +++ b/lib/gssapi/gssapi/gssapi_ntlm.h @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2006 - 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef GSSAPI_NTLM_H_ +#define GSSAPI_NTLM_H_ + +#include + +#endif /* GSSAPI_NTLM_H_ */ diff --git a/lib/gssapi/gssapi/gssapi_oid.h b/lib/gssapi/gssapi/gssapi_oid.h new file mode 100644 index 000000000000..9465efc77f44 --- /dev/null +++ b/lib/gssapi/gssapi/gssapi_oid.h @@ -0,0 +1,245 @@ +/* Generated file */ +#ifndef GSSAPI_GSSAPI_OID +#define GSSAPI_GSSAPI_OID 1 + + /* contact Love Hörnquist Ã…strand for new oid arcs */ + /* + * 1.2.752.43.13 Heimdal GSS-API Extentions + */ +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_copy_ccache_x_oid_desc; +#define GSS_KRB5_COPY_CCACHE_X (&__gss_krb5_copy_ccache_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_tkt_flags_x_oid_desc; +#define GSS_KRB5_GET_TKT_FLAGS_X (&__gss_krb5_get_tkt_flags_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_extract_authz_data_from_sec_context_x_oid_desc; +#define GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X (&__gss_krb5_extract_authz_data_from_sec_context_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_compat_des3_mic_x_oid_desc; +#define GSS_KRB5_COMPAT_DES3_MIC_X (&__gss_krb5_compat_des3_mic_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_register_acceptor_identity_x_oid_desc; +#define GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X (&__gss_krb5_register_acceptor_identity_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_export_lucid_context_x_oid_desc; +#define GSS_KRB5_EXPORT_LUCID_CONTEXT_X (&__gss_krb5_export_lucid_context_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_export_lucid_context_v1_x_oid_desc; +#define GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X (&__gss_krb5_export_lucid_context_v1_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_set_dns_canonicalize_x_oid_desc; +#define GSS_KRB5_SET_DNS_CANONICALIZE_X (&__gss_krb5_set_dns_canonicalize_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_subkey_x_oid_desc; +#define GSS_KRB5_GET_SUBKEY_X (&__gss_krb5_get_subkey_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_initiator_subkey_x_oid_desc; +#define GSS_KRB5_GET_INITIATOR_SUBKEY_X (&__gss_krb5_get_initiator_subkey_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_acceptor_subkey_x_oid_desc; +#define GSS_KRB5_GET_ACCEPTOR_SUBKEY_X (&__gss_krb5_get_acceptor_subkey_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_send_to_kdc_x_oid_desc; +#define GSS_KRB5_SEND_TO_KDC_X (&__gss_krb5_send_to_kdc_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_authtime_x_oid_desc; +#define GSS_KRB5_GET_AUTHTIME_X (&__gss_krb5_get_authtime_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_service_keyblock_x_oid_desc; +#define GSS_KRB5_GET_SERVICE_KEYBLOCK_X (&__gss_krb5_get_service_keyblock_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_set_allowable_enctypes_x_oid_desc; +#define GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X (&__gss_krb5_set_allowable_enctypes_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_set_default_realm_x_oid_desc; +#define GSS_KRB5_SET_DEFAULT_REALM_X (&__gss_krb5_set_default_realm_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_ccache_name_x_oid_desc; +#define GSS_KRB5_CCACHE_NAME_X (&__gss_krb5_ccache_name_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_set_time_offset_x_oid_desc; +#define GSS_KRB5_SET_TIME_OFFSET_X (&__gss_krb5_set_time_offset_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_time_offset_x_oid_desc; +#define GSS_KRB5_GET_TIME_OFFSET_X (&__gss_krb5_get_time_offset_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_plugin_register_x_oid_desc; +#define GSS_KRB5_PLUGIN_REGISTER_X (&__gss_krb5_plugin_register_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_ntlm_get_session_key_x_oid_desc; +#define GSS_NTLM_GET_SESSION_KEY_X (&__gss_ntlm_get_session_key_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_ntlm_oid_desc; +#define GSS_C_NT_NTLM (&__gss_c_nt_ntlm_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_dn_oid_desc; +#define GSS_C_NT_DN (&__gss_c_nt_dn_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_nt_principal_name_referral_oid_desc; +#define GSS_KRB5_NT_PRINCIPAL_NAME_REFERRAL (&__gss_krb5_nt_principal_name_referral_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ntlm_avguest_oid_desc; +#define GSS_C_NTLM_AVGUEST (&__gss_c_ntlm_avguest_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ntlm_v1_oid_desc; +#define GSS_C_NTLM_V1 (&__gss_c_ntlm_v1_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ntlm_v2_oid_desc; +#define GSS_C_NTLM_V2 (&__gss_c_ntlm_v2_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ntlm_session_key_oid_desc; +#define GSS_C_NTLM_SESSION_KEY (&__gss_c_ntlm_session_key_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ntlm_force_v1_oid_desc; +#define GSS_C_NTLM_FORCE_V1 (&__gss_c_ntlm_force_v1_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_cred_no_ci_flags_x_oid_desc; +#define GSS_KRB5_CRED_NO_CI_FLAGS_X (&__gss_krb5_cred_no_ci_flags_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_import_cred_x_oid_desc; +#define GSS_KRB5_IMPORT_CRED_X (&__gss_krb5_import_cred_x_oid_desc) + + /* glue for gss_inquire_saslname_for_mech */ +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_sasl_mech_name_oid_desc; +#define GSS_C_MA_SASL_MECH_NAME (&__gss_c_ma_sasl_mech_name_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_mech_name_oid_desc; +#define GSS_C_MA_MECH_NAME (&__gss_c_ma_mech_name_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_mech_description_oid_desc; +#define GSS_C_MA_MECH_DESCRIPTION (&__gss_c_ma_mech_description_oid_desc) + + /* credential types */ +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_cred_password_oid_desc; +#define GSS_C_CRED_PASSWORD (&__gss_c_cred_password_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_cred_certificate_oid_desc; +#define GSS_C_CRED_CERTIFICATE (&__gss_c_cred_certificate_oid_desc) + +/* Heimdal mechanisms - 1.2.752.43.14 */ +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_sasl_digest_md5_mechanism_oid_desc; +#define GSS_SASL_DIGEST_MD5_MECHANISM (&__gss_sasl_digest_md5_mechanism_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_netlogon_mechanism_oid_desc; +#define GSS_NETLOGON_MECHANISM (&__gss_netlogon_mechanism_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_netlogon_set_session_key_x_oid_desc; +#define GSS_NETLOGON_SET_SESSION_KEY_X (&__gss_netlogon_set_session_key_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_netlogon_set_sign_algorithm_x_oid_desc; +#define GSS_NETLOGON_SET_SIGN_ALGORITHM_X (&__gss_netlogon_set_sign_algorithm_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_netlogon_nt_netbios_dns_name_oid_desc; +#define GSS_NETLOGON_NT_NETBIOS_DNS_NAME (&__gss_netlogon_nt_netbios_dns_name_oid_desc) + +/* GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X.128 */ +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_inq_win2k_pac_x_oid_desc; +#define GSS_C_INQ_WIN2K_PAC_X (&__gss_c_inq_win2k_pac_x_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_inq_sspi_session_key_oid_desc; +#define GSS_C_INQ_SSPI_SESSION_KEY (&__gss_c_inq_sspi_session_key_oid_desc) + +/* + * "Standard" mechs + */ +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_mechanism_oid_desc; +#define GSS_KRB5_MECHANISM (&__gss_krb5_mechanism_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_ntlm_mechanism_oid_desc; +#define GSS_NTLM_MECHANISM (&__gss_ntlm_mechanism_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_spnego_mechanism_oid_desc; +#define GSS_SPNEGO_MECHANISM (&__gss_spnego_mechanism_oid_desc) + + /* From Luke Howard */ +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_peer_has_updated_spnego_oid_desc; +#define GSS_C_PEER_HAS_UPDATED_SPNEGO (&__gss_c_peer_has_updated_spnego_oid_desc) + +/* + * OID mappings with name and short description and and slightly longer description + */ +/* + * RFC5587 + */ +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_mech_concrete_oid_desc; +#define GSS_C_MA_MECH_CONCRETE (&__gss_c_ma_mech_concrete_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_mech_pseudo_oid_desc; +#define GSS_C_MA_MECH_PSEUDO (&__gss_c_ma_mech_pseudo_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_mech_composite_oid_desc; +#define GSS_C_MA_MECH_COMPOSITE (&__gss_c_ma_mech_composite_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_mech_nego_oid_desc; +#define GSS_C_MA_MECH_NEGO (&__gss_c_ma_mech_nego_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_mech_glue_oid_desc; +#define GSS_C_MA_MECH_GLUE (&__gss_c_ma_mech_glue_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_not_mech_oid_desc; +#define GSS_C_MA_NOT_MECH (&__gss_c_ma_not_mech_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_deprecated_oid_desc; +#define GSS_C_MA_DEPRECATED (&__gss_c_ma_deprecated_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_not_dflt_mech_oid_desc; +#define GSS_C_MA_NOT_DFLT_MECH (&__gss_c_ma_not_dflt_mech_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_itok_framed_oid_desc; +#define GSS_C_MA_ITOK_FRAMED (&__gss_c_ma_itok_framed_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_auth_init_oid_desc; +#define GSS_C_MA_AUTH_INIT (&__gss_c_ma_auth_init_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_auth_targ_oid_desc; +#define GSS_C_MA_AUTH_TARG (&__gss_c_ma_auth_targ_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_auth_init_init_oid_desc; +#define GSS_C_MA_AUTH_INIT_INIT (&__gss_c_ma_auth_init_init_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_auth_targ_init_oid_desc; +#define GSS_C_MA_AUTH_TARG_INIT (&__gss_c_ma_auth_targ_init_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_auth_init_anon_oid_desc; +#define GSS_C_MA_AUTH_INIT_ANON (&__gss_c_ma_auth_init_anon_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_auth_targ_anon_oid_desc; +#define GSS_C_MA_AUTH_TARG_ANON (&__gss_c_ma_auth_targ_anon_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_deleg_cred_oid_desc; +#define GSS_C_MA_DELEG_CRED (&__gss_c_ma_deleg_cred_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_integ_prot_oid_desc; +#define GSS_C_MA_INTEG_PROT (&__gss_c_ma_integ_prot_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_conf_prot_oid_desc; +#define GSS_C_MA_CONF_PROT (&__gss_c_ma_conf_prot_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_mic_oid_desc; +#define GSS_C_MA_MIC (&__gss_c_ma_mic_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_wrap_oid_desc; +#define GSS_C_MA_WRAP (&__gss_c_ma_wrap_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_prot_ready_oid_desc; +#define GSS_C_MA_PROT_READY (&__gss_c_ma_prot_ready_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_replay_det_oid_desc; +#define GSS_C_MA_REPLAY_DET (&__gss_c_ma_replay_det_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_oos_det_oid_desc; +#define GSS_C_MA_OOS_DET (&__gss_c_ma_oos_det_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_cbindings_oid_desc; +#define GSS_C_MA_CBINDINGS (&__gss_c_ma_cbindings_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_pfs_oid_desc; +#define GSS_C_MA_PFS (&__gss_c_ma_pfs_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_compress_oid_desc; +#define GSS_C_MA_COMPRESS (&__gss_c_ma_compress_oid_desc) + +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_ma_ctx_trans_oid_desc; +#define GSS_C_MA_CTX_TRANS (&__gss_c_ma_ctx_trans_oid_desc) + +#endif /* GSSAPI_GSSAPI_OID */ diff --git a/lib/gssapi/gssapi/gssapi_spnego.h b/lib/gssapi/gssapi/gssapi_spnego.h index fbb7906369be..dd3b2a5c3f8b 100644 --- a/lib/gssapi/gssapi/gssapi_spnego.h +++ b/lib/gssapi/gssapi/gssapi_spnego.h @@ -1,46 +1,44 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: gssapi_spnego.h 18335 2006-10-07 22:26:21Z lha $ */ +/* $Id$ */ #ifndef GSSAPI_SPNEGO_H_ #define GSSAPI_SPNEGO_H_ #include -#ifdef __cplusplus -extern "C" { -#endif +GSSAPI_CPP_START /* * RFC2478, SPNEGO: @@ -48,11 +46,10 @@ extern "C" { * negotiation token is identified by the Object Identifier * iso.org.dod.internet.security.mechanism.snego (1.3.6.1.5.5.2). */ -extern gss_OID GSS_SPNEGO_MECHANISM; +extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_spnego_mechanism_oid_desc; +#define GSS_SPNEGO_MECHANISM (&__gss_spnego_mechanism_oid_desc) #define gss_mech_spnego GSS_SPNEGO_MECHANISM -#ifdef __cplusplus -} -#endif +GSSAPI_CPP_END #endif /* GSSAPI_SPNEGO_H_ */ diff --git a/lib/gssapi/gssapi_mech.h b/lib/gssapi/gssapi_mech.h index 7737bf5837f4..e4ccfdb0cd99 100644 --- a/lib/gssapi/gssapi_mech.h +++ b/lib/gssapi/gssapi_mech.h @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD: vendor-crypto/heimdal/dist/lib/gssapi/gssapi_mech.h 225864 2011-09-29 05:23:57Z stas $ + * $FreeBSD: src/lib/libgssapi/mech_switch.h,v 1.1 2005/12/29 14:40:20 dfr Exp $ */ #ifndef GSSAPI_MECH_H @@ -31,7 +31,7 @@ #include -typedef OM_uint32 _gss_acquire_cred_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_acquire_cred_t (OM_uint32 *, /* minor_status */ const gss_name_t, /* desired_name */ OM_uint32, /* time_req */ @@ -42,12 +42,12 @@ typedef OM_uint32 _gss_acquire_cred_t OM_uint32 * /* time_rec */ ); -typedef OM_uint32 _gss_release_cred_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_release_cred_t (OM_uint32 *, /* minor_status */ gss_cred_id_t * /* cred_handle */ ); -typedef OM_uint32 _gss_init_sec_context_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_init_sec_context_t (OM_uint32 *, /* minor_status */ const gss_cred_id_t, /* initiator_cred_handle */ gss_ctx_id_t *, /* context_handle */ @@ -64,7 +64,7 @@ typedef OM_uint32 _gss_init_sec_context_t OM_uint32 * /* time_rec */ ); -typedef OM_uint32 _gss_accept_sec_context_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_accept_sec_context_t (OM_uint32 *, /* minor_status */ gss_ctx_id_t *, /* context_handle */ const gss_cred_id_t, /* acceptor_cred_handle */ @@ -79,25 +79,25 @@ typedef OM_uint32 _gss_accept_sec_context_t gss_cred_id_t * /* delegated_cred_handle */ ); -typedef OM_uint32 _gss_process_context_token_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_process_context_token_t (OM_uint32 *, /* minor_status */ const gss_ctx_id_t, /* context_handle */ const gss_buffer_t /* token_buffer */ ); -typedef OM_uint32 _gss_delete_sec_context_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_delete_sec_context_t (OM_uint32 *, /* minor_status */ gss_ctx_id_t *, /* context_handle */ gss_buffer_t /* output_token */ ); -typedef OM_uint32 _gss_context_time_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_context_time_t (OM_uint32 *, /* minor_status */ const gss_ctx_id_t, /* context_handle */ OM_uint32 * /* time_rec */ ); -typedef OM_uint32 _gss_get_mic_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_get_mic_t (OM_uint32 *, /* minor_status */ const gss_ctx_id_t, /* context_handle */ gss_qop_t, /* qop_req */ @@ -105,7 +105,7 @@ typedef OM_uint32 _gss_get_mic_t gss_buffer_t /* message_token */ ); -typedef OM_uint32 _gss_verify_mic_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_verify_mic_t (OM_uint32 *, /* minor_status */ const gss_ctx_id_t, /* context_handle */ const gss_buffer_t, /* message_buffer */ @@ -113,7 +113,7 @@ typedef OM_uint32 _gss_verify_mic_t gss_qop_t * /* qop_state */ ); -typedef OM_uint32 _gss_wrap_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_wrap_t (OM_uint32 *, /* minor_status */ const gss_ctx_id_t, /* context_handle */ int, /* conf_req_flag */ @@ -123,7 +123,7 @@ typedef OM_uint32 _gss_wrap_t gss_buffer_t /* output_message_buffer */ ); -typedef OM_uint32 _gss_unwrap_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_unwrap_t (OM_uint32 *, /* minor_status */ const gss_ctx_id_t, /* context_handle */ const gss_buffer_t, /* input_message_buffer */ @@ -132,7 +132,7 @@ typedef OM_uint32 _gss_unwrap_t gss_qop_t * /* qop_state */ ); -typedef OM_uint32 _gss_display_status_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_display_status_t (OM_uint32 *, /* minor_status */ OM_uint32, /* status_value */ int, /* status_type */ @@ -141,44 +141,44 @@ typedef OM_uint32 _gss_display_status_t gss_buffer_t /* status_string */ ); -typedef OM_uint32 _gss_indicate_mechs_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_indicate_mechs_t (OM_uint32 *, /* minor_status */ gss_OID_set * /* mech_set */ ); -typedef OM_uint32 _gss_compare_name_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_compare_name_t (OM_uint32 *, /* minor_status */ const gss_name_t, /* name1 */ const gss_name_t, /* name2 */ int * /* name_equal */ ); -typedef OM_uint32 _gss_display_name_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_display_name_t (OM_uint32 *, /* minor_status */ const gss_name_t, /* input_name */ gss_buffer_t, /* output_name_buffer */ gss_OID * /* output_name_type */ ); -typedef OM_uint32 _gss_import_name_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_import_name_t (OM_uint32 *, /* minor_status */ const gss_buffer_t, /* input_name_buffer */ const gss_OID, /* input_name_type */ gss_name_t * /* output_name */ ); -typedef OM_uint32 _gss_export_name_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_export_name_t (OM_uint32 *, /* minor_status */ const gss_name_t, /* input_name */ gss_buffer_t /* exported_name */ ); -typedef OM_uint32 _gss_release_name_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_release_name_t (OM_uint32 *, /* minor_status */ gss_name_t * /* input_name */ ); -typedef OM_uint32 _gss_inquire_cred_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_cred_t (OM_uint32 *, /* minor_status */ const gss_cred_id_t, /* cred_handle */ gss_name_t *, /* name */ @@ -187,7 +187,7 @@ typedef OM_uint32 _gss_inquire_cred_t gss_OID_set * /* mechanisms */ ); -typedef OM_uint32 _gss_inquire_context_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_context_t (OM_uint32 *, /* minor_status */ const gss_ctx_id_t, /* context_handle */ gss_name_t *, /* src_name */ @@ -199,7 +199,7 @@ typedef OM_uint32 _gss_inquire_context_t int * /* open */ ); -typedef OM_uint32 _gss_wrap_size_limit_t +typedef OM_uint32 GSSAPI_CALLCONV _gss_wrap_size_limit_t (OM_uint32 *, /* minor_status */ const gss_ctx_id_t, /* context_handle */ int, /* conf_req_flag */ @@ -208,7 +208,7 @@ typedef OM_uint32 _gss_wrap_size_limit_t OM_uint32 * /* max_input_size */ ); -typedef OM_uint32 _gss_add_cred_t ( +typedef OM_uint32 GSSAPI_CALLCONV _gss_add_cred_t ( OM_uint32 *, /* minor_status */ const gss_cred_id_t, /* input_cred_handle */ const gss_name_t, /* desired_name */ @@ -222,7 +222,7 @@ typedef OM_uint32 _gss_add_cred_t ( OM_uint32 * /* acceptor_time_rec */ ); -typedef OM_uint32 _gss_inquire_cred_by_mech_t ( +typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_cred_by_mech_t ( OM_uint32 *, /* minor_status */ const gss_cred_id_t, /* cred_handle */ const gss_OID, /* mech_type */ @@ -232,65 +232,65 @@ typedef OM_uint32 _gss_inquire_cred_by_mech_t ( gss_cred_usage_t * /* cred_usage */ ); -typedef OM_uint32 _gss_export_sec_context_t ( +typedef OM_uint32 GSSAPI_CALLCONV _gss_export_sec_context_t ( OM_uint32 *, /* minor_status */ gss_ctx_id_t *, /* context_handle */ gss_buffer_t /* interprocess_token */ ); -typedef OM_uint32 _gss_import_sec_context_t ( +typedef OM_uint32 GSSAPI_CALLCONV _gss_import_sec_context_t ( OM_uint32 *, /* minor_status */ const gss_buffer_t, /* interprocess_token */ gss_ctx_id_t * /* context_handle */ ); -typedef OM_uint32 _gss_inquire_names_for_mech_t ( +typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_names_for_mech_t ( OM_uint32 *, /* minor_status */ const gss_OID, /* mechanism */ gss_OID_set * /* name_types */ ); -typedef OM_uint32 _gss_inquire_mechs_for_name_t ( +typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_mechs_for_name_t ( OM_uint32 *, /* minor_status */ const gss_name_t, /* input_name */ gss_OID_set * /* mech_types */ ); -typedef OM_uint32 _gss_canonicalize_name_t ( +typedef OM_uint32 GSSAPI_CALLCONV _gss_canonicalize_name_t ( OM_uint32 *, /* minor_status */ const gss_name_t, /* input_name */ const gss_OID, /* mech_type */ gss_name_t * /* output_name */ ); -typedef OM_uint32 _gss_duplicate_name_t ( +typedef OM_uint32 GSSAPI_CALLCONV _gss_duplicate_name_t ( OM_uint32 *, /* minor_status */ const gss_name_t, /* src_name */ gss_name_t * /* dest_name */ ); -typedef OM_uint32 _gss_inquire_sec_context_by_oid ( +typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_sec_context_by_oid ( OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_OID desired_object, gss_buffer_set_t *data_set ); -typedef OM_uint32 _gss_inquire_cred_by_oid ( +typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_cred_by_oid ( OM_uint32 *minor_status, const gss_cred_id_t cred, const gss_OID desired_object, gss_buffer_set_t *data_set ); -typedef OM_uint32 _gss_set_sec_context_option ( +typedef OM_uint32 GSSAPI_CALLCONV _gss_set_sec_context_option ( OM_uint32 *minor_status, gss_ctx_id_t *cred_handle, const gss_OID desired_object, const gss_buffer_t value ); -typedef OM_uint32 _gss_set_cred_option ( +typedef OM_uint32 GSSAPI_CALLCONV _gss_set_cred_option ( OM_uint32 *minor_status, gss_cred_id_t *cred_handle, const gss_OID desired_object, @@ -298,7 +298,7 @@ typedef OM_uint32 _gss_set_cred_option ( ); -typedef OM_uint32 _gss_pseudo_random( +typedef OM_uint32 GSSAPI_CALLCONV _gss_pseudo_random( OM_uint32 *minor_status, gss_ctx_id_t context, int prf_key, @@ -307,12 +307,186 @@ typedef OM_uint32 _gss_pseudo_random( gss_buffer_t prf_out ); -#define GMI_VERSION 1 +typedef OM_uint32 GSSAPI_CALLCONV +_gss_wrap_iov_t(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + int * conf_state, + gss_iov_buffer_desc *iov, + int iov_count); + +typedef OM_uint32 GSSAPI_CALLCONV +_gss_unwrap_iov_t(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int *conf_state, + gss_qop_t *qop_state, + gss_iov_buffer_desc *iov, + int iov_count); + +typedef OM_uint32 GSSAPI_CALLCONV +_gss_wrap_iov_length_t(OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + int *conf_state, + gss_iov_buffer_desc *iov, + int iov_count); + +typedef OM_uint32 GSSAPI_CALLCONV +_gss_store_cred_t(OM_uint32 *minor_status, + gss_cred_id_t input_cred_handle, + gss_cred_usage_t cred_usage, + const gss_OID desired_mech, + OM_uint32 overwrite_cred, + OM_uint32 default_cred, + gss_OID_set *elements_stored, + gss_cred_usage_t *cred_usage_stored); + +typedef OM_uint32 GSSAPI_CALLCONV +_gss_export_cred_t(OM_uint32 *minor_status, + gss_cred_id_t cred_handle, + gss_buffer_t cred_token); + +typedef OM_uint32 GSSAPI_CALLCONV +_gss_import_cred_t(OM_uint32 * minor_status, + gss_buffer_t cred_token, + gss_cred_id_t * cred_handle); + + +typedef OM_uint32 GSSAPI_CALLCONV +_gss_acquire_cred_ext_t(OM_uint32 * /*minor_status */, + const gss_name_t /* desired_name */, + gss_const_OID /* credential_type */, + const void * /* credential_data */, + OM_uint32 /* time_req */, + gss_const_OID /* desired_mech */, + gss_cred_usage_t /* cred_usage */, + gss_cred_id_t * /* output_cred_handle */); + +typedef void GSSAPI_CALLCONV +_gss_iter_creds_t(OM_uint32 /* flags */, + void * /* userctx */, + void (* /*cred_iter */ )(void *, gss_OID, gss_cred_id_t)); + +typedef OM_uint32 GSSAPI_CALLCONV +_gss_destroy_cred_t(OM_uint32 * /* minor_status */, + gss_cred_id_t * /* cred */); + +typedef OM_uint32 GSSAPI_CALLCONV +_gss_cred_hold_t(OM_uint32 * /* minor_status */, + gss_cred_id_t /* cred */); + +typedef OM_uint32 GSSAPI_CALLCONV +_gss_cred_unhold_t(OM_uint32 * /* minor_status */, + gss_cred_id_t /* cred */); + +typedef OM_uint32 GSSAPI_CALLCONV +_gss_cred_label_set_t(OM_uint32 * /* minor_status */, + gss_cred_id_t /* cred */, + const char * /* label */, + gss_buffer_t /* value */); + +typedef OM_uint32 GSSAPI_CALLCONV +_gss_cred_label_get_t(OM_uint32 * /* minor_status */, + gss_cred_id_t /* cred */, + const char * /* label */, + gss_buffer_t /* value */); + +typedef OM_uint32 GSSAPI_CALLCONV _gss_display_name_ext_t ( + OM_uint32 *, /* minor_status */ + gss_name_t, /* name */ + gss_OID, /* display_as_name_type */ + gss_buffer_t /* display_name */ + ); + +typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_name_t ( + OM_uint32 *, /* minor_status */ + gss_name_t, /* name */ + int *, /* name_is_MN */ + gss_OID *, /* MN_mech */ + gss_buffer_set_t * /* attrs */ + ); + +typedef OM_uint32 GSSAPI_CALLCONV _gss_get_name_attribute_t ( + OM_uint32 *, /* minor_status */ + gss_name_t, /* name */ + gss_buffer_t, /* attr */ + int *, /* authenticated */ + int *, /* complete */ + gss_buffer_t, /* value */ + gss_buffer_t, /* display_value */ + int * /* more */ + ); + +typedef OM_uint32 GSSAPI_CALLCONV _gss_set_name_attribute_t ( + OM_uint32 *, /* minor_status */ + gss_name_t, /* name */ + int, /* complete */ + gss_buffer_t, /* attr */ + gss_buffer_t /* value */ + ); + +typedef OM_uint32 GSSAPI_CALLCONV _gss_delete_name_attribute_t ( + OM_uint32 *, /* minor_status */ + gss_name_t, /* name */ + gss_buffer_t /* attr */ + ); + +typedef OM_uint32 GSSAPI_CALLCONV _gss_export_name_composite_t ( + OM_uint32 *, /* minor_status */ + gss_name_t, /* name */ + gss_buffer_t /* exp_composite_name */ + ); + +/* + * + */ + +typedef struct gss_mo_desc_struct gss_mo_desc; + +typedef OM_uint32 GSSAPI_CALLCONV +_gss_mo_init (OM_uint32 *, gss_OID, gss_mo_desc **, size_t *); + + +struct gss_mo_desc_struct { + gss_OID option; + OM_uint32 flags; +#define GSS_MO_MA 1 +#define GSS_MO_MA_CRITICAL 2 + const char *name; + void *ctx; + int (*get)(gss_const_OID, gss_mo_desc *, gss_buffer_t); + int (*set)(gss_const_OID, gss_mo_desc *, int, gss_buffer_t); +}; + +typedef OM_uint32 GSSAPI_CALLCONV _gss_pname_to_uid_t ( + OM_uint32 *, /* minor_status */ + const gss_name_t, /* name */ + const gss_OID, /* mech_type */ + uid_t * /* uidOut */ + ); + +typedef OM_uint32 GSSAPI_CALLCONV _gss_authorize_localname_t ( + OM_uint32 *, /* minor_status */ + const gss_name_t, /* name */ + gss_const_buffer_t, /* user */ + gss_const_OID /* user_name_type */ + ); + +/* mechglue internal */ +struct gss_mech_compat_desc_struct; + +#define GMI_VERSION 5 + +/* gm_flags */ +#define GM_USE_MG_CRED 1 /* uses mech glue credentials */ typedef struct gssapi_mech_interface_desc { unsigned gm_version; const char *gm_name; gss_OID_desc gm_mech_oid; + unsigned gm_flags; _gss_acquire_cred_t *gm_acquire_cred; _gss_release_cred_t *gm_release_cred; _gss_init_sec_context_t *gm_init_sec_context; @@ -347,13 +521,74 @@ typedef struct gssapi_mech_interface_desc { _gss_set_sec_context_option *gm_set_sec_context_option; _gss_set_cred_option *gm_set_cred_option; _gss_pseudo_random *gm_pseudo_random; + _gss_wrap_iov_t *gm_wrap_iov; + _gss_unwrap_iov_t *gm_unwrap_iov; + _gss_wrap_iov_length_t *gm_wrap_iov_length; + _gss_store_cred_t *gm_store_cred; + _gss_export_cred_t *gm_export_cred; + _gss_import_cred_t *gm_import_cred; + _gss_acquire_cred_ext_t *gm_acquire_cred_ext; + _gss_iter_creds_t *gm_iter_creds; + _gss_destroy_cred_t *gm_destroy_cred; + _gss_cred_hold_t *gm_cred_hold; + _gss_cred_unhold_t *gm_cred_unhold; + _gss_cred_label_get_t *gm_cred_label_get; + _gss_cred_label_set_t *gm_cred_label_set; + gss_mo_desc *gm_mo; + size_t gm_mo_num; + _gss_pname_to_uid_t *gm_pname_to_uid; + _gss_authorize_localname_t *gm_authorize_localname; + _gss_display_name_ext_t *gm_display_name_ext; + _gss_inquire_name_t *gm_inquire_name; + _gss_get_name_attribute_t *gm_get_name_attribute; + _gss_set_name_attribute_t *gm_set_name_attribute; + _gss_delete_name_attribute_t *gm_delete_name_attribute; + _gss_export_name_composite_t *gm_export_name_composite; + struct gss_mech_compat_desc_struct *gm_compat; } gssapi_mech_interface_desc, *gssapi_mech_interface; gssapi_mech_interface -__gss_get_mechanism(gss_OID /* oid */); +__gss_get_mechanism(gss_const_OID /* oid */); gssapi_mech_interface __gss_spnego_initialize(void); gssapi_mech_interface __gss_krb5_initialize(void); gssapi_mech_interface __gss_ntlm_initialize(void); +void gss_mg_collect_error(gss_OID, OM_uint32, OM_uint32); + +int _gss_mo_get_option_1(gss_const_OID, gss_mo_desc *, gss_buffer_t); +int _gss_mo_get_option_0(gss_const_OID, gss_mo_desc *, gss_buffer_t); +int _gss_mo_get_ctx_as_string(gss_const_OID, gss_mo_desc *, gss_buffer_t); + +struct _gss_oid_name_table { + gss_OID oid; + const char *name; + const char *short_desc; + const char *long_desc; +}; + +extern struct _gss_oid_name_table _gss_ont_mech[]; +extern struct _gss_oid_name_table _gss_ont_ma[]; + +/* + * Extended credentials acqusition API, not to be exported until + * it or something equivalent has been standardised. + */ +extern gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_cred_password_oid_desc; +#define GSS_C_CRED_PASSWORD (&__gss_c_cred_password_oid_desc) + +extern gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_cred_certificate_oid_desc; +#define GSS_C_CRED_CERTIFICATE (&__gss_c_cred_certificate_oid_desc) + +OM_uint32 _gss_acquire_cred_ext + (OM_uint32 * /*minor_status*/, + const gss_name_t /*desired_name*/, + gss_const_OID /*credential_type*/, + const void * /*credential_data*/, + OM_uint32 /*time_req*/, + gss_const_OID /*desired_mech*/, + gss_cred_usage_t /*cred_usage*/, + gss_cred_id_t * /*output_cred_handle*/ + ); + #endif /* GSSAPI_MECH_H */ diff --git a/lib/gssapi/gss.c b/lib/gssapi/gsstool.c similarity index 50% rename from lib/gssapi/gss.c rename to lib/gssapi/gsstool.c index 739e8306363b..5ce3cb04a7d3 100644 --- a/lib/gssapi/gss.c +++ b/lib/gssapi/gsstool.c @@ -1,18 +1,20 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 - 2010 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -31,20 +33,19 @@ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif +#include #include #include +#include +#include +#include #include -#include #include #include #include -#include -RCSID("$Id: gss.c 19922 2007-01-16 09:32:03Z lha $"); static int version_flag = 0; static int help_flag = 0; @@ -64,6 +65,11 @@ usage (int ret) #define COL_OID "OID" #define COL_NAME "Name" +#define COL_DESC "Description" +#define COL_VALUE "Value" +#define COL_MECH "Mech" +#define COL_EXPIRE "Expire" +#define COL_SASL "SASL" int supported_mechanisms(void *argptr, int argc, char **argv) @@ -86,24 +92,37 @@ supported_mechanisms(void *argptr, int argc, char **argv) rtbl_set_separator(ct, " "); rtbl_add_column(ct, COL_OID, 0); rtbl_add_column(ct, COL_NAME, 0); + rtbl_add_column(ct, COL_DESC, 0); + rtbl_add_column(ct, COL_SASL, 0); for (i = 0; i < mechs->count; i++) { - gss_buffer_desc name; + gss_buffer_desc str, sasl_name, mech_name, mech_desc; - maj_stat = gss_oid_to_str(&min_stat, &mechs->elements[i], &name); + maj_stat = gss_oid_to_str(&min_stat, &mechs->elements[i], &str); if (maj_stat != GSS_S_COMPLETE) errx(1, "gss_oid_to_str failed"); rtbl_add_column_entryv(ct, COL_OID, "%.*s", - (int)name.length, (char *)name.value); - gss_release_buffer(&min_stat, &name); + (int)str.length, (char *)str.value); + gss_release_buffer(&min_stat, &str); + + (void)gss_inquire_saslname_for_mech(&min_stat, + &mechs->elements[i], + &sasl_name, + &mech_name, + &mech_desc); + + rtbl_add_column_entryv(ct, COL_NAME, "%.*s", + (int)mech_name.length, (char *)mech_name.value); + rtbl_add_column_entryv(ct, COL_DESC, "%.*s", + (int)mech_desc.length, (char *)mech_desc.value); + rtbl_add_column_entryv(ct, COL_SASL, "%.*s", + (int)sasl_name.length, (char *)sasl_name.value); + + gss_release_buffer(&min_stat, &mech_name); + gss_release_buffer(&min_stat, &mech_desc); + gss_release_buffer(&min_stat, &sasl_name); - if (gss_oid_equal(&mechs->elements[i], GSS_KRB5_MECHANISM)) - rtbl_add_column_entry(ct, COL_NAME, "Kerberos 5"); - else if (gss_oid_equal(&mechs->elements[i], GSS_SPNEGO_MECHANISM)) - rtbl_add_column_entry(ct, COL_NAME, "SPNEGO"); - else if (gss_oid_equal(&mechs->elements[i], GSS_NTLM_MECHANISM)) - rtbl_add_column_entry(ct, COL_NAME, "NTLM"); } gss_release_oid_set(&min_stat, &mechs); @@ -113,57 +132,88 @@ supported_mechanisms(void *argptr, int argc, char **argv) return 0; } -#if 0 -/* - * - */ +static void +print_mech_attr(const char *mechname, gss_const_OID mech, gss_OID_set set) +{ + gss_buffer_desc name, desc; + OM_uint32 major, minor; + rtbl_t ct; + size_t n; -#define DOVEDOT_MAJOR_VERSION 1 -#define DOVEDOT_MINOR_VERSION 0 + ct = rtbl_create(); + if (ct == NULL) + errx(1, "rtbl_create"); -/* - S: MECH mech mech-parameters - S: MECH mech mech-parameters - S: VERSION major minor - S: CPID pid - S: CUID pid - S: ... - S: DONE - C: VERSION major minor - C: CPID pid + rtbl_set_separator(ct, " "); + rtbl_add_column(ct, COL_OID, 0); + rtbl_add_column(ct, COL_DESC, 0); + if (mech) + rtbl_add_column(ct, COL_VALUE, 0); - C: AUTH id method service= resp= - C: CONT id message + for (n = 0; n < set->count; n++) { + major = gss_display_mech_attr(&minor, &set->elements[n], &name, &desc, NULL); + if (major) + continue; + + rtbl_add_column_entryv(ct, COL_OID, "%.*s", + (int)name.length, (char *)name.value); + rtbl_add_column_entryv(ct, COL_DESC, "%.*s", + (int)desc.length, (char *)desc.value); + if (mech) { + gss_buffer_desc value; + + if (gss_mo_get(mech, &set->elements[n], &value) != 0) + value.length = 0; + + if (value.length) + rtbl_add_column_entryv(ct, COL_VALUE, "%.*s", + (int)value.length, (char *)value.value); + else + rtbl_add_column_entryv(ct, COL_VALUE, "<>"); + gss_release_buffer(&minor, &value); + } + + gss_release_buffer(&minor, &name); + gss_release_buffer(&minor, &desc); + } + + printf("attributes for: %s\n", mechname); + rtbl_format(ct, stdout); + rtbl_destroy(ct); +} - S: OK id user= - S: FAIL id reason= - S: CONTINUE id message -*/ int -dovecot_server(void *argptr, int argc, char **argv) +attrs_for_mech(struct attrs_for_mech_options *opt, int argc, char **argv) { - krb5_storage *sp; - int fd = 0; + gss_OID_set mech_attr = NULL, known_mech_attrs = NULL; + gss_OID mech = GSS_C_NO_OID; + OM_uint32 major, minor; - sp = krb5_storage_from_fd(fd); - if (sp == NULL) - errx(1, "krb5_storage_from_fd"); - - krb5_store_stringnl(sp, "MECH\tGSSAPI"); - krb5_store_stringnl(sp, "VERSION\t1\t0"); - krb5_store_stringnl(sp, "DONE"); - - while (1) { - char *cmd; - if (krb5_ret_stringnl(sp, &cmd) != 0) - break; - printf("cmd: %s\n", cmd); - free(cmd); + if (opt->mech_string) { + mech = gss_name_to_oid(opt->mech_string); + if (mech == NULL) + errx(1, "mech %s is unknown", opt->mech_string); } + + major = gss_inquire_attrs_for_mech(&minor, mech, &mech_attr, &known_mech_attrs); + if (major) + errx(1, "gss_inquire_attrs_for_mech"); + + if (mech) { + print_mech_attr(opt->mech_string, mech, mech_attr); + } + + if (opt->all_flag) { + print_mech_attr("all mechs", NULL, known_mech_attrs); + } + + gss_release_oid_set(&minor, &mech_attr); + gss_release_oid_set(&minor, &known_mech_attrs); + return 0; } -#endif + /* * @@ -184,7 +234,7 @@ main(int argc, char **argv) setprogname(argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); diff --git a/lib/gssapi/krb5/8003.c b/lib/gssapi/krb5/8003.c index 619cbf97fcbd..d4555c51042b 100644 --- a/lib/gssapi/krb5/8003.c +++ b/lib/gssapi/krb5/8003.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: 8003.c 18334 2006-10-07 22:16:04Z lha $"); +#include "gsskrb5_locl.h" krb5_error_code _gsskrb5_encode_om_uint32(OM_uint32 n, u_char *p) @@ -76,32 +74,36 @@ hash_input_chan_bindings (const gss_channel_bindings_t b, u_char *p) { u_char num[4]; - MD5_CTX md5; + EVP_MD_CTX *ctx; + + ctx = EVP_MD_CTX_create(); + EVP_DigestInit_ex(ctx, EVP_md5(), NULL); - MD5_Init(&md5); _gsskrb5_encode_om_uint32 (b->initiator_addrtype, num); - MD5_Update (&md5, num, sizeof(num)); + EVP_DigestUpdate(ctx, num, sizeof(num)); _gsskrb5_encode_om_uint32 (b->initiator_address.length, num); - MD5_Update (&md5, num, sizeof(num)); + EVP_DigestUpdate(ctx, num, sizeof(num)); if (b->initiator_address.length) - MD5_Update (&md5, - b->initiator_address.value, - b->initiator_address.length); + EVP_DigestUpdate(ctx, + b->initiator_address.value, + b->initiator_address.length); _gsskrb5_encode_om_uint32 (b->acceptor_addrtype, num); - MD5_Update (&md5, num, sizeof(num)); + EVP_DigestUpdate(ctx, num, sizeof(num)); _gsskrb5_encode_om_uint32 (b->acceptor_address.length, num); - MD5_Update (&md5, num, sizeof(num)); + EVP_DigestUpdate(ctx, num, sizeof(num)); if (b->acceptor_address.length) - MD5_Update (&md5, - b->acceptor_address.value, - b->acceptor_address.length); + EVP_DigestUpdate(ctx, + b->acceptor_address.value, + b->acceptor_address.length); _gsskrb5_encode_om_uint32 (b->application_data.length, num); - MD5_Update (&md5, num, sizeof(num)); + EVP_DigestUpdate(ctx, num, sizeof(num)); if (b->application_data.length) - MD5_Update (&md5, - b->application_data.value, - b->application_data.length); - MD5_Final (p, &md5); + EVP_DigestUpdate(ctx, + b->application_data.value, + b->application_data.length); + EVP_DigestFinal_ex(ctx, p, NULL); + EVP_MD_CTX_destroy(ctx); + return 0; } @@ -113,7 +115,7 @@ hash_input_chan_bindings (const gss_channel_bindings_t b, OM_uint32 _gsskrb5_create_8003_checksum ( - OM_uint32 *minor_status, + OM_uint32 *minor_status, const gss_channel_bindings_t input_chan_bindings, OM_uint32 flags, const krb5_data *fwd_data, @@ -121,20 +123,20 @@ _gsskrb5_create_8003_checksum ( { u_char *p; - /* - * see rfc1964 (section 1.1.1 (Initial Token), and the checksum value + /* + * see rfc1964 (section 1.1.1 (Initial Token), and the checksum value * field's format) */ result->cksumtype = CKSUMTYPE_GSSAPI; if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG)) result->checksum.length = 24 + 4 + fwd_data->length; - else + else result->checksum.length = 24; result->checksum.data = malloc (result->checksum.length); if (result->checksum.data == NULL) { *minor_status = ENOMEM; return GSS_S_FAILURE; } - + p = result->checksum.data; _gsskrb5_encode_om_uint32 (16, p); p += 4; @@ -157,7 +159,7 @@ _gsskrb5_create_8003_checksum ( p += fwd_data->length; } - + return GSS_S_COMPLETE; } @@ -168,7 +170,7 @@ _gsskrb5_create_8003_checksum ( OM_uint32 _gsskrb5_verify_8003_checksum( - OM_uint32 *minor_status, + OM_uint32 *minor_status, const gss_channel_bindings_t input_chan_bindings, const Checksum *cksum, OM_uint32 *flags, @@ -180,40 +182,35 @@ _gsskrb5_verify_8003_checksum( int DlgOpt; static unsigned char zeros[16]; - if (cksum == NULL) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - /* XXX should handle checksums > 24 bytes */ if(cksum->cksumtype != CKSUMTYPE_GSSAPI || cksum->checksum.length < 24) { *minor_status = 0; return GSS_S_BAD_BINDINGS; } - + p = cksum->checksum.data; _gsskrb5_decode_om_uint32(p, &length); if(length != sizeof(hash)) { *minor_status = 0; return GSS_S_BAD_BINDINGS; } - + p += 4; - + if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS && memcmp(p, zeros, sizeof(zeros)) != 0) { if(hash_input_chan_bindings(input_chan_bindings, hash) != 0) { *minor_status = 0; return GSS_S_BAD_BINDINGS; } - if(memcmp(hash, p, sizeof(hash)) != 0) { + if(ct_memcmp(hash, p, sizeof(hash)) != 0) { *minor_status = 0; return GSS_S_BAD_BINDINGS; } } - + p += sizeof(hash); - + _gsskrb5_decode_om_uint32(p, flags); p += 4; @@ -222,7 +219,7 @@ _gsskrb5_verify_8003_checksum( *minor_status = 0; return GSS_S_BAD_BINDINGS; } - + DlgOpt = (p[0] << 0) | (p[1] << 8); p += 2; if (DlgOpt != 1) { @@ -243,6 +240,6 @@ _gsskrb5_verify_8003_checksum( } memcpy(fwd_data->data, p, fwd_data->length); } - + return GSS_S_COMPLETE; } diff --git a/lib/gssapi/krb5/accept_sec_context.c b/lib/gssapi/krb5/accept_sec_context.c index 73b93ceba4c6..5a00e124c2cf 100644 --- a/lib/gssapi/krb5/accept_sec_context.c +++ b/lib/gssapi/krb5/accept_sec_context.c @@ -1,53 +1,71 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: accept_sec_context.c 20199 2007-02-07 22:36:39Z lha $"); +#include "gsskrb5_locl.h" HEIMDAL_MUTEX gssapi_keytab_mutex = HEIMDAL_MUTEX_INITIALIZER; krb5_keytab _gsskrb5_keytab; +static krb5_error_code +validate_keytab(krb5_context context, const char *name, krb5_keytab *id) +{ + krb5_error_code ret; + + ret = krb5_kt_resolve(context, name, id); + if (ret) + return ret; + + ret = krb5_kt_have_content(context, *id); + if (ret) { + krb5_kt_close(context, *id); + *id = NULL; + } + + return ret; +} + OM_uint32 -_gsskrb5_register_acceptor_identity (const char *identity) +_gsskrb5_register_acceptor_identity(OM_uint32 *min_stat, const char *identity) { krb5_context context; krb5_error_code ret; + *min_stat = 0; + ret = _gsskrb5_init(&context); if(ret) return GSS_S_FAILURE; - + HEIMDAL_MUTEX_lock(&gssapi_keytab_mutex); if(_gsskrb5_keytab != NULL) { @@ -57,29 +75,37 @@ _gsskrb5_register_acceptor_identity (const char *identity) if (identity == NULL) { ret = krb5_kt_default(context, &_gsskrb5_keytab); } else { - char *p; - - asprintf(&p, "FILE:%s", identity); - if(p == NULL) { - HEIMDAL_MUTEX_unlock(&gssapi_keytab_mutex); - return GSS_S_FAILURE; + /* + * First check if we can the keytab as is and if it has content... + */ + ret = validate_keytab(context, identity, &_gsskrb5_keytab); + /* + * if it doesn't, lets prepend FILE: and try again + */ + if (ret) { + char *p = NULL; + ret = asprintf(&p, "FILE:%s", identity); + if(ret < 0 || p == NULL) { + HEIMDAL_MUTEX_unlock(&gssapi_keytab_mutex); + return GSS_S_FAILURE; + } + ret = validate_keytab(context, p, &_gsskrb5_keytab); + free(p); } - ret = krb5_kt_resolve(context, p, &_gsskrb5_keytab); - free(p); } HEIMDAL_MUTEX_unlock(&gssapi_keytab_mutex); - if(ret) + if(ret) { + *min_stat = ret; return GSS_S_FAILURE; + } return GSS_S_COMPLETE; } void -_gsskrb5i_is_cfx(gsskrb5_ctx ctx, int *is_cfx) +_gsskrb5i_is_cfx(krb5_context context, gsskrb5_ctx ctx, int acceptor) { + krb5_error_code ret; krb5_keyblock *key; - int acceptor = (ctx->more_flags & LOCAL) == 0; - - *is_cfx = 0; if (acceptor) { if (ctx->auth_context->local_subkey) @@ -97,23 +123,28 @@ _gsskrb5i_is_cfx(gsskrb5_ctx ctx, int *is_cfx) if (key == NULL) return; - + switch (key->keytype) { case ETYPE_DES_CBC_CRC: case ETYPE_DES_CBC_MD4: case ETYPE_DES_CBC_MD5: case ETYPE_DES3_CBC_MD5: + case ETYPE_OLD_DES3_CBC_SHA1: case ETYPE_DES3_CBC_SHA1: case ETYPE_ARCFOUR_HMAC_MD5: case ETYPE_ARCFOUR_HMAC_MD5_56: break; default : - *is_cfx = 1; + ctx->more_flags |= IS_CFX; + if ((acceptor && ctx->auth_context->local_subkey) || (!acceptor && ctx->auth_context->remote_subkey)) ctx->more_flags |= ACCEPTOR_SUBKEY; break; } + if (ctx->crypto) + krb5_crypto_destroy(context, ctx->crypto); + ret = krb5_crypto_init(context, key, 0, &ctx->crypto); } @@ -128,7 +159,7 @@ gsskrb5_accept_delegated_token krb5_ccache ccache = NULL; krb5_error_code kret; int32_t ac_flags, ret = GSS_S_COMPLETE; - + *minor_status = 0; /* XXX Create a new delegated_cred_handle? */ @@ -136,7 +167,8 @@ gsskrb5_accept_delegated_token kret = krb5_cc_default (context, &ccache); } else { *delegated_cred_handle = NULL; - kret = krb5_cc_gen_new (context, &krb5_mcc_ops, &ccache); + kret = krb5_cc_new_unique (context, krb5_cc_type_memory, + NULL, &ccache); } if (kret) { ctx->flags &= ~GSS_C_DELEG_FLAG; @@ -148,7 +180,7 @@ gsskrb5_accept_delegated_token ctx->flags &= ~GSS_C_DELEG_FLAG; goto out; } - + krb5_auth_con_removeflags(context, ctx->auth_context, KRB5_AUTH_CONTEXT_DO_TIME, @@ -170,16 +202,16 @@ gsskrb5_accept_delegated_token if (delegated_cred_handle) { gsskrb5_cred handle; - ret = _gsskrb5_import_cred(minor_status, - ccache, - NULL, - NULL, - delegated_cred_handle); + ret = _gsskrb5_krb5_import_cred(minor_status, + ccache, + NULL, + NULL, + delegated_cred_handle); if (ret != GSS_S_COMPLETE) goto out; handle = (gsskrb5_cred) *delegated_cred_handle; - + handle->cred_flags |= GSS_CF_DESTROY_CRED_ON_RELEASE; krb5_cc_close(context, ccache); ccache = NULL; @@ -206,11 +238,12 @@ gsskrb5_acceptor_ready(OM_uint32 * minor_status, int32_t seq_number; int is_cfx = 0; - krb5_auth_getremoteseqnumber (context, - ctx->auth_context, - &seq_number); + krb5_auth_con_getremoteseqnumber (context, + ctx->auth_context, + &seq_number); - _gsskrb5i_is_cfx(ctx, &is_cfx); + _gsskrb5i_is_cfx(context, ctx, 1); + is_cfx = (ctx->more_flags & IS_CFX); ret = _gssapi_msg_order_create(minor_status, &ctx->order, @@ -219,7 +252,7 @@ gsskrb5_acceptor_ready(OM_uint32 * minor_status, if (ret) return ret; - /* + /* * If requested, set local sequence num to remote sequence if this * isn't a mutual authentication context */ @@ -250,6 +283,66 @@ gsskrb5_acceptor_ready(OM_uint32 * minor_status, return GSS_S_COMPLETE; } +static OM_uint32 +send_error_token(OM_uint32 *minor_status, + krb5_context context, + krb5_error_code kret, + krb5_principal server, + krb5_data *indata, + gss_buffer_t output_token) +{ + krb5_principal ap_req_server = NULL; + krb5_error_code ret; + krb5_data outbuf; + /* this e_data value encodes KERB_AP_ERR_TYPE_SKEW_RECOVERY which + tells windows to try again with the corrected timestamp. See + [MS-KILE] 2.2.1 KERB-ERROR-DATA */ + krb5_data e_data = { 7, rk_UNCONST("\x30\x05\xa1\x03\x02\x01\x02") }; + + /* build server from request if the acceptor had not selected one */ + if (server == NULL) { + AP_REQ ap_req; + + ret = krb5_decode_ap_req(context, indata, &ap_req); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + ret = _krb5_principalname2krb5_principal(context, + &ap_req_server, + ap_req.ticket.sname, + ap_req.ticket.realm); + free_AP_REQ(&ap_req); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + server = ap_req_server; + } + + ret = krb5_mk_error(context, kret, NULL, &e_data, NULL, + server, NULL, NULL, &outbuf); + if (ap_req_server) + krb5_free_principal(context, ap_req_server); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = _gsskrb5_encapsulate(minor_status, + &outbuf, + output_token, + "\x03\x00", + GSS_KRB5_MECHANISM); + krb5_data_free (&outbuf); + if (ret) + return ret; + + *minor_status = 0; + return GSS_S_CONTINUE_NEEDED; +} + + static OM_uint32 gsskrb5_acceptor_start(OM_uint32 * minor_status, gsskrb5_ctx ctx, @@ -296,7 +389,7 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, } else if (acceptor_cred->keytab != NULL) { keytab = acceptor_cred->keytab; } - + /* * We need to check the ticket and create the AP-REP packet */ @@ -304,6 +397,10 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, { krb5_rd_req_in_ctx in = NULL; krb5_rd_req_out_ctx out = NULL; + krb5_principal server = NULL; + + if (acceptor_cred) + server = acceptor_cred->principal; kret = krb5_rd_req_in_ctx_alloc(context, &in); if (kret == 0) @@ -311,30 +408,37 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, if (kret) { if (in) krb5_rd_req_in_ctx_free(context, in); - ret = GSS_S_FAILURE; *minor_status = kret; - return ret; + return GSS_S_FAILURE; } kret = krb5_rd_req_ctx(context, &ctx->auth_context, &indata, - (acceptor_cred_handle == GSS_C_NO_CREDENTIAL) ? NULL : acceptor_cred->principal, + server, in, &out); krb5_rd_req_in_ctx_free(context, in); - if (kret) { - ret = GSS_S_FAILURE; + if (kret == KRB5KRB_AP_ERR_SKEW || kret == KRB5KRB_AP_ERR_TKT_NYV) { + /* + * No reply in non-MUTUAL mode, but we don't know that its + * non-MUTUAL mode yet, thats inside the 8003 checksum, so + * lets only send the error token on clock skew, that + * limit when send error token for non-MUTUAL. + */ + return send_error_token(minor_status, context, kret, + server, &indata, output_token); + } else if (kret) { *minor_status = kret; - return ret; + return GSS_S_FAILURE; } /* - * We need to remember some data on the context_handle. + * we need to remember some data on the context_handle. */ kret = krb5_rd_req_out_get_ap_req_options(context, out, &ap_options); if (kret == 0) - kret = krb5_rd_req_out_get_ticket(context, out, + kret = krb5_rd_req_out_get_ticket(context, out, &ctx->ticket); if (kret == 0) kret = krb5_rd_req_out_get_keyblock(context, out, @@ -348,8 +452,8 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, return ret; } } - - + + /* * We need to copy the principal names to the context and the * calling layer. @@ -362,7 +466,7 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, *minor_status = kret; } - kret = krb5_copy_principal(context, + kret = krb5_copy_principal(context, ctx->ticket->server, &ctx->target); if (kret) { @@ -370,7 +474,7 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, *minor_status = kret; return ret; } - + /* * We need to setup some compat stuff, this assumes that * context_handle->target is already set. @@ -393,9 +497,10 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, /* * We need to get the flags out of the 8003 checksum. */ + { krb5_authenticator authenticator; - + kret = krb5_auth_con_getauthenticator(context, ctx->auth_context, &authenticator); @@ -405,6 +510,12 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, return ret; } + if (authenticator->cksum == NULL) { + krb5_free_authenticator(context, &authenticator); + *minor_status = 0; + return GSS_S_BAD_BINDINGS; + } + if (authenticator->cksum->cksumtype == CKSUMTYPE_GSSAPI) { ret = _gsskrb5_verify_8003_checksum(minor_status, input_chan_bindings, @@ -419,8 +530,8 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, } else { krb5_crypto crypto; - kret = krb5_crypto_init(context, - ctx->auth_context->keyblock, + kret = krb5_crypto_init(context, + ctx->auth_context->keyblock, 0, &crypto); if(kret) { krb5_free_authenticator(context, &authenticator); @@ -430,9 +541,9 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, return ret; } - /* + /* * Windows accepts Samba3's use of a kerberos, rather than - * GSSAPI checksum here + * GSSAPI checksum here */ kret = krb5_verify_checksum(context, @@ -447,28 +558,51 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, return ret; } - /* - * Samba style get some flags (but not DCE-STYLE) + /* + * Samba style get some flags (but not DCE-STYLE), use + * ap_options to guess the mutual flag. */ - ctx->flags = - GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG; + ctx->flags = GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG; + if (ap_options & AP_OPTS_MUTUAL_REQUIRED) + ctx->flags |= GSS_C_MUTUAL_FLAG; } } - + if(ctx->flags & GSS_C_MUTUAL_FLAG) { krb5_data outbuf; - - _gsskrb5i_is_cfx(ctx, &is_cfx); - - if (is_cfx != 0 - || (ap_options & AP_OPTS_USE_SUBKEY)) { - kret = krb5_auth_con_addflags(context, - ctx->auth_context, - KRB5_AUTH_CONTEXT_USE_SUBKEY, - NULL); - ctx->more_flags |= ACCEPTOR_SUBKEY; + int use_subkey = 0; + + _gsskrb5i_is_cfx(context, ctx, 1); + is_cfx = (ctx->more_flags & IS_CFX); + + if (is_cfx || (ap_options & AP_OPTS_USE_SUBKEY)) { + use_subkey = 1; + } else { + krb5_keyblock *rkey; + + /* + * If there is a initiator subkey, copy that to acceptor + * subkey to match Windows behavior + */ + kret = krb5_auth_con_getremotesubkey(context, + ctx->auth_context, + &rkey); + if (kret == 0) { + kret = krb5_auth_con_setlocalsubkey(context, + ctx->auth_context, + rkey); + if (kret == 0) + use_subkey = 1; + krb5_free_keyblock(context, rkey); + } } - + if (use_subkey) { + ctx->more_flags |= ACCEPTOR_SUBKEY; + krb5_auth_con_addflags(context, ctx->auth_context, + KRB5_AUTH_CONTEXT_USE_SUBKEY, + NULL); + } + kret = krb5_mk_rep(context, ctx->auth_context, &outbuf); @@ -476,7 +610,7 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, *minor_status = kret; return GSS_S_FAILURE; } - + if (IS_DCE_STYLE(ctx)) { output_token->length = outbuf.length; output_token->value = outbuf.data; @@ -491,17 +625,17 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, return ret; } } - + ctx->flags |= GSS_C_TRANS_FLAG; /* Remember the flags */ - + ctx->lifetime = ctx->ticket->ticket.endtime; ctx->more_flags |= OPEN; - + if (mech_type) *mech_type = GSS_KRB5_MECHANISM; - + if (time_rec) { ret = _gsskrb5_lifetime_left(minor_status, context, @@ -528,7 +662,7 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, return GSS_S_CONTINUE_NEEDED; } - ret = gsskrb5_acceptor_ready(minor_status, ctx, context, + ret = gsskrb5_acceptor_ready(minor_status, ctx, context, delegated_cred_handle); if (ret_flags) @@ -555,15 +689,15 @@ acceptor_wait_for_dcestyle(OM_uint32 * minor_status, krb5_error_code kret; krb5_data inbuf; int32_t r_seq_number, l_seq_number; - - /* + + /* * We know it's GSS_C_DCE_STYLE so we don't need to decapsulate the AP_REP */ inbuf.length = input_token_buffer->length; inbuf.data = input_token_buffer->value; - /* + /* * We need to remeber the old remote seq_number, then check if the * client has replied with our local seq_number, and then reset * the remote seq_number to the old value @@ -577,9 +711,9 @@ acceptor_wait_for_dcestyle(OM_uint32 * minor_status, return GSS_S_FAILURE; } - kret = krb5_auth_getremoteseqnumber(context, - ctx->auth_context, - &r_seq_number); + kret = krb5_auth_con_getremoteseqnumber(context, + ctx->auth_context, + &r_seq_number); if (kret) { *minor_status = kret; return GSS_S_FAILURE; @@ -594,15 +728,15 @@ acceptor_wait_for_dcestyle(OM_uint32 * minor_status, } } - /* + /* * We need to verify the AP_REP, but we need to flag that this is * DCE_STYLE, so don't check the timestamps this time, but put the * flag DO_TIME back afterward. - */ + */ { krb5_ap_rep_enc_part *repl; int32_t auth_flags; - + krb5_auth_con_removeflags(context, ctx->auth_context, KRB5_AUTH_CONTEXT_DO_TIME, @@ -631,7 +765,7 @@ acceptor_wait_for_dcestyle(OM_uint32 * minor_status, if (lifetime_rec == 0) { return GSS_S_CONTEXT_EXPIRED; } - + if (time_rec) *time_rec = lifetime_rec; } @@ -657,9 +791,9 @@ acceptor_wait_for_dcestyle(OM_uint32 * minor_status, { int32_t tmp_r_seq_number, tmp_l_seq_number; - kret = krb5_auth_getremoteseqnumber(context, - ctx->auth_context, - &tmp_r_seq_number); + kret = krb5_auth_con_getremoteseqnumber(context, + ctx->auth_context, + &tmp_r_seq_number); if (kret) { *minor_status = kret; return GSS_S_FAILURE; @@ -689,19 +823,19 @@ acceptor_wait_for_dcestyle(OM_uint32 * minor_status, { kret = krb5_auth_con_setremoteseqnumber(context, ctx->auth_context, - r_seq_number); + r_seq_number); if (kret) { *minor_status = kret; return GSS_S_FAILURE; } } - return gsskrb5_acceptor_ready(minor_status, ctx, context, + return gsskrb5_acceptor_ready(minor_status, ctx, context, delegated_cred_handle); } -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_accept_sec_context(OM_uint32 * minor_status, gss_ctx_id_t * context_handle, const gss_cred_id_t acceptor_cred_handle, @@ -737,17 +871,17 @@ _gsskrb5_accept_sec_context(OM_uint32 * minor_status, if (ret) return ret; } - + ctx = (gsskrb5_ctx)*context_handle; - + /* - * TODO: check the channel_bindings + * TODO: check the channel_bindings * (above just sets them to krb5 layer) */ HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - + switch (ctx->state) { case ACCEPTOR_START: ret = gsskrb5_acceptor_start(minor_status, @@ -778,7 +912,7 @@ _gsskrb5_accept_sec_context(OM_uint32 * minor_status, delegated_cred_handle); break; case ACCEPTOR_READY: - /* + /* * If we get there, the caller have called * gss_accept_sec_context() one time too many. */ @@ -789,9 +923,9 @@ _gsskrb5_accept_sec_context(OM_uint32 * minor_status, ret = GSS_S_BAD_STATUS; break; } - + HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - + if (GSS_ERROR(ret)) { OM_uint32 min2; _gsskrb5_delete_sec_context(&min2, context_handle, GSS_C_NO_BUFFER); diff --git a/lib/gssapi/krb5/acquire_cred.c b/lib/gssapi/krb5/acquire_cred.c index 6e13a4287b62..0f1f5f81cffc 100644 --- a/lib/gssapi/krb5/acquire_cred.c +++ b/lib/gssapi/krb5/acquire_cred.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: acquire_cred.c 22124 2007-12-04 00:03:52Z lha $"); +#include "gsskrb5_locl.h" OM_uint32 __gsskrb5_ccache_lifetime(OM_uint32 *minor_status, @@ -42,13 +40,13 @@ __gsskrb5_ccache_lifetime(OM_uint32 *minor_status, krb5_principal principal, OM_uint32 *lifetime) { - krb5_creds in_cred, *out_cred; + krb5_creds in_cred, out_cred; krb5_const_realm realm; krb5_error_code kret; memset(&in_cred, 0, sizeof(in_cred)); in_cred.client = principal; - + realm = krb5_principal_get_realm(context, principal); if (realm == NULL) { _gsskrb5_clear_status (); @@ -56,23 +54,23 @@ __gsskrb5_ccache_lifetime(OM_uint32 *minor_status, return GSS_S_FAILURE; } - kret = krb5_make_principal(context, &in_cred.server, + kret = krb5_make_principal(context, &in_cred.server, realm, KRB5_TGS_NAME, realm, NULL); if (kret) { *minor_status = kret; return GSS_S_FAILURE; } - kret = krb5_get_credentials(context, 0, - id, &in_cred, &out_cred); + kret = krb5_cc_retrieve_cred(context, id, 0, &in_cred, &out_cred); krb5_free_principal(context, in_cred.server); if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; + *minor_status = 0; + *lifetime = 0; + return GSS_S_COMPLETE; } - *lifetime = out_cred->times.endtime; - krb5_free_creds(context, out_cred); + *lifetime = out_cred.times.endtime; + krb5_free_cred_contents(context, &out_cred); return GSS_S_COMPLETE; } @@ -83,17 +81,18 @@ __gsskrb5_ccache_lifetime(OM_uint32 *minor_status, static krb5_error_code get_keytab(krb5_context context, krb5_keytab *keytab) { - char kt_name[256]; krb5_error_code kret; HEIMDAL_MUTEX_lock(&gssapi_keytab_mutex); if (_gsskrb5_keytab != NULL) { - kret = krb5_kt_get_name(context, - _gsskrb5_keytab, - kt_name, sizeof(kt_name)); - if (kret == 0) - kret = krb5_kt_resolve(context, kt_name, keytab); + char *name = NULL; + + kret = krb5_kt_get_full_name(context, _gsskrb5_keytab, &name); + if (kret == 0) { + kret = krb5_kt_resolve(context, name, keytab); + krb5_xfree(name); + } } else kret = krb5_kt_default(context, keytab); @@ -105,13 +104,13 @@ get_keytab(krb5_context context, krb5_keytab *keytab) static OM_uint32 acquire_initiator_cred (OM_uint32 * minor_status, krb5_context context, + gss_const_OID credential_type, + const void *credential_data, const gss_name_t desired_name, OM_uint32 time_req, - const gss_OID_set desired_mechs, + gss_const_OID desired_mech, gss_cred_usage_t cred_usage, - gsskrb5_cred handle, - gss_OID_set * actual_mechs, - OM_uint32 * time_rec + gsskrb5_cred handle ) { OM_uint32 ret; @@ -128,70 +127,100 @@ static OM_uint32 acquire_initiator_cred ret = GSS_S_FAILURE; memset(&cred, 0, sizeof(cred)); - /* If we have a preferred principal, lets try to find it in all - * caches, otherwise, fall back to default cache. Ignore - * errors. */ - if (handle->principal) + /* + * If we have a preferred principal, lets try to find it in all + * caches, otherwise, fall back to default cache, ignore all + * errors while searching. + */ + + if (credential_type != GSS_C_NO_OID && + !gss_oid_equal(credential_type, GSS_C_CRED_PASSWORD)) { + kret = KRB5_NOCREDS_SUPPLIED; /* XXX */ + goto end; + } + + if (handle->principal) { kret = krb5_cc_cache_match (context, handle->principal, - NULL, &ccache); - + if (kret == 0) { + ret = GSS_S_COMPLETE; + goto found; + } + } + if (ccache == NULL) { kret = krb5_cc_default(context, &ccache); if (kret) goto end; } - kret = krb5_cc_get_principal(context, ccache, - &def_princ); + kret = krb5_cc_get_principal(context, ccache, &def_princ); if (kret != 0) { /* we'll try to use a keytab below */ - krb5_cc_destroy(context, ccache); - ccache = NULL; + krb5_cc_close(context, ccache); + def_princ = NULL; kret = 0; } else if (handle->principal == NULL) { - kret = krb5_copy_principal(context, def_princ, - &handle->principal); + kret = krb5_copy_principal(context, def_princ, &handle->principal); if (kret) goto end; } else if (handle->principal != NULL && - krb5_principal_compare(context, handle->principal, - def_princ) == FALSE) { - /* Before failing, lets check the keytab */ + krb5_principal_compare(context, handle->principal, + def_princ) == FALSE) { krb5_free_principal(context, def_princ); def_princ = NULL; + krb5_cc_close(context, ccache); + ccache = NULL; } if (def_princ == NULL) { /* We have no existing credentials cache, * so attempt to get a TGT using a keytab. */ if (handle->principal == NULL) { - kret = krb5_get_default_principal(context, - &handle->principal); + kret = krb5_get_default_principal(context, &handle->principal); if (kret) goto end; } - kret = get_keytab(context, &keytab); - if (kret) - goto end; kret = krb5_get_init_creds_opt_alloc(context, &opt); if (kret) goto end; - kret = krb5_get_init_creds_keytab(context, &cred, - handle->principal, keytab, 0, NULL, opt); + if (credential_type != GSS_C_NO_OID && + gss_oid_equal(credential_type, GSS_C_CRED_PASSWORD)) { + gss_buffer_t password = (gss_buffer_t)credential_data; + + /* XXX are we requiring password to be NUL terminated? */ + + kret = krb5_get_init_creds_password(context, &cred, + handle->principal, + password->value, + NULL, NULL, 0, NULL, opt); + } else { + kret = get_keytab(context, &keytab); + if (kret) { + krb5_get_init_creds_opt_free(context, opt); + goto end; + } + kret = krb5_get_init_creds_keytab(context, &cred, + handle->principal, keytab, + 0, NULL, opt); + } krb5_get_init_creds_opt_free(context, opt); if (kret) goto end; - kret = krb5_cc_gen_new(context, &krb5_mcc_ops, - &ccache); + kret = krb5_cc_new_unique(context, krb5_cc_type_memory, + NULL, &ccache); if (kret) goto end; kret = krb5_cc_initialize(context, ccache, cred.client); - if (kret) + if (kret) { + krb5_cc_destroy(context, ccache); goto end; + } kret = krb5_cc_store_cred(context, ccache, &cred); - if (kret) + if (kret) { + krb5_cc_destroy(context, ccache); goto end; + } handle->lifetime = cred.times.endtime; handle->cred_flags |= GSS_CF_DESTROY_CRED_ON_RELEASE; } else { @@ -201,11 +230,13 @@ static OM_uint32 acquire_initiator_cred ccache, handle->principal, &handle->lifetime); - if (ret != GSS_S_COMPLETE) + if (ret != GSS_S_COMPLETE) { + krb5_cc_close(context, ccache); goto end; + } kret = 0; } - + found: handle->ccache = ccache; ret = GSS_S_COMPLETE; @@ -216,49 +247,49 @@ static OM_uint32 acquire_initiator_cred krb5_free_principal(context, def_princ); if (keytab != NULL) krb5_kt_close(context, keytab); - if (ret != GSS_S_COMPLETE) { - if (ccache != NULL) - krb5_cc_close(context, ccache); - if (kret != 0) { - *minor_status = kret; - } - } + if (ret != GSS_S_COMPLETE && kret != 0) + *minor_status = kret; return (ret); } static OM_uint32 acquire_acceptor_cred (OM_uint32 * minor_status, krb5_context context, + gss_const_OID credential_type, + const void *credential_data, const gss_name_t desired_name, OM_uint32 time_req, - const gss_OID_set desired_mechs, + gss_const_OID desired_mech, gss_cred_usage_t cred_usage, - gsskrb5_cred handle, - gss_OID_set * actual_mechs, - OM_uint32 * time_rec + gsskrb5_cred handle ) { OM_uint32 ret; krb5_error_code kret; - kret = 0; ret = GSS_S_FAILURE; + + if (credential_type != GSS_C_NO_OID) { + kret = EINVAL; + goto end; + } + kret = get_keytab(context, &handle->keytab); if (kret) goto end; - + /* check that the requested principal exists in the keytab */ if (handle->principal) { krb5_keytab_entry entry; - kret = krb5_kt_get_entry(context, handle->keytab, + kret = krb5_kt_get_entry(context, handle->keytab, handle->principal, 0, 0, &entry); if (kret) goto end; krb5_kt_free_entry(context, &entry); ret = GSS_S_COMPLETE; } else { - /* + /* * Check if there is at least one entry in the keytab before * declaring it as an useful keytab. */ @@ -273,7 +304,7 @@ static OM_uint32 acquire_acceptor_cred ret = GSS_S_COMPLETE; /* ok found one entry */ } krb5_kt_end_seq_get (context, handle->keytab, &c); - } + } end: if (ret != GSS_S_COMPLETE) { if (handle->keytab != NULL) @@ -285,7 +316,7 @@ static OM_uint32 acquire_acceptor_cred return (ret); } -OM_uint32 _gsskrb5_acquire_cred +OM_uint32 GSSAPI_CALLCONV _gsskrb5_acquire_cred (OM_uint32 * minor_status, const gss_name_t desired_name, OM_uint32 time_req, @@ -295,11 +326,61 @@ OM_uint32 _gsskrb5_acquire_cred gss_OID_set * actual_mechs, OM_uint32 * time_rec ) +{ + OM_uint32 ret; + + if (desired_mechs) { + int present = 0; + + ret = gss_test_oid_set_member(minor_status, GSS_KRB5_MECHANISM, + desired_mechs, &present); + if (ret) + return ret; + if (!present) { + *minor_status = 0; + return GSS_S_BAD_MECH; + } + } + + ret = _gsskrb5_acquire_cred_ext(minor_status, + desired_name, + GSS_C_NO_OID, + NULL, + time_req, + GSS_KRB5_MECHANISM, + cred_usage, + output_cred_handle); + if (ret) + return ret; + + + ret = _gsskrb5_inquire_cred(minor_status, *output_cred_handle, + NULL, time_rec, NULL, actual_mechs); + if (ret) { + OM_uint32 tmp; + _gsskrb5_release_cred(&tmp, output_cred_handle); + } + + return ret; +} + +OM_uint32 GSSAPI_CALLCONV _gsskrb5_acquire_cred_ext +(OM_uint32 * minor_status, + const gss_name_t desired_name, + gss_const_OID credential_type, + const void *credential_data, + OM_uint32 time_req, + gss_const_OID desired_mech, + gss_cred_usage_t cred_usage, + gss_cred_id_t * output_cred_handle + ) { krb5_context context; gsskrb5_cred handle; OM_uint32 ret; + cred_usage &= GSS_C_OPTION_MASK; + if (cred_usage != GSS_C_ACCEPT && cred_usage != GSS_C_INITIATE && cred_usage != GSS_C_BOTH) { *minor_status = GSS_KRB5_S_G_BAD_USAGE; return GSS_S_FAILURE; @@ -308,23 +389,6 @@ OM_uint32 _gsskrb5_acquire_cred GSSAPI_KRB5_INIT(&context); *output_cred_handle = NULL; - if (time_rec) - *time_rec = 0; - if (actual_mechs) - *actual_mechs = GSS_C_NO_OID_SET; - - if (desired_mechs) { - int present = 0; - - ret = gss_test_oid_set_member(minor_status, GSS_KRB5_MECHANISM, - desired_mechs, &present); - if (ret) - return ret; - if (!present) { - *minor_status = 0; - return GSS_S_BAD_MECH; - } - } handle = calloc(1, sizeof(*handle)); if (handle == NULL) { @@ -335,20 +399,19 @@ OM_uint32 _gsskrb5_acquire_cred HEIMDAL_MUTEX_init(&handle->cred_id_mutex); if (desired_name != GSS_C_NO_NAME) { - krb5_principal name = (krb5_principal)desired_name; - ret = krb5_copy_principal(context, name, &handle->principal); + ret = _gsskrb5_canon_name(minor_status, context, 1, NULL, + desired_name, &handle->principal); if (ret) { HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex); - *minor_status = ret; free(handle); - return GSS_S_FAILURE; + return ret; } } if (cred_usage == GSS_C_INITIATE || cred_usage == GSS_C_BOTH) { ret = acquire_initiator_cred(minor_status, context, + credential_type, credential_data, desired_name, time_req, - desired_mechs, cred_usage, handle, - actual_mechs, time_rec); + desired_mech, cred_usage, handle); if (ret != GSS_S_COMPLETE) { HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex); krb5_free_principal(context, handle->principal); @@ -358,8 +421,9 @@ OM_uint32 _gsskrb5_acquire_cred } if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH) { ret = acquire_acceptor_cred(minor_status, context, + credential_type, credential_data, desired_name, time_req, - desired_mechs, cred_usage, handle, actual_mechs, time_rec); + desired_mech, cred_usage, handle); if (ret != GSS_S_COMPLETE) { HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex); krb5_free_principal(context, handle->principal); @@ -371,9 +435,6 @@ OM_uint32 _gsskrb5_acquire_cred if (ret == GSS_S_COMPLETE) ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM, &handle->mechanisms); - if (ret == GSS_S_COMPLETE) - ret = _gsskrb5_inquire_cred(minor_status, (gss_cred_id_t)handle, - NULL, time_rec, NULL, actual_mechs); if (ret != GSS_S_COMPLETE) { if (handle->mechanisms != NULL) gss_release_oid_set(NULL, &handle->mechanisms); @@ -381,18 +442,9 @@ OM_uint32 _gsskrb5_acquire_cred krb5_free_principal(context, handle->principal); free(handle); return (ret); - } - *minor_status = 0; - if (time_rec) { - ret = _gsskrb5_lifetime_left(minor_status, - context, - handle->lifetime, - time_rec); - - if (ret) - return ret; } handle->usage = cred_usage; + *minor_status = 0; *output_cred_handle = (gss_cred_id_t)handle; return (GSS_S_COMPLETE); } diff --git a/lib/gssapi/krb5/add_cred.c b/lib/gssapi/krb5/add_cred.c index 9a1045a889f6..00cf55f62d65 100644 --- a/lib/gssapi/krb5/add_cred.c +++ b/lib/gssapi/krb5/add_cred.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: add_cred.c 20688 2007-05-17 18:44:31Z lha $"); - -OM_uint32 _gsskrb5_add_cred ( +OM_uint32 GSSAPI_CALLCONV _gsskrb5_add_cred ( OM_uint32 *minor_status, const gss_cred_id_t input_cred_handle, const gss_name_t desired_name, @@ -74,7 +72,7 @@ OM_uint32 _gsskrb5_add_cred ( return GSS_S_NO_CRED; } - /* check if requested output usage is compatible with output usage */ + /* check if requested output usage is compatible with output usage */ if (output_cred_handle != NULL) { HEIMDAL_MUTEX_lock(&cred->cred_id_mutex); if (cred->usage != cred_usage && cred->usage != GSS_C_BOTH) { @@ -83,10 +81,10 @@ OM_uint32 _gsskrb5_add_cred ( return(GSS_S_FAILURE); } } - + /* check that we have the same name */ if (dname != NULL && - krb5_principal_compare(context, dname, + krb5_principal_compare(context, dname, cred->principal) != FALSE) { if (output_cred_handle) HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); @@ -112,7 +110,7 @@ OM_uint32 _gsskrb5_add_cred ( handle->ccache = NULL; handle->mechanisms = NULL; HEIMDAL_MUTEX_init(&handle->cred_id_mutex); - + ret = GSS_S_FAILURE; kret = krb5_copy_principal(context, cred->principal, @@ -125,23 +123,11 @@ OM_uint32 _gsskrb5_add_cred ( } if (cred->keytab) { - char name[KRB5_KT_PREFIX_MAX_LEN + MAXPATHLEN]; - int len; - + char *name = NULL; + ret = GSS_S_FAILURE; - kret = krb5_kt_get_type(context, cred->keytab, - name, KRB5_KT_PREFIX_MAX_LEN); - if (kret) { - *minor_status = kret; - goto failure; - } - len = strlen(name); - name[len++] = ':'; - - kret = krb5_kt_get_name(context, cred->keytab, - name + len, - sizeof(name) - len); + kret = krb5_kt_get_full_name(context, cred->keytab, &name); if (kret) { *minor_status = kret; goto failure; @@ -149,6 +135,7 @@ OM_uint32 _gsskrb5_add_cred ( kret = krb5_kt_resolve(context, name, &handle->keytab); + krb5_xfree(name); if (kret){ *minor_status = kret; goto failure; @@ -157,7 +144,7 @@ OM_uint32 _gsskrb5_add_cred ( if (cred->ccache) { const char *type, *name; - char *type_name; + char *type_name = NULL; ret = GSS_S_FAILURE; @@ -168,8 +155,8 @@ OM_uint32 _gsskrb5_add_cred ( } if (strcmp(type, "MEMORY") == 0) { - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, - &handle->ccache); + ret = krb5_cc_new_unique(context, type, + NULL, &handle->ccache); if (ret) { *minor_status = ret; goto failure; @@ -188,20 +175,20 @@ OM_uint32 _gsskrb5_add_cred ( *minor_status = ENOMEM; goto failure; } - - asprintf(&type_name, "%s:%s", type, name); - if (type_name == NULL) { + + kret = asprintf(&type_name, "%s:%s", type, name); + if (kret < 0 || type_name == NULL) { *minor_status = ENOMEM; goto failure; } - + kret = krb5_cc_resolve(context, type_name, &handle->ccache); free(type_name); if (kret) { *minor_status = kret; goto failure; - } + } } } ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms); @@ -216,7 +203,7 @@ OM_uint32 _gsskrb5_add_cred ( HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); - ret = _gsskrb5_inquire_cred(minor_status, (gss_cred_id_t)cred, + ret = _gsskrb5_inquire_cred(minor_status, (gss_cred_id_t)cred, NULL, &lifetime, NULL, actual_mechs); if (ret) goto failure; diff --git a/lib/gssapi/krb5/address_to_krb5addr.c b/lib/gssapi/krb5/address_to_krb5addr.c index 18a90fe9a762..fa115d964a89 100644 --- a/lib/gssapi/krb5/address_to_krb5addr.c +++ b/lib/gssapi/krb5/address_to_krb5addr.c @@ -1,37 +1,37 @@ /* - * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" #include @@ -46,32 +46,32 @@ _gsskrb5i_address_to_krb5addr(krb5_context context, struct sockaddr sa; krb5_socklen_t sa_size = sizeof(sa); krb5_error_code problem; - + if (gss_addr == NULL) - return GSS_S_FAILURE; - + return GSS_S_FAILURE; + switch (gss_addr_type) { #ifdef HAVE_IPV6 case GSS_C_AF_INET6: addr_type = AF_INET6; break; #endif /* HAVE_IPV6 */ - + case GSS_C_AF_INET: addr_type = AF_INET; break; default: return GSS_S_FAILURE; } - + problem = krb5_h_addr2sockaddr (context, addr_type, - gss_addr->value, - &sa, - &sa_size, + gss_addr->value, + &sa, + &sa_size, port); if (problem) return GSS_S_FAILURE; problem = krb5_sockaddr2address (context, &sa, address); - return problem; + return problem; } diff --git a/lib/gssapi/krb5/aeap.c b/lib/gssapi/krb5/aeap.c new file mode 100644 index 000000000000..47913e4aec03 --- /dev/null +++ b/lib/gssapi/krb5/aeap.c @@ -0,0 +1,100 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gsskrb5_locl.h" + +#include + +OM_uint32 GSSAPI_CALLCONV +_gk_wrap_iov(OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + int * conf_state, + gss_iov_buffer_desc *iov, + int iov_count) +{ + const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; + krb5_context context; + + GSSAPI_KRB5_INIT (&context); + + if (ctx->more_flags & IS_CFX) + return _gssapi_wrap_cfx_iov(minor_status, ctx, context, + conf_req_flag, conf_state, + iov, iov_count); + + return GSS_S_FAILURE; +} + +OM_uint32 GSSAPI_CALLCONV +_gk_unwrap_iov(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int *conf_state, + gss_qop_t *qop_state, + gss_iov_buffer_desc *iov, + int iov_count) +{ + const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; + krb5_context context; + + GSSAPI_KRB5_INIT (&context); + + if (ctx->more_flags & IS_CFX) + return _gssapi_unwrap_cfx_iov(minor_status, ctx, context, + conf_state, qop_state, iov, iov_count); + + return GSS_S_FAILURE; +} + +OM_uint32 GSSAPI_CALLCONV +_gk_wrap_iov_length(OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + int *conf_state, + gss_iov_buffer_desc *iov, + int iov_count) +{ + const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; + krb5_context context; + + GSSAPI_KRB5_INIT (&context); + + if (ctx->more_flags & IS_CFX) + return _gssapi_wrap_iov_length_cfx(minor_status, ctx, context, + conf_req_flag, qop_req, conf_state, + iov, iov_count); + + return GSS_S_FAILURE; +} diff --git a/lib/gssapi/krb5/arcfour.c b/lib/gssapi/krb5/arcfour.c index 032da36ebc86..15b1b343409a 100644 --- a/lib/gssapi/krb5/arcfour.c +++ b/lib/gssapi/krb5/arcfour.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: arcfour.c 19031 2006-11-13 18:02:57Z lha $"); +#include "gsskrb5_locl.h" /* * Implements draft-brezak-win2k-krb-rc4-hmac-04.txt @@ -75,20 +73,20 @@ arcfour_mic_key(krb5_context context, krb5_keyblock *key, void *key6_data, size_t key6_size) { krb5_error_code ret; - + Checksum cksum_k5; krb5_keyblock key5; char k5_data[16]; - + Checksum cksum_k6; - + char T[4]; memset(T, 0, 4); cksum_k5.checksum.data = k5_data; cksum_k5.checksum.length = sizeof(k5_data); - if (key->keytype == KEYTYPE_ARCFOUR_56) { + if (key->keytype == ENCTYPE_ARCFOUR_HMAC_MD5_56) { char L40[14] = "fortybits"; memcpy(L40 + 10, T, sizeof(T)); @@ -102,7 +100,7 @@ arcfour_mic_key(krb5_context context, krb5_keyblock *key, if (ret) return ret; - key5.keytype = KEYTYPE_ARCFOUR; + key5.keytype = ENCTYPE_ARCFOUR_HMAC_MD5; key5.keyvalue = cksum_k5.checksum; cksum_k6.checksum.data = key6_data; @@ -126,7 +124,7 @@ arcfour_mic_cksum(krb5_context context, size_t len; krb5_crypto crypto; krb5_error_code ret; - + assert(sgn_cksum_sz == 8); len = l1 + l2 + l3; @@ -138,13 +136,13 @@ arcfour_mic_cksum(krb5_context context, memcpy(ptr, v1, l1); memcpy(ptr + l1, v2, l2); memcpy(ptr + l1 + l2, v3, l3); - + ret = krb5_crypto_init(context, key, 0, &crypto); if (ret) { free(ptr); return ret; } - + ret = krb5_create_checksum(context, crypto, usage, @@ -175,22 +173,22 @@ _gssapi_get_mic_arcfour(OM_uint32 * minor_status, int32_t seq_number; size_t len, total_len; u_char k6_data[16], *p0, *p; - RC4_KEY rc4_key; - + EVP_CIPHER_CTX rc4_key; + _gsskrb5_encap_length (22, &len, &total_len, GSS_KRB5_MECHANISM); - + message_token->length = total_len; message_token->value = malloc (total_len); if (message_token->value == NULL) { *minor_status = ENOMEM; return GSS_S_FAILURE; } - + p0 = _gssapi_make_mech_header(message_token->value, len, GSS_KRB5_MECHANISM); p = p0; - + *p++ = 0x01; /* TOK_ID */ *p++ = 0x01; *p++ = 0x11; /* SGN_ALG */ @@ -229,20 +227,21 @@ _gssapi_get_mic_arcfour(OM_uint32 * minor_status, &seq_number); p = p0 + 8; /* SND_SEQ */ _gsskrb5_encode_be_om_uint32(seq_number, p); - + krb5_auth_con_setlocalseqnumber (context, context_handle->auth_context, ++seq_number); HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - + memset (p + 4, (context_handle->more_flags & LOCAL) ? 0 : 0xff, 4); - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p, p); - - memset(&rc4_key, 0, sizeof(rc4_key)); + EVP_CIPHER_CTX_init(&rc4_key); + EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); + EVP_Cipher(&rc4_key, p, p, 8); + EVP_CIPHER_CTX_cleanup(&rc4_key); + memset(k6_data, 0, sizeof(k6_data)); - + *minor_status = 0; return GSS_S_COMPLETE; } @@ -256,7 +255,7 @@ _gssapi_verify_mic_arcfour(OM_uint32 * minor_status, const gss_buffer_t token_buffer, gss_qop_t * qop_state, krb5_keyblock *key, - char *type) + const char *type) { krb5_error_code ret; uint32_t seq_number; @@ -264,18 +263,18 @@ _gssapi_verify_mic_arcfour(OM_uint32 * minor_status, u_char SND_SEQ[8], cksum_data[8], *p; char k6_data[16]; int cmp; - + if (qop_state) *qop_state = 0; p = token_buffer->value; omret = _gsskrb5_verify_header (&p, token_buffer->length, - (u_char *)type, + type, GSS_KRB5_MECHANISM); if (omret) return omret; - + if (memcmp(p, "\x11\x00", 2) != 0) /* SGN_ALG = HMAC MD5 ARCFOUR */ return GSS_S_BAD_SIG; p += 2; @@ -302,19 +301,20 @@ _gssapi_verify_mic_arcfour(OM_uint32 * minor_status, return GSS_S_FAILURE; } - cmp = memcmp(cksum_data, p + 8, 8); + cmp = ct_memcmp(cksum_data, p + 8, 8); if (cmp) { *minor_status = 0; return GSS_S_BAD_MIC; } { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), (void*)k6_data); - RC4 (&rc4_key, 8, p, SND_SEQ); - - memset(&rc4_key, 0, sizeof(rc4_key)); + EVP_CIPHER_CTX rc4_key; + + EVP_CIPHER_CTX_init(&rc4_key); + EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, (void *)k6_data, NULL, 0); + EVP_Cipher(&rc4_key, SND_SEQ, p, 8); + EVP_CIPHER_CTX_cleanup(&rc4_key); + memset(k6_data, 0, sizeof(k6_data)); } @@ -330,7 +330,7 @@ _gssapi_verify_mic_arcfour(OM_uint32 * minor_status, *minor_status = 0; return GSS_S_BAD_MIC; } - + HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); omret = _gssapi_msg_order_check(context_handle->order, seq_number); HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); @@ -379,7 +379,7 @@ _gssapi_wrap_arcfour(OM_uint32 * minor_status, *minor_status = ENOMEM; return GSS_S_FAILURE; } - + p0 = _gssapi_make_mech_header(output_message_buffer->value, len, GSS_KRB5_MECHANISM); @@ -418,7 +418,7 @@ _gssapi_wrap_arcfour(OM_uint32 * minor_status, 4); krb5_generate_random_block(p0 + 24, 8); /* fill in Confounder */ - + /* p points to data */ p = p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE; memcpy(p, input_message_buffer->value, input_message_buffer->length); @@ -428,10 +428,10 @@ _gssapi_wrap_arcfour(OM_uint32 * minor_status, ret = arcfour_mic_cksum(context, key, KRB5_KU_USAGE_SEAL, - p0 + 16, 8, /* SGN_CKSUM */ + p0 + 16, 8, /* SGN_CKSUM */ p0, 8, /* TOK_ID, SGN_ALG, SEAL_ALG, Filler */ p0 + 24, 8, /* Confounder */ - p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, + p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, datalen); if (ret) { *minor_status = ret; @@ -461,12 +461,12 @@ _gssapi_wrap_arcfour(OM_uint32 * minor_status, if(conf_req_flag) { - RC4_KEY rc4_key; + EVP_CIPHER_CTX rc4_key; - RC4_set_key (&rc4_key, sizeof(k6_data), (void *)k6_data); - /* XXX ? */ - RC4 (&rc4_key, 8 + datalen, p0 + 24, p0 + 24); /* Confounder + data */ - memset(&rc4_key, 0, sizeof(rc4_key)); + EVP_CIPHER_CTX_init(&rc4_key); + EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); + EVP_Cipher(&rc4_key, p0 + 24, p0 + 24, 8 + datalen); + EVP_CIPHER_CTX_cleanup(&rc4_key); } memset(k6_data, 0, sizeof(k6_data)); @@ -480,11 +480,12 @@ _gssapi_wrap_arcfour(OM_uint32 * minor_status, } { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p0 + 8, p0 + 8); /* SND_SEQ */ - memset(&rc4_key, 0, sizeof(rc4_key)); + EVP_CIPHER_CTX rc4_key; + + EVP_CIPHER_CTX_init(&rc4_key); + EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); + EVP_Cipher(&rc4_key, p0 + 8, p0 + 8 /* SND_SEQ */, 8); + EVP_CIPHER_CTX_cleanup(&rc4_key); memset(k6_data, 0, sizeof(k6_data)); } @@ -516,7 +517,7 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, int cmp; int conf_flag; size_t padlen = 0, len; - + if (conf_state) *conf_state = 0; if (qop_state) @@ -525,7 +526,7 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, p0 = input_message_buffer->value; if (IS_DCE_STYLE(context_handle)) { - len = GSS_ARCFOUR_WRAP_TOKEN_SIZE + + len = GSS_ARCFOUR_WRAP_TOKEN_SIZE + GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE; if (input_message_buffer->length < len) return GSS_S_BAD_MECH; @@ -540,7 +541,7 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, return omret; /* length of mech header */ - len = (p0 - (u_char *)input_message_buffer->value) + + len = (p0 - (u_char *)input_message_buffer->value) + GSS_ARCFOUR_WRAP_TOKEN_SIZE; if (len > input_message_buffer->length) @@ -579,11 +580,12 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, } { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p0 + 8, SND_SEQ); /* SND_SEQ */ - memset(&rc4_key, 0, sizeof(rc4_key)); + EVP_CIPHER_CTX rc4_key; + + EVP_CIPHER_CTX_init(&rc4_key); + EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); + EVP_Cipher(&rc4_key, SND_SEQ, p0 + 8, 8); + EVP_CIPHER_CTX_cleanup(&rc4_key); memset(k6_data, 0, sizeof(k6_data)); } @@ -626,16 +628,16 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, output_message_buffer->length = datalen; if(conf_flag) { - RC4_KEY rc4_key; + EVP_CIPHER_CTX rc4_key; - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p0 + 24, Confounder); /* Confounder */ - RC4 (&rc4_key, datalen, p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, - output_message_buffer->value); - memset(&rc4_key, 0, sizeof(rc4_key)); + EVP_CIPHER_CTX_init(&rc4_key); + EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); + EVP_Cipher(&rc4_key, Confounder, p0 + 24, 8); + EVP_Cipher(&rc4_key, output_message_buffer->value, p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, datalen); + EVP_CIPHER_CTX_cleanup(&rc4_key); } else { memcpy(Confounder, p0 + 24, 8); /* Confounder */ - memcpy(output_message_buffer->value, + memcpy(output_message_buffer->value, p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, datalen); } @@ -654,9 +656,9 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, ret = arcfour_mic_cksum(context, key, KRB5_KU_USAGE_SEAL, cksum_data, sizeof(cksum_data), - p0, 8, + p0, 8, Confounder, sizeof(Confounder), - output_message_buffer->value, + output_message_buffer->value, output_message_buffer->length + padlen); if (ret) { _gsskrb5_release_buffer(minor_status, output_message_buffer); @@ -664,7 +666,7 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, return GSS_S_FAILURE; } - cmp = memcmp(cksum_data, p0 + 16, 8); /* SGN_CKSUM */ + cmp = ct_memcmp(cksum_data, p0 + 16, 8); /* SGN_CKSUM */ if (cmp) { _gsskrb5_release_buffer(minor_status, output_message_buffer); *minor_status = 0; @@ -690,10 +692,10 @@ max_wrap_length_arcfour(const gsskrb5_ctx ctx, size_t input_length, OM_uint32 *max_input_size) { - /* + /* * if GSS_C_DCE_STYLE is in use: * - we only need to encapsulate the WRAP token - * However, since this is a fixed since, we just + * However, since this is a fixed since, we just */ if (IS_DCE_STYLE(ctx)) { size_t len, total_len; diff --git a/lib/gssapi/krb5/authorize_localname.c b/lib/gssapi/krb5/authorize_localname.c new file mode 100644 index 000000000000..4bab062ac4ce --- /dev/null +++ b/lib/gssapi/krb5/authorize_localname.c @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2011, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gsskrb5_locl.h" + +OM_uint32 GSSAPI_CALLCONV +_gsskrb5_authorize_localname(OM_uint32 *minor_status, + const gss_name_t input_name, + gss_const_buffer_t user_name, + gss_const_OID user_name_type) +{ + krb5_context context; + krb5_principal princ = (krb5_principal)input_name; + char *user; + int user_ok; + + if (!gss_oid_equal(user_name_type, GSS_C_NT_USER_NAME)) + return GSS_S_BAD_NAMETYPE; + + GSSAPI_KRB5_INIT(&context); + + user = malloc(user_name->length + 1); + if (user == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + memcpy(user, user_name->value, user_name->length); + user[user_name->length] = '\0'; + + *minor_status = 0; + user_ok = krb5_kuserok(context, princ, user); + + free(user); + + return user_ok ? GSS_S_COMPLETE : GSS_S_UNAUTHORIZED; +} diff --git a/lib/gssapi/krb5/canonicalize_name.c b/lib/gssapi/krb5/canonicalize_name.c index c1744abd3bec..7fc921bac095 100644 --- a/lib/gssapi/krb5/canonicalize_name.c +++ b/lib/gssapi/krb5/canonicalize_name.c @@ -1,46 +1,58 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: canonicalize_name.c 18334 2006-10-07 22:16:04Z lha $"); - -OM_uint32 _gsskrb5_canonicalize_name ( +OM_uint32 GSSAPI_CALLCONV _gsskrb5_canonicalize_name ( OM_uint32 * minor_status, const gss_name_t input_name, const gss_OID mech_type, gss_name_t * output_name ) { - return _gsskrb5_duplicate_name (minor_status, input_name, output_name); + krb5_context context; + krb5_principal name; + OM_uint32 ret; + + *output_name = NULL; + + GSSAPI_KRB5_INIT (&context); + + ret = _gsskrb5_canon_name(minor_status, context, 1, NULL, input_name, &name); + if (ret) + return ret; + + *output_name = (gss_name_t)name; + + return GSS_S_COMPLETE; } diff --git a/lib/gssapi/krb5/ccache_name.c b/lib/gssapi/krb5/ccache_name.c index 6f332463553c..1577fb20ddb3 100644 --- a/lib/gssapi/krb5/ccache_name.c +++ b/lib/gssapi/krb5/ccache_name.c @@ -1,44 +1,42 @@ /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: ccache_name.c 19031 2006-11-13 18:02:57Z lha $"); +#include "gsskrb5_locl.h" char *last_out_name; OM_uint32 -_gsskrb5_krb5_ccache_name(OM_uint32 *minor_status, +_gsskrb5_krb5_ccache_name(OM_uint32 *minor_status, const char *name, const char **out_name) { diff --git a/lib/gssapi/krb5/cfx.c b/lib/gssapi/krb5/cfx.c index 6452f802ab84..3c1536b60ea5 100644 --- a/lib/gssapi/krb5/cfx.c +++ b/lib/gssapi/krb5/cfx.c @@ -30,12 +30,10 @@ * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: cfx.c 19031 2006-11-13 18:02:57Z lha $"); +#include "gsskrb5_locl.h" /* - * Implementation of draft-ietf-krb-wg-gssapi-cfx-06.txt + * Implementation of RFC 4121 */ #define CFXSentByAcceptor (1 << 0) @@ -46,6 +44,7 @@ krb5_error_code _gsskrb5cfx_wrap_length_cfx(krb5_context context, krb5_crypto crypto, int conf_req_flag, + int dce_style, size_t input_length, size_t *output_length, size_t *cksumsize, @@ -72,7 +71,11 @@ _gsskrb5cfx_wrap_length_cfx(krb5_context context, /* Header is concatenated with data before encryption */ input_length += sizeof(gss_cfx_wrap_token_desc); - ret = krb5_crypto_getpadsize(context, crypto, &padsize); + if (dce_style) { + ret = krb5_crypto_getblocksize(context, crypto, &padsize); + } else { + ret = krb5_crypto_getpadsize(context, crypto, &padsize); + } if (ret) { return ret; } @@ -96,49 +99,48 @@ _gsskrb5cfx_wrap_length_cfx(krb5_context context, return 0; } -krb5_error_code -_gsskrb5cfx_max_wrap_length_cfx(krb5_context context, - krb5_crypto crypto, - int conf_req_flag, - size_t input_length, - OM_uint32 *output_length) +OM_uint32 +_gssapi_wrap_size_cfx(OM_uint32 *minor_status, + const gsskrb5_ctx ctx, + krb5_context context, + int conf_req_flag, + gss_qop_t qop_req, + OM_uint32 req_output_size, + OM_uint32 *max_input_size) { krb5_error_code ret; - *output_length = 0; + *max_input_size = 0; /* 16-byte header is always first */ - if (input_length < 16) + if (req_output_size < 16) return 0; - input_length -= 16; + req_output_size -= 16; if (conf_req_flag) { size_t wrapped_size, sz; - wrapped_size = input_length + 1; + wrapped_size = req_output_size + 1; do { wrapped_size--; - sz = krb5_get_wrapped_length(context, - crypto, wrapped_size); - } while (wrapped_size && sz > input_length); - if (wrapped_size == 0) { - *output_length = 0; + sz = krb5_get_wrapped_length(context, + ctx->crypto, wrapped_size); + } while (wrapped_size && sz > req_output_size); + if (wrapped_size == 0) return 0; - } /* inner header */ - if (wrapped_size < 16) { - *output_length = 0; + if (wrapped_size < 16) return 0; - } + wrapped_size -= 16; - *output_length = wrapped_size; + *max_input_size = wrapped_size; } else { krb5_cksumtype type; size_t cksumsize; - ret = krb5_crypto_get_checksum_type(context, crypto, &type); + ret = krb5_crypto_get_checksum_type(context, ctx->crypto, &type); if (ret) return ret; @@ -146,48 +148,16 @@ _gsskrb5cfx_max_wrap_length_cfx(krb5_context context, if (ret) return ret; - if (input_length < cksumsize) + if (req_output_size < cksumsize) return 0; /* Checksum is concatenated with data */ - *output_length = input_length - cksumsize; + *max_input_size = req_output_size - cksumsize; } return 0; } - -OM_uint32 _gssapi_wrap_size_cfx(OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - int conf_req_flag, - gss_qop_t qop_req, - OM_uint32 req_output_size, - OM_uint32 *max_input_size, - krb5_keyblock *key) -{ - krb5_error_code ret; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret != 0) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = _gsskrb5cfx_max_wrap_length_cfx(context, crypto, conf_req_flag, - req_output_size, max_input_size); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - - krb5_crypto_destroy(context, crypto); - - return GSS_S_COMPLETE; -} - /* * Rotate "rrc" bytes to the front or back */ @@ -212,10 +182,10 @@ rrc_rotate(void *data, size_t len, uint16_t rrc, krb5_boolean unrotate) tmp = buf; } else { tmp = malloc(rrc); - if (tmp == NULL) + if (tmp == NULL) return ENOMEM; } - + if (unrotate) { memcpy(tmp, data, rrc); memmove(data, (u_char *)data + rrc, left); @@ -226,23 +196,971 @@ rrc_rotate(void *data, size_t len, uint16_t rrc, krb5_boolean unrotate) memcpy(data, tmp, rrc); } - if (rrc > sizeof(buf)) + if (rrc > sizeof(buf)) free(tmp); return 0; } +gss_iov_buffer_desc * +_gk_find_buffer(gss_iov_buffer_desc *iov, int iov_count, OM_uint32 type) +{ + int i; + + for (i = 0; i < iov_count; i++) + if (type == GSS_IOV_BUFFER_TYPE(iov[i].type)) + return &iov[i]; + return NULL; +} + +OM_uint32 +_gk_allocate_buffer(OM_uint32 *minor_status, gss_iov_buffer_desc *buffer, size_t size) +{ + if (buffer->type & GSS_IOV_BUFFER_FLAG_ALLOCATED) { + if (buffer->buffer.length == size) + return GSS_S_COMPLETE; + free(buffer->buffer.value); + } + + buffer->buffer.value = malloc(size); + buffer->buffer.length = size; + if (buffer->buffer.value == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + buffer->type |= GSS_IOV_BUFFER_FLAG_ALLOCATED; + + return GSS_S_COMPLETE; +} + + +OM_uint32 +_gk_verify_buffers(OM_uint32 *minor_status, + const gsskrb5_ctx ctx, + const gss_iov_buffer_desc *header, + const gss_iov_buffer_desc *padding, + const gss_iov_buffer_desc *trailer) +{ + if (header == NULL) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + if (IS_DCE_STYLE(ctx)) { + /* + * In DCE style mode we reject having a padding or trailer buffer + */ + if (padding) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + if (trailer) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + } else { + /* + * In non-DCE style mode we require having a padding buffer + */ + if (padding == NULL) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + } + + *minor_status = 0; + return GSS_S_COMPLETE; +} + +OM_uint32 +_gssapi_wrap_cfx_iov(OM_uint32 *minor_status, + gsskrb5_ctx ctx, + krb5_context context, + int conf_req_flag, + int *conf_state, + gss_iov_buffer_desc *iov, + int iov_count) +{ + OM_uint32 major_status, junk; + gss_iov_buffer_desc *header, *trailer, *padding; + size_t gsshsize, k5hsize; + size_t gsstsize, k5tsize; + size_t rrc = 0, ec = 0; + int i; + gss_cfx_wrap_token token; + krb5_error_code ret; + int32_t seq_number; + unsigned usage; + krb5_crypto_iov *data = NULL; + + header = _gk_find_buffer(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER); + if (header == NULL) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + padding = _gk_find_buffer(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING); + if (padding != NULL) { + padding->buffer.length = 0; + } + + trailer = _gk_find_buffer(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER); + + major_status = _gk_verify_buffers(minor_status, ctx, header, padding, trailer); + if (major_status != GSS_S_COMPLETE) { + return major_status; + } + + if (conf_req_flag) { + size_t k5psize = 0; + size_t k5pbase = 0; + size_t k5bsize = 0; + size_t size = 0; + + for (i = 0; i < iov_count; i++) { + switch (GSS_IOV_BUFFER_TYPE(iov[i].type)) { + case GSS_IOV_BUFFER_TYPE_DATA: + size += iov[i].buffer.length; + break; + default: + break; + } + } + + size += sizeof(gss_cfx_wrap_token_desc); + + *minor_status = krb5_crypto_length(context, ctx->crypto, + KRB5_CRYPTO_TYPE_HEADER, + &k5hsize); + if (*minor_status) + return GSS_S_FAILURE; + + *minor_status = krb5_crypto_length(context, ctx->crypto, + KRB5_CRYPTO_TYPE_TRAILER, + &k5tsize); + if (*minor_status) + return GSS_S_FAILURE; + + *minor_status = krb5_crypto_length(context, ctx->crypto, + KRB5_CRYPTO_TYPE_PADDING, + &k5pbase); + if (*minor_status) + return GSS_S_FAILURE; + + if (k5pbase > 1) { + k5psize = k5pbase - (size % k5pbase); + } else { + k5psize = 0; + } + + if (k5psize == 0 && IS_DCE_STYLE(ctx)) { + *minor_status = krb5_crypto_getblocksize(context, ctx->crypto, + &k5bsize); + if (*minor_status) + return GSS_S_FAILURE; + ec = k5bsize; + } else { + ec = k5psize; + } + + gsshsize = sizeof(gss_cfx_wrap_token_desc) + k5hsize; + gsstsize = sizeof(gss_cfx_wrap_token_desc) + ec + k5tsize; + } else { + if (IS_DCE_STYLE(ctx)) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + k5hsize = 0; + *minor_status = krb5_crypto_length(context, ctx->crypto, + KRB5_CRYPTO_TYPE_CHECKSUM, + &k5tsize); + if (*minor_status) + return GSS_S_FAILURE; + + gsshsize = sizeof(gss_cfx_wrap_token_desc); + gsstsize = k5tsize; + } + + /* + * + */ + + if (trailer == NULL) { + rrc = gsstsize; + if (IS_DCE_STYLE(ctx)) + rrc -= ec; + gsshsize += gsstsize; + gsstsize = 0; + } else if (GSS_IOV_BUFFER_FLAGS(trailer->type) & GSS_IOV_BUFFER_FLAG_ALLOCATE) { + major_status = _gk_allocate_buffer(minor_status, trailer, gsstsize); + if (major_status) + goto failure; + } else if (trailer->buffer.length < gsstsize) { + *minor_status = KRB5_BAD_MSIZE; + major_status = GSS_S_FAILURE; + goto failure; + } else + trailer->buffer.length = gsstsize; + + /* + * + */ + + if (GSS_IOV_BUFFER_FLAGS(header->type) & GSS_IOV_BUFFER_FLAG_ALLOCATE) { + major_status = _gk_allocate_buffer(minor_status, header, gsshsize); + if (major_status != GSS_S_COMPLETE) + goto failure; + } else if (header->buffer.length < gsshsize) { + *minor_status = KRB5_BAD_MSIZE; + major_status = GSS_S_FAILURE; + goto failure; + } else + header->buffer.length = gsshsize; + + token = (gss_cfx_wrap_token)header->buffer.value; + + token->TOK_ID[0] = 0x05; + token->TOK_ID[1] = 0x04; + token->Flags = 0; + token->Filler = 0xFF; + + if ((ctx->more_flags & LOCAL) == 0) + token->Flags |= CFXSentByAcceptor; + + if (ctx->more_flags & ACCEPTOR_SUBKEY) + token->Flags |= CFXAcceptorSubkey; + + if (ctx->more_flags & LOCAL) + usage = KRB5_KU_USAGE_INITIATOR_SEAL; + else + usage = KRB5_KU_USAGE_ACCEPTOR_SEAL; + + if (conf_req_flag) { + /* + * In Wrap tokens with confidentiality, the EC field is + * used to encode the size (in bytes) of the random filler. + */ + token->Flags |= CFXSealed; + token->EC[0] = (ec >> 8) & 0xFF; + token->EC[1] = (ec >> 0) & 0xFF; + + } else { + /* + * In Wrap tokens without confidentiality, the EC field is + * used to encode the size (in bytes) of the trailing + * checksum. + * + * This is not used in the checksum calcuation itself, + * because the checksum length could potentially vary + * depending on the data length. + */ + token->EC[0] = 0; + token->EC[1] = 0; + } + + /* + * In Wrap tokens that provide for confidentiality, the RRC + * field in the header contains the hex value 00 00 before + * encryption. + * + * In Wrap tokens that do not provide for confidentiality, + * both the EC and RRC fields in the appended checksum + * contain the hex value 00 00 for the purpose of calculating + * the checksum. + */ + token->RRC[0] = 0; + token->RRC[1] = 0; + + HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); + krb5_auth_con_getlocalseqnumber(context, + ctx->auth_context, + &seq_number); + _gsskrb5_encode_be_om_uint32(0, &token->SND_SEQ[0]); + _gsskrb5_encode_be_om_uint32(seq_number, &token->SND_SEQ[4]); + krb5_auth_con_setlocalseqnumber(context, + ctx->auth_context, + ++seq_number); + HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); + + data = calloc(iov_count + 3, sizeof(data[0])); + if (data == NULL) { + *minor_status = ENOMEM; + major_status = GSS_S_FAILURE; + goto failure; + } + + if (conf_req_flag) { + /* + plain packet: + + {"header" | encrypt(plaintext-data | ec-padding | E"header")} + + Expanded, this is with with RRC = 0: + + {"header" | krb5-header | plaintext-data | ec-padding | E"header" | krb5-trailer } + + In DCE-RPC mode == no trailer: RRC = gss "trailer" == length(ec-padding | E"header" | krb5-trailer) + + {"header" | ec-padding | E"header" | krb5-trailer | krb5-header | plaintext-data } + */ + + i = 0; + data[i].flags = KRB5_CRYPTO_TYPE_HEADER; + data[i].data.data = ((uint8_t *)header->buffer.value) + header->buffer.length - k5hsize; + data[i].data.length = k5hsize; + + for (i = 1; i < iov_count + 1; i++) { + switch (GSS_IOV_BUFFER_TYPE(iov[i - 1].type)) { + case GSS_IOV_BUFFER_TYPE_DATA: + data[i].flags = KRB5_CRYPTO_TYPE_DATA; + break; + case GSS_IOV_BUFFER_TYPE_SIGN_ONLY: + data[i].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY; + break; + default: + data[i].flags = KRB5_CRYPTO_TYPE_EMPTY; + break; + } + data[i].data.length = iov[i - 1].buffer.length; + data[i].data.data = iov[i - 1].buffer.value; + } + + /* + * Any necessary padding is added here to ensure that the + * encrypted token header is always at the end of the + * ciphertext. + */ + + /* encrypted CFX header in trailer (or after the header if in + DCE mode). Copy in header into E"header" + */ + data[i].flags = KRB5_CRYPTO_TYPE_DATA; + if (trailer) + data[i].data.data = trailer->buffer.value; + else + data[i].data.data = ((uint8_t *)header->buffer.value) + sizeof(*token); + + data[i].data.length = ec + sizeof(*token); + memset(data[i].data.data, 0xFF, ec); + memcpy(((uint8_t *)data[i].data.data) + ec, token, sizeof(*token)); + i++; + + /* Kerberos trailer comes after the gss trailer */ + data[i].flags = KRB5_CRYPTO_TYPE_TRAILER; + data[i].data.data = ((uint8_t *)data[i-1].data.data) + ec + sizeof(*token); + data[i].data.length = k5tsize; + i++; + + ret = krb5_encrypt_iov_ivec(context, ctx->crypto, usage, data, i, NULL); + if (ret != 0) { + *minor_status = ret; + major_status = GSS_S_FAILURE; + goto failure; + } + + if (rrc) { + token->RRC[0] = (rrc >> 8) & 0xFF; + token->RRC[1] = (rrc >> 0) & 0xFF; + } + + } else { + /* + plain packet: + + {data | "header" | gss-trailer (krb5 checksum) + + don't do RRC != 0 + + */ + + for (i = 0; i < iov_count; i++) { + switch (GSS_IOV_BUFFER_TYPE(iov[i].type)) { + case GSS_IOV_BUFFER_TYPE_DATA: + data[i].flags = KRB5_CRYPTO_TYPE_DATA; + break; + case GSS_IOV_BUFFER_TYPE_SIGN_ONLY: + data[i].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY; + break; + default: + data[i].flags = KRB5_CRYPTO_TYPE_EMPTY; + break; + } + data[i].data.length = iov[i].buffer.length; + data[i].data.data = iov[i].buffer.value; + } + + data[i].flags = KRB5_CRYPTO_TYPE_DATA; + data[i].data.data = header->buffer.value; + data[i].data.length = sizeof(gss_cfx_wrap_token_desc); + i++; + + data[i].flags = KRB5_CRYPTO_TYPE_CHECKSUM; + if (trailer) { + data[i].data.data = trailer->buffer.value; + } else { + data[i].data.data = (uint8_t *)header->buffer.value + + sizeof(gss_cfx_wrap_token_desc); + } + data[i].data.length = k5tsize; + i++; + + ret = krb5_create_checksum_iov(context, ctx->crypto, usage, data, i, NULL); + if (ret) { + *minor_status = ret; + major_status = GSS_S_FAILURE; + goto failure; + } + + if (rrc) { + token->RRC[0] = (rrc >> 8) & 0xFF; + token->RRC[1] = (rrc >> 0) & 0xFF; + } + + token->EC[0] = (k5tsize >> 8) & 0xFF; + token->EC[1] = (k5tsize >> 0) & 0xFF; + } + + if (conf_state != NULL) + *conf_state = conf_req_flag; + + free(data); + + *minor_status = 0; + return GSS_S_COMPLETE; + + failure: + if (data) + free(data); + + gss_release_iov_buffer(&junk, iov, iov_count); + + return major_status; +} + +/* This is slowpath */ +static OM_uint32 +unrotate_iov(OM_uint32 *minor_status, size_t rrc, gss_iov_buffer_desc *iov, int iov_count) +{ + uint8_t *p, *q; + size_t len = 0, skip; + int i; + + for (i = 0; i < iov_count; i++) + if (GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_DATA || + GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_PADDING || + GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_TRAILER) + len += iov[i].buffer.length; + + p = malloc(len); + if (p == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + q = p; + + /* copy up */ + + for (i = 0; i < iov_count; i++) { + if (GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_DATA || + GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_PADDING || + GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_TRAILER) + { + memcpy(q, iov[i].buffer.value, iov[i].buffer.length); + q += iov[i].buffer.length; + } + } + assert((size_t)(q - p) == len); + + /* unrotate first part */ + q = p + rrc; + skip = rrc; + for (i = 0; i < iov_count; i++) { + if (GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_DATA || + GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_PADDING || + GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_TRAILER) + { + if (iov[i].buffer.length <= skip) { + skip -= iov[i].buffer.length; + } else { + memcpy(((uint8_t *)iov[i].buffer.value) + skip, q, iov[i].buffer.length - skip); + q += iov[i].buffer.length - skip; + skip = 0; + } + } + } + /* copy trailer */ + q = p; + skip = rrc; + for (i = 0; i < iov_count; i++) { + if (GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_DATA || + GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_PADDING || + GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_TRAILER) + { + memcpy(q, iov[i].buffer.value, min(iov[i].buffer.length, skip)); + if (iov[i].buffer.length > skip) + break; + skip -= iov[i].buffer.length; + q += iov[i].buffer.length; + } + } + return GSS_S_COMPLETE; +} + + +OM_uint32 +_gssapi_unwrap_cfx_iov(OM_uint32 *minor_status, + gsskrb5_ctx ctx, + krb5_context context, + int *conf_state, + gss_qop_t *qop_state, + gss_iov_buffer_desc *iov, + int iov_count) +{ + OM_uint32 seq_number_lo, seq_number_hi, major_status, junk; + gss_iov_buffer_desc *header, *trailer, *padding; + gss_cfx_wrap_token token, ttoken; + u_char token_flags; + krb5_error_code ret; + unsigned usage; + uint16_t ec, rrc; + krb5_crypto_iov *data = NULL; + int i, j; + + *minor_status = 0; + + header = _gk_find_buffer(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER); + if (header == NULL) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + if (header->buffer.length < sizeof(*token)) /* we check exact below */ + return GSS_S_DEFECTIVE_TOKEN; + + padding = _gk_find_buffer(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING); + if (padding != NULL && padding->buffer.length != 0) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + trailer = _gk_find_buffer(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER); + + major_status = _gk_verify_buffers(minor_status, ctx, header, padding, trailer); + if (major_status != GSS_S_COMPLETE) { + return major_status; + } + + token = (gss_cfx_wrap_token)header->buffer.value; + + if (token->TOK_ID[0] != 0x05 || token->TOK_ID[1] != 0x04) + return GSS_S_DEFECTIVE_TOKEN; + + /* Ignore unknown flags */ + token_flags = token->Flags & + (CFXSentByAcceptor | CFXSealed | CFXAcceptorSubkey); + + if (token_flags & CFXSentByAcceptor) { + if ((ctx->more_flags & LOCAL) == 0) + return GSS_S_DEFECTIVE_TOKEN; + } + + if (ctx->more_flags & ACCEPTOR_SUBKEY) { + if ((token_flags & CFXAcceptorSubkey) == 0) + return GSS_S_DEFECTIVE_TOKEN; + } else { + if (token_flags & CFXAcceptorSubkey) + return GSS_S_DEFECTIVE_TOKEN; + } + + if (token->Filler != 0xFF) + return GSS_S_DEFECTIVE_TOKEN; + + if (conf_state != NULL) + *conf_state = (token_flags & CFXSealed) ? 1 : 0; + + ec = (token->EC[0] << 8) | token->EC[1]; + rrc = (token->RRC[0] << 8) | token->RRC[1]; + + /* + * Check sequence number + */ + _gsskrb5_decode_be_om_uint32(&token->SND_SEQ[0], &seq_number_hi); + _gsskrb5_decode_be_om_uint32(&token->SND_SEQ[4], &seq_number_lo); + if (seq_number_hi) { + /* no support for 64-bit sequence numbers */ + *minor_status = ERANGE; + return GSS_S_UNSEQ_TOKEN; + } + + HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); + ret = _gssapi_msg_order_check(ctx->order, seq_number_lo); + if (ret != 0) { + *minor_status = 0; + HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); + return ret; + } + HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); + + /* + * Decrypt and/or verify checksum + */ + + if (ctx->more_flags & LOCAL) { + usage = KRB5_KU_USAGE_ACCEPTOR_SEAL; + } else { + usage = KRB5_KU_USAGE_INITIATOR_SEAL; + } + + data = calloc(iov_count + 3, sizeof(data[0])); + if (data == NULL) { + *minor_status = ENOMEM; + major_status = GSS_S_FAILURE; + goto failure; + } + + if (token_flags & CFXSealed) { + size_t k5tsize, k5hsize; + + krb5_crypto_length(context, ctx->crypto, KRB5_CRYPTO_TYPE_HEADER, &k5hsize); + krb5_crypto_length(context, ctx->crypto, KRB5_CRYPTO_TYPE_TRAILER, &k5tsize); + + /* Rotate by RRC; bogus to do this in-place XXX */ + /* Check RRC */ + + if (trailer == NULL) { + size_t gsstsize = k5tsize + sizeof(*token); + size_t gsshsize = k5hsize + sizeof(*token); + + if (rrc != gsstsize) { + major_status = GSS_S_DEFECTIVE_TOKEN; + goto failure; + } + + if (IS_DCE_STYLE(ctx)) + gsstsize += ec; + + gsshsize += gsstsize; + + if (header->buffer.length != gsshsize) { + major_status = GSS_S_DEFECTIVE_TOKEN; + goto failure; + } + } else if (trailer->buffer.length != sizeof(*token) + k5tsize) { + major_status = GSS_S_DEFECTIVE_TOKEN; + goto failure; + } else if (header->buffer.length != sizeof(*token) + k5hsize) { + major_status = GSS_S_DEFECTIVE_TOKEN; + goto failure; + } else if (rrc != 0) { + /* go though slowpath */ + major_status = unrotate_iov(minor_status, rrc, iov, iov_count); + if (major_status) + goto failure; + } + + i = 0; + data[i].flags = KRB5_CRYPTO_TYPE_HEADER; + data[i].data.data = ((uint8_t *)header->buffer.value) + header->buffer.length - k5hsize; + data[i].data.length = k5hsize; + i++; + + for (j = 0; j < iov_count; i++, j++) { + switch (GSS_IOV_BUFFER_TYPE(iov[j].type)) { + case GSS_IOV_BUFFER_TYPE_DATA: + data[i].flags = KRB5_CRYPTO_TYPE_DATA; + break; + case GSS_IOV_BUFFER_TYPE_SIGN_ONLY: + data[i].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY; + break; + default: + data[i].flags = KRB5_CRYPTO_TYPE_EMPTY; + break; + } + data[i].data.length = iov[j].buffer.length; + data[i].data.data = iov[j].buffer.value; + } + + /* encrypted CFX header in trailer (or after the header if in + DCE mode). Copy in header into E"header" + */ + data[i].flags = KRB5_CRYPTO_TYPE_DATA; + if (trailer) { + data[i].data.data = trailer->buffer.value; + } else { + data[i].data.data = ((uint8_t *)header->buffer.value) + + header->buffer.length - k5hsize - k5tsize - ec- sizeof(*token); + } + + data[i].data.length = ec + sizeof(*token); + ttoken = (gss_cfx_wrap_token)(((uint8_t *)data[i].data.data) + ec); + i++; + + /* Kerberos trailer comes after the gss trailer */ + data[i].flags = KRB5_CRYPTO_TYPE_TRAILER; + data[i].data.data = ((uint8_t *)data[i-1].data.data) + ec + sizeof(*token); + data[i].data.length = k5tsize; + i++; + + ret = krb5_decrypt_iov_ivec(context, ctx->crypto, usage, data, i, NULL); + if (ret != 0) { + *minor_status = ret; + major_status = GSS_S_FAILURE; + goto failure; + } + + ttoken->RRC[0] = token->RRC[0]; + ttoken->RRC[1] = token->RRC[1]; + + /* Check the integrity of the header */ + if (ct_memcmp(ttoken, token, sizeof(*token)) != 0) { + major_status = GSS_S_BAD_MIC; + goto failure; + } + } else { + size_t gsstsize = ec; + size_t gsshsize = sizeof(*token); + + if (trailer == NULL) { + /* Check RRC */ + if (rrc != gsstsize) { + *minor_status = EINVAL; + major_status = GSS_S_FAILURE; + goto failure; + } + + gsshsize += gsstsize; + gsstsize = 0; + } else if (trailer->buffer.length != gsstsize) { + major_status = GSS_S_DEFECTIVE_TOKEN; + goto failure; + } else if (rrc != 0) { + /* Check RRC */ + *minor_status = EINVAL; + major_status = GSS_S_FAILURE; + goto failure; + } + + if (header->buffer.length != gsshsize) { + major_status = GSS_S_DEFECTIVE_TOKEN; + goto failure; + } + + for (i = 0; i < iov_count; i++) { + switch (GSS_IOV_BUFFER_TYPE(iov[i].type)) { + case GSS_IOV_BUFFER_TYPE_DATA: + data[i].flags = KRB5_CRYPTO_TYPE_DATA; + break; + case GSS_IOV_BUFFER_TYPE_SIGN_ONLY: + data[i].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY; + break; + default: + data[i].flags = KRB5_CRYPTO_TYPE_EMPTY; + break; + } + data[i].data.length = iov[i].buffer.length; + data[i].data.data = iov[i].buffer.value; + } + + data[i].flags = KRB5_CRYPTO_TYPE_DATA; + data[i].data.data = header->buffer.value; + data[i].data.length = sizeof(*token); + i++; + + data[i].flags = KRB5_CRYPTO_TYPE_CHECKSUM; + if (trailer) { + data[i].data.data = trailer->buffer.value; + } else { + data[i].data.data = (uint8_t *)header->buffer.value + + sizeof(*token); + } + data[i].data.length = ec; + i++; + + token = (gss_cfx_wrap_token)header->buffer.value; + token->EC[0] = 0; + token->EC[1] = 0; + token->RRC[0] = 0; + token->RRC[1] = 0; + + ret = krb5_verify_checksum_iov(context, ctx->crypto, usage, data, i, NULL); + if (ret) { + *minor_status = ret; + major_status = GSS_S_FAILURE; + goto failure; + } + } + + if (qop_state != NULL) { + *qop_state = GSS_C_QOP_DEFAULT; + } + + free(data); + + *minor_status = 0; + return GSS_S_COMPLETE; + + failure: + if (data) + free(data); + + gss_release_iov_buffer(&junk, iov, iov_count); + + return major_status; +} + +OM_uint32 +_gssapi_wrap_iov_length_cfx(OM_uint32 *minor_status, + gsskrb5_ctx ctx, + krb5_context context, + int conf_req_flag, + gss_qop_t qop_req, + int *conf_state, + gss_iov_buffer_desc *iov, + int iov_count) +{ + OM_uint32 major_status; + size_t size; + int i; + gss_iov_buffer_desc *header = NULL; + gss_iov_buffer_desc *padding = NULL; + gss_iov_buffer_desc *trailer = NULL; + size_t gsshsize = 0; + size_t gsstsize = 0; + size_t k5hsize = 0; + size_t k5tsize = 0; + + GSSAPI_KRB5_INIT (&context); + *minor_status = 0; + + for (size = 0, i = 0; i < iov_count; i++) { + switch(GSS_IOV_BUFFER_TYPE(iov[i].type)) { + case GSS_IOV_BUFFER_TYPE_EMPTY: + break; + case GSS_IOV_BUFFER_TYPE_DATA: + size += iov[i].buffer.length; + break; + case GSS_IOV_BUFFER_TYPE_HEADER: + if (header != NULL) { + *minor_status = 0; + return GSS_S_FAILURE; + } + header = &iov[i]; + break; + case GSS_IOV_BUFFER_TYPE_TRAILER: + if (trailer != NULL) { + *minor_status = 0; + return GSS_S_FAILURE; + } + trailer = &iov[i]; + break; + case GSS_IOV_BUFFER_TYPE_PADDING: + if (padding != NULL) { + *minor_status = 0; + return GSS_S_FAILURE; + } + padding = &iov[i]; + break; + case GSS_IOV_BUFFER_TYPE_SIGN_ONLY: + break; + default: + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + } + + major_status = _gk_verify_buffers(minor_status, ctx, header, padding, trailer); + if (major_status != GSS_S_COMPLETE) { + return major_status; + } + + if (conf_req_flag) { + size_t k5psize = 0; + size_t k5pbase = 0; + size_t k5bsize = 0; + size_t ec = 0; + + size += sizeof(gss_cfx_wrap_token_desc); + + *minor_status = krb5_crypto_length(context, ctx->crypto, + KRB5_CRYPTO_TYPE_HEADER, + &k5hsize); + if (*minor_status) + return GSS_S_FAILURE; + + *minor_status = krb5_crypto_length(context, ctx->crypto, + KRB5_CRYPTO_TYPE_TRAILER, + &k5tsize); + if (*minor_status) + return GSS_S_FAILURE; + + *minor_status = krb5_crypto_length(context, ctx->crypto, + KRB5_CRYPTO_TYPE_PADDING, + &k5pbase); + if (*minor_status) + return GSS_S_FAILURE; + + if (k5pbase > 1) { + k5psize = k5pbase - (size % k5pbase); + } else { + k5psize = 0; + } + + if (k5psize == 0 && IS_DCE_STYLE(ctx)) { + *minor_status = krb5_crypto_getblocksize(context, ctx->crypto, + &k5bsize); + if (*minor_status) + return GSS_S_FAILURE; + + ec = k5bsize; + } else { + ec = k5psize; + } + + gsshsize = sizeof(gss_cfx_wrap_token_desc) + k5hsize; + gsstsize = sizeof(gss_cfx_wrap_token_desc) + ec + k5tsize; + } else { + *minor_status = krb5_crypto_length(context, ctx->crypto, + KRB5_CRYPTO_TYPE_CHECKSUM, + &k5tsize); + if (*minor_status) + return GSS_S_FAILURE; + + gsshsize = sizeof(gss_cfx_wrap_token_desc); + gsstsize = k5tsize; + } + + if (trailer != NULL) { + trailer->buffer.length = gsstsize; + } else { + gsshsize += gsstsize; + } + + header->buffer.length = gsshsize; + + if (padding) { + /* padding is done via EC and is contained in the header or trailer */ + padding->buffer.length = 0; + } + + if (conf_state) { + *conf_state = conf_req_flag; + } + + return GSS_S_COMPLETE; +} + + + + OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, + const gsskrb5_ctx ctx, krb5_context context, int conf_req_flag, - gss_qop_t qop_req, const gss_buffer_t input_message_buffer, int *conf_state, - gss_buffer_t output_message_buffer, - krb5_keyblock *key) + gss_buffer_t output_message_buffer) { - krb5_crypto crypto; gss_cfx_wrap_token token; krb5_error_code ret; unsigned usage; @@ -252,19 +1170,13 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, int32_t seq_number; u_char *p; - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret != 0) { - *minor_status = ret; - return GSS_S_FAILURE; - } - ret = _gsskrb5cfx_wrap_length_cfx(context, - crypto, conf_req_flag, + ctx->crypto, conf_req_flag, + IS_DCE_STYLE(ctx), input_message_buffer->length, &wrapped_len, &cksumsize, &padlength); if (ret != 0) { *minor_status = ret; - krb5_crypto_destroy(context, crypto); return GSS_S_FAILURE; } @@ -275,7 +1187,6 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, output_message_buffer->value = malloc(output_message_buffer->length); if (output_message_buffer->value == NULL) { *minor_status = ENOMEM; - krb5_crypto_destroy(context, crypto); return GSS_S_FAILURE; } @@ -285,9 +1196,9 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, token->TOK_ID[1] = 0x04; token->Flags = 0; token->Filler = 0xFF; - if ((context_handle->more_flags & LOCAL) == 0) + if ((ctx->more_flags & LOCAL) == 0) token->Flags |= CFXSentByAcceptor; - if (context_handle->more_flags & ACCEPTOR_SUBKEY) + if (ctx->more_flags & ACCEPTOR_SUBKEY) token->Flags |= CFXAcceptorSubkey; if (conf_req_flag) { /* @@ -324,16 +1235,16 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, token->RRC[0] = 0; token->RRC[1] = 0; - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); + HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); krb5_auth_con_getlocalseqnumber(context, - context_handle->auth_context, + ctx->auth_context, &seq_number); _gsskrb5_encode_be_om_uint32(0, &token->SND_SEQ[0]); _gsskrb5_encode_be_om_uint32(seq_number, &token->SND_SEQ[4]); krb5_auth_con_setlocalseqnumber(context, - context_handle->auth_context, + ctx->auth_context, ++seq_number); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); + HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); /* * If confidentiality is requested, the token header is @@ -344,7 +1255,7 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, * calculated over the plaintext concatenated with the * token header. */ - if (context_handle->more_flags & LOCAL) { + if (ctx->more_flags & LOCAL) { usage = KRB5_KU_USAGE_INITIATOR_SEAL; } else { usage = KRB5_KU_USAGE_ACCEPTOR_SEAL; @@ -365,25 +1276,31 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, memcpy(p + input_message_buffer->length + padlength, token, sizeof(*token)); - ret = krb5_encrypt(context, crypto, + ret = krb5_encrypt(context, ctx->crypto, usage, p, input_message_buffer->length + padlength + sizeof(*token), &cipher); if (ret != 0) { *minor_status = ret; - krb5_crypto_destroy(context, crypto); _gsskrb5_release_buffer(minor_status, output_message_buffer); return GSS_S_FAILURE; } assert(sizeof(*token) + cipher.length == wrapped_len); - token->RRC[0] = (rrc >> 8) & 0xFF; + token->RRC[0] = (rrc >> 8) & 0xFF; token->RRC[1] = (rrc >> 0) & 0xFF; - ret = rrc_rotate(cipher.data, cipher.length, rrc, FALSE); + /* + * this is really ugly, but needed against windows + * for DCERPC, as windows rotates by EC+RRC. + */ + if (IS_DCE_STYLE(ctx)) { + ret = rrc_rotate(cipher.data, cipher.length, rrc+padlength, FALSE); + } else { + ret = rrc_rotate(cipher.data, cipher.length, rrc, FALSE); + } if (ret != 0) { *minor_status = ret; - krb5_crypto_destroy(context, crypto); _gsskrb5_release_buffer(minor_status, output_message_buffer); return GSS_S_FAILURE; } @@ -396,21 +1313,19 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, buf = malloc(input_message_buffer->length + sizeof(*token)); if (buf == NULL) { *minor_status = ENOMEM; - krb5_crypto_destroy(context, crypto); _gsskrb5_release_buffer(minor_status, output_message_buffer); return GSS_S_FAILURE; } memcpy(buf, input_message_buffer->value, input_message_buffer->length); memcpy(buf + input_message_buffer->length, token, sizeof(*token)); - ret = krb5_create_checksum(context, crypto, - usage, 0, buf, + ret = krb5_create_checksum(context, ctx->crypto, + usage, 0, buf, input_message_buffer->length + - sizeof(*token), + sizeof(*token), &cksum); if (ret != 0) { *minor_status = ret; - krb5_crypto_destroy(context, crypto); _gsskrb5_release_buffer(minor_status, output_message_buffer); free(buf); return GSS_S_FAILURE; @@ -421,7 +1336,7 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, assert(cksum.checksum.length == cksumsize); token->EC[0] = (cksum.checksum.length >> 8) & 0xFF; token->EC[1] = (cksum.checksum.length >> 0) & 0xFF; - token->RRC[0] = (rrc >> 8) & 0xFF; + token->RRC[0] = (rrc >> 8) & 0xFF; token->RRC[1] = (rrc >> 0) & 0xFF; p += sizeof(*token); @@ -433,7 +1348,6 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, input_message_buffer->length + cksum.checksum.length, rrc, FALSE); if (ret != 0) { *minor_status = ret; - krb5_crypto_destroy(context, crypto); _gsskrb5_release_buffer(minor_status, output_message_buffer); free_Checksum(&cksum); return GSS_S_FAILURE; @@ -441,8 +1355,6 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, free_Checksum(&cksum); } - krb5_crypto_destroy(context, crypto); - if (conf_state != NULL) { *conf_state = conf_req_flag; } @@ -452,15 +1364,13 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, } OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, + const gsskrb5_ctx ctx, krb5_context context, const gss_buffer_t input_message_buffer, gss_buffer_t output_message_buffer, int *conf_state, - gss_qop_t *qop_state, - krb5_keyblock *key) + gss_qop_t *qop_state) { - krb5_crypto crypto; gss_cfx_wrap_token token; u_char token_flags; krb5_error_code ret; @@ -490,11 +1400,11 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, (CFXSentByAcceptor | CFXSealed | CFXAcceptorSubkey); if (token_flags & CFXSentByAcceptor) { - if ((context_handle->more_flags & LOCAL) == 0) + if ((ctx->more_flags & LOCAL) == 0) return GSS_S_DEFECTIVE_TOKEN; } - if (context_handle->more_flags & ACCEPTOR_SUBKEY) { + if (ctx->more_flags & ACCEPTOR_SUBKEY) { if ((token_flags & CFXAcceptorSubkey) == 0) return GSS_S_DEFECTIVE_TOKEN; } else { @@ -524,26 +1434,21 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, return GSS_S_UNSEQ_TOKEN; } - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - ret = _gssapi_msg_order_check(context_handle->order, seq_number_lo); + HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); + ret = _gssapi_msg_order_check(ctx->order, seq_number_lo); if (ret != 0) { *minor_status = 0; - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); + HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); _gsskrb5_release_buffer(minor_status, output_message_buffer); return ret; } - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); + HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); /* * Decrypt and/or verify checksum */ - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret != 0) { - *minor_status = ret; - return GSS_S_FAILURE; - } - if (context_handle->more_flags & LOCAL) { + if (ctx->more_flags & LOCAL) { usage = KRB5_KU_USAGE_ACCEPTOR_SEAL; } else { usage = KRB5_KU_USAGE_INITIATOR_SEAL; @@ -553,25 +1458,29 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, len = input_message_buffer->length; len -= (p - (u_char *)input_message_buffer->value); - /* Rotate by RRC; bogus to do this in-place XXX */ - *minor_status = rrc_rotate(p, len, rrc, TRUE); - if (*minor_status != 0) { - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - if (token_flags & CFXSealed) { - ret = krb5_decrypt(context, crypto, usage, + /* + * this is really ugly, but needed against windows + * for DCERPC, as windows rotates by EC+RRC. + */ + if (IS_DCE_STYLE(ctx)) { + *minor_status = rrc_rotate(p, len, rrc+ec, TRUE); + } else { + *minor_status = rrc_rotate(p, len, rrc, TRUE); + } + if (*minor_status != 0) { + return GSS_S_FAILURE; + } + + ret = krb5_decrypt(context, ctx->crypto, usage, p, len, &data); if (ret != 0) { *minor_status = ret; - krb5_crypto_destroy(context, crypto); return GSS_S_BAD_MIC; } /* Check that there is room for the pad and token header */ if (data.length < ec + sizeof(*token)) { - krb5_crypto_destroy(context, crypto); krb5_data_free(&data); return GSS_S_DEFECTIVE_TOKEN; } @@ -583,8 +1492,7 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, ((gss_cfx_wrap_token)p)->RRC[1] = token->RRC[1]; /* Check the integrity of the header */ - if (memcmp(p, token, sizeof(*token)) != 0) { - krb5_crypto_destroy(context, crypto); + if (ct_memcmp(p, token, sizeof(*token)) != 0) { krb5_data_free(&data); return GSS_S_BAD_MIC; } @@ -594,12 +1502,18 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, } else { Checksum cksum; + /* Rotate by RRC; bogus to do this in-place XXX */ + *minor_status = rrc_rotate(p, len, rrc, TRUE); + if (*minor_status != 0) { + return GSS_S_FAILURE; + } + /* Determine checksum type */ ret = krb5_crypto_get_checksum_type(context, - crypto, &cksum.cksumtype); + ctx->crypto, + &cksum.cksumtype); if (ret != 0) { *minor_status = ret; - krb5_crypto_destroy(context, crypto); return GSS_S_FAILURE; } @@ -608,7 +1522,6 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, /* Check we have at least as much data as the checksum */ if (len < cksum.checksum.length) { *minor_status = ERANGE; - krb5_crypto_destroy(context, crypto); return GSS_S_BAD_MIC; } @@ -620,13 +1533,12 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, output_message_buffer->value = malloc(len + sizeof(*token)); if (output_message_buffer->value == NULL) { *minor_status = ENOMEM; - krb5_crypto_destroy(context, crypto); return GSS_S_FAILURE; } /* Checksum is over (plaintext-data | "header") */ memcpy(output_message_buffer->value, p, len); - memcpy((u_char *)output_message_buffer->value + len, + memcpy((u_char *)output_message_buffer->value + len, token, sizeof(*token)); /* EC is not included in checksum calculation */ @@ -637,21 +1549,18 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, token->RRC[0] = 0; token->RRC[1] = 0; - ret = krb5_verify_checksum(context, crypto, + ret = krb5_verify_checksum(context, ctx->crypto, usage, output_message_buffer->value, len + sizeof(*token), &cksum); if (ret != 0) { *minor_status = ret; - krb5_crypto_destroy(context, crypto); _gsskrb5_release_buffer(minor_status, output_message_buffer); return GSS_S_BAD_MIC; } } - krb5_crypto_destroy(context, crypto); - if (qop_state != NULL) { *qop_state = GSS_C_QOP_DEFAULT; } @@ -661,14 +1570,12 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, } OM_uint32 _gssapi_mic_cfx(OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, + const gsskrb5_ctx ctx, krb5_context context, gss_qop_t qop_req, const gss_buffer_t message_buffer, - gss_buffer_t message_token, - krb5_keyblock *key) + gss_buffer_t message_token) { - krb5_crypto crypto; gss_cfx_mic_token token; krb5_error_code ret; unsigned usage; @@ -677,17 +1584,10 @@ OM_uint32 _gssapi_mic_cfx(OM_uint32 *minor_status, size_t len; int32_t seq_number; - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret != 0) { - *minor_status = ret; - return GSS_S_FAILURE; - } - len = message_buffer->length + sizeof(*token); buf = malloc(len); if (buf == NULL) { *minor_status = ENOMEM; - krb5_crypto_destroy(context, crypto); return GSS_S_FAILURE; } @@ -697,38 +1597,36 @@ OM_uint32 _gssapi_mic_cfx(OM_uint32 *minor_status, token->TOK_ID[0] = 0x04; token->TOK_ID[1] = 0x04; token->Flags = 0; - if ((context_handle->more_flags & LOCAL) == 0) + if ((ctx->more_flags & LOCAL) == 0) token->Flags |= CFXSentByAcceptor; - if (context_handle->more_flags & ACCEPTOR_SUBKEY) + if (ctx->more_flags & ACCEPTOR_SUBKEY) token->Flags |= CFXAcceptorSubkey; memset(token->Filler, 0xFF, 5); - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); + HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); krb5_auth_con_getlocalseqnumber(context, - context_handle->auth_context, + ctx->auth_context, &seq_number); _gsskrb5_encode_be_om_uint32(0, &token->SND_SEQ[0]); _gsskrb5_encode_be_om_uint32(seq_number, &token->SND_SEQ[4]); krb5_auth_con_setlocalseqnumber(context, - context_handle->auth_context, + ctx->auth_context, ++seq_number); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); + HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - if (context_handle->more_flags & LOCAL) { + if (ctx->more_flags & LOCAL) { usage = KRB5_KU_USAGE_INITIATOR_SIGN; } else { usage = KRB5_KU_USAGE_ACCEPTOR_SIGN; } - ret = krb5_create_checksum(context, crypto, + ret = krb5_create_checksum(context, ctx->crypto, usage, 0, buf, len, &cksum); if (ret != 0) { *minor_status = ret; - krb5_crypto_destroy(context, crypto); free(buf); return GSS_S_FAILURE; } - krb5_crypto_destroy(context, crypto); /* Determine MIC length */ message_token->length = sizeof(*token) + cksum.checksum.length; @@ -753,14 +1651,12 @@ OM_uint32 _gssapi_mic_cfx(OM_uint32 *minor_status, } OM_uint32 _gssapi_verify_mic_cfx(OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, + const gsskrb5_ctx ctx, krb5_context context, const gss_buffer_t message_buffer, const gss_buffer_t token_buffer, - gss_qop_t *qop_state, - krb5_keyblock *key) + gss_qop_t *qop_state) { - krb5_crypto crypto; gss_cfx_mic_token token; u_char token_flags; krb5_error_code ret; @@ -787,10 +1683,10 @@ OM_uint32 _gssapi_verify_mic_cfx(OM_uint32 *minor_status, token_flags = token->Flags & (CFXSentByAcceptor | CFXAcceptorSubkey); if (token_flags & CFXSentByAcceptor) { - if ((context_handle->more_flags & LOCAL) == 0) + if ((ctx->more_flags & LOCAL) == 0) return GSS_S_DEFECTIVE_TOKEN; } - if (context_handle->more_flags & ACCEPTOR_SUBKEY) { + if (ctx->more_flags & ACCEPTOR_SUBKEY) { if ((token_flags & CFXAcceptorSubkey) == 0) return GSS_S_DEFECTIVE_TOKEN; } else { @@ -798,7 +1694,7 @@ OM_uint32 _gssapi_verify_mic_cfx(OM_uint32 *minor_status, return GSS_S_DEFECTIVE_TOKEN; } - if (memcmp(token->Filler, "\xff\xff\xff\xff\xff", 5) != 0) { + if (ct_memcmp(token->Filler, "\xff\xff\xff\xff\xff", 5) != 0) { return GSS_S_DEFECTIVE_TOKEN; } @@ -812,36 +1708,29 @@ OM_uint32 _gssapi_verify_mic_cfx(OM_uint32 *minor_status, return GSS_S_UNSEQ_TOKEN; } - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - ret = _gssapi_msg_order_check(context_handle->order, seq_number_lo); + HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); + ret = _gssapi_msg_order_check(ctx->order, seq_number_lo); if (ret != 0) { *minor_status = 0; - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); + HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); return ret; } - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); + HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); /* * Verify checksum */ - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret != 0) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = krb5_crypto_get_checksum_type(context, crypto, + ret = krb5_crypto_get_checksum_type(context, ctx->crypto, &cksum.cksumtype); if (ret != 0) { *minor_status = ret; - krb5_crypto_destroy(context, crypto); return GSS_S_FAILURE; } cksum.checksum.data = p + sizeof(*token); cksum.checksum.length = token_buffer->length - sizeof(*token); - if (context_handle->more_flags & LOCAL) { + if (ctx->more_flags & LOCAL) { usage = KRB5_KU_USAGE_ACCEPTOR_SIGN; } else { usage = KRB5_KU_USAGE_INITIATOR_SIGN; @@ -850,18 +1739,16 @@ OM_uint32 _gssapi_verify_mic_cfx(OM_uint32 *minor_status, buf = malloc(message_buffer->length + sizeof(*token)); if (buf == NULL) { *minor_status = ENOMEM; - krb5_crypto_destroy(context, crypto); return GSS_S_FAILURE; } memcpy(buf, message_buffer->value, message_buffer->length); memcpy(buf + message_buffer->length, token, sizeof(*token)); - ret = krb5_verify_checksum(context, crypto, + ret = krb5_verify_checksum(context, ctx->crypto, usage, buf, sizeof(*token) + message_buffer->length, &cksum); - krb5_crypto_destroy(context, crypto); if (ret != 0) { *minor_status = ret; free(buf); diff --git a/lib/gssapi/krb5/cfx.h b/lib/gssapi/krb5/cfx.h index 672704a8418d..c30ed07840ef 100644 --- a/lib/gssapi/krb5/cfx.h +++ b/lib/gssapi/krb5/cfx.h @@ -30,7 +30,7 @@ * SUCH DAMAGE. */ -/* $Id: cfx.h 19031 2006-11-13 18:02:57Z lha $ */ +/* $Id$ */ #ifndef GSSAPI_CFX_H_ #define GSSAPI_CFX_H_ 1 diff --git a/lib/gssapi/krb5/compare_name.c b/lib/gssapi/krb5/compare_name.c index 3f3b59d11621..7409d45fcb89 100644 --- a/lib/gssapi/krb5/compare_name.c +++ b/lib/gssapi/krb5/compare_name.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: compare_name.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 _gsskrb5_compare_name +OM_uint32 GSSAPI_CALLCONV _gsskrb5_compare_name (OM_uint32 * minor_status, const gss_name_t name1, const gss_name_t name2, diff --git a/lib/gssapi/krb5/compat.c b/lib/gssapi/krb5/compat.c index a0f075621a49..3381dffa19ee 100644 --- a/lib/gssapi/krb5/compat.c +++ b/lib/gssapi/krb5/compat.c @@ -1,45 +1,42 @@ /* - * Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: compat.c 19031 2006-11-13 18:02:57Z lha $"); - +#include "gsskrb5_locl.h" static krb5_error_code -check_compat(OM_uint32 *minor_status, - krb5_context context, krb5_const_principal name, - const char *option, krb5_boolean *compat, +check_compat(OM_uint32 *minor_status, + krb5_context context, krb5_const_principal name, + const char *option, krb5_boolean *compat, krb5_boolean match_val) { krb5_error_code ret = 0; @@ -62,7 +59,7 @@ check_compat(OM_uint32 *minor_status, *compat = match_val; break; } - + krb5_free_principal(context, match); match = NULL; } @@ -92,11 +89,11 @@ _gss_DES3_get_mic_compat(OM_uint32 *minor_status, OM_uint32 ret; if ((ctx->more_flags & COMPAT_OLD_DES3_SELECTED) == 0) { - ret = check_compat(minor_status, context, ctx->target, + ret = check_compat(minor_status, context, ctx->target, "broken_des3_mic", &use_compat, TRUE); if (ret) return ret; - ret = check_compat(minor_status, context, ctx->target, + ret = check_compat(minor_status, context, ctx->target, "correct_des3_mic", &use_compat, FALSE); if (ret) return ret; diff --git a/lib/gssapi/krb5/context_time.c b/lib/gssapi/krb5/context_time.c index b57ac7854e69..cb1550011cd7 100644 --- a/lib/gssapi/krb5/context_time.c +++ b/lib/gssapi/krb5/context_time.c @@ -1,42 +1,40 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: context_time.c 19031 2006-11-13 18:02:57Z lha $"); +#include "gsskrb5_locl.h" OM_uint32 -_gsskrb5_lifetime_left(OM_uint32 *minor_status, +_gsskrb5_lifetime_left(OM_uint32 *minor_status, krb5_context context, OM_uint32 lifetime, OM_uint32 *lifetime_rec) @@ -55,7 +53,7 @@ _gsskrb5_lifetime_left(OM_uint32 *minor_status, return GSS_S_FAILURE; } - if (lifetime < timeret) + if (lifetime < timeret) *lifetime_rec = 0; else *lifetime_rec = lifetime - timeret; @@ -64,7 +62,7 @@ _gsskrb5_lifetime_left(OM_uint32 *minor_status, } -OM_uint32 _gsskrb5_context_time +OM_uint32 GSSAPI_CALLCONV _gsskrb5_context_time (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, OM_uint32 * time_rec @@ -90,6 +88,6 @@ OM_uint32 _gsskrb5_context_time if (*time_rec == 0) return GSS_S_CONTEXT_EXPIRED; - + return GSS_S_COMPLETE; } diff --git a/lib/gssapi/krb5/copy_ccache.c b/lib/gssapi/krb5/copy_ccache.c index 66d797c19933..e332d29c84aa 100644 --- a/lib/gssapi/krb5/copy_ccache.c +++ b/lib/gssapi/krb5/copy_ccache.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 2000 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 - 2001, 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: copy_ccache.c 20688 2007-05-17 18:44:31Z lha $"); +#include "gsskrb5_locl.h" #if 0 OM_uint32 @@ -65,11 +63,11 @@ gss_krb5_copy_ccache(OM_uint32 *minor_status, OM_uint32 -_gsskrb5_import_cred(OM_uint32 *minor_status, - krb5_ccache id, - krb5_principal keytab_principal, - krb5_keytab keytab, - gss_cred_id_t *cred) +_gsskrb5_krb5_import_cred(OM_uint32 *minor_status, + krb5_ccache id, + krb5_principal keytab_principal, + krb5_keytab keytab, + gss_cred_id_t *cred) { krb5_context context; krb5_error_code kret; @@ -102,7 +100,7 @@ _gsskrb5_import_cred(OM_uint32 *minor_status, *minor_status = kret; return GSS_S_FAILURE; } - + if (keytab_principal) { krb5_boolean match; @@ -147,8 +145,8 @@ _gsskrb5_import_cred(OM_uint32 *minor_status, handle->usage |= GSS_C_ACCEPT; if (keytab_principal && handle->principal == NULL) { - kret = krb5_copy_principal(context, - keytab_principal, + kret = krb5_copy_principal(context, + keytab_principal, &handle->principal); if (kret) goto out; diff --git a/lib/gssapi/krb5/creds.c b/lib/gssapi/krb5/creds.c new file mode 100644 index 000000000000..fa45d19b9812 --- /dev/null +++ b/lib/gssapi/krb5/creds.c @@ -0,0 +1,255 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gsskrb5_locl.h" + +OM_uint32 GSSAPI_CALLCONV +_gsskrb5_export_cred(OM_uint32 *minor_status, + gss_cred_id_t cred_handle, + gss_buffer_t cred_token) +{ + gsskrb5_cred handle = (gsskrb5_cred)cred_handle; + krb5_context context; + krb5_error_code ret; + krb5_storage *sp; + krb5_data data, mech; + const char *type; + char *str; + + GSSAPI_KRB5_INIT (&context); + + if (handle->usage != GSS_C_INITIATE && handle->usage != GSS_C_BOTH) { + *minor_status = GSS_KRB5_S_G_BAD_USAGE; + return GSS_S_FAILURE; + } + + sp = krb5_storage_emem(); + if (sp == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + type = krb5_cc_get_type(context, handle->ccache); + if (strcmp(type, "MEMORY") == 0) { + krb5_creds *creds; + ret = krb5_store_uint32(sp, 0); + if (ret) { + krb5_storage_free(sp); + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = _krb5_get_krbtgt(context, handle->ccache, + handle->principal->realm, + &creds); + if (ret) { + krb5_storage_free(sp); + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = krb5_store_creds(sp, creds); + krb5_free_creds(context, creds); + if (ret) { + krb5_storage_free(sp); + *minor_status = ret; + return GSS_S_FAILURE; + } + + } else { + ret = krb5_store_uint32(sp, 1); + if (ret) { + krb5_storage_free(sp); + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = krb5_cc_get_full_name(context, handle->ccache, &str); + if (ret) { + krb5_storage_free(sp); + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = krb5_store_string(sp, str); + free(str); + if (ret) { + krb5_storage_free(sp); + *minor_status = ret; + return GSS_S_FAILURE; + } + } + ret = krb5_storage_to_data(sp, &data); + krb5_storage_free(sp); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + sp = krb5_storage_emem(); + if (sp == NULL) { + krb5_data_free(&data); + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + mech.data = GSS_KRB5_MECHANISM->elements; + mech.length = GSS_KRB5_MECHANISM->length; + + ret = krb5_store_data(sp, mech); + if (ret) { + krb5_data_free(&data); + krb5_storage_free(sp); + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = krb5_store_data(sp, data); + krb5_data_free(&data); + if (ret) { + krb5_storage_free(sp); + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = krb5_storage_to_data(sp, &data); + krb5_storage_free(sp); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + cred_token->value = data.data; + cred_token->length = data.length; + + return GSS_S_COMPLETE; +} + +OM_uint32 GSSAPI_CALLCONV +_gsskrb5_import_cred(OM_uint32 * minor_status, + gss_buffer_t cred_token, + gss_cred_id_t * cred_handle) +{ + krb5_context context; + krb5_error_code ret; + gsskrb5_cred handle; + krb5_ccache id; + krb5_storage *sp; + char *str; + uint32_t type; + int flags = 0; + + *cred_handle = GSS_C_NO_CREDENTIAL; + + GSSAPI_KRB5_INIT (&context); + + sp = krb5_storage_from_mem(cred_token->value, cred_token->length); + if (sp == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + ret = krb5_ret_uint32(sp, &type); + if (ret) { + krb5_storage_free(sp); + *minor_status = ret; + return GSS_S_FAILURE; + } + switch (type) { + case 0: { + krb5_creds creds; + + ret = krb5_ret_creds(sp, &creds); + krb5_storage_free(sp); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = krb5_cc_new_unique(context, "MEMORY", NULL, &id); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = krb5_cc_initialize(context, id, creds.client); + if (ret) { + krb5_cc_destroy(context, id); + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = krb5_cc_store_cred(context, id, &creds); + krb5_free_cred_contents(context, &creds); + + flags |= GSS_CF_DESTROY_CRED_ON_RELEASE; + + break; + } + case 1: + ret = krb5_ret_string(sp, &str); + krb5_storage_free(sp); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = krb5_cc_resolve(context, str, &id); + krb5_xfree(str); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + break; + + default: + krb5_storage_free(sp); + *minor_status = 0; + return GSS_S_NO_CRED; + } + + handle = calloc(1, sizeof(*handle)); + if (handle == NULL) { + krb5_cc_close(context, id); + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + handle->usage = GSS_C_INITIATE; + krb5_cc_get_principal(context, id, &handle->principal); + handle->ccache = id; + handle->cred_flags = flags; + + *cred_handle = (gss_cred_id_t)handle; + + return GSS_S_COMPLETE; +} diff --git a/lib/gssapi/krb5/decapsulate.c b/lib/gssapi/krb5/decapsulate.c index 39176faff442..640c064d0bf1 100644 --- a/lib/gssapi/krb5/decapsulate.c +++ b/lib/gssapi/krb5/decapsulate.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: decapsulate.c 18334 2006-10-07 22:16:04Z lha $"); +#include "gsskrb5_locl.h" /* * return the length of the mechanism in token or -1 @@ -82,9 +80,9 @@ _gssapi_verify_mech_header(u_char **str, if (mech_len != mech->length) return GSS_S_BAD_MECH; - if (memcmp(p, - mech->elements, - mech->length) != 0) + if (ct_memcmp(p, + mech->elements, + mech->length) != 0) return GSS_S_BAD_MECH; p += mech_len; *str = rk_UNCONST(p); @@ -110,7 +108,7 @@ _gsskrb5_verify_header(u_char **str, if (len < 2) return GSS_S_DEFECTIVE_TOKEN; - if (memcmp (*str, type, 2) != 0) + if (ct_memcmp (*str, type, 2) != 0) return GSS_S_DEFECTIVE_TOKEN; *str += 2; @@ -154,7 +152,7 @@ _gssapi_decapsulate( */ OM_uint32 -_gsskrb5_decapsulate(OM_uint32 *minor_status, +_gsskrb5_decapsulate(OM_uint32 *minor_status, gss_buffer_t input_token_buffer, krb5_data *out_data, const void *type, @@ -184,7 +182,7 @@ _gsskrb5_decapsulate(OM_uint32 *minor_status, */ OM_uint32 -_gssapi_verify_pad(gss_buffer_t wrapped_token, +_gssapi_verify_pad(gss_buffer_t wrapped_token, size_t datalen, size_t *padlen) { diff --git a/lib/gssapi/krb5/delete_sec_context.c b/lib/gssapi/krb5/delete_sec_context.c index abad98655026..83a66cc0ca01 100644 --- a/lib/gssapi/krb5/delete_sec_context.c +++ b/lib/gssapi/krb5/delete_sec_context.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: delete_sec_context.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_delete_sec_context(OM_uint32 * minor_status, gss_ctx_id_t * context_handle, gss_buffer_t output_token) @@ -61,6 +59,9 @@ _gsskrb5_delete_sec_context(OM_uint32 * minor_status, HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); krb5_auth_con_free (context, ctx->auth_context); + krb5_auth_con_free (context, ctx->deleg_auth_context); + if (ctx->kcred) + krb5_free_creds(context, ctx->kcred); if(ctx->source) krb5_free_principal (context, ctx->source); if(ctx->target) @@ -72,6 +73,8 @@ _gsskrb5_delete_sec_context(OM_uint32 * minor_status, if (ctx->service_keyblock) krb5_free_keyblock (context, ctx->service_keyblock); krb5_data_free(&ctx->fwd_data); + if (ctx->crypto) + krb5_crypto_destroy(context, ctx->crypto); HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); HEIMDAL_MUTEX_destroy(&ctx->ctx_id_mutex); diff --git a/lib/gssapi/krb5/display_name.c b/lib/gssapi/krb5/display_name.c index 727c447d2a06..a296399cecad 100644 --- a/lib/gssapi/krb5/display_name.c +++ b/lib/gssapi/krb5/display_name.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: display_name.c 21077 2007-06-12 22:42:56Z lha $"); - -OM_uint32 _gsskrb5_display_name +OM_uint32 GSSAPI_CALLCONV _gsskrb5_display_name (OM_uint32 * minor_status, const gss_name_t input_name, gss_buffer_t output_name_buffer, diff --git a/lib/gssapi/krb5/display_status.c b/lib/gssapi/krb5/display_status.c index c0192522a72a..c50200672aaf 100644 --- a/lib/gssapi/krb5/display_status.c +++ b/lib/gssapi/krb5/display_status.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1998 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: display_status.c 19031 2006-11-13 18:02:57Z lha $"); +#include "gsskrb5_locl.h" static const char * calling_error(OM_uint32 v) @@ -118,29 +116,30 @@ _gsskrb5_clear_status (void) if (_gsskrb5_init (&context) != 0) return; - krb5_clear_error_string(context); + krb5_clear_error_message(context); } void -_gsskrb5_set_status (const char *fmt, ...) +_gsskrb5_set_status (int ret, const char *fmt, ...) { krb5_context context; va_list args; char *str; + int e; if (_gsskrb5_init (&context) != 0) return; va_start(args, fmt); - vasprintf(&str, fmt, args); + e = vasprintf(&str, fmt, args); va_end(args); - if (str) { - krb5_set_error_string(context, str); + if (e >= 0 && str) { + krb5_set_error_message(context, ret, "%s", str); free(str); } } -OM_uint32 _gsskrb5_display_status +OM_uint32 GSSAPI_CALLCONV _gsskrb5_display_status (OM_uint32 *minor_status, OM_uint32 status_value, int status_type, @@ -149,7 +148,8 @@ OM_uint32 _gsskrb5_display_status gss_buffer_t status_string) { krb5_context context; - char *buf; + char *buf = NULL; + int e = 0; GSSAPI_KRB5_INIT (&context); @@ -164,28 +164,27 @@ OM_uint32 _gsskrb5_display_status if (status_type == GSS_C_GSS_CODE) { if (GSS_SUPPLEMENTARY_INFO(status_value)) - asprintf(&buf, "%s", - supplementary_error(GSS_SUPPLEMENTARY_INFO(status_value))); + e = asprintf(&buf, "%s", + supplementary_error(GSS_SUPPLEMENTARY_INFO(status_value))); else - asprintf (&buf, "%s %s", - calling_error(GSS_CALLING_ERROR(status_value)), - routine_error(GSS_ROUTINE_ERROR(status_value))); + e = asprintf (&buf, "%s %s", + calling_error(GSS_CALLING_ERROR(status_value)), + routine_error(GSS_ROUTINE_ERROR(status_value))); } else if (status_type == GSS_C_MECH_CODE) { - buf = krb5_get_error_string(context); - if (buf == NULL) { - const char *tmp = krb5_get_err_text (context, status_value); - if (tmp == NULL) - asprintf(&buf, "unknown mech error-code %u", + const char *buf2 = krb5_get_error_message(context, status_value); + if (buf2) { + buf = strdup(buf2); + krb5_free_error_message(context, buf2); + } else { + e = asprintf(&buf, "unknown mech error-code %u", (unsigned)status_value); - else - buf = strdup(tmp); } } else { *minor_status = EINVAL; return GSS_S_BAD_STATUS; } - if (buf == NULL) { + if (e < 0 || buf == NULL) { *minor_status = ENOMEM; return GSS_S_FAILURE; } @@ -195,6 +194,6 @@ OM_uint32 _gsskrb5_display_status status_string->length = strlen(buf); status_string->value = buf; - + return GSS_S_COMPLETE; } diff --git a/lib/gssapi/krb5/duplicate_name.c b/lib/gssapi/krb5/duplicate_name.c index 7337f1ab72b8..0bc57e8a03ed 100644 --- a/lib/gssapi/krb5/duplicate_name.c +++ b/lib/gssapi/krb5/duplicate_name.c @@ -1,58 +1,57 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: duplicate_name.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 _gsskrb5_duplicate_name ( +OM_uint32 GSSAPI_CALLCONV _gsskrb5_duplicate_name ( OM_uint32 * minor_status, const gss_name_t src_name, gss_name_t * dest_name ) { - krb5_context context; krb5_const_principal src = (krb5_const_principal)src_name; - krb5_principal *dest = (krb5_principal *)dest_name; + krb5_context context; + krb5_principal dest; krb5_error_code kret; GSSAPI_KRB5_INIT (&context); - kret = krb5_copy_principal (context, src, dest); + kret = krb5_copy_principal (context, src, &dest); if (kret) { *minor_status = kret; return GSS_S_FAILURE; } else { + *dest_name = (gss_name_t)dest; *minor_status = 0; return GSS_S_COMPLETE; } diff --git a/lib/gssapi/krb5/encapsulate.c b/lib/gssapi/krb5/encapsulate.c index 58dcb5c9c4b2..fe5dac7c60b2 100644 --- a/lib/gssapi/krb5/encapsulate.c +++ b/lib/gssapi/krb5/encapsulate.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: encapsulate.c 18459 2006-10-14 10:12:16Z lha $"); +#include "gsskrb5_locl.h" void _gssapi_encap_length (size_t data_len, @@ -110,13 +108,13 @@ _gssapi_encapsulate( void *p; _gssapi_encap_length (in_data->length, &len, &outer_len, mech); - + output_token->length = outer_len; output_token->value = malloc (outer_len); if (output_token->value == NULL) { *minor_status = ENOMEM; return GSS_S_FAILURE; - } + } p = _gssapi_make_mech_header (output_token->value, len, mech); memcpy (p, in_data->data, in_data->length); @@ -130,7 +128,7 @@ _gssapi_encapsulate( OM_uint32 _gsskrb5_encapsulate( - OM_uint32 *minor_status, + OM_uint32 *minor_status, const krb5_data *in_data, gss_buffer_t output_token, const void *type, @@ -141,13 +139,13 @@ _gsskrb5_encapsulate( u_char *p; _gsskrb5_encap_length (in_data->length, &len, &outer_len, mech); - + output_token->length = outer_len; output_token->value = malloc (outer_len); if (output_token->value == NULL) { *minor_status = ENOMEM; return GSS_S_FAILURE; - } + } p = _gsskrb5_make_header (output_token->value, len, type, mech); memcpy (p, in_data->data, in_data->length); diff --git a/lib/gssapi/krb5/export_name.c b/lib/gssapi/krb5/export_name.c index efa45a2638bf..32368d3ccefd 100644 --- a/lib/gssapi/krb5/export_name.c +++ b/lib/gssapi/krb5/export_name.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997, 1999, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1999, 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: export_name.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 _gsskrb5_export_name +OM_uint32 GSSAPI_CALLCONV _gsskrb5_export_name (OM_uint32 * minor_status, const gss_name_t input_name, gss_buffer_t exported_name diff --git a/lib/gssapi/krb5/export_sec_context.c b/lib/gssapi/krb5/export_sec_context.c index 00218617a07b..eeb2743b4322 100644 --- a/lib/gssapi/krb5/export_sec_context.c +++ b/lib/gssapi/krb5/export_sec_context.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: export_sec_context.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_export_sec_context ( OM_uint32 * minor_status, gss_ctx_id_t * context_handle, diff --git a/lib/gssapi/krb5/external.c b/lib/gssapi/krb5/external.c index 03fe61dc5744..26ede2487d30 100644 --- a/lib/gssapi/krb5/external.c +++ b/lib/gssapi/krb5/external.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" #include -RCSID("$Id: external.c 22128 2007-12-04 00:56:55Z lha $"); - /* * The implementation must reserve static storage for a * gss_OID_desc object containing the value @@ -48,10 +46,8 @@ RCSID("$Id: external.c 22128 2007-12-04 00:56:55Z lha $"); * to that gss_OID_desc. */ -static gss_OID_desc gss_c_nt_user_name_oid_desc = -{10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x01")}; - -gss_OID GSS_C_NT_USER_NAME = &gss_c_nt_user_name_oid_desc; +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_user_name_oid_desc = + {10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x01")}; /* * The implementation must reserve static storage for a @@ -65,10 +61,8 @@ gss_OID GSS_C_NT_USER_NAME = &gss_c_nt_user_name_oid_desc; * initialized to point to that gss_OID_desc. */ -static gss_OID_desc gss_c_nt_machine_uid_name_oid_desc = -{10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x02")}; - -gss_OID GSS_C_NT_MACHINE_UID_NAME = &gss_c_nt_machine_uid_name_oid_desc; +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_machine_uid_name_oid_desc = + {10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x02")}; /* * The implementation must reserve static storage for a @@ -82,10 +76,8 @@ gss_OID GSS_C_NT_MACHINE_UID_NAME = &gss_c_nt_machine_uid_name_oid_desc; * initialized to point to that gss_OID_desc. */ -static gss_OID_desc gss_c_nt_string_uid_name_oid_desc = -{10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x03")}; - -gss_OID GSS_C_NT_STRING_UID_NAME = &gss_c_nt_string_uid_name_oid_desc; +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_string_uid_name_oid_desc = + {10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x03")}; /* * The implementation must reserve static storage for a @@ -105,10 +97,8 @@ gss_OID GSS_C_NT_STRING_UID_NAME = &gss_c_nt_string_uid_name_oid_desc; * implementations */ -static gss_OID_desc gss_c_nt_hostbased_service_x_oid_desc = -{6, rk_UNCONST("\x2b\x06\x01\x05\x06\x02")}; - -gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &gss_c_nt_hostbased_service_x_oid_desc; +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_hostbased_service_x_oid_desc = + {6, rk_UNCONST("\x2b\x06\x01\x05\x06\x02")}; /* * The implementation must reserve static storage for a @@ -121,10 +111,8 @@ gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &gss_c_nt_hostbased_service_x_oid_desc; * GSS_C_NT_HOSTBASED_SERVICE should be initialized * to point to that gss_OID_desc. */ -static gss_OID_desc gss_c_nt_hostbased_service_oid_desc = -{10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x04")}; - -gss_OID GSS_C_NT_HOSTBASED_SERVICE = &gss_c_nt_hostbased_service_oid_desc; +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_hostbased_service_oid_desc = + {10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x04")}; /* * The implementation must reserve static storage for a @@ -137,10 +125,8 @@ gss_OID GSS_C_NT_HOSTBASED_SERVICE = &gss_c_nt_hostbased_service_oid_desc; * to that gss_OID_desc. */ -static gss_OID_desc gss_c_nt_anonymous_oid_desc = -{6, rk_UNCONST("\x2b\x06\01\x05\x06\x03")}; - -gss_OID GSS_C_NT_ANONYMOUS = &gss_c_nt_anonymous_oid_desc; +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_anonymous_oid_desc = + {6, rk_UNCONST("\x2b\x06\01\x05\x06\x03")}; /* * The implementation must reserve static storage for a @@ -153,10 +139,8 @@ gss_OID GSS_C_NT_ANONYMOUS = &gss_c_nt_anonymous_oid_desc; * to that gss_OID_desc. */ -static gss_OID_desc gss_c_nt_export_name_oid_desc = -{6, rk_UNCONST("\x2b\x06\x01\x05\x06\x04") }; - -gss_OID GSS_C_NT_EXPORT_NAME = &gss_c_nt_export_name_oid_desc; +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_export_name_oid_desc = + {6, rk_UNCONST("\x2b\x06\x01\x05\x06\x04") }; /* * This name form shall be represented by the Object Identifier {iso(1) @@ -165,66 +149,8 @@ gss_OID GSS_C_NT_EXPORT_NAME = &gss_c_nt_export_name_oid_desc; * is "GSS_KRB5_NT_PRINCIPAL_NAME". */ -static gss_OID_desc gss_krb5_nt_principal_name_oid_desc = -{10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01") }; - -gss_OID GSS_KRB5_NT_PRINCIPAL_NAME = &gss_krb5_nt_principal_name_oid_desc; - -/* - * This name form shall be represented by the Object Identifier {iso(1) - * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) - * generic(1) user_name(1)}. The recommended symbolic name for this - * type is "GSS_KRB5_NT_USER_NAME". - */ - -gss_OID GSS_KRB5_NT_USER_NAME = &gss_c_nt_user_name_oid_desc; - -/* - * This name form shall be represented by the Object Identifier {iso(1) - * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) - * generic(1) machine_uid_name(2)}. The recommended symbolic name for - * this type is "GSS_KRB5_NT_MACHINE_UID_NAME". - */ - -gss_OID GSS_KRB5_NT_MACHINE_UID_NAME = &gss_c_nt_machine_uid_name_oid_desc; - -/* - * This name form shall be represented by the Object Identifier {iso(1) - * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) - * generic(1) string_uid_name(3)}. The recommended symbolic name for - * this type is "GSS_KRB5_NT_STRING_UID_NAME". - */ - -gss_OID GSS_KRB5_NT_STRING_UID_NAME = &gss_c_nt_string_uid_name_oid_desc; - -/* - * To support ongoing experimentation, testing, and evolution of the - * specification, the Kerberos V5 GSS-API mechanism as defined in this - * and any successor memos will be identified with the following Object - * Identifier, as defined in RFC-1510, until the specification is - * advanced to the level of Proposed Standard RFC: - * - * {iso(1), org(3), dod(5), internet(1), security(5), kerberosv5(2)} - * - * Upon advancement to the level of Proposed Standard RFC, the Kerberos - * V5 GSS-API mechanism will be identified by an Object Identifier - * having the value: - * - * {iso(1) member-body(2) United States(840) mit(113554) infosys(1) - * gssapi(2) krb5(2)} - */ - -#if 0 /* This is the old OID */ - -static gss_OID_desc gss_krb5_mechanism_oid_desc = -{5, rk_UNCONST("\x2b\x05\x01\x05\x02")}; - -#endif - -static gss_OID_desc gss_krb5_mechanism_oid_desc = -{9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") }; - -gss_OID GSS_KRB5_MECHANISM = &gss_krb5_mechanism_oid_desc; +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_nt_principal_name_oid_desc = + {10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01") }; /* * draft-ietf-cat-iakerb-09, IAKERB: @@ -239,141 +165,107 @@ gss_OID GSS_KRB5_MECHANISM = &gss_krb5_mechanism_oid_desc; * iakerbMinimumMessagesProtocol(2)}. */ -static gss_OID_desc gss_iakerb_proxy_mechanism_oid_desc = -{7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0a\x01")}; +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_iakerb_proxy_mechanism_oid_desc = + {7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0a\x01")}; -gss_OID GSS_IAKERB_PROXY_MECHANISM = &gss_iakerb_proxy_mechanism_oid_desc; - -static gss_OID_desc gss_iakerb_min_msg_mechanism_oid_desc = -{7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0a\x02") }; - -gss_OID GSS_IAKERB_MIN_MSG_MECHANISM = &gss_iakerb_min_msg_mechanism_oid_desc; - -/* - * - */ - -static gss_OID_desc gss_c_peer_has_updated_spnego_oid_desc = -{9, (void *)"\x2b\x06\x01\x04\x01\xa9\x4a\x13\x05"}; - -gss_OID GSS_C_PEER_HAS_UPDATED_SPNEGO = &gss_c_peer_has_updated_spnego_oid_desc; - -/* - * 1.2.752.43.13 Heimdal GSS-API Extentions - */ - -/* 1.2.752.43.13.1 */ -static gss_OID_desc gss_krb5_copy_ccache_x_oid_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x01")}; - -gss_OID GSS_KRB5_COPY_CCACHE_X = &gss_krb5_copy_ccache_x_oid_desc; - -/* 1.2.752.43.13.2 */ -static gss_OID_desc gss_krb5_get_tkt_flags_x_oid_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x02")}; - -gss_OID GSS_KRB5_GET_TKT_FLAGS_X = &gss_krb5_get_tkt_flags_x_oid_desc; - -/* 1.2.752.43.13.3 */ -static gss_OID_desc gss_krb5_extract_authz_data_from_sec_context_x_oid_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x03")}; - -gss_OID GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X = &gss_krb5_extract_authz_data_from_sec_context_x_oid_desc; - -/* 1.2.752.43.13.4 */ -static gss_OID_desc gss_krb5_compat_des3_mic_x_oid_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x04")}; - -gss_OID GSS_KRB5_COMPAT_DES3_MIC_X = &gss_krb5_compat_des3_mic_x_oid_desc; - -/* 1.2.752.43.13.5 */ -static gss_OID_desc gss_krb5_register_acceptor_identity_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x05")}; - -gss_OID GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X = &gss_krb5_register_acceptor_identity_x_desc; - -/* 1.2.752.43.13.6 */ -static gss_OID_desc gss_krb5_export_lucid_context_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x06")}; - -gss_OID GSS_KRB5_EXPORT_LUCID_CONTEXT_X = &gss_krb5_export_lucid_context_x_desc; - -/* 1.2.752.43.13.6.1 */ -static gss_OID_desc gss_krb5_export_lucid_context_v1_x_desc = -{7, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x06\x01")}; - -gss_OID GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X = &gss_krb5_export_lucid_context_v1_x_desc; - -/* 1.2.752.43.13.7 */ -static gss_OID_desc gss_krb5_set_dns_canonicalize_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x07")}; - -gss_OID GSS_KRB5_SET_DNS_CANONICALIZE_X = &gss_krb5_set_dns_canonicalize_x_desc; - -/* 1.2.752.43.13.8 */ -static gss_OID_desc gss_krb5_get_subkey_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x08")}; - -gss_OID GSS_KRB5_GET_SUBKEY_X = &gss_krb5_get_subkey_x_desc; - -/* 1.2.752.43.13.9 */ -static gss_OID_desc gss_krb5_get_initiator_subkey_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x09")}; - -gss_OID GSS_KRB5_GET_INITIATOR_SUBKEY_X = &gss_krb5_get_initiator_subkey_x_desc; - -/* 1.2.752.43.13.10 */ -static gss_OID_desc gss_krb5_get_acceptor_subkey_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0a")}; - -gss_OID GSS_KRB5_GET_ACCEPTOR_SUBKEY_X = &gss_krb5_get_acceptor_subkey_x_desc; - -/* 1.2.752.43.13.11 */ -static gss_OID_desc gss_krb5_send_to_kdc_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0b")}; - -gss_OID GSS_KRB5_SEND_TO_KDC_X = &gss_krb5_send_to_kdc_x_desc; - -/* 1.2.752.43.13.12 */ -static gss_OID_desc gss_krb5_get_authtime_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0c")}; - -gss_OID GSS_KRB5_GET_AUTHTIME_X = &gss_krb5_get_authtime_x_desc; - -/* 1.2.752.43.13.13 */ -static gss_OID_desc gss_krb5_get_service_keyblock_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0d")}; - -gss_OID GSS_KRB5_GET_SERVICE_KEYBLOCK_X = &gss_krb5_get_service_keyblock_x_desc; - -/* 1.2.752.43.13.14 */ -static gss_OID_desc gss_krb5_set_allowable_enctypes_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0e")}; - -gss_OID GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X = &gss_krb5_set_allowable_enctypes_x_desc; - -/* 1.2.752.43.13.15 */ -static gss_OID_desc gss_krb5_set_default_realm_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0f")}; - -gss_OID GSS_KRB5_SET_DEFAULT_REALM_X = &gss_krb5_set_default_realm_x_desc; - -/* 1.2.752.43.13.16 */ -static gss_OID_desc gss_krb5_ccache_name_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x10")}; - -gss_OID GSS_KRB5_CCACHE_NAME_X = &gss_krb5_ccache_name_x_desc; - -/* 1.2.752.43.14.1 */ -static gss_OID_desc gss_sasl_digest_md5_mechanism_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x01") }; - -gss_OID GSS_SASL_DIGEST_MD5_MECHANISM = &gss_sasl_digest_md5_mechanism_desc; +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_iakerb_min_msg_mechanism_oid_desc = + {7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0a\x02") }; /* * Context for krb5 calls. */ +static gss_mo_desc krb5_mo[] = { + { + GSS_C_MA_SASL_MECH_NAME, + GSS_MO_MA, + "SASL mech name", + rk_UNCONST("GS2-KRB5"), + _gss_mo_get_ctx_as_string, + NULL + }, + { + GSS_C_MA_MECH_NAME, + GSS_MO_MA, + "Mechanism name", + rk_UNCONST("KRB5"), + _gss_mo_get_ctx_as_string, + NULL + }, + { + GSS_C_MA_MECH_DESCRIPTION, + GSS_MO_MA, + "Mechanism description", + rk_UNCONST("Heimdal Kerberos 5 mech"), + _gss_mo_get_ctx_as_string, + NULL + }, + { + GSS_C_MA_MECH_CONCRETE, + GSS_MO_MA + }, + { + GSS_C_MA_ITOK_FRAMED, + GSS_MO_MA + }, + { + GSS_C_MA_AUTH_INIT, + GSS_MO_MA + }, + { + GSS_C_MA_AUTH_TARG, + GSS_MO_MA + }, + { + GSS_C_MA_AUTH_INIT_ANON, + GSS_MO_MA + }, + { + GSS_C_MA_DELEG_CRED, + GSS_MO_MA + }, + { + GSS_C_MA_INTEG_PROT, + GSS_MO_MA + }, + { + GSS_C_MA_CONF_PROT, + GSS_MO_MA + }, + { + GSS_C_MA_MIC, + GSS_MO_MA + }, + { + GSS_C_MA_WRAP, + GSS_MO_MA + }, + { + GSS_C_MA_PROT_READY, + GSS_MO_MA + }, + { + GSS_C_MA_REPLAY_DET, + GSS_MO_MA + }, + { + GSS_C_MA_OOS_DET, + GSS_MO_MA + }, + { + GSS_C_MA_CBINDINGS, + GSS_MO_MA + }, + { + GSS_C_MA_PFS, + GSS_MO_MA + }, + { + GSS_C_MA_CTX_TRANS, + GSS_MO_MA + } +}; + /* * */ @@ -381,7 +273,8 @@ gss_OID GSS_SASL_DIGEST_MD5_MECHANISM = &gss_sasl_digest_md5_mechanism_desc; static gssapi_mech_interface_desc krb5_mech = { GMI_VERSION, "kerberos 5", - {9, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" }, + {9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") }, + 0, _gsskrb5_acquire_cred, _gsskrb5_release_cred, _gsskrb5_init_sec_context, @@ -415,7 +308,31 @@ static gssapi_mech_interface_desc krb5_mech = { _gsskrb5_inquire_cred_by_oid, _gsskrb5_set_sec_context_option, _gsskrb5_set_cred_option, - _gsskrb5_pseudo_random + _gsskrb5_pseudo_random, + _gk_wrap_iov, + _gk_unwrap_iov, + _gk_wrap_iov_length, + _gsskrb5_store_cred, + _gsskrb5_export_cred, + _gsskrb5_import_cred, + _gsskrb5_acquire_cred_ext, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + krb5_mo, + sizeof(krb5_mo) / sizeof(krb5_mo[0]), + _gsskrb5_pname_to_uid, + _gsskrb5_authorize_localname, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL }; gssapi_mech_interface diff --git a/lib/gssapi/krb5/get_mic.c b/lib/gssapi/krb5/get_mic.c index 133481ffe173..0109ca7c6e76 100644 --- a/lib/gssapi/krb5/get_mic.c +++ b/lib/gssapi/krb5/get_mic.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: get_mic.c 19031 2006-11-13 18:02:57Z lha $"); +#ifdef HEIM_WEAK_CRYPTO static OM_uint32 mic_des @@ -47,9 +47,10 @@ mic_des ) { u_char *p; - MD5_CTX md5; + EVP_MD_CTX *md5; u_char hash[16]; DES_key_schedule schedule; + EVP_CIPHER_CTX des_ctx; DES_cblock deskey; DES_cblock zero; int32_t seq_number; @@ -68,7 +69,7 @@ mic_des p = _gsskrb5_make_header(message_token->value, len, "\x01\x01", /* TOK_ID */ - GSS_KRB5_MECHANISM); + GSS_KRB5_MECHANISM); memcpy (p, "\x00\x00", 2); /* SGN_ALG = DES MAC MD5 */ p += 2; @@ -81,14 +82,16 @@ mic_des p += 16; /* checksum */ - MD5_Init (&md5); - MD5_Update (&md5, p - 24, 8); - MD5_Update (&md5, message_buffer->value, message_buffer->length); - MD5_Final (hash, &md5); + md5 = EVP_MD_CTX_create(); + EVP_DigestInit_ex(md5, EVP_md5(), NULL); + EVP_DigestUpdate(md5, p - 24, 8); + EVP_DigestUpdate(md5, message_buffer->value, message_buffer->length); + EVP_DigestFinal_ex(md5, hash, NULL); + EVP_MD_CTX_destroy(md5); memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - DES_set_key (&deskey, &schedule); + DES_set_key_unchecked (&deskey, &schedule); DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), &schedule, &zero); memcpy (p - 8, hash, 8); /* SGN_CKSUM */ @@ -108,21 +111,23 @@ mic_des (ctx->more_flags & LOCAL) ? 0 : 0xFF, 4); - DES_set_key (&deskey, &schedule); - DES_cbc_encrypt ((void *)p, (void *)p, 8, - &schedule, (DES_cblock *)(p + 8), DES_ENCRYPT); + EVP_CIPHER_CTX_init(&des_ctx); + EVP_CipherInit_ex(&des_ctx, EVP_des_cbc(), NULL, key->keyvalue.data, p + 8, 1); + EVP_Cipher(&des_ctx, p, p, 8); + EVP_CIPHER_CTX_cleanup(&des_ctx); krb5_auth_con_setlocalseqnumber (context, ctx->auth_context, ++seq_number); HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - + memset (deskey, 0, sizeof(deskey)); memset (&schedule, 0, sizeof(schedule)); - + *minor_status = 0; return GSS_S_COMPLETE; } +#endif static OM_uint32 mic_des3 @@ -252,7 +257,7 @@ mic_des3 *minor_status = kret; return GSS_S_FAILURE; } - + assert (encdata.length == 8); memcpy (p, encdata.data, encdata.length); @@ -262,13 +267,13 @@ mic_des3 ctx->auth_context, ++seq_number); HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - + free_Checksum (&cksum); *minor_status = 0; return GSS_S_COMPLETE; } -OM_uint32 _gsskrb5_get_mic +OM_uint32 GSSAPI_CALLCONV _gsskrb5_get_mic (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, gss_qop_t qop_req, @@ -284,6 +289,10 @@ OM_uint32 _gsskrb5_get_mic GSSAPI_KRB5_INIT (&context); + if (ctx->more_flags & IS_CFX) + return _gssapi_mic_cfx (minor_status, ctx, context, qop_req, + message_buffer, message_token); + HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); ret = _gsskrb5i_get_token_key(ctx, context, &key); HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); @@ -295,8 +304,12 @@ OM_uint32 _gsskrb5_get_mic switch (keytype) { case KEYTYPE_DES : +#ifdef HEIM_WEAK_CRYPTO ret = mic_des (minor_status, ctx, context, qop_req, message_buffer, message_token, key); +#else + ret = GSS_S_FAILURE; +#endif break; case KEYTYPE_DES3 : ret = mic_des3 (minor_status, ctx, context, qop_req, @@ -308,8 +321,7 @@ OM_uint32 _gsskrb5_get_mic message_buffer, message_token, key); break; default : - ret = _gssapi_mic_cfx (minor_status, ctx, context, qop_req, - message_buffer, message_token, key); + abort(); break; } krb5_free_keyblock (context, key); diff --git a/lib/gssapi/krb5/gkrb5_err.et b/lib/gssapi/krb5/gkrb5_err.et index dbfdbdf2f122..3c23412a6aee 100644 --- a/lib/gssapi/krb5/gkrb5_err.et +++ b/lib/gssapi/krb5/gkrb5_err.et @@ -2,7 +2,7 @@ # extended gss krb5 error messages # -id "$Id: gkrb5_err.et 20049 2007-01-24 00:14:24Z lha $" +id "$Id$" error_table gk5 diff --git a/lib/gssapi/krb5/gsskrb5-private.h b/lib/gssapi/krb5/gsskrb5-private.h index c2239f134625..2a669d867f16 100644 --- a/lib/gssapi/krb5/gsskrb5-private.h +++ b/lib/gssapi/krb5/gsskrb5-private.h @@ -15,6 +15,55 @@ __gsskrb5_ccache_lifetime ( krb5_principal /*principal*/, OM_uint32 */*lifetime*/); +OM_uint32 +_gk_allocate_buffer ( + OM_uint32 */*minor_status*/, + gss_iov_buffer_desc */*buffer*/, + size_t /*size*/); + +gss_iov_buffer_desc * +_gk_find_buffer ( + gss_iov_buffer_desc */*iov*/, + int /*iov_count*/, + OM_uint32 /*type*/); + +OM_uint32 GSSAPI_CALLCONV +_gk_unwrap_iov ( + OM_uint32 */*minor_status*/, + gss_ctx_id_t /*context_handle*/, + int */*conf_state*/, + gss_qop_t */*qop_state*/, + gss_iov_buffer_desc */*iov*/, + int /*iov_count*/); + +OM_uint32 +_gk_verify_buffers ( + OM_uint32 */*minor_status*/, + const gsskrb5_ctx /*ctx*/, + const gss_iov_buffer_desc */*header*/, + const gss_iov_buffer_desc */*padding*/, + const gss_iov_buffer_desc */*trailer*/); + +OM_uint32 GSSAPI_CALLCONV +_gk_wrap_iov ( + OM_uint32 * /*minor_status*/, + gss_ctx_id_t /*context_handle*/, + int /*conf_req_flag*/, + gss_qop_t /*qop_req*/, + int * /*conf_state*/, + gss_iov_buffer_desc */*iov*/, + int /*iov_count*/); + +OM_uint32 GSSAPI_CALLCONV +_gk_wrap_iov_length ( + OM_uint32 * /*minor_status*/, + gss_ctx_id_t /*context_handle*/, + int /*conf_req_flag*/, + gss_qop_t /*qop_req*/, + int */*conf_state*/, + gss_iov_buffer_desc */*iov*/, + int /*iov_count*/); + OM_uint32 _gss_DES3_get_mic_compat ( OM_uint32 */*minor_status*/, @@ -61,12 +110,11 @@ _gssapi_make_mech_header ( OM_uint32 _gssapi_mic_cfx ( OM_uint32 */*minor_status*/, - const gsskrb5_ctx /*context_handle*/, + const gsskrb5_ctx /*ctx*/, krb5_context /*context*/, gss_qop_t /*qop_req*/, const gss_buffer_t /*message_buffer*/, - gss_buffer_t /*message_token*/, - krb5_keyblock */*key*/); + gss_buffer_t /*message_token*/); OM_uint32 _gssapi_msg_order_check ( @@ -113,13 +161,22 @@ _gssapi_unwrap_arcfour ( OM_uint32 _gssapi_unwrap_cfx ( OM_uint32 */*minor_status*/, - const gsskrb5_ctx /*context_handle*/, + const gsskrb5_ctx /*ctx*/, krb5_context /*context*/, const gss_buffer_t /*input_message_buffer*/, gss_buffer_t /*output_message_buffer*/, int */*conf_state*/, + gss_qop_t */*qop_state*/); + +OM_uint32 +_gssapi_unwrap_cfx_iov ( + OM_uint32 */*minor_status*/, + gsskrb5_ctx /*ctx*/, + krb5_context /*context*/, + int */*conf_state*/, gss_qop_t */*qop_state*/, - krb5_keyblock */*key*/); + gss_iov_buffer_desc */*iov*/, + int /*iov_count*/); OM_uint32 _gssapi_verify_mech_header ( @@ -136,17 +193,16 @@ _gssapi_verify_mic_arcfour ( const gss_buffer_t /*token_buffer*/, gss_qop_t * /*qop_state*/, krb5_keyblock */*key*/, - char */*type*/); + const char */*type*/); OM_uint32 _gssapi_verify_mic_cfx ( OM_uint32 */*minor_status*/, - const gsskrb5_ctx /*context_handle*/, + const gsskrb5_ctx /*ctx*/, krb5_context /*context*/, const gss_buffer_t /*message_buffer*/, const gss_buffer_t /*token_buffer*/, - gss_qop_t */*qop_state*/, - krb5_keyblock */*key*/); + gss_qop_t */*qop_state*/); OM_uint32 _gssapi_verify_pad ( @@ -169,14 +225,33 @@ _gssapi_wrap_arcfour ( OM_uint32 _gssapi_wrap_cfx ( OM_uint32 */*minor_status*/, - const gsskrb5_ctx /*context_handle*/, + const gsskrb5_ctx /*ctx*/, + krb5_context /*context*/, + int /*conf_req_flag*/, + const gss_buffer_t /*input_message_buffer*/, + int */*conf_state*/, + gss_buffer_t /*output_message_buffer*/); + +OM_uint32 +_gssapi_wrap_cfx_iov ( + OM_uint32 */*minor_status*/, + gsskrb5_ctx /*ctx*/, + krb5_context /*context*/, + int /*conf_req_flag*/, + int */*conf_state*/, + gss_iov_buffer_desc */*iov*/, + int /*iov_count*/); + +OM_uint32 +_gssapi_wrap_iov_length_cfx ( + OM_uint32 */*minor_status*/, + gsskrb5_ctx /*ctx*/, krb5_context /*context*/, int /*conf_req_flag*/, gss_qop_t /*qop_req*/, - const gss_buffer_t /*input_message_buffer*/, int */*conf_state*/, - gss_buffer_t /*output_message_buffer*/, - krb5_keyblock */*key*/); + gss_iov_buffer_desc */*iov*/, + int /*iov_count*/); OM_uint32 _gssapi_wrap_size_arcfour ( @@ -192,15 +267,14 @@ _gssapi_wrap_size_arcfour ( OM_uint32 _gssapi_wrap_size_cfx ( OM_uint32 */*minor_status*/, - const gsskrb5_ctx /*context_handle*/, + const gsskrb5_ctx /*ctx*/, krb5_context /*context*/, int /*conf_req_flag*/, gss_qop_t /*qop_req*/, OM_uint32 /*req_output_size*/, - OM_uint32 */*max_input_size*/, - krb5_keyblock */*key*/); + OM_uint32 */*max_input_size*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_accept_sec_context ( OM_uint32 * /*minor_status*/, gss_ctx_id_t * /*context_handle*/, @@ -214,7 +288,7 @@ _gsskrb5_accept_sec_context ( OM_uint32 * /*time_rec*/, gss_cred_id_t * /*delegated_cred_handle*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_acquire_cred ( OM_uint32 * /*minor_status*/, const gss_name_t /*desired_name*/, @@ -225,7 +299,18 @@ _gsskrb5_acquire_cred ( gss_OID_set * /*actual_mechs*/, OM_uint32 * time_rec ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV +_gsskrb5_acquire_cred_ext ( + OM_uint32 * /*minor_status*/, + const gss_name_t /*desired_name*/, + gss_const_OID /*credential_type*/, + const void */*credential_data*/, + OM_uint32 /*time_req*/, + gss_const_OID /*desired_mech*/, + gss_cred_usage_t /*cred_usage*/, + gss_cred_id_t * output_cred_handle ); + +OM_uint32 GSSAPI_CALLCONV _gsskrb5_add_cred ( OM_uint32 */*minor_status*/, const gss_cred_id_t /*input_cred_handle*/, @@ -239,7 +324,23 @@ _gsskrb5_add_cred ( OM_uint32 */*initiator_time_rec*/, OM_uint32 */*acceptor_time_rec*/); +OM_uint32 GSSAPI_CALLCONV +_gsskrb5_authorize_localname ( + OM_uint32 */*minor_status*/, + const gss_name_t /*input_name*/, + gss_const_buffer_t /*user_name*/, + gss_const_OID /*user_name_type*/); + OM_uint32 +_gsskrb5_canon_name ( + OM_uint32 */*minor_status*/, + krb5_context /*context*/, + int /*use_dns*/, + krb5_const_principal /*sourcename*/, + gss_name_t /*targetname*/, + krb5_principal */*out*/); + +OM_uint32 GSSAPI_CALLCONV _gsskrb5_canonicalize_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, @@ -249,14 +350,14 @@ _gsskrb5_canonicalize_name ( void _gsskrb5_clear_status (void); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_compare_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*name1*/, const gss_name_t /*name2*/, int * name_equal ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_context_time ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -296,20 +397,20 @@ _gsskrb5_decode_om_uint32 ( const void */*ptr*/, OM_uint32 */*n*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_delete_sec_context ( OM_uint32 * /*minor_status*/, gss_ctx_id_t * /*context_handle*/, gss_buffer_t /*output_token*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_display_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, gss_buffer_t /*output_name_buffer*/, gss_OID * output_name_type ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_display_status ( OM_uint32 */*minor_status*/, OM_uint32 /*status_value*/, @@ -318,7 +419,7 @@ _gsskrb5_display_status ( OM_uint32 */*message_context*/, gss_buffer_t /*status_string*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_duplicate_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*src_name*/, @@ -349,13 +450,19 @@ _gsskrb5_encode_om_uint32 ( OM_uint32 /*n*/, u_char */*p*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV +_gsskrb5_export_cred ( + OM_uint32 */*minor_status*/, + gss_cred_id_t /*cred_handle*/, + gss_buffer_t /*cred_token*/); + +OM_uint32 GSSAPI_CALLCONV _gsskrb5_export_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, gss_buffer_t exported_name ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_export_sec_context ( OM_uint32 * /*minor_status*/, gss_ctx_id_t * /*context_handle*/, @@ -367,7 +474,7 @@ _gsskrb5_get_mech ( size_t /*total_len*/, const u_char **/*mech_ret*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_get_mic ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -381,28 +488,26 @@ _gsskrb5_get_tkt_flags ( gsskrb5_ctx /*ctx*/, OM_uint32 */*tkt_flags*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_import_cred ( - OM_uint32 */*minor_status*/, - krb5_ccache /*id*/, - krb5_principal /*keytab_principal*/, - krb5_keytab /*keytab*/, - gss_cred_id_t */*cred*/); + OM_uint32 * /*minor_status*/, + gss_buffer_t /*cred_token*/, + gss_cred_id_t * /*cred_handle*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_import_name ( OM_uint32 * /*minor_status*/, const gss_buffer_t /*input_name_buffer*/, const gss_OID /*input_name_type*/, gss_name_t * output_name ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_import_sec_context ( OM_uint32 * /*minor_status*/, const gss_buffer_t /*interprocess_token*/, gss_ctx_id_t * context_handle ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_indicate_mechs ( OM_uint32 * /*minor_status*/, gss_OID_set * mech_set ); @@ -410,10 +515,10 @@ _gsskrb5_indicate_mechs ( krb5_error_code _gsskrb5_init (krb5_context */*context*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_init_sec_context ( OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*initiator_cred_handle*/, + const gss_cred_id_t /*cred_handle*/, gss_ctx_id_t * /*context_handle*/, const gss_name_t /*target_name*/, const gss_OID /*mech_type*/, @@ -426,7 +531,7 @@ _gsskrb5_init_sec_context ( OM_uint32 * /*ret_flags*/, OM_uint32 * time_rec ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_context ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -438,7 +543,7 @@ _gsskrb5_inquire_context ( int * /*locally_initiated*/, int * open_context ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_cred ( OM_uint32 * /*minor_status*/, const gss_cred_id_t /*cred_handle*/, @@ -447,7 +552,7 @@ _gsskrb5_inquire_cred ( gss_cred_usage_t * /*cred_usage*/, gss_OID_set * mechanisms ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_cred_by_mech ( OM_uint32 * /*minor_status*/, const gss_cred_id_t /*cred_handle*/, @@ -457,26 +562,26 @@ _gsskrb5_inquire_cred_by_mech ( OM_uint32 * /*acceptor_lifetime*/, gss_cred_usage_t * cred_usage ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_cred_by_oid ( OM_uint32 * /*minor_status*/, const gss_cred_id_t /*cred_handle*/, const gss_OID /*desired_object*/, gss_buffer_set_t */*data_set*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_mechs_for_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, gss_OID_set * mech_types ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_names_for_mech ( OM_uint32 * /*minor_status*/, const gss_OID /*mechanism*/, gss_OID_set * name_types ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_sec_context_by_oid ( OM_uint32 */*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -489,6 +594,14 @@ _gsskrb5_krb5_ccache_name ( const char */*name*/, const char **/*out_name*/); +OM_uint32 +_gsskrb5_krb5_import_cred ( + OM_uint32 */*minor_status*/, + krb5_ccache /*id*/, + krb5_principal /*keytab_principal*/, + krb5_keytab /*keytab*/, + gss_cred_id_t */*cred*/); + OM_uint32 _gsskrb5_lifetime_left ( OM_uint32 */*minor_status*/, @@ -503,13 +616,20 @@ _gsskrb5_make_header ( const void */*type*/, const gss_OID /*mech*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV +_gsskrb5_pname_to_uid ( + OM_uint32 */*minor_status*/, + const gss_name_t /*pname*/, + const gss_OID /*mech_type*/, + uid_t */*uidp*/); + +OM_uint32 GSSAPI_CALLCONV _gsskrb5_process_context_token ( OM_uint32 */*minor_status*/, const gss_ctx_id_t /*context_handle*/, const gss_buffer_t token_buffer ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_pseudo_random ( OM_uint32 */*minor_status*/, gss_ctx_id_t /*context_handle*/, @@ -519,41 +639,33 @@ _gsskrb5_pseudo_random ( gss_buffer_t /*prf_out*/); OM_uint32 -_gsskrb5_register_acceptor_identity (const char */*identity*/); +_gsskrb5_register_acceptor_identity ( + OM_uint32 */*min_stat*/, + const char */*identity*/); OM_uint32 _gsskrb5_release_buffer ( OM_uint32 * /*minor_status*/, gss_buffer_t buffer ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_release_cred ( OM_uint32 * /*minor_status*/, gss_cred_id_t * cred_handle ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_release_name ( OM_uint32 * /*minor_status*/, gss_name_t * input_name ); -OM_uint32 -_gsskrb5_seal ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - int /*qop_req*/, - gss_buffer_t /*input_message_buffer*/, - int * /*conf_state*/, - gss_buffer_t output_message_buffer ); - -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_set_cred_option ( OM_uint32 */*minor_status*/, gss_cred_id_t */*cred_handle*/, const gss_OID /*desired_object*/, const gss_buffer_t /*value*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_set_sec_context_option ( OM_uint32 */*minor_status*/, gss_ctx_id_t */*context_handle*/, @@ -562,27 +674,22 @@ _gsskrb5_set_sec_context_option ( void _gsskrb5_set_status ( + int /*ret*/, const char */*fmt*/, ...); -OM_uint32 -_gsskrb5_sign ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - int /*qop_req*/, - gss_buffer_t /*message_buffer*/, - gss_buffer_t message_token ); +OM_uint32 GSSAPI_CALLCONV +_gsskrb5_store_cred ( + OM_uint32 */*minor_status*/, + gss_cred_id_t /*input_cred_handle*/, + gss_cred_usage_t /*cred_usage*/, + const gss_OID /*desired_mech*/, + OM_uint32 /*overwrite_cred*/, + OM_uint32 /*default_cred*/, + gss_OID_set */*elements_stored*/, + gss_cred_usage_t */*cred_usage_stored*/); -OM_uint32 -_gsskrb5_unseal ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - gss_buffer_t /*input_message_buffer*/, - gss_buffer_t /*output_message_buffer*/, - int * /*conf_state*/, - int * qop_state ); - -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_unwrap ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -591,14 +698,6 @@ _gsskrb5_unwrap ( int * /*conf_state*/, gss_qop_t * qop_state ); -OM_uint32 -_gsskrb5_verify ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - gss_buffer_t /*message_buffer*/, - gss_buffer_t /*token_buffer*/, - int * qop_state ); - OM_uint32 _gsskrb5_verify_8003_checksum ( OM_uint32 */*minor_status*/, @@ -614,7 +713,7 @@ _gsskrb5_verify_header ( const void */*type*/, gss_OID /*oid*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_verify_mic ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -625,14 +724,14 @@ _gsskrb5_verify_mic ( OM_uint32 _gsskrb5_verify_mic_internal ( OM_uint32 * /*minor_status*/, - const gsskrb5_ctx /*context_handle*/, + const gsskrb5_ctx /*ctx*/, krb5_context /*context*/, const gss_buffer_t /*message_buffer*/, const gss_buffer_t /*token_buffer*/, gss_qop_t * /*qop_state*/, - char * type ); + const char * type ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_wrap ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -642,7 +741,7 @@ _gsskrb5_wrap ( int * /*conf_state*/, gss_buffer_t output_message_buffer ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_wrap_size_limit ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -651,19 +750,12 @@ _gsskrb5_wrap_size_limit ( OM_uint32 /*req_output_size*/, OM_uint32 * max_input_size ); -krb5_error_code -_gsskrb5cfx_max_wrap_length_cfx ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - int /*conf_req_flag*/, - size_t /*input_length*/, - OM_uint32 */*output_length*/); - krb5_error_code _gsskrb5cfx_wrap_length_cfx ( krb5_context /*context*/, krb5_crypto /*crypto*/, int /*conf_req_flag*/, + int /*dce_style*/, size_t /*input_length*/, size_t */*output_length*/, size_t */*cksumsize*/, @@ -697,7 +789,8 @@ _gsskrb5i_get_token_key ( void _gsskrb5i_is_cfx ( + krb5_context /*context*/, gsskrb5_ctx /*ctx*/, - int */*is_cfx*/); + int /*acceptor*/); #endif /* __gsskrb5_private_h__ */ diff --git a/lib/gssapi/krb5/gsskrb5_locl.h b/lib/gssapi/krb5/gsskrb5_locl.h index 6ffb6070352f..6b9b03f34908 100644 --- a/lib/gssapi/krb5/gsskrb5_locl.h +++ b/lib/gssapi/krb5/gsskrb5_locl.h @@ -1,49 +1,48 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: gsskrb5_locl.h 20324 2007-04-12 16:46:01Z lha $ */ +/* $Id$ */ #ifndef GSSKRB5_LOCL_H #define GSSKRB5_LOCL_H -#ifdef HAVE_CONFIG_H #include -#endif #include #include #include #include +#include #include #include "cfx.h" @@ -54,19 +53,24 @@ struct gss_msg_order; -typedef struct { +typedef struct gsskrb5_ctx { struct krb5_auth_context_data *auth_context; + struct krb5_auth_context_data *deleg_auth_context; krb5_principal source, target; #define IS_DCE_STYLE(ctx) (((ctx)->flags & GSS_C_DCE_STYLE) != 0) OM_uint32 flags; - enum { LOCAL = 1, OPEN = 2, + enum { LOCAL = 1, OPEN = 2, COMPAT_OLD_DES3 = 4, COMPAT_OLD_DES3_SELECTED = 8, - ACCEPTOR_SUBKEY = 16 + ACCEPTOR_SUBKEY = 16, + RETRIED = 32, + CLOSE_CCACHE = 64, + IS_CFX = 128 } more_flags; enum gss_ctx_id_t_state { /* initiator states */ INITIATOR_START, + INITIATOR_RESTART, INITIATOR_WAIT_FOR_MUTAL, INITIATOR_READY, /* acceptor states */ @@ -74,18 +78,22 @@ typedef struct { ACCEPTOR_WAIT_FOR_DCESTYLE, ACCEPTOR_READY } state; + krb5_creds *kcred; + krb5_ccache ccache; struct krb5_ticket *ticket; OM_uint32 lifetime; HEIMDAL_MUTEX ctx_id_mutex; struct gss_msg_order *order; krb5_keyblock *service_keyblock; krb5_data fwd_data; + krb5_crypto crypto; } *gsskrb5_ctx; typedef struct { krb5_principal principal; int cred_flags; #define GSS_CF_DESTROY_CRED_ON_RELEASE 1 +#define GSS_CF_NO_CI_FLAGS 2 struct krb5_keytab_data *keytab; OM_uint32 lifetime; gss_cred_usage_t usage; @@ -104,16 +112,11 @@ typedef struct Principal *gsskrb5_name; extern krb5_keytab _gsskrb5_keytab; extern HEIMDAL_MUTEX gssapi_keytab_mutex; -struct gssapi_thr_context { - HEIMDAL_MUTEX mutex; - char *error_string; -}; - /* * Prototypes */ -#include +#include #define GSSAPI_KRB5_INIT(ctx) do { \ krb5_error_code kret_gss_init; \ @@ -131,4 +134,7 @@ struct gssapi_thr_context { #define SC_LOCAL_SUBKEY 0x08 #define SC_REMOTE_SUBKEY 0x10 +/* type to signal that that dns canon maybe should be done */ +#define MAGIC_HOSTBASED_NAME_TYPE 4711 + #endif diff --git a/lib/gssapi/krb5/import_name.c b/lib/gssapi/krb5/import_name.c index bf31db923256..5fe512672f95 100644 --- a/lib/gssapi/krb5/import_name.c +++ b/lib/gssapi/krb5/import_name.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: import_name.c 19031 2006-11-13 18:02:57Z lha $"); +#include "gsskrb5_locl.h" static OM_uint32 parse_krb5_name (OM_uint32 *minor_status, @@ -83,18 +81,61 @@ import_krb5_name (OM_uint32 *minor_status, return ret; } +OM_uint32 +_gsskrb5_canon_name(OM_uint32 *minor_status, krb5_context context, + int use_dns, krb5_const_principal sourcename, gss_name_t targetname, + krb5_principal *out) +{ + krb5_principal p = (krb5_principal)targetname; + krb5_error_code ret; + char *hostname = NULL, *service; + + *minor_status = 0; + + /* If its not a hostname */ + if (krb5_principal_get_type(context, p) != MAGIC_HOSTBASED_NAME_TYPE) { + ret = krb5_copy_principal(context, p, out); + } else if (!use_dns) { + ret = krb5_copy_principal(context, p, out); + if (ret) + goto out; + krb5_principal_set_type(context, *out, KRB5_NT_SRV_HST); + if (sourcename) + ret = krb5_principal_set_realm(context, *out, sourcename->realm); + } else { + if (p->name.name_string.len == 0) + return GSS_S_BAD_NAME; + else if (p->name.name_string.len > 1) + hostname = p->name.name_string.val[1]; + + service = p->name.name_string.val[0]; + + ret = krb5_sname_to_principal(context, + hostname, + service, + KRB5_NT_SRV_HST, + out); + } + + out: + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + return 0; +} + + static OM_uint32 import_hostbased_name (OM_uint32 *minor_status, krb5_context context, const gss_buffer_t input_name_buffer, gss_name_t *output_name) { - krb5_error_code kerr; - char *tmp; - char *p; - char *host; - char local_hostname[MAXHOSTNAMELEN]; krb5_principal princ = NULL; + krb5_error_code kerr; + char *tmp, *p, *host = NULL; tmp = malloc (input_name_buffer->length + 1); if (tmp == NULL) { @@ -110,31 +151,20 @@ import_hostbased_name (OM_uint32 *minor_status, if (p != NULL) { *p = '\0'; host = p + 1; - } else { - if (gethostname(local_hostname, sizeof(local_hostname)) < 0) { - *minor_status = errno; - free (tmp); - return GSS_S_FAILURE; - } - host = local_hostname; } - kerr = krb5_sname_to_principal (context, - host, - tmp, - KRB5_NT_SRV_HST, - &princ); + kerr = krb5_make_principal(context, &princ, NULL, tmp, host, NULL); free (tmp); *minor_status = kerr; - if (kerr == 0) { - *output_name = (gss_name_t)princ; - return GSS_S_COMPLETE; - } - if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED) return GSS_S_BAD_NAME; + else if (kerr) + return GSS_S_FAILURE; - return GSS_S_FAILURE; + krb5_principal_set_type(context, princ, MAGIC_HOSTBASED_NAME_TYPE); + *output_name = (gss_name_t)princ; + + return 0; } static OM_uint32 @@ -159,7 +189,7 @@ import_export_name (OM_uint32 *minor_status, p[3] != GSS_KRB5_MECHANISM->length + 2 || p[4] != 0x06 || p[5] != GSS_KRB5_MECHANISM->length || - memcmp(&p[6], GSS_KRB5_MECHANISM->elements, + memcmp(&p[6], GSS_KRB5_MECHANISM->elements, GSS_KRB5_MECHANISM->length) != 0) return GSS_S_BAD_NAME; @@ -185,7 +215,7 @@ import_export_name (OM_uint32 *minor_status, return ret; } -OM_uint32 _gsskrb5_import_name +OM_uint32 GSSAPI_CALLCONV _gsskrb5_import_name (OM_uint32 * minor_status, const gss_buffer_t input_name_buffer, const gss_OID input_name_type, @@ -196,7 +226,7 @@ OM_uint32 _gsskrb5_import_name *minor_status = 0; *output_name = GSS_C_NO_NAME; - + GSSAPI_KRB5_INIT (&context); if (gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE) || @@ -205,7 +235,7 @@ OM_uint32 _gsskrb5_import_name context, input_name_buffer, output_name); - else if (gss_oid_equal(input_name_type, GSS_C_NO_OID) + else if (input_name_type == GSS_C_NO_OID || gss_oid_equal(input_name_type, GSS_C_NT_USER_NAME) || gss_oid_equal(input_name_type, GSS_KRB5_NT_PRINCIPAL_NAME)) /* default printable syntax */ @@ -216,7 +246,7 @@ OM_uint32 _gsskrb5_import_name else if (gss_oid_equal(input_name_type, GSS_C_NT_EXPORT_NAME)) { return import_export_name(minor_status, context, - input_name_buffer, + input_name_buffer, output_name); } else { *minor_status = 0; diff --git a/lib/gssapi/krb5/import_sec_context.c b/lib/gssapi/krb5/import_sec_context.c index 3300036a81b3..3bab1802b3c9 100644 --- a/lib/gssapi/krb5/import_sec_context.c +++ b/lib/gssapi/krb5/import_sec_context.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: import_sec_context.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_import_sec_context ( OM_uint32 * minor_status, const gss_buffer_t interprocess_token, @@ -52,8 +50,7 @@ _gsskrb5_import_sec_context ( krb5_data data; gss_buffer_desc buffer; krb5_keyblock keyblock; - int32_t tmp; - int32_t flags; + int32_t flags, tmp; gsskrb5_ctx ctx; gss_name_t name; @@ -96,8 +93,9 @@ _gsskrb5_import_sec_context ( /* retrieve the auth context */ ac = ctx->auth_context; - if (krb5_ret_uint32 (sp, &ac->flags) != 0) + if (krb5_ret_int32 (sp, &tmp) != 0) goto failure; + ac->flags = tmp; if (flags & SC_LOCAL_ADDRESS) { if (krb5_ret_address (sp, localp = &local) != 0) goto failure; @@ -184,7 +182,7 @@ _gsskrb5_import_sec_context ( krb5_data_free (&data); goto failure; } - } + } ctx->target = (krb5_principal)name; krb5_data_free (&data); @@ -200,10 +198,12 @@ _gsskrb5_import_sec_context ( ret = _gssapi_msg_order_import(minor_status, sp, &ctx->order); if (ret) - goto failure; - + goto failure; + krb5_storage_free (sp); + _gsskrb5i_is_cfx(context, ctx, (ctx->more_flags & LOCAL) == 0); + *context_handle = (gss_ctx_id_t)ctx; return GSS_S_COMPLETE; diff --git a/lib/gssapi/krb5/indicate_mechs.c b/lib/gssapi/krb5/indicate_mechs.c index eb886c24d347..620137884ae4 100644 --- a/lib/gssapi/krb5/indicate_mechs.c +++ b/lib/gssapi/krb5/indicate_mechs.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: indicate_mechs.c 20688 2007-05-17 18:44:31Z lha $"); - -OM_uint32 _gsskrb5_indicate_mechs +OM_uint32 GSSAPI_CALLCONV _gsskrb5_indicate_mechs (OM_uint32 * minor_status, gss_OID_set * mech_set ) diff --git a/lib/gssapi/krb5/init.c b/lib/gssapi/krb5/init.c index 3bbdcc8ff1a2..3a22c33ed69f 100644 --- a/lib/gssapi/krb5/init.c +++ b/lib/gssapi/krb5/init.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2001, 2003, 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001, 2003, 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: init.c 19031 2006-11-13 18:02:57Z lha $"); +#include "gsskrb5_locl.h" static HEIMDAL_MUTEX context_mutex = HEIMDAL_MUTEX_INITIALIZER; static int created_key; diff --git a/lib/gssapi/krb5/init_sec_context.c b/lib/gssapi/krb5/init_sec_context.c index 05f7978e4337..5f8b01b72707 100644 --- a/lib/gssapi/krb5/init_sec_context.c +++ b/lib/gssapi/krb5/init_sec_context.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: init_sec_context.c 22071 2007-11-14 20:04:50Z lha $"); +#include "gsskrb5_locl.h" /* * copy the addresses from `input_chan_bindings' (if any) to @@ -43,14 +41,14 @@ RCSID("$Id: init_sec_context.c 22071 2007-11-14 20:04:50Z lha $"); static OM_uint32 set_addresses (krb5_context context, krb5_auth_context ac, - const gss_channel_bindings_t input_chan_bindings) + const gss_channel_bindings_t input_chan_bindings) { - /* Port numbers are expected to be in application_data.value, - * initator's port first */ + /* Port numbers are expected to be in application_data.value, + * initator's port first */ krb5_address initiator_addr, acceptor_addr; krb5_error_code kret; - + if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS || input_chan_bindings->application_data.length != 2 * sizeof(ac->local_port)) @@ -58,13 +56,13 @@ set_addresses (krb5_context context, memset(&initiator_addr, 0, sizeof(initiator_addr)); memset(&acceptor_addr, 0, sizeof(acceptor_addr)); - + ac->local_port = *(int16_t *) input_chan_bindings->application_data.value; - + ac->remote_port = *((int16_t *) input_chan_bindings->application_data.value + 1); - + kret = _gsskrb5i_address_to_krb5addr(context, input_chan_bindings->acceptor_addrtype, &input_chan_bindings->acceptor_address, @@ -72,7 +70,7 @@ set_addresses (krb5_context context, &acceptor_addr); if (kret) return kret; - + kret = _gsskrb5i_address_to_krb5addr(context, input_chan_bindings->initiator_addrtype, &input_chan_bindings->initiator_address, @@ -82,15 +80,15 @@ set_addresses (krb5_context context, krb5_free_address (context, &acceptor_addr); return kret; } - + kret = krb5_auth_con_setaddrs(context, ac, &initiator_addr, /* local address */ &acceptor_addr); /* remote address */ - + krb5_free_address (context, &initiator_addr); krb5_free_address (context, &acceptor_addr); - + #if 0 free(input_chan_bindings->application_data.value); input_chan_bindings->application_data.value = NULL; @@ -119,8 +117,11 @@ _gsskrb5_create_ctx( return GSS_S_FAILURE; } ctx->auth_context = NULL; + ctx->deleg_auth_context = NULL; ctx->source = NULL; ctx->target = NULL; + ctx->kcred = NULL; + ctx->ccache = NULL; ctx->state = state; ctx->flags = 0; ctx->more_flags = 0; @@ -129,14 +130,21 @@ _gsskrb5_create_ctx( krb5_data_zero(&ctx->fwd_data); ctx->lifetime = GSS_C_INDEFINITE; ctx->order = NULL; + ctx->crypto = NULL; HEIMDAL_MUTEX_init(&ctx->ctx_id_mutex); kret = krb5_auth_con_init (context, &ctx->auth_context); if (kret) { *minor_status = kret; - HEIMDAL_MUTEX_destroy(&ctx->ctx_id_mutex); - + return GSS_S_FAILURE; + } + + kret = krb5_auth_con_init (context, &ctx->deleg_auth_context); + if (kret) { + *minor_status = kret; + krb5_auth_con_free(context, ctx->auth_context); + HEIMDAL_MUTEX_destroy(&ctx->ctx_id_mutex); return GSS_S_FAILURE; } @@ -144,9 +152,22 @@ _gsskrb5_create_ctx( if (kret) { *minor_status = kret; + krb5_auth_con_free(context, ctx->auth_context); + krb5_auth_con_free(context, ctx->deleg_auth_context); + HEIMDAL_MUTEX_destroy(&ctx->ctx_id_mutex); + return GSS_S_BAD_BINDINGS; + } + + kret = set_addresses(context, ctx->deleg_auth_context, input_chan_bindings); + if (kret) { + *minor_status = kret; + krb5_auth_con_free(context, ctx->auth_context); + krb5_auth_con_free(context, ctx->deleg_auth_context); + + HEIMDAL_MUTEX_destroy(&ctx->ctx_id_mutex); return GSS_S_BAD_BINDINGS; } @@ -161,6 +182,16 @@ _gsskrb5_create_ctx( KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED, NULL); + /* + * We need a sequence number + */ + + krb5_auth_con_addflags(context, + ctx->deleg_auth_context, + KRB5_AUTH_CONTEXT_DO_SEQUENCE | + KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED, + NULL); + *context_handle = (gss_ctx_id_t)ctx; return GSS_S_COMPLETE; @@ -173,17 +204,29 @@ gsskrb5_get_creds( krb5_context context, krb5_ccache ccache, gsskrb5_ctx ctx, - krb5_const_principal target_name, + const gss_name_t target_name, + int use_dns, OM_uint32 time_req, - OM_uint32 * time_rec, - krb5_creds ** cred) + OM_uint32 * time_rec) { OM_uint32 ret; krb5_error_code kret; krb5_creds this_cred; OM_uint32 lifetime_rec; - *cred = NULL; + if (ctx->target) { + krb5_free_principal(context, ctx->target); + ctx->target = NULL; + } + if (ctx->kcred) { + krb5_free_creds(context, ctx->kcred); + ctx->kcred = NULL; + } + + ret = _gsskrb5_canon_name(minor_status, context, use_dns, + ctx->source, target_name, &ctx->target); + if (ret) + return ret; memset(&this_cred, 0, sizeof(this_cred)); this_cred.client = ctx->source; @@ -204,13 +247,13 @@ gsskrb5_get_creds( 0, ccache, &this_cred, - cred); + &ctx->kcred); if (kret) { *minor_status = kret; return GSS_S_FAILURE; } - ctx->lifetime = (*cred)->times.endtime; + ctx->lifetime = ctx->kcred->times.endtime; ret = _gsskrb5_lifetime_left(minor_status, context, ctx->lifetime, &lifetime_rec); @@ -232,27 +275,33 @@ gsskrb5_initiator_ready( gsskrb5_ctx ctx, krb5_context context) { - OM_uint32 ret; - int32_t seq_number; - int is_cfx = 0; - OM_uint32 flags = ctx->flags; + OM_uint32 ret; + int32_t seq_number; + int is_cfx = 0; + OM_uint32 flags = ctx->flags; - krb5_auth_getremoteseqnumber (context, - ctx->auth_context, - &seq_number); + krb5_free_creds(context, ctx->kcred); + ctx->kcred = NULL; - _gsskrb5i_is_cfx(ctx, &is_cfx); + if (ctx->more_flags & CLOSE_CCACHE) + krb5_cc_close(context, ctx->ccache); + ctx->ccache = NULL; - ret = _gssapi_msg_order_create(minor_status, - &ctx->order, - _gssapi_msg_order_f(flags), - seq_number, 0, is_cfx); - if (ret) return ret; + krb5_auth_con_getremoteseqnumber (context, ctx->auth_context, &seq_number); - ctx->state = INITIATOR_READY; - ctx->more_flags |= OPEN; + _gsskrb5i_is_cfx(context, ctx, 0); + is_cfx = (ctx->more_flags & IS_CFX); - return GSS_S_COMPLETE; + ret = _gssapi_msg_order_create(minor_status, + &ctx->order, + _gssapi_msg_order_f(flags), + seq_number, 0, is_cfx); + if (ret) return ret; + + ctx->state = INITIATOR_READY; + ctx->more_flags |= OPEN; + + return GSS_S_COMPLETE; } /* @@ -266,39 +315,39 @@ do_delegation (krb5_context context, krb5_creds *cred, krb5_const_principal name, krb5_data *fwd_data, + uint32_t flagmask, uint32_t *flags) { krb5_creds creds; KDCOptions fwd_flags; krb5_error_code kret; - + memset (&creds, 0, sizeof(creds)); krb5_data_zero (fwd_data); - + kret = krb5_cc_get_principal(context, ccache, &creds.client); - if (kret) - goto out; - - kret = krb5_build_principal(context, - &creds.server, - strlen(creds.client->realm), - creds.client->realm, - KRB5_TGS_NAME, - creds.client->realm, - NULL); if (kret) - goto out; - + goto out; + + kret = krb5_make_principal(context, + &creds.server, + creds.client->realm, + KRB5_TGS_NAME, + creds.client->realm, + NULL); + if (kret) + goto out; + creds.times.endtime = 0; - + memset(&fwd_flags, 0, sizeof(fwd_flags)); fwd_flags.forwarded = 1; fwd_flags.forwardable = 1; - + if ( /*target_name->name.name_type != KRB5_NT_SRV_HST ||*/ - name->name.name_string.len < 2) + name->name.name_string.len < 2) goto out; - + kret = krb5_get_forwarded_creds(context, ac, ccache, @@ -306,13 +355,13 @@ do_delegation (krb5_context context, name->name.name_string.val[1], &creds, fwd_data); - + out: if (kret) - *flags &= ~GSS_C_DELEG_FLAG; + *flags &= ~flagmask; else - *flags |= GSS_C_DELEG_FLAG; - + *flags |= flagmask; + if (creds.client) krb5_free_principal(context, creds.client); if (creds.server) @@ -326,13 +375,143 @@ do_delegation (krb5_context context, static OM_uint32 init_auth (OM_uint32 * minor_status, - gsskrb5_cred initiator_cred_handle, + gsskrb5_cred cred, gsskrb5_ctx ctx, krb5_context context, - krb5_const_principal name, + gss_name_t name, const gss_OID mech_type, OM_uint32 req_flags, OM_uint32 time_req, + const gss_buffer_t input_token, + gss_OID * actual_mech_type, + gss_buffer_t output_token, + OM_uint32 * ret_flags, + OM_uint32 * time_rec + ) +{ + OM_uint32 ret = GSS_S_FAILURE; + krb5_error_code kret; + krb5_data outbuf; + krb5_data fwd_data; + OM_uint32 lifetime_rec; + int allow_dns = 1; + + krb5_data_zero(&outbuf); + krb5_data_zero(&fwd_data); + + *minor_status = 0; + + if (actual_mech_type) + *actual_mech_type = GSS_KRB5_MECHANISM; + + if (cred == NULL) { + kret = krb5_cc_default (context, &ctx->ccache); + if (kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } + ctx->more_flags |= CLOSE_CCACHE; + } else + ctx->ccache = cred->ccache; + + kret = krb5_cc_get_principal (context, ctx->ccache, &ctx->source); + if (kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } + + /* + * This is hideous glue for (NFS) clients that wants to limit the + * available enctypes to what it can support (encryption in + * kernel). If there is no enctypes selected for this credential, + * reset it to the default set of enctypes. + */ + { + krb5_enctype *enctypes = NULL; + + if (cred && cred->enctypes) + enctypes = cred->enctypes; + krb5_set_default_in_tkt_etypes(context, enctypes); + } + + /* canon name if needed for client + target realm */ + kret = krb5_cc_get_config(context, ctx->ccache, NULL, + "realm-config", &outbuf); + if (kret == 0) { + /* XXX 2 is no server canon */ + if (outbuf.length < 1 || ((((unsigned char *)outbuf.data)[0]) & 2)) + allow_dns = 0; + krb5_data_free(&outbuf); + } + + /* + * First we try w/o dns, hope that the KDC have register alias + * (and referrals if cross realm) for this principal. If that + * fails and if we are allowed to using this realm try again with + * DNS canonicalizion. + */ + ret = gsskrb5_get_creds(minor_status, context, ctx->ccache, + ctx, name, 0, time_req, + time_rec); + if (ret && allow_dns) + ret = gsskrb5_get_creds(minor_status, context, ctx->ccache, + ctx, name, 1, time_req, + time_rec); + if (ret) + goto failure; + + ctx->lifetime = ctx->kcred->times.endtime; + + ret = _gss_DES3_get_mic_compat(minor_status, ctx, context); + if (ret) + goto failure; + + ret = _gsskrb5_lifetime_left(minor_status, + context, + ctx->lifetime, + &lifetime_rec); + if (ret) + goto failure; + + if (lifetime_rec == 0) { + *minor_status = 0; + ret = GSS_S_CONTEXT_EXPIRED; + goto failure; + } + + krb5_auth_con_setkey(context, + ctx->auth_context, + &ctx->kcred->session); + + kret = krb5_auth_con_generatelocalsubkey(context, + ctx->auth_context, + &ctx->kcred->session); + if(kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } + + return GSS_S_COMPLETE; + +failure: + if (ctx->ccache && (ctx->more_flags & CLOSE_CCACHE)) + krb5_cc_close(context, ctx->ccache); + ctx->ccache = NULL; + + return ret; + +} + +static OM_uint32 +init_auth_restart +(OM_uint32 * minor_status, + gsskrb5_cred cred, + gsskrb5_ctx ctx, + krb5_context context, + OM_uint32 req_flags, const gss_channel_bindings_t input_chan_bindings, const gss_buffer_t input_token, gss_OID * actual_mech_type, @@ -344,142 +523,70 @@ init_auth OM_uint32 ret = GSS_S_FAILURE; krb5_error_code kret; krb5_flags ap_options; - krb5_creds *cred = NULL; krb5_data outbuf; - krb5_ccache ccache = NULL; uint32_t flags; krb5_data authenticator; Checksum cksum; krb5_enctype enctype; - krb5_data fwd_data; - OM_uint32 lifetime_rec; + krb5_data fwd_data, timedata; + int32_t offset = 0, oldoffset = 0; + uint32_t flagmask; krb5_data_zero(&outbuf); krb5_data_zero(&fwd_data); *minor_status = 0; - if (actual_mech_type) - *actual_mech_type = GSS_KRB5_MECHANISM; - - if (initiator_cred_handle == NULL) { - kret = krb5_cc_default (context, &ccache); - if (kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - } else - ccache = initiator_cred_handle->ccache; - - kret = krb5_cc_get_principal (context, ccache, &ctx->source); - if (kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - kret = krb5_copy_principal (context, name, &ctx->target); - if (kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - ret = _gss_DES3_get_mic_compat(minor_status, ctx, context); - if (ret) - goto failure; - - /* - * This is hideous glue for (NFS) clients that wants to limit the - * available enctypes to what it can support (encryption in - * kernel). If there is no enctypes selected for this credential, - * reset it to the default set of enctypes. + * If the credential doesn't have ok-as-delegate, check if there + * is a realm setting and use that. */ - { - krb5_enctype *enctypes = NULL; + if (!ctx->kcred->flags.b.ok_as_delegate) { + krb5_data data; - if (initiator_cred_handle && initiator_cred_handle->enctypes) - enctypes = initiator_cred_handle->enctypes; - krb5_set_default_in_tkt_etypes(context, enctypes); + ret = krb5_cc_get_config(context, ctx->ccache, NULL, + "realm-config", &data); + if (ret == 0) { + /* XXX 1 is use ok-as-delegate */ + if (data.length < 1 || ((((unsigned char *)data.data)[0]) & 1) == 0) + req_flags &= ~(GSS_C_DELEG_FLAG|GSS_C_DELEG_POLICY_FLAG); + krb5_data_free(&data); + } } - ret = gsskrb5_get_creds(minor_status, - context, - ccache, - ctx, - ctx->target, - time_req, - time_rec, - &cred); - if (ret) - goto failure; + flagmask = 0; - ctx->lifetime = cred->times.endtime; + /* if we used GSS_C_DELEG_POLICY_FLAG, trust KDC */ + if ((req_flags & GSS_C_DELEG_POLICY_FLAG) + && ctx->kcred->flags.b.ok_as_delegate) + flagmask |= GSS_C_DELEG_FLAG | GSS_C_DELEG_POLICY_FLAG; + /* if there still is a GSS_C_DELEG_FLAG, use that */ + if (req_flags & GSS_C_DELEG_FLAG) + flagmask |= GSS_C_DELEG_FLAG; - ret = _gsskrb5_lifetime_left(minor_status, - context, - ctx->lifetime, - &lifetime_rec); - if (ret) { - goto failure; - } - - if (lifetime_rec == 0) { - *minor_status = 0; - ret = GSS_S_CONTEXT_EXPIRED; - goto failure; - } - - krb5_auth_con_setkey(context, - ctx->auth_context, - &cred->session); - - kret = krb5_auth_con_generatelocalsubkey(context, - ctx->auth_context, - &cred->session); - if(kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - /* - * If the credential doesn't have ok-as-delegate, check what local - * policy say about ok-as-delegate, default is FALSE that makes - * code ignore the KDC setting and follow what the application - * requested. If it is TRUE, strip of the GSS_C_DELEG_FLAG if the - * KDC doesn't set ok-as-delegate. - */ - if (!cred->flags.b.ok_as_delegate) { - krb5_boolean delegate; - - krb5_appdefault_boolean(context, - "gssapi", name->realm, - "ok-as-delegate", FALSE, &delegate); - if (delegate) - req_flags &= ~GSS_C_DELEG_FLAG; - } flags = 0; ap_options = 0; - if (req_flags & GSS_C_DELEG_FLAG) + if (flagmask & GSS_C_DELEG_FLAG) { do_delegation (context, - ctx->auth_context, - ccache, cred, name, &fwd_data, &flags); - + ctx->deleg_auth_context, + ctx->ccache, ctx->kcred, ctx->target, + &fwd_data, flagmask, &flags); + } + if (req_flags & GSS_C_MUTUAL_FLAG) { flags |= GSS_C_MUTUAL_FLAG; ap_options |= AP_OPTS_MUTUAL_REQUIRED; } - + if (req_flags & GSS_C_REPLAY_FLAG) flags |= GSS_C_REPLAY_FLAG; if (req_flags & GSS_C_SEQUENCE_FLAG) flags |= GSS_C_SEQUENCE_FLAG; +#if 0 if (req_flags & GSS_C_ANON_FLAG) ; /* XXX */ +#endif if (req_flags & GSS_C_DCE_STYLE) { /* GSS_C_DCE_STYLE implies GSS_C_MUTUAL_FLAG */ flags |= GSS_C_DCE_STYLE | GSS_C_MUTUAL_FLAG; @@ -490,15 +597,23 @@ init_auth if (req_flags & GSS_C_EXTENDED_ERROR_FLAG) flags |= GSS_C_EXTENDED_ERROR_FLAG; - flags |= GSS_C_CONF_FLAG; - flags |= GSS_C_INTEG_FLAG; + if (req_flags & GSS_C_CONF_FLAG) { + flags |= GSS_C_CONF_FLAG; + } + if (req_flags & GSS_C_INTEG_FLAG) { + flags |= GSS_C_INTEG_FLAG; + } + if (cred == NULL || !(cred->cred_flags & GSS_CF_NO_CI_FLAGS)) { + flags |= GSS_C_CONF_FLAG; + flags |= GSS_C_INTEG_FLAG; + } flags |= GSS_C_TRANS_FLAG; - + if (ret_flags) *ret_flags = flags; ctx->flags = flags; ctx->more_flags |= LOCAL; - + ret = _gsskrb5_create_8003_checksum (minor_status, input_chan_bindings, flags, @@ -510,16 +625,32 @@ init_auth enctype = ctx->auth_context->keyblock->keytype; - kret = krb5_build_authenticator (context, + ret = krb5_cc_get_config(context, ctx->ccache, ctx->target, + "time-offset", &timedata); + if (ret == 0) { + if (timedata.length == 4) { + const u_char *p = timedata.data; + offset = (p[0] <<24) | (p[1] << 16) | (p[2] << 8) | (p[3] << 0); + } + krb5_data_free(&timedata); + } + + if (offset) { + krb5_get_kdc_sec_offset (context, &oldoffset, NULL); + krb5_set_kdc_sec_offset (context, offset, -1); + } + + kret = _krb5_build_authenticator(context, ctx->auth_context, enctype, - cred, + ctx->kcred, &cksum, - NULL, &authenticator, KRB5_KU_AP_REQ_AUTH); if (kret) { + if (offset) + krb5_set_kdc_sec_offset (context, oldoffset, -1); *minor_status = kret; ret = GSS_S_FAILURE; goto failure; @@ -527,27 +658,31 @@ init_auth kret = krb5_build_ap_req (context, enctype, - cred, + ctx->kcred, ap_options, authenticator, &outbuf); - + if (offset) + krb5_set_kdc_sec_offset (context, oldoffset, -1); if (kret) { *minor_status = kret; ret = GSS_S_FAILURE; goto failure; } - ret = _gsskrb5_encapsulate (minor_status, &outbuf, output_token, - (u_char *)"\x01\x00", GSS_KRB5_MECHANISM); - if (ret) - goto failure; + if (flags & GSS_C_DCE_STYLE) { + output_token->value = outbuf.data; + output_token->length = outbuf.length; + } else { + ret = _gsskrb5_encapsulate (minor_status, &outbuf, output_token, + (u_char *)(intptr_t)"\x01\x00", + GSS_KRB5_MECHANISM); + krb5_data_free (&outbuf); + if (ret) + goto failure; + } - krb5_data_free (&outbuf); - krb5_free_creds(context, cred); free_Checksum(&cksum); - if (initiator_cred_handle == NULL) - krb5_cc_close(context, ccache); if (flags & GSS_C_MUTUAL_FLAG) { ctx->state = INITIATOR_WAIT_FOR_MUTAL; @@ -556,15 +691,52 @@ init_auth return gsskrb5_initiator_ready(minor_status, ctx, context); failure: - if(cred) - krb5_free_creds(context, cred); - if (ccache && initiator_cred_handle == NULL) - krb5_cc_close(context, ccache); + if (ctx->ccache && (ctx->more_flags & CLOSE_CCACHE)) + krb5_cc_close(context, ctx->ccache); + ctx->ccache = NULL; return ret; - } +static krb5_error_code +handle_error_packet(krb5_context context, + gsskrb5_ctx ctx, + krb5_data indata) +{ + krb5_error_code kret; + KRB_ERROR error; + + kret = krb5_rd_error(context, &indata, &error); + if (kret == 0) { + kret = krb5_error_from_rd_error(context, &error, NULL); + + /* save the time skrew for this host */ + if (kret == KRB5KRB_AP_ERR_SKEW) { + krb5_data timedata; + unsigned char p[4]; + int32_t t = error.stime - time(NULL); + + p[0] = (t >> 24) & 0xFF; + p[1] = (t >> 16) & 0xFF; + p[2] = (t >> 8) & 0xFF; + p[3] = (t >> 0) & 0xFF; + + timedata.data = p; + timedata.length = sizeof(p); + + krb5_cc_set_config(context, ctx->ccache, ctx->target, + "time-offset", &timedata); + + if ((ctx->more_flags & RETRIED) == 0) + ctx->state = INITIATOR_RESTART; + ctx->more_flags |= RETRIED; + } + free_KRB_ERROR (&error); + } + return kret; +} + + static OM_uint32 repl_mutual (OM_uint32 * minor_status, @@ -585,7 +757,6 @@ repl_mutual krb5_error_code kret; krb5_data indata; krb5_ap_rep_enc_part *repl; - int is_cfx = 0; output_token->length = 0; output_token->value = NULL; @@ -593,46 +764,57 @@ repl_mutual if (actual_mech_type) *actual_mech_type = GSS_KRB5_MECHANISM; - if (ctx->flags & GSS_C_DCE_STYLE) { + if (IS_DCE_STYLE(ctx)) { /* There is no OID wrapping. */ indata.length = input_token->length; indata.data = input_token->value; + kret = krb5_rd_rep(context, + ctx->auth_context, + &indata, + &repl); + if (kret) { + ret = _gsskrb5_decapsulate(minor_status, + input_token, + &indata, + "\x03\x00", + GSS_KRB5_MECHANISM); + if (ret == GSS_S_COMPLETE) { + *minor_status = handle_error_packet(context, ctx, indata); + } else { + *minor_status = kret; + } + return GSS_S_FAILURE; + } } else { ret = _gsskrb5_decapsulate (minor_status, input_token, &indata, "\x02\x00", GSS_KRB5_MECHANISM); - if (ret) { - /* XXX - Handle AP_ERROR */ - return ret; + if (ret == GSS_S_DEFECTIVE_TOKEN) { + /* check if there is an error token sent instead */ + ret = _gsskrb5_decapsulate (minor_status, + input_token, + &indata, + "\x03\x00", + GSS_KRB5_MECHANISM); + if (ret == GSS_S_COMPLETE) { + *minor_status = handle_error_packet(context, ctx, indata); + return GSS_S_FAILURE; + } + } + kret = krb5_rd_rep (context, + ctx->auth_context, + &indata, + &repl); + if (kret) { + *minor_status = kret; + return GSS_S_FAILURE; } } - kret = krb5_rd_rep (context, - ctx->auth_context, - &indata, - &repl); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } krb5_free_ap_rep_enc_part (context, repl); - - _gsskrb5i_is_cfx(ctx, &is_cfx); - if (is_cfx) { - krb5_keyblock *key = NULL; - - kret = krb5_auth_con_getremotesubkey(context, - ctx->auth_context, - &key); - if (kret == 0 && key != NULL) { - ctx->more_flags |= ACCEPTOR_SUBKEY; - krb5_free_keyblock (context, key); - } - } - *minor_status = 0; if (time_rec) { @@ -647,30 +829,31 @@ repl_mutual *ret_flags = ctx->flags; if (req_flags & GSS_C_DCE_STYLE) { - int32_t con_flags; + int32_t local_seq, remote_seq; krb5_data outbuf; - /* Do don't do sequence number for the mk-rep */ - krb5_auth_con_removeflags(context, - ctx->auth_context, - KRB5_AUTH_CONTEXT_DO_SEQUENCE, - &con_flags); + /* + * So DCE_STYLE is strange. The client echos the seq number + * that the server used in the server's mk_rep in its own + * mk_rep(). After when done, it resets to it's own seq number + * for the gss_wrap calls. + */ - kret = krb5_mk_rep(context, - ctx->auth_context, - &outbuf); + krb5_auth_con_getremoteseqnumber(context, ctx->auth_context, &remote_seq); + krb5_auth_con_getlocalseqnumber(context, ctx->auth_context, &local_seq); + krb5_auth_con_setlocalseqnumber(context, ctx->auth_context, remote_seq); + + kret = krb5_mk_rep(context, ctx->auth_context, &outbuf); if (kret) { *minor_status = kret; return GSS_S_FAILURE; } - + + /* reset local seq number */ + krb5_auth_con_setlocalseqnumber(context, ctx->auth_context, local_seq); + output_token->length = outbuf.length; output_token->value = outbuf.data; - - krb5_auth_con_removeflags(context, - ctx->auth_context, - KRB5_AUTH_CONTEXT_DO_SEQUENCE, - NULL); } return gsskrb5_initiator_ready(minor_status, ctx, context); @@ -680,9 +863,9 @@ repl_mutual * gss_init_sec_context */ -OM_uint32 _gsskrb5_init_sec_context +OM_uint32 GSSAPI_CALLCONV _gsskrb5_init_sec_context (OM_uint32 * minor_status, - const gss_cred_id_t initiator_cred_handle, + const gss_cred_id_t cred_handle, gss_ctx_id_t * context_handle, const gss_name_t target_name, const gss_OID mech_type, @@ -697,8 +880,7 @@ OM_uint32 _gsskrb5_init_sec_context ) { krb5_context context; - gsskrb5_cred cred = (gsskrb5_cred)initiator_cred_handle; - krb5_const_principal name = (krb5_const_principal)target_name; + gsskrb5_cred cred = (gsskrb5_cred)cred_handle; gsskrb5_ctx ctx; OM_uint32 ret; @@ -724,25 +906,25 @@ OM_uint32 _gsskrb5_init_sec_context return GSS_S_BAD_NAME; } - if (mech_type != GSS_C_NO_OID && + if (mech_type != GSS_C_NO_OID && !gss_oid_equal(mech_type, GSS_KRB5_MECHANISM)) return GSS_S_BAD_MECH; if (input_token == GSS_C_NO_BUFFER || input_token->length == 0) { - OM_uint32 ret; + OM_uint32 ret1; if (*context_handle != GSS_C_NO_CONTEXT) { *minor_status = 0; return GSS_S_FAILURE | GSS_S_CALL_BAD_STRUCTURE; } - - ret = _gsskrb5_create_ctx(minor_status, + + ret1 = _gsskrb5_create_ctx(minor_status, context_handle, context, input_chan_bindings, INITIATOR_START); - if (ret) - return ret; + if (ret1) + return ret1; } if (*context_handle == GSS_C_NO_CONTEXT) { @@ -754,22 +936,37 @@ OM_uint32 _gsskrb5_init_sec_context HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); + again: switch (ctx->state) { case INITIATOR_START: ret = init_auth(minor_status, cred, ctx, context, - name, + target_name, mech_type, req_flags, time_req, - input_chan_bindings, input_token, actual_mech_type, output_token, ret_flags, time_rec); + if (ret != GSS_S_COMPLETE) + break; + /* FALL THOUGH */ + case INITIATOR_RESTART: + ret = init_auth_restart(minor_status, + cred, + ctx, + context, + req_flags, + input_chan_bindings, + input_token, + actual_mech_type, + output_token, + ret_flags, + time_rec); break; case INITIATOR_WAIT_FOR_MUTAL: ret = repl_mutual(minor_status, @@ -784,17 +981,24 @@ OM_uint32 _gsskrb5_init_sec_context output_token, ret_flags, time_rec); + if (ctx->state == INITIATOR_RESTART) + goto again; break; case INITIATOR_READY: - /* + /* * If we get there, the caller have called * gss_init_sec_context() one time too many. */ - *minor_status = 0; + _gsskrb5_set_status(EINVAL, "init_sec_context " + "called one time too many"); + *minor_status = EINVAL; ret = GSS_S_BAD_STATUS; break; default: - *minor_status = 0; + _gsskrb5_set_status(EINVAL, "init_sec_context " + "invalid state %d for client", + (int)ctx->state); + *minor_status = EINVAL; ret = GSS_S_BAD_STATUS; break; } diff --git a/lib/gssapi/krb5/inquire_context.c b/lib/gssapi/krb5/inquire_context.c index 41430568b005..ade8ec4b9cb6 100644 --- a/lib/gssapi/krb5/inquire_context.c +++ b/lib/gssapi/krb5/inquire_context.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: inquire_context.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 _gsskrb5_inquire_context ( +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_context ( OM_uint32 * minor_status, const gss_ctx_id_t context_handle, gss_name_t * src_name, @@ -76,7 +74,7 @@ OM_uint32 _gsskrb5_inquire_context ( } if (lifetime_rec) { - ret = _gsskrb5_lifetime_left(minor_status, + ret = _gsskrb5_lifetime_left(minor_status, context, ctx->lifetime, lifetime_rec); diff --git a/lib/gssapi/krb5/inquire_cred.c b/lib/gssapi/krb5/inquire_cred.c index 47bf71e686ff..f88199692cd7 100644 --- a/lib/gssapi/krb5/inquire_cred.c +++ b/lib/gssapi/krb5/inquire_cred.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: inquire_cred.c 20688 2007-05-17 18:44:31Z lha $"); - -OM_uint32 _gsskrb5_inquire_cred +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_cred (OM_uint32 * minor_status, const gss_cred_id_t cred_handle, gss_name_t * output_name, @@ -60,7 +58,7 @@ OM_uint32 _gsskrb5_inquire_cred GSSAPI_KRB5_INIT (&context); if (cred_handle == GSS_C_NO_CREDENTIAL) { - ret = _gsskrb5_acquire_cred(minor_status, + ret = _gsskrb5_acquire_cred(minor_status, GSS_C_NO_NAME, GSS_C_INDEFINITE, GSS_C_NO_OID_SET, @@ -71,7 +69,7 @@ OM_uint32 _gsskrb5_inquire_cred if (ret == GSS_S_COMPLETE) acred = (gsskrb5_cred)aqcred_accept; - ret = _gsskrb5_acquire_cred(minor_status, + ret = _gsskrb5_acquire_cred(minor_status, GSS_C_NO_NAME, GSS_C_INDEFINITE, GSS_C_NO_OID_SET, @@ -97,19 +95,19 @@ OM_uint32 _gsskrb5_inquire_cred if (output_name != NULL) { if (icred && icred->principal != NULL) { gss_name_t name; - + if (acred && acred->principal) name = (gss_name_t)acred->principal; else name = (gss_name_t)icred->principal; - + ret = _gsskrb5_duplicate_name(minor_status, name, output_name); if (ret) goto out; } else if (acred && acred->usage == GSS_C_ACCEPT) { krb5_principal princ; *minor_status = krb5_sname_to_principal(context, NULL, - NULL, KRB5_NT_SRV_HST, + NULL, KRB5_NT_SRV_HST, &princ); if (*minor_status) { ret = GSS_S_FAILURE; @@ -133,7 +131,7 @@ OM_uint32 _gsskrb5_inquire_cred if (acred) alife = acred->lifetime; if (icred) ilife = icred->lifetime; - ret = _gsskrb5_lifetime_left(minor_status, + ret = _gsskrb5_lifetime_left(minor_status, context, min(alife,ilife), lifetime); diff --git a/lib/gssapi/krb5/inquire_cred_by_mech.c b/lib/gssapi/krb5/inquire_cred_by_mech.c index a8af2145bea8..7bd9c11c6056 100644 --- a/lib/gssapi/krb5/inquire_cred_by_mech.c +++ b/lib/gssapi/krb5/inquire_cred_by_mech.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 2003, 2006, 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003, 2006, 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: inquire_cred_by_mech.c 20634 2007-05-09 15:33:01Z lha $"); - -OM_uint32 _gsskrb5_inquire_cred_by_mech ( +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_cred_by_mech ( OM_uint32 * minor_status, const gss_cred_id_t cred_handle, const gss_OID mech_type, @@ -49,7 +47,7 @@ OM_uint32 _gsskrb5_inquire_cred_by_mech ( OM_uint32 maj_stat; OM_uint32 lifetime; - maj_stat = + maj_stat = _gsskrb5_inquire_cred (minor_status, cred_handle, name, &lifetime, &usage, NULL); if (maj_stat) @@ -61,7 +59,7 @@ OM_uint32 _gsskrb5_inquire_cred_by_mech ( else *initiator_lifetime = 0; } - + if (acceptor_lifetime) { if (usage == GSS_C_ACCEPT || usage == GSS_C_BOTH) *acceptor_lifetime = lifetime; diff --git a/lib/gssapi/krb5/inquire_cred_by_oid.c b/lib/gssapi/krb5/inquire_cred_by_oid.c index da50b11d934a..d560ed4ba1c6 100644 --- a/lib/gssapi/krb5/inquire_cred_by_oid.c +++ b/lib/gssapi/krb5/inquire_cred_by_oid.c @@ -30,11 +30,9 @@ * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: inquire_cred_by_oid.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 _gsskrb5_inquire_cred_by_oid +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_cred_by_oid (OM_uint32 * minor_status, const gss_cred_id_t cred_handle, const gss_OID desired_object, diff --git a/lib/gssapi/krb5/inquire_mechs_for_name.c b/lib/gssapi/krb5/inquire_mechs_for_name.c index 0ce051f19c0c..6197a81b40a7 100644 --- a/lib/gssapi/krb5/inquire_mechs_for_name.c +++ b/lib/gssapi/krb5/inquire_mechs_for_name.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: inquire_mechs_for_name.c 20688 2007-05-17 18:44:31Z lha $"); - -OM_uint32 _gsskrb5_inquire_mechs_for_name ( +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_mechs_for_name ( OM_uint32 * minor_status, const gss_name_t input_name, gss_OID_set * mech_types diff --git a/lib/gssapi/krb5/inquire_names_for_mech.c b/lib/gssapi/krb5/inquire_names_for_mech.c index 64abd3c34a9f..65bd49c971ba 100644 --- a/lib/gssapi/krb5/inquire_names_for_mech.c +++ b/lib/gssapi/krb5/inquire_names_for_mech.c @@ -1,50 +1,47 @@ /* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: inquire_names_for_mech.c 20688 2007-05-17 18:44:31Z lha $"); - - -static gss_OID *name_list[] = { - &GSS_C_NT_HOSTBASED_SERVICE, - &GSS_C_NT_USER_NAME, - &GSS_KRB5_NT_PRINCIPAL_NAME, - &GSS_C_NT_EXPORT_NAME, +static gss_OID name_list[] = { + GSS_C_NT_HOSTBASED_SERVICE, + GSS_C_NT_USER_NAME, + GSS_KRB5_NT_PRINCIPAL_NAME, + GSS_C_NT_EXPORT_NAME, NULL }; -OM_uint32 _gsskrb5_inquire_names_for_mech ( +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_names_for_mech ( OM_uint32 * minor_status, const gss_OID mechanism, gss_OID_set * name_types @@ -64,10 +61,10 @@ OM_uint32 _gsskrb5_inquire_names_for_mech ( ret = gss_create_empty_oid_set(minor_status, name_types); if (ret != GSS_S_COMPLETE) return ret; - + for (i = 0; name_list[i] != NULL; i++) { - ret = gss_add_oid_set_member(minor_status, - *(name_list[i]), + ret = gss_add_oid_set_member(minor_status, + name_list[i], name_types); if (ret != GSS_S_COMPLETE) break; @@ -75,6 +72,6 @@ OM_uint32 _gsskrb5_inquire_names_for_mech ( if (ret != GSS_S_COMPLETE) gss_release_oid_set(NULL, name_types); - + return GSS_S_COMPLETE; } diff --git a/lib/gssapi/krb5/inquire_sec_context_by_oid.c b/lib/gssapi/krb5/inquire_sec_context_by_oid.c index 5ca7536e6a39..b57217a4e830 100644 --- a/lib/gssapi/krb5/inquire_sec_context_by_oid.c +++ b/lib/gssapi/krb5/inquire_sec_context_by_oid.c @@ -30,9 +30,7 @@ * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: inquire_sec_context_by_oid.c 19031 2006-11-13 18:02:57Z lha $"); +#include "gsskrb5_locl.h" static int oid_prefix_equal(gss_OID oid_enc, gss_OID prefix_enc, unsigned *suffix) @@ -40,7 +38,7 @@ oid_prefix_equal(gss_OID oid_enc, gss_OID prefix_enc, unsigned *suffix) int ret; heim_oid oid; heim_oid prefix; - + *suffix = 0; ret = der_get_oid(oid_enc->elements, oid_enc->length, @@ -84,7 +82,7 @@ static OM_uint32 inquire_sec_context_tkt_flags if (context_handle->ticket == NULL) { HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - _gsskrb5_set_status("No ticket from which to obtain flags"); + _gsskrb5_set_status(EINVAL, "No ticket from which to obtain flags"); *minor_status = EINVAL; return GSS_S_BAD_MECH; } @@ -137,15 +135,15 @@ static OM_uint32 inquire_sec_context_get_subkey ret = _gsskrb5i_get_token_key(context_handle, context, &key); break; default: - _gsskrb5_set_status("%d is not a valid subkey type", keytype); + _gsskrb5_set_status(EINVAL, "%d is not a valid subkey type", keytype); ret = EINVAL; break; } HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - if (ret) + if (ret) goto out; if (key == NULL) { - _gsskrb5_set_status("have no subkey of type %d", keytype); + _gsskrb5_set_status(EINVAL, "have no subkey of type %d", keytype); ret = EINVAL; goto out; } @@ -161,10 +159,10 @@ static OM_uint32 inquire_sec_context_get_subkey { gss_buffer_desc value; - + value.length = data.length; value.value = data.data; - + maj_stat = gss_add_buffer_set_member(minor_status, &value, data_set); @@ -181,6 +179,46 @@ static OM_uint32 inquire_sec_context_get_subkey return maj_stat; } +static OM_uint32 inquire_sec_context_get_sspi_session_key + (OM_uint32 *minor_status, + const gsskrb5_ctx context_handle, + krb5_context context, + gss_buffer_set_t *data_set) +{ + krb5_keyblock *key; + OM_uint32 maj_stat = GSS_S_COMPLETE; + krb5_error_code ret; + gss_buffer_desc value; + + HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); + ret = _gsskrb5i_get_token_key(context_handle, context, &key); + HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); + + if (ret) + goto out; + if (key == NULL) { + ret = EINVAL; + goto out; + } + + value.length = key->keyvalue.length; + value.value = key->keyvalue.data; + + maj_stat = gss_add_buffer_set_member(minor_status, + &value, + data_set); + krb5_free_keyblock(context, key); + + /* MIT also returns the enctype encoded as an OID in data_set[1] */ + +out: + if (ret) { + *minor_status = ret; + maj_stat = GSS_S_FAILURE; + } + return maj_stat; +} + static OM_uint32 inquire_sec_context_authz_data (OM_uint32 *minor_status, const gsskrb5_ctx context_handle, @@ -199,7 +237,7 @@ static OM_uint32 inquire_sec_context_authz_data if (context_handle->ticket == NULL) { HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); *minor_status = EINVAL; - _gsskrb5_set_status("No ticket to obtain authz data from"); + _gsskrb5_set_status(EINVAL, "No ticket to obtain authz data from"); return GSS_S_NO_CONTEXT; } @@ -242,7 +280,7 @@ static OM_uint32 inquire_sec_context_has_updated_spnego * mechanism. */ HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - _gsskrb5i_is_cfx(context_handle, &is_updated); + is_updated = (context_handle->more_flags & IS_CFX); if (is_updated == 0) { krb5_keyblock *acceptor_subkey; @@ -277,12 +315,12 @@ export_lucid_sec_context_v1(OM_uint32 *minor_status, int32_t number; int is_cfx; krb5_data data; - + *minor_status = 0; HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - _gsskrb5i_is_cfx(context_handle, &is_cfx); + is_cfx = (context_handle->more_flags & IS_CFX); sp = krb5_storage_emem(); if (sp == NULL) { @@ -301,12 +339,16 @@ export_lucid_sec_context_v1(OM_uint32 *minor_status, context_handle->auth_context, &number); ret = krb5_store_uint32(sp, (uint32_t)0); /* store top half as zero */ + if (ret) goto out; ret = krb5_store_uint32(sp, (uint32_t)number); - krb5_auth_getremoteseqnumber (context, - context_handle->auth_context, - &number); + if (ret) goto out; + krb5_auth_con_getremoteseqnumber (context, + context_handle->auth_context, + &number); ret = krb5_store_uint32(sp, (uint32_t)0); /* store top half as zero */ + if (ret) goto out; ret = krb5_store_uint32(sp, (uint32_t)number); + if (ret) goto out; ret = krb5_store_int32(sp, (is_cfx) ? 1 : 0); if (ret) goto out; @@ -390,7 +432,7 @@ export_lucid_sec_context_v1(OM_uint32 *minor_status, static OM_uint32 get_authtime(OM_uint32 *minor_status, - gsskrb5_ctx ctx, + gsskrb5_ctx ctx, gss_buffer_set_t *data_set) { @@ -401,13 +443,13 @@ get_authtime(OM_uint32 *minor_status, HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); if (ctx->ticket == NULL) { HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - _gsskrb5_set_status("No ticket to obtain auth time from"); + _gsskrb5_set_status(EINVAL, "No ticket to obtain auth time from"); *minor_status = EINVAL; return GSS_S_FAILURE; } - + authtime = ctx->ticket->ticket.authtime; - + HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); _gsskrb5_encode_om_uint32(authtime, buf); @@ -420,17 +462,17 @@ get_authtime(OM_uint32 *minor_status, } -static OM_uint32 +static OM_uint32 get_service_keyblock (OM_uint32 *minor_status, - gsskrb5_ctx ctx, + gsskrb5_ctx ctx, gss_buffer_set_t *data_set) { krb5_storage *sp = NULL; krb5_data data; OM_uint32 maj_stat = GSS_S_COMPLETE; krb5_error_code ret = EINVAL; - + sp = krb5_storage_emem(); if (sp == NULL) { _gsskrb5_clear_status(); @@ -441,9 +483,10 @@ get_service_keyblock HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); if (ctx->service_keyblock == NULL) { HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - _gsskrb5_set_status("No service keyblock on gssapi context"); + krb5_storage_free(sp); + _gsskrb5_set_status(EINVAL, "No service keyblock on gssapi context"); *minor_status = EINVAL; - return GSS_S_FAILURE; + return GSS_S_FAILURE; } krb5_data_zero(&data); @@ -461,10 +504,10 @@ get_service_keyblock { gss_buffer_desc value; - + value.length = data.length; value.value = data.data; - + maj_stat = gss_add_buffer_set_member(minor_status, &value, data_set); @@ -484,7 +527,7 @@ get_service_keyblock * */ -OM_uint32 _gsskrb5_inquire_sec_context_by_oid +OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_sec_context_by_oid (OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_OID desired_object, @@ -527,6 +570,11 @@ OM_uint32 _gsskrb5_inquire_sec_context_by_oid context, ACCEPTOR_KEY, data_set); + } else if (gss_oid_equal(desired_object, GSS_C_INQ_SSPI_SESSION_KEY)) { + return inquire_sec_context_get_sspi_session_key(minor_status, + ctx, + context, + data_set); } else if (gss_oid_equal(desired_object, GSS_KRB5_GET_AUTHTIME_X)) { return get_authtime(minor_status, ctx, data_set); } else if (oid_prefix_equal(desired_object, diff --git a/lib/gssapi/krb5/pname_to_uid.c b/lib/gssapi/krb5/pname_to_uid.c new file mode 100644 index 000000000000..ff754e779813 --- /dev/null +++ b/lib/gssapi/krb5/pname_to_uid.c @@ -0,0 +1,85 @@ +/* + * Copyright (c) 2011, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gsskrb5_locl.h" + +OM_uint32 GSSAPI_CALLCONV +_gsskrb5_pname_to_uid(OM_uint32 *minor_status, + const gss_name_t pname, + const gss_OID mech_type, + uid_t *uidp) +{ +#ifdef NO_LOCALNAME + *minor_status = KRB5_NO_LOCALNAME; + return GSS_S_FAILURE; +#else + krb5_error_code ret; + krb5_context context; + krb5_const_principal princ = (krb5_const_principal)pname; + char localname[256]; +#ifdef POSIX_GETPWNAM_R + char pwbuf[2048]; + struct passwd pw, *pwd; +#else + struct passwd *pwd; +#endif + + GSSAPI_KRB5_INIT(&context); + + *minor_status = 0; + + ret = krb5_aname_to_localname(context, princ, + sizeof(localname), localname); + if (ret != 0) { + *minor_status = ret; + return GSS_S_FAILURE; + } + +#ifdef POSIX_GETPWNAM_R + if (getpwnam_r(localname, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0) { + *minor_status = KRB5_NO_LOCALNAME; + return GSS_S_FAILURE; + } +#else + pwd = getpwnam(localname); +#endif + + if (pwd == NULL) { + *minor_status = KRB5_NO_LOCALNAME; + return GSS_S_FAILURE; + } + + *uidp = pwd->pw_uid; + + return GSS_S_COMPLETE; +#endif /* NO_LOCALNAME */ +} diff --git a/lib/gssapi/krb5/prf.c b/lib/gssapi/krb5/prf.c index f79c9374a9c7..162a3097099f 100644 --- a/lib/gssapi/krb5/prf.c +++ b/lib/gssapi/krb5/prf.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: prf.c 21129 2007-06-18 20:28:44Z lha $"); - -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_pseudo_random(OM_uint32 *minor_status, gss_ctx_id_t context_handle, int prf_key, @@ -49,18 +47,21 @@ _gsskrb5_pseudo_random(OM_uint32 *minor_status, krb5_crypto crypto; krb5_data input, output; uint32_t num; + OM_uint32 junk; unsigned char *p; krb5_keyblock *key = NULL; + size_t dol; if (ctx == NULL) { *minor_status = 0; return GSS_S_NO_CONTEXT; } - if (desired_output_len <= 0) { + if (desired_output_len <= 0 || prf_in->length + 4 < prf_in->length) { *minor_status = 0; return GSS_S_FAILURE; } + dol = desired_output_len; GSSAPI_KRB5_INIT (&context); @@ -72,14 +73,14 @@ _gsskrb5_pseudo_random(OM_uint32 *minor_status, _gsskrb5i_get_initiator_subkey(ctx, context, &key); break; default: - _gsskrb5_set_status("unknown kerberos prf_key"); - *minor_status = 0; + _gsskrb5_set_status(EINVAL, "unknown kerberos prf_key"); + *minor_status = EINVAL; return GSS_S_FAILURE; } if (key == NULL) { - _gsskrb5_set_status("no prf_key found"); - *minor_status = 0; + _gsskrb5_set_status(EINVAL, "no prf_key found"); + *minor_status = EINVAL; return GSS_S_FAILURE; } @@ -90,37 +91,38 @@ _gsskrb5_pseudo_random(OM_uint32 *minor_status, return GSS_S_FAILURE; } - prf_out->value = malloc(desired_output_len); + prf_out->value = malloc(dol); if (prf_out->value == NULL) { - _gsskrb5_set_status("Out of memory"); + _gsskrb5_set_status(GSS_KRB5_S_KG_INPUT_TOO_LONG, "Out of memory"); *minor_status = GSS_KRB5_S_KG_INPUT_TOO_LONG; krb5_crypto_destroy(context, crypto); return GSS_S_FAILURE; } - prf_out->length = desired_output_len; + prf_out->length = dol; HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); input.length = prf_in->length + 4; input.data = malloc(prf_in->length + 4); if (input.data == NULL) { - OM_uint32 junk; - _gsskrb5_set_status("Out of memory"); + _gsskrb5_set_status(GSS_KRB5_S_KG_INPUT_TOO_LONG, "Out of memory"); *minor_status = GSS_KRB5_S_KG_INPUT_TOO_LONG; gss_release_buffer(&junk, prf_out); krb5_crypto_destroy(context, crypto); HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); return GSS_S_FAILURE; } - memcpy(((unsigned char *)input.data) + 4, prf_in->value, prf_in->length); + memcpy(((uint8_t *)input.data) + 4, prf_in->value, prf_in->length); num = 0; p = prf_out->value; - while(desired_output_len > 0) { + while(dol > 0) { + size_t tsize; + _gsskrb5_encode_om_uint32(num, input.data); + ret = krb5_crypto_prf(context, crypto, &input, &output); if (ret) { - OM_uint32 junk; *minor_status = ret; free(input.data); gss_release_buffer(&junk, prf_out); @@ -128,12 +130,15 @@ _gsskrb5_pseudo_random(OM_uint32 *minor_status, HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); return GSS_S_FAILURE; } - memcpy(p, output.data, min(desired_output_len, output.length)); + + tsize = min(dol, output.length); + memcpy(p, output.data, tsize); p += output.length; - desired_output_len -= output.length; + dol -= tsize; krb5_data_free(&output); num++; } + free(input.data); krb5_crypto_destroy(context, crypto); diff --git a/lib/gssapi/krb5/process_context_token.c b/lib/gssapi/krb5/process_context_token.c index 15638f57fcc5..0cc1c07cfbe9 100644 --- a/lib/gssapi/krb5/process_context_token.c +++ b/lib/gssapi/krb5/process_context_token.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: process_context_token.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 _gsskrb5_process_context_token ( +OM_uint32 GSSAPI_CALLCONV _gsskrb5_process_context_token ( OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t token_buffer @@ -44,20 +42,18 @@ OM_uint32 _gsskrb5_process_context_token ( krb5_context context; OM_uint32 ret = GSS_S_FAILURE; gss_buffer_desc empty_buffer; - gss_qop_t qop_state; empty_buffer.length = 0; empty_buffer.value = NULL; GSSAPI_KRB5_INIT (&context); - qop_state = GSS_C_QOP_DEFAULT; - - ret = _gsskrb5_verify_mic_internal(minor_status, + ret = _gsskrb5_verify_mic_internal(minor_status, (gsskrb5_ctx)context_handle, context, token_buffer, &empty_buffer, - GSS_C_QOP_DEFAULT, "\x01\x02"); + GSS_C_QOP_DEFAULT, + "\x01\x02"); if (ret == GSS_S_COMPLETE) ret = _gsskrb5_delete_sec_context(minor_status, diff --git a/lib/gssapi/krb5/release_buffer.c b/lib/gssapi/krb5/release_buffer.c index 5dff62631ab4..b704e001ebd1 100644 --- a/lib/gssapi/krb5/release_buffer.c +++ b/lib/gssapi/krb5/release_buffer.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: release_buffer.c 18334 2006-10-07 22:16:04Z lha $"); +#include "gsskrb5_locl.h" OM_uint32 _gsskrb5_release_buffer (OM_uint32 * minor_status, diff --git a/lib/gssapi/krb5/release_cred.c b/lib/gssapi/krb5/release_cred.c index ab5695b097b1..105a7a6eb223 100644 --- a/lib/gssapi/krb5/release_cred.c +++ b/lib/gssapi/krb5/release_cred.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: release_cred.c 20753 2007-05-31 22:50:06Z lha $"); - -OM_uint32 _gsskrb5_release_cred +OM_uint32 GSSAPI_CALLCONV _gsskrb5_release_cred (OM_uint32 * minor_status, gss_cred_id_t * cred_handle ) @@ -46,7 +44,7 @@ OM_uint32 _gsskrb5_release_cred *minor_status = 0; - if (*cred_handle == NULL) + if (*cred_handle == NULL) return GSS_S_COMPLETE; cred = (gsskrb5_cred)*cred_handle; @@ -61,11 +59,9 @@ OM_uint32 _gsskrb5_release_cred if (cred->keytab != NULL) krb5_kt_close(context, cred->keytab); if (cred->ccache != NULL) { - const krb5_cc_ops *ops; - ops = krb5_cc_get_ops(context, cred->ccache); if (cred->cred_flags & GSS_CF_DESTROY_CRED_ON_RELEASE) krb5_cc_destroy(context, cred->ccache); - else + else krb5_cc_close(context, cred->ccache); } gss_release_oid_set(&junk, &cred->mechanisms); diff --git a/lib/gssapi/krb5/release_name.c b/lib/gssapi/krb5/release_name.c index 80b91930fd37..57fc8a4e45eb 100644 --- a/lib/gssapi/krb5/release_name.c +++ b/lib/gssapi/krb5/release_name.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: release_name.c 21128 2007-06-18 20:26:50Z lha $"); - -OM_uint32 _gsskrb5_release_name +OM_uint32 GSSAPI_CALLCONV _gsskrb5_release_name (OM_uint32 * minor_status, gss_name_t * input_name ) diff --git a/lib/gssapi/krb5/sequence.c b/lib/gssapi/krb5/sequence.c index 677a3c8d0778..2e0e7b20f922 100644 --- a/lib/gssapi/krb5/sequence.c +++ b/lib/gssapi/krb5/sequence.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: sequence.c 18334 2006-10-07 22:16:04Z lha $"); +#include "gsskrb5_locl.h" #define DEFAULT_JITTER_WINDOW 20 @@ -57,19 +55,19 @@ msg_order_alloc(OM_uint32 *minor_status, OM_uint32 jitter_window) { size_t len; - + len = jitter_window * sizeof((*o)->elem[0]); len += sizeof(**o); len -= sizeof((*o)->elem[0]); - + *o = calloc(1, len); if (*o == NULL) { *minor_status = ENOMEM; return GSS_S_FAILURE; - } - + } + *minor_status = 0; - return GSS_S_COMPLETE; + return GSS_S_COMPLETE; } /* @@ -78,9 +76,9 @@ msg_order_alloc(OM_uint32 *minor_status, OM_uint32 _gssapi_msg_order_create(OM_uint32 *minor_status, - struct gss_msg_order **o, - OM_uint32 flags, - OM_uint32 seq_num, + struct gss_msg_order **o, + OM_uint32 flags, + OM_uint32 seq_num, OM_uint32 jitter_window, int use_64) { @@ -118,7 +116,7 @@ elem_set(struct gss_msg_order *o, unsigned int slot, OM_uint32 val) } static void -elem_insert(struct gss_msg_order *o, +elem_insert(struct gss_msg_order *o, unsigned int after_slot, OM_uint32 seq_num) { @@ -143,7 +141,7 @@ OM_uint32 _gssapi_msg_order_check(struct gss_msg_order *o, OM_uint32 seq_num) { OM_uint32 r; - int i; + size_t i; if (o == NULL) return GSS_S_COMPLETE; @@ -159,11 +157,11 @@ _gssapi_msg_order_check(struct gss_msg_order *o, OM_uint32 seq_num) r = (o->flags & (GSS_C_REPLAY_FLAG|GSS_C_SEQUENCE_FLAG))==GSS_C_REPLAY_FLAG; - /* sequence number larger then largest sequence number + /* sequence number larger then largest sequence number * or smaller then the first sequence number */ if (seq_num > o->elem[0] || seq_num < o->first_seq - || o->length == 0) + || o->length == 0) { elem_insert(o, 0, seq_num); if (r) { @@ -217,7 +215,7 @@ _gssapi_msg_order_export(krb5_storage *sp, struct gss_msg_order *o) { krb5_error_code kret; OM_uint32 i; - + kret = krb5_store_int32(sp, o->flags); if (kret) return kret; @@ -233,51 +231,51 @@ _gssapi_msg_order_export(krb5_storage *sp, struct gss_msg_order *o) kret = krb5_store_int32(sp, o->first_seq); if (kret) return kret; - + for (i = 0; i < o->jitter_window; i++) { kret = krb5_store_int32(sp, o->elem[i]); if (kret) return kret; } - + return 0; } OM_uint32 _gssapi_msg_order_import(OM_uint32 *minor_status, - krb5_storage *sp, + krb5_storage *sp, struct gss_msg_order **o) { OM_uint32 ret; krb5_error_code kret; int32_t i, flags, start, length, jitter_window, first_seq; - + kret = krb5_ret_int32(sp, &flags); if (kret) goto failed; - ret = krb5_ret_int32(sp, &start); + kret = krb5_ret_int32(sp, &start); if (kret) goto failed; - ret = krb5_ret_int32(sp, &length); + kret = krb5_ret_int32(sp, &length); if (kret) goto failed; - ret = krb5_ret_int32(sp, &jitter_window); + kret = krb5_ret_int32(sp, &jitter_window); if (kret) goto failed; - ret = krb5_ret_int32(sp, &first_seq); + kret = krb5_ret_int32(sp, &first_seq); if (kret) goto failed; - + ret = msg_order_alloc(minor_status, o, jitter_window); if (ret != GSS_S_COMPLETE) return ret; - + (*o)->flags = flags; (*o)->start = start; (*o)->length = length; (*o)->jitter_window = jitter_window; (*o)->first_seq = first_seq; - + for( i = 0; i < jitter_window; i++ ) { kret = krb5_ret_int32(sp, (int32_t*)&((*o)->elem[i])); if (kret) diff --git a/lib/gssapi/krb5/set_cred_option.c b/lib/gssapi/krb5/set_cred_option.c index d0ca1c4d95dd..bd3871675109 100644 --- a/lib/gssapi/krb5/set_cred_option.c +++ b/lib/gssapi/krb5/set_cred_option.c @@ -30,14 +30,7 @@ * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: set_cred_option.c 20325 2007-04-12 16:49:17Z lha $"); - -static gss_OID_desc gss_krb5_import_cred_x_oid_desc = -{9, (void *)"\x2b\x06\x01\x04\x01\xa9\x4a\x13\x04"}; /* XXX */ - -gss_OID GSS_KRB5_IMPORT_CRED_X = &gss_krb5_import_cred_x_oid_desc; +#include "gsskrb5_locl.h" static OM_uint32 import_cred(OM_uint32 *minor_status, @@ -112,8 +105,8 @@ import_cred(OM_uint32 *minor_status, free(str); str = NULL; - major_stat = _gsskrb5_import_cred(minor_status, id, keytab_principal, - keytab, cred_handle); + major_stat = _gsskrb5_krb5_import_cred(minor_status, id, keytab_principal, + keytab, cred_handle); out: if (id) krb5_cc_close(context, id); @@ -201,8 +194,29 @@ allowed_enctypes(OM_uint32 *minor_status, return major_stat; } +static OM_uint32 +no_ci_flags(OM_uint32 *minor_status, + krb5_context context, + gss_cred_id_t *cred_handle, + const gss_buffer_t value) +{ + gsskrb5_cred cred; -OM_uint32 + if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) { + *minor_status = 0; + return GSS_S_FAILURE; + } + + cred = (gsskrb5_cred)*cred_handle; + cred->cred_flags |= GSS_CF_NO_CI_FLAGS; + + *minor_status = 0; + return GSS_S_COMPLETE; + +} + + +OM_uint32 GSSAPI_CALLCONV _gsskrb5_set_cred_option (OM_uint32 *minor_status, gss_cred_id_t *cred_handle, @@ -224,6 +238,11 @@ _gsskrb5_set_cred_option if (gss_oid_equal(desired_object, GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X)) return allowed_enctypes(minor_status, context, cred_handle, value); + if (gss_oid_equal(desired_object, GSS_KRB5_CRED_NO_CI_FLAGS_X)) { + return no_ci_flags(minor_status, context, cred_handle, value); + } + + *minor_status = EINVAL; return GSS_S_FAILURE; } diff --git a/lib/gssapi/krb5/set_sec_context_option.c b/lib/gssapi/krb5/set_sec_context_option.c index 50441a11ad3c..141ff722fb64 100644 --- a/lib/gssapi/krb5/set_sec_context_option.c +++ b/lib/gssapi/krb5/set_sec_context_option.c @@ -34,9 +34,7 @@ * glue routine for _gsskrb5_inquire_sec_context_by_oid */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: set_sec_context_option.c 20384 2007-04-18 08:51:06Z lha $"); +#include "gsskrb5_locl.h" static OM_uint32 get_bool(OM_uint32 *minor_status, @@ -70,7 +68,37 @@ get_string(OM_uint32 *minor_status, return GSS_S_COMPLETE; } -OM_uint32 +static OM_uint32 +get_int32(OM_uint32 *minor_status, + const gss_buffer_t value, + OM_uint32 *ret) +{ + *minor_status = 0; + if (value == NULL || value->length == 0) + *ret = 0; + else if (value->length == sizeof(*ret)) + memcpy(ret, value->value, sizeof(*ret)); + else + return GSS_S_UNAVAILABLE; + + return GSS_S_COMPLETE; +} + +static OM_uint32 +set_int32(OM_uint32 *minor_status, + const gss_buffer_t value, + OM_uint32 set) +{ + *minor_status = 0; + if (value->length == sizeof(set)) + memcpy(value->value, &set, sizeof(set)); + else + return GSS_S_UNAVAILABLE; + + return GSS_S_COMPLETE; +} + +OM_uint32 GSSAPI_CALLCONV _gsskrb5_set_sec_context_option (OM_uint32 *minor_status, gss_ctx_id_t *context_handle, @@ -126,11 +154,10 @@ _gsskrb5_set_sec_context_option if (maj_stat != GSS_S_COMPLETE) return maj_stat; - _gsskrb5_register_acceptor_identity(str); + maj_stat = _gsskrb5_register_acceptor_identity(minor_status, str); free(str); - *minor_status = 0; - return GSS_S_COMPLETE; + return maj_stat; } else if (gss_oid_equal(desired_object, GSS_KRB5_SET_DEFAULT_REALM_X)) { char *str; @@ -162,7 +189,7 @@ _gsskrb5_set_sec_context_option } memcpy(&c, value->value, sizeof(c)); krb5_set_send_to_kdc_func(context, - (krb5_send_to_kdc_func)c.func, + (krb5_send_to_kdc_func)c.func, c.ptr); } @@ -185,6 +212,47 @@ _gsskrb5_set_sec_context_option return GSS_S_FAILURE; return GSS_S_COMPLETE; + } else if (gss_oid_equal(desired_object, GSS_KRB5_SET_TIME_OFFSET_X)) { + OM_uint32 offset; + time_t t; + + maj_stat = get_int32(minor_status, value, &offset); + if (maj_stat != GSS_S_COMPLETE) + return maj_stat; + + t = time(NULL) + offset; + + krb5_set_real_time(context, t, 0); + + *minor_status = 0; + return GSS_S_COMPLETE; + } else if (gss_oid_equal(desired_object, GSS_KRB5_GET_TIME_OFFSET_X)) { + krb5_timestamp sec; + int32_t usec; + time_t t; + + t = time(NULL); + + krb5_us_timeofday (context, &sec, &usec); + + maj_stat = set_int32(minor_status, value, sec - t); + if (maj_stat != GSS_S_COMPLETE) + return maj_stat; + + *minor_status = 0; + return GSS_S_COMPLETE; + } else if (gss_oid_equal(desired_object, GSS_KRB5_PLUGIN_REGISTER_X)) { + struct gsskrb5_krb5_plugin c; + + if (value->length != sizeof(c)) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + memcpy(&c, value->value, sizeof(c)); + krb5_plugin_register(context, c.type, c.name, c.symbol); + + *minor_status = 0; + return GSS_S_COMPLETE; } *minor_status = EINVAL; diff --git a/lib/gssapi/krb5/store_cred.c b/lib/gssapi/krb5/store_cred.c new file mode 100644 index 000000000000..a3aa2fb83e71 --- /dev/null +++ b/lib/gssapi/krb5/store_cred.c @@ -0,0 +1,116 @@ +/* + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gsskrb5_locl.h" + +OM_uint32 GSSAPI_CALLCONV +_gsskrb5_store_cred(OM_uint32 *minor_status, + gss_cred_id_t input_cred_handle, + gss_cred_usage_t cred_usage, + const gss_OID desired_mech, + OM_uint32 overwrite_cred, + OM_uint32 default_cred, + gss_OID_set *elements_stored, + gss_cred_usage_t *cred_usage_stored) +{ + krb5_context context; + krb5_error_code ret; + gsskrb5_cred cred; + krb5_ccache id; + int destroy = 0; + + *minor_status = 0; + + if (cred_usage != GSS_C_INITIATE) { + *minor_status = GSS_KRB5_S_G_BAD_USAGE; + return GSS_S_FAILURE; + } + + if (gss_oid_equal(desired_mech, GSS_KRB5_MECHANISM) == 0) + return GSS_S_BAD_MECH; + + cred = (gsskrb5_cred)input_cred_handle; + if (cred == NULL) + return GSS_S_NO_CRED; + + GSSAPI_KRB5_INIT (&context); + + HEIMDAL_MUTEX_lock(&cred->cred_id_mutex); + if (cred->usage != cred_usage && cred->usage != GSS_C_BOTH) { + HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); + *minor_status = GSS_KRB5_S_G_BAD_USAGE; + return(GSS_S_FAILURE); + } + + if (cred->principal == NULL) { + HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); + *minor_status = GSS_KRB5_S_KG_TGT_MISSING; + return(GSS_S_FAILURE); + } + + /* write out cred to credential cache */ + + ret = krb5_cc_cache_match(context, cred->principal, &id); + if (ret) { + ret = krb5_cc_new_unique(context, NULL, NULL, &id); + if (ret) { + HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); + *minor_status = ret; + return(GSS_S_FAILURE); + } + destroy = 1; + } + + ret = krb5_cc_initialize(context, id, cred->principal); + if (ret == 0) + ret = krb5_cc_copy_match_f(context, cred->ccache, id, NULL, NULL, NULL); + if (ret) { + if (destroy) + krb5_cc_destroy(context, id); + else + krb5_cc_close(context, id); + HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); + *minor_status = ret; + return(GSS_S_FAILURE); + } + + if (default_cred) + krb5_cc_switch(context, id); + + krb5_cc_close(context, id); + + HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); + + *minor_status = 0; + return GSS_S_COMPLETE; +} diff --git a/lib/gssapi/krb5/test_cfx.c b/lib/gssapi/krb5/test_cfx.c index b4536228a6e1..0b196fcad24d 100644 --- a/lib/gssapi/krb5/test_cfx.c +++ b/lib/gssapi/krb5/test_cfx.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -31,9 +31,7 @@ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: test_cfx.c 19031 2006-11-13 18:02:57Z lha $"); +#include "gsskrb5_locl.h" struct range { size_t lower; @@ -49,22 +47,28 @@ struct range tests[] = { }; static void -test_range(const struct range *r, int integ, +test_range(const struct range *r, int integ, krb5_context context, krb5_crypto crypto) { krb5_error_code ret; size_t size, rsize; + struct gsskrb5_ctx ctx; for (size = r->lower; size < r->upper; size++) { - OM_uint32 max_wrap_size; size_t cksumsize; uint16_t padsize; + OM_uint32 minor; + OM_uint32 max_wrap_size; - ret = _gsskrb5cfx_max_wrap_length_cfx(context, - crypto, - integ, - size, - &max_wrap_size); + ctx.crypto = crypto; + + ret = _gssapi_wrap_size_cfx(&minor, + &ctx, + context, + integ, + 0, + size, + &max_wrap_size); if (ret) krb5_errx(context, 1, "_gsskrb5cfx_max_wrap_length_cfx: %d", ret); if (max_wrap_size == 0) @@ -73,13 +77,14 @@ test_range(const struct range *r, int integ, ret = _gsskrb5cfx_wrap_length_cfx(context, crypto, integ, + 0, max_wrap_size, &rsize, &cksumsize, &padsize); if (ret) krb5_errx(context, 1, "_gsskrb5cfx_wrap_length_cfx: %d", ret); if (size < rsize) - krb5_errx(context, 1, + krb5_errx(context, 1, "size (%d) < rsize (%d) for max_wrap_size %d", (int)size, (int)rsize, (int)max_wrap_size); } @@ -94,25 +99,34 @@ test_special(krb5_context context, krb5_crypto crypto, OM_uint32 max_wrap_size; size_t cksumsize; uint16_t padsize; + struct gsskrb5_ctx ctx; + OM_uint32 minor; - ret = _gsskrb5cfx_max_wrap_length_cfx(context, - crypto, - integ, - testsize, - &max_wrap_size); + ctx.crypto = crypto; + + ret = _gssapi_wrap_size_cfx(&minor, + &ctx, + context, + integ, + 0, + testsize, + &max_wrap_size); + if (ret) + krb5_errx(context, 1, "_gsskrb5cfx_max_wrap_length_cfx: %d", ret); if (ret) krb5_errx(context, 1, "_gsskrb5cfx_max_wrap_length_cfx: %d", ret); - + ret = _gsskrb5cfx_wrap_length_cfx(context, crypto, integ, + 0, max_wrap_size, &rsize, &cksumsize, &padsize); if (ret) krb5_errx(context, 1, "_gsskrb5cfx_wrap_length_cfx: %d", ret); - + if (testsize < rsize) - krb5_errx(context, 1, + krb5_errx(context, 1, "testsize (%d) < rsize (%d) for max_wrap_size %d", (int)testsize, (int)rsize, (int)max_wrap_size); } @@ -132,8 +146,8 @@ main(int argc, char **argv) ret = krb5_init_context(&context); if (ret) errx(1, "krb5_context_init: %d", ret); - - ret = krb5_generate_random_keyblock(context, + + ret = krb5_generate_random_keyblock(context, ENCTYPE_AES256_CTS_HMAC_SHA1_96, &keyblock); if (ret) diff --git a/lib/gssapi/krb5/ticket_flags.c b/lib/gssapi/krb5/ticket_flags.c index 51d8159262af..df5f11d8f737 100644 --- a/lib/gssapi/krb5/ticket_flags.c +++ b/lib/gssapi/krb5/ticket_flags.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: ticket_flags.c 18334 2006-10-07 22:16:04Z lha $"); +#include "gsskrb5_locl.h" OM_uint32 _gsskrb5_get_tkt_flags(OM_uint32 *minor_status, diff --git a/lib/gssapi/krb5/unwrap.c b/lib/gssapi/krb5/unwrap.c index d0a33d86fbfc..d6bc20477787 100644 --- a/lib/gssapi/krb5/unwrap.c +++ b/lib/gssapi/krb5/unwrap.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: unwrap.c 19031 2006-11-13 18:02:57Z lha $"); +#ifdef HEIM_WEAK_CRYPTO static OM_uint32 unwrap_des @@ -48,21 +48,29 @@ unwrap_des { u_char *p, *seq; size_t len; - MD5_CTX md5; + EVP_MD_CTX *md5; u_char hash[16]; + EVP_CIPHER_CTX des_ctx; DES_key_schedule schedule; DES_cblock deskey; DES_cblock zero; - int i; + size_t i; uint32_t seq_number; size_t padlength; OM_uint32 ret; int cstate; int cmp; + int token_len; + + if (IS_DCE_STYLE(context_handle)) { + token_len = 22 + 8 + 15; /* 45 */ + } else { + token_len = input_message_buffer->length; + } p = input_message_buffer->value; ret = _gsskrb5_verify_header (&p, - input_message_buffer->length, + token_len, "\x02\x01", GSS_KRB5_MECHANISM); if (ret) @@ -90,49 +98,56 @@ unwrap_des if(cstate) { /* decrypt data */ memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); + memset (&zero, 0, sizeof(zero)); for (i = 0; i < sizeof(deskey); ++i) deskey[i] ^= 0xf0; - DES_set_key (&deskey, &schedule); - memset (&zero, 0, sizeof(zero)); - DES_cbc_encrypt ((void *)p, - (void *)p, - input_message_buffer->length - len, - &schedule, - &zero, - DES_DECRYPT); - - memset (deskey, 0, sizeof(deskey)); + + + EVP_CIPHER_CTX_init(&des_ctx); + EVP_CipherInit_ex(&des_ctx, EVP_des_cbc(), NULL, deskey, zero, 0); + EVP_Cipher(&des_ctx, p, p, input_message_buffer->length - len); + EVP_CIPHER_CTX_cleanup(&des_ctx); + memset (&schedule, 0, sizeof(schedule)); } - /* check pad */ - ret = _gssapi_verify_pad(input_message_buffer, - input_message_buffer->length - len, - &padlength); - if (ret) - return ret; - MD5_Init (&md5); - MD5_Update (&md5, p - 24, 8); - MD5_Update (&md5, p, input_message_buffer->length - len); - MD5_Final (hash, &md5); + if (IS_DCE_STYLE(context_handle)) { + padlength = 0; + } else { + /* check pad */ + ret = _gssapi_verify_pad(input_message_buffer, + input_message_buffer->length - len, + &padlength); + if (ret) + return ret; + } + + md5 = EVP_MD_CTX_create(); + EVP_DigestInit_ex(md5, EVP_md5(), NULL); + EVP_DigestUpdate(md5, p - 24, 8); + EVP_DigestUpdate(md5, p, input_message_buffer->length - len); + EVP_DigestFinal_ex(md5, hash, NULL); + EVP_MD_CTX_destroy(md5); memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - DES_set_key (&deskey, &schedule); + DES_set_key_unchecked (&deskey, &schedule); DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), &schedule, &zero); - if (memcmp (p - 8, hash, 8) != 0) + if (ct_memcmp (p - 8, hash, 8) != 0) return GSS_S_BAD_MIC; /* verify sequence number */ - + HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); p -= 16; - DES_set_key (&deskey, &schedule); - DES_cbc_encrypt ((void *)p, (void *)p, 8, - &schedule, (DES_cblock *)hash, DES_DECRYPT); + + EVP_CIPHER_CTX_init(&des_ctx); + EVP_CipherInit_ex(&des_ctx, EVP_des_cbc(), NULL, key->keyvalue.data, hash, 0); + EVP_Cipher(&des_ctx, p, p, 8); + EVP_CIPHER_CTX_cleanup(&des_ctx); memset (deskey, 0, sizeof(deskey)); memset (&schedule, 0, sizeof(schedule)); @@ -141,9 +156,9 @@ unwrap_des _gsskrb5_decode_om_uint32(seq, &seq_number); if (context_handle->more_flags & LOCAL) - cmp = memcmp(&seq[4], "\xff\xff\xff\xff", 4); + cmp = ct_memcmp(&seq[4], "\xff\xff\xff\xff", 4); else - cmp = memcmp(&seq[4], "\x00\x00\x00\x00", 4); + cmp = ct_memcmp(&seq[4], "\x00\x00\x00\x00", 4); if (cmp != 0) { HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); @@ -170,6 +185,7 @@ unwrap_des output_message_buffer->length); return GSS_S_COMPLETE; } +#endif static OM_uint32 unwrap_des3 @@ -195,10 +211,17 @@ unwrap_des3 krb5_crypto crypto; Checksum csum; int cmp; + int token_len; + + if (IS_DCE_STYLE(context_handle)) { + token_len = 34 + 8 + 15; /* 57 */ + } else { + token_len = input_message_buffer->length; + } p = input_message_buffer->value; ret = _gsskrb5_verify_header (&p, - input_message_buffer->length, + token_len, "\x02\x01", GSS_KRB5_MECHANISM); if (ret) @@ -207,16 +230,16 @@ unwrap_des3 if (memcmp (p, "\x04\x00", 2) != 0) /* HMAC SHA1 DES3_KD */ return GSS_S_BAD_SIG; p += 2; - if (memcmp (p, "\x02\x00", 2) == 0) { + if (ct_memcmp (p, "\x02\x00", 2) == 0) { cstate = 1; - } else if (memcmp (p, "\xff\xff", 2) == 0) { + } else if (ct_memcmp (p, "\xff\xff", 2) == 0) { cstate = 0; } else return GSS_S_BAD_MIC; p += 2; if(conf_state != NULL) *conf_state = cstate; - if (memcmp (p, "\xff\xff", 2) != 0) + if (ct_memcmp (p, "\xff\xff", 2) != 0) return GSS_S_DEFECTIVE_TOKEN; p += 2; p += 28; @@ -245,15 +268,20 @@ unwrap_des3 memcpy (p, tmp.data, tmp.length); krb5_data_free(&tmp); } - /* check pad */ - ret = _gssapi_verify_pad(input_message_buffer, - input_message_buffer->length - len, - &padlength); - if (ret) - return ret; + + if (IS_DCE_STYLE(context_handle)) { + padlength = 0; + } else { + /* check pad */ + ret = _gssapi_verify_pad(input_message_buffer, + input_message_buffer->length - len, + &padlength); + if (ret) + return ret; + } /* verify sequence number */ - + HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); p -= 28; @@ -292,10 +320,10 @@ unwrap_des3 _gsskrb5_decode_om_uint32(seq, &seq_number); if (context_handle->more_flags & LOCAL) - cmp = memcmp(&seq[4], "\xff\xff\xff\xff", 4); + cmp = ct_memcmp(&seq[4], "\xff\xff\xff\xff", 4); else - cmp = memcmp(&seq[4], "\x00\x00\x00\x00", 4); - + cmp = ct_memcmp(&seq[4], "\x00\x00\x00\x00", 4); + krb5_data_free (&seq_data); if (cmp != 0) { *minor_status = 0; @@ -352,7 +380,7 @@ unwrap_des3 return GSS_S_COMPLETE; } -OM_uint32 _gsskrb5_unwrap +OM_uint32 GSSAPI_CALLCONV _gsskrb5_unwrap (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t input_message_buffer, @@ -369,11 +397,16 @@ OM_uint32 _gsskrb5_unwrap output_message_buffer->value = NULL; output_message_buffer->length = 0; + if (qop_state != NULL) + *qop_state = GSS_C_QOP_DEFAULT; GSSAPI_KRB5_INIT (&context); - if (qop_state != NULL) - *qop_state = GSS_C_QOP_DEFAULT; + if (ctx->more_flags & IS_CFX) + return _gssapi_unwrap_cfx (minor_status, ctx, context, + input_message_buffer, output_message_buffer, + conf_state, qop_state); + HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); ret = _gsskrb5i_get_token_key(ctx, context, &key); HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); @@ -387,9 +420,13 @@ OM_uint32 _gsskrb5_unwrap switch (keytype) { case KEYTYPE_DES : +#ifdef HEIM_WEAK_CRYPTO ret = unwrap_des (minor_status, ctx, input_message_buffer, output_message_buffer, conf_state, qop_state, key); +#else + ret = GSS_S_FAILURE; +#endif break; case KEYTYPE_DES3 : ret = unwrap_des3 (minor_status, ctx, context, @@ -403,9 +440,7 @@ OM_uint32 _gsskrb5_unwrap conf_state, qop_state, key); break; default : - ret = _gssapi_unwrap_cfx (minor_status, ctx, context, - input_message_buffer, output_message_buffer, - conf_state, qop_state, key); + abort(); break; } krb5_free_keyblock (context, key); diff --git a/lib/gssapi/krb5/v1.c b/lib/gssapi/krb5/v1.c deleted file mode 100644 index c5ebeb9dd77e..000000000000 --- a/lib/gssapi/krb5/v1.c +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: v1.c 18334 2006-10-07 22:16:04Z lha $"); - -/* These functions are for V1 compatibility */ - -OM_uint32 _gsskrb5_sign - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - int qop_req, - gss_buffer_t message_buffer, - gss_buffer_t message_token - ) -{ - return _gsskrb5_get_mic(minor_status, - context_handle, - (gss_qop_t)qop_req, - message_buffer, - message_token); -} - -OM_uint32 _gsskrb5_verify - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - gss_buffer_t message_buffer, - gss_buffer_t token_buffer, - int * qop_state - ) -{ - return _gsskrb5_verify_mic(minor_status, - context_handle, - message_buffer, - token_buffer, - (gss_qop_t *)qop_state); -} - -OM_uint32 _gsskrb5_seal - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - int conf_req_flag, - int qop_req, - gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer - ) -{ - return _gsskrb5_wrap(minor_status, - context_handle, - conf_req_flag, - (gss_qop_t)qop_req, - input_message_buffer, - conf_state, - output_message_buffer); -} - -OM_uint32 _gsskrb5_unseal - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - int * qop_state - ) -{ - return _gsskrb5_unwrap(minor_status, - context_handle, - input_message_buffer, - output_message_buffer, - conf_state, - (gss_qop_t *)qop_state); -} diff --git a/lib/gssapi/krb5/verify_mic.c b/lib/gssapi/krb5/verify_mic.c index 52381afcc28a..3123787ff474 100644 --- a/lib/gssapi/krb5/verify_mic.c +++ b/lib/gssapi/krb5/verify_mic.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" +#include "gsskrb5_locl.h" -RCSID("$Id: verify_mic.c 19031 2006-11-13 18:02:57Z lha $"); +#ifdef HEIM_WEAK_CRYPTO static OM_uint32 verify_mic_des @@ -44,13 +44,14 @@ verify_mic_des const gss_buffer_t token_buffer, gss_qop_t * qop_state, krb5_keyblock *key, - char *type + const char *type ) { u_char *p; - MD5_CTX md5; + EVP_MD_CTX *md5; u_char hash[16], *seq; DES_key_schedule schedule; + EVP_CIPHER_CTX des_ctx; DES_cblock zero; DES_cblock deskey; uint32_t seq_number; @@ -74,32 +75,35 @@ verify_mic_des p += 16; /* verify checksum */ - MD5_Init (&md5); - MD5_Update (&md5, p - 24, 8); - MD5_Update (&md5, message_buffer->value, - message_buffer->length); - MD5_Final (hash, &md5); + md5 = EVP_MD_CTX_create(); + EVP_DigestInit_ex(md5, EVP_md5(), NULL); + EVP_DigestUpdate(md5, p - 24, 8); + EVP_DigestUpdate(md5, message_buffer->value, message_buffer->length); + EVP_DigestFinal_ex(md5, hash, NULL); + EVP_MD_CTX_destroy(md5); memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - DES_set_key (&deskey, &schedule); + DES_set_key_unchecked (&deskey, &schedule); DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), &schedule, &zero); - if (memcmp (p - 8, hash, 8) != 0) { + if (ct_memcmp (p - 8, hash, 8) != 0) { memset (deskey, 0, sizeof(deskey)); memset (&schedule, 0, sizeof(schedule)); return GSS_S_BAD_MIC; } /* verify sequence number */ - + HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); p -= 16; - DES_set_key (&deskey, &schedule); - DES_cbc_encrypt ((void *)p, (void *)p, 8, - &schedule, (DES_cblock *)hash, DES_DECRYPT); + + EVP_CIPHER_CTX_init(&des_ctx); + EVP_CipherInit_ex(&des_ctx, EVP_des_cbc(), NULL, key->keyvalue.data, hash, 0); + EVP_Cipher(&des_ctx, p, p, 8); + EVP_CIPHER_CTX_cleanup(&des_ctx); memset (deskey, 0, sizeof(deskey)); memset (&schedule, 0, sizeof(schedule)); @@ -108,9 +112,9 @@ verify_mic_des _gsskrb5_decode_om_uint32(seq, &seq_number); if (context_handle->more_flags & LOCAL) - cmp = memcmp(&seq[4], "\xff\xff\xff\xff", 4); + cmp = ct_memcmp(&seq[4], "\xff\xff\xff\xff", 4); else - cmp = memcmp(&seq[4], "\x00\x00\x00\x00", 4); + cmp = ct_memcmp(&seq[4], "\x00\x00\x00\x00", 4); if (cmp != 0) { HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); @@ -127,6 +131,7 @@ verify_mic_des return GSS_S_COMPLETE; } +#endif static OM_uint32 verify_mic_des3 @@ -137,7 +142,7 @@ verify_mic_des3 const gss_buffer_t token_buffer, gss_qop_t * qop_state, krb5_keyblock *key, - char *type + const char *type ) { u_char *p; @@ -150,7 +155,7 @@ verify_mic_des3 Checksum csum; char *tmp; char ivec[8]; - + p = token_buffer->value; ret = _gsskrb5_verify_header (&p, token_buffer->length, @@ -209,9 +214,9 @@ verify_mic_des3 _gsskrb5_decode_om_uint32(seq, &seq_number); if (context_handle->more_flags & LOCAL) - cmp = memcmp(&seq[4], "\xff\xff\xff\xff", 4); + cmp = ct_memcmp(&seq[4], "\xff\xff\xff\xff", 4); else - cmp = memcmp(&seq[4], "\x00\x00\x00\x00", 4); + cmp = ct_memcmp(&seq[4], "\x00\x00\x00\x00", 4); krb5_data_free (&seq_data); if (cmp != 0) { @@ -266,21 +271,26 @@ verify_mic_des3 OM_uint32 _gsskrb5_verify_mic_internal (OM_uint32 * minor_status, - const gsskrb5_ctx context_handle, + const gsskrb5_ctx ctx, krb5_context context, const gss_buffer_t message_buffer, const gss_buffer_t token_buffer, gss_qop_t * qop_state, - char * type + const char * type ) { krb5_keyblock *key; OM_uint32 ret; krb5_keytype keytype; - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - ret = _gsskrb5i_get_token_key(context_handle, context, &key); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); + if (ctx->more_flags & IS_CFX) + return _gssapi_verify_mic_cfx (minor_status, ctx, + context, message_buffer, token_buffer, + qop_state); + + HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); + ret = _gsskrb5i_get_token_key(ctx, context, &key); + HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); if (ret) { *minor_status = ret; return GSS_S_FAILURE; @@ -289,35 +299,35 @@ _gsskrb5_verify_mic_internal krb5_enctype_to_keytype (context, key->keytype, &keytype); switch (keytype) { case KEYTYPE_DES : - ret = verify_mic_des (minor_status, context_handle, context, +#ifdef HEIM_WEAK_CRYPTO + ret = verify_mic_des (minor_status, ctx, context, message_buffer, token_buffer, qop_state, key, type); +#else + ret = GSS_S_FAILURE; +#endif break; case KEYTYPE_DES3 : - ret = verify_mic_des3 (minor_status, context_handle, context, + ret = verify_mic_des3 (minor_status, ctx, context, message_buffer, token_buffer, qop_state, key, type); break; case KEYTYPE_ARCFOUR : case KEYTYPE_ARCFOUR_56 : - ret = _gssapi_verify_mic_arcfour (minor_status, context_handle, + ret = _gssapi_verify_mic_arcfour (minor_status, ctx, context, message_buffer, token_buffer, qop_state, key, type); break; default : - ret = _gssapi_verify_mic_cfx (minor_status, context_handle, - context, - message_buffer, token_buffer, qop_state, - key); - break; + abort(); } krb5_free_keyblock (context, key); - + return ret; } -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_verify_mic (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, @@ -334,11 +344,11 @@ _gsskrb5_verify_mic if (qop_state != NULL) *qop_state = GSS_C_QOP_DEFAULT; - ret = _gsskrb5_verify_mic_internal(minor_status, + ret = _gsskrb5_verify_mic_internal(minor_status, (gsskrb5_ctx)context_handle, context, message_buffer, token_buffer, - qop_state, "\x01\x01"); + qop_state, (void *)(intptr_t)"\x01\x01"); return ret; } diff --git a/lib/gssapi/krb5/wrap.c b/lib/gssapi/krb5/wrap.c index d41379870ae9..1026e41914e9 100644 --- a/lib/gssapi/krb5/wrap.c +++ b/lib/gssapi/krb5/wrap.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: wrap.c 19035 2006-11-14 09:49:56Z lha $"); +#include "gsskrb5_locl.h" /* * Return initiator subkey, or if that doesn't exists, the subkey. @@ -49,19 +47,19 @@ _gsskrb5i_get_initiator_subkey(const gsskrb5_ctx ctx, if (ctx->more_flags & LOCAL) { ret = krb5_auth_con_getlocalsubkey(context, - ctx->auth_context, + ctx->auth_context, key); } else { ret = krb5_auth_con_getremotesubkey(context, - ctx->auth_context, + ctx->auth_context, key); } if (ret == 0 && *key == NULL) ret = krb5_auth_con_getkey(context, - ctx->auth_context, + ctx->auth_context, key); if (ret == 0 && *key == NULL) { - krb5_set_error_string(context, "No initiator subkey available"); + krb5_set_error_message(context, 0, "No initiator subkey available"); return GSS_KRB5_S_KG_NO_SUBKEY; } return ret; @@ -77,15 +75,15 @@ _gsskrb5i_get_acceptor_subkey(const gsskrb5_ctx ctx, if (ctx->more_flags & LOCAL) { ret = krb5_auth_con_getremotesubkey(context, - ctx->auth_context, + ctx->auth_context, key); } else { ret = krb5_auth_con_getlocalsubkey(context, - ctx->auth_context, + ctx->auth_context, key); } if (ret == 0 && *key == NULL) { - krb5_set_error_string(context, "No acceptor subkey available"); + krb5_set_error_message(context, 0, "No acceptor subkey available"); return GSS_KRB5_S_KG_NO_SUBKEY; } return ret; @@ -106,7 +104,7 @@ _gsskrb5i_get_token_key(const gsskrb5_ctx ctx, _gsskrb5i_get_initiator_subkey(ctx, context, key); } if (*key == NULL) { - krb5_set_error_string(context, "No token key available"); + krb5_set_error_message(context, 0, "No token key available"); return GSS_KRB5_S_KG_NO_SUBKEY; } return 0; @@ -120,7 +118,7 @@ sub_wrap_size ( int extrasize ) { - size_t len, total_len; + size_t len, total_len; len = 8 + req_output_size + blocksize + extrasize; @@ -136,7 +134,7 @@ sub_wrap_size ( return GSS_S_COMPLETE; } -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gsskrb5_wrap_size_limit ( OM_uint32 * minor_status, const gss_ctx_id_t context_handle, @@ -154,6 +152,11 @@ _gsskrb5_wrap_size_limit ( GSSAPI_KRB5_INIT (&context); + if (ctx->more_flags & IS_CFX) + return _gssapi_wrap_size_cfx(minor_status, ctx, context, + conf_req_flag, qop_req, + req_output_size, max_input_size); + HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); ret = _gsskrb5i_get_token_key(ctx, context, &key); HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); @@ -165,21 +168,23 @@ _gsskrb5_wrap_size_limit ( switch (keytype) { case KEYTYPE_DES : +#ifdef HEIM_WEAK_CRYPTO ret = sub_wrap_size(req_output_size, max_input_size, 8, 22); +#else + ret = GSS_S_FAILURE; +#endif break; - case KEYTYPE_ARCFOUR: - case KEYTYPE_ARCFOUR_56: + case ENCTYPE_ARCFOUR_HMAC_MD5: + case ENCTYPE_ARCFOUR_HMAC_MD5_56: ret = _gssapi_wrap_size_arcfour(minor_status, ctx, context, - conf_req_flag, qop_req, + conf_req_flag, qop_req, req_output_size, max_input_size, key); break; case KEYTYPE_DES3 : ret = sub_wrap_size(req_output_size, max_input_size, 8, 34); break; default : - ret = _gssapi_wrap_size_cfx(minor_status, ctx, context, - conf_req_flag, qop_req, - req_output_size, max_input_size, key); + abort(); break; } krb5_free_keyblock (context, key); @@ -187,6 +192,8 @@ _gsskrb5_wrap_size_limit ( return ret; } +#ifdef HEIM_WEAK_CRYPTO + static OM_uint32 wrap_des (OM_uint32 * minor_status, @@ -201,19 +208,29 @@ wrap_des ) { u_char *p; - MD5_CTX md5; + EVP_MD_CTX *md5; u_char hash[16]; DES_key_schedule schedule; + EVP_CIPHER_CTX des_ctx; DES_cblock deskey; DES_cblock zero; - int i; + size_t i; int32_t seq_number; size_t len, total_len, padlength, datalen; - padlength = 8 - (input_message_buffer->length % 8); - datalen = input_message_buffer->length + padlength + 8; - len = datalen + 22; - _gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM); + if (IS_DCE_STYLE(ctx)) { + padlength = 0; + datalen = input_message_buffer->length; + len = 22 + 8; + _gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM); + total_len += datalen; + datalen += 8; + } else { + padlength = 8 - (input_message_buffer->length % 8); + datalen = input_message_buffer->length + padlength + 8; + len = datalen + 22; + _gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM); + } output_message_buffer->length = total_len; output_message_buffer->value = malloc (total_len); @@ -252,14 +269,16 @@ wrap_des memset (p + 8 + input_message_buffer->length, padlength, padlength); /* checksum */ - MD5_Init (&md5); - MD5_Update (&md5, p - 24, 8); - MD5_Update (&md5, p, datalen); - MD5_Final (hash, &md5); + md5 = EVP_MD_CTX_create(); + EVP_DigestInit_ex(md5, EVP_md5(), NULL); + EVP_DigestUpdate(md5, p - 24, 8); + EVP_DigestUpdate(md5, p, datalen); + EVP_DigestFinal_ex(md5, hash, NULL); + EVP_MD_CTX_destroy(md5); memset (&zero, 0, sizeof(zero)); memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - DES_set_key (&deskey, &schedule); + DES_set_key_unchecked (&deskey, &schedule); DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), &schedule, &zero); memcpy (p - 8, hash, 8); @@ -279,9 +298,10 @@ wrap_des (ctx->more_flags & LOCAL) ? 0 : 0xFF, 4); - DES_set_key (&deskey, &schedule); - DES_cbc_encrypt ((void *)p, (void *)p, 8, - &schedule, (DES_cblock *)(p + 8), DES_ENCRYPT); + EVP_CIPHER_CTX_init(&des_ctx); + EVP_CipherInit_ex(&des_ctx, EVP_des_cbc(), NULL, key->keyvalue.data, p + 8, 1); + EVP_Cipher(&des_ctx, p, p, 8); + EVP_CIPHER_CTX_cleanup(&des_ctx); krb5_auth_con_setlocalseqnumber (context, ctx->auth_context, @@ -296,14 +316,11 @@ wrap_des for (i = 0; i < sizeof(deskey); ++i) deskey[i] ^= 0xf0; - DES_set_key (&deskey, &schedule); - memset (&zero, 0, sizeof(zero)); - DES_cbc_encrypt ((void *)p, - (void *)p, - datalen, - &schedule, - &zero, - DES_ENCRYPT); + + EVP_CIPHER_CTX_init(&des_ctx); + EVP_CipherInit_ex(&des_ctx, EVP_des_cbc(), NULL, deskey, zero, 1); + EVP_Cipher(&des_ctx, p, p, datalen); + EVP_CIPHER_CTX_cleanup(&des_ctx); } memset (deskey, 0, sizeof(deskey)); memset (&schedule, 0, sizeof(schedule)); @@ -314,6 +331,8 @@ wrap_des return GSS_S_COMPLETE; } +#endif + static OM_uint32 wrap_des3 (OM_uint32 * minor_status, @@ -336,10 +355,19 @@ wrap_des3 Checksum cksum; krb5_data encdata; - padlength = 8 - (input_message_buffer->length % 8); - datalen = input_message_buffer->length + padlength + 8; - len = datalen + 34; - _gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM); + if (IS_DCE_STYLE(ctx)) { + padlength = 0; + datalen = input_message_buffer->length; + len = 34 + 8; + _gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM); + total_len += datalen; + datalen += 8; + } else { + padlength = 8 - (input_message_buffer->length % 8); + datalen = input_message_buffer->length + padlength + 8; + len = datalen + 34; + _gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM); + } output_message_buffer->length = total_len; output_message_buffer->value = malloc (total_len); @@ -352,7 +380,7 @@ wrap_des3 p = _gsskrb5_make_header(output_message_buffer->value, len, "\x02\x01", /* TOK_ID */ - GSS_KRB5_MECHANISM); + GSS_KRB5_MECHANISM); /* SGN_ALG */ memcpy (p, "\x04\x00", 2); /* HMAC SHA1 DES3-KD */ @@ -449,7 +477,7 @@ wrap_des3 *minor_status = ret; return GSS_S_FAILURE; } - + assert (encdata.length == 8); memcpy (p, encdata.data, encdata.length); @@ -496,7 +524,8 @@ wrap_des3 return GSS_S_COMPLETE; } -OM_uint32 _gsskrb5_wrap +OM_uint32 GSSAPI_CALLCONV +_gsskrb5_wrap (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, int conf_req_flag, @@ -512,8 +541,16 @@ OM_uint32 _gsskrb5_wrap krb5_keytype keytype; const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; + output_message_buffer->value = NULL; + output_message_buffer->length = 0; + GSSAPI_KRB5_INIT (&context); + if (ctx->more_flags & IS_CFX) + return _gssapi_wrap_cfx (minor_status, ctx, context, conf_req_flag, + input_message_buffer, conf_state, + output_message_buffer); + HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); ret = _gsskrb5i_get_token_key(ctx, context, &key); HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); @@ -525,9 +562,13 @@ OM_uint32 _gsskrb5_wrap switch (keytype) { case KEYTYPE_DES : +#ifdef HEIM_WEAK_CRYPTO ret = wrap_des (minor_status, ctx, context, conf_req_flag, qop_req, input_message_buffer, conf_state, output_message_buffer, key); +#else + ret = GSS_S_FAILURE; +#endif break; case KEYTYPE_DES3 : ret = wrap_des3 (minor_status, ctx, context, conf_req_flag, @@ -541,9 +582,7 @@ OM_uint32 _gsskrb5_wrap output_message_buffer, key); break; default : - ret = _gssapi_wrap_cfx (minor_status, ctx, context, conf_req_flag, - qop_req, input_message_buffer, conf_state, - output_message_buffer, key); + abort(); break; } krb5_free_keyblock (context, key); diff --git a/lib/gssapi/libgssapi-exports.def b/lib/gssapi/libgssapi-exports.def new file mode 100644 index 000000000000..3cbcc4eb1844 --- /dev/null +++ b/lib/gssapi/libgssapi-exports.def @@ -0,0 +1,189 @@ +EXPORTS + __gss_c_nt_anonymous_oid_desc DATA + __gss_c_nt_export_name_oid_desc DATA + __gss_c_nt_hostbased_service_oid_desc DATA + __gss_c_nt_hostbased_service_x_oid_desc DATA + __gss_c_nt_machine_uid_name_oid_desc DATA + __gss_c_nt_string_uid_name_oid_desc DATA + __gss_c_nt_user_name_oid_desc DATA + __gss_krb5_nt_principal_name_oid_desc DATA + __gss_c_attr_stream_sizes_oid_desc DATA + __gss_c_attr_local_login_user DATA + __gss_c_cred_certificate_oid_desc DATA + __gss_c_cred_password_oid_desc DATA + gss_accept_sec_context + gss_acquire_cred + gss_acquire_cred_with_password + gss_add_buffer_set_member + gss_add_cred + gss_add_cred_with_password + gss_add_oid_set_member + gss_authorize_localname + gss_canonicalize_name + gss_compare_name + gss_context_query_attributes + gss_context_time + gss_create_empty_buffer_set + gss_create_empty_oid_set + gss_decapsulate_token + gss_delete_name_attribute + gss_delete_sec_context + gss_display_mech_attr + gss_display_name + gss_display_name_ext + gss_display_status + gss_duplicate_name + gss_duplicate_oid + gss_encapsulate_token + gss_export_cred + gss_export_name + gss_export_name_composite + gss_export_sec_context + gss_get_mic + gss_get_name_attribute + gss_import_cred + gss_import_name + gss_import_sec_context + gss_indicate_mechs + gss_indicate_mechs_by_attrs + gss_init_sec_context + gss_inquire_attrs_for_mech + gss_inquire_context + gss_inquire_cred + gss_inquire_cred_by_mech + gss_inquire_cred_by_oid + gss_inquire_mech_for_saslname + gss_inquire_mechs_for_name + gss_inquire_name + gss_inquire_names_for_mech + gss_inquire_saslname_for_mech + gss_inquire_sec_context_by_oid ;! + gss_krb5_ccache_name + gss_krb5_copy_ccache + gss_krb5_export_lucid_sec_context + gss_krb5_free_lucid_sec_context + gss_krb5_get_tkt_flags + gss_krb5_import_cred + gss_krb5_set_allowable_enctypes + gss_mg_collect_error + gss_mo_get + gss_mo_set + gss_mo_list + gss_mo_name + gss_name_to_oid + gss_oid_to_name + gss_oid_equal + gss_oid_to_str + gss_pname_to_uid + gss_process_context_token + gss_pseudo_random + gss_release_buffer + gss_release_buffer_set + gss_release_cred + gss_release_iov_buffer + gss_release_name + gss_release_oid + gss_release_oid_set + gss_seal + gss_set_cred_option + gss_set_name_attribute + gss_set_sec_context_option + gss_sign + gss_store_cred + gss_test_oid_set_member + gss_unseal + gss_unwrap + gss_unwrap_iov + gss_userok + gss_verify + gss_verify_mic + gss_wrap + gss_wrap_iov + gss_wrap_iov_length + gss_wrap_size_limit + gsskrb5_extract_authtime_from_sec_context + gsskrb5_extract_authz_data_from_sec_context + gsskrb5_extract_service_keyblock + gsskrb5_get_initiator_subkey + gsskrb5_get_subkey + gsskrb5_get_time_offset + gsskrb5_register_acceptor_identity + gsskrb5_set_default_realm + gsskrb5_set_dns_canonicalize + gsskrb5_set_send_to_kdc + gsskrb5_set_time_offset + krb5_gss_register_acceptor_identity + +; _gsskrb5cfx_ are really internal symbols, but export +; then now to make testing easier. + _gsskrb5cfx_wrap_length_cfx + _gssapi_wrap_size_cfx + + initialize_gk5_error_table_r ;! + + __gss_krb5_copy_ccache_x_oid_desc DATA + __gss_krb5_get_tkt_flags_x_oid_desc DATA + __gss_krb5_extract_authz_data_from_sec_context_x_oid_desc DATA + __gss_krb5_compat_des3_mic_x_oid_desc DATA + __gss_krb5_register_acceptor_identity_x_oid_desc DATA + __gss_krb5_export_lucid_context_x_oid_desc DATA + __gss_krb5_export_lucid_context_v1_x_oid_desc DATA + __gss_krb5_set_dns_canonicalize_x_oid_desc DATA + __gss_krb5_get_subkey_x_oid_desc DATA + __gss_krb5_get_initiator_subkey_x_oid_desc DATA + __gss_krb5_get_acceptor_subkey_x_oid_desc DATA + __gss_krb5_send_to_kdc_x_oid_desc DATA + __gss_krb5_get_authtime_x_oid_desc DATA + __gss_krb5_get_service_keyblock_x_oid_desc DATA + __gss_krb5_set_allowable_enctypes_x_oid_desc DATA + __gss_krb5_set_default_realm_x_oid_desc DATA + __gss_krb5_ccache_name_x_oid_desc DATA + __gss_krb5_set_time_offset_x_oid_desc DATA + __gss_krb5_get_time_offset_x_oid_desc DATA + __gss_krb5_plugin_register_x_oid_desc DATA + __gss_ntlm_get_session_key_x_oid_desc DATA + __gss_c_nt_ntlm_oid_desc DATA + __gss_c_nt_dn_oid_desc DATA + __gss_krb5_nt_principal_name_referral_oid_desc DATA + __gss_c_ntlm_avguest_oid_desc DATA + __gss_c_ntlm_v1_oid_desc DATA + __gss_c_ntlm_v2_oid_desc DATA + __gss_c_ntlm_session_key_oid_desc DATA + __gss_c_ntlm_force_v1_oid_desc DATA + __gss_krb5_cred_no_ci_flags_x_oid_desc DATA + __gss_krb5_import_cred_x_oid_desc DATA + __gss_c_ma_sasl_mech_name_oid_desc DATA + __gss_c_ma_mech_name_oid_desc DATA + __gss_c_ma_mech_description_oid_desc DATA + __gss_sasl_digest_md5_mechanism_oid_desc DATA + __gss_krb5_mechanism_oid_desc DATA + __gss_ntlm_mechanism_oid_desc DATA + __gss_spnego_mechanism_oid_desc DATA + __gss_c_peer_has_updated_spnego_oid_desc DATA + __gss_c_ma_mech_concrete_oid_desc DATA + __gss_c_ma_mech_pseudo_oid_desc DATA + __gss_c_ma_mech_composite_oid_desc DATA + __gss_c_ma_mech_nego_oid_desc DATA + __gss_c_ma_mech_glue_oid_desc DATA + __gss_c_ma_not_mech_oid_desc DATA + __gss_c_ma_deprecated_oid_desc DATA + __gss_c_ma_not_dflt_mech_oid_desc DATA + __gss_c_ma_itok_framed_oid_desc DATA + __gss_c_ma_auth_init_oid_desc DATA + __gss_c_ma_auth_targ_oid_desc DATA + __gss_c_ma_auth_init_init_oid_desc DATA + __gss_c_ma_auth_targ_init_oid_desc DATA + __gss_c_ma_auth_init_anon_oid_desc DATA + __gss_c_ma_auth_targ_anon_oid_desc DATA + __gss_c_ma_deleg_cred_oid_desc DATA + __gss_c_ma_integ_prot_oid_desc DATA + __gss_c_ma_conf_prot_oid_desc DATA + __gss_c_ma_mic_oid_desc DATA + __gss_c_ma_wrap_oid_desc DATA + __gss_c_ma_prot_ready_oid_desc DATA + __gss_c_ma_replay_det_oid_desc DATA + __gss_c_ma_oos_det_oid_desc DATA + __gss_c_ma_cbindings_oid_desc DATA + __gss_c_ma_pfs_oid_desc DATA + __gss_c_ma_compress_oid_desc DATA + __gss_c_ma_ctx_trans_oid_desc DATA diff --git a/lib/gssapi/libgssapi-version.rc b/lib/gssapi/libgssapi-version.rc new file mode 100644 index 000000000000..074066f06825 --- /dev/null +++ b/lib/gssapi/libgssapi-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_DLL +#define RC_FILE_DESC_0409 "Generic Security Service Application Program Interface library" +#define RC_FILE_ORIG_0409 "gssapi.dll" + +#include "../../windows/version.rc" diff --git a/lib/gssapi/mech/compat.h b/lib/gssapi/mech/compat.h new file mode 100644 index 000000000000..e63f1e534306 --- /dev/null +++ b/lib/gssapi/mech/compat.h @@ -0,0 +1,94 @@ +/* + * Copyright (c) 2010, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_saslname_for_mech_t ( + OM_uint32 *, /* minor_status */ + const gss_OID, /* desired_mech */ + gss_buffer_t, /* sasl_mech_name */ + gss_buffer_t, /* mech_name */ + gss_buffer_t /* mech_description */ + ); + +typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_mech_for_saslname_t ( + OM_uint32 *, /* minor_status */ + const gss_buffer_t, /* sasl_mech_name */ + gss_OID * /* mech_type */ + ); + +typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_attrs_for_mech_t ( + OM_uint32 *, /* minor_status */ + gss_const_OID, /* mech */ + gss_OID_set *, /* mech_attrs */ + gss_OID_set * /* known_mech_attrs */ + ); + +typedef OM_uint32 GSSAPI_CALLCONV _gss_acquire_cred_with_password_t + (OM_uint32 *, /* minor_status */ + const gss_name_t, /* desired_name */ + const gss_buffer_t, /* password */ + OM_uint32, /* time_req */ + const gss_OID_set, /* desired_mechs */ + gss_cred_usage_t, /* cred_usage */ + gss_cred_id_t *, /* output_cred_handle */ + gss_OID_set *, /* actual_mechs */ + OM_uint32 * /* time_rec */ + ); + +typedef OM_uint32 GSSAPI_CALLCONV _gss_add_cred_with_password_t ( + OM_uint32 *, /* minor_status */ + const gss_cred_id_t, /* input_cred_handle */ + const gss_name_t, /* desired_name */ + const gss_OID, /* desired_mech */ + const gss_buffer_t, /* password */ + gss_cred_usage_t, /* cred_usage */ + OM_uint32, /* initiator_time_req */ + OM_uint32, /* acceptor_time_req */ + gss_cred_id_t *, /* output_cred_handle */ + gss_OID_set *, /* actual_mechs */ + OM_uint32 *, /* initiator_time_rec */ + OM_uint32 * /* acceptor_time_rec */ + ); + +/* + * API-as-SPI compatibility for compatibility with MIT mechanisms; + * native Heimdal mechanisms should not use these. + */ +struct gss_mech_compat_desc_struct { + _gss_inquire_saslname_for_mech_t *gmc_inquire_saslname_for_mech; + _gss_inquire_mech_for_saslname_t *gmc_inquire_mech_for_saslname; + _gss_inquire_attrs_for_mech_t *gmc_inquire_attrs_for_mech; + _gss_acquire_cred_with_password_t *gmc_acquire_cred_with_password; +#if 0 + _gss_add_cred_with_password_t *gmc_add_cred_with_password; +#endif +}; + diff --git a/lib/gssapi/mech/context.c b/lib/gssapi/mech/context.c new file mode 100644 index 000000000000..5ea0ac466b76 --- /dev/null +++ b/lib/gssapi/mech/context.c @@ -0,0 +1,163 @@ +#include "mech_locl.h" +#include "heim_threads.h" + +struct mg_thread_ctx { + gss_OID mech; + OM_uint32 maj_stat; + OM_uint32 min_stat; + gss_buffer_desc maj_error; + gss_buffer_desc min_error; +}; + +static HEIMDAL_MUTEX context_mutex = HEIMDAL_MUTEX_INITIALIZER; +static int created_key; +static HEIMDAL_thread_key context_key; + + +static void +destroy_context(void *ptr) +{ + struct mg_thread_ctx *mg = ptr; + OM_uint32 junk; + + if (mg == NULL) + return; + + gss_release_buffer(&junk, &mg->maj_error); + gss_release_buffer(&junk, &mg->min_error); + free(mg); +} + + +static struct mg_thread_ctx * +_gss_mechglue_thread(void) +{ + struct mg_thread_ctx *ctx; + int ret = 0; + + HEIMDAL_MUTEX_lock(&context_mutex); + + if (!created_key) { + HEIMDAL_key_create(&context_key, destroy_context, ret); + if (ret) { + HEIMDAL_MUTEX_unlock(&context_mutex); + return NULL; + } + created_key = 1; + } + HEIMDAL_MUTEX_unlock(&context_mutex); + + ctx = HEIMDAL_getspecific(context_key); + if (ctx == NULL) { + + ctx = calloc(1, sizeof(*ctx)); + if (ctx == NULL) + return NULL; + HEIMDAL_setspecific(context_key, ctx, ret); + if (ret) { + free(ctx); + return NULL; + } + } + return ctx; +} + +OM_uint32 +_gss_mg_get_error(const gss_OID mech, OM_uint32 type, + OM_uint32 value, gss_buffer_t string) +{ + struct mg_thread_ctx *mg; + + mg = _gss_mechglue_thread(); + if (mg == NULL) + return GSS_S_BAD_STATUS; + +#if 0 + /* + * We cant check the mech here since a pseudo-mech might have + * called an lower layer and then the mech info is all broken + */ + if (mech != NULL && gss_oid_equal(mg->mech, mech) == 0) + return GSS_S_BAD_STATUS; +#endif + + switch (type) { + case GSS_C_GSS_CODE: { + if (value != mg->maj_stat || mg->maj_error.length == 0) + break; + string->value = malloc(mg->maj_error.length + 1); + string->length = mg->maj_error.length; + memcpy(string->value, mg->maj_error.value, mg->maj_error.length); + ((char *) string->value)[string->length] = '\0'; + return GSS_S_COMPLETE; + } + case GSS_C_MECH_CODE: { + if (value != mg->min_stat || mg->min_error.length == 0) + break; + string->value = malloc(mg->min_error.length + 1); + string->length = mg->min_error.length; + memcpy(string->value, mg->min_error.value, mg->min_error.length); + ((char *) string->value)[string->length] = '\0'; + return GSS_S_COMPLETE; + } + } + string->value = NULL; + string->length = 0; + return GSS_S_BAD_STATUS; +} + +void +_gss_mg_error(gssapi_mech_interface m, OM_uint32 maj, OM_uint32 min) +{ + OM_uint32 major_status, minor_status; + OM_uint32 message_content; + struct mg_thread_ctx *mg; + + /* + * Mechs without gss_display_status() does + * gss_mg_collect_error() by themself. + */ + if (m->gm_display_status == NULL) + return ; + + mg = _gss_mechglue_thread(); + if (mg == NULL) + return; + + gss_release_buffer(&minor_status, &mg->maj_error); + gss_release_buffer(&minor_status, &mg->min_error); + + mg->mech = &m->gm_mech_oid; + mg->maj_stat = maj; + mg->min_stat = min; + + major_status = m->gm_display_status(&minor_status, + maj, + GSS_C_GSS_CODE, + &m->gm_mech_oid, + &message_content, + &mg->maj_error); + if (GSS_ERROR(major_status)) { + mg->maj_error.value = NULL; + mg->maj_error.length = 0; + } + major_status = m->gm_display_status(&minor_status, + min, + GSS_C_MECH_CODE, + &m->gm_mech_oid, + &message_content, + &mg->min_error); + if (GSS_ERROR(major_status)) { + mg->min_error.value = NULL; + mg->min_error.length = 0; + } +} + +void +gss_mg_collect_error(gss_OID mech, OM_uint32 maj, OM_uint32 min) +{ + gssapi_mech_interface m = __gss_get_mechanism(mech); + if (m == NULL) + return; + _gss_mg_error(m, maj, min); +} diff --git a/lib/gssapi/mech/context.h b/lib/gssapi/mech/context.h new file mode 100644 index 000000000000..f2a7009cdad4 --- /dev/null +++ b/lib/gssapi/mech/context.h @@ -0,0 +1,41 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/context.h,v 1.1 2005/12/29 14:40:20 dfr Exp $ + * $Id$ + */ + +#include + +struct _gss_context { + gssapi_mech_interface gc_mech; + gss_ctx_id_t gc_ctx; +}; + +void +_gss_mg_error(gssapi_mech_interface, OM_uint32, OM_uint32); + +OM_uint32 +_gss_mg_get_error(const gss_OID, OM_uint32, OM_uint32, gss_buffer_t); diff --git a/lib/gssapi/mech/cred.h b/lib/gssapi/mech/cred.h new file mode 100644 index 000000000000..5661b5323951 --- /dev/null +++ b/lib/gssapi/mech/cred.h @@ -0,0 +1,57 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/cred.h,v 1.1 2005/12/29 14:40:20 dfr Exp $ + * $Id$ + */ + +struct _gss_mechanism_cred { + HEIM_SLIST_ENTRY(_gss_mechanism_cred) gmc_link; + gssapi_mech_interface gmc_mech; /* mechanism ops for MC */ + gss_OID gmc_mech_oid; /* mechanism oid for MC */ + gss_cred_id_t gmc_cred; /* underlying MC */ +}; +HEIM_SLIST_HEAD(_gss_mechanism_cred_list, _gss_mechanism_cred); + +struct _gss_cred { + struct _gss_mechanism_cred_list gc_mc; +}; + +struct _gss_mechanism_cred * +_gss_copy_cred(struct _gss_mechanism_cred *mc); + +struct _gss_mechanism_name; + +OM_uint32 +_gss_acquire_mech_cred(OM_uint32 *minor_status, + gssapi_mech_interface m, + const struct _gss_mechanism_name *mn, + gss_const_OID credential_type, + const void *credential_data, + OM_uint32 time_req, + gss_const_OID desired_mech, + gss_cred_usage_t cred_usage, + struct _gss_mechanism_cred **output_cred_handle); + diff --git a/lib/gssapi/mech/doxygen.c b/lib/gssapi/mech/doxygen.c new file mode 100644 index 000000000000..a341cba2dac1 --- /dev/null +++ b/lib/gssapi/mech/doxygen.c @@ -0,0 +1,132 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/*! @mainpage Heimdal GSS-API Library + * + * Heimdal implements the following mechanisms: + * + * - Kerberos 5 + * - SPNEGO + * - NTLM + * + * See @ref gssapi_mechs for more describtion about these mechanisms. + * + * The project web page: http://www.h5l.org/ + * + * - @ref gssapi_services_intro + * - @ref gssapi_mechs + * - @ref gssapi_api_INvsMN + */ + +/** + * @page gssapi_services_intro Introduction to GSS-API services + * @section gssapi_services GSS-API services + * + * @subsection gssapi_services_context Context creation + * + * - delegation + * - mutual authentication + * - anonymous + * - use per message before context creation has completed + * + * return status: + * - support conf + * - support int + * + * @subsection gssapi_context_flags Context creation flags + * + * - GSS_C_DELEG_FLAG + * - GSS_C_MUTUAL_FLAG + * - GSS_C_REPLAY_FLAG + * - GSS_C_SEQUENCE_FLAG + * - GSS_C_CONF_FLAG + * - GSS_C_INTEG_FLAG + * - GSS_C_ANON_FLAG + * - GSS_C_PROT_READY_FLAG + * - GSS_C_TRANS_FLAG + * - GSS_C_DCE_STYLE + * - GSS_C_IDENTIFY_FLAG + * - GSS_C_EXTENDED_ERROR_FLAG + * - GSS_C_DELEG_POLICY_FLAG + * + * + * @subsection gssapi_services_permessage Per-message services + * + * - conf + * - int + * - message integrity + * - replay detection + * - out of sequence + * + */ + +/** + * @page gssapi_mechs_intro GSS-API mechanisms + * @section gssapi_mechs GSS-API mechanisms + * + * - Kerberos 5 - GSS_KRB5_MECHANISM + * - SPNEGO - GSS_SPNEGO_MECHANISM + * - NTLM - GSS_NTLM_MECHANISM + + */ + + +/** + * @page internalVSmechname Internal names and mechanism names + * @section gssapi_api_INvsMN Name forms + * + * There are two forms of name in GSS-API, Internal form and + * Contiguous string ("flat") form. gss_export_name() and + * gss_import_name() can be used to convert between the two forms. + * + * - The contiguous string form is described by an oid specificing the + * type and an octet string. A special form of the contiguous + * string form is the exported name object. The exported name + * defined for each mechanism, is something that can be stored and + * complared later. The exported name is what should be used for + * ACLs comparisons. + * + * - The Internal form + * + * There is also special form of the Internal Name (IN), and that is + * the Mechanism Name (MN). In the mechanism name all the generic + * information is stripped of and only contain the information for + * one mechanism. In GSS-API some function return MN and some + * require MN as input. Each of these function is marked up as such. + * + * + * Describe relationship between import_name, canonicalize_name, + * export_name and friends. + */ + +/** @defgroup gssapi Heimdal GSS-API functions */ diff --git a/lib/gssapi/mech/gss_accept_sec_context.c b/lib/gssapi/mech/gss_accept_sec_context.c new file mode 100644 index 000000000000..bf7ea03f72e4 --- /dev/null +++ b/lib/gssapi/mech/gss_accept_sec_context.c @@ -0,0 +1,308 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_accept_sec_context.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +static OM_uint32 +parse_header(const gss_buffer_t input_token, gss_OID mech_oid) +{ + unsigned char *p = input_token->value; + size_t len = input_token->length; + size_t a, b; + + /* + * Token must start with [APPLICATION 0] SEQUENCE. + * But if it doesn't assume it is DCE-STYLE Kerberos! + */ + if (len == 0) + return (GSS_S_DEFECTIVE_TOKEN); + + p++; + len--; + + /* + * Decode the length and make sure it agrees with the + * token length. + */ + if (len == 0) + return (GSS_S_DEFECTIVE_TOKEN); + if ((*p & 0x80) == 0) { + a = *p; + p++; + len--; + } else { + b = *p & 0x7f; + p++; + len--; + if (len < b) + return (GSS_S_DEFECTIVE_TOKEN); + a = 0; + while (b) { + a = (a << 8) | *p; + p++; + len--; + b--; + } + } + if (a != len) + return (GSS_S_DEFECTIVE_TOKEN); + + /* + * Decode the OID for the mechanism. Simplify life by + * assuming that the OID length is less than 128 bytes. + */ + if (len < 2 || *p != 0x06) + return (GSS_S_DEFECTIVE_TOKEN); + if ((p[1] & 0x80) || p[1] > (len - 2)) + return (GSS_S_DEFECTIVE_TOKEN); + mech_oid->length = p[1]; + p += 2; + len -= 2; + mech_oid->elements = p; + + return GSS_S_COMPLETE; +} + +static gss_OID_desc krb5_mechanism = + {9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02")}; +static gss_OID_desc ntlm_mechanism = + {10, rk_UNCONST("\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a")}; +static gss_OID_desc spnego_mechanism = + {6, rk_UNCONST("\x2b\x06\x01\x05\x05\x02")}; + +static OM_uint32 +choose_mech(const gss_buffer_t input, gss_OID mech_oid) +{ + OM_uint32 status; + + /* + * First try to parse the gssapi token header and see if it's a + * correct header, use that in the first hand. + */ + + status = parse_header(input, mech_oid); + if (status == GSS_S_COMPLETE) + return GSS_S_COMPLETE; + + /* + * Lets guess what mech is really is, callback function to mech ?? + */ + + if (input->length > 8 && + memcmp((const char *)input->value, "NTLMSSP\x00", 8) == 0) + { + *mech_oid = ntlm_mechanism; + return GSS_S_COMPLETE; + } else if (input->length != 0 && + ((const char *)input->value)[0] == 0x6E) + { + /* Could be a raw AP-REQ (check for APPLICATION tag) */ + *mech_oid = krb5_mechanism; + return GSS_S_COMPLETE; + } else if (input->length == 0) { + /* + * There is the a wierd mode of SPNEGO (in CIFS and + * SASL GSS-SPENGO where the first token is zero + * length and the acceptor returns a mech_list, lets + * hope that is what is happening now. + * + * http://msdn.microsoft.com/en-us/library/cc213114.aspx + * "NegTokenInit2 Variation for Server-Initiation" + */ + *mech_oid = spnego_mechanism; + return GSS_S_COMPLETE; + } + return status; +} + + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_accept_sec_context(OM_uint32 *minor_status, + gss_ctx_id_t *context_handle, + const gss_cred_id_t acceptor_cred_handle, + const gss_buffer_t input_token, + const gss_channel_bindings_t input_chan_bindings, + gss_name_t *src_name, + gss_OID *mech_type, + gss_buffer_t output_token, + OM_uint32 *ret_flags, + OM_uint32 *time_rec, + gss_cred_id_t *delegated_cred_handle) +{ + OM_uint32 major_status, mech_ret_flags, junk; + gssapi_mech_interface m; + struct _gss_context *ctx = (struct _gss_context *) *context_handle; + struct _gss_cred *cred = (struct _gss_cred *) acceptor_cred_handle; + struct _gss_mechanism_cred *mc; + gss_cred_id_t acceptor_mc, delegated_mc; + gss_name_t src_mn; + gss_OID mech_ret_type = NULL; + + *minor_status = 0; + if (src_name) + *src_name = GSS_C_NO_NAME; + if (mech_type) + *mech_type = GSS_C_NO_OID; + if (ret_flags) + *ret_flags = 0; + if (time_rec) + *time_rec = 0; + if (delegated_cred_handle) + *delegated_cred_handle = GSS_C_NO_CREDENTIAL; + _mg_buffer_zero(output_token); + + + /* + * If this is the first call (*context_handle is NULL), we must + * parse the input token to figure out the mechanism to use. + */ + if (*context_handle == GSS_C_NO_CONTEXT) { + gss_OID_desc mech_oid; + + major_status = choose_mech(input_token, &mech_oid); + if (major_status != GSS_S_COMPLETE) + return major_status; + + /* + * Now that we have a mechanism, we can find the + * implementation. + */ + ctx = malloc(sizeof(struct _gss_context)); + if (!ctx) { + *minor_status = ENOMEM; + return (GSS_S_DEFECTIVE_TOKEN); + } + memset(ctx, 0, sizeof(struct _gss_context)); + m = ctx->gc_mech = __gss_get_mechanism(&mech_oid); + if (!m) { + free(ctx); + return (GSS_S_BAD_MECH); + } + *context_handle = (gss_ctx_id_t) ctx; + } else { + m = ctx->gc_mech; + } + + if (cred) { + HEIM_SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) + if (mc->gmc_mech == m) + break; + if (!mc) { + gss_delete_sec_context(&junk, context_handle, NULL); + return (GSS_S_BAD_MECH); + } + acceptor_mc = mc->gmc_cred; + } else { + acceptor_mc = GSS_C_NO_CREDENTIAL; + } + delegated_mc = GSS_C_NO_CREDENTIAL; + + mech_ret_flags = 0; + major_status = m->gm_accept_sec_context(minor_status, + &ctx->gc_ctx, + acceptor_mc, + input_token, + input_chan_bindings, + &src_mn, + &mech_ret_type, + output_token, + &mech_ret_flags, + time_rec, + &delegated_mc); + if (major_status != GSS_S_COMPLETE && + major_status != GSS_S_CONTINUE_NEEDED) + { + _gss_mg_error(m, major_status, *minor_status); + gss_delete_sec_context(&junk, context_handle, NULL); + return (major_status); + } + + if (mech_type) + *mech_type = mech_ret_type; + + if (src_name && src_mn) { + /* + * Make a new name and mark it as an MN. + */ + struct _gss_name *name = _gss_make_name(m, src_mn); + + if (!name) { + m->gm_release_name(minor_status, &src_mn); + gss_delete_sec_context(&junk, context_handle, NULL); + return (GSS_S_FAILURE); + } + *src_name = (gss_name_t) name; + } else if (src_mn) { + m->gm_release_name(minor_status, &src_mn); + } + + if (mech_ret_flags & GSS_C_DELEG_FLAG) { + if (!delegated_cred_handle) { + m->gm_release_cred(minor_status, &delegated_mc); + mech_ret_flags &= + ~(GSS_C_DELEG_FLAG|GSS_C_DELEG_POLICY_FLAG); + } else if (gss_oid_equal(mech_ret_type, &m->gm_mech_oid) == 0) { + /* + * If the returned mech_type is not the same + * as the mech, assume its pseudo mech type + * and the returned type is already a + * mech-glue object + */ + *delegated_cred_handle = delegated_mc; + + } else if (delegated_mc) { + struct _gss_cred *dcred; + struct _gss_mechanism_cred *dmc; + + dcred = malloc(sizeof(struct _gss_cred)); + if (!dcred) { + *minor_status = ENOMEM; + gss_delete_sec_context(&junk, context_handle, NULL); + return (GSS_S_FAILURE); + } + HEIM_SLIST_INIT(&dcred->gc_mc); + dmc = malloc(sizeof(struct _gss_mechanism_cred)); + if (!dmc) { + free(dcred); + *minor_status = ENOMEM; + gss_delete_sec_context(&junk, context_handle, NULL); + return (GSS_S_FAILURE); + } + dmc->gmc_mech = m; + dmc->gmc_mech_oid = &m->gm_mech_oid; + dmc->gmc_cred = delegated_mc; + HEIM_SLIST_INSERT_HEAD(&dcred->gc_mc, dmc, gmc_link); + + *delegated_cred_handle = (gss_cred_id_t) dcred; + } + } + + if (ret_flags) + *ret_flags = mech_ret_flags; + return (major_status); +} diff --git a/lib/gssapi/mech/gss_acquire_cred.c b/lib/gssapi/mech/gss_acquire_cred.c new file mode 100644 index 000000000000..ade65df8ec86 --- /dev/null +++ b/lib/gssapi/mech/gss_acquire_cred.c @@ -0,0 +1,168 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_acquire_cred.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_acquire_cred(OM_uint32 *minor_status, + const gss_name_t desired_name, + OM_uint32 time_req, + const gss_OID_set desired_mechs, + gss_cred_usage_t cred_usage, + gss_cred_id_t *output_cred_handle, + gss_OID_set *actual_mechs, + OM_uint32 *time_rec) +{ + OM_uint32 major_status; + gss_OID_set mechs = desired_mechs; + gss_OID_set_desc set; + struct _gss_name *name = (struct _gss_name *) desired_name; + gssapi_mech_interface m; + struct _gss_cred *cred; + struct _gss_mechanism_cred *mc; + OM_uint32 min_time, cred_time; + size_t i; + + *minor_status = 0; + if (output_cred_handle == NULL) + return GSS_S_CALL_INACCESSIBLE_READ; + if (actual_mechs) + *actual_mechs = GSS_C_NO_OID_SET; + if (time_rec) + *time_rec = 0; + + _gss_load_mech(); + + /* + * First make sure that at least one of the requested + * mechanisms is one that we support. + */ + if (mechs) { + for (i = 0; i < mechs->count; i++) { + int t; + gss_test_oid_set_member(minor_status, + &mechs->elements[i], _gss_mech_oids, &t); + if (t) + break; + } + if (i == mechs->count) { + *minor_status = 0; + return (GSS_S_BAD_MECH); + } + } + + if (actual_mechs) { + major_status = gss_create_empty_oid_set(minor_status, + actual_mechs); + if (major_status) + return (major_status); + } + + cred = malloc(sizeof(struct _gss_cred)); + if (!cred) { + if (actual_mechs) + gss_release_oid_set(minor_status, actual_mechs); + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + HEIM_SLIST_INIT(&cred->gc_mc); + + if (mechs == GSS_C_NO_OID_SET) + mechs = _gss_mech_oids; + + set.count = 1; + min_time = GSS_C_INDEFINITE; + for (i = 0; i < mechs->count; i++) { + struct _gss_mechanism_name *mn = NULL; + + m = __gss_get_mechanism(&mechs->elements[i]); + if (!m) + continue; + + if (desired_name != GSS_C_NO_NAME) { + major_status = _gss_find_mn(minor_status, name, + &mechs->elements[i], &mn); + if (major_status != GSS_S_COMPLETE) + continue; + } + + mc = malloc(sizeof(struct _gss_mechanism_cred)); + if (!mc) { + continue; + } + mc->gmc_mech = m; + mc->gmc_mech_oid = &m->gm_mech_oid; + + /* + * XXX Probably need to do something with actual_mechs. + */ + set.elements = &mechs->elements[i]; + major_status = m->gm_acquire_cred(minor_status, + (desired_name != GSS_C_NO_NAME + ? mn->gmn_name : GSS_C_NO_NAME), + time_req, &set, cred_usage, + &mc->gmc_cred, NULL, &cred_time); + if (major_status) { + free(mc); + continue; + } + if (cred_time < min_time) + min_time = cred_time; + + if (actual_mechs) { + major_status = gss_add_oid_set_member(minor_status, + mc->gmc_mech_oid, actual_mechs); + if (major_status) { + m->gm_release_cred(minor_status, + &mc->gmc_cred); + free(mc); + continue; + } + } + + HEIM_SLIST_INSERT_HEAD(&cred->gc_mc, mc, gmc_link); + } + + /* + * If we didn't manage to create a single credential, return + * an error. + */ + if (!HEIM_SLIST_FIRST(&cred->gc_mc)) { + free(cred); + if (actual_mechs) + gss_release_oid_set(minor_status, actual_mechs); + *minor_status = 0; + return (GSS_S_NO_CRED); + } + + if (time_rec) + *time_rec = min_time; + *output_cred_handle = (gss_cred_id_t) cred; + *minor_status = 0; + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_acquire_cred_ext.c b/lib/gssapi/mech/gss_acquire_cred_ext.c new file mode 100644 index 000000000000..1cbb29f141f3 --- /dev/null +++ b/lib/gssapi/mech/gss_acquire_cred_ext.c @@ -0,0 +1,193 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Portions Copyright (c) 2011 PADL Software Pty Ltd. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_acquire_cred.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +OM_uint32 +_gss_acquire_mech_cred(OM_uint32 *minor_status, + gssapi_mech_interface m, + const struct _gss_mechanism_name *mn, + gss_const_OID credential_type, + const void *credential_data, + OM_uint32 time_req, + gss_const_OID desired_mech, + gss_cred_usage_t cred_usage, + struct _gss_mechanism_cred **output_cred_handle) +{ + OM_uint32 major_status; + struct _gss_mechanism_cred *mc; + gss_OID_set_desc set2; + + *output_cred_handle = NULL; + + mc = calloc(1, sizeof(struct _gss_mechanism_cred)); + if (mc == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + mc->gmc_mech = m; + mc->gmc_mech_oid = &m->gm_mech_oid; + + set2.count = 1; + set2.elements = mc->gmc_mech_oid; + + if (m->gm_acquire_cred_ext) { + major_status = m->gm_acquire_cred_ext(minor_status, + mn->gmn_name, + credential_type, + credential_data, + time_req, + mc->gmc_mech_oid, + cred_usage, + &mc->gmc_cred); + } else if (gss_oid_equal(credential_type, GSS_C_CRED_PASSWORD) && + m->gm_compat && + m->gm_compat->gmc_acquire_cred_with_password) { + /* + * Shim for mechanisms that adhere to API-as-SPI and do not + * implement gss_acquire_cred_ext(). + */ + + major_status = m->gm_compat->gmc_acquire_cred_with_password(minor_status, + mn->gmn_name, + (const gss_buffer_t)credential_data, + time_req, + &set2, + cred_usage, + &mc->gmc_cred, + NULL, + NULL); + } else if (credential_type == GSS_C_NO_OID) { + major_status = m->gm_acquire_cred(minor_status, + mn->gmn_name, + time_req, + &set2, + cred_usage, + &mc->gmc_cred, + NULL, + NULL); + } else { + major_status = GSS_S_UNAVAILABLE; + free(mc); + mc= NULL; + } + + *output_cred_handle = mc; + return major_status; +} + +OM_uint32 +_gss_acquire_cred_ext(OM_uint32 *minor_status, + const gss_name_t desired_name, + gss_const_OID credential_type, + const void *credential_data, + OM_uint32 time_req, + gss_const_OID desired_mech, + gss_cred_usage_t cred_usage, + gss_cred_id_t *output_cred_handle) +{ + OM_uint32 major_status; + struct _gss_name *name = (struct _gss_name *) desired_name; + gssapi_mech_interface m; + struct _gss_cred *cred; + gss_OID_set_desc set, *mechs; + size_t i; + + *minor_status = 0; + if (output_cred_handle == NULL) + return GSS_S_CALL_INACCESSIBLE_READ; + + _gss_load_mech(); + + if (desired_mech != GSS_C_NO_OID) { + int match = 0; + + gss_test_oid_set_member(minor_status, (gss_OID)desired_mech, + _gss_mech_oids, &match); + if (!match) + return GSS_S_BAD_MECH; + + set.count = 1; + set.elements = (gss_OID)desired_mech; + mechs = &set; + } else + mechs = _gss_mech_oids; + + cred = calloc(1, sizeof(*cred)); + if (cred == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + HEIM_SLIST_INIT(&cred->gc_mc); + + for (i = 0; i < mechs->count; i++) { + struct _gss_mechanism_name *mn = NULL; + struct _gss_mechanism_cred *mc = NULL; + gss_name_t desired_mech_name = GSS_C_NO_NAME; + + m = __gss_get_mechanism(&mechs->elements[i]); + if (!m) + continue; + + if (desired_name != GSS_C_NO_NAME) { + major_status = _gss_find_mn(minor_status, name, + &mechs->elements[i], &mn); + if (major_status != GSS_S_COMPLETE) + continue; + + desired_mech_name = mn->gmn_name; + } + + major_status = _gss_acquire_mech_cred(minor_status, m, mn, + credential_type, credential_data, + time_req, desired_mech, cred_usage, + &mc); + if (GSS_ERROR(major_status)) + continue; + + HEIM_SLIST_INSERT_HEAD(&cred->gc_mc, mc, gmc_link); + } + + /* + * If we didn't manage to create a single credential, return + * an error. + */ + if (!HEIM_SLIST_FIRST(&cred->gc_mc)) { + free(cred); + *minor_status = 0; + return GSS_S_NO_CRED; + } + + *output_cred_handle = (gss_cred_id_t) cred; + *minor_status = 0; + return GSS_S_COMPLETE; +} diff --git a/lib/gssapi/mech/gss_acquire_cred_with_password.c b/lib/gssapi/mech/gss_acquire_cred_with_password.c new file mode 100644 index 000000000000..8c2a6488f8ad --- /dev/null +++ b/lib/gssapi/mech/gss_acquire_cred_with_password.c @@ -0,0 +1,118 @@ +/* + * Copyright (c) 2011, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_acquire_cred_with_password(OM_uint32 *minor_status, + const gss_name_t desired_name, + const gss_buffer_t password, + OM_uint32 time_req, + const gss_OID_set desired_mechs, + gss_cred_usage_t cred_usage, + gss_cred_id_t *output_cred_handle, + gss_OID_set *actual_mechs, + OM_uint32 *time_rec) +{ + OM_uint32 major_status, tmp_minor; + + if (desired_mechs == GSS_C_NO_OID_SET) { + major_status = _gss_acquire_cred_ext(minor_status, + desired_name, + GSS_C_CRED_PASSWORD, + password, + time_req, + GSS_C_NO_OID, + cred_usage, + output_cred_handle); + if (GSS_ERROR(major_status)) + return major_status; + } else { + size_t i; + struct _gss_cred *new_cred; + + new_cred = calloc(1, sizeof(*new_cred)); + if (new_cred == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + HEIM_SLIST_INIT(&new_cred->gc_mc); + + for (i = 0; i < desired_mechs->count; i++) { + struct _gss_cred *tmp_cred = NULL; + struct _gss_mechanism_cred *mc; + + major_status = _gss_acquire_cred_ext(minor_status, + desired_name, + GSS_C_CRED_PASSWORD, + password, + time_req, + &desired_mechs->elements[i], + cred_usage, + (gss_cred_id_t *)&tmp_cred); + if (GSS_ERROR(major_status)) + continue; + + mc = HEIM_SLIST_FIRST(&tmp_cred->gc_mc); + if (mc) { + HEIM_SLIST_REMOVE_HEAD(&tmp_cred->gc_mc, gmc_link); + HEIM_SLIST_INSERT_HEAD(&new_cred->gc_mc, mc, gmc_link); + } + + gss_release_cred(&tmp_minor, (gss_cred_id_t *)&tmp_cred); + } + + if (!HEIM_SLIST_FIRST(&new_cred->gc_mc)) { + free(new_cred); + *minor_status = 0; + return GSS_S_NO_CRED; + } + + *output_cred_handle = (gss_cred_id_t)new_cred; + } + + if (actual_mechs != NULL || time_rec != NULL) { + major_status = gss_inquire_cred(minor_status, + *output_cred_handle, + NULL, + time_rec, + NULL, + actual_mechs); + if (GSS_ERROR(major_status)) { + gss_release_cred(&tmp_minor, output_cred_handle); + return major_status; + } + } + + *minor_status = 0; + return GSS_S_COMPLETE; +} diff --git a/lib/gssapi/mech/gss_add_cred.c b/lib/gssapi/mech/gss_add_cred.c new file mode 100644 index 000000000000..a998bc60ff80 --- /dev/null +++ b/lib/gssapi/mech/gss_add_cred.c @@ -0,0 +1,186 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_add_cred.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +struct _gss_mechanism_cred * +_gss_copy_cred(struct _gss_mechanism_cred *mc) +{ + struct _gss_mechanism_cred *new_mc; + gssapi_mech_interface m = mc->gmc_mech; + OM_uint32 major_status, minor_status; + gss_name_t name; + gss_cred_id_t cred; + OM_uint32 initiator_lifetime, acceptor_lifetime; + gss_cred_usage_t cred_usage; + + major_status = m->gm_inquire_cred_by_mech(&minor_status, + mc->gmc_cred, mc->gmc_mech_oid, + &name, &initiator_lifetime, &acceptor_lifetime, &cred_usage); + if (major_status) { + _gss_mg_error(m, major_status, minor_status); + return (0); + } + + major_status = m->gm_add_cred(&minor_status, + GSS_C_NO_CREDENTIAL, name, mc->gmc_mech_oid, + cred_usage, initiator_lifetime, acceptor_lifetime, + &cred, 0, 0, 0); + m->gm_release_name(&minor_status, &name); + + if (major_status) { + _gss_mg_error(m, major_status, minor_status); + return (0); + } + + new_mc = malloc(sizeof(struct _gss_mechanism_cred)); + if (!new_mc) { + m->gm_release_cred(&minor_status, &cred); + return (0); + } + new_mc->gmc_mech = m; + new_mc->gmc_mech_oid = &m->gm_mech_oid; + new_mc->gmc_cred = cred; + + return (new_mc); +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_add_cred(OM_uint32 *minor_status, + const gss_cred_id_t input_cred_handle, + const gss_name_t desired_name, + const gss_OID desired_mech, + gss_cred_usage_t cred_usage, + OM_uint32 initiator_time_req, + OM_uint32 acceptor_time_req, + gss_cred_id_t *output_cred_handle, + gss_OID_set *actual_mechs, + OM_uint32 *initiator_time_rec, + OM_uint32 *acceptor_time_rec) +{ + OM_uint32 major_status; + gssapi_mech_interface m; + struct _gss_cred *cred = (struct _gss_cred *) input_cred_handle; + struct _gss_cred *new_cred; + gss_cred_id_t release_cred; + struct _gss_mechanism_cred *mc, *target_mc, *copy_mc; + struct _gss_mechanism_name *mn; + OM_uint32 junk; + + *minor_status = 0; + *output_cred_handle = GSS_C_NO_CREDENTIAL; + if (initiator_time_rec) + *initiator_time_rec = 0; + if (acceptor_time_rec) + *acceptor_time_rec = 0; + if (actual_mechs) + *actual_mechs = GSS_C_NO_OID_SET; + + new_cred = malloc(sizeof(struct _gss_cred)); + if (!new_cred) { + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + HEIM_SLIST_INIT(&new_cred->gc_mc); + + /* + * We go through all the mc attached to the input_cred_handle + * and check the mechanism. If it matches, we call + * gss_add_cred for that mechanism, otherwise we copy the mc + * to new_cred. + */ + target_mc = 0; + if (cred) { + HEIM_SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) { + if (gss_oid_equal(mc->gmc_mech_oid, desired_mech)) { + target_mc = mc; + } + copy_mc = _gss_copy_cred(mc); + if (!copy_mc) { + release_cred = (gss_cred_id_t)new_cred; + gss_release_cred(&junk, &release_cred); + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + HEIM_SLIST_INSERT_HEAD(&new_cred->gc_mc, copy_mc, gmc_link); + } + } + + /* + * Figure out a suitable mn, if any. + */ + if (desired_name) { + major_status = _gss_find_mn(minor_status, + (struct _gss_name *) desired_name, + desired_mech, + &mn); + if (major_status != GSS_S_COMPLETE) { + free(new_cred); + return major_status; + } + } else { + mn = 0; + } + + m = __gss_get_mechanism(desired_mech); + + mc = malloc(sizeof(struct _gss_mechanism_cred)); + if (!mc) { + release_cred = (gss_cred_id_t)new_cred; + gss_release_cred(&junk, &release_cred); + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + mc->gmc_mech = m; + mc->gmc_mech_oid = &m->gm_mech_oid; + + major_status = m->gm_add_cred(minor_status, + target_mc ? target_mc->gmc_cred : GSS_C_NO_CREDENTIAL, + desired_name ? mn->gmn_name : GSS_C_NO_NAME, + desired_mech, + cred_usage, + initiator_time_req, + acceptor_time_req, + &mc->gmc_cred, + actual_mechs, + initiator_time_rec, + acceptor_time_rec); + + if (major_status) { + _gss_mg_error(m, major_status, *minor_status); + release_cred = (gss_cred_id_t)new_cred; + gss_release_cred(&junk, &release_cred); + free(mc); + return (major_status); + } + HEIM_SLIST_INSERT_HEAD(&new_cred->gc_mc, mc, gmc_link); + *output_cred_handle = (gss_cred_id_t) new_cred; + + return (GSS_S_COMPLETE); +} + diff --git a/lib/gssapi/mech/gss_add_cred_with_password.c b/lib/gssapi/mech/gss_add_cred_with_password.c new file mode 100644 index 000000000000..f966305cfb16 --- /dev/null +++ b/lib/gssapi/mech/gss_add_cred_with_password.c @@ -0,0 +1,150 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_add_cred.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_add_cred_with_password(OM_uint32 *minor_status, + const gss_cred_id_t input_cred_handle, + const gss_name_t desired_name, + const gss_OID desired_mech, + const gss_buffer_t password, + gss_cred_usage_t cred_usage, + OM_uint32 initiator_time_req, + OM_uint32 acceptor_time_req, + gss_cred_id_t *output_cred_handle, + gss_OID_set *actual_mechs, + OM_uint32 *initiator_time_rec, + OM_uint32 *acceptor_time_rec) +{ + OM_uint32 major_status; + gssapi_mech_interface m; + struct _gss_cred *cred = (struct _gss_cred *) input_cred_handle; + struct _gss_cred *new_cred; + struct _gss_mechanism_cred *mc; + struct _gss_mechanism_name *mn = NULL; + OM_uint32 junk, time_req; + + *minor_status = 0; + *output_cred_handle = GSS_C_NO_CREDENTIAL; + if (initiator_time_rec) + *initiator_time_rec = 0; + if (acceptor_time_rec) + *acceptor_time_rec = 0; + if (actual_mechs) + *actual_mechs = GSS_C_NO_OID_SET; + + m = __gss_get_mechanism(desired_mech); + if (m == NULL) { + *minor_status = 0; + return (GSS_S_BAD_MECH); + } + + new_cred = calloc(1, sizeof(struct _gss_cred)); + if (new_cred == NULL) { + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + HEIM_SLIST_INIT(&new_cred->gc_mc); + + /* + * Copy credentials from un-desired mechanisms to the new credential. + */ + if (cred) { + HEIM_SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) { + struct _gss_mechanism_cred *copy_mc; + + if (gss_oid_equal(mc->gmc_mech_oid, desired_mech)) { + continue; + } + copy_mc = _gss_copy_cred(mc); + if (copy_mc == NULL) { + gss_release_cred(&junk, (gss_cred_id_t *)&new_cred); + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + HEIM_SLIST_INSERT_HEAD(&new_cred->gc_mc, copy_mc, gmc_link); + } + } + + /* + * Figure out a suitable mn, if any. + */ + if (desired_name != GSS_C_NO_NAME) { + major_status = _gss_find_mn(minor_status, + (struct _gss_name *) desired_name, + desired_mech, + &mn); + if (major_status != GSS_S_COMPLETE) { + gss_release_cred(&junk, (gss_cred_id_t *)&new_cred); + return (major_status); + } + } + + if (cred_usage == GSS_C_BOTH) + time_req = initiator_time_req > acceptor_time_req ? acceptor_time_req : initiator_time_req; + else if (cred_usage == GSS_C_INITIATE) + time_req = initiator_time_req; + else + time_req = acceptor_time_req; + + major_status = _gss_acquire_mech_cred(minor_status, m, mn, + GSS_C_CRED_PASSWORD, password, + time_req, desired_mech, + cred_usage, &mc); + if (major_status != GSS_S_COMPLETE) { + gss_release_cred(&junk, (gss_cred_id_t *)&new_cred); + return (major_status); + } + + HEIM_SLIST_INSERT_HEAD(&new_cred->gc_mc, mc, gmc_link); + + if (actual_mechs || initiator_time_rec || acceptor_time_rec) { + OM_uint32 time_rec; + + major_status = gss_inquire_cred(minor_status, + (gss_cred_id_t)new_cred, + NULL, + &time_rec, + NULL, + actual_mechs); + if (GSS_ERROR(major_status)) { + gss_release_cred(&junk, (gss_cred_id_t *)&new_cred); + return (major_status); + } + if (initiator_time_rec && + (cred_usage == GSS_C_INITIATE || cred_usage == GSS_C_BOTH)) + *initiator_time_rec = time_rec; + if (acceptor_time_rec && + (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH)) + *acceptor_time_rec = time_rec; + } + + *output_cred_handle = (gss_cred_id_t) new_cred; + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_add_oid_set_member.c b/lib/gssapi/mech/gss_add_oid_set_member.c new file mode 100644 index 000000000000..a23270511ebe --- /dev/null +++ b/lib/gssapi/mech/gss_add_oid_set_member.c @@ -0,0 +1,84 @@ +/* + * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +/** + * Add a oid to the oid set, function does not make a copy of the oid, + * so the pointer to member_oid needs to be stable for the whole time + * oid_set is used. + * + * If there is a duplicate member of the oid, the new member is not + * added to to the set. + * + * @param minor_status minor status code. + * @param member_oid member to add to the oid set + * @param oid_set oid set to add the member too + * + * @returns a gss_error code, see gss_display_status() about printing + * the error code. + * + * @ingroup gssapi + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_add_oid_set_member (OM_uint32 * minor_status, + const gss_OID member_oid, + gss_OID_set * oid_set) +{ + gss_OID tmp; + size_t n; + OM_uint32 res; + int present; + + res = gss_test_oid_set_member(minor_status, member_oid, *oid_set, &present); + if (res != GSS_S_COMPLETE) + return res; + + if (present) { + *minor_status = 0; + return GSS_S_COMPLETE; + } + + n = (*oid_set)->count + 1; + tmp = realloc ((*oid_set)->elements, n * sizeof(gss_OID_desc)); + if (tmp == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + (*oid_set)->elements = tmp; + (*oid_set)->count = n; + (*oid_set)->elements[n-1] = *member_oid; + *minor_status = 0; + return GSS_S_COMPLETE; +} diff --git a/lib/gssapi/mech/gss_aeap.c b/lib/gssapi/mech/gss_aeap.c new file mode 100644 index 000000000000..3008c0d34484 --- /dev/null +++ b/lib/gssapi/mech/gss_aeap.c @@ -0,0 +1,216 @@ +/* + * AEAD support + */ + +#include "mech_locl.h" + +/** + * Encrypts or sign the data. + * + * This is a more complicated version of gss_wrap(), it allows the + * caller to use AEAD data (signed header/trailer) and allow greater + * controll over where the encrypted data is placed. + * + * The maximum packet size is gss_context_stream_sizes.max_msg_size. + * + * The caller needs provide the folloing buffers when using in conf_req_flag=1 mode: + * + * - HEADER (of size gss_context_stream_sizes.header) + * { DATA or SIGN_ONLY } (optional, zero or more) + * PADDING (of size gss_context_stream_sizes.blocksize, if zero padding is zero, can be omitted) + * TRAILER (of size gss_context_stream_sizes.trailer) + * + * - on DCE-RPC mode, the caller can skip PADDING and TRAILER if the + * DATA elements is padded to a block bountry and header is of at + * least size gss_context_stream_sizes.header + gss_context_stream_sizes.trailer. + * + * HEADER, PADDING, TRAILER will be shrunken to the size required to transmit any of them too large. + * + * To generate gss_wrap() compatible packets, use: HEADER | DATA | PADDING | TRAILER + * + * When used in conf_req_flag=0, + * + * - HEADER (of size gss_context_stream_sizes.header) + * { DATA or SIGN_ONLY } (optional, zero or more) + * PADDING (of size gss_context_stream_sizes.blocksize, if zero padding is zero, can be omitted) + * TRAILER (of size gss_context_stream_sizes.trailer) + * + * + * The input sizes of HEADER, PADDING and TRAILER can be fetched using gss_wrap_iov_length() or + * gss_context_query_attributes(). + * + * @ingroup gssapi + */ + + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_wrap_iov(OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + int * conf_state, + gss_iov_buffer_desc *iov, + int iov_count) +{ + struct _gss_context *ctx = (struct _gss_context *) context_handle; + gssapi_mech_interface m; + + if (minor_status) + *minor_status = 0; + if (conf_state) + *conf_state = 0; + if (ctx == NULL) + return GSS_S_NO_CONTEXT; + if (iov == NULL && iov_count != 0) + return GSS_S_CALL_INACCESSIBLE_READ; + + m = ctx->gc_mech; + + if (m->gm_wrap_iov == NULL) + return GSS_S_UNAVAILABLE; + + return (m->gm_wrap_iov)(minor_status, ctx->gc_ctx, + conf_req_flag, qop_req, conf_state, + iov, iov_count); +} + +/** + * Decrypt or verifies the signature on the data. + * + * + * @ingroup gssapi + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_unwrap_iov(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int *conf_state, + gss_qop_t *qop_state, + gss_iov_buffer_desc *iov, + int iov_count) +{ + struct _gss_context *ctx = (struct _gss_context *) context_handle; + gssapi_mech_interface m; + + if (minor_status) + *minor_status = 0; + if (conf_state) + *conf_state = 0; + if (qop_state) + *qop_state = 0; + if (ctx == NULL) + return GSS_S_NO_CONTEXT; + if (iov == NULL && iov_count != 0) + return GSS_S_CALL_INACCESSIBLE_READ; + + m = ctx->gc_mech; + + if (m->gm_unwrap_iov == NULL) + return GSS_S_UNAVAILABLE; + + return (m->gm_unwrap_iov)(minor_status, ctx->gc_ctx, + conf_state, qop_state, + iov, iov_count); +} + +/** + * Update the length fields in iov buffer for the types: + * - GSS_IOV_BUFFER_TYPE_HEADER + * - GSS_IOV_BUFFER_TYPE_PADDING + * - GSS_IOV_BUFFER_TYPE_TRAILER + * + * Consider using gss_context_query_attributes() to fetch the data instead. + * + * @ingroup gssapi + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_wrap_iov_length(OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + int *conf_state, + gss_iov_buffer_desc *iov, + int iov_count) +{ + struct _gss_context *ctx = (struct _gss_context *) context_handle; + gssapi_mech_interface m; + + if (minor_status) + *minor_status = 0; + if (conf_state) + *conf_state = 0; + if (ctx == NULL) + return GSS_S_NO_CONTEXT; + if (iov == NULL && iov_count != 0) + return GSS_S_CALL_INACCESSIBLE_READ; + + m = ctx->gc_mech; + + if (m->gm_wrap_iov_length == NULL) + return GSS_S_UNAVAILABLE; + + return (m->gm_wrap_iov_length)(minor_status, ctx->gc_ctx, + conf_req_flag, qop_req, conf_state, + iov, iov_count); +} + +/** + * Free all buffer allocated by gss_wrap_iov() or gss_unwrap_iov() by + * looking at the GSS_IOV_BUFFER_FLAG_ALLOCATED flag. + * + * @ingroup gssapi + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_release_iov_buffer(OM_uint32 *minor_status, + gss_iov_buffer_desc *iov, + int iov_count) +{ + OM_uint32 junk; + int i; + + if (minor_status) + *minor_status = 0; + if (iov == NULL && iov_count != 0) + return GSS_S_CALL_INACCESSIBLE_READ; + + for (i = 0; i < iov_count; i++) { + if ((iov[i].type & GSS_IOV_BUFFER_FLAG_ALLOCATED) == 0) + continue; + gss_release_buffer(&junk, &iov[i].buffer); + iov[i].type &= ~GSS_IOV_BUFFER_FLAG_ALLOCATED; + } + return GSS_S_COMPLETE; +} + +/** + * Query the context for parameters. + * + * SSPI equivalent if this function is QueryContextAttributes. + * + * - GSS_C_ATTR_STREAM_SIZES data is a gss_context_stream_sizes. + * + * @ingroup gssapi + */ + +gss_OID_desc GSSAPI_LIB_FUNCTION __gss_c_attr_stream_sizes_oid_desc = + {10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03")}; + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_context_query_attributes(OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + const gss_OID attribute, + void *data, + size_t len) +{ + if (minor_status) + *minor_status = 0; + + if (gss_oid_equal(GSS_C_ATTR_STREAM_SIZES, attribute)) { + memset(data, 0, len); + return GSS_S_COMPLETE; + } + + return GSS_S_FAILURE; +} diff --git a/lib/gssapi/mech/gss_authorize_localname.c b/lib/gssapi/mech/gss_authorize_localname.c new file mode 100644 index 000000000000..a0ad065da887 --- /dev/null +++ b/lib/gssapi/mech/gss_authorize_localname.c @@ -0,0 +1,187 @@ +/* + * Copyright (c) 2011, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +gss_buffer_desc GSSAPI_LIB_VARIABLE __gss_c_attr_local_login_user = { + sizeof("local-login-user") - 1, + "local-login-user" +}; + +static OM_uint32 +mech_authorize_localname(OM_uint32 *minor_status, + const struct _gss_name *name, + const struct _gss_name *user) +{ + OM_uint32 major_status = GSS_S_NAME_NOT_MN; + struct _gss_mechanism_name *mn; + + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { + gssapi_mech_interface m = mn->gmn_mech; + + if (m->gm_authorize_localname == NULL) { + major_status = GSS_S_UNAVAILABLE; + continue; + } + + major_status = m->gm_authorize_localname(minor_status, + mn->gmn_name, + &user->gn_value, + &user->gn_type); + if (major_status != GSS_S_UNAUTHORIZED) + break; + } + + return major_status; +} + +/* + * Naming extensions based local login authorization. + */ +static OM_uint32 +attr_authorize_localname(OM_uint32 *minor_status, + const struct _gss_name *name, + const struct _gss_name *user) +{ + OM_uint32 major_status = GSS_S_UNAVAILABLE; + int more = -1; + + if (!gss_oid_equal(&user->gn_type, GSS_C_NT_USER_NAME)) + return GSS_S_BAD_NAMETYPE; + + while (more != 0 && major_status != GSS_S_COMPLETE) { + OM_uint32 tmpMajor, tmpMinor; + gss_buffer_desc value; + gss_buffer_desc display_value; + int authenticated = 0, complete = 0; + + tmpMajor = gss_get_name_attribute(minor_status, + (gss_name_t)name, + GSS_C_ATTR_LOCAL_LOGIN_USER, + &authenticated, + &complete, + &value, + &display_value, + &more); + if (GSS_ERROR(tmpMajor)) { + major_status = tmpMajor; + break; + } + + /* If attribute is present, return an authoritative error code. */ + if (authenticated && + value.length == user->gn_value.length && + memcmp(value.value, user->gn_value.value, user->gn_value.length) == 0) + major_status = GSS_S_COMPLETE; + else + major_status = GSS_S_UNAUTHORIZED; + + gss_release_buffer(&tmpMinor, &value); + gss_release_buffer(&tmpMinor, &display_value); + } + + return major_status; +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_authorize_localname(OM_uint32 *minor_status, + const gss_name_t gss_name, + const gss_name_t gss_user) + +{ + OM_uint32 major_status; + const struct _gss_name *name = (const struct _gss_name *) gss_name; + const struct _gss_name *user = (const struct _gss_name *) gss_user; + int mechAvailable = 0; + + *minor_status = 0; + + if (gss_name == GSS_C_NO_NAME || gss_user == GSS_C_NO_NAME) + return GSS_S_CALL_INACCESSIBLE_READ; + + /* + * We should check that the user name is not a mechanism name, but + * as Heimdal always calls the mechanism's gss_import_name(), it's + * not possible to make this check. + */ +#if 0 + if (HEIM_SLIST_FIRST(&user->gn_mn) != NULL) + return GSS_S_BAD_NAME; +#endif + + /* If mech returns yes, we return yes */ + major_status = mech_authorize_localname(minor_status, name, user); + if (major_status == GSS_S_COMPLETE) + return GSS_S_COMPLETE; + else if (major_status != GSS_S_UNAVAILABLE) + mechAvailable = 1; + + /* If attribute exists, it is authoritative */ + major_status = attr_authorize_localname(minor_status, name, user); + if (major_status == GSS_S_COMPLETE || major_status == GSS_S_UNAUTHORIZED) + return major_status; + + /* If mechanism did not implement SPI, compare the local name */ + if (mechAvailable == 0) { + int match = 0; + + major_status = gss_compare_name(minor_status, gss_name, + gss_user, &match); + if (major_status == GSS_S_COMPLETE && match == 0) + major_status = GSS_S_UNAUTHORIZED; + } + + return major_status; +} + +GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL +gss_userok(const gss_name_t name, + const char *user) +{ + OM_uint32 major_status, minor_status; + gss_buffer_desc userBuf; + gss_name_t userName; + + userBuf.value = (void *)user; + userBuf.length = strlen(user); + + major_status = gss_import_name(&minor_status, &userBuf, + GSS_C_NT_USER_NAME, &userName); + if (GSS_ERROR(major_status)) + return 0; + + major_status = gss_authorize_localname(&minor_status, name, userName); + + gss_release_name(&minor_status, &userName); + + return (major_status == GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_buffer_set.c b/lib/gssapi/mech/gss_buffer_set.c new file mode 100644 index 000000000000..48fb720ad09b --- /dev/null +++ b/lib/gssapi/mech/gss_buffer_set.c @@ -0,0 +1,124 @@ +/* + * Copyright (c) 2004, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_create_empty_buffer_set + (OM_uint32 * minor_status, + gss_buffer_set_t *buffer_set) +{ + gss_buffer_set_t set; + + set = (gss_buffer_set_desc *) malloc(sizeof(*set)); + if (set == GSS_C_NO_BUFFER_SET) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + set->count = 0; + set->elements = NULL; + + *buffer_set = set; + + *minor_status = 0; + return GSS_S_COMPLETE; +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_add_buffer_set_member + (OM_uint32 * minor_status, + const gss_buffer_t member_buffer, + gss_buffer_set_t *buffer_set) +{ + gss_buffer_set_t set; + gss_buffer_t p; + OM_uint32 ret; + + if (*buffer_set == GSS_C_NO_BUFFER_SET) { + ret = gss_create_empty_buffer_set(minor_status, + buffer_set); + if (ret) { + return ret; + } + } + + set = *buffer_set; + set->elements = realloc(set->elements, + (set->count + 1) * sizeof(set->elements[0])); + if (set->elements == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + p = &set->elements[set->count]; + + p->value = malloc(member_buffer->length); + if (p->value == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + memcpy(p->value, member_buffer->value, member_buffer->length); + p->length = member_buffer->length; + + set->count++; + + *minor_status = 0; + return GSS_S_COMPLETE; +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_release_buffer_set(OM_uint32 * minor_status, + gss_buffer_set_t *buffer_set) +{ + size_t i; + OM_uint32 minor; + + *minor_status = 0; + + if (*buffer_set == GSS_C_NO_BUFFER_SET) + return GSS_S_COMPLETE; + + for (i = 0; i < (*buffer_set)->count; i++) + gss_release_buffer(&minor, &((*buffer_set)->elements[i])); + + free((*buffer_set)->elements); + + (*buffer_set)->elements = NULL; + (*buffer_set)->count = 0; + + free(*buffer_set); + *buffer_set = GSS_C_NO_BUFFER_SET; + + return GSS_S_COMPLETE; +} + diff --git a/lib/gssapi/mech/gss_canonicalize_name.c b/lib/gssapi/mech/gss_canonicalize_name.c new file mode 100644 index 000000000000..bd8ff5212071 --- /dev/null +++ b/lib/gssapi/mech/gss_canonicalize_name.c @@ -0,0 +1,111 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_canonicalize_name.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +/** + * gss_canonicalize_name takes a Internal Name (IN) and converts in into a + * mechanism specific Mechanism Name (MN). + * + * The input name may multiple name, or generic name types. + * + * If the input_name if of the GSS_C_NT_USER_NAME, and the Kerberos + * mechanism is specified, the resulting MN type is a + * GSS_KRB5_NT_PRINCIPAL_NAME. + * + * For more information about @ref internalVSmechname. + * + * @param minor_status minor status code. + * @param input_name name to covert, unchanged by gss_canonicalize_name(). + * @param mech_type the type to convert Name too. + * @param output_name the resulting type, release with + * gss_release_name(), independent of input_name. + * + * @returns a gss_error code, see gss_display_status() about printing + * the error code. + * + * @ingroup gssapi + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_canonicalize_name(OM_uint32 *minor_status, + const gss_name_t input_name, + const gss_OID mech_type, + gss_name_t *output_name) +{ + OM_uint32 major_status; + struct _gss_name *name = (struct _gss_name *) input_name; + struct _gss_mechanism_name *mn; + gssapi_mech_interface m; + gss_name_t new_canonical_name; + + *minor_status = 0; + *output_name = 0; + + major_status = _gss_find_mn(minor_status, name, mech_type, &mn); + if (major_status) + return major_status; + + m = mn->gmn_mech; + major_status = m->gm_canonicalize_name(minor_status, + mn->gmn_name, mech_type, &new_canonical_name); + if (major_status) { + _gss_mg_error(m, major_status, *minor_status); + return (major_status); + } + + /* + * Now we make a new name and mark it as an MN. + */ + *minor_status = 0; + name = malloc(sizeof(struct _gss_name)); + if (!name) { + m->gm_release_name(minor_status, &new_canonical_name); + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + memset(name, 0, sizeof(struct _gss_name)); + + mn = malloc(sizeof(struct _gss_mechanism_name)); + if (!mn) { + m->gm_release_name(minor_status, &new_canonical_name); + free(name); + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + + HEIM_SLIST_INIT(&name->gn_mn); + mn->gmn_mech = m; + mn->gmn_mech_oid = &m->gm_mech_oid; + mn->gmn_name = new_canonical_name; + HEIM_SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); + + *output_name = (gss_name_t) name; + + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_compare_name.c b/lib/gssapi/mech/gss_compare_name.c new file mode 100644 index 000000000000..70b4b1c20673 --- /dev/null +++ b/lib/gssapi/mech/gss_compare_name.c @@ -0,0 +1,76 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_compare_name.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_compare_name(OM_uint32 *minor_status, + const gss_name_t name1_arg, + const gss_name_t name2_arg, + int *name_equal) +{ + struct _gss_name *name1 = (struct _gss_name *) name1_arg; + struct _gss_name *name2 = (struct _gss_name *) name2_arg; + + /* + * First check the implementation-independant name if both + * names have one. Otherwise, try to find common mechanism + * names and compare them. + */ + if (name1->gn_value.value && name2->gn_value.value) { + *name_equal = 1; + if (!gss_oid_equal(&name1->gn_type, &name2->gn_type)) { + *name_equal = 0; + } else if (name1->gn_value.length != name2->gn_value.length || + memcmp(name1->gn_value.value, name1->gn_value.value, + name1->gn_value.length)) { + *name_equal = 0; + } + } else { + struct _gss_mechanism_name *mn1; + struct _gss_mechanism_name *mn2; + + HEIM_SLIST_FOREACH(mn1, &name1->gn_mn, gmn_link) { + OM_uint32 major_status; + + major_status = _gss_find_mn(minor_status, name2, + mn1->gmn_mech_oid, &mn2); + if (major_status == GSS_S_COMPLETE) { + return (mn1->gmn_mech->gm_compare_name( + minor_status, + mn1->gmn_name, + mn2->gmn_name, + name_equal)); + } + } + *name_equal = 0; + } + + *minor_status = 0; + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_context_time.c b/lib/gssapi/mech/gss_context_time.c new file mode 100644 index 000000000000..69434ee898e5 --- /dev/null +++ b/lib/gssapi/mech/gss_context_time.c @@ -0,0 +1,40 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_context_time.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_context_time(OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + OM_uint32 *time_rec) +{ + struct _gss_context *ctx = (struct _gss_context *) context_handle; + gssapi_mech_interface m = ctx->gc_mech; + + return (m->gm_context_time(minor_status, ctx->gc_ctx, time_rec)); +} diff --git a/lib/gssapi/mech/gss_create_empty_oid_set.c b/lib/gssapi/mech/gss_create_empty_oid_set.c new file mode 100644 index 000000000000..8d880f551161 --- /dev/null +++ b/lib/gssapi/mech/gss_create_empty_oid_set.c @@ -0,0 +1,51 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_create_empty_oid_set.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_create_empty_oid_set(OM_uint32 *minor_status, + gss_OID_set *oid_set) +{ + gss_OID_set set; + + *minor_status = 0; + *oid_set = GSS_C_NO_OID_SET; + + set = malloc(sizeof(gss_OID_set_desc)); + if (!set) { + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + + set->count = 0; + set->elements = 0; + *oid_set = set; + + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_cred.c b/lib/gssapi/mech/gss_cred.c new file mode 100644 index 000000000000..99de68776e26 --- /dev/null +++ b/lib/gssapi/mech/gss_cred.c @@ -0,0 +1,224 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "mech_locl.h" +#include + +/* + * format: any number of: + * mech-len: int32 + * mech-data: char * (not alligned) + * cred-len: int32 + * cred-data char * (not alligned) +*/ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_export_cred(OM_uint32 * minor_status, + gss_cred_id_t cred_handle, + gss_buffer_t token) +{ + struct _gss_cred *cred = (struct _gss_cred *)cred_handle; + struct _gss_mechanism_cred *mc; + gss_buffer_desc buffer; + krb5_error_code ret; + krb5_storage *sp; + OM_uint32 major; + krb5_data data; + + _mg_buffer_zero(token); + + if (cred == NULL) { + *minor_status = 0; + return GSS_S_NO_CRED; + } + + HEIM_SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) { + if (mc->gmc_mech->gm_export_cred == NULL) { + *minor_status = 0; + return GSS_S_NO_CRED; + } + } + + sp = krb5_storage_emem(); + if (sp == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + HEIM_SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) { + + major = mc->gmc_mech->gm_export_cred(minor_status, + mc->gmc_cred, &buffer); + if (major) { + krb5_storage_free(sp); + return major; + } + + ret = krb5_storage_write(sp, buffer.value, buffer.length); + if (ret < 0 || (size_t)ret != buffer.length) { + gss_release_buffer(minor_status, &buffer); + krb5_storage_free(sp); + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + gss_release_buffer(minor_status, &buffer); + } + + ret = krb5_storage_to_data(sp, &data); + krb5_storage_free(sp); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + token->value = data.data; + token->length = data.length; + + return GSS_S_COMPLETE; +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_import_cred(OM_uint32 * minor_status, + gss_buffer_t token, + gss_cred_id_t * cred_handle) +{ + gssapi_mech_interface m; + krb5_error_code ret; + struct _gss_cred *cred; + krb5_storage *sp = NULL; + OM_uint32 major, junk; + krb5_data data; + + *cred_handle = GSS_C_NO_CREDENTIAL; + + if (token->length == 0) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + sp = krb5_storage_from_readonly_mem(token->value, token->length); + if (sp == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + cred = calloc(1, sizeof(struct _gss_cred)); + if (cred == NULL) { + krb5_storage_free(sp); + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + HEIM_SLIST_INIT(&cred->gc_mc); + + *cred_handle = (gss_cred_id_t)cred; + + while(1) { + struct _gss_mechanism_cred *mc; + gss_buffer_desc buffer; + gss_cred_id_t mcred; + gss_OID_desc oid; + + ret = krb5_ret_data(sp, &data); + if (ret == HEIM_ERR_EOF) { + break; + } else if (ret) { + *minor_status = ret; + major = GSS_S_FAILURE; + goto out; + } + oid.elements = data.data; + oid.length = data.length; + + m = __gss_get_mechanism(&oid); + krb5_data_free(&data); + if (!m) { + *minor_status = 0; + major = GSS_S_BAD_MECH; + goto out; + } + + if (m->gm_import_cred == NULL) { + *minor_status = 0; + major = GSS_S_BAD_MECH; + goto out; + } + + ret = krb5_ret_data(sp, &data); + if (ret) { + *minor_status = ret; + major = GSS_S_FAILURE; + goto out; + } + + buffer.value = data.data; + buffer.length = data.length; + + major = m->gm_import_cred(minor_status, + &buffer, &mcred); + krb5_data_free(&data); + if (major) { + goto out; + } + + mc = malloc(sizeof(struct _gss_mechanism_cred)); + if (mc == NULL) { + *minor_status = EINVAL; + major = GSS_S_FAILURE; + goto out; + } + + mc->gmc_mech = m; + mc->gmc_mech_oid = &m->gm_mech_oid; + mc->gmc_cred = mcred; + + HEIM_SLIST_INSERT_HEAD(&cred->gc_mc, mc, gmc_link); + } + krb5_storage_free(sp); + sp = NULL; + + if (HEIM_SLIST_EMPTY(&cred->gc_mc)) { + major = GSS_S_NO_CRED; + goto out; + } + + return GSS_S_COMPLETE; + + out: + if (sp) + krb5_storage_free(sp); + + gss_release_cred(&junk, cred_handle); + + return major; + +} diff --git a/lib/gssapi/mech/gss_decapsulate_token.c b/lib/gssapi/mech/gss_decapsulate_token.c new file mode 100644 index 000000000000..3f2974e8ca5b --- /dev/null +++ b/lib/gssapi/mech/gss_decapsulate_token.c @@ -0,0 +1,72 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_decapsulate_token(gss_const_buffer_t input_token, + gss_const_OID oid, + gss_buffer_t output_token) +{ + GSSAPIContextToken ct; + heim_oid o; + OM_uint32 status; + int ret; + size_t size; + + _mg_buffer_zero(output_token); + + ret = der_get_oid (oid->elements, oid->length, &o, &size); + if (ret) + return GSS_S_FAILURE; + + ret = decode_GSSAPIContextToken(input_token->value, input_token->length, + &ct, NULL); + if (ret) { + der_free_oid(&o); + return GSS_S_FAILURE; + } + + if (der_heim_oid_cmp(&ct.thisMech, &o) == 0) { + status = GSS_S_COMPLETE; + output_token->value = ct.innerContextToken.data; + output_token->length = ct.innerContextToken.length; + der_free_oid(&ct.thisMech); + } else { + free_GSSAPIContextToken(&ct); + status = GSS_S_FAILURE; + } + der_free_oid(&o); + + return status; +} diff --git a/lib/gssapi/mech/gss_delete_name_attribute.c b/lib/gssapi/mech/gss_delete_name_attribute.c new file mode 100644 index 000000000000..cb35dd0eb16b --- /dev/null +++ b/lib/gssapi/mech/gss_delete_name_attribute.c @@ -0,0 +1,65 @@ +/* + * Copyright (c) 2010, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_delete_name_attribute(OM_uint32 *minor_status, + gss_name_t input_name, + gss_buffer_t attr) +{ + OM_uint32 major_status = GSS_S_UNAVAILABLE; + struct _gss_name *name = (struct _gss_name *) input_name; + struct _gss_mechanism_name *mn; + + *minor_status = 0; + + if (input_name == GSS_C_NO_NAME) + return GSS_S_BAD_NAME; + + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { + gssapi_mech_interface m = mn->gmn_mech; + + if (!m->gm_delete_name_attribute) + continue; + + major_status = m->gm_delete_name_attribute(minor_status, + mn->gmn_name, + attr); + if (GSS_ERROR(major_status)) + _gss_mg_error(m, major_status, *minor_status); + else + break; + } + + return major_status; +} diff --git a/lib/gssapi/mech/gss_delete_sec_context.c b/lib/gssapi/mech/gss_delete_sec_context.c new file mode 100644 index 000000000000..ce57a76682ab --- /dev/null +++ b/lib/gssapi/mech/gss_delete_sec_context.c @@ -0,0 +1,57 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_delete_sec_context.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_delete_sec_context(OM_uint32 *minor_status, + gss_ctx_id_t *context_handle, + gss_buffer_t output_token) +{ + OM_uint32 major_status; + struct _gss_context *ctx = (struct _gss_context *) *context_handle; + + if (output_token) + _mg_buffer_zero(output_token); + + *minor_status = 0; + if (ctx) { + /* + * If we have an implementation ctx, delete it, + * otherwise fake an empty token. + */ + if (ctx->gc_ctx) { + major_status = ctx->gc_mech->gm_delete_sec_context( + minor_status, &ctx->gc_ctx, output_token); + } + free(ctx); + *context_handle = GSS_C_NO_CONTEXT; + } + + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_display_name.c b/lib/gssapi/mech/gss_display_name.c new file mode 100644 index 000000000000..524a586fbef8 --- /dev/null +++ b/lib/gssapi/mech/gss_display_name.c @@ -0,0 +1,82 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_display_name.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_display_name(OM_uint32 *minor_status, + const gss_name_t input_name, + gss_buffer_t output_name_buffer, + gss_OID *output_name_type) +{ + OM_uint32 major_status; + struct _gss_name *name = (struct _gss_name *) input_name; + struct _gss_mechanism_name *mn; + + _mg_buffer_zero(output_name_buffer); + if (output_name_type) + *output_name_type = GSS_C_NO_OID; + + if (name == NULL) { + *minor_status = 0; + return (GSS_S_BAD_NAME); + } + + /* + * If we know it, copy the buffer used to import the name in + * the first place. Otherwise, ask all the MNs in turn if + * they can display the thing. + */ + if (name->gn_value.value) { + output_name_buffer->value = malloc(name->gn_value.length); + if (!output_name_buffer->value) { + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + output_name_buffer->length = name->gn_value.length; + memcpy(output_name_buffer->value, name->gn_value.value, + output_name_buffer->length); + if (output_name_type) + *output_name_type = &name->gn_type; + + *minor_status = 0; + return (GSS_S_COMPLETE); + } else { + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { + major_status = mn->gmn_mech->gm_display_name( + minor_status, mn->gmn_name, + output_name_buffer, + output_name_type); + if (major_status == GSS_S_COMPLETE) + return (GSS_S_COMPLETE); + } + } + + *minor_status = 0; + return (GSS_S_FAILURE); +} diff --git a/lib/gssapi/mech/gss_display_name_ext.c b/lib/gssapi/mech/gss_display_name_ext.c new file mode 100644 index 000000000000..6c0e5f332cae --- /dev/null +++ b/lib/gssapi/mech/gss_display_name_ext.c @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2010, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_display_name_ext(OM_uint32 *minor_status, + gss_name_t input_name, + gss_OID display_as_name_type, + gss_buffer_t display_name) +{ + OM_uint32 major_status = GSS_S_UNAVAILABLE; + struct _gss_name *name = (struct _gss_name *) input_name; + struct _gss_mechanism_name *mn; + + *minor_status = 0; + _mg_buffer_zero(display_name); + + if (input_name == GSS_C_NO_NAME) + return GSS_S_BAD_NAME; + + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { + gssapi_mech_interface m = mn->gmn_mech; + + if (!m->gm_display_name_ext) + continue; + + major_status = m->gm_display_name_ext(minor_status, + mn->gmn_name, + display_as_name_type, + display_name); + if (GSS_ERROR(major_status)) + _gss_mg_error(m, major_status, *minor_status); + else + break; + } + + return major_status; +} diff --git a/lib/gssapi/mech/gss_display_status.c b/lib/gssapi/mech/gss_display_status.c new file mode 100644 index 000000000000..1e508caa9baf --- /dev/null +++ b/lib/gssapi/mech/gss_display_status.c @@ -0,0 +1,211 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_display_status.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ +/* + * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +static const char * +calling_error(OM_uint32 v) +{ + static const char *msgs[] = { + NULL, /* 0 */ + "A required input parameter could not be read.", /* */ + "A required output parameter could not be written.", /* */ + "A parameter was malformed" + }; + + v >>= GSS_C_CALLING_ERROR_OFFSET; + + if (v == 0) + return ""; + else if (v >= sizeof(msgs)/sizeof(*msgs)) + return "unknown calling error"; + else + return msgs[v]; +} + +static const char * +routine_error(OM_uint32 v) +{ + static const char *msgs[] = { + "Function completed successfully", /* 0 */ + "An unsupported mechanism was requested", + "An invalid name was supplied", + "A supplied name was of an unsupported type", + "Incorrect channel bindings were supplied", + "An invalid status code was supplied", + "A token had an invalid MIC", + "No credentials were supplied, " + "or the credentials were unavailable or inaccessible.", + "No context has been established", + "A token was invalid", + "A credential was invalid", + "The referenced credentials have expired", + "The context has expired", + "Miscellaneous failure (see text)", + "The quality-of-protection requested could not be provide", + "The operation is forbidden by local security policy", + "The operation or option is not available", + "The requested credential element already exists", + "The provided name was not a mechanism name.", + }; + + v >>= GSS_C_ROUTINE_ERROR_OFFSET; + + if (v >= sizeof(msgs)/sizeof(*msgs)) + return "unknown routine error"; + else + return msgs[v]; +} + +static const char * +supplementary_error(OM_uint32 v) +{ + static const char *msgs[] = { + "normal completion", + "continuation call to routine required", + "duplicate per-message token detected", + "timed-out per-message token detected", + "reordered (early) per-message token detected", + "skipped predecessor token(s) detected" + }; + + v >>= GSS_C_SUPPLEMENTARY_OFFSET; + + if (v >= sizeof(msgs)/sizeof(*msgs)) + return "unknown routine error"; + else + return msgs[v]; +} + + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_display_status(OM_uint32 *minor_status, + OM_uint32 status_value, + int status_type, + const gss_OID mech_type, + OM_uint32 *message_content, + gss_buffer_t status_string) +{ + OM_uint32 major_status; + + _mg_buffer_zero(status_string); + *message_content = 0; + + major_status = _gss_mg_get_error(mech_type, status_type, + status_value, status_string); + if (major_status == GSS_S_COMPLETE) { + + *message_content = 0; + *minor_status = 0; + return GSS_S_COMPLETE; + } + + *minor_status = 0; + switch (status_type) { + case GSS_C_GSS_CODE: { + char *buf = NULL; + int e; + + if (GSS_SUPPLEMENTARY_INFO(status_value)) + e = asprintf(&buf, "%s", supplementary_error( + GSS_SUPPLEMENTARY_INFO(status_value))); + else + e = asprintf (&buf, "%s %s", + calling_error(GSS_CALLING_ERROR(status_value)), + routine_error(GSS_ROUTINE_ERROR(status_value))); + + if (e < 0 || buf == NULL) + break; + + status_string->length = strlen(buf); + status_string->value = buf; + + return GSS_S_COMPLETE; + } + case GSS_C_MECH_CODE: { + OM_uint32 maj_junk, min_junk; + gss_buffer_desc oid; + char *buf = NULL; + int e; + + maj_junk = gss_oid_to_str(&min_junk, mech_type, &oid); + if (maj_junk != GSS_S_COMPLETE) { + oid.value = rk_UNCONST("unknown"); + oid.length = 7; + } + + e = asprintf (&buf, "unknown mech-code %lu for mech %.*s", + (unsigned long)status_value, + (int)oid.length, (char *)oid.value); + if (maj_junk == GSS_S_COMPLETE) + gss_release_buffer(&min_junk, &oid); + + if (e < 0 || buf == NULL) + break; + + status_string->length = strlen(buf); + status_string->value = buf; + + return GSS_S_COMPLETE; + } + } + _mg_buffer_zero(status_string); + return (GSS_S_BAD_STATUS); +} diff --git a/lib/gssapi/mech/gss_duplicate_name.c b/lib/gssapi/mech/gss_duplicate_name.c new file mode 100644 index 000000000000..a76c87cb852a --- /dev/null +++ b/lib/gssapi/mech/gss_duplicate_name.c @@ -0,0 +1,95 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_duplicate_name.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_duplicate_name(OM_uint32 *minor_status, + const gss_name_t src_name, + gss_name_t *dest_name) +{ + OM_uint32 major_status; + struct _gss_name *name = (struct _gss_name *) src_name; + struct _gss_name *new_name; + struct _gss_mechanism_name *mn; + + *minor_status = 0; + *dest_name = GSS_C_NO_NAME; + + /* + * If this name has a value (i.e. it didn't come from + * gss_canonicalize_name(), we re-import the thing. Otherwise, + * we make copy of each mech names. + */ + if (name->gn_value.value) { + major_status = gss_import_name(minor_status, + &name->gn_value, &name->gn_type, dest_name); + if (major_status != GSS_S_COMPLETE) + return (major_status); + new_name = (struct _gss_name *) *dest_name; + + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { + struct _gss_mechanism_name *mn2; + _gss_find_mn(minor_status, new_name, + mn->gmn_mech_oid, &mn2); + } + } else { + new_name = malloc(sizeof(struct _gss_name)); + if (!new_name) { + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + memset(new_name, 0, sizeof(struct _gss_name)); + HEIM_SLIST_INIT(&new_name->gn_mn); + *dest_name = (gss_name_t) new_name; + + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { + struct _gss_mechanism_name *new_mn; + + new_mn = malloc(sizeof(*new_mn)); + if (!new_mn) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + new_mn->gmn_mech = mn->gmn_mech; + new_mn->gmn_mech_oid = mn->gmn_mech_oid; + + major_status = + mn->gmn_mech->gm_duplicate_name(minor_status, + mn->gmn_name, &new_mn->gmn_name); + if (major_status != GSS_S_COMPLETE) { + free(new_mn); + continue; + } + HEIM_SLIST_INSERT_HEAD(&new_name->gn_mn, new_mn, gmn_link); + } + + } + + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_duplicate_oid.c b/lib/gssapi/mech/gss_duplicate_oid.c new file mode 100644 index 000000000000..10a200048690 --- /dev/null +++ b/lib/gssapi/mech/gss_duplicate_oid.c @@ -0,0 +1,68 @@ +/* + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_duplicate_oid ( + OM_uint32 *minor_status, + gss_OID src_oid, + gss_OID *dest_oid + ) +{ + *minor_status = 0; + + if (src_oid == GSS_C_NO_OID) { + *dest_oid = GSS_C_NO_OID; + return GSS_S_COMPLETE; + } + + *dest_oid = malloc(sizeof(**dest_oid)); + if (*dest_oid == GSS_C_NO_OID) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + (*dest_oid)->elements = malloc(src_oid->length); + if ((*dest_oid)->elements == NULL) { + free(*dest_oid); + *dest_oid = GSS_C_NO_OID; + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + memcpy((*dest_oid)->elements, src_oid->elements, src_oid->length); + (*dest_oid)->length = src_oid->length; + + *minor_status = 0; + return GSS_S_COMPLETE; +} diff --git a/lib/gssapi/mech/gss_encapsulate_token.c b/lib/gssapi/mech/gss_encapsulate_token.c new file mode 100644 index 000000000000..1b1f973eaaa8 --- /dev/null +++ b/lib/gssapi/mech/gss_encapsulate_token.c @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_encapsulate_token(gss_const_buffer_t input_token, + gss_const_OID oid, + gss_buffer_t output_token) +{ + GSSAPIContextToken ct; + int ret; + size_t size; + + ret = der_get_oid (oid->elements, oid->length, &ct.thisMech, &size); + if (ret) { + _mg_buffer_zero(output_token); + return GSS_S_FAILURE; + } + + ct.innerContextToken.data = input_token->value; + ct.innerContextToken.length = input_token->length; + + ASN1_MALLOC_ENCODE(GSSAPIContextToken, + output_token->value, output_token->length, + &ct, &size, ret); + der_free_oid(&ct.thisMech); + if (ret) { + _mg_buffer_zero(output_token); + return GSS_S_FAILURE; + } + if (output_token->length != size) + abort(); + + return GSS_S_COMPLETE; +} diff --git a/lib/gssapi/mech/gss_export_name.c b/lib/gssapi/mech/gss_export_name.c new file mode 100644 index 000000000000..3e6e62681913 --- /dev/null +++ b/lib/gssapi/mech/gss_export_name.c @@ -0,0 +1,54 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_export_name.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_export_name(OM_uint32 *minor_status, + const gss_name_t input_name, + gss_buffer_t exported_name) +{ + struct _gss_name *name = (struct _gss_name *) input_name; + struct _gss_mechanism_name *mn; + + _mg_buffer_zero(exported_name); + + /* + * If this name already has any attached MNs, export the first + * one, otherwise export based on the first mechanism in our + * list. + */ + mn = HEIM_SLIST_FIRST(&name->gn_mn); + if (!mn) { + *minor_status = 0; + return (GSS_S_NAME_NOT_MN); + } + + return mn->gmn_mech->gm_export_name(minor_status, + mn->gmn_name, exported_name); +} diff --git a/lib/gssapi/mech/gss_export_name_composite.c b/lib/gssapi/mech/gss_export_name_composite.c new file mode 100644 index 000000000000..530a905aa7e8 --- /dev/null +++ b/lib/gssapi/mech/gss_export_name_composite.c @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2010, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_export_name_composite(OM_uint32 *minor_status, + gss_name_t input_name, + gss_buffer_t exp_composite_name) +{ + OM_uint32 major_status = GSS_S_UNAVAILABLE; + struct _gss_name *name = (struct _gss_name *) input_name; + struct _gss_mechanism_name *mn; + + *minor_status = 0; + _mg_buffer_zero(exp_composite_name); + + if (input_name == GSS_C_NO_NAME) + return GSS_S_BAD_NAME; + + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { + gssapi_mech_interface m = mn->gmn_mech; + + if (!m->gm_export_name_composite) + continue; + + major_status = m->gm_export_name_composite(minor_status, + mn->gmn_name, + exp_composite_name); + if (GSS_ERROR(major_status)) + _gss_mg_error(m, major_status, *minor_status); + else + break; + } + + return major_status; +} diff --git a/lib/gssapi/mech/gss_export_sec_context.c b/lib/gssapi/mech/gss_export_sec_context.c new file mode 100644 index 000000000000..369f3a22570e --- /dev/null +++ b/lib/gssapi/mech/gss_export_sec_context.c @@ -0,0 +1,77 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_export_sec_context.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_export_sec_context(OM_uint32 *minor_status, + gss_ctx_id_t *context_handle, + gss_buffer_t interprocess_token) +{ + OM_uint32 major_status; + struct _gss_context *ctx = (struct _gss_context *) *context_handle; + gssapi_mech_interface m = ctx->gc_mech; + gss_buffer_desc buf; + + _mg_buffer_zero(interprocess_token); + + major_status = m->gm_export_sec_context(minor_status, + &ctx->gc_ctx, &buf); + + if (major_status == GSS_S_COMPLETE) { + unsigned char *p; + + free(ctx); + *context_handle = GSS_C_NO_CONTEXT; + interprocess_token->length = buf.length + + 2 + m->gm_mech_oid.length; + interprocess_token->value = malloc(interprocess_token->length); + if (!interprocess_token->value) { + /* + * We are in trouble here - the context is + * already gone. This is allowed as long as we + * set the caller's context_handle to + * GSS_C_NO_CONTEXT, which we did above. + * Return GSS_S_FAILURE. + */ + _mg_buffer_zero(interprocess_token); + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + p = interprocess_token->value; + p[0] = m->gm_mech_oid.length >> 8; + p[1] = m->gm_mech_oid.length; + memcpy(p + 2, m->gm_mech_oid.elements, m->gm_mech_oid.length); + memcpy(p + 2 + m->gm_mech_oid.length, buf.value, buf.length); + gss_release_buffer(minor_status, &buf); + } else { + _gss_mg_error(m, major_status, *minor_status); + } + + return (major_status); +} diff --git a/lib/gssapi/mech/gss_get_mic.c b/lib/gssapi/mech/gss_get_mic.c new file mode 100644 index 000000000000..6eebfe0bbb03 --- /dev/null +++ b/lib/gssapi/mech/gss_get_mic.c @@ -0,0 +1,51 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_get_mic.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_get_mic(OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + gss_qop_t qop_req, + const gss_buffer_t message_buffer, + gss_buffer_t message_token) +{ + struct _gss_context *ctx = (struct _gss_context *) context_handle; + gssapi_mech_interface m; + + _mg_buffer_zero(message_token); + if (ctx == NULL) { + *minor_status = 0; + return GSS_S_NO_CONTEXT; + } + + m = ctx->gc_mech; + + return (m->gm_get_mic(minor_status, ctx->gc_ctx, qop_req, + message_buffer, message_token)); +} diff --git a/lib/gssapi/mech/gss_get_name_attribute.c b/lib/gssapi/mech/gss_get_name_attribute.c new file mode 100644 index 000000000000..450bbac46e93 --- /dev/null +++ b/lib/gssapi/mech/gss_get_name_attribute.c @@ -0,0 +1,81 @@ +/* + * Copyright (c) 2010, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_get_name_attribute(OM_uint32 *minor_status, + gss_name_t input_name, + gss_buffer_t attr, + int *authenticated, + int *complete, + gss_buffer_t value, + gss_buffer_t display_value, + int *more) +{ + OM_uint32 major_status = GSS_S_UNAVAILABLE; + struct _gss_name *name = (struct _gss_name *) input_name; + struct _gss_mechanism_name *mn; + + *minor_status = 0; + if (authenticated != NULL) + *authenticated = 0; + if (complete != NULL) + *complete = 0; + _mg_buffer_zero(value); + _mg_buffer_zero(display_value); + + if (input_name == GSS_C_NO_NAME) + return GSS_S_BAD_NAME; + + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { + gssapi_mech_interface m = mn->gmn_mech; + + if (!m->gm_get_name_attribute) + continue; + + major_status = m->gm_get_name_attribute(minor_status, + mn->gmn_name, + attr, + authenticated, + complete, + value, + display_value, + more); + if (GSS_ERROR(major_status)) + _gss_mg_error(m, major_status, *minor_status); + else + break; + } + + return major_status; +} diff --git a/lib/gssapi/mech/gss_import_name.c b/lib/gssapi/mech/gss_import_name.c new file mode 100644 index 000000000000..d1b3dc95b4a4 --- /dev/null +++ b/lib/gssapi/mech/gss_import_name.c @@ -0,0 +1,291 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_import_name.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +static OM_uint32 +_gss_import_export_name(OM_uint32 *minor_status, + const gss_buffer_t input_name_buffer, + gss_name_t *output_name) +{ + OM_uint32 major_status; + unsigned char *p = input_name_buffer->value; + size_t len = input_name_buffer->length; + size_t t; + gss_OID_desc mech_oid; + gssapi_mech_interface m; + struct _gss_name *name; + gss_name_t new_canonical_name; + int composite = 0; + + *minor_status = 0; + *output_name = 0; + + /* + * Make sure that TOK_ID is {4, 1}. + */ + if (len < 2) + return (GSS_S_BAD_NAME); + if (p[0] != 4) + return (GSS_S_BAD_NAME); + switch (p[1]) { + case 1: /* non-composite name */ + break; + case 2: /* composite name */ + composite = 1; + break; + default: + return (GSS_S_BAD_NAME); + } + p += 2; + len -= 2; + + /* + * Get the mech length and the name length and sanity + * check the size of of the buffer. + */ + if (len < 2) + return (GSS_S_BAD_NAME); + t = (p[0] << 8) + p[1]; + p += 2; + len -= 2; + + /* + * Check the DER encoded OID to make sure it agrees with the + * length we just decoded. + */ + if (p[0] != 6) /* 6=OID */ + return (GSS_S_BAD_NAME); + p++; + len--; + t--; + if (p[0] & 0x80) { + int digits = p[0]; + p++; + len--; + t--; + mech_oid.length = 0; + while (digits--) { + mech_oid.length = (mech_oid.length << 8) | p[0]; + p++; + len--; + t--; + } + } else { + mech_oid.length = p[0]; + p++; + len--; + t--; + } + if (mech_oid.length != t) + return (GSS_S_BAD_NAME); + + mech_oid.elements = p; + + if (len < t + 4) + return (GSS_S_BAD_NAME); + p += t; + len -= t; + + t = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; + p += 4; + len -= 4; + + if (!composite && len != t) + return (GSS_S_BAD_NAME); + + m = __gss_get_mechanism(&mech_oid); + if (!m) + return (GSS_S_BAD_MECH); + + /* + * Ask the mechanism to import the name. + */ + major_status = m->gm_import_name(minor_status, + input_name_buffer, GSS_C_NT_EXPORT_NAME, &new_canonical_name); + if (major_status != GSS_S_COMPLETE) { + _gss_mg_error(m, major_status, *minor_status); + return major_status; + } + + /* + * Now we make a new name and mark it as an MN. + */ + name = _gss_make_name(m, new_canonical_name); + if (!name) { + m->gm_release_name(minor_status, &new_canonical_name); + return (GSS_S_FAILURE); + } + + *output_name = (gss_name_t) name; + + *minor_status = 0; + return (GSS_S_COMPLETE); +} + +/** + * Import a name internal or mechanism name + * + * Type of name and their format: + * - GSS_C_NO_OID + * - GSS_C_NT_USER_NAME + * - GSS_C_NT_HOSTBASED_SERVICE + * - GSS_C_NT_EXPORT_NAME + * - GSS_C_NT_ANONYMOUS + * - GSS_KRB5_NT_PRINCIPAL_NAME + * + * For more information about @ref internalVSmechname. + * + * @param minor_status minor status code + * @param input_name_buffer import name buffer + * @param input_name_type type of the import name buffer + * @param output_name the resulting type, release with + * gss_release_name(), independent of input_name + * + * @returns a gss_error code, see gss_display_status() about printing + * the error code. + * + * @ingroup gssapi + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_import_name(OM_uint32 *minor_status, + const gss_buffer_t input_name_buffer, + const gss_OID input_name_type, + gss_name_t *output_name) +{ + struct _gss_mechanism_name *mn; + gss_OID name_type = input_name_type; + OM_uint32 major_status, ms; + struct _gss_name *name; + struct _gss_mech_switch *m; + gss_name_t rname; + + *output_name = GSS_C_NO_NAME; + + if (input_name_buffer->length == 0) { + *minor_status = 0; + return (GSS_S_BAD_NAME); + } + + _gss_load_mech(); + + /* + * Use GSS_NT_USER_NAME as default name type. + */ + if (name_type == GSS_C_NO_OID) + name_type = GSS_C_NT_USER_NAME; + + /* + * If this is an exported name, we need to parse it to find + * the mechanism and then import it as an MN. See RFC 2743 + * section 3.2 for a description of the format. + */ + if (gss_oid_equal(name_type, GSS_C_NT_EXPORT_NAME)) { + return _gss_import_export_name(minor_status, + input_name_buffer, output_name); + } + + + *minor_status = 0; + name = calloc(1, sizeof(struct _gss_name)); + if (!name) { + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + + HEIM_SLIST_INIT(&name->gn_mn); + + major_status = _gss_copy_oid(minor_status, + name_type, &name->gn_type); + if (major_status) { + free(name); + return (GSS_S_FAILURE); + } + + major_status = _gss_copy_buffer(minor_status, + input_name_buffer, &name->gn_value); + if (major_status) + goto out; + + /* + * Walk over the mechs and import the name into a mech name + * for those supported this nametype. + */ + + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + int present = 0; + + major_status = gss_test_oid_set_member(minor_status, + name_type, m->gm_name_types, &present); + + if (major_status || present == 0) + continue; + + mn = malloc(sizeof(struct _gss_mechanism_name)); + if (!mn) { + *minor_status = ENOMEM; + major_status = GSS_S_FAILURE; + goto out; + } + + major_status = (*m->gm_mech.gm_import_name)(minor_status, + &name->gn_value, + (name->gn_type.elements + ? &name->gn_type : GSS_C_NO_OID), + &mn->gmn_name); + if (major_status != GSS_S_COMPLETE) { + _gss_mg_error(&m->gm_mech, major_status, *minor_status); + free(mn); + goto out; + } + + mn->gmn_mech = &m->gm_mech; + mn->gmn_mech_oid = &m->gm_mech_oid; + HEIM_SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); + } + + /* + * If we can't find a mn for the name, bail out already here. + */ + + mn = HEIM_SLIST_FIRST(&name->gn_mn); + if (!mn) { + *minor_status = 0; + major_status = GSS_S_NAME_NOT_MN; + goto out; + } + + *output_name = (gss_name_t) name; + return (GSS_S_COMPLETE); + + out: + rname = (gss_name_t)name; + gss_release_name(&ms, &rname); + return major_status; +} diff --git a/lib/gssapi/mech/gss_import_sec_context.c b/lib/gssapi/mech/gss_import_sec_context.c new file mode 100644 index 000000000000..9865db78d419 --- /dev/null +++ b/lib/gssapi/mech/gss_import_sec_context.c @@ -0,0 +1,82 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_import_sec_context.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_import_sec_context(OM_uint32 *minor_status, + const gss_buffer_t interprocess_token, + gss_ctx_id_t *context_handle) +{ + OM_uint32 major_status; + gssapi_mech_interface m; + struct _gss_context *ctx; + gss_OID_desc mech_oid; + gss_buffer_desc buf; + unsigned char *p; + size_t len; + + *minor_status = 0; + *context_handle = GSS_C_NO_CONTEXT; + + /* + * We added an oid to the front of the token in + * gss_export_sec_context. + */ + p = interprocess_token->value; + len = interprocess_token->length; + if (len < 2) + return (GSS_S_DEFECTIVE_TOKEN); + mech_oid.length = (p[0] << 8) | p[1]; + if (len < mech_oid.length + 2) + return (GSS_S_DEFECTIVE_TOKEN); + mech_oid.elements = p + 2; + buf.length = len - 2 - mech_oid.length; + buf.value = p + 2 + mech_oid.length; + + m = __gss_get_mechanism(&mech_oid); + if (!m) + return (GSS_S_DEFECTIVE_TOKEN); + + ctx = malloc(sizeof(struct _gss_context)); + if (!ctx) { + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + ctx->gc_mech = m; + major_status = m->gm_import_sec_context(minor_status, + &buf, &ctx->gc_ctx); + if (major_status != GSS_S_COMPLETE) { + _gss_mg_error(m, major_status, *minor_status); + free(ctx); + } else { + *context_handle = (gss_ctx_id_t) ctx; + } + + return (major_status); +} diff --git a/lib/gssapi/mech/gss_indicate_mechs.c b/lib/gssapi/mech/gss_indicate_mechs.c new file mode 100644 index 000000000000..8fd53d956d58 --- /dev/null +++ b/lib/gssapi/mech/gss_indicate_mechs.c @@ -0,0 +1,64 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_indicate_mechs.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_indicate_mechs(OM_uint32 *minor_status, + gss_OID_set *mech_set) +{ + struct _gss_mech_switch *m; + OM_uint32 major_status; + gss_OID_set set; + size_t i; + + _gss_load_mech(); + + major_status = gss_create_empty_oid_set(minor_status, mech_set); + if (major_status) + return (major_status); + + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + if (m->gm_mech.gm_indicate_mechs) { + major_status = m->gm_mech.gm_indicate_mechs( + minor_status, &set); + if (major_status) + continue; + for (i = 0; i < set->count; i++) + major_status = gss_add_oid_set_member( + minor_status, &set->elements[i], mech_set); + gss_release_oid_set(minor_status, &set); + } else { + major_status = gss_add_oid_set_member( + minor_status, &m->gm_mech_oid, mech_set); + } + } + + *minor_status = 0; + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_init_sec_context.c b/lib/gssapi/mech/gss_init_sec_context.c new file mode 100644 index 000000000000..af0170a50a51 --- /dev/null +++ b/lib/gssapi/mech/gss_init_sec_context.c @@ -0,0 +1,212 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_init_sec_context.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +static gss_cred_id_t +_gss_mech_cred_find(gss_cred_id_t cred_handle, gss_OID mech_type) +{ + struct _gss_cred *cred = (struct _gss_cred *)cred_handle; + struct _gss_mechanism_cred *mc; + + if (cred == NULL) + return GSS_C_NO_CREDENTIAL; + + HEIM_SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) { + if (gss_oid_equal(mech_type, mc->gmc_mech_oid)) + return mc->gmc_cred; + } + return GSS_C_NO_CREDENTIAL; +} + +/** + * As the initiator build a context with an acceptor. + * + * Returns in the major + * - GSS_S_COMPLETE - if the context if build + * - GSS_S_CONTINUE_NEEDED - if the caller needs to continue another + * round of gss_i nit_sec_context + * - error code - any other error code + * + * @param minor_status minor status code. + * + * @param initiator_cred_handle the credential to use when building + * the context, if GSS_C_NO_CREDENTIAL is passed, the default + * credential for the mechanism will be used. + * + * @param context_handle a pointer to a context handle, will be + * returned as long as there is not an error. + * + * @param target_name the target name of acceptor, created using + * gss_import_name(). The name is can be of any name types the + * mechanism supports, check supported name types with + * gss_inquire_names_for_mech(). + * + * @param input_mech_type mechanism type to use, if GSS_C_NO_OID is + * used, Kerberos (GSS_KRB5_MECHANISM) will be tried. Other + * available mechanism are listed in the @ref gssapi_mechs_intro + * section. + * + * @param req_flags flags using when building the context, see @ref + * gssapi_context_flags + * + * @param time_req time requested this context should be valid in + * seconds, common used value is GSS_C_INDEFINITE + * + * @param input_chan_bindings Channel bindings used, if not exepected + * otherwise, used GSS_C_NO_CHANNEL_BINDINGS + * + * @param input_token input token sent from the acceptor, for the + * initial packet the buffer of { NULL, 0 } should be used. + * + * @param actual_mech_type the actual mech used, MUST NOT be freed + * since it pointing to static memory. + * + * @param output_token if there is an output token, regardless of + * complete, continue_needed, or error it should be sent to the + * acceptor + * + * @param ret_flags return what flags was negotitated, caller should + * check if they are accetable. For example, if + * GSS_C_MUTUAL_FLAG was negotiated with the acceptor or not. + * + * @param time_rec amount of time this context is valid for + * + * @returns a gss_error code, see gss_display_status() about printing + * the error code. + * + * @ingroup gssapi + */ + + + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_init_sec_context(OM_uint32 * minor_status, + const gss_cred_id_t initiator_cred_handle, + gss_ctx_id_t * context_handle, + const gss_name_t target_name, + const gss_OID input_mech_type, + OM_uint32 req_flags, + OM_uint32 time_req, + const gss_channel_bindings_t input_chan_bindings, + const gss_buffer_t input_token, + gss_OID * actual_mech_type, + gss_buffer_t output_token, + OM_uint32 * ret_flags, + OM_uint32 * time_rec) +{ + OM_uint32 major_status; + gssapi_mech_interface m; + struct _gss_name *name = (struct _gss_name *) target_name; + struct _gss_mechanism_name *mn; + struct _gss_context *ctx = (struct _gss_context *) *context_handle; + gss_cred_id_t cred_handle; + int allocated_ctx; + gss_OID mech_type = input_mech_type; + + *minor_status = 0; + + _mg_buffer_zero(output_token); + if (actual_mech_type) + *actual_mech_type = GSS_C_NO_OID; + if (ret_flags) + *ret_flags = 0; + if (time_rec) + *time_rec = 0; + + /* + * If we haven't allocated a context yet, do so now and lookup + * the mechanism switch table. If we have one already, make + * sure we use the same mechanism switch as before. + */ + if (!ctx) { + if (mech_type == NULL) + mech_type = GSS_KRB5_MECHANISM; + + ctx = malloc(sizeof(struct _gss_context)); + if (!ctx) { + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + memset(ctx, 0, sizeof(struct _gss_context)); + m = ctx->gc_mech = __gss_get_mechanism(mech_type); + if (!m) { + free(ctx); + return (GSS_S_BAD_MECH); + } + allocated_ctx = 1; + } else { + m = ctx->gc_mech; + mech_type = &ctx->gc_mech->gm_mech_oid; + allocated_ctx = 0; + } + + /* + * Find the MN for this mechanism. + */ + major_status = _gss_find_mn(minor_status, name, mech_type, &mn); + if (major_status != GSS_S_COMPLETE) { + if (allocated_ctx) + free(ctx); + return major_status; + } + + /* + * If we have a cred, find the cred for this mechanism. + */ + if (m->gm_flags & GM_USE_MG_CRED) + cred_handle = initiator_cred_handle; + else + cred_handle = _gss_mech_cred_find(initiator_cred_handle, mech_type); + + major_status = m->gm_init_sec_context(minor_status, + cred_handle, + &ctx->gc_ctx, + mn->gmn_name, + mech_type, + req_flags, + time_req, + input_chan_bindings, + input_token, + actual_mech_type, + output_token, + ret_flags, + time_rec); + + if (major_status != GSS_S_COMPLETE + && major_status != GSS_S_CONTINUE_NEEDED) { + if (allocated_ctx) + free(ctx); + _mg_buffer_zero(output_token); + _gss_mg_error(m, major_status, *minor_status); + } else { + *context_handle = (gss_ctx_id_t) ctx; + } + + return (major_status); +} diff --git a/lib/gssapi/mech/gss_inquire_context.c b/lib/gssapi/mech/gss_inquire_context.c new file mode 100644 index 000000000000..2568075988f1 --- /dev/null +++ b/lib/gssapi/mech/gss_inquire_context.c @@ -0,0 +1,105 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_inquire_context.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_context(OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + gss_name_t *src_name, + gss_name_t *targ_name, + OM_uint32 *lifetime_rec, + gss_OID *mech_type, + OM_uint32 *ctx_flags, + int *locally_initiated, + int *xopen) +{ + OM_uint32 major_status; + struct _gss_context *ctx = (struct _gss_context *) context_handle; + gssapi_mech_interface m = ctx->gc_mech; + struct _gss_name *name; + gss_name_t src_mn, targ_mn; + + if (locally_initiated) + *locally_initiated = 0; + if (xopen) + *xopen = 0; + if (lifetime_rec) + *lifetime_rec = 0; + + if (src_name) + *src_name = GSS_C_NO_NAME; + if (targ_name) + *targ_name = GSS_C_NO_NAME; + if (mech_type) + *mech_type = GSS_C_NO_OID; + src_mn = targ_mn = GSS_C_NO_NAME; + + major_status = m->gm_inquire_context(minor_status, + ctx->gc_ctx, + src_name ? &src_mn : NULL, + targ_name ? &targ_mn : NULL, + lifetime_rec, + mech_type, + ctx_flags, + locally_initiated, + xopen); + + if (major_status != GSS_S_COMPLETE) { + _gss_mg_error(m, major_status, *minor_status); + return (major_status); + } + + if (src_name) { + name = _gss_make_name(m, src_mn); + if (!name) { + if (mech_type) + *mech_type = GSS_C_NO_OID; + m->gm_release_name(minor_status, &src_mn); + *minor_status = 0; + return (GSS_S_FAILURE); + } + *src_name = (gss_name_t) name; + } + + if (targ_name) { + name = _gss_make_name(m, targ_mn); + if (!name) { + if (mech_type) + *mech_type = GSS_C_NO_OID; + if (src_name) + gss_release_name(minor_status, src_name); + m->gm_release_name(minor_status, &targ_mn); + *minor_status = 0; + return (GSS_S_FAILURE); + } + *targ_name = (gss_name_t) name; + } + + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_inquire_cred.c b/lib/gssapi/mech/gss_inquire_cred.c new file mode 100644 index 000000000000..1db0f233033c --- /dev/null +++ b/lib/gssapi/mech/gss_inquire_cred.c @@ -0,0 +1,195 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_inquire_cred.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +#define AUSAGE 1 +#define IUSAGE 2 + +static void +updateusage(gss_cred_usage_t usage, int *usagemask) +{ + if (usage == GSS_C_BOTH) + *usagemask |= AUSAGE | IUSAGE; + else if (usage == GSS_C_ACCEPT) + *usagemask |= AUSAGE; + else if (usage == GSS_C_INITIATE) + *usagemask |= IUSAGE; +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_cred(OM_uint32 *minor_status, + const gss_cred_id_t cred_handle, + gss_name_t *name_ret, + OM_uint32 *lifetime, + gss_cred_usage_t *cred_usage, + gss_OID_set *mechanisms) +{ + OM_uint32 major_status; + struct _gss_mech_switch *m; + struct _gss_cred *cred = (struct _gss_cred *) cred_handle; + struct _gss_name *name; + struct _gss_mechanism_name *mn; + OM_uint32 min_lifetime; + int found = 0; + int usagemask = 0; + gss_cred_usage_t usage; + + _gss_load_mech(); + + *minor_status = 0; + if (name_ret) + *name_ret = GSS_C_NO_NAME; + if (lifetime) + *lifetime = 0; + if (cred_usage) + *cred_usage = 0; + if (mechanisms) + *mechanisms = GSS_C_NO_OID_SET; + + if (name_ret) { + name = calloc(1, sizeof(*name)); + if (name == NULL) { + *minor_status = ENOMEM; + return (GSS_S_FAILURE); + } + HEIM_SLIST_INIT(&name->gn_mn); + } else { + name = NULL; + } + + if (mechanisms) { + major_status = gss_create_empty_oid_set(minor_status, + mechanisms); + if (major_status) { + if (name) free(name); + return (major_status); + } + } + + min_lifetime = GSS_C_INDEFINITE; + if (cred) { + struct _gss_mechanism_cred *mc; + + HEIM_SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) { + gss_name_t mc_name; + OM_uint32 mc_lifetime; + + major_status = mc->gmc_mech->gm_inquire_cred(minor_status, + mc->gmc_cred, &mc_name, &mc_lifetime, &usage, NULL); + if (major_status) + continue; + + updateusage(usage, &usagemask); + if (name) { + mn = malloc(sizeof(struct _gss_mechanism_name)); + if (!mn) { + mc->gmc_mech->gm_release_name(minor_status, + &mc_name); + continue; + } + mn->gmn_mech = mc->gmc_mech; + mn->gmn_mech_oid = mc->gmc_mech_oid; + mn->gmn_name = mc_name; + HEIM_SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); + } else { + mc->gmc_mech->gm_release_name(minor_status, + &mc_name); + } + + if (mc_lifetime < min_lifetime) + min_lifetime = mc_lifetime; + + if (mechanisms) + gss_add_oid_set_member(minor_status, + mc->gmc_mech_oid, mechanisms); + found++; + } + } else { + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + gss_name_t mc_name; + OM_uint32 mc_lifetime; + + major_status = m->gm_mech.gm_inquire_cred(minor_status, + GSS_C_NO_CREDENTIAL, &mc_name, &mc_lifetime, + &usage, NULL); + if (major_status) + continue; + + updateusage(usage, &usagemask); + if (name && mc_name) { + mn = malloc( + sizeof(struct _gss_mechanism_name)); + if (!mn) { + m->gm_mech.gm_release_name( + minor_status, &mc_name); + continue; + } + mn->gmn_mech = &m->gm_mech; + mn->gmn_mech_oid = &m->gm_mech_oid; + mn->gmn_name = mc_name; + HEIM_SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); + } else if (mc_name) { + m->gm_mech.gm_release_name(minor_status, + &mc_name); + } + + if (mc_lifetime < min_lifetime) + min_lifetime = mc_lifetime; + + if (mechanisms) + gss_add_oid_set_member(minor_status, + &m->gm_mech_oid, mechanisms); + found++; + } + } + + if (found == 0) { + gss_name_t n = (gss_name_t)name; + if (n) + gss_release_name(minor_status, &n); + gss_release_oid_set(minor_status, mechanisms); + *minor_status = 0; + return (GSS_S_NO_CRED); + } + + *minor_status = 0; + if (name_ret) + *name_ret = (gss_name_t) name; + if (lifetime) + *lifetime = min_lifetime; + if (cred_usage) { + if ((usagemask & (AUSAGE|IUSAGE)) == (AUSAGE|IUSAGE)) + *cred_usage = GSS_C_BOTH; + else if (usagemask & IUSAGE) + *cred_usage = GSS_C_INITIATE; + else if (usagemask & AUSAGE) + *cred_usage = GSS_C_ACCEPT; + } + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_inquire_cred_by_mech.c b/lib/gssapi/mech/gss_inquire_cred_by_mech.c new file mode 100644 index 000000000000..e7746e46578d --- /dev/null +++ b/lib/gssapi/mech/gss_inquire_cred_by_mech.c @@ -0,0 +1,92 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_inquire_cred_by_mech.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_cred_by_mech(OM_uint32 *minor_status, + const gss_cred_id_t cred_handle, + const gss_OID mech_type, + gss_name_t *cred_name, + OM_uint32 *initiator_lifetime, + OM_uint32 *acceptor_lifetime, + gss_cred_usage_t *cred_usage) +{ + OM_uint32 major_status; + gssapi_mech_interface m; + struct _gss_mechanism_cred *mcp; + gss_cred_id_t mc; + gss_name_t mn; + struct _gss_name *name; + + *minor_status = 0; + if (cred_name) + *cred_name = GSS_C_NO_NAME; + if (initiator_lifetime) + *initiator_lifetime = 0; + if (acceptor_lifetime) + *acceptor_lifetime = 0; + if (cred_usage) + *cred_usage = 0; + + m = __gss_get_mechanism(mech_type); + if (!m) + return (GSS_S_NO_CRED); + + if (cred_handle != GSS_C_NO_CREDENTIAL) { + struct _gss_cred *cred = (struct _gss_cred *) cred_handle; + HEIM_SLIST_FOREACH(mcp, &cred->gc_mc, gmc_link) + if (mcp->gmc_mech == m) + break; + if (!mcp) + return (GSS_S_NO_CRED); + mc = mcp->gmc_cred; + } else { + mc = GSS_C_NO_CREDENTIAL; + } + + major_status = m->gm_inquire_cred_by_mech(minor_status, mc, mech_type, + &mn, initiator_lifetime, acceptor_lifetime, cred_usage); + if (major_status != GSS_S_COMPLETE) { + _gss_mg_error(m, major_status, *minor_status); + return (major_status); + } + + if (cred_name) { + name = _gss_make_name(m, mn); + if (!name) { + m->gm_release_name(minor_status, &mn); + return (GSS_S_NO_CRED); + } + *cred_name = (gss_name_t) name; + } else + m->gm_release_name(minor_status, &mn); + + + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_inquire_cred_by_oid.c b/lib/gssapi/mech/gss_inquire_cred_by_oid.c new file mode 100644 index 000000000000..e674dd48f3e4 --- /dev/null +++ b/lib/gssapi/mech/gss_inquire_cred_by_oid.c @@ -0,0 +1,86 @@ +/* + * Copyright (c) 2004, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_cred_by_oid (OM_uint32 *minor_status, + const gss_cred_id_t cred_handle, + const gss_OID desired_object, + gss_buffer_set_t *data_set) +{ + struct _gss_cred *cred = (struct _gss_cred *) cred_handle; + OM_uint32 status = GSS_S_COMPLETE; + struct _gss_mechanism_cred *mc; + gssapi_mech_interface m; + gss_buffer_set_t set = GSS_C_NO_BUFFER_SET; + + *minor_status = 0; + *data_set = GSS_C_NO_BUFFER_SET; + + if (cred == NULL) + return GSS_S_NO_CRED; + + HEIM_SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) { + gss_buffer_set_t rset = GSS_C_NO_BUFFER_SET; + size_t i; + + m = mc->gmc_mech; + if (m == NULL) { + gss_release_buffer_set(minor_status, &set); + *minor_status = 0; + return GSS_S_BAD_MECH; + } + + if (m->gm_inquire_cred_by_oid == NULL) + continue; + + status = m->gm_inquire_cred_by_oid(minor_status, + mc->gmc_cred, desired_object, &rset); + if (status != GSS_S_COMPLETE) + continue; + + for (i = 0; i < rset->count; i++) { + status = gss_add_buffer_set_member(minor_status, + &rset->elements[i], &set); + if (status != GSS_S_COMPLETE) + break; + } + gss_release_buffer_set(minor_status, &rset); + } + if (set == GSS_C_NO_BUFFER_SET) + status = GSS_S_FAILURE; + *data_set = set; + *minor_status = 0; + return status; +} + diff --git a/lib/gssapi/mech/gss_inquire_mechs_for_name.c b/lib/gssapi/mech/gss_inquire_mechs_for_name.c new file mode 100644 index 000000000000..f8eab82dc1cd --- /dev/null +++ b/lib/gssapi/mech/gss_inquire_mechs_for_name.c @@ -0,0 +1,76 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_inquire_mechs_for_name.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_mechs_for_name(OM_uint32 *minor_status, + const gss_name_t input_name, + gss_OID_set *mech_types) +{ + OM_uint32 major_status; + struct _gss_name *name = (struct _gss_name *) input_name; + struct _gss_mech_switch *m; + gss_OID_set name_types; + int present; + + *minor_status = 0; + + _gss_load_mech(); + + major_status = gss_create_empty_oid_set(minor_status, mech_types); + if (major_status) + return (major_status); + + /* + * We go through all the loaded mechanisms and see if this + * name's type is supported by the mechanism. If it is, add + * the mechanism to the set. + */ + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + major_status = gss_inquire_names_for_mech(minor_status, + &m->gm_mech_oid, &name_types); + if (major_status) { + gss_release_oid_set(minor_status, mech_types); + return (major_status); + } + gss_test_oid_set_member(minor_status, + &name->gn_type, name_types, &present); + gss_release_oid_set(minor_status, &name_types); + if (present) { + major_status = gss_add_oid_set_member(minor_status, + &m->gm_mech_oid, mech_types); + if (major_status) { + gss_release_oid_set(minor_status, mech_types); + return (major_status); + } + } + } + + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_inquire_name.c b/lib/gssapi/mech/gss_inquire_name.c new file mode 100644 index 000000000000..10acaaae19c7 --- /dev/null +++ b/lib/gssapi/mech/gss_inquire_name.c @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2010, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_name(OM_uint32 *minor_status, + gss_name_t input_name, + int *name_is_MN, + gss_OID *MN_mech, + gss_buffer_set_t *attrs) +{ + OM_uint32 major_status = GSS_S_UNAVAILABLE; + struct _gss_name *name = (struct _gss_name *) input_name; + struct _gss_mechanism_name *mn; + + *minor_status = 0; + if (name_is_MN != NULL) + *name_is_MN = 0; + if (MN_mech != NULL) + *MN_mech = GSS_C_NO_OID; + if (attrs != NULL) + *attrs = GSS_C_NO_BUFFER_SET; + + if (input_name == GSS_C_NO_NAME) + return GSS_S_BAD_NAME; + + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { + gssapi_mech_interface m = mn->gmn_mech; + + if (!m->gm_inquire_name) + continue; + + major_status = m->gm_inquire_name(minor_status, + mn->gmn_name, + NULL, + MN_mech, + attrs); + if (major_status == GSS_S_COMPLETE) { + if (name_is_MN != NULL) + *name_is_MN = 1; + if (MN_mech != NULL && *MN_mech == GSS_C_NO_OID) + *MN_mech = &m->gm_mech_oid; + break; + } + _gss_mg_error(m, major_status, *minor_status); + } + + return major_status; +} diff --git a/lib/gssapi/mech/gss_inquire_names_for_mech.c b/lib/gssapi/mech/gss_inquire_names_for_mech.c new file mode 100644 index 000000000000..595ab737f967 --- /dev/null +++ b/lib/gssapi/mech/gss_inquire_names_for_mech.c @@ -0,0 +1,73 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_inquire_names_for_mech.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_names_for_mech(OM_uint32 *minor_status, + const gss_OID mechanism, + gss_OID_set *name_types) +{ + OM_uint32 major_status; + gssapi_mech_interface m = __gss_get_mechanism(mechanism); + + *minor_status = 0; + *name_types = GSS_C_NO_OID_SET; + if (!m) + return (GSS_S_BAD_MECH); + + /* + * If the implementation can do it, ask it for a list of + * names, otherwise fake it. + */ + if (m->gm_inquire_names_for_mech) { + return (m->gm_inquire_names_for_mech(minor_status, + mechanism, name_types)); + } else { + major_status = gss_create_empty_oid_set(minor_status, + name_types); + if (major_status) + return (major_status); + major_status = gss_add_oid_set_member(minor_status, + GSS_C_NT_HOSTBASED_SERVICE, name_types); + if (major_status) { + OM_uint32 junk; + gss_release_oid_set(&junk, name_types); + return (major_status); + } + major_status = gss_add_oid_set_member(minor_status, + GSS_C_NT_USER_NAME, name_types); + if (major_status) { + OM_uint32 junk; + gss_release_oid_set(&junk, name_types); + return (major_status); + } + } + + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_inquire_sec_context_by_oid.c b/lib/gssapi/mech/gss_inquire_sec_context_by_oid.c new file mode 100644 index 000000000000..cc6e5c9cb6e2 --- /dev/null +++ b/lib/gssapi/mech/gss_inquire_sec_context_by_oid.c @@ -0,0 +1,70 @@ +/* + * Copyright (c) 2004, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_sec_context_by_oid (OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + const gss_OID desired_object, + gss_buffer_set_t *data_set) +{ + struct _gss_context *ctx = (struct _gss_context *) context_handle; + OM_uint32 major_status; + gssapi_mech_interface m; + + *minor_status = 0; + *data_set = GSS_C_NO_BUFFER_SET; + if (ctx == NULL) + return GSS_S_NO_CONTEXT; + + /* + * select the approprate underlying mechanism routine and + * call it. + */ + + m = ctx->gc_mech; + + if (m == NULL) + return GSS_S_BAD_MECH; + + if (m->gm_inquire_sec_context_by_oid != NULL) { + major_status = m->gm_inquire_sec_context_by_oid(minor_status, + ctx->gc_ctx, desired_object, data_set); + if (major_status != GSS_S_COMPLETE) + _gss_mg_error(m, major_status, *minor_status); + } else + major_status = GSS_S_BAD_MECH; + + return major_status; +} + diff --git a/lib/gssapi/mech/gss_krb5.c b/lib/gssapi/mech/gss_krb5.c new file mode 100644 index 000000000000..fe88a384b5f1 --- /dev/null +++ b/lib/gssapi/mech/gss_krb5.c @@ -0,0 +1,941 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_krb5.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +#include +#include + + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_krb5_copy_ccache(OM_uint32 *minor_status, + gss_cred_id_t cred, + krb5_ccache out) +{ + gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET; + krb5_context context; + krb5_error_code kret; + krb5_ccache id; + OM_uint32 ret; + char *str = NULL; + + ret = gss_inquire_cred_by_oid(minor_status, + cred, + GSS_KRB5_COPY_CCACHE_X, + &data_set); + if (ret) + return ret; + + if (data_set == GSS_C_NO_BUFFER_SET || data_set->count < 1) { + gss_release_buffer_set(minor_status, &data_set); + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + kret = krb5_init_context(&context); + if (kret) { + *minor_status = kret; + gss_release_buffer_set(minor_status, &data_set); + return GSS_S_FAILURE; + } + + kret = asprintf(&str, "%.*s", (int)data_set->elements[0].length, + (char *)data_set->elements[0].value); + gss_release_buffer_set(minor_status, &data_set); + if (kret < 0 || str == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + kret = krb5_cc_resolve(context, str, &id); + free(str); + if (kret) { + *minor_status = kret; + return GSS_S_FAILURE; + } + + kret = krb5_cc_copy_cache(context, id, out); + krb5_cc_close(context, id); + krb5_free_context(context); + if (kret) { + *minor_status = kret; + return GSS_S_FAILURE; + } + + return ret; +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_krb5_import_cred(OM_uint32 *minor_status, + krb5_ccache id, + krb5_principal keytab_principal, + krb5_keytab keytab, + gss_cred_id_t *cred) +{ + gss_buffer_desc buffer; + OM_uint32 major_status; + krb5_context context; + krb5_error_code ret; + krb5_storage *sp; + krb5_data data; + char *str; + + *cred = GSS_C_NO_CREDENTIAL; + + ret = krb5_init_context(&context); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + sp = krb5_storage_emem(); + if (sp == NULL) { + *minor_status = ENOMEM; + major_status = GSS_S_FAILURE; + goto out; + } + + if (id) { + ret = krb5_cc_get_full_name(context, id, &str); + if (ret == 0) { + ret = krb5_store_string(sp, str); + free(str); + } + } else + ret = krb5_store_string(sp, ""); + if (ret) { + *minor_status = ret; + major_status = GSS_S_FAILURE; + goto out; + } + + if (keytab_principal) { + ret = krb5_unparse_name(context, keytab_principal, &str); + if (ret == 0) { + ret = krb5_store_string(sp, str); + free(str); + } + } else + krb5_store_string(sp, ""); + if (ret) { + *minor_status = ret; + major_status = GSS_S_FAILURE; + goto out; + } + + + if (keytab) { + ret = krb5_kt_get_full_name(context, keytab, &str); + if (ret == 0) { + ret = krb5_store_string(sp, str); + free(str); + } + } else + krb5_store_string(sp, ""); + if (ret) { + *minor_status = ret; + major_status = GSS_S_FAILURE; + goto out; + } + + ret = krb5_storage_to_data(sp, &data); + if (ret) { + *minor_status = ret; + major_status = GSS_S_FAILURE; + goto out; + } + + buffer.value = data.data; + buffer.length = data.length; + + major_status = gss_set_cred_option(minor_status, + cred, + GSS_KRB5_IMPORT_CRED_X, + &buffer); + krb5_data_free(&data); +out: + if (sp) + krb5_storage_free(sp); + krb5_free_context(context); + return major_status; +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_register_acceptor_identity(const char *identity) +{ + gssapi_mech_interface m; + gss_buffer_desc buffer; + OM_uint32 junk; + + _gss_load_mech(); + + buffer.value = rk_UNCONST(identity); + buffer.length = strlen(identity); + + m = __gss_get_mechanism(GSS_KRB5_MECHANISM); + if (m == NULL || m->gm_set_sec_context_option == NULL) + return GSS_S_FAILURE; + + return m->gm_set_sec_context_option(&junk, NULL, + GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X, &buffer); +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +krb5_gss_register_acceptor_identity(const char *identity) +{ + return gsskrb5_register_acceptor_identity(identity); +} + + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_set_dns_canonicalize(int flag) +{ + struct _gss_mech_switch *m; + gss_buffer_desc buffer; + OM_uint32 junk; + char b = (flag != 0); + + _gss_load_mech(); + + buffer.value = &b; + buffer.length = sizeof(b); + + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + if (m->gm_mech.gm_set_sec_context_option == NULL) + continue; + m->gm_mech.gm_set_sec_context_option(&junk, NULL, + GSS_KRB5_SET_DNS_CANONICALIZE_X, &buffer); + } + + return (GSS_S_COMPLETE); +} + + + +static krb5_error_code +set_key(krb5_keyblock *keyblock, gss_krb5_lucid_key_t *key) +{ + key->type = keyblock->keytype; + key->length = keyblock->keyvalue.length; + key->data = malloc(key->length); + if (key->data == NULL && key->length != 0) + return ENOMEM; + memcpy(key->data, keyblock->keyvalue.data, key->length); + return 0; +} + +static void +free_key(gss_krb5_lucid_key_t *key) +{ + memset(key->data, 0, key->length); + free(key->data); + memset(key, 0, sizeof(*key)); +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_krb5_export_lucid_sec_context(OM_uint32 *minor_status, + gss_ctx_id_t *context_handle, + OM_uint32 version, + void **rctx) +{ + krb5_context context = NULL; + krb5_error_code ret; + gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET; + OM_uint32 major_status; + gss_krb5_lucid_context_v1_t *ctx = NULL; + krb5_storage *sp = NULL; + uint32_t num; + + if (context_handle == NULL + || *context_handle == GSS_C_NO_CONTEXT + || version != 1) + { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + major_status = + gss_inquire_sec_context_by_oid (minor_status, + *context_handle, + GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X, + &data_set); + if (major_status) + return major_status; + + if (data_set == GSS_C_NO_BUFFER_SET || data_set->count != 1) { + gss_release_buffer_set(minor_status, &data_set); + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + ret = krb5_init_context(&context); + if (ret) + goto out; + + ctx = calloc(1, sizeof(*ctx)); + if (ctx == NULL) { + ret = ENOMEM; + goto out; + } + + sp = krb5_storage_from_mem(data_set->elements[0].value, + data_set->elements[0].length); + if (sp == NULL) { + ret = ENOMEM; + goto out; + } + + ret = krb5_ret_uint32(sp, &num); + if (ret) goto out; + if (num != 1) { + ret = EINVAL; + goto out; + } + ctx->version = 1; + /* initiator */ + ret = krb5_ret_uint32(sp, &ctx->initiate); + if (ret) goto out; + /* endtime */ + ret = krb5_ret_uint32(sp, &ctx->endtime); + if (ret) goto out; + /* send_seq */ + ret = krb5_ret_uint32(sp, &num); + if (ret) goto out; + ctx->send_seq = ((uint64_t)num) << 32; + ret = krb5_ret_uint32(sp, &num); + if (ret) goto out; + ctx->send_seq |= num; + /* recv_seq */ + ret = krb5_ret_uint32(sp, &num); + if (ret) goto out; + ctx->recv_seq = ((uint64_t)num) << 32; + ret = krb5_ret_uint32(sp, &num); + if (ret) goto out; + ctx->recv_seq |= num; + /* protocol */ + ret = krb5_ret_uint32(sp, &ctx->protocol); + if (ret) goto out; + if (ctx->protocol == 0) { + krb5_keyblock key; + + /* sign_alg */ + ret = krb5_ret_uint32(sp, &ctx->rfc1964_kd.sign_alg); + if (ret) goto out; + /* seal_alg */ + ret = krb5_ret_uint32(sp, &ctx->rfc1964_kd.seal_alg); + if (ret) goto out; + /* ctx_key */ + ret = krb5_ret_keyblock(sp, &key); + if (ret) goto out; + ret = set_key(&key, &ctx->rfc1964_kd.ctx_key); + krb5_free_keyblock_contents(context, &key); + if (ret) goto out; + } else if (ctx->protocol == 1) { + krb5_keyblock key; + + /* acceptor_subkey */ + ret = krb5_ret_uint32(sp, &ctx->cfx_kd.have_acceptor_subkey); + if (ret) goto out; + /* ctx_key */ + ret = krb5_ret_keyblock(sp, &key); + if (ret) goto out; + ret = set_key(&key, &ctx->cfx_kd.ctx_key); + krb5_free_keyblock_contents(context, &key); + if (ret) goto out; + /* acceptor_subkey */ + if (ctx->cfx_kd.have_acceptor_subkey) { + ret = krb5_ret_keyblock(sp, &key); + if (ret) goto out; + ret = set_key(&key, &ctx->cfx_kd.acceptor_subkey); + krb5_free_keyblock_contents(context, &key); + if (ret) goto out; + } + } else { + ret = EINVAL; + goto out; + } + + *rctx = ctx; + +out: + gss_release_buffer_set(minor_status, &data_set); + if (sp) + krb5_storage_free(sp); + if (context) + krb5_free_context(context); + + if (ret) { + if (ctx) + gss_krb5_free_lucid_sec_context(NULL, ctx); + + *minor_status = ret; + return GSS_S_FAILURE; + } + *minor_status = 0; + return GSS_S_COMPLETE; +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_krb5_free_lucid_sec_context(OM_uint32 *minor_status, void *c) +{ + gss_krb5_lucid_context_v1_t *ctx = c; + + if (ctx->version != 1) { + if (minor_status) + *minor_status = 0; + return GSS_S_FAILURE; + } + + if (ctx->protocol == 0) { + free_key(&ctx->rfc1964_kd.ctx_key); + } else if (ctx->protocol == 1) { + free_key(&ctx->cfx_kd.ctx_key); + if (ctx->cfx_kd.have_acceptor_subkey) + free_key(&ctx->cfx_kd.acceptor_subkey); + } + free(ctx); + if (minor_status) + *minor_status = 0; + return GSS_S_COMPLETE; +} + +/* + * + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_krb5_set_allowable_enctypes(OM_uint32 *minor_status, + gss_cred_id_t cred, + OM_uint32 num_enctypes, + int32_t *enctypes) +{ + krb5_error_code ret; + OM_uint32 maj_status; + gss_buffer_desc buffer; + krb5_storage *sp; + krb5_data data; + size_t i; + + sp = krb5_storage_emem(); + if (sp == NULL) { + *minor_status = ENOMEM; + maj_status = GSS_S_FAILURE; + goto out; + } + + for (i = 0; i < num_enctypes; i++) { + ret = krb5_store_int32(sp, enctypes[i]); + if (ret) { + *minor_status = ret; + maj_status = GSS_S_FAILURE; + goto out; + } + } + + ret = krb5_storage_to_data(sp, &data); + if (ret) { + *minor_status = ret; + maj_status = GSS_S_FAILURE; + goto out; + } + + buffer.value = data.data; + buffer.length = data.length; + + maj_status = gss_set_cred_option(minor_status, + &cred, + GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X, + &buffer); + krb5_data_free(&data); +out: + if (sp) + krb5_storage_free(sp); + return maj_status; +} + +/* + * + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_set_send_to_kdc(struct gsskrb5_send_to_kdc *c) +{ + struct _gss_mech_switch *m; + gss_buffer_desc buffer; + OM_uint32 junk; + + _gss_load_mech(); + + if (c) { + buffer.value = c; + buffer.length = sizeof(*c); + } else { + buffer.value = NULL; + buffer.length = 0; + } + + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + if (m->gm_mech.gm_set_sec_context_option == NULL) + continue; + m->gm_mech.gm_set_sec_context_option(&junk, NULL, + GSS_KRB5_SEND_TO_KDC_X, &buffer); + } + + return (GSS_S_COMPLETE); +} + +/* + * + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_krb5_ccache_name(OM_uint32 *minor_status, + const char *name, + const char **out_name) +{ + struct _gss_mech_switch *m; + gss_buffer_desc buffer; + OM_uint32 junk; + + _gss_load_mech(); + + if (out_name) + *out_name = NULL; + + buffer.value = rk_UNCONST(name); + buffer.length = strlen(name); + + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + if (m->gm_mech.gm_set_sec_context_option == NULL) + continue; + m->gm_mech.gm_set_sec_context_option(&junk, NULL, + GSS_KRB5_CCACHE_NAME_X, &buffer); + } + + return (GSS_S_COMPLETE); +} + + +/* + * + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_extract_authtime_from_sec_context(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + time_t *authtime) +{ + gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET; + OM_uint32 maj_stat; + + if (context_handle == GSS_C_NO_CONTEXT) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + maj_stat = + gss_inquire_sec_context_by_oid (minor_status, + context_handle, + GSS_KRB5_GET_AUTHTIME_X, + &data_set); + if (maj_stat) + return maj_stat; + + if (data_set == GSS_C_NO_BUFFER_SET) { + gss_release_buffer_set(minor_status, &data_set); + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + if (data_set->count != 1) { + gss_release_buffer_set(minor_status, &data_set); + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + if (data_set->elements[0].length != 4) { + gss_release_buffer_set(minor_status, &data_set); + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + { + unsigned char *buf = data_set->elements[0].value; + *authtime = (buf[3] <<24) | (buf[2] << 16) | + (buf[1] << 8) | (buf[0] << 0); + } + + gss_release_buffer_set(minor_status, &data_set); + + *minor_status = 0; + return GSS_S_COMPLETE; +} + +/* + * + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_extract_authz_data_from_sec_context(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int ad_type, + gss_buffer_t ad_data) +{ + gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET; + OM_uint32 maj_stat; + gss_OID_desc oid_flat; + heim_oid baseoid, oid; + size_t size; + + if (context_handle == GSS_C_NO_CONTEXT) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + /* All this to append an integer to an oid... */ + + if (der_get_oid(GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X->elements, + GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X->length, + &baseoid, NULL) != 0) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + oid.length = baseoid.length + 1; + oid.components = calloc(oid.length, sizeof(*oid.components)); + if (oid.components == NULL) { + der_free_oid(&baseoid); + + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + memcpy(oid.components, baseoid.components, + baseoid.length * sizeof(*baseoid.components)); + + der_free_oid(&baseoid); + + oid.components[oid.length - 1] = ad_type; + + oid_flat.length = der_length_oid(&oid); + oid_flat.elements = malloc(oid_flat.length); + if (oid_flat.elements == NULL) { + free(oid.components); + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + if (der_put_oid((unsigned char *)oid_flat.elements + oid_flat.length - 1, + oid_flat.length, &oid, &size) != 0) { + free(oid.components); + free(oid_flat.elements); + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + if (oid_flat.length != size) + abort(); + + free(oid.components); + + /* FINALLY, we have the OID */ + + maj_stat = gss_inquire_sec_context_by_oid (minor_status, + context_handle, + &oid_flat, + &data_set); + + free(oid_flat.elements); + + if (maj_stat) + return maj_stat; + + if (data_set == GSS_C_NO_BUFFER_SET || data_set->count != 1) { + gss_release_buffer_set(minor_status, &data_set); + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + ad_data->value = malloc(data_set->elements[0].length); + if (ad_data->value == NULL) { + gss_release_buffer_set(minor_status, &data_set); + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + ad_data->length = data_set->elements[0].length; + memcpy(ad_data->value, data_set->elements[0].value, ad_data->length); + gss_release_buffer_set(minor_status, &data_set); + + *minor_status = 0; + return GSS_S_COMPLETE; +} + +/* + * + */ + +static OM_uint32 +gsskrb5_extract_key(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + const gss_OID oid, + krb5_keyblock **keyblock) +{ + krb5_error_code ret; + gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET; + OM_uint32 major_status; + krb5_context context = NULL; + krb5_storage *sp = NULL; + + if (context_handle == GSS_C_NO_CONTEXT) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + ret = krb5_init_context(&context); + if(ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + major_status = + gss_inquire_sec_context_by_oid (minor_status, + context_handle, + oid, + &data_set); + if (major_status) + return major_status; + + if (data_set == GSS_C_NO_BUFFER_SET || data_set->count != 1) { + gss_release_buffer_set(minor_status, &data_set); + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + sp = krb5_storage_from_mem(data_set->elements[0].value, + data_set->elements[0].length); + if (sp == NULL) { + ret = ENOMEM; + goto out; + } + + *keyblock = calloc(1, sizeof(**keyblock)); + if (keyblock == NULL) { + ret = ENOMEM; + goto out; + } + + ret = krb5_ret_keyblock(sp, *keyblock); + +out: + gss_release_buffer_set(minor_status, &data_set); + if (sp) + krb5_storage_free(sp); + if (ret && keyblock) { + krb5_free_keyblock(context, *keyblock); + *keyblock = NULL; + } + if (context) + krb5_free_context(context); + + *minor_status = ret; + if (ret) + return GSS_S_FAILURE; + + return GSS_S_COMPLETE; +} + +/* + * + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_extract_service_keyblock(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + krb5_keyblock **keyblock) +{ + return gsskrb5_extract_key(minor_status, + context_handle, + GSS_KRB5_GET_SERVICE_KEYBLOCK_X, + keyblock); +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_get_initiator_subkey(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + krb5_keyblock **keyblock) +{ + return gsskrb5_extract_key(minor_status, + context_handle, + GSS_KRB5_GET_INITIATOR_SUBKEY_X, + keyblock); +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_get_subkey(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + krb5_keyblock **keyblock) +{ + return gsskrb5_extract_key(minor_status, + context_handle, + GSS_KRB5_GET_SUBKEY_X, + keyblock); +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_set_default_realm(const char *realm) +{ + struct _gss_mech_switch *m; + gss_buffer_desc buffer; + OM_uint32 junk; + + _gss_load_mech(); + + buffer.value = rk_UNCONST(realm); + buffer.length = strlen(realm); + + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + if (m->gm_mech.gm_set_sec_context_option == NULL) + continue; + m->gm_mech.gm_set_sec_context_option(&junk, NULL, + GSS_KRB5_SET_DEFAULT_REALM_X, &buffer); + } + + return (GSS_S_COMPLETE); +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_krb5_get_tkt_flags(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + OM_uint32 *tkt_flags) +{ + + OM_uint32 major_status; + gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET; + + if (context_handle == GSS_C_NO_CONTEXT) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + major_status = + gss_inquire_sec_context_by_oid (minor_status, + context_handle, + GSS_KRB5_GET_TKT_FLAGS_X, + &data_set); + if (major_status) + return major_status; + + if (data_set == GSS_C_NO_BUFFER_SET || + data_set->count != 1 || + data_set->elements[0].length < 4) { + gss_release_buffer_set(minor_status, &data_set); + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + { + const u_char *p = data_set->elements[0].value; + *tkt_flags = (p[0] << 0) | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); + } + + gss_release_buffer_set(minor_status, &data_set); + return GSS_S_COMPLETE; +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_set_time_offset(int offset) +{ + struct _gss_mech_switch *m; + gss_buffer_desc buffer; + OM_uint32 junk; + int32_t o = offset; + + _gss_load_mech(); + + buffer.value = &o; + buffer.length = sizeof(o); + + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + if (m->gm_mech.gm_set_sec_context_option == NULL) + continue; + m->gm_mech.gm_set_sec_context_option(&junk, NULL, + GSS_KRB5_SET_TIME_OFFSET_X, &buffer); + } + + return (GSS_S_COMPLETE); +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_get_time_offset(int *offset) +{ + struct _gss_mech_switch *m; + gss_buffer_desc buffer; + OM_uint32 maj_stat, junk; + int32_t o; + + _gss_load_mech(); + + buffer.value = &o; + buffer.length = sizeof(o); + + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + if (m->gm_mech.gm_set_sec_context_option == NULL) + continue; + maj_stat = m->gm_mech.gm_set_sec_context_option(&junk, NULL, + GSS_KRB5_GET_TIME_OFFSET_X, &buffer); + + if (maj_stat == GSS_S_COMPLETE) { + *offset = o; + return maj_stat; + } + } + + return (GSS_S_UNAVAILABLE); +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gsskrb5_plugin_register(struct gsskrb5_krb5_plugin *c) +{ + struct _gss_mech_switch *m; + gss_buffer_desc buffer; + OM_uint32 junk; + + _gss_load_mech(); + + buffer.value = c; + buffer.length = sizeof(*c); + + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + if (m->gm_mech.gm_set_sec_context_option == NULL) + continue; + m->gm_mech.gm_set_sec_context_option(&junk, NULL, + GSS_KRB5_PLUGIN_REGISTER_X, &buffer); + } + + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_mech_switch.c b/lib/gssapi/mech/gss_mech_switch.c new file mode 100644 index 000000000000..55e01094ff91 --- /dev/null +++ b/lib/gssapi/mech/gss_mech_switch.c @@ -0,0 +1,438 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_mech_switch.c,v 1.2 2006/02/04 09:40:21 dfr Exp $ + */ + +#include "mech_locl.h" +#include + +#ifndef _PATH_GSS_MECH +#define _PATH_GSS_MECH "/etc/gss/mech" +#endif + +struct _gss_mech_switch_list _gss_mechs = { NULL } ; +gss_OID_set _gss_mech_oids; +static HEIMDAL_MUTEX _gss_mech_mutex = HEIMDAL_MUTEX_INITIALIZER; + +/* + * Convert a string containing an OID in 'dot' form + * (e.g. 1.2.840.113554.1.2.2) to a gss_OID. + */ +static int +_gss_string_to_oid(const char* s, gss_OID oid) +{ + int number_count, i, j; + size_t byte_count; + const char *p, *q; + char *res; + + oid->length = 0; + oid->elements = NULL; + + /* + * First figure out how many numbers in the oid, then + * calculate the compiled oid size. + */ + number_count = 0; + for (p = s; p; p = q) { + q = strchr(p, '.'); + if (q) q = q + 1; + number_count++; + } + + /* + * The first two numbers are in the first byte and each + * subsequent number is encoded in a variable byte sequence. + */ + if (number_count < 2) + return (EINVAL); + + /* + * We do this in two passes. The first pass, we just figure + * out the size. Second time around, we actually encode the + * number. + */ + res = 0; + for (i = 0; i < 2; i++) { + byte_count = 0; + for (p = s, j = 0; p; p = q, j++) { + unsigned int number = 0; + + /* + * Find the end of this number. + */ + q = strchr(p, '.'); + if (q) q = q + 1; + + /* + * Read the number of of the string. Don't + * bother with anything except base ten. + */ + while (*p && *p != '.') { + number = 10 * number + (*p - '0'); + p++; + } + + /* + * Encode the number. The first two numbers + * are packed into the first byte. Subsequent + * numbers are encoded in bytes seven bits at + * a time with the last byte having the high + * bit set. + */ + if (j == 0) { + if (res) + *res = number * 40; + } else if (j == 1) { + if (res) { + *res += number; + res++; + } + byte_count++; + } else if (j >= 2) { + /* + * The number is encoded in seven bit chunks. + */ + unsigned int t; + unsigned int bytes; + + bytes = 0; + for (t = number; t; t >>= 7) + bytes++; + if (bytes == 0) bytes = 1; + while (bytes) { + if (res) { + int bit = 7*(bytes-1); + + *res = (number >> bit) & 0x7f; + if (bytes != 1) + *res |= 0x80; + res++; + } + byte_count++; + bytes--; + } + } + } + if (!res) { + res = malloc(byte_count); + if (!res) + return (ENOMEM); + oid->length = byte_count; + oid->elements = res; + } + } + + return (0); +} + +#define SYM(name) \ +do { \ + m->gm_mech.gm_ ## name = dlsym(so, "gss_" #name); \ + if (!m->gm_mech.gm_ ## name || \ + m->gm_mech.gm_ ##name == gss_ ## name) { \ + fprintf(stderr, "can't find symbol gss_" #name "\n"); \ + goto bad; \ + } \ +} while (0) + +#define OPTSYM(name) \ +do { \ + m->gm_mech.gm_ ## name = dlsym(so, "gss_" #name); \ + if (m->gm_mech.gm_ ## name == gss_ ## name) \ + m->gm_mech.gm_ ## name = NULL; \ +} while (0) + +#define OPTSPISYM(name) \ +do { \ + m->gm_mech.gm_ ## name = dlsym(so, "gssspi_" #name); \ +} while (0) + +#define COMPATSYM(name) \ +do { \ + m->gm_mech.gm_compat->gmc_ ## name = dlsym(so, "gss_" #name); \ + if (m->gm_mech.gm_compat->gmc_ ## name == gss_ ## name) \ + m->gm_mech.gm_compat->gmc_ ## name = NULL; \ +} while (0) + +#define COMPATSPISYM(name) \ +do { \ + m->gm_mech.gm_compat->gmc_ ## name = dlsym(so, "gssspi_" #name);\ + if (m->gm_mech.gm_compat->gmc_ ## name == gss_ ## name) \ + m->gm_mech.gm_compat->gmc_ ## name = NULL; \ +} while (0) + +/* + * + */ +static int +add_builtin(gssapi_mech_interface mech) +{ + struct _gss_mech_switch *m; + OM_uint32 minor_status; + + /* not registering any mech is ok */ + if (mech == NULL) + return 0; + + m = calloc(1, sizeof(*m)); + if (m == NULL) + return ENOMEM; + m->gm_so = NULL; + m->gm_mech = *mech; + m->gm_mech_oid = mech->gm_mech_oid; /* XXX */ + gss_add_oid_set_member(&minor_status, + &m->gm_mech.gm_mech_oid, &_gss_mech_oids); + + /* pick up the oid sets of names */ + + if (m->gm_mech.gm_inquire_names_for_mech) + (*m->gm_mech.gm_inquire_names_for_mech)(&minor_status, + &m->gm_mech.gm_mech_oid, &m->gm_name_types); + + if (m->gm_name_types == NULL) + gss_create_empty_oid_set(&minor_status, &m->gm_name_types); + + HEIM_SLIST_INSERT_HEAD(&_gss_mechs, m, gm_link); + return 0; +} + +/* + * Load the mechanisms file (/etc/gss/mech). + */ +void +_gss_load_mech(void) +{ + OM_uint32 major_status, minor_status; + FILE *fp; + char buf[256]; + char *p; + char *name, *oid, *lib, *kobj; + struct _gss_mech_switch *m; + void *so; + gss_OID_desc mech_oid; + int found; + + + HEIMDAL_MUTEX_lock(&_gss_mech_mutex); + + if (HEIM_SLIST_FIRST(&_gss_mechs)) { + HEIMDAL_MUTEX_unlock(&_gss_mech_mutex); + return; + } + + major_status = gss_create_empty_oid_set(&minor_status, + &_gss_mech_oids); + if (major_status) { + HEIMDAL_MUTEX_unlock(&_gss_mech_mutex); + return; + } + + add_builtin(__gss_krb5_initialize()); + add_builtin(__gss_spnego_initialize()); + add_builtin(__gss_ntlm_initialize()); + +#ifdef HAVE_DLOPEN + fp = fopen(_PATH_GSS_MECH, "r"); + if (!fp) { + HEIMDAL_MUTEX_unlock(&_gss_mech_mutex); + return; + } + rk_cloexec_file(fp); + + while (fgets(buf, sizeof(buf), fp)) { + _gss_mo_init *mi; + + if (*buf == '#') + continue; + p = buf; + name = strsep(&p, "\t\n "); + if (p) while (isspace((unsigned char)*p)) p++; + oid = strsep(&p, "\t\n "); + if (p) while (isspace((unsigned char)*p)) p++; + lib = strsep(&p, "\t\n "); + if (p) while (isspace((unsigned char)*p)) p++; + kobj = strsep(&p, "\t\n "); + if (!name || !oid || !lib || !kobj) + continue; + + if (_gss_string_to_oid(oid, &mech_oid)) + continue; + + /* + * Check for duplicates, already loaded mechs. + */ + found = 0; + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + if (gss_oid_equal(&m->gm_mech.gm_mech_oid, &mech_oid)) { + found = 1; + free(mech_oid.elements); + break; + } + } + if (found) + continue; + +#ifndef RTLD_LOCAL +#define RTLD_LOCAL 0 +#endif + +#ifndef RTLD_GROUP +#define RTLD_GROUP 0 +#endif + + so = dlopen(lib, RTLD_LAZY | RTLD_LOCAL | RTLD_GROUP); + if (so == NULL) { +/* fprintf(stderr, "dlopen: %s\n", dlerror()); */ + goto bad; + } + + m = calloc(1, sizeof(*m)); + if (m == NULL) + goto bad; + + m->gm_so = so; + m->gm_mech.gm_mech_oid = mech_oid; + m->gm_mech.gm_flags = 0; + m->gm_mech.gm_compat = calloc(1, sizeof(struct gss_mech_compat_desc_struct)); + if (m->gm_mech.gm_compat == NULL) + goto bad; + + major_status = gss_add_oid_set_member(&minor_status, + &m->gm_mech.gm_mech_oid, &_gss_mech_oids); + if (GSS_ERROR(major_status)) + goto bad; + + SYM(acquire_cred); + SYM(release_cred); + SYM(init_sec_context); + SYM(accept_sec_context); + SYM(process_context_token); + SYM(delete_sec_context); + SYM(context_time); + SYM(get_mic); + SYM(verify_mic); + SYM(wrap); + SYM(unwrap); + SYM(display_status); + SYM(indicate_mechs); + SYM(compare_name); + SYM(display_name); + SYM(import_name); + SYM(export_name); + SYM(release_name); + SYM(inquire_cred); + SYM(inquire_context); + SYM(wrap_size_limit); + SYM(add_cred); + SYM(inquire_cred_by_mech); + SYM(export_sec_context); + SYM(import_sec_context); + SYM(inquire_names_for_mech); + SYM(inquire_mechs_for_name); + SYM(canonicalize_name); + SYM(duplicate_name); + OPTSYM(inquire_cred_by_oid); + OPTSYM(inquire_sec_context_by_oid); + OPTSYM(set_sec_context_option); + OPTSPISYM(set_cred_option); + OPTSYM(pseudo_random); + OPTSYM(wrap_iov); + OPTSYM(unwrap_iov); + OPTSYM(wrap_iov_length); + OPTSYM(store_cred); + OPTSYM(export_cred); + OPTSYM(import_cred); +#if 0 + OPTSYM(acquire_cred_ext); + OPTSYM(iter_creds); + OPTSYM(destroy_cred); + OPTSYM(cred_hold); + OPTSYM(cred_unhold); + OPTSYM(cred_label_get); + OPTSYM(cred_label_set); +#endif + OPTSYM(display_name_ext); + OPTSYM(inquire_name); + OPTSYM(get_name_attribute); + OPTSYM(set_name_attribute); + OPTSYM(delete_name_attribute); + OPTSYM(export_name_composite); + OPTSYM(pname_to_uid); + OPTSPISYM(authorize_localname); + + mi = dlsym(so, "gss_mo_init"); + if (mi != NULL) { + major_status = mi(&minor_status, &mech_oid, + &m->gm_mech.gm_mo, &m->gm_mech.gm_mo_num); + if (GSS_ERROR(major_status)) + goto bad; + } else { + /* API-as-SPI compatibility */ + COMPATSYM(inquire_saslname_for_mech); + COMPATSYM(inquire_mech_for_saslname); + COMPATSYM(inquire_attrs_for_mech); + COMPATSPISYM(acquire_cred_with_password); + } + + /* pick up the oid sets of names */ + + if (m->gm_mech.gm_inquire_names_for_mech) + (*m->gm_mech.gm_inquire_names_for_mech)(&minor_status, + &m->gm_mech.gm_mech_oid, &m->gm_name_types); + + if (m->gm_name_types == NULL) + gss_create_empty_oid_set(&minor_status, &m->gm_name_types); + + HEIM_SLIST_INSERT_HEAD(&_gss_mechs, m, gm_link); + continue; + + bad: + if (m != NULL) { + free(m->gm_mech.gm_compat); + free(m->gm_mech.gm_mech_oid.elements); + free(m); + } + dlclose(so); + continue; + } + fclose(fp); +#endif + HEIMDAL_MUTEX_unlock(&_gss_mech_mutex); +} + +gssapi_mech_interface +__gss_get_mechanism(gss_const_OID mech) +{ + struct _gss_mech_switch *m; + + _gss_load_mech(); + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + if (gss_oid_equal(&m->gm_mech.gm_mech_oid, mech)) + return &m->gm_mech; + } + return NULL; +} diff --git a/lib/gssapi/mech/gss_mo.c b/lib/gssapi/mech/gss_mo.c new file mode 100644 index 000000000000..ad74d9237a2d --- /dev/null +++ b/lib/gssapi/mech/gss_mo.c @@ -0,0 +1,635 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * Portions Copyright (c) 2010 PADL Software Pty Ltd. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +#include + +static int +get_option_def(int def, gss_const_OID mech, gss_mo_desc *mo, gss_buffer_t value) +{ + return def; +} + +int +_gss_mo_get_option_1(gss_const_OID mech, gss_mo_desc *mo, gss_buffer_t value) +{ + return get_option_def(1, mech, mo, value); +} + +int +_gss_mo_get_option_0(gss_const_OID mech, gss_mo_desc *mo, gss_buffer_t value) +{ + return get_option_def(0, mech, mo, value); +} + +int +_gss_mo_get_ctx_as_string(gss_const_OID mech, gss_mo_desc *mo, gss_buffer_t value) +{ + if (value) { + value->value = strdup((char *)mo->ctx); + if (value->value == NULL) + return GSS_S_FAILURE; + value->length = strlen((char *)mo->ctx); + } + return GSS_S_COMPLETE; +} + +GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL +gss_mo_set(gss_const_OID mech, gss_const_OID option, + int enable, gss_buffer_t value) +{ + gssapi_mech_interface m; + size_t n; + + if ((m = __gss_get_mechanism(mech)) == NULL) + return GSS_S_BAD_MECH; + + for (n = 0; n < m->gm_mo_num; n++) + if (gss_oid_equal(option, m->gm_mo[n].option) && m->gm_mo[n].set) + return m->gm_mo[n].set(mech, &m->gm_mo[n], enable, value); + + return GSS_S_UNAVAILABLE; +} + +GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL +gss_mo_get(gss_const_OID mech, gss_const_OID option, gss_buffer_t value) +{ + gssapi_mech_interface m; + size_t n; + + _mg_buffer_zero(value); + + if ((m = __gss_get_mechanism(mech)) == NULL) + return GSS_S_BAD_MECH; + + for (n = 0; n < m->gm_mo_num; n++) + if (gss_oid_equal(option, m->gm_mo[n].option) && m->gm_mo[n].get) + return m->gm_mo[n].get(mech, &m->gm_mo[n], value); + + return GSS_S_UNAVAILABLE; +} + +static void +add_all_mo(gssapi_mech_interface m, gss_OID_set *options, OM_uint32 mask) +{ + OM_uint32 minor; + size_t n; + + for (n = 0; n < m->gm_mo_num; n++) + if ((m->gm_mo[n].flags & mask) == mask) + gss_add_oid_set_member(&minor, m->gm_mo[n].option, options); +} + +GSSAPI_LIB_FUNCTION void GSSAPI_LIB_CALL +gss_mo_list(gss_const_OID mech, gss_OID_set *options) +{ + gssapi_mech_interface m; + OM_uint32 major, minor; + + if (options == NULL) + return; + + *options = GSS_C_NO_OID_SET; + + if ((m = __gss_get_mechanism(mech)) == NULL) + return; + + major = gss_create_empty_oid_set(&minor, options); + if (major != GSS_S_COMPLETE) + return; + + add_all_mo(m, options, 0); +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_mo_name(gss_const_OID mech, gss_const_OID option, gss_buffer_t name) +{ + gssapi_mech_interface m; + size_t n; + + if (name == NULL) + return GSS_S_BAD_NAME; + + if ((m = __gss_get_mechanism(mech)) == NULL) + return GSS_S_BAD_MECH; + + for (n = 0; n < m->gm_mo_num; n++) { + if (gss_oid_equal(option, m->gm_mo[n].option)) { + /* + * If there is no name, its because its a GSS_C_MA and + * there is already a table for that. + */ + if (m->gm_mo[n].name) { + name->value = strdup(m->gm_mo[n].name); + if (name->value == NULL) + return GSS_S_BAD_NAME; + name->length = strlen(m->gm_mo[n].name); + return GSS_S_COMPLETE; + } else { + OM_uint32 junk; + return gss_display_mech_attr(&junk, option, + NULL, name, NULL); + } + } + } + return GSS_S_BAD_NAME; +} + +/* + * Helper function to allow NULL name + */ + +static OM_uint32 +mo_value(const gss_const_OID mech, gss_const_OID option, gss_buffer_t name) +{ + if (name == NULL) + return GSS_S_COMPLETE; + + return gss_mo_get(mech, option, name); +} + +/* code derived from draft-ietf-cat-sasl-gssapi-01 */ +static char basis_32[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567"; + +static OM_uint32 +make_sasl_name(OM_uint32 *minor, const gss_OID mech, char sasl_name[16]) +{ + EVP_MD_CTX *ctx; + char *p = sasl_name; + u_char hdr[2], hash[20], *h = hash; + + if (mech->length > 127) + return GSS_S_BAD_MECH; + + hdr[0] = 0x06; + hdr[1] = mech->length; + + ctx = EVP_MD_CTX_create(); + EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); + EVP_DigestUpdate(ctx, hdr, 2); + EVP_DigestUpdate(ctx, mech->elements, mech->length); + EVP_DigestFinal_ex(ctx, hash, NULL); + + memcpy(p, "GS2-", 4); + p += 4; + + *p++ = basis_32[(h[0] >> 3)]; + *p++ = basis_32[((h[0] & 7) << 2) | (h[1] >> 6)]; + *p++ = basis_32[(h[1] & 0x3f) >> 1]; + *p++ = basis_32[((h[1] & 1) << 4) | (h[2] >> 4)]; + *p++ = basis_32[((h[2] & 0xf) << 1) | (h[3] >> 7)]; + *p++ = basis_32[(h[3] & 0x7f) >> 2]; + *p++ = basis_32[((h[3] & 3) << 3) | (h[4] >> 5)]; + *p++ = basis_32[(h[4] & 0x1f)]; + *p++ = basis_32[(h[5] >> 3)]; + *p++ = basis_32[((h[5] & 7) << 2) | (h[6] >> 6)]; + *p++ = basis_32[(h[6] & 0x3f) >> 1]; + + *p = '\0'; + + return GSS_S_COMPLETE; +} + +/* + * gss_inquire_saslname_for_mech() wrapper that uses MIT SPI + */ +static OM_uint32 +inquire_saslname_for_mech_compat(OM_uint32 *minor, + const gss_OID desired_mech, + gss_buffer_t sasl_mech_name, + gss_buffer_t mech_name, + gss_buffer_t mech_description) +{ + struct gss_mech_compat_desc_struct *gmc; + gssapi_mech_interface m; + OM_uint32 major; + + m = __gss_get_mechanism(desired_mech); + if (m == NULL) + return GSS_S_BAD_MECH; + + gmc = m->gm_compat; + + if (gmc != NULL && gmc->gmc_inquire_saslname_for_mech != NULL) { + major = gmc->gmc_inquire_saslname_for_mech(minor, + desired_mech, + sasl_mech_name, + mech_name, + mech_description); + } else { + major = GSS_S_UNAVAILABLE; + } + + return major; +} + +/** + * Returns different protocol names and description of the mechanism. + * + * @param minor_status minor status code + * @param desired_mech mech list query + * @param sasl_mech_name SASL GS2 protocol name + * @param mech_name gssapi protocol name + * @param mech_description description of gssapi mech + * + * @return returns GSS_S_COMPLETE or a error code. + * + * @ingroup gssapi + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_saslname_for_mech(OM_uint32 *minor_status, + const gss_OID desired_mech, + gss_buffer_t sasl_mech_name, + gss_buffer_t mech_name, + gss_buffer_t mech_description) +{ + OM_uint32 major; + + _mg_buffer_zero(sasl_mech_name); + _mg_buffer_zero(mech_name); + _mg_buffer_zero(mech_description); + + if (minor_status) + *minor_status = 0; + + if (desired_mech == NULL) + return GSS_S_BAD_MECH; + + major = mo_value(desired_mech, GSS_C_MA_SASL_MECH_NAME, sasl_mech_name); + if (major == GSS_S_COMPLETE) { + /* Native SPI */ + major = mo_value(desired_mech, GSS_C_MA_MECH_NAME, mech_name); + if (GSS_ERROR(major)) + return major; + + major = mo_value(desired_mech, GSS_C_MA_MECH_DESCRIPTION, mech_description); + if (GSS_ERROR(major)) + return major; + } + + if (GSS_ERROR(major)) { + /* API-as-SPI compatibility */ + major = inquire_saslname_for_mech_compat(minor_status, + desired_mech, + sasl_mech_name, + mech_name, + mech_description); + } + + if (GSS_ERROR(major)) { + /* Algorithmically dervied SASL mechanism name */ + char buf[16]; + gss_buffer_desc tmp = { sizeof(buf) - 1, buf }; + + major = make_sasl_name(minor_status, desired_mech, buf); + if (GSS_ERROR(major)) + return major; + + major = _gss_copy_buffer(minor_status, &tmp, sasl_mech_name); + if (GSS_ERROR(major)) + return major; + } + + return major; +} + +/** + * Find a mech for a sasl name + * + * @param minor_status minor status code + * @param sasl_mech_name + * @param mech_type + * + * @return returns GSS_S_COMPLETE or an error code. + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_mech_for_saslname(OM_uint32 *minor_status, + const gss_buffer_t sasl_mech_name, + gss_OID *mech_type) +{ + struct _gss_mech_switch *m; + gss_buffer_desc name; + OM_uint32 major, junk; + char buf[16]; + + _gss_load_mech(); + + *mech_type = NULL; + + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + struct gss_mech_compat_desc_struct *gmc; + + /* Native SPI */ + major = mo_value(&m->gm_mech_oid, GSS_C_MA_SASL_MECH_NAME, &name); + if (major == GSS_S_COMPLETE && + name.length == sasl_mech_name->length && + memcmp(name.value, sasl_mech_name->value, name.length) == 0) { + gss_release_buffer(&junk, &name); + *mech_type = &m->gm_mech_oid; + return GSS_S_COMPLETE; + } + gss_release_buffer(&junk, &name); + + if (GSS_ERROR(major)) { + /* API-as-SPI compatibility */ + gmc = m->gm_mech.gm_compat; + if (gmc && gmc->gmc_inquire_mech_for_saslname) { + major = gmc->gmc_inquire_mech_for_saslname(minor_status, + sasl_mech_name, + mech_type); + if (major == GSS_S_COMPLETE) + return GSS_S_COMPLETE; + } + } + + if (GSS_ERROR(major)) { + /* Algorithmically dervied SASL mechanism name */ + if (sasl_mech_name->length == 16 && + make_sasl_name(minor_status, &m->gm_mech_oid, buf) == GSS_S_COMPLETE && + memcmp(buf, sasl_mech_name->value, 16) == 0) { + *mech_type = &m->gm_mech_oid; + return GSS_S_COMPLETE; + } + } + } + + return GSS_S_BAD_MECH; +} + +/* + * Test mechanism against indicated attributes using both Heimdal and + * MIT SPIs. + */ +static int +test_mech_attrs(gssapi_mech_interface mi, + gss_const_OID_set mech_attrs, + gss_const_OID_set against_attrs, + int except) +{ + size_t n, m; + int eq = 0; + + if (against_attrs == GSS_C_NO_OID_SET) + return 1; + + for (n = 0; n < against_attrs->count; n++) { + for (m = 0; m < mi->gm_mo_num; m++) { + eq = gss_oid_equal(mi->gm_mo[m].option, + &against_attrs->elements[n]); + if (eq) + break; + } + if (mech_attrs != GSS_C_NO_OID_SET) { + for (m = 0; m < mech_attrs->count; m++) { + eq = gss_oid_equal(&mech_attrs->elements[m], + &against_attrs->elements[n]); + if (eq) + break; + } + } + if (!eq ^ except) + return 0; + } + + return 1; +} + +/** + * Return set of mechanism that fullfill the criteria + * + * @param minor_status minor status code + * @param desired_mech_attrs + * @param except_mech_attrs + * @param critical_mech_attrs + * @param mechs returned mechs, free with gss_release_oid_set(). + * + * @return returns GSS_S_COMPLETE or an error code. + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_indicate_mechs_by_attrs(OM_uint32 * minor_status, + gss_const_OID_set desired_mech_attrs, + gss_const_OID_set except_mech_attrs, + gss_const_OID_set critical_mech_attrs, + gss_OID_set *mechs) +{ + struct _gss_mech_switch *ms; + gss_OID_set mech_attrs = GSS_C_NO_OID_SET; + gss_OID_set known_mech_attrs = GSS_C_NO_OID_SET; + OM_uint32 major; + + major = gss_create_empty_oid_set(minor_status, mechs); + if (GSS_ERROR(major)) + return major; + + _gss_load_mech(); + + HEIM_SLIST_FOREACH(ms, &_gss_mechs, gm_link) { + gssapi_mech_interface mi = &ms->gm_mech; + struct gss_mech_compat_desc_struct *gmc = mi->gm_compat; + OM_uint32 tmp; + + if (gmc && gmc->gmc_inquire_attrs_for_mech) { + major = gmc->gmc_inquire_attrs_for_mech(minor_status, + &mi->gm_mech_oid, + &mech_attrs, + &known_mech_attrs); + if (GSS_ERROR(major)) + continue; + } + + /* + * Test mechanism supports all of desired_mech_attrs; + * none of except_mech_attrs; + * and knows of all critical_mech_attrs. + */ + if (test_mech_attrs(mi, mech_attrs, desired_mech_attrs, 0) && + test_mech_attrs(mi, mech_attrs, except_mech_attrs, 1) && + test_mech_attrs(mi, known_mech_attrs, critical_mech_attrs, 0)) { + major = gss_add_oid_set_member(minor_status, &mi->gm_mech_oid, mechs); + } + + gss_release_oid_set(&tmp, &mech_attrs); + gss_release_oid_set(&tmp, &known_mech_attrs); + + if (GSS_ERROR(major)) + break; + } + + return major; +} + +/** + * List support attributes for a mech and/or all mechanisms. + * + * @param minor_status minor status code + * @param mech given together with mech_attr will return the list of + * attributes for mechanism, can optionally be GSS_C_NO_OID. + * @param mech_attr see mech parameter, can optionally be NULL, + * release with gss_release_oid_set(). + * @param known_mech_attrs all attributes for mechanisms supported, + * release with gss_release_oid_set(). + * + * @ingroup gssapi + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_inquire_attrs_for_mech(OM_uint32 * minor_status, + gss_const_OID mech, + gss_OID_set *mech_attr, + gss_OID_set *known_mech_attrs) +{ + OM_uint32 major, junk; + + if (known_mech_attrs) + *known_mech_attrs = GSS_C_NO_OID_SET; + + if (mech_attr && mech) { + gssapi_mech_interface m; + struct gss_mech_compat_desc_struct *gmc; + + if ((m = __gss_get_mechanism(mech)) == NULL) { + *minor_status = 0; + return GSS_S_BAD_MECH; + } + + gmc = m->gm_compat; + + if (gmc && gmc->gmc_inquire_attrs_for_mech) { + major = gmc->gmc_inquire_attrs_for_mech(minor_status, + mech, + mech_attr, + known_mech_attrs); + } else { + major = gss_create_empty_oid_set(minor_status, mech_attr); + if (major == GSS_S_COMPLETE) + add_all_mo(m, mech_attr, GSS_MO_MA); + } + if (GSS_ERROR(major)) + return major; + } + + if (known_mech_attrs) { + struct _gss_mech_switch *m; + + if (*known_mech_attrs == GSS_C_NO_OID_SET) { + major = gss_create_empty_oid_set(minor_status, known_mech_attrs); + if (GSS_ERROR(major)) { + if (mech_attr) + gss_release_oid_set(&junk, mech_attr); + return major; + } + } + + _gss_load_mech(); + + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) + add_all_mo(&m->gm_mech, known_mech_attrs, GSS_MO_MA); + } + + + return GSS_S_COMPLETE; +} + +/** + * Return names and descriptions of mech attributes + * + * @param minor_status minor status code + * @param mech_attr + * @param name + * @param short_desc + * @param long_desc + * + * @return returns GSS_S_COMPLETE or an error code. + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_display_mech_attr(OM_uint32 * minor_status, + gss_const_OID mech_attr, + gss_buffer_t name, + gss_buffer_t short_desc, + gss_buffer_t long_desc) +{ + struct _gss_oid_name_table *ma = NULL; + OM_uint32 major; + size_t n; + + _mg_buffer_zero(name); + _mg_buffer_zero(short_desc); + _mg_buffer_zero(long_desc); + + if (minor_status) + *minor_status = 0; + + for (n = 0; ma == NULL && _gss_ont_ma[n].oid; n++) + if (gss_oid_equal(mech_attr, _gss_ont_ma[n].oid)) + ma = &_gss_ont_ma[n]; + + if (ma == NULL) + return GSS_S_BAD_MECH_ATTR; + + if (name) { + gss_buffer_desc bd; + bd.value = rk_UNCONST(ma->name); + bd.length = strlen(ma->name); + major = _gss_copy_buffer(minor_status, &bd, name); + if (major != GSS_S_COMPLETE) + return major; + } + + if (short_desc) { + gss_buffer_desc bd; + bd.value = rk_UNCONST(ma->short_desc); + bd.length = strlen(ma->short_desc); + major = _gss_copy_buffer(minor_status, &bd, short_desc); + if (major != GSS_S_COMPLETE) + return major; + } + + if (long_desc) { + gss_buffer_desc bd; + bd.value = rk_UNCONST(ma->long_desc); + bd.length = strlen(ma->long_desc); + major = _gss_copy_buffer(minor_status, &bd, long_desc); + if (major != GSS_S_COMPLETE) + return major; + } + + return GSS_S_COMPLETE; +} diff --git a/lib/gssapi/mech/gss_names.c b/lib/gssapi/mech/gss_names.c new file mode 100644 index 000000000000..43e0e2a85cb2 --- /dev/null +++ b/lib/gssapi/mech/gss_names.c @@ -0,0 +1,110 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_names.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +OM_uint32 +_gss_find_mn(OM_uint32 *minor_status, struct _gss_name *name, gss_OID mech, + struct _gss_mechanism_name **output_mn) +{ + OM_uint32 major_status; + gssapi_mech_interface m; + struct _gss_mechanism_name *mn; + + *output_mn = NULL; + + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { + if (gss_oid_equal(mech, mn->gmn_mech_oid)) + break; + } + + if (!mn) { + /* + * If this name is canonical (i.e. there is only an + * MN but it is from a different mech), give up now. + */ + if (!name->gn_value.value) + return GSS_S_BAD_NAME; + + m = __gss_get_mechanism(mech); + if (!m) + return (GSS_S_BAD_MECH); + + mn = malloc(sizeof(struct _gss_mechanism_name)); + if (!mn) + return GSS_S_FAILURE; + + major_status = m->gm_import_name(minor_status, + &name->gn_value, + (name->gn_type.elements + ? &name->gn_type : GSS_C_NO_OID), + &mn->gmn_name); + if (major_status != GSS_S_COMPLETE) { + _gss_mg_error(m, major_status, *minor_status); + free(mn); + return major_status; + } + + mn->gmn_mech = m; + mn->gmn_mech_oid = &m->gm_mech_oid; + HEIM_SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); + } + *output_mn = mn; + return 0; +} + + +/* + * Make a name from an MN. + */ +struct _gss_name * +_gss_make_name(gssapi_mech_interface m, gss_name_t new_mn) +{ + struct _gss_name *name; + struct _gss_mechanism_name *mn; + + name = malloc(sizeof(struct _gss_name)); + if (!name) + return (0); + memset(name, 0, sizeof(struct _gss_name)); + + mn = malloc(sizeof(struct _gss_mechanism_name)); + if (!mn) { + free(name); + return (0); + } + + HEIM_SLIST_INIT(&name->gn_mn); + mn->gmn_mech = m; + mn->gmn_mech_oid = &m->gm_mech_oid; + mn->gmn_name = new_mn; + HEIM_SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); + + return (name); +} + diff --git a/lib/gssapi/mech/gss_oid.c b/lib/gssapi/mech/gss_oid.c new file mode 100644 index 000000000000..916d1e4dda5e --- /dev/null +++ b/lib/gssapi/mech/gss_oid.c @@ -0,0 +1,266 @@ +/* Generated file */ +#include "mech_locl.h" + +/* GSS_KRB5_COPY_CCACHE_X - 1.2.752.43.13.1 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_copy_ccache_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x01") }; + +/* GSS_KRB5_GET_TKT_FLAGS_X - 1.2.752.43.13.2 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_tkt_flags_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x02") }; + +/* GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X - 1.2.752.43.13.3 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_extract_authz_data_from_sec_context_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x03") }; + +/* GSS_KRB5_COMPAT_DES3_MIC_X - 1.2.752.43.13.4 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_compat_des3_mic_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x04") }; + +/* GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X - 1.2.752.43.13.5 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_register_acceptor_identity_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x05") }; + +/* GSS_KRB5_EXPORT_LUCID_CONTEXT_X - 1.2.752.43.13.6 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_export_lucid_context_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x06") }; + +/* GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X - 1.2.752.43.13.6.1 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_export_lucid_context_v1_x_oid_desc = { 7, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x06\x01") }; + +/* GSS_KRB5_SET_DNS_CANONICALIZE_X - 1.2.752.43.13.7 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_dns_canonicalize_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x07") }; + +/* GSS_KRB5_GET_SUBKEY_X - 1.2.752.43.13.8 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_subkey_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x08") }; + +/* GSS_KRB5_GET_INITIATOR_SUBKEY_X - 1.2.752.43.13.9 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_initiator_subkey_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x09") }; + +/* GSS_KRB5_GET_ACCEPTOR_SUBKEY_X - 1.2.752.43.13.10 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_acceptor_subkey_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0a") }; + +/* GSS_KRB5_SEND_TO_KDC_X - 1.2.752.43.13.11 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_send_to_kdc_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0b") }; + +/* GSS_KRB5_GET_AUTHTIME_X - 1.2.752.43.13.12 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_authtime_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0c") }; + +/* GSS_KRB5_GET_SERVICE_KEYBLOCK_X - 1.2.752.43.13.13 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_service_keyblock_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0d") }; + +/* GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X - 1.2.752.43.13.14 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_allowable_enctypes_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0e") }; + +/* GSS_KRB5_SET_DEFAULT_REALM_X - 1.2.752.43.13.15 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_default_realm_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0f") }; + +/* GSS_KRB5_CCACHE_NAME_X - 1.2.752.43.13.16 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_ccache_name_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x10") }; + +/* GSS_KRB5_SET_TIME_OFFSET_X - 1.2.752.43.13.17 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_time_offset_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x11") }; + +/* GSS_KRB5_GET_TIME_OFFSET_X - 1.2.752.43.13.18 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_time_offset_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x12") }; + +/* GSS_KRB5_PLUGIN_REGISTER_X - 1.2.752.43.13.19 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_plugin_register_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x13") }; + +/* GSS_NTLM_GET_SESSION_KEY_X - 1.2.752.43.13.20 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_ntlm_get_session_key_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x14") }; + +/* GSS_C_NT_NTLM - 1.2.752.43.13.21 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_ntlm_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x15") }; + +/* GSS_C_NT_DN - 1.2.752.43.13.22 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_dn_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x16") }; + +/* GSS_KRB5_NT_PRINCIPAL_NAME_REFERRAL - 1.2.752.43.13.23 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_nt_principal_name_referral_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x17") }; + +/* GSS_C_NTLM_AVGUEST - 1.2.752.43.13.24 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_avguest_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x18") }; + +/* GSS_C_NTLM_V1 - 1.2.752.43.13.25 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_v1_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x19") }; + +/* GSS_C_NTLM_V2 - 1.2.752.43.13.26 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_v2_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1a") }; + +/* GSS_C_NTLM_SESSION_KEY - 1.2.752.43.13.27 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_session_key_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1b") }; + +/* GSS_C_NTLM_FORCE_V1 - 1.2.752.43.13.28 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_force_v1_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1c") }; + +/* GSS_KRB5_CRED_NO_CI_FLAGS_X - 1.2.752.43.13.29 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_cred_no_ci_flags_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1d") }; + +/* GSS_KRB5_IMPORT_CRED_X - 1.2.752.43.13.30 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_import_cred_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1e") }; + +/* GSS_C_MA_SASL_MECH_NAME - 1.2.752.43.13.100 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_sasl_mech_name_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x64") }; + +/* GSS_C_MA_MECH_NAME - 1.2.752.43.13.101 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_name_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x65") }; + +/* GSS_C_MA_MECH_DESCRIPTION - 1.2.752.43.13.102 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_description_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x66") }; + +/* GSS_C_CRED_PASSWORD - 1.2.752.43.13.200 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_cred_password_oid_desc = { 7, "\x2a\x85\x70\x2b\x0d\x81\x48" }; + +/* GSS_C_CRED_CERTIFICATE - 1.2.752.43.13.201 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_cred_certificate_oid_desc = { 7, "\x2a\x85\x70\x2b\x0d\x81\x49" }; + +/* GSS_SASL_DIGEST_MD5_MECHANISM - 1.2.752.43.14.1 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_sasl_digest_md5_mechanism_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x01") }; + +/* GSS_NETLOGON_MECHANISM - 1.2.752.43.14.2 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_mechanism_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x02") }; + +/* GSS_NETLOGON_SET_SESSION_KEY_X - 1.2.752.43.14.3 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_set_session_key_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x03") }; + +/* GSS_NETLOGON_SET_SIGN_ALGORITHM_X - 1.2.752.43.14.4 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_set_sign_algorithm_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x04") }; + +/* GSS_NETLOGON_NT_NETBIOS_DNS_NAME - 1.2.752.43.14.5 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_nt_netbios_dns_name_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x05") }; + +/* GSS_C_INQ_WIN2K_PAC_X - 1.2.752.43.13.3.128 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_inq_win2k_pac_x_oid_desc = { 8, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x03\x81\x00") }; + +/* GSS_C_INQ_SSPI_SESSION_KEY - 1.2.840.113554.1.2.2.5.5 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_inq_sspi_session_key_oid_desc = { 11, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05") }; + +/* GSS_KRB5_MECHANISM - 1.2.840.113554.1.2.2 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_mechanism_oid_desc = { 9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") }; + +/* GSS_NTLM_MECHANISM - 1.3.6.1.4.1.311.2.2.10 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_ntlm_mechanism_oid_desc = { 10, rk_UNCONST("\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a") }; + +/* GSS_SPNEGO_MECHANISM - 1.3.6.1.5.5.2 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_spnego_mechanism_oid_desc = { 6, rk_UNCONST("\x2b\x06\x01\x05\x05\x02") }; + +/* GSS_C_PEER_HAS_UPDATED_SPNEGO - 1.3.6.1.4.1.9513.19.5 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_peer_has_updated_spnego_oid_desc = { 9, rk_UNCONST("\x2b\x06\x01\x04\x01\xca\x29\x13\x05") }; + +/* GSS_C_MA_MECH_CONCRETE - 1.3.6.1.5.5.13.1 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_concrete_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x01") }; + +/* GSS_C_MA_MECH_PSEUDO - 1.3.6.1.5.5.13.2 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_pseudo_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x02") }; + +/* GSS_C_MA_MECH_COMPOSITE - 1.3.6.1.5.5.13.3 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_composite_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x03") }; + +/* GSS_C_MA_MECH_NEGO - 1.3.6.1.5.5.13.4 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_nego_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x04") }; + +/* GSS_C_MA_MECH_GLUE - 1.3.6.1.5.5.13.5 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_glue_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x05") }; + +/* GSS_C_MA_NOT_MECH - 1.3.6.1.5.5.13.6 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_not_mech_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x06") }; + +/* GSS_C_MA_DEPRECATED - 1.3.6.1.5.5.13.7 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_deprecated_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x07") }; + +/* GSS_C_MA_NOT_DFLT_MECH - 1.3.6.1.5.5.13.8 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_not_dflt_mech_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x08") }; + +/* GSS_C_MA_ITOK_FRAMED - 1.3.6.1.5.5.13.9 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_itok_framed_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x09") }; + +/* GSS_C_MA_AUTH_INIT - 1.3.6.1.5.5.13.10 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_init_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0a") }; + +/* GSS_C_MA_AUTH_TARG - 1.3.6.1.5.5.13.11 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_targ_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0b") }; + +/* GSS_C_MA_AUTH_INIT_INIT - 1.3.6.1.5.5.13.12 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_init_init_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0c") }; + +/* GSS_C_MA_AUTH_TARG_INIT - 1.3.6.1.5.5.13.13 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_targ_init_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0d") }; + +/* GSS_C_MA_AUTH_INIT_ANON - 1.3.6.1.5.5.13.14 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_init_anon_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0e") }; + +/* GSS_C_MA_AUTH_TARG_ANON - 1.3.6.1.5.5.13.15 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_targ_anon_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0f") }; + +/* GSS_C_MA_DELEG_CRED - 1.3.6.1.5.5.13.16 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_deleg_cred_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x10") }; + +/* GSS_C_MA_INTEG_PROT - 1.3.6.1.5.5.13.17 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_integ_prot_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x11") }; + +/* GSS_C_MA_CONF_PROT - 1.3.6.1.5.5.13.18 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_conf_prot_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x12") }; + +/* GSS_C_MA_MIC - 1.3.6.1.5.5.13.19 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mic_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x13") }; + +/* GSS_C_MA_WRAP - 1.3.6.1.5.5.13.20 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_wrap_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x14") }; + +/* GSS_C_MA_PROT_READY - 1.3.6.1.5.5.13.21 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_prot_ready_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x15") }; + +/* GSS_C_MA_REPLAY_DET - 1.3.6.1.5.5.13.22 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_replay_det_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x16") }; + +/* GSS_C_MA_OOS_DET - 1.3.6.1.5.5.13.23 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_oos_det_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x17") }; + +/* GSS_C_MA_CBINDINGS - 1.3.6.1.5.5.13.24 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_cbindings_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x18") }; + +/* GSS_C_MA_PFS - 1.3.6.1.5.5.13.25 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_pfs_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x19") }; + +/* GSS_C_MA_COMPRESS - 1.3.6.1.5.5.13.26 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_compress_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x1a") }; + +/* GSS_C_MA_CTX_TRANS - 1.3.6.1.5.5.13.27 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_ctx_trans_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x1b") }; + +struct _gss_oid_name_table _gss_ont_ma[] = { + { GSS_C_MA_COMPRESS, "GSS_C_MA_COMPRESS", "compress", "" }, + { GSS_C_MA_AUTH_TARG_INIT, "GSS_C_MA_AUTH_TARG_INIT", "auth-targ-princ-initial", "" }, + { GSS_C_MA_CBINDINGS, "GSS_C_MA_CBINDINGS", "channel-bindings", "" }, + { GSS_C_MA_WRAP, "GSS_C_MA_WRAP", "wrap", "" }, + { GSS_C_MA_ITOK_FRAMED, "GSS_C_MA_ITOK_FRAMED", "initial-is-framed", "" }, + { GSS_C_MA_MECH_NEGO, "GSS_C_MA_MECH_NEGO", "mech-negotiation-mech", "" }, + { GSS_C_MA_MECH_COMPOSITE, "GSS_C_MA_MECH_COMPOSITE", "composite-mech", "" }, + { GSS_C_MA_REPLAY_DET, "GSS_C_MA_REPLAY_DET", "replay-detection", "" }, + { GSS_C_MA_AUTH_INIT_ANON, "GSS_C_MA_AUTH_INIT_ANON", "auth-init-princ-anon", "" }, + { GSS_C_MA_PROT_READY, "GSS_C_MA_PROT_READY", "prot-ready", "" }, + { GSS_C_MA_AUTH_INIT, "GSS_C_MA_AUTH_INIT", "auth-init-princ", "" }, + { GSS_C_MA_PFS, "GSS_C_MA_PFS", "pfs", "" }, + { GSS_C_MA_CONF_PROT, "GSS_C_MA_CONF_PROT", "conf-prot", "" }, + { GSS_C_MA_MECH_PSEUDO, "GSS_C_MA_MECH_PSEUDO", "pseudo-mech", "" }, + { GSS_C_MA_AUTH_TARG, "GSS_C_MA_AUTH_TARG", "auth-targ-princ", "" }, + { GSS_C_MA_MECH_NAME, "GSS_C_MA_MECH_NAME", "GSS mech name", "The name of the GSS-API mechanism" }, + { GSS_C_MA_NOT_MECH, "GSS_C_MA_NOT_MECH", "not-mech", "" }, + { GSS_C_MA_MIC, "GSS_C_MA_MIC", "mic", "" }, + { GSS_C_MA_DEPRECATED, "GSS_C_MA_DEPRECATED", "mech-deprecated", "" }, + { GSS_C_MA_MECH_GLUE, "GSS_C_MA_MECH_GLUE", "mech-glue", "" }, + { GSS_C_MA_DELEG_CRED, "GSS_C_MA_DELEG_CRED", "deleg-cred", "" }, + { GSS_C_MA_NOT_DFLT_MECH, "GSS_C_MA_NOT_DFLT_MECH", "mech-not-default", "" }, + { GSS_C_MA_AUTH_TARG_ANON, "GSS_C_MA_AUTH_TARG_ANON", "auth-targ-princ-anon", "" }, + { GSS_C_MA_INTEG_PROT, "GSS_C_MA_INTEG_PROT", "integ-prot", "" }, + { GSS_C_MA_CTX_TRANS, "GSS_C_MA_CTX_TRANS", "context-transfer", "" }, + { GSS_C_MA_MECH_DESCRIPTION, "GSS_C_MA_MECH_DESCRIPTION", "Mech description", "The long description of the mechanism" }, + { GSS_C_MA_OOS_DET, "GSS_C_MA_OOS_DET", "oos-detection", "" }, + { GSS_C_MA_AUTH_INIT_INIT, "GSS_C_MA_AUTH_INIT_INIT", "auth-init-princ-initial", "" }, + { GSS_C_MA_MECH_CONCRETE, "GSS_C_MA_MECH_CONCRETE", "concrete-mech", "Indicates that a mech is neither a pseudo-mechanism nor a composite mechanism" }, + { GSS_C_MA_SASL_MECH_NAME, "GSS_C_MA_SASL_MECH_NAME", "SASL mechanism name", "The name of the SASL mechanism" }, + { NULL } +}; + +struct _gss_oid_name_table _gss_ont_mech[] = { + { GSS_KRB5_MECHANISM, "GSS_KRB5_MECHANISM", "Kerberos 5", "Heimdal Kerberos 5 mechanism" }, + { GSS_SPNEGO_MECHANISM, "GSS_SPNEGO_MECHANISM", "SPNEGO", "Heimdal SPNEGO mechanism" }, + { GSS_NTLM_MECHANISM, "GSS_NTLM_MECHANISM", "NTLM", "Heimdal NTLM mechanism" }, + { NULL } +}; + diff --git a/lib/gssapi/mech/gss_oid_equal.c b/lib/gssapi/mech/gss_oid_equal.c new file mode 100644 index 000000000000..b125ede66fa3 --- /dev/null +++ b/lib/gssapi/mech/gss_oid_equal.c @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +/** + * Compare two GSS-API OIDs with each other. + * + * GSS_C_NO_OID matches nothing, not even it-self. + * + * @param a first oid to compare + * @param b second oid to compare + * + * @return non-zero when both oid are the same OID, zero when they are + * not the same. + * + * @ingroup gssapi + */ + +GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL +gss_oid_equal(gss_const_OID a, gss_const_OID b) +{ + if (a == b && a != GSS_C_NO_OID) + return 1; + if (a == GSS_C_NO_OID || b == GSS_C_NO_OID || a->length != b->length) + return 0; + return memcmp(a->elements, b->elements, a->length) == 0; +} diff --git a/lib/gssapi/mech/gss_oid_to_str.c b/lib/gssapi/mech/gss_oid_to_str.c new file mode 100644 index 000000000000..a1d776877245 --- /dev/null +++ b/lib/gssapi/mech/gss_oid_to_str.c @@ -0,0 +1,98 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_oid_to_str(OM_uint32 *minor_status, gss_OID oid, gss_buffer_t oid_str) +{ + int ret; + size_t size; + heim_oid o; + char *p; + + _mg_buffer_zero(oid_str); + + if (oid == GSS_C_NULL_OID) + return GSS_S_FAILURE; + + ret = der_get_oid (oid->elements, oid->length, &o, &size); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = der_print_heim_oid(&o, ' ', &p); + der_free_oid(&o); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + oid_str->value = p; + oid_str->length = strlen(p); + + *minor_status = 0; + return GSS_S_COMPLETE; +} + +GSSAPI_LIB_FUNCTION const char * GSSAPI_LIB_CALL +gss_oid_to_name(gss_const_OID oid) +{ + size_t i; + + for (i = 0; _gss_ont_mech[i].oid; i++) { + if (gss_oid_equal(oid, _gss_ont_mech[i].oid)) + return _gss_ont_mech[i].name; + } + return NULL; +} + +GSSAPI_LIB_FUNCTION gss_OID GSSAPI_LIB_CALL +gss_name_to_oid(const char *name) +{ + size_t i, partial = (size_t)-1; + + for (i = 0; _gss_ont_mech[i].oid; i++) { + if (strcasecmp(name, _gss_ont_mech[i].short_desc) == 0) + return _gss_ont_mech[i].oid; + if (strncasecmp(name, _gss_ont_mech[i].short_desc, strlen(name)) == 0) { + if (partial != (size_t)-1) + return NULL; + partial = i; + } + } + if (partial != (size_t)-1) + return _gss_ont_mech[partial].oid; + return NULL; +} diff --git a/lib/gssapi/mech/gss_pname_to_uid.c b/lib/gssapi/mech/gss_pname_to_uid.c new file mode 100644 index 000000000000..c5f26949f2ae --- /dev/null +++ b/lib/gssapi/mech/gss_pname_to_uid.c @@ -0,0 +1,167 @@ +/* + * Copyright (c) 2011, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +static OM_uint32 +mech_pname_to_uid(OM_uint32 *minor_status, + struct _gss_mechanism_name *mn, + uid_t *uidp) +{ + OM_uint32 major_status = GSS_S_UNAVAILABLE; + + *minor_status = 0; + + if (mn->gmn_mech->gm_pname_to_uid == NULL) + return GSS_S_UNAVAILABLE; + + major_status = mn->gmn_mech->gm_pname_to_uid(minor_status, + mn->gmn_name, + mn->gmn_mech_oid, + uidp); + if (GSS_ERROR(major_status)) + _gss_mg_error(mn->gmn_mech, major_status, *minor_status); + + return major_status; +} + +static OM_uint32 +attr_pname_to_uid(OM_uint32 *minor_status, + struct _gss_mechanism_name *mn, + uid_t *uidp) +{ +#ifdef NO_LOCALNAME + return GSS_S_UNAVAILABLE; +#else + OM_uint32 major_status = GSS_S_UNAVAILABLE; + OM_uint32 tmpMinor; + int more = -1; + + *minor_status = 0; + + if (mn->gmn_mech->gm_get_name_attribute == NULL) + return GSS_S_UNAVAILABLE; + + while (more != 0) { + gss_buffer_desc value; + gss_buffer_desc display_value; + int authenticated = 0, complete = 0; +#ifdef POSIX_GETPWNAM_R + char pwbuf[2048]; + struct passwd pw, *pwd; +#else + struct passwd *pwd; +#endif + char *localname; + + major_status = mn->gmn_mech->gm_get_name_attribute(minor_status, + mn->gmn_name, + GSS_C_ATTR_LOCAL_LOGIN_USER, + &authenticated, + &complete, + &value, + &display_value, + &more); + if (GSS_ERROR(major_status)) { + _gss_mg_error(mn->gmn_mech, major_status, *minor_status); + break; + } + + localname = malloc(value.length + 1); + if (localname == NULL) { + major_status = GSS_S_FAILURE; + *minor_status = ENOMEM; + break; + } + + memcpy(localname, value.value, value.length); + localname[value.length] = '\0'; + +#ifdef POSIX_GETPWNAM_R + if (getpwnam_r(localname, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0) + pwd = NULL; +#else + pwd = getpwnam(localname); +#endif + + free(localname); + gss_release_buffer(&tmpMinor, &value); + gss_release_buffer(&tmpMinor, &display_value); + + if (pwd != NULL) { + *uidp = pwd->pw_uid; + major_status = GSS_S_COMPLETE; + *minor_status = 0; + break; + } else + major_status = GSS_S_UNAVAILABLE; + } + + return major_status; +#endif /* NO_LOCALNAME */ +} + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_pname_to_uid(OM_uint32 *minor_status, + const gss_name_t pname, + const gss_OID mech_type, + uid_t *uidp) +{ + OM_uint32 major_status = GSS_S_UNAVAILABLE; + struct _gss_name *name = (struct _gss_name *) pname; + struct _gss_mechanism_name *mn = NULL; + + *minor_status = 0; + + if (mech_type != GSS_C_NO_OID) { + major_status = _gss_find_mn(minor_status, name, mech_type, &mn); + if (GSS_ERROR(major_status)) + return major_status; + + major_status = mech_pname_to_uid(minor_status, mn, uidp); + if (major_status != GSS_S_COMPLETE) + major_status = attr_pname_to_uid(minor_status, mn, uidp); + } else { + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { + major_status = mech_pname_to_uid(minor_status, mn, uidp); + if (major_status != GSS_S_COMPLETE) + major_status = attr_pname_to_uid(minor_status, mn, uidp); + if (major_status != GSS_S_UNAVAILABLE) + break; + } + } + + if (major_status != GSS_S_COMPLETE && mn != NULL) + _gss_mg_error(mn->gmn_mech, major_status, *minor_status); + + return major_status; +} diff --git a/lib/gssapi/mech/gss_process_context_token.c b/lib/gssapi/mech/gss_process_context_token.c new file mode 100644 index 000000000000..e8e9b56cdc7f --- /dev/null +++ b/lib/gssapi/mech/gss_process_context_token.c @@ -0,0 +1,41 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_process_context_token.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_process_context_token(OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + const gss_buffer_t token_buffer) +{ + struct _gss_context *ctx = (struct _gss_context *) context_handle; + gssapi_mech_interface m = ctx->gc_mech; + + return (m->gm_process_context_token(minor_status, ctx->gc_ctx, + token_buffer)); +} diff --git a/lib/gssapi/mech/gss_pseudo_random.c b/lib/gssapi/mech/gss_pseudo_random.c new file mode 100644 index 000000000000..ce4f9a4136a5 --- /dev/null +++ b/lib/gssapi/mech/gss_pseudo_random.c @@ -0,0 +1,70 @@ +/* + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_pseudo_random(OM_uint32 *minor_status, + gss_ctx_id_t context, + int prf_key, + const gss_buffer_t prf_in, + ssize_t desired_output_len, + gss_buffer_t prf_out) +{ + struct _gss_context *ctx = (struct _gss_context *) context; + gssapi_mech_interface m; + OM_uint32 major_status; + + _mg_buffer_zero(prf_out); + *minor_status = 0; + + if (ctx == NULL) { + *minor_status = 0; + return GSS_S_NO_CONTEXT; + } + + m = ctx->gc_mech; + + if (m->gm_pseudo_random == NULL) + return GSS_S_UNAVAILABLE; + + major_status = (*m->gm_pseudo_random)(minor_status, ctx->gc_ctx, + prf_key, prf_in, desired_output_len, + prf_out); + if (major_status != GSS_S_COMPLETE) + _gss_mg_error(m, major_status, *minor_status); + + return major_status; +} diff --git a/lib/gssapi/mech/gss_release_buffer.c b/lib/gssapi/mech/gss_release_buffer.c new file mode 100644 index 000000000000..c3dd4575b6f4 --- /dev/null +++ b/lib/gssapi/mech/gss_release_buffer.c @@ -0,0 +1,42 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_release_buffer.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_release_buffer(OM_uint32 *minor_status, + gss_buffer_t buffer) +{ + + *minor_status = 0; + if (buffer->value) + free(buffer->value); + _mg_buffer_zero(buffer); + + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_release_cred.c b/lib/gssapi/mech/gss_release_cred.c new file mode 100644 index 000000000000..341f9f658cc3 --- /dev/null +++ b/lib/gssapi/mech/gss_release_cred.c @@ -0,0 +1,73 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_release_cred.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +/** + * Release a credentials + * + * Its ok to release the GSS_C_NO_CREDENTIAL/NULL credential, it will + * return a GSS_S_COMPLETE error code. On return cred_handle is set ot + * GSS_C_NO_CREDENTIAL. + * + * Example: + * + * @code + * gss_cred_id_t cred = GSS_C_NO_CREDENTIAL; + * major = gss_release_cred(&minor, &cred); + * @endcode + * + * @param minor_status minor status return code, mech specific + * @param cred_handle a pointer to the credential too release + * + * @return an gssapi error code + * + * @ingroup gssapi + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_release_cred(OM_uint32 *minor_status, gss_cred_id_t *cred_handle) +{ + struct _gss_cred *cred = (struct _gss_cred *) *cred_handle; + struct _gss_mechanism_cred *mc; + + if (*cred_handle == GSS_C_NO_CREDENTIAL) + return (GSS_S_COMPLETE); + + while (HEIM_SLIST_FIRST(&cred->gc_mc)) { + mc = HEIM_SLIST_FIRST(&cred->gc_mc); + HEIM_SLIST_REMOVE_HEAD(&cred->gc_mc, gmc_link); + mc->gmc_mech->gm_release_cred(minor_status, &mc->gmc_cred); + free(mc); + } + free(cred); + + *minor_status = 0; + *cred_handle = GSS_C_NO_CREDENTIAL; + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_release_name.c b/lib/gssapi/mech/gss_release_name.c new file mode 100644 index 000000000000..fd0b5df36bed --- /dev/null +++ b/lib/gssapi/mech/gss_release_name.c @@ -0,0 +1,74 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_release_name.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +/** + * Free a name + * + * import_name can point to NULL or be NULL, or a pointer to a + * gss_name_t structure. If it was a pointer to gss_name_t, the + * pointer will be set to NULL on success and failure. + * + * @param minor_status minor status code + * @param input_name name to free + * + * @returns a gss_error code, see gss_display_status() about printing + * the error code. + * + * @ingroup gssapi + */ +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_release_name(OM_uint32 *minor_status, + gss_name_t *input_name) +{ + struct _gss_name *name; + + *minor_status = 0; + + if (input_name == NULL || *input_name == NULL) + return GSS_S_COMPLETE; + + name = (struct _gss_name *) *input_name; + + if (name->gn_type.elements) + free(name->gn_type.elements); + while (HEIM_SLIST_FIRST(&name->gn_mn)) { + struct _gss_mechanism_name *mn; + mn = HEIM_SLIST_FIRST(&name->gn_mn); + HEIM_SLIST_REMOVE_HEAD(&name->gn_mn, gmn_link); + mn->gmn_mech->gm_release_name(minor_status, + &mn->gmn_name); + free(mn); + } + gss_release_buffer(minor_status, &name->gn_value); + free(name); + *input_name = GSS_C_NO_NAME; + + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_release_oid.c b/lib/gssapi/mech/gss_release_oid.c new file mode 100644 index 000000000000..610daf229c42 --- /dev/null +++ b/lib/gssapi/mech/gss_release_oid.c @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_release_oid(OM_uint32 *minor_status, gss_OID *oid) +{ + gss_OID o = *oid; + + *oid = GSS_C_NO_OID; + + if (minor_status != NULL) + *minor_status = 0; + + if (o == GSS_C_NO_OID) + return GSS_S_COMPLETE; + + if (o->elements != NULL) { + free(o->elements); + o->elements = NULL; + } + o->length = 0; + free(o); + + return GSS_S_COMPLETE; +} diff --git a/lib/gssapi/mech/gss_release_oid_set.c b/lib/gssapi/mech/gss_release_oid_set.c new file mode 100644 index 000000000000..183ddf8c751a --- /dev/null +++ b/lib/gssapi/mech/gss_release_oid_set.c @@ -0,0 +1,44 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_release_oid_set.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_release_oid_set(OM_uint32 *minor_status, + gss_OID_set *set) +{ + + *minor_status = 0; + if (set && *set) { + if ((*set)->elements) + free((*set)->elements); + free(*set); + *set = GSS_C_NO_OID_SET; + } + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_seal.c b/lib/gssapi/mech/gss_seal.c new file mode 100644 index 000000000000..26c65dafc984 --- /dev/null +++ b/lib/gssapi/mech/gss_seal.c @@ -0,0 +1,45 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_seal.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_seal(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + int qop_req, + gss_buffer_t input_message_buffer, + int *conf_state, + gss_buffer_t output_message_buffer) +{ + + return (gss_wrap(minor_status, + context_handle, conf_req_flag, qop_req, + input_message_buffer, conf_state, + output_message_buffer)); +} diff --git a/lib/gssapi/mech/gss_set_cred_option.c b/lib/gssapi/mech/gss_set_cred_option.c new file mode 100644 index 000000000000..d33453d92feb --- /dev/null +++ b/lib/gssapi/mech/gss_set_cred_option.c @@ -0,0 +1,118 @@ +/* + * Copyright (c) 2004, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_set_cred_option (OM_uint32 *minor_status, + gss_cred_id_t *cred_handle, + const gss_OID object, + const gss_buffer_t value) +{ + struct _gss_cred *cred = (struct _gss_cred *) *cred_handle; + OM_uint32 major_status = GSS_S_COMPLETE; + struct _gss_mechanism_cred *mc; + int one_ok = 0; + + *minor_status = 0; + + _gss_load_mech(); + + if (cred == NULL) { + struct _gss_mech_switch *m; + + cred = malloc(sizeof(*cred)); + if (cred == NULL) + return GSS_S_FAILURE; + + HEIM_SLIST_INIT(&cred->gc_mc); + + HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { + + if (m->gm_mech.gm_set_cred_option == NULL) + continue; + + mc = malloc(sizeof(*mc)); + if (mc == NULL) { + *cred_handle = (gss_cred_id_t)cred; + gss_release_cred(minor_status, cred_handle); + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + mc->gmc_mech = &m->gm_mech; + mc->gmc_mech_oid = &m->gm_mech_oid; + mc->gmc_cred = GSS_C_NO_CREDENTIAL; + + major_status = m->gm_mech.gm_set_cred_option( + minor_status, &mc->gmc_cred, object, value); + + if (major_status) { + free(mc); + continue; + } + one_ok = 1; + HEIM_SLIST_INSERT_HEAD(&cred->gc_mc, mc, gmc_link); + } + *cred_handle = (gss_cred_id_t)cred; + if (!one_ok) { + OM_uint32 junk; + gss_release_cred(&junk, cred_handle); + } + } else { + gssapi_mech_interface m; + + HEIM_SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) { + m = mc->gmc_mech; + + if (m == NULL) + return GSS_S_BAD_MECH; + + if (m->gm_set_cred_option == NULL) + continue; + + major_status = m->gm_set_cred_option(minor_status, + &mc->gmc_cred, object, value); + if (major_status == GSS_S_COMPLETE) + one_ok = 1; + else + _gss_mg_error(m, major_status, *minor_status); + + } + } + if (one_ok) { + *minor_status = 0; + return GSS_S_COMPLETE; + } + return major_status; +} + diff --git a/lib/gssapi/mech/gss_set_name_attribute.c b/lib/gssapi/mech/gss_set_name_attribute.c new file mode 100644 index 000000000000..ada7a0612ec7 --- /dev/null +++ b/lib/gssapi/mech/gss_set_name_attribute.c @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2010, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_set_name_attribute(OM_uint32 *minor_status, + gss_name_t input_name, + int complete, + gss_buffer_t attr, + gss_buffer_t value) +{ + OM_uint32 major_status = GSS_S_UNAVAILABLE; + struct _gss_name *name = (struct _gss_name *) input_name; + struct _gss_mechanism_name *mn; + + *minor_status = 0; + + if (input_name == GSS_C_NO_NAME) + return GSS_S_BAD_NAME; + + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { + gssapi_mech_interface m = mn->gmn_mech; + + if (!m->gm_set_name_attribute) + continue; + + major_status = m->gm_set_name_attribute(minor_status, + mn->gmn_name, + complete, + attr, + value); + if (GSS_ERROR(major_status)) + _gss_mg_error(m, major_status, *minor_status); + else + break; + } + + return major_status; +} diff --git a/lib/gssapi/mech/gss_set_sec_context_option.c b/lib/gssapi/mech/gss_set_sec_context_option.c new file mode 100644 index 000000000000..6efe1a0b1718 --- /dev/null +++ b/lib/gssapi/mech/gss_set_sec_context_option.c @@ -0,0 +1,70 @@ +/* + * Copyright (c) 2004, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_set_sec_context_option (OM_uint32 *minor_status, + gss_ctx_id_t *context_handle, + const gss_OID object, + const gss_buffer_t value) +{ + struct _gss_context *ctx; + OM_uint32 major_status; + gssapi_mech_interface m; + + *minor_status = 0; + + if (context_handle == NULL) + return GSS_S_NO_CONTEXT; + + ctx = (struct _gss_context *) *context_handle; + + if (ctx == NULL) + return GSS_S_NO_CONTEXT; + + m = ctx->gc_mech; + + if (m == NULL) + return GSS_S_BAD_MECH; + + if (m->gm_set_sec_context_option != NULL) { + major_status = m->gm_set_sec_context_option(minor_status, + &ctx->gc_ctx, object, value); + if (major_status != GSS_S_COMPLETE) + _gss_mg_error(m, major_status, *minor_status); + } else + major_status = GSS_S_BAD_MECH; + + return major_status; +} + diff --git a/lib/gssapi/mech/gss_sign.c b/lib/gssapi/mech/gss_sign.c new file mode 100644 index 000000000000..4ef99c19878c --- /dev/null +++ b/lib/gssapi/mech/gss_sign.c @@ -0,0 +1,41 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_sign.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_sign(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int qop_req, + gss_buffer_t message_buffer, + gss_buffer_t message_token) +{ + + return gss_get_mic(minor_status, + context_handle, qop_req, message_buffer, message_token); +} diff --git a/lib/gssapi/mech/gss_store_cred.c b/lib/gssapi/mech/gss_store_cred.c new file mode 100644 index 000000000000..4d2bfdec8b1a --- /dev/null +++ b/lib/gssapi/mech/gss_store_cred.c @@ -0,0 +1,94 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_store_cred(OM_uint32 *minor_status, + gss_cred_id_t input_cred_handle, + gss_cred_usage_t cred_usage, + const gss_OID desired_mech, + OM_uint32 overwrite_cred, + OM_uint32 default_cred, + gss_OID_set *elements_stored, + gss_cred_usage_t *cred_usage_stored) +{ + struct _gss_cred *cred = (struct _gss_cred *) input_cred_handle; + struct _gss_mechanism_cred *mc; + OM_uint32 maj, junk; + + if (minor_status == NULL) + return GSS_S_FAILURE; + if (elements_stored) + *elements_stored = NULL; + if (cred_usage_stored) + *cred_usage_stored = 0; + + if (cred == NULL) + return GSS_S_NO_CONTEXT; + + if (elements_stored) { + maj = gss_create_empty_oid_set(minor_status, elements_stored); + if (maj != GSS_S_COMPLETE) + return maj; + } + + HEIM_SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) { + gssapi_mech_interface m = mc->gmc_mech; + + if (m == NULL || m->gm_store_cred == NULL) + continue; + + if (desired_mech) { + maj = gss_oid_equal(&m->gm_mech_oid, desired_mech); + if (maj != 0) + continue; + } + + maj = (m->gm_store_cred)(minor_status, mc->gmc_cred, + cred_usage, desired_mech, overwrite_cred, + default_cred, NULL, cred_usage_stored); + if (maj != GSS_S_COMPLETE) { + gss_release_oid_set(&junk, elements_stored); + return maj; + } + + if (elements_stored) { + gss_add_oid_set_member(&junk, + &m->gm_mech_oid, + elements_stored); + } + + } + return GSS_S_COMPLETE; +} diff --git a/lib/gssapi/mech/gss_test_oid_set_member.c b/lib/gssapi/mech/gss_test_oid_set_member.c new file mode 100644 index 000000000000..715d34bf0666 --- /dev/null +++ b/lib/gssapi/mech/gss_test_oid_set_member.c @@ -0,0 +1,46 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_test_oid_set_member.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_test_oid_set_member(OM_uint32 *minor_status, + const gss_OID member, + const gss_OID_set set, + int *present) +{ + size_t i; + + *present = 0; + for (i = 0; i < set->count; i++) + if (gss_oid_equal(member, &set->elements[i])) + *present = 1; + + *minor_status = 0; + return (GSS_S_COMPLETE); +} diff --git a/lib/gssapi/mech/gss_unseal.c b/lib/gssapi/mech/gss_unseal.c new file mode 100644 index 000000000000..0add03d4ddb9 --- /dev/null +++ b/lib/gssapi/mech/gss_unseal.c @@ -0,0 +1,43 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_unseal.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_unseal(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + gss_buffer_t input_message_buffer, + gss_buffer_t output_message_buffer, + int *conf_state, + int *qop_state) +{ + + return (gss_unwrap(minor_status, + context_handle, input_message_buffer, + output_message_buffer, conf_state, (gss_qop_t *)qop_state)); +} diff --git a/lib/gssapi/mech/gss_unwrap.c b/lib/gssapi/mech/gss_unwrap.c new file mode 100644 index 000000000000..d0d18aca25b1 --- /dev/null +++ b/lib/gssapi/mech/gss_unwrap.c @@ -0,0 +1,45 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_unwrap.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_unwrap(OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + const gss_buffer_t input_message_buffer, + gss_buffer_t output_message_buffer, + int *conf_state, + gss_qop_t *qop_state) +{ + struct _gss_context *ctx = (struct _gss_context *) context_handle; + gssapi_mech_interface m = ctx->gc_mech; + + return (m->gm_unwrap(minor_status, ctx->gc_ctx, + input_message_buffer, output_message_buffer, + conf_state, qop_state)); +} diff --git a/lib/gssapi/mech/gss_utils.c b/lib/gssapi/mech/gss_utils.c new file mode 100644 index 000000000000..2071621b2304 --- /dev/null +++ b/lib/gssapi/mech/gss_utils.c @@ -0,0 +1,78 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_utils.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +OM_uint32 +_gss_copy_oid(OM_uint32 *minor_status, + const gss_OID from_oid, gss_OID to_oid) +{ + size_t len = from_oid->length; + + *minor_status = 0; + to_oid->elements = malloc(len); + if (!to_oid->elements) { + to_oid->length = 0; + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + to_oid->length = len; + memcpy(to_oid->elements, from_oid->elements, len); + return (GSS_S_COMPLETE); +} + +OM_uint32 +_gss_free_oid(OM_uint32 *minor_status, gss_OID oid) +{ + *minor_status = 0; + if (oid->elements) { + free(oid->elements); + oid->elements = NULL; + oid->length = 0; + } + return (GSS_S_COMPLETE); +} + +OM_uint32 +_gss_copy_buffer(OM_uint32 *minor_status, + const gss_buffer_t from_buf, gss_buffer_t to_buf) +{ + size_t len = from_buf->length; + + *minor_status = 0; + to_buf->value = malloc(len); + if (!to_buf->value) { + *minor_status = ENOMEM; + to_buf->length = 0; + return GSS_S_FAILURE; + } + to_buf->length = len; + memcpy(to_buf->value, from_buf->value, len); + return (GSS_S_COMPLETE); +} + diff --git a/lib/gssapi/mech/gss_verify.c b/lib/gssapi/mech/gss_verify.c new file mode 100644 index 000000000000..dd53ddbae909 --- /dev/null +++ b/lib/gssapi/mech/gss_verify.c @@ -0,0 +1,42 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_verify.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_verify(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + gss_buffer_t message_buffer, + gss_buffer_t token_buffer, + int *qop_state) +{ + + return (gss_verify_mic(minor_status, + context_handle, message_buffer, token_buffer, + (gss_qop_t *)qop_state)); +} diff --git a/lib/gssapi/mech/gss_verify_mic.c b/lib/gssapi/mech/gss_verify_mic.c new file mode 100644 index 000000000000..a791dc732761 --- /dev/null +++ b/lib/gssapi/mech/gss_verify_mic.c @@ -0,0 +1,52 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_verify_mic.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_verify_mic(OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + const gss_buffer_t message_buffer, + const gss_buffer_t token_buffer, + gss_qop_t *qop_state) +{ + struct _gss_context *ctx = (struct _gss_context *) context_handle; + gssapi_mech_interface m; + + if (qop_state) + *qop_state = 0; + if (ctx == NULL) { + *minor_status = 0; + return GSS_S_NO_CONTEXT; + } + + m = ctx->gc_mech; + + return (m->gm_verify_mic(minor_status, ctx->gc_ctx, + message_buffer, token_buffer, qop_state)); +} diff --git a/lib/gssapi/mech/gss_wrap.c b/lib/gssapi/mech/gss_wrap.c new file mode 100644 index 000000000000..d9864b36ccb4 --- /dev/null +++ b/lib/gssapi/mech/gss_wrap.c @@ -0,0 +1,71 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_wrap.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +/** + * Wrap a message using either confidentiality (encryption + + * signature) or sealing (signature). + * + * @param minor_status minor status code. + * @param context_handle context handle. + * @param conf_req_flag if non zero, confidentiality is requestd. + * @param qop_req type of protection needed, in most cases it GSS_C_QOP_DEFAULT should be passed in. + * @param input_message_buffer messages to wrap + * @param conf_state returns non zero if confidentiality was honoured. + * @param output_message_buffer the resulting buffer, release with gss_release_buffer(). + * + * @ingroup gssapi + */ + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_wrap(OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + const gss_buffer_t input_message_buffer, + int *conf_state, + gss_buffer_t output_message_buffer) +{ + struct _gss_context *ctx = (struct _gss_context *) context_handle; + gssapi_mech_interface m; + + if (conf_state) + *conf_state = 0; + _mg_buffer_zero(output_message_buffer); + if (ctx == NULL) { + *minor_status = 0; + return GSS_S_NO_CONTEXT; + } + + m = ctx->gc_mech; + + return (m->gm_wrap(minor_status, ctx->gc_ctx, + conf_req_flag, qop_req, input_message_buffer, + conf_state, output_message_buffer)); +} diff --git a/lib/gssapi/mech/gss_wrap_size_limit.c b/lib/gssapi/mech/gss_wrap_size_limit.c new file mode 100644 index 000000000000..9bebcf6cf08e --- /dev/null +++ b/lib/gssapi/mech/gss_wrap_size_limit.c @@ -0,0 +1,52 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/gss_wrap_size_limit.c,v 1.1 2005/12/29 14:40:20 dfr Exp $ + */ + +#include "mech_locl.h" + +GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL +gss_wrap_size_limit(OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + OM_uint32 req_output_size, + OM_uint32 *max_input_size) +{ + struct _gss_context *ctx = (struct _gss_context *) context_handle; + gssapi_mech_interface m; + + *max_input_size = 0; + if (ctx == NULL) { + *minor_status = 0; + return GSS_S_NO_CONTEXT; + } + + m = ctx->gc_mech; + + return (m->gm_wrap_size_limit(minor_status, ctx->gc_ctx, + conf_req_flag, qop_req, req_output_size, max_input_size)); +} diff --git a/lib/gssapi/mech/gssapi.asn1 b/lib/gssapi/mech/gssapi.asn1 new file mode 100644 index 000000000000..1ba7b40637b0 --- /dev/null +++ b/lib/gssapi/mech/gssapi.asn1 @@ -0,0 +1,12 @@ +-- $Id$ + +GSS-API DEFINITIONS ::= BEGIN + +IMPORTS heim_any_set FROM heim; + +GSSAPIContextToken ::= [APPLICATION 0] IMPLICIT SEQUENCE { + thisMech OBJECT IDENTIFIER, + innerContextToken heim_any_set +} + +END \ No newline at end of file diff --git a/lib/gssapi/mech/mech.5 b/lib/gssapi/mech/mech.5 new file mode 100644 index 000000000000..e7b083d3158a --- /dev/null +++ b/lib/gssapi/mech/mech.5 @@ -0,0 +1,94 @@ +.\" Copyright (c) 2005 Doug Rabson +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD: src/lib/libgssapi/mech.5,v 1.1 2005/12/29 14:40:20 dfr Exp $ +.Dd November 14, 2005 +.Dt MECH 5 +.Os +.Sh NAME +.Nm mech , +.Nm qop +.Nd "GSS-API Mechanism and QOP files" +.Sh SYNOPSIS +.Pa "/etc/gss/mech" +.Pa "/etc/gss/qop" +.Sh DESCRIPTION +The +.Pa "/etc/gss/mech" +file contains a list of installed GSS-API security mechanisms. +Each line of the file either contains a comment if the first character +is '#' or it contains five fields with the following meanings: +.Bl -tag +.It Name +The name of this GSS-API mechanism. +.It Object identifier +The OID for this mechanism. +.It Library +A shared library containing the implementation of this mechanism. +.It Kernel module (optional) +A kernel module containing the implementation of this mechanism (not +yet supported in FreeBSD). +.It Library options (optional) +Optionsal parameters interpreted by the mechanism. Library options +must be enclosed in brackets ([ ]) to differentiate them from the +optional kernel module entry. +.El +.Pp +The +.Pa "/etc/gss/qop" +file contains a list of Quality of Protection values for use with +GSS-API. +Each line of the file either contains a comment if the first character +is '#' or it contains three fields with the following meanings: +.Bl -tag +.It QOP string +The name of this Quality of Protection algorithm. +.It QOP value +The numeric value used to select this algorithm for use with GSS-API +functions such as +.Xr gss_get_mic 3 . +.It Mechanism name +The GSS-API mechanism name that corresponds to this algorithm. +.El +.Sh EXAMPLES +This is a typical entry from +.Pa "/etc/gss/mech" : +.Bd -literal +kerberosv5 1.2.840.113554.1.2.2 /usr/lib/libgssapi_krb5.so.8 - +.Ed +.Pp +This is a typical entry from +.Pa "/etc/gss/qop" : +.Bd -literal +GSS_KRB5_CONF_C_QOP_DES 0x0100 kerberosv5 +.Ed +.Sh HISTORY +The +.Nm +manual page example first appeared in +.Fx 7.0 . +.Sh AUTHORS +This +manual page was written by +.An Doug Rabson Aq dfr@FreeBSD.org . diff --git a/lib/gssapi/mech/mech.cat5 b/lib/gssapi/mech/mech.cat5 new file mode 100644 index 000000000000..821a193df6e1 --- /dev/null +++ b/lib/gssapi/mech/mech.cat5 @@ -0,0 +1,61 @@ + +MECH(5) BSD File Formats Manual MECH(5) + +NNAAMMEE + mmeecchh, qqoopp -- GSS-API Mechanism and QOP files + +SSYYNNOOPPSSIISS + _/_e_t_c_/_g_s_s_/_m_e_c_h _/_e_t_c_/_g_s_s_/_q_o_p + +DDEESSCCRRIIPPTTIIOONN + The _/_e_t_c_/_g_s_s_/_m_e_c_h file contains a list of installed GSS-API security + mechanisms. Each line of the file either contains a comment if the first + character is '#' or it contains five fields with the following meanings: + + Name The name of this GSS-API mechanism. + + Object identifier + The OID for this mechanism. + + Library A shared library containing the implementation of this + mechanism. + + Kernel module (optional) + A kernel module containing the implementation of this mech- + anism (not yet supported in FreeBSD). + + Library options (optional) + Optionsal parameters interpreted by the mechanism. Library + options must be enclosed in brackets ([ ]) to differentiate + them from the optional kernel module entry. + + The _/_e_t_c_/_g_s_s_/_q_o_p file contains a list of Quality of Protection values for + use with GSS-API. Each line of the file either contains a comment if the + first character is '#' or it contains three fields with the following + meanings: + + QOP string The name of this Quality of Protection algorithm. + + QOP value The numeric value used to select this algorithm for use + with GSS-API functions such as gss_get_mic(3). + + Mechanism name + The GSS-API mechanism name that corresponds to this algo- + rithm. + +EEXXAAMMPPLLEESS + This is a typical entry from _/_e_t_c_/_g_s_s_/_m_e_c_h: + + kerberosv5 1.2.840.113554.1.2.2 /usr/lib/libgssapi_krb5.so.8 - + + This is a typical entry from _/_e_t_c_/_g_s_s_/_q_o_p: + + GSS_KRB5_CONF_C_QOP_DES 0x0100 kerberosv5 + +HHIISSTTOORRYY + The mmeecchh manual page example first appeared in FreeBSD 7.0. + +AAUUTTHHOORRSS + This manual page was written by Doug Rabson . + +BSD November 14, 2005 BSD diff --git a/lib/sl/make_cmds.h b/lib/gssapi/mech/mech_locl.h similarity index 54% rename from lib/sl/make_cmds.h rename to lib/gssapi/mech/mech_locl.h index 818e5e85940d..6c23ac5256b1 100644 --- a/lib/sl/make_cmds.h +++ b/lib/gssapi/mech/mech_locl.h @@ -1,76 +1,81 @@ /* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: make_cmds.h 8467 2000-06-27 02:36:56Z assar $ */ +/* $Id$ */ -#ifndef __MAKE_CMDS_H__ -#define __MAKE_CMDS_H__ - -#ifdef HAVE_CONFIG_H #include -#endif + +#include + +#include #include -#include #include -#include +#include +#include +#include +#include + +#include +#include #include -extern char *filename; -extern char *table_name; -extern int numerror; +#include +#include +#include -struct command_list { - char *function; - char *help; - struct string_list *aliases; - unsigned flags; - struct command_list *next; - struct command_list **tail; -}; +#include "mechqueue.h" -struct string_list { - char *string; - struct string_list *next; - struct string_list **tail; -}; +#include "context.h" +#include "cred.h" +#include "mech_switch.h" +#include "name.h" +#include "utils.h" +#include "compat.h" -void add_command(char*, char*, struct string_list*, unsigned); +#define _mg_buffer_zero(buffer) \ + do { \ + if (buffer) { \ + (buffer)->value = NULL; \ + (buffer)->length = 0; \ + } \ + } while(0) -void error_message(const char *, ...) - __attribute__ ((format (printf, 1,2))); - -int yylex (void); - -#endif /* __MAKE_CMDS_H__ */ +#define _mg_oid_set_zero(oid_set) \ + do { \ + if (oid_set) { \ + (oid_set)->elements = NULL; \ + (oid_set)->count = 0; \ + } \ + } while(0) diff --git a/lib/gssapi/mech/mech_switch.h b/lib/gssapi/mech/mech_switch.h new file mode 100644 index 000000000000..7ed3d4d4aa34 --- /dev/null +++ b/lib/gssapi/mech/mech_switch.h @@ -0,0 +1,43 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/mech_switch.h,v 1.1 2005/12/29 14:40:20 dfr Exp $ + * $Id$ + */ + +#include + +struct _gss_mech_switch { + HEIM_SLIST_ENTRY(_gss_mech_switch) gm_link; + gss_OID_desc gm_mech_oid; + gss_OID_set gm_name_types; + void *gm_so; + gssapi_mech_interface_desc gm_mech; +}; +HEIM_SLIST_HEAD(_gss_mech_switch_list, _gss_mech_switch); +extern struct _gss_mech_switch_list _gss_mechs; +extern gss_OID_set _gss_mech_oids; + +void _gss_load_mech(void); diff --git a/lib/gssapi/mech/mechqueue.h b/lib/gssapi/mech/mechqueue.h new file mode 100644 index 000000000000..95941bab7e87 --- /dev/null +++ b/lib/gssapi/mech/mechqueue.h @@ -0,0 +1,97 @@ +/* $NetBSD: queue.h,v 1.39 2004/04/18 14:25:34 lukem Exp $ */ + +/* + * Copyright (c) 1991, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)queue.h 8.5 (Berkeley) 8/20/94 + */ + +#ifndef _MECHQUEUE_H_ +#define _MECHQUEUE_H_ + +/* + * Singly-linked List definitions. + */ +#define HEIM_SLIST_HEAD(name, type) \ +struct name { \ + struct type *slh_first; /* first element */ \ +} + +#define HEIM_SLIST_HEAD_INITIALIZER(head) \ + { NULL } + +#define HEIM_SLIST_ENTRY(type) \ +struct { \ + struct type *sle_next; /* next element */ \ +} + +/* + * Singly-linked List functions. + */ +#define HEIM_SLIST_INIT(head) do { \ + (head)->slh_first = NULL; \ +} while (/*CONSTCOND*/0) + +#define HEIM_SLIST_INSERT_AFTER(slistelm, elm, field) do { \ + (elm)->field.sle_next = (slistelm)->field.sle_next; \ + (slistelm)->field.sle_next = (elm); \ +} while (/*CONSTCOND*/0) + +#define HEIM_SLIST_INSERT_HEAD(head, elm, field) do { \ + (elm)->field.sle_next = (head)->slh_first; \ + (head)->slh_first = (elm); \ +} while (/*CONSTCOND*/0) + +#define HEIM_SLIST_REMOVE_HEAD(head, field) do { \ + (head)->slh_first = (head)->slh_first->field.sle_next; \ +} while (/*CONSTCOND*/0) + +#define HEIM_SLIST_REMOVE(head, elm, type, field) do { \ + if ((head)->slh_first == (elm)) { \ + HEIM_SLIST_REMOVE_HEAD((head), field); \ + } \ + else { \ + struct type *curelm = (head)->slh_first; \ + while(curelm->field.sle_next != (elm)) \ + curelm = curelm->field.sle_next; \ + curelm->field.sle_next = \ + curelm->field.sle_next->field.sle_next; \ + } \ +} while (/*CONSTCOND*/0) + +#define HEIM_SLIST_FOREACH(var, head, field) \ + for((var) = (head)->slh_first; (var); (var) = (var)->field.sle_next) + +/* + * Singly-linked List access methods. + */ +#define HEIM_SLIST_EMPTY(head) ((head)->slh_first == NULL) +#define HEIM_SLIST_FIRST(head) ((head)->slh_first) +#define HEIM_SLIST_NEXT(elm, field) ((elm)->field.sle_next) + +#endif /* !_MECHQUEUE_H_ */ diff --git a/lib/gssapi/mech/name.h b/lib/gssapi/mech/name.h new file mode 100644 index 000000000000..4baeebf36a82 --- /dev/null +++ b/lib/gssapi/mech/name.h @@ -0,0 +1,48 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/name.h,v 1.1 2005/12/29 14:40:20 dfr Exp $ + * $Id$ + */ + +struct _gss_mechanism_name { + HEIM_SLIST_ENTRY(_gss_mechanism_name) gmn_link; + gssapi_mech_interface gmn_mech; /* mechanism ops for MN */ + gss_OID gmn_mech_oid; /* mechanism oid for MN */ + gss_name_t gmn_name; /* underlying MN */ +}; +HEIM_SLIST_HEAD(_gss_mechanism_name_list, _gss_mechanism_name); + +struct _gss_name { + gss_OID_desc gn_type; /* type of name */ + gss_buffer_desc gn_value; /* value (as imported) */ + struct _gss_mechanism_name_list gn_mn; /* list of MNs */ +}; + +OM_uint32 + _gss_find_mn(OM_uint32 *, struct _gss_name *, gss_OID, + struct _gss_mechanism_name **); +struct _gss_name * + _gss_make_name(gssapi_mech_interface m, gss_name_t new_mn); diff --git a/lib/gssapi/mech/utils.h b/lib/gssapi/mech/utils.h new file mode 100644 index 000000000000..7b27d38f3cd0 --- /dev/null +++ b/lib/gssapi/mech/utils.h @@ -0,0 +1,33 @@ +/*- + * Copyright (c) 2005 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/lib/libgssapi/utils.h,v 1.1 2005/12/29 14:40:20 dfr Exp $ + * $Id$ + */ + +OM_uint32 _gss_free_oid(OM_uint32 *, gss_OID); +OM_uint32 _gss_copy_oid(OM_uint32 *, const gss_OID, gss_OID); +OM_uint32 _gss_copy_buffer(OM_uint32 *minor_status, + const gss_buffer_t from_buf, gss_buffer_t to_buf); diff --git a/lib/gssapi/ntlm/accept_sec_context.c b/lib/gssapi/ntlm/accept_sec_context.c index 79fc53826dec..533fc15df8f3 100644 --- a/lib/gssapi/ntlm/accept_sec_context.c +++ b/lib/gssapi/ntlm/accept_sec_context.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" - -RCSID("$Id: accept_sec_context.c 22521 2008-01-24 11:53:18Z lha $"); +#include "ntlm.h" /* * @@ -43,10 +41,17 @@ OM_uint32 _gss_ntlm_allocate_ctx(OM_uint32 *minor_status, ntlm_ctx *ctx) { OM_uint32 maj_stat; + struct ntlm_server_interface *ns_interface = NULL; + +#ifdef DIGEST + ns_interface = &ntlmsspi_kdc_digest; +#endif + if (ns_interface == NULL) + return GSS_S_FAILURE; *ctx = calloc(1, sizeof(**ctx)); - (*ctx)->server = &ntlmsspi_kdc_digest; + (*ctx)->server = ns_interface; maj_stat = (*(*ctx)->server->nsi_init)(minor_status, &(*ctx)->ictx); if (maj_stat != GSS_S_COMPLETE) @@ -59,7 +64,7 @@ _gss_ntlm_allocate_ctx(OM_uint32 *minor_status, ntlm_ctx *ctx) * */ -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_accept_sec_context (OM_uint32 * minor_status, gss_ctx_id_t * context_handle, @@ -76,6 +81,7 @@ _gss_ntlm_accept_sec_context { krb5_error_code ret; struct ntlm_buf data; + OM_uint32 junk; ntlm_ctx ctx; output_token->value = NULL; @@ -85,7 +91,7 @@ _gss_ntlm_accept_sec_context if (context_handle == NULL) return GSS_S_FAILURE; - + if (input_token_buffer == GSS_C_NO_BUFFER) return GSS_S_FAILURE; @@ -110,7 +116,7 @@ _gss_ntlm_accept_sec_context if (major_status) return major_status; *context_handle = (gss_ctx_id_t)ctx; - + /* check if the mechs is allowed by remote service */ major_status = (*ctx->server->nsi_probe)(minor_status, ctx->ictx, NULL); if (major_status) { @@ -120,7 +126,7 @@ _gss_ntlm_accept_sec_context data.data = input_token_buffer->value; data.length = input_token_buffer->length; - + ret = heim_ntlm_decode_type1(&data, &type1); if (ret) { _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); @@ -149,15 +155,15 @@ _gss_ntlm_accept_sec_context &out); heim_ntlm_free_type1(&type1); if (major_status != GSS_S_COMPLETE) { - OM_uint32 junk; - _gss_ntlm_delete_sec_context(&junk, context_handle, NULL); + OM_uint32 gunk; + _gss_ntlm_delete_sec_context(&gunk, context_handle, NULL); return major_status; } output_token->value = malloc(out.length); - if (output_token->value == NULL) { - OM_uint32 junk; - _gss_ntlm_delete_sec_context(&junk, context_handle, NULL); + if (output_token->value == NULL && out.length != 0) { + OM_uint32 gunk; + _gss_ntlm_delete_sec_context(&gunk, context_handle, NULL); *minor_status = ENOMEM; return GSS_S_FAILURE; } @@ -201,27 +207,31 @@ _gss_ntlm_accept_sec_context n->domain = strdup(type3.targetname); } if (n == NULL || n->user == NULL || n->domain == NULL) { + gss_name_t tempn = (gss_name_t)n; + _gss_ntlm_release_name(&junk, &tempn); heim_ntlm_free_type3(&type3); - _gss_ntlm_delete_sec_context(minor_status, + _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); return maj_stat; } *src_name = (gss_name_t)n; - } + } heim_ntlm_free_type3(&type3); - ret = krb5_data_copy(&ctx->sessionkey, + ret = krb5_data_copy(&ctx->sessionkey, session.data, session.length); - if (ret) { + if (ret) { + if (src_name) + _gss_ntlm_release_name(&junk, src_name); _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); *minor_status = ret; return GSS_S_FAILURE; } - + if (session.length != 0) { - ctx->status |= STATUS_SESSIONKEY; + ctx->status |= STATUS_SESSIONKEY; if (ctx->flags & NTLM_NEG_NTLM2_SESSION) { _gss_ntlm_set_key(&ctx->u.v2.send, 1, @@ -233,10 +243,10 @@ _gss_ntlm_accept_sec_context ctx->sessionkey.data, ctx->sessionkey.length); } else { - RC4_set_key(&ctx->u.v1.crypto_send.key, + RC4_set_key(&ctx->u.v1.crypto_send.key, ctx->sessionkey.length, ctx->sessionkey.data); - RC4_set_key(&ctx->u.v1.crypto_recv.key, + RC4_set_key(&ctx->u.v1.crypto_recv.key, ctx->sessionkey.length, ctx->sessionkey.data); } diff --git a/lib/gssapi/ntlm/acquire_cred.c b/lib/gssapi/ntlm/acquire_cred.c index 8e17d4fb182b..b186271f590f 100644 --- a/lib/gssapi/ntlm/acquire_cred.c +++ b/lib/gssapi/ntlm/acquire_cred.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: acquire_cred.c 22380 2007-12-29 18:42:56Z lha $"); - -OM_uint32 _gss_ntlm_acquire_cred +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_acquire_cred (OM_uint32 * min_stat, const gss_name_t desired_name, OM_uint32 time_req, @@ -51,8 +49,7 @@ OM_uint32 _gss_ntlm_acquire_cred ntlm_ctx ctx; *min_stat = 0; - if (output_cred_handle) - *output_cred_handle = GSS_C_NO_CREDENTIAL; + *output_cred_handle = GSS_C_NO_CREDENTIAL; if (actual_mechs) *actual_mechs = GSS_C_NO_OID_SET; if (time_rec) @@ -66,19 +63,17 @@ OM_uint32 _gss_ntlm_acquire_cred maj_stat = _gss_ntlm_allocate_ctx(min_stat, &ctx); if (maj_stat != GSS_S_COMPLETE) return maj_stat; - - maj_stat = (*ctx->server->nsi_probe)(min_stat, ctx->ictx, + + maj_stat = (*ctx->server->nsi_probe)(min_stat, ctx->ictx, name->domain); - - if (maj_stat) - return maj_stat; - { gss_ctx_id_t context = (gss_ctx_id_t)ctx; - _gss_ntlm_delete_sec_context(min_stat, &context, NULL); - *min_stat = 0; + OM_uint32 junk; + _gss_ntlm_delete_sec_context(&junk, &context, NULL); } - } + if (maj_stat) + return maj_stat; + } if (cred_usage == GSS_C_BOTH || cred_usage == GSS_C_INITIATE) { ntlm_cred cred; diff --git a/lib/gssapi/ntlm/add_cred.c b/lib/gssapi/ntlm/add_cred.c index 11a25811116a..7c6b5ba255a0 100644 --- a/lib/gssapi/ntlm/add_cred.c +++ b/lib/gssapi/ntlm/add_cred.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: add_cred.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_add_cred ( +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_add_cred ( OM_uint32 *minor_status, const gss_cred_id_t input_cred_handle, const gss_name_t desired_name, diff --git a/lib/gssapi/ntlm/canonicalize_name.c b/lib/gssapi/ntlm/canonicalize_name.c index 8eaa8702fb8e..0ea64299dd0c 100644 --- a/lib/gssapi/ntlm/canonicalize_name.c +++ b/lib/gssapi/ntlm/canonicalize_name.c @@ -1,41 +1,40 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: canonicalize_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_canonicalize_name ( +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_canonicalize_name ( OM_uint32 * minor_status, const gss_name_t input_name, const gss_OID mech_type, diff --git a/lib/gssapi/ntlm/compare_name.c b/lib/gssapi/ntlm/compare_name.c index d2c2d8b21327..6e095bdee2a7 100644 --- a/lib/gssapi/ntlm/compare_name.c +++ b/lib/gssapi/ntlm/compare_name.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: compare_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_compare_name +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_compare_name (OM_uint32 * minor_status, const gss_name_t name1, const gss_name_t name2, diff --git a/lib/gssapi/ntlm/context_time.c b/lib/gssapi/ntlm/context_time.c index a6895cbe8727..73debda48326 100644 --- a/lib/gssapi/ntlm/context_time.c +++ b/lib/gssapi/ntlm/context_time.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: context_time.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_context_time +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_context_time (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, OM_uint32 * time_rec diff --git a/lib/gssapi/ntlm/creds.c b/lib/gssapi/ntlm/creds.c new file mode 100644 index 000000000000..ffbf35504eea --- /dev/null +++ b/lib/gssapi/ntlm/creds.c @@ -0,0 +1,160 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "ntlm.h" + +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_inquire_cred + (OM_uint32 * minor_status, + const gss_cred_id_t cred_handle, + gss_name_t * name, + OM_uint32 * lifetime, + gss_cred_usage_t * cred_usage, + gss_OID_set * mechanisms + ) +{ + OM_uint32 ret, junk; + + *minor_status = 0; + + if (cred_handle == NULL) + return GSS_S_NO_CRED; + + if (name) { + ntlm_name n = calloc(1, sizeof(*n)); + ntlm_cred c = (ntlm_cred)cred_handle; + if (n) { + n->user = strdup(c->username); + n->domain = strdup(c->domain); + } + if (n == NULL || n->user == NULL || n->domain == NULL) { + if (n) + free(n->user); + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + *name = (gss_name_t)n; + } + if (lifetime) + *lifetime = GSS_C_INDEFINITE; + if (cred_usage) + *cred_usage = 0; + if (mechanisms) + *mechanisms = GSS_C_NO_OID_SET; + + if (cred_handle == GSS_C_NO_CREDENTIAL) + return GSS_S_NO_CRED; + + if (mechanisms) { + ret = gss_create_empty_oid_set(minor_status, mechanisms); + if (ret) + goto out; + ret = gss_add_oid_set_member(minor_status, + GSS_NTLM_MECHANISM, + mechanisms); + if (ret) + goto out; + } + + return GSS_S_COMPLETE; +out: + gss_release_oid_set(&junk, mechanisms); + return ret; +} + +#ifdef HAVE_KCM +static OM_uint32 +_gss_ntlm_destroy_kcm_cred(gss_cred_id_t *cred_handle) +{ + krb5_storage *request, *response; + krb5_data response_data; + krb5_context context; + krb5_error_code ret; + ntlm_cred cred; + + cred = (ntlm_cred)*cred_handle; + + ret = krb5_init_context(&context); + if (ret) + return ret; + + ret = krb5_kcm_storage_request(context, KCM_OP_DEL_NTLM_CRED, &request); + if (ret) + goto out; + + ret = krb5_store_stringz(request, cred->username); + if (ret) + goto out; + + ret = krb5_store_stringz(request, cred->domain); + if (ret) + goto out; + + ret = krb5_kcm_call(context, request, &response, &response_data); + if (ret) + goto out; + + krb5_storage_free(request); + krb5_storage_free(response); + krb5_data_free(&response_data); + + out: + krb5_free_context(context); + + return ret; +} +#endif /* HAVE_KCM */ + +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_destroy_cred(OM_uint32 *minor_status, + gss_cred_id_t *cred_handle) +{ +#ifdef HAVE_KCM + krb5_error_code ret; +#endif + + if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) + return GSS_S_COMPLETE; + +#ifdef HAVE_KCM + ret = _gss_ntlm_destroy_kcm_cred(cred_handle); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } +#endif + + return _gss_ntlm_release_cred(minor_status, cred_handle); +} diff --git a/lib/gssapi/ntlm/crypto.c b/lib/gssapi/ntlm/crypto.c index b05246ca52f4..85dc638dda58 100644 --- a/lib/gssapi/ntlm/crypto.c +++ b/lib/gssapi/ntlm/crypto.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" - -RCSID("$Id: crypto.c 19535 2006-12-28 14:49:01Z lha $"); +#include "ntlm.h" uint32_t _krb5_crc_update (const char *p, size_t len, uint32_t res); @@ -80,7 +78,7 @@ _gss_ntlm_set_key(struct ntlmv2_key *key, int acceptor, int sealsign, unsigned char *data, size_t len) { unsigned char out[16]; - MD5_CTX ctx; + EVP_MD_CTX *ctx; const char *signmagic; const char *sealmagic; @@ -94,15 +92,17 @@ _gss_ntlm_set_key(struct ntlmv2_key *key, int acceptor, int sealsign, key->seq = 0; - MD5_Init(&ctx); - MD5_Update(&ctx, data, len); - MD5_Update(&ctx, signmagic, strlen(signmagic) + 1); - MD5_Final(key->signkey, &ctx); + ctx = EVP_MD_CTX_create(); + EVP_DigestInit_ex(ctx, EVP_md5(), NULL); + EVP_DigestUpdate(ctx, data, len); + EVP_DigestUpdate(ctx, signmagic, strlen(signmagic) + 1); + EVP_DigestFinal_ex(ctx, key->signkey, NULL); - MD5_Init(&ctx); - MD5_Update(&ctx, data, len); - MD5_Update(&ctx, sealmagic, strlen(sealmagic) + 1); - MD5_Final(out, &ctx); + EVP_DigestInit_ex(ctx, EVP_md5(), NULL); + EVP_DigestUpdate(ctx, data, len); + EVP_DigestUpdate(ctx, sealmagic, strlen(sealmagic) + 1); + EVP_DigestFinal_ex(ctx, out, NULL); + EVP_MD_CTX_destroy(ctx); RC4_set_key(&key->sealkey, 16, out); if (sealsign) @@ -121,20 +121,20 @@ v1_sign_message(gss_buffer_t in, { unsigned char sigature[12]; uint32_t crc; - + _krb5_crc_init_table(); crc = _krb5_crc_update(in->value, in->length, 0); - + encode_le_uint32(0, &sigature[0]); encode_le_uint32(crc, &sigature[4]); encode_le_uint32(seq, &sigature[8]); - + encode_le_uint32(1, out); /* version */ RC4(signkey, sizeof(sigature), sigature, out + 4); - + if (RAND_bytes(out + 4, 4) != 1) return GSS_S_UNAVAILABLE; - + return 0; } @@ -152,7 +152,7 @@ v2_sign_message(gss_buffer_t in, HMAC_CTX_init(&c); HMAC_Init_ex(&c, signkey, 16, EVP_md5(), NULL); - + encode_le_uint32(seq, hmac); HMAC_Update(&c, hmac, 4); HMAC_Update(&c, in->value, in->length); @@ -188,7 +188,7 @@ v2_verify_message(gss_buffer_t in, return GSS_S_BAD_MIC; return GSS_S_COMPLETE; -} +} static OM_uint32 v2_seal_message(const gss_buffer_t in, @@ -259,8 +259,9 @@ v2_unseal_message(gss_buffer_t in, /* * */ - -OM_uint32 _gss_ntlm_get_mic + +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_get_mic (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, gss_qop_t qop_req, @@ -271,12 +272,7 @@ OM_uint32 _gss_ntlm_get_mic ntlm_ctx ctx = (ntlm_ctx)context_handle; OM_uint32 junk; - if (minor_status) - *minor_status = 0; - if (message_token) { - message_token->length = 0; - message_token->value = NULL; - } + *minor_status = 0; message_token->value = malloc(16); message_token->length = 16; @@ -339,7 +335,7 @@ OM_uint32 _gss_ntlm_get_mic * */ -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_verify_mic (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, @@ -388,7 +384,7 @@ _gss_ntlm_verify_mic ((unsigned char *)token_buffer->value) + 4, sigature); _krb5_crc_init_table(); - crc = _krb5_crc_update(message_buffer->value, + crc = _krb5_crc_update(message_buffer->value, message_buffer->length, 0); /* skip first 4 bytes in the encrypted checksum */ decode_le_uint32(&sigature[4], &num); @@ -425,7 +421,7 @@ _gss_ntlm_verify_mic * */ -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_wrap_size_limit ( OM_uint32 * minor_status, const gss_ctx_id_t context_handle, @@ -456,7 +452,8 @@ _gss_ntlm_wrap_size_limit ( * */ -OM_uint32 _gss_ntlm_wrap +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_wrap (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, int conf_req_flag, @@ -469,14 +466,13 @@ OM_uint32 _gss_ntlm_wrap ntlm_ctx ctx = (ntlm_ctx)context_handle; OM_uint32 ret; - if (minor_status) - *minor_status = 0; + *minor_status = 0; if (conf_state) *conf_state = 0; if (output_message_buffer == GSS_C_NO_BUFFER) return GSS_S_FAILURE; - + if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SEAL|NTLM_NEG_NTLM2_SESSION)) { return v2_seal_message(input_message_buffer, @@ -499,7 +495,7 @@ OM_uint32 _gss_ntlm_wrap RC4(&ctx->u.v1.crypto_send.key, input_message_buffer->length, input_message_buffer->value, output_message_buffer->value); - + ret = _gss_ntlm_get_mic(minor_status, context_handle, 0, input_message_buffer, &trailer); @@ -512,7 +508,7 @@ OM_uint32 _gss_ntlm_wrap gss_release_buffer(&junk, &trailer); return GSS_S_FAILURE; } - memcpy(((unsigned char *)output_message_buffer->value) + + memcpy(((unsigned char *)output_message_buffer->value) + input_message_buffer->length, trailer.value, trailer.length); gss_release_buffer(&junk, &trailer); @@ -527,7 +523,8 @@ OM_uint32 _gss_ntlm_wrap * */ -OM_uint32 _gss_ntlm_unwrap +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_unwrap (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t input_message_buffer, @@ -539,12 +536,10 @@ OM_uint32 _gss_ntlm_unwrap ntlm_ctx ctx = (ntlm_ctx)context_handle; OM_uint32 ret; - if (minor_status) - *minor_status = 0; - if (output_message_buffer) { - output_message_buffer->value = NULL; - output_message_buffer->length = 0; - } + *minor_status = 0; + output_message_buffer->value = NULL; + output_message_buffer->length = 0; + if (conf_state) *conf_state = 0; if (qop_state) @@ -572,10 +567,10 @@ OM_uint32 _gss_ntlm_unwrap output_message_buffer->length = 0; return GSS_S_FAILURE; } - + RC4(&ctx->u.v1.crypto_recv.key, output_message_buffer->length, input_message_buffer->value, output_message_buffer->value); - + trailer.value = ((unsigned char *)input_message_buffer->value) + output_message_buffer->length; trailer.length = 16; diff --git a/lib/gssapi/ntlm/delete_sec_context.c b/lib/gssapi/ntlm/delete_sec_context.c index c51f227051fe..41c30b76f1a8 100644 --- a/lib/gssapi/ntlm/delete_sec_context.c +++ b/lib/gssapi/ntlm/delete_sec_context.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: delete_sec_context.c 22163 2007-12-04 21:25:06Z lha $"); - -OM_uint32 _gss_ntlm_delete_sec_context +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_delete_sec_context (OM_uint32 * minor_status, gss_ctx_id_t * context_handle, gss_buffer_t output_token diff --git a/lib/gssapi/ntlm/display_name.c b/lib/gssapi/ntlm/display_name.c index a04d96c4510f..4f8e3e6828c4 100644 --- a/lib/gssapi/ntlm/display_name.c +++ b/lib/gssapi/ntlm/display_name.c @@ -1,41 +1,40 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: display_name.c 22373 2007-12-28 18:36:06Z lha $"); - -OM_uint32 _gss_ntlm_display_name +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_display_name (OM_uint32 * minor_status, const gss_name_t input_name, gss_buffer_t output_name_buffer, @@ -49,9 +48,9 @@ OM_uint32 _gss_ntlm_display_name if (output_name_buffer) { ntlm_name n = (ntlm_name)input_name; - char *str; + char *str = NULL; int len; - + output_name_buffer->length = 0; output_name_buffer->value = NULL; @@ -61,7 +60,7 @@ OM_uint32 _gss_ntlm_display_name } len = asprintf(&str, "%s@%s", n->user, n->domain); - if (str == NULL) { + if (len < 0 || str == NULL) { *minor_status = ENOMEM; return GSS_S_FAILURE; } diff --git a/lib/gssapi/ntlm/display_status.c b/lib/gssapi/ntlm/display_status.c index 70be5ebe4985..c9e1792d31f8 100644 --- a/lib/gssapi/ntlm/display_status.c +++ b/lib/gssapi/ntlm/display_status.c @@ -1,41 +1,40 @@ /* - * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: display_status.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_display_status +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_display_status (OM_uint32 *minor_status, OM_uint32 status_value, int status_type, diff --git a/lib/gssapi/ntlm/duplicate_name.c b/lib/gssapi/ntlm/duplicate_name.c index 2b2f7dd65fe1..4ef574fb50ee 100644 --- a/lib/gssapi/ntlm/duplicate_name.c +++ b/lib/gssapi/ntlm/duplicate_name.c @@ -1,41 +1,40 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: duplicate_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_duplicate_name ( +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_duplicate_name ( OM_uint32 * minor_status, const gss_name_t src_name, gss_name_t * dest_name diff --git a/lib/gssapi/ntlm/export_name.c b/lib/gssapi/ntlm/export_name.c index f0941b1ce625..8fe69aaaf45e 100644 --- a/lib/gssapi/ntlm/export_name.c +++ b/lib/gssapi/ntlm/export_name.c @@ -1,41 +1,40 @@ /* - * Copyright (c) 1997, 1999, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1999, 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: export_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_export_name +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_export_name (OM_uint32 * minor_status, const gss_name_t input_name, gss_buffer_t exported_name diff --git a/lib/gssapi/ntlm/export_sec_context.c b/lib/gssapi/ntlm/export_sec_context.c index 99a7be19ab27..027a9210ebdb 100644 --- a/lib/gssapi/ntlm/export_sec_context.c +++ b/lib/gssapi/ntlm/export_sec_context.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: export_sec_context.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_export_sec_context ( OM_uint32 * minor_status, gss_ctx_id_t * context_handle, diff --git a/lib/gssapi/ntlm/external.c b/lib/gssapi/ntlm/external.c index 8f86032796a9..d0474f4ec812 100644 --- a/lib/gssapi/ntlm/external.c +++ b/lib/gssapi/ntlm/external.c @@ -1,44 +1,70 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: external.c 19359 2006-12-15 20:01:48Z lha $"); +static gss_mo_desc ntlm_mo[] = { + { + GSS_C_MA_SASL_MECH_NAME, + GSS_MO_MA, + "SASL mech name", + rk_UNCONST("NTLM"), + _gss_mo_get_ctx_as_string, + NULL + }, + { + GSS_C_MA_MECH_NAME, + GSS_MO_MA, + "Mechanism name", + rk_UNCONST("NTLMSPP"), + _gss_mo_get_ctx_as_string, + NULL + }, + { + GSS_C_MA_MECH_DESCRIPTION, + GSS_MO_MA, + "Mechanism description", + rk_UNCONST("Heimdal NTLMSSP Mechanism"), + _gss_mo_get_ctx_as_string, + NULL + } +}; static gssapi_mech_interface_desc ntlm_mech = { GMI_VERSION, "ntlm", {10, rk_UNCONST("\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a") }, + 0, _gss_ntlm_acquire_cred, _gss_ntlm_release_cred, _gss_ntlm_init_sec_context, @@ -67,7 +93,33 @@ static gssapi_mech_interface_desc ntlm_mech = { _gss_ntlm_inquire_names_for_mech, _gss_ntlm_inquire_mechs_for_name, _gss_ntlm_canonicalize_name, - _gss_ntlm_duplicate_name + _gss_ntlm_duplicate_name, + _gss_ntlm_inquire_sec_context_by_oid, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + _gss_ntlm_iter_creds_f, + _gss_ntlm_destroy_cred, + NULL, + NULL, + NULL, + NULL, + ntlm_mo, + sizeof(ntlm_mo) / sizeof(ntlm_mo[0]), + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, }; gssapi_mech_interface @@ -75,8 +127,3 @@ __gss_ntlm_initialize(void) { return &ntlm_mech; } - -static gss_OID_desc _gss_ntlm_mechanism_desc = -{10, rk_UNCONST("\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a") }; - -gss_OID GSS_NTLM_MECHANISM = &_gss_ntlm_mechanism_desc; diff --git a/lib/gssapi/ntlm/import_name.c b/lib/gssapi/ntlm/import_name.c index 91cba082eadf..e75388d91e76 100644 --- a/lib/gssapi/ntlm/import_name.c +++ b/lib/gssapi/ntlm/import_name.c @@ -1,41 +1,40 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: import_name.c 22373 2007-12-28 18:36:06Z lha $"); - -OM_uint32 _gss_ntlm_import_name +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_import_name (OM_uint32 * minor_status, const gss_buffer_t input_name_buffer, const gss_OID input_name_type, @@ -43,14 +42,21 @@ OM_uint32 _gss_ntlm_import_name ) { char *name, *p, *p2; + int is_hostnamed; + int is_username; ntlm_name n; *minor_status = 0; - if (output_name) - *output_name = GSS_C_NO_NAME; + if (output_name == NULL) + return GSS_S_CALL_INACCESSIBLE_WRITE; - if (!gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE)) + *output_name = GSS_C_NO_NAME; + + is_hostnamed = gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE); + is_username = gss_oid_equal(input_name_type, GSS_C_NT_USER_NAME); + + if (!is_hostnamed && !is_username) return GSS_S_BAD_NAMETYPE; name = malloc(input_name_buffer->length + 1); @@ -63,21 +69,25 @@ OM_uint32 _gss_ntlm_import_name /* find "domain" part of the name and uppercase it */ p = strchr(name, '@'); - if (p == NULL) + if (p == NULL) { + free(name); return GSS_S_BAD_NAME; + } p[0] = '\0'; p++; p2 = strchr(p, '.'); if (p2 && p2[1] != '\0') { - p = p2 + 1; - p2 = strchr(p, '.'); + if (is_hostnamed) { + p = p2 + 1; + p2 = strchr(p, '.'); + } if (p2) *p2 = '\0'; } strupr(p); - + n = calloc(1, sizeof(*n)); - if (name == NULL) { + if (n == NULL) { free(name); *minor_status = ENOMEM; return GSS_S_FAILURE; diff --git a/lib/gssapi/ntlm/import_sec_context.c b/lib/gssapi/ntlm/import_sec_context.c index cde0a011f0ce..fe637c0775e5 100644 --- a/lib/gssapi/ntlm/import_sec_context.c +++ b/lib/gssapi/ntlm/import_sec_context.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: import_sec_context.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_import_sec_context ( OM_uint32 * minor_status, const gss_buffer_t interprocess_token, diff --git a/lib/gssapi/ntlm/indicate_mechs.c b/lib/gssapi/ntlm/indicate_mechs.c index 64171631edc9..7cda47580993 100644 --- a/lib/gssapi/ntlm/indicate_mechs.c +++ b/lib/gssapi/ntlm/indicate_mechs.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" - -RCSID("$Id: indicate_mechs.c 19334 2006-12-14 12:17:34Z lha $"); +#include "ntlm.h" OM_uint32 _gss_ntlm_indicate_mechs (OM_uint32 * minor_status, diff --git a/lib/gssapi/ntlm/init_sec_context.c b/lib/gssapi/ntlm/init_sec_context.c index 140dbece8435..bae04e174060 100644 --- a/lib/gssapi/ntlm/init_sec_context.c +++ b/lib/gssapi/ntlm/init_sec_context.c @@ -1,50 +1,49 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" - -RCSID("$Id: init_sec_context.c 22382 2007-12-30 12:13:17Z lha $"); +#include "ntlm.h" static int -from_file(const char *fn, const char *target_domain, +from_file(const char *fn, const char *target_domain, char **username, struct ntlm_buf *key) -{ +{ char *str, buf[1024]; FILE *f; f = fopen(fn, "r"); if (f == NULL) return ENOENT; + rk_cloexec_file(f); while (fgets(buf, sizeof(buf), f) != NULL) { char *d, *u, *p; @@ -74,7 +73,7 @@ from_file(const char *fn, const char *target_domain, } static int -get_user_file(const ntlm_name target_name, +get_user_file(const ntlm_name target_name, char **username, struct ntlm_buf *key) { const char *fn; @@ -98,19 +97,18 @@ get_user_file(const ntlm_name target_name, static int get_user_ccache(const ntlm_name name, char **username, struct ntlm_buf *key) { - krb5_principal client; krb5_context context = NULL; - krb5_error_code ret; + krb5_principal client; krb5_ccache id = NULL; - krb5_creds mcreds, creds; + krb5_error_code ret; + char *confname; + krb5_data data; *username = NULL; + krb5_data_zero(&data); key->length = 0; key->data = NULL; - memset(&creds, 0, sizeof(creds)); - memset(&mcreds, 0, sizeof(mcreds)); - ret = krb5_init_context(&context); if (ret) return ret; @@ -126,47 +124,36 @@ get_user_ccache(const ntlm_name name, char **username, struct ntlm_buf *key) ret = krb5_unparse_name_flags(context, client, KRB5_PRINCIPAL_UNPARSE_NO_REALM, username); - if (ret) - goto out; - - ret = krb5_make_principal(context, &mcreds.server, - krb5_principal_get_realm(context, client), - "@ntlm-key", name->domain, NULL); krb5_free_principal(context, client); if (ret) goto out; - mcreds.session.keytype = ENCTYPE_ARCFOUR_HMAC_MD5; - ret = krb5_cc_retrieve_cred(context, id, KRB5_TC_MATCH_KEYTYPE, - &mcreds, &creds); - if (ret) { - char *s = krb5_get_error_message(context, ret); - krb5_free_error_string(context, s); + asprintf(&confname, "ntlm-key-%s", name->domain); + if (confname == NULL) { + krb5_clear_error_message(context); + ret = ENOMEM; goto out; } - key->data = malloc(creds.session.keyvalue.length); - if (key->data == NULL) + ret = krb5_cc_get_config(context, id, NULL, + confname, &data); + if (ret) goto out; - key->length = creds.session.keyvalue.length; - memcpy(key->data, creds.session.keyvalue.data, key->length); - krb5_free_cred_contents(context, &creds); - - return 0; - -out: - if (*username) { - free(*username); - *username = NULL; + key->data = malloc(data.length); + if (key->data == NULL) { + ret = ENOMEM; + goto out; } - krb5_free_cred_contents(context, &creds); - if (mcreds.server) - krb5_free_principal(context, mcreds.server); + key->length = data.length; + memcpy(key->data, data.data, data.length); + + out: + krb5_data_free(&data); if (id) krb5_cc_close(context, id); - if (context) - krb5_free_context(context); + + krb5_free_context(context); return ret; } @@ -177,11 +164,11 @@ _gss_ntlm_get_user_cred(const ntlm_name target_name, { ntlm_cred cred; int ret; - + cred = calloc(1, sizeof(*cred)); if (cred == NULL) return ENOMEM; - + ret = get_user_file(target_name, &cred->username, &cred->key); if (ret) ret = get_user_ccache(target_name, &cred->username, &cred->key); @@ -189,7 +176,7 @@ _gss_ntlm_get_user_cred(const ntlm_name target_name, free(cred); return ret; } - + cred->domain = strdup(target_name->domain); *rcred = cred; @@ -199,7 +186,7 @@ _gss_ntlm_get_user_cred(const ntlm_name target_name, static int _gss_copy_cred(ntlm_cred from, ntlm_cred *to) { - *to = calloc(1, sizeof(*to)); + *to = calloc(1, sizeof(**to)); if (*to == NULL) return ENOMEM; (*to)->username = strdup(from->username); @@ -226,7 +213,7 @@ _gss_copy_cred(ntlm_cred from, ntlm_cred *to) return 0; } -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_init_sec_context (OM_uint32 * minor_status, const gss_cred_id_t initiator_cred_handle, @@ -260,7 +247,7 @@ _gss_ntlm_init_sec_context struct ntlm_buf data; uint32_t flags = 0; int ret; - + ctx = calloc(1, sizeof(*ctx)); if (ctx == NULL) { *minor_status = EINVAL; @@ -293,23 +280,23 @@ _gss_ntlm_init_sec_context flags |= NTLM_NEG_KEYEX; memset(&type1, 0, sizeof(type1)); - + type1.flags = flags; type1.domain = name->domain; type1.hostname = NULL; type1.os[0] = 0; type1.os[1] = 0; - + ret = heim_ntlm_encode_type1(&type1, &data); if (ret) { _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); *minor_status = ret; return GSS_S_FAILURE; } - + output_token->value = data.data; output_token->length = data.length; - + return GSS_S_CONTINUE_NEEDED; } else { krb5_error_code ret; @@ -331,7 +318,7 @@ _gss_ntlm_init_sec_context ctx->flags = type2.flags; - /* XXX check that type2.targetinfo matches `target_name´ */ + /* XXX check that type2.targetinfo matches `target_name´ */ /* XXX check verify targetinfo buffer */ memset(&type3, 0, sizeof(type3)); @@ -352,21 +339,21 @@ _gss_ntlm_init_sec_context unsigned char nonce[8]; if (RAND_bytes(nonce, sizeof(nonce)) != 1) { - _gss_ntlm_delete_sec_context(minor_status, + _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); *minor_status = EINVAL; return GSS_S_FAILURE; } ret = heim_ntlm_calculate_ntlm2_sess(nonce, - type2.challange, + type2.challenge, ctx->client->key.data, &type3.lm, &type3.ntlm); } else { - ret = heim_ntlm_calculate_ntlm1(ctx->client->key.data, + ret = heim_ntlm_calculate_ntlm1(ctx->client->key.data, ctx->client->key.length, - type2.challange, + type2.challenge, &type3.ntlm); } @@ -376,7 +363,7 @@ _gss_ntlm_init_sec_context return GSS_S_FAILURE; } - ret = heim_ntlm_build_ntlm1_master(ctx->client->key.data, + ret = heim_ntlm_build_ntlm1_master(ctx->client->key.data, ctx->client->key.length, &sessionkey, &type3.sessionkey); @@ -390,7 +377,7 @@ _gss_ntlm_init_sec_context return GSS_S_FAILURE; } - ret = krb5_data_copy(&ctx->sessionkey, + ret = krb5_data_copy(&ctx->sessionkey, sessionkey.data, sessionkey.length); free(sessionkey.data); if (ret) { @@ -402,7 +389,7 @@ _gss_ntlm_init_sec_context *minor_status = ret; return GSS_S_FAILURE; } - ctx->status |= STATUS_SESSIONKEY; + ctx->status |= STATUS_SESSIONKEY; } else { struct ntlm_buf sessionkey; @@ -410,17 +397,17 @@ _gss_ntlm_init_sec_context struct ntlm_targetinfo ti; /* verify infotarget */ - + ret = heim_ntlm_decode_targetinfo(&type2.targetinfo, 1, &ti); if(ret) { - _gss_ntlm_delete_sec_context(minor_status, + _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); *minor_status = ret; return GSS_S_FAILURE; } if (ti.domainname && strcmp(ti.domainname, name->domain) != 0) { - _gss_ntlm_delete_sec_context(minor_status, + _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); *minor_status = EINVAL; return GSS_S_FAILURE; @@ -430,12 +417,12 @@ _gss_ntlm_init_sec_context ctx->client->key.length, ctx->client->username, name->domain, - type2.challange, + type2.challenge, &type2.targetinfo, ntlmv2, &type3.ntlm); if (ret) { - _gss_ntlm_delete_sec_context(minor_status, + _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); *minor_status = ret; return GSS_S_FAILURE; @@ -446,21 +433,27 @@ _gss_ntlm_init_sec_context &type3.sessionkey); memset(ntlmv2, 0, sizeof(ntlmv2)); if (ret) { - _gss_ntlm_delete_sec_context(minor_status, + _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); *minor_status = ret; return GSS_S_FAILURE; } - + ctx->flags |= NTLM_NEG_NTLM2_SESSION; - ret = krb5_data_copy(&ctx->sessionkey, + ret = krb5_data_copy(&ctx->sessionkey, sessionkey.data, sessionkey.length); free(sessionkey.data); + if (ret) { + _gss_ntlm_delete_sec_context(minor_status, + context_handle, NULL); + *minor_status = ret; + return GSS_S_FAILURE; + } } if (ctx->flags & NTLM_NEG_NTLM2_SESSION) { - ctx->status |= STATUS_SESSIONKEY; + ctx->status |= STATUS_SESSIONKEY; _gss_ntlm_set_key(&ctx->u.v2.send, 0, (ctx->flags & NTLM_NEG_KEYEX), ctx->sessionkey.data, ctx->sessionkey.length); @@ -468,15 +461,15 @@ _gss_ntlm_init_sec_context ctx->sessionkey.data, ctx->sessionkey.length); } else { - ctx->status |= STATUS_SESSIONKEY; - RC4_set_key(&ctx->u.v1.crypto_recv.key, + ctx->status |= STATUS_SESSIONKEY; + RC4_set_key(&ctx->u.v1.crypto_recv.key, ctx->sessionkey.length, ctx->sessionkey.data); - RC4_set_key(&ctx->u.v1.crypto_send.key, + RC4_set_key(&ctx->u.v1.crypto_send.key, ctx->sessionkey.length, ctx->sessionkey.data); } - + ret = heim_ntlm_encode_type3(&type3, &data); diff --git a/lib/gssapi/ntlm/inquire_context.c b/lib/gssapi/ntlm/inquire_context.c index fe6b32272f70..fd0cb8799637 100644 --- a/lib/gssapi/ntlm/inquire_context.c +++ b/lib/gssapi/ntlm/inquire_context.c @@ -1,41 +1,40 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: inquire_context.c 21079 2007-06-13 00:25:25Z lha $"); - -OM_uint32 _gss_ntlm_inquire_context ( +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_inquire_context ( OM_uint32 * minor_status, const gss_ctx_id_t context_handle, gss_name_t * src_name, diff --git a/lib/gssapi/ntlm/inquire_cred.c b/lib/gssapi/ntlm/inquire_cred.c deleted file mode 100644 index 1d49b5070d87..000000000000 --- a/lib/gssapi/ntlm/inquire_cred.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: inquire_cred.c 22148 2007-12-04 17:59:29Z lha $"); - -OM_uint32 _gss_ntlm_inquire_cred - (OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - gss_name_t * name, - OM_uint32 * lifetime, - gss_cred_usage_t * cred_usage, - gss_OID_set * mechanisms - ) -{ - OM_uint32 ret, junk; - - if (minor_status) - *minor_status = 0; - if (name) - *name = GSS_C_NO_NAME; - if (lifetime) - *lifetime = GSS_C_INDEFINITE; - if (cred_usage) - *cred_usage = 0; - if (mechanisms) - *mechanisms = GSS_C_NO_OID_SET; - - if (cred_handle == GSS_C_NO_CREDENTIAL) - return GSS_S_NO_CRED; - - if (mechanisms) { - ret = gss_create_empty_oid_set(minor_status, mechanisms); - if (ret) - goto out; - ret = gss_add_oid_set_member(minor_status, - GSS_NTLM_MECHANISM, - mechanisms); - if (ret) - goto out; - } - - return GSS_S_COMPLETE; -out: - gss_release_oid_set(&junk, mechanisms); - return ret; -} diff --git a/lib/gssapi/ntlm/inquire_cred_by_mech.c b/lib/gssapi/ntlm/inquire_cred_by_mech.c index 572c6fef759c..b5976b99d728 100644 --- a/lib/gssapi/ntlm/inquire_cred_by_mech.c +++ b/lib/gssapi/ntlm/inquire_cred_by_mech.c @@ -1,41 +1,40 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: inquire_cred_by_mech.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_inquire_cred_by_mech ( +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_inquire_cred_by_mech ( OM_uint32 * minor_status, const gss_cred_id_t cred_handle, const gss_OID mech_type, diff --git a/lib/gssapi/ntlm/inquire_mechs_for_name.c b/lib/gssapi/ntlm/inquire_mechs_for_name.c index 8bee4836d3fb..4fd5380946a4 100644 --- a/lib/gssapi/ntlm/inquire_mechs_for_name.c +++ b/lib/gssapi/ntlm/inquire_mechs_for_name.c @@ -1,41 +1,40 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: inquire_mechs_for_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_inquire_mechs_for_name ( +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_inquire_mechs_for_name ( OM_uint32 * minor_status, const gss_name_t input_name, gss_OID_set * mech_types diff --git a/lib/gssapi/ntlm/inquire_names_for_mech.c b/lib/gssapi/ntlm/inquire_names_for_mech.c index ebf624de7628..7f49b33caa47 100644 --- a/lib/gssapi/ntlm/inquire_names_for_mech.c +++ b/lib/gssapi/ntlm/inquire_names_for_mech.c @@ -1,42 +1,40 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: inquire_names_for_mech.c 19334 2006-12-14 12:17:34Z lha $"); - - -OM_uint32 _gss_ntlm_inquire_names_for_mech ( +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_inquire_names_for_mech ( OM_uint32 * minor_status, const gss_OID mechanism, gss_OID_set * name_types diff --git a/lib/gssapi/ntlm/inquire_sec_context_by_oid.c b/lib/gssapi/ntlm/inquire_sec_context_by_oid.c new file mode 100644 index 000000000000..ee791b15adf2 --- /dev/null +++ b/lib/gssapi/ntlm/inquire_sec_context_by_oid.c @@ -0,0 +1,90 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "ntlm.h" + +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_inquire_sec_context_by_oid(OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + const gss_OID desired_object, + gss_buffer_set_t *data_set) +{ + ntlm_ctx ctx = (ntlm_ctx)context_handle; + + if (ctx == NULL) { + *minor_status = 0; + return GSS_S_NO_CONTEXT; + } + + if (gss_oid_equal(desired_object, GSS_NTLM_GET_SESSION_KEY_X) || + gss_oid_equal(desired_object, GSS_C_INQ_SSPI_SESSION_KEY)) { + gss_buffer_desc value; + + value.length = ctx->sessionkey.length; + value.value = ctx->sessionkey.data; + + return gss_add_buffer_set_member(minor_status, + &value, + data_set); + } else if (gss_oid_equal(desired_object, GSS_C_INQ_WIN2K_PAC_X)) { + if (ctx->pac.length == 0) { + *minor_status = ENOENT; + return GSS_S_FAILURE; + } + + return gss_add_buffer_set_member(minor_status, + &ctx->pac, + data_set); + + } else if (gss_oid_equal(desired_object, GSS_C_NTLM_AVGUEST)) { + gss_buffer_desc value; + uint32_t num; + + if (ctx->kcmflags & KCM_NTLM_FLAG_AV_GUEST) + num = 1; + else + num = 0; + + value.length = sizeof(num); + value.value = # + + return gss_add_buffer_set_member(minor_status, + &value, + data_set); + } else { + *minor_status = 0; + return GSS_S_FAILURE; + } +} diff --git a/lib/gssapi/ntlm/iter_cred.c b/lib/gssapi/ntlm/iter_cred.c new file mode 100644 index 000000000000..34456db5da8f --- /dev/null +++ b/lib/gssapi/ntlm/iter_cred.c @@ -0,0 +1,99 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "ntlm.h" + +void GSSAPI_CALLCONV +_gss_ntlm_iter_creds_f(OM_uint32 flags, + void *userctx , + void (*cred_iter)(void *, gss_OID, gss_cred_id_t)) +{ +#ifdef HAVE_KCM + krb5_error_code ret; + krb5_context context = NULL; + krb5_storage *request, *response; + krb5_data response_data; + + ret = krb5_init_context(&context); + if (ret) + goto done; + + ret = krb5_kcm_storage_request(context, KCM_OP_GET_NTLM_USER_LIST, &request); + if (ret) + goto done; + + ret = krb5_kcm_call(context, request, &response, &response_data); + krb5_storage_free(request); + if (ret) + goto done; + + while (1) { + uint32_t morep; + char *user = NULL, *domain = NULL; + ntlm_cred dn; + + ret = krb5_ret_uint32(response, &morep); + if (ret) goto out; + + if (!morep) goto out; + + ret = krb5_ret_stringz(response, &user); + if (ret) goto out; + ret = krb5_ret_stringz(response, &domain); + if (ret) { + free(user); + goto out; + } + + dn = calloc(1, sizeof(*dn)); + if (dn == NULL) { + free(user); + free(domain); + goto out; + } + dn->username = user; + dn->domain = domain; + + cred_iter(userctx, GSS_NTLM_MECHANISM, (gss_cred_id_t)dn); + } + out: + krb5_storage_free(response); + krb5_data_free(&response_data); + done: + if (context) + krb5_free_context(context); +#endif /* HAVE_KCM */ + (*cred_iter)(userctx, NULL, NULL); +} diff --git a/lib/gssapi/ntlm/digest.c b/lib/gssapi/ntlm/kdc.c similarity index 87% rename from lib/gssapi/ntlm/digest.c rename to lib/gssapi/ntlm/kdc.c index fecf4a5b2799..7d56c7510fbb 100644 --- a/lib/gssapi/ntlm/digest.c +++ b/lib/gssapi/ntlm/kdc.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: digest.c 22169 2007-12-04 22:19:16Z lha $"); +#ifdef DIGEST /* * @@ -66,7 +66,7 @@ get_ccache(krb5_context context, int *destroy, krb5_ccache *id) krb5_keytab kt = NULL; *id = NULL; - + if (!issuid()) { const char *cache; @@ -79,15 +79,15 @@ get_ccache(krb5_context context, int *destroy, krb5_ccache *id) } } - ret = krb5_sname_to_principal(context, NULL, "host", + ret = krb5_sname_to_principal(context, NULL, "host", KRB5_NT_SRV_HST, &principal); if (ret) goto out; - - ret = krb5_cc_cache_match(context, principal, NULL, id); + + ret = krb5_cc_cache_match(context, principal, id); if (ret == 0) return 0; - + /* did not find in default credcache, lets try default keytab */ ret = krb5_kt_default(context, &kt); if (ret) @@ -129,16 +129,17 @@ get_ccache(krb5_context context, int *destroy, krb5_ccache *id) } krb5_kt_close(context, kt); - + return 0; out: - if (*destroy) - krb5_cc_destroy(context, *id); - else - krb5_cc_close(context, *id); - - *id = NULL; + if (*id) { + if (*destroy) + krb5_cc_destroy(context, *id); + else + krb5_cc_close(context, *id); + *id = NULL; + } if (kt) krb5_kt_close(context, kt); @@ -201,7 +202,7 @@ kdc_probe(OM_uint32 *minor, void *ctx, const char *realm) ret = krb5_digest_probe(c->context, rk_UNCONST(realm), c->id, &flags); if (ret) return ret; - + if ((flags & (1|2|4)) == 0) return EINVAL; @@ -253,13 +254,13 @@ kdc_type2(OM_uint32 *minor_status, krb5_data challange; struct ntlm_buf data; krb5_data ti; - + memset(&type2, 0, sizeof(type2)); - + /* * Request data for type 2 packet from the KDC. */ - ret = krb5_ntlm_init_request(c->context, + ret = krb5_ntlm_init_request(c->context, c->ntlm, NULL, c->id, @@ -298,11 +299,11 @@ kdc_type2(OM_uint32 *minor_status, return GSS_S_FAILURE; } - if (challange.length != sizeof(type2.challange)) { + if (challange.length != sizeof(type2.challenge)) { *minor_status = EINVAL; return GSS_S_FAILURE; } - memcpy(type2.challange, challange.data, sizeof(type2.challange)); + memcpy(type2.challenge, challange.data, sizeof(type2.challenge)); krb5_data_free(&challange); ret = krb5_ntlm_init_get_targetname(c->context, c->ntlm, @@ -321,7 +322,7 @@ kdc_type2(OM_uint32 *minor_status, type2.targetinfo.data = ti.data; type2.targetinfo.length = ti.length; - + ret = heim_ntlm_encode_type2(&type2, &data); free(type2.targetname); krb5_data_free(&ti); @@ -329,7 +330,7 @@ kdc_type2(OM_uint32 *minor_status, *minor_status = ret; return GSS_S_FAILURE; } - + out->data = data.data; out->length = data.length; @@ -356,13 +357,13 @@ kdc_type3(OM_uint32 *minor_status, if (ret) goto out; ret = krb5_ntlm_req_set_username(c->context, c->ntlm, type3->username); if (ret) goto out; - ret = krb5_ntlm_req_set_targetname(c->context, c->ntlm, + ret = krb5_ntlm_req_set_targetname(c->context, c->ntlm, type3->targetname); if (ret) goto out; - ret = krb5_ntlm_req_set_lm(c->context, c->ntlm, + ret = krb5_ntlm_req_set_lm(c->context, c->ntlm, type3->lm.data, type3->lm.length); if (ret) goto out; - ret = krb5_ntlm_req_set_ntlm(c->context, c->ntlm, + ret = krb5_ntlm_req_set_ntlm(c->context, c->ntlm, type3->ntlm.data, type3->ntlm.length); if (ret) goto out; ret = krb5_ntlm_req_set_opaque(c->context, c->ntlm, &c->opaque); @@ -378,7 +379,7 @@ kdc_type3(OM_uint32 *minor_status, /* * Verify with the KDC the type3 packet is ok */ - ret = krb5_ntlm_request(c->context, + ret = krb5_ntlm_request(c->context, c->ntlm, NULL, c->id); @@ -391,7 +392,7 @@ kdc_type3(OM_uint32 *minor_status, } if (type3->sessionkey.length) { - ret = krb5_ntlm_rep_get_sessionkey(c->context, + ret = krb5_ntlm_rep_get_sessionkey(c->context, c->ntlm, &c->sessionkey); if (ret) @@ -433,3 +434,5 @@ struct ntlm_server_interface ntlmsspi_kdc_digest = { kdc_type3, kdc_free_buffer }; + +#endif /* DIGEST */ diff --git a/lib/gssapi/ntlm/ntlm-private.h b/lib/gssapi/ntlm/ntlm-private.h index cc6c4007856d..0c62b3533937 100644 --- a/lib/gssapi/ntlm/ntlm-private.h +++ b/lib/gssapi/ntlm/ntlm-private.h @@ -7,7 +7,7 @@ gssapi_mech_interface __gss_ntlm_initialize (void); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_accept_sec_context ( OM_uint32 * /*minor_status*/, gss_ctx_id_t * /*context_handle*/, @@ -21,7 +21,7 @@ _gss_ntlm_accept_sec_context ( OM_uint32 * /*time_rec*/, gss_cred_id_t * delegated_cred_handle ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_acquire_cred ( OM_uint32 * /*min_stat*/, const gss_name_t /*desired_name*/, @@ -32,7 +32,7 @@ _gss_ntlm_acquire_cred ( gss_OID_set * /*actual_mechs*/, OM_uint32 * time_rec ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_add_cred ( OM_uint32 */*minor_status*/, const gss_cred_id_t /*input_cred_handle*/, @@ -51,40 +51,45 @@ _gss_ntlm_allocate_ctx ( OM_uint32 */*minor_status*/, ntlm_ctx */*ctx*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_canonicalize_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, const gss_OID /*mech_type*/, gss_name_t * output_name ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_compare_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*name1*/, const gss_name_t /*name2*/, int * name_equal ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_context_time ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, OM_uint32 * time_rec ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_delete_sec_context ( OM_uint32 * /*minor_status*/, gss_ctx_id_t * /*context_handle*/, gss_buffer_t output_token ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_destroy_cred ( + OM_uint32 */*minor_status*/, + gss_cred_id_t */*cred_handle*/); + +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_display_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, gss_buffer_t /*output_name_buffer*/, gss_OID * output_name_type ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_display_status ( OM_uint32 */*minor_status*/, OM_uint32 /*status_value*/, @@ -93,25 +98,25 @@ _gss_ntlm_display_status ( OM_uint32 */*message_context*/, gss_buffer_t /*status_string*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_duplicate_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*src_name*/, gss_name_t * dest_name ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_export_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, gss_buffer_t exported_name ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_export_sec_context ( OM_uint32 * /*minor_status*/, gss_ctx_id_t * /*context_handle*/, gss_buffer_t interprocess_token ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_get_mic ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -124,14 +129,14 @@ _gss_ntlm_get_user_cred ( const ntlm_name /*target_name*/, ntlm_cred */*rcred*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_import_name ( OM_uint32 * /*minor_status*/, const gss_buffer_t /*input_name_buffer*/, const gss_OID /*input_name_type*/, gss_name_t * output_name ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_import_sec_context ( OM_uint32 * /*minor_status*/, const gss_buffer_t /*interprocess_token*/, @@ -142,7 +147,7 @@ _gss_ntlm_indicate_mechs ( OM_uint32 * /*minor_status*/, gss_OID_set * mech_set ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_init_sec_context ( OM_uint32 * /*minor_status*/, const gss_cred_id_t /*initiator_cred_handle*/, @@ -158,7 +163,7 @@ _gss_ntlm_init_sec_context ( OM_uint32 * /*ret_flags*/, OM_uint32 * time_rec ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_inquire_context ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -170,7 +175,7 @@ _gss_ntlm_inquire_context ( int * /*locally_initiated*/, int * open_context ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_inquire_cred ( OM_uint32 * /*minor_status*/, const gss_cred_id_t /*cred_handle*/, @@ -179,7 +184,7 @@ _gss_ntlm_inquire_cred ( gss_cred_usage_t * /*cred_usage*/, gss_OID_set * mechanisms ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_inquire_cred_by_mech ( OM_uint32 * /*minor_status*/, const gss_cred_id_t /*cred_handle*/, @@ -189,30 +194,43 @@ _gss_ntlm_inquire_cred_by_mech ( OM_uint32 * /*acceptor_lifetime*/, gss_cred_usage_t * cred_usage ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_inquire_mechs_for_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, gss_OID_set * mech_types ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_inquire_names_for_mech ( OM_uint32 * /*minor_status*/, const gss_OID /*mechanism*/, gss_OID_set * name_types ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_inquire_sec_context_by_oid ( + OM_uint32 */*minor_status*/, + const gss_ctx_id_t /*context_handle*/, + const gss_OID /*desired_object*/, + gss_buffer_set_t */*data_set*/); + +void GSSAPI_CALLCONV +_gss_ntlm_iter_creds_f ( + OM_uint32 /*flags*/, + void *userctx , + void (*/*cred_iter*/)(void *, gss_OID, gss_cred_id_t)); + +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_process_context_token ( OM_uint32 */*minor_status*/, const gss_ctx_id_t /*context_handle*/, const gss_buffer_t token_buffer ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_release_cred ( OM_uint32 * /*minor_status*/, gss_cred_id_t * cred_handle ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_release_name ( OM_uint32 * /*minor_status*/, gss_name_t * input_name ); @@ -225,7 +243,7 @@ _gss_ntlm_set_key ( unsigned char */*data*/, size_t /*len*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_unwrap ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -234,7 +252,7 @@ _gss_ntlm_unwrap ( int * /*conf_state*/, gss_qop_t * qop_state ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_verify_mic ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -242,7 +260,7 @@ _gss_ntlm_verify_mic ( const gss_buffer_t /*token_buffer*/, gss_qop_t * qop_state ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_wrap ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -252,7 +270,7 @@ _gss_ntlm_wrap ( int * /*conf_state*/, gss_buffer_t output_message_buffer ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_wrap_size_limit ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, diff --git a/lib/gssapi/ntlm/ntlm.h b/lib/gssapi/ntlm/ntlm.h index 5713b72e2b33..1ed12d5ca6d7 100644 --- a/lib/gssapi/ntlm/ntlm.h +++ b/lib/gssapi/ntlm/ntlm.h @@ -1,44 +1,42 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: ntlm.h 22373 2007-12-28 18:36:06Z lha $ */ +/* $Id$ */ #ifndef NTLM_NTLM_H #define NTLM_NTLM_H -#ifdef HAVE_CONFIG_H #include -#endif #include #include @@ -46,15 +44,20 @@ #include #include +#include + #include +#include #include +#include #include -#include +#include #include #include +#define HC_DEPRECATED_CRYPTO #include "crypto-headers.h" typedef OM_uint32 @@ -108,6 +111,7 @@ typedef struct { void *ictx; ntlm_cred client; OM_uint32 gssflags; + uint32_t kcmflags; uint32_t flags; uint32_t status; #define STATUS_OPEN 1 @@ -115,6 +119,8 @@ typedef struct { #define STATUS_SESSIONKEY 4 krb5_data sessionkey; + gss_buffer_desc pac; + union { struct { struct { @@ -133,7 +139,7 @@ typedef struct { char *domain; } *ntlm_name; -#include +#include #endif /* NTLM_NTLM_H */ diff --git a/lib/gssapi/ntlm/process_context_token.c b/lib/gssapi/ntlm/process_context_token.c index 33c1072208a4..16efcd1525d7 100644 --- a/lib/gssapi/ntlm/process_context_token.c +++ b/lib/gssapi/ntlm/process_context_token.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: process_context_token.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_process_context_token ( +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_process_context_token ( OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t token_buffer diff --git a/lib/gssapi/ntlm/release_cred.c b/lib/gssapi/ntlm/release_cred.c index a63e5687408e..49d88a2b26e5 100644 --- a/lib/gssapi/ntlm/release_cred.c +++ b/lib/gssapi/ntlm/release_cred.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: release_cred.c 22163 2007-12-04 21:25:06Z lha $"); - -OM_uint32 _gss_ntlm_release_cred +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_release_cred (OM_uint32 * minor_status, gss_cred_id_t * cred_handle ) diff --git a/lib/gssapi/ntlm/release_name.c b/lib/gssapi/ntlm/release_name.c index 687d9fde50c5..86c1da364733 100644 --- a/lib/gssapi/ntlm/release_name.c +++ b/lib/gssapi/ntlm/release_name.c @@ -1,41 +1,40 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "ntlm/ntlm.h" +#include "ntlm.h" -RCSID("$Id: release_name.c 22373 2007-12-28 18:36:06Z lha $"); - -OM_uint32 _gss_ntlm_release_name +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_release_name (OM_uint32 * minor_status, gss_name_t * input_name ) diff --git a/lib/gssapi/spnego/accept_sec_context.c b/lib/gssapi/spnego/accept_sec_context.c index 1afe26f1e39d..3a51dd3a0a61 100644 --- a/lib/gssapi/spnego/accept_sec_context.c +++ b/lib/gssapi/spnego/accept_sec_context.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * Portions Copyright (c) 2004 PADL Software Pty Ltd. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "spnego/spnego_locl.h" - -RCSID("$Id: accept_sec_context.c 21461 2007-07-10 14:01:13Z lha $"); +#include "spnego_locl.h" static OM_uint32 send_reject (OM_uint32 *minor_status, @@ -53,7 +51,7 @@ send_reject (OM_uint32 *minor_status, nt.u.negTokenResp.supportedMech = NULL; nt.u.negTokenResp.responseToken = NULL; nt.u.negTokenResp.mechListMIC = NULL; - + ASN1_MALLOC_ENCODE(NegotiationToken, output_token->value, output_token->length, &nt, &size, *minor_status); @@ -76,14 +74,14 @@ acceptor_approved(gss_name_t target_name, gss_OID mech) gss_create_empty_oid_set(&junk, &oidset); gss_add_oid_set_member(&junk, mech, &oidset); - + ret = gss_acquire_cred(&junk, target_name, GSS_C_INDEFINITE, oidset, GSS_C_ACCEPT, &cred, NULL, NULL); gss_release_oid_set(&junk, &oidset); if (ret != GSS_S_COMPLETE) return ret; gss_release_cred(&junk, &cred); - + return GSS_S_COMPLETE; } @@ -92,13 +90,7 @@ send_supported_mechs (OM_uint32 *minor_status, gss_buffer_t output_token) { NegotiationTokenWin nt; - char hostname[MAXHOSTNAMELEN + 1], *p; - gss_buffer_desc name_buf; - gss_OID name_type; - gss_name_t target_princ; - gss_name_t canon_princ; - OM_uint32 minor; - size_t buf_len; + size_t buf_len = 0; gss_buffer_desc data; OM_uint32 ret; @@ -116,62 +108,9 @@ send_supported_mechs (OM_uint32 *minor_status, return ret; } - memset(&target_princ, 0, sizeof(target_princ)); - if (gethostname(hostname, sizeof(hostname) - 2) != 0) { - *minor_status = errno; - free_NegotiationTokenWin(&nt); - return GSS_S_FAILURE; - } - hostname[sizeof(hostname) - 1] = '\0'; - - /* Send the constructed SAM name for this host */ - for (p = hostname; *p != '\0' && *p != '.'; p++) { - *p = toupper((unsigned char)*p); - } - *p++ = '$'; - *p = '\0'; - - name_buf.length = strlen(hostname); - name_buf.value = hostname; - - ret = gss_import_name(minor_status, &name_buf, - GSS_C_NO_OID, - &target_princ); - if (ret != GSS_S_COMPLETE) { - free_NegotiationTokenWin(&nt); - return ret; - } - - name_buf.length = 0; - name_buf.value = NULL; - - /* Canonicalize the name using the preferred mechanism */ - ret = gss_canonicalize_name(minor_status, - target_princ, - GSS_C_NO_OID, - &canon_princ); - if (ret != GSS_S_COMPLETE) { - free_NegotiationTokenWin(&nt); - gss_release_name(&minor, &target_princ); - return ret; - } - - ret = gss_display_name(minor_status, canon_princ, - &name_buf, &name_type); - if (ret != GSS_S_COMPLETE) { - free_NegotiationTokenWin(&nt); - gss_release_name(&minor, &canon_princ); - gss_release_name(&minor, &target_princ); - return ret; - } - - gss_release_name(&minor, &canon_princ); - gss_release_name(&minor, &target_princ); - ALLOC(nt.u.negTokenInit.negHints, 1); if (nt.u.negTokenInit.negHints == NULL) { *minor_status = ENOMEM; - gss_release_buffer(&minor, &name_buf); free_NegotiationTokenWin(&nt); return GSS_S_FAILURE; } @@ -179,23 +118,24 @@ send_supported_mechs (OM_uint32 *minor_status, ALLOC(nt.u.negTokenInit.negHints->hintName, 1); if (nt.u.negTokenInit.negHints->hintName == NULL) { *minor_status = ENOMEM; - gss_release_buffer(&minor, &name_buf); free_NegotiationTokenWin(&nt); return GSS_S_FAILURE; } - *(nt.u.negTokenInit.negHints->hintName) = name_buf.value; - name_buf.value = NULL; + *nt.u.negTokenInit.negHints->hintName = strdup("not_defined_in_RFC4178@please_ignore"); nt.u.negTokenInit.negHints->hintAddress = NULL; - ASN1_MALLOC_ENCODE(NegotiationTokenWin, + ASN1_MALLOC_ENCODE(NegotiationTokenWin, data.value, data.length, &nt, &buf_len, ret); free_NegotiationTokenWin(&nt); if (ret) { - return ret; + *minor_status = ret; + return GSS_S_FAILURE; } - if (data.length != buf_len) + if (data.length != buf_len) { abort(); + UNREACHABLE(return GSS_S_FAILURE); + } ret = gss_encapsulate_token(&data, GSS_SPNEGO_MECHANISM, output_token); @@ -307,7 +247,7 @@ send_accept (OM_uint32 *minor_status, } else nt.u.negTokenResp.mechListMIC = NULL; - + ASN1_MALLOC_ENCODE(NegotiationToken, output_token->value, output_token->length, &nt, &size, ret); @@ -376,6 +316,9 @@ select_mech(OM_uint32 *minor_status, MechType *mechType, int verify_p, char mechbuf[64]; size_t mech_len; gss_OID_desc oid; + gss_OID oidp; + gss_OID_set mechs; + size_t i; OM_uint32 ret, junk; ret = der_put_oid ((unsigned char *)mechbuf + sizeof(mechbuf) - 1, @@ -396,27 +339,29 @@ select_mech(OM_uint32 *minor_status, MechType *mechType, int verify_p, *minor_status = 0; /* Translate broken MS Kebreros OID */ - if (gss_oid_equal(&oid, &_gss_spnego_mskrb_mechanism_oid_desc)) { - gssapi_mech_interface mech; + if (gss_oid_equal(&oid, &_gss_spnego_mskrb_mechanism_oid_desc)) + oidp = &_gss_spnego_krb5_mechanism_oid_desc; + else + oidp = &oid; - mech = __gss_get_mechanism(&_gss_spnego_krb5_mechanism_oid_desc); - if (mech == NULL) + + ret = gss_indicate_mechs(&junk, &mechs); + if (ret) + return (ret); + + for (i = 0; i < mechs->count; i++) + if (gss_oid_equal(&mechs->elements[i], oidp)) + break; + + if (i == mechs->count) { + gss_release_oid_set(&junk, &mechs); return GSS_S_BAD_MECH; - - ret = gss_duplicate_oid(minor_status, - &_gss_spnego_mskrb_mechanism_oid_desc, - mech_p); - } else { - gssapi_mech_interface mech; - - mech = __gss_get_mechanism(&oid); - if (mech == NULL) - return GSS_S_BAD_MECH; - - ret = gss_duplicate_oid(minor_status, - &mech->gm_mech_oid, - mech_p); } + gss_release_oid_set(&junk, &mechs); + + ret = gss_duplicate_oid(minor_status, + &oid, /* possibly this should be oidp */ + mech_p); if (verify_p) { gss_name_t name = GSS_C_NO_NAME; @@ -425,11 +370,16 @@ select_mech(OM_uint32 *minor_status, MechType *mechType, int verify_p, host = getenv("GSSAPI_SPNEGO_NAME"); if (host == NULL || issuid()) { + int rv; if (gethostname(hostname, sizeof(hostname)) != 0) { *minor_status = errno; return GSS_S_FAILURE; } - asprintf(&str, "host@%s", hostname); + rv = asprintf(&str, "host@%s", hostname); + if (rv < 0 || str == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } host = str; } @@ -463,20 +413,16 @@ acceptor_complete(OM_uint32 * minor_status, { OM_uint32 ret; int require_mic, verify_mic; - gss_buffer_desc buf; - - buf.length = 0; - buf.value = NULL; ret = _gss_spnego_require_mechlist_mic(minor_status, ctx, &require_mic); if (ret) return ret; - + ctx->require_mic = require_mic; if (mic != NULL) require_mic = 1; - + if (ctx->open && require_mic) { if (mech_input_token == GSS_C_NO_BUFFER) { /* Even/One */ verify_mic = 1; @@ -488,44 +434,39 @@ acceptor_complete(OM_uint32 * minor_status, verify_mic = 0; *get_mic = 1; } - - if (verify_mic || get_mic) { + + if (verify_mic || *get_mic) { int eret; - size_t buf_len; - - ASN1_MALLOC_ENCODE(MechTypeList, + size_t buf_len = 0; + + ASN1_MALLOC_ENCODE(MechTypeList, mech_buf->value, mech_buf->length, &ctx->initiator_mech_types, &buf_len, eret); if (eret) { *minor_status = eret; return GSS_S_FAILURE; } - if (buf.length != buf_len) - abort(); + heim_assert(mech_buf->length == buf_len, "Internal ASN.1 error"); + UNREACHABLE(return GSS_S_FAILURE); } - + if (verify_mic) { ret = verify_mechlist_mic(minor_status, ctx, mech_buf, mic); if (ret) { - if (get_mic) + if (*get_mic) send_reject (minor_status, output_token); - if (buf.value) - free(buf.value); return ret; } ctx->verified_mic = 1; } - if (buf.value) - free(buf.value); - } else - *get_mic = verify_mic = 0; - + *get_mic = 0; + return GSS_S_COMPLETE; } -static OM_uint32 +static OM_uint32 GSSAPI_CALLCONV acceptor_start (OM_uint32 * minor_status, gss_ctx_id_t * context_handle, @@ -540,18 +481,16 @@ acceptor_start gss_cred_id_t *delegated_cred_handle ) { - OM_uint32 ret, junk, minor; + OM_uint32 ret, junk; NegotiationToken nt; size_t nt_len; NegTokenInit *ni; - int i; gss_buffer_desc data; gss_buffer_t mech_input_token = GSS_C_NO_BUFFER; gss_buffer_desc mech_output_token; gss_buffer_desc mech_buf; gss_OID preferred_mech_type = GSS_C_NO_OID; gssspnego_ctx ctx; - gssspnego_cred acceptor_cred = (gssspnego_cred)acceptor_cred_handle; int get_mic = 0; int first_ok = 0; @@ -561,7 +500,7 @@ acceptor_start if (input_token_buffer->length == 0) return send_supported_mechs (minor_status, output_token); - + ret = _gss_spnego_alloc_sec_context(minor_status, context_handle); if (ret != GSS_S_COMPLETE) return ret; @@ -609,38 +548,28 @@ acceptor_start /* * First we try the opportunistic token if we have support for it, * don't try to verify we have credential for the token, - * gss_accept_sec_context will (hopefully) tell us that. - * If that failes, + * gss_accept_sec_context() will (hopefully) tell us that. + * If that failes, */ ret = select_mech(minor_status, - &ni->mechTypes.val[0], + &ni->mechTypes.val[0], 0, &preferred_mech_type); if (ret == 0 && ni->mechToken != NULL) { - gss_cred_id_t mech_delegated_cred = GSS_C_NO_CREDENTIAL; - gss_cred_id_t mech_cred; gss_buffer_desc ibuf; ibuf.length = ni->mechToken->length; ibuf.value = ni->mechToken->data; mech_input_token = &ibuf; - if (acceptor_cred != NULL) - mech_cred = acceptor_cred->negotiated_cred_id; - else - mech_cred = GSS_C_NO_CREDENTIAL; - if (ctx->mech_src_name != GSS_C_NO_NAME) - gss_release_name(&minor, &ctx->mech_src_name); - - if (ctx->delegated_cred_id != GSS_C_NO_CREDENTIAL) - _gss_spnego_release_cred(&minor, &ctx->delegated_cred_id); - - ret = gss_accept_sec_context(&minor, + gss_release_name(&junk, &ctx->mech_src_name); + + ret = gss_accept_sec_context(minor_status, &ctx->negotiated_ctx_id, - mech_cred, + acceptor_cred_handle, mech_input_token, input_chan_bindings, &ctx->mech_src_name, @@ -648,20 +577,13 @@ acceptor_start &mech_output_token, &ctx->mech_flags, &ctx->mech_time_rec, - &mech_delegated_cred); + delegated_cred_handle); + if (ret == GSS_S_COMPLETE || ret == GSS_S_CONTINUE_NEEDED) { ctx->preferred_mech_type = preferred_mech_type; - ctx->negotiated_mech_type = preferred_mech_type; if (ret == GSS_S_COMPLETE) ctx->open = 1; - if (mech_delegated_cred && delegated_cred_handle) - ret = _gss_spnego_alloc_cred(minor_status, - mech_delegated_cred, - delegated_cred_handle); - else - gss_release_cred(&junk, &mech_delegated_cred); - ret = acceptor_complete(minor_status, ctx, &get_mic, @@ -674,6 +596,8 @@ acceptor_start goto out; first_ok = 1; + } else { + gss_mg_collect_error(preferred_mech_type, ret, *minor_status); } } @@ -681,12 +605,15 @@ acceptor_start * If opportunistic token failed, lets try the other mechs. */ - if (!first_ok) { + if (!first_ok && ni->mechToken != NULL) { + size_t j; + + preferred_mech_type = GSS_C_NO_OID; /* Call glue layer to find first mech we support */ - for (i = 1; i < ni->mechTypes.len; ++i) { + for (j = 1; j < ni->mechTypes.len; ++j) { ret = select_mech(minor_status, - &ni->mechTypes.val[i], + &ni->mechTypes.val[j], 1, &preferred_mech_type); if (ret == 0) @@ -695,11 +622,10 @@ acceptor_start if (preferred_mech_type == GSS_C_NO_OID) { HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); free_NegotiationToken(&nt); - return GSS_S_BAD_MECH; + return ret; } ctx->preferred_mech_type = preferred_mech_type; - ctx->negotiated_mech_type = preferred_mech_type; } /* @@ -714,10 +640,10 @@ acceptor_start output_token); if (ret) goto out; - + out: if (mech_output_token.value != NULL) - gss_release_buffer(&minor, &mech_output_token); + gss_release_buffer(&junk, &mech_output_token); if (mech_buf.value != NULL) { free(mech_buf.value); mech_buf.value = NULL; @@ -736,12 +662,8 @@ acceptor_start *src_name = (gss_name_t)name; } } - if (delegated_cred_handle != NULL) { - *delegated_cred_handle = ctx->delegated_cred_id; - ctx->delegated_cred_id = GSS_C_NO_CREDENTIAL; - } } - + if (mech_type != NULL) *mech_type = ctx->negotiated_mech_type; if (ret_flags != NULL) @@ -754,14 +676,14 @@ acceptor_start return ret; } - _gss_spnego_internal_delete_sec_context(&minor, context_handle, + _gss_spnego_internal_delete_sec_context(&junk, context_handle, GSS_C_NO_BUFFER); - + return ret; } -static OM_uint32 +static OM_uint32 GSSAPI_CALLCONV acceptor_continue (OM_uint32 * minor_status, gss_ctx_id_t * context_handle, @@ -785,7 +707,6 @@ acceptor_continue gss_buffer_t mech_output_token = GSS_C_NO_BUFFER; gss_buffer_desc mech_buf; gssspnego_ctx ctx; - gssspnego_cred acceptor_cred = (gssspnego_cred)acceptor_cred_handle; mech_buf.value = NULL; @@ -796,7 +717,7 @@ acceptor_continue * context token (negTokenInit). */ - ret = decode_NegotiationToken(input_token_buffer->value, + ret = decode_NegotiationToken(input_token_buffer->value, input_token_buffer->length, &nt, &nt_len); if (ret) { @@ -831,31 +752,13 @@ acceptor_continue } if (mech_input_token != GSS_C_NO_BUFFER) { - gss_cred_id_t mech_cred; - gss_cred_id_t mech_delegated_cred; - gss_cred_id_t *mech_delegated_cred_p; - - if (acceptor_cred != NULL) - mech_cred = acceptor_cred->negotiated_cred_id; - else - mech_cred = GSS_C_NO_CREDENTIAL; - - if (delegated_cred_handle != NULL) { - mech_delegated_cred = GSS_C_NO_CREDENTIAL; - mech_delegated_cred_p = &mech_delegated_cred; - } else { - mech_delegated_cred_p = NULL; - } if (ctx->mech_src_name != GSS_C_NO_NAME) gss_release_name(&minor, &ctx->mech_src_name); - if (ctx->delegated_cred_id != GSS_C_NO_CREDENTIAL) - _gss_spnego_release_cred(&minor, &ctx->delegated_cred_id); - ret = gss_accept_sec_context(&minor, &ctx->negotiated_ctx_id, - mech_cred, + acceptor_cred_handle, mech_input_token, input_chan_bindings, &ctx->mech_src_name, @@ -863,20 +766,14 @@ acceptor_continue &obuf, &ctx->mech_flags, &ctx->mech_time_rec, - mech_delegated_cred_p); + delegated_cred_handle); + if (ret == GSS_S_COMPLETE || ret == GSS_S_CONTINUE_NEEDED) { - if (mech_delegated_cred_p != NULL && - mech_delegated_cred != GSS_C_NO_CREDENTIAL) { - ret2 = _gss_spnego_alloc_cred(minor_status, - mech_delegated_cred, - &ctx->delegated_cred_id); - if (ret2 != GSS_S_COMPLETE) - ret = ret2; - } mech_output_token = &obuf; } if (ret != GSS_S_COMPLETE && ret != GSS_S_CONTINUE_NEEDED) { free_NegotiationToken(&nt); + gss_mg_collect_error(ctx->negotiated_mech_type, ret, minor); send_reject (minor_status, output_token); HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); return ret; @@ -886,7 +783,7 @@ acceptor_continue } else ret = GSS_S_COMPLETE; - ret2 = _gss_spnego_require_mechlist_mic(minor_status, + ret2 = _gss_spnego_require_mechlist_mic(minor_status, ctx, &require_mic); if (ret2) @@ -953,10 +850,6 @@ acceptor_continue *src_name = (gss_name_t)name; } } - if (delegated_cred_handle != NULL) { - *delegated_cred_handle = ctx->delegated_cred_id; - ctx->delegated_cred_id = GSS_C_NO_CREDENTIAL; - } } if (mech_type != NULL) @@ -977,7 +870,7 @@ acceptor_continue return ret; } -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_accept_sec_context (OM_uint32 * minor_status, gss_ctx_id_t * context_handle, @@ -1011,11 +904,11 @@ _gss_spnego_accept_sec_context *delegated_cred_handle = GSS_C_NO_CREDENTIAL; - if (*context_handle == GSS_C_NO_CONTEXT) + if (*context_handle == GSS_C_NO_CONTEXT) func = acceptor_start; else func = acceptor_continue; - + return (*func)(minor_status, context_handle, acceptor_cred_handle, input_token_buffer, input_chan_bindings, diff --git a/lib/gssapi/spnego/compat.c b/lib/gssapi/spnego/compat.c index 287f4f760ed7..cf5ee30a84a9 100644 --- a/lib/gssapi/spnego/compat.c +++ b/lib/gssapi/spnego/compat.c @@ -30,9 +30,7 @@ * SUCH DAMAGE. */ -#include "spnego/spnego_locl.h" - -RCSID("$Id: compat.c 21866 2007-08-08 11:31:29Z lha $"); +#include "spnego_locl.h" /* * Apparently Microsoft got the OID wrong, and used @@ -43,16 +41,17 @@ RCSID("$Id: compat.c 21866 2007-08-08 11:31:29Z lha $"); * Kerberos mechanism. */ gss_OID_desc _gss_spnego_mskrb_mechanism_oid_desc = - {9, (void *)"\x2a\x86\x48\x82\xf7\x12\x01\x02\x02"}; + {9, rk_UNCONST("\x2a\x86\x48\x82\xf7\x12\x01\x02\x02")}; gss_OID_desc _gss_spnego_krb5_mechanism_oid_desc = - {9, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"}; + {9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02")}; /* * Allocate a SPNEGO context handle */ -OM_uint32 _gss_spnego_alloc_sec_context (OM_uint32 * minor_status, - gss_ctx_id_t *context_handle) +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_alloc_sec_context (OM_uint32 * minor_status, + gss_ctx_id_t *context_handle) { gssspnego_ctx ctx; @@ -76,7 +75,6 @@ OM_uint32 _gss_spnego_alloc_sec_context (OM_uint32 * minor_status, ctx->mech_flags = 0; ctx->mech_time_rec = 0; ctx->mech_src_name = GSS_C_NO_NAME; - ctx->delegated_cred_id = GSS_C_NO_CREDENTIAL; ctx->open = 0; ctx->local = 0; @@ -94,7 +92,7 @@ OM_uint32 _gss_spnego_alloc_sec_context (OM_uint32 * minor_status, * Free a SPNEGO context handle. The caller must have acquired * the lock before this is called. */ -OM_uint32 _gss_spnego_internal_delete_sec_context +OM_uint32 GSSAPI_CALLCONV _gss_spnego_internal_delete_sec_context (OM_uint32 *minor_status, gss_ctx_id_t *context_handle, gss_buffer_t output_token @@ -124,8 +122,6 @@ OM_uint32 _gss_spnego_internal_delete_sec_context if (ctx->initiator_mech_types.val != NULL) free_MechTypeList(&ctx->initiator_mech_types); - _gss_spnego_release_cred(&minor, &ctx->delegated_cred_id); - gss_release_oid(&minor, &ctx->preferred_mech_type); ctx->negotiated_mech_type = GSS_C_NO_OID; @@ -145,7 +141,6 @@ OM_uint32 _gss_spnego_internal_delete_sec_context HEIMDAL_MUTEX_destroy(&ctx->ctx_id_mutex); free(ctx); - *context_handle = NULL; return ret; } @@ -156,7 +151,7 @@ OM_uint32 _gss_spnego_internal_delete_sec_context * a non-preferred mechanism was negotiated */ -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_require_mechlist_mic(OM_uint32 *minor_status, gssspnego_ctx ctx, int *require_mic) @@ -234,26 +229,26 @@ add_mech_type(gss_OID mech_type, } -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_indicate_mechtypelist (OM_uint32 *minor_status, gss_name_t target_name, OM_uint32 (*func)(gss_name_t, gss_OID), int includeMSCompatOID, - const gssspnego_cred cred_handle, + const gss_cred_id_t cred_handle, MechTypeList *mechtypelist, gss_OID *preferred_mech) { gss_OID_set supported_mechs = GSS_C_NO_OID_SET; gss_OID first_mech = GSS_C_NO_OID; OM_uint32 ret; - int i; + size_t i; mechtypelist->len = 0; mechtypelist->val = NULL; - if (cred_handle != NULL) { + if (cred_handle) { ret = gss_inquire_cred(minor_status, - cred_handle->negotiated_cred_id, + cred_handle, NULL, NULL, NULL, diff --git a/lib/gssapi/spnego/context_stubs.c b/lib/gssapi/spnego/context_stubs.c index 3535c7bb3596..60b348ec4676 100644 --- a/lib/gssapi/spnego/context_stubs.c +++ b/lib/gssapi/spnego/context_stubs.c @@ -30,16 +30,14 @@ * SUCH DAMAGE. */ -#include "spnego/spnego_locl.h" - -RCSID("$Id: context_stubs.c 21035 2007-06-09 15:32:47Z lha $"); +#include "spnego_locl.h" static OM_uint32 spnego_supported_mechs(OM_uint32 *minor_status, gss_OID_set *mechs) { OM_uint32 ret, junk; gss_OID_set m; - int i; + size_t i; ret = gss_indicate_mechs(minor_status, &m); if (ret != GSS_S_COMPLETE) @@ -62,12 +60,13 @@ spnego_supported_mechs(OM_uint32 *minor_status, gss_OID_set *mechs) return ret; } } + gss_release_oid_set(&junk, &m); return ret; } -OM_uint32 _gss_spnego_process_context_token +OM_uint32 GSSAPI_CALLCONV _gss_spnego_process_context_token (OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t token_buffer @@ -100,7 +99,7 @@ OM_uint32 _gss_spnego_process_context_token GSS_C_NO_BUFFER); } -OM_uint32 _gss_spnego_delete_sec_context +OM_uint32 GSSAPI_CALLCONV _gss_spnego_delete_sec_context (OM_uint32 *minor_status, gss_ctx_id_t *context_handle, gss_buffer_t output_token @@ -120,7 +119,7 @@ OM_uint32 _gss_spnego_delete_sec_context output_token); } -OM_uint32 _gss_spnego_context_time +OM_uint32 GSSAPI_CALLCONV _gss_spnego_context_time (OM_uint32 *minor_status, const gss_ctx_id_t context_handle, OM_uint32 *time_rec @@ -144,7 +143,7 @@ OM_uint32 _gss_spnego_context_time time_rec); } -OM_uint32 _gss_spnego_get_mic +OM_uint32 GSSAPI_CALLCONV _gss_spnego_get_mic (OM_uint32 *minor_status, const gss_ctx_id_t context_handle, gss_qop_t qop_req, @@ -170,7 +169,7 @@ OM_uint32 _gss_spnego_get_mic qop_req, message_buffer, message_token); } -OM_uint32 _gss_spnego_verify_mic +OM_uint32 GSSAPI_CALLCONV _gss_spnego_verify_mic (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t message_buffer, @@ -199,7 +198,7 @@ OM_uint32 _gss_spnego_verify_mic qop_state); } -OM_uint32 _gss_spnego_wrap +OM_uint32 GSSAPI_CALLCONV _gss_spnego_wrap (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, int conf_req_flag, @@ -232,7 +231,7 @@ OM_uint32 _gss_spnego_wrap output_message_buffer); } -OM_uint32 _gss_spnego_unwrap +OM_uint32 GSSAPI_CALLCONV _gss_spnego_unwrap (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t input_message_buffer, @@ -263,19 +262,7 @@ OM_uint32 _gss_spnego_unwrap qop_state); } -OM_uint32 _gss_spnego_display_status - (OM_uint32 * minor_status, - OM_uint32 status_value, - int status_type, - const gss_OID mech_type, - OM_uint32 * message_context, - gss_buffer_t status_string - ) -{ - return GSS_S_FAILURE; -} - -OM_uint32 _gss_spnego_compare_name +OM_uint32 GSSAPI_CALLCONV _gss_spnego_compare_name (OM_uint32 *minor_status, const gss_name_t name1, const gss_name_t name2, @@ -299,7 +286,7 @@ OM_uint32 _gss_spnego_compare_name return GSS_S_COMPLETE; } -OM_uint32 _gss_spnego_display_name +OM_uint32 GSSAPI_CALLCONV _gss_spnego_display_name (OM_uint32 * minor_status, const gss_name_t input_name, gss_buffer_t output_name_buffer, @@ -317,7 +304,7 @@ OM_uint32 _gss_spnego_display_name output_name_buffer, output_name_type); } -OM_uint32 _gss_spnego_import_name +OM_uint32 GSSAPI_CALLCONV _gss_spnego_import_name (OM_uint32 * minor_status, const gss_buffer_t name_buffer, const gss_OID name_type, @@ -334,13 +321,13 @@ OM_uint32 _gss_spnego_import_name *minor_status = ENOMEM; return GSS_S_FAILURE; } - + maj_stat = _gss_copy_oid(minor_status, name_type, &name->type); if (maj_stat) { free(name); return GSS_S_FAILURE; } - + maj_stat = _gss_copy_buffer(minor_status, name_buffer, &name->value); if (maj_stat) { gss_name_t rname = (gss_name_t)name; @@ -353,7 +340,7 @@ OM_uint32 _gss_spnego_import_name return GSS_S_COMPLETE; } -OM_uint32 _gss_spnego_export_name +OM_uint32 GSSAPI_CALLCONV _gss_spnego_export_name (OM_uint32 * minor_status, const gss_name_t input_name, gss_buffer_t exported_name @@ -372,7 +359,7 @@ OM_uint32 _gss_spnego_export_name return gss_export_name(minor_status, name->mech, exported_name); } -OM_uint32 _gss_spnego_release_name +OM_uint32 GSSAPI_CALLCONV _gss_spnego_release_name (OM_uint32 * minor_status, gss_name_t * input_name ) @@ -393,7 +380,7 @@ OM_uint32 _gss_spnego_release_name return GSS_S_COMPLETE; } -OM_uint32 _gss_spnego_inquire_context ( +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_context ( OM_uint32 * minor_status, const gss_ctx_id_t context_handle, gss_name_t * src_name, @@ -406,31 +393,61 @@ OM_uint32 _gss_spnego_inquire_context ( ) { gssspnego_ctx ctx; + OM_uint32 maj_stat, junk; + gss_name_t src_mn, targ_mn; *minor_status = 0; - if (context_handle == GSS_C_NO_CONTEXT) { + if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; - } ctx = (gssspnego_ctx)context_handle; - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { + if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; - } - return gss_inquire_context(minor_status, - ctx->negotiated_ctx_id, - src_name, - targ_name, - lifetime_rec, - mech_type, - ctx_flags, - locally_initiated, - open_context); + maj_stat = gss_inquire_context(minor_status, + ctx->negotiated_ctx_id, + &src_mn, + &targ_mn, + lifetime_rec, + mech_type, + ctx_flags, + locally_initiated, + open_context); + if (maj_stat != GSS_S_COMPLETE) + return maj_stat; + + if (src_name) { + spnego_name name = calloc(1, sizeof(*name)); + if (name == NULL) + goto enomem; + name->mech = src_mn; + *src_name = (gss_name_t)name; + } else + gss_release_name(&junk, &src_mn); + + if (targ_name) { + spnego_name name = calloc(1, sizeof(*name)); + if (name == NULL) { + gss_release_name(minor_status, src_name); + goto enomem; + } + name->mech = targ_mn; + *targ_name = (gss_name_t)name; + } else + gss_release_name(&junk, &targ_mn); + + return GSS_S_COMPLETE; + +enomem: + gss_release_name(&junk, &targ_mn); + gss_release_name(&junk, &src_mn); + *minor_status = ENOMEM; + return GSS_S_FAILURE; } -OM_uint32 _gss_spnego_wrap_size_limit ( +OM_uint32 GSSAPI_CALLCONV _gss_spnego_wrap_size_limit ( OM_uint32 * minor_status, const gss_ctx_id_t context_handle, int conf_req_flag, @@ -461,7 +478,7 @@ OM_uint32 _gss_spnego_wrap_size_limit ( max_input_size); } -OM_uint32 _gss_spnego_export_sec_context ( +OM_uint32 GSSAPI_CALLCONV _gss_spnego_export_sec_context ( OM_uint32 * minor_status, gss_ctx_id_t * context_handle, gss_buffer_t interprocess_token @@ -504,7 +521,7 @@ OM_uint32 _gss_spnego_export_sec_context ( return ret; } -OM_uint32 _gss_spnego_import_sec_context ( +OM_uint32 GSSAPI_CALLCONV _gss_spnego_import_sec_context ( OM_uint32 * minor_status, const gss_buffer_t interprocess_token, gss_ctx_id_t *context_handle @@ -540,7 +557,7 @@ OM_uint32 _gss_spnego_import_sec_context ( return GSS_S_COMPLETE; } -OM_uint32 _gss_spnego_inquire_names_for_mech ( +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_names_for_mech ( OM_uint32 * minor_status, const gss_OID mechanism, gss_OID_set * name_types @@ -548,7 +565,7 @@ OM_uint32 _gss_spnego_inquire_names_for_mech ( { gss_OID_set mechs, names, n; OM_uint32 ret, junk; - int i, j; + size_t i, j; *name_types = NULL; @@ -580,10 +597,10 @@ OM_uint32 _gss_spnego_inquire_names_for_mech ( gss_release_oid_set(&junk, &mechs); - return GSS_S_COMPLETE; + return ret; } -OM_uint32 _gss_spnego_inquire_mechs_for_name ( +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_mechs_for_name ( OM_uint32 * minor_status, const gss_name_t input_name, gss_OID_set * mech_types @@ -604,7 +621,7 @@ OM_uint32 _gss_spnego_inquire_mechs_for_name ( return ret; } -OM_uint32 _gss_spnego_canonicalize_name ( +OM_uint32 GSSAPI_CALLCONV _gss_spnego_canonicalize_name ( OM_uint32 * minor_status, const gss_name_t input_name, const gss_OID mech_type, @@ -615,7 +632,7 @@ OM_uint32 _gss_spnego_canonicalize_name ( return gss_duplicate_name(minor_status, input_name, output_name); } -OM_uint32 _gss_spnego_duplicate_name ( +OM_uint32 GSSAPI_CALLCONV _gss_spnego_duplicate_name ( OM_uint32 * minor_status, const gss_name_t src_name, gss_name_t * dest_name @@ -624,207 +641,71 @@ OM_uint32 _gss_spnego_duplicate_name ( return gss_duplicate_name(minor_status, src_name, dest_name); } -OM_uint32 _gss_spnego_sign - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - int qop_req, - gss_buffer_t message_buffer, - gss_buffer_t message_token - ) +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_wrap_iov(OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + int * conf_state, + gss_iov_buffer_desc *iov, + int iov_count) { - gssspnego_ctx ctx; + gssspnego_ctx ctx = (gssspnego_ctx)context_handle; *minor_status = 0; - if (context_handle == GSS_C_NO_CONTEXT) { + if (ctx == NULL || ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; - } - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_sign(minor_status, - ctx->negotiated_ctx_id, - qop_req, - message_buffer, - message_token); + return gss_wrap_iov(minor_status, ctx->negotiated_ctx_id, + conf_req_flag, qop_req, conf_state, + iov, iov_count); } -OM_uint32 _gss_spnego_verify - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - gss_buffer_t message_buffer, - gss_buffer_t token_buffer, - int * qop_state - ) +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_unwrap_iov(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int *conf_state, + gss_qop_t *qop_state, + gss_iov_buffer_desc *iov, + int iov_count) { - gssspnego_ctx ctx; + gssspnego_ctx ctx = (gssspnego_ctx)context_handle; *minor_status = 0; - if (context_handle == GSS_C_NO_CONTEXT) { + if (ctx == NULL || ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; - } - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_verify(minor_status, - ctx->negotiated_ctx_id, - message_buffer, - token_buffer, - qop_state); + return gss_unwrap_iov(minor_status, + ctx->negotiated_ctx_id, + conf_state, qop_state, + iov, iov_count); } -OM_uint32 _gss_spnego_seal - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - int conf_req_flag, - int qop_req, - gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer - ) +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_wrap_iov_length(OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + int *conf_state, + gss_iov_buffer_desc *iov, + int iov_count) { - gssspnego_ctx ctx; + gssspnego_ctx ctx = (gssspnego_ctx)context_handle; *minor_status = 0; - if (context_handle == GSS_C_NO_CONTEXT) { + if (ctx == NULL || ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; - } - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_seal(minor_status, - ctx->negotiated_ctx_id, - conf_req_flag, - qop_req, - input_message_buffer, - conf_state, - output_message_buffer); -} - -OM_uint32 _gss_spnego_unseal - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - int * qop_state - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_unseal(minor_status, - ctx->negotiated_ctx_id, - input_message_buffer, - output_message_buffer, - conf_state, - qop_state); + return gss_wrap_iov_length(minor_status, ctx->negotiated_ctx_id, + conf_req_flag, qop_req, conf_state, + iov, iov_count); } #if 0 -OM_uint32 _gss_spnego_unwrap_ex - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t token_header_buffer, - const gss_buffer_t associated_data_buffer, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - gss_qop_t * qop_state) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_unwrap_ex(minor_status, - ctx->negotiated_ctx_id, - token_header_buffer, - associated_data_buffer, - input_message_buffer, - output_message_buffer, - conf_state, - qop_state); -} - -OM_uint32 _gss_spnego_wrap_ex - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t associated_data_buffer, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_token_buffer, - gss_buffer_t output_message_buffer - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - if ((ctx->mech_flags & GSS_C_DCE_STYLE) == 0 && - associated_data_buffer->length != input_message_buffer->length) { - *minor_status = EINVAL; - return GSS_S_BAD_QOP; - } - - return gss_wrap_ex(minor_status, - ctx->negotiated_ctx_id, - conf_req_flag, - qop_req, - associated_data_buffer, - input_message_buffer, - conf_state, - output_token_buffer, - output_message_buffer); -} - -OM_uint32 _gss_spnego_complete_auth_token +OM_uint32 GSSAPI_CALLCONV _gss_spnego_complete_auth_token (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, gss_buffer_t input_message_buffer) @@ -849,7 +730,7 @@ OM_uint32 _gss_spnego_complete_auth_token } #endif -OM_uint32 _gss_spnego_inquire_sec_context_by_oid +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_sec_context_by_oid (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, const gss_OID desired_object, @@ -875,7 +756,7 @@ OM_uint32 _gss_spnego_inquire_sec_context_by_oid data_set); } -OM_uint32 _gss_spnego_set_sec_context_option +OM_uint32 GSSAPI_CALLCONV _gss_spnego_set_sec_context_option (OM_uint32 * minor_status, gss_ctx_id_t * context_handle, const gss_OID desired_object, @@ -889,7 +770,7 @@ OM_uint32 _gss_spnego_set_sec_context_option return GSS_S_NO_CONTEXT; } - ctx = (gssspnego_ctx)context_handle; + ctx = (gssspnego_ctx)*context_handle; if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { return GSS_S_NO_CONTEXT; @@ -901,3 +782,31 @@ OM_uint32 _gss_spnego_set_sec_context_option value); } + +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_pseudo_random(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int prf_key, + const gss_buffer_t prf_in, + ssize_t desired_output_len, + gss_buffer_t prf_out) +{ + gssspnego_ctx ctx; + + *minor_status = 0; + + if (context_handle == GSS_C_NO_CONTEXT) + return GSS_S_NO_CONTEXT; + + ctx = (gssspnego_ctx)context_handle; + + if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) + return GSS_S_NO_CONTEXT; + + return gss_pseudo_random(minor_status, + ctx->negotiated_ctx_id, + prf_key, + prf_in, + desired_output_len, + prf_out); +} diff --git a/lib/gssapi/spnego/cred_stubs.c b/lib/gssapi/spnego/cred_stubs.c index 2362e9901963..fc43d6a4a666 100644 --- a/lib/gssapi/spnego/cred_stubs.c +++ b/lib/gssapi/spnego/cred_stubs.c @@ -30,63 +30,31 @@ * SUCH DAMAGE. */ -#include "spnego/spnego_locl.h" +#include "spnego_locl.h" -RCSID("$Id: cred_stubs.c 20619 2007-05-08 13:43:45Z lha $"); - -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_release_cred(OM_uint32 *minor_status, gss_cred_id_t *cred_handle) { - gssspnego_cred cred; OM_uint32 ret; - + *minor_status = 0; - if (*cred_handle == GSS_C_NO_CREDENTIAL) { + if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) return GSS_S_COMPLETE; - } - cred = (gssspnego_cred)*cred_handle; - ret = gss_release_cred(minor_status, &cred->negotiated_cred_id); + ret = gss_release_cred(minor_status, cred_handle); - free(cred); *cred_handle = GSS_C_NO_CREDENTIAL; return ret; } -OM_uint32 -_gss_spnego_alloc_cred(OM_uint32 *minor_status, - gss_cred_id_t mech_cred_handle, - gss_cred_id_t *cred_handle) -{ - gssspnego_cred cred; - - if (*cred_handle != GSS_C_NO_CREDENTIAL) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - cred = calloc(1, sizeof(*cred)); - if (cred == NULL) { - *cred_handle = GSS_C_NO_CREDENTIAL; - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - cred->negotiated_cred_id = mech_cred_handle; - - *cred_handle = (gss_cred_id_t)cred; - - return GSS_S_COMPLETE; -} - /* * For now, just a simple wrapper that avoids recursion. When * we support gss_{get,set}_neg_mechs() we will need to expose * more functionality. */ -OM_uint32 _gss_spnego_acquire_cred +OM_uint32 GSSAPI_CALLCONV _gss_spnego_acquire_cred (OM_uint32 *minor_status, const gss_name_t desired_name, OM_uint32 time_req, @@ -102,9 +70,7 @@ OM_uint32 _gss_spnego_acquire_cred OM_uint32 ret, tmp; gss_OID_set_desc actual_desired_mechs; gss_OID_set mechs; - int i, j; - gss_cred_id_t cred_handle = GSS_C_NO_CREDENTIAL; - gssspnego_cred cred; + size_t i, j; *output_cred_handle = GSS_C_NO_CREDENTIAL; @@ -114,7 +80,7 @@ OM_uint32 _gss_spnego_acquire_cred return ret; } } - + ret = gss_indicate_mechs(minor_status, &mechs); if (ret != GSS_S_COMPLETE) { gss_release_name(minor_status, &name); @@ -140,22 +106,14 @@ OM_uint32 _gss_spnego_acquire_cred } actual_desired_mechs.count = j; - ret = _gss_spnego_alloc_cred(minor_status, GSS_C_NO_CREDENTIAL, - &cred_handle); - if (ret != GSS_S_COMPLETE) - goto out; - - cred = (gssspnego_cred)cred_handle; ret = gss_acquire_cred(minor_status, name, time_req, &actual_desired_mechs, cred_usage, - &cred->negotiated_cred_id, + output_cred_handle, actual_mechs, time_rec); if (ret != GSS_S_COMPLETE) goto out; - *output_cred_handle = cred_handle; - out: gss_release_name(minor_status, &name); gss_release_oid_set(&tmp, &mechs); @@ -163,13 +121,13 @@ OM_uint32 _gss_spnego_acquire_cred free(actual_desired_mechs.elements); } if (ret != GSS_S_COMPLETE) { - _gss_spnego_release_cred(&tmp, &cred_handle); + _gss_spnego_release_cred(&tmp, output_cred_handle); } return ret; } -OM_uint32 _gss_spnego_inquire_cred +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_cred (OM_uint32 * minor_status, const gss_cred_id_t cred_handle, gss_name_t * name, @@ -178,7 +136,6 @@ OM_uint32 _gss_spnego_inquire_cred gss_OID_set * mechanisms ) { - gssspnego_cred cred; spnego_name sname = NULL; OM_uint32 ret; @@ -195,10 +152,8 @@ OM_uint32 _gss_spnego_inquire_cred } } - cred = (gssspnego_cred)cred_handle; - ret = gss_inquire_cred(minor_status, - cred->negotiated_cred_id, + cred_handle, sname ? &sname->mech : NULL, lifetime, cred_usage, @@ -214,56 +169,7 @@ OM_uint32 _gss_spnego_inquire_cred return ret; } -OM_uint32 _gss_spnego_add_cred ( - OM_uint32 * minor_status, - const gss_cred_id_t input_cred_handle, - const gss_name_t desired_name, - const gss_OID desired_mech, - gss_cred_usage_t cred_usage, - OM_uint32 initiator_time_req, - OM_uint32 acceptor_time_req, - gss_cred_id_t * output_cred_handle, - gss_OID_set * actual_mechs, - OM_uint32 * initiator_time_rec, - OM_uint32 * acceptor_time_rec - ) -{ - gss_cred_id_t spnego_output_cred_handle = GSS_C_NO_CREDENTIAL; - OM_uint32 ret, tmp; - gssspnego_cred input_cred, output_cred; - - *output_cred_handle = GSS_C_NO_CREDENTIAL; - - ret = _gss_spnego_alloc_cred(minor_status, GSS_C_NO_CREDENTIAL, - &spnego_output_cred_handle); - if (ret) - return ret; - - input_cred = (gssspnego_cred)input_cred_handle; - output_cred = (gssspnego_cred)spnego_output_cred_handle; - - ret = gss_add_cred(minor_status, - input_cred->negotiated_cred_id, - desired_name, - desired_mech, - cred_usage, - initiator_time_req, - acceptor_time_req, - &output_cred->negotiated_cred_id, - actual_mechs, - initiator_time_rec, - acceptor_time_rec); - if (ret) { - _gss_spnego_release_cred(&tmp, &spnego_output_cred_handle); - return ret; - } - - *output_cred_handle = spnego_output_cred_handle; - - return GSS_S_COMPLETE; -} - -OM_uint32 _gss_spnego_inquire_cred_by_mech ( +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_cred_by_mech ( OM_uint32 * minor_status, const gss_cred_id_t cred_handle, const gss_OID mech_type, @@ -273,7 +179,6 @@ OM_uint32 _gss_spnego_inquire_cred_by_mech ( gss_cred_usage_t * cred_usage ) { - gssspnego_cred cred; spnego_name sname = NULL; OM_uint32 ret; @@ -290,10 +195,8 @@ OM_uint32 _gss_spnego_inquire_cred_by_mech ( } } - cred = (gssspnego_cred)cred_handle; - ret = gss_inquire_cred_by_mech(minor_status, - cred->negotiated_cred_id, + cred_handle, mech_type, sname ? &sname->mech : NULL, initiator_lifetime, @@ -311,26 +214,58 @@ OM_uint32 _gss_spnego_inquire_cred_by_mech ( return GSS_S_COMPLETE; } -OM_uint32 _gss_spnego_inquire_cred_by_oid +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_cred_by_oid (OM_uint32 * minor_status, const gss_cred_id_t cred_handle, const gss_OID desired_object, gss_buffer_set_t *data_set) { - gssspnego_cred cred; OM_uint32 ret; if (cred_handle == GSS_C_NO_CREDENTIAL) { *minor_status = 0; return GSS_S_NO_CRED; } - cred = (gssspnego_cred)cred_handle; ret = gss_inquire_cred_by_oid(minor_status, - cred->negotiated_cred_id, + cred_handle, desired_object, data_set); return ret; } +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_set_cred_option (OM_uint32 *minor_status, + gss_cred_id_t *cred_handle, + const gss_OID object, + const gss_buffer_t value) +{ + if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) { + *minor_status = 0; + return GSS_S_NO_CRED; + } + + return gss_set_cred_option(minor_status, + cred_handle, + object, + value); +} + + +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_export_cred (OM_uint32 *minor_status, + gss_cred_id_t cred_handle, + gss_buffer_t value) +{ + return gss_export_cred(minor_status, cred_handle, value); +} + +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_import_cred (OM_uint32 *minor_status, + gss_buffer_t value, + gss_cred_id_t *cred_handle) +{ + return gss_import_cred(minor_status, value, cred_handle); +} + diff --git a/lib/gssapi/spnego/external.c b/lib/gssapi/spnego/external.c index fbc231f3aebb..ca06d46e8211 100644 --- a/lib/gssapi/spnego/external.c +++ b/lib/gssapi/spnego/external.c @@ -30,22 +30,55 @@ * SUCH DAMAGE. */ -#include "spnego/spnego_locl.h" +#include "spnego_locl.h" #include -RCSID("$Id: external.c 18336 2006-10-07 22:27:13Z lha $"); - /* * RFC2478, SPNEGO: * The security mechanism of the initial * negotiation token is identified by the Object Identifier * iso.org.dod.internet.security.mechanism.snego (1.3.6.1.5.5.2). */ +static gss_mo_desc spnego_mo[] = { + { + GSS_C_MA_SASL_MECH_NAME, + GSS_MO_MA, + "SASL mech name", + rk_UNCONST("SPNEGO"), + _gss_mo_get_ctx_as_string, + NULL + }, + { + GSS_C_MA_MECH_NAME, + GSS_MO_MA, + "Mechanism name", + rk_UNCONST("SPNEGO"), + _gss_mo_get_ctx_as_string, + NULL + }, + { + GSS_C_MA_MECH_DESCRIPTION, + GSS_MO_MA, + "Mechanism description", + rk_UNCONST("Heimdal SPNEGO Mechanism"), + _gss_mo_get_ctx_as_string, + NULL + }, + { + GSS_C_MA_MECH_NEGO, + GSS_MO_MA + }, + { + GSS_C_MA_MECH_PSEUDO, + GSS_MO_MA + } +}; static gssapi_mech_interface_desc spnego_mech = { GMI_VERSION, "spnego", - {6, (void *)"\x2b\x06\x01\x05\x05\x02"}, + {6, rk_UNCONST("\x2b\x06\x01\x05\x05\x02") }, + 0, _gss_spnego_acquire_cred, _gss_spnego_release_cred, _gss_spnego_init_sec_context, @@ -57,8 +90,8 @@ static gssapi_mech_interface_desc spnego_mech = { _gss_spnego_verify_mic, _gss_spnego_wrap, _gss_spnego_unwrap, - _gss_spnego_display_status, - NULL, + NULL, /* gm_display_status */ + NULL, /* gm_indicate_mechs */ _gss_spnego_compare_name, _gss_spnego_display_name, _gss_spnego_import_name, @@ -67,14 +100,40 @@ static gssapi_mech_interface_desc spnego_mech = { _gss_spnego_inquire_cred, _gss_spnego_inquire_context, _gss_spnego_wrap_size_limit, - _gss_spnego_add_cred, + gss_add_cred, _gss_spnego_inquire_cred_by_mech, _gss_spnego_export_sec_context, _gss_spnego_import_sec_context, - _gss_spnego_inquire_names_for_mech, + NULL /* _gss_spnego_inquire_names_for_mech */, _gss_spnego_inquire_mechs_for_name, _gss_spnego_canonicalize_name, - _gss_spnego_duplicate_name + _gss_spnego_duplicate_name, + _gss_spnego_inquire_sec_context_by_oid, + _gss_spnego_inquire_cred_by_oid, + _gss_spnego_set_sec_context_option, + _gss_spnego_set_cred_option, + _gss_spnego_pseudo_random, + _gss_spnego_wrap_iov, + _gss_spnego_unwrap_iov, + _gss_spnego_wrap_iov_length, + NULL, + _gss_spnego_export_cred, + _gss_spnego_import_cred, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + spnego_mo, + sizeof(spnego_mo) / sizeof(spnego_mo[0]), + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, }; gssapi_mech_interface @@ -82,8 +141,3 @@ __gss_spnego_initialize(void) { return &spnego_mech; } - -static gss_OID_desc _gss_spnego_mechanism_desc = - {6, (void *)"\x2b\x06\x01\x05\x05\x02"}; - -gss_OID GSS_SPNEGO_MECHANISM = &_gss_spnego_mechanism_desc; diff --git a/lib/gssapi/spnego/init_sec_context.c b/lib/gssapi/spnego/init_sec_context.c index 7c74981e664e..b4b1bcefc5e5 100644 --- a/lib/gssapi/spnego/init_sec_context.c +++ b/lib/gssapi/spnego/init_sec_context.c @@ -1,42 +1,40 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * Portions Copyright (c) 2004 PADL Software Pty Ltd. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include "spnego/spnego_locl.h" - -RCSID("$Id: init_sec_context.c 19411 2006-12-18 15:42:03Z lha $"); +#include "spnego_locl.h" /* - * Is target_name an sane target for `mech´. + * Is target_name an sane target for `mech´. */ static OM_uint32 @@ -45,7 +43,7 @@ initiator_approved(gss_name_t target_name, gss_OID mech) OM_uint32 min_stat, maj_stat; gss_ctx_id_t ctx = GSS_C_NO_CONTEXT; gss_buffer_desc out; - + maj_stat = gss_init_sec_context(&min_stat, GSS_C_NO_CREDENTIAL, &ctx, @@ -59,8 +57,10 @@ initiator_approved(gss_name_t target_name, gss_OID mech) &out, NULL, NULL); - if (GSS_ERROR(maj_stat)) + if (GSS_ERROR(maj_stat)) { + gss_mg_collect_error(mech, maj_stat, min_stat); return GSS_S_BAD_MECH; + } gss_release_buffer(&min_stat, &out); gss_delete_sec_context(&min_stat, &ctx, NULL); @@ -177,7 +177,7 @@ spnego_reply_internal(OM_uint32 *minor_status, static OM_uint32 spnego_initial (OM_uint32 * minor_status, - gssspnego_cred cred, + gss_cred_id_t cred, gss_ctx_id_t * context_handle, const gss_name_t target_name, const gss_OID mech_type, @@ -230,7 +230,7 @@ spnego_initial return sub; } - sub = _gss_spnego_indicate_mechtypelist(&minor, + sub = _gss_spnego_indicate_mechtypelist(&minor, ctx->target_name, initiator_approved, 0, @@ -252,8 +252,7 @@ spnego_initial /* generate optimistic token */ sub = gss_init_sec_context(&minor, - (cred != NULL) ? cred->negotiated_cred_id : - GSS_C_NO_CREDENTIAL, + cred, &ctx->negotiated_ctx_id, ctx->target_name, ctx->preferred_mech_type, @@ -268,6 +267,7 @@ spnego_initial if (GSS_ERROR(sub)) { free_NegTokenInit(&ni); *minor_status = minor; + gss_mg_collect_error(ctx->preferred_mech_type, sub, minor); _gss_spnego_internal_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER); return sub; } @@ -344,7 +344,7 @@ spnego_initial ctx->initiator_mech_types.val = ni.mechTypes.val; ni.mechTypes.len = 0; ni.mechTypes.val = NULL; - + free_NegTokenInit(&ni); sub = gss_encapsulate_token(&data, @@ -374,7 +374,7 @@ spnego_initial static OM_uint32 spnego_reply (OM_uint32 * minor_status, - const gssspnego_cred cred, + const gss_cred_id_t cred, gss_ctx_id_t * context_handle, const gss_name_t target_name, const gss_OID mech_type, @@ -389,11 +389,10 @@ spnego_reply ) { OM_uint32 ret, minor; - NegTokenResp resp; - size_t len, taglen; + NegotiationToken resp; gss_OID_desc mech; int require_mic; - size_t buf_len; + size_t buf_len = 0; gss_buffer_desc mic_buf, mech_buf; gss_buffer_desc mech_output_token; gssspnego_ctx ctx; @@ -411,27 +410,23 @@ spnego_reply mech_buf.value = NULL; mech_buf.length = 0; - ret = der_match_tag_and_length(input_token->value, input_token->length, - ASN1_C_CONTEXT, CONS, 1, &len, &taglen); + ret = decode_NegotiationToken(input_token->value, input_token->length, + &resp, NULL); if (ret) - return ret; + return ret; - if (len > input_token->length - taglen) - return ASN1_OVERRUN; - - ret = decode_NegTokenResp((const unsigned char *)input_token->value+taglen, - len, &resp, NULL); - if (ret) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; + if (resp.element != choice_NegotiationToken_negTokenResp) { + free_NegotiationToken(&resp); + *minor_status = 0; + return GSS_S_BAD_MECH; } - if (resp.negResult == NULL - || *(resp.negResult) == reject - /* || resp.supportedMech == NULL */ + if (resp.u.negTokenResp.negResult == NULL + || *(resp.u.negTokenResp.negResult) == reject + /* || resp.u.negTokenResp.supportedMech == NULL */ ) { - free_NegTokenResp(&resp); + free_NegotiationToken(&resp); return GSS_S_BAD_MECH; } @@ -442,16 +437,16 @@ spnego_reply HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - if (resp.supportedMech) { + if (resp.u.negTokenResp.supportedMech) { if (ctx->oidlen) { - free_NegTokenResp(&resp); + free_NegotiationToken(&resp); HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); return GSS_S_BAD_MECH; } ret = der_put_oid(ctx->oidbuf + sizeof(ctx->oidbuf) - 1, sizeof(ctx->oidbuf), - resp.supportedMech, + resp.u.negTokenResp.supportedMech, &ctx->oidlen); /* Avoid recursively embedded SPNEGO */ if (ret || (ctx->oidlen == GSS_SPNEGO_MECHANISM->length && @@ -459,7 +454,7 @@ spnego_reply GSS_SPNEGO_MECHANISM->elements, ctx->oidlen) == 0)) { - free_NegTokenResp(&resp); + free_NegotiationToken(&resp); HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); return GSS_S_BAD_MECH; } @@ -470,23 +465,24 @@ spnego_reply ctx->preferred_mech_type->elements, ctx->oidlen) != 0) { - gss_delete_sec_context(&minor, &ctx->negotiated_ctx_id, + gss_delete_sec_context(&minor, &ctx->negotiated_ctx_id, GSS_C_NO_BUFFER); ctx->negotiated_ctx_id = GSS_C_NO_CONTEXT; } } else if (ctx->oidlen == 0) { - free_NegTokenResp(&resp); + free_NegotiationToken(&resp); HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); return GSS_S_BAD_MECH; } - if (resp.responseToken != NULL || + /* if a token (of non zero length), or no context, pass to underlaying mech */ + if ((resp.u.negTokenResp.responseToken != NULL && resp.u.negTokenResp.responseToken->length) || ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { gss_buffer_desc mech_input_token; - if (resp.responseToken) { - mech_input_token.length = resp.responseToken->length; - mech_input_token.value = resp.responseToken->data; + if (resp.u.negTokenResp.responseToken) { + mech_input_token.length = resp.u.negTokenResp.responseToken->length; + mech_input_token.value = resp.u.negTokenResp.responseToken->data; } else { mech_input_token.length = 0; mech_input_token.value = NULL; @@ -499,8 +495,7 @@ spnego_reply /* Fall through as if the negotiated mechanism was requested explicitly */ ret = gss_init_sec_context(&minor, - (cred != NULL) ? cred->negotiated_cred_id : - GSS_C_NO_CREDENTIAL, + cred, &ctx->negotiated_ctx_id, ctx->target_name, &mech, @@ -514,19 +509,20 @@ spnego_reply &ctx->mech_time_rec); if (GSS_ERROR(ret)) { HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - free_NegTokenResp(&resp); + free_NegotiationToken(&resp); + gss_mg_collect_error(&mech, ret, minor); *minor_status = minor; return ret; } if (ret == GSS_S_COMPLETE) { ctx->open = 1; } - } else if (*(resp.negResult) == accept_completed) { + } else if (*(resp.u.negTokenResp.negResult) == accept_completed) { if (ctx->maybe_open) ctx->open = 1; } - if (*(resp.negResult) == request_mic) { + if (*(resp.u.negTokenResp.negResult) == request_mic) { ctx->require_mic = 1; } @@ -535,14 +531,14 @@ spnego_reply * Verify the mechListMIC if one was provided or CFX was * used and a non-preferred mechanism was selected */ - if (resp.mechListMIC != NULL) { + if (resp.u.negTokenResp.mechListMIC != NULL) { require_mic = 1; } else { ret = _gss_spnego_require_mechlist_mic(minor_status, ctx, &require_mic); if (ret) { HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - free_NegTokenResp(&resp); + free_NegotiationToken(&resp); gss_release_buffer(&minor, &mech_output_token); return ret; } @@ -556,23 +552,25 @@ spnego_reply &ctx->initiator_mech_types, &buf_len, ret); if (ret) { HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - free_NegTokenResp(&resp); + free_NegotiationToken(&resp); gss_release_buffer(&minor, &mech_output_token); *minor_status = ret; return GSS_S_FAILURE; } - if (mech_buf.length != buf_len) + if (mech_buf.length != buf_len) { abort(); + UNREACHABLE(return GSS_S_FAILURE); + } - if (resp.mechListMIC == NULL) { + if (resp.u.negTokenResp.mechListMIC == NULL) { HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); free(mech_buf.value); - free_NegTokenResp(&resp); + free_NegotiationToken(&resp); *minor_status = 0; return GSS_S_DEFECTIVE_TOKEN; } - mic_buf.length = resp.mechListMIC->length; - mic_buf.value = resp.mechListMIC->data; + mic_buf.length = resp.u.negTokenResp.mechListMIC->length; + mic_buf.value = resp.u.negTokenResp.mechListMIC->data; if (mech_output_token.length == 0) { ret = gss_verify_mic(minor_status, @@ -584,7 +582,7 @@ spnego_reply HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); free(mech_buf.value); gss_release_buffer(&minor, &mech_output_token); - free_NegTokenResp(&resp); + free_NegotiationToken(&resp); return GSS_S_DEFECTIVE_TOKEN; } ctx->verified_mic = 1; @@ -599,7 +597,7 @@ spnego_reply if (mech_buf.value != NULL) free(mech_buf.value); - free_NegTokenResp(&resp); + free_NegotiationToken(&resp); gss_release_buffer(&minor, &mech_output_token); if (actual_mech_type) @@ -613,7 +611,8 @@ spnego_reply return ret; } -OM_uint32 _gss_spnego_init_sec_context +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_init_sec_context (OM_uint32 * minor_status, const gss_cred_id_t initiator_cred_handle, gss_ctx_id_t * context_handle, @@ -629,11 +628,9 @@ OM_uint32 _gss_spnego_init_sec_context OM_uint32 * time_rec ) { - gssspnego_cred cred = (gssspnego_cred)initiator_cred_handle; - if (*context_handle == GSS_C_NO_CONTEXT) return spnego_initial (minor_status, - cred, + initiator_cred_handle, context_handle, target_name, mech_type, @@ -647,7 +644,7 @@ OM_uint32 _gss_spnego_init_sec_context time_rec); else return spnego_reply (minor_status, - cred, + initiator_cred_handle, context_handle, target_name, mech_type, diff --git a/lib/gssapi/spnego/spnego-private.h b/lib/gssapi/spnego/spnego-private.h index d80db0018adf..f50574d7ed37 100644 --- a/lib/gssapi/spnego/spnego-private.h +++ b/lib/gssapi/spnego/spnego-private.h @@ -7,7 +7,7 @@ gssapi_mech_interface __gss_spnego_initialize (void); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_accept_sec_context ( OM_uint32 * /*minor_status*/, gss_ctx_id_t * /*context_handle*/, @@ -21,7 +21,7 @@ _gss_spnego_accept_sec_context ( OM_uint32 * /*time_rec*/, gss_cred_id_t *delegated_cred_handle ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_acquire_cred ( OM_uint32 */*minor_status*/, const gss_name_t /*desired_name*/, @@ -32,92 +32,69 @@ _gss_spnego_acquire_cred ( gss_OID_set * /*actual_mechs*/, OM_uint32 * time_rec ); -OM_uint32 -_gss_spnego_add_cred ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*input_cred_handle*/, - const gss_name_t /*desired_name*/, - const gss_OID /*desired_mech*/, - gss_cred_usage_t /*cred_usage*/, - OM_uint32 /*initiator_time_req*/, - OM_uint32 /*acceptor_time_req*/, - gss_cred_id_t * /*output_cred_handle*/, - gss_OID_set * /*actual_mechs*/, - OM_uint32 * /*initiator_time_rec*/, - OM_uint32 * acceptor_time_rec ); - -OM_uint32 -_gss_spnego_alloc_cred ( - OM_uint32 */*minor_status*/, - gss_cred_id_t /*mech_cred_handle*/, - gss_cred_id_t */*cred_handle*/); - -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_alloc_sec_context ( OM_uint32 * /*minor_status*/, gss_ctx_id_t */*context_handle*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_canonicalize_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, const gss_OID /*mech_type*/, gss_name_t * output_name ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_compare_name ( OM_uint32 */*minor_status*/, const gss_name_t /*name1*/, const gss_name_t /*name2*/, int * name_equal ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_context_time ( OM_uint32 */*minor_status*/, const gss_ctx_id_t /*context_handle*/, OM_uint32 *time_rec ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_delete_sec_context ( OM_uint32 */*minor_status*/, gss_ctx_id_t */*context_handle*/, gss_buffer_t output_token ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_display_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, gss_buffer_t /*output_name_buffer*/, gss_OID * output_name_type ); -OM_uint32 -_gss_spnego_display_status ( - OM_uint32 * /*minor_status*/, - OM_uint32 /*status_value*/, - int /*status_type*/, - const gss_OID /*mech_type*/, - OM_uint32 * /*message_context*/, - gss_buffer_t status_string ); - -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_duplicate_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*src_name*/, gss_name_t * dest_name ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_export_cred ( + OM_uint32 */*minor_status*/, + gss_cred_id_t /*cred_handle*/, + gss_buffer_t /*value*/); + +OM_uint32 GSSAPI_CALLCONV _gss_spnego_export_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, gss_buffer_t exported_name ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_export_sec_context ( OM_uint32 * /*minor_status*/, gss_ctx_id_t * /*context_handle*/, gss_buffer_t interprocess_token ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_get_mic ( OM_uint32 */*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -125,30 +102,36 @@ _gss_spnego_get_mic ( const gss_buffer_t /*message_buffer*/, gss_buffer_t message_token ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_import_cred ( + OM_uint32 */*minor_status*/, + gss_buffer_t /*value*/, + gss_cred_id_t */*cred_handle*/); + +OM_uint32 GSSAPI_CALLCONV _gss_spnego_import_name ( OM_uint32 * /*minor_status*/, const gss_buffer_t /*name_buffer*/, const gss_OID /*name_type*/, gss_name_t * output_name ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_import_sec_context ( OM_uint32 * /*minor_status*/, const gss_buffer_t /*interprocess_token*/, gss_ctx_id_t *context_handle ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_indicate_mechtypelist ( OM_uint32 */*minor_status*/, gss_name_t /*target_name*/, OM_uint32 (*/*func*/)(gss_name_t, gss_OID), int /*includeMSCompatOID*/, - const gssspnego_cred /*cred_handle*/, + const gss_cred_id_t /*cred_handle*/, MechTypeList */*mechtypelist*/, gss_OID */*preferred_mech*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_init_sec_context ( OM_uint32 * /*minor_status*/, const gss_cred_id_t /*initiator_cred_handle*/, @@ -164,7 +147,7 @@ _gss_spnego_init_sec_context ( OM_uint32 * /*ret_flags*/, OM_uint32 * time_rec ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_context ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -176,7 +159,7 @@ _gss_spnego_inquire_context ( int * /*locally_initiated*/, int * open_context ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_cred ( OM_uint32 * /*minor_status*/, const gss_cred_id_t /*cred_handle*/, @@ -185,7 +168,7 @@ _gss_spnego_inquire_cred ( gss_cred_usage_t * /*cred_usage*/, gss_OID_set * mechanisms ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_cred_by_mech ( OM_uint32 * /*minor_status*/, const gss_cred_id_t /*cred_handle*/, @@ -195,95 +178,84 @@ _gss_spnego_inquire_cred_by_mech ( OM_uint32 * /*acceptor_lifetime*/, gss_cred_usage_t * cred_usage ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_cred_by_oid ( OM_uint32 * /*minor_status*/, const gss_cred_id_t /*cred_handle*/, const gss_OID /*desired_object*/, gss_buffer_set_t */*data_set*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_mechs_for_name ( OM_uint32 * /*minor_status*/, const gss_name_t /*input_name*/, gss_OID_set * mech_types ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_names_for_mech ( OM_uint32 * /*minor_status*/, const gss_OID /*mechanism*/, gss_OID_set * name_types ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_sec_context_by_oid ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, const gss_OID /*desired_object*/, gss_buffer_set_t */*data_set*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_internal_delete_sec_context ( OM_uint32 */*minor_status*/, gss_ctx_id_t */*context_handle*/, gss_buffer_t output_token ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_process_context_token ( OM_uint32 */*minor_status*/, const gss_ctx_id_t /*context_handle*/, const gss_buffer_t token_buffer ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_pseudo_random ( + OM_uint32 */*minor_status*/, + gss_ctx_id_t /*context_handle*/, + int /*prf_key*/, + const gss_buffer_t /*prf_in*/, + ssize_t /*desired_output_len*/, + gss_buffer_t /*prf_out*/); + +OM_uint32 GSSAPI_CALLCONV _gss_spnego_release_cred ( OM_uint32 */*minor_status*/, gss_cred_id_t */*cred_handle*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_release_name ( OM_uint32 * /*minor_status*/, gss_name_t * input_name ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_require_mechlist_mic ( OM_uint32 */*minor_status*/, gssspnego_ctx /*ctx*/, int */*require_mic*/); -OM_uint32 -_gss_spnego_seal ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - int /*qop_req*/, - gss_buffer_t /*input_message_buffer*/, - int * /*conf_state*/, - gss_buffer_t output_message_buffer ); +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_set_cred_option ( + OM_uint32 */*minor_status*/, + gss_cred_id_t */*cred_handle*/, + const gss_OID /*object*/, + const gss_buffer_t /*value*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_set_sec_context_option ( OM_uint32 * /*minor_status*/, gss_ctx_id_t * /*context_handle*/, const gss_OID /*desired_object*/, const gss_buffer_t /*value*/); -OM_uint32 -_gss_spnego_sign ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - int /*qop_req*/, - gss_buffer_t /*message_buffer*/, - gss_buffer_t message_token ); - -OM_uint32 -_gss_spnego_unseal ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - gss_buffer_t /*input_message_buffer*/, - gss_buffer_t /*output_message_buffer*/, - int * /*conf_state*/, - int * qop_state ); - -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_unwrap ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -292,15 +264,16 @@ _gss_spnego_unwrap ( int * /*conf_state*/, gss_qop_t * qop_state ); -OM_uint32 -_gss_spnego_verify ( - OM_uint32 * /*minor_status*/, +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_unwrap_iov ( + OM_uint32 */*minor_status*/, gss_ctx_id_t /*context_handle*/, - gss_buffer_t /*message_buffer*/, - gss_buffer_t /*token_buffer*/, - int * qop_state ); + int */*conf_state*/, + gss_qop_t */*qop_state*/, + gss_iov_buffer_desc */*iov*/, + int /*iov_count*/); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_verify_mic ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -308,7 +281,7 @@ _gss_spnego_verify_mic ( const gss_buffer_t /*token_buffer*/, gss_qop_t * qop_state ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_spnego_wrap ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, @@ -318,7 +291,27 @@ _gss_spnego_wrap ( int * /*conf_state*/, gss_buffer_t output_message_buffer ); -OM_uint32 +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_wrap_iov ( + OM_uint32 * /*minor_status*/, + gss_ctx_id_t /*context_handle*/, + int /*conf_req_flag*/, + gss_qop_t /*qop_req*/, + int * /*conf_state*/, + gss_iov_buffer_desc */*iov*/, + int /*iov_count*/); + +OM_uint32 GSSAPI_CALLCONV +_gss_spnego_wrap_iov_length ( + OM_uint32 * /*minor_status*/, + gss_ctx_id_t /*context_handle*/, + int /*conf_req_flag*/, + gss_qop_t /*qop_req*/, + int */*conf_state*/, + gss_iov_buffer_desc */*iov*/, + int /*iov_count*/); + +OM_uint32 GSSAPI_CALLCONV _gss_spnego_wrap_size_limit ( OM_uint32 * /*minor_status*/, const gss_ctx_id_t /*context_handle*/, diff --git a/lib/gssapi/spnego/spnego.asn1 b/lib/gssapi/spnego/spnego.asn1 index 058f10ba3ad1..048e86bb43d5 100644 --- a/lib/gssapi/spnego/spnego.asn1 +++ b/lib/gssapi/spnego/spnego.asn1 @@ -1,4 +1,4 @@ --- $Id: spnego.asn1 21403 2007-07-04 08:13:12Z lha $ +-- $Id$ SPNEGO DEFINITIONS ::= BEGIN diff --git a/lib/gssapi/spnego/spnego.opt b/lib/gssapi/spnego/spnego.opt new file mode 100644 index 000000000000..cbf2f2341dbf --- /dev/null +++ b/lib/gssapi/spnego/spnego.opt @@ -0,0 +1 @@ +--sequence=MechTypeList diff --git a/lib/gssapi/spnego/spnego_locl.h b/lib/gssapi/spnego/spnego_locl.h index 44b24688e18f..3e151c7c2a4c 100644 --- a/lib/gssapi/spnego/spnego_locl.h +++ b/lib/gssapi/spnego/spnego_locl.h @@ -30,14 +30,12 @@ * SUCH DAMAGE. */ -/* $Id: spnego_locl.h 19411 2006-12-18 15:42:03Z lha $ */ +/* $Id$ */ #ifndef SPNEGO_LOCL_H #define SPNEGO_LOCL_H -#ifdef HAVE_CONFIG_H #include -#endif #ifdef HAVE_SYS_TYPES_H #include @@ -46,12 +44,15 @@ #include #endif +#include + #ifdef HAVE_PTHREAD_H #include #endif -#include #include +#include +#include #include #include #include @@ -67,17 +68,13 @@ #include #include "spnego_asn1.h" -#include "mech/utils.h" +#include "utils.h" #include -#include +#include #define ALLOC(X, N) (X) = calloc((N), sizeof(*(X))) -typedef struct { - gss_cred_id_t negotiated_cred_id; -} *gssspnego_cred; - typedef struct { MechTypeList initiator_mech_types; gss_OID preferred_mech_type; @@ -86,7 +83,6 @@ typedef struct { OM_uint32 mech_flags; OM_uint32 mech_time_rec; gss_name_t mech_src_name; - gss_cred_id_t delegated_cred_id; unsigned int open : 1; unsigned int local : 1; unsigned int require_mic : 1; @@ -110,6 +106,6 @@ typedef struct { extern gss_OID_desc _gss_spnego_mskrb_mechanism_oid_desc; extern gss_OID_desc _gss_spnego_krb5_mechanism_oid_desc; -#include +#include #endif /* SPNEGO_LOCL_H */ diff --git a/lib/gssapi/test_acquire_cred.c b/lib/gssapi/test_acquire_cred.c index fd2bc32dd52b..e1a929bf9620 100644 --- a/lib/gssapi/test_acquire_cred.c +++ b/lib/gssapi/test_acquire_cred.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2003-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003-2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -35,19 +35,19 @@ #include #endif +#include #include #include #include #include #include +#include +#include #include -#include #include #include "test_common.h" -RCSID("$Id: test_acquire_cred.c 22129 2007-12-04 01:13:13Z lha $"); - static void print_time(OM_uint32 time_rec) { @@ -79,7 +79,7 @@ test_add(gss_cred_id_t cred_handle) NULL, &time_rec, NULL); - + if (GSS_ERROR(major_status)) errx(1, "add_cred failed"); @@ -98,7 +98,7 @@ copy_cred(void) gss_cred_id_t cred_handle; OM_uint32 time_rec; - major_status = gss_acquire_cred(&minor_status, + major_status = gss_acquire_cred(&minor_status, GSS_C_NO_NAME, 0, NULL, @@ -108,7 +108,7 @@ copy_cred(void) &time_rec); if (GSS_ERROR(major_status)) errx(1, "acquire_cred failed"); - + print_time(time_rec); test_add(cred_handle); @@ -122,9 +122,10 @@ copy_cred(void) } #endif -static void +static gss_cred_id_t acquire_cred_service(const char *service, gss_OID nametype, + gss_OID_set oidset, int flags) { OM_uint32 major_status, minor_status; @@ -136,7 +137,7 @@ acquire_cred_service(const char *service, if (service) { name_buffer.value = rk_UNCONST(service); name_buffer.length = strlen(service); - + major_status = gss_import_name(&minor_status, &name_buffer, nametype, @@ -145,18 +146,18 @@ acquire_cred_service(const char *service, errx(1, "import_name failed"); } - major_status = gss_acquire_cred(&minor_status, + major_status = gss_acquire_cred(&minor_status, name, 0, - NULL, + oidset, flags, &cred_handle, NULL, &time_rec); if (GSS_ERROR(major_status)) { - warnx("acquire_cred failed: %s", + warnx("acquire_cred failed: %s", gssapi_err(major_status, minor_status, GSS_C_NO_OID)); - } else { + } else { print_time(time_rec); gss_release_cred(&minor_status, &cred_handle); } @@ -166,18 +167,28 @@ acquire_cred_service(const char *service, if (GSS_ERROR(major_status)) exit(1); + + return cred_handle; } static int version_flag = 0; static int help_flag = 0; +static int kerberos_flag = 0; +static int enctype = 0; static char *acquire_name; static char *acquire_type; +static char *target_name; static char *name_type; static char *ccache; +static int num_loops = 1; static struct getargs args[] = { {"acquire-name", 0, arg_string, &acquire_name, "name", NULL }, {"acquire-type", 0, arg_string, &acquire_type, "type", NULL }, + {"enctype", 0, arg_integer, &enctype, "enctype-num", NULL }, + {"loops", 0, arg_integer, &num_loops, "enctype-num", NULL }, + {"kerberos", 0, arg_flag, &kerberos_flag, "enctype-num", NULL }, + {"target-name", 0, arg_string, &target_name, "name", NULL }, {"ccache", 0, arg_string, &ccache, "name", NULL }, {"name-type", 0, arg_string, &name_type, "type", NULL }, {"version", 0, arg_flag, &version_flag, "print version", NULL }, @@ -194,14 +205,19 @@ usage (int ret) int main(int argc, char **argv) { - int optidx = 0; + gss_OID_set oidset = GSS_C_NULL_OID_SET; + gss_OID mechoid = GSS_C_NO_OID; + OM_uint32 maj_stat, min_stat; + gss_cred_id_t cred; + gss_name_t target = GSS_C_NO_NAME; + int i, optidx = 0; OM_uint32 flag; gss_OID type; setprogname(argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -227,7 +243,7 @@ main(int argc, char **argv) errx(1, "unknown type %s", acquire_type); } else flag = GSS_C_ACCEPT; - + if (name_type) { if (strcasecmp("hostbased-service", name_type) == 0) type = GSS_C_NT_HOSTBASED_SERVICE; @@ -239,15 +255,75 @@ main(int argc, char **argv) type = GSS_C_NT_HOSTBASED_SERVICE; if (ccache) { - OM_uint32 major_status, minor_status; - major_status = gss_krb5_ccache_name(&minor_status, - ccache, NULL); - if (GSS_ERROR(major_status)) - errx(1, "gss_krb5_ccache_name %s", - gssapi_err(major_status, minor_status, GSS_C_NO_OID)); + maj_stat = gss_krb5_ccache_name(&min_stat, ccache, NULL); + if (GSS_ERROR(maj_stat)) + errx(1, "gss_krb5_ccache_name %s", + gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); + } + + if (kerberos_flag) { + mechoid = GSS_KRB5_MECHANISM; + + maj_stat = gss_create_empty_oid_set(&min_stat, &oidset); + if (maj_stat != GSS_S_COMPLETE) + errx(1, "gss_create_empty_oid_set: %s", + gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); + + maj_stat = gss_add_oid_set_member(&min_stat, GSS_KRB5_MECHANISM, &oidset); + if (maj_stat != GSS_S_COMPLETE) + errx(1, "gss_add_oid_set_member: %s", + gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); + } + + if (target_name) { + gss_buffer_desc name; + + name.value = target_name; + name.length = strlen(target_name); + maj_stat = gss_import_name(&min_stat, &name, + GSS_C_NT_HOSTBASED_SERVICE, &target); + if (maj_stat != GSS_S_COMPLETE) + errx(1, "gss_import_name: %s", + gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); + } + + for (i = 0; i < num_loops; i++) { + + cred = acquire_cred_service(acquire_name, type, oidset, flag); + + if (enctype) { + int32_t enctypelist = enctype; + + maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, cred, + 1, &enctypelist); + if (maj_stat) + errx(1, "gss_krb5_set_allowable_enctypes: %s", + gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); + } + + if (target) { + gss_ctx_id_t context = GSS_C_NO_CONTEXT; + gss_buffer_desc out; + + out.length = 0; + out.value = NULL; + + maj_stat = gss_init_sec_context(&min_stat, + cred, &context, + target, mechoid, + GSS_C_MUTUAL_FLAG, 0, NULL, + GSS_C_NO_BUFFER, NULL, + &out, NULL, NULL); + if (maj_stat != GSS_S_COMPLETE && maj_stat != GSS_S_CONTINUE_NEEDED) + errx(1, "init_sec_context failed: %s", + gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); + + gss_release_buffer(&min_stat, &out); + gss_delete_sec_context(&min_stat, &context, NULL); + } + gss_release_cred(&min_stat, &cred); } - acquire_cred_service(acquire_name, type, flag); return 0; } diff --git a/lib/gssapi/test_common.c b/lib/gssapi/test_common.c index 329180f23387..8251aef867c5 100644 --- a/lib/gssapi/test_common.c +++ b/lib/gssapi/test_common.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -35,8 +35,6 @@ #include #include "test_common.h" -RCSID("$Id: test_common.c 20075 2007-01-31 06:05:19Z lha $"); - char * gssapi_err(OM_uint32 maj_stat, OM_uint32 min_stat, gss_OID mech) { @@ -51,20 +49,21 @@ gssapi_err(OM_uint32 maj_stat, OM_uint32 min_stat, gss_OID mech) maj_error_message.value = NULL; min_error_message.length = 0; min_error_message.value = NULL; - - disp_maj_stat = gss_display_status(&disp_min_stat, maj_stat, + + disp_maj_stat = gss_display_status(&disp_min_stat, maj_stat, GSS_C_GSS_CODE, mech, &msg_ctx, &maj_error_message); disp_maj_stat = gss_display_status(&disp_min_stat, min_stat, GSS_C_MECH_CODE, mech, &msg_ctx, &min_error_message); - asprintf(&ret, "gss-code: %lu %.*s\nmech-code: %lu %.*s", - (unsigned long)maj_stat, - (int)maj_error_message.length, - (char *)maj_error_message.value, - (unsigned long)min_stat, - (int)min_error_message.length, - (char *)min_error_message.value); + if (asprintf(&ret, "gss-code: %lu %.*s -- mech-code: %lu %.*s", + (unsigned long)maj_stat, + (int)maj_error_message.length, + (char *)maj_error_message.value, + (unsigned long)min_stat, + (int)min_error_message.length, + (char *)min_error_message.value) < 0 || ret == NULL) + errx(1, "malloc"); gss_release_buffer(&disp_min_stat, &maj_error_message); gss_release_buffer(&disp_min_stat, &min_error_message); diff --git a/lib/gssapi/test_common.h b/lib/gssapi/test_common.h index 8e78a5d30ec4..fda2949609a9 100644 --- a/lib/gssapi/test_common.h +++ b/lib/gssapi/test_common.h @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -31,6 +31,6 @@ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* $Id: test_common.h 20075 2007-01-31 06:05:19Z lha $ */ +/* $Id$ */ char * gssapi_err(OM_uint32, OM_uint32, gss_OID); diff --git a/lib/gssapi/test_context.c b/lib/gssapi/test_context.c index e02535aec22a..5bdf474d9b93 100644 --- a/lib/gssapi/test_context.c +++ b/lib/gssapi/test_context.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,41 +34,67 @@ #include "krb5/gsskrb5_locl.h" #include #include +#include +#include +#include +#include #include "test_common.h" -RCSID("$Id: test_context.c 20075 2007-01-31 06:05:19Z lha $"); - static char *type_string; static char *mech_string; static char *ret_mech_string; +static char *client_name; +static char *client_password; static int dns_canon_flag = -1; static int mutual_auth_flag = 0; static int dce_style_flag = 0; static int wrapunwrap_flag = 0; +static int iov_flag = 0; static int getverifymic_flag = 0; static int deleg_flag = 0; +static int policy_deleg_flag = 0; +static int server_no_deleg_flag = 0; +static int ei_flag = 0; +static char *gsskrb5_acceptor_identity = NULL; +static char *session_enctype_string = NULL; +static int client_time_offset = 0; +static int server_time_offset = 0; +static int max_loops = 0; +static char *limit_enctype_string = NULL; static int version_flag = 0; static int verbose_flag = 0; static int help_flag = 0; +static krb5_context context; +static krb5_enctype limit_enctype = 0; + static struct { const char *name; - gss_OID *oid; + gss_OID oid; } o2n[] = { - { "krb5", &GSS_KRB5_MECHANISM }, - { "spnego", &GSS_SPNEGO_MECHANISM }, - { "ntlm", &GSS_NTLM_MECHANISM }, - { "sasl-digest-md5", &GSS_SASL_DIGEST_MD5_MECHANISM } + { "krb5", NULL /* GSS_KRB5_MECHANISM */ }, + { "spnego", NULL /* GSS_SPNEGO_MECHANISM */ }, + { "ntlm", NULL /* GSS_NTLM_MECHANISM */ }, + { "sasl-digest-md5", NULL /* GSS_SASL_DIGEST_MD5_MECHANISM */ } }; +static void +init_o2n(void) +{ + o2n[0].oid = GSS_KRB5_MECHANISM; + o2n[1].oid = GSS_SPNEGO_MECHANISM; + o2n[2].oid = GSS_NTLM_MECHANISM; + o2n[3].oid = GSS_SASL_DIGEST_MD5_MECHANISM; +} + static gss_OID string_to_oid(const char *name) { int i; for (i = 0; i < sizeof(o2n)/sizeof(o2n[0]); i++) if (strcasecmp(name, o2n[i].name) == 0) - return *o2n[i].oid; - errx(1, "name %s not unknown", name); + return o2n[i].oid; + errx(1, "name '%s' not unknown", name); } static const char * @@ -76,7 +102,7 @@ oid_to_string(const gss_OID oid) { int i; for (i = 0; i < sizeof(o2n)/sizeof(o2n[0]); i++) - if (gss_oid_equal(oid, *o2n[i].oid)) + if (gss_oid_equal(oid, o2n[i].oid)) return o2n[i].name; return "unknown oid"; } @@ -86,16 +112,17 @@ loop(gss_OID mechoid, gss_OID nameoid, const char *target, gss_cred_id_t init_cred, gss_ctx_id_t *sctx, gss_ctx_id_t *cctx, - gss_OID *actual_mech, + gss_OID *actual_mech, gss_cred_id_t *deleg_cred) { int server_done = 0, client_done = 0; + int num_loops = 0; OM_uint32 maj_stat, min_stat; gss_name_t gss_target_name; gss_buffer_desc input_token, output_token; OM_uint32 flags = 0, ret_cflags, ret_sflags; - gss_OID actual_mech_client; - gss_OID actual_mech_server; + gss_OID actual_mech_client; + gss_OID actual_mech_server; *actual_mech = GSS_C_NO_OID; @@ -108,6 +135,8 @@ loop(gss_OID mechoid, flags |= GSS_C_DCE_STYLE; if (deleg_flag) flags |= GSS_C_DELEG_FLAG; + if (policy_deleg_flag) + flags |= GSS_C_DELEG_POLICY_FLAG; input_token.value = rk_UNCONST(target); input_token.length = strlen(target); @@ -123,14 +152,17 @@ loop(gss_OID mechoid, input_token.value = NULL; while (!server_done || !client_done) { + num_loops++; + + gsskrb5_set_time_offset(client_time_offset); maj_stat = gss_init_sec_context(&min_stat, init_cred, cctx, gss_target_name, - mechoid, + mechoid, flags, - 0, + 0, NULL, &input_token, &actual_mech_client, @@ -145,12 +177,16 @@ loop(gss_OID mechoid, else client_done = 1; + gsskrb5_get_time_offset(&client_time_offset); + if (client_done && server_done) break; if (input_token.length != 0) gss_release_buffer(&min_stat, &input_token); + gsskrb5_set_time_offset(server_time_offset); + maj_stat = gss_accept_sec_context(&min_stat, sctx, GSS_C_NO_CREDENTIAL, @@ -166,8 +202,7 @@ loop(gss_OID mechoid, errx(1, "accept_sec_context: %s", gssapi_err(maj_stat, min_stat, actual_mech_server)); - if (verbose_flag) - printf("%.*s", (int)input_token.length, (char *)input_token.value); + gsskrb5_get_time_offset(&server_time_offset); if (output_token.length != 0) gss_release_buffer(&min_stat, &output_token); @@ -176,24 +211,42 @@ loop(gss_OID mechoid, ; else server_done = 1; - } + } if (output_token.length != 0) gss_release_buffer(&min_stat, &output_token); if (input_token.length != 0) gss_release_buffer(&min_stat, &input_token); gss_release_name(&min_stat, &gss_target_name); + if (deleg_flag || policy_deleg_flag) { + if (server_no_deleg_flag) { + if (*deleg_cred != GSS_C_NO_CREDENTIAL) + errx(1, "got delegated cred but didn't expect one"); + } else if (*deleg_cred == GSS_C_NO_CREDENTIAL) + errx(1, "asked for delegarated cred but did get one"); + } else if (*deleg_cred != GSS_C_NO_CREDENTIAL) + errx(1, "got deleg_cred cred but didn't ask"); + if (gss_oid_equal(actual_mech_server, actual_mech_client) == 0) errx(1, "mech mismatch"); *actual_mech = actual_mech_server; + + if (max_loops && num_loops > max_loops) + errx(1, "num loops %d was lager then max loops %d", + num_loops, max_loops); + + if (verbose_flag) { + printf("server time offset: %d\n", server_time_offset); + printf("client time offset: %d\n", client_time_offset); + printf("num loops %d\n", num_loops); + } } static void -wrapunwrap(gss_ctx_id_t cctx, gss_ctx_id_t sctx, gss_OID mechoid) +wrapunwrap(gss_ctx_id_t cctx, gss_ctx_id_t sctx, int flags, gss_OID mechoid) { gss_buffer_desc input_token, output_token, output_token2; OM_uint32 min_stat, maj_stat; - int32_t flags = 0; gss_qop_t qop_state; int conf_state; @@ -211,6 +264,155 @@ wrapunwrap(gss_ctx_id_t cctx, gss_ctx_id_t sctx, gss_OID mechoid) if (maj_stat != GSS_S_COMPLETE) errx(1, "gss_unwrap failed: %s", gssapi_err(maj_stat, min_stat, mechoid)); + + gss_release_buffer(&min_stat, &output_token); + gss_release_buffer(&min_stat, &output_token2); + +#if 0 /* doesn't work for NTLM yet */ + if (!!conf_state != !!flags) + errx(1, "conf_state mismatch"); +#endif +} + +#define USE_CONF 1 +#define USE_HEADER_ONLY 2 +#define USE_SIGN_ONLY 4 +#define FORCE_IOV 8 + +static void +wrapunwrap_iov(gss_ctx_id_t cctx, gss_ctx_id_t sctx, int flags, gss_OID mechoid) +{ + krb5_data token, header, trailer; + OM_uint32 min_stat, maj_stat; + gss_qop_t qop_state; + int conf_state, conf_state2; + gss_iov_buffer_desc iov[6]; + unsigned char *p; + int iov_len; + char header_data[9] = "ABCheader"; + char trailer_data[10] = "trailerXYZ"; + + char token_data[16] = "0123456789abcdef"; + + memset(&iov, 0, sizeof(iov)); + + if (flags & USE_SIGN_ONLY) { + header.data = header_data; + header.length = 9; + trailer.data = trailer_data; + trailer.length = 10; + } else { + header.data = NULL; + header.length = 0; + trailer.data = NULL; + trailer.length = 0; + } + + token.data = token_data; + token.length = 16; + + iov_len = sizeof(iov)/sizeof(iov[0]); + + memset(iov, 0, sizeof(iov)); + + iov[0].type = GSS_IOV_BUFFER_TYPE_HEADER | GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE; + + if (header.length != 0) { + iov[1].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY; + iov[1].buffer.length = header.length; + iov[1].buffer.value = header.data; + } else { + iov[1].type = GSS_IOV_BUFFER_TYPE_EMPTY; + iov[1].buffer.length = 0; + iov[1].buffer.value = NULL; + } + iov[2].type = GSS_IOV_BUFFER_TYPE_DATA; + iov[2].buffer.length = token.length; + iov[2].buffer.value = token.data; + if (trailer.length != 0) { + iov[3].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY; + iov[3].buffer.length = trailer.length; + iov[3].buffer.value = trailer.data; + } else { + iov[3].type = GSS_IOV_BUFFER_TYPE_EMPTY; + iov[3].buffer.length = 0; + iov[3].buffer.value = NULL; + } + if (dce_style_flag) { + iov[4].type = GSS_IOV_BUFFER_TYPE_EMPTY; + } else { + iov[4].type = GSS_IOV_BUFFER_TYPE_PADDING | GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE; + } + iov[4].buffer.length = 0; + iov[4].buffer.value = 0; + if (dce_style_flag) { + iov[5].type = GSS_IOV_BUFFER_TYPE_EMPTY; + } else if (flags & USE_HEADER_ONLY) { + iov[5].type = GSS_IOV_BUFFER_TYPE_EMPTY; + } else { + iov[5].type = GSS_IOV_BUFFER_TYPE_TRAILER | GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE; + } + iov[5].buffer.length = 0; + iov[5].buffer.value = 0; + + maj_stat = gss_wrap_iov(&min_stat, cctx, dce_style_flag || flags & USE_CONF, 0, &conf_state, + iov, iov_len); + if (maj_stat != GSS_S_COMPLETE) + errx(1, "gss_wrap_iov failed"); + + token.length = + iov[0].buffer.length + + iov[1].buffer.length + + iov[2].buffer.length + + iov[3].buffer.length + + iov[4].buffer.length + + iov[5].buffer.length; + token.data = emalloc(token.length); + + p = token.data; + memcpy(p, iov[0].buffer.value, iov[0].buffer.length); + p += iov[0].buffer.length; + memcpy(p, iov[1].buffer.value, iov[1].buffer.length); + p += iov[1].buffer.length; + memcpy(p, iov[2].buffer.value, iov[2].buffer.length); + p += iov[2].buffer.length; + memcpy(p, iov[3].buffer.value, iov[3].buffer.length); + p += iov[3].buffer.length; + memcpy(p, iov[4].buffer.value, iov[4].buffer.length); + p += iov[4].buffer.length; + memcpy(p, iov[5].buffer.value, iov[5].buffer.length); + p += iov[5].buffer.length; + + assert(p - ((unsigned char *)token.data) == token.length); + + if ((flags & (USE_SIGN_ONLY|FORCE_IOV)) == 0) { + gss_buffer_desc input, output; + + input.value = token.data; + input.length = token.length; + + maj_stat = gss_unwrap(&min_stat, sctx, &input, + &output, &conf_state2, &qop_state); + + if (maj_stat != GSS_S_COMPLETE) + errx(1, "gss_unwrap from gss_wrap_iov failed: %s", + gssapi_err(maj_stat, min_stat, mechoid)); + + gss_release_buffer(&min_stat, &output); + } else { + maj_stat = gss_unwrap_iov(&min_stat, sctx, &conf_state2, &qop_state, + iov, iov_len); + + if (maj_stat != GSS_S_COMPLETE) + errx(1, "gss_unwrap_iov failed: %x %s", flags, + gssapi_err(maj_stat, min_stat, mechoid)); + + } + if (conf_state2 != conf_state) + errx(1, "conf state wrong for iov: %x", flags); + + + free(token.data); } static void @@ -234,8 +436,24 @@ getverifymic(gss_ctx_id_t cctx, gss_ctx_id_t sctx, gss_OID mechoid) if (maj_stat != GSS_S_COMPLETE) errx(1, "gss_verify_mic failed: %s", gssapi_err(maj_stat, min_stat, mechoid)); + + gss_release_buffer(&min_stat, &output_token); } +static void +empty_release(void) +{ + gss_ctx_id_t ctx = GSS_C_NO_CONTEXT; + gss_cred_id_t cred = GSS_C_NO_CREDENTIAL; + gss_name_t name = GSS_C_NO_NAME; + gss_OID_set oidset = GSS_C_NO_OID_SET; + OM_uint32 junk; + + gss_delete_sec_context(&junk, &ctx, NULL); + gss_release_cred(&junk, &cred); + gss_release_name(&junk, &name); + gss_release_oid_set(&junk, &oidset); +} /* * @@ -246,14 +464,27 @@ static struct getargs args[] = { {"mech-type",0, arg_string, &mech_string, "type of mech", NULL }, {"ret-mech-type",0, arg_string, &ret_mech_string, "type of return mech", NULL }, - {"dns-canonicalize",0,arg_negative_flag, &dns_canon_flag, + {"dns-canonicalize",0,arg_negative_flag, &dns_canon_flag, "use dns to canonicalize", NULL }, {"mutual-auth",0, arg_flag, &mutual_auth_flag,"mutual auth", NULL }, + {"client-name", 0, arg_string, &client_name, "client name", NULL }, + {"client-password", 0, arg_string, &client_password, "client password", NULL }, + {"limit-enctype",0, arg_string, &limit_enctype_string, "enctype", NULL }, {"dce-style",0, arg_flag, &dce_style_flag, "dce-style", NULL }, {"wrapunwrap",0, arg_flag, &wrapunwrap_flag, "wrap/unwrap", NULL }, - {"getverifymic",0, arg_flag, &getverifymic_flag, + {"iov", 0, arg_flag, &iov_flag, "wrap/unwrap iov", NULL }, + {"getverifymic",0, arg_flag, &getverifymic_flag, "get and verify mic", NULL }, {"delegate",0, arg_flag, &deleg_flag, "delegate credential", NULL }, + {"policy-delegate",0, arg_flag, &policy_deleg_flag, "policy delegate credential", NULL }, + {"server-no-delegate",0, arg_flag, &server_no_deleg_flag, + "server should get a credential", NULL }, + {"export-import-cred",0, arg_flag, &ei_flag, "test export/import cred", NULL }, + {"gsskrb5-acceptor-identity", 0, arg_string, &gsskrb5_acceptor_identity, "keytab", NULL }, + {"session-enctype", 0, arg_string, &session_enctype_string, "enctype", NULL }, + {"client-time-offset", 0, arg_integer, &client_time_offset, "time", NULL }, + {"server-time-offset", 0, arg_integer, &server_time_offset, "time", NULL }, + {"max-loops", 0, arg_integer, &max_loops, "time", NULL }, {"version", 0, arg_flag, &version_flag, "print version", NULL }, {"verbose", 'v', arg_flag, &verbose_flag, "verbose", NULL }, {"help", 0, arg_flag, &help_flag, NULL, NULL } @@ -274,16 +505,23 @@ main(int argc, char **argv) OM_uint32 min_stat, maj_stat; gss_ctx_id_t cctx, sctx; void *ctx; - gss_OID nameoid, mechoid, actual_mech; - gss_cred_id_t deleg_cred = GSS_C_NO_CREDENTIAL; + gss_OID nameoid, mechoid, actual_mech, actual_mech2; + gss_cred_id_t client_cred = GSS_C_NO_CREDENTIAL, deleg_cred = GSS_C_NO_CREDENTIAL; + gss_name_t cname = GSS_C_NO_NAME; + gss_buffer_desc credential_data = GSS_C_EMPTY_BUFFER; setprogname(argv[0]); + init_o2n(); + + if (krb5_init_context(&context)) + errx(1, "krb5_init_context"); + cctx = sctx = GSS_C_NO_CONTEXT; if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) usage(1); - + if (help_flag) usage (0); @@ -312,12 +550,85 @@ main(int argc, char **argv) if (mech_string == NULL) mechoid = GSS_KRB5_MECHANISM; - else + else mechoid = string_to_oid(mech_string); - loop(mechoid, nameoid, argv[0], GSS_C_NO_CREDENTIAL, + if (gsskrb5_acceptor_identity) { + maj_stat = gsskrb5_register_acceptor_identity(gsskrb5_acceptor_identity); + if (maj_stat) + errx(1, "gsskrb5_acceptor_identity: %s", + gssapi_err(maj_stat, 0, GSS_C_NO_OID)); + } + + if (client_password) { + credential_data.value = client_password; + credential_data.length = strlen(client_password); + } + + if (client_name) { + gss_buffer_desc cn; + + cn.value = client_name; + cn.length = strlen(client_name); + + maj_stat = gss_import_name(&min_stat, &cn, GSS_C_NT_USER_NAME, &cname); + if (maj_stat) + errx(1, "gss_import_name: %s", + gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); + } + + if (client_password) { + maj_stat = gss_acquire_cred_with_password(&min_stat, + cname, + &credential_data, + GSS_C_INDEFINITE, + GSS_C_NO_OID_SET, + GSS_C_INITIATE, + &client_cred, + NULL, + NULL); + if (GSS_ERROR(maj_stat)) + errx(1, "gss_acquire_cred_with_password: %s", + gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); + } else { + maj_stat = gss_acquire_cred(&min_stat, + cname, + GSS_C_INDEFINITE, + GSS_C_NO_OID_SET, + GSS_C_INITIATE, + &client_cred, + NULL, + NULL); + if (GSS_ERROR(maj_stat)) + errx(1, "gss_acquire_cred: %s", + gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); + } + + if (limit_enctype_string) { + krb5_error_code ret; + + ret = krb5_string_to_enctype(context, + limit_enctype_string, + &limit_enctype); + if (ret) + krb5_err(context, 1, ret, "krb5_string_to_enctype"); + } + + + if (limit_enctype) { + if (client_cred == NULL) + errx(1, "client_cred missing"); + + maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, client_cred, + 1, &limit_enctype); + if (maj_stat) + errx(1, "gss_krb5_set_allowable_enctypes: %s", + gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); + } + + loop(mechoid, nameoid, argv[0], client_cred, &sctx, &cctx, &actual_mech, &deleg_cred); - + if (verbose_flag) printf("resulting mech: %s\n", oid_to_string(actual_mech)); @@ -327,43 +638,38 @@ main(int argc, char **argv) retoid = string_to_oid(ret_mech_string); if (gss_oid_equal(retoid, actual_mech) == 0) - errx(1, "actual_mech mech is not the expected type %s", + errx(1, "actual_mech mech is not the expected type %s", ret_mech_string); } /* XXX should be actual_mech */ - if (gss_oid_equal(mechoid, GSS_KRB5_MECHANISM)) { - krb5_context context; - time_t time, skew; + if (gss_oid_equal(mechoid, GSS_KRB5_MECHANISM)) { + time_t time; gss_buffer_desc authz_data; gss_buffer_desc in, out1, out2; krb5_keyblock *keyblock, *keyblock2; krb5_timestamp now; krb5_error_code ret; - ret = krb5_init_context(&context); - if (ret) - errx(1, "krb5_init_context"); - ret = krb5_timeofday(context, &now); - if (ret) - errx(1, "krb5_timeofday failed"); - + if (ret) + errx(1, "krb5_timeofday failed"); + /* client */ maj_stat = gss_krb5_export_lucid_sec_context(&min_stat, &cctx, 1, /* version */ &ctx); if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_krb5_export_lucid_sec_context failed: %s", - gssapi_err(maj_stat, min_stat, actual_mech)); - - + errx(1, "gss_krb5_export_lucid_sec_context failed: %s", + gssapi_err(maj_stat, min_stat, actual_mech)); + + maj_stat = gss_krb5_free_lucid_sec_context(&maj_stat, ctx); if (maj_stat != GSS_S_COMPLETE) errx(1, "gss_krb5_free_lucid_sec_context failed: %s", gssapi_err(maj_stat, min_stat, actual_mech)); - + /* server */ maj_stat = gss_krb5_export_lucid_sec_context(&min_stat, &sctx, @@ -384,13 +690,10 @@ main(int argc, char **argv) errx(1, "gsskrb5_extract_authtime_from_sec_context failed: %s", gssapi_err(maj_stat, min_stat, actual_mech)); - skew = abs(time - now); - if (skew > krb5_get_max_time_skew(context)) { + if (time > now) errx(1, "gsskrb5_extract_authtime_from_sec_context failed: " - "time skew too great %llu > %llu", - (unsigned long long)skew, - (unsigned long long)krb5_get_max_time_skew(context)); - } + "time authtime is before now: %ld %ld", + (long)time, (long)now); maj_stat = gsskrb5_extract_service_keyblock(&min_stat, sctx, @@ -404,24 +707,28 @@ main(int argc, char **argv) maj_stat = gsskrb5_get_subkey(&min_stat, sctx, &keyblock); - if (maj_stat != GSS_S_COMPLETE + if (maj_stat != GSS_S_COMPLETE && (!(maj_stat == GSS_S_FAILURE && min_stat == GSS_KRB5_S_KG_NO_SUBKEY))) errx(1, "gsskrb5_get_subkey server failed: %s", gssapi_err(maj_stat, min_stat, actual_mech)); if (maj_stat != GSS_S_COMPLETE) keyblock = NULL; - + else if (limit_enctype && keyblock->keytype != limit_enctype) + errx(1, "gsskrb5_get_subkey wrong enctype"); + maj_stat = gsskrb5_get_subkey(&min_stat, cctx, &keyblock2); - if (maj_stat != GSS_S_COMPLETE + if (maj_stat != GSS_S_COMPLETE && (!(maj_stat == GSS_S_FAILURE && min_stat == GSS_KRB5_S_KG_NO_SUBKEY))) errx(1, "gsskrb5_get_subkey client failed: %s", gssapi_err(maj_stat, min_stat, actual_mech)); if (maj_stat != GSS_S_COMPLETE) keyblock2 = NULL; + else if (limit_enctype && keyblock->keytype != limit_enctype) + errx(1, "gsskrb5_get_subkey wrong enctype"); if (keyblock || keyblock2) { if (keyblock == NULL) @@ -433,11 +740,26 @@ main(int argc, char **argv) errx(1, "enctype mismatch"); if (keyblock->keyvalue.length != keyblock2->keyvalue.length) errx(1, "key length mismatch"); - if (memcmp(keyblock->keyvalue.data, keyblock2->keyvalue.data, + if (memcmp(keyblock->keyvalue.data, keyblock2->keyvalue.data, keyblock2->keyvalue.length) != 0) errx(1, "key data mismatch"); } + if (session_enctype_string) { + krb5_enctype enctype; + + ret = krb5_string_to_enctype(context, + session_enctype_string, + &enctype); + + if (ret) + krb5_err(context, 1, ret, "krb5_string_to_enctype"); + + if (enctype != keyblock->keytype) + errx(1, "keytype is not the expected %d != %d", + (int)enctype, (int)keyblock2->keytype); + } + if (keyblock) krb5_free_keyblock(context, keyblock); if (keyblock2) @@ -446,13 +768,17 @@ main(int argc, char **argv) maj_stat = gsskrb5_get_initiator_subkey(&min_stat, sctx, &keyblock); - if (maj_stat != GSS_S_COMPLETE + if (maj_stat != GSS_S_COMPLETE && (!(maj_stat == GSS_S_FAILURE && min_stat == GSS_KRB5_S_KG_NO_SUBKEY))) errx(1, "gsskrb5_get_initiator_subkey failed: %s", gssapi_err(maj_stat, min_stat, actual_mech)); - if (maj_stat == GSS_S_COMPLETE) + if (maj_stat == GSS_S_COMPLETE) { + + if (limit_enctype && keyblock->keytype != limit_enctype) + errx(1, "gsskrb5_get_initiator_subkey wrong enctype"); krb5_free_keyblock(context, keyblock); + } maj_stat = gsskrb5_extract_authz_data_from_sec_context(&min_stat, sctx, @@ -461,8 +787,6 @@ main(int argc, char **argv) if (maj_stat == GSS_S_COMPLETE) gss_release_buffer(&min_stat, &authz_data); - krb5_free_context(context); - memset(&out1, 0, sizeof(out1)); memset(&out2, 0, sizeof(out2)); @@ -470,19 +794,19 @@ main(int argc, char **argv) in.value = "foo"; in.length = 3; - gss_pseudo_random(&min_stat, sctx, GSS_C_PRF_KEY_FULL, &in, + gss_pseudo_random(&min_stat, sctx, GSS_C_PRF_KEY_FULL, &in, 100, &out1); - gss_pseudo_random(&min_stat, cctx, GSS_C_PRF_KEY_FULL, &in, + gss_pseudo_random(&min_stat, cctx, GSS_C_PRF_KEY_FULL, &in, 100, &out2); if (out1.length != out2.length) errx(1, "prf len mismatch"); if (memcmp(out1.value, out2.value, out1.length) != 0) errx(1, "prf data mismatch"); - + gss_release_buffer(&min_stat, &out1); - gss_pseudo_random(&min_stat, sctx, GSS_C_PRF_KEY_FULL, &in, + gss_pseudo_random(&min_stat, sctx, GSS_C_PRF_KEY_FULL, &in, 100, &out1); if (out1.length != out2.length) @@ -496,9 +820,9 @@ main(int argc, char **argv) in.value = "bar"; in.length = 3; - gss_pseudo_random(&min_stat, sctx, GSS_C_PRF_KEY_PARTIAL, &in, + gss_pseudo_random(&min_stat, sctx, GSS_C_PRF_KEY_PARTIAL, &in, 100, &out1); - gss_pseudo_random(&min_stat, cctx, GSS_C_PRF_KEY_PARTIAL, &in, + gss_pseudo_random(&min_stat, cctx, GSS_C_PRF_KEY_PARTIAL, &in, 100, &out2); if (out1.length != out2.length) @@ -514,11 +838,48 @@ main(int argc, char **argv) } if (wrapunwrap_flag) { - wrapunwrap(cctx, sctx, actual_mech); - wrapunwrap(cctx, sctx, actual_mech); - wrapunwrap(sctx, cctx, actual_mech); - wrapunwrap(sctx, cctx, actual_mech); + wrapunwrap(cctx, sctx, 0, actual_mech); + wrapunwrap(cctx, sctx, 1, actual_mech); + wrapunwrap(sctx, cctx, 0, actual_mech); + wrapunwrap(sctx, cctx, 1, actual_mech); } + + if (iov_flag) { + wrapunwrap_iov(cctx, sctx, 0, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_HEADER_ONLY|FORCE_IOV, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_HEADER_ONLY, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_CONF, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_CONF|USE_HEADER_ONLY, actual_mech); + + wrapunwrap_iov(cctx, sctx, FORCE_IOV, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_CONF|FORCE_IOV, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_HEADER_ONLY|FORCE_IOV, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_CONF|USE_HEADER_ONLY|FORCE_IOV, actual_mech); + + wrapunwrap_iov(cctx, sctx, USE_SIGN_ONLY|FORCE_IOV, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_CONF|USE_SIGN_ONLY|FORCE_IOV, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_CONF|USE_HEADER_ONLY|USE_SIGN_ONLY|FORCE_IOV, actual_mech); + +/* works */ + wrapunwrap_iov(cctx, sctx, 0, actual_mech); + wrapunwrap_iov(cctx, sctx, FORCE_IOV, actual_mech); + + wrapunwrap_iov(cctx, sctx, USE_CONF, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_CONF|FORCE_IOV, actual_mech); + + wrapunwrap_iov(cctx, sctx, USE_SIGN_ONLY, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_SIGN_ONLY|FORCE_IOV, actual_mech); + + wrapunwrap_iov(cctx, sctx, USE_CONF|USE_SIGN_ONLY, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_CONF|USE_SIGN_ONLY|FORCE_IOV, actual_mech); + + wrapunwrap_iov(cctx, sctx, USE_HEADER_ONLY, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_HEADER_ONLY|FORCE_IOV, actual_mech); + + wrapunwrap_iov(cctx, sctx, USE_CONF|USE_HEADER_ONLY, actual_mech); + wrapunwrap_iov(cctx, sctx, USE_CONF|USE_HEADER_ONLY|FORCE_IOV, actual_mech); + } + if (getverifymic_flag) { getverifymic(cctx, sctx, actual_mech); getverifymic(cctx, sctx, actual_mech); @@ -526,17 +887,84 @@ main(int argc, char **argv) getverifymic(sctx, cctx, actual_mech); } + gss_delete_sec_context(&min_stat, &cctx, NULL); gss_delete_sec_context(&min_stat, &sctx, NULL); if (deleg_cred != GSS_C_NO_CREDENTIAL) { + gss_cred_id_t cred2 = GSS_C_NO_CREDENTIAL; + gss_buffer_desc cb; - loop(mechoid, nameoid, argv[0], deleg_cred, &cctx, &sctx, &actual_mech, NULL); + if (verbose_flag) + printf("checking actual mech (%s) on delegated cred\n", + oid_to_string(actual_mech)); + loop(actual_mech, nameoid, argv[0], deleg_cred, &sctx, &cctx, &actual_mech2, &cred2); gss_delete_sec_context(&min_stat, &cctx, NULL); gss_delete_sec_context(&min_stat, &sctx, NULL); + gss_release_cred(&min_stat, &cred2); + + /* try again using SPNEGO */ + if (verbose_flag) + printf("checking spnego on delegated cred\n"); + loop(GSS_SPNEGO_MECHANISM, nameoid, argv[0], deleg_cred, &sctx, &cctx, + &actual_mech2, &cred2); + + gss_delete_sec_context(&min_stat, &cctx, NULL); + gss_delete_sec_context(&min_stat, &sctx, NULL); + + gss_release_cred(&min_stat, &cred2); + + /* check export/import */ + if (ei_flag) { + + maj_stat = gss_export_cred(&min_stat, deleg_cred, &cb); + if (maj_stat != GSS_S_COMPLETE) + errx(1, "export failed: %s", + gssapi_err(maj_stat, min_stat, NULL)); + + maj_stat = gss_import_cred(&min_stat, &cb, &cred2); + if (maj_stat != GSS_S_COMPLETE) + errx(1, "import failed: %s", + gssapi_err(maj_stat, min_stat, NULL)); + + gss_release_buffer(&min_stat, &cb); + gss_release_cred(&min_stat, &deleg_cred); + + if (verbose_flag) + printf("checking actual mech (%s) on export/imported cred\n", + oid_to_string(actual_mech)); + loop(actual_mech, nameoid, argv[0], cred2, &sctx, &cctx, + &actual_mech2, &deleg_cred); + + gss_release_cred(&min_stat, &deleg_cred); + + gss_delete_sec_context(&min_stat, &cctx, NULL); + gss_delete_sec_context(&min_stat, &sctx, NULL); + + /* try again using SPNEGO */ + if (verbose_flag) + printf("checking SPNEGO on export/imported cred\n"); + loop(GSS_SPNEGO_MECHANISM, nameoid, argv[0], cred2, &sctx, &cctx, + &actual_mech2, &deleg_cred); + + gss_release_cred(&min_stat, &deleg_cred); + + gss_delete_sec_context(&min_stat, &cctx, NULL); + gss_delete_sec_context(&min_stat, &sctx, NULL); + + gss_release_cred(&min_stat, &cred2); + + } else { + gss_release_cred(&min_stat, &deleg_cred); + } + } + empty_release(); + + krb5_free_context(context); + return 0; } diff --git a/lib/gssapi/test_cred.c b/lib/gssapi/test_cred.c index 5ecc89f360f9..23428050d1e8 100644 --- a/lib/gssapi/test_cred.c +++ b/lib/gssapi/test_cred.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2003-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -35,17 +35,17 @@ #include #endif +#include #include #include #include #include #include +#include +#include #include -#include #include -RCSID("$Id: test_cred.c 17750 2006-06-30 11:55:28Z lha $"); - static void gss_print_errors (int min_stat) { @@ -62,7 +62,8 @@ gss_print_errors (int min_stat) &msg_ctx, &status_string); if (!GSS_ERROR(ret)) { - fprintf (stderr, "%s\n", (char *)status_string.value); + fprintf (stderr, "%.*s\n", (int)status_string.length, + (char *)status_string.value); gss_release_buffer (&new_stat, &status_string); } } while (!GSS_ERROR(ret) && msg_ctx != 0); @@ -96,12 +97,12 @@ acquire_release_loop(gss_name_t name, int counter, gss_cred_usage_t usage) NULL, NULL); if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "aquire %d %d != GSS_S_COMPLETE", + gss_err(1, min_stat, "aquire %d %d != GSS_S_COMPLETE", i, (int)maj_stat); - + maj_stat = gss_release_cred(&min_stat, &cred); if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "release %d %d != GSS_S_COMPLETE", + gss_err(1, min_stat, "release %d %d != GSS_S_COMPLETE", i, (int)maj_stat); } } @@ -122,7 +123,7 @@ acquire_add_release_add(gss_name_t name, gss_cred_usage_t usage) NULL); if (maj_stat != GSS_S_COMPLETE) gss_err(1, min_stat, "aquire %d != GSS_S_COMPLETE", (int)maj_stat); - + maj_stat = gss_add_cred(&min_stat, cred, GSS_C_NO_NAME, @@ -134,7 +135,7 @@ acquire_add_release_add(gss_name_t name, gss_cred_usage_t usage) NULL, NULL, NULL); - + if (maj_stat != GSS_S_COMPLETE) gss_err(1, min_stat, "add_cred %d != GSS_S_COMPLETE", (int)maj_stat); @@ -191,7 +192,7 @@ main(int argc, char **argv) setprogname(argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); diff --git a/lib/gssapi/test_kcred.c b/lib/gssapi/test_kcred.c index b774b0431ff9..a22d4ec9b8be 100644 --- a/lib/gssapi/test_kcred.c +++ b/lib/gssapi/test_kcred.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2003-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -35,18 +35,18 @@ #include #endif +#include #include #include #include #include #include +#include +#include #include #include -#include #include -RCSID("$Id: test_kcred.c 20694 2007-05-30 13:58:46Z lha $"); - static int version_flag = 0; static int help_flag = 0; @@ -79,9 +79,9 @@ copy_import(void) if (ret) errx(1, "krb5_init_context"); - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); + ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, &id); if (ret) - krb5_err(context, 1, ret, "krb5_cc_gen_new"); + krb5_err(context, 1, ret, "krb5_cc_new_unique"); maj_stat = gss_krb5_copy_ccache(&min_stat, cred1, id); if (maj_stat != GSS_S_COMPLETE) @@ -101,7 +101,7 @@ copy_import(void) errx(1, "gss_compare_name"); if (!equal) errx(1, "names not equal"); - + if (lifetime1 != lifetime2) errx(1, "lifetime not equal %lu != %lu", (unsigned long)lifetime1, (unsigned long)lifetime2); @@ -125,7 +125,7 @@ copy_import(void) errx(1, "gss_compare_name"); if (!equal) errx(1, "names not equal"); - + if (lifetime1 != lifetime2) errx(1, "lifetime not equal %lu != %lu", (unsigned long)lifetime1, (unsigned long)lifetime2); @@ -168,7 +168,7 @@ main(int argc, char **argv) setprogname(argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); diff --git a/lib/gssapi/test_names.c b/lib/gssapi/test_names.c index abc47690b008..654661153955 100644 --- a/lib/gssapi/test_names.c +++ b/lib/gssapi/test_names.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -35,17 +35,17 @@ #include #endif +#include #include #include #include #include #include +#include +#include #include -#include #include -RCSID("$Id: test_names.c 17856 2006-07-20 05:13:25Z lha $"); - static void gss_print_errors (int min_stat) { @@ -62,7 +62,8 @@ gss_print_errors (int min_stat) &msg_ctx, &status_string); if (!GSS_ERROR(ret)) { - fprintf (stderr, "%s\n", (char *)status_string.value); + fprintf (stderr, "%.*s\n", (int)status_string.length, + (char *)status_string.value); gss_release_buffer (&new_stat, &status_string); } } while (!GSS_ERROR(ret) && msg_ctx != 0); @@ -110,7 +111,7 @@ main(int argc, char **argv) setprogname(argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -122,12 +123,15 @@ main(int argc, char **argv) argc -= optidx; argv += optidx; + gsskrb5_set_default_realm("MIT.EDU"); + /* * test import/export */ + str = NULL; len = asprintf(&str, "ftp@freeze-arrow.mit.edu"); - if (len == -1) + if (len < 0 || str == NULL) errx(1, "asprintf"); name_buffer.value = str; @@ -180,8 +184,9 @@ main(int argc, char **argv) * Dovecot SASL lib does this. */ + str = NULL; len = asprintf(&str, "lha"); - if (len == -1) + if (len < 0 || str == NULL) errx(1, "asprintf"); name_buffer.value = str; diff --git a/lib/gssapi/test_ntlm.c b/lib/gssapi/test_ntlm.c index 9bd0d1ee1cf0..9b289c27bd37 100644 --- a/lib/gssapi/test_ntlm.c +++ b/lib/gssapi/test_ntlm.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -33,22 +33,20 @@ #include "config.h" +#include #include #include #include -#include #include #include "test_common.h" -RCSID("$Id: test_ntlm.c 22423 2008-01-13 09:45:03Z lha $"); - #include #include static int test_libntlm_v1(int flags) { - const char *user = "foo", + const char *user = "foo", *domain = "mydomain", *password = "digestpassword"; OM_uint32 maj_stat, min_stat; @@ -60,7 +58,7 @@ test_libntlm_v1(int flags) struct ntlm_buf data; krb5_error_code ret; gss_name_t src_name = GSS_C_NO_NAME; - + memset(&type1, 0, sizeof(type1)); memset(&type2, 0, sizeof(type2)); memset(&type3, 0, sizeof(type3)); @@ -120,7 +118,7 @@ test_libntlm_v1(int flags) heim_ntlm_nt_key(password, &key); heim_ntlm_calculate_ntlm1(key.data, key.length, - type2.challange, + type2.challenge, &type3.ntlm); if (flags & NTLM_NEG_KEYEX) { @@ -175,7 +173,7 @@ test_libntlm_v1(int flags) static int test_libntlm_v2(int flags) { - const char *user = "foo", + const char *user = "foo", *domain = "mydomain", *password = "digestpassword"; OM_uint32 maj_stat, min_stat; @@ -186,7 +184,7 @@ test_libntlm_v2(int flags) struct ntlm_type3 type3; struct ntlm_buf data; krb5_error_code ret; - + memset(&type1, 0, sizeof(type1)); memset(&type2, 0, sizeof(type2)); memset(&type3, 0, sizeof(type3)); @@ -247,7 +245,7 @@ test_libntlm_v2(int flags) heim_ntlm_calculate_ntlm2(key.data, key.length, user, type2.targetname, - type2.challange, + type2.challenge, &type2.targetinfo, ntlmv2, &type3.ntlm); @@ -317,7 +315,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) usage(1); - + if (help_flag) usage (0); diff --git a/lib/gssapi/test_oid.c b/lib/gssapi/test_oid.c index 3beb30cb0a21..db5b7f7d11b8 100644 --- a/lib/gssapi/test_oid.c +++ b/lib/gssapi/test_oid.c @@ -1,46 +1,46 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #ifdef HAVE_CONFIG_H #include #endif +#include #include #include +#include +#include #include -#include - -RCSID("$Id: test_oid.c 20488 2007-04-21 06:29:11Z lha $"); int main(int argc, char **argv) @@ -53,7 +53,7 @@ main(int argc, char **argv) if (GSS_ERROR(maj_stat)) errx(1, "gss_oid_to_str failed"); - ret = strcmp(data.value, "1 2 840 113554 1 2 2"); + ret = strncmp(data.value, "1 2 840 113554 1 2 2", data.length); gss_release_buffer(&maj_stat, &data); if (ret) return 1; @@ -62,7 +62,7 @@ main(int argc, char **argv) if (GSS_ERROR(maj_stat)) errx(1, "gss_oid_to_str failed"); - ret = strcmp(data.value, "1 3 6 1 5 6 4"); + ret = strncmp(data.value, "1 3 6 1 5 6 4", data.length); gss_release_buffer(&maj_stat, &data); if (ret) return 1; diff --git a/lib/gssapi/version-script.map b/lib/gssapi/version-script.map index 43ea73fdb094..bcb79bf8f76e 100644 --- a/lib/gssapi/version-script.map +++ b/lib/gssapi/version-script.map @@ -1,96 +1,195 @@ -# $Id: version-script.map 20493 2007-04-21 07:56:20Z lha $ +# $Id$ -HEIMDAL_GSS_1.0 { +HEIMDAL_GSS_2.0 { global: - GSS_KRB5_MECHANISM; - GSS_NTLM_MECHANISM; - GSS_SPNEGO_MECHANISM; - GSS_SASL_DIGEST_MD5_MECHANISM; - GSS_C_NT_ANONYMOUS; - GSS_C_NT_EXPORT_NAME; - GSS_C_NT_HOSTBASED_SERVICE; - GSS_C_NT_HOSTBASED_SERVICE_X; - GSS_C_NT_MACHINE_UID_NAME; - GSS_C_NT_STRING_UID_NAME; - GSS_C_NT_USER_NAME; - GSS_KRB5_NT_PRINCIPAL_NAME; - GSS_KRB5_NT_USER_NAME; - GSS_KRB5_NT_MACHINE_UID_NAME; - GSS_KRB5_NT_STRING_UID_NAME; - gss_acquire_cred; - gss_release_cred; - gss_init_sec_context; +# __gss_c_nt_anonymous; + __gss_c_nt_anonymous_oid_desc; + __gss_c_nt_export_name_oid_desc; + __gss_c_nt_hostbased_service_oid_desc; + __gss_c_nt_hostbased_service_x_oid_desc; + __gss_c_nt_machine_uid_name_oid_desc; + __gss_c_nt_string_uid_name_oid_desc; + __gss_c_nt_user_name_oid_desc; + __gss_krb5_nt_principal_name_oid_desc; + __gss_c_attr_stream_sizes_oid_desc; + __gss_c_cred_password_oid_desc; + __gss_c_cred_certificate_oid_desc; + __gss_c_attr_local_login_user; gss_accept_sec_context; - gss_process_context_token; - gss_delete_sec_context; - gss_context_time; - gss_get_mic; - gss_verify_mic; - gss_wrap; - gss_unwrap; - gss_display_status; - gss_indicate_mechs; - gss_compare_name; - gss_display_name; - gss_import_name; - gss_export_name; - gss_release_name; - gss_release_buffer; - gss_release_oid_set; - gss_inquire_cred; - gss_inquire_context; - gss_wrap_size_limit; + gss_acquire_cred; + gss_acquire_cred_with_password; + gss_add_buffer_set_member; gss_add_cred; - gss_inquire_cred_by_mech; - gss_export_sec_context; - gss_import_sec_context; - gss_create_empty_oid_set; + gss_add_cred_with_password; gss_add_oid_set_member; - gss_test_oid_set_member; - gss_inquire_names_for_mech; - gss_inquire_mechs_for_name; + gss_authorize_localname; gss_canonicalize_name; + gss_compare_name; + gss_context_query_attributes; + gss_context_time; + gss_create_empty_buffer_set; + gss_create_empty_oid_set; + gss_decapsulate_token; + gss_delete_name_attribute; + gss_delete_sec_context; + gss_display_name; + gss_display_name_ext; + gss_display_status; gss_duplicate_name; gss_duplicate_oid; - gss_release_oid; - gss_oid_to_str; - gss_inquire_sec_context_by_oid; - gss_set_sec_context_option; - gss_set_cred_option; - gss_oid_equal; - gss_create_empty_buffer_set; - gss_add_buffer_set_member; - gss_release_buffer_set; - gss_inquire_cred_by_oid; - gss_pseudo_random; - gss_sign; - gss_verify; - gss_seal; - gss_unseal; - gss_inquire_sec_context_by_oid; gss_encapsulate_token; - gss_decapsulate_token; + gss_export_cred; + gss_export_name; + gss_export_name_composite; + gss_export_sec_context; + gss_get_mic; + gss_get_name_attribute; + gss_import_cred; + gss_import_name; + gss_import_sec_context; + gss_indicate_mechs; + gss_init_sec_context; + gss_inquire_context; + gss_inquire_cred; + gss_inquire_cred_by_mech; + gss_inquire_cred_by_oid; + gss_inquire_mechs_for_name; + gss_inquire_name; + gss_inquire_names_for_mech; + gss_inquire_sec_context_by_oid; + gss_inquire_sec_context_by_oid; gss_krb5_ccache_name; - gsskrb5_register_acceptor_identity; gss_krb5_copy_ccache; - gss_krb5_import_cred; + gss_krb5_export_lucid_sec_context; + gss_krb5_free_lucid_sec_context; gss_krb5_get_tkt_flags; - gsskrb5_extract_authz_data_from_sec_context; - gsskrb5_set_dns_canonicalize; - gsskrb5_set_send_to_kdc; - gsskrb5_set_default_realm; + gss_krb5_import_cred; + gss_krb5_set_allowable_enctypes; + gss_mg_collect_error; + gss_oid_equal; + gss_oid_to_str; + gss_pname_to_uid; + gss_process_context_token; + gss_pseudo_random; + gss_release_buffer; + gss_release_buffer_set; + gss_release_cred; + gss_release_iov_buffer; + gss_release_name; + gss_release_oid; + gss_release_oid_set; + gss_seal; + gss_set_cred_option; + gss_set_name_attribute; + gss_set_sec_context_option; + gss_sign; + gss_store_cred; + gss_test_oid_set_member; + gss_unseal; + gss_unwrap; + gss_unwrap_iov; + gss_userok; + gss_verify; + gss_verify_mic; + gss_wrap; + gss_wrap_iov; + gss_wrap_iov_length; + gss_wrap_size_limit; gsskrb5_extract_authtime_from_sec_context; + gsskrb5_extract_authz_data_from_sec_context; gsskrb5_extract_service_keyblock; gsskrb5_get_initiator_subkey; gsskrb5_get_subkey; - gss_krb5_export_lucid_sec_context; - gss_krb5_free_lucid_sec_context; - gss_krb5_set_allowable_enctypes; + gsskrb5_get_time_offset; + gsskrb5_register_acceptor_identity; + gsskrb5_set_default_realm; + gsskrb5_set_dns_canonicalize; + gsskrb5_set_send_to_kdc; + gsskrb5_set_time_offset; + krb5_gss_register_acceptor_identity; + gss_display_mech_attr; + gss_inquire_attrs_for_mech; + gss_indicate_mechs_by_attrs; + gss_inquire_mech_for_saslname; + gss_inquire_saslname_for_mech; + gss_mo_get; + gss_mo_set; + gss_mo_list; + gss_mo_name; + gss_name_to_oid; + gss_oid_to_name; # _gsskrb5cfx_ are really internal symbols, but export # then now to make testing easier. - _gsskrb5cfx_max_wrap_length_cfx; _gsskrb5cfx_wrap_length_cfx; + _gssapi_wrap_size_cfx; + + __gss_krb5_copy_ccache_x_oid_desc; + __gss_krb5_get_tkt_flags_x_oid_desc; + __gss_krb5_extract_authz_data_from_sec_context_x_oid_desc; + __gss_krb5_compat_des3_mic_x_oid_desc; + __gss_krb5_register_acceptor_identity_x_oid_desc; + __gss_krb5_export_lucid_context_x_oid_desc; + __gss_krb5_export_lucid_context_v1_x_oid_desc; + __gss_krb5_set_dns_canonicalize_x_oid_desc; + __gss_krb5_get_subkey_x_oid_desc; + __gss_krb5_get_initiator_subkey_x_oid_desc; + __gss_krb5_get_acceptor_subkey_x_oid_desc; + __gss_krb5_send_to_kdc_x_oid_desc; + __gss_krb5_get_authtime_x_oid_desc; + __gss_krb5_get_service_keyblock_x_oid_desc; + __gss_krb5_set_allowable_enctypes_x_oid_desc; + __gss_krb5_set_default_realm_x_oid_desc; + __gss_krb5_ccache_name_x_oid_desc; + __gss_krb5_set_time_offset_x_oid_desc; + __gss_krb5_get_time_offset_x_oid_desc; + __gss_krb5_plugin_register_x_oid_desc; + __gss_ntlm_get_session_key_x_oid_desc; + __gss_c_nt_ntlm_oid_desc; + __gss_c_nt_dn_oid_desc; + __gss_krb5_nt_principal_name_referral_oid_desc; + __gss_c_ntlm_avguest_oid_desc; + __gss_c_ntlm_v1_oid_desc; + __gss_c_ntlm_v2_oid_desc; + __gss_c_ntlm_session_key_oid_desc; + __gss_c_ntlm_force_v1_oid_desc; + __gss_krb5_cred_no_ci_flags_x_oid_desc; + __gss_krb5_import_cred_x_oid_desc; + __gss_c_ma_sasl_mech_name_oid_desc; + __gss_c_ma_mech_name_oid_desc; + __gss_c_ma_mech_description_oid_desc; + __gss_sasl_digest_md5_mechanism_oid_desc; + __gss_krb5_mechanism_oid_desc; + __gss_ntlm_mechanism_oid_desc; + __gss_spnego_mechanism_oid_desc; + __gss_c_peer_has_updated_spnego_oid_desc; + __gss_c_ma_mech_concrete_oid_desc; + __gss_c_ma_mech_pseudo_oid_desc; + __gss_c_ma_mech_composite_oid_desc; + __gss_c_ma_mech_nego_oid_desc; + __gss_c_ma_mech_glue_oid_desc; + __gss_c_ma_not_mech_oid_desc; + __gss_c_ma_deprecated_oid_desc; + __gss_c_ma_not_dflt_mech_oid_desc; + __gss_c_ma_itok_framed_oid_desc; + __gss_c_ma_auth_init_oid_desc; + __gss_c_ma_auth_targ_oid_desc; + __gss_c_ma_auth_init_init_oid_desc; + __gss_c_ma_auth_targ_init_oid_desc; + __gss_c_ma_auth_init_anon_oid_desc; + __gss_c_ma_auth_targ_anon_oid_desc; + __gss_c_ma_deleg_cred_oid_desc; + __gss_c_ma_integ_prot_oid_desc; + __gss_c_ma_conf_prot_oid_desc; + __gss_c_ma_mic_oid_desc; + __gss_c_ma_wrap_oid_desc; + __gss_c_ma_prot_ready_oid_desc; + __gss_c_ma_replay_det_oid_desc; + __gss_c_ma_oos_det_oid_desc; + __gss_c_ma_cbindings_oid_desc; + __gss_c_ma_pfs_oid_desc; + __gss_c_ma_compress_oid_desc; + __gss_c_ma_ctx_trans_oid_desc; local: *; diff --git a/lib/hcrypto/ChangeLog b/lib/hcrypto/ChangeLog new file mode 100644 index 000000000000..1a32025f669d --- /dev/null +++ b/lib/hcrypto/ChangeLog @@ -0,0 +1,1227 @@ +2008-06-26 Love Hörnquist Ã…strand + + * ui.c: Send newline from use to stderr, just like the + prompt. From Ted Percival. + +2008-05-20 Love Hörnquist Ã…strand + + * rand-fortuna.c: If we forked, force a reseed again. Add the pid + as part of the reseed(). + +2008-04-29 Björn Sandell + + * des.h: Add DES_set_key_unchecked + + * version-script.map: Export DES_set_key_unchecked + +2008-04-29 Love Hörnquist Ã…strand + + * evp.c: EVP_MD_CTX_init already implemented. + +2008-04-28 Love Hörnquist Ã…strand + + * evp.[ch]: deprecate functions that are needed for exported + EVP_MD_CTX. + + * evp.h: Internalize hc_EVP_MD_CTX. + + * evp.c: Internalize hc_EVP_MD_CTX. + + * mdtest.c: Use EVP_MD_CTX_create()/EVP_MD_CTX_destroy(). + + * test_cipher.c: unbreak des-test + + * evp.c: Fixup key parity before going ahead and using the key. + + * evp.c: use DES_set_key_unchecked(). + + * des.c: Remove inifinite loop in DES_set_key(). + +2008-04-27 Love Hörnquist Ã…strand + + * des.c: Document missing functions, add DES_check_key_parity(). + + * des.h: Add DES_check_key_parity, deprecate DES_set_key. + + * version-script.map: Export DES_check_key_parity. + + * des.h: DES_set_odd_parity "returns" void. + + * rand.c: Drop const warnings. + + * des.h: Sort options. + +2008-04-18 Love Hörnquist Ã…strand + + * pkcs5.c: Document PKCS5_PBKDF2_HMAC_SHA1. + + * des.c: DES is withdrawn. + + * des.c: Document using doxygen. + + * des.c: History of DES. + + * doxygen.c: History of hcrypto. + + * test_rand.c: do a head vs tail test on the random buffer. + + * test_crypto.in: Use --file to test_rand. + + * rand.c: Document, implement RAND_set_rand_engine(). + + * doxygen.c: Add reference to DES, more quick links. + + * rnd_keys.c: Reimplement using RAND_ interface. + + * des.h: Undeprecate DES_new_random_key. + + * des.c: Add documentation. + +2008-04-15 Love Hörnquist Ã…strand + + * camellia-ntt.h: Move the typedef u to camellia-ntt.h header + file. Use u32 to define KEY_TABLE_TYPE, avoids warning on + platfors where u32 is not unsigned int. + + * camellia-ntt.c: Move the typedef u to camellia-ntt.h + header file. + + * camellia.h: Drop need to camellia-ntt.h by including some more + defines. + +2008-04-11 Love Hörnquist Ã…strand + + * rnd_keys.c: deprecated. + + * des.h: c++ wrappers + deprecated. + + * aes.h: c++ wrappers + + * des.h: c++ wrappers + deprecated + + * rnd_keys.c: Use matching prototypes, prompted by bug report by + David Rosenstrauch. + +2008-03-19 Love Hörnquist Ã…strand + + * camellia.h: Drop unused defined that originates from aes. + +2008-01-11 Love Hörnquist Ã…strand + + * Makefile.am: Add extra files missing from dist. + +2007-12-30 Love Hörnquist Ã…strand + + * rsa.c: ENGINE_get_default_RSA can return NULL. + + * dh.c: more doxygen. + +2007-12-28 Love Hörnquist Ã…strand + + * evp.c: Add last of the doxygen documentation for functions in + this module. + + * evp.c: complete the EVP_MD functions doxygen. + +2007-12-11 Love Hörnquist Ã…strand + + * version-script.map: export RSA_gmp_method. + + * doxygen.c: More documentation. + + * rsa.h: add RSA_gmp_method + + * rsa-gmp.c: RSA implementation written using GMP. + + * test_dh.c: Test of DH by Matthias Koenig. + +2007-12-09 Love Hörnquist Ã…strand + + * bn.h (BN_is_negative): make argument const. + +2007-12-07 Love Hörnquist Ã…strand + + * rand.c: Can't call getpwuid(getuid()) at all since that causes + recursive lookups. Pointed out by Hai Zaar. + +2007-08-16 Love Hörnquist Ã…strand + + * test_cipher.c: Use test from camellia samples. + + * version-script.map: Export camellia. + + * test_cipher.c: Make camellia-128-cbc tests pass. + +2007-08-07 Love Hörnquist Ã…strand + + * test_cipher.c: Sprinkle EVP cipher names. + +2007-07-30 David Love + + * camellia-ntt.c: Include + +2007-07-24 Love Hörnquist Ã…strand + + * Add Camellia. + +2007-07-10 Love Hörnquist Ã…strand + + * Makefile.am: New library version. + +2007-06-30 Love Hörnquist Ã…strand + + * hmac.c (HMAC_Init_ex): also zero out key material on re-init. + +2007-06-20 Love Hörnquist Ã…strand + + * rand.c: Default to fortuna due to weired /dev/*random that + failes to deliver random data for us in hi load situations. + + * rand-fortuna.c: Reseed the random generator now and then from + external sources. + +2007-06-19 Love Hörnquist Ã…strand + + * rand-egd.c: Avoid stoping unrelated memory. + +2007-06-18 Love Hörnquist Ã…strand + + * rand-fortuna.c: Use /etc/shadow, not /dev/shadow, pointed out by + Andrew Bartlett + + * Makefile.am: add rand-timer.c + + * rand-fortuna.c: Fall back to gattering data from timer and + secret files, this is really the last resort. + + * rand-timer.c: Pick up timing diffrences in the timeing info from + realtime timer, only in use as a last resort. + + * version-script.map: Add hc_RAND_timer_method. + +2007-06-10 Love Hörnquist Ã…strand + + * test_bn.c: Add . + + * test_crypto.in: Test for random device before running the tests. + + * test_engine_dso.c: Test for random device. + + * test_bn.c (test_BN_rand): skip this test if there is no random + device + +2007-06-07 Love Hörnquist Ã…strand + + * Makefile.am: Include more ui.[ch] in libbctest. + + * version-script.map: Unexport _hc_DES_ipfp_test now there is a + separate test lib. + + * Makefile.am: Build library libhctest.la for testing and link + with that when testing. + + * version-script.map: export _hc_DES_ipfp_test + +2007-06-03 Love Hörnquist Ã…strand + + * imath: new update from Michael Fromberger + + * test_imath.c: Try to find ABR in mp_int_mul. + + * engine.c: Don't try to load gmp module. + +2007-06-02 Love Hörnquist Ã…strand + + * test_bn.c: Plug memory leak. + +2007-05-31 Love Hörnquist Ã…strand + + * imath/imath.[ch]: New snapshot for Michael Fromberger, lets see if + this corrupts memory less. + +2007-05-30 Love Hörnquist Ã…strand + + * version-script.map: Don't prefix all symbols with _ + +2007-05-10 Love Hörnquist Ã…strand + + * test_pkcs12.c: test the difference between "" and NULL password. + + * test_pkcs12.c: one more pkcs12-pbe-s2k check + +2007-04-20 Love Hörnquist Ã…strand + + * Add version-script + + * test_crypto.in: try generate a couple of rsa keys of + diffrent (random) sizes, spelling. + + * test_rsa.c: try generate a couple of rsa keys of + diffrent (random) sizes. + +2007-04-19 Love Hörnquist Ã…strand + + * mdtest.c: stop leaking memory + + * test_imath.c: fix warnings, make test into function. + + * test_imath.c: shortest program causing the problem. + + * test_imath.c: basic imath test + +2007-04-18 Love Hörnquist Ã…strand + + * test_cipher.c (test_cipher): avoid leaking memory + +2007-04-17 Love Hörnquist Ã…strand + + * rsa.c: plug memory leak + +2007-04-16 Love Hörnquist Ã…strand + + * Makefile.am: CLEANFILES += test.file + +2007-04-15 Love Hörnquist Ã…strand + + * Makefile.am: Add randi.h. + +2007-04-11 Love Hörnquist Ã…strand + + * rsa.c: spelling. + +2007-02-01 Love Hörnquist Ã…strand + + * rand.c: Name the random file ~/.rnd, this is the same as + OpenSSL. + +2007-01-31 Love Hörnquist Ã…strand + + * rand-egd.c: Make get_bytes static. + + * rand.c (RAND_write_file): default to failure. + +2007-01-30 Love Hörnquist Ã…strand + + * rand.c: Implement RAND_file_name. + + * test_rand.c: test RAND_file_name(). + + * rand.c: Provide dummy implementation of RAND_file_name. + + * rand.h: add RAND_file_name + +2007-01-21 Love Hörnquist Ã…strand + + * Makefile.am: clean more files + + * rand-egd.c: access private functions though the RAND_METHOD + switch, move global egd function to rand-egd.c + + * rand-fortuna.c: access private functions though the RAND_METHOD + switch + + * rand-unix.c: unexport private functions. + + * randi.h: Unexport internal functions. + + * rand.c: access private functions though the RAND_METHOD switch, + don't truncate the seed-file, move global egd function to + rand-egd.c + + * test_crypto.in: add basic random tests + + * rand-egd.c: SGI cc doesn' like return void_returning_function(); + in a void returning function. + +2007-01-20 Love Hörnquist Ã…strand + + * test_rand.c: Allow select rand method. + + * rand-unix.c: expose _hc_rand_unix_status + + * randi.h: expose _hc_rand_unix_status and the internal + RAND_METHODs + + * rand.c: Implement RAND_load_file and RAND_write_file. Select + UNIX random device if available, otherwise use Fortuna. + + * Add EGD/PRNGD support + +2007-01-17 Love Hörnquist Ã…strand + + * fortuna: Add fortuna based on Marko Kreen's pgcrypt, no enabled yet + +2007-01-11 Love Hörnquist Ã…strand + + * test_rsa.c: if RAND is unhappy, don't run the tests. + + * test_engine_dso.c: if RAND is unhappy, don't run the tests. + + * imath/imath.c: Update to imath-1.8 from Michael Fromberger + + Fixed a bug in s_udiv() affecting the computation of quotient + digits. Thanks to Love Ã…strand for isolating this bug. Also in + this release, defining USELLONG=Y or USELLONG=N on the command + line for make will switch support for the "long long" data type on + or off without having to edit the Makefile. The default is still + to permit use of "long long", even though the type is not standard + ANSI C90. + + * imath/imath.c (s_udiv): Allocate one more for q, remove debug + printfs + +2007-01-10 Love Hörnquist Ã…strand + + * imath/imath.c (s_udiv): make a copy of a and b before we start + to make sure there is something un-tainted to print in cause of + failure. XXX remove this delta + (s_embar): make static + +2007-01-09 Love Hörnquist Ã…strand + + * rsa.c: Correct the test if the rsa is a complete RSA private + key. + +2007-01-08 Love Hörnquist Ã…strand + + * imath/imath.c: More verbose debugging in case of assertion + failure. XXX temporary for AIX problem. + +2007-01-06 Love Hörnquist Ã…strand + + * rsa-imath.c: Fix a silly typo, and with that enable CRT since + now it works. + + * rsa-imath.c: With this crt works, but something is wrong in the + key generation, so keep it turned off for now. + + * test_rsa.c: Allow testing effect of key-blinding + + * test_rsa.c: Add timing info to rsa keygen. + + * rsa-imath.c: don't include + +2007-01-05 Love Hörnquist Ã…strand + + * imath: prune off stuff we dont use + + * imath/import.sh: Prune off stuff we don't use from imathsource + + * Makefile.am: Prune off stuff we don't use from imathsource + + * rsa-imath.c: Use mp_int_exptmod directly. + + * imath/iprime.c: Use a larger table of small primes, cut down + genenration in best cases to half compared to using a small table. + + * rsa.h: add RSA_FLAG_NO_BLINDING + + * rsa-imath.c: Add keyblinding, add a commented out CRT based RSA. + + * rsa.c: Add iqmp. + +2007-01-04 Love Hörnquist Ã…strand + + * rsa.c: add missing ; + + * rsa.c: Add i2d_RSAPrivateKey. + + * rsa.h: Add i2d_RSAPrivateKey. + + * test_rsa.c: test RSA_generate_key_ex + + * rsa-imath.c: Add imath_rsa_generate_key. + +2006-12-31 Love Hörnquist Ã…strand + + * rsa.c: add RSA_generate_key_ex + + * rsa.h: add RSA_generate_key_ex + +2006-12-07 Love Hörnquist Ã…strand + + * Makefile.am: CLEANFILES += test_crypto + +2006-12-06 Love Hörnquist Ã…strand + + * Makefile.am: Add rsakey.der to EXTRA_DIST. + +2006-12-05 Love Hörnquist Ã…strand + + * Makefile.am: Add test_crypto.in to EXTRA_DIST. + + * test_crypto.in: Add more spaces to allow sh to parse this + + * test_rsa.c: Explain what the fixed "sha1" checksum test tries to + test. + + * test_crypto.in: test rsa, dh and engine code + +2006-12-04 Love Hörnquist Ã…strand + + * Makefile.am: rsa and crypto engine test cases + + * test_rsa.c: Make faster and less verbose + + * rsakey.der: test rsa key + + * test_rsa.c: Test rsa operations + + * rsa-imath.c: Fix the rsa-decrypt failed case that been hauting + me for a while. + +2006-12-02 Love Hörnquist Ã…strand + + * rsa-imath.c: Use mp_int_to_binary to encode bignums + + * rsa-imath.c: Check if header is there + +2006-11-27 Love Hörnquist Ã…strand + + * rsa-imath.c: Return -1 for failure. + + * rsa-imath.c: Its ok with smaller signatures. + + * rsa-imath.c: Split error codes for now + +2006-10-22 Love Hörnquist Ã…strand + + * rsa.c: Try to not leak memory. + +2006-10-21 Love Hörnquist Ã…strand + + * rand-unix.c (unix_bytes): read until the other side give us all + or fail. + + * imath: import imath-1.7, fixes buffer overrun problems + + * rsa.c (RSA_free): free the whole key + + * test_engine_dso.c: Add more dh tests. + +2006-10-20 Love Hörnquist Ã…strand + + * imath/imath.c: Allocate more bits. + + * dh-imath.c (dh_compute_key): fix signness test + + * dh-imath.c: Try harder to generate a good keypair. + + * dh-imath.c: Return -1 dh_compute_key on failure, pointed out by + Olga Kornievskaia. + +2006-10-19 Love Hörnquist Ã…strand + + * Makefile.am: Add hash.h and des-tables.h. + + * dh.c (DH_compute_key): return -1 on bad public key. + + * rsa.c: remove stray ; + + * engine.c: Does function typecasts instead of void * type-casts. + + * evp.c: Does function typecasts instead of void * type-casts. + +2006-10-16 Love Hörnquist Ã…strand + + * Makefile.am: add rand-unix.c + + * rand.c: Move out rand-unix functions from the core lib. + + * rand-unix.c: Move out rand-unix functions from the core lib. + +2006-10-15 Love Hörnquist Ã…strand + + * hmac.c (HMAC_CTX_cleanup): destroy the EVP_MD_CTX, so it will be + freed. + +2006-10-14 Love Hörnquist Ã…strand + + * bn.c: Drop heim_any.h, prefix der primitives with der_ + + * rsa.c: Drop heim_any.h. + +2006-10-11 Love Hörnquist Ã…strand + + * rsa.c (RSA_free): Call the meth->finish before releasing the + engine. + +2006-10-06 Love Hörnquist Ã…strand + + * imath/imath.c: Cast argument to ctype(3) functions to (unsigned + char). + + * imath/imrat.c: Cast argument to ctype(3) functions to (unsigned + char). + +2006-09-22 Love Hörnquist Ã…strand + + * ui.c (read_string): Try to not call signaction for signal 0 and + use NSIG if it exists to determin how many signals there exists, + also, only restore those signalhandlers that we got out. + + Bug reported by and patch tested by Harald Barth. + +2006-09-15 Love Hörnquist Ã…strand + + * rsa-imath.c: Add commeted out test that exponent is > 3 + +2006-05-13 Love Hörnquist Ã…strand + + * bn.c (BN_rand): avoid shadowing. + +2006-05-12 Love Hörnquist Ã…strand + + * rsa-imath.c: Fix the last one of the asserts. + +2006-05-08 Love Hörnquist Ã…strand + + * rand.c (get_device_fd): use /dev/urandom first. + + * rctest.c: Less "pointer targets in passing argument differ in + signedness" warnings. + + * rc2test.c: Less "pointer targets in passing argument differ in + signedness" warnings. + +2006-05-07 Love Hörnquist Ã…strand + + * rsa-imath.c: Fix a off by one. + + * test_engine_dso.c: print the lengths when they don't match. + + * engine.c (ENGINE_load_builtin_engines): use RSA_imath_method for + the building engine. + + * rsa.h: expose RSA_imath_method + + * rsa.c (RSA_check_key): Do sign/verify instead. + + * dsa.c: rename the DSA_METHOD + + * dh.c: rename the DH_METHOD + + * dh-imath.c: rename the DH_METHOD + + * rsa.c: Default to use rsa-imath. + + * Makefile.am: Add rsa-imath.c to libhcrypto + + * rsa-imath.c: Add RSA support using imath. + +2006-05-06 Love Hörnquist Ã…strand + + * imath: Add imath-1.1.9 + + * dh.h: Expose DH_imath_method. + + * Makefile.am: Add imath source, add test_engine_dso to TESTS. + + * engine.c: Lets say we have RSA_null_method(), not really + useable, but still. + + * test_engine_dso.c: If there are no arguments, use the internal + engine. + + * engine.h: Cpp rename some ENGINE symbols. + + * engine.c (ENGINE_load_builtin_engines): Load the internal + engine. + + * dh.c: Default to use DH-imath. + + * dh.c (DH_check_pubkey): describe what the function do + +2006-05-05 Love Hörnquist Ã…strand + + * dh.c (DH_compute_key): check return status value from + DH_check_pubkey + + * Rename u_intXX_t to uintXX_t + +2006-04-24 Love Hörnquist Ã…strand + + * pkcs5.c: include + + * evp.c: Sprinkel some assertions. + + * des.c: Move assertion and add another restriction, used as hint + to beam that its ok + +2006-04-23 Love Hörnquist Ã…strand + + * rsa.c (RSA_check_key): don't do any checking if there is no + private key + + * engine.c (add_engine): reassign engines variable after realloc + +2006-04-21 Love Hörnquist Ã…strand + + * evp.h: Add EVP_get_cipherbyname, unbreak EVP_BytesToKey + + * evp.h: Add prototype for EVP_BytesToKey + + * evp.c: Add stub for EVP_BytesToKey + +2006-04-20 Love Hörnquist Ã…strand + + * dh.h: Add cpp-rename for DH_check_pubkey + +2006-04-17 Love Hörnquist Ã…strand + + * rand.h: Add more RAND functions. + + * rand.c: Split out unix /dev/random to a RAND_METHOD + + * engine.h: add RAND support + + * engine.c: add RAND support + + * evp.h: s/rc4_64/rc2_64/ + + * rand.c: Add RAND_METHOD and some associated functions. + + * rand.h: Add RAND_METHOD and some associated functions. + + * test_bn.c: Test BN_rand + +2006-04-16 Love Hörnquist Ã…strand + + * engine.c (ENGINE_by_dso): less printf + + * rsa.h (i2d_RSAPublicKey): fix prototype + + * rsa.c (i2d_RSAPublicKey): fix prototype + +2006-04-15 Love Hörnquist Ã…strand + + * evp.h: Add EVP_rc2_64_cbc + + * evp.c: Add EVP_rc2_64_cbc + + * evp.h: Add SHA-256 symbols. + + * evp.c: Add SHA-256. + + * sha.h: Add SHA-256 symbols. + + * mdtest.c: Test SHA-256. + + * sha256.c: Inital (naive) SHA-256 implementation. + +2006-04-14 Love Hörnquist Ã…strand + + * des.c (DES_cfb64_encrypt): add asserts that the *num pointers is + >= 0, because if it is, its a programmer error. + +2006-04-09 Love Hörnquist Ã…strand + + * rc2.c (RC2_set_key): abort on erroneous input (len <= 0) size + that will case out out bound indexing, and its invalid input. + + * rsa.c: Make compile again. + +2006-04-03 Love Hörnquist Ã…strand + + * rsa.c: Implement i2d_RSAPublicKey + + * rsa.h: Add i2d_RSAPublicKey + +2006-03-07 Love Hörnquist Ã…strand + + * Makefile.am: EVP interface depends on dlopen, add it to LIBFLAGS + +2006-02-28 Love Hörnquist Ã…strand + + * Makefile.am: Add pkcs5 files. + + * test_pkcs5.c: Testcases for pkcs5 pbe2. + + * pkcs5.c (PKCS5_PBKDF2_HMAC_SHA1): new function. + + * hmac.c: Digest key when it exceeds block size, not when it + exceeds the size of the output block. + +2006-02-16 Love Hörnquist Ã…strand + + * rand.c (RAND_bytes): Don't abort() on failure, return error. + + * bn.c (BN_rand): check return value from RAND_bytes + +2006-01-18 Love Hörnquist Ã…strand + + * dh.c (DH_compute_key): check public key + + * dh.h: Add DH_check_pubkey and defines it uses. + + * dh.c (DH_check_pubkey): New function. + + * bn.c: Remove unused fragment. + + * test_bn.c: Compare numbers with BN_cmp(). + +2006-01-17 David Love + + * bn.c: Include . + +2006-01-13 Love Hörnquist Ã…strand + + * *.h: use #include + + * Makefile.am: provide a symlink so the directory hcrypto/ seems + to exists + + * engine.h: Expose dsa symbols + + * Makefile.am: Rename library to hcrypto and install headerfiles + in hcrypto/. + + * test_pkcs12.c: Test for PKCS12_key_gen. + + * hmac.h: Drop HMAC_CTX_create and HMAC_CTX_destroy. + + * engine.c (ENGINE_add_conf_module): Also load DH + + * dh.h: Reorder includes to avoid compile errors, provide + DH_new_method(). + + * dh.c: Indent. + + * bn.c: BN_get_negative was really named BN_is_negative, a comment + confused me. + + * bn.h: BN_get_negative was really named BN_is_negative, a comment + confused me. + + * pkcs12.h: Add PKCS12_key_gen(). + + * pkcs12.c: Add PKCS12_key_gen(). + + * Makefile.am: Add test_cipher, test_pkcs12, add pkcs12.[ch]. + + * evp.c: Rename rc2_40_cbc internal variable to something better. + Unbreak des-ede3-cbc. + +2006-01-11 Love Hörnquist Ã…strand + + * test_bn.c: Test BN_uadd. + + * bn.c (BN_rand): don't leak memory on failure, catch malloc(0) + case + + * bn.c (BN_rand): clear the bits above the bits that user + requested. + (BN_uadd): new function. + + * bn.h (BN_uadd): new function. + +2006-01-10 Love Hörnquist Ã…strand + + * evp.c (EVP_CIPHER_CTX_cleanup): clean up less aggressively + + * Makefile.am (check_PROGRAMS): add test_hmac + + * test_hmac.c: Simple regression test for HMAC. + + * hmac.c: Make hmac work. + + * evp.c: return the right blocksize for digests. + +2006-01-09 Love Hörnquist Ã…strand + + * test_engine_dso.c: Add test for DH. + + * dh.c: Add DH_new_method, add ENGINE refcounting. + + * engine.[ch]: Add ENGINE_set_default_DH and ENGINE_get_default_DH + + * test_engine_dso.c: Add test for RSA encryption. + +2006-01-08 Love Hörnquist Ã…strand + + * test_engine_dso.c: Add test for RSA. + + * implement enough glue to support OpenSSLs EVP, RSA, DSA, DH, + HMAC, RAND and ENGINE interfaces for use in hx509. rename all + symbols to start with hc_ to avoid clobbering namespaces. contains + no RSA/DH/DSA code, just glue to support using dynamic + ENGINE. hx509 supports this via pkcs11 and there is a gmp ENGINE + module supporting RSA. Also contains a MD2 digest for completion. + +2005-07-20 Love Hörnquist Ã…strand + + * des.c,des.h,rnd_keys.c: change unsigned char * to void * + +2005-06-30 Love Hörnquist Ã…strand + + * rnd_keys.c: const poision for unwriteable strings + +2005-06-19 Love Hörnquist Ã…strand + + * des.c,aes.c,rc2.c: Rename parameter, as encrypt shadows a + global, from Andrew Bartlett + +2005-06-02 Love Hörnquist Ã…strand + + * rnd_keys.c: Include for srandom/random. + +2005-05-29 Love Hörnquist Ã…strand + + * des.c (DES_cbc_cksum): init u to make sure it have a value in + case of the empty in data + + * destest.c: add test for the empty password "" + +2005-05-27 Love Hörnquist Ã…strand + + * rctest.c (cipher3): used unsigned char to avoid problems with + platforms using "signed char" + +2005-05-13 Love Hörnquist Ã…strand + + * rc2.c: use unsigned char to avoid signess warning + + * des.c: use unsigned char to avoid signess warning + + * aes.c (AES_cbc_encrypt): use unsigned char to avoid signess + warning + +2005-05-03 Dave Love + + * mdtest.c: Fix typo for HAVE_STDLIB_H. + +2005-05-03 Love Hörnquist Ã…strand + + * rnd_keys.c: Enabled to build on cygwin, based on patch from + David Love + +2005-05-02 Dave Love + + * mdtest.c: Include . + +2005-04-30 Love Hörnquist Ã…strand + + * ui.c: Include . + (UI_UTIL_read_pw_string): make the prompt argument const. + + * des.h (UI_UTIL_read_pw_string): make the prompt argument const + + * ui.c (UI_UTIL_read_pw_string): remove unused variable plen + + * des.c: replace with + +2005-04-29 Dave Love + + * Makefile.am: Add LIB_roken. + +2005-04-27 Dave Love + + * sha.c: Include hash.h first. + + * md4.c: Include hash.h first. + + * md5.c: Include hash.h first. + + * hash.h: Include krb5-types.h + +2005-04-26 Dave Love + + * mdtest.c: Maybe include stdlib.h + +2005-04-10 Love Hörnquist Ã…strand + + * sha.h,md5.h, md4.h: don't include bit types, the user must do + that #ifdef wrap + + * aes.h: #ifdef wrap + +2005-03-23 Love Hörnquist Ã…strand + + * des.h: fix prototype for DES_random_key + + * rnd_keys.c: fix prototype for DES_random_key + + * des.[ch]: provide compatibility function DES_key_sched, same as + DES_set_key + +2005-03-20 Love Hörnquist Ã…strand + + * destest.c: include config.h and protect some headers + + * rnd_keys.c: move to after include so the + C99 integer types exists + +2005-03-14 Love Hörnquist Ã…strand + + * des.c: add DES_set_key_checked + + * des.h: add DES_set_key_checked + +2005-03-01 Love Hörnquist Ã…strand + + * des-tables.h: Add the missing file + +2005-02-23 Love Hörnquist Ã…strand + + * ui.c: remove dependency on asprintf + + * Makefile.am: make destest only once + + * Replace the eay DES code with key scheule setup code by me and DES + s-box and p permutation from Richard Outerbridge implemtation (in + public domain). The DES modes are implemented by me. ui.c code are + from appl/login. + + The implementation is about 3 times slower then Eric for encryption, + and about the same speed for key setup. + + +2004-08-10 Love Hörnquist Ã…strand + + * rnd_keys.c (DES_rand_data): also try /dev/arandom + +2004-06-02 Love Hörnquist Ã…strand + + * rnd_keys.c: don't include krb4 headers + + * rijndael-alg-fst.c: don't include krb4 headers + + * aes.c: don't include krb4 headers + + * aes.h: define AES_{EN,DE}CRYPT; remove #ifdefs, this is an + installed file + +2004-04-25 Love Hörnquist Ã…strand + + * rc2.c: handle non blocksized cbc messages + + * aes.[ch]: add AES_cbc_encrypt + +2004-04-24 Love Hörnquist Ã…strand + + * rc2test.c: test vectors from RFC2268 + + * rc2.c (RC2_set_key): rewrite the mask calculation + + * rc2.c (RC2_set_key): handle keys where effective bits are + diffrent from keylength + +2004-04-23 Love Hörnquist Ã…strand + + * rc2.c: rc2 implementation + + * rc2.h: rc2 implementation + + * rc2test.c: rc2 implementation + + * Makefile.am: rc2 implementation + +2004-03-25 Love Hörnquist Ã…strand + + * Makefile.am: new arcfour implementation + + * rc4.c: implemented from description in + draft-kaukonen-cipher-arcfour-03.txt + + * rc4.h: replace with new implementation + + * rc4_enc.c rc4_skey.c: remove + + * rctest.c: test for arcfour + +2003-12-07 Love Hörnquist Ã…strand + + * rnd_keys.c: uninitialized variable, from Panasas Inc + +2003-09-03 Love Hörnquist Ã…strand + + * md4.c (MD4_Final): make the function threadsafe by removing + static on the local variable zeros + + * md5.c (MD5_Final): make the function threadsafe by removing + static on the local variable zeros + + * switch to the DES_ api, dont provide any compat glue + +2003-08-27 Love Hörnquist Ã…strand + + * sha.c: make the function threadsafe by removing static on the + local variable zeros + +2003-07-23 Love Hörnquist Ã…strand + + * rijndael-alg-fst.h,rijndael-alg-fst.c,aes.c,aes.h: + Makefile.am: add AES support + +2003-03-19 Love Hörnquist Ã…strand + + * des.1: sunOS -> SunOS, from jmc + +2003-03-19 Love Hörnquist Ã…strand + + * des.1: spelling, from + +2002-08-28 Johan Danielsson + + * read_pwd.c: move NeXT SGTTY stuff here + +2001-05-17 Assar Westerlund + + * Makefile.am: bump version to 3:1:0 + +2001-05-11 Assar Westerlund + + * str2key.c (des_string_to_key, des_string_to_2keys): avoid weak + keys + +2001-02-16 Assar Westerlund + + * set_key.c: correct weak keys and update comment + +2001-02-14 Assar Westerlund + + * set_key.c: correct the two last weak keys in accordance with + FIPS 74. noted by + +2001-01-30 Assar Westerlund + + * Makefile.am (libdes_la_LDFLAGS): bump version to 3:0:0 + +2000-10-19 Assar Westerlund + + * Makefile.in (LIBSRC, LIBOBJ): add rc4* and enc_{read,write} + files so that this library contains the same things as libdes in + Heimdal + +2000-08-16 Assar Westerlund + + * Makefile.am: bump version to 2:1:0 + +2000-08-03 Johan Danielsson + + * enc_writ.c: BSIZE -> des_BSIZE to avoid conflicts with AIX + jfs/fsparam.h + + * enc_read.c: BSIZE -> des_BSIZE to avoid conflicts with AIX + jfs/fsparam.h + + * des_locl.h: BSIZE -> des_BSIZE to avoid conflicts with AIX + jfs/fsparam.h + +2000-02-07 Assar Westerlund + + * Makefile.am: set version to 2:0:0 + +2000-01-26 Assar Westerlund + + * mdtest.c: update to pseudo-standard APIs for md4,md5,sha. + * md4.c, md4.h, md5.c, md5.h, sha.c, sha.h: move to the + pseudo-standard APIs + +1999-12-06 Assar Westerlund + + * Makefile.am: set version to 1:0:1 + +1999-11-29 Assar Westerlund + + * fcrypt.c (crypt_md5): add trailing $ + +1999-11-13 Assar Westerlund + + * Makefile.am (include_HEADERS): add rc4.h + (libdes_la_SOURCES): add rc4_skey.c + +1999-10-28 Assar Westerlund + + * md5crypt_test.c: change the test case. apparently we should not + include $ after the salt. also make it print more useful stuff + when failing. + +1999-10-20 Assar Westerlund + + * Makefile.am: bump version to 0:2:0 + +1999-09-21 Johan Danielsson + + * des.h: make this work with mips 64-bit abi + +1999-08-14 Johan Danielsson + + * fcrypt.c (crypt_md5): don't use snprintf + +1999-08-13 Assar Westerlund + + * Makefile.am: add md5crypt_test + + * Makefile.in: add md5crypt_test + + * md5crypt_test.c: test md5 crypt + + * fcrypt.c: always enable md5 crypt + +1999-07-26 Johan Danielsson + + * Makefile.am: bump version number (changes to md*, sha) + +1999-06-15 Assar Westerlund + + * sha.c (swap_u_int32_t): add _CRAY + +Sat Apr 10 23:02:30 1999 Johan Danielsson + + * destest.c: fixes for crays + +Thu Apr 1 11:26:38 1999 Johan Danielsson + + * Makefile.am: noinst_PROGRAMS -> check_PROGRAMS; add TESTS; don't + build rpw, and speed + +Mon Mar 22 20:16:26 1999 Johan Danielsson + + * Makefile.am: hash.h + + * sha.c: use hash.h; fixes for crays + + * md5.c: use hash.h; fixes for crays + + * md4.c: use hash.h; fixes for crays + + * hash.h: common stuff from md4, md5, and sha1 + +Sat Mar 20 00:16:53 1999 Assar Westerlund + + * rnd_keys.c (des_rand_data): move declaration to get rid of + warning + +Thu Mar 18 11:22:28 1999 Johan Danielsson + + * Makefile.am: include Makefile.am.common + +Mon Mar 15 17:36:41 1999 Johan Danielsson + + * rnd_keys.c (des_rand_data): if not using setitimer, block + SIGCHLD around fork(), also make sure we get the status of the + child process + (fake_signal): emulate signal using sigaction + +Tue Jan 12 05:06:54 1999 Assar Westerlund + + * des.h: sparcv9 is also 64 bits, use `unsigned int' instead of + `unsigned long' + +Sun Nov 22 10:40:09 1998 Assar Westerlund + + * Makefile.in (WFLAGS): set + +Mon May 25 05:24:56 1998 Assar Westerlund + + * Makefile.in (clean): try to remove shared library debris + +Sun Apr 19 09:50:53 1998 Assar Westerlund + + * Makefile.in: add symlink magic for linux + +Sun Nov 9 07:14:45 1997 Assar Westerlund + + * mdtest.c: print out old and new string + diff --git a/lib/hcrypto/DESperate.txt b/lib/hcrypto/DESperate.txt new file mode 100644 index 000000000000..3d793e9d8793 --- /dev/null +++ b/lib/hcrypto/DESperate.txt @@ -0,0 +1,108 @@ +The hunt for getting a DES with plain BSD license w/o advertisement clause +========================================================================== + +$Id$ + +This all feels very silly given that DES is about 30 years old and now +is deprecated. + +Helpful documents on the way: + +Schider's crypto wasn't that useful since it only told how to do DES, +not how to do des fast or how to not use DES. I find this to be a +common thread in the book, it explain each tool in great detail, but +not its limitations. + +Dag Arne Osvik: Efficient Implementation of the Data Encryption Standard + +Some threads on sci.crypto was also useful. + +PC1 transformations +=================== + + +Getting the PC1 bit mangling working was hard, I never got it to work. + +Printning out the bit usage made me realize a lookup table could be +used since only 12 bits are used from the first half and 16 from the +second. + +01110000 01110000 01110000 01110000 01111000 01111000 01111000 01111000 +00001111 00001111 00001111 00001111 00000111 00000111 00000111 00000111 + +The pattern is getting more obvious if it's printed out where the bits +are coming from. + + 8 16 24 - - - - - + 7 15 23 - - - - - + 6 14 22 - - - - - + 5 13 21 - - - - - + 4 12 20 28 - - - - + 3 11 19 27 - - - - + 2 10 18 26 - - - - + 1 9 17 25 - - - - + + - - - 60 56 48 40 - + - - - 59 55 47 39 - + - - - 58 54 46 38 - + - - - 57 53 45 37 - + - - - - 52 44 36 - + - - - - 51 43 35 - + - - - - 50 42 34 - + - - - - 49 41 33 - + +Only 3 bits-table is needed for the first half and 4 bits for the +second half because they are on diffrent shift offsets. + +So to get the bitpattern bit-pattern + +gen_pattern("pc1_c_3", 7, [ 5, 13, 21 ], 0, 0x1000000); +gen_pattern("pc1_c_4", 15, [ 1, 9, 17, 25 ], 0, 0x1000000); +gen_pattern("pc1_d_3", 7, [ 49, 41, 33 ], 32, 0x1000000); +gen_pattern("pc1_d_4", 15, [ 57, 53, 45, 37 ], 32, 0x1000000); + +PC2 transformations +=================== + +PC2 is also a table lookup, since it's a 24 bit field, I use 4 6-bit +lookup tables. Printing the reverse of the PC2 table reveal that some +of the bits are not used, namely (9, 18, 22, 25) from c and (7, 10, +15, 26) from d. + +pc2 from c +---------- + + 5 24 7 16 6 10 20 +18 - 12 3 15 23 1 + 9 19 2 - 14 22 11 + - 13 4 - 17 21 8 + +pc2 from d +---------- + +51 35 31 52 39 45 - +50 32 - 43 36 29 48 + - 41 38 47 33 40 42 +49 37 30 46 - 34 44 + +So we generate tables for that too. + +gen_pattern("pc2_c_1", 63, [ 5, 24, 7, 16, 6, 10 ], 0, 0x800000); +gen_pattern("pc2_c_2", 63, [ 20, 18, 12, 3, 15, 23 ], 0, 0x800000); +gen_pattern("pc2_c_3", 63, [ 1, 9, 19, 2, 14, 22 ], 0, 0x800000); +gen_pattern("pc2_c_4", 63, [ 11, 13, 4, 17, 21, 8 ], 0, 0x800000); + +gen_pattern("pc2_d_1", 63, [ 51, 35, 31, 52, 39, 45 ], 28, 0x800000); +gen_pattern("pc2_d_2", 63, [ 50, 32, 43, 36, 29, 48 ], 28, 0x800000); +gen_pattern("pc2_d_3", 63, [ 41, 38, 47, 33, 40, 42 ], 28, 0x800000); +gen_pattern("pc2_d_4", 63, [ 49, 37, 30, 46, 34, 44 ], 28, 0x800000); + + +SBOX transformations +==================== + +The SBOX transformations are 6 bit to 4 bit transformations. + +Here I grew tired and used Richard Outerbridge SBOXes. Thank you +Richard. + diff --git a/lib/hcrypto/Makefile.am b/lib/hcrypto/Makefile.am new file mode 100644 index 000000000000..0286c8995feb --- /dev/null +++ b/lib/hcrypto/Makefile.am @@ -0,0 +1,337 @@ +# $Id$ + +include $(top_srcdir)/Makefile.am.common + +AM_CPPFLAGS += -I$(srcdir)/libtommath -DUSE_HCRYPTO_LTM=1 + +lib_LTLIBRARIES = libhcrypto.la +check_LTLIBRARIES = libhctest.la + +libhcrypto_la_LDFLAGS = -version-info 5:0:1 +libhcrypto_la_LIBADD = \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_dlopen) \ + $(LIBADD_roken) + +hcryptoincludedir = $(includedir)/hcrypto +buildhcryptoinclude = $(buildinclude)/hcrypto + +hcryptoinclude_HEADERS = \ + aes.h \ + bn.h \ + des.h \ + dh.h \ + dsa.h \ + ec.h \ + ecdh.h \ + ecdsa.h \ + engine.h \ + evp.h \ + evp-hcrypto.h \ + evp-cc.h \ + hmac.h \ + md2.h \ + md4.h \ + md5.h \ + pkcs12.h \ + rand.h \ + rc2.h \ + rc4.h \ + rsa.h \ + sha.h \ + ui.h + +install-build-headers:: $(hcryptoinclude_HEADERS) + @foo='$(hcryptoinclude_HEADERS)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildhcryptoinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo "cp $$file $(buildhcryptoinclude)/$$f";\ + cp $$file $(buildhcryptoinclude)/$$f; \ + fi ; \ + done + +PROGRAM_TESTS = \ + destest \ + mdtest \ + rc2test \ + rctest \ + test_bn \ + test_cipher \ + test_engine_dso \ + test_hmac \ + test_pkcs12 \ + test_pkcs5 + +libhctest_la_SOURCES = \ + des-tables.h \ + des.c \ + des.h \ + ui.c \ + ui.h + +destest_LDADD = libhctest.la $(LIB_roken) + +SCRIPT_TESTS = \ + test_crypto + +noinst_PROGRAMS = test_rand + +check_PROGRAMS = $(PROGRAM_TESTS) test_rsa test_dh example_evp_cipher +check_SCRIPTS = $(SCRIPT_TESTS) + +TESTS = $(PROGRAM_TESTS) $(SCRIPT_TESTS) + +LDADD = $(lib_LTLIBRARIES) $(LIB_roken) + +libhcrypto_la_SOURCES = \ + $(ltmsources) \ + aes.c \ + aes.h \ + bn.c \ + bn.h \ + common.c \ + common.h \ + camellia.h \ + camellia.c \ + camellia-ntt.c \ + camellia-ntt.h \ + des-tables.h \ + des.c \ + des.h \ + dh.c \ + dh.h \ + dh-ltm.c \ + dsa.c \ + dsa.h \ + doxygen.c \ + evp.c \ + evp.h \ + evp-hcrypto.c \ + evp-cc.c \ + engine.c \ + engine.h \ + hash.h \ + hmac.c \ + hmac.h \ + md2.c \ + md2.h \ + md4.c \ + md4.h \ + md5.c \ + md5.h \ + pkcs5.c \ + pkcs12.c \ + rand-egd.c \ + rand-fortuna.c \ + rand-timer.c \ + rand-unix.c \ + rand.c \ + rand.h \ + randi.h \ + rc2.c \ + rc2.h \ + rc4.c \ + rc4.h \ + rijndael-alg-fst.c \ + rijndael-alg-fst.h \ + rnd_keys.c \ + rsa.c \ + rsa-gmp.c \ + rsa-ltm.c \ + rsa.h \ + sha.c \ + sha.h \ + sha256.c \ + sha512.c \ + validate.c \ + ui.c \ + ui.h + +ltmsources = \ + libtommath/tommath.h \ + libtommath/tommath_class.h \ + libtommath/tommath_superclass.h \ + libtommath/bncore.c \ + libtommath/bn_mp_init.c \ + libtommath/bn_mp_clear.c \ + libtommath/bn_mp_exch.c \ + libtommath/bn_mp_grow.c \ + libtommath/bn_mp_shrink.c \ + libtommath/bn_mp_clamp.c \ + libtommath/bn_mp_zero.c \ + libtommath/bn_mp_zero_multi.c \ + libtommath/bn_mp_set.c \ + libtommath/bn_mp_set_int.c \ + libtommath/bn_mp_init_size.c \ + libtommath/bn_mp_copy.c \ + libtommath/bn_mp_init_copy.c \ + libtommath/bn_mp_abs.c \ + libtommath/bn_mp_neg.c \ + libtommath/bn_mp_cmp_mag.c \ + libtommath/bn_mp_cmp.c \ + libtommath/bn_mp_cmp_d.c \ + libtommath/bn_mp_rshd.c \ + libtommath/bn_mp_lshd.c \ + libtommath/bn_mp_mod_2d.c \ + libtommath/bn_mp_div_2d.c \ + libtommath/bn_mp_mul_2d.c \ + libtommath/bn_mp_div_2.c \ + libtommath/bn_mp_mul_2.c \ + libtommath/bn_s_mp_add.c \ + libtommath/bn_s_mp_sub.c \ + libtommath/bn_fast_s_mp_mul_digs.c \ + libtommath/bn_s_mp_mul_digs.c \ + libtommath/bn_fast_s_mp_mul_high_digs.c \ + libtommath/bn_s_mp_mul_high_digs.c \ + libtommath/bn_fast_s_mp_sqr.c \ + libtommath/bn_s_mp_sqr.c \ + libtommath/bn_mp_add.c \ + libtommath/bn_mp_sub.c \ + libtommath/bn_mp_karatsuba_mul.c \ + libtommath/bn_mp_mul.c \ + libtommath/bn_mp_karatsuba_sqr.c \ + libtommath/bn_mp_sqr.c \ + libtommath/bn_mp_div.c \ + libtommath/bn_mp_mod.c \ + libtommath/bn_mp_add_d.c \ + libtommath/bn_mp_sub_d.c \ + libtommath/bn_mp_mul_d.c \ + libtommath/bn_mp_div_d.c \ + libtommath/bn_mp_mod_d.c \ + libtommath/bn_mp_expt_d.c \ + libtommath/bn_mp_addmod.c \ + libtommath/bn_mp_submod.c \ + libtommath/bn_mp_mulmod.c \ + libtommath/bn_mp_sqrmod.c \ + libtommath/bn_mp_gcd.c \ + libtommath/bn_mp_lcm.c \ + libtommath/bn_fast_mp_invmod.c \ + libtommath/bn_mp_invmod.c \ + libtommath/bn_mp_reduce.c \ + libtommath/bn_mp_montgomery_setup.c \ + libtommath/bn_fast_mp_montgomery_reduce.c \ + libtommath/bn_mp_montgomery_reduce.c \ + libtommath/bn_mp_exptmod_fast.c \ + libtommath/bn_mp_exptmod.c \ + libtommath/bn_mp_2expt.c \ + libtommath/bn_mp_n_root.c \ + libtommath/bn_mp_jacobi.c \ + libtommath/bn_reverse.c \ + libtommath/bn_mp_count_bits.c \ + libtommath/bn_mp_read_unsigned_bin.c \ + libtommath/bn_mp_read_signed_bin.c \ + libtommath/bn_mp_to_unsigned_bin.c \ + libtommath/bn_mp_to_signed_bin.c \ + libtommath/bn_mp_unsigned_bin_size.c \ + libtommath/bn_mp_signed_bin_size.c \ + libtommath/bn_mp_xor.c \ + libtommath/bn_mp_and.c \ + libtommath/bn_mp_or.c \ + libtommath/bn_mp_rand.c \ + libtommath/bn_mp_montgomery_calc_normalization.c \ + libtommath/bn_mp_prime_is_divisible.c \ + libtommath/bn_prime_tab.c \ + libtommath/bn_mp_prime_fermat.c \ + libtommath/bn_mp_prime_miller_rabin.c \ + libtommath/bn_mp_prime_is_prime.c \ + libtommath/bn_mp_prime_next_prime.c \ + libtommath/bn_mp_find_prime.c \ + libtommath/bn_mp_isprime.c \ + libtommath/bn_mp_dr_reduce.c \ + libtommath/bn_mp_dr_is_modulus.c \ + libtommath/bn_mp_dr_setup.c \ + libtommath/bn_mp_reduce_setup.c \ + libtommath/bn_mp_toom_mul.c \ + libtommath/bn_mp_toom_sqr.c \ + libtommath/bn_mp_div_3.c \ + libtommath/bn_s_mp_exptmod.c \ + libtommath/bn_mp_reduce_2k.c \ + libtommath/bn_mp_reduce_is_2k.c \ + libtommath/bn_mp_reduce_2k_setup.c \ + libtommath/bn_mp_reduce_2k_l.c \ + libtommath/bn_mp_reduce_is_2k_l.c \ + libtommath/bn_mp_reduce_2k_setup_l.c \ + libtommath/bn_mp_radix_smap.c \ + libtommath/bn_mp_read_radix.c \ + libtommath/bn_mp_toradix.c \ + libtommath/bn_mp_radix_size.c \ + libtommath/bn_mp_fread.c \ + libtommath/bn_mp_fwrite.c \ + libtommath/bn_mp_cnt_lsb.c \ + libtommath/bn_error.c \ + libtommath/bn_mp_init_multi.c \ + libtommath/bn_mp_clear_multi.c \ + libtommath/bn_mp_exteuclid.c \ + libtommath/bn_mp_toradix_n.c \ + libtommath/bn_mp_prime_random_ex.c \ + libtommath/bn_mp_get_int.c \ + libtommath/bn_mp_sqrt.c \ + libtommath/bn_mp_is_square.c \ + libtommath/bn_mp_init_set.c \ + libtommath/bn_mp_init_set_int.c \ + libtommath/bn_mp_invmod_slow.c \ + libtommath/bn_mp_prime_rabin_miller_trials.c \ + libtommath/bn_mp_to_signed_bin_n.c \ + libtommath/bn_mp_to_unsigned_bin_n.c + + +$(libhcrypto_la_OBJECTS): hcrypto-link + +libhcrypto_la_CPPFLAGS = -DBUILD_HCRYPTO_LIB $(AM_CPPFLAGS) + +if versionscript +libhcrypto_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map +endif +$(libhcrypto_la_OBJECTS): $(srcdir)/version-script.map + + +hcrypto-link: + $(LN_S) $(srcdir)/../hcrypto hcrypto + touch hcrypto-link + +do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' -e 's,[@]exeext[@],$(exeext),g' + +test_crypto: test_crypto.in Makefile + $(do_subst) < $(srcdir)/test_crypto.in > test_crypto.tmp + chmod +x test_crypto.tmp + mv test_crypto.tmp test_crypto + +CLEANFILES = \ + crypto-test \ + crypto-test2 \ + error \ + hcrypto \ + hcrypto-link \ + test.file \ + test_crypto \ + test-out* \ + test_crypto.tmp \ + test_crypto.tmp + +EXTRA_DIST = \ + NTMakefile \ + DESperate.txt \ + passwd_dialog.rc \ + libhcrypto-exports.def \ + dllmain.c \ + ec.h \ + ecdh.h \ + ecdsa.h \ + gen-des.pl \ + md5crypt_test.c \ + passwd_dialog.aps \ + passwd_dialog.clw \ + passwd_dialog.rc \ + passwd_dialog.res \ + passwd_dlg.c \ + passwd_dlg.h \ + resource.h \ + rsakey.der \ + rsakey2048.der \ + rsakey4096.der \ + test_crypto.in \ + version-script.map diff --git a/lib/hcrypto/Makefile.in b/lib/hcrypto/Makefile.in new file mode 100644 index 000000000000..f1bbb98f7192 --- /dev/null +++ b/lib/hcrypto/Makefile.in @@ -0,0 +1,2858 @@ +# Makefile.in generated by automake 1.11.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# $Id$ + +# $Id$ + +# $Id$ + + + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +DIST_COMMON = $(hcryptoinclude_HEADERS) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ + $(top_srcdir)/cf/Makefile.am.common ChangeLog +noinst_PROGRAMS = test_rand$(EXEEXT) +check_PROGRAMS = $(am__EXEEXT_1) test_rsa$(EXEEXT) test_dh$(EXEEXT) \ + example_evp_cipher$(EXEEXT) +TESTS = $(am__EXEEXT_1) $(SCRIPT_TESTS) +@versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map +subdir = lib/hcrypto +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ + $(top_srcdir)/cf/broken-getaddrinfo.m4 \ + $(top_srcdir)/cf/broken-glob.m4 \ + $(top_srcdir)/cf/broken-realloc.m4 \ + $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ + $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ + $(top_srcdir)/cf/capabilities.m4 \ + $(top_srcdir)/cf/check-compile-et.m4 \ + $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ + $(top_srcdir)/cf/check-man.m4 \ + $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ + $(top_srcdir)/cf/check-type-extra.m4 \ + $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ + $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ + $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/find-func-no-libs.m4 \ + $(top_srcdir)/cf/find-func-no-libs2.m4 \ + $(top_srcdir)/cf/find-func.m4 \ + $(top_srcdir)/cf/find-if-not-broken.m4 \ + $(top_srcdir)/cf/framework-security.m4 \ + $(top_srcdir)/cf/have-struct-field.m4 \ + $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ + $(top_srcdir)/cf/krb-bigendian.m4 \ + $(top_srcdir)/cf/krb-func-getlogin.m4 \ + $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ + $(top_srcdir)/cf/krb-readline.m4 \ + $(top_srcdir)/cf/krb-struct-spwd.m4 \ + $(top_srcdir)/cf/krb-struct-winsize.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ + $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ + $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ + $(top_srcdir)/cf/roken-frag.m4 \ + $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ + $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ + $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ + $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/include/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__installdirs = "$(DESTDIR)$(libdir)" \ + "$(DESTDIR)$(hcryptoincludedir)" +LTLIBRARIES = $(lib_LTLIBRARIES) +am__DEPENDENCIES_1 = +libhcrypto_la_DEPENDENCIES = $(top_builddir)/lib/asn1/libasn1.la \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +am__objects_1 = libhcrypto_la-bncore.lo libhcrypto_la-bn_mp_init.lo \ + libhcrypto_la-bn_mp_clear.lo libhcrypto_la-bn_mp_exch.lo \ + libhcrypto_la-bn_mp_grow.lo libhcrypto_la-bn_mp_shrink.lo \ + libhcrypto_la-bn_mp_clamp.lo libhcrypto_la-bn_mp_zero.lo \ + libhcrypto_la-bn_mp_zero_multi.lo libhcrypto_la-bn_mp_set.lo \ + libhcrypto_la-bn_mp_set_int.lo \ + libhcrypto_la-bn_mp_init_size.lo libhcrypto_la-bn_mp_copy.lo \ + libhcrypto_la-bn_mp_init_copy.lo libhcrypto_la-bn_mp_abs.lo \ + libhcrypto_la-bn_mp_neg.lo libhcrypto_la-bn_mp_cmp_mag.lo \ + libhcrypto_la-bn_mp_cmp.lo libhcrypto_la-bn_mp_cmp_d.lo \ + libhcrypto_la-bn_mp_rshd.lo libhcrypto_la-bn_mp_lshd.lo \ + libhcrypto_la-bn_mp_mod_2d.lo libhcrypto_la-bn_mp_div_2d.lo \ + libhcrypto_la-bn_mp_mul_2d.lo libhcrypto_la-bn_mp_div_2.lo \ + libhcrypto_la-bn_mp_mul_2.lo libhcrypto_la-bn_s_mp_add.lo \ + libhcrypto_la-bn_s_mp_sub.lo \ + libhcrypto_la-bn_fast_s_mp_mul_digs.lo \ + libhcrypto_la-bn_s_mp_mul_digs.lo \ + libhcrypto_la-bn_fast_s_mp_mul_high_digs.lo \ + libhcrypto_la-bn_s_mp_mul_high_digs.lo \ + libhcrypto_la-bn_fast_s_mp_sqr.lo libhcrypto_la-bn_s_mp_sqr.lo \ + libhcrypto_la-bn_mp_add.lo libhcrypto_la-bn_mp_sub.lo \ + libhcrypto_la-bn_mp_karatsuba_mul.lo \ + libhcrypto_la-bn_mp_mul.lo \ + libhcrypto_la-bn_mp_karatsuba_sqr.lo \ + libhcrypto_la-bn_mp_sqr.lo libhcrypto_la-bn_mp_div.lo \ + libhcrypto_la-bn_mp_mod.lo libhcrypto_la-bn_mp_add_d.lo \ + libhcrypto_la-bn_mp_sub_d.lo libhcrypto_la-bn_mp_mul_d.lo \ + libhcrypto_la-bn_mp_div_d.lo libhcrypto_la-bn_mp_mod_d.lo \ + libhcrypto_la-bn_mp_expt_d.lo libhcrypto_la-bn_mp_addmod.lo \ + libhcrypto_la-bn_mp_submod.lo libhcrypto_la-bn_mp_mulmod.lo \ + libhcrypto_la-bn_mp_sqrmod.lo libhcrypto_la-bn_mp_gcd.lo \ + libhcrypto_la-bn_mp_lcm.lo libhcrypto_la-bn_fast_mp_invmod.lo \ + libhcrypto_la-bn_mp_invmod.lo libhcrypto_la-bn_mp_reduce.lo \ + libhcrypto_la-bn_mp_montgomery_setup.lo \ + libhcrypto_la-bn_fast_mp_montgomery_reduce.lo \ + libhcrypto_la-bn_mp_montgomery_reduce.lo \ + libhcrypto_la-bn_mp_exptmod_fast.lo \ + libhcrypto_la-bn_mp_exptmod.lo libhcrypto_la-bn_mp_2expt.lo \ + libhcrypto_la-bn_mp_n_root.lo libhcrypto_la-bn_mp_jacobi.lo \ + libhcrypto_la-bn_reverse.lo libhcrypto_la-bn_mp_count_bits.lo \ + libhcrypto_la-bn_mp_read_unsigned_bin.lo \ + libhcrypto_la-bn_mp_read_signed_bin.lo \ + libhcrypto_la-bn_mp_to_unsigned_bin.lo \ + libhcrypto_la-bn_mp_to_signed_bin.lo \ + libhcrypto_la-bn_mp_unsigned_bin_size.lo \ + libhcrypto_la-bn_mp_signed_bin_size.lo \ + libhcrypto_la-bn_mp_xor.lo libhcrypto_la-bn_mp_and.lo \ + libhcrypto_la-bn_mp_or.lo libhcrypto_la-bn_mp_rand.lo \ + libhcrypto_la-bn_mp_montgomery_calc_normalization.lo \ + libhcrypto_la-bn_mp_prime_is_divisible.lo \ + libhcrypto_la-bn_prime_tab.lo \ + libhcrypto_la-bn_mp_prime_fermat.lo \ + libhcrypto_la-bn_mp_prime_miller_rabin.lo \ + libhcrypto_la-bn_mp_prime_is_prime.lo \ + libhcrypto_la-bn_mp_prime_next_prime.lo \ + libhcrypto_la-bn_mp_find_prime.lo \ + libhcrypto_la-bn_mp_isprime.lo \ + libhcrypto_la-bn_mp_dr_reduce.lo \ + libhcrypto_la-bn_mp_dr_is_modulus.lo \ + libhcrypto_la-bn_mp_dr_setup.lo \ + libhcrypto_la-bn_mp_reduce_setup.lo \ + libhcrypto_la-bn_mp_toom_mul.lo \ + libhcrypto_la-bn_mp_toom_sqr.lo libhcrypto_la-bn_mp_div_3.lo \ + libhcrypto_la-bn_s_mp_exptmod.lo \ + libhcrypto_la-bn_mp_reduce_2k.lo \ + libhcrypto_la-bn_mp_reduce_is_2k.lo \ + libhcrypto_la-bn_mp_reduce_2k_setup.lo \ + libhcrypto_la-bn_mp_reduce_2k_l.lo \ + libhcrypto_la-bn_mp_reduce_is_2k_l.lo \ + libhcrypto_la-bn_mp_reduce_2k_setup_l.lo \ + libhcrypto_la-bn_mp_radix_smap.lo \ + libhcrypto_la-bn_mp_read_radix.lo \ + libhcrypto_la-bn_mp_toradix.lo \ + libhcrypto_la-bn_mp_radix_size.lo libhcrypto_la-bn_mp_fread.lo \ + libhcrypto_la-bn_mp_fwrite.lo libhcrypto_la-bn_mp_cnt_lsb.lo \ + libhcrypto_la-bn_error.lo libhcrypto_la-bn_mp_init_multi.lo \ + libhcrypto_la-bn_mp_clear_multi.lo \ + libhcrypto_la-bn_mp_exteuclid.lo \ + libhcrypto_la-bn_mp_toradix_n.lo \ + libhcrypto_la-bn_mp_prime_random_ex.lo \ + libhcrypto_la-bn_mp_get_int.lo libhcrypto_la-bn_mp_sqrt.lo \ + libhcrypto_la-bn_mp_is_square.lo \ + libhcrypto_la-bn_mp_init_set.lo \ + libhcrypto_la-bn_mp_init_set_int.lo \ + libhcrypto_la-bn_mp_invmod_slow.lo \ + libhcrypto_la-bn_mp_prime_rabin_miller_trials.lo \ + libhcrypto_la-bn_mp_to_signed_bin_n.lo \ + libhcrypto_la-bn_mp_to_unsigned_bin_n.lo +am_libhcrypto_la_OBJECTS = $(am__objects_1) libhcrypto_la-aes.lo \ + libhcrypto_la-bn.lo libhcrypto_la-common.lo \ + libhcrypto_la-camellia.lo libhcrypto_la-camellia-ntt.lo \ + libhcrypto_la-des.lo libhcrypto_la-dh.lo \ + libhcrypto_la-dh-ltm.lo libhcrypto_la-dsa.lo \ + libhcrypto_la-doxygen.lo libhcrypto_la-evp.lo \ + libhcrypto_la-evp-hcrypto.lo libhcrypto_la-evp-cc.lo \ + libhcrypto_la-engine.lo libhcrypto_la-hmac.lo \ + libhcrypto_la-md2.lo libhcrypto_la-md4.lo libhcrypto_la-md5.lo \ + libhcrypto_la-pkcs5.lo libhcrypto_la-pkcs12.lo \ + libhcrypto_la-rand-egd.lo libhcrypto_la-rand-fortuna.lo \ + libhcrypto_la-rand-timer.lo libhcrypto_la-rand-unix.lo \ + libhcrypto_la-rand.lo libhcrypto_la-rc2.lo \ + libhcrypto_la-rc4.lo libhcrypto_la-rijndael-alg-fst.lo \ + libhcrypto_la-rnd_keys.lo libhcrypto_la-rsa.lo \ + libhcrypto_la-rsa-gmp.lo libhcrypto_la-rsa-ltm.lo \ + libhcrypto_la-sha.lo libhcrypto_la-sha256.lo \ + libhcrypto_la-sha512.lo libhcrypto_la-validate.lo \ + libhcrypto_la-ui.lo +libhcrypto_la_OBJECTS = $(am_libhcrypto_la_OBJECTS) +libhcrypto_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libhcrypto_la_LDFLAGS) $(LDFLAGS) -o $@ +libhctest_la_LIBADD = +am_libhctest_la_OBJECTS = des.lo ui.lo +libhctest_la_OBJECTS = $(am_libhctest_la_OBJECTS) +am__EXEEXT_1 = destest$(EXEEXT) mdtest$(EXEEXT) rc2test$(EXEEXT) \ + rctest$(EXEEXT) test_bn$(EXEEXT) test_cipher$(EXEEXT) \ + test_engine_dso$(EXEEXT) test_hmac$(EXEEXT) \ + test_pkcs12$(EXEEXT) test_pkcs5$(EXEEXT) +PROGRAMS = $(noinst_PROGRAMS) +destest_SOURCES = destest.c +destest_OBJECTS = destest.$(OBJEXT) +destest_DEPENDENCIES = libhctest.la $(am__DEPENDENCIES_1) +example_evp_cipher_SOURCES = example_evp_cipher.c +example_evp_cipher_OBJECTS = example_evp_cipher.$(OBJEXT) +example_evp_cipher_LDADD = $(LDADD) +example_evp_cipher_DEPENDENCIES = $(lib_LTLIBRARIES) \ + $(am__DEPENDENCIES_1) +mdtest_SOURCES = mdtest.c +mdtest_OBJECTS = mdtest.$(OBJEXT) +mdtest_LDADD = $(LDADD) +mdtest_DEPENDENCIES = $(lib_LTLIBRARIES) $(am__DEPENDENCIES_1) +rc2test_SOURCES = rc2test.c +rc2test_OBJECTS = rc2test.$(OBJEXT) +rc2test_LDADD = $(LDADD) +rc2test_DEPENDENCIES = $(lib_LTLIBRARIES) $(am__DEPENDENCIES_1) +rctest_SOURCES = rctest.c +rctest_OBJECTS = rctest.$(OBJEXT) +rctest_LDADD = $(LDADD) +rctest_DEPENDENCIES = $(lib_LTLIBRARIES) $(am__DEPENDENCIES_1) +test_bn_SOURCES = test_bn.c +test_bn_OBJECTS = test_bn.$(OBJEXT) +test_bn_LDADD = $(LDADD) +test_bn_DEPENDENCIES = $(lib_LTLIBRARIES) $(am__DEPENDENCIES_1) +test_cipher_SOURCES = test_cipher.c +test_cipher_OBJECTS = test_cipher.$(OBJEXT) +test_cipher_LDADD = $(LDADD) +test_cipher_DEPENDENCIES = $(lib_LTLIBRARIES) $(am__DEPENDENCIES_1) +test_dh_SOURCES = test_dh.c +test_dh_OBJECTS = test_dh.$(OBJEXT) +test_dh_LDADD = $(LDADD) +test_dh_DEPENDENCIES = $(lib_LTLIBRARIES) $(am__DEPENDENCIES_1) +test_engine_dso_SOURCES = test_engine_dso.c +test_engine_dso_OBJECTS = test_engine_dso.$(OBJEXT) +test_engine_dso_LDADD = $(LDADD) +test_engine_dso_DEPENDENCIES = $(lib_LTLIBRARIES) \ + $(am__DEPENDENCIES_1) +test_hmac_SOURCES = test_hmac.c +test_hmac_OBJECTS = test_hmac.$(OBJEXT) +test_hmac_LDADD = $(LDADD) +test_hmac_DEPENDENCIES = $(lib_LTLIBRARIES) $(am__DEPENDENCIES_1) +test_pkcs12_SOURCES = test_pkcs12.c +test_pkcs12_OBJECTS = test_pkcs12.$(OBJEXT) +test_pkcs12_LDADD = $(LDADD) +test_pkcs12_DEPENDENCIES = $(lib_LTLIBRARIES) $(am__DEPENDENCIES_1) +test_pkcs5_SOURCES = test_pkcs5.c +test_pkcs5_OBJECTS = test_pkcs5.$(OBJEXT) +test_pkcs5_LDADD = $(LDADD) +test_pkcs5_DEPENDENCIES = $(lib_LTLIBRARIES) $(am__DEPENDENCIES_1) +test_rand_SOURCES = test_rand.c +test_rand_OBJECTS = test_rand.$(OBJEXT) +test_rand_LDADD = $(LDADD) +test_rand_DEPENDENCIES = $(lib_LTLIBRARIES) $(am__DEPENDENCIES_1) +test_rsa_SOURCES = test_rsa.c +test_rsa_OBJECTS = test_rsa.$(OBJEXT) +test_rsa_LDADD = $(LDADD) +test_rsa_DEPENDENCIES = $(lib_LTLIBRARIES) $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(libhcrypto_la_SOURCES) $(libhctest_la_SOURCES) destest.c \ + example_evp_cipher.c mdtest.c rc2test.c rctest.c test_bn.c \ + test_cipher.c test_dh.c test_engine_dso.c test_hmac.c \ + test_pkcs12.c test_pkcs5.c test_rand.c test_rsa.c +DIST_SOURCES = $(libhcrypto_la_SOURCES) $(libhctest_la_SOURCES) \ + destest.c example_evp_cipher.c mdtest.c rc2test.c rctest.c \ + test_bn.c test_cipher.c test_dh.c test_engine_dso.c \ + test_hmac.c test_pkcs12.c test_pkcs5.c test_rand.c test_rsa.c +HEADERS = $(hcryptoinclude_HEADERS) +ETAGS = etags +CTAGS = ctags +am__tty_colors = \ +red=; grn=; lgn=; blu=; std= +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMTAR = @AMTAR@ +AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +COMPILE_ET = @COMPILE_ET@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ +DBLIB = @DBLIB@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DIR_com_err = @DIR_com_err@ +DIR_hcrypto = @DIR_hcrypto@ +DIR_hdbdir = @DIR_hdbdir@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GREP = @GREP@ +GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ +INCLUDE_hcrypto = @INCLUDE_hcrypto@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ +INCLUDE_openldap = @INCLUDE_openldap@ +INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBADD_roken = @LIBADD_roken@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_NDBM = @LIB_NDBM@ +LIB_XauFileName = @LIB_XauFileName@ +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_XauWriteAuth = @LIB_XauWriteAuth@ +LIB_bswap16 = @LIB_bswap16@ +LIB_bswap32 = @LIB_bswap32@ +LIB_com_err = @LIB_com_err@ +LIB_com_err_a = @LIB_com_err_a@ +LIB_com_err_so = @LIB_com_err_so@ +LIB_crypt = @LIB_crypt@ +LIB_db_create = @LIB_db_create@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ +LIB_door_create = @LIB_door_create@ +LIB_freeaddrinfo = @LIB_freeaddrinfo@ +LIB_gai_strerror = @LIB_gai_strerror@ +LIB_getaddrinfo = @LIB_getaddrinfo@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_gethostbyname2 = @LIB_gethostbyname2@ +LIB_getnameinfo = @LIB_getnameinfo@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_hcrypto = @LIB_hcrypto@ +LIB_hcrypto_a = @LIB_hcrypto_a@ +LIB_hcrypto_appl = @LIB_hcrypto_appl@ +LIB_hcrypto_so = @LIB_hcrypto_so@ +LIB_hesiod = @LIB_hesiod@ +LIB_hstrerror = @LIB_hstrerror@ +LIB_kdb = @LIB_kdb@ +LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ +LIB_loadquery = @LIB_loadquery@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_openldap = @LIB_openldap@ +LIB_openpty = @LIB_openpty@ +LIB_otp = @LIB_otp@ +LIB_pidfile = @LIB_pidfile@ +LIB_readline = @LIB_readline@ +LIB_res_ndestroy = @LIB_res_ndestroy@ +LIB_res_nsearch = @LIB_res_nsearch@ +LIB_res_search = @LIB_res_search@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ +STRIP = @STRIP@ +VERSION = @VERSION@ +VERSIONING = @VERSIONING@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +XMKMF = @XMKMF@ +X_CFLAGS = @X_CFLAGS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_LIBS = @X_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dpagaix_cflags = @dpagaix_cflags@ +dpagaix_ldadd = @dpagaix_ldadd@ +dpagaix_ldflags = @dpagaix_ldflags@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +subdirs = @subdirs@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) -I$(srcdir)/libtommath \ + -DUSE_HCRYPTO_LTM=1 +@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME +AM_CFLAGS = $(WFLAGS) +CP = cp +buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_setpcred = @LIB_setpcred@ +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal +NROFF_MAN = groff -mandoc -Tascii +LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la + +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la +@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la +lib_LTLIBRARIES = libhcrypto.la +check_LTLIBRARIES = libhctest.la +libhcrypto_la_LDFLAGS = -version-info 5:0:1 $(am__append_1) +libhcrypto_la_LIBADD = \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_dlopen) \ + $(LIBADD_roken) + +hcryptoincludedir = $(includedir)/hcrypto +buildhcryptoinclude = $(buildinclude)/hcrypto +hcryptoinclude_HEADERS = \ + aes.h \ + bn.h \ + des.h \ + dh.h \ + dsa.h \ + ec.h \ + ecdh.h \ + ecdsa.h \ + engine.h \ + evp.h \ + evp-hcrypto.h \ + evp-cc.h \ + hmac.h \ + md2.h \ + md4.h \ + md5.h \ + pkcs12.h \ + rand.h \ + rc2.h \ + rc4.h \ + rsa.h \ + sha.h \ + ui.h + +PROGRAM_TESTS = \ + destest \ + mdtest \ + rc2test \ + rctest \ + test_bn \ + test_cipher \ + test_engine_dso \ + test_hmac \ + test_pkcs12 \ + test_pkcs5 + +libhctest_la_SOURCES = \ + des-tables.h \ + des.c \ + des.h \ + ui.c \ + ui.h + +destest_LDADD = libhctest.la $(LIB_roken) +SCRIPT_TESTS = \ + test_crypto + +check_SCRIPTS = $(SCRIPT_TESTS) +LDADD = $(lib_LTLIBRARIES) $(LIB_roken) +libhcrypto_la_SOURCES = \ + $(ltmsources) \ + aes.c \ + aes.h \ + bn.c \ + bn.h \ + common.c \ + common.h \ + camellia.h \ + camellia.c \ + camellia-ntt.c \ + camellia-ntt.h \ + des-tables.h \ + des.c \ + des.h \ + dh.c \ + dh.h \ + dh-ltm.c \ + dsa.c \ + dsa.h \ + doxygen.c \ + evp.c \ + evp.h \ + evp-hcrypto.c \ + evp-cc.c \ + engine.c \ + engine.h \ + hash.h \ + hmac.c \ + hmac.h \ + md2.c \ + md2.h \ + md4.c \ + md4.h \ + md5.c \ + md5.h \ + pkcs5.c \ + pkcs12.c \ + rand-egd.c \ + rand-fortuna.c \ + rand-timer.c \ + rand-unix.c \ + rand.c \ + rand.h \ + randi.h \ + rc2.c \ + rc2.h \ + rc4.c \ + rc4.h \ + rijndael-alg-fst.c \ + rijndael-alg-fst.h \ + rnd_keys.c \ + rsa.c \ + rsa-gmp.c \ + rsa-ltm.c \ + rsa.h \ + sha.c \ + sha.h \ + sha256.c \ + sha512.c \ + validate.c \ + ui.c \ + ui.h + +ltmsources = \ + libtommath/tommath.h \ + libtommath/tommath_class.h \ + libtommath/tommath_superclass.h \ + libtommath/bncore.c \ + libtommath/bn_mp_init.c \ + libtommath/bn_mp_clear.c \ + libtommath/bn_mp_exch.c \ + libtommath/bn_mp_grow.c \ + libtommath/bn_mp_shrink.c \ + libtommath/bn_mp_clamp.c \ + libtommath/bn_mp_zero.c \ + libtommath/bn_mp_zero_multi.c \ + libtommath/bn_mp_set.c \ + libtommath/bn_mp_set_int.c \ + libtommath/bn_mp_init_size.c \ + libtommath/bn_mp_copy.c \ + libtommath/bn_mp_init_copy.c \ + libtommath/bn_mp_abs.c \ + libtommath/bn_mp_neg.c \ + libtommath/bn_mp_cmp_mag.c \ + libtommath/bn_mp_cmp.c \ + libtommath/bn_mp_cmp_d.c \ + libtommath/bn_mp_rshd.c \ + libtommath/bn_mp_lshd.c \ + libtommath/bn_mp_mod_2d.c \ + libtommath/bn_mp_div_2d.c \ + libtommath/bn_mp_mul_2d.c \ + libtommath/bn_mp_div_2.c \ + libtommath/bn_mp_mul_2.c \ + libtommath/bn_s_mp_add.c \ + libtommath/bn_s_mp_sub.c \ + libtommath/bn_fast_s_mp_mul_digs.c \ + libtommath/bn_s_mp_mul_digs.c \ + libtommath/bn_fast_s_mp_mul_high_digs.c \ + libtommath/bn_s_mp_mul_high_digs.c \ + libtommath/bn_fast_s_mp_sqr.c \ + libtommath/bn_s_mp_sqr.c \ + libtommath/bn_mp_add.c \ + libtommath/bn_mp_sub.c \ + libtommath/bn_mp_karatsuba_mul.c \ + libtommath/bn_mp_mul.c \ + libtommath/bn_mp_karatsuba_sqr.c \ + libtommath/bn_mp_sqr.c \ + libtommath/bn_mp_div.c \ + libtommath/bn_mp_mod.c \ + libtommath/bn_mp_add_d.c \ + libtommath/bn_mp_sub_d.c \ + libtommath/bn_mp_mul_d.c \ + libtommath/bn_mp_div_d.c \ + libtommath/bn_mp_mod_d.c \ + libtommath/bn_mp_expt_d.c \ + libtommath/bn_mp_addmod.c \ + libtommath/bn_mp_submod.c \ + libtommath/bn_mp_mulmod.c \ + libtommath/bn_mp_sqrmod.c \ + libtommath/bn_mp_gcd.c \ + libtommath/bn_mp_lcm.c \ + libtommath/bn_fast_mp_invmod.c \ + libtommath/bn_mp_invmod.c \ + libtommath/bn_mp_reduce.c \ + libtommath/bn_mp_montgomery_setup.c \ + libtommath/bn_fast_mp_montgomery_reduce.c \ + libtommath/bn_mp_montgomery_reduce.c \ + libtommath/bn_mp_exptmod_fast.c \ + libtommath/bn_mp_exptmod.c \ + libtommath/bn_mp_2expt.c \ + libtommath/bn_mp_n_root.c \ + libtommath/bn_mp_jacobi.c \ + libtommath/bn_reverse.c \ + libtommath/bn_mp_count_bits.c \ + libtommath/bn_mp_read_unsigned_bin.c \ + libtommath/bn_mp_read_signed_bin.c \ + libtommath/bn_mp_to_unsigned_bin.c \ + libtommath/bn_mp_to_signed_bin.c \ + libtommath/bn_mp_unsigned_bin_size.c \ + libtommath/bn_mp_signed_bin_size.c \ + libtommath/bn_mp_xor.c \ + libtommath/bn_mp_and.c \ + libtommath/bn_mp_or.c \ + libtommath/bn_mp_rand.c \ + libtommath/bn_mp_montgomery_calc_normalization.c \ + libtommath/bn_mp_prime_is_divisible.c \ + libtommath/bn_prime_tab.c \ + libtommath/bn_mp_prime_fermat.c \ + libtommath/bn_mp_prime_miller_rabin.c \ + libtommath/bn_mp_prime_is_prime.c \ + libtommath/bn_mp_prime_next_prime.c \ + libtommath/bn_mp_find_prime.c \ + libtommath/bn_mp_isprime.c \ + libtommath/bn_mp_dr_reduce.c \ + libtommath/bn_mp_dr_is_modulus.c \ + libtommath/bn_mp_dr_setup.c \ + libtommath/bn_mp_reduce_setup.c \ + libtommath/bn_mp_toom_mul.c \ + libtommath/bn_mp_toom_sqr.c \ + libtommath/bn_mp_div_3.c \ + libtommath/bn_s_mp_exptmod.c \ + libtommath/bn_mp_reduce_2k.c \ + libtommath/bn_mp_reduce_is_2k.c \ + libtommath/bn_mp_reduce_2k_setup.c \ + libtommath/bn_mp_reduce_2k_l.c \ + libtommath/bn_mp_reduce_is_2k_l.c \ + libtommath/bn_mp_reduce_2k_setup_l.c \ + libtommath/bn_mp_radix_smap.c \ + libtommath/bn_mp_read_radix.c \ + libtommath/bn_mp_toradix.c \ + libtommath/bn_mp_radix_size.c \ + libtommath/bn_mp_fread.c \ + libtommath/bn_mp_fwrite.c \ + libtommath/bn_mp_cnt_lsb.c \ + libtommath/bn_error.c \ + libtommath/bn_mp_init_multi.c \ + libtommath/bn_mp_clear_multi.c \ + libtommath/bn_mp_exteuclid.c \ + libtommath/bn_mp_toradix_n.c \ + libtommath/bn_mp_prime_random_ex.c \ + libtommath/bn_mp_get_int.c \ + libtommath/bn_mp_sqrt.c \ + libtommath/bn_mp_is_square.c \ + libtommath/bn_mp_init_set.c \ + libtommath/bn_mp_init_set_int.c \ + libtommath/bn_mp_invmod_slow.c \ + libtommath/bn_mp_prime_rabin_miller_trials.c \ + libtommath/bn_mp_to_signed_bin_n.c \ + libtommath/bn_mp_to_unsigned_bin_n.c + +libhcrypto_la_CPPFLAGS = -DBUILD_HCRYPTO_LIB $(AM_CPPFLAGS) +do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' -e 's,[@]exeext[@],$(exeext),g' +CLEANFILES = \ + crypto-test \ + crypto-test2 \ + error \ + hcrypto \ + hcrypto-link \ + test.file \ + test_crypto \ + test-out* \ + test_crypto.tmp \ + test_crypto.tmp + +EXTRA_DIST = \ + NTMakefile \ + DESperate.txt \ + passwd_dialog.rc \ + libhcrypto-exports.def \ + dllmain.c \ + ec.h \ + ecdh.h \ + ecdsa.h \ + gen-des.pl \ + md5crypt_test.c \ + passwd_dialog.aps \ + passwd_dialog.clw \ + passwd_dialog.rc \ + passwd_dialog.res \ + passwd_dlg.c \ + passwd_dlg.h \ + resource.h \ + rsakey.der \ + rsakey2048.der \ + rsakey4096.der \ + test_crypto.in \ + version-script.map + +all: all-am + +.SUFFIXES: +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/hcrypto/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/hcrypto/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-checkLTLIBRARIES: + -test -z "$(check_LTLIBRARIES)" || rm -f $(check_LTLIBRARIES) + @list='$(check_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ + if test -f $$p; then \ + list2="$$list2 $$p"; \ + else :; fi; \ + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ + done + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libhcrypto.la: $(libhcrypto_la_OBJECTS) $(libhcrypto_la_DEPENDENCIES) + $(libhcrypto_la_LINK) -rpath $(libdir) $(libhcrypto_la_OBJECTS) $(libhcrypto_la_LIBADD) $(LIBS) +libhctest.la: $(libhctest_la_OBJECTS) $(libhctest_la_DEPENDENCIES) + $(LINK) $(libhctest_la_OBJECTS) $(libhctest_la_LIBADD) $(LIBS) + +clean-checkPROGRAMS: + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list + +clean-noinstPROGRAMS: + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +destest$(EXEEXT): $(destest_OBJECTS) $(destest_DEPENDENCIES) + @rm -f destest$(EXEEXT) + $(LINK) $(destest_OBJECTS) $(destest_LDADD) $(LIBS) +example_evp_cipher$(EXEEXT): $(example_evp_cipher_OBJECTS) $(example_evp_cipher_DEPENDENCIES) + @rm -f example_evp_cipher$(EXEEXT) + $(LINK) $(example_evp_cipher_OBJECTS) $(example_evp_cipher_LDADD) $(LIBS) +mdtest$(EXEEXT): $(mdtest_OBJECTS) $(mdtest_DEPENDENCIES) + @rm -f mdtest$(EXEEXT) + $(LINK) $(mdtest_OBJECTS) $(mdtest_LDADD) $(LIBS) +rc2test$(EXEEXT): $(rc2test_OBJECTS) $(rc2test_DEPENDENCIES) + @rm -f rc2test$(EXEEXT) + $(LINK) $(rc2test_OBJECTS) $(rc2test_LDADD) $(LIBS) +rctest$(EXEEXT): $(rctest_OBJECTS) $(rctest_DEPENDENCIES) + @rm -f rctest$(EXEEXT) + $(LINK) $(rctest_OBJECTS) $(rctest_LDADD) $(LIBS) +test_bn$(EXEEXT): $(test_bn_OBJECTS) $(test_bn_DEPENDENCIES) + @rm -f test_bn$(EXEEXT) + $(LINK) $(test_bn_OBJECTS) $(test_bn_LDADD) $(LIBS) +test_cipher$(EXEEXT): $(test_cipher_OBJECTS) $(test_cipher_DEPENDENCIES) + @rm -f test_cipher$(EXEEXT) + $(LINK) $(test_cipher_OBJECTS) $(test_cipher_LDADD) $(LIBS) +test_dh$(EXEEXT): $(test_dh_OBJECTS) $(test_dh_DEPENDENCIES) + @rm -f test_dh$(EXEEXT) + $(LINK) $(test_dh_OBJECTS) $(test_dh_LDADD) $(LIBS) +test_engine_dso$(EXEEXT): $(test_engine_dso_OBJECTS) $(test_engine_dso_DEPENDENCIES) + @rm -f test_engine_dso$(EXEEXT) + $(LINK) $(test_engine_dso_OBJECTS) $(test_engine_dso_LDADD) $(LIBS) +test_hmac$(EXEEXT): $(test_hmac_OBJECTS) $(test_hmac_DEPENDENCIES) + @rm -f test_hmac$(EXEEXT) + $(LINK) $(test_hmac_OBJECTS) $(test_hmac_LDADD) $(LIBS) +test_pkcs12$(EXEEXT): $(test_pkcs12_OBJECTS) $(test_pkcs12_DEPENDENCIES) + @rm -f test_pkcs12$(EXEEXT) + $(LINK) $(test_pkcs12_OBJECTS) $(test_pkcs12_LDADD) $(LIBS) +test_pkcs5$(EXEEXT): $(test_pkcs5_OBJECTS) $(test_pkcs5_DEPENDENCIES) + @rm -f test_pkcs5$(EXEEXT) + $(LINK) $(test_pkcs5_OBJECTS) $(test_pkcs5_LDADD) $(LIBS) +test_rand$(EXEEXT): $(test_rand_OBJECTS) $(test_rand_DEPENDENCIES) + @rm -f test_rand$(EXEEXT) + $(LINK) $(test_rand_OBJECTS) $(test_rand_LDADD) $(LIBS) +test_rsa$(EXEEXT): $(test_rsa_OBJECTS) $(test_rsa_DEPENDENCIES) + @rm -f test_rsa$(EXEEXT) + $(LINK) $(test_rsa_OBJECTS) $(test_rsa_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/des.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/destest.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/example_evp_cipher.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-aes.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_error.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_fast_mp_invmod.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_fast_mp_montgomery_reduce.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_fast_s_mp_mul_digs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_fast_s_mp_mul_high_digs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_fast_s_mp_sqr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_2expt.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_abs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_add.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_add_d.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_addmod.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_and.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_clamp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_clear.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_clear_multi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_cmp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_cmp_d.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_cmp_mag.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_cnt_lsb.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_copy.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_count_bits.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_div.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_div_2.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_div_2d.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_div_3.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_div_d.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_dr_is_modulus.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_dr_reduce.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_dr_setup.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_exch.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_expt_d.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_exptmod.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_exptmod_fast.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_exteuclid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_find_prime.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_fread.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_fwrite.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_gcd.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_get_int.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_grow.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_init.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_init_copy.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_init_multi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_init_set.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_init_set_int.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_init_size.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_invmod.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_invmod_slow.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_is_square.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_isprime.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_jacobi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_karatsuba_mul.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_karatsuba_sqr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_lcm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_lshd.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_mod.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_mod_2d.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_mod_d.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_montgomery_calc_normalization.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_montgomery_reduce.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_montgomery_setup.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_mul.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_mul_2.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_mul_2d.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_mul_d.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_mulmod.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_n_root.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_neg.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_or.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_prime_fermat.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_prime_is_divisible.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_prime_is_prime.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_prime_miller_rabin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_prime_next_prime.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_prime_rabin_miller_trials.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_prime_random_ex.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_radix_size.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_radix_smap.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_rand.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_read_radix.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_read_signed_bin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_read_unsigned_bin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_reduce.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k_l.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k_setup.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k_setup_l.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_reduce_is_2k.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_reduce_is_2k_l.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_reduce_setup.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_rshd.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_set.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_set_int.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_shrink.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_signed_bin_size.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_sqr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_sqrmod.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_sqrt.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_sub.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_sub_d.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_submod.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_to_signed_bin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_to_signed_bin_n.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_to_unsigned_bin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_to_unsigned_bin_n.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_toom_mul.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_toom_sqr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_toradix.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_toradix_n.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_unsigned_bin_size.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_xor.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_zero.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_mp_zero_multi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_prime_tab.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_reverse.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_s_mp_add.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_s_mp_exptmod.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_s_mp_mul_digs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_s_mp_mul_high_digs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_s_mp_sqr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bn_s_mp_sub.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-bncore.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-camellia-ntt.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-camellia.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-common.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-des.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-dh-ltm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-dh.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-doxygen.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-dsa.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-engine.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-evp-cc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-evp-hcrypto.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-evp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-hmac.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-md2.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-md4.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-md5.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-pkcs12.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-pkcs5.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-rand-egd.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-rand-fortuna.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-rand-timer.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-rand-unix.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-rand.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-rc2.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-rc4.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-rijndael-alg-fst.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-rnd_keys.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-rsa-gmp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-rsa-ltm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-rsa.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-sha.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-sha256.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-sha512.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-ui.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhcrypto_la-validate.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mdtest.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rc2test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rctest.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_bn.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_cipher.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_dh.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_engine_dso.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_hmac.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_pkcs12.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_pkcs5.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_rand.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_rsa.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ui.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +libhcrypto_la-bncore.lo: libtommath/bncore.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bncore.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bncore.Tpo -c -o libhcrypto_la-bncore.lo `test -f 'libtommath/bncore.c' || echo '$(srcdir)/'`libtommath/bncore.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bncore.Tpo $(DEPDIR)/libhcrypto_la-bncore.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bncore.c' object='libhcrypto_la-bncore.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bncore.lo `test -f 'libtommath/bncore.c' || echo '$(srcdir)/'`libtommath/bncore.c + +libhcrypto_la-bn_mp_init.lo: libtommath/bn_mp_init.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_init.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_init.Tpo -c -o libhcrypto_la-bn_mp_init.lo `test -f 'libtommath/bn_mp_init.c' || echo '$(srcdir)/'`libtommath/bn_mp_init.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_init.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_init.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_init.c' object='libhcrypto_la-bn_mp_init.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_init.lo `test -f 'libtommath/bn_mp_init.c' || echo '$(srcdir)/'`libtommath/bn_mp_init.c + +libhcrypto_la-bn_mp_clear.lo: libtommath/bn_mp_clear.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_clear.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_clear.Tpo -c -o libhcrypto_la-bn_mp_clear.lo `test -f 'libtommath/bn_mp_clear.c' || echo '$(srcdir)/'`libtommath/bn_mp_clear.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_clear.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_clear.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_clear.c' object='libhcrypto_la-bn_mp_clear.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_clear.lo `test -f 'libtommath/bn_mp_clear.c' || echo '$(srcdir)/'`libtommath/bn_mp_clear.c + +libhcrypto_la-bn_mp_exch.lo: libtommath/bn_mp_exch.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_exch.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_exch.Tpo -c -o libhcrypto_la-bn_mp_exch.lo `test -f 'libtommath/bn_mp_exch.c' || echo '$(srcdir)/'`libtommath/bn_mp_exch.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_exch.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_exch.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_exch.c' object='libhcrypto_la-bn_mp_exch.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_exch.lo `test -f 'libtommath/bn_mp_exch.c' || echo '$(srcdir)/'`libtommath/bn_mp_exch.c + +libhcrypto_la-bn_mp_grow.lo: libtommath/bn_mp_grow.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_grow.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_grow.Tpo -c -o libhcrypto_la-bn_mp_grow.lo `test -f 'libtommath/bn_mp_grow.c' || echo '$(srcdir)/'`libtommath/bn_mp_grow.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_grow.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_grow.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_grow.c' object='libhcrypto_la-bn_mp_grow.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_grow.lo `test -f 'libtommath/bn_mp_grow.c' || echo '$(srcdir)/'`libtommath/bn_mp_grow.c + +libhcrypto_la-bn_mp_shrink.lo: libtommath/bn_mp_shrink.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_shrink.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_shrink.Tpo -c -o libhcrypto_la-bn_mp_shrink.lo `test -f 'libtommath/bn_mp_shrink.c' || echo '$(srcdir)/'`libtommath/bn_mp_shrink.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_shrink.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_shrink.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_shrink.c' object='libhcrypto_la-bn_mp_shrink.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_shrink.lo `test -f 'libtommath/bn_mp_shrink.c' || echo '$(srcdir)/'`libtommath/bn_mp_shrink.c + +libhcrypto_la-bn_mp_clamp.lo: libtommath/bn_mp_clamp.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_clamp.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_clamp.Tpo -c -o libhcrypto_la-bn_mp_clamp.lo `test -f 'libtommath/bn_mp_clamp.c' || echo '$(srcdir)/'`libtommath/bn_mp_clamp.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_clamp.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_clamp.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_clamp.c' object='libhcrypto_la-bn_mp_clamp.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_clamp.lo `test -f 'libtommath/bn_mp_clamp.c' || echo '$(srcdir)/'`libtommath/bn_mp_clamp.c + +libhcrypto_la-bn_mp_zero.lo: libtommath/bn_mp_zero.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_zero.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_zero.Tpo -c -o libhcrypto_la-bn_mp_zero.lo `test -f 'libtommath/bn_mp_zero.c' || echo '$(srcdir)/'`libtommath/bn_mp_zero.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_zero.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_zero.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_zero.c' object='libhcrypto_la-bn_mp_zero.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_zero.lo `test -f 'libtommath/bn_mp_zero.c' || echo '$(srcdir)/'`libtommath/bn_mp_zero.c + +libhcrypto_la-bn_mp_zero_multi.lo: libtommath/bn_mp_zero_multi.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_zero_multi.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_zero_multi.Tpo -c -o libhcrypto_la-bn_mp_zero_multi.lo `test -f 'libtommath/bn_mp_zero_multi.c' || echo '$(srcdir)/'`libtommath/bn_mp_zero_multi.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_zero_multi.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_zero_multi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_zero_multi.c' object='libhcrypto_la-bn_mp_zero_multi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_zero_multi.lo `test -f 'libtommath/bn_mp_zero_multi.c' || echo '$(srcdir)/'`libtommath/bn_mp_zero_multi.c + +libhcrypto_la-bn_mp_set.lo: libtommath/bn_mp_set.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_set.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_set.Tpo -c -o libhcrypto_la-bn_mp_set.lo `test -f 'libtommath/bn_mp_set.c' || echo '$(srcdir)/'`libtommath/bn_mp_set.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_set.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_set.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_set.c' object='libhcrypto_la-bn_mp_set.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_set.lo `test -f 'libtommath/bn_mp_set.c' || echo '$(srcdir)/'`libtommath/bn_mp_set.c + +libhcrypto_la-bn_mp_set_int.lo: libtommath/bn_mp_set_int.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_set_int.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_set_int.Tpo -c -o libhcrypto_la-bn_mp_set_int.lo `test -f 'libtommath/bn_mp_set_int.c' || echo '$(srcdir)/'`libtommath/bn_mp_set_int.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_set_int.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_set_int.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_set_int.c' object='libhcrypto_la-bn_mp_set_int.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_set_int.lo `test -f 'libtommath/bn_mp_set_int.c' || echo '$(srcdir)/'`libtommath/bn_mp_set_int.c + +libhcrypto_la-bn_mp_init_size.lo: libtommath/bn_mp_init_size.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_init_size.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_init_size.Tpo -c -o libhcrypto_la-bn_mp_init_size.lo `test -f 'libtommath/bn_mp_init_size.c' || echo '$(srcdir)/'`libtommath/bn_mp_init_size.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_init_size.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_init_size.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_init_size.c' object='libhcrypto_la-bn_mp_init_size.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_init_size.lo `test -f 'libtommath/bn_mp_init_size.c' || echo '$(srcdir)/'`libtommath/bn_mp_init_size.c + +libhcrypto_la-bn_mp_copy.lo: libtommath/bn_mp_copy.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_copy.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_copy.Tpo -c -o libhcrypto_la-bn_mp_copy.lo `test -f 'libtommath/bn_mp_copy.c' || echo '$(srcdir)/'`libtommath/bn_mp_copy.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_copy.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_copy.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_copy.c' object='libhcrypto_la-bn_mp_copy.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_copy.lo `test -f 'libtommath/bn_mp_copy.c' || echo '$(srcdir)/'`libtommath/bn_mp_copy.c + +libhcrypto_la-bn_mp_init_copy.lo: libtommath/bn_mp_init_copy.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_init_copy.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_init_copy.Tpo -c -o libhcrypto_la-bn_mp_init_copy.lo `test -f 'libtommath/bn_mp_init_copy.c' || echo '$(srcdir)/'`libtommath/bn_mp_init_copy.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_init_copy.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_init_copy.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_init_copy.c' object='libhcrypto_la-bn_mp_init_copy.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_init_copy.lo `test -f 'libtommath/bn_mp_init_copy.c' || echo '$(srcdir)/'`libtommath/bn_mp_init_copy.c + +libhcrypto_la-bn_mp_abs.lo: libtommath/bn_mp_abs.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_abs.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_abs.Tpo -c -o libhcrypto_la-bn_mp_abs.lo `test -f 'libtommath/bn_mp_abs.c' || echo '$(srcdir)/'`libtommath/bn_mp_abs.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_abs.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_abs.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_abs.c' object='libhcrypto_la-bn_mp_abs.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_abs.lo `test -f 'libtommath/bn_mp_abs.c' || echo '$(srcdir)/'`libtommath/bn_mp_abs.c + +libhcrypto_la-bn_mp_neg.lo: libtommath/bn_mp_neg.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_neg.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_neg.Tpo -c -o libhcrypto_la-bn_mp_neg.lo `test -f 'libtommath/bn_mp_neg.c' || echo '$(srcdir)/'`libtommath/bn_mp_neg.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_neg.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_neg.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_neg.c' object='libhcrypto_la-bn_mp_neg.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_neg.lo `test -f 'libtommath/bn_mp_neg.c' || echo '$(srcdir)/'`libtommath/bn_mp_neg.c + +libhcrypto_la-bn_mp_cmp_mag.lo: libtommath/bn_mp_cmp_mag.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_cmp_mag.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_cmp_mag.Tpo -c -o libhcrypto_la-bn_mp_cmp_mag.lo `test -f 'libtommath/bn_mp_cmp_mag.c' || echo '$(srcdir)/'`libtommath/bn_mp_cmp_mag.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_cmp_mag.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_cmp_mag.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_cmp_mag.c' object='libhcrypto_la-bn_mp_cmp_mag.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_cmp_mag.lo `test -f 'libtommath/bn_mp_cmp_mag.c' || echo '$(srcdir)/'`libtommath/bn_mp_cmp_mag.c + +libhcrypto_la-bn_mp_cmp.lo: libtommath/bn_mp_cmp.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_cmp.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_cmp.Tpo -c -o libhcrypto_la-bn_mp_cmp.lo `test -f 'libtommath/bn_mp_cmp.c' || echo '$(srcdir)/'`libtommath/bn_mp_cmp.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_cmp.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_cmp.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_cmp.c' object='libhcrypto_la-bn_mp_cmp.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_cmp.lo `test -f 'libtommath/bn_mp_cmp.c' || echo '$(srcdir)/'`libtommath/bn_mp_cmp.c + +libhcrypto_la-bn_mp_cmp_d.lo: libtommath/bn_mp_cmp_d.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_cmp_d.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_cmp_d.Tpo -c -o libhcrypto_la-bn_mp_cmp_d.lo `test -f 'libtommath/bn_mp_cmp_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_cmp_d.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_cmp_d.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_cmp_d.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_cmp_d.c' object='libhcrypto_la-bn_mp_cmp_d.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_cmp_d.lo `test -f 'libtommath/bn_mp_cmp_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_cmp_d.c + +libhcrypto_la-bn_mp_rshd.lo: libtommath/bn_mp_rshd.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_rshd.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_rshd.Tpo -c -o libhcrypto_la-bn_mp_rshd.lo `test -f 'libtommath/bn_mp_rshd.c' || echo '$(srcdir)/'`libtommath/bn_mp_rshd.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_rshd.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_rshd.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_rshd.c' object='libhcrypto_la-bn_mp_rshd.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_rshd.lo `test -f 'libtommath/bn_mp_rshd.c' || echo '$(srcdir)/'`libtommath/bn_mp_rshd.c + +libhcrypto_la-bn_mp_lshd.lo: libtommath/bn_mp_lshd.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_lshd.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_lshd.Tpo -c -o libhcrypto_la-bn_mp_lshd.lo `test -f 'libtommath/bn_mp_lshd.c' || echo '$(srcdir)/'`libtommath/bn_mp_lshd.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_lshd.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_lshd.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_lshd.c' object='libhcrypto_la-bn_mp_lshd.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_lshd.lo `test -f 'libtommath/bn_mp_lshd.c' || echo '$(srcdir)/'`libtommath/bn_mp_lshd.c + +libhcrypto_la-bn_mp_mod_2d.lo: libtommath/bn_mp_mod_2d.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_mod_2d.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_mod_2d.Tpo -c -o libhcrypto_la-bn_mp_mod_2d.lo `test -f 'libtommath/bn_mp_mod_2d.c' || echo '$(srcdir)/'`libtommath/bn_mp_mod_2d.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_mod_2d.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_mod_2d.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_mod_2d.c' object='libhcrypto_la-bn_mp_mod_2d.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_mod_2d.lo `test -f 'libtommath/bn_mp_mod_2d.c' || echo '$(srcdir)/'`libtommath/bn_mp_mod_2d.c + +libhcrypto_la-bn_mp_div_2d.lo: libtommath/bn_mp_div_2d.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_div_2d.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_div_2d.Tpo -c -o libhcrypto_la-bn_mp_div_2d.lo `test -f 'libtommath/bn_mp_div_2d.c' || echo '$(srcdir)/'`libtommath/bn_mp_div_2d.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_div_2d.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_div_2d.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_div_2d.c' object='libhcrypto_la-bn_mp_div_2d.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_div_2d.lo `test -f 'libtommath/bn_mp_div_2d.c' || echo '$(srcdir)/'`libtommath/bn_mp_div_2d.c + +libhcrypto_la-bn_mp_mul_2d.lo: libtommath/bn_mp_mul_2d.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_mul_2d.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_mul_2d.Tpo -c -o libhcrypto_la-bn_mp_mul_2d.lo `test -f 'libtommath/bn_mp_mul_2d.c' || echo '$(srcdir)/'`libtommath/bn_mp_mul_2d.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_mul_2d.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_mul_2d.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_mul_2d.c' object='libhcrypto_la-bn_mp_mul_2d.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_mul_2d.lo `test -f 'libtommath/bn_mp_mul_2d.c' || echo '$(srcdir)/'`libtommath/bn_mp_mul_2d.c + +libhcrypto_la-bn_mp_div_2.lo: libtommath/bn_mp_div_2.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_div_2.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_div_2.Tpo -c -o libhcrypto_la-bn_mp_div_2.lo `test -f 'libtommath/bn_mp_div_2.c' || echo '$(srcdir)/'`libtommath/bn_mp_div_2.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_div_2.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_div_2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_div_2.c' object='libhcrypto_la-bn_mp_div_2.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_div_2.lo `test -f 'libtommath/bn_mp_div_2.c' || echo '$(srcdir)/'`libtommath/bn_mp_div_2.c + +libhcrypto_la-bn_mp_mul_2.lo: libtommath/bn_mp_mul_2.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_mul_2.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_mul_2.Tpo -c -o libhcrypto_la-bn_mp_mul_2.lo `test -f 'libtommath/bn_mp_mul_2.c' || echo '$(srcdir)/'`libtommath/bn_mp_mul_2.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_mul_2.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_mul_2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_mul_2.c' object='libhcrypto_la-bn_mp_mul_2.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_mul_2.lo `test -f 'libtommath/bn_mp_mul_2.c' || echo '$(srcdir)/'`libtommath/bn_mp_mul_2.c + +libhcrypto_la-bn_s_mp_add.lo: libtommath/bn_s_mp_add.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_s_mp_add.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_s_mp_add.Tpo -c -o libhcrypto_la-bn_s_mp_add.lo `test -f 'libtommath/bn_s_mp_add.c' || echo '$(srcdir)/'`libtommath/bn_s_mp_add.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_s_mp_add.Tpo $(DEPDIR)/libhcrypto_la-bn_s_mp_add.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_s_mp_add.c' object='libhcrypto_la-bn_s_mp_add.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_s_mp_add.lo `test -f 'libtommath/bn_s_mp_add.c' || echo '$(srcdir)/'`libtommath/bn_s_mp_add.c + +libhcrypto_la-bn_s_mp_sub.lo: libtommath/bn_s_mp_sub.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_s_mp_sub.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_s_mp_sub.Tpo -c -o libhcrypto_la-bn_s_mp_sub.lo `test -f 'libtommath/bn_s_mp_sub.c' || echo '$(srcdir)/'`libtommath/bn_s_mp_sub.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_s_mp_sub.Tpo $(DEPDIR)/libhcrypto_la-bn_s_mp_sub.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_s_mp_sub.c' object='libhcrypto_la-bn_s_mp_sub.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_s_mp_sub.lo `test -f 'libtommath/bn_s_mp_sub.c' || echo '$(srcdir)/'`libtommath/bn_s_mp_sub.c + +libhcrypto_la-bn_fast_s_mp_mul_digs.lo: libtommath/bn_fast_s_mp_mul_digs.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_fast_s_mp_mul_digs.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_fast_s_mp_mul_digs.Tpo -c -o libhcrypto_la-bn_fast_s_mp_mul_digs.lo `test -f 'libtommath/bn_fast_s_mp_mul_digs.c' || echo '$(srcdir)/'`libtommath/bn_fast_s_mp_mul_digs.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_fast_s_mp_mul_digs.Tpo $(DEPDIR)/libhcrypto_la-bn_fast_s_mp_mul_digs.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_fast_s_mp_mul_digs.c' object='libhcrypto_la-bn_fast_s_mp_mul_digs.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_fast_s_mp_mul_digs.lo `test -f 'libtommath/bn_fast_s_mp_mul_digs.c' || echo '$(srcdir)/'`libtommath/bn_fast_s_mp_mul_digs.c + +libhcrypto_la-bn_s_mp_mul_digs.lo: libtommath/bn_s_mp_mul_digs.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_s_mp_mul_digs.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_s_mp_mul_digs.Tpo -c -o libhcrypto_la-bn_s_mp_mul_digs.lo `test -f 'libtommath/bn_s_mp_mul_digs.c' || echo '$(srcdir)/'`libtommath/bn_s_mp_mul_digs.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_s_mp_mul_digs.Tpo $(DEPDIR)/libhcrypto_la-bn_s_mp_mul_digs.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_s_mp_mul_digs.c' object='libhcrypto_la-bn_s_mp_mul_digs.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_s_mp_mul_digs.lo `test -f 'libtommath/bn_s_mp_mul_digs.c' || echo '$(srcdir)/'`libtommath/bn_s_mp_mul_digs.c + +libhcrypto_la-bn_fast_s_mp_mul_high_digs.lo: libtommath/bn_fast_s_mp_mul_high_digs.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_fast_s_mp_mul_high_digs.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_fast_s_mp_mul_high_digs.Tpo -c -o libhcrypto_la-bn_fast_s_mp_mul_high_digs.lo `test -f 'libtommath/bn_fast_s_mp_mul_high_digs.c' || echo '$(srcdir)/'`libtommath/bn_fast_s_mp_mul_high_digs.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_fast_s_mp_mul_high_digs.Tpo $(DEPDIR)/libhcrypto_la-bn_fast_s_mp_mul_high_digs.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_fast_s_mp_mul_high_digs.c' object='libhcrypto_la-bn_fast_s_mp_mul_high_digs.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_fast_s_mp_mul_high_digs.lo `test -f 'libtommath/bn_fast_s_mp_mul_high_digs.c' || echo '$(srcdir)/'`libtommath/bn_fast_s_mp_mul_high_digs.c + +libhcrypto_la-bn_s_mp_mul_high_digs.lo: libtommath/bn_s_mp_mul_high_digs.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_s_mp_mul_high_digs.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_s_mp_mul_high_digs.Tpo -c -o libhcrypto_la-bn_s_mp_mul_high_digs.lo `test -f 'libtommath/bn_s_mp_mul_high_digs.c' || echo '$(srcdir)/'`libtommath/bn_s_mp_mul_high_digs.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_s_mp_mul_high_digs.Tpo $(DEPDIR)/libhcrypto_la-bn_s_mp_mul_high_digs.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_s_mp_mul_high_digs.c' object='libhcrypto_la-bn_s_mp_mul_high_digs.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_s_mp_mul_high_digs.lo `test -f 'libtommath/bn_s_mp_mul_high_digs.c' || echo '$(srcdir)/'`libtommath/bn_s_mp_mul_high_digs.c + +libhcrypto_la-bn_fast_s_mp_sqr.lo: libtommath/bn_fast_s_mp_sqr.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_fast_s_mp_sqr.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_fast_s_mp_sqr.Tpo -c -o libhcrypto_la-bn_fast_s_mp_sqr.lo `test -f 'libtommath/bn_fast_s_mp_sqr.c' || echo '$(srcdir)/'`libtommath/bn_fast_s_mp_sqr.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_fast_s_mp_sqr.Tpo $(DEPDIR)/libhcrypto_la-bn_fast_s_mp_sqr.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_fast_s_mp_sqr.c' object='libhcrypto_la-bn_fast_s_mp_sqr.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_fast_s_mp_sqr.lo `test -f 'libtommath/bn_fast_s_mp_sqr.c' || echo '$(srcdir)/'`libtommath/bn_fast_s_mp_sqr.c + +libhcrypto_la-bn_s_mp_sqr.lo: libtommath/bn_s_mp_sqr.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_s_mp_sqr.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_s_mp_sqr.Tpo -c -o libhcrypto_la-bn_s_mp_sqr.lo `test -f 'libtommath/bn_s_mp_sqr.c' || echo '$(srcdir)/'`libtommath/bn_s_mp_sqr.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_s_mp_sqr.Tpo $(DEPDIR)/libhcrypto_la-bn_s_mp_sqr.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_s_mp_sqr.c' object='libhcrypto_la-bn_s_mp_sqr.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_s_mp_sqr.lo `test -f 'libtommath/bn_s_mp_sqr.c' || echo '$(srcdir)/'`libtommath/bn_s_mp_sqr.c + +libhcrypto_la-bn_mp_add.lo: libtommath/bn_mp_add.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_add.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_add.Tpo -c -o libhcrypto_la-bn_mp_add.lo `test -f 'libtommath/bn_mp_add.c' || echo '$(srcdir)/'`libtommath/bn_mp_add.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_add.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_add.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_add.c' object='libhcrypto_la-bn_mp_add.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_add.lo `test -f 'libtommath/bn_mp_add.c' || echo '$(srcdir)/'`libtommath/bn_mp_add.c + +libhcrypto_la-bn_mp_sub.lo: libtommath/bn_mp_sub.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_sub.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_sub.Tpo -c -o libhcrypto_la-bn_mp_sub.lo `test -f 'libtommath/bn_mp_sub.c' || echo '$(srcdir)/'`libtommath/bn_mp_sub.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_sub.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_sub.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_sub.c' object='libhcrypto_la-bn_mp_sub.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_sub.lo `test -f 'libtommath/bn_mp_sub.c' || echo '$(srcdir)/'`libtommath/bn_mp_sub.c + +libhcrypto_la-bn_mp_karatsuba_mul.lo: libtommath/bn_mp_karatsuba_mul.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_karatsuba_mul.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_karatsuba_mul.Tpo -c -o libhcrypto_la-bn_mp_karatsuba_mul.lo `test -f 'libtommath/bn_mp_karatsuba_mul.c' || echo '$(srcdir)/'`libtommath/bn_mp_karatsuba_mul.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_karatsuba_mul.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_karatsuba_mul.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_karatsuba_mul.c' object='libhcrypto_la-bn_mp_karatsuba_mul.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_karatsuba_mul.lo `test -f 'libtommath/bn_mp_karatsuba_mul.c' || echo '$(srcdir)/'`libtommath/bn_mp_karatsuba_mul.c + +libhcrypto_la-bn_mp_mul.lo: libtommath/bn_mp_mul.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_mul.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_mul.Tpo -c -o libhcrypto_la-bn_mp_mul.lo `test -f 'libtommath/bn_mp_mul.c' || echo '$(srcdir)/'`libtommath/bn_mp_mul.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_mul.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_mul.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_mul.c' object='libhcrypto_la-bn_mp_mul.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_mul.lo `test -f 'libtommath/bn_mp_mul.c' || echo '$(srcdir)/'`libtommath/bn_mp_mul.c + +libhcrypto_la-bn_mp_karatsuba_sqr.lo: libtommath/bn_mp_karatsuba_sqr.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_karatsuba_sqr.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_karatsuba_sqr.Tpo -c -o libhcrypto_la-bn_mp_karatsuba_sqr.lo `test -f 'libtommath/bn_mp_karatsuba_sqr.c' || echo '$(srcdir)/'`libtommath/bn_mp_karatsuba_sqr.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_karatsuba_sqr.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_karatsuba_sqr.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_karatsuba_sqr.c' object='libhcrypto_la-bn_mp_karatsuba_sqr.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_karatsuba_sqr.lo `test -f 'libtommath/bn_mp_karatsuba_sqr.c' || echo '$(srcdir)/'`libtommath/bn_mp_karatsuba_sqr.c + +libhcrypto_la-bn_mp_sqr.lo: libtommath/bn_mp_sqr.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_sqr.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_sqr.Tpo -c -o libhcrypto_la-bn_mp_sqr.lo `test -f 'libtommath/bn_mp_sqr.c' || echo '$(srcdir)/'`libtommath/bn_mp_sqr.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_sqr.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_sqr.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_sqr.c' object='libhcrypto_la-bn_mp_sqr.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_sqr.lo `test -f 'libtommath/bn_mp_sqr.c' || echo '$(srcdir)/'`libtommath/bn_mp_sqr.c + +libhcrypto_la-bn_mp_div.lo: libtommath/bn_mp_div.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_div.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_div.Tpo -c -o libhcrypto_la-bn_mp_div.lo `test -f 'libtommath/bn_mp_div.c' || echo '$(srcdir)/'`libtommath/bn_mp_div.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_div.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_div.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_div.c' object='libhcrypto_la-bn_mp_div.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_div.lo `test -f 'libtommath/bn_mp_div.c' || echo '$(srcdir)/'`libtommath/bn_mp_div.c + +libhcrypto_la-bn_mp_mod.lo: libtommath/bn_mp_mod.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_mod.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_mod.Tpo -c -o libhcrypto_la-bn_mp_mod.lo `test -f 'libtommath/bn_mp_mod.c' || echo '$(srcdir)/'`libtommath/bn_mp_mod.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_mod.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_mod.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_mod.c' object='libhcrypto_la-bn_mp_mod.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_mod.lo `test -f 'libtommath/bn_mp_mod.c' || echo '$(srcdir)/'`libtommath/bn_mp_mod.c + +libhcrypto_la-bn_mp_add_d.lo: libtommath/bn_mp_add_d.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_add_d.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_add_d.Tpo -c -o libhcrypto_la-bn_mp_add_d.lo `test -f 'libtommath/bn_mp_add_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_add_d.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_add_d.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_add_d.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_add_d.c' object='libhcrypto_la-bn_mp_add_d.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_add_d.lo `test -f 'libtommath/bn_mp_add_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_add_d.c + +libhcrypto_la-bn_mp_sub_d.lo: libtommath/bn_mp_sub_d.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_sub_d.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_sub_d.Tpo -c -o libhcrypto_la-bn_mp_sub_d.lo `test -f 'libtommath/bn_mp_sub_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_sub_d.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_sub_d.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_sub_d.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_sub_d.c' object='libhcrypto_la-bn_mp_sub_d.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_sub_d.lo `test -f 'libtommath/bn_mp_sub_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_sub_d.c + +libhcrypto_la-bn_mp_mul_d.lo: libtommath/bn_mp_mul_d.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_mul_d.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_mul_d.Tpo -c -o libhcrypto_la-bn_mp_mul_d.lo `test -f 'libtommath/bn_mp_mul_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_mul_d.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_mul_d.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_mul_d.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_mul_d.c' object='libhcrypto_la-bn_mp_mul_d.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_mul_d.lo `test -f 'libtommath/bn_mp_mul_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_mul_d.c + +libhcrypto_la-bn_mp_div_d.lo: libtommath/bn_mp_div_d.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_div_d.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_div_d.Tpo -c -o libhcrypto_la-bn_mp_div_d.lo `test -f 'libtommath/bn_mp_div_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_div_d.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_div_d.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_div_d.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_div_d.c' object='libhcrypto_la-bn_mp_div_d.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_div_d.lo `test -f 'libtommath/bn_mp_div_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_div_d.c + +libhcrypto_la-bn_mp_mod_d.lo: libtommath/bn_mp_mod_d.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_mod_d.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_mod_d.Tpo -c -o libhcrypto_la-bn_mp_mod_d.lo `test -f 'libtommath/bn_mp_mod_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_mod_d.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_mod_d.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_mod_d.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_mod_d.c' object='libhcrypto_la-bn_mp_mod_d.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_mod_d.lo `test -f 'libtommath/bn_mp_mod_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_mod_d.c + +libhcrypto_la-bn_mp_expt_d.lo: libtommath/bn_mp_expt_d.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_expt_d.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_expt_d.Tpo -c -o libhcrypto_la-bn_mp_expt_d.lo `test -f 'libtommath/bn_mp_expt_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_expt_d.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_expt_d.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_expt_d.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_expt_d.c' object='libhcrypto_la-bn_mp_expt_d.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_expt_d.lo `test -f 'libtommath/bn_mp_expt_d.c' || echo '$(srcdir)/'`libtommath/bn_mp_expt_d.c + +libhcrypto_la-bn_mp_addmod.lo: libtommath/bn_mp_addmod.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_addmod.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_addmod.Tpo -c -o libhcrypto_la-bn_mp_addmod.lo `test -f 'libtommath/bn_mp_addmod.c' || echo '$(srcdir)/'`libtommath/bn_mp_addmod.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_addmod.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_addmod.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_addmod.c' object='libhcrypto_la-bn_mp_addmod.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_addmod.lo `test -f 'libtommath/bn_mp_addmod.c' || echo '$(srcdir)/'`libtommath/bn_mp_addmod.c + +libhcrypto_la-bn_mp_submod.lo: libtommath/bn_mp_submod.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_submod.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_submod.Tpo -c -o libhcrypto_la-bn_mp_submod.lo `test -f 'libtommath/bn_mp_submod.c' || echo '$(srcdir)/'`libtommath/bn_mp_submod.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_submod.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_submod.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_submod.c' object='libhcrypto_la-bn_mp_submod.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_submod.lo `test -f 'libtommath/bn_mp_submod.c' || echo '$(srcdir)/'`libtommath/bn_mp_submod.c + +libhcrypto_la-bn_mp_mulmod.lo: libtommath/bn_mp_mulmod.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_mulmod.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_mulmod.Tpo -c -o libhcrypto_la-bn_mp_mulmod.lo `test -f 'libtommath/bn_mp_mulmod.c' || echo '$(srcdir)/'`libtommath/bn_mp_mulmod.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_mulmod.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_mulmod.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_mulmod.c' object='libhcrypto_la-bn_mp_mulmod.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_mulmod.lo `test -f 'libtommath/bn_mp_mulmod.c' || echo '$(srcdir)/'`libtommath/bn_mp_mulmod.c + +libhcrypto_la-bn_mp_sqrmod.lo: libtommath/bn_mp_sqrmod.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_sqrmod.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_sqrmod.Tpo -c -o libhcrypto_la-bn_mp_sqrmod.lo `test -f 'libtommath/bn_mp_sqrmod.c' || echo '$(srcdir)/'`libtommath/bn_mp_sqrmod.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_sqrmod.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_sqrmod.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_sqrmod.c' object='libhcrypto_la-bn_mp_sqrmod.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_sqrmod.lo `test -f 'libtommath/bn_mp_sqrmod.c' || echo '$(srcdir)/'`libtommath/bn_mp_sqrmod.c + +libhcrypto_la-bn_mp_gcd.lo: libtommath/bn_mp_gcd.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_gcd.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_gcd.Tpo -c -o libhcrypto_la-bn_mp_gcd.lo `test -f 'libtommath/bn_mp_gcd.c' || echo '$(srcdir)/'`libtommath/bn_mp_gcd.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_gcd.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_gcd.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_gcd.c' object='libhcrypto_la-bn_mp_gcd.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_gcd.lo `test -f 'libtommath/bn_mp_gcd.c' || echo '$(srcdir)/'`libtommath/bn_mp_gcd.c + +libhcrypto_la-bn_mp_lcm.lo: libtommath/bn_mp_lcm.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_lcm.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_lcm.Tpo -c -o libhcrypto_la-bn_mp_lcm.lo `test -f 'libtommath/bn_mp_lcm.c' || echo '$(srcdir)/'`libtommath/bn_mp_lcm.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_lcm.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_lcm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_lcm.c' object='libhcrypto_la-bn_mp_lcm.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_lcm.lo `test -f 'libtommath/bn_mp_lcm.c' || echo '$(srcdir)/'`libtommath/bn_mp_lcm.c + +libhcrypto_la-bn_fast_mp_invmod.lo: libtommath/bn_fast_mp_invmod.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_fast_mp_invmod.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_fast_mp_invmod.Tpo -c -o libhcrypto_la-bn_fast_mp_invmod.lo `test -f 'libtommath/bn_fast_mp_invmod.c' || echo '$(srcdir)/'`libtommath/bn_fast_mp_invmod.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_fast_mp_invmod.Tpo $(DEPDIR)/libhcrypto_la-bn_fast_mp_invmod.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_fast_mp_invmod.c' object='libhcrypto_la-bn_fast_mp_invmod.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_fast_mp_invmod.lo `test -f 'libtommath/bn_fast_mp_invmod.c' || echo '$(srcdir)/'`libtommath/bn_fast_mp_invmod.c + +libhcrypto_la-bn_mp_invmod.lo: libtommath/bn_mp_invmod.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_invmod.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_invmod.Tpo -c -o libhcrypto_la-bn_mp_invmod.lo `test -f 'libtommath/bn_mp_invmod.c' || echo '$(srcdir)/'`libtommath/bn_mp_invmod.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_invmod.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_invmod.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_invmod.c' object='libhcrypto_la-bn_mp_invmod.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_invmod.lo `test -f 'libtommath/bn_mp_invmod.c' || echo '$(srcdir)/'`libtommath/bn_mp_invmod.c + +libhcrypto_la-bn_mp_reduce.lo: libtommath/bn_mp_reduce.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_reduce.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_reduce.Tpo -c -o libhcrypto_la-bn_mp_reduce.lo `test -f 'libtommath/bn_mp_reduce.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_reduce.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_reduce.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_reduce.c' object='libhcrypto_la-bn_mp_reduce.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_reduce.lo `test -f 'libtommath/bn_mp_reduce.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce.c + +libhcrypto_la-bn_mp_montgomery_setup.lo: libtommath/bn_mp_montgomery_setup.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_montgomery_setup.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_montgomery_setup.Tpo -c -o libhcrypto_la-bn_mp_montgomery_setup.lo `test -f 'libtommath/bn_mp_montgomery_setup.c' || echo '$(srcdir)/'`libtommath/bn_mp_montgomery_setup.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_montgomery_setup.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_montgomery_setup.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_montgomery_setup.c' object='libhcrypto_la-bn_mp_montgomery_setup.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_montgomery_setup.lo `test -f 'libtommath/bn_mp_montgomery_setup.c' || echo '$(srcdir)/'`libtommath/bn_mp_montgomery_setup.c + +libhcrypto_la-bn_fast_mp_montgomery_reduce.lo: libtommath/bn_fast_mp_montgomery_reduce.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_fast_mp_montgomery_reduce.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_fast_mp_montgomery_reduce.Tpo -c -o libhcrypto_la-bn_fast_mp_montgomery_reduce.lo `test -f 'libtommath/bn_fast_mp_montgomery_reduce.c' || echo '$(srcdir)/'`libtommath/bn_fast_mp_montgomery_reduce.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_fast_mp_montgomery_reduce.Tpo $(DEPDIR)/libhcrypto_la-bn_fast_mp_montgomery_reduce.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_fast_mp_montgomery_reduce.c' object='libhcrypto_la-bn_fast_mp_montgomery_reduce.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_fast_mp_montgomery_reduce.lo `test -f 'libtommath/bn_fast_mp_montgomery_reduce.c' || echo '$(srcdir)/'`libtommath/bn_fast_mp_montgomery_reduce.c + +libhcrypto_la-bn_mp_montgomery_reduce.lo: libtommath/bn_mp_montgomery_reduce.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_montgomery_reduce.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_montgomery_reduce.Tpo -c -o libhcrypto_la-bn_mp_montgomery_reduce.lo `test -f 'libtommath/bn_mp_montgomery_reduce.c' || echo '$(srcdir)/'`libtommath/bn_mp_montgomery_reduce.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_montgomery_reduce.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_montgomery_reduce.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_montgomery_reduce.c' object='libhcrypto_la-bn_mp_montgomery_reduce.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_montgomery_reduce.lo `test -f 'libtommath/bn_mp_montgomery_reduce.c' || echo '$(srcdir)/'`libtommath/bn_mp_montgomery_reduce.c + +libhcrypto_la-bn_mp_exptmod_fast.lo: libtommath/bn_mp_exptmod_fast.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_exptmod_fast.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_exptmod_fast.Tpo -c -o libhcrypto_la-bn_mp_exptmod_fast.lo `test -f 'libtommath/bn_mp_exptmod_fast.c' || echo '$(srcdir)/'`libtommath/bn_mp_exptmod_fast.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_exptmod_fast.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_exptmod_fast.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_exptmod_fast.c' object='libhcrypto_la-bn_mp_exptmod_fast.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_exptmod_fast.lo `test -f 'libtommath/bn_mp_exptmod_fast.c' || echo '$(srcdir)/'`libtommath/bn_mp_exptmod_fast.c + +libhcrypto_la-bn_mp_exptmod.lo: libtommath/bn_mp_exptmod.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_exptmod.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_exptmod.Tpo -c -o libhcrypto_la-bn_mp_exptmod.lo `test -f 'libtommath/bn_mp_exptmod.c' || echo '$(srcdir)/'`libtommath/bn_mp_exptmod.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_exptmod.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_exptmod.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_exptmod.c' object='libhcrypto_la-bn_mp_exptmod.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_exptmod.lo `test -f 'libtommath/bn_mp_exptmod.c' || echo '$(srcdir)/'`libtommath/bn_mp_exptmod.c + +libhcrypto_la-bn_mp_2expt.lo: libtommath/bn_mp_2expt.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_2expt.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_2expt.Tpo -c -o libhcrypto_la-bn_mp_2expt.lo `test -f 'libtommath/bn_mp_2expt.c' || echo '$(srcdir)/'`libtommath/bn_mp_2expt.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_2expt.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_2expt.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_2expt.c' object='libhcrypto_la-bn_mp_2expt.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_2expt.lo `test -f 'libtommath/bn_mp_2expt.c' || echo '$(srcdir)/'`libtommath/bn_mp_2expt.c + +libhcrypto_la-bn_mp_n_root.lo: libtommath/bn_mp_n_root.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_n_root.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_n_root.Tpo -c -o libhcrypto_la-bn_mp_n_root.lo `test -f 'libtommath/bn_mp_n_root.c' || echo '$(srcdir)/'`libtommath/bn_mp_n_root.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_n_root.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_n_root.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_n_root.c' object='libhcrypto_la-bn_mp_n_root.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_n_root.lo `test -f 'libtommath/bn_mp_n_root.c' || echo '$(srcdir)/'`libtommath/bn_mp_n_root.c + +libhcrypto_la-bn_mp_jacobi.lo: libtommath/bn_mp_jacobi.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_jacobi.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_jacobi.Tpo -c -o libhcrypto_la-bn_mp_jacobi.lo `test -f 'libtommath/bn_mp_jacobi.c' || echo '$(srcdir)/'`libtommath/bn_mp_jacobi.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_jacobi.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_jacobi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_jacobi.c' object='libhcrypto_la-bn_mp_jacobi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_jacobi.lo `test -f 'libtommath/bn_mp_jacobi.c' || echo '$(srcdir)/'`libtommath/bn_mp_jacobi.c + +libhcrypto_la-bn_reverse.lo: libtommath/bn_reverse.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_reverse.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_reverse.Tpo -c -o libhcrypto_la-bn_reverse.lo `test -f 'libtommath/bn_reverse.c' || echo '$(srcdir)/'`libtommath/bn_reverse.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_reverse.Tpo $(DEPDIR)/libhcrypto_la-bn_reverse.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_reverse.c' object='libhcrypto_la-bn_reverse.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_reverse.lo `test -f 'libtommath/bn_reverse.c' || echo '$(srcdir)/'`libtommath/bn_reverse.c + +libhcrypto_la-bn_mp_count_bits.lo: libtommath/bn_mp_count_bits.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_count_bits.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_count_bits.Tpo -c -o libhcrypto_la-bn_mp_count_bits.lo `test -f 'libtommath/bn_mp_count_bits.c' || echo '$(srcdir)/'`libtommath/bn_mp_count_bits.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_count_bits.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_count_bits.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_count_bits.c' object='libhcrypto_la-bn_mp_count_bits.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_count_bits.lo `test -f 'libtommath/bn_mp_count_bits.c' || echo '$(srcdir)/'`libtommath/bn_mp_count_bits.c + +libhcrypto_la-bn_mp_read_unsigned_bin.lo: libtommath/bn_mp_read_unsigned_bin.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_read_unsigned_bin.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_read_unsigned_bin.Tpo -c -o libhcrypto_la-bn_mp_read_unsigned_bin.lo `test -f 'libtommath/bn_mp_read_unsigned_bin.c' || echo '$(srcdir)/'`libtommath/bn_mp_read_unsigned_bin.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_read_unsigned_bin.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_read_unsigned_bin.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_read_unsigned_bin.c' object='libhcrypto_la-bn_mp_read_unsigned_bin.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_read_unsigned_bin.lo `test -f 'libtommath/bn_mp_read_unsigned_bin.c' || echo '$(srcdir)/'`libtommath/bn_mp_read_unsigned_bin.c + +libhcrypto_la-bn_mp_read_signed_bin.lo: libtommath/bn_mp_read_signed_bin.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_read_signed_bin.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_read_signed_bin.Tpo -c -o libhcrypto_la-bn_mp_read_signed_bin.lo `test -f 'libtommath/bn_mp_read_signed_bin.c' || echo '$(srcdir)/'`libtommath/bn_mp_read_signed_bin.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_read_signed_bin.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_read_signed_bin.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_read_signed_bin.c' object='libhcrypto_la-bn_mp_read_signed_bin.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_read_signed_bin.lo `test -f 'libtommath/bn_mp_read_signed_bin.c' || echo '$(srcdir)/'`libtommath/bn_mp_read_signed_bin.c + +libhcrypto_la-bn_mp_to_unsigned_bin.lo: libtommath/bn_mp_to_unsigned_bin.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_to_unsigned_bin.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_to_unsigned_bin.Tpo -c -o libhcrypto_la-bn_mp_to_unsigned_bin.lo `test -f 'libtommath/bn_mp_to_unsigned_bin.c' || echo '$(srcdir)/'`libtommath/bn_mp_to_unsigned_bin.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_to_unsigned_bin.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_to_unsigned_bin.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_to_unsigned_bin.c' object='libhcrypto_la-bn_mp_to_unsigned_bin.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_to_unsigned_bin.lo `test -f 'libtommath/bn_mp_to_unsigned_bin.c' || echo '$(srcdir)/'`libtommath/bn_mp_to_unsigned_bin.c + +libhcrypto_la-bn_mp_to_signed_bin.lo: libtommath/bn_mp_to_signed_bin.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_to_signed_bin.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_to_signed_bin.Tpo -c -o libhcrypto_la-bn_mp_to_signed_bin.lo `test -f 'libtommath/bn_mp_to_signed_bin.c' || echo '$(srcdir)/'`libtommath/bn_mp_to_signed_bin.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_to_signed_bin.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_to_signed_bin.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_to_signed_bin.c' object='libhcrypto_la-bn_mp_to_signed_bin.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_to_signed_bin.lo `test -f 'libtommath/bn_mp_to_signed_bin.c' || echo '$(srcdir)/'`libtommath/bn_mp_to_signed_bin.c + +libhcrypto_la-bn_mp_unsigned_bin_size.lo: libtommath/bn_mp_unsigned_bin_size.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_unsigned_bin_size.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_unsigned_bin_size.Tpo -c -o libhcrypto_la-bn_mp_unsigned_bin_size.lo `test -f 'libtommath/bn_mp_unsigned_bin_size.c' || echo '$(srcdir)/'`libtommath/bn_mp_unsigned_bin_size.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_unsigned_bin_size.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_unsigned_bin_size.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_unsigned_bin_size.c' object='libhcrypto_la-bn_mp_unsigned_bin_size.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_unsigned_bin_size.lo `test -f 'libtommath/bn_mp_unsigned_bin_size.c' || echo '$(srcdir)/'`libtommath/bn_mp_unsigned_bin_size.c + +libhcrypto_la-bn_mp_signed_bin_size.lo: libtommath/bn_mp_signed_bin_size.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_signed_bin_size.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_signed_bin_size.Tpo -c -o libhcrypto_la-bn_mp_signed_bin_size.lo `test -f 'libtommath/bn_mp_signed_bin_size.c' || echo '$(srcdir)/'`libtommath/bn_mp_signed_bin_size.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_signed_bin_size.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_signed_bin_size.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_signed_bin_size.c' object='libhcrypto_la-bn_mp_signed_bin_size.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_signed_bin_size.lo `test -f 'libtommath/bn_mp_signed_bin_size.c' || echo '$(srcdir)/'`libtommath/bn_mp_signed_bin_size.c + +libhcrypto_la-bn_mp_xor.lo: libtommath/bn_mp_xor.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_xor.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_xor.Tpo -c -o libhcrypto_la-bn_mp_xor.lo `test -f 'libtommath/bn_mp_xor.c' || echo '$(srcdir)/'`libtommath/bn_mp_xor.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_xor.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_xor.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_xor.c' object='libhcrypto_la-bn_mp_xor.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_xor.lo `test -f 'libtommath/bn_mp_xor.c' || echo '$(srcdir)/'`libtommath/bn_mp_xor.c + +libhcrypto_la-bn_mp_and.lo: libtommath/bn_mp_and.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_and.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_and.Tpo -c -o libhcrypto_la-bn_mp_and.lo `test -f 'libtommath/bn_mp_and.c' || echo '$(srcdir)/'`libtommath/bn_mp_and.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_and.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_and.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_and.c' object='libhcrypto_la-bn_mp_and.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_and.lo `test -f 'libtommath/bn_mp_and.c' || echo '$(srcdir)/'`libtommath/bn_mp_and.c + +libhcrypto_la-bn_mp_or.lo: libtommath/bn_mp_or.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_or.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_or.Tpo -c -o libhcrypto_la-bn_mp_or.lo `test -f 'libtommath/bn_mp_or.c' || echo '$(srcdir)/'`libtommath/bn_mp_or.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_or.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_or.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_or.c' object='libhcrypto_la-bn_mp_or.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_or.lo `test -f 'libtommath/bn_mp_or.c' || echo '$(srcdir)/'`libtommath/bn_mp_or.c + +libhcrypto_la-bn_mp_rand.lo: libtommath/bn_mp_rand.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_rand.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_rand.Tpo -c -o libhcrypto_la-bn_mp_rand.lo `test -f 'libtommath/bn_mp_rand.c' || echo '$(srcdir)/'`libtommath/bn_mp_rand.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_rand.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_rand.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_rand.c' object='libhcrypto_la-bn_mp_rand.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_rand.lo `test -f 'libtommath/bn_mp_rand.c' || echo '$(srcdir)/'`libtommath/bn_mp_rand.c + +libhcrypto_la-bn_mp_montgomery_calc_normalization.lo: libtommath/bn_mp_montgomery_calc_normalization.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_montgomery_calc_normalization.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_montgomery_calc_normalization.Tpo -c -o libhcrypto_la-bn_mp_montgomery_calc_normalization.lo `test -f 'libtommath/bn_mp_montgomery_calc_normalization.c' || echo '$(srcdir)/'`libtommath/bn_mp_montgomery_calc_normalization.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_montgomery_calc_normalization.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_montgomery_calc_normalization.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_montgomery_calc_normalization.c' object='libhcrypto_la-bn_mp_montgomery_calc_normalization.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_montgomery_calc_normalization.lo `test -f 'libtommath/bn_mp_montgomery_calc_normalization.c' || echo '$(srcdir)/'`libtommath/bn_mp_montgomery_calc_normalization.c + +libhcrypto_la-bn_mp_prime_is_divisible.lo: libtommath/bn_mp_prime_is_divisible.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_prime_is_divisible.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_prime_is_divisible.Tpo -c -o libhcrypto_la-bn_mp_prime_is_divisible.lo `test -f 'libtommath/bn_mp_prime_is_divisible.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_is_divisible.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_prime_is_divisible.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_prime_is_divisible.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_prime_is_divisible.c' object='libhcrypto_la-bn_mp_prime_is_divisible.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_prime_is_divisible.lo `test -f 'libtommath/bn_mp_prime_is_divisible.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_is_divisible.c + +libhcrypto_la-bn_prime_tab.lo: libtommath/bn_prime_tab.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_prime_tab.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_prime_tab.Tpo -c -o libhcrypto_la-bn_prime_tab.lo `test -f 'libtommath/bn_prime_tab.c' || echo '$(srcdir)/'`libtommath/bn_prime_tab.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_prime_tab.Tpo $(DEPDIR)/libhcrypto_la-bn_prime_tab.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_prime_tab.c' object='libhcrypto_la-bn_prime_tab.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_prime_tab.lo `test -f 'libtommath/bn_prime_tab.c' || echo '$(srcdir)/'`libtommath/bn_prime_tab.c + +libhcrypto_la-bn_mp_prime_fermat.lo: libtommath/bn_mp_prime_fermat.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_prime_fermat.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_prime_fermat.Tpo -c -o libhcrypto_la-bn_mp_prime_fermat.lo `test -f 'libtommath/bn_mp_prime_fermat.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_fermat.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_prime_fermat.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_prime_fermat.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_prime_fermat.c' object='libhcrypto_la-bn_mp_prime_fermat.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_prime_fermat.lo `test -f 'libtommath/bn_mp_prime_fermat.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_fermat.c + +libhcrypto_la-bn_mp_prime_miller_rabin.lo: libtommath/bn_mp_prime_miller_rabin.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_prime_miller_rabin.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_prime_miller_rabin.Tpo -c -o libhcrypto_la-bn_mp_prime_miller_rabin.lo `test -f 'libtommath/bn_mp_prime_miller_rabin.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_miller_rabin.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_prime_miller_rabin.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_prime_miller_rabin.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_prime_miller_rabin.c' object='libhcrypto_la-bn_mp_prime_miller_rabin.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_prime_miller_rabin.lo `test -f 'libtommath/bn_mp_prime_miller_rabin.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_miller_rabin.c + +libhcrypto_la-bn_mp_prime_is_prime.lo: libtommath/bn_mp_prime_is_prime.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_prime_is_prime.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_prime_is_prime.Tpo -c -o libhcrypto_la-bn_mp_prime_is_prime.lo `test -f 'libtommath/bn_mp_prime_is_prime.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_is_prime.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_prime_is_prime.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_prime_is_prime.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_prime_is_prime.c' object='libhcrypto_la-bn_mp_prime_is_prime.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_prime_is_prime.lo `test -f 'libtommath/bn_mp_prime_is_prime.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_is_prime.c + +libhcrypto_la-bn_mp_prime_next_prime.lo: libtommath/bn_mp_prime_next_prime.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_prime_next_prime.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_prime_next_prime.Tpo -c -o libhcrypto_la-bn_mp_prime_next_prime.lo `test -f 'libtommath/bn_mp_prime_next_prime.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_next_prime.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_prime_next_prime.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_prime_next_prime.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_prime_next_prime.c' object='libhcrypto_la-bn_mp_prime_next_prime.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_prime_next_prime.lo `test -f 'libtommath/bn_mp_prime_next_prime.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_next_prime.c + +libhcrypto_la-bn_mp_find_prime.lo: libtommath/bn_mp_find_prime.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_find_prime.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_find_prime.Tpo -c -o libhcrypto_la-bn_mp_find_prime.lo `test -f 'libtommath/bn_mp_find_prime.c' || echo '$(srcdir)/'`libtommath/bn_mp_find_prime.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_find_prime.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_find_prime.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_find_prime.c' object='libhcrypto_la-bn_mp_find_prime.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_find_prime.lo `test -f 'libtommath/bn_mp_find_prime.c' || echo '$(srcdir)/'`libtommath/bn_mp_find_prime.c + +libhcrypto_la-bn_mp_isprime.lo: libtommath/bn_mp_isprime.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_isprime.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_isprime.Tpo -c -o libhcrypto_la-bn_mp_isprime.lo `test -f 'libtommath/bn_mp_isprime.c' || echo '$(srcdir)/'`libtommath/bn_mp_isprime.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_isprime.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_isprime.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_isprime.c' object='libhcrypto_la-bn_mp_isprime.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_isprime.lo `test -f 'libtommath/bn_mp_isprime.c' || echo '$(srcdir)/'`libtommath/bn_mp_isprime.c + +libhcrypto_la-bn_mp_dr_reduce.lo: libtommath/bn_mp_dr_reduce.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_dr_reduce.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_dr_reduce.Tpo -c -o libhcrypto_la-bn_mp_dr_reduce.lo `test -f 'libtommath/bn_mp_dr_reduce.c' || echo '$(srcdir)/'`libtommath/bn_mp_dr_reduce.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_dr_reduce.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_dr_reduce.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_dr_reduce.c' object='libhcrypto_la-bn_mp_dr_reduce.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_dr_reduce.lo `test -f 'libtommath/bn_mp_dr_reduce.c' || echo '$(srcdir)/'`libtommath/bn_mp_dr_reduce.c + +libhcrypto_la-bn_mp_dr_is_modulus.lo: libtommath/bn_mp_dr_is_modulus.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_dr_is_modulus.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_dr_is_modulus.Tpo -c -o libhcrypto_la-bn_mp_dr_is_modulus.lo `test -f 'libtommath/bn_mp_dr_is_modulus.c' || echo '$(srcdir)/'`libtommath/bn_mp_dr_is_modulus.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_dr_is_modulus.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_dr_is_modulus.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_dr_is_modulus.c' object='libhcrypto_la-bn_mp_dr_is_modulus.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_dr_is_modulus.lo `test -f 'libtommath/bn_mp_dr_is_modulus.c' || echo '$(srcdir)/'`libtommath/bn_mp_dr_is_modulus.c + +libhcrypto_la-bn_mp_dr_setup.lo: libtommath/bn_mp_dr_setup.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_dr_setup.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_dr_setup.Tpo -c -o libhcrypto_la-bn_mp_dr_setup.lo `test -f 'libtommath/bn_mp_dr_setup.c' || echo '$(srcdir)/'`libtommath/bn_mp_dr_setup.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_dr_setup.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_dr_setup.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_dr_setup.c' object='libhcrypto_la-bn_mp_dr_setup.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_dr_setup.lo `test -f 'libtommath/bn_mp_dr_setup.c' || echo '$(srcdir)/'`libtommath/bn_mp_dr_setup.c + +libhcrypto_la-bn_mp_reduce_setup.lo: libtommath/bn_mp_reduce_setup.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_reduce_setup.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_reduce_setup.Tpo -c -o libhcrypto_la-bn_mp_reduce_setup.lo `test -f 'libtommath/bn_mp_reduce_setup.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_setup.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_reduce_setup.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_reduce_setup.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_reduce_setup.c' object='libhcrypto_la-bn_mp_reduce_setup.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_reduce_setup.lo `test -f 'libtommath/bn_mp_reduce_setup.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_setup.c + +libhcrypto_la-bn_mp_toom_mul.lo: libtommath/bn_mp_toom_mul.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_toom_mul.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_toom_mul.Tpo -c -o libhcrypto_la-bn_mp_toom_mul.lo `test -f 'libtommath/bn_mp_toom_mul.c' || echo '$(srcdir)/'`libtommath/bn_mp_toom_mul.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_toom_mul.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_toom_mul.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_toom_mul.c' object='libhcrypto_la-bn_mp_toom_mul.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_toom_mul.lo `test -f 'libtommath/bn_mp_toom_mul.c' || echo '$(srcdir)/'`libtommath/bn_mp_toom_mul.c + +libhcrypto_la-bn_mp_toom_sqr.lo: libtommath/bn_mp_toom_sqr.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_toom_sqr.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_toom_sqr.Tpo -c -o libhcrypto_la-bn_mp_toom_sqr.lo `test -f 'libtommath/bn_mp_toom_sqr.c' || echo '$(srcdir)/'`libtommath/bn_mp_toom_sqr.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_toom_sqr.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_toom_sqr.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_toom_sqr.c' object='libhcrypto_la-bn_mp_toom_sqr.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_toom_sqr.lo `test -f 'libtommath/bn_mp_toom_sqr.c' || echo '$(srcdir)/'`libtommath/bn_mp_toom_sqr.c + +libhcrypto_la-bn_mp_div_3.lo: libtommath/bn_mp_div_3.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_div_3.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_div_3.Tpo -c -o libhcrypto_la-bn_mp_div_3.lo `test -f 'libtommath/bn_mp_div_3.c' || echo '$(srcdir)/'`libtommath/bn_mp_div_3.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_div_3.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_div_3.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_div_3.c' object='libhcrypto_la-bn_mp_div_3.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_div_3.lo `test -f 'libtommath/bn_mp_div_3.c' || echo '$(srcdir)/'`libtommath/bn_mp_div_3.c + +libhcrypto_la-bn_s_mp_exptmod.lo: libtommath/bn_s_mp_exptmod.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_s_mp_exptmod.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_s_mp_exptmod.Tpo -c -o libhcrypto_la-bn_s_mp_exptmod.lo `test -f 'libtommath/bn_s_mp_exptmod.c' || echo '$(srcdir)/'`libtommath/bn_s_mp_exptmod.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_s_mp_exptmod.Tpo $(DEPDIR)/libhcrypto_la-bn_s_mp_exptmod.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_s_mp_exptmod.c' object='libhcrypto_la-bn_s_mp_exptmod.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_s_mp_exptmod.lo `test -f 'libtommath/bn_s_mp_exptmod.c' || echo '$(srcdir)/'`libtommath/bn_s_mp_exptmod.c + +libhcrypto_la-bn_mp_reduce_2k.lo: libtommath/bn_mp_reduce_2k.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_reduce_2k.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k.Tpo -c -o libhcrypto_la-bn_mp_reduce_2k.lo `test -f 'libtommath/bn_mp_reduce_2k.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_2k.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_reduce_2k.c' object='libhcrypto_la-bn_mp_reduce_2k.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_reduce_2k.lo `test -f 'libtommath/bn_mp_reduce_2k.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_2k.c + +libhcrypto_la-bn_mp_reduce_is_2k.lo: libtommath/bn_mp_reduce_is_2k.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_reduce_is_2k.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_reduce_is_2k.Tpo -c -o libhcrypto_la-bn_mp_reduce_is_2k.lo `test -f 'libtommath/bn_mp_reduce_is_2k.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_is_2k.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_reduce_is_2k.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_reduce_is_2k.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_reduce_is_2k.c' object='libhcrypto_la-bn_mp_reduce_is_2k.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_reduce_is_2k.lo `test -f 'libtommath/bn_mp_reduce_is_2k.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_is_2k.c + +libhcrypto_la-bn_mp_reduce_2k_setup.lo: libtommath/bn_mp_reduce_2k_setup.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_reduce_2k_setup.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k_setup.Tpo -c -o libhcrypto_la-bn_mp_reduce_2k_setup.lo `test -f 'libtommath/bn_mp_reduce_2k_setup.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_2k_setup.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k_setup.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k_setup.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_reduce_2k_setup.c' object='libhcrypto_la-bn_mp_reduce_2k_setup.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_reduce_2k_setup.lo `test -f 'libtommath/bn_mp_reduce_2k_setup.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_2k_setup.c + +libhcrypto_la-bn_mp_reduce_2k_l.lo: libtommath/bn_mp_reduce_2k_l.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_reduce_2k_l.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k_l.Tpo -c -o libhcrypto_la-bn_mp_reduce_2k_l.lo `test -f 'libtommath/bn_mp_reduce_2k_l.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_2k_l.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k_l.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k_l.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_reduce_2k_l.c' object='libhcrypto_la-bn_mp_reduce_2k_l.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_reduce_2k_l.lo `test -f 'libtommath/bn_mp_reduce_2k_l.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_2k_l.c + +libhcrypto_la-bn_mp_reduce_is_2k_l.lo: libtommath/bn_mp_reduce_is_2k_l.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_reduce_is_2k_l.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_reduce_is_2k_l.Tpo -c -o libhcrypto_la-bn_mp_reduce_is_2k_l.lo `test -f 'libtommath/bn_mp_reduce_is_2k_l.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_is_2k_l.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_reduce_is_2k_l.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_reduce_is_2k_l.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_reduce_is_2k_l.c' object='libhcrypto_la-bn_mp_reduce_is_2k_l.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_reduce_is_2k_l.lo `test -f 'libtommath/bn_mp_reduce_is_2k_l.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_is_2k_l.c + +libhcrypto_la-bn_mp_reduce_2k_setup_l.lo: libtommath/bn_mp_reduce_2k_setup_l.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_reduce_2k_setup_l.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k_setup_l.Tpo -c -o libhcrypto_la-bn_mp_reduce_2k_setup_l.lo `test -f 'libtommath/bn_mp_reduce_2k_setup_l.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_2k_setup_l.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k_setup_l.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_reduce_2k_setup_l.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_reduce_2k_setup_l.c' object='libhcrypto_la-bn_mp_reduce_2k_setup_l.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_reduce_2k_setup_l.lo `test -f 'libtommath/bn_mp_reduce_2k_setup_l.c' || echo '$(srcdir)/'`libtommath/bn_mp_reduce_2k_setup_l.c + +libhcrypto_la-bn_mp_radix_smap.lo: libtommath/bn_mp_radix_smap.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_radix_smap.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_radix_smap.Tpo -c -o libhcrypto_la-bn_mp_radix_smap.lo `test -f 'libtommath/bn_mp_radix_smap.c' || echo '$(srcdir)/'`libtommath/bn_mp_radix_smap.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_radix_smap.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_radix_smap.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_radix_smap.c' object='libhcrypto_la-bn_mp_radix_smap.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_radix_smap.lo `test -f 'libtommath/bn_mp_radix_smap.c' || echo '$(srcdir)/'`libtommath/bn_mp_radix_smap.c + +libhcrypto_la-bn_mp_read_radix.lo: libtommath/bn_mp_read_radix.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_read_radix.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_read_radix.Tpo -c -o libhcrypto_la-bn_mp_read_radix.lo `test -f 'libtommath/bn_mp_read_radix.c' || echo '$(srcdir)/'`libtommath/bn_mp_read_radix.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_read_radix.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_read_radix.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_read_radix.c' object='libhcrypto_la-bn_mp_read_radix.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_read_radix.lo `test -f 'libtommath/bn_mp_read_radix.c' || echo '$(srcdir)/'`libtommath/bn_mp_read_radix.c + +libhcrypto_la-bn_mp_toradix.lo: libtommath/bn_mp_toradix.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_toradix.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_toradix.Tpo -c -o libhcrypto_la-bn_mp_toradix.lo `test -f 'libtommath/bn_mp_toradix.c' || echo '$(srcdir)/'`libtommath/bn_mp_toradix.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_toradix.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_toradix.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_toradix.c' object='libhcrypto_la-bn_mp_toradix.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_toradix.lo `test -f 'libtommath/bn_mp_toradix.c' || echo '$(srcdir)/'`libtommath/bn_mp_toradix.c + +libhcrypto_la-bn_mp_radix_size.lo: libtommath/bn_mp_radix_size.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_radix_size.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_radix_size.Tpo -c -o libhcrypto_la-bn_mp_radix_size.lo `test -f 'libtommath/bn_mp_radix_size.c' || echo '$(srcdir)/'`libtommath/bn_mp_radix_size.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_radix_size.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_radix_size.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_radix_size.c' object='libhcrypto_la-bn_mp_radix_size.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_radix_size.lo `test -f 'libtommath/bn_mp_radix_size.c' || echo '$(srcdir)/'`libtommath/bn_mp_radix_size.c + +libhcrypto_la-bn_mp_fread.lo: libtommath/bn_mp_fread.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_fread.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_fread.Tpo -c -o libhcrypto_la-bn_mp_fread.lo `test -f 'libtommath/bn_mp_fread.c' || echo '$(srcdir)/'`libtommath/bn_mp_fread.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_fread.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_fread.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_fread.c' object='libhcrypto_la-bn_mp_fread.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_fread.lo `test -f 'libtommath/bn_mp_fread.c' || echo '$(srcdir)/'`libtommath/bn_mp_fread.c + +libhcrypto_la-bn_mp_fwrite.lo: libtommath/bn_mp_fwrite.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_fwrite.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_fwrite.Tpo -c -o libhcrypto_la-bn_mp_fwrite.lo `test -f 'libtommath/bn_mp_fwrite.c' || echo '$(srcdir)/'`libtommath/bn_mp_fwrite.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_fwrite.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_fwrite.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_fwrite.c' object='libhcrypto_la-bn_mp_fwrite.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_fwrite.lo `test -f 'libtommath/bn_mp_fwrite.c' || echo '$(srcdir)/'`libtommath/bn_mp_fwrite.c + +libhcrypto_la-bn_mp_cnt_lsb.lo: libtommath/bn_mp_cnt_lsb.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_cnt_lsb.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_cnt_lsb.Tpo -c -o libhcrypto_la-bn_mp_cnt_lsb.lo `test -f 'libtommath/bn_mp_cnt_lsb.c' || echo '$(srcdir)/'`libtommath/bn_mp_cnt_lsb.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_cnt_lsb.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_cnt_lsb.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_cnt_lsb.c' object='libhcrypto_la-bn_mp_cnt_lsb.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_cnt_lsb.lo `test -f 'libtommath/bn_mp_cnt_lsb.c' || echo '$(srcdir)/'`libtommath/bn_mp_cnt_lsb.c + +libhcrypto_la-bn_error.lo: libtommath/bn_error.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_error.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_error.Tpo -c -o libhcrypto_la-bn_error.lo `test -f 'libtommath/bn_error.c' || echo '$(srcdir)/'`libtommath/bn_error.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_error.Tpo $(DEPDIR)/libhcrypto_la-bn_error.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_error.c' object='libhcrypto_la-bn_error.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_error.lo `test -f 'libtommath/bn_error.c' || echo '$(srcdir)/'`libtommath/bn_error.c + +libhcrypto_la-bn_mp_init_multi.lo: libtommath/bn_mp_init_multi.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_init_multi.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_init_multi.Tpo -c -o libhcrypto_la-bn_mp_init_multi.lo `test -f 'libtommath/bn_mp_init_multi.c' || echo '$(srcdir)/'`libtommath/bn_mp_init_multi.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_init_multi.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_init_multi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_init_multi.c' object='libhcrypto_la-bn_mp_init_multi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_init_multi.lo `test -f 'libtommath/bn_mp_init_multi.c' || echo '$(srcdir)/'`libtommath/bn_mp_init_multi.c + +libhcrypto_la-bn_mp_clear_multi.lo: libtommath/bn_mp_clear_multi.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_clear_multi.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_clear_multi.Tpo -c -o libhcrypto_la-bn_mp_clear_multi.lo `test -f 'libtommath/bn_mp_clear_multi.c' || echo '$(srcdir)/'`libtommath/bn_mp_clear_multi.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_clear_multi.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_clear_multi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_clear_multi.c' object='libhcrypto_la-bn_mp_clear_multi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_clear_multi.lo `test -f 'libtommath/bn_mp_clear_multi.c' || echo '$(srcdir)/'`libtommath/bn_mp_clear_multi.c + +libhcrypto_la-bn_mp_exteuclid.lo: libtommath/bn_mp_exteuclid.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_exteuclid.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_exteuclid.Tpo -c -o libhcrypto_la-bn_mp_exteuclid.lo `test -f 'libtommath/bn_mp_exteuclid.c' || echo '$(srcdir)/'`libtommath/bn_mp_exteuclid.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_exteuclid.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_exteuclid.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_exteuclid.c' object='libhcrypto_la-bn_mp_exteuclid.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_exteuclid.lo `test -f 'libtommath/bn_mp_exteuclid.c' || echo '$(srcdir)/'`libtommath/bn_mp_exteuclid.c + +libhcrypto_la-bn_mp_toradix_n.lo: libtommath/bn_mp_toradix_n.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_toradix_n.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_toradix_n.Tpo -c -o libhcrypto_la-bn_mp_toradix_n.lo `test -f 'libtommath/bn_mp_toradix_n.c' || echo '$(srcdir)/'`libtommath/bn_mp_toradix_n.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_toradix_n.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_toradix_n.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_toradix_n.c' object='libhcrypto_la-bn_mp_toradix_n.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_toradix_n.lo `test -f 'libtommath/bn_mp_toradix_n.c' || echo '$(srcdir)/'`libtommath/bn_mp_toradix_n.c + +libhcrypto_la-bn_mp_prime_random_ex.lo: libtommath/bn_mp_prime_random_ex.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_prime_random_ex.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_prime_random_ex.Tpo -c -o libhcrypto_la-bn_mp_prime_random_ex.lo `test -f 'libtommath/bn_mp_prime_random_ex.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_random_ex.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_prime_random_ex.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_prime_random_ex.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_prime_random_ex.c' object='libhcrypto_la-bn_mp_prime_random_ex.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_prime_random_ex.lo `test -f 'libtommath/bn_mp_prime_random_ex.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_random_ex.c + +libhcrypto_la-bn_mp_get_int.lo: libtommath/bn_mp_get_int.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_get_int.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_get_int.Tpo -c -o libhcrypto_la-bn_mp_get_int.lo `test -f 'libtommath/bn_mp_get_int.c' || echo '$(srcdir)/'`libtommath/bn_mp_get_int.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_get_int.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_get_int.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_get_int.c' object='libhcrypto_la-bn_mp_get_int.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_get_int.lo `test -f 'libtommath/bn_mp_get_int.c' || echo '$(srcdir)/'`libtommath/bn_mp_get_int.c + +libhcrypto_la-bn_mp_sqrt.lo: libtommath/bn_mp_sqrt.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_sqrt.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_sqrt.Tpo -c -o libhcrypto_la-bn_mp_sqrt.lo `test -f 'libtommath/bn_mp_sqrt.c' || echo '$(srcdir)/'`libtommath/bn_mp_sqrt.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_sqrt.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_sqrt.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_sqrt.c' object='libhcrypto_la-bn_mp_sqrt.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_sqrt.lo `test -f 'libtommath/bn_mp_sqrt.c' || echo '$(srcdir)/'`libtommath/bn_mp_sqrt.c + +libhcrypto_la-bn_mp_is_square.lo: libtommath/bn_mp_is_square.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_is_square.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_is_square.Tpo -c -o libhcrypto_la-bn_mp_is_square.lo `test -f 'libtommath/bn_mp_is_square.c' || echo '$(srcdir)/'`libtommath/bn_mp_is_square.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_is_square.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_is_square.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_is_square.c' object='libhcrypto_la-bn_mp_is_square.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_is_square.lo `test -f 'libtommath/bn_mp_is_square.c' || echo '$(srcdir)/'`libtommath/bn_mp_is_square.c + +libhcrypto_la-bn_mp_init_set.lo: libtommath/bn_mp_init_set.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_init_set.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_init_set.Tpo -c -o libhcrypto_la-bn_mp_init_set.lo `test -f 'libtommath/bn_mp_init_set.c' || echo '$(srcdir)/'`libtommath/bn_mp_init_set.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_init_set.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_init_set.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_init_set.c' object='libhcrypto_la-bn_mp_init_set.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_init_set.lo `test -f 'libtommath/bn_mp_init_set.c' || echo '$(srcdir)/'`libtommath/bn_mp_init_set.c + +libhcrypto_la-bn_mp_init_set_int.lo: libtommath/bn_mp_init_set_int.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_init_set_int.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_init_set_int.Tpo -c -o libhcrypto_la-bn_mp_init_set_int.lo `test -f 'libtommath/bn_mp_init_set_int.c' || echo '$(srcdir)/'`libtommath/bn_mp_init_set_int.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_init_set_int.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_init_set_int.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_init_set_int.c' object='libhcrypto_la-bn_mp_init_set_int.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_init_set_int.lo `test -f 'libtommath/bn_mp_init_set_int.c' || echo '$(srcdir)/'`libtommath/bn_mp_init_set_int.c + +libhcrypto_la-bn_mp_invmod_slow.lo: libtommath/bn_mp_invmod_slow.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_invmod_slow.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_invmod_slow.Tpo -c -o libhcrypto_la-bn_mp_invmod_slow.lo `test -f 'libtommath/bn_mp_invmod_slow.c' || echo '$(srcdir)/'`libtommath/bn_mp_invmod_slow.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_invmod_slow.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_invmod_slow.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_invmod_slow.c' object='libhcrypto_la-bn_mp_invmod_slow.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_invmod_slow.lo `test -f 'libtommath/bn_mp_invmod_slow.c' || echo '$(srcdir)/'`libtommath/bn_mp_invmod_slow.c + +libhcrypto_la-bn_mp_prime_rabin_miller_trials.lo: libtommath/bn_mp_prime_rabin_miller_trials.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_prime_rabin_miller_trials.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_prime_rabin_miller_trials.Tpo -c -o libhcrypto_la-bn_mp_prime_rabin_miller_trials.lo `test -f 'libtommath/bn_mp_prime_rabin_miller_trials.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_rabin_miller_trials.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_prime_rabin_miller_trials.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_prime_rabin_miller_trials.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_prime_rabin_miller_trials.c' object='libhcrypto_la-bn_mp_prime_rabin_miller_trials.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_prime_rabin_miller_trials.lo `test -f 'libtommath/bn_mp_prime_rabin_miller_trials.c' || echo '$(srcdir)/'`libtommath/bn_mp_prime_rabin_miller_trials.c + +libhcrypto_la-bn_mp_to_signed_bin_n.lo: libtommath/bn_mp_to_signed_bin_n.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_to_signed_bin_n.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_to_signed_bin_n.Tpo -c -o libhcrypto_la-bn_mp_to_signed_bin_n.lo `test -f 'libtommath/bn_mp_to_signed_bin_n.c' || echo '$(srcdir)/'`libtommath/bn_mp_to_signed_bin_n.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_to_signed_bin_n.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_to_signed_bin_n.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_to_signed_bin_n.c' object='libhcrypto_la-bn_mp_to_signed_bin_n.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_to_signed_bin_n.lo `test -f 'libtommath/bn_mp_to_signed_bin_n.c' || echo '$(srcdir)/'`libtommath/bn_mp_to_signed_bin_n.c + +libhcrypto_la-bn_mp_to_unsigned_bin_n.lo: libtommath/bn_mp_to_unsigned_bin_n.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn_mp_to_unsigned_bin_n.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn_mp_to_unsigned_bin_n.Tpo -c -o libhcrypto_la-bn_mp_to_unsigned_bin_n.lo `test -f 'libtommath/bn_mp_to_unsigned_bin_n.c' || echo '$(srcdir)/'`libtommath/bn_mp_to_unsigned_bin_n.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn_mp_to_unsigned_bin_n.Tpo $(DEPDIR)/libhcrypto_la-bn_mp_to_unsigned_bin_n.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libtommath/bn_mp_to_unsigned_bin_n.c' object='libhcrypto_la-bn_mp_to_unsigned_bin_n.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn_mp_to_unsigned_bin_n.lo `test -f 'libtommath/bn_mp_to_unsigned_bin_n.c' || echo '$(srcdir)/'`libtommath/bn_mp_to_unsigned_bin_n.c + +libhcrypto_la-aes.lo: aes.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-aes.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-aes.Tpo -c -o libhcrypto_la-aes.lo `test -f 'aes.c' || echo '$(srcdir)/'`aes.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-aes.Tpo $(DEPDIR)/libhcrypto_la-aes.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='aes.c' object='libhcrypto_la-aes.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-aes.lo `test -f 'aes.c' || echo '$(srcdir)/'`aes.c + +libhcrypto_la-bn.lo: bn.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-bn.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-bn.Tpo -c -o libhcrypto_la-bn.lo `test -f 'bn.c' || echo '$(srcdir)/'`bn.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-bn.Tpo $(DEPDIR)/libhcrypto_la-bn.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bn.c' object='libhcrypto_la-bn.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-bn.lo `test -f 'bn.c' || echo '$(srcdir)/'`bn.c + +libhcrypto_la-common.lo: common.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-common.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-common.Tpo -c -o libhcrypto_la-common.lo `test -f 'common.c' || echo '$(srcdir)/'`common.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-common.Tpo $(DEPDIR)/libhcrypto_la-common.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='common.c' object='libhcrypto_la-common.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-common.lo `test -f 'common.c' || echo '$(srcdir)/'`common.c + +libhcrypto_la-camellia.lo: camellia.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-camellia.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-camellia.Tpo -c -o libhcrypto_la-camellia.lo `test -f 'camellia.c' || echo '$(srcdir)/'`camellia.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-camellia.Tpo $(DEPDIR)/libhcrypto_la-camellia.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='camellia.c' object='libhcrypto_la-camellia.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-camellia.lo `test -f 'camellia.c' || echo '$(srcdir)/'`camellia.c + +libhcrypto_la-camellia-ntt.lo: camellia-ntt.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-camellia-ntt.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-camellia-ntt.Tpo -c -o libhcrypto_la-camellia-ntt.lo `test -f 'camellia-ntt.c' || echo '$(srcdir)/'`camellia-ntt.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-camellia-ntt.Tpo $(DEPDIR)/libhcrypto_la-camellia-ntt.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='camellia-ntt.c' object='libhcrypto_la-camellia-ntt.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-camellia-ntt.lo `test -f 'camellia-ntt.c' || echo '$(srcdir)/'`camellia-ntt.c + +libhcrypto_la-des.lo: des.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-des.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-des.Tpo -c -o libhcrypto_la-des.lo `test -f 'des.c' || echo '$(srcdir)/'`des.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-des.Tpo $(DEPDIR)/libhcrypto_la-des.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='des.c' object='libhcrypto_la-des.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-des.lo `test -f 'des.c' || echo '$(srcdir)/'`des.c + +libhcrypto_la-dh.lo: dh.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-dh.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-dh.Tpo -c -o libhcrypto_la-dh.lo `test -f 'dh.c' || echo '$(srcdir)/'`dh.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-dh.Tpo $(DEPDIR)/libhcrypto_la-dh.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='dh.c' object='libhcrypto_la-dh.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-dh.lo `test -f 'dh.c' || echo '$(srcdir)/'`dh.c + +libhcrypto_la-dh-ltm.lo: dh-ltm.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-dh-ltm.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-dh-ltm.Tpo -c -o libhcrypto_la-dh-ltm.lo `test -f 'dh-ltm.c' || echo '$(srcdir)/'`dh-ltm.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-dh-ltm.Tpo $(DEPDIR)/libhcrypto_la-dh-ltm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='dh-ltm.c' object='libhcrypto_la-dh-ltm.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-dh-ltm.lo `test -f 'dh-ltm.c' || echo '$(srcdir)/'`dh-ltm.c + +libhcrypto_la-dsa.lo: dsa.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-dsa.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-dsa.Tpo -c -o libhcrypto_la-dsa.lo `test -f 'dsa.c' || echo '$(srcdir)/'`dsa.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-dsa.Tpo $(DEPDIR)/libhcrypto_la-dsa.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='dsa.c' object='libhcrypto_la-dsa.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-dsa.lo `test -f 'dsa.c' || echo '$(srcdir)/'`dsa.c + +libhcrypto_la-doxygen.lo: doxygen.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-doxygen.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-doxygen.Tpo -c -o libhcrypto_la-doxygen.lo `test -f 'doxygen.c' || echo '$(srcdir)/'`doxygen.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-doxygen.Tpo $(DEPDIR)/libhcrypto_la-doxygen.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='doxygen.c' object='libhcrypto_la-doxygen.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-doxygen.lo `test -f 'doxygen.c' || echo '$(srcdir)/'`doxygen.c + +libhcrypto_la-evp.lo: evp.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-evp.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-evp.Tpo -c -o libhcrypto_la-evp.lo `test -f 'evp.c' || echo '$(srcdir)/'`evp.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-evp.Tpo $(DEPDIR)/libhcrypto_la-evp.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='evp.c' object='libhcrypto_la-evp.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-evp.lo `test -f 'evp.c' || echo '$(srcdir)/'`evp.c + +libhcrypto_la-evp-hcrypto.lo: evp-hcrypto.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-evp-hcrypto.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-evp-hcrypto.Tpo -c -o libhcrypto_la-evp-hcrypto.lo `test -f 'evp-hcrypto.c' || echo '$(srcdir)/'`evp-hcrypto.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-evp-hcrypto.Tpo $(DEPDIR)/libhcrypto_la-evp-hcrypto.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='evp-hcrypto.c' object='libhcrypto_la-evp-hcrypto.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-evp-hcrypto.lo `test -f 'evp-hcrypto.c' || echo '$(srcdir)/'`evp-hcrypto.c + +libhcrypto_la-evp-cc.lo: evp-cc.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-evp-cc.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-evp-cc.Tpo -c -o libhcrypto_la-evp-cc.lo `test -f 'evp-cc.c' || echo '$(srcdir)/'`evp-cc.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-evp-cc.Tpo $(DEPDIR)/libhcrypto_la-evp-cc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='evp-cc.c' object='libhcrypto_la-evp-cc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-evp-cc.lo `test -f 'evp-cc.c' || echo '$(srcdir)/'`evp-cc.c + +libhcrypto_la-engine.lo: engine.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-engine.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-engine.Tpo -c -o libhcrypto_la-engine.lo `test -f 'engine.c' || echo '$(srcdir)/'`engine.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-engine.Tpo $(DEPDIR)/libhcrypto_la-engine.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='engine.c' object='libhcrypto_la-engine.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-engine.lo `test -f 'engine.c' || echo '$(srcdir)/'`engine.c + +libhcrypto_la-hmac.lo: hmac.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-hmac.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-hmac.Tpo -c -o libhcrypto_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-hmac.Tpo $(DEPDIR)/libhcrypto_la-hmac.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='hmac.c' object='libhcrypto_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c + +libhcrypto_la-md2.lo: md2.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-md2.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-md2.Tpo -c -o libhcrypto_la-md2.lo `test -f 'md2.c' || echo '$(srcdir)/'`md2.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-md2.Tpo $(DEPDIR)/libhcrypto_la-md2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='md2.c' object='libhcrypto_la-md2.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-md2.lo `test -f 'md2.c' || echo '$(srcdir)/'`md2.c + +libhcrypto_la-md4.lo: md4.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-md4.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-md4.Tpo -c -o libhcrypto_la-md4.lo `test -f 'md4.c' || echo '$(srcdir)/'`md4.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-md4.Tpo $(DEPDIR)/libhcrypto_la-md4.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='md4.c' object='libhcrypto_la-md4.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-md4.lo `test -f 'md4.c' || echo '$(srcdir)/'`md4.c + +libhcrypto_la-md5.lo: md5.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-md5.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-md5.Tpo -c -o libhcrypto_la-md5.lo `test -f 'md5.c' || echo '$(srcdir)/'`md5.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-md5.Tpo $(DEPDIR)/libhcrypto_la-md5.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='md5.c' object='libhcrypto_la-md5.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-md5.lo `test -f 'md5.c' || echo '$(srcdir)/'`md5.c + +libhcrypto_la-pkcs5.lo: pkcs5.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-pkcs5.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-pkcs5.Tpo -c -o libhcrypto_la-pkcs5.lo `test -f 'pkcs5.c' || echo '$(srcdir)/'`pkcs5.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-pkcs5.Tpo $(DEPDIR)/libhcrypto_la-pkcs5.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='pkcs5.c' object='libhcrypto_la-pkcs5.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-pkcs5.lo `test -f 'pkcs5.c' || echo '$(srcdir)/'`pkcs5.c + +libhcrypto_la-pkcs12.lo: pkcs12.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-pkcs12.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-pkcs12.Tpo -c -o libhcrypto_la-pkcs12.lo `test -f 'pkcs12.c' || echo '$(srcdir)/'`pkcs12.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-pkcs12.Tpo $(DEPDIR)/libhcrypto_la-pkcs12.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='pkcs12.c' object='libhcrypto_la-pkcs12.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-pkcs12.lo `test -f 'pkcs12.c' || echo '$(srcdir)/'`pkcs12.c + +libhcrypto_la-rand-egd.lo: rand-egd.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-rand-egd.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-rand-egd.Tpo -c -o libhcrypto_la-rand-egd.lo `test -f 'rand-egd.c' || echo '$(srcdir)/'`rand-egd.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-rand-egd.Tpo $(DEPDIR)/libhcrypto_la-rand-egd.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rand-egd.c' object='libhcrypto_la-rand-egd.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-rand-egd.lo `test -f 'rand-egd.c' || echo '$(srcdir)/'`rand-egd.c + +libhcrypto_la-rand-fortuna.lo: rand-fortuna.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-rand-fortuna.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-rand-fortuna.Tpo -c -o libhcrypto_la-rand-fortuna.lo `test -f 'rand-fortuna.c' || echo '$(srcdir)/'`rand-fortuna.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-rand-fortuna.Tpo $(DEPDIR)/libhcrypto_la-rand-fortuna.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rand-fortuna.c' object='libhcrypto_la-rand-fortuna.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-rand-fortuna.lo `test -f 'rand-fortuna.c' || echo '$(srcdir)/'`rand-fortuna.c + +libhcrypto_la-rand-timer.lo: rand-timer.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-rand-timer.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-rand-timer.Tpo -c -o libhcrypto_la-rand-timer.lo `test -f 'rand-timer.c' || echo '$(srcdir)/'`rand-timer.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-rand-timer.Tpo $(DEPDIR)/libhcrypto_la-rand-timer.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rand-timer.c' object='libhcrypto_la-rand-timer.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-rand-timer.lo `test -f 'rand-timer.c' || echo '$(srcdir)/'`rand-timer.c + +libhcrypto_la-rand-unix.lo: rand-unix.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-rand-unix.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-rand-unix.Tpo -c -o libhcrypto_la-rand-unix.lo `test -f 'rand-unix.c' || echo '$(srcdir)/'`rand-unix.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-rand-unix.Tpo $(DEPDIR)/libhcrypto_la-rand-unix.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rand-unix.c' object='libhcrypto_la-rand-unix.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-rand-unix.lo `test -f 'rand-unix.c' || echo '$(srcdir)/'`rand-unix.c + +libhcrypto_la-rand.lo: rand.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-rand.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-rand.Tpo -c -o libhcrypto_la-rand.lo `test -f 'rand.c' || echo '$(srcdir)/'`rand.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-rand.Tpo $(DEPDIR)/libhcrypto_la-rand.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rand.c' object='libhcrypto_la-rand.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-rand.lo `test -f 'rand.c' || echo '$(srcdir)/'`rand.c + +libhcrypto_la-rc2.lo: rc2.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-rc2.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-rc2.Tpo -c -o libhcrypto_la-rc2.lo `test -f 'rc2.c' || echo '$(srcdir)/'`rc2.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-rc2.Tpo $(DEPDIR)/libhcrypto_la-rc2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rc2.c' object='libhcrypto_la-rc2.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-rc2.lo `test -f 'rc2.c' || echo '$(srcdir)/'`rc2.c + +libhcrypto_la-rc4.lo: rc4.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-rc4.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-rc4.Tpo -c -o libhcrypto_la-rc4.lo `test -f 'rc4.c' || echo '$(srcdir)/'`rc4.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-rc4.Tpo $(DEPDIR)/libhcrypto_la-rc4.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rc4.c' object='libhcrypto_la-rc4.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-rc4.lo `test -f 'rc4.c' || echo '$(srcdir)/'`rc4.c + +libhcrypto_la-rijndael-alg-fst.lo: rijndael-alg-fst.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-rijndael-alg-fst.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-rijndael-alg-fst.Tpo -c -o libhcrypto_la-rijndael-alg-fst.lo `test -f 'rijndael-alg-fst.c' || echo '$(srcdir)/'`rijndael-alg-fst.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-rijndael-alg-fst.Tpo $(DEPDIR)/libhcrypto_la-rijndael-alg-fst.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rijndael-alg-fst.c' object='libhcrypto_la-rijndael-alg-fst.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-rijndael-alg-fst.lo `test -f 'rijndael-alg-fst.c' || echo '$(srcdir)/'`rijndael-alg-fst.c + +libhcrypto_la-rnd_keys.lo: rnd_keys.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-rnd_keys.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-rnd_keys.Tpo -c -o libhcrypto_la-rnd_keys.lo `test -f 'rnd_keys.c' || echo '$(srcdir)/'`rnd_keys.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-rnd_keys.Tpo $(DEPDIR)/libhcrypto_la-rnd_keys.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rnd_keys.c' object='libhcrypto_la-rnd_keys.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-rnd_keys.lo `test -f 'rnd_keys.c' || echo '$(srcdir)/'`rnd_keys.c + +libhcrypto_la-rsa.lo: rsa.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-rsa.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-rsa.Tpo -c -o libhcrypto_la-rsa.lo `test -f 'rsa.c' || echo '$(srcdir)/'`rsa.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-rsa.Tpo $(DEPDIR)/libhcrypto_la-rsa.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rsa.c' object='libhcrypto_la-rsa.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-rsa.lo `test -f 'rsa.c' || echo '$(srcdir)/'`rsa.c + +libhcrypto_la-rsa-gmp.lo: rsa-gmp.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-rsa-gmp.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-rsa-gmp.Tpo -c -o libhcrypto_la-rsa-gmp.lo `test -f 'rsa-gmp.c' || echo '$(srcdir)/'`rsa-gmp.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-rsa-gmp.Tpo $(DEPDIR)/libhcrypto_la-rsa-gmp.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rsa-gmp.c' object='libhcrypto_la-rsa-gmp.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-rsa-gmp.lo `test -f 'rsa-gmp.c' || echo '$(srcdir)/'`rsa-gmp.c + +libhcrypto_la-rsa-ltm.lo: rsa-ltm.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-rsa-ltm.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-rsa-ltm.Tpo -c -o libhcrypto_la-rsa-ltm.lo `test -f 'rsa-ltm.c' || echo '$(srcdir)/'`rsa-ltm.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-rsa-ltm.Tpo $(DEPDIR)/libhcrypto_la-rsa-ltm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rsa-ltm.c' object='libhcrypto_la-rsa-ltm.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-rsa-ltm.lo `test -f 'rsa-ltm.c' || echo '$(srcdir)/'`rsa-ltm.c + +libhcrypto_la-sha.lo: sha.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-sha.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-sha.Tpo -c -o libhcrypto_la-sha.lo `test -f 'sha.c' || echo '$(srcdir)/'`sha.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-sha.Tpo $(DEPDIR)/libhcrypto_la-sha.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sha.c' object='libhcrypto_la-sha.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-sha.lo `test -f 'sha.c' || echo '$(srcdir)/'`sha.c + +libhcrypto_la-sha256.lo: sha256.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-sha256.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-sha256.Tpo -c -o libhcrypto_la-sha256.lo `test -f 'sha256.c' || echo '$(srcdir)/'`sha256.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-sha256.Tpo $(DEPDIR)/libhcrypto_la-sha256.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sha256.c' object='libhcrypto_la-sha256.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-sha256.lo `test -f 'sha256.c' || echo '$(srcdir)/'`sha256.c + +libhcrypto_la-sha512.lo: sha512.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-sha512.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-sha512.Tpo -c -o libhcrypto_la-sha512.lo `test -f 'sha512.c' || echo '$(srcdir)/'`sha512.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-sha512.Tpo $(DEPDIR)/libhcrypto_la-sha512.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sha512.c' object='libhcrypto_la-sha512.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-sha512.lo `test -f 'sha512.c' || echo '$(srcdir)/'`sha512.c + +libhcrypto_la-validate.lo: validate.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-validate.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-validate.Tpo -c -o libhcrypto_la-validate.lo `test -f 'validate.c' || echo '$(srcdir)/'`validate.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-validate.Tpo $(DEPDIR)/libhcrypto_la-validate.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='validate.c' object='libhcrypto_la-validate.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-validate.lo `test -f 'validate.c' || echo '$(srcdir)/'`validate.c + +libhcrypto_la-ui.lo: ui.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhcrypto_la-ui.lo -MD -MP -MF $(DEPDIR)/libhcrypto_la-ui.Tpo -c -o libhcrypto_la-ui.lo `test -f 'ui.c' || echo '$(srcdir)/'`ui.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhcrypto_la-ui.Tpo $(DEPDIR)/libhcrypto_la-ui.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ui.c' object='libhcrypto_la-ui.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhcrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhcrypto_la-ui.lo `test -f 'ui.c' || echo '$(srcdir)/'`ui.c + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-hcryptoincludeHEADERS: $(hcryptoinclude_HEADERS) + @$(NORMAL_INSTALL) + test -z "$(hcryptoincludedir)" || $(MKDIR_P) "$(DESTDIR)$(hcryptoincludedir)" + @list='$(hcryptoinclude_HEADERS)'; test -n "$(hcryptoincludedir)" || list=; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(hcryptoincludedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(hcryptoincludedir)" || exit $$?; \ + done + +uninstall-hcryptoincludeHEADERS: + @$(NORMAL_UNINSTALL) + @list='$(hcryptoinclude_HEADERS)'; test -n "$(hcryptoincludedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(hcryptoincludedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(hcryptoincludedir)" && rm -f $$files + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +check-TESTS: $(TESTS) + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ + srcdir=$(srcdir); export srcdir; \ + list=' $(TESTS) '; \ + $(am__tty_colors); \ + if test -n "$$list"; then \ + for tst in $$list; do \ + if test -f ./$$tst; then dir=./; \ + elif test -f $$tst; then dir=; \ + else dir="$(srcdir)/"; fi; \ + if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *[\ \ ]$$tst[\ \ ]*) \ + xpass=`expr $$xpass + 1`; \ + failed=`expr $$failed + 1`; \ + col=$$red; res=XPASS; \ + ;; \ + *) \ + col=$$grn; res=PASS; \ + ;; \ + esac; \ + elif test $$? -ne 77; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *[\ \ ]$$tst[\ \ ]*) \ + xfail=`expr $$xfail + 1`; \ + col=$$lgn; res=XFAIL; \ + ;; \ + *) \ + failed=`expr $$failed + 1`; \ + col=$$red; res=FAIL; \ + ;; \ + esac; \ + else \ + skip=`expr $$skip + 1`; \ + col=$$blu; res=SKIP; \ + fi; \ + echo "$${col}$$res$${std}: $$tst"; \ + done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ + if test "$$failed" -eq 0; then \ + if test "$$xfail" -eq 0; then \ + banner="$$All$$all $$tests passed"; \ + else \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ + fi; \ + else \ + if test "$$xpass" -eq 0; then \ + banner="$$failed of $$all $$tests failed"; \ + else \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ + fi; \ + fi; \ + dashes="$$banner"; \ + skipped=""; \ + if test "$$skip" -ne 0; then \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ + test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ + dashes="$$skipped"; \ + fi; \ + report=""; \ + if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ + report="Please report to $(PACKAGE_BUGREPORT)"; \ + test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ + dashes="$$report"; \ + fi; \ + dashes=`echo "$$dashes" | sed s/./=/g`; \ + if test "$$failed" -eq 0; then \ + echo "$$grn$$dashes"; \ + else \ + echo "$$red$$dashes"; \ + fi; \ + echo "$$banner"; \ + test -z "$$skipped" || echo "$$skipped"; \ + test -z "$$report" || echo "$$report"; \ + echo "$$dashes$$std"; \ + test "$$failed" -eq 0; \ + else :; fi + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$(top_distdir)" distdir="$(distdir)" \ + dist-hook +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) $(check_LTLIBRARIES) $(check_PROGRAMS) \ + $(check_SCRIPTS) + $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local +check: check-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local +installdirs: + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(hcryptoincludedir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-checkLTLIBRARIES clean-checkPROGRAMS clean-generic \ + clean-libLTLIBRARIES clean-libtool clean-noinstPROGRAMS \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-hcryptoincludeHEADERS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-data-hook +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: install-libLTLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-hcryptoincludeHEADERS uninstall-libLTLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) uninstall-hook +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am + +.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ + check-local clean clean-checkLTLIBRARIES clean-checkPROGRAMS \ + clean-generic clean-libLTLIBRARIES clean-libtool \ + clean-noinstPROGRAMS ctags dist-hook distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am \ + install-data-hook install-dvi install-dvi-am install-exec \ + install-exec-am install-exec-hook \ + install-hcryptoincludeHEADERS install-html install-html-am \ + install-info install-info-am install-libLTLIBRARIES \ + install-man install-pdf install-pdf-am install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-hcryptoincludeHEADERS uninstall-hook \ + uninstall-libLTLIBRARIES + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) + @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done ; \ + foo='$(nobase_include_HEADERS)'; \ + for f in $$foo; do \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers + +check-local:: + @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ + foo=''; elif test '$(CHECK_LOCAL)'; then \ + foo='$(CHECK_LOCAL)'; else \ + foo='$(PROGRAMS)'; fi; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0 || exit 1; \ + fi + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +uninstall-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +install-data-hook: install-cat-mans +uninstall-hook: uninstall-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +# +# Useful target for debugging +# + +check-valgrind: + tobjdir=`cd $(top_builddir) && pwd` ; \ + tsrcdir=`cd $(top_srcdir) && pwd` ; \ + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check + +# +# Target to please samba build farm, builds distfiles in-tree. +# Will break when automake changes... +# + +distdir-in-tree: $(DISTFILES) $(INFO_DEPS) + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" != .; then \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ + fi ; \ + done + +install-build-headers:: $(hcryptoinclude_HEADERS) + @foo='$(hcryptoinclude_HEADERS)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildhcryptoinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo "cp $$file $(buildhcryptoinclude)/$$f";\ + cp $$file $(buildhcryptoinclude)/$$f; \ + fi ; \ + done + +$(libhcrypto_la_OBJECTS): hcrypto-link +$(libhcrypto_la_OBJECTS): $(srcdir)/version-script.map + +hcrypto-link: + $(LN_S) $(srcdir)/../hcrypto hcrypto + touch hcrypto-link + +test_crypto: test_crypto.in Makefile + $(do_subst) < $(srcdir)/test_crypto.in > test_crypto.tmp + chmod +x test_crypto.tmp + mv test_crypto.tmp test_crypto + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/lib/hcrypto/NTMakefile b/lib/hcrypto/NTMakefile new file mode 100644 index 000000000000..eced950c604c --- /dev/null +++ b/lib/hcrypto/NTMakefile @@ -0,0 +1,248 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +SUBDIRS=libtommath + +RELDIR=lib\hcrypto + +intcflags=-DKRB5 -DASN1_LIB -I$(HCRYPTOINCLUDEDIR) -DUSE_HCRYPTO_LTM=1 + +!include ../../windows/NTMakefile.w32 + +# Do dependencies first + +all:: subdirs + +clean:: clean-subdirs + +test:: test-subdirs + +# Include files + +HCRYPTOINCLUDEDIR=$(INCDIR)\hcrypto + +INCFILES= \ + $(HCRYPTOINCLUDEDIR)\aes.h \ + $(HCRYPTOINCLUDEDIR)\bn.h \ + $(HCRYPTOINCLUDEDIR)\des.h \ + $(HCRYPTOINCLUDEDIR)\dh.h \ + $(HCRYPTOINCLUDEDIR)\dsa.h \ + $(HCRYPTOINCLUDEDIR)\ec.h \ + $(HCRYPTOINCLUDEDIR)\ecdh.h \ + $(HCRYPTOINCLUDEDIR)\ecdsa.h \ + $(HCRYPTOINCLUDEDIR)\engine.h \ + $(HCRYPTOINCLUDEDIR)\evp.h \ + $(HCRYPTOINCLUDEDIR)\evp-hcrypto.h \ + $(HCRYPTOINCLUDEDIR)\evp-cc.h \ + $(HCRYPTOINCLUDEDIR)\hmac.h \ + $(HCRYPTOINCLUDEDIR)\md2.h \ + $(HCRYPTOINCLUDEDIR)\md4.h \ + $(HCRYPTOINCLUDEDIR)\md5.h \ + $(HCRYPTOINCLUDEDIR)\pkcs12.h \ + $(HCRYPTOINCLUDEDIR)\rand.h \ + $(HCRYPTOINCLUDEDIR)\randi.h \ + $(HCRYPTOINCLUDEDIR)\rc2.h \ + $(HCRYPTOINCLUDEDIR)\rc4.h \ + $(HCRYPTOINCLUDEDIR)\rsa.h \ + $(HCRYPTOINCLUDEDIR)\sha.h \ + $(HCRYPTOINCLUDEDIR)\ui.h + +mkincdir: +!if !exist($(HCRYPTOINCLUDEDIR)) + $(MKDIR) $(HCRYPTOINCLUDEDIR) +!endif + +{}.h{$(HCRYPTOINCLUDEDIR)}.h: + $(CP) $** $@ + +all:: mkincdir + +all:: $(INCFILES) + +# libhcrypto + +libhcrypto_OBJs = \ + $(OBJ)\aes.obj \ + $(OBJ)\bn.obj \ + $(OBJ)\camellia.obj \ + $(OBJ)\camellia-ntt.obj \ + $(OBJ)\common.obj \ + $(OBJ)\des.obj \ + $(OBJ)\dh.obj \ + $(OBJ)\dh-ltm.obj \ + $(OBJ)\dh-tfm.obj \ + $(OBJ)\dsa.obj \ + $(OBJ)\evp.obj \ + $(OBJ)\evp-hcrypto.obj \ + $(OBJ)\evp-cc.obj \ + $(OBJ)\engine.obj \ + $(OBJ)\hmac.obj \ + $(OBJ)\md2.obj \ + $(OBJ)\md4.obj \ + $(OBJ)\md5.obj \ + $(OBJ)\pkcs5.obj \ + $(OBJ)\pkcs12.obj \ + $(OBJ)\rand-w32.obj \ + $(OBJ)\rand.obj \ + $(OBJ)\rc2.obj \ + $(OBJ)\rc4.obj \ + $(OBJ)\rijndael-alg-fst.obj \ + $(OBJ)\rnd_keys.obj \ + $(OBJ)\rsa.obj \ + $(OBJ)\rsa-gmp.obj \ + $(OBJ)\rsa-ltm.obj \ + $(OBJ)\rsa-tfm.obj \ + $(OBJ)\sha.obj \ + $(OBJ)\sha256.obj \ + $(OBJ)\sha512.obj \ + $(OBJ)\ui.obj \ + $(OBJ)\validate.obj + +$(LIBHCRYPTO): $(libhcrypto_OBJs) + $(LIBCON) + +all:: $(LIBHCRYPTO) + +clean:: + -$(RM) $(LIBHCRYPTO) + +# Tests + +TESTLIB=$(OBJ)\libhctest.lib + +$(TESTLIB): \ + $(OBJ)\des.obj \ + $(OBJ)\ui.obj + $(LIBCON) + +test-binaries: \ + $(OBJ)\destest.exe \ + $(OBJ)\example_evp_cipher.exe \ + $(OBJ)\mdtest.exe \ + $(OBJ)\rc2test.exe \ + $(OBJ)\rctest.exe \ + $(OBJ)\test_bn.exe \ + $(OBJ)\test_cipher.exe \ + $(OBJ)\test_engine_dso.exe \ + $(OBJ)\test_hmac.exe \ + $(OBJ)\test_pkcs5.exe \ + $(OBJ)\test_pkcs12.exe \ + $(OBJ)\test_rsa.exe \ + $(OBJ)\test_dh.exe \ + $(OBJ)\test_rand.exe \ + $(OBJ)\test_crypto.sh + +$(OBJ)\destest.exe: $(OBJ)\destest.obj $(TESTLIB) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\example_evp_cipher.exe: $(OBJ)\example_evp_cipher.obj $(TESTLIB) $(LIBHEIMDAL) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\mdtest.exe: $(OBJ)\mdtest.obj $(LIBHEIMDAL) $(LIBROKEN) $(OBJ)\sha512.obj + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\rc2test.exe: $(OBJ)\rc2test.obj $(LIBHEIMDAL) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\rctest.exe: $(OBJ)\rctest.obj $(LIBHEIMDAL) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_bn.exe: $(OBJ)\test_bn.obj $(LIBHEIMDAL) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_cipher.exe: $(OBJ)\test_cipher.obj $(TESTLIB) $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_engine_dso.exe: $(OBJ)\test_engine_dso.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_hmac.exe: $(OBJ)\test_hmac.obj $(LIBHEIMDAL) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_pkcs5.exe: $(OBJ)\test_pkcs5.obj $(LIBHEIMDAL) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_pkcs12.exe: $(OBJ)\test_pkcs12.obj $(LIBHEIMDAL) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_rsa.exe: $(OBJ)\test_rsa.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_dh.exe: $(OBJ)\test_dh.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_rand.exe: $(OBJ)\test_rand.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +SRCDIR2=$(SRCDIR:\=\\\\) + +$(OBJ)\test_crypto.sh: test_crypto.in NTMakefile + $(SED) -e "s,[@]srcdir[@],$(SRCDIR2),g" -e "s,[@]exeext[@],.exe,g" -e "s,\r,," < test_crypto.in > $@ || $(RM) $@ + +test-run: + cd $(OBJ) +!ifdef SH + $(SH) test_crypto.sh +!endif + destest.exe + mdtest.exe + rc2test.exe + rctest.exe + test_bn.exe + test_cipher.exe + test_engine_dso.exe + test_hmac.exe + test_pkcs5.exe + test_pkcs12.exe + test_rsa.exe + test_dh.exe + cd $(SRCDIR) + +test:: $(TESTLIB) test-binaries test-run + +test-exports: + $(PERL) ..\..\cf\w32-check-exported-symbols.pl --vs version-script.map --def libhcrypto-exports.def + +test:: test-exports diff --git a/lib/hcrypto/aes.c b/lib/hcrypto/aes.c new file mode 100644 index 000000000000..77847e460e3b --- /dev/null +++ b/lib/hcrypto/aes.c @@ -0,0 +1,144 @@ +/* + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + + +#ifdef KRB5 +#include +#endif + +#include + +#include "rijndael-alg-fst.h" +#include "aes.h" + +int +AES_set_encrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key) +{ + key->rounds = rijndaelKeySetupEnc(key->key, userkey, bits); + if (key->rounds == 0) + return -1; + return 0; +} + +int +AES_set_decrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key) +{ + key->rounds = rijndaelKeySetupDec(key->key, userkey, bits); + if (key->rounds == 0) + return -1; + return 0; +} + +void +AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key) +{ + rijndaelEncrypt(key->key, key->rounds, in, out); +} + +void +AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key) +{ + rijndaelDecrypt(key->key, key->rounds, in, out); +} + +void +AES_cbc_encrypt(const unsigned char *in, unsigned char *out, + unsigned long size, const AES_KEY *key, + unsigned char *iv, int forward_encrypt) +{ + unsigned char tmp[AES_BLOCK_SIZE]; + int i; + + if (forward_encrypt) { + while (size >= AES_BLOCK_SIZE) { + for (i = 0; i < AES_BLOCK_SIZE; i++) + tmp[i] = in[i] ^ iv[i]; + AES_encrypt(tmp, out, key); + memcpy(iv, out, AES_BLOCK_SIZE); + size -= AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; + } + if (size) { + for (i = 0; i < size; i++) + tmp[i] = in[i] ^ iv[i]; + for (i = size; i < AES_BLOCK_SIZE; i++) + tmp[i] = iv[i]; + AES_encrypt(tmp, out, key); + memcpy(iv, out, AES_BLOCK_SIZE); + } + } else { + while (size >= AES_BLOCK_SIZE) { + memcpy(tmp, in, AES_BLOCK_SIZE); + AES_decrypt(tmp, out, key); + for (i = 0; i < AES_BLOCK_SIZE; i++) + out[i] ^= iv[i]; + memcpy(iv, tmp, AES_BLOCK_SIZE); + size -= AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; + } + if (size) { + memcpy(tmp, in, AES_BLOCK_SIZE); + AES_decrypt(tmp, out, key); + for (i = 0; i < size; i++) + out[i] ^= iv[i]; + memcpy(iv, tmp, AES_BLOCK_SIZE); + } + } +} + +void +AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, + unsigned long size, const AES_KEY *key, + unsigned char *iv, int forward_encrypt) +{ + int i; + + for (i = 0; i < size; i++) { + unsigned char tmp[AES_BLOCK_SIZE + 1]; + + memcpy(tmp, iv, AES_BLOCK_SIZE); + AES_encrypt(iv, iv, key); + if (!forward_encrypt) { + tmp[AES_BLOCK_SIZE] = in[i]; + } + out[i] = in[i] ^ iv[0]; + if (forward_encrypt) { + tmp[AES_BLOCK_SIZE] = out[i]; + } + memcpy(iv, &tmp[1], AES_BLOCK_SIZE); + } +} diff --git a/lib/hcrypto/aes.h b/lib/hcrypto/aes.h new file mode 100644 index 000000000000..4ba4516519fd --- /dev/null +++ b/lib/hcrypto/aes.h @@ -0,0 +1,83 @@ +/* + * Copyright (c) 2003-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIM_AES_H +#define HEIM_AES_H 1 + +/* symbol renaming */ +#define AES_set_encrypt_key hc_AES_set_encrypt_key +#define AES_set_decrypt_key hc_AES_decrypt_key +#define AES_encrypt hc_AES_encrypt +#define AES_decrypt hc_AES_decrypt +#define AES_cbc_encrypt hc_AES_cbc_encrypt +#define AES_cfb8_encrypt hc_AES_cfb8_encrypt + +/* + * + */ + +#define AES_BLOCK_SIZE 16 +#define AES_MAXNR 14 + +#define AES_ENCRYPT 1 +#define AES_DECRYPT 0 + +typedef struct aes_key { + uint32_t key[(AES_MAXNR+1)*4]; + int rounds; +} AES_KEY; + +#ifdef __cplusplus +extern "C" { +#endif + +int AES_set_encrypt_key(const unsigned char *, const int, AES_KEY *); +int AES_set_decrypt_key(const unsigned char *, const int, AES_KEY *); + +void AES_encrypt(const unsigned char *, unsigned char *, const AES_KEY *); +void AES_decrypt(const unsigned char *, unsigned char *, const AES_KEY *); + +void AES_cbc_encrypt(const unsigned char *, unsigned char *, + unsigned long, const AES_KEY *, + unsigned char *, int); +void AES_cfb8_encrypt(const unsigned char *, unsigned char *, + unsigned long, const AES_KEY *, + unsigned char *, int); + +#ifdef __cplusplus +} +#endif + +#endif /* HEIM_AES_H */ diff --git a/lib/hcrypto/bn.c b/lib/hcrypto/bn.c new file mode 100644 index 000000000000..17c1ec79b7f0 --- /dev/null +++ b/lib/hcrypto/bn.c @@ -0,0 +1,531 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + + +#include +#include +#include +#include + +#include +#include +#include /* XXX */ +#include + +#include +#include +#include + +BIGNUM * +BN_new(void) +{ + heim_integer *hi; + hi = calloc(1, sizeof(*hi)); + return (BIGNUM *)hi; +} + +void +BN_free(BIGNUM *bn) +{ + BN_clear(bn); + free(bn); +} + +void +BN_clear(BIGNUM *bn) +{ + heim_integer *hi = (heim_integer *)bn; + if (hi->data) { + memset(hi->data, 0, hi->length); + free(hi->data); + } + memset(hi, 0, sizeof(*hi)); +} + +void +BN_clear_free(BIGNUM *bn) +{ + BN_free(bn); +} + +BIGNUM * +BN_dup(const BIGNUM *bn) +{ + BIGNUM *b = BN_new(); + if (der_copy_heim_integer((const heim_integer *)bn, (heim_integer *)b)) { + BN_free(b); + return NULL; + } + return b; +} + +/* + * If the caller really want to know the number of bits used, subtract + * one from the length, multiply by 8, and then lookup in the table + * how many bits the hightest byte uses. + */ +int +BN_num_bits(const BIGNUM *bn) +{ + static unsigned char num2bits[256] = { + 0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4, 5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5, + 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6, 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6, + 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, + 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, + 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, + 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, + 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, + 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, + }; + const heim_integer *i = (const void *)bn; + if (i->length == 0) + return 0; + return (i->length - 1) * 8 + num2bits[((unsigned char *)i->data)[0]]; +} + +int +BN_num_bytes(const BIGNUM *bn) +{ + return ((const heim_integer *)bn)->length; +} + +/* + * Ignore negative flag. + */ + +BIGNUM * +BN_bin2bn(const void *s, int len, BIGNUM *bn) +{ + heim_integer *hi = (void *)bn; + + if (len < 0) + return NULL; + + if (hi == NULL) { + hi = (heim_integer *)BN_new(); + if (hi == NULL) + return NULL; + } + if (hi->data) + BN_clear((BIGNUM *)hi); + hi->negative = 0; + hi->data = malloc(len); + if (hi->data == NULL && len != 0) { + if (bn == NULL) + BN_free((BIGNUM *)hi); + return NULL; + } + hi->length = len; + memcpy(hi->data, s, len); + return (BIGNUM *)hi; +} + +int +BN_bn2bin(const BIGNUM *bn, void *to) +{ + const heim_integer *hi = (const void *)bn; + memcpy(to, hi->data, hi->length); + return hi->length; +} + +int +BN_hex2bn(BIGNUM **bnp, const char *in) +{ + int negative; + ssize_t ret; + size_t len; + void *data; + + len = strlen(in); + data = malloc(len); + if (data == NULL) + return 0; + + if (*in == '-') { + negative = 1; + in++; + } else + negative = 0; + + ret = hex_decode(in, data, len); + if (ret < 0) { + free(data); + return 0; + } + + *bnp = BN_bin2bn(data, ret, NULL); + free(data); + if (*bnp == NULL) + return 0; + BN_set_negative(*bnp, negative); + return 1; +} + +char * +BN_bn2hex(const BIGNUM *bn) +{ + ssize_t ret; + size_t len; + void *data; + char *str; + + len = BN_num_bytes(bn); + data = malloc(len); + if (data == NULL) + return 0; + + len = BN_bn2bin(bn, data); + + ret = hex_encode(data, len, &str); + free(data); + if (ret < 0) + return 0; + + return str; +} + +int +BN_cmp(const BIGNUM *bn1, const BIGNUM *bn2) +{ + return der_heim_integer_cmp((const heim_integer *)bn1, + (const heim_integer *)bn2); +} + +void +BN_set_negative(BIGNUM *bn, int flag) +{ + ((heim_integer *)bn)->negative = (flag ? 1 : 0); +} + +int +BN_is_negative(const BIGNUM *bn) +{ + return ((const heim_integer *)bn)->negative ? 1 : 0; +} + +static const unsigned char is_set[8] = { 1, 2, 4, 8, 16, 32, 64, 128 }; + +int +BN_is_bit_set(const BIGNUM *bn, int bit) +{ + heim_integer *hi = (heim_integer *)bn; + unsigned char *p = hi->data; + + if ((bit / 8) > hi->length || hi->length == 0) + return 0; + + return p[hi->length - 1 - (bit / 8)] & is_set[bit % 8]; +} + +int +BN_set_bit(BIGNUM *bn, int bit) +{ + heim_integer *hi = (heim_integer *)bn; + unsigned char *p; + + if ((bit / 8) > hi->length || hi->length == 0) { + size_t len = (bit + 7) / 8; + void *d = realloc(hi->data, len); + if (d == NULL) + return 0; + hi->data = d; + p = hi->data; + memset(&p[hi->length], 0, len); + hi->length = len; + } else + p = hi->data; + + p[hi->length - 1 - (bit / 8)] |= is_set[bit % 8]; + return 1; +} + +int +BN_clear_bit(BIGNUM *bn, int bit) +{ + heim_integer *hi = (heim_integer *)bn; + unsigned char *p = hi->data; + + if ((bit / 8) > hi->length || hi->length == 0) + return 0; + + p[hi->length - 1 - (bit / 8)] &= (unsigned char)(~(is_set[bit % 8])); + + return 1; +} + +int +BN_set_word(BIGNUM *bn, unsigned long num) +{ + unsigned char p[sizeof(num)]; + unsigned long num2; + int i, len; + + for (num2 = num, i = 0; num2 > 0; i++) + num2 = num2 >> 8; + + len = i; + for (; i > 0; i--) { + p[i - 1] = (num & 0xff); + num = num >> 8; + } + + bn = BN_bin2bn(p, len, bn); + return bn != NULL; +} + +unsigned long +BN_get_word(const BIGNUM *bn) +{ + heim_integer *hi = (heim_integer *)bn; + unsigned long num = 0; + int i; + + if (hi->negative || hi->length > sizeof(num)) + return ULONG_MAX; + + for (i = 0; i < hi->length; i++) + num = ((unsigned char *)hi->data)[i] | (num << 8); + return num; +} + +int +BN_rand(BIGNUM *bn, int bits, int top, int bottom) +{ + size_t len = (bits + 7) / 8; + heim_integer *i = (heim_integer *)bn; + + BN_clear(bn); + + i->negative = 0; + i->data = malloc(len); + if (i->data == NULL && len != 0) + return 0; + i->length = len; + + if (RAND_bytes(i->data, i->length) != 1) { + free(i->data); + i->data = NULL; + return 0; + } + + { + size_t j = len * 8; + while(j > bits) { + BN_clear_bit(bn, j - 1); + j--; + } + } + + if (top == -1) { + ; + } else if (top == 0 && bits > 0) { + BN_set_bit(bn, bits - 1); + } else if (top == 1 && bits > 1) { + BN_set_bit(bn, bits - 1); + BN_set_bit(bn, bits - 2); + } else { + BN_clear(bn); + return 0; + } + + if (bottom && bits > 0) + BN_set_bit(bn, 0); + + return 1; +} + +/* + * + */ + +int +BN_uadd(BIGNUM *res, const BIGNUM *a, const BIGNUM *b) +{ + const heim_integer *ai = (const heim_integer *)a; + const heim_integer *bi = (const heim_integer *)b; + const unsigned char *ap, *bp; + unsigned char *cp; + heim_integer ci; + int carry = 0; + ssize_t len; + + if (ai->negative && bi->negative) + return 0; + if (ai->length < bi->length) { + const heim_integer *si = bi; + bi = ai; ai = si; + } + + ci.negative = 0; + ci.length = ai->length + 1; + ci.data = malloc(ci.length); + if (ci.data == NULL) + return 0; + + ap = &((const unsigned char *)ai->data)[ai->length - 1]; + bp = &((const unsigned char *)bi->data)[bi->length - 1]; + cp = &((unsigned char *)ci.data)[ci.length - 1]; + + for (len = bi->length; len > 0; len--) { + carry = *ap + *bp + carry; + *cp = carry & 0xff; + carry = (carry & ~0xff) ? 1 : 0; + ap--; bp--; cp--; + } + for (len = ai->length - bi->length; len > 0; len--) { + carry = *ap + carry; + *cp = carry & 0xff; + carry = (carry & ~0xff) ? 1 : 0; + ap--; cp--; + } + if (!carry) + memmove(cp, cp + 1, --ci.length); + else + *cp = carry; + + BN_clear(res); + *((heim_integer *)res) = ci; + + return 1; +} + + +/* + * Callback when doing slow generation of numbers, like primes. + */ + +void +BN_GENCB_set(BN_GENCB *gencb, int (*cb_2)(int, int, BN_GENCB *), void *ctx) +{ + gencb->ver = 2; + gencb->cb.cb_2 = cb_2; + gencb->arg = ctx; +} + +int +BN_GENCB_call(BN_GENCB *cb, int a, int b) +{ + if (cb == NULL || cb->cb.cb_2 == NULL) + return 1; + return cb->cb.cb_2(a, b, cb); +} + +/* + * + */ + +struct BN_CTX { + struct { + BIGNUM **val; + size_t used; + size_t len; + } bn; + struct { + size_t *val; + size_t used; + size_t len; + } stack; +}; + +BN_CTX * +BN_CTX_new(void) +{ + struct BN_CTX *c; + c = calloc(1, sizeof(*c)); + return c; +} + +void +BN_CTX_free(BN_CTX *c) +{ + size_t i; + for (i = 0; i < c->bn.len; i++) + BN_free(c->bn.val[i]); + free(c->bn.val); + free(c->stack.val); +} + +BIGNUM * +BN_CTX_get(BN_CTX *c) +{ + if (c->bn.used == c->bn.len) { + void *ptr; + size_t i; + c->bn.len += 16; + ptr = realloc(c->bn.val, c->bn.len * sizeof(c->bn.val[0])); + if (ptr == NULL) + return NULL; + c->bn.val = ptr; + for (i = c->bn.used; i < c->bn.len; i++) { + c->bn.val[i] = BN_new(); + if (c->bn.val[i] == NULL) { + c->bn.len = i; + return NULL; + } + } + } + return c->bn.val[c->bn.used++]; +} + +void +BN_CTX_start(BN_CTX *c) +{ + if (c->stack.used == c->stack.len) { + void *ptr; + c->stack.len += 16; + ptr = realloc(c->stack.val, c->stack.len * sizeof(c->stack.val[0])); + if (ptr == NULL) + abort(); + c->stack.val = ptr; + } + c->stack.val[c->stack.used++] = c->bn.used; +} + +void +BN_CTX_end(BN_CTX *c) +{ + const size_t prev = c->stack.val[c->stack.used - 1]; + size_t i; + + if (c->stack.used == 0) + abort(); + + for (i = prev; i < c->bn.used; i++) + BN_clear(c->bn.val[i]); + + c->stack.used--; + c->bn.used = prev; +} + diff --git a/lib/hcrypto/bn.h b/lib/hcrypto/bn.h new file mode 100644 index 000000000000..2fa25ac1a08a --- /dev/null +++ b/lib/hcrypto/bn.h @@ -0,0 +1,132 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * $Id$ + */ + +#ifndef _HEIM_BN_H +#define _HEIM_BN_H 1 + +/* symbol renaming */ +#define BN_GENCB_call hc_BN_GENCB_call +#define BN_GENCB_set hc_BN_GENCB_set +#define BN_bin2bn hc_BN_bin2bn +#define BN_bn2bin hc_BN_bn2bin +#define BN_bn2hex hc_BN_bn2hex +#define BN_clear hc_BN_clear +#define BN_clear_bit hc_BN_clear_bit +#define BN_clear_free hc_BN_clear_free +#define BN_cmp hc_BN_cmp +#define BN_dup hc_BN_dup +#define BN_free hc_BN_free +#define BN_is_negative hc_BN_is_negative +#define BN_get_word hc_BN_get_word +#define BN_hex2bn hc_BN_hex2bn +#define BN_is_bit_set hc_BN_is_bit_set +#define BN_new hc_BN_new +#define BN_num_bits hc_BN_num_bits +#define BN_num_bytes hc_BN_num_bytes +#define BN_rand hc_BN_rand +#define BN_set_bit hc_BN_set_bit +#define BN_set_negative hc_BN_set_negative +#define BN_set_word hc_BN_set_word +#define BN_uadd hc_BN_uadd +#define BN_CTX_new hc_BN_CTX_new +#define BN_CTX_free hc_BN_CTX_free +#define BN_CTX_get hc_BN_CTX_get +#define BN_CTX_start hc_BN_CTX_start +#define BN_CTX_end hc_BN_CTX_end + +/* + * + */ + +typedef struct BIGNUM BIGNUM; +typedef struct BN_GENCB BN_GENCB; +typedef struct BN_CTX BN_CTX; +typedef struct BN_MONT_CTX BN_MONT_CTX; +typedef struct BN_BLINDING BN_BLINDING; + +struct BN_GENCB { + unsigned int ver; + void *arg; + union { + int (*cb_2)(int, int, BN_GENCB *); + } cb; +}; + +/* + * + */ + +BIGNUM *BN_new(void); +void BN_free(BIGNUM *); +void BN_clear_free(BIGNUM *); +void BN_clear(BIGNUM *); +BIGNUM *BN_dup(const BIGNUM *); + +int BN_num_bits(const BIGNUM *); +int BN_num_bytes(const BIGNUM *); + +int BN_cmp(const BIGNUM *, const BIGNUM *); + +void BN_set_negative(BIGNUM *, int); +int BN_is_negative(const BIGNUM *); + +int BN_is_bit_set(const BIGNUM *, int); +int BN_set_bit(BIGNUM *, int); +int BN_clear_bit(BIGNUM *, int); + +int BN_set_word(BIGNUM *, unsigned long); +unsigned long BN_get_word(const BIGNUM *); + +BIGNUM *BN_bin2bn(const void *,int len,BIGNUM *); +int BN_bn2bin(const BIGNUM *, void *); +int BN_hex2bn(BIGNUM **, const char *); +char * BN_bn2hex(const BIGNUM *); + +int BN_uadd(BIGNUM *, const BIGNUM *, const BIGNUM *); + +int BN_rand(BIGNUM *, int, int, int); + +void BN_GENCB_set(BN_GENCB *, int (*)(int, int, BN_GENCB *), void *); +int BN_GENCB_call(BN_GENCB *, int, int); + +BN_CTX *BN_CTX_new(void); +void BN_CTX_free(BN_CTX *); +BIGNUM *BN_CTX_get(BN_CTX *); +void BN_CTX_start(BN_CTX *); +void BN_CTX_end(BN_CTX *); + +#endif diff --git a/lib/hcrypto/camellia-ntt.c b/lib/hcrypto/camellia-ntt.c new file mode 100644 index 000000000000..4a27a94aa4f9 --- /dev/null +++ b/lib/hcrypto/camellia-ntt.c @@ -0,0 +1,1469 @@ +/* camellia.c ver 1.2.0 + * + * Copyright (c) 2006,2007 + * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer as + * the first lines of this file unmodified. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * Algorithm Specification + * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html + */ + +#include "config.h" + +#include +#include + +#include +#include "camellia-ntt.h" + +#include + +/* key constants */ + +#define CAMELLIA_SIGMA1L (0xA09E667FL) +#define CAMELLIA_SIGMA1R (0x3BCC908BL) +#define CAMELLIA_SIGMA2L (0xB67AE858L) +#define CAMELLIA_SIGMA2R (0x4CAA73B2L) +#define CAMELLIA_SIGMA3L (0xC6EF372FL) +#define CAMELLIA_SIGMA3R (0xE94F82BEL) +#define CAMELLIA_SIGMA4L (0x54FF53A5L) +#define CAMELLIA_SIGMA4R (0xF1D36F1CL) +#define CAMELLIA_SIGMA5L (0x10E527FAL) +#define CAMELLIA_SIGMA5R (0xDE682D1DL) +#define CAMELLIA_SIGMA6L (0xB05688C2L) +#define CAMELLIA_SIGMA6R (0xB3E6C1FDL) + +/* + * macros + */ + + +#if defined(_MSC_VER) + +# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) +# define GETU32(p) SWAP(*((u32 *)(p))) +# define PUTU32(ct, st) {*((u32 *)(ct)) = SWAP((st));} + +#else /* not MS-VC */ + +# define GETU32(pt) \ + (((u32)(pt)[0] << 24) \ + ^ ((u32)(pt)[1] << 16) \ + ^ ((u32)(pt)[2] << 8) \ + ^ ((u32)(pt)[3])) + +# define PUTU32(ct, st) { \ + (ct)[0] = (u8)((st) >> 24); \ + (ct)[1] = (u8)((st) >> 16); \ + (ct)[2] = (u8)((st) >> 8); \ + (ct)[3] = (u8)(st); } + +#endif + +#define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2]) +#define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1]) + +/* rotation right shift 1byte */ +#define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24)) +/* rotation left shift 1bit */ +#define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31)) +/* rotation left shift 1byte */ +#define CAMELLIA_RL8(x) (((x) << 8) + ((x) >> 24)) + +#define CAMELLIA_ROLDQ(ll, lr, rl, rr, w0, w1, bits) \ + do { \ + w0 = ll; \ + ll = (ll << bits) + (lr >> (32 - bits)); \ + lr = (lr << bits) + (rl >> (32 - bits)); \ + rl = (rl << bits) + (rr >> (32 - bits)); \ + rr = (rr << bits) + (w0 >> (32 - bits)); \ + } while(0) + +#define CAMELLIA_ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \ + do { \ + w0 = ll; \ + w1 = lr; \ + ll = (lr << (bits - 32)) + (rl >> (64 - bits)); \ + lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \ + rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \ + rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \ + } while(0) + +#define CAMELLIA_SP1110(INDEX) (camellia_sp1110[(INDEX)]) +#define CAMELLIA_SP0222(INDEX) (camellia_sp0222[(INDEX)]) +#define CAMELLIA_SP3033(INDEX) (camellia_sp3033[(INDEX)]) +#define CAMELLIA_SP4404(INDEX) (camellia_sp4404[(INDEX)]) + +#define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ + do { \ + il = xl ^ kl; \ + ir = xr ^ kr; \ + t0 = il >> 16; \ + t1 = ir >> 16; \ + yl = CAMELLIA_SP1110(ir & 0xff) \ + ^ CAMELLIA_SP0222((t1 >> 8) & 0xff) \ + ^ CAMELLIA_SP3033(t1 & 0xff) \ + ^ CAMELLIA_SP4404((ir >> 8) & 0xff); \ + yr = CAMELLIA_SP1110((t0 >> 8) & 0xff) \ + ^ CAMELLIA_SP0222(t0 & 0xff) \ + ^ CAMELLIA_SP3033((il >> 8) & 0xff) \ + ^ CAMELLIA_SP4404(il & 0xff); \ + yl ^= yr; \ + yr = CAMELLIA_RR8(yr); \ + yr ^= yl; \ + } while(0) + + +/* + * for speed up + * + */ +#define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \ + do { \ + t0 = kll; \ + t0 &= ll; \ + lr ^= CAMELLIA_RL1(t0); \ + t1 = klr; \ + t1 |= lr; \ + ll ^= t1; \ + \ + t2 = krr; \ + t2 |= rr; \ + rl ^= t2; \ + t3 = krl; \ + t3 &= rl; \ + rr ^= CAMELLIA_RL1(t3); \ + } while(0) + +#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ + do { \ + ir = CAMELLIA_SP1110(xr & 0xff) \ + ^ CAMELLIA_SP0222((xr >> 24) & 0xff) \ + ^ CAMELLIA_SP3033((xr >> 16) & 0xff) \ + ^ CAMELLIA_SP4404((xr >> 8) & 0xff); \ + il = CAMELLIA_SP1110((xl >> 24) & 0xff) \ + ^ CAMELLIA_SP0222((xl >> 16) & 0xff) \ + ^ CAMELLIA_SP3033((xl >> 8) & 0xff) \ + ^ CAMELLIA_SP4404(xl & 0xff); \ + il ^= kl; \ + ir ^= kr; \ + ir ^= il; \ + il = CAMELLIA_RR8(il); \ + il ^= ir; \ + yl ^= ir; \ + yr ^= il; \ + } while(0) + + +static const u32 camellia_sp1110[256] = { + 0x70707000,0x82828200,0x2c2c2c00,0xececec00, + 0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500, + 0xe4e4e400,0x85858500,0x57575700,0x35353500, + 0xeaeaea00,0x0c0c0c00,0xaeaeae00,0x41414100, + 0x23232300,0xefefef00,0x6b6b6b00,0x93939300, + 0x45454500,0x19191900,0xa5a5a500,0x21212100, + 0xededed00,0x0e0e0e00,0x4f4f4f00,0x4e4e4e00, + 0x1d1d1d00,0x65656500,0x92929200,0xbdbdbd00, + 0x86868600,0xb8b8b800,0xafafaf00,0x8f8f8f00, + 0x7c7c7c00,0xebebeb00,0x1f1f1f00,0xcecece00, + 0x3e3e3e00,0x30303000,0xdcdcdc00,0x5f5f5f00, + 0x5e5e5e00,0xc5c5c500,0x0b0b0b00,0x1a1a1a00, + 0xa6a6a600,0xe1e1e100,0x39393900,0xcacaca00, + 0xd5d5d500,0x47474700,0x5d5d5d00,0x3d3d3d00, + 0xd9d9d900,0x01010100,0x5a5a5a00,0xd6d6d600, + 0x51515100,0x56565600,0x6c6c6c00,0x4d4d4d00, + 0x8b8b8b00,0x0d0d0d00,0x9a9a9a00,0x66666600, + 0xfbfbfb00,0xcccccc00,0xb0b0b000,0x2d2d2d00, + 0x74747400,0x12121200,0x2b2b2b00,0x20202000, + 0xf0f0f000,0xb1b1b100,0x84848400,0x99999900, + 0xdfdfdf00,0x4c4c4c00,0xcbcbcb00,0xc2c2c200, + 0x34343400,0x7e7e7e00,0x76767600,0x05050500, + 0x6d6d6d00,0xb7b7b700,0xa9a9a900,0x31313100, + 0xd1d1d100,0x17171700,0x04040400,0xd7d7d700, + 0x14141400,0x58585800,0x3a3a3a00,0x61616100, + 0xdedede00,0x1b1b1b00,0x11111100,0x1c1c1c00, + 0x32323200,0x0f0f0f00,0x9c9c9c00,0x16161600, + 0x53535300,0x18181800,0xf2f2f200,0x22222200, + 0xfefefe00,0x44444400,0xcfcfcf00,0xb2b2b200, + 0xc3c3c300,0xb5b5b500,0x7a7a7a00,0x91919100, + 0x24242400,0x08080800,0xe8e8e800,0xa8a8a800, + 0x60606000,0xfcfcfc00,0x69696900,0x50505000, + 0xaaaaaa00,0xd0d0d000,0xa0a0a000,0x7d7d7d00, + 0xa1a1a100,0x89898900,0x62626200,0x97979700, + 0x54545400,0x5b5b5b00,0x1e1e1e00,0x95959500, + 0xe0e0e000,0xffffff00,0x64646400,0xd2d2d200, + 0x10101000,0xc4c4c400,0x00000000,0x48484800, + 0xa3a3a300,0xf7f7f700,0x75757500,0xdbdbdb00, + 0x8a8a8a00,0x03030300,0xe6e6e600,0xdadada00, + 0x09090900,0x3f3f3f00,0xdddddd00,0x94949400, + 0x87878700,0x5c5c5c00,0x83838300,0x02020200, + 0xcdcdcd00,0x4a4a4a00,0x90909000,0x33333300, + 0x73737300,0x67676700,0xf6f6f600,0xf3f3f300, + 0x9d9d9d00,0x7f7f7f00,0xbfbfbf00,0xe2e2e200, + 0x52525200,0x9b9b9b00,0xd8d8d800,0x26262600, + 0xc8c8c800,0x37373700,0xc6c6c600,0x3b3b3b00, + 0x81818100,0x96969600,0x6f6f6f00,0x4b4b4b00, + 0x13131300,0xbebebe00,0x63636300,0x2e2e2e00, + 0xe9e9e900,0x79797900,0xa7a7a700,0x8c8c8c00, + 0x9f9f9f00,0x6e6e6e00,0xbcbcbc00,0x8e8e8e00, + 0x29292900,0xf5f5f500,0xf9f9f900,0xb6b6b600, + 0x2f2f2f00,0xfdfdfd00,0xb4b4b400,0x59595900, + 0x78787800,0x98989800,0x06060600,0x6a6a6a00, + 0xe7e7e700,0x46464600,0x71717100,0xbababa00, + 0xd4d4d400,0x25252500,0xababab00,0x42424200, + 0x88888800,0xa2a2a200,0x8d8d8d00,0xfafafa00, + 0x72727200,0x07070700,0xb9b9b900,0x55555500, + 0xf8f8f800,0xeeeeee00,0xacacac00,0x0a0a0a00, + 0x36363600,0x49494900,0x2a2a2a00,0x68686800, + 0x3c3c3c00,0x38383800,0xf1f1f100,0xa4a4a400, + 0x40404000,0x28282800,0xd3d3d300,0x7b7b7b00, + 0xbbbbbb00,0xc9c9c900,0x43434300,0xc1c1c100, + 0x15151500,0xe3e3e300,0xadadad00,0xf4f4f400, + 0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00, +}; + +static const u32 camellia_sp0222[256] = { + 0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9, + 0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb, + 0x00c9c9c9,0x000b0b0b,0x00aeaeae,0x006a6a6a, + 0x00d5d5d5,0x00181818,0x005d5d5d,0x00828282, + 0x00464646,0x00dfdfdf,0x00d6d6d6,0x00272727, + 0x008a8a8a,0x00323232,0x004b4b4b,0x00424242, + 0x00dbdbdb,0x001c1c1c,0x009e9e9e,0x009c9c9c, + 0x003a3a3a,0x00cacaca,0x00252525,0x007b7b7b, + 0x000d0d0d,0x00717171,0x005f5f5f,0x001f1f1f, + 0x00f8f8f8,0x00d7d7d7,0x003e3e3e,0x009d9d9d, + 0x007c7c7c,0x00606060,0x00b9b9b9,0x00bebebe, + 0x00bcbcbc,0x008b8b8b,0x00161616,0x00343434, + 0x004d4d4d,0x00c3c3c3,0x00727272,0x00959595, + 0x00ababab,0x008e8e8e,0x00bababa,0x007a7a7a, + 0x00b3b3b3,0x00020202,0x00b4b4b4,0x00adadad, + 0x00a2a2a2,0x00acacac,0x00d8d8d8,0x009a9a9a, + 0x00171717,0x001a1a1a,0x00353535,0x00cccccc, + 0x00f7f7f7,0x00999999,0x00616161,0x005a5a5a, + 0x00e8e8e8,0x00242424,0x00565656,0x00404040, + 0x00e1e1e1,0x00636363,0x00090909,0x00333333, + 0x00bfbfbf,0x00989898,0x00979797,0x00858585, + 0x00686868,0x00fcfcfc,0x00ececec,0x000a0a0a, + 0x00dadada,0x006f6f6f,0x00535353,0x00626262, + 0x00a3a3a3,0x002e2e2e,0x00080808,0x00afafaf, + 0x00282828,0x00b0b0b0,0x00747474,0x00c2c2c2, + 0x00bdbdbd,0x00363636,0x00222222,0x00383838, + 0x00646464,0x001e1e1e,0x00393939,0x002c2c2c, + 0x00a6a6a6,0x00303030,0x00e5e5e5,0x00444444, + 0x00fdfdfd,0x00888888,0x009f9f9f,0x00656565, + 0x00878787,0x006b6b6b,0x00f4f4f4,0x00232323, + 0x00484848,0x00101010,0x00d1d1d1,0x00515151, + 0x00c0c0c0,0x00f9f9f9,0x00d2d2d2,0x00a0a0a0, + 0x00555555,0x00a1a1a1,0x00414141,0x00fafafa, + 0x00434343,0x00131313,0x00c4c4c4,0x002f2f2f, + 0x00a8a8a8,0x00b6b6b6,0x003c3c3c,0x002b2b2b, + 0x00c1c1c1,0x00ffffff,0x00c8c8c8,0x00a5a5a5, + 0x00202020,0x00898989,0x00000000,0x00909090, + 0x00474747,0x00efefef,0x00eaeaea,0x00b7b7b7, + 0x00151515,0x00060606,0x00cdcdcd,0x00b5b5b5, + 0x00121212,0x007e7e7e,0x00bbbbbb,0x00292929, + 0x000f0f0f,0x00b8b8b8,0x00070707,0x00040404, + 0x009b9b9b,0x00949494,0x00212121,0x00666666, + 0x00e6e6e6,0x00cecece,0x00ededed,0x00e7e7e7, + 0x003b3b3b,0x00fefefe,0x007f7f7f,0x00c5c5c5, + 0x00a4a4a4,0x00373737,0x00b1b1b1,0x004c4c4c, + 0x00919191,0x006e6e6e,0x008d8d8d,0x00767676, + 0x00030303,0x002d2d2d,0x00dedede,0x00969696, + 0x00262626,0x007d7d7d,0x00c6c6c6,0x005c5c5c, + 0x00d3d3d3,0x00f2f2f2,0x004f4f4f,0x00191919, + 0x003f3f3f,0x00dcdcdc,0x00797979,0x001d1d1d, + 0x00525252,0x00ebebeb,0x00f3f3f3,0x006d6d6d, + 0x005e5e5e,0x00fbfbfb,0x00696969,0x00b2b2b2, + 0x00f0f0f0,0x00313131,0x000c0c0c,0x00d4d4d4, + 0x00cfcfcf,0x008c8c8c,0x00e2e2e2,0x00757575, + 0x00a9a9a9,0x004a4a4a,0x00575757,0x00848484, + 0x00111111,0x00454545,0x001b1b1b,0x00f5f5f5, + 0x00e4e4e4,0x000e0e0e,0x00737373,0x00aaaaaa, + 0x00f1f1f1,0x00dddddd,0x00595959,0x00141414, + 0x006c6c6c,0x00929292,0x00545454,0x00d0d0d0, + 0x00787878,0x00707070,0x00e3e3e3,0x00494949, + 0x00808080,0x00505050,0x00a7a7a7,0x00f6f6f6, + 0x00777777,0x00939393,0x00868686,0x00838383, + 0x002a2a2a,0x00c7c7c7,0x005b5b5b,0x00e9e9e9, + 0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d, +}; + +static const u32 camellia_sp3033[256] = { + 0x38003838,0x41004141,0x16001616,0x76007676, + 0xd900d9d9,0x93009393,0x60006060,0xf200f2f2, + 0x72007272,0xc200c2c2,0xab00abab,0x9a009a9a, + 0x75007575,0x06000606,0x57005757,0xa000a0a0, + 0x91009191,0xf700f7f7,0xb500b5b5,0xc900c9c9, + 0xa200a2a2,0x8c008c8c,0xd200d2d2,0x90009090, + 0xf600f6f6,0x07000707,0xa700a7a7,0x27002727, + 0x8e008e8e,0xb200b2b2,0x49004949,0xde00dede, + 0x43004343,0x5c005c5c,0xd700d7d7,0xc700c7c7, + 0x3e003e3e,0xf500f5f5,0x8f008f8f,0x67006767, + 0x1f001f1f,0x18001818,0x6e006e6e,0xaf00afaf, + 0x2f002f2f,0xe200e2e2,0x85008585,0x0d000d0d, + 0x53005353,0xf000f0f0,0x9c009c9c,0x65006565, + 0xea00eaea,0xa300a3a3,0xae00aeae,0x9e009e9e, + 0xec00ecec,0x80008080,0x2d002d2d,0x6b006b6b, + 0xa800a8a8,0x2b002b2b,0x36003636,0xa600a6a6, + 0xc500c5c5,0x86008686,0x4d004d4d,0x33003333, + 0xfd00fdfd,0x66006666,0x58005858,0x96009696, + 0x3a003a3a,0x09000909,0x95009595,0x10001010, + 0x78007878,0xd800d8d8,0x42004242,0xcc00cccc, + 0xef00efef,0x26002626,0xe500e5e5,0x61006161, + 0x1a001a1a,0x3f003f3f,0x3b003b3b,0x82008282, + 0xb600b6b6,0xdb00dbdb,0xd400d4d4,0x98009898, + 0xe800e8e8,0x8b008b8b,0x02000202,0xeb00ebeb, + 0x0a000a0a,0x2c002c2c,0x1d001d1d,0xb000b0b0, + 0x6f006f6f,0x8d008d8d,0x88008888,0x0e000e0e, + 0x19001919,0x87008787,0x4e004e4e,0x0b000b0b, + 0xa900a9a9,0x0c000c0c,0x79007979,0x11001111, + 0x7f007f7f,0x22002222,0xe700e7e7,0x59005959, + 0xe100e1e1,0xda00dada,0x3d003d3d,0xc800c8c8, + 0x12001212,0x04000404,0x74007474,0x54005454, + 0x30003030,0x7e007e7e,0xb400b4b4,0x28002828, + 0x55005555,0x68006868,0x50005050,0xbe00bebe, + 0xd000d0d0,0xc400c4c4,0x31003131,0xcb00cbcb, + 0x2a002a2a,0xad00adad,0x0f000f0f,0xca00caca, + 0x70007070,0xff00ffff,0x32003232,0x69006969, + 0x08000808,0x62006262,0x00000000,0x24002424, + 0xd100d1d1,0xfb00fbfb,0xba00baba,0xed00eded, + 0x45004545,0x81008181,0x73007373,0x6d006d6d, + 0x84008484,0x9f009f9f,0xee00eeee,0x4a004a4a, + 0xc300c3c3,0x2e002e2e,0xc100c1c1,0x01000101, + 0xe600e6e6,0x25002525,0x48004848,0x99009999, + 0xb900b9b9,0xb300b3b3,0x7b007b7b,0xf900f9f9, + 0xce00cece,0xbf00bfbf,0xdf00dfdf,0x71007171, + 0x29002929,0xcd00cdcd,0x6c006c6c,0x13001313, + 0x64006464,0x9b009b9b,0x63006363,0x9d009d9d, + 0xc000c0c0,0x4b004b4b,0xb700b7b7,0xa500a5a5, + 0x89008989,0x5f005f5f,0xb100b1b1,0x17001717, + 0xf400f4f4,0xbc00bcbc,0xd300d3d3,0x46004646, + 0xcf00cfcf,0x37003737,0x5e005e5e,0x47004747, + 0x94009494,0xfa00fafa,0xfc00fcfc,0x5b005b5b, + 0x97009797,0xfe00fefe,0x5a005a5a,0xac00acac, + 0x3c003c3c,0x4c004c4c,0x03000303,0x35003535, + 0xf300f3f3,0x23002323,0xb800b8b8,0x5d005d5d, + 0x6a006a6a,0x92009292,0xd500d5d5,0x21002121, + 0x44004444,0x51005151,0xc600c6c6,0x7d007d7d, + 0x39003939,0x83008383,0xdc00dcdc,0xaa00aaaa, + 0x7c007c7c,0x77007777,0x56005656,0x05000505, + 0x1b001b1b,0xa400a4a4,0x15001515,0x34003434, + 0x1e001e1e,0x1c001c1c,0xf800f8f8,0x52005252, + 0x20002020,0x14001414,0xe900e9e9,0xbd00bdbd, + 0xdd00dddd,0xe400e4e4,0xa100a1a1,0xe000e0e0, + 0x8a008a8a,0xf100f1f1,0xd600d6d6,0x7a007a7a, + 0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f, +}; + +static const u32 camellia_sp4404[256] = { + 0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0, + 0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae, + 0x23230023,0x6b6b006b,0x45450045,0xa5a500a5, + 0xeded00ed,0x4f4f004f,0x1d1d001d,0x92920092, + 0x86860086,0xafaf00af,0x7c7c007c,0x1f1f001f, + 0x3e3e003e,0xdcdc00dc,0x5e5e005e,0x0b0b000b, + 0xa6a600a6,0x39390039,0xd5d500d5,0x5d5d005d, + 0xd9d900d9,0x5a5a005a,0x51510051,0x6c6c006c, + 0x8b8b008b,0x9a9a009a,0xfbfb00fb,0xb0b000b0, + 0x74740074,0x2b2b002b,0xf0f000f0,0x84840084, + 0xdfdf00df,0xcbcb00cb,0x34340034,0x76760076, + 0x6d6d006d,0xa9a900a9,0xd1d100d1,0x04040004, + 0x14140014,0x3a3a003a,0xdede00de,0x11110011, + 0x32320032,0x9c9c009c,0x53530053,0xf2f200f2, + 0xfefe00fe,0xcfcf00cf,0xc3c300c3,0x7a7a007a, + 0x24240024,0xe8e800e8,0x60600060,0x69690069, + 0xaaaa00aa,0xa0a000a0,0xa1a100a1,0x62620062, + 0x54540054,0x1e1e001e,0xe0e000e0,0x64640064, + 0x10100010,0x00000000,0xa3a300a3,0x75750075, + 0x8a8a008a,0xe6e600e6,0x09090009,0xdddd00dd, + 0x87870087,0x83830083,0xcdcd00cd,0x90900090, + 0x73730073,0xf6f600f6,0x9d9d009d,0xbfbf00bf, + 0x52520052,0xd8d800d8,0xc8c800c8,0xc6c600c6, + 0x81810081,0x6f6f006f,0x13130013,0x63630063, + 0xe9e900e9,0xa7a700a7,0x9f9f009f,0xbcbc00bc, + 0x29290029,0xf9f900f9,0x2f2f002f,0xb4b400b4, + 0x78780078,0x06060006,0xe7e700e7,0x71710071, + 0xd4d400d4,0xabab00ab,0x88880088,0x8d8d008d, + 0x72720072,0xb9b900b9,0xf8f800f8,0xacac00ac, + 0x36360036,0x2a2a002a,0x3c3c003c,0xf1f100f1, + 0x40400040,0xd3d300d3,0xbbbb00bb,0x43430043, + 0x15150015,0xadad00ad,0x77770077,0x80800080, + 0x82820082,0xecec00ec,0x27270027,0xe5e500e5, + 0x85850085,0x35350035,0x0c0c000c,0x41410041, + 0xefef00ef,0x93930093,0x19190019,0x21210021, + 0x0e0e000e,0x4e4e004e,0x65650065,0xbdbd00bd, + 0xb8b800b8,0x8f8f008f,0xebeb00eb,0xcece00ce, + 0x30300030,0x5f5f005f,0xc5c500c5,0x1a1a001a, + 0xe1e100e1,0xcaca00ca,0x47470047,0x3d3d003d, + 0x01010001,0xd6d600d6,0x56560056,0x4d4d004d, + 0x0d0d000d,0x66660066,0xcccc00cc,0x2d2d002d, + 0x12120012,0x20200020,0xb1b100b1,0x99990099, + 0x4c4c004c,0xc2c200c2,0x7e7e007e,0x05050005, + 0xb7b700b7,0x31310031,0x17170017,0xd7d700d7, + 0x58580058,0x61610061,0x1b1b001b,0x1c1c001c, + 0x0f0f000f,0x16160016,0x18180018,0x22220022, + 0x44440044,0xb2b200b2,0xb5b500b5,0x91910091, + 0x08080008,0xa8a800a8,0xfcfc00fc,0x50500050, + 0xd0d000d0,0x7d7d007d,0x89890089,0x97970097, + 0x5b5b005b,0x95950095,0xffff00ff,0xd2d200d2, + 0xc4c400c4,0x48480048,0xf7f700f7,0xdbdb00db, + 0x03030003,0xdada00da,0x3f3f003f,0x94940094, + 0x5c5c005c,0x02020002,0x4a4a004a,0x33330033, + 0x67670067,0xf3f300f3,0x7f7f007f,0xe2e200e2, + 0x9b9b009b,0x26260026,0x37370037,0x3b3b003b, + 0x96960096,0x4b4b004b,0xbebe00be,0x2e2e002e, + 0x79790079,0x8c8c008c,0x6e6e006e,0x8e8e008e, + 0xf5f500f5,0xb6b600b6,0xfdfd00fd,0x59590059, + 0x98980098,0x6a6a006a,0x46460046,0xbaba00ba, + 0x25250025,0x42420042,0xa2a200a2,0xfafa00fa, + 0x07070007,0x55550055,0xeeee00ee,0x0a0a000a, + 0x49490049,0x68680068,0x38380038,0xa4a400a4, + 0x28280028,0x7b7b007b,0xc9c900c9,0xc1c100c1, + 0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e, +}; + + +/** + * Stuff related to the Camellia key schedule + */ +#define subl(x) subL[(x)] +#define subr(x) subR[(x)] + +static void camellia_setup128(const unsigned char *key, u32 *subkey) +{ + u32 kll, klr, krl, krr; + u32 il, ir, t0, t1, w0, w1; + u32 kw4l, kw4r, dw, tl, tr; + u32 subL[26]; + u32 subR[26]; + + /** + * k == kll || klr || krl || krr (|| is concatination) + */ + kll = GETU32(key ); + klr = GETU32(key + 4); + krl = GETU32(key + 8); + krr = GETU32(key + 12); + /** + * generate KL dependent subkeys + */ + subl(0) = kll; subr(0) = klr; + subl(1) = krl; subr(1) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(4) = kll; subr(4) = klr; + subl(5) = krl; subr(5) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); + subl(10) = kll; subr(10) = klr; + subl(11) = krl; subr(11) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(13) = krl; subr(13) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); + subl(16) = kll; subr(16) = klr; + subl(17) = krl; subr(17) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); + subl(18) = kll; subr(18) = klr; + subl(19) = krl; subr(19) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); + subl(22) = kll; subr(22) = klr; + subl(23) = krl; subr(23) = krr; + + /* generate KA */ + kll = subl(0); klr = subr(0); + krl = subl(1); krr = subr(1); + CAMELLIA_F(kll, klr, + CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, + w0, w1, il, ir, t0, t1); + krl ^= w0; krr ^= w1; + CAMELLIA_F(krl, krr, + CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, + kll, klr, il, ir, t0, t1); + CAMELLIA_F(kll, klr, + CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, + krl, krr, il, ir, t0, t1); + krl ^= w0; krr ^= w1; + CAMELLIA_F(krl, krr, + CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, + w0, w1, il, ir, t0, t1); + kll ^= w0; klr ^= w1; + + /* generate KA dependent subkeys */ + subl(2) = kll; subr(2) = klr; + subl(3) = krl; subr(3) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(6) = kll; subr(6) = klr; + subl(7) = krl; subr(7) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(8) = kll; subr(8) = klr; + subl(9) = krl; subr(9) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(12) = kll; subr(12) = klr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(14) = kll; subr(14) = klr; + subl(15) = krl; subr(15) = krr; + CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); + subl(20) = kll; subr(20) = klr; + subl(21) = krl; subr(21) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); + subl(24) = kll; subr(24) = klr; + subl(25) = krl; subr(25) = krr; + + + /* absorb kw2 to other subkeys */ + subl(3) ^= subl(1); subr(3) ^= subr(1); + subl(5) ^= subl(1); subr(5) ^= subr(1); + subl(7) ^= subl(1); subr(7) ^= subr(1); + subl(1) ^= subr(1) & ~subr(9); + dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); + subl(11) ^= subl(1); subr(11) ^= subr(1); + subl(13) ^= subl(1); subr(13) ^= subr(1); + subl(15) ^= subl(1); subr(15) ^= subr(1); + subl(1) ^= subr(1) & ~subr(17); + dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); + subl(19) ^= subl(1); subr(19) ^= subr(1); + subl(21) ^= subl(1); subr(21) ^= subr(1); + subl(23) ^= subl(1); subr(23) ^= subr(1); + subl(24) ^= subl(1); subr(24) ^= subr(1); + + /* absorb kw4 to other subkeys */ + kw4l = subl(25); kw4r = subr(25); + subl(22) ^= kw4l; subr(22) ^= kw4r; + subl(20) ^= kw4l; subr(20) ^= kw4r; + subl(18) ^= kw4l; subr(18) ^= kw4r; + kw4l ^= kw4r & ~subr(16); + dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); + subl(14) ^= kw4l; subr(14) ^= kw4r; + subl(12) ^= kw4l; subr(12) ^= kw4r; + subl(10) ^= kw4l; subr(10) ^= kw4r; + kw4l ^= kw4r & ~subr(8); + dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); + subl(6) ^= kw4l; subr(6) ^= kw4r; + subl(4) ^= kw4l; subr(4) ^= kw4r; + subl(2) ^= kw4l; subr(2) ^= kw4r; + subl(0) ^= kw4l; subr(0) ^= kw4r; + + /* key XOR is end of F-function */ + CamelliaSubkeyL(0) = subl(0) ^ subl(2); + CamelliaSubkeyR(0) = subr(0) ^ subr(2); + CamelliaSubkeyL(2) = subl(3); + CamelliaSubkeyR(2) = subr(3); + CamelliaSubkeyL(3) = subl(2) ^ subl(4); + CamelliaSubkeyR(3) = subr(2) ^ subr(4); + CamelliaSubkeyL(4) = subl(3) ^ subl(5); + CamelliaSubkeyR(4) = subr(3) ^ subr(5); + CamelliaSubkeyL(5) = subl(4) ^ subl(6); + CamelliaSubkeyR(5) = subr(4) ^ subr(6); + CamelliaSubkeyL(6) = subl(5) ^ subl(7); + CamelliaSubkeyR(6) = subr(5) ^ subr(7); + tl = subl(10) ^ (subr(10) & ~subr(8)); + dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(7) = subl(6) ^ tl; + CamelliaSubkeyR(7) = subr(6) ^ tr; + CamelliaSubkeyL(8) = subl(8); + CamelliaSubkeyR(8) = subr(8); + CamelliaSubkeyL(9) = subl(9); + CamelliaSubkeyR(9) = subr(9); + tl = subl(7) ^ (subr(7) & ~subr(9)); + dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(10) = tl ^ subl(11); + CamelliaSubkeyR(10) = tr ^ subr(11); + CamelliaSubkeyL(11) = subl(10) ^ subl(12); + CamelliaSubkeyR(11) = subr(10) ^ subr(12); + CamelliaSubkeyL(12) = subl(11) ^ subl(13); + CamelliaSubkeyR(12) = subr(11) ^ subr(13); + CamelliaSubkeyL(13) = subl(12) ^ subl(14); + CamelliaSubkeyR(13) = subr(12) ^ subr(14); + CamelliaSubkeyL(14) = subl(13) ^ subl(15); + CamelliaSubkeyR(14) = subr(13) ^ subr(15); + tl = subl(18) ^ (subr(18) & ~subr(16)); + dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(15) = subl(14) ^ tl; + CamelliaSubkeyR(15) = subr(14) ^ tr; + CamelliaSubkeyL(16) = subl(16); + CamelliaSubkeyR(16) = subr(16); + CamelliaSubkeyL(17) = subl(17); + CamelliaSubkeyR(17) = subr(17); + tl = subl(15) ^ (subr(15) & ~subr(17)); + dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(18) = tl ^ subl(19); + CamelliaSubkeyR(18) = tr ^ subr(19); + CamelliaSubkeyL(19) = subl(18) ^ subl(20); + CamelliaSubkeyR(19) = subr(18) ^ subr(20); + CamelliaSubkeyL(20) = subl(19) ^ subl(21); + CamelliaSubkeyR(20) = subr(19) ^ subr(21); + CamelliaSubkeyL(21) = subl(20) ^ subl(22); + CamelliaSubkeyR(21) = subr(20) ^ subr(22); + CamelliaSubkeyL(22) = subl(21) ^ subl(23); + CamelliaSubkeyR(22) = subr(21) ^ subr(23); + CamelliaSubkeyL(23) = subl(22); + CamelliaSubkeyR(23) = subr(22); + CamelliaSubkeyL(24) = subl(24) ^ subl(23); + CamelliaSubkeyR(24) = subr(24) ^ subr(23); + + /* apply the inverse of the last half of P-function */ + dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw; + dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw; + dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw; + dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw; + dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw; + dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw; + dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw; + dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw; + dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw; + dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw; + dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw; + dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw; + dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw; + dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw; + dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw; + dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw; + dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw; + dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; + + return; +} + +static void camellia_setup256(const unsigned char *key, u32 *subkey) +{ + u32 kll,klr,krl,krr; /* left half of key */ + u32 krll,krlr,krrl,krrr; /* right half of key */ + u32 il, ir, t0, t1, w0, w1; /* temporary variables */ + u32 kw4l, kw4r, dw, tl, tr; + u32 subL[34]; + u32 subR[34]; + + /** + * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr) + * (|| is concatination) + */ + + kll = GETU32(key ); + klr = GETU32(key + 4); + krl = GETU32(key + 8); + krr = GETU32(key + 12); + krll = GETU32(key + 16); + krlr = GETU32(key + 20); + krrl = GETU32(key + 24); + krrr = GETU32(key + 28); + + /* generate KL dependent subkeys */ + subl(0) = kll; subr(0) = klr; + subl(1) = krl; subr(1) = krr; + CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 45); + subl(12) = kll; subr(12) = klr; + subl(13) = krl; subr(13) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(16) = kll; subr(16) = klr; + subl(17) = krl; subr(17) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); + subl(22) = kll; subr(22) = klr; + subl(23) = krl; subr(23) = krr; + CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); + subl(30) = kll; subr(30) = klr; + subl(31) = krl; subr(31) = krr; + + /* generate KR dependent subkeys */ + CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); + subl(4) = krll; subr(4) = krlr; + subl(5) = krrl; subr(5) = krrr; + CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); + subl(8) = krll; subr(8) = krlr; + subl(9) = krrl; subr(9) = krrr; + CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); + subl(18) = krll; subr(18) = krlr; + subl(19) = krrl; subr(19) = krrr; + CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); + subl(26) = krll; subr(26) = krlr; + subl(27) = krrl; subr(27) = krrr; + CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); + + /* generate KA */ + kll = subl(0) ^ krll; klr = subr(0) ^ krlr; + krl = subl(1) ^ krrl; krr = subr(1) ^ krrr; + CAMELLIA_F(kll, klr, + CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, + w0, w1, il, ir, t0, t1); + krl ^= w0; krr ^= w1; + CAMELLIA_F(krl, krr, + CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, + kll, klr, il, ir, t0, t1); + kll ^= krll; klr ^= krlr; + CAMELLIA_F(kll, klr, + CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, + krl, krr, il, ir, t0, t1); + krl ^= w0 ^ krrl; krr ^= w1 ^ krrr; + CAMELLIA_F(krl, krr, + CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, + w0, w1, il, ir, t0, t1); + kll ^= w0; klr ^= w1; + + /* generate KB */ + krll ^= kll; krlr ^= klr; + krrl ^= krl; krrr ^= krr; + CAMELLIA_F(krll, krlr, + CAMELLIA_SIGMA5L, CAMELLIA_SIGMA5R, + w0, w1, il, ir, t0, t1); + krrl ^= w0; krrr ^= w1; + CAMELLIA_F(krrl, krrr, + CAMELLIA_SIGMA6L, CAMELLIA_SIGMA6R, + w0, w1, il, ir, t0, t1); + krll ^= w0; krlr ^= w1; + + /* generate KA dependent subkeys */ + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(6) = kll; subr(6) = klr; + subl(7) = krl; subr(7) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); + subl(14) = kll; subr(14) = klr; + subl(15) = krl; subr(15) = krr; + subl(24) = klr; subr(24) = krl; + subl(25) = krr; subr(25) = kll; + CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 49); + subl(28) = kll; subr(28) = klr; + subl(29) = krl; subr(29) = krr; + + /* generate KB dependent subkeys */ + subl(2) = krll; subr(2) = krlr; + subl(3) = krrl; subr(3) = krrr; + CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); + subl(10) = krll; subr(10) = krlr; + subl(11) = krrl; subr(11) = krrr; + CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); + subl(20) = krll; subr(20) = krlr; + subl(21) = krrl; subr(21) = krrr; + CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51); + subl(32) = krll; subr(32) = krlr; + subl(33) = krrl; subr(33) = krrr; + + /* absorb kw2 to other subkeys */ + subl(3) ^= subl(1); subr(3) ^= subr(1); + subl(5) ^= subl(1); subr(5) ^= subr(1); + subl(7) ^= subl(1); subr(7) ^= subr(1); + subl(1) ^= subr(1) & ~subr(9); + dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); + subl(11) ^= subl(1); subr(11) ^= subr(1); + subl(13) ^= subl(1); subr(13) ^= subr(1); + subl(15) ^= subl(1); subr(15) ^= subr(1); + subl(1) ^= subr(1) & ~subr(17); + dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); + subl(19) ^= subl(1); subr(19) ^= subr(1); + subl(21) ^= subl(1); subr(21) ^= subr(1); + subl(23) ^= subl(1); subr(23) ^= subr(1); + subl(1) ^= subr(1) & ~subr(25); + dw = subl(1) & subl(25), subr(1) ^= CAMELLIA_RL1(dw); + subl(27) ^= subl(1); subr(27) ^= subr(1); + subl(29) ^= subl(1); subr(29) ^= subr(1); + subl(31) ^= subl(1); subr(31) ^= subr(1); + subl(32) ^= subl(1); subr(32) ^= subr(1); + + /* absorb kw4 to other subkeys */ + kw4l = subl(33); kw4r = subr(33); + subl(30) ^= kw4l; subr(30) ^= kw4r; + subl(28) ^= kw4l; subr(28) ^= kw4r; + subl(26) ^= kw4l; subr(26) ^= kw4r; + kw4l ^= kw4r & ~subr(24); + dw = kw4l & subl(24), kw4r ^= CAMELLIA_RL1(dw); + subl(22) ^= kw4l; subr(22) ^= kw4r; + subl(20) ^= kw4l; subr(20) ^= kw4r; + subl(18) ^= kw4l; subr(18) ^= kw4r; + kw4l ^= kw4r & ~subr(16); + dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); + subl(14) ^= kw4l; subr(14) ^= kw4r; + subl(12) ^= kw4l; subr(12) ^= kw4r; + subl(10) ^= kw4l; subr(10) ^= kw4r; + kw4l ^= kw4r & ~subr(8); + dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); + subl(6) ^= kw4l; subr(6) ^= kw4r; + subl(4) ^= kw4l; subr(4) ^= kw4r; + subl(2) ^= kw4l; subr(2) ^= kw4r; + subl(0) ^= kw4l; subr(0) ^= kw4r; + + /* key XOR is end of F-function */ + CamelliaSubkeyL(0) = subl(0) ^ subl(2); + CamelliaSubkeyR(0) = subr(0) ^ subr(2); + CamelliaSubkeyL(2) = subl(3); + CamelliaSubkeyR(2) = subr(3); + CamelliaSubkeyL(3) = subl(2) ^ subl(4); + CamelliaSubkeyR(3) = subr(2) ^ subr(4); + CamelliaSubkeyL(4) = subl(3) ^ subl(5); + CamelliaSubkeyR(4) = subr(3) ^ subr(5); + CamelliaSubkeyL(5) = subl(4) ^ subl(6); + CamelliaSubkeyR(5) = subr(4) ^ subr(6); + CamelliaSubkeyL(6) = subl(5) ^ subl(7); + CamelliaSubkeyR(6) = subr(5) ^ subr(7); + tl = subl(10) ^ (subr(10) & ~subr(8)); + dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(7) = subl(6) ^ tl; + CamelliaSubkeyR(7) = subr(6) ^ tr; + CamelliaSubkeyL(8) = subl(8); + CamelliaSubkeyR(8) = subr(8); + CamelliaSubkeyL(9) = subl(9); + CamelliaSubkeyR(9) = subr(9); + tl = subl(7) ^ (subr(7) & ~subr(9)); + dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(10) = tl ^ subl(11); + CamelliaSubkeyR(10) = tr ^ subr(11); + CamelliaSubkeyL(11) = subl(10) ^ subl(12); + CamelliaSubkeyR(11) = subr(10) ^ subr(12); + CamelliaSubkeyL(12) = subl(11) ^ subl(13); + CamelliaSubkeyR(12) = subr(11) ^ subr(13); + CamelliaSubkeyL(13) = subl(12) ^ subl(14); + CamelliaSubkeyR(13) = subr(12) ^ subr(14); + CamelliaSubkeyL(14) = subl(13) ^ subl(15); + CamelliaSubkeyR(14) = subr(13) ^ subr(15); + tl = subl(18) ^ (subr(18) & ~subr(16)); + dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(15) = subl(14) ^ tl; + CamelliaSubkeyR(15) = subr(14) ^ tr; + CamelliaSubkeyL(16) = subl(16); + CamelliaSubkeyR(16) = subr(16); + CamelliaSubkeyL(17) = subl(17); + CamelliaSubkeyR(17) = subr(17); + tl = subl(15) ^ (subr(15) & ~subr(17)); + dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(18) = tl ^ subl(19); + CamelliaSubkeyR(18) = tr ^ subr(19); + CamelliaSubkeyL(19) = subl(18) ^ subl(20); + CamelliaSubkeyR(19) = subr(18) ^ subr(20); + CamelliaSubkeyL(20) = subl(19) ^ subl(21); + CamelliaSubkeyR(20) = subr(19) ^ subr(21); + CamelliaSubkeyL(21) = subl(20) ^ subl(22); + CamelliaSubkeyR(21) = subr(20) ^ subr(22); + CamelliaSubkeyL(22) = subl(21) ^ subl(23); + CamelliaSubkeyR(22) = subr(21) ^ subr(23); + tl = subl(26) ^ (subr(26) & ~subr(24)); + dw = tl & subl(24), tr = subr(26) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(23) = subl(22) ^ tl; + CamelliaSubkeyR(23) = subr(22) ^ tr; + CamelliaSubkeyL(24) = subl(24); + CamelliaSubkeyR(24) = subr(24); + CamelliaSubkeyL(25) = subl(25); + CamelliaSubkeyR(25) = subr(25); + tl = subl(23) ^ (subr(23) & ~subr(25)); + dw = tl & subl(25), tr = subr(23) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(26) = tl ^ subl(27); + CamelliaSubkeyR(26) = tr ^ subr(27); + CamelliaSubkeyL(27) = subl(26) ^ subl(28); + CamelliaSubkeyR(27) = subr(26) ^ subr(28); + CamelliaSubkeyL(28) = subl(27) ^ subl(29); + CamelliaSubkeyR(28) = subr(27) ^ subr(29); + CamelliaSubkeyL(29) = subl(28) ^ subl(30); + CamelliaSubkeyR(29) = subr(28) ^ subr(30); + CamelliaSubkeyL(30) = subl(29) ^ subl(31); + CamelliaSubkeyR(30) = subr(29) ^ subr(31); + CamelliaSubkeyL(31) = subl(30); + CamelliaSubkeyR(31) = subr(30); + CamelliaSubkeyL(32) = subl(32) ^ subl(31); + CamelliaSubkeyR(32) = subr(32) ^ subr(31); + + /* apply the inverse of the last half of P-function */ + dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw; + dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw; + dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw; + dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw; + dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw; + dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw; + dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw; + dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw; + dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw; + dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw; + dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw; + dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw; + dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw; + dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw; + dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw; + dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw; + dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw; + dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; + dw = CamelliaSubkeyL(26) ^ CamelliaSubkeyR(26), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(26) = CamelliaSubkeyL(26) ^ dw, CamelliaSubkeyL(26) = dw; + dw = CamelliaSubkeyL(27) ^ CamelliaSubkeyR(27), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(27) = CamelliaSubkeyL(27) ^ dw, CamelliaSubkeyL(27) = dw; + dw = CamelliaSubkeyL(28) ^ CamelliaSubkeyR(28), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(28) = CamelliaSubkeyL(28) ^ dw, CamelliaSubkeyL(28) = dw; + dw = CamelliaSubkeyL(29) ^ CamelliaSubkeyR(29), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(29) = CamelliaSubkeyL(29) ^ dw, CamelliaSubkeyL(29) = dw; + dw = CamelliaSubkeyL(30) ^ CamelliaSubkeyR(30), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(30) = CamelliaSubkeyL(30) ^ dw, CamelliaSubkeyL(30) = dw; + dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw,CamelliaSubkeyL(31) = dw; + + return; +} + +static void camellia_setup192(const unsigned char *key, u32 *subkey) +{ + unsigned char kk[32]; + u32 krll, krlr, krrl,krrr; + + memcpy(kk, key, 24); + memcpy((unsigned char *)&krll, key+16,4); + memcpy((unsigned char *)&krlr, key+20,4); + krrl = ~krll; + krrr = ~krlr; + memcpy(kk+24, (unsigned char *)&krrl, 4); + memcpy(kk+28, (unsigned char *)&krrr, 4); + camellia_setup256(kk, subkey); + return; +} + + +/** + * Stuff related to camellia encryption/decryption + * + * "io" must be 4byte aligned and big-endian data. + */ +static void camellia_encrypt128(const u32 *subkey, u32 *io) +{ + u32 il, ir, t0, t1; + + /* pre whitening but absorb kw2*/ + io[0] ^= CamelliaSubkeyL(0); + io[1] ^= CamelliaSubkeyR(0); + /* main iteration */ + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(2),CamelliaSubkeyR(2), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(3),CamelliaSubkeyR(3), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(4),CamelliaSubkeyR(4), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(5),CamelliaSubkeyR(5), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(6),CamelliaSubkeyR(6), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(7),CamelliaSubkeyR(7), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(8),CamelliaSubkeyR(8), + CamelliaSubkeyL(9),CamelliaSubkeyR(9), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(10),CamelliaSubkeyR(10), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(11),CamelliaSubkeyR(11), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(12),CamelliaSubkeyR(12), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(13),CamelliaSubkeyR(13), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(14),CamelliaSubkeyR(14), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(15),CamelliaSubkeyR(15), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(16),CamelliaSubkeyR(16), + CamelliaSubkeyL(17),CamelliaSubkeyR(17), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(18),CamelliaSubkeyR(18), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(19),CamelliaSubkeyR(19), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(20),CamelliaSubkeyR(20), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(21),CamelliaSubkeyR(21), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(22),CamelliaSubkeyR(22), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(23),CamelliaSubkeyR(23), + io[0],io[1],il,ir,t0,t1); + + /* post whitening but kw4 */ + io[2] ^= CamelliaSubkeyL(24); + io[3] ^= CamelliaSubkeyR(24); + + t0 = io[0]; + t1 = io[1]; + io[0] = io[2]; + io[1] = io[3]; + io[2] = t0; + io[3] = t1; + + return; +} + +static void camellia_decrypt128(const u32 *subkey, u32 *io) +{ + u32 il,ir,t0,t1; /* temporary valiables */ + + /* pre whitening but absorb kw2*/ + io[0] ^= CamelliaSubkeyL(24); + io[1] ^= CamelliaSubkeyR(24); + + /* main iteration */ + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(23),CamelliaSubkeyR(23), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(22),CamelliaSubkeyR(22), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(21),CamelliaSubkeyR(21), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(20),CamelliaSubkeyR(20), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(19),CamelliaSubkeyR(19), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(18),CamelliaSubkeyR(18), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(17),CamelliaSubkeyR(17), + CamelliaSubkeyL(16),CamelliaSubkeyR(16), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(15),CamelliaSubkeyR(15), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(14),CamelliaSubkeyR(14), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(13),CamelliaSubkeyR(13), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(12),CamelliaSubkeyR(12), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(11),CamelliaSubkeyR(11), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(10),CamelliaSubkeyR(10), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(9),CamelliaSubkeyR(9), + CamelliaSubkeyL(8),CamelliaSubkeyR(8), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(7),CamelliaSubkeyR(7), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(6),CamelliaSubkeyR(6), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(5),CamelliaSubkeyR(5), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(4),CamelliaSubkeyR(4), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(3),CamelliaSubkeyR(3), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(2),CamelliaSubkeyR(2), + io[0],io[1],il,ir,t0,t1); + + /* post whitening but kw4 */ + io[2] ^= CamelliaSubkeyL(0); + io[3] ^= CamelliaSubkeyR(0); + + t0 = io[0]; + t1 = io[1]; + io[0] = io[2]; + io[1] = io[3]; + io[2] = t0; + io[3] = t1; + + return; +} + +/** + * stuff for 192 and 256bit encryption/decryption + */ +static void camellia_encrypt256(const u32 *subkey, u32 *io) +{ + u32 il,ir,t0,t1; /* temporary valiables */ + + /* pre whitening but absorb kw2*/ + io[0] ^= CamelliaSubkeyL(0); + io[1] ^= CamelliaSubkeyR(0); + + /* main iteration */ + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(2),CamelliaSubkeyR(2), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(3),CamelliaSubkeyR(3), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(4),CamelliaSubkeyR(4), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(5),CamelliaSubkeyR(5), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(6),CamelliaSubkeyR(6), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(7),CamelliaSubkeyR(7), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(8),CamelliaSubkeyR(8), + CamelliaSubkeyL(9),CamelliaSubkeyR(9), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(10),CamelliaSubkeyR(10), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(11),CamelliaSubkeyR(11), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(12),CamelliaSubkeyR(12), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(13),CamelliaSubkeyR(13), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(14),CamelliaSubkeyR(14), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(15),CamelliaSubkeyR(15), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(16),CamelliaSubkeyR(16), + CamelliaSubkeyL(17),CamelliaSubkeyR(17), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(18),CamelliaSubkeyR(18), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(19),CamelliaSubkeyR(19), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(20),CamelliaSubkeyR(20), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(21),CamelliaSubkeyR(21), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(22),CamelliaSubkeyR(22), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(23),CamelliaSubkeyR(23), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(24),CamelliaSubkeyR(24), + CamelliaSubkeyL(25),CamelliaSubkeyR(25), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(26),CamelliaSubkeyR(26), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(27),CamelliaSubkeyR(27), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(28),CamelliaSubkeyR(28), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(29),CamelliaSubkeyR(29), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(30),CamelliaSubkeyR(30), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(31),CamelliaSubkeyR(31), + io[0],io[1],il,ir,t0,t1); + + /* post whitening but kw4 */ + io[2] ^= CamelliaSubkeyL(32); + io[3] ^= CamelliaSubkeyR(32); + + t0 = io[0]; + t1 = io[1]; + io[0] = io[2]; + io[1] = io[3]; + io[2] = t0; + io[3] = t1; + + return; +} + +static void camellia_decrypt256(const u32 *subkey, u32 *io) +{ + u32 il,ir,t0,t1; /* temporary valiables */ + + /* pre whitening but absorb kw2*/ + io[0] ^= CamelliaSubkeyL(32); + io[1] ^= CamelliaSubkeyR(32); + + /* main iteration */ + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(31),CamelliaSubkeyR(31), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(30),CamelliaSubkeyR(30), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(29),CamelliaSubkeyR(29), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(28),CamelliaSubkeyR(28), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(27),CamelliaSubkeyR(27), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(26),CamelliaSubkeyR(26), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(25),CamelliaSubkeyR(25), + CamelliaSubkeyL(24),CamelliaSubkeyR(24), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(23),CamelliaSubkeyR(23), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(22),CamelliaSubkeyR(22), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(21),CamelliaSubkeyR(21), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(20),CamelliaSubkeyR(20), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(19),CamelliaSubkeyR(19), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(18),CamelliaSubkeyR(18), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(17),CamelliaSubkeyR(17), + CamelliaSubkeyL(16),CamelliaSubkeyR(16), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(15),CamelliaSubkeyR(15), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(14),CamelliaSubkeyR(14), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(13),CamelliaSubkeyR(13), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(12),CamelliaSubkeyR(12), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(11),CamelliaSubkeyR(11), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(10),CamelliaSubkeyR(10), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(9),CamelliaSubkeyR(9), + CamelliaSubkeyL(8),CamelliaSubkeyR(8), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(7),CamelliaSubkeyR(7), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(6),CamelliaSubkeyR(6), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(5),CamelliaSubkeyR(5), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(4),CamelliaSubkeyR(4), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(3),CamelliaSubkeyR(3), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(2),CamelliaSubkeyR(2), + io[0],io[1],il,ir,t0,t1); + + /* post whitening but kw4 */ + io[2] ^= CamelliaSubkeyL(0); + io[3] ^= CamelliaSubkeyR(0); + + t0 = io[0]; + t1 = io[1]; + io[0] = io[2]; + io[1] = io[3]; + io[2] = t0; + io[3] = t1; + + return; +} + +/*** + * + * API for compatibility + */ + +void Camellia_Ekeygen(const int keyBitLength, + const unsigned char *rawKey, + KEY_TABLE_TYPE keyTable) +{ + switch(keyBitLength) { + case 128: + camellia_setup128(rawKey, keyTable); + break; + case 192: + camellia_setup192(rawKey, keyTable); + break; + case 256: + camellia_setup256(rawKey, keyTable); + break; + default: + break; + } +} + + +void Camellia_EncryptBlock(const int keyBitLength, + const unsigned char *plaintext, + const KEY_TABLE_TYPE keyTable, + unsigned char *ciphertext) +{ + u32 tmp[4]; + + tmp[0] = GETU32(plaintext); + tmp[1] = GETU32(plaintext + 4); + tmp[2] = GETU32(plaintext + 8); + tmp[3] = GETU32(plaintext + 12); + + switch (keyBitLength) { + case 128: + camellia_encrypt128(keyTable, tmp); + break; + case 192: + /* fall through */ + case 256: + camellia_encrypt256(keyTable, tmp); + break; + default: + break; + } + + PUTU32(ciphertext, tmp[0]); + PUTU32(ciphertext + 4, tmp[1]); + PUTU32(ciphertext + 8, tmp[2]); + PUTU32(ciphertext + 12, tmp[3]); +} + +void Camellia_DecryptBlock(const int keyBitLength, + const unsigned char *ciphertext, + const KEY_TABLE_TYPE keyTable, + unsigned char *plaintext) +{ + u32 tmp[4]; + + tmp[0] = GETU32(ciphertext); + tmp[1] = GETU32(ciphertext + 4); + tmp[2] = GETU32(ciphertext + 8); + tmp[3] = GETU32(ciphertext + 12); + + switch (keyBitLength) { + case 128: + camellia_decrypt128(keyTable, tmp); + break; + case 192: + /* fall through */ + case 256: + camellia_decrypt256(keyTable, tmp); + break; + default: + break; + } + PUTU32(plaintext, tmp[0]); + PUTU32(plaintext + 4, tmp[1]); + PUTU32(plaintext + 8, tmp[2]); + PUTU32(plaintext + 12, tmp[3]); +} diff --git a/lib/hcrypto/camellia-ntt.h b/lib/hcrypto/camellia-ntt.h new file mode 100644 index 000000000000..31db336dbb6e --- /dev/null +++ b/lib/hcrypto/camellia-ntt.h @@ -0,0 +1,65 @@ +/* camellia.h ver 1.2.0 + * + * Copyright (c) 2006,2007 + * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer as + * the first lines of this file unmodified. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef HEADER_CAMELLIA_H +#define HEADER_CAMELLIA_H + +#ifdef __cplusplus +extern "C" { +#endif + +#define CAMELLIA_BLOCK_SIZE 16 +#define CAMELLIA_TABLE_BYTE_LEN 272 +#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4) + +/* u32 must be 32bit word */ +typedef uint32_t u32; +typedef unsigned char u8; + +typedef u32 KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; + + +void Camellia_Ekeygen(const int keyBitLength, + const unsigned char *rawKey, + KEY_TABLE_TYPE keyTable); + +void Camellia_EncryptBlock(const int keyBitLength, + const unsigned char *plaintext, + const KEY_TABLE_TYPE keyTable, + unsigned char *cipherText); + +void Camellia_DecryptBlock(const int keyBitLength, + const unsigned char *cipherText, + const KEY_TABLE_TYPE keyTable, + unsigned char *plaintext); + + +#ifdef __cplusplus +} +#endif + +#endif /* HEADER_CAMELLIA_H */ diff --git a/lib/hcrypto/camellia.c b/lib/hcrypto/camellia.c new file mode 100644 index 000000000000..c88822db5c7d --- /dev/null +++ b/lib/hcrypto/camellia.c @@ -0,0 +1,116 @@ +/* + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + +#ifdef KRB5 +#include +#endif + +#include + +#include "camellia-ntt.h" +#include "camellia.h" + +#include + +int +CAMELLIA_set_key(const unsigned char *userkey, + const int bits, CAMELLIA_KEY *key) +{ + key->bits = bits; + Camellia_Ekeygen(bits, userkey, key->key); + return 1; +} + +void +CAMELLIA_encrypt(const unsigned char *in, unsigned char *out, + const CAMELLIA_KEY *key) +{ + Camellia_EncryptBlock(key->bits, in, key->key, out); + +} + +void +CAMELLIA_decrypt(const unsigned char *in, unsigned char *out, + const CAMELLIA_KEY *key) +{ + Camellia_DecryptBlock(key->bits, in, key->key, out); +} + +void +CAMELLIA_cbc_encrypt(const unsigned char *in, unsigned char *out, + unsigned long size, const CAMELLIA_KEY *key, + unsigned char *iv, int mode_encrypt) +{ + unsigned char tmp[CAMELLIA_BLOCK_SIZE]; + int i; + + if (mode_encrypt) { + while (size >= CAMELLIA_BLOCK_SIZE) { + for (i = 0; i < CAMELLIA_BLOCK_SIZE; i++) + tmp[i] = in[i] ^ iv[i]; + CAMELLIA_encrypt(tmp, out, key); + memcpy(iv, out, CAMELLIA_BLOCK_SIZE); + size -= CAMELLIA_BLOCK_SIZE; + in += CAMELLIA_BLOCK_SIZE; + out += CAMELLIA_BLOCK_SIZE; + } + if (size) { + for (i = 0; i < size; i++) + tmp[i] = in[i] ^ iv[i]; + for (i = size; i < CAMELLIA_BLOCK_SIZE; i++) + tmp[i] = iv[i]; + CAMELLIA_encrypt(tmp, out, key); + memcpy(iv, out, CAMELLIA_BLOCK_SIZE); + } + } else { + while (size >= CAMELLIA_BLOCK_SIZE) { + memcpy(tmp, in, CAMELLIA_BLOCK_SIZE); + CAMELLIA_decrypt(tmp, out, key); + for (i = 0; i < CAMELLIA_BLOCK_SIZE; i++) + out[i] ^= iv[i]; + memcpy(iv, tmp, CAMELLIA_BLOCK_SIZE); + size -= CAMELLIA_BLOCK_SIZE; + in += CAMELLIA_BLOCK_SIZE; + out += CAMELLIA_BLOCK_SIZE; + } + if (size) { + memcpy(tmp, in, CAMELLIA_BLOCK_SIZE); + CAMELLIA_decrypt(tmp, out, key); + for (i = 0; i < size; i++) + out[i] ^= iv[i]; + memcpy(iv, tmp, CAMELLIA_BLOCK_SIZE); + } + } +} diff --git a/lib/hcrypto/camellia.h b/lib/hcrypto/camellia.h new file mode 100644 index 000000000000..6661f3bf07ce --- /dev/null +++ b/lib/hcrypto/camellia.h @@ -0,0 +1,72 @@ +/* + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIM_CAMELLIA_H +#define HEIM_CAMELLIA_H 1 + +/* symbol renaming */ +#define CAMELLIA_set_key hc_CAMELLIA_set_encrypt_key +#define CAMELLIA_encrypt hc_CAMELLIA_encrypt +#define CAMELLIA_decrypt hc_CAMELLIA_decrypt +#define CAMELLIA_cbc_encrypt hc_CAMELLIA_cbc_encrypt + +/* + * + */ + +#define CAMELLIA_BLOCK_SIZE 16 +#define CAMELLIA_TABLE_BYTE_LEN 272 +#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4) + +#define CAMELLIA_ENCRYPT 1 +#define CAMELLIA_DECRYPT 0 + +typedef struct camellia_key { + unsigned int bits; + uint32_t key[CAMELLIA_TABLE_WORD_LEN]; +} CAMELLIA_KEY; + +int CAMELLIA_set_key(const unsigned char *, const int, CAMELLIA_KEY *); + +void CAMELLIA_encrypt(const unsigned char *, unsigned char *, + const CAMELLIA_KEY *); +void CAMELLIA_decrypt(const unsigned char *, unsigned char *, + const CAMELLIA_KEY *); + +void CAMELLIA_cbc_encrypt(const unsigned char *, unsigned char *, + unsigned long, const CAMELLIA_KEY *, + unsigned char *, int); + +#endif /* HEIM_CAMELLIA_H */ diff --git a/lib/hcrypto/common.c b/lib/hcrypto/common.c new file mode 100644 index 000000000000..136bf1db101f --- /dev/null +++ b/lib/hcrypto/common.c @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include + +#include +#include + +#include +#include +#include + + +#include "common.h" + +int +_hc_BN_to_integer(BIGNUM *bn, heim_integer *integer) +{ + integer->length = BN_num_bytes(bn); + integer->data = malloc(integer->length); + if (integer->data == NULL) + return ENOMEM; + BN_bn2bin(bn, integer->data); + integer->negative = BN_is_negative(bn); + return 0; +} + +BIGNUM * +_hc_integer_to_BN(const heim_integer *i, BIGNUM *bn) +{ + bn = BN_bin2bn(i->data, i->length, bn); + if (bn) + BN_set_negative(bn, i->negative); + return bn; +} diff --git a/lib/hcrypto/common.h b/lib/hcrypto/common.h new file mode 100644 index 000000000000..f78f5444018f --- /dev/null +++ b/lib/hcrypto/common.h @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef HCRYPTO_COMMON_H +#define HCRYPTO_COMMON_H 1 + +int +_hc_BN_to_integer(BIGNUM *, heim_integer *); + +BIGNUM * +_hc_integer_to_BN(const heim_integer *i, BIGNUM *bn); + +#endif /* HCRYPTO_COMMON_H */ diff --git a/lib/hcrypto/des-tables.h b/lib/hcrypto/des-tables.h new file mode 100644 index 000000000000..95f371174756 --- /dev/null +++ b/lib/hcrypto/des-tables.h @@ -0,0 +1,196 @@ +/* GENERATE FILE from gen-des.pl, do not edit */ + +/* pc1_c_3 bit pattern 5 13 21 */ +static int pc1_c_3[8] = { + 0x00000000, 0x00000010, 0x00001000, 0x00001010, + 0x00100000, 0x00100010, 0x00101000, 0x00101010 +}; +/* pc1_c_4 bit pattern 1 9 17 25 */ +static int pc1_c_4[16] = { + 0x00000000, 0x00000001, 0x00000100, 0x00000101, + 0x00010000, 0x00010001, 0x00010100, 0x00010101, + 0x01000000, 0x01000001, 0x01000100, 0x01000101, + 0x01010000, 0x01010001, 0x01010100, 0x01010101 +}; +/* pc1_d_3 bit pattern 49 41 33 */ +static int pc1_d_3[8] = { + 0x00000000, 0x01000000, 0x00010000, 0x01010000, + 0x00000100, 0x01000100, 0x00010100, 0x01010100 +}; +/* pc1_d_4 bit pattern 57 53 45 37 */ +static int pc1_d_4[16] = { + 0x00000000, 0x00100000, 0x00001000, 0x00101000, + 0x00000010, 0x00100010, 0x00001010, 0x00101010, + 0x00000001, 0x00100001, 0x00001001, 0x00101001, + 0x00000011, 0x00100011, 0x00001011, 0x00101011 +}; +/* pc2_c_1 bit pattern 5 24 7 16 6 10 */ +static int pc2_c_1[64] = { + 0x00000000, 0x00004000, 0x00040000, 0x00044000, + 0x00000100, 0x00004100, 0x00040100, 0x00044100, + 0x00020000, 0x00024000, 0x00060000, 0x00064000, + 0x00020100, 0x00024100, 0x00060100, 0x00064100, + 0x00000001, 0x00004001, 0x00040001, 0x00044001, + 0x00000101, 0x00004101, 0x00040101, 0x00044101, + 0x00020001, 0x00024001, 0x00060001, 0x00064001, + 0x00020101, 0x00024101, 0x00060101, 0x00064101, + 0x00080000, 0x00084000, 0x000c0000, 0x000c4000, + 0x00080100, 0x00084100, 0x000c0100, 0x000c4100, + 0x000a0000, 0x000a4000, 0x000e0000, 0x000e4000, + 0x000a0100, 0x000a4100, 0x000e0100, 0x000e4100, + 0x00080001, 0x00084001, 0x000c0001, 0x000c4001, + 0x00080101, 0x00084101, 0x000c0101, 0x000c4101, + 0x000a0001, 0x000a4001, 0x000e0001, 0x000e4001, + 0x000a0101, 0x000a4101, 0x000e0101, 0x000e4101 +}; +/* pc2_c_2 bit pattern 20 18 12 3 15 23 */ +static int pc2_c_2[64] = { + 0x00000000, 0x00000002, 0x00000200, 0x00000202, + 0x00200000, 0x00200002, 0x00200200, 0x00200202, + 0x00001000, 0x00001002, 0x00001200, 0x00001202, + 0x00201000, 0x00201002, 0x00201200, 0x00201202, + 0x00000040, 0x00000042, 0x00000240, 0x00000242, + 0x00200040, 0x00200042, 0x00200240, 0x00200242, + 0x00001040, 0x00001042, 0x00001240, 0x00001242, + 0x00201040, 0x00201042, 0x00201240, 0x00201242, + 0x00000010, 0x00000012, 0x00000210, 0x00000212, + 0x00200010, 0x00200012, 0x00200210, 0x00200212, + 0x00001010, 0x00001012, 0x00001210, 0x00001212, + 0x00201010, 0x00201012, 0x00201210, 0x00201212, + 0x00000050, 0x00000052, 0x00000250, 0x00000252, + 0x00200050, 0x00200052, 0x00200250, 0x00200252, + 0x00001050, 0x00001052, 0x00001250, 0x00001252, + 0x00201050, 0x00201052, 0x00201250, 0x00201252 +}; +/* pc2_c_3 bit pattern 1 9 19 2 14 22 */ +static int pc2_c_3[64] = { + 0x00000000, 0x00000004, 0x00000400, 0x00000404, + 0x00400000, 0x00400004, 0x00400400, 0x00400404, + 0x00000020, 0x00000024, 0x00000420, 0x00000424, + 0x00400020, 0x00400024, 0x00400420, 0x00400424, + 0x00008000, 0x00008004, 0x00008400, 0x00008404, + 0x00408000, 0x00408004, 0x00408400, 0x00408404, + 0x00008020, 0x00008024, 0x00008420, 0x00008424, + 0x00408020, 0x00408024, 0x00408420, 0x00408424, + 0x00800000, 0x00800004, 0x00800400, 0x00800404, + 0x00c00000, 0x00c00004, 0x00c00400, 0x00c00404, + 0x00800020, 0x00800024, 0x00800420, 0x00800424, + 0x00c00020, 0x00c00024, 0x00c00420, 0x00c00424, + 0x00808000, 0x00808004, 0x00808400, 0x00808404, + 0x00c08000, 0x00c08004, 0x00c08400, 0x00c08404, + 0x00808020, 0x00808024, 0x00808420, 0x00808424, + 0x00c08020, 0x00c08024, 0x00c08420, 0x00c08424 +}; +/* pc2_c_4 bit pattern 11 13 4 17 21 8 */ +static int pc2_c_4[64] = { + 0x00000000, 0x00010000, 0x00000008, 0x00010008, + 0x00000080, 0x00010080, 0x00000088, 0x00010088, + 0x00100000, 0x00110000, 0x00100008, 0x00110008, + 0x00100080, 0x00110080, 0x00100088, 0x00110088, + 0x00000800, 0x00010800, 0x00000808, 0x00010808, + 0x00000880, 0x00010880, 0x00000888, 0x00010888, + 0x00100800, 0x00110800, 0x00100808, 0x00110808, + 0x00100880, 0x00110880, 0x00100888, 0x00110888, + 0x00002000, 0x00012000, 0x00002008, 0x00012008, + 0x00002080, 0x00012080, 0x00002088, 0x00012088, + 0x00102000, 0x00112000, 0x00102008, 0x00112008, + 0x00102080, 0x00112080, 0x00102088, 0x00112088, + 0x00002800, 0x00012800, 0x00002808, 0x00012808, + 0x00002880, 0x00012880, 0x00002888, 0x00012888, + 0x00102800, 0x00112800, 0x00102808, 0x00112808, + 0x00102880, 0x00112880, 0x00102888, 0x00112888 +}; +/* pc2_d_1 bit pattern 51 35 31 52 39 45 */ +static int pc2_d_1[64] = { + 0x00000000, 0x00000080, 0x00002000, 0x00002080, + 0x00000001, 0x00000081, 0x00002001, 0x00002081, + 0x00200000, 0x00200080, 0x00202000, 0x00202080, + 0x00200001, 0x00200081, 0x00202001, 0x00202081, + 0x00020000, 0x00020080, 0x00022000, 0x00022080, + 0x00020001, 0x00020081, 0x00022001, 0x00022081, + 0x00220000, 0x00220080, 0x00222000, 0x00222080, + 0x00220001, 0x00220081, 0x00222001, 0x00222081, + 0x00000002, 0x00000082, 0x00002002, 0x00002082, + 0x00000003, 0x00000083, 0x00002003, 0x00002083, + 0x00200002, 0x00200082, 0x00202002, 0x00202082, + 0x00200003, 0x00200083, 0x00202003, 0x00202083, + 0x00020002, 0x00020082, 0x00022002, 0x00022082, + 0x00020003, 0x00020083, 0x00022003, 0x00022083, + 0x00220002, 0x00220082, 0x00222002, 0x00222082, + 0x00220003, 0x00220083, 0x00222003, 0x00222083 +}; +/* pc2_d_2 bit pattern 50 32 43 36 29 48 */ +static int pc2_d_2[64] = { + 0x00000000, 0x00000010, 0x00800000, 0x00800010, + 0x00010000, 0x00010010, 0x00810000, 0x00810010, + 0x00000200, 0x00000210, 0x00800200, 0x00800210, + 0x00010200, 0x00010210, 0x00810200, 0x00810210, + 0x00100000, 0x00100010, 0x00900000, 0x00900010, + 0x00110000, 0x00110010, 0x00910000, 0x00910010, + 0x00100200, 0x00100210, 0x00900200, 0x00900210, + 0x00110200, 0x00110210, 0x00910200, 0x00910210, + 0x00000004, 0x00000014, 0x00800004, 0x00800014, + 0x00010004, 0x00010014, 0x00810004, 0x00810014, + 0x00000204, 0x00000214, 0x00800204, 0x00800214, + 0x00010204, 0x00010214, 0x00810204, 0x00810214, + 0x00100004, 0x00100014, 0x00900004, 0x00900014, + 0x00110004, 0x00110014, 0x00910004, 0x00910014, + 0x00100204, 0x00100214, 0x00900204, 0x00900214, + 0x00110204, 0x00110214, 0x00910204, 0x00910214 +}; +/* pc2_d_3 bit pattern 41 38 47 33 40 42 */ +static int pc2_d_3[64] = { + 0x00000000, 0x00000400, 0x00001000, 0x00001400, + 0x00080000, 0x00080400, 0x00081000, 0x00081400, + 0x00000020, 0x00000420, 0x00001020, 0x00001420, + 0x00080020, 0x00080420, 0x00081020, 0x00081420, + 0x00004000, 0x00004400, 0x00005000, 0x00005400, + 0x00084000, 0x00084400, 0x00085000, 0x00085400, + 0x00004020, 0x00004420, 0x00005020, 0x00005420, + 0x00084020, 0x00084420, 0x00085020, 0x00085420, + 0x00000800, 0x00000c00, 0x00001800, 0x00001c00, + 0x00080800, 0x00080c00, 0x00081800, 0x00081c00, + 0x00000820, 0x00000c20, 0x00001820, 0x00001c20, + 0x00080820, 0x00080c20, 0x00081820, 0x00081c20, + 0x00004800, 0x00004c00, 0x00005800, 0x00005c00, + 0x00084800, 0x00084c00, 0x00085800, 0x00085c00, + 0x00004820, 0x00004c20, 0x00005820, 0x00005c20, + 0x00084820, 0x00084c20, 0x00085820, 0x00085c20 +}; +/* pc2_d_4 bit pattern 49 37 30 46 34 44 */ +static int pc2_d_4[64] = { + 0x00000000, 0x00000100, 0x00040000, 0x00040100, + 0x00000040, 0x00000140, 0x00040040, 0x00040140, + 0x00400000, 0x00400100, 0x00440000, 0x00440100, + 0x00400040, 0x00400140, 0x00440040, 0x00440140, + 0x00008000, 0x00008100, 0x00048000, 0x00048100, + 0x00008040, 0x00008140, 0x00048040, 0x00048140, + 0x00408000, 0x00408100, 0x00448000, 0x00448100, + 0x00408040, 0x00408140, 0x00448040, 0x00448140, + 0x00000008, 0x00000108, 0x00040008, 0x00040108, + 0x00000048, 0x00000148, 0x00040048, 0x00040148, + 0x00400008, 0x00400108, 0x00440008, 0x00440108, + 0x00400048, 0x00400148, 0x00440048, 0x00440148, + 0x00008008, 0x00008108, 0x00048008, 0x00048108, + 0x00008048, 0x00008148, 0x00048048, 0x00048148, + 0x00408008, 0x00408108, 0x00448008, 0x00448108, + 0x00408048, 0x00408148, 0x00448048, 0x00448148 +}; +static unsigned char odd_parity[256] = { + 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14, + 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31, + 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47, + 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62, + 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79, + 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94, + 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110, +112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127, +128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143, +145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158, +161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174, +176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191, +193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206, +208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223, +224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239, +241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254, + }; diff --git a/lib/hcrypto/des.c b/lib/hcrypto/des.c new file mode 100644 index 000000000000..2e3192bff8ad --- /dev/null +++ b/lib/hcrypto/des.c @@ -0,0 +1,1184 @@ +/* + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/** + * @page page_des DES - Data Encryption Standard crypto interface + * + * See the library functions here: @ref hcrypto_des + * + * DES was created by IBM, modififed by NSA and then adopted by NBS + * (now NIST) and published ad FIPS PUB 46 (updated by FIPS 46-1). + * + * Since the 19th May 2005 DES was withdrawn by NIST and should no + * longer be used. See @ref page_evp for replacement encryption + * algorithms and interfaces. + * + * Read more the iteresting history of DES on Wikipedia + * http://www.wikipedia.org/wiki/Data_Encryption_Standard . + * + * @section des_keygen DES key generation + * + * To generate a DES key safely you have to use the code-snippet + * below. This is because the DES_random_key() can fail with an + * abort() in case of and failure to start the random generator. + * + * There is a replacement function DES_new_random_key(), however that + * function does not exists in OpenSSL. + * + * @code + * DES_cblock key; + * do { + * if (RAND_rand(&key, sizeof(key)) != 1) + * goto failure; + * DES_set_odd_parity(key); + * } while (DES_is_weak_key(&key)); + * @endcode + * + * @section des_impl DES implementation history + * + * There was no complete BSD licensed, fast, GPL compatible + * implementation of DES, so Love wrote the part that was missing, + * fast key schedule setup and adapted the interface to the orignal + * libdes. + * + * The document that got me started for real was "Efficient + * Implementation of the Data Encryption Standard" by Dag Arne Osvik. + * I never got to the PC1 transformation was working, instead I used + * table-lookup was used for all key schedule setup. The document was + * very useful since it de-mystified other implementations for me. + * + * The core DES function (SBOX + P transformation) is from Richard + * Outerbridge public domain DES implementation. My sanity is saved + * thanks to his work. Thank you Richard. + */ + +#include + +#define HC_DEPRECATED + +#include +#include +#include +#include +#include + +#include + +#include "des.h" +#include "ui.h" + +static void desx(uint32_t [2], DES_key_schedule *, int); +static void IP(uint32_t [2]); +static void FP(uint32_t [2]); + +#include "des-tables.h" + +#define ROTATE_LEFT28(x,one) \ + if (one) { \ + x = ( ((x)<<(1)) & 0xffffffe) | ((x) >> 27); \ + } else { \ + x = ( ((x)<<(2)) & 0xffffffc) | ((x) >> 26); \ + } + +/** + * Set the parity of the key block, used to generate a des key from a + * random key. See @ref des_keygen. + * + * @param key key to fixup the parity for. + * @ingroup hcrypto_des + */ + +void +DES_set_odd_parity(DES_cblock *key) +{ + unsigned int i; + for (i = 0; i < DES_CBLOCK_LEN; i++) + (*key)[i] = odd_parity[(*key)[i]]; +} + +/** + * Check if the key have correct parity. + * + * @param key key to check the parity. + * @return 1 on success, 0 on failure. + * @ingroup hcrypto_des + */ + +int HC_DEPRECATED +DES_check_key_parity(DES_cblock *key) +{ + unsigned int i; + + for (i = 0; i < DES_CBLOCK_LEN; i++) + if ((*key)[i] != odd_parity[(*key)[i]]) + return 0; + return 1; +} + +/* + * + */ + +/* FIPS 74 */ +static DES_cblock weak_keys[] = { + {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, /* weak keys */ + {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE}, + {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E}, + {0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1}, + {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE}, /* semi-weak keys */ + {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01}, + {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1}, + {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E}, + {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1}, + {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01}, + {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE}, + {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E}, + {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E}, + {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01}, + {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE}, + {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1} +}; + +/** + * Checks if the key is any of the weaks keys that makes DES attacks + * trival. + * + * @param key key to check. + * + * @return 1 if the key is weak, 0 otherwise. + * @ingroup hcrypto_des + */ + +int +DES_is_weak_key(DES_cblock *key) +{ + int weak = 0; + int i; + + for (i = 0; i < sizeof(weak_keys)/sizeof(weak_keys[0]); i++) + weak ^= (ct_memcmp(weak_keys[i], key, DES_CBLOCK_LEN) == 0); + + return !!weak; +} + +/** + * Setup a des key schedule from a key. Deprecated function, use + * DES_set_key_unchecked() or DES_set_key_checked() instead. + * + * @param key a key to initialize the key schedule with. + * @param ks a key schedule to initialize. + * + * @return 0 on success + * @ingroup hcrypto_des + */ + +int HC_DEPRECATED +DES_set_key(DES_cblock *key, DES_key_schedule *ks) +{ + return DES_set_key_checked(key, ks); +} + +/** + * Setup a des key schedule from a key. The key is no longer needed + * after this transaction and can cleared. + * + * Does NOT check that the key is weak for or have wrong parity. + * + * @param key a key to initialize the key schedule with. + * @param ks a key schedule to initialize. + * + * @return 0 on success + * @ingroup hcrypto_des + */ + +int +DES_set_key_unchecked(DES_cblock *key, DES_key_schedule *ks) +{ + uint32_t t1, t2; + uint32_t c, d; + int shifts[16] = { 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1 }; + uint32_t *k = &ks->ks[0]; + int i; + + t1 = (*key)[0] << 24 | (*key)[1] << 16 | (*key)[2] << 8 | (*key)[3]; + t2 = (*key)[4] << 24 | (*key)[5] << 16 | (*key)[6] << 8 | (*key)[7]; + + c = (pc1_c_3[(t1 >> (5 )) & 0x7] << 3) + | (pc1_c_3[(t1 >> (5 + 8 )) & 0x7] << 2) + | (pc1_c_3[(t1 >> (5 + 8 + 8 )) & 0x7] << 1) + | (pc1_c_3[(t1 >> (5 + 8 + 8 + 8)) & 0x7] << 0) + | (pc1_c_4[(t2 >> (4 )) & 0xf] << 3) + | (pc1_c_4[(t2 >> (4 + 8 )) & 0xf] << 2) + | (pc1_c_4[(t2 >> (4 + 8 + 8 )) & 0xf] << 1) + | (pc1_c_4[(t2 >> (4 + 8 + 8 + 8)) & 0xf] << 0); + + + d = (pc1_d_3[(t2 >> (1 )) & 0x7] << 3) + | (pc1_d_3[(t2 >> (1 + 8 )) & 0x7] << 2) + | (pc1_d_3[(t2 >> (1 + 8 + 8 )) & 0x7] << 1) + | (pc1_d_3[(t2 >> (1 + 8 + 8 + 8)) & 0x7] << 0) + | (pc1_d_4[(t1 >> (1 )) & 0xf] << 3) + | (pc1_d_4[(t1 >> (1 + 8 )) & 0xf] << 2) + | (pc1_d_4[(t1 >> (1 + 8 + 8 )) & 0xf] << 1) + | (pc1_d_4[(t1 >> (1 + 8 + 8 + 8)) & 0xf] << 0); + + for (i = 0; i < 16; i++) { + uint32_t kc, kd; + + ROTATE_LEFT28(c, shifts[i]); + ROTATE_LEFT28(d, shifts[i]); + + kc = pc2_c_1[(c >> 22) & 0x3f] | + pc2_c_2[((c >> 16) & 0x30) | ((c >> 15) & 0xf)] | + pc2_c_3[((c >> 9 ) & 0x3c) | ((c >> 8 ) & 0x3)] | + pc2_c_4[((c >> 2 ) & 0x20) | ((c >> 1) & 0x18) | (c & 0x7)]; + kd = pc2_d_1[(d >> 22) & 0x3f] | + pc2_d_2[((d >> 15) & 0x30) | ((d >> 14) & 0xf)] | + pc2_d_3[ (d >> 7 ) & 0x3f] | + pc2_d_4[((d >> 1 ) & 0x3c) | ((d ) & 0x3)]; + + /* Change to byte order used by the S boxes */ + *k = (kc & 0x00fc0000L) << 6; + *k |= (kc & 0x00000fc0L) << 10; + *k |= (kd & 0x00fc0000L) >> 10; + *k++ |= (kd & 0x00000fc0L) >> 6; + *k = (kc & 0x0003f000L) << 12; + *k |= (kc & 0x0000003fL) << 16; + *k |= (kd & 0x0003f000L) >> 4; + *k++ |= (kd & 0x0000003fL); + } + + return 0; +} + +/** + * Just like DES_set_key_unchecked() except checking that the key is + * not weak for or have correct parity. + * + * @param key a key to initialize the key schedule with. + * @param ks a key schedule to initialize. + * + * @return 0 on success, -1 on invalid parity, -2 on weak key. + * @ingroup hcrypto_des + */ + +int +DES_set_key_checked(DES_cblock *key, DES_key_schedule *ks) +{ + if (!DES_check_key_parity(key)) { + memset(ks, 0, sizeof(*ks)); + return -1; + } + if (DES_is_weak_key(key)) { + memset(ks, 0, sizeof(*ks)); + return -2; + } + return DES_set_key_unchecked(key, ks); +} + +/** + * Compatibility function for eay libdes, works just like + * DES_set_key_checked(). + * + * @param key a key to initialize the key schedule with. + * @param ks a key schedule to initialize. + * + * @return 0 on success, -1 on invalid parity, -2 on weak key. + * @ingroup hcrypto_des + */ + +int +DES_key_sched(DES_cblock *key, DES_key_schedule *ks) +{ + return DES_set_key_checked(key, ks); +} + +/* + * + */ + +static void +load(const unsigned char *b, uint32_t v[2]) +{ + v[0] = b[0] << 24; + v[0] |= b[1] << 16; + v[0] |= b[2] << 8; + v[0] |= b[3] << 0; + v[1] = b[4] << 24; + v[1] |= b[5] << 16; + v[1] |= b[6] << 8; + v[1] |= b[7] << 0; +} + +static void +store(const uint32_t v[2], unsigned char *b) +{ + b[0] = (v[0] >> 24) & 0xff; + b[1] = (v[0] >> 16) & 0xff; + b[2] = (v[0] >> 8) & 0xff; + b[3] = (v[0] >> 0) & 0xff; + b[4] = (v[1] >> 24) & 0xff; + b[5] = (v[1] >> 16) & 0xff; + b[6] = (v[1] >> 8) & 0xff; + b[7] = (v[1] >> 0) & 0xff; +} + +/** + * Encrypt/decrypt a block using DES. Also called ECB mode + * + * @param u data to encrypt + * @param ks key schedule to use + * @param encp if non zero, encrypt. if zero, decrypt. + * + * @ingroup hcrypto_des + */ + +void +DES_encrypt(uint32_t u[2], DES_key_schedule *ks, int encp) +{ + IP(u); + desx(u, ks, encp); + FP(u); +} + +/** + * Encrypt/decrypt a block using DES. + * + * @param input data to encrypt + * @param output data to encrypt + * @param ks key schedule to use + * @param encp if non zero, encrypt. if zero, decrypt. + * + * @ingroup hcrypto_des + */ + +void +DES_ecb_encrypt(DES_cblock *input, DES_cblock *output, + DES_key_schedule *ks, int encp) +{ + uint32_t u[2]; + load(*input, u); + DES_encrypt(u, ks, encp); + store(u, *output); +} + +/** + * Encrypt/decrypt a block using DES in Chain Block Cipher mode (cbc). + * + * The IV must always be diffrent for diffrent input data blocks. + * + * @param in data to encrypt + * @param out data to encrypt + * @param length length of data + * @param ks key schedule to use + * @param iv initial vector to use + * @param encp if non zero, encrypt. if zero, decrypt. + * + * @ingroup hcrypto_des + */ + +void +DES_cbc_encrypt(const void *in, void *out, long length, + DES_key_schedule *ks, DES_cblock *iv, int encp) +{ + const unsigned char *input = in; + unsigned char *output = out; + uint32_t u[2]; + uint32_t uiv[2]; + + load(*iv, uiv); + + if (encp) { + while (length >= DES_CBLOCK_LEN) { + load(input, u); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + DES_encrypt(u, ks, 1); + uiv[0] = u[0]; uiv[1] = u[1]; + store(u, output); + + length -= DES_CBLOCK_LEN; + input += DES_CBLOCK_LEN; + output += DES_CBLOCK_LEN; + } + if (length) { + unsigned char tmp[DES_CBLOCK_LEN]; + memcpy(tmp, input, length); + memset(tmp + length, 0, DES_CBLOCK_LEN - length); + load(tmp, u); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + DES_encrypt(u, ks, 1); + store(u, output); + } + } else { + uint32_t t[2]; + while (length >= DES_CBLOCK_LEN) { + load(input, u); + t[0] = u[0]; t[1] = u[1]; + DES_encrypt(u, ks, 0); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + store(u, output); + uiv[0] = t[0]; uiv[1] = t[1]; + + length -= DES_CBLOCK_LEN; + input += DES_CBLOCK_LEN; + output += DES_CBLOCK_LEN; + } + if (length) { + unsigned char tmp[DES_CBLOCK_LEN]; + memcpy(tmp, input, length); + memset(tmp + length, 0, DES_CBLOCK_LEN - length); + load(tmp, u); + DES_encrypt(u, ks, 0); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + store(u, output); + } + } + uiv[0] = 0; u[0] = 0; uiv[1] = 0; u[1] = 0; +} + +/** + * Encrypt/decrypt a block using DES in Propagating Cipher Block + * Chaining mode. This mode is only used for Kerberos 4, and it should + * stay that way. + * + * The IV must always be diffrent for diffrent input data blocks. + * + * @param in data to encrypt + * @param out data to encrypt + * @param length length of data + * @param ks key schedule to use + * @param iv initial vector to use + * @param encp if non zero, encrypt. if zero, decrypt. + * + * @ingroup hcrypto_des + */ + +void +DES_pcbc_encrypt(const void *in, void *out, long length, + DES_key_schedule *ks, DES_cblock *iv, int encp) +{ + const unsigned char *input = in; + unsigned char *output = out; + uint32_t u[2]; + uint32_t uiv[2]; + + load(*iv, uiv); + + if (encp) { + uint32_t t[2]; + while (length >= DES_CBLOCK_LEN) { + load(input, u); + t[0] = u[0]; t[1] = u[1]; + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + DES_encrypt(u, ks, 1); + uiv[0] = u[0] ^ t[0]; uiv[1] = u[1] ^ t[1]; + store(u, output); + + length -= DES_CBLOCK_LEN; + input += DES_CBLOCK_LEN; + output += DES_CBLOCK_LEN; + } + if (length) { + unsigned char tmp[DES_CBLOCK_LEN]; + memcpy(tmp, input, length); + memset(tmp + length, 0, DES_CBLOCK_LEN - length); + load(tmp, u); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + DES_encrypt(u, ks, 1); + store(u, output); + } + } else { + uint32_t t[2]; + while (length >= DES_CBLOCK_LEN) { + load(input, u); + t[0] = u[0]; t[1] = u[1]; + DES_encrypt(u, ks, 0); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + store(u, output); + uiv[0] = t[0] ^ u[0]; uiv[1] = t[1] ^ u[1]; + + length -= DES_CBLOCK_LEN; + input += DES_CBLOCK_LEN; + output += DES_CBLOCK_LEN; + } + if (length) { + unsigned char tmp[DES_CBLOCK_LEN]; + memcpy(tmp, input, length); + memset(tmp + length, 0, DES_CBLOCK_LEN - length); + load(tmp, u); + DES_encrypt(u, ks, 0); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + } + } + uiv[0] = 0; u[0] = 0; uiv[1] = 0; u[1] = 0; +} + +/* + * + */ + +static void +_des3_encrypt(uint32_t u[2], DES_key_schedule *ks1, DES_key_schedule *ks2, + DES_key_schedule *ks3, int encp) +{ + IP(u); + if (encp) { + desx(u, ks1, 1); /* IP + FP cancel out each other */ + desx(u, ks2, 0); + desx(u, ks3, 1); + } else { + desx(u, ks3, 0); + desx(u, ks2, 1); + desx(u, ks1, 0); + } + FP(u); +} + +/** + * Encrypt/decrypt a block using triple DES using EDE mode, + * encrypt/decrypt/encrypt. + * + * @param input data to encrypt + * @param output data to encrypt + * @param ks1 key schedule to use + * @param ks2 key schedule to use + * @param ks3 key schedule to use + * @param encp if non zero, encrypt. if zero, decrypt. + * + * @ingroup hcrypto_des + */ + +void +DES_ecb3_encrypt(DES_cblock *input, + DES_cblock *output, + DES_key_schedule *ks1, + DES_key_schedule *ks2, + DES_key_schedule *ks3, + int encp) +{ + uint32_t u[2]; + load(*input, u); + _des3_encrypt(u, ks1, ks2, ks3, encp); + store(u, *output); + return; +} + +/** + * Encrypt/decrypt using Triple DES in Chain Block Cipher mode (cbc). + * + * The IV must always be diffrent for diffrent input data blocks. + * + * @param in data to encrypt + * @param out data to encrypt + * @param length length of data + * @param ks1 key schedule to use + * @param ks2 key schedule to use + * @param ks3 key schedule to use + * @param iv initial vector to use + * @param encp if non zero, encrypt. if zero, decrypt. + * + * @ingroup hcrypto_des + */ + +void +DES_ede3_cbc_encrypt(const void *in, void *out, + long length, DES_key_schedule *ks1, + DES_key_schedule *ks2, DES_key_schedule *ks3, + DES_cblock *iv, int encp) +{ + const unsigned char *input = in; + unsigned char *output = out; + uint32_t u[2]; + uint32_t uiv[2]; + + load(*iv, uiv); + + if (encp) { + while (length >= DES_CBLOCK_LEN) { + load(input, u); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + _des3_encrypt(u, ks1, ks2, ks3, 1); + uiv[0] = u[0]; uiv[1] = u[1]; + store(u, output); + + length -= DES_CBLOCK_LEN; + input += DES_CBLOCK_LEN; + output += DES_CBLOCK_LEN; + } + if (length) { + unsigned char tmp[DES_CBLOCK_LEN]; + memcpy(tmp, input, length); + memset(tmp + length, 0, DES_CBLOCK_LEN - length); + load(tmp, u); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + _des3_encrypt(u, ks1, ks2, ks3, 1); + store(u, output); + } + } else { + uint32_t t[2]; + while (length >= DES_CBLOCK_LEN) { + load(input, u); + t[0] = u[0]; t[1] = u[1]; + _des3_encrypt(u, ks1, ks2, ks3, 0); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + store(u, output); + uiv[0] = t[0]; uiv[1] = t[1]; + + length -= DES_CBLOCK_LEN; + input += DES_CBLOCK_LEN; + output += DES_CBLOCK_LEN; + } + if (length) { + unsigned char tmp[DES_CBLOCK_LEN]; + memcpy(tmp, input, length); + memset(tmp + length, 0, DES_CBLOCK_LEN - length); + load(tmp, u); + _des3_encrypt(u, ks1, ks2, ks3, 0); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + store(u, output); + } + } + store(uiv, *iv); + uiv[0] = 0; u[0] = 0; uiv[1] = 0; u[1] = 0; +} + +/** + * Encrypt/decrypt using DES in cipher feedback mode with 64 bit + * feedback. + * + * The IV must always be diffrent for diffrent input data blocks. + * + * @param in data to encrypt + * @param out data to encrypt + * @param length length of data + * @param ks key schedule to use + * @param iv initial vector to use + * @param num offset into in cipher block encryption/decryption stop last time. + * @param encp if non zero, encrypt. if zero, decrypt. + * + * @ingroup hcrypto_des + */ + +void +DES_cfb64_encrypt(const void *in, void *out, + long length, DES_key_schedule *ks, DES_cblock *iv, + int *num, int encp) +{ + const unsigned char *input = in; + unsigned char *output = out; + unsigned char tmp[DES_CBLOCK_LEN]; + uint32_t uiv[2]; + + load(*iv, uiv); + + assert(*num >= 0 && *num < DES_CBLOCK_LEN); + + if (encp) { + int i = *num; + + while (length > 0) { + if (i == 0) + DES_encrypt(uiv, ks, 1); + store(uiv, tmp); + for (; i < DES_CBLOCK_LEN && i < length; i++) { + output[i] = tmp[i] ^ input[i]; + } + if (i == DES_CBLOCK_LEN) + load(output, uiv); + output += i; + input += i; + length -= i; + if (i == DES_CBLOCK_LEN) + i = 0; + } + store(uiv, *iv); + *num = i; + } else { + int i = *num; + unsigned char c; + + while (length > 0) { + if (i == 0) { + DES_encrypt(uiv, ks, 1); + store(uiv, tmp); + } + for (; i < DES_CBLOCK_LEN && i < length; i++) { + c = input[i]; + output[i] = tmp[i] ^ input[i]; + (*iv)[i] = c; + } + output += i; + input += i; + length -= i; + if (i == DES_CBLOCK_LEN) { + i = 0; + load(*iv, uiv); + } + } + store(uiv, *iv); + *num = i; + } +} + +/** + * Crete a checksum using DES in CBC encryption mode. This mode is + * only used for Kerberos 4, and it should stay that way. + * + * The IV must always be diffrent for diffrent input data blocks. + * + * @param in data to checksum + * @param output the checksum + * @param length length of data + * @param ks key schedule to use + * @param iv initial vector to use + * + * @ingroup hcrypto_des + */ + +uint32_t +DES_cbc_cksum(const void *in, DES_cblock *output, + long length, DES_key_schedule *ks, DES_cblock *iv) +{ + const unsigned char *input = in; + uint32_t uiv[2]; + uint32_t u[2] = { 0, 0 }; + + load(*iv, uiv); + + while (length >= DES_CBLOCK_LEN) { + load(input, u); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + DES_encrypt(u, ks, 1); + uiv[0] = u[0]; uiv[1] = u[1]; + + length -= DES_CBLOCK_LEN; + input += DES_CBLOCK_LEN; + } + if (length) { + unsigned char tmp[DES_CBLOCK_LEN]; + memcpy(tmp, input, length); + memset(tmp + length, 0, DES_CBLOCK_LEN - length); + load(tmp, u); + u[0] ^= uiv[0]; u[1] ^= uiv[1]; + DES_encrypt(u, ks, 1); + } + if (output) + store(u, *output); + + uiv[0] = 0; u[0] = 0; uiv[1] = 0; + return u[1]; +} + +/* + * + */ + +static unsigned char +bitswap8(unsigned char b) +{ + unsigned char r = 0; + int i; + for (i = 0; i < 8; i++) { + r = r << 1 | (b & 1); + b = b >> 1; + } + return r; +} + +/** + * Convert a string to a DES key. Use something like + * PKCS5_PBKDF2_HMAC_SHA1() to create key from passwords. + * + * @param str The string to convert to a key + * @param key the resulting key + * + * @ingroup hcrypto_des + */ + +void +DES_string_to_key(const char *str, DES_cblock *key) +{ + const unsigned char *s; + unsigned char *k; + DES_key_schedule ks; + size_t i, len; + + memset(key, 0, sizeof(*key)); + k = *key; + s = (const unsigned char *)str; + + len = strlen(str); + for (i = 0; i < len; i++) { + if ((i % 16) < 8) + k[i % 8] ^= s[i] << 1; + else + k[7 - (i % 8)] ^= bitswap8(s[i]); + } + DES_set_odd_parity(key); + if (DES_is_weak_key(key)) + k[7] ^= 0xF0; + DES_set_key(key, &ks); + DES_cbc_cksum(s, key, len, &ks, key); + memset(&ks, 0, sizeof(ks)); + DES_set_odd_parity(key); + if (DES_is_weak_key(key)) + k[7] ^= 0xF0; +} + +/** + * Read password from prompt and create a DES key. Internal uses + * DES_string_to_key(). Really, go use a really string2key function + * like PKCS5_PBKDF2_HMAC_SHA1(). + * + * @param key key to convert to + * @param prompt prompt to display user + * @param verify prompt twice. + * + * @return 1 on success, non 1 on failure. + */ + +int +DES_read_password(DES_cblock *key, char *prompt, int verify) +{ + char buf[512]; + int ret; + + ret = UI_UTIL_read_pw_string(buf, sizeof(buf) - 1, prompt, verify); + if (ret == 1) + DES_string_to_key(buf, key); + return ret; +} + +/* + * + */ + + +void +_DES_ipfp_test(void) +{ + DES_cblock k = "\x01\x02\x04\x08\x10\x20\x40\x80", k2; + uint32_t u[2] = { 1, 0 }; + IP(u); + FP(u); + IP(u); + FP(u); + if (u[0] != 1 || u[1] != 0) + abort(); + + load(k, u); + store(u, k2); + if (memcmp(k, k2, 8) != 0) + abort(); +} + +/* D3DES (V5.09) - + * + * A portable, public domain, version of the Data Encryption Standard. + * + * Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge. + * Thanks to: Dan Hoey for his excellent Initial and Inverse permutation + * code; Jim Gillogly & Phil Karn for the DES key schedule code; Dennis + * Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau, + * for humouring me on. + * + * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge. + * (GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992. + */ + +static uint32_t SP1[64] = { + 0x01010400L, 0x00000000L, 0x00010000L, 0x01010404L, + 0x01010004L, 0x00010404L, 0x00000004L, 0x00010000L, + 0x00000400L, 0x01010400L, 0x01010404L, 0x00000400L, + 0x01000404L, 0x01010004L, 0x01000000L, 0x00000004L, + 0x00000404L, 0x01000400L, 0x01000400L, 0x00010400L, + 0x00010400L, 0x01010000L, 0x01010000L, 0x01000404L, + 0x00010004L, 0x01000004L, 0x01000004L, 0x00010004L, + 0x00000000L, 0x00000404L, 0x00010404L, 0x01000000L, + 0x00010000L, 0x01010404L, 0x00000004L, 0x01010000L, + 0x01010400L, 0x01000000L, 0x01000000L, 0x00000400L, + 0x01010004L, 0x00010000L, 0x00010400L, 0x01000004L, + 0x00000400L, 0x00000004L, 0x01000404L, 0x00010404L, + 0x01010404L, 0x00010004L, 0x01010000L, 0x01000404L, + 0x01000004L, 0x00000404L, 0x00010404L, 0x01010400L, + 0x00000404L, 0x01000400L, 0x01000400L, 0x00000000L, + 0x00010004L, 0x00010400L, 0x00000000L, 0x01010004L }; + +static uint32_t SP2[64] = { + 0x80108020L, 0x80008000L, 0x00008000L, 0x00108020L, + 0x00100000L, 0x00000020L, 0x80100020L, 0x80008020L, + 0x80000020L, 0x80108020L, 0x80108000L, 0x80000000L, + 0x80008000L, 0x00100000L, 0x00000020L, 0x80100020L, + 0x00108000L, 0x00100020L, 0x80008020L, 0x00000000L, + 0x80000000L, 0x00008000L, 0x00108020L, 0x80100000L, + 0x00100020L, 0x80000020L, 0x00000000L, 0x00108000L, + 0x00008020L, 0x80108000L, 0x80100000L, 0x00008020L, + 0x00000000L, 0x00108020L, 0x80100020L, 0x00100000L, + 0x80008020L, 0x80100000L, 0x80108000L, 0x00008000L, + 0x80100000L, 0x80008000L, 0x00000020L, 0x80108020L, + 0x00108020L, 0x00000020L, 0x00008000L, 0x80000000L, + 0x00008020L, 0x80108000L, 0x00100000L, 0x80000020L, + 0x00100020L, 0x80008020L, 0x80000020L, 0x00100020L, + 0x00108000L, 0x00000000L, 0x80008000L, 0x00008020L, + 0x80000000L, 0x80100020L, 0x80108020L, 0x00108000L }; + +static uint32_t SP3[64] = { + 0x00000208L, 0x08020200L, 0x00000000L, 0x08020008L, + 0x08000200L, 0x00000000L, 0x00020208L, 0x08000200L, + 0x00020008L, 0x08000008L, 0x08000008L, 0x00020000L, + 0x08020208L, 0x00020008L, 0x08020000L, 0x00000208L, + 0x08000000L, 0x00000008L, 0x08020200L, 0x00000200L, + 0x00020200L, 0x08020000L, 0x08020008L, 0x00020208L, + 0x08000208L, 0x00020200L, 0x00020000L, 0x08000208L, + 0x00000008L, 0x08020208L, 0x00000200L, 0x08000000L, + 0x08020200L, 0x08000000L, 0x00020008L, 0x00000208L, + 0x00020000L, 0x08020200L, 0x08000200L, 0x00000000L, + 0x00000200L, 0x00020008L, 0x08020208L, 0x08000200L, + 0x08000008L, 0x00000200L, 0x00000000L, 0x08020008L, + 0x08000208L, 0x00020000L, 0x08000000L, 0x08020208L, + 0x00000008L, 0x00020208L, 0x00020200L, 0x08000008L, + 0x08020000L, 0x08000208L, 0x00000208L, 0x08020000L, + 0x00020208L, 0x00000008L, 0x08020008L, 0x00020200L }; + +static uint32_t SP4[64] = { + 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L, + 0x00802080L, 0x00800081L, 0x00800001L, 0x00002001L, + 0x00000000L, 0x00802000L, 0x00802000L, 0x00802081L, + 0x00000081L, 0x00000000L, 0x00800080L, 0x00800001L, + 0x00000001L, 0x00002000L, 0x00800000L, 0x00802001L, + 0x00000080L, 0x00800000L, 0x00002001L, 0x00002080L, + 0x00800081L, 0x00000001L, 0x00002080L, 0x00800080L, + 0x00002000L, 0x00802080L, 0x00802081L, 0x00000081L, + 0x00800080L, 0x00800001L, 0x00802000L, 0x00802081L, + 0x00000081L, 0x00000000L, 0x00000000L, 0x00802000L, + 0x00002080L, 0x00800080L, 0x00800081L, 0x00000001L, + 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L, + 0x00802081L, 0x00000081L, 0x00000001L, 0x00002000L, + 0x00800001L, 0x00002001L, 0x00802080L, 0x00800081L, + 0x00002001L, 0x00002080L, 0x00800000L, 0x00802001L, + 0x00000080L, 0x00800000L, 0x00002000L, 0x00802080L }; + +static uint32_t SP5[64] = { + 0x00000100L, 0x02080100L, 0x02080000L, 0x42000100L, + 0x00080000L, 0x00000100L, 0x40000000L, 0x02080000L, + 0x40080100L, 0x00080000L, 0x02000100L, 0x40080100L, + 0x42000100L, 0x42080000L, 0x00080100L, 0x40000000L, + 0x02000000L, 0x40080000L, 0x40080000L, 0x00000000L, + 0x40000100L, 0x42080100L, 0x42080100L, 0x02000100L, + 0x42080000L, 0x40000100L, 0x00000000L, 0x42000000L, + 0x02080100L, 0x02000000L, 0x42000000L, 0x00080100L, + 0x00080000L, 0x42000100L, 0x00000100L, 0x02000000L, + 0x40000000L, 0x02080000L, 0x42000100L, 0x40080100L, + 0x02000100L, 0x40000000L, 0x42080000L, 0x02080100L, + 0x40080100L, 0x00000100L, 0x02000000L, 0x42080000L, + 0x42080100L, 0x00080100L, 0x42000000L, 0x42080100L, + 0x02080000L, 0x00000000L, 0x40080000L, 0x42000000L, + 0x00080100L, 0x02000100L, 0x40000100L, 0x00080000L, + 0x00000000L, 0x40080000L, 0x02080100L, 0x40000100L }; + +static uint32_t SP6[64] = { + 0x20000010L, 0x20400000L, 0x00004000L, 0x20404010L, + 0x20400000L, 0x00000010L, 0x20404010L, 0x00400000L, + 0x20004000L, 0x00404010L, 0x00400000L, 0x20000010L, + 0x00400010L, 0x20004000L, 0x20000000L, 0x00004010L, + 0x00000000L, 0x00400010L, 0x20004010L, 0x00004000L, + 0x00404000L, 0x20004010L, 0x00000010L, 0x20400010L, + 0x20400010L, 0x00000000L, 0x00404010L, 0x20404000L, + 0x00004010L, 0x00404000L, 0x20404000L, 0x20000000L, + 0x20004000L, 0x00000010L, 0x20400010L, 0x00404000L, + 0x20404010L, 0x00400000L, 0x00004010L, 0x20000010L, + 0x00400000L, 0x20004000L, 0x20000000L, 0x00004010L, + 0x20000010L, 0x20404010L, 0x00404000L, 0x20400000L, + 0x00404010L, 0x20404000L, 0x00000000L, 0x20400010L, + 0x00000010L, 0x00004000L, 0x20400000L, 0x00404010L, + 0x00004000L, 0x00400010L, 0x20004010L, 0x00000000L, + 0x20404000L, 0x20000000L, 0x00400010L, 0x20004010L }; + +static uint32_t SP7[64] = { + 0x00200000L, 0x04200002L, 0x04000802L, 0x00000000L, + 0x00000800L, 0x04000802L, 0x00200802L, 0x04200800L, + 0x04200802L, 0x00200000L, 0x00000000L, 0x04000002L, + 0x00000002L, 0x04000000L, 0x04200002L, 0x00000802L, + 0x04000800L, 0x00200802L, 0x00200002L, 0x04000800L, + 0x04000002L, 0x04200000L, 0x04200800L, 0x00200002L, + 0x04200000L, 0x00000800L, 0x00000802L, 0x04200802L, + 0x00200800L, 0x00000002L, 0x04000000L, 0x00200800L, + 0x04000000L, 0x00200800L, 0x00200000L, 0x04000802L, + 0x04000802L, 0x04200002L, 0x04200002L, 0x00000002L, + 0x00200002L, 0x04000000L, 0x04000800L, 0x00200000L, + 0x04200800L, 0x00000802L, 0x00200802L, 0x04200800L, + 0x00000802L, 0x04000002L, 0x04200802L, 0x04200000L, + 0x00200800L, 0x00000000L, 0x00000002L, 0x04200802L, + 0x00000000L, 0x00200802L, 0x04200000L, 0x00000800L, + 0x04000002L, 0x04000800L, 0x00000800L, 0x00200002L }; + +static uint32_t SP8[64] = { + 0x10001040L, 0x00001000L, 0x00040000L, 0x10041040L, + 0x10000000L, 0x10001040L, 0x00000040L, 0x10000000L, + 0x00040040L, 0x10040000L, 0x10041040L, 0x00041000L, + 0x10041000L, 0x00041040L, 0x00001000L, 0x00000040L, + 0x10040000L, 0x10000040L, 0x10001000L, 0x00001040L, + 0x00041000L, 0x00040040L, 0x10040040L, 0x10041000L, + 0x00001040L, 0x00000000L, 0x00000000L, 0x10040040L, + 0x10000040L, 0x10001000L, 0x00041040L, 0x00040000L, + 0x00041040L, 0x00040000L, 0x10041000L, 0x00001000L, + 0x00000040L, 0x10040040L, 0x00001000L, 0x00041040L, + 0x10001000L, 0x00000040L, 0x10000040L, 0x10040000L, + 0x10040040L, 0x10000000L, 0x00040000L, 0x10001040L, + 0x00000000L, 0x10041040L, 0x00040040L, 0x10000040L, + 0x10040000L, 0x10001000L, 0x10001040L, 0x00000000L, + 0x10041040L, 0x00041000L, 0x00041000L, 0x00001040L, + 0x00001040L, 0x00040040L, 0x10000000L, 0x10041000L }; + +static void +IP(uint32_t v[2]) +{ + uint32_t work; + + work = ((v[0] >> 4) ^ v[1]) & 0x0f0f0f0fL; + v[1] ^= work; + v[0] ^= (work << 4); + work = ((v[0] >> 16) ^ v[1]) & 0x0000ffffL; + v[1] ^= work; + v[0] ^= (work << 16); + work = ((v[1] >> 2) ^ v[0]) & 0x33333333L; + v[0] ^= work; + v[1] ^= (work << 2); + work = ((v[1] >> 8) ^ v[0]) & 0x00ff00ffL; + v[0] ^= work; + v[1] ^= (work << 8); + v[1] = ((v[1] << 1) | ((v[1] >> 31) & 1L)) & 0xffffffffL; + work = (v[0] ^ v[1]) & 0xaaaaaaaaL; + v[0] ^= work; + v[1] ^= work; + v[0] = ((v[0] << 1) | ((v[0] >> 31) & 1L)) & 0xffffffffL; +} + +static void +FP(uint32_t v[2]) +{ + uint32_t work; + + v[0] = (v[0] << 31) | (v[0] >> 1); + work = (v[1] ^ v[0]) & 0xaaaaaaaaL; + v[1] ^= work; + v[0] ^= work; + v[1] = (v[1] << 31) | (v[1] >> 1); + work = ((v[1] >> 8) ^ v[0]) & 0x00ff00ffL; + v[0] ^= work; + v[1] ^= (work << 8); + work = ((v[1] >> 2) ^ v[0]) & 0x33333333L; + v[0] ^= work; + v[1] ^= (work << 2); + work = ((v[0] >> 16) ^ v[1]) & 0x0000ffffL; + v[1] ^= work; + v[0] ^= (work << 16); + work = ((v[0] >> 4) ^ v[1]) & 0x0f0f0f0fL; + v[1] ^= work; + v[0] ^= (work << 4); +} + +static void +desx(uint32_t block[2], DES_key_schedule *ks, int encp) +{ + uint32_t *keys; + uint32_t fval, work, right, left; + int round; + + left = block[0]; + right = block[1]; + + if (encp) { + keys = &ks->ks[0]; + + for( round = 0; round < 8; round++ ) { + work = (right << 28) | (right >> 4); + work ^= *keys++; + fval = SP7[ work & 0x3fL]; + fval |= SP5[(work >> 8) & 0x3fL]; + fval |= SP3[(work >> 16) & 0x3fL]; + fval |= SP1[(work >> 24) & 0x3fL]; + work = right ^ *keys++; + fval |= SP8[ work & 0x3fL]; + fval |= SP6[(work >> 8) & 0x3fL]; + fval |= SP4[(work >> 16) & 0x3fL]; + fval |= SP2[(work >> 24) & 0x3fL]; + left ^= fval; + work = (left << 28) | (left >> 4); + work ^= *keys++; + fval = SP7[ work & 0x3fL]; + fval |= SP5[(work >> 8) & 0x3fL]; + fval |= SP3[(work >> 16) & 0x3fL]; + fval |= SP1[(work >> 24) & 0x3fL]; + work = left ^ *keys++; + fval |= SP8[ work & 0x3fL]; + fval |= SP6[(work >> 8) & 0x3fL]; + fval |= SP4[(work >> 16) & 0x3fL]; + fval |= SP2[(work >> 24) & 0x3fL]; + right ^= fval; + } + } else { + keys = &ks->ks[30]; + + for( round = 0; round < 8; round++ ) { + work = (right << 28) | (right >> 4); + work ^= *keys++; + fval = SP7[ work & 0x3fL]; + fval |= SP5[(work >> 8) & 0x3fL]; + fval |= SP3[(work >> 16) & 0x3fL]; + fval |= SP1[(work >> 24) & 0x3fL]; + work = right ^ *keys++; + fval |= SP8[ work & 0x3fL]; + fval |= SP6[(work >> 8) & 0x3fL]; + fval |= SP4[(work >> 16) & 0x3fL]; + fval |= SP2[(work >> 24) & 0x3fL]; + left ^= fval; + work = (left << 28) | (left >> 4); + keys -= 4; + work ^= *keys++; + fval = SP7[ work & 0x3fL]; + fval |= SP5[(work >> 8) & 0x3fL]; + fval |= SP3[(work >> 16) & 0x3fL]; + fval |= SP1[(work >> 24) & 0x3fL]; + work = left ^ *keys++; + fval |= SP8[ work & 0x3fL]; + fval |= SP6[(work >> 8) & 0x3fL]; + fval |= SP4[(work >> 16) & 0x3fL]; + fval |= SP2[(work >> 24) & 0x3fL]; + right ^= fval; + keys -= 4; + } + } + block[0] = right; + block[1] = left; +} diff --git a/lib/hcrypto/des.h b/lib/hcrypto/des.h new file mode 100644 index 000000000000..0824408c47fa --- /dev/null +++ b/lib/hcrypto/des.h @@ -0,0 +1,146 @@ +/* + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef _DESperate_H +#define _DESperate_H 1 + +/* symbol renaming */ +#define _DES_ipfp_test _hc_DES_ipfp_test +#define DES_cbc_cksum hc_DES_cbc_cksum +#define DES_cbc_encrypt hc_DES_cbc_encrypt +#define DES_cfb64_encrypt hc_DES_cfb64_encrypt +#define DES_check_key_parity hc_DES_check_key_parity +#define DES_ecb3_encrypt hc_DES_ecb3_encrypt +#define DES_ecb_encrypt hc_DES_ecb_encrypt +#define DES_ede3_cbc_encrypt hc_DES_ede3_cbc_encrypt +#define DES_encrypt hc_DES_encrypt +#define DES_generate_random_block hc_DES_generate_random_block +#define DES_init_random_number_generator hc_DES_init_random_number_generator +#define DES_is_weak_key hc_DES_is_weak_key +#define DES_key_sched hc_DES_key_sched +#define DES_new_random_key hc_DES_new_random_key +#define DES_pcbc_encrypt hc_DES_pcbc_encrypt +#define DES_rand_data hc_DES_rand_data +#define DES_random_key hc_DES_random_key +#define DES_read_password hc_DES_read_password +#define DES_set_key hc_DES_set_key +#define DES_set_key_checked hc_DES_set_key_checked +#define DES_set_key_unchecked hc_DES_set_key_unchecked +#define DES_set_key_sched hc_DES_set_key_sched +#define DES_set_odd_parity hc_DES_set_odd_parity +#define DES_set_random_generator_seed hc_DES_set_random_generator_seed +#define DES_set_sequence_number hc_DES_set_sequence_number +#define DES_string_to_key hc_DES_string_to_key + +/* + * + */ + +#define DES_CBLOCK_LEN 8 +#define DES_KEY_SZ 8 + +#define DES_ENCRYPT 1 +#define DES_DECRYPT 0 + +typedef unsigned char DES_cblock[DES_CBLOCK_LEN]; +typedef struct DES_key_schedule +{ + uint32_t ks[32]; +} DES_key_schedule; + +/* + * + */ + +#ifndef HC_DEPRECATED +#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) +#define HC_DEPRECATED __attribute__((deprecated)) +#elif defined(_MSC_VER) && (_MSC_VER>1200) +#define HC_DEPRECATED __declspec(deprecated) +#else +#define HC_DEPRECATED +#endif +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +void DES_set_odd_parity(DES_cblock *); +int DES_check_key_parity(DES_cblock *); +int DES_is_weak_key(DES_cblock *); +int HC_DEPRECATED DES_set_key(DES_cblock *, DES_key_schedule *); +int DES_set_key_checked(DES_cblock *, DES_key_schedule *); +int DES_set_key_unchecked(DES_cblock *, DES_key_schedule *); +int DES_key_sched(DES_cblock *, DES_key_schedule *); +void DES_string_to_key(const char *, DES_cblock *); +int DES_read_password(DES_cblock *, char *, int); + +void HC_DEPRECATED DES_rand_data(void *, int); +void HC_DEPRECATED DES_set_random_generator_seed(DES_cblock *); +void HC_DEPRECATED DES_generate_random_block(DES_cblock *); +void HC_DEPRECATED DES_set_sequence_number(void *); +void HC_DEPRECATED DES_init_random_number_generator(DES_cblock *); +void HC_DEPRECATED DES_random_key(DES_cblock *); +int HC_DEPRECATED DES_new_random_key(DES_cblock *); + + +void DES_encrypt(uint32_t [2], DES_key_schedule *, int); +void DES_ecb_encrypt(DES_cblock *, DES_cblock *, DES_key_schedule *, int); +void DES_ecb3_encrypt(DES_cblock *,DES_cblock *, DES_key_schedule *, + DES_key_schedule *, DES_key_schedule *, int); +void DES_pcbc_encrypt(const void *, void *, long, + DES_key_schedule *, DES_cblock *, int); +void DES_cbc_encrypt(const void *, void *, long, + DES_key_schedule *, DES_cblock *, int); +void DES_ede3_cbc_encrypt(const void *, void *, long, + DES_key_schedule *, DES_key_schedule *, + DES_key_schedule *, DES_cblock *, int); +void DES_cfb64_encrypt(const void *, void *, long, + DES_key_schedule *, DES_cblock *, int *, int); + + +uint32_t DES_cbc_cksum(const void *, DES_cblock *, + long, DES_key_schedule *, DES_cblock *); + + +void _DES_ipfp_test(void); + +#ifdef __cplusplus +} +#endif + + +#endif /* _DESperate_H */ diff --git a/lib/hcrypto/destest.c b/lib/hcrypto/destest.c new file mode 100644 index 000000000000..2f70d8bee87e --- /dev/null +++ b/lib/hcrypto/destest.c @@ -0,0 +1,623 @@ +/* + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + +#ifdef KRB5 +#include +#endif + +#include +#include +#include +#ifdef HAVE_UNISTD_H +#include +#endif + +#include + +#include "des.h" + +static void +ecb_test(char key[8], char in[8], char out[8]) +{ + unsigned char k[8], indata[8], outdata[8], outdata2[8], ansdata[8]; + DES_key_schedule s; + + memcpy(k, key, 8); + memcpy(indata, in, 8); + memcpy(ansdata, out, 8); + DES_set_odd_parity(&k); + DES_set_key_unchecked(&k, &s); + DES_ecb_encrypt(&indata, &outdata, &s, 1); + if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) + errx(1, "des: encrypt"); + DES_ecb_encrypt(&outdata, &outdata2, &s, 0); + if (memcmp(indata, outdata2, sizeof(outdata2)) != 0) + errx(1, "des: decrypt"); +} + +static void +ebc3_test(char key1[8], char key2[8], char key3[8], char in[8], char out[8]) +{ + unsigned char k1[8], k2[8], k3[8], + indata[8], outdata[8], outdata2[8], ansdata[8]; + DES_key_schedule s1, s2, s3; + + memcpy(k1, key1, 8); + memcpy(k2, key2, 8); + memcpy(k3, key3, 8); + memcpy(indata, in, 8); + memcpy(ansdata, out, 8); + DES_set_odd_parity(&k1); + DES_set_odd_parity(&k2); + DES_set_odd_parity(&k3); + DES_set_key_unchecked(&k1, &s1); + DES_set_key_unchecked(&k2, &s2); + DES_set_key_unchecked(&k3, &s3); + DES_ecb3_encrypt(&indata, &outdata, &s1, &s2, &s3, 1); + if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) + errx(1, "des3: encrypt"); + DES_ecb3_encrypt(&outdata, &outdata2, &s1, &s2, &s3, 0); + if (memcmp(indata, outdata2, sizeof(outdata2)) != 0) + errx(1, "des3: decrypt"); +} + +static void +cbc_test(char key1[8], char iv[8], char in[24], char out[24]) +{ + unsigned char k1[8], + indata[24], outdata[24], outdata2[24], ansdata[24]; + DES_key_schedule s1; + DES_cblock ivdata; + + memcpy(k1, key1, 8); + memcpy(ivdata, iv, 8); + memcpy(indata, in, 24); + memcpy(ansdata, out, 24); + DES_set_odd_parity(&k1); + DES_set_key_unchecked(&k1, &s1); + DES_cbc_encrypt(indata, outdata, 24, &s1, &ivdata, 1); + if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) + errx(1, "cbc: encrypt"); + DES_cbc_encrypt(outdata, outdata2, 24, &s1, &ivdata, 0); + if (memcmp(indata, outdata2, sizeof(outdata2)) != 0) + errx(1, "cbc: decrypt"); +} + +static void +cfb64_test(char key1[8], char iv[8], char in[23], char out[23]) +{ + unsigned char k1[8], + indata[23], outdata[23], outdata2[23], ansdata[23]; + DES_key_schedule s1; + DES_cblock ivdata; + int num; + + memcpy(k1, key1, 8); + memcpy(indata, in, 23); + memcpy(ansdata, out, 23); + DES_set_odd_parity(&k1); + DES_set_key_unchecked(&k1, &s1); + num = 0; + memcpy(ivdata, iv, 8); + DES_cfb64_encrypt(indata, outdata, 23, &s1, &ivdata, &num, 1); + if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) + errx(1, "cfb64: encrypt"); + num = 0; + memcpy(ivdata, iv, 8); + DES_cfb64_encrypt(outdata, outdata2, 23, &s1, &ivdata, &num, 0); + if (memcmp(indata, outdata2, sizeof(outdata2)) != 0) + errx(1, "cfb64: decrypt"); +} + +static void +cbc3_test(char key1[8], char key2[8], char key3[8], + char iv[8], char in[24], char out[24]) +{ + unsigned char k1[8], k2[8], k3[8], + indata[24], outdata[24], outdata2[24], ansdata[24]; + DES_key_schedule s1, s2, s3; + DES_cblock ivdata, ivec_copy; + + memcpy(k1, key1, 8); + memcpy(k2, key2, 8); + memcpy(k3, key3, 8); + memcpy(ivdata, iv, 8); + memcpy(indata, in, 24); + memcpy(ansdata, out, 24); + DES_set_odd_parity(&k1); + DES_set_odd_parity(&k2); + DES_set_odd_parity(&k3); + DES_set_key_unchecked(&k1, &s1); + DES_set_key_unchecked(&k2, &s2); + DES_set_key_unchecked(&k3, &s3); + memcpy(&ivec_copy, &ivdata, sizeof(ivec_copy)); + DES_ede3_cbc_encrypt(indata, outdata, 24, + &s1, &s2, &s3, &ivec_copy, 1); + if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) + errx(1, "cbc3: encrypt"); + memcpy(&ivec_copy, &ivdata, sizeof(ivec_copy)); + DES_ede3_cbc_encrypt(outdata, outdata2, 24, + &s1, &s2, &s3, &ivec_copy, 0); + if (memcmp(indata, outdata2, sizeof(outdata2)) != 0) + errx(1, "cbc3: decrypt"); +} + + +static void +pcbc_test(char key1[8], char iv[8], char in[24], char out[24]) +{ + unsigned char k1[8], + indata[24], outdata[24], outdata2[24], ansdata[24]; + DES_key_schedule s1; + DES_cblock ivdata; + + memcpy(k1, key1, 8); + memcpy(ivdata, iv, 8); + memcpy(indata, in, 24); + memcpy(ansdata, out, 24); + DES_set_odd_parity(&k1); + DES_set_key_unchecked(&k1, &s1); + DES_pcbc_encrypt(indata, outdata, 24, &s1, &ivdata, 1); + if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) + errx(1, "pcbc: encrypt"); + DES_pcbc_encrypt(outdata, outdata2, 24, &s1, &ivdata, 0); + if (memcmp(indata, outdata2, sizeof(outdata2)) != 0) + errx(1, "pcbc: decrypt"); +} + +static void +cbc_cksum(char key1[8], char iv[8], char *in, size_t len, + uint32_t ret, char out[8]) +{ + unsigned char k1[8], indata[24], ansdata[8]; + DES_key_schedule s1; + DES_cblock ivdata, outdata; + uint32_t r; + + memcpy(k1, key1, 8); + memcpy(ivdata, iv, 8); + memcpy(indata, in, len); + memcpy(ansdata, out, 8); + DES_set_odd_parity(&k1); + DES_set_key_unchecked(&k1, &s1); + r = DES_cbc_cksum(indata, &outdata, len, &s1, &ivdata); + if (ret != r) + errx(1, "cbc_cksum: cksum error"); + if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) + errx(1, "cbc_cksum: checksum"); +} + +static void +s2k(char *password, const char *salt, char akey[8]) +{ + DES_cblock k; + size_t l = strlen(password) + strlen(salt); + char *pw = malloc(l + 1); + strcpy(pw, password); + strcat(pw, salt); + + DES_string_to_key(pw, &k); + if (memcmp(akey, &k, 8) != 0) + errx(1, "key wrong for '%s'", pw); + free(pw); +} + +static void +weak_test(int is_weak, const char akey[8]) +{ + DES_cblock key; + memcpy(&key, akey, sizeof(key)); + if (DES_is_weak_key(&key) != is_weak) + errx(1, "weakness is wrong"); +} + +/* + * + */ + +int +main(int argc, char **argv) +{ + _DES_ipfp_test(); + + ecb_test("\x31\x16\xe3\x57\x97\xa8\x68\xe5", + "\xbb\xe4\x48\x6e\xdf\x9a\x05\x4f", + "\xa8\x82\xa0\x15\x76\xeb\xfd\xc7"); + ecb_test("\xfe\x4a\x19\xa1\x45\xa7\xb9\xd0", + "\x2a\x67\x3c\x07\x59\x4d\xde\xb8", + "\x9d\x61\xd5\x1c\xd7\xd0\xd3\x8b"); + ecb_test("\xbf\x13\x25\xec\xa4\xbc\x1a\x54", + "\x16\xa5\xd9\x30\x0f\x55\x20\x71", + "\x04\x44\x6c\xe0\x32\x32\x78\xd2"); + + ebc3_test("\x7c\x2f\x79\xd5\xb5\x37\x01\xcb", + "\xb9\xbc\x86\xea\x04\x45\xab\x2c", + "\x19\x1c\xcd\x83\x8a\x29\x97\x3e", + "\x87\x03\x59\xdd\xf4\xc6\xeb\xb7", + "\xcc\x72\x66\x85\xed\xa2\xee\x09"); + ebc3_test("\x10\x34\x32\x4c\xc4\x9b\x57\x5b", + "\xb0\x6e\xb6\x26\xd6\x52\x2c\x15", + "\xa7\x64\xf8\x20\xc1\x89\x73\xc1", + "\x37\xa4\xad\x4d\x76\xee\x7c\x02", + "\xdf\xb9\x2b\x99\x59\x71\xc4\x89"); + ebc3_test("\xf8\xa7\xfd\xe6\x6d\x73\x34\x26", + "\x4c\xbf\x40\x5d\x5d\xf4\x31\xef", + "\x04\xdf\xf2\x58\xd0\x5e\x54\x68", + "\x44\x2a\xa2\x19\xbd\x0a\x2b\x61", + "\x17\x26\x39\xd5\xd5\xd9\x40\x71"); + ebc3_test("\x13\x5e\x23\x07\x2c\x16\x0d\x25", + "\x64\x6d\x2f\xe0\x68\xa8\x16\x75", + "\x7c\x7c\x19\x64\xbc\xae\xe0\x0e", + "\x7b\x8c\x76\x76\xb0\x95\x7f\xed", + "\xe2\x6e\x05\x1d\xdc\x74\xc1\xb7"); + ebc3_test("\xbc\x92\x32\xb6\x68\x0d\x73\x19", + "\x70\xef\x98\x19\xe9\xec\x04\x1c", + "\x02\x4c\x75\x08\xce\xc4\x34\x16", + "\x73\xab\x28\x69\x6a\x20\x2f\x99", + "\x3b\xb1\x2d\xb6\x21\x0a\x44\xca"); + ebc3_test("\x01\x98\x16\xea\x85\xd5\x3b\x8a", + "\x73\x23\xb5\x49\xd9\x10\x5b\xea", + "\xb6\xc4\xce\xc4\x89\x92\x0e\x15", + "\xd9\x35\xcf\x21\x47\x7b\xdf\xb5", + "\xa1\x71\x57\x1f\x1e\x84\x08\xac"); + ebc3_test("\x58\x6d\xbc\x04\x70\x4f\xe6\x3e", + "\xcd\x76\x26\x01\xae\xce\x0b\xe5", + "\xf2\x4f\x64\x16\x8f\x0d\x4f\x6b", + "\xa7\x0d\xa0\x56\xa0\x8b\x2a\x77", + "\xe5\x12\x9b\x8a\x92\xc8\xdd\xe1"); + ebc3_test("\x40\xd6\xad\x43\x52\x23\xa7\xcd", + "\x04\x19\xae\x94\xce\x46\x31\xd3", + "\x45\x6e\x3b\xb5\x4f\x37\x5e\x9d", + "\xbd\xb0\x60\x75\x91\x02\x48\xf4", + "\xb5\xa1\xe6\x4b\x4e\xa3\x8c\x4b"); + ebc3_test("\x91\xab\x80\x9b\x97\xf4\x58\x5e", + "\xc2\x68\x46\x61\x9e\x04\xa1\x29", + "\xc7\xe5\x5b\x32\xcb\x43\xc8\xa4", + "\x31\x38\x90\x1c\xc8\x78\x12\x50", + "\xf8\x65\xae\xa1\xdf\x4e\xbf\xa8"); + + cbc_test("\x57\x98\x7a\x8a\x29\x7c\xc1\xad", + "\xe1\x28\x69\x58\xd6\x91\x9f\x4e", + "\xa0\x11\x1a\xdd\xeb\x62\xb8\x9e\x28\x08\x6e\x0b\x6d\x6d\x57\x31\x1b\x4c\x82\x4c\xc3\x19\xe0\x93", + "\x42\xa5\x2f\x26\xbb\x92\x3a\x6b\x64\xe0\x3b\x1a\x33\x5a\x9c\x2b\xc8\xd9\x41\x37\x8d\x3e\x58\xbf"); + cbc_test("\x23\xd6\xec\x86\x86\x4f\x02\xcd", + "\xfe\x8e\xa4\x07\x35\x41\x14\x99", + "\xe3\xc2\x5d\x6e\x81\xae\xa0\xe8\xc8\xdd\xd2\x0d\xf4\x26\x90\x10\xca\x8c\x07\x58\xb2\x17\xcc\x1a", + "\x97\xb9\xbc\xa6\xd1\x98\xc1\x7f\x4b\xac\x61\x8a\x16\xec\x1f\xee\x28\x6f\xe8\x25\xf0\x41\xbc\xde"); + cbc_test("\x07\xe5\xc8\x52\xba\x3d\xef\xcd", + "\xa9\x21\x3e\x84\x44\x7c\xce\x1a", + "\xfc\x03\x72\x30\xb0\xcb\xe8\x99\x21\x54\x4d\xfa\x86\xdd\x99\xe1\x96\xe7\x7c\xb5\xbd\x5b\x6f\xd0", + "\x27\x76\x66\x62\x1f\xcf\x48\xdb\x15\x11\x73\x8b\xe0\xc9\xbd\x2b\x40\xae\x0c\x35\xeb\x93\xa3\x1c"); + cbc_test("\xef\x2f\x07\xd6\x2f\x70\x4f\x68", + "\x16\x1e\xaf\x87\x3a\x83\x9f\x33", + "\xb8\x4c\xb3\xbf\xfa\x5d\xa9\xc7\x1c\x15\x8d\x39\xf2\x29\xf5\x5a\x3d\x21\x0d\x61\x05\xaa\x48\x92", + "\x51\x85\x2f\xad\x67\xb6\x0a\x15\xb8\x73\x15\xf1\x79\x9d\xed\xf5\x6c\x11\x22\xe5\x48\x51\xab\xae"); + cbc_test("\xd0\x2c\x68\xc1\xe6\xb0\x76\x98", + "\xc7\x4f\x31\xa9\x5d\xd5\x5b\xcc", + "\x9d\x4b\x2a\x54\x60\xf1\xb0\x10\x34\x87\xdc\x25\xa5\x80\x6c\x4d\x0c\x7f\x53\x37\x58\x42\xc7\x26", + "\x79\xc5\xf0\x21\x0d\x7a\x38\xc0\x66\x9a\x07\x2f\xa4\x9c\x1f\xbb\x66\x4d\x6c\x86\x5b\x47\x44\x60"); + cbc_test("\xd6\xe3\x75\x92\xb0\x8f\x45\x70", + "\xdc\xc6\xab\x3e\xf2\x7e\x13\xd6", + "\x38\x57\x27\x0a\xef\x74\x94\x82\x92\xfa\x28\xed\xff\x24\x1e\x0e\x8f\xaa\x9e\x24\x2f\x41\x65\x78", + "\x1d\xcc\x07\x55\xe8\xea\xd1\x08\x55\x11\x72\xfe\xdb\xdf\xa0\xc9\xb6\x3a\x2e\xdf\xf0\x67\xd3\xf4"); + cbc_test("\xb3\xbc\xb5\x61\x04\xda\x1a\x34", + "\x8e\x4e\xa5\x8a\xeb\x6a\xea\xbb", + "\x72\x73\x51\xe0\x58\xc5\x2e\xe1\x64\x10\x05\x59\x64\x70\x3f\xbe\x43\xa2\xed\x7a\x5d\x1b\x9c\xc7", + "\xa6\xb2\xf2\xea\x96\x62\xfb\x2f\x2a\x6a\xa1\x2f\x8e\xe1\x12\xd2\xe4\x82\x4c\xc1\x00\x74\x9c\x8f"); + cbc_test("\x8f\xdf\x01\x89\xfe\x13\x9b\x2c", + "\x66\x18\xf8\x80\xa1\x3b\x1b\x91", + "\x32\xdb\xae\xa7\x3b\x77\xb2\x6e\xcc\xa5\xa1\x2e\x15\x19\x49\x83\x2f\xfb\x94\xcc\xd1\xa1\x4b\x02", + "\x47\x31\xca\x04\x4d\x1a\x24\x39\xda\x71\xc5\xb8\x7f\xea\x79\xf5\x43\xa6\x53\x15\x78\x84\x34\x75"); + cbc_test("\xe5\x34\xb6\x75\x68\x07\x70\x85", + "\x73\x98\x29\xf7\x7a\xe7\xe7\xb7", + "\x9c\x9e\x4c\xa6\x62\x21\xc4\x15\x47\x43\xd5\xf2\x3a\xf3\xfd\xb5\x53\xa7\x16\x9e\xa6\x4f\x0d\xac", + "\x81\x2d\xa4\x99\x60\xbf\x9c\xf4\x46\x1d\xee\xc6\xb0\xe1\x4a\x29\xea\xfd\xce\x4b\xa1\x45\x93\x7b"); + + cbc3_test("\x61\xcb\x8c\xb0\x32\x2a\xc2\x5d", + "\x98\xe3\x49\xc1\x0d\xb5\x67\xce", + "\xf2\x43\x10\x61\x85\x6b\xa7\x15", + "\x65\xf5\x8f\x1a\x2b\x33\xf2\xb5", + "\x8c\x06\xe0\x60\x68\x25\x9c\x95\x81\x46\xda\x41\x9d\xa8\x9c\x49\x2f\xee\x33\x35\x95\x11\xbd\xa0", + "\x93\x27\xed\xc7\x35\xb9\xe5\x3c\x7b\x10\x3e\x39\x01\x41\x61\x04\xe7\xf2\xd9\x63\x96\xca\x57\xf1"); + cbc3_test("\x15\x61\x6b\x76\xae\x0e\x98\x01", + "\x76\xce\x9d\x94\xa7\xe3\x73\xa4", + "\x19\xd9\x15\x98\x9b\xba\x83\x40", + "\x60\xef\xc2\xc6\xa2\x40\x01\xc7", + "\x8b\x4d\xf4\x37\xad\x1c\xc2\x4e\xcc\xc4\x4b\x17\x67\xf7\xfa\xec\xf8\x94\x6f\x7a\x84\x56\x81\x09", + "\x68\xdf\x82\xcb\xd9\xcd\x3d\xca\x12\x0e\x2e\x39\xba\xf7\x5a\x8c\x41\xbd\x6f\x9d\x85\xfe\x1b\x1d"); + cbc3_test("\xd5\x2a\x4f\xa4\x13\x9e\x73\x15", + "\x6d\x75\xa8\x15\x07\xd3\x7c\x79", + "\xd5\xe0\xa7\x91\xf8\xf2\x9d\xcd", + "\x4c\xdb\x56\xb8\x6f\x0e\x2a\x59", + "\xbe\x64\x20\x24\x7d\x2b\x6b\xf4\xd9\xc0\xa0\x9b\x8d\x88\x6e\x50\x6f\xf8\xb6\x4a\x7e\x52\x52\x93", + "\x01\x83\x75\x7b\xd6\x03\xff\xd8\xe9\x6d\x6c\x92\x24\x25\x35\xfa\x43\x4c\x40\xff\xec\xb0\x8b\x50"); + cbc3_test("\x02\xad\x13\x31\xd5\xd6\xef\x7c", + "\x86\x3e\x02\xce\x94\x97\x37\xba", + "\x01\x07\x20\x04\xf8\x92\xb6\xb3", + "\x26\x79\x1b\xef\x90\x54\xd6\xc1", + "\x55\xee\xea\x81\x42\x8b\xbf\xfb\x6c\x14\xec\xbd\xba\x55\x0d\xc4\xd2\xd6\xf0\xea\xd1\x03\xde\x5b", + "\x69\x49\xc5\x48\x4f\xda\x03\x90\x84\xef\x86\xd2\x98\xa7\xae\xfa\x17\x35\x7e\x06\xbd\xd3\x51\x0b"); + cbc3_test("\x3d\x9b\xae\x5b\x7f\x91\x85\xe0", + "\xdf\x07\xb3\xdf\x97\x0b\x43\x80", + "\xe3\x46\x58\xd9\x68\x79\xb3\xae", + "\xd4\x27\xee\x5d\x73\xb1\x82\xf5", + "\x44\x86\x9a\xa6\x79\x2d\x9e\x94\x11\x6c\x7b\xc6\xe8\xef\x63\x95\x71\xc6\x62\x20\x43\x87\xaf\x65", + "\xc2\xf5\xbc\x91\xc5\x7c\x69\xb2\x05\xcc\x28\x92\xc1\x96\x5a\xc2\xcb\x0c\x71\xc7\x51\x7d\x0c\xcc"); + cbc3_test("\x43\x8c\x23\x92\xd5\x92\x67\xfb", + "\x5b\x5e\xb0\x31\x1c\x9d\x5d\x10", + "\x8a\xa2\x16\x64\xd6\xa4\xc4\x5b", + "\x06\xc5\xdd\xa3\x4a\x2b\x37\xb7", + "\x99\xd5\x76\xee\x7c\x4d\xcc\x18\x39\x78\x16\x7c\xcc\x1a\x0a\x27\xdb\xf1\x5f\xe1\x87\x86\xb7\x2c", + "\x91\xbe\xaf\x79\xd0\x14\x7c\x05\x60\x1c\x7e\xd6\x22\x15\xac\xed\xf3\x78\xa5\xc7\x52\xa0\x60\x49"); + cbc3_test("\x80\xc2\x86\x7a\x51\x45\x29\x1c", + "\xc7\xfd\xad\xd0\x7c\x4a\xd0\x3e", + "\xe6\x89\x98\xfe\x01\x67\x20\x89", + "\x5c\x23\xe4\x26\x82\x27\xad\xeb", + "\xa1\x38\x4e\xf1\x07\x1a\xdd\x25\x47\xe6\xda\x9d\xa9\xfe\x98\x55\x05\x95\x75\xc2\x59\x18\xcf\xf1", + "\x36\x58\xea\xc5\xf8\x41\xa7\x49\xe8\x22\x75\xfe\xb6\x8b\xdd\x0d\xf0\x66\x42\xe6\x84\x23\x29\xff"); + cbc3_test("\xbc\x68\x54\x85\x2c\xc1\xe0\x07", + "\x7c\x6e\x34\x04\x6b\x91\xc4\x54", + "\x9d\xa4\xda\xa1\xda\x6d\xdc\xd3", + "\x1c\x3d\xa9\x41\xa2\xe5\xff\x8a", + "\x0a\x58\xff\x5a\xec\xc1\x7e\x94\x24\xf4\x4f\xdc\x5b\x29\xe2\x78\x62\x8a\xd2\xe2\xd7\x45\x54\x17", + "\x80\x68\xa6\xed\x87\x40\xd5\x32\xd2\xb8\x32\x61\x35\xae\xae\xf7\x14\x1f\x98\xdb\xba\x21\x4f\x9f"); + cbc3_test("\xa1\x2a\x7a\x67\xfe\xea\xd3\xe3", + "\x70\xe5\xd5\x4c\xf1\xce\x4c\x26", + "\x75\x4c\x85\x16\xb5\xc8\x07\xe9", + "\x4c\xa4\xb5\xdd\x86\x86\x70\x5a", + "\x0d\x07\xfd\x23\xc1\x1d\x65\xd8\xb2\x79\xb8\xa3\xc5\x8e\x47\xbe\x0f\xed\x7b\x15\x43\xe9\x7c\x5e", + "\xde\x17\xfe\x05\x43\x80\x85\xd0\x9c\x60\xe0\xbe\x8d\xa2\x65\x0e\x63\x02\x72\xb6\xf3\x7d\xda\x90"); + + + pcbc_test("\xe3\xf2\xb0\x26\x7c\x4a\x94\x80", + "\x40\x08\x4c\x44\xa3\xb5\xf7\x97", + "\xe7\xbd\x54\xa1\xbb\x48\x67\xcd\xe0\xee\xff\x8d\x3d\x25\x2b\xf0\x61\x48\xbe\xf2\x63\x5d\xce\x4a", + "\xf5\xe9\x48\xdc\xb8\x61\x39\xa9\x90\x27\xec\x09\x23\x50\xe0\xa9\x78\xb2\x1c\x29\x3c\xa7\x6c\x88"); + pcbc_test("\xfd\x54\x2a\x5b\x97\xa4\x5b\x52", + "\x37\x36\x6e\x22\x7e\x66\x08\x8c", + "\xe4\x2d\x81\x88\x86\xb2\x44\x55\x80\x3d\x3c\xbd\x42\x9f\x5d\xdb\x4b\x63\x23\x1c\x31\x13\xa6\x0f", + "\x9c\x9f\x65\x05\x79\x91\x71\x96\x82\x2a\xc0\xe5\xa0\x6f\x71\xab\x68\x32\xd4\xd7\x5e\x38\x38\xf6"); + pcbc_test("\x25\x91\x08\xe5\x57\x85\xb6\x20", + "\x47\x6e\xbe\x9f\xb9\x6b\x55\xe9", + "\x44\xfd\xdd\x42\x07\x99\xf0\x8f\xdb\xa5\x14\x1e\x76\x07\x90\x5b\x29\x10\x21\xb9\x7e\xac\xc7\x77", + "\x88\x4f\xdc\x6e\x37\x5e\x4e\xac\x8d\x3f\x9d\xd1\x82\x51\x65\xf5\xf9\x08\xa7\xac\x01\x61\x19\x85"); + pcbc_test("\x6d\x43\xc7\x9d\x6b\x97\x64\x40", + "\x56\xfb\xcb\xb3\x97\xb5\x70\x13", + "\x54\x67\xa9\x42\x86\x85\x81\x8f\xb4\x72\xa2\x5f\x2d\x90\xbb\x5c\xb5\xb9\x9b\x71\x8f\x2b\xae\x05", + "\x2c\xd1\x63\x6f\x11\x1d\x5e\x40\x8c\x47\x49\x12\x31\x48\xb7\x12\x4c\xc1\x6a\xaf\x0e\x33\x11\xe1"); + pcbc_test("\x3b\xa2\xbc\xd5\x5d\x9d\xdf\x73", + "\x43\xb7\x26\x71\xce\x6d\x97\xac", + "\x4e\xf6\x7d\xd7\xfc\x6b\x35\x54\xae\xc9\xfe\xf7\xb7\x1e\x47\xa5\x61\x44\x50\xb3\xe4\xe8\x7d\xdc", + "\x4d\xda\xbd\xad\xc4\xde\xdc\xf4\xfc\xbd\xfc\xa7\xbd\xe4\x7e\x73\x28\xc5\x5c\xd0\x9a\x35\x39\xa6"); + pcbc_test("\x46\x9e\xda\xdf\x0d\x97\x8a\xd3", + "\x6c\x9f\xdf\xc0\x48\x3b\xa5\x17", + "\xb9\xd8\x99\x61\x67\xf3\xec\xa9\xc1\x29\xa3\x8b\x63\xe2\xc2\x28\xaf\x56\x2d\x39\x1d\xeb\x7c\xbc", + "\x70\x5d\xd4\x54\x90\xb9\x6c\x0c\x93\x96\x6a\x4a\x4e\xb8\x80\xce\xb3\xcd\x64\xa7\x6c\xb2\xe4\xc9"); + pcbc_test("\x31\x89\x51\x38\x2f\x97\xfe\xef", + "\x17\xdc\xf8\xde\xcc\x8f\x40\x3e", + "\xef\xcf\xe9\x9e\x11\xd8\x35\xdf\x58\x11\xd0\x0a\x68\xce\xe1\x6b\xb5\xca\x68\x47\xb7\xb9\x9a\x34", + "\x3a\x93\x47\x3c\x1b\xa9\xeb\x88\x13\xfd\x1b\xd8\x76\xb5\xd3\xe2\xb8\x83\x10\x56\x68\xab\xe1\x28"); + pcbc_test("\xba\x1c\x70\x94\x62\x10\x19\xda", + "\x7a\x8b\xc0\x9e\x00\xbb\x7e\xcb", + "\x30\x74\x6b\xa6\xd6\x07\xae\x44\xd6\x5c\xe6\x18\x97\x90\xaa\x08\xcb\xa8\xf4\x8b\xea\x8b\x4f\xe6", + "\x0a\x77\x24\x7c\xcd\xf8\x06\x01\x20\x02\x14\x33\xd6\xf4\x4e\x89\xc0\x38\x65\x44\x6b\x9c\x92\x16"); + pcbc_test("\xfe\x97\xf2\x6d\x8f\x0d\x86\x94", + "\x30\x8a\x7d\x9b\xf4\x28\x6e\x84", + "\x82\xb0\x9b\x42\xf6\xdc\x38\x41\x41\x03\x60\x28\x7f\x90\x08\x8b\x6c\x55\xe7\x76\xcd\xa7\xae\xbc", + "\x35\x0b\xf1\xc0\x56\x64\x6f\x7b\x3e\x1f\xd1\x90\xbd\xda\x10\xb1\xd1\x49\xc6\x62\x5f\xf9\x6c\xf9"); + + + cbc_cksum("\x58\x83\x67\xfb\xdf\x51\x7c\xfd", + "\x46\x0a\xa5\x94\x6b\xd6\xaa\x91", + "\x15\x0b\x16\x3a\x56\x79\x33\xdf\x6e\xa0\xd9\x54\x14\x7b\x37\xa9\xb1\x15\xe1\x28\xfe\x35\xe9\x34", + 24, + 0x16466788, + "\xa7\xbd\x2a\x1b\x16\x46\x67\x88"); + cbc_cksum("\xf1\xe0\x91\x1c\xfe\x10\xe5\xb5", + "\x9c\xc6\x7d\xf3\x3e\x58\x40\x06", + "\x9c\x90\x88\xfe\x9c\x38\xc0\xd5\xaa\xc6\xf2\xc2\x7d\x00\xf6\x5f\xbd\x87\x25\xbe\x41\x64\x9f\xb7", + 24, + 0xd8a127cc, + "\x93\x5d\x75\x62\xd8\xa1\x27\xcc"); + cbc_cksum("\x20\xbf\xdc\xd5\x5b\x9d\xc8\x79", + "\x68\xdc\xe2\xfa\x18\xb3\xa9\xe0", + "\xef\xba\xc4\x8b\x78\xc2\x02\xc2\x74\x71\x9f\xfa\x4b\xa2\x8a\xe5\xfb\x82\x3d\x48\xcf\x28\x08\x42", + 24, + 0x45236285, + "\xc0\xb9\x2c\x86\x45\x23\x62\x85"); + cbc_cksum("\x31\x6d\xa8\xc2\x43\x16\x64\xea", + "\x7b\x5e\x9f\x7c\xb8\xa3\xbd\x89", + "\x8a\xd4\xe4\x77\xbb\x45\x17\x3d\xd2\xef\xe6\xb9\x65\x8b\xb3\xa9\x28\xef\xd7\x0c\xa8\x47\x5d\xb8", + 24, + 0x3f021cb2, + "\x10\x94\x4c\x2f\x3f\x02\x1c\xb2"); + cbc_cksum("\xd5\x75\x51\x8f\xc8\x97\x1a\xc4", + "\xbc\x7a\x70\x58\xae\x29\x60\x3a", + "\x8d\x2c\x70\xdb\x53\xda\x0f\x50\xd9\xb5\x81\x18\x26\x66\x84\xda\xf6\x32\xa0\xe5\xf9\x09\xfd\x35", + 24, + 0x2f64dd4f, + "\x89\xe4\x70\x0d\x2f\x64\xdd\x4f"); + cbc_cksum("\xda\x6e\x32\x80\x20\xbc\x67\x54", + "\xf4\x93\x86\x43\x29\x57\x6e\xec", + "\xfe\xd8\xfe\xad\x4e\x05\xd8\xb8\x9b\x9f\xaa\xa5\x90\x6d\xcb\xff\x40\xab\xc5\x25\x2b\xda\xa7\x09", + 24, + 0x6281ce23, + "\xa1\x88\xc2\x3d\x62\x81\xce\x23"); + cbc_cksum("\xb6\xc7\x75\x8a\xfb\xd3\xf8\xad", + "\xf1\x4f\xd7\x39\x4b\xec\xa3\x99", + "\x31\xd0\x45\x9d\x62\xe3\x49\xbb\x58\xc2\x58\xbe\x13\x51\x1e\x3f\x54\xe5\x31\x7d\xd0\x94\x57\x7a", + 24, + 0x09c7ee4e, + "\x2f\x40\xb3\xd2\x09\xc7\xee\x4e"); + cbc_cksum("\xa8\x4f\x16\xf4\x89\x3d\xf7\xec", + "\x04\x78\xbc\xd3\x4f\x32\xfd\x46", + "\xe5\x44\x30\x5e\x55\xa3\x08\xe9\xcd\xd1\xbe\x63\x66\x26\x27\x62\xc3\x4f\x2a\x50\x69\x21\x24\xde", + 24, + 0xdf3357c7, + "\xa8\x6e\x80\x3b\xdf\x33\x57\xc7"); + cbc_cksum("\xd6\x4f\x40\xef\x8a\x2a\xf1\x20", + "\xd5\x40\xe7\x86\x36\x26\x79\xc9", + "\xcc\x74\x2b\x78\xca\x47\xb0\xd3\xe6\x72\x42\x76\xee\x80\xb0\xe5\x78\x12\x3b\x4e\x76\x91\xda\x1a", + 24, + 0x14a5029a, + "\x33\xd2\xb5\x8a\x14\xa5\x02\x9a"); + + cbc_cksum("\xfb\x89\xa1\x9d\xa7\xec\xc1\x5e", + "\x9c\x7f\x47\xd0\x79\x5d\x4b\x97", + "\xb6\x8b\x48\xe0\x01\x78\xec\x50\x7f\xf1\xfd\xd2\x87\x76\xba\x4b\x9c\x5c\xc7\x25", + 20, + 0xa1471604, + "\x39\x5b\x7d\xb1\xa1\x47\x16\x04"); + cbc_cksum("\x70\xb3\xc4\x0b\x5b\x4f\x98\xe5", + "\x86\xc0\x05\x1a\xd5\x8f\x78\x2c", + "\xef\x01\x7b\xd8\xff\x68\x5d\x66\xb6\xbe\xd8\xf5\xb9\xed\x4e\xec\xe3\x3c\x12\xc5", + 20, + 0xc4b74f9a, + "\x2b\x07\xe3\x90\xc4\xb7\x4f\x9a"); + cbc_cksum("\xfe\x04\xcb\xfe\xef\x34\xe9\x58", + "\xd9\x28\xae\xc0\x2c\xd3\xf6\xb0", + "\x24\x25\x9b\x67\xda\x76\xa6\x64\x6f\x31\x94\x18\x2e\x06\x71\x82\xaf\xbd\x86\x63", + 20, + 0xbd7c84e6, + "\x70\x3e\x91\xf5\xbd\x7c\x84\xe6"); + cbc_cksum("\x10\xc2\x70\x94\x9b\x16\x20\x1c", + "\x62\xed\x5a\x48\x6c\xf3\x51\xa0", + "\x90\x3e\x06\xc1\x63\x6a\x1f\x1a\xfe\x9d\x74\xb6\x13\xde\x62\xd2\x6f\x19\x37\x25", + 20, + 0x26761f96, + "\x8b\x6a\x9c\x85\x26\x76\x1f\x96"); + cbc_cksum("\x61\x32\x7c\x7f\x31\xc7\x98\xe6", + "\xd9\xba\x0d\x9d\x9e\xa3\xcc\x66", + "\x98\x8f\xc6\x5a\x54\x04\x63\xd9\x53\x86\x5d\x75\x53\x48\xcc\xa3\x00\x7a\x12\xe5", + 20, + 0xf0f6ad33, + "\x6a\xfb\xed\xd3\xf0\xf6\xad\x33"); + cbc_cksum("\x85\xdf\x01\x2c\xab\x3b\xec\x13", + "\xc6\x44\x87\x5b\x78\x2a\x74\x92", + "\x8b\xf5\x0d\xff\x5c\xb3\xc1\xcd\x9e\xf7\xb8\x8e\x3b\xf8\x61\x4d\x26\x6a\x7b\xe8", + 20, + 0x7acfe214, + "\x52\xb7\x05\xe9\x7a\xcf\xe2\x14"); + cbc_cksum("\x49\xdf\xb0\x16\x7f\xec\x10\x52", + "\x09\xa3\x36\x8f\xe9\xe0\x06\x19", + "\x3a\x0f\x66\xf7\x7a\x47\x34\xe4\xaa\x09\x36\x90\xe9\x90\x19\xff\x99\x94\x92\x04", + 20, + 0x9a3a59bb, + "\xd3\xe2\xce\xfc\x9a\x3a\x59\xbb"); + cbc_cksum("\x5b\xbf\x4c\xc8\xce\xf4\x51\x1a", + "\x7c\xee\xc0\x5a\x20\x2b\x10\x22", + "\x05\x1d\xec\xdb\x30\x73\xf2\x21\xbf\x64\xe0\x5f\xdf\x02\x79\xe9\x47\xf2\x9c\x4e", + 20, + 0xaf9d3602, + "\xaa\xf3\xa2\x5a\xaf\x9d\x36\x02"); + cbc_cksum("\xad\xda\xa2\x19\x6d\x37\xda\x67", + "\xb2\x10\x0f\xd5\xda\xdd\x17\xfc", + "\x44\x02\x6b\xd6\xd4\x8c\x42\x58\x8b\x59\x35\xce\xd7\x04\x6b\x35\xa6\x5f\x28\x97", + 20, + 0xd112a978, + "\xb2\x5f\x6a\x07\xd1\x12\xa9\x78"); + + + s2k("potatoe", "WHITEHOUSE.GOVdanny", + "\xdf\x3d\x32\xa7\x4f\xd9\x2a\x01"); + s2k("password", "ATHENA.MIT.EDUraeburn", + "\xCB\xC2\x2F\xAE\x23\x52\x98\xE3"); + s2k("\xf0\x9d\x84\x9e", "EXAMPLE.COMpianist", + "\x4f\xfb\x26\xba\xb0\xcd\x94\x13"); + s2k("NNNN6666", "FFFFAAAA", + "\xc4\xbf\x6b\x25\xad\xf7\xa4\xf8"); + s2k("", "", + "\x01\x01\x01\x01\x01\x01\x01\xf1"); + + cfb64_test("\x45\xc2\x0b\x01\x40\x08\x13\x8a", + "\x9a\xef\xf4\x37\x41\x69\x0b\xd6", + "\x5d\x12\x5d\xf5\xae\x1d\xc6\x47\x21\xd3\x16\xba\x45\x0e\x9d\x4c\x00\xfd\xf8\x64\xca\x69\x67", + "\xff\x99\x06\xd8\xe9\xbc\xae\x7e\xde\x49\x7b\x34\x5d\xa0\x74\x61\x9b\x6f\x70\x38\x40\x40\xba"); + cfb64_test("\xdc\xe9\x51\xc4\x0b\xad\x85\xa8", + "\xf5\x56\x6c\xef\x42\xed\x9f\xa8", + "\x7d\xe5\xeb\x04\x5c\xaf\x8c\x5b\xf4\x88\xba\x4a\x99\x6a\x3a\x79\xc0\x88\x01\x05\xac\x98\x3c", + "\x53\x87\x11\xc4\xa6\xf3\x1e\x67\x56\xfc\x8c\x63\xf0\x2e\xd9\x0e\x4a\x86\x8e\x5b\xa7\xde\xcf"); + cfb64_test("\x25\xf7\xa7\x0e\x85\x4f\x5b\xb6", + "\x83\xae\x73\x03\xea\xeb\x82\x05", + "\x1b\x80\x23\xdc\x61\x23\xa7\xde\x80\xf6\xec\xb1\xc1\x6d\x3e\x59\x1f\x76\x6d\xdf\xfa\x42\xc7", + "\xe2\xf7\x8d\x2f\x86\xce\x1f\xfc\xdb\x82\xb9\xb5\x9c\xa9\xf4\x9c\x2b\x3f\x34\x6c\x83\xf7\x7e"); + cfb64_test("\xab\xd5\xd3\x68\xf1\x2c\x0e\x0d", + "\x8a\xea\xe8\xc0\xad\xb9\x51\x83", + "\x3d\xcb\x7d\xcf\x57\xa6\xf6\x16\x4f\x34\xb6\x5f\xc2\xa9\xf0\xec\x90\xc5\x43\xa0\x19\xfc\x3f", + "\xe9\x2c\x22\x20\xd4\x27\x90\x89\x40\x08\x4a\x23\x4d\x41\x05\x67\xe1\xde\xf5\x0b\x8b\x96\xb1"); + cfb64_test("\x92\x38\xd3\xfd\x61\x83\x92\x0e", + "\x25\xb6\x34\x51\x6d\x6a\x35\xa2", + "\x98\x55\xab\x2a\xa2\x9e\xcf\xf4\x92\xdf\xb4\xc6\xc1\x34\x55\xf6\x13\x85\x4c\x50\xdc\x82\x1e", + "\x87\x96\x47\xa6\xcd\xff\xda\xd2\xad\x88\xaa\x25\xbd\xcd\x72\x61\x37\x14\x42\x14\xc7\x4b\x7f"); + cfb64_test("\xf4\xcb\x97\xad\xef\x7f\x80\xb0", + "\xfc\xa0\x7d\xb6\x75\xb8\x48\xea", + "\xc2\x1e\x16\x2b\xb7\xcf\xc6\xa0\x4b\x76\x75\x61\x49\x66\x0d\xce\xd2\x12\xf2\x98\x07\x2f\xac", + "\xe2\x20\xbf\x29\x5b\x34\x20\x2a\x2e\x99\xa5\x50\x97\x1b\x4b\x18\xb4\xd6\x87\x35\x7b\x5f\x43"); + cfb64_test("\x3b\x1c\x15\xec\xb9\x5e\xe0\xda", + "\x7d\x94\x23\x76\x96\x72\x62\xf4", + "\x5d\x83\xdb\x76\x52\x46\xa7\x84\x0a\x71\x2c\x09\x40\xbd\x3d\x75\x73\x28\x0b\x22\x07\x6f\x8a", + "\xf1\x01\x8f\xe2\x32\x35\xe6\x06\xcf\xbb\xe4\x15\x9e\x4e\xf0\xe8\x2e\xcd\xac\xbf\xa6\xc2\xec"); + cfb64_test("\xc2\xcd\x76\x79\x7f\x51\xce\x86", + "\x38\xcf\x55\x7d\x0c\xd5\x35\xfe", + "\xc7\xe5\xe8\x1d\x19\x09\x9f\xd5\xdb\x89\x26\xc1\xf1\xc1\x18\x50\xcf\x8b\xf2\xe1\x87\xeb\xe6", + "\xd4\x5d\xca\x30\xb9\x41\xfa\x36\x83\xfc\x40\x2d\xd2\xe8\x94\x38\x49\xc8\xa3\x35\xb7\x5d\x9c"); + cfb64_test("\x67\xfd\xc4\x31\x45\x40\xf7\xea", + "\xb9\x29\xe6\x78\xdd\x1a\x13\x84", + "\x12\x9b\xe5\xb3\xdd\x42\x6f\x45\x86\x97\x25\x87\x05\xee\x7e\x57\x8f\x22\x79\xb3\x22\xa2\x95", + "\x38\xef\x49\xbc\xdd\xbb\x6b\x73\xc0\xd7\xa6\x70\xe0\x1b\xde\x8d\xe6\xb4\xc6\x69\xca\x5e\x1e"); + + weak_test(1, "\x01\x01\x01\x01\x01\x01\x01\x01"); /* weak keys */ + weak_test(1, "\x01\x01\x01\x01\x01\x01\x01\x01"); + weak_test(1, "\xFE\xFE\xFE\xFE\xFE\xFE\xFE\xFE"); + weak_test(1, "\x1F\x1F\x1F\x1F\x0E\x0E\x0E\x0E"); + weak_test(1, "\xE0\xE0\xE0\xE0\xF1\xF1\xF1\xF1"); + weak_test(1, "\x01\xFE\x01\xFE\x01\xFE\x01\xFE"); /* semi-weak keys */ + weak_test(1, "\xFE\x01\xFE\x01\xFE\x01\xFE\x01"); + weak_test(1, "\x1F\xE0\x1F\xE0\x0E\xF1\x0E\xF1"); + weak_test(1, "\xE0\x1F\xE0\x1F\xF1\x0E\xF1\x0E"); + weak_test(1, "\x01\xE0\x01\xE0\x01\xF1\x01\xF1"); + weak_test(1, "\xE0\x01\xE0\x01\xF1\x01\xF1\x01"); + weak_test(1, "\x1F\xFE\x1F\xFE\x0E\xFE\x0E\xFE"); + weak_test(1, "\xFE\x1F\xFE\x1F\xFE\x0E\xFE\x0E"); + weak_test(1, "\x01\x1F\x01\x1F\x01\x0E\x01\x0E"); + weak_test(1, "\x1F\x01\x1F\x01\x0E\x01\x0E\x01"); + weak_test(1, "\xE0\xFE\xE0\xFE\xF1\xFE\xF1\xFE"); + weak_test(1, "\xFE\xE0\xFE\xE0\xFE\xF1\xFE\xF1"); + + weak_test(0, "\x01\x01\x01\x01\x01\x01\x01\x02"); + weak_test(0, "\xFF\xE0\xFE\xE0\xFE\xF1\xFE\xF1"); + + return 0; +} diff --git a/lib/hcrypto/dh-ltm.c b/lib/hcrypto/dh-ltm.c new file mode 100644 index 000000000000..6af43cf044ee --- /dev/null +++ b/lib/hcrypto/dh-ltm.c @@ -0,0 +1,240 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include + +#include + +#include "tommath.h" + +static void +BN2mpz(mp_int *s, const BIGNUM *bn) +{ + size_t len; + void *p; + + len = BN_num_bytes(bn); + p = malloc(len); + BN_bn2bin(bn, p); + mp_read_unsigned_bin(s, p, len); + free(p); +} + + +static BIGNUM * +mpz2BN(mp_int *s) +{ + size_t size; + BIGNUM *bn; + void *p; + + size = mp_unsigned_bin_size(s); + p = malloc(size); + if (p == NULL && size != 0) + return NULL; + mp_to_unsigned_bin(s, p); + + bn = BN_bin2bn(p, size, NULL); + free(p); + return bn; +} + +/* + * + */ + +#define DH_NUM_TRIES 10 + +static int +ltm_dh_generate_key(DH *dh) +{ + mp_int pub, priv_key, g, p; + int have_private_key = (dh->priv_key != NULL); + int codes, times = 0; + int res; + + if (dh->p == NULL || dh->g == NULL) + return 0; + + while (times++ < DH_NUM_TRIES) { + if (!have_private_key) { + size_t bits = BN_num_bits(dh->p); + + if (dh->priv_key) + BN_free(dh->priv_key); + + dh->priv_key = BN_new(); + if (dh->priv_key == NULL) + return 0; + if (!BN_rand(dh->priv_key, bits - 1, 0, 0)) { + BN_clear_free(dh->priv_key); + dh->priv_key = NULL; + return 0; + } + } + if (dh->pub_key) + BN_free(dh->pub_key); + + mp_init_multi(&pub, &priv_key, &g, &p, NULL); + + BN2mpz(&priv_key, dh->priv_key); + BN2mpz(&g, dh->g); + BN2mpz(&p, dh->p); + + res = mp_exptmod(&g, &priv_key, &p, &pub); + + mp_clear_multi(&priv_key, &g, &p, NULL); + if (res != 0) + continue; + + dh->pub_key = mpz2BN(&pub); + mp_clear(&pub); + if (dh->pub_key == NULL) + return 0; + + if (DH_check_pubkey(dh, dh->pub_key, &codes) && codes == 0) + break; + if (have_private_key) + return 0; + } + + if (times >= DH_NUM_TRIES) { + if (!have_private_key && dh->priv_key) { + BN_free(dh->priv_key); + dh->priv_key = NULL; + } + if (dh->pub_key) { + BN_free(dh->pub_key); + dh->pub_key = NULL; + } + return 0; + } + + return 1; +} + +static int +ltm_dh_compute_key(unsigned char *shared, const BIGNUM * pub, DH *dh) +{ + mp_int s, priv_key, p, peer_pub; + int ret; + + if (dh->pub_key == NULL || dh->g == NULL || dh->priv_key == NULL) + return -1; + + mp_init_multi(&s, &priv_key, &p, &peer_pub, NULL); + BN2mpz(&p, dh->p); + BN2mpz(&peer_pub, pub); + + /* check if peers pubkey is reasonable */ + if (mp_isneg(&peer_pub) + || mp_cmp(&peer_pub, &p) >= 0 + || mp_cmp_d(&peer_pub, 1) <= 0) + { + ret = -1; + goto out; + } + + BN2mpz(&priv_key, dh->priv_key); + + ret = mp_exptmod(&peer_pub, &priv_key, &p, &s); + + if (ret != 0) { + ret = -1; + goto out; + } + + ret = mp_unsigned_bin_size(&s); + mp_to_unsigned_bin(&s, shared); + + out: + mp_clear_multi(&s, &priv_key, &p, &peer_pub, NULL); + + return ret; +} + +static int +ltm_dh_generate_params(DH *dh, int a, int b, BN_GENCB *callback) +{ + /* groups should already be known, we don't care about this */ + return 0; +} + +static int +ltm_dh_init(DH *dh) +{ + return 1; +} + +static int +ltm_dh_finish(DH *dh) +{ + return 1; +} + + +/* + * + */ + +const DH_METHOD _hc_dh_ltm_method = { + "hcrypto ltm DH", + ltm_dh_generate_key, + ltm_dh_compute_key, + NULL, + ltm_dh_init, + ltm_dh_finish, + 0, + NULL, + ltm_dh_generate_params +}; + +/** + * DH implementation using libtommath. + * + * @return the DH_METHOD for the DH implementation using libtommath. + * + * @ingroup hcrypto_dh + */ + +const DH_METHOD * +DH_ltm_method(void) +{ + return &_hc_dh_ltm_method; +} diff --git a/lib/hcrypto/dh.c b/lib/hcrypto/dh.c new file mode 100644 index 000000000000..e1f82bfd3bba --- /dev/null +++ b/lib/hcrypto/dh.c @@ -0,0 +1,554 @@ +/* + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include +#include + +#include + +#include + +/** + * @page page_dh DH - Diffie-Hellman key exchange + * + * Diffie-Hellman key exchange is a protocol that allows two parties + * to establish a shared secret key. + * + * Include and example how to use DH_new() and friends here. + * + * See the library functions here: @ref hcrypto_dh + */ + +/** + * Create a new DH object using DH_new_method(NULL), see DH_new_method(). + * + * @return a newly allocated DH object. + * + * @ingroup hcrypto_dh + */ + +DH * +DH_new(void) +{ + return DH_new_method(NULL); +} + +/** + * Create a new DH object from the given engine, if the NULL is used, + * the default engine is used. Free the DH object with DH_free(). + * + * @param engine The engine to use to allocate the DH object. + * + * @return a newly allocated DH object. + * + * @ingroup hcrypto_dh + */ + +DH * +DH_new_method(ENGINE *engine) +{ + DH *dh; + + dh = calloc(1, sizeof(*dh)); + if (dh == NULL) + return NULL; + + dh->references = 1; + + if (engine) { + ENGINE_up_ref(engine); + dh->engine = engine; + } else { + dh->engine = ENGINE_get_default_DH(); + } + + if (dh->engine) { + dh->meth = ENGINE_get_DH(dh->engine); + if (dh->meth == NULL) { + ENGINE_finish(engine); + free(dh); + return 0; + } + } + + if (dh->meth == NULL) + dh->meth = DH_get_default_method(); + + (*dh->meth->init)(dh); + + return dh; +} + +/** + * Free a DH object and release related resources, like ENGINE, that + * the object was using. + * + * @param dh object to be freed. + * + * @ingroup hcrypto_dh + */ + +void +DH_free(DH *dh) +{ + if (dh->references <= 0) + abort(); + + if (--dh->references > 0) + return; + + (*dh->meth->finish)(dh); + + if (dh->engine) + ENGINE_finish(dh->engine); + +#define free_if(f) if (f) { BN_free(f); } + free_if(dh->p); + free_if(dh->g); + free_if(dh->pub_key); + free_if(dh->priv_key); + free_if(dh->q); + free_if(dh->j); + free_if(dh->counter); +#undef free_if + + memset(dh, 0, sizeof(*dh)); + free(dh); +} + +/** + * Add a reference to the DH object. The object should be free with + * DH_free() to drop the reference. + * + * @param dh the object to increase the reference count too. + * + * @return the updated reference count, can't safely be used except + * for debug printing. + * + * @ingroup hcrypto_dh + */ + +int +DH_up_ref(DH *dh) +{ + return ++dh->references; +} + +/** + * The maximum output size of the DH_compute_key() function. + * + * @param dh The DH object to get the size from. + * + * @return the maximum size in bytes of the out data. + * + * @ingroup hcrypto_dh + */ + +int +DH_size(const DH *dh) +{ + return BN_num_bytes(dh->p); +} + +/** + * Set the data index idx in the DH object to data. + * + * @param dh DH object. + * @param idx index to set the data for. + * @param data data to store for the index idx. + * + * @return 1 on success. + * + * @ingroup hcrypto_dh + */ + +int +DH_set_ex_data(DH *dh, int idx, void *data) +{ + dh->ex_data.sk = data; + return 1; +} + +/** + * Get the data for index idx in the DH object. + * + * @param dh DH object. + * @param idx index to get the data for. + * + * @return the object store in index idx + * + * @ingroup hcrypto_dh + */ + +void * +DH_get_ex_data(DH *dh, int idx) +{ + return dh->ex_data.sk; +} + +/** + * Generate DH parameters for the DH object give parameters. + * + * @param dh The DH object to generate parameters for. + * @param prime_len length of the prime + * @param generator generator, g + * @param cb Callback parameters to show progress, can be NULL. + * + * @return the maximum size in bytes of the out data. + * + * @ingroup hcrypto_dh + */ + +int +DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb) +{ + if (dh->meth->generate_params) + return dh->meth->generate_params(dh, prime_len, generator, cb); + return 0; +} + +/** + * Check that the public key is sane. + * + * @param dh the local peer DH parameters. + * @param pub_key the remote peer public key parameters. + * @param codes return that the failures of the pub_key are. + * + * @return 1 on success, 0 on failure and *codes is set the the + * combined fail check for the public key + * + * @ingroup hcrypto_dh + */ + +int +DH_check_pubkey(const DH *dh, const BIGNUM *pub_key, int *codes) +{ + BIGNUM *bn = NULL, *sum = NULL; + int ret = 0; + + *codes = 0; + + /** + * Checks that the function performs are: + * - pub_key is not negative + */ + + if (BN_is_negative(pub_key)) + goto out; + + /** + * - pub_key > 1 and pub_key < p - 1, + * to avoid small subgroups attack. + */ + + bn = BN_new(); + if (bn == NULL) + goto out; + + if (!BN_set_word(bn, 1)) + goto out; + + if (BN_cmp(bn, pub_key) >= 0) + *codes |= DH_CHECK_PUBKEY_TOO_SMALL; + + sum = BN_new(); + if (sum == NULL) + goto out; + + BN_uadd(sum, pub_key, bn); + + if (BN_cmp(sum, dh->p) >= 0) + *codes |= DH_CHECK_PUBKEY_TOO_LARGE; + + /** + * - if g == 2, pub_key have more then one bit set, + * if bits set is 1, log_2(pub_key) is trival + */ + + if (!BN_set_word(bn, 2)) + goto out; + + if (BN_cmp(bn, dh->g) == 0) { + unsigned i, n = BN_num_bits(pub_key); + unsigned bits = 0; + + for (i = 0; i <= n; i++) + if (BN_is_bit_set(pub_key, i)) + bits++; + + if (bits < 2) { + *codes |= DH_CHECK_PUBKEY_TOO_SMALL; + goto out; + } + } + + ret = 1; +out: + if (bn) + BN_free(bn); + if (sum) + BN_free(sum); + + return ret; +} + +/** + * Generate a new DH private-public key pair. The dh parameter must be + * allocted first with DH_new(). dh->p and dp->g must be set. + * + * @param dh dh parameter. + * + * @return 1 on success. + * + * @ingroup hcrypto_dh + */ + +int +DH_generate_key(DH *dh) +{ + return dh->meth->generate_key(dh); +} + +/** + * Complute the shared secret key. + * + * @param shared_key the resulting shared key, need to be at least + * DH_size() large. + * @param peer_pub_key the peer's public key. + * @param dh the dh key pair. + * + * @return 1 on success. + * + * @ingroup hcrypto_dh + */ + +int +DH_compute_key(unsigned char *shared_key, + const BIGNUM *peer_pub_key, DH *dh) +{ + int codes; + + /** + * Checks that the pubkey passed in is valid using + * DH_check_pubkey(). + */ + + if (!DH_check_pubkey(dh, peer_pub_key, &codes) || codes != 0) + return -1; + + return dh->meth->compute_key(shared_key, peer_pub_key, dh); +} + +/** + * Set a new method for the DH keypair. + * + * @param dh dh parameter. + * @param method the new method for the DH parameter. + * + * @return 1 on success. + * + * @ingroup hcrypto_dh + */ + +int +DH_set_method(DH *dh, const DH_METHOD *method) +{ + (*dh->meth->finish)(dh); + if (dh->engine) { + ENGINE_finish(dh->engine); + dh->engine = NULL; + } + dh->meth = method; + (*dh->meth->init)(dh); + return 1; +} + +/* + * + */ + +static int +dh_null_generate_key(DH *dh) +{ + return 0; +} + +static int +dh_null_compute_key(unsigned char *shared,const BIGNUM *pub, DH *dh) +{ + return 0; +} + +static int +dh_null_init(DH *dh) +{ + return 1; +} + +static int +dh_null_finish(DH *dh) +{ + return 1; +} + +static int +dh_null_generate_params(DH *dh, int prime_num, int len, BN_GENCB *cb) +{ + return 0; +} + +static const DH_METHOD dh_null_method = { + "hcrypto null DH", + dh_null_generate_key, + dh_null_compute_key, + NULL, + dh_null_init, + dh_null_finish, + 0, + NULL, + dh_null_generate_params +}; + +extern const DH_METHOD _hc_dh_ltm_method; +static const DH_METHOD *dh_default_method = &_hc_dh_ltm_method; + +/** + * Return the dummy DH implementation. + * + * @return pointer to a DH_METHOD. + * + * @ingroup hcrypto_dh + */ + +const DH_METHOD * +DH_null_method(void) +{ + return &dh_null_method; +} + +/** + * Set the default DH implementation. + * + * @param meth pointer to a DH_METHOD. + * + * @ingroup hcrypto_dh + */ + +void +DH_set_default_method(const DH_METHOD *meth) +{ + dh_default_method = meth; +} + +/** + * Return the default DH implementation. + * + * @return pointer to a DH_METHOD. + * + * @ingroup hcrypto_dh + */ + +const DH_METHOD * +DH_get_default_method(void) +{ + return dh_default_method; +} + +/* + * + */ + +static int +bn2heim_int(BIGNUM *bn, heim_integer *integer) +{ + integer->length = BN_num_bytes(bn); + integer->data = malloc(integer->length); + if (integer->data == NULL) { + integer->length = 0; + return ENOMEM; + } + BN_bn2bin(bn, integer->data); + integer->negative = BN_is_negative(bn); + return 0; +} + +/** + * + */ + +int +i2d_DHparams(DH *dh, unsigned char **pp) +{ + DHParameter data; + size_t size; + int ret; + + memset(&data, 0, sizeof(data)); + + if (bn2heim_int(dh->p, &data.prime) || + bn2heim_int(dh->g, &data.base)) + { + free_DHParameter(&data); + return -1; + } + + if (pp == NULL) { + size = length_DHParameter(&data); + free_DHParameter(&data); + } else { + void *p; + size_t len; + + ASN1_MALLOC_ENCODE(DHParameter, p, len, &data, &size, ret); + free_DHParameter(&data); + if (ret) + return -1; + if (len != size) { + abort(); + return -1; + } + + memcpy(*pp, p, size); + free(p); + + *pp += size; + } + + return size; +} diff --git a/lib/hcrypto/dh.h b/lib/hcrypto/dh.h new file mode 100644 index 000000000000..637f218bcf82 --- /dev/null +++ b/lib/hcrypto/dh.h @@ -0,0 +1,146 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * $Id$ + */ + +#ifndef _HEIM_DH_H +#define _HEIM_DH_H 1 + +/* symbol renaming */ +#define DH_null_method hc_DH_null_method +#define DH_tfm_method hc_DH_tfm_method +#define DH_ltm_method hc_DH_ltm_method +#define DH_new hc_DH_new +#define DH_new_method hc_DH_new_method +#define DH_free hc_DH_free +#define DH_up_ref hc_DH_up_ref +#define DH_size hc_DH_size +#define DH_set_default_method hc_DH_set_default_method +#define DH_get_default_method hc_DH_get_default_method +#define DH_set_method hc_DH_set_method +#define DH_get_method hc_DH_get_method +#define DH_set_ex_data hc_DH_set_ex_data +#define DH_get_ex_data hc_DH_get_ex_data +#define DH_generate_parameters_ex hc_DH_generate_parameters_ex +#define DH_check_pubkey hc_DH_check_pubkey +#define DH_generate_key hc_DH_generate_key +#define DH_compute_key hc_DH_compute_key +#define i2d_DHparams hc_i2d_DHparams + +/* + * + */ + +typedef struct DH DH; +typedef struct DH_METHOD DH_METHOD; + +#include +#include + +struct DH_METHOD { + const char *name; + int (*generate_key)(DH *); + int (*compute_key)(unsigned char *,const BIGNUM *,DH *); + int (*bn_mod_exp)(const DH *, BIGNUM *, const BIGNUM *, + const BIGNUM *, const BIGNUM *, BN_CTX *, + BN_MONT_CTX *); + int (*init)(DH *); + int (*finish)(DH *); + int flags; + void *app_data; + int (*generate_params)(DH *, int, int, BN_GENCB *); +}; + +struct DH { + int pad; + int version; + BIGNUM *p; + BIGNUM *g; + long length; + BIGNUM *pub_key; + BIGNUM *priv_key; + int flags; + void *method_mont_p; + BIGNUM *q; + BIGNUM *j; + void *seed; + int seedlen; + BIGNUM *counter; + int references; + struct CRYPTO_EX_DATA { + void *sk; + int dummy; + } ex_data; + const DH_METHOD *meth; + ENGINE *engine; +}; + +/* DH_check_pubkey return codes in `codes' argument. */ +#define DH_CHECK_PUBKEY_TOO_SMALL 1 +#define DH_CHECK_PUBKEY_TOO_LARGE 2 + +/* + * + */ + +const DH_METHOD *DH_null_method(void); +const DH_METHOD *DH_tfm_method(void); +const DH_METHOD *DH_ltm_method(void); + +DH * DH_new(void); +DH * DH_new_method(ENGINE *); +void DH_free(DH *); +int DH_up_ref(DH *); + +int DH_size(const DH *); + + +void DH_set_default_method(const DH_METHOD *); +const DH_METHOD * + DH_get_default_method(void); +int DH_set_method(DH *, const DH_METHOD *); + +int DH_set_ex_data(DH *, int, void *); +void * DH_get_ex_data(DH *, int); + +int DH_generate_parameters_ex(DH *, int, int, BN_GENCB *); +int DH_check_pubkey(const DH *, const BIGNUM *, int *); +int DH_generate_key(DH *); +int DH_compute_key(unsigned char *,const BIGNUM *,DH *); + +int i2d_DHparams(DH *, unsigned char **); + +#endif /* _HEIM_DH_H */ + diff --git a/lib/hcrypto/dllmain.c b/lib/hcrypto/dllmain.c new file mode 100644 index 000000000000..b241c7380bf4 --- /dev/null +++ b/lib/hcrypto/dllmain.c @@ -0,0 +1,49 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include + +BOOL WINAPI +DllMain (HANDLE hInst, + ULONG reason, + LPVOID lpReserved) +{ + switch(reason) { + case DLL_PROCESS_ATTACH: + case DLL_PROCESS_DETACH: + default: + return TRUE; + } +} diff --git a/lib/hcrypto/doxygen.c b/lib/hcrypto/doxygen.c new file mode 100644 index 000000000000..8311dbdf4e4a --- /dev/null +++ b/lib/hcrypto/doxygen.c @@ -0,0 +1,102 @@ +/* + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/** + * + */ + +/*! @mainpage Heimdal crypto library + * + * @section intro Introduction + * + * Heimdal libhcrypto library is a implementation many crypto + * algorithms, among others: AES, SHA, DES, RSA, Camellia and many + * help function. + * + * hcrypto provies a OpenSSL compatible interface libcrypto interface + * and is licensed under a 3 clause BSD license (GPL compatible). + * + * The project web page: http://www.h5l.org/ + * + * Sections of this manual: + * + * - @subpage page_evp, @ref hcrypto_evp + * - @subpage page_rand, @ref hcrypto_rand + * - @subpage page_dh, @ref hcrypto_dh + * - @subpage page_rsa, @ref hcrypto_rsa + * - @ref hcrypto_misc + * + * Older interfaces that you should not use: + * + * - @subpage page_des, @ref hcrypto_des + * + * @subsection control_functions Control functions + * + * Functions controlling general behavior, like adding algorithms, are + * documented in this module: @ref hcrypto_core . + * + * @subsection return_values Return values + * + * Return values are diffrent in this module to be compatible with + * OpenSSL interface. The diffrence is that on success 1 is returned + * instead of the customary 0. + + * @subsection History + * + * Eric Young implemented DES in the library libdes, that grew into + * libcrypto in the ssleay package. ssleay went into recession and + * then got picked up by the OpenSSL (htp://www.openssl.org/) + * project. + * + * libhcrypto is an independent implementation with no code decended + * from ssleay/openssl. Both includes some common imported code, for + * example the AES implementation. + */ + +/** @defgroup hcrypto_dh Diffie-Hellman functions + * See the @ref page_dh for description and examples. + */ +/** @defgroup hcrypto_rsa RSA functions + * See the @ref page_rsa for description and examples. + */ +/** @defgroup hcrypto_evp EVP generic crypto functions + * See the @ref page_evp for description and examples. + */ +/** @defgroup hcrypto_rand RAND crypto functions + * See the @ref page_rand for description and examples. + */ +/** @defgroup hcrypto_des DES crypto functions + * See the @ref page_des for description and examples. + */ +/** @defgroup hcrypto_core hcrypto function controlling behavior */ +/** @defgroup hcrypto_misc hcrypto miscellaneous functions */ diff --git a/lib/hcrypto/dsa.c b/lib/hcrypto/dsa.c new file mode 100644 index 000000000000..a5bdbabad165 --- /dev/null +++ b/lib/hcrypto/dsa.c @@ -0,0 +1,121 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include + +#include + +/* + * + */ + +DSA * +DSA_new(void) +{ + DSA *dsa = calloc(1, sizeof(*dsa)); + dsa->meth = rk_UNCONST(DSA_get_default_method()); + dsa->references = 1; + return dsa; +} + +void +DSA_free(DSA *dsa) +{ + if (dsa->references <= 0) + abort(); + + if (--dsa->references > 0) + return; + + (*dsa->meth->finish)(dsa); + +#define free_if(f) if (f) { BN_free(f); } + free_if(dsa->p); + free_if(dsa->q); + free_if(dsa->g); + free_if(dsa->pub_key); + free_if(dsa->priv_key); + free_if(dsa->kinv); + free_if(dsa->r); +#undef free_if + + memset(dsa, 0, sizeof(*dsa)); + free(dsa); + +} + +int +DSA_up_ref(DSA *dsa) +{ + return ++dsa->references; +} + +/* + * + */ + +static const DSA_METHOD dsa_null_method = { + "hcrypto null DSA" +}; + +const DSA_METHOD * +DSA_null_method(void) +{ + return &dsa_null_method; +} + + +const DSA_METHOD *dsa_default_mech = &dsa_null_method; + +void +DSA_set_default_method(const DSA_METHOD *mech) +{ + dsa_default_mech = mech; +} + +const DSA_METHOD * +DSA_get_default_method(void) +{ + return dsa_default_mech; +} + +int +DSA_verify(int type, const unsigned char * digest, int digest_len, + const unsigned char *sig, int sig_len, DSA *dsa) +{ + return -1; +} diff --git a/lib/hcrypto/dsa.h b/lib/hcrypto/dsa.h new file mode 100644 index 000000000000..686d05087448 --- /dev/null +++ b/lib/hcrypto/dsa.h @@ -0,0 +1,140 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * $Id$ + */ + +#ifndef _HEIM_DSA_H +#define _HEIM_DSA_H 1 + +#include + +/* symbol renaming */ +#define DSA_null_method hc_DSA_null_method +#define DSA_new hc_DSA_new +#define DSA_free hc_DSA_free +#define DSA_up_ref hc_DSA_up_ref +#define DSA_set_default_method hc_DSA_set_default_method +#define DSA_get_default_method hc_DSA_get_default_method +#define DSA_set_method hc_DSA_set_method +#define DSA_get_method hc_DSA_get_method +#define DSA_set_app_data hc_DSA_set_app_data +#define DSA_get_app_data hc_DSA_get_app_data +#define DSA_size hc_DSA_size +#define DSA_verify hc_DSA_verify + +/* + * + */ + + +typedef struct DSA DSA; +typedef struct DSA_METHOD DSA_METHOD; +typedef struct DSA_SIG DSA_SIG; + +struct DSA_SIG { + BIGNUM *r; + BIGNUM *s; +}; + +struct DSA_METHOD { + const char *name; + DSA_SIG * (*dsa_do_sign)(const unsigned char *, int, DSA *); + int (*dsa_sign_setup)(DSA *, BN_CTX *, BIGNUM **, BIGNUM **); + int (*dsa_do_verify)(const unsigned char *, int, DSA_SIG *, DSA *); + int (*dsa_mod_exp)(DSA *, BIGNUM *, BIGNUM *, BIGNUM *, + BIGNUM *, BIGNUM *, BIGNUM *, BN_CTX *, + BN_MONT_CTX *); + int (*bn_mod_exp)(DSA *, BIGNUM *, BIGNUM *, const BIGNUM *, + const BIGNUM *, BN_CTX *, + BN_MONT_CTX *); + int (*init)(DSA *); + int (*finish)(DSA *); + int flags; + void *app_data; +}; + +struct DSA { + int pad; + long version; + int write_params; + BIGNUM *p; + BIGNUM *q; + BIGNUM *g; + + BIGNUM *pub_key; + BIGNUM *priv_key; + + BIGNUM *kinv; + BIGNUM *r; + int flags; + void *method_mont_p; + int references; + struct dsa_CRYPTO_EX_DATA { + void *sk; + int dummy; + } ex_data; + const DSA_METHOD *meth; + void *engine; +}; + +/* + * + */ + +const DSA_METHOD *DSA_null_method(void); + +/* + * + */ + +DSA * DSA_new(void); +void DSA_free(DSA *); +int DSA_up_ref(DSA *); + +void DSA_set_default_method(const DSA_METHOD *); +const DSA_METHOD * DSA_get_default_method(void); + +const DSA_METHOD * DSA_get_method(const DSA *); +int DSA_set_method(DSA *, const DSA_METHOD *); + +void DSA_set_app_data(DSA *, void *arg); +void * DSA_get_app_data(DSA *); + +int DSA_size(const DSA *); + +int DSA_verify(int, const unsigned char *, int, + const unsigned char *, int, DSA *); + +#endif /* _HEIM_DSA_H */ diff --git a/lib/hcrypto/ec.h b/lib/hcrypto/ec.h new file mode 100644 index 000000000000..d92a46efc239 --- /dev/null +++ b/lib/hcrypto/ec.h @@ -0,0 +1,93 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef HEIM_EC_H +#define HEIM_EC_H 1 + +#define EC_GROUP_get_degree hc_EC_GROUP_get_degree +#define EC_KEY_get0_group hc_EC_KEY_get0_group +#define EC_GROUP_get_order hc_EC_GROUP_get_order +#define o2i_ECPublicKey hc_o2i_ECPublicKey +#define EC_KEY_free hc_EC_KEY_free +#define EC_GROUP_new_by_curve_name hc_EC_GROUP_new_by_curve_name +#define EC_KEY_set_group hc_EC_KEY_set_group +#define EC_GROUP_free hc_EC_GROUP_free +#define EC_KEY_check_key hc_EC_KEY_check_key +#define EC_KEY_get0_private_key hc_EC_KEY_get0_private_key +#define EC_KEY_set_private_key hc_EC_KEY_set_private_key + +#include +#include + +typedef struct EC_KEY EC_KEY; +typedef struct EC_GROUP EC_GROUP; +typedef struct EC_GROUP_ID_s *EC_GROUP_ID; + +unsigned long +EC_GROUP_get_degree(EC_GROUP *); + +EC_GROUP * +EC_KEY_get0_group(EC_KEY *); + +int +EC_GROUP_get_order(EC_GROUP *, BIGNUM *, BN_CTX *); + +EC_KEY * +o2i_ECPublicKey(EC_KEY **key, unsigned char **, size_t); + +EC_KEY * +EC_KEY_new_by_curve_name(EC_GROUP_ID); + +int +EC_KEY_generate_key(EC_KEY *); + +void +EC_KEY_free(EC_KEY *); + +EC_GROUP * +EC_GROUP_new_by_curve_name(int nid); + +void +EC_KEY_set_group(EC_KEY *, EC_GROUP *); + +void +EC_GROUP_free(EC_GROUP *); + +int +EC_KEY_check_key(const EC_KEY *); + +const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *); + +int EC_KEY_set_private_key(EC_KEY *, const BIGNUM *); + +#endif /* HEIM_EC_H */ diff --git a/lib/hcrypto/ecdh.h b/lib/hcrypto/ecdh.h new file mode 100644 index 000000000000..4dda28499c60 --- /dev/null +++ b/lib/hcrypto/ecdh.h @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef HEIM_ECDH_H +#define HEIM_ECDH_H 1 + +#define ECDH_compute_key hc_ECDH_compute_key + +#include + +int +ECDH_compute_key(void *, size_t, + const EC_KEY *, const EC_KEY *, + void *(*KDF)(const void *, size_t, void *, size_t *)); + + +#endif /* HEIM_ECDH_H */ diff --git a/lib/hcrypto/ecdsa.h b/lib/hcrypto/ecdsa.h new file mode 100644 index 000000000000..84886f4078fe --- /dev/null +++ b/lib/hcrypto/ecdsa.h @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef HEIM_ECDSA_H +#define HEIM_ECDSA_H 1 + +#define ECDSA_verify hc_ECDSA_verify +#define ECDSA_sign hc_ECDSA_sign +#define ECDSA_size hc_ECDSA_size + +#include + +int ECDSA_verify(int, const unsigned char *, unsigned int, + unsigned char *, unsigned int, EC_KEY *); + +int ECDSA_sign(int, const unsigned char *, unsigned int, + unsigned char *, unsigned int *, EC_KEY *); + +int ECDSA_size(EC_KEY *); + + +#endif /* HEIM_ECDSA_H */ diff --git a/lib/hcrypto/engine.c b/lib/hcrypto/engine.c new file mode 100644 index 000000000000..3b22e5620112 --- /dev/null +++ b/lib/hcrypto/engine.c @@ -0,0 +1,395 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include + +#include + +#ifdef HAVE_DLFCN_H +#include +#ifndef RTLD_NOW +#define RTLD_NOW 0 +#endif +#endif + +struct hc_engine { + int references; + char *name; + char *id; + void (*destroy)(ENGINE *); + const RSA_METHOD *rsa; + const DH_METHOD *dh; + const RAND_METHOD *rand; +}; + +ENGINE * +ENGINE_new(void) +{ + ENGINE *engine; + + engine = calloc(1, sizeof(*engine)); + engine->references = 1; + + return engine; +} + +int +ENGINE_free(ENGINE *engine) +{ + return ENGINE_finish(engine); +} + +int +ENGINE_finish(ENGINE *engine) +{ + if (engine->references-- <= 0) + abort(); + if (engine->references > 0) + return 1; + + if (engine->name) + free(engine->name); + if (engine->id) + free(engine->id); + if(engine->destroy) + (*engine->destroy)(engine); + + memset(engine, 0, sizeof(engine)); + engine->references = -1; + + + free(engine); + return 1; +} + +int +ENGINE_up_ref(ENGINE *engine) +{ + if (engine->references < 0) + abort(); + engine->references++; + return 1; +} + +int +ENGINE_set_id(ENGINE *engine, const char *id) +{ + engine->id = strdup(id); + return (engine->id == NULL) ? 0 : 1; +} + +int +ENGINE_set_name(ENGINE *engine, const char *name) +{ + engine->name = strdup(name); + return (engine->name == NULL) ? 0 : 1; +} + +int +ENGINE_set_RSA(ENGINE *engine, const RSA_METHOD *method) +{ + engine->rsa = method; + return 1; +} + +int +ENGINE_set_DH(ENGINE *engine, const DH_METHOD *method) +{ + engine->dh = method; + return 1; +} + +int +ENGINE_set_destroy_function(ENGINE *e, void (*destroy)(ENGINE *)) +{ + e->destroy = destroy; + return 1; +} + +const char * +ENGINE_get_id(const ENGINE *engine) +{ + return engine->id; +} + +const char * +ENGINE_get_name(const ENGINE *engine) +{ + return engine->name; +} + +const RSA_METHOD * +ENGINE_get_RSA(const ENGINE *engine) +{ + return engine->rsa; +} + +const DH_METHOD * +ENGINE_get_DH(const ENGINE *engine) +{ + return engine->dh; +} + +const RAND_METHOD * +ENGINE_get_RAND(const ENGINE *engine) +{ + return engine->rand; +} + +/* + * + */ + +#define SG_default_engine(type) \ +static ENGINE *type##_engine; \ +int \ +ENGINE_set_default_##type(ENGINE *engine) \ +{ \ + if (type##_engine) \ + ENGINE_finish(type##_engine); \ + type##_engine = engine; \ + if (type##_engine) \ + ENGINE_up_ref(type##_engine); \ + return 1; \ +} \ +ENGINE * \ +ENGINE_get_default_##type(void) \ +{ \ + if (type##_engine) \ + ENGINE_up_ref(type##_engine); \ + return type##_engine; \ +} + +SG_default_engine(RSA) +SG_default_engine(DH) + +#undef SG_default_engine + +/* + * + */ + +static ENGINE **engines; +static unsigned int num_engines; + +static int +add_engine(ENGINE *engine) +{ + ENGINE **d, *dup; + + dup = ENGINE_by_id(engine->id); + if (dup) + return 0; + + d = realloc(engines, (num_engines + 1) * sizeof(*engines)); + if (d == NULL) + return 1; + engines = d; + engines[num_engines++] = engine; + + return 1; +} + +void +ENGINE_load_builtin_engines(void) +{ + ENGINE *engine; + int ret; + + engine = ENGINE_new(); + if (engine == NULL) + return; + + ENGINE_set_id(engine, "builtin"); + ENGINE_set_name(engine, + "Heimdal crypto builtin (ltm) engine version " PACKAGE_VERSION); + ENGINE_set_RSA(engine, RSA_ltm_method()); + ENGINE_set_DH(engine, DH_ltm_method()); + + ret = add_engine(engine); + if (ret != 1) + ENGINE_finish(engine); + +#ifdef USE_HCRYPTO_TFM + /* + * TFM + */ + + engine = ENGINE_new(); + if (engine == NULL) + return; + + ENGINE_set_id(engine, "tfm"); + ENGINE_set_name(engine, + "Heimdal crypto tfm engine version " PACKAGE_VERSION); + ENGINE_set_RSA(engine, RSA_tfm_method()); + ENGINE_set_DH(engine, DH_tfm_method()); + + ret = add_engine(engine); + if (ret != 1) + ENGINE_finish(engine); +#endif /* USE_HCRYPTO_TFM */ + +#ifdef USE_HCRYPTO_LTM + /* + * ltm + */ + + engine = ENGINE_new(); + if (engine == NULL) + return; + + ENGINE_set_id(engine, "ltm"); + ENGINE_set_name(engine, + "Heimdal crypto ltm engine version " PACKAGE_VERSION); + ENGINE_set_RSA(engine, RSA_ltm_method()); + ENGINE_set_DH(engine, DH_ltm_method()); + + ret = add_engine(engine); + if (ret != 1) + ENGINE_finish(engine); +#endif + +#ifdef HAVE_GMP + /* + * gmp + */ + + engine = ENGINE_new(); + if (engine == NULL) + return; + + ENGINE_set_id(engine, "gmp"); + ENGINE_set_name(engine, + "Heimdal crypto gmp engine version " PACKAGE_VERSION); + ENGINE_set_RSA(engine, RSA_gmp_method()); + + ret = add_engine(engine); + if (ret != 1) + ENGINE_finish(engine); +#endif +} + +ENGINE * +ENGINE_by_dso(const char *path, const char *id) +{ +#ifdef HAVE_DLOPEN + ENGINE *engine; + void *handle; + int ret; + + engine = calloc(1, sizeof(*engine)); + if (engine == NULL) + return NULL; + + handle = dlopen(path, RTLD_NOW); + if (handle == NULL) { + /* printf("error: %s\n", dlerror()); */ + free(engine); + return NULL; + } + + { + unsigned long version; + openssl_v_check v_check; + + v_check = (openssl_v_check)dlsym(handle, "v_check"); + if (v_check == NULL) { + dlclose(handle); + free(engine); + return NULL; + } + + version = (*v_check)(OPENSSL_DYNAMIC_VERSION); + if (version == 0) { + dlclose(handle); + free(engine); + return NULL; + } + } + + { + openssl_bind_engine bind_engine; + + bind_engine = (openssl_bind_engine)dlsym(handle, "bind_engine"); + if (bind_engine == NULL) { + dlclose(handle); + free(engine); + return NULL; + } + + ret = (*bind_engine)(engine, id, NULL); /* XXX fix third arg */ + if (ret != 1) { + dlclose(handle); + free(engine); + return NULL; + } + } + + ENGINE_up_ref(engine); + + ret = add_engine(engine); + if (ret != 1) { + dlclose(handle); + ENGINE_finish(engine); + return NULL; + } + + return engine; +#else + return NULL; +#endif +} + +ENGINE * +ENGINE_by_id(const char *id) +{ + int i; + + for (i = 0; i < num_engines; i++) { + if (strcmp(id, engines[i]->id) == 0) { + ENGINE_up_ref(engines[i]); + return engines[i]; + } + } + return NULL; +} + +void +ENGINE_add_conf_module(void) +{ +} diff --git a/lib/hcrypto/engine.h b/lib/hcrypto/engine.h new file mode 100644 index 000000000000..7fd8f3e1e5a2 --- /dev/null +++ b/lib/hcrypto/engine.h @@ -0,0 +1,118 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * $Id$ + */ + +#ifndef _HEIM_ENGINE_H +#define _HEIM_ENGINE_H 1 + +/* symbol renaming */ +#define ENGINE_add_conf_module hc_ENGINE_add_conf_module +#define ENGINE_by_dso hc_ENGINE_by_dso +#define ENGINE_by_id hc_ENGINE_by_id +#define ENGINE_finish hc_ENGINE_finish +#define ENGINE_get_DH hc_ENGINE_get_DH +#define ENGINE_get_RSA hc_ENGINE_get_RSA +#define ENGINE_get_RAND hc_ENGINE_get_RAND +#define ENGINE_get_id hc_ENGINE_get_id +#define ENGINE_get_name hc_ENGINE_get_name +#define ENGINE_load_builtin_engines hc_ENGINE_load_builtin_engines +#define ENGINE_set_DH hc_ENGINE_set_DH +#define ENGINE_set_RSA hc_ENGINE_set_RSA +#define ENGINE_set_id hc_ENGINE_set_id +#define ENGINE_set_name hc_ENGINE_set_name +#define ENGINE_set_destroy_function hc_ENGINE_set_destroy_function +#define ENGINE_new hc_ENGINE_new +#define ENGINE_free hc_ENGINE_free +#define ENGINE_up_ref hc_ENGINE_up_ref +#define ENGINE_get_default_DH hc_ENGINE_get_default_DH +#define ENGINE_get_default_RSA hc_ENGINE_get_default_RSA +#define ENGINE_set_default_DH hc_ENGINE_set_default_DH +#define ENGINE_set_default_RSA hc_ENGINE_set_default_RSA + +/* + * + */ + +typedef struct hc_engine ENGINE; + +#define NID_md2 0 +#define NID_md4 1 +#define NID_md5 2 +#define NID_sha1 4 +#define NID_sha256 5 + +/* + * + */ + +#include +#include +#include +#include + +#define OPENSSL_DYNAMIC_VERSION (unsigned long)0x00020000 + +typedef int (*openssl_bind_engine)(ENGINE *, const char *, const void *); +typedef unsigned long (*openssl_v_check)(unsigned long); + +ENGINE * + ENGINE_new(void); +int ENGINE_free(ENGINE *); +void ENGINE_add_conf_module(void); +void ENGINE_load_builtin_engines(void); +ENGINE *ENGINE_by_id(const char *); +ENGINE *ENGINE_by_dso(const char *, const char *); +int ENGINE_finish(ENGINE *); +int ENGINE_up_ref(ENGINE *); +int ENGINE_set_id(ENGINE *, const char *); +int ENGINE_set_name(ENGINE *, const char *); +int ENGINE_set_RSA(ENGINE *, const RSA_METHOD *); +int ENGINE_set_DH(ENGINE *, const DH_METHOD *); +int ENGINE_set_destroy_function(ENGINE *, void (*)(ENGINE *)); + +const char * ENGINE_get_id(const ENGINE *); +const char * ENGINE_get_name(const ENGINE *); +const RSA_METHOD * ENGINE_get_RSA(const ENGINE *); +const DH_METHOD * ENGINE_get_DH(const ENGINE *); +const RAND_METHOD * ENGINE_get_RAND(const ENGINE *); + +int ENGINE_set_default_RSA(ENGINE *); +ENGINE * ENGINE_get_default_RSA(void); +int ENGINE_set_default_DH(ENGINE *); +ENGINE * ENGINE_get_default_DH(void); + + +#endif /* _HEIM_ENGINE_H */ diff --git a/lib/hcrypto/evp-cc.c b/lib/hcrypto/evp-cc.c new file mode 100644 index 000000000000..bd084a25e20d --- /dev/null +++ b/lib/hcrypto/evp-cc.c @@ -0,0 +1,856 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* CommonCrypto provider */ + +#ifdef __APPLE__ + +#include "config.h" + +#include +#include +#include +#include +#include + +#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H +#include +#endif +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H +#include +#endif + +#include +#include + +/* + * + */ + +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + +struct cc_key { + CCCryptorRef href; +}; + +static int +cc_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + struct cc_key *cc = ctx->cipher_data; + CCCryptorStatus ret; + size_t moved; + + memcpy(out, in, size); + + ret = CCCryptorUpdate(cc->href, in, size, out, size, &moved); + if (ret) + return 0; + + if (moved != size) + return 0; + + return 1; +} + +static int +cc_do_cfb8_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + struct cc_key *cc = ctx->cipher_data; + CCCryptorStatus ret; + size_t moved; + unsigned int i; + + for (i = 0; i < size; i++) { + unsigned char oiv[EVP_MAX_IV_LENGTH + 1]; + + assert(ctx->cipher->iv_len + 1 <= sizeof(oiv)); + memcpy(oiv, ctx->iv, ctx->cipher->iv_len); + + ret = CCCryptorUpdate(cc->href, ctx->iv, ctx->cipher->iv_len, + ctx->iv, ctx->cipher->iv_len, &moved); + if (ret) + return 0; + + if (moved != ctx->cipher->iv_len) + return 0; + + if (!ctx->encrypt) + oiv[ctx->cipher->iv_len] = in[i]; + out[i] = in[i] ^ ctx->iv[0]; + if (ctx->encrypt) + oiv[ctx->cipher->iv_len] = out[i]; + + memcpy(ctx->iv, &oiv[1], ctx->cipher->iv_len); + } + + return 1; +} + +static int +cc_cleanup(EVP_CIPHER_CTX *ctx) +{ + struct cc_key *cc = ctx->cipher_data; + if (cc->href) + CCCryptorRelease(cc->href); + return 1; +} + +static int +init_cc_key(int encp, CCAlgorithm alg, CCOptions opts, const void *key, + size_t keylen, const void *iv, CCCryptorRef *ref) +{ + CCOperation op = encp ? kCCEncrypt : kCCDecrypt; + CCCryptorStatus ret; + + if (*ref) { + if (key == NULL && iv) { + CCCryptorReset(*ref, iv); + return 1; + } + CCCryptorRelease(*ref); + } + + ret = CCCryptorCreate(op, alg, opts, key, keylen, iv, ref); + if (ret) + return 0; + return 1; +} + +static int +cc_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct cc_key *cc = ctx->cipher_data; + return init_cc_key(encp, kCCAlgorithm3DES, 0, key, kCCKeySize3DES, iv, &cc->href); +} + +#endif /* HAVE_COMMONCRYPTO_COMMONCRYPTOR_H */ + +/** + * The tripple DES cipher type (Apple CommonCrypto provider) + * + * @return the DES-EDE3-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_des_ede3_cbc(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + static const EVP_CIPHER des_ede3_cbc = { + 0, + 8, + 24, + 8, + EVP_CIPH_CBC_MODE|EVP_CIPH_ALWAYS_CALL_INIT, + cc_des_ede3_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &des_ede3_cbc; +#else + return NULL; +#endif +} + +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H +/* + * + */ + +static int +cc_des_cbc_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct cc_key *cc = ctx->cipher_data; + return init_cc_key(encp, kCCAlgorithmDES, 0, key, kCCBlockSizeDES, iv, &cc->href); +} +#endif + +/** + * The DES cipher type (Apple CommonCrypto provider) + * + * @return the DES-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_des_cbc(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + static const EVP_CIPHER des_ede3_cbc = { + 0, + kCCBlockSizeDES, + kCCBlockSizeDES, + kCCBlockSizeDES, + EVP_CIPH_CBC_MODE|EVP_CIPH_ALWAYS_CALL_INIT, + cc_des_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &des_ede3_cbc; +#else + return NULL; +#endif +} + +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H +/* + * + */ + +static int +cc_aes_cbc_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct cc_key *cc = ctx->cipher_data; + return init_cc_key(encp, kCCAlgorithmAES128, 0, key, ctx->cipher->key_len, iv, &cc->href); +} +#endif + +/** + * The AES-128 cipher type (Apple CommonCrypto provider) + * + * @return the AES-128-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_aes_128_cbc(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + static const EVP_CIPHER c = { + 0, + kCCBlockSizeAES128, + kCCKeySizeAES128, + kCCBlockSizeAES128, + EVP_CIPH_CBC_MODE|EVP_CIPH_ALWAYS_CALL_INIT, + cc_aes_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &c; +#else + return NULL; +#endif +} + +/** + * The AES-192 cipher type (Apple CommonCrypto provider) + * + * @return the AES-192-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_aes_192_cbc(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + static const EVP_CIPHER c = { + 0, + kCCBlockSizeAES128, + kCCKeySizeAES192, + kCCBlockSizeAES128, + EVP_CIPH_CBC_MODE|EVP_CIPH_ALWAYS_CALL_INIT, + cc_aes_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &c; +#else + return NULL; +#endif +} + +/** + * The AES-256 cipher type (Apple CommonCrypto provider) + * + * @return the AES-256-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_aes_256_cbc(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + static const EVP_CIPHER c = { + 0, + kCCBlockSizeAES128, + kCCKeySizeAES256, + kCCBlockSizeAES128, + EVP_CIPH_CBC_MODE|EVP_CIPH_ALWAYS_CALL_INIT, + cc_aes_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &c; +#else + return NULL; +#endif +} + +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H +/* + * + */ + +static int +cc_aes_cfb8_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct cc_key *cc = ctx->cipher_data; + memcpy(ctx->iv, iv, ctx->cipher->iv_len); + return init_cc_key(1, kCCAlgorithmAES128, kCCOptionECBMode, + key, ctx->cipher->key_len, NULL, &cc->href); +} +#endif + +/** + * The AES-128 CFB8 cipher type (Apple CommonCrypto provider) + * + * @return the AES-128-CFB8 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_aes_128_cfb8(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + static const EVP_CIPHER c = { + 0, + 1, + kCCKeySizeAES128, + kCCBlockSizeAES128, + EVP_CIPH_CFB8_MODE|EVP_CIPH_ALWAYS_CALL_INIT, + cc_aes_cfb8_init, + cc_do_cfb8_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &c; +#else + return NULL; +#endif +} + +/** + * The AES-192 CFB8 cipher type (Apple CommonCrypto provider) + * + * @return the AES-192-CFB8 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_aes_192_cfb8(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + static const EVP_CIPHER c = { + 0, + 1, + kCCKeySizeAES192, + kCCBlockSizeAES128, + EVP_CIPH_CFB8_MODE|EVP_CIPH_ALWAYS_CALL_INIT, + cc_aes_cfb8_init, + cc_do_cfb8_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &c; +#else + return NULL; +#endif +} + +/** + * The AES-256 CFB8 cipher type (Apple CommonCrypto provider) + * + * @return the AES-256-CFB8 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_aes_256_cfb8(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + static const EVP_CIPHER c = { + 0, + kCCBlockSizeAES128, + kCCKeySizeAES256, + kCCBlockSizeAES128, + EVP_CIPH_CFB8_MODE|EVP_CIPH_ALWAYS_CALL_INIT, + cc_aes_cfb8_init, + cc_do_cfb8_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &c; +#else + return NULL; +#endif +} + +/* + * + */ + +#ifdef COMMONCRYPTO_SUPPORTS_RC2 +static int +cc_rc2_cbc_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct cc_key *cc = ctx->cipher_data; + return init_cc_key(encp, kCCAlgorithmRC2, 0, key, ctx->cipher->key_len, iv, &cc->href); +} +#endif + +/** + * The RC2 cipher type - common crypto + * + * @return the RC2 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + + +const EVP_CIPHER * +EVP_cc_rc2_cbc(void) +{ +#ifdef COMMONCRYPTO_SUPPORTS_RC2 + static const EVP_CIPHER rc2_cbc = { + 0, + kCCBlockSizeRC2, + 16, + kCCBlockSizeRC2, + EVP_CIPH_CBC_MODE|EVP_CIPH_ALWAYS_CALL_INIT, + cc_rc2_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_cbc; +#else + return NULL; +#endif +} + +/** + * The RC2-40 cipher type - common crypto + * + * @return the RC2-40 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + + +const EVP_CIPHER * +EVP_cc_rc2_40_cbc(void) +{ +#ifdef COMMONCRYPTO_SUPPORTS_RC2 + static const EVP_CIPHER rc2_40_cbc = { + 0, + kCCBlockSizeRC2, + 5, + kCCBlockSizeRC2, + EVP_CIPH_CBC_MODE|EVP_CIPH_ALWAYS_CALL_INIT, + cc_rc2_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_40_cbc; +#else + return NULL; +#endif +} + + +/** + * The RC2-64 cipher type - common crypto + * + * @return the RC2-64 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + + +const EVP_CIPHER * +EVP_cc_rc2_64_cbc(void) +{ +#ifdef COMMONCRYPTO_SUPPORTS_RC2 + static const EVP_CIPHER rc2_64_cbc = { + 0, + kCCBlockSizeRC2, + 8, + kCCBlockSizeRC2, + EVP_CIPH_CBC_MODE|EVP_CIPH_ALWAYS_CALL_INIT, + cc_rc2_cbc_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_64_cbc; +#else + return NULL; +#endif +} + +/** + * The CommonCrypto md2 provider + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_cc_md2(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H + static const struct hc_evp_md md2 = { + CC_MD2_DIGEST_LENGTH, + CC_MD2_BLOCK_BYTES, + sizeof(CC_MD2_CTX), + (hc_evp_md_init)CC_MD2_Init, + (hc_evp_md_update)CC_MD2_Update, + (hc_evp_md_final)CC_MD2_Final, + (hc_evp_md_cleanup)NULL + }; + return &md2; +#else + return NULL; +#endif +} + +/** + * The CommonCrypto md4 provider + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_cc_md4(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H + static const struct hc_evp_md md4 = { + CC_MD4_DIGEST_LENGTH, + CC_MD4_BLOCK_BYTES, + sizeof(CC_MD4_CTX), + (hc_evp_md_init)CC_MD4_Init, + (hc_evp_md_update)CC_MD4_Update, + (hc_evp_md_final)CC_MD4_Final, + (hc_evp_md_cleanup)NULL + }; + return &md4; +#else + return NULL; +#endif +} + +/** + * The CommonCrypto md5 provider + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_cc_md5(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H + static const struct hc_evp_md md5 = { + CC_MD5_DIGEST_LENGTH, + CC_MD5_BLOCK_BYTES, + sizeof(CC_MD5_CTX), + (hc_evp_md_init)CC_MD5_Init, + (hc_evp_md_update)CC_MD5_Update, + (hc_evp_md_final)CC_MD5_Final, + (hc_evp_md_cleanup)NULL + }; + return &md5; +#else + return NULL; +#endif +} + +/** + * The CommonCrypto sha1 provider + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_cc_sha1(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H + static const struct hc_evp_md sha1 = { + CC_SHA1_DIGEST_LENGTH, + CC_SHA1_BLOCK_BYTES, + sizeof(CC_SHA1_CTX), + (hc_evp_md_init)CC_SHA1_Init, + (hc_evp_md_update)CC_SHA1_Update, + (hc_evp_md_final)CC_SHA1_Final, + (hc_evp_md_cleanup)NULL + }; + return &sha1; +#else + return NULL; +#endif +} + +/** + * The CommonCrypto sha256 provider + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_cc_sha256(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H + static const struct hc_evp_md sha256 = { + CC_SHA256_DIGEST_LENGTH, + CC_SHA256_BLOCK_BYTES, + sizeof(CC_SHA256_CTX), + (hc_evp_md_init)CC_SHA256_Init, + (hc_evp_md_update)CC_SHA256_Update, + (hc_evp_md_final)CC_SHA256_Final, + (hc_evp_md_cleanup)NULL + }; + return &sha256; +#else + return NULL; +#endif +} + +/** + * The Camellia-128 cipher type - CommonCrypto + * + * @return the Camellia-128 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_camellia_128_cbc(void) +{ + return NULL; +} + +/** + * The Camellia-198 cipher type - CommonCrypto + * + * @return the Camellia-198 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_camellia_192_cbc(void) +{ + return NULL; +} + +/** + * The Camellia-256 cipher type - CommonCrypto + * + * @return the Camellia-256 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_camellia_256_cbc(void) +{ + return NULL; +} + +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + +/* + * + */ + +static int +cc_rc4_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct cc_key *cc = ctx->cipher_data; + return init_cc_key(encp, kCCAlgorithmRC4, 0, key, ctx->key_len, iv, &cc->href); +} + +#endif + +/** + + * The RC4 cipher type (Apple CommonCrypto provider) + * + * @return the RC4 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_rc4(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + static const EVP_CIPHER rc4 = { + 0, + 1, + 16, + 0, + EVP_CIPH_STREAM_CIPHER|EVP_CIPH_VARIABLE_LENGTH, + cc_rc4_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &rc4; +#else + return NULL; +#endif +} + + +/** + * The RC4-40 cipher type (Apple CommonCrypto provider) + * + * @return the RC4 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_cc_rc4_40(void) +{ +#ifdef HAVE_COMMONCRYPTO_COMMONCRYPTOR_H + static const EVP_CIPHER rc4_40 = { + 0, + 1, + 5, + 0, + EVP_CIPH_STREAM_CIPHER|EVP_CIPH_VARIABLE_LENGTH, + cc_rc4_init, + cc_do_cipher, + cc_cleanup, + sizeof(struct cc_key), + NULL, + NULL, + NULL, + NULL + }; + return &rc4_40; +#else + return NULL; +#endif +} + +#endif /* __APPLE__ */ + diff --git a/lib/hcrypto/evp-cc.h b/lib/hcrypto/evp-cc.h new file mode 100644 index 000000000000..9249bb226e1e --- /dev/null +++ b/lib/hcrypto/evp-cc.h @@ -0,0 +1,98 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIM_EVP_CC_H +#define HEIM_EVP_CC_H 1 + +/* symbol renaming */ +#define EVP_cc_md2 hc_EVP_cc_md2 +#define EVP_cc_md4 hc_EVP_cc_md4 +#define EVP_cc_md5 hc_EVP_cc_md5 +#define EVP_cc_sha1 hc_EVP_cc_sha1 +#define EVP_cc_sha256 hc_EVP_cc_sha256 +#define EVP_cc_des_cbc hc_EVP_cc_des_cbc +#define EVP_cc_des_ede3_cbc hc_EVP_cc_des_ede3_cbc +#define EVP_cc_aes_128_cbc hc_EVP_cc_aes_128_cbc +#define EVP_cc_aes_192_cbc hc_EVP_cc_aes_192_cbc +#define EVP_cc_aes_256_cbc hc_EVP_cc_aes_256_cbc +#define EVP_cc_aes_128_cfb8 hc_EVP_cc_aes_128_cfb8 +#define EVP_cc_aes_192_cfb8 hc_EVP_cc_aes_192_cfb8 +#define EVP_cc_aes_256_cfb8 hc_EVP_cc_aes_256_cfb8 +#define EVP_cc_rc4 hc_EVP_cc_rc4 +#define EVP_cc_rc4_40 hc_EVP_cc_rc4_40 +#define EVP_cc_rc2_40_cbc hc_EVP_cc_rc2_40_cbc +#define EVP_cc_rc2_64_cbc hc_EVP_cc_rc2_64_cbc +#define EVP_cc_rc2_cbc hc_EVP_cc_rc2_cbc +#define EVP_cc_camellia_128_cbc hc_EVP_cc_camellia_128_cbc +#define EVP_cc_camellia_192_cbc hc_EVP_cc_camellia_192_cbc +#define EVP_cc_camellia_256_cbc hc_EVP_cc_camellia_256_cbc + +/* + * + */ + +HC_CPP_BEGIN + +const EVP_MD * EVP_cc_md2(void); +const EVP_MD * EVP_cc_md4(void); +const EVP_MD * EVP_cc_md5(void); +const EVP_MD * EVP_cc_sha1(void); +const EVP_MD * EVP_cc_sha256(void); + +const EVP_CIPHER * EVP_cc_rc2_cbc(void); +const EVP_CIPHER * EVP_cc_rc2_40_cbc(void); +const EVP_CIPHER * EVP_cc_rc2_64_cbc(void); + +const EVP_CIPHER * EVP_cc_rc4(void); +const EVP_CIPHER * EVP_cc_rc4_40(void); + +const EVP_CIPHER * EVP_cc_des_cbc(void); +const EVP_CIPHER * EVP_cc_des_ede3_cbc(void); + +const EVP_CIPHER * EVP_cc_aes_128_cbc(void); +const EVP_CIPHER * EVP_cc_aes_192_cbc(void); +const EVP_CIPHER * EVP_cc_aes_256_cbc(void); + +const EVP_CIPHER * EVP_cc_aes_128_cfb8(void); +const EVP_CIPHER * EVP_cc_aes_192_cfb8(void); +const EVP_CIPHER * EVP_cc_aes_256_cfb8(void); + +const EVP_CIPHER * EVP_cc_camellia_128_cbc(void); +const EVP_CIPHER * EVP_cc_camellia_192_cbc(void); +const EVP_CIPHER * EVP_cc_camellia_256_cbc(void); + +HC_CPP_END + +#endif /* HEIM_EVP_CC_H */ diff --git a/lib/hcrypto/evp-hcrypto.c b/lib/hcrypto/evp-hcrypto.c new file mode 100644 index 000000000000..bf37b42edcac --- /dev/null +++ b/lib/hcrypto/evp-hcrypto.c @@ -0,0 +1,857 @@ +/* + * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#define HC_DEPRECATED + +#include +#include +#include +#include +#include + +#include +#include + +#include + +#include +#include "camellia.h" +#include + +#include +#include + +#include +#include +#include +#include + +/* + * + */ + +static int +aes_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + AES_KEY *k = ctx->cipher_data; + if (ctx->encrypt) + AES_set_encrypt_key(key, ctx->cipher->key_len * 8, k); + else + AES_set_decrypt_key(key, ctx->cipher->key_len * 8, k); + return 1; +} + +static int +aes_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + AES_KEY *k = ctx->cipher_data; + if (ctx->flags & EVP_CIPH_CFB8_MODE) + AES_cfb8_encrypt(in, out, size, k, ctx->iv, ctx->encrypt); + else + AES_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt); + return 1; +} + +/** + * The AES-128 cipher type (hcrypto) + * + * @return the AES-128 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_aes_128_cbc(void) +{ + static const EVP_CIPHER aes_128_cbc = { + 0, + 16, + 16, + 16, + EVP_CIPH_CBC_MODE, + aes_init, + aes_do_cipher, + NULL, + sizeof(AES_KEY), + NULL, + NULL, + NULL, + NULL + }; + + return &aes_128_cbc; +} + +/** + * The AES-192 cipher type (hcrypto) + * + * @return the AES-192 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_aes_192_cbc(void) +{ + static const EVP_CIPHER aes_192_cbc = { + 0, + 16, + 24, + 16, + EVP_CIPH_CBC_MODE, + aes_init, + aes_do_cipher, + NULL, + sizeof(AES_KEY), + NULL, + NULL, + NULL, + NULL + }; + return &aes_192_cbc; +} + +/** + * The AES-256 cipher type (hcrypto) + * + * @return the AES-256 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_aes_256_cbc(void) +{ + static const EVP_CIPHER aes_256_cbc = { + 0, + 16, + 32, + 16, + EVP_CIPH_CBC_MODE, + aes_init, + aes_do_cipher, + NULL, + sizeof(AES_KEY), + NULL, + NULL, + NULL, + NULL + }; + return &aes_256_cbc; +} + +/** + * The AES-128 CFB8 cipher type (hcrypto) + * + * @return the AES-128 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_aes_128_cfb8(void) +{ + static const EVP_CIPHER aes_128_cfb8 = { + 0, + 1, + 16, + 16, + EVP_CIPH_CFB8_MODE, + aes_init, + aes_do_cipher, + NULL, + sizeof(AES_KEY), + NULL, + NULL, + NULL, + NULL + }; + + return &aes_128_cfb8; +} + +/** + * The AES-192 CFB8 cipher type (hcrypto) + * + * @return the AES-192 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_aes_192_cfb8(void) +{ + static const EVP_CIPHER aes_192_cfb8 = { + 0, + 1, + 24, + 16, + EVP_CIPH_CFB8_MODE, + aes_init, + aes_do_cipher, + NULL, + sizeof(AES_KEY), + NULL, + NULL, + NULL, + NULL + }; + return &aes_192_cfb8; +} + +/** + * The AES-256 CFB8 cipher type (hcrypto) + * + * @return the AES-256 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_aes_256_cfb8(void) +{ + static const EVP_CIPHER aes_256_cfb8 = { + 0, + 1, + 32, + 16, + EVP_CIPH_CFB8_MODE, + aes_init, + aes_do_cipher, + NULL, + sizeof(AES_KEY), + NULL, + NULL, + NULL, + NULL + }; + return &aes_256_cfb8; +} + +/** + * The message digest SHA256 - hcrypto + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_hcrypto_sha256(void) +{ + static const struct hc_evp_md sha256 = { + 32, + 64, + sizeof(SHA256_CTX), + (hc_evp_md_init)SHA256_Init, + (hc_evp_md_update)SHA256_Update, + (hc_evp_md_final)SHA256_Final, + NULL + }; + return &sha256; +} + +/** + * The message digest SHA384 - hcrypto + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_hcrypto_sha384(void) +{ + static const struct hc_evp_md sha384 = { + 48, + 128, + sizeof(SHA384_CTX), + (hc_evp_md_init)SHA384_Init, + (hc_evp_md_update)SHA384_Update, + (hc_evp_md_final)SHA384_Final, + NULL + }; + return &sha384; +} + +/** + * The message digest SHA512 - hcrypto + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_hcrypto_sha512(void) +{ + static const struct hc_evp_md sha512 = { + 64, + 128, + sizeof(SHA512_CTX), + (hc_evp_md_init)SHA512_Init, + (hc_evp_md_update)SHA512_Update, + (hc_evp_md_final)SHA512_Final, + NULL + }; + return &sha512; +} + +/** + * The message digest SHA1 - hcrypto + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_hcrypto_sha1(void) +{ + static const struct hc_evp_md sha1 = { + 20, + 64, + sizeof(SHA_CTX), + (hc_evp_md_init)SHA1_Init, + (hc_evp_md_update)SHA1_Update, + (hc_evp_md_final)SHA1_Final, + NULL + }; + return &sha1; +} + +/** + * The message digest MD5 - hcrypto + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_hcrypto_md5(void) +{ + static const struct hc_evp_md md5 = { + 16, + 64, + sizeof(MD5_CTX), + (hc_evp_md_init)MD5_Init, + (hc_evp_md_update)MD5_Update, + (hc_evp_md_final)MD5_Final, + NULL + }; + return &md5; +} + +/** + * The message digest MD4 - hcrypto + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_hcrypto_md4(void) +{ + static const struct hc_evp_md md4 = { + 16, + 64, + sizeof(MD4_CTX), + (hc_evp_md_init)MD4_Init, + (hc_evp_md_update)MD4_Update, + (hc_evp_md_final)MD4_Final, + NULL + }; + return &md4; +} + +/** + * The message digest MD2 - hcrypto + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_hcrypto_md2(void) +{ + static const struct hc_evp_md md2 = { + 16, + 16, + sizeof(MD2_CTX), + (hc_evp_md_init)MD2_Init, + (hc_evp_md_update)MD2_Update, + (hc_evp_md_final)MD2_Final, + NULL + }; + return &md2; +} + +/* + * + */ + +static int +des_cbc_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + DES_key_schedule *k = ctx->cipher_data; + DES_cblock deskey; + memcpy(&deskey, key, sizeof(deskey)); + DES_set_key_unchecked(&deskey, k); + return 1; +} + +static int +des_cbc_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + DES_key_schedule *k = ctx->cipher_data; + DES_cbc_encrypt(in, out, size, + k, (DES_cblock *)ctx->iv, ctx->encrypt); + return 1; +} + +/** + * The DES cipher type + * + * @return the DES-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_des_cbc(void) +{ + static const EVP_CIPHER des_cbc = { + 0, + 8, + 8, + 8, + EVP_CIPH_CBC_MODE, + des_cbc_init, + des_cbc_do_cipher, + NULL, + sizeof(DES_key_schedule), + NULL, + NULL, + NULL, + NULL + }; + return &des_cbc; +} + +/* + * + */ + +struct des_ede3_cbc { + DES_key_schedule ks[3]; +}; + +static int +des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct des_ede3_cbc *k = ctx->cipher_data; + DES_cblock deskey; + + memcpy(&deskey, key, sizeof(deskey)); + DES_set_odd_parity(&deskey); + DES_set_key_unchecked(&deskey, &k->ks[0]); + + memcpy(&deskey, key + 8, sizeof(deskey)); + DES_set_odd_parity(&deskey); + DES_set_key_unchecked(&deskey, &k->ks[1]); + + memcpy(&deskey, key + 16, sizeof(deskey)); + DES_set_odd_parity(&deskey); + DES_set_key_unchecked(&deskey, &k->ks[2]); + + return 1; +} + +static int +des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + struct des_ede3_cbc *k = ctx->cipher_data; + DES_ede3_cbc_encrypt(in, out, size, + &k->ks[0], &k->ks[1], &k->ks[2], + (DES_cblock *)ctx->iv, ctx->encrypt); + return 1; +} + +/** + * The tripple DES cipher type - hcrypto + * + * @return the DES-EDE3-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_des_ede3_cbc(void) +{ + static const EVP_CIPHER des_ede3_cbc = { + 0, + 8, + 24, + 8, + EVP_CIPH_CBC_MODE, + des_ede3_cbc_init, + des_ede3_cbc_do_cipher, + NULL, + sizeof(struct des_ede3_cbc), + NULL, + NULL, + NULL, + NULL + }; + return &des_ede3_cbc; +} + +/* + * + */ + +struct rc2_cbc { + unsigned int maximum_effective_key; + RC2_KEY key; +}; + +static int +rc2_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + struct rc2_cbc *k = ctx->cipher_data; + k->maximum_effective_key = EVP_CIPHER_CTX_key_length(ctx) * 8; + RC2_set_key(&k->key, + EVP_CIPHER_CTX_key_length(ctx), + key, + k->maximum_effective_key); + return 1; +} + +static int +rc2_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + struct rc2_cbc *k = ctx->cipher_data; + RC2_cbc_encrypt(in, out, size, &k->key, ctx->iv, ctx->encrypt); + return 1; +} + +/** + * The RC2 cipher type - hcrypto + * + * @return the RC2 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_rc2_cbc(void) +{ + static const EVP_CIPHER rc2_cbc = { + 0, + RC2_BLOCK_SIZE, + RC2_KEY_LENGTH, + RC2_BLOCK_SIZE, + EVP_CIPH_CBC_MODE|EVP_CIPH_VARIABLE_LENGTH, + rc2_init, + rc2_do_cipher, + NULL, + sizeof(struct rc2_cbc), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_cbc; +} + +/** + * The RC2-40 cipher type + * + * @return the RC2-40 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_rc2_40_cbc(void) +{ + static const EVP_CIPHER rc2_40_cbc = { + 0, + RC2_BLOCK_SIZE, + 5, + RC2_BLOCK_SIZE, + EVP_CIPH_CBC_MODE, + rc2_init, + rc2_do_cipher, + NULL, + sizeof(struct rc2_cbc), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_40_cbc; +} + +/** + * The RC2-64 cipher type + * + * @return the RC2-64 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_rc2_64_cbc(void) +{ + static const EVP_CIPHER rc2_64_cbc = { + 0, + RC2_BLOCK_SIZE, + 8, + RC2_BLOCK_SIZE, + EVP_CIPH_CBC_MODE, + rc2_init, + rc2_do_cipher, + NULL, + sizeof(struct rc2_cbc), + NULL, + NULL, + NULL, + NULL + }; + return &rc2_64_cbc; +} + +static int +camellia_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + CAMELLIA_KEY *k = ctx->cipher_data; + k->bits = ctx->cipher->key_len * 8; + CAMELLIA_set_key(key, ctx->cipher->key_len * 8, k); + return 1; +} + +static int +camellia_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + CAMELLIA_KEY *k = ctx->cipher_data; + CAMELLIA_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt); + return 1; +} + +/** + * The Camellia-128 cipher type - hcrypto + * + * @return the Camellia-128 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_camellia_128_cbc(void) +{ + static const EVP_CIPHER cipher = { + 0, + 16, + 16, + 16, + EVP_CIPH_CBC_MODE, + camellia_init, + camellia_do_cipher, + NULL, + sizeof(CAMELLIA_KEY), + NULL, + NULL, + NULL, + NULL + }; + return &cipher; +} + +/** + * The Camellia-198 cipher type - hcrypto + * + * @return the Camellia-198 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_camellia_192_cbc(void) +{ + static const EVP_CIPHER cipher = { + 0, + 16, + 24, + 16, + EVP_CIPH_CBC_MODE, + camellia_init, + camellia_do_cipher, + NULL, + sizeof(CAMELLIA_KEY), + NULL, + NULL, + NULL, + NULL + }; + return &cipher; +} + +/** + * The Camellia-256 cipher type - hcrypto + * + * @return the Camellia-256 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_hcrypto_camellia_256_cbc(void) +{ + static const EVP_CIPHER cipher = { + 0, + 16, + 32, + 16, + EVP_CIPH_CBC_MODE, + camellia_init, + camellia_do_cipher, + NULL, + sizeof(CAMELLIA_KEY), + NULL, + NULL, + NULL, + NULL + }; + return &cipher; +} + +static int +rc4_init(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, + int enc) +{ + RC4_KEY *k = ctx->cipher_data; + RC4_set_key(k, ctx->key_len, key); + return 1; +} + +static int +rc4_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + RC4_KEY *k = ctx->cipher_data; + RC4(k, size, in, out); + return 1; +} + +const EVP_CIPHER * +EVP_hcrypto_rc4(void) +{ + static const EVP_CIPHER rc4 = { + 0, + 1, + 16, + 0, + EVP_CIPH_STREAM_CIPHER|EVP_CIPH_VARIABLE_LENGTH, + rc4_init, + rc4_do_cipher, + NULL, + sizeof(RC4_KEY), + NULL, + NULL, + NULL, + NULL + }; + return &rc4; +} + + +const EVP_CIPHER * +EVP_hcrypto_rc4_40(void) +{ + static const EVP_CIPHER rc4_40 = { + 0, + 1, + 5, + 0, + EVP_CIPH_STREAM_CIPHER|EVP_CIPH_VARIABLE_LENGTH, + rc4_init, + rc4_do_cipher, + NULL, + sizeof(RC4_KEY), + NULL, + NULL, + NULL, + NULL + }; + return &rc4_40; +} diff --git a/lib/hcrypto/evp-hcrypto.h b/lib/hcrypto/evp-hcrypto.h new file mode 100644 index 000000000000..b7876c67c8a3 --- /dev/null +++ b/lib/hcrypto/evp-hcrypto.h @@ -0,0 +1,103 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIM_EVP_HCRYPTO_H +#define HEIM_EVP_HCRYPTO_H 1 + +/* symbol renaming */ +#define EVP_hcrypto_md2 hc_EVP_hcrypto_md2 +#define EVP_hcrypto_md4 hc_EVP_hcrypto_md4 +#define EVP_hcrypto_md5 hc_EVP_hcrypto_md5 +#define EVP_hcrypto_sha1 hc_EVP_hcrypto_sha1 +#define EVP_hcrypto_sha256 hc_EVP_hcrypto_sha256 +#define EVP_hcrypto_sha384 hc_EVP_hcrypto_sha384 +#define EVP_hcrypto_sha512 hc_EVP_hcrypto_sha512 +#define EVP_hcrypto_des_cbc hc_EVP_hcrypto_des_cbc +#define EVP_hcrypto_des_ede3_cbc hc_EVP_hcrypto_des_ede3_cbc +#define EVP_hcrypto_aes_128_cbc hc_EVP_hcrypto_aes_128_cbc +#define EVP_hcrypto_aes_192_cbc hc_EVP_hcrypto_aes_192_cbc +#define EVP_hcrypto_aes_256_cbc hc_EVP_hcrypto_aes_256_cbc +#define EVP_hcrypto_aes_128_cfb8 hc_EVP_hcrypto_aes_128_cfb8 +#define EVP_hcrypto_aes_192_cfb8 hc_EVP_hcrypto_aes_192_cfb8 +#define EVP_hcrypto_aes_256_cfb8 hc_EVP_hcrypto_aes_256_cfb8 +#define EVP_hcrypto_rc4 hc_EVP_hcrypto_rc4 +#define EVP_hcrypto_rc4_40 hc_EVP_hcrypto_rc4_40 +#define EVP_hcrypto_rc2_40_cbc hc_EVP_hcrypto_rc2_40_cbc +#define EVP_hcrypto_rc2_64_cbc hc_EVP_hcrypto_rc2_64_cbc +#define EVP_hcrypto_rc2_cbc hc_EVP_hcrypto_rc2_cbc +#define EVP_hcrypto_camellia_128_cbc hc_EVP_hcrypto_camellia_128_cbc +#define EVP_hcrypto_camellia_192_cbc hc_EVP_hcrypto_camellia_192_cbc +#define EVP_hcrypto_camellia_256_cbc hc_EVP_hcrypto_camellia_256_cbc + +/* + * + */ + +HC_CPP_BEGIN + +const EVP_MD * EVP_hcrypto_md2(void); +const EVP_MD * EVP_hcrypto_md4(void); +const EVP_MD * EVP_hcrypto_md5(void); +const EVP_MD * EVP_hcrypto_sha1(void); +const EVP_MD * EVP_hcrypto_sha256(void); +const EVP_MD * EVP_hcrypto_sha384(void); +const EVP_MD * EVP_hcrypto_sha512(void); + +const EVP_CIPHER * EVP_hcrypto_rc4(void); +const EVP_CIPHER * EVP_hcrypto_rc4_40(void); + +const EVP_CIPHER * EVP_hcrypto_rc2_cbc(void); +const EVP_CIPHER * EVP_hcrypto_rc2_40_cbc(void); +const EVP_CIPHER * EVP_hcrypto_rc2_64_cbc(void); + +const EVP_CIPHER * EVP_hcrypto_des_cbc(void); +const EVP_CIPHER * EVP_hcrypto_des_ede3_cbc(void); + +const EVP_CIPHER * EVP_hcrypto_aes_128_cbc(void); +const EVP_CIPHER * EVP_hcrypto_aes_192_cbc(void); +const EVP_CIPHER * EVP_hcrypto_aes_256_cbc(void); + +const EVP_CIPHER * EVP_hcrypto_aes_128_cfb8(void); +const EVP_CIPHER * EVP_hcrypto_aes_192_cfb8(void); +const EVP_CIPHER * EVP_hcrypto_aes_256_cfb8(void); + +const EVP_CIPHER * EVP_hcrypto_camellia_128_cbc(void); +const EVP_CIPHER * EVP_hcrypto_camellia_192_cbc(void); +const EVP_CIPHER * EVP_hcrypto_camellia_256_cbc(void); + + +HC_CPP_END + +#endif /* HEIM_EVP_HCRYPTO_H */ diff --git a/lib/hcrypto/evp.c b/lib/hcrypto/evp.c new file mode 100644 index 000000000000..75eefc49312e --- /dev/null +++ b/lib/hcrypto/evp.c @@ -0,0 +1,1495 @@ +/* + * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#define HC_DEPRECATED +#define HC_DEPRECATED_CRYPTO + +#include +#include +#include +#include +#include + +#include +#include +#include + +#include +#include + +#ifndef HCRYPTO_DEF_PROVIDER +#define HCRYPTO_DEF_PROVIDER hcrypto +#endif + +#define HC_CONCAT4(x,y,z,aa) x ## y ## z ## aa + + +#define EVP_DEF_OP(_prov,_op) HC_CONCAT4(EVP_,_prov,_,_op)() + +/** + * @page page_evp EVP - generic crypto interface + * + * See the library functions here: @ref hcrypto_evp + * + * @section evp_cipher EVP Cipher + * + * The use of EVP_CipherInit_ex() and EVP_Cipher() is pretty easy to + * understand forward, then EVP_CipherUpdate() and + * EVP_CipherFinal_ex() really needs an example to explain @ref + * example_evp_cipher.c . + * + * @example example_evp_cipher.c + * + * This is an example how to use EVP_CipherInit_ex(), + * EVP_CipherUpdate() and EVP_CipherFinal_ex(). + */ + +struct hc_EVP_MD_CTX { + const EVP_MD *md; + ENGINE *engine; + void *ptr; +}; + + +/** + * Return the output size of the message digest function. + * + * @param md the evp message + * + * @return size output size of the message digest function. + * + * @ingroup hcrypto_evp + */ + +size_t +EVP_MD_size(const EVP_MD *md) +{ + return md->hash_size; +} + +/** + * Return the blocksize of the message digest function. + * + * @param md the evp message + * + * @return size size of the message digest block size + * + * @ingroup hcrypto_evp + */ + +size_t +EVP_MD_block_size(const EVP_MD *md) +{ + return md->block_size; +} + +/** + * Allocate a messsage digest context object. Free with + * EVP_MD_CTX_destroy(). + * + * @return a newly allocated message digest context object. + * + * @ingroup hcrypto_evp + */ + +EVP_MD_CTX * +EVP_MD_CTX_create(void) +{ + return calloc(1, sizeof(EVP_MD_CTX)); +} + +/** + * Initiate a messsage digest context object. Deallocate with + * EVP_MD_CTX_cleanup(). Please use EVP_MD_CTX_create() instead. + * + * @param ctx variable to initiate. + * + * @ingroup hcrypto_evp + */ + +void +EVP_MD_CTX_init(EVP_MD_CTX *ctx) HC_DEPRECATED +{ + memset(ctx, 0, sizeof(*ctx)); +} + +/** + * Free a messsage digest context object. + * + * @param ctx context to free. + * + * @ingroup hcrypto_evp + */ + +void +EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) +{ + EVP_MD_CTX_cleanup(ctx); + free(ctx); +} + +/** + * Free the resources used by the EVP_MD context. + * + * @param ctx the context to free the resources from. + * + * @return 1 on success. + * + * @ingroup hcrypto_evp + */ + +int +EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) HC_DEPRECATED +{ + if (ctx->md && ctx->md->cleanup) + (ctx->md->cleanup)(ctx); + else if (ctx->md) + memset(ctx->ptr, 0, ctx->md->ctx_size); + ctx->md = NULL; + ctx->engine = NULL; + free(ctx->ptr); + memset(ctx, 0, sizeof(*ctx)); + return 1; +} + +/** + * Get the EVP_MD use for a specified context. + * + * @param ctx the EVP_MD context to get the EVP_MD for. + * + * @return the EVP_MD used for the context. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_MD_CTX_md(EVP_MD_CTX *ctx) +{ + return ctx->md; +} + +/** + * Return the output size of the message digest function. + * + * @param ctx the evp message digest context + * + * @return size output size of the message digest function. + * + * @ingroup hcrypto_evp + */ + +size_t +EVP_MD_CTX_size(EVP_MD_CTX *ctx) +{ + return EVP_MD_size(ctx->md); +} + +/** + * Return the blocksize of the message digest function. + * + * @param ctx the evp message digest context + * + * @return size size of the message digest block size + * + * @ingroup hcrypto_evp + */ + +size_t +EVP_MD_CTX_block_size(EVP_MD_CTX *ctx) +{ + return EVP_MD_block_size(ctx->md); +} + +/** + * Init a EVP_MD_CTX for use a specific message digest and engine. + * + * @param ctx the message digest context to init. + * @param md the message digest to use. + * @param engine the engine to use, NULL to use the default engine. + * + * @return 1 on success. + * + * @ingroup hcrypto_evp + */ + +int +EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine) +{ + if (ctx->md != md || ctx->engine != engine) { + EVP_MD_CTX_cleanup(ctx); + ctx->md = md; + ctx->engine = engine; + + ctx->ptr = calloc(1, md->ctx_size); + if (ctx->ptr == NULL) + return 0; + } + (ctx->md->init)(ctx->ptr); + return 1; +} + +/** + * Update the digest with some data. + * + * @param ctx the context to update + * @param data the data to update the context with + * @param size length of data + * + * @return 1 on success. + * + * @ingroup hcrypto_evp + */ + +int +EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t size) +{ + (ctx->md->update)(ctx->ptr, data, size); + return 1; +} + +/** + * Complete the message digest. + * + * @param ctx the context to complete. + * @param hash the output of the message digest function. At least + * EVP_MD_size(). + * @param size the output size of hash. + * + * @return 1 on success. + * + * @ingroup hcrypto_evp + */ + +int +EVP_DigestFinal_ex(EVP_MD_CTX *ctx, void *hash, unsigned int *size) +{ + (ctx->md->final)(hash, ctx->ptr); + if (size) + *size = ctx->md->hash_size; + return 1; +} + +/** + * Do the whole EVP_MD_CTX_create(), EVP_DigestInit_ex(), + * EVP_DigestUpdate(), EVP_DigestFinal_ex(), EVP_MD_CTX_destroy() + * dance in one call. + * + * @param data the data to update the context with + * @param dsize length of data + * @param hash output data of at least EVP_MD_size() length. + * @param hsize output length of hash. + * @param md message digest to use + * @param engine engine to use, NULL for default engine. + * + * @return 1 on success. + * + * @ingroup hcrypto_evp + */ + +int +EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize, + const EVP_MD *md, ENGINE *engine) +{ + EVP_MD_CTX *ctx; + int ret; + + ctx = EVP_MD_CTX_create(); + if (ctx == NULL) + return 0; + ret = EVP_DigestInit_ex(ctx, md, engine); + if (ret != 1) { + EVP_MD_CTX_destroy(ctx); + return ret; + } + ret = EVP_DigestUpdate(ctx, data, dsize); + if (ret != 1) { + EVP_MD_CTX_destroy(ctx); + return ret; + } + ret = EVP_DigestFinal_ex(ctx, hash, hsize); + EVP_MD_CTX_destroy(ctx); + return ret; +} + +/** + * The message digest SHA256 + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_sha256(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha256); +} + +/** + * The message digest SHA384 + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_sha384(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha384); +} + +/** + * The message digest SHA512 + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_sha512(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha512); +} + +/** + * The message digest SHA1 + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_sha1(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, sha1); +} + +/** + * The message digest SHA1 + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_sha(void) HC_DEPRECATED + +{ + hcrypto_validate(); + return EVP_sha1(); +} + +/** + * The message digest MD5 + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_md5(void) HC_DEPRECATED_CRYPTO +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md5); +} + +/** + * The message digest MD4 + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_md4(void) HC_DEPRECATED_CRYPTO +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md4); +} + +/** + * The message digest MD2 + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_md2(void) HC_DEPRECATED_CRYPTO +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, md2); +} + +/* + * + */ + +static void +null_Init (void *m) +{ +} +static void +null_Update (void *m, const void * data, size_t size) +{ +} +static void +null_Final(void *res, void *m) +{ +} + +/** + * The null message digest + * + * @return the message digest type. + * + * @ingroup hcrypto_evp + */ + +const EVP_MD * +EVP_md_null(void) +{ + static const struct hc_evp_md null = { + 0, + 0, + 0, + (hc_evp_md_init)null_Init, + (hc_evp_md_update)null_Update, + (hc_evp_md_final)null_Final, + NULL + }; + return &null; +} + +/** + * Return the block size of the cipher. + * + * @param c cipher to get the block size from. + * + * @return the block size of the cipher. + * + * @ingroup hcrypto_evp + */ + +size_t +EVP_CIPHER_block_size(const EVP_CIPHER *c) +{ + return c->block_size; +} + +/** + * Return the key size of the cipher. + * + * @param c cipher to get the key size from. + * + * @return the key size of the cipher. + * + * @ingroup hcrypto_evp + */ + +size_t +EVP_CIPHER_key_length(const EVP_CIPHER *c) +{ + return c->key_len; +} + +/** + * Return the IV size of the cipher. + * + * @param c cipher to get the IV size from. + * + * @return the IV size of the cipher. + * + * @ingroup hcrypto_evp + */ + +size_t +EVP_CIPHER_iv_length(const EVP_CIPHER *c) +{ + return c->iv_len; +} + +/** + * Initiate a EVP_CIPHER_CTX context. Clean up with + * EVP_CIPHER_CTX_cleanup(). + * + * @param c the cipher initiate. + * + * @ingroup hcrypto_evp + */ + +void +EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *c) +{ + memset(c, 0, sizeof(*c)); +} + +/** + * Clean up the EVP_CIPHER_CTX context. + * + * @param c the cipher to clean up. + * + * @return 1 on success. + * + * @ingroup hcrypto_evp + */ + +int +EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) +{ + if (c->cipher && c->cipher->cleanup) + c->cipher->cleanup(c); + if (c->cipher_data) { + memset(c->cipher_data, 0, c->cipher->ctx_size); + free(c->cipher_data); + c->cipher_data = NULL; + } + return 1; +} + +/** + * If the cipher type supports it, change the key length + * + * @param c the cipher context to change the key length for + * @param length new key length + * + * @return 1 on success. + * + * @ingroup hcrypto_evp + */ + +int +EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int length) +{ + if ((c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH) && length > 0) { + c->key_len = length; + return 1; + } + return 0; +} + +#if 0 +int +EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad) +{ + return 0; +} +#endif + +/** + * Return the EVP_CIPHER for a EVP_CIPHER_CTX context. + * + * @param ctx the context to get the cipher type from. + * + * @return the EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *ctx) +{ + return ctx->cipher; +} + +/** + * Return the block size of the cipher context. + * + * @param ctx cipher context to get the block size from. + * + * @return the block size of the cipher context. + * + * @ingroup hcrypto_evp + */ + +size_t +EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx) +{ + return EVP_CIPHER_block_size(ctx->cipher); +} + +/** + * Return the key size of the cipher context. + * + * @param ctx cipher context to get the key size from. + * + * @return the key size of the cipher context. + * + * @ingroup hcrypto_evp + */ + +size_t +EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) +{ + return EVP_CIPHER_key_length(ctx->cipher); +} + +/** + * Return the IV size of the cipher context. + * + * @param ctx cipher context to get the IV size from. + * + * @return the IV size of the cipher context. + * + * @ingroup hcrypto_evp + */ + +size_t +EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) +{ + return EVP_CIPHER_iv_length(ctx->cipher); +} + +/** + * Get the flags for an EVP_CIPHER_CTX context. + * + * @param ctx the EVP_CIPHER_CTX to get the flags from + * + * @return the flags for an EVP_CIPHER_CTX. + * + * @ingroup hcrypto_evp + */ + +unsigned long +EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) +{ + return ctx->cipher->flags; +} + +/** + * Get the mode for an EVP_CIPHER_CTX context. + * + * @param ctx the EVP_CIPHER_CTX to get the mode from + * + * @return the mode for an EVP_CIPHER_CTX. + * + * @ingroup hcrypto_evp + */ + +int +EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx) +{ + return EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_MODE; +} + +/** + * Get the app data for an EVP_CIPHER_CTX context. + * + * @param ctx the EVP_CIPHER_CTX to get the app data from + * + * @return the app data for an EVP_CIPHER_CTX. + * + * @ingroup hcrypto_evp + */ + +void * +EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *ctx) +{ + return ctx->app_data; +} + +/** + * Set the app data for an EVP_CIPHER_CTX context. + * + * @param ctx the EVP_CIPHER_CTX to set the app data for + * @param data the app data to set for an EVP_CIPHER_CTX. + * + * @ingroup hcrypto_evp + */ + +void +EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data) +{ + ctx->app_data = data; +} + +/** + * Initiate the EVP_CIPHER_CTX context to encrypt or decrypt data. + * Clean up with EVP_CIPHER_CTX_cleanup(). + * + * @param ctx context to initiate + * @param c cipher to use. + * @param engine crypto engine to use, NULL to select default. + * @param key the crypto key to use, NULL will use the previous value. + * @param iv the IV to use, NULL will use the previous value. + * @param encp non zero will encrypt, -1 use the previous value. + * + * @return 1 on success. + * + * @ingroup hcrypto_evp + */ + +int +EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine, + const void *key, const void *iv, int encp) +{ + ctx->buf_len = 0; + + if (encp == -1) + encp = ctx->encrypt; + else + ctx->encrypt = (encp ? 1 : 0); + + if (c && (c != ctx->cipher)) { + EVP_CIPHER_CTX_cleanup(ctx); + ctx->cipher = c; + ctx->key_len = c->key_len; + + ctx->cipher_data = calloc(1, c->ctx_size); + if (ctx->cipher_data == NULL && c->ctx_size != 0) + return 0; + + /* assume block size is a multiple of 2 */ + ctx->block_mask = EVP_CIPHER_block_size(c) - 1; + + } else if (ctx->cipher == NULL) { + /* reuse of cipher, but not any cipher ever set! */ + return 0; + } + + switch (EVP_CIPHER_CTX_mode(ctx)) { + case EVP_CIPH_CBC_MODE: + + assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv)); + + if (iv) + memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); + memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); + break; + + case EVP_CIPH_STREAM_CIPHER: + break; + case EVP_CIPH_CFB8_MODE: + if (iv) + memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx)); + break; + + default: + return 0; + } + + if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) + ctx->cipher->init(ctx, key, iv, encp); + + return 1; +} + +/** + * Encipher/decipher partial data + * + * @param ctx the cipher context. + * @param out output data from the operation. + * @param outlen output length + * @param in input data to the operation. + * @param inlen length of data. + * + * The output buffer length should at least be EVP_CIPHER_block_size() + * byte longer then the input length. + * + * See @ref evp_cipher for an example how to use this function. + * + * @return 1 on success. + * + * @ingroup hcrypto_evp + */ + +int +EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, void *out, int *outlen, + void *in, size_t inlen) +{ + int ret, left, blocksize; + + *outlen = 0; + + /** + * If there in no spare bytes in the left from last Update and the + * input length is on the block boundery, the EVP_CipherUpdate() + * function can take a shortcut (and preformance gain) and + * directly encrypt the data, otherwise we hav to fix it up and + * store extra it the EVP_CIPHER_CTX. + */ + if (ctx->buf_len == 0 && (inlen & ctx->block_mask) == 0) { + ret = (*ctx->cipher->do_cipher)(ctx, out, in, inlen); + if (ret == 1) + *outlen = inlen; + else + *outlen = 0; + return ret; + } + + + blocksize = EVP_CIPHER_CTX_block_size(ctx); + left = blocksize - ctx->buf_len; + assert(left > 0); + + if (ctx->buf_len) { + + /* if total buffer is smaller then input, store locally */ + if (inlen < left) { + memcpy(ctx->buf + ctx->buf_len, in, inlen); + ctx->buf_len += inlen; + return 1; + } + + /* fill in local buffer and encrypt */ + memcpy(ctx->buf + ctx->buf_len, in, left); + ret = (*ctx->cipher->do_cipher)(ctx, out, ctx->buf, blocksize); + memset(ctx->buf, 0, blocksize); + if (ret != 1) + return ret; + + *outlen += blocksize; + inlen -= left; + in = ((unsigned char *)in) + left; + out = ((unsigned char *)out) + blocksize; + ctx->buf_len = 0; + } + + if (inlen) { + ctx->buf_len = (inlen & ctx->block_mask); + inlen &= ~ctx->block_mask; + + ret = (*ctx->cipher->do_cipher)(ctx, out, in, inlen); + if (ret != 1) + return ret; + + *outlen += inlen; + + in = ((unsigned char *)in) + inlen; + memcpy(ctx->buf, in, ctx->buf_len); + } + + return 1; +} + +/** + * Encipher/decipher final data + * + * @param ctx the cipher context. + * @param out output data from the operation. + * @param outlen output length + * + * The input length needs to be at least EVP_CIPHER_block_size() bytes + * long. + * + * See @ref evp_cipher for an example how to use this function. + * + * @return 1 on success. + * + * @ingroup hcrypto_evp + */ + +int +EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, void *out, int *outlen) +{ + *outlen = 0; + + if (ctx->buf_len) { + int ret, left, blocksize; + + blocksize = EVP_CIPHER_CTX_block_size(ctx); + + left = blocksize - ctx->buf_len; + assert(left > 0); + + /* zero fill local buffer */ + memset(ctx->buf + ctx->buf_len, 0, left); + ret = (*ctx->cipher->do_cipher)(ctx, out, ctx->buf, blocksize); + memset(ctx->buf, 0, blocksize); + if (ret != 1) + return ret; + + *outlen += blocksize; + } + + return 1; +} + +/** + * Encipher/decipher data + * + * @param ctx the cipher context. + * @param out out data from the operation. + * @param in in data to the operation. + * @param size length of data. + * + * @return 1 on success. + */ + +int +EVP_Cipher(EVP_CIPHER_CTX *ctx, void *out, const void *in,size_t size) +{ + return ctx->cipher->do_cipher(ctx, out, in, size); +} + +/* + * + */ + +static int +enc_null_init(EVP_CIPHER_CTX *ctx, + const unsigned char * key, + const unsigned char * iv, + int encp) +{ + return 1; +} + +static int +enc_null_do_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + unsigned int size) +{ + memmove(out, in, size); + return 1; +} + +static int +enc_null_cleanup(EVP_CIPHER_CTX *ctx) +{ + return 1; +} + +/** + * The NULL cipher type, does no encryption/decryption. + * + * @return the null EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_enc_null(void) +{ + static const EVP_CIPHER enc_null = { + 0, + 0, + 0, + 0, + EVP_CIPH_CBC_MODE, + enc_null_init, + enc_null_do_cipher, + enc_null_cleanup, + 0, + NULL, + NULL, + NULL, + NULL + }; + return &enc_null; +} + +/** + * The RC2 cipher type + * + * @return the RC2 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_rc2_cbc(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_cbc); +} + +/** + * The RC2 cipher type + * + * @return the RC2 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_rc2_40_cbc(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_40_cbc); +} + +/** + * The RC2 cipher type + * + * @return the RC2 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_rc2_64_cbc(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc2_64_cbc); +} + +/** + * The RC4 cipher type + * + * @return the RC4 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_rc4(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc4); +} + +/** + * The RC4-40 cipher type + * + * @return the RC4-40 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_rc4_40(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, rc4_40); +} + +/** + * The DES cipher type + * + * @return the DES-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_des_cbc(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, des_cbc); +} + +/** + * The tripple DES cipher type + * + * @return the DES-EDE3-CBC EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_des_ede3_cbc(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, des_ede3_cbc); +} + +/** + * The AES-128 cipher type + * + * @return the AES-128 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_aes_128_cbc(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_128_cbc); +} + +/** + * The AES-192 cipher type + * + * @return the AES-192 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_aes_192_cbc(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_192_cbc); +} + +/** + * The AES-256 cipher type + * + * @return the AES-256 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_aes_256_cbc(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_256_cbc); +} + +/** + * The AES-128 cipher type + * + * @return the AES-128 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_aes_128_cfb8(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_128_cfb8); +} + +/** + * The AES-192 cipher type + * + * @return the AES-192 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_aes_192_cfb8(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_192_cfb8); +} + +/** + * The AES-256 cipher type + * + * @return the AES-256 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_aes_256_cfb8(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, aes_256_cfb8); +} + +/** + * The Camellia-128 cipher type + * + * @return the Camellia-128 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_camellia_128_cbc(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_128_cbc); +} + +/** + * The Camellia-198 cipher type + * + * @return the Camellia-198 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_camellia_192_cbc(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_192_cbc); +} + +/** + * The Camellia-256 cipher type + * + * @return the Camellia-256 EVP_CIPHER pointer. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_camellia_256_cbc(void) +{ + hcrypto_validate(); + return EVP_DEF_OP(HCRYPTO_DEF_PROVIDER, camellia_256_cbc); +} + +/* + * + */ + +static const struct cipher_name { + const char *name; + const EVP_CIPHER *(*func)(void); +} cipher_name[] = { + { "des-ede3-cbc", EVP_des_ede3_cbc }, + { "aes-128-cbc", EVP_aes_128_cbc }, + { "aes-192-cbc", EVP_aes_192_cbc }, + { "aes-256-cbc", EVP_aes_256_cbc }, + { "aes-128-cfb8", EVP_aes_128_cfb8 }, + { "aes-192-cfb8", EVP_aes_192_cfb8 }, + { "aes-256-cfb8", EVP_aes_256_cfb8 }, + { "camellia-128-cbc", EVP_camellia_128_cbc }, + { "camellia-192-cbc", EVP_camellia_192_cbc }, + { "camellia-256-cbc", EVP_camellia_256_cbc } +}; + +/** + * Get the cipher type using their name. + * + * @param name the name of the cipher. + * + * @return the selected EVP_CIPHER pointer or NULL if not found. + * + * @ingroup hcrypto_evp + */ + +const EVP_CIPHER * +EVP_get_cipherbyname(const char *name) +{ + int i; + for (i = 0; i < sizeof(cipher_name)/sizeof(cipher_name[0]); i++) { + if (strcasecmp(cipher_name[i].name, name) == 0) + return (*cipher_name[i].func)(); + } + return NULL; +} + + +/* + * + */ + +#ifndef min +#define min(a,b) (((a)>(b))?(b):(a)) +#endif + +/** + * Provides a legancy string to key function, used in PEM files. + * + * New protocols should use new string to key functions like NIST + * SP56-800A or PKCS#5 v2.0 (see PKCS5_PBKDF2_HMAC_SHA1()). + * + * @param type type of cipher to use + * @param md message digest to use + * @param salt salt salt string, should be an binary 8 byte buffer. + * @param data the password/input key string. + * @param datalen length of data parameter. + * @param count iteration counter. + * @param keydata output keydata, needs to of the size EVP_CIPHER_key_length(). + * @param ivdata output ivdata, needs to of the size EVP_CIPHER_block_size(). + * + * @return the size of derived key. + * + * @ingroup hcrypto_evp + */ + +int +EVP_BytesToKey(const EVP_CIPHER *type, + const EVP_MD *md, + const void *salt, + const void *data, size_t datalen, + unsigned int count, + void *keydata, + void *ivdata) +{ + unsigned int ivlen, keylen; + int first = 0; + unsigned int mds = 0, i; + unsigned char *key = keydata; + unsigned char *iv = ivdata; + unsigned char *buf; + EVP_MD_CTX c; + + keylen = EVP_CIPHER_key_length(type); + ivlen = EVP_CIPHER_iv_length(type); + + if (data == NULL) + return keylen; + + buf = malloc(EVP_MD_size(md)); + if (buf == NULL) + return -1; + + EVP_MD_CTX_init(&c); + + first = 1; + while (1) { + EVP_DigestInit_ex(&c, md, NULL); + if (!first) + EVP_DigestUpdate(&c, buf, mds); + first = 0; + EVP_DigestUpdate(&c,data,datalen); + +#define PKCS5_SALT_LEN 8 + + if (salt) + EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN); + + EVP_DigestFinal_ex(&c, buf, &mds); + assert(mds == EVP_MD_size(md)); + + for (i = 1; i < count; i++) { + EVP_DigestInit_ex(&c, md, NULL); + EVP_DigestUpdate(&c, buf, mds); + EVP_DigestFinal_ex(&c, buf, &mds); + assert(mds == EVP_MD_size(md)); + } + + i = 0; + if (keylen) { + size_t sz = min(keylen, mds); + if (key) { + memcpy(key, buf, sz); + key += sz; + } + keylen -= sz; + i += sz; + } + if (ivlen && mds > i) { + size_t sz = min(ivlen, (mds - i)); + if (iv) { + memcpy(iv, &buf[i], sz); + iv += sz; + } + ivlen -= sz; + } + if (keylen == 0 && ivlen == 0) + break; + } + + EVP_MD_CTX_cleanup(&c); + free(buf); + + return EVP_CIPHER_key_length(type); +} + +/** + * Generate a random key for the specificed EVP_CIPHER. + * + * @param ctx EVP_CIPHER_CTX type to build the key for. + * @param key return key, must be at least EVP_CIPHER_key_length() byte long. + * + * @return 1 for success, 0 for failure. + * + * @ingroup hcrypto_core + */ + +int +EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, void *key) +{ + if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) + return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key); + if (RAND_bytes(key, ctx->key_len) != 1) + return 0; + return 1; +} + +/** + * Perform a operation on a ctx + * + * @param ctx context to perform operation on. + * @param type type of operation. + * @param arg argument to operation. + * @param data addition data to operation. + + * @return 1 for success, 0 for failure. + * + * @ingroup hcrypto_core + */ + +int +EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *data) +{ + if (ctx->cipher == NULL || ctx->cipher->ctrl == NULL) + return 0; + return (*ctx->cipher->ctrl)(ctx, type, arg, data); +} + +/** + * Add all algorithms to the crypto core. + * + * @ingroup hcrypto_core + */ + +void +OpenSSL_add_all_algorithms(void) +{ + return; +} + +/** + * Add all algorithms to the crypto core using configuration file. + * + * @ingroup hcrypto_core + */ + +void +OpenSSL_add_all_algorithms_conf(void) +{ + return; +} + +/** + * Add all algorithms to the crypto core, but don't use the + * configuration file. + * + * @ingroup hcrypto_core + */ + +void +OpenSSL_add_all_algorithms_noconf(void) +{ + return; +} diff --git a/lib/hcrypto/evp.h b/lib/hcrypto/evp.h new file mode 100644 index 000000000000..626c46329614 --- /dev/null +++ b/lib/hcrypto/evp.h @@ -0,0 +1,329 @@ +/* + * Copyright (c) 2005 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIM_EVP_H +#define HEIM_EVP_H 1 + +#include + +/* symbol renaming */ +#define EVP_CIPHER_CTX_block_size hc_EVP_CIPHER_CTX_block_size +#define EVP_CIPHER_CTX_cipher hc_EVP_CIPHER_CTX_cipher +#define EVP_CIPHER_CTX_cleanup hc_EVP_CIPHER_CTX_cleanup +#define EVP_CIPHER_CTX_flags hc_EVP_CIPHER_CTX_flags +#define EVP_CIPHER_CTX_get_app_data hc_EVP_CIPHER_CTX_get_app_data +#define EVP_CIPHER_CTX_init hc_EVP_CIPHER_CTX_init +#define EVP_CIPHER_CTX_iv_length hc_EVP_CIPHER_CTX_iv_length +#define EVP_CIPHER_CTX_key_length hc_EVP_CIPHER_CTX_key_length +#define EVP_CIPHER_CTX_mode hc_EVP_CIPHER_CTX_mode +#define EVP_CIPHER_CTX_set_app_data hc_EVP_CIPHER_CTX_set_app_data +#define EVP_CIPHER_CTX_set_key_length hc_EVP_CIPHER_CTX_set_key_length +#define EVP_CIPHER_CTX_set_padding hc_EVP_CIPHER_CTX_set_padding +#define EVP_CIPHER_block_size hc_EVP_CIPHER_block_size +#define EVP_CIPHER_iv_length hc_EVP_CIPHER_iv_length +#define EVP_CIPHER_key_length hc_EVP_CIPHER_key_length +#define EVP_Cipher hc_EVP_Cipher +#define EVP_CipherInit_ex hc_EVP_CipherInit_ex +#define EVP_CipherUpdate hc_EVP_CipherUpdate +#define EVP_CipherFinal_ex hc_EVP_CipherFinal_ex +#define EVP_Digest hc_EVP_Digest +#define EVP_DigestFinal_ex hc_EVP_DigestFinal_ex +#define EVP_DigestInit_ex hc_EVP_DigestInit_ex +#define EVP_DigestUpdate hc_EVP_DigestUpdate +#define EVP_MD_CTX_block_size hc_EVP_MD_CTX_block_size +#define EVP_MD_CTX_cleanup hc_EVP_MD_CTX_cleanup +#define EVP_MD_CTX_create hc_EVP_MD_CTX_create +#define EVP_MD_CTX_init hc_EVP_MD_CTX_init +#define EVP_MD_CTX_destroy hc_EVP_MD_CTX_destroy +#define EVP_MD_CTX_md hc_EVP_MD_CTX_md +#define EVP_MD_CTX_size hc_EVP_MD_CTX_size +#define EVP_MD_block_size hc_EVP_MD_block_size +#define EVP_MD_size hc_EVP_MD_size +#define EVP_aes_128_cbc hc_EVP_aes_128_cbc +#define EVP_aes_192_cbc hc_EVP_aes_192_cbc +#define EVP_aes_256_cbc hc_EVP_aes_256_cbc +#define EVP_aes_128_cfb8 hc_EVP_aes_128_cfb8 +#define EVP_aes_192_cfb8 hc_EVP_aes_192_cfb8 +#define EVP_aes_256_cfb8 hc_EVP_aes_256_cfb8 + +#define EVP_des_cbc hc_EVP_des_cbc +#define EVP_des_ede3_cbc hc_EVP_des_ede3_cbc +#define EVP_enc_null hc_EVP_enc_null +#define EVP_md2 hc_EVP_md2 +#define EVP_md4 hc_EVP_md4 +#define EVP_md5 hc_EVP_md5 +#define EVP_md_null hc_EVP_md_null +#define EVP_rc2_40_cbc hc_EVP_rc2_40_cbc +#define EVP_rc2_64_cbc hc_EVP_rc2_64_cbc +#define EVP_rc2_cbc hc_EVP_rc2_cbc +#define EVP_rc4 hc_EVP_rc4 +#define EVP_rc4_40 hc_EVP_rc4_40 +#define EVP_camellia_128_cbc hc_EVP_camellia_128_cbc +#define EVP_camellia_192_cbc hc_EVP_camellia_192_cbc +#define EVP_camellia_256_cbc hc_EVP_camellia_256_cbc +#define EVP_sha hc_EVP_sha +#define EVP_sha1 hc_EVP_sha1 +#define EVP_sha256 hc_EVP_sha256 +#define EVP_sha384 hc_EVP_sha384 +#define EVP_sha512 hc_EVP_sha512 +#define PKCS5_PBKDF2_HMAC_SHA1 hc_PKCS5_PBKDF2_HMAC_SHA1 +#define EVP_BytesToKey hc_EVP_BytesToKey +#define EVP_get_cipherbyname hc_EVP_get_cipherbyname +#define OpenSSL_add_all_algorithms hc_OpenSSL_add_all_algorithms +#define OpenSSL_add_all_algorithms_conf hc_OpenSSL_add_all_algorithms_conf +#define OpenSSL_add_all_algorithms_noconf hc_OpenSSL_add_all_algorithms_noconf +#define EVP_CIPHER_CTX_ctrl hc_EVP_CIPHER_CTX_ctrl +#define EVP_CIPHER_CTX_rand_key hc_EVP_CIPHER_CTX_rand_key +#define hcrypto_validate hc_hcrypto_validate + +/* + * + */ + +typedef struct hc_EVP_MD_CTX EVP_MD_CTX; +typedef struct hc_evp_pkey EVP_PKEY; +typedef struct hc_evp_md EVP_MD; +typedef struct hc_CIPHER EVP_CIPHER; +typedef struct hc_CIPHER_CTX EVP_CIPHER_CTX; + +#define EVP_MAX_IV_LENGTH 16 +#define EVP_MAX_BLOCK_LENGTH 32 + +#define EVP_MAX_MD_SIZE 64 + +struct hc_CIPHER { + int nid; + int block_size; + int key_len; + int iv_len; + unsigned long flags; + /* The lowest 3 bits is used as integer field for the mode the + * cipher is used in (use EVP_CIPHER.._mode() to extract the + * mode). The rest of the flag field is a bitfield. + */ +#define EVP_CIPH_STREAM_CIPHER 0 +#define EVP_CIPH_CBC_MODE 2 +#define EVP_CIPH_CFB8_MODE 4 +#define EVP_CIPH_MODE 0x7 + +#define EVP_CIPH_VARIABLE_LENGTH 0x008 /* variable key length */ +#define EVP_CIPH_ALWAYS_CALL_INIT 0x020 +#define EVP_CIPH_RAND_KEY 0x200 + + int (*init)(EVP_CIPHER_CTX*,const unsigned char*,const unsigned char*,int); + int (*do_cipher)(EVP_CIPHER_CTX *, unsigned char *, + const unsigned char *, unsigned int); + int (*cleanup)(EVP_CIPHER_CTX *); + int ctx_size; + void *set_asn1_parameters; + void *get_asn1_parameters; + int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); +#define EVP_CTRL_RAND_KEY 0x6 + + void *app_data; +}; + +struct hc_CIPHER_CTX { + const EVP_CIPHER *cipher; + ENGINE *engine; + int encrypt; + int buf_len; /* bytes stored in buf for EVP_CipherUpdate */ + unsigned char oiv[EVP_MAX_IV_LENGTH]; + unsigned char iv[EVP_MAX_IV_LENGTH]; + unsigned char buf[EVP_MAX_BLOCK_LENGTH]; + int num; + void *app_data; + int key_len; + unsigned long flags; + void *cipher_data; + int final_used; + int block_mask; + unsigned char final[EVP_MAX_BLOCK_LENGTH]; +}; + +typedef int (*hc_evp_md_init)(EVP_MD_CTX *); +typedef int (*hc_evp_md_update)(EVP_MD_CTX *,const void *, size_t); +typedef int (*hc_evp_md_final)(void *, EVP_MD_CTX *); +typedef int (*hc_evp_md_cleanup)(EVP_MD_CTX *); + +struct hc_evp_md { + int hash_size; + int block_size; + int ctx_size; + hc_evp_md_init init; + hc_evp_md_update update; + hc_evp_md_final final; + hc_evp_md_cleanup cleanup; +}; + +#if !defined(__GNUC__) && !defined(__attribute__) +#define __attribute__(x) +#endif + +#ifndef HC_DEPRECATED +#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) +#define HC_DEPRECATED __attribute__((deprecated)) +#elif defined(_MSC_VER) && (_MSC_VER>1200) +#define HC_DEPRECATED __declspec(deprecated) +#else +#define HC_DEPRECATED +#endif +#endif + +#ifndef HC_DEPRECATED_CRYPTO +#define HC_DEPRECATED_CRYPTO HC_DEPRECATED +#endif + +#ifdef __cplusplus +#define HC_CPP_BEGIN extern "C" { +#define HC_CPP_END } +#else +#define HC_CPP_BEGIN +#define HC_CPP_END +#endif + +HC_CPP_BEGIN + +/* + * Avaible crypto algs + */ + +const EVP_MD *EVP_md_null(void); +HC_DEPRECATED_CRYPTO const EVP_MD *EVP_md2(void); +HC_DEPRECATED_CRYPTO const EVP_MD *EVP_md4(void); +HC_DEPRECATED_CRYPTO const EVP_MD *EVP_md5(void); +const EVP_MD *EVP_sha(void); +const EVP_MD *EVP_sha1(void); +const EVP_MD *EVP_sha256(void); +const EVP_MD *EVP_sha384(void); +const EVP_MD *EVP_sha512(void); + +const EVP_CIPHER * EVP_aes_128_cbc(void); +const EVP_CIPHER * EVP_aes_192_cbc(void); +const EVP_CIPHER * EVP_aes_256_cbc(void); +const EVP_CIPHER * EVP_aes_128_cfb8(void); +const EVP_CIPHER * EVP_aes_192_cfb8(void); +const EVP_CIPHER * EVP_aes_256_cfb8(void); +HC_DEPRECATED_CRYPTO const EVP_CIPHER * EVP_des_cbc(void); +const EVP_CIPHER * EVP_des_ede3_cbc(void); +const EVP_CIPHER * EVP_enc_null(void); +HC_DEPRECATED_CRYPTO const EVP_CIPHER * EVP_rc2_40_cbc(void); +HC_DEPRECATED_CRYPTO const EVP_CIPHER * EVP_rc2_64_cbc(void); +HC_DEPRECATED_CRYPTO const EVP_CIPHER * EVP_rc2_cbc(void); +const EVP_CIPHER * EVP_rc4(void); +HC_DEPRECATED_CRYPTO const EVP_CIPHER * EVP_rc4_40(void); +const EVP_CIPHER * EVP_camellia_128_cbc(void); +const EVP_CIPHER * EVP_camellia_192_cbc(void); +const EVP_CIPHER * EVP_camellia_256_cbc(void); + +size_t EVP_MD_size(const EVP_MD *); +size_t EVP_MD_block_size(const EVP_MD *); + +const EVP_MD * + EVP_MD_CTX_md(EVP_MD_CTX *); +size_t EVP_MD_CTX_size(EVP_MD_CTX *); +size_t EVP_MD_CTX_block_size(EVP_MD_CTX *); + +EVP_MD_CTX * + EVP_MD_CTX_create(void); +void HC_DEPRECATED EVP_MD_CTX_init(EVP_MD_CTX *); +void EVP_MD_CTX_destroy(EVP_MD_CTX *); +int HC_DEPRECATED EVP_MD_CTX_cleanup(EVP_MD_CTX *); + +int EVP_DigestInit_ex(EVP_MD_CTX *, const EVP_MD *, ENGINE *); +int EVP_DigestUpdate(EVP_MD_CTX *,const void *, size_t); +int EVP_DigestFinal_ex(EVP_MD_CTX *, void *, unsigned int *); +int EVP_Digest(const void *, size_t, void *, unsigned int *, + const EVP_MD *, ENGINE *); +/* + * + */ + +const EVP_CIPHER * + EVP_get_cipherbyname(const char *); + +size_t EVP_CIPHER_block_size(const EVP_CIPHER *); +size_t EVP_CIPHER_key_length(const EVP_CIPHER *); +size_t EVP_CIPHER_iv_length(const EVP_CIPHER *); + +void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *); +int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); +int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *, int); +int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *, int); +unsigned long + EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *); +int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *); + +const EVP_CIPHER * + EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *); +size_t EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *); +size_t EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *); +size_t EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *); +void * EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *); +void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *, void *); + +int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *, int, int, void *); +int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *, void *); + + +int EVP_CipherInit_ex(EVP_CIPHER_CTX *,const EVP_CIPHER *, ENGINE *, + const void *, const void *, int); +int EVP_CipherUpdate(EVP_CIPHER_CTX *, void *, int *, void *, size_t); +int EVP_CipherFinal_ex(EVP_CIPHER_CTX *, void *, int *); + +int EVP_Cipher(EVP_CIPHER_CTX *,void *,const void *,size_t); + +int PKCS5_PBKDF2_HMAC_SHA1(const void *, size_t, const void *, size_t, + unsigned long, size_t, void *); + +int EVP_BytesToKey(const EVP_CIPHER *, const EVP_MD *, + const void *, const void *, size_t, + unsigned int, void *, void *); + + +/* + * + */ + +void OpenSSL_add_all_algorithms(void); +void OpenSSL_add_all_algorithms_conf(void); +void OpenSSL_add_all_algorithms_noconf(void); + +void +hcrypto_validate(void); + +HC_CPP_END + +#endif /* HEIM_EVP_H */ diff --git a/lib/hcrypto/example_evp_cipher.c b/lib/hcrypto/example_evp_cipher.c new file mode 100644 index 000000000000..f07ba8f99890 --- /dev/null +++ b/lib/hcrypto/example_evp_cipher.c @@ -0,0 +1,146 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include /* should really be stdint.h */ +#include + +#include +#include +#include +#include +#include + +#include "roken.h" + +/* key and initial vector */ +static char key[16] = + "\xaa\xbb\x45\xd4\xaa\xbb\x45\xd4" + "\xaa\xbb\x45\xd4\xaa\xbb\x45\xd4"; +static char ivec[16] = + "\xaa\xbb\x45\xd4\xaa\xbb\x45\xd4" + "\xaa\xbb\x45\xd4\xaa\xbb\x45\xd4"; + +static void +usage(int exit_code) __attribute__((noreturn)); + +static void +usage(int exit_code) +{ + printf("usage: %s in out\n", getprogname()); + exit(exit_code); +} + + +int +main(int argc, char **argv) +{ + int encryptp = 1; + const char *ifn = NULL, *ofn = NULL; + FILE *in, *out; + void *ibuf, *obuf; + int ilen, olen; + size_t block_size = 0; + const EVP_CIPHER *c = EVP_aes_128_cbc(); + EVP_CIPHER_CTX ctx; + int ret; + + setprogname(argv[0]); + + if (argc == 2) { + if (strcmp(argv[1], "--version") == 0) { + printf("version"); + exit(0); + } + if (strcmp(argv[1], "--help") == 0) + usage(0); + usage(1); + } else if (argc == 4) { + block_size = atoi(argv[1]); + if (block_size == 0) + errx(1, "invalid blocksize %s", argv[1]); + ifn = argv[2]; + ofn = argv[3]; + } else + usage(1); + + in = fopen(ifn, "r"); + if (in == NULL) + errx(1, "failed to open input file"); + out = fopen(ofn, "w+"); + if (out == NULL) + errx(1, "failed to open output file"); + + /* Check that key and ivec are long enough */ + assert(EVP_CIPHER_key_length(c) <= sizeof(key)); + assert(EVP_CIPHER_iv_length(c) <= sizeof(ivec)); + + /* + * Allocate buffer, the output buffer is at least + * EVP_CIPHER_block_size() longer + */ + ibuf = malloc(block_size); + obuf = malloc(block_size + EVP_CIPHER_block_size(c)); + + /* + * Init the memory used for EVP_CIPHER_CTX and set the key and + * ivec. + */ + EVP_CIPHER_CTX_init(&ctx); + EVP_CipherInit_ex(&ctx, c, NULL, key, ivec, encryptp); + + /* read in buffer */ + while ((ilen = fread(ibuf, 1, block_size, in)) > 0) { + /* encrypto/decrypt */ + ret = EVP_CipherUpdate(&ctx, obuf, &olen, ibuf, ilen); + if (ret != 1) { + EVP_CIPHER_CTX_cleanup(&ctx); + errx(1, "EVP_CipherUpdate failed"); + } + /* write out to output file */ + fwrite(obuf, 1, olen, out); + } + /* done reading */ + fclose(in); + + /* clear up any last bytes left in the output buffer */ + ret = EVP_CipherFinal_ex(&ctx, obuf, &olen); + EVP_CIPHER_CTX_cleanup(&ctx); + if (ret != 1) + errx(1, "EVP_CipherFinal_ex failed"); + + /* write the last bytes out and close */ + fwrite(obuf, 1, olen, out); + fclose(out); + + return 0; +} diff --git a/lib/hcrypto/gen-des.pl b/lib/hcrypto/gen-des.pl new file mode 100644 index 000000000000..a71a6825d05c --- /dev/null +++ b/lib/hcrypto/gen-des.pl @@ -0,0 +1,217 @@ +#!/usr/pkg/bin/perl +# +# $Id$ + +use strict; + +print "/* GENERATE FILE from gen-des.pl, do not edit */\n\n"; + +my $gen = 1; + +sub gen_pattern +{ + my $n = shift; + my $r = shift; + my $a = shift; + my $o = shift; + my $s = shift; + print "/* $n bit pattern "; + foreach my $k (@$a) { + print "$k "; + } + print "*/\n"; + print "static int $n\[", $r + 1, "\] = {\n "; + foreach my $i (0..$r) { + my $j = 0; + my $b = 1; + foreach my $k (reverse @$a) { + if ($i & $b) { + $j |= ($s >>($k - $o - 1)); + } + $b = $b << 1; + } + printf "0x%08x", $j; + print ", " if ($i != $r); + if (($i % 4) == 3) { + print "\n"; + print " " if ($i != $r); + } + } + print "};\n"; +} + +if ($gen) { + gen_pattern("pc1_c_3", 7, [ 5, 13, 21 ], 0, 0x1000000); + gen_pattern("pc1_c_4", 15, [ 1, 9, 17, 25 ], 0, 0x1000000); + gen_pattern("pc1_d_3", 7, [ 49, 41, 33 ], 32, 0x1000000); + gen_pattern("pc1_d_4", 15, [ 57, 53, 45, 37 ], 32, 0x1000000); + + gen_pattern("pc2_c_1", 63, [ 5, 24, 7, 16, 6, 10 ], 0, 0x800000); + gen_pattern("pc2_c_2", 63, [ 20, 18, 12, 3, 15, 23 ], 0, 0x800000); + gen_pattern("pc2_c_3", 63, [ 1, 9, 19, 2, 14, 22 ], 0, 0x800000); + gen_pattern("pc2_c_4", 63, [ 11, 13, 4, 17, 21, 8 ], 0, 0x800000); + + gen_pattern("pc2_d_1", 63, [ 51, 35, 31, 52, 39, 45 ], 28, 0x800000); + gen_pattern("pc2_d_2", 63, [ 50, 32, 43, 36, 29, 48 ], 28, 0x800000); + gen_pattern("pc2_d_3", 63, [ 41, 38, 47, 33, 40, 42 ], 28, 0x800000); + gen_pattern("pc2_d_4", 63, [ 49, 37, 30, 46, 34, 44 ], 28, 0x800000); +} + +sub +pbox_mutation +{ + my $n = shift; + my $res = 0; + + my @pbox = ( + 16, 7, 20, 21, + 29, 12, 28, 17, + 1, 15, 23, 26, + 5, 18, 31, 10, + 2, 8, 24, 14, + 32, 27, 3, 9, + 19, 13, 30, 6, + 22, 11, 4, 25 + ); + + foreach my $i (0..31) { + if ($n & (1 << ($pbox[$i] - 1))) { +# print "$i ", ($pbox[$i] - 1), "\n"; + $res |= 1 << $i; + } + } + + return $res; +} + + +my @S1 = ( + 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7, + 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8, + 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0, + 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13, + ); +my @S2 = ( + 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10, + 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5, + 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15, + 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9, + ); +my @S3 = ( + 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8, + 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1, + 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7, + 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12, + ); +my @S4 = ( + 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15, + 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9, + 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4, + 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14, + ); +my @S5 = ( + 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9, + 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6, + 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14, + 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3, + ); +my @S6 = ( + 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11, + 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8, + 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6, + 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13, + ); +my @S7 = ( + 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1, + 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6, + 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2, + 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12, + ); + +my @S8 = ( + 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7, + 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2, + 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8, + 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11, + ); + +my @SBox = ( \@S1, \@S2, \@S3, \@S4, \@S5, \@S6, \@S7, \@S8 ); + +sub +one_num_in_one_sbox +{ + my $i = shift; + my $n = shift; + my $r = shift; + + my $index = (($n & 1) << 4) | (($n & 0x20)) | + (($n >> 1) & 0x1) << 0 | + (($n >> 2) & 0x1) << 1 | + (($n >> 3) & 0x1) << 2 | + (($n >> 4) & 0x1) << 3; + + die "argh" if ($index > 63 || $index < 0); + + my $S = $SBox[$i - 1]; + my $val = $$S[$index]; + + my $res = $val << (($i - 1) * 4); + + my $p = &pbox_mutation($res); + + print " $r "; + +# $p = ($p >> $r) | ($p << (32 - $r - 1)); + + printf "0x%08x", $p; + print ", " if ($n != 63 or 1); + if (($n % 4) == 3) { + print " /* $i */" if ($n == 3); + print "\n"; + print "\t" if ($n != 63); + } +} + +sub +one_sbox +{ + my $i = shift; + my $s = 0; + +# print "static uint32_t sbox". $i ."[] = {\n\t"; + print "\t"; + foreach my $n (0..63) { + one_num_in_one_sbox($i, $n, $s); + } + print "\n"; +# print "};\n"; +} + +if ($gen and 0) { + foreach my $sbox (7, 1, 3, 5, 4, 6, 8, 2) { + one_sbox($sbox, 1); + } +} + +#my $num = 1; +#printf "pbox: %d -> 0x%08x\n", $num, pbox_mutation($num); +#$num = 0xc000000; +#printf "pbox: 0x%08x -> 0x%08x\n", $num, pbox_mutation($num); + +print "static unsigned char odd_parity[256] = { \n"; +foreach my $i (0..255) { + my $num = 0; + foreach my $b (1..7) { + $num++ if (($i >> $b) & 1); + } + my $t; + if (($num & 1) == 0) { + $t = $i | 1; + } else { + $t = 0xfe & $i; + } + printf "%3d,", $t; + printf "\n" if (($i % 16) == 15); + +}; +print " };\n"; diff --git a/lib/auth/sia/sia_locl.h b/lib/hcrypto/hash.h similarity index 56% rename from lib/auth/sia/sia_locl.h rename to lib/hcrypto/hash.h index 81e84395792c..498e5b1af01c 100644 --- a/lib/auth/sia/sia_locl.h +++ b/lib/hcrypto/hash.h @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -30,64 +30,46 @@ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* $Id: sia_locl.h 10688 2001-09-13 01:15:34Z assar $ */ +/* $Id$ */ -#ifndef __sia_locl_h__ -#define __sia_locl_h__ +/* stuff in common between md4, md5, and sha1 */ -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#include -#include +#ifndef __hash_h__ +#define __hash_h__ #ifdef KRB5 -#define SIA_KRB5 -#elif defined(KRB4) -#define SIA_KRB4 +#include +#endif +#include + +#ifndef min +#define min(a,b) (((a)>(b))?(b):(a)) #endif -#ifdef SIA_KRB5 -#include -#include -#endif -#ifdef SIA_KRB4 -#include -#include -#include -#include -#endif -#ifdef KRB4 -#include -#endif +/* Vector Crays doesn't have a good 32-bit type, or more precisely, + int32_t as defined by isn't 32 bits, and we don't + want to depend in being able to redefine this type. To cope with + this we have to clamp the result in some places to [0,2^32); no + need to do this on other machines. Did I say this was a mess? + */ -#ifndef POSIX_GETPWNAM_R - -#define getpwnam_r posix_getpwnam_r -#define getpwuid_r posix_getpwuid_r - -#endif /* POSIX_GETPWNAM_R */ - -#ifndef DEBUG -#define SIA_DEBUG(X) +#ifdef _CRAY +#define CRAYFIX(X) ((X) & 0xffffffff) #else -#define SIA_DEBUG(X) SIALOG X +#define CRAYFIX(X) (X) #endif -struct state{ -#ifdef SIA_KRB5 - krb5_context context; - krb5_auth_context auth_context; -#endif - char ticket[MaxPathLen]; - int valid; -}; +static inline uint32_t +cshift (uint32_t x, unsigned int n) +{ + x = CRAYFIX(x); + return CRAYFIX((x << n) | (x >> (32 - n))); +} -#endif /* __sia_locl_h__ */ +static inline uint64_t +cshift64 (uint64_t x, unsigned int n) +{ + return ((uint64_t)x << (uint64_t)n) | ((uint64_t)x >> ((uint64_t)64 - (uint64_t)n)); +} + +#endif /* __hash_h__ */ diff --git a/lib/hcrypto/hmac.c b/lib/hcrypto/hmac.c new file mode 100644 index 000000000000..d11bd9876988 --- /dev/null +++ b/lib/hcrypto/hmac.c @@ -0,0 +1,162 @@ +/* + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include +#include +#include +#include + +void +HMAC_CTX_init(HMAC_CTX *ctx) +{ + memset(ctx, 0, sizeof(*ctx)); +} + +void +HMAC_CTX_cleanup(HMAC_CTX *ctx) +{ + if (ctx->buf) { + memset(ctx->buf, 0, ctx->key_length); + free(ctx->buf); + ctx->buf = NULL; + } + if (ctx->opad) { + memset(ctx->opad, 0, EVP_MD_block_size(ctx->md)); + free(ctx->opad); + ctx->opad = NULL; + } + if (ctx->ipad) { + memset(ctx->ipad, 0, EVP_MD_block_size(ctx->md)); + free(ctx->ipad); + ctx->ipad = NULL; + } + if (ctx->ctx) { + EVP_MD_CTX_destroy(ctx->ctx); + ctx->ctx = NULL; + } +} + +size_t +HMAC_size(const HMAC_CTX *ctx) +{ + return EVP_MD_size(ctx->md); +} + +void +HMAC_Init_ex(HMAC_CTX *ctx, + const void *key, + size_t keylen, + const EVP_MD *md, + ENGINE *engine) +{ + unsigned char *p; + size_t i; + + if (ctx->md != md) { + ctx->md = md; + if (ctx->buf) { + memset(ctx->buf, 0, ctx->key_length); + free (ctx->buf); + } + ctx->key_length = EVP_MD_size(ctx->md); + ctx->buf = malloc(ctx->key_length); + } +#if 0 + ctx->engine = engine; +#endif + + if (keylen > EVP_MD_block_size(ctx->md)) { + EVP_Digest(key, keylen, ctx->buf, NULL, ctx->md, engine); + key = ctx->buf; + keylen = EVP_MD_size(ctx->md); + } + + if (ctx->opad) { + memset(ctx->opad, 0, ctx->key_length); + free(ctx->opad); + } + if (ctx->ipad) { + memset(ctx->ipad, 0, ctx->key_length); + free(ctx->ipad); + } + + ctx->opad = malloc(EVP_MD_block_size(ctx->md)); + ctx->ipad = malloc(EVP_MD_block_size(ctx->md)); + memset(ctx->ipad, 0x36, EVP_MD_block_size(ctx->md)); + memset(ctx->opad, 0x5c, EVP_MD_block_size(ctx->md)); + + for (i = 0, p = ctx->ipad; i < keylen; i++) + p[i] ^= ((const unsigned char *)key)[i]; + for (i = 0, p = ctx->opad; i < keylen; i++) + p[i] ^= ((const unsigned char *)key)[i]; + + if (ctx->ctx == NULL) + ctx->ctx = EVP_MD_CTX_create(); + + EVP_DigestInit_ex(ctx->ctx, ctx->md, ctx->engine); + EVP_DigestUpdate(ctx->ctx, ctx->ipad, EVP_MD_block_size(ctx->md)); +} + +void +HMAC_Update(HMAC_CTX *ctx, const void *data, size_t len) +{ + EVP_DigestUpdate(ctx->ctx, data, len); +} + +void +HMAC_Final(HMAC_CTX *ctx, void *md, unsigned int *len) +{ + EVP_DigestFinal_ex(ctx->ctx, ctx->buf, NULL); + + EVP_DigestInit_ex(ctx->ctx, ctx->md, ctx->engine); + EVP_DigestUpdate(ctx->ctx, ctx->opad, EVP_MD_block_size(ctx->md)); + EVP_DigestUpdate(ctx->ctx, ctx->buf, ctx->key_length); + EVP_DigestFinal_ex(ctx->ctx, md, len); +} + +void * +HMAC(const EVP_MD *md, + const void *key, size_t key_size, + const void *data, size_t data_size, + void *hash, unsigned int *hash_len) +{ + HMAC_CTX ctx; + + HMAC_CTX_init(&ctx); + HMAC_Init_ex(&ctx, key, key_size, md, NULL); + HMAC_Update(&ctx, data, data_size); + HMAC_Final(&ctx, hash, hash_len); + HMAC_CTX_cleanup(&ctx); + return hash; +} diff --git a/lib/hcrypto/hmac.h b/lib/hcrypto/hmac.h new file mode 100644 index 000000000000..3ea17a93f020 --- /dev/null +++ b/lib/hcrypto/hmac.h @@ -0,0 +1,82 @@ +/* + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIM_HMAC_H +#define HEIM_HMAC_H 1 + +#include + +/* symbol renaming */ +#define HMAC_CTX_init hc_HMAC_CTX_init +#define HMAC_CTX_cleanup hc_HMAC_CTX_cleanup +#define HMAC_size hc_HMAC_size +#define HMAC_Init_ex hc_HMAC_Init_ex +#define HMAC_Update hc_HMAC_Update +#define HMAC_Final hc_HMAC_Final +#define HMAC hc_HMAC + +/* + * + */ + +#define HMAC_MAX_MD_CBLOCK 64 + +typedef struct hc_HMAC_CTX HMAC_CTX; + +struct hc_HMAC_CTX { + const EVP_MD *md; + ENGINE *engine; + EVP_MD_CTX *ctx; + size_t key_length; + void *opad; + void *ipad; + void *buf; +}; + + +void HMAC_CTX_init(HMAC_CTX *); +void HMAC_CTX_cleanup(HMAC_CTX *ctx); + +size_t HMAC_size(const HMAC_CTX *ctx); + +void HMAC_Init_ex(HMAC_CTX *, const void *, size_t, + const EVP_MD *, ENGINE *); +void HMAC_Update(HMAC_CTX *ctx, const void *data, size_t len); +void HMAC_Final(HMAC_CTX *ctx, void *md, unsigned int *len); + +void * HMAC(const EVP_MD *evp_md, const void *key, size_t key_len, + const void *data, size_t n, void *md, unsigned int *md_len); + +#endif /* HEIM_HMAC_H */ diff --git a/lib/hcrypto/libhcrypto-exports.def b/lib/hcrypto/libhcrypto-exports.def new file mode 100644 index 000000000000..a7208f9319fc --- /dev/null +++ b/lib/hcrypto/libhcrypto-exports.def @@ -0,0 +1,293 @@ +EXPORTS + hc_AES_cbc_encrypt + hc_AES_cfb8_encrypt + hc_AES_decrypt + hc_AES_decrypt_key + hc_BN_CTX_end + hc_BN_CTX_free + hc_BN_CTX_get + hc_BN_CTX_new + hc_BN_CTX_start + hc_AES_encrypt + hc_AES_set_encrypt_key + hc_BN_GENCB_call + hc_BN_GENCB_set + hc_BN_bin2bn + hc_BN_bn2bin + hc_BN_bn2hex + hc_BN_clear + hc_BN_clear_bit + hc_BN_clear_free + hc_BN_cmp + hc_BN_dup + hc_BN_free + hc_BN_get_word + hc_BN_hex2bn + hc_BN_is_bit_set + hc_BN_is_negative + hc_BN_new + hc_BN_num_bits + hc_BN_num_bytes + hc_BN_rand + hc_BN_set_bit + hc_BN_set_negative + hc_BN_set_word + hc_BN_uadd + hc_DES_cbc_cksum + hc_DES_cbc_encrypt + hc_DES_cfb64_encrypt + hc_DES_check_key_parity + hc_DES_ecb3_encrypt + hc_DES_ecb_encrypt + hc_DES_ede3_cbc_encrypt + hc_DES_encrypt + hc_DES_generate_random_block + hc_DES_init_random_number_generator + hc_DES_is_weak_key + hc_DES_key_sched +;! hc_DES_mem_rand8 + hc_DES_new_random_key + hc_DES_pcbc_encrypt + hc_DES_rand_data + hc_DES_rand_data_key + hc_DES_random_key + hc_DES_read_password + hc_DES_set_key + hc_DES_set_key_checked + hc_DES_set_key_unchecked + hc_DES_set_odd_parity + hc_DES_set_random_generator_seed + hc_DES_set_sequence_number + hc_DES_string_to_key + hc_DH_check_pubkey + hc_DH_compute_key + hc_DH_free + hc_DH_generate_key + hc_DH_generate_parameters_ex + hc_DH_get_default_method + hc_DH_get_ex_data + hc_DH_ltm_method +;! hc_DH_gmp_method + hc_DH_new + hc_DH_new_method + hc_DH_null_method + hc_DH_set_default_method + hc_DH_set_ex_data + hc_DH_set_method + hc_DH_size + hc_DH_up_ref + hc_DSA_free + hc_DSA_get_default_method + hc_DSA_new + hc_DSA_null_method + hc_DSA_set_default_method + hc_DSA_up_ref + hc_DSA_verify + hc_ENGINE_add_conf_module + hc_ENGINE_by_dso + hc_ENGINE_by_id + hc_ENGINE_finish + hc_ENGINE_free + hc_ENGINE_get_DH + hc_ENGINE_get_RAND + hc_ENGINE_get_RSA + hc_ENGINE_get_default_DH + hc_ENGINE_get_default_RSA + hc_ENGINE_get_id + hc_ENGINE_get_name + hc_ENGINE_load_builtin_engines + hc_ENGINE_new + hc_ENGINE_set_DH + hc_ENGINE_set_RSA + hc_ENGINE_set_default_DH + hc_ENGINE_set_default_RSA + hc_ENGINE_set_destroy_function + hc_ENGINE_set_id + hc_ENGINE_set_name + hc_ENGINE_up_ref + hc_EVP_BytesToKey + hc_EVP_CIPHER_CTX_block_size + hc_EVP_CIPHER_CTX_cipher + hc_EVP_CIPHER_CTX_cleanup + hc_EVP_CIPHER_CTX_flags + hc_EVP_CIPHER_CTX_get_app_data + hc_EVP_CIPHER_CTX_init + hc_EVP_CIPHER_CTX_iv_length + hc_EVP_CIPHER_CTX_key_length + hc_EVP_CIPHER_CTX_mode + hc_EVP_CIPHER_CTX_set_app_data + hc_EVP_CIPHER_block_size + hc_EVP_CIPHER_iv_length + hc_EVP_CIPHER_key_length + hc_EVP_Cipher + hc_EVP_CipherInit_ex + hc_EVP_Digest + hc_EVP_DigestFinal_ex + hc_EVP_DigestInit_ex + hc_EVP_DigestUpdate + hc_EVP_MD_CTX_block_size + hc_EVP_MD_CTX_cleanup + hc_EVP_MD_CTX_create + hc_EVP_MD_CTX_destroy + hc_EVP_MD_CTX_init + hc_EVP_MD_CTX_md + hc_EVP_MD_CTX_size + hc_EVP_MD_block_size + hc_EVP_MD_size + hc_EVP_aes_128_cbc + hc_EVP_aes_128_cfb8 + hc_EVP_aes_192_cbc + hc_EVP_aes_192_cfb8 + hc_EVP_aes_256_cbc + hc_EVP_aes_256_cfb8 + hc_EVP_des_cbc + hc_EVP_des_ede3_cbc + hc_EVP_camellia_128_cbc + hc_EVP_camellia_192_cbc + hc_EVP_camellia_256_cbc + hc_EVP_enc_null + hc_EVP_get_cipherbyname + hc_EVP_md2 + hc_EVP_md4 + hc_EVP_md5 + hc_EVP_md_null + hc_EVP_rc2_40_cbc + hc_EVP_rc2_64_cbc + hc_EVP_rc2_cbc + hc_EVP_rc4 + hc_EVP_rc4_40 + hc_EVP_sha + hc_EVP_sha1 + hc_EVP_sha256 + hc_EVP_sha384 + hc_EVP_sha512 + +;! hc_EVP_cc_md2 +;! hc_EVP_cc_md4 +;! hc_EVP_cc_md5 +;! hc_EVP_cc_sha1 +;! hc_EVP_cc_sha256 +;! hc_EVP_cc_des_ede3_cbc +;! hc_EVP_cc_aes_128_cbc +;! hc_EVP_cc_aes_192_cbc +;! hc_EVP_cc_aes_256_cbc +;! hc_EVP_cc_aes_128_cfb8 +;! hc_EVP_cc_aes_192_cfb8 +;! hc_EVP_cc_aes_256_cfb8 + + hc_EVP_hcrypto_md2 + hc_EVP_hcrypto_md4 + hc_EVP_hcrypto_md5 + hc_EVP_hcrypto_sha1 + hc_EVP_hcrypto_sha256 + hc_EVP_hcrypto_sha384 + hc_EVP_hcrypto_sha512 + hc_EVP_hcrypto_des_ede3_cbc + hc_EVP_hcrypto_aes_128_cbc + hc_EVP_hcrypto_aes_192_cbc + hc_EVP_hcrypto_aes_256_cbc + hc_EVP_hcrypto_rc4 + hc_EVP_hcrypto_rc4_40 + + hc_EVP_hcrypto_aes_128_cfb8 + hc_EVP_hcrypto_aes_192_cfb8 + hc_EVP_hcrypto_aes_256_cfb8 + +;! hc_EVP_hcrypto_aes_128_cts +;! hc_EVP_hcrypto_aes_192_cts +;! hc_EVP_hcrypto_aes_256_cts + + hc_HMAC + hc_HMAC_CTX_cleanup + hc_HMAC_CTX_init + hc_HMAC_Final + hc_HMAC_Init_ex + hc_HMAC_Update + hc_HMAC_size + hc_MD2_Final + hc_MD2_Init + hc_MD2_Update + hc_MD4_Final + hc_MD4_Init + hc_MD4_Update + hc_MD5_Final + hc_MD5_Init + hc_MD5_Update + hc_OpenSSL_add_all_algorithms + hc_OpenSSL_add_all_algorithms_conf + hc_OpenSSL_add_all_algorithms_noconf + hc_PKCS12_key_gen + hc_PKCS5_PBKDF2_HMAC_SHA1 + hc_RAND_add + hc_RAND_bytes + hc_RAND_cleanup +;! hc_RAND_egd +;! hc_RAND_egd_bytes +;! hc_RAND_egd_method + hc_RAND_file_name +;! hc_RAND_fortuna_method + hc_RAND_get_rand_method + hc_RAND_load_file + hc_RAND_pseudo_bytes + hc_RAND_seed + hc_RAND_set_rand_engine + hc_RAND_set_rand_method + hc_RAND_status +;! hc_RAND_unix_method +;! hc_RAND_timer_method + hc_RAND_w32crypto_method ;! + hc_RAND_write_file + hc_RC2_cbc_encrypt + hc_RC2_decryptc + hc_RC2_encryptc + hc_RC2_set_key + hc_RC4 + hc_RC4_set_key + hc_RSA_check_key + hc_RSA_free + hc_RSA_generate_key_ex + hc_RSA_get_app_data + hc_RSA_get_default_method + hc_RSA_get_method + hc_RSA_new + hc_RSA_new_method + hc_RSA_null_method + hc_RSA_private_decrypt + hc_RSA_private_encrypt + hc_RSA_public_decrypt + hc_RSA_public_encrypt + hc_RSA_set_app_data + hc_RSA_set_default_method + hc_RSA_set_method + hc_RSA_sign + hc_RSA_size + hc_RSA_up_ref + hc_RSA_verify + hc_SHA1_Final + hc_SHA1_Init + hc_SHA1_Update + hc_SHA256_Final + hc_SHA256_Init + hc_SHA256_Update + hc_SHA384_Final + hc_SHA384_Init + hc_SHA384_Update + hc_SHA512_Final + hc_SHA512_Init + hc_SHA512_Update + hc_UI_UTIL_read_pw_string + hc_i2d_DHparams + hc_d2i_RSAPrivateKey + hc_i2d_RSAPrivateKey + hc_i2d_RSAPublicKey + hc_d2i_RSAPublicKey + hc_EVP_CIPHER_CTX_ctrl + hc_EVP_CIPHER_CTX_rand_key + hc_EVP_CIPHER_CTX_set_key_length + hc_EVP_hcrypto_rc2_40_cbc + hc_EVP_hcrypto_camellia_128_cbc + hc_EVP_CipherUpdate + hc_EVP_CipherFinal_ex + + hc_hcrypto_validate + diff --git a/lib/hcrypto/libtommath/bn_error.c b/lib/hcrypto/libtommath/bn_error.c new file mode 100644 index 000000000000..b1b7177e61f0 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_error.c @@ -0,0 +1,47 @@ +#include +#ifdef BN_ERROR_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +static const struct { + int code; + char *msg; +} msgs[] = { + { MP_OKAY, "Successful" }, + { MP_MEM, "Out of heap" }, + { MP_VAL, "Value out of range" } +}; + +/* return a char * string for a given code */ +char *mp_error_to_string(int code) +{ + int x; + + /* scan the lookup table for the given message */ + for (x = 0; x < (int)(sizeof(msgs) / sizeof(msgs[0])); x++) { + if (msgs[x].code == code) { + return msgs[x].msg; + } + } + + /* generic reply for invalid code */ + return "Invalid error code"; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_error.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_fast_mp_invmod.c b/lib/hcrypto/libtommath/bn_fast_mp_invmod.c new file mode 100644 index 000000000000..f4780d8e8ccd --- /dev/null +++ b/lib/hcrypto/libtommath/bn_fast_mp_invmod.c @@ -0,0 +1,148 @@ +#include +#ifdef BN_FAST_MP_INVMOD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* computes the modular inverse via binary extended euclidean algorithm, + * that is c = 1/a mod b + * + * Based on slow invmod except this is optimized for the case where b is + * odd as per HAC Note 14.64 on pp. 610 + */ +int fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c) +{ + mp_int x, y, u, v, B, D; + int res, neg; + + /* 2. [modified] b must be odd */ + if (mp_iseven (b) == 1) { + return MP_VAL; + } + + /* init all our temps */ + if ((res = mp_init_multi(&x, &y, &u, &v, &B, &D, NULL)) != MP_OKAY) { + return res; + } + + /* x == modulus, y == value to invert */ + if ((res = mp_copy (b, &x)) != MP_OKAY) { + goto LBL_ERR; + } + + /* we need y = |a| */ + if ((res = mp_mod (a, b, &y)) != MP_OKAY) { + goto LBL_ERR; + } + + /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */ + if ((res = mp_copy (&x, &u)) != MP_OKAY) { + goto LBL_ERR; + } + if ((res = mp_copy (&y, &v)) != MP_OKAY) { + goto LBL_ERR; + } + mp_set (&D, 1); + +top: + /* 4. while u is even do */ + while (mp_iseven (&u) == 1) { + /* 4.1 u = u/2 */ + if ((res = mp_div_2 (&u, &u)) != MP_OKAY) { + goto LBL_ERR; + } + /* 4.2 if B is odd then */ + if (mp_isodd (&B) == 1) { + if ((res = mp_sub (&B, &x, &B)) != MP_OKAY) { + goto LBL_ERR; + } + } + /* B = B/2 */ + if ((res = mp_div_2 (&B, &B)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* 5. while v is even do */ + while (mp_iseven (&v) == 1) { + /* 5.1 v = v/2 */ + if ((res = mp_div_2 (&v, &v)) != MP_OKAY) { + goto LBL_ERR; + } + /* 5.2 if D is odd then */ + if (mp_isodd (&D) == 1) { + /* D = (D-x)/2 */ + if ((res = mp_sub (&D, &x, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + /* D = D/2 */ + if ((res = mp_div_2 (&D, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* 6. if u >= v then */ + if (mp_cmp (&u, &v) != MP_LT) { + /* u = u - v, B = B - D */ + if ((res = mp_sub (&u, &v, &u)) != MP_OKAY) { + goto LBL_ERR; + } + + if ((res = mp_sub (&B, &D, &B)) != MP_OKAY) { + goto LBL_ERR; + } + } else { + /* v - v - u, D = D - B */ + if ((res = mp_sub (&v, &u, &v)) != MP_OKAY) { + goto LBL_ERR; + } + + if ((res = mp_sub (&D, &B, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* if not zero goto step 4 */ + if (mp_iszero (&u) == 0) { + goto top; + } + + /* now a = C, b = D, gcd == g*v */ + + /* if v != 1 then there is no inverse */ + if (mp_cmp_d (&v, 1) != MP_EQ) { + res = MP_VAL; + goto LBL_ERR; + } + + /* b is now the inverse */ + neg = a->sign; + while (D.sign == MP_NEG) { + if ((res = mp_add (&D, b, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + mp_exch (&D, c); + c->sign = neg; + res = MP_OKAY; + +LBL_ERR:mp_clear_multi (&x, &y, &u, &v, &B, &D, NULL); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_fast_mp_invmod.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_fast_mp_montgomery_reduce.c b/lib/hcrypto/libtommath/bn_fast_mp_montgomery_reduce.c new file mode 100644 index 000000000000..b6c0694bd2f5 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_fast_mp_montgomery_reduce.c @@ -0,0 +1,172 @@ +#include +#ifdef BN_FAST_MP_MONTGOMERY_REDUCE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* computes xR**-1 == x (mod N) via Montgomery Reduction + * + * This is an optimized implementation of montgomery_reduce + * which uses the comba method to quickly calculate the columns of the + * reduction. + * + * Based on Algorithm 14.32 on pp.601 of HAC. +*/ +int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho) +{ + int ix, res, olduse; + mp_word W[MP_WARRAY]; + + /* get old used count */ + olduse = x->used; + + /* grow a as required */ + if (x->alloc < n->used + 1) { + if ((res = mp_grow (x, n->used + 1)) != MP_OKAY) { + return res; + } + } + + /* first we have to get the digits of the input into + * an array of double precision words W[...] + */ + { + register mp_word *_W; + register mp_digit *tmpx; + + /* alias for the W[] array */ + _W = W; + + /* alias for the digits of x*/ + tmpx = x->dp; + + /* copy the digits of a into W[0..a->used-1] */ + for (ix = 0; ix < x->used; ix++) { + *_W++ = *tmpx++; + } + + /* zero the high words of W[a->used..m->used*2] */ + for (; ix < n->used * 2 + 1; ix++) { + *_W++ = 0; + } + } + + /* now we proceed to zero successive digits + * from the least significant upwards + */ + for (ix = 0; ix < n->used; ix++) { + /* mu = ai * m' mod b + * + * We avoid a double precision multiplication (which isn't required) + * by casting the value down to a mp_digit. Note this requires + * that W[ix-1] have the carry cleared (see after the inner loop) + */ + register mp_digit mu; + mu = (mp_digit) (((W[ix] & MP_MASK) * rho) & MP_MASK); + + /* a = a + mu * m * b**i + * + * This is computed in place and on the fly. The multiplication + * by b**i is handled by offseting which columns the results + * are added to. + * + * Note the comba method normally doesn't handle carries in the + * inner loop In this case we fix the carry from the previous + * column since the Montgomery reduction requires digits of the + * result (so far) [see above] to work. This is + * handled by fixing up one carry after the inner loop. The + * carry fixups are done in order so after these loops the + * first m->used words of W[] have the carries fixed + */ + { + register int iy; + register mp_digit *tmpn; + register mp_word *_W; + + /* alias for the digits of the modulus */ + tmpn = n->dp; + + /* Alias for the columns set by an offset of ix */ + _W = W + ix; + + /* inner loop */ + for (iy = 0; iy < n->used; iy++) { + *_W++ += ((mp_word)mu) * ((mp_word)*tmpn++); + } + } + + /* now fix carry for next digit, W[ix+1] */ + W[ix + 1] += W[ix] >> ((mp_word) DIGIT_BIT); + } + + /* now we have to propagate the carries and + * shift the words downward [all those least + * significant digits we zeroed]. + */ + { + register mp_digit *tmpx; + register mp_word *_W, *_W1; + + /* nox fix rest of carries */ + + /* alias for current word */ + _W1 = W + ix; + + /* alias for next word, where the carry goes */ + _W = W + ++ix; + + for (; ix <= n->used * 2 + 1; ix++) { + *_W++ += *_W1++ >> ((mp_word) DIGIT_BIT); + } + + /* copy out, A = A/b**n + * + * The result is A/b**n but instead of converting from an + * array of mp_word to mp_digit than calling mp_rshd + * we just copy them in the right order + */ + + /* alias for destination word */ + tmpx = x->dp; + + /* alias for shifted double precision result */ + _W = W + n->used; + + for (ix = 0; ix < n->used + 1; ix++) { + *tmpx++ = (mp_digit)(*_W++ & ((mp_word) MP_MASK)); + } + + /* zero oldused digits, if the input a was larger than + * m->used+1 we'll have to clear the digits + */ + for (; ix < olduse; ix++) { + *tmpx++ = 0; + } + } + + /* set the max used and clamp */ + x->used = n->used + 1; + mp_clamp (x); + + /* if A >= m then A = A - m */ + if (mp_cmp_mag (x, n) != MP_LT) { + return s_mp_sub (x, n, x); + } + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_fast_mp_montgomery_reduce.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_fast_s_mp_mul_digs.c b/lib/hcrypto/libtommath/bn_fast_s_mp_mul_digs.c new file mode 100644 index 000000000000..90f161b10231 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_fast_s_mp_mul_digs.c @@ -0,0 +1,107 @@ +#include +#ifdef BN_FAST_S_MP_MUL_DIGS_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* Fast (comba) multiplier + * + * This is the fast column-array [comba] multiplier. It is + * designed to compute the columns of the product first + * then handle the carries afterwards. This has the effect + * of making the nested loops that compute the columns very + * simple and schedulable on super-scalar processors. + * + * This has been modified to produce a variable number of + * digits of output so if say only a half-product is required + * you don't have to compute the upper half (a feature + * required for fast Barrett reduction). + * + * Based on Algorithm 14.12 on pp.595 of HAC. + * + */ +int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) +{ + int olduse, res, pa, ix, iz; + mp_digit W[MP_WARRAY]; + register mp_word _W; + + /* grow the destination as required */ + if (c->alloc < digs) { + if ((res = mp_grow (c, digs)) != MP_OKAY) { + return res; + } + } + + /* number of output digits to produce */ + pa = MIN(digs, a->used + b->used); + + /* clear the carry */ + _W = 0; + for (ix = 0; ix < pa; ix++) { + int tx, ty; + int iy; + mp_digit *tmpx, *tmpy; + + /* get offsets into the two bignums */ + ty = MIN(b->used-1, ix); + tx = ix - ty; + + /* setup temp aliases */ + tmpx = a->dp + tx; + tmpy = b->dp + ty; + + /* this is the number of times the loop will iterrate, essentially + while (tx++ < a->used && ty-- >= 0) { ... } + */ + iy = MIN(a->used-tx, ty+1); + + /* execute loop */ + for (iz = 0; iz < iy; ++iz) { + _W += ((mp_word)*tmpx++)*((mp_word)*tmpy--); + + } + + /* store term */ + W[ix] = ((mp_digit)_W) & MP_MASK; + + /* make next carry */ + _W = _W >> ((mp_word)DIGIT_BIT); + } + + /* setup dest */ + olduse = c->used; + c->used = pa; + + { + register mp_digit *tmpc; + tmpc = c->dp; + for (ix = 0; ix < pa+1; ix++) { + /* now extract the previous digit [below the carry] */ + *tmpc++ = W[ix]; + } + + /* clear unused digits [that existed in the old copy of c] */ + for (; ix < olduse; ix++) { + *tmpc++ = 0; + } + } + mp_clamp (c); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_fast_s_mp_mul_digs.c,v $ */ +/* $Revision: 1.8 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_fast_s_mp_mul_high_digs.c b/lib/hcrypto/libtommath/bn_fast_s_mp_mul_high_digs.c new file mode 100644 index 000000000000..a03b9f1324f8 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_fast_s_mp_mul_high_digs.c @@ -0,0 +1,98 @@ +#include +#ifdef BN_FAST_S_MP_MUL_HIGH_DIGS_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* this is a modified version of fast_s_mul_digs that only produces + * output digits *above* digs. See the comments for fast_s_mul_digs + * to see how it works. + * + * This is used in the Barrett reduction since for one of the multiplications + * only the higher digits were needed. This essentially halves the work. + * + * Based on Algorithm 14.12 on pp.595 of HAC. + */ +int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) +{ + int olduse, res, pa, ix, iz; + mp_digit W[MP_WARRAY]; + mp_word _W; + + /* grow the destination as required */ + pa = a->used + b->used; + if (c->alloc < pa) { + if ((res = mp_grow (c, pa)) != MP_OKAY) { + return res; + } + } + + /* number of output digits to produce */ + pa = a->used + b->used; + _W = 0; + for (ix = digs; ix < pa; ix++) { + int tx, ty, iy; + mp_digit *tmpx, *tmpy; + + /* get offsets into the two bignums */ + ty = MIN(b->used-1, ix); + tx = ix - ty; + + /* setup temp aliases */ + tmpx = a->dp + tx; + tmpy = b->dp + ty; + + /* this is the number of times the loop will iterrate, essentially its + while (tx++ < a->used && ty-- >= 0) { ... } + */ + iy = MIN(a->used-tx, ty+1); + + /* execute loop */ + for (iz = 0; iz < iy; iz++) { + _W += ((mp_word)*tmpx++)*((mp_word)*tmpy--); + } + + /* store term */ + W[ix] = ((mp_digit)_W) & MP_MASK; + + /* make next carry */ + _W = _W >> ((mp_word)DIGIT_BIT); + } + + /* setup dest */ + olduse = c->used; + c->used = pa; + + { + register mp_digit *tmpc; + + tmpc = c->dp + digs; + for (ix = digs; ix < pa; ix++) { + /* now extract the previous digit [below the carry] */ + *tmpc++ = W[ix]; + } + + /* clear unused digits [that existed in the old copy of c] */ + for (; ix < olduse; ix++) { + *tmpc++ = 0; + } + } + mp_clamp (c); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_fast_s_mp_mul_high_digs.c,v $ */ +/* $Revision: 1.6 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_fast_s_mp_sqr.c b/lib/hcrypto/libtommath/bn_fast_s_mp_sqr.c new file mode 100644 index 000000000000..848eaf04630f --- /dev/null +++ b/lib/hcrypto/libtommath/bn_fast_s_mp_sqr.c @@ -0,0 +1,114 @@ +#include +#ifdef BN_FAST_S_MP_SQR_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* the jist of squaring... + * you do like mult except the offset of the tmpx [one that + * starts closer to zero] can't equal the offset of tmpy. + * So basically you set up iy like before then you min it with + * (ty-tx) so that it never happens. You double all those + * you add in the inner loop + +After that loop you do the squares and add them in. +*/ + +int fast_s_mp_sqr (mp_int * a, mp_int * b) +{ + int olduse, res, pa, ix, iz; + mp_digit W[MP_WARRAY], *tmpx; + mp_word W1; + + /* grow the destination as required */ + pa = a->used + a->used; + if (b->alloc < pa) { + if ((res = mp_grow (b, pa)) != MP_OKAY) { + return res; + } + } + + /* number of output digits to produce */ + W1 = 0; + for (ix = 0; ix < pa; ix++) { + int tx, ty, iy; + mp_word _W; + mp_digit *tmpy; + + /* clear counter */ + _W = 0; + + /* get offsets into the two bignums */ + ty = MIN(a->used-1, ix); + tx = ix - ty; + + /* setup temp aliases */ + tmpx = a->dp + tx; + tmpy = a->dp + ty; + + /* this is the number of times the loop will iterrate, essentially + while (tx++ < a->used && ty-- >= 0) { ... } + */ + iy = MIN(a->used-tx, ty+1); + + /* now for squaring tx can never equal ty + * we halve the distance since they approach at a rate of 2x + * and we have to round because odd cases need to be executed + */ + iy = MIN(iy, (ty-tx+1)>>1); + + /* execute loop */ + for (iz = 0; iz < iy; iz++) { + _W += ((mp_word)*tmpx++)*((mp_word)*tmpy--); + } + + /* double the inner product and add carry */ + _W = _W + _W + W1; + + /* even columns have the square term in them */ + if ((ix&1) == 0) { + _W += ((mp_word)a->dp[ix>>1])*((mp_word)a->dp[ix>>1]); + } + + /* store it */ + W[ix] = (mp_digit)(_W & MP_MASK); + + /* make next carry */ + W1 = _W >> ((mp_word)DIGIT_BIT); + } + + /* setup dest */ + olduse = b->used; + b->used = a->used+a->used; + + { + mp_digit *tmpb; + tmpb = b->dp; + for (ix = 0; ix < pa; ix++) { + *tmpb++ = W[ix] & MP_MASK; + } + + /* clear unused digits [that existed in the old copy of c] */ + for (; ix < olduse; ix++) { + *tmpb++ = 0; + } + } + mp_clamp (b); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_fast_s_mp_sqr.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_2expt.c b/lib/hcrypto/libtommath/bn_mp_2expt.c new file mode 100644 index 000000000000..11a508c7fb73 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_2expt.c @@ -0,0 +1,48 @@ +#include +#ifdef BN_MP_2EXPT_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* computes a = 2**b + * + * Simple algorithm which zeroes the int, grows it then just sets one bit + * as required. + */ +int +mp_2expt (mp_int * a, int b) +{ + int res; + + /* zero a as per default */ + mp_zero (a); + + /* grow a to accomodate the single bit */ + if ((res = mp_grow (a, b / DIGIT_BIT + 1)) != MP_OKAY) { + return res; + } + + /* set the used count of where the bit will go */ + a->used = b / DIGIT_BIT + 1; + + /* put the single bit in its place */ + a->dp[b / DIGIT_BIT] = ((mp_digit)1) << (b % DIGIT_BIT); + + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_2expt.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_abs.c b/lib/hcrypto/libtommath/bn_mp_abs.c new file mode 100644 index 000000000000..d97e8db05f13 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_abs.c @@ -0,0 +1,43 @@ +#include +#ifdef BN_MP_ABS_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* b = |a| + * + * Simple function copies the input and fixes the sign to positive + */ +int +mp_abs (mp_int * a, mp_int * b) +{ + int res; + + /* copy a to b */ + if (a != b) { + if ((res = mp_copy (a, b)) != MP_OKAY) { + return res; + } + } + + /* force the sign of b to positive */ + b->sign = MP_ZPOS; + + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_abs.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_add.c b/lib/hcrypto/libtommath/bn_mp_add.c new file mode 100644 index 000000000000..be20644770d3 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_add.c @@ -0,0 +1,53 @@ +#include +#ifdef BN_MP_ADD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* high level addition (handles signs) */ +int mp_add (mp_int * a, mp_int * b, mp_int * c) +{ + int sa, sb, res; + + /* get sign of both inputs */ + sa = a->sign; + sb = b->sign; + + /* handle two cases, not four */ + if (sa == sb) { + /* both positive or both negative */ + /* add their magnitudes, copy the sign */ + c->sign = sa; + res = s_mp_add (a, b, c); + } else { + /* one positive, the other negative */ + /* subtract the one with the greater magnitude from */ + /* the one of the lesser magnitude. The result gets */ + /* the sign of the one with the greater magnitude. */ + if (mp_cmp_mag (a, b) == MP_LT) { + c->sign = sb; + res = s_mp_sub (b, a, c); + } else { + c->sign = sa; + res = s_mp_sub (a, b, c); + } + } + return res; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_add.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_add_d.c b/lib/hcrypto/libtommath/bn_mp_add_d.c new file mode 100644 index 000000000000..8ca36c1124fa --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_add_d.c @@ -0,0 +1,112 @@ +#include +#ifdef BN_MP_ADD_D_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* single digit addition */ +int +mp_add_d (mp_int * a, mp_digit b, mp_int * c) +{ + int res, ix, oldused; + mp_digit *tmpa, *tmpc, mu; + + /* grow c as required */ + if (c->alloc < a->used + 1) { + if ((res = mp_grow(c, a->used + 1)) != MP_OKAY) { + return res; + } + } + + /* if a is negative and |a| >= b, call c = |a| - b */ + if (a->sign == MP_NEG && (a->used > 1 || a->dp[0] >= b)) { + /* temporarily fix sign of a */ + a->sign = MP_ZPOS; + + /* c = |a| - b */ + res = mp_sub_d(a, b, c); + + /* fix sign */ + a->sign = c->sign = MP_NEG; + + /* clamp */ + mp_clamp(c); + + return res; + } + + /* old number of used digits in c */ + oldused = c->used; + + /* sign always positive */ + c->sign = MP_ZPOS; + + /* source alias */ + tmpa = a->dp; + + /* destination alias */ + tmpc = c->dp; + + /* if a is positive */ + if (a->sign == MP_ZPOS) { + /* add digit, after this we're propagating + * the carry. + */ + *tmpc = *tmpa++ + b; + mu = *tmpc >> DIGIT_BIT; + *tmpc++ &= MP_MASK; + + /* now handle rest of the digits */ + for (ix = 1; ix < a->used; ix++) { + *tmpc = *tmpa++ + mu; + mu = *tmpc >> DIGIT_BIT; + *tmpc++ &= MP_MASK; + } + /* set final carry */ + ix++; + *tmpc++ = mu; + + /* setup size */ + c->used = a->used + 1; + } else { + /* a was negative and |a| < b */ + c->used = 1; + + /* the result is a single digit */ + if (a->used == 1) { + *tmpc++ = b - a->dp[0]; + } else { + *tmpc++ = b; + } + + /* setup count so the clearing of oldused + * can fall through correctly + */ + ix = 1; + } + + /* now zero to oldused */ + while (ix++ < oldused) { + *tmpc++ = 0; + } + mp_clamp(c); + + return MP_OKAY; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_add_d.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_addmod.c b/lib/hcrypto/libtommath/bn_mp_addmod.c new file mode 100644 index 000000000000..6d8afe18c93e --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_addmod.c @@ -0,0 +1,41 @@ +#include +#ifdef BN_MP_ADDMOD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* d = a + b (mod c) */ +int +mp_addmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d) +{ + int res; + mp_int t; + + if ((res = mp_init (&t)) != MP_OKAY) { + return res; + } + + if ((res = mp_add (a, b, &t)) != MP_OKAY) { + mp_clear (&t); + return res; + } + res = mp_mod (&t, c, d); + mp_clear (&t); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_addmod.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_and.c b/lib/hcrypto/libtommath/bn_mp_and.c new file mode 100644 index 000000000000..8ea22878f91a --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_and.c @@ -0,0 +1,57 @@ +#include +#ifdef BN_MP_AND_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* AND two ints together */ +int +mp_and (mp_int * a, mp_int * b, mp_int * c) +{ + int res, ix, px; + mp_int t, *x; + + if (a->used > b->used) { + if ((res = mp_init_copy (&t, a)) != MP_OKAY) { + return res; + } + px = b->used; + x = b; + } else { + if ((res = mp_init_copy (&t, b)) != MP_OKAY) { + return res; + } + px = a->used; + x = a; + } + + for (ix = 0; ix < px; ix++) { + t.dp[ix] &= x->dp[ix]; + } + + /* zero digits above the last from the smallest mp_int */ + for (; ix < t.used; ix++) { + t.dp[ix] = 0; + } + + mp_clamp (&t); + mp_exch (c, &t); + mp_clear (&t); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_and.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_clamp.c b/lib/hcrypto/libtommath/bn_mp_clamp.c new file mode 100644 index 000000000000..2a565e8dbd28 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_clamp.c @@ -0,0 +1,44 @@ +#include +#ifdef BN_MP_CLAMP_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* trim unused digits + * + * This is used to ensure that leading zero digits are + * trimed and the leading "used" digit will be non-zero + * Typically very fast. Also fixes the sign if there + * are no more leading digits + */ +void +mp_clamp (mp_int * a) +{ + /* decrease used while the most significant digit is + * zero. + */ + while (a->used > 0 && a->dp[a->used - 1] == 0) { + --(a->used); + } + + /* reset the sign flag if used == 0 */ + if (a->used == 0) { + a->sign = MP_ZPOS; + } +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_clamp.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_clear.c b/lib/hcrypto/libtommath/bn_mp_clear.c new file mode 100644 index 000000000000..a65f0a36c49f --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_clear.c @@ -0,0 +1,44 @@ +#include +#ifdef BN_MP_CLEAR_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* clear one (frees) */ +void +mp_clear (mp_int * a) +{ + int i; + + /* only do anything if a hasn't been freed previously */ + if (a->dp != NULL) { + /* first zero the digits */ + for (i = 0; i < a->used; i++) { + a->dp[i] = 0; + } + + /* free ram */ + XFREE(a->dp); + + /* reset members to make debugging easier */ + a->dp = NULL; + a->alloc = a->used = 0; + a->sign = MP_ZPOS; + } +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_clear.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_clear_multi.c b/lib/hcrypto/libtommath/bn_mp_clear_multi.c new file mode 100644 index 000000000000..e5e3da340aea --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_clear_multi.c @@ -0,0 +1,34 @@ +#include +#ifdef BN_MP_CLEAR_MULTI_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ +#include + +void mp_clear_multi(mp_int *mp, ...) +{ + mp_int* next_mp = mp; + va_list args; + va_start(args, mp); + while (next_mp != NULL) { + mp_clear(next_mp); + next_mp = va_arg(args, mp_int*); + } + va_end(args); +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_clear_multi.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_cmp.c b/lib/hcrypto/libtommath/bn_mp_cmp.c new file mode 100644 index 000000000000..ccd2c8eb9b9b --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_cmp.c @@ -0,0 +1,43 @@ +#include +#ifdef BN_MP_CMP_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* compare two ints (signed)*/ +int +mp_cmp (mp_int * a, mp_int * b) +{ + /* compare based on sign */ + if (a->sign != b->sign) { + if (a->sign == MP_NEG) { + return MP_LT; + } else { + return MP_GT; + } + } + + /* compare digits */ + if (a->sign == MP_NEG) { + /* if negative compare opposite direction */ + return mp_cmp_mag(b, a); + } else { + return mp_cmp_mag(a, b); + } +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_cmp.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_cmp_d.c b/lib/hcrypto/libtommath/bn_mp_cmp_d.c new file mode 100644 index 000000000000..724c1c36344d --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_cmp_d.c @@ -0,0 +1,44 @@ +#include +#ifdef BN_MP_CMP_D_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* compare a digit */ +int mp_cmp_d(mp_int * a, mp_digit b) +{ + /* compare based on sign */ + if (a->sign == MP_NEG) { + return MP_LT; + } + + /* compare based on magnitude */ + if (a->used > 1) { + return MP_GT; + } + + /* compare the only digit of a to b */ + if (a->dp[0] > b) { + return MP_GT; + } else if (a->dp[0] < b) { + return MP_LT; + } else { + return MP_EQ; + } +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_cmp_d.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_cmp_mag.c b/lib/hcrypto/libtommath/bn_mp_cmp_mag.c new file mode 100644 index 000000000000..4a505238a031 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_cmp_mag.c @@ -0,0 +1,55 @@ +#include +#ifdef BN_MP_CMP_MAG_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* compare maginitude of two ints (unsigned) */ +int mp_cmp_mag (mp_int * a, mp_int * b) +{ + int n; + mp_digit *tmpa, *tmpb; + + /* compare based on # of non-zero digits */ + if (a->used > b->used) { + return MP_GT; + } + + if (a->used < b->used) { + return MP_LT; + } + + /* alias for a */ + tmpa = a->dp + (a->used - 1); + + /* alias for b */ + tmpb = b->dp + (a->used - 1); + + /* compare based on digits */ + for (n = 0; n < a->used; ++n, --tmpa, --tmpb) { + if (*tmpa > *tmpb) { + return MP_GT; + } + + if (*tmpa < *tmpb) { + return MP_LT; + } + } + return MP_EQ; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_cmp_mag.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_cnt_lsb.c b/lib/hcrypto/libtommath/bn_mp_cnt_lsb.c new file mode 100644 index 000000000000..2d4a8d4f0f20 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_cnt_lsb.c @@ -0,0 +1,53 @@ +#include +#ifdef BN_MP_CNT_LSB_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +static const int lnz[16] = { + 4, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0 +}; + +/* Counts the number of lsbs which are zero before the first zero bit */ +int mp_cnt_lsb(mp_int *a) +{ + int x; + mp_digit q, qq; + + /* easy out */ + if (mp_iszero(a) == 1) { + return 0; + } + + /* scan lower digits until non-zero */ + for (x = 0; x < a->used && a->dp[x] == 0; x++); + q = a->dp[x]; + x *= DIGIT_BIT; + + /* now scan this digit until a 1 is found */ + if ((q & 1) == 0) { + do { + qq = q & 15; + x += lnz[qq]; + q >>= 4; + } while (qq == 0); + } + return x; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_cnt_lsb.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_copy.c b/lib/hcrypto/libtommath/bn_mp_copy.c new file mode 100644 index 000000000000..b0de16d8abff --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_copy.c @@ -0,0 +1,68 @@ +#include +#ifdef BN_MP_COPY_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* copy, b = a */ +int +mp_copy (mp_int * a, mp_int * b) +{ + int res, n; + + /* if dst == src do nothing */ + if (a == b) { + return MP_OKAY; + } + + /* grow dest */ + if (b->alloc < a->used) { + if ((res = mp_grow (b, a->used)) != MP_OKAY) { + return res; + } + } + + /* zero b and copy the parameters over */ + { + register mp_digit *tmpa, *tmpb; + + /* pointer aliases */ + + /* source */ + tmpa = a->dp; + + /* destination */ + tmpb = b->dp; + + /* copy all the digits */ + for (n = 0; n < a->used; n++) { + *tmpb++ = *tmpa++; + } + + /* clear high digits */ + for (; n < b->used; n++) { + *tmpb++ = 0; + } + } + + /* copy used count and sign */ + b->used = a->used; + b->sign = a->sign; + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_copy.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_count_bits.c b/lib/hcrypto/libtommath/bn_mp_count_bits.c new file mode 100644 index 000000000000..5dfd5f375cb6 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_count_bits.c @@ -0,0 +1,45 @@ +#include +#ifdef BN_MP_COUNT_BITS_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* returns the number of bits in an int */ +int +mp_count_bits (mp_int * a) +{ + int r; + mp_digit q; + + /* shortcut */ + if (a->used == 0) { + return 0; + } + + /* get number of digits and add that */ + r = (a->used - 1) * DIGIT_BIT; + + /* take the last digit and count the bits in it */ + q = a->dp[a->used - 1]; + while (q > ((mp_digit) 0)) { + ++r; + q >>= ((mp_digit) 1); + } + return r; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_count_bits.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_div.c b/lib/hcrypto/libtommath/bn_mp_div.c new file mode 100644 index 000000000000..2c364b396fc0 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_div.c @@ -0,0 +1,292 @@ +#include +#ifdef BN_MP_DIV_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +#ifdef BN_MP_DIV_SMALL + +/* slower bit-bang division... also smaller */ +int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d) +{ + mp_int ta, tb, tq, q; + int res, n, n2; + + /* is divisor zero ? */ + if (mp_iszero (b) == 1) { + return MP_VAL; + } + + /* if a < b then q=0, r = a */ + if (mp_cmp_mag (a, b) == MP_LT) { + if (d != NULL) { + res = mp_copy (a, d); + } else { + res = MP_OKAY; + } + if (c != NULL) { + mp_zero (c); + } + return res; + } + + /* init our temps */ + if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL) != MP_OKAY)) { + return res; + } + + + mp_set(&tq, 1); + n = mp_count_bits(a) - mp_count_bits(b); + if (((res = mp_abs(a, &ta)) != MP_OKAY) || + ((res = mp_abs(b, &tb)) != MP_OKAY) || + ((res = mp_mul_2d(&tb, n, &tb)) != MP_OKAY) || + ((res = mp_mul_2d(&tq, n, &tq)) != MP_OKAY)) { + goto LBL_ERR; + } + + while (n-- >= 0) { + if (mp_cmp(&tb, &ta) != MP_GT) { + if (((res = mp_sub(&ta, &tb, &ta)) != MP_OKAY) || + ((res = mp_add(&q, &tq, &q)) != MP_OKAY)) { + goto LBL_ERR; + } + } + if (((res = mp_div_2d(&tb, 1, &tb, NULL)) != MP_OKAY) || + ((res = mp_div_2d(&tq, 1, &tq, NULL)) != MP_OKAY)) { + goto LBL_ERR; + } + } + + /* now q == quotient and ta == remainder */ + n = a->sign; + n2 = (a->sign == b->sign ? MP_ZPOS : MP_NEG); + if (c != NULL) { + mp_exch(c, &q); + c->sign = (mp_iszero(c) == MP_YES) ? MP_ZPOS : n2; + } + if (d != NULL) { + mp_exch(d, &ta); + d->sign = (mp_iszero(d) == MP_YES) ? MP_ZPOS : n; + } +LBL_ERR: + mp_clear_multi(&ta, &tb, &tq, &q, NULL); + return res; +} + +#else + +/* integer signed division. + * c*b + d == a [e.g. a/b, c=quotient, d=remainder] + * HAC pp.598 Algorithm 14.20 + * + * Note that the description in HAC is horribly + * incomplete. For example, it doesn't consider + * the case where digits are removed from 'x' in + * the inner loop. It also doesn't consider the + * case that y has fewer than three digits, etc.. + * + * The overall algorithm is as described as + * 14.20 from HAC but fixed to treat these cases. +*/ +int mp_div (mp_int * a, mp_int * b, mp_int * c, mp_int * d) +{ + mp_int q, x, y, t1, t2; + int res, n, t, i, norm, neg; + + /* is divisor zero ? */ + if (mp_iszero (b) == 1) { + return MP_VAL; + } + + /* if a < b then q=0, r = a */ + if (mp_cmp_mag (a, b) == MP_LT) { + if (d != NULL) { + res = mp_copy (a, d); + } else { + res = MP_OKAY; + } + if (c != NULL) { + mp_zero (c); + } + return res; + } + + if ((res = mp_init_size (&q, a->used + 2)) != MP_OKAY) { + return res; + } + q.used = a->used + 2; + + if ((res = mp_init (&t1)) != MP_OKAY) { + goto LBL_Q; + } + + if ((res = mp_init (&t2)) != MP_OKAY) { + goto LBL_T1; + } + + if ((res = mp_init_copy (&x, a)) != MP_OKAY) { + goto LBL_T2; + } + + if ((res = mp_init_copy (&y, b)) != MP_OKAY) { + goto LBL_X; + } + + /* fix the sign */ + neg = (a->sign == b->sign) ? MP_ZPOS : MP_NEG; + x.sign = y.sign = MP_ZPOS; + + /* normalize both x and y, ensure that y >= b/2, [b == 2**DIGIT_BIT] */ + norm = mp_count_bits(&y) % DIGIT_BIT; + if (norm < (int)(DIGIT_BIT-1)) { + norm = (DIGIT_BIT-1) - norm; + if ((res = mp_mul_2d (&x, norm, &x)) != MP_OKAY) { + goto LBL_Y; + } + if ((res = mp_mul_2d (&y, norm, &y)) != MP_OKAY) { + goto LBL_Y; + } + } else { + norm = 0; + } + + /* note hac does 0 based, so if used==5 then its 0,1,2,3,4, e.g. use 4 */ + n = x.used - 1; + t = y.used - 1; + + /* while (x >= y*b**n-t) do { q[n-t] += 1; x -= y*b**{n-t} } */ + if ((res = mp_lshd (&y, n - t)) != MP_OKAY) { /* y = y*b**{n-t} */ + goto LBL_Y; + } + + while (mp_cmp (&x, &y) != MP_LT) { + ++(q.dp[n - t]); + if ((res = mp_sub (&x, &y, &x)) != MP_OKAY) { + goto LBL_Y; + } + } + + /* reset y by shifting it back down */ + mp_rshd (&y, n - t); + + /* step 3. for i from n down to (t + 1) */ + for (i = n; i >= (t + 1); i--) { + if (i > x.used) { + continue; + } + + /* step 3.1 if xi == yt then set q{i-t-1} to b-1, + * otherwise set q{i-t-1} to (xi*b + x{i-1})/yt */ + if (x.dp[i] == y.dp[t]) { + q.dp[i - t - 1] = ((((mp_digit)1) << DIGIT_BIT) - 1); + } else { + mp_word tmp; + tmp = ((mp_word) x.dp[i]) << ((mp_word) DIGIT_BIT); + tmp |= ((mp_word) x.dp[i - 1]); + tmp /= ((mp_word) y.dp[t]); + if (tmp > (mp_word) MP_MASK) + tmp = MP_MASK; + q.dp[i - t - 1] = (mp_digit) (tmp & (mp_word) (MP_MASK)); + } + + /* while (q{i-t-1} * (yt * b + y{t-1})) > + xi * b**2 + xi-1 * b + xi-2 + + do q{i-t-1} -= 1; + */ + q.dp[i - t - 1] = (q.dp[i - t - 1] + 1) & MP_MASK; + do { + q.dp[i - t - 1] = (q.dp[i - t - 1] - 1) & MP_MASK; + + /* find left hand */ + mp_zero (&t1); + t1.dp[0] = (t - 1 < 0) ? 0 : y.dp[t - 1]; + t1.dp[1] = y.dp[t]; + t1.used = 2; + if ((res = mp_mul_d (&t1, q.dp[i - t - 1], &t1)) != MP_OKAY) { + goto LBL_Y; + } + + /* find right hand */ + t2.dp[0] = (i - 2 < 0) ? 0 : x.dp[i - 2]; + t2.dp[1] = (i - 1 < 0) ? 0 : x.dp[i - 1]; + t2.dp[2] = x.dp[i]; + t2.used = 3; + } while (mp_cmp_mag(&t1, &t2) == MP_GT); + + /* step 3.3 x = x - q{i-t-1} * y * b**{i-t-1} */ + if ((res = mp_mul_d (&y, q.dp[i - t - 1], &t1)) != MP_OKAY) { + goto LBL_Y; + } + + if ((res = mp_lshd (&t1, i - t - 1)) != MP_OKAY) { + goto LBL_Y; + } + + if ((res = mp_sub (&x, &t1, &x)) != MP_OKAY) { + goto LBL_Y; + } + + /* if x < 0 then { x = x + y*b**{i-t-1}; q{i-t-1} -= 1; } */ + if (x.sign == MP_NEG) { + if ((res = mp_copy (&y, &t1)) != MP_OKAY) { + goto LBL_Y; + } + if ((res = mp_lshd (&t1, i - t - 1)) != MP_OKAY) { + goto LBL_Y; + } + if ((res = mp_add (&x, &t1, &x)) != MP_OKAY) { + goto LBL_Y; + } + + q.dp[i - t - 1] = (q.dp[i - t - 1] - 1UL) & MP_MASK; + } + } + + /* now q is the quotient and x is the remainder + * [which we have to normalize] + */ + + /* get sign before writing to c */ + x.sign = x.used == 0 ? MP_ZPOS : a->sign; + + if (c != NULL) { + mp_clamp (&q); + mp_exch (&q, c); + c->sign = neg; + } + + if (d != NULL) { + mp_div_2d (&x, norm, &x, NULL); + mp_exch (&x, d); + } + + res = MP_OKAY; + +LBL_Y:mp_clear (&y); +LBL_X:mp_clear (&x); +LBL_T2:mp_clear (&t2); +LBL_T1:mp_clear (&t1); +LBL_Q:mp_clear (&q); + return res; +} + +#endif + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_div.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_div_2.c b/lib/hcrypto/libtommath/bn_mp_div_2.c new file mode 100644 index 000000000000..7ee3e5b70fd7 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_div_2.c @@ -0,0 +1,68 @@ +#include +#ifdef BN_MP_DIV_2_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* b = a/2 */ +int mp_div_2(mp_int * a, mp_int * b) +{ + int x, res, oldused; + + /* copy */ + if (b->alloc < a->used) { + if ((res = mp_grow (b, a->used)) != MP_OKAY) { + return res; + } + } + + oldused = b->used; + b->used = a->used; + { + register mp_digit r, rr, *tmpa, *tmpb; + + /* source alias */ + tmpa = a->dp + b->used - 1; + + /* dest alias */ + tmpb = b->dp + b->used - 1; + + /* carry */ + r = 0; + for (x = b->used - 1; x >= 0; x--) { + /* get the carry for the next iteration */ + rr = *tmpa & 1; + + /* shift the current digit, add in carry and store */ + *tmpb-- = (*tmpa-- >> 1) | (r << (DIGIT_BIT - 1)); + + /* forward carry to next iteration */ + r = rr; + } + + /* zero excess digits */ + tmpb = b->dp + b->used; + for (x = b->used; x < oldused; x++) { + *tmpb++ = 0; + } + } + b->sign = a->sign; + mp_clamp (b); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_div_2.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_div_2d.c b/lib/hcrypto/libtommath/bn_mp_div_2d.c new file mode 100644 index 000000000000..4f7fa59e3f32 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_div_2d.c @@ -0,0 +1,97 @@ +#include +#ifdef BN_MP_DIV_2D_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* shift right by a certain bit count (store quotient in c, optional remainder in d) */ +int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d) +{ + mp_digit D, r, rr; + int x, res; + mp_int t; + + + /* if the shift count is <= 0 then we do no work */ + if (b <= 0) { + res = mp_copy (a, c); + if (d != NULL) { + mp_zero (d); + } + return res; + } + + if ((res = mp_init (&t)) != MP_OKAY) { + return res; + } + + /* get the remainder */ + if (d != NULL) { + if ((res = mp_mod_2d (a, b, &t)) != MP_OKAY) { + mp_clear (&t); + return res; + } + } + + /* copy */ + if ((res = mp_copy (a, c)) != MP_OKAY) { + mp_clear (&t); + return res; + } + + /* shift by as many digits in the bit count */ + if (b >= (int)DIGIT_BIT) { + mp_rshd (c, b / DIGIT_BIT); + } + + /* shift any bit count < DIGIT_BIT */ + D = (mp_digit) (b % DIGIT_BIT); + if (D != 0) { + register mp_digit *tmpc, mask, shift; + + /* mask */ + mask = (((mp_digit)1) << D) - 1; + + /* shift for lsb */ + shift = DIGIT_BIT - D; + + /* alias */ + tmpc = c->dp + (c->used - 1); + + /* carry */ + r = 0; + for (x = c->used - 1; x >= 0; x--) { + /* get the lower bits of this word in a temp */ + rr = *tmpc & mask; + + /* shift the current word and mix in the carry bits from the previous word */ + *tmpc = (*tmpc >> D) | (r << shift); + --tmpc; + + /* set the carry to the carry bits of the current word found above */ + r = rr; + } + } + mp_clamp (c); + if (d != NULL) { + mp_exch (&t, d); + } + mp_clear (&t); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_div_2d.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_div_3.c b/lib/hcrypto/libtommath/bn_mp_div_3.c new file mode 100644 index 000000000000..78e2381b6e73 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_div_3.c @@ -0,0 +1,79 @@ +#include +#ifdef BN_MP_DIV_3_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* divide by three (based on routine from MPI and the GMP manual) */ +int +mp_div_3 (mp_int * a, mp_int *c, mp_digit * d) +{ + mp_int q; + mp_word w, t; + mp_digit b; + int res, ix; + + /* b = 2**DIGIT_BIT / 3 */ + b = (((mp_word)1) << ((mp_word)DIGIT_BIT)) / ((mp_word)3); + + if ((res = mp_init_size(&q, a->used)) != MP_OKAY) { + return res; + } + + q.used = a->used; + q.sign = a->sign; + w = 0; + for (ix = a->used - 1; ix >= 0; ix--) { + w = (w << ((mp_word)DIGIT_BIT)) | ((mp_word)a->dp[ix]); + + if (w >= 3) { + /* multiply w by [1/3] */ + t = (w * ((mp_word)b)) >> ((mp_word)DIGIT_BIT); + + /* now subtract 3 * [w/3] from w, to get the remainder */ + w -= t+t+t; + + /* fixup the remainder as required since + * the optimization is not exact. + */ + while (w >= 3) { + t += 1; + w -= 3; + } + } else { + t = 0; + } + q.dp[ix] = (mp_digit)t; + } + + /* [optional] store the remainder */ + if (d != NULL) { + *d = (mp_digit)w; + } + + /* [optional] store the quotient */ + if (c != NULL) { + mp_clamp(&q); + mp_exch(&q, c); + } + mp_clear(&q); + + return res; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_div_3.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_div_d.c b/lib/hcrypto/libtommath/bn_mp_div_d.c new file mode 100644 index 000000000000..7bd372c20d37 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_div_d.c @@ -0,0 +1,115 @@ +#include +#ifdef BN_MP_DIV_D_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +static int s_is_power_of_two(mp_digit b, int *p) +{ + int x; + + /* fast return if no power of two */ + if ((b==0) || (b & (b-1))) { + return 0; + } + + for (x = 0; x < DIGIT_BIT; x++) { + if (b == (((mp_digit)1)<dp[0] & ((((mp_digit)1)<used)) != MP_OKAY) { + return res; + } + + q.used = a->used; + q.sign = a->sign; + w = 0; + for (ix = a->used - 1; ix >= 0; ix--) { + w = (w << ((mp_word)DIGIT_BIT)) | ((mp_word)a->dp[ix]); + + if (w >= b) { + t = (mp_digit)(w / b); + w -= ((mp_word)t) * ((mp_word)b); + } else { + t = 0; + } + q.dp[ix] = (mp_digit)t; + } + + if (d != NULL) { + *d = (mp_digit)w; + } + + if (c != NULL) { + mp_clamp(&q); + mp_exch(&q, c); + } + mp_clear(&q); + + return res; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_div_d.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2007/01/09 04:44:32 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_dr_is_modulus.c b/lib/hcrypto/libtommath/bn_mp_dr_is_modulus.c new file mode 100644 index 000000000000..52373440d836 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_dr_is_modulus.c @@ -0,0 +1,43 @@ +#include +#ifdef BN_MP_DR_IS_MODULUS_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* determines if a number is a valid DR modulus */ +int mp_dr_is_modulus(mp_int *a) +{ + int ix; + + /* must be at least two digits */ + if (a->used < 2) { + return 0; + } + + /* must be of the form b**k - a [a <= b] so all + * but the first digit must be equal to -1 (mod b). + */ + for (ix = 1; ix < a->used; ix++) { + if (a->dp[ix] != MP_MASK) { + return 0; + } + } + return 1; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_dr_is_modulus.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_dr_reduce.c b/lib/hcrypto/libtommath/bn_mp_dr_reduce.c new file mode 100644 index 000000000000..e60b5784f162 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_dr_reduce.c @@ -0,0 +1,94 @@ +#include +#ifdef BN_MP_DR_REDUCE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* reduce "x" in place modulo "n" using the Diminished Radix algorithm. + * + * Based on algorithm from the paper + * + * "Generating Efficient Primes for Discrete Log Cryptosystems" + * Chae Hoon Lim, Pil Joong Lee, + * POSTECH Information Research Laboratories + * + * The modulus must be of a special format [see manual] + * + * Has been modified to use algorithm 7.10 from the LTM book instead + * + * Input x must be in the range 0 <= x <= (n-1)**2 + */ +int +mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k) +{ + int err, i, m; + mp_word r; + mp_digit mu, *tmpx1, *tmpx2; + + /* m = digits in modulus */ + m = n->used; + + /* ensure that "x" has at least 2m digits */ + if (x->alloc < m + m) { + if ((err = mp_grow (x, m + m)) != MP_OKAY) { + return err; + } + } + +/* top of loop, this is where the code resumes if + * another reduction pass is required. + */ +top: + /* aliases for digits */ + /* alias for lower half of x */ + tmpx1 = x->dp; + + /* alias for upper half of x, or x/B**m */ + tmpx2 = x->dp + m; + + /* set carry to zero */ + mu = 0; + + /* compute (x mod B**m) + k * [x/B**m] inline and inplace */ + for (i = 0; i < m; i++) { + r = ((mp_word)*tmpx2++) * ((mp_word)k) + *tmpx1 + mu; + *tmpx1++ = (mp_digit)(r & MP_MASK); + mu = (mp_digit)(r >> ((mp_word)DIGIT_BIT)); + } + + /* set final carry */ + *tmpx1++ = mu; + + /* zero words above m */ + for (i = m + 1; i < x->used; i++) { + *tmpx1++ = 0; + } + + /* clamp, sub and return */ + mp_clamp (x); + + /* if x >= n then subtract and reduce again + * Each successive "recursion" makes the input smaller and smaller. + */ + if (mp_cmp_mag (x, n) != MP_LT) { + s_mp_sub(x, n, x); + goto top; + } + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_dr_reduce.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_dr_setup.c b/lib/hcrypto/libtommath/bn_mp_dr_setup.c new file mode 100644 index 000000000000..b7d5ed7c03e1 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_dr_setup.c @@ -0,0 +1,32 @@ +#include +#ifdef BN_MP_DR_SETUP_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* determines the setup value */ +void mp_dr_setup(mp_int *a, mp_digit *d) +{ + /* the casts are required if DIGIT_BIT is one less than + * the number of bits in a mp_digit [e.g. DIGIT_BIT==31] + */ + *d = (mp_digit)((((mp_word)1) << ((mp_word)DIGIT_BIT)) - + ((mp_word)a->dp[0])); +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_dr_setup.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_exch.c b/lib/hcrypto/libtommath/bn_mp_exch.c new file mode 100644 index 000000000000..ee551bc3e196 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_exch.c @@ -0,0 +1,34 @@ +#include +#ifdef BN_MP_EXCH_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* swap the elements of two integers, for cases where you can't simply swap the + * mp_int pointers around + */ +void +mp_exch (mp_int * a, mp_int * b) +{ + mp_int t; + + t = *a; + *a = *b; + *b = t; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_exch.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_expt_d.c b/lib/hcrypto/libtommath/bn_mp_expt_d.c new file mode 100644 index 000000000000..4bdc2d13a695 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_expt_d.c @@ -0,0 +1,57 @@ +#include +#ifdef BN_MP_EXPT_D_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* calculate c = a**b using a square-multiply algorithm */ +int mp_expt_d (mp_int * a, mp_digit b, mp_int * c) +{ + int res, x; + mp_int g; + + if ((res = mp_init_copy (&g, a)) != MP_OKAY) { + return res; + } + + /* set initial result */ + mp_set (c, 1); + + for (x = 0; x < (int) DIGIT_BIT; x++) { + /* square */ + if ((res = mp_sqr (c, c)) != MP_OKAY) { + mp_clear (&g); + return res; + } + + /* if the bit is set multiply */ + if ((b & (mp_digit) (((mp_digit)1) << (DIGIT_BIT - 1))) != 0) { + if ((res = mp_mul (c, &g, c)) != MP_OKAY) { + mp_clear (&g); + return res; + } + } + + /* shift to next bit */ + b <<= 1; + } + + mp_clear (&g); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_expt_d.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_exptmod.c b/lib/hcrypto/libtommath/bn_mp_exptmod.c new file mode 100644 index 000000000000..56d7c11d26e4 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_exptmod.c @@ -0,0 +1,112 @@ +#include +#ifdef BN_MP_EXPTMOD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + + +/* this is a shell function that calls either the normal or Montgomery + * exptmod functions. Originally the call to the montgomery code was + * embedded in the normal function but that wasted alot of stack space + * for nothing (since 99% of the time the Montgomery code would be called) + */ +int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y) +{ + int dr; + + /* modulus P must be positive */ + if (P->sign == MP_NEG) { + return MP_VAL; + } + + /* if exponent X is negative we have to recurse */ + if (X->sign == MP_NEG) { +#ifdef BN_MP_INVMOD_C + mp_int tmpG, tmpX; + int err; + + /* first compute 1/G mod P */ + if ((err = mp_init(&tmpG)) != MP_OKAY) { + return err; + } + if ((err = mp_invmod(G, P, &tmpG)) != MP_OKAY) { + mp_clear(&tmpG); + return err; + } + + /* now get |X| */ + if ((err = mp_init(&tmpX)) != MP_OKAY) { + mp_clear(&tmpG); + return err; + } + if ((err = mp_abs(X, &tmpX)) != MP_OKAY) { + mp_clear_multi(&tmpG, &tmpX, NULL); + return err; + } + + /* and now compute (1/G)**|X| instead of G**X [X < 0] */ + err = mp_exptmod(&tmpG, &tmpX, P, Y); + mp_clear_multi(&tmpG, &tmpX, NULL); + return err; +#else + /* no invmod */ + return MP_VAL; +#endif + } + +/* modified diminished radix reduction */ +#if defined(BN_MP_REDUCE_IS_2K_L_C) && defined(BN_MP_REDUCE_2K_L_C) && defined(BN_S_MP_EXPTMOD_C) + if (mp_reduce_is_2k_l(P) == MP_YES) { + return s_mp_exptmod(G, X, P, Y, 1); + } +#endif + +#ifdef BN_MP_DR_IS_MODULUS_C + /* is it a DR modulus? */ + dr = mp_dr_is_modulus(P); +#else + /* default to no */ + dr = 0; +#endif + +#ifdef BN_MP_REDUCE_IS_2K_C + /* if not, is it a unrestricted DR modulus? */ + if (dr == 0) { + dr = mp_reduce_is_2k(P) << 1; + } +#endif + + /* if the modulus is odd or dr != 0 use the montgomery method */ +#ifdef BN_MP_EXPTMOD_FAST_C + if (mp_isodd (P) == 1 || dr != 0) { + return mp_exptmod_fast (G, X, P, Y, dr); + } else { +#endif +#ifdef BN_S_MP_EXPTMOD_C + /* otherwise use the generic Barrett reduction technique */ + return s_mp_exptmod (G, X, P, Y, 0); +#else + /* no exptmod for evens */ + return MP_VAL; +#endif +#ifdef BN_MP_EXPTMOD_FAST_C + } +#endif +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_exptmod.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_exptmod_fast.c b/lib/hcrypto/libtommath/bn_mp_exptmod_fast.c new file mode 100644 index 000000000000..64fbe7fe2107 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_exptmod_fast.c @@ -0,0 +1,321 @@ +#include +#ifdef BN_MP_EXPTMOD_FAST_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* computes Y == G**X mod P, HAC pp.616, Algorithm 14.85 + * + * Uses a left-to-right k-ary sliding window to compute the modular exponentiation. + * The value of k changes based on the size of the exponent. + * + * Uses Montgomery or Diminished Radix reduction [whichever appropriate] + */ + +#ifdef MP_LOW_MEM + #define TAB_SIZE 32 +#else + #define TAB_SIZE 256 +#endif + +int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode) +{ + mp_int M[TAB_SIZE], res; + mp_digit buf, mp; + int err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize; + + /* use a pointer to the reduction algorithm. This allows us to use + * one of many reduction algorithms without modding the guts of + * the code with if statements everywhere. + */ + int (*redux)(mp_int*,mp_int*,mp_digit); + + /* find window size */ + x = mp_count_bits (X); + if (x <= 7) { + winsize = 2; + } else if (x <= 36) { + winsize = 3; + } else if (x <= 140) { + winsize = 4; + } else if (x <= 450) { + winsize = 5; + } else if (x <= 1303) { + winsize = 6; + } else if (x <= 3529) { + winsize = 7; + } else { + winsize = 8; + } + +#ifdef MP_LOW_MEM + if (winsize > 5) { + winsize = 5; + } +#endif + + /* init M array */ + /* init first cell */ + if ((err = mp_init(&M[1])) != MP_OKAY) { + return err; + } + + /* now init the second half of the array */ + for (x = 1<<(winsize-1); x < (1 << winsize); x++) { + if ((err = mp_init(&M[x])) != MP_OKAY) { + for (y = 1<<(winsize-1); y < x; y++) { + mp_clear (&M[y]); + } + mp_clear(&M[1]); + return err; + } + } + + /* determine and setup reduction code */ + if (redmode == 0) { +#ifdef BN_MP_MONTGOMERY_SETUP_C + /* now setup montgomery */ + if ((err = mp_montgomery_setup (P, &mp)) != MP_OKAY) { + goto LBL_M; + } +#else + err = MP_VAL; + goto LBL_M; +#endif + + /* automatically pick the comba one if available (saves quite a few calls/ifs) */ +#ifdef BN_FAST_MP_MONTGOMERY_REDUCE_C + if (((P->used * 2 + 1) < MP_WARRAY) && + P->used < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + redux = fast_mp_montgomery_reduce; + } else +#endif + { +#ifdef BN_MP_MONTGOMERY_REDUCE_C + /* use slower baseline Montgomery method */ + redux = mp_montgomery_reduce; +#else + err = MP_VAL; + goto LBL_M; +#endif + } + } else if (redmode == 1) { +#if defined(BN_MP_DR_SETUP_C) && defined(BN_MP_DR_REDUCE_C) + /* setup DR reduction for moduli of the form B**k - b */ + mp_dr_setup(P, &mp); + redux = mp_dr_reduce; +#else + err = MP_VAL; + goto LBL_M; +#endif + } else { +#if defined(BN_MP_REDUCE_2K_SETUP_C) && defined(BN_MP_REDUCE_2K_C) + /* setup DR reduction for moduli of the form 2**k - b */ + if ((err = mp_reduce_2k_setup(P, &mp)) != MP_OKAY) { + goto LBL_M; + } + redux = mp_reduce_2k; +#else + err = MP_VAL; + goto LBL_M; +#endif + } + + /* setup result */ + if ((err = mp_init (&res)) != MP_OKAY) { + goto LBL_M; + } + + /* create M table + * + + * + * The first half of the table is not computed though accept for M[0] and M[1] + */ + + if (redmode == 0) { +#ifdef BN_MP_MONTGOMERY_CALC_NORMALIZATION_C + /* now we need R mod m */ + if ((err = mp_montgomery_calc_normalization (&res, P)) != MP_OKAY) { + goto LBL_RES; + } +#else + err = MP_VAL; + goto LBL_RES; +#endif + + /* now set M[1] to G * R mod m */ + if ((err = mp_mulmod (G, &res, P, &M[1])) != MP_OKAY) { + goto LBL_RES; + } + } else { + mp_set(&res, 1); + if ((err = mp_mod(G, P, &M[1])) != MP_OKAY) { + goto LBL_RES; + } + } + + /* compute the value at M[1<<(winsize-1)] by squaring M[1] (winsize-1) times */ + if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) { + goto LBL_RES; + } + + for (x = 0; x < (winsize - 1); x++) { + if ((err = mp_sqr (&M[1 << (winsize - 1)], &M[1 << (winsize - 1)])) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux (&M[1 << (winsize - 1)], P, mp)) != MP_OKAY) { + goto LBL_RES; + } + } + + /* create upper table */ + for (x = (1 << (winsize - 1)) + 1; x < (1 << winsize); x++) { + if ((err = mp_mul (&M[x - 1], &M[1], &M[x])) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux (&M[x], P, mp)) != MP_OKAY) { + goto LBL_RES; + } + } + + /* set initial mode and bit cnt */ + mode = 0; + bitcnt = 1; + buf = 0; + digidx = X->used - 1; + bitcpy = 0; + bitbuf = 0; + + for (;;) { + /* grab next digit as required */ + if (--bitcnt == 0) { + /* if digidx == -1 we are out of digits so break */ + if (digidx == -1) { + break; + } + /* read next digit and reset bitcnt */ + buf = X->dp[digidx--]; + bitcnt = (int)DIGIT_BIT; + } + + /* grab the next msb from the exponent */ + y = (mp_digit)(buf >> (DIGIT_BIT - 1)) & 1; + buf <<= (mp_digit)1; + + /* if the bit is zero and mode == 0 then we ignore it + * These represent the leading zero bits before the first 1 bit + * in the exponent. Technically this opt is not required but it + * does lower the # of trivial squaring/reductions used + */ + if (mode == 0 && y == 0) { + continue; + } + + /* if the bit is zero and mode == 1 then we square */ + if (mode == 1 && y == 0) { + if ((err = mp_sqr (&res, &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux (&res, P, mp)) != MP_OKAY) { + goto LBL_RES; + } + continue; + } + + /* else we add it to the window */ + bitbuf |= (y << (winsize - ++bitcpy)); + mode = 2; + + if (bitcpy == winsize) { + /* ok window is filled so square as required and multiply */ + /* square first */ + for (x = 0; x < winsize; x++) { + if ((err = mp_sqr (&res, &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux (&res, P, mp)) != MP_OKAY) { + goto LBL_RES; + } + } + + /* then multiply */ + if ((err = mp_mul (&res, &M[bitbuf], &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux (&res, P, mp)) != MP_OKAY) { + goto LBL_RES; + } + + /* empty window and reset */ + bitcpy = 0; + bitbuf = 0; + mode = 1; + } + } + + /* if bits remain then square/multiply */ + if (mode == 2 && bitcpy > 0) { + /* square then multiply if the bit is set */ + for (x = 0; x < bitcpy; x++) { + if ((err = mp_sqr (&res, &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux (&res, P, mp)) != MP_OKAY) { + goto LBL_RES; + } + + /* get next bit of the window */ + bitbuf <<= 1; + if ((bitbuf & (1 << winsize)) != 0) { + /* then multiply */ + if ((err = mp_mul (&res, &M[1], &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux (&res, P, mp)) != MP_OKAY) { + goto LBL_RES; + } + } + } + } + + if (redmode == 0) { + /* fixup result if Montgomery reduction is used + * recall that any value in a Montgomery system is + * actually multiplied by R mod n. So we have + * to reduce one more time to cancel out the factor + * of R. + */ + if ((err = redux(&res, P, mp)) != MP_OKAY) { + goto LBL_RES; + } + } + + /* swap res with Y */ + mp_exch (&res, Y); + err = MP_OKAY; +LBL_RES:mp_clear (&res); +LBL_M: + mp_clear(&M[1]); + for (x = 1<<(winsize-1); x < (1 << winsize); x++) { + mp_clear (&M[x]); + } + return err; +} +#endif + + +/* $Source: /cvs/libtom/libtommath/bn_mp_exptmod_fast.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_exteuclid.c b/lib/hcrypto/libtommath/bn_mp_exteuclid.c new file mode 100644 index 000000000000..daf0c95ea6ff --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_exteuclid.c @@ -0,0 +1,82 @@ +#include +#ifdef BN_MP_EXTEUCLID_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* Extended euclidean algorithm of (a, b) produces + a*u1 + b*u2 = u3 + */ +int mp_exteuclid(mp_int *a, mp_int *b, mp_int *U1, mp_int *U2, mp_int *U3) +{ + mp_int u1,u2,u3,v1,v2,v3,t1,t2,t3,q,tmp; + int err; + + if ((err = mp_init_multi(&u1, &u2, &u3, &v1, &v2, &v3, &t1, &t2, &t3, &q, &tmp, NULL)) != MP_OKAY) { + return err; + } + + /* initialize, (u1,u2,u3) = (1,0,a) */ + mp_set(&u1, 1); + if ((err = mp_copy(a, &u3)) != MP_OKAY) { goto _ERR; } + + /* initialize, (v1,v2,v3) = (0,1,b) */ + mp_set(&v2, 1); + if ((err = mp_copy(b, &v3)) != MP_OKAY) { goto _ERR; } + + /* loop while v3 != 0 */ + while (mp_iszero(&v3) == MP_NO) { + /* q = u3/v3 */ + if ((err = mp_div(&u3, &v3, &q, NULL)) != MP_OKAY) { goto _ERR; } + + /* (t1,t2,t3) = (u1,u2,u3) - (v1,v2,v3)q */ + if ((err = mp_mul(&v1, &q, &tmp)) != MP_OKAY) { goto _ERR; } + if ((err = mp_sub(&u1, &tmp, &t1)) != MP_OKAY) { goto _ERR; } + if ((err = mp_mul(&v2, &q, &tmp)) != MP_OKAY) { goto _ERR; } + if ((err = mp_sub(&u2, &tmp, &t2)) != MP_OKAY) { goto _ERR; } + if ((err = mp_mul(&v3, &q, &tmp)) != MP_OKAY) { goto _ERR; } + if ((err = mp_sub(&u3, &tmp, &t3)) != MP_OKAY) { goto _ERR; } + + /* (u1,u2,u3) = (v1,v2,v3) */ + if ((err = mp_copy(&v1, &u1)) != MP_OKAY) { goto _ERR; } + if ((err = mp_copy(&v2, &u2)) != MP_OKAY) { goto _ERR; } + if ((err = mp_copy(&v3, &u3)) != MP_OKAY) { goto _ERR; } + + /* (v1,v2,v3) = (t1,t2,t3) */ + if ((err = mp_copy(&t1, &v1)) != MP_OKAY) { goto _ERR; } + if ((err = mp_copy(&t2, &v2)) != MP_OKAY) { goto _ERR; } + if ((err = mp_copy(&t3, &v3)) != MP_OKAY) { goto _ERR; } + } + + /* make sure U3 >= 0 */ + if (u3.sign == MP_NEG) { + mp_neg(&u1, &u1); + mp_neg(&u2, &u2); + mp_neg(&u3, &u3); + } + + /* copy result out */ + if (U1 != NULL) { mp_exch(U1, &u1); } + if (U2 != NULL) { mp_exch(U2, &u2); } + if (U3 != NULL) { mp_exch(U3, &u3); } + + err = MP_OKAY; +_ERR: mp_clear_multi(&u1, &u2, &u3, &v1, &v2, &v3, &t1, &t2, &t3, &q, &tmp, NULL); + return err; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_exteuclid.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_find_prime.c b/lib/hcrypto/libtommath/bn_mp_find_prime.c new file mode 100644 index 000000000000..ef7b6532c5cd --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_find_prime.c @@ -0,0 +1,26 @@ +/* TomsFastMath, a fast ISO C bignum library. + * + * This project is public domain and free for all purposes. + * + * Love Hornquist Astrand + */ +#include + +int mp_find_prime(mp_int *a) +{ + int res; + + if (mp_iseven(a)) + mp_add_d(a, 1, a); + + do { + + if ((res = mp_isprime(a)) == MP_NO) { + mp_add_d(a, 2, a); + continue; + } + + } while (res != MP_YES); + + return res; +} diff --git a/lib/hcrypto/libtommath/bn_mp_fread.c b/lib/hcrypto/libtommath/bn_mp_fread.c new file mode 100644 index 000000000000..52f7f32f0d10 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_fread.c @@ -0,0 +1,67 @@ +#include +#ifdef BN_MP_FREAD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* read a bigint from a file stream in ASCII */ +int mp_fread(mp_int *a, int radix, FILE *stream) +{ + int err, ch, neg, y; + + /* clear a */ + mp_zero(a); + + /* if first digit is - then set negative */ + ch = fgetc(stream); + if (ch == '-') { + neg = MP_NEG; + ch = fgetc(stream); + } else { + neg = MP_ZPOS; + } + + for (;;) { + /* find y in the radix map */ + for (y = 0; y < radix; y++) { + if (mp_s_rmap[y] == ch) { + break; + } + } + if (y == radix) { + break; + } + + /* shift up and add */ + if ((err = mp_mul_d(a, radix, a)) != MP_OKAY) { + return err; + } + if ((err = mp_add_d(a, y, a)) != MP_OKAY) { + return err; + } + + ch = fgetc(stream); + } + if (mp_cmp_d(a, 0) != MP_EQ) { + a->sign = neg; + } + + return MP_OKAY; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_fread.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_fwrite.c b/lib/hcrypto/libtommath/bn_mp_fwrite.c new file mode 100644 index 000000000000..dc4529ba2291 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_fwrite.c @@ -0,0 +1,52 @@ +#include +#ifdef BN_MP_FWRITE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +int mp_fwrite(mp_int *a, int radix, FILE *stream) +{ + char *buf; + int err, len, x; + + if ((err = mp_radix_size(a, radix, &len)) != MP_OKAY) { + return err; + } + + buf = OPT_CAST(char) XMALLOC (len); + if (buf == NULL) { + return MP_MEM; + } + + if ((err = mp_toradix(a, buf, radix)) != MP_OKAY) { + XFREE (buf); + return err; + } + + for (x = 0; x < len; x++) { + if (fputc(buf[x], stream) == EOF) { + XFREE (buf); + return MP_VAL; + } + } + + XFREE (buf); + return MP_OKAY; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_fwrite.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_gcd.c b/lib/hcrypto/libtommath/bn_mp_gcd.c new file mode 100644 index 000000000000..89795d564ed9 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_gcd.c @@ -0,0 +1,105 @@ +#include +#ifdef BN_MP_GCD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* Greatest Common Divisor using the binary method */ +int mp_gcd (mp_int * a, mp_int * b, mp_int * c) +{ + mp_int u, v; + int k, u_lsb, v_lsb, res; + + /* either zero than gcd is the largest */ + if (mp_iszero (a) == MP_YES) { + return mp_abs (b, c); + } + if (mp_iszero (b) == MP_YES) { + return mp_abs (a, c); + } + + /* get copies of a and b we can modify */ + if ((res = mp_init_copy (&u, a)) != MP_OKAY) { + return res; + } + + if ((res = mp_init_copy (&v, b)) != MP_OKAY) { + goto LBL_U; + } + + /* must be positive for the remainder of the algorithm */ + u.sign = v.sign = MP_ZPOS; + + /* B1. Find the common power of two for u and v */ + u_lsb = mp_cnt_lsb(&u); + v_lsb = mp_cnt_lsb(&v); + k = MIN(u_lsb, v_lsb); + + if (k > 0) { + /* divide the power of two out */ + if ((res = mp_div_2d(&u, k, &u, NULL)) != MP_OKAY) { + goto LBL_V; + } + + if ((res = mp_div_2d(&v, k, &v, NULL)) != MP_OKAY) { + goto LBL_V; + } + } + + /* divide any remaining factors of two out */ + if (u_lsb != k) { + if ((res = mp_div_2d(&u, u_lsb - k, &u, NULL)) != MP_OKAY) { + goto LBL_V; + } + } + + if (v_lsb != k) { + if ((res = mp_div_2d(&v, v_lsb - k, &v, NULL)) != MP_OKAY) { + goto LBL_V; + } + } + + while (mp_iszero(&v) == 0) { + /* make sure v is the largest */ + if (mp_cmp_mag(&u, &v) == MP_GT) { + /* swap u and v to make sure v is >= u */ + mp_exch(&u, &v); + } + + /* subtract smallest from largest */ + if ((res = s_mp_sub(&v, &u, &v)) != MP_OKAY) { + goto LBL_V; + } + + /* Divide out all factors of two */ + if ((res = mp_div_2d(&v, mp_cnt_lsb(&v), &v, NULL)) != MP_OKAY) { + goto LBL_V; + } + } + + /* multiply by 2**k which we divided out at the beginning */ + if ((res = mp_mul_2d (&u, k, c)) != MP_OKAY) { + goto LBL_V; + } + c->sign = MP_ZPOS; + res = MP_OKAY; +LBL_V:mp_clear (&u); +LBL_U:mp_clear (&v); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_gcd.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_get_int.c b/lib/hcrypto/libtommath/bn_mp_get_int.c new file mode 100644 index 000000000000..e8e9b1d44073 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_get_int.c @@ -0,0 +1,45 @@ +#include +#ifdef BN_MP_GET_INT_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* get the lower 32-bits of an mp_int */ +unsigned long mp_get_int(mp_int * a) +{ + int i; + unsigned long res; + + if (a->used == 0) { + return 0; + } + + /* get number of digits of the lsb we have to read */ + i = MIN(a->used,(int)((sizeof(unsigned long)*CHAR_BIT+DIGIT_BIT-1)/DIGIT_BIT))-1; + + /* get most significant digit of result */ + res = DIGIT(a,i); + + while (--i >= 0) { + res = (res << DIGIT_BIT) | DIGIT(a,i); + } + + /* force result to 32-bits always so it is consistent on non 32-bit platforms */ + return res & 0xFFFFFFFFUL; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_get_int.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_grow.c b/lib/hcrypto/libtommath/bn_mp_grow.c new file mode 100644 index 000000000000..cf2b949b2483 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_grow.c @@ -0,0 +1,57 @@ +#include +#ifdef BN_MP_GROW_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* grow as required */ +int mp_grow (mp_int * a, int size) +{ + int i; + mp_digit *tmp; + + /* if the alloc size is smaller alloc more ram */ + if (a->alloc < size) { + /* ensure there are always at least MP_PREC digits extra on top */ + size += (MP_PREC * 2) - (size % MP_PREC); + + /* reallocate the array a->dp + * + * We store the return in a temporary variable + * in case the operation failed we don't want + * to overwrite the dp member of a. + */ + tmp = OPT_CAST(mp_digit) XREALLOC (a->dp, sizeof (mp_digit) * size); + if (tmp == NULL) { + /* reallocation failed but "a" is still valid [can be freed] */ + return MP_MEM; + } + + /* reallocation succeeded so set a->dp */ + a->dp = tmp; + + /* zero excess digits */ + i = a->alloc; + a->alloc = size; + for (; i < a->alloc; i++) { + a->dp[i] = 0; + } + } + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_grow.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_init.c b/lib/hcrypto/libtommath/bn_mp_init.c new file mode 100644 index 000000000000..8be27f5696a7 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_init.c @@ -0,0 +1,46 @@ +#include +#ifdef BN_MP_INIT_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* init a new mp_int */ +int mp_init (mp_int * a) +{ + int i; + + /* allocate memory required and clear it */ + a->dp = OPT_CAST(mp_digit) XMALLOC (sizeof (mp_digit) * MP_PREC); + if (a->dp == NULL) { + return MP_MEM; + } + + /* set the digits to zero */ + for (i = 0; i < MP_PREC; i++) { + a->dp[i] = 0; + } + + /* set the used to zero, allocated digits to the default precision + * and sign to positive */ + a->used = 0; + a->alloc = MP_PREC; + a->sign = MP_ZPOS; + + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_init.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_init_copy.c b/lib/hcrypto/libtommath/bn_mp_init_copy.c new file mode 100644 index 000000000000..0160811affb2 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_init_copy.c @@ -0,0 +1,32 @@ +#include +#ifdef BN_MP_INIT_COPY_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* creates "a" then copies b into it */ +int mp_init_copy (mp_int * a, mp_int * b) +{ + int res; + + if ((res = mp_init (a)) != MP_OKAY) { + return res; + } + return mp_copy (b, a); +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_init_copy.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_init_multi.c b/lib/hcrypto/libtommath/bn_mp_init_multi.c new file mode 100644 index 000000000000..56e860276752 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_init_multi.c @@ -0,0 +1,59 @@ +#include +#ifdef BN_MP_INIT_MULTI_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ +#include + +int mp_init_multi(mp_int *mp, ...) +{ + mp_err res = MP_OKAY; /* Assume ok until proven otherwise */ + int n = 0; /* Number of ok inits */ + mp_int* cur_arg = mp; + va_list args; + + va_start(args, mp); /* init args to next argument from caller */ + while (cur_arg != NULL) { + if (mp_init(cur_arg) != MP_OKAY) { + /* Oops - error! Back-track and mp_clear what we already + succeeded in init-ing, then return error. + */ + va_list clean_args; + + /* end the current list */ + va_end(args); + + /* now start cleaning up */ + cur_arg = mp; + va_start(clean_args, mp); + while (n--) { + mp_clear(cur_arg); + cur_arg = va_arg(clean_args, mp_int*); + } + va_end(clean_args); + res = MP_MEM; + break; + } + n++; + cur_arg = va_arg(args, mp_int*); + } + va_end(args); + return res; /* Assumed ok, if error flagged above. */ +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_init_multi.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_init_set.c b/lib/hcrypto/libtommath/bn_mp_init_set.c new file mode 100644 index 000000000000..34edad92ff06 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_init_set.c @@ -0,0 +1,32 @@ +#include +#ifdef BN_MP_INIT_SET_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* initialize and set a digit */ +int mp_init_set (mp_int * a, mp_digit b) +{ + int err; + if ((err = mp_init(a)) != MP_OKAY) { + return err; + } + mp_set(a, b); + return err; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_init_set.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_init_set_int.c b/lib/hcrypto/libtommath/bn_mp_init_set_int.c new file mode 100644 index 000000000000..5c559931520d --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_init_set_int.c @@ -0,0 +1,31 @@ +#include +#ifdef BN_MP_INIT_SET_INT_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* initialize and set a digit */ +int mp_init_set_int (mp_int * a, unsigned long b) +{ + int err; + if ((err = mp_init(a)) != MP_OKAY) { + return err; + } + return mp_set_int(a, b); +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_init_set_int.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_init_size.c b/lib/hcrypto/libtommath/bn_mp_init_size.c new file mode 100644 index 000000000000..9578ac754c6c --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_init_size.c @@ -0,0 +1,48 @@ +#include +#ifdef BN_MP_INIT_SIZE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* init an mp_init for a given size */ +int mp_init_size (mp_int * a, int size) +{ + int x; + + /* pad size so there are always extra digits */ + size += (MP_PREC * 2) - (size % MP_PREC); + + /* alloc mem */ + a->dp = OPT_CAST(mp_digit) XMALLOC (sizeof (mp_digit) * size); + if (a->dp == NULL) { + return MP_MEM; + } + + /* set the members */ + a->used = 0; + a->alloc = size; + a->sign = MP_ZPOS; + + /* zero the digits */ + for (x = 0; x < size; x++) { + a->dp[x] = 0; + } + + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_init_size.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_invmod.c b/lib/hcrypto/libtommath/bn_mp_invmod.c new file mode 100644 index 000000000000..ac1a9523191c --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_invmod.c @@ -0,0 +1,43 @@ +#include +#ifdef BN_MP_INVMOD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* hac 14.61, pp608 */ +int mp_invmod (mp_int * a, mp_int * b, mp_int * c) +{ + /* b cannot be negative */ + if (b->sign == MP_NEG || mp_iszero(b) == 1) { + return MP_VAL; + } + +#ifdef BN_FAST_MP_INVMOD_C + /* if the modulus is odd we can use a faster routine instead */ + if (mp_isodd (b) == 1) { + return fast_mp_invmod (a, b, c); + } +#endif + +#ifdef BN_MP_INVMOD_SLOW_C + return mp_invmod_slow(a, b, c); +#else + return MP_VAL; +#endif +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_invmod.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_invmod_slow.c b/lib/hcrypto/libtommath/bn_mp_invmod_slow.c new file mode 100644 index 000000000000..4ec487efae2e --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_invmod_slow.c @@ -0,0 +1,175 @@ +#include +#ifdef BN_MP_INVMOD_SLOW_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* hac 14.61, pp608 */ +int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c) +{ + mp_int x, y, u, v, A, B, C, D; + int res; + + /* b cannot be negative */ + if (b->sign == MP_NEG || mp_iszero(b) == 1) { + return MP_VAL; + } + + /* init temps */ + if ((res = mp_init_multi(&x, &y, &u, &v, + &A, &B, &C, &D, NULL)) != MP_OKAY) { + return res; + } + + /* x = a, y = b */ + if ((res = mp_mod(a, b, &x)) != MP_OKAY) { + goto LBL_ERR; + } + if ((res = mp_copy (b, &y)) != MP_OKAY) { + goto LBL_ERR; + } + + /* 2. [modified] if x,y are both even then return an error! */ + if (mp_iseven (&x) == 1 && mp_iseven (&y) == 1) { + res = MP_VAL; + goto LBL_ERR; + } + + /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */ + if ((res = mp_copy (&x, &u)) != MP_OKAY) { + goto LBL_ERR; + } + if ((res = mp_copy (&y, &v)) != MP_OKAY) { + goto LBL_ERR; + } + mp_set (&A, 1); + mp_set (&D, 1); + +top: + /* 4. while u is even do */ + while (mp_iseven (&u) == 1) { + /* 4.1 u = u/2 */ + if ((res = mp_div_2 (&u, &u)) != MP_OKAY) { + goto LBL_ERR; + } + /* 4.2 if A or B is odd then */ + if (mp_isodd (&A) == 1 || mp_isodd (&B) == 1) { + /* A = (A+y)/2, B = (B-x)/2 */ + if ((res = mp_add (&A, &y, &A)) != MP_OKAY) { + goto LBL_ERR; + } + if ((res = mp_sub (&B, &x, &B)) != MP_OKAY) { + goto LBL_ERR; + } + } + /* A = A/2, B = B/2 */ + if ((res = mp_div_2 (&A, &A)) != MP_OKAY) { + goto LBL_ERR; + } + if ((res = mp_div_2 (&B, &B)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* 5. while v is even do */ + while (mp_iseven (&v) == 1) { + /* 5.1 v = v/2 */ + if ((res = mp_div_2 (&v, &v)) != MP_OKAY) { + goto LBL_ERR; + } + /* 5.2 if C or D is odd then */ + if (mp_isodd (&C) == 1 || mp_isodd (&D) == 1) { + /* C = (C+y)/2, D = (D-x)/2 */ + if ((res = mp_add (&C, &y, &C)) != MP_OKAY) { + goto LBL_ERR; + } + if ((res = mp_sub (&D, &x, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + /* C = C/2, D = D/2 */ + if ((res = mp_div_2 (&C, &C)) != MP_OKAY) { + goto LBL_ERR; + } + if ((res = mp_div_2 (&D, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* 6. if u >= v then */ + if (mp_cmp (&u, &v) != MP_LT) { + /* u = u - v, A = A - C, B = B - D */ + if ((res = mp_sub (&u, &v, &u)) != MP_OKAY) { + goto LBL_ERR; + } + + if ((res = mp_sub (&A, &C, &A)) != MP_OKAY) { + goto LBL_ERR; + } + + if ((res = mp_sub (&B, &D, &B)) != MP_OKAY) { + goto LBL_ERR; + } + } else { + /* v - v - u, C = C - A, D = D - B */ + if ((res = mp_sub (&v, &u, &v)) != MP_OKAY) { + goto LBL_ERR; + } + + if ((res = mp_sub (&C, &A, &C)) != MP_OKAY) { + goto LBL_ERR; + } + + if ((res = mp_sub (&D, &B, &D)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* if not zero goto step 4 */ + if (mp_iszero (&u) == 0) + goto top; + + /* now a = C, b = D, gcd == g*v */ + + /* if v != 1 then there is no inverse */ + if (mp_cmp_d (&v, 1) != MP_EQ) { + res = MP_VAL; + goto LBL_ERR; + } + + /* if its too low */ + while (mp_cmp_d(&C, 0) == MP_LT) { + if ((res = mp_add(&C, b, &C)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* too big */ + while (mp_cmp_mag(&C, b) != MP_LT) { + if ((res = mp_sub(&C, b, &C)) != MP_OKAY) { + goto LBL_ERR; + } + } + + /* C is now the inverse */ + mp_exch (&C, c); + res = MP_OKAY; +LBL_ERR:mp_clear_multi (&x, &y, &u, &v, &A, &B, &C, &D, NULL); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_invmod_slow.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_is_square.c b/lib/hcrypto/libtommath/bn_mp_is_square.c new file mode 100644 index 000000000000..027fcd2f5add --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_is_square.c @@ -0,0 +1,109 @@ +#include +#ifdef BN_MP_IS_SQUARE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* Check if remainders are possible squares - fast exclude non-squares */ +static const char rem_128[128] = { + 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 0, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, + 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1 +}; + +static const char rem_105[105] = { + 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, + 0, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, + 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, + 1, 0, 1, 1, 0, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, + 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, + 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, + 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1 +}; + +/* Store non-zero to ret if arg is square, and zero if not */ +int mp_is_square(mp_int *arg,int *ret) +{ + int res; + mp_digit c; + mp_int t; + unsigned long r; + + /* Default to Non-square :) */ + *ret = MP_NO; + + if (arg->sign == MP_NEG) { + return MP_VAL; + } + + /* digits used? (TSD) */ + if (arg->used == 0) { + return MP_OKAY; + } + + /* First check mod 128 (suppose that DIGIT_BIT is at least 7) */ + if (rem_128[127 & DIGIT(arg,0)] == 1) { + return MP_OKAY; + } + + /* Next check mod 105 (3*5*7) */ + if ((res = mp_mod_d(arg,105,&c)) != MP_OKAY) { + return res; + } + if (rem_105[c] == 1) { + return MP_OKAY; + } + + + if ((res = mp_init_set_int(&t,11L*13L*17L*19L*23L*29L*31L)) != MP_OKAY) { + return res; + } + if ((res = mp_mod(arg,&t,&t)) != MP_OKAY) { + goto ERR; + } + r = mp_get_int(&t); + /* Check for other prime modules, note it's not an ERROR but we must + * free "t" so the easiest way is to goto ERR. We know that res + * is already equal to MP_OKAY from the mp_mod call + */ + if ( (1L<<(r%11)) & 0x5C4L ) goto ERR; + if ( (1L<<(r%13)) & 0x9E4L ) goto ERR; + if ( (1L<<(r%17)) & 0x5CE8L ) goto ERR; + if ( (1L<<(r%19)) & 0x4F50CL ) goto ERR; + if ( (1L<<(r%23)) & 0x7ACCA0L ) goto ERR; + if ( (1L<<(r%29)) & 0xC2EDD0CL ) goto ERR; + if ( (1L<<(r%31)) & 0x6DE2B848L ) goto ERR; + + /* Final check - is sqr(sqrt(arg)) == arg ? */ + if ((res = mp_sqrt(arg,&t)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sqr(&t,&t)) != MP_OKAY) { + goto ERR; + } + + *ret = (mp_cmp_mag(&t,arg) == MP_EQ) ? MP_YES : MP_NO; +ERR:mp_clear(&t); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_is_square.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_isprime.c b/lib/hcrypto/libtommath/bn_mp_isprime.c new file mode 100644 index 000000000000..d3678d5dc11a --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_isprime.c @@ -0,0 +1,75 @@ +/* TomsFastMath, a fast ISO C bignum library. + * + * This project is meant to fill in where LibTomMath + * falls short. That is speed ;-) + * + * This project is public domain and free for all purposes. + * + * Tom St Denis, tomstdenis@gmail.com + */ +#include + +/* a few primes */ +static const mp_digit primes[256] = { + 0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013, + 0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035, + 0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059, + 0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F, 0x0083, + 0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD, + 0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF, + 0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107, + 0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137, + + 0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167, + 0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199, + 0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9, + 0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7, + 0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239, + 0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265, + 0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293, + 0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF, + + 0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301, + 0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B, + 0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371, + 0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD, + 0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5, + 0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419, + 0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449, + 0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B, + + 0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7, + 0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503, + 0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529, + 0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F, + 0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3, + 0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7, + 0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623, + 0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653 +}; + +int mp_isprime(mp_int *a) +{ + mp_int b; + mp_digit d; + int r, res; + + /* do trial division */ + for (r = 0; r < 256; r++) { + mp_mod_d(a, primes[r], &d); + if (d == 0) { + return MP_NO; + } + } + + /* now do 8 miller rabins */ + mp_init(&b); + for (r = 0; r < 128; r++) { + mp_set(&b, primes[r]); + mp_prime_miller_rabin(a, &b, &res); + if (res == MP_NO) { + return MP_NO; + } + } + return MP_YES; +} diff --git a/lib/hcrypto/libtommath/bn_mp_jacobi.c b/lib/hcrypto/libtommath/bn_mp_jacobi.c new file mode 100644 index 000000000000..91cfeeade4c3 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_jacobi.c @@ -0,0 +1,105 @@ +#include +#ifdef BN_MP_JACOBI_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* computes the jacobi c = (a | n) (or Legendre if n is prime) + * HAC pp. 73 Algorithm 2.149 + */ +int mp_jacobi (mp_int * a, mp_int * p, int *c) +{ + mp_int a1, p1; + int k, s, r, res; + mp_digit residue; + + /* if p <= 0 return MP_VAL */ + if (mp_cmp_d(p, 0) != MP_GT) { + return MP_VAL; + } + + /* step 1. if a == 0, return 0 */ + if (mp_iszero (a) == 1) { + *c = 0; + return MP_OKAY; + } + + /* step 2. if a == 1, return 1 */ + if (mp_cmp_d (a, 1) == MP_EQ) { + *c = 1; + return MP_OKAY; + } + + /* default */ + s = 0; + + /* step 3. write a = a1 * 2**k */ + if ((res = mp_init_copy (&a1, a)) != MP_OKAY) { + return res; + } + + if ((res = mp_init (&p1)) != MP_OKAY) { + goto LBL_A1; + } + + /* divide out larger power of two */ + k = mp_cnt_lsb(&a1); + if ((res = mp_div_2d(&a1, k, &a1, NULL)) != MP_OKAY) { + goto LBL_P1; + } + + /* step 4. if e is even set s=1 */ + if ((k & 1) == 0) { + s = 1; + } else { + /* else set s=1 if p = 1/7 (mod 8) or s=-1 if p = 3/5 (mod 8) */ + residue = p->dp[0] & 7; + + if (residue == 1 || residue == 7) { + s = 1; + } else if (residue == 3 || residue == 5) { + s = -1; + } + } + + /* step 5. if p == 3 (mod 4) *and* a1 == 3 (mod 4) then s = -s */ + if ( ((p->dp[0] & 3) == 3) && ((a1.dp[0] & 3) == 3)) { + s = -s; + } + + /* if a1 == 1 we're done */ + if (mp_cmp_d (&a1, 1) == MP_EQ) { + *c = s; + } else { + /* n1 = n mod a1 */ + if ((res = mp_mod (p, &a1, &p1)) != MP_OKAY) { + goto LBL_P1; + } + if ((res = mp_jacobi (&p1, &a1, &r)) != MP_OKAY) { + goto LBL_P1; + } + *c = s * r; + } + + /* done */ + res = MP_OKAY; +LBL_P1:mp_clear (&p1); +LBL_A1:mp_clear (&a1); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_jacobi.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_karatsuba_mul.c b/lib/hcrypto/libtommath/bn_mp_karatsuba_mul.c new file mode 100644 index 000000000000..72a2319c0672 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_karatsuba_mul.c @@ -0,0 +1,167 @@ +#include +#ifdef BN_MP_KARATSUBA_MUL_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* c = |a| * |b| using Karatsuba Multiplication using + * three half size multiplications + * + * Let B represent the radix [e.g. 2**DIGIT_BIT] and + * let n represent half of the number of digits in + * the min(a,b) + * + * a = a1 * B**n + a0 + * b = b1 * B**n + b0 + * + * Then, a * b => + a1b1 * B**2n + ((a1 + a0)(b1 + b0) - (a0b0 + a1b1)) * B + a0b0 + * + * Note that a1b1 and a0b0 are used twice and only need to be + * computed once. So in total three half size (half # of + * digit) multiplications are performed, a0b0, a1b1 and + * (a1+b1)(a0+b0) + * + * Note that a multiplication of half the digits requires + * 1/4th the number of single precision multiplications so in + * total after one call 25% of the single precision multiplications + * are saved. Note also that the call to mp_mul can end up back + * in this function if the a0, a1, b0, or b1 are above the threshold. + * This is known as divide-and-conquer and leads to the famous + * O(N**lg(3)) or O(N**1.584) work which is asymptopically lower than + * the standard O(N**2) that the baseline/comba methods use. + * Generally though the overhead of this method doesn't pay off + * until a certain size (N ~ 80) is reached. + */ +int mp_karatsuba_mul (mp_int * a, mp_int * b, mp_int * c) +{ + mp_int x0, x1, y0, y1, t1, x0y0, x1y1; + int B, err; + + /* default the return code to an error */ + err = MP_MEM; + + /* min # of digits */ + B = MIN (a->used, b->used); + + /* now divide in two */ + B = B >> 1; + + /* init copy all the temps */ + if (mp_init_size (&x0, B) != MP_OKAY) + goto ERR; + if (mp_init_size (&x1, a->used - B) != MP_OKAY) + goto X0; + if (mp_init_size (&y0, B) != MP_OKAY) + goto X1; + if (mp_init_size (&y1, b->used - B) != MP_OKAY) + goto Y0; + + /* init temps */ + if (mp_init_size (&t1, B * 2) != MP_OKAY) + goto Y1; + if (mp_init_size (&x0y0, B * 2) != MP_OKAY) + goto T1; + if (mp_init_size (&x1y1, B * 2) != MP_OKAY) + goto X0Y0; + + /* now shift the digits */ + x0.used = y0.used = B; + x1.used = a->used - B; + y1.used = b->used - B; + + { + register int x; + register mp_digit *tmpa, *tmpb, *tmpx, *tmpy; + + /* we copy the digits directly instead of using higher level functions + * since we also need to shift the digits + */ + tmpa = a->dp; + tmpb = b->dp; + + tmpx = x0.dp; + tmpy = y0.dp; + for (x = 0; x < B; x++) { + *tmpx++ = *tmpa++; + *tmpy++ = *tmpb++; + } + + tmpx = x1.dp; + for (x = B; x < a->used; x++) { + *tmpx++ = *tmpa++; + } + + tmpy = y1.dp; + for (x = B; x < b->used; x++) { + *tmpy++ = *tmpb++; + } + } + + /* only need to clamp the lower words since by definition the + * upper words x1/y1 must have a known number of digits + */ + mp_clamp (&x0); + mp_clamp (&y0); + + /* now calc the products x0y0 and x1y1 */ + /* after this x0 is no longer required, free temp [x0==t2]! */ + if (mp_mul (&x0, &y0, &x0y0) != MP_OKAY) + goto X1Y1; /* x0y0 = x0*y0 */ + if (mp_mul (&x1, &y1, &x1y1) != MP_OKAY) + goto X1Y1; /* x1y1 = x1*y1 */ + + /* now calc x1+x0 and y1+y0 */ + if (s_mp_add (&x1, &x0, &t1) != MP_OKAY) + goto X1Y1; /* t1 = x1 - x0 */ + if (s_mp_add (&y1, &y0, &x0) != MP_OKAY) + goto X1Y1; /* t2 = y1 - y0 */ + if (mp_mul (&t1, &x0, &t1) != MP_OKAY) + goto X1Y1; /* t1 = (x1 + x0) * (y1 + y0) */ + + /* add x0y0 */ + if (mp_add (&x0y0, &x1y1, &x0) != MP_OKAY) + goto X1Y1; /* t2 = x0y0 + x1y1 */ + if (s_mp_sub (&t1, &x0, &t1) != MP_OKAY) + goto X1Y1; /* t1 = (x1+x0)*(y1+y0) - (x1y1 + x0y0) */ + + /* shift by B */ + if (mp_lshd (&t1, B) != MP_OKAY) + goto X1Y1; /* t1 = (x0y0 + x1y1 - (x1-x0)*(y1-y0))< +#ifdef BN_MP_KARATSUBA_SQR_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* Karatsuba squaring, computes b = a*a using three + * half size squarings + * + * See comments of karatsuba_mul for details. It + * is essentially the same algorithm but merely + * tuned to perform recursive squarings. + */ +int mp_karatsuba_sqr (mp_int * a, mp_int * b) +{ + mp_int x0, x1, t1, t2, x0x0, x1x1; + int B, err; + + err = MP_MEM; + + /* min # of digits */ + B = a->used; + + /* now divide in two */ + B = B >> 1; + + /* init copy all the temps */ + if (mp_init_size (&x0, B) != MP_OKAY) + goto ERR; + if (mp_init_size (&x1, a->used - B) != MP_OKAY) + goto X0; + + /* init temps */ + if (mp_init_size (&t1, a->used * 2) != MP_OKAY) + goto X1; + if (mp_init_size (&t2, a->used * 2) != MP_OKAY) + goto T1; + if (mp_init_size (&x0x0, B * 2) != MP_OKAY) + goto T2; + if (mp_init_size (&x1x1, (a->used - B) * 2) != MP_OKAY) + goto X0X0; + + { + register int x; + register mp_digit *dst, *src; + + src = a->dp; + + /* now shift the digits */ + dst = x0.dp; + for (x = 0; x < B; x++) { + *dst++ = *src++; + } + + dst = x1.dp; + for (x = B; x < a->used; x++) { + *dst++ = *src++; + } + } + + x0.used = B; + x1.used = a->used - B; + + mp_clamp (&x0); + + /* now calc the products x0*x0 and x1*x1 */ + if (mp_sqr (&x0, &x0x0) != MP_OKAY) + goto X1X1; /* x0x0 = x0*x0 */ + if (mp_sqr (&x1, &x1x1) != MP_OKAY) + goto X1X1; /* x1x1 = x1*x1 */ + + /* now calc (x1+x0)**2 */ + if (s_mp_add (&x1, &x0, &t1) != MP_OKAY) + goto X1X1; /* t1 = x1 - x0 */ + if (mp_sqr (&t1, &t1) != MP_OKAY) + goto X1X1; /* t1 = (x1 - x0) * (x1 - x0) */ + + /* add x0y0 */ + if (s_mp_add (&x0x0, &x1x1, &t2) != MP_OKAY) + goto X1X1; /* t2 = x0x0 + x1x1 */ + if (s_mp_sub (&t1, &t2, &t1) != MP_OKAY) + goto X1X1; /* t1 = (x1+x0)**2 - (x0x0 + x1x1) */ + + /* shift by B */ + if (mp_lshd (&t1, B) != MP_OKAY) + goto X1X1; /* t1 = (x0x0 + x1x1 - (x1-x0)*(x1-x0))< +#ifdef BN_MP_LCM_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* computes least common multiple as |a*b|/(a, b) */ +int mp_lcm (mp_int * a, mp_int * b, mp_int * c) +{ + int res; + mp_int t1, t2; + + + if ((res = mp_init_multi (&t1, &t2, NULL)) != MP_OKAY) { + return res; + } + + /* t1 = get the GCD of the two inputs */ + if ((res = mp_gcd (a, b, &t1)) != MP_OKAY) { + goto LBL_T; + } + + /* divide the smallest by the GCD */ + if (mp_cmp_mag(a, b) == MP_LT) { + /* store quotient in t2 such that t2 * b is the LCM */ + if ((res = mp_div(a, &t1, &t2, NULL)) != MP_OKAY) { + goto LBL_T; + } + res = mp_mul(b, &t2, c); + } else { + /* store quotient in t2 such that t2 * a is the LCM */ + if ((res = mp_div(b, &t1, &t2, NULL)) != MP_OKAY) { + goto LBL_T; + } + res = mp_mul(a, &t2, c); + } + + /* fix the sign to positive */ + c->sign = MP_ZPOS; + +LBL_T: + mp_clear_multi (&t1, &t2, NULL); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_lcm.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_lshd.c b/lib/hcrypto/libtommath/bn_mp_lshd.c new file mode 100644 index 000000000000..f118cf1ae566 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_lshd.c @@ -0,0 +1,67 @@ +#include +#ifdef BN_MP_LSHD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* shift left a certain amount of digits */ +int mp_lshd (mp_int * a, int b) +{ + int x, res; + + /* if its less than zero return */ + if (b <= 0) { + return MP_OKAY; + } + + /* grow to fit the new digits */ + if (a->alloc < a->used + b) { + if ((res = mp_grow (a, a->used + b)) != MP_OKAY) { + return res; + } + } + + { + register mp_digit *top, *bottom; + + /* increment the used by the shift amount then copy upwards */ + a->used += b; + + /* top */ + top = a->dp + a->used - 1; + + /* base */ + bottom = a->dp + a->used - 1 - b; + + /* much like mp_rshd this is implemented using a sliding window + * except the window goes the otherway around. Copying from + * the bottom to the top. see bn_mp_rshd.c for more info. + */ + for (x = a->used - 1; x >= b; x--) { + *top-- = *bottom--; + } + + /* zero the lower digits */ + top = a->dp; + for (x = 0; x < b; x++) { + *top++ = 0; + } + } + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_lshd.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_mod.c b/lib/hcrypto/libtommath/bn_mp_mod.c new file mode 100644 index 000000000000..f5cf8d09f2dc --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_mod.c @@ -0,0 +1,48 @@ +#include +#ifdef BN_MP_MOD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* c = a mod b, 0 <= c < b */ +int +mp_mod (mp_int * a, mp_int * b, mp_int * c) +{ + mp_int t; + int res; + + if ((res = mp_init (&t)) != MP_OKAY) { + return res; + } + + if ((res = mp_div (a, b, NULL, &t)) != MP_OKAY) { + mp_clear (&t); + return res; + } + + if (t.sign != b->sign) { + res = mp_add (b, &t, c); + } else { + res = MP_OKAY; + mp_exch (&t, c); + } + + mp_clear (&t); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_mod.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_mod_2d.c b/lib/hcrypto/libtommath/bn_mp_mod_2d.c new file mode 100644 index 000000000000..e194a068702d --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_mod_2d.c @@ -0,0 +1,55 @@ +#include +#ifdef BN_MP_MOD_2D_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* calc a value mod 2**b */ +int +mp_mod_2d (mp_int * a, int b, mp_int * c) +{ + int x, res; + + /* if b is <= 0 then zero the int */ + if (b <= 0) { + mp_zero (c); + return MP_OKAY; + } + + /* if the modulus is larger than the value than return */ + if (b >= (int) (a->used * DIGIT_BIT)) { + res = mp_copy (a, c); + return res; + } + + /* copy */ + if ((res = mp_copy (a, c)) != MP_OKAY) { + return res; + } + + /* zero digits above the last digit of the modulus */ + for (x = (b / DIGIT_BIT) + ((b % DIGIT_BIT) == 0 ? 0 : 1); x < c->used; x++) { + c->dp[x] = 0; + } + /* clear the digit that is not completely outside/inside the modulus */ + c->dp[b / DIGIT_BIT] &= + (mp_digit) ((((mp_digit) 1) << (((mp_digit) b) % DIGIT_BIT)) - ((mp_digit) 1)); + mp_clamp (c); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_mod_2d.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_mod_d.c b/lib/hcrypto/libtommath/bn_mp_mod_d.c new file mode 100644 index 000000000000..9ca37e673278 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_mod_d.c @@ -0,0 +1,27 @@ +#include +#ifdef BN_MP_MOD_D_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +int +mp_mod_d (mp_int * a, mp_digit b, mp_digit * c) +{ + return mp_div_d(a, b, NULL, c); +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_mod_d.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_montgomery_calc_normalization.c b/lib/hcrypto/libtommath/bn_mp_montgomery_calc_normalization.c new file mode 100644 index 000000000000..c669fe0ec3a0 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_montgomery_calc_normalization.c @@ -0,0 +1,59 @@ +#include +#ifdef BN_MP_MONTGOMERY_CALC_NORMALIZATION_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* + * shifts with subtractions when the result is greater than b. + * + * The method is slightly modified to shift B unconditionally upto just under + * the leading bit of b. This saves alot of multiple precision shifting. + */ +int mp_montgomery_calc_normalization (mp_int * a, mp_int * b) +{ + int x, bits, res; + + /* how many bits of last digit does b use */ + bits = mp_count_bits (b) % DIGIT_BIT; + + if (b->used > 1) { + if ((res = mp_2expt (a, (b->used - 1) * DIGIT_BIT + bits - 1)) != MP_OKAY) { + return res; + } + } else { + mp_set(a, 1); + bits = 1; + } + + + /* now compute C = A * B mod b */ + for (x = bits - 1; x < (int)DIGIT_BIT; x++) { + if ((res = mp_mul_2 (a, a)) != MP_OKAY) { + return res; + } + if (mp_cmp_mag (a, b) != MP_LT) { + if ((res = s_mp_sub (a, b, a)) != MP_OKAY) { + return res; + } + } + } + + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_montgomery_calc_normalization.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_montgomery_reduce.c b/lib/hcrypto/libtommath/bn_mp_montgomery_reduce.c new file mode 100644 index 000000000000..b76509051be7 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_montgomery_reduce.c @@ -0,0 +1,118 @@ +#include +#ifdef BN_MP_MONTGOMERY_REDUCE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* computes xR**-1 == x (mod N) via Montgomery Reduction */ +int +mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho) +{ + int ix, res, digs; + mp_digit mu; + + /* can the fast reduction [comba] method be used? + * + * Note that unlike in mul you're safely allowed *less* + * than the available columns [255 per default] since carries + * are fixed up in the inner loop. + */ + digs = n->used * 2 + 1; + if ((digs < MP_WARRAY) && + n->used < + (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + return fast_mp_montgomery_reduce (x, n, rho); + } + + /* grow the input as required */ + if (x->alloc < digs) { + if ((res = mp_grow (x, digs)) != MP_OKAY) { + return res; + } + } + x->used = digs; + + for (ix = 0; ix < n->used; ix++) { + /* mu = ai * rho mod b + * + * The value of rho must be precalculated via + * montgomery_setup() such that + * it equals -1/n0 mod b this allows the + * following inner loop to reduce the + * input one digit at a time + */ + mu = (mp_digit) (((mp_word)x->dp[ix]) * ((mp_word)rho) & MP_MASK); + + /* a = a + mu * m * b**i */ + { + register int iy; + register mp_digit *tmpn, *tmpx, u; + register mp_word r; + + /* alias for digits of the modulus */ + tmpn = n->dp; + + /* alias for the digits of x [the input] */ + tmpx = x->dp + ix; + + /* set the carry to zero */ + u = 0; + + /* Multiply and add in place */ + for (iy = 0; iy < n->used; iy++) { + /* compute product and sum */ + r = ((mp_word)mu) * ((mp_word)*tmpn++) + + ((mp_word) u) + ((mp_word) * tmpx); + + /* get carry */ + u = (mp_digit)(r >> ((mp_word) DIGIT_BIT)); + + /* fix digit */ + *tmpx++ = (mp_digit)(r & ((mp_word) MP_MASK)); + } + /* At this point the ix'th digit of x should be zero */ + + + /* propagate carries upwards as required*/ + while (u) { + *tmpx += u; + u = *tmpx >> DIGIT_BIT; + *tmpx++ &= MP_MASK; + } + } + } + + /* at this point the n.used'th least + * significant digits of x are all zero + * which means we can shift x to the + * right by n.used digits and the + * residue is unchanged. + */ + + /* x = x/b**n.used */ + mp_clamp(x); + mp_rshd (x, n->used); + + /* if x >= n then x = x - n */ + if (mp_cmp_mag (x, n) != MP_LT) { + return s_mp_sub (x, n, x); + } + + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_montgomery_reduce.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_montgomery_setup.c b/lib/hcrypto/libtommath/bn_mp_montgomery_setup.c new file mode 100644 index 000000000000..f08274936ed7 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_montgomery_setup.c @@ -0,0 +1,59 @@ +#include +#ifdef BN_MP_MONTGOMERY_SETUP_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* setups the montgomery reduction stuff */ +int +mp_montgomery_setup (mp_int * n, mp_digit * rho) +{ + mp_digit x, b; + +/* fast inversion mod 2**k + * + * Based on the fact that + * + * XA = 1 (mod 2**n) => (X(2-XA)) A = 1 (mod 2**2n) + * => 2*X*A - X*X*A*A = 1 + * => 2*(1) - (1) = 1 + */ + b = n->dp[0]; + + if ((b & 1) == 0) { + return MP_VAL; + } + + x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */ + x *= 2 - b * x; /* here x*a==1 mod 2**8 */ +#if !defined(MP_8BIT) + x *= 2 - b * x; /* here x*a==1 mod 2**16 */ +#endif +#if defined(MP_64BIT) || !(defined(MP_8BIT) || defined(MP_16BIT)) + x *= 2 - b * x; /* here x*a==1 mod 2**32 */ +#endif +#ifdef MP_64BIT + x *= 2 - b * x; /* here x*a==1 mod 2**64 */ +#endif + + /* rho = -1/m mod b */ + *rho = (unsigned long)(((mp_word)1 << ((mp_word) DIGIT_BIT)) - x) & MP_MASK; + + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_montgomery_setup.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_mul.c b/lib/hcrypto/libtommath/bn_mp_mul.c new file mode 100644 index 000000000000..816e7b2f0bd7 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_mul.c @@ -0,0 +1,66 @@ +#include +#ifdef BN_MP_MUL_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* high level multiplication (handles sign) */ +int mp_mul (mp_int * a, mp_int * b, mp_int * c) +{ + int res, neg; + neg = (a->sign == b->sign) ? MP_ZPOS : MP_NEG; + + /* use Toom-Cook? */ +#ifdef BN_MP_TOOM_MUL_C + if (MIN (a->used, b->used) >= TOOM_MUL_CUTOFF) { + res = mp_toom_mul(a, b, c); + } else +#endif +#ifdef BN_MP_KARATSUBA_MUL_C + /* use Karatsuba? */ + if (MIN (a->used, b->used) >= KARATSUBA_MUL_CUTOFF) { + res = mp_karatsuba_mul (a, b, c); + } else +#endif + { + /* can we use the fast multiplier? + * + * The fast multiplier can be used if the output will + * have less than MP_WARRAY digits and the number of + * digits won't affect carry propagation + */ + int digs = a->used + b->used + 1; + +#ifdef BN_FAST_S_MP_MUL_DIGS_C + if ((digs < MP_WARRAY) && + MIN(a->used, b->used) <= + (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + res = fast_s_mp_mul_digs (a, b, c, digs); + } else +#endif +#ifdef BN_S_MP_MUL_DIGS_C + res = s_mp_mul (a, b, c); /* uses s_mp_mul_digs */ +#else + res = MP_VAL; +#endif + + } + c->sign = (c->used > 0) ? neg : MP_ZPOS; + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_mul.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_mul_2.c b/lib/hcrypto/libtommath/bn_mp_mul_2.c new file mode 100644 index 000000000000..f90654832bec --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_mul_2.c @@ -0,0 +1,82 @@ +#include +#ifdef BN_MP_MUL_2_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* b = a*2 */ +int mp_mul_2(mp_int * a, mp_int * b) +{ + int x, res, oldused; + + /* grow to accomodate result */ + if (b->alloc < a->used + 1) { + if ((res = mp_grow (b, a->used + 1)) != MP_OKAY) { + return res; + } + } + + oldused = b->used; + b->used = a->used; + + { + register mp_digit r, rr, *tmpa, *tmpb; + + /* alias for source */ + tmpa = a->dp; + + /* alias for dest */ + tmpb = b->dp; + + /* carry */ + r = 0; + for (x = 0; x < a->used; x++) { + + /* get what will be the *next* carry bit from the + * MSB of the current digit + */ + rr = *tmpa >> ((mp_digit)(DIGIT_BIT - 1)); + + /* now shift up this digit, add in the carry [from the previous] */ + *tmpb++ = ((*tmpa++ << ((mp_digit)1)) | r) & MP_MASK; + + /* copy the carry that would be from the source + * digit into the next iteration + */ + r = rr; + } + + /* new leading digit? */ + if (r != 0) { + /* add a MSB which is always 1 at this point */ + *tmpb = 1; + ++(b->used); + } + + /* now zero any excess digits on the destination + * that we didn't write to + */ + tmpb = b->dp + b->used; + for (x = b->used; x < oldused; x++) { + *tmpb++ = 0; + } + } + b->sign = a->sign; + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_mul_2.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_mul_2d.c b/lib/hcrypto/libtommath/bn_mp_mul_2d.c new file mode 100644 index 000000000000..d023b382cc12 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_mul_2d.c @@ -0,0 +1,85 @@ +#include +#ifdef BN_MP_MUL_2D_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* shift left by a certain bit count */ +int mp_mul_2d (mp_int * a, int b, mp_int * c) +{ + mp_digit d; + int res; + + /* copy */ + if (a != c) { + if ((res = mp_copy (a, c)) != MP_OKAY) { + return res; + } + } + + if (c->alloc < (int)(c->used + b/DIGIT_BIT + 1)) { + if ((res = mp_grow (c, c->used + b / DIGIT_BIT + 1)) != MP_OKAY) { + return res; + } + } + + /* shift by as many digits in the bit count */ + if (b >= (int)DIGIT_BIT) { + if ((res = mp_lshd (c, b / DIGIT_BIT)) != MP_OKAY) { + return res; + } + } + + /* shift any bit count < DIGIT_BIT */ + d = (mp_digit) (b % DIGIT_BIT); + if (d != 0) { + register mp_digit *tmpc, shift, mask, r, rr; + register int x; + + /* bitmask for carries */ + mask = (((mp_digit)1) << d) - 1; + + /* shift for msbs */ + shift = DIGIT_BIT - d; + + /* alias */ + tmpc = c->dp; + + /* carry */ + r = 0; + for (x = 0; x < c->used; x++) { + /* get the higher bits of the current word */ + rr = (*tmpc >> shift) & mask; + + /* shift the current word and OR in the carry */ + *tmpc = ((*tmpc << d) | r) & MP_MASK; + ++tmpc; + + /* set the carry to the carry bits of the current word */ + r = rr; + } + + /* set final carry */ + if (r != 0) { + c->dp[(c->used)++] = r; + } + } + mp_clamp (c); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_mul_2d.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_mul_d.c b/lib/hcrypto/libtommath/bn_mp_mul_d.c new file mode 100644 index 000000000000..00f9a899ef47 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_mul_d.c @@ -0,0 +1,79 @@ +#include +#ifdef BN_MP_MUL_D_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* multiply by a digit */ +int +mp_mul_d (mp_int * a, mp_digit b, mp_int * c) +{ + mp_digit u, *tmpa, *tmpc; + mp_word r; + int ix, res, olduse; + + /* make sure c is big enough to hold a*b */ + if (c->alloc < a->used + 1) { + if ((res = mp_grow (c, a->used + 1)) != MP_OKAY) { + return res; + } + } + + /* get the original destinations used count */ + olduse = c->used; + + /* set the sign */ + c->sign = a->sign; + + /* alias for a->dp [source] */ + tmpa = a->dp; + + /* alias for c->dp [dest] */ + tmpc = c->dp; + + /* zero carry */ + u = 0; + + /* compute columns */ + for (ix = 0; ix < a->used; ix++) { + /* compute product and carry sum for this term */ + r = ((mp_word) u) + ((mp_word)*tmpa++) * ((mp_word)b); + + /* mask off higher bits to get a single digit */ + *tmpc++ = (mp_digit) (r & ((mp_word) MP_MASK)); + + /* send carry into next iteration */ + u = (mp_digit) (r >> ((mp_word) DIGIT_BIT)); + } + + /* store final carry [if any] and increment ix offset */ + *tmpc++ = u; + ++ix; + + /* now zero digits above the top */ + while (ix++ < olduse) { + *tmpc++ = 0; + } + + /* set used count */ + c->used = a->used + 1; + mp_clamp(c); + + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_mul_d.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_mulmod.c b/lib/hcrypto/libtommath/bn_mp_mulmod.c new file mode 100644 index 000000000000..003ceb9b97e0 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_mulmod.c @@ -0,0 +1,40 @@ +#include +#ifdef BN_MP_MULMOD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* d = a * b (mod c) */ +int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d) +{ + int res; + mp_int t; + + if ((res = mp_init (&t)) != MP_OKAY) { + return res; + } + + if ((res = mp_mul (a, b, &t)) != MP_OKAY) { + mp_clear (&t); + return res; + } + res = mp_mod (&t, c, d); + mp_clear (&t); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_mulmod.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_n_root.c b/lib/hcrypto/libtommath/bn_mp_n_root.c new file mode 100644 index 000000000000..85d335cb9ef1 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_n_root.c @@ -0,0 +1,132 @@ +#include +#ifdef BN_MP_N_ROOT_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* find the n'th root of an integer + * + * Result found such that (c)**b <= a and (c+1)**b > a + * + * This algorithm uses Newton's approximation + * x[i+1] = x[i] - f(x[i])/f'(x[i]) + * which will find the root in log(N) time where + * each step involves a fair bit. This is not meant to + * find huge roots [square and cube, etc]. + */ +int mp_n_root (mp_int * a, mp_digit b, mp_int * c) +{ + mp_int t1, t2, t3; + int res, neg; + + /* input must be positive if b is even */ + if ((b & 1) == 0 && a->sign == MP_NEG) { + return MP_VAL; + } + + if ((res = mp_init (&t1)) != MP_OKAY) { + return res; + } + + if ((res = mp_init (&t2)) != MP_OKAY) { + goto LBL_T1; + } + + if ((res = mp_init (&t3)) != MP_OKAY) { + goto LBL_T2; + } + + /* if a is negative fudge the sign but keep track */ + neg = a->sign; + a->sign = MP_ZPOS; + + /* t2 = 2 */ + mp_set (&t2, 2); + + do { + /* t1 = t2 */ + if ((res = mp_copy (&t2, &t1)) != MP_OKAY) { + goto LBL_T3; + } + + /* t2 = t1 - ((t1**b - a) / (b * t1**(b-1))) */ + + /* t3 = t1**(b-1) */ + if ((res = mp_expt_d (&t1, b - 1, &t3)) != MP_OKAY) { + goto LBL_T3; + } + + /* numerator */ + /* t2 = t1**b */ + if ((res = mp_mul (&t3, &t1, &t2)) != MP_OKAY) { + goto LBL_T3; + } + + /* t2 = t1**b - a */ + if ((res = mp_sub (&t2, a, &t2)) != MP_OKAY) { + goto LBL_T3; + } + + /* denominator */ + /* t3 = t1**(b-1) * b */ + if ((res = mp_mul_d (&t3, b, &t3)) != MP_OKAY) { + goto LBL_T3; + } + + /* t3 = (t1**b - a)/(b * t1**(b-1)) */ + if ((res = mp_div (&t2, &t3, &t3, NULL)) != MP_OKAY) { + goto LBL_T3; + } + + if ((res = mp_sub (&t1, &t3, &t2)) != MP_OKAY) { + goto LBL_T3; + } + } while (mp_cmp (&t1, &t2) != MP_EQ); + + /* result can be off by a few so check */ + for (;;) { + if ((res = mp_expt_d (&t1, b, &t2)) != MP_OKAY) { + goto LBL_T3; + } + + if (mp_cmp (&t2, a) == MP_GT) { + if ((res = mp_sub_d (&t1, 1, &t1)) != MP_OKAY) { + goto LBL_T3; + } + } else { + break; + } + } + + /* reset the sign of a first */ + a->sign = neg; + + /* set the result */ + mp_exch (&t1, c); + + /* set the sign of the result */ + c->sign = neg; + + res = MP_OKAY; + +LBL_T3:mp_clear (&t3); +LBL_T2:mp_clear (&t2); +LBL_T1:mp_clear (&t1); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_n_root.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_neg.c b/lib/hcrypto/libtommath/bn_mp_neg.c new file mode 100644 index 000000000000..a7d035ab6dde --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_neg.c @@ -0,0 +1,40 @@ +#include +#ifdef BN_MP_NEG_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* b = -a */ +int mp_neg (mp_int * a, mp_int * b) +{ + int res; + if (a != b) { + if ((res = mp_copy (a, b)) != MP_OKAY) { + return res; + } + } + + if (mp_iszero(b) != MP_YES) { + b->sign = (a->sign == MP_ZPOS) ? MP_NEG : MP_ZPOS; + } else { + b->sign = MP_ZPOS; + } + + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_neg.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_or.c b/lib/hcrypto/libtommath/bn_mp_or.c new file mode 100644 index 000000000000..bff49954896f --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_or.c @@ -0,0 +1,50 @@ +#include +#ifdef BN_MP_OR_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* OR two ints together */ +int mp_or (mp_int * a, mp_int * b, mp_int * c) +{ + int res, ix, px; + mp_int t, *x; + + if (a->used > b->used) { + if ((res = mp_init_copy (&t, a)) != MP_OKAY) { + return res; + } + px = b->used; + x = b; + } else { + if ((res = mp_init_copy (&t, b)) != MP_OKAY) { + return res; + } + px = a->used; + x = a; + } + + for (ix = 0; ix < px; ix++) { + t.dp[ix] |= x->dp[ix]; + } + mp_clamp (&t); + mp_exch (c, &t); + mp_clear (&t); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_or.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_prime_fermat.c b/lib/hcrypto/libtommath/bn_mp_prime_fermat.c new file mode 100644 index 000000000000..8e74a337c543 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_prime_fermat.c @@ -0,0 +1,62 @@ +#include +#ifdef BN_MP_PRIME_FERMAT_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* performs one Fermat test. + * + * If "a" were prime then b**a == b (mod a) since the order of + * the multiplicative sub-group would be phi(a) = a-1. That means + * it would be the same as b**(a mod (a-1)) == b**1 == b (mod a). + * + * Sets result to 1 if the congruence holds, or zero otherwise. + */ +int mp_prime_fermat (mp_int * a, mp_int * b, int *result) +{ + mp_int t; + int err; + + /* default to composite */ + *result = MP_NO; + + /* ensure b > 1 */ + if (mp_cmp_d(b, 1) != MP_GT) { + return MP_VAL; + } + + /* init t */ + if ((err = mp_init (&t)) != MP_OKAY) { + return err; + } + + /* compute t = b**a mod a */ + if ((err = mp_exptmod (b, a, a, &t)) != MP_OKAY) { + goto LBL_T; + } + + /* is it equal to b? */ + if (mp_cmp (&t, b) == MP_EQ) { + *result = MP_YES; + } + + err = MP_OKAY; +LBL_T:mp_clear (&t); + return err; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_prime_fermat.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_prime_is_divisible.c b/lib/hcrypto/libtommath/bn_mp_prime_is_divisible.c new file mode 100644 index 000000000000..766cde95a683 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_prime_is_divisible.c @@ -0,0 +1,50 @@ +#include +#ifdef BN_MP_PRIME_IS_DIVISIBLE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* determines if an integers is divisible by one + * of the first PRIME_SIZE primes or not + * + * sets result to 0 if not, 1 if yes + */ +int mp_prime_is_divisible (mp_int * a, int *result) +{ + int err, ix; + mp_digit res; + + /* default to not */ + *result = MP_NO; + + for (ix = 0; ix < PRIME_SIZE; ix++) { + /* what is a mod LBL_prime_tab[ix] */ + if ((err = mp_mod_d (a, ltm_prime_tab[ix], &res)) != MP_OKAY) { + return err; + } + + /* is the residue zero? */ + if (res == 0) { + *result = MP_YES; + return MP_OKAY; + } + } + + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_prime_is_divisible.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_prime_is_prime.c b/lib/hcrypto/libtommath/bn_mp_prime_is_prime.c new file mode 100644 index 000000000000..c316d621090b --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_prime_is_prime.c @@ -0,0 +1,83 @@ +#include +#ifdef BN_MP_PRIME_IS_PRIME_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* performs a variable number of rounds of Miller-Rabin + * + * Probability of error after t rounds is no more than + + * + * Sets result to 1 if probably prime, 0 otherwise + */ +int mp_prime_is_prime (mp_int * a, int t, int *result) +{ + mp_int b; + int ix, err, res; + + /* default to no */ + *result = MP_NO; + + /* valid value of t? */ + if (t <= 0 || t > PRIME_SIZE) { + return MP_VAL; + } + + /* is the input equal to one of the primes in the table? */ + for (ix = 0; ix < PRIME_SIZE; ix++) { + if (mp_cmp_d(a, ltm_prime_tab[ix]) == MP_EQ) { + *result = 1; + return MP_OKAY; + } + } + + /* first perform trial division */ + if ((err = mp_prime_is_divisible (a, &res)) != MP_OKAY) { + return err; + } + + /* return if it was trivially divisible */ + if (res == MP_YES) { + return MP_OKAY; + } + + /* now perform the miller-rabin rounds */ + if ((err = mp_init (&b)) != MP_OKAY) { + return err; + } + + for (ix = 0; ix < t; ix++) { + /* set the prime */ + mp_set (&b, ltm_prime_tab[ix]); + + if ((err = mp_prime_miller_rabin (a, &b, &res)) != MP_OKAY) { + goto LBL_B; + } + + if (res == MP_NO) { + goto LBL_B; + } + } + + /* passed the test */ + *result = MP_YES; +LBL_B:mp_clear (&b); + return err; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_prime_is_prime.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_prime_miller_rabin.c b/lib/hcrypto/libtommath/bn_mp_prime_miller_rabin.c new file mode 100644 index 000000000000..60a8c48eae95 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_prime_miller_rabin.c @@ -0,0 +1,103 @@ +#include +#ifdef BN_MP_PRIME_MILLER_RABIN_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* Miller-Rabin test of "a" to the base of "b" as described in + * HAC pp. 139 Algorithm 4.24 + * + * Sets result to 0 if definitely composite or 1 if probably prime. + * Randomly the chance of error is no more than 1/4 and often + * very much lower. + */ +int mp_prime_miller_rabin (mp_int * a, mp_int * b, int *result) +{ + mp_int n1, y, r; + int s, j, err; + + /* default */ + *result = MP_NO; + + /* ensure b > 1 */ + if (mp_cmp_d(b, 1) != MP_GT) { + return MP_VAL; + } + + /* get n1 = a - 1 */ + if ((err = mp_init_copy (&n1, a)) != MP_OKAY) { + return err; + } + if ((err = mp_sub_d (&n1, 1, &n1)) != MP_OKAY) { + goto LBL_N1; + } + + /* set 2**s * r = n1 */ + if ((err = mp_init_copy (&r, &n1)) != MP_OKAY) { + goto LBL_N1; + } + + /* count the number of least significant bits + * which are zero + */ + s = mp_cnt_lsb(&r); + + /* now divide n - 1 by 2**s */ + if ((err = mp_div_2d (&r, s, &r, NULL)) != MP_OKAY) { + goto LBL_R; + } + + /* compute y = b**r mod a */ + if ((err = mp_init (&y)) != MP_OKAY) { + goto LBL_R; + } + if ((err = mp_exptmod (b, &r, a, &y)) != MP_OKAY) { + goto LBL_Y; + } + + /* if y != 1 and y != n1 do */ + if (mp_cmp_d (&y, 1) != MP_EQ && mp_cmp (&y, &n1) != MP_EQ) { + j = 1; + /* while j <= s-1 and y != n1 */ + while ((j <= (s - 1)) && mp_cmp (&y, &n1) != MP_EQ) { + if ((err = mp_sqrmod (&y, a, &y)) != MP_OKAY) { + goto LBL_Y; + } + + /* if y == 1 then composite */ + if (mp_cmp_d (&y, 1) == MP_EQ) { + goto LBL_Y; + } + + ++j; + } + + /* if y != n1 then composite */ + if (mp_cmp (&y, &n1) != MP_EQ) { + goto LBL_Y; + } + } + + /* probably prime now */ + *result = MP_YES; +LBL_Y:mp_clear (&y); +LBL_R:mp_clear (&r); +LBL_N1:mp_clear (&n1); + return err; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_prime_miller_rabin.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_prime_next_prime.c b/lib/hcrypto/libtommath/bn_mp_prime_next_prime.c new file mode 100644 index 000000000000..a2897f087846 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_prime_next_prime.c @@ -0,0 +1,170 @@ +#include +#ifdef BN_MP_PRIME_NEXT_PRIME_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* finds the next prime after the number "a" using "t" trials + * of Miller-Rabin. + * + * bbs_style = 1 means the prime must be congruent to 3 mod 4 + */ +int mp_prime_next_prime(mp_int *a, int t, int bbs_style) +{ + int err, res = MP_NO, x, y; + mp_digit res_tab[PRIME_SIZE], step, kstep; + mp_int b; + + /* ensure t is valid */ + if (t <= 0 || t > PRIME_SIZE) { + return MP_VAL; + } + + /* force positive */ + a->sign = MP_ZPOS; + + /* simple algo if a is less than the largest prime in the table */ + if (mp_cmp_d(a, ltm_prime_tab[PRIME_SIZE-1]) == MP_LT) { + /* find which prime it is bigger than */ + for (x = PRIME_SIZE - 2; x >= 0; x--) { + if (mp_cmp_d(a, ltm_prime_tab[x]) != MP_LT) { + if (bbs_style == 1) { + /* ok we found a prime smaller or + * equal [so the next is larger] + * + * however, the prime must be + * congruent to 3 mod 4 + */ + if ((ltm_prime_tab[x + 1] & 3) != 3) { + /* scan upwards for a prime congruent to 3 mod 4 */ + for (y = x + 1; y < PRIME_SIZE; y++) { + if ((ltm_prime_tab[y] & 3) == 3) { + mp_set(a, ltm_prime_tab[y]); + return MP_OKAY; + } + } + } + } else { + mp_set(a, ltm_prime_tab[x + 1]); + return MP_OKAY; + } + } + } + /* at this point a maybe 1 */ + if (mp_cmp_d(a, 1) == MP_EQ) { + mp_set(a, 2); + return MP_OKAY; + } + /* fall through to the sieve */ + } + + /* generate a prime congruent to 3 mod 4 or 1/3 mod 4? */ + if (bbs_style == 1) { + kstep = 4; + } else { + kstep = 2; + } + + /* at this point we will use a combination of a sieve and Miller-Rabin */ + + if (bbs_style == 1) { + /* if a mod 4 != 3 subtract the correct value to make it so */ + if ((a->dp[0] & 3) != 3) { + if ((err = mp_sub_d(a, (a->dp[0] & 3) + 1, a)) != MP_OKAY) { return err; }; + } + } else { + if (mp_iseven(a) == 1) { + /* force odd */ + if ((err = mp_sub_d(a, 1, a)) != MP_OKAY) { + return err; + } + } + } + + /* generate the restable */ + for (x = 1; x < PRIME_SIZE; x++) { + if ((err = mp_mod_d(a, ltm_prime_tab[x], res_tab + x)) != MP_OKAY) { + return err; + } + } + + /* init temp used for Miller-Rabin Testing */ + if ((err = mp_init(&b)) != MP_OKAY) { + return err; + } + + for (;;) { + /* skip to the next non-trivially divisible candidate */ + step = 0; + do { + /* y == 1 if any residue was zero [e.g. cannot be prime] */ + y = 0; + + /* increase step to next candidate */ + step += kstep; + + /* compute the new residue without using division */ + for (x = 1; x < PRIME_SIZE; x++) { + /* add the step to each residue */ + res_tab[x] += kstep; + + /* subtract the modulus [instead of using division] */ + if (res_tab[x] >= ltm_prime_tab[x]) { + res_tab[x] -= ltm_prime_tab[x]; + } + + /* set flag if zero */ + if (res_tab[x] == 0) { + y = 1; + } + } + } while (y == 1 && step < ((((mp_digit)1)<= ((((mp_digit)1)< +#ifdef BN_MP_PRIME_RABIN_MILLER_TRIALS_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + + +static const struct { + int k, t; +} sizes[] = { +{ 128, 28 }, +{ 256, 16 }, +{ 384, 10 }, +{ 512, 7 }, +{ 640, 6 }, +{ 768, 5 }, +{ 896, 4 }, +{ 1024, 4 } +}; + +/* returns # of RM trials required for a given bit size */ +int mp_prime_rabin_miller_trials(int size) +{ + int x; + + for (x = 0; x < (int)(sizeof(sizes)/(sizeof(sizes[0]))); x++) { + if (sizes[x].k == size) { + return sizes[x].t; + } else if (sizes[x].k > size) { + return (x == 0) ? sizes[0].t : sizes[x - 1].t; + } + } + return sizes[x-1].t + 1; +} + + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_prime_rabin_miller_trials.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_prime_random_ex.c b/lib/hcrypto/libtommath/bn_mp_prime_random_ex.c new file mode 100644 index 000000000000..7b0d15c94d7f --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_prime_random_ex.c @@ -0,0 +1,125 @@ +#include +#ifdef BN_MP_PRIME_RANDOM_EX_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* makes a truly random prime of a given size (bits), + * + * Flags are as follows: + * + * LTM_PRIME_BBS - make prime congruent to 3 mod 4 + * LTM_PRIME_SAFE - make sure (p-1)/2 is prime as well (implies LTM_PRIME_BBS) + * LTM_PRIME_2MSB_OFF - make the 2nd highest bit zero + * LTM_PRIME_2MSB_ON - make the 2nd highest bit one + * + * You have to supply a callback which fills in a buffer with random bytes. "dat" is a parameter you can + * have passed to the callback (e.g. a state or something). This function doesn't use "dat" itself + * so it can be NULL + * + */ + +/* This is possibly the mother of all prime generation functions, muahahahahaha! */ +int mp_prime_random_ex(mp_int *a, int t, int size, int flags, ltm_prime_callback cb, void *dat) +{ + unsigned char *tmp, maskAND, maskOR_msb, maskOR_lsb; + int res, err, bsize, maskOR_msb_offset; + + /* sanity check the input */ + if (size <= 1 || t <= 0) { + return MP_VAL; + } + + /* LTM_PRIME_SAFE implies LTM_PRIME_BBS */ + if (flags & LTM_PRIME_SAFE) { + flags |= LTM_PRIME_BBS; + } + + /* calc the byte size */ + bsize = (size>>3) + ((size&7)?1:0); + + /* we need a buffer of bsize bytes */ + tmp = OPT_CAST(unsigned char) XMALLOC(bsize); + if (tmp == NULL) { + return MP_MEM; + } + + /* calc the maskAND value for the MSbyte*/ + maskAND = ((size&7) == 0) ? 0xFF : (0xFF >> (8 - (size & 7))); + + /* calc the maskOR_msb */ + maskOR_msb = 0; + maskOR_msb_offset = ((size & 7) == 1) ? 1 : 0; + if (flags & LTM_PRIME_2MSB_ON) { + maskOR_msb |= 0x80 >> ((9 - size) & 7); + } + + /* get the maskOR_lsb */ + maskOR_lsb = 1; + if (flags & LTM_PRIME_BBS) { + maskOR_lsb |= 3; + } + + do { + /* read the bytes */ + if (cb(tmp, bsize, dat) != bsize) { + err = MP_VAL; + goto error; + } + + /* work over the MSbyte */ + tmp[0] &= maskAND; + tmp[0] |= 1 << ((size - 1) & 7); + + /* mix in the maskORs */ + tmp[maskOR_msb_offset] |= maskOR_msb; + tmp[bsize-1] |= maskOR_lsb; + + /* read it in */ + if ((err = mp_read_unsigned_bin(a, tmp, bsize)) != MP_OKAY) { goto error; } + + /* is it prime? */ + if ((err = mp_prime_is_prime(a, t, &res)) != MP_OKAY) { goto error; } + if (res == MP_NO) { + continue; + } + + if (flags & LTM_PRIME_SAFE) { + /* see if (a-1)/2 is prime */ + if ((err = mp_sub_d(a, 1, a)) != MP_OKAY) { goto error; } + if ((err = mp_div_2(a, a)) != MP_OKAY) { goto error; } + + /* is it prime? */ + if ((err = mp_prime_is_prime(a, t, &res)) != MP_OKAY) { goto error; } + } + } while (res == MP_NO); + + if (flags & LTM_PRIME_SAFE) { + /* restore a to the original value */ + if ((err = mp_mul_2(a, a)) != MP_OKAY) { goto error; } + if ((err = mp_add_d(a, 1, a)) != MP_OKAY) { goto error; } + } + + err = MP_OKAY; +error: + XFREE(tmp); + return err; +} + + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_prime_random_ex.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_radix_size.c b/lib/hcrypto/libtommath/bn_mp_radix_size.c new file mode 100644 index 000000000000..af94be8676ab --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_radix_size.c @@ -0,0 +1,78 @@ +#include +#ifdef BN_MP_RADIX_SIZE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* returns size of ASCII reprensentation */ +int mp_radix_size (mp_int * a, int radix, int *size) +{ + int res, digs; + mp_int t; + mp_digit d; + + *size = 0; + + /* special case for binary */ + if (radix == 2) { + *size = mp_count_bits (a) + (a->sign == MP_NEG ? 1 : 0) + 1; + return MP_OKAY; + } + + /* make sure the radix is in range */ + if (radix < 2 || radix > 64) { + return MP_VAL; + } + + if (mp_iszero(a) == MP_YES) { + *size = 2; + return MP_OKAY; + } + + /* digs is the digit count */ + digs = 0; + + /* if it's negative add one for the sign */ + if (a->sign == MP_NEG) { + ++digs; + } + + /* init a copy of the input */ + if ((res = mp_init_copy (&t, a)) != MP_OKAY) { + return res; + } + + /* force temp to positive */ + t.sign = MP_ZPOS; + + /* fetch out all of the digits */ + while (mp_iszero (&t) == MP_NO) { + if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) { + mp_clear (&t); + return res; + } + ++digs; + } + mp_clear (&t); + + /* return digs + 1, the 1 is for the NULL byte that would be required. */ + *size = digs + 1; + return MP_OKAY; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_radix_size.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_radix_smap.c b/lib/hcrypto/libtommath/bn_mp_radix_smap.c new file mode 100644 index 000000000000..7d72feb84e6a --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_radix_smap.c @@ -0,0 +1,24 @@ +#include +#ifdef BN_MP_RADIX_SMAP_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* chars used in radix conversions */ +const char *mp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/"; +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_radix_smap.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_rand.c b/lib/hcrypto/libtommath/bn_mp_rand.c new file mode 100644 index 000000000000..af66a67eea14 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_rand.c @@ -0,0 +1,55 @@ +#include +#ifdef BN_MP_RAND_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* makes a pseudo-random int of a given size */ +int +mp_rand (mp_int * a, int digits) +{ + int res; + mp_digit d; + + mp_zero (a); + if (digits <= 0) { + return MP_OKAY; + } + + /* first place a random non-zero digit */ + do { + d = ((mp_digit) abs (rand ())) & MP_MASK; + } while (d == 0); + + if ((res = mp_add_d (a, d, a)) != MP_OKAY) { + return res; + } + + while (--digits > 0) { + if ((res = mp_lshd (a, 1)) != MP_OKAY) { + return res; + } + + if ((res = mp_add_d (a, ((mp_digit) abs (rand ())), a)) != MP_OKAY) { + return res; + } + } + + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_rand.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_read_radix.c b/lib/hcrypto/libtommath/bn_mp_read_radix.c new file mode 100644 index 000000000000..35ca886736a1 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_read_radix.c @@ -0,0 +1,85 @@ +#include +#ifdef BN_MP_READ_RADIX_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* read a string [ASCII] in a given radix */ +int mp_read_radix (mp_int * a, const char *str, int radix) +{ + int y, res, neg; + char ch; + + /* zero the digit bignum */ + mp_zero(a); + + /* make sure the radix is ok */ + if (radix < 2 || radix > 64) { + return MP_VAL; + } + + /* if the leading digit is a + * minus set the sign to negative. + */ + if (*str == '-') { + ++str; + neg = MP_NEG; + } else { + neg = MP_ZPOS; + } + + /* set the integer to the default of zero */ + mp_zero (a); + + /* process each digit of the string */ + while (*str) { + /* if the radix < 36 the conversion is case insensitive + * this allows numbers like 1AB and 1ab to represent the same value + * [e.g. in hex] + */ + ch = (char) ((radix < 36) ? toupper (*str) : *str); + for (y = 0; y < 64; y++) { + if (ch == mp_s_rmap[y]) { + break; + } + } + + /* if the char was found in the map + * and is less than the given radix add it + * to the number, otherwise exit the loop. + */ + if (y < radix) { + if ((res = mp_mul_d (a, (mp_digit) radix, a)) != MP_OKAY) { + return res; + } + if ((res = mp_add_d (a, (mp_digit) y, a)) != MP_OKAY) { + return res; + } + } else { + break; + } + ++str; + } + + /* set the sign only if a != 0 */ + if (mp_iszero(a) != 1) { + a->sign = neg; + } + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_read_radix.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_read_signed_bin.c b/lib/hcrypto/libtommath/bn_mp_read_signed_bin.c new file mode 100644 index 000000000000..8da651ce30fc --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_read_signed_bin.c @@ -0,0 +1,41 @@ +#include +#ifdef BN_MP_READ_SIGNED_BIN_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* read signed bin, big endian, first byte is 0==positive or 1==negative */ +int mp_read_signed_bin (mp_int * a, const unsigned char *b, int c) +{ + int res; + + /* read magnitude */ + if ((res = mp_read_unsigned_bin (a, b + 1, c - 1)) != MP_OKAY) { + return res; + } + + /* first byte is 0 for positive, non-zero for negative */ + if (b[0] == 0) { + a->sign = MP_ZPOS; + } else { + a->sign = MP_NEG; + } + + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_read_signed_bin.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_read_unsigned_bin.c b/lib/hcrypto/libtommath/bn_mp_read_unsigned_bin.c new file mode 100644 index 000000000000..1ebba13a02c0 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_read_unsigned_bin.c @@ -0,0 +1,55 @@ +#include +#ifdef BN_MP_READ_UNSIGNED_BIN_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* reads a unsigned char array, assumes the msb is stored first [big endian] */ +int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c) +{ + int res; + + /* make sure there are at least two digits */ + if (a->alloc < 2) { + if ((res = mp_grow(a, 2)) != MP_OKAY) { + return res; + } + } + + /* zero the int */ + mp_zero (a); + + /* read the bytes in */ + while (c-- > 0) { + if ((res = mp_mul_2d (a, 8, a)) != MP_OKAY) { + return res; + } + +#ifndef MP_8BIT + a->dp[0] |= *b++; + a->used += 1; +#else + a->dp[0] = (*b & MP_MASK); + a->dp[1] |= ((*b++ >> 7U) & 1); + a->used += 2; +#endif + } + mp_clamp (a); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_read_unsigned_bin.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_reduce.c b/lib/hcrypto/libtommath/bn_mp_reduce.c new file mode 100644 index 000000000000..ae57a6a00334 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_reduce.c @@ -0,0 +1,100 @@ +#include +#ifdef BN_MP_REDUCE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* reduces x mod m, assumes 0 < x < m**2, mu is + * precomputed via mp_reduce_setup. + * From HAC pp.604 Algorithm 14.42 + */ +int mp_reduce (mp_int * x, mp_int * m, mp_int * mu) +{ + mp_int q; + int res, um = m->used; + + /* q = x */ + if ((res = mp_init_copy (&q, x)) != MP_OKAY) { + return res; + } + + /* q1 = x / b**(k-1) */ + mp_rshd (&q, um - 1); + + /* according to HAC this optimization is ok */ + if (((unsigned long) um) > (((mp_digit)1) << (DIGIT_BIT - 1))) { + if ((res = mp_mul (&q, mu, &q)) != MP_OKAY) { + goto CLEANUP; + } + } else { +#ifdef BN_S_MP_MUL_HIGH_DIGS_C + if ((res = s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) { + goto CLEANUP; + } +#elif defined(BN_FAST_S_MP_MUL_HIGH_DIGS_C) + if ((res = fast_s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) { + goto CLEANUP; + } +#else + { + res = MP_VAL; + goto CLEANUP; + } +#endif + } + + /* q3 = q2 / b**(k+1) */ + mp_rshd (&q, um + 1); + + /* x = x mod b**(k+1), quick (no division) */ + if ((res = mp_mod_2d (x, DIGIT_BIT * (um + 1), x)) != MP_OKAY) { + goto CLEANUP; + } + + /* q = q * m mod b**(k+1), quick (no division) */ + if ((res = s_mp_mul_digs (&q, m, &q, um + 1)) != MP_OKAY) { + goto CLEANUP; + } + + /* x = x - q */ + if ((res = mp_sub (x, &q, x)) != MP_OKAY) { + goto CLEANUP; + } + + /* If x < 0, add b**(k+1) to it */ + if (mp_cmp_d (x, 0) == MP_LT) { + mp_set (&q, 1); + if ((res = mp_lshd (&q, um + 1)) != MP_OKAY) + goto CLEANUP; + if ((res = mp_add (x, &q, x)) != MP_OKAY) + goto CLEANUP; + } + + /* Back off if it's too big */ + while (mp_cmp (x, m) != MP_LT) { + if ((res = s_mp_sub (x, m, x)) != MP_OKAY) { + goto CLEANUP; + } + } + +CLEANUP: + mp_clear (&q); + + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_reduce.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_reduce_2k.c b/lib/hcrypto/libtommath/bn_mp_reduce_2k.c new file mode 100644 index 000000000000..1c4a751dda5a --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_reduce_2k.c @@ -0,0 +1,61 @@ +#include +#ifdef BN_MP_REDUCE_2K_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* reduces a modulo n where n is of the form 2**p - d */ +int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d) +{ + mp_int q; + int p, res; + + if ((res = mp_init(&q)) != MP_OKAY) { + return res; + } + + p = mp_count_bits(n); +top: + /* q = a/2**p, a = a mod 2**p */ + if ((res = mp_div_2d(a, p, &q, a)) != MP_OKAY) { + goto ERR; + } + + if (d != 1) { + /* q = q * d */ + if ((res = mp_mul_d(&q, d, &q)) != MP_OKAY) { + goto ERR; + } + } + + /* a = a + q */ + if ((res = s_mp_add(a, &q, a)) != MP_OKAY) { + goto ERR; + } + + if (mp_cmp_mag(a, n) != MP_LT) { + s_mp_sub(a, n, a); + goto top; + } + +ERR: + mp_clear(&q); + return res; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_reduce_2k.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_reduce_2k_l.c b/lib/hcrypto/libtommath/bn_mp_reduce_2k_l.c new file mode 100644 index 000000000000..71abeaebba72 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_reduce_2k_l.c @@ -0,0 +1,62 @@ +#include +#ifdef BN_MP_REDUCE_2K_L_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* reduces a modulo n where n is of the form 2**p - d + This differs from reduce_2k since "d" can be larger + than a single digit. +*/ +int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d) +{ + mp_int q; + int p, res; + + if ((res = mp_init(&q)) != MP_OKAY) { + return res; + } + + p = mp_count_bits(n); +top: + /* q = a/2**p, a = a mod 2**p */ + if ((res = mp_div_2d(a, p, &q, a)) != MP_OKAY) { + goto ERR; + } + + /* q = q * d */ + if ((res = mp_mul(&q, d, &q)) != MP_OKAY) { + goto ERR; + } + + /* a = a + q */ + if ((res = s_mp_add(a, &q, a)) != MP_OKAY) { + goto ERR; + } + + if (mp_cmp_mag(a, n) != MP_LT) { + s_mp_sub(a, n, a); + goto top; + } + +ERR: + mp_clear(&q); + return res; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_reduce_2k_l.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_reduce_2k_setup.c b/lib/hcrypto/libtommath/bn_mp_reduce_2k_setup.c new file mode 100644 index 000000000000..dca723c81568 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_reduce_2k_setup.c @@ -0,0 +1,47 @@ +#include +#ifdef BN_MP_REDUCE_2K_SETUP_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* determines the setup value */ +int mp_reduce_2k_setup(mp_int *a, mp_digit *d) +{ + int res, p; + mp_int tmp; + + if ((res = mp_init(&tmp)) != MP_OKAY) { + return res; + } + + p = mp_count_bits(a); + if ((res = mp_2expt(&tmp, p)) != MP_OKAY) { + mp_clear(&tmp); + return res; + } + + if ((res = s_mp_sub(&tmp, a, &tmp)) != MP_OKAY) { + mp_clear(&tmp); + return res; + } + + *d = tmp.dp[0]; + mp_clear(&tmp); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_reduce_2k_setup.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_reduce_2k_setup_l.c b/lib/hcrypto/libtommath/bn_mp_reduce_2k_setup_l.c new file mode 100644 index 000000000000..cc59a6e71585 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_reduce_2k_setup_l.c @@ -0,0 +1,44 @@ +#include +#ifdef BN_MP_REDUCE_2K_SETUP_L_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* determines the setup value */ +int mp_reduce_2k_setup_l(mp_int *a, mp_int *d) +{ + int res; + mp_int tmp; + + if ((res = mp_init(&tmp)) != MP_OKAY) { + return res; + } + + if ((res = mp_2expt(&tmp, mp_count_bits(a))) != MP_OKAY) { + goto ERR; + } + + if ((res = s_mp_sub(&tmp, a, d)) != MP_OKAY) { + goto ERR; + } + +ERR: + mp_clear(&tmp); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_reduce_2k_setup_l.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_reduce_is_2k.c b/lib/hcrypto/libtommath/bn_mp_reduce_is_2k.c new file mode 100644 index 000000000000..c8d25d83e226 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_reduce_is_2k.c @@ -0,0 +1,52 @@ +#include +#ifdef BN_MP_REDUCE_IS_2K_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* determines if mp_reduce_2k can be used */ +int mp_reduce_is_2k(mp_int *a) +{ + int ix, iy, iw; + mp_digit iz; + + if (a->used == 0) { + return MP_NO; + } else if (a->used == 1) { + return MP_YES; + } else if (a->used > 1) { + iy = mp_count_bits(a); + iz = 1; + iw = 1; + + /* Test every bit from the second digit up, must be 1 */ + for (ix = DIGIT_BIT; ix < iy; ix++) { + if ((a->dp[iw] & iz) == 0) { + return MP_NO; + } + iz <<= 1; + if (iz > (mp_digit)MP_MASK) { + ++iw; + iz = 1; + } + } + } + return MP_YES; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_reduce_is_2k.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_reduce_is_2k_l.c b/lib/hcrypto/libtommath/bn_mp_reduce_is_2k_l.c new file mode 100644 index 000000000000..ad006f39c50e --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_reduce_is_2k_l.c @@ -0,0 +1,44 @@ +#include +#ifdef BN_MP_REDUCE_IS_2K_L_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* determines if reduce_2k_l can be used */ +int mp_reduce_is_2k_l(mp_int *a) +{ + int ix, iy; + + if (a->used == 0) { + return MP_NO; + } else if (a->used == 1) { + return MP_YES; + } else if (a->used > 1) { + /* if more than half of the digits are -1 we're sold */ + for (iy = ix = 0; ix < a->used; ix++) { + if (a->dp[ix] == MP_MASK) { + ++iy; + } + } + return (iy >= (a->used/2)) ? MP_YES : MP_NO; + + } + return MP_NO; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_reduce_is_2k_l.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_reduce_setup.c b/lib/hcrypto/libtommath/bn_mp_reduce_setup.c new file mode 100644 index 000000000000..035419bf3472 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_reduce_setup.c @@ -0,0 +1,34 @@ +#include +#ifdef BN_MP_REDUCE_SETUP_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* pre-calculate the value required for Barrett reduction + * For a given modulus "b" it calulates the value required in "a" + */ +int mp_reduce_setup (mp_int * a, mp_int * b) +{ + int res; + + if ((res = mp_2expt (a, b->used * 2 * DIGIT_BIT)) != MP_OKAY) { + return res; + } + return mp_div (a, b, a, NULL); +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_reduce_setup.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_rshd.c b/lib/hcrypto/libtommath/bn_mp_rshd.c new file mode 100644 index 000000000000..ed13ce59a492 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_rshd.c @@ -0,0 +1,72 @@ +#include +#ifdef BN_MP_RSHD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* shift right a certain amount of digits */ +void mp_rshd (mp_int * a, int b) +{ + int x; + + /* if b <= 0 then ignore it */ + if (b <= 0) { + return; + } + + /* if b > used then simply zero it and return */ + if (a->used <= b) { + mp_zero (a); + return; + } + + { + register mp_digit *bottom, *top; + + /* shift the digits down */ + + /* bottom */ + bottom = a->dp; + + /* top [offset into digits] */ + top = a->dp + b; + + /* this is implemented as a sliding window where + * the window is b-digits long and digits from + * the top of the window are copied to the bottom + * + * e.g. + + b-2 | b-1 | b0 | b1 | b2 | ... | bb | ----> + /\ | ----> + \-------------------/ ----> + */ + for (x = 0; x < (a->used - b); x++) { + *bottom++ = *top++; + } + + /* zero the top digits */ + for (; x < a->used; x++) { + *bottom++ = 0; + } + } + + /* remove excess digits */ + a->used -= b; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_rshd.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_set.c b/lib/hcrypto/libtommath/bn_mp_set.c new file mode 100644 index 000000000000..174adcbc6d6b --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_set.c @@ -0,0 +1,29 @@ +#include +#ifdef BN_MP_SET_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* set to a digit */ +void mp_set (mp_int * a, mp_digit b) +{ + mp_zero (a); + a->dp[0] = b & MP_MASK; + a->used = (a->dp[0] != 0) ? 1 : 0; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_set.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_set_int.c b/lib/hcrypto/libtommath/bn_mp_set_int.c new file mode 100644 index 000000000000..3072e76e1c43 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_set_int.c @@ -0,0 +1,48 @@ +#include +#ifdef BN_MP_SET_INT_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* set a 32-bit const */ +int mp_set_int (mp_int * a, unsigned long b) +{ + int x, res; + + mp_zero (a); + + /* set four bits at a time */ + for (x = 0; x < 8; x++) { + /* shift the number up four bits */ + if ((res = mp_mul_2d (a, 4, a)) != MP_OKAY) { + return res; + } + + /* OR in the top four bits of the source */ + a->dp[0] |= (b >> 28) & 15; + + /* shift the source up to the next four bits */ + b <<= 4; + + /* ensure that digits are not clamped off */ + a->used += 1; + } + mp_clamp (a); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_set_int.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_shrink.c b/lib/hcrypto/libtommath/bn_mp_shrink.c new file mode 100644 index 000000000000..4b8c5ef11adb --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_shrink.c @@ -0,0 +1,35 @@ +#include +#ifdef BN_MP_SHRINK_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* shrink a bignum */ +int mp_shrink (mp_int * a) +{ + mp_digit *tmp; + if (a->alloc != a->used && a->used > 0) { + if ((tmp = OPT_CAST(mp_digit) XREALLOC (a->dp, sizeof (mp_digit) * a->used)) == NULL) { + return MP_MEM; + } + a->dp = tmp; + a->alloc = a->used; + } + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_shrink.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_signed_bin_size.c b/lib/hcrypto/libtommath/bn_mp_signed_bin_size.c new file mode 100644 index 000000000000..6739d19e2bcc --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_signed_bin_size.c @@ -0,0 +1,27 @@ +#include +#ifdef BN_MP_SIGNED_BIN_SIZE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* get the size for an signed equivalent */ +int mp_signed_bin_size (mp_int * a) +{ + return 1 + mp_unsigned_bin_size (a); +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_signed_bin_size.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_sqr.c b/lib/hcrypto/libtommath/bn_mp_sqr.c new file mode 100644 index 000000000000..90f4dd6d7273 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_sqr.c @@ -0,0 +1,58 @@ +#include +#ifdef BN_MP_SQR_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* computes b = a*a */ +int +mp_sqr (mp_int * a, mp_int * b) +{ + int res; + +#ifdef BN_MP_TOOM_SQR_C + /* use Toom-Cook? */ + if (a->used >= TOOM_SQR_CUTOFF) { + res = mp_toom_sqr(a, b); + /* Karatsuba? */ + } else +#endif +#ifdef BN_MP_KARATSUBA_SQR_C +if (a->used >= KARATSUBA_SQR_CUTOFF) { + res = mp_karatsuba_sqr (a, b); + } else +#endif + { +#ifdef BN_FAST_S_MP_SQR_C + /* can we use the fast comba multiplier? */ + if ((a->used * 2 + 1) < MP_WARRAY && + a->used < + (1 << (sizeof(mp_word) * CHAR_BIT - 2*DIGIT_BIT - 1))) { + res = fast_s_mp_sqr (a, b); + } else +#endif +#ifdef BN_S_MP_SQR_C + res = s_mp_sqr (a, b); +#else + res = MP_VAL; +#endif + } + b->sign = MP_ZPOS; + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_sqr.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_sqrmod.c b/lib/hcrypto/libtommath/bn_mp_sqrmod.c new file mode 100644 index 000000000000..161cbbb30dd3 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_sqrmod.c @@ -0,0 +1,41 @@ +#include +#ifdef BN_MP_SQRMOD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* c = a * a (mod b) */ +int +mp_sqrmod (mp_int * a, mp_int * b, mp_int * c) +{ + int res; + mp_int t; + + if ((res = mp_init (&t)) != MP_OKAY) { + return res; + } + + if ((res = mp_sqr (a, &t)) != MP_OKAY) { + mp_clear (&t); + return res; + } + res = mp_mod (&t, b, c); + mp_clear (&t); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_sqrmod.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_sqrt.c b/lib/hcrypto/libtommath/bn_mp_sqrt.c new file mode 100644 index 000000000000..8391297f7e52 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_sqrt.c @@ -0,0 +1,81 @@ +#include +#ifdef BN_MP_SQRT_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* this function is less generic than mp_n_root, simpler and faster */ +int mp_sqrt(mp_int *arg, mp_int *ret) +{ + int res; + mp_int t1,t2; + + /* must be positive */ + if (arg->sign == MP_NEG) { + return MP_VAL; + } + + /* easy out */ + if (mp_iszero(arg) == MP_YES) { + mp_zero(ret); + return MP_OKAY; + } + + if ((res = mp_init_copy(&t1, arg)) != MP_OKAY) { + return res; + } + + if ((res = mp_init(&t2)) != MP_OKAY) { + goto E2; + } + + /* First approx. (not very bad for large arg) */ + mp_rshd (&t1,t1.used/2); + + /* t1 > 0 */ + if ((res = mp_div(arg,&t1,&t2,NULL)) != MP_OKAY) { + goto E1; + } + if ((res = mp_add(&t1,&t2,&t1)) != MP_OKAY) { + goto E1; + } + if ((res = mp_div_2(&t1,&t1)) != MP_OKAY) { + goto E1; + } + /* And now t1 > sqrt(arg) */ + do { + if ((res = mp_div(arg,&t1,&t2,NULL)) != MP_OKAY) { + goto E1; + } + if ((res = mp_add(&t1,&t2,&t1)) != MP_OKAY) { + goto E1; + } + if ((res = mp_div_2(&t1,&t1)) != MP_OKAY) { + goto E1; + } + /* t1 >= sqrt(arg) >= t2 at this point */ + } while (mp_cmp_mag(&t1,&t2) == MP_GT); + + mp_exch(&t1,ret); + +E1: mp_clear(&t2); +E2: mp_clear(&t1); + return res; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_sqrt.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_sub.c b/lib/hcrypto/libtommath/bn_mp_sub.c new file mode 100644 index 000000000000..f5015cce45e9 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_sub.c @@ -0,0 +1,59 @@ +#include +#ifdef BN_MP_SUB_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* high level subtraction (handles signs) */ +int +mp_sub (mp_int * a, mp_int * b, mp_int * c) +{ + int sa, sb, res; + + sa = a->sign; + sb = b->sign; + + if (sa != sb) { + /* subtract a negative from a positive, OR */ + /* subtract a positive from a negative. */ + /* In either case, ADD their magnitudes, */ + /* and use the sign of the first number. */ + c->sign = sa; + res = s_mp_add (a, b, c); + } else { + /* subtract a positive from a positive, OR */ + /* subtract a negative from a negative. */ + /* First, take the difference between their */ + /* magnitudes, then... */ + if (mp_cmp_mag (a, b) != MP_LT) { + /* Copy the sign from the first */ + c->sign = sa; + /* The first has a larger or equal magnitude */ + res = s_mp_sub (a, b, c); + } else { + /* The result has the *opposite* sign from */ + /* the first number. */ + c->sign = (sa == MP_ZPOS) ? MP_NEG : MP_ZPOS; + /* The second has a larger magnitude */ + res = s_mp_sub (b, a, c); + } + } + return res; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_sub.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_sub_d.c b/lib/hcrypto/libtommath/bn_mp_sub_d.c new file mode 100644 index 000000000000..06cdca636d93 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_sub_d.c @@ -0,0 +1,93 @@ +#include +#ifdef BN_MP_SUB_D_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* single digit subtraction */ +int +mp_sub_d (mp_int * a, mp_digit b, mp_int * c) +{ + mp_digit *tmpa, *tmpc, mu; + int res, ix, oldused; + + /* grow c as required */ + if (c->alloc < a->used + 1) { + if ((res = mp_grow(c, a->used + 1)) != MP_OKAY) { + return res; + } + } + + /* if a is negative just do an unsigned + * addition [with fudged signs] + */ + if (a->sign == MP_NEG) { + a->sign = MP_ZPOS; + res = mp_add_d(a, b, c); + a->sign = c->sign = MP_NEG; + + /* clamp */ + mp_clamp(c); + + return res; + } + + /* setup regs */ + oldused = c->used; + tmpa = a->dp; + tmpc = c->dp; + + /* if a <= b simply fix the single digit */ + if ((a->used == 1 && a->dp[0] <= b) || a->used == 0) { + if (a->used == 1) { + *tmpc++ = b - *tmpa; + } else { + *tmpc++ = b; + } + ix = 1; + + /* negative/1digit */ + c->sign = MP_NEG; + c->used = 1; + } else { + /* positive/size */ + c->sign = MP_ZPOS; + c->used = a->used; + + /* subtract first digit */ + *tmpc = *tmpa++ - b; + mu = *tmpc >> (sizeof(mp_digit) * CHAR_BIT - 1); + *tmpc++ &= MP_MASK; + + /* handle rest of the digits */ + for (ix = 1; ix < a->used; ix++) { + *tmpc = *tmpa++ - mu; + mu = *tmpc >> (sizeof(mp_digit) * CHAR_BIT - 1); + *tmpc++ &= MP_MASK; + } + } + + /* zero excess digits */ + while (ix++ < oldused) { + *tmpc++ = 0; + } + mp_clamp(c); + return MP_OKAY; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_sub_d.c,v $ */ +/* $Revision: 1.6 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_submod.c b/lib/hcrypto/libtommath/bn_mp_submod.c new file mode 100644 index 000000000000..869e23cded54 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_submod.c @@ -0,0 +1,42 @@ +#include +#ifdef BN_MP_SUBMOD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* d = a - b (mod c) */ +int +mp_submod (mp_int * a, mp_int * b, mp_int * c, mp_int * d) +{ + int res; + mp_int t; + + + if ((res = mp_init (&t)) != MP_OKAY) { + return res; + } + + if ((res = mp_sub (a, b, &t)) != MP_OKAY) { + mp_clear (&t); + return res; + } + res = mp_mod (&t, c, d); + mp_clear (&t); + return res; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_submod.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_to_signed_bin.c b/lib/hcrypto/libtommath/bn_mp_to_signed_bin.c new file mode 100644 index 000000000000..9df83ca52666 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_to_signed_bin.c @@ -0,0 +1,33 @@ +#include +#ifdef BN_MP_TO_SIGNED_BIN_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* store in signed [big endian] format */ +int mp_to_signed_bin (mp_int * a, unsigned char *b) +{ + int res; + + if ((res = mp_to_unsigned_bin (a, b + 1)) != MP_OKAY) { + return res; + } + b[0] = (unsigned char) ((a->sign == MP_ZPOS) ? 0 : 1); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_to_signed_bin.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_to_signed_bin_n.c b/lib/hcrypto/libtommath/bn_mp_to_signed_bin_n.c new file mode 100644 index 000000000000..677f827d4f40 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_to_signed_bin_n.c @@ -0,0 +1,31 @@ +#include +#ifdef BN_MP_TO_SIGNED_BIN_N_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* store in signed [big endian] format */ +int mp_to_signed_bin_n (mp_int * a, unsigned char *b, unsigned long *outlen) +{ + if (*outlen < (unsigned long)mp_signed_bin_size(a)) { + return MP_VAL; + } + *outlen = mp_signed_bin_size(a); + return mp_to_signed_bin(a, b); +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_to_signed_bin_n.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_to_unsigned_bin.c b/lib/hcrypto/libtommath/bn_mp_to_unsigned_bin.c new file mode 100644 index 000000000000..c137f104ac79 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_to_unsigned_bin.c @@ -0,0 +1,48 @@ +#include +#ifdef BN_MP_TO_UNSIGNED_BIN_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* store in unsigned [big endian] format */ +int mp_to_unsigned_bin (mp_int * a, unsigned char *b) +{ + int x, res; + mp_int t; + + if ((res = mp_init_copy (&t, a)) != MP_OKAY) { + return res; + } + + x = 0; + while (mp_iszero (&t) == 0) { +#ifndef MP_8BIT + b[x++] = (unsigned char) (t.dp[0] & 255); +#else + b[x++] = (unsigned char) (t.dp[0] | ((t.dp[1] & 0x01) << 7)); +#endif + if ((res = mp_div_2d (&t, 8, &t, NULL)) != MP_OKAY) { + mp_clear (&t); + return res; + } + } + bn_reverse (b, x); + mp_clear (&t); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_to_unsigned_bin.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_to_unsigned_bin_n.c b/lib/hcrypto/libtommath/bn_mp_to_unsigned_bin_n.c new file mode 100644 index 000000000000..0dc00c623d31 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_to_unsigned_bin_n.c @@ -0,0 +1,31 @@ +#include +#ifdef BN_MP_TO_UNSIGNED_BIN_N_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* store in unsigned [big endian] format */ +int mp_to_unsigned_bin_n (mp_int * a, unsigned char *b, unsigned long *outlen) +{ + if (*outlen < (unsigned long)mp_unsigned_bin_size(a)) { + return MP_VAL; + } + *outlen = mp_unsigned_bin_size(a); + return mp_to_unsigned_bin(a, b); +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_to_unsigned_bin_n.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_toom_mul.c b/lib/hcrypto/libtommath/bn_mp_toom_mul.c new file mode 100644 index 000000000000..b996342466c2 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_toom_mul.c @@ -0,0 +1,284 @@ +#include +#ifdef BN_MP_TOOM_MUL_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* multiplication using the Toom-Cook 3-way algorithm + * + * Much more complicated than Karatsuba but has a lower + * asymptotic running time of O(N**1.464). This algorithm is + * only particularly useful on VERY large inputs + * (we're talking 1000s of digits here...). +*/ +int mp_toom_mul(mp_int *a, mp_int *b, mp_int *c) +{ + mp_int w0, w1, w2, w3, w4, tmp1, tmp2, a0, a1, a2, b0, b1, b2; + int res, B; + + /* init temps */ + if ((res = mp_init_multi(&w0, &w1, &w2, &w3, &w4, + &a0, &a1, &a2, &b0, &b1, + &b2, &tmp1, &tmp2, NULL)) != MP_OKAY) { + return res; + } + + /* B */ + B = MIN(a->used, b->used) / 3; + + /* a = a2 * B**2 + a1 * B + a0 */ + if ((res = mp_mod_2d(a, DIGIT_BIT * B, &a0)) != MP_OKAY) { + goto ERR; + } + + if ((res = mp_copy(a, &a1)) != MP_OKAY) { + goto ERR; + } + mp_rshd(&a1, B); + mp_mod_2d(&a1, DIGIT_BIT * B, &a1); + + if ((res = mp_copy(a, &a2)) != MP_OKAY) { + goto ERR; + } + mp_rshd(&a2, B*2); + + /* b = b2 * B**2 + b1 * B + b0 */ + if ((res = mp_mod_2d(b, DIGIT_BIT * B, &b0)) != MP_OKAY) { + goto ERR; + } + + if ((res = mp_copy(b, &b1)) != MP_OKAY) { + goto ERR; + } + mp_rshd(&b1, B); + mp_mod_2d(&b1, DIGIT_BIT * B, &b1); + + if ((res = mp_copy(b, &b2)) != MP_OKAY) { + goto ERR; + } + mp_rshd(&b2, B*2); + + /* w0 = a0*b0 */ + if ((res = mp_mul(&a0, &b0, &w0)) != MP_OKAY) { + goto ERR; + } + + /* w4 = a2 * b2 */ + if ((res = mp_mul(&a2, &b2, &w4)) != MP_OKAY) { + goto ERR; + } + + /* w1 = (a2 + 2(a1 + 2a0))(b2 + 2(b1 + 2b0)) */ + if ((res = mp_mul_2(&a0, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul_2(&tmp1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a2, &tmp1)) != MP_OKAY) { + goto ERR; + } + + if ((res = mp_mul_2(&b0, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp2, &b1, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul_2(&tmp2, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp2, &b2, &tmp2)) != MP_OKAY) { + goto ERR; + } + + if ((res = mp_mul(&tmp1, &tmp2, &w1)) != MP_OKAY) { + goto ERR; + } + + /* w3 = (a0 + 2(a1 + 2a2))(b0 + 2(b1 + 2b2)) */ + if ((res = mp_mul_2(&a2, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul_2(&tmp1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a0, &tmp1)) != MP_OKAY) { + goto ERR; + } + + if ((res = mp_mul_2(&b2, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp2, &b1, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul_2(&tmp2, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp2, &b0, &tmp2)) != MP_OKAY) { + goto ERR; + } + + if ((res = mp_mul(&tmp1, &tmp2, &w3)) != MP_OKAY) { + goto ERR; + } + + + /* w2 = (a2 + a1 + a0)(b2 + b1 + b0) */ + if ((res = mp_add(&a2, &a1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a0, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&b2, &b1, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp2, &b0, &tmp2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul(&tmp1, &tmp2, &w2)) != MP_OKAY) { + goto ERR; + } + + /* now solve the matrix + + 0 0 0 0 1 + 1 2 4 8 16 + 1 1 1 1 1 + 16 8 4 2 1 + 1 0 0 0 0 + + using 12 subtractions, 4 shifts, + 2 small divisions and 1 small multiplication + */ + + /* r1 - r4 */ + if ((res = mp_sub(&w1, &w4, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - r0 */ + if ((res = mp_sub(&w3, &w0, &w3)) != MP_OKAY) { + goto ERR; + } + /* r1/2 */ + if ((res = mp_div_2(&w1, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3/2 */ + if ((res = mp_div_2(&w3, &w3)) != MP_OKAY) { + goto ERR; + } + /* r2 - r0 - r4 */ + if ((res = mp_sub(&w2, &w0, &w2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w2, &w4, &w2)) != MP_OKAY) { + goto ERR; + } + /* r1 - r2 */ + if ((res = mp_sub(&w1, &w2, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - r2 */ + if ((res = mp_sub(&w3, &w2, &w3)) != MP_OKAY) { + goto ERR; + } + /* r1 - 8r0 */ + if ((res = mp_mul_2d(&w0, 3, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w1, &tmp1, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - 8r4 */ + if ((res = mp_mul_2d(&w4, 3, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w3, &tmp1, &w3)) != MP_OKAY) { + goto ERR; + } + /* 3r2 - r1 - r3 */ + if ((res = mp_mul_d(&w2, 3, &w2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w2, &w1, &w2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w2, &w3, &w2)) != MP_OKAY) { + goto ERR; + } + /* r1 - r2 */ + if ((res = mp_sub(&w1, &w2, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - r2 */ + if ((res = mp_sub(&w3, &w2, &w3)) != MP_OKAY) { + goto ERR; + } + /* r1/3 */ + if ((res = mp_div_3(&w1, &w1, NULL)) != MP_OKAY) { + goto ERR; + } + /* r3/3 */ + if ((res = mp_div_3(&w3, &w3, NULL)) != MP_OKAY) { + goto ERR; + } + + /* at this point shift W[n] by B*n */ + if ((res = mp_lshd(&w1, 1*B)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_lshd(&w2, 2*B)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_lshd(&w3, 3*B)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_lshd(&w4, 4*B)) != MP_OKAY) { + goto ERR; + } + + if ((res = mp_add(&w0, &w1, c)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&w2, &w3, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&w4, &tmp1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, c, c)) != MP_OKAY) { + goto ERR; + } + +ERR: + mp_clear_multi(&w0, &w1, &w2, &w3, &w4, + &a0, &a1, &a2, &b0, &b1, + &b2, &tmp1, &tmp2, NULL); + return res; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_toom_mul.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_toom_sqr.c b/lib/hcrypto/libtommath/bn_mp_toom_sqr.c new file mode 100644 index 000000000000..48880d0350c1 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_toom_sqr.c @@ -0,0 +1,226 @@ +#include +#ifdef BN_MP_TOOM_SQR_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* squaring using Toom-Cook 3-way algorithm */ +int +mp_toom_sqr(mp_int *a, mp_int *b) +{ + mp_int w0, w1, w2, w3, w4, tmp1, a0, a1, a2; + int res, B; + + /* init temps */ + if ((res = mp_init_multi(&w0, &w1, &w2, &w3, &w4, &a0, &a1, &a2, &tmp1, NULL)) != MP_OKAY) { + return res; + } + + /* B */ + B = a->used / 3; + + /* a = a2 * B**2 + a1 * B + a0 */ + if ((res = mp_mod_2d(a, DIGIT_BIT * B, &a0)) != MP_OKAY) { + goto ERR; + } + + if ((res = mp_copy(a, &a1)) != MP_OKAY) { + goto ERR; + } + mp_rshd(&a1, B); + mp_mod_2d(&a1, DIGIT_BIT * B, &a1); + + if ((res = mp_copy(a, &a2)) != MP_OKAY) { + goto ERR; + } + mp_rshd(&a2, B*2); + + /* w0 = a0*a0 */ + if ((res = mp_sqr(&a0, &w0)) != MP_OKAY) { + goto ERR; + } + + /* w4 = a2 * a2 */ + if ((res = mp_sqr(&a2, &w4)) != MP_OKAY) { + goto ERR; + } + + /* w1 = (a2 + 2(a1 + 2a0))**2 */ + if ((res = mp_mul_2(&a0, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul_2(&tmp1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a2, &tmp1)) != MP_OKAY) { + goto ERR; + } + + if ((res = mp_sqr(&tmp1, &w1)) != MP_OKAY) { + goto ERR; + } + + /* w3 = (a0 + 2(a1 + 2a2))**2 */ + if ((res = mp_mul_2(&a2, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_mul_2(&tmp1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a0, &tmp1)) != MP_OKAY) { + goto ERR; + } + + if ((res = mp_sqr(&tmp1, &w3)) != MP_OKAY) { + goto ERR; + } + + + /* w2 = (a2 + a1 + a0)**2 */ + if ((res = mp_add(&a2, &a1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, &a0, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sqr(&tmp1, &w2)) != MP_OKAY) { + goto ERR; + } + + /* now solve the matrix + + 0 0 0 0 1 + 1 2 4 8 16 + 1 1 1 1 1 + 16 8 4 2 1 + 1 0 0 0 0 + + using 12 subtractions, 4 shifts, 2 small divisions and 1 small multiplication. + */ + + /* r1 - r4 */ + if ((res = mp_sub(&w1, &w4, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - r0 */ + if ((res = mp_sub(&w3, &w0, &w3)) != MP_OKAY) { + goto ERR; + } + /* r1/2 */ + if ((res = mp_div_2(&w1, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3/2 */ + if ((res = mp_div_2(&w3, &w3)) != MP_OKAY) { + goto ERR; + } + /* r2 - r0 - r4 */ + if ((res = mp_sub(&w2, &w0, &w2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w2, &w4, &w2)) != MP_OKAY) { + goto ERR; + } + /* r1 - r2 */ + if ((res = mp_sub(&w1, &w2, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - r2 */ + if ((res = mp_sub(&w3, &w2, &w3)) != MP_OKAY) { + goto ERR; + } + /* r1 - 8r0 */ + if ((res = mp_mul_2d(&w0, 3, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w1, &tmp1, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - 8r4 */ + if ((res = mp_mul_2d(&w4, 3, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w3, &tmp1, &w3)) != MP_OKAY) { + goto ERR; + } + /* 3r2 - r1 - r3 */ + if ((res = mp_mul_d(&w2, 3, &w2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w2, &w1, &w2)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_sub(&w2, &w3, &w2)) != MP_OKAY) { + goto ERR; + } + /* r1 - r2 */ + if ((res = mp_sub(&w1, &w2, &w1)) != MP_OKAY) { + goto ERR; + } + /* r3 - r2 */ + if ((res = mp_sub(&w3, &w2, &w3)) != MP_OKAY) { + goto ERR; + } + /* r1/3 */ + if ((res = mp_div_3(&w1, &w1, NULL)) != MP_OKAY) { + goto ERR; + } + /* r3/3 */ + if ((res = mp_div_3(&w3, &w3, NULL)) != MP_OKAY) { + goto ERR; + } + + /* at this point shift W[n] by B*n */ + if ((res = mp_lshd(&w1, 1*B)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_lshd(&w2, 2*B)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_lshd(&w3, 3*B)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_lshd(&w4, 4*B)) != MP_OKAY) { + goto ERR; + } + + if ((res = mp_add(&w0, &w1, b)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&w2, &w3, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&w4, &tmp1, &tmp1)) != MP_OKAY) { + goto ERR; + } + if ((res = mp_add(&tmp1, b, b)) != MP_OKAY) { + goto ERR; + } + +ERR: + mp_clear_multi(&w0, &w1, &w2, &w3, &w4, &a0, &a1, &a2, &tmp1, NULL); + return res; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_toom_sqr.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_toradix.c b/lib/hcrypto/libtommath/bn_mp_toradix.c new file mode 100644 index 000000000000..0adc28d2fdb8 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_toradix.c @@ -0,0 +1,75 @@ +#include +#ifdef BN_MP_TORADIX_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* stores a bignum as a ASCII string in a given radix (2..64) */ +int mp_toradix (mp_int * a, char *str, int radix) +{ + int res, digs; + mp_int t; + mp_digit d; + char *_s = str; + + /* check range of the radix */ + if (radix < 2 || radix > 64) { + return MP_VAL; + } + + /* quick out if its zero */ + if (mp_iszero(a) == 1) { + *str++ = '0'; + *str = '\0'; + return MP_OKAY; + } + + if ((res = mp_init_copy (&t, a)) != MP_OKAY) { + return res; + } + + /* if it is negative output a - */ + if (t.sign == MP_NEG) { + ++_s; + *str++ = '-'; + t.sign = MP_ZPOS; + } + + digs = 0; + while (mp_iszero (&t) == 0) { + if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) { + mp_clear (&t); + return res; + } + *str++ = mp_s_rmap[d]; + ++digs; + } + + /* reverse the digits of the string. In this case _s points + * to the first digit [exluding the sign] of the number] + */ + bn_reverse ((unsigned char *)_s, digs); + + /* append a NULL so the string is properly terminated */ + *str = '\0'; + + mp_clear (&t); + return MP_OKAY; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_toradix.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_toradix_n.c b/lib/hcrypto/libtommath/bn_mp_toradix_n.c new file mode 100644 index 000000000000..28085124ea99 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_toradix_n.c @@ -0,0 +1,88 @@ +#include +#ifdef BN_MP_TORADIX_N_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* stores a bignum as a ASCII string in a given radix (2..64) + * + * Stores upto maxlen-1 chars and always a NULL byte + */ +int mp_toradix_n(mp_int * a, char *str, int radix, int maxlen) +{ + int res, digs; + mp_int t; + mp_digit d; + char *_s = str; + + /* check range of the maxlen, radix */ + if (maxlen < 2 || radix < 2 || radix > 64) { + return MP_VAL; + } + + /* quick out if its zero */ + if (mp_iszero(a) == MP_YES) { + *str++ = '0'; + *str = '\0'; + return MP_OKAY; + } + + if ((res = mp_init_copy (&t, a)) != MP_OKAY) { + return res; + } + + /* if it is negative output a - */ + if (t.sign == MP_NEG) { + /* we have to reverse our digits later... but not the - sign!! */ + ++_s; + + /* store the flag and mark the number as positive */ + *str++ = '-'; + t.sign = MP_ZPOS; + + /* subtract a char */ + --maxlen; + } + + digs = 0; + while (mp_iszero (&t) == 0) { + if (--maxlen < 1) { + /* no more room */ + break; + } + if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) { + mp_clear (&t); + return res; + } + *str++ = mp_s_rmap[d]; + ++digs; + } + + /* reverse the digits of the string. In this case _s points + * to the first digit [exluding the sign] of the number + */ + bn_reverse ((unsigned char *)_s, digs); + + /* append a NULL so the string is properly terminated */ + *str = '\0'; + + mp_clear (&t); + return MP_OKAY; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_toradix_n.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_unsigned_bin_size.c b/lib/hcrypto/libtommath/bn_mp_unsigned_bin_size.c new file mode 100644 index 000000000000..6dc3bd5fc1bf --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_unsigned_bin_size.c @@ -0,0 +1,28 @@ +#include +#ifdef BN_MP_UNSIGNED_BIN_SIZE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* get the size for an unsigned equivalent */ +int mp_unsigned_bin_size (mp_int * a) +{ + int size = mp_count_bits (a); + return (size / 8 + ((size & 7) != 0 ? 1 : 0)); +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_unsigned_bin_size.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_xor.c b/lib/hcrypto/libtommath/bn_mp_xor.c new file mode 100644 index 000000000000..59ff2e183207 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_xor.c @@ -0,0 +1,51 @@ +#include +#ifdef BN_MP_XOR_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* XOR two ints together */ +int +mp_xor (mp_int * a, mp_int * b, mp_int * c) +{ + int res, ix, px; + mp_int t, *x; + + if (a->used > b->used) { + if ((res = mp_init_copy (&t, a)) != MP_OKAY) { + return res; + } + px = b->used; + x = b; + } else { + if ((res = mp_init_copy (&t, b)) != MP_OKAY) { + return res; + } + px = a->used; + x = a; + } + + for (ix = 0; ix < px; ix++) { + t.dp[ix] ^= x->dp[ix]; + } + mp_clamp (&t); + mp_exch (c, &t); + mp_clear (&t); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_xor.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_zero.c b/lib/hcrypto/libtommath/bn_mp_zero.c new file mode 100644 index 000000000000..b0977d443164 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_zero.c @@ -0,0 +1,36 @@ +#include +#ifdef BN_MP_ZERO_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* set to zero */ +void mp_zero (mp_int * a) +{ + int n; + mp_digit *tmp; + + a->sign = MP_ZPOS; + a->used = 0; + + tmp = a->dp; + for (n = 0; n < a->alloc; n++) { + *tmp++ = 0; + } +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_zero.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_mp_zero_multi.c b/lib/hcrypto/libtommath/bn_mp_zero_multi.c new file mode 100644 index 000000000000..339a75fbf85d --- /dev/null +++ b/lib/hcrypto/libtommath/bn_mp_zero_multi.c @@ -0,0 +1,35 @@ +#include +#ifdef BN_MP_ZERO_MULTI_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ +#include + +/* set to zero */ +void mp_zero_multi (mp_int * mp, ...) +{ + mp_int* next_mp = mp; + va_list args; + va_start(args, mp); + while (next_mp != NULL) { + mp_zero(next_mp); + next_mp = va_arg(args, mp_int*); + } + va_end(args); +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_mp_zero.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_prime_tab.c b/lib/hcrypto/libtommath/bn_prime_tab.c new file mode 100644 index 000000000000..bd252477ec6a --- /dev/null +++ b/lib/hcrypto/libtommath/bn_prime_tab.c @@ -0,0 +1,61 @@ +#include +#ifdef BN_PRIME_TAB_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ +const mp_digit ltm_prime_tab[] = { + 0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013, + 0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035, + 0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059, + 0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F, +#ifndef MP_8BIT + 0x0083, + 0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD, + 0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF, + 0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107, + 0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137, + + 0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167, + 0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199, + 0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9, + 0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7, + 0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239, + 0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265, + 0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293, + 0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF, + + 0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301, + 0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B, + 0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371, + 0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD, + 0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5, + 0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419, + 0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449, + 0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B, + + 0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7, + 0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503, + 0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529, + 0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F, + 0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3, + 0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7, + 0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623, + 0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653 +#endif +}; +#endif + +/* $Source: /cvs/libtom/libtommath/bn_prime_tab.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_reverse.c b/lib/hcrypto/libtommath/bn_reverse.c new file mode 100644 index 000000000000..ddfa827a09f5 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_reverse.c @@ -0,0 +1,39 @@ +#include +#ifdef BN_REVERSE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* reverse an array, used for radix code */ +void +bn_reverse (unsigned char *s, int len) +{ + int ix, iy; + unsigned char t; + + ix = 0; + iy = len - 1; + while (ix < iy) { + t = s[ix]; + s[ix] = s[iy]; + s[iy] = t; + ++ix; + --iy; + } +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_reverse.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_s_mp_add.c b/lib/hcrypto/libtommath/bn_s_mp_add.c new file mode 100644 index 000000000000..e7f54f4cf1e4 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_s_mp_add.c @@ -0,0 +1,109 @@ +#include +#ifdef BN_S_MP_ADD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* low level addition, based on HAC pp.594, Algorithm 14.7 */ +int +s_mp_add (mp_int * a, mp_int * b, mp_int * c) +{ + mp_int *x; + int olduse, res, min, max; + + /* find sizes, we let |a| <= |b| which means we have to sort + * them. "x" will point to the input with the most digits + */ + if (a->used > b->used) { + min = b->used; + max = a->used; + x = a; + } else { + min = a->used; + max = b->used; + x = b; + } + + /* init result */ + if (c->alloc < max + 1) { + if ((res = mp_grow (c, max + 1)) != MP_OKAY) { + return res; + } + } + + /* get old used digit count and set new one */ + olduse = c->used; + c->used = max + 1; + + { + register mp_digit u, *tmpa, *tmpb, *tmpc; + register int i; + + /* alias for digit pointers */ + + /* first input */ + tmpa = a->dp; + + /* second input */ + tmpb = b->dp; + + /* destination */ + tmpc = c->dp; + + /* zero the carry */ + u = 0; + for (i = 0; i < min; i++) { + /* Compute the sum at one digit, T[i] = A[i] + B[i] + U */ + *tmpc = *tmpa++ + *tmpb++ + u; + + /* U = carry bit of T[i] */ + u = *tmpc >> ((mp_digit)DIGIT_BIT); + + /* take away carry bit from T[i] */ + *tmpc++ &= MP_MASK; + } + + /* now copy higher words if any, that is in A+B + * if A or B has more digits add those in + */ + if (min != max) { + for (; i < max; i++) { + /* T[i] = X[i] + U */ + *tmpc = x->dp[i] + u; + + /* U = carry bit of T[i] */ + u = *tmpc >> ((mp_digit)DIGIT_BIT); + + /* take away carry bit from T[i] */ + *tmpc++ &= MP_MASK; + } + } + + /* add carry */ + *tmpc++ = u; + + /* clear digits above oldused */ + for (i = c->used; i < olduse; i++) { + *tmpc++ = 0; + } + } + + mp_clamp (c); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_s_mp_add.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_s_mp_exptmod.c b/lib/hcrypto/libtommath/bn_s_mp_exptmod.c new file mode 100644 index 000000000000..deb4b4ddb161 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_s_mp_exptmod.c @@ -0,0 +1,252 @@ +#include +#ifdef BN_S_MP_EXPTMOD_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ +#ifdef MP_LOW_MEM + #define TAB_SIZE 32 +#else + #define TAB_SIZE 256 +#endif + +int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode) +{ + mp_int M[TAB_SIZE], res, mu; + mp_digit buf; + int err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize; + int (*redux)(mp_int*,mp_int*,mp_int*); + + /* find window size */ + x = mp_count_bits (X); + if (x <= 7) { + winsize = 2; + } else if (x <= 36) { + winsize = 3; + } else if (x <= 140) { + winsize = 4; + } else if (x <= 450) { + winsize = 5; + } else if (x <= 1303) { + winsize = 6; + } else if (x <= 3529) { + winsize = 7; + } else { + winsize = 8; + } + +#ifdef MP_LOW_MEM + if (winsize > 5) { + winsize = 5; + } +#endif + + /* init M array */ + /* init first cell */ + if ((err = mp_init(&M[1])) != MP_OKAY) { + return err; + } + + /* now init the second half of the array */ + for (x = 1<<(winsize-1); x < (1 << winsize); x++) { + if ((err = mp_init(&M[x])) != MP_OKAY) { + for (y = 1<<(winsize-1); y < x; y++) { + mp_clear (&M[y]); + } + mp_clear(&M[1]); + return err; + } + } + + /* create mu, used for Barrett reduction */ + if ((err = mp_init (&mu)) != MP_OKAY) { + goto LBL_M; + } + + if (redmode == 0) { + if ((err = mp_reduce_setup (&mu, P)) != MP_OKAY) { + goto LBL_MU; + } + redux = mp_reduce; + } else { + if ((err = mp_reduce_2k_setup_l (P, &mu)) != MP_OKAY) { + goto LBL_MU; + } + redux = mp_reduce_2k_l; + } + + /* create M table + * + * The M table contains powers of the base, + * e.g. M[x] = G**x mod P + * + * The first half of the table is not + * computed though accept for M[0] and M[1] + */ + if ((err = mp_mod (G, P, &M[1])) != MP_OKAY) { + goto LBL_MU; + } + + /* compute the value at M[1<<(winsize-1)] by squaring + * M[1] (winsize-1) times + */ + if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) { + goto LBL_MU; + } + + for (x = 0; x < (winsize - 1); x++) { + /* square it */ + if ((err = mp_sqr (&M[1 << (winsize - 1)], + &M[1 << (winsize - 1)])) != MP_OKAY) { + goto LBL_MU; + } + + /* reduce modulo P */ + if ((err = redux (&M[1 << (winsize - 1)], P, &mu)) != MP_OKAY) { + goto LBL_MU; + } + } + + /* create upper table, that is M[x] = M[x-1] * M[1] (mod P) + * for x = (2**(winsize - 1) + 1) to (2**winsize - 1) + */ + for (x = (1 << (winsize - 1)) + 1; x < (1 << winsize); x++) { + if ((err = mp_mul (&M[x - 1], &M[1], &M[x])) != MP_OKAY) { + goto LBL_MU; + } + if ((err = redux (&M[x], P, &mu)) != MP_OKAY) { + goto LBL_MU; + } + } + + /* setup result */ + if ((err = mp_init (&res)) != MP_OKAY) { + goto LBL_MU; + } + mp_set (&res, 1); + + /* set initial mode and bit cnt */ + mode = 0; + bitcnt = 1; + buf = 0; + digidx = X->used - 1; + bitcpy = 0; + bitbuf = 0; + + for (;;) { + /* grab next digit as required */ + if (--bitcnt == 0) { + /* if digidx == -1 we are out of digits */ + if (digidx == -1) { + break; + } + /* read next digit and reset the bitcnt */ + buf = X->dp[digidx--]; + bitcnt = (int) DIGIT_BIT; + } + + /* grab the next msb from the exponent */ + y = (buf >> (mp_digit)(DIGIT_BIT - 1)) & 1; + buf <<= (mp_digit)1; + + /* if the bit is zero and mode == 0 then we ignore it + * These represent the leading zero bits before the first 1 bit + * in the exponent. Technically this opt is not required but it + * does lower the # of trivial squaring/reductions used + */ + if (mode == 0 && y == 0) { + continue; + } + + /* if the bit is zero and mode == 1 then we square */ + if (mode == 1 && y == 0) { + if ((err = mp_sqr (&res, &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux (&res, P, &mu)) != MP_OKAY) { + goto LBL_RES; + } + continue; + } + + /* else we add it to the window */ + bitbuf |= (y << (winsize - ++bitcpy)); + mode = 2; + + if (bitcpy == winsize) { + /* ok window is filled so square as required and multiply */ + /* square first */ + for (x = 0; x < winsize; x++) { + if ((err = mp_sqr (&res, &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux (&res, P, &mu)) != MP_OKAY) { + goto LBL_RES; + } + } + + /* then multiply */ + if ((err = mp_mul (&res, &M[bitbuf], &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux (&res, P, &mu)) != MP_OKAY) { + goto LBL_RES; + } + + /* empty window and reset */ + bitcpy = 0; + bitbuf = 0; + mode = 1; + } + } + + /* if bits remain then square/multiply */ + if (mode == 2 && bitcpy > 0) { + /* square then multiply if the bit is set */ + for (x = 0; x < bitcpy; x++) { + if ((err = mp_sqr (&res, &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux (&res, P, &mu)) != MP_OKAY) { + goto LBL_RES; + } + + bitbuf <<= 1; + if ((bitbuf & (1 << winsize)) != 0) { + /* then multiply */ + if ((err = mp_mul (&res, &M[1], &res)) != MP_OKAY) { + goto LBL_RES; + } + if ((err = redux (&res, P, &mu)) != MP_OKAY) { + goto LBL_RES; + } + } + } + } + + mp_exch (&res, Y); + err = MP_OKAY; +LBL_RES:mp_clear (&res); +LBL_MU:mp_clear (&mu); +LBL_M: + mp_clear(&M[1]); + for (x = 1<<(winsize-1); x < (1 << winsize); x++) { + mp_clear (&M[x]); + } + return err; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_s_mp_exptmod.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_s_mp_mul_digs.c b/lib/hcrypto/libtommath/bn_s_mp_mul_digs.c new file mode 100644 index 000000000000..c5892181f9f1 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_s_mp_mul_digs.c @@ -0,0 +1,90 @@ +#include +#ifdef BN_S_MP_MUL_DIGS_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* multiplies |a| * |b| and only computes upto digs digits of result + * HAC pp. 595, Algorithm 14.12 Modified so you can control how + * many digits of output are created. + */ +int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) +{ + mp_int t; + int res, pa, pb, ix, iy; + mp_digit u; + mp_word r; + mp_digit tmpx, *tmpt, *tmpy; + + /* can we use the fast multiplier? */ + if (((digs) < MP_WARRAY) && + MIN (a->used, b->used) < + (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + return fast_s_mp_mul_digs (a, b, c, digs); + } + + if ((res = mp_init_size (&t, digs)) != MP_OKAY) { + return res; + } + t.used = digs; + + /* compute the digits of the product directly */ + pa = a->used; + for (ix = 0; ix < pa; ix++) { + /* set the carry to zero */ + u = 0; + + /* limit ourselves to making digs digits of output */ + pb = MIN (b->used, digs - ix); + + /* setup some aliases */ + /* copy of the digit from a used within the nested loop */ + tmpx = a->dp[ix]; + + /* an alias for the destination shifted ix places */ + tmpt = t.dp + ix; + + /* an alias for the digits of b */ + tmpy = b->dp; + + /* compute the columns of the output and propagate the carry */ + for (iy = 0; iy < pb; iy++) { + /* compute the column as a mp_word */ + r = ((mp_word)*tmpt) + + ((mp_word)tmpx) * ((mp_word)*tmpy++) + + ((mp_word) u); + + /* the new column is the lower part of the result */ + *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK)); + + /* get the carry word from the result */ + u = (mp_digit) (r >> ((mp_word) DIGIT_BIT)); + } + /* set carry if it is placed below digs */ + if (ix + iy < digs) { + *tmpt = u; + } + } + + mp_clamp (&t); + mp_exch (&t, c); + + mp_clear (&t); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_s_mp_mul_digs.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_s_mp_mul_high_digs.c b/lib/hcrypto/libtommath/bn_s_mp_mul_high_digs.c new file mode 100644 index 000000000000..2b718f23ccfc --- /dev/null +++ b/lib/hcrypto/libtommath/bn_s_mp_mul_high_digs.c @@ -0,0 +1,81 @@ +#include +#ifdef BN_S_MP_MUL_HIGH_DIGS_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* multiplies |a| * |b| and does not compute the lower digs digits + * [meant to get the higher part of the product] + */ +int +s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) +{ + mp_int t; + int res, pa, pb, ix, iy; + mp_digit u; + mp_word r; + mp_digit tmpx, *tmpt, *tmpy; + + /* can we use the fast multiplier? */ +#ifdef BN_FAST_S_MP_MUL_HIGH_DIGS_C + if (((a->used + b->used + 1) < MP_WARRAY) + && MIN (a->used, b->used) < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + return fast_s_mp_mul_high_digs (a, b, c, digs); + } +#endif + + if ((res = mp_init_size (&t, a->used + b->used + 1)) != MP_OKAY) { + return res; + } + t.used = a->used + b->used + 1; + + pa = a->used; + pb = b->used; + for (ix = 0; ix < pa; ix++) { + /* clear the carry */ + u = 0; + + /* left hand side of A[ix] * B[iy] */ + tmpx = a->dp[ix]; + + /* alias to the address of where the digits will be stored */ + tmpt = &(t.dp[digs]); + + /* alias for where to read the right hand side from */ + tmpy = b->dp + (digs - ix); + + for (iy = digs - ix; iy < pb; iy++) { + /* calculate the double precision result */ + r = ((mp_word)*tmpt) + + ((mp_word)tmpx) * ((mp_word)*tmpy++) + + ((mp_word) u); + + /* get the lower part */ + *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK)); + + /* carry the carry */ + u = (mp_digit) (r >> ((mp_word) DIGIT_BIT)); + } + *tmpt = u; + } + mp_clamp (&t); + mp_exch (&t, c); + mp_clear (&t); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_s_mp_mul_high_digs.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_s_mp_sqr.c b/lib/hcrypto/libtommath/bn_s_mp_sqr.c new file mode 100644 index 000000000000..c1c3826db5f5 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_s_mp_sqr.c @@ -0,0 +1,84 @@ +#include +#ifdef BN_S_MP_SQR_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* low level squaring, b = a*a, HAC pp.596-597, Algorithm 14.16 */ +int s_mp_sqr (mp_int * a, mp_int * b) +{ + mp_int t; + int res, ix, iy, pa; + mp_word r; + mp_digit u, tmpx, *tmpt; + + pa = a->used; + if ((res = mp_init_size (&t, 2*pa + 1)) != MP_OKAY) { + return res; + } + + /* default used is maximum possible size */ + t.used = 2*pa + 1; + + for (ix = 0; ix < pa; ix++) { + /* first calculate the digit at 2*ix */ + /* calculate double precision result */ + r = ((mp_word) t.dp[2*ix]) + + ((mp_word)a->dp[ix])*((mp_word)a->dp[ix]); + + /* store lower part in result */ + t.dp[ix+ix] = (mp_digit) (r & ((mp_word) MP_MASK)); + + /* get the carry */ + u = (mp_digit)(r >> ((mp_word) DIGIT_BIT)); + + /* left hand side of A[ix] * A[iy] */ + tmpx = a->dp[ix]; + + /* alias for where to store the results */ + tmpt = t.dp + (2*ix + 1); + + for (iy = ix + 1; iy < pa; iy++) { + /* first calculate the product */ + r = ((mp_word)tmpx) * ((mp_word)a->dp[iy]); + + /* now calculate the double precision result, note we use + * addition instead of *2 since it's easier to optimize + */ + r = ((mp_word) *tmpt) + r + r + ((mp_word) u); + + /* store lower part */ + *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK)); + + /* get carry */ + u = (mp_digit)(r >> ((mp_word) DIGIT_BIT)); + } + /* propagate upwards */ + while (u != ((mp_digit) 0)) { + r = ((mp_word) *tmpt) + ((mp_word) u); + *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK)); + u = (mp_digit)(r >> ((mp_word) DIGIT_BIT)); + } + } + + mp_clamp (&t); + mp_exch (&t, b); + mp_clear (&t); + return MP_OKAY; +} +#endif + +/* $Source: /cvs/libtom/libtommath/bn_s_mp_sqr.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bn_s_mp_sub.c b/lib/hcrypto/libtommath/bn_s_mp_sub.c new file mode 100644 index 000000000000..6a60c3932c44 --- /dev/null +++ b/lib/hcrypto/libtommath/bn_s_mp_sub.c @@ -0,0 +1,89 @@ +#include +#ifdef BN_S_MP_SUB_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* low level subtraction (assumes |a| > |b|), HAC pp.595 Algorithm 14.9 */ +int +s_mp_sub (mp_int * a, mp_int * b, mp_int * c) +{ + int olduse, res, min, max; + + /* find sizes */ + min = b->used; + max = a->used; + + /* init result */ + if (c->alloc < max) { + if ((res = mp_grow (c, max)) != MP_OKAY) { + return res; + } + } + olduse = c->used; + c->used = max; + + { + register mp_digit u, *tmpa, *tmpb, *tmpc; + register int i; + + /* alias for digit pointers */ + tmpa = a->dp; + tmpb = b->dp; + tmpc = c->dp; + + /* set carry to zero */ + u = 0; + for (i = 0; i < min; i++) { + /* T[i] = A[i] - B[i] - U */ + *tmpc = *tmpa++ - *tmpb++ - u; + + /* U = carry bit of T[i] + * Note this saves performing an AND operation since + * if a carry does occur it will propagate all the way to the + * MSB. As a result a single shift is enough to get the carry + */ + u = *tmpc >> ((mp_digit)(CHAR_BIT * sizeof (mp_digit) - 1)); + + /* Clear carry from T[i] */ + *tmpc++ &= MP_MASK; + } + + /* now copy higher words if any, e.g. if A has more digits than B */ + for (; i < max; i++) { + /* T[i] = A[i] - U */ + *tmpc = *tmpa++ - u; + + /* U = carry bit of T[i] */ + u = *tmpc >> ((mp_digit)(CHAR_BIT * sizeof (mp_digit) - 1)); + + /* Clear carry from T[i] */ + *tmpc++ &= MP_MASK; + } + + /* clear digits above used (since we may not have grown result above) */ + for (i = c->used; i < olduse; i++) { + *tmpc++ = 0; + } + } + + mp_clamp (c); + return MP_OKAY; +} + +#endif + +/* $Source: /cvs/libtom/libtommath/bn_s_mp_sub.c,v $ */ +/* $Revision: 1.4 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/bncore.c b/lib/hcrypto/libtommath/bncore.c new file mode 100644 index 000000000000..919e3b33b02e --- /dev/null +++ b/lib/hcrypto/libtommath/bncore.c @@ -0,0 +1,36 @@ +#include +#ifdef BNCORE_C +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +/* Known optimal configurations + + CPU /Compiler /MUL CUTOFF/SQR CUTOFF +------------------------------------------------------------- + Intel P4 Northwood /GCC v3.4.1 / 88/ 128/LTM 0.32 ;-) + AMD Athlon64 /GCC v3.4.4 / 80/ 120/LTM 0.35 + +*/ + +int KARATSUBA_MUL_CUTOFF = 80, /* Min. number of digits before Karatsuba multiplication is used. */ + KARATSUBA_SQR_CUTOFF = 120, /* Min. number of digits before Karatsuba squaring is used. */ + + TOOM_MUL_CUTOFF = 350, /* no optimal values of these are known yet so set em high */ + TOOM_SQR_CUTOFF = 400; +#endif + +/* $Source: /cvs/libtom/libtommath/bncore.c,v $ */ +/* $Revision: 1.5 $ */ +/* $Date: 2006/12/28 01:25:13 $ */ diff --git a/lib/hcrypto/libtommath/tommath.h b/lib/hcrypto/libtommath/tommath.h new file mode 100644 index 000000000000..67d3b06af66d --- /dev/null +++ b/lib/hcrypto/libtommath/tommath.h @@ -0,0 +1,592 @@ +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://math.libtomcrypt.com + */ +#ifndef BN_H_ +#define BN_H_ + +#include +#include +#include +#include +#include + +#include + +#ifndef MIN + #define MIN(x,y) ((x)<(y)?(x):(y)) +#endif + +#ifndef MAX + #define MAX(x,y) ((x)>(y)?(x):(y)) +#endif + +#ifdef __cplusplus +extern "C" { + +/* C++ compilers don't like assigning void * to mp_digit * */ +#define OPT_CAST(x) (x *) + +#else + +/* C on the other hand doesn't care */ +#define OPT_CAST(x) + +#endif + + +/* detect 64-bit mode if possible */ +#if defined(__x86_64__) + #if !(defined(MP_64BIT) && defined(MP_16BIT) && defined(MP_8BIT)) + #define MP_64BIT + #endif +#endif + +/* some default configurations. + * + * A "mp_digit" must be able to hold DIGIT_BIT + 1 bits + * A "mp_word" must be able to hold 2*DIGIT_BIT + 1 bits + * + * At the very least a mp_digit must be able to hold 7 bits + * [any size beyond that is ok provided it doesn't overflow the data type] + */ +#ifdef MP_8BIT + typedef unsigned char mp_digit; + typedef unsigned short mp_word; +#elif defined(MP_16BIT) + typedef unsigned short mp_digit; + typedef unsigned long mp_word; +#elif defined(MP_64BIT) + /* for GCC only on supported platforms */ +#ifndef CRYPT + typedef unsigned long long ulong64; + typedef signed long long long64; +#endif + + typedef unsigned long mp_digit; + typedef unsigned long mp_word __attribute__ ((mode(TI))); + + #define DIGIT_BIT 60 +#else + /* this is the default case, 28-bit digits */ + + /* this is to make porting into LibTomCrypt easier :-) */ +#ifndef CRYPT + #if defined(_MSC_VER) || defined(__BORLANDC__) + typedef unsigned __int64 ulong64; + typedef signed __int64 long64; + #else + typedef unsigned long long ulong64; + typedef signed long long long64; + #endif +#endif + + typedef unsigned long mp_digit; + typedef ulong64 mp_word; + +#ifdef MP_31BIT + /* this is an extension that uses 31-bit digits */ + #define DIGIT_BIT 31 +#else + /* default case is 28-bit digits, defines MP_28BIT as a handy macro to test */ + #define DIGIT_BIT 28 + #define MP_28BIT +#endif +#endif + +/* define heap macros */ +#ifndef CRYPT + /* default to libc stuff */ + #ifndef XMALLOC + #define XMALLOC malloc + #define XFREE free + #define XREALLOC realloc + #define XCALLOC calloc + #else + /* prototypes for our heap functions */ + extern void *XMALLOC(size_t n); + extern void *XREALLOC(void *p, size_t n); + extern void *XCALLOC(size_t n, size_t s); + extern void XFREE(void *p); + #endif +#endif + + +/* otherwise the bits per digit is calculated automatically from the size of a mp_digit */ +#ifndef DIGIT_BIT + #define DIGIT_BIT ((int)((CHAR_BIT * sizeof(mp_digit) - 1))) /* bits per digit */ +#endif + +#define MP_DIGIT_BIT DIGIT_BIT +#define MP_MASK ((((mp_digit)1)<<((mp_digit)DIGIT_BIT))-((mp_digit)1)) +#define MP_DIGIT_MAX MP_MASK + +/* equalities */ +#define MP_LT -1 /* less than */ +#define MP_EQ 0 /* equal to */ +#define MP_GT 1 /* greater than */ + +#define MP_ZPOS 0 /* positive integer */ +#define MP_NEG 1 /* negative */ + +#define MP_OKAY 0 /* ok result */ +#define MP_MEM -2 /* out of mem */ +#define MP_VAL -3 /* invalid input */ +#define MP_RANGE MP_VAL + +#define MP_YES 1 /* yes response */ +#define MP_NO 0 /* no response */ + +/* Primality generation flags */ +#define LTM_PRIME_BBS 0x0001 /* BBS style prime */ +#define LTM_PRIME_SAFE 0x0002 /* Safe prime (p-1)/2 == prime */ +#define LTM_PRIME_2MSB_ON 0x0008 /* force 2nd MSB to 1 */ + +typedef int mp_err; + +/* you'll have to tune these... */ +extern int KARATSUBA_MUL_CUTOFF, + KARATSUBA_SQR_CUTOFF, + TOOM_MUL_CUTOFF, + TOOM_SQR_CUTOFF; + +/* define this to use lower memory usage routines (exptmods mostly) */ +/* #define MP_LOW_MEM */ + +/* default precision */ +#ifndef MP_PREC + #ifndef MP_LOW_MEM + #define MP_PREC 32 /* default digits of precision */ + #else + #define MP_PREC 8 /* default digits of precision */ + #endif +#endif + +/* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD - BITS_PER_DIGIT*2) */ +#define MP_WARRAY (1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1)) + +/* the infamous mp_int structure */ +typedef struct { + int used, alloc, sign; + mp_digit *dp; +} mp_int; + +/* callback for mp_prime_random, should fill dst with random bytes and return how many read [upto len] */ +typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat); + + +#define USED(m) ((m)->used) +#define DIGIT(m,k) ((m)->dp[(k)]) +#define SIGN(m) ((m)->sign) + +/* error code to char* string */ +char *mp_error_to_string(int code); + +/* ---> init and deinit bignum functions <--- */ +/* init a bignum */ +int mp_init(mp_int *a); + +/* free a bignum */ +void mp_clear(mp_int *a); + +/* init a null terminated series of arguments */ +int mp_init_multi(mp_int *mp, ...); + +/* clear a null terminated series of arguments */ +void mp_clear_multi(mp_int *mp, ...); + +/* exchange two ints */ +void mp_exch(mp_int *a, mp_int *b); + +/* shrink ram required for a bignum */ +int mp_shrink(mp_int *a); + +/* grow an int to a given size */ +int mp_grow(mp_int *a, int size); + +/* init to a given number of digits */ +int mp_init_size(mp_int *a, int size); + +/* ---> Basic Manipulations <--- */ +#define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO) +#define mp_iseven(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? MP_YES : MP_NO) +#define mp_isodd(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? MP_YES : MP_NO) +#define mp_isneg(a) (((a)->sign) ? MP_YES : MP_NO) + +/* set to zero */ +void mp_zero(mp_int *a); + +/* set to zero, multi */ +void mp_zero_multi(mp_int *a, ...); + +/* set to a digit */ +void mp_set(mp_int *a, mp_digit b); + +/* set a 32-bit const */ +int mp_set_int(mp_int *a, unsigned long b); + +/* get a 32-bit value */ +unsigned long mp_get_int(mp_int * a); + +/* initialize and set a digit */ +int mp_init_set (mp_int * a, mp_digit b); + +/* initialize and set 32-bit value */ +int mp_init_set_int (mp_int * a, unsigned long b); + +/* copy, b = a */ +int mp_copy(mp_int *a, mp_int *b); + +/* inits and copies, a = b */ +int mp_init_copy(mp_int *a, mp_int *b); + +/* trim unused digits */ +void mp_clamp(mp_int *a); + +/* ---> digit manipulation <--- */ + +/* right shift by "b" digits */ +void mp_rshd(mp_int *a, int b); + +/* left shift by "b" digits */ +int mp_lshd(mp_int *a, int b); + +/* c = a / 2**b */ +int mp_div_2d(mp_int *a, int b, mp_int *c, mp_int *d); + +/* b = a/2 */ +int mp_div_2(mp_int *a, mp_int *b); + +/* c = a * 2**b */ +int mp_mul_2d(mp_int *a, int b, mp_int *c); + +/* b = a*2 */ +int mp_mul_2(mp_int *a, mp_int *b); + +/* c = a mod 2**d */ +int mp_mod_2d(mp_int *a, int b, mp_int *c); + +/* computes a = 2**b */ +int mp_2expt(mp_int *a, int b); + +/* Counts the number of lsbs which are zero before the first zero bit */ +int mp_cnt_lsb(mp_int *a); + +/* I Love Earth! */ + +/* makes a pseudo-random int of a given size */ +int mp_rand(mp_int *a, int digits); + +/* ---> binary operations <--- */ +/* c = a XOR b */ +int mp_xor(mp_int *a, mp_int *b, mp_int *c); + +/* c = a OR b */ +int mp_or(mp_int *a, mp_int *b, mp_int *c); + +/* c = a AND b */ +int mp_and(mp_int *a, mp_int *b, mp_int *c); + +/* ---> Basic arithmetic <--- */ + +/* b = -a */ +int mp_neg(mp_int *a, mp_int *b); + +/* b = |a| */ +int mp_abs(mp_int *a, mp_int *b); + +/* compare a to b */ +int mp_cmp(mp_int *a, mp_int *b); + +/* compare |a| to |b| */ +int mp_cmp_mag(mp_int *a, mp_int *b); + +/* c = a + b */ +int mp_add(mp_int *a, mp_int *b, mp_int *c); + +/* c = a - b */ +int mp_sub(mp_int *a, mp_int *b, mp_int *c); + +/* c = a * b */ +int mp_mul(mp_int *a, mp_int *b, mp_int *c); + +/* b = a*a */ +int mp_sqr(mp_int *a, mp_int *b); + +/* a/b => cb + d == a */ +int mp_div(mp_int *a, mp_int *b, mp_int *c, mp_int *d); + +/* c = a mod b, 0 <= c < b */ +int mp_mod(mp_int *a, mp_int *b, mp_int *c); + +/* ---> single digit functions <--- */ + +/* compare against a single digit */ +int mp_cmp_d(mp_int *a, mp_digit b); + +/* c = a + b */ +int mp_add_d(mp_int *a, mp_digit b, mp_int *c); + +/* c = a - b */ +int mp_sub_d(mp_int *a, mp_digit b, mp_int *c); + +/* c = a * b */ +int mp_mul_d(mp_int *a, mp_digit b, mp_int *c); + +/* a/b => cb + d == a */ +int mp_div_d(mp_int *a, mp_digit b, mp_int *c, mp_digit *d); + +/* a/3 => 3c + d == a */ +int mp_div_3(mp_int *a, mp_int *c, mp_digit *d); + +/* c = a**b */ +int mp_expt_d(mp_int *a, mp_digit b, mp_int *c); + +/* c = a mod b, 0 <= c < b */ +int mp_mod_d(mp_int *a, mp_digit b, mp_digit *c); + +/* ---> number theory <--- */ + +/* d = a + b (mod c) */ +int mp_addmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); + +/* d = a - b (mod c) */ +int mp_submod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); + +/* d = a * b (mod c) */ +int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); + +/* c = a * a (mod b) */ +int mp_sqrmod(mp_int *a, mp_int *b, mp_int *c); + +/* c = 1/a (mod b) */ +int mp_invmod(mp_int *a, mp_int *b, mp_int *c); + +/* c = (a, b) */ +int mp_gcd(mp_int *a, mp_int *b, mp_int *c); + +/* produces value such that U1*a + U2*b = U3 */ +int mp_exteuclid(mp_int *a, mp_int *b, mp_int *U1, mp_int *U2, mp_int *U3); + +/* c = [a, b] or (a*b)/(a, b) */ +int mp_lcm(mp_int *a, mp_int *b, mp_int *c); + +/* finds one of the b'th root of a, such that |c|**b <= |a| + * + * returns error if a < 0 and b is even + */ +int mp_n_root(mp_int *a, mp_digit b, mp_int *c); + +/* special sqrt algo */ +int mp_sqrt(mp_int *arg, mp_int *ret); + +/* is number a square? */ +int mp_is_square(mp_int *arg, int *ret); + +/* computes the jacobi c = (a | n) (or Legendre if b is prime) */ +int mp_jacobi(mp_int *a, mp_int *n, int *c); + +/* used to setup the Barrett reduction for a given modulus b */ +int mp_reduce_setup(mp_int *a, mp_int *b); + +/* Barrett Reduction, computes a (mod b) with a precomputed value c + * + * Assumes that 0 < a <= b*b, note if 0 > a > -(b*b) then you can merely + * compute the reduction as -1 * mp_reduce(mp_abs(a)) [pseudo code]. + */ +int mp_reduce(mp_int *a, mp_int *b, mp_int *c); + +/* setups the montgomery reduction */ +int mp_montgomery_setup(mp_int *a, mp_digit *mp); + +/* computes a = B**n mod b without division or multiplication useful for + * normalizing numbers in a Montgomery system. + */ +int mp_montgomery_calc_normalization(mp_int *a, mp_int *b); + +/* computes x/R == x (mod N) via Montgomery Reduction */ +int mp_montgomery_reduce(mp_int *a, mp_int *m, mp_digit mp); + +/* returns 1 if a is a valid DR modulus */ +int mp_dr_is_modulus(mp_int *a); + +/* sets the value of "d" required for mp_dr_reduce */ +void mp_dr_setup(mp_int *a, mp_digit *d); + +/* reduces a modulo b using the Diminished Radix method */ +int mp_dr_reduce(mp_int *a, mp_int *b, mp_digit mp); + +/* returns true if a can be reduced with mp_reduce_2k */ +int mp_reduce_is_2k(mp_int *a); + +/* determines k value for 2k reduction */ +int mp_reduce_2k_setup(mp_int *a, mp_digit *d); + +/* reduces a modulo b where b is of the form 2**p - k [0 <= a] */ +int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d); + +/* returns true if a can be reduced with mp_reduce_2k_l */ +int mp_reduce_is_2k_l(mp_int *a); + +/* determines k value for 2k reduction */ +int mp_reduce_2k_setup_l(mp_int *a, mp_int *d); + +/* reduces a modulo b where b is of the form 2**p - k [0 <= a] */ +int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d); + +/* d = a**b (mod c) */ +int mp_exptmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d); + +/* ---> Primes <--- */ + +/* number of primes */ +#ifdef MP_8BIT + #define PRIME_SIZE 31 +#else + #define PRIME_SIZE 256 +#endif + +/* table of first PRIME_SIZE primes */ +extern const mp_digit ltm_prime_tab[]; + +/* result=1 if a is divisible by one of the first PRIME_SIZE primes */ +int mp_prime_is_divisible(mp_int *a, int *result); + +/* performs one Fermat test of "a" using base "b". + * Sets result to 0 if composite or 1 if probable prime + */ +int mp_prime_fermat(mp_int *a, mp_int *b, int *result); + +/* performs one Miller-Rabin test of "a" using base "b". + * Sets result to 0 if composite or 1 if probable prime + */ +int mp_prime_miller_rabin(mp_int *a, mp_int *b, int *result); + +/* This gives [for a given bit size] the number of trials required + * such that Miller-Rabin gives a prob of failure lower than 2^-96 + */ +int mp_prime_rabin_miller_trials(int size); + +/* performs t rounds of Miller-Rabin on "a" using the first + * t prime bases. Also performs an initial sieve of trial + * division. Determines if "a" is prime with probability + * of error no more than (1/4)**t. + * + * Sets result to 1 if probably prime, 0 otherwise + */ +int mp_prime_is_prime(mp_int *a, int t, int *result); + +/* finds the next prime after the number "a" using "t" trials + * of Miller-Rabin. + * + * bbs_style = 1 means the prime must be congruent to 3 mod 4 + */ +int mp_prime_next_prime(mp_int *a, int t, int bbs_style); + +/* makes a truly random prime of a given size (bytes), + * call with bbs = 1 if you want it to be congruent to 3 mod 4 + * + * You have to supply a callback which fills in a buffer with random bytes. "dat" is a parameter you can + * have passed to the callback (e.g. a state or something). This function doesn't use "dat" itself + * so it can be NULL + * + * The prime generated will be larger than 2^(8*size). + */ +#define mp_prime_random(a, t, size, bbs, cb, dat) mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat) + +/* makes a truly random prime of a given size (bits), + * + * Flags are as follows: + * + * LTM_PRIME_BBS - make prime congruent to 3 mod 4 + * LTM_PRIME_SAFE - make sure (p-1)/2 is prime as well (implies LTM_PRIME_BBS) + * LTM_PRIME_2MSB_OFF - make the 2nd highest bit zero + * LTM_PRIME_2MSB_ON - make the 2nd highest bit one + * + * You have to supply a callback which fills in a buffer with random bytes. "dat" is a parameter you can + * have passed to the callback (e.g. a state or something). This function doesn't use "dat" itself + * so it can be NULL + * + */ +int mp_prime_random_ex(mp_int *a, int t, int size, int flags, ltm_prime_callback cb, void *dat); + +int mp_find_prime(mp_int *a); + +int mp_isprime(mp_int *a); + +/* ---> radix conversion <--- */ +int mp_count_bits(mp_int *a); + +int mp_unsigned_bin_size(mp_int *a); +int mp_read_unsigned_bin(mp_int *a, const unsigned char *b, int c); +int mp_to_unsigned_bin(mp_int *a, unsigned char *b); +int mp_to_unsigned_bin_n (mp_int * a, unsigned char *b, unsigned long *outlen); + +int mp_signed_bin_size(mp_int *a); +int mp_read_signed_bin(mp_int *a, const unsigned char *b, int c); +int mp_to_signed_bin(mp_int *a, unsigned char *b); +int mp_to_signed_bin_n (mp_int * a, unsigned char *b, unsigned long *outlen); + +int mp_read_radix(mp_int *a, const char *str, int radix); +int mp_toradix(mp_int *a, char *str, int radix); +int mp_toradix_n(mp_int * a, char *str, int radix, int maxlen); +int mp_radix_size(mp_int *a, int radix, int *size); + +int mp_fread(mp_int *a, int radix, FILE *stream); +int mp_fwrite(mp_int *a, int radix, FILE *stream); + +#define mp_read_raw(mp, str, len) mp_read_signed_bin((mp), (str), (len)) +#define mp_raw_size(mp) mp_signed_bin_size(mp) +#define mp_toraw(mp, str) mp_to_signed_bin((mp), (str)) +#define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len)) +#define mp_mag_size(mp) mp_unsigned_bin_size(mp) +#define mp_tomag(mp, str) mp_to_unsigned_bin((mp), (str)) + +#define mp_tobinary(M, S) mp_toradix((M), (S), 2) +#define mp_tooctal(M, S) mp_toradix((M), (S), 8) +#define mp_todecimal(M, S) mp_toradix((M), (S), 10) +#define mp_tohex(M, S) mp_toradix((M), (S), 16) + +/* lowlevel functions, do not call! */ +int s_mp_add(mp_int *a, mp_int *b, mp_int *c); +int s_mp_sub(mp_int *a, mp_int *b, mp_int *c); +#define s_mp_mul(a, b, c) s_mp_mul_digs(a, b, c, (a)->used + (b)->used + 1) +int fast_s_mp_mul_digs(mp_int *a, mp_int *b, mp_int *c, int digs); +int s_mp_mul_digs(mp_int *a, mp_int *b, mp_int *c, int digs); +int fast_s_mp_mul_high_digs(mp_int *a, mp_int *b, mp_int *c, int digs); +int s_mp_mul_high_digs(mp_int *a, mp_int *b, mp_int *c, int digs); +int fast_s_mp_sqr(mp_int *a, mp_int *b); +int s_mp_sqr(mp_int *a, mp_int *b); +int mp_karatsuba_mul(mp_int *a, mp_int *b, mp_int *c); +int mp_toom_mul(mp_int *a, mp_int *b, mp_int *c); +int mp_karatsuba_sqr(mp_int *a, mp_int *b); +int mp_toom_sqr(mp_int *a, mp_int *b); +int fast_mp_invmod(mp_int *a, mp_int *b, mp_int *c); +int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c); +int fast_mp_montgomery_reduce(mp_int *a, mp_int *m, mp_digit mp); +int mp_exptmod_fast(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int mode); +int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int mode); +void bn_reverse(unsigned char *s, int len); + +extern const char *mp_s_rmap; + +#ifdef __cplusplus + } +#endif + +#endif + + +/* $Source: /cvs/libtom/libtommath/tommath.h,v $ */ +/* $Revision: 1.8 $ */ +/* $Date: 2006/03/31 14:18:44 $ */ diff --git a/lib/hcrypto/libtommath/tommath_class.h b/lib/hcrypto/libtommath/tommath_class.h new file mode 100644 index 000000000000..fa95a0277a1e --- /dev/null +++ b/lib/hcrypto/libtommath/tommath_class.h @@ -0,0 +1,1000 @@ +#if !(defined(LTM1) && defined(LTM2) && defined(LTM3)) +#if defined(LTM2) +#define LTM3 +#endif +#if defined(LTM1) +#define LTM2 +#endif +#define LTM1 + +#if defined(LTM_ALL) +#define BN_ERROR_C +#define BN_FAST_MP_INVMOD_C +#define BN_FAST_MP_MONTGOMERY_REDUCE_C +#define BN_FAST_S_MP_MUL_DIGS_C +#define BN_FAST_S_MP_MUL_HIGH_DIGS_C +#define BN_FAST_S_MP_SQR_C +#define BN_MP_2EXPT_C +#define BN_MP_ABS_C +#define BN_MP_ADD_C +#define BN_MP_ADD_D_C +#define BN_MP_ADDMOD_C +#define BN_MP_AND_C +#define BN_MP_CLAMP_C +#define BN_MP_CLEAR_C +#define BN_MP_CLEAR_MULTI_C +#define BN_MP_CMP_C +#define BN_MP_CMP_D_C +#define BN_MP_CMP_MAG_C +#define BN_MP_CNT_LSB_C +#define BN_MP_COPY_C +#define BN_MP_COUNT_BITS_C +#define BN_MP_DIV_C +#define BN_MP_DIV_2_C +#define BN_MP_DIV_2D_C +#define BN_MP_DIV_3_C +#define BN_MP_DIV_D_C +#define BN_MP_DR_IS_MODULUS_C +#define BN_MP_DR_REDUCE_C +#define BN_MP_DR_SETUP_C +#define BN_MP_EXCH_C +#define BN_MP_EXPT_D_C +#define BN_MP_EXPTMOD_C +#define BN_MP_EXPTMOD_FAST_C +#define BN_MP_EXTEUCLID_C +#define BN_MP_FREAD_C +#define BN_MP_FWRITE_C +#define BN_MP_GCD_C +#define BN_MP_GET_INT_C +#define BN_MP_GROW_C +#define BN_MP_INIT_C +#define BN_MP_INIT_COPY_C +#define BN_MP_INIT_MULTI_C +#define BN_MP_INIT_SET_C +#define BN_MP_INIT_SET_INT_C +#define BN_MP_INIT_SIZE_C +#define BN_MP_INVMOD_C +#define BN_MP_INVMOD_SLOW_C +#define BN_MP_IS_SQUARE_C +#define BN_MP_JACOBI_C +#define BN_MP_KARATSUBA_MUL_C +#define BN_MP_KARATSUBA_SQR_C +#define BN_MP_LCM_C +#define BN_MP_LSHD_C +#define BN_MP_MOD_C +#define BN_MP_MOD_2D_C +#define BN_MP_MOD_D_C +#define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C +#define BN_MP_MONTGOMERY_REDUCE_C +#define BN_MP_MONTGOMERY_SETUP_C +#define BN_MP_MUL_C +#define BN_MP_MUL_2_C +#define BN_MP_MUL_2D_C +#define BN_MP_MUL_D_C +#define BN_MP_MULMOD_C +#define BN_MP_N_ROOT_C +#define BN_MP_NEG_C +#define BN_MP_OR_C +#define BN_MP_PRIME_FERMAT_C +#define BN_MP_PRIME_IS_DIVISIBLE_C +#define BN_MP_PRIME_IS_PRIME_C +#define BN_MP_PRIME_MILLER_RABIN_C +#define BN_MP_PRIME_NEXT_PRIME_C +#define BN_MP_PRIME_RABIN_MILLER_TRIALS_C +#define BN_MP_PRIME_RANDOM_EX_C +#define BN_MP_RADIX_SIZE_C +#define BN_MP_RADIX_SMAP_C +#define BN_MP_RAND_C +#define BN_MP_READ_RADIX_C +#define BN_MP_READ_SIGNED_BIN_C +#define BN_MP_READ_UNSIGNED_BIN_C +#define BN_MP_REDUCE_C +#define BN_MP_REDUCE_2K_C +#define BN_MP_REDUCE_2K_L_C +#define BN_MP_REDUCE_2K_SETUP_C +#define BN_MP_REDUCE_2K_SETUP_L_C +#define BN_MP_REDUCE_IS_2K_C +#define BN_MP_REDUCE_IS_2K_L_C +#define BN_MP_REDUCE_SETUP_C +#define BN_MP_RSHD_C +#define BN_MP_SET_C +#define BN_MP_SET_INT_C +#define BN_MP_SHRINK_C +#define BN_MP_SIGNED_BIN_SIZE_C +#define BN_MP_SQR_C +#define BN_MP_SQRMOD_C +#define BN_MP_SQRT_C +#define BN_MP_SUB_C +#define BN_MP_SUB_D_C +#define BN_MP_SUBMOD_C +#define BN_MP_TO_SIGNED_BIN_C +#define BN_MP_TO_SIGNED_BIN_N_C +#define BN_MP_TO_UNSIGNED_BIN_C +#define BN_MP_TO_UNSIGNED_BIN_N_C +#define BN_MP_TOOM_MUL_C +#define BN_MP_TOOM_SQR_C +#define BN_MP_TORADIX_C +#define BN_MP_TORADIX_N_C +#define BN_MP_UNSIGNED_BIN_SIZE_C +#define BN_MP_XOR_C +#define BN_MP_ZERO_C +#define BN_MP_ZERO_MULTI_C +#define BN_PRIME_TAB_C +#define BN_REVERSE_C +#define BN_S_MP_ADD_C +#define BN_S_MP_EXPTMOD_C +#define BN_S_MP_MUL_DIGS_C +#define BN_S_MP_MUL_HIGH_DIGS_C +#define BN_S_MP_SQR_C +#define BN_S_MP_SUB_C +#define BNCORE_C +#endif + +#if defined(BN_ERROR_C) + #define BN_MP_ERROR_TO_STRING_C +#endif + +#if defined(BN_FAST_MP_INVMOD_C) + #define BN_MP_ISEVEN_C + #define BN_MP_INIT_MULTI_C + #define BN_MP_COPY_C + #define BN_MP_MOD_C + #define BN_MP_SET_C + #define BN_MP_DIV_2_C + #define BN_MP_ISODD_C + #define BN_MP_SUB_C + #define BN_MP_CMP_C + #define BN_MP_ISZERO_C + #define BN_MP_CMP_D_C + #define BN_MP_ADD_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_MULTI_C +#endif + +#if defined(BN_FAST_MP_MONTGOMERY_REDUCE_C) + #define BN_MP_GROW_C + #define BN_MP_RSHD_C + #define BN_MP_CLAMP_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_FAST_S_MP_MUL_DIGS_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_FAST_S_MP_MUL_HIGH_DIGS_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_FAST_S_MP_SQR_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_2EXPT_C) + #define BN_MP_ZERO_C + #define BN_MP_GROW_C +#endif + +#if defined(BN_MP_ABS_C) + #define BN_MP_COPY_C +#endif + +#if defined(BN_MP_ADD_C) + #define BN_S_MP_ADD_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_MP_ADD_D_C) + #define BN_MP_GROW_C + #define BN_MP_SUB_D_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_ADDMOD_C) + #define BN_MP_INIT_C + #define BN_MP_ADD_C + #define BN_MP_CLEAR_C + #define BN_MP_MOD_C +#endif + +#if defined(BN_MP_AND_C) + #define BN_MP_INIT_COPY_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_CLAMP_C) +#endif + +#if defined(BN_MP_CLEAR_C) +#endif + +#if defined(BN_MP_CLEAR_MULTI_C) + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_CMP_C) + #define BN_MP_CMP_MAG_C +#endif + +#if defined(BN_MP_CMP_D_C) +#endif + +#if defined(BN_MP_CMP_MAG_C) +#endif + +#if defined(BN_MP_CNT_LSB_C) + #define BN_MP_ISZERO_C +#endif + +#if defined(BN_MP_COPY_C) + #define BN_MP_GROW_C +#endif + +#if defined(BN_MP_COUNT_BITS_C) +#endif + +#if defined(BN_MP_DIV_C) + #define BN_MP_ISZERO_C + #define BN_MP_CMP_MAG_C + #define BN_MP_COPY_C + #define BN_MP_ZERO_C + #define BN_MP_INIT_MULTI_C + #define BN_MP_SET_C + #define BN_MP_COUNT_BITS_C + #define BN_MP_ABS_C + #define BN_MP_MUL_2D_C + #define BN_MP_CMP_C + #define BN_MP_SUB_C + #define BN_MP_ADD_C + #define BN_MP_DIV_2D_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_MULTI_C + #define BN_MP_INIT_SIZE_C + #define BN_MP_INIT_C + #define BN_MP_INIT_COPY_C + #define BN_MP_LSHD_C + #define BN_MP_RSHD_C + #define BN_MP_MUL_D_C + #define BN_MP_CLAMP_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_DIV_2_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_DIV_2D_C) + #define BN_MP_COPY_C + #define BN_MP_ZERO_C + #define BN_MP_INIT_C + #define BN_MP_MOD_2D_C + #define BN_MP_CLEAR_C + #define BN_MP_RSHD_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C +#endif + +#if defined(BN_MP_DIV_3_C) + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_DIV_D_C) + #define BN_MP_ISZERO_C + #define BN_MP_COPY_C + #define BN_MP_DIV_2D_C + #define BN_MP_DIV_3_C + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_DR_IS_MODULUS_C) +#endif + +#if defined(BN_MP_DR_REDUCE_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_MP_DR_SETUP_C) +#endif + +#if defined(BN_MP_EXCH_C) +#endif + +#if defined(BN_MP_EXPT_D_C) + #define BN_MP_INIT_COPY_C + #define BN_MP_SET_C + #define BN_MP_SQR_C + #define BN_MP_CLEAR_C + #define BN_MP_MUL_C +#endif + +#if defined(BN_MP_EXPTMOD_C) + #define BN_MP_INIT_C + #define BN_MP_INVMOD_C + #define BN_MP_CLEAR_C + #define BN_MP_ABS_C + #define BN_MP_CLEAR_MULTI_C + #define BN_MP_REDUCE_IS_2K_L_C + #define BN_S_MP_EXPTMOD_C + #define BN_MP_DR_IS_MODULUS_C + #define BN_MP_REDUCE_IS_2K_C + #define BN_MP_ISODD_C + #define BN_MP_EXPTMOD_FAST_C +#endif + +#if defined(BN_MP_EXPTMOD_FAST_C) + #define BN_MP_COUNT_BITS_C + #define BN_MP_INIT_C + #define BN_MP_CLEAR_C + #define BN_MP_MONTGOMERY_SETUP_C + #define BN_FAST_MP_MONTGOMERY_REDUCE_C + #define BN_MP_MONTGOMERY_REDUCE_C + #define BN_MP_DR_SETUP_C + #define BN_MP_DR_REDUCE_C + #define BN_MP_REDUCE_2K_SETUP_C + #define BN_MP_REDUCE_2K_C + #define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C + #define BN_MP_MULMOD_C + #define BN_MP_SET_C + #define BN_MP_MOD_C + #define BN_MP_COPY_C + #define BN_MP_SQR_C + #define BN_MP_MUL_C + #define BN_MP_EXCH_C +#endif + +#if defined(BN_MP_EXTEUCLID_C) + #define BN_MP_INIT_MULTI_C + #define BN_MP_SET_C + #define BN_MP_COPY_C + #define BN_MP_ISZERO_C + #define BN_MP_DIV_C + #define BN_MP_MUL_C + #define BN_MP_SUB_C + #define BN_MP_NEG_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_MULTI_C +#endif + +#if defined(BN_MP_FREAD_C) + #define BN_MP_ZERO_C + #define BN_MP_S_RMAP_C + #define BN_MP_MUL_D_C + #define BN_MP_ADD_D_C + #define BN_MP_CMP_D_C +#endif + +#if defined(BN_MP_FWRITE_C) + #define BN_MP_RADIX_SIZE_C + #define BN_MP_TORADIX_C +#endif + +#if defined(BN_MP_GCD_C) + #define BN_MP_ISZERO_C + #define BN_MP_ABS_C + #define BN_MP_ZERO_C + #define BN_MP_INIT_COPY_C + #define BN_MP_CNT_LSB_C + #define BN_MP_DIV_2D_C + #define BN_MP_CMP_MAG_C + #define BN_MP_EXCH_C + #define BN_S_MP_SUB_C + #define BN_MP_MUL_2D_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_GET_INT_C) +#endif + +#if defined(BN_MP_GROW_C) +#endif + +#if defined(BN_MP_INIT_C) +#endif + +#if defined(BN_MP_INIT_COPY_C) + #define BN_MP_COPY_C +#endif + +#if defined(BN_MP_INIT_MULTI_C) + #define BN_MP_ERR_C + #define BN_MP_INIT_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_INIT_SET_C) + #define BN_MP_INIT_C + #define BN_MP_SET_C +#endif + +#if defined(BN_MP_INIT_SET_INT_C) + #define BN_MP_INIT_C + #define BN_MP_SET_INT_C +#endif + +#if defined(BN_MP_INIT_SIZE_C) + #define BN_MP_INIT_C +#endif + +#if defined(BN_MP_INVMOD_C) + #define BN_MP_ISZERO_C + #define BN_MP_ISODD_C + #define BN_FAST_MP_INVMOD_C + #define BN_MP_INVMOD_SLOW_C +#endif + +#if defined(BN_MP_INVMOD_SLOW_C) + #define BN_MP_ISZERO_C + #define BN_MP_INIT_MULTI_C + #define BN_MP_MOD_C + #define BN_MP_COPY_C + #define BN_MP_ISEVEN_C + #define BN_MP_SET_C + #define BN_MP_DIV_2_C + #define BN_MP_ISODD_C + #define BN_MP_ADD_C + #define BN_MP_SUB_C + #define BN_MP_CMP_C + #define BN_MP_CMP_D_C + #define BN_MP_CMP_MAG_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_MULTI_C +#endif + +#if defined(BN_MP_IS_SQUARE_C) + #define BN_MP_MOD_D_C + #define BN_MP_INIT_SET_INT_C + #define BN_MP_MOD_C + #define BN_MP_GET_INT_C + #define BN_MP_SQRT_C + #define BN_MP_SQR_C + #define BN_MP_CMP_MAG_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_JACOBI_C) + #define BN_MP_CMP_D_C + #define BN_MP_ISZERO_C + #define BN_MP_INIT_COPY_C + #define BN_MP_CNT_LSB_C + #define BN_MP_DIV_2D_C + #define BN_MP_MOD_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_KARATSUBA_MUL_C) + #define BN_MP_MUL_C + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_SUB_C + #define BN_MP_ADD_C + #define BN_MP_LSHD_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_KARATSUBA_SQR_C) + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_SQR_C + #define BN_MP_SUB_C + #define BN_S_MP_ADD_C + #define BN_MP_LSHD_C + #define BN_MP_ADD_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_LCM_C) + #define BN_MP_INIT_MULTI_C + #define BN_MP_GCD_C + #define BN_MP_CMP_MAG_C + #define BN_MP_DIV_C + #define BN_MP_MUL_C + #define BN_MP_CLEAR_MULTI_C +#endif + +#if defined(BN_MP_LSHD_C) + #define BN_MP_GROW_C + #define BN_MP_RSHD_C +#endif + +#if defined(BN_MP_MOD_C) + #define BN_MP_INIT_C + #define BN_MP_DIV_C + #define BN_MP_CLEAR_C + #define BN_MP_ADD_C + #define BN_MP_EXCH_C +#endif + +#if defined(BN_MP_MOD_2D_C) + #define BN_MP_ZERO_C + #define BN_MP_COPY_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_MOD_D_C) + #define BN_MP_DIV_D_C +#endif + +#if defined(BN_MP_MONTGOMERY_CALC_NORMALIZATION_C) + #define BN_MP_COUNT_BITS_C + #define BN_MP_2EXPT_C + #define BN_MP_SET_C + #define BN_MP_MUL_2_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_MP_MONTGOMERY_REDUCE_C) + #define BN_FAST_MP_MONTGOMERY_REDUCE_C + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C + #define BN_MP_RSHD_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_MP_MONTGOMERY_SETUP_C) +#endif + +#if defined(BN_MP_MUL_C) + #define BN_MP_TOOM_MUL_C + #define BN_MP_KARATSUBA_MUL_C + #define BN_FAST_S_MP_MUL_DIGS_C + #define BN_S_MP_MUL_C + #define BN_S_MP_MUL_DIGS_C +#endif + +#if defined(BN_MP_MUL_2_C) + #define BN_MP_GROW_C +#endif + +#if defined(BN_MP_MUL_2D_C) + #define BN_MP_COPY_C + #define BN_MP_GROW_C + #define BN_MP_LSHD_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_MUL_D_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_MULMOD_C) + #define BN_MP_INIT_C + #define BN_MP_MUL_C + #define BN_MP_CLEAR_C + #define BN_MP_MOD_C +#endif + +#if defined(BN_MP_N_ROOT_C) + #define BN_MP_INIT_C + #define BN_MP_SET_C + #define BN_MP_COPY_C + #define BN_MP_EXPT_D_C + #define BN_MP_MUL_C + #define BN_MP_SUB_C + #define BN_MP_MUL_D_C + #define BN_MP_DIV_C + #define BN_MP_CMP_C + #define BN_MP_SUB_D_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_NEG_C) + #define BN_MP_COPY_C + #define BN_MP_ISZERO_C +#endif + +#if defined(BN_MP_OR_C) + #define BN_MP_INIT_COPY_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_PRIME_FERMAT_C) + #define BN_MP_CMP_D_C + #define BN_MP_INIT_C + #define BN_MP_EXPTMOD_C + #define BN_MP_CMP_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_PRIME_IS_DIVISIBLE_C) + #define BN_MP_MOD_D_C +#endif + +#if defined(BN_MP_PRIME_IS_PRIME_C) + #define BN_MP_CMP_D_C + #define BN_MP_PRIME_IS_DIVISIBLE_C + #define BN_MP_INIT_C + #define BN_MP_SET_C + #define BN_MP_PRIME_MILLER_RABIN_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_PRIME_MILLER_RABIN_C) + #define BN_MP_CMP_D_C + #define BN_MP_INIT_COPY_C + #define BN_MP_SUB_D_C + #define BN_MP_CNT_LSB_C + #define BN_MP_DIV_2D_C + #define BN_MP_EXPTMOD_C + #define BN_MP_CMP_C + #define BN_MP_SQRMOD_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_PRIME_NEXT_PRIME_C) + #define BN_MP_CMP_D_C + #define BN_MP_SET_C + #define BN_MP_SUB_D_C + #define BN_MP_ISEVEN_C + #define BN_MP_MOD_D_C + #define BN_MP_INIT_C + #define BN_MP_ADD_D_C + #define BN_MP_PRIME_MILLER_RABIN_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_PRIME_RABIN_MILLER_TRIALS_C) +#endif + +#if defined(BN_MP_PRIME_RANDOM_EX_C) + #define BN_MP_READ_UNSIGNED_BIN_C + #define BN_MP_PRIME_IS_PRIME_C + #define BN_MP_SUB_D_C + #define BN_MP_DIV_2_C + #define BN_MP_MUL_2_C + #define BN_MP_ADD_D_C +#endif + +#if defined(BN_MP_RADIX_SIZE_C) + #define BN_MP_COUNT_BITS_C + #define BN_MP_INIT_COPY_C + #define BN_MP_ISZERO_C + #define BN_MP_DIV_D_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_RADIX_SMAP_C) + #define BN_MP_S_RMAP_C +#endif + +#if defined(BN_MP_RAND_C) + #define BN_MP_ZERO_C + #define BN_MP_ADD_D_C + #define BN_MP_LSHD_C +#endif + +#if defined(BN_MP_READ_RADIX_C) + #define BN_MP_ZERO_C + #define BN_MP_S_RMAP_C + #define BN_MP_RADIX_SMAP_C + #define BN_MP_MUL_D_C + #define BN_MP_ADD_D_C + #define BN_MP_ISZERO_C +#endif + +#if defined(BN_MP_READ_SIGNED_BIN_C) + #define BN_MP_READ_UNSIGNED_BIN_C +#endif + +#if defined(BN_MP_READ_UNSIGNED_BIN_C) + #define BN_MP_GROW_C + #define BN_MP_ZERO_C + #define BN_MP_MUL_2D_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_REDUCE_C) + #define BN_MP_REDUCE_SETUP_C + #define BN_MP_INIT_COPY_C + #define BN_MP_RSHD_C + #define BN_MP_MUL_C + #define BN_S_MP_MUL_HIGH_DIGS_C + #define BN_FAST_S_MP_MUL_HIGH_DIGS_C + #define BN_MP_MOD_2D_C + #define BN_S_MP_MUL_DIGS_C + #define BN_MP_SUB_C + #define BN_MP_CMP_D_C + #define BN_MP_SET_C + #define BN_MP_LSHD_C + #define BN_MP_ADD_C + #define BN_MP_CMP_C + #define BN_S_MP_SUB_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_REDUCE_2K_C) + #define BN_MP_INIT_C + #define BN_MP_COUNT_BITS_C + #define BN_MP_DIV_2D_C + #define BN_MP_MUL_D_C + #define BN_S_MP_ADD_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_REDUCE_2K_L_C) + #define BN_MP_INIT_C + #define BN_MP_COUNT_BITS_C + #define BN_MP_DIV_2D_C + #define BN_MP_MUL_C + #define BN_S_MP_ADD_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_REDUCE_2K_SETUP_C) + #define BN_MP_INIT_C + #define BN_MP_COUNT_BITS_C + #define BN_MP_2EXPT_C + #define BN_MP_CLEAR_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_MP_REDUCE_2K_SETUP_L_C) + #define BN_MP_INIT_C + #define BN_MP_2EXPT_C + #define BN_MP_COUNT_BITS_C + #define BN_S_MP_SUB_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_REDUCE_IS_2K_C) + #define BN_MP_REDUCE_2K_C + #define BN_MP_COUNT_BITS_C +#endif + +#if defined(BN_MP_REDUCE_IS_2K_L_C) +#endif + +#if defined(BN_MP_REDUCE_SETUP_C) + #define BN_MP_2EXPT_C + #define BN_MP_DIV_C +#endif + +#if defined(BN_MP_RSHD_C) + #define BN_MP_ZERO_C +#endif + +#if defined(BN_MP_SET_C) + #define BN_MP_ZERO_C +#endif + +#if defined(BN_MP_SET_INT_C) + #define BN_MP_ZERO_C + #define BN_MP_MUL_2D_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_SHRINK_C) +#endif + +#if defined(BN_MP_SIGNED_BIN_SIZE_C) + #define BN_MP_UNSIGNED_BIN_SIZE_C +#endif + +#if defined(BN_MP_SQR_C) + #define BN_MP_TOOM_SQR_C + #define BN_MP_KARATSUBA_SQR_C + #define BN_FAST_S_MP_SQR_C + #define BN_S_MP_SQR_C +#endif + +#if defined(BN_MP_SQRMOD_C) + #define BN_MP_INIT_C + #define BN_MP_SQR_C + #define BN_MP_CLEAR_C + #define BN_MP_MOD_C +#endif + +#if defined(BN_MP_SQRT_C) + #define BN_MP_N_ROOT_C + #define BN_MP_ISZERO_C + #define BN_MP_ZERO_C + #define BN_MP_INIT_COPY_C + #define BN_MP_RSHD_C + #define BN_MP_DIV_C + #define BN_MP_ADD_C + #define BN_MP_DIV_2_C + #define BN_MP_CMP_MAG_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_SUB_C) + #define BN_S_MP_ADD_C + #define BN_MP_CMP_MAG_C + #define BN_S_MP_SUB_C +#endif + +#if defined(BN_MP_SUB_D_C) + #define BN_MP_GROW_C + #define BN_MP_ADD_D_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_MP_SUBMOD_C) + #define BN_MP_INIT_C + #define BN_MP_SUB_C + #define BN_MP_CLEAR_C + #define BN_MP_MOD_C +#endif + +#if defined(BN_MP_TO_SIGNED_BIN_C) + #define BN_MP_TO_UNSIGNED_BIN_C +#endif + +#if defined(BN_MP_TO_SIGNED_BIN_N_C) + #define BN_MP_SIGNED_BIN_SIZE_C + #define BN_MP_TO_SIGNED_BIN_C +#endif + +#if defined(BN_MP_TO_UNSIGNED_BIN_C) + #define BN_MP_INIT_COPY_C + #define BN_MP_ISZERO_C + #define BN_MP_DIV_2D_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_TO_UNSIGNED_BIN_N_C) + #define BN_MP_UNSIGNED_BIN_SIZE_C + #define BN_MP_TO_UNSIGNED_BIN_C +#endif + +#if defined(BN_MP_TOOM_MUL_C) + #define BN_MP_INIT_MULTI_C + #define BN_MP_MOD_2D_C + #define BN_MP_COPY_C + #define BN_MP_RSHD_C + #define BN_MP_MUL_C + #define BN_MP_MUL_2_C + #define BN_MP_ADD_C + #define BN_MP_SUB_C + #define BN_MP_DIV_2_C + #define BN_MP_MUL_2D_C + #define BN_MP_MUL_D_C + #define BN_MP_DIV_3_C + #define BN_MP_LSHD_C + #define BN_MP_CLEAR_MULTI_C +#endif + +#if defined(BN_MP_TOOM_SQR_C) + #define BN_MP_INIT_MULTI_C + #define BN_MP_MOD_2D_C + #define BN_MP_COPY_C + #define BN_MP_RSHD_C + #define BN_MP_SQR_C + #define BN_MP_MUL_2_C + #define BN_MP_ADD_C + #define BN_MP_SUB_C + #define BN_MP_DIV_2_C + #define BN_MP_MUL_2D_C + #define BN_MP_MUL_D_C + #define BN_MP_DIV_3_C + #define BN_MP_LSHD_C + #define BN_MP_CLEAR_MULTI_C +#endif + +#if defined(BN_MP_TORADIX_C) + #define BN_MP_ISZERO_C + #define BN_MP_INIT_COPY_C + #define BN_MP_DIV_D_C + #define BN_MP_CLEAR_C + #define BN_MP_S_RMAP_C +#endif + +#if defined(BN_MP_TORADIX_N_C) + #define BN_MP_ISZERO_C + #define BN_MP_INIT_COPY_C + #define BN_MP_DIV_D_C + #define BN_MP_CLEAR_C + #define BN_MP_S_RMAP_C +#endif + +#if defined(BN_MP_UNSIGNED_BIN_SIZE_C) + #define BN_MP_COUNT_BITS_C +#endif + +#if defined(BN_MP_XOR_C) + #define BN_MP_INIT_COPY_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_MP_ZERO_C) +#endif + +#if defined(BN_PRIME_TAB_C) +#endif + +#if defined(BN_REVERSE_C) +#endif + +#if defined(BN_S_MP_ADD_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BN_S_MP_EXPTMOD_C) + #define BN_MP_COUNT_BITS_C + #define BN_MP_INIT_C + #define BN_MP_CLEAR_C + #define BN_MP_REDUCE_SETUP_C + #define BN_MP_REDUCE_C + #define BN_MP_REDUCE_2K_SETUP_L_C + #define BN_MP_REDUCE_2K_L_C + #define BN_MP_MOD_C + #define BN_MP_COPY_C + #define BN_MP_SQR_C + #define BN_MP_MUL_C + #define BN_MP_SET_C + #define BN_MP_EXCH_C +#endif + +#if defined(BN_S_MP_MUL_DIGS_C) + #define BN_FAST_S_MP_MUL_DIGS_C + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_S_MP_MUL_HIGH_DIGS_C) + #define BN_FAST_S_MP_MUL_HIGH_DIGS_C + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_S_MP_SQR_C) + #define BN_MP_INIT_SIZE_C + #define BN_MP_CLAMP_C + #define BN_MP_EXCH_C + #define BN_MP_CLEAR_C +#endif + +#if defined(BN_S_MP_SUB_C) + #define BN_MP_GROW_C + #define BN_MP_CLAMP_C +#endif + +#if defined(BNCORE_C) +#endif + +#ifdef LTM3 +#define LTM_LAST +#endif +#include +#include +#else +#define LTM_LAST +#endif + +/* $Source: /cvs/libtom/libtommath/tommath_class.h,v $ */ +/* $Revision: 1.3 $ */ +/* $Date: 2005/07/28 11:59:32 $ */ diff --git a/lib/hcrypto/libtommath/tommath_superclass.h b/lib/hcrypto/libtommath/tommath_superclass.h new file mode 100644 index 000000000000..a96c36feb82b --- /dev/null +++ b/lib/hcrypto/libtommath/tommath_superclass.h @@ -0,0 +1,76 @@ +/* super class file for PK algos */ + +/* default ... include all MPI */ +#define LTM_ALL + +/* RSA only (does not support DH/DSA/ECC) */ +/* #define SC_RSA_1 */ + +/* For reference.... On an Athlon64 optimizing for speed... + + LTM's mpi.o with all functions [striped] is 142KiB in size. + +*/ + +/* Works for RSA only, mpi.o is 68KiB */ +#ifdef SC_RSA_1 + #define BN_MP_SHRINK_C + #define BN_MP_LCM_C + #define BN_MP_PRIME_RANDOM_EX_C + #define BN_MP_INVMOD_C + #define BN_MP_GCD_C + #define BN_MP_MOD_C + #define BN_MP_MULMOD_C + #define BN_MP_ADDMOD_C + #define BN_MP_EXPTMOD_C + #define BN_MP_SET_INT_C + #define BN_MP_INIT_MULTI_C + #define BN_MP_CLEAR_MULTI_C + #define BN_MP_UNSIGNED_BIN_SIZE_C + #define BN_MP_TO_UNSIGNED_BIN_C + #define BN_MP_MOD_D_C + #define BN_MP_PRIME_RABIN_MILLER_TRIALS_C + #define BN_REVERSE_C + #define BN_PRIME_TAB_C + + /* other modifiers */ + #define BN_MP_DIV_SMALL /* Slower division, not critical */ + + /* here we are on the last pass so we turn things off. The functions classes are still there + * but we remove them specifically from the build. This also invokes tweaks in functions + * like removing support for even moduli, etc... + */ +#ifdef LTM_LAST + #undef BN_MP_TOOM_MUL_C + #undef BN_MP_TOOM_SQR_C + #undef BN_MP_KARATSUBA_MUL_C + #undef BN_MP_KARATSUBA_SQR_C + #undef BN_MP_REDUCE_C + #undef BN_MP_REDUCE_SETUP_C + #undef BN_MP_DR_IS_MODULUS_C + #undef BN_MP_DR_SETUP_C + #undef BN_MP_DR_REDUCE_C + #undef BN_MP_REDUCE_IS_2K_C + #undef BN_MP_REDUCE_2K_SETUP_C + #undef BN_MP_REDUCE_2K_C + #undef BN_S_MP_EXPTMOD_C + #undef BN_MP_DIV_3_C + #undef BN_S_MP_MUL_HIGH_DIGS_C + #undef BN_FAST_S_MP_MUL_HIGH_DIGS_C + #undef BN_FAST_MP_INVMOD_C + + /* To safely undefine these you have to make sure your RSA key won't exceed the Comba threshold + * which is roughly 255 digits [7140 bits for 32-bit machines, 15300 bits for 64-bit machines] + * which means roughly speaking you can handle upto 2536-bit RSA keys with these defined without + * trouble. + */ + #undef BN_S_MP_MUL_DIGS_C + #undef BN_S_MP_SQR_C + #undef BN_MP_MONTGOMERY_REDUCE_C +#endif + +#endif + +/* $Source: /cvs/libtom/libtommath/tommath_superclass.h,v $ */ +/* $Revision: 1.3 $ */ +/* $Date: 2005/05/14 13:29:17 $ */ diff --git a/lib/hcrypto/md2.c b/lib/hcrypto/md2.c new file mode 100644 index 000000000000..26254acee5a8 --- /dev/null +++ b/lib/hcrypto/md2.c @@ -0,0 +1,134 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + +#include "hash.h" +#include "md2.h" + +static const unsigned char subst[256] = { + 41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6, + 19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188, + 76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24, + 138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251, + 245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63, + 148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50, + 39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165, + 181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210, + 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157, + 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27, + 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15, + 85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197, + 234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65, + 129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123, + 8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233, + 203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228, + 166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237, + 31, 26, 219, 153, 141, 51, 159, 17, 131, 20 +}; + +void +MD2_Init (struct md2 *m) +{ + memset(m, 0, sizeof(*m)); +} + +static void +calc(struct md2 *m, const void *v) +{ + unsigned char x[48], L; + const unsigned char *p = v; + int i, j, t; + + L = m->checksum[15]; + for (i = 0; i < 16; i++) + L = m->checksum[i] ^= subst[p[i] ^ L]; + + for (i = 0; i < 16; i++) { + x[i] = m->state[i]; + x[i + 16] = p[i]; + x[i + 32] = x[i] ^ p[i]; + } + + t = 0; + for (i = 0; i < 18; i++) { + for (j = 0; j < 48; j++) + t = x[j] ^= subst[t]; + t = (t + i) & 0xff; + } + + memcpy(m->state, x, 16); + memset(x, 0, sizeof(x)); +} + +void +MD2_Update (struct md2 *m, const void *v, size_t len) +{ + size_t idx = m->len & 0xf; + const unsigned char *p = v; + + m->len += len; + if (len + idx >= 16) { + if (idx) { + memcpy(m->data + idx, p, 16 - idx); + calc(m, m->data); + p += 16; + len -= 16 - idx; + } + while (len >= 16) { + calc(m, p); + p += 16; + len -= 16; + } + idx = 0; + } + + memcpy(m->data + idx, p, len); +} + +void +MD2_Final (void *res, struct md2 *m) +{ + unsigned char pad[16]; + size_t padlen; + + padlen = 16 - (m->len % 16); + memset(pad, padlen, padlen); + + MD2_Update(m, pad, padlen); + memcpy(pad, m->checksum, 16); + MD2_Update(m, pad, 16); + + memcpy(res, m->state, MD2_DIGEST_LENGTH); + memset(m, 0, sizeof(m)); +} diff --git a/lib/hcrypto/md2.h b/lib/hcrypto/md2.h new file mode 100644 index 000000000000..af765060aa53 --- /dev/null +++ b/lib/hcrypto/md2.h @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIM_MD2_H +#define HEIM_MD2_H 1 + +/* symbol renaming */ +#define MD2_Init hc_MD2_Init +#define MD2_Update hc_MD2_Update +#define MD2_Final hc_MD2_Final + +/* + * + */ + +#define MD2_DIGEST_LENGTH 16 + +struct md2 { + size_t len; + unsigned char data[16]; /* stored unalligned data between Update's */ + unsigned char checksum[16]; + unsigned char state[16]; /* lower 16 bytes of X */ +}; + +typedef struct md2 MD2_CTX; + +void MD2_Init (struct md2 *m); +void MD2_Update (struct md2 *m, const void *p, size_t len); +void MD2_Final (void *res, struct md2 *m); + +#endif /* HEIM_MD2_H */ diff --git a/lib/hcrypto/md4.c b/lib/hcrypto/md4.c new file mode 100644 index 000000000000..1a9f77fed250 --- /dev/null +++ b/lib/hcrypto/md4.c @@ -0,0 +1,246 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + +#include "hash.h" +#include "md4.h" + +#define A m->counter[0] +#define B m->counter[1] +#define C m->counter[2] +#define D m->counter[3] +#define X data + +void +MD4_Init (struct md4 *m) +{ + m->sz[0] = 0; + m->sz[1] = 0; + D = 0x10325476; + C = 0x98badcfe; + B = 0xefcdab89; + A = 0x67452301; +} + +#define F(x,y,z) CRAYFIX((x & y) | (~x & z)) +#define G(x,y,z) ((x & y) | (x & z) | (y & z)) +#define H(x,y,z) (x ^ y ^ z) + +#define DOIT(a,b,c,d,k,s,i,OP) \ +a = cshift(a + OP(b,c,d) + X[k] + i, s) + +#define DO1(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,F) +#define DO2(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,G) +#define DO3(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,H) + +static inline void +calc (struct md4 *m, uint32_t *data) +{ + uint32_t AA, BB, CC, DD; + + AA = A; + BB = B; + CC = C; + DD = D; + + /* Round 1 */ + + DO1(A,B,C,D,0,3,0); + DO1(D,A,B,C,1,7,0); + DO1(C,D,A,B,2,11,0); + DO1(B,C,D,A,3,19,0); + + DO1(A,B,C,D,4,3,0); + DO1(D,A,B,C,5,7,0); + DO1(C,D,A,B,6,11,0); + DO1(B,C,D,A,7,19,0); + + DO1(A,B,C,D,8,3,0); + DO1(D,A,B,C,9,7,0); + DO1(C,D,A,B,10,11,0); + DO1(B,C,D,A,11,19,0); + + DO1(A,B,C,D,12,3,0); + DO1(D,A,B,C,13,7,0); + DO1(C,D,A,B,14,11,0); + DO1(B,C,D,A,15,19,0); + + /* Round 2 */ + + DO2(A,B,C,D,0,3,0x5A827999); + DO2(D,A,B,C,4,5,0x5A827999); + DO2(C,D,A,B,8,9,0x5A827999); + DO2(B,C,D,A,12,13,0x5A827999); + + DO2(A,B,C,D,1,3,0x5A827999); + DO2(D,A,B,C,5,5,0x5A827999); + DO2(C,D,A,B,9,9,0x5A827999); + DO2(B,C,D,A,13,13,0x5A827999); + + DO2(A,B,C,D,2,3,0x5A827999); + DO2(D,A,B,C,6,5,0x5A827999); + DO2(C,D,A,B,10,9,0x5A827999); + DO2(B,C,D,A,14,13,0x5A827999); + + DO2(A,B,C,D,3,3,0x5A827999); + DO2(D,A,B,C,7,5,0x5A827999); + DO2(C,D,A,B,11,9,0x5A827999); + DO2(B,C,D,A,15,13,0x5A827999); + + /* Round 3 */ + + DO3(A,B,C,D,0,3,0x6ED9EBA1); + DO3(D,A,B,C,8,9,0x6ED9EBA1); + DO3(C,D,A,B,4,11,0x6ED9EBA1); + DO3(B,C,D,A,12,15,0x6ED9EBA1); + + DO3(A,B,C,D,2,3,0x6ED9EBA1); + DO3(D,A,B,C,10,9,0x6ED9EBA1); + DO3(C,D,A,B,6,11,0x6ED9EBA1); + DO3(B,C,D,A,14,15,0x6ED9EBA1); + + DO3(A,B,C,D,1,3,0x6ED9EBA1); + DO3(D,A,B,C,9,9,0x6ED9EBA1); + DO3(C,D,A,B,5,11,0x6ED9EBA1); + DO3(B,C,D,A,13,15,0x6ED9EBA1); + + DO3(A,B,C,D,3,3,0x6ED9EBA1); + DO3(D,A,B,C,11,9,0x6ED9EBA1); + DO3(C,D,A,B,7,11,0x6ED9EBA1); + DO3(B,C,D,A,15,15,0x6ED9EBA1); + + A += AA; + B += BB; + C += CC; + D += DD; +} + +/* + * From `Performance analysis of MD5' by Joseph D. Touch + */ + +#if defined(WORDS_BIGENDIAN) +static inline uint32_t +swap_uint32_t (uint32_t t) +{ + uint32_t temp1, temp2; + + temp1 = cshift(t, 16); + temp2 = temp1 >> 8; + temp1 &= 0x00ff00ff; + temp2 &= 0x00ff00ff; + temp1 <<= 8; + return temp1 | temp2; +} +#endif + +struct x32{ + unsigned int a:32; + unsigned int b:32; +}; + +void +MD4_Update (struct md4 *m, const void *v, size_t len) +{ + const unsigned char *p = v; + size_t old_sz = m->sz[0]; + size_t offset; + + m->sz[0] += len * 8; + if (m->sz[0] < old_sz) + ++m->sz[1]; + offset = (old_sz / 8) % 64; + while(len > 0) { + size_t l = min(len, 64 - offset); + memcpy(m->save + offset, p, l); + offset += l; + p += l; + len -= l; + if(offset == 64) { +#if defined(WORDS_BIGENDIAN) + int i; + uint32_t current[16]; + struct x32 *us = (struct x32*)m->save; + for(i = 0; i < 8; i++){ + current[2*i+0] = swap_uint32_t(us[i].a); + current[2*i+1] = swap_uint32_t(us[i].b); + } + calc(m, current); +#else + calc(m, (uint32_t*)m->save); +#endif + offset = 0; + } + } +} + +void +MD4_Final (void *res, struct md4 *m) +{ + unsigned char zeros[72]; + unsigned offset = (m->sz[0] / 8) % 64; + unsigned int dstart = (120 - offset - 1) % 64 + 1; + + *zeros = 0x80; + memset (zeros + 1, 0, sizeof(zeros) - 1); + zeros[dstart+0] = (m->sz[0] >> 0) & 0xff; + zeros[dstart+1] = (m->sz[0] >> 8) & 0xff; + zeros[dstart+2] = (m->sz[0] >> 16) & 0xff; + zeros[dstart+3] = (m->sz[0] >> 24) & 0xff; + zeros[dstart+4] = (m->sz[1] >> 0) & 0xff; + zeros[dstart+5] = (m->sz[1] >> 8) & 0xff; + zeros[dstart+6] = (m->sz[1] >> 16) & 0xff; + zeros[dstart+7] = (m->sz[1] >> 24) & 0xff; + MD4_Update (m, zeros, dstart + 8); + { + int i; + unsigned char *r = (unsigned char *)res; + + for (i = 0; i < 4; ++i) { + r[4*i] = m->counter[i] & 0xFF; + r[4*i+1] = (m->counter[i] >> 8) & 0xFF; + r[4*i+2] = (m->counter[i] >> 16) & 0xFF; + r[4*i+3] = (m->counter[i] >> 24) & 0xFF; + } + } +#if 0 + { + int i; + uint32_t *r = (uint32_t *)res; + + for (i = 0; i < 4; ++i) + r[i] = swap_uint32_t (m->counter[i]); + } +#endif +} diff --git a/lib/hcrypto/md4.h b/lib/hcrypto/md4.h new file mode 100644 index 000000000000..ce17d0f0885b --- /dev/null +++ b/lib/hcrypto/md4.h @@ -0,0 +1,62 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIM_MD4_H +#define HEIM_MD4_H 1 + +/* symbol renaming */ +#define MD4_Init hc_MD4_Init +#define MD4_Update hc_MD4_Update +#define MD4_Final hc_MD4_Final + +/* + * + */ + +#define MD4_DIGEST_LENGTH 16 + +struct md4 { + unsigned int sz[2]; + uint32_t counter[4]; + unsigned char save[64]; +}; + +typedef struct md4 MD4_CTX; + +void MD4_Init (struct md4 *m); +void MD4_Update (struct md4 *m, const void *p, size_t len); +void MD4_Final (void *res, struct md4 *m); + +#endif /* HEIM_MD4_H */ diff --git a/lib/hcrypto/md5.c b/lib/hcrypto/md5.c new file mode 100644 index 000000000000..b35c76e2937e --- /dev/null +++ b/lib/hcrypto/md5.c @@ -0,0 +1,270 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + +#include "hash.h" +#include "md5.h" + +#define A m->counter[0] +#define B m->counter[1] +#define C m->counter[2] +#define D m->counter[3] +#define X data + +void +MD5_Init (struct md5 *m) +{ + m->sz[0] = 0; + m->sz[1] = 0; + D = 0x10325476; + C = 0x98badcfe; + B = 0xefcdab89; + A = 0x67452301; +} + +#define F(x,y,z) CRAYFIX((x & y) | (~x & z)) +#define G(x,y,z) CRAYFIX((x & z) | (y & ~z)) +#define H(x,y,z) (x ^ y ^ z) +#define I(x,y,z) CRAYFIX(y ^ (x | ~z)) + +#define DOIT(a,b,c,d,k,s,i,OP) \ +a = b + cshift(a + OP(b,c,d) + X[k] + (i), s) + +#define DO1(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,F) +#define DO2(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,G) +#define DO3(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,H) +#define DO4(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,I) + +static inline void +calc (struct md5 *m, uint32_t *data) +{ + uint32_t AA, BB, CC, DD; + + AA = A; + BB = B; + CC = C; + DD = D; + + /* Round 1 */ + + DO1(A,B,C,D,0,7,0xd76aa478); + DO1(D,A,B,C,1,12,0xe8c7b756); + DO1(C,D,A,B,2,17,0x242070db); + DO1(B,C,D,A,3,22,0xc1bdceee); + + DO1(A,B,C,D,4,7,0xf57c0faf); + DO1(D,A,B,C,5,12,0x4787c62a); + DO1(C,D,A,B,6,17,0xa8304613); + DO1(B,C,D,A,7,22,0xfd469501); + + DO1(A,B,C,D,8,7,0x698098d8); + DO1(D,A,B,C,9,12,0x8b44f7af); + DO1(C,D,A,B,10,17,0xffff5bb1); + DO1(B,C,D,A,11,22,0x895cd7be); + + DO1(A,B,C,D,12,7,0x6b901122); + DO1(D,A,B,C,13,12,0xfd987193); + DO1(C,D,A,B,14,17,0xa679438e); + DO1(B,C,D,A,15,22,0x49b40821); + + /* Round 2 */ + + DO2(A,B,C,D,1,5,0xf61e2562); + DO2(D,A,B,C,6,9,0xc040b340); + DO2(C,D,A,B,11,14,0x265e5a51); + DO2(B,C,D,A,0,20,0xe9b6c7aa); + + DO2(A,B,C,D,5,5,0xd62f105d); + DO2(D,A,B,C,10,9,0x2441453); + DO2(C,D,A,B,15,14,0xd8a1e681); + DO2(B,C,D,A,4,20,0xe7d3fbc8); + + DO2(A,B,C,D,9,5,0x21e1cde6); + DO2(D,A,B,C,14,9,0xc33707d6); + DO2(C,D,A,B,3,14,0xf4d50d87); + DO2(B,C,D,A,8,20,0x455a14ed); + + DO2(A,B,C,D,13,5,0xa9e3e905); + DO2(D,A,B,C,2,9,0xfcefa3f8); + DO2(C,D,A,B,7,14,0x676f02d9); + DO2(B,C,D,A,12,20,0x8d2a4c8a); + + /* Round 3 */ + + DO3(A,B,C,D,5,4,0xfffa3942); + DO3(D,A,B,C,8,11,0x8771f681); + DO3(C,D,A,B,11,16,0x6d9d6122); + DO3(B,C,D,A,14,23,0xfde5380c); + + DO3(A,B,C,D,1,4,0xa4beea44); + DO3(D,A,B,C,4,11,0x4bdecfa9); + DO3(C,D,A,B,7,16,0xf6bb4b60); + DO3(B,C,D,A,10,23,0xbebfbc70); + + DO3(A,B,C,D,13,4,0x289b7ec6); + DO3(D,A,B,C,0,11,0xeaa127fa); + DO3(C,D,A,B,3,16,0xd4ef3085); + DO3(B,C,D,A,6,23,0x4881d05); + + DO3(A,B,C,D,9,4,0xd9d4d039); + DO3(D,A,B,C,12,11,0xe6db99e5); + DO3(C,D,A,B,15,16,0x1fa27cf8); + DO3(B,C,D,A,2,23,0xc4ac5665); + + /* Round 4 */ + + DO4(A,B,C,D,0,6,0xf4292244); + DO4(D,A,B,C,7,10,0x432aff97); + DO4(C,D,A,B,14,15,0xab9423a7); + DO4(B,C,D,A,5,21,0xfc93a039); + + DO4(A,B,C,D,12,6,0x655b59c3); + DO4(D,A,B,C,3,10,0x8f0ccc92); + DO4(C,D,A,B,10,15,0xffeff47d); + DO4(B,C,D,A,1,21,0x85845dd1); + + DO4(A,B,C,D,8,6,0x6fa87e4f); + DO4(D,A,B,C,15,10,0xfe2ce6e0); + DO4(C,D,A,B,6,15,0xa3014314); + DO4(B,C,D,A,13,21,0x4e0811a1); + + DO4(A,B,C,D,4,6,0xf7537e82); + DO4(D,A,B,C,11,10,0xbd3af235); + DO4(C,D,A,B,2,15,0x2ad7d2bb); + DO4(B,C,D,A,9,21,0xeb86d391); + + A += AA; + B += BB; + C += CC; + D += DD; +} + +/* + * From `Performance analysis of MD5' by Joseph D. Touch + */ + +#if defined(WORDS_BIGENDIAN) +static inline uint32_t +swap_uint32_t (uint32_t t) +{ + uint32_t temp1, temp2; + + temp1 = cshift(t, 16); + temp2 = temp1 >> 8; + temp1 &= 0x00ff00ff; + temp2 &= 0x00ff00ff; + temp1 <<= 8; + return temp1 | temp2; +} +#endif + +struct x32{ + unsigned int a:32; + unsigned int b:32; +}; + +void +MD5_Update (struct md5 *m, const void *v, size_t len) +{ + const unsigned char *p = v; + size_t old_sz = m->sz[0]; + size_t offset; + + m->sz[0] += len * 8; + if (m->sz[0] < old_sz) + ++m->sz[1]; + offset = (old_sz / 8) % 64; + while(len > 0){ + size_t l = min(len, 64 - offset); + memcpy(m->save + offset, p, l); + offset += l; + p += l; + len -= l; + if(offset == 64){ +#if defined(WORDS_BIGENDIAN) + int i; + uint32_t current[16]; + struct x32 *us = (struct x32*)m->save; + for(i = 0; i < 8; i++){ + current[2*i+0] = swap_uint32_t(us[i].a); + current[2*i+1] = swap_uint32_t(us[i].b); + } + calc(m, current); +#else + calc(m, (uint32_t*)m->save); +#endif + offset = 0; + } + } +} + +void +MD5_Final (void *res, struct md5 *m) +{ + unsigned char zeros[72]; + unsigned offset = (m->sz[0] / 8) % 64; + unsigned int dstart = (120 - offset - 1) % 64 + 1; + + *zeros = 0x80; + memset (zeros + 1, 0, sizeof(zeros) - 1); + zeros[dstart+0] = (m->sz[0] >> 0) & 0xff; + zeros[dstart+1] = (m->sz[0] >> 8) & 0xff; + zeros[dstart+2] = (m->sz[0] >> 16) & 0xff; + zeros[dstart+3] = (m->sz[0] >> 24) & 0xff; + zeros[dstart+4] = (m->sz[1] >> 0) & 0xff; + zeros[dstart+5] = (m->sz[1] >> 8) & 0xff; + zeros[dstart+6] = (m->sz[1] >> 16) & 0xff; + zeros[dstart+7] = (m->sz[1] >> 24) & 0xff; + MD5_Update (m, zeros, dstart + 8); + { + int i; + unsigned char *r = (unsigned char *)res; + + for (i = 0; i < 4; ++i) { + r[4*i] = m->counter[i] & 0xFF; + r[4*i+1] = (m->counter[i] >> 8) & 0xFF; + r[4*i+2] = (m->counter[i] >> 16) & 0xFF; + r[4*i+3] = (m->counter[i] >> 24) & 0xFF; + } + } +#if 0 + { + int i; + uint32_t *r = (uint32_t *)res; + + for (i = 0; i < 4; ++i) + r[i] = swap_uint32_t (m->counter[i]); + } +#endif +} diff --git a/lib/hcrypto/md5.h b/lib/hcrypto/md5.h new file mode 100644 index 000000000000..b2df6e56fcd2 --- /dev/null +++ b/lib/hcrypto/md5.h @@ -0,0 +1,62 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIM_MD5_H +#define HEIM_MD5_H 1 + +/* symbol renaming */ +#define MD5_Init hc_MD5_Init +#define MD5_Update hc_MD5_Update +#define MD5_Final hc_MD5_Final + +/* + * + */ + +#define MD5_DIGEST_LENGTH 16 + +struct md5 { + unsigned int sz[2]; + uint32_t counter[4]; + unsigned char save[64]; +}; + +typedef struct md5 MD5_CTX; + +void MD5_Init (struct md5 *m); +void MD5_Update (struct md5 *m, const void *p, size_t len); +void MD5_Final (void *res, struct md5 *m); /* uint32_t res[4] */ + +#endif /* HEIM_MD5_H */ diff --git a/lib/hcrypto/md5crypt_test.c b/lib/hcrypto/md5crypt_test.c new file mode 100644 index 000000000000..a0c2df411b65 --- /dev/null +++ b/lib/hcrypto/md5crypt_test.c @@ -0,0 +1,77 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include + +struct test { + const char *str; + const char *salt; + const char *result; +} tests[] = { + {"Hello world!", "$1$saltstring", "$1$saltstri$YMyguxXMBpd2TEZ.vS/3q1"}, + {NULL, NULL, NULL} +}; + +static int +do_test (void) +{ + struct test *t; + int res = 0; + + for (t = tests; t->str != NULL; ++t) { + const char *c; + + c = crypt (t->str, t->salt); + + if (strcmp (c, t->result) != 0) { + res = 1; + printf ("should have been: \"%s\"\n", t->result); + printf ("result was: \"%s\"\n", c); + } + } + if (res) + printf ("failed\n"); + else + printf ("success\n"); + return res; +} + +int +main (void) +{ + return do_test (); +} diff --git a/lib/hcrypto/mdtest.c b/lib/hcrypto/mdtest.c new file mode 100644 index 000000000000..3e06bf9c12fd --- /dev/null +++ b/lib/hcrypto/mdtest.c @@ -0,0 +1,348 @@ +/* + * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#define HC_DEPRECATED_CRYPTO + +#include +#ifdef HAVE_STDLIB_H +#include +#endif +#include +#ifdef KRB5 +#include +#endif +#include +#include +#include +#include +#include + +#define ONE_MILLION_A "one million a's" + +struct hash_foo { + const char *name; + size_t psize; + size_t hsize; + void (*init)(void*); + void (*update)(void*, const void*, size_t); + void (*final)(void*, void*); + const EVP_MD * (*evp)(void); +} md2 = { + "MD2", + sizeof(MD2_CTX), + 16, + (void (*)(void*))MD2_Init, + (void (*)(void*,const void*, size_t))MD2_Update, + (void (*)(void*, void*))MD2_Final, + EVP_md2 +}, md4 = { + "MD4", + sizeof(MD4_CTX), + 16, + (void (*)(void*))MD4_Init, + (void (*)(void*,const void*, size_t))MD4_Update, + (void (*)(void*, void*))MD4_Final, + EVP_md4 +}, md5 = { + "MD5", + sizeof(MD5_CTX), + 16, + (void (*)(void*))MD5_Init, + (void (*)(void*,const void*, size_t))MD5_Update, + (void (*)(void*, void*))MD5_Final, + EVP_md5 +}, sha1 = { + "SHA-1", + sizeof(struct sha), + 20, + (void (*)(void*))SHA1_Init, + (void (*)(void*,const void*, size_t))SHA1_Update, + (void (*)(void*, void*))SHA1_Final, + EVP_sha1 +}; +struct hash_foo sha256 = { + "SHA-256", + sizeof(SHA256_CTX), + 32, + (void (*)(void*))SHA256_Init, + (void (*)(void*,const void*, size_t))SHA256_Update, + (void (*)(void*, void*))SHA256_Final, + EVP_sha256 +}; +struct hash_foo sha384 = { + "SHA-384", + sizeof(SHA384_CTX), + 48, + (void (*)(void*))SHA384_Init, + (void (*)(void*,const void*, size_t))SHA384_Update, + (void (*)(void*, void*))SHA384_Final, + EVP_sha384 +}; +struct hash_foo sha512 = { + "SHA-512", + sizeof(SHA512_CTX), + 64, + (void (*)(void*))SHA512_Init, + (void (*)(void*,const void*, size_t))SHA512_Update, + (void (*)(void*, void*))SHA512_Final, + EVP_sha512 +}; + +struct test { + char *str; + unsigned char hash[64]; +}; + +struct test md2_tests[] = { + {"", + "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69\x27\x73" }, + {"a", + "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0\xb5\xd1" }, + {"abc", + "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde\xd6\xbb" }, + {"message digest", + "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe\x06\xb0" }, + {"abcdefghijklmnopqrstuvwxyz", + "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47\x94\x0b" }, + {"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03\x38\xcd" }, + {"12345678901234567890123456789012345678901234567890123456789012345678901234567890", + "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3\xef\xd8" }, + {NULL } +}; + +struct test md4_tests[] = { + {"", + {0x31, 0xd6, 0xcf, 0xe0, 0xd1, 0x6a, 0xe9, 0x31, 0xb7, 0x3c, 0x59, + 0xd7, 0xe0, 0xc0, 0x89, 0xc0}}, + {"a", + {0xbd, 0xe5, 0x2c, 0xb3, 0x1d, 0xe3, 0x3e, 0x46, 0x24, 0x5e, 0x05, + 0xfb, 0xdb, 0xd6, 0xfb, 0x24}}, + {"abc", + {0xa4, 0x48, 0x01, 0x7a, 0xaf, 0x21, 0xd8, 0x52, 0x5f, 0xc1, 0x0a, 0xe8, 0x7a, 0xa6, 0x72, 0x9d}}, + {"message digest", + {0xd9, 0x13, 0x0a, 0x81, 0x64, 0x54, 0x9f, 0xe8, 0x18, 0x87, 0x48, 0x06, 0xe1, 0xc7, 0x01, 0x4b}}, + {"abcdefghijklmnopqrstuvwxyz", {0xd7, 0x9e, 0x1c, 0x30, 0x8a, 0xa5, 0xbb, 0xcd, 0xee, 0xa8, 0xed, 0x63, 0xdf, 0x41, 0x2d, 0xa9, }}, + {"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + {0x04, 0x3f, 0x85, 0x82, 0xf2, 0x41, 0xdb, 0x35, 0x1c, 0xe6, 0x27, 0xe1, 0x53, 0xe7, 0xf0, 0xe4}}, + {"12345678901234567890123456789012345678901234567890123456789012345678901234567890", + {0xe3, 0x3b, 0x4d, 0xdc, 0x9c, 0x38, 0xf2, 0x19, 0x9c, 0x3e, 0x7b, 0x16, 0x4f, 0xcc, 0x05, 0x36, }}, + {NULL, { 0x0 }}}; + +struct test md5_tests[] = { + {"", {0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04, 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e}}, + {"a", {0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8, 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61}}, + {"abc", {0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0, 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72}}, + {"message digest", {0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d, 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0}}, + {"abcdefghijklmnopqrstuvwxyz", {0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00, 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b}}, + {"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", {0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5, 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f}}, + {"12345678901234567890123456789012345678901234567890123456789012345678901234567890", {0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55, 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a}}, + {NULL, { 0x0 }}}; + +struct test sha1_tests[] = { + { "abc", + {0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, + 0xBA, 0x3E, 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, + 0x9C, 0xD0, 0xD8, 0x9D}}, + { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + {0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, + 0xBA, 0xAE, 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, + 0xE5, 0x46, 0x70, 0xF1}}, + { ONE_MILLION_A, + {0x34, 0xaa, 0x97, 0x3c, 0xd4, 0xc4, 0xda, 0xa4, + 0xf6, 0x1e, 0xeb, 0x2b, 0xdb, 0xad, 0x27, 0x31, + 0x65, 0x34, 0x01, 0x6f}}, + { NULL } +}; + +struct test sha256_tests[] = { + { "abc", + { 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, + 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23, + 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, + 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad }}, + { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + { 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8, + 0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39, + 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67, + 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1 }}, + { ONE_MILLION_A, + {0xcd,0xc7,0x6e,0x5c, 0x99,0x14,0xfb,0x92, + 0x81,0xa1,0xc7,0xe2, 0x84,0xd7,0x3e,0x67, + 0xf1,0x80,0x9a,0x48, 0xa4,0x97,0x20,0x0e, + 0x04,0x6d,0x39,0xcc, 0xc7,0x11,0x2c,0xd0 }}, + { NULL } +}; + +struct test sha384_tests[] = { + { "abc", + { 0xcb,0x00,0x75,0x3f,0x45,0xa3,0x5e,0x8b, + 0xb5,0xa0,0x3d,0x69,0x9a,0xc6,0x50,0x07, + 0x27,0x2c,0x32,0xab,0x0e,0xde,0xd1,0x63, + 0x1a,0x8b,0x60,0x5a,0x43,0xff,0x5b,0xed, + 0x80,0x86,0x07,0x2b,0xa1,0xe7,0xcc,0x23, + 0x58,0xba,0xec,0xa1,0x34,0xc8,0x25,0xa7}}, + { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmno" + "ijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", + { 0x09,0x33,0x0c,0x33,0xf7,0x11,0x47,0xe8, + 0x3d,0x19,0x2f,0xc7,0x82,0xcd,0x1b,0x47, + 0x53,0x11,0x1b,0x17,0x3b,0x3b,0x05,0xd2, + 0x2f,0xa0,0x80,0x86,0xe3,0xb0,0xf7,0x12, + 0xfc,0xc7,0xc7,0x1a,0x55,0x7e,0x2d,0xb9, + 0x66,0xc3,0xe9,0xfa,0x91,0x74,0x60,0x39}}, + { ONE_MILLION_A, + { 0x9d,0x0e,0x18,0x09,0x71,0x64,0x74,0xcb, + 0x08,0x6e,0x83,0x4e,0x31,0x0a,0x4a,0x1c, + 0xed,0x14,0x9e,0x9c,0x00,0xf2,0x48,0x52, + 0x79,0x72,0xce,0xc5,0x70,0x4c,0x2a,0x5b, + 0x07,0xb8,0xb3,0xdc,0x38,0xec,0xc4,0xeb, + 0xae,0x97,0xdd,0xd8,0x7f,0x3d,0x89,0x85}}, + {NULL} +}; + +struct test sha512_tests[] = { + { "abc", + { 0xdd,0xaf,0x35,0xa1,0x93,0x61,0x7a,0xba, + 0xcc,0x41,0x73,0x49,0xae,0x20,0x41,0x31, + 0x12,0xe6,0xfa,0x4e,0x89,0xa9,0x7e,0xa2, + 0x0a,0x9e,0xee,0xe6,0x4b,0x55,0xd3,0x9a, + 0x21,0x92,0x99,0x2a,0x27,0x4f,0xc1,0xa8, + 0x36,0xba,0x3c,0x23,0xa3,0xfe,0xeb,0xbd, + 0x45,0x4d,0x44,0x23,0x64,0x3c,0xe8,0x0e, + 0x2a,0x9a,0xc9,0x4f,0xa5,0x4c,0xa4,0x9f }}, + { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmno" + "ijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", + { 0x8e,0x95,0x9b,0x75,0xda,0xe3,0x13,0xda, + 0x8c,0xf4,0xf7,0x28,0x14,0xfc,0x14,0x3f, + 0x8f,0x77,0x79,0xc6,0xeb,0x9f,0x7f,0xa1, + 0x72,0x99,0xae,0xad,0xb6,0x88,0x90,0x18, + 0x50,0x1d,0x28,0x9e,0x49,0x00,0xf7,0xe4, + 0x33,0x1b,0x99,0xde,0xc4,0xb5,0x43,0x3a, + 0xc7,0xd3,0x29,0xee,0xb6,0xdd,0x26,0x54, + 0x5e,0x96,0xe5,0x5b,0x87,0x4b,0xe9,0x09 }}, + { ONE_MILLION_A, + { 0xe7,0x18,0x48,0x3d,0x0c,0xe7,0x69,0x64, + 0x4e,0x2e,0x42,0xc7,0xbc,0x15,0xb4,0x63, + 0x8e,0x1f,0x98,0xb1,0x3b,0x20,0x44,0x28, + 0x56,0x32,0xa8,0x03,0xaf,0xa9,0x73,0xeb, + 0xde,0x0f,0xf2,0x44,0x87,0x7e,0xa6,0x0a, + 0x4c,0xb0,0x43,0x2c,0xe5,0x77,0xc3,0x1b, + 0xeb,0x00,0x9c,0x5c,0x2c,0x49,0xaa,0x2e, + 0x4e,0xad,0xb2,0x17,0xad,0x8c,0xc0,0x9b }}, + { NULL } +}; + +static int +hash_test (struct hash_foo *hash, struct test *tests) +{ + struct test *t; + EVP_MD_CTX *ectx; + unsigned int esize; + void *ctx = malloc(hash->psize); + unsigned char *res = malloc(hash->hsize); + + printf ("%s... ", hash->name); + for (t = tests; t->str; ++t) { + char buf[1000]; + + ectx = EVP_MD_CTX_create(); + EVP_DigestInit_ex(ectx, hash->evp(), NULL); + + (*hash->init)(ctx); + if(strcmp(t->str, ONE_MILLION_A) == 0) { + int i; + memset(buf, 'a', sizeof(buf)); + for(i = 0; i < 1000; i++) { + (*hash->update)(ctx, buf, sizeof(buf)); + EVP_DigestUpdate(ectx, buf, sizeof(buf)); + } + } else { + (*hash->update)(ctx, (unsigned char *)t->str, strlen(t->str)); + EVP_DigestUpdate(ectx, t->str, strlen(t->str)); + } + + (*hash->final) (res, ctx); + if (memcmp (res, t->hash, hash->hsize) != 0) { + int i; + + printf ("%s(\"%s\") failed\n", hash->name, t->str); + printf("should be: "); + for(i = 0; i < hash->hsize; ++i) { + if(i > 0 && (i % 16) == 0) + printf("\n "); + printf("%02x ", t->hash[i]); + } + printf("\nresult was: "); + for(i = 0; i < hash->hsize; ++i) { + if(i > 0 && (i % 16) == 0) + printf("\n "); + printf("%02x ", res[i]); + } + printf("\n"); + return 1; + } + + EVP_DigestFinal_ex(ectx, res, &esize); + EVP_MD_CTX_destroy(ectx); + + if (hash->hsize != esize) { + printf("EVP %s returned wrong hash size\n", hash->name); + return 1; + } + + if (memcmp (res, t->hash, hash->hsize) != 0) { + printf("EVP %s failed here old function where successful!\n", + hash->name); + return 1; + } + } + free(ctx); + free(res); + printf ("success\n"); + return 0; +} + +int +main (void) +{ + return + hash_test(&md2, md2_tests) + + hash_test(&md4, md4_tests) + + hash_test(&md5, md5_tests) + + hash_test(&sha1, sha1_tests) + + hash_test(&sha256, sha256_tests) + + hash_test(&sha384, sha384_tests) + + hash_test(&sha512, sha512_tests); +} diff --git a/lib/hcrypto/passwd_dialog.aps b/lib/hcrypto/passwd_dialog.aps new file mode 100644 index 0000000000000000000000000000000000000000..c90d03091846baf1064a65df23ac1596764cdc4a GIT binary patch literal 30428 zcmbVVX^>=DRX#n)A_^F8;U5gPP)400-^8yM?xpZ|kWu!xQGc-0c z*bRaTiaV~10xBRPf(yuws0=Erh=Mzt?1~#`XoMO@xVGQ9%e&_;StHg&^;F*PyX(8} z-gD2n=Ohu)gYbLpn*PO~-p?cP>0$WYr$ZXy|JSaaGWY{O$NWK`d@@ma)A4#)Etba@ zhTR*U@J+WK&#&C^gp22&eD(Ok#jD3py>$EKJI-G|e$uU1uRis{=E9|0FW+(7jaSYS zJ!cq}|87-mhg|s&Rw)mrD;KZc@sum)FW&fgLL=(&cr!1S%fsg;N>sFuxoQC6EX#dKYPkkkDnUN#2@#cXWg z9?H$={yt&0S~Sx(KMHt&#Fs}0mCerW`~o7|ty>@WH1te$>ePb?L#01mN2ks#H)k-W zbu-)4vq?i4eIcEy$IWT{HM$OemBp;Arj%33pNdhlSW%b8{9#e87Dv>hia*qQvu06I zpC70giS^=Bos#w(}J^Y63db;I0v=PI9 zsvIqrn_`NRH`8jeqR!KJw5KRRLaSyDBv;7LLl*VkKIh`GoYGAmHfmO@<^bS8fsgdS zVs->%qL4=!1RWn&3)_$mS~8`t^D*6$4w^EhNBfX%N(XJ3(%1W7+m;R*Go`{ubz?ec z%@nVP?)j=|rmK3sL@O~(0E`VVnI4U}?H#mYN>!WM6syg_8hI4f12*w%>5dgL0J3M0 z{d!zsQp~4CSt+nHnBpbXEm+p)s?GRlRvh55aebZMlxhi1>a&$Dw3AQiW&=&8Xi7cX z(|NKfoi;$TsH@p(v)?Sv(Zj`)$Dlr4eAHugJstSjFo#!OHl8ptpLzh-)6CDtW2-9@ z)$42~feXH#8k4PXgEX27^Ei&eAOU=>3zt6i*k zw+2v&Wlm!mJvP8*Yktp=EvNGVv@91qpuoCxA;6k53k~(?VgM~Fo^#06r^f}*>0(xB zY=>@B*s_`z3vNGk=n|bOCTBPG80*S>zFF0)DNpSR4~?GhuzEbL4yxs{*fVHGFLWrc zTnEkAXXNxE$7svmR0pGKJl69awRGvlj)et(jtRKIJ7lWq(MufMjBeHq6z?F4=+jG8 zwPbXIhJ(>^tuq9FRC-O?eUOa z@9_0}T&zqd3VMSBxNn=XnIE-18PTr_xWa~eP}FJ?W}TAW=&*yudNZjPOWmHVL%$wk z(<)P40rnd)mTN4dH^o?2V>#UwV?B*^>CG|L*I18!Gsbo_)~DZ!v0aVr&~L}sKx4b~ zmKYmqY(Q^~G4z_Bem11HB|tMW1-(51nxPrdI})H7o08s{0L|cx>30&K8J&vWl>p7~ zOz3xga9Y?WJfU|hh~>9UIjst{{$zQF-V>xlDA6+}&*;4Z!#q=ClIQdXB6+Q+P~N3K zbg2`ptD4-SKXS>CAoL42JRE_V_pE`U|&8xyRVnBc9 z0cLlvvV2JIbI7uq;#G7VE$ICYT+hahu4Y6ZaLJ3xCYSU}V)7_jtDzO!>eM(Z`8QAU8$0Ae-1PblZ$0fR)Pa&Qwq)(qv z2rt(VY|Ufpb?9%~?}^n}RY)(VPrGz}sFj{Jy)J#m0qdpN1F~L^ z{$8b*&1}Wz0woA@dwPBPhc<^Ue24x~rHrdd0qIR}cj=!LqK+2WM)W}SJM_;gnU_i& zU2Jkj|Duv7&Ef!(-~?5x3U)g5ZwhEIp!E!=tCf9NkYefITTHzZJp0sskmGdmA3lcO z*dfoc(f?kVU)b?HV29zaUoucvBFpJWs2IA~lgPZwngfwIAQnTKawQ0{P+ z*I1kb#Ai-iiS22@a;EvxwodI?n=HrmoLTUAOx%4zIK2h{vnxb=Wv0r_&BmB{HT@MabBtsf3k?%LL3CKIMSXqXWr6 zlgxggUs*8vG)psd0Xx(Lu$Vc$U780dPIK+Z_Xc!J0I!<%>Gy`Ta43!}EHoUTbM>m? zQ{MzC4Lai(Y9HbCTw@s>I;<#H^%;oqtdKHzPG=on>P^JRKq$FOM-DC4E0#%++@o_Y z87j54l8FHH=`jwNEShubm;_*ljvavaO3iNGh=A?VH#kfkC%AhW8_>pK`V68vuhAiW zqeE5BVkzK)ZVg~_P7$0DJ=Sqp77D*VtqQIHB7dII33%#a!aU4n5xCN;J^wO;N@$qf3sX&ca?1IX%I_O7i7$s`2V* zu2+#^k1jjLdUkr&9L^ltrzbjev6^^=@6hcIRFal#*)HAT(0T@)EH>S8y;xMUQm>1{ z0ey2!;dADyRtNS;XE>xQ+bK)PUuv9(1zoi?mK}9v{4~tbf5Hd&Z*i0f7D+6Dt7gMn z!)Dy5g@ARsPfd~3+-gZVJM0jEAV8sKYwFRr2^!BE$Re9* zvCzvMpZULC5Zd-aE`bQC7CBwt4m~}^n-=R?xo_oJv}>21;dof#s>Q6pdx(P9YA*(5 zK;PjgR$J~dhV-3|VLE5F0ld|=Zv{Qmv7j4TvgoVchzz3T_k=_1(oW3t)aCS-Q()Wjyz5ULJ zHLfvpCu^;5&2XUp@ra^DD%e#DCFf)~U;o55(%}LNqpqz-&xu$VS}mWr!us^w?KDx` z4n5EDv>9Wg_d!)1w!fctxEU(EkvIv>w61HC4KjMZ<3J|C28c(!RO?VS$msyC}zcIHEL+yF8!>-T`iI_pckhoi)s(j zvKCRZ!H|9~MdF8X*H|onbktsXC_&Z(W?WP2W-+nnWOXP^qPRcldXMCi!Qx3 zzjAt3u2nh6J)++TU~Dp{ zTeze*1u(B_?V^U6aaVv>4Gxanu8Q95pkjfovVG2@4*gbu$>%)E=(huy7qw+(5M}E|$w*~~Y+_@5Z^tOP2LA5HeNjB=!+he?h=0ORj*=UE}5#!5pzdB&k z4GP$$cUr=7)09v+l*P1K&+653GlyAmstYPR^e)FUDiNdGn&eP6zQ>`)Vv6~$xB49V z#`iiHWtTAN2pB3{2Sa~T3k-@}i_JI7Tc&n3SMmyXA;*&bKA)mBGrR^t3_avYW(PFK z3jcneTpi3;M<{i=K7j38D;!X0mp`S$&<~Rj?(C60EX|)Gg zgiTkvjeYu%Pf-@)ITn>ga|jFBWP%+^zq2{cNPq5=ai%w~A{KAfI_W}p>BA8(QQUw& z;?vyt$myD6)A*=QAHX>7huZVLIJq)+(V z6`32|X|s{e{mm6US#w=r4U1x(eZ}z^pL~b&jp% zQ$7ddyD`VlxOv!C{>rDT;W?AzvE8zU#Z5mrY%PE7(@^ugS=Ouxz+ps}uU@=-*rmVm zxxDVFnUxqH9OC}gXR8ja7B~Xn&|#|Y)8F|d?$o5R^Le;KpZ4*3hDnE6v)XWf)EEzU z=`%jbjLI0+3>`g@;hE;I0?hMq3fk0Jeo%Q7w?GtTzv8J`|7NH{>A!_5XQ zo#)t$|Jmn`VRs&3kyN!~GyWGJHmVbTe8zk`$%~x+)n{Q$u#jOMYJF6WJ^9~#23BIO zMcw7$g{bJ!fA|c&s;p<8DlW&K{GXPGcLz((s5#5GnCR4XMwwo2v<3#L8C~a6)oG89 zj_Neawt;(wprY`R4hLs858NvvphpIUhCM=!zAT3w`aXPNh^_ZiSk4RvPWl11vgb`v_|w z#?w9Oc6L$qLma01X_1^BDiNjF<72c^>2uaDJtHKOOONGYsaPPb_*j8 zGjhruL-#;mf#XtPwd-0GGfNx8lr5~=8Sd`Vt^*H>y&0cp7#PsN0od=R&`EGh6*#1! z1NW7sk1Zs~hhx}H4m#sO89mZLvt|rSRJmB{Y&kv3VXFn^)=ZDe5S#JWhETOURF(DU z>q1C15E{rw2f!f@@esS~*9SoFuuwh5>8o%MOTaBM;2V1SKFbKZKgMW*7fh=NQ7G13 z+|08$WQ0=LF7RG&AOkU>&-e0@1VBvKq1qA_tu2iO`l*6pbMj>3K80$7r7pL(q zH9o4Er=T9qEmSJGif0b5Hc%G(051wlMxZM8k>%=Wsv&5J0|*8sl?fVRhb*CHIbE@( z4aGr8>=5j%)dKGV-^zq$>oE>l76*`r%u)z7u|u$oVwV`fe2%M<$VQtGJKSfT1F(#~ zF~oS+1(MUPA+ooqpq2*KrN@TYNL?J|+c@V#=%|8%>yY#H=|TwN1;X9Bg3%qi7^3A7 z^pt>h>2V>nx4G@#o;2-heizux z$@do(4i#pIW6wTp7N?;W*CKI+srsytbT}LH4!)-ar3&-)2NM)l=j(c)%M5Y0&uGIq z+6h%=3U>uSl^GJ0A*yPNDCkE+Mm-BSBl@wBqZzKElAaw>Y%z{BraMEDsYzWw)_tz% z$3v1WNniQYv+pME)}m}^Do!w$XN!FpAi&-t!7umQay zfo+7XyTTQ?UvV5B=uMlwpjXC_pL;~FauhRyu7HwWokaaI#`KzqrFRN@S$TphPV`zw z(yzRdhBka96L?0iOXGYi6L?OqcQ{)UlrxLMaKqt^0md6Zdo^oP;iki{S;iddIJLXM zO9V^5wx?GRjo*}HSZ#QP9p=miQ#@wa*)tPvA!G*knEL-^YyKCaKy>@G7pI#(@}nz+I# z{Oytg5wn@-x7BTSIEcR^LBd`qIDLAjaT)c{C6eJ1r$>r-lO&@LO1?y$r_C5T)R*!g8he z5NOGNU$W2^t?NU__OuDGDoT2fwLClsM)Z8!nim zTM4cDA4!7lZJ;Hopj`iB$-;X9tt(FlXWpowVgD0J;?6*?qefRX1{(H1l>|1isIgOb z#N7Cfdh}-@4+Xi$3{Cs{B*9owP#)XQ^$gTC?$G-aMBIOBCNpDXt)O=QK!U_Ab2lfd z(SSafV3|eYNISRjDl;0=hfW~!-QT0uXaH%8{#>%5mql0G>tF?I3+=s&YBZt`pFq}K zF6kqZGpnkxZDd&Ym_910x^DGsF_21QSB)zAnB>6VctZOo^zjqOs(mnCd_r<;+q?%{ zX7ou(G7q?%*7H#V8-jQ)Wln#Qpvo=2?9yLKiqXos30L;$Q^KFEH2`cIj`F%O9Nn;Q03`xQVKt z&){F*FZB0Sy7b%Z3faSu!i^Ov7;;o>7&C(_R%PwQ%mb{C7+c2Jj1KXRndR=FY z6@F|pV$Hv3qXx|yV|4o%o-jAxtu<&jfeOt(vhw9~el3mPwP*?p>%4@r1`jriEe_ei zkZ>lh+b9@C+Zd4wMnG;*jBP+VVh1hZt6W9_DGCh~kOB!5kOB!5kOI-i8=-)VFrk2q zuvP&XAyzF1wN!*T1!M$C1!M#|RU8yL5$Y6>5o8sNaQSu5h4X-lHnAPA*|;zDoiTbsbswzh4A*4EY%(zdo1PTJZ6RNC5F zXp0>oh4Tie%nV}X71`~vLfaAA0wOyC5V>#05l-5TGvSfn7Q2MUe&mraP!^C99{GZC zf=9k!r9AQlj2AEMkq-`5LVlC2_aqwxMXFJ%K;^Es8cS}S&{(b#baP!FbhQUty1M7@ zJn}^bWg5b<)p_Jgke!%(kNgnDu@04~*>5W|vYqFVA7-;AVVzwqT{e4rIT+;@Vc%fI z@;vfIxqQ{t^T-!if`H6h3M}7ip zJ@OM+>ye+phPo~4t+Zop+X90QKS$ioPh^CUqd@Orv^mYtAij*7$}MQdrc8ona1ekd zk+b#4Pl2sRegIk*)eK&g8shEK_s9>^ouj&ax;l^W$d_51N4`jv9{D0!?d)poaP1~c z_dN0=(B8e_fyd<=f%_i$J|I2v1rmGY3lIm0)+1jeL&`VF_Tj}I`I>Ih1CM+U3q0~Y zEb_>YQ7GNnW($A)o*4;Kr{|Hc^Fr`I-aR*O$3Hm-5KhT$XT!>%H9v*s)e5+i9vbc=m2_mBAxl7nAnLcbJ;r`u-LM zmG2w`7H&<`gJAK(Epe1H$&)|(6;;DbT<01xEW=>>>~5I)p?Q@D*1RwL|M z+DdL5KENwC2p`~KVfX+6hT#JQ#P@2V@Bsp6;gV%f^h1RY5Rg^gYe+pG+Xom&k;z#1 zIedV~7KRTHkS$S$4-ha98%M6NvsG$F;R6I| zTlfG$Nrw**1SLcJ;R6I3gbxr%5I#U4s>C3CfCsDL55os|46KZC_<$`8HE;BuXXlM- zftWc69}s31S1LLP9}vQR_yB=w#fG}SD#Hf|hT8Oa^HB|hla0XCJ*hB!fWWm<#0qTi z?DrNQ89qQ{^1}xRzz-iF0K8Xz_yB>a1Dp&WATZ;p;839n!rI7j%!2R%BC~>1;R6IG z3LhXaRe2OXKoIOL9Clt3;R6IC4j&-EWcUDqD>)_=K0t6%;R6J$#B?sl4<8^HiSPje zjl%~BkS$5F>u@v?sC8bHKGL|;ouWuTYYrcfD8*7__<)wSJ$!(mI3HEs8k|$VcwG?6 z!TId-+-g1l#YTXrSaJA(WIb{C07+xL2n@b{_y9?8O^L$?BzcMO0fL7WE*U;RP_~2* z5DYUusqg`U6@?FoFkJg+!v{nlD`vd#0TF|;)STuc}?gO>s#w#CcDM!Uu$;WcYxPWCz3^gE)LZ$VrC}2w7qHfDq?C z$?yRo9)u4F;UIiK2nXQBfT3RIbAt?Ku}&Pd_X|i7Cs=LoftkK;GP^lARuoE9}uv%gbxT<$?yRI2jhEU z_<(@EEqp*gJ28Afz`dLB0RcN5J|G}*r@Zh10iF&Y5RlBFJQ+S9p#ERN2Z$_p8$KZ5 zhT#JO*r-l;OE$J<6+R$fVN9@)dEo;B23F!Qd_cg!sc2v4~TMx@wfFh$`bJReUgZRWP>EZvU4WiZOmxGO-cDNF5;xe43>m66r2qV>=- z&SV{BYxOy?%V5+JTa0Us5CekNcrJrmOY&U?BUl%c<$K>{(BsInF}nDPsM|;S?VE3u20L;Y^a|MOGU&0kxeR(F?hIr(p1dk*Uj>&zk8py^V8lZ~ zt(vBS%b-UvnvuT;ww7aqiA#@FcQoA6y1KjvYYn0mEg`Bbf)h#bq!>HCu?TGMsmO zm$X`VE`wef+g%1d+IE*gk9LB~Ab8@dC~iQnPod*Tg%=^wgYds=*Y1hmi=5*5$i3~p zZ@rV#^p{KCrM`2LXpZkRyNdswN_Wr|x_}bCnVy1g9=k%{3hsUIg>y@!Ey21SEdGnJ zOZWmZ{&^66*PQ?V<@BZW418_lr|)s?+IMjRe$Xm|-GHxAygxo)yY@_crQB%^GehB* zNaNQjyi_%vM=h6I9vX?CFUR*r9->9p@bleBx(p7t{UTa%Nwtn!_GEl|QqZTHR7v~z zcdULZ^rFW1{mt<24BrUYAa#${_%z0M2lDs%&G3Ki$>@*aDKPE$viISa;d2MS6@Kxp zm+EH^|GvTeeNS*~`n~Ztf9EIvd>(##_+26AS^Ud2mZ*8HTHwA5RQfmy??sIE-R0Mw zg);v`jYH#u9%4NjA9BC@qMUo&ZCT9l$AL3`2!ru3q`U7gwcd?g{;m|ycK$%%b2*(wGB6fb-I9OFK;a2Ij}edKDUNmay%gtkYMuS9 zv-dgxH67>TBl)|656{XI8f%m)nUCq2f84x|3wPQE28`KiA6T+sstIfMgwjXx96g4r z4dq(M<&|d5h6E27Gh?u90cWlx`Q|4bE gNuL5EC30FJ>9+d&Q_DKN0o~~{aR2}S literal 0 HcmV?d00001 diff --git a/lib/hcrypto/passwd_dlg.c b/lib/hcrypto/passwd_dlg.c new file mode 100644 index 000000000000..c16f28327056 --- /dev/null +++ b/lib/hcrypto/passwd_dlg.c @@ -0,0 +1,89 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* passwd_dlg.c - Dialog boxes for Windows95/NT + * Author: Jörgen Karlsson - d93-jka@nada.kth.se + * Date: June 1996 + */ + +#include + +#ifdef WIN32 /* Visual C++ 4.0 (Windows95/NT) */ +#include +#include "passwd_dlg.h" +#include "Resource.h" +#define passwdBufSZ 64 + +char passwd[passwdBufSZ]; + +BOOL CALLBACK +pwd_dialog_proc(HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) +{ + switch(uMsg) + { + case WM_COMMAND: + switch(wParam) + { + case IDOK: + if(!GetDlgItemText(hwndDlg,IDC_PASSWD_EDIT, passwd, passwdBufSZ)) + EndDialog(hwndDlg, IDCANCEL); + case IDCANCEL: + EndDialog(hwndDlg, wParam); + return TRUE; + } + } + return FALSE; +} + + +/* return 0 if ok, 1 otherwise */ +int +pwd_dialog(char *buf, int size) +{ + int i; + HWND wnd = GetActiveWindow(); + HANDLE hInst = GetModuleHandle("des"); + switch(DialogBox(hInst,MAKEINTRESOURCE(IDD_PASSWD_DIALOG),wnd,pwd_dialog_proc)) + { + case IDOK: + strlcpy(buf, passwd, size); + memset (passwd, 0, sizeof(passwd)); + return 0; + case IDCANCEL: + default: + memset (passwd, 0, sizeof(passwd)); + return 1; + } +} + +#endif /* WIN32 */ diff --git a/lib/hcrypto/passwd_dlg.h b/lib/hcrypto/passwd_dlg.h new file mode 100644 index 000000000000..222417d22e8d --- /dev/null +++ b/lib/hcrypto/passwd_dlg.h @@ -0,0 +1,47 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* passwd_dlg.h - Dialog boxes for Windows95/NT + * Author: Jörgen Karlsson - d93-jka@nada.kth.se + * Date: June 1996 + */ + +/* $Id$ */ + +#ifndef PASSWD_DLG_H +#define PASSWD_DLG_H + +int pwd_dialog(char *buf, int size); + + +#endif /* PASSWD_DLG_H */ diff --git a/lib/hcrypto/pkcs12.c b/lib/hcrypto/pkcs12.c new file mode 100644 index 000000000000..ff0f77644ea8 --- /dev/null +++ b/lib/hcrypto/pkcs12.c @@ -0,0 +1,162 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include + +#include +#include + +#include + +int +PKCS12_key_gen(const void *key, size_t keylen, + const void *salt, size_t saltlen, + int id, int iteration, size_t outkeysize, + void *out, const EVP_MD *md) +{ + unsigned char *v, *I, hash[EVP_MAX_MD_SIZE]; + unsigned int size, size_I = 0; + unsigned char idc = id; + EVP_MD_CTX *ctx; + unsigned char *outp = out; + int i, vlen; + + /** + * The argument key is pointing to an utf16 string, and thus + * keylen that is no a multiple of 2 is invalid. + */ + if (keylen & 1) + return 0; + + ctx = EVP_MD_CTX_create(); + if (ctx == NULL) + return 0; + + vlen = EVP_MD_block_size(md); + v = malloc(vlen + 1); + if (v == NULL) { + EVP_MD_CTX_destroy(ctx); + return 0; + } + + I = calloc(1, vlen * 2); + if (I == NULL) { + EVP_MD_CTX_destroy(ctx); + free(v); + return 0; + } + + if (salt && saltlen > 0) { + for (i = 0; i < vlen; i++) + I[i] = ((unsigned char*)salt)[i % saltlen]; + size_I += vlen; + } + /* + * There is a diffrence between the no password string and the + * empty string, in the empty string the UTF16 NUL terminator is + * included into the string. + */ + if (key) { + for (i = 0; i < vlen / 2; i++) { + I[(i * 2) + size_I] = 0; + I[(i * 2) + size_I + 1] = ((unsigned char*)key)[i % (keylen + 1)]; + } + size_I += vlen; + } + + while (1) { + BIGNUM *bnB, *bnOne; + + if (!EVP_DigestInit_ex(ctx, md, NULL)) { + EVP_MD_CTX_destroy(ctx); + free(I); + free(v); + return 0; + } + for (i = 0; i < vlen; i++) + EVP_DigestUpdate(ctx, &idc, 1); + EVP_DigestUpdate(ctx, I, size_I); + EVP_DigestFinal_ex(ctx, hash, &size); + + for (i = 1; i < iteration; i++) + EVP_Digest(hash, size, hash, &size, md, NULL); + + memcpy(outp, hash, min(outkeysize, size)); + if (outkeysize < size) + break; + outkeysize -= size; + outp += size; + + for (i = 0; i < vlen; i++) + v[i] = hash[i % size]; + + bnB = BN_bin2bn(v, vlen, NULL); + bnOne = BN_new(); + BN_set_word(bnOne, 1); + + BN_uadd(bnB, bnB, bnOne); + + for (i = 0; i < vlen * 2; i += vlen) { + BIGNUM *bnI; + int j; + + bnI = BN_bin2bn(I + i, vlen, NULL); + + BN_uadd(bnI, bnI, bnB); + + j = BN_num_bytes(bnI); + if (j > vlen) { + assert(j == vlen + 1); + BN_bn2bin(bnI, v); + memcpy(I + i, v + 1, vlen); + } else { + memset(I + i, 0, vlen - j); + BN_bn2bin(bnI, I + i + vlen - j); + } + BN_free(bnI); + } + BN_free(bnB); + BN_free(bnOne); + size_I = vlen * 2; + } + + EVP_MD_CTX_destroy(ctx); + free(I); + free(v); + + return 1; +} diff --git a/lib/hcrypto/pkcs12.h b/lib/hcrypto/pkcs12.h new file mode 100644 index 000000000000..7e8214edcdd8 --- /dev/null +++ b/lib/hcrypto/pkcs12.h @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * $Id$ + */ + +#ifndef _HEIM_PKCS12_H +#define _HEIM_PKCS12_H 1 + +/* symbol renaming */ +#define PKCS12_key_gen hc_PKCS12_key_gen + +/* + * + */ + +#include + +#define PKCS12_KEY_ID 1 +#define PKCS12_IV_ID 2 + +int PKCS12_key_gen(const void *, size_t, const void *, + size_t, int, int, size_t, void *, const EVP_MD *); + + +#endif /* _HEIM_PKCS12_H */ diff --git a/lib/hcrypto/pkcs5.c b/lib/hcrypto/pkcs5.c new file mode 100644 index 000000000000..18045e236f2c --- /dev/null +++ b/lib/hcrypto/pkcs5.c @@ -0,0 +1,128 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#ifdef KRB5 +#include +#endif + +#include +#include + +#include +#include + +#include + +/** + * As descriped in PKCS5, convert a password, salt, and iteration counter into a crypto key. + * + * @param password Password. + * @param password_len Length of password. + * @param salt Salt + * @param salt_len Length of salt. + * @param iter iteration counter. + * @param keylen the output key length. + * @param key the output key. + * + * @return 1 on success, non 1 on failure. + * + * @ingroup hcrypto_misc + */ + +int +PKCS5_PBKDF2_HMAC_SHA1(const void * password, size_t password_len, + const void * salt, size_t salt_len, + unsigned long iter, + size_t keylen, void *key) +{ + size_t datalen, leftofkey, checksumsize; + char *data, *tmpcksum; + uint32_t keypart; + const EVP_MD *md; + unsigned long i; + int j; + char *p; + unsigned int hmacsize; + + md = EVP_sha1(); + checksumsize = EVP_MD_size(md); + datalen = salt_len + 4; + + tmpcksum = malloc(checksumsize + datalen); + if (tmpcksum == NULL) + return 0; + + data = &tmpcksum[checksumsize]; + + memcpy(data, salt, salt_len); + + keypart = 1; + leftofkey = keylen; + p = key; + + while (leftofkey) { + int len; + + if (leftofkey > checksumsize) + len = checksumsize; + else + len = leftofkey; + + data[datalen - 4] = (keypart >> 24) & 0xff; + data[datalen - 3] = (keypart >> 16) & 0xff; + data[datalen - 2] = (keypart >> 8) & 0xff; + data[datalen - 1] = (keypart) & 0xff; + + HMAC(md, password, password_len, data, datalen, + tmpcksum, &hmacsize); + + memcpy(p, tmpcksum, len); + for (i = 1; i < iter; i++) { + HMAC(md, password, password_len, tmpcksum, checksumsize, + tmpcksum, &hmacsize); + + for (j = 0; j < len; j++) + p[j] ^= tmpcksum[j]; + } + + p += len; + leftofkey -= len; + keypart++; + } + + free(tmpcksum); + + return 1; +} diff --git a/lib/hcrypto/rand-egd.c b/lib/hcrypto/rand-egd.c new file mode 100644 index 000000000000..dd2d3e13ecd9 --- /dev/null +++ b/lib/hcrypto/rand-egd.c @@ -0,0 +1,260 @@ +/* + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#ifdef HAVE_SYS_UN_H +#include +#endif + +#include +#include +#ifdef HAVE_UNISTD_H +#include +#endif +#include + +#include +#include + +#include + +static const char *egd_path = "/var/run/egd-pool"; + +#define MAX_EGD_DATA 255 + +static int +connect_egd(const char *path) +{ + struct sockaddr_un addr; + int fd; + + memset(&addr, 0, sizeof(addr)); + + if (strlen(path) > sizeof(addr.sun_path)) + return -1; + + addr.sun_family = AF_UNIX; + strlcpy(addr.sun_path, path, sizeof(addr.sun_path)); + + fd = socket(AF_UNIX, SOCK_STREAM, 0); + if (fd < 0) + return -1; + + rk_cloexec(fd); + + if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) != 0) { + close(fd); + return -1; + } + + return fd; +} + +static int +get_entropy(int fd, void *data, size_t len) +{ + unsigned char msg[2]; + + assert(len <= MAX_EGD_DATA); + + msg[0] = 0x02; /* read blocking data */ + msg[1] = len; /* wanted length */ + + if (net_write(fd, msg, sizeof(msg)) != sizeof(msg)) + return 0; + + if (net_read(fd, data, len) != len) + return 0; + + return 1; +} + +static int +put_entropy(int fd, const void *data, size_t len) +{ + unsigned char msg[4]; + + assert (len <= MAX_EGD_DATA); + + msg[0] = 0x03; /* write data */ + msg[1] = 0; /* dummy */ + msg[2] = 0; /* entropy */ + msg[3] = len; /* length */ + + if (net_write(fd, msg, sizeof(msg)) != sizeof(msg)) + return 0; + if (net_write(fd, data, len) != len) + return 0; + + return 1; +} + +/* + * + */ + +static void +egd_seed(const void *indata, int size) +{ + size_t len; + int fd, ret = 1; + + fd = connect_egd(egd_path); + if (fd < 0) + return; + + while(size) { + len = size; + if (len > MAX_EGD_DATA) + len = MAX_EGD_DATA; + ret = put_entropy(fd, indata, len); + if (ret != 1) + break; + indata = ((unsigned char *)indata) + len; + size -= len; + } + close(fd); +} + +static int +get_bytes(const char *path, unsigned char *outdata, int size) +{ + size_t len; + int fd, ret = 1; + + if (path == NULL) + path = egd_path; + + fd = connect_egd(path); + if (fd < 0) + return 0; + + while(size) { + len = size; + if (len > MAX_EGD_DATA) + len = MAX_EGD_DATA; + ret = get_entropy(fd, outdata, len); + if (ret != 1) + break; + outdata += len; + size -= len; + } + close(fd); + + return ret; +} + +static int +egd_bytes(unsigned char *outdata, int size) +{ + return get_bytes(NULL, outdata, size); +} + +static void +egd_cleanup(void) +{ +} + +static void +egd_add(const void *indata, int size, double entropi) +{ + egd_seed(indata, size); +} + +static int +egd_pseudorand(unsigned char *outdata, int size) +{ + return get_bytes(NULL, outdata, size); +} + +static int +egd_status(void) +{ + int fd; + fd = connect_egd(egd_path); + if (fd < 0) + return 0; + close(fd); + return 1; +} + +const RAND_METHOD hc_rand_egd_method = { + egd_seed, + egd_bytes, + egd_cleanup, + egd_add, + egd_pseudorand, + egd_status +}; + +const RAND_METHOD * +RAND_egd_method(void) +{ + return &hc_rand_egd_method; +} + + +int +RAND_egd(const char *filename) +{ + return RAND_egd_bytes(filename, 128); +} + +int +RAND_egd_bytes(const char *filename, int size) +{ + void *data; + int ret; + + if (size <= 0) + return 0; + + data = malloc(size); + if (data == NULL) + return 0; + + ret = get_bytes(filename, data, size); + if (ret != 1) { + free(data); + return ret; + } + + RAND_seed(data, size); + + memset(data, 0, size); + free(data); + + return 1; +} diff --git a/lib/hcrypto/rand-fortuna.c b/lib/hcrypto/rand-fortuna.c new file mode 100644 index 000000000000..11027b46cf4a --- /dev/null +++ b/lib/hcrypto/rand-fortuna.c @@ -0,0 +1,655 @@ +/* + * fortuna.c + * Fortuna-like PRNG. + * + * Copyright (c) 2005 Marko Kreen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $PostgreSQL: pgsql/contrib/pgcrypto/fortuna.c,v 1.8 2006/10/04 00:29:46 momjian Exp $ + */ + +#include + +#include +#include +#include +#include + +#ifdef KRB5 +#include +#endif +#include + +#include "randi.h" +#include "aes.h" +#include "sha.h" + +/* + * Why Fortuna-like: There does not seem to be any definitive reference + * on Fortuna in the net. Instead this implementation is based on + * following references: + * + * http://en.wikipedia.org/wiki/Fortuna_(PRNG) + * - Wikipedia article + * http://jlcooke.ca/random/ + * - Jean-Luc Cooke Fortuna-based /dev/random driver for Linux. + */ + +/* + * There is some confusion about whether and how to carry forward + * the state of the pools. Seems like original Fortuna does not + * do it, resetting hash after each request. I guess expecting + * feeding to happen more often that requesting. This is absolutely + * unsuitable for pgcrypto, as nothing asynchronous happens here. + * + * J.L. Cooke fixed this by feeding previous hash to new re-initialized + * hash context. + * + * Fortuna predecessor Yarrow requires ability to query intermediate + * 'final result' from hash, without affecting it. + * + * This implementation uses the Yarrow method - asking intermediate + * results, but continuing with old state. + */ + + +/* + * Algorithm parameters + */ + +#define NUM_POOLS 32 + +/* in microseconds */ +#define RESEED_INTERVAL 100000 /* 0.1 sec */ + +/* for one big request, reseed after this many bytes */ +#define RESEED_BYTES (1024*1024) + +/* + * Skip reseed if pool 0 has less than this many + * bytes added since last reseed. + */ +#define POOL0_FILL (256/8) + +/* + * Algorithm constants + */ + +/* Both cipher key size and hash result size */ +#define BLOCK 32 + +/* cipher block size */ +#define CIPH_BLOCK 16 + +/* for internal wrappers */ +#define MD_CTX SHA256_CTX +#define CIPH_CTX AES_KEY + +struct fortuna_state +{ + unsigned char counter[CIPH_BLOCK]; + unsigned char result[CIPH_BLOCK]; + unsigned char key[BLOCK]; + MD_CTX pool[NUM_POOLS]; + CIPH_CTX ciph; + unsigned reseed_count; + struct timeval last_reseed_time; + unsigned pool0_bytes; + unsigned rnd_pos; + int tricks_done; + pid_t pid; +}; +typedef struct fortuna_state FState; + + +/* + * Use our own wrappers here. + * - Need to get intermediate result from digest, without affecting it. + * - Need re-set key on a cipher context. + * - Algorithms are guaranteed to exist. + * - No memory allocations. + */ + +static void +ciph_init(CIPH_CTX * ctx, const unsigned char *key, int klen) +{ + AES_set_encrypt_key(key, klen * 8, ctx); +} + +static void +ciph_encrypt(CIPH_CTX * ctx, const unsigned char *in, unsigned char *out) +{ + AES_encrypt(in, out, ctx); +} + +static void +md_init(MD_CTX * ctx) +{ + SHA256_Init(ctx); +} + +static void +md_update(MD_CTX * ctx, const unsigned char *data, int len) +{ + SHA256_Update(ctx, data, len); +} + +static void +md_result(MD_CTX * ctx, unsigned char *dst) +{ + SHA256_CTX tmp; + + memcpy(&tmp, ctx, sizeof(*ctx)); + SHA256_Final(dst, &tmp); + memset(&tmp, 0, sizeof(tmp)); +} + +/* + * initialize state + */ +static void +init_state(FState * st) +{ + int i; + + memset(st, 0, sizeof(*st)); + for (i = 0; i < NUM_POOLS; i++) + md_init(&st->pool[i]); + st->pid = getpid(); +} + +/* + * Endianess does not matter. + * It just needs to change without repeating. + */ +static void +inc_counter(FState * st) +{ + uint32_t *val = (uint32_t *) st->counter; + + if (++val[0]) + return; + if (++val[1]) + return; + if (++val[2]) + return; + ++val[3]; +} + +/* + * This is called 'cipher in counter mode'. + */ +static void +encrypt_counter(FState * st, unsigned char *dst) +{ + ciph_encrypt(&st->ciph, st->counter, dst); + inc_counter(st); +} + + +/* + * The time between reseed must be at least RESEED_INTERVAL + * microseconds. + */ +static int +enough_time_passed(FState * st) +{ + int ok; + struct timeval tv; + struct timeval *last = &st->last_reseed_time; + + gettimeofday(&tv, NULL); + + /* check how much time has passed */ + ok = 0; + if (tv.tv_sec > last->tv_sec + 1) + ok = 1; + else if (tv.tv_sec == last->tv_sec + 1) + { + if (1000000 + tv.tv_usec - last->tv_usec >= RESEED_INTERVAL) + ok = 1; + } + else if (tv.tv_usec - last->tv_usec >= RESEED_INTERVAL) + ok = 1; + + /* reseed will happen, update last_reseed_time */ + if (ok) + memcpy(last, &tv, sizeof(tv)); + + memset(&tv, 0, sizeof(tv)); + + return ok; +} + +/* + * generate new key from all the pools + */ +static void +reseed(FState * st) +{ + unsigned k; + unsigned n; + MD_CTX key_md; + unsigned char buf[BLOCK]; + + /* set pool as empty */ + st->pool0_bytes = 0; + + /* + * Both #0 and #1 reseed would use only pool 0. Just skip #0 then. + */ + n = ++st->reseed_count; + + /* + * The goal: use k-th pool only 1/(2^k) of the time. + */ + md_init(&key_md); + for (k = 0; k < NUM_POOLS; k++) + { + md_result(&st->pool[k], buf); + md_update(&key_md, buf, BLOCK); + + if (n & 1 || !n) + break; + n >>= 1; + } + + /* add old key into mix too */ + md_update(&key_md, st->key, BLOCK); + + /* add pid to make output diverse after fork() */ + md_update(&key_md, (const unsigned char *)&st->pid, sizeof(st->pid)); + + /* now we have new key */ + md_result(&key_md, st->key); + + /* use new key */ + ciph_init(&st->ciph, st->key, BLOCK); + + memset(&key_md, 0, sizeof(key_md)); + memset(buf, 0, BLOCK); +} + +/* + * Pick a random pool. This uses key bytes as random source. + */ +static unsigned +get_rand_pool(FState * st) +{ + unsigned rnd; + + /* + * This slightly prefers lower pools - thats OK. + */ + rnd = st->key[st->rnd_pos] % NUM_POOLS; + + st->rnd_pos++; + if (st->rnd_pos >= BLOCK) + st->rnd_pos = 0; + + return rnd; +} + +/* + * update pools + */ +static void +add_entropy(FState * st, const unsigned char *data, unsigned len) +{ + unsigned pos; + unsigned char hash[BLOCK]; + MD_CTX md; + + /* hash given data */ + md_init(&md); + md_update(&md, data, len); + md_result(&md, hash); + + /* + * Make sure the pool 0 is initialized, then update randomly. + */ + if (st->reseed_count == 0) + pos = 0; + else + pos = get_rand_pool(st); + md_update(&st->pool[pos], hash, BLOCK); + + if (pos == 0) + st->pool0_bytes += len; + + memset(hash, 0, BLOCK); + memset(&md, 0, sizeof(md)); +} + +/* + * Just take 2 next blocks as new key + */ +static void +rekey(FState * st) +{ + encrypt_counter(st, st->key); + encrypt_counter(st, st->key + CIPH_BLOCK); + ciph_init(&st->ciph, st->key, BLOCK); +} + +/* + * Hide public constants. (counter, pools > 0) + * + * This can also be viewed as spreading the startup + * entropy over all of the components. + */ +static void +startup_tricks(FState * st) +{ + int i; + unsigned char buf[BLOCK]; + + /* Use next block as counter. */ + encrypt_counter(st, st->counter); + + /* Now shuffle pools, excluding #0 */ + for (i = 1; i < NUM_POOLS; i++) + { + encrypt_counter(st, buf); + encrypt_counter(st, buf + CIPH_BLOCK); + md_update(&st->pool[i], buf, BLOCK); + } + memset(buf, 0, BLOCK); + + /* Hide the key. */ + rekey(st); + + /* This can be done only once. */ + st->tricks_done = 1; +} + +static void +extract_data(FState * st, unsigned count, unsigned char *dst) +{ + unsigned n; + unsigned block_nr = 0; + pid_t pid = getpid(); + + /* Should we reseed? */ + if (st->pool0_bytes >= POOL0_FILL || st->reseed_count == 0) + if (enough_time_passed(st)) + reseed(st); + + /* Do some randomization on first call */ + if (!st->tricks_done) + startup_tricks(st); + + /* If we forked, force a reseed again */ + if (pid != st->pid) { + st->pid = pid; + reseed(st); + } + + while (count > 0) + { + /* produce bytes */ + encrypt_counter(st, st->result); + + /* copy result */ + if (count > CIPH_BLOCK) + n = CIPH_BLOCK; + else + n = count; + memcpy(dst, st->result, n); + dst += n; + count -= n; + + /* must not give out too many bytes with one key */ + block_nr++; + if (block_nr > (RESEED_BYTES / CIPH_BLOCK)) + { + rekey(st); + block_nr = 0; + } + } + /* Set new key for next request. */ + rekey(st); +} + +/* + * public interface + */ + +static FState main_state; +static int init_done; +static int have_entropy; +#define FORTUNA_RESEED_BYTE 10000 +static unsigned resend_bytes; + +/* + * This mutex protects all of the above static elements from concurrent + * access by multiple threads + */ +static HEIMDAL_MUTEX fortuna_mutex = HEIMDAL_MUTEX_INITIALIZER; + +/* + * Try our best to do an inital seed + */ +#define INIT_BYTES 128 + +/* + * fortuna_mutex must be held across calls to this function + */ + +static int +fortuna_reseed(void) +{ + int entropy_p = 0; + + if (!init_done) + abort(); + +#ifndef NO_RAND_UNIX_METHOD + { + unsigned char buf[INIT_BYTES]; + if ((*hc_rand_unix_method.bytes)(buf, sizeof(buf)) == 1) { + add_entropy(&main_state, buf, sizeof(buf)); + entropy_p = 1; + memset(buf, 0, sizeof(buf)); + } + } +#endif +#ifdef HAVE_ARC4RANDOM + { + uint32_t buf[INIT_BYTES / sizeof(uint32_t)]; + int i; + + for (i = 0; i < sizeof(buf)/sizeof(buf[0]); i++) + buf[i] = arc4random(); + add_entropy(&main_state, (void *)buf, sizeof(buf)); + entropy_p = 1; + } +#endif +#ifndef NO_RAND_EGD_METHOD + /* + * Only to get egd entropy if /dev/random or arc4rand failed since + * it can be horribly slow to generate new bits. + */ + if (!entropy_p) { + unsigned char buf[INIT_BYTES]; + if ((*hc_rand_egd_method.bytes)(buf, sizeof(buf)) == 1) { + add_entropy(&main_state, buf, sizeof(buf)); + entropy_p = 1; + memset(buf, 0, sizeof(buf)); + } + } +#endif + /* + * Fall back to gattering data from timer and secret files, this + * is really the last resort. + */ + if (!entropy_p) { + /* to save stackspace */ + union { + unsigned char buf[INIT_BYTES]; + unsigned char shad[1001]; + } u; + int fd; + + /* add timer info */ + if ((*hc_rand_timer_method.bytes)(u.buf, sizeof(u.buf)) == 1) + add_entropy(&main_state, u.buf, sizeof(u.buf)); + /* add /etc/shadow */ + fd = open("/etc/shadow", O_RDONLY, 0); + if (fd >= 0) { + ssize_t n; + rk_cloexec(fd); + /* add_entropy will hash the buf */ + while ((n = read(fd, (char *)u.shad, sizeof(u.shad))) > 0) + add_entropy(&main_state, u.shad, sizeof(u.shad)); + close(fd); + } + + memset(&u, 0, sizeof(u)); + + entropy_p = 1; /* sure about this ? */ + } + { + pid_t pid = getpid(); + add_entropy(&main_state, (void *)&pid, sizeof(pid)); + } + { + struct timeval tv; + gettimeofday(&tv, NULL); + add_entropy(&main_state, (void *)&tv, sizeof(tv)); + } +#ifdef HAVE_GETUID + { + uid_t u = getuid(); + add_entropy(&main_state, (void *)&u, sizeof(u)); + } +#endif + return entropy_p; +} + +/* + * fortuna_mutex must be held by callers of this function + */ +static int +fortuna_init(void) +{ + if (!init_done) + { + init_state(&main_state); + init_done = 1; + } + if (!have_entropy) + have_entropy = fortuna_reseed(); + return (init_done && have_entropy); +} + + + +static void +fortuna_seed(const void *indata, int size) +{ + HEIMDAL_MUTEX_lock(&fortuna_mutex); + + fortuna_init(); + add_entropy(&main_state, indata, size); + if (size >= INIT_BYTES) + have_entropy = 1; + + HEIMDAL_MUTEX_unlock(&fortuna_mutex); +} + +static int +fortuna_bytes(unsigned char *outdata, int size) +{ + int ret = 0; + + HEIMDAL_MUTEX_lock(&fortuna_mutex); + + if (!fortuna_init()) + goto out; + + resend_bytes += size; + if (resend_bytes > FORTUNA_RESEED_BYTE || resend_bytes < size) { + resend_bytes = 0; + fortuna_reseed(); + } + extract_data(&main_state, size, outdata); + ret = 1; + +out: + HEIMDAL_MUTEX_unlock(&fortuna_mutex); + + return ret; +} + +static void +fortuna_cleanup(void) +{ + HEIMDAL_MUTEX_lock(&fortuna_mutex); + + init_done = 0; + have_entropy = 0; + memset(&main_state, 0, sizeof(main_state)); + + HEIMDAL_MUTEX_unlock(&fortuna_mutex); +} + +static void +fortuna_add(const void *indata, int size, double entropi) +{ + fortuna_seed(indata, size); +} + +static int +fortuna_pseudorand(unsigned char *outdata, int size) +{ + return fortuna_bytes(outdata, size); +} + +static int +fortuna_status(void) +{ + int result; + + HEIMDAL_MUTEX_lock(&fortuna_mutex); + result = fortuna_init(); + HEIMDAL_MUTEX_unlock(&fortuna_mutex); + + return result ? 1 : 0; +} + +const RAND_METHOD hc_rand_fortuna_method = { + fortuna_seed, + fortuna_bytes, + fortuna_cleanup, + fortuna_add, + fortuna_pseudorand, + fortuna_status +}; + +const RAND_METHOD * +RAND_fortuna_method(void) +{ + return &hc_rand_fortuna_method; +} diff --git a/lib/hcrypto/rand-timer.c b/lib/hcrypto/rand-timer.c new file mode 100644 index 000000000000..994c3210e941 --- /dev/null +++ b/lib/hcrypto/rand-timer.c @@ -0,0 +1,202 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1999, 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include + +#include + +#include "randi.h" + +#ifndef WIN32 /* don't bother with this on windows */ + +static volatile int counter; +static volatile unsigned char *gdata; /* Global data */ +static volatile int igdata; /* Index into global data */ +static int gsize; + +static +RETSIGTYPE +sigALRM(int sig) +{ + if (igdata < gsize) + gdata[igdata++] ^= counter & 0xff; + +#ifndef HAVE_SIGACTION + signal(SIGALRM, sigALRM); /* Reinstall SysV signal handler */ +#endif + SIGRETURN(0); +} + +#ifndef HAVE_SETITIMER +static void +pacemaker(struct timeval *tv) +{ + fd_set fds; + pid_t pid; + pid = getppid(); + while(1){ + FD_ZERO(&fds); + FD_SET(0, &fds); + select(1, &fds, NULL, NULL, tv); + kill(pid, SIGALRM); + } +} +#endif + +#ifdef HAVE_SIGACTION +/* XXX ugly hack, should perhaps use function from roken */ +static RETSIGTYPE +(*fake_signal(int sig, RETSIGTYPE (*f)(int)))(int) +{ + struct sigaction sa, osa; + sa.sa_handler = f; + sa.sa_flags = 0; + sigemptyset(&sa.sa_mask); + sigaction(sig, &sa, &osa); + return osa.sa_handler; +} +#define signal(S, F) fake_signal((S), (F)) +#endif + +#endif /* WIN32*/ + +/* + * + */ + +static void +timer_seed(const void *indata, int size) +{ +} + +static int +timer_bytes(unsigned char *outdata, int size) +{ +#ifdef WIN32 + return 0; +#else /* WIN32 */ + struct itimerval tv, otv; + RETSIGTYPE (*osa)(int); + int i, j; +#ifndef HAVE_SETITIMER + RETSIGTYPE (*ochld)(int); + pid_t pid; +#endif + + gdata = outdata; + gsize = size; + igdata = 0; + + osa = signal(SIGALRM, sigALRM); + + /* Start timer */ + tv.it_value.tv_sec = 0; + tv.it_value.tv_usec = 10 * 1000; /* 10 ms */ + tv.it_interval = tv.it_value; +#ifdef HAVE_SETITIMER + setitimer(ITIMER_REAL, &tv, &otv); +#else + ochld = signal(SIGCHLD, SIG_IGN); + pid = fork(); + if(pid == -1){ + signal(SIGCHLD, ochld != SIG_ERR ? ochld : SIG_DFL); + des_not_rand_data(data, size); + return; + } + if(pid == 0) + pacemaker(&tv.it_interval); +#endif + + for(i = 0; i < 4; i++) { + for (igdata = 0; igdata < size;) /* igdata++ in sigALRM */ + counter++; + for (j = 0; j < size; j++) /* Only use 2 bits each lap */ + gdata[j] = (gdata[j]>>2) | (gdata[j]<<6); + } +#ifdef HAVE_SETITIMER + setitimer(ITIMER_REAL, &otv, 0); +#else + kill(pid, SIGKILL); + while(waitpid(pid, NULL, 0) != pid); + signal(SIGCHLD, ochld != SIG_ERR ? ochld : SIG_DFL); +#endif + signal(SIGALRM, osa != SIG_ERR ? osa : SIG_DFL); + + return 1; +#endif +} + +static void +timer_cleanup(void) +{ +} + +static void +timer_add(const void *indata, int size, double entropi) +{ +} + +static int +timer_pseudorand(unsigned char *outdata, int size) +{ + return timer_bytes(outdata, size); +} + +static int +timer_status(void) +{ +#ifdef WIN32 + return 0; +#else + return 1; +#endif +} + +const RAND_METHOD hc_rand_timer_method = { + timer_seed, + timer_bytes, + timer_cleanup, + timer_add, + timer_pseudorand, + timer_status +}; + +const RAND_METHOD * +RAND_timer_method(void) +{ + return &hc_rand_timer_method; +} diff --git a/lib/hcrypto/rand-unix.c b/lib/hcrypto/rand-unix.c new file mode 100644 index 000000000000..c52155baaa81 --- /dev/null +++ b/lib/hcrypto/rand-unix.c @@ -0,0 +1,165 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include + +#include + +#include "randi.h" + +/* + * Unix /dev/random + */ + +int +_hc_unix_device_fd(int flags, const char **fn) +{ + static const char *rnd_devices[] = { + "/dev/urandom", + "/dev/random", + "/dev/srandom", + "/dev/arandom", + NULL + }; + const char **p; + + for(p = rnd_devices; *p; p++) { + int fd = open(*p, flags | O_NDELAY); + if(fd >= 0) { + if (fn) + *fn = *p; + rk_cloexec(fd); + return fd; + } + } + return -1; +} + +static void +unix_seed(const void *indata, int size) +{ + int fd; + + if (size <= 0) + return; + + fd = _hc_unix_device_fd(O_WRONLY, NULL); + if (fd < 0) + return; + + write(fd, indata, size); + close(fd); + +} + + +static int +unix_bytes(unsigned char *outdata, int size) +{ + ssize_t count; + int fd; + + if (size < 0) + return 0; + else if (size == 0) + return 1; + + fd = _hc_unix_device_fd(O_RDONLY, NULL); + if (fd < 0) + return 0; + + while (size > 0) { + count = read(fd, outdata, size); + if (count < 0 && errno == EINTR) + continue; + else if (count <= 0) { + close(fd); + return 0; + } + outdata += count; + size -= count; + } + close(fd); + + return 1; +} + +static void +unix_cleanup(void) +{ +} + +static void +unix_add(const void *indata, int size, double entropi) +{ + unix_seed(indata, size); +} + +static int +unix_pseudorand(unsigned char *outdata, int size) +{ + return unix_bytes(outdata, size); +} + +static int +unix_status(void) +{ + int fd; + + fd = _hc_unix_device_fd(O_RDONLY, NULL); + if (fd < 0) + return 0; + close(fd); + + return 1; +} + +const RAND_METHOD hc_rand_unix_method = { + unix_seed, + unix_bytes, + unix_cleanup, + unix_add, + unix_pseudorand, + unix_status +}; + +const RAND_METHOD * +RAND_unix_method(void) +{ + return &hc_rand_unix_method; +} diff --git a/lib/hcrypto/rand.c b/lib/hcrypto/rand.c new file mode 100644 index 000000000000..d5c1f687b910 --- /dev/null +++ b/lib/hcrypto/rand.c @@ -0,0 +1,403 @@ +/* + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include + +#include + +#ifndef O_BINARY +#define O_BINARY 0 +#endif + +#ifdef _WIN32 +#include +#endif + +/** + * @page page_rand RAND - random number + * + * See the library functions here: @ref hcrypto_rand + */ + +const static RAND_METHOD *selected_meth = NULL; +static ENGINE *selected_engine = NULL; + +static void +init_method(void) +{ + if (selected_meth != NULL) + return; +#if defined(_WIN32) + selected_meth = &hc_rand_w32crypto_method; +#elif defined(__APPLE__) + selected_meth = &hc_rand_unix_method; +#else + selected_meth = &hc_rand_fortuna_method; +#endif +} + +/** + * Seed that random number generator. Secret material can securely be + * feed into the function, they will never be returned. + * + * @param indata seed data + * @param size length seed data + * + * @ingroup hcrypto_rand + */ + +void +RAND_seed(const void *indata, size_t size) +{ + init_method(); + (*selected_meth->seed)(indata, size); +} + +/** + * Get a random block from the random generator, can be used for key material. + * + * @param outdata random data + * @param size length random data + * + * @return 1 on success, 0 on failure. + * + * @ingroup hcrypto_rand + */ +int +RAND_bytes(void *outdata, size_t size) +{ + if (size == 0) + return 1; + init_method(); + return (*selected_meth->bytes)(outdata, size); +} + +/** + * Reset and free memory used by the random generator. + * + * @ingroup hcrypto_rand + */ + +void +RAND_cleanup(void) +{ + const RAND_METHOD *meth = selected_meth; + ENGINE *engine = selected_engine; + + selected_meth = NULL; + selected_engine = NULL; + + if (meth) + (*meth->cleanup)(); + if (engine) + ENGINE_finish(engine); +} + +/** + * Seed that random number generator. Secret material can securely be + * feed into the function, they will never be returned. + * + * @param indata the input data. + * @param size size of in data. + * @param entropi entropi in data. + * + * + * @ingroup hcrypto_rand + */ + +void +RAND_add(const void *indata, size_t size, double entropi) +{ + init_method(); + (*selected_meth->add)(indata, size, entropi); +} + +/** + * Get a random block from the random generator, should NOT be used for key material. + * + * @param outdata random data + * @param size length random data + * + * @return 1 on success, 0 on failure. + * + * @ingroup hcrypto_rand + */ + +int +RAND_pseudo_bytes(void *outdata, size_t size) +{ + init_method(); + return (*selected_meth->pseudorand)(outdata, size); +} + +/** + * Return status of the random generator + * + * @return 1 if the random generator can deliver random data. + * + * @ingroup hcrypto_rand + */ + +int +RAND_status(void) +{ + init_method(); + return (*selected_meth->status)(); +} + +/** + * Set the default random method. + * + * @param meth set the new default method. + * + * @return 1 on success. + * + * @ingroup hcrypto_rand + */ + +int +RAND_set_rand_method(const RAND_METHOD *meth) +{ + const RAND_METHOD *old = selected_meth; + selected_meth = meth; + if (old) + (*old->cleanup)(); + if (selected_engine) { + ENGINE_finish(selected_engine); + selected_engine = NULL; + } + return 1; +} + +/** + * Get the default random method. + * + * @ingroup hcrypto_rand + */ + +const RAND_METHOD * +RAND_get_rand_method(void) +{ + init_method(); + return selected_meth; +} + +/** + * Set the default random method from engine. + * + * @param engine use engine, if NULL is passed it, old method and engine is cleared. + * + * @return 1 on success, 0 on failure. + * + * @ingroup hcrypto_rand + */ + +int +RAND_set_rand_engine(ENGINE *engine) +{ + const RAND_METHOD *meth, *old = selected_meth; + + if (engine) { + ENGINE_up_ref(engine); + meth = ENGINE_get_RAND(engine); + if (meth == NULL) { + ENGINE_finish(engine); + return 0; + } + } else { + meth = NULL; + } + + if (old) + (*old->cleanup)(); + + if (selected_engine) + ENGINE_finish(selected_engine); + + selected_engine = engine; + selected_meth = meth; + + return 1; +} + +#define RAND_FILE_SIZE 1024 + +/** + * Load a a file and feed it into RAND_seed(). + * + * @param filename name of file to read. + * @param size minimum size to read. + * + * @ingroup hcrypto_rand + */ + +int +RAND_load_file(const char *filename, size_t size) +{ + unsigned char buf[128]; + size_t len; + ssize_t slen; + int fd; + + fd = open(filename, O_RDONLY | O_BINARY, 0600); + if (fd < 0) + return 0; + rk_cloexec(fd); + len = 0; + while(len < size) { + slen = read(fd, buf, sizeof(buf)); + if (slen <= 0) + break; + RAND_seed(buf, slen); + len += slen; + } + close(fd); + + return len ? 1 : 0; +} + +/** + * Write of random numbers to a file to store for later initiation with RAND_load_file(). + * + * @param filename name of file to write. + * + * @return 1 on success and non-one on failure. + * @ingroup hcrypto_rand + */ + +int +RAND_write_file(const char *filename) +{ + unsigned char buf[128]; + size_t len; + int res = 0, fd; + + fd = open(filename, O_WRONLY | O_CREAT | O_BINARY, 0600); + if (fd < 0) + return 0; + rk_cloexec(fd); + + len = 0; + while(len < RAND_FILE_SIZE) { + res = RAND_bytes(buf, sizeof(buf)); + if (res != 1) + break; + if (write(fd, buf, sizeof(buf)) != sizeof(buf)) { + res = 0; + break; + } + len += sizeof(buf); + } + + close(fd); + + return res; +} + +/** + * Return the default random state filename for a user to use for + * RAND_load_file(), and RAND_write_file(). + * + * @param filename buffer to hold file name. + * @param size size of buffer filename. + * + * @return the buffer filename or NULL on failure. + * + * @ingroup hcrypto_rand + */ + +const char * +RAND_file_name(char *filename, size_t size) +{ + const char *e = NULL; + int pathp = 0, ret; + + if (!issuid()) { + e = getenv("RANDFILE"); + if (e == NULL) + e = getenv("HOME"); + if (e) + pathp = 1; + } + +#ifndef _WIN32 + /* + * Here we really want to call getpwuid(getuid()) but this will + * cause recursive lookups if the nss library uses + * gssapi/krb5/hcrypto to authenticate to the ldap servers. + * + * So at least return the unix /dev/random if we have one + */ + if (e == NULL) { + int fd; + + fd = _hc_unix_device_fd(O_RDONLY, &e); + if (fd >= 0) + close(fd); + } +#else /* Win32 */ + + if (e == NULL) { + char profile[MAX_PATH]; + + if (SHGetFolderPath(NULL, CSIDL_LOCAL_APPDATA, NULL, + SHGFP_TYPE_CURRENT, profile) == S_OK) { + ret = snprintf(filename, size, "%s\\.rnd", profile); + + if (ret > 0 && ret < size) + return filename; + } + } + +#endif + + if (e == NULL) + return NULL; + + if (pathp) + ret = snprintf(filename, size, "%s/.rnd", e); + else + ret = snprintf(filename, size, "%s", e); + + if (ret <= 0 || ret >= size) + return NULL; + + return filename; +} diff --git a/lib/hcrypto/rand.h b/lib/hcrypto/rand.h new file mode 100644 index 000000000000..590bd8cf1a43 --- /dev/null +++ b/lib/hcrypto/rand.h @@ -0,0 +1,109 @@ + +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * $Id$ + */ + +#ifndef _HEIM_RAND_H +#define _HEIM_RAND_H 1 + +typedef struct RAND_METHOD RAND_METHOD; + +#include + +/* symbol renaming */ +#define RAND_bytes hc_RAND_bytes +#define RAND_pseudo_bytes hc_RAND_pseudo_bytes +#define RAND_seed hc_RAND_seed +#define RAND_cleanup hc_RAND_cleanup +#define RAND_add hc_RAND_add +#define RAND_set_rand_method hc_RAND_set_rand_method +#define RAND_get_rand_method hc_RAND_get_rand_method +#define RAND_set_rand_engine hc_RAND_set_rand_engine +#define RAND_file_name hc_RAND_file_name +#define RAND_load_file hc_RAND_load_file +#define RAND_write_file hc_RAND_write_file +#define RAND_status hc_RAND_status +#define RAND_egd hc_RAND_egd +#define RAND_egd_bytes hc_RAND_egd_bytes +#define RAND_fortuna_method hc_RAND_fortuna_method +#define RAND_egd_method hc_RAND_egd_method +#define RAND_unix_method hc_RAND_unix_method +#define RAND_w32crypto_method hc_RAND_w32crypto_method + +/* + * + */ + +struct RAND_METHOD +{ + void (*seed)(const void *, int); + int (*bytes)(unsigned char *, int); + void (*cleanup)(void); + void (*add)(const void *, int, double); + int (*pseudorand)(unsigned char *, int); + int (*status)(void); +}; + +/* + * + */ + +int RAND_bytes(void *, size_t num); +int RAND_pseudo_bytes(void *, size_t); +void RAND_seed(const void *, size_t); +void RAND_cleanup(void); +void RAND_add(const void *, size_t, double); + +int RAND_set_rand_method(const RAND_METHOD *); +const RAND_METHOD * + RAND_get_rand_method(void); +int RAND_set_rand_engine(ENGINE *); + +const char * + RAND_file_name(char *, size_t); +int RAND_load_file(const char *, size_t); +int RAND_write_file(const char *); +int RAND_status(void); +int RAND_egd(const char *); +int RAND_egd_bytes(const char *, int); + + +const RAND_METHOD * RAND_fortuna_method(void); +const RAND_METHOD * RAND_unix_method(void); +const RAND_METHOD * RAND_egd_method(void); +const RAND_METHOD * RAND_w32crypto_method(void); + +#endif /* _HEIM_RAND_H */ diff --git a/lib/hcrypto/randi.h b/lib/hcrypto/randi.h new file mode 100644 index 000000000000..fe021a80ecdd --- /dev/null +++ b/lib/hcrypto/randi.h @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * $Id$ + */ + +#ifndef _HEIM_RANDI_H +#define _HEIM_RANDI_H 1 + +extern const RAND_METHOD hc_rand_fortuna_method; +extern const RAND_METHOD hc_rand_unix_method; +extern const RAND_METHOD hc_rand_egd_method; +extern const RAND_METHOD hc_rand_timer_method; +extern const RAND_METHOD hc_rand_w32crypto_method; + +const RAND_METHOD * RAND_timer_method(void); +int _hc_unix_device_fd(int, const char **); + +#endif /* _HEIM_RANDI_H */ diff --git a/lib/hcrypto/rc2.c b/lib/hcrypto/rc2.c new file mode 100644 index 000000000000..63bd3daa00e6 --- /dev/null +++ b/lib/hcrypto/rc2.c @@ -0,0 +1,242 @@ +/* + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include "rc2.h" +#include +#include +#include + +/* + * Implemented from Peter Gutmann's "Specification for Ron Rivests Cipher No.2" + * rfc2268 and "On the Design and Security of RC2" was also useful. + */ + +static unsigned int Sbox[256] = { + 0xd9, 0x78, 0xf9, 0xc4, 0x19, 0xdd, 0xb5, 0xed, + 0x28, 0xe9, 0xfd, 0x79, 0x4a, 0xa0, 0xd8, 0x9d, + 0xc6, 0x7e, 0x37, 0x83, 0x2b, 0x76, 0x53, 0x8e, + 0x62, 0x4c, 0x64, 0x88, 0x44, 0x8b, 0xfb, 0xa2, + 0x17, 0x9a, 0x59, 0xf5, 0x87, 0xb3, 0x4f, 0x13, + 0x61, 0x45, 0x6d, 0x8d, 0x09, 0x81, 0x7d, 0x32, + 0xbd, 0x8f, 0x40, 0xeb, 0x86, 0xb7, 0x7b, 0x0b, + 0xf0, 0x95, 0x21, 0x22, 0x5c, 0x6b, 0x4e, 0x82, + 0x54, 0xd6, 0x65, 0x93, 0xce, 0x60, 0xb2, 0x1c, + 0x73, 0x56, 0xc0, 0x14, 0xa7, 0x8c, 0xf1, 0xdc, + 0x12, 0x75, 0xca, 0x1f, 0x3b, 0xbe, 0xe4, 0xd1, + 0x42, 0x3d, 0xd4, 0x30, 0xa3, 0x3c, 0xb6, 0x26, + 0x6f, 0xbf, 0x0e, 0xda, 0x46, 0x69, 0x07, 0x57, + 0x27, 0xf2, 0x1d, 0x9b, 0xbc, 0x94, 0x43, 0x03, + 0xf8, 0x11, 0xc7, 0xf6, 0x90, 0xef, 0x3e, 0xe7, + 0x06, 0xc3, 0xd5, 0x2f, 0xc8, 0x66, 0x1e, 0xd7, + 0x08, 0xe8, 0xea, 0xde, 0x80, 0x52, 0xee, 0xf7, + 0x84, 0xaa, 0x72, 0xac, 0x35, 0x4d, 0x6a, 0x2a, + 0x96, 0x1a, 0xd2, 0x71, 0x5a, 0x15, 0x49, 0x74, + 0x4b, 0x9f, 0xd0, 0x5e, 0x04, 0x18, 0xa4, 0xec, + 0xc2, 0xe0, 0x41, 0x6e, 0x0f, 0x51, 0xcb, 0xcc, + 0x24, 0x91, 0xaf, 0x50, 0xa1, 0xf4, 0x70, 0x39, + 0x99, 0x7c, 0x3a, 0x85, 0x23, 0xb8, 0xb4, 0x7a, + 0xfc, 0x02, 0x36, 0x5b, 0x25, 0x55, 0x97, 0x31, + 0x2d, 0x5d, 0xfa, 0x98, 0xe3, 0x8a, 0x92, 0xae, + 0x05, 0xdf, 0x29, 0x10, 0x67, 0x6c, 0xba, 0xc9, + 0xd3, 0x00, 0xe6, 0xcf, 0xe1, 0x9e, 0xa8, 0x2c, + 0x63, 0x16, 0x01, 0x3f, 0x58, 0xe2, 0x89, 0xa9, + 0x0d, 0x38, 0x34, 0x1b, 0xab, 0x33, 0xff, 0xb0, + 0xbb, 0x48, 0x0c, 0x5f, 0xb9, 0xb1, 0xcd, 0x2e, + 0xc5, 0xf3, 0xdb, 0x47, 0xe5, 0xa5, 0x9c, 0x77, + 0x0a, 0xa6, 0x20, 0x68, 0xfe, 0x7f, 0xc1, 0xad +}; + +void +RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) +{ + unsigned char k[128]; + int j, T8, TM; + + if (len <= 0) + abort(); + if (len > 128) + len = 128; + if (bits <= 0 || bits > 1024) + bits = 1024; + + for (j = 0; j < len; j++) + k[j] = data[j]; + for (; j < 128; j++) + k[j] = Sbox[(k[j - len] + k[j - 1]) & 0xff]; + + T8 = (bits + 7) / 8; + j = (8*T8 - bits); + TM = 0xff >> j; + + k[128 - T8] = Sbox[k[128 - T8] & TM]; + + for (j = 127 - T8; j >= 0; j--) + k[j] = Sbox[k[j + 1] ^ k[j + T8]]; + + for (j = 0; j < 64; j++) + key->data[j] = k[(j * 2) + 0] | (k[(j * 2) + 1] << 8); + memset(k, 0, sizeof(k)); +} + +#define ROT16L(w,n) ((w<>(16-n))) +#define ROT16R(w,n) ((w>>n)|(w<<(16-n))) + +void +RC2_encryptc(unsigned char *in, unsigned char *out, const RC2_KEY *key) +{ + int i, j; + int w0, w1, w2, w3; + int t0, t1, t2, t3; + + w0 = in[0] | (in[1] << 8); + w1 = in[2] | (in[3] << 8); + w2 = in[4] | (in[5] << 8); + w3 = in[6] | (in[7] << 8); + + for (i = 0; i < 16; i++) { + j = i * 4; + t0 = (w0 + (w1 & ~w3) + (w2 & w3) + key->data[j + 0]) & 0xffff; + w0 = ROT16L(t0, 1); + t1 = (w1 + (w2 & ~w0) + (w3 & w0) + key->data[j + 1]) & 0xffff; + w1 = ROT16L(t1, 2); + t2 = (w2 + (w3 & ~w1) + (w0 & w1) + key->data[j + 2]) & 0xffff; + w2 = ROT16L(t2, 3); + t3 = (w3 + (w0 & ~w2) + (w1 & w2) + key->data[j + 3]) & 0xffff; + w3 = ROT16L(t3, 5); + if(i == 4 || i == 10) { + w0 += key->data[w3 & 63]; + w1 += key->data[w0 & 63]; + w2 += key->data[w1 & 63]; + w3 += key->data[w2 & 63]; + } + } + + out[0] = w0 & 0xff; + out[1] = (w0 >> 8) & 0xff; + out[2] = w1 & 0xff; + out[3] = (w1 >> 8) & 0xff; + out[4] = w2 & 0xff; + out[5] = (w2 >> 8) & 0xff; + out[6] = w3 & 0xff; + out[7] = (w3 >> 8) & 0xff; +} + +void +RC2_decryptc(unsigned char *in, unsigned char *out, const RC2_KEY *key) +{ + int i, j; + int w0, w1, w2, w3; + int t0, t1, t2, t3; + + w0 = in[0] | (in[1] << 8); + w1 = in[2] | (in[3] << 8); + w2 = in[4] | (in[5] << 8); + w3 = in[6] | (in[7] << 8); + + for (i = 15; i >= 0; i--) { + j = i * 4; + + if(i == 4 || i == 10) { + w3 = (w3 - key->data[w2 & 63]) & 0xffff; + w2 = (w2 - key->data[w1 & 63]) & 0xffff; + w1 = (w1 - key->data[w0 & 63]) & 0xffff; + w0 = (w0 - key->data[w3 & 63]) & 0xffff; + } + + t3 = ROT16R(w3, 5); + w3 = (t3 - (w0 & ~w2) - (w1 & w2) - key->data[j + 3]) & 0xffff; + t2 = ROT16R(w2, 3); + w2 = (t2 - (w3 & ~w1) - (w0 & w1) - key->data[j + 2]) & 0xffff; + t1 = ROT16R(w1, 2); + w1 = (t1 - (w2 & ~w0) - (w3 & w0) - key->data[j + 1]) & 0xffff; + t0 = ROT16R(w0, 1); + w0 = (t0 - (w1 & ~w3) - (w2 & w3) - key->data[j + 0]) & 0xffff; + + } + out[0] = w0 & 0xff; + out[1] = (w0 >> 8) & 0xff; + out[2] = w1 & 0xff; + out[3] = (w1 >> 8) & 0xff; + out[4] = w2 & 0xff; + out[5] = (w2 >> 8) & 0xff; + out[6] = w3 & 0xff; + out[7] = (w3 >> 8) & 0xff; +} + +void +RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long size, + RC2_KEY *key, unsigned char *iv, int forward_encrypt) +{ + unsigned char tmp[RC2_BLOCK_SIZE]; + int i; + + if (forward_encrypt) { + while (size >= RC2_BLOCK_SIZE) { + for (i = 0; i < RC2_BLOCK_SIZE; i++) + tmp[i] = in[i] ^ iv[i]; + RC2_encryptc(tmp, out, key); + memcpy(iv, out, RC2_BLOCK_SIZE); + size -= RC2_BLOCK_SIZE; + in += RC2_BLOCK_SIZE; + out += RC2_BLOCK_SIZE; + } + if (size) { + for (i = 0; i < size; i++) + tmp[i] = in[i] ^ iv[i]; + for (i = size; i < RC2_BLOCK_SIZE; i++) + tmp[i] = iv[i]; + RC2_encryptc(tmp, out, key); + memcpy(iv, out, RC2_BLOCK_SIZE); + } + } else { + while (size >= RC2_BLOCK_SIZE) { + memcpy(tmp, in, RC2_BLOCK_SIZE); + RC2_decryptc(tmp, out, key); + for (i = 0; i < RC2_BLOCK_SIZE; i++) + out[i] ^= iv[i]; + memcpy(iv, tmp, RC2_BLOCK_SIZE); + size -= RC2_BLOCK_SIZE; + in += RC2_BLOCK_SIZE; + out += RC2_BLOCK_SIZE; + } + if (size) { + memcpy(tmp, in, RC2_BLOCK_SIZE); + RC2_decryptc(tmp, out, key); + for (i = 0; i < size; i++) + out[i] ^= iv[i]; + memcpy(iv, tmp, RC2_BLOCK_SIZE); + } + } +} diff --git a/lib/hcrypto/rc2.h b/lib/hcrypto/rc2.h new file mode 100644 index 000000000000..5e479fbdec99 --- /dev/null +++ b/lib/hcrypto/rc2.h @@ -0,0 +1,71 @@ +/* + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +/* symbol renaming */ +#define RC2_set_key hc_RC2_set_key +#define RC2_encryptc hc_RC2_encryptc +#define RC2_decryptc hc_RC2_decryptc +#define RC2_cbc_encrypt hc_RC2_cbc_encrypt + +/* + * + */ + +#define RC2_ENCRYPT 1 +#define RC2_DECRYPT 0 + +#define RC2_BLOCK_SIZE 8 +#define RC2_BLOCK RC2_BLOCK_SIZE +#define RC2_KEY_LENGTH 16 + +typedef struct rc2_key { + unsigned int data[64]; +} RC2_KEY; + +#ifdef __cplusplus +extern "C" { +#endif + +void RC2_set_key(RC2_KEY *, int, const unsigned char *,int); + +void RC2_encryptc(unsigned char *, unsigned char *, const RC2_KEY *); +void RC2_decryptc(unsigned char *, unsigned char *, const RC2_KEY *); + +void RC2_cbc_encrypt(const unsigned char *, unsigned char *, long, + RC2_KEY *, unsigned char *, int); + +#ifdef __cplusplus +} +#endif diff --git a/lib/hcrypto/rc2test.c b/lib/hcrypto/rc2test.c new file mode 100644 index 000000000000..01701adf7b5b --- /dev/null +++ b/lib/hcrypto/rc2test.c @@ -0,0 +1,169 @@ +/* + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include + +struct { + const void *key; + const int keylen; + const int bitsize; + const void *plain; + const void *cipher; +} tests[] = { + { + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + 0, + "\x00\x00\x00\x00\x00\x00\x00\x00", + "\x1C\x19\x8A\x83\x8D\xF0\x28\xB7" + }, + { + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x01", + 16, + 0, + "\x00\x00\x00\x00\x00\x00\x00\x00", + "\x21\x82\x9C\x78\xA9\xF9\xC0\x74" + }, + { + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + 0, + "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF", + "\x13\xDB\x35\x17\xD3\x21\x86\x9E" + }, + { + "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", + 16, + 0, + "\x00\x00\x00\x00\x00\x00\x00\x00", + "\x50\xDC\x01\x62\xBD\x75\x7F\x31" + }, + { + "\x00\x00\x00\x00\x00\x00\x00\x00", + 8, + 63, + "\x00\x00\x00\x00\x00\x00\x00\x00", + "\xeb\xb7\x73\xf9\x93\x27\x8e\xff" + }, + { + "\xff\xff\xff\xff\xff\xff\xff\xff", + 8, + 64, + "\xff\xff\xff\xff\xff\xff\xff\xff", + "\x27\x8b\x27\xe4\x2e\x2f\x0d\x49" + }, + { + "\x88", + 1, + 64, + "\x00\x00\x00\x00\x00\x00\x00\x00", + "\x61\xa8\xa2\x44\xad\xac\xcc\xf0" + } +}; + +const unsigned char cbc_key[16] = +"\x00\x00\x00\x00\x00\x00\x00\x00" +"\x00\x00\x00\x00\x00\x00\x00\x00"; +const char cbc_iv[8] = +"\x01\x01\x01\x01\x01\x01\x01\x01"; +const unsigned char cbc_in_data[32] = +"\x20\x20\x20\x20\x20\x20\x20\x20" +"\x20\x20\x20\x20\x20\x20\x20\x20" +"\x20\x20\x20\x20\x20\x20\x20\x20" +"\x20\x20\x20\x20\x20\x20\x20\x20"; + +const char out_iv[8] = "\x00\x78\x1b\x6\xff\xb9\xfa\xe"; + +const char cbc_out_data[32] = +"\xb4\x3f\x89\x15\x69\x68\xda\x79" +"\x29\xab\x5f\x78\xc5\xba\x15\x82" +"\x80\x89\x57\x1b\xbe\x57\x2f\xdc" +"\x00\x78\x1b\x06\xff\xb9\xfa\x0e"; + +int +main(int argc, char **argv) +{ + RC2_KEY key; + unsigned char t[8]; + unsigned char out[40]; + int i; + + for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { + RC2_set_key(&key, tests[i].keylen, tests[i].key, tests[i].bitsize); + + memcpy(t, tests[i].plain, 8); + RC2_encryptc(t, t, &key); + if (memcmp(t, tests[i].cipher, 8) != 0) { + printf("encrypt %d\n", i); + exit(1); + } + RC2_decryptc(t, t, &key); + if (memcmp(t, tests[i].plain, 8) != 0) { + printf("decrypt: %d\n", i); + exit(1); + } + } + + /* cbc test */ + + RC2_set_key(&key, 16, cbc_key, 0); + memcpy(t, cbc_iv, 8); + RC2_cbc_encrypt(cbc_in_data, out, 32, &key, t, 1); + + if (memcmp(out_iv, t, 8) != 0) + abort(); + + if (memcmp(out, cbc_out_data, 32) != 0) { + printf("cbc test encrypt\n"); + exit(1); + } + + memcpy(t, cbc_iv, 8); + RC2_cbc_encrypt(out, out, 32, &key, t, 0); + + if (memcmp(cbc_in_data, out, 32) != 0) { + printf("cbc test decrypt \n"); + exit(1); + } + + return 0; +} diff --git a/lib/hcrypto/rc4.c b/lib/hcrypto/rc4.c new file mode 100644 index 000000000000..988c42424efc --- /dev/null +++ b/lib/hcrypto/rc4.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* implemented from description in draft-kaukonen-cipher-arcfour-03.txt */ + +#include "config.h" + +#include + +#define SWAP(k,x,y) \ +{ unsigned int _t; \ + _t = k->state[x]; \ + k->state[x] = k->state[y]; \ + k->state[y] = _t; \ +} + +void +RC4_set_key(RC4_KEY *key, const int len, const unsigned char *data) +{ + int i, j; + + for (i = 0; i < 256; i++) + key->state[i] = i; + for (i = 0, j = 0; i < 256; i++) { + j = (j + key->state[i] + data[i % len]) % 256; + SWAP(key, i, j); + } + key->x = key->y = 0; +} + +void +RC4(RC4_KEY *key, const int len, const unsigned char *in, unsigned char *out) +{ + int i, t; + unsigned x, y; + + x = key->x; + y = key->y; + for (i = 0; i < len; i++) { + x = (x + 1) % 256; + y = (y + key->state[x]) % 256; + SWAP(key, x, y); + t = (key->state[x] + key->state[y]) % 256; + *out++ = key->state[t] ^ *in++; + } + key->x = x; + key->y = y; +} diff --git a/lib/hcrypto/rc4.h b/lib/hcrypto/rc4.h new file mode 100644 index 000000000000..f93482f4d1d9 --- /dev/null +++ b/lib/hcrypto/rc4.h @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +/* symbol renaming */ +#define RC4_set_key hc_RC4_set_key +#define RC4 hc_RC4 + +typedef struct rc4_key { + unsigned int x, y; + unsigned int state[256]; +} RC4_KEY; + +void RC4_set_key(RC4_KEY *, const int, const unsigned char *); +void RC4(RC4_KEY *, const int, const unsigned char *, unsigned char *); diff --git a/lib/hcrypto/rctest.c b/lib/hcrypto/rctest.c new file mode 100644 index 000000000000..b952fcc9da54 --- /dev/null +++ b/lib/hcrypto/rctest.c @@ -0,0 +1,163 @@ +/* + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include + +static unsigned char plain1[8] = + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; +static unsigned char key1[8] = + { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }; +static unsigned char cipher1[8] = + { 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 }; + +static unsigned char plain2[5] = + { 0xdc, 0xee, 0x4c, 0xf9, 0x2c }; +static unsigned char key2[5] = + { 0x61, 0x8a, 0x63, 0xd2, 0xfb }; +static unsigned char cipher2[5] = + { 0xf1, 0x38, 0x29, 0xc9, 0xde }; + +static unsigned char plain3[] = + { + 0x52, 0x75, 0x69, 0x73, 0x6c, 0x69, 0x6e, 0x6e, + 0x75, 0x6e, 0x20, 0x6c, 0x61, 0x75, 0x6c, 0x75, + 0x20, 0x6b, 0x6f, 0x72, 0x76, 0x69, 0x73, 0x73, + 0x73, 0x61, 0x6e, 0x69, 0x2c, 0x20, 0x74, 0xe4, + 0x68, 0x6b, 0xe4, 0x70, 0xe4, 0x69, 0x64, 0x65, + 0x6e, 0x20, 0x70, 0xe4, 0xe4, 0x6c, 0x6c, 0xe4, + 0x20, 0x74, 0xe4, 0x79, 0x73, 0x69, 0x6b, 0x75, + 0x75, 0x2e, 0x20, 0x4b, 0x65, 0x73, 0xe4, 0x79, + 0xf6, 0x6e, 0x20, 0x6f, 0x6e, 0x20, 0x6f, 0x6e, + 0x6e, 0x69, 0x20, 0x6f, 0x6d, 0x61, 0x6e, 0x61, + 0x6e, 0x69, 0x2c, 0x20, 0x6b, 0x61, 0x73, 0x6b, + 0x69, 0x73, 0x61, 0x76, 0x75, 0x75, 0x6e, 0x20, + 0x6c, 0x61, 0x61, 0x6b, 0x73, 0x6f, 0x74, 0x20, + 0x76, 0x65, 0x72, 0x68, 0x6f, 0x75, 0x75, 0x2e, + 0x20, 0x45, 0x6e, 0x20, 0x6d, 0x61, 0x20, 0x69, + 0x6c, 0x6f, 0x69, 0x74, 0x73, 0x65, 0x2c, 0x20, + 0x73, 0x75, 0x72, 0x65, 0x20, 0x68, 0x75, 0x6f, + 0x6b, 0x61, 0x61, 0x2c, 0x20, 0x6d, 0x75, 0x74, + 0x74, 0x61, 0x20, 0x6d, 0x65, 0x74, 0x73, 0xe4, + 0x6e, 0x20, 0x74, 0x75, 0x6d, 0x6d, 0x75, 0x75, + 0x73, 0x20, 0x6d, 0x75, 0x6c, 0x6c, 0x65, 0x20, + 0x74, 0x75, 0x6f, 0x6b, 0x61, 0x61, 0x2e, 0x20, + 0x50, 0x75, 0x75, 0x6e, 0x74, 0x6f, 0x20, 0x70, + 0x69, 0x6c, 0x76, 0x65, 0x6e, 0x2c, 0x20, 0x6d, + 0x69, 0x20, 0x68, 0x75, 0x6b, 0x6b, 0x75, 0x75, + 0x2c, 0x20, 0x73, 0x69, 0x69, 0x6e, 0x74, 0x6f, + 0x20, 0x76, 0x61, 0x72, 0x61, 0x6e, 0x20, 0x74, + 0x75, 0x75, 0x6c, 0x69, 0x73, 0x65, 0x6e, 0x2c, + 0x20, 0x6d, 0x69, 0x20, 0x6e, 0x75, 0x6b, 0x6b, + 0x75, 0x75, 0x2e, 0x20, 0x54, 0x75, 0x6f, 0x6b, + 0x73, 0x75, 0x74, 0x20, 0x76, 0x61, 0x6e, 0x61, + 0x6d, 0x6f, 0x6e, 0x20, 0x6a, 0x61, 0x20, 0x76, + 0x61, 0x72, 0x6a, 0x6f, 0x74, 0x20, 0x76, 0x65, + 0x65, 0x6e, 0x2c, 0x20, 0x6e, 0x69, 0x69, 0x73, + 0x74, 0xe4, 0x20, 0x73, 0x79, 0x64, 0xe4, 0x6d, + 0x65, 0x6e, 0x69, 0x20, 0x6c, 0x61, 0x75, 0x6c, + 0x75, 0x6e, 0x20, 0x74, 0x65, 0x65, 0x6e, 0x2e, + 0x20, 0x2d, 0x20, 0x45, 0x69, 0x6e, 0x6f, 0x20, + 0x4c, 0x65, 0x69, 0x6e, 0x6f }; + +static unsigned char key3[16] = + { 0x29, 0x04, 0x19, 0x72, 0xfb, 0x42, 0xba, 0x5f, + 0xc7, 0x12, 0x77, 0x12, 0xf1, 0x38, 0x29, 0xc9 }; + +const unsigned char cipher3[] = + { 0x35, 0x81, 0x86, 0x99, 0x90, 0x01, 0xe6, 0xb5, + 0xda, 0xf0, 0x5e, 0xce, 0xeb, 0x7e, 0xee, 0x21, + 0xe0, 0x68, 0x9c, 0x1f, 0x00, 0xee, 0xa8, 0x1f, + 0x7d, 0xd2, 0xca, 0xae, 0xe1, 0xd2, 0x76, 0x3e, + 0x68, 0xaf, 0x0e, 0xad, 0x33, 0xd6, 0x6c, 0x26, + 0x8b, 0xc9, 0x46, 0xc4, 0x84, 0xfb, 0xe9, 0x4c, + 0x5f, 0x5e, 0x0b, 0x86, 0xa5, 0x92, 0x79, 0xe4, + 0xf8, 0x24, 0xe7, 0xa6, 0x40, 0xbd, 0x22, 0x32, + 0x10, 0xb0, 0xa6, 0x11, 0x60, 0xb7, 0xbc, 0xe9, + 0x86, 0xea, 0x65, 0x68, 0x80, 0x03, 0x59, 0x6b, + 0x63, 0x0a, 0x6b, 0x90, 0xf8, 0xe0, 0xca, 0xf6, + 0x91, 0x2a, 0x98, 0xeb, 0x87, 0x21, 0x76, 0xe8, + 0x3c, 0x20, 0x2c, 0xaa, 0x64, 0x16, 0x6d, 0x2c, + 0xce, 0x57, 0xff, 0x1b, 0xca, 0x57, 0xb2, 0x13, + 0xf0, 0xed, 0x1a, 0xa7, 0x2f, 0xb8, 0xea, 0x52, + 0xb0, 0xbe, 0x01, 0xcd, 0x1e, 0x41, 0x28, 0x67, + 0x72, 0x0b, 0x32, 0x6e, 0xb3, 0x89, 0xd0, 0x11, + 0xbd, 0x70, 0xd8, 0xaf, 0x03, 0x5f, 0xb0, 0xd8, + 0x58, 0x9d, 0xbc, 0xe3, 0xc6, 0x66, 0xf5, 0xea, + 0x8d, 0x4c, 0x79, 0x54, 0xc5, 0x0c, 0x3f, 0x34, + 0x0b, 0x04, 0x67, 0xf8, 0x1b, 0x42, 0x59, 0x61, + 0xc1, 0x18, 0x43, 0x07, 0x4d, 0xf6, 0x20, 0xf2, + 0x08, 0x40, 0x4b, 0x39, 0x4c, 0xf9, 0xd3, 0x7f, + 0xf5, 0x4b, 0x5f, 0x1a, 0xd8, 0xf6, 0xea, 0x7d, + 0xa3, 0xc5, 0x61, 0xdf, 0xa7, 0x28, 0x1f, 0x96, + 0x44, 0x63, 0xd2, 0xcc, 0x35, 0xa4, 0xd1, 0xb0, + 0x34, 0x90, 0xde, 0xc5, 0x1b, 0x07, 0x11, 0xfb, + 0xd6, 0xf5, 0x5f, 0x79, 0x23, 0x4d, 0x5b, 0x7c, + 0x76, 0x66, 0x22, 0xa6, 0x6d, 0xe9, 0x2b, 0xe9, + 0x96, 0x46, 0x1d, 0x5e, 0x4d, 0xc8, 0x78, 0xef, + 0x9b, 0xca, 0x03, 0x05, 0x21, 0xe8, 0x35, 0x1e, + 0x4b, 0xae, 0xd2, 0xfd, 0x04, 0xf9, 0x46, 0x73, + 0x68, 0xc4, 0xad, 0x6a, 0xc1, 0x86, 0xd0, 0x82, + 0x45, 0xb2, 0x63, 0xa2, 0x66, 0x6d, 0x1f, 0x6c, + 0x54, 0x20, 0xf1, 0x59, 0x9d, 0xfd, 0x9f, 0x43, + 0x89, 0x21, 0xc2, 0xf5, 0xa4, 0x63, 0x93, 0x8c, + 0xe0, 0x98, 0x22, 0x65, 0xee, 0xf7, 0x01, 0x79, + 0xbc, 0x55, 0x3f, 0x33, 0x9e, 0xb1, 0xa4, 0xc1, + 0xaf, 0x5f, 0x6a, 0x54, 0x7f }; + +int +main (void) +{ + unsigned char buf[1024]; + RC4_KEY key; + + RC4_set_key(&key, 8, key1); + RC4(&key, 8, plain1, buf); + if (memcmp(buf, cipher1, 8) != 0) + return 1; + + RC4_set_key(&key, 5, key2); + RC4(&key, 5, plain2, buf); + if (memcmp(buf, cipher2, 5) != 0) + return 1; + + RC4_set_key(&key, 16, key3); + RC4(&key, 309, plain3, buf); + if (memcmp(buf, cipher3, 309) != 0) + return 1; + + return 0; +} diff --git a/lib/hcrypto/resource.h b/lib/hcrypto/resource.h new file mode 100644 index 000000000000..9074dc1e5a64 --- /dev/null +++ b/lib/hcrypto/resource.h @@ -0,0 +1,18 @@ +//{{NO_DEPENDENCIES}} +// Microsoft Developer Studio generated include file. +// Used by passwd_dialog.rc +// +#define IDD_PASSWD_DIALOG 101 +#define IDC_EDIT1 1000 +#define IDC_PASSWD_EDIT 1001 + +// Next default values for new objects +// +#ifdef APSTUDIO_INVOKED +#ifndef APSTUDIO_READONLY_SYMBOLS +#define _APS_NEXT_RESOURCE_VALUE 102 +#define _APS_NEXT_COMMAND_VALUE 40001 +#define _APS_NEXT_CONTROL_VALUE 1002 +#define _APS_NEXT_SYMED_VALUE 101 +#endif +#endif diff --git a/lib/hcrypto/rijndael-alg-fst.c b/lib/hcrypto/rijndael-alg-fst.c new file mode 100644 index 000000000000..bf335afd9f32 --- /dev/null +++ b/lib/hcrypto/rijndael-alg-fst.c @@ -0,0 +1,1224 @@ +/* $NetBSD: rijndael-alg-fst.c,v 1.5 2001/11/13 01:40:10 lukem Exp $ */ +/* $KAME: rijndael-alg-fst.c,v 1.10 2003/07/15 10:47:16 itojun Exp $ */ +/** + * rijndael-alg-fst.c + * + * @version 3.0 (December 2000) + * + * Optimised ANSI C code for the Rijndael cipher (now AES) + * + * @author Vincent Rijmen + * @author Antoon Bosselaers + * @author Paulo Barreto + * + * This code is hereby placed in the public domain. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE + * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* "$NetBSD: rijndael-alg-fst.c,v 1.5 2001/11/13 01:40:10 lukem Exp $" */ + +#include "config.h" + + +#include +#ifdef KRB5 +#include +#endif + +#include "rijndael-alg-fst.h" + +/* +Te0[x] = S [x].[02, 01, 01, 03]; +Te1[x] = S [x].[03, 02, 01, 01]; +Te2[x] = S [x].[01, 03, 02, 01]; +Te3[x] = S [x].[01, 01, 03, 02]; +Te4[x] = S [x].[01, 01, 01, 01]; + +Td0[x] = Si[x].[0e, 09, 0d, 0b]; +Td1[x] = Si[x].[0b, 0e, 09, 0d]; +Td2[x] = Si[x].[0d, 0b, 0e, 09]; +Td3[x] = Si[x].[09, 0d, 0b, 0e]; +Td4[x] = Si[x].[01, 01, 01, 01]; +*/ + +static const uint32_t Te0[256] = { + 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU, + 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U, + 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU, + 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU, + 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U, + 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU, + 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU, + 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU, + 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU, + 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU, + 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U, + 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU, + 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU, + 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U, + 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU, + 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU, + 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU, + 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU, + 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU, + 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U, + 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU, + 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU, + 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU, + 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU, + 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U, + 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U, + 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U, + 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U, + 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU, + 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U, + 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U, + 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU, + 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU, + 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U, + 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U, + 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U, + 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU, + 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U, + 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU, + 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U, + 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU, + 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U, + 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U, + 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU, + 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U, + 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U, + 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U, + 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U, + 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U, + 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U, + 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U, + 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U, + 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU, + 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U, + 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U, + 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U, + 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U, + 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U, + 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U, + 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU, + 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U, + 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U, + 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U, + 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU, +}; +static const uint32_t Te1[256] = { + 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU, + 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U, + 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU, + 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U, + 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU, + 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U, + 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU, + 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U, + 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U, + 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU, + 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U, + 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U, + 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U, + 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU, + 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U, + 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U, + 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU, + 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U, + 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U, + 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U, + 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU, + 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU, + 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U, + 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU, + 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU, + 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U, + 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU, + 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U, + 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU, + 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U, + 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U, + 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U, + 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU, + 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U, + 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU, + 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U, + 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU, + 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U, + 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U, + 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU, + 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU, + 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU, + 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U, + 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U, + 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU, + 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U, + 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU, + 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U, + 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU, + 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U, + 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU, + 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU, + 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U, + 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU, + 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U, + 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU, + 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U, + 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U, + 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U, + 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU, + 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU, + 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U, + 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU, + 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U, +}; +static const uint32_t Te2[256] = { + 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU, + 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U, + 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU, + 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U, + 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU, + 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U, + 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU, + 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U, + 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U, + 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU, + 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U, + 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U, + 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U, + 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU, + 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U, + 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U, + 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU, + 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U, + 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U, + 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U, + 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU, + 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU, + 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U, + 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU, + 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU, + 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U, + 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU, + 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U, + 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU, + 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U, + 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U, + 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U, + 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU, + 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U, + 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU, + 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U, + 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU, + 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U, + 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U, + 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU, + 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU, + 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU, + 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U, + 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U, + 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU, + 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U, + 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU, + 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U, + 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU, + 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U, + 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU, + 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU, + 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U, + 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU, + 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U, + 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU, + 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U, + 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U, + 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U, + 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU, + 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU, + 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U, + 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU, + 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U, +}; +static const uint32_t Te3[256] = { + + 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U, + 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U, + 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U, + 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU, + 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU, + 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU, + 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U, + 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU, + 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU, + 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U, + 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U, + 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU, + 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU, + 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU, + 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU, + 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU, + 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U, + 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU, + 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU, + 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U, + 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U, + 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U, + 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U, + 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U, + 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU, + 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U, + 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU, + 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU, + 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U, + 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U, + 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U, + 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU, + 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U, + 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU, + 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU, + 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U, + 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U, + 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU, + 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U, + 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU, + 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U, + 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U, + 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U, + 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U, + 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU, + 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U, + 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU, + 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U, + 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU, + 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U, + 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU, + 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU, + 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU, + 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU, + 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U, + 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U, + 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U, + 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U, + 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U, + 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U, + 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU, + 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U, + 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU, + 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU, +}; +static const uint32_t Te4[256] = { + 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU, + 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U, + 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU, + 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U, + 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU, + 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U, + 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU, + 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U, + 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U, + 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU, + 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U, + 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U, + 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U, + 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU, + 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U, + 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U, + 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU, + 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U, + 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U, + 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U, + 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU, + 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU, + 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U, + 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU, + 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU, + 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U, + 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU, + 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U, + 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU, + 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U, + 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U, + 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U, + 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU, + 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U, + 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU, + 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U, + 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU, + 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U, + 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U, + 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU, + 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU, + 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU, + 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U, + 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U, + 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU, + 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U, + 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU, + 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U, + 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU, + 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U, + 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU, + 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU, + 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U, + 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU, + 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U, + 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU, + 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U, + 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U, + 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U, + 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU, + 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU, + 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U, + 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU, + 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U, +}; +static const uint32_t Td0[256] = { + 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, + 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, + 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U, + 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU, + 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U, + 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U, + 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU, + 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U, + 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU, + 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U, + 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U, + 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U, + 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U, + 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU, + 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U, + 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU, + 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U, + 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU, + 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U, + 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U, + 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U, + 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU, + 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U, + 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU, + 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U, + 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU, + 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U, + 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU, + 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU, + 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U, + 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU, + 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U, + 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU, + 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U, + 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U, + 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U, + 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU, + 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U, + 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U, + 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU, + 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U, + 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U, + 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U, + 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U, + 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U, + 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU, + 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U, + 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U, + 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U, + 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U, + 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U, + 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU, + 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU, + 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU, + 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU, + 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U, + 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U, + 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU, + 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU, + 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U, + 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU, + 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U, + 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U, + 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U, +}; +static const uint32_t Td1[256] = { + 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU, + 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U, + 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU, + 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U, + 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U, + 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U, + 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U, + 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U, + 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U, + 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU, + 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU, + 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU, + 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U, + 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU, + 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U, + 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U, + 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U, + 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU, + 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU, + 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U, + 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU, + 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U, + 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU, + 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU, + 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U, + 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U, + 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U, + 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU, + 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U, + 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU, + 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U, + 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U, + 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U, + 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU, + 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U, + 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U, + 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U, + 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U, + 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U, + 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U, + 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU, + 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU, + 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U, + 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU, + 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U, + 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU, + 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU, + 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U, + 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU, + 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U, + 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U, + 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U, + 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U, + 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U, + 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U, + 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U, + 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU, + 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U, + 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U, + 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU, + 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U, + 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U, + 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U, + 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U, +}; +static const uint32_t Td2[256] = { + 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U, + 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U, + 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U, + 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U, + 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU, + 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U, + 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U, + 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U, + 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U, + 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU, + 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U, + 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U, + 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU, + 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U, + 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U, + 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U, + 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U, + 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U, + 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U, + 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU, + + 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U, + 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U, + 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U, + 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U, + 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U, + 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU, + 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU, + 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U, + 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU, + 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U, + 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU, + 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU, + 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU, + 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU, + 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U, + 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U, + 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U, + 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U, + 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U, + 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U, + 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U, + 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU, + 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU, + 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U, + 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U, + 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU, + 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU, + 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U, + 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U, + 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U, + 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U, + 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U, + 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U, + 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U, + 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU, + 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U, + 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U, + 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U, + 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U, + 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U, + 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U, + 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU, + 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U, + 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U, +}; +static const uint32_t Td3[256] = { + 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU, + 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU, + 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U, + 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U, + 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU, + 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU, + 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U, + 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU, + 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U, + 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU, + 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U, + 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U, + 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U, + 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U, + 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U, + 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU, + 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU, + 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U, + 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U, + 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU, + 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU, + 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U, + 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U, + 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U, + 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U, + 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU, + 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U, + 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U, + 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU, + 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU, + 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U, + 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U, + 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U, + 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU, + 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U, + 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U, + 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U, + 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U, + 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U, + 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U, + 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U, + 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU, + 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U, + 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U, + 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU, + 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU, + 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U, + 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU, + 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U, + 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U, + 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U, + 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U, + 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U, + 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U, + 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU, + 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU, + 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU, + 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU, + 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U, + 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U, + 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U, + 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU, + 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U, + 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U, +}; +static const uint32_t Td4[256] = { + 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U, + 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U, + 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU, + 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU, + 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U, + 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U, + 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U, + 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU, + 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U, + 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU, + 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU, + 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU, + 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U, + 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U, + 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U, + 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U, + 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U, + 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U, + 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU, + 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U, + 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U, + 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU, + 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U, + 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U, + 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U, + 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU, + 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U, + 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U, + 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU, + 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U, + 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U, + 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU, + 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U, + 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU, + 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU, + 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U, + 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U, + 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U, + 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U, + 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU, + 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U, + 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U, + 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU, + 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU, + 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU, + 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U, + 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU, + 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U, + 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U, + 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U, + 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U, + 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU, + 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U, + 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU, + 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU, + 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU, + 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU, + 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U, + 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU, + 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U, + 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU, + 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U, + 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U, + 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU, +}; +static const uint32_t rcon[] = { + 0x01000000, 0x02000000, 0x04000000, 0x08000000, + 0x10000000, 0x20000000, 0x40000000, 0x80000000, + 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ +}; + +#define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) + +#ifdef _MSC_VER +#define GETU32(p) SWAP(*((uint32_t *)(p))) +#define PUTU32(ct, st) { *((uint32_t *)(ct)) = SWAP((st)); } +#else +#define GETU32(pt) (((uint32_t)(pt)[0] << 24) ^ ((uint32_t)(pt)[1] << 16) ^ ((uint32_t)(pt)[2] << 8) ^ ((uint32_t)(pt)[3])) +#define PUTU32(ct, st) { (ct)[0] = (uint8_t)((st) >> 24); (ct)[1] = (uint8_t)((st) >> 16); (ct)[2] = (uint8_t)((st) >> 8); (ct)[3] = (uint8_t)(st); } +#endif + +/** + * Expand the cipher key into the encryption key schedule. + * + * @return the number of rounds for the given cipher key size. + */ +int rijndaelKeySetupEnc(uint32_t rk[/*4*(Nr + 1)*/], const uint8_t cipherKey[], int keyBits) { + int i = 0; + uint32_t temp; + + rk[0] = GETU32(cipherKey ); + rk[1] = GETU32(cipherKey + 4); + rk[2] = GETU32(cipherKey + 8); + rk[3] = GETU32(cipherKey + 12); + if (keyBits == 128) { + for (;;) { + temp = rk[3]; + rk[4] = rk[0] ^ + (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ + (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ + (Te4[(temp ) & 0xff] & 0x0000ff00) ^ + (Te4[(temp >> 24) ] & 0x000000ff) ^ + rcon[i]; + rk[5] = rk[1] ^ rk[4]; + rk[6] = rk[2] ^ rk[5]; + rk[7] = rk[3] ^ rk[6]; + if (++i == 10) { + return 10; + } + rk += 4; + } + } + rk[4] = GETU32(cipherKey + 16); + rk[5] = GETU32(cipherKey + 20); + if (keyBits == 192) { + for (;;) { + temp = rk[ 5]; + rk[ 6] = rk[ 0] ^ + (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ + (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ + (Te4[(temp ) & 0xff] & 0x0000ff00) ^ + (Te4[(temp >> 24) ] & 0x000000ff) ^ + rcon[i]; + rk[ 7] = rk[ 1] ^ rk[ 6]; + rk[ 8] = rk[ 2] ^ rk[ 7]; + rk[ 9] = rk[ 3] ^ rk[ 8]; + if (++i == 8) { + return 12; + } + rk[10] = rk[ 4] ^ rk[ 9]; + rk[11] = rk[ 5] ^ rk[10]; + rk += 6; + } + } + rk[6] = GETU32(cipherKey + 24); + rk[7] = GETU32(cipherKey + 28); + if (keyBits == 256) { + for (;;) { + temp = rk[ 7]; + rk[ 8] = rk[ 0] ^ + (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ + (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ + (Te4[(temp ) & 0xff] & 0x0000ff00) ^ + (Te4[(temp >> 24) ] & 0x000000ff) ^ + rcon[i]; + rk[ 9] = rk[ 1] ^ rk[ 8]; + rk[10] = rk[ 2] ^ rk[ 9]; + rk[11] = rk[ 3] ^ rk[10]; + if (++i == 7) { + return 14; + } + temp = rk[11]; + rk[12] = rk[ 4] ^ + (Te4[(temp >> 24) ] & 0xff000000) ^ + (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(temp ) & 0xff] & 0x000000ff); + rk[13] = rk[ 5] ^ rk[12]; + rk[14] = rk[ 6] ^ rk[13]; + rk[15] = rk[ 7] ^ rk[14]; + + rk += 8; + } + } + return 0; +} + +/** + * Expand the cipher key into the decryption key schedule. + * + * @return the number of rounds for the given cipher key size. + */ +int rijndaelKeySetupDec(uint32_t rk[/*4*(Nr + 1)*/], const uint8_t cipherKey[], int keyBits) { + int Nr, i, j; + uint32_t temp; + + /* expand the cipher key: */ + Nr = rijndaelKeySetupEnc(rk, cipherKey, keyBits); + /* invert the order of the round keys: */ + for (i = 0, j = 4*Nr; i < j; i += 4, j -= 4) { + temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; + temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; + temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; + temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; + } + /* apply the inverse MixColumn transform to all round keys but the first and the last: */ + for (i = 1; i < Nr; i++) { + rk += 4; + rk[0] = + Td0[Te4[(rk[0] >> 24) ] & 0xff] ^ + Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^ + Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^ + Td3[Te4[(rk[0] ) & 0xff] & 0xff]; + rk[1] = + Td0[Te4[(rk[1] >> 24) ] & 0xff] ^ + Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^ + Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^ + Td3[Te4[(rk[1] ) & 0xff] & 0xff]; + rk[2] = + Td0[Te4[(rk[2] >> 24) ] & 0xff] ^ + Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^ + Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^ + Td3[Te4[(rk[2] ) & 0xff] & 0xff]; + rk[3] = + Td0[Te4[(rk[3] >> 24) ] & 0xff] ^ + Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^ + Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^ + Td3[Te4[(rk[3] ) & 0xff] & 0xff]; + } + return Nr; +} + +void rijndaelEncrypt(const uint32_t rk[/*4*(Nr + 1)*/], int Nr, const uint8_t pt[16], uint8_t ct[16]) { + uint32_t s0, s1, s2, s3, t0, t1, t2, t3; +#ifndef FULL_UNROLL + int r; +#endif /* ?FULL_UNROLL */ + + /* + * map byte array block to cipher state + * and add initial round key: + */ + s0 = GETU32(pt ) ^ rk[0]; + s1 = GETU32(pt + 4) ^ rk[1]; + s2 = GETU32(pt + 8) ^ rk[2]; + s3 = GETU32(pt + 12) ^ rk[3]; +#ifdef FULL_UNROLL + /* round 1: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; + /* round 2: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; + /* round 3: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; + /* round 4: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; + /* round 5: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; + /* round 6: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; + /* round 7: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; + /* round 8: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; + /* round 9: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; + if (Nr > 10) { + /* round 10: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43]; + /* round 11: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47]; + if (Nr > 12) { + /* round 12: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51]; + /* round 13: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55]; + } + } + rk += Nr << 2; +#else /* !FULL_UNROLL */ + /* + * Nr - 1 full rounds: + */ + r = Nr >> 1; + for (;;) { + t0 = + Te0[(s0 >> 24) ] ^ + Te1[(s1 >> 16) & 0xff] ^ + Te2[(s2 >> 8) & 0xff] ^ + Te3[(s3 ) & 0xff] ^ + rk[4]; + t1 = + Te0[(s1 >> 24) ] ^ + Te1[(s2 >> 16) & 0xff] ^ + Te2[(s3 >> 8) & 0xff] ^ + Te3[(s0 ) & 0xff] ^ + rk[5]; + t2 = + Te0[(s2 >> 24) ] ^ + Te1[(s3 >> 16) & 0xff] ^ + Te2[(s0 >> 8) & 0xff] ^ + Te3[(s1 ) & 0xff] ^ + rk[6]; + t3 = + Te0[(s3 >> 24) ] ^ + Te1[(s0 >> 16) & 0xff] ^ + Te2[(s1 >> 8) & 0xff] ^ + Te3[(s2 ) & 0xff] ^ + rk[7]; + + rk += 8; + if (--r == 0) { + break; + } + + s0 = + Te0[(t0 >> 24) ] ^ + Te1[(t1 >> 16) & 0xff] ^ + Te2[(t2 >> 8) & 0xff] ^ + Te3[(t3 ) & 0xff] ^ + rk[0]; + s1 = + Te0[(t1 >> 24) ] ^ + Te1[(t2 >> 16) & 0xff] ^ + Te2[(t3 >> 8) & 0xff] ^ + Te3[(t0 ) & 0xff] ^ + rk[1]; + s2 = + Te0[(t2 >> 24) ] ^ + Te1[(t3 >> 16) & 0xff] ^ + Te2[(t0 >> 8) & 0xff] ^ + Te3[(t1 ) & 0xff] ^ + rk[2]; + s3 = + Te0[(t3 >> 24) ] ^ + Te1[(t0 >> 16) & 0xff] ^ + Te2[(t1 >> 8) & 0xff] ^ + Te3[(t2 ) & 0xff] ^ + rk[3]; + } +#endif /* ?FULL_UNROLL */ + /* + * apply last round and + * map cipher state to byte array block: + */ + s0 = + (Te4[(t0 >> 24) ] & 0xff000000) ^ + (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(t3 ) & 0xff] & 0x000000ff) ^ + rk[0]; + PUTU32(ct , s0); + s1 = + (Te4[(t1 >> 24) ] & 0xff000000) ^ + (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(t0 ) & 0xff] & 0x000000ff) ^ + rk[1]; + PUTU32(ct + 4, s1); + s2 = + (Te4[(t2 >> 24) ] & 0xff000000) ^ + (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(t1 ) & 0xff] & 0x000000ff) ^ + rk[2]; + PUTU32(ct + 8, s2); + s3 = + (Te4[(t3 >> 24) ] & 0xff000000) ^ + (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(t2 ) & 0xff] & 0x000000ff) ^ + rk[3]; + PUTU32(ct + 12, s3); +} + +void rijndaelDecrypt(const uint32_t rk[/*4*(Nr + 1)*/], int Nr, const uint8_t ct[16], uint8_t pt[16]) { + uint32_t s0, s1, s2, s3, t0, t1, t2, t3; +#ifndef FULL_UNROLL + int r; +#endif /* ?FULL_UNROLL */ + + /* + * map byte array block to cipher state + * and add initial round key: + */ + s0 = GETU32(ct ) ^ rk[0]; + s1 = GETU32(ct + 4) ^ rk[1]; + s2 = GETU32(ct + 8) ^ rk[2]; + s3 = GETU32(ct + 12) ^ rk[3]; +#ifdef FULL_UNROLL + /* round 1: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7]; + /* round 2: */ + s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8]; + s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9]; + s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10]; + s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11]; + /* round 3: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15]; + /* round 4: */ + s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16]; + s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17]; + s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18]; + s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19]; + /* round 5: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23]; + /* round 6: */ + s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24]; + s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25]; + s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26]; + s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27]; + /* round 7: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31]; + /* round 8: */ + s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32]; + s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33]; + s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34]; + s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35]; + /* round 9: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39]; + if (Nr > 10) { + /* round 10: */ + s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40]; + s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41]; + s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42]; + s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43]; + /* round 11: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47]; + if (Nr > 12) { + /* round 12: */ + s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48]; + s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49]; + s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50]; + s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51]; + /* round 13: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55]; + } + } + rk += Nr << 2; +#else /* !FULL_UNROLL */ + /* + * Nr - 1 full rounds: + */ + r = Nr >> 1; + for (;;) { + t0 = + Td0[(s0 >> 24) ] ^ + Td1[(s3 >> 16) & 0xff] ^ + Td2[(s2 >> 8) & 0xff] ^ + Td3[(s1 ) & 0xff] ^ + rk[4]; + t1 = + Td0[(s1 >> 24) ] ^ + Td1[(s0 >> 16) & 0xff] ^ + Td2[(s3 >> 8) & 0xff] ^ + Td3[(s2 ) & 0xff] ^ + rk[5]; + t2 = + Td0[(s2 >> 24) ] ^ + Td1[(s1 >> 16) & 0xff] ^ + Td2[(s0 >> 8) & 0xff] ^ + Td3[(s3 ) & 0xff] ^ + rk[6]; + t3 = + Td0[(s3 >> 24) ] ^ + Td1[(s2 >> 16) & 0xff] ^ + Td2[(s1 >> 8) & 0xff] ^ + Td3[(s0 ) & 0xff] ^ + rk[7]; + + rk += 8; + if (--r == 0) { + break; + } + + s0 = + Td0[(t0 >> 24) ] ^ + Td1[(t3 >> 16) & 0xff] ^ + Td2[(t2 >> 8) & 0xff] ^ + Td3[(t1 ) & 0xff] ^ + rk[0]; + s1 = + Td0[(t1 >> 24) ] ^ + Td1[(t0 >> 16) & 0xff] ^ + Td2[(t3 >> 8) & 0xff] ^ + Td3[(t2 ) & 0xff] ^ + rk[1]; + s2 = + Td0[(t2 >> 24) ] ^ + Td1[(t1 >> 16) & 0xff] ^ + Td2[(t0 >> 8) & 0xff] ^ + Td3[(t3 ) & 0xff] ^ + rk[2]; + s3 = + Td0[(t3 >> 24) ] ^ + Td1[(t2 >> 16) & 0xff] ^ + Td2[(t1 >> 8) & 0xff] ^ + Td3[(t0 ) & 0xff] ^ + rk[3]; + } +#endif /* ?FULL_UNROLL */ + /* + * apply last round and + * map cipher state to byte array block: + */ + s0 = + (Td4[(t0 >> 24) ] & 0xff000000) ^ + (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t1 ) & 0xff] & 0x000000ff) ^ + rk[0]; + PUTU32(pt , s0); + s1 = + (Td4[(t1 >> 24) ] & 0xff000000) ^ + (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t2 ) & 0xff] & 0x000000ff) ^ + rk[1]; + PUTU32(pt + 4, s1); + s2 = + (Td4[(t2 >> 24) ] & 0xff000000) ^ + (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t3 ) & 0xff] & 0x000000ff) ^ + rk[2]; + PUTU32(pt + 8, s2); + s3 = + (Td4[(t3 >> 24) ] & 0xff000000) ^ + (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t0 ) & 0xff] & 0x000000ff) ^ + rk[3]; + PUTU32(pt + 12, s3); +} diff --git a/lib/hcrypto/rijndael-alg-fst.h b/lib/hcrypto/rijndael-alg-fst.h new file mode 100644 index 000000000000..7e2e1935fd29 --- /dev/null +++ b/lib/hcrypto/rijndael-alg-fst.h @@ -0,0 +1,46 @@ +/* $NetBSD: rijndael-alg-fst.h,v 1.2 2000/10/02 17:19:15 itojun Exp $ */ +/* $KAME: rijndael-alg-fst.h,v 1.5 2003/07/15 10:47:16 itojun Exp $ */ +/** + * rijndael-alg-fst.h + * + * @version 3.0 (December 2000) + * + * Optimised ANSI C code for the Rijndael cipher (now AES) + * + * @author Vincent Rijmen + * @author Antoon Bosselaers + * @author Paulo Barreto + * + * This code is hereby placed in the public domain. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE + * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef __RIJNDAEL_ALG_FST_H +#define __RIJNDAEL_ALG_FST_H + +/* symbol renaming */ +#define rijndaelKeySetupEnc _hc_rijndaelKeySetupEnc +#define rijndaelKeySetupDec _hc_rijndaelKeySetupDec +#define rijndaelEncrypt _hc_rijndaelEncrypt +#define rijndaelDecrypt _hc_rijndaelDecrypt + +#define RIJNDAEL_MAXKC (256/32) +#define RIJNDAEL_MAXKB (256/8) +#define RIJNDAEL_MAXNR 14 + +int rijndaelKeySetupEnc(uint32_t rk[/*4*(Nr + 1)*/], const uint8_t cipherKey[], int keyBits); +int rijndaelKeySetupDec(uint32_t rk[/*4*(Nr + 1)*/], const uint8_t cipherKey[], int keyBits); +void rijndaelEncrypt(const uint32_t rk[/*4*(Nr + 1)*/], int Nr, const uint8_t pt[16], uint8_t ct[16]); +void rijndaelDecrypt(const uint32_t rk[/*4*(Nr + 1)*/], int Nr, const uint8_t ct[16], uint8_t pt[16]); + +#endif /* __RIJNDAEL_ALG_FST_H */ diff --git a/lib/hcrypto/rnd_keys.c b/lib/hcrypto/rnd_keys.c new file mode 100644 index 000000000000..49c7634c381d --- /dev/null +++ b/lib/hcrypto/rnd_keys.c @@ -0,0 +1,139 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + + +#define HC_DEPRECATED + +#ifdef KRB5 +#include +#endif +#include + +#include +#include + +#undef __attribute__ +#define __attribute__(X) + +void HC_DEPRECATED +DES_rand_data(void *outdata, int size) +{ + RAND_bytes(outdata, size); +} + +void HC_DEPRECATED +DES_generate_random_block(DES_cblock *block) +{ + RAND_bytes(block, sizeof(*block)); +} + +#define DES_rand_data_key hc_DES_rand_data_key + +void HC_DEPRECATED +DES_rand_data_key(DES_cblock *key); + +/* + * Generate a random DES key. + */ + +void HC_DEPRECATED +DES_rand_data_key(DES_cblock *key) +{ + DES_new_random_key(key); +} + +void HC_DEPRECATED +DES_set_sequence_number(void *ll) +{ +} + +void HC_DEPRECATED +DES_set_random_generator_seed(DES_cblock *seed) +{ + RAND_seed(seed, sizeof(*seed)); +} + +/** + * Generate a random des key using a random block, fixup parity and + * skip weak keys. + * + * @param key is set to a random key. + * + * @return 0 on success, non zero on random number generator failure. + * + * @ingroup hcrypto_des + */ + +int HC_DEPRECATED +DES_new_random_key(DES_cblock *key) +{ + do { + if (RAND_bytes(key, sizeof(*key)) != 1) + return 1; + DES_set_odd_parity(key); + } while(DES_is_weak_key(key)); + + return(0); +} + +/** + * Seed the random number generator. Deprecated, use @ref page_rand + * + * @param seed a seed to seed that random number generate with. + * + * @ingroup hcrypto_des + */ + +void HC_DEPRECATED +DES_init_random_number_generator(DES_cblock *seed) +{ + RAND_seed(seed, sizeof(*seed)); +} + +/** + * Generate a random key, deprecated since it doesn't return an error + * code, use DES_new_random_key(). + * + * @param key is set to a random key. + * + * @ingroup hcrypto_des + */ + +void HC_DEPRECATED +DES_random_key(DES_cblock *key) +{ + if (DES_new_random_key(key)) + abort(); +} diff --git a/lib/hcrypto/rsa-gmp.c b/lib/hcrypto/rsa-gmp.c new file mode 100644 index 000000000000..b3a994b80349 --- /dev/null +++ b/lib/hcrypto/rsa-gmp.c @@ -0,0 +1,588 @@ +/* + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include + +#include + +#include + +#ifdef HAVE_GMP + +#include + +static void +BN2mpz(mpz_t s, const BIGNUM *bn) +{ + size_t len; + void *p; + + len = BN_num_bytes(bn); + p = malloc(len); + BN_bn2bin(bn, p); + mpz_init(s); + mpz_import(s, len, 1, 1, 1, 0, p); + + free(p); +} + + +static BIGNUM * +mpz2BN(mpz_t s) +{ + size_t size; + BIGNUM *bn; + void *p; + + mpz_export(NULL, &size, 1, 1, 1, 0, s); + p = malloc(size); + if (p == NULL && size != 0) + return NULL; + mpz_export(p, &size, 1, 1, 1, 0, s); + bn = BN_bin2bn(p, size, NULL); + free(p); + return bn; +} + +static int +rsa_private_calculate(mpz_t in, mpz_t p, mpz_t q, + mpz_t dmp1, mpz_t dmq1, mpz_t iqmp, + mpz_t out) +{ + mpz_t vp, vq, u; + mpz_init(vp); mpz_init(vq); mpz_init(u); + + /* vq = c ^ (d mod (q - 1)) mod q */ + /* vp = c ^ (d mod (p - 1)) mod p */ + mpz_fdiv_r(vp, in, p); + mpz_powm(vp, vp, dmp1, p); + mpz_fdiv_r(vq, in, q); + mpz_powm(vq, vq, dmq1, q); + + /* C2 = 1/q mod p (iqmp) */ + /* u = (vp - vq)C2 mod p. */ + mpz_sub(u, vp, vq); +#if 0 + if (mp_int_compare_zero(&u) < 0) + mp_int_add(&u, p, &u); +#endif + mpz_mul(u, iqmp, u); + mpz_fdiv_r(u, u, p); + + /* c ^ d mod n = vq + u q */ + mpz_mul(u, q, u); + mpz_add(out, u, vq); + + mpz_clear(vp); + mpz_clear(vq); + mpz_clear(u); + + return 0; +} + +/* + * + */ + +static int +gmp_rsa_public_encrypt(int flen, const unsigned char* from, + unsigned char* to, RSA* rsa, int padding) +{ + unsigned char *p, *p0; + size_t size, padlen; + mpz_t enc, dec, n, e; + + if (padding != RSA_PKCS1_PADDING) + return -1; + + size = RSA_size(rsa); + + if (size < RSA_PKCS1_PADDING_SIZE || size - RSA_PKCS1_PADDING_SIZE < flen) + return -2; + + BN2mpz(n, rsa->n); + BN2mpz(e, rsa->e); + + p = p0 = malloc(size - 1); + if (p0 == NULL) { + mpz_clear(e); + mpz_clear(n); + return -3; + } + + padlen = size - flen - 3; + assert(padlen >= 8); + + *p++ = 2; + if (RAND_bytes(p, padlen) != 1) { + mpz_clear(e); + mpz_clear(n); + free(p0); + return -4; + } + while(padlen) { + if (*p == 0) + *p = 1; + padlen--; + p++; + } + *p++ = 0; + memcpy(p, from, flen); + p += flen; + assert((p - p0) == size - 1); + + mpz_init(enc); + mpz_init(dec); + mpz_import(dec, size - 1, 1, 1, 1, 0, p0); + free(p0); + + mpz_powm(enc, dec, e, n); + + mpz_clear(dec); + mpz_clear(e); + mpz_clear(n); + { + size_t ssize; + mpz_export(to, &ssize, 1, 1, 1, 0, enc); + assert(size >= ssize); + size = ssize; + } + mpz_clear(enc); + + return size; +} + +static int +gmp_rsa_public_decrypt(int flen, const unsigned char* from, + unsigned char* to, RSA* rsa, int padding) +{ + unsigned char *p; + size_t size; + mpz_t s, us, n, e; + + if (padding != RSA_PKCS1_PADDING) + return -1; + + if (flen > RSA_size(rsa)) + return -2; + + BN2mpz(n, rsa->n); + BN2mpz(e, rsa->e); + +#if 0 + /* Check that the exponent is larger then 3 */ + if (mp_int_compare_value(&e, 3) <= 0) { + mp_int_clear(&n); + mp_int_clear(&e); + return -3; + } +#endif + + mpz_init(s); + mpz_init(us); + mpz_import(s, flen, 1, 1, 1, 0, rk_UNCONST(from)); + + if (mpz_cmp(s, n) >= 0) { + mpz_clear(n); + mpz_clear(e); + return -4; + } + + mpz_powm(us, s, e, n); + + mpz_clear(s); + mpz_clear(n); + mpz_clear(e); + + p = to; + + mpz_export(p, &size, 1, 1, 1, 0, us); + assert(size <= RSA_size(rsa)); + + mpz_clear(us); + + /* head zero was skipped by mp_int_to_unsigned */ + if (*p == 0) + return -6; + if (*p != 1) + return -7; + size--; p++; + while (size && *p == 0xff) { + size--; p++; + } + if (size == 0 || *p != 0) + return -8; + size--; p++; + + memmove(to, p, size); + + return size; +} + +static int +gmp_rsa_private_encrypt(int flen, const unsigned char* from, + unsigned char* to, RSA* rsa, int padding) +{ + unsigned char *p, *p0; + size_t size; + mpz_t in, out, n, e; + + if (padding != RSA_PKCS1_PADDING) + return -1; + + size = RSA_size(rsa); + + if (size < RSA_PKCS1_PADDING_SIZE || size - RSA_PKCS1_PADDING_SIZE < flen) + return -2; + + p0 = p = malloc(size); + *p++ = 0; + *p++ = 1; + memset(p, 0xff, size - flen - 3); + p += size - flen - 3; + *p++ = 0; + memcpy(p, from, flen); + p += flen; + assert((p - p0) == size); + + BN2mpz(n, rsa->n); + BN2mpz(e, rsa->e); + + mpz_init(in); + mpz_init(out); + mpz_import(in, size, 1, 1, 1, 0, p0); + free(p0); + +#if 0 + if(mp_int_compare_zero(&in) < 0 || + mp_int_compare(&in, &n) >= 0) { + size = 0; + goto out; + } +#endif + + if (rsa->p && rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) { + mpz_t p, q, dmp1, dmq1, iqmp; + + BN2mpz(p, rsa->p); + BN2mpz(q, rsa->q); + BN2mpz(dmp1, rsa->dmp1); + BN2mpz(dmq1, rsa->dmq1); + BN2mpz(iqmp, rsa->iqmp); + + rsa_private_calculate(in, p, q, dmp1, dmq1, iqmp, out); + + mpz_clear(p); + mpz_clear(q); + mpz_clear(dmp1); + mpz_clear(dmq1); + mpz_clear(iqmp); + } else { + mpz_t d; + + BN2mpz(d, rsa->d); + mpz_powm(out, in, d, n); + mpz_clear(d); + } + + { + size_t ssize; + mpz_export(to, &ssize, 1, 1, 1, 0, out); + assert(size >= ssize); + size = ssize; + } + + mpz_clear(e); + mpz_clear(n); + mpz_clear(in); + mpz_clear(out); + + return size; +} + +static int +gmp_rsa_private_decrypt(int flen, const unsigned char* from, + unsigned char* to, RSA* rsa, int padding) +{ + unsigned char *ptr; + size_t size; + mpz_t in, out, n, e; + + if (padding != RSA_PKCS1_PADDING) + return -1; + + size = RSA_size(rsa); + if (flen > size) + return -2; + + mpz_init(in); + mpz_init(out); + + BN2mpz(n, rsa->n); + BN2mpz(e, rsa->e); + + mpz_import(in, flen, 1, 1, 1, 0, from); + + if(mpz_cmp_ui(in, 0) < 0 || + mpz_cmp(in, n) >= 0) { + size = 0; + goto out; + } + + if (rsa->p && rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) { + mpz_t p, q, dmp1, dmq1, iqmp; + + BN2mpz(p, rsa->p); + BN2mpz(q, rsa->q); + BN2mpz(dmp1, rsa->dmp1); + BN2mpz(dmq1, rsa->dmq1); + BN2mpz(iqmp, rsa->iqmp); + + rsa_private_calculate(in, p, q, dmp1, dmq1, iqmp, out); + + mpz_clear(p); + mpz_clear(q); + mpz_clear(dmp1); + mpz_clear(dmq1); + mpz_clear(iqmp); + } else { + mpz_t d; + +#if 0 + if(mp_int_compare_zero(&in) < 0 || + mp_int_compare(&in, &n) >= 0) + return MP_RANGE; +#endif + + BN2mpz(d, rsa->d); + mpz_powm(out, in, d, n); + mpz_clear(d); + } + + ptr = to; + { + size_t ssize; + mpz_export(ptr, &ssize, 1, 1, 1, 0, out); + assert(size >= ssize); + size = ssize; + } + + /* head zero was skipped by mp_int_to_unsigned */ + if (*ptr != 2) + return -3; + size--; ptr++; + while (size && *ptr != 0) { + size--; ptr++; + } + if (size == 0) + return -4; + size--; ptr++; + + memmove(to, ptr, size); + +out: + mpz_clear(e); + mpz_clear(n); + mpz_clear(in); + mpz_clear(out); + + return size; +} + +static int +random_num(mpz_t num, size_t len) +{ + unsigned char *p; + + len = (len + 7) / 8; + p = malloc(len); + if (p == NULL) + return 1; + if (RAND_bytes(p, len) != 1) { + free(p); + return 1; + } + mpz_import(num, len, 1, 1, 1, 0, p); + free(p); + return 0; +} + + +static int +gmp_rsa_generate_key(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) +{ + mpz_t el, p, q, n, d, dmp1, dmq1, iqmp, t1, t2, t3; + int counter, ret; + + if (bits < 789) + return -1; + + ret = -1; + + mpz_init(el); + mpz_init(p); + mpz_init(q); + mpz_init(n); + mpz_init(d); + mpz_init(dmp1); + mpz_init(dmq1); + mpz_init(iqmp); + mpz_init(t1); + mpz_init(t2); + mpz_init(t3); + + BN2mpz(el, e); + + /* generate p and q so that p != q and bits(pq) ~ bits */ + + counter = 0; + do { + BN_GENCB_call(cb, 2, counter++); + random_num(p, bits / 2 + 1); + mpz_nextprime(p, p); + + mpz_sub_ui(t1, p, 1); + mpz_gcd(t2, t1, el); + } while(mpz_cmp_ui(t2, 1) != 0); + + BN_GENCB_call(cb, 3, 0); + + counter = 0; + do { + BN_GENCB_call(cb, 2, counter++); + random_num(q, bits / 2 + 1); + mpz_nextprime(q, q); + + mpz_sub_ui(t1, q, 1); + mpz_gcd(t2, t1, el); + } while(mpz_cmp_ui(t2, 1) != 0); + + /* make p > q */ + if (mpz_cmp(p, q) < 0) + mpz_swap(p, q); + + BN_GENCB_call(cb, 3, 1); + + /* calculate n, n = p * q */ + mpz_mul(n, p, q); + + /* calculate d, d = 1/e mod (p - 1)(q - 1) */ + mpz_sub_ui(t1, p, 1); + mpz_sub_ui(t2, q, 1); + mpz_mul(t3, t1, t2); + mpz_invert(d, el, t3); + + /* calculate dmp1 dmp1 = d mod (p-1) */ + mpz_mod(dmp1, d, t1); + /* calculate dmq1 dmq1 = d mod (q-1) */ + mpz_mod(dmq1, d, t2); + /* calculate iqmp iqmp = 1/q mod p */ + mpz_invert(iqmp, q, p); + + /* fill in RSA key */ + + rsa->e = mpz2BN(el); + rsa->p = mpz2BN(p); + rsa->q = mpz2BN(q); + rsa->n = mpz2BN(n); + rsa->d = mpz2BN(d); + rsa->dmp1 = mpz2BN(dmp1); + rsa->dmq1 = mpz2BN(dmq1); + rsa->iqmp = mpz2BN(iqmp); + + ret = 1; + + mpz_clear(el); + mpz_clear(p); + mpz_clear(q); + mpz_clear(n); + mpz_clear(d); + mpz_clear(dmp1); + mpz_clear(dmq1); + mpz_clear(iqmp); + mpz_clear(t1); + mpz_clear(t2); + mpz_clear(t3); + + return ret; +} + +static int +gmp_rsa_init(RSA *rsa) +{ + return 1; +} + +static int +gmp_rsa_finish(RSA *rsa) +{ + return 1; +} + +const RSA_METHOD hc_rsa_gmp_method = { + "hcrypto GMP RSA", + gmp_rsa_public_encrypt, + gmp_rsa_public_decrypt, + gmp_rsa_private_encrypt, + gmp_rsa_private_decrypt, + NULL, + NULL, + gmp_rsa_init, + gmp_rsa_finish, + 0, + NULL, + NULL, + NULL, + gmp_rsa_generate_key +}; + +#endif /* HAVE_GMP */ + +/** + * RSA implementation using Gnu Multipresistion Library. + */ + +const RSA_METHOD * +RSA_gmp_method(void) +{ +#ifdef HAVE_GMP + return &hc_rsa_gmp_method; +#else + return NULL; +#endif +} diff --git a/lib/hcrypto/rsa-ltm.c b/lib/hcrypto/rsa-ltm.c new file mode 100644 index 000000000000..5cd3e9361eb1 --- /dev/null +++ b/lib/hcrypto/rsa-ltm.c @@ -0,0 +1,632 @@ +/* + * Copyright (c) 2006 - 2007, 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include + +#include + +#include + +#include "tommath.h" + +static int +random_num(mp_int *num, size_t len) +{ + unsigned char *p; + + len = (len + 7) / 8; + p = malloc(len); + if (p == NULL) + return 1; + if (RAND_bytes(p, len) != 1) { + free(p); + return 1; + } + mp_read_unsigned_bin(num, p, len); + free(p); + return 0; +} + +static void +BN2mpz(mp_int *s, const BIGNUM *bn) +{ + size_t len; + void *p; + + len = BN_num_bytes(bn); + p = malloc(len); + BN_bn2bin(bn, p); + mp_read_unsigned_bin(s, p, len); + free(p); +} + +static void +setup_blind(mp_int *n, mp_int *b, mp_int *bi) +{ + random_num(b, mp_count_bits(n)); + mp_mod(b, n, b); + mp_invmod(b, n, bi); +} + +static void +blind(mp_int *in, mp_int *b, mp_int *e, mp_int *n) +{ + mp_int t1; + mp_init(&t1); + /* in' = (in * b^e) mod n */ + mp_exptmod(b, e, n, &t1); + mp_mul(&t1, in, in); + mp_mod(in, n, in); + mp_clear(&t1); +} + +static void +unblind(mp_int *out, mp_int *bi, mp_int *n) +{ + /* out' = (out * 1/b) mod n */ + mp_mul(out, bi, out); + mp_mod(out, n, out); +} + +static int +ltm_rsa_private_calculate(mp_int * in, mp_int * p, mp_int * q, + mp_int * dmp1, mp_int * dmq1, mp_int * iqmp, + mp_int * out) +{ + mp_int vp, vq, u; + + mp_init_multi(&vp, &vq, &u, NULL); + + /* vq = c ^ (d mod (q - 1)) mod q */ + /* vp = c ^ (d mod (p - 1)) mod p */ + mp_mod(in, p, &u); + mp_exptmod(&u, dmp1, p, &vp); + mp_mod(in, q, &u); + mp_exptmod(&u, dmq1, q, &vq); + + /* C2 = 1/q mod p (iqmp) */ + /* u = (vp - vq)C2 mod p. */ + mp_sub(&vp, &vq, &u); + if (mp_isneg(&u)) + mp_add(&u, p, &u); + mp_mul(&u, iqmp, &u); + mp_mod(&u, p, &u); + + /* c ^ d mod n = vq + u q */ + mp_mul(&u, q, &u); + mp_add(&u, &vq, out); + + mp_clear_multi(&vp, &vq, &u, NULL); + + return 0; +} + +/* + * + */ + +static int +ltm_rsa_public_encrypt(int flen, const unsigned char* from, + unsigned char* to, RSA* rsa, int padding) +{ + unsigned char *p, *p0; + int res; + size_t size, padlen; + mp_int enc, dec, n, e; + + if (padding != RSA_PKCS1_PADDING) + return -1; + + mp_init_multi(&n, &e, &enc, &dec, NULL); + + size = RSA_size(rsa); + + if (size < RSA_PKCS1_PADDING_SIZE || size - RSA_PKCS1_PADDING_SIZE < flen) { + mp_clear_multi(&n, &e, &enc, &dec); + return -2; + } + + BN2mpz(&n, rsa->n); + BN2mpz(&e, rsa->e); + + p = p0 = malloc(size - 1); + if (p0 == NULL) { + mp_clear_multi(&e, &n, &enc, &dec, NULL); + return -3; + } + + padlen = size - flen - 3; + + *p++ = 2; + if (RAND_bytes(p, padlen) != 1) { + mp_clear_multi(&e, &n, &enc, &dec, NULL); + free(p0); + return -4; + } + while(padlen) { + if (*p == 0) + *p = 1; + padlen--; + p++; + } + *p++ = 0; + memcpy(p, from, flen); + p += flen; + assert((p - p0) == size - 1); + + mp_read_unsigned_bin(&dec, p0, size - 1); + free(p0); + + res = mp_exptmod(&dec, &e, &n, &enc); + + mp_clear_multi(&dec, &e, &n, NULL); + + if (res != 0) { + mp_clear(&enc); + return -4; + } + + { + size_t ssize; + ssize = mp_unsigned_bin_size(&enc); + assert(size >= ssize); + mp_to_unsigned_bin(&enc, to); + size = ssize; + } + mp_clear(&enc); + + return size; +} + +static int +ltm_rsa_public_decrypt(int flen, const unsigned char* from, + unsigned char* to, RSA* rsa, int padding) +{ + unsigned char *p; + int res; + size_t size; + mp_int s, us, n, e; + + if (padding != RSA_PKCS1_PADDING) + return -1; + + if (flen > RSA_size(rsa)) + return -2; + + mp_init_multi(&e, &n, &s, &us, NULL); + + BN2mpz(&n, rsa->n); + BN2mpz(&e, rsa->e); + +#if 0 + /* Check that the exponent is larger then 3 */ + if (mp_int_compare_value(&e, 3) <= 0) { + mp_clear_multi(&e, &n, &s, &us, NULL); + return -3; + } +#endif + + mp_read_unsigned_bin(&s, rk_UNCONST(from), flen); + + if (mp_cmp(&s, &n) >= 0) { + mp_clear_multi(&e, &n, &s, &us, NULL); + return -4; + } + + res = mp_exptmod(&s, &e, &n, &us); + + mp_clear_multi(&e, &n, &s, NULL); + + if (res != 0) { + mp_clear(&us); + return -5; + } + p = to; + + + size = mp_unsigned_bin_size(&us); + assert(size <= RSA_size(rsa)); + mp_to_unsigned_bin(&us, p); + + mp_clear(&us); + + /* head zero was skipped by mp_to_unsigned_bin */ + if (*p == 0) + return -6; + if (*p != 1) + return -7; + size--; p++; + while (size && *p == 0xff) { + size--; p++; + } + if (size == 0 || *p != 0) + return -8; + size--; p++; + + memmove(to, p, size); + + return size; +} + +static int +ltm_rsa_private_encrypt(int flen, const unsigned char* from, + unsigned char* to, RSA* rsa, int padding) +{ + unsigned char *p, *p0; + int res; + int size; + mp_int in, out, n, e; + mp_int bi, b; + int blinding = (rsa->flags & RSA_FLAG_NO_BLINDING) == 0; + int do_unblind = 0; + + if (padding != RSA_PKCS1_PADDING) + return -1; + + mp_init_multi(&e, &n, &in, &out, &b, &bi, NULL); + + size = RSA_size(rsa); + + if (size < RSA_PKCS1_PADDING_SIZE || size - RSA_PKCS1_PADDING_SIZE < flen) + return -2; + + p0 = p = malloc(size); + *p++ = 0; + *p++ = 1; + memset(p, 0xff, size - flen - 3); + p += size - flen - 3; + *p++ = 0; + memcpy(p, from, flen); + p += flen; + assert((p - p0) == size); + + BN2mpz(&n, rsa->n); + BN2mpz(&e, rsa->e); + + mp_read_unsigned_bin(&in, p0, size); + free(p0); + + if(mp_isneg(&in) || mp_cmp(&in, &n) >= 0) { + size = -3; + goto out; + } + + if (blinding) { + setup_blind(&n, &b, &bi); + blind(&in, &b, &e, &n); + do_unblind = 1; + } + + if (rsa->p && rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) { + mp_int p, q, dmp1, dmq1, iqmp; + + mp_init_multi(&p, &q, &dmp1, &dmq1, &iqmp, NULL); + + BN2mpz(&p, rsa->p); + BN2mpz(&q, rsa->q); + BN2mpz(&dmp1, rsa->dmp1); + BN2mpz(&dmq1, rsa->dmq1); + BN2mpz(&iqmp, rsa->iqmp); + + res = ltm_rsa_private_calculate(&in, &p, &q, &dmp1, &dmq1, &iqmp, &out); + + mp_clear_multi(&p, &q, &dmp1, &dmq1, &iqmp, NULL); + + if (res != 0) { + size = -4; + goto out; + } + } else { + mp_int d; + + BN2mpz(&d, rsa->d); + res = mp_exptmod(&in, &d, &n, &out); + mp_clear(&d); + if (res != 0) { + size = -5; + goto out; + } + } + + if (do_unblind) + unblind(&out, &bi, &n); + + if (size > 0) { + size_t ssize; + ssize = mp_unsigned_bin_size(&out); + assert(size >= ssize); + mp_to_unsigned_bin(&out, to); + size = ssize; + } + + out: + mp_clear_multi(&e, &n, &in, &out, &b, &bi, NULL); + + return size; +} + +static int +ltm_rsa_private_decrypt(int flen, const unsigned char* from, + unsigned char* to, RSA* rsa, int padding) +{ + unsigned char *ptr; + int res, size; + mp_int in, out, n, e, b, bi; + int blinding = (rsa->flags & RSA_FLAG_NO_BLINDING) == 0; + int do_unblind = 0; + + if (padding != RSA_PKCS1_PADDING) + return -1; + + size = RSA_size(rsa); + if (flen > size) + return -2; + + mp_init_multi(&in, &n, &e, &out, &b, &bi, NULL); + + BN2mpz(&n, rsa->n); + BN2mpz(&e, rsa->e); + + mp_read_unsigned_bin(&in, rk_UNCONST(from), flen); + + if(mp_isneg(&in) || mp_cmp(&in, &n) >= 0) { + size = -2; + goto out; + } + + if (blinding) { + setup_blind(&n, &b, &bi); + blind(&in, &b, &e, &n); + do_unblind = 1; + } + + if (rsa->p && rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) { + mp_int p, q, dmp1, dmq1, iqmp; + + mp_init_multi(&p, &q, &dmp1, &dmq1, &iqmp, NULL); + + BN2mpz(&p, rsa->p); + BN2mpz(&q, rsa->q); + BN2mpz(&dmp1, rsa->dmp1); + BN2mpz(&dmq1, rsa->dmq1); + BN2mpz(&iqmp, rsa->iqmp); + + res = ltm_rsa_private_calculate(&in, &p, &q, &dmp1, &dmq1, &iqmp, &out); + + mp_clear_multi(&p, &q, &dmp1, &dmq1, &iqmp, NULL); + + if (res != 0) { + size = -3; + goto out; + } + + } else { + mp_int d; + + if(mp_isneg(&in) || mp_cmp(&in, &n) >= 0) + return -4; + + BN2mpz(&d, rsa->d); + res = mp_exptmod(&in, &d, &n, &out); + mp_clear(&d); + if (res != 0) { + size = -5; + goto out; + } + } + + if (do_unblind) + unblind(&out, &bi, &n); + + ptr = to; + { + size_t ssize; + ssize = mp_unsigned_bin_size(&out); + assert(size >= ssize); + mp_to_unsigned_bin(&out, ptr); + size = ssize; + } + + /* head zero was skipped by mp_int_to_unsigned */ + if (*ptr != 2) { + size = -6; + goto out; + } + size--; ptr++; + while (size && *ptr != 0) { + size--; ptr++; + } + if (size == 0) + return -7; + size--; ptr++; + + memmove(to, ptr, size); + + out: + mp_clear_multi(&e, &n, &in, &out, &b, &bi, NULL); + + return size; +} + +static BIGNUM * +mpz2BN(mp_int *s) +{ + size_t size; + BIGNUM *bn; + void *p; + + size = mp_unsigned_bin_size(s); + p = malloc(size); + if (p == NULL && size != 0) + return NULL; + + mp_to_unsigned_bin(s, p); + + bn = BN_bin2bn(p, size, NULL); + free(p); + return bn; +} + +#define CHECK(f, v) if ((f) != (v)) { goto out; } + +static int +ltm_rsa_generate_key(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) +{ + mp_int el, p, q, n, d, dmp1, dmq1, iqmp, t1, t2, t3; + int counter, ret, bitsp; + + if (bits < 789) + return -1; + + bitsp = (bits + 1) / 2; + + ret = -1; + + mp_init_multi(&el, &p, &q, &n, &d, + &dmp1, &dmq1, &iqmp, + &t1, &t2, &t3, NULL); + + BN2mpz(&el, e); + + /* generate p and q so that p != q and bits(pq) ~ bits */ + counter = 0; + do { + BN_GENCB_call(cb, 2, counter++); + CHECK(random_num(&p, bitsp), 0); + CHECK(mp_find_prime(&p), MP_YES); + + mp_sub_d(&p, 1, &t1); + mp_gcd(&t1, &el, &t2); + } while(mp_cmp_d(&t2, 1) != 0); + + BN_GENCB_call(cb, 3, 0); + + counter = 0; + do { + BN_GENCB_call(cb, 2, counter++); + CHECK(random_num(&q, bits - bitsp), 0); + CHECK(mp_find_prime(&q), MP_YES); + + if (mp_cmp(&p, &q) == 0) /* don't let p and q be the same */ + continue; + + mp_sub_d(&q, 1, &t1); + mp_gcd(&t1, &el, &t2); + } while(mp_cmp_d(&t2, 1) != 0); + + /* make p > q */ + if (mp_cmp(&p, &q) < 0) { + mp_int c; + c = p; + p = q; + q = c; + } + + BN_GENCB_call(cb, 3, 1); + + /* calculate n, n = p * q */ + mp_mul(&p, &q, &n); + + /* calculate d, d = 1/e mod (p - 1)(q - 1) */ + mp_sub_d(&p, 1, &t1); + mp_sub_d(&q, 1, &t2); + mp_mul(&t1, &t2, &t3); + mp_invmod(&el, &t3, &d); + + /* calculate dmp1 dmp1 = d mod (p-1) */ + mp_mod(&d, &t1, &dmp1); + /* calculate dmq1 dmq1 = d mod (q-1) */ + mp_mod(&d, &t2, &dmq1); + /* calculate iqmp iqmp = 1/q mod p */ + mp_invmod(&q, &p, &iqmp); + + /* fill in RSA key */ + + rsa->e = mpz2BN(&el); + rsa->p = mpz2BN(&p); + rsa->q = mpz2BN(&q); + rsa->n = mpz2BN(&n); + rsa->d = mpz2BN(&d); + rsa->dmp1 = mpz2BN(&dmp1); + rsa->dmq1 = mpz2BN(&dmq1); + rsa->iqmp = mpz2BN(&iqmp); + + ret = 1; + +out: + mp_clear_multi(&el, &p, &q, &n, &d, + &dmp1, &dmq1, &iqmp, + &t1, &t2, &t3, NULL); + + return ret; +} + +static int +ltm_rsa_init(RSA *rsa) +{ + return 1; +} + +static int +ltm_rsa_finish(RSA *rsa) +{ + return 1; +} + +const RSA_METHOD hc_rsa_ltm_method = { + "hcrypto ltm RSA", + ltm_rsa_public_encrypt, + ltm_rsa_public_decrypt, + ltm_rsa_private_encrypt, + ltm_rsa_private_decrypt, + NULL, + NULL, + ltm_rsa_init, + ltm_rsa_finish, + 0, + NULL, + NULL, + NULL, + ltm_rsa_generate_key +}; + +const RSA_METHOD * +RSA_ltm_method(void) +{ + return &hc_rsa_ltm_method; +} diff --git a/lib/hcrypto/rsa.c b/lib/hcrypto/rsa.c new file mode 100644 index 000000000000..c71ded1b7a8b --- /dev/null +++ b/lib/hcrypto/rsa.c @@ -0,0 +1,706 @@ +/* + * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include + +#include + +#include + +#include "common.h" + +#include + +/** + * @page page_rsa RSA - public-key cryptography + * + * RSA is named by its inventors (Ron Rivest, Adi Shamir, and Leonard + * Adleman) (published in 1977), patented expired in 21 September 2000. + * + * + * Speed for RSA in seconds + * no key blinding + * 1000 iteration, + * same rsa keys (1024 and 2048) + * operation performed each eteration sign, verify, encrypt, decrypt on a random bit pattern + * + * name 1024 2048 4098 + * ================================= + * gmp: 0.73 6.60 44.80 + * tfm: 2.45 -- -- + * ltm: 3.79 20.74 105.41 (default in hcrypto) + * openssl: 4.04 11.90 82.59 + * cdsa: 15.89 102.89 721.40 + * imath: 40.62 -- -- + * + * See the library functions here: @ref hcrypto_rsa + */ + +/** + * Same as RSA_new_method() using NULL as engine. + * + * @return a newly allocated RSA object. Free with RSA_free(). + * + * @ingroup hcrypto_rsa + */ + +RSA * +RSA_new(void) +{ + return RSA_new_method(NULL); +} + +/** + * Allocate a new RSA object using the engine, if NULL is specified as + * the engine, use the default RSA engine as returned by + * ENGINE_get_default_RSA(). + * + * @param engine Specific what ENGINE RSA provider should be used. + * + * @return a newly allocated RSA object. Free with RSA_free(). + * + * @ingroup hcrypto_rsa + */ + +RSA * +RSA_new_method(ENGINE *engine) +{ + RSA *rsa; + + rsa = calloc(1, sizeof(*rsa)); + if (rsa == NULL) + return NULL; + + rsa->references = 1; + + if (engine) { + ENGINE_up_ref(engine); + rsa->engine = engine; + } else { + rsa->engine = ENGINE_get_default_RSA(); + } + + if (rsa->engine) { + rsa->meth = ENGINE_get_RSA(rsa->engine); + if (rsa->meth == NULL) { + ENGINE_finish(engine); + free(rsa); + return 0; + } + } + + if (rsa->meth == NULL) + rsa->meth = rk_UNCONST(RSA_get_default_method()); + + (*rsa->meth->init)(rsa); + + return rsa; +} + +/** + * Free an allocation RSA object. + * + * @param rsa the RSA object to free. + * @ingroup hcrypto_rsa + */ + +void +RSA_free(RSA *rsa) +{ + if (rsa->references <= 0) + abort(); + + if (--rsa->references > 0) + return; + + (*rsa->meth->finish)(rsa); + + if (rsa->engine) + ENGINE_finish(rsa->engine); + +#define free_if(f) if (f) { BN_free(f); } + free_if(rsa->n); + free_if(rsa->e); + free_if(rsa->d); + free_if(rsa->p); + free_if(rsa->q); + free_if(rsa->dmp1); + free_if(rsa->dmq1); + free_if(rsa->iqmp); +#undef free_if + + memset(rsa, 0, sizeof(*rsa)); + free(rsa); +} + +/** + * Add an extra reference to the RSA object. The object should be free + * with RSA_free() to drop the reference. + * + * @param rsa the object to add reference counting too. + * + * @return the current reference count, can't safely be used except + * for debug printing. + * + * @ingroup hcrypto_rsa + */ + +int +RSA_up_ref(RSA *rsa) +{ + return ++rsa->references; +} + +/** + * Return the RSA_METHOD used for this RSA object. + * + * @param rsa the object to get the method from. + * + * @return the method used for this RSA object. + * + * @ingroup hcrypto_rsa + */ + +const RSA_METHOD * +RSA_get_method(const RSA *rsa) +{ + return rsa->meth; +} + +/** + * Set a new method for the RSA keypair. + * + * @param rsa rsa parameter. + * @param method the new method for the RSA parameter. + * + * @return 1 on success. + * + * @ingroup hcrypto_rsa + */ + +int +RSA_set_method(RSA *rsa, const RSA_METHOD *method) +{ + (*rsa->meth->finish)(rsa); + + if (rsa->engine) { + ENGINE_finish(rsa->engine); + rsa->engine = NULL; + } + + rsa->meth = method; + (*rsa->meth->init)(rsa); + return 1; +} + +/** + * Set the application data for the RSA object. + * + * @param rsa the rsa object to set the parameter for + * @param arg the data object to store + * + * @return 1 on success. + * + * @ingroup hcrypto_rsa + */ + +int +RSA_set_app_data(RSA *rsa, void *arg) +{ + rsa->ex_data.sk = arg; + return 1; +} + +/** + * Get the application data for the RSA object. + * + * @param rsa the rsa object to get the parameter for + * + * @return the data object + * + * @ingroup hcrypto_rsa + */ + +void * +RSA_get_app_data(const RSA *rsa) +{ + return rsa->ex_data.sk; +} + +int +RSA_check_key(const RSA *key) +{ + static const unsigned char inbuf[] = "hello, world!"; + RSA *rsa = rk_UNCONST(key); + void *buffer; + int ret; + + /* + * XXX I have no clue how to implement this w/o a bignum library. + * Well, when we have a RSA key pair, we can try to encrypt/sign + * and then decrypt/verify. + */ + + if ((rsa->d == NULL || rsa->n == NULL) && + (rsa->p == NULL || rsa->q || rsa->dmp1 == NULL || rsa->dmq1 == NULL || rsa->iqmp == NULL)) + return 0; + + buffer = malloc(RSA_size(rsa)); + if (buffer == NULL) + return 0; + + ret = RSA_private_encrypt(sizeof(inbuf), inbuf, buffer, + rsa, RSA_PKCS1_PADDING); + if (ret == -1) { + free(buffer); + return 0; + } + + ret = RSA_public_decrypt(ret, buffer, buffer, + rsa, RSA_PKCS1_PADDING); + if (ret == -1) { + free(buffer); + return 0; + } + + if (ret == sizeof(inbuf) && ct_memcmp(buffer, inbuf, sizeof(inbuf)) == 0) { + free(buffer); + return 1; + } + free(buffer); + return 0; +} + +int +RSA_size(const RSA *rsa) +{ + return BN_num_bytes(rsa->n); +} + +#define RSAFUNC(name, body) \ +int \ +name(int flen,const unsigned char* f, unsigned char* t, RSA* r, int p){\ + return body; \ +} + +RSAFUNC(RSA_public_encrypt, (r)->meth->rsa_pub_enc(flen, f, t, r, p)) +RSAFUNC(RSA_public_decrypt, (r)->meth->rsa_pub_dec(flen, f, t, r, p)) +RSAFUNC(RSA_private_encrypt, (r)->meth->rsa_priv_enc(flen, f, t, r, p)) +RSAFUNC(RSA_private_decrypt, (r)->meth->rsa_priv_dec(flen, f, t, r, p)) + +static const heim_octet_string null_entry_oid = { 2, rk_UNCONST("\x05\x00") }; + +static const unsigned sha1_oid_tree[] = { 1, 3, 14, 3, 2, 26 }; +static const AlgorithmIdentifier _signature_sha1_data = { + { 6, rk_UNCONST(sha1_oid_tree) }, rk_UNCONST(&null_entry_oid) +}; +static const unsigned sha256_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 1 }; +static const AlgorithmIdentifier _signature_sha256_data = { + { 9, rk_UNCONST(sha256_oid_tree) }, rk_UNCONST(&null_entry_oid) +}; +static const unsigned md5_oid_tree[] = { 1, 2, 840, 113549, 2, 5 }; +static const AlgorithmIdentifier _signature_md5_data = { + { 6, rk_UNCONST(md5_oid_tree) }, rk_UNCONST(&null_entry_oid) +}; + + +int +RSA_sign(int type, const unsigned char *from, unsigned int flen, + unsigned char *to, unsigned int *tlen, RSA *rsa) +{ + if (rsa->meth->rsa_sign) + return rsa->meth->rsa_sign(type, from, flen, to, tlen, rsa); + + if (rsa->meth->rsa_priv_enc) { + heim_octet_string indata; + DigestInfo di; + size_t size; + int ret; + + memset(&di, 0, sizeof(di)); + + if (type == NID_sha1) { + di.digestAlgorithm = _signature_sha1_data; + } else if (type == NID_md5) { + di.digestAlgorithm = _signature_md5_data; + } else if (type == NID_sha256) { + di.digestAlgorithm = _signature_sha256_data; + } else + return -1; + + di.digest.data = rk_UNCONST(from); + di.digest.length = flen; + + ASN1_MALLOC_ENCODE(DigestInfo, + indata.data, + indata.length, + &di, + &size, + ret); + if (ret) + return ret; + if (indata.length != size) + abort(); + + ret = rsa->meth->rsa_priv_enc(indata.length, indata.data, to, + rsa, RSA_PKCS1_PADDING); + free(indata.data); + if (ret > 0) { + *tlen = ret; + ret = 1; + } else + ret = 0; + + return ret; + } + + return 0; +} + +int +RSA_verify(int type, const unsigned char *from, unsigned int flen, + unsigned char *sigbuf, unsigned int siglen, RSA *rsa) +{ + if (rsa->meth->rsa_verify) + return rsa->meth->rsa_verify(type, from, flen, sigbuf, siglen, rsa); + + if (rsa->meth->rsa_pub_dec) { + const AlgorithmIdentifier *digest_alg; + void *data; + DigestInfo di; + size_t size; + int ret, ret2; + + data = malloc(RSA_size(rsa)); + if (data == NULL) + return -1; + + memset(&di, 0, sizeof(di)); + + ret = rsa->meth->rsa_pub_dec(siglen, sigbuf, data, rsa, RSA_PKCS1_PADDING); + if (ret <= 0) { + free(data); + return -2; + } + + ret2 = decode_DigestInfo(data, ret, &di, &size); + free(data); + if (ret2 != 0) + return -3; + if (ret != size) { + free_DigestInfo(&di); + return -4; + } + + if (flen != di.digest.length || memcmp(di.digest.data, from, flen) != 0) { + free_DigestInfo(&di); + return -5; + } + + if (type == NID_sha1) { + digest_alg = &_signature_sha1_data; + } else if (type == NID_md5) { + digest_alg = &_signature_md5_data; + } else if (type == NID_sha256) { + digest_alg = &_signature_sha256_data; + } else { + free_DigestInfo(&di); + return -1; + } + + ret = der_heim_oid_cmp(&digest_alg->algorithm, + &di.digestAlgorithm.algorithm); + free_DigestInfo(&di); + + if (ret != 0) + return 0; + return 1; + } + + return 0; +} + +/* + * A NULL RSA_METHOD that returns failure for all operations. This is + * used as the default RSA method if we don't have any native + * support. + */ + +static RSAFUNC(null_rsa_public_encrypt, -1) +static RSAFUNC(null_rsa_public_decrypt, -1) +static RSAFUNC(null_rsa_private_encrypt, -1) +static RSAFUNC(null_rsa_private_decrypt, -1) + +/* + * + */ + +int +RSA_generate_key_ex(RSA *r, int bits, BIGNUM *e, BN_GENCB *cb) +{ + if (r->meth->rsa_keygen) + return (*r->meth->rsa_keygen)(r, bits, e, cb); + return 0; +} + + +/* + * + */ + +static int +null_rsa_init(RSA *rsa) +{ + return 1; +} + +static int +null_rsa_finish(RSA *rsa) +{ + return 1; +} + +static const RSA_METHOD rsa_null_method = { + "hcrypto null RSA", + null_rsa_public_encrypt, + null_rsa_public_decrypt, + null_rsa_private_encrypt, + null_rsa_private_decrypt, + NULL, + NULL, + null_rsa_init, + null_rsa_finish, + 0, + NULL, + NULL, + NULL +}; + +const RSA_METHOD * +RSA_null_method(void) +{ + return &rsa_null_method; +} + +extern const RSA_METHOD hc_rsa_gmp_method; +extern const RSA_METHOD hc_rsa_tfm_method; +extern const RSA_METHOD hc_rsa_ltm_method; +static const RSA_METHOD *default_rsa_method = &hc_rsa_ltm_method; + + +const RSA_METHOD * +RSA_get_default_method(void) +{ + return default_rsa_method; +} + +void +RSA_set_default_method(const RSA_METHOD *meth) +{ + default_rsa_method = meth; +} + +/* + * + */ + +RSA * +d2i_RSAPrivateKey(RSA *rsa, const unsigned char **pp, size_t len) +{ + RSAPrivateKey data; + RSA *k = rsa; + size_t size; + int ret; + + ret = decode_RSAPrivateKey(*pp, len, &data, &size); + if (ret) + return NULL; + + *pp += size; + + if (k == NULL) { + k = RSA_new(); + if (k == NULL) { + free_RSAPrivateKey(&data); + return NULL; + } + } + + k->n = _hc_integer_to_BN(&data.modulus, NULL); + k->e = _hc_integer_to_BN(&data.publicExponent, NULL); + k->d = _hc_integer_to_BN(&data.privateExponent, NULL); + k->p = _hc_integer_to_BN(&data.prime1, NULL); + k->q = _hc_integer_to_BN(&data.prime2, NULL); + k->dmp1 = _hc_integer_to_BN(&data.exponent1, NULL); + k->dmq1 = _hc_integer_to_BN(&data.exponent2, NULL); + k->iqmp = _hc_integer_to_BN(&data.coefficient, NULL); + free_RSAPrivateKey(&data); + + if (k->n == NULL || k->e == NULL || k->d == NULL || k->p == NULL || + k->q == NULL || k->dmp1 == NULL || k->dmq1 == NULL || k->iqmp == NULL) + { + RSA_free(k); + return NULL; + } + + return k; +} + +int +i2d_RSAPrivateKey(RSA *rsa, unsigned char **pp) +{ + RSAPrivateKey data; + size_t size; + int ret; + + if (rsa->n == NULL || rsa->e == NULL || rsa->d == NULL || rsa->p == NULL || + rsa->q == NULL || rsa->dmp1 == NULL || rsa->dmq1 == NULL || + rsa->iqmp == NULL) + return -1; + + memset(&data, 0, sizeof(data)); + + ret = _hc_BN_to_integer(rsa->n, &data.modulus); + ret |= _hc_BN_to_integer(rsa->e, &data.publicExponent); + ret |= _hc_BN_to_integer(rsa->d, &data.privateExponent); + ret |= _hc_BN_to_integer(rsa->p, &data.prime1); + ret |= _hc_BN_to_integer(rsa->q, &data.prime2); + ret |= _hc_BN_to_integer(rsa->dmp1, &data.exponent1); + ret |= _hc_BN_to_integer(rsa->dmq1, &data.exponent2); + ret |= _hc_BN_to_integer(rsa->iqmp, &data.coefficient); + if (ret) { + free_RSAPrivateKey(&data); + return -1; + } + + if (pp == NULL) { + size = length_RSAPrivateKey(&data); + free_RSAPrivateKey(&data); + } else { + void *p; + size_t len; + + ASN1_MALLOC_ENCODE(RSAPrivateKey, p, len, &data, &size, ret); + free_RSAPrivateKey(&data); + if (ret) + return -1; + if (len != size) + abort(); + + memcpy(*pp, p, size); + free(p); + + *pp += size; + + } + return size; +} + +int +i2d_RSAPublicKey(RSA *rsa, unsigned char **pp) +{ + RSAPublicKey data; + size_t size; + int ret; + + memset(&data, 0, sizeof(data)); + + if (_hc_BN_to_integer(rsa->n, &data.modulus) || + _hc_BN_to_integer(rsa->e, &data.publicExponent)) + { + free_RSAPublicKey(&data); + return -1; + } + + if (pp == NULL) { + size = length_RSAPublicKey(&data); + free_RSAPublicKey(&data); + } else { + void *p; + size_t len; + + ASN1_MALLOC_ENCODE(RSAPublicKey, p, len, &data, &size, ret); + free_RSAPublicKey(&data); + if (ret) + return -1; + if (len != size) + abort(); + + memcpy(*pp, p, size); + free(p); + + *pp += size; + } + + return size; +} + +RSA * +d2i_RSAPublicKey(RSA *rsa, const unsigned char **pp, size_t len) +{ + RSAPublicKey data; + RSA *k = rsa; + size_t size; + int ret; + + ret = decode_RSAPublicKey(*pp, len, &data, &size); + if (ret) + return NULL; + + *pp += size; + + if (k == NULL) { + k = RSA_new(); + if (k == NULL) { + free_RSAPublicKey(&data); + return NULL; + } + } + + k->n = _hc_integer_to_BN(&data.modulus, NULL); + k->e = _hc_integer_to_BN(&data.publicExponent, NULL); + + free_RSAPublicKey(&data); + + if (k->n == NULL || k->e == NULL) { + RSA_free(k); + return NULL; + } + + return k; +} diff --git a/lib/hcrypto/rsa.h b/lib/hcrypto/rsa.h new file mode 100644 index 000000000000..798852d3f158 --- /dev/null +++ b/lib/hcrypto/rsa.h @@ -0,0 +1,181 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * $Id$ + */ + +#ifndef _HEIM_RSA_H +#define _HEIM_RSA_H 1 + +/* symbol renaming */ +#define RSA_null_method hc_RSA_null_method +#define RSA_ltm_method hc_RSA_ltm_method +#define RSA_gmp_method hc_RSA_gmp_method +#define RSA_tfm_method hc_RSA_tfm_method +#define RSA_new hc_RSA_new +#define RSA_new_method hc_RSA_new_method +#define RSA_free hc_RSA_free +#define RSA_up_ref hc_RSA_up_ref +#define RSA_set_default_method hc_RSA_set_default_method +#define RSA_get_default_method hc_RSA_get_default_method +#define RSA_set_method hc_RSA_set_method +#define RSA_get_method hc_RSA_get_method +#define RSA_set_app_data hc_RSA_set_app_data +#define RSA_get_app_data hc_RSA_get_app_data +#define RSA_check_key hc_RSA_check_key +#define RSA_size hc_RSA_size +#define RSA_public_encrypt hc_RSA_public_encrypt +#define RSA_public_decrypt hc_RSA_public_decrypt +#define RSA_private_encrypt hc_RSA_private_encrypt +#define RSA_private_decrypt hc_RSA_private_decrypt +#define RSA_sign hc_RSA_sign +#define RSA_verify hc_RSA_verify +#define RSA_generate_key_ex hc_RSA_generate_key_ex +#define d2i_RSAPrivateKey hc_d2i_RSAPrivateKey +#define i2d_RSAPrivateKey hc_i2d_RSAPrivateKey +#define i2d_RSAPublicKey hc_i2d_RSAPublicKey +#define d2i_RSAPublicKey hc_d2i_RSAPublicKey + +/* + * + */ + +typedef struct RSA RSA; +typedef struct RSA_METHOD RSA_METHOD; + +#include +#include + +struct RSA_METHOD { + const char *name; + int (*rsa_pub_enc)(int,const unsigned char *, unsigned char *, RSA *,int); + int (*rsa_pub_dec)(int,const unsigned char *, unsigned char *, RSA *,int); + int (*rsa_priv_enc)(int,const unsigned char *, unsigned char *, RSA *,int); + int (*rsa_priv_dec)(int,const unsigned char *, unsigned char *, RSA *,int); + void *rsa_mod_exp; + void *bn_mod_exp; + int (*init)(RSA *rsa); + int (*finish)(RSA *rsa); + int flags; + char *app_data; + int (*rsa_sign)(int, const unsigned char *, unsigned int, + unsigned char *, unsigned int *, const RSA *); + int (*rsa_verify)(int, const unsigned char *, unsigned int, + unsigned char *, unsigned int, const RSA *); + int (*rsa_keygen)(RSA *, int, BIGNUM *, BN_GENCB *); +}; + +struct RSA { + int pad; + long version; + const RSA_METHOD *meth; + void *engine; + BIGNUM *n; + BIGNUM *e; + BIGNUM *d; + BIGNUM *p; + BIGNUM *q; + BIGNUM *dmp1; + BIGNUM *dmq1; + BIGNUM *iqmp; + struct rsa_CRYPTO_EX_DATA { + void *sk; + int dummy; + } ex_data; + int references; + int flags; + void *_method_mod_n; + void *_method_mod_p; + void *_method_mod_q; + + char *bignum_data; + void *blinding; + void *mt_blinding; +}; + +#define RSA_FLAG_NO_BLINDING 0x0080 + +#define RSA_PKCS1_PADDING 1 +#define RSA_PKCS1_OAEP_PADDING 4 +#define RSA_PKCS1_PADDING_SIZE 11 + +/* + * + */ + +const RSA_METHOD *RSA_null_method(void); +const RSA_METHOD *RSA_gmp_method(void); +const RSA_METHOD *RSA_tfm_method(void); +const RSA_METHOD *RSA_ltm_method(void); + +/* + * + */ + +RSA * RSA_new(void); +RSA * RSA_new_method(ENGINE *); +void RSA_free(RSA *); +int RSA_up_ref(RSA *); + +void RSA_set_default_method(const RSA_METHOD *); +const RSA_METHOD * RSA_get_default_method(void); + +const RSA_METHOD * RSA_get_method(const RSA *); +int RSA_set_method(RSA *, const RSA_METHOD *); + +int RSA_set_app_data(RSA *, void *arg); +void * RSA_get_app_data(const RSA *); + +int RSA_check_key(const RSA *); +int RSA_size(const RSA *); + +int RSA_public_encrypt(int,const unsigned char*,unsigned char*,RSA *,int); +int RSA_private_encrypt(int,const unsigned char*,unsigned char*,RSA *,int); +int RSA_public_decrypt(int,const unsigned char*,unsigned char*,RSA *,int); +int RSA_private_decrypt(int,const unsigned char*,unsigned char*,RSA *,int); + +int RSA_sign(int, const unsigned char *, unsigned int, + unsigned char *, unsigned int *, RSA *); +int RSA_verify(int, const unsigned char *, unsigned int, + unsigned char *, unsigned int, RSA *); + +int RSA_generate_key_ex(RSA *, int, BIGNUM *, BN_GENCB *); + +RSA * d2i_RSAPrivateKey(RSA *, const unsigned char **, size_t); +int i2d_RSAPrivateKey(RSA *, unsigned char **); + +int i2d_RSAPublicKey(RSA *, unsigned char **); +RSA * d2i_RSAPublicKey(RSA *, const unsigned char **, size_t); + +#endif /* _HEIM_RSA_H */ diff --git a/lib/hcrypto/rsakey.der b/lib/hcrypto/rsakey.der new file mode 100644 index 0000000000000000000000000000000000000000..e7c665e3005ee3a753a3d6e26dc9f0aed74dab66 GIT binary patch literal 609 zcmV-n0-pUaf&yIv0RRGlfdIm)qC&S@nWO!>@SAnp?>w7~&tqRk*pYNF=xwjRpOPnn~@Y$K2O#d-^0T4`Dr$-&e?s+*}#}RC~=PLpO0RRC4fq)*Q zRbE3Dd>p_x$lvd=YWovW8sq(cU0_tjiKfbvTq8tWoNBes^fMEr)Pm_calB`<1nPUQ zvl(O!xIW;#{9aT6u+x<-6VZI6!kBugYdSXc)78y;=Dd!PI_-Y!58i&9^8ii#T(gWu z*(w3UJQ+012Kf~|Je6GoOXW#CML_~V0O;1E_ww7&wIln9XE_+vWn8=8E4A;O3~Wrt zKeq*sM%*ol>Pmm+{tdkAMa2*IM7F0EW&d`wmMjSD%G`d!0|G$+)(7mqPeusAY7f2e z^xRh`j+1(G(jsi=IE-tXo%zLtWY0bY@}I?vSh+$8HH73lx#L z0zf$~m4Hl5eYq~k6q}qQBrQvm{2&1Xf`D#}fR=teNKLQ5BT~K3A&i|B8+N=2%E3NX zRHEV)WzT4<9CS&jd%prf0H5+KDa>>^_RyRY1`hVx>g3U}p!`@}s_hqp6F6&t005RB zbFyty<6o%C+oak}AId9)YmBy8r vFZBj@5ivhsq)?0J&iVT;j=No(-|+<0n~N73a914nGF!S(6}dmj{_Z7B-BBx1 literal 0 HcmV?d00001 diff --git a/lib/hcrypto/rsakey2048.der b/lib/hcrypto/rsakey2048.der new file mode 100644 index 0000000000000000000000000000000000000000..c802d3b21ecfd4aff4e5840e30677ef6739da290 GIT binary patch literal 1192 zcmV;Z1Xueof&`=j0RRGm0RaG_UarMZGbL2>sc3k#Ogy_m4m$rw!cy9*hN5YKXy+J^4(pRsS418|#n!?Jjoxy-^%B;SM;s zAGk<6n;LNO#W?rW;CHs=e35)AltIrXuPU{{?&`PIU^L}Xal%A-d`K2a5AnEox}DQd z*NS185M)3U4Ay8Dtab|m0|5X50)hbm4tS&403qJg=ysFR7B{Ir15AGYd*V);>f$(v zy3{_%vsQwnzB%%M7dJr=NGr5N0*$dC)}$AlQZE!*#kqNLaN#V(9eL2a%ZDK9H5If9PvR zB3>XH;sto(kNa?9P3s_J`OEH_;W84Xr;`{bm&hIZNR}CRuboP5k#W=G#oDi26&Dy- z8jTeS&g~Azh`a{#RCU0)c@5 z#cNvfM;D)U72cip;Hpp`#n+BbN45x)qcoQSquq5n=McoTTx<7-qNJAj(0z?Gj1U(# zi3PVZC)uNq>}0#~>PyFy*k+~@<8YujilrY?l!2OFY$m8z%>uNHy7R}wla8Gq*}wCc zVmE%ggB>Lz@KJvPfOfEpAGeA|>#Zs~0)c@5sRES16^3lK1Ia%elpCStU)lJ`Z53pI z%l^hTXqf}gJ_JO7Au*+i)1Vyn(JE;Y{1?=&60q5y){nKgm64xHs5NVBK4%ZUbFk7l z=~)Y!m0@v9M;Y?0rvk5zIAk+*%sG&wM?HB+pL61m8jQT$Bzwj2sLl|g`I(W0i~5m~ z0)c=9=>pyX_SqFaL|x)YGm#d8Yr~x2RJh3kx6W0I=2KoG5X5rPgMsstknP+kySadS zIQSUv-8JygbeW3te#nWVgat#5)b!ui<3&iU4e4|xas$^B(adyYbkaubN#qY4*~TVs z^l2=Fv^bp@C&f0{j`#?1BpiV4z$WROprC~Ufq?*wyQh(16^POu@ri6;CCd$@i{gyD z0~q6N>lxyJwwCce&a(uTt?GXP|JOW3u5+8Det!^2h}3SQYvjfF8#_4m;N=DQSdo*K*2Qlz%%YJd0c+kzOR( z3<%0`*@GU%)FZ7 zly;3FO?|Jhk{K`|qciES=uG!pXUV1~k)WPcQy^E$ZX5nJYKmjf+RD7);ZbmUQ$Ba< z@pm1jgE+4v^xCk1(iEm@)bjzMcNqWR9gy${ACXqq-dxZ+80u& zGr1p`h9>uIXz#@W0|5X50)heo0E(|l=>RLmF2HX)LwSrjC%_OFKJf`u39$Uly<|Ad zK*kkiNMsCkv@-Q3=J>Ya4O)Ch`=C5hs;MS@AXBld#Rst?uw+3d@W63Cwm_DU^>K^L zd<ni93xqFG`&~h(&f9GkH>4Lm){U{tNkmh*b?GGCw%_<)Y9$rPX2k z5dM8$q)qL~fhP%K=2l)q-JB98@7V9bd7K>;PlvAoS$ez2%bN55{$RyvF(_V6UdTn@ zE*tL!gyi-51+koLGTS9^7Y?T{-xz69hb&DuoV<%=DrCy;{o;L2H0fs7tp3ll+O;*9 zUnOWYdig^X4%ho&14t21?x33KQSY!LAE*}lB$-gz{}TRD>N2#7c&FOy%u5CZII0(< zNu{O&8W-Ats|p+$N`phc5;au|I2=w{J+vbI6$5$Hn~vgSOE6st#=+fr6R#(IYbXC& z$8W@#?%Z$2<5_D>UNTtLT5P^aOv0Xf$DTA_|7O_3;nKy z!K2#p%>Su0j947~0Rn;n0RZira6^g3Nbp4{v%FNBch9AD-Z~7x8>nW*f8}SBguf(S z3o)elKFkx0Lp*(r=YkjTm0Ed?npStUYwDPG*ngCzMK2E) ztOT+s(Z({5jL(t6sX*L1pxIqLoG_CSI=1vL>*dox2@A$F{M8`6a3wcnE6r=~VI1oC zYu)RYwi)~uLA|wd>!q{+T^AmB;dt1MQ@`Zk-<5*T>V>jnY;-}uMXhb(h!77{JImJA z&ZqhEi1-~E(%1-Vn9c$CJHpYvAiu}@dIGegS*MfSLa;l~l}2~U(zN7ETqw6>vQ;OP z>?cR-?$?ls@=ou0A5aXrE|$+pN~Td6%CXj4-;;5>v4^%d2)!lc1y(89kDi>Kcw0Dm zCrLohH`=8!bdr`HOoIgif&l>lyz%u_53+r1>tYdudbnbb5#eYBJ8W#x{$HVUxM;hO z5C~-0W_m5%w9&o^)j`VejQk1g6*aJLI%BpW+IjLeFK0F0SOKF7f7>4s{zP7 z9tjP^J=8I6?=ER-{G<&eO$XFBuhyk?l_IqM>g~YG+o_Fd^32SO^N}myE-J2Xh3CVG zX4Rep?!ilLw>zmvXxFL~*}Fn!;~?Fo|Oe)Fq(vTWqQnV5f~Jyf7>+NdTB zko{hh-8Z-qbno0^5n1#`9FtUVyn`E&VbhB3chk&J(VJp!1lVyKlXkDf-ujvpQG)8~ z(Q1iSnoPh5y$VGLKQ)yCBOy@bKamdX*jVhZF1gwAbZ1>nrEuuD8ycn1cX8P=M21Ak z5Q+j;x>cEmWxx?e7IN{4bZ^LzAn(4W0vHaRTeXyI#W_&S;;M3DXdETRLHsyrt#yRi z*-{e_{?+~U`(ZN}@@rV#0)hbmY&xT2flx$GaTcZLP9j4wEo&7r@AEZwiz*-2K_@qZ;*cKdEJ;eH_y74FIP!YDEO&dHFq1?>Nusp6hcounter[0] +#define B m->counter[1] +#define C m->counter[2] +#define D m->counter[3] +#define E m->counter[4] +#define X data + +void +SHA1_Init (struct sha *m) +{ + m->sz[0] = 0; + m->sz[1] = 0; + A = 0x67452301; + B = 0xefcdab89; + C = 0x98badcfe; + D = 0x10325476; + E = 0xc3d2e1f0; +} + + +#define F0(x,y,z) CRAYFIX((x & y) | (~x & z)) +#define F1(x,y,z) (x ^ y ^ z) +#define F2(x,y,z) ((x & y) | (x & z) | (y & z)) +#define F3(x,y,z) F1(x,y,z) + +#define K0 0x5a827999 +#define K1 0x6ed9eba1 +#define K2 0x8f1bbcdc +#define K3 0xca62c1d6 + +#define DO(t,f,k) \ +do { \ + uint32_t temp; \ + \ + temp = cshift(AA, 5) + f(BB,CC,DD) + EE + data[t] + k; \ + EE = DD; \ + DD = CC; \ + CC = cshift(BB, 30); \ + BB = AA; \ + AA = temp; \ +} while(0) + +static inline void +calc (struct sha *m, uint32_t *in) +{ + uint32_t AA, BB, CC, DD, EE; + uint32_t data[80]; + int i; + + AA = A; + BB = B; + CC = C; + DD = D; + EE = E; + + for (i = 0; i < 16; ++i) + data[i] = in[i]; + for (i = 16; i < 80; ++i) + data[i] = cshift(data[i-3] ^ data[i-8] ^ data[i-14] ^ data[i-16], 1); + + /* t=[0,19] */ + + DO(0,F0,K0); + DO(1,F0,K0); + DO(2,F0,K0); + DO(3,F0,K0); + DO(4,F0,K0); + DO(5,F0,K0); + DO(6,F0,K0); + DO(7,F0,K0); + DO(8,F0,K0); + DO(9,F0,K0); + DO(10,F0,K0); + DO(11,F0,K0); + DO(12,F0,K0); + DO(13,F0,K0); + DO(14,F0,K0); + DO(15,F0,K0); + DO(16,F0,K0); + DO(17,F0,K0); + DO(18,F0,K0); + DO(19,F0,K0); + + /* t=[20,39] */ + + DO(20,F1,K1); + DO(21,F1,K1); + DO(22,F1,K1); + DO(23,F1,K1); + DO(24,F1,K1); + DO(25,F1,K1); + DO(26,F1,K1); + DO(27,F1,K1); + DO(28,F1,K1); + DO(29,F1,K1); + DO(30,F1,K1); + DO(31,F1,K1); + DO(32,F1,K1); + DO(33,F1,K1); + DO(34,F1,K1); + DO(35,F1,K1); + DO(36,F1,K1); + DO(37,F1,K1); + DO(38,F1,K1); + DO(39,F1,K1); + + /* t=[40,59] */ + + DO(40,F2,K2); + DO(41,F2,K2); + DO(42,F2,K2); + DO(43,F2,K2); + DO(44,F2,K2); + DO(45,F2,K2); + DO(46,F2,K2); + DO(47,F2,K2); + DO(48,F2,K2); + DO(49,F2,K2); + DO(50,F2,K2); + DO(51,F2,K2); + DO(52,F2,K2); + DO(53,F2,K2); + DO(54,F2,K2); + DO(55,F2,K2); + DO(56,F2,K2); + DO(57,F2,K2); + DO(58,F2,K2); + DO(59,F2,K2); + + /* t=[60,79] */ + + DO(60,F3,K3); + DO(61,F3,K3); + DO(62,F3,K3); + DO(63,F3,K3); + DO(64,F3,K3); + DO(65,F3,K3); + DO(66,F3,K3); + DO(67,F3,K3); + DO(68,F3,K3); + DO(69,F3,K3); + DO(70,F3,K3); + DO(71,F3,K3); + DO(72,F3,K3); + DO(73,F3,K3); + DO(74,F3,K3); + DO(75,F3,K3); + DO(76,F3,K3); + DO(77,F3,K3); + DO(78,F3,K3); + DO(79,F3,K3); + + A += AA; + B += BB; + C += CC; + D += DD; + E += EE; +} + +/* + * From `Performance analysis of MD5' by Joseph D. Touch + */ + +#if !defined(WORDS_BIGENDIAN) || defined(_CRAY) +static inline uint32_t +swap_uint32_t (uint32_t t) +{ +#define ROL(x,n) ((x)<<(n))|((x)>>(32-(n))) + uint32_t temp1, temp2; + + temp1 = cshift(t, 16); + temp2 = temp1 >> 8; + temp1 &= 0x00ff00ff; + temp2 &= 0x00ff00ff; + temp1 <<= 8; + return temp1 | temp2; +} +#endif + +struct x32{ + unsigned int a:32; + unsigned int b:32; +}; + +void +SHA1_Update (struct sha *m, const void *v, size_t len) +{ + const unsigned char *p = v; + size_t old_sz = m->sz[0]; + size_t offset; + + m->sz[0] += len * 8; + if (m->sz[0] < old_sz) + ++m->sz[1]; + offset = (old_sz / 8) % 64; + while(len > 0){ + size_t l = min(len, 64 - offset); + memcpy(m->save + offset, p, l); + offset += l; + p += l; + len -= l; + if(offset == 64){ +#if !defined(WORDS_BIGENDIAN) || defined(_CRAY) + int i; + uint32_t SHA1current[16]; + struct x32 *us = (struct x32*)m->save; + for(i = 0; i < 8; i++){ + SHA1current[2*i+0] = swap_uint32_t(us[i].a); + SHA1current[2*i+1] = swap_uint32_t(us[i].b); + } + calc(m, SHA1current); +#else + calc(m, (uint32_t*)m->save); +#endif + offset = 0; + } + } +} + +void +SHA1_Final (void *res, struct sha *m) +{ + unsigned char zeros[72]; + unsigned offset = (m->sz[0] / 8) % 64; + unsigned int dstart = (120 - offset - 1) % 64 + 1; + + *zeros = 0x80; + memset (zeros + 1, 0, sizeof(zeros) - 1); + zeros[dstart+7] = (m->sz[0] >> 0) & 0xff; + zeros[dstart+6] = (m->sz[0] >> 8) & 0xff; + zeros[dstart+5] = (m->sz[0] >> 16) & 0xff; + zeros[dstart+4] = (m->sz[0] >> 24) & 0xff; + zeros[dstart+3] = (m->sz[1] >> 0) & 0xff; + zeros[dstart+2] = (m->sz[1] >> 8) & 0xff; + zeros[dstart+1] = (m->sz[1] >> 16) & 0xff; + zeros[dstart+0] = (m->sz[1] >> 24) & 0xff; + SHA1_Update (m, zeros, dstart + 8); + { + int i; + unsigned char *r = (unsigned char*)res; + + for (i = 0; i < 5; ++i) { + r[4*i+3] = m->counter[i] & 0xFF; + r[4*i+2] = (m->counter[i] >> 8) & 0xFF; + r[4*i+1] = (m->counter[i] >> 16) & 0xFF; + r[4*i] = (m->counter[i] >> 24) & 0xFF; + } + } +#if 0 + { + int i; + uint32_t *r = (uint32_t *)res; + + for (i = 0; i < 5; ++i) + r[i] = swap_uint32_t (m->counter[i]); + } +#endif +} diff --git a/lib/hcrypto/sha.h b/lib/hcrypto/sha.h new file mode 100644 index 000000000000..fbc1810b4aee --- /dev/null +++ b/lib/hcrypto/sha.h @@ -0,0 +1,115 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIM_SHA_H +#define HEIM_SHA_H 1 + +/* symbol renaming */ +#define SHA1_Init hc_SHA1_Init +#define SHA1_Update hc_SHA1_Update +#define SHA1_Final hc_SHA1_Final +#define SHA256_Init hc_SHA256_Init +#define SHA256_Update hc_SHA256_Update +#define SHA256_Final hc_SHA256_Final +#define SHA384_Init hc_SHA384_Init +#define SHA384_Update hc_SHA384_Update +#define SHA384_Final hc_SHA384_Final +#define SHA512_Init hc_SHA512_Init +#define SHA512_Update hc_SHA512_Update +#define SHA512_Final hc_SHA512_Final + +/* + * SHA-1 + */ + +#define SHA_DIGEST_LENGTH 20 + +struct sha { + unsigned int sz[2]; + uint32_t counter[5]; + unsigned char save[64]; +}; + +typedef struct sha SHA_CTX; + +void SHA1_Init (struct sha *m); +void SHA1_Update (struct sha *m, const void *v, size_t len); +void SHA1_Final (void *res, struct sha *m); + +/* + * SHA-2 256 + */ + +#define SHA256_DIGEST_LENGTH 32 + +struct hc_sha256state { + unsigned int sz[2]; + uint32_t counter[8]; + unsigned char save[64]; +}; + +typedef struct hc_sha256state SHA256_CTX; + +void SHA256_Init (SHA256_CTX *); +void SHA256_Update (SHA256_CTX *, const void *, size_t); +void SHA256_Final (void *, SHA256_CTX *); + +/* + * SHA-2 512 + */ + +#define SHA512_DIGEST_LENGTH 64 + +struct hc_sha512state { + uint64_t sz[2]; + uint64_t counter[8]; + unsigned char save[128]; +}; + +typedef struct hc_sha512state SHA512_CTX; + +void SHA512_Init (SHA512_CTX *); +void SHA512_Update (SHA512_CTX *, const void *, size_t); +void SHA512_Final (void *, SHA512_CTX *); + +#define SHA384_DIGEST_LENGTH 48 + +typedef struct hc_sha512state SHA384_CTX; + +void SHA384_Init (SHA384_CTX *); +void SHA384_Update (SHA384_CTX *, const void *, size_t); +void SHA384_Final (void *, SHA384_CTX *); + +#endif /* HEIM_SHA_H */ diff --git a/lib/hcrypto/sha256.c b/lib/hcrypto/sha256.c new file mode 100644 index 000000000000..108afdccc800 --- /dev/null +++ b/lib/hcrypto/sha256.c @@ -0,0 +1,229 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + +#include "hash.h" +#include "sha.h" + +#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) +#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) + +#define ROTR(x,n) (((x)>>(n)) | ((x) << (32 - (n)))) + +#define Sigma0(x) (ROTR(x,2) ^ ROTR(x,13) ^ ROTR(x,22)) +#define Sigma1(x) (ROTR(x,6) ^ ROTR(x,11) ^ ROTR(x,25)) +#define sigma0(x) (ROTR(x,7) ^ ROTR(x,18) ^ ((x)>>3)) +#define sigma1(x) (ROTR(x,17) ^ ROTR(x,19) ^ ((x)>>10)) + +#define A m->counter[0] +#define B m->counter[1] +#define C m->counter[2] +#define D m->counter[3] +#define E m->counter[4] +#define F m->counter[5] +#define G m->counter[6] +#define H m->counter[7] + +static const uint32_t constant_256[64] = { + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, + 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, + 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, + 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, + 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, + 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, + 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, + 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, + 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +}; + +void +SHA256_Init (SHA256_CTX *m) +{ + m->sz[0] = 0; + m->sz[1] = 0; + A = 0x6a09e667; + B = 0xbb67ae85; + C = 0x3c6ef372; + D = 0xa54ff53a; + E = 0x510e527f; + F = 0x9b05688c; + G = 0x1f83d9ab; + H = 0x5be0cd19; +} + +static void +calc (SHA256_CTX *m, uint32_t *in) +{ + uint32_t AA, BB, CC, DD, EE, FF, GG, HH; + uint32_t data[64]; + int i; + + AA = A; + BB = B; + CC = C; + DD = D; + EE = E; + FF = F; + GG = G; + HH = H; + + for (i = 0; i < 16; ++i) + data[i] = in[i]; + for (i = 16; i < 64; ++i) + data[i] = sigma1(data[i-2]) + data[i-7] + + sigma0(data[i-15]) + data[i - 16]; + + for (i = 0; i < 64; i++) { + uint32_t T1, T2; + + T1 = HH + Sigma1(EE) + Ch(EE, FF, GG) + constant_256[i] + data[i]; + T2 = Sigma0(AA) + Maj(AA,BB,CC); + + HH = GG; + GG = FF; + FF = EE; + EE = DD + T1; + DD = CC; + CC = BB; + BB = AA; + AA = T1 + T2; + } + + A += AA; + B += BB; + C += CC; + D += DD; + E += EE; + F += FF; + G += GG; + H += HH; +} + +/* + * From `Performance analysis of MD5' by Joseph D. Touch + */ + +#if !defined(WORDS_BIGENDIAN) || defined(_CRAY) +static inline uint32_t +swap_uint32_t (uint32_t t) +{ +#define ROL(x,n) ((x)<<(n))|((x)>>(32-(n))) + uint32_t temp1, temp2; + + temp1 = cshift(t, 16); + temp2 = temp1 >> 8; + temp1 &= 0x00ff00ff; + temp2 &= 0x00ff00ff; + temp1 <<= 8; + return temp1 | temp2; +} +#endif + +struct x32{ + unsigned int a:32; + unsigned int b:32; +}; + +void +SHA256_Update (SHA256_CTX *m, const void *v, size_t len) +{ + const unsigned char *p = v; + size_t old_sz = m->sz[0]; + size_t offset; + + m->sz[0] += len * 8; + if (m->sz[0] < old_sz) + ++m->sz[1]; + offset = (old_sz / 8) % 64; + while(len > 0){ + size_t l = min(len, 64 - offset); + memcpy(m->save + offset, p, l); + offset += l; + p += l; + len -= l; + if(offset == 64){ +#if !defined(WORDS_BIGENDIAN) || defined(_CRAY) + int i; + uint32_t current[16]; + struct x32 *us = (struct x32*)m->save; + for(i = 0; i < 8; i++){ + current[2*i+0] = swap_uint32_t(us[i].a); + current[2*i+1] = swap_uint32_t(us[i].b); + } + calc(m, current); +#else + calc(m, (uint32_t*)m->save); +#endif + offset = 0; + } + } +} + +void +SHA256_Final (void *res, SHA256_CTX *m) +{ + unsigned char zeros[72]; + unsigned offset = (m->sz[0] / 8) % 64; + unsigned int dstart = (120 - offset - 1) % 64 + 1; + + *zeros = 0x80; + memset (zeros + 1, 0, sizeof(zeros) - 1); + zeros[dstart+7] = (m->sz[0] >> 0) & 0xff; + zeros[dstart+6] = (m->sz[0] >> 8) & 0xff; + zeros[dstart+5] = (m->sz[0] >> 16) & 0xff; + zeros[dstart+4] = (m->sz[0] >> 24) & 0xff; + zeros[dstart+3] = (m->sz[1] >> 0) & 0xff; + zeros[dstart+2] = (m->sz[1] >> 8) & 0xff; + zeros[dstart+1] = (m->sz[1] >> 16) & 0xff; + zeros[dstart+0] = (m->sz[1] >> 24) & 0xff; + SHA256_Update (m, zeros, dstart + 8); + { + int i; + unsigned char *r = (unsigned char*)res; + + for (i = 0; i < 8; ++i) { + r[4*i+3] = m->counter[i] & 0xFF; + r[4*i+2] = (m->counter[i] >> 8) & 0xFF; + r[4*i+1] = (m->counter[i] >> 16) & 0xFF; + r[4*i] = (m->counter[i] >> 24) & 0xFF; + } + } +} diff --git a/lib/hcrypto/sha512.c b/lib/hcrypto/sha512.c new file mode 100644 index 000000000000..4bea21666852 --- /dev/null +++ b/lib/hcrypto/sha512.c @@ -0,0 +1,294 @@ +/* + * Copyright (c) 2006, 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + +#include "hash.h" +#include "sha.h" + +#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) +#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) + +#define ROTR(x,n) (((x)>>(n)) | ((x) << (64 - (n)))) + +#define Sigma0(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39)) +#define Sigma1(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41)) +#define sigma0(x) (ROTR(x,1) ^ ROTR(x,8) ^ ((x)>>7)) +#define sigma1(x) (ROTR(x,19) ^ ROTR(x,61) ^ ((x)>>6)) + +#define A m->counter[0] +#define B m->counter[1] +#define C m->counter[2] +#define D m->counter[3] +#define E m->counter[4] +#define F m->counter[5] +#define G m->counter[6] +#define H m->counter[7] + +static const uint64_t constant_512[80] = { + 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, + 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, + 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, + 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, + 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL, + 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, + 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, + 0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL, + 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, + 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, + 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, + 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, + 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, + 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL, + 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, + 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, + 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, + 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, + 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, + 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL, + 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, + 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, + 0xd192e819d6ef5218ULL, 0xd69906245565a910ULL, + 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, + 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, + 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, + 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, + 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, + 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, + 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, + 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, + 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL, + 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, + 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, + 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL, + 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, + 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, + 0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL, + 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, + 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL +}; + +void +SHA512_Init (SHA512_CTX *m) +{ + m->sz[0] = 0; + m->sz[1] = 0; + A = 0x6a09e667f3bcc908ULL; + B = 0xbb67ae8584caa73bULL; + C = 0x3c6ef372fe94f82bULL; + D = 0xa54ff53a5f1d36f1ULL; + E = 0x510e527fade682d1ULL; + F = 0x9b05688c2b3e6c1fULL; + G = 0x1f83d9abfb41bd6bULL; + H = 0x5be0cd19137e2179ULL; +} + +static void +calc (SHA512_CTX *m, uint64_t *in) +{ + uint64_t AA, BB, CC, DD, EE, FF, GG, HH; + uint64_t data[80]; + int i; + + AA = A; + BB = B; + CC = C; + DD = D; + EE = E; + FF = F; + GG = G; + HH = H; + + for (i = 0; i < 16; ++i) + data[i] = in[i]; + for (i = 16; i < 80; ++i) + data[i] = sigma1(data[i-2]) + data[i-7] + + sigma0(data[i-15]) + data[i - 16]; + + for (i = 0; i < 80; i++) { + uint64_t T1, T2; + + T1 = HH + Sigma1(EE) + Ch(EE, FF, GG) + constant_512[i] + data[i]; + T2 = Sigma0(AA) + Maj(AA,BB,CC); + + HH = GG; + GG = FF; + FF = EE; + EE = DD + T1; + DD = CC; + CC = BB; + BB = AA; + AA = T1 + T2; + } + + A += AA; + B += BB; + C += CC; + D += DD; + E += EE; + F += FF; + G += GG; + H += HH; +} + +/* + * From `Performance analysis of MD5' by Joseph D. Touch + */ + +#if !defined(WORDS_BIGENDIAN) || defined(_CRAY) +static inline uint64_t +swap_uint64_t (uint64_t t) +{ + uint64_t temp; + + temp = cshift64(t, 32); + temp = ((temp & 0xff00ff00ff00ff00ULL) >> 8) | + ((temp & 0x00ff00ff00ff00ffULL) << 8); + return ((temp & 0xffff0000ffff0000ULL) >> 16) | + ((temp & 0x0000ffff0000ffffULL) << 16); +} + +struct x64{ + uint64_t a; + uint64_t b; +}; +#endif + +void +SHA512_Update (SHA512_CTX *m, const void *v, size_t len) +{ + const unsigned char *p = v; + size_t old_sz = m->sz[0]; + size_t offset; + + m->sz[0] += len * 8; + if (m->sz[0] < old_sz) + ++m->sz[1]; + offset = (old_sz / 8) % 128; + while(len > 0){ + size_t l = min(len, 128 - offset); + memcpy(m->save + offset, p, l); + offset += l; + p += l; + len -= l; + if(offset == 128){ +#if !defined(WORDS_BIGENDIAN) || defined(_CRAY) + int i; + uint64_t current[16]; + struct x64 *us = (struct x64*)m->save; + for(i = 0; i < 8; i++){ + current[2*i+0] = swap_uint64_t(us[i].a); + current[2*i+1] = swap_uint64_t(us[i].b); + } + calc(m, current); +#else + calc(m, (uint64_t*)m->save); +#endif + offset = 0; + } + } +} + +void +SHA512_Final (void *res, SHA512_CTX *m) +{ + unsigned char zeros[128 + 16]; + unsigned offset = (m->sz[0] / 8) % 128; + unsigned int dstart = (240 - offset - 1) % 128 + 1; + + *zeros = 0x80; + memset (zeros + 1, 0, sizeof(zeros) - 1); + zeros[dstart+15] = (m->sz[0] >> 0) & 0xff; + zeros[dstart+14] = (m->sz[0] >> 8) & 0xff; + zeros[dstart+13] = (m->sz[0] >> 16) & 0xff; + zeros[dstart+12] = (m->sz[0] >> 24) & 0xff; + zeros[dstart+11] = (m->sz[0] >> 32) & 0xff; + zeros[dstart+10] = (m->sz[0] >> 40) & 0xff; + zeros[dstart+9] = (m->sz[0] >> 48) & 0xff; + zeros[dstart+8] = (m->sz[0] >> 56) & 0xff; + + zeros[dstart+7] = (m->sz[1] >> 0) & 0xff; + zeros[dstart+6] = (m->sz[1] >> 8) & 0xff; + zeros[dstart+5] = (m->sz[1] >> 16) & 0xff; + zeros[dstart+4] = (m->sz[1] >> 24) & 0xff; + zeros[dstart+3] = (m->sz[1] >> 32) & 0xff; + zeros[dstart+2] = (m->sz[1] >> 40) & 0xff; + zeros[dstart+1] = (m->sz[1] >> 48) & 0xff; + zeros[dstart+0] = (m->sz[1] >> 56) & 0xff; + SHA512_Update (m, zeros, dstart + 16); + { + int i; + unsigned char *r = (unsigned char*)res; + + for (i = 0; i < 8; ++i) { + r[8*i+7] = m->counter[i] & 0xFF; + r[8*i+6] = (m->counter[i] >> 8) & 0xFF; + r[8*i+5] = (m->counter[i] >> 16) & 0xFF; + r[8*i+4] = (m->counter[i] >> 24) & 0xFF; + r[8*i+3] = (m->counter[i] >> 32) & 0XFF; + r[8*i+2] = (m->counter[i] >> 40) & 0xFF; + r[8*i+1] = (m->counter[i] >> 48) & 0xFF; + r[8*i] = (m->counter[i] >> 56) & 0xFF; + } + } +} + +void +SHA384_Init(SHA384_CTX *m) +{ + m->sz[0] = 0; + m->sz[1] = 0; + A = 0xcbbb9d5dc1059ed8ULL; + B = 0x629a292a367cd507ULL; + C = 0x9159015a3070dd17ULL; + D = 0x152fecd8f70e5939ULL; + E = 0x67332667ffc00b31ULL; + F = 0x8eb44a8768581511ULL; + G = 0xdb0c2e0d64f98fa7ULL; + H = 0x47b5481dbefa4fa4ULL; +} + +void +SHA384_Update (SHA384_CTX *m, const void *v, size_t len) +{ + SHA512_Update(m, v, len); +} + +void +SHA384_Final (void *res, SHA384_CTX *m) +{ + unsigned char data[SHA512_DIGEST_LENGTH]; + SHA512_Final(data, m); + memcpy(res, data, SHA384_DIGEST_LENGTH); +} + diff --git a/lib/hcrypto/test_bn.c b/lib/hcrypto/test_bn.c new file mode 100644 index 000000000000..03db8912843a --- /dev/null +++ b/lib/hcrypto/test_bn.c @@ -0,0 +1,397 @@ +/* + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include +#include + +#include +#include + +static int +set_get(unsigned long num) +{ + BIGNUM *bn; + + bn = BN_new(); + if (!BN_set_word(bn, num)) + return 1; + + if (BN_get_word(bn) != num) + return 1; + + BN_free(bn); + return 0; +} + +#define CHECK(x) do { ret += x; } while(0) + +static int +test_BN_set_get(void) +{ + int ret = 0; + CHECK(set_get(0)); + CHECK(set_get(1)); + CHECK(set_get(0xff)); + CHECK(set_get(0x1ff)); + CHECK(set_get(0xffff)); + CHECK(set_get(0xf000)); + CHECK(set_get(ULONG_MAX / 2)); + CHECK(set_get(ULONG_MAX - 1)); + + return ret; +} + +static int +test_BN_bit(void) +{ + BIGNUM *bn; + int ret = 0; + + bn = BN_new(); + + /* test setting and getting of "word" */ + if (!BN_set_word(bn, 1)) + return 1; + if (!BN_is_bit_set(bn, 0)) + ret += 1; + if (!BN_is_bit_set(bn, 0)) + ret += 1; + + if (!BN_set_word(bn, 2)) + return 1; + if (!BN_is_bit_set(bn, 1)) + ret += 1; + + if (!BN_set_word(bn, 3)) + return 1; + if (!BN_is_bit_set(bn, 0)) + ret += 1; + if (!BN_is_bit_set(bn, 1)) + ret += 1; + + if (!BN_set_word(bn, 0x100)) + return 1; + if (!BN_is_bit_set(bn, 8)) + ret += 1; + + if (!BN_set_word(bn, 0x1000)) + return 1; + if (!BN_is_bit_set(bn, 12)) + ret += 1; + + /* test bitsetting */ + if (!BN_set_word(bn, 1)) + return 1; + if (!BN_set_bit(bn, 1)) + return 1; + if (BN_get_word(bn) != 3) + return 1; + if (!BN_clear_bit(bn, 0)) + return 1; + if (BN_get_word(bn) != 2) + return 1; + + /* test bitsetting past end of current end */ + BN_clear(bn); + if (!BN_set_bit(bn, 12)) + return 1; + if (BN_get_word(bn) != 0x1000) + return 1; + + /* test bit and byte counting functions */ + if (BN_num_bits(bn) != 13) + return 1; + if (BN_num_bytes(bn) != 2) + return 1; + + BN_free(bn); + return ret; +} + +struct ietest { + char *data; + size_t len; + unsigned long num; +} ietests[] = { + { "", 0, 0 }, + { "\x01", 1, 1 }, + { "\x02", 1, 2 }, + { "\xf2", 1, 0xf2 }, + { "\x01\x00", 2, 256 } +}; + +static int +test_BN_import_export(void) +{ + BIGNUM *bn; + int ret = 0; + int i; + + bn = BN_new(); + + for (i = 0; i < sizeof(ietests)/sizeof(ietests[0]); i++) { + size_t len; + unsigned char *p; + if (!BN_bin2bn((unsigned char*)ietests[i].data, ietests[i].len, bn)) + return 1; + if (BN_get_word(bn) != ietests[i].num) + return 1; + len = BN_num_bytes(bn); + if (len != ietests[i].len) + return 1; + p = malloc(len + 1); + p[len] = 0xf4; + BN_bn2bin(bn, p); + if (p[len] != 0xf4) + return 1; + if (memcmp(p, ietests[i].data, ietests[i].len) != 0) + return 1; + free(p); + } + + BN_free(bn); + return ret; +} + +static int +test_BN_uadd(void) +{ + BIGNUM *a, *b, *c; + char *p; + + a = BN_new(); + b = BN_new(); + c = BN_new(); + + BN_set_word(a, 1); + BN_set_word(b, 2); + + BN_uadd(c, a, b); + + if (BN_get_word(c) != 3) + return 1; + + BN_uadd(c, b, a); + + if (BN_get_word(c) != 3) + return 1; + + BN_set_word(b, 0xff); + + BN_uadd(c, a, b); + if (BN_get_word(c) != 0x100) + return 1; + + BN_uadd(c, b, a); + if (BN_get_word(c) != 0x100) + return 1; + + BN_set_word(a, 0xff); + + BN_uadd(c, a, b); + if (BN_get_word(c) != 0x1fe) + return 1; + + BN_uadd(c, b, a); + if (BN_get_word(c) != 0x1fe) + return 1; + + + BN_free(a); + BN_free(b); + + BN_hex2bn(&a, "50212A3B611D46642C825A16A354CE0FD4D85DD2"); + BN_hex2bn(&b, "84B6C7E8D28ACA1614954DA"); + + BN_uadd(c, b, a); + p = BN_bn2hex(c); + if (strcmp(p, "50212A3B611D466434CDC695307D7AB13621B2AC") != 0) { + free(p); + return 1; + } + free(p); + + BN_uadd(c, a, b); + p = BN_bn2hex(c); + if (strcmp(p, "50212A3B611D466434CDC695307D7AB13621B2AC") != 0) { + free(p); + return 1; + } + free(p); + + BN_free(a); + BN_free(b); + BN_free(c); + + return 0; +} + +static int +test_BN_cmp(void) +{ + BIGNUM *a, *b; + + a = BN_new(); + b = BN_new(); + + if (!BN_set_word(a, 1)) + return 1; + if (!BN_set_word(b, 1)) + return 1; + + if (BN_cmp(a, b) != 0) + return 1; + if (BN_cmp(b, a) != 0) + return 1; + + if (!BN_set_word(b, 2)) + return 1; + + if (BN_cmp(a, b) >= 0) + return 1; + if (BN_cmp(b, a) <= 0) + return 1; + + BN_set_negative(b, 1); + + if (BN_cmp(a, b) <= 0) + return 1; + if (BN_cmp(b, a) >= 0) + return 1; + + BN_free(a); + BN_free(b); + + BN_hex2bn(&a, "50212A3B611D46642C825A16A354CE0FD4D85DD1"); + BN_hex2bn(&b, "50212A3B611D46642C825A16A354CE0FD4D85DD2"); + + if (BN_cmp(a, b) >= 0) + return 1; + if (BN_cmp(b, a) <= 0) + return 1; + + BN_set_negative(b, 1); + + if (BN_cmp(a, b) <= 0) + return 1; + if (BN_cmp(b, a) >= 0) + return 1; + + BN_free(a); + BN_free(b); + return 0; +} + +static int +test_BN_rand(void) +{ + BIGNUM *bn; + + if (RAND_status() != 1) + return 0; + + bn = BN_new(); + if (bn == NULL) + return 1; + + if (!BN_rand(bn, 1024, 0, 0)) + return 1; + + BN_free(bn); + return 0; +} + +#define testnum 100 +#define testnum2 10 + +static int +test_BN_CTX(void) +{ + unsigned int i, j; + BIGNUM *bn; + BN_CTX *c; + + if ((c = BN_CTX_new()) == NULL) + return 1; + + for (i = 0; i < testnum; i++) { + BN_CTX_start(c); + BN_CTX_end(c); + } + + for (i = 0; i < testnum; i++) + BN_CTX_start(c); + for (i = 0; i < testnum; i++) + BN_CTX_end(c); + + for (i = 0; i < testnum; i++) { + BN_CTX_start(c); + if ((bn = BN_CTX_get(c)) == NULL) + return 1; + BN_CTX_end(c); + } + + for (i = 0; i < testnum; i++) { + BN_CTX_start(c); + for (j = 0; j < testnum2; j++) + if ((bn = BN_CTX_get(c)) == NULL) + return 1; + } + for (i = 0; i < testnum; i++) + BN_CTX_end(c); + + BN_CTX_free(c); + return 0; +} + + +int +main(int argc, char **argv) +{ + int ret = 0; + + ret += test_BN_set_get(); + ret += test_BN_bit(); + ret += test_BN_import_export(); + ret += test_BN_uadd(); + ret += test_BN_cmp(); + ret += test_BN_rand(); + ret += test_BN_CTX(); + + return ret; +} diff --git a/lib/hcrypto/test_cipher.c b/lib/hcrypto/test_cipher.c new file mode 100644 index 000000000000..8e54435a093b --- /dev/null +++ b/lib/hcrypto/test_cipher.c @@ -0,0 +1,367 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#define HC_DEPRECATED_CRYPTO + +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +struct tests { + const char *name; + void *key; + size_t keysize; + void *iv; + size_t datasize; + void *indata; + void *outdata; + void *outiv; +}; + +struct tests aes_tests[] = { + { "aes-256", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 32, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\xdc\x95\xc0\x78\xa2\x40\x89\x89\xad\x48\xa2\x14\x92\x84\x20\x87" + } +}; + +struct tests aes_cfb_tests[] = { + { "aes-cfb8-128", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x66\xe9\x4b\xd4\xef\x8a\x2c\x3b\x88\x4c\xfa\x59\xca\x34\x2b\x2e" + } +}; + +struct tests rc2_40_tests[] = { + { "rc2-40", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\xc0\xb8\xff\xa5\xd6\xeb\xc9\x62\xcc\x52\x5f\xfe\x9a\x3c\x97\xe6" + } +}; + +struct tests des_ede3_tests[] = { + { "des-ede3", + "\x19\x17\xff\xe6\xbb\x77\x2e\xfc" + "\x29\x76\x43\xbc\x63\x56\x7e\x9a" + "\x00\x2e\x4d\x43\x1d\x5f\xfd\x58", + 24, + "\xbf\x9a\x12\xb7\x26\x69\xfd\x05", + 16, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x55\x95\x97\x76\xa9\x6c\x66\x40\x64\xc7\xf4\x1c\x21\xb7\x14\x1b" + } +}; + +struct tests camellia128_tests[] = { + { "camellia128", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x07\x92\x3A\x39\xEB\x0A\x81\x7D\x1C\x4D\x87\xBD\xB8\x2D\x1F\x1C", + NULL + } +}; + +struct tests rc4_tests[] = { + { + "rc4 8", + "\x01\x23\x45\x67\x89\xAB\xCD\xEF", + 8, + NULL, + 8, + "\x00\x00\x00\x00\x00\x00\x00\x00", + "\x74\x94\xC2\xE7\x10\x4B\x08\x79", + NULL + }, + { + "rc4 5", + "\x61\x8a\x63\xd2\xfb", + 5, + NULL, + 5, + "\xdc\xee\x4c\xf9\x2c", + "\xf1\x38\x29\xc9\xde", + NULL + }, + { + "rc4 309", + "\x29\x04\x19\x72\xfb\x42\xba\x5f\xc7\x12\x77\x12\xf1\x38\x29\xc9", + 16, + NULL, + 309, + "\x52\x75\x69\x73\x6c\x69\x6e\x6e" + "\x75\x6e\x20\x6c\x61\x75\x6c\x75" + "\x20\x6b\x6f\x72\x76\x69\x73\x73" + "\x73\x61\x6e\x69\x2c\x20\x74\xe4" + "\x68\x6b\xe4\x70\xe4\x69\x64\x65" + "\x6e\x20\x70\xe4\xe4\x6c\x6c\xe4" + "\x20\x74\xe4\x79\x73\x69\x6b\x75" + "\x75\x2e\x20\x4b\x65\x73\xe4\x79" + "\xf6\x6e\x20\x6f\x6e\x20\x6f\x6e" + "\x6e\x69\x20\x6f\x6d\x61\x6e\x61" + "\x6e\x69\x2c\x20\x6b\x61\x73\x6b" + "\x69\x73\x61\x76\x75\x75\x6e\x20" + "\x6c\x61\x61\x6b\x73\x6f\x74\x20" + "\x76\x65\x72\x68\x6f\x75\x75\x2e" + "\x20\x45\x6e\x20\x6d\x61\x20\x69" + "\x6c\x6f\x69\x74\x73\x65\x2c\x20" + "\x73\x75\x72\x65\x20\x68\x75\x6f" + "\x6b\x61\x61\x2c\x20\x6d\x75\x74" + "\x74\x61\x20\x6d\x65\x74\x73\xe4" + "\x6e\x20\x74\x75\x6d\x6d\x75\x75" + "\x73\x20\x6d\x75\x6c\x6c\x65\x20" + "\x74\x75\x6f\x6b\x61\x61\x2e\x20" + "\x50\x75\x75\x6e\x74\x6f\x20\x70" + "\x69\x6c\x76\x65\x6e\x2c\x20\x6d" + "\x69\x20\x68\x75\x6b\x6b\x75\x75" + "\x2c\x20\x73\x69\x69\x6e\x74\x6f" + "\x20\x76\x61\x72\x61\x6e\x20\x74" + "\x75\x75\x6c\x69\x73\x65\x6e\x2c" + "\x20\x6d\x69\x20\x6e\x75\x6b\x6b" + "\x75\x75\x2e\x20\x54\x75\x6f\x6b" + "\x73\x75\x74\x20\x76\x61\x6e\x61" + "\x6d\x6f\x6e\x20\x6a\x61\x20\x76" + "\x61\x72\x6a\x6f\x74\x20\x76\x65" + "\x65\x6e\x2c\x20\x6e\x69\x69\x73" + "\x74\xe4\x20\x73\x79\x64\xe4\x6d" + "\x65\x6e\x69\x20\x6c\x61\x75\x6c" + "\x75\x6e\x20\x74\x65\x65\x6e\x2e" + "\x20\x2d\x20\x45\x69\x6e\x6f\x20" + "\x4c\x65\x69\x6e\x6f", + "\x35\x81\x86\x99\x90\x01\xe6\xb5" + "\xda\xf0\x5e\xce\xeb\x7e\xee\x21" + "\xe0\x68\x9c\x1f\x00\xee\xa8\x1f" + "\x7d\xd2\xca\xae\xe1\xd2\x76\x3e" + "\x68\xaf\x0e\xad\x33\xd6\x6c\x26" + "\x8b\xc9\x46\xc4\x84\xfb\xe9\x4c" + "\x5f\x5e\x0b\x86\xa5\x92\x79\xe4" + "\xf8\x24\xe7\xa6\x40\xbd\x22\x32" + "\x10\xb0\xa6\x11\x60\xb7\xbc\xe9" + "\x86\xea\x65\x68\x80\x03\x59\x6b" + "\x63\x0a\x6b\x90\xf8\xe0\xca\xf6" + "\x91\x2a\x98\xeb\x87\x21\x76\xe8" + "\x3c\x20\x2c\xaa\x64\x16\x6d\x2c" + "\xce\x57\xff\x1b\xca\x57\xb2\x13" + "\xf0\xed\x1a\xa7\x2f\xb8\xea\x52" + "\xb0\xbe\x01\xcd\x1e\x41\x28\x67" + "\x72\x0b\x32\x6e\xb3\x89\xd0\x11" + "\xbd\x70\xd8\xaf\x03\x5f\xb0\xd8" + "\x58\x9d\xbc\xe3\xc6\x66\xf5\xea" + "\x8d\x4c\x79\x54\xc5\x0c\x3f\x34" + "\x0b\x04\x67\xf8\x1b\x42\x59\x61" + "\xc1\x18\x43\x07\x4d\xf6\x20\xf2" + "\x08\x40\x4b\x39\x4c\xf9\xd3\x7f" + "\xf5\x4b\x5f\x1a\xd8\xf6\xea\x7d" + "\xa3\xc5\x61\xdf\xa7\x28\x1f\x96" + "\x44\x63\xd2\xcc\x35\xa4\xd1\xb0" + "\x34\x90\xde\xc5\x1b\x07\x11\xfb" + "\xd6\xf5\x5f\x79\x23\x4d\x5b\x7c" + "\x76\x66\x22\xa6\x6d\xe9\x2b\xe9" + "\x96\x46\x1d\x5e\x4d\xc8\x78\xef" + "\x9b\xca\x03\x05\x21\xe8\x35\x1e" + "\x4b\xae\xd2\xfd\x04\xf9\x46\x73" + "\x68\xc4\xad\x6a\xc1\x86\xd0\x82" + "\x45\xb2\x63\xa2\x66\x6d\x1f\x6c" + "\x54\x20\xf1\x59\x9d\xfd\x9f\x43" + "\x89\x21\xc2\xf5\xa4\x63\x93\x8c" + "\xe0\x98\x22\x65\xee\xf7\x01\x79" + "\xbc\x55\x3f\x33\x9e\xb1\xa4\xc1" + "\xaf\x5f\x6a\x54\x7f" + } +}; + + +static int +test_cipher(int i, const EVP_CIPHER *c, struct tests *t) +{ + EVP_CIPHER_CTX ectx; + EVP_CIPHER_CTX dctx; + void *d; + + if (c == NULL) { + printf("%s not supported\n", t->name); + return 0; + } + + EVP_CIPHER_CTX_init(&ectx); + EVP_CIPHER_CTX_init(&dctx); + + if (EVP_CipherInit_ex(&ectx, c, NULL, NULL, NULL, 1) != 1) + errx(1, "%s: %d EVP_CipherInit_ex einit", t->name, i); + if (EVP_CipherInit_ex(&dctx, c, NULL, NULL, NULL, 0) != 1) + errx(1, "%s: %d EVP_CipherInit_ex dinit", t->name, i); + + EVP_CIPHER_CTX_set_key_length(&ectx, t->keysize); + EVP_CIPHER_CTX_set_key_length(&dctx, t->keysize); + + if (EVP_CipherInit_ex(&ectx, NULL, NULL, t->key, t->iv, 1) != 1) + errx(1, "%s: %d EVP_CipherInit_ex encrypt", t->name, i); + if (EVP_CipherInit_ex(&dctx, NULL, NULL, t->key, t->iv, 0) != 1) + errx(1, "%s: %d EVP_CipherInit_ex decrypt", t->name, i); + + d = emalloc(t->datasize); + + if (!EVP_Cipher(&ectx, d, t->indata, t->datasize)) + return 1; + + if (memcmp(d, t->outdata, t->datasize) != 0) { + char *s, *s2; + hex_encode(d, t->datasize, &s); + hex_encode(t->outdata, t->datasize, &s2); + errx(1, "%s: %d encrypt not the same: %s != %s", t->name, i, s, s2); + } + + if (!EVP_Cipher(&dctx, d, d, t->datasize)) + return 1; + + if (memcmp(d, t->indata, t->datasize) != 0) { + char *s; + hex_encode(d, t->datasize, &s); + errx(1, "%s: %d decrypt not the same: %s", t->name, i, s); + } + if (t->outiv) + /* XXXX check */; + + EVP_CIPHER_CTX_cleanup(&ectx); + EVP_CIPHER_CTX_cleanup(&dctx); + free(d); + + return 0; +} + +static int version_flag; +static int help_flag; + +static struct getargs args[] = { + { "version", 0, arg_flag, &version_flag, + "print version", NULL }, + { "help", 0, arg_flag, &help_flag, + NULL, NULL } +}; + +static void +usage (int ret) +{ + arg_printusage (args, + sizeof(args)/sizeof(*args), + NULL, + ""); + exit (ret); +} + +int +main(int argc, char **argv) +{ + int ret = 0; + int i, idx = 0; + + setprogname(argv[0]); + + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx)) + usage(1); + + if (help_flag) + usage(0); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + argc -= idx; + argv += idx; + + /* hcrypto */ + for (i = 0; i < sizeof(aes_tests)/sizeof(aes_tests[0]); i++) + ret += test_cipher(i, EVP_hcrypto_aes_256_cbc(), &aes_tests[i]); + for (i = 0; i < sizeof(aes_cfb_tests)/sizeof(aes_cfb_tests[0]); i++) + ret += test_cipher(i, EVP_hcrypto_aes_128_cfb8(), &aes_cfb_tests[i]); + + for (i = 0; i < sizeof(rc2_40_tests)/sizeof(rc2_40_tests[0]); i++) + ret += test_cipher(i, EVP_hcrypto_rc2_40_cbc(), &rc2_40_tests[i]); + for (i = 0; i < sizeof(des_ede3_tests)/sizeof(des_ede3_tests[0]); i++) + ret += test_cipher(i, EVP_hcrypto_des_ede3_cbc(), &des_ede3_tests[i]); + for (i = 0; i < sizeof(camellia128_tests)/sizeof(camellia128_tests[0]); i++) + ret += test_cipher(i, EVP_hcrypto_camellia_128_cbc(), + &camellia128_tests[i]); + for (i = 0; i < sizeof(rc4_tests)/sizeof(rc4_tests[0]); i++) + ret += test_cipher(i, EVP_hcrypto_rc4(), &rc4_tests[i]); + + /* Common Crypto */ +#ifdef __APPLE__ + for (i = 0; i < sizeof(aes_tests)/sizeof(aes_tests[0]); i++) + ret += test_cipher(i, EVP_cc_aes_256_cbc(), &aes_tests[i]); +#if 0 + for (i = 0; i < sizeof(aes_cfb_tests)/sizeof(aes_cfb_tests[0]); i++) + ret += test_cipher(i, EVP_cc_aes_128_cfb8(), &aes_cfb_tests[i]); +#endif + for (i = 0; i < sizeof(rc2_40_tests)/sizeof(rc2_40_tests[0]); i++) + ret += test_cipher(i, EVP_cc_rc2_40_cbc(), &rc2_40_tests[i]); + for (i = 0; i < sizeof(des_ede3_tests)/sizeof(des_ede3_tests[0]); i++) + ret += test_cipher(i, EVP_cc_des_ede3_cbc(), &des_ede3_tests[i]); + for (i = 0; i < sizeof(camellia128_tests)/sizeof(camellia128_tests[0]); i++) + ret += test_cipher(i, EVP_cc_camellia_128_cbc(), + &camellia128_tests[i]); + for (i = 0; i < sizeof(rc4_tests)/sizeof(rc4_tests[0]); i++) + ret += test_cipher(i, EVP_cc_rc4(), &rc4_tests[i]); +#endif + + return ret; +} diff --git a/lib/hcrypto/test_crypto.in b/lib/hcrypto/test_crypto.in new file mode 100644 index 000000000000..06505bfe8e07 --- /dev/null +++ b/lib/hcrypto/test_crypto.in @@ -0,0 +1,119 @@ +#!/bin/sh +# +# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan +# (Royal Institute of Technology, Stockholm, Sweden). +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# 3. Neither the name of the Institute nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $Id$ +# + +srcdir="@srcdir@" + +rsa="${TESTS_ENVIRONMENT} ./test_rsa@exeext@" +engine="${TESTS_ENVIRONMENT} ./test_engine_dso@exeext@" +rand="${TESTS_ENVIRONMENT} ./test_rand@exeext@" + +${engine} --test-random > /dev/null || { echo "missing random"; exit 77; } + +${rsa} --key=${srcdir}/rsakey.der || \ + { echo "rsa test failed" ; exit 1; } + +${rsa} --time-key=${srcdir}/rsakey.der || \ + { echo "rsa test failed" ; exit 1; } + +${rsa} --time-key=${srcdir}/rsakey2048.der || \ + { echo "rsa test failed" ; exit 1; } + +${rsa} --time-key=generate || \ + { echo "rsa test failed" ; exit 1; } + +${engine} --rsa=${srcdir}/rsakey.der || \ + { echo "engine test failed" ; exit 1; } + +${rsa} --loops=4 || { echo "rsa test for 4 loops failed" ; exit 1; } + +for a in unix fortuna egd w32crypto ;do + ${rand} --method=${a} --file=crypto-test 2>error + res=$? + if test "X$res" != X0 ; then + grep "unknown method" error && \ + { echo "random $a is not available" ; continue; } + grep "random not ready yet" error || \ + { echo "random $a ready failing" ; cat error; exit 1; } + echo "random method $a out for lunch" + continue + fi + ${rand} --method=${a} --file=crypto-test2 2>error + res=$? + if test "X$res" != X0 ; then + grep "random not ready yet" error || \ + { echo "random $a ready failing" ; cat error; exit 1; } + echo "random metod $a out for dinner" + continue + fi + cmp crypto-test crypto-test2 && { echo "rand output same!" ; exit 1; } +done + +./example_evp_cipher 1 ${srcdir}/test_crypto.in test-out-1 || \ + { echo "1 failed" ; exit 1; } + +for a in 7 15 16 17 31 32 33 ; do + ./example_evp_cipher $a ${srcdir}/test_crypto.in test-out-$a + cmp test-out-1 test-out-$a || { echo "cmp $a failed" ; exit 1; } +done + +# +# Last time we run is w/o HOME and RANDFILE to make sure we can do +# RAND_file_name() when the enviroment is lacking those. +# + +if [ -e /dev/random -o -e /dev/urandom -o -e /dev/srandom -o -e /dev/arandom ] ; then + + # try hard to unset HOME and RANDFILE + HOME= + RANDFILE= + + unset HOME + unset RANDFILE + + ${rand} --method=unix --file=unix 2>error + res=$? + if test "X$res" != X0 ; then + grep "unknown method" error && \ + { echo "random unix is not available"; exit 0; } + grep "random not ready yet" error || \ + { echo "random unix ready failing" ; cat error; exit 1; } + echo "random method unix out for lunch" + continue + fi + +fi + +exit 0 diff --git a/lib/hcrypto/test_dh.c b/lib/hcrypto/test_dh.c new file mode 100644 index 000000000000..7a6c8c09a911 --- /dev/null +++ b/lib/hcrypto/test_dh.c @@ -0,0 +1,476 @@ +/* +* Copyright (c) 2007, Novell, Inc. +* Author: Matthias Koenig +* +* All rights reserved. +* +* Redistribution and use in source and binary forms, with or without +* modification, are permitted provided that the following conditions are met: +* +* * Redistributions of source code must retain the above copyright notice, this +* list of conditions and the following disclaimer. +* +* * Redistributions in binary form must reproduce the above copyright notice, +* this list of conditions and the following disclaimer in the documentation +* and/or other materials provided with the distribution. +* +* * Neither the name of the Novell nor the names of its contributors may be used +* to endorse or promote products derived from this software without specific +* prior written permission. +* +* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +* POSSIBILITY OF SUCH DAMAGE. +*/ + +/* openssl diffie-hellman test code + * works with openssl-0.9.8e + * primes with 3072 and 6144 bits as specified in RFC3526 + * fail since openssl-0.9.8f + */ + +#include + +#include +#include + +#include +#include + +#include +#include + +/* + * + */ + +static char *id_string; +static int verbose; +static int version_flag; +static int help_flag; + +static struct getargs args[] = { + { "id", 0, arg_string, &id_string, + "type of ENGINE", NULL }, + { "verbose", 0, arg_flag, &verbose, + "verbose output from tests", NULL }, + { "version", 0, arg_flag, &version_flag, + "print version", NULL }, + { "help", 0, arg_flag, &help_flag, + NULL, NULL } +}; + +/* + * + */ + +#define OAKLEY_PRIME_MODP768 \ + "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ + "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ + "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ + "E485B576 625E7EC6 F44C42E9 A63A3620 FFFFFFFF FFFFFFFF" + +#define OAKLEY_PRIME_MODP1024 \ + "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ + "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ + "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ + "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ + "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381" \ + "FFFFFFFF FFFFFFFF" + +#define OAKLEY_PRIME_MODP1536 \ + "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ + "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ + "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ + "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ + "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D" \ + "C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F" \ + "83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D" \ + "670C354E 4ABC9804 F1746C08 CA237327 FFFFFFFF FFFFFFFF" + +/* RFC 3526 */ +#define OAKLEY_PRIME_MODP2048 \ + "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ + "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ + "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ + "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ + "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D" \ + "C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F" \ + "83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D" \ + "670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B" \ + "E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9" \ + "DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510" \ + "15728E5A 8AACAA68 FFFFFFFF FFFFFFFF" + +#define OAKLEY_PRIME_MODP3072 \ + "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ + "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ + "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ + "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ + "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D" \ + "C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F" \ + "83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D" \ + "670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B" \ + "E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9" \ + "DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510" \ + "15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64" \ + "ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7" \ + "ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B" \ + "F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C" \ + "BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31" \ + "43DB5BFC E0FD108E 4B82D120 A93AD2CA FFFFFFFF FFFFFFFF" + +#define OAKLEY_PRIME_MODP4096 \ + "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ + "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ + "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ + "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ + "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D" \ + "C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F" \ + "83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D" \ + "670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B" \ + "E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9" \ + "DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510" \ + "15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64" \ + "ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7" \ + "ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B" \ + "F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C" \ + "BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31" \ + "43DB5BFC E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7" \ + "88719A10 BDBA5B26 99C32718 6AF4E23C 1A946834 B6150BDA" \ + "2583E9CA 2AD44CE8 DBBBC2DB 04DE8EF9 2E8EFC14 1FBECAA6" \ + "287C5947 4E6BC05D 99B2964F A090C3A2 233BA186 515BE7ED" \ + "1F612970 CEE2D7AF B81BDD76 2170481C D0069127 D5B05AA9" \ + "93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34063199" \ + "FFFFFFFF FFFFFFFF" + +#define OAKLEY_PRIME_MODP6144 \ + "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ + "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ + "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ + "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ + "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D" \ + "C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F" \ + "83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D" \ + "670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B" \ + "E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9" \ + "DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510" \ + "15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64" \ + "ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7" \ + "ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B" \ + "F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C" \ + "BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31" \ + "43DB5BFC E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7" \ + "88719A10 BDBA5B26 99C32718 6AF4E23C 1A946834 B6150BDA" \ + "2583E9CA 2AD44CE8 DBBBC2DB 04DE8EF9 2E8EFC14 1FBECAA6" \ + "287C5947 4E6BC05D 99B2964F A090C3A2 233BA186 515BE7ED" \ + "1F612970 CEE2D7AF B81BDD76 2170481C D0069127 D5B05AA9" \ + "93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492" \ + "36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD" \ + "F8FF9406 AD9E530E E5DB382F 413001AE B06A53ED 9027D831" \ + "179727B0 865A8918 DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B" \ + "DB7F1447 E6CC254B 33205151 2BD7AF42 6FB8F401 378CD2BF" \ + "5983CA01 C64B92EC F032EA15 D1721D03 F482D7CE 6E74FEF6" \ + "D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F BEC7E8F3" \ + "23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA" \ + "CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328" \ + "06A1D58B B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C" \ + "DA56C9EC 2EF29632 387FE8D7 6E3C0468 043E8F66 3F4860EE" \ + "12BF2D5B 0B7474D6 E694F91E 6DCC4024 FFFFFFFF FFFFFFFF" + +#define OAKLEY_PRIME_MODP8192 \ + "FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1" \ + "29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD" \ + "EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245" \ + "E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED" \ + "EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D" \ + "C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F" \ + "83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D" \ + "670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B" \ + "E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9" \ + "DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510" \ + "15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64" \ + "ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7" \ + "ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B" \ + "F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C" \ + "BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31" \ + "43DB5BFC E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7" \ + "88719A10 BDBA5B26 99C32718 6AF4E23C 1A946834 B6150BDA" \ + "2583E9CA 2AD44CE8 DBBBC2DB 04DE8EF9 2E8EFC14 1FBECAA6" \ + "287C5947 4E6BC05D 99B2964F A090C3A2 233BA186 515BE7ED" \ + "1F612970 CEE2D7AF B81BDD76 2170481C D0069127 D5B05AA9" \ + "93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492" \ + "36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD" \ + "F8FF9406 AD9E530E E5DB382F 413001AE B06A53ED 9027D831" \ + "179727B0 865A8918 DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B" \ + "DB7F1447 E6CC254B 33205151 2BD7AF42 6FB8F401 378CD2BF" \ + "5983CA01 C64B92EC F032EA15 D1721D03 F482D7CE 6E74FEF6" \ + "D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F BEC7E8F3" \ + "23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA" \ + "CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328" \ + "06A1D58B B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C" \ + "DA56C9EC 2EF29632 387FE8D7 6E3C0468 043E8F66 3F4860EE" \ + "12BF2D5B 0B7474D6 E694F91E 6DBE1159 74A3926F 12FEE5E4" \ + "38777CB6 A932DF8C D8BEC4D0 73B931BA 3BC832B6 8D9DD300" \ + "741FA7BF 8AFC47ED 2576F693 6BA42466 3AAB639C 5AE4F568" \ + "3423B474 2BF1C978 238F16CB E39D652D E3FDB8BE FC848AD9" \ + "22222E04 A4037C07 13EB57A8 1A23F0C7 3473FC64 6CEA306B" \ + "4BCBC886 2F8385DD FA9D4B7F A2C087E8 79683303 ED5BDD3A" \ + "062B3CF5 B3A278A6 6D2A13F8 3F44F82D DF310EE0 74AB6A36" \ + "4597E899 A0255DC1 64F31CC5 0846851D F9AB4819 5DED7EA1" \ + "B1D510BD 7EE74D73 FAF36BC3 1ECFA268 359046F4 EB879F92" \ + "4009438B 481C6CD7 889A002E D5EE382B C9190DA6 FC026E47" \ + "9558E447 5677E9AA 9E3050E2 765694DF C81F56E8 80B96E71" \ + "60C980DD 98EDD3DF FFFFFFFF FFFFFFFF" + +struct prime { + char *name; + char *value; +} primes[] = { + { "modp768", OAKLEY_PRIME_MODP768 }, + { "modp1024", OAKLEY_PRIME_MODP1024 }, + { "modp1536", OAKLEY_PRIME_MODP1536 }, + { "modp2048", OAKLEY_PRIME_MODP2048 }, + { "modp3072", OAKLEY_PRIME_MODP3072 }, + { "modp4096", OAKLEY_PRIME_MODP4096 }, + { "modp6144", OAKLEY_PRIME_MODP6144 }, + { "modp8192", OAKLEY_PRIME_MODP8192 }, + { NULL, NULL } +}; + +/* + * exchange a string based "base" to a value. + * + */ +static char * +str2val(const char *str, int base, size_t *len) +{ + int f; + size_t i; + char *dst; + char *rp; + const char *p; + char b[3]; + + i = 0; + for (p = str; *p != '\0'; p++) { + if (isxdigit((int)*p)) + i++; + else if (isspace((int)*p)) + ; + else + return NULL; + } + if (i == 0 || (i % 2) != 0) + return NULL; + i /= 2; + + if ((dst = malloc(i)) == NULL) + return NULL; + + i = 0; + f = 0; + for (rp = dst, p = str; *p != '\0'; p++) { + if (isxdigit((int)*p)) { + if (!f) { + b[0] = *p; + f = 1; + } else { + b[1] = *p; + b[2] = '\0'; + *rp++ = (char)strtol(b, NULL, base); + i++; + f = 0; + } + } + } + + *len = i; + + return(dst); +} + +static void set_prime(BIGNUM *p, char *str) +{ + size_t len = 0; + unsigned char *prime; + + prime = (unsigned char *)str2val(str, 16, &len); + if (prime == NULL) + errx(1, "failed to parse %s", str); + BN_bin2bn(prime, len, p); +} + +static void set_generator(BIGNUM *g) +{ + BN_set_word(g, 2); +} + +static void print_secret(unsigned char *sec, size_t len) +{ + size_t i; + + for (i = 0; i < len; ++i) + printf("%x", sec[i]); + + printf("\n"); +} + +static int check_prime(ENGINE *engine, struct prime *pr) +{ + DH *dh1, *dh2; + BIGNUM *p, *g; + unsigned char *sec1, *sec2; + size_t size; + int ret; + + if (verbose) + printf("Testing %s\n", pr->name); + + p = BN_new(); + g = BN_new(); + dh1 = DH_new_method(engine); + dh2 = DH_new_method(engine); + + /* 1. set shared parameter */ + set_prime(p, pr->value); + set_generator(g); + dh1->p = BN_dup(p); + dh1->g = BN_dup(g); + dh2->p = BN_dup(p); + dh2->g = BN_dup(g); + + /* 2. set keys */ + ret = DH_generate_key(dh1); + if (ret == 0) { + fprintf(stderr, "DH_generate_key\n"); + exit(EXIT_FAILURE); + } + ret = DH_generate_key(dh2); + if (ret == 0) { + fprintf(stderr, "DH_generate_key\n"); + exit(EXIT_FAILURE); + } + + /* 3. compute shared secret */ + size = DH_size(dh1); + if (size != DH_size(dh2)) { + fprintf(stderr, "size does not match!\n"); + exit(EXIT_FAILURE); + } + sec1 = malloc(size); + sec2 = malloc(size); + if (!sec1 || !sec2) { + perror("malloc"); + exit(EXIT_FAILURE); + } + ret = DH_compute_key(sec1, dh2->pub_key, dh1); + if (ret == -1) { + fprintf(stderr, "DH_compute_key"); + exit(EXIT_FAILURE); + } + ret = DH_compute_key(sec2, dh1->pub_key, dh2); + if (ret == -1) { + fprintf(stderr, "DH_compute_key"); + exit(EXIT_FAILURE); + } + + /* 4. compare shared secret */ + if (verbose) { + printf("shared secret 1\n"); + print_secret(sec1, size); + printf("shared secret 2\n"); + print_secret(sec2, size); + } + + if (memcmp(sec1, sec2, size) == 0) + ret = 1; + else + ret = 0; + + free(sec2); + free(sec1); + DH_free(dh2); + DH_free(dh1); + BN_free(g); + BN_free(p); + + return ret; +} + +/* + * + */ + +static void +usage (int ret) +{ + arg_printusage (args, + sizeof(args)/sizeof(*args), + NULL, + ""); + exit (ret); +} + +int +main(int argc, char **argv) +{ + ENGINE *engine = NULL; + int idx = 0; + + setprogname(argv[0]); + + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx)) + usage(1); + + if (help_flag) + usage(0); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + argc -= idx; + argv += idx; + + OpenSSL_add_all_algorithms(); +#ifdef OPENSSL + ENGINE_load_openssl(); +#endif + ENGINE_load_builtin_engines(); + + if (id_string) { + engine = ENGINE_by_id(id_string); + if (engine == NULL) + engine = ENGINE_by_dso(id_string, id_string); + } else { + engine = ENGINE_by_id("builtin"); + } + if (engine == NULL) + errx(1, "ENGINE_by_dso failed"); + + printf("dh %s\n", ENGINE_get_DH(engine)->name); + + { + struct prime *p = primes; + + for (; p->name; ++p) + if (check_prime(engine, p)) + printf("%s: shared secret OK\n", p->name); + else + printf("%s: shared secret FAILURE\n", p->name); + + return 0; + } + + return 0; +} diff --git a/lib/hcrypto/test_engine_dso.c b/lib/hcrypto/test_engine_dso.c new file mode 100644 index 000000000000..f6a38effd0d0 --- /dev/null +++ b/lib/hcrypto/test_engine_dso.c @@ -0,0 +1,332 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include + +#include +#include + +#include +#include + +struct { + const char *cpriv; + const char *cpub; + const char *spriv; + const char *spub; +} dhtests[] = { + { + "5C0946275D07223AEAF04301D964498F3285946057B4C50D13B4FE12C88DFD8D499DD3CC00C1BC17C0D343F2FE053C9F53389110551715B1EDF261A0314485C4835D01F7B8894027D534A2D81D63619D2F58C9864AC9816086B3FF75C01B3FAFF355425AB7369A6ABDC8B633F0A0DC4D29B50F364E7594B297183D14E5CDC05D", + "2D66DC5998B7AEE3332DC1061C6E6F6CF0FCCD74534187E2CDC9ACBCADF0FC9D5900451F44832A762F01E9CEEF1CBD7D69D020AC524D09FAD087DFADEAC36C845157B83937B51C8DB7F500C3C54FB2A05E074E40BA982186E7FEB2534EDDB387D5480AAA355B398CCAD0886F3952C3718490B7884FA67BD8B6943CDDA20134C6", + "42644BA7CF74689E18BA72BF80FCA674D1A2ADF81795EB3828E67C30E42ABD07A8E90E27F046189FAC122D915276870B72427388EAAB5D06994FC38885BBACCEA1CFC45951B730D73C1A8F83208CD1351746601648C11D70BC95B817C86E4A5C40D633654615041C7934BB3CAF4E02754D542033DB024E94C7E561A29ED0C6EC", + "C233633AB116E2DB20B4E08DA42DE8766293E6D9042F7A2C2A2F34F18FE66010B074CCF3C9B03EF27B14F0746B738AF22776224161D767D96AEC230A1DFA6DECFFCE9FED23B96F50CCB0093E59817AD0CEAEB7993AB5764679948BFB1293C9560B07AA3DFA229E341EB17C9FAE0B1D483082461D2DDBCEEE6FE7C0A34D96F66D" + }, + { + "76295C1280B890970F0F7EB01BBD9C5DF9BB8F590EB384A39EBF85CD141451407F955FD1D39012AA1F8BA53FD6A5A37CB2835CEDB27D1EBF1FE8AC9F2FFD628BD9BF7B8DD77CB80C8DC0A75F4567C7700442B26972833EB9738A8728A1FC274C59CED5E3ADA224B46711112AAA1CB831D2D6125E183ADA4F805A05024C9C6DDB", + "1E0AB5EBAAC7985FE67A574447FAE58AE4CB95416278D4C239A789D4532FA8E6F82BA10BE411D8A0A06B9E1DECE704466B3523496A8A4165B97FBCFB9CE9C4FF2DEEE786BA046E8C270FA8A9055D2F6E42EDDB32C73CF7875551A56EB69C0F14A3745745845B81C347401B27D074C60C5177BA9C14BBB1C8C219B78E15126EF8", + "68D84A8F92082F113542CFD990DEEFAD9C7EFA545268F8B3EBDF4CCBAF2865CF03EF60044EB4AF4154E6804CC2BDD673B801507446CEFC692DA577B6DC6E0272B7B081A1BEFDC2A4FAC83DB8845E3DA0D1B64DB33AA2164FEDB08A01E815336BD58F4E6DE6A265468E61C8C988B8AEC0D52DB714448DDC007E7C3382C07357DB", + "393815D507A2EF80DE2D0F2A55AAB1C25B870ACA3FC97438B4336CBF979BF9A4F8DA1B61C667129F9123045E07E24976040EC5E2368DD4EF70690102D74E900B260D3826256FD473733A7569BF514652AB78C48C334FDCA26C44ABF322643AF15BFF693A37BB2C19CA9FE5F1537FCFE2B24CF74D4E57060D35ABF115B4B6CD21" + }, + { + "7307D6C3CB874327A95F7A6A91C336CEAA086736525DF3F8EC49497CF444C68D264EB70CD6904FE56E240EEF34E6C5177911C478A7F250A0F54183BCBE64B42BAB5D019E73E2F17C095C211E4815E6BA5FDD72786AF987ABBC9109ECEEF439AF9E2141D5222CE7DC0152D8E9A6CCCE301D21A7D1D6ACB9B91B5E28379C91890D", + "83FBD7BFFDF415BBB7E21D399CB2F36A61AFDBAFC542E428E444C66AA03617C0C55C639FE2428905B57035892AE1BD2C4060E807D9E003B0C204FFC8FDD69CC8ADE7A8E18DCBFFF64E3EF9DA2C117390374241466E48A020A1B2F575AE42C233F8BD357B8331CC203E0345DFC19C73E6F1F70B6C2786E681D73BF48B15FE9992", + "61BCF748BB05A48861578B8CB1855200B2E62A40E126BD7323E5B714645A54A2C8761EE39EE39BA6D2FE19B688168EDEA6DC5056400B5315ED299E7926176B887012E58634D78F05D7BCF0E1B81B1B41F5F8EF0B0711D3A64F9A317DD183AE039A4D3BE02A515892362F8C7BB6EB6434BB25418A438ED33D50C475122CBBE862", + "7DB8D69D1605D9812B7F2F3E92BCEEB3426FEEE3265A174D71B2B6E16B332B43DF0B3C2FA152E48DE2FAC110D8CECE122C3398558E7987B27CACE12722C0032AC7E7766A9BCC881BA35B9DB9E751BD4E51F7683DE092F6C1D4DD937CDCE9C16E6F7D77CC6AAD806E4082E8E22E28592C4D78256354393FE831E811E03ED0A81A" + }, + { + "60C18B62F786DE6A4A8B13EB6DA2380B4C6731F861C715D9496DCF4A9F01CD33DDB52F1AB4D1F820FAF7AD4EFEB66586F7F08135714B13D77FE652B9EEAB2C543596A9ED307C1629CF535DD14AB22F081AE4ADF7A3E0BC7B33E0EC7A7306F9A737F55807974B5E1B7B6394BD0373917128B43A17757B34BAE1B600763E957F75", + "0DEDA337C38EA005D5B8567EAB681CE91892C2C62C9D42BF748FBFE681E11F25D98280E42E1539A10EEE9177EF2F40216987936AF19D9B5EBE22EEAC27242D77CE3A5061F2E5CFACF15CD0F80E736AE8642252FE91E129DE3C78CFB85A0B1BB87B059CBB24483444F8A07244F4E89370BA78D58BD409DFBB3D41921B8879B9C7", + "462C0707CF3366C2242A808CFDB79B77E8B3AF9D796583EB9CCD7BF4E8792AB0A818E49FFE53CA241F56988F825B366BF1E78481F8086A123259B9D83AC643E85845BF6B2C5412FFDDFAA8C9ED203CA4B3C1BFD777286099976472FA15B3CCC8418CF162F03C0C3E85D7EFC5CF5ACB9B2C039CCF3A1A9C6BB6B9C09C18D86CBD", + "56DB382EDB8C2D95934D20261CE1A37090B0802D451E647DB1DA3B73CDB5A878EAD598A8817302449370F9D45E34F5C45F73D02BF4EB2B3712A8665F446F5D2B774039E5444AB74807859FA58DF9EBA4B12BA4545ACED827E4ED64CC71F937D64A1033BC43403F2490C1B715A74822B8D50A72A102213F0CF7A1B98B771B34C4" + }, + { + "61B7321207F4A73646E43E99221F902D2F38095E84CE7346A1510FE71BA7B9B34DCB6609E4DDDA8C82426E82D1C23F1E761130ECE4638D77554A7618E1608625049328FCC1F8845CA9A88E847106B01BD31EF6500E3C7EE81A048924BEAA3EDF367E5F4575341206C7A76427571898294B07BD918D4C2642854CC89D439042E5", + "29AA38E63E4DD7C651E25DEC7A5A53E48114F52813793D36A9DBDD4F7C06FC38406E330764E0B2AFD811C39D857EA5F904105360E06856DC0780C7D61C53165833F0AEA15CB54732DE113F44C8FCFB86F4A876DD42D7A55356D91C0173F2B012680FB54C13EF54B65DF4AEDE2E13419B1316435187CEF07D44DB3DF57C4703FD", + "5ED5AFB04CBFEE43EF3D9B60A57080831563648A2380D98F1EA4A96CF153903A40A2E564DED87E7254DF3270568AB952BF6F400681DD6AD919C9B06AC0F45F0646BCF37B217191AA0B7B7BED226B61F48B46DEA2E5A09E41F316583823A38A60FFD79085F43F60D98871ECA1A0F667701425094E88885A81DE9DA6C293E95060", + "4DE4F24EAA3E2790FBCB1B13C2ED0EFD846EC33154DBEBBEFD895E1399B3617D55EC2CE8D71CF380B55D93636FEF741328D6B1E224D46F8A8B60A41D08DD86E88DE806AA781791364E6D88BF68571BF5D8C35CB04BA302227B7E4CB6A67AB7510ACBCDBF2F8A95EB5DEE693CCA5CC425A0F1CA2D18C369A767906A2477E32704" + } +}; + +static void +dh_test(DH *server, DH *client) +{ + void *skey, *ckey; + int ssize, csize; + + skey = emalloc(DH_size(server)); + ckey = emalloc(DH_size(client)); + + ssize = DH_compute_key(skey, client->pub_key, server); + if (ssize == -1) + errx(1, "DH_compute_key failed for server"); + csize = DH_compute_key(ckey, server->pub_key, client); + if (csize == -1) + errx(1, "DH_compute_key failed for client"); + + if (ssize != csize) + errx(1, "DH_compute_key size mismatch"); + + if (memcmp(skey, ckey, csize) != 0) + errx(1, "DH_compute_key key mismatch"); + + free(skey); + free(ckey); +} + + +static int version_flag; +static int help_flag; +static char *id_flag; +static char *rsa_flag; +static int dh_flag = 1; +static int test_random_flag; + +static struct getargs args[] = { + { "id", 0, arg_string, &id_flag, + "selects the engine id", "engine-id" }, + { "rsa", 0, arg_string, &rsa_flag, + "tests RSA modes", "private-rsa-der-file" }, + { "dh", 0, arg_negative_flag, &dh_flag, + "test dh", NULL }, + { "test-random", 0, arg_flag, &test_random_flag, + "test if there is a random device", NULL }, + { "version", 0, arg_flag, &version_flag, + "print version", NULL }, + { "help", 0, arg_flag, &help_flag, + NULL, NULL } +}; + +static void +usage (int ret) +{ + arg_printusage (args, + sizeof(args)/sizeof(*args), + NULL, + "filename.so"); + exit (ret); +} + +int +main(int argc, char **argv) +{ + ENGINE *engine = NULL; + int idx = 0; + int have_rsa, have_dh; + + setprogname(argv[0]); + + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx)) + usage(1); + + if (help_flag) + usage(0); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + argc -= idx; + argv += idx; + + OpenSSL_add_all_algorithms(); + + if (argc == 0) { + OpenSSL_add_all_algorithms(); + ENGINE_load_builtin_engines(); + engine = ENGINE_by_id("builtin"); + } else { + engine = ENGINE_by_dso(argv[0], id_flag); + } + if (engine == NULL) + errx(1, "ENGINE_by_dso failed"); + + printf("name: %s\n", ENGINE_get_name(engine)); + printf("id: %s\n", ENGINE_get_id(engine)); + have_rsa = ENGINE_get_RSA(engine) != NULL; + have_dh = ENGINE_get_DH(engine) != NULL; + printf("RSA: %s", have_rsa ? "yes," : "no"); + if (have_rsa) + printf(" %s", ENGINE_get_RSA(engine)->name); + printf("\n"); + printf("DH: %s", have_dh ? "yes," : "no"); + if (have_dh) + printf(" %s", ENGINE_get_DH(engine)->name); + printf("\n"); + + if (RAND_status() != 1) + errx(77, "no functional random device, can't execute tests"); + if (test_random_flag) + exit(0); + + if (rsa_flag && have_rsa) { + unsigned char buf[1024 * 4]; + const unsigned char *p; + size_t size; + int keylen; + RSA *rsa; + FILE *f; + + f = fopen(rsa_flag, "rb"); + if (f == NULL) + err(1, "could not open file %s", rsa_flag); + + size = fread(buf, 1, sizeof(buf), f); + if (size == 0) + err(1, "failed to read file %s", rsa_flag); + if (size == sizeof(buf)) + err(1, "key too long in file %s!", rsa_flag); + fclose(f); + + p = buf; + rsa = d2i_RSAPrivateKey(NULL, &p, size); + if (rsa == NULL) + err(1, "failed to parse key in file %s", rsa_flag); + + RSA_set_method(rsa, ENGINE_get_RSA(engine)); + + /* + * try rsa signing + */ + + memcpy(buf, "hejsan", 7); + keylen = RSA_private_encrypt(7, buf, buf, rsa, RSA_PKCS1_PADDING); + if (keylen <= 0) + errx(1, "failed to private encrypt"); + + keylen = RSA_public_decrypt(keylen, buf, buf, rsa, RSA_PKCS1_PADDING); + if (keylen <= 0) + errx(1, "failed to public decrypt"); + + if (keylen != 7) + errx(1, "output buffer not same length: %d", (int)keylen); + + if (memcmp(buf, "hejsan", 7) != 0) + errx(1, "string not the same after decryption"); + + /* + * try rsa encryption + */ + + memcpy(buf, "hejsan", 7); + keylen = RSA_public_encrypt(7, buf, buf, rsa, RSA_PKCS1_PADDING); + if (keylen <= 0) + errx(1, "failed to public encrypt"); + + keylen = RSA_private_decrypt(keylen, buf, buf, rsa, RSA_PKCS1_PADDING); + if (keylen <= 0) + errx(1, "failed to private decrypt"); + + if (keylen != 7) + errx(1, "output buffer not same length: %d", (int)keylen); + + if (memcmp(buf, "hejsan", 7) != 0) + errx(1, "string not the same after decryption"); + + RSA_free(rsa); + + printf("rsa test passed\n"); + + } + + if (dh_flag) { + DH *server, *client; + int i; + + /* RFC2412-MODP-group2 */ + const char *p = + "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" + "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" + "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" + "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" + "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE65381" + "FFFFFFFF" "FFFFFFFF"; + const char *g = "02"; + + /* + * Try generated keys + */ + + for (i = 0; i < 10; i++) { + server = DH_new_method(engine); + client = DH_new_method(engine); + + BN_hex2bn(&server->p, p); + BN_hex2bn(&client->p, p); + BN_hex2bn(&server->g, g); + BN_hex2bn(&client->g, g); + + if (!DH_generate_key(server)) + errx(1, "DH_generate_key failed for server"); + if (!DH_generate_key(client)) + errx(1, "DH_generate_key failed for client"); + + dh_test(server, client); + + DH_free(server); + DH_free(client); + } + /* + * Try known result + */ + + for (i = 0; i < sizeof(dhtests)/sizeof(dhtests[0]); i++) { + + server = DH_new_method(engine); + client = DH_new_method(engine); + + BN_hex2bn(&server->p, p); + BN_hex2bn(&client->p, p); + BN_hex2bn(&server->g, g); + BN_hex2bn(&client->g, g); + + BN_hex2bn(&client->priv_key, dhtests[i].cpriv); + BN_hex2bn(&client->pub_key, dhtests[i].cpub); + BN_hex2bn(&server->priv_key, dhtests[i].spriv); + BN_hex2bn(&server->pub_key, dhtests[i].spub); + + dh_test(server, client); + + DH_free(server); + DH_free(client); + } + + printf("DH test passed\n"); + } + + ENGINE_finish(engine); + + return 0; +} diff --git a/lib/hcrypto/test_hmac.c b/lib/hcrypto/test_hmac.c new file mode 100644 index 000000000000..d8c3e69cd2ef --- /dev/null +++ b/lib/hcrypto/test_hmac.c @@ -0,0 +1,76 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include +#include + +#include +#include +#include + +int +main(int argc, char **argv) +{ + unsigned char buf[4] = { 0, 0, 0, 0 }; + char hmackey[] = "hello-world"; + size_t hmackey_size = sizeof(hmackey); + unsigned int hmaclen; + unsigned char hmac[EVP_MAX_MD_SIZE]; + HMAC_CTX c; + + char answer[20] = "\x2c\xfa\x32\xb7\x2b\x8a\xf6\xdf\xcf\xda" + "\x6f\xd1\x52\x4d\x54\x58\x73\x0f\xf3\x24"; + + HMAC_CTX_init(&c); + HMAC_Init_ex(&c, hmackey, hmackey_size, EVP_sha1(), NULL); + HMAC_Update(&c, buf, sizeof(buf)); + HMAC_Final(&c, hmac, &hmaclen); + HMAC_CTX_cleanup(&c); + + if (hmaclen != 20) { + printf("hmaclen = %d\n", (int)hmaclen); + return 1; + } + + if (ct_memcmp(hmac, answer, hmaclen) != 0) { + printf("wrong answer\n"); + return 1; + } + + return 0; +} diff --git a/lib/hcrypto/test_pkcs12.c b/lib/hcrypto/test_pkcs12.c new file mode 100644 index 000000000000..aa27af0e6ade --- /dev/null +++ b/lib/hcrypto/test_pkcs12.c @@ -0,0 +1,143 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include +#include + +#include +#include + +struct tests { + int id; + const char *password; + void *salt; + size_t saltsize; + int iterations; + size_t keylen; + const EVP_MD * (*md)(void); + void *key; +}; + +struct tests p12_pbe_tests[] = { + { PKCS12_KEY_ID, + NULL, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + 100, + 16, + EVP_sha1, + "\xd7\x2d\xd4\xcf\x7e\xe1\x89\xc5\xb5\xe5\x31\xa7\x63\x2c\xf0\x4b" + }, + { PKCS12_KEY_ID, + "", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + 100, + 16, + EVP_sha1, + "\x00\x54\x91\xaf\xc0\x6a\x76\xc3\xf9\xb6\xf2\x28\x1a\x15\xd9\xfe" + }, + { PKCS12_KEY_ID, + "foobar", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + 100, + 16, + EVP_sha1, + "\x79\x95\xbf\x3f\x1c\x6d\xe\xe8\xd3\x71\xc4\x94\xd\xb\x18\xb5" + }, + { PKCS12_KEY_ID, + "foobar", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + 2048, + 24, + EVP_sha1, + "\x0b\xb5\xe\xa6\x71\x0d\x0c\xf7\x44\xe\xe1\x9b\xb5\xdf\xf1\xdc\x4f\xb0\xca\xe\xee\x4f\xb9\xfd" + }, + { PKCS12_IV_ID, + "foobar", + "\x3c\xdf\x84\x32\x59\xd3\xda\x69", + 8, + 2048, + 8, + EVP_sha1, + "\xbf\x9a\x12\xb7\x26\x69\xfd\x05" + } + +}; + +static int +test_pkcs12_pbe(struct tests *t) +{ + void *key; + size_t pwlen = 0; + + key = malloc(t->keylen); + if (t->password) + pwlen = strlen(t->password); + + if (!PKCS12_key_gen(t->password, pwlen, + t->salt, t->saltsize, + t->id, t->iterations, t->keylen, + key, t->md())) + { + printf("key_gen failed\n"); + return 1; + } + + if (memcmp(t->key, key, t->keylen) != 0) { + printf("incorrect key\n"); + free(key); + return 1; + } + free(key); + return 0; +} + +int +main(int argc, char **argv) +{ + int ret = 0; + int i; + + for (i = 0; i < sizeof(p12_pbe_tests)/sizeof(p12_pbe_tests[0]); i++) + ret += test_pkcs12_pbe(&p12_pbe_tests[i]); + + return ret; +} diff --git a/lib/hcrypto/test_pkcs5.c b/lib/hcrypto/test_pkcs5.c new file mode 100644 index 000000000000..46ca52ac70c6 --- /dev/null +++ b/lib/hcrypto/test_pkcs5.c @@ -0,0 +1,152 @@ +/* + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include +#include +#include + +#include + +struct tests { + const char *password; + const char *salt; + int iterations; + const void *pbkdf2_128; + const void *pbkdf2_256; +}; + + +const struct tests pkcs5_tests[] = { + { "password", + "ATHENA.MIT.EDUraeburn", + 1, + "\xcd\xed\xb5\x28\x1b\xb2\xf8\x01\x56\x5a\x11\x22\xb2\x56\x35\x15", + "\xcd\xed\xb5\x28\x1b\xb2\xf8\x01\x56\x5a\x11\x22\xb2\x56\x35\x15" + "\x0a\xd1\xf7\xa0\x4b\xb9\xf3\xa3\x33\xec\xc0\xe2\xe1\xf7\x08\x37" + }, + { "password", + "ATHENA.MIT.EDUraeburn", + 2, + "\x01\xdb\xee\x7f\x4a\x9e\x24\x3e\x98\x8b\x62\xc7\x3c\xda\x93\x5d", + "\x01\xdb\xee\x7f\x4a\x9e\x24\x3e\x98\x8b\x62\xc7\x3c\xda\x93\x5d" + "\xa0\x53\x78\xb9\x32\x44\xec\x8f\x48\xa9\x9e\x61\xad\x79\x9d\x86" + }, + { "password", + "ATHENA.MIT.EDUraeburn", + 1200, + "\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b", + "\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b" + "\xa7\xe5\x2d\xdb\xc5\xe5\x14\x2f\x70\x8a\x31\xe2\xe6\x2b\x1e\x13" + }, + { + "password", "\x12\x34\x56\x78\x78\x56\x34\x12", + 5, + "\xd1\xda\xa7\x86\x15\xf2\x87\xe6\xa1\xc8\xb1\x20\xd7\x06\x2a\x49", + "\xd1\xda\xa7\x86\x15\xf2\x87\xe6\xa1\xc8\xb1\x20\xd7\x06\x2a\x49" + "\x3f\x98\xd2\x03\xe6\xbe\x49\xa6\xad\xf4\xfa\x57\x4b\x6e\x64\xee" + }, + { + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "pass phrase equals block size", + 1200, + "\x13\x9c\x30\xc0\x96\x6b\xc3\x2b\xa5\x5f\xdb\xf2\x12\x53\x0a\xc9", + "\x13\x9c\x30\xc0\x96\x6b\xc3\x2b\xa5\x5f\xdb\xf2\x12\x53\x0a\xc9" + "\xc5\xec\x59\xf1\xa4\x52\xf5\xcc\x9a\xd9\x40\xfe\xa0\x59\x8e\xd1" + }, + { + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "pass phrase exceeds block size", + 1200, + "\x9c\xca\xd6\xd4\x68\x77\x0c\xd5\x1b\x10\xe6\xa6\x87\x21\xbe\x61", + "\x9c\xca\xd6\xd4\x68\x77\x0c\xd5\x1b\x10\xe6\xa6\x87\x21\xbe\x61" + "\x1a\x8b\x4d\x28\x26\x01\xdb\x3b\x36\xbe\x92\x46\x91\x5e\xc8\x2a" + }, + { + "\xf0\x9d\x84\x9e" /* g-clef */, + "EXAMPLE.COMpianist", + 50, + "\x6b\x9c\xf2\x6d\x45\x45\x5a\x43\xa5\xb8\xbb\x27\x6a\x40\x3b\x39", + "\x6b\x9c\xf2\x6d\x45\x45\x5a\x43\xa5\xb8\xbb\x27\x6a\x40\x3b\x39" + "\xe7\xfe\x37\xa0\xc4\x1e\x02\xc2\x81\xff\x30\x69\xe1\xe9\x4f\x52" + } +}; + +static int +test_pkcs5_pbe2(const struct tests *t) +{ + unsigned char key[32]; + int ret, error = 0; + + ret = PKCS5_PBKDF2_HMAC_SHA1(t->password, strlen(t->password), + t->salt, strlen(t->salt), + t->iterations, + 16, key); + if (ret != 1) + errx(1, "PKCS5_PBKDF2_HMAC_SHA1: %d", ret); + + if (memcmp(t->pbkdf2_128, key, 16) != 0) { + printf("incorrect 128 key\n"); + error++; + } + + ret = PKCS5_PBKDF2_HMAC_SHA1(t->password, strlen(t->password), + t->salt, strlen(t->salt), + t->iterations, + 32, key); + if (ret != 1) + errx(1, "PKCS5_PBKDF2_HMAC_SHA1: %d", ret); + + if (memcmp(t->pbkdf2_256, key, 32) != 0) { + printf("incorrect 256 key\n"); + error++; + } + + return error; +} + +int +main(int argc, char **argv) +{ + int ret = 0; + int i; + + for (i = 0; i < sizeof(pkcs5_tests)/sizeof(pkcs5_tests[0]); i++) + ret += test_pkcs5_pbe2(&pkcs5_tests[i]); + + return ret; +} diff --git a/lib/hcrypto/test_rand.c b/lib/hcrypto/test_rand.c new file mode 100644 index 000000000000..c90ed3cba0b9 --- /dev/null +++ b/lib/hcrypto/test_rand.c @@ -0,0 +1,189 @@ +/* + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include + +#include +#include + +#include "rand.h" + + +/* + * + */ + +static int version_flag; +static int help_flag; +static int len = 1024 * 1024; +static char *rand_method; +static char *filename; + +static struct getargs args[] = { + { "length", 0, arg_integer, &len, + "length", NULL }, + { "file", 0, arg_string, &filename, + "file name", NULL }, + { "method", 0, arg_string, &rand_method, + "method", NULL }, + { "version", 0, arg_flag, &version_flag, + "print version", NULL }, + { "help", 0, arg_flag, &help_flag, + NULL, NULL } +}; + +/* + * + */ + +/* + * + */ + +static void +usage (int ret) +{ + arg_printusage (args, + sizeof(args)/sizeof(args[0]), + NULL, + ""); + exit (ret); +} + +int +main(int argc, char **argv) +{ + int idx = 0; + char *buffer; + char path[MAXPATHLEN]; + + setprogname(argv[0]); + + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx)) + usage(1); + + if (help_flag) + usage(0); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + argc -= idx; + argv += idx; + + if (argc != 0) + usage(1); + + buffer = emalloc(len); + + if (rand_method) { + if (0) { + } +#ifndef NO_RAND_FORTUNA_METHOD + else if (strcasecmp(rand_method, "fortuna") == 0) + RAND_set_rand_method(RAND_fortuna_method()); +#endif +#ifndef NO_RAND_UNIX_METHOD + else if (strcasecmp(rand_method, "unix") == 0) + RAND_set_rand_method(RAND_unix_method()); +#endif +#ifndef NO_RAND_EGD_METHOD + else if (strcasecmp(rand_method, "egd") == 0) + RAND_set_rand_method(RAND_egd_method()); +#endif +#ifdef WIN32 + else if (strcasecmp(rand_method, "w32crypto") == 0) + RAND_set_rand_method(RAND_w32crypto_method()); +#endif + else + errx(1, "unknown method %s", rand_method); + } + + if (RAND_file_name(path, sizeof(path)) == NULL) + errx(1, "RAND_file_name failed"); + + if (RAND_status() != 1) + errx(1, "random not ready yet"); + + if (RAND_bytes(buffer, len) != 1) + errx(1, "RAND_bytes"); + + if (filename) + rk_dumpdata(filename, buffer, len); + + /* head vs tail */ + if (len >= 100000) { + int bit, i; + double res; + int bits[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; + + for (i = 0; i < len; i++) { + unsigned char c = ((unsigned char *)buffer)[i]; + for (bit = 0; bit < 8 && c; bit++) { + if (c & 1) + bits[bit]++; + c = c >> 1; + } + } + + for (bit = 0; bit < 8; bit++) { + + res = ((double)abs(len - bits[bit] * 2)) / (double)len; + if (res > 0.005) + errx(1, "head%d vs tail%d > 0.5%%%% %lf == %d vs %d", + bit, bit, res, len, bits[bit]); + + printf("head vs tails bit%d: %lf\n", bit, res); + } + } + + free(buffer); + + /* test write random file */ + { + static const char *file = "test.file"; + if (RAND_write_file(file) != 1) + errx(1, "RAND_write_file"); + if (RAND_load_file(file, 1024) != 1) + errx(1, "RAND_load_file"); + unlink(file); + } + + return 0; +} diff --git a/lib/hcrypto/test_rsa.c b/lib/hcrypto/test_rsa.c new file mode 100644 index 000000000000..3449d9b2a91c --- /dev/null +++ b/lib/hcrypto/test_rsa.c @@ -0,0 +1,398 @@ +/* + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include + +#include +#include + +#include +#include + +/* + * + */ + +static int version_flag; +static int help_flag; +static int time_keygen; +static char *time_key; +static int key_blinding = 1; +static char *rsa_key; +static char *id_flag; +static int loops = 1; + +static struct getargs args[] = { + { "loops", 0, arg_integer, &loops, + "number of loops", "loops" }, + { "id", 0, arg_string, &id_flag, + "selects the engine id", "engine-id" }, + { "time-keygen", 0, arg_flag, &time_keygen, + "time rsa generation", NULL }, + { "time-key", 0, arg_string, &time_key, + "rsa key file", NULL }, + { "key-blinding", 0, arg_negative_flag, &key_blinding, + "key blinding", NULL }, + { "key", 0, arg_string, &rsa_key, + "rsa key file", NULL }, + { "version", 0, arg_flag, &version_flag, + "print version", NULL }, + { "help", 0, arg_flag, &help_flag, + NULL, NULL } +}; + +/* + * + */ + +static void +check_rsa(const unsigned char *in, size_t len, RSA *rsa, int padding) +{ + unsigned char *res, *res2; + unsigned int len2; + int keylen; + + res = malloc(RSA_size(rsa)); + if (res == NULL) + errx(1, "res: ENOMEM"); + + res2 = malloc(RSA_size(rsa)); + if (res2 == NULL) + errx(1, "res2: ENOMEM"); + + /* signing */ + + keylen = RSA_private_encrypt(len, in, res, rsa, padding); + if (keylen <= 0) + errx(1, "failed to private encrypt: %d %d", (int)len, (int)keylen); + + if (keylen > RSA_size(rsa)) + errx(1, "keylen > RSA_size(rsa)"); + + keylen = RSA_public_decrypt(keylen, res, res2, rsa, padding); + if (keylen <= 0) + errx(1, "failed to public decrypt: %d", (int)keylen); + + if (keylen != len) + errx(1, "output buffer not same length: %d", (int)keylen); + + if (memcmp(res2, in, len) != 0) + errx(1, "string not the same after decryption"); + + /* encryption */ + + keylen = RSA_public_encrypt(len, in, res, rsa, padding); + if (keylen <= 0) + errx(1, "failed to public encrypt: %d", (int)keylen); + + if (keylen > RSA_size(rsa)) + errx(1, "keylen > RSA_size(rsa)"); + + keylen = RSA_private_decrypt(keylen, res, res2, rsa, padding); + if (keylen <= 0) + errx(1, "failed to private decrypt: %d", (int)keylen); + + if (keylen != len) + errx(1, "output buffer not same length: %d", (int)keylen); + + if (memcmp(res2, in, len) != 0) + errx(1, "string not the same after decryption"); + + len2 = keylen; + + if (RSA_sign(NID_sha1, in, len, res, &len2, rsa) != 1) + errx(1, "RSA_sign failed"); + + if (RSA_verify(NID_sha1, in, len, res, len2, rsa) != 1) + errx(1, "RSA_verify failed"); + + free(res); + free(res2); +} + +static int +cb_func(int a, int b, BN_GENCB *c) +{ + return 1; +} + +static RSA * +read_key(ENGINE *engine, const char *rsa_key) +{ + unsigned char buf[1024 * 4]; + const unsigned char *p; + size_t size; + RSA *rsa; + FILE *f; + + f = fopen(rsa_key, "rb"); + if (f == NULL) + err(1, "could not open file %s", rsa_key); + rk_cloexec_file(f); + + size = fread(buf, 1, sizeof(buf), f); + fclose(f); + if (size == 0) + err(1, "failed to read file %s", rsa_key); + if (size == sizeof(buf)) + err(1, "key too long in file %s!", rsa_key); + + p = buf; + rsa = d2i_RSAPrivateKey(NULL, &p, size); + if (rsa == NULL) + err(1, "failed to parse key in file %s", rsa_key); + + RSA_set_method(rsa, ENGINE_get_RSA(engine)); + + if (!key_blinding) + rsa->flags |= RSA_FLAG_NO_BLINDING; + + return rsa; +} + +/* + * + */ + +static void +usage (int ret) +{ + arg_printusage (args, + sizeof(args)/sizeof(*args), + NULL, + "filename.so"); + exit (ret); +} + +int +main(int argc, char **argv) +{ + ENGINE *engine = NULL; + int i, j, idx = 0; + RSA *rsa; + + setprogname(argv[0]); + + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx)) + usage(1); + + if (help_flag) + usage(0); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + argc -= idx; + argv += idx; + + OpenSSL_add_all_algorithms(); +#ifdef OPENSSL + ENGINE_load_openssl(); +#endif + ENGINE_load_builtin_engines(); + + if (argc == 0) { + engine = ENGINE_by_id("builtin"); + } else { + engine = ENGINE_by_id(argv[0]); + if (engine == NULL) + engine = ENGINE_by_dso(argv[0], id_flag); + } + if (engine == NULL) + errx(1, "ENGINE_by_dso failed"); + + if (ENGINE_get_RSA(engine) == NULL) + return 77; + + printf("rsa %s\n", ENGINE_get_RSA(engine)->name); + + if (RAND_status() != 1) + errx(77, "no functional random device, refusing to run tests"); + + if (time_keygen) { + struct timeval tv1, tv2; + BIGNUM *e; + + rsa = RSA_new_method(engine); + if (!key_blinding) + rsa->flags |= RSA_FLAG_NO_BLINDING; + + e = BN_new(); + BN_set_word(e, 0x10001); + + printf("running keygen with %d loops\n", loops); + + gettimeofday(&tv1, NULL); + + for (i = 0; i < loops; i++) { + rsa = RSA_new_method(engine); + if (RSA_generate_key_ex(rsa, 1024, e, NULL) != 1) + errx(1, "RSA_generate_key_ex"); + RSA_free(rsa); + } + + gettimeofday(&tv2, NULL); + timevalsub(&tv2, &tv1); + + printf("time %lu.%06lu\n", + (unsigned long)tv2.tv_sec, + (unsigned long)tv2.tv_usec); + + BN_free(e); + ENGINE_finish(engine); + + return 0; + } + + if (time_key) { + const int size = 20; + struct timeval tv1, tv2; + unsigned char *p; + + if (strcmp(time_key, "generate") == 0) { + BIGNUM *e; + + rsa = RSA_new_method(engine); + if (!key_blinding) + rsa->flags |= RSA_FLAG_NO_BLINDING; + + e = BN_new(); + BN_set_word(e, 0x10001); + + if (RSA_generate_key_ex(rsa, 1024, e, NULL) != 1) + errx(1, "RSA_generate_key_ex"); + } else { + rsa = read_key(engine, time_key); + } + + p = emalloc(loops * size); + + RAND_bytes(p, loops * size); + + gettimeofday(&tv1, NULL); + for (i = 0; i < loops; i++) + check_rsa(p + (i * size), size, rsa, RSA_PKCS1_PADDING); + gettimeofday(&tv2, NULL); + + timevalsub(&tv2, &tv1); + + printf("time %lu.%06lu\n", + (unsigned long)tv2.tv_sec, + (unsigned long)tv2.tv_usec); + + RSA_free(rsa); + ENGINE_finish(engine); + + return 0; + } + + if (rsa_key) { + rsa = read_key(engine, rsa_key); + + /* + * Assuming that you use the RSA key in the distribution, this + * test will generate a signature have a starting zero and thus + * will generate a checksum that is 127 byte instead of the + * checksum that is 128 byte (like the key). + */ + { + const unsigned char sha1[20] = { + 0x6d, 0x33, 0xf9, 0x40, 0x75, 0x5b, 0x4e, 0xc5, 0x90, 0x35, + 0x48, 0xab, 0x75, 0x02, 0x09, 0x76, 0x9a, 0xb4, 0x7d, 0x6b + }; + + check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING); + } + + for (i = 0; i < 128; i++) { + unsigned char sha1[20]; + + RAND_bytes(sha1, sizeof(sha1)); + check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING); + } + for (i = 0; i < 128; i++) { + unsigned char des3[21]; + + RAND_bytes(des3, sizeof(des3)); + check_rsa(des3, sizeof(des3), rsa, RSA_PKCS1_PADDING); + } + for (i = 0; i < 128; i++) { + unsigned char aes[32]; + + RAND_bytes(aes, sizeof(aes)); + check_rsa(aes, sizeof(aes), rsa, RSA_PKCS1_PADDING); + } + + RSA_free(rsa); + } + + for (i = 0; i < loops; i++) { + BN_GENCB cb; + BIGNUM *e; + unsigned int n; + + rsa = RSA_new_method(engine); + if (!key_blinding) + rsa->flags |= RSA_FLAG_NO_BLINDING; + + e = BN_new(); + BN_set_word(e, 0x10001); + + BN_GENCB_set(&cb, cb_func, NULL); + + RAND_bytes(&n, sizeof(n)); + n &= 0x1ff; + n += 1024; + + if (RSA_generate_key_ex(rsa, n, e, &cb) != 1) + errx(1, "RSA_generate_key_ex"); + + BN_free(e); + + for (j = 0; j < 8; j++) { + unsigned char sha1[20]; + RAND_bytes(sha1, sizeof(sha1)); + check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING); + } + + RSA_free(rsa); + } + + ENGINE_finish(engine); + + return 0; +} diff --git a/lib/hcrypto/ui.c b/lib/hcrypto/ui.c new file mode 100644 index 000000000000..d0714fe6d553 --- /dev/null +++ b/lib/hcrypto/ui.c @@ -0,0 +1,217 @@ +/* + * Copyright (c) 1997 - 2000, 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include +#ifdef HAVE_TERMIOS_H +#include +#endif +#include + +#include +#ifdef HAVE_CONIO_H +#include +#endif + +static sig_atomic_t intr_flag; + +static void +intr(int sig) +{ + intr_flag++; +} + +#ifdef HAVE_CONIO_H + +/* + * Windows does console slightly different then then unix case. + */ + +static int +read_string(const char *preprompt, const char *prompt, + char *buf, size_t len, int echo) +{ + int of = 0; + int c; + char *p; + void (*oldsigintr)(int); + + _cprintf("%s%s", preprompt, prompt); + + oldsigintr = signal(SIGINT, intr); + + p = buf; + while(intr_flag == 0){ + c = ((echo)? _getche(): _getch()); + if(c == '\n' || c == '\r') + break; + if(of == 0) + *p++ = c; + of = (p == buf + len); + } + if(of) + p--; + *p = 0; + + if(echo == 0){ + printf("\n"); + } + + signal(SIGINT, oldsigintr); + + if(intr_flag) + return -2; + if(of) + return -1; + return 0; +} + +#else /* !HAVE_CONIO_H */ + +#ifndef NSIG +#define NSIG 47 +#endif + +static int +read_string(const char *preprompt, const char *prompt, + char *buf, size_t len, int echo) +{ + struct sigaction sigs[NSIG]; + int oksigs[NSIG]; + struct sigaction sa; + FILE *tty; + int ret = 0; + int of = 0; + int i; + int c; + char *p; + + struct termios t_new, t_old; + + memset(&oksigs, 0, sizeof(oksigs)); + + memset(&sa, 0, sizeof(sa)); + sa.sa_handler = intr; + sigemptyset(&sa.sa_mask); + sa.sa_flags = 0; + for(i = 1; i < sizeof(sigs) / sizeof(sigs[0]); i++) + if (i != SIGALRM) + if (sigaction(i, &sa, &sigs[i]) == 0) + oksigs[i] = 1; + + if((tty = fopen("/dev/tty", "r")) != NULL) + rk_cloexec_file(tty); + else + tty = stdin; + + fprintf(stderr, "%s%s", preprompt, prompt); + fflush(stderr); + + if(echo == 0){ + tcgetattr(fileno(tty), &t_old); + memcpy(&t_new, &t_old, sizeof(t_new)); + t_new.c_lflag &= ~ECHO; + tcsetattr(fileno(tty), TCSANOW, &t_new); + } + intr_flag = 0; + p = buf; + while(intr_flag == 0){ + c = getc(tty); + if(c == EOF){ + if(!ferror(tty)) + ret = 1; + break; + } + if(c == '\n') + break; + if(of == 0) + *p++ = c; + of = (p == buf + len); + } + if(of) + p--; + *p = 0; + + if(echo == 0){ + fprintf(stderr, "\n"); + tcsetattr(fileno(tty), TCSANOW, &t_old); + } + + if(tty != stdin) + fclose(tty); + + for(i = 1; i < sizeof(sigs) / sizeof(sigs[0]); i++) + if (oksigs[i]) + sigaction(i, &sigs[i], NULL); + + if(ret) + return -3; + if(intr_flag) + return -2; + if(of) + return -1; + return 0; +} + +#endif /* HAVE_CONIO_H */ + +int +UI_UTIL_read_pw_string(char *buf, int length, const char *prompt, int verify) +{ + int ret; + + ret = read_string("", prompt, buf, length, 0); + if (ret) + return ret; + + if (verify) { + char *buf2; + buf2 = malloc(length); + if (buf2 == NULL) + return 1; + + ret = read_string("Verify password - ", prompt, buf2, length, 0); + if (ret) { + free(buf2); + return ret; + } + if (strcmp(buf2, buf) != 0) + ret = 1; + free(buf2); + } + return ret; +} diff --git a/lib/hcrypto/ui.h b/lib/hcrypto/ui.h new file mode 100644 index 000000000000..6b4d6d8c4d5e --- /dev/null +++ b/lib/hcrypto/ui.h @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef _HEIM_UI_H +#define _HEIM_UI_H 1 + +/* symbol renaming */ +#define UI_UTIL_read_pw_string hc_UI_UTIL_read_pw_string + +int UI_UTIL_read_pw_string(char *, int, const char *, int); /* XXX */ + +#endif /* _HEIM_UI_H */ + diff --git a/lib/hcrypto/validate.c b/lib/hcrypto/validate.c new file mode 100644 index 000000000000..48b9bfc6e352 --- /dev/null +++ b/lib/hcrypto/validate.c @@ -0,0 +1,307 @@ +/* + * Copyright (c) 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include +#include +#include + +#include +#include +#include + +struct tests { + const EVP_CIPHER *(*cipher)(void); + const char *name; + void *key; + size_t keysize; + void *iv; + size_t datasize; + void *indata; + void *outdata; + void *outiv; +}; + +struct tests tests[] = { + { + EVP_aes_256_cbc, + "aes-256", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 32, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\xdc\x95\xc0\x78\xa2\x40\x89\x89\xad\x48\xa2\x14\x92\x84\x20\x87" + }, +#if 0 + { + EVP_aes_128_cfb8, + "aes-cfb8-128", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x66\xe9\x4b\xd4\xef\x8a\x2c\x3b\x88\x4c\xfa\x59\xca\x34\x2b\x2e" + }, +#endif + { + EVP_des_ede3_cbc, + "des-ede3", + "\x19\x17\xff\xe6\xbb\x77\x2e\xfc" + "\x29\x76\x43\xbc\x63\x56\x7e\x9a" + "\x00\x2e\x4d\x43\x1d\x5f\xfd\x58", + 24, + "\xbf\x9a\x12\xb7\x26\x69\xfd\x05", + 16, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x55\x95\x97\x76\xa9\x6c\x66\x40\x64\xc7\xf4\x1c\x21\xb7\x14\x1b" + }, +#if 0 + { + EVP_camellia_128_cbc, + "camellia128", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 16, + "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x07\x92\x3A\x39\xEB\x0A\x81\x7D\x1C\x4D\x87\xBD\xB8\x2D\x1F\x1C", + NULL + }, +#endif + { + EVP_rc4, + "rc4 8", + "\x01\x23\x45\x67\x89\xAB\xCD\xEF", + 8, + NULL, + 8, + "\x00\x00\x00\x00\x00\x00\x00\x00", + "\x74\x94\xC2\xE7\x10\x4B\x08\x79", + NULL + }, + { + EVP_rc4, + "rc4 5", + "\x61\x8a\x63\xd2\xfb", + 5, + NULL, + 5, + "\xdc\xee\x4c\xf9\x2c", + "\xf1\x38\x29\xc9\xde", + NULL + }, + { + EVP_rc4, + "rc4 309", + "\x29\x04\x19\x72\xfb\x42\xba\x5f\xc7\x12\x77\x12\xf1\x38\x29\xc9", + 16, + NULL, + 309, + "\x52\x75\x69\x73\x6c\x69\x6e\x6e" + "\x75\x6e\x20\x6c\x61\x75\x6c\x75" + "\x20\x6b\x6f\x72\x76\x69\x73\x73" + "\x73\x61\x6e\x69\x2c\x20\x74\xe4" + "\x68\x6b\xe4\x70\xe4\x69\x64\x65" + "\x6e\x20\x70\xe4\xe4\x6c\x6c\xe4" + "\x20\x74\xe4\x79\x73\x69\x6b\x75" + "\x75\x2e\x20\x4b\x65\x73\xe4\x79" + "\xf6\x6e\x20\x6f\x6e\x20\x6f\x6e" + "\x6e\x69\x20\x6f\x6d\x61\x6e\x61" + "\x6e\x69\x2c\x20\x6b\x61\x73\x6b" + "\x69\x73\x61\x76\x75\x75\x6e\x20" + "\x6c\x61\x61\x6b\x73\x6f\x74\x20" + "\x76\x65\x72\x68\x6f\x75\x75\x2e" + "\x20\x45\x6e\x20\x6d\x61\x20\x69" + "\x6c\x6f\x69\x74\x73\x65\x2c\x20" + "\x73\x75\x72\x65\x20\x68\x75\x6f" + "\x6b\x61\x61\x2c\x20\x6d\x75\x74" + "\x74\x61\x20\x6d\x65\x74\x73\xe4" + "\x6e\x20\x74\x75\x6d\x6d\x75\x75" + "\x73\x20\x6d\x75\x6c\x6c\x65\x20" + "\x74\x75\x6f\x6b\x61\x61\x2e\x20" + "\x50\x75\x75\x6e\x74\x6f\x20\x70" + "\x69\x6c\x76\x65\x6e\x2c\x20\x6d" + "\x69\x20\x68\x75\x6b\x6b\x75\x75" + "\x2c\x20\x73\x69\x69\x6e\x74\x6f" + "\x20\x76\x61\x72\x61\x6e\x20\x74" + "\x75\x75\x6c\x69\x73\x65\x6e\x2c" + "\x20\x6d\x69\x20\x6e\x75\x6b\x6b" + "\x75\x75\x2e\x20\x54\x75\x6f\x6b" + "\x73\x75\x74\x20\x76\x61\x6e\x61" + "\x6d\x6f\x6e\x20\x6a\x61\x20\x76" + "\x61\x72\x6a\x6f\x74\x20\x76\x65" + "\x65\x6e\x2c\x20\x6e\x69\x69\x73" + "\x74\xe4\x20\x73\x79\x64\xe4\x6d" + "\x65\x6e\x69\x20\x6c\x61\x75\x6c" + "\x75\x6e\x20\x74\x65\x65\x6e\x2e" + "\x20\x2d\x20\x45\x69\x6e\x6f\x20" + "\x4c\x65\x69\x6e\x6f", + "\x35\x81\x86\x99\x90\x01\xe6\xb5" + "\xda\xf0\x5e\xce\xeb\x7e\xee\x21" + "\xe0\x68\x9c\x1f\x00\xee\xa8\x1f" + "\x7d\xd2\xca\xae\xe1\xd2\x76\x3e" + "\x68\xaf\x0e\xad\x33\xd6\x6c\x26" + "\x8b\xc9\x46\xc4\x84\xfb\xe9\x4c" + "\x5f\x5e\x0b\x86\xa5\x92\x79\xe4" + "\xf8\x24\xe7\xa6\x40\xbd\x22\x32" + "\x10\xb0\xa6\x11\x60\xb7\xbc\xe9" + "\x86\xea\x65\x68\x80\x03\x59\x6b" + "\x63\x0a\x6b\x90\xf8\xe0\xca\xf6" + "\x91\x2a\x98\xeb\x87\x21\x76\xe8" + "\x3c\x20\x2c\xaa\x64\x16\x6d\x2c" + "\xce\x57\xff\x1b\xca\x57\xb2\x13" + "\xf0\xed\x1a\xa7\x2f\xb8\xea\x52" + "\xb0\xbe\x01\xcd\x1e\x41\x28\x67" + "\x72\x0b\x32\x6e\xb3\x89\xd0\x11" + "\xbd\x70\xd8\xaf\x03\x5f\xb0\xd8" + "\x58\x9d\xbc\xe3\xc6\x66\xf5\xea" + "\x8d\x4c\x79\x54\xc5\x0c\x3f\x34" + "\x0b\x04\x67\xf8\x1b\x42\x59\x61" + "\xc1\x18\x43\x07\x4d\xf6\x20\xf2" + "\x08\x40\x4b\x39\x4c\xf9\xd3\x7f" + "\xf5\x4b\x5f\x1a\xd8\xf6\xea\x7d" + "\xa3\xc5\x61\xdf\xa7\x28\x1f\x96" + "\x44\x63\xd2\xcc\x35\xa4\xd1\xb0" + "\x34\x90\xde\xc5\x1b\x07\x11\xfb" + "\xd6\xf5\x5f\x79\x23\x4d\x5b\x7c" + "\x76\x66\x22\xa6\x6d\xe9\x2b\xe9" + "\x96\x46\x1d\x5e\x4d\xc8\x78\xef" + "\x9b\xca\x03\x05\x21\xe8\x35\x1e" + "\x4b\xae\xd2\xfd\x04\xf9\x46\x73" + "\x68\xc4\xad\x6a\xc1\x86\xd0\x82" + "\x45\xb2\x63\xa2\x66\x6d\x1f\x6c" + "\x54\x20\xf1\x59\x9d\xfd\x9f\x43" + "\x89\x21\xc2\xf5\xa4\x63\x93\x8c" + "\xe0\x98\x22\x65\xee\xf7\x01\x79" + "\xbc\x55\x3f\x33\x9e\xb1\xa4\xc1" + "\xaf\x5f\x6a\x54\x7f" + } +}; + +static int +test_cipher(struct tests *t) +{ + const EVP_CIPHER *c = t->cipher(); + EVP_CIPHER_CTX ectx; + EVP_CIPHER_CTX dctx; + void *d; + + EVP_CIPHER_CTX_init(&ectx); + EVP_CIPHER_CTX_init(&dctx); + + if (EVP_CipherInit_ex(&ectx, c, NULL, NULL, NULL, 1) != 1) + errx(1, "%s: EVP_CipherInit_ex einit", t->name); + if (EVP_CipherInit_ex(&dctx, c, NULL, NULL, NULL, 0) != 1) + errx(1, "%s: EVP_CipherInit_ex dinit", t->name); + + EVP_CIPHER_CTX_set_key_length(&ectx, t->keysize); + EVP_CIPHER_CTX_set_key_length(&dctx, t->keysize); + + if (EVP_CipherInit_ex(&ectx, NULL, NULL, t->key, t->iv, 1) != 1) + errx(1, "%s: EVP_CipherInit_ex encrypt", t->name); + if (EVP_CipherInit_ex(&dctx, NULL, NULL, t->key, t->iv, 0) != 1) + errx(1, "%s: EVP_CipherInit_ex decrypt", t->name); + + d = emalloc(t->datasize); + + if (!EVP_Cipher(&ectx, d, t->indata, t->datasize)) + return 1; + + if (memcmp(d, t->outdata, t->datasize) != 0) + errx(1, "%s: encrypt not the same", t->name); + + if (!EVP_Cipher(&dctx, d, d, t->datasize)) + return 1; + + if (memcmp(d, t->indata, t->datasize) != 0) + errx(1, "%s: decrypt not the same", t->name); + + if (t->outiv) + /* XXXX check */; + + EVP_CIPHER_CTX_cleanup(&ectx); + EVP_CIPHER_CTX_cleanup(&dctx); + free(d); + + return 0; +} + +static void +check_hmac(void) +{ + unsigned char buf[4] = { 0, 0, 0, 0 }; + char hmackey[] = "hello-world"; + size_t hmackey_size = sizeof(hmackey); + unsigned int hmaclen; + unsigned char hmac[EVP_MAX_MD_SIZE]; + HMAC_CTX c; + + char answer[20] = "\x2c\xfa\x32\xb7\x2b\x8a\xf6\xdf\xcf\xda" + "\x6f\xd1\x52\x4d\x54\x58\x73\x0f\xf3\x24"; + + HMAC_CTX_init(&c); + HMAC_Init_ex(&c, hmackey, hmackey_size, EVP_sha1(), NULL); + HMAC_Update(&c, buf, sizeof(buf)); + HMAC_Final(&c, hmac, &hmaclen); + HMAC_CTX_cleanup(&c); + + if (hmaclen != 20) + errx(1, "hmaclen = %d\n", (int)hmaclen); + + if (ct_memcmp(hmac, answer, hmaclen) != 0) + errx(1, "wrong answer\n"); +} + +void +hcrypto_validate(void) +{ + static int validated = 0; + unsigned int i; + + /* its ok to run this twice, do don't check for races */ + if (validated) + return; + validated++; + + for (i = 0; i < sizeof(tests) / sizeof(tests[0]); i++) + test_cipher(&tests[i]); + + check_hmac(); +} diff --git a/lib/hcrypto/version-script.map b/lib/hcrypto/version-script.map new file mode 100644 index 000000000000..6985d1b9e226 --- /dev/null +++ b/lib/hcrypto/version-script.map @@ -0,0 +1,299 @@ +# $Id$ + +HEIMDAL_CRYPTO_1.0 { + global: + hc_AES_cbc_encrypt; + hc_AES_cfb8_encrypt; + hc_AES_decrypt; + hc_AES_decrypt_key; + hc_BN_CTX_end; + hc_BN_CTX_free; + hc_BN_CTX_get; + hc_BN_CTX_new; + hc_BN_CTX_start; + hc_AES_encrypt; + hc_AES_set_encrypt_key; + hc_BN_GENCB_call; + hc_BN_GENCB_set; + hc_BN_bin2bn; + hc_BN_bn2bin; + hc_BN_bn2hex; + hc_BN_clear; + hc_BN_clear_bit; + hc_BN_clear_free; + hc_BN_cmp; + hc_BN_dup; + hc_BN_free; + hc_BN_get_word; + hc_BN_hex2bn; + hc_BN_is_bit_set; + hc_BN_is_negative; + hc_BN_new; + hc_BN_num_bits; + hc_BN_num_bytes; + hc_BN_rand; + hc_BN_set_bit; + hc_BN_set_negative; + hc_BN_set_word; + hc_BN_uadd; + hc_DES_cbc_cksum; + hc_DES_cbc_encrypt; + hc_DES_cfb64_encrypt; + hc_DES_check_key_parity; + hc_DES_ecb3_encrypt; + hc_DES_ecb_encrypt; + hc_DES_ede3_cbc_encrypt; + hc_DES_encrypt; + hc_DES_generate_random_block; + hc_DES_init_random_number_generator; + hc_DES_is_weak_key; + hc_DES_key_sched; + hc_DES_mem_rand8; + hc_DES_new_random_key; + hc_DES_pcbc_encrypt; + hc_DES_rand_data; + hc_DES_rand_data_key; + hc_DES_random_key; + hc_DES_read_password; + hc_DES_set_key; + hc_DES_set_key_checked; + hc_DES_set_key_unchecked; + hc_DES_set_odd_parity; + hc_DES_set_random_generator_seed; + hc_DES_set_sequence_number; + hc_DES_string_to_key; + hc_DH_check_pubkey; + hc_DH_compute_key; + hc_DH_free; + hc_DH_generate_key; + hc_DH_generate_parameters_ex; + hc_DH_get_default_method; + hc_DH_get_ex_data; + hc_DH_ltm_method; + hc_DH_gmp_method; + hc_DH_new; + hc_DH_new_method; + hc_DH_null_method; + hc_DH_set_default_method; + hc_DH_set_ex_data; + hc_DH_set_method; + hc_DH_size; + hc_DH_up_ref; + hc_DSA_free; + hc_DSA_get_default_method; + hc_DSA_new; + hc_DSA_null_method; + hc_DSA_set_default_method; + hc_DSA_up_ref; + hc_DSA_verify; + hc_ENGINE_new; + hc_ENGINE_free; + hc_ENGINE_add_conf_module; + hc_ENGINE_by_dso; + hc_ENGINE_by_id; + hc_ENGINE_finish; + hc_ENGINE_get_DH; + hc_ENGINE_get_RAND; + hc_ENGINE_get_RSA; + hc_ENGINE_get_default_DH; + hc_ENGINE_get_default_RSA; + hc_ENGINE_get_id; + hc_ENGINE_get_name; + hc_ENGINE_load_builtin_engines; + hc_ENGINE_set_DH; + hc_ENGINE_set_RSA; + hc_ENGINE_set_default_DH; + hc_ENGINE_set_default_RSA; + hc_ENGINE_set_destroy_function; + hc_ENGINE_set_id; + hc_ENGINE_set_name; + hc_ENGINE_up_ref; + hc_EVP_BytesToKey; + hc_EVP_CIPHER_CTX_block_size; + hc_EVP_CIPHER_CTX_cipher; + hc_EVP_CIPHER_CTX_cleanup; + hc_EVP_CIPHER_CTX_flags; + hc_EVP_CIPHER_CTX_get_app_data; + hc_EVP_CIPHER_CTX_init; + hc_EVP_CIPHER_CTX_iv_length; + hc_EVP_CIPHER_CTX_key_length; + hc_EVP_CIPHER_CTX_mode; + hc_EVP_CIPHER_CTX_set_app_data; + hc_EVP_CIPHER_block_size; + hc_EVP_CIPHER_iv_length; + hc_EVP_CIPHER_key_length; + hc_EVP_Cipher; + hc_EVP_CipherInit_ex; + hc_EVP_Digest; + hc_EVP_DigestFinal_ex; + hc_EVP_DigestInit_ex; + hc_EVP_DigestUpdate; + hc_EVP_MD_CTX_block_size; + hc_EVP_MD_CTX_cleanup; + hc_EVP_MD_CTX_cleanup; + hc_EVP_MD_CTX_create; + hc_EVP_MD_CTX_create; + hc_EVP_MD_CTX_destroy; + hc_EVP_MD_CTX_destroy; + hc_EVP_MD_CTX_init; + hc_EVP_MD_CTX_init; + hc_EVP_MD_CTX_md; + hc_EVP_MD_CTX_size; + hc_EVP_MD_block_size; + hc_EVP_MD_size; + hc_EVP_aes_128_cbc; + hc_EVP_aes_192_cbc; + hc_EVP_aes_256_cbc; + hc_EVP_aes_128_cfb8; + hc_EVP_aes_192_cfb8; + hc_EVP_aes_256_cfb8; + hc_EVP_des_cbc; + hc_EVP_des_ede3_cbc; + hc_EVP_camellia_128_cbc; + hc_EVP_camellia_192_cbc; + hc_EVP_camellia_256_cbc; + hc_EVP_enc_null; + hc_EVP_get_cipherbyname; + hc_EVP_md2; + hc_EVP_md4; + hc_EVP_md5; + hc_EVP_md_null; + hc_EVP_rc2_40_cbc; + hc_EVP_rc2_64_cbc; + hc_EVP_rc2_cbc; + hc_EVP_rc4; + hc_EVP_rc4_40; + hc_EVP_sha; + hc_EVP_sha1; + hc_EVP_sha256; + hc_EVP_sha384; + hc_EVP_sha512; + + hc_EVP_cc_md2; + hc_EVP_cc_md4; + hc_EVP_cc_md5; + hc_EVP_cc_sha1; + hc_EVP_cc_sha256; + hc_EVP_cc_des_ede3_cbc; + hc_EVP_cc_aes_128_cbc; + hc_EVP_cc_aes_192_cbc; + hc_EVP_cc_aes_256_cbc; + hc_EVP_cc_aes_128_cfb8; + hc_EVP_cc_aes_192_cfb8; + hc_EVP_cc_aes_256_cfb8; + + hc_EVP_hcrypto_md2; + hc_EVP_hcrypto_md4; + hc_EVP_hcrypto_md5; + hc_EVP_hcrypto_sha1; + hc_EVP_hcrypto_sha256; + hc_EVP_hcrypto_sha384; + hc_EVP_hcrypto_sha512; + hc_EVP_hcrypto_des_ede3_cbc; + hc_EVP_hcrypto_aes_128_cbc; + hc_EVP_hcrypto_aes_192_cbc; + hc_EVP_hcrypto_aes_256_cbc; + hc_EVP_hcrypto_aes_128_cfb8; + hc_EVP_hcrypto_aes_192_cfb8; + hc_EVP_hcrypto_aes_256_cfb8; + hc_EVP_hcrypto_rc4; + hc_EVP_hcrypto_rc4_40; + + hc_EVP_hcrypto_aes_128_cts; + hc_EVP_hcrypto_aes_192_cts; + hc_EVP_hcrypto_aes_256_cts; + hc_HMAC; + hc_HMAC_CTX_cleanup; + hc_HMAC_CTX_init; + hc_HMAC_Final; + hc_HMAC_Init_ex; + hc_HMAC_Update; + hc_HMAC_size; + hc_MD2_Final; + hc_MD2_Init; + hc_MD2_Update; + hc_MD4_Final; + hc_MD4_Init; + hc_MD4_Update; + hc_MD5_Final; + hc_MD5_Init; + hc_MD5_Update; + hc_OpenSSL_add_all_algorithms; + hc_OpenSSL_add_all_algorithms_conf; + hc_OpenSSL_add_all_algorithms_noconf; + hc_PKCS12_key_gen; + hc_PKCS5_PBKDF2_HMAC_SHA1; + hc_RAND_add; + hc_RAND_bytes; + hc_RAND_cleanup; + hc_RAND_egd; + hc_RAND_egd_bytes; + hc_RAND_egd_method; + hc_RAND_file_name; + hc_RAND_fortuna_method; + hc_RAND_get_rand_method; + hc_RAND_load_file; + hc_RAND_pseudo_bytes; + hc_RAND_seed; + hc_RAND_set_rand_engine; + hc_RAND_set_rand_method; + hc_RAND_status; + hc_RAND_unix_method; + hc_RAND_timer_method; + hc_RAND_write_file; + hc_RC2_cbc_encrypt; + hc_RC2_decryptc; + hc_RC2_encryptc; + hc_RC2_set_key; + hc_RC4; + hc_RC4_set_key; + hc_RSA_check_key; + hc_RSA_free; + hc_RSA_generate_key_ex; + hc_RSA_get_app_data; + hc_RSA_get_default_method; + hc_RSA_get_method; + hc_RSA_new; + hc_RSA_new_method; + hc_RSA_null_method; + hc_RSA_private_decrypt; + hc_RSA_private_encrypt; + hc_RSA_public_decrypt; + hc_RSA_public_encrypt; + hc_RSA_set_app_data; + hc_RSA_set_default_method; + hc_RSA_set_method; + hc_RSA_sign; + hc_RSA_size; + hc_RSA_up_ref; + hc_RSA_verify; + hc_SHA1_Final; + hc_SHA1_Init; + hc_SHA1_Update; + hc_SHA256_Final; + hc_SHA256_Init; + hc_SHA256_Update; + hc_SHA384_Final; + hc_SHA384_Init; + hc_SHA384_Update; + hc_SHA512_Final; + hc_SHA512_Init; + hc_SHA512_Update; + hc_UI_UTIL_read_pw_string; + hc_UI_UTIL_read_pw_string; + hc_i2d_DHparams; + hc_d2i_RSAPrivateKey; + hc_i2d_RSAPrivateKey; + hc_i2d_RSAPublicKey; + hc_d2i_RSAPublicKey; + hc_EVP_CIPHER_CTX_ctrl; + hc_EVP_CIPHER_CTX_rand_key; + hc_EVP_CIPHER_CTX_set_key_length; + hc_EVP_hcrypto_rc2_40_cbc; + hc_EVP_hcrypto_camellia_128_cbc; + hc_EVP_CipherUpdate; + hc_EVP_CipherFinal_ex; + hc_hcrypto_validate; + local: + *; +}; diff --git a/lib/hdb/Makefile.am b/lib/hdb/Makefile.am index f66cd06fec05..b629f56258d2 100644 --- a/lib/hdb/Makefile.am +++ b/lib/hdb/Makefile.am @@ -1,8 +1,15 @@ -# $Id: Makefile.am 22490 2008-01-21 11:49:33Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common AM_CPPFLAGS += -I../asn1 -I$(srcdir)/../asn1 $(INCLUDE_hcrypto) +AM_CPPFLAGS += $(INCLUDE_openldap) -DHDB_DB_DIR=\"$(DIR_hdbdir)\" +AM_CPPFLAGS += -I$(srcdir)/../krb5 +AM_CPPFLAGS += $(INCLUDE_sqlite3) +AM_CPPFLAGS += $(INCLUDE_libintl) +if HAVE_DBHEADER +AM_CPPFLAGS += -I$(DBHEADER) +endif BUILT_SOURCES = \ $(gen_files_hdb:.x=.c) \ @@ -16,6 +23,7 @@ gen_files_hdb = \ asn1_HDBFlags.x \ asn1_GENERATION.x \ asn1_HDB_Ext_PKINIT_acl.x \ + asn1_HDB_Ext_PKINIT_cert.x \ asn1_HDB_Ext_PKINIT_hash.x \ asn1_HDB_Ext_Constrained_delegation_acl.x \ asn1_HDB_Ext_Lan_Manager_OWF.x \ @@ -24,27 +32,33 @@ gen_files_hdb = \ asn1_HDB_extension.x \ asn1_HDB_extensions.x \ asn1_hdb_entry.x \ - asn1_hdb_entry_alias.x + asn1_hdb_entry_alias.x \ + asn1_hdb_keyset.x -CLEANFILES = $(BUILT_SOURCES) $(gen_files_hdb) hdb_asn1.h hdb_asn1_files +CLEANFILES = $(BUILT_SOURCES) $(gen_files_hdb) \ + hdb_asn1{,-priv}.h* hdb_asn1_files hdb_asn1-template.c* LDADD = libhdb.la \ $(LIB_openldap) \ + $(LIB_libintl) \ ../krb5/libkrb5.la \ ../asn1/libasn1.la \ $(LIB_hcrypto) \ $(LIB_roken) \ $(LIB_ldopen) + if OPENLDAP_MODULE ldap_so = hdb_ldap.la hdb_ldap_la_SOURCES = hdb-ldap.c -hdb_ldap_la_LDFLAGS = -module +hdb_ldap_la_LDFLAGS = -module -avoid-version +hdb_ldap_la_LIBADD = $(LIB_openldap) libhdb.la else ldap = hdb-ldap.c +ldap_lib = $(LIB_openldap) endif @@ -52,7 +66,11 @@ endif lib_LTLIBRARIES = libhdb.la $(ldap_so) libhdb_la_LDFLAGS = -version-info 11:0:2 -noinst_PROGRAMS = test_dbinfo +if versionscript +libhdb_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map +endif + +noinst_PROGRAMS = test_dbinfo test_hdbkeys test_mkey dist_libhdb_la_SOURCES = \ common.c \ @@ -61,6 +79,9 @@ dist_libhdb_la_SOURCES = \ ext.c \ $(ldap) \ hdb.c \ + hdb-sqlite.c \ + hdb-keytab.c \ + hdb-mitdb.c \ hdb_locl.h \ hdb-private.h \ keys.c \ @@ -72,24 +93,24 @@ dist_libhdb_la_SOURCES = \ nodist_libhdb_la_SOURCES = $(BUILT_SOURCES) -AM_CPPFLAGS += $(INCLUDE_openldap) +libhdb_la_DEPENDENCIES = version-script.map include_HEADERS = hdb.h hdb-protos.h nodist_include_HEADERS = hdb_err.h hdb_asn1.h -libhdb_la_CPPFLAGS = -DHDB_DB_DIR=\"$(DIR_hdbdir)\" - libhdb_la_LIBADD = \ $(LIB_com_err) \ ../krb5/libkrb5.la \ ../asn1/libasn1.la \ + $(LIB_sqlite3) \ $(LIBADD_roken) \ - $(LIB_openldap) \ + $(ldap_lib) \ $(LIB_dlopen) \ $(DBLIB) \ $(LIB_NDBM) $(libhdb_la_OBJECTS): $(srcdir)/hdb-protos.h $(srcdir)/hdb-private.h +$(libhdb_la_OBJECTS): hdb_asn1.h hdb_asn1-priv.h hdb_err.h $(srcdir)/hdb-protos.h: cd $(srcdir); perl ../../cf/make-proto.pl -q -P comment -o hdb-protos.h $(dist_libhdb_la_SOURCES) || rm -f hdb-protos.h @@ -97,19 +118,27 @@ $(srcdir)/hdb-protos.h: $(srcdir)/hdb-private.h: cd $(srcdir); perl ../../cf/make-proto.pl -q -P comment -p hdb-private.h $(dist_libhdb_la_SOURCES) || rm -f hdb-private.h -$(gen_files_hdb) hdb_asn1.h: hdb_asn1_files +$(gen_files_hdb) hdb_asn1.hx hdb_asn1-priv.hx: hdb_asn1_files -hdb_asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 - ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 hdb_asn1 - -$(libhdb_la_OBJECTS): hdb_asn1.h hdb_err.h - -test_dbinfo_SOURCES = test_dbinfo.c +hdb_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/hdb.asn1 + $(ASN1_COMPILE) $(srcdir)/hdb.asn1 hdb_asn1 test_dbinfo_LIBS = libhdb.la +test_hdbkeys_LIBS = ../krb5/libkrb5.la libhdb.la +test_mkey_LIBS = $(test_hdbkeys_LIBS) + # to help stupid solaris make hdb_err.h: hdb_err.et -EXTRA_DIST = hdb.asn1 hdb_err.et hdb.schema +EXTRA_DIST = \ + NTMakefile \ + libhdb-version.rc \ + libhdb-exports.def \ + hdb.asn1 \ + hdb_err.et \ + hdb.schema \ + version-script.map \ + data-mkey.mit.des3.le \ + data-mkey.mit.des3.be diff --git a/lib/hdb/Makefile.in b/lib/hdb/Makefile.in index cb0f9169c42d..9fcd77000c47 100644 --- a/lib/hdb/Makefile.in +++ b/lib/hdb/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,18 +15,19 @@ @SET_MAKE@ -# $Id: Makefile.am 22490 2008-01-21 11:49:33Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -43,11 +45,14 @@ host_triplet = @host@ DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ $(top_srcdir)/cf/Makefile.am.common -noinst_PROGRAMS = test_dbinfo$(EXEEXT) +@HAVE_DBHEADER_TRUE@am__append_1 = -I$(DBHEADER) +@versionscript_TRUE@am__append_2 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map +noinst_PROGRAMS = test_dbinfo$(EXEEXT) test_hdbkeys$(EXEEXT) \ + test_mkey$(EXEEXT) subdir = lib/hdb ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -62,7 +67,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -76,9 +81,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -86,23 +94,40 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" \ "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) -hdb_ldap_la_LIBADD = +am__DEPENDENCIES_1 = +@OPENLDAP_MODULE_TRUE@hdb_ldap_la_DEPENDENCIES = \ +@OPENLDAP_MODULE_TRUE@ $(am__DEPENDENCIES_1) libhdb.la am__hdb_ldap_la_SOURCES_DIST = hdb-ldap.c @OPENLDAP_MODULE_TRUE@am_hdb_ldap_la_OBJECTS = hdb-ldap.lo hdb_ldap_la_OBJECTS = $(am_hdb_ldap_la_OBJECTS) @@ -110,33 +135,24 @@ hdb_ldap_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(hdb_ldap_la_LDFLAGS) $(LDFLAGS) -o $@ @OPENLDAP_MODULE_TRUE@am_hdb_ldap_la_rpath = -rpath $(libdir) -am__DEPENDENCIES_1 = -libhdb_la_DEPENDENCIES = $(am__DEPENDENCIES_1) ../krb5/libkrb5.la \ - ../asn1/libasn1.la $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) +@OPENLDAP_MODULE_FALSE@am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1) am__dist_libhdb_la_SOURCES_DIST = common.c db.c db3.c ext.c hdb-ldap.c \ - hdb.c hdb_locl.h hdb-private.h keys.c keytab.c dbinfo.c mkey.c \ - ndbm.c print.c -@OPENLDAP_MODULE_FALSE@am__objects_1 = libhdb_la-hdb-ldap.lo -dist_libhdb_la_OBJECTS = libhdb_la-common.lo libhdb_la-db.lo \ - libhdb_la-db3.lo libhdb_la-ext.lo $(am__objects_1) \ - libhdb_la-hdb.lo libhdb_la-keys.lo libhdb_la-keytab.lo \ - libhdb_la-dbinfo.lo libhdb_la-mkey.lo libhdb_la-ndbm.lo \ - libhdb_la-print.lo -am__objects_2 = libhdb_la-asn1_Salt.lo libhdb_la-asn1_Key.lo \ - libhdb_la-asn1_Event.lo libhdb_la-asn1_HDBFlags.lo \ - libhdb_la-asn1_GENERATION.lo \ - libhdb_la-asn1_HDB_Ext_PKINIT_acl.lo \ - libhdb_la-asn1_HDB_Ext_PKINIT_hash.lo \ - libhdb_la-asn1_HDB_Ext_Constrained_delegation_acl.lo \ - libhdb_la-asn1_HDB_Ext_Lan_Manager_OWF.lo \ - libhdb_la-asn1_HDB_Ext_Password.lo \ - libhdb_la-asn1_HDB_Ext_Aliases.lo \ - libhdb_la-asn1_HDB_extension.lo \ - libhdb_la-asn1_HDB_extensions.lo libhdb_la-asn1_hdb_entry.lo \ - libhdb_la-asn1_hdb_entry_alias.lo -am__objects_3 = $(am__objects_2) libhdb_la-hdb_err.lo + hdb.c hdb-sqlite.c hdb-keytab.c hdb-mitdb.c hdb_locl.h \ + hdb-private.h keys.c keytab.c dbinfo.c mkey.c ndbm.c print.c +@OPENLDAP_MODULE_FALSE@am__objects_1 = hdb-ldap.lo +dist_libhdb_la_OBJECTS = common.lo db.lo db3.lo ext.lo \ + $(am__objects_1) hdb.lo hdb-sqlite.lo hdb-keytab.lo \ + hdb-mitdb.lo keys.lo keytab.lo dbinfo.lo mkey.lo ndbm.lo \ + print.lo +am__objects_2 = asn1_Salt.lo asn1_Key.lo asn1_Event.lo \ + asn1_HDBFlags.lo asn1_GENERATION.lo asn1_HDB_Ext_PKINIT_acl.lo \ + asn1_HDB_Ext_PKINIT_cert.lo asn1_HDB_Ext_PKINIT_hash.lo \ + asn1_HDB_Ext_Constrained_delegation_acl.lo \ + asn1_HDB_Ext_Lan_Manager_OWF.lo asn1_HDB_Ext_Password.lo \ + asn1_HDB_Ext_Aliases.lo asn1_HDB_extension.lo \ + asn1_HDB_extensions.lo asn1_hdb_entry.lo \ + asn1_hdb_entry_alias.lo asn1_hdb_keyset.lo +am__objects_3 = $(am__objects_2) hdb_err.lo nodist_libhdb_la_OBJECTS = $(am__objects_3) libhdb_la_OBJECTS = $(dist_libhdb_la_OBJECTS) \ $(nodist_libhdb_la_OBJECTS) @@ -144,15 +160,27 @@ libhdb_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libhdb_la_LDFLAGS) $(LDFLAGS) -o $@ PROGRAMS = $(noinst_PROGRAMS) -am_test_dbinfo_OBJECTS = test_dbinfo.$(OBJEXT) -test_dbinfo_OBJECTS = $(am_test_dbinfo_OBJECTS) +test_dbinfo_SOURCES = test_dbinfo.c +test_dbinfo_OBJECTS = test_dbinfo.$(OBJEXT) test_dbinfo_LDADD = $(LDADD) test_dbinfo_DEPENDENCIES = libhdb.la $(am__DEPENDENCIES_1) \ - ../krb5/libkrb5.la ../asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = + $(am__DEPENDENCIES_1) ../krb5/libkrb5.la ../asn1/libasn1.la \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +test_hdbkeys_SOURCES = test_hdbkeys.c +test_hdbkeys_OBJECTS = test_hdbkeys.$(OBJEXT) +test_hdbkeys_LDADD = $(LDADD) +test_hdbkeys_DEPENDENCIES = libhdb.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) ../krb5/libkrb5.la ../asn1/libasn1.la \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +test_mkey_SOURCES = test_mkey.c +test_mkey_OBJECTS = test_mkey.$(OBJEXT) +test_mkey_LDADD = $(LDADD) +test_mkey_DEPENDENCIES = libhdb.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) ../krb5/libkrb5.la ../asn1/libasn1.la \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -163,11 +191,11 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(hdb_ldap_la_SOURCES) $(dist_libhdb_la_SOURCES) \ - $(nodist_libhdb_la_SOURCES) $(test_dbinfo_SOURCES) + $(nodist_libhdb_la_SOURCES) test_dbinfo.c test_hdbkeys.c \ + test_mkey.c DIST_SOURCES = $(am__hdb_ldap_la_SOURCES_DIST) \ - $(am__dist_libhdb_la_SOURCES_DIST) $(test_dbinfo_SOURCES) -includeHEADERS_INSTALL = $(INSTALL_HEADER) -nodist_includeHEADERS_INSTALL = $(INSTALL_HEADER) + $(am__dist_libhdb_la_SOURCES_DIST) test_dbinfo.c \ + test_hdbkeys.c test_mkey.c HEADERS = $(include_HEADERS) $(nodist_include_HEADERS) ETAGS = etags CTAGS = ctags @@ -176,49 +204,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -242,10 +279,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -262,6 +300,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -277,31 +317,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -316,10 +370,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -360,30 +416,37 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -I../asn1 \ - -I$(srcdir)/../asn1 $(INCLUDE_hcrypto) $(INCLUDE_openldap) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) -I../asn1 -I$(srcdir)/../asn1 \ + $(INCLUDE_hcrypto) $(INCLUDE_openldap) \ + -DHDB_DB_DIR=\"$(DIR_hdbdir)\" -I$(srcdir)/../krb5 \ + $(INCLUDE_sqlite3) $(INCLUDE_libintl) $(am__append_1) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la BUILT_SOURCES = \ $(gen_files_hdb:.x=.c) \ @@ -397,6 +460,7 @@ gen_files_hdb = \ asn1_HDBFlags.x \ asn1_GENERATION.x \ asn1_HDB_Ext_PKINIT_acl.x \ + asn1_HDB_Ext_PKINIT_cert.x \ asn1_HDB_Ext_PKINIT_hash.x \ asn1_HDB_Ext_Constrained_delegation_acl.x \ asn1_HDB_Ext_Lan_Manager_OWF.x \ @@ -405,11 +469,15 @@ gen_files_hdb = \ asn1_HDB_extension.x \ asn1_HDB_extensions.x \ asn1_hdb_entry.x \ - asn1_hdb_entry_alias.x + asn1_hdb_entry_alias.x \ + asn1_hdb_keyset.x + +CLEANFILES = $(BUILT_SOURCES) $(gen_files_hdb) \ + hdb_asn1{,-priv}.h* hdb_asn1_files hdb_asn1-template.c* -CLEANFILES = $(BUILT_SOURCES) $(gen_files_hdb) hdb_asn1.h hdb_asn1_files LDADD = libhdb.la \ $(LIB_openldap) \ + $(LIB_libintl) \ ../krb5/libkrb5.la \ ../asn1/libasn1.la \ $(LIB_hcrypto) \ @@ -418,10 +486,12 @@ LDADD = libhdb.la \ @OPENLDAP_MODULE_TRUE@ldap_so = hdb_ldap.la @OPENLDAP_MODULE_TRUE@hdb_ldap_la_SOURCES = hdb-ldap.c -@OPENLDAP_MODULE_TRUE@hdb_ldap_la_LDFLAGS = -module +@OPENLDAP_MODULE_TRUE@hdb_ldap_la_LDFLAGS = -module -avoid-version +@OPENLDAP_MODULE_TRUE@hdb_ldap_la_LIBADD = $(LIB_openldap) libhdb.la @OPENLDAP_MODULE_FALSE@ldap = hdb-ldap.c +@OPENLDAP_MODULE_FALSE@ldap_lib = $(LIB_openldap) lib_LTLIBRARIES = libhdb.la $(ldap_so) -libhdb_la_LDFLAGS = -version-info 11:0:2 +libhdb_la_LDFLAGS = -version-info 11:0:2 $(am__append_2) dist_libhdb_la_SOURCES = \ common.c \ db.c \ @@ -429,6 +499,9 @@ dist_libhdb_la_SOURCES = \ ext.c \ $(ldap) \ hdb.c \ + hdb-sqlite.c \ + hdb-keytab.c \ + hdb-mitdb.c \ hdb_locl.h \ hdb-private.h \ keys.c \ @@ -439,39 +512,51 @@ dist_libhdb_la_SOURCES = \ print.c nodist_libhdb_la_SOURCES = $(BUILT_SOURCES) +libhdb_la_DEPENDENCIES = version-script.map include_HEADERS = hdb.h hdb-protos.h nodist_include_HEADERS = hdb_err.h hdb_asn1.h -libhdb_la_CPPFLAGS = -DHDB_DB_DIR=\"$(DIR_hdbdir)\" libhdb_la_LIBADD = \ $(LIB_com_err) \ ../krb5/libkrb5.la \ ../asn1/libasn1.la \ + $(LIB_sqlite3) \ $(LIBADD_roken) \ - $(LIB_openldap) \ + $(ldap_lib) \ $(LIB_dlopen) \ $(DBLIB) \ $(LIB_NDBM) -test_dbinfo_SOURCES = test_dbinfo.c test_dbinfo_LIBS = libhdb.la -EXTRA_DIST = hdb.asn1 hdb_err.et hdb.schema +test_hdbkeys_LIBS = ../krb5/libkrb5.la libhdb.la +test_mkey_LIBS = $(test_hdbkeys_LIBS) +EXTRA_DIST = \ + NTMakefile \ + libhdb-version.rc \ + libhdb-exports.def \ + hdb.asn1 \ + hdb_err.et \ + hdb.schema \ + version-script.map \ + data-mkey.mit.des3.le \ + data-mkey.mit.des3.be + all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/hdb/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/hdb/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/hdb/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/hdb/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -489,23 +574,28 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -522,14 +612,22 @@ libhdb.la: $(libhdb_la_OBJECTS) $(libhdb_la_DEPENDENCIES) $(libhdb_la_LINK) -rpath $(libdir) $(libhdb_la_OBJECTS) $(libhdb_la_LIBADD) $(LIBS) clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list test_dbinfo$(EXEEXT): $(test_dbinfo_OBJECTS) $(test_dbinfo_DEPENDENCIES) @rm -f test_dbinfo$(EXEEXT) $(LINK) $(test_dbinfo_OBJECTS) $(test_dbinfo_LDADD) $(LIBS) +test_hdbkeys$(EXEEXT): $(test_hdbkeys_OBJECTS) $(test_hdbkeys_DEPENDENCIES) + @rm -f test_hdbkeys$(EXEEXT) + $(LINK) $(test_hdbkeys_OBJECTS) $(test_hdbkeys_LDADD) $(LIBS) +test_mkey$(EXEEXT): $(test_mkey_OBJECTS) $(test_mkey_DEPENDENCIES) + @rm -f test_mkey$(EXEEXT) + $(LINK) $(test_mkey_OBJECTS) $(test_mkey_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -537,98 +635,63 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_Event.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_GENERATION.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_HDBFlags.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_HDB_Ext_Aliases.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_HDB_Ext_Constrained_delegation_acl.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_HDB_Ext_Lan_Manager_OWF.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_HDB_Ext_PKINIT_acl.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_HDB_Ext_PKINIT_cert.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_HDB_Ext_PKINIT_hash.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_HDB_Ext_Password.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_HDB_extension.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_HDB_extensions.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_Key.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_Salt.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_hdb_entry.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_hdb_entry_alias.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_hdb_keyset.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/common.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/db.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/db3.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dbinfo.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ext.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hdb-keytab.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hdb-ldap.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hdb-mitdb.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hdb-sqlite.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hdb.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hdb_err.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keys.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keytab.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mkey.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ndbm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/print.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_dbinfo.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_hdbkeys.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_mkey.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< - -libhdb_la-common.lo: common.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-common.lo `test -f 'common.c' || echo '$(srcdir)/'`common.c - -libhdb_la-db.lo: db.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-db.lo `test -f 'db.c' || echo '$(srcdir)/'`db.c - -libhdb_la-db3.lo: db3.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-db3.lo `test -f 'db3.c' || echo '$(srcdir)/'`db3.c - -libhdb_la-ext.lo: ext.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-ext.lo `test -f 'ext.c' || echo '$(srcdir)/'`ext.c - -libhdb_la-hdb-ldap.lo: hdb-ldap.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-hdb-ldap.lo `test -f 'hdb-ldap.c' || echo '$(srcdir)/'`hdb-ldap.c - -libhdb_la-hdb.lo: hdb.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-hdb.lo `test -f 'hdb.c' || echo '$(srcdir)/'`hdb.c - -libhdb_la-keys.lo: keys.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-keys.lo `test -f 'keys.c' || echo '$(srcdir)/'`keys.c - -libhdb_la-keytab.lo: keytab.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-keytab.lo `test -f 'keytab.c' || echo '$(srcdir)/'`keytab.c - -libhdb_la-dbinfo.lo: dbinfo.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-dbinfo.lo `test -f 'dbinfo.c' || echo '$(srcdir)/'`dbinfo.c - -libhdb_la-mkey.lo: mkey.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-mkey.lo `test -f 'mkey.c' || echo '$(srcdir)/'`mkey.c - -libhdb_la-ndbm.lo: ndbm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-ndbm.lo `test -f 'ndbm.c' || echo '$(srcdir)/'`ndbm.c - -libhdb_la-print.lo: print.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-print.lo `test -f 'print.c' || echo '$(srcdir)/'`print.c - -libhdb_la-asn1_Salt.lo: asn1_Salt.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_Salt.lo `test -f 'asn1_Salt.c' || echo '$(srcdir)/'`asn1_Salt.c - -libhdb_la-asn1_Key.lo: asn1_Key.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_Key.lo `test -f 'asn1_Key.c' || echo '$(srcdir)/'`asn1_Key.c - -libhdb_la-asn1_Event.lo: asn1_Event.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_Event.lo `test -f 'asn1_Event.c' || echo '$(srcdir)/'`asn1_Event.c - -libhdb_la-asn1_HDBFlags.lo: asn1_HDBFlags.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDBFlags.lo `test -f 'asn1_HDBFlags.c' || echo '$(srcdir)/'`asn1_HDBFlags.c - -libhdb_la-asn1_GENERATION.lo: asn1_GENERATION.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_GENERATION.lo `test -f 'asn1_GENERATION.c' || echo '$(srcdir)/'`asn1_GENERATION.c - -libhdb_la-asn1_HDB_Ext_PKINIT_acl.lo: asn1_HDB_Ext_PKINIT_acl.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_Ext_PKINIT_acl.lo `test -f 'asn1_HDB_Ext_PKINIT_acl.c' || echo '$(srcdir)/'`asn1_HDB_Ext_PKINIT_acl.c - -libhdb_la-asn1_HDB_Ext_PKINIT_hash.lo: asn1_HDB_Ext_PKINIT_hash.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_Ext_PKINIT_hash.lo `test -f 'asn1_HDB_Ext_PKINIT_hash.c' || echo '$(srcdir)/'`asn1_HDB_Ext_PKINIT_hash.c - -libhdb_la-asn1_HDB_Ext_Constrained_delegation_acl.lo: asn1_HDB_Ext_Constrained_delegation_acl.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_Ext_Constrained_delegation_acl.lo `test -f 'asn1_HDB_Ext_Constrained_delegation_acl.c' || echo '$(srcdir)/'`asn1_HDB_Ext_Constrained_delegation_acl.c - -libhdb_la-asn1_HDB_Ext_Lan_Manager_OWF.lo: asn1_HDB_Ext_Lan_Manager_OWF.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_Ext_Lan_Manager_OWF.lo `test -f 'asn1_HDB_Ext_Lan_Manager_OWF.c' || echo '$(srcdir)/'`asn1_HDB_Ext_Lan_Manager_OWF.c - -libhdb_la-asn1_HDB_Ext_Password.lo: asn1_HDB_Ext_Password.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_Ext_Password.lo `test -f 'asn1_HDB_Ext_Password.c' || echo '$(srcdir)/'`asn1_HDB_Ext_Password.c - -libhdb_la-asn1_HDB_Ext_Aliases.lo: asn1_HDB_Ext_Aliases.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_Ext_Aliases.lo `test -f 'asn1_HDB_Ext_Aliases.c' || echo '$(srcdir)/'`asn1_HDB_Ext_Aliases.c - -libhdb_la-asn1_HDB_extension.lo: asn1_HDB_extension.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_extension.lo `test -f 'asn1_HDB_extension.c' || echo '$(srcdir)/'`asn1_HDB_extension.c - -libhdb_la-asn1_HDB_extensions.lo: asn1_HDB_extensions.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_extensions.lo `test -f 'asn1_HDB_extensions.c' || echo '$(srcdir)/'`asn1_HDB_extensions.c - -libhdb_la-asn1_hdb_entry.lo: asn1_hdb_entry.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_hdb_entry.lo `test -f 'asn1_hdb_entry.c' || echo '$(srcdir)/'`asn1_hdb_entry.c - -libhdb_la-asn1_hdb_entry_alias.lo: asn1_hdb_entry_alias.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_hdb_entry_alias.lo `test -f 'asn1_hdb_entry_alias.c' || echo '$(srcdir)/'`asn1_hdb_entry_alias.c - -libhdb_la-hdb_err.lo: hdb_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-hdb_err.lo `test -f 'hdb_err.c' || echo '$(srcdir)/'`hdb_err.c +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo @@ -638,82 +701,92 @@ clean-libtool: install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files install-nodist_includeHEADERS: $(nodist_include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nodist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-nodist_includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -734,13 +807,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -778,6 +855,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -789,6 +867,7 @@ clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ clean-noinstPROGRAMS mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -799,6 +878,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -806,26 +887,35 @@ info-am: install-data-am: install-includeHEADERS install-nodist_includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -846,9 +936,8 @@ uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES \ uninstall-nodist_includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: all check check-am install install-am install-data-am \ + install-exec-am install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-generic clean-libLTLIBRARIES clean-libtool \ @@ -938,6 +1027,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -1023,7 +1115,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -1038,6 +1130,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) done $(libhdb_la_OBJECTS): $(srcdir)/hdb-protos.h $(srcdir)/hdb-private.h +$(libhdb_la_OBJECTS): hdb_asn1.h hdb_asn1-priv.h hdb_err.h $(srcdir)/hdb-protos.h: cd $(srcdir); perl ../../cf/make-proto.pl -q -P comment -o hdb-protos.h $(dist_libhdb_la_SOURCES) || rm -f hdb-protos.h @@ -1045,16 +1138,15 @@ $(srcdir)/hdb-protos.h: $(srcdir)/hdb-private.h: cd $(srcdir); perl ../../cf/make-proto.pl -q -P comment -p hdb-private.h $(dist_libhdb_la_SOURCES) || rm -f hdb-private.h -$(gen_files_hdb) hdb_asn1.h: hdb_asn1_files +$(gen_files_hdb) hdb_asn1.hx hdb_asn1-priv.hx: hdb_asn1_files -hdb_asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 - ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 hdb_asn1 - -$(libhdb_la_OBJECTS): hdb_asn1.h hdb_err.h +hdb_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/hdb.asn1 + $(ASN1_COMPILE) $(srcdir)/hdb.asn1 hdb_asn1 # to help stupid solaris make hdb_err.h: hdb_err.et + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/hdb/NTMakefile b/lib/hdb/NTMakefile new file mode 100644 index 000000000000..ef696fb3a93c --- /dev/null +++ b/lib/hdb/NTMakefile @@ -0,0 +1,184 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\hdb + +!include ../../windows/NTMakefile.w32 + +gen_files_hdb = $(OBJ)\asn1_hdb_asn1.x + +$(gen_files_hdb) $(OBJ)\hdb_asn1.hx $(OBJ)\hdb_asn1-priv.hx: $(BINDIR)\asn1_compile.exe hdb.asn1 + cd $(OBJ) + $(BINDIR)\asn1_compile.exe --sequence=HDB-Ext-Keyset --sequence=Keys --one-code-file $(SRCDIR)\hdb.asn1 hdb_asn1 + cd $(SRCDIR) + +$(gen_files_hdb:.x=.c): $$(@R).x + +!ifdef OPENLDAP_MODULE + +ldap_dll = $(BINDIR)\hdb_ldap.dll +ldap_lib = $(LIBDIR)\hdb_ldap.lib +ldap_objs = $(OBJ)\hdb-ldap.obj + +$(ldap_dll): $(ldap_objs) + $(DLLGUILINK) -implib:$(ldap_lib) + $(DLLPREP) + +clean:: + -$(RM) $(ldap_dll) + -$(RM) $(ldap_lib) + +!else + +ldap = $(OBJ)\hdb-ldap.obj +ldap_c = hdb-ldap.c + +!endif + +dist_libhdb_la_SOURCES = \ + common.c \ + db.c \ + db3.c \ + ext.c \ + $(ldap_c) \ + hdb.c \ + hdb-sqlite.c \ + hdb-keytab.c \ + hdb-mitdb.c \ + hdb_locl.h \ + keys.c \ + keytab.c \ + dbinfo.c \ + mkey.c \ + ndbm.c \ + print.c + +libhdb_OBJs = \ + $(OBJ)\common.obj \ + $(OBJ)\db.obj \ + $(OBJ)\db3.obj \ + $(OBJ)\ext.obj \ + $(ldap) \ + $(OBJ)\hdb.obj \ + $(OBJ)\hdb-sqlite.obj \ + $(OBJ)\hdb-keytab.obj \ + $(OBJ)\hdb-mitdb.obj \ + $(OBJ)\keys.obj \ + $(OBJ)\keytab.obj \ + $(OBJ)\dbinfo.obj \ + $(OBJ)\mkey.obj \ + $(OBJ)\ndbm.obj \ + $(OBJ)\print.obj \ + $(gen_files_hdb:.x=.obj) \ + $(OBJ)\hdb_err.obj + +$(OBJ)\hdb_err.c $(OBJ)\hdb_err.h: hdb_err.et + cd $(OBJ) + $(BINDIR)\compile_et.exe $(SRCDIR)\hdb_err.et + cd $(SRCDIR) + +$(OBJ)\hdb-protos.h: $(dist_libhdb_la_SOURCES) + $(PERL) ../../cf/make-proto.pl -q -P remove -o $@ $(dist_libhdb_la_SOURCES) \ + || $(RM) $@ + +$(OBJ)\hdb-private.h: $(dist_libhdb_la_SOURCES) + $(PERL) ../../cf/make-proto.pl -q -P remote -p $@ $(dist_libhdb_la_SOURCES) \ + || $(RM) $@ + +INCFILES= \ + $(INCDIR)\hdb.h \ + $(INCDIR)\hdb-protos.h \ + $(OBJ)\hdb-private.h \ + $(INCDIR)\hdb_err.h \ + $(INCDIR)\hdb_asn1.h \ + $(INCDIR)\hdb_asn1-priv.h + +!ifndef STATICLIBS + +RES=$(OBJ)\libhdb-version.res + +$(LIBHDB): $(BINDIR)\libhdb.dll + +$(BINDIR)\libhdb.dll: $(libhdb_OBJs) $(ldap_lib) $(LIBHEIMDAL) $(LIBSQLITE) $(LIBCOMERR) $(LIBROKEN) $(RES) + $(DLLGUILINK) -def:libhdb-exports.def -implib:$(LIBHDB) + $(DLLPREP) + +clean:: + -$(RM) $(BINDIR)\libhdb.* + +!else + +$(LIBHDB): $(libhdb_OBJs) $(ldap_lib) + $(LIBCON) + +!endif + +all:: $(INCFILES) $(LIBHDB) + +clean:: + -$(RM) $(INCFILES) + -$(RM) $(LIBHDB) + +test:: test-binaries test-run + +test-binaries: $(OBJ)\test_dbinfo.exe $(OBJ)\test_hdbkeys.exe + +$(OBJ)\test_dbinfo.exe: $(OBJ)\test_dbinfo.obj $(LIBHDB) $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_hdbkeys.exe: $(OBJ)\test_hdbkeys.obj $(LIBHDB) $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS) + $(EXECONLINK) + $(EXEPREP_NODIST) + +test-run: + cd $(OBJ) + test_dbinfo.exe + cd $(SRCDIR) + +!ifdef OPENLDAP_INC +openldap_inc_flag=-I$(OPENLDAP_INC) +!else +openldap_inc_flag= +!endif + +hdb_cflags=$(openldap_inc_flag) -I$(OBJ) + +{}.c{$(OBJ)}.obj:: + $(C2OBJ_P) $(hdb_cflags) -DASN1_LIB + +{$(OBJ)}.c{$(OBJ)}.obj:: + $(C2OBJ_P) $(hdb_cflags) + +test-exports: + $(PERL) ..\..\cf\w32-check-exported-symbols.pl --vs version-script.map --def libhdb-exports.def + +test:: test-exports diff --git a/lib/hdb/common.c b/lib/hdb/common.c index 680b666564b8..2715adf63dca 100644 --- a/lib/hdb/common.c +++ b/lib/hdb/common.c @@ -1,49 +1,47 @@ /* - * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hdb_locl.h" -RCSID("$Id: common.c 20236 2007-02-16 23:52:29Z lha $"); - int hdb_principal2key(krb5_context context, krb5_const_principal p, krb5_data *key) { Principal new; - size_t len; + size_t len = 0; int ret; ret = copy_Principal(p, &new); - if(ret) + if(ret) return ret; new.name.name_type = 0; @@ -63,9 +61,9 @@ hdb_key2principal(krb5_context context, krb5_data *key, krb5_principal p) int hdb_entry2value(krb5_context context, const hdb_entry *ent, krb5_data *value) { - size_t len; + size_t len = 0; int ret; - + ASN1_MALLOC_ENCODE(hdb_entry, value->data, value->length, ent, &len, ret); if (ret == 0 && value->length != len) krb5_abortx(context, "internal asn.1 encoder error"); @@ -79,14 +77,14 @@ hdb_value2entry(krb5_context context, krb5_data *value, hdb_entry *ent) } int -hdb_entry_alias2value(krb5_context context, +hdb_entry_alias2value(krb5_context context, const hdb_entry_alias *alias, krb5_data *value) { - size_t len; + size_t len = 0; int ret; - - ASN1_MALLOC_ENCODE(hdb_entry_alias, value->data, value->length, + + ASN1_MALLOC_ENCODE(hdb_entry_alias, value->data, value->length, alias, &len, ret); if (ret == 0 && value->length != len) krb5_abortx(context, "internal asn.1 encoder error"); @@ -94,20 +92,39 @@ hdb_entry_alias2value(krb5_context context, } int -hdb_value2entry_alias(krb5_context context, krb5_data *value, +hdb_value2entry_alias(krb5_context context, krb5_data *value, hdb_entry_alias *ent) { return decode_hdb_entry_alias(value->data, value->length, ent, NULL); } krb5_error_code -_hdb_fetch(krb5_context context, HDB *db, krb5_const_principal principal, - unsigned flags, hdb_entry_ex *entry) +_hdb_fetch_kvno(krb5_context context, HDB *db, krb5_const_principal principal, + unsigned flags, krb5_kvno kvno, hdb_entry_ex *entry) { + krb5_principal enterprise_principal = NULL; krb5_data key, value; + krb5_error_code ret; int code; + if (principal->name.name_type == KRB5_NT_ENTERPRISE_PRINCIPAL) { + if (principal->name.name_string.len != 1) { + ret = KRB5_PARSE_MALFORMED; + krb5_set_error_message(context, ret, "malformed principal: " + "enterprise name with %d name components", + principal->name.name_string.len); + return ret; + } + ret = krb5_parse_name(context, principal->name.name_string.val[0], + &enterprise_principal); + if (ret) + return ret; + principal = enterprise_principal; + } + hdb_principal2key(context, principal, &key); + if (enterprise_principal) + krb5_free_principal(context, enterprise_principal); code = db->hdb__get(context, db, key, &value); krb5_data_free(&key); if(code) @@ -154,14 +171,14 @@ hdb_remove_aliases(krb5_context context, HDB *db, krb5_data *key) krb5_error_code code; hdb_entry oldentry; krb5_data value; - int i; + size_t i; code = db->hdb__get(context, db, *key, &value); if (code == HDB_ERR_NOENTRY) return 0; else if (code) return code; - + code = hdb_value2entry(context, &value, &oldentry); krb5_data_free(&value); if (code) @@ -188,22 +205,22 @@ hdb_remove_aliases(krb5_context context, HDB *db, krb5_data *key) } static krb5_error_code -hdb_add_aliases(krb5_context context, HDB *db, +hdb_add_aliases(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry) { const HDB_Ext_Aliases *aliases; krb5_error_code code; krb5_data key, value; - int i; - + size_t i; + code = hdb_entry_get_aliases(&entry->entry, &aliases); if (code || aliases == NULL) return code; - + for (i = 0; i < aliases->aliases.len; i++) { hdb_entry_alias entryalias; entryalias.principal = entry->entry.principal; - + hdb_principal2key(context, &aliases->aliases.val[i], &key); code = hdb_entry_alias2value(context, &entryalias, &value); if (code) { @@ -219,17 +236,64 @@ hdb_add_aliases(krb5_context context, HDB *db, return 0; } +static krb5_error_code +hdb_check_aliases(krb5_context context, HDB *db, hdb_entry_ex *entry) +{ + const HDB_Ext_Aliases *aliases; + int code; + size_t i; + + /* check if new aliases already is used */ + + code = hdb_entry_get_aliases(&entry->entry, &aliases); + if (code) + return code; + + for (i = 0; aliases && i < aliases->aliases.len; i++) { + hdb_entry_alias alias; + krb5_data akey, value; + + hdb_principal2key(context, &aliases->aliases.val[i], &akey); + code = db->hdb__get(context, db, akey, &value); + krb5_data_free(&akey); + if (code == HDB_ERR_NOENTRY) + continue; + else if (code) + return code; + + code = hdb_value2entry_alias(context, &value, &alias); + krb5_data_free(&value); + + if (code == ASN1_BAD_ID) + return HDB_ERR_EXISTS; + else if (code) + return code; + + code = krb5_principal_compare(context, alias.principal, + entry->entry.principal); + free_hdb_entry_alias(&alias); + if (code == 0) + return HDB_ERR_EXISTS; + } + return 0; +} + krb5_error_code _hdb_store(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry) { krb5_data key, value; int code; + /* check if new aliases already is used */ + code = hdb_check_aliases(context, db, entry); + if (code) + return code; + if(entry->entry.generation == NULL) { struct timeval t; entry->entry.generation = malloc(sizeof(*entry->entry.generation)); if(entry->entry.generation == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } gettimeofday(&t, NULL); @@ -238,12 +302,12 @@ _hdb_store(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry) entry->entry.generation->gen = 0; } else entry->entry.generation->gen++; - hdb_principal2key(context, entry->entry.principal, &key); + code = hdb_seal_keys(context, db, &entry->entry); - if (code) { - krb5_data_free(&key); + if (code) return code; - } + + hdb_principal2key(context, entry->entry.principal, &key); /* remove aliases */ code = hdb_remove_aliases(context, db, &key); diff --git a/lib/hdb/data-mkey.mit.des3.be b/lib/hdb/data-mkey.mit.des3.be new file mode 100644 index 0000000000000000000000000000000000000000..4278ed339e520328e37626f1c42e785c5264a243 GIT binary patch literal 46 QcmZP&U|?X7P#_Wj0Bu$UDF6Tf literal 0 HcmV?d00001 diff --git a/lib/hdb/data-mkey.mit.des3.le b/lib/hdb/data-mkey.mit.des3.le new file mode 100644 index 0000000000000000000000000000000000000000..19fdc93b40d485d6e258692f6e9becfee489b691 GIT binary patch literal 30 PcmWe&kYHe7P{08IDjowV literal 0 HcmV?d00001 diff --git a/lib/hdb/db.c b/lib/hdb/db.c index 870f0431cf3a..69940edf89dc 100644 --- a/lib/hdb/db.c +++ b/lib/hdb/db.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hdb_locl.h" -RCSID("$Id: db.c 20215 2007-02-09 21:59:53Z lha $"); - #if HAVE_DB1 #if defined(HAVE_DB_185_H) @@ -68,8 +66,8 @@ DB_lock(krb5_context context, HDB *db, int operation) DB *d = (DB*)db->hdb_db; int fd = (*d->fd)(d); if(fd < 0) { - krb5_set_error_string(context, - "Can't lock database: %s", db->hdb_name); + krb5_set_error_message(context, HDB_ERR_CANT_LOCK_DB, + "Can't lock database: %s", db->hdb_name); return HDB_ERR_CANT_LOCK_DB; } return hdb_lock(fd, operation); @@ -81,8 +79,8 @@ DB_unlock(krb5_context context, HDB *db) DB *d = (DB*)db->hdb_db; int fd = (*d->fd)(d); if(fd < 0) { - krb5_set_error_string(context, - "Can't unlock database: %s", db->hdb_name); + krb5_set_error_message(context, HDB_ERR_CANT_LOCK_DB, + "Can't unlock database: %s", db->hdb_name); return HDB_ERR_CANT_LOCK_DB; } return hdb_unlock(fd); @@ -100,19 +98,19 @@ DB_seq(krb5_context context, HDB *db, code = db->hdb_lock(context, db, HDB_RLOCK); if(code == -1) { - krb5_set_error_string(context, "Database %s in use", db->hdb_name); + krb5_set_error_message(context, HDB_ERR_DB_INUSE, "Database %s in use", db->hdb_name); return HDB_ERR_DB_INUSE; } code = (*d->seq)(d, &key, &value, flag); db->hdb_unlock(context, db); /* XXX check value */ if(code == -1) { code = errno; - krb5_set_error_string(context, "Database %s seq error: %s", - db->hdb_name, strerror(code)); + krb5_set_error_message(context, code, "Database %s seq error: %s", + db->hdb_name, strerror(code)); return code; } if(code == 1) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return HDB_ERR_NOENTRY; } @@ -131,8 +129,8 @@ DB_seq(krb5_context context, HDB *db, if (code == 0 && entry->entry.principal == NULL) { entry->entry.principal = malloc(sizeof(*entry->entry.principal)); if (entry->entry.principal == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); code = ENOMEM; + krb5_set_error_message(context, code, "malloc: out of memory"); hdb_free_entry (context, entry); } else { hdb_key2principal(context, &key_data, entry->entry.principal); @@ -168,7 +166,7 @@ DB_rename(krb5_context context, HDB *db, const char *new_name) free(new); if(ret) return errno; - + free(db->hdb_name); db->hdb_name = strdup(new_name); return 0; @@ -190,21 +188,21 @@ DB__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply) db->hdb_unlock(context, db); if(code < 0) { code = errno; - krb5_set_error_string(context, "Database %s get error: %s", - db->hdb_name, strerror(code)); + krb5_set_error_message(context, code, "Database %s get error: %s", + db->hdb_name, strerror(code)); return code; } if(code == 1) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return HDB_ERR_NOENTRY; } - + krb5_data_copy(reply, v.data, v.size); return 0; } static krb5_error_code -DB__put(krb5_context context, HDB *db, int replace, +DB__put(krb5_context context, HDB *db, int replace, krb5_data key, krb5_data value) { DB *d = (DB*)db->hdb_db; @@ -222,12 +220,12 @@ DB__put(krb5_context context, HDB *db, int replace, db->hdb_unlock(context, db); if(code < 0) { code = errno; - krb5_set_error_string(context, "Database %s put error: %s", - db->hdb_name, strerror(code)); + krb5_set_error_message(context, code, "Database %s put error: %s", + db->hdb_name, strerror(code)); return code; } if(code == 1) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return HDB_ERR_EXISTS; } return 0; @@ -248,8 +246,8 @@ DB__del(krb5_context context, HDB *db, krb5_data key) db->hdb_unlock(context, db); if(code == 1) { code = errno; - krb5_set_error_string(context, "Database %s put error: %s", - db->hdb_name, strerror(code)); + krb5_set_error_message(context, code, "Database %s put error: %s", + db->hdb_name, strerror(code)); return code; } if(code < 0) @@ -265,7 +263,7 @@ DB_open(krb5_context context, HDB *db, int flags, mode_t mode) asprintf(&fn, "%s.db", db->hdb_name); if (fn == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } db->hdb_db = dbopen(fn, flags, mode, DB_BTREE, NULL); @@ -275,7 +273,7 @@ DB_open(krb5_context context, HDB *db, int flags, mode_t mode) db->hdb_db = dbopen(db->hdb_name, flags, mode, DB_BTREE, NULL); if(db->hdb_db == NULL) { ret = errno; - krb5_set_error_string(context, "dbopen (%s): %s", + krb5_set_error_message(context, ret, "dbopen (%s): %s", db->hdb_name, strerror(ret)); return ret; } @@ -284,42 +282,43 @@ DB_open(krb5_context context, HDB *db, int flags, mode_t mode) else ret = hdb_init_db(context, db); if(ret == HDB_ERR_NOENTRY) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return 0; } if (ret) { DB_close(context, db); - krb5_set_error_string(context, "hdb_open: failed %s database %s", - (flags & O_ACCMODE) == O_RDONLY ? - "checking format of" : "initialize", + krb5_set_error_message(context, ret, "hdb_open: failed %s database %s", + (flags & O_ACCMODE) == O_RDONLY ? + "checking format of" : "initialize", db->hdb_name); } return ret; } krb5_error_code -hdb_db_create(krb5_context context, HDB **db, +hdb_db_create(krb5_context context, HDB **db, const char *filename) { *db = calloc(1, sizeof(**db)); if (*db == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } (*db)->hdb_db = NULL; (*db)->hdb_name = strdup(filename); if ((*db)->hdb_name == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); free(*db); *db = NULL; + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } (*db)->hdb_master_key_set = 0; (*db)->hdb_openp = 0; + (*db)->hdb_capability_flags = HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL; (*db)->hdb_open = DB_open; (*db)->hdb_close = DB_close; - (*db)->hdb_fetch = _hdb_fetch; + (*db)->hdb_fetch_kvno = _hdb_fetch_kvno; (*db)->hdb_store = _hdb_store; (*db)->hdb_remove = _hdb_remove; (*db)->hdb_firstkey = DB_firstkey; diff --git a/lib/hdb/db3.c b/lib/hdb/db3.c index 45ccbef79198..58f892ff6777 100644 --- a/lib/hdb/db3.c +++ b/lib/hdb/db3.c @@ -1,45 +1,47 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hdb_locl.h" -RCSID("$Id: db3.c 21610 2007-07-17 07:10:45Z lha $"); - #if HAVE_DB3 -#ifdef HAVE_DB4_DB_H +#ifdef HAVE_DBHEADER +#include +#elif HAVE_DB5_DB_H +#include +#elif HAVE_DB4_DB_H #include -#elif defined(HAVE_DB3_DB_H) +#elif HAVE_DB3_DB_H #include #else #include @@ -125,7 +127,7 @@ DB_seq(krb5_context context, HDB *db, entry->entry.principal = malloc(sizeof(*entry->entry.principal)); if (entry->entry.principal == NULL) { hdb_free_entry (context, entry); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } else { hdb_key2principal(context, &key_data, entry->entry.principal); @@ -161,7 +163,7 @@ DB_rename(krb5_context context, HDB *db, const char *new_name) free(new); if(ret) return errno; - + free(db->hdb_name); db->hdb_name = strdup(new_name); return 0; @@ -193,7 +195,7 @@ DB__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply) } static krb5_error_code -DB__put(krb5_context context, HDB *db, int replace, +DB__put(krb5_context context, HDB *db, int replace, krb5_data key, krb5_data value) { DB *d = (DB*)db->hdb_db; @@ -264,10 +266,14 @@ DB_open(krb5_context context, HDB *db, int flags, mode_t mode) asprintf(&fn, "%s.db", db->hdb_name); if (fn == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + if (db_create(&d, NULL, 0) != 0) { + free(fn); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } - db_create(&d, NULL, 0); db->hdb_db = d; #if (DB_VERSION_MAJOR >= 4) && (DB_VERSION_MINOR >= 1) @@ -282,14 +288,14 @@ DB_open(krb5_context context, HDB *db, int flags, mode_t mode) ret = (*d->open)(db->hdb_db, NULL, db->hdb_name, NULL, DB_BTREE, myflags, mode); #else - ret = (*d->open)(db->hdb_db, db->hdb_name, NULL, DB_BTREE, + ret = (*d->open)(db->hdb_db, db->hdb_name, NULL, DB_BTREE, myflags, mode); #endif } if (ret) { free(fn); - krb5_set_error_string(context, "opening %s: %s", + krb5_set_error_message(context, ret, "opening %s: %s", db->hdb_name, strerror(ret)); return ret; } @@ -297,7 +303,7 @@ DB_open(krb5_context context, HDB *db, int flags, mode_t mode) ret = (*d->cursor)(d, NULL, &dbc, 0); if (ret) { - krb5_set_error_string(context, "d->cursor: %s", strerror(ret)); + krb5_set_error_message(context, ret, "d->cursor: %s", strerror(ret)); return ret; } db->hdb_dbc = dbc; @@ -310,38 +316,39 @@ DB_open(krb5_context context, HDB *db, int flags, mode_t mode) return 0; if (ret) { DB_close(context, db); - krb5_set_error_string(context, "hdb_open: failed %s database %s", - (flags & O_ACCMODE) == O_RDONLY ? - "checking format of" : "initialize", - db->hdb_name); + krb5_set_error_message(context, ret, "hdb_open: failed %s database %s", + (flags & O_ACCMODE) == O_RDONLY ? + "checking format of" : "initialize", + db->hdb_name); } return ret; } krb5_error_code -hdb_db_create(krb5_context context, HDB **db, +hdb_db_create(krb5_context context, HDB **db, const char *filename) { *db = calloc(1, sizeof(**db)); if (*db == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } (*db)->hdb_db = NULL; (*db)->hdb_name = strdup(filename); if ((*db)->hdb_name == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); free(*db); *db = NULL; + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } (*db)->hdb_master_key_set = 0; (*db)->hdb_openp = 0; + (*db)->hdb_capability_flags = HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL; (*db)->hdb_open = DB_open; (*db)->hdb_close = DB_close; - (*db)->hdb_fetch = _hdb_fetch; + (*db)->hdb_fetch_kvno = _hdb_fetch_kvno; (*db)->hdb_store = _hdb_store; (*db)->hdb_remove = _hdb_remove; (*db)->hdb_firstkey = DB_firstkey; diff --git a/lib/hdb/dbinfo.c b/lib/hdb/dbinfo.c index d43e31b39ad3..52e394106eca 100644 --- a/lib/hdb/dbinfo.c +++ b/lib/hdb/dbinfo.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hdb_locl.h" -RCSID("$Id: dbinfo.c 22306 2007-12-14 12:22:38Z lha $"); - struct hdb_dbinfo { char *label; char *realm; @@ -63,7 +61,7 @@ get_dbinfo(krb5_context context, di = calloc(1, sizeof(*di)); if (di == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } di->label = strdup(label); @@ -104,24 +102,24 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp) dt = NULL; databases = NULL; - db_binding = krb5_config_get(context, NULL, krb5_config_list, - "kdc", - "database", - NULL); + db_binding = krb5_config_get_list(context, NULL, + "kdc", + "database", + NULL); if (db_binding) { ret = get_dbinfo(context, db_binding, "default", &di); if (ret == 0 && di) { databases = di; dt = &di->next; - } + } for ( ; db_binding != NULL; db_binding = db_binding->next) { if (db_binding->type != krb5_config_list) continue; - ret = get_dbinfo(context, db_binding->u.list, + ret = get_dbinfo(context, db_binding->u.list, db_binding->name, &di); if (ret) krb5_err(context, 1, ret, "failed getting realm"); @@ -159,7 +157,7 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp) else /* the filename is something.else, replace .else with .mkey */ - asprintf(&di->mkey_file, "%.*s.mkey", + asprintf(&di->mkey_file, "%.*s.mkey", (int)(p - di->dbname), di->dbname); } if(di->acl_file == NULL) @@ -228,10 +226,12 @@ hdb_free_dbinfo(krb5_context context, struct hdb_dbinfo **dbp) for(di = *dbp; di != NULL; di = ndi) { ndi = di->next; + free (di->label); free (di->realm); free (di->dbname); - if (di->mkey_file) - free (di->mkey_file); + free (di->mkey_file); + free (di->acl_file); + free (di->log_file); free(di); } *dbp = NULL; diff --git a/lib/hdb/ext.c b/lib/hdb/ext.c index 5f60999946b8..d2a4373b9b38 100644 --- a/lib/hdb/ext.c +++ b/lib/hdb/ext.c @@ -1,60 +1,59 @@ /* - * Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hdb_locl.h" #include -RCSID("$Id: ext.c 21113 2007-06-18 12:59:32Z lha $"); - krb5_error_code hdb_entry_check_mandatory(krb5_context context, const hdb_entry *ent) { - int i; + size_t i; if (ent->extensions == NULL) return 0; - /* + /* * check for unknown extensions and if they where tagged mandatory */ for (i = 0; i < ent->extensions->len; i++) { - if (ent->extensions->val[i].data.element != + if (ent->extensions->val[i].data.element != choice_HDB_extension_data_asn1_ellipsis) continue; if (ent->extensions->val[i].mandatory) { - krb5_set_error_string(context, "Principal have unknown " - "mandatory extension"); + krb5_set_error_message(context, HDB_ERR_MANDATORY_OPTION, + "Principal have unknown " + "mandatory extension"); return HDB_ERR_MANDATORY_OPTION; } } @@ -64,13 +63,13 @@ hdb_entry_check_mandatory(krb5_context context, const hdb_entry *ent) HDB_extension * hdb_find_extension(const hdb_entry *entry, int type) { - int i; + size_t i; if (entry->extensions == NULL) return NULL; for (i = 0; i < entry->extensions->len; i++) - if (entry->extensions->val[i].data.element == type) + if (entry->extensions->val[i].data.element == (unsigned)type) return &entry->extensions->val[i]; return NULL; } @@ -82,8 +81,8 @@ hdb_find_extension(const hdb_entry *entry, int type) */ krb5_error_code -hdb_replace_extension(krb5_context context, - hdb_entry *entry, +hdb_replace_extension(krb5_context context, + hdb_entry *entry, const HDB_extension *ext) { HDB_extension *ext2; @@ -95,13 +94,13 @@ hdb_replace_extension(krb5_context context, if (entry->extensions == NULL) { entry->extensions = calloc(1, sizeof(*entry->extensions)); if (entry->extensions == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } } else if (ext->data.element != choice_HDB_extension_data_asn1_ellipsis) { ext2 = hdb_find_extension(entry, ext->data.element); } else { - /* + /* * This is an unknown extention, and we are asked to replace a * possible entry in `entry' that is of the same type. This * might seem impossible, but ASN.1 CHOICE comes to our @@ -113,15 +112,15 @@ hdb_replace_extension(krb5_context context, Der_type replace_type, list_type; unsigned int replace_tag, list_tag; size_t size; - int i; + size_t i; ret = der_get_tag(ext->data.u.asn1_ellipsis.data, ext->data.u.asn1_ellipsis.length, &replace_class, &replace_type, &replace_tag, &size); if (ret) { - krb5_set_error_string(context, "hdb: failed to decode " - "replacement hdb extention"); + krb5_set_error_message(context, ret, "hdb: failed to decode " + "replacement hdb extention"); return ret; } @@ -136,8 +135,8 @@ hdb_replace_extension(krb5_context context, &list_class, &list_type, &list_tag, &size); if (ret) { - krb5_set_error_string(context, "hdb: failed to decode " - "present hdb extention"); + krb5_set_error_message(context, ret, "hdb: failed to decode " + "present hdb extention"); return ret; } @@ -153,15 +152,15 @@ hdb_replace_extension(krb5_context context, free_HDB_extension(ext2); ret = copy_HDB_extension(ext, ext2); if (ret) - krb5_set_error_string(context, "hdb: failed to copy replacement " - "hdb extention"); + krb5_set_error_message(context, ret, "hdb: failed to copy replacement " + "hdb extention"); return ret; } - es = realloc(entry->extensions->val, + es = realloc(entry->extensions->val, (entry->extensions->len+1)*sizeof(entry->extensions->val[0])); if (es == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } entry->extensions->val = es; @@ -171,23 +170,23 @@ hdb_replace_extension(krb5_context context, if (ret == 0) entry->extensions->len++; else - krb5_set_error_string(context, "hdb: failed to copy new extension"); + krb5_set_error_message(context, ret, "hdb: failed to copy new extension"); return ret; } krb5_error_code -hdb_clear_extension(krb5_context context, - hdb_entry *entry, +hdb_clear_extension(krb5_context context, + hdb_entry *entry, int type) { - int i; + size_t i; if (entry->extensions == NULL) return 0; for (i = 0; i < entry->extensions->len; i++) { - if (entry->extensions->val[i].data.element == type) { + if (entry->extensions->val[i].data.element == (unsigned)type) { free_HDB_extension(&entry->extensions->val[i]); memmove(&entry->extensions->val[i], &entry->extensions->val[i + 1], @@ -233,6 +232,20 @@ hdb_entry_get_pkinit_hash(const hdb_entry *entry, const HDB_Ext_PKINIT_hash **a) return 0; } +krb5_error_code +hdb_entry_get_pkinit_cert(const hdb_entry *entry, const HDB_Ext_PKINIT_cert **a) +{ + const HDB_extension *ext; + + ext = hdb_find_extension(entry, choice_HDB_extension_data_pkinit_cert); + if (ext) + *a = &ext->data.u.pkinit_cert; + else + *a = NULL; + + return 0; +} + krb5_error_code hdb_entry_get_pw_change_time(const hdb_entry *entry, time_t *t) { @@ -248,7 +261,7 @@ hdb_entry_get_pw_change_time(const hdb_entry *entry, time_t *t) } krb5_error_code -hdb_entry_set_pw_change_time(krb5_context context, +hdb_entry_set_pw_change_time(krb5_context context, hdb_entry *entry, time_t t) { @@ -264,7 +277,7 @@ hdb_entry_set_pw_change_time(krb5_context context, } int -hdb_entry_get_password(krb5_context context, HDB *db, +hdb_entry_get_password(krb5_context context, HDB *db, const hdb_entry *entry, char **p) { HDB_extension *ext; @@ -273,18 +286,19 @@ hdb_entry_get_password(krb5_context context, HDB *db, ext = hdb_find_extension(entry, choice_HDB_extension_data_password); if (ext) { - heim_utf8_string str; + heim_utf8_string xstr; heim_octet_string pw; if (db->hdb_master_key_set && ext->data.u.password.mkvno) { hdb_master_key key; - key = _hdb_find_master_key(ext->data.u.password.mkvno, + key = _hdb_find_master_key(ext->data.u.password.mkvno, db->hdb_master_key); if (key == NULL) { - krb5_set_error_string(context, "master key %d missing", - *ext->data.u.password.mkvno); + krb5_set_error_message(context, HDB_ERR_NO_MKEY, + "master key %d missing", + *ext->data.u.password.mkvno); return HDB_ERR_NO_MKEY; } @@ -296,21 +310,21 @@ hdb_entry_get_password(krb5_context context, HDB *db, ret = der_copy_octet_string(&ext->data.u.password.password, &pw); } if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } - str = pw.data; - if (str[pw.length - 1] != '\0') { - krb5_set_error_string(context, "password malformated"); + xstr = pw.data; + if (xstr[pw.length - 1] != '\0') { + krb5_set_error_message(context, EINVAL, "malformed password"); return EINVAL; } - *p = strdup(str); + *p = strdup(xstr); der_free_octet_string(&pw); if (*p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } return 0; @@ -318,16 +332,17 @@ hdb_entry_get_password(krb5_context context, HDB *db, ret = krb5_unparse_name(context, entry->principal, &str); if (ret == 0) { - krb5_set_error_string(context, "no password attributefor %s", str); + krb5_set_error_message(context, ENOENT, + "no password attribute for %s", str); free(str); - } else - krb5_clear_error_string(context); + } else + krb5_clear_error_message(context); return ENOENT; } int -hdb_entry_set_password(krb5_context context, HDB *db, +hdb_entry_set_password(krb5_context context, HDB *db, hdb_entry *entry, const char *p) { HDB_extension ext; @@ -341,22 +356,23 @@ hdb_entry_set_password(krb5_context context, HDB *db, key = _hdb_find_master_key(NULL, db->hdb_master_key); if (key == NULL) { - krb5_set_error_string(context, "hdb_entry_set_password: " - "failed to find masterkey"); + krb5_set_error_message(context, HDB_ERR_NO_MKEY, + "hdb_entry_set_password: " + "failed to find masterkey"); return HDB_ERR_NO_MKEY; } ret = _hdb_mkey_encrypt(context, key, HDB_KU_MKEY, - p, strlen(p) + 1, + p, strlen(p) + 1, &ext.data.u.password.password); if (ret) return ret; - ext.data.u.password.mkvno = + ext.data.u.password.mkvno = malloc(sizeof(*ext.data.u.password.mkvno)); if (ext.data.u.password.mkvno == NULL) { free_HDB_extension(&ext); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } *ext.data.u.password.mkvno = _hdb_mkey_version(key); @@ -364,10 +380,10 @@ hdb_entry_set_password(krb5_context context, HDB *db, } else { ext.data.u.password.mkvno = NULL; - ret = krb5_data_copy(&ext.data.u.password.password, + ret = krb5_data_copy(&ext.data.u.password.password, p, strlen(p) + 1); if (ret) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, "malloc: out of memory"); free_HDB_extension(&ext); return ret; } @@ -383,17 +399,17 @@ hdb_entry_set_password(krb5_context context, HDB *db, int hdb_entry_clear_password(krb5_context context, hdb_entry *entry) { - return hdb_clear_extension(context, entry, + return hdb_clear_extension(context, entry, choice_HDB_extension_data_password); } krb5_error_code -hdb_entry_get_ConstrainedDelegACL(const hdb_entry *entry, +hdb_entry_get_ConstrainedDelegACL(const hdb_entry *entry, const HDB_Ext_Constrained_delegation_acl **a) { const HDB_extension *ext; - ext = hdb_find_extension(entry, + ext = hdb_find_extension(entry, choice_HDB_extension_data_allowed_to_delegate_to); if (ext) *a = &ext->data.u.allowed_to_delegate_to; diff --git a/lib/hdb/hdb-keytab.c b/lib/hdb/hdb-keytab.c new file mode 100644 index 000000000000..ab2afb5d74ba --- /dev/null +++ b/lib/hdb/hdb-keytab.c @@ -0,0 +1,231 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" +#include + +typedef struct { + char *path; + krb5_keytab keytab; +} *hdb_keytab; + +/* + * + */ + +static krb5_error_code +hkt_close(krb5_context context, HDB *db) +{ + hdb_keytab k = (hdb_keytab)db->hdb_db; + krb5_error_code ret; + + assert(k->keytab); + + ret = krb5_kt_close(context, k->keytab); + k->keytab = NULL; + + return ret; +} + +static krb5_error_code +hkt_destroy(krb5_context context, HDB *db) +{ + hdb_keytab k = (hdb_keytab)db->hdb_db; + krb5_error_code ret; + + ret = hdb_clear_master_key (context, db); + + free(k->path); + free(k); + + free(db->hdb_name); + free(db); + return ret; +} + +static krb5_error_code +hkt_lock(krb5_context context, HDB *db, int operation) +{ + return 0; +} + +static krb5_error_code +hkt_unlock(krb5_context context, HDB *db) +{ + return 0; +} + +static krb5_error_code +hkt_firstkey(krb5_context context, HDB *db, + unsigned flags, hdb_entry_ex *entry) +{ + return HDB_ERR_DB_INUSE; +} + +static krb5_error_code +hkt_nextkey(krb5_context context, HDB * db, unsigned flags, + hdb_entry_ex * entry) +{ + return HDB_ERR_DB_INUSE; +} + +static krb5_error_code +hkt_open(krb5_context context, HDB * db, int flags, mode_t mode) +{ + hdb_keytab k = (hdb_keytab)db->hdb_db; + krb5_error_code ret; + + assert(k->keytab == NULL); + + ret = krb5_kt_resolve(context, k->path, &k->keytab); + if (ret) + return ret; + + return 0; +} + +static krb5_error_code +hkt_fetch_kvno(krb5_context context, HDB * db, krb5_const_principal principal, + unsigned flags, krb5_kvno kvno, hdb_entry_ex * entry) +{ + hdb_keytab k = (hdb_keytab)db->hdb_db; + krb5_error_code ret; + krb5_keytab_entry ktentry; + + if (!(flags & HDB_F_KVNO_SPECIFIED)) { + /* Preserve previous behaviour if no kvno specified */ + kvno = 0; + } + + memset(&ktentry, 0, sizeof(ktentry)); + + entry->entry.flags.server = 1; + entry->entry.flags.forwardable = 1; + entry->entry.flags.renewable = 1; + + /* Not recorded in the OD backend, make something up */ + ret = krb5_parse_name(context, "hdb/keytab@WELL-KNOWN:KEYTAB-BACKEND", + &entry->entry.created_by.principal); + if (ret) + goto out; + + /* + * XXX really needs to try all enctypes and just not pick the + * first one, even if that happens to be des3-cbc-sha1 (ie best + * enctype) in the Apple case. A while loop over all known + * enctypes should work. + */ + + ret = krb5_kt_get_entry(context, k->keytab, principal, kvno, 0, &ktentry); + if (ret) { + ret = HDB_ERR_NOENTRY; + goto out; + } + + ret = krb5_copy_principal(context, principal, &entry->entry.principal); + if (ret) + goto out; + + ret = _hdb_keytab2hdb_entry(context, &ktentry, entry); + + out: + if (ret) { + free_hdb_entry(&entry->entry); + memset(&entry->entry, 0, sizeof(entry->entry)); + } + krb5_kt_free_entry(context, &ktentry); + + return ret; +} + +static krb5_error_code +hkt_store(krb5_context context, HDB * db, unsigned flags, + hdb_entry_ex * entry) +{ + return HDB_ERR_DB_INUSE; +} + + +krb5_error_code +hdb_keytab_create(krb5_context context, HDB ** db, const char *arg) +{ + hdb_keytab k; + + *db = calloc(1, sizeof(**db)); + if (*db == NULL) { + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + memset(*db, 0, sizeof(**db)); + + k = calloc(1, sizeof(*k)); + if (k == NULL) { + free(*db); + *db = NULL; + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + + k->path = strdup(arg); + if (k->path == NULL) { + free(k); + free(*db); + *db = NULL; + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + + + (*db)->hdb_db = k; + + (*db)->hdb_master_key_set = 0; + (*db)->hdb_openp = 0; + (*db)->hdb_open = hkt_open; + (*db)->hdb_close = hkt_close; + (*db)->hdb_fetch_kvno = hkt_fetch_kvno; + (*db)->hdb_store = hkt_store; + (*db)->hdb_remove = NULL; + (*db)->hdb_firstkey = hkt_firstkey; + (*db)->hdb_nextkey = hkt_nextkey; + (*db)->hdb_lock = hkt_lock; + (*db)->hdb_unlock = hkt_unlock; + (*db)->hdb_rename = NULL; + (*db)->hdb__get = NULL; + (*db)->hdb__put = NULL; + (*db)->hdb__del = NULL; + (*db)->hdb_destroy = hkt_destroy; + + return 0; +} diff --git a/lib/hdb/hdb-ldap.c b/lib/hdb/hdb-ldap.c index c9f3d37cd339..1b4024aa540a 100644 --- a/lib/hdb/hdb-ldap.c +++ b/lib/hdb/hdb-ldap.c @@ -1,7 +1,7 @@ /* * Copyright (c) 1999-2001, 2003, PADL Software Pty Ltd. * Copyright (c) 2004, Andrew Bartlett. - * Copyright (c) 2003 - 2007, Kungliga Tekniska Högskolan. + * Copyright (c) 2003 - 2008, Kungliga Tekniska Högskolan. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -34,8 +34,6 @@ #include "hdb_locl.h" -RCSID("$Id: hdb-ldap.c 22071 2007-11-14 20:04:50Z lha $"); - #ifdef OPENLDAP #include @@ -48,7 +46,7 @@ static krb5_error_code LDAP_close(krb5_context context, HDB *); static krb5_error_code LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, - hdb_entry_ex * ent); + int flags, hdb_entry_ex * ent); static const char *default_structural_object = "account"; static char *structural_object; @@ -74,7 +72,7 @@ struct hdbldapdb { * */ -static char * krb5kdcentry_attrs[] = { +static char * krb5kdcentry_attrs[] = { "cn", "createTimestamp", "creatorsName", @@ -121,8 +119,9 @@ LDAP_no_size_limit(krb5_context context, LDAP *lp) ret = ldap_set_option(lp, LDAP_OPT_SIZELIMIT, (const void *)&limit); if (ret != LDAP_SUCCESS) { - krb5_set_error_string(context, "ldap_set_option: %s", - ldap_err2string(ret)); + krb5_set_error_message(context, HDB_ERR_BADVERSION, + "ldap_set_option: %s", + ldap_err2string(ret)); return HDB_ERR_BADVERSION; } return 0; @@ -222,7 +221,7 @@ LDAP_addmod_len(LDAPMod *** modlist, int modop, const char *attribute, (*modlist)[cMods]->mod_bvalues = bv; - bv[i] = ber_memalloc(sizeof(*bv));; + bv[i] = ber_memalloc(sizeof(**bv));; if (bv[i] == NULL) return ENOMEM; @@ -295,8 +294,9 @@ LDAP_addmod_integer(krb5_context context, ret = asprintf(&buf, "%ld", l); if (ret < 0) { - krb5_set_error_string(context, "asprintf: out of memory:"); - return ret; + krb5_set_error_message(context, ENOMEM, + "asprintf: out of memory:"); + return ENOMEM; } ret = LDAP_addmod(mods, modop, attribute, buf); free (buf); @@ -307,38 +307,40 @@ static krb5_error_code LDAP_get_string_value(HDB * db, LDAPMessage * entry, const char *attribute, char **ptr) { - char **vals; - int ret; + struct berval **vals; - vals = ldap_get_values(HDB2LDAP(db), entry, (char *) attribute); - if (vals == NULL) { + vals = ldap_get_values_len(HDB2LDAP(db), entry, attribute); + if (vals == NULL || vals[0] == NULL) { *ptr = NULL; return HDB_ERR_NOENTRY; } - *ptr = strdup(vals[0]); - if (*ptr == NULL) - ret = ENOMEM; - else - ret = 0; + *ptr = malloc(vals[0]->bv_len + 1); + if (*ptr == NULL) { + ldap_value_free_len(vals); + return ENOMEM; + } - ldap_value_free(vals); + memcpy(*ptr, vals[0]->bv_val, vals[0]->bv_len); + (*ptr)[vals[0]->bv_len] = 0; - return ret; + ldap_value_free_len(vals); + + return 0; } static krb5_error_code LDAP_get_integer_value(HDB * db, LDAPMessage * entry, const char *attribute, int *ptr) { - char **vals; + krb5_error_code ret; + char *val; - vals = ldap_get_values(HDB2LDAP(db), entry, (char *) attribute); - if (vals == NULL) - return HDB_ERR_NOENTRY; - - *ptr = atoi(vals[0]); - ldap_value_free(vals); + ret = LDAP_get_string_value(db, entry, attribute, &val); + if (ret) + return ret; + *ptr = atoi(val); + free(val); return 0; } @@ -369,6 +371,14 @@ LDAP_get_generalized_time_value(HDB * db, LDAPMessage * entry, return 0; } +static int +bervalstrcmp(struct berval *v, const char *str) +{ + size_t len = strlen(str); + return (v->bv_len == len) && strncasecmp(str, (char *)v->bv_val, len) == 0; +} + + static krb5_error_code LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, LDAPMessage * msg, LDAPMod *** pmods) @@ -386,40 +396,39 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, krb5_boolean is_heimdal_entry = FALSE; krb5_boolean is_heimdal_principal = FALSE; - char **values; + struct berval **vals; *pmods = NULL; if (msg != NULL) { - ret = LDAP_message2entry(context, db, msg, &orig); + ret = LDAP_message2entry(context, db, msg, 0, &orig); if (ret) goto out; is_new_entry = FALSE; - - values = ldap_get_values(HDB2LDAP(db), msg, "objectClass"); - if (values) { - int num_objectclasses = ldap_count_values(values); + + vals = ldap_get_values_len(HDB2LDAP(db), msg, "objectClass"); + if (vals) { + int num_objectclasses = ldap_count_values_len(vals); for (i=0; i < num_objectclasses; i++) { - if (strcasecmp(values[i], "sambaSamAccount") == 0) { + if (bervalstrcmp(vals[i], "sambaSamAccount")) is_samba_account = TRUE; - } else if (strcasecmp(values[i], structural_object) == 0) { + else if (bervalstrcmp(vals[i], structural_object)) is_account = TRUE; - } else if (strcasecmp(values[i], "krb5Principal") == 0) { + else if (bervalstrcmp(vals[i], "krb5Principal")) is_heimdal_principal = TRUE; - } else if (strcasecmp(values[i], "krb5KDCEntry") == 0) { + else if (bervalstrcmp(vals[i], "krb5KDCEntry")) is_heimdal_entry = TRUE; - } } - ldap_value_free(values); + ldap_value_free_len(vals); } /* * If this is just a "account" entry and no other objectclass * is hanging on this entry, it's really a new entry. */ - if (is_samba_account == FALSE && is_heimdal_principal == FALSE && + if (is_samba_account == FALSE && is_heimdal_principal == FALSE && is_heimdal_entry == FALSE) { if (is_account == TRUE) { is_new_entry = TRUE; @@ -440,10 +449,10 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", "top"); if (ret) goto out; - + /* account is the structural object class */ if (is_account == FALSE) { - ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", + ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", structural_object); is_account = TRUE; if (ret) @@ -461,7 +470,7 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, goto out; } - if (is_new_entry || + if (is_new_entry || krb5_principal_compare(context, ent->entry.principal, orig.entry.principal) == FALSE) { @@ -495,7 +504,7 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, if (is_heimdal_entry && (ent->entry.kvno != orig.entry.kvno || is_new_entry)) { ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, - "krb5KeyVersionNumber", + "krb5KeyVersionNumber", ent->entry.kvno); if (ret) goto out; @@ -514,7 +523,7 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, if (ent->entry.valid_end) { if (orig.entry.valid_end == NULL || (*(ent->entry.valid_end) != *(orig.entry.valid_end))) { - if (is_heimdal_entry) { + if (is_heimdal_entry) { ret = LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE, "krb5ValidEnd", ent->entry.valid_end); @@ -523,7 +532,7 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, } if (is_samba_account) { ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, - "sambaKickoffTime", + "sambaKickoffTime", *(ent->entry.valid_end)); if (ret) goto out; @@ -543,7 +552,7 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, if (is_samba_account) { ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, - "sambaPwdMustChange", + "sambaPwdMustChange", *(ent->entry.pw_end)); if (ret) goto out; @@ -556,7 +565,7 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, if (is_samba_account && ent->entry.last_pw_change) { if (orig.entry.last_pw_change == NULL || (*(ent->entry.last_pw_change) != *(orig.entry.last_pw_change))) { ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, - "sambaPwdLastSet", + "sambaPwdLastSet", *(ent->entry.last_pw_change)); if (ret) goto out; @@ -569,7 +578,7 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, || (*(ent->entry.max_life) != *(orig.entry.max_life))) { ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, - "krb5MaxLife", + "krb5MaxLife", *(ent->entry.max_life)); if (ret) goto out; @@ -602,9 +611,9 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, /* Remove keys if they exists, and then replace keys. */ if (!is_new_entry && orig.entry.keys.len > 0) { - values = ldap_get_values(HDB2LDAP(db), msg, "krb5Key"); - if (values) { - ldap_value_free(values); + vals = ldap_get_values_len(HDB2LDAP(db), msg, "krb5Key"); + if (vals) { + ldap_value_free_len(vals); ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5Key", NULL); if (ret) @@ -618,38 +627,43 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, && ent->entry.keys.val[i].key.keytype == ETYPE_ARCFOUR_HMAC_MD5) { char *ntHexPassword; char *nt; - + time_t now = time(NULL); + /* the key might have been 'sealed', but samba passwords are clear in the directory */ ret = hdb_unseal_key(context, db, &ent->entry.keys.val[i]); if (ret) goto out; - + nt = ent->entry.keys.val[i].key.keyvalue.data; /* store in ntPassword, not krb5key */ ret = hex_encode(nt, 16, &ntHexPassword); if (ret < 0) { - krb5_set_error_string(context, "hdb-ldap: failed to " - "hex encode key"); ret = ENOMEM; + krb5_set_error_message(context, ret, "hdb-ldap: failed to " + "hex encode key"); goto out; } - ret = LDAP_addmod(&mods, LDAP_MOD_REPLACE, "sambaNTPassword", + ret = LDAP_addmod(&mods, LDAP_MOD_REPLACE, "sambaNTPassword", ntHexPassword); free(ntHexPassword); if (ret) goto out; - + ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, + "sambaPwdLastSet", now); + if (ret) + goto out; + /* have to kill the LM passwod if it exists */ - values = ldap_get_values(HDB2LDAP(db), msg, "sambaLMPassword"); - if (values) { - ldap_value_free(values); + vals = ldap_get_values_len(HDB2LDAP(db), msg, "sambaLMPassword"); + if (vals) { + ldap_value_free_len(vals); ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "sambaLMPassword", NULL); if (ret) goto out; } - + } else if (is_heimdal_entry) { unsigned char *buf; size_t len, buf_size; @@ -670,15 +684,15 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, if (ent->entry.etypes) { int add_krb5EncryptionType = 0; - /* + /* * Only add/modify krb5EncryptionType if it's a new heimdal * entry or krb5EncryptionType already exists on the entry. */ if (!is_new_entry) { - values = ldap_get_values(HDB2LDAP(db), msg, "krb5EncryptionType"); - if (values) { - ldap_value_free(values); + vals = ldap_get_values_len(HDB2LDAP(db), msg, "krb5EncryptionType"); + if (vals) { + ldap_value_free_len(vals); ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5EncryptionType", NULL); if (ret) @@ -690,7 +704,7 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, if (add_krb5EncryptionType) { for (i = 0; i < ent->entry.etypes->len; i++) { - if (is_samba_account && + if (is_samba_account && ent->entry.keys.val[i].key.keytype == ETYPE_ARCFOUR_HMAC_MD5) { ; @@ -730,20 +744,22 @@ LDAP_dn2principal(krb5_context context, HDB * db, const char *dn, krb5_error_code ret; int rc; const char *filter = "(objectClass=krb5Principal)"; - char **values; LDAPMessage *res = NULL, *e; + char *p; ret = LDAP_no_size_limit(context, HDB2LDAP(db)); if (ret) goto out; - rc = ldap_search_s(HDB2LDAP(db), dn, LDAP_SCOPE_SUBTREE, - filter, krb5principal_attrs, - 0, &res); + rc = ldap_search_ext_s(HDB2LDAP(db), dn, LDAP_SCOPE_SUBTREE, + filter, krb5principal_attrs, 0, + NULL, NULL, NULL, + 0, &res); if (check_ldap(context, db, rc)) { - krb5_set_error_string(context, "ldap_search_s: filter: %s error: %s", - filter, ldap_err2string(rc)); ret = HDB_ERR_NOENTRY; + krb5_set_error_message(context, ret, "ldap_search_ext_s: " + "filter: %s error: %s", + filter, ldap_err2string(rc)); goto out; } @@ -753,14 +769,14 @@ LDAP_dn2principal(krb5_context context, HDB * db, const char *dn, goto out; } - values = ldap_get_values(HDB2LDAP(db), e, "krb5PrincipalName"); - if (values == NULL) { + ret = LDAP_get_string_value(db, e, "krb5PrincipalName", &p); + if (ret) { ret = HDB_ERR_NOENTRY; goto out; } - ret = krb5_parse_name(context, values[0], principal); - ldap_value_free(values); + ret = krb5_parse_name(context, p, principal); + free(p); out: if (res) @@ -769,6 +785,49 @@ LDAP_dn2principal(krb5_context context, HDB * db, const char *dn, return ret; } +static int +need_quote(unsigned char c) +{ + return (c & 0x80) || + (c < 32) || + (c == '(') || + (c == ')') || + (c == '*') || + (c == '\\') || + (c == 0x7f); +} + +const static char hexchar[] = "0123456789ABCDEF"; + +static krb5_error_code +escape_value(krb5_context context, const unsigned char *unquoted, char **quoted) +{ + size_t i, len; + + for (i = 0, len = 0; unquoted[i] != '\0'; i++, len++) { + if (need_quote((unsigned char)unquoted[i])) + len += 2; + } + + *quoted = malloc(len + 1); + if (*quoted == NULL) { + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + + for (i = 0; unquoted[0] ; unquoted++) { + if (need_quote((unsigned char *)unquoted[0])) { + (*quoted)[i++] = '\\'; + (*quoted)[i++] = hexchar[(unquoted[0] >> 4) & 0xf]; + (*quoted)[i++] = hexchar[(unquoted[0] ) & 0xf]; + } else + (*quoted)[i++] = (char)unquoted[0]; + } + (*quoted)[i] = '\0'; + return 0; +} + + static krb5_error_code LDAP__lookup_princ(krb5_context context, HDB *db, @@ -778,18 +837,29 @@ LDAP__lookup_princ(krb5_context context, { krb5_error_code ret; int rc; - char *filter = NULL; + char *quote, *filter = NULL; ret = LDAP__connect(context, db); if (ret) return ret; + /* + * Quote searches that contain filter language, this quote + * searches for *@REALM, which takes very long time. + */ + + ret = escape_value(context, princname, "e); + if (ret) + goto out; + rc = asprintf(&filter, "(&(objectClass=krb5Principal)(krb5PrincipalName=%s))", - princname); + quote); + free(quote); + if (rc < 0) { - krb5_set_error_string(context, "asprintf: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } @@ -797,12 +867,16 @@ LDAP__lookup_princ(krb5_context context, if (ret) goto out; - rc = ldap_search_s(HDB2LDAP(db), HDB2BASE(db), LDAP_SCOPE_SUBTREE, filter, - krb5kdcentry_attrs, 0, msg); + rc = ldap_search_ext_s(HDB2LDAP(db), HDB2BASE(db), + LDAP_SCOPE_SUBTREE, filter, + krb5kdcentry_attrs, 0, + NULL, NULL, NULL, + 0, msg); if (check_ldap(context, db, rc)) { - krb5_set_error_string(context, "ldap_search_s: filter: %s - error: %s", - filter, ldap_err2string(rc)); ret = HDB_ERR_NOENTRY; + krb5_set_error_message(context, ret, "ldap_search_ext_s: " + "filter: %s - error: %s", + filter, ldap_err2string(rc)); goto out; } @@ -811,27 +885,34 @@ LDAP__lookup_princ(krb5_context context, filter = NULL; ldap_msgfree(*msg); *msg = NULL; - + + ret = escape_value(context, userid, "e); + if (ret) + goto out; + rc = asprintf(&filter, "(&(|(objectClass=sambaSamAccount)(objectClass=%s))(uid=%s))", - structural_object, userid); + structural_object, quote); + free(quote); if (rc < 0) { - krb5_set_error_string(context, "asprintf: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "asprintf: out of memory"); goto out; } - + ret = LDAP_no_size_limit(context, HDB2LDAP(db)); if (ret) goto out; - rc = ldap_search_s(HDB2LDAP(db), HDB2BASE(db), LDAP_SCOPE_SUBTREE, - filter, krb5kdcentry_attrs, 0, msg); + rc = ldap_search_ext_s(HDB2LDAP(db), HDB2BASE(db), LDAP_SCOPE_SUBTREE, + filter, krb5kdcentry_attrs, 0, + NULL, NULL, NULL, + 0, msg); if (check_ldap(context, db, rc)) { - krb5_set_error_string(context, - "ldap_search_s: filter: %s error: %s", - filter, ldap_err2string(rc)); ret = HDB_ERR_NOENTRY; + krb5_set_error_message(context, ret, + "ldap_search_ext_s: filter: %s error: %s", + filter, ldap_err2string(rc)); goto out; } } @@ -889,14 +970,13 @@ LDAP_principal2message(krb5_context context, HDB * db, */ static krb5_error_code LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, - hdb_entry_ex * ent) + int flags, hdb_entry_ex * ent) { char *unparsed_name = NULL, *dn = NULL, *ntPasswordIN = NULL; char *samba_acct_flags = NULL; - unsigned long tmp; struct berval **keys; - char **values; - int tmp_time, i, ret, have_arcfour = 0; + struct berval **vals; + int tmp, tmp_time, i, ret, have_arcfour = 0; memset(ent, 0, sizeof(*ent)); ent->entry.flags = int2HDBFlags(0); @@ -914,7 +994,8 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, if (ret) goto out; } else { - krb5_set_error_string(context, "hdb-ldap: ldap entry missing" + krb5_set_error_message(context, HDB_ERR_NOENTRY, + "hdb-ldap: ldap entry missing" "principal name"); return HDB_ERR_NOENTRY; } @@ -938,8 +1019,8 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, ent->entry.keys.len = ldap_count_values_len(keys); ent->entry.keys.val = (Key *) calloc(ent->entry.keys.len, sizeof(Key)); if (ent->entry.keys.val == NULL) { - krb5_set_error_string(context, "calloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "calloc: out of memory"); goto out; } for (i = 0; i < ent->entry.keys.len; i++) { @@ -962,27 +1043,39 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, #endif } - values = ldap_get_values(HDB2LDAP(db), msg, "krb5EncryptionType"); - if (values != NULL) { + vals = ldap_get_values_len(HDB2LDAP(db), msg, "krb5EncryptionType"); + if (vals != NULL) { int i; ent->entry.etypes = malloc(sizeof(*(ent->entry.etypes))); if (ent->entry.etypes == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret,"malloc: out of memory"); goto out; } - ent->entry.etypes->len = ldap_count_values(values); + ent->entry.etypes->len = ldap_count_values_len(vals); ent->entry.etypes->val = calloc(ent->entry.etypes->len, sizeof(int)); if (ent->entry.etypes->val == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); + ent->entry.etypes->len = 0; goto out; } for (i = 0; i < ent->entry.etypes->len; i++) { - ent->entry.etypes->val[i] = atoi(values[i]); + char *buf; + + buf = malloc(vals[i]->bv_len + 1); + if (buf == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); + goto out; + } + memcpy(buf, vals[i]->bv_val, vals[i]->bv_len); + buf[vals[i]->bv_len] = '\0'; + ent->entry.etypes->val[i] = atoi(buf); + free(buf); } - ldap_value_free(values); + ldap_value_free_len(vals); } for (i = 0; i < ent->entry.keys.len; i++) { @@ -1003,8 +1096,8 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, (ent->entry.keys.len + 1) * sizeof(ent->entry.keys.val[0])); if (keys == NULL) { free(ntPasswordIN); - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } ent->entry.keys.val = keys; @@ -1012,7 +1105,7 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, ent->entry.keys.val[ent->entry.keys.len].key.keytype = ETYPE_ARCFOUR_HMAC_MD5; ret = krb5_data_alloc (&ent->entry.keys.val[ent->entry.keys.len].key.keyvalue, 16); if (ret) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, "malloc: out of memory"); free(ntPasswordIN); ret = ENOMEM; goto out; @@ -1024,8 +1117,8 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, if (ent->entry.etypes == NULL) { ent->entry.etypes = malloc(sizeof(*(ent->entry.etypes))); if (ent->entry.etypes == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } ent->entry.etypes->val = NULL; @@ -1037,16 +1130,16 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, break; /* If there is no ARCFOUR enctype, add one */ if (i == ent->entry.etypes->len) { - etypes = realloc(ent->entry.etypes->val, - (ent->entry.etypes->len + 1) * + etypes = realloc(ent->entry.etypes->val, + (ent->entry.etypes->len + 1) * sizeof(ent->entry.etypes->val[0])); if (etypes == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; - goto out; + krb5_set_error_message(context, ret, "malloc: out of memory"); + goto out; } ent->entry.etypes->val = etypes; - ent->entry.etypes->val[ent->entry.etypes->len] = + ent->entry.etypes->val[ent->entry.etypes->len] = ETYPE_ARCFOUR_HMAC_MD5; ent->entry.etypes->len++; } @@ -1059,37 +1152,38 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, ent->entry.created_by.principal = NULL; - ret = LDAP_get_string_value(db, msg, "creatorsName", &dn); - if (ret == 0) { - if (LDAP_dn2principal(context, db, dn, &ent->entry.created_by.principal) - != 0) { - ent->entry.created_by.principal = NULL; + if (flags & HDB_F_ADMIN_DATA) { + ret = LDAP_get_string_value(db, msg, "creatorsName", &dn); + if (ret == 0) { + LDAP_dn2principal(context, db, dn, &ent->entry.created_by.principal); + free(dn); } - free(dn); - } - ent->entry.modified_by = (Event *) malloc(sizeof(Event)); - if (ent->entry.modified_by == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - ret = LDAP_get_generalized_time_value(db, msg, "modifyTimestamp", - &ent->entry.modified_by->time); - if (ret == 0) { - ret = LDAP_get_string_value(db, msg, "modifiersName", &dn); - if (LDAP_dn2principal(context, db, dn, &ent->entry.modified_by->principal)) - ent->entry.modified_by->principal = NULL; - free(dn); - } else { - free(ent->entry.modified_by); - ent->entry.modified_by = NULL; + ent->entry.modified_by = calloc(1, sizeof(*ent->entry.modified_by)); + if (ent->entry.modified_by == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); + goto out; + } + + ret = LDAP_get_generalized_time_value(db, msg, "modifyTimestamp", + &ent->entry.modified_by->time); + if (ret == 0) { + ret = LDAP_get_string_value(db, msg, "modifiersName", &dn); + if (ret == 0) { + LDAP_dn2principal(context, db, dn, &ent->entry.modified_by->principal); + free(dn); + } else { + free(ent->entry.modified_by); + ent->entry.modified_by = NULL; + } + } } ent->entry.valid_start = malloc(sizeof(*ent->entry.valid_start)); if (ent->entry.valid_start == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } ret = LDAP_get_generalized_time_value(db, msg, "krb5ValidStart", @@ -1099,11 +1193,11 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, free(ent->entry.valid_start); ent->entry.valid_start = NULL; } - + ent->entry.valid_end = malloc(sizeof(*ent->entry.valid_end)); if (ent->entry.valid_end == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } ret = LDAP_get_generalized_time_value(db, msg, "krb5ValidEnd", @@ -1119,8 +1213,8 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, if (ent->entry.valid_end == NULL) { ent->entry.valid_end = malloc(sizeof(*ent->entry.valid_end)); if (ent->entry.valid_end == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } } @@ -1129,8 +1223,8 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, ent->entry.pw_end = malloc(sizeof(*ent->entry.pw_end)); if (ent->entry.pw_end == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } ret = LDAP_get_generalized_time_value(db, msg, "krb5PasswordEnd", @@ -1141,13 +1235,34 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, ent->entry.pw_end = NULL; } + ret = LDAP_get_integer_value(db, msg, "sambaPwdLastSet", &tmp_time); + if (ret == 0) { + time_t delta; + + if (ent->entry.pw_end == NULL) { + ent->entry.pw_end = malloc(sizeof(*ent->entry.pw_end)); + if (ent->entry.pw_end == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); + goto out; + } + } + + delta = krb5_config_get_time_default(context, NULL, + 365 * 24 * 60 * 60, + "kadmin", + "password_lifetime", + NULL); + *ent->entry.pw_end = tmp_time + delta; + } + ret = LDAP_get_integer_value(db, msg, "sambaPwdMustChange", &tmp_time); if (ret == 0) { if (ent->entry.pw_end == NULL) { ent->entry.pw_end = malloc(sizeof(*ent->entry.pw_end)); if (ent->entry.pw_end == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } } @@ -1164,8 +1279,8 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, ent->entry.max_life = malloc(sizeof(*ent->entry.max_life)); if (ent->entry.max_life == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } ret = LDAP_get_integer_value(db, msg, "krb5MaxLife", &max_life); @@ -1181,8 +1296,8 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, ent->entry.max_renew = malloc(sizeof(*ent->entry.max_renew)); if (ent->entry.max_renew == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); goto out; } ret = LDAP_get_integer_value(db, msg, "krb5MaxRenew", &max_renew); @@ -1193,18 +1308,9 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, *ent->entry.max_renew = max_renew; } - values = ldap_get_values(HDB2LDAP(db), msg, "krb5KDCFlags"); - if (values != NULL) { - errno = 0; - tmp = strtoul(values[0], (char **) NULL, 10); - if (tmp == ULONG_MAX && errno == ERANGE) { - krb5_set_error_string(context, "strtoul: could not convert flag"); - ret = ERANGE; - goto out; - } - } else { + ret = LDAP_get_integer_value(db, msg, "krb5KDCFlags", &tmp); + if (ret) tmp = 0; - } ent->entry.flags = int2HDBFlags(tmp); @@ -1212,29 +1318,29 @@ LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, ret = LDAP_get_string_value(db, msg, "sambaAcctFlags", &samba_acct_flags); if (ret == 0) { /* parse the [UXW...] string: - - 'N' No password - 'D' Disabled - 'H' Homedir required - 'T' Temp account. - 'U' User account (normal) - 'M' MNS logon user account - what is this ? - 'W' Workstation account - 'S' Server account - 'L' Locked account - 'X' No Xpiry on password - 'I' Interdomain trust account - - */ - + + 'N' No password + 'D' Disabled + 'H' Homedir required + 'T' Temp account. + 'U' User account (normal) + 'M' MNS logon user account - what is this ? + 'W' Workstation account + 'S' Server account + 'L' Locked account + 'X' No Xpiry on password + 'I' Interdomain trust account + + */ + int i; int flags_len = strlen(samba_acct_flags); if (flags_len < 2) goto out2; - if (samba_acct_flags[0] != '[' - || samba_acct_flags[flags_len - 1] != ']') + if (samba_acct_flags[0] != '[' + || samba_acct_flags[flags_len - 1] != ']') goto out2; /* Allow forwarding */ @@ -1307,7 +1413,7 @@ LDAP_close(krb5_context context, HDB * db) ldap_unbind_ext(HDB2LDAP(db), NULL, NULL); ((struct hdbldapdb *)db->hdb_db)->h_lp = NULL; } - + return 0; } @@ -1343,7 +1449,7 @@ LDAP_seq(krb5_context context, HDB * db, unsigned flags, hdb_entry_ex * entry) break; case LDAP_RES_SEARCH_ENTRY: /* We have an entry. Parse it. */ - ret = LDAP_message2entry(context, db, e, entry); + ret = LDAP_message2entry(context, db, e, flags, entry); ldap_msgfree(e); break; case LDAP_RES_SEARCH_RESULT: @@ -1351,13 +1457,13 @@ LDAP_seq(krb5_context context, HDB * db, unsigned flags, hdb_entry_ex * entry) parserc = ldap_parse_result(HDB2LDAP(db), e, NULL, NULL, NULL, NULL, NULL, 1); + ret = HDB_ERR_NOENTRY; if (parserc != LDAP_SUCCESS && parserc != LDAP_MORE_RESULTS_TO_RETURN) { - krb5_set_error_string(context, "ldap_parse_result: %s", - ldap_err2string(parserc)); - ldap_abandon(HDB2LDAP(db), msgid); + krb5_set_error_message(context, ret, "ldap_parse_result: %s", + ldap_err2string(parserc)); + ldap_abandon_ext(HDB2LDAP(db), msgid, NULL, NULL); } - ret = HDB_ERR_NOENTRY; HDBSETMSGID(db, -1); break; case LDAP_SERVER_DOWN: @@ -1369,7 +1475,7 @@ LDAP_seq(krb5_context context, HDB * db, unsigned flags, hdb_entry_ex * entry) default: /* Some unspecified error (timeout?). Abandon. */ ldap_msgfree(e); - ldap_abandon(HDB2LDAP(db), msgid); + ldap_abandon_ext(HDB2LDAP(db), msgid, NULL, NULL); ret = HDB_ERR_NOENTRY; HDBSETMSGID(db, -1); break; @@ -1402,10 +1508,11 @@ LDAP_firstkey(krb5_context context, HDB *db, unsigned flags, if (ret) return ret; - msgid = ldap_search(HDB2LDAP(db), HDB2BASE(db), + ret = ldap_search_ext(HDB2LDAP(db), HDB2BASE(db), LDAP_SCOPE_SUBTREE, "(|(objectClass=krb5Principal)(objectClass=sambaSamAccount))", - krb5kdcentry_attrs, 0); + krb5kdcentry_attrs, 0, + NULL, NULL, NULL, 0, &msgid); if (msgid < 0) return HDB_ERR_NOENTRY; @@ -1451,16 +1558,16 @@ LDAP__connect(krb5_context context, HDB * db) rc = ldap_initialize(&((struct hdbldapdb *)db->hdb_db)->h_lp, HDB2URL(db)); if (rc != LDAP_SUCCESS) { - krb5_set_error_string(context, "ldap_initialize: %s", - ldap_err2string(rc)); + krb5_set_error_message(context, HDB_ERR_NOENTRY, "ldap_initialize: %s", + ldap_err2string(rc)); return HDB_ERR_NOENTRY; } rc = ldap_set_option(HDB2LDAP(db), LDAP_OPT_PROTOCOL_VERSION, (const void *)&version); if (rc != LDAP_SUCCESS) { - krb5_set_error_string(context, "ldap_set_option: %s", - ldap_err2string(rc)); + krb5_set_error_message(context, HDB_ERR_BADVERSION, + "ldap_set_option: %s", ldap_err2string(rc)); LDAP_close(context, db); return HDB_ERR_BADVERSION; } @@ -1468,8 +1575,8 @@ LDAP__connect(krb5_context context, HDB * db) rc = ldap_sasl_bind_s(HDB2LDAP(db), NULL, "EXTERNAL", &bv, NULL, NULL, NULL); if (rc != LDAP_SUCCESS) { - krb5_set_error_string(context, "ldap_sasl_bind_s: %s", - ldap_err2string(rc)); + krb5_set_error_message(context, HDB_ERR_BADVERSION, + "ldap_sasl_bind_s: %s", ldap_err2string(rc)); LDAP_close(context, db); return HDB_ERR_BADVERSION; } @@ -1497,8 +1604,8 @@ LDAP_open(krb5_context context, HDB * db, int flags, mode_t mode) } static krb5_error_code -LDAP_fetch(krb5_context context, HDB * db, krb5_const_principal principal, - unsigned flags, hdb_entry_ex * entry) +LDAP_fetch_kvno(krb5_context context, HDB * db, krb5_const_principal principal, + unsigned flags, krb5_kvno kvno, hdb_entry_ex * entry) { LDAPMessage *msg, *e; krb5_error_code ret; @@ -1513,7 +1620,7 @@ LDAP_fetch(krb5_context context, HDB * db, krb5_const_principal principal, goto out; } - ret = LDAP_message2entry(context, db, e, entry); + ret = LDAP_message2entry(context, db, e, flags, entry); if (ret == 0) { if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { ret = hdb_unseal_keys(context, db, &entry->entry); @@ -1528,6 +1635,14 @@ LDAP_fetch(krb5_context context, HDB * db, krb5_const_principal principal, return ret; } +static krb5_error_code +LDAP_fetch(krb5_context context, HDB * db, krb5_const_principal principal, + unsigned flags, hdb_entry_ex * entry) +{ + return LDAP_fetch_kvno(context, db, principal, + flags & (~HDB_F_KVNO_SPECIFIED), 0, entry); +} + static krb5_error_code LDAP_store(krb5_context context, HDB * db, unsigned flags, hdb_entry_ex * entry) @@ -1561,8 +1676,8 @@ LDAP_store(krb5_context context, HDB * db, unsigned flags, if (e == NULL) { ret = asprintf(&dn, "krb5PrincipalName=%s,%s", name, HDB2CREATE(db)); if (ret < 0) { - krb5_set_error_string(context, "asprintf: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, "asprintf: out of memory"); goto out; } } else if (flags & HDB_F_REPLACE) { @@ -1577,21 +1692,21 @@ LDAP_store(krb5_context context, HDB * db, unsigned flags, /* write entry into directory */ if (e == NULL) { /* didn't exist before */ - rc = ldap_add_s(HDB2LDAP(db), dn, mods); - errfn = "ldap_add_s"; + rc = ldap_add_ext_s(HDB2LDAP(db), dn, mods, NULL, NULL ); + errfn = "ldap_add_ext_s"; } else { /* already existed, send deltas only */ - rc = ldap_modify_s(HDB2LDAP(db), dn, mods); - errfn = "ldap_modify_s"; + rc = ldap_modify_ext_s(HDB2LDAP(db), dn, mods, NULL, NULL ); + errfn = "ldap_modify_ext_s"; } if (check_ldap(context, db, rc)) { char *ld_error = NULL; ldap_get_option(HDB2LDAP(db), LDAP_OPT_ERROR_STRING, &ld_error); - krb5_set_error_string(context, "%s: %s (DN=%s) %s: %s", - errfn, name, dn, ldap_err2string(rc), ld_error); ret = HDB_ERR_CANT_LOCK_DB; + krb5_set_error_message(context, ret, "%s: %s (DN=%s) %s: %s", + errfn, name, dn, ldap_err2string(rc), ld_error); } else ret = 0; @@ -1635,17 +1750,17 @@ LDAP_remove(krb5_context context, HDB *db, krb5_const_principal principal) rc = ldap_set_option(HDB2LDAP(db), LDAP_OPT_SIZELIMIT, (const void *)&limit); if (rc != LDAP_SUCCESS) { - krb5_set_error_string(context, "ldap_set_option: %s", - ldap_err2string(rc)); ret = HDB_ERR_BADVERSION; + krb5_set_error_message(context, ret, "ldap_set_option: %s", + ldap_err2string(rc)); goto out; } - rc = ldap_delete_s(HDB2LDAP(db), dn); + rc = ldap_delete_ext_s(HDB2LDAP(db), dn, NULL, NULL ); if (check_ldap(context, db, rc)) { - krb5_set_error_string(context, "ldap_delete_s: %s", - ldap_err2string(rc)); ret = HDB_ERR_CANT_LOCK_DB; + krb5_set_error_message(context, ret, "ldap_delete_ext_s: %s", + ldap_err2string(rc)); } else ret = 0; @@ -1680,7 +1795,7 @@ LDAP_destroy(krb5_context context, HDB * db) return ret; } -krb5_error_code +static krb5_error_code hdb_ldap_common(krb5_context context, HDB ** db, const char *search_base, @@ -1690,40 +1805,40 @@ hdb_ldap_common(krb5_context context, const char *create_base = NULL; if (search_base == NULL && search_base[0] == '\0') { - krb5_set_error_string(context, "ldap search base not configured"); + krb5_set_error_message(context, ENOMEM, "ldap search base not configured"); return ENOMEM; /* XXX */ } if (structural_object == NULL) { const char *p; - p = krb5_config_get_string(context, NULL, "kdc", + p = krb5_config_get_string(context, NULL, "kdc", "hdb-ldap-structural-object", NULL); if (p == NULL) p = default_structural_object; structural_object = strdup(p); if (structural_object == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } } - samba_forwardable = + samba_forwardable = krb5_config_get_bool_default(context, NULL, TRUE, "kdc", "hdb-samba-forwardable", NULL); *db = calloc(1, sizeof(**db)); if (*db == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } memset(*db, 0, sizeof(**db)); h = calloc(1, sizeof(*h)); if (h == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); free(*db); *db = NULL; + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } (*db)->hdb_db = h; @@ -1731,8 +1846,8 @@ hdb_ldap_common(krb5_context context, /* XXX */ if (asprintf(&(*db)->hdb_name, "ldap:%s", search_base) == -1) { LDAP_destroy(context, *db); - krb5_set_error_string(context, "strdup: out of memory"); *db = NULL; + krb5_set_error_message(context, ENOMEM, "strdup: out of memory"); return ENOMEM; } @@ -1740,12 +1855,12 @@ hdb_ldap_common(krb5_context context, h->h_base = strdup(search_base); if (h->h_url == NULL || h->h_base == NULL) { LDAP_destroy(context, *db); - krb5_set_error_string(context, "strdup: out of memory"); *db = NULL; + krb5_set_error_message(context, ENOMEM, "strdup: out of memory"); return ENOMEM; } - create_base = krb5_config_get_string(context, NULL, "kdc", + create_base = krb5_config_get_string(context, NULL, "kdc", "hdb-ldap-create-base", NULL); if (create_base == NULL) create_base = h->h_base; @@ -1753,16 +1868,17 @@ hdb_ldap_common(krb5_context context, h->h_createbase = strdup(create_base); if (h->h_createbase == NULL) { LDAP_destroy(context, *db); - krb5_set_error_string(context, "strdup: out of memory"); *db = NULL; + krb5_set_error_message(context, ENOMEM, "strdup: out of memory"); return ENOMEM; } (*db)->hdb_master_key_set = 0; (*db)->hdb_openp = 0; + (*db)->hdb_capability_flags = 0; (*db)->hdb_open = LDAP_open; (*db)->hdb_close = LDAP_close; - (*db)->hdb_fetch = LDAP_fetch; + (*db)->hdb_fetch_kvno = LDAP_fetch_kvno; (*db)->hdb_store = LDAP_store; (*db)->hdb_remove = LDAP_remove; (*db)->hdb_firstkey = LDAP_firstkey; @@ -1792,14 +1908,15 @@ hdb_ldapi_create(krb5_context context, HDB ** db, const char *arg) asprintf(&p, "ldapi:%s", arg); if (p == NULL) { - krb5_set_error_string(context, "out of memory"); *db = NULL; + krb5_set_error_message(context, ENOMEM, "out of memory"); return ENOMEM; } search_base = strchr(p + strlen("ldapi://"), ':'); if (search_base == NULL) { - krb5_set_error_string(context, "search base missing"); *db = NULL; + krb5_set_error_message(context, HDB_ERR_BADVERSION, + "search base missing"); return HDB_ERR_BADVERSION; } *search_base = '\0'; diff --git a/lib/hdb/hdb-mitdb.c b/lib/hdb/hdb-mitdb.c new file mode 100644 index 000000000000..cd619b3b8eb4 --- /dev/null +++ b/lib/hdb/hdb-mitdb.c @@ -0,0 +1,818 @@ +/* + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#define KRB5_KDB_DISALLOW_POSTDATED 0x00000001 +#define KRB5_KDB_DISALLOW_FORWARDABLE 0x00000002 +#define KRB5_KDB_DISALLOW_TGT_BASED 0x00000004 +#define KRB5_KDB_DISALLOW_RENEWABLE 0x00000008 +#define KRB5_KDB_DISALLOW_PROXIABLE 0x00000010 +#define KRB5_KDB_DISALLOW_DUP_SKEY 0x00000020 +#define KRB5_KDB_DISALLOW_ALL_TIX 0x00000040 +#define KRB5_KDB_REQUIRES_PRE_AUTH 0x00000080 +#define KRB5_KDB_REQUIRES_HW_AUTH 0x00000100 +#define KRB5_KDB_REQUIRES_PWCHANGE 0x00000200 +#define KRB5_KDB_DISALLOW_SVR 0x00001000 +#define KRB5_KDB_PWCHANGE_SERVICE 0x00002000 +#define KRB5_KDB_SUPPORT_DESMD5 0x00004000 +#define KRB5_KDB_NEW_PRINC 0x00008000 + +/* + +key: krb5_unparse_name + NUL + + 16: baselength + 32: attributes + 32: max time + 32: max renewable time + 32: client expire + 32: passwd expire + 32: last successful passwd + 32: last failed attempt + 32: num of failed attempts + 16: num tl data + 16: num data data + 16: principal length + length: principal + for num tl data times + 16: tl data type + 16: tl data length + length: length + for num key data times + 16: version (num keyblocks) + 16: kvno + for version times: + 16: type + 16: length + length: keydata + + +key_data_contents[0] + + int16: length + read-of-data: key-encrypted, key-usage 0, master-key + +salt: + version2 = salt in key_data->key_data_contents[1] + else default salt. + +*/ + +#include "hdb_locl.h" + +#define KDB_V1_BASE_LENGTH 38 + +#if HAVE_DB1 + +#if defined(HAVE_DB_185_H) +#include +#elif defined(HAVE_DB_H) +#include +#endif + +#define CHECK(x) do { if ((x)) goto out; } while(0) + +static krb5_error_code +mdb_principal2key(krb5_context context, + krb5_const_principal principal, + krb5_data *key) +{ + krb5_error_code ret; + char *str; + + ret = krb5_unparse_name(context, principal, &str); + if (ret) + return ret; + key->data = str; + key->length = strlen(str) + 1; + return 0; +} + +#define KRB5_KDB_SALTTYPE_NORMAL 0 +#define KRB5_KDB_SALTTYPE_V4 1 +#define KRB5_KDB_SALTTYPE_NOREALM 2 +#define KRB5_KDB_SALTTYPE_ONLYREALM 3 +#define KRB5_KDB_SALTTYPE_SPECIAL 4 +#define KRB5_KDB_SALTTYPE_AFS3 5 +#define KRB5_KDB_SALTTYPE_CERTHASH 6 + +static krb5_error_code +fix_salt(krb5_context context, hdb_entry *ent, int key_num) +{ + krb5_error_code ret; + Salt *salt = ent->keys.val[key_num].salt; + /* fix salt type */ + switch((int)salt->type) { + case KRB5_KDB_SALTTYPE_NORMAL: + salt->type = KRB5_PADATA_PW_SALT; + break; + case KRB5_KDB_SALTTYPE_V4: + krb5_data_free(&salt->salt); + salt->type = KRB5_PADATA_PW_SALT; + break; + case KRB5_KDB_SALTTYPE_NOREALM: + { + size_t len; + size_t i; + char *p; + + len = 0; + for (i = 0; i < ent->principal->name.name_string.len; ++i) + len += strlen(ent->principal->name.name_string.val[i]); + ret = krb5_data_alloc (&salt->salt, len); + if (ret) + return ret; + p = salt->salt.data; + for (i = 0; i < ent->principal->name.name_string.len; ++i) { + memcpy (p, + ent->principal->name.name_string.val[i], + strlen(ent->principal->name.name_string.val[i])); + p += strlen(ent->principal->name.name_string.val[i]); + } + + salt->type = KRB5_PADATA_PW_SALT; + break; + } + case KRB5_KDB_SALTTYPE_ONLYREALM: + krb5_data_free(&salt->salt); + ret = krb5_data_copy(&salt->salt, + ent->principal->realm, + strlen(ent->principal->realm)); + if(ret) + return ret; + salt->type = KRB5_PADATA_PW_SALT; + break; + case KRB5_KDB_SALTTYPE_SPECIAL: + salt->type = KRB5_PADATA_PW_SALT; + break; + case KRB5_KDB_SALTTYPE_AFS3: + krb5_data_free(&salt->salt); + ret = krb5_data_copy(&salt->salt, + ent->principal->realm, + strlen(ent->principal->realm)); + if(ret) + return ret; + salt->type = KRB5_PADATA_AFS3_SALT; + break; + case KRB5_KDB_SALTTYPE_CERTHASH: + krb5_data_free(&salt->salt); + free(ent->keys.val[key_num].salt); + ent->keys.val[key_num].salt = NULL; + break; + default: + abort(); + } + return 0; +} + + +static krb5_error_code +mdb_value2entry(krb5_context context, krb5_data *data, krb5_kvno kvno, hdb_entry *entry) +{ + krb5_error_code ret; + krb5_storage *sp; + uint32_t u32; + uint16_t u16, num_keys, num_tl; + size_t i, j; + char *p; + + sp = krb5_storage_from_data(data); + if (sp == NULL) { + krb5_set_error_message(context, ENOMEM, "out of memory"); + return ENOMEM; + } + + krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE); + + /* + * 16: baselength + * + * The story here is that these 16 bits have to be a constant: + * KDB_V1_BASE_LENGTH. Once upon a time a different value here + * would have been used to indicate the presence of "extra data" + * between the "base" contents and the {principal name, TL data, + * keys} that follow it. Nothing supports such "extra data" + * nowadays, so neither do we here. + * + * XXX But... surely we ought to log about this extra data, or skip + * it, or something, in case anyone has MIT KDBs with ancient + * entries in them... Logging would allow the admin to know which + * entries to dump with MIT krb5's kdb5_util. + */ + CHECK(ret = krb5_ret_uint16(sp, &u16)); + if (u16 != KDB_V1_BASE_LENGTH) { ret = EINVAL; goto out; } + /* 32: attributes */ + CHECK(ret = krb5_ret_uint32(sp, &u32)); + entry->flags.postdate = !(u32 & KRB5_KDB_DISALLOW_POSTDATED); + entry->flags.forwardable = !(u32 & KRB5_KDB_DISALLOW_FORWARDABLE); + entry->flags.initial = !!(u32 & KRB5_KDB_DISALLOW_TGT_BASED); + entry->flags.renewable = !(u32 & KRB5_KDB_DISALLOW_RENEWABLE); + entry->flags.proxiable = !(u32 & KRB5_KDB_DISALLOW_PROXIABLE); + /* DUP_SKEY */ + entry->flags.invalid = !!(u32 & KRB5_KDB_DISALLOW_ALL_TIX); + entry->flags.require_preauth =!!(u32 & KRB5_KDB_REQUIRES_PRE_AUTH); + entry->flags.require_hwauth =!!(u32 & KRB5_KDB_REQUIRES_HW_AUTH); + entry->flags.server = !(u32 & KRB5_KDB_DISALLOW_SVR); + entry->flags.change_pw = !!(u32 & KRB5_KDB_PWCHANGE_SERVICE); + entry->flags.client = 1; /* XXX */ + + /* 32: max time */ + CHECK(ret = krb5_ret_uint32(sp, &u32)); + if (u32) { + entry->max_life = malloc(sizeof(*entry->max_life)); + *entry->max_life = u32; + } + /* 32: max renewable time */ + CHECK(ret = krb5_ret_uint32(sp, &u32)); + if (u32) { + entry->max_renew = malloc(sizeof(*entry->max_renew)); + *entry->max_renew = u32; + } + /* 32: client expire */ + CHECK(ret = krb5_ret_uint32(sp, &u32)); + if (u32) { + entry->valid_end = malloc(sizeof(*entry->valid_end)); + *entry->valid_end = u32; + } + /* 32: passwd expire */ + CHECK(ret = krb5_ret_uint32(sp, &u32)); + if (u32) { + entry->pw_end = malloc(sizeof(*entry->pw_end)); + *entry->pw_end = u32; + } + /* 32: last successful passwd */ + CHECK(ret = krb5_ret_uint32(sp, &u32)); + /* 32: last failed attempt */ + CHECK(ret = krb5_ret_uint32(sp, &u32)); + /* 32: num of failed attempts */ + CHECK(ret = krb5_ret_uint32(sp, &u32)); + /* 16: num tl data */ + CHECK(ret = krb5_ret_uint16(sp, &u16)); + num_tl = u16; + /* 16: num key data */ + CHECK(ret = krb5_ret_uint16(sp, &u16)); + num_keys = u16; + /* 16: principal length */ + CHECK(ret = krb5_ret_uint16(sp, &u16)); + /* length: principal */ + { + /* + * Note that the principal name includes the NUL in the entry, + * but we don't want to take chances, so we add an extra NUL. + */ + p = malloc(u16 + 1); + if (p == NULL) { + ret = ENOMEM; + goto out; + } + krb5_storage_read(sp, p, u16); + p[u16] = '\0'; + CHECK(ret = krb5_parse_name(context, p, &entry->principal)); + free(p); + } + /* for num tl data times + 16: tl data type + 16: tl data length + length: length */ + for (i = 0; i < num_tl; i++) { + /* 16: TL data type */ + CHECK(ret = krb5_ret_uint16(sp, &u16)); + /* 16: TL data length */ + CHECK(ret = krb5_ret_uint16(sp, &u16)); + krb5_storage_seek(sp, u16, SEEK_CUR); + } + /* + * for num key data times + * 16: "version" + * 16: kvno + * for version times: + * 16: type + * 16: length + * length: keydata + * + * "version" here is really 1 or 2, the first meaning there's only + * keys for this kvno, the second meaning there's keys and salt[s?]. + * That's right... hold that gag reflex, you can do it. + */ + for (i = 0; i < num_keys; i++) { + int keep = 0; + uint16_t version; + void *ptr; + + CHECK(ret = krb5_ret_uint16(sp, &u16)); + version = u16; + CHECK(ret = krb5_ret_uint16(sp, &u16)); + + /* + * First time through, and until we find one matching key, + * entry->kvno == 0. + */ + if ((entry->kvno < u16) && (kvno == 0 || kvno == u16)) { + keep = 1; + entry->kvno = u16; + /* + * Found a higher kvno than earlier, so free the old highest + * kvno keys. + * + * XXX Of course, we actually want to extract the old kvnos + * as well, for some of the kadm5 APIs. We shouldn't free + * these keys, but keep them elsewhere. + */ + for (j = 0; j < entry->keys.len; j++) + free_Key(&entry->keys.val[j]); + free(entry->keys.val); + entry->keys.len = 0; + entry->keys.val = NULL; + } else if (entry->kvno == u16) + /* Accumulate keys */ + keep = 1; + + if (keep) { + Key *k; + + ptr = realloc(entry->keys.val, sizeof(entry->keys.val[0]) * (entry->keys.len + 1)); + if (ptr == NULL) { + ret = ENOMEM; + goto out; + } + entry->keys.val = ptr; + + /* k points to current Key */ + k = &entry->keys.val[entry->keys.len]; + + memset(k, 0, sizeof(*k)); + entry->keys.len += 1; + + k->mkvno = malloc(sizeof(*k->mkvno)); + if (k->mkvno == NULL) { + ret = ENOMEM; + goto out; + } + *k->mkvno = 1; + + for (j = 0; j < version; j++) { + uint16_t type; + CHECK(ret = krb5_ret_uint16(sp, &type)); + CHECK(ret = krb5_ret_uint16(sp, &u16)); + if (j == 0) { + /* This "version" means we have a key */ + k->key.keytype = type; + if (u16 < 2) { + ret = EINVAL; + goto out; + } + /* + * MIT stores keys encrypted keys as {16-bit length + * of plaintext key, {encrypted key}}. The reason + * for this is that the Kerberos cryptosystem is not + * length-preserving. Heimdal's approach is to + * truncate the plaintext to the expected length of + * the key given its enctype, so we ignore this + * 16-bit length-of-plaintext-key field. + */ + krb5_storage_seek(sp, 2, SEEK_CUR); /* skip real length */ + k->key.keyvalue.length = u16 - 2; /* adjust cipher len */ + k->key.keyvalue.data = malloc(k->key.keyvalue.length); + krb5_storage_read(sp, k->key.keyvalue.data, + k->key.keyvalue.length); + } else if (j == 1) { + /* This "version" means we have a salt */ + k->salt = calloc(1, sizeof(*k->salt)); + if (k->salt == NULL) { + ret = ENOMEM; + goto out; + } + k->salt->type = type; + if (u16 != 0) { + k->salt->salt.data = malloc(u16); + if (k->salt->salt.data == NULL) { + ret = ENOMEM; + goto out; + } + k->salt->salt.length = u16; + krb5_storage_read(sp, k->salt->salt.data, k->salt->salt.length); + } + fix_salt(context, entry, entry->keys.len - 1); + } else { + /* + * Whatever this "version" might be, we skip it + * + * XXX A krb5.conf parameter requesting that we log + * about strangeness like this, or return an error + * from here, might be nice. + */ + krb5_storage_seek(sp, u16, SEEK_CUR); + } + } + } else { + /* + * XXX For now we skip older kvnos, but we should extract + * them... + */ + for (j = 0; j < version; j++) { + /* enctype */ + CHECK(ret = krb5_ret_uint16(sp, &u16)); + /* encrypted key (or plaintext salt) */ + CHECK(ret = krb5_ret_uint16(sp, &u16)); + krb5_storage_seek(sp, u16, SEEK_CUR); + } + } + } + + if (entry->kvno == 0 && kvno != 0) { + ret = HDB_ERR_NOT_FOUND_HERE; + goto out; + } + + return 0; + out: + if (ret == HEIM_ERR_EOF) + /* Better error code than "end of file" */ + ret = HEIM_ERR_BAD_HDBENT_ENCODING; + return ret; +} + +#if 0 +static krb5_error_code +mdb_entry2value(krb5_context context, hdb_entry *entry, krb5_data *data) +{ + return EINVAL; +} +#endif + + +static krb5_error_code +mdb_close(krb5_context context, HDB *db) +{ + DB *d = (DB*)db->hdb_db; + (*d->close)(d); + return 0; +} + +static krb5_error_code +mdb_destroy(krb5_context context, HDB *db) +{ + krb5_error_code ret; + + ret = hdb_clear_master_key (context, db); + free(db->hdb_name); + free(db); + return ret; +} + +static krb5_error_code +mdb_lock(krb5_context context, HDB *db, int operation) +{ + DB *d = (DB*)db->hdb_db; + int fd = (*d->fd)(d); + if(fd < 0) { + krb5_set_error_message(context, HDB_ERR_CANT_LOCK_DB, + "Can't lock database: %s", db->hdb_name); + return HDB_ERR_CANT_LOCK_DB; + } + return hdb_lock(fd, operation); +} + +static krb5_error_code +mdb_unlock(krb5_context context, HDB *db) +{ + DB *d = (DB*)db->hdb_db; + int fd = (*d->fd)(d); + if(fd < 0) { + krb5_set_error_message(context, HDB_ERR_CANT_LOCK_DB, + "Can't unlock database: %s", db->hdb_name); + return HDB_ERR_CANT_LOCK_DB; + } + return hdb_unlock(fd); +} + + +static krb5_error_code +mdb_seq(krb5_context context, HDB *db, + unsigned flags, hdb_entry_ex *entry, int flag) +{ + DB *d = (DB*)db->hdb_db; + DBT key, value; + krb5_data key_data, data; + int code; + + code = db->hdb_lock(context, db, HDB_RLOCK); + if(code == -1) { + krb5_set_error_message(context, HDB_ERR_DB_INUSE, "Database %s in use", db->hdb_name); + return HDB_ERR_DB_INUSE; + } + code = (*d->seq)(d, &key, &value, flag); + db->hdb_unlock(context, db); /* XXX check value */ + if(code == -1) { + code = errno; + krb5_set_error_message(context, code, "Database %s seq error: %s", + db->hdb_name, strerror(code)); + return code; + } + if(code == 1) { + krb5_clear_error_message(context); + return HDB_ERR_NOENTRY; + } + + key_data.data = key.data; + key_data.length = key.size; + data.data = value.data; + data.length = value.size; + memset(entry, 0, sizeof(*entry)); + + if (mdb_value2entry(context, &data, 0, &entry->entry)) + return mdb_seq(context, db, flags, entry, R_NEXT); + + if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { + code = hdb_unseal_keys (context, db, &entry->entry); + if (code) + hdb_free_entry (context, entry); + } + + return code; +} + + +static krb5_error_code +mdb_firstkey(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry) +{ + return mdb_seq(context, db, flags, entry, R_FIRST); +} + + +static krb5_error_code +mdb_nextkey(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry) +{ + return mdb_seq(context, db, flags, entry, R_NEXT); +} + +static krb5_error_code +mdb_rename(krb5_context context, HDB *db, const char *new_name) +{ + int ret; + char *old, *new; + + asprintf(&old, "%s.db", db->hdb_name); + asprintf(&new, "%s.db", new_name); + ret = rename(old, new); + free(old); + free(new); + if(ret) + return errno; + + free(db->hdb_name); + db->hdb_name = strdup(new_name); + return 0; +} + +static krb5_error_code +mdb__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply) +{ + DB *d = (DB*)db->hdb_db; + DBT k, v; + int code; + + k.data = key.data; + k.size = key.length; + code = db->hdb_lock(context, db, HDB_RLOCK); + if(code) + return code; + code = (*d->get)(d, &k, &v, 0); + db->hdb_unlock(context, db); + if(code < 0) { + code = errno; + krb5_set_error_message(context, code, "Database %s get error: %s", + db->hdb_name, strerror(code)); + return code; + } + if(code == 1) { + krb5_clear_error_message(context); + return HDB_ERR_NOENTRY; + } + + krb5_data_copy(reply, v.data, v.size); + return 0; +} + +static krb5_error_code +mdb__put(krb5_context context, HDB *db, int replace, + krb5_data key, krb5_data value) +{ + DB *d = (DB*)db->hdb_db; + DBT k, v; + int code; + + k.data = key.data; + k.size = key.length; + v.data = value.data; + v.size = value.length; + code = db->hdb_lock(context, db, HDB_WLOCK); + if(code) + return code; + code = (*d->put)(d, &k, &v, replace ? 0 : R_NOOVERWRITE); + db->hdb_unlock(context, db); + if(code < 0) { + code = errno; + krb5_set_error_message(context, code, "Database %s put error: %s", + db->hdb_name, strerror(code)); + return code; + } + if(code == 1) { + krb5_clear_error_message(context); + return HDB_ERR_EXISTS; + } + return 0; +} + +static krb5_error_code +mdb__del(krb5_context context, HDB *db, krb5_data key) +{ + DB *d = (DB*)db->hdb_db; + DBT k; + krb5_error_code code; + k.data = key.data; + k.size = key.length; + code = db->hdb_lock(context, db, HDB_WLOCK); + if(code) + return code; + code = (*d->del)(d, &k, 0); + db->hdb_unlock(context, db); + if(code == 1) { + code = errno; + krb5_set_error_message(context, code, "Database %s put error: %s", + db->hdb_name, strerror(code)); + return code; + } + if(code < 0) + return errno; + return 0; +} + +static krb5_error_code +mdb_fetch_kvno(krb5_context context, HDB *db, krb5_const_principal principal, + unsigned flags, krb5_kvno kvno, hdb_entry_ex *entry) +{ + krb5_data key, value; + krb5_error_code code; + + code = mdb_principal2key(context, principal, &key); + if (code) + return code; + code = db->hdb__get(context, db, key, &value); + krb5_data_free(&key); + if(code) + return code; + code = mdb_value2entry(context, &value, kvno, &entry->entry); + krb5_data_free(&value); + if (code) + return code; + + if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { + code = hdb_unseal_keys (context, db, &entry->entry); + if (code) + hdb_free_entry(context, entry); + } + + return 0; +} + +static krb5_error_code +mdb_store(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry) +{ + krb5_set_error_message(context, EINVAL, "can't set principal in mdb"); + return EINVAL; +} + +static krb5_error_code +mdb_remove(krb5_context context, HDB *db, krb5_const_principal principal) +{ + krb5_error_code code; + krb5_data key; + + mdb_principal2key(context, principal, &key); + code = db->hdb__del(context, db, key); + krb5_data_free(&key); + return code; +} + +static krb5_error_code +mdb_open(krb5_context context, HDB *db, int flags, mode_t mode) +{ + char *fn; + krb5_error_code ret; + + asprintf(&fn, "%s.db", db->hdb_name); + if (fn == NULL) { + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + db->hdb_db = dbopen(fn, flags, mode, DB_BTREE, NULL); + free(fn); + + if (db->hdb_db == NULL) { + switch (errno) { +#ifdef EFTYPE + case EFTYPE: +#endif + case EINVAL: + db->hdb_db = dbopen(fn, flags, mode, DB_BTREE, NULL); + } + } + + /* try to open without .db extension */ + if(db->hdb_db == NULL && errno == ENOENT) + db->hdb_db = dbopen(db->hdb_name, flags, mode, DB_BTREE, NULL); + if(db->hdb_db == NULL) { + ret = errno; + krb5_set_error_message(context, ret, "dbopen (%s): %s", + db->hdb_name, strerror(ret)); + return ret; + } + if((flags & O_ACCMODE) == O_RDONLY) + ret = hdb_check_db_format(context, db); + else + ret = hdb_init_db(context, db); + if(ret == HDB_ERR_NOENTRY) { + krb5_clear_error_message(context); + return 0; + } + if (ret) { + mdb_close(context, db); + krb5_set_error_message(context, ret, "hdb_open: failed %s database %s", + (flags & O_ACCMODE) == O_RDONLY ? + "checking format of" : "initialize", + db->hdb_name); + } + return ret; +} + +krb5_error_code +hdb_mdb_create(krb5_context context, HDB **db, + const char *filename) +{ + *db = calloc(1, sizeof(**db)); + if (*db == NULL) { + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + + (*db)->hdb_db = NULL; + (*db)->hdb_name = strdup(filename); + if ((*db)->hdb_name == NULL) { + free(*db); + *db = NULL; + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + (*db)->hdb_master_key_set = 0; + (*db)->hdb_openp = 0; + (*db)->hdb_capability_flags = 0; + (*db)->hdb_open = mdb_open; + (*db)->hdb_close = mdb_close; + (*db)->hdb_fetch_kvno = mdb_fetch_kvno; + (*db)->hdb_store = mdb_store; + (*db)->hdb_remove = mdb_remove; + (*db)->hdb_firstkey = mdb_firstkey; + (*db)->hdb_nextkey= mdb_nextkey; + (*db)->hdb_lock = mdb_lock; + (*db)->hdb_unlock = mdb_unlock; + (*db)->hdb_rename = mdb_rename; + (*db)->hdb__get = mdb__get; + (*db)->hdb__put = mdb__put; + (*db)->hdb__del = mdb__del; + (*db)->hdb_destroy = mdb_destroy; + return 0; +} + +#endif /* HAVE_DB1 */ diff --git a/lib/hdb/hdb-private.h b/lib/hdb/hdb-private.h index 5147d8b90bd5..8a748694424f 100644 --- a/lib/hdb/hdb-private.h +++ b/lib/hdb/hdb-private.h @@ -5,11 +5,12 @@ #include krb5_error_code -_hdb_fetch ( +_hdb_fetch_kvno ( krb5_context /*context*/, HDB */*db*/, krb5_const_principal /*principal*/, unsigned /*flags*/, + krb5_kvno /*kvno*/, hdb_entry_ex */*entry*/); hdb_master_key @@ -17,6 +18,12 @@ _hdb_find_master_key ( uint32_t */*mkvno*/, hdb_master_key /*mkey*/); +krb5_error_code +_hdb_keytab2hdb_entry ( + krb5_context /*context*/, + const krb5_keytab_entry */*ktentry*/, + hdb_entry_ex */*entry*/); + int _hdb_mkey_decrypt ( krb5_context /*context*/, diff --git a/lib/hdb/hdb-protos.h b/lib/hdb/hdb-protos.h index 4c3d3eb1ab14..44a1bddc7625 100644 --- a/lib/hdb/hdb-protos.h +++ b/lib/hdb/hdb-protos.h @@ -145,6 +145,11 @@ hdb_entry_get_pkinit_acl ( const hdb_entry */*entry*/, const HDB_Ext_PKINIT_acl **/*a*/); +krb5_error_code +hdb_entry_get_pkinit_cert ( + const hdb_entry */*entry*/, + const HDB_Ext_PKINIT_cert **/*a*/); + krb5_error_code hdb_entry_get_pkinit_hash ( const hdb_entry */*entry*/, @@ -238,11 +243,10 @@ hdb_key2principal ( krb5_principal /*p*/); krb5_error_code -hdb_ldap_common ( +hdb_keytab_create ( krb5_context /*context*/, HDB ** /*db*/, - const char */*search_base*/, - const char */*url*/); + const char */*arg*/); krb5_error_code hdb_ldap_create ( @@ -266,6 +270,12 @@ hdb_lock ( int /*fd*/, int /*operation*/); +krb5_error_code +hdb_mdb_create ( + krb5_context /*context*/, + HDB **/*db*/, + const char */*filename*/); + krb5_error_code hdb_ndbm_create ( krb5_context /*context*/, @@ -348,6 +358,12 @@ hdb_set_master_keyfile ( HDB */*db*/, const char */*keyfile*/); +krb5_error_code +hdb_sqlite_create ( + krb5_context /*context*/, + HDB **/*db*/, + const char */*argument*/); + krb5_error_code hdb_unlock (int /*fd*/); diff --git a/lib/hdb/hdb-sqlite.c b/lib/hdb/hdb-sqlite.c new file mode 100644 index 000000000000..e063588874ae --- /dev/null +++ b/lib/hdb/hdb-sqlite.c @@ -0,0 +1,879 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" +#include "sqlite3.h" + +#define MAX_RETRIES 10 + +typedef struct hdb_sqlite_db { + double version; + sqlite3 *db; + char *db_file; + + sqlite3_stmt *get_version; + sqlite3_stmt *fetch; + sqlite3_stmt *get_ids; + sqlite3_stmt *add_entry; + sqlite3_stmt *add_principal; + sqlite3_stmt *add_alias; + sqlite3_stmt *delete_aliases; + sqlite3_stmt *update_entry; + sqlite3_stmt *remove; + sqlite3_stmt *get_all_entries; + +} hdb_sqlite_db; + +/* This should be used to mark updates which make the code incompatible + * with databases created with previous versions. Don't update it if + * compatibility is not broken. */ +#define HDBSQLITE_VERSION 0.1 + +#define _HDBSQLITE_STRINGIFY(x) #x +#define HDBSQLITE_STRINGIFY(x) _HDBSQLITE_STRINGIFY(x) + +#define HDBSQLITE_CREATE_TABLES \ + " BEGIN TRANSACTION;" \ + " CREATE TABLE Version (number REAL);" \ + " INSERT INTO Version (number)" \ + " VALUES (" HDBSQLITE_STRINGIFY(HDBSQLITE_VERSION) ");" \ + " CREATE TABLE Principal" \ + " (id INTEGER PRIMARY KEY," \ + " principal TEXT UNIQUE NOT NULL," \ + " canonical INTEGER," \ + " entry INTEGER);" \ + " CREATE TABLE Entry" \ + " (id INTEGER PRIMARY KEY," \ + " data BLOB);" \ + " COMMIT" +#define HDBSQLITE_CREATE_TRIGGERS \ + " CREATE TRIGGER remove_principals AFTER DELETE ON Entry" \ + " BEGIN" \ + " DELETE FROM Principal" \ + " WHERE entry = OLD.id;" \ + " END" +#define HDBSQLITE_GET_VERSION \ + " SELECT number FROM Version" +#define HDBSQLITE_FETCH \ + " SELECT Entry.data FROM Principal, Entry" \ + " WHERE Principal.principal = ? AND" \ + " Entry.id = Principal.entry" +#define HDBSQLITE_GET_IDS \ + " SELECT id, entry FROM Principal" \ + " WHERE principal = ?" +#define HDBSQLITE_ADD_ENTRY \ + " INSERT INTO Entry (data) VALUES (?)" +#define HDBSQLITE_ADD_PRINCIPAL \ + " INSERT INTO Principal (principal, entry, canonical)" \ + " VALUES (?, last_insert_rowid(), 1)" +#define HDBSQLITE_ADD_ALIAS \ + " INSERT INTO Principal (principal, entry, canonical)" \ + " VALUES(?, ?, 0)" +#define HDBSQLITE_DELETE_ALIASES \ + " DELETE FROM Principal" \ + " WHERE entry = ? AND canonical = 0" +#define HDBSQLITE_UPDATE_ENTRY \ + " UPDATE Entry SET data = ?" \ + " WHERE id = ?" +#define HDBSQLITE_REMOVE \ + " DELETE FROM ENTRY WHERE id = " \ + " (SELECT entry FROM Principal" \ + " WHERE principal = ?)" +#define HDBSQLITE_GET_ALL_ENTRIES \ + " SELECT data FROM Entry" + +/** + * Wrapper around sqlite3_prepare_v2. + * + * @param context The current krb5 context + * @param statement Where to store the pointer to the statement + * after preparing it + * @param str SQL code for the statement + * + * @return 0 if OK, an error code if not + */ +static krb5_error_code +hdb_sqlite_prepare_stmt(krb5_context context, + sqlite3 *db, + sqlite3_stmt **statement, + const char *str) +{ + int ret, tries = 0; + + ret = sqlite3_prepare_v2(db, str, -1, statement, NULL); + while((tries++ < MAX_RETRIES) && + ((ret == SQLITE_BUSY) || + (ret == SQLITE_IOERR_BLOCKED) || + (ret == SQLITE_LOCKED))) { + krb5_warnx(context, "hdb-sqlite: prepare busy"); + sleep(1); + ret = sqlite3_prepare_v2(db, str, -1, statement, NULL); + } + + if (ret != SQLITE_OK) { + krb5_set_error_message(context, EINVAL, + "Failed to prepare stmt %s: %s", + str, sqlite3_errmsg(db)); + return EINVAL; + } + + return 0; +} + +/** + * A wrapper around sqlite3_exec. + * + * @param context The current krb5 context + * @param database An open sqlite3 database handle + * @param statement SQL code to execute + * @param error_code What to return if the statement fails + * + * @return 0 if OK, else error_code + */ +static krb5_error_code +hdb_sqlite_exec_stmt(krb5_context context, + sqlite3 *database, + const char *statement, + krb5_error_code error_code) +{ + int ret; + + ret = sqlite3_exec(database, statement, NULL, NULL, NULL); + + while(((ret == SQLITE_BUSY) || + (ret == SQLITE_IOERR_BLOCKED) || + (ret == SQLITE_LOCKED))) { + krb5_warnx(context, "hdb-sqlite: exec busy: %d", (int)getpid()); + sleep(1); + ret = sqlite3_exec(database, statement, NULL, NULL, NULL); + } + + if (ret != SQLITE_OK && error_code) { + krb5_set_error_message(context, error_code, + "Execute %s: %s", statement, + sqlite3_errmsg(database)); + return error_code; + } + + return 0; +} + +/** + * Opens an sqlite3 database handle to a file, may create the + * database file depending on flags. + * + * @param context The current krb5 context + * @param db Heimdal database handle + * @param flags Controls whether or not the file may be created, + * may be 0 or SQLITE_OPEN_CREATE + */ +static krb5_error_code +hdb_sqlite_open_database(krb5_context context, HDB *db, int flags) +{ + int ret; + hdb_sqlite_db *hsdb = (hdb_sqlite_db*) db->hdb_db; + + ret = sqlite3_open_v2(hsdb->db_file, &hsdb->db, + SQLITE_OPEN_READWRITE | flags, NULL); + + if (ret) { + if (hsdb->db) { + ret = ENOENT; + krb5_set_error_message(context, ret, + "Error opening sqlite database %s: %s", + hsdb->db_file, sqlite3_errmsg(hsdb->db)); + sqlite3_close(hsdb->db); + hsdb->db = NULL; + } else + ret = krb5_enomem(context); + return ret; + } + + return 0; +} + +static int +hdb_sqlite_step(krb5_context context, sqlite3 *db, sqlite3_stmt *stmt) +{ + int ret; + + ret = sqlite3_step(stmt); + while(((ret == SQLITE_BUSY) || + (ret == SQLITE_IOERR_BLOCKED) || + (ret == SQLITE_LOCKED))) { + krb5_warnx(context, "hdb-sqlite: step busy: %d", (int)getpid()); + sleep(1); + ret = sqlite3_step(stmt); + } + return ret; +} + +/** + * Closes the database and frees memory allocated for statements. + * + * @param context The current krb5 context + * @param db Heimdal database handle + */ +static krb5_error_code +hdb_sqlite_close_database(krb5_context context, HDB *db) +{ + hdb_sqlite_db *hsdb = (hdb_sqlite_db *) db->hdb_db; + + sqlite3_finalize(hsdb->get_version); + sqlite3_finalize(hsdb->fetch); + sqlite3_finalize(hsdb->get_ids); + sqlite3_finalize(hsdb->add_entry); + sqlite3_finalize(hsdb->add_principal); + sqlite3_finalize(hsdb->add_alias); + sqlite3_finalize(hsdb->delete_aliases); + sqlite3_finalize(hsdb->update_entry); + sqlite3_finalize(hsdb->remove); + sqlite3_finalize(hsdb->get_all_entries); + + sqlite3_close(hsdb->db); + + return 0; +} + +/** + * Opens an sqlite database file and prepares it for use. + * If the file does not exist it will be created. + * + * @param context The current krb5_context + * @param db The heimdal database handle + * @param filename Where to store the database file + * + * @return 0 if everything worked, an error code if not + */ +static krb5_error_code +hdb_sqlite_make_database(krb5_context context, HDB *db, const char *filename) +{ + int ret; + int created_file = 0; + hdb_sqlite_db *hsdb = (hdb_sqlite_db *) db->hdb_db; + + hsdb->db_file = strdup(filename); + if(hsdb->db_file == NULL) + return ENOMEM; + + ret = hdb_sqlite_open_database(context, db, 0); + if (ret) { + ret = hdb_sqlite_open_database(context, db, SQLITE_OPEN_CREATE); + if (ret) goto out; + + created_file = 1; + + ret = hdb_sqlite_exec_stmt(context, hsdb->db, + HDBSQLITE_CREATE_TABLES, + EINVAL); + if (ret) goto out; + + ret = hdb_sqlite_exec_stmt(context, hsdb->db, + HDBSQLITE_CREATE_TRIGGERS, + EINVAL); + if (ret) goto out; + } + + ret = hdb_sqlite_prepare_stmt(context, hsdb->db, + &hsdb->get_version, + HDBSQLITE_GET_VERSION); + if (ret) goto out; + ret = hdb_sqlite_prepare_stmt(context, hsdb->db, + &hsdb->fetch, + HDBSQLITE_FETCH); + if (ret) goto out; + ret = hdb_sqlite_prepare_stmt(context, hsdb->db, + &hsdb->get_ids, + HDBSQLITE_GET_IDS); + if (ret) goto out; + ret = hdb_sqlite_prepare_stmt(context, hsdb->db, + &hsdb->add_entry, + HDBSQLITE_ADD_ENTRY); + if (ret) goto out; + ret = hdb_sqlite_prepare_stmt(context, hsdb->db, + &hsdb->add_principal, + HDBSQLITE_ADD_PRINCIPAL); + if (ret) goto out; + ret = hdb_sqlite_prepare_stmt(context, hsdb->db, + &hsdb->add_alias, + HDBSQLITE_ADD_ALIAS); + if (ret) goto out; + ret = hdb_sqlite_prepare_stmt(context, hsdb->db, + &hsdb->delete_aliases, + HDBSQLITE_DELETE_ALIASES); + if (ret) goto out; + ret = hdb_sqlite_prepare_stmt(context, hsdb->db, + &hsdb->update_entry, + HDBSQLITE_UPDATE_ENTRY); + if (ret) goto out; + ret = hdb_sqlite_prepare_stmt(context, hsdb->db, + &hsdb->remove, + HDBSQLITE_REMOVE); + if (ret) goto out; + ret = hdb_sqlite_prepare_stmt(context, hsdb->db, + &hsdb->get_all_entries, + HDBSQLITE_GET_ALL_ENTRIES); + if (ret) goto out; + + ret = hdb_sqlite_step(context, hsdb->db, hsdb->get_version); + if(ret == SQLITE_ROW) { + hsdb->version = sqlite3_column_double(hsdb->get_version, 0); + } + sqlite3_reset(hsdb->get_version); + ret = 0; + + if(hsdb->version != HDBSQLITE_VERSION) { + ret = EINVAL; + krb5_set_error_message(context, ret, "HDBSQLITE_VERSION mismatch"); + } + + if(ret) goto out; + + return 0; + + out: + if (hsdb->db) + sqlite3_close(hsdb->db); + if (created_file) + unlink(hsdb->db_file); + + return ret; +} + +/** + * Retrieves an entry by searching for the given + * principal in the Principal database table, both + * for canonical principals and aliases. + * + * @param context The current krb5_context + * @param db Heimdal database handle + * @param principal The principal whose entry to search for + * @param flags Currently only for HDB_F_DECRYPT + * @param kvno kvno to fetch is HDB_F_KVNO_SPECIFIED use used + * + * @return 0 if everything worked, an error code if not + */ +static krb5_error_code +hdb_sqlite_fetch_kvno(krb5_context context, HDB *db, krb5_const_principal principal, + unsigned flags, krb5_kvno kvno, hdb_entry_ex *entry) +{ + int sqlite_error; + krb5_error_code ret; + char *principal_string; + hdb_sqlite_db *hsdb = (hdb_sqlite_db*)(db->hdb_db); + sqlite3_stmt *fetch = hsdb->fetch; + krb5_data value; + + ret = krb5_unparse_name(context, principal, &principal_string); + if (ret) { + free(principal_string); + return ret; + } + + sqlite3_bind_text(fetch, 1, principal_string, -1, SQLITE_STATIC); + + sqlite_error = hdb_sqlite_step(context, hsdb->db, fetch); + if (sqlite_error != SQLITE_ROW) { + if(sqlite_error == SQLITE_DONE) { + ret = HDB_ERR_NOENTRY; + goto out; + } else { + ret = EINVAL; + krb5_set_error_message(context, ret, + "sqlite fetch failed: %d", + sqlite_error); + goto out; + } + } + + value.length = sqlite3_column_bytes(fetch, 0); + value.data = (void *) sqlite3_column_blob(fetch, 0); + + ret = hdb_value2entry(context, &value, &entry->entry); + if(ret) + goto out; + + if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { + ret = hdb_unseal_keys(context, db, &entry->entry); + if(ret) { + hdb_free_entry(context, entry); + goto out; + } + } + + ret = 0; + +out: + + sqlite3_clear_bindings(fetch); + sqlite3_reset(fetch); + + free(principal_string); + + return ret; +} + +/** + * Convenience function to step a prepared statement with no + * value once. + * + * @param context The current krb5_context + * @param statement A prepared sqlite3 statement + * + * @return 0 if everything worked, an error code if not + */ +static krb5_error_code +hdb_sqlite_step_once(krb5_context context, HDB *db, sqlite3_stmt *statement) +{ + int ret; + hdb_sqlite_db *hsdb = (hdb_sqlite_db *) db->hdb_db; + + ret = hdb_sqlite_step(context, hsdb->db, statement); + sqlite3_clear_bindings(statement); + sqlite3_reset(statement); + + return ret; +} + + +/** + * Stores an hdb_entry in the database. If flags contains HDB_F_REPLACE + * a previous entry may be replaced. + * + * @param context The current krb5_context + * @param db Heimdal database handle + * @param flags May currently only contain HDB_F_REPLACE + * @param entry The data to store + * + * @return 0 if everything worked, an error code if not + */ +static krb5_error_code +hdb_sqlite_store(krb5_context context, HDB *db, unsigned flags, + hdb_entry_ex *entry) +{ + int ret; + int i; + sqlite_int64 entry_id; + char *principal_string = NULL; + char *alias_string; + const HDB_Ext_Aliases *aliases; + + hdb_sqlite_db *hsdb = (hdb_sqlite_db *)(db->hdb_db); + krb5_data value; + sqlite3_stmt *get_ids = hsdb->get_ids; + + ret = hdb_sqlite_exec_stmt(context, hsdb->db, + "BEGIN IMMEDIATE TRANSACTION", EINVAL); + if(ret != SQLITE_OK) { + ret = EINVAL; + krb5_set_error_message(context, ret, + "SQLite BEGIN TRANSACTION failed: %s", + sqlite3_errmsg(hsdb->db)); + goto rollback; + } + + ret = krb5_unparse_name(context, + entry->entry.principal, &principal_string); + if (ret) { + goto rollback; + } + + ret = hdb_seal_keys(context, db, &entry->entry); + if(ret) { + goto rollback; + } + + ret = hdb_entry2value(context, &entry->entry, &value); + if(ret) { + goto rollback; + } + + sqlite3_bind_text(get_ids, 1, principal_string, -1, SQLITE_STATIC); + ret = hdb_sqlite_step(context, hsdb->db, get_ids); + + if(ret == SQLITE_DONE) { /* No such principal */ + + sqlite3_bind_blob(hsdb->add_entry, 1, + value.data, value.length, SQLITE_STATIC); + ret = hdb_sqlite_step(context, hsdb->db, hsdb->add_entry); + sqlite3_clear_bindings(hsdb->add_entry); + sqlite3_reset(hsdb->add_entry); + if(ret != SQLITE_DONE) + goto rollback; + + sqlite3_bind_text(hsdb->add_principal, 1, + principal_string, -1, SQLITE_STATIC); + ret = hdb_sqlite_step(context, hsdb->db, hsdb->add_principal); + sqlite3_clear_bindings(hsdb->add_principal); + sqlite3_reset(hsdb->add_principal); + if(ret != SQLITE_DONE) + goto rollback; + + entry_id = sqlite3_column_int64(get_ids, 1); + + } else if(ret == SQLITE_ROW) { /* Found a principal */ + + if(! (flags & HDB_F_REPLACE)) /* Not allowed to replace it */ + goto rollback; + + entry_id = sqlite3_column_int64(get_ids, 1); + + sqlite3_bind_int64(hsdb->delete_aliases, 1, entry_id); + ret = hdb_sqlite_step_once(context, db, hsdb->delete_aliases); + if(ret != SQLITE_DONE) + goto rollback; + + sqlite3_bind_blob(hsdb->update_entry, 1, + value.data, value.length, SQLITE_STATIC); + sqlite3_bind_int64(hsdb->update_entry, 2, entry_id); + ret = hdb_sqlite_step_once(context, db, hsdb->update_entry); + if(ret != SQLITE_DONE) + goto rollback; + + } else { + /* Error! */ + goto rollback; + } + + ret = hdb_entry_get_aliases(&entry->entry, &aliases); + if(ret || aliases == NULL) + goto commit; + + for(i = 0; i < aliases->aliases.len; i++) { + + ret = krb5_unparse_name(context, &aliases->aliases.val[i], + &alias_string); + if (ret) { + free(alias_string); + goto rollback; + } + + sqlite3_bind_text(hsdb->add_alias, 1, alias_string, + -1, SQLITE_STATIC); + sqlite3_bind_int64(hsdb->add_alias, 2, entry_id); + ret = hdb_sqlite_step_once(context, db, hsdb->add_alias); + + free(alias_string); + + if(ret != SQLITE_DONE) + goto rollback; + } + + ret = 0; + +commit: + + free(principal_string); + + krb5_data_free(&value); + + sqlite3_clear_bindings(get_ids); + sqlite3_reset(get_ids); + + ret = hdb_sqlite_exec_stmt(context, hsdb->db, "COMMIT", EINVAL); + if(ret != SQLITE_OK) + krb5_warnx(context, "hdb-sqlite: COMMIT problem: %d: %s", + ret, sqlite3_errmsg(hsdb->db)); + + return ret; + +rollback: + + krb5_warnx(context, "hdb-sqlite: store rollback problem: %d: %s", + ret, sqlite3_errmsg(hsdb->db)); + + free(principal_string); + + ret = hdb_sqlite_exec_stmt(context, hsdb->db, + "ROLLBACK", EINVAL); + return ret; +} + +/** + * This may be called often by other code, since the BDB backends + * can not have several open connections. SQLite can handle + * many processes with open handles to the database file + * and closing/opening the handle is an expensive operation. + * Hence, this function does nothing. + * + * @param context The current krb5 context + * @param db Heimdal database handle + * + * @return Always returns 0 + */ +static krb5_error_code +hdb_sqlite_close(krb5_context context, HDB *db) +{ + return 0; +} + +/** + * The opposite of hdb_sqlite_close. Since SQLite accepts + * many open handles to the database file the handle does not + * need to be closed, or reopened. + * + * @param context The current krb5 context + * @param db Heimdal database handle + * @param flags + * @param mode_t + * + * @return Always returns 0 + */ +static krb5_error_code +hdb_sqlite_open(krb5_context context, HDB *db, int flags, mode_t mode) +{ + return 0; +} + +/** + * Closes the databse and frees all resources. + * + * @param context The current krb5 context + * @param db Heimdal database handle + * + * @return 0 on success, an error code if not + */ +static krb5_error_code +hdb_sqlite_destroy(krb5_context context, HDB *db) +{ + int ret; + hdb_sqlite_db *hsdb; + + ret = hdb_clear_master_key(context, db); + + hdb_sqlite_close_database(context, db); + + hsdb = (hdb_sqlite_db*)(db->hdb_db); + + free(hsdb->db_file); + free(db->hdb_db); + free(db); + + return ret; +} + +/* + * Not sure if this is needed. + */ +static krb5_error_code +hdb_sqlite_lock(krb5_context context, HDB *db, int operation) +{ + krb5_set_error_message(context, HDB_ERR_CANT_LOCK_DB, + "lock not implemented"); + return HDB_ERR_CANT_LOCK_DB; +} + +/* + * Not sure if this is needed. + */ +static krb5_error_code +hdb_sqlite_unlock(krb5_context context, HDB *db) +{ + krb5_set_error_message(context, HDB_ERR_CANT_LOCK_DB, + "unlock not implemented"); + return HDB_ERR_CANT_LOCK_DB; +} + +/* + * Should get the next entry, to allow iteration over all entries. + */ +static krb5_error_code +hdb_sqlite_nextkey(krb5_context context, HDB *db, unsigned flags, + hdb_entry_ex *entry) +{ + krb5_error_code ret = 0; + int sqlite_error; + krb5_data value; + + hdb_sqlite_db *hsdb = (hdb_sqlite_db *) db->hdb_db; + + sqlite_error = hdb_sqlite_step(context, hsdb->db, hsdb->get_all_entries); + if(sqlite_error == SQLITE_ROW) { + /* Found an entry */ + value.length = sqlite3_column_bytes(hsdb->get_all_entries, 0); + value.data = (void *) sqlite3_column_blob(hsdb->get_all_entries, 0); + memset(entry, 0, sizeof(*entry)); + ret = hdb_value2entry(context, &value, &entry->entry); + } + else if(sqlite_error == SQLITE_DONE) { + /* No more entries */ + ret = HDB_ERR_NOENTRY; + sqlite3_reset(hsdb->get_all_entries); + } + else { + /* XXX SQLite error. Should be handled in some way. */ + ret = EINVAL; + } + + return ret; +} + +/* + * Should get the first entry in the database. + * What is flags used for? + */ +static krb5_error_code +hdb_sqlite_firstkey(krb5_context context, HDB *db, unsigned flags, + hdb_entry_ex *entry) +{ + hdb_sqlite_db *hsdb = (hdb_sqlite_db *) db->hdb_db; + krb5_error_code ret; + + sqlite3_reset(hsdb->get_all_entries); + + ret = hdb_sqlite_nextkey(context, db, flags, entry); + if(ret) + return ret; + + return 0; +} + +/* + * Renames the database file. + */ +static krb5_error_code +hdb_sqlite_rename(krb5_context context, HDB *db, const char *new_name) +{ + hdb_sqlite_db *hsdb = (hdb_sqlite_db *) db->hdb_db; + int ret; + + krb5_warnx(context, "hdb_sqlite_rename"); + + if (strncasecmp(new_name, "sqlite:", 7) == 0) + new_name += 7; + + hdb_sqlite_close_database(context, db); + + ret = rename(hsdb->db_file, new_name); + free(hsdb->db_file); + + hdb_sqlite_make_database(context, db, new_name); + + return ret; +} + +/* + * Removes a principal, including aliases and associated entry. + */ +static krb5_error_code +hdb_sqlite_remove(krb5_context context, HDB *db, + krb5_const_principal principal) +{ + krb5_error_code ret; + char *principal_string; + hdb_sqlite_db *hsdb = (hdb_sqlite_db*)(db->hdb_db); + sqlite3_stmt *remove = hsdb->remove; + + ret = krb5_unparse_name(context, principal, &principal_string); + if (ret) { + free(principal_string); + return ret; + } + + sqlite3_bind_text(remove, 1, principal_string, -1, SQLITE_STATIC); + + ret = hdb_sqlite_step(context, hsdb->db, remove); + if (ret != SQLITE_DONE) { + ret = EINVAL; + krb5_set_error_message(context, ret, + "sqlite remove failed: %d", + ret); + } else + ret = 0; + + sqlite3_clear_bindings(remove); + sqlite3_reset(remove); + + return ret; +} + +/** + * Create SQLITE object, and creates the on disk database if its doesn't exists. + * + * @param context A Kerberos 5 context. + * @param db a returned database handle. + * @param argument filename + * + * @return 0 on success, an error code if not + */ + +krb5_error_code +hdb_sqlite_create(krb5_context context, HDB **db, const char *argument) +{ + krb5_error_code ret; + hdb_sqlite_db *hsdb; + + *db = calloc(1, sizeof (**db)); + if (*db == NULL) + return krb5_enomem(context); + + hsdb = (hdb_sqlite_db*) calloc(1, sizeof (*hsdb)); + if (hsdb == NULL) { + free(*db); + *db = NULL; + return krb5_enomem(context); + } + + (*db)->hdb_db = hsdb; + + /* XXX make_database should make sure everything else is freed on error */ + ret = hdb_sqlite_make_database(context, *db, argument); + if (ret) { + free((*db)->hdb_db); + free(*db); + + return ret; + } + + (*db)->hdb_master_key_set = 0; + (*db)->hdb_openp = 0; + (*db)->hdb_capability_flags = 0; + + (*db)->hdb_open = hdb_sqlite_open; + (*db)->hdb_close = hdb_sqlite_close; + + (*db)->hdb_lock = hdb_sqlite_lock; + (*db)->hdb_unlock = hdb_sqlite_unlock; + (*db)->hdb_firstkey = hdb_sqlite_firstkey; + (*db)->hdb_nextkey = hdb_sqlite_nextkey; + (*db)->hdb_fetch_kvno = hdb_sqlite_fetch_kvno; + (*db)->hdb_store = hdb_sqlite_store; + (*db)->hdb_remove = hdb_sqlite_remove; + (*db)->hdb_destroy = hdb_sqlite_destroy; + (*db)->hdb_rename = hdb_sqlite_rename; + (*db)->hdb__get = NULL; + (*db)->hdb__put = NULL; + (*db)->hdb__del = NULL; + + return 0; +} diff --git a/lib/hdb/hdb.asn1 b/lib/hdb/hdb.asn1 index acd8f61d7e8f..a72851c9f201 100644 --- a/lib/hdb/hdb.asn1 +++ b/lib/hdb/hdb.asn1 @@ -1,4 +1,4 @@ --- $Id: hdb.asn1 20236 2007-02-16 23:52:29Z lha $ +-- $Id$ HDB DEFINITIONS ::= BEGIN @@ -13,7 +13,8 @@ hdb-afs3-salt INTEGER ::= 10 Salt ::= SEQUENCE { type[0] INTEGER (0..4294967295), - salt[1] OCTET STRING + salt[1] OCTET STRING, + opaque[2] OCTET STRING OPTIONAL } Key ::= SEQUENCE { @@ -44,7 +45,9 @@ HDBFlags ::= BIT STRING { immutable(13), -- may not be deleted trusted-for-delegation(14), -- Trusted to print forwardabled tickets allow-kerberos4(15), -- Allow Kerberos 4 requests - allow-digest(16) -- Allow digest requests + allow-digest(16), -- Allow digest requests + locked-out(17) -- Account is locked out, + -- authentication will be denied } GENERATION ::= SEQUENCE { @@ -64,6 +67,10 @@ HDB-Ext-PKINIT-hash ::= SEQUENCE OF SEQUENCE { digest[1] OCTET STRING } +HDB-Ext-PKINIT-cert ::= SEQUENCE OF SEQUENCE { + cert[0] OCTET STRING +} + HDB-Ext-Constrained-delegation-acl ::= SEQUENCE OF Principal -- hdb-ext-referrals ::= PA-SERVER-REFERRAL-DATA @@ -94,6 +101,7 @@ HDB-extension ::= SEQUENCE { password[5] HDB-Ext-Password, aliases[6] HDB-Ext-Aliases, last-pw-change[7] KerberosTime, + pkinit-cert[8] HDB-Ext-PKINIT-cert, ... }, ... @@ -101,6 +109,10 @@ HDB-extension ::= SEQUENCE { HDB-extensions ::= SEQUENCE OF HDB-extension +hdb_keyset ::= SEQUENCE { + kvno[1] INTEGER (0..4294967295), + keys[0] SEQUENCE OF Key +} hdb_entry ::= SEQUENCE { principal[0] Principal OPTIONAL, -- this is optional only diff --git a/lib/hdb/hdb.c b/lib/hdb/hdb.c index a515709639c4..ca05cc4a1785 100644 --- a/lib/hdb/hdb.c +++ b/lib/hdb/hdb.c @@ -1,70 +1,95 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ +#include "krb5_locl.h" #include "hdb_locl.h" -RCSID("$Id: hdb.c 20214 2007-02-09 21:51:10Z lha $"); - #ifdef HAVE_DLFCN_H #include #endif -struct hdb_method { - const char *prefix; - krb5_error_code (*create)(krb5_context, HDB **, const char *filename); -}; +/*! @mainpage Heimdal database backend library + * + * @section intro Introduction + * + * Heimdal libhdb library provides the backend support for Heimdal kdc + * and kadmind. Its here where plugins for diffrent database engines + * can be pluged in and extend support for here Heimdal get the + * principal and policy data from. + * + * Example of Heimdal backend are: + * - Berkeley DB 1.85 + * - Berkeley DB 3.0 + * - Berkeley DB 4.0 + * - New Berkeley DB + * - LDAP + * + * + * The project web page: http://www.h5l.org/ + * + */ + +const int hdb_interface_version = HDB_INTERFACE_VERSION; static struct hdb_method methods[] = { #if HAVE_DB1 || HAVE_DB3 - {"db:", hdb_db_create}, + { HDB_INTERFACE_VERSION, "db:", hdb_db_create}, +#endif +#if HAVE_DB1 + { HDB_INTERFACE_VERSION, "mit-db:", hdb_mdb_create}, #endif #if HAVE_NDBM - {"ndbm:", hdb_ndbm_create}, + { HDB_INTERFACE_VERSION, "ndbm:", hdb_ndbm_create}, #endif + { HDB_INTERFACE_VERSION, "keytab:", hdb_keytab_create}, #if defined(OPENLDAP) && !defined(OPENLDAP_MODULE) - {"ldap:", hdb_ldap_create}, - {"ldapi:", hdb_ldapi_create}, + { HDB_INTERFACE_VERSION, "ldap:", hdb_ldap_create}, + { HDB_INTERFACE_VERSION, "ldapi:", hdb_ldapi_create}, #endif -#ifdef HAVE_LDB /* Used for integrated samba build */ - {"ldb:", hdb_ldb_create}, +#ifdef HAVE_SQLITE3 + { HDB_INTERFACE_VERSION, "sqlite:", hdb_sqlite_create}, #endif - {NULL, NULL} + {0, NULL, NULL} }; #if HAVE_DB1 || HAVE_DB3 -static struct hdb_method dbmetod = {"", hdb_db_create }; +static struct hdb_method dbmetod = + { HDB_INTERFACE_VERSION, "", hdb_db_create }; #elif defined(HAVE_NDBM) -static struct hdb_method dbmetod = {"", hdb_ndbm_create }; +static struct hdb_method dbmetod = + { HDB_INTERFACE_VERSION, "", hdb_ndbm_create }; #endif @@ -75,25 +100,26 @@ hdb_next_enctype2key(krb5_context context, Key **key) { Key *k; - + for (k = *key ? (*key) + 1 : e->keys.val; - k < e->keys.val + e->keys.len; - k++) + k < e->keys.val + e->keys.len; + k++) { if(k->key.keytype == enctype){ *key = k; return 0; } } - krb5_set_error_string(context, "No next enctype %d for hdb-entry", + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "No next enctype %d for hdb-entry", (int)enctype); return KRB5_PROG_ETYPE_NOSUPP; /* XXX */ } krb5_error_code -hdb_enctype2key(krb5_context context, - hdb_entry *e, - krb5_enctype enctype, +hdb_enctype2key(krb5_context context, + hdb_entry *e, + krb5_enctype enctype, Key **key) { *key = NULL; @@ -103,7 +129,7 @@ hdb_enctype2key(krb5_context context, void hdb_free_key(Key *key) { - memset(key->key.keyvalue.data, + memset(key->key.keyvalue.data, 0, key->key.keyvalue.length); free_Key(key); @@ -142,7 +168,7 @@ hdb_unlock(int fd) void hdb_free_entry(krb5_context context, hdb_entry_ex *ent) { - int i; + size_t i; if (ent->free_entry) (*ent->free_entry)(context, ent); @@ -166,7 +192,7 @@ hdb_foreach(krb5_context context, hdb_entry_ex entry; ret = db->hdb_firstkey(context, db, flags, &entry); if (ret == 0) - krb5_clear_error_string(context); + krb5_clear_error_message(context); while(ret == 0){ ret = (*func)(context, db, &entry, data); hdb_free_entry(context, &entry); @@ -191,7 +217,7 @@ hdb_check_db_format(krb5_context context, HDB *db) if (ret) return ret; - tag.data = HDB_DB_FORMAT_ENTRY; + tag.data = (void *)(intptr_t)HDB_DB_FORMAT_ENTRY; tag.length = strlen(tag.data); ret = (*db->hdb__get)(context, db, tag, &version); ret2 = db->hdb_unlock(context, db); @@ -215,16 +241,16 @@ hdb_init_db(krb5_context context, HDB *db) krb5_data tag; krb5_data version; char ver[32]; - + ret = hdb_check_db_format(context, db); if(ret != HDB_ERR_NOENTRY) return ret; - + ret = db->hdb_lock(context, db, HDB_WLOCK); if (ret) return ret; - tag.data = HDB_DB_FORMAT_ENTRY; + tag.data = (void *)(intptr_t)HDB_DB_FORMAT_ENTRY; tag.length = strlen(tag.data); snprintf(ver, sizeof(ver), "%u", HDB_DB_FORMAT); version.data = ver; @@ -233,7 +259,7 @@ hdb_init_db(krb5_context context, HDB *db) ret2 = db->hdb_unlock(context, db); if (ret) { if (ret2) - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } return ret2; @@ -248,7 +274,7 @@ hdb_init_db(krb5_context context, HDB *db) static const struct hdb_method * find_dynamic_method (krb5_context context, - const char *filename, + const char *filename, const char **rest) { static struct hdb_method method; @@ -257,7 +283,7 @@ find_dynamic_method (krb5_context context, const char *p; void *dl; size_t len; - + p = strchr(filename, ':'); /* if no prefix, don't know what module to load, just ignore it */ @@ -266,11 +292,12 @@ find_dynamic_method (krb5_context context, len = p - filename; *rest = filename + len + 1; - - prefix = strndup(filename, len); + + prefix = malloc(len + 1); if (prefix == NULL) krb5_errx(context, 1, "out of memory"); - + strlcpy(prefix, filename, len + 1); + if (asprintf(&path, LIBDIR "/hdb_%s.so", prefix) == -1) krb5_errx(context, 1, "out of memory"); @@ -289,13 +316,13 @@ find_dynamic_method (krb5_context context, free(path); return NULL; } - + if (asprintf(&symbol, "hdb_%s_interface", prefix) == -1) krb5_errx(context, 1, "out of memory"); - - mso = dlsym(dl, symbol); + + mso = (struct hdb_so_method *) dlsym(dl, symbol); if (mso == NULL) { - krb5_warnx(context, "error finding symbol %s in %s: %s\n", + krb5_warnx(context, "error finding symbol %s in %s: %s\n", symbol, path, dlerror()); dlclose(dl); free(symbol); @@ -307,9 +334,9 @@ find_dynamic_method (krb5_context context, free(symbol); if (mso->version != HDB_INTERFACE_VERSION) { - krb5_warnx(context, + krb5_warnx(context, "error wrong version in shared module %s " - "version: %d should have been %d\n", + "version: %d should have been %d\n", prefix, mso->version, HDB_INTERFACE_VERSION); dlclose(dl); free(prefix); @@ -378,7 +405,7 @@ hdb_list_builtin(krb5_context context, char **list) len += 1; buf = malloc(len); if (buf == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } buf[0] = '\0'; @@ -392,16 +419,66 @@ hdb_list_builtin(krb5_context context, char **list) return 0; } +krb5_error_code +_hdb_keytab2hdb_entry(krb5_context context, + const krb5_keytab_entry *ktentry, + hdb_entry_ex *entry) +{ + entry->entry.kvno = ktentry->vno; + entry->entry.created_by.time = ktentry->timestamp; + + entry->entry.keys.val = calloc(1, sizeof(entry->entry.keys.val[0])); + if (entry->entry.keys.val == NULL) + return ENOMEM; + entry->entry.keys.len = 1; + + entry->entry.keys.val[0].mkvno = NULL; + entry->entry.keys.val[0].salt = NULL; + + return krb5_copy_keyblock_contents(context, + &ktentry->keyblock, + &entry->entry.keys.val[0].key); +} + +/** + * Create a handle for a Kerberos database + * + * Create a handle for a Kerberos database backend specified by a + * filename. Doesn't create a file if its doesn't exists, you have to + * use O_CREAT to tell the backend to create the file. + */ + krb5_error_code hdb_create(krb5_context context, HDB **db, const char *filename) { const struct hdb_method *h; const char *residual; + krb5_error_code ret; + struct krb5_plugin *list = NULL, *e; if(filename == NULL) filename = HDB_DEFAULT_DB; krb5_add_et_list(context, initialize_hdb_error_table_r); h = find_method (filename, &residual); + + if (h == NULL) { + ret = _krb5_plugin_find(context, PLUGIN_TYPE_DATA, "hdb", &list); + if(ret == 0 && list != NULL) { + for (e = list; e != NULL; e = _krb5_plugin_get_next(e)) { + h = _krb5_plugin_get_symbol(e); + if (strncmp (filename, h->prefix, strlen(h->prefix)) == 0 + && h->interface_version == HDB_INTERFACE_VERSION) { + residual = filename + strlen(h->prefix); + break; + } + } + if (e == NULL) { + h = NULL; + _krb5_plugin_free(list); + } + } + } + #ifdef HAVE_DLOPEN if (h == NULL) h = find_dynamic_method (context, filename, &residual); diff --git a/lib/hdb/hdb.h b/lib/hdb/hdb.h index 742b92405d45..a1692ce82ca2 100644 --- a/lib/hdb/hdb.h +++ b/lib/hdb/hdb.h @@ -1,41 +1,43 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: hdb.h 22198 2007-12-07 13:09:25Z lha $ */ +/* $Id$ */ #ifndef __HDB_H__ #define __HDB_H__ +#include + #include #include @@ -53,12 +55,36 @@ enum hdb_lockop{ HDB_RLOCK, HDB_WLOCK }; #define HDB_F_GET_KRBTGT 16 /* fetch krbtgt */ #define HDB_F_GET_ANY 28 /* fetch any of client,server,krbtgt */ #define HDB_F_CANON 32 /* want canonicalition */ +#define HDB_F_ADMIN_DATA 64 /* want data that kdc don't use */ +#define HDB_F_KVNO_SPECIFIED 128 /* we want a particular KVNO */ +#define HDB_F_CURRENT_KVNO 256 /* we want the current KVNO */ +/* 512, 1024, 2048 are reserved for kvno operations that is not part of the 1.5 branch */ +#define HDB_F_ALL_KVNOS 2048 /* we want all the keys, live or not */ +#define HDB_F_FOR_AS_REQ 4096 /* fetch is for a AS REQ */ +#define HDB_F_FOR_TGS_REQ 8192 /* fetch is for a TGS REQ */ + +/* hdb_capability_flags */ +#define HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL 1 +#define HDB_CAP_F_HANDLE_PASSWORDS 2 +#define HDB_CAP_F_PASSWORD_UPDATE_KEYS 4 + +/* auth status values */ +#define HDB_AUTH_SUCCESS 0 +#define HDB_AUTH_WRONG_PASSWORD 1 +#define HDB_AUTH_INVALID_SIGNATURE 2 /* key usage for master key */ #define HDB_KU_MKEY 0x484442 typedef struct hdb_master_key_data *hdb_master_key; +/** + * hdb_entry_ex is a wrapper structure around the hdb_entry structure + * that allows backends to keep a pointer to the backing store, ie in + * ->hdb_fetch_kvno(), so that we the kadmin/kpasswd backend gets around to + * ->hdb_store(), the backend doesn't need to lookup the entry again. + */ + typedef struct hdb_entry_ex { void *ctx; hdb_entry entry; @@ -66,68 +92,173 @@ typedef struct hdb_entry_ex { } hdb_entry_ex; +/** + * HDB backend function pointer structure + * + * The HDB structure is what the KDC and kadmind framework uses to + * query the backend database when talking about principals. + */ + typedef struct HDB{ void *hdb_db; - void *hdb_dbc; + void *hdb_dbc; /** don't use, only for DB3 */ char *hdb_name; int hdb_master_key_set; hdb_master_key hdb_master_key; int hdb_openp; - - krb5_error_code (*hdb_open)(krb5_context, - struct HDB*, - int, - mode_t); - krb5_error_code (*hdb_close)(krb5_context, - struct HDB*); - void (*hdb_free)(krb5_context, - struct HDB*, - hdb_entry_ex*); - krb5_error_code (*hdb_fetch)(krb5_context, - struct HDB*, - krb5_const_principal, - unsigned, - hdb_entry_ex*); - krb5_error_code (*hdb_store)(krb5_context, - struct HDB*, - unsigned, - hdb_entry_ex*); - krb5_error_code (*hdb_remove)(krb5_context, - struct HDB*, + int hdb_capability_flags; + /** + * Open (or create) the a Kerberos database. + * + * Open (or create) the a Kerberos database that was resolved with + * hdb_create(). The third and fourth flag to the function are the + * same as open(), thus passing O_CREAT will create the data base + * if it doesn't exists. + * + * Then done the caller should call hdb_close(), and to release + * all resources hdb_destroy(). + */ + krb5_error_code (*hdb_open)(krb5_context, struct HDB*, int, mode_t); + /** + * Close the database for transaction + * + * Closes the database for further transactions, wont release any + * permanant resources. the database can be ->hdb_open-ed again. + */ + krb5_error_code (*hdb_close)(krb5_context, struct HDB*); + /** + * Free an entry after use. + */ + void (*hdb_free)(krb5_context, struct HDB*, hdb_entry_ex*); + /** + * Fetch an entry from the backend + * + * Fetch an entry from the backend, flags are what type of entry + * should be fetch: client, server, krbtgt. + * knvo (if specified and flags HDB_F_KVNO_SPECIFIED set) is the kvno to get + */ + krb5_error_code (*hdb_fetch_kvno)(krb5_context, struct HDB*, + krb5_const_principal, unsigned, krb5_kvno, + hdb_entry_ex*); + /** + * Store an entry to database + */ + krb5_error_code (*hdb_store)(krb5_context, struct HDB*, + unsigned, hdb_entry_ex*); + /** + * Remove an entry from the database. + */ + krb5_error_code (*hdb_remove)(krb5_context, struct HDB*, krb5_const_principal); - krb5_error_code (*hdb_firstkey)(krb5_context, - struct HDB*, - unsigned, - hdb_entry_ex*); - krb5_error_code (*hdb_nextkey)(krb5_context, - struct HDB*, - unsigned, - hdb_entry_ex*); - krb5_error_code (*hdb_lock)(krb5_context, - struct HDB*, - int operation); - krb5_error_code (*hdb_unlock)(krb5_context, - struct HDB*); - krb5_error_code (*hdb_rename)(krb5_context, - struct HDB*, - const char*); - krb5_error_code (*hdb__get)(krb5_context, - struct HDB*, - krb5_data, - krb5_data*); - krb5_error_code (*hdb__put)(krb5_context, - struct HDB*, - int, - krb5_data, - krb5_data); - krb5_error_code (*hdb__del)(krb5_context, - struct HDB*, - krb5_data); - krb5_error_code (*hdb_destroy)(krb5_context, - struct HDB*); + /** + * As part of iteration, fetch one entry + */ + krb5_error_code (*hdb_firstkey)(krb5_context, struct HDB*, + unsigned, hdb_entry_ex*); + /** + * As part of iteration, fetch next entry + */ + krb5_error_code (*hdb_nextkey)(krb5_context, struct HDB*, + unsigned, hdb_entry_ex*); + /** + * Lock database + * + * A lock can only be held by one consumers. Transaction can still + * happen on the database while the lock is held, so the entry is + * only useful for syncroning creation of the database and renaming of the database. + */ + krb5_error_code (*hdb_lock)(krb5_context, struct HDB*, int); + /** + * Unlock database + */ + krb5_error_code (*hdb_unlock)(krb5_context, struct HDB*); + /** + * Rename the data base. + * + * Assume that the database is not hdb_open'ed and not locked. + */ + krb5_error_code (*hdb_rename)(krb5_context, struct HDB*, const char*); + /** + * Get an hdb_entry from a classical DB backend + * + * If the database is a classical DB (ie BDB, NDBM, GDBM, etc) + * backend, this function will take a principal key (krb5_data) + * and return all data related to principal in the return + * krb5_data. The returned encoded entry is of type hdb_entry or + * hdb_entry_alias. + */ + krb5_error_code (*hdb__get)(krb5_context, struct HDB*, + krb5_data, krb5_data*); + /** + * Store an hdb_entry from a classical DB backend + * + * Same discussion as in @ref HDB::hdb__get + */ + krb5_error_code (*hdb__put)(krb5_context, struct HDB*, int, + krb5_data, krb5_data); + /** + * Delete and hdb_entry from a classical DB backend + * + * Same discussion as in @ref HDB::hdb__get + */ + krb5_error_code (*hdb__del)(krb5_context, struct HDB*, krb5_data); + /** + * Destroy the handle to the database. + * + * Destroy the handle to the database, deallocate all memory and + * related resources. Does not remove any permanent data. Its the + * logical reverse of hdb_create() function that is the entry + * point for the module. + */ + krb5_error_code (*hdb_destroy)(krb5_context, struct HDB*); + /** + * Get the list of realms this backend handles. + * This call is optional to support. The returned realms are used + * for announcing the realms over bonjour. Free returned array + * with krb5_free_host_realm(). + */ + krb5_error_code (*hdb_get_realms)(krb5_context, struct HDB *, krb5_realm **); + /** + * Change password. + * + * Will update keys for the entry when given password. The new + * keys must be written into the entry and will then later be + * ->hdb_store() into the database. The backend will still perform + * all other operations, increasing the kvno, and update + * modification timestamp. + * + * The backend needs to call _kadm5_set_keys() and perform password + * quality checks. + */ + krb5_error_code (*hdb_password)(krb5_context, struct HDB*, hdb_entry_ex*, const char *, int); + + /** + * Auth feedback + * + * This is a feedback call that allows backends that provides + * lockout functionality to register failure and/or successes. + * + * In case the entry is locked out, the backend should set the + * hdb_entry.flags.locked-out flag. + */ + krb5_error_code (*hdb_auth_status)(krb5_context, struct HDB *, hdb_entry_ex *, int); + /** + * Check if delegation is allowed. + */ + krb5_error_code (*hdb_check_constrained_delegation)(krb5_context, struct HDB *, hdb_entry_ex *, krb5_const_principal); + + /** + * Check if this name is an alias for the supplied client for PKINIT userPrinicpalName logins + */ + krb5_error_code (*hdb_check_pkinit_ms_upn_match)(krb5_context, struct HDB *, hdb_entry_ex *, krb5_const_principal); + + /** + * Check if s4u2self is allowed from this client to this server + */ + krb5_error_code (*hdb_check_s4u2self)(krb5_context, struct HDB *, hdb_entry_ex *, krb5_const_principal); }HDB; -#define HDB_INTERFACE_VERSION 4 +#define HDB_INTERFACE_VERSION 7 struct hdb_so_method { int version; @@ -139,6 +270,14 @@ typedef krb5_error_code (*hdb_foreach_func_t)(krb5_context, HDB*, hdb_entry_ex*, void*); extern krb5_kt_ops hdb_kt_ops; +struct hdb_method { + int interface_version; + const char *prefix; + krb5_error_code (*create)(krb5_context, HDB **, const char *filename); +}; + +extern const int hdb_interface_version; + #include #endif /* __HDB_H__ */ diff --git a/lib/hdb/hdb.schema b/lib/hdb/hdb.schema index 6e5c0f7fd879..57303900dcee 100644 --- a/lib/hdb/hdb.schema +++ b/lib/hdb/hdb.schema @@ -1,6 +1,6 @@ # Definitions for a Kerberos V KDC schema # -# $Id: hdb.schema 14958 2005-04-25 17:33:40Z lha $ +# $Id$ # # This version is compatible with OpenLDAP 1.8 # diff --git a/lib/hdb/hdb_err.et b/lib/hdb/hdb_err.et index 5c5b80bb3660..2cad4daba414 100644 --- a/lib/hdb/hdb_err.et +++ b/lib/hdb/hdb_err.et @@ -3,7 +3,7 @@ # # This might look like a com_err file, but is not # -id "$Id: hdb_err.et 15878 2005-08-11 13:17:22Z lha $" +id "$Id$" error_table hdb @@ -24,5 +24,7 @@ error_code EXISTS, "Entry already exists in database" error_code BADVERSION, "Wrong database version" error_code NO_MKEY, "No correct master key" error_code MANDATORY_OPTION, "Entry contains unknown mandatory extension" +error_code NO_WRITE_SUPPORT, "HDB backend doesn't contain write support" +error_code NOT_FOUND_HERE, "The secret for this entry is not replicated to this database" end diff --git a/lib/hdb/hdb_locl.h b/lib/hdb/hdb_locl.h index abb4cd45d045..e896b5802575 100644 --- a/lib/hdb/hdb_locl.h +++ b/lib/hdb/hdb_locl.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: hdb_locl.h 22209 2007-12-07 19:03:41Z lha $ */ +/* $Id$ */ #ifndef __HDB_LOCL_H__ #define __HDB_LOCL_H__ diff --git a/lib/hdb/keys.c b/lib/hdb/keys.c index 60a58677fef9..3d0b9d7c1b31 100644 --- a/lib/hdb/keys.c +++ b/lib/hdb/keys.c @@ -1,40 +1,39 @@ + /* - * Copyright (c) 1997 - 2001, 2003 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001, 2003 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hdb_locl.h" -RCSID("$Id: keys.c 22071 2007-11-14 20:04:50Z lha $"); - /* * free all the memory used by (len, keys) */ @@ -57,7 +56,7 @@ hdb_free_keys (krb5_context context, int len, Key *keys) free (keys); } -/* +/* * for each entry in `default_keys' try to parse it as a sequence * of etype:salttype:salt, syntax of this if something like: * [(des|des3|etype):](pw-salt|afs3)[:string], if etype is omitted it @@ -68,19 +67,21 @@ hdb_free_keys (krb5_context context, int len, Key *keys) * afs or afs3 == des:afs3-salt */ -/* the 3 DES types must be first */ -static const krb5_enctype all_etypes[] = { +static const krb5_enctype des_etypes[] = { ETYPE_DES_CBC_MD5, ETYPE_DES_CBC_MD4, - ETYPE_DES_CBC_CRC, + ETYPE_DES_CBC_CRC +}; + +static const krb5_enctype all_etypes[] = { ETYPE_AES256_CTS_HMAC_SHA1_96, ETYPE_ARCFOUR_HMAC_MD5, ETYPE_DES3_CBC_SHA1 }; static krb5_error_code -parse_key_set(krb5_context context, const char *key, - krb5_enctype **ret_enctypes, size_t *ret_num_enctypes, +parse_key_set(krb5_context context, const char *key, + krb5_enctype **ret_enctypes, size_t *ret_num_enctypes, krb5_salt *salt, krb5_principal principal) { const char *p; @@ -90,7 +91,7 @@ parse_key_set(krb5_context context, const char *key, krb5_enctype e; const krb5_enctype *enctypes = NULL; krb5_error_code ret; - + p = key; *ret_enctypes = NULL; @@ -110,8 +111,8 @@ parse_key_set(krb5_context context, const char *key, /* XXX there should be a string_to_etypes handling special cases like `des' and `all' */ if(strcmp(buf[i], "des") == 0) { - enctypes = all_etypes; - num_enctypes = 3; + enctypes = des_etypes; + num_enctypes = sizeof(des_etypes)/sizeof(des_etypes[0]); } else if(strcmp(buf[i], "des3") == 0) { e = ETYPE_DES3_CBC_SHA1; enctypes = &e; @@ -139,8 +140,8 @@ parse_key_set(krb5_context context, const char *key, salt->salttype = KRB5_PW_SALT; } else if(strcmp(buf[i], "afs3-salt") == 0) { if(enctypes == NULL) { - enctypes = all_etypes; - num_enctypes = 3; + enctypes = des_etypes; + num_enctypes = sizeof(des_etypes)/sizeof(des_etypes[0]); } salt->salttype = KRB5_AFS3_SALT; } @@ -153,39 +154,40 @@ parse_key_set(krb5_context context, const char *key, v4 compat, and a cell name for afs compat */ salt->saltvalue.data = strdup(buf[i]); if (salt->saltvalue.data == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } salt->saltvalue.length = strlen(buf[i]); } } - + if(enctypes == NULL || salt->salttype == 0) { - krb5_set_error_string(context, "bad value for default_keys `%s'", key); + krb5_set_error_message(context, EINVAL, "bad value for default_keys `%s'", key); return EINVAL; } - + /* if no salt was specified make up default salt */ if(salt->saltvalue.data == NULL) { if(salt->salttype == KRB5_PW_SALT) ret = krb5_get_pw_salt(context, principal, salt); else if(salt->salttype == KRB5_AFS3_SALT) { - krb5_realm *realm = krb5_princ_realm(context, principal); - salt->saltvalue.data = strdup(*realm); + krb5_const_realm realm = krb5_principal_get_realm(context, principal); + salt->saltvalue.data = strdup(realm); if(salt->saltvalue.data == NULL) { - krb5_set_error_string(context, "out of memory while " - "parsing salt specifiers"); + krb5_set_error_message(context, ENOMEM, + "out of memory while " + "parsing salt specifiers"); return ENOMEM; } strlwr(salt->saltvalue.data); - salt->saltvalue.length = strlen(*realm); + salt->saltvalue.length = strlen(realm); } } *ret_enctypes = malloc(sizeof(enctypes[0]) * num_enctypes); if (*ret_enctypes == NULL) { krb5_free_salt(context, *salt); - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } memcpy(*ret_enctypes, enctypes, sizeof(enctypes[0]) * num_enctypes); @@ -195,7 +197,7 @@ parse_key_set(krb5_context context, const char *key, } static krb5_error_code -add_enctype_to_key_set(Key **key_set, size_t *nkeyset, +add_enctype_to_key_set(Key **key_set, size_t *nkeyset, krb5_enctype enctype, krb5_salt *salt) { krb5_error_code ret; @@ -206,25 +208,25 @@ add_enctype_to_key_set(Key **key_set, size_t *nkeyset, tmp = realloc(*key_set, (*nkeyset + 1) * sizeof((*key_set)[0])); if (tmp == NULL) return ENOMEM; - + *key_set = tmp; key.key.keytype = enctype; key.key.keyvalue.length = 0; key.key.keyvalue.data = NULL; - + if (salt) { - key.salt = malloc(sizeof(*key.salt)); + key.salt = calloc(1, sizeof(*key.salt)); if (key.salt == NULL) { free_Key(&key); return ENOMEM; } - + key.salt->type = salt->salttype; krb5_data_zero (&key.salt->salt); - - ret = krb5_data_copy(&key.salt->salt, - salt->saltvalue.data, + + ret = krb5_data_copy(&key.salt->salt, + salt->saltvalue.data, salt->saltvalue.length); if (ret) { free_Key(&key); @@ -232,9 +234,9 @@ add_enctype_to_key_set(Key **key_set, size_t *nkeyset, } } else key.salt = NULL; - + (*key_set)[*nkeyset] = key; - + *nkeyset += 1; return 0; @@ -254,28 +256,24 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal, char **ktypes, **kp; krb5_error_code ret; Key *k, *key_set; - int i, j; - char *default_keytypes[] = { - "des:pw-salt", + size_t i, j; + static const char *default_keytypes[] = { "aes256-cts-hmac-sha1-96:pw-salt", "des3-cbc-sha1:pw-salt", "arcfour-hmac-md5:pw-salt", NULL }; - + ktypes = krb5_config_get_strings(context, NULL, "kadmin", "default_keys", NULL); if (ktypes == NULL) - ktypes = default_keytypes; - - if (ktypes == NULL) - abort(); + ktypes = (char **)(intptr_t)default_keytypes; *ret_key_set = key_set = NULL; *nkeyset = 0; ret = 0; - + for(kp = ktypes; kp && *kp; kp++) { const char *p; krb5_salt salt; @@ -292,7 +290,7 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal, p = "des:afs3-salt"; else if (strcmp(p, "arcfour-hmac-md5") == 0) p = "arcfour-hmac-md5:pw-salt"; - + memset(&salt, 0, sizeof(salt)); ret = parse_key_set(context, p, @@ -316,14 +314,14 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal, break; if (k->salt->type == salt.salttype && k->salt->salt.length == salt.saltvalue.length && - memcmp(k->salt->salt.data, salt.saltvalue.data, + memcmp(k->salt->salt.data, salt.saltvalue.data, salt.saltvalue.length) == 0) break; } } /* not a duplicate, lets add it */ if (j == *nkeyset) { - ret = add_enctype_to_key_set(&key_set, nkeyset, enctypes[i], + ret = add_enctype_to_key_set(&key_set, nkeyset, enctypes[i], no_salt ? NULL : &salt); if (ret) { free(enctypes); @@ -335,22 +333,22 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal, free(enctypes); krb5_free_salt(context, salt); } - + *ret_key_set = key_set; out: - if (ktypes != default_keytypes) + if (ktypes != (char **)(intptr_t)default_keytypes) krb5_config_free_strings(ktypes); if (ret) { - krb5_warn(context, ret, + krb5_warn(context, ret, "failed to parse the [kadmin]default_keys values"); for (i = 0; i < *nkeyset; i++) free_Key(&key_set[i]); free(key_set); } else if (*nkeyset == 0) { - krb5_warnx(context, + krb5_warnx(context, "failed to parse any of the [kadmin]default_keys values"); ret = EINVAL; /* XXX */ } @@ -360,13 +358,13 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal, krb5_error_code -hdb_generate_key_set_password(krb5_context context, - krb5_principal principal, - const char *password, - Key **keys, size_t *num_keys) +hdb_generate_key_set_password(krb5_context context, + krb5_principal principal, + const char *password, + Key **keys, size_t *num_keys) { krb5_error_code ret; - int i; + size_t i; ret = hdb_generate_key_set(context, principal, keys, num_keys, 0); diff --git a/lib/hdb/keytab.c b/lib/hdb/keytab.c index e319bb503155..c72b797dab4d 100644 --- a/lib/hdb/keytab.c +++ b/lib/hdb/keytab.c @@ -1,53 +1,58 @@ /* - * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hdb_locl.h" /* keytab backend for HDB databases */ -RCSID("$Id: keytab.c 18380 2006-10-09 12:36:40Z lha $"); - struct hdb_data { char *dbname; char *mkey; }; +struct hdb_cursor { + HDB *db; + hdb_entry_ex hdb_entry; + int first, next; + int key_idx; +}; + /* * the format for HDB keytabs is: - * HDB:[database:file:mkey] + * HDB:[HDBFORMAT:database-specific-data[:mkey=mkey-file]] */ -static krb5_error_code +static krb5_error_code KRB5_CALLCONV hdb_resolve(krb5_context context, const char *name, krb5_keytab id) { struct hdb_data *d; @@ -55,41 +60,38 @@ hdb_resolve(krb5_context context, const char *name, krb5_keytab id) d = malloc(sizeof(*d)); if(d == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } db = name; - mkey = strchr(name, ':'); - if(mkey == NULL || mkey[1] == '\0') { + mkey = strstr(name, ":mkey="); + if(mkey == NULL || mkey[5] == '\0') { if(*name == '\0') d->dbname = NULL; else { d->dbname = strdup(name); if(d->dbname == NULL) { free(d); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } } d->mkey = NULL; } else { - if((mkey - db) == 0) { - d->dbname = NULL; - } else { - d->dbname = malloc(mkey - db + 1); - if(d->dbname == NULL) { - free(d); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memmove(d->dbname, db, mkey - db); - d->dbname[mkey - db] = '\0'; + d->dbname = malloc(mkey - db + 1); + if(d->dbname == NULL) { + free(d); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; } - d->mkey = strdup(mkey + 1); + memmove(d->dbname, db, mkey - db); + d->dbname[mkey - db] = '\0'; + + d->mkey = strdup(mkey + 5); if(d->mkey == NULL) { free(d->dbname); free(d); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } } @@ -97,7 +99,7 @@ hdb_resolve(krb5_context context, const char *name, krb5_keytab id) return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV hdb_close(krb5_context context, krb5_keytab id) { struct hdb_data *d = id->data; @@ -108,76 +110,58 @@ hdb_close(krb5_context context, krb5_keytab id) return 0; } -static krb5_error_code -hdb_get_name(krb5_context context, - krb5_keytab id, - char *name, +static krb5_error_code KRB5_CALLCONV +hdb_get_name(krb5_context context, + krb5_keytab id, + char *name, size_t namesize) { struct hdb_data *d = id->data; - snprintf(name, namesize, "%s%s%s", + snprintf(name, namesize, "%s%s%s", d->dbname ? d->dbname : "", (d->dbname || d->mkey) ? ":" : "", d->mkey ? d->mkey : ""); return 0; } -static void -set_config (krb5_context context, - const krb5_config_binding *binding, - const char **dbname, - const char **mkey) -{ - *dbname = krb5_config_get_string(context, binding, "dbname", NULL); - *mkey = krb5_config_get_string(context, binding, "mkey_file", NULL); -} - /* * try to figure out the database (`dbname') and master-key (`mkey') * that should be used for `principal'. */ -static void +static krb5_error_code find_db (krb5_context context, - const char **dbname, - const char **mkey, + char **dbname, + char **mkey, krb5_const_principal principal) { - const krb5_config_binding *top_bind = NULL; - const krb5_config_binding *default_binding = NULL; - const krb5_config_binding *db; - krb5_realm *prealm = krb5_princ_realm(context, rk_UNCONST(principal)); + krb5_const_realm realm = krb5_principal_get_realm(context, principal); + krb5_error_code ret; + struct hdb_dbinfo *head, *dbinfo = NULL; *dbname = *mkey = NULL; - while ((db = - krb5_config_get_next(context, - NULL, - &top_bind, - krb5_config_list, - "kdc", - "database", - NULL)) != NULL) { - const char *p; - - p = krb5_config_get_string (context, db, "realm", NULL); - if (p == NULL) { - if(default_binding) { - krb5_warnx(context, "WARNING: more than one realm-less " - "database specification"); - krb5_warnx(context, "WARNING: using the first encountered"); - } else - default_binding = db; - } else if (strcmp (*prealm, p) == 0) { - set_config (context, db, dbname, mkey); + ret = hdb_get_dbinfo(context, &head); + if (ret) + return ret; + + while ((dbinfo = hdb_dbinfo_get_next(head, dbinfo)) != NULL) { + const char *p = hdb_dbinfo_get_realm(context, dbinfo); + if (p && strcmp (realm, p) == 0) { + p = hdb_dbinfo_get_dbname(context, dbinfo); + if (p) + *dbname = strdup(p); + p = hdb_dbinfo_get_mkey_file(context, dbinfo); + if (p) + *mkey = strdup(p); break; } } - if (*dbname == NULL && default_binding != NULL) - set_config (context, default_binding, dbname, mkey); + hdb_free_dbinfo(context, &head); if (*dbname == NULL) - *dbname = HDB_DEFAULT_DB; + *dbname = strdup(HDB_DEFAULT_DB); + return 0; } /* @@ -185,7 +169,7 @@ find_db (krb5_context context, * it in `entry'. return 0 or an error code */ -static krb5_error_code +static krb5_error_code KRB5_CALLCONV hdb_get_entry(krb5_context context, krb5_keytab id, krb5_const_principal principal, @@ -196,34 +180,41 @@ hdb_get_entry(krb5_context context, hdb_entry_ex ent; krb5_error_code ret; struct hdb_data *d = id->data; - int i; - HDB *db; const char *dbname = d->dbname; const char *mkey = d->mkey; + char *fdbname = NULL, *fmkey = NULL; + HDB *db; + size_t i; memset(&ent, 0, sizeof(ent)); - if (dbname == NULL) - find_db (context, &dbname, &mkey, principal); + if (dbname == NULL) { + ret = find_db(context, &fdbname, &fmkey, principal); + if (ret) + return ret; + dbname = fdbname; + mkey = fmkey; + } ret = hdb_create (context, &db, dbname); if (ret) - return ret; + goto out2; ret = hdb_set_master_keyfile (context, db, mkey); if (ret) { (*db->hdb_destroy)(context, db); - return ret; + goto out2; } - + ret = (*db->hdb_open)(context, db, O_RDONLY, 0); if (ret) { (*db->hdb_destroy)(context, db); - return ret; + goto out2; } - ret = (*db->hdb_fetch)(context, db, principal, - HDB_F_DECRYPT| - HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, - &ent); + + ret = (*db->hdb_fetch_kvno)(context, db, principal, + HDB_F_DECRYPT|HDB_F_KVNO_SPECIFIED| + HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, + kvno, &ent); if(ret == HDB_ERR_NOENTRY) { ret = KRB5_KT_NOTFOUND; @@ -231,7 +222,7 @@ hdb_get_entry(krb5_context context, }else if(ret) goto out; - if(kvno && ent.entry.kvno != kvno) { + if(kvno && (krb5_kvno)ent.entry.kvno != kvno) { hdb_free_entry(context, &ent); ret = KRB5_KT_NOTFOUND; goto out; @@ -244,29 +235,190 @@ hdb_get_entry(krb5_context context, if(ent.entry.keys.val[i].key.keytype == enctype) { krb5_copy_principal(context, principal, &entry->principal); entry->vno = ent.entry.kvno; - krb5_copy_keyblock_contents(context, - &ent.entry.keys.val[i].key, + krb5_copy_keyblock_contents(context, + &ent.entry.keys.val[i].key, &entry->keyblock); ret = 0; break; } } hdb_free_entry(context, &ent); -out: + out: (*db->hdb_close)(context, db); (*db->hdb_destroy)(context, db); + out2: + free(fdbname); + free(fmkey); return ret; } +/* + * find the keytab entry in `id' for `principal, kvno, enctype' and return + * it in `entry'. return 0 or an error code + */ + +static krb5_error_code KRB5_CALLCONV +hdb_start_seq_get(krb5_context context, + krb5_keytab id, + krb5_kt_cursor *cursor) +{ + krb5_error_code ret; + struct hdb_cursor *c; + struct hdb_data *d = id->data; + const char *dbname = d->dbname; + const char *mkey = d->mkey; + HDB *db; + + if (dbname == NULL) { + /* + * We don't support enumerating without being told what + * backend to enumerate on + */ + ret = KRB5_KT_NOTFOUND; + return ret; + } + + ret = hdb_create (context, &db, dbname); + if (ret) + return ret; + ret = hdb_set_master_keyfile (context, db, mkey); + if (ret) { + (*db->hdb_destroy)(context, db); + return ret; + } + + ret = (*db->hdb_open)(context, db, O_RDONLY, 0); + if (ret) { + (*db->hdb_destroy)(context, db); + return ret; + } + + cursor->data = c = malloc (sizeof(*c)); + if(c == NULL){ + (*db->hdb_close)(context, db); + (*db->hdb_destroy)(context, db); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + + c->db = db; + c->first = TRUE; + c->next = TRUE; + c->key_idx = 0; + + cursor->data = c; + return ret; +} + +static int KRB5_CALLCONV +hdb_next_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry, + krb5_kt_cursor *cursor) +{ + struct hdb_cursor *c = cursor->data; + krb5_error_code ret; + + memset(entry, 0, sizeof(*entry)); + + if (c->first) { + c->first = FALSE; + ret = (c->db->hdb_firstkey)(context, c->db, + HDB_F_DECRYPT| + HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, + &c->hdb_entry); + if (ret == HDB_ERR_NOENTRY) + return KRB5_KT_END; + else if (ret) + return ret; + + if (c->hdb_entry.entry.keys.len == 0) + hdb_free_entry(context, &c->hdb_entry); + else + c->next = FALSE; + } + + while (c->next) { + ret = (c->db->hdb_nextkey)(context, c->db, + HDB_F_DECRYPT| + HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, + &c->hdb_entry); + if (ret == HDB_ERR_NOENTRY) + return KRB5_KT_END; + else if (ret) + return ret; + + /* If no keys on this entry, try again */ + if (c->hdb_entry.entry.keys.len == 0) + hdb_free_entry(context, &c->hdb_entry); + else + c->next = FALSE; + } + + /* + * Return next enc type (keytabs are one slot per key, while + * hdb is one record per principal. + */ + + ret = krb5_copy_principal(context, + c->hdb_entry.entry.principal, + &entry->principal); + if (ret) + return ret; + + entry->vno = c->hdb_entry.entry.kvno; + ret = krb5_copy_keyblock_contents(context, + &c->hdb_entry.entry.keys.val[c->key_idx].key, + &entry->keyblock); + if (ret) { + krb5_free_principal(context, entry->principal); + memset(entry, 0, sizeof(*entry)); + return ret; + } + c->key_idx++; + + /* + * Once we get to the end of the list, signal that we want the + * next entry + */ + + if ((size_t)c->key_idx == c->hdb_entry.entry.keys.len) { + hdb_free_entry(context, &c->hdb_entry); + c->next = TRUE; + c->key_idx = 0; + } + + return 0; +} + + +static int KRB5_CALLCONV +hdb_end_seq_get(krb5_context context, + krb5_keytab id, + krb5_kt_cursor *cursor) +{ + struct hdb_cursor *c = cursor->data; + + if (!c->next) + hdb_free_entry(context, &c->hdb_entry); + + (c->db->hdb_close)(context, c->db); + (c->db->hdb_destroy)(context, c->db); + + free(c); + return 0; +} + krb5_kt_ops hdb_kt_ops = { "HDB", hdb_resolve, hdb_get_name, hdb_close, + NULL, /* destroy */ hdb_get_entry, - NULL, /* start_seq_get */ - NULL, /* next_entry */ - NULL, /* end_seq_get */ + hdb_start_seq_get, + hdb_next_entry, + hdb_end_seq_get, NULL, /* add */ NULL /* remove */ }; diff --git a/lib/hdb/libhdb-exports.def b/lib/hdb/libhdb-exports.def new file mode 100644 index 000000000000..4a93f7f92ada --- /dev/null +++ b/lib/hdb/libhdb-exports.def @@ -0,0 +1,100 @@ +EXPORTS + encode_hdb_keyset + hdb_add_master_key + hdb_check_db_format + hdb_clear_extension + hdb_clear_master_key + hdb_create + hdb_db_dir + hdb_dbinfo_get_acl_file + hdb_dbinfo_get_binding + hdb_dbinfo_get_dbname + hdb_dbinfo_get_label + hdb_dbinfo_get_log_file + hdb_dbinfo_get_mkey_file + hdb_dbinfo_get_next + hdb_dbinfo_get_realm + hdb_default_db + hdb_enctype2key + hdb_entry2string + hdb_entry2value + hdb_entry_alias2value + hdb_entry_check_mandatory + hdb_entry_clear_password + hdb_entry_get_ConstrainedDelegACL + hdb_entry_get_aliases + hdb_entry_get_password + hdb_entry_get_pkinit_acl + hdb_entry_get_pkinit_cert + hdb_entry_get_pkinit_hash + hdb_entry_get_pw_change_time + hdb_entry_set_password + hdb_entry_set_pw_change_time + hdb_find_extension + hdb_foreach + hdb_free_dbinfo + hdb_free_entry + hdb_free_key + hdb_free_keys + hdb_free_master_key + hdb_generate_key_set + hdb_generate_key_set_password + hdb_get_dbinfo + hdb_init_db + hdb_interface_version DATA + hdb_key2principal + hdb_list_builtin + hdb_lock + hdb_next_enctype2key + hdb_principal2key + hdb_print_entry + hdb_process_master_key + hdb_read_master_key + hdb_replace_extension + hdb_seal_key + hdb_seal_key_mkey + hdb_seal_keys + hdb_seal_keys_mkey + hdb_set_master_key + hdb_set_master_keyfile + hdb_unlock + hdb_unseal_key + hdb_unseal_key_mkey + hdb_unseal_keys + hdb_unseal_keys_mkey + hdb_value2entry + hdb_value2entry_alias + hdb_write_master_key + length_hdb_keyset + initialize_hdb_error_table_r + + hdb_kt_ops + +; some random bits needed for libkadm + HDBFlags2int + asn1_HDBFlags_units + copy_Event + copy_HDB_extensions + copy_Key + copy_Salt + decode_HDB_Ext_Aliases + decode_HDB_Ext_PKINIT_acl + decode_HDB_extension + decode_Key + encode_HDB_Ext_Aliases + encode_HDB_Ext_PKINIT_acl + encode_HDB_extension + encode_Key + free_Event + free_HDB_Ext_Aliases + free_HDB_Ext_PKINIT_acl + free_HDB_extension + free_HDB_extensions + free_Key + free_Salt + free_hdb_entry + int2HDBFlags + length_HDB_Ext_Aliases + length_HDB_Ext_PKINIT_acl + length_HDB_extension + length_Key diff --git a/lib/hdb/libhdb-version.rc b/lib/hdb/libhdb-version.rc new file mode 100644 index 000000000000..b0d417b37ace --- /dev/null +++ b/lib/hdb/libhdb-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_DLL +#define RC_FILE_DESC_0409 "Heimdal DB Library" +#define RC_FILE_ORIG_0409 "libhdb.dll" + +#include "../../windows/version.rc" diff --git a/lib/hdb/mkey.c b/lib/hdb/mkey.c index 05cf71c59311..9eb98fca32c0 100644 --- a/lib/hdb/mkey.c +++ b/lib/hdb/mkey.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hdb_locl.h" @@ -36,8 +36,6 @@ #define O_BINARY 0 #endif -RCSID("$Id: mkey.c 21745 2007-07-31 16:11:25Z lha $"); - struct hdb_master_key_data { krb5_keytab_entry keytab; krb5_crypto crypto; @@ -67,7 +65,7 @@ hdb_process_master_key(krb5_context context, *mkey = calloc(1, sizeof(**mkey)); if(*mkey == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } (*mkey)->keytab.vno = kvno; @@ -110,7 +108,7 @@ hdb_add_master_key(krb5_context context, krb5_keyblock *key, } static krb5_error_code -read_master_keytab(krb5_context context, const char *filename, +read_master_keytab(krb5_context context, const char *filename, hdb_master_key *mkey) { krb5_error_code ret; @@ -118,7 +116,7 @@ read_master_keytab(krb5_context context, const char *filename, krb5_kt_cursor cursor; krb5_keytab_entry entry; hdb_master_key p; - + ret = krb5_kt_resolve(context, filename, &id); if(ret) return ret; @@ -147,20 +145,20 @@ read_master_keytab(krb5_context context, const char *filename, /* read a MIT master keyfile */ static krb5_error_code -read_master_mit(krb5_context context, const char *filename, - hdb_master_key *mkey) +read_master_mit(krb5_context context, const char *filename, + int byteorder, hdb_master_key *mkey) { int fd; krb5_error_code ret; krb5_storage *sp; int16_t enctype; krb5_keyblock key; - + fd = open(filename, O_RDONLY | O_BINARY); if(fd < 0) { int save_errno = errno; - krb5_set_error_string(context, "failed to open %s: %s", filename, - strerror(save_errno)); + krb5_set_error_message(context, save_errno, "failed to open %s: %s", + filename, strerror(save_errno)); return save_errno; } sp = krb5_storage_from_fd(fd); @@ -168,25 +166,22 @@ read_master_mit(krb5_context context, const char *filename, close(fd); return errno; } - krb5_storage_set_flags(sp, KRB5_STORAGE_HOST_BYTEORDER); -#if 0 + krb5_storage_set_flags(sp, byteorder); /* could possibly use ret_keyblock here, but do it with more checks for now */ - ret = krb5_ret_keyblock(sp, &key); -#else - ret = krb5_ret_int16(sp, &enctype); - if((htons(enctype) & 0xff00) == 0x3000) { - krb5_set_error_string(context, "unknown keytype in %s: %#x, expected %#x", - filename, htons(enctype), 0x3000); - ret = HEIM_ERR_BAD_MKEY; - goto out; + { + ret = krb5_ret_int16(sp, &enctype); + if (ret) + goto out; + ret = krb5_enctype_valid(context, enctype); + if (ret) + goto out; + key.keytype = enctype; + ret = krb5_ret_data(sp, &key.keyvalue); + if(ret) + goto out; } - key.keytype = enctype; - ret = krb5_ret_data(sp, &key.keyvalue); - if(ret) - goto out; -#endif - ret = hdb_process_master_key(context, 0, &key, 0, mkey); + ret = hdb_process_master_key(context, 1, &key, 0, mkey); krb5_free_keyblock_contents(context, &key); out: krb5_storage_free(sp); @@ -196,7 +191,7 @@ read_master_mit(krb5_context context, const char *filename, /* read an old master key file */ static krb5_error_code -read_master_encryptionkey(krb5_context context, const char *filename, +read_master_encryptionkey(krb5_context context, const char *filename, hdb_master_key *mkey) { int fd; @@ -205,20 +200,20 @@ read_master_encryptionkey(krb5_context context, const char *filename, unsigned char buf[256]; ssize_t len; size_t ret_len; - + fd = open(filename, O_RDONLY | O_BINARY); if(fd < 0) { int save_errno = errno; - krb5_set_error_string(context, "failed to open %s: %s", + krb5_set_error_message(context, save_errno, "failed to open %s: %s", filename, strerror(save_errno)); return save_errno; } - + len = read(fd, buf, sizeof(buf)); close(fd); if(len < 0) { int save_errno = errno; - krb5_set_error_string(context, "error reading %s: %s", + krb5_set_error_message(context, save_errno, "error reading %s: %s", filename, strerror(save_errno)); return save_errno; } @@ -233,9 +228,9 @@ read_master_encryptionkey(krb5_context context, const char *filename, should cover all cases, but will break if someone has hacked this code to really use des-cbc-md5 -- but then that's not my problem. */ - if(key.keytype == KEYTYPE_DES || key.keytype == ETYPE_DES_CBC_MD5) + if(key.keytype == ETYPE_DES_CBC_CRC || key.keytype == ETYPE_DES_CBC_MD5) key.keytype = ETYPE_DES_CFB64_NONE; - + ret = hdb_process_master_key(context, 0, &key, 0, mkey); krb5_free_keyblock_contents(context, &key); return ret; @@ -243,7 +238,7 @@ read_master_encryptionkey(krb5_context context, const char *filename, /* read a krb4 /.k style file */ static krb5_error_code -read_master_krb4(krb5_context context, const char *filename, +read_master_krb4(krb5_context context, const char *filename, hdb_master_key *mkey) { int fd; @@ -251,25 +246,26 @@ read_master_krb4(krb5_context context, const char *filename, krb5_error_code ret; unsigned char buf[256]; ssize_t len; - + fd = open(filename, O_RDONLY | O_BINARY); if(fd < 0) { int save_errno = errno; - krb5_set_error_string(context, "failed to open %s: %s", - filename, strerror(save_errno)); + krb5_set_error_message(context, save_errno, "failed to open %s: %s", + filename, strerror(save_errno)); return save_errno; } - + len = read(fd, buf, sizeof(buf)); close(fd); if(len < 0) { int save_errno = errno; - krb5_set_error_string(context, "error reading %s: %s", - filename, strerror(save_errno)); + krb5_set_error_message(context, save_errno, "error reading %s: %s", + filename, strerror(save_errno)); return save_errno; } if(len != 8) { - krb5_set_error_string(context, "bad contents of %s", filename); + krb5_set_error_message(context, HEIM_ERR_EOF, + "bad contents of %s", filename); return HEIM_ERR_EOF; /* XXX file might be too large */ } @@ -277,7 +273,7 @@ read_master_krb4(krb5_context context, const char *filename, key.keytype = ETYPE_DES_PCBC_NONE; ret = krb5_data_copy(&key.keyvalue, buf, len); memset(buf, 0, sizeof(buf)); - if(ret) + if(ret) return ret; ret = hdb_process_master_key(context, 0, &key, 0, mkey); @@ -286,7 +282,7 @@ read_master_krb4(krb5_context context, const char *filename, } krb5_error_code -hdb_read_master_key(krb5_context context, const char *filename, +hdb_read_master_key(krb5_context context, const char *filename, hdb_master_key *mkey) { FILE *f; @@ -303,26 +299,26 @@ hdb_read_master_key(krb5_context context, const char *filename, f = fopen(filename, "r"); if(f == NULL) { int save_errno = errno; - krb5_set_error_string(context, "failed to open %s: %s", - filename, strerror(save_errno)); + krb5_set_error_message(context, save_errno, "failed to open %s: %s", + filename, strerror(save_errno)); return save_errno; } - + if(fread(buf, 1, 2, f) != 2) { - krb5_set_error_string(context, "end of file reading %s", filename); fclose(f); + krb5_set_error_message(context, HEIM_ERR_EOF, "end of file reading %s", filename); return HEIM_ERR_EOF; } - + fseek(f, 0, SEEK_END); len = ftell(f); if(fclose(f) != 0) return errno; - + if(len < 0) return errno; - + if(len == 8) { ret = read_master_krb4(context, filename, mkey); } else if(buf[0] == 0x30 && len <= 127 && buf[1] == len - 2) { @@ -330,13 +326,20 @@ hdb_read_master_key(krb5_context context, const char *filename, } else if(buf[0] == 5 && buf[1] >= 1 && buf[1] <= 2) { ret = read_master_keytab(context, filename, mkey); } else { - ret = read_master_mit(context, filename, mkey); + /* + * Check both LittleEndian and BigEndian since they key file + * might be moved from a machine with diffrent byte order, or + * its running on MacOS X that always uses BE master keys. + */ + ret = read_master_mit(context, filename, KRB5_STORAGE_BYTEORDER_LE, mkey); + if (ret) + ret = read_master_mit(context, filename, KRB5_STORAGE_BYTEORDER_BE, mkey); } return ret; } krb5_error_code -hdb_write_master_key(krb5_context context, const char *filename, +hdb_write_master_key(krb5_context context, const char *filename, hdb_master_key mkey) { krb5_error_code ret; @@ -369,7 +372,7 @@ _hdb_find_master_key(uint32_t *mkvno, hdb_master_key mkey) if(mkvno == NULL) { if(ret == NULL || mkey->keytab.vno > ret->keytab.vno) ret = mkey; - } else if(mkey->keytab.vno == *mkvno) + } else if((uint32_t)mkey->keytab.vno == *mkvno) return mkey; mkey = mkey->next; } @@ -401,9 +404,9 @@ _hdb_mkey_encrypt(krb5_context context, hdb_master_key key, } krb5_error_code -hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey) +hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey) { - + krb5_error_code ret; krb5_data res; size_t keysize; @@ -412,7 +415,7 @@ hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey) if(k->mkvno == NULL) return 0; - + key = _hdb_find_master_key(k->mkvno, mkey); if (key == NULL) @@ -428,7 +431,7 @@ hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey) k->key.keyvalue.data, k->key.keyvalue.length, &res); - } + } if (ret) return ret; @@ -456,13 +459,13 @@ hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey) krb5_error_code hdb_unseal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey) { - int i; + size_t i; for(i = 0; i < ent->keys.len; i++){ krb5_error_code ret; ret = hdb_unseal_key_mkey(context, &ent->keys.val[i], mkey); - if (ret) + if (ret) return ret; } return 0; @@ -516,14 +519,14 @@ hdb_seal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey) return ENOMEM; } *k->mkvno = key->keytab.vno; - + return 0; } krb5_error_code hdb_seal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey) { - int i; + size_t i; for(i = 0; i < ent->keys.len; i++){ krb5_error_code ret; @@ -539,7 +542,7 @@ hdb_seal_keys(krb5_context context, HDB *db, hdb_entry *ent) { if (db->hdb_master_key_set == 0) return 0; - + return hdb_seal_keys_mkey(context, ent, db->hdb_master_key); } @@ -548,7 +551,7 @@ hdb_seal_key(krb5_context context, HDB *db, Key *k) { if (db->hdb_master_key_set == 0) return 0; - + return hdb_seal_key_mkey(context, k, db->hdb_master_key); } @@ -583,7 +586,7 @@ hdb_set_master_keyfile (krb5_context context, if (ret) { if (ret != ENOENT) return ret; - krb5_clear_error_string(context); + krb5_clear_error_message(context); return 0; } db->hdb_master_key = key; diff --git a/lib/hdb/ndbm.c b/lib/hdb/ndbm.c index 6575b8a4171c..5b2c07e5f644 100644 --- a/lib/hdb/ndbm.c +++ b/lib/hdb/ndbm.c @@ -1,47 +1,47 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hdb_locl.h" -RCSID("$Id: ndbm.c 16395 2005-12-13 11:54:10Z lha $"); - #if HAVE_NDBM #if defined(HAVE_GDBM_NDBM_H) #include +#define WRITE_SUPPORT 1 #elif defined(HAVE_NDBM_H) #include #elif defined(HAVE_DBM_H) +#define WRITE_SUPPORT 1 #include #endif @@ -53,9 +53,7 @@ struct ndbm_db { static krb5_error_code NDBM_destroy(krb5_context context, HDB *db) { - krb5_error_code ret; - - ret = hdb_clear_master_key (context, db); + hdb_clear_master_key (context, db); free(db->hdb_name); free(db); return 0; @@ -76,7 +74,7 @@ NDBM_unlock(krb5_context context, HDB *db) } static krb5_error_code -NDBM_seq(krb5_context context, HDB *db, +NDBM_seq(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry, int first) { @@ -110,9 +108,9 @@ NDBM_seq(krb5_context context, HDB *db, if (ret == 0 && entry->entry.principal == NULL) { entry->entry.principal = malloc (sizeof(*entry->entry.principal)); if (entry->entry.principal == NULL) { - ret = ENOMEM; hdb_free_entry (context, entry); - krb5_set_error_string(context, "malloc: out of memory"); + ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); } else { hdb_key2principal (context, &key_data, entry->entry.principal); } @@ -135,40 +133,59 @@ NDBM_nextkey(krb5_context context, HDB *db, unsigned flags,hdb_entry_ex *entry) } static krb5_error_code -NDBM_rename(krb5_context context, HDB *db, const char *new_name) +open_lock_file(krb5_context context, const char *db_name, int *fd) { - /* XXX this function will break */ - struct ndbm_db *d = db->hdb_db; - - int ret; - char *old_dir, *old_pag, *new_dir, *new_pag; - char *new_lock; - int lock_fd; + char *lock_file; /* lock old and new databases */ - ret = db->hdb_lock(context, db, HDB_WLOCK); - if(ret) - return ret; - asprintf(&new_lock, "%s.lock", new_name); - if(new_lock == NULL) { - db->hdb_unlock(context, db); - krb5_set_error_string(context, "malloc: out of memory"); + asprintf(&lock_file, "%s.lock", db_name); + if(lock_file == NULL) { + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } - lock_fd = open(new_lock, O_RDWR | O_CREAT, 0600); - if(lock_fd < 0) { - ret = errno; - db->hdb_unlock(context, db); - krb5_set_error_string(context, "open(%s): %s", new_lock, - strerror(ret)); - free(new_lock); + + *fd = open(lock_file, O_RDWR | O_CREAT, 0600); + free(lock_file); + if(*fd < 0) { + int ret = errno; + krb5_set_error_message(context, ret, "open(%s): %s", lock_file, + strerror(ret)); return ret; } - free(new_lock); - ret = hdb_lock(lock_fd, HDB_WLOCK); + return 0; +} + + +static krb5_error_code +NDBM_rename(krb5_context context, HDB *db, const char *new_name) +{ + int ret; + char *old_dir, *old_pag, *new_dir, *new_pag; + int old_lock_fd, new_lock_fd; + + /* lock old and new databases */ + ret = open_lock_file(context, db->hdb_name, &old_lock_fd); + if (ret) + return ret; + + ret = hdb_lock(old_lock_fd, HDB_WLOCK); if(ret) { - db->hdb_unlock(context, db); - close(lock_fd); + close(old_lock_fd); + return ret; + } + + ret = open_lock_file(context, new_name, &new_lock_fd); + if (ret) { + hdb_unlock(old_lock_fd); + close(old_lock_fd); + return ret; + } + + ret = hdb_lock(new_lock_fd, HDB_WLOCK); + if(ret) { + hdb_unlock(old_lock_fd); + close(old_lock_fd); + close(new_lock_fd); return ret; } @@ -178,23 +195,26 @@ NDBM_rename(krb5_context context, HDB *db, const char *new_name) asprintf(&new_pag, "%s.pag", new_name); ret = rename(old_dir, new_dir) || rename(old_pag, new_pag); + if (ret) { + ret = errno; + if (ret == 0) + ret = EPERM; + krb5_set_error_message(context, ret, "rename: %s", strerror(ret)); + } + free(old_dir); free(old_pag); free(new_dir); free(new_pag); - hdb_unlock(lock_fd); - db->hdb_unlock(context, db); - if(ret) { - ret = errno; - close(lock_fd); - krb5_set_error_string(context, "rename: %s", strerror(ret)); + hdb_unlock(new_lock_fd); + hdb_unlock(old_lock_fd); + close(new_lock_fd); + close(old_lock_fd); + + if(ret) return ret; - } - close(d->lock_fd); - d->lock_fd = lock_fd; - free(db->hdb_name); db->hdb_name = strdup(new_name); return 0; @@ -222,9 +242,10 @@ NDBM__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply) } static krb5_error_code -NDBM__put(krb5_context context, HDB *db, int replace, +NDBM__put(krb5_context context, HDB *db, int replace, krb5_data key, krb5_data value) { +#ifdef WRITE_SUPPORT struct ndbm_db *d = (struct ndbm_db *)db->hdb_db; datum k, v; int code; @@ -244,6 +265,9 @@ NDBM__put(krb5_context context, HDB *db, int replace, if (code < 0) return code; return 0; +#else + return HDB_ERR_NO_WRITE_SUPPORT; +#endif } static krb5_error_code @@ -281,38 +305,31 @@ NDBM_open(krb5_context context, HDB *db, int flags, mode_t mode) { krb5_error_code ret; struct ndbm_db *d = malloc(sizeof(*d)); - char *lock_file; if(d == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - asprintf(&lock_file, "%s.lock", (char*)db->hdb_name); - if(lock_file == NULL) { - free(d); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } + d->db = dbm_open((char*)db->hdb_name, flags, mode); if(d->db == NULL){ ret = errno; free(d); - free(lock_file); - krb5_set_error_string(context, "dbm_open(%s): %s", db->hdb_name, - strerror(ret)); + krb5_set_error_message(context, ret, "dbm_open(%s): %s", db->hdb_name, + strerror(ret)); return ret; } - d->lock_fd = open(lock_file, O_RDWR | O_CREAT, 0600); - if(d->lock_fd < 0){ + + ret = open_lock_file(context, db->hdb_name, &d->lock_fd); + if (ret) { ret = errno; dbm_close(d->db); free(d); - krb5_set_error_string(context, "open(%s): %s", lock_file, - strerror(ret)); - free(lock_file); + krb5_set_error_message(context, ret, "open(lock file): %s", + strerror(ret)); return ret; } - free(lock_file); + db->hdb_db = d; if((flags & O_ACCMODE) == O_RDONLY) ret = hdb_check_db_format(context, db); @@ -322,37 +339,38 @@ NDBM_open(krb5_context context, HDB *db, int flags, mode_t mode) return 0; if (ret) { NDBM_close(context, db); - krb5_set_error_string(context, "hdb_open: failed %s database %s", - (flags & O_ACCMODE) == O_RDONLY ? - "checking format of" : "initialize", - db->hdb_name); + krb5_set_error_message(context, ret, "hdb_open: failed %s database %s", + (flags & O_ACCMODE) == O_RDONLY ? + "checking format of" : "initialize", + db->hdb_name); } return ret; } krb5_error_code -hdb_ndbm_create(krb5_context context, HDB **db, +hdb_ndbm_create(krb5_context context, HDB **db, const char *filename) { *db = calloc(1, sizeof(**db)); if (*db == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } (*db)->hdb_db = NULL; (*db)->hdb_name = strdup(filename); if ((*db)->hdb_name == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); free(*db); *db = NULL; + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } (*db)->hdb_master_key_set = 0; (*db)->hdb_openp = 0; + (*db)->hdb_capability_flags = HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL; (*db)->hdb_open = NDBM_open; (*db)->hdb_close = NDBM_close; - (*db)->hdb_fetch = _hdb_fetch; + (*db)->hdb_fetch_kvno = _hdb_fetch_kvno; (*db)->hdb_store = _hdb_store; (*db)->hdb_remove = _hdb_remove; (*db)->hdb_firstkey = NDBM_firstkey; diff --git a/lib/hdb/print.c b/lib/hdb/print.c index 60b7e8db7b60..697d32d2909c 100644 --- a/lib/hdb/print.c +++ b/lib/hdb/print.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,9 +34,7 @@ #include #include -RCSID("$Id: print.c 16378 2005-12-12 12:40:12Z lha $"); - -/* +/* This is the present contents of a dump line. This might change at any time. Fields are separated by white space. @@ -69,7 +67,7 @@ append_string(krb5_context context, krb5_storage *sp, const char *fmt, ...) vasprintf(&s, fmt, ap); va_end(ap); if(s == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } ret = krb5_storage_write(sp, s, strlen(s)); @@ -80,7 +78,8 @@ append_string(krb5_context context, krb5_storage *sp, const char *fmt, ...) static krb5_error_code append_hex(krb5_context context, krb5_storage *sp, krb5_data *data) { - int i, printable = 1; + int printable = 1; + size_t i; char *p; p = data->data; @@ -128,7 +127,7 @@ static krb5_error_code entry2string_int (krb5_context context, krb5_storage *sp, hdb_entry *ent) { char *p; - int i; + size_t i; krb5_error_code ret; /* --- principal */ @@ -143,11 +142,11 @@ entry2string_int (krb5_context context, krb5_storage *sp, hdb_entry *ent) for(i = 0; i < ent->keys.len; i++){ /* --- mkvno, keytype */ if(ent->keys.val[i].mkvno) - append_string(context, sp, ":%d:%d:", - *ent->keys.val[i].mkvno, + append_string(context, sp, ":%d:%d:", + *ent->keys.val[i].mkvno, ent->keys.val[i].key.keytype); else - append_string(context, sp, "::%d:", + append_string(context, sp, "::%d:", ent->keys.val[i].key.keytype); /* --- keydata */ append_hex(context, sp, &ent->keys.val[i].key.keyvalue); @@ -176,7 +175,7 @@ entry2string_int (krb5_context context, krb5_storage *sp, hdb_entry *ent) append_string(context, sp, "%s ", time2str(*ent->valid_end)); else append_string(context, sp, "- "); - + /* --- password ends */ if(ent->pw_end) append_string(context, sp, "%s ", time2str(*ent->pw_end)); @@ -194,7 +193,7 @@ entry2string_int (krb5_context context, krb5_storage *sp, hdb_entry *ent) append_string(context, sp, "%d ", *ent->max_renew); else append_string(context, sp, "- "); - + /* --- flags */ append_string(context, sp, "%d ", HDBFlags2int(ent->flags)); @@ -210,12 +209,12 @@ entry2string_int (krb5_context context, krb5_storage *sp, hdb_entry *ent) if(ent->extensions && ent->extensions->len > 0) { for(i = 0; i < ent->extensions->len; i++) { void *d; - size_t size, sz; + size_t size, sz = 0; ASN1_MALLOC_ENCODE(HDB_extension, d, size, &ent->extensions->val[i], &sz, ret); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } if(size != sz) @@ -223,19 +222,19 @@ entry2string_int (krb5_context context, krb5_storage *sp, hdb_entry *ent) if (hex_encode(d, size, &p) < 0) { free(d); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } free(d); - append_string(context, sp, "%s%s", p, + append_string(context, sp, "%s%s", p, ent->extensions->len - 1 != i ? ":" : ""); free(p); } } else append_string(context, sp, "-"); - + return 0; } @@ -248,10 +247,10 @@ hdb_entry2string (krb5_context context, hdb_entry *ent, char **str) sp = krb5_storage_emem(); if(sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } - + ret = entry2string_int(context, sp, ent); if(ret) { krb5_storage_free(sp); @@ -278,10 +277,10 @@ hdb_print_entry(krb5_context context, HDB *db, hdb_entry_ex *entry, void *data) fflush(f); sp = krb5_storage_from_fd(fileno(f)); if(sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } - + ret = entry2string_int(context, sp, &entry->entry); if(ret) { krb5_storage_free(sp); diff --git a/lib/hdb/test_dbinfo.c b/lib/hdb/test_dbinfo.c index d92a5381b3a1..efe50afb6a2b 100644 --- a/lib/hdb/test_dbinfo.c +++ b/lib/hdb/test_dbinfo.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hdb_locl.h" #include -RCSID("$Id: test_dbinfo.c 20575 2007-04-27 20:20:32Z lha $"); - static int help_flag; static int version_flag; @@ -60,7 +58,7 @@ main(int argc, char **argv) if(help_flag) krb5_std_usage(0, args, num_args); - + if(version_flag){ print_version(NULL); exit(0); @@ -76,11 +74,17 @@ main(int argc, char **argv) d = NULL; while ((d = hdb_dbinfo_get_next(info, d)) != NULL) { - printf("label: %s\n", hdb_dbinfo_get_label(context, d)); - printf("\trealm: %s\n", hdb_dbinfo_get_realm(context, d)); - printf("\tdbname: %s\n", hdb_dbinfo_get_dbname(context, d)); - printf("\tmkey_file: %s\n", hdb_dbinfo_get_mkey_file(context, d)); - printf("\tacl_file: %s\n", hdb_dbinfo_get_acl_file(context, d)); + const char *s; + s = hdb_dbinfo_get_label(context, d); + printf("label: %s\n", s ? s : "no label"); + s = hdb_dbinfo_get_realm(context, d); + printf("\trealm: %s\n", s ? s : "no realm"); + s = hdb_dbinfo_get_dbname(context, d); + printf("\tdbname: %s\n", s ? s : "no dbname"); + s = hdb_dbinfo_get_mkey_file(context, d); + printf("\tmkey_file: %s\n", s ? s : "no mkey file"); + s = hdb_dbinfo_get_acl_file(context, d); + printf("\tacl_file: %s\n", s ? s : "no acl file"); } hdb_free_dbinfo(context, &info); diff --git a/lib/hdb/test_hdbkeys.c b/lib/hdb/test_hdbkeys.c new file mode 100644 index 000000000000..1c3216d143a6 --- /dev/null +++ b/lib/hdb/test_hdbkeys.c @@ -0,0 +1,120 @@ +/* + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" +#include +#include + +static int help_flag; +static int version_flag; +static int kvno_integer = 1; + +struct getargs args[] = { + { "kvno", 'd', arg_integer, &kvno_integer }, + { "help", 'h', arg_flag, &help_flag }, + { "version", 0, arg_flag, &version_flag } +}; + +static int num_args = sizeof(args) / sizeof(args[0]); + +int +main(int argc, char **argv) +{ + krb5_principal principal; + krb5_context context; + char *principal_str, *password_str, *str; + int ret, o = 0; + hdb_keyset keyset; + size_t length, len; + void *data; + + setprogname(argv[0]); + + if(getarg(args, num_args, argc, argv, &o)) + krb5_std_usage(1, args, num_args); + + if(help_flag) + krb5_std_usage(0, args, num_args); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + ret = krb5_init_context(&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + if (argc != 3) + errx(1, "username and password missing"); + + principal_str = argv[1]; + password_str = argv[2]; + + ret = krb5_parse_name (context, principal_str, &principal); + if (ret) + krb5_err (context, 1, ret, "krb5_parse_name %s", principal_str); + + memset(&keyset, 0, sizeof(keyset)); + + keyset.kvno = kvno_integer; + + ret = hdb_generate_key_set_password(context, principal, password_str, + &keyset.keys.val, &len); + if (ret) + krb5_err(context, 1, ret, "hdb_generate_key_set_password"); + keyset.keys.len = len; + + if (keyset.keys.len == 0) + krb5_errx (context, 1, "hdb_generate_key_set_password length 0"); + + krb5_free_principal (context, principal); + + ASN1_MALLOC_ENCODE(hdb_keyset, data, length, &keyset, &len, ret); + if (ret) + krb5_errx(context, 1, "encode keyset"); + if (len != length) + krb5_abortx(context, "foo"); + + krb5_free_context(context); + + ret = base64_encode(data, length, &str); + if (ret < 0) + errx(1, "base64_encode"); + + printf("keyset: %s\n", str); + + free(data); + + return 0; +} diff --git a/lib/hdb/test_mkey.c b/lib/hdb/test_mkey.c new file mode 100644 index 000000000000..11032d078bee --- /dev/null +++ b/lib/hdb/test_mkey.c @@ -0,0 +1,55 @@ + +#include "hdb_locl.h" +#include +#include + +static char *mkey_file; +static int help_flag; +static int version_flag; + +struct getargs args[] = { + { "mkey-file", 0, arg_string, &mkey_file }, + { "help", 'h', arg_flag, &help_flag }, + { "version", 0, arg_flag, &version_flag } +}; + +static int num_args = sizeof(args) / sizeof(args[0]); + +int +main(int argc, char **argv) +{ + krb5_context context; + int ret, o = 0; + + setprogname(argv[0]); + + if(getarg(args, num_args, argc, argv, &o)) + krb5_std_usage(1, args, num_args); + + if(help_flag) + krb5_std_usage(0, args, num_args); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + ret = krb5_init_context(&context); + if (ret) + errx(1, "krb5_init_context failed: %d", ret); + + if (mkey_file) { + hdb_master_key mkey; + + ret = hdb_read_master_key(context, mkey_file, &mkey); + if (ret) + krb5_err(context, 1, ret, "failed to read master key %s", mkey_file); + + hdb_free_master_key(context, mkey); + } else + krb5_errx(context, 1, "no command option given"); + + krb5_free_context(context); + + return 0; +} diff --git a/lib/hdb/version-script.map b/lib/hdb/version-script.map new file mode 100644 index 000000000000..50a36cec0aa9 --- /dev/null +++ b/lib/hdb/version-script.map @@ -0,0 +1,107 @@ +# $Id$ + +HEIMDAL_HDB_1.0 { + global: + encode_hdb_keyset; + hdb_add_master_key; + hdb_check_db_format; + hdb_clear_extension; + hdb_clear_master_key; + hdb_create; + hdb_db_dir; + hdb_dbinfo_get_acl_file; + hdb_dbinfo_get_binding; + hdb_dbinfo_get_dbname; + hdb_dbinfo_get_label; + hdb_dbinfo_get_log_file; + hdb_dbinfo_get_mkey_file; + hdb_dbinfo_get_next; + hdb_dbinfo_get_realm; + hdb_default_db; + hdb_enctype2key; + hdb_entry2string; + hdb_entry2value; + hdb_entry_alias2value; + hdb_entry_check_mandatory; + hdb_entry_clear_password; + hdb_entry_get_ConstrainedDelegACL; + hdb_entry_get_aliases; + hdb_entry_get_password; + hdb_entry_get_pkinit_acl; + hdb_entry_get_pkinit_cert; + hdb_entry_get_pkinit_hash; + hdb_entry_get_pw_change_time; + hdb_entry_set_password; + hdb_entry_set_pw_change_time; + hdb_find_extension; + hdb_foreach; + hdb_free_dbinfo; + hdb_free_entry; + hdb_free_key; + hdb_free_keys; + hdb_free_master_key; + hdb_generate_key_set; + hdb_generate_key_set_password; + hdb_get_dbinfo; + hdb_init_db; + hdb_key2principal; + hdb_list_builtin; + hdb_lock; + hdb_next_enctype2key; + hdb_principal2key; + hdb_print_entry; + hdb_process_master_key; + hdb_read_master_key; + hdb_replace_extension; + hdb_seal_key; + hdb_seal_key_mkey; + hdb_seal_keys; + hdb_seal_keys_mkey; + hdb_set_master_key; + hdb_set_master_keyfile; + hdb_unlock; + hdb_unseal_key; + hdb_unseal_key_mkey; + hdb_unseal_keys; + hdb_unseal_keys_mkey; + hdb_value2entry; + hdb_value2entry_alias; + hdb_write_master_key; + length_hdb_keyset; + hdb_interface_version; + initialize_hdb_error_table_r; + + hdb_kt_ops; + + # some random bits needed for libkadm + HDBFlags2int; + asn1_HDBFlags_units; + copy_Event; + copy_HDB_extensions; + copy_Key; + copy_Salt; + decode_HDB_Ext_Aliases; + decode_HDB_Ext_PKINIT_acl; + decode_HDB_extension; + decode_Key; + encode_HDB_Ext_Aliases; + encode_HDB_Ext_PKINIT_acl; + encode_HDB_extension; + encode_Key; + free_Event; + free_HDB_Ext_Aliases; + free_HDB_Ext_PKINIT_acl; + free_HDB_extension; + free_HDB_extensions; + free_Key; + free_Salt; + free_hdb_entry; + int2HDBFlags; + length_HDB_Ext_Aliases; + length_HDB_Ext_PKINIT_acl; + length_HDB_extension; + length_Key; + + local: + *; +}; diff --git a/lib/heimdal/NTMakefile b/lib/heimdal/NTMakefile new file mode 100644 index 000000000000..5cced1a24ccb --- /dev/null +++ b/lib/heimdal/NTMakefile @@ -0,0 +1,92 @@ +######################################################################## +# +# Copyright (c) 2009, 2010 Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR = lib\heimdal + +!include ../../windows/NTMakefile.w32 + +!ifndef STATICLIBS + +DLLDEPS= \ + $(LIBASN1) \ + $(LIBCOMERR) \ + $(LIBHCRYPTO) \ + $(LIBHX509) \ + $(LIBKRB5) \ + $(LIBROKEN) \ + $(LIBSQLITE) \ + $(LIBWIND) \ + $(LIBLTM) \ + $(LIBHEIMBASE) + +DLLSDKDEPS= \ + $(PTHREAD_LIB) \ + secur32.lib \ + shell32.lib \ + dnsapi.lib + +DEF=$(OBJ)\heimdal.def + +RES=$(OBJ)\heimdal-version.res + +DEFSRC= ..\asn1\libasn1-exports.def \ + ..\wind\libwind-exports.def \ + ..\hcrypto\libhcrypto-exports.def \ + ..\hx509\libhx509-exports.def \ + $(OBJDIR)\lib\krb5\libkrb5-exports.def + +$(DEF): $(DEFSRC) + copy $(DEFSRC: = + ) $(DEF) + +DLL=$(BINDIR)\heimdal.dll + +$(LIBHEIMDAL): $(BINDIR)\heimdal.dll + +$(DLL): $(DLLDEPS) $(DEF) $(RES) + $(DLLGUILINK_C) $(DLLDEPS) $(DLLSDKDEPS) $(RES) \ + -def:$(DEF) -out:$(DLL) \ + -implib:$(LIBHEIMDAL) + $(DLLPREP_NODIST) + +clean:: + -$(RM) $(BINDIR)\heimdal.* + +!else + +$(LIBHEIMDAL): $(LIBASN1) $(LIBWIND) $(LIBHCRYPTO) $(LIBHX509) $(LIBKRB5) $(LIBHEIMBASE) + $(LIBCON) + +!endif + +all:: $(LIBHEIMDAL) + +clean:: + -$(RM) $(LIBHEIMDAL) diff --git a/lib/heimdal/dllmain.c b/lib/heimdal/dllmain.c new file mode 100644 index 000000000000..3f4d9b3ef0ba --- /dev/null +++ b/lib/heimdal/dllmain.c @@ -0,0 +1,40 @@ +/*********************************************************************** + * Copyright (c) 2009, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#include + +BOOL WINAPI +DllMain(__in HINSTANCE hinstDLL, + __in DWORD fdwReason, + __in LPVOID lpvReserved) +{ + return TRUE; +} diff --git a/lib/heimdal/heimdal-version.rc b/lib/heimdal/heimdal-version.rc new file mode 100644 index 000000000000..1da512cfb01d --- /dev/null +++ b/lib/heimdal/heimdal-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_DLL +#define RC_FILE_DESC_0409 "Heimdal Kerberos Library" +#define RC_FILE_ORIG_0409 "heimdal.dll" + +#include "../../windows/version.rc" diff --git a/lib/hx509/ChangeLog b/lib/hx509/ChangeLog index cb29cee4e18c..d00f1f3c7c71 100644 --- a/lib/hx509/ChangeLog +++ b/lib/hx509/ChangeLog @@ -1,12 +1,120 @@ -2008-01-21 Love Hörnquist Åstrand +2008-07-14 Love Hörnquist Ã…strand + + * hxtool.c: Break out print_eval_types(). + +2008-06-21 Love Hörnquist Ã…strand + + * ks_p12.c: pass in time_now to unevelope + + * cms.c: Pass in time_now to unevelope, us verify context time in + verify_signed. + +2008-05-23 Love Hörnquist Ã…strand + + * hx_locl.h: Include for TYPE_MAX defines. + +2008-04-29 Love Hörnquist Ã…strand + + * sel-lex.l: Use _hx509_sel_yyerror() instead of error_message(). + +2008-04-20 Love Hörnquist Ã…strand + + * sel-lex.l: Include + +2008-04-17 Love Hörnquist Ã…strand + + * Makefile.am: Update make-proto usage. + +2008-04-15 Love Hörnquist Ã…strand + + * ca.c: BasicConstraints.pathLenConstraint unsigned int. + + * sel-lex.l: Prefix sel_error with _hx509_ since its global on + platforms w/o symbol versioning. + + * sel.h: rename yyerror to sel_yyerror in the whole library, not + just the lexer + + * sel-lex.l: rename yyerror to sel_yyerror in the whole library, + not just the lexer + +2008-04-14 Love Hörnquist Ã…strand + + * sel-lex.l: Rename yyerror to sel_yyerror and make it static. + +2008-04-08 Love Hörnquist Ã…strand + + * hx509.h: Make self-standing by including missing files. + +2008-04-07 Love Hörnquist Ã…strand + + * ks_p11.c: Use unsigned where appropriate. + + * softp11.c: call va_start before using vsnprintf. + + * crypto.c: make refcount slightly more sane. + + * keyset.c: make refcount slightly more sane. + + * cert.c: make refcount slightly more sane. + +2008-03-19 Love Hörnquist Ã…strand + + * test_nist2.in: Try to find unzip. + +2008-03-16 Love Hörnquist Ã…strand + + * version-script.map: add missing symbols + + * spnego: Make delegated credentials delegated directly, Oleg + Sharoiko pointed out that it always didnt work with the old + code. Also add som missing cred and context pass-thou functions in + the SPNEGO layer. + +2008-03-14 Love Hörnquist Ã…strand + + * rename to be more consistent, export for teting + + * Add language to support querying certificates to find a + match. Support constructs like "1.3.6.1.5.2.3.5" IN + %{certificate.eku} AND %{certificate.subject} TAILMATCH "C=SE". + +2008-02-26 Love Hörnquist Ã…strand + + * version-script.map: add hx509_pem_read + + * hxtool-commands.in: Add --pem to cms-verify-sd. + + * test_cms.in: Test verifying PEM signature files. + + * hxtool.c: Support verifying PEM signature files. + +2008-02-25 Love Hörnquist Ã…strand + + * Makefile.am: libhx509_la_OBJECTS depends on hx_locl.h + +2008-02-11 Love Hörnquist Ã…strand + + * Use ldap-prep (with libwind) to compare names + +2008-01-27 Love Hörnquist Ã…strand + + * cert.c (hx509_query_match_eku): update to support the NULL + eku (reset), clearify the old behaivor with regards repetitive + calls. + + * Add matching on EKU, validate EKUs, add hxtool matching glue, + add check. Adapted from pach from Tim Miller of Mitre + +2008-01-21 Love Hörnquist Ã…strand * test_soft_pkcs11.c: use func for more C_ functions. -2008-01-18 Love Hörnquist Åstrand +2008-01-18 Love Hörnquist Ã…strand * version-script.map: Export hx509_free_error_string(). -2008-01-17 Love Hörnquist Åstrand +2008-01-17 Love Hörnquist Ã…strand * version-script.map: only export C_GetFunctionList @@ -17,7 +125,7 @@ * softp11.c: Add option app-fatal to control if softtoken should abort() on erroneous input from applications. -2008-01-16 Love Hörnquist Åstrand +2008-01-16 Love Hörnquist Ã…strand * test_pkcs11.in: Test password less certificates too @@ -29,7 +137,7 @@ * test_soft_pkcs11.c: Only log in if needed. -2008-01-15 Love Hörnquist Åstrand +2008-01-15 Love Hörnquist Ã…strand * softp11.c: Support PINs to login to the store. @@ -45,20 +153,20 @@ * softp11.c: Add more glue to figure out what keytype this certificate is using. -2008-01-14 Love Hörnquist Åstrand +2008-01-14 Love Hörnquist Ã…strand * test_pkcs11.in: test debug * Add a PKCS11 provider supporting signing and verifing sigatures. -2008-01-13 Love Hörnquist Åstrand +2008-01-13 Love Hörnquist Ã…strand * version-script.map: Replace hx509_name_to_der_name with hx509_name_binary. * print.c: make print_func static -2007-12-26 Love Hörnquist Åstrand +2007-12-26 Love Hörnquist Ã…strand * print.c: doxygen @@ -68,15 +176,15 @@ * ca.c: doxygen. -2007-12-17 Love Hörnquist Åstrand +2007-12-17 Love Hörnquist Ã…strand * ca.c: doxygen -2007-12-16 Love Hörnquist Åstrand +2007-12-16 Love Hörnquist Ã…strand * error.c: doxygen -2007-12-15 Love Hörnquist Åstrand +2007-12-15 Love Hörnquist Ã…strand * More documentation @@ -86,17 +194,17 @@ * cms.c: Doxygen documentation. -2007-12-11 Love Hörnquist Åstrand +2007-12-11 Love Hörnquist Ã…strand * *.[ch]: More documentation -2007-12-09 Love Hörnquist Åstrand +2007-12-09 Love Hörnquist Ã…strand * handle refcount on NULL. * test_nist_pkcs12.in: drop echo -n, doesn't work with posix sh -2007-12-08 Love Hörnquist Åstrand +2007-12-08 Love Hörnquist Ã…strand * test_nist2.in: Print that this is version 2 of the tests @@ -118,20 +226,20 @@ * revoke.c (_hx509_revoke_ref): new function. -2007-11-16 Love Hörnquist Åstrand +2007-11-16 Love Hörnquist Ã…strand * ks_keychain.c: Check if SecKeyGetCSPHandle needs prototype. -2007-08-16 Love Hörnquist Åstrand +2007-08-16 Love Hörnquist Ã…strand * data/nist-data: Make work on case senstive filesystems too. -2007-08-09 Love Hörnquist Åstrand +2007-08-09 Love Hörnquist Ã…strand * cert.c: match rfc822 contrains better, provide better error strings. -2007-08-08 Love Hörnquist Åstrand +2007-08-08 Love Hörnquist Ã…strand * cert.c: "self-signed doesn't count" doesn't apply to trust anchor certificate. make trust anchor check consistant. @@ -145,7 +253,7 @@ * cert.c: Fix NC, comment on how to use _hx509_check_key_usage. -2007-08-03 Love Hörnquist Åstrand +2007-08-03 Love Hörnquist Ã…strand * test_nist2.in, Makefile, test/nist*: Add nist pkits tests. @@ -160,12 +268,12 @@ * revoke.c: Search for the right issuer when looking for the issuer of the CRL signer. -2007-08-02 Love Hörnquist Åstrand +2007-08-02 Love Hörnquist Ã…strand * revoke.c: Handle CRL signing certificate better, try to not revalidate invalid CRLs over and over. -2007-08-01 Love Hörnquist Åstrand +2007-08-01 Love Hörnquist Ã…strand * cms.c: remove stale comment. @@ -177,21 +285,21 @@ * Makefile.am: clean PKITS_data -2007-07-16 Love Hörnquist Åstrand +2007-07-16 Love Hörnquist Ã…strand * Makefile.am: Add version-script.map to EXTRA_DIST -2007-07-12 Love Hörnquist Åstrand +2007-07-12 Love Hörnquist Ã…strand * Makefile.am: Add depenency on asn1_compile for asn1 built files. -2007-07-10 Love Hörnquist Åstrand +2007-07-10 Love Hörnquist Ã…strand * peer.c: update (c), indent. * Makefile.am: New library version. -2007-06-28 Love Hörnquist Åstrand +2007-06-28 Love Hörnquist Ã…strand * ks_p11.c: Add sha2 types. @@ -207,7 +315,7 @@ * print.c: Rename proxyCertInfo oid. -2007-06-26 Love Hörnquist Åstrand +2007-06-26 Love Hörnquist Ã…strand * test_ca.in: Adapt to new request handling. @@ -231,7 +339,7 @@ * version-script.map: add missing ; -2007-06-25 Love Hörnquist Åstrand +2007-06-25 Love Hörnquist Ã…strand * cms.c: Use hx509_crypto_random_iv. @@ -285,7 +393,7 @@ * hxtool.c: Verify hostname and test max-depth. -2007-06-24 Love Hörnquist Åstrand +2007-06-24 Love Hörnquist Ã…strand * test_cms.in: Test --id-by-name. @@ -302,7 +410,7 @@ * cert.c (match_general_name): more strict rfc822Name matching. (hx509_verify_hostname): add hostname type for matching. -2007-06-19 Love Hörnquist Åstrand +2007-06-19 Love Hörnquist Ã…strand * hxtool.c: Make compile again. @@ -317,7 +425,7 @@ * test_cert.in: more cert and keyset tests. -2007-06-18 Love Hörnquist Åstrand +2007-06-18 Love Hörnquist Ã…strand * revoke.c: Avoid stomping on NULL. @@ -333,7 +441,7 @@ * crypto.c: Free memory in failure case. -2007-06-12 Love Hörnquist Åstrand +2007-06-12 Love Hörnquist Ã…strand * *.c: Add hx509_cert_init_data and use everywhere @@ -352,13 +460,13 @@ * cert.c: Change logic for default trust anchors, make it be either default trust anchor, the user supplied, or non at all. -2007-06-08 Love Hörnquist Åstrand +2007-06-08 Love Hörnquist Ã…strand * Makefile.am: Add data/j.pem. * Makefile.am: Add test_windows.in. -2007-06-06 Love Hörnquist Åstrand +2007-06-06 Love Hörnquist Ã…strand * ks_keychain.c: rename functions, leaks less memory and more paranoia. @@ -383,7 +491,7 @@ * Makefile.am: add wcrl.crl -2007-06-05 Love Hörnquist Åstrand +2007-06-05 Love Hörnquist Ã…strand * hx_locl.h: Disable KEYCHAIN for now, its slow. @@ -407,7 +515,7 @@ special and be the system X509Anchors file. By not specifing any keychain ("KEYCHAIN:"), all keychains are probed. -2007-06-04 Love Hörnquist Åstrand +2007-06-04 Love Hörnquist Ã…strand * hxtool.c (verify): Friendlier error message. @@ -465,7 +573,7 @@ * name.c: Reset name before parsing it. -2007-06-03 Love Hörnquist Åstrand +2007-06-03 Love Hörnquist Ã…strand * revoke.c (hx509_crl_*): fix sizeof() mistakes to fix memory corruption. @@ -491,7 +599,7 @@ * cert.c (hx509_context_free): free querystat -2007-06-02 Love Hörnquist Åstrand +2007-06-02 Love Hörnquist Ã…strand * test_chain.in: test ocsp-verify @@ -505,7 +613,7 @@ * hxtool-commands.in: New command ocsp-verify. -2007-06-01 Love Hörnquist Åstrand +2007-06-01 Love Hörnquist Ã…strand * test_ca.in: Create crl and verify that is works. @@ -558,7 +666,7 @@ * ca.c (hx509_ca_tbs_add_crl_dp_uri): plug memory leak -2007-05-31 Love Hörnquist Åstrand +2007-05-31 Love Hörnquist Ã…strand * print.c: print utf8 type SAN's @@ -577,7 +685,7 @@ * hxtool-commands.in: make ca and alias of certificate-sign -2007-05-30 Love Hörnquist Åstrand +2007-05-30 Love Hörnquist Ã…strand * crypto.c (hx509_crypto_select): copy AI to the right place. @@ -608,11 +716,11 @@ * hx509.h: Add HX509_SELECT_SECRET_ENC. -2007-05-13 Love Hörnquist Åstrand +2007-05-13 Love Hörnquist Ã…strand * ks_p11.c: add more mechtypes -2007-05-10 Love Hörnquist Åstrand +2007-05-10 Love Hörnquist Ã…strand * print.c: Indent. @@ -632,17 +740,17 @@ * ks_p11.c: Add some more hashes. -2007-04-24 Love Hörnquist Åstrand +2007-04-24 Love Hörnquist Ã…strand * hxtool.c (crypto_select): stop memory leak -2007-04-19 Love Hörnquist Åstrand +2007-04-19 Love Hörnquist Ã…strand * peer.c (hx509_peer_info_free): free memory used too * hxtool.c (crypto_select): only free peer if it was used. -2007-04-18 Love Hörnquist Åstrand +2007-04-18 Love Hörnquist Ã…strand * hxtool.c: free template @@ -663,18 +771,18 @@ * ks_mem.c (mem_getkeys): allocate one more the we have elements so its possible to store the NULL pointer at the end. -2007-04-16 Love Hörnquist Åstrand +2007-04-16 Love Hörnquist Ã…strand * Makefile.am: CLEANFILES += cert-null.pem cert-sub-ca2.pem -2007-02-05 Love Hörnquist Åstrand +2007-02-05 Love Hörnquist Ã…strand * ca.c: Disable CRLDistributionPoints for now, its IMPLICIT code in the asn1 parser. * print.c: Add some more \n's. -2007-02-03 Love Hörnquist Åstrand +2007-02-03 Love Hörnquist Ã…strand * file.c: Allow mapping using heim_octet_string. @@ -693,7 +801,7 @@ * cert.c: Fix printing and plug leak-on-error. -2007-01-31 Love Hörnquist Åstrand +2007-01-31 Love Hörnquist Ã…strand * test_ca.in: Add test for ca --crl-uri. @@ -710,27 +818,27 @@ * cert.c (is_proxy_cert): free info if we wont return it. -2007-01-30 Love Hörnquist Åstrand +2007-01-30 Love Hörnquist Ã…strand * hxtool.c: Try to help how to use this command. -2007-01-21 Love Hörnquist Åstrand +2007-01-21 Love Hörnquist Ã…strand * switch to sha256 as default digest for signing -2007-01-20 Love Hörnquist Åstrand +2007-01-20 Love Hörnquist Ã…strand * test_ca.in: Really test sub-ca code, add basic constraints tests -2007-01-17 Love Hörnquist Åstrand +2007-01-17 Love Hörnquist Ã…strand * Makefile.am: Fix makefile problem. -2007-01-16 Love Hörnquist Åstrand +2007-01-16 Love Hörnquist Ã…strand * hxtool.c: Set num of bits before we generate the key. -2007-01-15 Love Hörnquist Åstrand +2007-01-15 Love Hörnquist Ã…strand * cms.c (hx509_cms_create_signed_1): use hx509_cert_binary @@ -741,7 +849,7 @@ * cert.c (hx509_cert_binary): return binary encoded certificate (DER format) -2007-01-14 Love Hörnquist Åstrand +2007-01-14 Love Hörnquist Ã…strand * ca.c (hx509_ca_tbs_subject_expand): new function. @@ -763,7 +871,7 @@ * cert.c: Export more stuff from certificate. -2007-01-13 Love Hörnquist Åstrand +2007-01-13 Love Hörnquist Ã…strand * ca.c: update (c) @@ -782,7 +890,7 @@ * env.c: key-value pair help functions -2007-01-12 Love Hörnquist Åstrand +2007-01-12 Love Hörnquist Ã…strand * ca.c: Don't issue certs with subject DN that is NULL and have no SANs @@ -808,7 +916,7 @@ * print.c: Print id-pkix-on-xmppAddr OtherName. -2007-01-11 Love Hörnquist Åstrand +2007-01-11 Love Hörnquist Ã…strand * no random, no RSA/DH tests @@ -838,7 +946,7 @@ * Makefile.am: add data/test-nopw.p12 to EXTRA_DIST -2007-01-10 Love Hörnquist Åstrand +2007-01-10 Love Hörnquist Ã…strand * print.c: BasicConstraints vs criticality bit is complicated and not really possible to evaluate on its own, silly RFC3280. @@ -851,7 +959,7 @@ * name.c (hx509_name_cmp): add -2007-01-09 Love Hörnquist Åstrand +2007-01-09 Love Hörnquist Ã…strand * ks_p11.c (collect_private_key): Missing CKA_MODULUS is ok too (XXX why should these be fetched given they are not used). @@ -867,11 +975,11 @@ * data/gen-req.sh: Generate a no password pkcs12 file. -2007-01-08 Love Hörnquist Åstrand +2007-01-08 Love Hörnquist Ã…strand * cms.c: Check for internal ASN1 encoder error. -2007-01-05 Love Hörnquist Åstrand +2007-01-05 Love Hörnquist Ã…strand * Makefile.am: Drop most of the pkcs11 files. @@ -888,7 +996,7 @@ * ref: Replace with Marcus Brinkmann of g10 Code GmbH pkcs11 headerfile that is compatible with GPL (file taken from scute) -2007-01-04 Love Hörnquist Åstrand +2007-01-04 Love Hörnquist Ã…strand * test_ca.in: Test to generate key and use them. @@ -914,7 +1022,7 @@ * hxtool.c (pcert_verify): Fix format string. -2006-12-31 Love Hörnquist Åstrand +2006-12-31 Love Hörnquist Ã…strand * hxtool.c: Allow setting path length @@ -944,7 +1052,7 @@ * name.c: Split building RDN to a separate function. -2006-12-30 Love Hörnquist Åstrand +2006-12-30 Love Hörnquist Ã…strand * Makefile.am: clean test_ca files. @@ -987,7 +1095,7 @@ * ocsp.asn1: remove id-kp-OCSPSigning, its in rfc2459.asn1 now -2006-12-29 Love Hörnquist Åstrand +2006-12-29 Love Hörnquist Ã…strand * ca.c: Add KeyUsage extension. @@ -1008,21 +1116,21 @@ * ca.c: Naive certificate signer. -2006-12-28 Love Hörnquist Åstrand +2006-12-28 Love Hörnquist Ã…strand * hxtool.c: add hxtool_hex -2006-12-22 Love Hörnquist Åstrand +2006-12-22 Love Hörnquist Ã…strand * Makefile.am: use top_builddir for libasn1.la -2006-12-11 Love Hörnquist Åstrand +2006-12-11 Love Hörnquist Ã…strand * hxtool.c (print_certificate): print serial number. * name.c (no): add S=stateOrProvinceName -2006-12-09 Love Hörnquist Åstrand +2006-12-09 Love Hörnquist Ã…strand * crypto.c (_hx509_private_key_assign_rsa): set a default sig alg @@ -1030,7 +1138,7 @@ uses to do sigatures so there is no need to hardcode RSA into this function. -2006-12-08 Love Hörnquist Åstrand +2006-12-08 Love Hörnquist Ã…strand * ks_file.c: Pass filename to the parse functions and use it in the error messages @@ -1050,7 +1158,7 @@ * cert.c: Clairfy and make proxy cert handling work for multiple levels, before it was too restrictive. More helpful error message. -2006-12-07 Love Hörnquist Åstrand +2006-12-07 Love Hörnquist Ã…strand * cert.c (check_key_usage): tell what keyusages are missing @@ -1061,7 +1169,7 @@ * Makefile.am: CLEANFILES += test -2006-12-06 Love Hörnquist Åstrand +2006-12-06 Love Hörnquist Ã…strand * Makefile.am (EXTRA_DIST): add data/pkinit-proxy* files @@ -1094,7 +1202,7 @@ * test_cms.in: Tests for CMS SignedData with incomplete chain from the signer. -2006-11-28 Love Hörnquist Åstrand +2006-11-28 Love Hörnquist Ã…strand * cms.c (hx509_cms_verify_signed): specify what signature we failed to verify @@ -1116,7 +1224,7 @@ * crypto.c: use unsigned int as counter to fit better with the asn1 compiler -2006-11-27 Love Hörnquist Åstrand +2006-11-27 Love Hörnquist Ã…strand * cms.c: Remove trailing white space. @@ -1142,7 +1250,7 @@ * crypto.c (hx509_crypto_select): improve (hx509_crypto_available): new function -2006-11-26 Love Hörnquist Åstrand +2006-11-26 Love Hörnquist Ã…strand * cert.c: Sprinkle more error string and hx509_contexts. @@ -1168,17 +1276,17 @@ * cert.c: Handle that _hx509_verify_signature takes a context. -2006-11-25 Love Hörnquist Åstrand +2006-11-25 Love Hörnquist Ã…strand * cms.c: Sprinkle error strings. * crypto.c: Sprinkle context and error strings. -2006-11-24 Love Hörnquist Åstrand +2006-11-24 Love Hörnquist Ã…strand * name.c: Handle printing and parsing raw oids in name. -2006-11-23 Love Hörnquist Åstrand +2006-11-23 Love Hörnquist Ã…strand * cert.c (_hx509_calculate_path): allow to calculate optimistic path when we don't know the trust anchors, just follow the chain @@ -1192,27 +1300,27 @@ * data/gen-req.sh: Build pk-init proxy cert. -2006-11-16 Love Hörnquist Åstrand +2006-11-16 Love Hörnquist Ã…strand * error.c (hx509_get_error_string): Put ", " between strings in error message. -2006-11-13 Love Hörnquist Åstrand +2006-11-13 Love Hörnquist Ã…strand * data/openssl.cnf: Change realm to TEST.H5L.SE -2006-11-07 Love Hörnquist Åstrand +2006-11-07 Love Hörnquist Ã…strand * revoke.c: Sprinkle error strings. -2006-11-04 Love Hörnquist Åstrand +2006-11-04 Love Hörnquist Ã…strand * hx_locl.h: add context variable to cmp function. * cert.c (hx509_query_match_cmp_func): allow setting the match function. -2006-10-24 Love Hörnquist Åstrand +2006-10-24 Love Hörnquist Ã…strand * ks_p11.c: Return less EINVAL. @@ -1243,7 +1351,7 @@ * cert.c (hx509_cert_get_base_subject): one less EINVAL (_hx509_cert_private_decrypt): one less EINVAL -2006-10-22 Love Hörnquist Åstrand +2006-10-22 Love Hörnquist Ã…strand * collector.c: indent @@ -1255,7 +1363,7 @@ * req.c: Try to not leak memory. -2006-10-21 Love Hörnquist Åstrand +2006-10-21 Love Hörnquist Ã…strand * test_crypto.in: Read 50 kilobyte random data @@ -1273,22 +1381,22 @@ * cms.c: Try harder to free certificate. -2006-10-20 Love Hörnquist Åstrand +2006-10-20 Love Hörnquist Ã…strand * Makefile.am: Add make check data. -2006-10-19 Love Hörnquist Åstrand +2006-10-19 Love Hörnquist Ã…strand * ks_p11.c (p11_list_keys): make element of search_data[0] constants and set them later * Makefile.am: Add more files. -2006-10-17 Love Hörnquist Åstrand +2006-10-17 Love Hörnquist Ã…strand * ks_file.c: set ret, remember to free ivdata -2006-10-16 Love Hörnquist Åstrand +2006-10-16 Love Hörnquist Ã…strand * hx_locl.h: Include . @@ -1307,7 +1415,7 @@ * ks_p11.c: Remember to release certs. -2006-10-14 Love Hörnquist Åstrand +2006-10-14 Love Hörnquist Ã…strand * prefix der primitives with der_ @@ -1315,7 +1423,7 @@ * hx_locl.h: Drop heim_any.h -2006-10-11 Love Hörnquist Åstrand +2006-10-11 Love Hörnquist Ã…strand * ks_p11.c (p11_release_module): j needs to be used as inter loop index. From Douglas Engert. @@ -1323,12 +1431,12 @@ * ks_file.c (parse_rsa_private_key): try all passwords and prompter. -2006-10-10 Love Hörnquist Åstrand +2006-10-10 Love Hörnquist Ã…strand * test_*.in: Parameterise the invocation of hxtool, so we can make it run under TESTS_ENVIRONMENT. From Andrew Bartlett -2006-10-08 Love Hörnquist Åstrand +2006-10-08 Love Hörnquist Ã…strand * test_crypto.in: Put all test stuck at 2006-09-25 since all their chains where valied then. @@ -1348,14 +1456,14 @@ keystore related error. Patched based on code from Douglas Engert. -2006-10-07 Love Hörnquist Åstrand +2006-10-07 Love Hörnquist Ã…strand * Makefile.am: Make depenency for slc built files just like everywhere else. * cert.c: Add all openssl algs and init asn1 et -2006-10-06 Love Hörnquist Åstrand +2006-10-06 Love Hörnquist Ã…strand * ks_file.c (parse_rsa_private_key): free type earlier. @@ -1363,18 +1471,18 @@ * name.c (_hx509_Name_to_string): remove dup const -2006-10-02 Love Hörnquist Åstrand +2006-10-02 Love Hörnquist Ã…strand * Makefile.am: Add more libs to libhx509 -2006-10-01 Love Hörnquist Åstrand +2006-10-01 Love Hörnquist Ã…strand * ks_p11.c: Fix double free's, NULL ptr de-reference, and conform better to pkcs11. From Douglas Engert. * ref: remove ^M, it breaks solaris 10s cc. From Harald Barth -2006-09-19 Love Hörnquist Åstrand +2006-09-19 Love Hörnquist Ã…strand * test_crypto.in: Bleichenbacher bad cert from Ralf-Philipp Weinmann and Andrew Pyshkin, pad right. @@ -1382,7 +1490,7 @@ * data: starfield test root cert and Ralf-Philipp and Andreis correctly padded bad cert -2006-09-15 Love Hörnquist Åstrand +2006-09-15 Love Hörnquist Ã…strand * test_crypto.in: Add test for yutaka certs. @@ -1393,12 +1501,12 @@ * hxtool.c: Improve printing and error reporting. -2006-09-13 Love Hörnquist Åstrand +2006-09-13 Love Hörnquist Ã…strand * test_crypto.in,Makefile.am,data/bleichenbacher-{bad,good}.pem: test bleichenbacher from eay -2006-09-12 Love Hörnquist Åstrand +2006-09-12 Love Hörnquist Ã…strand * hxtool.c: Make common function for all getarg_strings and hx509_certs_append commonly used. @@ -1406,7 +1514,7 @@ * cms.c: HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT is a negative flag, treat it was such. -2006-09-11 Love Hörnquist Åstrand +2006-09-11 Love Hörnquist Ã…strand * req.c: Use the new add_GeneralNames function. @@ -1419,14 +1527,14 @@ * cms.c: Allow passing in encryptedContent and flag. Add new flag HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT. -2006-09-08 Love Hörnquist Åstrand +2006-09-08 Love Hörnquist Ã…strand * ks_p11.c: cast void * to char * when using it for %s formating in printf. * name.c: New function _hx509_Name_to_string. -2006-09-07 Love Hörnquist Åstrand +2006-09-07 Love Hörnquist Ã…strand * ks_file.c: Sprinkle error messages. @@ -1440,7 +1548,7 @@ * ks_p11.c: Don't build most of the pkcs11 module if there are no dlopen(). -2006-09-06 Love Hörnquist Åstrand +2006-09-06 Love Hörnquist Ã…strand * cms.c (hx509_cms_unenvelope): try to save the error string from find_CMSIdentifier so we have one more bit of information what @@ -1455,7 +1563,7 @@ * ks_p11.c (p11_list_keys): fetch CKA_LABEL and use it to set the friendlyname for the certificate. -2006-09-05 Love Hörnquist Åstrand +2006-09-05 Love Hörnquist Ã…strand * crypto.c: check that there are no extra bytes in the checksum and that the parameters are NULL or the NULL-type. All to avoid @@ -1482,7 +1590,7 @@ * ks_p11.c (p11_get_session): return better error messages -2006-09-04 Love Hörnquist Åstrand +2006-09-04 Love Hörnquist Ã…strand * ref: update to pkcs11 reference files 2.20 @@ -1517,12 +1625,12 @@ * crypto.c: Start to hang the private key operations of the private key, pass hx509_context to create_checksum. -2006-05-29 Love Hörnquist Åstrand +2006-05-29 Love Hörnquist Ã…strand * ks_p11.c: Iterate over all slots, not just the first/selected one. -2006-05-27 Love Hörnquist Åstrand +2006-05-27 Love Hörnquist Ã…strand * cert.c: Add release function for certifiates so backend knowns when its no longer used. @@ -1532,11 +1640,11 @@ * cms.c: sprinkle more hx509_clear_error_string -2006-05-22 Love Hörnquist Åstrand +2006-05-22 Love Hörnquist Ã…strand * ks_p11.c: Sprinkle some hx509_set_error_strings -2006-05-13 Love Hörnquist Åstrand +2006-05-13 Love Hörnquist Ã…strand * hxtool.c: Avoid shadowing. @@ -1546,7 +1654,7 @@ * cert.c: Avoid shadowing. -2006-05-12 Love Hörnquist Åstrand +2006-05-12 Love Hörnquist Ã…strand * lock.c (hx509_prompt_hidden): reshuffle to avoid gcc warning @@ -1557,7 +1665,7 @@ * revoke.c (hx509_revoke_free): allow free of NULL. -2006-05-11 Love Hörnquist Åstrand +2006-05-11 Love Hörnquist Ã…strand * ks_file.c (file_init): Avoid shadowing ret (and thus avoiding crashing). @@ -1566,7 +1674,7 @@ * ks_p11.c: Catch more errors. -2006-05-08 Love Hörnquist Åstrand +2006-05-08 Love Hörnquist Ã…strand * crypto.c (hx509_crypto_encrypt): free correctly in error path. From Andrew Bartlett. @@ -1574,11 +1682,11 @@ * crypto.c: If RAND_bytes fails, then we will attempt to double-free crypt->key.data. From Andrew Bartlett. -2006-05-05 Love Hörnquist Åstrand +2006-05-05 Love Hörnquist Ã…strand * name.c: Rename u_intXX_t to uintXX_t -2006-05-03 Love Hörnquist Åstrand +2006-05-03 Love Hörnquist Ã…strand * TODO: More to do about the about the PKCS11 code. @@ -1589,7 +1697,7 @@ * hx509.h: Make hx509_prompt.reply not a pointer. -2006-05-02 Love Hörnquist Åstrand +2006-05-02 Love Hörnquist Ã…strand * keyset.c: Sprinkle setting error strings. @@ -1599,7 +1707,7 @@ * cms.c: Sprinkle setting error strings. -2006-05-01 Love Hörnquist Åstrand +2006-05-01 Love Hörnquist Ã…strand * test_name.c: renamed one error code @@ -1638,7 +1746,7 @@ * keyset.c (hx509_certs_init): pass the right error code back -2006-04-30 Love Hörnquist Åstrand +2006-04-30 Love Hörnquist Ã…strand * revoke.c: Revert previous patch. (hx509_ocsp_verify): new function that returns the expiration of @@ -1656,7 +1764,7 @@ * cert.c: remove _hx509_cert_private_sigature -2006-04-29 Love Hörnquist Åstrand +2006-04-29 Love Hörnquist Ã…strand * name.c: Expose more of Name. @@ -1670,7 +1778,7 @@ copy_octet_string (hx509_cert_find_subjectAltName_otherName): make work -2006-04-28 Love Hörnquist Åstrand +2006-04-28 Love Hörnquist Ã…strand * data/{pkinit,kdc}.{crt,key}: pkinit certificates @@ -1680,11 +1788,11 @@ * cert.c (hx509_verify_hostname): implement stub function -2006-04-27 Love Hörnquist Åstrand +2006-04-27 Love Hörnquist Ã…strand * TODO: CRL delta support -2006-04-26 Love Hörnquist Åstrand +2006-04-26 Love Hörnquist Ã…strand * data/.cvsignore: ignore leftover from OpenSSL cert generation @@ -1757,7 +1865,7 @@ * cert.c: Initial support for proxy certificates. -2006-04-24 Love Hörnquist Åstrand +2006-04-24 Love Hörnquist Ã…strand * hxtool.c: some error checking @@ -1765,7 +1873,7 @@ * TODO: merge with old todo file -2006-04-23 Love Hörnquist Åstrand +2006-04-23 Love Hörnquist Ã…strand * test_query.in: make quiet @@ -1779,7 +1887,7 @@ * test_nist.in: SKIP test if there is no RSA support. -2006-04-22 Love Hörnquist Åstrand +2006-04-22 Love Hörnquist Ã…strand * hxtool-commands.in: Allow passing in pool and anchor to signedData @@ -1814,7 +1922,7 @@ * cert.c (hx509_query_match_friendly_name): New function. -2006-04-21 Love Hörnquist Åstrand +2006-04-21 Love Hörnquist Ã…strand * ks_p11.c: Add support for parsing slot-number. @@ -1861,7 +1969,7 @@ * crypto.c: Handle rsa private keys better. -2006-04-20 Love Hörnquist Åstrand +2006-04-20 Love Hörnquist Ã…strand * hxtool.c: Use hx509_cms_{,un}wrap_ContentInfo @@ -1875,14 +1983,14 @@ * crypto.c: Use the right length for the sha256 checksums. -2006-04-15 Love Hörnquist Åstrand +2006-04-15 Love Hörnquist Ã…strand * crypto.c: Fix breakage from sha256 code. * crypto.c: Add SHA256 support, and symbols for the other new SHA-2 types. -2006-04-14 Love Hörnquist Åstrand +2006-04-14 Love Hörnquist Ã…strand * test_cms.in: test rc2-40 rc2-64 rc2-128 enveloped data @@ -1893,13 +2001,13 @@ * crypto.c: Break out the parameter handling code for encrypting data to handle RC2. Needed for Windows 2k pk-init support. -2006-04-04 Love Hörnquist Åstrand +2006-04-04 Love Hörnquist Ã…strand * Makefile.am: Split libhx509_la_SOURCES into build file and distributed files so we can avoid building prototypes for build-files. -2006-04-03 Love Hörnquist Åstrand +2006-04-03 Love Hörnquist Ã…strand * TODO: split certificate request into pkcs10 and CRMF @@ -1951,7 +2059,7 @@ * crypto.c: Add _hx509_private_key2SPKI and support functions (only support RSA for now). -2006-04-02 Love Hörnquist Åstrand +2006-04-02 Love Hörnquist Ã…strand * hxtool-commands.in: Add pkcs10-create command. @@ -1968,7 +2076,7 @@ * name.c (hx509_name_copy): new function. -2006-04-01 Love Hörnquist Åstrand +2006-04-01 Love Hörnquist Ã…strand * TODO: fill out what do @@ -2049,7 +2157,7 @@ * cert.c: Add ocsp glue, use new _hx509_verify_signature_bitstring, add eku checking function. -2006-03-31 Love Hörnquist Åstrand +2006-03-31 Love Hörnquist Ã…strand * Makefile.am: add id_kp_OCSPSigning.x @@ -2076,17 +2184,17 @@ * hx_locl.h: rename HX509_CTX_CRL_MISSING_OK to HX509_CTX_VERIFY_MISSING_OK now that we have OCSP glue -2006-03-30 Love Hörnquist Åstrand +2006-03-30 Love Hörnquist Ã…strand * hx_locl.h: Add to make it compile on Solaris, from Alex V. Labuta. -2006-03-28 Love Hörnquist Åstrand +2006-03-28 Love Hörnquist Ã…strand * crypto.c (_hx509_pbe_decrypt): try all passwords, not just the first one. -2006-03-27 Love Hörnquist Åstrand +2006-03-27 Love Hörnquist Ã…strand * print.c (check_altName): Print the othername oid. @@ -2110,7 +2218,7 @@ * cms.c: Check for signature error, check consitency of error -2006-03-26 Love Hörnquist Åstrand +2006-03-26 Love Hörnquist Ã…strand * collector.c (_hx509_collector_alloc): handle errors @@ -2138,7 +2246,7 @@ * hx509.h: Add hx509_query. -2006-02-22 Love Hörnquist Åstrand +2006-02-22 Love Hörnquist Ã…strand * cert.c: Add exceptions for null (empty) subjectNames @@ -2157,17 +2265,17 @@ If the name restrictions are merged to a list, the certificate will pass this test. -2006-02-14 Love Hörnquist Åstrand +2006-02-14 Love Hörnquist Ã…strand * cert.c: Handle more name constraints cases. * crypto.c (dsa_verify_signature): if test if malloc failed -2006-01-31 Love Hörnquist Åstrand +2006-01-31 Love Hörnquist Ã…strand * cms.c: Drop partial pkcs12 string2key implementation. -2006-01-20 Love Hörnquist Åstrand +2006-01-20 Love Hörnquist Ã…strand * data/nist-data: Add commited out DSA tests (they fail). @@ -2191,7 +2299,7 @@ * test_nist_cert.in: test parse all nist certs -2006-01-19 Love Hörnquist Åstrand +2006-01-19 Love Hörnquist Ã…strand * hx509_err.et: Add HX509_CRL_UNKNOWN_EXTENSION. @@ -2228,7 +2336,7 @@ * test_cms.in: Use static file, add --missing-crl. -2006-01-18 Love Hörnquist Åstrand +2006-01-18 Love Hörnquist Ã…strand * print.c: Its cRLReason, not cRLReasons. @@ -2246,17 +2354,17 @@ * hx509.h: Add hx509_revoke_ctx. -2006-01-13 Love Hörnquist Åstrand +2006-01-13 Love Hörnquist Ã…strand * delete crypto_headers.h, use global file instead. * crypto.c (PBE_string2key): libdes now supports PKCS12_key_gen -2006-01-12 Love Hörnquist Åstrand +2006-01-12 Love Hörnquist Ã…strand * crypto_headers.h: Need BN_is_negative too. -2006-01-11 Love Hörnquist Åstrand +2006-01-11 Love Hörnquist Ã…strand * ks_p11.c (p11_rsa_public_decrypt): since is wrong, don't provide it. PKCS11 can't do public_decrypt, it support verify though. All @@ -2265,7 +2373,7 @@ * crypto_headers.h: Provide glue to compile with less warnings with OpenSSL -2006-01-08 Love Hörnquist Åstrand +2006-01-08 Love Hörnquist Ã…strand * Makefile.am: Depend on LIB_des @@ -2282,7 +2390,7 @@ and use "crypto-headers.h". -2006-01-04 Love Hörnquist Åstrand +2006-01-04 Love Hörnquist Ã…strand * add a hx509_context where we can store configuration @@ -2337,7 +2445,7 @@ * hxtool.c (print_f): print if there is a friendly name and if there is a private key -2006-01-03 Love Hörnquist Åstrand +2006-01-03 Love Hörnquist Ã…strand * name.c: Avoid warning from missing __attribute__((noreturn)) @@ -2380,7 +2488,7 @@ * name.c: use _hx509_abort -2006-01-02 Love Hörnquist Åstrand +2006-01-02 Love Hörnquist Ã…strand * name.c (hx509_name_to_string): don't cut bmpString in half. @@ -2404,7 +2512,7 @@ * ks_dir.c: Add new keystore that treats all files in a directory a keystore, useful for regression tests. -2005-12-12 Love Hörnquist Åstrand +2005-12-12 Love Hörnquist Ã…strand * test_nist_pkcs12.in: Test parse PKCS12 files from NIST. @@ -2412,16 +2520,16 @@ * hxtool.c: Print error code on failure. -2005-10-29 Love Hörnquist Åstrand +2005-10-29 Love Hörnquist Ã…strand * crypto.c: Support DSA signature operations. -2005-10-04 Love Hörnquist Åstrand +2005-10-04 Love Hörnquist Ã…strand * print.c: Validate that issuerAltName and subjectAltName isn't empty. -2005-09-14 Love Hörnquist Åstrand +2005-09-14 Love Hörnquist Ã…strand * p11.c: Cast to unsigned char to avoid warning. @@ -2431,7 +2539,7 @@ * ks_p11.c: Starting point of a pkcs11 module. -2005-09-04 Love Hörnquist Åstrand +2005-09-04 Love Hörnquist Ã…strand * lock.c: Implement prompter. @@ -2447,7 +2555,7 @@ * name.c: Add DC, handle all Directory strings, fix signless problems. -2005-09-03 Love Hörnquist Åstrand +2005-09-03 Love Hörnquist Ã…strand * test_query.in: Pass in --pass to all commands. @@ -2473,11 +2581,11 @@ * test_query.in: Use echo, the function check isn't defined here. -2005-08-11 Love Hörnquist Åstrand +2005-08-11 Love Hörnquist Ã…strand * hxtool-commands.in: Add more options that was missing. -2005-07-28 Love Hörnquist Åstrand +2005-07-28 Love Hörnquist Ã…strand * test_cms.in: Use --certificate= for enveloped/unenvelope. @@ -2498,7 +2606,7 @@ * crypto.c: add "new" RC2 oid -2005-07-27 Love Hörnquist Åstrand +2005-07-27 Love Hörnquist Ã…strand * hx_locl.h, cert.c: Add HX509_QUERY_MATCH_FUNCTION that allows caller to match by function, note that this doesn't not work @@ -2571,7 +2679,7 @@ * hxtool.c,Makefile.am,hxtool-commands.in: switch to slc -2005-07-26 Love Hörnquist Åstrand +2005-07-26 Love Hörnquist Ã…strand * cert.c (hx509_verify_destroy_ctx): add @@ -2579,7 +2687,7 @@ * name.c (_hx509_name_ds_cmp): make sure all strings are not equal -2005-07-25 Love Hörnquist Åstrand +2005-07-25 Love Hörnquist Ã…strand * hxtool.c: return error @@ -2618,7 +2726,7 @@ * cert.c: more checks on KeyUsage, allow to query on them too -2005-07-24 Love Hörnquist Åstrand +2005-07-24 Love Hörnquist Ã…strand * cms.c: Add missing break. diff --git a/lib/hx509/Makefile.am b/lib/hx509/Makefile.am index 3144a71676ad..53669cb7c523 100644 --- a/lib/hx509/Makefile.am +++ b/lib/hx509/Makefile.am @@ -1,11 +1,10 @@ -# $Id: Makefile.am 22459 2008-01-15 21:46:20Z lha $ - include $(top_srcdir)/Makefile.am.common lib_LTLIBRARIES = libhx509.la -libhx509_la_LDFLAGS = -version-info 3:0:0 +libhx509_la_LDFLAGS = -version-info 5:0:0 BUILT_SOURCES = \ + sel-gram.h \ $(gen_files_ocsp:.x=.c) \ $(gen_files_pkcs10:.x=.c) \ hx509_err.c \ @@ -50,9 +49,12 @@ gen_files_crmf = \ asn1_ProofOfPossession.x \ asn1_SubsequentMessage.x +AM_YFLAGS = -d + dist_libhx509_la_SOURCES = \ ca.c \ cert.c \ + char_map.h \ cms.c \ collector.c \ crypto.c \ @@ -64,6 +66,10 @@ dist_libhx509_la_SOURCES = \ hx509-protos.h \ hx509.h \ hx_locl.h \ + sel.c \ + sel.h \ + sel-gram.y \ + sel-lex.l \ keyset.c \ ks_dir.c \ ks_file.c \ @@ -81,10 +87,15 @@ dist_libhx509_la_SOURCES = \ req.c \ revoke.c +sel-lex.c: sel-gram.h + +libhx509_la_DEPENDENCIES = version-script.map + libhx509_la_LIBADD = \ $(LIB_com_err) \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la \ $(LIBADD_roken) \ $(LIB_dlopen) @@ -95,39 +106,45 @@ endif if versionscript libhx509_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map endif -$(libhx509_la_OBJECTS): $(srcdir)/version-script.map +$(libhx509_la_OBJECTS): $(srcdir)/version-script.map $(nodist_include_HEADERS) $(priv_headers) libhx509_la_CPPFLAGS = -I$(srcdir)/ref $(INCLUDE_hcrypto) nodist_libhx509_la_SOURCES = $(BUILT_SOURCES) -$(gen_files_ocsp) ocsp_asn1.h: ocsp_asn1_files -$(gen_files_pkcs10) pkcs10_asn1.h: pkcs10_asn1_files -$(gen_files_crmf) crmf_asn1.h: crmf_asn1_files +$(gen_files_ocsp) ocsp_asn1.hx ocsp_asn1-priv.hx: ocsp_asn1_files +$(gen_files_pkcs10) pkcs10_asn1.hx pkcs10_asn1-priv.hx: pkcs10_asn1_files +$(gen_files_crmf) crmf_asn1.hx crmf_asn1-priv.hx: crmf_asn1_files -asn1_compile = ../asn1/asn1_compile$(EXEEXT) +dist_include_HEADERS = hx509.h hx509-protos.h -ocsp_asn1_files: $(asn1_compile) $(srcdir)/ocsp.asn1 - $(asn1_compile) --preserve-binary=OCSPTBSRequest --preserve-binary=OCSPResponseData $(srcdir)/ocsp.asn1 ocsp_asn1 || (rm -f ocsp_asn1_files ; exit 1) +nodist_include_HEADERS = hx509_err.h +nodist_include_HEADERS += ocsp_asn1.h +nodist_include_HEADERS += pkcs10_asn1.h +nodist_include_HEADERS += crmf_asn1.h -pkcs10_asn1_files: $(asn1_compile) $(srcdir)/pkcs10.asn1 - $(asn1_compile) --preserve-binary=CertificationRequestInfo $(srcdir)/pkcs10.asn1 pkcs10_asn1 || (rm -f pkcs10_asn1_files ; exit 1) +priv_headers = ocsp_asn1-priv.h +priv_headers += pkcs10_asn1-priv.h +priv_headers += crmf_asn1-priv.h -crmf_asn1_files: $(asn1_compile) $(srcdir)/crmf.asn1 - $(asn1_compile) $(srcdir)/crmf.asn1 crmf_asn1 || (rm -f crmf_asn1_files ; exit 1) -$(libhx509_la_OBJECTS): $(srcdir)/hx509-protos.h $(srcdir)/hx509-private.h +ocsp_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/ocsp.asn1 $(srcdir)/ocsp.opt + $(ASN1_COMPILE) --option-file=$(srcdir)/ocsp.opt $(srcdir)/ocsp.asn1 ocsp_asn1 || (rm -f ocsp_asn1_files ; exit 1) + +pkcs10_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/pkcs10.asn1 $(srcdir)/pkcs10.opt + $(ASN1_COMPILE) --option-file=$(srcdir)/pkcs10.opt $(srcdir)/pkcs10.asn1 pkcs10_asn1 || (rm -f pkcs10_asn1_files ; exit 1) + +crmf_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/crmf.asn1 + $(ASN1_COMPILE) $(srcdir)/crmf.asn1 crmf_asn1 || (rm -f crmf_asn1_files ; exit 1) + +$(libhx509_la_OBJECTS): $(srcdir)/hx509-protos.h $(srcdir)/hx509-private.h $(srcdir)/hx_locl.h +$(libhx509_la_OBJECTS): ocsp_asn1.h pkcs10_asn1.h $(srcdir)/hx509-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -R '^(_|^C)' -E HX509_LIB_FUNCTION -q -P comment -o hx509-protos.h $(dist_libhx509_la_SOURCES) || rm -f hx509-protos.h + cd $(srcdir) && perl ../../cf/make-proto.pl -R '^(_|^C)' -E HX509_LIB -q -P comment -o hx509-protos.h $(dist_libhx509_la_SOURCES) || rm -f hx509-protos.h $(srcdir)/hx509-private.h: cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p hx509-private.h $(dist_libhx509_la_SOURCES) || rm -f hx509-private.h -dist_include_HEADERS = hx509.h hx509-protos.h -nodist_include_HEADERS = hx509_err.h - -SLC = $(top_builddir)/lib/sl/slc - bin_PROGRAMS = hxtool hxtool-commands.c hxtool-commands.h: hxtool-commands.in $(SLC) @@ -146,14 +163,18 @@ hxtool_LDADD = \ $(LIB_roken) \ $(top_builddir)/lib/sl/libsl.la -CLEANFILES = $(BUILT_SOURCES) \ - $(gen_files_ocsp) ocsp_asn1_files ocsp_asn1.h \ - $(gen_files_pkcs10) pkcs10_asn1_files pkcs10_asn1.h \ - $(gen_files_crmf) crmf_asn1_files crmf_asn1.h \ +CLEANFILES = $(BUILT_SOURCES) sel-gram.c sel-lex.c \ + $(gen_files_ocsp) ocsp_asn1_files ocsp_asn1{,-priv}.h* \ + ocsp_asn1-template.[ch]* \ + $(gen_files_pkcs10) pkcs10_asn1_files pkcs10_asn1{,-priv}.h* \ + pkcs10_asn1-template.[ch]* \ + $(gen_files_crmf) crmf_asn1_files crmf_asn1{,-priv}.h* \ + crmf_asn1-template.[ch]* \ $(TESTS) \ hxtool-commands.c hxtool-commands.h *.tmp \ request.out \ out.pem out2.pem \ + sd sd.pem \ sd.data sd.data.out \ ev.data ev.data.out \ cert-null.pem cert-sub-ca2.pem \ @@ -180,10 +201,14 @@ LDADD = libhx509.la test_soft_pkcs11_LDADD = libhx509.la test_soft_pkcs11_CPPFLAGS = -I$(srcdir)/ref +test_name_CPPFLAGS = $(INCLUDE_hcrypto) +test_name_LDADD = libhx509.la $(LIB_roken) + TESTS = $(SCRIPT_TESTS) $(PROGRAM_TESTS) PROGRAM_TESTS = \ - test_name + test_name \ + test_expr SCRIPT_TESTS = \ test_ca \ @@ -202,7 +227,8 @@ SCRIPT_TESTS = \ test_query do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]objdir[@],$(top_builddir)/lib/hx509,g' + -e 's,[@]objdir[@],$(top_builddir)/lib/hx509,g' \ + -e 's,[@]egrep[@],$(EGREP),g' test_ca: test_ca.in Makefile $(do_subst) < $(srcdir)/test_ca.in > test_ca.tmp @@ -275,13 +301,18 @@ test_query: test_query.in Makefile mv test_query.tmp test_query EXTRA_DIST = \ + NTMakefile \ + hxtool-version.rc \ + libhx509-exports.def \ version-script.map \ crmf.asn1 \ - data/bleichenbacher-bad.pem \ hx509_err.et \ hxtool-commands.in \ + quote.py \ ocsp.asn1 \ + ocsp.opt \ pkcs10.asn1 \ + pkcs10.opt \ test_ca.in \ test_chain.in \ test_cert.in \ @@ -307,6 +338,17 @@ EXTRA_DIST = \ tst-crypto-select5 \ tst-crypto-select6 \ tst-crypto-select7 \ + data/n0ll.pem \ + data/secp160r1TestCA.cert.pem \ + data/secp160r1TestCA.key.pem \ + data/secp160r1TestCA.pem \ + data/secp160r2TestClient.cert.pem \ + data/secp160r2TestClient.key.pem \ + data/secp160r2TestClient.pem \ + data/secp160r2TestServer.cert.pem \ + data/secp160r2TestServer.key.pem \ + data/secp160r2TestServer.pem \ + data/bleichenbacher-bad.pem \ data/bleichenbacher-good.pem \ data/bleichenbacher-sf-pad-correct.pem \ data/ca.crt \ @@ -342,6 +384,8 @@ EXTRA_DIST = \ data/pkinit-pw.key \ data/pkinit.crt \ data/pkinit.key \ + data/pkinit-ec.crt \ + data/pkinit-ec.key \ data/proxy-level-test.crt \ data/proxy-level-test.key \ data/proxy-test.crt \ @@ -377,10 +421,14 @@ EXTRA_DIST = \ data/test-signed-data \ data/test-signed-data-noattr \ data/test-signed-data-noattr-nocerts \ + data/test-signed-sha-1 \ + data/test-signed-sha-256 \ + data/test-signed-sha-512 \ data/test.combined.crt \ data/test.crt \ data/test.key \ data/test.p12 \ + data/win-u16-in-printablestring.der \ data/yutaka-pad-broken-ca.pem \ data/yutaka-pad-broken-cert.pem \ data/yutaka-pad-ok-ca.pem \ diff --git a/lib/hx509/Makefile.in b/lib/hx509/Makefile.in index b564a4903061..98de7d540dd6 100644 --- a/lib/hx509/Makefile.in +++ b/lib/hx509/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,18 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 22459 2008-01-15 21:46:20Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -42,7 +42,8 @@ build_triplet = @build@ host_triplet = @host@ DIST_COMMON = $(dist_include_HEADERS) $(srcdir)/Makefile.am \ $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog TODO + $(top_srcdir)/cf/Makefile.am.common ChangeLog TODO sel-gram.c \ + sel-gram.h sel-lex.c @FRAMEWORK_SECURITY_TRUE@am__append_1 = -framework Security -framework CoreFoundation @versionscript_TRUE@am__append_2 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map bin_PROGRAMS = hxtool$(EXEEXT) @@ -51,7 +52,7 @@ TESTS = $(SCRIPT_TESTS) $(am__EXEEXT_1) subdir = lib/hx509 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -66,7 +67,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -80,9 +81,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -90,36 +94,50 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) am__DEPENDENCIES_1 = -libhx509_la_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) dist_libhx509_la_OBJECTS = libhx509_la-ca.lo libhx509_la-cert.lo \ libhx509_la-cms.lo libhx509_la-collector.lo \ libhx509_la-crypto.lo libhx509_la-doxygen.lo \ libhx509_la-error.lo libhx509_la-env.lo libhx509_la-file.lo \ - libhx509_la-keyset.lo libhx509_la-ks_dir.lo \ - libhx509_la-ks_file.lo libhx509_la-ks_mem.lo \ - libhx509_la-ks_null.lo libhx509_la-ks_p11.lo \ - libhx509_la-ks_p12.lo libhx509_la-ks_keychain.lo \ - libhx509_la-lock.lo libhx509_la-name.lo libhx509_la-peer.lo \ - libhx509_la-print.lo libhx509_la-softp11.lo libhx509_la-req.lo \ + libhx509_la-sel.lo libhx509_la-sel-gram.lo \ + libhx509_la-sel-lex.lo libhx509_la-keyset.lo \ + libhx509_la-ks_dir.lo libhx509_la-ks_file.lo \ + libhx509_la-ks_mem.lo libhx509_la-ks_null.lo \ + libhx509_la-ks_p11.lo libhx509_la-ks_p12.lo \ + libhx509_la-ks_keychain.lo libhx509_la-lock.lo \ + libhx509_la-name.lo libhx509_la-peer.lo libhx509_la-print.lo \ + libhx509_la-softp11.lo libhx509_la-req.lo \ libhx509_la-revoke.lo am__objects_1 = libhx509_la-asn1_OCSPBasicOCSPResponse.lo \ libhx509_la-asn1_OCSPCertID.lo \ @@ -149,8 +167,7 @@ libhx509_la_OBJECTS = $(dist_libhx509_la_OBJECTS) \ libhx509_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libhx509_la_LDFLAGS) $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -am__EXEEXT_1 = test_name$(EXEEXT) +am__EXEEXT_1 = test_name$(EXEEXT) test_expr$(EXEEXT) PROGRAMS = $(bin_PROGRAMS) dist_hxtool_OBJECTS = hxtool-hxtool.$(OBJEXT) nodist_hxtool_OBJECTS = hxtool-hxtool-commands.$(OBJEXT) @@ -158,17 +175,20 @@ hxtool_OBJECTS = $(dist_hxtool_OBJECTS) $(nodist_hxtool_OBJECTS) hxtool_DEPENDENCIES = libhx509.la $(top_builddir)/lib/asn1/libasn1.la \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ $(top_builddir)/lib/sl/libsl.la +test_expr_SOURCES = test_expr.c +test_expr_OBJECTS = test_expr.$(OBJEXT) +test_expr_LDADD = $(LDADD) +test_expr_DEPENDENCIES = libhx509.la test_name_SOURCES = test_name.c -test_name_OBJECTS = test_name.$(OBJEXT) -test_name_LDADD = $(LDADD) -test_name_DEPENDENCIES = libhx509.la +test_name_OBJECTS = test_name-test_name.$(OBJEXT) +test_name_DEPENDENCIES = libhx509.la $(am__DEPENDENCIES_1) test_soft_pkcs11_SOURCES = test_soft_pkcs11.c test_soft_pkcs11_OBJECTS = \ test_soft_pkcs11-test_soft_pkcs11.$(OBJEXT) test_soft_pkcs11_DEPENDENCIES = libhx509.la -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -178,64 +198,82 @@ CCLD = $(CC) LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ +@MAINTAINER_MODE_FALSE@am__skiplex = test -f $@ || +LEXCOMPILE = $(LEX) $(LFLAGS) $(AM_LFLAGS) +LTLEXCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(LEX) $(LFLAGS) $(AM_LFLAGS) +YLWRAP = $(top_srcdir)/ylwrap +@MAINTAINER_MODE_FALSE@am__skipyacc = test -f $@ || +YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS) +LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(YACC) $(YFLAGS) $(AM_YFLAGS) SOURCES = $(dist_libhx509_la_SOURCES) $(nodist_libhx509_la_SOURCES) \ - $(dist_hxtool_SOURCES) $(nodist_hxtool_SOURCES) test_name.c \ - test_soft_pkcs11.c -DIST_SOURCES = $(dist_libhx509_la_SOURCES) $(dist_hxtool_SOURCES) \ + $(dist_hxtool_SOURCES) $(nodist_hxtool_SOURCES) test_expr.c \ test_name.c test_soft_pkcs11.c -dist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -nodist_includeHEADERS_INSTALL = $(INSTALL_HEADER) +DIST_SOURCES = $(dist_libhx509_la_SOURCES) $(dist_hxtool_SOURCES) \ + test_expr.c test_name.c test_soft_pkcs11.c HEADERS = $(dist_include_HEADERS) $(nodist_include_HEADERS) ETAGS = etags CTAGS = ctags +am__tty_colors = \ +red=; grn=; lgn=; blu=; std= DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -259,10 +297,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -279,6 +318,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -294,31 +335,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -333,10 +388,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -377,34 +434,40 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la lib_LTLIBRARIES = libhx509.la -libhx509_la_LDFLAGS = -version-info 3:0:0 $(am__append_1) \ +libhx509_la_LDFLAGS = -version-info 5:0:0 $(am__append_1) \ $(am__append_2) BUILT_SOURCES = \ + sel-gram.h \ $(gen_files_ocsp:.x=.c) \ $(gen_files_pkcs10:.x=.c) \ hx509_err.c \ @@ -449,9 +512,11 @@ gen_files_crmf = \ asn1_ProofOfPossession.x \ asn1_SubsequentMessage.x +AM_YFLAGS = -d dist_libhx509_la_SOURCES = \ ca.c \ cert.c \ + char_map.h \ cms.c \ collector.c \ crypto.c \ @@ -463,6 +528,10 @@ dist_libhx509_la_SOURCES = \ hx509-protos.h \ hx509.h \ hx_locl.h \ + sel.c \ + sel.h \ + sel-gram.y \ + sel-lex.l \ keyset.c \ ks_dir.c \ ks_file.c \ @@ -480,19 +549,21 @@ dist_libhx509_la_SOURCES = \ req.c \ revoke.c +libhx509_la_DEPENDENCIES = version-script.map libhx509_la_LIBADD = \ $(LIB_com_err) \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la \ $(LIBADD_roken) \ $(LIB_dlopen) libhx509_la_CPPFLAGS = -I$(srcdir)/ref $(INCLUDE_hcrypto) nodist_libhx509_la_SOURCES = $(BUILT_SOURCES) -asn1_compile = ../asn1/asn1_compile$(EXEEXT) dist_include_HEADERS = hx509.h hx509-protos.h -nodist_include_HEADERS = hx509_err.h -SLC = $(top_builddir)/lib/sl/slc +nodist_include_HEADERS = hx509_err.h ocsp_asn1.h pkcs10_asn1.h \ + crmf_asn1.h +priv_headers = ocsp_asn1-priv.h pkcs10_asn1-priv.h crmf_asn1-priv.h dist_hxtool_SOURCES = hxtool.c nodist_hxtool_SOURCES = hxtool-commands.c hxtool-commands.h hxtool_CPPFLAGS = $(INCLUDE_hcrypto) @@ -503,14 +574,18 @@ hxtool_LDADD = \ $(LIB_roken) \ $(top_builddir)/lib/sl/libsl.la -CLEANFILES = $(BUILT_SOURCES) \ - $(gen_files_ocsp) ocsp_asn1_files ocsp_asn1.h \ - $(gen_files_pkcs10) pkcs10_asn1_files pkcs10_asn1.h \ - $(gen_files_crmf) crmf_asn1_files crmf_asn1.h \ +CLEANFILES = $(BUILT_SOURCES) sel-gram.c sel-lex.c \ + $(gen_files_ocsp) ocsp_asn1_files ocsp_asn1{,-priv}.h* \ + ocsp_asn1-template.[ch]* \ + $(gen_files_pkcs10) pkcs10_asn1_files pkcs10_asn1{,-priv}.h* \ + pkcs10_asn1-template.[ch]* \ + $(gen_files_crmf) crmf_asn1_files crmf_asn1{,-priv}.h* \ + crmf_asn1-template.[ch]* \ $(TESTS) \ hxtool-commands.c hxtool-commands.h *.tmp \ request.out \ out.pem out2.pem \ + sd sd.pem \ sd.data sd.data.out \ ev.data ev.data.out \ cert-null.pem cert-sub-ca2.pem \ @@ -530,8 +605,11 @@ check_SCRIPTS = $(SCRIPT_TESTS) LDADD = libhx509.la test_soft_pkcs11_LDADD = libhx509.la test_soft_pkcs11_CPPFLAGS = -I$(srcdir)/ref +test_name_CPPFLAGS = $(INCLUDE_hcrypto) +test_name_LDADD = libhx509.la $(LIB_roken) PROGRAM_TESTS = \ - test_name + test_name \ + test_expr SCRIPT_TESTS = \ test_ca \ @@ -550,16 +628,22 @@ SCRIPT_TESTS = \ test_query do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]objdir[@],$(top_builddir)/lib/hx509,g' + -e 's,[@]objdir[@],$(top_builddir)/lib/hx509,g' \ + -e 's,[@]egrep[@],$(EGREP),g' EXTRA_DIST = \ + NTMakefile \ + hxtool-version.rc \ + libhx509-exports.def \ version-script.map \ crmf.asn1 \ - data/bleichenbacher-bad.pem \ hx509_err.et \ hxtool-commands.in \ + quote.py \ ocsp.asn1 \ + ocsp.opt \ pkcs10.asn1 \ + pkcs10.opt \ test_ca.in \ test_chain.in \ test_cert.in \ @@ -585,6 +669,17 @@ EXTRA_DIST = \ tst-crypto-select5 \ tst-crypto-select6 \ tst-crypto-select7 \ + data/n0ll.pem \ + data/secp160r1TestCA.cert.pem \ + data/secp160r1TestCA.key.pem \ + data/secp160r1TestCA.pem \ + data/secp160r2TestClient.cert.pem \ + data/secp160r2TestClient.key.pem \ + data/secp160r2TestClient.pem \ + data/secp160r2TestServer.cert.pem \ + data/secp160r2TestServer.key.pem \ + data/secp160r2TestServer.pem \ + data/bleichenbacher-bad.pem \ data/bleichenbacher-good.pem \ data/bleichenbacher-sf-pad-correct.pem \ data/ca.crt \ @@ -620,6 +715,8 @@ EXTRA_DIST = \ data/pkinit-pw.key \ data/pkinit.crt \ data/pkinit.key \ + data/pkinit-ec.crt \ + data/pkinit-ec.key \ data/proxy-level-test.crt \ data/proxy-level-test.key \ data/proxy-test.crt \ @@ -655,10 +752,14 @@ EXTRA_DIST = \ data/test-signed-data \ data/test-signed-data-noattr \ data/test-signed-data-noattr-nocerts \ + data/test-signed-sha-1 \ + data/test-signed-sha-256 \ + data/test-signed-sha-512 \ data/test.combined.crt \ data/test.crt \ data/test.key \ data/test.p12 \ + data/win-u16-in-printablestring.der \ data/yutaka-pad-broken-ca.pem \ data/yutaka-pad-broken-cert.pem \ data/yutaka-pad-ok-ca.pem \ @@ -669,19 +770,19 @@ all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .l .lo .o .obj .y $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/hx509/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/hx509/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/hx509/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/hx509/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -699,23 +800,28 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -726,46 +832,71 @@ clean-libLTLIBRARIES: echo "rm -f \"$${dir}/so_locations\""; \ rm -f "$${dir}/so_locations"; \ done +sel-gram.h: sel-gram.c + @if test ! -f $@; then \ + rm -f sel-gram.c; \ + $(MAKE) $(AM_MAKEFLAGS) sel-gram.c; \ + else :; fi libhx509.la: $(libhx509_la_OBJECTS) $(libhx509_la_DEPENDENCIES) $(libhx509_la_LINK) -rpath $(libdir) $(libhx509_la_OBJECTS) $(libhx509_la_LIBADD) $(LIBS) install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list hxtool$(EXEEXT): $(hxtool_OBJECTS) $(hxtool_DEPENDENCIES) @rm -f hxtool$(EXEEXT) $(LINK) $(hxtool_OBJECTS) $(hxtool_LDADD) $(LIBS) +test_expr$(EXEEXT): $(test_expr_OBJECTS) $(test_expr_DEPENDENCIES) + @rm -f test_expr$(EXEEXT) + $(LINK) $(test_expr_OBJECTS) $(test_expr_LDADD) $(LIBS) test_name$(EXEEXT): $(test_name_OBJECTS) $(test_name_DEPENDENCIES) @rm -f test_name$(EXEEXT) $(LINK) $(test_name_OBJECTS) $(test_name_LDADD) $(LIBS) @@ -779,167 +910,478 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hxtool-hxtool-commands.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hxtool-hxtool.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_CertificationRequest.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_CertificationRequestInfo.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPBasicOCSPResponse.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPCertID.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPCertStatus.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPInnerRequest.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPKeyHash.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPRequest.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPResponderID.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPResponse.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPResponseBytes.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPResponseData.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPResponseStatus.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPSignature.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPSingleResponse.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPTBSRequest.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_OCSPVersion.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_id_pkix_ocsp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_id_pkix_ocsp_basic.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-asn1_id_pkix_ocsp_nonce.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-ca.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-cert.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-cms.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-collector.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-crypto.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-doxygen.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-env.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-error.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-file.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-hx509_err.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-keyset.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-ks_dir.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-ks_file.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-ks_keychain.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-ks_mem.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-ks_null.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-ks_p11.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-ks_p12.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-lock.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-name.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-peer.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-print.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-req.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-revoke.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-sel-gram.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-sel-lex.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-sel.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhx509_la-softp11.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_expr.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_name-test_name.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_soft_pkcs11-test_soft_pkcs11.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< libhx509_la-ca.lo: ca.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ca.lo `test -f 'ca.c' || echo '$(srcdir)/'`ca.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-ca.lo -MD -MP -MF $(DEPDIR)/libhx509_la-ca.Tpo -c -o libhx509_la-ca.lo `test -f 'ca.c' || echo '$(srcdir)/'`ca.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-ca.Tpo $(DEPDIR)/libhx509_la-ca.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ca.c' object='libhx509_la-ca.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ca.lo `test -f 'ca.c' || echo '$(srcdir)/'`ca.c libhx509_la-cert.lo: cert.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-cert.lo `test -f 'cert.c' || echo '$(srcdir)/'`cert.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-cert.lo -MD -MP -MF $(DEPDIR)/libhx509_la-cert.Tpo -c -o libhx509_la-cert.lo `test -f 'cert.c' || echo '$(srcdir)/'`cert.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-cert.Tpo $(DEPDIR)/libhx509_la-cert.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='cert.c' object='libhx509_la-cert.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-cert.lo `test -f 'cert.c' || echo '$(srcdir)/'`cert.c libhx509_la-cms.lo: cms.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-cms.lo `test -f 'cms.c' || echo '$(srcdir)/'`cms.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-cms.lo -MD -MP -MF $(DEPDIR)/libhx509_la-cms.Tpo -c -o libhx509_la-cms.lo `test -f 'cms.c' || echo '$(srcdir)/'`cms.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-cms.Tpo $(DEPDIR)/libhx509_la-cms.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='cms.c' object='libhx509_la-cms.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-cms.lo `test -f 'cms.c' || echo '$(srcdir)/'`cms.c libhx509_la-collector.lo: collector.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-collector.lo `test -f 'collector.c' || echo '$(srcdir)/'`collector.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-collector.lo -MD -MP -MF $(DEPDIR)/libhx509_la-collector.Tpo -c -o libhx509_la-collector.lo `test -f 'collector.c' || echo '$(srcdir)/'`collector.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-collector.Tpo $(DEPDIR)/libhx509_la-collector.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='collector.c' object='libhx509_la-collector.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-collector.lo `test -f 'collector.c' || echo '$(srcdir)/'`collector.c libhx509_la-crypto.lo: crypto.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-crypto.lo -MD -MP -MF $(DEPDIR)/libhx509_la-crypto.Tpo -c -o libhx509_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-crypto.Tpo $(DEPDIR)/libhx509_la-crypto.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto.c' object='libhx509_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c libhx509_la-doxygen.lo: doxygen.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-doxygen.lo `test -f 'doxygen.c' || echo '$(srcdir)/'`doxygen.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-doxygen.lo -MD -MP -MF $(DEPDIR)/libhx509_la-doxygen.Tpo -c -o libhx509_la-doxygen.lo `test -f 'doxygen.c' || echo '$(srcdir)/'`doxygen.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-doxygen.Tpo $(DEPDIR)/libhx509_la-doxygen.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='doxygen.c' object='libhx509_la-doxygen.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-doxygen.lo `test -f 'doxygen.c' || echo '$(srcdir)/'`doxygen.c libhx509_la-error.lo: error.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-error.lo `test -f 'error.c' || echo '$(srcdir)/'`error.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-error.lo -MD -MP -MF $(DEPDIR)/libhx509_la-error.Tpo -c -o libhx509_la-error.lo `test -f 'error.c' || echo '$(srcdir)/'`error.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-error.Tpo $(DEPDIR)/libhx509_la-error.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='error.c' object='libhx509_la-error.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-error.lo `test -f 'error.c' || echo '$(srcdir)/'`error.c libhx509_la-env.lo: env.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-env.lo `test -f 'env.c' || echo '$(srcdir)/'`env.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-env.lo -MD -MP -MF $(DEPDIR)/libhx509_la-env.Tpo -c -o libhx509_la-env.lo `test -f 'env.c' || echo '$(srcdir)/'`env.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-env.Tpo $(DEPDIR)/libhx509_la-env.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='env.c' object='libhx509_la-env.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-env.lo `test -f 'env.c' || echo '$(srcdir)/'`env.c libhx509_la-file.lo: file.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-file.lo `test -f 'file.c' || echo '$(srcdir)/'`file.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-file.lo -MD -MP -MF $(DEPDIR)/libhx509_la-file.Tpo -c -o libhx509_la-file.lo `test -f 'file.c' || echo '$(srcdir)/'`file.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-file.Tpo $(DEPDIR)/libhx509_la-file.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='file.c' object='libhx509_la-file.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-file.lo `test -f 'file.c' || echo '$(srcdir)/'`file.c + +libhx509_la-sel.lo: sel.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-sel.lo -MD -MP -MF $(DEPDIR)/libhx509_la-sel.Tpo -c -o libhx509_la-sel.lo `test -f 'sel.c' || echo '$(srcdir)/'`sel.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-sel.Tpo $(DEPDIR)/libhx509_la-sel.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sel.c' object='libhx509_la-sel.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-sel.lo `test -f 'sel.c' || echo '$(srcdir)/'`sel.c + +libhx509_la-sel-gram.lo: sel-gram.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-sel-gram.lo -MD -MP -MF $(DEPDIR)/libhx509_la-sel-gram.Tpo -c -o libhx509_la-sel-gram.lo `test -f 'sel-gram.c' || echo '$(srcdir)/'`sel-gram.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-sel-gram.Tpo $(DEPDIR)/libhx509_la-sel-gram.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sel-gram.c' object='libhx509_la-sel-gram.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-sel-gram.lo `test -f 'sel-gram.c' || echo '$(srcdir)/'`sel-gram.c + +libhx509_la-sel-lex.lo: sel-lex.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-sel-lex.lo -MD -MP -MF $(DEPDIR)/libhx509_la-sel-lex.Tpo -c -o libhx509_la-sel-lex.lo `test -f 'sel-lex.c' || echo '$(srcdir)/'`sel-lex.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-sel-lex.Tpo $(DEPDIR)/libhx509_la-sel-lex.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sel-lex.c' object='libhx509_la-sel-lex.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-sel-lex.lo `test -f 'sel-lex.c' || echo '$(srcdir)/'`sel-lex.c libhx509_la-keyset.lo: keyset.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-keyset.lo `test -f 'keyset.c' || echo '$(srcdir)/'`keyset.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-keyset.lo -MD -MP -MF $(DEPDIR)/libhx509_la-keyset.Tpo -c -o libhx509_la-keyset.lo `test -f 'keyset.c' || echo '$(srcdir)/'`keyset.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-keyset.Tpo $(DEPDIR)/libhx509_la-keyset.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='keyset.c' object='libhx509_la-keyset.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-keyset.lo `test -f 'keyset.c' || echo '$(srcdir)/'`keyset.c libhx509_la-ks_dir.lo: ks_dir.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_dir.lo `test -f 'ks_dir.c' || echo '$(srcdir)/'`ks_dir.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-ks_dir.lo -MD -MP -MF $(DEPDIR)/libhx509_la-ks_dir.Tpo -c -o libhx509_la-ks_dir.lo `test -f 'ks_dir.c' || echo '$(srcdir)/'`ks_dir.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-ks_dir.Tpo $(DEPDIR)/libhx509_la-ks_dir.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ks_dir.c' object='libhx509_la-ks_dir.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_dir.lo `test -f 'ks_dir.c' || echo '$(srcdir)/'`ks_dir.c libhx509_la-ks_file.lo: ks_file.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_file.lo `test -f 'ks_file.c' || echo '$(srcdir)/'`ks_file.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-ks_file.lo -MD -MP -MF $(DEPDIR)/libhx509_la-ks_file.Tpo -c -o libhx509_la-ks_file.lo `test -f 'ks_file.c' || echo '$(srcdir)/'`ks_file.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-ks_file.Tpo $(DEPDIR)/libhx509_la-ks_file.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ks_file.c' object='libhx509_la-ks_file.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_file.lo `test -f 'ks_file.c' || echo '$(srcdir)/'`ks_file.c libhx509_la-ks_mem.lo: ks_mem.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_mem.lo `test -f 'ks_mem.c' || echo '$(srcdir)/'`ks_mem.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-ks_mem.lo -MD -MP -MF $(DEPDIR)/libhx509_la-ks_mem.Tpo -c -o libhx509_la-ks_mem.lo `test -f 'ks_mem.c' || echo '$(srcdir)/'`ks_mem.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-ks_mem.Tpo $(DEPDIR)/libhx509_la-ks_mem.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ks_mem.c' object='libhx509_la-ks_mem.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_mem.lo `test -f 'ks_mem.c' || echo '$(srcdir)/'`ks_mem.c libhx509_la-ks_null.lo: ks_null.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_null.lo `test -f 'ks_null.c' || echo '$(srcdir)/'`ks_null.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-ks_null.lo -MD -MP -MF $(DEPDIR)/libhx509_la-ks_null.Tpo -c -o libhx509_la-ks_null.lo `test -f 'ks_null.c' || echo '$(srcdir)/'`ks_null.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-ks_null.Tpo $(DEPDIR)/libhx509_la-ks_null.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ks_null.c' object='libhx509_la-ks_null.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_null.lo `test -f 'ks_null.c' || echo '$(srcdir)/'`ks_null.c libhx509_la-ks_p11.lo: ks_p11.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_p11.lo `test -f 'ks_p11.c' || echo '$(srcdir)/'`ks_p11.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-ks_p11.lo -MD -MP -MF $(DEPDIR)/libhx509_la-ks_p11.Tpo -c -o libhx509_la-ks_p11.lo `test -f 'ks_p11.c' || echo '$(srcdir)/'`ks_p11.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-ks_p11.Tpo $(DEPDIR)/libhx509_la-ks_p11.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ks_p11.c' object='libhx509_la-ks_p11.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_p11.lo `test -f 'ks_p11.c' || echo '$(srcdir)/'`ks_p11.c libhx509_la-ks_p12.lo: ks_p12.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_p12.lo `test -f 'ks_p12.c' || echo '$(srcdir)/'`ks_p12.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-ks_p12.lo -MD -MP -MF $(DEPDIR)/libhx509_la-ks_p12.Tpo -c -o libhx509_la-ks_p12.lo `test -f 'ks_p12.c' || echo '$(srcdir)/'`ks_p12.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-ks_p12.Tpo $(DEPDIR)/libhx509_la-ks_p12.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ks_p12.c' object='libhx509_la-ks_p12.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_p12.lo `test -f 'ks_p12.c' || echo '$(srcdir)/'`ks_p12.c libhx509_la-ks_keychain.lo: ks_keychain.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_keychain.lo `test -f 'ks_keychain.c' || echo '$(srcdir)/'`ks_keychain.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-ks_keychain.lo -MD -MP -MF $(DEPDIR)/libhx509_la-ks_keychain.Tpo -c -o libhx509_la-ks_keychain.lo `test -f 'ks_keychain.c' || echo '$(srcdir)/'`ks_keychain.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-ks_keychain.Tpo $(DEPDIR)/libhx509_la-ks_keychain.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ks_keychain.c' object='libhx509_la-ks_keychain.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_keychain.lo `test -f 'ks_keychain.c' || echo '$(srcdir)/'`ks_keychain.c libhx509_la-lock.lo: lock.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-lock.lo `test -f 'lock.c' || echo '$(srcdir)/'`lock.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-lock.lo -MD -MP -MF $(DEPDIR)/libhx509_la-lock.Tpo -c -o libhx509_la-lock.lo `test -f 'lock.c' || echo '$(srcdir)/'`lock.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-lock.Tpo $(DEPDIR)/libhx509_la-lock.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lock.c' object='libhx509_la-lock.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-lock.lo `test -f 'lock.c' || echo '$(srcdir)/'`lock.c libhx509_la-name.lo: name.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-name.lo `test -f 'name.c' || echo '$(srcdir)/'`name.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-name.lo -MD -MP -MF $(DEPDIR)/libhx509_la-name.Tpo -c -o libhx509_la-name.lo `test -f 'name.c' || echo '$(srcdir)/'`name.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-name.Tpo $(DEPDIR)/libhx509_la-name.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='name.c' object='libhx509_la-name.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-name.lo `test -f 'name.c' || echo '$(srcdir)/'`name.c libhx509_la-peer.lo: peer.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-peer.lo `test -f 'peer.c' || echo '$(srcdir)/'`peer.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-peer.lo -MD -MP -MF $(DEPDIR)/libhx509_la-peer.Tpo -c -o libhx509_la-peer.lo `test -f 'peer.c' || echo '$(srcdir)/'`peer.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-peer.Tpo $(DEPDIR)/libhx509_la-peer.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='peer.c' object='libhx509_la-peer.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-peer.lo `test -f 'peer.c' || echo '$(srcdir)/'`peer.c libhx509_la-print.lo: print.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-print.lo `test -f 'print.c' || echo '$(srcdir)/'`print.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-print.lo -MD -MP -MF $(DEPDIR)/libhx509_la-print.Tpo -c -o libhx509_la-print.lo `test -f 'print.c' || echo '$(srcdir)/'`print.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-print.Tpo $(DEPDIR)/libhx509_la-print.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='print.c' object='libhx509_la-print.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-print.lo `test -f 'print.c' || echo '$(srcdir)/'`print.c libhx509_la-softp11.lo: softp11.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-softp11.lo `test -f 'softp11.c' || echo '$(srcdir)/'`softp11.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-softp11.lo -MD -MP -MF $(DEPDIR)/libhx509_la-softp11.Tpo -c -o libhx509_la-softp11.lo `test -f 'softp11.c' || echo '$(srcdir)/'`softp11.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-softp11.Tpo $(DEPDIR)/libhx509_la-softp11.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='softp11.c' object='libhx509_la-softp11.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-softp11.lo `test -f 'softp11.c' || echo '$(srcdir)/'`softp11.c libhx509_la-req.lo: req.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-req.lo `test -f 'req.c' || echo '$(srcdir)/'`req.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-req.lo -MD -MP -MF $(DEPDIR)/libhx509_la-req.Tpo -c -o libhx509_la-req.lo `test -f 'req.c' || echo '$(srcdir)/'`req.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-req.Tpo $(DEPDIR)/libhx509_la-req.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='req.c' object='libhx509_la-req.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-req.lo `test -f 'req.c' || echo '$(srcdir)/'`req.c libhx509_la-revoke.lo: revoke.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-revoke.lo `test -f 'revoke.c' || echo '$(srcdir)/'`revoke.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-revoke.lo -MD -MP -MF $(DEPDIR)/libhx509_la-revoke.Tpo -c -o libhx509_la-revoke.lo `test -f 'revoke.c' || echo '$(srcdir)/'`revoke.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-revoke.Tpo $(DEPDIR)/libhx509_la-revoke.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='revoke.c' object='libhx509_la-revoke.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-revoke.lo `test -f 'revoke.c' || echo '$(srcdir)/'`revoke.c libhx509_la-asn1_OCSPBasicOCSPResponse.lo: asn1_OCSPBasicOCSPResponse.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPBasicOCSPResponse.lo `test -f 'asn1_OCSPBasicOCSPResponse.c' || echo '$(srcdir)/'`asn1_OCSPBasicOCSPResponse.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPBasicOCSPResponse.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPBasicOCSPResponse.Tpo -c -o libhx509_la-asn1_OCSPBasicOCSPResponse.lo `test -f 'asn1_OCSPBasicOCSPResponse.c' || echo '$(srcdir)/'`asn1_OCSPBasicOCSPResponse.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPBasicOCSPResponse.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPBasicOCSPResponse.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPBasicOCSPResponse.c' object='libhx509_la-asn1_OCSPBasicOCSPResponse.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPBasicOCSPResponse.lo `test -f 'asn1_OCSPBasicOCSPResponse.c' || echo '$(srcdir)/'`asn1_OCSPBasicOCSPResponse.c libhx509_la-asn1_OCSPCertID.lo: asn1_OCSPCertID.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPCertID.lo `test -f 'asn1_OCSPCertID.c' || echo '$(srcdir)/'`asn1_OCSPCertID.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPCertID.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPCertID.Tpo -c -o libhx509_la-asn1_OCSPCertID.lo `test -f 'asn1_OCSPCertID.c' || echo '$(srcdir)/'`asn1_OCSPCertID.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPCertID.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPCertID.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPCertID.c' object='libhx509_la-asn1_OCSPCertID.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPCertID.lo `test -f 'asn1_OCSPCertID.c' || echo '$(srcdir)/'`asn1_OCSPCertID.c libhx509_la-asn1_OCSPCertStatus.lo: asn1_OCSPCertStatus.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPCertStatus.lo `test -f 'asn1_OCSPCertStatus.c' || echo '$(srcdir)/'`asn1_OCSPCertStatus.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPCertStatus.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPCertStatus.Tpo -c -o libhx509_la-asn1_OCSPCertStatus.lo `test -f 'asn1_OCSPCertStatus.c' || echo '$(srcdir)/'`asn1_OCSPCertStatus.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPCertStatus.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPCertStatus.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPCertStatus.c' object='libhx509_la-asn1_OCSPCertStatus.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPCertStatus.lo `test -f 'asn1_OCSPCertStatus.c' || echo '$(srcdir)/'`asn1_OCSPCertStatus.c libhx509_la-asn1_OCSPInnerRequest.lo: asn1_OCSPInnerRequest.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPInnerRequest.lo `test -f 'asn1_OCSPInnerRequest.c' || echo '$(srcdir)/'`asn1_OCSPInnerRequest.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPInnerRequest.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPInnerRequest.Tpo -c -o libhx509_la-asn1_OCSPInnerRequest.lo `test -f 'asn1_OCSPInnerRequest.c' || echo '$(srcdir)/'`asn1_OCSPInnerRequest.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPInnerRequest.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPInnerRequest.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPInnerRequest.c' object='libhx509_la-asn1_OCSPInnerRequest.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPInnerRequest.lo `test -f 'asn1_OCSPInnerRequest.c' || echo '$(srcdir)/'`asn1_OCSPInnerRequest.c libhx509_la-asn1_OCSPKeyHash.lo: asn1_OCSPKeyHash.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPKeyHash.lo `test -f 'asn1_OCSPKeyHash.c' || echo '$(srcdir)/'`asn1_OCSPKeyHash.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPKeyHash.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPKeyHash.Tpo -c -o libhx509_la-asn1_OCSPKeyHash.lo `test -f 'asn1_OCSPKeyHash.c' || echo '$(srcdir)/'`asn1_OCSPKeyHash.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPKeyHash.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPKeyHash.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPKeyHash.c' object='libhx509_la-asn1_OCSPKeyHash.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPKeyHash.lo `test -f 'asn1_OCSPKeyHash.c' || echo '$(srcdir)/'`asn1_OCSPKeyHash.c libhx509_la-asn1_OCSPRequest.lo: asn1_OCSPRequest.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPRequest.lo `test -f 'asn1_OCSPRequest.c' || echo '$(srcdir)/'`asn1_OCSPRequest.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPRequest.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPRequest.Tpo -c -o libhx509_la-asn1_OCSPRequest.lo `test -f 'asn1_OCSPRequest.c' || echo '$(srcdir)/'`asn1_OCSPRequest.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPRequest.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPRequest.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPRequest.c' object='libhx509_la-asn1_OCSPRequest.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPRequest.lo `test -f 'asn1_OCSPRequest.c' || echo '$(srcdir)/'`asn1_OCSPRequest.c libhx509_la-asn1_OCSPResponderID.lo: asn1_OCSPResponderID.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponderID.lo `test -f 'asn1_OCSPResponderID.c' || echo '$(srcdir)/'`asn1_OCSPResponderID.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPResponderID.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPResponderID.Tpo -c -o libhx509_la-asn1_OCSPResponderID.lo `test -f 'asn1_OCSPResponderID.c' || echo '$(srcdir)/'`asn1_OCSPResponderID.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPResponderID.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPResponderID.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPResponderID.c' object='libhx509_la-asn1_OCSPResponderID.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponderID.lo `test -f 'asn1_OCSPResponderID.c' || echo '$(srcdir)/'`asn1_OCSPResponderID.c libhx509_la-asn1_OCSPResponse.lo: asn1_OCSPResponse.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponse.lo `test -f 'asn1_OCSPResponse.c' || echo '$(srcdir)/'`asn1_OCSPResponse.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPResponse.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPResponse.Tpo -c -o libhx509_la-asn1_OCSPResponse.lo `test -f 'asn1_OCSPResponse.c' || echo '$(srcdir)/'`asn1_OCSPResponse.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPResponse.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPResponse.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPResponse.c' object='libhx509_la-asn1_OCSPResponse.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponse.lo `test -f 'asn1_OCSPResponse.c' || echo '$(srcdir)/'`asn1_OCSPResponse.c libhx509_la-asn1_OCSPResponseBytes.lo: asn1_OCSPResponseBytes.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponseBytes.lo `test -f 'asn1_OCSPResponseBytes.c' || echo '$(srcdir)/'`asn1_OCSPResponseBytes.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPResponseBytes.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPResponseBytes.Tpo -c -o libhx509_la-asn1_OCSPResponseBytes.lo `test -f 'asn1_OCSPResponseBytes.c' || echo '$(srcdir)/'`asn1_OCSPResponseBytes.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPResponseBytes.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPResponseBytes.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPResponseBytes.c' object='libhx509_la-asn1_OCSPResponseBytes.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponseBytes.lo `test -f 'asn1_OCSPResponseBytes.c' || echo '$(srcdir)/'`asn1_OCSPResponseBytes.c libhx509_la-asn1_OCSPResponseData.lo: asn1_OCSPResponseData.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponseData.lo `test -f 'asn1_OCSPResponseData.c' || echo '$(srcdir)/'`asn1_OCSPResponseData.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPResponseData.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPResponseData.Tpo -c -o libhx509_la-asn1_OCSPResponseData.lo `test -f 'asn1_OCSPResponseData.c' || echo '$(srcdir)/'`asn1_OCSPResponseData.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPResponseData.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPResponseData.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPResponseData.c' object='libhx509_la-asn1_OCSPResponseData.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponseData.lo `test -f 'asn1_OCSPResponseData.c' || echo '$(srcdir)/'`asn1_OCSPResponseData.c libhx509_la-asn1_OCSPResponseStatus.lo: asn1_OCSPResponseStatus.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponseStatus.lo `test -f 'asn1_OCSPResponseStatus.c' || echo '$(srcdir)/'`asn1_OCSPResponseStatus.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPResponseStatus.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPResponseStatus.Tpo -c -o libhx509_la-asn1_OCSPResponseStatus.lo `test -f 'asn1_OCSPResponseStatus.c' || echo '$(srcdir)/'`asn1_OCSPResponseStatus.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPResponseStatus.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPResponseStatus.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPResponseStatus.c' object='libhx509_la-asn1_OCSPResponseStatus.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponseStatus.lo `test -f 'asn1_OCSPResponseStatus.c' || echo '$(srcdir)/'`asn1_OCSPResponseStatus.c libhx509_la-asn1_OCSPSignature.lo: asn1_OCSPSignature.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPSignature.lo `test -f 'asn1_OCSPSignature.c' || echo '$(srcdir)/'`asn1_OCSPSignature.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPSignature.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPSignature.Tpo -c -o libhx509_la-asn1_OCSPSignature.lo `test -f 'asn1_OCSPSignature.c' || echo '$(srcdir)/'`asn1_OCSPSignature.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPSignature.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPSignature.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPSignature.c' object='libhx509_la-asn1_OCSPSignature.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPSignature.lo `test -f 'asn1_OCSPSignature.c' || echo '$(srcdir)/'`asn1_OCSPSignature.c libhx509_la-asn1_OCSPSingleResponse.lo: asn1_OCSPSingleResponse.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPSingleResponse.lo `test -f 'asn1_OCSPSingleResponse.c' || echo '$(srcdir)/'`asn1_OCSPSingleResponse.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPSingleResponse.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPSingleResponse.Tpo -c -o libhx509_la-asn1_OCSPSingleResponse.lo `test -f 'asn1_OCSPSingleResponse.c' || echo '$(srcdir)/'`asn1_OCSPSingleResponse.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPSingleResponse.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPSingleResponse.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPSingleResponse.c' object='libhx509_la-asn1_OCSPSingleResponse.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPSingleResponse.lo `test -f 'asn1_OCSPSingleResponse.c' || echo '$(srcdir)/'`asn1_OCSPSingleResponse.c libhx509_la-asn1_OCSPTBSRequest.lo: asn1_OCSPTBSRequest.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPTBSRequest.lo `test -f 'asn1_OCSPTBSRequest.c' || echo '$(srcdir)/'`asn1_OCSPTBSRequest.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPTBSRequest.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPTBSRequest.Tpo -c -o libhx509_la-asn1_OCSPTBSRequest.lo `test -f 'asn1_OCSPTBSRequest.c' || echo '$(srcdir)/'`asn1_OCSPTBSRequest.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPTBSRequest.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPTBSRequest.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPTBSRequest.c' object='libhx509_la-asn1_OCSPTBSRequest.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPTBSRequest.lo `test -f 'asn1_OCSPTBSRequest.c' || echo '$(srcdir)/'`asn1_OCSPTBSRequest.c libhx509_la-asn1_OCSPVersion.lo: asn1_OCSPVersion.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPVersion.lo `test -f 'asn1_OCSPVersion.c' || echo '$(srcdir)/'`asn1_OCSPVersion.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_OCSPVersion.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_OCSPVersion.Tpo -c -o libhx509_la-asn1_OCSPVersion.lo `test -f 'asn1_OCSPVersion.c' || echo '$(srcdir)/'`asn1_OCSPVersion.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_OCSPVersion.Tpo $(DEPDIR)/libhx509_la-asn1_OCSPVersion.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_OCSPVersion.c' object='libhx509_la-asn1_OCSPVersion.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPVersion.lo `test -f 'asn1_OCSPVersion.c' || echo '$(srcdir)/'`asn1_OCSPVersion.c libhx509_la-asn1_id_pkix_ocsp.lo: asn1_id_pkix_ocsp.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_id_pkix_ocsp.lo `test -f 'asn1_id_pkix_ocsp.c' || echo '$(srcdir)/'`asn1_id_pkix_ocsp.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_id_pkix_ocsp.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_id_pkix_ocsp.Tpo -c -o libhx509_la-asn1_id_pkix_ocsp.lo `test -f 'asn1_id_pkix_ocsp.c' || echo '$(srcdir)/'`asn1_id_pkix_ocsp.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_id_pkix_ocsp.Tpo $(DEPDIR)/libhx509_la-asn1_id_pkix_ocsp.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_id_pkix_ocsp.c' object='libhx509_la-asn1_id_pkix_ocsp.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_id_pkix_ocsp.lo `test -f 'asn1_id_pkix_ocsp.c' || echo '$(srcdir)/'`asn1_id_pkix_ocsp.c libhx509_la-asn1_id_pkix_ocsp_basic.lo: asn1_id_pkix_ocsp_basic.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_id_pkix_ocsp_basic.lo `test -f 'asn1_id_pkix_ocsp_basic.c' || echo '$(srcdir)/'`asn1_id_pkix_ocsp_basic.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_id_pkix_ocsp_basic.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_id_pkix_ocsp_basic.Tpo -c -o libhx509_la-asn1_id_pkix_ocsp_basic.lo `test -f 'asn1_id_pkix_ocsp_basic.c' || echo '$(srcdir)/'`asn1_id_pkix_ocsp_basic.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_id_pkix_ocsp_basic.Tpo $(DEPDIR)/libhx509_la-asn1_id_pkix_ocsp_basic.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_id_pkix_ocsp_basic.c' object='libhx509_la-asn1_id_pkix_ocsp_basic.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_id_pkix_ocsp_basic.lo `test -f 'asn1_id_pkix_ocsp_basic.c' || echo '$(srcdir)/'`asn1_id_pkix_ocsp_basic.c libhx509_la-asn1_id_pkix_ocsp_nonce.lo: asn1_id_pkix_ocsp_nonce.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_id_pkix_ocsp_nonce.lo `test -f 'asn1_id_pkix_ocsp_nonce.c' || echo '$(srcdir)/'`asn1_id_pkix_ocsp_nonce.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_id_pkix_ocsp_nonce.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_id_pkix_ocsp_nonce.Tpo -c -o libhx509_la-asn1_id_pkix_ocsp_nonce.lo `test -f 'asn1_id_pkix_ocsp_nonce.c' || echo '$(srcdir)/'`asn1_id_pkix_ocsp_nonce.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_id_pkix_ocsp_nonce.Tpo $(DEPDIR)/libhx509_la-asn1_id_pkix_ocsp_nonce.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_id_pkix_ocsp_nonce.c' object='libhx509_la-asn1_id_pkix_ocsp_nonce.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_id_pkix_ocsp_nonce.lo `test -f 'asn1_id_pkix_ocsp_nonce.c' || echo '$(srcdir)/'`asn1_id_pkix_ocsp_nonce.c libhx509_la-asn1_CertificationRequestInfo.lo: asn1_CertificationRequestInfo.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_CertificationRequestInfo.lo `test -f 'asn1_CertificationRequestInfo.c' || echo '$(srcdir)/'`asn1_CertificationRequestInfo.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_CertificationRequestInfo.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_CertificationRequestInfo.Tpo -c -o libhx509_la-asn1_CertificationRequestInfo.lo `test -f 'asn1_CertificationRequestInfo.c' || echo '$(srcdir)/'`asn1_CertificationRequestInfo.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_CertificationRequestInfo.Tpo $(DEPDIR)/libhx509_la-asn1_CertificationRequestInfo.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_CertificationRequestInfo.c' object='libhx509_la-asn1_CertificationRequestInfo.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_CertificationRequestInfo.lo `test -f 'asn1_CertificationRequestInfo.c' || echo '$(srcdir)/'`asn1_CertificationRequestInfo.c libhx509_la-asn1_CertificationRequest.lo: asn1_CertificationRequest.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_CertificationRequest.lo `test -f 'asn1_CertificationRequest.c' || echo '$(srcdir)/'`asn1_CertificationRequest.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-asn1_CertificationRequest.lo -MD -MP -MF $(DEPDIR)/libhx509_la-asn1_CertificationRequest.Tpo -c -o libhx509_la-asn1_CertificationRequest.lo `test -f 'asn1_CertificationRequest.c' || echo '$(srcdir)/'`asn1_CertificationRequest.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-asn1_CertificationRequest.Tpo $(DEPDIR)/libhx509_la-asn1_CertificationRequest.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_CertificationRequest.c' object='libhx509_la-asn1_CertificationRequest.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_CertificationRequest.lo `test -f 'asn1_CertificationRequest.c' || echo '$(srcdir)/'`asn1_CertificationRequest.c libhx509_la-hx509_err.lo: hx509_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-hx509_err.lo `test -f 'hx509_err.c' || echo '$(srcdir)/'`hx509_err.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libhx509_la-hx509_err.lo -MD -MP -MF $(DEPDIR)/libhx509_la-hx509_err.Tpo -c -o libhx509_la-hx509_err.lo `test -f 'hx509_err.c' || echo '$(srcdir)/'`hx509_err.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libhx509_la-hx509_err.Tpo $(DEPDIR)/libhx509_la-hx509_err.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='hx509_err.c' object='libhx509_la-hx509_err.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-hx509_err.lo `test -f 'hx509_err.c' || echo '$(srcdir)/'`hx509_err.c hxtool-hxtool.o: hxtool.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hxtool-hxtool.o `test -f 'hxtool.c' || echo '$(srcdir)/'`hxtool.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hxtool-hxtool.o -MD -MP -MF $(DEPDIR)/hxtool-hxtool.Tpo -c -o hxtool-hxtool.o `test -f 'hxtool.c' || echo '$(srcdir)/'`hxtool.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/hxtool-hxtool.Tpo $(DEPDIR)/hxtool-hxtool.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='hxtool.c' object='hxtool-hxtool.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hxtool-hxtool.o `test -f 'hxtool.c' || echo '$(srcdir)/'`hxtool.c hxtool-hxtool.obj: hxtool.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hxtool-hxtool.obj `if test -f 'hxtool.c'; then $(CYGPATH_W) 'hxtool.c'; else $(CYGPATH_W) '$(srcdir)/hxtool.c'; fi` +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hxtool-hxtool.obj -MD -MP -MF $(DEPDIR)/hxtool-hxtool.Tpo -c -o hxtool-hxtool.obj `if test -f 'hxtool.c'; then $(CYGPATH_W) 'hxtool.c'; else $(CYGPATH_W) '$(srcdir)/hxtool.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/hxtool-hxtool.Tpo $(DEPDIR)/hxtool-hxtool.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='hxtool.c' object='hxtool-hxtool.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hxtool-hxtool.obj `if test -f 'hxtool.c'; then $(CYGPATH_W) 'hxtool.c'; else $(CYGPATH_W) '$(srcdir)/hxtool.c'; fi` hxtool-hxtool-commands.o: hxtool-commands.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hxtool-hxtool-commands.o `test -f 'hxtool-commands.c' || echo '$(srcdir)/'`hxtool-commands.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hxtool-hxtool-commands.o -MD -MP -MF $(DEPDIR)/hxtool-hxtool-commands.Tpo -c -o hxtool-hxtool-commands.o `test -f 'hxtool-commands.c' || echo '$(srcdir)/'`hxtool-commands.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/hxtool-hxtool-commands.Tpo $(DEPDIR)/hxtool-hxtool-commands.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='hxtool-commands.c' object='hxtool-hxtool-commands.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hxtool-hxtool-commands.o `test -f 'hxtool-commands.c' || echo '$(srcdir)/'`hxtool-commands.c hxtool-hxtool-commands.obj: hxtool-commands.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hxtool-hxtool-commands.obj `if test -f 'hxtool-commands.c'; then $(CYGPATH_W) 'hxtool-commands.c'; else $(CYGPATH_W) '$(srcdir)/hxtool-commands.c'; fi` +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hxtool-hxtool-commands.obj -MD -MP -MF $(DEPDIR)/hxtool-hxtool-commands.Tpo -c -o hxtool-hxtool-commands.obj `if test -f 'hxtool-commands.c'; then $(CYGPATH_W) 'hxtool-commands.c'; else $(CYGPATH_W) '$(srcdir)/hxtool-commands.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/hxtool-hxtool-commands.Tpo $(DEPDIR)/hxtool-hxtool-commands.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='hxtool-commands.c' object='hxtool-hxtool-commands.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hxtool-hxtool-commands.obj `if test -f 'hxtool-commands.c'; then $(CYGPATH_W) 'hxtool-commands.c'; else $(CYGPATH_W) '$(srcdir)/hxtool-commands.c'; fi` + +test_name-test_name.o: test_name.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(test_name_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT test_name-test_name.o -MD -MP -MF $(DEPDIR)/test_name-test_name.Tpo -c -o test_name-test_name.o `test -f 'test_name.c' || echo '$(srcdir)/'`test_name.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/test_name-test_name.Tpo $(DEPDIR)/test_name-test_name.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_name.c' object='test_name-test_name.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(test_name_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o test_name-test_name.o `test -f 'test_name.c' || echo '$(srcdir)/'`test_name.c + +test_name-test_name.obj: test_name.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(test_name_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT test_name-test_name.obj -MD -MP -MF $(DEPDIR)/test_name-test_name.Tpo -c -o test_name-test_name.obj `if test -f 'test_name.c'; then $(CYGPATH_W) 'test_name.c'; else $(CYGPATH_W) '$(srcdir)/test_name.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/test_name-test_name.Tpo $(DEPDIR)/test_name-test_name.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_name.c' object='test_name-test_name.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(test_name_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o test_name-test_name.obj `if test -f 'test_name.c'; then $(CYGPATH_W) 'test_name.c'; else $(CYGPATH_W) '$(srcdir)/test_name.c'; fi` test_soft_pkcs11-test_soft_pkcs11.o: test_soft_pkcs11.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(test_soft_pkcs11_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o test_soft_pkcs11-test_soft_pkcs11.o `test -f 'test_soft_pkcs11.c' || echo '$(srcdir)/'`test_soft_pkcs11.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(test_soft_pkcs11_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT test_soft_pkcs11-test_soft_pkcs11.o -MD -MP -MF $(DEPDIR)/test_soft_pkcs11-test_soft_pkcs11.Tpo -c -o test_soft_pkcs11-test_soft_pkcs11.o `test -f 'test_soft_pkcs11.c' || echo '$(srcdir)/'`test_soft_pkcs11.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/test_soft_pkcs11-test_soft_pkcs11.Tpo $(DEPDIR)/test_soft_pkcs11-test_soft_pkcs11.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_soft_pkcs11.c' object='test_soft_pkcs11-test_soft_pkcs11.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(test_soft_pkcs11_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o test_soft_pkcs11-test_soft_pkcs11.o `test -f 'test_soft_pkcs11.c' || echo '$(srcdir)/'`test_soft_pkcs11.c test_soft_pkcs11-test_soft_pkcs11.obj: test_soft_pkcs11.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(test_soft_pkcs11_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o test_soft_pkcs11-test_soft_pkcs11.obj `if test -f 'test_soft_pkcs11.c'; then $(CYGPATH_W) 'test_soft_pkcs11.c'; else $(CYGPATH_W) '$(srcdir)/test_soft_pkcs11.c'; fi` +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(test_soft_pkcs11_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT test_soft_pkcs11-test_soft_pkcs11.obj -MD -MP -MF $(DEPDIR)/test_soft_pkcs11-test_soft_pkcs11.Tpo -c -o test_soft_pkcs11-test_soft_pkcs11.obj `if test -f 'test_soft_pkcs11.c'; then $(CYGPATH_W) 'test_soft_pkcs11.c'; else $(CYGPATH_W) '$(srcdir)/test_soft_pkcs11.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/test_soft_pkcs11-test_soft_pkcs11.Tpo $(DEPDIR)/test_soft_pkcs11-test_soft_pkcs11.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_soft_pkcs11.c' object='test_soft_pkcs11-test_soft_pkcs11.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(test_soft_pkcs11_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o test_soft_pkcs11-test_soft_pkcs11.obj `if test -f 'test_soft_pkcs11.c'; then $(CYGPATH_W) 'test_soft_pkcs11.c'; else $(CYGPATH_W) '$(srcdir)/test_soft_pkcs11.c'; fi` + +.l.c: + $(am__skiplex) $(SHELL) $(YLWRAP) $< $(LEX_OUTPUT_ROOT).c $@ -- $(LEXCOMPILE) + +.y.c: + $(am__skipyacc) $(SHELL) $(YLWRAP) $< y.tab.c $@ y.tab.h $*.h y.output $*.output -- $(YACCCOMPILE) mostlyclean-libtool: -rm -f *.lo @@ -949,90 +1391,101 @@ clean-libtool: install-dist_includeHEADERS: $(dist_include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(dist_include_HEADERS)'; for p in $$list; do \ + @list='$(dist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(dist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(dist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-dist_includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(dist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(dist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files install-nodist_includeHEADERS: $(nodist_include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nodist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-nodist_includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ srcdir=$(srcdir); export srcdir; \ list=' $(TESTS) '; \ + $(am__tty_colors); \ if test -n "$$list"; then \ for tst in $$list; do \ if test -f ./$$tst; then dir=./; \ @@ -1041,49 +1494,63 @@ check-TESTS: $(TESTS) if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xpass=`expr $$xpass + 1`; \ failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ + col=$$red; res=XPASS; \ ;; \ *) \ - echo "PASS: $$tst"; \ + col=$$grn; res=PASS; \ ;; \ esac; \ elif test $$? -ne 77; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ + col=$$lgn; res=XFAIL; \ ;; \ *) \ failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ + col=$$red; res=FAIL; \ ;; \ esac; \ else \ skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ + col=$$blu; res=SKIP; \ fi; \ + echo "$${col}$$res$${std}: $$tst"; \ done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ if test "$$failed" -eq 0; then \ if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ + banner="$$All$$all $$tests passed"; \ else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ fi; \ else \ if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ + banner="$$failed of $$all $$tests failed"; \ else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ fi; \ fi; \ dashes="$$banner"; \ skipped=""; \ if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ dashes="$$skipped"; \ fi; \ @@ -1094,11 +1561,15 @@ check-TESTS: $(TESTS) dashes="$$report"; \ fi; \ dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ + if test "$$failed" -eq 0; then \ + echo "$$grn$$dashes"; \ + else \ + echo "$$red$$dashes"; \ + fi; \ echo "$$banner"; \ test -z "$$skipped" || echo "$$skipped"; \ test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ + echo "$$dashes$$std"; \ test "$$failed" -eq 0; \ else :; fi @@ -1118,13 +1589,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -1165,10 +1640,14 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." + -rm -f sel-gram.c + -rm -f sel-gram.h + -rm -f sel-lex.c -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) clean: clean-am @@ -1176,6 +1655,7 @@ clean-am: clean-binPROGRAMS clean-checkPROGRAMS clean-generic \ clean-libLTLIBRARIES clean-libtool clean-local mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -1186,6 +1666,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -1194,26 +1676,35 @@ install-data-am: install-dist_includeHEADERS \ install-nodist_includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS install-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -1234,9 +1725,8 @@ uninstall-am: uninstall-binPROGRAMS uninstall-dist_includeHEADERS \ uninstall-libLTLIBRARIES uninstall-nodist_includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: all check check-am install install-am install-data-am \ + install-exec-am install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ check-local clean clean-binPROGRAMS clean-checkPROGRAMS \ @@ -1327,6 +1817,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -1412,7 +1905,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -1425,25 +1918,28 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done -$(libhx509_la_OBJECTS): $(srcdir)/version-script.map -$(gen_files_ocsp) ocsp_asn1.h: ocsp_asn1_files -$(gen_files_pkcs10) pkcs10_asn1.h: pkcs10_asn1_files -$(gen_files_crmf) crmf_asn1.h: crmf_asn1_files +sel-lex.c: sel-gram.h +$(libhx509_la_OBJECTS): $(srcdir)/version-script.map $(nodist_include_HEADERS) $(priv_headers) -ocsp_asn1_files: $(asn1_compile) $(srcdir)/ocsp.asn1 - $(asn1_compile) --preserve-binary=OCSPTBSRequest --preserve-binary=OCSPResponseData $(srcdir)/ocsp.asn1 ocsp_asn1 || (rm -f ocsp_asn1_files ; exit 1) +$(gen_files_ocsp) ocsp_asn1.hx ocsp_asn1-priv.hx: ocsp_asn1_files +$(gen_files_pkcs10) pkcs10_asn1.hx pkcs10_asn1-priv.hx: pkcs10_asn1_files +$(gen_files_crmf) crmf_asn1.hx crmf_asn1-priv.hx: crmf_asn1_files -pkcs10_asn1_files: $(asn1_compile) $(srcdir)/pkcs10.asn1 - $(asn1_compile) --preserve-binary=CertificationRequestInfo $(srcdir)/pkcs10.asn1 pkcs10_asn1 || (rm -f pkcs10_asn1_files ; exit 1) +ocsp_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/ocsp.asn1 $(srcdir)/ocsp.opt + $(ASN1_COMPILE) --option-file=$(srcdir)/ocsp.opt $(srcdir)/ocsp.asn1 ocsp_asn1 || (rm -f ocsp_asn1_files ; exit 1) -crmf_asn1_files: $(asn1_compile) $(srcdir)/crmf.asn1 - $(asn1_compile) $(srcdir)/crmf.asn1 crmf_asn1 || (rm -f crmf_asn1_files ; exit 1) +pkcs10_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/pkcs10.asn1 $(srcdir)/pkcs10.opt + $(ASN1_COMPILE) --option-file=$(srcdir)/pkcs10.opt $(srcdir)/pkcs10.asn1 pkcs10_asn1 || (rm -f pkcs10_asn1_files ; exit 1) -$(libhx509_la_OBJECTS): $(srcdir)/hx509-protos.h $(srcdir)/hx509-private.h +crmf_asn1_files: $(ASN1_COMPILE_DEP) $(srcdir)/crmf.asn1 + $(ASN1_COMPILE) $(srcdir)/crmf.asn1 crmf_asn1 || (rm -f crmf_asn1_files ; exit 1) + +$(libhx509_la_OBJECTS): $(srcdir)/hx509-protos.h $(srcdir)/hx509-private.h $(srcdir)/hx_locl.h +$(libhx509_la_OBJECTS): ocsp_asn1.h pkcs10_asn1.h $(srcdir)/hx509-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -R '^(_|^C)' -E HX509_LIB_FUNCTION -q -P comment -o hx509-protos.h $(dist_libhx509_la_SOURCES) || rm -f hx509-protos.h + cd $(srcdir) && perl ../../cf/make-proto.pl -R '^(_|^C)' -E HX509_LIB -q -P comment -o hx509-protos.h $(dist_libhx509_la_SOURCES) || rm -f hx509-protos.h $(srcdir)/hx509-private.h: cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p hx509-private.h $(dist_libhx509_la_SOURCES) || rm -f hx509-private.h @@ -1525,6 +2021,7 @@ test_query: test_query.in Makefile $(do_subst) < $(srcdir)/test_query.in > test_query.tmp chmod +x test_query.tmp mv test_query.tmp test_query + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/hx509/NTMakefile b/lib/hx509/NTMakefile new file mode 100644 index 000000000000..99116d76ed26 --- /dev/null +++ b/lib/hx509/NTMakefile @@ -0,0 +1,215 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\hx509 +intcflags=-I$(SRCDIR)\ref -I$(OBJ) +localcflags=-DASN1_LIB + +!include ../../windows/NTMakefile.w32 + +gen_files_ocsp = $(OBJ)\asn1_ocsp_asn1.x + +gen_files_pkcs10 = $(OBJ)\asn1_pkcs10_asn1.x + +gen_files_crmf = $(OBJ)\asn1_crmf_asn1.x + +libhx509_la_OBJS = \ + $(OBJ)\ca.obj \ + $(OBJ)\cert.obj \ + $(OBJ)\cms.obj \ + $(OBJ)\collector.obj \ + $(OBJ)\crypto.obj \ + $(OBJ)\error.obj \ + $(OBJ)\env.obj \ + $(OBJ)\file.obj \ + $(OBJ)\hx509_err.obj \ + $(OBJ)\sel.obj \ + $(OBJ)\sel-gram.obj \ + $(OBJ)\sel-lex.obj \ + $(OBJ)\keyset.obj \ + $(OBJ)\ks_dir.obj \ + $(OBJ)\ks_file.obj \ + $(OBJ)\ks_mem.obj \ + $(OBJ)\ks_null.obj \ + $(OBJ)\ks_p11.obj \ + $(OBJ)\ks_p12.obj \ + $(OBJ)\ks_keychain.obj \ + $(OBJ)\lock.obj \ + $(OBJ)\name.obj \ + $(OBJ)\peer.obj \ + $(OBJ)\print.obj \ + $(OBJ)\softp11.obj \ + $(OBJ)\req.obj \ + $(OBJ)\revoke.obj \ + $(gen_files_ocsp:.x=.obj) \ + $(gen_files_pkcs10:.x=.obj) + +$(LIBHX509): $(libhx509_la_OBJS) + $(LIBCON) + +dist_libhx509_la_SOURCES = \ + $(SRCDIR)\ca.c \ + $(SRCDIR)\cert.c \ + $(SRCDIR)\cms.c \ + $(SRCDIR)\collector.c \ + $(SRCDIR)\crypto.c \ + $(SRCDIR)\doxygen.c \ + $(SRCDIR)\error.c \ + $(SRCDIR)\env.c \ + $(SRCDIR)\file.c \ + $(SRCDIR)\hx509.h \ + $(SRCDIR)\hx_locl.h \ + $(SRCDIR)\sel.c \ + $(SRCDIR)\sel.h \ + $(SRCDIR)\sel-gram.y \ + $(SRCDIR)\sel-lex.l \ + $(SRCDIR)\keyset.c \ + $(SRCDIR)\ks_dir.c \ + $(SRCDIR)\ks_file.c \ + $(SRCDIR)\ks_mem.c \ + $(SRCDIR)\ks_null.c \ + $(SRCDIR)\ks_p11.c \ + $(SRCDIR)\ks_p12.c \ + $(SRCDIR)\ks_keychain.c \ + $(SRCDIR)\lock.c \ + $(SRCDIR)\name.c \ + $(SRCDIR)\peer.c \ + $(SRCDIR)\print.c \ + $(SRCDIR)\softp11.c \ + $(SRCDIR)\ref\pkcs11.h \ + $(SRCDIR)\req.c \ + $(SRCDIR)\revoke.c + +asn1_compile=$(BINDIR)\asn1_compile.exe + +$(gen_files_ocsp:.x=.c): $$(@R).x + +$(gen_files_pkcs10:.x=.c): $$(@R).x + +$(gen_files_crmf:.x=.c): $$(@R).x + +$(gen_files_ocsp) $(OBJ)\ocsp_asn1.hx: $(asn1_compile) ocsp.asn1 + cd $(OBJ) + $(asn1_compile) --one-code-file \ + --preserve-binary=OCSPTBSRequest \ + --preserve-binary=OCSPResponseData \ + $(SRCDIR)\ocsp.asn1 ocsp_asn1 \ + || ( $(RM) -f $(gen_files_ocsp) $(OBJ)\ocsp_asn1.h ; exit /b 1 ) + cd $(SRCDIR) + +$(gen_files_pkcs10) $(OBJ)\pkcs10_asn1.hx: $(asn1_compile) pkcs10.asn1 + cd $(OBJ) + $(asn1_compile) --one-code-file \ + --preserve-binary=CertificationRequestInfo \ + $(SRCDIR)\pkcs10.asn1 pkcs10_asn1 \ + || ( $(RM) -f $(gen_files_pkcs10) $(OBJ)\pkcs10_asn1.h ; exit /b 1 ) + cd $(SRCDIR) + +$(gen_files_crmf) $(OBJ)\crmf_asn1.hx: $(asn1_compile) crmf.asn1 + cd $(OBJ) + $(asn1_compile) --one-code-file $(SRCDIR)\crmf.asn1 crmf_asn1 \ + || ( $(RM) -f $(gen_files_crmf) $(OBJ)\crmf_asn1.h ; exit /b 1 ) + cd $(SRCDIR) + +INCFILES= \ + $(INCDIR)\hx509.h \ + $(INCDIR)\hx509-protos.h \ + $(INCDIR)\hx509-private.h \ + $(INCDIR)\hx509_err.h \ + $(INCDIR)\ocsp_asn1.h \ + $(INCDIR)\pkcs10_asn1.h \ + $(INCDIR)\crmf_asn1.h \ + $(OBJ)\ocsp_asn1-priv.h \ + $(OBJ)\pkcs10_asn1-priv.h \ + $(OBJ)\crmf_asn1-priv.h + +hxtool.c: $(OBJ)\hxtool-commands.h + +SLC=$(BINDIR)\slc.exe + +$(OBJ)\hxtool-commands.c $(OBJ)\hxtool-commands.h: hxtool-commands.in $(SLC) + cd $(OBJ) + $(CP) $(SRCDIR)\hxtool-commands.in $(OBJ)\hxtool-commands.in + $(SLC) hxtool-commands.in + cd $(SRCDIR) + +$(BINDIR)\hxtool.exe: $(OBJ)\tool\hxtool.obj $(OBJ)\tool\hxtool-commands.obj $(LIBHEIMDAL) $(OBJ)\hxtool-version.res + $(EXECONLINK) $(LIBHEIMDAL) $(LIBROKEN) $(LIBSL) $(LIBVERS) $(LIBCOMERR) + $(EXEPREP) + +$(OBJ)\hx509-protos.h: + cd $(OBJ) + $(PERL) $(SRCDIR)\..\..\cf\make-proto.pl -R "^(_|^C)" -E HX509_LIB -q -P remove -o hx509-protos.h $(dist_libhx509_la_SOURCES) || $(RM) -f hx509-protos.h + cd $(SRCDIR) + +$(OBJ)\hx509-private.h: + cd $(OBJ) + $(PERL) $(SRCDIR)\..\..\cf\make-proto.pl -q -P remove -p hx509-private.h $(dist_libhx509_la_SOURCES) || $(RM) -f hx509-private.h + cd $(SRCDIR) + +$(OBJ)\hx509_err.c $(OBJ)\hx509_err.h: hx509_err.et + cd $(OBJ) + $(BINDIR)\compile_et.exe $(SRCDIR)\hx509_err.et + cd $(SRCDIR) + +$(OBJ)\sel-gram.obj: $(OBJ)\sel-gram.c + $(C2OBJ) -I$(SRCDIR) + +$(OBJ)\sel-lex.obj: $(OBJ)\sel-lex.c + $(C2OBJ) -I$(SRCDIR) -I$(OBJ) -DYY_NO_UNISTD_H + +$(OBJ)\sel-gram.c: sel-gram.y + $(YACC) -o $@ --defines=$(OBJ)\sel-gram.h sel-gram.y + +$(OBJ)\sel-lex.c: sel-lex.l + $(LEX) -o$@ sel-lex.l + +all:: $(INCFILES) $(LIBHX509) + +prep:: mktooldir + +mktooldir: +! if !exist($(OBJ)\tool) + $(MKDIR) $(OBJ)\tool +! endif + +all-tools:: $(BINDIR)\hxtool.exe + +clean:: + -$(RM) $(BINDIR)\hxtool.* + -$(RM) $(OBJ)\tool\*.* + +{}.c{$(OBJ)\tool}.obj:: + $(C2OBJ_C) /Fd$(OBJ)\tool\ /Fo$(OBJ)\tool\ $(MPOPT) /UASN1_LIB $< + +{$(OBJ)}.c{$(OBJ)\tool}.obj:: + $(C2OBJ_C) /Fd$(OBJ)\tool\ /Fo$(OBJ)\tool\ $(MPOPT) /UASN1_LIB $< + diff --git a/lib/hx509/TODO b/lib/hx509/TODO new file mode 100644 index 000000000000..ecdfa8d5b6a1 --- /dev/null +++ b/lib/hx509/TODO @@ -0,0 +1,61 @@ +Handle private_key_ops better, esp wrt ->key_oid + +Better support for keyex negotiation, DH and ECDH. + +x501 name + parsing + comparing (ldap canonlisation rules) + +DSA support +DSA2 support + +Rewrite the pkcs11 code to support the following: + + * Reset the pin on card change. + * Ref count the lock structure to make sure we have a + prompter when we need it. + * Add support for CK_TOKEN_INFO.CKF_PROTECTED_AUTHENTICATION_PATH + +x509 policy mappings support + +CRL delta support + +Qualified statement + https://bugzilla.mozilla.org/show_bug.cgi?id=277797#c2 + + +Signed Receipts + http://www.faqs.org/rfcs/rfc2634.html + chapter 2 + +tests + nist tests + name constrains + policy mappings + http://csrc.nist.gov/pki/testing/x509paths.html + + building path using Subject/Issuer vs SubjKeyID vs AuthKeyID + negative tests + all checksums + conditions/branches + +pkcs7 + handle pkcs7 support in CMS ? + +certificate request + generate pkcs10 request + from existing cert + generate CRMF request + pk-init KDC/client + web server/client + jabber server/client + email + + +x509 issues: + + OtherName is left unspecified, but it's used by other + specs. creating this hole where a application/CA can't specify + policy for SubjectAltName what covers whole space. For example, a + CA is trusted to provide authentication but not authorization. + diff --git a/lib/hx509/ca.c b/lib/hx509/ca.c index 40260700b3fa..cb5a7be62cc3 100644 --- a/lib/hx509/ca.c +++ b/lib/hx509/ca.c @@ -1,39 +1,38 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" #include -RCSID("$Id: ca.c 22456 2008-01-15 20:22:53Z lha $"); /** * @page page_ca Hx509 CA functions @@ -54,11 +53,15 @@ struct hx509_ca_tbs { unsigned int key:1; unsigned int serial:1; unsigned int domaincontroller:1; + unsigned int xUniqueID:1; } flags; time_t notBefore; time_t notAfter; int pathLenConstraint; /* both for CA and Proxy */ CRLDistributionPoints crldp; + heim_bit_string subjectUniqueID; + heim_bit_string issuerUniqueID; + }; /** @@ -81,15 +84,6 @@ hx509_ca_tbs_init(hx509_context context, hx509_ca_tbs *tbs) if (*tbs == NULL) return ENOMEM; - (*tbs)->subject = NULL; - (*tbs)->san.len = 0; - (*tbs)->san.val = NULL; - (*tbs)->eku.len = 0; - (*tbs)->eku.val = NULL; - (*tbs)->pathLenConstraint = 0; - (*tbs)->crldp.len = 0; - (*tbs)->crldp.val = NULL; - return 0; } @@ -112,7 +106,8 @@ hx509_ca_tbs_free(hx509_ca_tbs *tbs) free_ExtKeyUsage(&(*tbs)->eku); der_free_heim_integer(&(*tbs)->serial); free_CRLDistributionPoints(&(*tbs)->crldp); - + der_free_bit_string(&(*tbs)->subjectUniqueID); + der_free_bit_string(&(*tbs)->issuerUniqueID); hx509_name_free(&(*tbs)->subject); memset(*tbs, 0, sizeof(**tbs)); @@ -236,7 +231,7 @@ hx509_ca_tbs_set_template(hx509_context context, hx509_name_free(&tbs->subject); ret = hx509_cert_get_subject(cert, &tbs->subject); if (ret) { - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Failed to get subject from template"); return ret; } @@ -246,7 +241,7 @@ hx509_ca_tbs_set_template(hx509_context context, ret = hx509_cert_get_serialnumber(cert, &tbs->serial); tbs->flags.serial = !ret; if (ret) { - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Failed to copy serial number"); return ret; } @@ -271,7 +266,7 @@ hx509_ca_tbs_set_template(hx509_context context, } if (flags & HX509_CA_TEMPLATE_EKU) { ExtKeyUsage eku; - int i; + size_t i; ret = _hx509_cert_get_eku(context, cert, &eku); if (ret) return ret; @@ -473,7 +468,7 @@ hx509_ca_tbs_add_crl_dp_uri(hx509_context context, int ret; memset(&dp, 0, sizeof(dp)); - + dp.distributionPoint = ecalloc(1, sizeof(*dp.distributionPoint)); { @@ -486,10 +481,11 @@ hx509_ca_tbs_add_crl_dp_uri(hx509_context context, name.u.fullName.val = &gn; gn.element = choice_GeneralName_uniformResourceIdentifier; - gn.u.uniformResourceIdentifier = rk_UNCONST(uri); + gn.u.uniformResourceIdentifier.data = rk_UNCONST(uri); + gn.u.uniformResourceIdentifier.length = strlen(uri); - ASN1_MALLOC_ENCODE(DistributionPointName, - dp.distributionPoint->data, + ASN1_MALLOC_ENCODE(DistributionPointName, + dp.distributionPoint->data, dp.distributionPoint->length, &name, &size, ret); if (ret) { @@ -509,7 +505,7 @@ hx509_ca_tbs_add_crl_dp_uri(hx509_context context, hx509_set_error_string(context, 0, EINVAL, "CRLDistributionPoints.name.issuername not yet supported"); return EINVAL; -#else +#else GeneralNames *crlissuer; GeneralName gn; Name n; @@ -579,7 +575,7 @@ hx509_ca_tbs_add_san_otherName(hx509_context context, gn.element = choice_GeneralName_otherName; gn.u.otherName.type_id = *oid; gn.u.otherName.value = *os; - + return add_GeneralNames(&tbs->san, &gn); } @@ -614,14 +610,14 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context, const char *str; char *q; int n; - + /* count number of component */ n = 1; for(str = principal; *str != '\0' && *str != '@'; str++){ if(*str=='\\'){ if(str[1] == '\0' || str[1] == '@') { ret = HX509_PARSING_NAME_FAILED; - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "trailing \\ in principal name"); goto out; } @@ -629,7 +625,7 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context, } else if(*str == '/') n++; } - p.principalName.name_string.val = + p.principalName.name_string.val = calloc(n, sizeof(*p.principalName.name_string.val)); if (p.principalName.name_string.val == NULL) { ret = ENOMEM; @@ -637,7 +633,7 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context, goto out; } p.principalName.name_string.len = n; - + p.principalName.name_type = KRB5_NT_PRINCIPAL; q = s = strdup(principal); if (q == NULL) { @@ -661,7 +657,7 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context, *q++ = '\0'; } } - + ASN1_MALLOC_ENCODE(KRB5PrincipalName, os.data, os.length, &p, &size, ret); if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); @@ -669,10 +665,10 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context, } if (size != os.length) _hx509_abort("internal ASN.1 encoder error"); - + ret = hx509_ca_tbs_add_san_otherName(context, tbs, - oid_id_pkinit_san(), + &asn1_oid_id_pkinit_san, &os); free(os.data); out: @@ -682,7 +678,7 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context, free(s); return ret; } - + /* * */ @@ -693,7 +689,7 @@ add_utf8_san(hx509_context context, const heim_oid *oid, const char *string) { - const PKIXXmppAddr ustring = (const PKIXXmppAddr)string; + const PKIXXmppAddr ustring = (const PKIXXmppAddr)(intptr_t)string; heim_octet_string os; size_t size; int ret; @@ -708,7 +704,7 @@ add_utf8_san(hx509_context context, } if (size != os.length) _hx509_abort("internal ASN.1 encoder error"); - + ret = hx509_ca_tbs_add_san_otherName(context, tbs, oid, @@ -736,7 +732,7 @@ hx509_ca_tbs_add_san_ms_upn(hx509_context context, hx509_ca_tbs tbs, const char *principal) { - return add_utf8_san(context, tbs, oid_id_pkinit_ms_san(), principal); + return add_utf8_san(context, tbs, &asn1_oid_id_pkinit_ms_san, principal); } /** @@ -757,7 +753,7 @@ hx509_ca_tbs_add_san_jid(hx509_context context, hx509_ca_tbs tbs, const char *jid) { - return add_utf8_san(context, tbs, oid_id_pkix_on_xmppAddr(), jid); + return add_utf8_san(context, tbs, &asn1_oid_id_pkix_on_xmppAddr, jid); } @@ -786,8 +782,9 @@ hx509_ca_tbs_add_san_hostname(hx509_context context, memset(&gn, 0, sizeof(gn)); gn.element = choice_GeneralName_dNSName; - gn.u.dNSName = rk_UNCONST(dnsname); - + gn.u.dNSName.data = rk_UNCONST(dnsname); + gn.u.dNSName.length = strlen(dnsname); + return add_GeneralNames(&tbs->san, &gn); } @@ -813,8 +810,9 @@ hx509_ca_tbs_add_san_rfc822name(hx509_context context, memset(&gn, 0, sizeof(gn)); gn.element = choice_GeneralName_rfc822Name; - gn.u.rfc822Name = rk_UNCONST(rfc822Name); - + gn.u.rfc822Name.data = rk_UNCONST(rfc822Name); + gn.u.rfc822Name.length = strlen(rfc822Name); + return add_GeneralNames(&tbs->san, &gn); } @@ -840,6 +838,50 @@ hx509_ca_tbs_set_subject(hx509_context context, return hx509_name_copy(context, subject, &tbs->subject); } +/** + * Set the issuerUniqueID and subjectUniqueID + * + * These are only supposed to be used considered with version 2 + * certificates, replaced by the two extensions SubjectKeyIdentifier + * and IssuerKeyIdentifier. This function is to allow application + * using legacy protocol to issue them. + * + * @param context A hx509 context. + * @param tbs object to be signed. + * @param issuerUniqueID to be set + * @param subjectUniqueID to be set + * + * @return An hx509 error code, see hx509_get_error_string(). + * + * @ingroup hx509_ca + */ + +int +hx509_ca_tbs_set_unique(hx509_context context, + hx509_ca_tbs tbs, + const heim_bit_string *subjectUniqueID, + const heim_bit_string *issuerUniqueID) +{ + int ret; + + der_free_bit_string(&tbs->subjectUniqueID); + der_free_bit_string(&tbs->issuerUniqueID); + + if (subjectUniqueID) { + ret = der_copy_bit_string(subjectUniqueID, &tbs->subjectUniqueID); + if (ret) + return ret; + } + + if (issuerUniqueID) { + ret = der_copy_bit_string(issuerUniqueID, &tbs->issuerUniqueID); + if (ret) + return ret; + } + + return 0; +} + /** * Expand the the subject name in the to-be-signed certificate object * using hx509_name_expand(). @@ -862,6 +904,10 @@ hx509_ca_tbs_subject_expand(hx509_context context, return hx509_name_expand(context, tbs->subject, env); } +/* + * + */ + static int add_extension(hx509_context context, TBSCertificate *tbsc, @@ -926,7 +972,7 @@ build_proxy_prefix(hx509_context context, const Name *issuer, Name *subject) return ENOMEM; } /* prefix with CN=,...*/ - ret = _hx509_name_modify(context, subject, 1, oid_id_at_commonName(), tstr); + ret = _hx509_name_modify(context, subject, 1, &asn1_oid_id_at_commonName, tstr); free(tstr); if (ret) free_Name(subject); @@ -1005,7 +1051,7 @@ ca_sign(hx509_context context, return EINVAL; } if (hx509_name_is_null_p(tbs->subject) && tbs->san.len == 0) { - hx509_set_error_string(context, 0, EINVAL, + hx509_set_error_string(context, 0, EINVAL, "NULL subject and no SubjectAltNames"); return EINVAL; } @@ -1017,7 +1063,7 @@ ca_sign(hx509_context context, } if (tbs->flags.proxy) { if (tbs->san.len > 0) { - hx509_set_error_string(context, 0, EINVAL, + hx509_set_error_string(context, 0, EINVAL, "Proxy certificate is not allowed " "to have SubjectAltNames"); return EINVAL; @@ -1091,7 +1137,35 @@ ca_sign(hx509_context context, goto out; } /* issuerUniqueID [1] IMPLICIT BIT STRING OPTIONAL */ + if (tbs->issuerUniqueID.length) { + tbsc->issuerUniqueID = calloc(1, sizeof(*tbsc->issuerUniqueID)); + if (tbsc->issuerUniqueID == NULL) { + ret = ENOMEM; + hx509_set_error_string(context, 0, ret, "Out of memory"); + goto out; + } + ret = der_copy_bit_string(&tbs->issuerUniqueID, tbsc->issuerUniqueID); + if (ret) { + hx509_set_error_string(context, 0, ret, "Out of memory"); + goto out; + } + } /* subjectUniqueID [2] IMPLICIT BIT STRING OPTIONAL */ + if (tbs->subjectUniqueID.length) { + tbsc->subjectUniqueID = calloc(1, sizeof(*tbsc->subjectUniqueID)); + if (tbsc->subjectUniqueID == NULL) { + ret = ENOMEM; + hx509_set_error_string(context, 0, ret, "Out of memory"); + goto out; + } + + ret = der_copy_bit_string(&tbs->subjectUniqueID, tbsc->subjectUniqueID); + if (ret) { + hx509_set_error_string(context, 0, ret, "Out of memory"); + goto out; + } + } + /* extensions [3] EXPLICIT Extensions OPTIONAL */ tbsc->extensions = calloc(1, sizeof(*tbsc->extensions)); if (tbsc->extensions == NULL) { @@ -1099,7 +1173,7 @@ ca_sign(hx509_context context, hx509_set_error_string(context, 0, ret, "Out of memory"); goto out; } - + /* Add the text BMP string Domaincontroller to the cert */ if (tbs->flags.domaincontroller) { data.data = rk_UNCONST("\x1e\x20\x00\x44\x00\x6f\x00\x6d" @@ -1110,7 +1184,7 @@ ca_sign(hx509_context context, data.length = 34; ret = add_extension(context, tbsc, 0, - oid_id_ms_cert_enroll_domaincontroller(), + &asn1_oid_id_ms_cert_enroll_domaincontroller, &data); if (ret) goto out; @@ -1129,7 +1203,7 @@ ca_sign(hx509_context context, if (size != data.length) _hx509_abort("internal ASN.1 encoder error"); ret = add_extension(context, tbsc, 1, - oid_id_x509_ce_keyUsage(), &data); + &asn1_oid_id_x509_ce_keyUsage, &data); free(data.data); if (ret) goto out; @@ -1137,7 +1211,7 @@ ca_sign(hx509_context context, /* add ExtendedKeyUsage */ if (tbs->eku.len > 0) { - ASN1_MALLOC_ENCODE(ExtKeyUsage, data.data, data.length, + ASN1_MALLOC_ENCODE(ExtKeyUsage, data.data, data.length, &tbs->eku, &size, ret); if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); @@ -1146,7 +1220,7 @@ ca_sign(hx509_context context, if (size != data.length) _hx509_abort("internal ASN.1 encoder error"); ret = add_extension(context, tbsc, 0, - oid_id_x509_ce_extKeyUsage(), &data); + &asn1_oid_id_x509_ce_extKeyUsage, &data); free(data.data); if (ret) goto out; @@ -1154,7 +1228,7 @@ ca_sign(hx509_context context, /* add Subject Alternative Name */ if (tbs->san.len > 0) { - ASN1_MALLOC_ENCODE(GeneralNames, data.data, data.length, + ASN1_MALLOC_ENCODE(GeneralNames, data.data, data.length, &tbs->san, &size, ret); if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); @@ -1163,7 +1237,7 @@ ca_sign(hx509_context context, if (size != data.length) _hx509_abort("internal ASN.1 encoder error"); ret = add_extension(context, tbsc, 0, - oid_id_x509_ce_subjectAltName(), + &asn1_oid_id_x509_ce_subjectAltName, &data); free(data.data); if (ret) @@ -1172,7 +1246,7 @@ ca_sign(hx509_context context, /* Add Authority Key Identifier */ if (ai) { - ASN1_MALLOC_ENCODE(AuthorityKeyIdentifier, data.data, data.length, + ASN1_MALLOC_ENCODE(AuthorityKeyIdentifier, data.data, data.length, ai, &size, ret); if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); @@ -1181,7 +1255,7 @@ ca_sign(hx509_context context, if (size != data.length) _hx509_abort("internal ASN.1 encoder error"); ret = add_extension(context, tbsc, 0, - oid_id_x509_ce_authorityKeyIdentifier(), + &asn1_oid_id_x509_ce_authorityKeyIdentifier, &data); free(data.data); if (ret) @@ -1194,18 +1268,20 @@ ca_sign(hx509_context context, unsigned char hash[SHA_DIGEST_LENGTH]; { - SHA_CTX m; - - SHA1_Init(&m); - SHA1_Update(&m, tbs->spki.subjectPublicKey.data, - tbs->spki.subjectPublicKey.length / 8); - SHA1_Final (hash, &m); + EVP_MD_CTX *ctx; + + ctx = EVP_MD_CTX_create(); + EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); + EVP_DigestUpdate(ctx, tbs->spki.subjectPublicKey.data, + tbs->spki.subjectPublicKey.length / 8); + EVP_DigestFinal_ex(ctx, hash, NULL); + EVP_MD_CTX_destroy(ctx); } si.data = hash; si.length = sizeof(hash); - ASN1_MALLOC_ENCODE(SubjectKeyIdentifier, data.data, data.length, + ASN1_MALLOC_ENCODE(SubjectKeyIdentifier, data.data, data.length, &si, &size, ret); if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); @@ -1214,18 +1290,18 @@ ca_sign(hx509_context context, if (size != data.length) _hx509_abort("internal ASN.1 encoder error"); ret = add_extension(context, tbsc, 0, - oid_id_x509_ce_subjectKeyIdentifier(), + &asn1_oid_id_x509_ce_subjectKeyIdentifier, &data); free(data.data); if (ret) goto out; } - /* Add BasicConstraints */ + /* Add BasicConstraints */ { BasicConstraints bc; int aCA = 1; - uint32_t path; + unsigned int path; memset(&bc, 0, sizeof(bc)); @@ -1237,7 +1313,7 @@ ca_sign(hx509_context context, } } - ASN1_MALLOC_ENCODE(BasicConstraints, data.data, data.length, + ASN1_MALLOC_ENCODE(BasicConstraints, data.data, data.length, &bc, &size, ret); if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); @@ -1247,7 +1323,7 @@ ca_sign(hx509_context context, _hx509_abort("internal ASN.1 encoder error"); /* Critical if this is a CA */ ret = add_extension(context, tbsc, tbs->flags.ca, - oid_id_x509_ce_basicConstraints(), + &asn1_oid_id_x509_ce_basicConstraints, &data); free(data.data); if (ret) @@ -1261,7 +1337,7 @@ ca_sign(hx509_context context, memset(&info, 0, sizeof(info)); if (tbs->pathLenConstraint >= 0) { - info.pCPathLenConstraint = + info.pCPathLenConstraint = malloc(sizeof(*info.pCPathLenConstraint)); if (info.pCPathLenConstraint == NULL) { ret = ENOMEM; @@ -1271,7 +1347,7 @@ ca_sign(hx509_context context, *info.pCPathLenConstraint = tbs->pathLenConstraint; } - ret = der_copy_oid(oid_id_pkix_ppl_inheritAll(), + ret = der_copy_oid(&asn1_oid_id_pkix_ppl_inheritAll, &info.proxyPolicy.policyLanguage); if (ret) { free_ProxyCertInfo(&info); @@ -1279,7 +1355,7 @@ ca_sign(hx509_context context, goto out; } - ASN1_MALLOC_ENCODE(ProxyCertInfo, data.data, data.length, + ASN1_MALLOC_ENCODE(ProxyCertInfo, data.data, data.length, &info, &size, ret); free_ProxyCertInfo(&info); if (ret) { @@ -1289,7 +1365,7 @@ ca_sign(hx509_context context, if (size != data.length) _hx509_abort("internal ASN.1 encoder error"); ret = add_extension(context, tbsc, 0, - oid_id_pkix_pe_proxyCertInfo(), + &asn1_oid_id_pkix_pe_proxyCertInfo, &data); free(data.data); if (ret) @@ -1307,7 +1383,7 @@ ca_sign(hx509_context context, if (size != data.length) _hx509_abort("internal ASN.1 encoder error"); ret = add_extension(context, tbsc, FALSE, - oid_id_x509_ce_cRLDistributionPoints(), + &asn1_oid_id_x509_ce_cRLDistributionPoints, &data); free(data.data); if (ret) @@ -1377,14 +1453,14 @@ get_AuthorityKeyIdentifier(hx509_context context, memset(&gns, 0, sizeof(gns)); memset(&name, 0, sizeof(name)); - ai->authorityCertIssuer = + ai->authorityCertIssuer = calloc(1, sizeof(*ai->authorityCertIssuer)); if (ai->authorityCertIssuer == NULL) { ret = ENOMEM; hx509_set_error_string(context, 0, ret, "Out of memory"); goto out; } - ai->authorityCertSerialNumber = + ai->authorityCertSerialNumber = calloc(1, sizeof(*ai->authorityCertSerialNumber)); if (ai->authorityCertSerialNumber == NULL) { ret = ENOMEM; @@ -1392,22 +1468,21 @@ get_AuthorityKeyIdentifier(hx509_context context, goto out; } - /* + /* * XXX unbreak when asn1 compiler handle IMPLICIT * * This is so horrible. */ ret = copy_Name(&certificate->tbsCertificate.subject, &name); - if (ai->authorityCertSerialNumber == NULL) { - ret = ENOMEM; + if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); goto out; } memset(&gn, 0, sizeof(gn)); gn.element = choice_GeneralName_directoryName; - gn.u.directoryName.element = + gn.u.directoryName.element = choice_GeneralName_directoryName_rdnSequence; gn.u.directoryName.u.rdnSequence = name.u.rdnSequence; @@ -1436,7 +1511,7 @@ get_AuthorityKeyIdentifier(hx509_context context, /** - * Sign a to-be-signed certificate object with a issuer certificate. + * Sign a to-be-signed certificate object with a issuer certificate. * * The caller needs to at least have called the following functions on the * to-be-signed certificate object: @@ -1478,7 +1553,7 @@ hx509_ca_sign(hx509_context context, goto out; ret = ca_sign(context, - tbs, + tbs, _hx509_cert_private_key(signer), &ai, &signer_cert->tbsCertificate.subject, @@ -1510,7 +1585,7 @@ hx509_ca_sign_self(hx509_context context, hx509_cert *certificate) { return ca_sign(context, - tbs, + tbs, signer, NULL, NULL, diff --git a/lib/hx509/cert.c b/lib/hx509/cert.c index 1520e23cb1dd..70e575603779 100644 --- a/lib/hx509/cert.c +++ b/lib/hx509/cert.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: cert.c 22450 2008-01-15 19:39:14Z lha $"); #include "crypto-headers.h" #include @@ -59,6 +58,7 @@ struct hx509_verify_ctx_data { #define HX509_VERIFY_CTX_F_REQUIRE_RFC3280 4 #define HX509_VERIFY_CTX_F_CHECK_TRUST_ANCHORS 8 #define HX509_VERIFY_CTX_F_NO_DEFAULT_ANCHORS 16 +#define HX509_VERIFY_CTX_F_NO_BEST_BEFORE_CHECK 32 time_t time_now; unsigned int max_depth; #define HX509_VERIFY_MAX_DEPTH 30 @@ -138,10 +138,10 @@ hx509_context_init(hx509_context *context) /** * Selects if the hx509_revoke_verify() function is going to require - * the existans of a revokation method (OSCP, CRL) or not. Note that + * the existans of a revokation method (OCSP, CRL) or not. Note that * hx509_verify_path(), hx509_cms_verify_signed(), and other function * call hx509_revoke_verify(). - * + * * @param context hx509 context to change the flag for. * @param flag zero, revokation method required, non zero missing * revokation method ok @@ -160,7 +160,7 @@ hx509_context_set_missing_revoke(hx509_context context, int flag) /** * Free the context allocated by hx509_context_init(). - * + * * @param context context to be freed. * * @ingroup hx509 @@ -205,7 +205,7 @@ _hx509_cert_get_version(const Certificate *t) /** * Allocate and init an hx509 certificate object from the decoded - * certificate `c´. + * certificate `c´. * * @param context A hx509 context. * @param c @@ -268,7 +268,7 @@ hx509_cert_init(hx509_context context, const Certificate *c, hx509_cert *cert) */ int -hx509_cert_init_data(hx509_context context, +hx509_cert_init_data(hx509_context context, const void *ptr, size_t len, hx509_cert *cert) @@ -283,6 +283,7 @@ hx509_cert_init_data(hx509_context context, return ret; } if (size != len) { + free_Certificate(&t); hx509_set_error_string(context, 0, HX509_EXTRA_DATA_AFTER_STRUCTURE, "Extra data after certificate"); return HX509_EXTRA_DATA_AFTER_STRUCTURE; @@ -294,7 +295,7 @@ hx509_cert_init_data(hx509_context context, } void -_hx509_cert_set_release(hx509_cert cert, +_hx509_cert_set_release(hx509_cert cert, _hx509_cert_release_func release, void *ctx) { @@ -309,7 +310,7 @@ int _hx509_cert_assign_key(hx509_cert cert, hx509_private_key private_key) { if (cert->private_key) - _hx509_private_key_free(&cert->private_key); + hx509_private_key_free(&cert->private_key); cert->private_key = _hx509_private_key_ref(private_key); return 0; } @@ -326,7 +327,7 @@ _hx509_cert_assign_key(hx509_cert cert, hx509_private_key private_key) void hx509_cert_free(hx509_cert cert) { - int i; + size_t i; if (cert == NULL) return; @@ -340,7 +341,7 @@ hx509_cert_free(hx509_cert cert) (cert->release)(cert, cert->ctx); if (cert->private_key) - _hx509_private_key_free(&cert->private_key); + hx509_private_key_free(&cert->private_key); free_Certificate(cert->data); free(cert->data); @@ -354,7 +355,7 @@ hx509_cert_free(hx509_cert cert) free(cert->friendlyname); if (cert->basename) hx509_name_free(&cert->basename); - memset(cert, 0, sizeof(cert)); + memset(cert, 0, sizeof(*cert)); free(cert); } @@ -383,7 +384,7 @@ hx509_cert_ref(hx509_cert cert) /** * Allocate an verification context that is used fo control the - * verification process. + * verification process. * * @param context A hx509 context. * @param ctx returns a pointer to a hx509_verify_ctx object. @@ -405,7 +406,7 @@ hx509_verify_init_ctx(hx509_context context, hx509_verify_ctx *ctx) c->max_depth = HX509_VERIFY_MAX_DEPTH; *ctx = c; - + return 0; } @@ -432,6 +433,7 @@ hx509_verify_destroy_ctx(hx509_verify_ctx ctx) * Set the trust anchors in the verification context, makes an * reference to the keyset, so the consumer can free the keyset * independent of the destruction of the verification context (ctx). + * If there already is a keyset attached, it's released. * * @param ctx a verification context * @param set a keyset containing the trust anchors. @@ -442,7 +444,9 @@ hx509_verify_destroy_ctx(hx509_verify_ctx ctx) void hx509_verify_attach_anchors(hx509_verify_ctx ctx, hx509_certs set) { - ctx->trust_anchors = _hx509_certs_ref(set); + if (ctx->trust_anchors) + hx509_certs_free(&ctx->trust_anchors); + ctx->trust_anchors = hx509_certs_ref(set); } /** @@ -485,6 +489,12 @@ hx509_verify_set_time(hx509_verify_ctx ctx, time_t t) ctx->time_now = t; } +time_t +_hx509_verify_get_time(hx509_verify_ctx ctx) +{ + return ctx->time_now; +} + /** * Set the maximum depth of the certificate chain that the path * builder is going to try. @@ -563,14 +573,24 @@ hx509_verify_ctx_f_allow_default_trustanchors(hx509_verify_ctx ctx, int boolean) ctx->flags |= HX509_VERIFY_CTX_F_NO_DEFAULT_ANCHORS; } +void +hx509_verify_ctx_f_allow_best_before_signature_algs(hx509_context ctx, + int boolean) +{ + if (boolean) + ctx->flags &= ~HX509_VERIFY_CTX_F_NO_BEST_BEFORE_CHECK; + else + ctx->flags |= HX509_VERIFY_CTX_F_NO_BEST_BEFORE_CHECK; +} + static const Extension * -find_extension(const Certificate *cert, const heim_oid *oid, int *idx) +find_extension(const Certificate *cert, const heim_oid *oid, size_t *idx) { const TBSCertificate *c = &cert->tbsCertificate; if (c->version == NULL || *c->version < 2 || c->extensions == NULL) return NULL; - + for (;*idx < c->extensions->len; (*idx)++) { if (der_heim_oid_cmp(&c->extensions->val[*idx].extnID, oid) == 0) return &c->extensions->val[(*idx)++]; @@ -579,21 +599,21 @@ find_extension(const Certificate *cert, const heim_oid *oid, int *idx) } static int -find_extension_auth_key_id(const Certificate *subject, +find_extension_auth_key_id(const Certificate *subject, AuthorityKeyIdentifier *ai) { const Extension *e; size_t size; - int i = 0; + size_t i = 0; memset(ai, 0, sizeof(*ai)); - e = find_extension(subject, oid_id_x509_ce_authorityKeyIdentifier(), &i); + e = find_extension(subject, &asn1_oid_id_x509_ce_authorityKeyIdentifier, &i); if (e == NULL) return HX509_EXTENSION_NOT_FOUND; - - return decode_AuthorityKeyIdentifier(e->extnValue.data, - e->extnValue.length, + + return decode_AuthorityKeyIdentifier(e->extnValue.data, + e->extnValue.length, ai, &size); } @@ -603,40 +623,40 @@ _hx509_find_extension_subject_key_id(const Certificate *issuer, { const Extension *e; size_t size; - int i = 0; + size_t i = 0; memset(si, 0, sizeof(*si)); - e = find_extension(issuer, oid_id_x509_ce_subjectKeyIdentifier(), &i); + e = find_extension(issuer, &asn1_oid_id_x509_ce_subjectKeyIdentifier, &i); if (e == NULL) return HX509_EXTENSION_NOT_FOUND; - - return decode_SubjectKeyIdentifier(e->extnValue.data, + + return decode_SubjectKeyIdentifier(e->extnValue.data, e->extnValue.length, si, &size); } static int -find_extension_name_constraints(const Certificate *subject, +find_extension_name_constraints(const Certificate *subject, NameConstraints *nc) { const Extension *e; size_t size; - int i = 0; + size_t i = 0; memset(nc, 0, sizeof(*nc)); - e = find_extension(subject, oid_id_x509_ce_nameConstraints(), &i); + e = find_extension(subject, &asn1_oid_id_x509_ce_nameConstraints, &i); if (e == NULL) return HX509_EXTENSION_NOT_FOUND; - - return decode_NameConstraints(e->extnValue.data, - e->extnValue.length, + + return decode_NameConstraints(e->extnValue.data, + e->extnValue.length, nc, &size); } static int -find_extension_subject_alt_name(const Certificate *cert, int *i, +find_extension_subject_alt_name(const Certificate *cert, size_t *i, GeneralNames *sa) { const Extension *e; @@ -644,11 +664,11 @@ find_extension_subject_alt_name(const Certificate *cert, int *i, memset(sa, 0, sizeof(*sa)); - e = find_extension(cert, oid_id_x509_ce_subjectAltName(), i); + e = find_extension(cert, &asn1_oid_id_x509_ce_subjectAltName, i); if (e == NULL) return HX509_EXTENSION_NOT_FOUND; - - return decode_GeneralNames(e->extnValue.data, + + return decode_GeneralNames(e->extnValue.data, e->extnValue.length, sa, &size); } @@ -658,15 +678,15 @@ find_extension_eku(const Certificate *cert, ExtKeyUsage *eku) { const Extension *e; size_t size; - int i = 0; + size_t i = 0; memset(eku, 0, sizeof(*eku)); - e = find_extension(cert, oid_id_x509_ce_extKeyUsage(), &i); + e = find_extension(cert, &asn1_oid_id_x509_ce_extKeyUsage, &i); if (e == NULL) return HX509_EXTENSION_NOT_FOUND; - - return decode_ExtKeyUsage(e->extnValue.data, + + return decode_ExtKeyUsage(e->extnValue.data, e->extnValue.length, eku, &size); } @@ -700,7 +720,7 @@ add_to_list(hx509_octet_string_list *list, const heim_octet_string *entry) void hx509_free_octet_string_list(hx509_octet_string_list *list) { - int i; + size_t i; for (i = 0; i < list->len; i++) der_free_octet_string(&list->val[i]); free(list->val); @@ -710,7 +730,7 @@ hx509_free_octet_string_list(hx509_octet_string_list *list) /** * Return a list of subjectAltNames specified by oid in the - * certificate. On error the + * certificate. On error the * * The returned list of octet string should be freed with * hx509_free_octet_string_list(). @@ -732,7 +752,8 @@ hx509_cert_find_subjectAltName_otherName(hx509_context context, hx509_octet_string_list *list) { GeneralNames sa; - int ret, i, j; + int ret; + size_t i, j; list->val = NULL; list->len = 0; @@ -742,8 +763,7 @@ hx509_cert_find_subjectAltName_otherName(hx509_context context, ret = find_extension_subject_alt_name(_hx509_get_cert(cert), &i, &sa); i++; if (ret == HX509_EXTENSION_NOT_FOUND) { - ret = 0; - break; + return 0; } else if (ret != 0) { hx509_set_error_string(context, 0, ret, "Error searching for SAN"); hx509_free_octet_string_list(list); @@ -752,11 +772,11 @@ hx509_cert_find_subjectAltName_otherName(hx509_context context, for (j = 0; j < sa.len; j++) { if (sa.val[j].element == choice_GeneralName_otherName && - der_heim_oid_cmp(&sa.val[j].u.otherName.type_id, oid) == 0) + der_heim_oid_cmp(&sa.val[j].u.otherName.type_id, oid) == 0) { ret = add_to_list(list, &sa.val[j].u.otherName.value); if (ret) { - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Error adding an exra SAN to " "return list"); hx509_free_octet_string_list(list); @@ -767,24 +787,24 @@ hx509_cert_find_subjectAltName_otherName(hx509_context context, } free_GeneralNames(&sa); } - return 0; } static int -check_key_usage(hx509_context context, const Certificate *cert, +check_key_usage(hx509_context context, const Certificate *cert, unsigned flags, int req_present) { const Extension *e; KeyUsage ku; size_t size; - int ret, i = 0; + int ret; + size_t i = 0; unsigned ku_flags; if (_hx509_cert_get_version(cert) < 3) return 0; - e = find_extension(cert, oid_id_x509_ce_keyUsage(), &i); + e = find_extension(cert, &asn1_oid_id_x509_ce_keyUsage, &i); if (e == NULL) { if (req_present) { hx509_set_error_string(context, 0, HX509_KU_CERT_MISSING, @@ -794,7 +814,7 @@ check_key_usage(hx509_context context, const Certificate *cert, } return 0; } - + ret = decode_KeyUsage(e->extnValue.data, e->extnValue.length, &ku, &size); if (ret) return ret; @@ -821,7 +841,7 @@ check_key_usage(hx509_context context, const Certificate *cert, */ int -_hx509_check_key_usage(hx509_context context, hx509_cert cert, +_hx509_check_key_usage(hx509_context context, hx509_cert cert, unsigned flags, int req_present) { return check_key_usage(context, _hx509_get_cert(cert), flags, req_present); @@ -830,18 +850,19 @@ _hx509_check_key_usage(hx509_context context, hx509_cert cert, enum certtype { PROXY_CERT, EE_CERT, CA_CERT }; static int -check_basic_constraints(hx509_context context, const Certificate *cert, - enum certtype type, int depth) +check_basic_constraints(hx509_context context, const Certificate *cert, + enum certtype type, size_t depth) { BasicConstraints bc; const Extension *e; size_t size; - int ret, i = 0; + int ret; + size_t i = 0; if (_hx509_cert_get_version(cert) < 3) return 0; - e = find_extension(cert, oid_id_x509_ce_basicConstraints(), &i); + e = find_extension(cert, &asn1_oid_id_x509_ce_basicConstraints, &i); if (e == NULL) { switch(type) { case PROXY_CERT: @@ -859,8 +880,8 @@ check_basic_constraints(hx509_context context, const Certificate *cert, } } } - - ret = decode_BasicConstraints(e->extnValue.data, + + ret = decode_BasicConstraints(e->extnValue.data, e->extnValue.length, &bc, &size); if (ret) @@ -893,13 +914,16 @@ _hx509_cert_is_parent_cmp(const Certificate *subject, int diff; AuthorityKeyIdentifier ai; SubjectKeyIdentifier si; - int ret_ai, ret_si; + int ret_ai, ret_si, ret; - diff = _hx509_name_cmp(&issuer->tbsCertificate.subject, - &subject->tbsCertificate.issuer); + ret = _hx509_name_cmp(&issuer->tbsCertificate.subject, + &subject->tbsCertificate.issuer, + &diff); + if (ret) + return ret; if (diff) return diff; - + memset(&ai, 0, sizeof(ai)); memset(&si, 0, sizeof(si)); @@ -928,7 +952,7 @@ _hx509_cert_is_parent_cmp(const Certificate *subject, goto out; } } - + if (ai.keyIdentifier == NULL) { Name name; @@ -937,7 +961,7 @@ _hx509_cert_is_parent_cmp(const Certificate *subject, if (ai.authorityCertSerialNumber == NULL) return -1; - diff = der_heim_integer_cmp(ai.authorityCertSerialNumber, + diff = der_heim_integer_cmp(ai.authorityCertSerialNumber, &issuer->tbsCertificate.serialNumber); if (diff) return diff; @@ -945,14 +969,17 @@ _hx509_cert_is_parent_cmp(const Certificate *subject, return -1; if (ai.authorityCertIssuer->val[0].element != choice_GeneralName_directoryName) return -1; - - name.element = + + name.element = ai.authorityCertIssuer->val[0].u.directoryName.element; - name.u.rdnSequence = + name.u.rdnSequence = ai.authorityCertIssuer->val[0].u.directoryName.u.rdnSequence; - diff = _hx509_name_cmp(&issuer->tbsCertificate.subject, - &name); + ret = _hx509_name_cmp(&issuer->tbsCertificate.subject, + &name, + &diff); + if (ret) + return ret; if (diff) return diff; diff = 0; @@ -991,10 +1018,21 @@ certificate_is_anchor(hx509_context context, } static int -certificate_is_self_signed(const Certificate *cert) +certificate_is_self_signed(hx509_context context, + const Certificate *cert, + int *self_signed) { - return _hx509_name_cmp(&cert->tbsCertificate.subject, - &cert->tbsCertificate.issuer) == 0; + int ret, diff; + ret = _hx509_name_cmp(&cert->tbsCertificate.subject, + &cert->tbsCertificate.issuer, &diff); + *self_signed = (diff == 0); + if (ret) { + hx509_set_error_string(context, 0, ret, + "Failed to check if self signed"); + } else + ret = _hx509_self_signed_valid(context, &cert->signatureAlgorithm); + + return ret; } /* @@ -1013,7 +1051,7 @@ find_parent(hx509_context context, time_t time_now, hx509_certs trust_anchors, hx509_path *path, - hx509_certs pool, + hx509_certs pool, hx509_cert current, hx509_cert *parent) { @@ -1023,7 +1061,7 @@ find_parent(hx509_context context, *parent = NULL; memset(&ai, 0, sizeof(ai)); - + _hx509_query_clear(&q); if (!subject_null_p(current->data)) { @@ -1088,7 +1126,7 @@ find_parent(hx509_context context, hx509_clear_error_string(context); return HX509_ISSUER_NOT_FOUND; } - + hx509_set_error_string(context, 0, HX509_ISSUER_NOT_FOUND, "Failed to find issuer for " "certificate with subject: '%s'", str); @@ -1102,26 +1140,27 @@ find_parent(hx509_context context, */ static int -is_proxy_cert(hx509_context context, - const Certificate *cert, +is_proxy_cert(hx509_context context, + const Certificate *cert, ProxyCertInfo *rinfo) { ProxyCertInfo info; const Extension *e; size_t size; - int ret, i = 0; + int ret; + size_t i = 0; if (rinfo) memset(rinfo, 0, sizeof(*rinfo)); - e = find_extension(cert, oid_id_pkix_pe_proxyCertInfo(), &i); + e = find_extension(cert, &asn1_oid_id_pkix_pe_proxyCertInfo, &i); if (e == NULL) { hx509_clear_error_string(context); return HX509_EXTENSION_NOT_FOUND; } - ret = decode_ProxyCertInfo(e->extnValue.data, - e->extnValue.length, + ret = decode_ProxyCertInfo(e->extnValue.data, + e->extnValue.length, &info, &size); if (ret) { @@ -1131,7 +1170,7 @@ is_proxy_cert(hx509_context context, if (size != e->extnValue.length) { free_ProxyCertInfo(&info); hx509_clear_error_string(context); - return HX509_EXTRA_DATA_AFTER_STRUCTURE; + return HX509_EXTRA_DATA_AFTER_STRUCTURE; } if (rinfo == NULL) free_ProxyCertInfo(&info); @@ -1167,7 +1206,7 @@ void _hx509_path_free(hx509_path *path) { unsigned i; - + for (i = 0; i < path->len; i++) hx509_cert_free(path->val[i]); free(path->val); @@ -1188,7 +1227,7 @@ _hx509_path_free(hx509_path *path) * The path includes a path from the top certificate to the anchor * certificate. * - * The caller needs to free `path´ both on successful built path and + * The caller needs to free `path´ both on successful built path and * failure. */ @@ -1216,7 +1255,7 @@ _hx509_calculate_path(hx509_context context, while (!certificate_is_anchor(context, anchors, current)) { - ret = find_parent(context, time_now, anchors, path, + ret = find_parent(context, time_now, anchors, path, pool, current, &parent); hx509_cert_free(current); if (ret) @@ -1236,8 +1275,8 @@ _hx509_calculate_path(hx509_context context, } } - if ((flags & HX509_CALCULATE_PATH_NO_ANCHOR) && - path->len > 0 && + if ((flags & HX509_CALCULATE_PATH_NO_ANCHOR) && + path->len > 0 && certificate_is_anchor(context, anchors, path->val[path->len - 1])) { hx509_cert_free(path->val[path->len - 1]); @@ -1277,7 +1316,7 @@ _hx509_Certificate_cmp(const Certificate *p, const Certificate *q) diff = der_heim_bit_string_cmp(&p->signatureValue, &q->signatureValue); if (diff) return diff; - diff = _hx509_AlgorithmIdentifier_cmp(&p->signatureAlgorithm, + diff = _hx509_AlgorithmIdentifier_cmp(&p->signatureAlgorithm, &q->signatureAlgorithm); if (diff) return diff; @@ -1452,7 +1491,9 @@ hx509_cert_get_SPKI(hx509_context context, hx509_cert p, SubjectPublicKeyInfo *s * @param context a hx509 context. * @param p a hx509 certificate object. * @param alg AlgorithmIdentifier, should be freed with - * free_AlgorithmIdentifier(). + * free_AlgorithmIdentifier(). The algorithmidentifier is + * typicly rsaEncryption, or id-ecPublicKey, or some other + * public key mechanism. * * @return An hx509 error code, see hx509_get_error_string(). * @@ -1461,7 +1502,7 @@ hx509_cert_get_SPKI(hx509_context context, hx509_cert p, SubjectPublicKeyInfo *s int hx509_cert_get_SPKI_AlgorithmIdentifier(hx509_context context, - hx509_cert p, + hx509_cert p, AlgorithmIdentifier *alg) { int ret; @@ -1473,6 +1514,65 @@ hx509_cert_get_SPKI_AlgorithmIdentifier(hx509_context context, return ret; } +static int +get_x_unique_id(hx509_context context, const char *name, + const heim_bit_string *cert, heim_bit_string *subject) +{ + int ret; + + if (cert == NULL) { + ret = HX509_EXTENSION_NOT_FOUND; + hx509_set_error_string(context, 0, ret, "%s unique id doesn't exists", name); + return ret; + } + ret = der_copy_bit_string(cert, subject); + if (ret) { + hx509_set_error_string(context, 0, ret, "malloc out of memory", name); + return ret; + } + return 0; +} + +/** + * Get a copy of the Issuer Unique ID + * + * @param context a hx509_context + * @param p a hx509 certificate + * @param issuer the issuer id returned, free with der_free_bit_string() + * + * @return An hx509 error code, see hx509_get_error_string(). The + * error code HX509_EXTENSION_NOT_FOUND is returned if the certificate + * doesn't have a issuerUniqueID + * + * @ingroup hx509_cert + */ + +int +hx509_cert_get_issuer_unique_id(hx509_context context, hx509_cert p, heim_bit_string *issuer) +{ + return get_x_unique_id(context, "issuer", p->data->tbsCertificate.issuerUniqueID, issuer); +} + +/** + * Get a copy of the Subect Unique ID + * + * @param context a hx509_context + * @param p a hx509 certificate + * @param subject the subject id returned, free with der_free_bit_string() + * + * @return An hx509 error code, see hx509_get_error_string(). The + * error code HX509_EXTENSION_NOT_FOUND is returned if the certificate + * doesn't have a subjectUniqueID + * + * @ingroup hx509_cert + */ + +int +hx509_cert_get_subject_unique_id(hx509_context context, hx509_cert p, heim_bit_string *subject) +{ + return get_x_unique_id(context, "subject", p->data->tbsCertificate.subjectUniqueID, subject); +} + hx509_private_key _hx509_cert_private_key(hx509_cert p) @@ -1511,15 +1611,15 @@ _hx509_cert_private_decrypt(hx509_context context, return HX509_PRIVATE_KEY_MISSING; } - return _hx509_private_key_private_decrypt(context, + return hx509_private_key_private_decrypt(context, ciphertext, encryption_oid, - p->private_key, + p->private_key, cleartext); } int -_hx509_cert_public_encrypt(hx509_context context, +hx509_cert_public_encrypt(hx509_context context, const heim_octet_string *cleartext, const hx509_cert p, heim_oid *encryption_oid, @@ -1599,15 +1699,20 @@ static int match_RDN(const RelativeDistinguishedName *c, const RelativeDistinguishedName *n) { - int i; + size_t i; if (c->len != n->len) return HX509_NAME_CONSTRAINT_ERROR; - + for (i = 0; i < n->len; i++) { + int diff, ret; + if (der_heim_oid_cmp(&c->val[i].type, &n->val[i].type) != 0) return HX509_NAME_CONSTRAINT_ERROR; - if (_hx509_name_ds_cmp(&c->val[i].value, &n->val[i].value) != 0) + ret = _hx509_name_ds_cmp(&c->val[i].value, &n->val[i].value, &diff); + if (ret) + return ret; + if (diff != 0) return HX509_NAME_CONSTRAINT_ERROR; } return 0; @@ -1616,7 +1721,8 @@ match_RDN(const RelativeDistinguishedName *c, static int match_X501Name(const Name *c, const Name *n) { - int i, ret; + size_t i; + int ret; if (c->element != choice_Name_rdnSequence || n->element != choice_Name_rdnSequence) @@ -1629,13 +1735,13 @@ match_X501Name(const Name *c, const Name *n) return ret; } return 0; -} +} static int match_general_name(const GeneralName *c, const GeneralName *n, int *match) { - /* + /* * Name constraints only apply to the same name type, see RFC3280, * 4.2.1.11. */ @@ -1654,19 +1760,20 @@ match_general_name(const GeneralName *c, const GeneralName *n, int *match) case choice_GeneralName_rfc822Name: { const char *s; size_t len1, len2; - s = strchr(c->u.rfc822Name, '@'); + s = memchr(c->u.rfc822Name.data, '@', c->u.rfc822Name.length); if (s) { - if (strcasecmp(c->u.rfc822Name, n->u.rfc822Name) != 0) + if (der_printable_string_cmp(&c->u.rfc822Name, &n->u.rfc822Name) != 0) return HX509_NAME_CONSTRAINT_ERROR; } else { - s = strchr(n->u.rfc822Name, '@'); + s = memchr(n->u.rfc822Name.data, '@', n->u.rfc822Name.length); if (s == NULL) return HX509_NAME_CONSTRAINT_ERROR; - len1 = strlen(c->u.rfc822Name); - len2 = strlen(s + 1); + len1 = c->u.rfc822Name.length; + len2 = n->u.rfc822Name.length - + (s - ((char *)n->u.rfc822Name.data)); if (len1 > len2) return HX509_NAME_CONSTRAINT_ERROR; - if (strcasecmp(s + 1 + len2 - len1, c->u.rfc822Name) != 0) + if (memcmp(s + 1 + len2 - len1, c->u.rfc822Name.data, len1) != 0) return HX509_NAME_CONSTRAINT_ERROR; if (len1 < len2 && s[len2 - len1 + 1] != '.') return HX509_NAME_CONSTRAINT_ERROR; @@ -1676,14 +1783,16 @@ match_general_name(const GeneralName *c, const GeneralName *n, int *match) } case choice_GeneralName_dNSName: { size_t lenc, lenn; + char *ptr; - lenc = strlen(c->u.dNSName); - lenn = strlen(n->u.dNSName); + lenc = c->u.dNSName.length; + lenn = n->u.dNSName.length; if (lenc > lenn) return HX509_NAME_CONSTRAINT_ERROR; - if (strcasecmp(&n->u.dNSName[lenn - lenc], c->u.dNSName) != 0) + ptr = n->u.dNSName.data; + if (memcmp(&ptr[lenn - lenc], c->u.dNSName.data, lenc) != 0) return HX509_NAME_CONSTRAINT_ERROR; - if (lenc != lenn && n->u.dNSName[lenn - lenc - 1] != '.') + if (lenn != lenc && ptr[lenn - lenc - 1] != '.') return HX509_NAME_CONSTRAINT_ERROR; *match = 1; return 0; @@ -1716,11 +1825,12 @@ match_general_name(const GeneralName *c, const GeneralName *n, int *match) } static int -match_alt_name(const GeneralName *n, const Certificate *c, +match_alt_name(const GeneralName *n, const Certificate *c, int *same, int *match) { GeneralNames sa; - int ret, i, j; + int ret; + size_t i, j; i = 0; do { @@ -1765,14 +1875,14 @@ match_tree(const GeneralSubtrees *t, const Certificate *c, int *match) && !subject_null_p(c)) { GeneralName certname; - + memset(&certname, 0, sizeof(certname)); certname.element = choice_GeneralName_directoryName; - certname.u.directoryName.element = + certname.u.directoryName.element = c->tbsCertificate.subject.element; - certname.u.directoryName.u.rdnSequence = + certname.u.directoryName.u.rdnSequence = c->tbsCertificate.subject.u.rdnSequence; - + ret = match_general_name(&t->val[i].base, &certname, &name); } @@ -1789,12 +1899,12 @@ match_tree(const GeneralSubtrees *t, const Certificate *c, int *match) } static int -check_name_constraints(hx509_context context, +check_name_constraints(hx509_context context, const hx509_name_constraints *nc, const Certificate *c) { int match, ret; - int i; + size_t i; for (i = 0 ; i < nc->len; i++) { GeneralSubtrees gs; @@ -1837,7 +1947,7 @@ check_name_constraints(hx509_context context, static void free_name_constraints(hx509_name_constraints *nc) { - int i; + size_t i; for (i = 0 ; i < nc->len; i++) free_NameConstraints(&nc->val[i]); @@ -1867,10 +1977,8 @@ hx509_verify_path(hx509_context context, { hx509_name_constraints nc; hx509_path path; -#if 0 - const AlgorithmIdentifier *alg_id; -#endif - int ret, i, proxy_cert_depth, selfsigned_depth; + int ret, proxy_cert_depth, selfsigned_depth, diff; + size_t i, k; enum certtype type; Name proxy_issuer; hx509_certs anchors = NULL; @@ -1878,7 +1986,7 @@ hx509_verify_path(hx509_context context, memset(&proxy_issuer, 0, sizeof(proxy_issuer)); ret = init_name_constraints(&nc); - if (ret) + if (ret) return ret; path.val = NULL; @@ -1891,9 +1999,9 @@ hx509_verify_path(hx509_context context, * */ if (ctx->trust_anchors) - anchors = _hx509_certs_ref(ctx->trust_anchors); + anchors = hx509_certs_ref(ctx->trust_anchors); else if (context->default_trust_anchors && ALLOW_DEF_TA(ctx)) - anchors = _hx509_certs_ref(context->default_trust_anchors); + anchors = hx509_certs_ref(context->default_trust_anchors); else { ret = hx509_certs_init(context, "MEMORY:no-TA", 0, NULL, &anchors); if (ret) @@ -1910,10 +2018,6 @@ hx509_verify_path(hx509_context context, if (ret) goto out; -#if 0 - alg_id = path.val[path->len - 1]->data->tbsCertificate.signature; -#endif - /* * Check CA and proxy certificate chain from the top of the * certificate chain. Also check certificate is valid with respect @@ -1934,7 +2038,7 @@ hx509_verify_path(hx509_context context, time_t t; c = _hx509_get_cert(path.val[i]); - + /* * Lets do some basic check on issuer like * keyUsage.keyCertSign and basicConstraints.cA bit depending @@ -1943,6 +2047,7 @@ hx509_verify_path(hx509_context context, switch (type) { case CA_CERT: + /* XXX make constants for keyusage */ ret = check_key_usage(context, c, 1 << 5, REQUIRE_RFC3280(ctx) ? TRUE : FALSE); @@ -1952,15 +2057,23 @@ hx509_verify_path(hx509_context context, goto out; } - if (i + 1 != path.len && certificate_is_self_signed(c)) - selfsigned_depth++; + /* self signed cert doesn't add to path length */ + if (i + 1 != path.len) { + int selfsigned; + + ret = certificate_is_self_signed(context, c, &selfsigned); + if (ret) + goto out; + if (selfsigned) + selfsigned_depth++; + } break; case PROXY_CERT: { - ProxyCertInfo info; + ProxyCertInfo info; if (is_proxy_cert(context, c, &info) == 0) { - int j; + size_t j; if (info.pCPathLenConstraint != NULL && *info.pCPathLenConstraint < i) @@ -1974,26 +2087,26 @@ hx509_verify_path(hx509_context context, } /* XXX MUST check info.proxyPolicy */ free_ProxyCertInfo(&info); - + j = 0; - if (find_extension(c, oid_id_x509_ce_subjectAltName(), &j)) { + if (find_extension(c, &asn1_oid_id_x509_ce_subjectAltName, &j)) { ret = HX509_PROXY_CERT_INVALID; - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Proxy certificate have explicity " "forbidden subjectAltName"); goto out; } j = 0; - if (find_extension(c, oid_id_x509_ce_issuerAltName(), &j)) { + if (find_extension(c, &asn1_oid_id_x509_ce_issuerAltName, &j)) { ret = HX509_PROXY_CERT_INVALID; - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Proxy certificate have explicity " "forbidden issuerAltName"); goto out; } - - /* + + /* * The subject name of the proxy certificate should be * CN=XXX,, prune of CN and check if its * the same over the whole chain of proxy certs and @@ -2001,8 +2114,12 @@ hx509_verify_path(hx509_context context, */ if (proxy_cert_depth) { - ret = _hx509_name_cmp(&proxy_issuer, &c->tbsCertificate.subject); + ret = _hx509_name_cmp(&proxy_issuer, &c->tbsCertificate.subject, &diff); if (ret) { + hx509_set_error_string(context, 0, ret, "Out of memory"); + goto out; + } + if (diff) { ret = HX509_PROXY_CERT_NAME_WRONG; hx509_set_error_string(context, 0, ret, "Base proxy name not right"); @@ -2019,10 +2136,10 @@ hx509_verify_path(hx509_context context, } j = proxy_issuer.u.rdnSequence.len; - if (proxy_issuer.u.rdnSequence.len < 2 + if (proxy_issuer.u.rdnSequence.len < 2 || proxy_issuer.u.rdnSequence.val[j - 1].len > 1 || der_heim_oid_cmp(&proxy_issuer.u.rdnSequence.val[j - 1].val[0].type, - oid_id_at_commonName())) + &asn1_oid_id_at_commonName)) { ret = HX509_PROXY_CERT_NAME_WRONG; hx509_set_error_string(context, 0, ret, @@ -2035,8 +2152,12 @@ hx509_verify_path(hx509_context context, free_RelativeDistinguishedName(&proxy_issuer.u.rdnSequence.val[j - 1]); proxy_issuer.u.rdnSequence.len -= 1; - ret = _hx509_name_cmp(&proxy_issuer, &c->tbsCertificate.issuer); - if (ret != 0) { + ret = _hx509_name_cmp(&proxy_issuer, &c->tbsCertificate.issuer, &diff); + if (ret) { + hx509_set_error_string(context, 0, ret, "Out of memory"); + goto out; + } + if (diff != 0) { ret = HX509_PROXY_CERT_NAME_WRONG; hx509_set_error_string(context, 0, ret, "Proxy issuer name not as expected"); @@ -2045,7 +2166,7 @@ hx509_verify_path(hx509_context context, break; } else { - /* + /* * Now we are done with the proxy certificates, this * cert was an EE cert and we we will fall though to * EE checking below. @@ -2063,15 +2184,19 @@ hx509_verify_path(hx509_context context, if (proxy_cert_depth) { ret = _hx509_name_cmp(&proxy_issuer, - &c->tbsCertificate.subject); + &c->tbsCertificate.subject, &diff); if (ret) { + hx509_set_error_string(context, 0, ret, "out of memory"); + goto out; + } + if (diff) { ret = HX509_PROXY_CERT_NAME_WRONG; hx509_clear_error_string(context); goto out; } if (cert->basename) hx509_name_free(&cert->basename); - + ret = _hx509_name_from_Name(&proxy_issuer, &cert->basename); if (ret) { hx509_clear_error_string(context); @@ -2082,11 +2207,11 @@ hx509_verify_path(hx509_context context, break; } - ret = check_basic_constraints(context, c, type, + ret = check_basic_constraints(context, c, type, i - proxy_cert_depth - selfsigned_depth); if (ret) goto out; - + /* * Don't check the trust anchors expiration time since they * are transported out of band, from RFC3820. @@ -2118,13 +2243,19 @@ hx509_verify_path(hx509_context context, * checked in the right order. */ - for (ret = 0, i = path.len - 1; i >= 0; i--) { + for (ret = 0, k = path.len; k > 0; k--) { Certificate *c; + int selfsigned; + i = k - 1; c = _hx509_get_cert(path.val[i]); + ret = certificate_is_self_signed(context, c, &selfsigned); + if (ret) + goto out; + /* verify name constraints, not for selfsigned and anchor */ - if (!certificate_is_self_signed(c) || i + 1 != path.len) { + if (!selfsigned || i + 1 != path.len) { ret = check_name_constraints(context, &nc, c); if (ret) { goto out; @@ -2164,10 +2295,10 @@ hx509_verify_path(hx509_context context, } for (i = 0; i < path.len - 1; i++) { - int parent = (i < path.len - 1) ? i + 1 : i; + size_t parent = (i < path.len - 1) ? i + 1 : i; ret = hx509_revoke_verify(context, - ctx->revoke_ctx, + ctx->revoke_ctx, certs, ctx->time_now, path.val[i], @@ -2185,21 +2316,29 @@ hx509_verify_path(hx509_context context, * parameter is passed up from the anchor up though the chain. */ - for (i = path.len - 1; i >= 0; i--) { - Certificate *signer, *c; + for (k = path.len; k > 0; k--) { + hx509_cert signer; + Certificate *c; + i = k - 1; c = _hx509_get_cert(path.val[i]); /* is last in chain (trust anchor) */ if (i + 1 == path.len) { - signer = path.val[i]->data; + int selfsigned; + + signer = path.val[i]; + + ret = certificate_is_self_signed(context, signer->data, &selfsigned); + if (ret) + goto out; /* if trust anchor is not self signed, don't check sig */ - if (!certificate_is_self_signed(signer)) + if (!selfsigned) continue; } else { /* take next certificate in chain */ - signer = path.val[i + 1]->data; + signer = path.val[i + 1]; } /* verify signatureValue */ @@ -2213,6 +2352,24 @@ hx509_verify_path(hx509_context context, "Failed to verify signature of certificate"); goto out; } + /* + * Verify that the sigature algorithm "best-before" date is + * before the creation date of the certificate, do this for + * trust anchors too, since any trust anchor that is created + * after a algorithm is known to be bad deserved to be invalid. + * + * Skip the leaf certificate for now... + */ + + if (i != 0 && (ctx->flags & HX509_VERIFY_CTX_F_NO_BEST_BEFORE_CHECK) == 0) { + time_t notBefore = + _hx509_Time2time_t(&c->tbsCertificate.validity.notBefore); + ret = _hx509_signature_best_before(context, + &c->signatureAlgorithm, + notBefore); + if (ret) + goto out; + } } out: @@ -2245,9 +2402,31 @@ hx509_verify_signature(hx509_context context, const heim_octet_string *data, const heim_octet_string *sig) { - return _hx509_verify_signature(context, signer->data, alg, data, sig); + return _hx509_verify_signature(context, signer, alg, data, sig); } +int +_hx509_verify_signature_bitstring(hx509_context context, + const hx509_cert signer, + const AlgorithmIdentifier *alg, + const heim_octet_string *data, + const heim_bit_string *sig) +{ + heim_octet_string os; + + if (sig->length & 7) { + hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, + "signature not multiple of 8 bits"); + return HX509_CRYPTO_SIG_INVALID_FORMAT; + } + + os.data = sig->data; + os.length = sig->length / 8; + + return _hx509_verify_signature(context, signer, alg, data, &os); +} + + /** * Verify that the certificate is allowed to be used for the hostname @@ -2276,10 +2455,12 @@ hx509_verify_hostname(hx509_context context, hx509_hostname_type type, const char *hostname, const struct sockaddr *sa, - /* XXX krb5_socklen_t */ int sa_size) + /* XXX krb5_socklen_t */ int sa_size) { GeneralNames san; - int ret, i, j; + const Name *name; + int ret; + size_t i, j, k; if (sa && sa_size <= 0) return EINVAL; @@ -2289,20 +2470,24 @@ hx509_verify_hostname(hx509_context context, i = 0; do { ret = find_extension_subject_alt_name(cert->data, &i, &san); - if (ret == HX509_EXTENSION_NOT_FOUND) { - ret = 0; - break; - } else if (ret != 0) + if (ret == HX509_EXTENSION_NOT_FOUND) break; + else if (ret != 0) + return HX509_PARSING_NAME_FAILED; for (j = 0; j < san.len; j++) { switch (san.val[j].element) { - case choice_GeneralName_dNSName: - if (strcasecmp(san.val[j].u.dNSName, hostname) == 0) { + case choice_GeneralName_dNSName: { + heim_printable_string hn; + hn.data = rk_UNCONST(hostname); + hn.length = strlen(hostname); + + if (der_printable_string_cmp(&san.val[j].u.dNSName, &hn) == 0) { free_GeneralNames(&san); return 0; } break; + } default: break; } @@ -2310,31 +2495,42 @@ hx509_verify_hostname(hx509_context context, free_GeneralNames(&san); } while (1); - { - Name *name = &cert->data->tbsCertificate.subject; + name = &cert->data->tbsCertificate.subject; - /* match if first component is a CN= */ - if (name->u.rdnSequence.len > 0 - && name->u.rdnSequence.val[0].len == 1 - && der_heim_oid_cmp(&name->u.rdnSequence.val[0].val[0].type, - oid_id_at_commonName()) == 0) - { - DirectoryString *ds = &name->u.rdnSequence.val[0].val[0].value; + /* Find first CN= in the name, and try to match the hostname on that */ + for (ret = 0, k = name->u.rdnSequence.len; ret == 0 && k > 0; k--) { + i = k - 1; + for (j = 0; ret == 0 && j < name->u.rdnSequence.val[i].len; j++) { + AttributeTypeAndValue *n = &name->u.rdnSequence.val[i].val[j]; - switch (ds->element) { - case choice_DirectoryString_printableString: - if (strcasecmp(ds->u.printableString, hostname) == 0) - return 0; - break; - case choice_DirectoryString_ia5String: - if (strcasecmp(ds->u.ia5String, hostname) == 0) - return 0; - break; - case choice_DirectoryString_utf8String: - if (strcasecmp(ds->u.utf8String, hostname) == 0) - return 0; - default: - break; + if (der_heim_oid_cmp(&n->type, &asn1_oid_id_at_commonName) == 0) { + DirectoryString *ds = &n->value; + switch (ds->element) { + case choice_DirectoryString_printableString: { + heim_printable_string hn; + hn.data = rk_UNCONST(hostname); + hn.length = strlen(hostname); + + if (der_printable_string_cmp(&ds->u.printableString, &hn) == 0) + return 0; + break; + } + case choice_DirectoryString_ia5String: { + heim_ia5_string hn; + hn.data = rk_UNCONST(hostname); + hn.length = strlen(hostname); + + if (der_ia5_string_cmp(&ds->u.ia5String, &hn) == 0) + return 0; + break; + } + case choice_DirectoryString_utf8String: + if (strcasecmp(ds->u.utf8String, hostname) == 0) + return 0; + default: + break; + } + ret = HX509_NAME_CONSTRAINT_ERROR; } } } @@ -2347,8 +2543,8 @@ hx509_verify_hostname(hx509_context context, int _hx509_set_cert_attribute(hx509_context context, - hx509_cert cert, - const heim_oid *oid, + hx509_cert cert, + const heim_oid *oid, const heim_octet_string *attr) { hx509_cert_attribute a; @@ -2357,7 +2553,7 @@ _hx509_set_cert_attribute(hx509_context context, if (hx509_cert_get_attribute(cert, oid) != NULL) return 0; - d = realloc(cert->attrs.val, + d = realloc(cert->attrs.val, sizeof(cert->attrs.val[0]) * (cert->attrs.len + 1)); if (d == NULL) { hx509_clear_error_string(context); @@ -2371,7 +2567,7 @@ _hx509_set_cert_attribute(hx509_context context, der_copy_octet_string(attr, &a->data); der_copy_oid(oid, &a->oid); - + cert->attrs.val[cert->attrs.len] = a; cert->attrs.len++; @@ -2394,7 +2590,7 @@ _hx509_set_cert_attribute(hx509_context context, hx509_cert_attribute hx509_cert_get_attribute(hx509_cert cert, const heim_oid *oid) { - int i; + size_t i; for (i = 0; i < cert->attrs.len; i++) if (der_heim_oid_cmp(oid, &cert->attrs.val[i]->oid) == 0) return cert->attrs.val[i]; @@ -2440,32 +2636,41 @@ hx509_cert_get_friendly_name(hx509_cert cert) hx509_cert_attribute a; PKCS9_friendlyName n; size_t sz; - int ret, i; + int ret; + size_t i; if (cert->friendlyname) return cert->friendlyname; - a = hx509_cert_get_attribute(cert, oid_id_pkcs_9_at_friendlyName()); + a = hx509_cert_get_attribute(cert, &asn1_oid_id_pkcs_9_at_friendlyName); if (a == NULL) { - /* XXX use subject name ? */ - return NULL; + hx509_name name; + + ret = hx509_cert_get_subject(cert, &name); + if (ret) + return NULL; + ret = hx509_name_to_string(name, &cert->friendlyname); + hx509_name_free(&name); + if (ret) + return NULL; + return cert->friendlyname; } ret = decode_PKCS9_friendlyName(a->data.data, a->data.length, &n, &sz); if (ret) return NULL; - + if (n.len != 1) { free_PKCS9_friendlyName(&n); return NULL; } - + cert->friendlyname = malloc(n.val[0].length + 1); if (cert->friendlyname == NULL) { free_PKCS9_friendlyName(&n); return NULL; } - + for (i = 0; i < n.val[0].length; i++) { if (n.val[0].data[i] <= 0xff) cert->friendlyname[i] = n.val[0].data[i] & 0xff; @@ -2504,6 +2709,7 @@ hx509_query_alloc(hx509_context context, hx509_query **q) return 0; } + /** * Set match options for the hx509 query controller. * @@ -2552,7 +2758,7 @@ hx509_query_match_option(hx509_query *q, hx509_query_option option) int hx509_query_match_issuer_serial(hx509_query *q, - const Name *issuer, + const Name *issuer, const heim_integer *serialNumber) { int ret; @@ -2609,6 +2815,69 @@ hx509_query_match_friendly_name(hx509_query *q, const char *name) return 0; } +/** + * Set the query controller to require an one specific EKU (extended + * key usage). Any previous EKU matching is overwitten. If NULL is + * passed in as the eku, the EKU requirement is reset. + * + * @param q a hx509 query controller. + * @param eku an EKU to match on. + * + * @return An hx509 error code, see hx509_get_error_string(). + * + * @ingroup hx509_cert + */ + +int +hx509_query_match_eku(hx509_query *q, const heim_oid *eku) +{ + int ret; + + if (eku == NULL) { + if (q->eku) { + der_free_oid(q->eku); + free(q->eku); + q->eku = NULL; + } + q->match &= ~HX509_QUERY_MATCH_EKU; + } else { + if (q->eku) { + der_free_oid(q->eku); + } else { + q->eku = calloc(1, sizeof(*q->eku)); + if (q->eku == NULL) + return ENOMEM; + } + ret = der_copy_oid(eku, q->eku); + if (ret) { + free(q->eku); + q->eku = NULL; + return ret; + } + q->match |= HX509_QUERY_MATCH_EKU; + } + return 0; +} + +int +hx509_query_match_expr(hx509_context context, hx509_query *q, const char *expr) +{ + if (q->expr) { + _hx509_expr_free(q->expr); + q->expr = NULL; + } + + if (expr == NULL) { + q->match &= ~HX509_QUERY_MATCH_EXPR; + } else { + q->expr = _hx509_expr_parse(expr); + if (q->expr) + q->match |= HX509_QUERY_MATCH_EXPR; + } + + return 0; +} + /** * Set the query controller to match using a specific match function. * @@ -2624,7 +2893,7 @@ hx509_query_match_friendly_name(hx509_query *q, const char *name) int hx509_query_match_cmp_func(hx509_query *q, - int (*func)(void *, hx509_cert), + int (*func)(hx509_context, hx509_cert, void *), void *ctx) { if (func) @@ -2648,20 +2917,27 @@ hx509_query_match_cmp_func(hx509_query *q, void hx509_query_free(hx509_context context, hx509_query *q) { + if (q == NULL) + return; + if (q->serial) { der_free_heim_integer(q->serial); free(q->serial); - q->serial = NULL; } if (q->issuer_name) { free_Name(q->issuer_name); free(q->issuer_name); - q->issuer_name = NULL; } - if (q) { + if (q->eku) { + der_free_oid(q->eku); + free(q->eku); + } + if (q->friendlyname) free(q->friendlyname); - memset(q, 0, sizeof(*q)); - } + if (q->expr) + _hx509_expr_free(q->expr); + + memset(q, 0, sizeof(*q)); free(q); } @@ -2669,6 +2945,7 @@ int _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert cert) { Certificate *c = _hx509_get_cert(cert); + int ret, diff; _hx509_query_statistic(context, 1, q); @@ -2684,17 +2961,20 @@ _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert && der_heim_integer_cmp(&c->tbsCertificate.serialNumber, q->serial) != 0) return 0; - if ((q->match & HX509_QUERY_MATCH_ISSUER_NAME) - && _hx509_name_cmp(&c->tbsCertificate.issuer, q->issuer_name) != 0) - return 0; + if (q->match & HX509_QUERY_MATCH_ISSUER_NAME) { + ret = _hx509_name_cmp(&c->tbsCertificate.issuer, q->issuer_name, &diff); + if (ret || diff) + return 0; + } - if ((q->match & HX509_QUERY_MATCH_SUBJECT_NAME) - && _hx509_name_cmp(&c->tbsCertificate.subject, q->subject_name) != 0) - return 0; + if (q->match & HX509_QUERY_MATCH_SUBJECT_NAME) { + ret = _hx509_name_cmp(&c->tbsCertificate.subject, q->subject_name, &diff); + if (ret || diff) + return 0; + } if (q->match & HX509_QUERY_MATCH_SUBJECT_KEY_ID) { SubjectKeyIdentifier si; - int ret; ret = _hx509_find_extension_subject_key_id(c, &si); if (ret == 0) { @@ -2707,7 +2987,7 @@ _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert } if ((q->match & HX509_QUERY_MATCH_ISSUER_ID)) return 0; - if ((q->match & HX509_QUERY_PRIVATE_KEY) && + if ((q->match & HX509_QUERY_PRIVATE_KEY) && _hx509_cert_private_key(cert) == NULL) return 0; @@ -2736,7 +3016,7 @@ _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert if (q->match & HX509_QUERY_MATCH_LOCAL_KEY_ID) { hx509_cert_attribute a; - a = hx509_cert_get_attribute(cert, oid_id_pkcs_9_at_localKeyId()); + a = hx509_cert_get_attribute(cert, &asn1_oid_id_pkcs_9_at_localKeyId); if (a == NULL) return 0; if (der_heim_octet_string_cmp(&a->data, q->local_key_id) != 0) @@ -2758,17 +3038,16 @@ _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert return 0; } if (q->match & HX509_QUERY_MATCH_FUNCTION) { - int ret = (*q->cmp_func)(q->cmp_func_ctx, cert); + ret = (*q->cmp_func)(context, cert, q->cmp_func_ctx); if (ret != 0) return 0; } if (q->match & HX509_QUERY_MATCH_KEY_HASH_SHA1) { heim_octet_string os; - int ret; os.data = c->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data; - os.length = + os.length = c->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.length / 8; ret = _hx509_verify_signature(context, @@ -2790,6 +3069,24 @@ _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert return 0; } + /* If an EKU is required, check the cert for it. */ + if ((q->match & HX509_QUERY_MATCH_EKU) && + hx509_cert_check_eku(context, cert, q->eku, 0)) + return 0; + + if ((q->match & HX509_QUERY_MATCH_EXPR)) { + hx509_env env = NULL; + + ret = _hx509_cert_to_env(context, cert, &env); + if (ret) + return 0; + + ret = _hx509_expr_eval(context, env, q->expr); + hx509_env_free(&env); + if (ret == 0) + return 0; + } + if (q->match & ~HX509_QUERY_MASK) return 0; @@ -2822,6 +3119,7 @@ _hx509_query_statistic(hx509_context context, int type, const hx509_query *q) f = fopen(context->querystat, "a"); if (f == NULL) return; + rk_cloexec_file(f); fprintf(f, "%d %d\n", type, q->match); fclose(f); } @@ -2880,7 +3178,8 @@ hx509_query_unparse_stats(hx509_context context, int printtype, FILE *out) { rtbl_t t; FILE *f; - int type, mask, i, num; + int type, mask, num; + size_t i; unsigned long multiqueries = 0, totalqueries = 0; struct stat_el stats[32]; @@ -2888,11 +3187,12 @@ hx509_query_unparse_stats(hx509_context context, int printtype, FILE *out) return; f = fopen(context->querystat, "r"); if (f == NULL) { - fprintf(out, "No statistic file %s: %s.\n", + fprintf(out, "No statistic file %s: %s.\n", context->querystat, strerror(errno)); return; } - + rk_cloexec_file(f); + for (i = 0; i < sizeof(stats)/sizeof(stats[0]); i++) { stats[i].index = i; stats[i].stats = 0; @@ -2923,7 +3223,7 @@ hx509_query_unparse_stats(hx509_context context, int printtype, FILE *out) errx(1, "out of memory"); rtbl_set_separator (t, " "); - + rtbl_add_column_by_id (t, 0, "Name", 0); rtbl_add_column_by_id (t, 1, "Counter", 0); @@ -2931,7 +3231,7 @@ hx509_query_unparse_stats(hx509_context context, int printtype, FILE *out) for (i = 0; i < sizeof(stats)/sizeof(stats[0]); i++) { char str[10]; - if (stats[i].index < sizeof(statname)/sizeof(statname[0])) + if (stats[i].index < sizeof(statname)/sizeof(statname[0])) rtbl_add_column_entry_by_id (t, 0, statname[stats[i].index]); else { snprintf(str, sizeof(str), "%d", stats[i].index); @@ -2944,7 +3244,7 @@ hx509_query_unparse_stats(hx509_context context, int printtype, FILE *out) rtbl_format(t, out); rtbl_destroy(t); - fprintf(out, "\nQueries: multi %lu total %lu\n", + fprintf(out, "\nQueries: multi %lu total %lu\n", multiqueries, totalqueries); } @@ -2967,7 +3267,8 @@ hx509_cert_check_eku(hx509_context context, hx509_cert cert, const heim_oid *eku, int allow_any_eku) { ExtKeyUsage e; - int ret, i; + int ret; + size_t i; ret = find_extension_eku(_hx509_get_cert(cert), &e); if (ret) { @@ -3002,7 +3303,8 @@ _hx509_cert_get_keyusage(hx509_context context, Certificate *cert; const Extension *e; size_t size; - int ret, i = 0; + int ret; + size_t i = 0; memset(ku, 0, sizeof(*ku)); @@ -3011,10 +3313,10 @@ _hx509_cert_get_keyusage(hx509_context context, if (_hx509_cert_get_version(cert) < 3) return 0; - e = find_extension(cert, oid_id_x509_ce_keyUsage(), &i); + e = find_extension(cert, &asn1_oid_id_x509_ce_keyUsage, &i); if (e == NULL) return HX509_KU_CERT_MISSING; - + ret = decode_KeyUsage(e->extnValue.data, e->extnValue.length, ku, &size); if (ret) return ret; @@ -3044,7 +3346,7 @@ _hx509_cert_get_eku(hx509_context context, * @param context A hx509 context. * @param c the certificate to encode. * @param os the encode certificate, set to NULL, 0 on case of - * error. Free the returned structure with hx509_xfree(). + * error. Free the os->data with hx509_xfree(). * * @return An hx509 error code, see hx509_get_error_string(). * @@ -3060,7 +3362,7 @@ hx509_cert_binary(hx509_context context, hx509_cert c, heim_octet_string *os) os->data = NULL; os->length = 0; - ASN1_MALLOC_ENCODE(Certificate, os->data, os->length, + ASN1_MALLOC_ENCODE(Certificate, os->data, os->length, _hx509_get_cert(c), &size, ret); if (ret) { os->data = NULL; @@ -3106,3 +3408,205 @@ hx509_xfree(void *ptr) { free(ptr); } + +/** + * + */ + +int +_hx509_cert_to_env(hx509_context context, hx509_cert cert, hx509_env *env) +{ + ExtKeyUsage eku; + hx509_name name; + char *buf; + int ret; + hx509_env envcert = NULL; + + *env = NULL; + + /* version */ + asprintf(&buf, "%d", _hx509_cert_get_version(_hx509_get_cert(cert))); + ret = hx509_env_add(context, &envcert, "version", buf); + free(buf); + if (ret) + goto out; + + /* subject */ + ret = hx509_cert_get_subject(cert, &name); + if (ret) + goto out; + + ret = hx509_name_to_string(name, &buf); + if (ret) { + hx509_name_free(&name); + goto out; + } + + ret = hx509_env_add(context, &envcert, "subject", buf); + hx509_name_free(&name); + if (ret) + goto out; + + /* issuer */ + ret = hx509_cert_get_issuer(cert, &name); + if (ret) + goto out; + + ret = hx509_name_to_string(name, &buf); + hx509_name_free(&name); + if (ret) + goto out; + + ret = hx509_env_add(context, &envcert, "issuer", buf); + hx509_xfree(buf); + if (ret) + goto out; + + /* eku */ + + ret = _hx509_cert_get_eku(context, cert, &eku); + if (ret == HX509_EXTENSION_NOT_FOUND) + ; + else if (ret != 0) + goto out; + else { + size_t i; + hx509_env enveku = NULL; + + for (i = 0; i < eku.len; i++) { + + ret = der_print_heim_oid(&eku.val[i], '.', &buf); + if (ret) { + free_ExtKeyUsage(&eku); + hx509_env_free(&enveku); + goto out; + } + ret = hx509_env_add(context, &enveku, buf, "oid-name-here"); + free(buf); + if (ret) { + free_ExtKeyUsage(&eku); + hx509_env_free(&enveku); + goto out; + } + } + free_ExtKeyUsage(&eku); + + ret = hx509_env_add_binding(context, &envcert, "eku", enveku); + if (ret) { + hx509_env_free(&enveku); + goto out; + } + } + + { + Certificate *c = _hx509_get_cert(cert); + heim_octet_string os, sig; + hx509_env envhash = NULL; + + os.data = c->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data; + os.length = + c->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.length / 8; + + ret = _hx509_create_signature(context, + NULL, + hx509_signature_sha1(), + &os, + NULL, + &sig); + if (ret != 0) + goto out; + + ret = hex_encode(sig.data, sig.length, &buf); + der_free_octet_string(&sig); + if (ret < 0) { + ret = ENOMEM; + hx509_set_error_string(context, 0, ret, + "Out of memory"); + goto out; + } + + ret = hx509_env_add(context, &envhash, "sha1", buf); + free(buf); + if (ret) + goto out; + + ret = hx509_env_add_binding(context, &envcert, "hash", envhash); + if (ret) { + hx509_env_free(&envhash); + goto out; + } + } + + ret = hx509_env_add_binding(context, env, "certificate", envcert); + if (ret) + goto out; + + return 0; + +out: + hx509_env_free(&envcert); + return ret; +} + +/** + * Print a simple representation of a certificate + * + * @param context A hx509 context, can be NULL + * @param cert certificate to print + * @param out the stdio output stream, if NULL, stdout is used + * + * @return An hx509 error code + * + * @ingroup hx509_cert + */ + +int +hx509_print_cert(hx509_context context, hx509_cert cert, FILE *out) +{ + hx509_name name; + char *str; + int ret; + + if (out == NULL) + out = stderr; + + ret = hx509_cert_get_issuer(cert, &name); + if (ret) + return ret; + hx509_name_to_string(name, &str); + hx509_name_free(&name); + fprintf(out, " issuer: \"%s\"\n", str); + free(str); + + ret = hx509_cert_get_subject(cert, &name); + if (ret) + return ret; + hx509_name_to_string(name, &str); + hx509_name_free(&name); + fprintf(out, " subject: \"%s\"\n", str); + free(str); + + { + heim_integer serialNumber; + + ret = hx509_cert_get_serialnumber(cert, &serialNumber); + if (ret) + return ret; + ret = der_print_hex_heim_integer(&serialNumber, &str); + if (ret) + return ret; + der_free_heim_integer(&serialNumber); + fprintf(out, " serial: %s\n", str); + free(str); + } + + printf(" keyusage: "); + ret = hx509_cert_keyusage_print(context, cert, &str); + if (ret == 0) { + fprintf(out, "%s\n", str); + free(str); + } else + fprintf(out, "no"); + + return 0; +} diff --git a/lib/hx509/char_map.h b/lib/hx509/char_map.h new file mode 100644 index 000000000000..8a3026c7e635 --- /dev/null +++ b/lib/hx509/char_map.h @@ -0,0 +1,45 @@ +#define Q_CONTROL_CHAR 1 +#define Q_PRINTABLE 2 +#define Q_RFC2253_QUOTE_FIRST 4 +#define Q_RFC2253_QUOTE_LAST 8 +#define Q_RFC2253_QUOTE 16 +#define Q_RFC2253_HEX 32 + +#define Q_RFC2253 (Q_RFC2253_QUOTE_FIRST|Q_RFC2253_QUOTE_LAST|Q_RFC2253_QUOTE|Q_RFC2253_HEX) + + + +unsigned char char_map[] = { + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x06 , 0x00 , 0x00 , 0x10 , 0x00 , 0x00 , 0x00 , 0x00 , + 0x00 , 0x00 , 0x00 , 0x12 , 0x12 , 0x02 , 0x02 , 0x02 , + 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , + 0x02 , 0x02 , 0x02 , 0x10 , 0x10 , 0x12 , 0x10 , 0x02 , + 0x00 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , + 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , + 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , + 0x02 , 0x02 , 0x02 , 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , + 0x00 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , + 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , + 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , + 0x02 , 0x02 , 0x02 , 0x00 , 0x00 , 0x00 , 0x00 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , + 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 , 0x21 +}; diff --git a/lib/hx509/cms.c b/lib/hx509/cms.c index 80bcaac6c983..4e0a2e03fcb6 100644 --- a/lib/hx509/cms.c +++ b/lib/hx509/cms.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan + * Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,13 +32,12 @@ */ #include "hx_locl.h" -RCSID("$Id: cms.c 22327 2007-12-15 04:49:37Z lha $"); /** * @page page_cms CMS/PKCS7 message functions. * * CMS is defined in RFC 3369 and is an continuation of the RSA Labs - * standard PKCS7. The basic messages in CMS is + * standard PKCS7. The basic messages in CMS is * * - SignedData * Data signed with private key (RSA, DSA, ECDSA) or secret @@ -68,7 +67,7 @@ RCSID("$Id: cms.c 22327 2007-12-15 04:49:37Z lha $"); * der_free_octet_string(). * * @return Returns an hx509 error code. - * + * * @ingroup hx509_cms */ @@ -122,7 +121,7 @@ hx509_cms_wrap_ContentInfo(const heim_oid *oid, * diffrence between no data and the zero length data. * * @return Returns an hx509 error code. - * + * * @ingroup hx509_cms */ @@ -260,6 +259,7 @@ static int find_CMSIdentifier(hx509_context context, CMSIdentifier *client, hx509_certs certs, + time_t time_now, hx509_cert *signer_cert, int match) { @@ -292,7 +292,10 @@ find_CMSIdentifier(hx509_context context, q.match |= match; q.match |= HX509_QUERY_MATCH_TIME; - q.timenow = time(NULL); + if (time_now) + q.timenow = time_now; + else + q.timenow = time(NULL); ret = hx509_certs_find(context, certs, &q, &cert); if (ret == HX509_CERT_NOT_FOUND) { @@ -333,6 +336,7 @@ find_CMSIdentifier(hx509_context context, * @param length length of the data that data point to. * @param encryptedContent in case of detached signature, this * contains the actual encrypted data, othersize its should be NULL. + * @param time_now set the current time, if zero the library uses now as the date. * @param contentType output type oid, should be freed with der_free_oid(). * @param content the data, free with der_free_octet_string(). * @@ -346,6 +350,7 @@ hx509_cms_unenvelope(hx509_context context, const void *data, size_t length, const heim_octet_string *encryptedContent, + time_t time_now, heim_oid *contentType, heim_octet_string *content) { @@ -357,7 +362,8 @@ hx509_cms_unenvelope(hx509_context context, heim_octet_string *params, params_data; heim_octet_string ivec; size_t size; - int ret, i, matched = 0, findflags = 0; + int ret, matched = 0, findflags = 0; + size_t i; memset(&key, 0, sizeof(key)); @@ -407,7 +413,8 @@ hx509_cms_unenvelope(hx509_context context, ri = &ed.recipientInfos.val[i]; - ret = find_CMSIdentifier(context, &ri->rid, certs, &cert, + ret = find_CMSIdentifier(context, &ri->rid, certs, + time_now, &cert, HX509_QUERY_PRIVATE_KEY|findflags); if (ret) continue; @@ -466,7 +473,10 @@ hx509_cms_unenvelope(hx509_context context, ret = hx509_crypto_init(context, NULL, &ai->algorithm, &crypto); if (ret) goto out; - + + if (flags & HX509_CMS_UE_ALLOW_WEAK) + hx509_crypto_allow_weak(crypto); + if (params) { ret = hx509_crypto_set_params(context, crypto, params, &ivec); if (ret) { @@ -483,7 +493,7 @@ hx509_cms_unenvelope(hx509_context context, "of EnvelopedData"); goto out; } - + ret = hx509_crypto_decrypt(crypto, enccontent->data, enccontent->length, @@ -520,7 +530,10 @@ hx509_cms_unenvelope(hx509_context context, * used to RSA. * * @param context A hx509 context. - * @param flags flags to control the behavior, no flags today + * @param flags flags to control the behavior. + * - HX509_CMS_EV_NO_KU_CHECK - Dont check KU on certificate + * - HX509_CMS_EV_ALLOW_WEAK - Allow weak crytpo + * - HX509_CMS_EV_ID_NAME - prefer issuer name and serial number * @param cert Certificate to encrypt the EnvelopedData encryption key * with. * @param data pointer the data to encrypt. @@ -548,9 +561,9 @@ hx509_cms_envelope_1(hx509_context context, heim_octet_string ivec; heim_octet_string key; hx509_crypto crypto = NULL; + int ret, cmsidflag; EnvelopedData ed; size_t size; - int ret; memset(&ivec, 0, sizeof(ivec)); memset(&key, 0, sizeof(key)); @@ -558,16 +571,21 @@ hx509_cms_envelope_1(hx509_context context, memset(content, 0, sizeof(*content)); if (encryption_type == NULL) - encryption_type = oid_id_aes_256_cbc(); + encryption_type = &asn1_oid_id_aes_256_cbc; - ret = _hx509_check_key_usage(context, cert, 1 << 2, TRUE); - if (ret) - goto out; + if ((flags & HX509_CMS_EV_NO_KU_CHECK) == 0) { + ret = _hx509_check_key_usage(context, cert, 1 << 2, TRUE); + if (ret) + goto out; + } ret = hx509_crypto_init(context, NULL, encryption_type, &crypto); if (ret) goto out; + if (flags & HX509_CMS_EV_ALLOW_WEAK) + hx509_crypto_allow_weak(crypto); + ret = hx509_crypto_set_random_key(crypto, &key); if (ret) { hx509_set_error_string(context, 0, ret, @@ -602,7 +620,7 @@ hx509_cms_envelope_1(hx509_context context, "Failed to set crypto oid " "for EnvelopedData"); goto out; - } + } ALLOC(enc_alg->parameters, 1); if (enc_alg->parameters == NULL) { ret = ENOMEM; @@ -632,8 +650,15 @@ hx509_cms_envelope_1(hx509_context context, ri = &ed.recipientInfos.val[0]; - ri->version = 0; - ret = fill_CMSIdentifier(cert, CMS_ID_SKI, &ri->rid); + if (flags & HX509_CMS_EV_ID_NAME) { + ri->version = 0; + cmsidflag = CMS_ID_NAME; + } else { + ri->version = 2; + cmsidflag = CMS_ID_SKI; + } + + ret = fill_CMSIdentifier(cert, cmsidflag, &ri->rid); if (ret) { hx509_set_error_string(context, 0, ret, "Failed to set CMS identifier info " @@ -641,7 +666,7 @@ hx509_cms_envelope_1(hx509_context context, goto out; } - ret = _hx509_cert_public_encrypt(context, + ret = hx509_cert_public_encrypt(context, &key, cert, &ri->keyEncryptionAlgorithm.algorithm, &ri->encryptedKey); @@ -694,7 +719,8 @@ hx509_cms_envelope_1(hx509_context context, static int any_to_certs(hx509_context context, const SignedData *sd, hx509_certs certs) { - int ret, i; + int ret; + size_t i; if (sd->certificates == NULL) return 0; @@ -702,8 +728,8 @@ any_to_certs(hx509_context context, const SignedData *sd, hx509_certs certs) for (i = 0; i < sd->certificates->len; i++) { hx509_cert c; - ret = hx509_cert_init_data(context, - sd->certificates->val[i].data, + ret = hx509_cert_init_data(context, + sd->certificates->val[i].data, sd->certificates->val[i].length, &c); if (ret) @@ -720,7 +746,7 @@ any_to_certs(hx509_context context, const SignedData *sd, hx509_certs certs) static const Attribute * find_attribute(const CMSAttributes *attr, const heim_oid *oid) { - int i; + size_t i; for (i = 0; i < attr->len; i++) if (der_heim_oid_cmp(&attr->val[i].type, oid) == 0) return &attr->val[i]; @@ -731,12 +757,16 @@ find_attribute(const CMSAttributes *attr, const heim_oid *oid) * Decode SignedData and verify that the signature is correct. * * @param context A hx509 context. - * @param ctx a hx509 version context - * @param data + * @param ctx a hx509 verify context. + * @param flags to control the behaivor of the function. + * - HX509_CMS_VS_NO_KU_CHECK - Don't check KeyUsage + * - HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH - allow oid mismatch + * - HX509_CMS_VS_ALLOW_ZERO_SIGNER - no signer, see below. + * @param data pointer to CMS SignedData encoded data. * @param length length of the data that data point to. - * @param signedContent + * @param signedContent external data used for signature. * @param pool certificate pool to build certificates paths. - * @param contentType free with der_free_oid() + * @param contentType free with der_free_oid(). * @param content the output of the function, free with * der_free_octet_string(). * @param signer_certs list of the cerficates used to sign this @@ -748,6 +778,7 @@ find_attribute(const CMSAttributes *attr, const heim_oid *oid) int hx509_cms_verify_signed(hx509_context context, hx509_verify_ctx ctx, + unsigned int flags, const void *data, size_t length, const heim_octet_string *signedContent, @@ -761,7 +792,8 @@ hx509_cms_verify_signed(hx509_context context, hx509_certs certs = NULL; SignedData sd; size_t size; - int ret, i, found_valid_sig; + int ret, found_valid_sig; + size_t i; *signer_certs = NULL; content->data = NULL; @@ -790,8 +822,15 @@ hx509_cms_verify_signed(hx509_context context, "Both external and internal SignedData"); goto out; } + if (sd.encapContentInfo.eContent) - signedContent = sd.encapContentInfo.eContent; + ret = der_copy_octet_string(sd.encapContentInfo.eContent, content); + else + ret = der_copy_octet_string(signedContent, content); + if (ret) { + hx509_set_error_string(context, 0, ret, "malloc: out of memory"); + goto out; + } ret = hx509_certs_init(context, "MEMORY:cms-cert-buffer", 0, NULL, &certs); @@ -816,7 +855,7 @@ hx509_cms_verify_signed(hx509_context context, } for (found_valid_sig = 0, i = 0; i < sd.signerInfos.len; i++) { - heim_octet_string *signed_data; + heim_octet_string signed_data; const heim_oid *match_oid; heim_oid decode_oid; @@ -831,14 +870,29 @@ hx509_cms_verify_signed(hx509_context context, continue; } - ret = find_CMSIdentifier(context, &signer_info->sid, certs, &cert, + ret = find_CMSIdentifier(context, &signer_info->sid, certs, + _hx509_verify_get_time(ctx), &cert, HX509_QUERY_KU_DIGITALSIGNATURE); - if (ret) - continue; + if (ret) { + /** + * If HX509_CMS_VS_NO_KU_CHECK is set, allow more liberal + * search for matching certificates by not considering + * KeyUsage bits on the certificates. + */ + if ((flags & HX509_CMS_VS_NO_KU_CHECK) == 0) + continue; + + ret = find_CMSIdentifier(context, &signer_info->sid, certs, + _hx509_verify_get_time(ctx), &cert, + 0); + if (ret) + continue; + + } if (signer_info->signedAttrs) { const Attribute *attr; - + CMSAttributes sa; heim_octet_string os; @@ -846,7 +900,7 @@ hx509_cms_verify_signed(hx509_context context, sa.len = signer_info->signedAttrs->len; /* verify that sigature exists */ - attr = find_attribute(&sa, oid_id_pkcs9_messageDigest()); + attr = find_attribute(&sa, &asn1_oid_id_pkcs9_messageDigest); if (attr == NULL) { ret = HX509_CRYPTO_SIGNATURE_MISSING; hx509_set_error_string(context, 0, ret, @@ -862,7 +916,7 @@ hx509_cms_verify_signed(hx509_context context, "messageDigest (signature)"); goto next_sigature; } - + ret = decode_MessageDigest(attr->value.val[0].data, attr->value.val[0].length, &os, @@ -877,7 +931,7 @@ hx509_cms_verify_signed(hx509_context context, ret = _hx509_verify_signature(context, NULL, &signer_info->digestAlgorithm, - signedContent, + content, &os); der_free_octet_string(&os); if (ret) { @@ -890,9 +944,9 @@ hx509_cms_verify_signed(hx509_context context, * Fetch content oid inside signedAttrs or set it to * id-pkcs7-data. */ - attr = find_attribute(&sa, oid_id_pkcs9_contentType()); + attr = find_attribute(&sa, &asn1_oid_id_pkcs9_contentType); if (attr == NULL) { - match_oid = oid_id_pkcs7_data(); + match_oid = &asn1_oid_id_pkcs7_data; } else { if (attr->value.len != 1) { ret = HX509_CMS_DATA_OID_MISMATCH; @@ -914,36 +968,36 @@ hx509_cms_verify_signed(hx509_context context, match_oid = &decode_oid; } - ALLOC(signed_data, 1); - if (signed_data == NULL) { - if (match_oid == &decode_oid) - der_free_oid(&decode_oid); - ret = ENOMEM; - hx509_clear_error_string(context); - goto next_sigature; - } - ASN1_MALLOC_ENCODE(CMSAttributes, - signed_data->data, - signed_data->length, + signed_data.data, + signed_data.length, &sa, &size, ret); if (ret) { if (match_oid == &decode_oid) der_free_oid(&decode_oid); - free(signed_data); hx509_clear_error_string(context); goto next_sigature; } - if (size != signed_data->length) + if (size != signed_data.length) _hx509_abort("internal ASN.1 encoder error"); } else { - signed_data = rk_UNCONST(signedContent); - match_oid = oid_id_pkcs7_data(); + signed_data.data = content->data; + signed_data.length = content->length; + match_oid = &asn1_oid_id_pkcs7_data; } - if (der_heim_oid_cmp(match_oid, &sd.encapContentInfo.eContentType)) { + /** + * If HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH, allow + * encapContentInfo mismatch with the oid in signedAttributes + * (or if no signedAttributes where use, pkcs7-data oid). + * This is only needed to work with broken CMS implementations + * that doesn't follow CMS signedAttributes rules. + */ + + if (der_heim_oid_cmp(match_oid, &sd.encapContentInfo.eContentType) && + (flags & HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH) == 0) { ret = HX509_CMS_DATA_OID_MISMATCH; hx509_set_error_string(context, 0, ret, "Oid in message mismatch from the expected"); @@ -955,23 +1009,28 @@ hx509_cms_verify_signed(hx509_context context, ret = hx509_verify_signature(context, cert, &signer_info->signatureAlgorithm, - signed_data, + &signed_data, &signer_info->signature); if (ret) hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "Failed to verify sigature in " + "Failed to verify signature in " "CMS SignedData"); } - if (signed_data != signedContent) { - der_free_octet_string(signed_data); - free(signed_data); - } + if (signer_info->signedAttrs) + free(signed_data.data); if (ret) goto next_sigature; - ret = hx509_verify_path(context, ctx, cert, certs); - if (ret) - goto next_sigature; + /** + * If HX509_CMS_VS_NO_VALIDATE flags is set, do not verify the + * signing certificates and leave that up to the caller. + */ + + if ((flags & HX509_CMS_VS_NO_VALIDATE) == 0) { + ret = hx509_verify_path(context, ctx, cert, certs); + if (ret) + goto next_sigature; + } ret = hx509_certs_add(context, *signer_certs, cert); if (ret) @@ -984,7 +1043,18 @@ hx509_cms_verify_signed(hx509_context context, hx509_cert_free(cert); cert = NULL; } - if (found_valid_sig == 0) { + /** + * If HX509_CMS_VS_ALLOW_ZERO_SIGNER is set, allow empty + * SignerInfo (no signatures). If SignedData have no signatures, + * the function will return 0 with signer_certs set to NULL. Zero + * signers is allowed by the standard, but since its only useful + * in corner cases, it make into a flag that the caller have to + * turn on. + */ + if (sd.signerInfos.len == 0 && (flags & HX509_CMS_VS_ALLOW_ZERO_SIGNER)) { + if (*signer_certs) + hx509_certs_free(signer_certs); + } else if (found_valid_sig == 0) { if (ret == 0) { ret = HX509_CMS_SIGNER_NOT_FOUND; hx509_set_error_string(context, 0, ret, @@ -999,20 +1069,13 @@ hx509_cms_verify_signed(hx509_context context, goto out; } - content->data = malloc(signedContent->length); - if (content->data == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - content->length = signedContent->length; - memcpy(content->data, signedContent->data, content->length); - out: free_SignedData(&sd); if (certs) hx509_certs_free(&certs); if (ret) { + if (content->data) + der_free_octet_string(content); if (*signer_certs) hx509_certs_free(signer_certs); der_free_oid(contentType); @@ -1053,7 +1116,7 @@ add_one_attribute(Attribute **attr, return 0; } - + /** * Decode SignedData and verify that the signature is correct. * @@ -1089,26 +1152,56 @@ hx509_cms_create_signed_1(hx509_context context, hx509_certs pool, heim_octet_string *signed_data) { - AlgorithmIdentifier digest; - hx509_name name; - SignerInfo *signer_info; - heim_octet_string buf, content, sigdata = { 0, NULL }; + hx509_certs certs; + int ret = 0; + + signed_data->data = NULL; + signed_data->length = 0; + + ret = hx509_certs_init(context, "MEMORY:certs", 0, NULL, &certs); + if (ret) + return ret; + ret = hx509_certs_add(context, certs, cert); + if (ret) + goto out; + + ret = hx509_cms_create_signed(context, flags, eContentType, data, length, + digest_alg, certs, peer, anchors, pool, + signed_data); + + out: + hx509_certs_free(&certs); + return ret; +} + +struct sigctx { SignedData sd; - int ret; + const AlgorithmIdentifier *digest_alg; + const heim_oid *eContentType; + heim_octet_string content; + hx509_peer_info peer; + int cmsidflag; + int leafonly; + hx509_certs certs; + hx509_certs anchors; + hx509_certs pool; +}; + +static int +sig_process(hx509_context context, void *ctx, hx509_cert cert) +{ + struct sigctx *sigctx = ctx; + heim_octet_string buf, sigdata = { 0, NULL }; + SignerInfo *signer_info = NULL; + AlgorithmIdentifier digest; size_t size; + void *ptr; + int ret; + SignedData *sd = &sigctx->sd; hx509_path path; - int cmsidflag = CMS_ID_SKI; - memset(&sd, 0, sizeof(sd)); - memset(&name, 0, sizeof(name)); - memset(&path, 0, sizeof(path)); memset(&digest, 0, sizeof(digest)); - - content.data = rk_UNCONST(data); - content.length = length; - - if (flags & HX509_CMS_SIGATURE_ID_NAME) - cmsidflag = CMS_ID_NAME; + memset(&path, 0, sizeof(path)); if (_hx509_cert_private_key(cert) == NULL) { hx509_set_error_string(context, 0, HX509_PRIVATE_KEY_MISSING, @@ -1116,64 +1209,45 @@ hx509_cms_create_signed_1(hx509_context context, return HX509_PRIVATE_KEY_MISSING; } - if (digest_alg == NULL) { - ret = hx509_crypto_select(context, HX509_SELECT_DIGEST, - _hx509_cert_private_key(cert), peer, &digest); - } else { - ret = copy_AlgorithmIdentifier(digest_alg, &digest); + if (sigctx->digest_alg) { + ret = copy_AlgorithmIdentifier(sigctx->digest_alg, &digest); if (ret) hx509_clear_error_string(context); + } else { + ret = hx509_crypto_select(context, HX509_SELECT_DIGEST, + _hx509_cert_private_key(cert), + sigctx->peer, &digest); } if (ret) goto out; - sd.version = CMSVersion_v3; + /* + * Allocate on more signerInfo and do the signature processing + */ - if (eContentType == NULL) - eContentType = oid_id_pkcs7_data(); - - der_copy_oid(eContentType, &sd.encapContentInfo.eContentType); - - /* */ - if ((flags & HX509_CMS_SIGATURE_DETACHED) == 0) { - ALLOC(sd.encapContentInfo.eContent, 1); - if (sd.encapContentInfo.eContent == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - sd.encapContentInfo.eContent->data = malloc(length); - if (sd.encapContentInfo.eContent->data == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - memcpy(sd.encapContentInfo.eContent->data, data, length); - sd.encapContentInfo.eContent->length = length; - } - - ALLOC_SEQ(&sd.signerInfos, 1); - if (sd.signerInfos.val == NULL) { - hx509_clear_error_string(context); + ptr = realloc(sd->signerInfos.val, + (sd->signerInfos.len + 1) * sizeof(sd->signerInfos.val[0])); + if (ptr == NULL) { ret = ENOMEM; goto out; } + sd->signerInfos.val = ptr; - signer_info = &sd.signerInfos.val[0]; + signer_info = &sd->signerInfos.val[sd->signerInfos.len]; + + memset(signer_info, 0, sizeof(*signer_info)); signer_info->version = 1; - ret = fill_CMSIdentifier(cert, cmsidflag, &signer_info->sid); + ret = fill_CMSIdentifier(cert, sigctx->cmsidflag, &signer_info->sid); if (ret) { hx509_clear_error_string(context); goto out; - } + } signer_info->signedAttrs = NULL; signer_info->unsignedAttrs = NULL; - ret = copy_AlgorithmIdentifier(&digest, &signer_info->digestAlgorithm); if (ret) { hx509_clear_error_string(context); @@ -1184,8 +1258,8 @@ hx509_cms_create_signed_1(hx509_context context, * If it isn't pkcs7-data send signedAttributes */ - if (der_heim_oid_cmp(eContentType, oid_id_pkcs7_data()) != 0) { - CMSAttributes sa; + if (der_heim_oid_cmp(sigctx->eContentType, &asn1_oid_id_pkcs7_data) != 0) { + CMSAttributes sa; heim_octet_string sig; ALLOC(signer_info->signedAttrs, 1); @@ -1197,7 +1271,7 @@ hx509_cms_create_signed_1(hx509_context context, ret = _hx509_create_signature(context, NULL, &digest, - &content, + &sigctx->content, NULL, &sig); if (ret) @@ -1219,9 +1293,10 @@ hx509_cms_create_signed_1(hx509_context context, ret = add_one_attribute(&signer_info->signedAttrs->val, &signer_info->signedAttrs->len, - oid_id_pkcs9_messageDigest(), + &asn1_oid_id_pkcs9_messageDigest, &buf); if (ret) { + free(buf.data); hx509_clear_error_string(context); goto out; } @@ -1230,7 +1305,7 @@ hx509_cms_create_signed_1(hx509_context context, ASN1_MALLOC_ENCODE(ContentType, buf.data, buf.length, - eContentType, + sigctx->eContentType, &size, ret); if (ret) @@ -1240,16 +1315,17 @@ hx509_cms_create_signed_1(hx509_context context, ret = add_one_attribute(&signer_info->signedAttrs->val, &signer_info->signedAttrs->len, - oid_id_pkcs9_contentType(), + &asn1_oid_id_pkcs9_contentType, &buf); if (ret) { + free(buf.data); hx509_clear_error_string(context); goto out; } sa.val = signer_info->signedAttrs->val; sa.len = signer_info->signedAttrs->len; - + ASN1_MALLOC_ENCODE(CMSAttributes, sigdata.data, sigdata.length, @@ -1263,16 +1339,15 @@ hx509_cms_create_signed_1(hx509_context context, if (size != sigdata.length) _hx509_abort("internal ASN.1 encoder error"); } else { - sigdata.data = content.data; - sigdata.length = content.length; + sigdata.data = sigctx->content.data; + sigdata.length = sigctx->content.length; } - { AlgorithmIdentifier sigalg; ret = hx509_crypto_select(context, HX509_SELECT_PUBLIC_SIG, - _hx509_cert_private_key(cert), peer, + _hx509_cert_private_key(cert), sigctx->peer, &sigalg); if (ret) goto out; @@ -1288,54 +1363,30 @@ hx509_cms_create_signed_1(hx509_context context, goto out; } - ALLOC_SEQ(&sd.digestAlgorithms, 1); - if (sd.digestAlgorithms.val == NULL) { - ret = ENOMEM; - hx509_clear_error_string(context); - goto out; - } - - ret = copy_AlgorithmIdentifier(&digest, &sd.digestAlgorithms.val[0]); - if (ret) { - hx509_clear_error_string(context); - goto out; - } + sigctx->sd.signerInfos.len++; + signer_info = NULL; /* * Provide best effort path */ - if (pool) { - _hx509_calculate_path(context, - HX509_CALCULATE_PATH_NO_ANCHOR, - time(NULL), - anchors, - 0, - cert, - pool, - &path); - } else - _hx509_path_append(context, &path, cert); + if (sigctx->certs) { + unsigned int i; - - if (path.len) { - int i; - - ALLOC(sd.certificates, 1); - if (sd.certificates == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - ALLOC_SEQ(sd.certificates, path.len); - if (sd.certificates->val == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } + if (sigctx->pool && sigctx->leafonly == 0) { + _hx509_calculate_path(context, + HX509_CALCULATE_PATH_NO_ANCHOR, + time(NULL), + sigctx->anchors, + 0, + cert, + sigctx->pool, + &path); + } else + _hx509_path_append(context, &path, cert); for (i = 0; i < path.len; i++) { - ret = hx509_cert_binary(context, path.val[i], - &sd.certificates->val[i]); + /* XXX remove dups */ + ret = hx509_certs_add(context, sigctx->certs, path.val[i]); if (ret) { hx509_clear_error_string(context); goto out; @@ -1343,9 +1394,180 @@ hx509_cms_create_signed_1(hx509_context context, } } + out: + if (signer_info) + free_SignerInfo(signer_info); + if (sigdata.data != sigctx->content.data) + der_free_octet_string(&sigdata); + _hx509_path_free(&path); + free_AlgorithmIdentifier(&digest); + + return ret; +} + +static int +cert_process(hx509_context context, void *ctx, hx509_cert cert) +{ + struct sigctx *sigctx = ctx; + const unsigned int i = sigctx->sd.certificates->len; + void *ptr; + int ret; + + ptr = realloc(sigctx->sd.certificates->val, + (i + 1) * sizeof(sigctx->sd.certificates->val[0])); + if (ptr == NULL) + return ENOMEM; + sigctx->sd.certificates->val = ptr; + + ret = hx509_cert_binary(context, cert, + &sigctx->sd.certificates->val[i]); + if (ret == 0) + sigctx->sd.certificates->len++; + + return ret; +} + +static int +cmp_AlgorithmIdentifier(const AlgorithmIdentifier *p, const AlgorithmIdentifier *q) +{ + return der_heim_oid_cmp(&p->algorithm, &q->algorithm); +} + +int +hx509_cms_create_signed(hx509_context context, + int flags, + const heim_oid *eContentType, + const void *data, size_t length, + const AlgorithmIdentifier *digest_alg, + hx509_certs certs, + hx509_peer_info peer, + hx509_certs anchors, + hx509_certs pool, + heim_octet_string *signed_data) +{ + unsigned int i, j; + hx509_name name; + int ret; + size_t size; + struct sigctx sigctx; + + memset(&sigctx, 0, sizeof(sigctx)); + memset(&name, 0, sizeof(name)); + + if (eContentType == NULL) + eContentType = &asn1_oid_id_pkcs7_data; + + sigctx.digest_alg = digest_alg; + sigctx.content.data = rk_UNCONST(data); + sigctx.content.length = length; + sigctx.eContentType = eContentType; + sigctx.peer = peer; + /** + * Use HX509_CMS_SIGNATURE_ID_NAME to preferred use of issuer name + * and serial number if possible. Otherwise subject key identifier + * will preferred. + */ + if (flags & HX509_CMS_SIGNATURE_ID_NAME) + sigctx.cmsidflag = CMS_ID_NAME; + else + sigctx.cmsidflag = CMS_ID_SKI; + + /** + * Use HX509_CMS_SIGNATURE_LEAF_ONLY to only request leaf + * certificates to be added to the SignedData. + */ + sigctx.leafonly = (flags & HX509_CMS_SIGNATURE_LEAF_ONLY) ? 1 : 0; + + /** + * Use HX509_CMS_NO_CERTS to make the SignedData contain no + * certificates, overrides HX509_CMS_SIGNATURE_LEAF_ONLY. + */ + + if ((flags & HX509_CMS_SIGNATURE_NO_CERTS) == 0) { + ret = hx509_certs_init(context, "MEMORY:certs", 0, NULL, &sigctx.certs); + if (ret) + return ret; + } + + sigctx.anchors = anchors; + sigctx.pool = pool; + + sigctx.sd.version = CMSVersion_v3; + + der_copy_oid(eContentType, &sigctx.sd.encapContentInfo.eContentType); + + /** + * Use HX509_CMS_SIGNATURE_DETACHED to create detached signatures. + */ + if ((flags & HX509_CMS_SIGNATURE_DETACHED) == 0) { + ALLOC(sigctx.sd.encapContentInfo.eContent, 1); + if (sigctx.sd.encapContentInfo.eContent == NULL) { + hx509_clear_error_string(context); + ret = ENOMEM; + goto out; + } + + sigctx.sd.encapContentInfo.eContent->data = malloc(length); + if (sigctx.sd.encapContentInfo.eContent->data == NULL) { + hx509_clear_error_string(context); + ret = ENOMEM; + goto out; + } + memcpy(sigctx.sd.encapContentInfo.eContent->data, data, length); + sigctx.sd.encapContentInfo.eContent->length = length; + } + + /** + * Use HX509_CMS_SIGNATURE_NO_SIGNER to create no sigInfo (no + * signatures). + */ + if ((flags & HX509_CMS_SIGNATURE_NO_SIGNER) == 0) { + ret = hx509_certs_iter_f(context, certs, sig_process, &sigctx); + if (ret) + goto out; + } + + if (sigctx.sd.signerInfos.len) { + + /* + * For each signerInfo, collect all different digest types. + */ + for (i = 0; i < sigctx.sd.signerInfos.len; i++) { + AlgorithmIdentifier *di = + &sigctx.sd.signerInfos.val[i].digestAlgorithm; + + for (j = 0; j < sigctx.sd.digestAlgorithms.len; j++) + if (cmp_AlgorithmIdentifier(di, &sigctx.sd.digestAlgorithms.val[j]) == 0) + break; + if (j == sigctx.sd.digestAlgorithms.len) { + ret = add_DigestAlgorithmIdentifiers(&sigctx.sd.digestAlgorithms, di); + if (ret) { + hx509_clear_error_string(context); + goto out; + } + } + } + } + + /* + * Add certs we think are needed, build as part of sig_process + */ + if (sigctx.certs) { + ALLOC(sigctx.sd.certificates, 1); + if (sigctx.sd.certificates == NULL) { + hx509_clear_error_string(context); + ret = ENOMEM; + goto out; + } + + ret = hx509_certs_iter_f(context, sigctx.certs, cert_process, &sigctx); + if (ret) + goto out; + } + ASN1_MALLOC_ENCODE(SignedData, signed_data->data, signed_data->length, - &sd, &size, ret); + &sigctx.sd, &size, ret); if (ret) { hx509_clear_error_string(context); goto out; @@ -1354,11 +1576,8 @@ hx509_cms_create_signed_1(hx509_context context, _hx509_abort("internal ASN.1 encoder error"); out: - if (sigdata.data != content.data) - der_free_octet_string(&sigdata); - free_AlgorithmIdentifier(&digest); - _hx509_path_free(&path); - free_SignedData(&sd); + hx509_certs_free(&sigctx.certs); + free_SignedData(&sigctx.sd); return ret; } diff --git a/lib/hx509/collector.c b/lib/hx509/collector.c index 8b6ffcb94567..15f8163f8093 100644 --- a/lib/hx509/collector.c +++ b/lib/hx509/collector.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: collector.c 20778 2007-06-01 22:04:13Z lha $"); struct private_key { AlgorithmIdentifier alg; @@ -106,14 +105,14 @@ free_private_key(struct private_key *key) { free_AlgorithmIdentifier(&key->alg); if (key->private_key) - _hx509_private_key_free(&key->private_key); + hx509_private_key_free(&key->private_key); der_free_octet_string(&key->localKeyId); free(key); } int _hx509_collector_private_key_add(hx509_context context, - struct hx509_collector *c, + struct hx509_collector *c, const AlgorithmIdentifier *alg, hx509_private_key private_key, const heim_octet_string *key_data, @@ -134,7 +133,7 @@ _hx509_collector_private_key_add(hx509_context context, return ENOMEM; } c->val.data = d; - + ret = copy_AlgorithmIdentifier(alg, &key->alg); if (ret) { hx509_set_error_string(context, 0, ret, "Failed to copy " @@ -144,8 +143,9 @@ _hx509_collector_private_key_add(hx509_context context, if (private_key) { key->private_key = private_key; } else { - ret = _hx509_parse_private_key(context, &alg->algorithm, + ret = hx509_parse_private_key(context, alg, key_data->data, key_data->length, + HX509_KEY_FORMAT_DER, &key->private_key); if (ret) goto out; @@ -153,7 +153,7 @@ _hx509_collector_private_key_add(hx509_context context, if (localKeyId) { ret = der_copy_octet_string(localKeyId, &key->localKeyId); if (ret) { - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Failed to copy localKeyId"); goto out; } @@ -187,12 +187,12 @@ match_localkeyid(hx509_context context, _hx509_query_clear(&q); q.match |= HX509_QUERY_MATCH_LOCAL_KEY_ID; - + q.local_key_id = &value->localKeyId; - + ret = hx509_certs_find(context, certs, &q, &cert); if (ret == 0) { - + if (value->private_key) _hx509_cert_assign_key(cert, value->private_key); hx509_cert_free(cert); @@ -208,7 +208,7 @@ match_keys(hx509_context context, struct private_key *value, hx509_certs certs) int ret, found = HX509_CERT_NOT_FOUND; if (value->private_key == NULL) { - hx509_set_error_string(context, 0, HX509_PRIVATE_KEY_MISSING, + hx509_set_error_string(context, 0, HX509_PRIVATE_KEY_MISSING, "No private key to compare with"); return HX509_PRIVATE_KEY_MISSING; } @@ -248,12 +248,13 @@ match_keys(hx509_context context, struct private_key *value, hx509_certs certs) } int -_hx509_collector_collect_certs(hx509_context context, +_hx509_collector_collect_certs(hx509_context context, struct hx509_collector *c, hx509_certs *ret_certs) { hx509_certs certs; - int ret, i; + int ret; + size_t i; *ret_certs = NULL; @@ -282,11 +283,11 @@ _hx509_collector_collect_certs(hx509_context context, } int -_hx509_collector_collect_private_keys(hx509_context context, +_hx509_collector_collect_private_keys(hx509_context context, struct hx509_collector *c, hx509_private_key **keys) { - int i, nkeys; + size_t i, nkeys; *keys = NULL; @@ -306,7 +307,7 @@ _hx509_collector_collect_private_keys(hx509_context context, c->val.data[i]->private_key = NULL; } } - (*keys)[nkeys++] = NULL; + (*keys)[nkeys] = NULL; return 0; } @@ -315,7 +316,7 @@ _hx509_collector_collect_private_keys(hx509_context context, void _hx509_collector_free(struct hx509_collector *c) { - int i; + size_t i; if (c->unenvelop_certs) hx509_certs_free(&c->unenvelop_certs); diff --git a/lib/hx509/crmf.asn1 b/lib/hx509/crmf.asn1 index 97ade264ae2c..3d8403c8e86a 100644 --- a/lib/hx509/crmf.asn1 +++ b/lib/hx509/crmf.asn1 @@ -1,4 +1,4 @@ --- $Id: crmf.asn1 17102 2006-04-18 13:05:21Z lha $ +-- $Id$ PKCS10 DEFINITIONS ::= BEGIN diff --git a/lib/hx509/crypto.c b/lib/hx509/crypto.c index e0f00ad7b45b..4559a9c49391 100644 --- a/lib/hx509/crypto.c +++ b/lib/hx509/crypto.c @@ -1,47 +1,42 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: crypto.c 22435 2008-01-14 20:53:56Z lha $"); struct hx509_crypto; struct signature_alg; -enum crypto_op_type { - COT_SIGN -}; - struct hx509_generate_private_context { const heim_oid *key_oid; int isCA; @@ -50,40 +45,23 @@ struct hx509_generate_private_context { struct hx509_private_key_ops { const char *pemtype; - const heim_oid *(*key_oid)(void); + const heim_oid *key_oid; + int (*available)(const hx509_private_key, + const AlgorithmIdentifier *); int (*get_spki)(hx509_context, const hx509_private_key, SubjectPublicKeyInfo *); int (*export)(hx509_context context, const hx509_private_key, + hx509_key_format_t, heim_octet_string *); - int (*import)(hx509_context, - const void *data, - size_t len, - hx509_private_key private_key); + int (*import)(hx509_context, const AlgorithmIdentifier *, + const void *, size_t, hx509_key_format_t, + hx509_private_key); int (*generate_private_key)(hx509_context, struct hx509_generate_private_context *, hx509_private_key); BIGNUM *(*get_internal)(hx509_context, hx509_private_key, const char *); - int (*handle_alg)(const hx509_private_key, - const AlgorithmIdentifier *, - enum crypto_op_type); - int (*sign)(hx509_context context, - const hx509_private_key, - const AlgorithmIdentifier *, - const heim_octet_string *, - AlgorithmIdentifier *, - heim_octet_string *); -#if 0 - const AlgorithmIdentifier *(*preferred_sig_alg) - (const hx509_private_key, - const hx509_peer_info); - int (*unwrap)(hx509_context context, - const hx509_private_key, - const AlgorithmIdentifier *, - const heim_octet_string *, - heim_octet_string *); -#endif }; struct hx509_private_key { @@ -93,8 +71,10 @@ struct hx509_private_key { union { RSA *rsa; void *keydata; +#ifdef HAVE_OPENSSL + EC_KEY *ecdsa; +#endif } private_key; - /* new crypto layer */ hx509_private_key_ops *ops; }; @@ -104,13 +84,14 @@ struct hx509_private_key { struct signature_alg { const char *name; - const heim_oid *(*sig_oid)(void); - const AlgorithmIdentifier *(*sig_alg)(void); - const heim_oid *(*key_oid)(void); - const heim_oid *(*digest_oid)(void); + const heim_oid *sig_oid; + const AlgorithmIdentifier *sig_alg; + const heim_oid *key_oid; + const AlgorithmIdentifier *digest_alg; int flags; -#define PROVIDE_CONF 1 -#define REQUIRE_SIGNER 2 +#define PROVIDE_CONF 0x1 +#define REQUIRE_SIGNER 0x2 +#define SELF_SIGNED_OK 0x4 #define SIG_DIGEST 0x100 #define SIG_PUBLIC_SIG 0x200 @@ -118,7 +99,8 @@ struct signature_alg { #define RA_RSA_USES_DIGEST_INFO 0x1000000 - + time_t best_before; /* refuse signature made after best before date */ + const EVP_MD *(*evp_md)(void); int (*verify_signature)(hx509_context context, const struct signature_alg *, const Certificate *, @@ -132,6 +114,106 @@ struct signature_alg { const heim_octet_string *, AlgorithmIdentifier *, heim_octet_string *); + int digest_size; +}; + +static const struct signature_alg * +find_sig_alg(const heim_oid *oid); + +/* + * + */ + +static const heim_octet_string null_entry_oid = { 2, rk_UNCONST("\x05\x00") }; + +static const unsigned sha512_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 3 }; +const AlgorithmIdentifier _hx509_signature_sha512_data = { + { 9, rk_UNCONST(sha512_oid_tree) }, rk_UNCONST(&null_entry_oid) +}; + +static const unsigned sha384_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 2 }; +const AlgorithmIdentifier _hx509_signature_sha384_data = { + { 9, rk_UNCONST(sha384_oid_tree) }, rk_UNCONST(&null_entry_oid) +}; + +static const unsigned sha256_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 1 }; +const AlgorithmIdentifier _hx509_signature_sha256_data = { + { 9, rk_UNCONST(sha256_oid_tree) }, rk_UNCONST(&null_entry_oid) +}; + +static const unsigned sha1_oid_tree[] = { 1, 3, 14, 3, 2, 26 }; +const AlgorithmIdentifier _hx509_signature_sha1_data = { + { 6, rk_UNCONST(sha1_oid_tree) }, rk_UNCONST(&null_entry_oid) +}; + +static const unsigned md5_oid_tree[] = { 1, 2, 840, 113549, 2, 5 }; +const AlgorithmIdentifier _hx509_signature_md5_data = { + { 6, rk_UNCONST(md5_oid_tree) }, rk_UNCONST(&null_entry_oid) +}; + +static const unsigned ecPublicKey[] ={ 1, 2, 840, 10045, 2, 1 }; +const AlgorithmIdentifier _hx509_signature_ecPublicKey = { + { 6, rk_UNCONST(ecPublicKey) }, NULL +}; + +static const unsigned ecdsa_with_sha256_oid[] ={ 1, 2, 840, 10045, 4, 3, 2 }; +const AlgorithmIdentifier _hx509_signature_ecdsa_with_sha256_data = { + { 7, rk_UNCONST(ecdsa_with_sha256_oid) }, NULL +}; + +static const unsigned ecdsa_with_sha1_oid[] ={ 1, 2, 840, 10045, 4, 1 }; +const AlgorithmIdentifier _hx509_signature_ecdsa_with_sha1_data = { + { 6, rk_UNCONST(ecdsa_with_sha1_oid) }, NULL +}; + +static const unsigned rsa_with_sha512_oid[] ={ 1, 2, 840, 113549, 1, 1, 13 }; +const AlgorithmIdentifier _hx509_signature_rsa_with_sha512_data = { + { 7, rk_UNCONST(rsa_with_sha512_oid) }, NULL +}; + +static const unsigned rsa_with_sha384_oid[] ={ 1, 2, 840, 113549, 1, 1, 12 }; +const AlgorithmIdentifier _hx509_signature_rsa_with_sha384_data = { + { 7, rk_UNCONST(rsa_with_sha384_oid) }, NULL +}; + +static const unsigned rsa_with_sha256_oid[] ={ 1, 2, 840, 113549, 1, 1, 11 }; +const AlgorithmIdentifier _hx509_signature_rsa_with_sha256_data = { + { 7, rk_UNCONST(rsa_with_sha256_oid) }, NULL +}; + +static const unsigned rsa_with_sha1_oid[] ={ 1, 2, 840, 113549, 1, 1, 5 }; +const AlgorithmIdentifier _hx509_signature_rsa_with_sha1_data = { + { 7, rk_UNCONST(rsa_with_sha1_oid) }, NULL +}; + +static const unsigned rsa_with_md5_oid[] ={ 1, 2, 840, 113549, 1, 1, 4 }; +const AlgorithmIdentifier _hx509_signature_rsa_with_md5_data = { + { 7, rk_UNCONST(rsa_with_md5_oid) }, NULL +}; + +static const unsigned rsa_oid[] ={ 1, 2, 840, 113549, 1, 1, 1 }; +const AlgorithmIdentifier _hx509_signature_rsa_data = { + { 7, rk_UNCONST(rsa_oid) }, NULL +}; + +static const unsigned rsa_pkcs1_x509_oid[] ={ 1, 2, 752, 43, 16, 1 }; +const AlgorithmIdentifier _hx509_signature_rsa_pkcs1_x509_data = { + { 6, rk_UNCONST(rsa_pkcs1_x509_oid) }, NULL +}; + +static const unsigned des_rsdi_ede3_cbc_oid[] ={ 1, 2, 840, 113549, 3, 7 }; +const AlgorithmIdentifier _hx509_des_rsdi_ede3_cbc_oid = { + { 6, rk_UNCONST(des_rsdi_ede3_cbc_oid) }, NULL +}; + +static const unsigned aes128_cbc_oid[] ={ 2, 16, 840, 1, 101, 3, 4, 1, 2 }; +const AlgorithmIdentifier _hx509_crypto_aes128_cbc_data = { + { 9, rk_UNCONST(aes128_cbc_oid) }, NULL +}; + +static const unsigned aes256_cbc_oid[] ={ 2, 16, 840, 1, 101, 3, 4, 1, 42 }; +const AlgorithmIdentifier _hx509_crypto_aes256_cbc_data = { + { 9, rk_UNCONST(aes256_cbc_oid) }, NULL }; /* @@ -184,6 +266,265 @@ set_digest_alg(DigestAlgorithmIdentifier *id, return 0; } +#ifdef HAVE_OPENSSL + +static int +heim_oid2ecnid(heim_oid *oid) +{ + /* + * Now map to openssl OID fun + */ + + if (der_heim_oid_cmp(oid, ASN1_OID_ID_EC_GROUP_SECP256R1) == 0) + return NID_X9_62_prime256v1; + else if (der_heim_oid_cmp(oid, ASN1_OID_ID_EC_GROUP_SECP160R1) == 0) + return NID_secp160r1; + else if (der_heim_oid_cmp(oid, ASN1_OID_ID_EC_GROUP_SECP160R2) == 0) + return NID_secp160r2; + + return -1; +} + +static int +parse_ECParameters(hx509_context context, + heim_octet_string *parameters, int *nid) +{ + ECParameters ecparam; + size_t size; + int ret; + + if (parameters == NULL) { + ret = HX509_PARSING_KEY_FAILED; + hx509_set_error_string(context, 0, ret, + "EC parameters missing"); + return ret; + } + + ret = decode_ECParameters(parameters->data, parameters->length, + &ecparam, &size); + if (ret) { + hx509_set_error_string(context, 0, ret, + "Failed to decode EC parameters"); + return ret; + } + + if (ecparam.element != choice_ECParameters_namedCurve) { + free_ECParameters(&ecparam); + hx509_set_error_string(context, 0, ret, + "EC parameters is not a named curve"); + return HX509_CRYPTO_SIG_INVALID_FORMAT; + } + + *nid = heim_oid2ecnid(&ecparam.u.namedCurve); + free_ECParameters(&ecparam); + if (*nid == -1) { + hx509_set_error_string(context, 0, ret, + "Failed to find matcing NID for EC curve"); + return HX509_CRYPTO_SIG_INVALID_FORMAT; + } + return 0; +} + + +/* + * + */ + +static int +ecdsa_verify_signature(hx509_context context, + const struct signature_alg *sig_alg, + const Certificate *signer, + const AlgorithmIdentifier *alg, + const heim_octet_string *data, + const heim_octet_string *sig) +{ + const AlgorithmIdentifier *digest_alg; + const SubjectPublicKeyInfo *spi; + heim_octet_string digest; + int ret; + EC_KEY *key = NULL; + int groupnid; + EC_GROUP *group; + const unsigned char *p; + long len; + + digest_alg = sig_alg->digest_alg; + + ret = _hx509_create_signature(context, + NULL, + digest_alg, + data, + NULL, + &digest); + if (ret) + return ret; + + /* set up EC KEY */ + spi = &signer->tbsCertificate.subjectPublicKeyInfo; + + if (der_heim_oid_cmp(&spi->algorithm.algorithm, ASN1_OID_ID_ECPUBLICKEY) != 0) + return HX509_CRYPTO_SIG_INVALID_FORMAT; + +#ifdef HAVE_OPENSSL + /* + * Find the group id + */ + + ret = parse_ECParameters(context, spi->algorithm.parameters, &groupnid); + if (ret) { + der_free_octet_string(&digest); + return ret; + } + + /* + * Create group, key, parse key + */ + + key = EC_KEY_new(); + group = EC_GROUP_new_by_curve_name(groupnid); + EC_KEY_set_group(key, group); + EC_GROUP_free(group); + + p = spi->subjectPublicKey.data; + len = spi->subjectPublicKey.length / 8; + + if (o2i_ECPublicKey(&key, &p, len) == NULL) { + EC_KEY_free(key); + return HX509_CRYPTO_SIG_INVALID_FORMAT; + } +#else + key = SubjectPublicKeyInfo2EC_KEY(spi); +#endif + + ret = ECDSA_verify(-1, digest.data, digest.length, + sig->data, sig->length, key); + der_free_octet_string(&digest); + EC_KEY_free(key); + if (ret != 1) { + ret = HX509_CRYPTO_SIG_INVALID_FORMAT; + return ret; + } + + return 0; +} + +static int +ecdsa_create_signature(hx509_context context, + const struct signature_alg *sig_alg, + const hx509_private_key signer, + const AlgorithmIdentifier *alg, + const heim_octet_string *data, + AlgorithmIdentifier *signatureAlgorithm, + heim_octet_string *sig) +{ + const AlgorithmIdentifier *digest_alg; + heim_octet_string indata; + const heim_oid *sig_oid; + unsigned int siglen; + int ret; + + if (signer->ops && der_heim_oid_cmp(signer->ops->key_oid, ASN1_OID_ID_ECPUBLICKEY) != 0) + _hx509_abort("internal error passing private key to wrong ops"); + + sig_oid = sig_alg->sig_oid; + digest_alg = sig_alg->digest_alg; + + if (signatureAlgorithm) { + ret = set_digest_alg(signatureAlgorithm, sig_oid, "\x05\x00", 2); + if (ret) { + hx509_clear_error_string(context); + goto error; + } + } + + ret = _hx509_create_signature(context, + NULL, + digest_alg, + data, + NULL, + &indata); + if (ret) { + if (signatureAlgorithm) + free_AlgorithmIdentifier(signatureAlgorithm); + goto error; + } + + sig->length = ECDSA_size(signer->private_key.ecdsa); + sig->data = malloc(sig->length); + if (sig->data == NULL) { + der_free_octet_string(&indata); + ret = ENOMEM; + hx509_set_error_string(context, 0, ret, "out of memory"); + goto error; + } + + siglen = sig->length; + + ret = ECDSA_sign(-1, indata.data, indata.length, + sig->data, &siglen, signer->private_key.ecdsa); + der_free_octet_string(&indata); + if (ret != 1) { + ret = HX509_CMS_FAILED_CREATE_SIGATURE; + hx509_set_error_string(context, 0, ret, + "ECDSA sign failed: %d", ret); + goto error; + } + if (siglen > sig->length) + _hx509_abort("ECDSA signature prelen longer the output len"); + + sig->length = siglen; + + return 0; + error: + if (signatureAlgorithm) + free_AlgorithmIdentifier(signatureAlgorithm); + return ret; +} + +static int +ecdsa_available(const hx509_private_key signer, + const AlgorithmIdentifier *sig_alg) +{ + const struct signature_alg *sig; + const EC_GROUP *group; + BN_CTX *bnctx = NULL; + BIGNUM *order = NULL; + int ret = 0; + + if (der_heim_oid_cmp(signer->ops->key_oid, &asn1_oid_id_ecPublicKey) != 0) + _hx509_abort("internal error passing private key to wrong ops"); + + sig = find_sig_alg(&sig_alg->algorithm); + + if (sig == NULL || sig->digest_size == 0) + return 0; + + group = EC_KEY_get0_group(signer->private_key.ecdsa); + if (group == NULL) + return 0; + + bnctx = BN_CTX_new(); + order = BN_new(); + if (order == NULL) + goto err; + + if (EC_GROUP_get_order(group, order, bnctx) != 1) + goto err; + + if (BN_num_bytes(order) > sig->digest_size) + ret = 1; + err: + if (bnctx) + BN_CTX_free(bnctx); + if (order) + BN_clear_free(order); + + return ret; +} + + +#endif /* HAVE_OPENSSL */ + /* * */ @@ -202,32 +543,18 @@ rsa_verify_signature(hx509_context context, int tosize, retsize; int ret; RSA *rsa; - RSAPublicKey pk; size_t size; + const unsigned char *p; memset(&di, 0, sizeof(di)); spi = &signer->tbsCertificate.subjectPublicKeyInfo; - rsa = RSA_new(); + p = spi->subjectPublicKey.data; + size = spi->subjectPublicKey.length / 8; + + rsa = d2i_RSAPublicKey(NULL, &p, size); if (rsa == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - ret = decode_RSAPublicKey(spi->subjectPublicKey.data, - spi->subjectPublicKey.length / 8, - &pk, &size); - if (ret) { - hx509_set_error_string(context, 0, ret, "Failed to decode RSAPublicKey"); - goto out; - } - - rsa->n = heim_int2BN(&pk.modulus); - rsa->e = heim_int2BN(&pk.publicExponent); - - free_RSAPublicKey(&pk); - - if (rsa->n == NULL || rsa->e == NULL) { ret = ENOMEM; hx509_set_error_string(context, 0, ret, "out of memory"); goto out; @@ -241,11 +568,11 @@ rsa_verify_signature(hx509_context context, goto out; } - retsize = RSA_public_decrypt(sig->length, (unsigned char *)sig->data, + retsize = RSA_public_decrypt(sig->length, (unsigned char *)sig->data, to, rsa, RSA_PKCS1_PADDING); if (retsize <= 0) { ret = HX509_CRYPTO_SIG_INVALID_FORMAT; - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "RSA public decrypt failed: %d", retsize); free(to); goto out; @@ -260,23 +587,23 @@ rsa_verify_signature(hx509_context context, if (ret) { goto out; } - + /* Check for extra data inside the sigature */ - if (size != retsize) { + if (size != (size_t)retsize) { ret = HX509_CRYPTO_SIG_INVALID_FORMAT; hx509_set_error_string(context, 0, ret, "size from decryption mismatch"); goto out; } - - if (sig_alg->digest_oid && - der_heim_oid_cmp(&di.digestAlgorithm.algorithm, - (*sig_alg->digest_oid)()) != 0) + + if (sig_alg->digest_alg && + der_heim_oid_cmp(&di.digestAlgorithm.algorithm, + &sig_alg->digest_alg->algorithm) != 0) { ret = HX509_CRYPTO_OID_MISMATCH; hx509_set_error_string(context, 0, ret, "object identifier in RSA sig mismatch"); goto out; } - + /* verify that the parameters are NULL or the NULL-type */ if (di.digestAlgorithm.parameters != NULL && (di.digestAlgorithm.parameters->length != 2 || @@ -293,8 +620,8 @@ rsa_verify_signature(hx509_context context, data, &di.digest); } else { - if (retsize != data->length || - memcmp(to, data->data, retsize) != 0) + if ((size_t)retsize != data->length || + ct_memcmp(to, data->data, retsize) != 0) { ret = HX509_CRYPTO_SIG_INVALID_FORMAT; hx509_set_error_string(context, 0, ret, "RSA Signature incorrect"); @@ -302,10 +629,12 @@ rsa_verify_signature(hx509_context context, } free(to); } + ret = 0; out: free_DigestInfo(&di); - RSA_free(rsa); + if (rsa) + RSA_free(rsa); return ret; } @@ -323,25 +652,32 @@ rsa_create_signature(hx509_context context, const heim_oid *sig_oid; size_t size; int ret; - + + if (signer->ops && der_heim_oid_cmp(signer->ops->key_oid, ASN1_OID_ID_PKCS1_RSAENCRYPTION) != 0) + return HX509_ALG_NOT_SUPP; + if (alg) sig_oid = &alg->algorithm; else sig_oid = signer->signature_alg; - if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_sha256WithRSAEncryption()) == 0) { + if (der_heim_oid_cmp(sig_oid, ASN1_OID_ID_PKCS1_SHA512WITHRSAENCRYPTION) == 0) { + digest_alg = hx509_signature_sha512(); + } else if (der_heim_oid_cmp(sig_oid, ASN1_OID_ID_PKCS1_SHA384WITHRSAENCRYPTION) == 0) { + digest_alg = hx509_signature_sha384(); + } else if (der_heim_oid_cmp(sig_oid, ASN1_OID_ID_PKCS1_SHA256WITHRSAENCRYPTION) == 0) { digest_alg = hx509_signature_sha256(); - } else if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_sha1WithRSAEncryption()) == 0) { + } else if (der_heim_oid_cmp(sig_oid, ASN1_OID_ID_PKCS1_SHA1WITHRSAENCRYPTION) == 0) { digest_alg = hx509_signature_sha1(); - } else if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_md5WithRSAEncryption()) == 0) { + } else if (der_heim_oid_cmp(sig_oid, ASN1_OID_ID_PKCS1_MD5WITHRSAENCRYPTION) == 0) { digest_alg = hx509_signature_md5(); - } else if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_md5WithRSAEncryption()) == 0) { + } else if (der_heim_oid_cmp(sig_oid, ASN1_OID_ID_PKCS1_MD5WITHRSAENCRYPTION) == 0) { digest_alg = hx509_signature_md5(); - } else if (der_heim_oid_cmp(sig_oid, oid_id_dsa_with_sha1()) == 0) { + } else if (der_heim_oid_cmp(sig_oid, ASN1_OID_ID_DSA_WITH_SHA1) == 0) { digest_alg = hx509_signature_sha1(); - } else if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_rsaEncryption()) == 0) { + } else if (der_heim_oid_cmp(sig_oid, ASN1_OID_ID_PKCS1_RSAENCRYPTION) == 0) { digest_alg = hx509_signature_sha1(); - } else if (der_heim_oid_cmp(sig_oid, oid_id_heim_rsa_pkcs1_x509()) == 0) { + } else if (der_heim_oid_cmp(sig_oid, ASN1_OID_ID_HEIM_RSA_PKCS1_X509) == 0) { digest_alg = NULL; } else return HX509_ALG_NOT_SUPP; @@ -391,8 +727,8 @@ rsa_create_signature(hx509_context context, return ENOMEM; } - ret = RSA_private_encrypt(indata.length, indata.data, - sig->data, + ret = RSA_private_encrypt(indata.length, indata.data, + sig->data, signer->private_key.rsa, RSA_PKCS1_PADDING); if (indata.data != data->data) @@ -400,33 +736,43 @@ rsa_create_signature(hx509_context context, if (ret <= 0) { ret = HX509_CMS_FAILED_CREATE_SIGATURE; hx509_set_error_string(context, 0, ret, - "RSA private decrypt failed: %d", ret); + "RSA private encrypt failed: %d", ret); return ret; } - if (ret > sig->length) + if ((size_t)ret > sig->length) _hx509_abort("RSA signature prelen longer the output len"); sig->length = ret; - + return 0; } static int rsa_private_key_import(hx509_context context, + const AlgorithmIdentifier *keyai, const void *data, size_t len, + hx509_key_format_t format, hx509_private_key private_key) { - const unsigned char *p = data; + switch (format) { + case HX509_KEY_FORMAT_DER: { + const unsigned char *p = data; + + private_key->private_key.rsa = + d2i_RSAPrivateKey(NULL, &p, len); + if (private_key->private_key.rsa == NULL) { + hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, + "Failed to parse RSA key"); + return HX509_PARSING_KEY_FAILED; + } + private_key->signature_alg = ASN1_OID_ID_PKCS1_SHA1WITHRSAENCRYPTION; + break; - private_key->private_key.rsa = - d2i_RSAPrivateKey(NULL, &p, len); - if (private_key->private_key.rsa == NULL) { - hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "Failed to parse RSA key"); - return HX509_PARSING_KEY_FAILED; } - private_key->signature_alg = oid_id_pkcs1_sha1WithRSAEncryption(); + default: + return HX509_CRYPTO_KEY_FORMAT_UNSUPPORTED; + } return 0; } @@ -449,7 +795,7 @@ rsa_private_key2SPKI(hx509_context context, } spki->subjectPublicKey.length = len * 8; - ret = set_digest_alg(&spki->algorithm,oid_id_pkcs1_rsaEncryption(), + ret = set_digest_alg(&spki->algorithm, ASN1_OID_ID_PKCS1_RSAENCRYPTION, "\x05\x00", 2); if (ret) { hx509_set_error_string(context, 0, ret, "malloc - out of memory"); @@ -468,7 +814,7 @@ rsa_private_key2SPKI(hx509_context context, } static int -rsa_generate_private_key(hx509_context context, +rsa_generate_private_key(hx509_context context, struct hx509_generate_private_context *ctx, hx509_private_key private_key) { @@ -477,7 +823,7 @@ rsa_generate_private_key(hx509_context context, unsigned long bits; static const int default_rsa_e = 65537; - static const int default_rsa_bits = 1024; + static const int default_rsa_bits = 2048; private_key->private_key.rsa = RSA_new(); if (private_key->private_key.rsa == NULL) { @@ -485,7 +831,7 @@ rsa_generate_private_key(hx509_context context, "Failed to generate RSA key"); return HX509_PARSING_KEY_FAILED; } - + e = BN_new(); BN_set_word(e, default_rsa_e); @@ -493,8 +839,6 @@ rsa_generate_private_key(hx509_context context, if (ctx->num_bits) bits = ctx->num_bits; - else if (ctx->isCA) - bits *= 2; ret = RSA_generate_key_ex(private_key->private_key.rsa, bits, e, NULL); BN_free(e); @@ -503,14 +847,15 @@ rsa_generate_private_key(hx509_context context, "Failed to generate RSA key"); return HX509_PARSING_KEY_FAILED; } - private_key->signature_alg = oid_id_pkcs1_sha1WithRSAEncryption(); + private_key->signature_alg = ASN1_OID_ID_PKCS1_SHA1WITHRSAENCRYPTION; return 0; } -static int +static int rsa_private_key_export(hx509_context context, const hx509_private_key key, + hx509_key_format_t format, heim_octet_string *data) { int ret; @@ -518,32 +863,41 @@ rsa_private_key_export(hx509_context context, data->data = NULL; data->length = 0; - ret = i2d_RSAPrivateKey(key->private_key.rsa, NULL); - if (ret <= 0) { - ret = EINVAL; - hx509_set_error_string(context, 0, ret, - "Private key is not exportable"); - return ret; - } + switch (format) { + case HX509_KEY_FORMAT_DER: - data->data = malloc(ret); - if (data->data == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "malloc out of memory"); - return ret; - } - data->length = ret; - - { - unsigned char *p = data->data; - i2d_RSAPrivateKey(key->private_key.rsa, &p); + ret = i2d_RSAPrivateKey(key->private_key.rsa, NULL); + if (ret <= 0) { + ret = EINVAL; + hx509_set_error_string(context, 0, ret, + "Private key is not exportable"); + return ret; + } + + data->data = malloc(ret); + if (data->data == NULL) { + ret = ENOMEM; + hx509_set_error_string(context, 0, ret, "malloc out of memory"); + return ret; + } + data->length = ret; + + { + unsigned char *p = data->data; + i2d_RSAPrivateKey(key->private_key.rsa, &p); + } + break; + default: + return HX509_CRYPTO_KEY_FORMAT_UNSUPPORTED; } return 0; } static BIGNUM * -rsa_get_internal(hx509_context context, hx509_private_key key, const char *type) +rsa_get_internal(hx509_context context, + hx509_private_key key, + const char *type) { if (strcasecmp(type, "rsa-modulus") == 0) { return BN_dup(key->private_key.rsa->n); @@ -557,7 +911,8 @@ rsa_get_internal(hx509_context context, hx509_private_key key, const char *type) static hx509_private_key_ops rsa_private_key_ops = { "RSA PRIVATE KEY", - oid_id_pkcs1_rsaEncryption, + ASN1_OID_ID_PKCS1_RSAENCRYPTION, + NULL, rsa_private_key2SPKI, rsa_private_key_export, rsa_private_key_import, @@ -565,6 +920,114 @@ static hx509_private_key_ops rsa_private_key_ops = { rsa_get_internal }; +#ifdef HAVE_OPENSSL + +static int +ecdsa_private_key2SPKI(hx509_context context, + hx509_private_key private_key, + SubjectPublicKeyInfo *spki) +{ + memset(spki, 0, sizeof(*spki)); + return ENOMEM; +} + +static int +ecdsa_private_key_export(hx509_context context, + const hx509_private_key key, + hx509_key_format_t format, + heim_octet_string *data) +{ + return HX509_CRYPTO_KEY_FORMAT_UNSUPPORTED; +} + +static int +ecdsa_private_key_import(hx509_context context, + const AlgorithmIdentifier *keyai, + const void *data, + size_t len, + hx509_key_format_t format, + hx509_private_key private_key) +{ + const unsigned char *p = data; + EC_KEY **pkey = NULL; + + if (keyai->parameters) { + EC_GROUP *group; + int groupnid; + EC_KEY *key; + int ret; + + ret = parse_ECParameters(context, keyai->parameters, &groupnid); + if (ret) + return ret; + + key = EC_KEY_new(); + if (key == NULL) + return ENOMEM; + + group = EC_GROUP_new_by_curve_name(groupnid); + if (group == NULL) { + EC_KEY_free(key); + return ENOMEM; + } + EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); + if (EC_KEY_set_group(key, group) == 0) { + EC_KEY_free(key); + EC_GROUP_free(group); + return ENOMEM; + } + EC_GROUP_free(group); + pkey = &key; + } + + switch (format) { + case HX509_KEY_FORMAT_DER: + + private_key->private_key.ecdsa = d2i_ECPrivateKey(pkey, &p, len); + if (private_key->private_key.ecdsa == NULL) { + hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, + "Failed to parse EC private key"); + return HX509_PARSING_KEY_FAILED; + } + private_key->signature_alg = ASN1_OID_ID_ECDSA_WITH_SHA256; + break; + + default: + return HX509_CRYPTO_KEY_FORMAT_UNSUPPORTED; + } + + return 0; +} + +static int +ecdsa_generate_private_key(hx509_context context, + struct hx509_generate_private_context *ctx, + hx509_private_key private_key) +{ + return ENOMEM; +} + +static BIGNUM * +ecdsa_get_internal(hx509_context context, + hx509_private_key key, + const char *type) +{ + return NULL; +} + + +static hx509_private_key_ops ecdsa_private_key_ops = { + "EC PRIVATE KEY", + ASN1_OID_ID_ECPUBLICKEY, + ecdsa_available, + ecdsa_private_key2SPKI, + ecdsa_private_key_export, + ecdsa_private_key_import, + ecdsa_generate_private_key, + ecdsa_get_internal +}; + +#endif /* HAVE_OPENSSL */ /* * @@ -664,11 +1127,11 @@ dsa_parse_private_key(hx509_context context, { const unsigned char *p = data; - private_key->private_key.dsa = + private_key->private_key.dsa = d2i_DSAPrivateKey(NULL, &p, len); if (private_key->private_key.dsa == NULL) return EINVAL; - private_key->signature_alg = oid_id_dsa_with_sha1(); + private_key->signature_alg = ASN1_OID_ID_DSA_WITH_SHA1; return 0; /* else */ @@ -678,39 +1141,8 @@ dsa_parse_private_key(hx509_context context, } #endif - static int -sha1_verify_signature(hx509_context context, - const struct signature_alg *sig_alg, - const Certificate *signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_octet_string *sig) -{ - unsigned char digest[SHA_DIGEST_LENGTH]; - SHA_CTX m; - - if (sig->length != SHA_DIGEST_LENGTH) { - hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, - "SHA1 sigature have wrong length"); - return HX509_CRYPTO_SIG_INVALID_FORMAT; - } - - SHA1_Init(&m); - SHA1_Update(&m, data->data, data->length); - SHA1_Final (digest, &m); - - if (memcmp(digest, sig->data, SHA_DIGEST_LENGTH) != 0) { - hx509_set_error_string(context, 0, HX509_CRYPTO_BAD_SIGNATURE, - "Bad SHA1 sigature"); - return HX509_CRYPTO_BAD_SIGNATURE; - } - - return 0; -} - -static int -sha256_create_signature(hx509_context context, +evp_md_create_signature(hx509_context context, const struct signature_alg *sig_alg, const hx509_private_key signer, const AlgorithmIdentifier *alg, @@ -718,339 +1150,448 @@ sha256_create_signature(hx509_context context, AlgorithmIdentifier *signatureAlgorithm, heim_octet_string *sig) { - SHA256_CTX m; - + size_t sigsize = EVP_MD_size(sig_alg->evp_md()); + EVP_MD_CTX *ctx; + memset(sig, 0, sizeof(*sig)); if (signatureAlgorithm) { int ret; - ret = set_digest_alg(signatureAlgorithm, (*sig_alg->sig_oid)(), + ret = set_digest_alg(signatureAlgorithm, sig_alg->sig_oid, "\x05\x00", 2); if (ret) return ret; } - - sig->data = malloc(SHA256_DIGEST_LENGTH); + + sig->data = malloc(sigsize); if (sig->data == NULL) { sig->length = 0; return ENOMEM; } - sig->length = SHA256_DIGEST_LENGTH; + sig->length = sigsize; + + ctx = EVP_MD_CTX_create(); + EVP_DigestInit_ex(ctx, sig_alg->evp_md(), NULL); + EVP_DigestUpdate(ctx, data->data, data->length); + EVP_DigestFinal_ex(ctx, sig->data, NULL); + EVP_MD_CTX_destroy(ctx); - SHA256_Init(&m); - SHA256_Update(&m, data->data, data->length); - SHA256_Final (sig->data, &m); return 0; } static int -sha256_verify_signature(hx509_context context, +evp_md_verify_signature(hx509_context context, const struct signature_alg *sig_alg, const Certificate *signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig) { - unsigned char digest[SHA256_DIGEST_LENGTH]; - SHA256_CTX m; - - if (sig->length != SHA256_DIGEST_LENGTH) { + unsigned char digest[EVP_MAX_MD_SIZE]; + EVP_MD_CTX *ctx; + size_t sigsize = EVP_MD_size(sig_alg->evp_md()); + + if (sig->length != sigsize || sigsize > sizeof(digest)) { hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, "SHA256 sigature have wrong length"); return HX509_CRYPTO_SIG_INVALID_FORMAT; } - SHA256_Init(&m); - SHA256_Update(&m, data->data, data->length); - SHA256_Final (digest, &m); - - if (memcmp(digest, sig->data, SHA256_DIGEST_LENGTH) != 0) { + ctx = EVP_MD_CTX_create(); + EVP_DigestInit_ex(ctx, sig_alg->evp_md(), NULL); + EVP_DigestUpdate(ctx, data->data, data->length); + EVP_DigestFinal_ex(ctx, digest, NULL); + EVP_MD_CTX_destroy(ctx); + + if (ct_memcmp(digest, sig->data, sigsize) != 0) { hx509_set_error_string(context, 0, HX509_CRYPTO_BAD_SIGNATURE, - "Bad SHA256 sigature"); + "Bad %s sigature", sig_alg->name); return HX509_CRYPTO_BAD_SIGNATURE; } return 0; } -static int -sha1_create_signature(hx509_context context, - const struct signature_alg *sig_alg, - const hx509_private_key signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - AlgorithmIdentifier *signatureAlgorithm, - heim_octet_string *sig) -{ - SHA_CTX m; - - memset(sig, 0, sizeof(*sig)); +#ifdef HAVE_OPENSSL - if (signatureAlgorithm) { - int ret; - ret = set_digest_alg(signatureAlgorithm, (*sig_alg->sig_oid)(), - "\x05\x00", 2); - if (ret) - return ret; - } - +static const struct signature_alg ecdsa_with_sha256_alg = { + "ecdsa-with-sha256", + ASN1_OID_ID_ECDSA_WITH_SHA256, + &_hx509_signature_ecdsa_with_sha256_data, + ASN1_OID_ID_ECPUBLICKEY, + &_hx509_signature_sha256_data, + PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG|SELF_SIGNED_OK, + 0, + NULL, + ecdsa_verify_signature, + ecdsa_create_signature, + 32 +}; - sig->data = malloc(SHA_DIGEST_LENGTH); - if (sig->data == NULL) { - sig->length = 0; - return ENOMEM; - } - sig->length = SHA_DIGEST_LENGTH; +static const struct signature_alg ecdsa_with_sha1_alg = { + "ecdsa-with-sha1", + ASN1_OID_ID_ECDSA_WITH_SHA1, + &_hx509_signature_ecdsa_with_sha1_data, + ASN1_OID_ID_ECPUBLICKEY, + &_hx509_signature_sha1_data, + PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG|SELF_SIGNED_OK, + 0, + NULL, + ecdsa_verify_signature, + ecdsa_create_signature, + 20 +}; - SHA1_Init(&m); - SHA1_Update(&m, data->data, data->length); - SHA1_Final (sig->data, &m); - - return 0; -} - -static int -md5_verify_signature(hx509_context context, - const struct signature_alg *sig_alg, - const Certificate *signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_octet_string *sig) -{ - unsigned char digest[MD5_DIGEST_LENGTH]; - MD5_CTX m; - - if (sig->length != MD5_DIGEST_LENGTH) { - hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, - "MD5 sigature have wrong length"); - return HX509_CRYPTO_SIG_INVALID_FORMAT; - } - - MD5_Init(&m); - MD5_Update(&m, data->data, data->length); - MD5_Final (digest, &m); - - if (memcmp(digest, sig->data, MD5_DIGEST_LENGTH) != 0) { - hx509_set_error_string(context, 0, HX509_CRYPTO_BAD_SIGNATURE, - "Bad MD5 sigature"); - return HX509_CRYPTO_BAD_SIGNATURE; - } - - return 0; -} - -static int -md2_verify_signature(hx509_context context, - const struct signature_alg *sig_alg, - const Certificate *signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_octet_string *sig) -{ - unsigned char digest[MD2_DIGEST_LENGTH]; - MD2_CTX m; - - if (sig->length != MD2_DIGEST_LENGTH) { - hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, - "MD2 sigature have wrong length"); - return HX509_CRYPTO_SIG_INVALID_FORMAT; - } - - MD2_Init(&m); - MD2_Update(&m, data->data, data->length); - MD2_Final (digest, &m); - - if (memcmp(digest, sig->data, MD2_DIGEST_LENGTH) != 0) { - hx509_set_error_string(context, 0, HX509_CRYPTO_BAD_SIGNATURE, - "Bad MD2 sigature"); - return HX509_CRYPTO_BAD_SIGNATURE; - } - - return 0; -} +#endif static const struct signature_alg heim_rsa_pkcs1_x509 = { "rsa-pkcs1-x509", - oid_id_heim_rsa_pkcs1_x509, - hx509_signature_rsa_pkcs1_x509, - oid_id_pkcs1_rsaEncryption, + ASN1_OID_ID_HEIM_RSA_PKCS1_X509, + &_hx509_signature_rsa_pkcs1_x509_data, + ASN1_OID_ID_PKCS1_RSAENCRYPTION, NULL, PROVIDE_CONF|REQUIRE_SIGNER|SIG_PUBLIC_SIG, + 0, + NULL, rsa_verify_signature, - rsa_create_signature + rsa_create_signature, + 0 }; static const struct signature_alg pkcs1_rsa_sha1_alg = { "rsa", - oid_id_pkcs1_rsaEncryption, - hx509_signature_rsa_with_sha1, - oid_id_pkcs1_rsaEncryption, + ASN1_OID_ID_PKCS1_RSAENCRYPTION, + &_hx509_signature_rsa_with_sha1_data, + ASN1_OID_ID_PKCS1_RSAENCRYPTION, + NULL, + PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG|SELF_SIGNED_OK, + 0, NULL, - PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG, rsa_verify_signature, - rsa_create_signature + rsa_create_signature, + 0 +}; + +static const struct signature_alg rsa_with_sha512_alg = { + "rsa-with-sha512", + ASN1_OID_ID_PKCS1_SHA512WITHRSAENCRYPTION, + &_hx509_signature_rsa_with_sha512_data, + ASN1_OID_ID_PKCS1_RSAENCRYPTION, + &_hx509_signature_sha512_data, + PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG|SELF_SIGNED_OK, + 0, + NULL, + rsa_verify_signature, + rsa_create_signature, + 0 +}; + +static const struct signature_alg rsa_with_sha384_alg = { + "rsa-with-sha384", + ASN1_OID_ID_PKCS1_SHA384WITHRSAENCRYPTION, + &_hx509_signature_rsa_with_sha384_data, + ASN1_OID_ID_PKCS1_RSAENCRYPTION, + &_hx509_signature_sha384_data, + PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG|SELF_SIGNED_OK, + 0, + NULL, + rsa_verify_signature, + rsa_create_signature, + 0 }; static const struct signature_alg rsa_with_sha256_alg = { "rsa-with-sha256", - oid_id_pkcs1_sha256WithRSAEncryption, - hx509_signature_rsa_with_sha256, - oid_id_pkcs1_rsaEncryption, - oid_id_sha256, - PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG, + ASN1_OID_ID_PKCS1_SHA256WITHRSAENCRYPTION, + &_hx509_signature_rsa_with_sha256_data, + ASN1_OID_ID_PKCS1_RSAENCRYPTION, + &_hx509_signature_sha256_data, + PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG|SELF_SIGNED_OK, + 0, + NULL, rsa_verify_signature, - rsa_create_signature + rsa_create_signature, + 0 }; static const struct signature_alg rsa_with_sha1_alg = { "rsa-with-sha1", - oid_id_pkcs1_sha1WithRSAEncryption, - hx509_signature_rsa_with_sha1, - oid_id_pkcs1_rsaEncryption, - oid_id_secsig_sha_1, - PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG, + ASN1_OID_ID_PKCS1_SHA1WITHRSAENCRYPTION, + &_hx509_signature_rsa_with_sha1_data, + ASN1_OID_ID_PKCS1_RSAENCRYPTION, + &_hx509_signature_sha1_data, + PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG|SELF_SIGNED_OK, + 0, + NULL, rsa_verify_signature, - rsa_create_signature + rsa_create_signature, + 0 +}; + +static const struct signature_alg rsa_with_sha1_alg_secsig = { + "rsa-with-sha1", + ASN1_OID_ID_SECSIG_SHA_1WITHRSAENCRYPTION, + &_hx509_signature_rsa_with_sha1_data, + ASN1_OID_ID_PKCS1_RSAENCRYPTION, + &_hx509_signature_sha1_data, + PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG|SELF_SIGNED_OK, + 0, + NULL, + rsa_verify_signature, + rsa_create_signature, + 0 }; static const struct signature_alg rsa_with_md5_alg = { "rsa-with-md5", - oid_id_pkcs1_md5WithRSAEncryption, - hx509_signature_rsa_with_md5, - oid_id_pkcs1_rsaEncryption, - oid_id_rsa_digest_md5, + ASN1_OID_ID_PKCS1_MD5WITHRSAENCRYPTION, + &_hx509_signature_rsa_with_md5_data, + ASN1_OID_ID_PKCS1_RSAENCRYPTION, + &_hx509_signature_md5_data, PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG, + 1230739889, + NULL, rsa_verify_signature, - rsa_create_signature -}; - -static const struct signature_alg rsa_with_md2_alg = { - "rsa-with-md2", - oid_id_pkcs1_md2WithRSAEncryption, - hx509_signature_rsa_with_md2, - oid_id_pkcs1_rsaEncryption, - oid_id_rsa_digest_md2, - PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG, - rsa_verify_signature, - rsa_create_signature + rsa_create_signature, + 0 }; static const struct signature_alg dsa_sha1_alg = { "dsa-with-sha1", - oid_id_dsa_with_sha1, + ASN1_OID_ID_DSA_WITH_SHA1, NULL, - oid_id_dsa, - oid_id_secsig_sha_1, + ASN1_OID_ID_DSA, + &_hx509_signature_sha1_data, PROVIDE_CONF|REQUIRE_SIGNER|SIG_PUBLIC_SIG, + 0, + NULL, dsa_verify_signature, /* create_signature */ NULL, + 0 +}; + +static const struct signature_alg sha512_alg = { + "sha-512", + ASN1_OID_ID_SHA512, + &_hx509_signature_sha512_data, + NULL, + NULL, + SIG_DIGEST, + 0, + EVP_sha512, + evp_md_verify_signature, + evp_md_create_signature, + 0 +}; + +static const struct signature_alg sha384_alg = { + "sha-384", + ASN1_OID_ID_SHA512, + &_hx509_signature_sha384_data, + NULL, + NULL, + SIG_DIGEST, + 0, + EVP_sha384, + evp_md_verify_signature, + evp_md_create_signature, + 0 }; static const struct signature_alg sha256_alg = { "sha-256", - oid_id_sha256, - hx509_signature_sha256, + ASN1_OID_ID_SHA256, + &_hx509_signature_sha256_data, NULL, NULL, SIG_DIGEST, - sha256_verify_signature, - sha256_create_signature + 0, + EVP_sha256, + evp_md_verify_signature, + evp_md_create_signature, + 0 }; static const struct signature_alg sha1_alg = { "sha1", - oid_id_secsig_sha_1, - hx509_signature_sha1, + ASN1_OID_ID_SECSIG_SHA_1, + &_hx509_signature_sha1_data, NULL, NULL, SIG_DIGEST, - sha1_verify_signature, - sha1_create_signature + 0, + EVP_sha1, + evp_md_verify_signature, + evp_md_create_signature, + 0 }; static const struct signature_alg md5_alg = { "rsa-md5", - oid_id_rsa_digest_md5, - hx509_signature_md5, + ASN1_OID_ID_RSA_DIGEST_MD5, + &_hx509_signature_md5_data, NULL, NULL, SIG_DIGEST, - md5_verify_signature + 0, + EVP_md5, + evp_md_verify_signature, + NULL, + 0 }; -static const struct signature_alg md2_alg = { - "rsa-md2", - oid_id_rsa_digest_md2, - hx509_signature_md2, - NULL, - NULL, - SIG_DIGEST, - md2_verify_signature -}; - -/* +/* * Order matter in this structure, "best" first for each "key - * compatible" type (type is RSA, DSA, none, etc) + * compatible" type (type is ECDSA, RSA, DSA, none, etc) */ static const struct signature_alg *sig_algs[] = { +#ifdef HAVE_OPENSSL + &ecdsa_with_sha256_alg, + &ecdsa_with_sha1_alg, +#endif + &rsa_with_sha512_alg, + &rsa_with_sha384_alg, &rsa_with_sha256_alg, &rsa_with_sha1_alg, + &rsa_with_sha1_alg_secsig, &pkcs1_rsa_sha1_alg, &rsa_with_md5_alg, - &rsa_with_md2_alg, &heim_rsa_pkcs1_x509, &dsa_sha1_alg, + &sha512_alg, + &sha384_alg, &sha256_alg, &sha1_alg, &md5_alg, - &md2_alg, NULL }; static const struct signature_alg * find_sig_alg(const heim_oid *oid) { - int i; + unsigned int i; for (i = 0; sig_algs[i]; i++) - if (der_heim_oid_cmp((*sig_algs[i]->sig_oid)(), oid) == 0) + if (der_heim_oid_cmp(sig_algs[i]->sig_oid, oid) == 0) return sig_algs[i]; return NULL; } +static const AlgorithmIdentifier * +alg_for_privatekey(const hx509_private_key pk, int type) +{ + const heim_oid *keytype; + unsigned int i; + + if (pk->ops == NULL) + return NULL; + + keytype = pk->ops->key_oid; + + for (i = 0; sig_algs[i]; i++) { + if (sig_algs[i]->key_oid == NULL) + continue; + if (der_heim_oid_cmp(sig_algs[i]->key_oid, keytype) != 0) + continue; + if (pk->ops->available && + pk->ops->available(pk, sig_algs[i]->sig_alg) == 0) + continue; + if (type == HX509_SELECT_PUBLIC_SIG) + return sig_algs[i]->sig_alg; + if (type == HX509_SELECT_DIGEST) + return sig_algs[i]->digest_alg; + + return NULL; + } + return NULL; +} + /* * */ static struct hx509_private_key_ops *private_algs[] = { &rsa_private_key_ops, +#ifdef HAVE_OPENSSL + &ecdsa_private_key_ops, +#endif NULL }; -static hx509_private_key_ops * -find_private_alg(const heim_oid *oid) +hx509_private_key_ops * +hx509_find_private_alg(const heim_oid *oid) { int i; for (i = 0; private_algs[i]; i++) { if (private_algs[i]->key_oid == NULL) continue; - if (der_heim_oid_cmp((*private_algs[i]->key_oid)(), oid) == 0) + if (der_heim_oid_cmp(private_algs[i]->key_oid, oid) == 0) return private_algs[i]; } return NULL; } +/* + * Check if the algorithm `alg' have a best before date, and if it + * des, make sure the its before the time `t'. + */ + +int +_hx509_signature_best_before(hx509_context context, + const AlgorithmIdentifier *alg, + time_t t) +{ + const struct signature_alg *md; + + md = find_sig_alg(&alg->algorithm); + if (md == NULL) { + hx509_clear_error_string(context); + return HX509_SIG_ALG_NO_SUPPORTED; + } + if (md->best_before && md->best_before < t) { + hx509_set_error_string(context, 0, HX509_CRYPTO_ALGORITHM_BEST_BEFORE, + "Algorithm %s has passed it best before date", + md->name); + return HX509_CRYPTO_ALGORITHM_BEST_BEFORE; + } + return 0; +} + +int +_hx509_self_signed_valid(hx509_context context, + const AlgorithmIdentifier *alg) +{ + const struct signature_alg *md; + + md = find_sig_alg(&alg->algorithm); + if (md == NULL) { + hx509_clear_error_string(context); + return HX509_SIG_ALG_NO_SUPPORTED; + } + if ((md->flags & SELF_SIGNED_OK) == 0) { + hx509_set_error_string(context, 0, HX509_CRYPTO_ALGORITHM_BEST_BEFORE, + "Algorithm %s not trusted for self signatures", + md->name); + return HX509_CRYPTO_ALGORITHM_BEST_BEFORE; + } + return 0; +} + int _hx509_verify_signature(hx509_context context, - const Certificate *signer, + const hx509_cert cert, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig) { const struct signature_alg *md; + const Certificate *signer = NULL; + + if (cert) + signer = _hx509_get_cert(cert); md = find_sig_alg(&alg->algorithm); if (md == NULL) { @@ -1069,7 +1610,7 @@ _hx509_verify_signature(hx509_context context, const SubjectPublicKeyInfo *spi; spi = &signer->tbsCertificate.subjectPublicKeyInfo; - if (der_heim_oid_cmp(&spi->algorithm.algorithm, (*md->key_oid)()) != 0) { + if (der_heim_oid_cmp(&spi->algorithm.algorithm, md->key_oid) != 0) { hx509_clear_error_string(context); return HX509_SIG_ALG_DONT_MATCH_KEY_ALG; } @@ -1077,27 +1618,6 @@ _hx509_verify_signature(hx509_context context, return (*md->verify_signature)(context, md, signer, alg, data, sig); } -int -_hx509_verify_signature_bitstring(hx509_context context, - const Certificate *signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_bit_string *sig) -{ - heim_octet_string os; - - if (sig->length & 7) { - hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, - "signature not multiple of 8 bits"); - return HX509_CRYPTO_SIG_INVALID_FORMAT; - } - - os.data = sig->data; - os.length = sig->length / 8; - - return _hx509_verify_signature(context, signer, alg, data, &os); -} - int _hx509_create_signature(hx509_context context, const hx509_private_key signer, @@ -1108,13 +1628,6 @@ _hx509_create_signature(hx509_context context, { const struct signature_alg *md; - if (signer && signer->ops && signer->ops->handle_alg && - (*signer->ops->handle_alg)(signer, alg, COT_SIGN)) - { - return (*signer->ops->sign)(context, signer, alg, data, - signatureAlgorithm, sig); - } - md = find_sig_alg(&alg->algorithm); if (md == NULL) { hx509_set_error_string(context, 0, HX509_SIG_ALG_NO_SUPPORTED, @@ -1128,7 +1641,7 @@ _hx509_create_signature(hx509_context context, return HX509_CRYPTO_SIG_NO_CONF; } - return (*md->create_signature)(context, md, signer, alg, data, + return (*md->create_signature)(context, md, signer, alg, data, signatureAlgorithm, sig); } @@ -1164,39 +1677,23 @@ _hx509_public_encrypt(hx509_context context, int tosize; int ret; RSA *rsa; - RSAPublicKey pk; size_t size; + const unsigned char *p; ciphertext->data = NULL; ciphertext->length = 0; spi = &cert->tbsCertificate.subjectPublicKeyInfo; - rsa = RSA_new(); + p = spi->subjectPublicKey.data; + size = spi->subjectPublicKey.length / 8; + + rsa = d2i_RSAPublicKey(NULL, &p, size); if (rsa == NULL) { hx509_set_error_string(context, 0, ENOMEM, "out of memory"); return ENOMEM; } - ret = decode_RSAPublicKey(spi->subjectPublicKey.data, - spi->subjectPublicKey.length / 8, - &pk, &size); - if (ret) { - RSA_free(rsa); - hx509_set_error_string(context, 0, ret, "RSAPublicKey decode failure"); - return ret; - } - rsa->n = heim_int2BN(&pk.modulus); - rsa->e = heim_int2BN(&pk.publicExponent); - - free_RSAPublicKey(&pk); - - if (rsa->n == NULL || rsa->e == NULL) { - RSA_free(rsa); - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - tosize = RSA_size(rsa); to = malloc(tosize); if (to == NULL) { @@ -1205,8 +1702,8 @@ _hx509_public_encrypt(hx509_context context, return ENOMEM; } - ret = RSA_public_encrypt(cleartext->length, - (unsigned char *)cleartext->data, + ret = RSA_public_encrypt(cleartext->length, + (unsigned char *)cleartext->data, to, rsa, RSA_PKCS1_PADDING); RSA_free(rsa); if (ret <= 0) { @@ -1221,7 +1718,7 @@ _hx509_public_encrypt(hx509_context context, ciphertext->length = ret; ciphertext->data = to; - ret = der_copy_oid(oid_id_pkcs1_rsaEncryption(), encryption_oid); + ret = der_copy_oid(ASN1_OID_ID_PKCS1_RSAENCRYPTION, encryption_oid); if (ret) { der_free_octet_string(ciphertext); hx509_set_error_string(context, 0, ENOMEM, "out of memory"); @@ -1232,7 +1729,7 @@ _hx509_public_encrypt(hx509_context context, } int -_hx509_private_key_private_decrypt(hx509_context context, +hx509_private_key_private_decrypt(hx509_context context, const heim_octet_string *ciphertext, const heim_oid *encryption_oid, hx509_private_key p, @@ -1265,7 +1762,7 @@ _hx509_private_key_private_decrypt(hx509_context context, "Failed to decrypt using private key: %d", ret); return HX509_CRYPTO_RSA_PRIVATE_DECRYPT; } - if (cleartext->length < ret) + if (cleartext->length < (size_t)ret) _hx509_abort("internal rsa decryption failure: ret > tosize"); cleartext->length = ret; @@ -1275,10 +1772,11 @@ _hx509_private_key_private_decrypt(hx509_context context, int -_hx509_parse_private_key(hx509_context context, - const heim_oid *key_oid, +hx509_parse_private_key(hx509_context context, + const AlgorithmIdentifier *keyai, const void *data, size_t len, + hx509_key_format_t format, hx509_private_key *private_key) { struct hx509_private_key_ops *ops; @@ -1286,21 +1784,21 @@ _hx509_parse_private_key(hx509_context context, *private_key = NULL; - ops = find_private_alg(key_oid); + ops = hx509_find_private_alg(&keyai->algorithm); if (ops == NULL) { hx509_clear_error_string(context); return HX509_SIG_ALG_NO_SUPPORTED; } - ret = _hx509_private_key_init(private_key, ops, NULL); + ret = hx509_private_key_init(private_key, ops, NULL); if (ret) { hx509_set_error_string(context, 0, ret, "out of memory"); return ret; } - ret = (*ops->import)(context, data, len, *private_key); + ret = (*ops->import)(context, keyai, data, len, format, *private_key); if (ret) - _hx509_private_key_free(private_key); + hx509_private_key_free(private_key); return ret; } @@ -1310,7 +1808,7 @@ _hx509_parse_private_key(hx509_context context, */ int -_hx509_private_key2SPKI(hx509_context context, +hx509_private_key2SPKI(hx509_context context, hx509_private_key private_key, SubjectPublicKeyInfo *spki) { @@ -1330,8 +1828,8 @@ _hx509_generate_private_key_init(hx509_context context, { *ctx = NULL; - if (der_heim_oid_cmp(oid, oid_id_pkcs1_rsaEncryption()) != 0) { - hx509_set_error_string(context, 0, EINVAL, + if (der_heim_oid_cmp(oid, ASN1_OID_ID_PKCS1_RSAENCRYPTION) != 0) { + hx509_set_error_string(context, 0, EINVAL, "private key not an RSA key"); return EINVAL; } @@ -1381,13 +1879,13 @@ _hx509_generate_private_key(hx509_context context, *private_key = NULL; - ops = find_private_alg(ctx->key_oid); + ops = hx509_find_private_alg(ctx->key_oid); if (ops == NULL) { hx509_clear_error_string(context); return HX509_SIG_ALG_NO_SUPPORTED; } - ret = _hx509_private_key_init(private_key, ops, NULL); + ret = hx509_private_key_init(private_key, ops, NULL); if (ret) { hx509_set_error_string(context, 0, ret, "out of memory"); return ret; @@ -1395,103 +1893,15 @@ _hx509_generate_private_key(hx509_context context, ret = (*ops->generate_private_key)(context, ctx, *private_key); if (ret) - _hx509_private_key_free(private_key); + hx509_private_key_free(private_key); return ret; } - /* * */ -static const heim_octet_string null_entry_oid = { 2, rk_UNCONST("\x05\x00") }; - -static const unsigned sha512_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 3 }; -const AlgorithmIdentifier _hx509_signature_sha512_data = { - { 9, rk_UNCONST(sha512_oid_tree) }, rk_UNCONST(&null_entry_oid) -}; - -static const unsigned sha384_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 2 }; -const AlgorithmIdentifier _hx509_signature_sha384_data = { - { 9, rk_UNCONST(sha384_oid_tree) }, rk_UNCONST(&null_entry_oid) -}; - -static const unsigned sha256_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 1 }; -const AlgorithmIdentifier _hx509_signature_sha256_data = { - { 9, rk_UNCONST(sha256_oid_tree) }, rk_UNCONST(&null_entry_oid) -}; - -static const unsigned sha1_oid_tree[] = { 1, 3, 14, 3, 2, 26 }; -const AlgorithmIdentifier _hx509_signature_sha1_data = { - { 6, rk_UNCONST(sha1_oid_tree) }, rk_UNCONST(&null_entry_oid) -}; - -static const unsigned md5_oid_tree[] = { 1, 2, 840, 113549, 2, 5 }; -const AlgorithmIdentifier _hx509_signature_md5_data = { - { 6, rk_UNCONST(md5_oid_tree) }, rk_UNCONST(&null_entry_oid) -}; - -static const unsigned md2_oid_tree[] = { 1, 2, 840, 113549, 2, 2 }; -const AlgorithmIdentifier _hx509_signature_md2_data = { - { 6, rk_UNCONST(md2_oid_tree) }, rk_UNCONST(&null_entry_oid) -}; - -static const unsigned rsa_with_sha512_oid[] ={ 1, 2, 840, 113549, 1, 1, 13 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_sha512_data = { - { 7, rk_UNCONST(rsa_with_sha512_oid) }, NULL -}; - -static const unsigned rsa_with_sha384_oid[] ={ 1, 2, 840, 113549, 1, 1, 12 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_sha384_data = { - { 7, rk_UNCONST(rsa_with_sha384_oid) }, NULL -}; - -static const unsigned rsa_with_sha256_oid[] ={ 1, 2, 840, 113549, 1, 1, 11 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_sha256_data = { - { 7, rk_UNCONST(rsa_with_sha256_oid) }, NULL -}; - -static const unsigned rsa_with_sha1_oid[] ={ 1, 2, 840, 113549, 1, 1, 5 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_sha1_data = { - { 7, rk_UNCONST(rsa_with_sha1_oid) }, NULL -}; - -static const unsigned rsa_with_md5_oid[] ={ 1, 2, 840, 113549, 1, 1, 4 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_md5_data = { - { 7, rk_UNCONST(rsa_with_md5_oid) }, NULL -}; - -static const unsigned rsa_with_md2_oid[] ={ 1, 2, 840, 113549, 1, 1, 2 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_md2_data = { - { 7, rk_UNCONST(rsa_with_md2_oid) }, NULL -}; - -static const unsigned rsa_oid[] ={ 1, 2, 840, 113549, 1, 1, 1 }; -const AlgorithmIdentifier _hx509_signature_rsa_data = { - { 7, rk_UNCONST(rsa_oid) }, NULL -}; - -static const unsigned rsa_pkcs1_x509_oid[] ={ 1, 2, 752, 43, 16, 1 }; -const AlgorithmIdentifier _hx509_signature_rsa_pkcs1_x509_data = { - { 6, rk_UNCONST(rsa_pkcs1_x509_oid) }, NULL -}; - -static const unsigned des_rsdi_ede3_cbc_oid[] ={ 1, 2, 840, 113549, 3, 7 }; -const AlgorithmIdentifier _hx509_des_rsdi_ede3_cbc_oid = { - { 6, rk_UNCONST(des_rsdi_ede3_cbc_oid) }, NULL -}; - -static const unsigned aes128_cbc_oid[] ={ 2, 16, 840, 1, 101, 3, 4, 1, 2 }; -const AlgorithmIdentifier _hx509_crypto_aes128_cbc_data = { - { 9, rk_UNCONST(aes128_cbc_oid) }, NULL -}; - -static const unsigned aes256_cbc_oid[] ={ 2, 16, 840, 1, 101, 3, 4, 1, 42 }; -const AlgorithmIdentifier _hx509_crypto_aes256_cbc_data = { - { 9, rk_UNCONST(aes256_cbc_oid) }, NULL -}; - const AlgorithmIdentifier * hx509_signature_sha512(void) { return &_hx509_signature_sha512_data; } @@ -1513,8 +1923,16 @@ hx509_signature_md5(void) { return &_hx509_signature_md5_data; } const AlgorithmIdentifier * -hx509_signature_md2(void) -{ return &_hx509_signature_md2_data; } +hx509_signature_ecPublicKey(void) +{ return &_hx509_signature_ecPublicKey; } + +const AlgorithmIdentifier * +hx509_signature_ecdsa_with_sha256(void) +{ return &_hx509_signature_ecdsa_with_sha256_data; } + +const AlgorithmIdentifier * +hx509_signature_ecdsa_with_sha1(void) +{ return &_hx509_signature_ecdsa_with_sha1_data; } const AlgorithmIdentifier * hx509_signature_rsa_with_sha512(void) @@ -1536,10 +1954,6 @@ const AlgorithmIdentifier * hx509_signature_rsa_with_md5(void) { return &_hx509_signature_rsa_with_md5_data; } -const AlgorithmIdentifier * -hx509_signature_rsa_with_md2(void) -{ return &_hx509_signature_rsa_with_md2_data; } - const AlgorithmIdentifier * hx509_signature_rsa(void) { return &_hx509_signature_rsa_data; } @@ -1564,11 +1978,11 @@ hx509_crypto_aes256_cbc(void) * */ -const AlgorithmIdentifier * _hx509_crypto_default_sig_alg = - &_hx509_signature_rsa_with_sha1_data; -const AlgorithmIdentifier * _hx509_crypto_default_digest_alg = - &_hx509_signature_sha1_data; -const AlgorithmIdentifier * _hx509_crypto_default_secret_alg = +const AlgorithmIdentifier * _hx509_crypto_default_sig_alg = + &_hx509_signature_rsa_with_sha256_data; +const AlgorithmIdentifier * _hx509_crypto_default_digest_alg = + &_hx509_signature_sha256_data; +const AlgorithmIdentifier * _hx509_crypto_default_secret_alg = &_hx509_crypto_aes128_cbc_data; /* @@ -1576,7 +1990,7 @@ const AlgorithmIdentifier * _hx509_crypto_default_secret_alg = */ int -_hx509_private_key_init(hx509_private_key *key, +hx509_private_key_init(hx509_private_key *key, hx509_private_key_ops *ops, void *keydata) { @@ -1592,11 +2006,11 @@ _hx509_private_key_init(hx509_private_key *key, hx509_private_key _hx509_private_key_ref(hx509_private_key key) { - if (key->ref <= 0) - _hx509_abort("refcount <= 0"); - key->ref++; if (key->ref == 0) - _hx509_abort("refcount == 0"); + _hx509_abort("key refcount <= 0 on ref"); + key->ref++; + if (key->ref == UINT_MAX) + _hx509_abort("key refcount == UINT_MAX on ref"); return key; } @@ -1607,18 +2021,25 @@ _hx509_private_pem_name(hx509_private_key key) } int -_hx509_private_key_free(hx509_private_key *key) +hx509_private_key_free(hx509_private_key *key) { if (key == NULL || *key == NULL) return 0; - if ((*key)->ref <= 0) - _hx509_abort("refcount <= 0"); + if ((*key)->ref == 0) + _hx509_abort("key refcount == 0 on free"); if (--(*key)->ref > 0) return 0; - if ((*key)->private_key.rsa) - RSA_free((*key)->private_key.rsa); + if ((*key)->ops && der_heim_oid_cmp((*key)->ops->key_oid, ASN1_OID_ID_PKCS1_RSAENCRYPTION) == 0) { + if ((*key)->private_key.rsa) + RSA_free((*key)->private_key.rsa); +#ifdef HAVE_OPENSSL + } else if ((*key)->ops && der_heim_oid_cmp((*key)->ops->key_oid, ASN1_OID_ID_ECPUBLICKEY) == 0) { + if ((*key)->private_key.ecdsa) + EC_KEY_free((*key)->private_key.ecdsa); +#endif + } (*key)->private_key.rsa = NULL; free(*key); *key = NULL; @@ -1626,22 +2047,22 @@ _hx509_private_key_free(hx509_private_key *key) } void -_hx509_private_key_assign_rsa(hx509_private_key key, void *ptr) +hx509_private_key_assign_rsa(hx509_private_key key, void *ptr) { if (key->private_key.rsa) RSA_free(key->private_key.rsa); key->private_key.rsa = ptr; - key->signature_alg = oid_id_pkcs1_sha1WithRSAEncryption(); + key->signature_alg = ASN1_OID_ID_PKCS1_SHA1WITHRSAENCRYPTION; key->md = &pkcs1_rsa_sha1_alg; } -int +int _hx509_private_key_oid(hx509_context context, const hx509_private_key key, heim_oid *data) { int ret; - ret = der_copy_oid((*key->ops->key_oid)(), data); + ret = der_copy_oid(key->ops->key_oid, data); if (ret) hx509_set_error_string(context, 0, ret, "malloc out of memory"); return ret; @@ -1657,7 +2078,7 @@ _hx509_private_key_exportable(hx509_private_key key) BIGNUM * _hx509_private_key_get_internal(hx509_context context, - hx509_private_key key, + hx509_private_key key, const char *type) { if (key->ops->get_internal == NULL) @@ -1665,16 +2086,17 @@ _hx509_private_key_get_internal(hx509_context context, return (*key->ops->get_internal)(context, key, type); } -int +int _hx509_private_key_export(hx509_context context, const hx509_private_key key, + hx509_key_format_t format, heim_octet_string *data) { if (key->ops->export == NULL) { hx509_clear_error_string(context); return HX509_UNIMPLEMENTED_OPERATION; } - return (*key->ops->export)(context, key, data); + return (*key->ops->export)(context, key, format, data); } /* @@ -1683,17 +2105,25 @@ _hx509_private_key_export(hx509_context context, struct hx509cipher { const char *name; - const heim_oid *(*oid_func)(void); + int flags; +#define CIPHER_WEAK 1 + const heim_oid *oid; const AlgorithmIdentifier *(*ai_func)(void); const EVP_CIPHER *(*evp_func)(void); int (*get_params)(hx509_context, const hx509_crypto, const heim_octet_string *, heim_octet_string *); - int (*set_params)(hx509_context, const heim_octet_string *, + int (*set_params)(hx509_context, const heim_octet_string *, hx509_crypto, heim_octet_string *); }; struct hx509_crypto_data { char *name; + int flags; +#define ALLOW_WEAK 1 + +#define PADDING_NONE 2 +#define PADDING_PKCS7 4 +#define PADDING_FLAGS (2|4) const struct hx509cipher *cipher; const EVP_CIPHER *c; heim_octet_string key; @@ -1705,15 +2135,10 @@ struct hx509_crypto_data { * */ -static const heim_oid * -oid_private_rc2_40(void) -{ - static unsigned oid_data[] = { 127, 1 }; - static const heim_oid oid = { 2, oid_data }; - - return &oid; -} +static unsigned private_rc2_40_oid_data[] = { 127, 1 }; +static heim_oid asn1_oid_private_rc2_40 = + { 2, private_rc2_40_oid_data }; /* * @@ -1853,7 +2278,8 @@ CMSRC2CBCParam_set(hx509_context context, const heim_octet_string *param, static const struct hx509cipher ciphers[] = { { "rc2-cbc", - oid_id_pkcs3_rc2_cbc, + CIPHER_WEAK, + ASN1_OID_ID_PKCS3_RC2_CBC, NULL, EVP_rc2_cbc, CMSRC2CBCParam_get, @@ -1861,7 +2287,8 @@ static const struct hx509cipher ciphers[] = { }, { "rc2-cbc", - oid_id_rsadsi_rc2_cbc, + CIPHER_WEAK, + ASN1_OID_ID_RSADSI_RC2_CBC, NULL, EVP_rc2_cbc, CMSRC2CBCParam_get, @@ -1869,7 +2296,8 @@ static const struct hx509cipher ciphers[] = { }, { "rc2-40-cbc", - oid_private_rc2_40, + CIPHER_WEAK, + &asn1_oid_private_rc2_40, NULL, EVP_rc2_40_cbc, CMSRC2CBCParam_get, @@ -1877,7 +2305,8 @@ static const struct hx509cipher ciphers[] = { }, { "des-ede3-cbc", - oid_id_pkcs3_des_ede3_cbc, + 0, + ASN1_OID_ID_PKCS3_DES_EDE3_CBC, NULL, EVP_des_ede3_cbc, CMSCBCParam_get, @@ -1885,7 +2314,8 @@ static const struct hx509cipher ciphers[] = { }, { "des-ede3-cbc", - oid_id_rsadsi_des_ede3_cbc, + 0, + ASN1_OID_ID_RSADSI_DES_EDE3_CBC, hx509_crypto_des_rsdi_ede3_cbc, EVP_des_ede3_cbc, CMSCBCParam_get, @@ -1893,7 +2323,8 @@ static const struct hx509cipher ciphers[] = { }, { "aes-128-cbc", - oid_id_aes_128_cbc, + 0, + ASN1_OID_ID_AES_128_CBC, hx509_crypto_aes128_cbc, EVP_aes_128_cbc, CMSCBCParam_get, @@ -1901,7 +2332,8 @@ static const struct hx509cipher ciphers[] = { }, { "aes-192-cbc", - oid_id_aes_192_cbc, + 0, + ASN1_OID_ID_AES_192_CBC, NULL, EVP_aes_192_cbc, CMSCBCParam_get, @@ -1909,7 +2341,8 @@ static const struct hx509cipher ciphers[] = { }, { "aes-256-cbc", - oid_id_aes_256_cbc, + 0, + ASN1_OID_ID_AES_256_CBC, hx509_crypto_aes256_cbc, EVP_aes_256_cbc, CMSCBCParam_get, @@ -1920,10 +2353,10 @@ static const struct hx509cipher ciphers[] = { static const struct hx509cipher * find_cipher_by_oid(const heim_oid *oid) { - int i; + size_t i; for (i = 0; i < sizeof(ciphers)/sizeof(ciphers[0]); i++) - if (der_heim_oid_cmp(oid, (*ciphers[i].oid_func)()) == 0) + if (der_heim_oid_cmp(oid, ciphers[i].oid) == 0) return &ciphers[i]; return NULL; @@ -1932,7 +2365,7 @@ find_cipher_by_oid(const heim_oid *oid) static const struct hx509cipher * find_cipher_by_name(const char *name) { - int i; + size_t i; for (i = 0; i < sizeof(ciphers)/sizeof(ciphers[0]); i++) if (strcasecmp(name, ciphers[i].name) == 0) @@ -1950,7 +2383,7 @@ hx509_crypto_enctype_by_name(const char *name) cipher = find_cipher_by_name(name); if (cipher == NULL) return NULL; - return (*cipher->oid_func)(); + return cipher->oid; } int @@ -1976,6 +2409,7 @@ hx509_crypto_init(hx509_context context, return ENOMEM; } + (*crypto)->flags = PADDING_PKCS7; (*crypto)->cipher = cipher; (*crypto)->c = (*cipher->evp_func)(); @@ -2015,10 +2449,33 @@ hx509_crypto_set_key_name(hx509_crypto crypto, const char *name) return 0; } +void +hx509_crypto_allow_weak(hx509_crypto crypto) +{ + crypto->flags |= ALLOW_WEAK; +} + +void +hx509_crypto_set_padding(hx509_crypto crypto, int padding_type) +{ + switch (padding_type) { + case HX509_CRYPTO_PADDING_PKCS7: + crypto->flags &= ~PADDING_FLAGS; + crypto->flags |= PADDING_PKCS7; + break; + case HX509_CRYPTO_PADDING_NONE: + crypto->flags &= ~PADDING_FLAGS; + crypto->flags |= PADDING_NONE; + break; + default: + _hx509_abort("Invalid padding"); + } +} + int hx509_crypto_set_key_data(hx509_crypto crypto, const void *data, size_t length) { - if (EVP_CIPHER_key_length(crypto->c) > length) + if (EVP_CIPHER_key_length(crypto->c) > (int)length) return HX509_CRYPTO_INTERNAL_ERROR; if (crypto->key.data) { @@ -2063,7 +2520,7 @@ hx509_crypto_set_random_key(hx509_crypto crypto, heim_octet_string *key) int hx509_crypto_set_params(hx509_context context, - hx509_crypto crypto, + hx509_crypto crypto, const heim_octet_string *param, heim_octet_string *ivec) { @@ -2072,7 +2529,7 @@ hx509_crypto_set_params(hx509_context context, int hx509_crypto_get_params(hx509_context context, - hx509_crypto crypto, + hx509_crypto crypto, const heim_octet_string *ivec, heim_octet_string *param) { @@ -2106,12 +2563,16 @@ hx509_crypto_encrypt(hx509_crypto crypto, heim_octet_string **ciphertext) { EVP_CIPHER_CTX evp; - size_t padsize; + size_t padsize, bsize; int ret; *ciphertext = NULL; - assert(EVP_CIPHER_iv_length(crypto->c) == ivec->length); + if ((crypto->cipher->flags & CIPHER_WEAK) && + (crypto->flags & ALLOW_WEAK) == 0) + return HX509_CRYPTO_ALGORITHM_BEST_BEFORE; + + assert(EVP_CIPHER_iv_length(crypto->c) == (int)ivec->length); EVP_CIPHER_CTX_init(&evp); @@ -2128,23 +2589,30 @@ hx509_crypto_encrypt(hx509_crypto crypto, ret = ENOMEM; goto out; } - - if (EVP_CIPHER_block_size(crypto->c) == 1) { - padsize = 0; - } else { - int bsize = EVP_CIPHER_block_size(crypto->c); - padsize = bsize - (length % bsize); + + assert(crypto->flags & PADDING_FLAGS); + + bsize = EVP_CIPHER_block_size(crypto->c); + padsize = 0; + + if (crypto->flags & PADDING_NONE) { + if (bsize != 1 && (length % bsize) != 0) + return HX509_CMS_PADDING_ERROR; + } else if (crypto->flags & PADDING_PKCS7) { + if (bsize != 1) + padsize = bsize - (length % bsize); } + (*ciphertext)->length = length + padsize; (*ciphertext)->data = malloc(length + padsize); if ((*ciphertext)->data == NULL) { ret = ENOMEM; goto out; } - + memcpy((*ciphertext)->data, data, length); if (padsize) { - int i; + size_t i; unsigned char *p = (*ciphertext)->data; p += length; for (i = 0; i < padsize; i++) @@ -2189,7 +2657,11 @@ hx509_crypto_decrypt(hx509_crypto crypto, clear->data = NULL; clear->length = 0; - if (ivec && EVP_CIPHER_iv_length(crypto->c) < ivec->length) + if ((crypto->cipher->flags & CIPHER_WEAK) && + (crypto->flags & ALLOW_WEAK) == 0) + return HX509_CRYPTO_ALGORITHM_BEST_BEFORE; + + if (ivec && EVP_CIPHER_iv_length(crypto->c) < (int)ivec->length) return HX509_CRYPTO_INTERNAL_ERROR; if (crypto->key.data == NULL) @@ -2220,12 +2692,12 @@ hx509_crypto_decrypt(hx509_crypto crypto, } EVP_CIPHER_CTX_cleanup(&evp); - if (EVP_CIPHER_block_size(crypto->c) > 1) { + if ((crypto->flags & PADDING_PKCS7) && EVP_CIPHER_block_size(crypto->c) > 1) { int padsize; - unsigned char *p; + unsigned char *p; int j, bsize = EVP_CIPHER_block_size(crypto->c); - if (clear->length < bsize) { + if ((int)clear->length < bsize) { ret = HX509_CMS_PADDING_ERROR; goto out; } @@ -2259,7 +2731,7 @@ hx509_crypto_decrypt(hx509_crypto crypto, typedef int (*PBE_string2key_func)(hx509_context, const char *, const heim_octet_string *, - hx509_crypto *, heim_octet_string *, + hx509_crypto *, heim_octet_string *, heim_octet_string *, const heim_oid *, const EVP_MD *); @@ -2267,7 +2739,7 @@ static int PBE_string2key(hx509_context context, const char *password, const heim_octet_string *parameters, - hx509_crypto *crypto, + hx509_crypto *crypto, heim_octet_string *key, heim_octet_string *iv, const heim_oid *enc_oid, const EVP_MD *md) @@ -2296,13 +2768,13 @@ PBE_string2key(hx509_context context, salt = p12params.salt.data; saltlen = p12params.salt.length; - if (!PKCS12_key_gen (password, passwordlen, salt, saltlen, + if (!PKCS12_key_gen (password, passwordlen, salt, saltlen, PKCS12_KEY_ID, iter, key->length, key->data, md)) { ret = HX509_CRYPTO_INTERNAL_ERROR; goto out; } - - if (!PKCS12_key_gen (password, passwordlen, salt, saltlen, + + if (!PKCS12_key_gen (password, passwordlen, salt, saltlen, PKCS12_IV_ID, iter, iv->length, iv->data, md)) { ret = HX509_CRYPTO_INTERNAL_ERROR; goto out; @@ -2312,6 +2784,8 @@ PBE_string2key(hx509_context context, if (ret) goto out; + hx509_crypto_allow_weak(c); + ret = hx509_crypto_set_key_data(c, key->data, key->length); if (ret) { hx509_crypto_destroy(c); @@ -2325,38 +2799,38 @@ PBE_string2key(hx509_context context, } static const heim_oid * -find_string2key(const heim_oid *oid, - const EVP_CIPHER **c, +find_string2key(const heim_oid *oid, + const EVP_CIPHER **c, const EVP_MD **md, PBE_string2key_func *s2k) { - if (der_heim_oid_cmp(oid, oid_id_pbewithSHAAnd40BitRC2_CBC()) == 0) { + if (der_heim_oid_cmp(oid, ASN1_OID_ID_PBEWITHSHAAND40BITRC2_CBC) == 0) { *c = EVP_rc2_40_cbc(); *md = EVP_sha1(); *s2k = PBE_string2key; - return oid_private_rc2_40(); - } else if (der_heim_oid_cmp(oid, oid_id_pbeWithSHAAnd128BitRC2_CBC()) == 0) { + return &asn1_oid_private_rc2_40; + } else if (der_heim_oid_cmp(oid, ASN1_OID_ID_PBEWITHSHAAND128BITRC2_CBC) == 0) { *c = EVP_rc2_cbc(); *md = EVP_sha1(); *s2k = PBE_string2key; - return oid_id_pkcs3_rc2_cbc(); + return ASN1_OID_ID_PKCS3_RC2_CBC; #if 0 - } else if (der_heim_oid_cmp(oid, oid_id_pbeWithSHAAnd40BitRC4()) == 0) { + } else if (der_heim_oid_cmp(oid, ASN1_OID_ID_PBEWITHSHAAND40BITRC4) == 0) { *c = EVP_rc4_40(); *md = EVP_sha1(); *s2k = PBE_string2key; return NULL; - } else if (der_heim_oid_cmp(oid, oid_id_pbeWithSHAAnd128BitRC4()) == 0) { + } else if (der_heim_oid_cmp(oid, ASN1_OID_ID_PBEWITHSHAAND128BITRC4) == 0) { *c = EVP_rc4(); *md = EVP_sha1(); *s2k = PBE_string2key; - return oid_id_pkcs3_rc4(); + return ASN1_OID_ID_PKCS3_RC4; #endif - } else if (der_heim_oid_cmp(oid, oid_id_pbeWithSHAAnd3_KeyTripleDES_CBC()) == 0) { + } else if (der_heim_oid_cmp(oid, ASN1_OID_ID_PBEWITHSHAAND3_KEYTRIPLEDES_CBC) == 0) { *c = EVP_des_ede3_cbc(); *md = EVP_sha1(); *s2k = PBE_string2key; - return oid_id_pkcs3_des_ede3_cbc(); + return ASN1_OID_ID_PKCS3_DES_EDE3_CBC; } return NULL; @@ -2394,7 +2868,8 @@ _hx509_pbe_decrypt(hx509_context context, const EVP_CIPHER *c; const EVP_MD *md; PBE_string2key_func s2k; - int i, ret = 0; + int ret = 0; + size_t i; memset(&key, 0, sizeof(key)); memset(&iv, 0, sizeof(iv)); @@ -2439,7 +2914,7 @@ _hx509_pbe_decrypt(hx509_context context, else password = NULL; - ret = (*s2k)(context, password, ai->parameters, &crypto, + ret = (*s2k)(context, password, ai->parameters, &crypto, &key, &iv, enc_oid, md); if (ret) goto out; @@ -2452,7 +2927,7 @@ _hx509_pbe_decrypt(hx509_context context, hx509_crypto_destroy(crypto); if (ret == 0) goto out; - + } out: if (key.data) @@ -2467,8 +2942,8 @@ _hx509_pbe_decrypt(hx509_context context, */ -int -_hx509_match_keys(hx509_cert c, hx509_private_key private_key) +static int +match_keys_rsa(hx509_cert c, hx509_private_key private_key) { const Certificate *cert; const SubjectPublicKeyInfo *spi; @@ -2510,7 +2985,7 @@ _hx509_match_keys(hx509_cert c, hx509_private_key private_key) rsa->dmq1 = BN_dup(private_key->private_key.rsa->dmq1); rsa->iqmp = BN_dup(private_key->private_key.rsa->iqmp); - if (rsa->n == NULL || rsa->e == NULL || + if (rsa->n == NULL || rsa->e == NULL || rsa->d == NULL || rsa->p == NULL|| rsa->q == NULL || rsa->dmp1 == NULL || rsa->dmq1 == NULL) { RSA_free(rsa); @@ -2523,6 +2998,25 @@ _hx509_match_keys(hx509_cert c, hx509_private_key private_key) return ret == 1; } +static int +match_keys_ec(hx509_cert c, hx509_private_key private_key) +{ + return 1; /* XXX use EC_KEY_check_key */ +} + + +int +_hx509_match_keys(hx509_cert c, hx509_private_key key) +{ + if (der_heim_oid_cmp(key->ops->key_oid, ASN1_OID_ID_PKCS1_RSAENCRYPTION) == 0) + return match_keys_rsa(c, key); + if (der_heim_oid_cmp(key->ops->key_oid, ASN1_OID_ID_ECPUBLICKEY) == 0) + return match_keys_ec(c, key); + return 0; + +} + + static const heim_oid * find_keytype(const hx509_private_key key) { @@ -2534,10 +3028,9 @@ find_keytype(const hx509_private_key key) md = find_sig_alg(key->signature_alg); if (md == NULL) return NULL; - return (*md->key_oid)(); + return md->key_oid; } - int hx509_crypto_select(const hx509_context context, int type, @@ -2545,7 +3038,7 @@ hx509_crypto_select(const hx509_context context, hx509_peer_info peer, AlgorithmIdentifier *selected) { - const AlgorithmIdentifier *def; + const AlgorithmIdentifier *def = NULL; size_t i, j; int ret, bits; @@ -2553,16 +3046,22 @@ hx509_crypto_select(const hx509_context context, if (type == HX509_SELECT_DIGEST) { bits = SIG_DIGEST; - def = _hx509_crypto_default_digest_alg; + if (source) + def = alg_for_privatekey(source, type); + if (def == NULL) + def = _hx509_crypto_default_digest_alg; } else if (type == HX509_SELECT_PUBLIC_SIG) { bits = SIG_PUBLIC_SIG; - /* XXX depend on `source´ and `peer´ */ - def = _hx509_crypto_default_sig_alg; + /* XXX depend on `source´ and `peer´ */ + if (source) + def = alg_for_privatekey(source, type); + if (def == NULL) + def = _hx509_crypto_default_sig_alg; } else if (type == HX509_SELECT_SECRET_ENC) { bits = SIG_SECRET; def = _hx509_crypto_default_secret_alg; } else { - hx509_set_error_string(context, 0, EINVAL, + hx509_set_error_string(context, 0, EINVAL, "Unknown type %d of selection", type); return EINVAL; } @@ -2576,11 +3075,11 @@ hx509_crypto_select(const hx509_context context, for (j = 0; sig_algs[j]; j++) { if ((sig_algs[j]->flags & bits) != bits) continue; - if (der_heim_oid_cmp((*sig_algs[j]->sig_oid)(), + if (der_heim_oid_cmp(sig_algs[j]->sig_oid, &peer->val[i].algorithm) != 0) continue; - if (keytype && sig_algs[j]->key_oid && - der_heim_oid_cmp(keytype, (*sig_algs[j]->key_oid)())) + if (keytype && sig_algs[j]->key_oid && + der_heim_oid_cmp(keytype, sig_algs[j]->key_oid)) continue; /* found one, use that */ @@ -2633,7 +3132,7 @@ hx509_crypto_available(hx509_context context, } else if (type == HX509_SELECT_PUBLIC_SIG) { bits = SIG_PUBLIC_SIG; } else { - hx509_set_error_string(context, 0, EINVAL, + hx509_set_error_string(context, 0, EINVAL, "Unknown type %d of available", type); return EINVAL; } @@ -2647,8 +3146,8 @@ hx509_crypto_available(hx509_context context, continue; if (sig_algs[i]->sig_alg == NULL) continue; - if (keytype && sig_algs[i]->key_oid && - der_heim_oid_cmp((*sig_algs[i]->key_oid)(), keytype)) + if (keytype && sig_algs[i]->key_oid && + der_heim_oid_cmp(sig_algs[i]->key_oid, keytype)) continue; /* found one, add that to the list */ @@ -2657,7 +3156,7 @@ hx509_crypto_available(hx509_context context, goto out; *val = ptr; - ret = copy_AlgorithmIdentifier((*sig_algs[i]->sig_alg)(), &(*val)[len]); + ret = copy_AlgorithmIdentifier(sig_algs[i]->sig_alg, &(*val)[len]); if (ret) goto out; len++; @@ -2667,7 +3166,9 @@ hx509_crypto_available(hx509_context context, if (bits & SIG_SECRET) { for (i = 0; i < sizeof(ciphers)/sizeof(ciphers[0]); i++) { - + + if (ciphers[i].flags & CIPHER_WEAK) + continue; if (ciphers[i].ai_func == NULL) continue; @@ -2675,7 +3176,7 @@ hx509_crypto_available(hx509_context context, if (ptr == NULL) goto out; *val = ptr; - + ret = copy_AlgorithmIdentifier((ciphers[i].ai_func)(), &(*val)[len]); if (ret) goto out; @@ -2703,4 +3204,4 @@ hx509_crypto_free_algs(AlgorithmIdentifier *val, for (i = 0; i < len; i++) free_AlgorithmIdentifier(&val[i]); free(val); -} +} diff --git a/lib/hx509/data/ca.crt b/lib/hx509/data/ca.crt index 76fa2c4d9522..c6c0b2706bd2 100644 --- a/lib/hx509/data/ca.crt +++ b/lib/hx509/data/ca.crt @@ -1,15 +1,15 @@ -----BEGIN CERTIFICATE----- -MIICbDCCAdWgAwIBAgIJALeUXoWyGYBYMA0GCSqGSIb3DQEBBQUAMCoxGzAZBgNV -BAMMEmh4NTA5IFRlc3QgUm9vdCBDQTELMAkGA1UEBhMCU0UwHhcNMDcxMTE1MDY1 -ODU2WhcNMTcxMTEyMDY1ODU2WjAqMRswGQYDVQQDDBJoeDUwOSBUZXN0IFJvb3Qg -Q0ExCzAJBgNVBAYTAlNFMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHcvJb -yJXPhM9HHq1hU6d2Cu1fW9o1CvObirn1SNZg+pTnQgO9Lv4VjQQfltNK0aovyLJa -UdbAbsRCfH+79YY2tU76x8aXpUri0DfUv5PGscIZzW7WULaaXxBgHo1owzmhc1Qj -F9JDEurJXGFEZaDsPcEwY40RjrKDL8SXzEoEwwIDAQABo4GZMIGWMB0GA1UdDgQW -BBSM5w21xd5phXUsCKHeUxUwnKHoADBaBgNVHSMEUzBRgBSM5w21xd5phXUsCKHe -UxUwnKHoAKEupCwwKjEbMBkGA1UEAwwSaHg1MDkgVGVzdCBSb290IENBMQswCQYD -VQQGEwJTRYIJALeUXoWyGYBYMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgHmMA0G -CSqGSIb3DQEBBQUAA4GBAIBa6mq1aytlbhixD6q4PROg7P1OGX6nr5CkC96CC+Xp -5UTLZEVIddkrBswNAAS0p5eEorO8xD9eT5ztZ0oYITymsO1sEIfDLks+LhdBoyF7 -TX24INRwjlqsC8UlbRFoClxIMNhrMwcC3oZ4oLddV2OmA0IOG6yHXvEOQq0sTotr +MIICbDCCAdWgAwIBAgIJAJky3mEOQBmKMA0GCSqGSIb3DQEBBQUAMCoxGzAZBgNV +BAMMEmh4NTA5IFRlc3QgUm9vdCBDQTELMAkGA1UEBhMCU0UwHhcNMDkwNDI2MjAy +OTQwWhcNMTkwNDI0MjAyOTQwWjAqMRswGQYDVQQDDBJoeDUwOSBUZXN0IFJvb3Qg +Q0ExCzAJBgNVBAYTAlNFMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC50xtn +HPdeJoE7gv8DpEO1smMLiVhD/j3gOH2TdLutIaQp2TR58xyMWtaw1xnqzK/gqEAC +HZHxrDaw+wi9zJrht27uCmm/bSvuIIJhBvIYzIkRZH6y/0fRO1Jz61rAA6ZLx0B+ +vOEOZUQ/QIsCglQE2cwsZwG2FoLYM1MX196NXQIDAQABo4GZMIGWMB0GA1UdDgQW +BBRuSBPcv4uVTBPzH5cw3SeWWZsOaDBaBgNVHSMEUzBRgBRuSBPcv4uVTBPzH5cw +3SeWWZsOaKEupCwwKjEbMBkGA1UEAwwSaHg1MDkgVGVzdCBSb290IENBMQswCQYD +VQQGEwJTRYIJAJky3mEOQBmKMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgHmMA0G +CSqGSIb3DQEBBQUAA4GBAFKb5A7uwl238bpH4/6vPVEQ/egNFFgFNqfr2AXlJ29R +uOyQ2QPhvJyTOCFcr05se2xlqZLNlO+orpASFHgtoxWqQvHZRGQsPMC9OkjYgEWL +0XmC4A/fCDxgIW8xR5iuL8uxobnBo3FeSsJn32YKUbWtYAXbAtQa0rlOAQgrw1ev -----END CERTIFICATE----- diff --git a/lib/hx509/data/ca.key b/lib/hx509/data/ca.key index 924c52dbafc9..04d2516cf188 100644 --- a/lib/hx509/data/ca.key +++ b/lib/hx509/data/ca.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQDHcvJbyJXPhM9HHq1hU6d2Cu1fW9o1CvObirn1SNZg+pTnQgO9 -Lv4VjQQfltNK0aovyLJaUdbAbsRCfH+79YY2tU76x8aXpUri0DfUv5PGscIZzW7W -ULaaXxBgHo1owzmhc1QjF9JDEurJXGFEZaDsPcEwY40RjrKDL8SXzEoEwwIDAQAB -AoGAcRFgBdpr224eF+JzRganm8rMENBAnutreRUnIL+/ENFd0tBg0EIwtsTvvnzB -odvEkDxFp+BXT1Y8Grj7rPGeuKq7537J43Go02fSC7z4i3HDhSmv1SXE59hiES4F -ktyR2D7N+A/RPCckS4JM/zG4ZkucqKg/NnVpbdTpl0P2oSkCQQDoDkPde5vfWeXG -wmAgm5HPbyEmDBXQMlYDgNd448TmObRpjr0dyyr5zDgFJkOpOmv6WUMUxGILam3k -hCDqQqHPAkEA3AdgsMafqkR+OJmZT/gIDYb+mU8DFH6+WcUPxk+qbAa8JWg4VD30 -tpOKwZu4an1kExHnsVTqKOoW1cYmtYDuzQJAJ+78gsrYwhDoV9HvVO0wpG/NVozR -3CgtYSD085rOsYfQojGsHcputNoN8eTp09934Xcm8hXxgWFpU9/hAi9BRQJACKG1 -dlnka56SQRAthoiZcEZqeIM0ALrUJttnOgVoDyLYgLMs+okPr5XsLJo6StsucN0T -9M36/a3pRWunmxk6xQJBAOaD3sdIMLtGpFFOIQgkNUD9rOqXpi87h3ecmJCuG82w -B6kRNvpZz33U2FowFQtGBdvUBsbzlRzYDMrWniC6YKc= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALnTG2cc914mgTuC +/wOkQ7WyYwuJWEP+PeA4fZN0u60hpCnZNHnzHIxa1rDXGerMr+CoQAIdkfGsNrD7 +CL3MmuG3bu4Kab9tK+4ggmEG8hjMiRFkfrL/R9E7UnPrWsADpkvHQH684Q5lRD9A +iwKCVATZzCxnAbYWgtgzUxfX3o1dAgMBAAECgYAT8QS6zw/4yZcKxOcLBADEKe2Z +GlcfjNQlEMrhHSDa1oZge0+3WpCQu1rYxWyhlu+04zljQLsdvUZtPbNVcvSX36Br +RuP/6Z5UCn/9YYv69Hv006PoBUWkVLQ4LFZLX1QD1HcyPGdr7GyDweD6n/CgTkrW +nZVw8nVP/dStf1aeIQJBANr6LnKHr2Hd5p004XaHJcNjcFronW3QnLFozZH3WKWI +t1ug6McwBXuk0io+Zz9ituZ8NabV9AdQKTuVVWORPxUCQQDZPgGvIepGaMuthoE4 +D+54BisUjWWkL/w3MTdh2jkwo1foCXvW1kKKBVbLzGNRYlp5lglx33HWekP7wdxe +0mcpAkEA2HD1PAtVlTyKV9UPDeMjtm8xfQnzobnTR6A5oQ+FNYlfA1iW/Vs/8CjH ++y1XTFW8RzF6rn9IB3p6ZwSCNDo6yQJAX6D0+tPyHdZpulQYM8aHkdwdQKnRkUny +O5V1rKR0Ql3VB3aNRhABMGKTR5kMKzohW55ZQAA9S018+ajnyfHSqQJBALSUXIk0 +C+owiDiHu50Q6xFTJr3EmtudKplUCQTZ9xktNxAK08suxJd1UYeOFxkBuviRFvi8 +BuD/JDKYITDMrZA= +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/crl1.crl b/lib/hx509/data/crl1.crl index 14aecf4c3dca..568f6b696534 100644 --- a/lib/hx509/data/crl1.crl +++ b/lib/hx509/data/crl1.crl @@ -1,8 +1,8 @@ -----BEGIN X509 CRL----- MIIBBDBvMA0GCSqGSIb3DQEBBQUAMCoxGzAZBgNVBAMMEmh4NTA5IFRlc3QgUm9v -dCBDQTELMAkGA1UEBhMCU0UXDTA3MTExNTA2NTkwMFoXDTE3MDkyMzA2NTkwMFow -FDASAgEDFw0wNzExMTUwNjU5MDBaMA0GCSqGSIb3DQEBBQUAA4GBAGYUroSt3oVI -0mjphSYqtpzDavF6xVM7bQrQEW+ZhzG7VynJdJaPgaJRaEHj9CNlJT1GF5WOY180 -wWuZEqXUV144snZ7YkSdsNOQRSmnHp8Fl6Sjdya3G55FoJHmhZ2JvscyZpb/Vh8N -NoMICB27iYqCzVlK9NkT5neCmomv/mDn +dCBDQTELMAkGA1UEBhMCU0UXDTA5MDQyNjIwMjk0MVoXDTE5MDMwNTIwMjk0MVow +FDASAgEDFw0wOTA0MjYyMDI5NDFaMA0GCSqGSIb3DQEBBQUAA4GBAGXXCNeUIctd +TfKIUIpMbtHnUXYLA8hcB+6Iyc24VR3m+HNYx9XT6Qp6hY4Wg8Qq4p+0KFTxz4JU +XLTZWduvgB9+AL+ECXIUmx4FHkgwwq5+AyYygDqzYOVJszJ9hNp7HHthobObrRm4 +Q6hn748UG1nd4gp7zKB7ReLvLYff411G -----END X509 CRL----- diff --git a/lib/hx509/data/crl1.der b/lib/hx509/data/crl1.der index 6d29196fc7bf667d0d3b12d33628d229062a564b..c1e08c0b524c144c40cad2ebbaea1311a3d578e1 100644 GIT binary patch delta 204 zcmeBR>R_7SQg3NsVq|7yU}R}x7$weYXlY<zk2y4 zS5<4DSo0CBNAtI6gnT^T6cV%LrfcNw^$qfM4EtL+i$rG2vC4TE99mb$tY*|;wK?Ib u=VqhYmRr>_)rku?&t5CJ!+Aye`+gDW$h(iYs?RK_c760-xBdR(ST_Jl4oR_7SQg3c(XlQC+W@>3*5GBrQXl`I>WDMmRh!_YlF*1wu8Xzk&;AP{~YV&CO z&dbQi%F4jp*vOD3vaV(Ay;hG)882Jaw6@JTob|ElXs~rI*9F1+neB$V!!=KqOzUr4 z6qw=o_=|F?s;!&&)V}0+lY`kaU4@oj36HbbR92njGIzt}39g#U<>s?aU$VGdZM*b5 u*98-wwa)F_cibp#+W# Signature Algorithm: sha1WithRSAEncryption - 7a:f7:7c:cf:2d:87:aa:93:49:b1:05:2a:ea:ee:75:97:22:02: - 5a:a1:2c:e3:e1:9d:be:48:0c:75:26:e0:84:f0:2a:90:5a:15: - dd:7c:58:65:ab:79:05:85:40:54:35:e1:57:58:96:aa:32:68: - f2:bd:cc:b5:9a:1c:f5:d7:49:01:44:ce:fc:22:55:3c:86:d6: - c2:ed:46:e6:dc:a7:c5:48:3f:ac:0c:10:ba:b9:e2:e8:78:37: - 79:f7:d5:da:c0:8e:74:09:64:ff:bb:36:24:d4:c7:4d:c3:93: - c2:d7:3a:32:97:b9:e1:79:ea:82:3a:42:69:ec:e4:ec:48:d5: - 3f:90 + 83:f4:14:a7:6e:59:ff:80:64:e7:fa:cf:13:80:86:e1:ed:02: + 38:ad:96:72:25:e5:06:7a:9a:bc:24:74:a9:75:55:b2:49:80: + 69:45:95:4a:4c:76:a9:e3:4e:49:d3:c2:69:5a:95:03:eb:ba: + 72:23:9c:fd:3d:8b:c6:07:82:3b:f4:f3:ef:6c:2e:9e:0b:ac: + 9e:6c:bb:37:4a:a1:9e:73:d1:dc:97:61:ba:fc:d3:49:a6:c2: + 4c:55:2e:06:37:76:b5:ef:57:e7:57:58:8a:71:63:f3:eb:e7: + 55:68:0d:f6:46:4c:fb:f9:43:bb:0c:92:4f:4e:22:7b:63:e8: + 4f:9c -----BEGIN CERTIFICATE----- -MIICVDCCAb2gAwIBAgIBBzANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1OFoXDTE3 -MTExMjA2NTg1OFowGzELMAkGA1UEBhMCU0UxDDAKBgNVBAMMA2tkYzCBnzANBgkq -hkiG9w0BAQEFAAOBjQAwgYkCgYEAu/oUJDWfy4KRILlE7E345BtoP2pN0VY+KCVu -q6qLa5xZzmfMJ2FP/xilVoGhlMQz+SBU5R9aR0Puj1KKn5drc5Kj4f2eCwQ2K7Jy -vYD/rlrhm7vYd8j++Ds/uVFWbpfCKnbqVthGZ0Uzb7F0zyvdETIf16npKuIPqN2x -lIWH3bUCAwEAAaOBmDCBlTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DASBgNVHSUE -CzAJBgcrBgEFAgMFMB0GA1UdDgQWBBRRdSYa4BYPaai0mIDryEmm0MYkwTBIBgNV +MIICVDCCAb2gAwIBAgIBCDANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw +OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA5MDQyNjIwMjk0MFoXDTE5 +MDQyNDIwMjk0MFowGzELMAkGA1UEBhMCU0UxDDAKBgNVBAMMA2tkYzCBnzANBgkq +hkiG9w0BAQEFAAOBjQAwgYkCgYEA0kF6+EtVsq8R+UObQ4EJO5qUzwD0hXWS1yql +EfGoUG7GhHQkF9qEyAM3siDzurVZNiFNq3DiwwmTaBQSecW7nhtK8MYkWSXDHKhw +Zls+QY7jJXGalKBbRpFv3VgU7InljJbFOGDkq/J17m5i/OG9A0f/xL4PynBz43RY +Oi8ELTkCAwEAAaOBmDCBlTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DASBgNVHSUE +CzAJBgcrBgEFAgMFMB0GA1UdDgQWBBQ603P/q9t9jcY6oiY+rniVgMnmMTBIBgNV HREEQTA/oD0GBisGAQUCAqAzMDGgDRsLVEVTVC5INUwuU0WhIDAeoAMCAQGhFzAV -GwZrcmJ0Z3QbC1RFU1QuSDVMLlNFMA0GCSqGSIb3DQEBBQUAA4GBAHr3fM8th6qT -SbEFKurudZciAlqhLOPhnb5IDHUm4ITwKpBaFd18WGWreQWFQFQ14VdYlqoyaPK9 -zLWaHPXXSQFEzvwiVTyG1sLtRubcp8VIP6wMELq54uh4N3n31drAjnQJZP+7NiTU -x03Dk8LXOjKXueF56oI6Qmns5OxI1T+Q +GwZrcmJ0Z3QbC1RFU1QuSDVMLlNFMA0GCSqGSIb3DQEBBQUAA4GBAIP0FKduWf+A +ZOf6zxOAhuHtAjitlnIl5QZ6mrwkdKl1VbJJgGlFlUpMdqnjTknTwmlalQPrunIj +nP09i8YHgjv08+9sLp4LrJ5suzdKoZ5z0dyXYbr800mmwkxVLgY3drXvV+dXWIpx +Y/Pr51VoDfZGTPv5Q7sMkk9OIntj6E+c -----END CERTIFICATE----- diff --git a/lib/hx509/data/kdc.key b/lib/hx509/data/kdc.key index 01fca6542c2d..f6be6eb5e123 100644 --- a/lib/hx509/data/kdc.key +++ b/lib/hx509/data/kdc.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQC7+hQkNZ/LgpEguUTsTfjkG2g/ak3RVj4oJW6rqotrnFnOZ8wn -YU//GKVWgaGUxDP5IFTlH1pHQ+6PUoqfl2tzkqPh/Z4LBDYrsnK9gP+uWuGbu9h3 -yP74Oz+5UVZul8IqdupW2EZnRTNvsXTPK90RMh/Xqekq4g+o3bGUhYfdtQIDAQAB -AoGBAJXwJO65A0v+SqqyfSKME1JH9kBXF9k5lHzLVtqBP5JHdW7pZnOm8HtG+mLl -JbCXS+mUe4MDHiyoJ/qUWVRxIFgBBEQpaYxdyW8d+SpCnR53hBa3t0yxr3yZ0XCc -u4lkKaCCQM5aPZqlbEkyR0Hm+lXPKbW+Sgm18fm2zPJ/2EXhAkEA8RO+dydMR7LV -8PdOvMkENwwnkUQTI3YjoRy0yV9UV+x3JDdBufOOjObrXIg/jDkg3PyOE5JBo/EZ -u1OyFFbyPQJBAMec4B3+ZyOPeH1OodSWfL/0AFCSZyOs1UgEC7vorMJ8i0eHDIsT -Uie1xNlrfrjnXTvMG7woFZOvNXBJkxCXKNkCQQCyMX/lnxyZGq1csdB3ZrZA4jEV -BRaIbbikTA2tk1NKsjTWhimFA2xo5f8upF8kjM2nyt5RxRfT0FDO0Gye8C2ZAkBq -CJYwuJwXErZBcgya/dmEqduk8TAijkO5fpSxG7bxlPDzbPSnx/qjJ3ZKvERTemtX -QWQWPgDAM5kibaLWdEV5AkAJn7iP495Cbac0y3zihgK/M70M9y1WB0TbumpTVpg2 -taw3NwTjQlGnFj64dJIj+hgCOGYJ7H1Gt7JOi10NRtbd ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANJBevhLVbKvEflD +m0OBCTualM8A9IV1ktcqpRHxqFBuxoR0JBfahMgDN7Ig87q1WTYhTatw4sMJk2gU +EnnFu54bSvDGJFklwxyocGZbPkGO4yVxmpSgW0aRb91YFOyJ5YyWxThg5Kvyde5u +YvzhvQNH/8S+D8pwc+N0WDovBC05AgMBAAECgYAw4vS6opmMcFRXhralHW2OJEUR +VIGGPm4kBVBYOb4O5ZLW3UI/IZnZ/5WFn0/MS7owcdHjWN4Ax0s02eXp1mXm0sua +gr6JuWTTv5y2Vjrq2AQ9RqNIaRp346gbtqt2/Nhoyl3BMcVPuq69WcbDVq+GPNE5 +K5plwS32AQJsceitWQJBAP6M2xJ4cOh3keOOfYnVvoBRsS++ErViBOtHgjdriJXz +Hy9uNPp4HGpKExPWBVRozBQ5HMYUY2Wv+Zsku+mlgzsCQQDTdAqkOzzhJ2+uD2et +MyMDBm2oKiPUrpSBTFo1EiDH6ECrNAJd0FyYFwYvcI5b7BK06SFRmd80GSvBeOMI +TKIbAkB2zFIpqqA3PiaOJyAbxe+kf3vMJk8g6+AT1knFh6A1K0QwpKSBCLFqQavp +pAbUwBwOjCELqNRCzwAVEe3JO3+lAkEAhRhedl8/A62R8yqJJJCycf4C2b2kjgNR +QE1x3kPJ1GqRAfIbpzc2gRjE8OlVAfEHGU5AhZ9nyeAqFX5k0N2DjwJAZpJApfQo +VoCVZyPPASHV4B6k5b/DUcLo9XnNYkcm5EsdjJXR8TWCrkbBxPM3i1Nn/2Lpa0xp +FiD4cMhNHreApQ== +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/n0ll.pem b/lib/hx509/data/n0ll.pem new file mode 100644 index 000000000000..4b17377c1583 --- /dev/null +++ b/lib/hx509/data/n0ll.pem @@ -0,0 +1,47 @@ +https://www.noisebridge.net/pipermail/noisebridge-discuss/2009-September/008400.html + +Jacob Appelbaum jacob at appelbaum.net +Tue Sep 29 22:51:33 PDT 2009 + + +I hope this release will help with confirmation of the bug and with +regression testing. Feel free to use this certificate for anything +relating to free software too. Consider it released into the public +domain of interesting integers. + +-----BEGIN CERTIFICATE----- +MIIGTjCCBbegAwIBAgIDExefMA0GCSqGSIb3DQEBBQUAMIIBEjELMAkGA1UEBhMC +RVMxEjAQBgNVBAgTCUJhcmNlbG9uYTESMBAGA1UEBxMJQmFyY2Vsb25hMSkwJwYD +VQQKEyBJUFMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgcy5sLjEuMCwGA1UEChQl +Z2VuZXJhbEBpcHNjYS5jb20gQy5JLkYuICBCLUI2MjIxMDY5NTEuMCwGA1UECxMl +aXBzQ0EgQ0xBU0VBMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMl +aXBzQ0EgQ0xBU0VBMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEgMB4GCSqGSIb3 +DQEJARYRZ2VuZXJhbEBpcHNjYS5jb20wHhcNMDkwNzMwMDcxNDQyWhcNMTEwNzMw +MDcxNDQyWjCBnjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAU +BgNVBAcTDVNhbiBGcmFuY2lzY28xFDASBgNVBAoTC05vaXNlYnJpZGdlMSMwIQYD +VQQLExpNb3hpZSBNYXJsaW5zcGlrZSBGYW4gQ2x1YjEnMCUGA1UEAxQeKgB0aG91 +Z2h0Y3JpbWUubm9pc2VicmlkZ2UubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB +iQKBgQDPTRdCAI0MQZUxjEAwvF5CtigJdS8ZYdmrTezzRMQcAZVvJ+twB5hPHgXQ +82xJRebeSHpZ8MKTajecAnJPvRQ2JqFwl9T+SyTozSkeYRqFsG+WBoMQE9aJn70H +Z/FC3ptjZ4uW+QbvfJNLavk5MTJ/mFnvzpG+Bc7wgjPYdgZMnwIDAQABo4IDITCC +Ax0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAwCwYDVR0PBAQDAgP4MBMG +A1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBStfpIwBXE+eXWUWtE3s5JqXon2 +TzAfBgNVHSMEGDAWgBQOB2DUOckbW12QeyPI0jSdSppGOTAJBgNVHREEAjAAMBwG +A1UdEgQVMBOBEWdlbmVyYWxAaXBzY2EuY29tMHIGCWCGSAGG+EIBDQRlFmNPcmdh +bml6YXRpb24gSW5mb3JtYXRpb24gTk9UIFZBTElEQVRFRC4gQ0xBU0VBMSBTZXJ2 +ZXIgQ2VydGlmaWNhdGUgaXNzdWVkIGJ5IGh0dHBzOi8vd3d3Lmlwc2NhLmNvbS8w +LwYJYIZIAYb4QgECBCIWIGh0dHBzOi8vd3d3Lmlwc2NhLmNvbS9pcHNjYTIwMDIv +MEMGCWCGSAGG+EIBBAQ2FjRodHRwczovL3d3dy5pcHNjYS5jb20vaXBzY2EyMDAy +L2lwc2NhMjAwMkNMQVNFQTEuY3JsMEYGCWCGSAGG+EIBAwQ5FjdodHRwczovL3d3 +dy5pcHNjYS5jb20vaXBzY2EyMDAyL3Jldm9jYXRpb25DTEFTRUExLmh0bWw/MEMG +CWCGSAGG+EIBBwQ2FjRodHRwczovL3d3dy5pcHNjYS5jb20vaXBzY2EyMDAyL3Jl +bmV3YWxDTEFTRUExLmh0bWw/MEEGCWCGSAGG+EIBCAQ0FjJodHRwczovL3d3dy5p +cHNjYS5jb20vaXBzY2EyMDAyL3BvbGljeUNMQVNFQTEuaHRtbDCBgwYDVR0fBHww +ejA5oDegNYYzaHR0cDovL3d3dy5pcHNjYS5jb20vaXBzY2EyMDAyL2lwc2NhMjAw +MkNMQVNFQTEuY3JsMD2gO6A5hjdodHRwOi8vd3d3YmFjay5pcHNjYS5jb20vaXBz +Y2EyMDAyL2lwc2NhMjAwMkNMQVNFQTEuY3JsMDIGCCsGAQUFBwEBBCYwJDAiBggr +BgEFBQcwAYYWaHR0cDovL29jc3AuaXBzY2EuY29tLzANBgkqhkiG9w0BAQUFAAOB +gQAjzXaLBu+/+RP0vQ6WjW/Pxgm4WQYhecqZ2+7ZFbsUCMJPQ8XE2uv+rIteGnRF +Zr3hYb+dVlfUnethjPhazZW+/hU4FePqmlbTtmMe+zMLThiScyC8y3EW4L4BZYcp +p1drPlZIj2RmSgPQ99oToUk5O6t+LMg1N14ajr9TpM8yNQ== +-----END CERTIFICATE----- diff --git a/lib/hx509/data/nist-data b/lib/hx509/data/nist-data index 80333bbfc406..7407b80a3f1f 100644 --- a/lib/hx509/data/nist-data +++ b/lib/hx509/data/nist-data @@ -1,4 +1,4 @@ -# $Id: nist-data 21917 2007-08-16 13:54:25Z lha $ +# $Id$ # id verify cert hxtool-verify-arguments... # p(ass) f(ail) # Those id's that end with i are invariants of the orignal test diff --git a/lib/hx509/data/no-proxy-test.crt b/lib/hx509/data/no-proxy-test.crt index d57802e44699..3c316fd99663 100644 --- a/lib/hx509/data/no-proxy-test.crt +++ b/lib/hx509/data/no-proxy-test.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIICDDCCAXWgAwIBAgIJAI8UaHGQmUvOMA0GCSqGSIb3DQEBBQUAMCExCzAJBgNV -BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQwHhcNMDcxMTE1MDY1ODU5WhcNMTcx -MTEyMDY1ODU5WjA0MQswCQYDVQQGEwJTRTESMBAGA1UEAwwJVGVzdCBjZXJ0MREw -DwYDVQQDDAhuby1wcm94eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvF58 -Sgq1QTZwsXyFvMTo2Iit/NLZupuIlJgctZJ51EOaFBmTfqt/PgxQKmgqQhgFW+HT -8WPdvvfUxjwe4BiIORYoCX8pl/wGFCa70zUC7/5IoMmhb9XBrecOxswRNK8EvGhF -67z2uDUS4LASuy7ng8HSuAM0PCHYnGmqeYrR6jUCAwEAAaM5MDcwCQYDVR0TBAIw -ADALBgNVHQ8EBAMCBeAwHQYDVR0OBBYEFJ+WD/mqMrbcBts4x0tXv0CflIcZMA0G -CSqGSIb3DQEBBQUAA4GBAEAODiL2ZL2ZhkklFbHXSg/ZEkUs1Oewpg+bDO6xjute -hnarKTrWFWiSgQ9yhZMa8klaNCdHjDo0Q5borQeVzp027cemLdnLyxusSuIJRqy+ -mZtNl7533q+oKWydZtvNmXRlGi5HmJV5JAjEXbadqUnlRJ/CdN1WvdwLWfvbW5DL +MIICDDCCAXWgAwIBAgIJAMJEvwnR1+3VMA0GCSqGSIb3DQEBBQUAMCExCzAJBgNV +BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQwHhcNMDkwNDI2MjAyOTQxWhcNMTkw +NDI0MjAyOTQxWjA0MQswCQYDVQQGEwJTRTESMBAGA1UEAwwJVGVzdCBjZXJ0MREw +DwYDVQQDDAhuby1wcm94eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoj9n +WflMrV4pTKogjZSsR0ayv0SnNJDalEKSvEge7NeWJm/qOl63ZFp/Fu76CX5sw0um +3y08szXc7PQ3bfeaOASI3DRjeq/Bdo91189IudKjRQGmpwvaLaB+geiJ0zxL8MbO +zYCKZR2HtwmnyAtuVxBzg/JkbRivZNY6eFujez0CAwEAAaM5MDcwCQYDVR0TBAIw +ADALBgNVHQ8EBAMCBeAwHQYDVR0OBBYEFAsSc5J6beDqU81cycJGR+e284BXMA0G +CSqGSIb3DQEBBQUAA4GBANmfFhAMyYld728X7ne9GFLKKOSmWNUBlI7imwZcXo3P +QgCBmjhDiadCLdntQNCGAtBMUUM/jf3SCzWyEUtvCfqNCeFbYuS4CNStrACtDNjb +iw34aVAORleFr4hzAe9c61UH8nIkQbMYH264yUA/RJC1U01b/26YlKAVq75l3d36 -----END CERTIFICATE----- diff --git a/lib/hx509/data/no-proxy-test.key b/lib/hx509/data/no-proxy-test.key index 1c4793756678..2a6006cdc80e 100644 --- a/lib/hx509/data/no-proxy-test.key +++ b/lib/hx509/data/no-proxy-test.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQC8XnxKCrVBNnCxfIW8xOjYiK380tm6m4iUmBy1knnUQ5oUGZN+ -q38+DFAqaCpCGAVb4dPxY92+99TGPB7gGIg5FigJfymX/AYUJrvTNQLv/kigyaFv -1cGt5w7GzBE0rwS8aEXrvPa4NRLgsBK7LueDwdK4AzQ8Idicaap5itHqNQIDAQAB -AoGBAJt0CnR8U8tGp0gCMMhxZIvWeGfOhnr3AodG5WJ/SGWBiLWPyeZel7rYJIxq -vH0hH8MNIoDy3rxMAN+8G+rqs/elE8zeYv8FCP4jahz+HPKeJIjFm1MBOHZQspq7 -Y4OfoBH+EgqJjBRxuBIeCUqVhyluSsYHQFihurp3a76dHvxBAkEA7c4KjJ6mka9C -9X+Tp2EKW+h8npEEXbLIvHet9p0pzD5PhE2aVvSEAXEqxdbuFAb4LVApUdd4Quec -PXa0EOF7UQJBAMrIIV317rGPlmEXqt681KkHo30C2e6SpM6by42r+csTs+6KDZdf -uDWZKb4o9bLTj+A0LC73ySESv4PlGC+8v6UCQEIRnJy091JCfzf12fAG5fni/byQ -TcY6hcrW9V4vDA3SwgTgCqFeDc7Ywil1LXAi/5CXVOOIGcF818u7zwthmgECQCm+ -Rvgjr05IA6nbCGavsotVMjeCxcAR2fFaKu3wEAzY8npRWvjlUHNgIzKtFd8JJB4A -P3Qvt+yiAmCxYWg6T60CQHvGW0M/usmQXEGWMx+KCkm71UKcKCxDEKzZ8mI3jQ3H -b6Whs1NdsQJwIEXHB2Sb2GmTIlFjXczw7fp/ub3Dx84= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAKI/Z1n5TK1eKUyq +II2UrEdGsr9EpzSQ2pRCkrxIHuzXliZv6jpet2Rafxbu+gl+bMNLpt8tPLM13Oz0 +N233mjgEiNw0Y3qvwXaPddfPSLnSo0UBpqcL2i2gfoHoidM8S/DGzs2AimUdh7cJ +p8gLblcQc4PyZG0Yr2TWOnhbo3s9AgMBAAECgYBWdSjy1hkZDWM+mi3MpFwFg1P+ +/muHZGVFuhANSvVHyj4V729GeXCKhnrQ0rnk0zzL+QVMSgPdj6dRkXX0IIxJ0iyI +k7ZVoaCuC8dmc/rF9pJ58saqKYCqQFtjdFO68E3aQbnk89ai69AzgdjegRSVmOQ8 +yJ9ArHcggxbEqGq94QJBANOk9UWdI72KbIRElrTtWAvIrNaF4iixR+AdYuFL2+cJ +WaGApfFtcNppllmbWxh0IayIDzRpWzSpTILNLQdqF9UCQQDEQDzfZ04+x2RhX28o +O1Vzqkado6OvyhwVlzp19ZGstMWq6IVNZEJDBYCilk7dkIkjBHojaVEu/k9vMUZS +KzHJAkBk6xmRUjbCoIjSISqDp1D+fXf86uZGZRJSyXBm4Zc/+XNl0URPdNIFM6ff +nna3mFiePlqRsVMuLzQugstf57TpAkAYCvqqMADRBiKRH10B48sDQaAnHe4m0i8A +oidiXjR7oSX6W0RBh//qMBljUeDVmiiC5sCD6BovFK7so2/HD02pAkA9zFWyVTdq +Y3t01+ZG6TfcxwKGCgpwS3x9OQbMVb34JPQ65U0JzW7ubmYFMD5Fl1RPjDbLc+wm +uSnStI7RGOt+ +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/ocsp-req1.der b/lib/hx509/data/ocsp-req1.der index 869a7dc87d3a9f5e28fb1f7d23188026004569b0..c975bfeede9f8c117ba3b5fb9b671fc31a4fcd01 100644 GIT binary patch delta 45 zcmV+|0Mh?yX^<@xZb%c{zl)Vj6Z0RJFx@AXS(^@MkwF*`!h-cuDYoT2CdkwF*`!HL^Cqv|J^;ASx3TcirN D*SZx7 diff --git a/lib/hx509/data/ocsp-req2.der b/lib/hx509/data/ocsp-req2.der index c1481e186dbce68ba468ecf5fa2e8440b9fe36be..1c0cce1b7e1eb446fee78ffa1f9d197f1252a5fc 100644 GIT binary patch delta 45 zcmd1IoS-X`=OKJ&fA>@$;m`8Z4eqK>i=54uG0{;%K*ZUh!8!SpcOx_7O}nCKB>-cuDYoT2CdkwF*`bDGAYpJ$*^C=x+4KQB15 D$LA8f diff --git a/lib/hx509/data/ocsp-resp1-ca.der b/lib/hx509/data/ocsp-resp1-ca.der index 2450168915135fa3e25833c78bc312ca49a5dbb8..6090b61dc6dbad479637f22a1fbc98b29b3dc1f5 100644 GIT binary patch delta 654 zcmaFP{+xY61h=JuiIJI+fsv(&;lyOE`aBQeJNvt*`UroPpKfqheOlyfz6>TtrUnKH zej@_|B*jq+l?@aPj2*%(<_*$o((ScF&v4mBHWn#2Bn{@IryHf?qCyA62RIJMe5 z+P?EL0#z|EH#RZ^NFI~f`K&t7DZHGK^X_Z^?dvMJJBphBd|eZf6q(HNZPmVO$|e01 z%r)L${&V=*JWaE}nEsWHdCxZAG*eF6>!a)IYYO^JEt3qELTrL+dB`Gqk zaP?M)aEtV>KMzklR(fcWx~ksl`yVfgy{(nYuFLq5>u~!Y-;+B<$AV`~&S#Y1m}zt` zk-TznVwsp385kEg&NOJ8W+2PP94gDlBE}+uExrt*K+?)A!3Kd1SQSkE z$7GBM0ZV4R`k>iQ_}(3g-TrZx`{RG>Z36}VzTg#!U^QF*`UdM$_58pcZzkMiez<4O zWDCWZ^?o_kIjJirot^T2#kvVXA{DxeMOQg}yy=pnV{>4ymB)<+*Y1mzO%M3*bJ!#( u<{P@tSf_t_7Z=8P9ZJ8S#ud1AZ363UrYlmHcKR`LXdez|Tn_;3?G45N delta 654 zcmaFP{+xY61h=`Np`odPnW?3L!Ng>(`kv>!TaVt$Y%SH{Sa>g3)L_oS7Ys~{ObrYY z{6+=_NQ$EtDjO&o$g^>3voW%=vKufmu?VpU9PGSpwfL3#j0b5352BZFZ8zX$0hxbIEKxiEb>D%uE!VRvy<@5$t@;`(xGU%2E`b`B z14qvXuX8>zxhweJ?k;=zx|1p|ukX*7esi>~`v?E3vTWzAaaSzP3-rxjIXRzEf@AxX zxYkXQ4H1+386Biy-m)+?ixTHG1aXakK?34Vp2w&=S)56x{&>-+=o3@Vx14vETbmfX zyo~E@eDp0-uFtc(c7FA^mhfxJb0_A#djCXwS>&f(_PV%A|HP)Kz-tHcjyToS@BZ3m zw$<;~@nh4MdOf;eer5mUV;c`ip3S=!ux(bnK!RLv#$n5a#UaY#mz;%Oos3CzNnP;9 z_Mky>uVCM%X8j}6&v>!;9A;u>WMEv}IMbkUnt?1EbEqsIix`Utw)irL0!b^g1RDf4 zU{x^rACoa61T2~L>Kme7Wo^yYPR*0p$iHfbt?+_3fBhuumam_%g!^6-_tTe8T~4RC zdX(POW;?^nz_Mle^p-`N_Z+d0^PlrJ-Ah8zX4!_fIRfp6^}Ox$#2ptaR{PfOP`Fai w7qy1_sA{fY23L%S!HsNVcBXr66$`e(;oMc&uOiWUpHem0LYURCjbBd diff --git a/lib/hx509/data/ocsp-resp1-keyhash.der b/lib/hx509/data/ocsp-resp1-keyhash.der index 19cf6c80cc950003934d9c8268377c0e168f9eec..e9bf421190f7c5a77ee0c5f296ee87b00bef8b7a 100644 GIT binary patch delta 566 zcmZo+Z(*OHsq$Cf-gHkPJZ{~k4(b# zQqy!d&wqB>tWI9YH;_#(G?%6|9RNAf@PGv!K8`S75v zMN0hnlTtCAqe}U|95=lQYLZzTZ*(U@?P^s2PHV=3$&ri^QV4GuM2Yhng19DNUm8q4 z&FEJD(PGYmxSf2(lH0z9YtP|%zwCH8f3FQIbAPbLhiyMD@}9gSY_9vU%xrs1cI;9m zrkb{vd0QWMKbzNdbNV!<`8L%h&!o4V{Iz*|cW|EC?@jjWwCaDR-X4=1N{^sd0O^mT{@mAdB^#go7-HD z$}BP2w!P%>|Hsq$1-CNn75F>x_8VQ1*<#0^dTiiGx)`xbr?Qb{r1jxlULiT&fX1vy6xknm}{pNu5*9S^50dB(PnZaV}umUTNb8fQR2LYAg&S6 zmq701(~NHQHwE-r?#&cPWcu&7H6(vVL&5Kb52n9c$zS5WvS(@A{~fOyZmx4>-)lVi z(U*^R@3iI3%GsVS7_fHE2L6m#-x4hqzqn%u=4CB<+hBNeP33V;cKJDng^W9j=FU9& zmR+{#{Bg=d?807v{v+b2#d$gw`v5o7N#|z8zN1JCn|M`E?@?HP7Y{}W( zBL4Sr;k@OR>o0R~%d={pfB(d$sqWn>FG*|hXD@ZPeD{C!Ih#cx!s*weZC4tO+*UF= lcREtJ`~I%>-TVDsZIG)f-g1&{)yK&5mo;u*%2~j87XZs(5lR36 diff --git a/lib/hx509/data/ocsp-resp1-ocsp-no-cert.der b/lib/hx509/data/ocsp-resp1-ocsp-no-cert.der index 460b5f7ea157f29b01c9b1863b886e7fcb3acb73..f901f2e08df07ae45b82894acda8c69b35dd9d85 100644 GIT binary patch delta 249 zcmaFO^qOfx2)CtyiIJI+fsv(&;ly~Y`aBQeJNvt*`UroPpKfqheOlyfz6>TtrUnKH zej@_|B*jq+l?@aPj2*%(<_*$o((ScF&v4mBHWn#2Bn{@IryHf?qCyA62RIJMe5 z+P?EL0#z|EH#RbCi;va&!5ucs$#!LAnc>^^)Q6uYeJfu1d=iiSzTV`FfH$ejFQyvF z8ssyp$=V72IkiCa^k*^csfNz1mMXp>&1bG&v}bBJ-ydJnKA7FDg`!yFId)up1gE5C*}Q?-#Y;~dtJK# delta 249 zcmaFO^qOfx2)DVRp`odPnW?3L!Nhp2`kv>!TaVt$Y%SH{Sa>g3)L_oS7Ys~{ObrYY z{6+=_NQ$EtDjO&o$g^>3voW%=vKufmu?VpU9PGSpwfL3#j0b5352BZFZ8zX$E?{4%=OMc~vAb}QT-cvUrW<{3e~L&B@jJ>hO+vNi z)$@n*=H3o9dGOqbNnM|hdl vnYUFo>*n9D{Ps^!WpbA4YTxIU>p0dKtyHM^ReH_!HW%j$0Tq=$-LIMfF6Uqy diff --git a/lib/hx509/data/ocsp-resp1-ocsp.der b/lib/hx509/data/ocsp-resp1-ocsp.der index 87173ff610a070ffa7e20ae8e8d9374d52571439..f8e219b5bf429551c4e41d81a61c4f009b1ff754 100644 GIT binary patch delta 587 zcmbQnK8<}s2)CtyiIJI+fsv(&;ly~Y`aBQeJNvt*`UroPpKfqheOlyfz6>TtrUnKH zej@_|B*jq+l?@aPj2*%(<_*$o((ScF&v4mBHWn#2Bn{@IryHf?qCyA62RIJMe5 z+P?EL0#z|EH#RbCi;va&!5ucs$#!LAnc>^^)Q6uYeJfu1d=iiSzTV`FfH$ejFQyvF z8ssyp$=V72IkiCa^k*^csfNz1mMXp>&1bG&v}bBJ-ydJnKA7FDg`!yFId)up1gE5C*}Q?-#aH~Ge$@ud}0tK z&T9zbnt(&WVDeo?xB8D3a~8zyz6rNu872oP@zUtozjmjsdL^saU znEc0e=2fq*1zb<&m8Se$l05CM*1Y5V%*|~sM`f0nY};P)`2XYS{DNB<_6q!+c>9g6 z$ZWCWPdzqpBwdWyr!gsWS(I&Egyo0bdkQ&rmgUTT7A~VIeXVLn!ThNKoZ>g7ZYtcq I*0paQ0HJX8MF0Q* delta 587 zcmbQnK8<}s2)DVRp`odPnW?3L!Nhp2`kv>!TaVt$Y%SH{Sa>g3)L_oS7Ys~{ObrYY z{6+=_NQ$EtDjO&o$g^>3voW%=vKufmu?VpU9PGSpwfL3#j0b5352BZFZ8zX$E?{4%=OMc~vAb}QT-cvUrW<{3e~L&B@jJ>hO+vNi z)$@n*=H3o9dGOqbNnM|hdl znYUFo>*n9D{Ps^!WpbA4YTxIU>p0dKtyHM^ReH_!HW%j$0Tq=$-LIM_XER1f!F*z2 zY8EBVYY5^R0Yd@EoqU(kt^THfKFhtC0*Orj{kDeW&uA$4z3{>GcPsfz+*kH2ZTr9D zRm077uIzh_CqMe~@$Q|ryjeNh(**<8&e_195$ju`rQ#QN?7+ONMQ4GPJF?7YgF)_JHQQd< zwMTn865F_LdAzVZf3$hV^Pm4GE#LKT%a)woE#iM47tUL5x&AT-w>+!n`S(w3n(E%I z@{+U`fA&&$%Xj}rpR-vMA~c+SJ=%7q;mBTt=7oY1 z{6+=_NQ$E{1QseAC>qGKacZ+Mva+%pFfy?Su?UDbJ2W^afAVf*X1r-v6s=^y%f_kI z=F#?@ml3Fnfw{4f;nIt?X#aVYr_;r=CF*BRy!?`Sh*hZdu>M%=k%SixvclkG48mogFExP7c?=c8#FN~ z1M%c`Mqep}FAbu^c@05a6L1I_On%4cR{zmr&Vsm|e8rO6zJ_bh;d#I8csPHr4J&hh zu*QdNKQ8i~yd!L``?1VydrWrhQYEIEww8HYA9p{S*K~9GG^Y7B)g{lQx1Id8d3$$o zp4#tC_Up9jf2QA;dU&sWx_eo};v@TGba+>rO&8YPaVXW%{e?-$57$2yWjkitzia;H z=`c-(lmEERyz14pfa}S;(v+V|lBeC(ns=O^xw*~dsLT?RZQDy8|9?E4 zUvMkKUV*<8Z@B;zG$v&(i?XeYu>7!lPa((7vYgq^!evyYuT{+` Um_IduQ~ajXO@-Uny7tWj0F$)(ga7~l delta 615 zcmZ3^zMOqR2)DVRp`odPnW?3L!Nhp2`kv>!TaVt$Y%SH{Sa>g3)L_oS7Ys~{%nJo2 z_>Bwhf8?AeY%epAI>F zd8(neW;_3>S3BN)$di5fqkRu=s14ue3r9zWH1*X{aQA$4Zy zfw#5KeeBOmpZD%MzD=ohb;OsWsiy0gBhx+}ekJ-eU;lN9^$meF)jDPCS)vy-F{v9g zF)0J_}#WO-1#;jR2cpT2vub8AoQH5>66g?|)d zf1CM-Z-v&{CdRpww=ntC&)H|Z{!q}dPj2xm(hHeB7I-h;E`lX+yN~u=yR++Y`K>hV zeMgr0Y%s|Et7h9PyY^^LM`9b-EsqzL=Z`kec>eSMq~*K*ZP}8uyG8u( z;Ff3AJpcZQO;g>wRbG^_B-^Twk>@XK+`g2v;4T2uauCA+ diff --git a/lib/hx509/data/ocsp-responder.crt b/lib/hx509/data/ocsp-responder.crt index fb55a8a53939..ceba439062b3 100644 --- a/lib/hx509/data/ocsp-responder.crt +++ b/lib/hx509/data/ocsp-responder.crt @@ -5,22 +5,22 @@ Certificate: Signature Algorithm: sha1WithRSAEncryption Issuer: CN=hx509 Test Root CA, C=SE Validity - Not Before: Nov 15 06:58:56 2007 GMT - Not After : Nov 12 06:58:56 2017 GMT + Not Before: Apr 26 20:29:40 2009 GMT + Not After : Apr 24 20:29:40 2019 GMT Subject: C=SE, CN=OCSP responder Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:d9:10:2f:04:de:99:10:61:02:ff:4e:b5:54:6f: - 98:80:70:fb:a1:e0:97:ee:a9:0f:74:47:a9:8c:a5: - 86:ff:b8:ea:80:d9:ae:45:07:bd:33:93:e2:f4:f1: - dd:dc:86:6e:9a:6c:b7:67:11:50:ad:9c:b0:0f:68: - 5d:4d:74:2a:24:4e:5e:c6:c0:9e:6a:a2:ed:80:31: - d9:ac:79:c7:09:07:1f:9c:c3:12:33:88:72:9d:99: - c5:f4:fd:c6:a1:9f:09:04:e0:7d:b0:ed:1f:91:4c: - 8e:de:9b:6d:7d:cb:2e:83:32:0e:32:57:f1:16:07: - ed:69:fc:0e:a8:2a:ad:82:9d + Public-Key: (1024 bit) + Modulus: + 00:f1:38:9c:a0:5e:b9:0e:73:19:b6:f5:57:2b:9c: + 0c:ef:a6:c7:57:0f:8d:3c:05:03:8f:53:28:f0:b6: + f8:d1:0d:c9:dc:13:37:2d:f1:76:36:b7:5c:6b:5d: + a5:22:02:7c:86:84:9e:b5:e3:8b:e6:9e:82:d9:97: + 96:02:9f:3c:7b:74:e6:1b:b6:c9:fa:b3:b7:8b:53: + 6e:26:fb:b2:3f:ae:2a:7f:f9:67:df:1a:e1:de:87: + 97:47:76:80:a3:c4:bf:5c:2c:0d:ab:36:97:13:2d: + b8:c2:65:41:47:e8:34:54:f8:45:fc:38:76:b8:99: + 3f:ee:83:f6:49:40:96:16:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -30,27 +30,27 @@ Certificate: X509v3 Extended Key Usage: OCSP No Check, OCSP Signing X509v3 Subject Key Identifier: - 9C:BE:33:AF:C2:52:C6:F2:46:5F:A8:67:71:02:F1:70:4B:A7:B7:14 + FD:2F:3F:35:BC:72:5C:51:52:4F:5F:D6:20:CB:D1:CB:56:2F:BC:0A Signature Algorithm: sha1WithRSAEncryption - 8b:c5:8e:d6:dc:ba:e3:77:da:66:2b:be:c4:a6:4c:b0:30:6d: - fd:26:3d:8d:1d:ad:c5:8c:88:61:86:0a:da:48:e8:39:cf:c5: - 83:98:e7:f9:ff:92:a7:ba:fe:b4:b4:6c:bb:84:17:fd:e3:71: - 9e:a7:39:af:d3:08:0b:1f:05:29:cf:ef:e4:3c:82:7e:ee:aa: - 4a:19:3b:17:e6:e9:2d:b4:f7:4f:e2:f3:6b:04:20:58:42:fa: - e2:b6:d4:80:c4:db:22:32:ce:cb:59:23:8b:df:ba:87:bb:bf: - 4e:ea:b0:1e:7a:73:b4:c9:06:aa:f1:59:cf:d3:28:db:d2:6c: - a0:dd + 24:95:11:a0:f2:10:58:4d:4e:20:e5:d3:4d:17:b5:4b:37:aa: + fe:c8:28:79:e4:ca:15:b1:9e:28:93:fc:45:99:d5:4a:8a:a0: + 0a:e4:9e:75:64:f9:a4:63:96:dd:2a:9e:c7:0f:03:83:86:44: + c5:1c:a4:34:b6:b7:74:e3:ff:e3:97:0f:11:b5:00:bd:10:fd: + 91:db:ec:2d:14:9b:16:c7:e5:48:b0:08:62:d1:58:be:92:69: + a6:5a:3d:7e:58:39:f0:bb:bc:71:08:b9:76:6c:9b:e6:57:1c: + 25:1b:d6:7a:98:70:9f:95:50:09:17:d9:1a:d9:20:db:d6:8a: + be:9e -----BEGIN CERTIFICATE----- MIICHzCCAYigAwIBAgIBATANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1NloXDTE3 -MTExMjA2NTg1NlowJjELMAkGA1UEBhMCU0UxFzAVBgNVBAMMDk9DU1AgcmVzcG9u -ZGVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZEC8E3pkQYQL/TrVUb5iA -cPuh4JfuqQ90R6mMpYb/uOqA2a5FB70zk+L08d3chm6abLdnEVCtnLAPaF1NdCok -Tl7GwJ5qou2AMdmseccJBx+cwxIziHKdmcX0/cahnwkE4H2w7R+RTI7em219yy6D -Mg4yV/EWB+1p/A6oKq2CnQIDAQABo1kwVzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF -4DAeBgNVHSUEFzAVBgkrBgEFBQcwAQUGCCsGAQUFBwMJMB0GA1UdDgQWBBScvjOv -wlLG8kZfqGdxAvFwS6e3FDANBgkqhkiG9w0BAQUFAAOBgQCLxY7W3Lrjd9pmK77E -pkywMG39Jj2NHa3FjIhhhgraSOg5z8WDmOf5/5Knuv60tGy7hBf943Gepzmv0wgL -HwUpz+/kPIJ+7qpKGTsX5ukttPdP4vNrBCBYQvrittSAxNsiMs7LWSOL37qHu79O -6rAeenO0yQaq8VnP0yjb0myg3Q== +OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA5MDQyNjIwMjk0MFoXDTE5 +MDQyNDIwMjk0MFowJjELMAkGA1UEBhMCU0UxFzAVBgNVBAMMDk9DU1AgcmVzcG9u +ZGVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDxOJygXrkOcxm29VcrnAzv +psdXD408BQOPUyjwtvjRDcncEzct8XY2t1xrXaUiAnyGhJ6144vmnoLZl5YCnzx7 +dOYbtsn6s7eLU24m+7I/rip/+WffGuHeh5dHdoCjxL9cLA2rNpcTLbjCZUFH6DRU ++EX8OHa4mT/ug/ZJQJYWcQIDAQABo1kwVzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF +4DAeBgNVHSUEFzAVBgkrBgEFBQcwAQUGCCsGAQUFBwMJMB0GA1UdDgQWBBT9Lz81 +vHJcUVJPX9Ygy9HLVi+8CjANBgkqhkiG9w0BAQUFAAOBgQAklRGg8hBYTU4g5dNN +F7VLN6r+yCh55MoVsZ4ok/xFmdVKiqAK5J51ZPmkY5bdKp7HDwODhkTFHKQ0trd0 +4//jlw8RtQC9EP2R2+wtFJsWx+VIsAhi0Vi+kmmmWj1+WDnwu7xxCLl2bJvmVxwl +G9Z6mHCflVAJF9ka2SDb1oq+ng== -----END CERTIFICATE----- diff --git a/lib/hx509/data/ocsp-responder.key b/lib/hx509/data/ocsp-responder.key index 24369bc1cbf8..c9dcb302e914 100644 --- a/lib/hx509/data/ocsp-responder.key +++ b/lib/hx509/data/ocsp-responder.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDZEC8E3pkQYQL/TrVUb5iAcPuh4JfuqQ90R6mMpYb/uOqA2a5F -B70zk+L08d3chm6abLdnEVCtnLAPaF1NdCokTl7GwJ5qou2AMdmseccJBx+cwxIz -iHKdmcX0/cahnwkE4H2w7R+RTI7em219yy6DMg4yV/EWB+1p/A6oKq2CnQIDAQAB -AoGBALXDXowmVmgnxFnEMAWvmTVc5unL5437VayaYbkb1ysGTqBtKAg4DdBF81QH -wS/sBmwbw4x0LGnk/m04iIDWWH4ZTH0HHthLxTiIrGHenS01V4Ucq1EjhYNJW/bk -8FGf91UDknZrEnvPFQxvdSLHVSB+WHgqkX8WXPc7MwoJ7HblAkEA9pmjB8TXxeky -B8+0G65u3QDWMzmfw12oHgKHnHxKyL/gamHERNPJ0NsFE4BtsSF1LJQYCw189s8m -GDpa0uW0iwJBAOFWUiJSYYVTSdcmfjI99XUCo9rXEkaJXY0etjK5q+rK21mrkWNQ -M7fWVZDbQZfbTP1LiUak+qjz64J9/iOogncCQEXUT6Qdi3RRiodHu5qzFFWkrQMo -aCMsXDTTRo97arnaC7RUJv3OczGfM5rIHUexT7rl3MEUerRxCDqIG7voq+0CQQDE -806sgvaLsoVqkFFilnbwg5M1lh96GVv0GTDEWzZg7FcWI/faJuJdPu/gwVKuaNX8 -2cWtQkt32mIw1vCGuCT3AkAfubHAXeiBHHE95jLtQ98s4KzOaZtFnQfn14c8nGS0 -2qUv1RHYZEVHYnsOZs3pLyOdxrZOlOSE6gKHCGVHoUKJ ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAPE4nKBeuQ5zGbb1 +VyucDO+mx1cPjTwFA49TKPC2+NENydwTNy3xdja3XGtdpSICfIaEnrXji+aegtmX +lgKfPHt05hu2yfqzt4tTbib7sj+uKn/5Z98a4d6Hl0d2gKPEv1wsDas2lxMtuMJl +QUfoNFT4Rfw4driZP+6D9klAlhZxAgMBAAECgYEA0hUg69azSu9ZhOtVeOiWp51T +3PHxakVfnVKqxEJGnyNoG6AsnXm/H9Y/yk4rhFwwAaO86eJ8NGT2xvTrM+tk6tua +iNokJ1uWzpt7XPTr5XvkYEYAx7Pf3VmAja2SQkD0m20AXM9QfXsRvyQVwB2RxIhl +pa45Gm+PjSNXRaTzs0ECQQD/L+doN/fBbooCRcRYM/vNnHq5Hh1IdHSp3hI9MMLb +yOU1x6iWfg43xPImODCSippAh74Ummo2SPxVDbuu0Mq5AkEA8f1Rsfh8hcd7RsUu +LKHl4wyVD9fzpjbsFjyuTOq/bDsXLtdktDr1pn37jker/DKm82wHfAELtij74piN +FYHteQJAET7eh6eIodTjlMW8QC27LakOjiYf2n6sR7KPTv1Vnd7Uxq6okQsR0OkJ +aFXRyoV9aTEDQocw+Fw0WVclQOoxWQJBAIUaoWUTGOs83kH/E3bZVmmc8iDU1+AF +NbbFidolBUWy+v143JuGEriRc1y/b4o5EjuyoCtFJ/v6bxIkdvXtkYECQQCxcBgn +ohgcWmple2sTMOEoWu2IvqmLwexvmVf1Z6R8Nhc2ayQTNwe0nCVaTtOY1NanQP/T +U/uo7ISsA/8luXu2 +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/openssl.cnf b/lib/hx509/data/openssl.cnf index 7fe3b649dbf7..a6054009d955 100644 --- a/lib/hx509/data/openssl.cnf +++ b/lib/hx509/data/openssl.cnf @@ -1,6 +1,6 @@ oid_section = new_oids -[ new_oids ] +[new_oids] pkkdcekuoid = 1.3.6.1.5.2.3.5 [ca] @@ -13,6 +13,7 @@ serial = serial x509_extensions = usr_cert default_md=sha1 policy = policy_match +email_in_dn = no certs = . [ocsp] @@ -21,6 +22,7 @@ serial = serial x509_extensions = ocsp_cert default_md=sha1 policy = policy_match +email_in_dn = no certs = . [usr_ke] @@ -29,6 +31,7 @@ serial = serial x509_extensions = usr_cert_ke default_md=sha1 policy = policy_match +email_in_dn = no certs = . [usr_ds] @@ -37,6 +40,7 @@ serial = serial x509_extensions = usr_cert_ds default_md=sha1 policy = policy_match +email_in_dn = no certs = . [pkinit_client] @@ -45,6 +49,7 @@ serial = serial x509_extensions = pkinit_client_cert default_md=sha1 policy = policy_match +email_in_dn = no certs = . [pkinit_kdc] @@ -53,6 +58,7 @@ serial = serial x509_extensions = pkinit_kdc_cert default_md=sha1 policy = policy_match +email_in_dn = no certs = . [https] @@ -61,6 +67,7 @@ serial = serial x509_extensions = https_cert default_md=sha1 policy = policy_match +email_in_dn = no certs = . [subca] @@ -69,62 +76,63 @@ serial = serial x509_extensions = v3_ca default_md=sha1 policy = policy_match +email_in_dn = no certs = . -[ req ] +[req] distinguished_name = req_distinguished_name x509_extensions = v3_ca # The extentions to add to the self signed cert string_mask = utf8only -[ v3_ca ] +[v3_ca] subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always basicConstraints = CA:true keyUsage = cRLSign, keyCertSign, keyEncipherment, nonRepudiation, digitalSignature -[ usr_cert ] +[usr_cert] basicConstraints=CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment subjectKeyIdentifier = hash -[ usr_cert_ke ] +[usr_cert_ke] basicConstraints=CA:FALSE keyUsage = nonRepudiation, keyEncipherment subjectKeyIdentifier = hash -[ proxy_cert ] +[proxy_cert] basicConstraints=CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment subjectKeyIdentifier = hash proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:0,policy:text:foo -[pkinitc_princ_name] -realm = EXP:0, GeneralString:TEST.H5L.SE -principal_name = EXP:1, SEQUENCE:pkinitc_principal_seq +[pkinitc_principals] +princ1 = GeneralString:bar -[ pkinit_client_cert ] +[pkinitc_principal_seq] +name_type = EXP:0,INTEGER:1 +name_string = EXP:1,SEQUENCE:pkinitc_principals + +[pkinitc_princ_name] +realm = EXP:0,GeneralString:TEST.H5L.SE +principal_name = EXP:1,SEQUENCE:pkinitc_principal_seq + +[pkinit_client_cert] basicConstraints=CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment subjectKeyIdentifier = hash subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:pkinitc_princ_name -[pkinitc_principal_seq] -name_type = EXP:0, INTEGER:1 -name_string = EXP:1, SEQUENCE:pkinitc_principals - -[pkinitc_principals] -princ1 = GeneralString:bar - -[ https_cert ] +[https_cert] basicConstraints=CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment #extendedKeyUsage = https-server XXX subjectKeyIdentifier = hash -[ pkinit_kdc_cert ] +[pkinit_kdc_cert] basicConstraints=CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment extendedKeyUsage = pkkdcekuoid @@ -132,36 +140,36 @@ subjectKeyIdentifier = hash subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:pkinitkdc_princ_name [pkinitkdc_princ_name] -realm = EXP:0, GeneralString:TEST.H5L.SE -principal_name = EXP:1, SEQUENCE:pkinitkdc_principal_seq +realm = EXP:0,GeneralString:TEST.H5L.SE +principal_name = EXP:1,SEQUENCE:pkinitkdc_principal_seq [pkinitkdc_principal_seq] -name_type = EXP:0, INTEGER:1 -name_string = EXP:1, SEQUENCE:pkinitkdc_principals +name_type = EXP:0,INTEGER:1 +name_string = EXP:1,SEQUENCE:pkinitkdc_principals [pkinitkdc_principals] princ1 = GeneralString:krbtgt princ2 = GeneralString:TEST.H5L.SE -[ proxy10_cert ] +[proxy10_cert] basicConstraints=CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment subjectKeyIdentifier = hash proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:10,policy:text:foo -[ usr_cert_ds ] +[usr_cert_ds] basicConstraints=CA:FALSE keyUsage = nonRepudiation, digitalSignature subjectKeyIdentifier = hash -[ ocsp_cert ] +[ocsp_cert] basicConstraints=CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment # ocsp-nocheck and kp-OCSPSigning extendedKeyUsage = 1.3.6.1.5.5.7.48.1.5, 1.3.6.1.5.5.7.3.9 subjectKeyIdentifier = hash -[ req_distinguished_name ] +[req_distinguished_name] countryName = Country Name (2 letter code) countryName_default = SE countryName_min = 2 @@ -172,11 +180,11 @@ organizationalName = Organizational Unit Name (eg, section) commonName = Common Name (eg, YOUR name) commonName_max = 64 -#[ req_attributes ] +#[req_attributes] #challengePassword = A challenge password #challengePassword_min = 4 #challengePassword_max = 20 -[ policy_match ] +[policy_match] countryName = match commonName = supplied diff --git a/lib/hx509/data/pkinit-ec.crt b/lib/hx509/data/pkinit-ec.crt new file mode 100644 index 000000000000..4e8300d0c05f --- /dev/null +++ b/lib/hx509/data/pkinit-ec.crt @@ -0,0 +1,51 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 7 (0x7) + Signature Algorithm: sha1WithRSAEncryption + Issuer: CN=hx509 Test Root CA, C=SE + Validity + Not Before: Apr 26 20:29:40 2009 GMT + Not After : Apr 24 20:29:40 2019 GMT + Subject: C=SE, CN=pkinit-ec + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (256 bit) + pub: + 04:df:d7:32:eb:d6:71:78:19:5d:4f:59:6a:85:12: + 20:2f:97:61:aa:e8:6e:71:ac:b7:de:42:82:2a:8b: + 8b:33:86:d3:fc:4e:a5:49:9a:ca:19:6b:1b:ab:3d: + fd:4d:c5:7a:f4:a0:10:b2:a0:8c:05:3a:d7:55:e5: + c9:f5:89:67:07 + ASN1 OID: prime256v1 + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Key Usage: + Digital Signature, Non Repudiation, Key Encipherment + X509v3 Subject Key Identifier: + BB:8C:16:71:C8:21:FB:21:0F:81:11:A1:BB:43:12:C8:EF:C8:DA:64 + X509v3 Subject Alternative Name: + othername: + Signature Algorithm: sha1WithRSAEncryption + 08:6e:66:b5:58:e0:e3:fb:15:04:11:89:f0:73:a0:d1:17:c4: + b8:7e:dd:ce:34:fb:7b:ab:ae:bb:af:6f:4d:47:1f:02:f8:e7: + 7c:c9:33:37:7e:7c:2c:2a:4a:26:38:e1:e5:a9:dd:7c:e1:f8: + 5a:2c:c7:6f:26:aa:f2:b0:7f:d4:85:0a:33:b7:ec:df:93:fe: + e4:04:a0:3e:e2:65:ac:1a:f4:b0:50:d6:cf:9e:bb:ce:90:ca: + 34:7a:13:f5:6f:30:bd:ec:af:c5:b9:dd:fa:bc:37:b8:34:6e: + bb:12:5e:aa:d2:bf:91:64:d8:fe:c0:fb:9a:b0:10:ba:95:02: + be:9b +-----BEGIN CERTIFICATE----- +MIIB7TCCAVagAwIBAgIBBzANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw +OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA5MDQyNjIwMjk0MFoXDTE5 +MDQyNDIwMjk0MFowITELMAkGA1UEBhMCU0UxEjAQBgNVBAMMCXBraW5pdC1lYzBZ +MBMGByqGSM49AgEGCCqGSM49AwEHA0IABN/XMuvWcXgZXU9ZaoUSIC+XYarobnGs +t95CgiqLizOG0/xOpUmayhlrG6s9/U3FevSgELKgjAU611XlyfWJZwejczBxMAkG +A1UdEwQCMAAwCwYDVR0PBAQDAgXgMB0GA1UdDgQWBBS7jBZxyCH7IQ+BEaG7QxLI +78jaZDA4BgNVHREEMTAvoC0GBisGAQUCAqAjMCGgDRsLVEVTVC5INUwuU0WhEDAO +oAMCAQGhBzAFGwNiYXIwDQYJKoZIhvcNAQEFBQADgYEACG5mtVjg4/sVBBGJ8HOg +0RfEuH7dzjT7e6uuu69vTUcfAvjnfMkzN358LCpKJjjh5andfOH4WizHbyaq8rB/ +1IUKM7fs35P+5ASgPuJlrBr0sFDWz567zpDKNHoT9W8wveyvxbnd+rw3uDRuuxJe +qtK/kWTY/sD7mrAQupUCvps= +-----END CERTIFICATE----- diff --git a/lib/hx509/data/pkinit-ec.key b/lib/hx509/data/pkinit-ec.key new file mode 100644 index 000000000000..874b8a53e770 --- /dev/null +++ b/lib/hx509/data/pkinit-ec.key @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgL/JpadcZH3wtaXm9 +hbeKhG4YsKoN/WffC88YldqhFYChRANCAATf1zLr1nF4GV1PWWqFEiAvl2Gq6G5x +rLfeQoIqi4szhtP8TqVJmsoZaxurPf1NxXr0oBCyoIwFOtdV5cn1iWcH +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/pkinit-proxy-chain.crt b/lib/hx509/data/pkinit-proxy-chain.crt index 7349a6241762..2d2553fdae74 100644 --- a/lib/hx509/data/pkinit-proxy-chain.crt +++ b/lib/hx509/data/pkinit-proxy-chain.crt @@ -1,16 +1,16 @@ -----BEGIN CERTIFICATE----- -MIICMTCCAZqgAwIBAgIJAJWfAgX+rDGvMA0GCSqGSIb3DQEBBQUAMB4xCzAJBgNV -BAYTAlNFMQ8wDQYDVQQDDAZwa2luaXQwHhcNMDcxMTE1MDY1ODU3WhcNMTcxMTEy -MDY1ODU3WjA1MQswCQYDVQQGEwJTRTEPMA0GA1UEAwwGcGtpbml0MRUwEwYDVQQD -DAxwa2luaXQtcHJveHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJk+5riF -ML9djk75CGm9WUN37N+EKXZvLS1/jLsQbxOWPnfZ/bHPpnI2I4EEavSQUgrlbpLf -5IZsxlAFtokSROpef1MQ3oyJFom8c1Ut37zEJL13m4pjUZjr8Ky+OUsWNVieRIXU -eHw2+Ny8a5y3XOygCJWDzaCTcm+nvfTmVsr9AgMBAAGjYDBeMAkGA1UdEwQCMAAw -CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBQRgztmDHmF1DecOPint9iafFNckDAlBggr +MIICMTCCAZqgAwIBAgIJAOFd/6I9Oly5MA0GCSqGSIb3DQEBBQUAMB4xCzAJBgNV +BAYTAlNFMQ8wDQYDVQQDDAZwa2luaXQwHhcNMDkwNDI2MjAyOTQwWhcNMTkwNDI0 +MjAyOTQwWjA1MQswCQYDVQQGEwJTRTEPMA0GA1UEAwwGcGtpbml0MRUwEwYDVQQD +DAxwa2luaXQtcHJveHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANKxpMj4 +is1Zy+3RQfaZyhIbPkK+1237l10YqJmh5vB4WF+VriouCw8bXK/Q84rnGlr48fYa +3qquiuT7TzUyBJ/vGMhuBosnO4zI3usM7wcp9zfmykesP/5ef1HRe8Lv2F1HZkLc +6N4jo5lIGtnlnXe4qJjbjTPsY4x0PVl5QV0DAgMBAAGjYDBeMAkGA1UdEwQCMAAw +CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBStm+lnDlopIzCh6tdbGhDyHDDdlzAlBggr BgEFBQcBDgEB/wQWMBQCAQAwDwYIKwYBBQUHFQAEA2ZvbzANBgkqhkiG9w0BAQUF -AAOBgQCYm9bHTRfvEpjnKXQz9t8Uh9L+prU2+BMDClnDHsBE/Pb1vH40rOIT2sV8 -KQnjo+TVlvHXDxUy/HMY5O/5umLbzP4xr6mWwP5B2K5y566WHThz2ltcRgcmbRrn -eOzN87+Gt1XqrTIlFftvxGX9U0PxyxFTASAOiv0hFvZN5GxYzQ== +AAOBgQB/udiUzrV5n+klF473NEMaajNvxC/u4/60vHXt6U42U4zHWWRuWTMDkPA/ +6LorSPIk+ZvWLAFHVR2EdeVFZzxbsb9IAsM+giZxv7bYfloBZHhbzc3r8IDSZa1H +totfxDb/wZrFAbNiuuAdmKuRGxwGYE4ykw3ebLSuoRYPI2Szxw== -----END CERTIFICATE----- Certificate: Data: @@ -19,22 +19,22 @@ Certificate: Signature Algorithm: sha1WithRSAEncryption Issuer: CN=hx509 Test Root CA, C=SE Validity - Not Before: Nov 15 06:58:57 2007 GMT - Not After : Nov 12 06:58:57 2017 GMT + Not Before: Apr 26 20:29:40 2009 GMT + Not After : Apr 24 20:29:40 2019 GMT Subject: C=SE, CN=pkinit Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:a3:44:b1:8a:42:9d:d0:3f:30:de:e8:66:42:c1: - f1:c9:98:8f:d2:bd:eb:59:67:3d:5e:0e:35:ca:3b: - b8:91:b0:fc:e5:22:3a:2d:62:81:56:bb:51:77:60: - ac:83:43:75:87:ce:f1:f6:bd:ab:f2:07:c5:8d:d5: - b8:56:9e:8e:45:93:bd:c6:ac:5d:20:3e:cb:14:e8: - 10:07:b9:5e:07:ac:56:13:48:1b:84:c7:30:62:f4: - e4:19:67:b5:1b:3a:ac:af:0b:92:e2:00:90:2f:81: - 75:b6:63:3f:43:a5:e9:76:ee:33:75:74:b2:76:5d: - a5:76:f2:f9:30:68:ec:e8:47 + Public-Key: (1024 bit) + Modulus: + 00:b2:47:42:dc:46:f8:94:e3:66:2b:f9:26:14:56: + 41:68:e1:7a:04:cd:55:45:ae:e0:a8:48:80:33:58: + fc:86:4f:e8:67:62:89:f7:d4:ba:d1:bb:9a:6a:83: + 1b:4e:01:b5:7c:9e:b2:d2:bf:84:21:98:58:1d:b6: + 4d:fa:af:f2:e5:e8:d4:d6:78:a3:06:da:69:15:09: + d8:fa:07:09:97:cf:1a:3b:2c:69:b2:58:a2:0b:48: + 4e:37:11:2c:f5:7a:8f:50:e4:40:14:29:28:30:ac: + 0b:b5:0a:1e:60:b4:9a:d4:8d:bc:38:c9:2f:a9:d1: + 35:e7:c9:d4:18:66:1c:15:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -42,29 +42,29 @@ Certificate: X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment X509v3 Subject Key Identifier: - 66:BB:EC:4F:F0:52:7E:D1:F4:F4:F9:CD:E9:B6:C7:C4:FC:2A:2F:4F + E8:3F:1A:8B:C2:8A:9C:F9:B4:4F:95:D9:55:29:0C:A5:0B:0E:13:C6 X509v3 Subject Alternative Name: othername: Signature Algorithm: sha1WithRSAEncryption - 1f:bd:87:72:d7:85:93:f9:96:97:6f:25:2f:89:1f:09:64:ff: - da:44:92:d0:59:6e:4f:cf:29:d7:5a:78:64:40:1c:3d:a5:80: - e9:b9:92:85:44:2e:25:ab:5c:8d:35:4b:5b:47:c6:79:61:cf: - b9:75:55:0b:20:6a:ad:ec:f5:0f:47:1e:e7:72:b0:b6:61:0f: - d6:84:e3:e4:29:05:4d:d1:7c:7b:a6:7b:6f:b2:af:9a:6b:dd: - 81:ae:5d:c1:7b:74:11:86:18:2e:38:eb:ed:33:03:f6:05:4b: - ec:d7:7d:53:6c:71:01:86:fb:fb:63:dd:5b:cb:10:85:96:f2: - 43:43 + b5:ab:c2:d5:f8:30:fc:bb:b3:53:c2:42:a0:f1:4d:a0:5c:92: + 1a:c7:dc:01:df:42:6a:d2:c8:79:18:ae:a7:09:8e:ea:1c:97: + 80:93:b1:e3:23:4d:ca:15:f5:f8:c2:d0:38:5d:0d:76:7b:41: + 47:f1:a4:77:26:86:2c:69:2a:5c:86:32:00:09:da:04:3c:d6: + 30:9d:a3:0a:e2:b1:a6:36:2f:ff:3c:80:d6:e7:2a:8b:49:dd: + d8:24:98:7a:15:0a:29:f0:4b:30:ae:73:b5:af:70:7a:3a:b0: + 40:27:a7:4e:74:8c:46:1e:2f:bb:cc:57:63:30:bf:b1:38:81: + 10:bd -----BEGIN CERTIFICATE----- MIICMTCCAZqgAwIBAgIBBjANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1N1oXDTE3 -MTExMjA2NTg1N1owHjELMAkGA1UEBhMCU0UxDzANBgNVBAMMBnBraW5pdDCBnzAN -BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo0SxikKd0D8w3uhmQsHxyZiP0r3rWWc9 -Xg41yju4kbD85SI6LWKBVrtRd2Csg0N1h87x9r2r8gfFjdW4Vp6ORZO9xqxdID7L -FOgQB7leB6xWE0gbhMcwYvTkGWe1GzqsrwuS4gCQL4F1tmM/Q6Xpdu4zdXSydl2l -dvL5MGjs6EcCAwEAAaNzMHEwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYDVR0O -BBYEFGa77E/wUn7R9PT5zem2x8T8Ki9PMDgGA1UdEQQxMC+gLQYGKwYBBQICoCMw +OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA5MDQyNjIwMjk0MFoXDTE5 +MDQyNDIwMjk0MFowHjELMAkGA1UEBhMCU0UxDzANBgNVBAMMBnBraW5pdDCBnzAN +BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskdC3Eb4lONmK/kmFFZBaOF6BM1VRa7g +qEiAM1j8hk/oZ2KJ99S60buaaoMbTgG1fJ6y0r+EIZhYHbZN+q/y5ejU1nijBtpp +FQnY+gcJl88aOyxpsliiC0hONxEs9XqPUORAFCkoMKwLtQoeYLSa1I28OMkvqdE1 +58nUGGYcFS0CAwEAAaNzMHEwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYDVR0O +BBYEFOg/GovCipz5tE+V2VUpDKULDhPGMDgGA1UdEQQxMC+gLQYGKwYBBQICoCMw IaANGwtURVNULkg1TC5TRaEQMA6gAwIBAaEHMAUbA2JhcjANBgkqhkiG9w0BAQUF -AAOBgQAfvYdy14WT+ZaXbyUviR8JZP/aRJLQWW5PzynXWnhkQBw9pYDpuZKFRC4l -q1yNNUtbR8Z5Yc+5dVULIGqt7PUPRx7ncrC2YQ/WhOPkKQVN0Xx7pntvsq+aa92B -rl3Be3QRhhguOOvtMwP2BUvs131TbHEBhvv7Y91byxCFlvJDQw== +AAOBgQC1q8LV+DD8u7NTwkKg8U2gXJIax9wB30Jq0sh5GK6nCY7qHJeAk7HjI03K +FfX4wtA4XQ12e0FH8aR3JoYsaSpchjIACdoEPNYwnaMK4rGmNi//PIDW5yqLSd3Y +JJh6FQop8EswrnO1r3B6OrBAJ6dOdIxGHi+7zFdjML+xOIEQvQ== -----END CERTIFICATE----- diff --git a/lib/hx509/data/pkinit-proxy.crt b/lib/hx509/data/pkinit-proxy.crt index 3867a892f871..28da269f4bac 100644 --- a/lib/hx509/data/pkinit-proxy.crt +++ b/lib/hx509/data/pkinit-proxy.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- -MIICMTCCAZqgAwIBAgIJAJWfAgX+rDGvMA0GCSqGSIb3DQEBBQUAMB4xCzAJBgNV -BAYTAlNFMQ8wDQYDVQQDDAZwa2luaXQwHhcNMDcxMTE1MDY1ODU3WhcNMTcxMTEy -MDY1ODU3WjA1MQswCQYDVQQGEwJTRTEPMA0GA1UEAwwGcGtpbml0MRUwEwYDVQQD -DAxwa2luaXQtcHJveHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJk+5riF -ML9djk75CGm9WUN37N+EKXZvLS1/jLsQbxOWPnfZ/bHPpnI2I4EEavSQUgrlbpLf -5IZsxlAFtokSROpef1MQ3oyJFom8c1Ut37zEJL13m4pjUZjr8Ky+OUsWNVieRIXU -eHw2+Ny8a5y3XOygCJWDzaCTcm+nvfTmVsr9AgMBAAGjYDBeMAkGA1UdEwQCMAAw -CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBQRgztmDHmF1DecOPint9iafFNckDAlBggr +MIICMTCCAZqgAwIBAgIJAOFd/6I9Oly5MA0GCSqGSIb3DQEBBQUAMB4xCzAJBgNV +BAYTAlNFMQ8wDQYDVQQDDAZwa2luaXQwHhcNMDkwNDI2MjAyOTQwWhcNMTkwNDI0 +MjAyOTQwWjA1MQswCQYDVQQGEwJTRTEPMA0GA1UEAwwGcGtpbml0MRUwEwYDVQQD +DAxwa2luaXQtcHJveHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANKxpMj4 +is1Zy+3RQfaZyhIbPkK+1237l10YqJmh5vB4WF+VriouCw8bXK/Q84rnGlr48fYa +3qquiuT7TzUyBJ/vGMhuBosnO4zI3usM7wcp9zfmykesP/5ef1HRe8Lv2F1HZkLc +6N4jo5lIGtnlnXe4qJjbjTPsY4x0PVl5QV0DAgMBAAGjYDBeMAkGA1UdEwQCMAAw +CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBStm+lnDlopIzCh6tdbGhDyHDDdlzAlBggr BgEFBQcBDgEB/wQWMBQCAQAwDwYIKwYBBQUHFQAEA2ZvbzANBgkqhkiG9w0BAQUF -AAOBgQCYm9bHTRfvEpjnKXQz9t8Uh9L+prU2+BMDClnDHsBE/Pb1vH40rOIT2sV8 -KQnjo+TVlvHXDxUy/HMY5O/5umLbzP4xr6mWwP5B2K5y566WHThz2ltcRgcmbRrn -eOzN87+Gt1XqrTIlFftvxGX9U0PxyxFTASAOiv0hFvZN5GxYzQ== +AAOBgQB/udiUzrV5n+klF473NEMaajNvxC/u4/60vHXt6U42U4zHWWRuWTMDkPA/ +6LorSPIk+ZvWLAFHVR2EdeVFZzxbsb9IAsM+giZxv7bYfloBZHhbzc3r8IDSZa1H +totfxDb/wZrFAbNiuuAdmKuRGxwGYE4ykw3ebLSuoRYPI2Szxw== -----END CERTIFICATE----- diff --git a/lib/hx509/data/pkinit-proxy.key b/lib/hx509/data/pkinit-proxy.key index d04b0091e777..9bb546fcdd81 100644 --- a/lib/hx509/data/pkinit-proxy.key +++ b/lib/hx509/data/pkinit-proxy.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCZPua4hTC/XY5O+QhpvVlDd+zfhCl2by0tf4y7EG8Tlj532f2x -z6ZyNiOBBGr0kFIK5W6S3+SGbMZQBbaJEkTqXn9TEN6MiRaJvHNVLd+8xCS9d5uK -Y1GY6/CsvjlLFjVYnkSF1Hh8NvjcvGuct1zsoAiVg82gk3Jvp7305lbK/QIDAQAB -AoGAKH4TbuxariYlZT6ud2o9/PLiV0lPv2ivEleiswcrooxPo1GplGNfAszFYuDs -9gRweUqYhhy9ALwbRqfLzLpUFQUBzQ1cZlO23m48GsCPL4XJxlzE9+w/wLWWaqsK -syFax5T//iokYVa07AvFZxWpEUixewirJrhNyUafdKk8W8ECQQDKpH/pvljO6e9J -jC65aTYPzMXAUp54DMWu1+FXUyELxGp+GjAwwhESpSLEaAnZH97H6ZtTiJku3Z0n -pMsrH7WtAkEAwZi2sV8I/MjFPpti/zf6OHEJo89/SgTYIHmL6pE3tuNWhw/9Dorc -N45cMGAiGep2HQdfZFGD0OekzLGeGBj0kQJAPFdNi5HVqg945IKsqyNMKNpGDGXN -sFvFRbIc9L7ZOULMny43KV2wbcfkmW2NeS0HTqoeSXqEerMdB+AHa5jupQJADALP -gt2kjxpdsm6ti6wLaCkLMhCTkyINzqX72ke8LyqXmbWSO669zuyUJ6QvOXBkd5SX -hH/SL8nPXau/ZTtXIQJBAICcJBlgxhrUn5C12wwuQw/BZi6qK9KdVcWTapnhE7eQ -Z6k/Pbi53/aI2g1EXq7G3RrQvAhV43AW5foJWqijDdA= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANKxpMj4is1Zy+3R +QfaZyhIbPkK+1237l10YqJmh5vB4WF+VriouCw8bXK/Q84rnGlr48fYa3qquiuT7 +TzUyBJ/vGMhuBosnO4zI3usM7wcp9zfmykesP/5ef1HRe8Lv2F1HZkLc6N4jo5lI +GtnlnXe4qJjbjTPsY4x0PVl5QV0DAgMBAAECgYEAo99RWJKferqV92GjmYbh+RVB +Zq6CZmOhxeHw+JVJRs2Dhsynit0G8vgILiMp2WaIRCuOHiml+EELfK/OWoSNvOGy +q0ss+mu0Jm3d9bQUYE7O6fBbFtY9zYIYOVWP4YCIyA0su48W3Fk+wQeNewKj396Q +7tx4aBn5f8DARkZrVRECQQDxX81pSf8VTnNQNhvp76YhANGtBhiJ8OtADCNUoJT+ +sKAPa8HiBTHL2alkBbi/b4whOzePCJSjHTinkEBE+iuJAkEA33XtpR3ACDCtrvAo +WNdE7zt4yV4tByzmQCK3u3ZxSJOPKinR55tUjZynqghZmpS+XSE5rRwmsx75ZwkP +oNdlKwJBALcPmZJI9JUMMpia8QCzKKPPIza+cM3tUf35NrJwN5ASFNKdPyZUGjgo +lDevvzYxO23Yo4JvV4t+FgG/fX7S3UECQFh1/tXWqSaU3qzaNZ612Xw7Nt3AgmLM +y3moRMPZZ48rmwk99PKS8y38TgNpus8PAy0q8gItmsReBq1bUOyDWHECQDQOIlRO +k1OWBLD4PLYaxB1c5F59tfCV+cRlm/sYTnDjdDWWu8D2Qhjhz367iLLMJvV2Klyu +7FwUNyfKI6Tk3oY= +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/pkinit-pw.key b/lib/hx509/data/pkinit-pw.key index 563ccf112094..a0c4adaa04ea 100644 --- a/lib/hx509/data/pkinit-pw.key +++ b/lib/hx509/data/pkinit-pw.key @@ -1,18 +1,18 @@ -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED -DEK-Info: AES-256-CBC,1698161265C4033B32CEB819B5D78953 +DEK-Info: AES-256-CBC,28C20887B231CD5238D14EE2237F6440 -vQnkfeICkS2/gIEv1zrJ+WaUOeRvKfUUFM6uH4/xm5Abp4DqGlkCvwb4u9dZuRUj -arlvgRc0e0CoBuQ/3gmBDlmQp+4ByiypERku8MAxsUV6LEmv2f1YfhecQSntDoJH -fNOXna8caCy4W1xhmsYgWYSVS98QkNXdLjBjLJ4/MrwzdR2SMqAzyg6eNwhWAMe1 -aUh/M9JYB04sfRUtqD67oeyBfHVhDd9kByXuRYWyNE0SW5wlmVehhnEb/YHREKHr -yOa3eRGtA4MHi7NXww4NBzOG10N9Ajq55ouMKnejFroCpevC332ijBzjTI+fo4SX -hegNDXzAIqRueGZlmBzHjkTzA8tEPM1dsbviJ5BYO3iZgWE8J1rIBx51HOZmlREC -3EWflJPhd666BnBepODMBXldkmfcfxhZxuoOrrXer+NZCsXE0z0DOLsNARR/7JvW -Ie81eQijvkur1QJO63SwT0kNm5IMJZr2Ul0QLysvjY2G/nV0bzHb8KsWqNoUPNvJ -lBUGQ2yvpeVRNR9CMm39U/CcnkLOl+z2oLUC86TdodaY6FEBmIBaakZ1rHkANWK4 -HMcN0FgdGbcRLg5PHji84g4tT+SOZa1hWEC4PC7lmRxAZP+o8Pe0tpiJzIbLPTRb -3rvnEEG3IawMIGcoUGcgIUPvHH93EMpDrflVYdXmvapzST3U8xBDzpkXZRof7APG -qAFsEB4psQEDG6KmOJ245aVWN0SBjHTLlIhUTx+m7OYl34MDoyv6Yk12i9PpKQN5 -W++QayfkJzQpV4EsR08UO615+XYCzMhCU3eozH+P39RF58rYnMLv9owjx1wL0z5R +CSjnAI3/grUaoUWonmFVrAJpJr8MAUsJ5i5X/56t/SJNnt64GdRR809rsidRUen1 +Poaru3wgOdMO39Xdx1tj95TL3iXMVOckMK/0CDc6I8e4e65ic5ySvLIP7yj06aq2 +iABYy2VnD8yh8neXCl18/tMmIk/mIHkOeey4rrglk5Qs/vohS8KmknuLfOFUdWz3 +2F/Coax+/Itmco4lPNK7FUvVgzyp1fVnZ1upWOnx/HEcXY0t3yE9Y6fWgu6LtqNr +LWvLogalpFVy7l9yb/EStZJnUoc4R90cdX3hsEkYDqxFM5INAZNgBKNa/qfDKifX +b2+uOg2LZ+yYHdyFCezNL6fr38TSNleTU6kq2xrhRbjVzArnEKo2f+XNsQXfy3ix +s1ibkqJXeWA4gPTFVqxKzeO+Pe05hWjUJmPcqwGQe4hGP5SNdiqWuxtL2Z/natva +u9AyUqap9A963qrp1xZMDqZC7asZEUXAWJSkqkU9iS7a6Vn7G82236/T2OoumNWi +XVsm2iOpdIqcTCMoBtB6TkTFPPKZ6f0APD3nAia6Uy5RrorvyadbqTG3AVlQicD5 +6myM7zEta7qWL5kPVk1JIbcNHN929kEgAKKKx9c1H+DgHDQrPM5bsHS9vAVYq0S4 +gUhA44LuizSKEXw+hHJJueU5IK/rv3auNo9Dtt487syz5PnEzeTsiyBqTx6pu2hF +fZ/HkxqQsY34/4pJBdFdnxHfnDMmEuKHY4vt20d1NVU+EP8+R0F4aCTGUWDfUyM9 +oTXJekFmOBfZn3WUkLXXgz+i7a49g9pzl8gFekQ8Cx9s1rkvToklQS8lzspBZwsU -----END RSA PRIVATE KEY----- diff --git a/lib/hx509/data/pkinit.crt b/lib/hx509/data/pkinit.crt index e8d485e616d5..4dae0868e9cd 100644 --- a/lib/hx509/data/pkinit.crt +++ b/lib/hx509/data/pkinit.crt @@ -5,22 +5,22 @@ Certificate: Signature Algorithm: sha1WithRSAEncryption Issuer: CN=hx509 Test Root CA, C=SE Validity - Not Before: Nov 15 06:58:57 2007 GMT - Not After : Nov 12 06:58:57 2017 GMT + Not Before: Apr 26 20:29:40 2009 GMT + Not After : Apr 24 20:29:40 2019 GMT Subject: C=SE, CN=pkinit Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:a3:44:b1:8a:42:9d:d0:3f:30:de:e8:66:42:c1: - f1:c9:98:8f:d2:bd:eb:59:67:3d:5e:0e:35:ca:3b: - b8:91:b0:fc:e5:22:3a:2d:62:81:56:bb:51:77:60: - ac:83:43:75:87:ce:f1:f6:bd:ab:f2:07:c5:8d:d5: - b8:56:9e:8e:45:93:bd:c6:ac:5d:20:3e:cb:14:e8: - 10:07:b9:5e:07:ac:56:13:48:1b:84:c7:30:62:f4: - e4:19:67:b5:1b:3a:ac:af:0b:92:e2:00:90:2f:81: - 75:b6:63:3f:43:a5:e9:76:ee:33:75:74:b2:76:5d: - a5:76:f2:f9:30:68:ec:e8:47 + Public-Key: (1024 bit) + Modulus: + 00:b2:47:42:dc:46:f8:94:e3:66:2b:f9:26:14:56: + 41:68:e1:7a:04:cd:55:45:ae:e0:a8:48:80:33:58: + fc:86:4f:e8:67:62:89:f7:d4:ba:d1:bb:9a:6a:83: + 1b:4e:01:b5:7c:9e:b2:d2:bf:84:21:98:58:1d:b6: + 4d:fa:af:f2:e5:e8:d4:d6:78:a3:06:da:69:15:09: + d8:fa:07:09:97:cf:1a:3b:2c:69:b2:58:a2:0b:48: + 4e:37:11:2c:f5:7a:8f:50:e4:40:14:29:28:30:ac: + 0b:b5:0a:1e:60:b4:9a:d4:8d:bc:38:c9:2f:a9:d1: + 35:e7:c9:d4:18:66:1c:15:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -28,29 +28,29 @@ Certificate: X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment X509v3 Subject Key Identifier: - 66:BB:EC:4F:F0:52:7E:D1:F4:F4:F9:CD:E9:B6:C7:C4:FC:2A:2F:4F + E8:3F:1A:8B:C2:8A:9C:F9:B4:4F:95:D9:55:29:0C:A5:0B:0E:13:C6 X509v3 Subject Alternative Name: othername: Signature Algorithm: sha1WithRSAEncryption - 1f:bd:87:72:d7:85:93:f9:96:97:6f:25:2f:89:1f:09:64:ff: - da:44:92:d0:59:6e:4f:cf:29:d7:5a:78:64:40:1c:3d:a5:80: - e9:b9:92:85:44:2e:25:ab:5c:8d:35:4b:5b:47:c6:79:61:cf: - b9:75:55:0b:20:6a:ad:ec:f5:0f:47:1e:e7:72:b0:b6:61:0f: - d6:84:e3:e4:29:05:4d:d1:7c:7b:a6:7b:6f:b2:af:9a:6b:dd: - 81:ae:5d:c1:7b:74:11:86:18:2e:38:eb:ed:33:03:f6:05:4b: - ec:d7:7d:53:6c:71:01:86:fb:fb:63:dd:5b:cb:10:85:96:f2: - 43:43 + b5:ab:c2:d5:f8:30:fc:bb:b3:53:c2:42:a0:f1:4d:a0:5c:92: + 1a:c7:dc:01:df:42:6a:d2:c8:79:18:ae:a7:09:8e:ea:1c:97: + 80:93:b1:e3:23:4d:ca:15:f5:f8:c2:d0:38:5d:0d:76:7b:41: + 47:f1:a4:77:26:86:2c:69:2a:5c:86:32:00:09:da:04:3c:d6: + 30:9d:a3:0a:e2:b1:a6:36:2f:ff:3c:80:d6:e7:2a:8b:49:dd: + d8:24:98:7a:15:0a:29:f0:4b:30:ae:73:b5:af:70:7a:3a:b0: + 40:27:a7:4e:74:8c:46:1e:2f:bb:cc:57:63:30:bf:b1:38:81: + 10:bd -----BEGIN CERTIFICATE----- MIICMTCCAZqgAwIBAgIBBjANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1N1oXDTE3 -MTExMjA2NTg1N1owHjELMAkGA1UEBhMCU0UxDzANBgNVBAMMBnBraW5pdDCBnzAN -BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo0SxikKd0D8w3uhmQsHxyZiP0r3rWWc9 -Xg41yju4kbD85SI6LWKBVrtRd2Csg0N1h87x9r2r8gfFjdW4Vp6ORZO9xqxdID7L -FOgQB7leB6xWE0gbhMcwYvTkGWe1GzqsrwuS4gCQL4F1tmM/Q6Xpdu4zdXSydl2l -dvL5MGjs6EcCAwEAAaNzMHEwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYDVR0O -BBYEFGa77E/wUn7R9PT5zem2x8T8Ki9PMDgGA1UdEQQxMC+gLQYGKwYBBQICoCMw +OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA5MDQyNjIwMjk0MFoXDTE5 +MDQyNDIwMjk0MFowHjELMAkGA1UEBhMCU0UxDzANBgNVBAMMBnBraW5pdDCBnzAN +BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskdC3Eb4lONmK/kmFFZBaOF6BM1VRa7g +qEiAM1j8hk/oZ2KJ99S60buaaoMbTgG1fJ6y0r+EIZhYHbZN+q/y5ejU1nijBtpp +FQnY+gcJl88aOyxpsliiC0hONxEs9XqPUORAFCkoMKwLtQoeYLSa1I28OMkvqdE1 +58nUGGYcFS0CAwEAAaNzMHEwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYDVR0O +BBYEFOg/GovCipz5tE+V2VUpDKULDhPGMDgGA1UdEQQxMC+gLQYGKwYBBQICoCMw IaANGwtURVNULkg1TC5TRaEQMA6gAwIBAaEHMAUbA2JhcjANBgkqhkiG9w0BAQUF -AAOBgQAfvYdy14WT+ZaXbyUviR8JZP/aRJLQWW5PzynXWnhkQBw9pYDpuZKFRC4l -q1yNNUtbR8Z5Yc+5dVULIGqt7PUPRx7ncrC2YQ/WhOPkKQVN0Xx7pntvsq+aa92B -rl3Be3QRhhguOOvtMwP2BUvs131TbHEBhvv7Y91byxCFlvJDQw== +AAOBgQC1q8LV+DD8u7NTwkKg8U2gXJIax9wB30Jq0sh5GK6nCY7qHJeAk7HjI03K +FfX4wtA4XQ12e0FH8aR3JoYsaSpchjIACdoEPNYwnaMK4rGmNi//PIDW5yqLSd3Y +JJh6FQop8EswrnO1r3B6OrBAJ6dOdIxGHi+7zFdjML+xOIEQvQ== -----END CERTIFICATE----- diff --git a/lib/hx509/data/pkinit.key b/lib/hx509/data/pkinit.key index 12b41689a2dd..63b4476ca396 100644 --- a/lib/hx509/data/pkinit.key +++ b/lib/hx509/data/pkinit.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCjRLGKQp3QPzDe6GZCwfHJmI/SvetZZz1eDjXKO7iRsPzlIjot -YoFWu1F3YKyDQ3WHzvH2vavyB8WN1bhWno5Fk73GrF0gPssU6BAHuV4HrFYTSBuE -xzBi9OQZZ7UbOqyvC5LiAJAvgXW2Yz9Dpel27jN1dLJ2XaV28vkwaOzoRwIDAQAB -AoGAQTAxTwnwJvDEG4xhIDB90MdITZWk/YpaF07HLVsRA6LOJtK2td5J1A5wpaCE -4NgzeikntSPgHn/54fq+Yl9mYEAM1Uv6SimudiKe3Qk0M+bS4m/SMMlmV0eFjEh6 -ZG4NNRZmmzoaQbUiVa27fZ6362xtFGbGXJ8BjxOoTeaRn6kCQQDUwJafoKPN2dsq -ewSCjGQhVGezw12ho2eaxj7VyNWU7V4LW2LdLClbXovSnpQ7bgHEopx1e97G2du7 -1ak3BxejAkEAxHUCpbFSbBBoIdnt+VGS/8hCWl8/6YniOFOk9Qp22moaNVVZYyTT -Xpu45FeDKfm/xDwvPP9If0PDoM38tBvHDQJBAMTcmAOI/0lhRv1d62RpR9XXZkXe -huskap+6xTXIqmkt4xGbNDX3wST8rWDsv7jmJ9itpxzGy/Mwb7S1FekHNQUCQDDw -jTZFlCjDdY1pQrUnMx1w/8aPj9ZXuPkbLS616qHCaMD8gAYIuHcLB+YqPsyIINN7 -wrDJT4AUm3lFlzwu50kCQELkMFUM6rb9q/cOUQxsf023nPbObm3xJ0X4FtVhXuGi -oUAOklX1xDLSqvWySOrTXfvfF4c3qCw9DAoDtKpbCgk= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALJHQtxG+JTjZiv5 +JhRWQWjhegTNVUWu4KhIgDNY/IZP6GdiiffUutG7mmqDG04BtXyestK/hCGYWB22 +Tfqv8uXo1NZ4owbaaRUJ2PoHCZfPGjssabJYogtITjcRLPV6j1DkQBQpKDCsC7UK +HmC0mtSNvDjJL6nRNefJ1BhmHBUtAgMBAAECgYBKqzAkxJDvA0NS3ZqGYA4rWGzb +wAicE//CXANd/kJeGu/TBWGV7IKGv5WQUPNJu8uAs5NgU5iK3ZzibO3CNpl74KZq +JALQXVbLmOVNpiL8V4dfWxwPBFFzjcrUi0OEVrM0srXghDBRfuNtaf93IXoW32W3 +4S8KgFfV/bDAWv5VfQJBAOS6bQBtcEGSUPILJzwPvvFNF5OvX/R98PrHjX01aSPW +j0B1WMi7sceRDdyE/dV4gGwW7mEftLAogg8HSftaa5MCQQDHiO5/R3aktb3pl7ms +PVZ1xwgF9sPVdiq0p1RhbT3YijktSRVuf7YCb6nqhmC6Il88D9LJg7XTzHkpNUx5 +j3Q/AkEA4cTGbQKZKJA1SAUMUDO2pNYUrJkSHPHnWJJ6rZl304Eo21Y5McJbBALA +7Od06i5MjOTBnaq/HpaNcioes3UX8wJADQpC4+iMtWj3N1vmE36StvHB8XnWBI5L +bjD9T7yu7Qbjg7UiBG2uPGyFw0Dy81cpuCgkk2zbJjNXu7yy+cLJSwJAQ6ZxX3ri +E8Kvc07rFKfrLw1/37MqIbMhEvuneSrsS7GdTcaTGP4vqM9a6GQmVrg/gzGo8Wpe +geynyqwNsSPReQ== +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/proxy-level-test.crt b/lib/hx509/data/proxy-level-test.crt index 0cab380563d9..f39e59dc26a8 100644 --- a/lib/hx509/data/proxy-level-test.crt +++ b/lib/hx509/data/proxy-level-test.crt @@ -1,15 +1,15 @@ -----BEGIN CERTIFICATE----- -MIICUDCCAbmgAwIBAgIJAKfbLM8p28MgMA0GCSqGSIb3DQEBBQUAMDExCzAJBgNV -BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQxDjAMBgNVBAMMBXByb3h5MB4XDTA3 -MTExNTA2NTg1OVoXDTE3MTExMjA2NTg1OVowQTELMAkGA1UEBhMCU0UxEjAQBgNV +MIICUDCCAbmgAwIBAgIJAP6hx2RbgHvrMA0GCSqGSIb3DQEBBQUAMDExCzAJBgNV +BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQxDjAMBgNVBAMMBXByb3h5MB4XDTA5 +MDQyNjIwMjk0MVoXDTE5MDQyNDIwMjk0MVowQTELMAkGA1UEBhMCU0UxEjAQBgNV BAMMCVRlc3QgY2VydDEOMAwGA1UEAwwFcHJveHkxDjAMBgNVBAMMBWNoaWxkMIGf -MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0hrvRoael03J8Y5gvtDMq0ZGm5ZZM -OGOhTtMnNlCpA/OKEpwMPIxiWr625wFwD7YUupvUZ7qLodf5yTN1wkbpVD2NbAUa -klBRKHZm+UCJ8L6X4MgahNy+Y1uj6m14a50B9GtCi+RspP7p9pNKx9hnA8+dRs6Q -9oZgim2zMwvVBQIDAQABo2AwXjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNV -HQ4EFgQUQGqZ5v4NSB5Iwo17DynPRufgbF0wJQYIKwYBBQUHAQ4BAf8EFjAUAgEA -MA8GCCsGAQUFBxUABANmb28wDQYJKoZIhvcNAQEFBQADgYEAxQjN9RrCdZHhGAyS -y3/1EAyWIvmz8wKW0q4kSfNV7DAcUCKmQQ45oCEVnyTEbP8ltdIaHyIK1ujxKQC1 -QLDzjHkBBQGBrCH+gyIdpT9OZu2gT8f2j4u01YwbjLTcU2yEXVkkH18SZiawq2DF -ETkEd/u6TKzhpwFPuZPKUeFexPA= +MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDtyAgFmdic7J7lrcvnVmANvaRVt7Fo +qYXKocxQjhb/bgzBjrFVqiUxnfsetHCMZlPZaklvicSAKZQvu30LBn9IOdNb+jPt +IFmG5V/AZUW/OAxKQxHtbtJgktgqoGbHGrb0ajPDfM44KaJv1KU0GJJ5+bqY4XOE +WOypDs+Z1iedbwIDAQABo2AwXjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNV +HQ4EFgQUMKTcmVatO/m0g9A9Gbsm3aC33a0wJQYIKwYBBQUHAQ4BAf8EFjAUAgEA +MA8GCCsGAQUFBxUABANmb28wDQYJKoZIhvcNAQEFBQADgYEAhN0C8YaE+sdFfTT4 +3UM8iU6Jx9B/2hi6fXAddf2jaXdW4RpatyMYFryX1098s9dLaFbRpy9GcF8MnsxT +XnhQELdmXmJr8wIbxXukM6dzVi5JwY3RY83TR2ZJcRk7Mblb81rHePhstfsd2vcr +AX37v1VJq9L6fJE4K6zayMjbrLM= -----END CERTIFICATE----- diff --git a/lib/hx509/data/proxy-level-test.key b/lib/hx509/data/proxy-level-test.key index c697b1b64992..52ca3805e5c7 100644 --- a/lib/hx509/data/proxy-level-test.key +++ b/lib/hx509/data/proxy-level-test.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQC0hrvRoael03J8Y5gvtDMq0ZGm5ZZMOGOhTtMnNlCpA/OKEpwM -PIxiWr625wFwD7YUupvUZ7qLodf5yTN1wkbpVD2NbAUaklBRKHZm+UCJ8L6X4Mga -hNy+Y1uj6m14a50B9GtCi+RspP7p9pNKx9hnA8+dRs6Q9oZgim2zMwvVBQIDAQAB -AoGBAI7cPM/1ZK1W+rezPSErMn7FH8V61Ij26ukhbvoOAqDuLpFqjrEkTVgcReaK -QtoCpO4ciur5N2f+qOLUNXQQTXpMN+nRxkKxLMhG99Hej+vmzPjMdimEtTJiRfKF -KU4rKUOCPdmu9fMe/kniOKbDmq1FFP+SqCU4hRiZZv0GMdDhAkEA8I6Du8UvTZ8I -04o05s/BlMiErASTZgq27UM6rWl2FNy5Av2suayBW7xJczdGEtbT982KwQmk0Mg9 -Hj5pWi5MDQJBAMAdorBVTMD4iFvfRhN6aSD3PzG/fsEexRuxvx2iBrrMZQ+6mS26 -8myNHPMASAiwt5H2T7Y/dNMB64iod5gFVtkCQDMJ+ddQKg4tDQFdFIZYVDlOJiAd -RGzlHxTOK9f5RU19219QFWK7wCKHm4nvk1WR8R1lpef5NNf7dERDd7Tjl80CQAx6 -oFO15rtuKWVWVnXzcJq8lLVFjBU9S25mGFTzbl554mKoK0UGLLMSY3wBW6x81h+8 -ESd0bcE7EbKZxtLwHdkCQQDYB5HxhlPZdquY+yg7vqxUF9Lf6+smlVv3PjfhXztg -2aV717UGinyqZgcn2J+ADWocRI3JnOhU0lswsGc+oVXp ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAO3ICAWZ2JzsnuWt +y+dWYA29pFW3sWiphcqhzFCOFv9uDMGOsVWqJTGd+x60cIxmU9lqSW+JxIAplC+7 +fQsGf0g501v6M+0gWYblX8BlRb84DEpDEe1u0mCS2CqgZscatvRqM8N8zjgpom/U +pTQYknn5upjhc4RY7KkOz5nWJ51vAgMBAAECgYBRzwSTiL7yHqb8trL0wM8Daz/j +DfRH4itZ8BjvjjNzZlWVMpbotkVdsND5W3Ntmrc2kk75xRiKT8PgOE1pQa8AbL7F +uR1U5itWKbyKCOPA/mzYoh9Pw9IouB4noNFzwDWnilsviV4yshKzKQtjryHPe1ft +RuF7YdGjsweUJriNoQJBAPeP6+fiT2WO/pXiextMhACU2fkgskgi+CFD+z6r8JtP +Kysk5+2PM6iSMm1XkBYxmPbCYMJtzShXnm3X41LgUgMCQQD14sSt9s9rIcT4w01P +oUm5d3MGgLf1khBzUT9VdKqb0ZqmtTBANKmU8GP2jmSguItNRiSbSiyvL3pitoHl +o0ElAkA5XEaLzvsYi/5fGj/t/lejjtnGiJXmcvvNMWQ4jDxOsBRPhdibSY/toho/ +DYfcLJfFrRogUrKzg0G5L8mDPWijAkA1vOjFKGKuhEPbJjvYQmStbwipjCooNlL4 +EPKph4Td5xJIiuLPtXK2hU8jjH07jvmK2uCXO7/GTbcOqdp7yJEtAkEAhFuJnqk8 +7N+TMUouU6DRCioGI6kg3kGPXD2p0dZn2XoTVvluklv9s4cpH5ht7BxKw6flDPqC +ity2FjTxEJ88BQ== +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/proxy-test.crt b/lib/hx509/data/proxy-test.crt index d0d3135a58e0..9774ed2ad52b 100644 --- a/lib/hx509/data/proxy-test.crt +++ b/lib/hx509/data/proxy-test.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- -MIICMDCCAZmgAwIBAgIJAI8UaHGQmUvNMA0GCSqGSIb3DQEBBQUAMCExCzAJBgNV -BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQwHhcNMDcxMTE1MDY1ODU5WhcNMTcx -MTEyMDY1ODU5WjAxMQswCQYDVQQGEwJTRTESMBAGA1UEAwwJVGVzdCBjZXJ0MQ4w -DAYDVQQDDAVwcm94eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzeKelgMO -dEHFmfEANkv6k+HkOduzT2It++ma7Kg+6+eOWpBqWcY3AOEbSE2UJM6H+StDhNNS -cldPd3LoZayywckvgD3/NZjB9drsxF9GGClHew+fKjiekjNR3aUuAjysJYfr9AYd -E6AFft2qKphuPKlEjPDeOZ4RpjvQOgFRB28CAwEAAaNgMF4wCQYDVR0TBAIwADAL -BgNVHQ8EBAMCBeAwHQYDVR0OBBYEFOGuL3xdInqdArsxly/BbLmYbzDTMCUGCCsG +MIICMDCCAZmgAwIBAgIJAMJEvwnR1+3UMA0GCSqGSIb3DQEBBQUAMCExCzAJBgNV +BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQwHhcNMDkwNDI2MjAyOTQxWhcNMTkw +NDI0MjAyOTQxWjAxMQswCQYDVQQGEwJTRTESMBAGA1UEAwwJVGVzdCBjZXJ0MQ4w +DAYDVQQDDAVwcm94eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxxP4tpnb +qS5NjzDgrujdZovK/FHnlgO2Kjha1LQpTLDPwQh4zoymu9Hi/HzYTzdBCwA+auMY +vog4EE5hIgpbXFlnSP8gFmQvE2evPBf7Y1O2oK0xEih4/7D2oFikQ+QWHfy92EUm +mDe7fjkx5ipF+qwOSLU+YuG07+ltXW7XH8UCAwEAAaNgMF4wCQYDVR0TBAIwADAL +BgNVHQ8EBAMCBeAwHQYDVR0OBBYEFM1/xN3+Jz4m3NYEctNo8Y9CnopqMCUGCCsG AQUFBwEOAQH/BBYwFAIBADAPBggrBgEFBQcVAAQDZm9vMA0GCSqGSIb3DQEBBQUA -A4GBADOZurVQ/lXeLADFOZbTmbRt0Nv3aPHniG1yovlSDEuNjMczeRMMIsef+jpJ -4Z0rt65i3qpX3uXZdCgGtIbusIlM7fBLCRI5vJ27jqs2PnCvodWO05e/aL3XxRwr -42wDWTioZuGm8Sz4hpHv74Fz/7PgvZPMFSo15ujdOTWMXj08 +A4GBAB06t/tkcci9IFnSnmogi3LEare/aVkAxbfWHoFBRCZOyat/K7moDsPng6a1 +v1DZY0LqgVDL4DCyTKXxAbN9352cca5spmnNKWegCSA9UJXGCTNtIJCPA/x4PO8C +nhAAaxERYu123XhRZ8HhRM6t7uGiyLkAX3JFcWvPhAbWjNbo -----END CERTIFICATE----- diff --git a/lib/hx509/data/proxy-test.key b/lib/hx509/data/proxy-test.key index 93b609b75164..e03895d43eee 100644 --- a/lib/hx509/data/proxy-test.key +++ b/lib/hx509/data/proxy-test.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQDN4p6WAw50QcWZ8QA2S/qT4eQ527NPYi376ZrsqD7r545akGpZ -xjcA4RtITZQkzof5K0OE01JyV093cuhlrLLByS+APf81mMH12uzEX0YYKUd7D58q -OJ6SM1HdpS4CPKwlh+v0Bh0ToAV+3aoqmG48qUSM8N45nhGmO9A6AVEHbwIDAQAB -AoGAaAv+2RDyXQ5gLkv9L3N2TwX5sMO2+odDdeu4v6DHK7D54ArbtELXyTn577BF -DdTSIroahSXGpMI7BsKrb7a3Hw+lnbEsag0a71yMM+E/zN9e0BgZwb7ZpeezVG2O -kaXCuVPQlmDys8UH001FWP/XxqhLfCjy25ynaXi990k0AwECQQDwI64IquGE0OCO -bI15Z+qLM5aRQgkNPokU7bZ1oSp9Ctx0pI9IzN6DcXe1QcXBDUJrZ0medNmNjqkG -KPkiAieDAkEA23vDr6+iiSTOIUAGj+NDY9ydk48j8oWYUeQPL8Y7hJrckJrqqfNL -MGZUKnF/RFPRbfS543xiqlXs4j3C61cwpQJAS9DH+l6Q8tDLhMvK4sCnMSmpaNTz -bKYIu33NdFfcxTuvnHfz8OUVf2RMigJo/+lCxgwHFysHIIUg4hv/g/gwJwJBAIfx -UHMwxetL8KCHl4jnqoXfz3nl3s4IESAnsYBVt+eaQ6MNUOuS1a9UsizXv4wCnmUM -f1Z3ZGU8c0xuFJzPlEECQAs9UM+v0WxhUY8iVltgaLxGP282Mg+p+pIoqXbn8Mt7 -gOomlisP+s0Hh+c+YFPIAaAeH6j7n4AxydI0Z9fKIZA= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMcT+LaZ26kuTY8w +4K7o3WaLyvxR55YDtio4WtS0KUywz8EIeM6MprvR4vx82E83QQsAPmrjGL6IOBBO +YSIKW1xZZ0j/IBZkLxNnrzwX+2NTtqCtMRIoeP+w9qBYpEPkFh38vdhFJpg3u345 +MeYqRfqsDki1PmLhtO/pbV1u1x/FAgMBAAECgYBQoyRRQo0ZQComYBQChUx45xL3 +lW2K9EHrZBxWoAtChzP/6qCUeaBn36Jjx2YO4EC2ZgjiXs59Dsw2vqjVkwBh9ujA +F14krPR0OpCnj3mFyz0CqbZUjB8tvKtGe5Bm5JkwITDIXO+mXacdQ/Mpa2cVDqk6 +D4XxuCU7V8Ft14stQQJBAONXnrKlLa3UmdOdDArj0ZQLQdzWKN5bW+tzRcV3kVyh +xc7yPHlcPtp+lK9CX+nZkjCj/5e2C6fs+dKfEZPOiO0CQQDgLEI0RbbdCGVp0soK +HIOQsngSwGrvKN3FFDqMyC/eEqW6t/p64VOzUnKBvAOh/jI6vgE0heEXHNl5/ivU +T885AkBhATYaDBkdnyW0AcLtsp/uh48m58qwdlMWeC1BQO+pku2QjBP5xL6dBH30 ++mFqqweR8ahR17/Je3htwqoBY5NRAkEAimjJN50TmsVkWEJdnICeeui2Wl2TqLaC +tvwWanXvmB3LVc3iSZx2IXH2YUPEunBIcxx9ggBnSe32GOxmA2CDgQJBAJqJ+Ucx +Oc6FYER8gb+yg8eV0IsSrshS2Zq1+vJV6Xnbm6mmkANYIydknqm52hef4hW0al8A +46U7qh5s6EESzkc= +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/proxy10-child-child-test.crt b/lib/hx509/data/proxy10-child-child-test.crt index 95abe018b128..18e37d788d73 100644 --- a/lib/hx509/data/proxy10-child-child-test.crt +++ b/lib/hx509/data/proxy10-child-child-test.crt @@ -1,16 +1,16 @@ -----BEGIN CERTIFICATE----- -MIICdDCCAd2gAwIBAgIJAN27BSQHOOO6MA0GCSqGSIb3DQEBBQUAMEMxCzAJBgNV +MIICdDCCAd2gAwIBAgIJANtSso4F/YPoMA0GCSqGSIb3DQEBBQUAMEMxCzAJBgNV BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQxEDAOBgNVBAMMB3Byb3h5MTAxDjAM -BgNVBAMMBWNoaWxkMB4XDTA3MTExNTA2NTkwMFoXDTE3MTExMjA2NTkwMFowUzEL +BgNVBAMMBWNoaWxkMB4XDTA5MDQyNjIwMjk0MVoXDTE5MDQyNDIwMjk0MVowUzEL MAkGA1UEBhMCU0UxEjAQBgNVBAMMCVRlc3QgY2VydDEQMA4GA1UEAwwHcHJveHkx MDEOMAwGA1UEAwwFY2hpbGQxDjAMBgNVBAMMBWNoaWxkMIGfMA0GCSqGSIb3DQEB -AQUAA4GNADCBiQKBgQCw3LymYPXq7FKF1yumUvZTEbyMNszUYmoaMXgfnOgu8TWR -Dwek7ome68yHYYkc4fj1jG2ugdQ+/LgpJ10c+lHa1MeE7QHbJu6tNhRcCgxnAtlV -JljkmB24Ne/UjQwVVT73rUrvaigby8Ai0ujDtPJDqfUQvh8lwEFFWuafq9Ms1wID -AQABo2AwXjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQUNBaggvaD -C/Amnb2M8g60WKxwGn0wJQYIKwYBBQUHAQ4BAf8EFjAUAgEKMA8GCCsGAQUFBxUA -BANmb28wDQYJKoZIhvcNAQEFBQADgYEAmT5WYZ6FM6ceyyxTKiusYLDPJ04D7dVk -VVMnu1q9dATMje/RKrncT0+KNEMdLWLpZgeHj4E2bi1507l3/zOUwOPpdI9MrvpY -Or6ssQ3sZAZI60ruZ91ml6cYt+rbE1F2J+y1CM0rW/wnAIT1v2vP2Wd7PrEm8RsM -QGbyuzcrAL4= +AQUAA4GNADCBiQKBgQDcgI+5RZZeSRqK8ydQYyVqk2DGI8dLUkWE68TthxWg5Xjp +jD9tVt8y3kcQWXIWqeNjmKS6zQHDro/d8oS6oHVMyFakxq4uQD5DvaTeLFjmK/4i +IrVlJS+T8kUMNoqGgNYY7BppcUU0Nav/whldGlhtEEWEEu4EZ+4UbCj5QCHZwwID +AQABo2AwXjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQUrbpGGsqI +EM708LMvCSGULkOS0CowJQYIKwYBBQUHAQ4BAf8EFjAUAgEKMA8GCCsGAQUFBxUA +BANmb28wDQYJKoZIhvcNAQEFBQADgYEAFk/qvmcnH5QqMLxEtUY9O+2A1ag6iJEs +18sIp87PRLP06OmtWPkijS+7c7Dbs5ttwAWW8tZ9+f+yyXE2ctwrc2ap3TicrTB8 +yI2Fgf+ytxgpZharMjeUi9E10K/xKxU3hsrD7ug3iHp15HKyuP8uFmBP6gcsVsgj +tsIaPKR43xU= -----END CERTIFICATE----- diff --git a/lib/hx509/data/proxy10-child-child-test.key b/lib/hx509/data/proxy10-child-child-test.key index 247f61653637..18e54b0395ba 100644 --- a/lib/hx509/data/proxy10-child-child-test.key +++ b/lib/hx509/data/proxy10-child-child-test.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQCw3LymYPXq7FKF1yumUvZTEbyMNszUYmoaMXgfnOgu8TWRDwek -7ome68yHYYkc4fj1jG2ugdQ+/LgpJ10c+lHa1MeE7QHbJu6tNhRcCgxnAtlVJljk -mB24Ne/UjQwVVT73rUrvaigby8Ai0ujDtPJDqfUQvh8lwEFFWuafq9Ms1wIDAQAB -AoGAHRo1cKtDzARXD+74H8ZHAiRJAkmCKvCGxQie25TWH+NRDS2L9HfL7XqfjSdf -iIEmlkElSzHR2wt6wkrX54zJKxMNayc88UfInQ03a4XwFzAksTf05zpdGPbkKohi -eeQcf3Raq+Swe4pTEwyEU8mDidM/rKJst+zMiE4UMeVGTQECQQDZPFrVTyJwGBcS -sxJly0zXmZ8tvvsxIuplwAvbfCWbhEEgeO3LAKjcpb5HVOLfTe8+2ZO00ALidVCH -N6/ae+iLAkEA0GwPxjlbKnL1VcpKdsegntACxlHD0TonvIEINKv9PiKzHIhQo8xJ -Rt/2aBRAOJn+zB3FJxfQ+o6vEUwvBfEKZQJBANHMLTlG9M5nJZlkogb3YZ3y+j0W -7cdVniRoZcsySau4/aDbyWO9nleCJpMDUxwwSzdasAD2x2JnxD7itA4AjuMCQQCP -a+0m8M0lVtowYPYA6rpCzs05/4YKckRp2Tj2Vev8WBB87+jd7nP2S6PaVyUiTgYi -G9JRZnguEwWxl4U8R3RpAkA5QpGHFhXNI2xA0ZKYH1tgmYfLBAAiVrIDKJddtOf/ -rKceL88RXsjnA6PTN9AdpnJ4sTToR3HDeEwAQrNHMC2M ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANyAj7lFll5JGorz +J1BjJWqTYMYjx0tSRYTrxO2HFaDleOmMP21W3zLeRxBZchap42OYpLrNAcOuj93y +hLqgdUzIVqTGri5APkO9pN4sWOYr/iIitWUlL5PyRQw2ioaA1hjsGmlxRTQ1q//C +GV0aWG0QRYQS7gRn7hRsKPlAIdnDAgMBAAECgYAgEiLVU6W3OPK/WvZQ3trGUYE1 +0GZgMisiVhhiY89lg3q+nUNsZ8I259V2L0xEt5j3F3B+KusixvTt1yQu8L+eki1i +moA5YLtiqcDVHkSX44/f8+yN0QBqmtJDg3WU8mki+Nf4fKEAPvdmmgRhnfFE8hqM +x6IRyL7B+7bmeUKeIQJBAPXw5KquGiwLjoZ+tHQhWN/3SZEBfB2uPFDAXsMgWnUS +pShjnECQDaj9ogUYoWeJacFj8/Dyc01P+LyiAtmfLdcCQQDlhVAsQNxMXLpy5HKU +ZcuZz4il/jQUViq/JRyXlqLccHsfs1P+7b3O+TN7LVNS59vKprkBCIcJoSZ4LaGi +v331AkEAh+KrVSqQx1kzTFhhd/Cc3FITUY0SeIu2Q5+mPAV6NUkx+5jd0kZFZeON +S2eKdlxUFEgXlj8/Oa4/7mlNTdRHTQJBANZ41IoFsdXJcJCb2FXDKZX40AAMoi2+ +twMWcrlUEatbkDH3KK43Cf617t1TZWE7N68OTCIjDcx5wbDbMwcZWWECQAQhJrzq +pdWb5EVvYRP88zJ1vJCISIGWjxQRsde9w0VX8Uu3kyT1EHEuW+JScoNI0avaV1DK +yIG37HCRGTBiNqI= +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/proxy10-child-test.crt b/lib/hx509/data/proxy10-child-test.crt index c45074102e17..600bc357c48c 100644 --- a/lib/hx509/data/proxy10-child-test.crt +++ b/lib/hx509/data/proxy10-child-test.crt @@ -1,15 +1,15 @@ -----BEGIN CERTIFICATE----- -MIICVDCCAb2gAwIBAgIJAITDCg/e+gWyMA0GCSqGSIb3DQEBBQUAMDMxCzAJBgNV +MIICVDCCAb2gAwIBAgIJAONwGxXRj9jiMA0GCSqGSIb3DQEBBQUAMDMxCzAJBgNV BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQxEDAOBgNVBAMMB3Byb3h5MTAwHhcN -MDcxMTE1MDY1OTAwWhcNMTcxMTEyMDY1OTAwWjBDMQswCQYDVQQGEwJTRTESMBAG +MDkwNDI2MjAyOTQxWhcNMTkwNDI0MjAyOTQxWjBDMQswCQYDVQQGEwJTRTESMBAG A1UEAwwJVGVzdCBjZXJ0MRAwDgYDVQQDDAdwcm94eTEwMQ4wDAYDVQQDDAVjaGls -ZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAroEn/MX0t84+NLivDSbN0y5r -ZRxaiTDYkmvbdvJuBryCCLkzUT+/eh3pEK52BODXZWD4oiEMJLubH/pz+/6eAb4T -ReAWft/wMFaOSZ37a7iLWr8vFaRfBjQREpEm0rCp7dPvWYrraRIIjMRJzAUwygXN -KSS4f5VZkMwNfT9wwE8CAwEAAaNgMF4wCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAw -HQYDVR0OBBYEFJrcQRDczQ1P+84ND71GVT99a/2mMCUGCCsGAQUFBwEOAQH/BBYw -FAIBCjAPBggrBgEFBQcVAAQDZm9vMA0GCSqGSIb3DQEBBQUAA4GBALIbzPSyUE5Q -4TWAUfATVsADj131V1Xe+HHgwXebWbnNCJIe3OyWoFqK3X5ATKzi6MzHzA+UngFK -KGl8m8Ogx9dYQKzP2LIw0GuvpMyc3azb/cvbWv3vmM55UEdBlqxSTFynqLdpJqtn -9dXq2wCNdUtbGEOpaRVOiZ0wjvpTB4wA +ZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr982Voxa1DhcIIa22u5oO497 +L2FF0r91yZh2IjY02XSGbLiyFV6OwKULRli587BMryq8G0BBKAmXVvZszOLOe9xV +eipWkyFxiF2s6ERYJ7muHHXxIQyGgRMxhsDuiqiGc51TZ+2H7A2CIHbzUOdom9qf +UwXqyd8iD9N/a/Zy3JcCAwEAAaNgMF4wCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAw +HQYDVR0OBBYEFBBhzv8RTjHAfZxnKZ7bRv1K9MxSMCUGCCsGAQUFBwEOAQH/BBYw +FAIBCjAPBggrBgEFBQcVAAQDZm9vMA0GCSqGSIb3DQEBBQUAA4GBALT+aUqBtZDM +W7/F5I9QgZL9+zebGqzjxSTYpIT6iYRop/oA4ZFc6k0UjR5A8A+/u9mISwB9P6R+ +GtQ8CBgcqLgsLsTEUiz/N2XtC+I++ZSkR33b6ZbNefq9vSib+OzQjdqw9vshK9zX +bajUTjXEGuJrGMeqvv8iwl4SIpCT5f3C -----END CERTIFICATE----- diff --git a/lib/hx509/data/proxy10-child-test.key b/lib/hx509/data/proxy10-child-test.key index 70cea5d344ae..12f49009eb16 100644 --- a/lib/hx509/data/proxy10-child-test.key +++ b/lib/hx509/data/proxy10-child-test.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCugSf8xfS3zj40uK8NJs3TLmtlHFqJMNiSa9t28m4GvIIIuTNR -P796HekQrnYE4NdlYPiiIQwku5sf+nP7/p4BvhNF4BZ+3/AwVo5JnftruItavy8V -pF8GNBESkSbSsKnt0+9ZiutpEgiMxEnMBTDKBc0pJLh/lVmQzA19P3DATwIDAQAB -AoGAaYkc+Odzd9IYluP2ojqMkiJpuu2p53yODgeC4+38EsDg14vB+GpYT+9U68zG -/W5JdjtuQwc/g9ueFnnuuUEkpyMIKDdAl00ZJQU5Vvz+ooZdxp/iYm3axkV2Gc2l -mbulzUxgpomflDd/B3RXO1jY4ZttpVHTNUvjm7DtypiqsAkCQQDgIIRBtSipM3F6 -GYKgnmsjK+19YxUdMbHS6fyfg0TDIrSrBi5EqyjgA4MzxfzimvfKCiV6SSqFnU3G -MIWDLh2dAkEAx1IaAAi+DmED08rarKRU2Ma7KRQWlxjXTp6c9OrbzuCJrqZgscxJ -vBjmHzbXCKumRZwqWgzM5mRxPVX6npyn2wJBALrWQIqqI3hRuzJnG78b8QJD91nE -hHBu4eeKSZ8MBgGJ6AR+RYnXCV8dbn11eifJufECXlW/sqPqC1DBWDuP8P0CQFxg -utglNSCo6gMw0ySMjR5jDL8/JjElPDSd4pTIfNNm0aj2R35f9hSNXao92m+UTl2Y -wTA3Gof1KV6KCLuWU10CQCeGYU3SFAy5QLVqR0B0u19wWyS8ZMl06DjOslmu7Zp+ -x1GxxFu1MNFvcKwmFeeYcNU1t9X0tC7EhUIaLQk2kqM= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAK/fNlaMWtQ4XCCG +ttruaDuPey9hRdK/dcmYdiI2NNl0hmy4shVejsClC0ZYufOwTK8qvBtAQSgJl1b2 +bMziznvcVXoqVpMhcYhdrOhEWCe5rhx18SEMhoETMYbA7oqohnOdU2fth+wNgiB2 +81DnaJvan1MF6snfIg/Tf2v2ctyXAgMBAAECgYBbnR/2J7js0csT2nkIRKahWBWo +UbiIltmpwTTQj4IqQKwBmJiTzyT3r0HXTELZcV4Q5WcFnwwR6iUe1NFKTV+XgrcK +OMBY43+6InTvsXAKxLH6MZ7tfKWA13forzs90CmvYxTHtEFYS2MnzZ7FFqBk59lA +gMrcDVKYiOLenjKm6QJBANuEuoq/ZiNC9bJ3JjVyH/yHYqAwi6g8B8kQufecAqIu +eQBpx2vsry8V6LpTfIsle8dWFKauiE4s5VyBMn7l2kMCQQDNGZHFI9j8SaGVGmbF +5nDtBnWoyAWCQ3VzTj+uaO/ybkTFFvVkVLU1+3j2cWRVYdnoXK9uL2eH9E35radx +d6EdAkEAyEI2l1ryh5qPYEb4MWuyqIKtw6tlzI0vIQtETBIkCOZSdsEJL3jVfCQF +ku2Uwa/pUrlBz6mLKZ4lg5VNhpyT1wJAEfXaQQQ5nSYpgzATreLXIrp9FTGm4dhc +caN5iiFgWb90QDoZdRbB459I4XPekGeIOIPdTO3TyCEJrwKY9iO+tQJAGdLTwcsz +o1Ic+rVL8IfXPRCwtvi3e/xVgGxDHhV498/ofY3xgVmOkSRdDjAz2FgZeaotnKj6 +d9og/gBzfNdK2g== +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/proxy10-test.crt b/lib/hx509/data/proxy10-test.crt index 331c3ea33aa6..0d9fde88c5b6 100644 --- a/lib/hx509/data/proxy10-test.crt +++ b/lib/hx509/data/proxy10-test.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- -MIICMjCCAZugAwIBAgIJAI8UaHGQmUvPMA0GCSqGSIb3DQEBBQUAMCExCzAJBgNV -BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQwHhcNMDcxMTE1MDY1OTAwWhcNMTcx -MTEyMDY1OTAwWjAzMQswCQYDVQQGEwJTRTESMBAGA1UEAwwJVGVzdCBjZXJ0MRAw -DgYDVQQDDAdwcm94eTEwMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTeTGh -PIY39c75rcek77oZeDKnvO9zmsU2nlPnKpNsQ/QYEa610EeaRhB36lLhIS3aEtoG -LKgHeDF+jxasog3GNWZ7/EF5x5VwIbXo659ZbDwnT8c8ZJADEe1kfMuFgKd49l4y -PNCqN4LX2DdAh2HIb7x1iw7Fnu7s0Xnipgq0twIDAQABo2AwXjAJBgNVHRMEAjAA -MAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQUe24gc/gLyB6DW4gELVL3axuZTbkwJQYI +MIICMjCCAZugAwIBAgIJAMJEvwnR1+3WMA0GCSqGSIb3DQEBBQUAMCExCzAJBgNV +BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQwHhcNMDkwNDI2MjAyOTQxWhcNMTkw +NDI0MjAyOTQxWjAzMQswCQYDVQQGEwJTRTESMBAGA1UEAwwJVGVzdCBjZXJ0MRAw +DgYDVQQDDAdwcm94eTEwMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAwvFE +RvMpm6Oje46mf4ta4or7w/cUcJ5wrn9f1plR6/ETOiCGKf4i9/9Yj8vr0MFLSNcb +LpipSq/JDoiQJQuCvfwGe/g/Im0byhcWmqcvmUQJ+tp/qBsrZQqKMAZxBE1rzvBs +pWqQCFHDOebLzcl1zmTDcrDgwsO0j0EOFRiIkwIDAQABo2AwXjAJBgNVHRMEAjAA +MAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQU5aYR98LOKtpDlBTC9W4axWXpg9EwJQYI KwYBBQUHAQ4BAf8EFjAUAgEKMA8GCCsGAQUFBxUABANmb28wDQYJKoZIhvcNAQEF -BQADgYEABlvvmLwl6ZjaLdTGmxDD2eHN4/IbjYj1Vta2zQOKKA/W4qrkhmSNpy0x -+v9tqf2fumNSpspqF+g814pXbqSMuObHEE1IeUmiGwVPC7AMWVXd2skMdkjEqhLM -8qvDrPt+c5rGnnqM9AqrT/xDgXm7XnPLSFcrX/q8xVKVztskgEU= +BQADgYEALsp0p4UR2YqO3HYNEkPFluconjaKOcj4X1y1K0dnQneBfrKJJ812h/Dh +bs/Kc/SbKWRD8wkNF13WURZiH3emkYgvdB3QIFaWb52gK4n8T2L5PkcEJIv3hFkl +5TyqSgsy4SlaQ0KnBx+E+l9fDXUBYhpxLEVpaav5u3RLNJhG0jY= -----END CERTIFICATE----- diff --git a/lib/hx509/data/proxy10-test.key b/lib/hx509/data/proxy10-test.key index 3bc0b4582f1d..47b4ce2309d4 100644 --- a/lib/hx509/data/proxy10-test.key +++ b/lib/hx509/data/proxy10-test.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXwIBAAKBgQDTeTGhPIY39c75rcek77oZeDKnvO9zmsU2nlPnKpNsQ/QYEa61 -0EeaRhB36lLhIS3aEtoGLKgHeDF+jxasog3GNWZ7/EF5x5VwIbXo659ZbDwnT8c8 -ZJADEe1kfMuFgKd49l4yPNCqN4LX2DdAh2HIb7x1iw7Fnu7s0Xnipgq0twIDAQAB -AoGBANDEIiSklXQFLFD8J81CBBxEtu007cbYkbx7zSS2uVb2NrDUM/+1IBrC9FsN -bshlctiIJ8hUqYTGOUZRh/bg/GpVOgTRAgaMBEBOYXra7r7TVcUUxpC8CzX9hevl -H42T6Ez6+Ednfg0RX6rZTiFeCNV3ADkguO07mlgSppiQJmlxAkEA/ICw/Ar/GtJH -/EK8jrbxzakNzFxtHUtVNwSALsiWZUfJWJgf7jDsl0XB8w/HhVDrdwfc+Aiexxc9 -SPJKKqdpswJBANZnBfxEucE1SWu9elvPNWIMYBXinfMvfnkSt81KH3AfObiUj93d -LCii1sF/x2aDeKJseFiUycy9xQXhQMF5vu0CQQCPECs24tQfUj1PBFDpW2YtbDdR -Lpz0GBa0EWy/FQ+BWucNt0OAJWAnZXK6UJpvQqXmzyG3tsqfat9iUUUMXcZZAkEA -vc+PePrPCMHIMl4ZCVa0iA00s6tg8n7FlSKBHnnUw0qhq0u64kyAX6lqPvyE57jU -/9bP5Hw0+9G1r7LvxVmnMQJBAMdphUdEYRlIZ0GTnIETDzjm3lge06cXzLvXFIps -nCANLV4OXJZVaTUrnDINLJVHu5d+Mx1pTw6GOF+v0+LjbF4= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAMDC8URG8ymbo6N7 +jqZ/i1riivvD9xRwnnCuf1/WmVHr8RM6IIYp/iL3/1iPy+vQwUtI1xsumKlKr8kO +iJAlC4K9/AZ7+D8ibRvKFxaapy+ZRAn62n+oGytlCoowBnEETWvO8GylapAIUcM5 +5svNyXXOZMNysODCw7SPQQ4VGIiTAgMBAAECgYBTMM7nZKd1AZKx75U1Dj6aTsMk +vQJZc/EtOGIIfplU3bsBTUjUHjNr7BPrqMOdVk7Vqu4K8SU5it4qq3cMnrBETxTA +k3oLwIM5U/MLF8PCxFFfjARA3iqp5ldCBRbFwBi3iBa3+dxRQgx0TYdhg32LPE4a +7sAz+GGSHspa8mPR4QJBAP9qA1LSsSi/hargSNaNnCEy/4YW7MIkbJwX3A0INGT5 +cEUhSG+w0UhnkAf0Hi8/Gh19EsvDEOY/Nu6ucSmmnK8CQQDBNCNO2Qae7GJSOPLQ +T6RpcFThH/7D09gCnF25V5An3jawT2BNue8iHxKztOwneSw16D1xSDm3nIs8m8sJ +gXNdAkBs9pY6ZEZOIv7seki4t6svAqm+U9Nns9Bd+1PWf3SSy1OZOmzDsYRnRj9N +FVk3QM1sXSqCoVJ5V+ighO0kHr9jAkARbnvVDF29jwRb+MlnpBfob3spCLL6xi1S +JvuJ0m2uOy1iAPdma+U4hecxEZzQ/uzPPFH225Zhi51AbaoHBIf9AkBHxYNY9TPW +nWpEcH7Mq+5KdAgXhXb0uWQbWoK7m/wm7OY8KQMc2Uo1chatb0qxlmUxZvQXva+w +QxahbNp1Uyun +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/revoke.crt b/lib/hx509/data/revoke.crt index 0adcc2d1b4f7..2c2afc2975e3 100644 --- a/lib/hx509/data/revoke.crt +++ b/lib/hx509/data/revoke.crt @@ -5,22 +5,22 @@ Certificate: Signature Algorithm: sha1WithRSAEncryption Issuer: CN=hx509 Test Root CA, C=SE Validity - Not Before: Nov 15 06:58:56 2007 GMT - Not After : Nov 12 06:58:56 2017 GMT + Not Before: Apr 26 20:29:40 2009 GMT + Not After : Apr 24 20:29:40 2019 GMT Subject: C=SE, CN=Revoke cert Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:b3:24:de:14:fc:b6:80:e2:34:59:81:1f:ec:cb: - 00:21:75:e5:34:88:09:5e:5e:8e:f8:91:6b:ab:09: - 34:f8:6c:69:14:00:c5:47:f2:d7:de:a0:32:00:02: - 63:79:3c:14:1a:a9:4d:d1:1d:c0:fc:a7:50:72:26: - 96:53:d1:9f:a9:5f:f4:82:4d:4b:17:3b:fe:14:60: - 42:94:22:93:3e:c5:14:97:c8:a3:6a:8e:bd:90:03: - 22:12:9e:41:ca:a5:de:4f:57:f4:bf:f1:9e:f8:63: - 4f:c0:9e:c8:3c:e1:8b:89:60:3a:2b:5c:a7:b7:6e: - a0:48:34:49:58:61:a0:34:6d + Public-Key: (1024 bit) + Modulus: + 00:a6:5f:11:30:35:3a:5f:ed:c2:06:ac:f4:14:27: + c1:db:ae:79:f0:b6:9e:0a:83:e7:82:6a:69:92:a6: + 85:9c:5d:e4:8a:0e:6b:32:99:4d:22:b9:ea:a6:8c: + 84:9e:62:f0:a3:f1:d2:b0:ef:41:ce:93:ce:d9:49: + 43:be:0d:a7:ea:cd:37:bb:ba:4d:ee:75:ed:86:74: + 8a:e2:08:77:2b:60:91:30:b2:96:57:4e:42:d1:5e: + 6f:0d:f5:b2:d6:98:ed:3f:ab:a0:64:33:8b:52:ad: + b5:7a:4a:fd:70:dc:d8:8b:e1:47:0c:8d:8f:93:5c: + 9c:35:3f:cb:21:d7:5c:6c:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -28,26 +28,26 @@ Certificate: X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment X509v3 Subject Key Identifier: - F3:E2:96:20:28:53:21:92:67:A8:5C:B5:2C:7E:87:CF:7A:07:3D:84 + AC:ED:61:9B:1A:7D:7D:27:D4:E3:B9:3D:79:9C:F1:96:10:B3:46:45 Signature Algorithm: sha1WithRSAEncryption - 90:39:f3:a6:fe:92:b9:92:4c:75:58:b2:51:36:11:07:f5:a2: - 71:dc:90:d7:2b:b5:bc:37:c8:30:4f:a4:6b:41:11:63:3e:53: - 42:ae:6f:59:7d:f8:b0:59:01:2f:50:4f:2d:21:7e:6a:58:bd: - 74:f1:69:c5:62:3d:8f:fa:1a:c8:7e:a4:30:dc:01:8b:c9:f8: - 77:44:5c:d3:a4:ab:9a:50:cc:45:d0:65:00:5c:fe:d3:b5:a3: - 7a:f1:b1:5c:25:0f:06:16:5f:cf:e2:5d:0b:87:c0:fe:14:b8: - 0a:10:17:55:34:15:4d:44:6b:60:80:6e:af:7b:81:30:47:5c: - f3:fe + 71:4d:fc:63:69:bb:b5:cf:0c:50:dc:de:55:ef:9b:90:07:42: + 98:3e:80:36:e4:94:aa:d5:f3:0b:56:38:12:1d:3d:e6:dc:a3: + 8b:bf:8a:f6:82:d6:25:8b:9c:88:ce:38:2a:ee:e1:2f:2e:8f: + c7:74:c6:42:5f:68:99:a5:48:e7:08:5a:bd:3c:fa:db:14:5a: + 39:cc:dc:50:c5:ba:05:97:c9:66:9e:39:d8:ce:17:a6:ec:6b: + bd:c9:c9:a8:d1:6d:dc:68:c0:79:20:6e:df:04:0a:14:37:06: + 7b:e8:54:62:60:0c:9f:d5:73:55:b7:d0:4f:cb:e0:14:75:65: + b7:d1 -----BEGIN CERTIFICATE----- MIIB/DCCAWWgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1NloXDTE3 -MTExMjA2NTg1NlowIzELMAkGA1UEBhMCU0UxFDASBgNVBAMMC1Jldm9rZSBjZXJ0 -MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzJN4U/LaA4jRZgR/sywAhdeU0 -iAleXo74kWurCTT4bGkUAMVH8tfeoDIAAmN5PBQaqU3RHcD8p1ByJpZT0Z+pX/SC -TUsXO/4UYEKUIpM+xRSXyKNqjr2QAyISnkHKpd5PV/S/8Z74Y0/Ansg84YuJYDor -XKe3bqBINElYYaA0bQIDAQABozkwNzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAd -BgNVHQ4EFgQU8+KWIChTIZJnqFy1LH6Hz3oHPYQwDQYJKoZIhvcNAQEFBQADgYEA -kDnzpv6SuZJMdViyUTYRB/WicdyQ1yu1vDfIME+ka0ERYz5TQq5vWX34sFkBL1BP -LSF+ali9dPFpxWI9j/oayH6kMNwBi8n4d0Rc06SrmlDMRdBlAFz+07WjevGxXCUP -BhZfz+JdC4fA/hS4ChAXVTQVTURrYIBur3uBMEdc8/4= +OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA5MDQyNjIwMjk0MFoXDTE5 +MDQyNDIwMjk0MFowIzELMAkGA1UEBhMCU0UxFDASBgNVBAMMC1Jldm9rZSBjZXJ0 +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCmXxEwNTpf7cIGrPQUJ8Hbrnnw +tp4Kg+eCammSpoWcXeSKDmsymU0iueqmjISeYvCj8dKw70HOk87ZSUO+DafqzTe7 +uk3ude2GdIriCHcrYJEwspZXTkLRXm8N9bLWmO0/q6BkM4tSrbV6Sv1w3NiL4UcM +jY+TXJw1P8sh11xsswIDAQABozkwNzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAd +BgNVHQ4EFgQUrO1hmxp9fSfU47k9eZzxlhCzRkUwDQYJKoZIhvcNAQEFBQADgYEA +cU38Y2m7tc8MUNzeVe+bkAdCmD6ANuSUqtXzC1Y4Eh095tyji7+K9oLWJYuciM44 +Ku7hLy6Px3TGQl9omaVI5whavTz62xRaOczcUMW6BZfJZp452M4XpuxrvcnJqNFt +3GjAeSBu3wQKFDcGe+hUYmAMn9VzVbfQT8vgFHVlt9E= -----END CERTIFICATE----- diff --git a/lib/hx509/data/revoke.key b/lib/hx509/data/revoke.key index a4c68aed196a..0fe2e18b2fb5 100644 --- a/lib/hx509/data/revoke.key +++ b/lib/hx509/data/revoke.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQCzJN4U/LaA4jRZgR/sywAhdeU0iAleXo74kWurCTT4bGkUAMVH -8tfeoDIAAmN5PBQaqU3RHcD8p1ByJpZT0Z+pX/SCTUsXO/4UYEKUIpM+xRSXyKNq -jr2QAyISnkHKpd5PV/S/8Z74Y0/Ansg84YuJYDorXKe3bqBINElYYaA0bQIDAQAB -AoGAIDHl/5uTKQJ+Kf+8vw+UjG7lrFUuadlQlHd+BBT5ghPppoCk89M+3HGpyrqj -KeyUKF5477YLMtzW5kztA09PBBJvMjSm92dI2uCYfipkIWZZUlq64AStI15pgeVd -cH61hxOUCm47tqhtkaO11DnKkoJBXaAVIe2ySG2sIZQH+gECQQDjhMdCWkaO+HUe -utqKJCq6pUkwSelgLEINDVoRVgJ+qUHb0nN06DmPfcfxwqfgP/vS6baKkGIBCiZJ -n9Kfd23BAkEAyZHXY5iGSq9qc2ern0CcyitNozvtm6eEZYVvJxVMsVBQRo23EmGF -68SJlHjpY+nHyPWEkbG99R/CMdr3FV9JrQJBAOG/hoKk1mvXxUYXeu4kkq0dgXBD -diex4lvXCq423ETXJny55UtzfGGPGUwdq7rLYc/VjAUS29tSOclFppQJyUECQQDA -J7P5UhHTaN5GHfJR4rqVUCq3Dg45cLyaO1X3ICr4bePZHogDkcylMbsmOw3jHZ5D -SSqT6al44Em0VVVunmQRAkBUAQzHGGJnMKI9ZSdD3J6scWCVIjHVgaehYe9a8DlK -DeZ4KYGG0+1aUdkqeYE8c6Qqp+pdjPmRMdooww6y+Xk1 ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKZfETA1Ol/twgas +9BQnwduuefC2ngqD54JqaZKmhZxd5IoOazKZTSK56qaMhJ5i8KPx0rDvQc6TztlJ +Q74Np+rNN7u6Te517YZ0iuIIdytgkTCylldOQtFebw31staY7T+roGQzi1KttXpK +/XDc2IvhRwyNj5NcnDU/yyHXXGyzAgMBAAECgYBeDVZRM3YZrvZGAdZF4qfkAgGr +hAFaHnFtN60RG5Ri7m15YmdVhnal0AaIOt3qEDLL67RZFBjWqJaCHbnvIhcva5Gw +OLEQPsvvTBvRq5O7hTwij2f0hTGu7gOHiiW3YCPxvma1qHNOXKRDh5Gi2eG0gKgo +fUC2pqvPomNaqZERqQJBANFQXr+KQ9Hcv1cp2+FNOXg8x0sC20+Svwaxs+T4gSr2 +AaiWIJgcdYpxkNPke+IGPZ8Bip6jgRpRK1gRLhx7qw0CQQDLercoA7FiwpRMzo1j +Yvh4188uhodvuSg6Yj/meQ2zQvsjAipZ0XJgEuZZnoifxkl2A6K+tFLwSq1hy18K +C4a/AkEAnwfCRSMG7i8bDV2XWvGyhWEgRiSwfh/PlYV0WbZZZUut7OnLb+bHg11P +nT5OxWbacLHaITe3AkjDdtDuyONJDQJAN4RW3rMLPe/q+H3Os9Q4CPiQzZfk8gWp +xSwzVRWoOEXJMYcQuQrdUvs1IDSSAE3gkzNwvumCS4+EeM89MgdtDwJAN7ucdA1c +m6MiJgTVxTeva7cgw6PCF4Ph9AGRAB+m/qkg8I8W7G0tXxHVUAXfKdfeirigsrnT +LKLsQFEQrhuA5A== +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/secp160r1TestCA.cert.pem b/lib/hx509/data/secp160r1TestCA.cert.pem new file mode 100644 index 000000000000..2d30fab2c608 --- /dev/null +++ b/lib/hx509/data/secp160r1TestCA.cert.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIBxjCCAYagAwIBAgIJAKjMYS/6EOLdMAkGByqGSM49BAEwNjELMAkGA1UEBhMC +U0UxEDAOBgNVBAoTB0hlaW1kYWwxFTATBgNVBAMTDENBIHNlY3AxNjByMTAeFw0w +OTAyMTQxNzUwMDRaFw0yMDAxMjgxNzUwMDRaMDYxCzAJBgNVBAYTAlNFMRAwDgYD +VQQKEwdIZWltZGFsMRUwEwYDVQQDEwxDQSBzZWNwMTYwcjEwPjAQBgcqhkjOPQIB +BgUrgQQACAMqAASMHokF13aCVrlhMSr9Vgofj7loM2a7ZrU3h8/j1n/cO24ceyN/ +DpsOo4GYMIGVMB0GA1UdDgQWBBS58EWwgNdBwkYVhUSNzwIehHhEDzBmBgNVHSME +XzBdgBS58EWwgNdBwkYVhUSNzwIehHhED6E6pDgwNjELMAkGA1UEBhMCU0UxEDAO +BgNVBAoTB0hlaW1kYWwxFTATBgNVBAMTDENBIHNlY3AxNjByMYIJAKjMYS/6EOLd +MAwGA1UdEwQFMAMBAf8wCQYHKoZIzj0EAQMvADAsAhRZPKbqMYDATJasRcXQfEh5 +8oHCywIUGZ0h6FqSvPgpkZ7hoU+ZEFJ/D88= +-----END CERTIFICATE----- diff --git a/lib/hx509/data/secp160r1TestCA.key.pem b/lib/hx509/data/secp160r1TestCA.key.pem new file mode 100644 index 000000000000..f0ce773cf8ac --- /dev/null +++ b/lib/hx509/data/secp160r1TestCA.key.pem @@ -0,0 +1,4 @@ +-----BEGIN EC PRIVATE KEY----- +MFACAQEEFHegiSlX0311KSBjNrbzq6HrKjkYoAcGBSuBBAAIoSwDKgAEjB6JBdd2 +gla5YTEq/VYKH4+5aDNmu2a1N4fP49Z/3DtuHHsjfw6bDg== +-----END EC PRIVATE KEY----- diff --git a/lib/hx509/data/secp160r1TestCA.pem b/lib/hx509/data/secp160r1TestCA.pem new file mode 100644 index 000000000000..a6f068d5476a --- /dev/null +++ b/lib/hx509/data/secp160r1TestCA.pem @@ -0,0 +1,18 @@ +issuer= /C=SE/O=Heimdal/CN=CA secp160r1 +subject= /C=SE/O=Heimdal/CN=CA secp160r1 +-----BEGIN CERTIFICATE----- +MIIBxjCCAYagAwIBAgIJAKjMYS/6EOLdMAkGByqGSM49BAEwNjELMAkGA1UEBhMC +U0UxEDAOBgNVBAoTB0hlaW1kYWwxFTATBgNVBAMTDENBIHNlY3AxNjByMTAeFw0w +OTAyMTQxNzUwMDRaFw0yMDAxMjgxNzUwMDRaMDYxCzAJBgNVBAYTAlNFMRAwDgYD +VQQKEwdIZWltZGFsMRUwEwYDVQQDEwxDQSBzZWNwMTYwcjEwPjAQBgcqhkjOPQIB +BgUrgQQACAMqAASMHokF13aCVrlhMSr9Vgofj7loM2a7ZrU3h8/j1n/cO24ceyN/ +DpsOo4GYMIGVMB0GA1UdDgQWBBS58EWwgNdBwkYVhUSNzwIehHhEDzBmBgNVHSME +XzBdgBS58EWwgNdBwkYVhUSNzwIehHhED6E6pDgwNjELMAkGA1UEBhMCU0UxEDAO +BgNVBAoTB0hlaW1kYWwxFTATBgNVBAMTDENBIHNlY3AxNjByMYIJAKjMYS/6EOLd +MAwGA1UdEwQFMAMBAf8wCQYHKoZIzj0EAQMvADAsAhRZPKbqMYDATJasRcXQfEh5 +8oHCywIUGZ0h6FqSvPgpkZ7hoU+ZEFJ/D88= +-----END CERTIFICATE----- +-----BEGIN EC PRIVATE KEY----- +MFACAQEEFHegiSlX0311KSBjNrbzq6HrKjkYoAcGBSuBBAAIoSwDKgAEjB6JBdd2 +gla5YTEq/VYKH4+5aDNmu2a1N4fP49Z/3DtuHHsjfw6bDg== +-----END EC PRIVATE KEY----- diff --git a/lib/hx509/data/secp160r2TestClient.cert.pem b/lib/hx509/data/secp160r2TestClient.cert.pem new file mode 100644 index 000000000000..716395bf8e1e --- /dev/null +++ b/lib/hx509/data/secp160r2TestClient.cert.pem @@ -0,0 +1,9 @@ +-----BEGIN CERTIFICATE----- +MIIBIDCB4AIJAN1XzNknE3lDMAkGByqGSM49BAEwNjELMAkGA1UEBhMCU0UxEDAO +BgNVBAoTB0hlaW1kYWwxFTATBgNVBAMTDENBIHNlY3AxNjByMTAeFw0wOTAyMTQx +NzUwMDRaFw0yMDAxMjgxNzUwMDRaMDAxCzAJBgNVBAYTAlNFMRAwDgYDVQQKEwdI +ZWltZGFsMQ8wDQYDVQQDEwZDbGllbnQwPjAQBgcqhkjOPQIBBgUrgQQAHgMqAASA +oVzj3A0W1FaSmc0NwTRdX4A8eCbDb6pf07vMpUcOqvdXVGwWN3HhMAkGByqGSM49 +BAEDMAAwLQIURJ9Jdesm0rqwpOAn8K23GdWlCkYCFQDmJtqiOLs4jjUUP6T7O17M +Iwyrvg== +-----END CERTIFICATE----- diff --git a/lib/hx509/data/secp160r2TestClient.key.pem b/lib/hx509/data/secp160r2TestClient.key.pem new file mode 100644 index 000000000000..e5a2fef7941b --- /dev/null +++ b/lib/hx509/data/secp160r2TestClient.key.pem @@ -0,0 +1,4 @@ +-----BEGIN EC PRIVATE KEY----- +MFACAQEEFNz0QJPbDlTBMSOfUoxNSzOOpRKyoAcGBSuBBAAeoSwDKgAEgKFc49wN +FtRWkpnNDcE0XV+APHgmw2+qX9O7zKVHDqr3V1RsFjdx4Q== +-----END EC PRIVATE KEY----- diff --git a/lib/hx509/data/secp160r2TestClient.pem b/lib/hx509/data/secp160r2TestClient.pem new file mode 100644 index 000000000000..ca4bb331d767 --- /dev/null +++ b/lib/hx509/data/secp160r2TestClient.pem @@ -0,0 +1,15 @@ +issuer= /C=SE/O=Heimdal/CN=CA secp160r1 +subject= /C=SE/O=Heimdal/CN=Client +-----BEGIN CERTIFICATE----- +MIIBIDCB4AIJAN1XzNknE3lDMAkGByqGSM49BAEwNjELMAkGA1UEBhMCU0UxEDAO +BgNVBAoTB0hlaW1kYWwxFTATBgNVBAMTDENBIHNlY3AxNjByMTAeFw0wOTAyMTQx +NzUwMDRaFw0yMDAxMjgxNzUwMDRaMDAxCzAJBgNVBAYTAlNFMRAwDgYDVQQKEwdI +ZWltZGFsMQ8wDQYDVQQDEwZDbGllbnQwPjAQBgcqhkjOPQIBBgUrgQQAHgMqAASA +oVzj3A0W1FaSmc0NwTRdX4A8eCbDb6pf07vMpUcOqvdXVGwWN3HhMAkGByqGSM49 +BAEDMAAwLQIURJ9Jdesm0rqwpOAn8K23GdWlCkYCFQDmJtqiOLs4jjUUP6T7O17M +Iwyrvg== +-----END CERTIFICATE----- +-----BEGIN EC PRIVATE KEY----- +MFACAQEEFNz0QJPbDlTBMSOfUoxNSzOOpRKyoAcGBSuBBAAeoSwDKgAEgKFc49wN +FtRWkpnNDcE0XV+APHgmw2+qX9O7zKVHDqr3V1RsFjdx4Q== +-----END EC PRIVATE KEY----- diff --git a/lib/hx509/data/secp160r2TestServer.cert.pem b/lib/hx509/data/secp160r2TestServer.cert.pem new file mode 100644 index 000000000000..6b56036583cb --- /dev/null +++ b/lib/hx509/data/secp160r2TestServer.cert.pem @@ -0,0 +1,9 @@ +-----BEGIN CERTIFICATE----- +MIIBIDCB4AIJAN1XzNknE3lCMAkGByqGSM49BAEwNjELMAkGA1UEBhMCU0UxEDAO +BgNVBAoTB0hlaW1kYWwxFTATBgNVBAMTDENBIHNlY3AxNjByMTAeFw0wOTAyMTQx +NzUwMDRaFw0yMDAxMjgxNzUwMDRaMDAxCzAJBgNVBAYTAlNFMRAwDgYDVQQKEwdI +ZWltZGFsMQ8wDQYDVQQDEwZTZXJ2ZXIwPjAQBgcqhkjOPQIBBgUrgQQAHgMqAARA +IUAwnwABnZAs378hcEgnk8efxE35RF6B+MmxSq1Twhp2C1ophD6yMAkGByqGSM49 +BAEDMAAwLQIVAO0hl59KWXRMBaJ2iKsiu/j73/bPAhRfsTT6SIBL5+3gjLhl7SqK +1kTMQw== +-----END CERTIFICATE----- diff --git a/lib/hx509/data/secp160r2TestServer.key.pem b/lib/hx509/data/secp160r2TestServer.key.pem new file mode 100644 index 000000000000..a903d0f76655 --- /dev/null +++ b/lib/hx509/data/secp160r2TestServer.key.pem @@ -0,0 +1,4 @@ +-----BEGIN EC PRIVATE KEY----- +MFACAQEEFBR1r2nPL1Ln1U5Nk1kW9XtNEkk1oAcGBSuBBAAeoSwDKgAEQCFAMJ8A +AZ2QLN+/IXBIJ5PHn8RN+URegfjJsUqtU8IadgtaKYQ+sg== +-----END EC PRIVATE KEY----- diff --git a/lib/hx509/data/secp160r2TestServer.pem b/lib/hx509/data/secp160r2TestServer.pem new file mode 100644 index 000000000000..329d871534c7 --- /dev/null +++ b/lib/hx509/data/secp160r2TestServer.pem @@ -0,0 +1,15 @@ +issuer= /C=SE/O=Heimdal/CN=CA secp160r1 +subject= /C=SE/O=Heimdal/CN=Server +-----BEGIN CERTIFICATE----- +MIIBIDCB4AIJAN1XzNknE3lCMAkGByqGSM49BAEwNjELMAkGA1UEBhMCU0UxEDAO +BgNVBAoTB0hlaW1kYWwxFTATBgNVBAMTDENBIHNlY3AxNjByMTAeFw0wOTAyMTQx +NzUwMDRaFw0yMDAxMjgxNzUwMDRaMDAxCzAJBgNVBAYTAlNFMRAwDgYDVQQKEwdI +ZWltZGFsMQ8wDQYDVQQDEwZTZXJ2ZXIwPjAQBgcqhkjOPQIBBgUrgQQAHgMqAARA +IUAwnwABnZAs378hcEgnk8efxE35RF6B+MmxSq1Twhp2C1ophD6yMAkGByqGSM49 +BAEDMAAwLQIVAO0hl59KWXRMBaJ2iKsiu/j73/bPAhRfsTT6SIBL5+3gjLhl7SqK +1kTMQw== +-----END CERTIFICATE----- +-----BEGIN EC PRIVATE KEY----- +MFACAQEEFBR1r2nPL1Ln1U5Nk1kW9XtNEkk1oAcGBSuBBAAeoSwDKgAEQCFAMJ8A +AZ2QLN+/IXBIJ5PHn8RN+URegfjJsUqtU8IadgtaKYQ+sg== +-----END EC PRIVATE KEY----- diff --git a/lib/hx509/data/sub-ca.crt b/lib/hx509/data/sub-ca.crt index 6cb485ab1883..c63f59d3df47 100644 --- a/lib/hx509/data/sub-ca.crt +++ b/lib/hx509/data/sub-ca.crt @@ -1,60 +1,60 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 9 (0x9) + Serial Number: 10 (0xa) Signature Algorithm: sha1WithRSAEncryption Issuer: CN=hx509 Test Root CA, C=SE Validity - Not Before: Nov 15 06:58:59 2007 GMT - Not After : Nov 12 06:58:59 2017 GMT + Not Before: Apr 26 20:29:41 2009 GMT + Not After : Apr 24 20:29:41 2019 GMT Subject: C=SE, CN=Sub CA Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:f3:ab:db:06:fa:f9:a1:84:35:a6:fb:a4:a9:39: - 5f:54:10:a2:a4:3f:1a:ae:2c:7e:bd:dd:aa:63:4a: - 7a:62:99:07:25:af:eb:62:b4:20:93:67:46:59:b4: - 30:85:81:24:41:9d:49:97:fb:a3:ce:74:61:f7:ff: - d5:9e:b1:9b:d3:5a:8b:59:51:76:99:69:2a:73:02: - e9:2d:39:3f:21:b8:2f:f1:af:91:1f:f1:c3:e3:4d: - c0:e4:87:95:df:e7:d2:e7:27:a6:cd:c4:cf:97:e6: - b8:24:31:d1:66:d3:af:f8:06:8b:9c:81:bf:66:54: - 53:08:0a:ee:15:71:b2:a5:a5 + Public-Key: (1024 bit) + Modulus: + 00:bd:3d:63:78:3e:31:85:d9:1d:b7:f8:04:02:58: + 53:12:de:1a:c6:95:9b:51:29:7b:c7:62:76:b9:a6: + 63:56:3d:47:c8:2f:bb:6b:9b:7d:d8:f1:a9:3c:0b: + 61:66:fd:d1:e7:d7:6d:74:a0:30:9c:a0:7d:80:41: + 04:1a:86:61:b4:12:79:9d:9d:b0:3b:fb:0a:4c:69: + 8f:06:33:07:85:0e:73:cd:01:fa:96:f9:6b:20:18: + d8:b1:06:03:21:b3:71:7a:ed:43:fd:29:d5:23:fa: + cc:cf:43:fc:83:4a:cb:8b:e6:98:db:b3:49:f1:ba: + 2a:97:72:b7:44:83:d6:e7:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: - 36:04:CF:AD:8B:30:E2:5D:C0:43:8C:09:0B:4D:50:7B:1F:39:41:17 + 9B:B5:FE:90:D3:72:49:B1:98:9A:67:76:A3:C9:22:15:F1:5A:AE:11 X509v3 Authority Key Identifier: - keyid:8C:E7:0D:B5:C5:DE:69:85:75:2C:08:A1:DE:53:15:30:9C:A1:E8:00 + keyid:6E:48:13:DC:BF:8B:95:4C:13:F3:1F:97:30:DD:27:96:59:9B:0E:68 DirName:/CN=hx509 Test Root CA/C=SE - serial:B7:94:5E:85:B2:19:80:58 + serial:99:32:DE:61:0E:40:19:8A X509v3 Basic Constraints: CA:TRUE X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment, Certificate Sign, CRL Sign Signature Algorithm: sha1WithRSAEncryption - 5b:f9:bb:2c:d2:d6:4d:bb:20:b1:05:fc:67:45:de:9c:5e:83: - 35:24:9a:f6:33:bc:3d:ca:27:dc:be:3c:cb:c6:d7:c5:b4:d3: - 9e:c4:c2:60:4d:dc:21:2c:f4:88:ec:dd:41:37:58:63:45:d6: - 9b:32:7d:f8:e0:d1:41:0f:f3:30:20:7d:15:af:49:15:2b:cb: - db:fe:90:6e:db:84:fa:92:a3:ac:83:25:5a:ab:49:7a:1e:2b: - dc:c9:74:7b:9f:2b:62:a9:6f:ef:b9:89:72:4b:ea:02:5a:27: - 93:b7:9d:fd:e2:a3:73:04:52:d0:98:5a:a3:23:f5:02:56:b6: - c6:8f + 25:cb:bf:77:d2:16:0f:a5:ac:4e:42:17:e1:81:03:36:1e:dc: + 33:1a:49:ba:1f:40:5b:5b:80:9c:20:b7:13:3b:f4:4f:79:c1: + b4:6e:14:d5:fd:84:59:58:d5:db:a6:6d:5b:6f:e6:d0:58:d6: + 8e:41:2c:ef:e9:c8:b7:ca:6f:cb:11:6e:13:45:f7:73:6e:91: + 71:22:14:18:b9:b4:ad:3b:c4:e9:6f:99:6d:59:59:52:6f:c8: + 65:67:f1:e4:d9:6f:0b:a3:3c:9f:ac:01:b7:1a:9b:97:74:92: + 7b:ea:05:a0:5d:09:77:fb:79:17:c2:35:2f:f9:09:fc:10:b3: + e0:3e -----BEGIN CERTIFICATE----- -MIICWDCCAcGgAwIBAgIBCTANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1OVoXDTE3 -MTExMjA2NTg1OVowHjELMAkGA1UEBhMCU0UxDzANBgNVBAMMBlN1YiBDQTCBnzAN -BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA86vbBvr5oYQ1pvukqTlfVBCipD8arix+ -vd2qY0p6YpkHJa/rYrQgk2dGWbQwhYEkQZ1Jl/ujznRh9//VnrGb01qLWVF2mWkq -cwLpLTk/Ibgv8a+RH/HD403A5IeV3+fS5yemzcTPl+a4JDHRZtOv+AaLnIG/ZlRT -CAruFXGypaUCAwEAAaOBmTCBljAdBgNVHQ4EFgQUNgTPrYsw4l3AQ4wJC01Qex85 -QRcwWgYDVR0jBFMwUYAUjOcNtcXeaYV1LAih3lMVMJyh6AChLqQsMCoxGzAZBgNV -BAMMEmh4NTA5IFRlc3QgUm9vdCBDQTELMAkGA1UEBhMCU0WCCQC3lF6FshmAWDAM -BgNVHRMEBTADAQH/MAsGA1UdDwQEAwIB5jANBgkqhkiG9w0BAQUFAAOBgQBb+bss -0tZNuyCxBfxnRd6cXoM1JJr2M7w9yifcvjzLxtfFtNOexMJgTdwhLPSI7N1BN1hj -RdabMn344NFBD/MwIH0Vr0kVK8vb/pBu24T6kqOsgyVaq0l6HivcyXR7nytiqW/v -uYlyS+oCWieTt5394qNzBFLQmFqjI/UCVrbGjw== +MIICWDCCAcGgAwIBAgIBCjANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw +OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA5MDQyNjIwMjk0MVoXDTE5 +MDQyNDIwMjk0MVowHjELMAkGA1UEBhMCU0UxDzANBgNVBAMMBlN1YiBDQTCBnzAN +BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvT1jeD4xhdkdt/gEAlhTEt4axpWbUSl7 +x2J2uaZjVj1HyC+7a5t92PGpPAthZv3R59dtdKAwnKB9gEEEGoZhtBJ5nZ2wO/sK +TGmPBjMHhQ5zzQH6lvlrIBjYsQYDIbNxeu1D/SnVI/rMz0P8g0rLi+aY27NJ8boq +l3K3RIPW518CAwEAAaOBmTCBljAdBgNVHQ4EFgQUm7X+kNNySbGYmmd2o8kiFfFa +rhEwWgYDVR0jBFMwUYAUbkgT3L+LlUwT8x+XMN0nllmbDmihLqQsMCoxGzAZBgNV +BAMMEmh4NTA5IFRlc3QgUm9vdCBDQTELMAkGA1UEBhMCU0WCCQCZMt5hDkAZijAM +BgNVHRMEBTADAQH/MAsGA1UdDwQEAwIB5jANBgkqhkiG9w0BAQUFAAOBgQAly793 +0hYPpaxOQhfhgQM2HtwzGkm6H0BbW4CcILcTO/RPecG0bhTV/YRZWNXbpm1bb+bQ +WNaOQSzv6ci3ym/LEW4TRfdzbpFxIhQYubStO8Tpb5ltWVlSb8hlZ/Hk2W8Lozyf +rAG3GpuXdJJ76gWgXQl3+3kXwjUv+Qn8ELPgPg== -----END CERTIFICATE----- diff --git a/lib/hx509/data/sub-ca.key b/lib/hx509/data/sub-ca.key index 070d21d00afd..19415e8669e6 100644 --- a/lib/hx509/data/sub-ca.key +++ b/lib/hx509/data/sub-ca.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDzq9sG+vmhhDWm+6SpOV9UEKKkPxquLH693apjSnpimQclr+ti -tCCTZ0ZZtDCFgSRBnUmX+6POdGH3/9WesZvTWotZUXaZaSpzAuktOT8huC/xr5Ef -8cPjTcDkh5Xf59LnJ6bNxM+X5rgkMdFm06/4Boucgb9mVFMICu4VcbKlpQIDAQAB -AoGBAIoiQmgSnrERYdjnjtDf1Uqyo4C4xUc3siGwJ4diET8TwRl8QNQTiOQHB7qS -i28jZopLwAyIerPvBhqwzUjJJqvu1z+5/MjwBJ/aonmJjJ9e3nqk/KE658xGg5E8 -V64DYRif0YboZEYJo5yzU9UEdEPI4zTyhFlR21TmOZkidnwBAkEA/IIRCcGs/FNR -q9tEW8ARK1DEeerXhoV9Xye9xYb5UNyH4f6J31NdkvYOMA4F0+0lKecaKmPtKsu7 -gQrFZYwt/QJBAPcKgUVOJox/s/o1PXRGjifl1haehcawWNLtN/UnFZcUKslyMkxh -qyCJJ0SuX7quQqy+++hFj/DwNdECaFRd0skCQBocdRiWL4Y0M3jbBrmaJexdwMN+ -tmTRvwItAOHBMFzdQSvsf2NZoo6E5Tiw6odcuYAYxsrlZGwNf0k7zOfQVB0CQQDy -GWdqZhY9JoFYuYhKRULXMtTGQgBUIUpLG5L1O6Ja9rafyLwmQqkUL5U+J61FI7XP -2TLCBDn2I1J6TGO2GmSRAkAIFsFpkrq4q+lbJ3Vr3UpfhRJsTVOD5SgZx1umn63l -jEz5/r4HCg/Q0/yiPiYaTHutfnsChg3/AfbmWcA6j4NU ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAL09Y3g+MYXZHbf4 +BAJYUxLeGsaVm1Epe8didrmmY1Y9R8gvu2ubfdjxqTwLYWb90efXbXSgMJygfYBB +BBqGYbQSeZ2dsDv7CkxpjwYzB4UOc80B+pb5ayAY2LEGAyGzcXrtQ/0p1SP6zM9D +/INKy4vmmNuzSfG6Kpdyt0SD1udfAgMBAAECgYEAi8GahGLqD/+YgxUXYOP59iUx +gRdb7UTFtSpypAjNtBLtwFoAACiFeIKAiWeeN4GcU6w1mbv0Krgb92wMq8oyvJIG +mD+jyzdYSj1C00nQ3WF9b77nasAGP6IzhP82H+c6HjIJOo04MrM0s7lW3ETJbqyq +CDpgqufEkXSKO4f1eAECQQD8RB3zRZw0+AMy+v8RBSvHGOyH8WPwheDKST9ycr/c +fizcSjjUVaJOH107/SH/GKn+wrDx4vSJXnQqnFLTRYufAkEAwAp0CeXerZhpxAHf +SnB/GFRE8xnR7U0sIuAkCupYtr0dQZj4bkeRWuM7dNujKM1EomU/S/ngHlns/KPJ +kH0MQQJABtkGgxsJoXp2A8VCdUDRrmbjzNDlqJrJvlP8r+ujf6XBK/2ryz/D1yEM +09sMODOAMdUxHm/NuYjh2GJD8U46+wJAN4OOEcJqgaI6iNfFtZ4Zj23k1KWVItUZ +OiezI5ik9oZqq6jNwAteQHjJmjlXzBayjYNZLdxY5k02jb3HKcaMQQJAdelGxbOu +NRR3NdcwRUdRBlqTCVAx1qXlDmYvvUNRsEAr17t9ij7bwfxTrFmIEdCoqTlY5K+Z +mg1qwSeTGe3x4Q== +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/sub-cert.crt b/lib/hx509/data/sub-cert.crt index fe23a373a1f0..236e4d094265 100644 --- a/lib/hx509/data/sub-cert.crt +++ b/lib/hx509/data/sub-cert.crt @@ -1,26 +1,26 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 10 (0xa) + Serial Number: 11 (0xb) Signature Algorithm: sha1WithRSAEncryption Issuer: C=SE, CN=Sub CA Validity - Not Before: Nov 15 06:58:59 2007 GMT - Not After : Nov 12 06:58:59 2017 GMT + Not Before: Apr 26 20:29:41 2009 GMT + Not After : Apr 24 20:29:41 2019 GMT Subject: C=SE, CN=Test sub cert Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:da:41:57:e1:62:23:1b:bf:ac:1c:a9:06:c8:98: - 77:38:dc:33:a3:03:c0:02:6d:d8:6d:68:95:b1:ea: - 60:c0:c2:96:23:34:91:fb:32:44:44:cd:72:40:5b: - a3:cf:57:94:3c:8d:a9:30:11:73:61:15:17:10:a6: - 17:7d:9d:27:f0:58:23:ee:a4:83:3c:b1:0f:20:0c: - a4:3d:01:ef:de:93:cb:b5:02:c1:1e:b4:54:35:6a: - 8f:55:7b:5d:76:0a:f9:6d:b1:31:25:4c:fb:e2:d6: - 6e:94:e9:8a:c4:cc:4e:28:6b:bd:4c:80:85:2c:87: - eb:31:88:6d:27:2a:d3:df:1f + Public-Key: (1024 bit) + Modulus: + 00:c2:e7:0c:98:23:cd:54:66:28:8c:e4:75:fc:4e: + cd:1c:1d:eb:1f:0c:c4:56:78:07:7d:73:3d:9e:0d: + 02:29:a3:c9:f6:46:fa:24:ce:1f:49:f8:1f:0d:ea: + d7:aa:91:ed:0a:8d:69:05:a9:36:94:70:52:e8:05: + 42:04:19:6d:55:44:85:c2:d4:3a:2c:a7:ad:aa:42: + 54:cb:78:a1:fa:bb:b9:40:41:80:28:c4:27:42:a6: + 6b:f2:33:84:a2:c0:3e:f6:fe:b1:70:54:8a:0c:44: + 8f:81:1b:27:d8:7c:59:3f:f0:de:ea:dc:08:3f:88: + f8:f2:bf:58:3f:a4:fa:f5:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -28,26 +28,26 @@ Certificate: X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment X509v3 Subject Key Identifier: - D3:5F:89:9B:31:E6:2A:E0:C6:64:27:9F:A4:E5:42:8C:70:99:96:25 + C1:80:37:61:B7:F7:BD:09:84:1C:5C:CF:65:6D:FE:15:0B:78:85:C0 Signature Algorithm: sha1WithRSAEncryption - 34:f9:9f:c5:6f:44:55:6a:15:8f:51:ab:c1:44:18:0e:eb:9a: - d0:c4:64:ce:ab:24:2b:77:82:f3:88:e3:9e:1f:9c:8d:28:a6: - be:3d:d5:3e:5e:95:01:c8:b9:d4:e2:b5:17:06:1d:10:0b:a5: - 64:29:d9:45:b0:fd:16:ec:5d:3c:3f:58:55:25:90:d0:e4:4f: - 3f:9f:9c:5f:d5:1e:0c:73:a5:1a:7c:71:10:b5:a3:d5:fb:0f: - d3:de:fc:9a:06:bc:0b:8c:72:eb:bc:fc:d1:47:87:68:44:25: - 25:ab:51:e9:af:d8:9e:1b:04:f2:1c:4f:4c:27:a0:87:11:4a: - 69:67 + 97:06:c7:34:4f:17:20:6f:fd:f1:0e:eb:33:f1:eb:fe:49:ee: + 5d:6c:59:f2:4d:97:c0:ad:5a:2c:85:c2:b5:21:04:b0:ee:d1: + 2c:2b:54:0e:9c:82:c9:45:81:9c:2a:3a:e2:fa:78:94:52:56: + 19:99:11:44:78:f4:7d:b0:fc:d2:d3:49:d8:2f:9d:ff:23:5c: + 83:96:a0:14:a8:49:a1:bd:4a:ef:d2:67:96:5e:b7:36:36:86: + cc:ea:17:c3:3e:b7:18:ae:0a:03:43:4a:af:ab:ef:b9:c8:ec: + d6:27:39:c7:33:b7:34:54:d6:b5:1b:8c:85:a1:c1:13:b5:cd: + 0f:b7 -----BEGIN CERTIFICATE----- -MIIB8jCCAVugAwIBAgIBCjANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJTRTEP -MA0GA1UEAwwGU3ViIENBMB4XDTA3MTExNTA2NTg1OVoXDTE3MTExMjA2NTg1OVow +MIIB8jCCAVugAwIBAgIBCzANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJTRTEP +MA0GA1UEAwwGU3ViIENBMB4XDTA5MDQyNjIwMjk0MVoXDTE5MDQyNDIwMjk0MVow JTELMAkGA1UEBhMCU0UxFjAUBgNVBAMMDVRlc3Qgc3ViIGNlcnQwgZ8wDQYJKoZI -hvcNAQEBBQADgY0AMIGJAoGBANpBV+FiIxu/rBypBsiYdzjcM6MDwAJt2G1olbHq -YMDCliM0kfsyRETNckBbo89XlDyNqTARc2EVFxCmF32dJ/BYI+6kgzyxDyAMpD0B -796Ty7UCwR60VDVqj1V7XXYK+W2xMSVM++LWbpTpisTMTihrvUyAhSyH6zGIbScq -098fAgMBAAGjOTA3MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTT -X4mbMeYq4MZkJ5+k5UKMcJmWJTANBgkqhkiG9w0BAQUFAAOBgQA0+Z/Fb0RVahWP -UavBRBgO65rQxGTOqyQrd4LziOOeH5yNKKa+PdU+XpUByLnU4rUXBh0QC6VkKdlF -sP0W7F08P1hVJZDQ5E8/n5xf1R4Mc6UafHEQtaPV+w/T3vyaBrwLjHLrvPzRR4do -RCUlq1Hpr9ieGwTyHE9MJ6CHEUppZw== +hvcNAQEBBQADgY0AMIGJAoGBAMLnDJgjzVRmKIzkdfxOzRwd6x8MxFZ4B31zPZ4N +AimjyfZG+iTOH0n4Hw3q16qR7QqNaQWpNpRwUugFQgQZbVVEhcLUOiynrapCVMt4 +ofq7uUBBgCjEJ0Kma/IzhKLAPvb+sXBUigxEj4EbJ9h8WT/w3urcCD+I+PK/WD+k ++vWbAgMBAAGjOTA3MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTB +gDdht/e9CYQcXM9lbf4VC3iFwDANBgkqhkiG9w0BAQUFAAOBgQCXBsc0Txcgb/3x +Dusz8ev+Se5dbFnyTZfArVoshcK1IQSw7tEsK1QOnILJRYGcKjri+niUUlYZmRFE +ePR9sPzS00nYL53/I1yDlqAUqEmhvUrv0meWXrc2NobM6hfDPrcYrgoDQ0qvq++5 +yOzWJznHM7c0VNa1G4yFocETtc0Ptw== -----END CERTIFICATE----- diff --git a/lib/hx509/data/sub-cert.key b/lib/hx509/data/sub-cert.key index b9faa56eb2e9..eb42cfcec4ba 100644 --- a/lib/hx509/data/sub-cert.key +++ b/lib/hx509/data/sub-cert.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDaQVfhYiMbv6wcqQbImHc43DOjA8ACbdhtaJWx6mDAwpYjNJH7 -MkREzXJAW6PPV5Q8jakwEXNhFRcQphd9nSfwWCPupIM8sQ8gDKQ9Ae/ek8u1AsEe -tFQ1ao9Ve112CvltsTElTPvi1m6U6YrEzE4oa71MgIUsh+sxiG0nKtPfHwIDAQAB -AoGBAMPvk4h4BNK9gTL9n2RoU+fM7+Jx1GeZ24llMbZWlmOWjRiv8joTx2wJEH+s -hWP32NF/z5qin/VQ7LL6mO4hLx8RbPysfZH2PGwGLBsL6yFKrpVLEb6Gze7bfaNC -Zxqz2zBaUup5IN5IoQbYmhYgo7h+uca2FKZMtWZlvxsNb22hAkEA/QCwdBhlf7w9 -BUWezxxm5o/laKhvP7RYem43eJNKj1tenB1MnbjM6R3Ckp0ykbKQIEL3mjTEUR+/ -31yfSjKRrwJBANzXRXmowoaKFrjkRFjfKrSk6cIa5/32U4Shy3/1LRoHv1qcsyEv -0Acn5aE8vdiYK4J/OqiS87KFYH6WISCEFZECQQDg4xH1wBHIfvwGiaHmGyrkWpfi -dYWdrKLRANNR3Cr0TpVEU07dC30o4YkoZY6jr4MpCh2o9qpiKcSVuHDmtRiFAkBE -AsvznqRhuK8su6fM0tWdElinHZAqpyyrYQSB4KjGJnKo3i9QXiArw/60/DbfOGXV -54bSGYeRh//inCuRjvvxAkBv9rarlopkpj29aAM4e4gs5W4ssl0uOjnSBiSH+Zn/ -j/oYrQgvpITFLCdF48D44GWtupw5zCLiJAREySaNma4Z ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMLnDJgjzVRmKIzk +dfxOzRwd6x8MxFZ4B31zPZ4NAimjyfZG+iTOH0n4Hw3q16qR7QqNaQWpNpRwUugF +QgQZbVVEhcLUOiynrapCVMt4ofq7uUBBgCjEJ0Kma/IzhKLAPvb+sXBUigxEj4Eb +J9h8WT/w3urcCD+I+PK/WD+k+vWbAgMBAAECgYBIFo1h+FwJy39UHWxGVh8nNymv +4lj8Yojira0suEMEg8A/hyEeW97WzR8vVp1OSYsTTBp8LYoyfRktGETCn2UAbxnZ +WGF3nx7TPYhX83N8QFT+NuIih051w9KkGcACD8PZqqeCIyt9YEOnNX276WToCzNy +121aeDYeimlUJopzAQJBAPBL53LfzOyB5EnQIbT9GTciFQEMJvMQPQqd8xo4S62m +3ydHIFDtGFP/1ZytGevGQWnkF0hxTc/PbUmoFxp+e8kCQQDPo7ddWjR3gxwEuy9M +5sj52OqTwUyS5V+mMUVua06gTaTIs66yh3yv1QpczQV1sr8o6EJ6v3qJKqIC3qRn +BBBDAkEA1JAAdDCfANPCEr1nI8gEJy4h8GREjBzgMmUYaChGYZ1Mp10WrB+ftqaH +2mmRlWwx7y7SncWEtIBjx5VGoqwiaQJBAIeeQeSaR0yL+N/qNrG+xyPRFx3ckhwb +7sZIxjWhpuAy9l8UZRU8QydBOZx1WIyQbCTW1pz/tZQjoV/IdY7Ha6sCQQCojspS +iBO6CALYSsdIL6ZX/bXqGmPyXbxszGkYlaJx2FmD2MjSVM2RxPmx5RLNL02EfFLX +DWUplanFI5eZTZ0N +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/sub-cert.p12 b/lib/hx509/data/sub-cert.p12 index 90def937974e2099f3f812f8de192977bb58e639..f9d48ed1de064a24ceeb356893b8c12235e0282a 100644 GIT binary patch delta 2807 zcmVofN+OxNb$hAJHt&#cpnP52u2>%ydHVF+RL%!Rgt`pnJb%Sj&w&co)ZSR^-C%>| z#@8!A1)#wmAT&mD-Z+kbY+v11IW4G?Br)*(zNOCCLT%Q}$k*}l7|8u9SC&`GM+(V_ z`eXv>)*_IE1sc$)`Q4bOBb|_0&uS~&QDvY`IE`7DE}^=;v_Ea@o|mxD5wF+f971g- z32JrU^0Vk-DSx%6p%G<$g|^@aAjvWAR5yd(JX|ca?!)LR5y5cHTlZ^hn5gZe=ec z?UN+KEPrW{C`VuEG<8;d-GK~=b^FZ(7Nll@OZJ%gIRqyg{^2Kt0A3?*Bsb11j&MXz&J zBTXaR*gbTLL`xFF=8DNK699pKKz(SVCTI$`Y^>XdBw1QG=HwpNAk%WEDx#3ccjF{t z?+*D%1SA5{hG<9GGX(Xl(}jUXi*dr(lYj1Rin$%3>}k+OwvUfxKrpN6`bhuyPttZ# zP8O$Y48Wr5^PiI39%seboL%z!RulgN6pm08ALXqp8Vg&iIc3VGx<18QjWI|E=S?;t z3@X+50FUq-k#+C~>IL)9)ePn8U83+!l8MEnwMeZkJT=jdLCB81>|*TqP4HDv{eLtI zOr9^Zr0@wynLgTR%7b?D1R6G!h?529VDtgAw;v2q1}rE3-ye^0REsjygbn*mRHOb- zhP_n0L#F^24nNfghs1Hi*%w7%8E}Uj=a7IX5>gqjW&pcYHF&j?$U$j4$}Ox43gPkF zDCqFs{`Nf9{@Bwx<;V_z9b;*VY=2HFYUAtUrXfetgN%Ttx4MiXcm4Eprt5$la=s+~ z;uXG7Odl_?cXx35nYLg@G<-1)btO!_`sYBxKMCM%AE~}i@Io-rX!MnvkK5s{wf|~M zeu||{7mHl{Jg>t5f>uteb{2}9AOAHGbqn;gAYzyNl*pT;-3fKvRc0A`s(TPX1%^Vw?&rRJ@t7%~SVt`C%Cm;n_hnXKmuua=eSlh3B&j>Sq=pOcc1Y zV63okVP~Q`AD|liKI7#fhYBPPZ4Vi^j zk$-n5ZEsWObY%32NX^#NEXHwkM7$=lo6XZD_F z43~{mVT3iY9@GRJ+W@*=!N z&_L=4qGC?ehA=@opS8@CN>co-fi^Cb$+*Z^gfU9Fa=U^?a9-?8C}7X*R3e8w+oLU7 z&pm>8coValB7kD9>VJ@O1mk~n=V>NmmjvYwk#AZW%=57H?g4KW$Af*|P+>0j;Q*uy zh@2UwoB%UiZJ$iOBYbIwR{;~tOluUh8~Jz^e~SoWByYh~^e@LFmTTg{{4<73^k%lI zL_b-DZ{;_TrRP@hf6Zd2D$4|O3_9wRRQ}VWoA7!Ntzv^ogntds{5UuRhn$x#kK=X? zb(8{FUW<`y23}_eDs+8{J4XKD7Yz__1(8*Pa8m#O-z0uMHHTQYTytESw3tv5VA{q<7EI_PG? zNIS73(cn)HAb*E*&;qx*zjd;?H+CzRU?~50ay0RTZqLeEnl5Uo7U}L-t!h)J9b&M0y3R=(15D9dhF~#zaXx=Fb$o=4)Pl6w zBcIBJFxr|l7CTwKV$-D4^b2U+-Okzo-m;GE&~a7%rHw62d$No5n@L`}FL8|ZAx<}e zM*0@YPd?-zb&rD_nxTv7+3$$ojX$M<6Y3=Oza+w(57Y}q(OEa-&+Y-pv=H1X)-m-j zy(j2pZ0LZQY20E0K1Y95K2@nPTUu(ktKy=+8MCFO!dHH@%IH#H@&E@>lK2^r9slsUXsL+W5$jwjD*q+ zNoJr*7Wy+9X)HXiH9A>uSbB;fP(Ay&?DHjCdtKk#F<>ww1_>&LNQU5lQG^x#w0|>c1PC#3YA Jxv>HQ2mrU2YD@qC delta 2807 zcmVG<7$I$}@YZ~y%VdFae+V|RLw%HULy`!zL$tW1)mtUo|SXDtEE z-|g8d>xtyRy3ZEx?39cT>~H--CmyO;lve5GgE#3zd%i$-PG(-!GZ)i59FB3t8Tsx@uy56G25_WT~8EkOGu^ z943XyUeqnWwWMSwgqr5-S)kU>j^O8Vnfsq1+pGzI!e_A|et2SA&aXR|L2I6* zMxk&3Xa2D}UA}dRadgPHhk01Y00aV)0guQNlz$p_v9eB~Y%3%6gvhGh<~QgT>1M8J zIc`ckGdghF1IR3%MB@rY>Zx0@DsAvHI!F7F)pA&`K8!d!1x$#pOD1p|o_!`>N2;Ae z)RKQxKONst{MXevoT+IM`$gXY;f|&+?ofmDOZ!9>nr)wpr4|g;(RuoKM;IayICxr@ z#ecn_DW86=D=I|=l4R{8HcW&Wm529+YAxK!?~T14K{go!kNqAj=aQ(Y5H2o5=znkD zA0z8Ef)ifUXz*`kxMN{lJl>#S2*ow*uK=qm2|>cce^vn*beWs6s)7tCq@6W6#vJa& zfWGwz5~}|OmI7tF2xqeJavrU(7_Ew13xA3Betk>QDA^($)o-&ngKbGnayDxtFJx!i z^MJsYwG#OO!yU!ZVkp`>cE>?0asH=Nxf1mr`~inr)lAkoQjQaJ2l0REV;ATvSGQp^ zpQI`;XEchN-dLJxCy^-_~t?#grDttd!-#5jBT7QX) zg)3D*1ql*Z+8YQ5jKoMpm~CaRI3(=sW^{>4H~{6lc-MZ0&I zWqu!;qOFxGPf^wS+jm0igH>d;9)A&pV0HxxuVP*Qe2xtB_Cz_5UbWO<+>J!r7cEl0 z>NqJ}wW+WGA^_s6{B^Q@Z_~O2es@Y?A-52sFr837@^(9PI;F7fsmS$j1VGzwEt8DH1)PAat$W7oIc(9H8xKMijhyL*gSzba{YRFy3@>zd`wvBO8I%-B2 z*@oYyH~FHhQZzu(%9c%T1AkXD)?X>1xfFyDmh)}=JlQATLj z0L1Z?^)qJ_vN+yZgjvnkc8t=_p6?yCqa}aA(9YZwM;9Wx7T6Kto_KH`MyFBcd&UOT zV?&7$!Ew^A7{CyUyfLc-vpOUdAEjOk*P=A=vMxLIPlfOx2 z#TbrcD;vt)V+rvBzXRs=x6u_5k&~Eux6j;3v?WkR1DGsd=ARyG=^OEHF|Brt(O@v# zsXSiG0K&!Kt3C{pHz06;HPkKvfXJ}kz8Dx-ZLzy|@I8&_GKk4&puq;E;%4+cP;Tdg zR9>_-Eq8G)0WbtVKYziDQRipF6>`)EH^`*N-J8UO>{N4;0K$(Ds{popu}v;N_F;BU zZ-5zA-p#b;t9O9?05!Q%)1;v7sC9+cLIT`d3$?#PvzB+Sd)Q72?>V;DvOG{9*3r+m ziqh^#L3H?dwHw?K-?J=(LlbJrK;_06QW$c^P$I}fE5=LL;C}&nE;nq46k5}%!@X4# zz;AB6ir~(je6Fw->>_qXs$w zyvY8yhbAL7pCa1)+$oJ^a&8hAp19Jo9n15Fa1%mhenCJqF+G?z!mFGqJt$9I3=lJ+ z7>v^l7HNR)|9|tklON_w?%(`fA$$5zq(ST~{lwZ+wpR7rSJLs2E&jcF$>Y|bJ6<}G zFPPARltaSW>hHv=_8h9XhoS`|b6AtdJc_rLR2-dlCmwxb~+=lE(rYMU8N*3AQ_WY2u6RJSW?si zVB^vP0tf&Ef&zfV^wniMG>HAxo#*ZFl~aTQOPcVmLlk%_w|Gj)?5INM`^7m(Is^H9 z2aB?s`UYkDnp%*)2J@Y-!9z>;mD1X=K<`~qny<3#m>)6<4jhsGIGQnBV(VTIpFf~q zUB6V}v{FtjBM<_r#XHKG<4}LWtB4PMWVCq9z9zT)N+L0tB0!dW4y!&ei;Pm3jM^4$ z)b*f)2*aR8&vzWru*YDR9Enjx-xVf5i{pHBmNT~N?IbByEQy#?@~zc?=`F}sLzY#k zPt5(UVwXf?wvxzUqU^@xtlxS>oVe-P4-r1Lhj=`{Wu*!JjKp_6%0hoz8wdmZOT6sM z_U7x*r|CLKCqQpEvSpU`ip!1FqcVdJx^vWf1{B%%pu392V8b>xWf^#lzpK0*I7!Ia zXi92j(ro=SJ0}W^;-4zo*D3reQ&Iq$>OlwgbVFfdcdV;^BZXE0v*4ple-}o_poW4? z(2%>a)Z`DDe~SRvbF_bG^HJpuG68G-z66(!%ObZ2%L(4V8=)Q^SYC{w<^CZmCC#zT z|8c0ZkwS7eEa_uBOM*9ukpI+nFfFi% zAu8Y@N)blAa*8Xwex+>uGnF;}wigeAh1*?20CxsK2ffStSigU7iPrBUX&}Uq zKSP(Zc05;5imlEFj5`=RNOebW65nu7)mu<$3C(prtDa0W&YTVwu|!~_^}$EKzR(e* z>&hCKH*d_r`zoji+B+7}Xt5(VuqdKAxHY=rf_lr32owI*9H<5)_+Y%)-$#QqZL@`1 zx}pX|*3Txej6pnnmTC={@&(1&ciI7aA7wO8O--bmF<>ww1_>&LNQUIQl`2ep6M>w$2%&MQVUEXZ5;a9_k09Ufp$TfMy{#v3o?1H1PDIc;}t=1 J_wWJ&2mp%`ZO;Gz diff --git a/lib/hx509/data/test-ds-only.crt b/lib/hx509/data/test-ds-only.crt index 78559c662e31..7c5b452a6390 100644 --- a/lib/hx509/data/test-ds-only.crt +++ b/lib/hx509/data/test-ds-only.crt @@ -5,22 +5,22 @@ Certificate: Signature Algorithm: sha1WithRSAEncryption Issuer: CN=hx509 Test Root CA, C=SE Validity - Not Before: Nov 15 06:58:57 2007 GMT - Not After : Nov 12 06:58:57 2017 GMT + Not Before: Apr 26 20:29:40 2009 GMT + Not After : Apr 24 20:29:40 2019 GMT Subject: C=SE, CN=Test cert DigitalSignature Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:c7:40:d0:87:47:81:b2:4e:4b:36:7c:c9:8d:9d: - eb:dc:65:13:20:dc:72:0f:bf:5e:44:36:aa:18:fc: - 09:54:8c:1a:4e:15:5a:c5:c3:0c:95:f7:55:1c:b0: - 93:d2:80:92:eb:7e:67:b4:2e:9c:0c:fd:65:6a:9c: - d6:35:d2:c2:62:3f:a2:6c:90:9e:a6:5a:59:33:e1: - 3a:13:9a:9d:9a:7e:2b:a2:44:96:41:87:b3:e2:b8: - 62:1b:88:46:08:39:c5:7a:90:83:42:22:c9:73:9f: - 41:51:1d:40:34:0f:94:0e:2a:ee:27:76:6d:6d:44: - d2:e7:90:ad:9c:da:f8:7f:87 + Public-Key: (1024 bit) + Modulus: + 00:eb:6c:c9:0d:97:91:ab:88:5c:44:a7:40:ed:25: + b1:d9:0d:cd:22:1e:07:80:15:49:05:b0:7d:f2:bc: + 6c:12:7a:4a:74:a8:26:4c:98:0f:29:d0:b2:68:21: + c3:bb:6a:cd:4a:27:71:5b:8b:51:12:ed:47:cc:21: + 94:ee:05:11:55:61:2c:88:22:33:c2:4e:12:ca:ed: + 63:00:10:4c:4f:7c:62:97:a0:9f:95:2a:99:d7:8e: + a7:8a:d7:53:b2:b2:7d:a8:b7:5f:dd:4c:79:30:e7: + 48:0e:0d:9d:6d:85:04:56:63:d4:27:53:09:a9:bc: + b3:c1:67:1e:65:bb:4e:10:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -28,26 +28,26 @@ Certificate: X509v3 Key Usage: Digital Signature, Non Repudiation X509v3 Subject Key Identifier: - B9:41:3E:C9:AB:F2:37:75:F1:F8:C7:86:BB:54:78:76:15:16:D9:BB + 30:2F:86:11:EA:5A:CD:C6:B4:61:FC:11:59:74:34:7C:16:93:25:52 Signature Algorithm: sha1WithRSAEncryption - 72:fc:ea:ad:ec:08:be:45:34:5e:d0:1b:d0:0d:fc:2f:70:89: - 8e:58:fb:15:ce:7b:78:8f:db:e9:97:cc:89:10:e6:10:f5:22: - f9:e9:c6:0d:4e:f9:35:c6:e2:5f:ab:28:47:e3:d6:94:d0:80: - db:44:4a:a9:8b:86:8b:c6:09:7b:d5:eb:07:ef:92:5a:ac:9a: - a7:04:c5:e2:c5:3f:01:d0:c1:92:c1:14:90:50:bd:0f:38:09: - 0e:c5:9f:96:bd:42:8b:87:ac:b1:62:ca:bc:79:1d:fc:23:06: - 55:b3:55:f2:b8:49:67:8e:d7:63:1f:52:aa:b9:19:e0:1f:18: - 11:ac + 15:f4:85:10:1a:98:d7:ec:74:4c:2b:55:1f:db:c9:2f:e0:ad: + 2d:76:83:17:e1:13:d7:17:8d:27:a7:e3:21:1f:63:f2:30:94: + ae:9f:1f:b9:4f:6a:6b:ce:50:7d:1a:a7:4e:be:f1:98:33:16: + a0:53:a3:06:61:4f:6e:11:8b:55:3f:cd:91:4f:0a:0b:2d:f1: + 5a:68:13:e2:f9:25:88:00:74:79:e8:f4:a9:c4:5c:9e:df:c0: + 17:e2:e5:75:54:3d:64:65:52:b4:a5:9c:51:ff:c3:ec:8f:88: + 06:18:f6:a5:42:b9:d9:75:7b:d1:4c:d1:fa:ab:89:b3:24:5a: + 14:aa -----BEGIN CERTIFICATE----- MIICCzCCAXSgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1N1oXDTE3 -MTExMjA2NTg1N1owMjELMAkGA1UEBhMCU0UxIzAhBgNVBAMMGlRlc3QgY2VydCBE -aWdpdGFsU2lnbmF0dXJlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHQNCH -R4GyTks2fMmNnevcZRMg3HIPv15ENqoY/AlUjBpOFVrFwwyV91UcsJPSgJLrfme0 -LpwM/WVqnNY10sJiP6JskJ6mWlkz4ToTmp2afiuiRJZBh7PiuGIbiEYIOcV6kINC -Islzn0FRHUA0D5QOKu4ndm1tRNLnkK2c2vh/hwIDAQABozkwNzAJBgNVHRMEAjAA -MAsGA1UdDwQEAwIGwDAdBgNVHQ4EFgQUuUE+yavyN3Xx+MeGu1R4dhUW2bswDQYJ -KoZIhvcNAQEFBQADgYEAcvzqrewIvkU0XtAb0A38L3CJjlj7Fc57eI/b6ZfMiRDm -EPUi+enGDU75NcbiX6soR+PWlNCA20RKqYuGi8YJe9XrB++SWqyapwTF4sU/AdDB -ksEUkFC9DzgJDsWflr1Ci4essWLKvHkd/CMGVbNV8rhJZ47XYx9SqrkZ4B8YEaw= +OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA5MDQyNjIwMjk0MFoXDTE5 +MDQyNDIwMjk0MFowMjELMAkGA1UEBhMCU0UxIzAhBgNVBAMMGlRlc3QgY2VydCBE +aWdpdGFsU2lnbmF0dXJlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrbMkN +l5GriFxEp0DtJbHZDc0iHgeAFUkFsH3yvGwSekp0qCZMmA8p0LJoIcO7as1KJ3Fb +i1ES7UfMIZTuBRFVYSyIIjPCThLK7WMAEExPfGKXoJ+VKpnXjqeK11Oysn2ot1/d +THkw50gODZ1thQRWY9QnUwmpvLPBZx5lu04QpQIDAQABozkwNzAJBgNVHRMEAjAA +MAsGA1UdDwQEAwIGwDAdBgNVHQ4EFgQUMC+GEepazca0YfwRWXQ0fBaTJVIwDQYJ +KoZIhvcNAQEFBQADgYEAFfSFEBqY1+x0TCtVH9vJL+CtLXaDF+ET1xeNJ6fjIR9j +8jCUrp8fuU9qa85QfRqnTr7xmDMWoFOjBmFPbhGLVT/NkU8KCy3xWmgT4vkliAB0 +eej0qcRcnt/AF+LldVQ9ZGVStKWcUf/D7I+IBhj2pUK52XV70UzR+quJsyRaFKo= -----END CERTIFICATE----- diff --git a/lib/hx509/data/test-ds-only.key b/lib/hx509/data/test-ds-only.key index 1233c34b1b26..24493f8d4daa 100644 --- a/lib/hx509/data/test-ds-only.key +++ b/lib/hx509/data/test-ds-only.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDHQNCHR4GyTks2fMmNnevcZRMg3HIPv15ENqoY/AlUjBpOFVrF -wwyV91UcsJPSgJLrfme0LpwM/WVqnNY10sJiP6JskJ6mWlkz4ToTmp2afiuiRJZB -h7PiuGIbiEYIOcV6kINCIslzn0FRHUA0D5QOKu4ndm1tRNLnkK2c2vh/hwIDAQAB -AoGAPa3Ln0S8WjSwRaKlRahP/b5wCGkVCdjkVltRlkBWpwxjjC5CFhvFxpp0h1gF -ulDAqhNMCNOwzLiX70Ozb5/ZOcK6eIYolFDf8ldc5fSJMTIZF2V6CzICNNKFGWpI -z5QFhfQDqru6ZaWtPuK4sJIcmBx1nMTu4z9rNjvnGqJV/ckCQQDm8HfOI6f5Dlgg -QI9My7uDshfF2j6lo8wX32Vsgfb2PO+a6BGCCQhSjlKSZoiOH+KNz1/fp0/sbeGY -ZbdJSMg9AkEA3OAZrLlgKId6Gs5EjDfvq2njJf4dAOk5aH8HB1u18VuRvdkWxEwo -A7zrFZz+l1U52OMNKazPuPLju7foen9fEwJAR1URfG/RC4HdwKCQYsUvN1+ELk3a -OemdOeZ7+ocuVCLAU9XIyqSlmHJzmNro5RV+MhVS5M9WRY4vN5Z7hbxgdQJBAJG3 -NrkAwzN5zVCJ7Cclb/SCMt0JvFCxjLInu5dbJblJU+kPozl1lKCCrgTgQgXMsBEq -GbD41UGK3DsnpTPLfAkCQQCeZlgPiddfNhyg3SQOgj1M/3NBEfJFnX3FqlF32Pvz -0U29o0iMSP4q2j+cyUxAmlp9I7clhq7bBRTfCHKIHETg ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAOtsyQ2XkauIXESn +QO0lsdkNzSIeB4AVSQWwffK8bBJ6SnSoJkyYDynQsmghw7tqzUoncVuLURLtR8wh +lO4FEVVhLIgiM8JOEsrtYwAQTE98Ypegn5UqmdeOp4rXU7Kyfai3X91MeTDnSA4N +nW2FBFZj1CdTCam8s8FnHmW7ThClAgMBAAECgYEApDDTq8oYy0Qn7a2kR4Cxn8rT +VUcSPg8aRYCI5qDo0p49jUy0oVivwp8NvjhGNVDQajZGBe2NFqEsIL8PCk24frfF +LNUAi0FllQjq4iUKTKJyahqQvUenhVaAUdYJdDfS6wZM4xYc3TxHpKdbp+DVii+F +HA9dcpGCwumbRv7ZmoECQQD+iQOM/iJAXOJa0QEwqsuAlQbC82S3yoedpX7AAup3 +lme8BreDMPyv5cCVs8UW9z+z9N+4wEB9cmA98vhCxq9FAkEA7MeeLY04wyFH4VBO +1/GqiTVdOF5mOd3dCfv6xWgO2xUe0h1twIuAmbsST9Bvj7AQM2nAv1EoU88OrhVX +BY/B4QJAZnqflVqUS7mZ4NqZUhDR0jkt+buo516Bb3U8LO5/nBpQNaG2rPlCI0er +XBp+1ZpCaZ/Dm0y8KkWsfgSe87OuyQJBANefXRN8VGGWECBGAtax86vplc+8X3l4 +6k6qUg6tGUI3NI8BT64VG/JjImTemomOOuKm/mj7Hi9cErFDK7Eb3eECQQCxNUEt +Lxdipay7Iz1yAr953GoQAXdgJ4l6dmOyle1wE21Mvsc4okGr6cNAp2K3d/LnOAId +a09Ph64VsUwGaIEh +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/test-enveloped-aes-128 b/lib/hx509/data/test-enveloped-aes-128 index c706839a3fb3484b1728ffae8b2a04d186d33158..070174513a79b4d487e4e18fbfc36c32f2abb187 100644 GIT binary patch delta 3062 zcmVx>`T%pLC&6tZY57F_2rTG3DpzcA z#t2z@v#AsFxNz=pxXTLT(pb)AU(F#YnH@mjg;KkOI>15GOTFGBu_wD1a7CePh*X7h zN|YPse>uxpPp*#VRKXlToR)zWnso6iI9EnDQx(qP*RN1=dI4#X<{p2dD32g9#tG_P zAiy-p(xRw6`0y^Eu$%^z{iX(i6G1T^xrEaGa+Q0|J)U;XbxdFeZX!h*Ix}=BzFfMF!^Zn}2v30P=v1^%leDAE zMoA@Ea6yAPZSDNN*m&jTPZ>CkkSk#0_jFEh%4ovm_G50+gI<1g6`}EZlC|owlCZ zoEFCY5Yh0bDD;q{pQ+}LhtzH!uVnVg0O z1-aeTMu51gD;CoMJ|E{&lri$`V{v9{V?0fNhU;Qhi_{rw6e(k!lF(iNV?mmZblYs= zB!&@vLns;Wg~R7spqj-y!qRb@ZzwMaITr4AV%^O2q1RwlZH%yH3=xd#P zK`^Ieysv-3t}3Zll`m6@)W+H}N2H36SuXIQ={B{_aic``bIUR#y3g*Ri;Mw}3+ZX( zK3$(bQ`f}1SSl9m8Njonc!o!ap54@ z0hVdpt$2kUM23RW(UUSzfgF74>b$bTF3IRele2sFtiZLx}vy&x?&nsLeXo6vO0q-13<2{K9`W7l-c zAi;li+cuB{)EAjTf^eFrc8vfN_=r|wIb58Adz9&kTuieF_z=z@#R2Qw@)!z(+eU z0>0Uf+&CDsH3irCDL%}b0lxrEvdC9CWUSgtDtq=bWLh2m*5GB$)A1#wXgfGcT5jUjPze?*%?%K#-3NMWFej|cm-By|$b=pK9d@yjFikPI{8o;{k&3BQa(}*6Dv3uI z$*Ack*X;^%NAnV}&J2cZo7+GjZ*F{&UI7f%f*Kf zZ%qK$MbwTMijQ$`yxL=9nW9aLkL)qkfZ7L>;p5Zxw}~x2I@=e5u)i;_Ms$C-#|U>I zjfgvabwRqU>sU{1@g(mGp4%eNmxu^W_<^C!Psb?$Tu9^yV-GXPZjej92*qxlDY+7e zqq$@j<=ocy;CMox^#!ff4e7V6IGT1Jck{(V5o_gz^Fk3;lJ!_BH33hjM3cH~@#Z4L z5hzvlS4l9r+mrZQHEG?ZFBN}ZMeNJOuC(5;QQR0WL;_497RxFx%tk&W|E}$F5nVOq zp*XsWgmtw%x}sRiE_d#bDX&gef>nPn)sH&M(pZ1Bx|G^aP(sn&*Zp}A{?)C#gUZa1 zQ|VZ&Xp69Q=7&MvB8k-*KX&w=w+^%x^PVtw|I zJGr^4vvN+TW))<47@lLoAG9|N7U|-)|4=D7Kh_b}Wurw!2ldSNB~gz9_;s<9x}eJ@dW3@)C0ZqwXJh>%CHmL5G~y-?ykOWinQ5d2(_1Q8q2I#GC+o zvtry8muSH$7nL4T?j!U(*eZjDK3|*`p(ObU#k__81zSSKJn?_^M#Xf%CZ|ruW5k@( z*|_}>9=&{SM#JG=OSf-FI;Sc)vqDqPj9cE(d|ma13t8wuc+=*K>M&vio{^6l@ts5^ zQ72?Pf*Ql!W=5%i-6AF%gF}Ko<&86at?^L&x-I6f7|h8;k-Wd`F`oI?3>-Y6YBB%V z#H&okT$DT8vNeB+c=HkBk}}u*+B7_fS3XiUh6QHX{$Fwb0F7w`JJp|QJkdkeDmUb$ z$QY+&?4zZU6RpFdt6d3;vSfV+A+9M*MwEh9@EPVV1&(ZY_-$(LO1A6(NzO$ri2#Vv zE*3p!2u@bch+cuRlKdFS^1EFCpepmsoo*q)+~?t;JUD-PQt`rZ|NG`QgG2BzI9Ax{ zEU?A|Rt@|ChiA+nXxv#63IixUAIveH|7oBErg)tTc!&1*Fa4S>Y*ufN#4IFGl)>FM zMj70VZ=Cqp!7GQ0Ipu07Sfud(_!V|>_vTQZfX{vt)k87?BXwvjT)C}z1gnre4tHTYT@aGh9{*AKf z+m3ngat}O`#q;ff)u!pQ<}RlX^9Ma~F8zi)%bR!7udXnQDjkD-|gark3i&;(d}46o@Ct3&sScT;AdD57$)cO&x@a zR;P@5Fd$vDAN0cnEmZ5JBBIl?0=ZF;YUfxB_CqTFDC<*Szzk{1OEk5z2VpR>q~>Z? zoj|jDL+xjEz?rbW5g=R7UQ@}kczWO8Cbd3}=eW0ZJ$my6sFkrI=2SV5|LmztlVeUu zJEFgHIICfk!Z3-*iUFL^$g0IlfIksBb}L E6i|u#EdT%j delta 3062 zcmV8Pzo;Xd9vjz&$9WF#lTkCr%ZrMunw3yv*^&wkIGS++4e7??r#-gq$QM(7 zy(&+=BEW_JR-lPIX+m*$tO=0-c2>hiM#^Q6RWkwv^@%Dh=~iThS={JXp!ex>FG%df z=SIQhAY)|&`FiI8i>`nDL#T1X+;`aW7fKW&NrrZd@z{yJr#{6VZDH}jtxrd$A~|8b zaLp?>hy7nCS8yik#LiomiZI8pn)!}vi74FL@i--mS2CWgM81!nR5h6Opt1L zk>Vu{i6ZOgIf+52vv}9s$w(Q}@BNDE7U)m=-tTumG8*lIsFH$>%ZNhx=`f?jayGQBB|{K}7!l{mixB7fvL?@w`>(GXG^lfzBCu>(ng-!`7svJ$o^CM-clP-dQL|y1D3q_+7uq%K)o+~29XSy$F!jfE(u{9S z&_q7_vrP%zn>QsP5Z^bwNa5daTVXrTxfr)2|_&r=Lkv;2~jkoEhv4%6;fMS+CC zBWi=C6X(?H{*%VF5GPYyEvl*9Mh%E9g~`fO$|8SF03!S@mgE;>wFf zx-0e4*ZmfOy^Yrr+T{4*$jr)Ml(8WUq8a`XH_$VT9A;0of9GkG`O~|vn+rEz#lU#;;(-!zeWE| zqMLu#YSKZM-!@TG6ew(YVT$#)JA>y5Efh4=5c|uw()S4_!bPqfcHGeDY(6p7K4Xn| z$*Ep<>?9aTlK%2b=F^qg2>t;a_Lf-o%|7wP7WWH#u&X}?`>~G#o|v5OS0O)y z#));ZD);@WnAs6+I}Dt`_LZ?Fn}ABGncjahmgW2AuZ{jqYLn%#iKvB!YWM-{ghqb& zyPNI3+OyufAOgMomO@LMLeCi4LOa`lVoyqKFIK}j^80$-Oc^K{sq`lDX_#RrQjT!c z%9Q`VI@%c_=fc+^pewP<*%W8 zGs^kMg!i2p_mOW~sqDWq_$d)}_U)~jwNWDH ztqu=XCdi#a8`^9ABPZsuBJSFpCbyLx{ir{Mga;T4P3hEGaFK)I!Ev!~9hYW<&P3r# zY)AOEk5g~x>(WrR(Q^-gsG`>5e9FUijl)u7bV|f?Jk6YNCSV>HWa7N z4H6#5+r(@BqxfTBWUKq{BqtJDa39r%(bhXhA%3)(amI(~R1&0Q)1JL+6lXD7$SZTP zk(WW682Ki?Lotb{SW)Z0R{OcHe7>TCt8jb>cRm<`+?$nslTifa8!z^RsnbVCk6Ui# zt}BYoW@lO0D{_UOae^}lx^TNFP~CR;0(hWUn+~x2;qR=;u718@u9Wj9d;p*3v}G0nvv0?x_ZYsc zaR3UuwD3lu1)XAoV)Tc(t%uSb(86mjzCdOD3r(Vt+6hLFF&2*A+FDQ8yI#XXqRb=o zM=SPds;I+VgsI_du(y8$_IQSZBnm=?uPFZB&lB)4Fkc7^LntNLMU%|EJ-iKJJSsC` zO^rITHqQjfA4VBSHsjl*vLbcx5{1v{)oAkKuuOWfH2m6@8I_Xqr`0HaQkamUnD?YL z4DWHi@Tv-7=tjgF9?TPp9o3cREq-ZcyosA;;CL7*N@gHm@6~@iK(QxxhbvI^SFTBE z;9OI5u7cm^u_usmk>&&vVwth1GpZRetW!HHb)8T+6>PdFMowpf$^s-pO5=9+A&qJ# zW@UB#OQ7P1mWdmEO>pt$n+A(wAI{CLJs{>0{7V9CH=MejuS3n#6fa5KrhW0)Di_LE zY_Kk1v#)OTmd1aaO1&=?+^|x65Qjs)*XTT$5wIJzn|U%;Um2w(yWD_2EDx zzWF_D*Od^`{FxJ_Bqlg!$oCnc?ai+V!~i&&j7qIxc%$*B4gX&TQ6G?n9*8I^aZHG> zzm)KrpBX!O}R#mjFC(cq3Bz;*2k)|>X6M!HdS5?AWqWsoNigO7@ zLg&HCUDJPEa*|t^SX~EP`O-y~;-f+`-&rbYJYUjrFQTa90&pqdi5J~wsQ1y*8a}g6 zqBDFCQiwt!Ev#72Gw7JkW~fWi=J-j(XV9tOzh+Afg#TzTF>mQd3|N_pTTVuA`&Ux?23_ z!xDxgJPM#V8^>Q}buuYaMi@RH(0WO{8I~J66EGCDDz_rJ1zzT?>Bo^!H4A6>_I$HH znoED&SY+F?B3q#wF?2vSs&Ckp#W-ZL^3V0C<@#dO&!lnGq!T8T8~TNvQ@dvQB%!#R zvhAmk9T>GO4vc3VHuk;>g_|^XSB%-k@+AY9!;62znSt=WP-s%fYXn= z71S&ey0%ldDDLITj~9?%(%TF7uYZT)$gzLe2#DK|e~_u}#Djg%C*i*+Wm%b?*hK71 ztu_Z;7}yTor7%H(V)c^nh diff --git a/lib/hx509/data/test-enveloped-aes-256 b/lib/hx509/data/test-enveloped-aes-256 index 1d5ef41ec4282dab353a869be81858020978695d..0c91acf5a7d57b59227dd5328f2be161506f7066 100644 GIT binary patch delta 3062 zcmVmm-Dqxd;^}d;c1D%Yp%u2^ z(Qo}JF6>q1Aq67SEVNTl&(81%bE^# zt5$Vq;OXJ+#;1d8=|0l~tk|vI6G8bDV(a>9HBv6B@N2nW009D#<{p2Wb;Qh_V%!#^ ze%+1HbTiU`f(t-gcp>;9jtD>62LsLuD3VueCo-{XL19Po_74?*1@zzn$46e%>Fn%u zy*J!~#sUvZ6;5839L&H$;RP>Mt25GCq0qhUV*TYdR)#f{pjp+0JKpYeusm4~b@MZ8 z#27o=RQ;q2jCIV(uq=Q^DdZl68_oxpHqS9NCX(WfNEZ z*sqidD6=Xs8&12_qILD#-zQi&WPABO;U7d(T8Wz^oTXeV^V|6>)OiNovfJqhe=4zpcuePDl=GBsU7IS@YRp;TZ0 zSt;Me@8tHU`@U3bguatZ;vRzmU}~IoSi9x^%;pQGnb@}!&l}|aa^T-Wk}lh~L#rRG zfqDIOz0hQ`nxA<#sm!lVKRr9(%|RACrhMudvkXv5z1Q#1#JCJJu4^wFDDjJdTnEnW zq^;Dr5sjiG8w7s~HLpV#rGc+!Nlk8=gHRehYlyLLQi~%&S>2&NcEUA0bHR0Nk(Yj` z$yCzk^vuJ6COgBOv$9^)AfXV=T214-wS^_CXA*ONB12gKimbT@dpjY+oV(wmuxzt!cvB=-lF(YS0*r(TlMOcZ=@~L zW7kHn`o0w2a|GgfB?mx_3NZI7S92113OEB2kV^G9@iu^{F=S=K;Jf>z@*#B?-AB&G zMefI*CJO!qe`pF7sTfE8cpS@kvZE^(#_qH~B;9|yc#b#}uk$V~gG$Y`;ZOWl$&*wnlZbiX}e8sMZBeO4E7qD2c!7_+SN+4f}0 zT2Rn95~YGL>@)Z@e)&Q}X-`#}%y&^1spVus4CcuWtFj2ft~^8Jb!r?sBM1HwOI*Au z=9+&?C=42^hl7G@SZ5jxven@ujs=*9zkK#bNrvp|`aA_S6LBbrG@NOyx4D+GZ8xL{q4uXtb^=qmR>Dooy7E4y$8P z#fY{R{mcMiwb14nS4>!o2g+Lw>DHik+Tnj0sGd5FqE|q=WI;n{a9^1wcK|n6I@Peo>m<9LP5ar2xXN zaGzUaxTmxHe!3kU`&~EnSA%;2i&}%VH`BoqKZVEeIHuuek=JW8aNYYlw$L)Xy9j^w ztr1;CjM13z2_DV*pYp=`kV<)O*A=365RQZhIncla$bNX~(ut!-Hw+Bxb&E|h{t*^99P{anT5)Ek`ivm$5N9gz4DH&{VZ#h+RHFT28>M*&H2K~#KGnFg z)!RdbJDBO8k}P zN5rbQQ4!^-=mp(F9P{|xXdY&Iku3^n^Y3KHkzJ@9VJ{0Zs>ZT}qi}%zZyUA!Wd$Kn zxKXpJ|NLre@yKRTcG$75q;!yrwvTpzRKI|{M8dD*zvq$^JlVT~qLv~D$OEg2YJIWO zsggjl6b9`6i+!7bd(VHA#N9(P9A71G!Syhv^Ca35V%Pc=`318WA6^XZt(P1h=J>i^ zb+kfwLfy{3qYT<-SG%b+DQ>|IE-vzidX&Ax8Tg;Fp9%KgD9iPV7wJn@=uU^{?W@m+ zSzRJ$OR<9yd@ab5D^sz+(9s{njz|d&KB~670hwFjbPa%I?>yl{&)=sRK?3?N%H%mt4)p&eZnFEv zHu$c2R4}8PhSDpF$T`{$?!ok02brnZ<3VJ>$sLw4;k^_1gNH_vqMTi|s2v zII6nvSKy~sZs{^=x(qOV%QQV$$k>aO;wErfU|EF~gq^y~m$Jf4IUJS*v7;b#0z#lpo$e zMjTOV*aB1%OqBfPGRmszF+03~lMAtZD%IFSspEfPxKW8my@U*y$|1FsO5g*A1_%x# zH;wQ(lw)l<=!}6@0=ONHm;HfUa zY|9)`3>bP7KvHJqwTb-;`oRi56@#UAUdDXHVxH&d)tXJ9k0 z!_OZUOZkwhJA2~7e{!^)-}^hE?Gr!R3P%42kOdyK_nk48;#!}?3OGaW@%Z5eCUsPB zRZxU71mpfWbI@atAIS`KCUN@iKvN=J8f1Sy&Ak^huS?{tXd-1hSo*eTu6h*O0o4IO z`#M`zka=%XAa`=@OQY&UH&vEl;}n4~A^OJP&sd3STn(>*`jCbl05lydaM%c1ll?=% zSB!|b>_9#Ep^#_a)iD;6IEQhaq4>a2 z1Ez!G?_n-8mJyhQmD+Cwm6*BwEgGQjfum1yvDC$a3KW6YqgwNpld+gRcGUX4D5zfu EEyUgSAOHXW delta 3062 zcmV=b_bm+ImKMNQp_hFUL_vCko zS?4@LwrO3_+M#2>5z=Ki49!J>{H3a5%Tvf%;6FmX zkJIM7FFUHhIZK8iM=XbJ`-nF-SH*JG;Y-h>5Pz&cU%bgdC;_UG<{p1}JtmmU5YNnJ zqf^~~Joo&7f(tpp{T*%d+ z0w>(<|I~56YBf722{%LK0HPYn0aMpWm$$S7qR|Abig}{g3%p-FMVb&0Foe{N;Oe@ZHm8^ z)-CW|#3C^ln)Zx;B}Hvi2@l2(5V<6%`u=i0Cx!E?b4I`0YVg49EgnvNq_9XePym}h6iHT9qqXIM0k z^O|B441i3>WgAXR9*!fykSs%wD$2UXAH$5fFM5*|v(Jtz3sh;l zGMak{7GND3_!rJ#j3p^hNVA-3t}YbNl$P+k5II9{P7}?J*w*67v2LFKK+9JD=pUeaigx)MJH-Pkr!&4Z>kj!2@0;XtpXM#~E*}{#h55RZ zn$TiRIx147!Mj*G<@W@Xu)Uig@lRA1YegLP$Q^&eX1DUZY$XWbiw@Mp5$8mW-l+7M zEVuce*G=)G@XE7Z;a|chWH_<E5`#ORyw zvM{Xu#8Ixx1F`tej>%&Jv@qS^2xenIxQQdvD;6$bhBmNMvvFi=LeuVJ>2&jk#L>~D z2(N!oi2OD|TRXiDAa2;qW@@GH{5Jr>@g=lQOI;$3DXMcw#tF?VMrb7heKKnCpG0)2 z1t8(gy47%EZ(oFNe>}B>w>TsrT|lHlDzx@Abo z5Yhz*+(TUnT-HPTTi?Uh0Nxxtp=g0RBYMws#n}2$AZPY4D%~ICZ7GxSlu3B{9fvrT z#{8!LR6S4>2K|s{Nh$Z=V{s?zSpK>%x23m$h3DZ*Au}#1Gv5rYmiq;_jvRxsD6xMf z+$!3*$(H;>>FNn7skeIs@g{34$wxsxpnQ1&24GxjV*KbxVtGExl)Vz`tQ88hJVF|w z>ajhnkrJB1aQJlHPNYUmc{iaRn`?0WoH$4ickRX&^G+*3<(n$k{28Xyq>Cpe5}>e} z^WRSJsaV|5wRbJ-oXBhV(fHbtH;aFZ{3{%ZSFS>-dP6(dDh7V(j*2Gv<6*fgaMO!9 zoX0BWZsiWNB$l8Y+Va{u+V#zfvKVr#JUe!p6Q%*N#v_2RvK{)io_=Sr*eiV_i`6NJ zmB>%$9CIHQ{IJmp71)PrS9Ko6Z?hoio=E3+S|@TopO>G2BhWNu0~|T#(>s4Csv9Ic zMs6pFv2BwzUk%fI>S2*G6>u+CM6zQ2>g_L{S^Uh>nPkF2(95oBZ0Y)ZE=u~RG^u6< zs5zJvfnX5oH?(P-dc;6A)(*c|i;_{c^bw@;aF?AoIK>m0dZje%U&(6aMW@mbF!tQaQmJ zdvD3-%k`iRj?!N;Z~(Bg6;RFgO_Bw@^;sS+zr`FN$rCm2BZN=9U?(|YMmk1La-oSe zkQp5=6lJxdi*GraLbqBv8J8<69qhxesWsz7OA#o6YlQNw6{3Gt<19HHgp6sbuNpbpr>L5P2oJ6;r|)(vq8@mY8zzvAOA_ewac-0GE`Jqe+5h?coa5(x^~__h5uUKjj>1-RH*j}`@Y{||G(CD|EyEH1VPU5D4ll!Qc6bZx@_)pZvm#d zL#`TWIEs|aJncp*T4#`V;`83XhdB9DxYHFH5qdeBUH*-o4Crqh775qt+%F#$P(8ww z13UnWZVZ2Ih}WXDhZRj|MZ)vTn(bvL%J>3Qz=3qs;qNBQ*wP7#T`%xp9V$j0EfphP z9ooG!%evaWY&gU{-&jgMZ8XT zrLBMA23<%g#!LsQ5@-#W$!a$YObexWaN5{vnh)(oqaOpBSxd=y5R<mbQ26TQ^;HLr6b-~z#n^JV4}uZifT9Q0fs zY|Kymy$ZAgK(oNh)xCM6OI#H0qgi^mOFMte$6K8wOlN$z5Sfa z*7Nz01tepVT!AUrw;5kMq`m)wbb$reto}7~lbFAQ(Q$hIJaOBdK9@ROixiN_VfZFBnB2ETIcBFPB>8*qks_ZAf`4f+f(u#(2`Yw2hW8Bt z2LUh<1_dh)0|EyG2w0#rOF94RS%88II4fU+;jXE^MlKW{51}5#GAf8Jc4P24Gim{$rTZg&jSO#fJhnMSA;PSj~YD1)> zVMj~DUt$vsHH8Ebx81;IILn<0l}a`kM>ktd>+VKQxqscmc|$R!xx-un#`tsWp!si; zj_GJg>Hr`WbZo zhpCwD{(r<4o)i|6$B$a&%+4+157aEnErBoIkR75ItAPMy{&P_c&glYVh$6;0oFWG- zut|c2F}Ic@L|xTqS$e$KA4;>Q2(fRidqndtyMyzyc`%Fs4siqY0D4U*l5Fqeo+A&E znWpM;2BNvhk9Eu?PGF7K{IMFJxgrPw{IVe7(SKQ}5~1wovmuRy%%P{=Ry>zXHs)J> z)T@W(;xBL`mBcY)m0=g#ry_`?rwrv{ADrTC7i?c&uk6Ughbc=kJImIHcK(!@V%sta z9k5iqI+hHM7G71>1Xw8H_|}jEiYMs|`@IhL?UEoVr*|VC*iKX#HY_fA90bgbN^wU0 zpMUn1jTBBzc$u-SbOHL>tZ9)|D_(V8`*Q$>`fhVPK)ek~<5 z9Z7Hlr*^^Bp}N2CMRUC;M9fTaI#c;m)@URuOAR>`3;LxhQuX)dI`!FWlCaDrnVjjd zJ1D4WIMcipJZ%dNV|qK6#Vhc&CEPng`hQkfGu`gG*5OyA)K0GfMLq#cXR3I&|Lt$Q zmSUGYq6sw`&VKDx8LDV$f;yt@)D5V9X~)Vv-|4{TfjLADOeLIbaqGY-+l)sE!(Kg7 zOMincPgT@x5aRINQ`#ws{c(uIS@)J9&JXe5j#+N$6dq25IW4rjyAEl`;x~UQxqlI| zu29BA!hDqAE5=wBkahpGtT0v05k9Xo*lT{1(#D^jAWa zqj>u=2G_Wna^dSqDN7qgq?vaUUGI>PgF>H1*Vq3Lvnf8&XlU*Znaa;G6wHRqU{+RD zhXx4Jfy>PcU2v+GVfCT0nmJ|D@9ZzGa6Qv7+@rR7&DBb4a056!mBu%kGbQ31Rfw` zncQCx{R>|!toLGG8h>511pY>gn2uP3>JwXg+71NE7h-cor5G4?7>r;Or^X~xz$Aup zm95wh-lcIymV>O}$8`sk=OWc1ks%$+Ps~B2Tf!>VEDzXwJ{>^qMJ5qB*=&LiY?0jE zG7ylZo8_!e9LDy^Gxf*CTmr;!Zr5h-t1T4!mDUe#UZ~|e3V*Ma4)x*-%8WPZ#G$>E(C6nxQV4S%^Lot*%9$H{v8mwy_y;3GPq1PWX6BXPTEjIR!AUFUBn(c2Ks(&u?}i3#9(ScMUtIoC4$ zgM}3g%PK!VRFfarN|6pGp)eC?dgn_r2NzSIG&J!99&Czc@AE9^)*(in7lv^Cu6tTh zh)IAZXnm)AzL1EedaK)Pawvu$GEoWfbT#r zHEsz>-m+i?J~mE1<_x(@2~1mxqk}l)7E(G?q3@15}g(eYXB@t!gbw^ z#UU2(=ReAlQ9JRR@k-PQ?K_GZm%;MQXL>^h=P8AYk|G0QRmv-{2uBZ6D7ab<_PX0`%dkX#YOL=tB zVDE~e(Hd!Gp4~Xh#ZQ|UQ1}{SRVdZ;v43eMLx2~Q`(RF=(eQGD_X03=P(tMx?B*BQ z6eRQ(@lLnT+6m#3$x%(rgujEK@YkMZNVF-k;k5cTl+;m~5lFP{wH8}v6$@k;G44^F&v8d#-w|^wA zksgNlODo?@d^y&t_^#aB3gP##BC!}cPEaSG6*fU+aCYMQ#C8&d(lu9Nr#kGk`D72P zjW#T^O#Lg2|FV|cl!Jl->0@NdMGJCdOD)3X-cG&VyL$DYK#-~~j{h)sufBROvQ>7o z>~Ss6m7Ua!zL|jpZbhz?E72z5e}CGRY`}u}MI?n2CnpP%4W7*plwOhi%zT;}TPAL) zZ|KNAs@!DBT&LA9U|vOL1HOtRw)*={I4Uh2(}f=2(nU?4fmz>=t}aceANIVjoSm}o zH@20h_NxO}Ij46MLR}*RCOP2h)yQF zr=anvy_g#bOOn=`>#C3vl&uBTu6YSUpR18Ve>3|OgDH**J!~8>g5qJ<#Q>t-6<65k zA}78JpJ-0~(;1GcoUq;Ejic1{cxPEiITP<6Hd8M#7d~RqOF*^)T25{p4>3a!p>9!V Kt1^>?zGh!@n(Mp( delta 3068 zcmVaqKWgHudab;e3`e1yjABio1BHLFs@b?f{vb8A`nM}bboviEO8P`9 z4oG}B-~*MCihoMak|xN}=(;9MGf7`BF#8SM``{bYv#eP4nn-5pw)an@8sbL3r~8#} zgP7uiDuV_oyHw4PCda*;X53qMb|Ow7kA=1>5HEHSS6I5jrp*sA^vP1eo4AJbu0SO7 zN&$81;8xKg@DlsZcQ03_6wv7Gp)_sNFV5XpWbrjX%YW@wVo>MbF^A{-@8+79e|J)a z!@iLYt2}79(!>p)%(VCp9~SeH*3U?N8;kFlV}_?1i_k5i31Vx3c}Td&4WkXc^OP{X zm-p1QysD)5vdfPD2SW7!K#|cHB6gAi3bkayb$wM3Lzp8QV?DDU$pGJGu1|(|UFqmb zfp3KCRDT|u(O5#Hg_Nyr75Hzbq!|ewt>Qqii9T-RC1*$P@kh5Wr6YnqF9`bQ_~)0# z;ZdO>CLsKswxecyn0!Vd0@lK9T4T>7d8n%9^zpR-d7&d$4?g(Ge#>&(5m3N#o%TbM zIj+TpKmQ52oXxuitX*aFtEUVSo36Lvarvz7JGwrC+_&KBb|?=rAvKjBr&0=1j6?0AiAcDFL%@qucyfAQ46f+Yk{zqZEDY% z7Jmes^uKG<)E^4R5g&Q$H&=|mACok=RidRZ)7K1UHoK1Ih4Icb8xAk+YavLYq! z(^sY}sb^Kk*osW-G8n+qMQ>_=)Ge@06LvEnQ~Ce*&7mU)8`6F2Bu0S?5!DRUj$b@d zZ0^cdkbe8TTZnvd{h1PxgU>Of3@--kY!V2J!J7}yt<~p;AZrW$sZ&O43|hEW>wjn% z^|e#b`U1)i-32FAwY$LY_%4{57i}OD>1Pm!zZ*rtry8ptr-Ro<))n`|2@w_ z>a@`&vCz*5aKPAR7sK@0s4@rYUqpcUi90C?67CxuASYK|a|D>eOvqyNe|LigZ zFAg!MC>263Txsp1L~TxsL>Tystbb~16JG51=p=G(nTaG(;%CVR8L+=7ur=LW6Nlg? z`;btdJtk@E85W7*1cUG+G!$I*C1+0<4TY_7@kzM|`oRw%!N_{0NrZ!1{w&z)s66c%!{(`+x>o#QNjDRK}DE@soWB&Ik$oa_R z^B({=6v*|=36Z6KMnw>)n1Ax9eVu|hk9vJx ztN|JoZYFG6ur~yMKYgfF8-2$!**A9O(*?&dBTom40)7E*^ z5e;d0e5>t+z0<45I<+9{%8UAh<(#_ko?s&rrWz?Doee%r*5Ne=T*JY`BSdJKw0vA| zeB5vXyD>55BpB2%{_#MZ?A{;EC5=r3zk!i&f0|aHhFZj2nW-N-H)?zn<^ubBNd+l; z$PCs}X>-$p0_yf7%y=rnnS!Kv#CLkOE!oSWETcxK1b1%L~N zEM?9-tXW`5v!Dw)26B@CH3*{T3C%Ss0zv0@*{Acd?rUQL#L+11Ppbc6ylh;F=#As@ zOOVJ`_en;0k{atk+X?ncuLB~v&};P50ljE$j@RF>T}+S)3V&>y{5D_x2>TkA6>{M9 z<3TAX7z22S%;`UDG5a%o_S+8?AWa@wvW9tJ3v7u6eESy7^?U6|KbX5j?gP}llibunZKMJ$hz}a^z_v! zi8SwVDtAoP&wtN@+Sbt<4ZB>+TBmEz523PR^kRKcKG*9Nmjvj@B2?Sr>Jl{HI>8YH z^RhRF-PA^npV+$nlkCiuSX7l-(gaCb3iXv7bb(O%adoB?$H3g2bkKFa)DhGkoPE7i zs@>%Lb+H7REpM*E{?Ni<-O17xCI-8puh^?RZAdspB7e1!4Bf{p{r2t0CrtVc1oMn5 z+MYQG7yZzl`>RM7;l2EE&qjI2OD9f?EDt&?Y1$w;-vh0JcOUehN{#|9p5aV5RMO*& zk_u|QB!Qjz0{44ZUC}gS02ylAAeY-_cdK%EIa@g`3k%!99GLR}38ZovZjr_OFvcFc z*ga+DRewfG5!M)I`^Q!tM6Eir32wHBGTlFl3p(> z-xK+O98La3;WJS5f7U?Ibs#s=$M4ya)hQ(L9N^~#*J%mM*mz+%(tE;}TfE%hg!Ft6 zi&S~tr8v~B6DgQ+=vZ1q^jaj$Dd=kcO;=r1eSi8SI51kZ4Z)TclAR2Ezda`FA3#Lnrx$aA-nB=TGr^DwoV?BEx$<^e*RP@1oX1N}4vvw3=`VD+< z_4`Bg`%PxbN@cM!daQYB?VjdP(xeY-rR-aF#15wV1Ot4J^;O=Rkg9+!CRKQ19(&~i zP)a))0#IcN+;CpqIYf!zl0W?mw#o=^RDX_!9oK@7d777teUX{T|4y7$sWw5?Dx4x@ z`Mczx@JrBQayBpBB11&y8Bqj%-%LoKJTt8?V@kIk)AT88d92lLFNsi}8$$deWwc9s z4_u+YUENS{18~kF=mGQE99sBCBfys9GTqZ}VH{VoNvXmpNEm_~kTIiI*j&%z=YMpk z`F9|@X*3usUqcUfQ(z~-+_I^;fxK~->R^c#=&a!{vVHsIMzW)^gQP+V_$wWk#oI)y zRc!UJjN*h4H)8a5<~%9(Ya<(MH~sts6Qp8H^`d3^>IR2;uKg!w*)gImZ-_PCdv#qt zj8+--QEN-cU2_RfV#N=gyRct4t~4yP3Mo}& z?Fy=nE$xVTq=8|o>&|fj@D~8|gv-(RZpr13zuFY(n$rV7dV6uL{*aV0&_AXeV)2a~ KAk|P62eO1=H{;^~ diff --git a/lib/hx509/data/test-enveloped-des-ede3 b/lib/hx509/data/test-enveloped-des-ede3 index deb5fe1ce4b64601f3cf210d9d3922f52804b93b..c5e7d3db4890b0d84e616c88ca591678b3c54213 100644 GIT binary patch delta 3071 zcmV zRs*T?F=_~wwfI8l2?|U61$KAc8ju@D+>ROgS^8Ag)EP{4$h`v5w?O5<8t6IMXZ3l zRs)Fj8h=|bnytM1A?s{?3?8CVqmj3!o5+-zd_wt$&S)nt8t%& z!jRaNf{M^tjg}6zwwSxkeT8E8piHi!gaNAQVK{(~zkk##r$RCu^|O$Q3iSVr=3VbX z6bG?7Y_2XOuY<#u;M+A{j+BOR_W&4|H%&D8n}1K&UD{wF6^OMZGS^Ig%@gR0b+fwb z_e_TdHgSWJPfaSbHR5CK_Y2-9VUD)FPLG>0Xo$l6QxNxDY$|h7>nV6am=5ic($%yf zT966EnhPtUBM%~?3-xc!y#kQL!WdKS;j=^RQJsWic$6{J+F*szA>oJ+?q>=HS5iEp z_kYWUsv+m}-v9Q#Mx!GE2`kiR+TX(tU$W0z`oG<9wh%99Wzk2cxM3k89@humTohs-c~#w3v+mCg$wO+B6Uwp zUbz!3SAPiby#_icE+;(jtZ6=!of3gc|9{OpEZvBdnA3EfsXJ^g#vD_E>i_g~VH)0W z0633#6DKMMVe|qctuf4T<=pp1;C};|kKIe6STv0+O*kbR=jx_$lueBBU1%S&MhcRXS+Q{gj?Eb^=&~>xe3<9Ivu}>@h05ZoentyZc zlUJK}v$w!7T8zFp6r?=-gVIUicVG4O-B6bJGNii*LF+D_3}0LCM^nJ9^7w#0b+cov z_U1nH^Agl##8Z<$eqUCL2oPu0P)a|KX>c?gv9>OxcY9Nimw2koKM>f*OAAsPJ=8ksE~vq$P3ZJgZd7pxeHaaeq)U7rDu! z37T{2or{9Dm~r9mdYo*#`IY0$+TptuUkP!pJ|*#_M)KemFB( zs(O*fVoP+Oi_`=%(nc-d53A&#A^N?#_gSlp{GShbqBOWM{7Lil{`e~OQQMr`Lm_f1 z5%}IO)=(LXTVu3!a1==_yMN}D4&|H6{xD$}h)aC^9BnH?&vE&^j<8u^v`x4hs|-`M z2A0$<3MYMy1wL?vv$u%GKAjTr6Pt<0N8)1hdsS*NNpQ<(FY9Ko>(FsR0#-abf;ew6 z)^(oagywkz00eIRrcPh9LtOHY6WFn=kn>}nPSp&t!eKl5Dr~hu!+*1=Vs|$%@>5*I zozb1PsKsO3C9wR&20VUbO946h0*OVJsw8Rxf$^~&9~C>Eo`Hg>y%N@dDo@N?~T0-b{>Oq4tbb{PzK#M?tvUjg&@e$+0cN%44X z1+yt-F!&~eb9#g(KYsc5AV9rDrxi{}tYts~3qlDj;gRmmSvosKp%FvSSN#e0+I6#p zgSsFDbs0{RZGV{RxPv*j;vl&IkP*TyE9KsaCB==0sNf-^_U6~?!q27w;sZ`ONJ(up zNkAAzfJd)2qQ;j#UUW7eFBs2kQ{iF}?%aLtvC*jpVVcdPVA>&>)mgCEBfiAz-85!u zFkafL%z|cHgkK-_FI686y^Z(zhDsO4Hynw5tfdo)C4W)1gEBJILN%}JtJqxgUsxQ0 zfx3NEK!Gedr>cI=Gm()u)*PK-(8QV)IixC<6fEDSjj~;Sdm%`By-OKo-xCaAD zCrX@YhjIAGHq`VS7AyhKPlibFm1+JWMa@Fa0+$t!9WWGjE}uGF{BgD#oeCR&z^WL3 zmn7?kNPk?b1g$sr|JnilWCgUv@A$Siyw&wILX<>CZxSpLk(3hvyCvyF(n|8~ zM{}p10if|4isNJ1v;!G8=WcUWK`$8&oivi5D1XgUnAA+~_+KbUlzP9n&R{q+h;&V} zkg)p1Eojh|3zKRgd=^j9$iks(=el0H{9m>%t_s|p$_w>IlcV2 z$S$Q%%FqJo_P+KmZz(2lGR!il>Z%506 z<$r^AmK*(nwUN^gsL0z4-3^c>(3)ZDSQVjwa2{+ck!+#pim0S@DWxCWvj`!ieapRw z<74>RFz^z6u)JSem&~-vrXB^gV5$-5u^0JcRr*J8G3p^U#A4{z{ep0NsS!w082Exl zjD2&B_0xe~a&vQITIJEW>8{+P``fIe%3?wWt}sE_8;5Lb0ikD#yNaE$rD=9hB3H;;6}W zgjTkaR}+cwHPl%kV;9Gis0;>gN6#j0>v+TLHe8sI zob34PI-r!;$Z@sb>SCTQLWF!LtXIgxD$`ZI2=0YzW+yCfqfpnX7J15cC4?US5LhvR z36?sR*|CFxErL4G&Sz;neQQ@C@@R}Q1pMWW28!Kn*qh%V0L^R; NxW?H=-s&eg(*n6m`}zO? delta 3071 zcmVD4V;ign^iFX7jS00OKfaPiN}vV*m()C!hhE=f(u;+2`Yw2hW8Bt z2LUh?1_&yKNQUCj3^IIWLjXuUM%)+&a<8`A{?>E)D;5dNK-QRrU!ufNWSR zOJj*_5llYQkAIs@93E}8YZE9qw?Zm?a>ps!M8}Btamy+&$-X9^G_Z?>m{kiat=UBK z_lev3f5+(&+f~Mz)cd&W`8e?P!a- zo`4hvMzHpFcwIwl=bk-~Nc*7f)3}M0TVh64@EL^Kv`vY{at6@|Hq{&KFUKHo^O6IV z@7SWu>8e}pvI6e-W}GsH6gj*#W(%#FsXdY+7k?X$@y@pj`^W@3Ro_cdO>`}9b!>^8 z@V9i^R!Go{m?wx_*zkgzyDB06Wn5}i4$OTBt44Z=0ejcr%;`-r=ShLWE=idhLi)uD*T=)GM440 zAIs4J&{HefY4H5~4RR9D54=N05utQ~x5CVrDAH!aTyF|rvH3I~;^24-xifA(L4^+3 zJKOil{fKQE!=*Qq-Vlx2&`17h9ccF)jDJ#J(T<>)cHG1jX&y;rvQ&zn#%Q7R6Z3i9 z)~`9wiZ*TA&Knlb=t7@H*CW$*dC2eqUqg=!Hi?$%;=?M%pVm>u)Ev4+O@L?eAp{B9 zXqxby{rYTPPOvGu-1amR>}~T^kc%CN^M?jc^P_xruLJ#3Q!?DA16f+;B582T;y?&n7khf8XFQOcfLS1gA;i+q>i85dR8G(FT*+*eu`YWB)r6;@@!5>W606jWZ|n1M zNV9_yS|fbz1oTvjGodrV=&Br`VSm!El;B>kVsI&Mak%-zC||KFG!-)CXk^7Twv4dL zf@mV%Q6UDg2uX&*>z9UqEwZ+-)qMggQg9V6 zV|wIx%7Q^}PyGO|i9&OqTNRB|lduH=(THulslK=!$P+ZSQ zoZcf;OJQfqXJ?KSJHzCNhy=H!FL3HJ@oj_ zW)3=Xui=oVNL=+sc3_@rM(=B!5KmMVgF*CY%=ldv;yW#g)}O3WNyH#emvxzIPl=;RH2XxCMc740==0M01>;W!{m3c!!uR!* z{VolIpJQ6is@1CTd3zvo90$RFmLZPbQ@m~LeDuPQ%j^4(Fa$NF65n6yyEh0$K#7N8 z_})R$aevlUI$ueb+aqF-QZ3vFuJihahnU#40q|cxpq#l4@oCC0Yg}e@=;HQyu2Cqt zvk0!-Z+Td->lS&ng3BKy*HAAi+U+o@iYji0Eq@!QUNxRQEY(#T6ayrodqf*1<6;f0 z57?LJ4$y6SHh=V&4^pTjUj<2+r)PK#)7R{ky?>w%eq)r&$YF1VgwS>{PLE6;ZJwyP zd<1p@62`T)=@w>jzPMMfeq}55&JsK=75{5Q;3h>{KNn<_k-Xu`rWq{RSoe+|?5JXaRL{cJ9}!*b*e zPJj1V4s$wagig?y=?4y4;$itb${tddokW@hre)|uPzt)lD3YYKJGACa5p55 zv?h`)UA`?fK0Mg(8t#apGqN{D+4KES?&$qZ?s4N*j1o0_foS)s2(n{rZ=hQ97QlnM z;~&~5_lNW+kg+&;yC+OlziFg960TzCc(9q8dGa^un#Zf|Few-muyUEr?82%I_4znSWeF~g$voVm;-Cb2f8mZO4i=&Z^1hZu41}lowk+7lCSH4^h2pN) z@<1+W+#;cd{%iJt_fdTz`het{&+m{DXEUSLr=|Zvm4`t~O}BtYaEfL|1%* z*uf3)-!Gawn@Op~yX(4lRcDZZJasP4(B$nQNF(#)cQ4&Ad?@&OeNj2q-dOOb5(on9 zmN7;1(#(dk7aMfEK|4L7@ZX84*#d2*s>5Q8Ql<86TuPOr7xs~Wv9Z570eFz#TQ%ew zYIfA#h7(4gF-x&zm4m<1H8@#JEfrV#0t4y@k-*7FH3+;IhS&1~1v8%ZS6s@JX-|$V zfJ`9UL1{!l<5gEc<@xECn|?9fYqr NamR>mQ2e1@@Xkpu*7X1Y diff --git a/lib/hx509/data/test-enveloped-rc2-128 b/lib/hx509/data/test-enveloped-rc2-128 index ebe0b5faa056a3c58a87dcb6e263b5cd6dd25154..75d8a0caa23ad41a5cddd70f6c8f3871061b8906 100644 GIT binary patch delta 3046 zcmVPRg19A z!BX~kJp%wfLF+VIYkV2;6la8FgJ}BrS)FU8RSe%~zC`qp7td&_wpOQ8tLo(|a5kA7 zAES{4!f!sJwSNVtNsWmcJRZifp&NR2^SIhr4BC~$BBRC45h+aJ5{Hi&sx&G%Q$u~#C{9_qF?t;ltSrqllq=EpgvKX zJ|BBHfhzpJ@Z5mRD0Nl4BEbVN(rLvbv^!T?CI4QP{jFxjwQI)NK*dJ_j+4nsf%Bk< zr=bE&OfzN9=!q=ME{DxvoaVR<#p8ptv7cp)Wb>#jUIS+qYdi>L#he;PczNvpx zJNBI>E@q;fhow#AnMybLT>ZzQJh^DOe<`b3(>zKlRerb!n`9`vCd>ve<*GcwTDD}d zH7U~)FR%=&NJ=12AO#m%zNnx^$e>K0+{o4m7~hp$A^on#_|QfF$x%kR17eXyUnUcn zv>)pGT#f!2Z2W(E%cJOlbtEhBAj)zL&Rkz2P-&m4AV^=lk?vySUte0FS+Wv#vrhe>y8uO5h7|73q=E)oL3V(;bbZRz@SA%vTd zLXkK_St6g|;)hn!B}AtKxH!}kmTlHaiuU(mp8&uXRKfSMbls;rd-^88%9s1_(;sKS zRx%FP9-m~dI(jlyYU(?8`8VIrNreoos}h(V>?^EFfioc01YL2x*8vH~m5u7YkTeOZ zRUg(6!DN4Q9o)#$@{*kn#2N_`8>DViCgh6~xBK;oK!G-kOjn!2^mS;T|LtJX1-2p8 zrx{9}m)24a@D=#5@0v5S25gU|XP|m!oxhL@?LxU2|+H^>as3R_+Z1_Wyso)Dc#V8=%GT72H9cr_B!n17N%} zq`~c` zCqm&+2*n*T28dMXmTuv+D2~7y=N+76(a6mJi&7w_?!OV24?Eb0R{eI#@mY<=O{%Vz z#8!Xs&EJ-E>R%c#Iu4h@?7qJ2H}izJ!u^aLyZwSBChkOyDeySTwEEf^FUuYAK08rp zIoFW>O~hMo54z=0`_-@wa?!7n1FqIT8_HhD)H?>z)AD9cOaRjeXa8>ve|;pqrHiac zj~>?>Krkoj@xzSkwsfks8>dY6U0V^RDN%oS7&a9K&Z z0|Q+eA_S>EX`OG0ZgEDcFV)izAyy&GUWa_hj1eyHyQ2SC8qZ66)!x-&l3VSDMSD&Z z0My*#HuvM-*UTOPXz0#_-7g1VHSvG>&qJ~xgVC0=tWZb-QugHwT{)d+{Q~ySS-w|~ z2~)?=5yr-Z+rrLJs%y4yoOpSSi?o{d;X_Q$W}X2agD| z*JwK`4m2t>NNi3CAZ!FXm&TbHka_@tvmF;V&KxOV!HoLDf#9S}!RJ8xnh;U3V@@oW zy;>8W5;9(pdu*)aL1gW9?fb-~>DaoTwCSJGouyb+53genH0Lc@-wHFu)IH<#w>TOJ z^k7R9txZpYB2uA@UtQD3+X#P^T9Cikekz16%c3lxF zMGvM$LQ-8?j|W-C;K4-(XP-5s*f)dVp&Tw8Chb|i!XbI>_8l#^24#PBqHT-L9%1o$ zs#+Gv8m5S=P-!|6Vey*Y$4|q&l7=o8{K4hmSr1dX9_aIpA|3)`)*s%{`pye3x9kW- z18T)$v%c(w43%3qvX@z8PRj5}Mns|>cyT-ITFlfGJCgX1%+TeICu=D*|Mr6Ya5wWN zc(xyjme4l+&;kCJYPo;O3>sWtVY+eD<0_({{(369w#+CEUbyJ&J_NHP{4~xWB$DJx zIu9mX9eK#sLUy)jU+cMMjDlz+IY25~OV`-Wi|B!HkQOi5ivOLfKhCsj3;huBtz&*p z#-{7&PspNITYd&_YvLoQ#Nt-T2ge+5&&Xm{bn(@%*<~Lw3jvh)4$1(BdYu;8-l9cR7) zMSBR6Kd5TiHWb(V>&o1H_=t!j_Rmv7E|*FzeThjEjE!n9bk?&YBq>6e+B=ryYJFft z`=x~<-)U~h27!X^pER?CfW~W>fr^v@fZ{*tG)vLy{NsPJdzh;k)8lKyJ#6LO(gT1W zStZ2{AN}^M8!YOjo9MY&%SY-r?_Gw$}QO? zY9%|*78rcarcaoS9z?vog|&v0U@X2XqvXyPWwueny&&CL5bA4B*{lNZtef;JYTe>D zZim~)0(Qc8c3w;w>J?&%xW$L#EG#m-GCn=~qi)oN6Vt~n@D`hqIEleK;=Kogc#*Q1 zFus3NSoQYyv4zBWRKmgxYWngR4`*0LL2Vg31o=5J@gGA1%@;q~K2*;C5#QQP!a&?M zIait+D2o(Y1{f4KW$h}5tMuK_Iy=Rvh;s=S33ts0WO=X|#S_6EM+acnexgypasNk% z@O}(4F!QnI@!C#v0YwyD*{iFWk}h!&FPDGrtCq8QjsJ)QFk5jZeP0@{;*5}Q4|UIH zL9n$0gIbG2Wbp7#BV@C^$-#8}STyAOdlL5VSJbvi(aorN`F3qa=xu@&6lrZ%!zixt zYn3co;PqnXqPJJp(#mnUk1`^4@feuG_KT7S%6RQ-7ZW7^i>S$jN5Ge-pZhjKJ%n1( z+2bV}Fj0K+eEt7vP@$XO*!qmcB?pV4T!+-f_Qx_}Eu`L+J7VQZz-!dxTQLCVtLaqk o=I5v`!g)B>6@UXeV9*XRk)Pr6%r~x%Z&+r(-~3fvQ&?dx4@+_G$p8QV delta 3046 zcmVZKj0b8 zKH>|fpO*N5qWh>41%2{dbM12i;jVx|rN%F(Xkgn=p|cQtSSlN8zxq11Z-oL;frgra zbT07E-$h(UZlj)^#2}mb$0Tv3YVgSiAMv=ot%L}FvrdGUasj}R<|2PR>t*!u%efwa zf(tl0=61gzdhXJ1RtP}WTB?1x3Tn7%qEbFqg|#Ip*_$KC>a5^xbDu<7-AY@;_; zuROW>T4eH)+g1Ogi~Dg_)g(~5=Gzh^I$6o#BDOBt7Fb)Yj;+S#NV1g-mZ{jROSQ*{ ze$;D&OyEyK51U;u`E`H0+fQmYRA3xoq=3s7Y?z3b=ob;+*t)v{mfbf% z@S_tL+H9{wFfP7U73>j{D&UpB0YJj9F8i=Y1)Utj+Qt&KGB$ zHD)Ty*c|sUW;eJ2Yu)%iOC5o_u2@+bHOo>tT*v?`I%|1IrIIanD-#48U0r`7bIBl? ziTz76C+)I%_oE_zYTOx?DifBUD*HHM%QB4zxq2Jbb9ObHspa0M^rySohzo)bf`h~V zG%bj620H!Wv#Ec$f0`k2TtfMiqrVQb7-w2Irp**cGIPBcb=J#*`_syvu{>e;LKOJ; zS7a>Xzg7dJl%EaqZvUo;&F@RJ0D7Ws9>rqcc)4M=I-Oo8zwzmDa89s_1we7!TwEm+ z!~~*Ssuu*&uIjkA>Dv^IQcFbw;71WHLu9>X#{`M4i`?!GBiTL|Fn;H)DO0+ zA55fpyry~a|A*+>A#KP5`1}BGIG^JnRHfQ>`VE28i;OgP9IO)Ots*ucL75b35cw9k zbQ1LWrZ>?To~jLOR>TI>!T{#qPdpo)`*q_Pa|i>(!lt)p#1)BfH_{mcv5eiamJEZm4!6Vd&iRQbK@cZ4{C|~W zeG}LN5ww*X(DpLcy+f$7R}h(Lg9Jib@;~4dYQKMQ`GT#E&U*DGha`vER=M`~jh*b8 zyz%oWbFCUBE`EWgiYugkiq63fx`kH*{VH2JjBx^$oGt6(;=u=N^~7Ged+{>rfZxLR z28jCec#>ts=@26E^BH3&J=C+KW;@?ge_#dKk+bbP=tvYFrGO!4T2SkpTRR-e+#$aW z%6)%a&WOyDkYSzCfLOVj)f750_5BCTFlScV1(FwcV9hKIe?_{50xa=;$LU=EtonHT zXowAGVk>?;#9V`MS7|UN#Yve;a0+&ZO~+_k?%oFCtts0Ri;hxFC+C0_ogu9ja_jKS z33GDcJ)$>5S|dzP{z-8E{z2_`;Ocyn99(}PC^J`dv31E~|DE1@KO6omj(3UnygkUf z95=<@SmCMcXc4^Nj;jKit}y2&GRW)~^`p5E_QToz3r5xE(5on3jKUxg*Cpo-!FCMd z1zX0iKEQa--{EK3s-BV87Y&gFvFFxV^;Wi%ojdE?tfeQIrPpco9oDi3AULX?aqEBJ zT$rA5z>s6tn)K^$KTI{Iji)Y8+dGyS>vu#eJ zJjDCd2WHF)7ZV;)nJw^Q*O=Ev73{aFa}q;>8MSdC%v=%eT-E8eKzC??|$M+PM_rHi0UkwYHtG5zf87F^IoO8q3Y8BhLbFWhjpB=h#gCKu&M|=mJ zXqg$uhDPV8#gzBuyCzQ6zHbBI{N_=kS~+J!>#_gX62Qe~kIje9x})UzR7KA*t9EMj(op{fzBS}sNe|5lRO!T6gkr)oQ(yiP} zNrBM=#GtLtu9|A>SB*5$OMic`9UMuuQ}omTj8pQ;T*4xx4O{JUmUKI0;ZdJ@T7u4K zz`@#tp?g@KFbV5N!f#v=YB(c>Fjm9;aih9H^15g$TMq|6Oo1`vOnv)HjJemKRm$xE z8p+SfQZP*dr>(rC7szK?<5B=55tTYFILcb?Z;=G3xO6C*U7`T=r>B1a(n{+iM(`N6 zc>>(ofqbP{nxDEd$a~FxU>NLu$&wcS^qC+x#%OE<28xbl2i4n=*(JWm**OGVtSlTt zDUHtCnhaYQ@WtTVn>n6}#1jKot8`pX1-Iw)YaJ1=}=~&Y#>DlyX8K`KvhpXTu%Q&M#Ciapl}-8>*RF2950~S zvUW}`+?ETe1cNDrQcJlBCsFyt`np~gu9M!dWV~EtVgBBNmScatb4?$8-lB!6GdBW7 z(?Vbg-=rtm`>M$otQCIbm%-( zXmdQaPGvV--DUW3%z^%U3*70Wd1O9W5Bn7kLkxV<@o`H zHZ4Su0;;>$CuQG_2s=pz2&?2%%}o{5H*e4c5w(x{66nTyxBVL;jK~~y7r^kPy(Ae9 znEhInRULnz?w!^~AvZB2kcb-6LN!>#z8U{E?}heM<)GJ0{x5{6^JYB7UL5EHOko&? zK?|X1TNqyrs!iOif*wFwt#uEMzc8MaM($BLG9PMMYcTKL;<*@Y)S$&qQwx}+iEg82 zJm6>l$M`0);)!b!v?(>K(5hOkECz*Lc%{vD|4Dxty9{spk{2g|s{Ug>o`I6=Zo&-@ z=)D0lzb#^9PJH<8u|x(>VHk)z6nf!%((6m-$F8v3g!A!~6Q+`MWv1&9x{|uQHc|=8 zw0%=Gv{MMgu%eMHw1@(ldsiulr)umXuzqnHDv^0n#b?cGhTVscDUFQ@LYrKo6?Vj) z2w#8Lij6mvSv23*s8;&!7|G*1zJe8cR diff --git a/lib/hx509/data/test-enveloped-rc2-40 b/lib/hx509/data/test-enveloped-rc2-40 index c664b81c3db28eb65ff4f890a8ed6d4e58328aed..5ce90dddd53aa6de3d0c2122d6129499f4ea07a4 100644 GIT binary patch delta 3046 zcmVwJVg*UBC0=R%&)flFR~E@ zqr$_bzU6mJn!7}ZdonmbzXFjQ%XFIWg)Yd`ID&K=D*MG9h>K%qa8RrXO#xbw<|BWy6B^X}^SB;> zf(tl3I=Ybc&EvkI{N>ac!%P|sts0^)FQ-4ke4Fbph|H3@zen2mSAuZQrHpV$nWOqG z#jDLlf!XYPTgZ^V>7!r*SHcD9k%hj9$;96{k4eK4zH8xUT*_;U|Kv$3a=trMswwdF zRPUd$^6D${lRekpawC7qX{0dCmCUh*z|_v-Rn`6opB+uun-nfj;oq@~ zG}o*v6>_DxnYDgXXvL5yb=S?UeBIu=D&Jbt{7QTtDb3k(n$!pJeJCEBw!=znwlTwg zOPAsog<`o2UQ4qb_)~)%;%uS5x}!HO*TKZtxUZuR;9?@RTtt7di&g62rjp5a{fJc< zqDMs~@4vTd<{E=L2@Kq??C1iP38Eb0pqA4Zv46z;#SisaWwj(NuP?dS<_XIzI7qpV zofPrg_u`U?8D@jfw4xk%^d#HoE+W_7{7NniGyafx5hycXfDD&lEtBh5^tN~<3-cLb zcPEGU9asWmNA!Oyl1Ih?WXwp=(;> z2hJ$TEsS;Tbp-Z9m&*fTmcg^S0*WW22@EX`DoMDjq{-B$G?KjNQ?D`_nCo2kM;=4d zn$~nI$$ft_P7OG^g|%24<5zqtGI_>g#-oI>ILc_JMrypNz66bN-8cN*wc#gGW1R@2 zhH|j728ymk%Kzruw{?HZ0(wH|NMPBxwY+?!e(59VP7^52X6sa`_8#S1w|_Z9;oT5E zAgE`k^7obciu62(TQc0ToN7$I7lJqK!ponmvweS#r5?rG!KVgEY&to8phk8#sZj%< zECjlx8Da-93|=N+j0UqPXTvgzuF$jd4VU4GE?Eo!8oJ6VeuTefG+bDD)Z-BYN5V+a z3b*^15d7)z@uvfGC!igyUR9lFEv6~k(4f}jE3#oa@jz}9KfMydtIaK}UJciZuJ;`O zF=~H%00*TKt3BB+AzVqneNavzDbqUA`7!fe4cM?EZNs6!m;cH_f~u@p1_tuirZZmt=-@VLffET&R$+aFTof9GWWBZvV)%cA ztcytyQbw*uKpThXW5E43^p@Ji@*B2Brhdt?_gi68>U@KQfoTgF>igZT168_fKkt5M z^h0f0(wUY@x#X6cUWt)foX9ID%q!30F%4}lDePp__T}?tsyP4)OPyVl z^QEqR2qYMqXHx}Q*yDe%Yja6o0pN5|Z9XCS7>IlF_%gTI^!N4WMcgve8T5sq#=FMS zsC$%N5>b9n)wEhXM-8={6G(A!GM`S}Hc6soG$eJx)g@d&Xt}=tU@~Ak>-T>|dIMAW z^<0&|v(j#}NC-06-x?+!IuTw~u87?c;`q+s zgx7~5j|Oe})DOHR`5?T!M!i{T8D@x1*qr0> zJ20~QI=bKL;BNYBo)WP+R)CH$A1r@dKEKWiftky#abxHY|U6J&GA@E!2Ikg ziO{KS+*sq0VoJ#f5pjQY`oT(>i0oJJzvc8`5v9FQVFvB4Xgsg+Fwi``;Z zK$4fcAVa`achLFyG51eJUU6F%3Cv6D$39cvP$+3BP)~Feah%Fl@2{xEvC8+OT~+sU zfER!@WjVYo$l1sJ=9)-NPX6C;YPp<|)jXl<9_lkHt}&~fuN{A4<}L5`rw+mnMf&l= zTN97Qb&Qg->YC=@H&y%9BR2!jTQy#>IY6LbXkDw6XaB~ViY99@91HV(|0_W%6FF-H z^u^a`Q|S-Q6cYn{*hQueAUVqQl7o&c9n_q3m>m+s>`>Sh)%m;t4-YY5^_Em?f;7c0 z-pQgwi(t<1(5-(M1@O~CPwh9TvhB2WeYFjK@M>ehaV=2PrN!MvT4h?U)oxvOkUoWKn78O7iSZ_~)k5vv5(enDQw%gi&B$#<4zQC zFgp!zMrVJE_qiy4YXwi2o=?kzgrg!)P&nDU6JBZ-+%)dThw!Uapv1h3zN7z0>< zHV)sNUGTB~y+5?J`n3z{DT)cHme%*($w_FS1 zX>u0z7`bP8%1?B;+pv*^7Jpgd=lUJwo&HtLXRUuvu1(1$Q@t4p!3t*m1Wd!u(Ngdf zM=wrY?BolruN6DJ(W&bmyc>}7-PsQpP;Ab+@@|k(BK=840q!B&0)e-j07gf{i@2a0 zhl&jfcMq``o*XZS5qGo#wcFFhnCz{1ux17R(n$OtCpEn{`s*Pqao!UDsQI*Lq{i|Bdr`&LgVZmbq{osA&=PFfjZ28#0vhpG=P*T#prTey@b7&w!m81 zUG#7yxHFu9y^90IK*$g2rg8{&Oev@jsq7yWY7sL_4h~Ha>Qq-+U?vk9V+j;jt zs|@qL>XxZV8gtGn-_M%SmRS#<2P0w&FrS@3niyncVCTpjwn#fSJj~=i)Eaq|AC7`2Omy<1&GMBjEkZO#BZ` z`EL>&Zv@o7rD8haZdNDGLggk!<4_+xhLGIqsi7_R_>d_A8rnS+|3QOe_OfwZ%i-O4$U;}Fr z2gW&U*&>mL+RJHGK_fP6B6V}vekV7~trG75`>`-k<~qoOQ=yM;DR5QQ`r}>x{Nae&r7G%l@%udw%fydfA%#SbBTP>OCTG+Eq}9 zS4T$y>pqzQCH;T7mq0P`rR}om%kzezs3KV47lPCJFVHM;>xY4@b4c+c@(lJGOaPKh zlAj!lJX3V{t-FI2ojM=U(PU=~g6}ZN8pn#y%gV<+3|5gErsiz;B7kpTwF(6+V%Ec+ zee1gUcrv+EYqZ-Xuyu(4z}CMMG!9%mh}thVOO_u&VjZ4f_nv_Cqe(S523;6zFFGOHg zead14I5?>KO*e2Nu=jr~@R2m4-C5LCWUUH$$@CC-9(F4@PZ>(cJy79I;tZ!Le6kM9 z|IWAiOOAh%O02|_@d>bRGG_dEN*RJ*1EAN!fcP$K>$X)ZpFzZD_hRM>AG|DR)xDj$ z0%pMIs(SPAQa0f<$e_spAr?HD~;be>oGw`W|d^^XYilf+cSrmvnNyMxSrQcc) z++ry3w_MnKZ;-@~i9TI(IU+kOY~X8n;BTBus&KegEl!pz&BzeaXlIKcpYdMpXv+*F zySjgsT3C7{q;-ooIO8L~7rxao{&R?#88k$VD=0PVl8Rmxl#e<_jz#HZdwc=_o#I{dgS4eky{*Sh%(upl zE1ljRqyzRy9`uw}dsM{2cpS)%X|SG|c5Z)}sD`}9Byn79?!cxe4%ac0y;JOYg&`eK z0(+M#=HK!%XcaLjBr1j6GuYe>LI`$Y0ghtk8~8;sjqDA=E6O(>+_tVd zCr~M5&h=aAlk$Qof|AS1teFWvA6hTF1ysDg@mfsa+9jGXwVqDYrZ8NwGEPlTa3p^R znS%c7`~^Tt9`#1ES~8ZlZnoc`gYUvfC4FT0bxG~uPQO_|wgKeh5=i?&0E70zmOHIJ zO<6g2jq6U%FU*}+ck3};|Gey2E?|a9Yi;MQxKd)iYjDGb2nBa%s9<}OozZn-+#!4foF+`rwV9* z0A?t#HPu+8iDo>}gM)x5)h^tyaYR$9Jl_o^IoZ<`+uiI|VWlAer7D2+rH9UacRT_a zx$JV|2zt~yZlfgov75miMuWLNSpQNjZh8wUiexK0vw=p4?SJadw?dM*;wgXXPMsn% z9^%H(-{3`oQaA*hwWFyn}=X>r+`iC~#U%hbaY9GeFS%8zbhflK3X0!OOE`+{o z^s}rj*SkDSyY?md`A@9$DS>~{Ae+zhfT$eCDUw$q=)D=chD*~yH!Sj2!`N1 zra(>|=K8An7?4m^Dk8vLh!u~+q1ofnQ?*k!^?n4@hOAYAbe?#*95{dBkE?C!G2oep zm>~Vc`TjPw=AwgCS3;&R(xEoZxnM(ko8gH?8cdmOGT}jcm0EA#vEmQej}dU9CqTsW z+-58GquTvTlN`NPC}n>Hk+Cd}gmh5adj|o7TtyNcYmASIR1)I`ibD0bOn2sK9?@lP zk(CQw9<&abggQ%{9aDcZwLvrI0hh8u7aZ18%Fnx7(<4&|bJj5IsI5?0cK1XWV%s)s zFX#H&b>PODb>y#1er1C)U;q2-YQQ@j6!1c)yIt?b7)->rHZ~8qoELN)d*=C*CrN{u z>DPY6Vh+z-V+3e{C!GLQ0n(?W6P8HKubZSSW1Dn-NYQ=*t9*ZwRBAvhEd!v1^zUhT zIGSiM$n>aOB?K?ozyXYQItJ<420G6A{EOb!~f}3)WBpD4a0%2=W?? zVVvwmU~U(gxqs|3YCelh9kYaZxRR}0k1af18ReToi9 z^lR`Jz3Ls+#53V~2<&bPXbLiSI09G4r%d3kQ*ejBS?5lX>^W5-xNzoAP$NGlNDVCy>aqs@74V>tcNct);AI0#}bxVl%SYLNU?GsN+$+>#-gC(hNXm4In_ zUcNtlc&o`AIAoy zT^RBlt3Aw&W^b@!VG`~*=_m9BizT#`y&>c^aY1OoUV`-P!)`p=e&;!G)Z5!rD9i_QaXwY6G*I-nASuW9Yuh+0HSUuyO;t>w_s*|{9j3&R@A7QQ zG=vn!;kD?Q0=-xhB;A!4rD|>@C^yFc7nLoZlIEkkr^9Iri%+B?-(&q(sbppisNhOG6cG+G;!5xtmbJ_;4PzRQeQ>BWbW$_!?qP1`=G+2m&=he6Ap%P<4GKP zRy5Va#2~jY#Qn8@Jc#l02B@*uTiZf%uvB5YOwRtvP%ZJO#D?u9^r zf(tku!ZaE#Vt7G`!a&01d5h2=rAqmUCtI(Eemgv@M zYq>~ZqGQj1>qwFV3f+H%s`P19M+QGAXxq9$TzBjkj&TU?Q)|)XMtmgQ_fB*%0Es${ zwH>tg=8?^X2({1VJ}Nbr-SnNiNV5*oz;9+J7Uf6-jNqu)nacKNm(g_%hPd#LvJbVe zjjx=t?nIf8+4P`sVjSV2g17c(<3&-Q=14g?selhc*Vy>D1VB>3 zljAf~%nsyrC!Gqig6di&ivR zq%(?bSs(v3gd+|S8F^ygXGwG#56RS{TAN&(CrGo`zXpHQDlt_O!6#8IA_yQ3&37q< z2GgL2{XvLluJd{sFZU^gqAp}yr-BH15@a9Y$KeBsDxzv70YKr6%~u;MPDaNi@|ndri0ix9UUk z|K)rnBDH^>;gbz1s*C`q1<%0eOZ%iO^@G51^A58ATzSm>c#6h>+7VK=8YW8G6d7{Z zHq7e8p@OoYQ=sDiOj3$(K4_n3s)5`CrPY(L1tDMYKh~MrnK0pSIwOM&l_?>vk0->M z7K#;JjJ%Nu`Dw%=I{Oku7w&=U)`zF z)qwcQ9ti}Ii=tUTwOu^1$+_C=Gujb+>Qv92!&*qh-Jy5HL_&2>QQQhC)?wp9jRlqV zdFS0|8S$11Cl8YYULb$wNc;=Bg9&KytOh2hEBCw`2Esq?)_d{a{h?1)T%i2L0d<)q z?=ydthAUl1FuzYG*Hw`qJ+gcFWFR>5aI!sJd9s{eoMw<}%IN+fbfcfCchWqEN_TRi zYf@;x9p2{+qjm+w?%G?{Y&Xz0{KTy5MiIx&TUQbueEKlM_$To@Gov`WQ|xtu8>Uup zwjwH~sL~z`%0R_v67`>V(h6yBTNcS7Vvv6`GJ-VrL@q59JYEI1*2m*+TW>DZjmiS? za9dJmAIqt(4Ki6C@C+}`-3@XWZZjQXxZt_53(rQyP&b02?sG$zTYE?Di>=f3WUA9( zb;z3ozKM4*(^loHFEI3TBxU;?1?e`sw^n>v9FOz1hmu3BD9qn0^Ce?P!;-^F>>_`- z)&Y8T#;v8S3@G^${}RCPJ#jvuGiT|@;(_2{X=8mD0om5DA_K{{(^QeLIRRa+tB;;Mgps?Du* zcPMnc{S$; zt4Rzpp9~;u07sV@nAwbx!Z3p3A9NsuE0&73gXzFQxIn4(+_iKYwQI+ZxjMV%o-e=~ zyb?ri!>-!KL5~HazC?lTxH-J%vP(IstU|8G__$}#d#mI+F zCF+V6V+%~D##7ALF%t28BU&PKo%IU&n>cdEhQgtNlBz|EyL`83Dz$TWNjK3YFkRQc zjUQ6>9BKRor&>tr;u(+PoPD61{RVeCPpc~^hL(320A;{S78 zgY5^-%=rszy!odAVBgp2<0^qjhauQ91{|G7@%$Wi5&?Ws!+!nktXG|Bh5P z)tlnQ=A!Q2wP#Ct_-a^Owb){=I*p9C!I>9T&-F3|8!0 zIN`ROTFrjIU)|$p)GG0-mM6Q+=v&$k8;K_7Gz;hY1sF8+mLOtP?Z($bi9p+Ubdfsm zE=(-o^isq-t{EyHjX>QPI9TRLH#T5uiumztRFSIMZD+RIC-Hwzqe355En|&tS$a0~3*86{rTFy8DOo$uea@C=MH$9R_tp~aSkQc@9lA_dTuvEtr3oP4hS}`xz zKIU|39E%^(oJZ8AZY2H*vySh99?h~HOt~b#Hnrq^h8rPqvOYOuiYa4S{4|;v89T=QYcd}0MlLbwI|IpU=3XQA)1abWJ zC3R$89vS-m15g7WA1DKEsCDqN`oEYrIXc$ph#&yHVJ7YxkYZ7kekmBI(jIJl+$5*s z+VN)|7#RBxJ%^f4VWuZP2Wl zVLJ%(X>MfCcaj1zMBGNSIw9PwbS%?y8(bSx+u*)iAx*(CLL8{nLM9Q(oDq$`yxVVI zu01#?8`R~Te_8SwQ$fc=a6`mwH6F>TiHbkz%p`xiTf>&Af+LQK8_BY}aKy`O5vW6i zNA0+=Ug_ovsME@%pkEdro2VRG)Zr9)sU8Og30Y3cYk7Um`BQ@dA3lOH=yb*`HQxPRnj?@65Px0wAxByCHc3fQ$l;5}E(_qaPaGm7giPP1*+9s;a{kZLxjaV?-Cah@;Y`3!OY&;j zCw^$<0T)ZP3{6s-Co3UTaCsi=hfkuBbSQsW^9ne39n&nHBWbXc^*DeBxIiN2mt&Oi ziDS^T`pBs}+LKR{Q*_&A32UFh^ujc|w>tmGX2qUf`uqq%i{h3VjAqnU+*&5dHAz1a zYkl_TR6GEfEmIo9Pw?_(mKlyLlF^IL4!s2DK5uli4Pq+tXMcY1FBnUFVw>Pf2=7|q zu;1f!Ug?*-Rxz@#8-U{w#LVNs=G=9%Nbf9(*G$G?E7Sp;87fl`8bYTdWBOxOnV-Wz o&*ELK**;e7ejx`(E0jOCO4^y0v{>O8Kk* z7F0Aoc`ssR{OINHn0~OBP}}f0Hro03Qgn4H+fkU+jog!~%m|!dcJH9yX8R4hyAD?E zBZw?u1{|q_@W`YA@E1)++8wPIOqxqFTjX_W_hgM>a*9yzUjeX@<|2RI4E=)|0h4cl zf(tm_viUt-uh_AYf8tsm$RDP{;8!A?sc8om&cXJV2o<#C$qSX4R{QwscwE!lvit<( z{$`*^^h<|X9i!@r?GP+WSZa^^13}1J^mA}YY?8wi6jrj_QfWD*ik&{9BB7-kRj^1+ z-l{-r=hH~P5J!o)+30`$Hd)8JcOear&Yd_A8+sd5-KTmJpWej4Q~gy0O9sP?6%{8V zygQW?!n+4{ZhgD3qfOEOpTW#CjTzrZZm@q8v-Nmt$lmpG@IDG1z#ZW09bogfhJ*`%OGhX=-Q`71{C9uHvxp|LGzjmxqjFti z{7){nYN*{#2~m{W$!C25gV|7NRNSy_`^Y92FXJeK)T=13rU^@w+h;YhHvO6gnc~x-n9Y&ZAChNMy zlUu@{hJ^eh>cq@5H*xUoh~WpX7oFmaPlzU#@{%GHu+D!3jjIX7u}y8DA=u5xNUxy% zZ6SM!^*N;l(>^K6G37EcD5zoC4KJN;E{ik&ADmOUnIHtyN!q_yG5ec_Od-1_W&IB| zT6MErLXTN4dzS_Zg2do*?|bxTlp40dhaRU-Gp1}7v%pkrj-T*DvdyjImy};*$FWQM z{_7(QeO!Omn}-a3ZO77`leuD)yEjt6wLcrY5jWBAGZ86%;DSaOe3J*Gm){7KrgV&U zuHdrGBqQ^nJM}VEy5NTY0UmTGAAhhpi?7uFwTv6y4%7B2lmUwM^7eb0aZLiepJ{~Z zGq&2d65`+moM^r!m_NqeDdkSl%zQnx0lPbGnA83l0)DXJiq?8;|@<2 zFRv6w7*0rt2Sm;4{cs(Aa2ZR3XTjusUiZ*sHY>T*H0zj>)J~a~^vT57Y}rd7+2{H( z;DUckFgx7lyTpL?3go0Hh91VdG=zE-=Ic_CW11R9^hMj7eN{1#p?|~;+|FC+aLbq$ z<{k^iF#jDJ%>6)1OpWh`xI);L#Zv%v0yHVpHGa4cIeqre!93-Py&kRM!LcYFzMhQ} zj9Q>3tV|kGS`m+Eo#wn}-96bKUy-_6EQ)O8G7!^e#Yb}(}S;>m|!1gj`rT7P&5 zGU~lR_~p$Rf-+GzO1o$VH50&5Q^{fuGYlW)>d`1exLQ0|gBl$b(c%y_as1k`ePw^W zF4Xg~#^vS-S2px#XM^>1sHC>IHW+bgr;DVQiK&}pD12?Ad;qAMR@*V_D!COo1Hy6P zrH(G7&2hZ~qhy)=R5*u9$^)x_DtF(P7LPEu0v0?>{0m8P;})s35vz~}?de1md|4&# z4aWHR{I=8>mUkc!mFK>&2eO3rhSh(c{wO1ZV`}l|c>TSke3u0IRRbpI=4gkMwlR9e z63Bt|(j@6f%ul40M~G(5B;5#PfyERNi3kiBGt={@SfH`DK7MquACb%dZD0tn<{5B) zzXu^V0_}-Z39<~|b5}Wd{R{=~TM~o5EKz?KBr>%F z^{1LjnWGk4$rAJ!C&GLfBdll67u*h!hB}qnK}(}ZiG|_>^n|~T{qFoH-u%Rcn>`kV zfY(vQ4r;aGd;$O^b`|6z>g8Eerc}fyYWuAb_DF3YLxMqMwDyP8hQ)9zR;%pFqR)_l zc!3+&-*+lqi&yL=x9Z3WvQw89kDIjRH{&JGbt%XQi+_pO~bH}Wfu)ZHwm6ESF91jvC45#S6VgY{JE zY;^h_9P2p@;|#chZu%V1oiqMSiFA0!qTV>DV%b#VrU10W2wHz0Uj*L?Ra#4Z`HRGa z96j4Tar;DM+*dPk$P)C*7AAISL7E^O2ne_cC?xc$+F@|9fAN&4V8Bn3jmJyJ%ms&C zsQo)IGJiRFf0KKt%Oox!Be-UT_hzX4f^YFiDryv} zpSc5)U4~-W1H5$*t0bOFwsXJ!NXTtKLiD#Lu}+DnfrtaXY*@o3b1H4&J%XOd)c!kKI=*c>{leA)rWl7gYyNeH9Ix5TJ) zMjC3m6qT zh#8>8+VDjBTTi`L4Ubv*EI&x*_bsOcL)M&gSmGpgmu1=P010vC*H-&$eXaP8^5Xl6HLqK;f$}zUV7wDyr zdT047+;#N3Il$~!HH8)6yG(*5xS89A#*n4^l#^nEPT@;nL~ z)w71W*Sxci0n|2?CD&W-$Z%;|{OdZNlOFspc_<30%53CI(igd7#!xUR_t3hnO*BF7 zlIefwLI!aTshmo=-R)WwwCs=pH{7R(e#igZg9r8oRT#;^8wo_Dgi1eHx+X4o|5;tY zq|_rN{3d{Mu@rmv8NskVbY^`|X zd7uK1cr(BGv%fLbR!0?wJL&-MUivifuKRx&Vph2@k>U-z>3uO;=WNeiOP{`2GSesJ z_VHN+8DY^xxQw&NzQPRpU>}|z$fEzdK1CJeqOOEUZ$2}zRCeY7eVCv`N4#2!5!m24 z&X8k(SF&eE)wia{kx+wB@0#@FT#u;%Y^CbOj;gYXZ6B4bBwib#SLW*F{g8gr_C8uN z&75{#2_dCs`BKxfVD(kjAui`@?h-TD3MoK|gKi>kVsY$X8U!gTBS4&FCFO;TnB>4A o%10TB)b2??rFsiKSqKEJDg)#Qveiri9y-_C%70&}n2NE8TV`4GhyVZp diff --git a/lib/hx509/data/test-ke-only.crt b/lib/hx509/data/test-ke-only.crt index 9239de472554..7494305beb42 100644 --- a/lib/hx509/data/test-ke-only.crt +++ b/lib/hx509/data/test-ke-only.crt @@ -5,22 +5,22 @@ Certificate: Signature Algorithm: sha1WithRSAEncryption Issuer: CN=hx509 Test Root CA, C=SE Validity - Not Before: Nov 15 06:58:57 2007 GMT - Not After : Nov 12 06:58:57 2017 GMT + Not Before: Apr 26 20:29:40 2009 GMT + Not After : Apr 24 20:29:40 2019 GMT Subject: C=SE, CN=Test cert KeyEncipherment Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:bd:6a:09:6d:65:fd:2f:a6:02:74:48:59:5a:d6: - b1:cf:d2:30:60:21:92:bf:ed:94:d1:df:e9:de:b7: - c2:c5:5d:c8:7b:a7:f2:b3:e0:1b:78:ba:a8:ba:4b: - ee:95:5c:06:77:10:39:be:e5:4c:4a:f0:1e:96:a0: - df:77:7a:7a:06:ce:95:b0:d9:fd:ac:4b:85:45:b1: - 7c:a5:51:af:b8:c3:82:6f:21:09:37:03:b0:61:e0: - 04:46:a8:71:56:a6:36:67:79:42:e1:ef:bf:28:1d: - a0:ef:02:6e:26:60:e1:fe:05:95:72:87:b9:c1:08: - 8e:ed:dc:fd:71:06:15:80:79 + Public-Key: (1024 bit) + Modulus: + 00:c0:85:dd:0b:7f:d7:6a:ee:c0:ab:e3:06:fd:40: + 44:10:23:e3:94:62:a0:b8:09:af:cd:01:eb:47:92: + 5b:07:c8:7a:84:b8:72:12:cb:42:a4:b1:be:77:08: + 5f:e9:6c:d5:05:3f:eb:61:9b:96:68:39:65:79:04: + c1:08:c3:8a:b3:bd:42:79:31:b6:3b:23:1e:d0:04: + b1:dc:80:5b:dd:1f:53:a7:60:78:bd:74:d4:27:70: + 1f:0a:e5:1f:42:97:ff:8d:af:c8:03:99:e4:28:f2: + da:b0:ea:34:a0:d4:39:37:59:37:f4:71:1e:bb:55: + ad:d7:91:b2:a1:c0:5e:40:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -28,26 +28,26 @@ Certificate: X509v3 Key Usage: Non Repudiation, Key Encipherment X509v3 Subject Key Identifier: - 17:F3:F4:8B:D1:CD:D4:A3:D9:9D:A0:0E:6E:52:EE:11:03:85:32:6F + 95:66:6F:BD:03:40:04:B1:BA:9B:FC:A6:F1:CF:B6:93:41:B9:AB:61 Signature Algorithm: sha1WithRSAEncryption - 5f:1d:86:c2:bd:eb:c7:75:ad:b6:ec:c8:10:96:4f:8b:b2:36: - b4:7b:ba:c4:b5:6c:1c:2e:80:eb:d0:97:5f:71:48:8a:79:f7: - 05:ee:2b:96:ef:b9:68:0d:fa:86:73:c7:30:3f:22:81:ea:cf: - 46:3a:4b:4d:31:39:29:5d:1a:b8:44:ae:12:f1:18:ea:de:55: - 47:f4:1c:77:07:34:41:cf:1c:f1:1c:f8:0d:63:c1:e8:b4:98: - e7:cb:c1:2d:96:b3:5a:21:6e:fa:e7:e1:15:87:84:c9:71:31: - 5f:6f:93:98:7f:ca:00:d3:8d:96:bb:b5:03:af:c0:4d:4e:a2: - a5:97 + 3e:d9:cb:96:da:5f:4d:49:10:45:2f:42:cf:32:9a:d7:fe:72: + 4f:24:d7:60:e1:0e:df:da:03:73:44:4f:27:7e:f9:cf:aa:16: + c5:18:8a:ec:0d:56:0a:1f:1e:41:87:0a:67:62:d5:73:20:26: + e1:2e:10:6d:cd:ef:c2:28:2b:99:9a:13:5c:73:ad:a2:7d:5c: + 34:31:42:b2:44:52:ad:4f:96:06:30:b8:31:59:b6:e1:68:5d: + a0:ee:0f:83:45:1e:51:9d:8d:bc:8f:43:9f:42:c5:82:90:e4: + 00:9b:91:13:40:e4:15:60:e6:cd:3a:29:a9:4c:a1:c8:33:0d: + d6:24 -----BEGIN CERTIFICATE----- MIICCjCCAXOgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1N1oXDTE3 -MTExMjA2NTg1N1owMTELMAkGA1UEBhMCU0UxIjAgBgNVBAMMGVRlc3QgY2VydCBL -ZXlFbmNpcGhlcm1lbnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL1qCW1l -/S+mAnRIWVrWsc/SMGAhkr/tlNHf6d63wsVdyHun8rPgG3i6qLpL7pVcBncQOb7l -TErwHpag33d6egbOlbDZ/axLhUWxfKVRr7jDgm8hCTcDsGHgBEaocVamNmd5QuHv -vygdoO8CbiZg4f4FlXKHucEIju3c/XEGFYB5AgMBAAGjOTA3MAkGA1UdEwQCMAAw -CwYDVR0PBAQDAgVgMB0GA1UdDgQWBBQX8/SL0c3Uo9mdoA5uUu4RA4UybzANBgkq -hkiG9w0BAQUFAAOBgQBfHYbCvevHda227MgQlk+Lsja0e7rEtWwcLoDr0JdfcUiK -efcF7iuW77loDfqGc8cwPyKB6s9GOktNMTkpXRq4RK4S8Rjq3lVH9Bx3BzRBzxzx -HPgNY8HotJjny8EtlrNaIW765+EVh4TJcTFfb5OYf8oA042Wu7UDr8BNTqKllw== +OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA5MDQyNjIwMjk0MFoXDTE5 +MDQyNDIwMjk0MFowMTELMAkGA1UEBhMCU0UxIjAgBgNVBAMMGVRlc3QgY2VydCBL +ZXlFbmNpcGhlcm1lbnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMCF3Qt/ +12ruwKvjBv1ARBAj45RioLgJr80B60eSWwfIeoS4chLLQqSxvncIX+ls1QU/62Gb +lmg5ZXkEwQjDirO9QnkxtjsjHtAEsdyAW90fU6dgeL101CdwHwrlH0KX/42vyAOZ +5Cjy2rDqNKDUOTdZN/RxHrtVrdeRsqHAXkB/AgMBAAGjOTA3MAkGA1UdEwQCMAAw +CwYDVR0PBAQDAgVgMB0GA1UdDgQWBBSVZm+9A0AEsbqb/Kbxz7aTQbmrYTANBgkq +hkiG9w0BAQUFAAOBgQA+2cuW2l9NSRBFL0LPMprX/nJPJNdg4Q7f2gNzRE8nfvnP +qhbFGIrsDVYKHx5BhwpnYtVzICbhLhBtze/CKCuZmhNcc62ifVw0MUKyRFKtT5YG +MLgxWbbhaF2g7g+DRR5RnY28j0OfQsWCkOQAm5ETQOQVYObNOimpTKHIMw3WJA== -----END CERTIFICATE----- diff --git a/lib/hx509/data/test-ke-only.key b/lib/hx509/data/test-ke-only.key index 878267e0156b..ea8a9e03f9d1 100644 --- a/lib/hx509/data/test-ke-only.key +++ b/lib/hx509/data/test-ke-only.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQC9agltZf0vpgJ0SFla1rHP0jBgIZK/7ZTR3+net8LFXch7p/Kz -4Bt4uqi6S+6VXAZ3EDm+5UxK8B6WoN93enoGzpWw2f2sS4VFsXylUa+4w4JvIQk3 -A7Bh4ARGqHFWpjZneULh778oHaDvAm4mYOH+BZVyh7nBCI7t3P1xBhWAeQIDAQAB -AoGASR2vee1OqJ/6foyXAXuys7g9OD59eVzqf4Fhs7lXk/w5sZIJG+o8cIQNMayx -8jHNxRQcVlYI9zxtclOzL1m11FPRgP6oVicPdIbKf/9JQhjlq/RgX/N66iBSPOW3 -80RtZ0G9pI+9RQN3sG1t39sXyMZJz5ApkcrsIfkX7Ej8tAkCQQD1mqP32MjUIpDc -x15ybBXib7E/27f/aM04Zg4D1WLkYANmUKFLiNeKKEIy+R6iQ9bqcWdh/u2Pu08e -I9eusolbAkEAxW6GQOihK5hsmKY7QdrORP6I6g8nqu/esiN1/LMtIVZdHtuaLxea -3XUIewnK1h5d2eKXyWjMgT8o5y/XtT5xuwJAVW7mbJeHPGuNso7TZr/8WNj7cjgu -5/R/toehhmnazZAsfpG7mbfPKirY5DxOEKnCf6jVCnyQDHhejCBxrT5DkwJBALrW -MW7Tt1JOWNbM2V8k9fcM+fymgt+dSJ5EOK//0EGwPUeqgmr2Z7QTwQbO6YlgC2ja -qtILvxzA7LB78iKvCWkCQQCOPkDbIzy5JM8AZtUFYb7PqJBb5fHDg3wiKWXiTh8+ -eaBxDdbBxCsamPLwfP2cguCvVv9yz3ODA9Aopny9iAv3 ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMCF3Qt/12ruwKvj +Bv1ARBAj45RioLgJr80B60eSWwfIeoS4chLLQqSxvncIX+ls1QU/62Gblmg5ZXkE +wQjDirO9QnkxtjsjHtAEsdyAW90fU6dgeL101CdwHwrlH0KX/42vyAOZ5Cjy2rDq +NKDUOTdZN/RxHrtVrdeRsqHAXkB/AgMBAAECgYEArZfGYXkLb0MKfbJ+edn5xSfn +K8PmsSsi1lJ1qJph9Fmjh4qcaS/XzpLqb4Ago2Rbi5lAD0nwS9f9FCriN5nBtJCO +frm3b4Ct0yQrtwID3kVqGDg6MmMu+11x8IlQAz/zDZ34ik/3+Z+G9N4WRUD2HFRr ++18SzS5yhZmmjgKYkGkCQQDt/LKcz020nfVednN/6fzx6ZbSFX/x8MehJaI/BEbS +uqAl6u9pr24I8FaDGySdBsJua4xZJVS6YUE4LXqRFeIFAkEAzxg9PQp7AqK3Cf90 +6pS7IKnHfRraBY6uvioHVIqjU1LYOoLGHKzlrtOhGDpN3E12S/0u6LJZGRAZ/7Aa +f98LswJAFbvLD/j6jrESNGM63waeW/VKGbtu6MhlYrkOHRUl5p62e1/+JzenI9fW +/rge2txAK1dVBNsc5rx0+U1l8RP/hQJANZFXhcqINw5Puk5Rt7vxC2nfKAUiD/3w +RVApxTx3Mr5jH/9jr1cpsicbrGCocyu2RcGfuKEpWspHb1PmBt1y8QJBAJYfAmjL +B4p8C9TCnb2NosRj/2wLcvdMJV22E8KFWzXAqRL9FKUKASULKxHy+rne4FHytEQD +w7MMQNWHjQVnFcM= +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/test-nopw.p12 b/lib/hx509/data/test-nopw.p12 index 49db084e6234283d5904727ed7ef96d34aeaa2dc..bece1f1cce41bf9065c29deac788fefe73190b76 100644 GIT binary patch delta 1582 zcmZ24xK>cfpowE86C*Q_%4g%$YV&CO&dbQoxS)w6fu)Hf1}GdcQE7&hrGbf&nUR5! zrHMh5IIkgyYXad;yy8@!)g{FAw(YUhwn~XJs}El}Z}8=g)`Y^t3=#@0#n+aEZYz9Z z{CE4}$GKPjYhDVgcSwG+U#Ls0?tk>ltaAZd9=8fER62WT%Tu>a{B|s@)k}Tts&*W& zxuE-dYQjYar#%|$KHAjq#h-f8|Hn&9_PqeBFK5VhA+gHc`_C?zls0e5!~c_~GV0Wy zE6=;f{YCLd#Q~|B!#mU7_}F?W8}P!t#K_9Zz}(o#;Hqr!<=l>w+ZO0~ElAnBFZ^oC zTd&@!i)TsNgjI_y)5|e8U#GRvNsnhoUHI213(ek&;LW-x4o&~OIxy?V{kG|+GD0mM z{FoWFcgaJO0F(ZLOC`EHCcNKqNy*>p+`gt2-kXiiO80VS*7986W_%~Zv23B4LfkjWZ1zry0nyF^9_Xu>if6=OKJ&fA>@$;m`8Z4eqK>i=54uVGsq9R%Qt{2yDQr zU~(CYG2HKyH?ru}2hD!M_wG>a_K&;VAOBl#8z}Ji1+Pd1tJ(6`H&~yl=Lhb1GvOxl z!##5*TPVh?_sglyNnJVV?3DK_)=dx+snA_4y2|O}O_vlMn*)2TJZ?0&c3-S)dcc35 z!zMv7-_U)=I{nid7w$Z`xG>J^Q2PBeuE4Ep6IgFEU6H!9(~pru`*1kp`pNOEQuPe* zcmrh+rjIO5Om7XEm|g<$Q#NjB-r?b51W8r_1OpPx{ z$vO2j$U5LyV`^*&3YJs%(vKQne9cZ(=yLtKLs7Dup3v zsij{#U!W}euj}r=m!CPK(7dw77eY(C!$+?lqk>STmZ<8a8 z47w)%ADK$trkgpxU`W#O+cx1qqk4JlgA1|wy<3xS{>&-OrT2bIimT4QceeUl-g-?n=JQF#Ob=oszpQF>>8yJt za5JlDiORoyDr=6PS9Z|l{`33&kKLayb6tN3G@@Zzi@I+`u3yv^)#`^TdqdkvBflN-#f-`1S`GoFisQC3&ThFDzvE@I c`~5ZVs(0J(uwda}HVN!mHDSehCMFIB00=6$fdBvi delta 1584 zcmZ20xL#1npowEO6C*Q_DrDo-YV&CO&dbQoxS)w6iKU4n4k#QoQE7&hxuKz$OeG#M{dF ze}9jx+TfRbY?UsTpX@pr-V;Islh?;QH8i-d!+ZV6yo-O$ty~L#C9R(jcX;wtMxFW# zv&(079A8_=E*|!f$9I!*YvaY&2E1@DF|x8UFgG?bbo_W%YicI5vhc~#l$|FJ>CU}c znXW2yeVT^P-AP%J+2{8Bs@VJa(vg^zH@&vMcj!OyNGg3o#FE0Y_Csm&GQ-VJitadm z^OwERK9RU;$C&y;BsK9Fn@{Tyw)bIY0{O7z)_mWVwS+?PAjzIfiJ#RZbamU4q)xNbm6s{EX zMXljJs+ud9!4>0Sa3kB8o#|d%#e(gz;mOOGo%p2Jw8wqqb6Tt8*UgwcIi6Ljo(Udr zpbWzFnWc&8y+ISxYao8k#tqFoJY0+*$r_+w1rs9!auQ@@WdLeP0?NbzWtf1e@dYV4 zr=A8`2OMi4mn_*Hbu^4cB;)DP;zb)1zeFE2ddQc)R`uAlck>#{mb--eFI`yAoIjDH zHs_;J?!&dV&lhQRHZQ0WYn&FyzESaF@!J+3 zvSQ=7WM#xxzig&%dP~#2qYQ!pdwO1PDr&7Q4Bf%%=stPd-f0r;j!cdW-$X=Q$`g*A z-q*E!-}fTZ8NA$uhdS<@oc+z%ghzDikNWFvhvPm9*XP|ZIlUp|M4Y>(wAn4y=35yr zLYAKLj^7bw2sGo90;he<0gv!MN3)0Kct*t;ChK%2hsrEmkl6OJl;vxzTgOeR-z2q+zT9#ZZq*XJd^Y4v>0 a%U^fOTsX?j!f{?laz>{8{`X8w91H;A6|lYl diff --git a/lib/hx509/data/test-pw.key b/lib/hx509/data/test-pw.key index e844a98bbc03..fae8e5cee692 100644 --- a/lib/hx509/data/test-pw.key +++ b/lib/hx509/data/test-pw.key @@ -1,18 +1,18 @@ -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED -DEK-Info: AES-256-CBC,B9B1B14B38E4ED57E3F9D8DFA7FEB086 +DEK-Info: AES-256-CBC,8E591DF1F7BA7038BC8A176AA9C47330 -mgUkuZfb6TTZ+69kLKbHpwfSYmY1tRMeIuuqcY6qdNpF70kiZ6BylMYzGG29OZJQ -ttiYmYz1zFYVhWrnpGnK7Raa7CHaohlcPfiUBD2lRzNmj6xYAJdooiR9kWNnZZe5 -JTOpLuokpSWSqgS58AB1BLkK67JGTEhF3iDwPff/oVBjW5X/VMRd62RfDk32MJmd -nd+xNdBeKk7nXwMITZyv3n5KayVohNSpFblIAwl/k8BDLavIKboZtJDqw9LyRpWC -KLtToAWTO7pvZcOoK9yIhM5TtbZkp7pQrebGjoYkvdF84i4oVS85q8swwsw7BFq5 -s8AVbdC0kcj5tfSaJYxFonyj5BHiEc1k1CLkcn0Aff1DhW/vR93W28UgQBT11Lxf -bvHxCSIGp6TKut7Jr1FGs6tzU5eTI2AlWeWJBoANDD2HaKnouRQfDEf8pHP9Odxg -nOQ4HinpwpylimqisYqHbeocO5izz1xioze82SxYQTUGj+gCViSBIBesVaZ31DGm -3ECN94ItCm9z6zAeMNtUdLkTY6rPeetwrXXcrWddD7p5c1HdWEEQHU1HilunQc6N -I39udeWfW0HlINxKu7IgOepNipdw9EFUPtY1LGP+2Xa3ezi8saXPbsq0i/0looWf -dhjvWke/uwi16zwDKL25pNSmSAKyhD+P46f5pcf1yk1MbMkFbfTrHzcxOIN1Fd5m -rFVJTUnVonQinb8cEyqgg/2ufvOe6AnaIqjsKdFUQthYrCg6Voupis+SXRbIefhr -diiBsOoIu8O38I9R6KmSs+CYTBeChWmt1sAJudRIgZ3v5vTm734qwlxijL4sSkYQ +7sslSZnKwAzVwntpdDZkgOP/LOHtI8tck4XJFKWDLRm3YQ88TEOJe4aH6oAYJeil +imCrnaeTFv/KYYxcn0kNmMDMw2+AC5kKhzxFkBpB66g1IY4PJOWbX52DGPLj82IJ +ahB5J0eruslPSUv5NhJc5BbWwoGcOKo26vv0QSLgUIOm5k1g2JcsnhR4UptQ2Oa6 +EjbulkE9RvQWYlTfF3KKlpgNkTO+46EcYJ5a3rKYC3z3R7wklKrYw9WWdIIu5BE9 +Yw4BX07+bUDn7qtTIOcmtw3EUYFVRpSCeDequfRV2DHxdaQs12Brba+nzWD/rMZZ +zCtbkSSk/0O8qmiAtHVfWilE7t7jTxVd1g10ZHrvcOgKfr9Z1UgM7G1EMdjViCkR +CIAYbmDSVLXkmeONg/MZU14XJHizJR4po0iZDBBeyF6NvsvgU1w2Jfiocp1RT8QB +AnRIWKgzZ0chKjjSY/2+q0Fkzae7OdXdggRDVf4HMKWiayi0xz8vBxObRuXRPbmp +QhcyuQUcoiJ69HqFpODBelnwBfNbnMfq2w/u38ytv75Q5jqNoALCsVy22QoFz5RX +d+RFt+5VFZYUsqApA6yzLAJbvVcyIVIFWv8lQwsMzMBFk5gO2KAle0mHhJW1ufAV +6p1tMCWRjRxBMXKQ4O2lHWi2jRQjPWJyJMKKCv+yXEHwXSoDRKJYNsO57m/cDE0S +388gWkry4HT46Gnn2uH+eXavT4Wu/7NWCRuvgV5VLVik/L3OVx086w+3sZEliuk8 +WnfVqctp+BVQEwTk3CT9Bx5TFvAWl2vDs7bxkbAUsYa6yz8JQWIJ7DOsy3UmDKN0 -----END RSA PRIVATE KEY----- diff --git a/lib/hx509/data/test-signed-data b/lib/hx509/data/test-signed-data index ae27556a0ae909873b4ab5cf9ad225f46a680bac..583c2aa7fc1b542e3d42680e8a64afe8e243881f 100644 GIT binary patch delta 610 zcmew-yIW4&po!m{jZ>@5qwPB{BRkWACVmZ|kjh5!HQZ8`1|~*kMg~TfCI(UByoMmI z34}ZOF1J&CR+kXd+qTD2+bSi_tUi3@yup_{S`!KnGe{`36kl5sx~=eu@!#!>ALm~A zuX!n~-XZzPexWY0y8qEHv(5!Qrf&J5C2b|$D>n!t~~D^_ZP(< z6$hkh4)08R<74ZkY`_cm5F;xq19M{|gR8Q^mvcK#Zd;(|wIF5hzVNFlZ@qe_E}kW6 z6ILyUy5EHry7f;a1)I5hq9>cFfc_uHnQ$_TZ5@MC7w-X#xB z0!;b~E|uu+nDBnbB_#u^bNiZBcyBg3E8WYTS<7>MoAI3t$FhZH3VpjwT=y03UA@1g zy#3k!dc!8hV+Ku(hbC9@Ix@bSyqi~t8xgvOlRxpQ`!@E$oz2N_*w|oDXTZ(Inb79J zn99t;sAa&x#-`QE%*4bAXNe*!5JToLP1fWKtrvS^7O~&(-V5(zUwfaYvoB_RB_zr) zb6qZr#VL{4$5z)T6#M&mhW`6@(qGJW-bUwdWxaEP6GgNZTd_A delta 549 zcmdlj_fJ;bpo#An8>d#AN85K^Ms}tJO?kkCAjUhv)4h7aj3?{v-A&nM?Xg{tn@K{x z^|QzN3hxk;)un1@{?UB!+SzVVDkEyr-laib$G8InRoH8xs_|-ucY-8;to%q$D>n!VRrefj^k?! z*~P;i^7w92Zf(5y+JG1CAx2hK2Ij^_hK?WaYE8{#Ru(=vnzHlcA>FxGE7Mhlu20kO zxjQLKGW*<~Uln^lUpf-A@}}4J_YVCh9!aH7h*(ls)_y2$US_!YNzon0Z~n43+9wiM z?HE&kC`9_Bw5UQ4SCT#Qg|E2rO@@V8F zjw9L5RfbKBod!*et&=Nx9T_)H-p#AS4GUdM1B1z*c+~}h;I8K6H*_^{o}9)PTJPaJ z(fwbp)qjh2)AhY}vG0S<9;~grENbU3EhWaI*PzI`s7+wP^POsE*5u4ua+LesTU%=l z54+EdZx`v+pGrRzz1qj0iLp~k*zuTI(pX)ks2HOseWZI{Dxa;t9KnpAnu`Ktk=CIF8x??wOs diff --git a/lib/hx509/data/test-signed-data-noattr b/lib/hx509/data/test-signed-data-noattr index 11b008eb3d4d82dd5210b8578261940c7d496dc5..6c6d02fffcbb10a28c19b14ee7091b92964e7076 100644 GIT binary patch delta 473 zcmV;~0Ve*)9LOB7!wVWYFf=kYGB7eZG%#8h4KX<|G%_?YFfutbFq7R2LVs$C5(4dp z;~KVk7|g4~)Xy;V+$xZ9!vGi{gmc!URkm^DGyS)t<89RcDbiMdKx5>;5{edn|6A#5 z&QP@Dg%P15&BC&LNQU<;alNa*ba#j5zkic)4Of5Ld@vAj8s|U3lQ~U> zzKdj2%-!o%SQtVw$un_N0CuvvsvP07JXq$UftA0}Mo?fCuNWI*3wz@Bf%~w`B4Mfj z=UZfHaoNF#j3`cpr`2hbhX6B*Csz;{1|2O-eppuTKN%7bUdhUw2FPHK$cpaU%BT}Y PQN@N4aW>yN2G#+;xw6}G delta 473 zcmV;~0Ve*)9LOB7!wVWWF)=YUFg7(fH8xro4KX({F)=bQHZ?dkHj~{8LVvx+j@~!e z^Ft%UC$>ptGpMqu@D>e_Nk@B-nB=bB-DI{qNVhHv0vI2K^GL6FOH?#tVg@kqwW8_U zHEhRK^)M%(W>lr1!;_v2EPv3OcbbUDt#JnzR^bdyvLl6o(d#e`1_>&LNQUoY$l@AjkXWQ~c89`do@rM%$rZTA+4?^+z7$@2L0o^rR2%Ud6(EcXVkmrZ2mgKF zadiw!eYl}n;aX0&!QYrW&&l57b8q@B`Z>i}k_g0WLwb{O4Of3n%-;^fltnNgvyw2< zb54x>`sgld#uH^Ef|JNT^vm`l8+AO+&F(RXPoHbY&ItVi>+Ra%f-rHF#E#<+bA+=g zDMAnX{B6@E0pA)B6{~JsX8H;9A`vm!i{~2dypvqN|HQ?8m!z_H^%5`#b$%KzexGCZ Pg?&h#%3P-+w#ETIgN5Fa diff --git a/lib/hx509/data/test-signed-data-noattr-nocerts b/lib/hx509/data/test-signed-data-noattr-nocerts index 0c94ab9f2be9e4411da1cf40a3950de6a8922578..7de2f44928855c2f897ce32581b3ab9bb0509cfe 100644 GIT binary patch delta 137 zcmV;40CxYz7{(Z|#tVPjd@vAj8s|U3lQ~U>zKdj2%-!o%SQtVw$un_N0CuvvsvP07 zJXq$UftA0}Mo?fCuNWI*3wz@Bf%~w`B4Mfj=UZfHaoNF#j3`cpr`2hbhX6B*Csz;{ r1|2O-eppuTKN%7bUdhUw2FPHK$cpaU%BT}YQN@N4aW>yN2G#+;bEH4B delta 137 zcmV;40CxYz7{(Z|#tVN<%-;^fltnNgvyw2`sgld#uH^Ef|JNT^vm`l8+AO+ z&F(RXPoHbY&ItVi>+Ra%f-rHF#E#<+bA+=gDMAnX{B6@E0pA)B6{~JsX8H;9A`vm! ri{~2dypvqN|HQ?8m!z_H^%5`#b$%KzexGCZg?&h#%3P-+w#ETI;kHFY diff --git a/lib/hx509/data/test-signed-sha-1 b/lib/hx509/data/test-signed-sha-1 new file mode 100644 index 0000000000000000000000000000000000000000..583c2aa7fc1b542e3d42680e8a64afe8e243881f GIT binary patch literal 3899 zcmcIneQ*@z9nO6u@$Mk8F+_~Tc}W~e(z|3Y1Td+w+1zb%3zyq-cP}B-w%P3M|#9#~QK*v^Es4!Umai|WorLER>iqw7x{k?ma zrAG!hRBrOX|-6qF2Ye%_@xq? zwX(2)$hiEA%Pcb)*BX1q<>lkDj^I~7x*-^{h+=X=LQz#&WgsywC<78Q;t~>7#gG)k zjbsC_PU%t<$%;8;NV?&4RV^XJPtFg6qR*DllxPKtSU%QqL?)1tg9(al*|!eENJ5> zrfNyujYef7j#SP3uci!)pH!oAOcp^HRdFLhlhClFC1t~a^oKQdM2cwbU7TC&W%^;eP8ak4p9q8f#@Dcyj43?Zkm(65f*63lA~knp3Z zP%g<0k)a?7NEXB71;#1k(k-$AMZ|<4CnYT>QscE$AY`5@^Hd<$XbMEbcsHKSypytd zMO87C1h1K*<1#fsO;m`ip`>6)nk*#rMe)s|VOsg+&ZW1y9)%<*D(u876d`H)3bz-H zrU3fgyvp*s^MsIR){_P%ol3hFOZ^5W^z6 zD;%T&37}ar#M2b#1~^|Z;-^EMZUiVO#PBFcchNj7;~BRZ5rD4UiI@)5MX|mB0Fmu< zkmh^Ms2wyP!r?j~9*M#v%hSF{kYrIf!iE`+!m{AZ{50nal5`j4uSY-v0wb!M3h{^w zkiptR;Gjd}tUj6=CYS=C6a3I{gv@fa;{B}4_|@OjCi5Y-u^JE@S5!kick)I)Pr zEfkFgew`Q<+p34`HFE^dKy++O;FfLX85rb-q9VEjk^XLg@y{;?D{yqqHn1OPaS>l2 zr+)S*IGwsCMrEzFsx8}St8zNwIiaE|18#CSM~VR#aFw&ZAwFiPY9c#??sqyoo?$`P zTf-#BwZv4lU(oPqc!Q7gHn!ZEMQex(hR}eYX!XP1Ml>;jq%nBndFNv!g&_&)DLBY* zK|wq?+A%c+7i~>Uli^B8jN?nDHZT072<} zE)f~af8bA?u~{uv_$8Juyjfcc;Z?iNdpmJkku74kEh&qSts$D>T^7zVtHK%ak>+bT zOcvc@2$&Q!AHuh?@gYq+&{kjH@lCV`Ymzct-9&WM+%mshxFg=itOKfZuLj6 z>^z%1b-DIr_k(TXxw*1ODz;qy>YoRXhxeV`_Jti)#}4oNL&r}_@3n7x;0ImzeslJh z6K{C_`()pVw)UUZ?D@w%6D8j`dhW6Rt*=}0{>_D54*r$0it(S$9h-SPw*85BE?aGu z0?W>3VjX;n*di-#v0I4(!iAfqcDv15_%^WucS`IP_VVMS${E*%l^>4%ymI2mf!Mpj z*7eo-nSr!6NQtT@E*zhIeg91T`kCm#Lp^Us-&;TR!Cmh(g_|B5K52Mnr{AAF zS=Dmv=*?JOgX$lK zFD#J`GRj8Hm_@;Q*0r=xX^JFdP}eHh<6iFy*O+4f^z!~xB_oX zRsOq_{rZc_j!V{4uP*yOk$!Y>RjD_$^BI_3U8N%hP?! ztETtdQSw~m;e*dVf110WJhpq+LuY=pEcEh;y``03dD`=LVORIBT_2sGgDWe`ru^m1 e_Q4mv;~08#ZF#co*}t9>&mTy+>`x#0?*9QqHq-6^ literal 0 HcmV?d00001 diff --git a/lib/hx509/data/test-signed-sha-256 b/lib/hx509/data/test-signed-sha-256 new file mode 100644 index 0000000000000000000000000000000000000000..20228788ebcebecfe201e4cbd1dd6a47dd8fc097 GIT binary patch literal 3919 zcmcIn4Nx5A8RmX~a3sN^g&2$d0&N2H4)zEMg2Z9DTev01-DP(V1UqAvy*+Nj-7eYv zjvvJst__ZyErY^Dya(>4xLZIU+WpH71|nzYlgF%GGdPUASOsdcPr`hI%{ zT#|93PGpX`@ArA1_j#Z1+dV2(v@x%sdcrsHpJkSO>tw2^nMxJiX0=${Mbxsqg3S{? zi)^!7Ex9>Vs?fW*)H0bWTxU-ex`mixAoz&Lz#>*86jkCfifHN@jHH;T_R9#zWF%=S zmR0OT3MQ+Qh8#hPYEEIns@gt9tu4nQ;uH%Z98E$q_ORGn^bz46G}CNvvop64eMHO*k7`QkP_N1Q?6@ zD2i%&!f>Kt1;>!4o8MXz6a0i0QKE_j!f2`!iMosiWj&!_4CxQ*+K>`~29Al?R3fUy z#43cbym83;rZPLJy4;C{Di+$Piie2}(kT+s#9_vuED?XfR)rW(C(csS9y1KEPbLw;$MT2|wh7%d#~^5jxL_CS zWxS}h2MInH3h)9egaroC0Wb0d0|LjkhJ_%f<(P6$9M#i(PGO3$^kz=TqPmK!;%JbCj&CjT#u7T z0wH<-gF!D(pa7m{xGvVi@V6s> zkkp_Jg?YvaK?K?i4=5lQOvBpNFwdIOu>pbMxNt~dgMlgny-${9na!Ce6Ud1`%qlE@eWZh=q1I$L&f5l{}t zWXkeCDrNZ){-sHq)nbJYdDYImgj;gqRlC}K3w3jzEo`?fEsl+>qZ;8|7S1xK!5Q(; z?n0`7Oy=Ea{r+Q15xkOSsPXS- z6M%Pp+xV^=YWzX#_;}8_Ejx>??@Y|CoE}~AhpA()zd~Jjqk7NQV>v6(H;q$Iho`rm zU3>BQ{d0-eFIAoBy1zv_d!%@0$+k;({e8=9=()KaUwEqg_|fP7*7mcaJM25|{Xyp) z_sslm>{Zu)_ip}UOY1KxpZ#a^*z&tyKD+y)j_R^^Z^-Q|5S}kC8GZ4{@ySP`-+T0} zOIDjD$FjeXYA|yyyU}i?a;QQ`p{&Smw^?(~P-UdE++Je8X?9pWU3g*D2P3~+Id<&l z(ewTd9TnM`fwVSAiK(D2%+95_i`-Uc;Ji z?C?GqeyHNy@xE`Yf1&wb#jm{Ag74E;{Po-YX%?l7rQMnY)OSMb%A?W3NrUHhlMY8_H|%nYKT+yVN3FT5op_F-x3J9-UoX v`rG$AZvEAv{6~NE%*BJV`&zzSdUEcgubv8Z9N77rZ^ z!DKd?va^U}o@;)oVI-Ni+MLXDa1l{O@ZpiF@tPP!VKFM8kSwj#P%y$vT>{b~0t(8K zCPO>wC! zDt7UR6S^f)?dFmD{Vugzj`9+0C}-pZA4RmJYN8g`1SE%HVK5@eQMoH&L#!qTyCZTm z2F*SpBuEui2)2>YDAMDoND)*)=@mkF9A+3HB&wPscE&YPmJlz6Flo$LmE%fK&_{qV zuOv`dR${6R^@&;p$%_6h$2E)}lS5)y41zGSWJA0npdLYqiJAuK_b76&7=nft;Wb@} zupEubeWKKbGW1rA+G>Mg`IeX#K&}B z;r6`IBtV~?)hi)ts&04PJF=oz5af>W3Dha1oUh49kU}sAcnanclfkknkzjWSNP-hl z7$yK4%A?9*tqq1VSmt*M00Ow;^)X_n*uw~^+eG1}}-gZQ7@iP?5 zA|He37QcrEB!Ff}FGo|X4d9%ffQ$Av+Yq22ua83>x`pOo8RxU<5drANoygaOS}4Zp z1|YJL_Rw6r9<_<)yf|DF#3PZPWH{Ox@Q@7h2N=JPrLZhGGZ)P|JtW;ixvCJ5fWU}q zrMw(s-K58JU8aC_O`?qykR%&DI+`8{5_QoG<>YWi^DQSR2mCy6mG~(qjT_V!3S=Oe zb{m!iU|DK&02aX{=H?<>$YzQ~*|IeId@dG40X$1Ft+bP3 zzluCQT!SVQU@02};Yd9^pnza74Qm?%EUimNdpU|>0)CG6c`GoG+t&u#09g`tyL6d- zUcIO-@O~E*n+nZ92#Hz4h6DNn!GFC!VFby#9=e(GIw{P_ zhk@E?ma2fF(ZH`6qhedNk?nep;2DUHjS1XR%?tyB+)z|RHzCs13NWtO#b5=NPTL0d z11&b-bf?u%9R;gZRe~W=sV{9vH5y8-R(MXxs8oZS9L|xX!3A7ut*VanYqA_o4WX}F zEp~ekud4Nal4aM2Wx11A@Th;2lXcXr|8fegI>c*yHGZO1^*CzKzyK2Z;fd#%jS=I! z1*FE|Aj1U(@!)8OC1T zLN(rL$BO7qyg|56=EMOw5WVowMBPH-vuk-H<+Pzw;C2B2Jhi?xNu&({x4@@hohduM z2nefnBx(2`ku-b+|G^QH(O`rRe$`IDgd4KqRlCx07jb8fDPT6`7e)G46Ls(|3ul>; z;fy#*M;>9plR3pkmLk5mWC2k})Yh!2A!_PsiLFZ(IB>T%-6cw{S?(wz7N&qLIwUp- zG5B~U0Yi3{X>d4;82pZLa4_p{+Yb~O-yWJ;b|SI#_eV~jKTFJ9sC;n8>8zz_ullDa z0w;D%ulnzEho@rauU4FE-Q5tJK2>yJ@vf_1du#io|JkX1iw>1eyzuN_n~oLUW8QcF zk6Z5f=IEJ$SM2|Jq~i|_jlU^>`rQo!1^2x?{lJxtmCN5*nB8LGo-10M`1PrYk%z)R z`rf6hMw21SaJY_GtLMDD*lZ-Sh&)JPd7;^CGG@O)EXSP!^J4SulYP>~yqS^@`=4Jn zaQau_e|YLQmStuJ(wZP8s*ISK9DV7;NY%!X(8=+(KZf4kIQ+=rAKtm4_5RzRtctE( z`*h_qjaB)hyV@>qT~{&O&mOn`_Jv2^JF&Ad}WCn{ba(y{&^%eHuK_Rm!u76E^OX^>CE&U zSB@R{x3B*4iaoi<)t!qbt6n1p56&YNItKR;yP#6Dzab5k#BDh_mHSLaqh+pjN9KaX znH?ix&ABagCQP|R!Cc#DG-mCAqR!62@o6A(bF%L)Fd1{N9WT$UJ-FIDxaZAbdD}O} zo++Mk9^AIpQ#{4IG;y)@!0R=~#+TQeFB<&2xAoO~_dfN}!S7F>wHnAN%W>_hd@yPqn#e9U_EXZQY7 gocT(=VLbf!w;t;+*&@`fD{JWa(!1H=O|PB#KcPwO=l}o! literal 0 HcmV?d00001 diff --git a/lib/hx509/data/test.combined.crt b/lib/hx509/data/test.combined.crt index 05c1e74bdc8e..ae16b63c49c6 100644 --- a/lib/hx509/data/test.combined.crt +++ b/lib/hx509/data/test.combined.crt @@ -5,22 +5,22 @@ Certificate: Signature Algorithm: sha1WithRSAEncryption Issuer: CN=hx509 Test Root CA, C=SE Validity - Not Before: Nov 15 06:58:56 2007 GMT - Not After : Nov 12 06:58:56 2017 GMT + Not Before: Apr 26 20:29:40 2009 GMT + Not After : Apr 24 20:29:40 2019 GMT Subject: C=SE, CN=Test cert Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:e8:bd:c6:8e:de:37:d8:f3:43:23:c3:27:b6:49: - 65:33:a8:b2:a9:f0:16:0d:90:49:47:7b:90:98:e4: - ae:de:dd:64:b6:3b:48:b7:2e:0b:02:18:1f:85:f3: - 48:af:78:4b:54:34:63:62:06:30:f0:b5:a2:e9:db: - 35:6c:c7:55:f5:30:27:a0:66:54:a5:e8:52:27:52: - 43:4e:90:04:11:6a:e8:2b:52:e4:8d:fe:fd:c4:aa: - b0:4e:63:c6:aa:2d:0a:4e:1d:ae:1c:0d:c8:12:10: - 93:af:5c:e5:31:30:df:2c:0d:d7:c4:9e:d1:fd:37: - 3a:45:71:fa:62:af:90:5e:c3 + Public-Key: (1024 bit) + Modulus: + 00:e8:6a:8a:12:02:ed:86:e3:1a:b6:79:18:cc:ab: + c3:d4:cf:30:f4:dc:2a:90:71:c3:00:18:20:84:73: + d6:a4:55:b6:71:e4:33:fd:b7:a3:e3:6d:d4:ff:29: + d2:56:7f:40:63:e4:bf:12:8a:16:7e:ff:5b:e9:6a: + ce:50:b4:e3:85:11:a1:22:cd:c2:b4:e5:46:b2:0f: + 3e:04:85:7b:a5:4d:3e:7a:b8:c7:7c:d0:2d:fb:95: + 60:d1:40:42:bc:28:ae:f1:3c:7c:0e:5f:ca:e4:8f: + fc:4a:2a:1d:ef:10:05:4d:09:54:b7:12:16:79:bb: + bf:cd:a0:92:66:9e:94:e1:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -28,41 +28,42 @@ Certificate: X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment X509v3 Subject Key Identifier: - D0:9B:77:9A:88:C7:AD:71:07:17:56:E1:0C:4D:B2:23:85:81:D1:EB + CE:77:6E:DE:0B:F4:21:F8:78:C0:1A:7C:C3:B9:66:EC:4C:3D:4A:23 Signature Algorithm: sha1WithRSAEncryption - 88:f8:ee:7d:35:36:1c:a9:71:e4:c5:64:b9:c9:c2:2d:9d:d5: - 79:67:25:12:d7:96:28:4c:dd:92:6a:19:6b:ce:bc:fa:78:bd: - f3:d2:c4:5c:a9:d9:4a:b7:ef:40:8f:c8:e2:1a:67:90:58:a4: - 71:76:87:c2:66:9e:69:57:37:c9:15:b8:c7:d9:fa:3f:32:be: - 14:5e:7b:41:5c:7f:c2:54:1b:f1:1b:15:20:8c:0a:62:7c:71: - 07:ff:7d:df:71:75:0c:4b:7d:b8:a1:59:e1:5a:4e:b7:c1:df: - 98:3b:cf:c9:de:e3:73:6f:fa:2d:fa:39:c5:59:92:08:c4:6b: - 43:7a + 45:23:30:f4:ce:b8:c9:b6:a0:2e:4a:a0:64:bd:be:57:d5:64: + ed:4a:8d:95:a3:9a:19:3c:56:7b:14:a6:2e:6c:37:37:ae:2a: + b1:42:2e:0c:b8:7e:57:f5:5a:38:29:8d:78:53:b3:2d:c8:c2: + 97:f3:ab:51:6a:c4:df:86:97:ca:68:55:39:e0:f8:99:5a:bd: + a4:e1:34:50:34:8f:70:d2:74:2d:b8:90:ef:b8:d2:22:3a:ce: + be:82:a8:4b:b3:32:cd:1b:8d:0b:69:7d:0c:d7:b6:33:dc:68: + 41:76:a1:36:20:8e:ba:34:45:be:71:bd:ab:bf:74:77:87:e6: + bf:7f -----BEGIN CERTIFICATE----- MIIB+jCCAWOgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1NloXDTE3 -MTExMjA2NTg1NlowITELMAkGA1UEBhMCU0UxEjAQBgNVBAMMCVRlc3QgY2VydDCB -nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6L3Gjt432PNDI8MntkllM6iyqfAW -DZBJR3uQmOSu3t1ktjtIty4LAhgfhfNIr3hLVDRjYgYw8LWi6ds1bMdV9TAnoGZU -pehSJ1JDTpAEEWroK1Lkjf79xKqwTmPGqi0KTh2uHA3IEhCTr1zlMTDfLA3XxJ7R -/Tc6RXH6Yq+QXsMCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYD -VR0OBBYEFNCbd5qIx61xBxdW4QxNsiOFgdHrMA0GCSqGSIb3DQEBBQUAA4GBAIj4 -7n01NhypceTFZLnJwi2d1XlnJRLXlihM3ZJqGWvOvPp4vfPSxFyp2Uq370CPyOIa -Z5BYpHF2h8JmnmlXN8kVuMfZ+j8yvhRee0Fcf8JUG/EbFSCMCmJ8cQf/fd9xdQxL -fbihWeFaTrfB35g7z8ne43Nv+i36OcVZkgjEa0N6 +OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA5MDQyNjIwMjk0MFoXDTE5 +MDQyNDIwMjk0MFowITELMAkGA1UEBhMCU0UxEjAQBgNVBAMMCVRlc3QgY2VydDCB +nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6GqKEgLthuMatnkYzKvD1M8w9Nwq +kHHDABgghHPWpFW2ceQz/bej423U/ynSVn9AY+S/EooWfv9b6WrOULTjhRGhIs3C +tOVGsg8+BIV7pU0+erjHfNAt+5Vg0UBCvCiu8Tx8Dl/K5I/8Siod7xAFTQlUtxIW +ebu/zaCSZp6U4f8CAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYD +VR0OBBYEFM53bt4L9CH4eMAafMO5ZuxMPUojMA0GCSqGSIb3DQEBBQUAA4GBAEUj +MPTOuMm2oC5KoGS9vlfVZO1KjZWjmhk8VnsUpi5sNzeuKrFCLgy4flf1WjgpjXhT +sy3Iwpfzq1FqxN+Gl8poVTng+JlavaThNFA0j3DSdC24kO+40iI6zr6CqEuzMs0b +jQtpfQzXtjPcaEF2oTYgjro0Rb5xvau/dHeH5r9/ -----END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDovcaO3jfY80Mjwye2SWUzqLKp8BYNkElHe5CY5K7e3WS2O0i3 -LgsCGB+F80iveEtUNGNiBjDwtaLp2zVsx1X1MCegZlSl6FInUkNOkAQRaugrUuSN -/v3EqrBOY8aqLQpOHa4cDcgSEJOvXOUxMN8sDdfEntH9NzpFcfpir5BewwIDAQAB -AoGBAKS3WsVWBBRo5cVzorFh9FvBMuEOZ60lxpbunoF2p0RXT6WhA2+RCH1s8TJt -4a0956IqiYOgehaBllEHsSHRWcUZ0P96qhZbVn1fWem0/U1VGb6d9WFftqPCOgYI -0joyDn+mmS1nhILexQARULyM67JyhX1xVbgFQUeTtr2WGIdBAkEA9hQURHdgxsu+ -iqe+93I1mA0LccKI3Mmb9jM0DBW1+NeGw17xE39u2DTLsFTIXkcpGzbaJYPaaOhU -pcpLX7haMQJBAPIgCT9cwEhX/MQq4eViCXd7blg4FxlDJDrD8sC8E0xss2N9Kpk4 -aJBtd4leOlzDwCanlWHrMCKo/NuE2b58FzMCQQDLTMtxxS6vDqTc6LlctX6RoDVU -RuPLhMTVInhdg5JTg7xSrJ1+/kkVVojxpRnkyeWsFiUj2UsYYNmOHxMmgagBAkEA -1to8uoAolEmXn89Zsv3C3salzRzAyob84DS+9e4uxdNzf+Yy5dHbX8Xzm+8EpQqD -OQnekgxsI2WHM5h4zAI7ZwJAefxLT1ljFxZmp1612/jqDaeNmmUHIN2aMpDinIle -r2S7S+UC+m573YcLZoYy9QAcTjnvgs/99zXjewfIQSQOmw== ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAOhqihIC7YbjGrZ5 +GMyrw9TPMPTcKpBxwwAYIIRz1qRVtnHkM/23o+Nt1P8p0lZ/QGPkvxKKFn7/W+lq +zlC044URoSLNwrTlRrIPPgSFe6VNPnq4x3zQLfuVYNFAQrworvE8fA5fyuSP/Eoq +He8QBU0JVLcSFnm7v82gkmaelOH/AgMBAAECgYBSUxqhEqRsORmHNRHRva3aPaHL +ugjhrUozSFiMUjPfdfTwFrNL1baZopfl4jx9Iwn92FLOEFezmGRII+r8r3Y/SY9k +9SS1X4IlPBIHggDKun9OJlpkAFKlOU6HDlEdB/rXR/unzGHQYgQ9DqX3OUEEHPFr +OOxm0Yj5gvLXvCJDgQJBAPipSzTEAQAtNE/xAnTtZzZD6ABiLE62kMCBJ3dd4NBF +3+u6nssdExpdXBFrRtSqMxpbKZ5C+j2LFUI+1I6Zdd8CQQDvRoJNb5mUg3Xe+xkX +JZ/ezXv2bq8pJgPPYnMC4F1Z9KqBRIl+6hDZanKkJP6+JKzHzyNALQv8++/4u/PT +CtfhAkEAhpSp3X8Pw5azr2iTmdE7gUUzdbGspVVt9qJwR8yJdm+7B4xTkT7FLgnF +YLAc/9C2I9efKMa7RT/XW6lBxYQNJQJAe2SMK+zicbE9pwkszkAL6vVi+RnpYLoG ++vrVPuV/nrVK/LDgiz+gAs8fYcDmUh5NsBkFH8JbTVKLVWVv/yS3YQJAA7u25lSb +JMuylkeVzpg52uaOTNK2NtOH8cXZOSMp8q4evQsrvoiVF4MGoZp0zVGpUUYIUaLA +BN+BKthYPQEPPg== +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/test.crt b/lib/hx509/data/test.crt index 607605b01dfe..dc4d2a273b3a 100644 --- a/lib/hx509/data/test.crt +++ b/lib/hx509/data/test.crt @@ -5,22 +5,22 @@ Certificate: Signature Algorithm: sha1WithRSAEncryption Issuer: CN=hx509 Test Root CA, C=SE Validity - Not Before: Nov 15 06:58:56 2007 GMT - Not After : Nov 12 06:58:56 2017 GMT + Not Before: Apr 26 20:29:40 2009 GMT + Not After : Apr 24 20:29:40 2019 GMT Subject: C=SE, CN=Test cert Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:e8:bd:c6:8e:de:37:d8:f3:43:23:c3:27:b6:49: - 65:33:a8:b2:a9:f0:16:0d:90:49:47:7b:90:98:e4: - ae:de:dd:64:b6:3b:48:b7:2e:0b:02:18:1f:85:f3: - 48:af:78:4b:54:34:63:62:06:30:f0:b5:a2:e9:db: - 35:6c:c7:55:f5:30:27:a0:66:54:a5:e8:52:27:52: - 43:4e:90:04:11:6a:e8:2b:52:e4:8d:fe:fd:c4:aa: - b0:4e:63:c6:aa:2d:0a:4e:1d:ae:1c:0d:c8:12:10: - 93:af:5c:e5:31:30:df:2c:0d:d7:c4:9e:d1:fd:37: - 3a:45:71:fa:62:af:90:5e:c3 + Public-Key: (1024 bit) + Modulus: + 00:e8:6a:8a:12:02:ed:86:e3:1a:b6:79:18:cc:ab: + c3:d4:cf:30:f4:dc:2a:90:71:c3:00:18:20:84:73: + d6:a4:55:b6:71:e4:33:fd:b7:a3:e3:6d:d4:ff:29: + d2:56:7f:40:63:e4:bf:12:8a:16:7e:ff:5b:e9:6a: + ce:50:b4:e3:85:11:a1:22:cd:c2:b4:e5:46:b2:0f: + 3e:04:85:7b:a5:4d:3e:7a:b8:c7:7c:d0:2d:fb:95: + 60:d1:40:42:bc:28:ae:f1:3c:7c:0e:5f:ca:e4:8f: + fc:4a:2a:1d:ef:10:05:4d:09:54:b7:12:16:79:bb: + bf:cd:a0:92:66:9e:94:e1:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -28,26 +28,26 @@ Certificate: X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment X509v3 Subject Key Identifier: - D0:9B:77:9A:88:C7:AD:71:07:17:56:E1:0C:4D:B2:23:85:81:D1:EB + CE:77:6E:DE:0B:F4:21:F8:78:C0:1A:7C:C3:B9:66:EC:4C:3D:4A:23 Signature Algorithm: sha1WithRSAEncryption - 88:f8:ee:7d:35:36:1c:a9:71:e4:c5:64:b9:c9:c2:2d:9d:d5: - 79:67:25:12:d7:96:28:4c:dd:92:6a:19:6b:ce:bc:fa:78:bd: - f3:d2:c4:5c:a9:d9:4a:b7:ef:40:8f:c8:e2:1a:67:90:58:a4: - 71:76:87:c2:66:9e:69:57:37:c9:15:b8:c7:d9:fa:3f:32:be: - 14:5e:7b:41:5c:7f:c2:54:1b:f1:1b:15:20:8c:0a:62:7c:71: - 07:ff:7d:df:71:75:0c:4b:7d:b8:a1:59:e1:5a:4e:b7:c1:df: - 98:3b:cf:c9:de:e3:73:6f:fa:2d:fa:39:c5:59:92:08:c4:6b: - 43:7a + 45:23:30:f4:ce:b8:c9:b6:a0:2e:4a:a0:64:bd:be:57:d5:64: + ed:4a:8d:95:a3:9a:19:3c:56:7b:14:a6:2e:6c:37:37:ae:2a: + b1:42:2e:0c:b8:7e:57:f5:5a:38:29:8d:78:53:b3:2d:c8:c2: + 97:f3:ab:51:6a:c4:df:86:97:ca:68:55:39:e0:f8:99:5a:bd: + a4:e1:34:50:34:8f:70:d2:74:2d:b8:90:ef:b8:d2:22:3a:ce: + be:82:a8:4b:b3:32:cd:1b:8d:0b:69:7d:0c:d7:b6:33:dc:68: + 41:76:a1:36:20:8e:ba:34:45:be:71:bd:ab:bf:74:77:87:e6: + bf:7f -----BEGIN CERTIFICATE----- MIIB+jCCAWOgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1NloXDTE3 -MTExMjA2NTg1NlowITELMAkGA1UEBhMCU0UxEjAQBgNVBAMMCVRlc3QgY2VydDCB -nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6L3Gjt432PNDI8MntkllM6iyqfAW -DZBJR3uQmOSu3t1ktjtIty4LAhgfhfNIr3hLVDRjYgYw8LWi6ds1bMdV9TAnoGZU -pehSJ1JDTpAEEWroK1Lkjf79xKqwTmPGqi0KTh2uHA3IEhCTr1zlMTDfLA3XxJ7R -/Tc6RXH6Yq+QXsMCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYD -VR0OBBYEFNCbd5qIx61xBxdW4QxNsiOFgdHrMA0GCSqGSIb3DQEBBQUAA4GBAIj4 -7n01NhypceTFZLnJwi2d1XlnJRLXlihM3ZJqGWvOvPp4vfPSxFyp2Uq370CPyOIa -Z5BYpHF2h8JmnmlXN8kVuMfZ+j8yvhRee0Fcf8JUG/EbFSCMCmJ8cQf/fd9xdQxL -fbihWeFaTrfB35g7z8ne43Nv+i36OcVZkgjEa0N6 +OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA5MDQyNjIwMjk0MFoXDTE5 +MDQyNDIwMjk0MFowITELMAkGA1UEBhMCU0UxEjAQBgNVBAMMCVRlc3QgY2VydDCB +nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6GqKEgLthuMatnkYzKvD1M8w9Nwq +kHHDABgghHPWpFW2ceQz/bej423U/ynSVn9AY+S/EooWfv9b6WrOULTjhRGhIs3C +tOVGsg8+BIV7pU0+erjHfNAt+5Vg0UBCvCiu8Tx8Dl/K5I/8Siod7xAFTQlUtxIW +ebu/zaCSZp6U4f8CAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYD +VR0OBBYEFM53bt4L9CH4eMAafMO5ZuxMPUojMA0GCSqGSIb3DQEBBQUAA4GBAEUj +MPTOuMm2oC5KoGS9vlfVZO1KjZWjmhk8VnsUpi5sNzeuKrFCLgy4flf1WjgpjXhT +sy3Iwpfzq1FqxN+Gl8poVTng+JlavaThNFA0j3DSdC24kO+40iI6zr6CqEuzMs0b +jQtpfQzXtjPcaEF2oTYgjro0Rb5xvau/dHeH5r9/ -----END CERTIFICATE----- diff --git a/lib/hx509/data/test.key b/lib/hx509/data/test.key index 5251ceb74d3f..37203bf0db2d 100644 --- a/lib/hx509/data/test.key +++ b/lib/hx509/data/test.key @@ -1,15 +1,16 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDovcaO3jfY80Mjwye2SWUzqLKp8BYNkElHe5CY5K7e3WS2O0i3 -LgsCGB+F80iveEtUNGNiBjDwtaLp2zVsx1X1MCegZlSl6FInUkNOkAQRaugrUuSN -/v3EqrBOY8aqLQpOHa4cDcgSEJOvXOUxMN8sDdfEntH9NzpFcfpir5BewwIDAQAB -AoGBAKS3WsVWBBRo5cVzorFh9FvBMuEOZ60lxpbunoF2p0RXT6WhA2+RCH1s8TJt -4a0956IqiYOgehaBllEHsSHRWcUZ0P96qhZbVn1fWem0/U1VGb6d9WFftqPCOgYI -0joyDn+mmS1nhILexQARULyM67JyhX1xVbgFQUeTtr2WGIdBAkEA9hQURHdgxsu+ -iqe+93I1mA0LccKI3Mmb9jM0DBW1+NeGw17xE39u2DTLsFTIXkcpGzbaJYPaaOhU -pcpLX7haMQJBAPIgCT9cwEhX/MQq4eViCXd7blg4FxlDJDrD8sC8E0xss2N9Kpk4 -aJBtd4leOlzDwCanlWHrMCKo/NuE2b58FzMCQQDLTMtxxS6vDqTc6LlctX6RoDVU -RuPLhMTVInhdg5JTg7xSrJ1+/kkVVojxpRnkyeWsFiUj2UsYYNmOHxMmgagBAkEA -1to8uoAolEmXn89Zsv3C3salzRzAyob84DS+9e4uxdNzf+Yy5dHbX8Xzm+8EpQqD -OQnekgxsI2WHM5h4zAI7ZwJAefxLT1ljFxZmp1612/jqDaeNmmUHIN2aMpDinIle -r2S7S+UC+m573YcLZoYy9QAcTjnvgs/99zXjewfIQSQOmw== ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAOhqihIC7YbjGrZ5 +GMyrw9TPMPTcKpBxwwAYIIRz1qRVtnHkM/23o+Nt1P8p0lZ/QGPkvxKKFn7/W+lq +zlC044URoSLNwrTlRrIPPgSFe6VNPnq4x3zQLfuVYNFAQrworvE8fA5fyuSP/Eoq +He8QBU0JVLcSFnm7v82gkmaelOH/AgMBAAECgYBSUxqhEqRsORmHNRHRva3aPaHL +ugjhrUozSFiMUjPfdfTwFrNL1baZopfl4jx9Iwn92FLOEFezmGRII+r8r3Y/SY9k +9SS1X4IlPBIHggDKun9OJlpkAFKlOU6HDlEdB/rXR/unzGHQYgQ9DqX3OUEEHPFr +OOxm0Yj5gvLXvCJDgQJBAPipSzTEAQAtNE/xAnTtZzZD6ABiLE62kMCBJ3dd4NBF +3+u6nssdExpdXBFrRtSqMxpbKZ5C+j2LFUI+1I6Zdd8CQQDvRoJNb5mUg3Xe+xkX +JZ/ezXv2bq8pJgPPYnMC4F1Z9KqBRIl+6hDZanKkJP6+JKzHzyNALQv8++/4u/PT +CtfhAkEAhpSp3X8Pw5azr2iTmdE7gUUzdbGspVVt9qJwR8yJdm+7B4xTkT7FLgnF +YLAc/9C2I9efKMa7RT/XW6lBxYQNJQJAe2SMK+zicbE9pwkszkAL6vVi+RnpYLoG ++vrVPuV/nrVK/LDgiz+gAs8fYcDmUh5NsBkFH8JbTVKLVWVv/yS3YQJAA7u25lSb +JMuylkeVzpg52uaOTNK2NtOH8cXZOSMp8q4evQsrvoiVF4MGoZp0zVGpUUYIUaLA +BN+BKthYPQEPPg== +-----END PRIVATE KEY----- diff --git a/lib/hx509/data/test.p12 b/lib/hx509/data/test.p12 index ad3e90acaa2eddfa46934d085a0571aed6ae58dd..c644bb46d983d089f78815d16cf4e8ab6fea1c42 100644 GIT binary patch delta 2121 zcmV-P2)6f-5|9#*U4Pow)9Zf|#3ZJ_2nD3J!$m#O z6~<$;FOXU=I*1M#>~?Qfi}xcvA9~EW1BAsb+hCH52sGpK?ZhlF%w5jr<^+IL6*&M`^h_9p)h%E}HkCG?nV zuu%SI?VlT3FT9~O85bW!a`66PJjZ;c#7*-K;(=Sc+C2}I?nO)kacY@x5N0_iw|U3!nqaGYX-qhnYbSFcMw z#8K5=aQoJQ?-OBQ#s&2$JjY|V4aSU`V&1rB%?^wE8f*9XzKr%;`e}`cww7G5K~((D z+=rP$@%dL@HIJqo&G$P#oo?~sm!g)V^^OZL5aoAd!GHA-k{nPrUiPQf|5XDIfu0Hs zV;MB@-zrzMoQryFJ3WV0kJ(nqyF%STg~S0jAMyTlpRY;J_w$Du``k`mUJ&ZTgLfQ7 zDOi@2HXU5D{=7T8cH4RIH5+YOO0}i$93F7f6Vcy4aF7)eS_Hc2OPHPJ?7>d6w>HB4 zleb#FH-G+*Qes_NEH;(TkM+eOaB=fBcF^auOcu%Nwg=Sz>9!$6;8@JJ=E<2~8j;|h zKVT%+KaJB?`IN-ArS%p0tkX;Y2_c+zP&}jE)vI*@1Qe8Y^tm&6W?tizrb<@P?uh>o!3I~;1i3Q4+pTso( zcgBNkUfhvejVwuCCXlSv69OhQop}4ahYr!W`tYDwIL}_oyFV9kb>KsC-x!t%7bvJS zWEp&vyLzoA5!dm8P0N8&p}iY|rT+PZuSS^CwzLfLGH)%PYLSCq`nYeDwwoD+unRC2 z1b-WLCGP)>#6RK8A!QN7Hl`4O`JWp?A@_5d9XCeJ{8mvPL6|CQb)} zR#_cR4_+ntW%K19q*M2PATzobn8n;CUVp-x0(f_?>wu6$NHYnqV!~WxSS?UUpB`ny z9&xxDL^K|TcY%@h{vi|u>&T2l@Dvae$`BaI($(AU4ENjg9$G$BLtlnt#WmI0c*^{H zq&ol9-OO@Jow{p@-(P{}I}{sVWXCGeA2Dk!nCmEDR;m->&UHz|3Iu*+KI1Vzdw;Z< zW`N;KRP)q(nIrG`08Bb_4UZQwQYe6|T#nwoEw+ekh=mQr5x9dl#oBQJh@QkofQ>VI zA-$I*No%JTuVnG5Y@?Wum{UaJZ&dfpcKzw_2+sKPsY>3hW(Uxy-vKhraal?{8mJN#?z@)@lynvVUzH-|saP_rJz05v}B@$vI)CdDvrWLr~g@p zfDYhC^X2+-FiG%NfIa+5&JhD__BOk#&^kI;;7eaj4Qf6XMBU3vfEppoQ#s7&C#cW$ z=$Sf7!WtdSlRPL>2E(nS^Q$Rr!=>*3Uwc6eu6iv-uEk7eh?1dom%usyyE4ZLxCZdU zfE;&#U(J-Me}iOkHR!>XijXzur!G+jxyk#y)+lUyZZeiWy(mhSCQ<)Ck%_j6G8g;n zJsz|saEm{|nix|ksE~34uspw3)l11-A;Rc(3)v)7h@P#y7@@fc+%Okl z{^9TO^~vBaPJ#f~RH=3oimYbW7zq1CAC&afouKMqcwHuFE8+kK9*wS`4B1RPQ>>_&8w%@OYTBv;X-sRHDJgAVG%~ zx>IcMh)y`al>>HUp#D?LKFL$E!+Z#=edk$RL)EqX<6}{lQ?^p4H-MPIFRe2;qL{-f4l{OtrF!bOz@(%w(Mvx`DdB3(yPdE zc-a&}BW%dB;^Py@MoYsPuJxQ>ECkCVj}SHb@PKBtqr}b&Ot<~PE6fXu)_D3(lmv>r z>TE2yO6b!HK`&WitpEM5dvXTj=YDUF?$kAPFQc+E;R3JY6v%cJ25^RBWHCz5k&r6H zJVK$0%R}1^f%IX8^RNkYgd5C1Ejlq+Fe3&DDuzgg_YDCF6)_eB6#1;)L3@+yr?ZJi zS^HdL*dAFJYLlu6L?S&+frDJj_Ja0EJ6U>U6P;^Wp`ru`b*_+JxX6Ly0s;sCqnr@Y delta 2121 zcmV-P2)6f-5|9#*U4QM`2mpYB1wg2A#bpJ?|45HzPcG;?JTicVTC))# z+O=(uMVI2K9;+(YcizJ`uoEdWN|$|j^|9LfnSObpM|#_BG+zMzPvTDoRuS8;b-w?* zvOO297F4u z02M4B7#bqF?>(@%%Wq-`F=Txv6Tu7IcP`_PR9P^;z6!CBsE&YZcIg}5tcnz*eOMX8Bcy7@p?{#kYE=L=o`r4pwFOP*f|m5) zFv_<2oqVXUbiyG*_qP^Al@JStdGVWh$QVX#nzE)+C@wcVG$oqV-|KDzoHQ^@3O#%~ z@}SdtDeDnF){~C}hx|y*I!gVRS^+{QV-@WQq+~#^6bU?tFObZTP06~ z$;9VK@qe}BFn!J3^WV@%jX5ZGsD&joTM{&W?Cwi%Iv=~Ip{R}IioyqrSFEAOsET!U+d%~RUv#-M3sQBW1`W*lgb@%^Dw(W=){~4%s z&ZEL^_aBCX8vcFl#jJ4LH8@5a*Il@!n|B*fBY(-8s5sNFGqCnsED3flYks7dw3XlM zwz{=;4wDYl1Zx)pqV8lT?UfU!ljPtPRIG07m8+3CQCzbP3Sn$Q5{t5GgRCZ!!yuj+ zz!SZZwS(yoS3G%JC_>P3C7FV)2L|0TJ(ZUZ6)cp(g<9xNVwkG3?$M~{(-dsXN=28sk{TuGaL(rT&V7Zp z$LzsD1%*iwcjh%f<}7bMDXWre9Q8qO)PM3O&BS#kR~`KlIZ}}m8I$zo74;JrU!`}( z{Up=xyqBmkV8d>{*cXqjEhp=M1Bz))X~)JkJKI2b0KH?e{qGYS2&{9K%W?txZ9 zf%}+*k5mgW*_4mG6LvUP>NH|69AvnaLQ>)|IqVR-whLTyVLU6G)ir(V`|mlVIe%2R zholUPCd7jb)r~VG#j%uSWTUyzykMD(0=ruQ-AoC0e^cSL0A^g;CEzQ4t>OxxP2V??MDgzyI?9nlxyMlw9cX-zolqfS>IKXeYdkw)KyU`nvN>6Ro}4O(gOD>zM^ z$`Jeb&K^0&#UqejYZ(W7ZFe8BeaOk^c@e?*O6AEO7Ote`!*SCTe7GWZoj_*K-gcz| zYNn)X3iHABx}Iwv6_SC~oQIH_biPrhs$`&XIC(VcldT0tf6{qBgs~ZIjsgM*00e>p zfV`9wKxT>dKy>71UXrGreI$JOIr>>(6wXqM=98dZ72u$^cr(qUK08TPQed6=Jd0n~kQMb3u`i z!f7PfA6v(}e|xqWuZjZzUuMifw6K^}7+jurlC4R_8pxw#ynlsW7@21-JPjv)&9KeO z(W=i0z3`;|%<{vtuBXnLH64zO)I1j0X5^?0;DF8L-F1=GsTDqX>Zn_3s2Gq+3gz(J zJ_-ULh$w9|nfy_jJ`YQ3dqXgAmeQiLr$RB87sgb$e?fP;^M+nI=oJ6$`agfU8*sAm zhLZ8h_vu&~pK~M69!IJ6Pmu!_x+cE~alX!v;Z-A$X@Xr}g;tVr>HO!CA5Vnrkg{q# zR2pEhCDt+_l4Kdx>jRU)8RpWL=9_6DBn#dSbF2HI5X$ppNRSHAzjg>~aNb(nz(j0W zMqqGqeuXO6h^0Hu$syFr<*+Fo>v_Z7I)ef;0l*5CukGSR{7U-x#h&f}S! zM0^pDS(z-X7-lSYk0sgJJh4EH^fD-j=IMDwe<9ibSxiD6kQ4r<>2cV#O#S{9o2U-n z-=%^6O077);VIX1<*R1Va=^j0o_wJJ4RE;$(SkaIysz5Ze9X`LV*^o&MVL;70Z@?3 z3mn7GlHpN=g#D$f(J%94DZn2NQd)c%i*>5WVIk~4px!FMxzLrnBZ&lq_Vih);h0Pm zJb4lIs3i?szX<4(6c3>=OZ)@qt~xPTFe3&DDuzgg_YDCF6)_eB6n;g47*VcVRMSGb zXr@7`kSXcxIF^Cjw&aH5V0s;sC5M&Hg diff --git a/lib/hx509/data/win-u16-in-printablestring.der b/lib/hx509/data/win-u16-in-printablestring.der new file mode 100644 index 0000000000000000000000000000000000000000..5f6178f9a8a52fee1c11ff0b10434688b003e709 GIT binary patch literal 772 zcmXqLVrDRCVtliJnTe5!Nnmf;eJ6J=hF*8O68nXBy7wAzvaxFOF*C`sG8pI@Y8z;> zF^94+3oDf~7%^lsSTGa;X+4HqhD3%EhH{2tAUlsC706~_Fpv}HH8e0VF|sf;G%++a zi2`yBk+`H9*Tkq~z{|#|)#lOmotKf3k(GhDiIE@Vb}ptSMn;BJ*NxP!|H%yZ3gytA zelU8%-xpuM&#N^#_j0$zg86S++U(r*3a=mD-}$*=Yk9-v4Pn`HzFcv?ysxXz~O zI-)0wbNl^2f81GMe>%RQwfp`h)~Pa2%->x~^5nSxjp@y^S>}Hft7ZtvR_;H}&!zC= z{nBH6Q{u#@2s!<`uC&)s{rGJ!zp0N7-hIJeEBoZ{M)m50h5yvuJHPyCSsEUz$i&RZ zz}P6ru($ipLi-Xs_g)4rcc=Shdz&zYkRlZrhKvl$H>8z{)YWb^e6#8GgodfAk^E0Y z+jQq%H+`v8^1Rhd(qBDBJh@uyU*yZO@(U*&DryXq!otGEZke|`st<1C(7mrZ*Qm^sd)Ml_hZ)Mcrd(2W{;+aJ>XhSmYpy(cVf<*; z%hC`0iEZ!rzFTG+BtLb#BGbH3qq3~g!=h-9y=t)GDyECGnHR-OQQX{jUu&sP>Y|@( tEUJFGZoYc!>CUiu?pN8Kow}aKb~|r*wYRW?jZoRl)GZ+kZz#s70|4D5G{OJ? literal 0 HcmV?d00001 diff --git a/lib/hx509/doxygen.c b/lib/hx509/doxygen.c index 488ae4b9bbb7..0c7dd780aedb 100644 --- a/lib/hx509/doxygen.c +++ b/lib/hx509/doxygen.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /** @mainpage Heimdal PKIX/X.509 library @@ -37,7 +37,7 @@ * * Heimdal libhx509 library is a implementation of the PKIX/X.509 and * related protocols. - * + * * PKIX/X.509 is ... * * @@ -70,7 +70,7 @@ * See the @ref page_cms for description and examples. */ /** @defgroup hx509_crypto hx509 crypto functions */ /** @defgroup hx509_misc hx509 misc functions */ -/** @defgroup hx509_name hx509 name functions +/** @defgroup hx509_name hx509 name functions * See the @ref page_name for description and examples. */ /** @defgroup hx509_revoke hx509 revokation checking functions * See the @ref page_revoke for description and examples. */ diff --git a/lib/hx509/env.c b/lib/hx509/env.c index f868c22488cb..7598aebaae74 100644 --- a/lib/hx509/env.c +++ b/lib/hx509/env.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2007 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: env.c 22349 2007-12-26 19:32:49Z lha $"); /** * @page page_env Hx509 enviroment functions @@ -40,36 +39,6 @@ RCSID("$Id: env.c 22349 2007-12-26 19:32:49Z lha $"); * See the library functions here: @ref hx509_env */ -struct hx509_env { - struct { - char *key; - char *value; - } *val; - size_t len; -}; - -/** - * Allocate a new hx509_env container object. - * - * @param context A hx509 context. - * @param env return a hx509_env structure, free with hx509_env_free(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_env - */ - -int -hx509_env_init(hx509_context context, hx509_env *env) -{ - *env = calloc(1, sizeof(**env)); - if (*env == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - return 0; -} - /** * Add a new key/value pair to the hx509_env. * @@ -84,34 +53,92 @@ hx509_env_init(hx509_context context, hx509_env *env) */ int -hx509_env_add(hx509_context context, hx509_env env, +hx509_env_add(hx509_context context, hx509_env *env, const char *key, const char *value) { - void *ptr; + hx509_env n; - ptr = realloc(env->val, sizeof(env->val[0]) * (env->len + 1)); - if (ptr == NULL) { + n = malloc(sizeof(*n)); + if (n == NULL) { hx509_set_error_string(context, 0, ENOMEM, "out of memory"); return ENOMEM; } - env->val = ptr; - env->val[env->len].key = strdup(key); - if (env->val[env->len].key == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); + + n->type = env_string; + n->next = NULL; + n->name = strdup(key); + if (n->name == NULL) { + free(n); return ENOMEM; } - env->val[env->len].value = strdup(value); - if (env->val[env->len].value == NULL) { - free(env->val[env->len].key); - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); + n->u.string = strdup(value); + if (n->u.string == NULL) { + free(n->name); + free(n); return ENOMEM; } - env->len++; + + /* add to tail */ + if (*env) { + hx509_env e = *env; + while (e->next) + e = e->next; + e->next = n; + } else + *env = n; + return 0; } /** - * Search the hx509_env for a key. + * Add a new key/binding pair to the hx509_env. + * + * @param context A hx509 context. + * @param env enviroment to add the enviroment variable too. + * @param key key to add + * @param list binding list to add + * + * @return An hx509 error code, see hx509_get_error_string(). + * + * @ingroup hx509_env + */ + +int +hx509_env_add_binding(hx509_context context, hx509_env *env, + const char *key, hx509_env list) +{ + hx509_env n; + + n = malloc(sizeof(*n)); + if (n == NULL) { + hx509_set_error_string(context, 0, ENOMEM, "out of memory"); + return ENOMEM; + } + + n->type = env_list; + n->next = NULL; + n->name = strdup(key); + if (n->name == NULL) { + free(n); + return ENOMEM; + } + n->u.list = list; + + /* add to tail */ + if (*env) { + hx509_env e = *env; + while (e->next) + e = e->next; + e->next = n; + } else + *env = n; + + return 0; +} + + +/** + * Search the hx509_env for a length based key. * * @param context A hx509 context. * @param env enviroment to add the enviroment variable too. @@ -127,16 +154,80 @@ const char * hx509_env_lfind(hx509_context context, hx509_env env, const char *key, size_t len) { - size_t i; - - for (i = 0; i < env->len; i++) { - char *s = env->val[i].key; - if (strncmp(key, s, len) == 0 && s[len] == '\0') - return env->val[i].value; + while(env) { + if (strncmp(key, env->name ,len) == 0 + && env->name[len] == '\0' && env->type == env_string) + return env->u.string; + env = env->next; } return NULL; } +/** + * Search the hx509_env for a key. + * + * @param context A hx509 context. + * @param env enviroment to add the enviroment variable too. + * @param key key to search for. + * + * @return the value if the key is found, NULL otherwise. + * + * @ingroup hx509_env + */ + +const char * +hx509_env_find(hx509_context context, hx509_env env, const char *key) +{ + while(env) { + if (strcmp(key, env->name) == 0 && env->type == env_string) + return env->u.string; + env = env->next; + } + return NULL; +} + +/** + * Search the hx509_env for a binding. + * + * @param context A hx509 context. + * @param env enviroment to add the enviroment variable too. + * @param key key to search for. + * + * @return the binding if the key is found, NULL if not found. + * + * @ingroup hx509_env + */ + +hx509_env +hx509_env_find_binding(hx509_context context, + hx509_env env, + const char *key) +{ + while(env) { + if (strcmp(key, env->name) == 0 && env->type == env_list) + return env->u.list; + env = env->next; + } + return NULL; +} + +static void +env_free(hx509_env b) +{ + while(b) { + hx509_env next = b->next; + + if (b->type == env_string) + free(b->u.string); + else if (b->type == env_list) + env_free(b->u.list); + + free(b->name); + free(b); + b = next; + } +} + /** * Free an hx509_env enviroment context. * @@ -148,14 +239,7 @@ hx509_env_lfind(hx509_context context, hx509_env env, void hx509_env_free(hx509_env *env) { - size_t i; - - for (i = 0; i < (*env)->len; i++) { - free((*env)->val[i].key); - free((*env)->val[i].value); - } - free((*env)->val); - free(*env); + if (*env) + env_free(*env); *env = NULL; } - diff --git a/lib/hx509/error.c b/lib/hx509/error.c index 25119ed28830..fc3cf90b3255 100644 --- a/lib/hx509/error.c +++ b/lib/hx509/error.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: error.c 22332 2007-12-17 01:03:22Z lha $"); /** * @page page_error Hx509 error reporting functions @@ -68,8 +67,10 @@ free_error_string(hx509_error msg) void hx509_clear_error_string(hx509_context context) { - free_error_string(context->error); - context->error = NULL; + if (context) { + free_error_string(context->error); + context->error = NULL; + } } /** @@ -87,11 +88,14 @@ hx509_clear_error_string(hx509_context context) */ void -hx509_set_error_stringv(hx509_context context, int flags, int code, +hx509_set_error_stringv(hx509_context context, int flags, int code, const char *fmt, va_list ap) { hx509_error msg; + if (context == NULL) + return; + msg = calloc(1, sizeof(*msg)); if (msg == NULL) { hx509_clear_error_string(context); @@ -115,7 +119,7 @@ hx509_set_error_stringv(hx509_context context, int flags, int code, } /** - * See hx509_set_error_stringv(). + * See hx509_set_error_stringv(). * * @param context A hx509 context. * @param flags @@ -172,7 +176,7 @@ hx509_get_error_string(hx509_context context, int error_code) } for (msg = context->error; msg; msg = msg->next) - p = rk_strpoolprintf(p, "%s%s", msg->msg, + p = rk_strpoolprintf(p, "%s%s", msg->msg, msg->next != NULL ? "; " : ""); return rk_strpoolcollect(p); @@ -205,7 +209,7 @@ hx509_free_error_string(char *str) */ void -hx509_err(hx509_context context, int exit_code, +hx509_err(hx509_context context, int exit_code, int error_code, const char *fmt, ...) { va_list ap; diff --git a/lib/hx509/file.c b/lib/hx509/file.c index b076b74f44df..4f7e87f070ae 100644 --- a/lib/hx509/file.c +++ b/lib/hx509/file.c @@ -1,47 +1,46 @@ /* - * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$ID$"); int -_hx509_map_file_os(const char *fn, heim_octet_string *os, struct stat *rsb) +_hx509_map_file_os(const char *fn, heim_octet_string *os) { size_t length; void *data; int ret; - ret = _hx509_map_file(fn, &data, &length, rsb); + ret = rk_undumpdata(fn, &data, &length); os->data = data; os->length = length; @@ -52,86 +51,13 @@ _hx509_map_file_os(const char *fn, heim_octet_string *os, struct stat *rsb) void _hx509_unmap_file_os(heim_octet_string *os) { - _hx509_unmap_file(os->data, os->length); -} - -int -_hx509_map_file(const char *fn, void **data, size_t *length, struct stat *rsb) -{ - struct stat sb; - size_t len; - ssize_t l; - int ret; - void *d; - int fd; - - *data = NULL; - *length = 0; - - fd = open(fn, O_RDONLY); - if (fd < 0) - return errno; - - if (fstat(fd, &sb) < 0) { - ret = errno; - close(fd); - return ret; - } - - len = sb.st_size; - - d = malloc(len); - if (d == NULL) { - close(fd); - return ENOMEM; - } - - l = read(fd, d, len); - close(fd); - if (l < 0 || l != len) { - free(d); - return EINVAL; - } - - if (rsb) - *rsb = sb; - *data = d; - *length = len; - return 0; -} - -void -_hx509_unmap_file(void *data, size_t len) -{ - free(data); + rk_xfree(os->data); } int _hx509_write_file(const char *fn, const void *data, size_t length) { - ssize_t sz; - const unsigned char *p = data; - int fd; - - fd = open(fn, O_WRONLY|O_TRUNC|O_CREAT, 0644); - if (fd < 0) - return errno; - - do { - sz = write(fd, p, length); - if (sz < 0) { - int saved_errno = errno; - close(fd); - return saved_errno; - } - if (sz == 0) - break; - length -= sz; - } while (length > 0); - - if (close(fd) == -1) - return errno; - + rk_dumpdata(fn, data, length); return 0; } @@ -140,13 +66,13 @@ _hx509_write_file(const char *fn, const void *data, size_t length) */ static void -header(FILE *f, const char *type, const char *str) +print_pem_stamp(FILE *f, const char *type, const char *str) { fprintf(f, "-----%s %s-----\n", type, str); } int -hx509_pem_write(hx509_context context, const char *type, +hx509_pem_write(hx509_context context, const char *type, hx509_pem_header *headers, FILE *f, const void *data, size_t size) { @@ -155,11 +81,11 @@ hx509_pem_write(hx509_context context, const char *type, char *line; #define ENCODE_LINE_LENGTH 54 - - header(f, "BEGIN", type); + + print_pem_stamp(f, "BEGIN", type); while (headers) { - fprintf(f, "%s: %s\n%s", + fprintf(f, "%s: %s\n%s", headers->header, headers->value, headers->next ? "" : "\n"); headers = headers->next; @@ -167,11 +93,11 @@ hx509_pem_write(hx509_context context, const char *type, while (size > 0) { ssize_t l; - + length = size; if (length > ENCODE_LINE_LENGTH) length = ENCODE_LINE_LENGTH; - + l = base64_encode(p, length, &line); if (l < 0) { hx509_set_error_string(context, 0, ENOMEM, @@ -184,7 +110,7 @@ hx509_pem_write(hx509_context context, const char *type, free(line); } - header(f, "END", type); + print_pem_stamp(f, "END", type); return 0; } @@ -194,7 +120,7 @@ hx509_pem_write(hx509_context context, const char *type, */ int -hx509_pem_add_header(hx509_pem_header **headers, +hx509_pem_add_header(hx509_pem_header **headers, const char *header, const char *value) { hx509_pem_header *h; @@ -255,7 +181,7 @@ hx509_pem_find_header(const hx509_pem_header *h, const char *header) int hx509_pem_read(hx509_context context, - FILE *f, + FILE *f, hx509_pem_read_func func, void *ctx) { @@ -285,7 +211,7 @@ hx509_pem_read(hx509_context context, if (i > 0) i--; } - + switch (where) { case BEFORE: if (strncmp("-----BEGIN ", buf, 11) == 0) { @@ -334,7 +260,7 @@ hx509_pem_read(hx509_context context, free(p); goto out; } - + data = erealloc(data, len + i); memcpy(((char *)data) + len, p, i); free(p); diff --git a/lib/hx509/hx509-private.h b/lib/hx509/hx509-private.h index 67bb843df59a..60891f27fca6 100644 --- a/lib/hx509/hx509-private.h +++ b/lib/hx509/hx509-private.h @@ -30,7 +30,7 @@ void _hx509_abort ( const char */*fmt*/, ...) - __attribute__ ((noreturn, format (printf, 1, 2))); + __attribute__ ((noreturn, format (printf, 1, 2))); int _hx509_calculate_path ( @@ -83,20 +83,18 @@ _hx509_cert_private_key (hx509_cert /*p*/); int _hx509_cert_private_key_exportable (hx509_cert /*p*/); -int -_hx509_cert_public_encrypt ( - hx509_context /*context*/, - const heim_octet_string */*cleartext*/, - const hx509_cert /*p*/, - heim_oid */*encryption_oid*/, - heim_octet_string */*ciphertext*/); - void _hx509_cert_set_release ( hx509_cert /*cert*/, _hx509_cert_release_func /*release*/, void */*ctx*/); +int +_hx509_cert_to_env ( + hx509_context /*context*/, + hx509_cert /*cert*/, + hx509_env */*env*/); + int _hx509_certs_keys_add ( hx509_context /*context*/, @@ -114,9 +112,6 @@ _hx509_certs_keys_get ( hx509_certs /*certs*/, hx509_private_key **/*keys*/); -hx509_certs -_hx509_certs_ref (hx509_certs /*certs*/); - int _hx509_check_key_usage ( hx509_context /*context*/, @@ -181,6 +176,18 @@ _hx509_create_signature_bitstring ( AlgorithmIdentifier */*signatureAlgorithm*/, heim_bit_string */*sig*/); +int +_hx509_expr_eval ( + hx509_context /*context*/, + hx509_env /*env*/, + struct hx_expr */*expr*/); + +void +_hx509_expr_free (struct hx_expr */*expr*/); + +struct hx_expr * +_hx509_expr_parse (const char */*buf*/); + int _hx509_find_extension_subject_key_id ( const Certificate */*issuer*/, @@ -253,33 +260,33 @@ _hx509_lock_get_passwords (hx509_lock /*lock*/); hx509_certs _hx509_lock_unlock_certs (hx509_lock /*lock*/); -int -_hx509_map_file ( - const char */*fn*/, - void **/*data*/, - size_t */*length*/, - struct stat */*rsb*/); +struct hx_expr * +_hx509_make_expr ( + enum hx_expr_op /*op*/, + void */*arg1*/, + void */*arg2*/); int _hx509_map_file_os ( const char */*fn*/, - heim_octet_string */*os*/, - struct stat */*rsb*/); + heim_octet_string */*os*/); int _hx509_match_keys ( hx509_cert /*c*/, - hx509_private_key /*private_key*/); + hx509_private_key /*key*/); int _hx509_name_cmp ( const Name */*n1*/, - const Name */*n2*/); + const Name */*n2*/, + int */*c*/); int _hx509_name_ds_cmp ( const DirectoryString */*ds1*/, - const DirectoryString */*ds2*/); + const DirectoryString */*ds2*/, + int */*diff*/); int _hx509_name_from_Name ( @@ -294,14 +301,6 @@ _hx509_name_modify ( const heim_oid */*oid*/, const char */*str*/); -int -_hx509_parse_private_key ( - hx509_context /*context*/, - const heim_oid */*key_oid*/, - const void */*data*/, - size_t /*len*/, - hx509_private_key */*private_key*/); - int _hx509_path_append ( hx509_context /*context*/, @@ -334,55 +333,28 @@ _hx509_pi_printf ( const char */*fmt*/, ...); -int -_hx509_private_key2SPKI ( - hx509_context /*context*/, - hx509_private_key /*private_key*/, - SubjectPublicKeyInfo */*spki*/); - -void -_hx509_private_key_assign_rsa ( - hx509_private_key /*key*/, - void */*ptr*/); - int _hx509_private_key_export ( hx509_context /*context*/, const hx509_private_key /*key*/, + hx509_key_format_t /*format*/, heim_octet_string */*data*/); int _hx509_private_key_exportable (hx509_private_key /*key*/); -int -_hx509_private_key_free (hx509_private_key */*key*/); - BIGNUM * _hx509_private_key_get_internal ( hx509_context /*context*/, hx509_private_key /*key*/, const char */*type*/); -int -_hx509_private_key_init ( - hx509_private_key */*key*/, - hx509_private_key_ops */*ops*/, - void */*keydata*/); - int _hx509_private_key_oid ( hx509_context /*context*/, const hx509_private_key /*key*/, heim_oid */*data*/); -int -_hx509_private_key_private_decrypt ( - hx509_context /*context*/, - const heim_octet_string */*ciphertext*/, - const heim_oid */*encryption_oid*/, - hx509_private_key /*p*/, - heim_octet_string */*cleartext*/); - hx509_private_key _hx509_private_key_ref (hx509_private_key /*key*/); @@ -430,26 +402,6 @@ _hx509_request_add_email ( hx509_request /*req*/, const char */*email*/); -void -_hx509_request_free (hx509_request */*req*/); - -int -_hx509_request_get_SubjectPublicKeyInfo ( - hx509_context /*context*/, - hx509_request /*req*/, - SubjectPublicKeyInfo */*key*/); - -int -_hx509_request_get_name ( - hx509_context /*context*/, - hx509_request /*req*/, - hx509_name */*name*/); - -int -_hx509_request_init ( - hx509_context /*context*/, - hx509_request */*req*/); - int _hx509_request_parse ( hx509_context /*context*/, @@ -462,18 +414,6 @@ _hx509_request_print ( hx509_request /*req*/, FILE */*f*/); -int -_hx509_request_set_SubjectPublicKeyInfo ( - hx509_context /*context*/, - hx509_request /*req*/, - const SubjectPublicKeyInfo */*key*/); - -int -_hx509_request_set_name ( - hx509_context /*context*/, - hx509_request /*req*/, - hx509_name /*name*/); - int _hx509_request_to_pkcs10 ( hx509_context /*context*/, @@ -484,6 +424,14 @@ _hx509_request_to_pkcs10 ( hx509_revoke_ctx _hx509_revoke_ref (hx509_revoke_ctx /*ctx*/); +void +_hx509_sel_yyerror (const char */*s*/); + +int +_hx509_self_signed_valid ( + hx509_context /*context*/, + const AlgorithmIdentifier */*alg*/); + int _hx509_set_cert_attribute ( hx509_context /*context*/, @@ -491,10 +439,11 @@ _hx509_set_cert_attribute ( const heim_oid */*oid*/, const heim_octet_string */*attr*/); -void -_hx509_unmap_file ( - void */*data*/, - size_t /*len*/); +int +_hx509_signature_best_before ( + hx509_context /*context*/, + const AlgorithmIdentifier */*alg*/, + time_t /*t*/); void _hx509_unmap_file_os (heim_octet_string */*os*/); @@ -504,10 +453,13 @@ _hx509_unparse_Name ( const Name */*aname*/, char **/*str*/); +time_t +_hx509_verify_get_time (hx509_verify_ctx /*ctx*/); + int _hx509_verify_signature ( hx509_context /*context*/, - const Certificate */*signer*/, + const hx509_cert /*cert*/, const AlgorithmIdentifier */*alg*/, const heim_octet_string */*data*/, const heim_octet_string */*sig*/); @@ -515,7 +467,7 @@ _hx509_verify_signature ( int _hx509_verify_signature_bitstring ( hx509_context /*context*/, - const Certificate */*signer*/, + const hx509_cert /*signer*/, const AlgorithmIdentifier */*alg*/, const heim_octet_string */*data*/, const heim_bit_string */*sig*/); diff --git a/lib/hx509/hx509-protos.h b/lib/hx509/hx509-protos.h index 50ce1b3df175..d03c7767e541 100644 --- a/lib/hx509/hx509-protos.h +++ b/lib/hx509/hx509-protos.h @@ -8,14 +8,19 @@ extern "C" { #endif +#ifndef HX509_LIB #ifndef HX509_LIB_FUNCTION #if defined(_WIN32) -#define HX509_LIB_FUNCTION _stdcall +#define HX509_LIB_FUNCTION __declspec(dllimport) +#define HX509_LIB_CALL __stdcall +#define HX509_LIB_VARIABLE __declspec(dllimport) #else #define HX509_LIB_FUNCTION +#define HX509_LIB_CALL +#define HX509_LIB_VARIABLE +#endif #endif #endif - void hx509_bitstring_print ( const heim_bit_string */*b*/, @@ -154,6 +159,13 @@ hx509_ca_tbs_set_template ( int /*flags*/, hx509_cert /*cert*/); +int +hx509_ca_tbs_set_unique ( + hx509_context /*context*/, + hx509_ca_tbs /*tbs*/, + const heim_bit_string */*subjectUniqueID*/, + const heim_bit_string */*issuerUniqueID*/); + int hx509_ca_tbs_subject_expand ( hx509_context /*context*/, @@ -222,6 +234,12 @@ hx509_cert_get_issuer ( hx509_cert /*p*/, hx509_name */*name*/); +int +hx509_cert_get_issuer_unique_id ( + hx509_context /*context*/, + hx509_cert /*p*/, + heim_bit_string */*issuer*/); + time_t hx509_cert_get_notAfter (hx509_cert /*p*/); @@ -238,6 +256,12 @@ hx509_cert_get_subject ( hx509_cert /*p*/, hx509_name */*name*/); +int +hx509_cert_get_subject_unique_id ( + hx509_context /*context*/, + hx509_cert /*p*/, + heim_bit_string */*subject*/); + int hx509_cert_have_private_key (hx509_cert /*p*/); @@ -260,6 +284,14 @@ hx509_cert_keyusage_print ( hx509_cert /*c*/, char **/*s*/); +int +hx509_cert_public_encrypt ( + hx509_context /*context*/, + const heim_octet_string */*cleartext*/, + const hx509_cert /*p*/, + heim_oid */*encryption_oid*/, + heim_octet_string */*ciphertext*/); + hx509_cert hx509_cert_ref (hx509_cert /*cert*/); @@ -287,6 +319,13 @@ hx509_certs_end_seq ( hx509_certs /*certs*/, hx509_cursor /*cursor*/); +int +hx509_certs_filter ( + hx509_context /*context*/, + hx509_certs /*certs*/, + const hx509_query */*q*/, + hx509_certs */*result*/); + int hx509_certs_find ( hx509_context /*context*/, @@ -312,8 +351,16 @@ hx509_certs_init ( hx509_lock /*lock*/, hx509_certs */*certs*/); +#ifdef __BLOCKS__ int hx509_certs_iter ( + hx509_context /*context*/, + hx509_certs /*certs*/, + int (^func)(hx509_cert)); +#endif /* __BLOCKS__ */ + +int +hx509_certs_iter_f ( hx509_context /*context*/, hx509_certs /*certs*/, int (*/*func*/)(hx509_context, void *, hx509_cert), @@ -332,6 +379,9 @@ hx509_certs_next_cert ( hx509_cursor /*cursor*/, hx509_cert */*cert*/); +hx509_certs +hx509_certs_ref (hx509_certs /*certs*/); + int hx509_certs_start_seq ( hx509_context /*context*/, @@ -354,6 +404,20 @@ hx509_ci_print_names ( void hx509_clear_error_string (hx509_context /*context*/); +int +hx509_cms_create_signed ( + hx509_context /*context*/, + int /*flags*/, + const heim_oid */*eContentType*/, + const void */*data*/, + size_t /*length*/, + const AlgorithmIdentifier */*digest_alg*/, + hx509_certs /*certs*/, + hx509_peer_info /*peer*/, + hx509_certs /*anchors*/, + hx509_certs /*pool*/, + heim_octet_string */*signed_data*/); + int hx509_cms_create_signed_1 ( hx509_context /*context*/, @@ -396,6 +460,7 @@ hx509_cms_unenvelope ( const void */*data*/, size_t /*length*/, const heim_octet_string */*encryptedContent*/, + time_t /*time_now*/, heim_oid */*contentType*/, heim_octet_string */*content*/); @@ -410,6 +475,7 @@ int hx509_cms_verify_signed ( hx509_context /*context*/, hx509_verify_ctx /*ctx*/, + unsigned int /*flags*/, const void */*data*/, size_t /*length*/, const heim_octet_string */*signedContent*/, @@ -470,6 +536,9 @@ hx509_crypto_aes128_cbc (void); const AlgorithmIdentifier * hx509_crypto_aes256_cbc (void); +void +hx509_crypto_allow_weak (hx509_crypto /*crypto*/); + int hx509_crypto_available ( hx509_context /*context*/, @@ -549,6 +618,11 @@ hx509_crypto_set_key_name ( hx509_crypto /*crypto*/, const char */*name*/); +void +hx509_crypto_set_padding ( + hx509_crypto /*crypto*/, + int /*padding_type*/); + int hx509_crypto_set_params ( hx509_context /*context*/, @@ -564,18 +638,32 @@ hx509_crypto_set_random_key ( int hx509_env_add ( hx509_context /*context*/, - hx509_env /*env*/, + hx509_env */*env*/, const char */*key*/, const char */*value*/); +int +hx509_env_add_binding ( + hx509_context /*context*/, + hx509_env */*env*/, + const char */*key*/, + hx509_env /*list*/); + +const char * +hx509_env_find ( + hx509_context /*context*/, + hx509_env /*env*/, + const char */*key*/); + +hx509_env +hx509_env_find_binding ( + hx509_context /*context*/, + hx509_env /*env*/, + const char */*key*/); + void hx509_env_free (hx509_env */*env*/); -int -hx509_env_init ( - hx509_context /*context*/, - hx509_env */*env*/); - const char * hx509_env_lfind ( hx509_context /*context*/, @@ -591,6 +679,9 @@ hx509_err ( const char */*fmt*/, ...); +hx509_private_key_ops * +hx509_find_private_alg (const heim_oid */*oid*/); + void hx509_free_error_string (char */*str*/); @@ -745,6 +836,21 @@ hx509_parse_name ( const char */*str*/, hx509_name */*name*/); +int +hx509_parse_private_key ( + hx509_context /*context*/, + const AlgorithmIdentifier */*keyai*/, + const void */*data*/, + size_t /*len*/, + hx509_key_format_t /*format*/, + hx509_private_key */*private_key*/); + +int +hx509_peer_info_add_cms_alg ( + hx509_context /*context*/, + hx509_peer_info /*peer*/, + const AlgorithmIdentifier */*val*/); + int hx509_peer_info_alloc ( hx509_context /*context*/, @@ -795,12 +901,46 @@ hx509_pem_write ( const void */*data*/, size_t /*size*/); +int +hx509_print_cert ( + hx509_context /*context*/, + hx509_cert /*cert*/, + FILE */*out*/); + void hx509_print_stdout ( void */*ctx*/, const char */*fmt*/, va_list /*va*/); +int +hx509_private_key2SPKI ( + hx509_context /*context*/, + hx509_private_key /*private_key*/, + SubjectPublicKeyInfo */*spki*/); + +void +hx509_private_key_assign_rsa ( + hx509_private_key /*key*/, + void */*ptr*/); + +int +hx509_private_key_free (hx509_private_key */*key*/); + +int +hx509_private_key_init ( + hx509_private_key */*key*/, + hx509_private_key_ops */*ops*/, + void */*keydata*/); + +int +hx509_private_key_private_decrypt ( + hx509_context /*context*/, + const heim_octet_string */*ciphertext*/, + const heim_oid */*encryption_oid*/, + hx509_private_key /*p*/, + heim_octet_string */*cleartext*/); + int hx509_prompt_hidden (hx509_prompt_type /*type*/); @@ -817,9 +957,20 @@ hx509_query_free ( int hx509_query_match_cmp_func ( hx509_query */*q*/, - int (*/*func*/)(void *, hx509_cert), + int (*/*func*/)(hx509_context, hx509_cert, void *), void */*ctx*/); +int +hx509_query_match_eku ( + hx509_query */*q*/, + const heim_oid */*eku*/); + +int +hx509_query_match_expr ( + hx509_context /*context*/, + hx509_query */*q*/, + const char */*expr*/); + int hx509_query_match_friendly_name ( hx509_query */*q*/, @@ -847,6 +998,38 @@ hx509_query_unparse_stats ( int /*printtype*/, FILE */*out*/); +void +hx509_request_free (hx509_request */*req*/); + +int +hx509_request_get_SubjectPublicKeyInfo ( + hx509_context /*context*/, + hx509_request /*req*/, + SubjectPublicKeyInfo */*key*/); + +int +hx509_request_get_name ( + hx509_context /*context*/, + hx509_request /*req*/, + hx509_name */*name*/); + +int +hx509_request_init ( + hx509_context /*context*/, + hx509_request */*req*/); + +int +hx509_request_set_SubjectPublicKeyInfo ( + hx509_context /*context*/, + hx509_request /*req*/, + const SubjectPublicKeyInfo */*key*/); + +int +hx509_request_set_name ( + hx509_context /*context*/, + hx509_request /*req*/, + hx509_name /*name*/); + int hx509_revoke_add_crl ( hx509_context /*context*/, @@ -899,7 +1082,13 @@ hx509_set_error_stringv ( va_list /*ap*/); const AlgorithmIdentifier * -hx509_signature_md2 (void); +hx509_signature_ecPublicKey (void); + +const AlgorithmIdentifier * +hx509_signature_ecdsa_with_sha1 (void); + +const AlgorithmIdentifier * +hx509_signature_ecdsa_with_sha256 (void); const AlgorithmIdentifier * hx509_signature_md5 (void); @@ -910,9 +1099,6 @@ hx509_signature_rsa (void); const AlgorithmIdentifier * hx509_signature_rsa_pkcs1_x509 (void); -const AlgorithmIdentifier * -hx509_signature_rsa_with_md2 (void); - const AlgorithmIdentifier * hx509_signature_rsa_with_md5 (void); @@ -981,6 +1167,11 @@ hx509_verify_attach_revoke ( hx509_verify_ctx /*ctx*/, hx509_revoke_ctx /*revoke_ctx*/); +void +hx509_verify_ctx_f_allow_best_before_signature_algs ( + hx509_context /*ctx*/, + int /*boolean*/); + void hx509_verify_ctx_f_allow_default_trustanchors ( hx509_verify_ctx /*ctx*/, @@ -1042,6 +1233,9 @@ hx509_verify_signature ( void hx509_xfree (void */*ptr*/); +int +yywrap (void); + #ifdef __cplusplus } #endif diff --git a/lib/hx509/hx509.h b/lib/hx509/hx509.h index be02f6347490..3954b54b1c04 100644 --- a/lib/hx509/hx509.h +++ b/lib/hx509/hx509.h @@ -1,37 +1,44 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: hx509.h 22464 2008-01-16 14:24:50Z lha $ */ +/* $Id$ */ + +#ifndef HEIMDAL_HX509_H +#define HEIMDAL_HX509_H 1 + +#include +#include +#include typedef struct hx509_cert_attribute_data *hx509_cert_attribute; typedef struct hx509_cert_data *hx509_cert; @@ -41,6 +48,7 @@ typedef struct hx509_crypto_data *hx509_crypto; typedef struct hx509_lock_data *hx509_lock; typedef struct hx509_name_data *hx509_name; typedef struct hx509_private_key *hx509_private_key; +typedef struct hx509_private_key_ops hx509_private_key_ops; typedef struct hx509_validate_ctx_data *hx509_validate_ctx; typedef struct hx509_verify_ctx_data *hx509_verify_ctx; typedef struct hx509_revoke_ctx_data *hx509_revoke_ctx; @@ -50,7 +58,7 @@ typedef struct hx509_request_data *hx509_request; typedef struct hx509_error_data *hx509_error; typedef struct hx509_peer_info *hx509_peer_info; typedef struct hx509_ca_tbs *hx509_ca_tbs; -typedef struct hx509_env *hx509_env; +typedef struct hx509_env_data *hx509_env; typedef struct hx509_crl *hx509_crl; typedef void (*hx509_vprint_func)(void *, const char *, va_list); @@ -64,6 +72,18 @@ enum { HX509_VALIDATE_F_VERBOSE = 2 }; +enum { + HX509_CRYPTO_PADDING_PKCS7 = 0, + HX509_CRYPTO_PADDING_NONE = 1 +}; + +enum { + HX509_KEY_FORMAT_GUESS = 0, + HX509_KEY_FORMAT_DER = 1, + HX509_KEY_FORMAT_WIN_BACKUPKEY = 2 +}; +typedef uint32_t hx509_key_format_t; + struct hx509_cert_attribute_data { heim_oid oid; heim_octet_string data; @@ -118,6 +138,18 @@ typedef enum { /* flags to hx509_cms_unenvelope */ #define HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT 0x01 +#define HX509_CMS_UE_ALLOW_WEAK 0x02 + +/* flags to hx509_cms_envelope_1 */ +#define HX509_CMS_EV_NO_KU_CHECK 0x01 +#define HX509_CMS_EV_ALLOW_WEAK 0x02 +#define HX509_CMS_EV_ID_NAME 0x04 + +/* flags to hx509_cms_verify_signed */ +#define HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH 0x01 +#define HX509_CMS_VS_NO_KU_CHECK 0x02 +#define HX509_CMS_VS_ALLOW_ZERO_SIGNER 0x04 +#define HX509_CMS_VS_NO_VALIDATE 0x08 /* selectors passed to hx509_crypto_select and hx509_crypto_available */ #define HX509_SELECT_ALL 0 @@ -136,8 +168,11 @@ typedef enum { #define HX509_CA_TEMPLATE_EKU 64 /* flags hx509_cms_create_signed* */ -#define HX509_CMS_SIGATURE_DETACHED 1 -#define HX509_CMS_SIGATURE_ID_NAME 2 +#define HX509_CMS_SIGNATURE_DETACHED 0x01 +#define HX509_CMS_SIGNATURE_ID_NAME 0x02 +#define HX509_CMS_SIGNATURE_NO_SIGNER 0x04 +#define HX509_CMS_SIGNATURE_LEAF_ONLY 0x08 +#define HX509_CMS_SIGNATURE_NO_CERTS 0x10 /* hx509_verify_hostname nametype */ typedef enum { @@ -146,3 +181,6 @@ typedef enum { } hx509_hostname_type; #include +#include + +#endif /* HEIMDAL_HX509_H */ diff --git a/lib/hx509/hx509_err.et b/lib/hx509/hx509_err.et index 8fc5cb8f2f7e..6225f125fb20 100644 --- a/lib/hx509/hx509_err.et +++ b/lib/hx509/hx509_err.et @@ -3,7 +3,7 @@ # # This might look like a com_err file, but is not # -id "$Id: hx509_err.et 22329 2007-12-15 05:13:14Z lha $" +id "$Id$" error_table hx prefix HX509 @@ -62,9 +62,11 @@ error_code OID_MISMATCH, "Mismatch bewteen oids" error_code NO_PROMPTER, "No prompter function defined" error_code SIGNATURE_WITHOUT_SIGNER, "Signature require signer, but non available" error_code RSA_PUBLIC_ENCRYPT, "RSA public encyption failed" -error_code RSA_PRIVATE_ENCRYPT, "RSA public encyption failed" -error_code RSA_PUBLIC_DECRYPT, "RSA private decryption failed" +error_code RSA_PRIVATE_ENCRYPT, "RSA private encyption failed" +error_code RSA_PUBLIC_DECRYPT, "RSA public decryption failed" error_code RSA_PRIVATE_DECRYPT, "RSA private decryption failed" +error_code ALGORITHM_BEST_BEFORE, "Algorithm has passed its best before date" +error_code KEY_FORMAT_UNSUPPORTED, "Key format is unsupported" # revoke related errors index 96 diff --git a/lib/hx509/hx_locl.h b/lib/hx509/hx_locl.h index 145bfcc006d0..a0a5235c7586 100644 --- a/lib/hx509/hx_locl.h +++ b/lib/hx509/hx_locl.h @@ -1,54 +1,57 @@ /* - * Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: hx_locl.h 21083 2007-06-13 02:11:19Z lha $ */ +/* $Id$ */ -#ifdef HAVE_CONFIG_H #include -#endif #include #include #include #include +#ifdef HAVE_STRINGS_H #include +#endif #include #include #include +#include + +#include + #include #include #include -#include #include #include #include @@ -67,6 +70,7 @@ #include +#define HC_DEPRECATED_CRYPTO #include "crypto-headers.h" struct hx509_keyset_ops; @@ -78,7 +82,8 @@ typedef struct hx509_path hx509_path; typedef void (*_hx509_cert_release_func)(struct hx509_cert_data *, void *); -typedef struct hx509_private_key_ops hx509_private_key_ops; + +#include "sel.h" #include #include @@ -128,7 +133,9 @@ struct hx509_query_data { #define HX509_QUERY_MATCH_FUNCTION 0x080000 #define HX509_QUERY_MATCH_KEY_HASH_SHA1 0x100000 #define HX509_QUERY_MATCH_TIME 0x200000 -#define HX509_QUERY_MASK 0x3fffff +#define HX509_QUERY_MATCH_EKU 0x400000 +#define HX509_QUERY_MATCH_EXPR 0x800000 +#define HX509_QUERY_MASK 0xffffff Certificate *subject; Certificate *certificate; heim_integer *serial; @@ -138,26 +145,28 @@ struct hx509_query_data { Name *subject_name; hx509_path *path; char *friendlyname; - int (*cmp_func)(void *, hx509_cert); + int (*cmp_func)(hx509_context, hx509_cert, void *); void *cmp_func_ctx; heim_octet_string *keyhash_sha1; time_t timenow; + heim_oid *eku; + struct hx_expr *expr; }; struct hx509_keyset_ops { const char *name; int flags; - int (*init)(hx509_context, hx509_certs, void **, + int (*init)(hx509_context, hx509_certs, void **, int, const char *, hx509_lock); int (*store)(hx509_context, hx509_certs, void *, int, hx509_lock); int (*free)(hx509_certs, void *); int (*add)(hx509_context, hx509_certs, void *, hx509_cert); - int (*query)(hx509_context, hx509_certs, void *, + int (*query)(hx509_context, hx509_certs, void *, const hx509_query *, hx509_cert *); int (*iter_start)(hx509_context, hx509_certs, void *, void **); int (*iter)(hx509_context, hx509_certs, void *, void *, hx509_cert *); int (*iter_end)(hx509_context, hx509_certs, void *, void *); - int (*printinfo)(hx509_context, hx509_certs, + int (*printinfo)(hx509_context, hx509_certs, void *, int (*)(void *, const char *), void *); int (*getkeys)(hx509_context, hx509_certs, void *, hx509_private_key **); int (*addkey)(hx509_context, hx509_certs, void *, hx509_private_key); @@ -186,6 +195,18 @@ struct hx509_context_data { /* _hx509_calculate_path flag field */ #define HX509_CALCULATE_PATH_NO_ANCHOR 1 +/* environment */ +struct hx509_env_data { + enum { env_string, env_list } type; + char *name; + struct hx509_env_data *next; + union { + char *string; + struct hx509_env_data *list; + } u; +}; + + extern const AlgorithmIdentifier * _hx509_crypto_default_sig_alg; extern const AlgorithmIdentifier * _hx509_crypto_default_digest_alg; extern const AlgorithmIdentifier * _hx509_crypto_default_secret_alg; diff --git a/lib/hx509/hxtool-commands.in b/lib/hx509/hxtool-commands.in index b648ecf584ae..ab517224ecd7 100644 --- a/lib/hx509/hxtool-commands.in +++ b/lib/hx509/hxtool-commands.in @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan + * Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -30,10 +30,11 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ -/* $Id: hxtool-commands.in 21343 2007-06-26 14:21:55Z lha $ */ +/* $Id$ */ command = { name = "cms-create-sd" + name = "cms-sign" option = { long = "certificate" short = "c" @@ -93,12 +94,27 @@ command = { type = "flag" help = "create a detached signature" } + option = { + long = "signer" + type = "-flag" + help = "do not sign" + } option = { long = "id-by-name" type = "flag" help = "use subject name for CMS Identifier" } - min_args="2" + option = { + long = "embedded-certs" + type = "-flag" + help = "dont embedded certficiates" + } + option = { + long = "embed-leaf-only" + type = "flag" + help = "only embed leaf certificate" + } + min_args="1" max_args="2" argument="in-file out-file" help = "Wrap a file within a SignedData object" @@ -107,6 +123,7 @@ command = { name = "cms-verify-sd" option = { long = "anchors" + short = "D" type = "strings" argument = "certificate-store" help = "trust anchors" @@ -134,14 +151,29 @@ command = { type = "flag" help = "unwrap in-data that's in a ContentInfo" } + option = { + long = "pem" + type = "flag" + help = "unwrap in-data from PEM armor" + } + option = { + long = "signer-allowed" + type = "-flag" + help = "allow no signer" + } + option = { + long = "allow-wrong-oid" + type = "flag" + help = "allow wrong oid flag" + } option = { long = "signed-content" type = "string" help = "file containing content" } - min_args="2" + min_args="1" max_args="2" - argument="in-file out-file" + argument="in-file [out-file]" help = "Verify a file within a SignedData object" } command = { @@ -164,6 +196,11 @@ command = { type = "flag" help = "wrapped out-data in a ContentInfo" } + option = { + long = "allow-weak-crypto" + type = "flag" + help = "allow weak crypto" + } min_args="2" argument="in-file out-file" help = "Unenvelope a file containing a EnvelopedData object" @@ -201,6 +238,11 @@ command = { type = "flag" help = "wrapped out-data in a ContentInfo" } + option = { + long = "allow-weak-crypto" + type = "flag" + help = "allow weak crypto" + } min_args="2" argument="in-file out-file" help = "Envelope a file containing a EnvelopedData object" @@ -262,6 +304,11 @@ command = { type = "flag" help = "print the content of the certificates" } + option = { + long = "never-fail" + type = "flag" + help = "never fail with an error code" + } option = { long = "info" type = "flag" @@ -437,6 +484,18 @@ command = { argument = "name" help = "match on friendly name" } + option = { + long = "eku" + type = "string" + argument = "oid-string" + help = "match on EKU" + } + option = { + long = "expr" + type = "string" + argument = "expression" + help = "match on expression" + } option = { long = "keyEncipherment" type = "flag" @@ -557,7 +616,7 @@ command = { option = { long = "type" type = "strings" - help = "Type of certificate to issue" + help = "Types of certificate to issue (can be used more then once)" } option = { long = "lifetime" diff --git a/lib/hx509/hxtool-version.rc b/lib/hx509/hxtool-version.rc new file mode 100644 index 000000000000..7e5197cc47a5 --- /dev/null +++ b/lib/hx509/hxtool-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Heimdal X.509 Certificate Tool" +#define RC_FILE_ORIG_0409 "hxtool.exe" + +#include "../../windows/version.rc" diff --git a/lib/hx509/hxtool.c b/lib/hx509/hxtool.c index 55410b1da75d..4bd467f4284a 100644 --- a/lib/hx509/hxtool.c +++ b/lib/hx509/hxtool.c @@ -1,41 +1,41 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: hxtool.c 22333 2007-12-17 01:03:43Z lha $"); #include #include +#include #include static hx509_context context; @@ -45,9 +45,9 @@ static int version_flag; static int help_flag; struct getargs args[] = { - { "statistic-file", 0, arg_string, &stat_file_string }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "statistic-file", 0, arg_string, &stat_file_string, NULL, NULL }, + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; int num_args = sizeof(args) / sizeof(args[0]); @@ -70,7 +70,7 @@ lock_strings(hx509_lock lock, getarg_strings *pass) for (i = 0; i < pass->num_strings; i++) { int ret = hx509_lock_command_string(lock, pass->strings[i]); if (ret) - errx(1, "hx509_lock_command_string: %s: %d", + errx(1, "hx509_lock_command_string: %s: %d", pass->strings[i], ret); } } @@ -80,15 +80,15 @@ lock_strings(hx509_lock lock, getarg_strings *pass) */ static void -certs_strings(hx509_context context, const char *type, hx509_certs certs, +certs_strings(hx509_context contextp, const char *type, hx509_certs certs, hx509_lock lock, const getarg_strings *s) { int i, ret; for (i = 0; i < s->num_strings; i++) { - ret = hx509_certs_append(context, certs, lock, s->strings[i]); + ret = hx509_certs_append(contextp, certs, lock, s->strings[i]); if (ret) - hx509_err(context, 1, ret, + hx509_err(contextp, 1, ret, "hx509_certs_append: %s %s", type, s->strings[i]); } } @@ -114,33 +114,63 @@ parse_oid(const char *str, const heim_oid *def, heim_oid *oid) */ static void -peer_strings(hx509_context context, - hx509_peer_info *peer, +peer_strings(hx509_context contextp, + hx509_peer_info *peer, const getarg_strings *s) { AlgorithmIdentifier *val; int ret, i; - - ret = hx509_peer_info_alloc(context, peer); + + ret = hx509_peer_info_alloc(contextp, peer); if (ret) - hx509_err(context, 1, ret, "hx509_peer_info_alloc"); - + hx509_err(contextp, 1, ret, "hx509_peer_info_alloc"); + val = calloc(s->num_strings, sizeof(*val)); if (val == NULL) err(1, "malloc"); for (i = 0; i < s->num_strings; i++) parse_oid(s->strings[i], NULL, &val[i].algorithm); - - ret = hx509_peer_info_set_cms_algs(context, *peer, val, s->num_strings); + + ret = hx509_peer_info_set_cms_algs(contextp, *peer, val, s->num_strings); if (ret) - hx509_err(context, 1, ret, "hx509_peer_info_set_cms_algs"); + hx509_err(contextp, 1, ret, "hx509_peer_info_set_cms_algs"); for (i = 0; i < s->num_strings; i++) free_AlgorithmIdentifier(&val[i]); free(val); } +/* + * + */ + +struct pem_data { + heim_octet_string *os; + int detached_data; +}; + +static int +pem_reader(hx509_context contextp, const char *type, + const hx509_pem_header *headers, + const void *data , size_t length, void *ctx) +{ + struct pem_data *p = (struct pem_data *)ctx; + const char *h; + + p->os->data = malloc(length); + if (p->os->data == NULL) + return ENOMEM; + memcpy(p->os->data, data, length); + p->os->length = length; + + h = hx509_pem_find_header(headers, "Content-disposition"); + if (h && strcasecmp(h, "detached") == 0) + p->detached_data = 1; + + return 0; +} + /* * */ @@ -155,10 +185,10 @@ cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv) hx509_certs signers = NULL; hx509_certs anchors = NULL; hx509_lock lock; - int ret; + int ret, flags = 0; size_t sz; - void *p; + void *p = NULL; if (opt->missing_revoke_flag) hx509_context_set_missing_revoke(context, 1); @@ -166,27 +196,66 @@ cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv) hx509_lock_init(context, &lock); lock_strings(lock, &opt->pass_strings); - ret = _hx509_map_file(argv[0], &p, &sz, NULL); - if (ret) - err(1, "map_file: %s: %d", argv[0], ret); - - if (opt->signed_content_string) { - ret = _hx509_map_file_os(opt->signed_content_string, &signeddata, NULL); - if (ret) - err(1, "map_file: %s: %d", opt->signed_content_string, ret); - sd = &signeddata; - } - ret = hx509_verify_init_ctx(context, &ctx); + if (ret) + hx509_err(context, 1, ret, "hx509_verify_init_ctx"); ret = hx509_certs_init(context, "MEMORY:cms-anchors", 0, NULL, &anchors); + if (ret) + hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &store); + if (ret) + hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); certs_strings(context, "anchors", anchors, lock, &opt->anchors_strings); certs_strings(context, "store", store, lock, &opt->certificate_strings); - co.data = p; - co.length = sz; + if (opt->pem_flag) { + struct pem_data pd; + FILE *f; + + pd.os = &co; + pd.detached_data = 0; + + f = fopen(argv[0], "r"); + if (f == NULL) + err(1, "Failed to open file %s", argv[0]); + + ret = hx509_pem_read(context, f, pem_reader, &pd); + fclose(f); + if (ret) + errx(1, "PEM reader failed: %d", ret); + + if (pd.detached_data && opt->signed_content_string == NULL) { + char *r = strrchr(argv[0], '.'); + if (r && strcasecmp(r, ".pem") == 0) { + char *s = strdup(argv[0]); + if (s == NULL) + errx(1, "malloc: out of memory"); + s[r - argv[0]] = '\0'; + ret = _hx509_map_file_os(s, &signeddata); + if (ret) + errx(1, "map_file: %s: %d", s, ret); + free(s); + sd = &signeddata; + } + } + + } else { + ret = rk_undumpdata(argv[0], &p, &sz); + if (ret) + err(1, "map_file: %s: %d", argv[0], ret); + + co.data = p; + co.length = sz; + } + + if (opt->signed_content_string) { + ret = _hx509_map_file_os(opt->signed_content_string, &signeddata); + if (ret) + errx(1, "map_file: %s: %d", opt->signed_content_string, ret); + sd = &signeddata; + } if (opt->content_info_flag) { heim_octet_string uwco; @@ -196,19 +265,32 @@ cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv) if (ret) errx(1, "hx509_cms_unwrap_ContentInfo: %d", ret); - if (der_heim_oid_cmp(&oid, oid_id_pkcs7_signedData()) != 0) + if (der_heim_oid_cmp(&oid, &asn1_oid_id_pkcs7_signedData) != 0) errx(1, "Content is not SignedData"); der_free_oid(&oid); + if (p == NULL) + der_free_octet_string(&co); + else { + rk_xfree(p); + p = NULL; + } co = uwco; } hx509_verify_attach_anchors(ctx, anchors); - ret = hx509_cms_verify_signed(context, ctx, co.data, co.length, sd, + if (!opt->signer_allowed_flag) + flags |= HX509_CMS_VS_ALLOW_ZERO_SIGNER; + if (opt->allow_wrong_oid_flag) + flags |= HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH; + + ret = hx509_cms_verify_signed(context, ctx, flags, co.data, co.length, sd, store, &type, &c, &signers); - if (co.data != p) + if (p != co.data) der_free_octet_string(&co); + else + rk_xfree(p); if (ret) hx509_err(context, 1, ret, "hx509_cms_verify_signed"); @@ -219,8 +301,12 @@ cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv) free(str); der_free_oid(&type); } - printf("signers:\n"); - hx509_certs_iter(context, signers, hx509_ci_print_names, stdout); + if (signers == NULL) { + printf("unsigned\n"); + } else { + printf("signers:\n"); + hx509_certs_iter_f(context, signers, hx509_ci_print_names, stdout); + } hx509_verify_destroy_ctx(ctx); @@ -230,18 +316,43 @@ cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv) hx509_lock_free(lock); - ret = _hx509_write_file(argv[1], c.data, c.length); - if (ret) - errx(1, "hx509_write_file: %d", ret); + if (argc > 1) { + ret = _hx509_write_file(argv[1], c.data, c.length); + if (ret) + errx(1, "hx509_write_file: %d", ret); + } der_free_octet_string(&c); - _hx509_unmap_file(p, sz); + if (sd) _hx509_unmap_file_os(sd); return 0; } +static int +print_signer(hx509_context contextp, void *ctx, hx509_cert cert) +{ + hx509_pem_header **header = ctx; + char *signer_name = NULL; + hx509_name name; + int ret; + + ret = hx509_cert_get_subject(cert, &name); + if (ret) + errx(1, "hx509_cert_get_subject"); + + ret = hx509_name_to_string(name, &signer_name); + hx509_name_free(&name); + if (ret) + errx(1, "hx509_name_to_string"); + + hx509_pem_add_header(header, "Signer", signer_name); + + free(signer_name); + return 0; +} + int cms_create_sd(struct cms_create_sd_options *opt, int argc, char **argv) { @@ -250,96 +361,100 @@ cms_create_sd(struct cms_create_sd_options *opt, int argc, char **argv) heim_octet_string o; hx509_query *q; hx509_lock lock; - hx509_certs store, pool, anchors; - hx509_cert cert; + hx509_certs store, pool, anchors, signer = NULL; size_t sz; void *p; int ret, flags = 0; - char *signer_name = NULL; + char *infile, *outfile = NULL; memset(&contentType, 0, sizeof(contentType)); - if (argc < 2) - errx(1, "argc < 2"); + infile = argv[0]; + + if (argc < 2) { + asprintf(&outfile, "%s.%s", infile, + opt->pem_flag ? "pem" : "cms-signeddata"); + if (outfile == NULL) + errx(1, "out of memory"); + } else + outfile = argv[1]; hx509_lock_init(context, &lock); lock_strings(lock, &opt->pass_strings); ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &store); + if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); ret = hx509_certs_init(context, "MEMORY:cert-pool", 0, NULL, &pool); + if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); certs_strings(context, "store", store, lock, &opt->certificate_strings); certs_strings(context, "pool", pool, lock, &opt->pool_strings); if (opt->anchors_strings.num_strings) { - ret = hx509_certs_init(context, "MEMORY:cert-anchors", + ret = hx509_certs_init(context, "MEMORY:cert-anchors", 0, NULL, &anchors); + if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); certs_strings(context, "anchors", anchors, lock, &opt->anchors_strings); } else anchors = NULL; if (opt->detached_signature_flag) - flags |= HX509_CMS_SIGATURE_DETACHED; + flags |= HX509_CMS_SIGNATURE_DETACHED; if (opt->id_by_name_flag) - flags |= HX509_CMS_SIGATURE_ID_NAME; + flags |= HX509_CMS_SIGNATURE_ID_NAME; + if (!opt->signer_flag) { + flags |= HX509_CMS_SIGNATURE_NO_SIGNER; - ret = hx509_query_alloc(context, &q); + } + + if (opt->signer_flag) { + ret = hx509_query_alloc(context, &q); + if (ret) + errx(1, "hx509_query_alloc: %d", ret); + + hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); + hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); + + if (opt->signer_string) + hx509_query_match_friendly_name(q, opt->signer_string); + + ret = hx509_certs_filter(context, store, q, &signer); + hx509_query_free(context, q); + if (ret) + hx509_err(context, 1, ret, "hx509_certs_find"); + } + if (!opt->embedded_certs_flag) + flags |= HX509_CMS_SIGNATURE_NO_CERTS; + if (opt->embed_leaf_only_flag) + flags |= HX509_CMS_SIGNATURE_LEAF_ONLY; + + ret = rk_undumpdata(infile, &p, &sz); if (ret) - errx(1, "hx509_query_alloc: %d", ret); - - hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); - - if (opt->signer_string) - hx509_query_match_friendly_name(q, opt->signer_string); - - ret = hx509_certs_find(context, store, q, &cert); - hx509_query_free(context, q); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_find"); - - ret = _hx509_map_file(argv[0], &p, &sz, NULL); - if (ret) - err(1, "map_file: %s: %d", argv[0], ret); + err(1, "map_file: %s: %d", infile, ret); if (opt->peer_alg_strings.num_strings) peer_strings(context, &peer, &opt->peer_alg_strings); - parse_oid(opt->content_type_string, oid_id_pkcs7_data(), &contentType); + parse_oid(opt->content_type_string, &asn1_oid_id_pkcs7_data, &contentType); - ret = hx509_cms_create_signed_1(context, - flags, - &contentType, - p, - sz, - NULL, - cert, - peer, - anchors, - pool, - &o); + ret = hx509_cms_create_signed(context, + flags, + &contentType, + p, + sz, + NULL, + signer, + peer, + anchors, + pool, + &o); if (ret) - errx(1, "hx509_cms_create_signed: %d", ret); - - { - hx509_name name; - - ret = hx509_cert_get_subject(cert, &name); - if (ret) - errx(1, "hx509_cert_get_subject"); - - ret = hx509_name_to_string(name, &signer_name); - hx509_name_free(&name); - if (ret) - errx(1, "hx509_name_to_string"); - } - + hx509_err(context, 1, ret, "hx509_cms_create_signed: %d", ret); hx509_certs_free(&anchors); hx509_certs_free(&pool); - hx509_cert_free(cert); hx509_certs_free(&store); - _hx509_unmap_file(p, sz); + rk_xfree(p); hx509_lock_free(lock); hx509_peer_info_free(peer); der_free_oid(&contentType); @@ -347,7 +462,7 @@ cms_create_sd(struct cms_create_sd_options *opt, int argc, char **argv) if (opt->content_info_flag) { heim_octet_string wo; - ret = hx509_cms_wrap_ContentInfo(oid_id_pkcs7_signedData(), &o, &wo); + ret = hx509_cms_wrap_ContentInfo(&asn1_oid_id_pkcs7_signedData, &o, &wo); if (ret) errx(1, "hx509_cms_wrap_ContentInfo: %d", ret); @@ -359,15 +474,20 @@ cms_create_sd(struct cms_create_sd_options *opt, int argc, char **argv) hx509_pem_header *header = NULL; FILE *f; - hx509_pem_add_header(&header, "Content-disposition", - opt->detached_signature_flag ? "detached" : "inline"); - hx509_pem_add_header(&header, "Signer", signer_name); + hx509_pem_add_header(&header, "Content-disposition", + opt->detached_signature_flag ? + "detached" : "inline"); + if (signer) { + ret = hx509_certs_iter_f(context, signer, print_signer, header); + if (ret) + hx509_err(context, 1, ret, "print signer"); + } - f = fopen(argv[1], "w"); + f = fopen(outfile, "w"); if (f == NULL) - err(1, "open %s", argv[1]); - - ret = hx509_pem_write(context, "CMS SIGNEDDATA", header, f, + err(1, "open %s", outfile); + + ret = hx509_pem_write(context, "CMS SIGNEDDATA", header, f, o.data, o.length); fclose(f); hx509_pem_free_header(header); @@ -375,12 +495,12 @@ cms_create_sd(struct cms_create_sd_options *opt, int argc, char **argv) errx(1, "hx509_pem_write: %d", ret); } else { - ret = _hx509_write_file(argv[1], o.data, o.length); + ret = _hx509_write_file(outfile, o.data, o.length); if (ret) errx(1, "hx509_write_file: %d", ret); } - free(signer_name); + hx509_certs_free(&signer); free(o.data); return 0; @@ -396,11 +516,12 @@ cms_unenvelope(struct cms_unenvelope_options *opt, int argc, char **argv) void *p; int ret; hx509_lock lock; + int flags = 0; hx509_lock_init(context, &lock); lock_strings(lock, &opt->pass_strings); - ret = _hx509_map_file(argv[0], &p, &sz, NULL); + ret = rk_undumpdata(argv[0], &p, &sz); if (ret) err(1, "map_file: %s: %d", argv[0], ret); @@ -415,7 +536,7 @@ cms_unenvelope(struct cms_unenvelope_options *opt, int argc, char **argv) if (ret) errx(1, "hx509_cms_unwrap_ContentInfo: %d", ret); - if (der_heim_oid_cmp(&oid, oid_id_pkcs7_envelopedData()) != 0) + if (der_heim_oid_cmp(&oid, &asn1_oid_id_pkcs7_envelopedData) != 0) errx(1, "Content is not SignedData"); der_free_oid(&oid); @@ -428,14 +549,17 @@ cms_unenvelope(struct cms_unenvelope_options *opt, int argc, char **argv) certs_strings(context, "store", certs, lock, &opt->certificate_strings); - ret = hx509_cms_unenvelope(context, certs, 0, co.data, co.length, - NULL, &contentType, &o); + if (opt->allow_weak_crypto_flag) + flags |= HX509_CMS_UE_ALLOW_WEAK; + + ret = hx509_cms_unenvelope(context, certs, flags, co.data, co.length, + NULL, 0, &contentType, &o); if (co.data != p) der_free_octet_string(&co); if (ret) hx509_err(context, 1, ret, "hx509_cms_unenvelope"); - _hx509_unmap_file(p, sz); + rk_xfree(p); hx509_lock_free(lock); hx509_certs_free(&certs); der_free_oid(&contentType); @@ -462,24 +586,29 @@ cms_create_enveloped(struct cms_envelope_options *opt, int argc, char **argv) size_t sz; void *p; hx509_lock lock; + int flags = 0; memset(&contentType, 0, sizeof(contentType)); hx509_lock_init(context, &lock); lock_strings(lock, &opt->pass_strings); - ret = _hx509_map_file(argv[0], &p, &sz, NULL); + ret = rk_undumpdata(argv[0], &p, &sz); if (ret) err(1, "map_file: %s: %d", argv[0], ret); ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &certs); + if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); certs_strings(context, "store", certs, lock, &opt->certificate_strings); + if (opt->allow_weak_crypto_flag) + flags |= HX509_CMS_EV_ALLOW_WEAK; + if (opt->encryption_type_string) { enctype = hx509_crypto_enctype_by_name(opt->encryption_type_string); if (enctype == NULL) - errx(1, "encryption type: %s no found", + errx(1, "encryption type: %s no found", opt->encryption_type_string); } @@ -494,22 +623,22 @@ cms_create_enveloped(struct cms_envelope_options *opt, int argc, char **argv) if (ret) errx(1, "hx509_certs_find: %d", ret); - parse_oid(opt->content_type_string, oid_id_pkcs7_data(), &contentType); + parse_oid(opt->content_type_string, &asn1_oid_id_pkcs7_data, &contentType); - ret = hx509_cms_envelope_1(context, 0, cert, p, sz, enctype, + ret = hx509_cms_envelope_1(context, flags, cert, p, sz, enctype, &contentType, &o); if (ret) errx(1, "hx509_cms_envelope_1: %d", ret); hx509_cert_free(cert); hx509_certs_free(&certs); - _hx509_unmap_file(p, sz); + rk_xfree(p); der_free_oid(&contentType); if (opt->content_info_flag) { heim_octet_string wo; - ret = hx509_cms_wrap_ContentInfo(oid_id_pkcs7_envelopedData(), &o, &wo); + ret = hx509_cms_wrap_ContentInfo(&asn1_oid_id_pkcs7_envelopedData, &o, &wo); if (ret) errx(1, "hx509_cms_wrap_ContentInfo: %d", ret); @@ -531,46 +660,18 @@ cms_create_enveloped(struct cms_envelope_options *opt, int argc, char **argv) static void print_certificate(hx509_context hxcontext, hx509_cert cert, int verbose) { - hx509_name name; const char *fn; - char *str; int ret; - + fn = hx509_cert_get_friendly_name(cert); if (fn) printf(" friendly name: %s\n", fn); - printf(" private key: %s\n", + printf(" private key: %s\n", _hx509_cert_private_key(cert) ? "yes" : "no"); - ret = hx509_cert_get_issuer(cert, &name); - hx509_name_to_string(name, &str); - hx509_name_free(&name); - printf(" issuer: \"%s\"\n", str); - free(str); - - ret = hx509_cert_get_subject(cert, &name); - hx509_name_to_string(name, &str); - hx509_name_free(&name); - printf(" subject: \"%s\"\n", str); - free(str); - - { - heim_integer serialNumber; - - hx509_cert_get_serialnumber(cert, &serialNumber); - der_print_hex_heim_integer(&serialNumber, &str); - der_free_heim_integer(&serialNumber); - printf(" serial: %s\n", str); - free(str); - } - - printf(" keyusage: "); - ret = hx509_cert_keyusage_print(hxcontext, cert, &str); - if (ret == 0) { - printf("%s\n", str); - free(str); - } else - printf("no"); + ret = hx509_print_cert(hxcontext, cert, NULL); + if (ret) + errx(1, "failed to print cert"); if (verbose) { hx509_validate_ctx vctx; @@ -579,7 +680,7 @@ print_certificate(hx509_context hxcontext, hx509_cert cert, int verbose) hx509_validate_ctx_set_print(vctx, hx509_print_stdout, stdout); hx509_validate_ctx_add_flags(vctx, HX509_VALIDATE_F_VALIDATE); hx509_validate_ctx_add_flags(vctx, HX509_VALIDATE_F_VERBOSE); - + hx509_validate_cert(hxcontext, vctx, cert); hx509_validate_ctx_free(vctx); @@ -596,7 +697,7 @@ static int print_f(hx509_context hxcontext, void *ctx, hx509_cert cert) { struct print_s *s = ctx; - + printf("cert: %d\n", s->counter++); print_certificate(context, cert, s->verbose); @@ -619,11 +720,16 @@ pcert_print(struct print_options *opt, int argc, char **argv) while(argc--) { int ret; ret = hx509_certs_init(context, argv[0], 0, lock, &certs); - if (ret) + if (ret) { + if (opt->never_fail_flag) { + printf("ignoreing failure: %d\n", ret); + continue; + } hx509_err(context, 1, ret, "hx509_certs_init"); + } if (opt->info_flag) hx509_certs_info(context, certs, NULL, NULL); - hx509_certs_iter(context, certs, print_f, &s); + hx509_certs_iter_f(context, certs, print_f, &s); hx509_certs_free(&certs); argv++; } @@ -660,7 +766,7 @@ pcert_validate(struct validate_options *opt, int argc, char **argv) ret = hx509_certs_init(context, argv[0], 0, lock, &certs); if (ret) errx(1, "hx509_certs_init: %d", ret); - hx509_certs_iter(context, certs, validate_f, ctx); + hx509_certs_iter_f(context, certs, validate_f, ctx); hx509_certs_free(&certs); argv++; } @@ -675,31 +781,40 @@ int certificate_copy(struct certificate_copy_options *opt, int argc, char **argv) { hx509_certs certs; - hx509_lock lock; + hx509_lock inlock, outlock = NULL; int ret; - hx509_lock_init(context, &lock); - lock_strings(lock, &opt->in_pass_strings); + hx509_lock_init(context, &inlock); + lock_strings(inlock, &opt->in_pass_strings); - ret = hx509_certs_init(context, argv[argc - 1], - HX509_CERTS_CREATE, lock, &certs); + if (opt->out_pass_string) { + hx509_lock_init(context, &outlock); + ret = hx509_lock_command_string(outlock, opt->out_pass_string); + if (ret) + errx(1, "hx509_lock_command_string: %s: %d", + opt->out_pass_string, ret); + } + + ret = hx509_certs_init(context, argv[argc - 1], + HX509_CERTS_CREATE, inlock, &certs); if (ret) hx509_err(context, 1, ret, "hx509_certs_init"); while(argc-- > 1) { - int ret; - ret = hx509_certs_append(context, certs, lock, argv[0]); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_append"); + int retx; + retx = hx509_certs_append(context, certs, inlock, argv[0]); + if (retx) + hx509_err(context, 1, retx, "hx509_certs_append"); argv++; } - ret = hx509_certs_store(context, certs, 0, NULL); + ret = hx509_certs_store(context, certs, 0, outlock); if (ret) hx509_err(context, 1, ret, "hx509_certs_store"); hx509_certs_free(&certs); - hx509_lock_free(lock); + hx509_lock_free(inlock); + hx509_lock_free(outlock); return 0; } @@ -709,6 +824,7 @@ struct verify { hx509_certs chain; const char *hostname; int errors; + int count; }; static int @@ -723,8 +839,10 @@ verify_f(hx509_context hxcontext, void *ctx, hx509_cert c) printf("verify_path: %s: %d\n", s, ret); hx509_free_error_string(s); v->errors++; - } else + } else { + v->count++; printf("path ok\n"); + } if (v->hostname) { ret = hx509_verify_hostname(hxcontext, c, 0, HX509_HN_HOSTNAME, @@ -753,9 +871,17 @@ pcert_verify(struct verify_options *opt, int argc, char **argv) hx509_context_set_missing_revoke(context, 1); ret = hx509_verify_init_ctx(context, &ctx); + if (ret) + hx509_err(context, 1, ret, "hx509_verify_init_ctx"); ret = hx509_certs_init(context, "MEMORY:anchors", 0, NULL, &anchors); + if (ret) + hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); ret = hx509_certs_init(context, "MEMORY:chain", 0, NULL, &chain); + if (ret) + hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); ret = hx509_certs_init(context, "MEMORY:certs", 0, NULL, &certs); + if (ret) + hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); if (opt->allow_proxy_certificate_flag) hx509_verify_set_proxy_certificate(ctx, 1); @@ -771,7 +897,7 @@ pcert_verify(struct verify_options *opt, int argc, char **argv) if (p == NULL) errx(1, "Failed to parse time %s, need to be on format %%Y-%%m-%%d", opt->time_string); - + t = tm2time (tm, 0); hx509_verify_set_time(ctx, t); @@ -808,7 +934,7 @@ pcert_verify(struct verify_options *opt, int argc, char **argv) ret = hx509_certs_append(context, certs, NULL, s); if (ret) - hx509_err(context, 1, ret, "hx509_certs_append: certs: %s: %d", + hx509_err(context, 1, ret, "hx509_certs_append: certs: %s: %d", s, ret); } else if (strncmp(s, "crl:", 4) == 0) { @@ -836,7 +962,7 @@ pcert_verify(struct verify_options *opt, int argc, char **argv) v.ctx = ctx; v.chain = chain; - hx509_certs_iter(context, certs, verify_f, &v); + hx509_certs_iter_f(context, certs, verify_f, &v); hx509_verify_destroy_ctx(ctx); @@ -846,6 +972,12 @@ pcert_verify(struct verify_options *opt, int argc, char **argv) hx509_revoke_free(&revoke_ctx); + + if (v.count == 0) { + printf("no certs verify at all\n"); + return 1; + } + if (v.errors) { printf("failed verifing %d checks\n", v.errors); return 1; @@ -871,6 +1003,7 @@ query(struct query_options *opt, int argc, char **argv) lock_strings(lock, &opt->pass_strings); ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &certs); + if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); while (argc > 0) { @@ -885,6 +1018,17 @@ query(struct query_options *opt, int argc, char **argv) if (opt->friendlyname_string) hx509_query_match_friendly_name(q, opt->friendlyname_string); + if (opt->eku_string) { + heim_oid oid; + + parse_oid(opt->eku_string, NULL, &oid); + + ret = hx509_query_match_eku(q, &oid); + if (ret) + errx(1, "hx509_query_match_eku: %d", ret); + der_free_oid(&oid); + } + if (opt->private_key_flag) hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); @@ -894,6 +1038,9 @@ query(struct query_options *opt, int argc, char **argv) if (opt->digitalSignature_flag) hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); + if (opt->expr_string) + hx509_query_match_expr(context, q, opt->expr_string); + ret = hx509_certs_find(context, certs, q, &c); hx509_query_free(context, q); if (ret) @@ -935,12 +1082,14 @@ ocsp_fetch(struct ocsp_fetch_options *opt, int argc, char **argv) url = opt->url_path_string; ret = hx509_certs_init(context, "MEMORY:ocsp-pool", 0, NULL, &pool); + if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); certs_strings(context, "ocsp-pool", pool, lock, &opt->pool_strings); file = argv[0]; ret = hx509_certs_init(context, "MEMORY:ocsp-req", 0, NULL, &reqcerts); + if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); for (i = 1; i < argc; i++) { ret = hx509_certs_append(context, reqcerts, lock, argv[i]); @@ -951,7 +1100,7 @@ ocsp_fetch(struct ocsp_fetch_options *opt, int argc, char **argv) ret = hx509_ocsp_request(context, reqcerts, pool, NULL, NULL, &req, nonce); if (ret) errx(1, "hx509_ocsp_request: req: %d", ret); - + { FILE *f; @@ -959,7 +1108,7 @@ ocsp_fetch(struct ocsp_fetch_options *opt, int argc, char **argv) if (f == NULL) abort(); - fprintf(f, + fprintf(f, "POST %s HTTP/1.0\r\n" "Content-Type: application/ocsp-request\r\n" "Content-Length: %ld\r\n" @@ -997,7 +1146,7 @@ verify_o(hx509_context hxcontext, void *ctx, hx509_cert c) time_t expiration; int ret; - ret = hx509_ocsp_verify(context, 0, c, 0, + ret = hx509_ocsp_verify(context, 0, c, 0, os->data, os->length, &expiration); if (ret) { char *s = hx509_get_error_string(hxcontext, ret); @@ -1017,17 +1166,18 @@ ocsp_verify(struct ocsp_verify_options *opt, int argc, char **argv) hx509_certs certs; int ret, i; heim_octet_string os; - + hx509_lock_init(context, &lock); if (opt->ocsp_file_string == NULL) errx(1, "no ocsp file given"); - ret = _hx509_map_file(opt->ocsp_file_string, &os.data, &os.length, NULL); + ret = _hx509_map_file_os(opt->ocsp_file_string, &os); if (ret) err(1, "map_file: %s: %d", argv[0], ret); - + ret = hx509_certs_init(context, "MEMORY:test-certs", 0, NULL, &certs); + if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); for (i = 0; i < argc; i++) { ret = hx509_certs_append(context, certs, lock, argv[i]); @@ -1035,10 +1185,10 @@ ocsp_verify(struct ocsp_verify_options *opt, int argc, char **argv) hx509_err(context, 1, ret, "hx509_certs_append: %s", argv[i]); } - ret = hx509_certs_iter(context, certs, verify_o, &os); + ret = hx509_certs_iter_f(context, certs, verify_o, &os); hx509_certs_free(&certs); - _hx509_unmap_file(os.data, os.length); + _hx509_unmap_file_os(&os); hx509_lock_free(lock); return ret; @@ -1050,7 +1200,7 @@ read_private_key(const char *fn, hx509_private_key *key) hx509_private_key *keys; hx509_certs certs; int ret; - + *key = NULL; ret = hx509_certs_init(context, fn, 0, NULL, &certs); @@ -1085,10 +1235,10 @@ get_key(const char *fn, const char *type, int optbits, if (fn == NULL) errx(1, "no key argument, don't know here to store key"); - + if (strcasecmp(type, "rsa") != 0) errx(1, "can only handle rsa keys for now"); - + e = BN_new(); BN_set_word(e, 0x10001); @@ -1110,13 +1260,13 @@ get_key(const char *fn, const char *type, int optbits, p0 = p = malloc(len); if (p == NULL) errx(1, "out of memory"); - + i2d_RSAPrivateKey(rsa, &p); rk_dumpdata(fn, p0, len); memset(p0, 0, len); free(p0); - + RSA_free(rsa); } else if (fn == NULL) @@ -1139,12 +1289,12 @@ request_create(struct request_create_options *opt, int argc, char **argv) memset(&key, 0, sizeof(key)); - get_key(opt->key_string, + get_key(opt->key_string, opt->generate_key_string, opt->key_bits_integer, &signer); - - _hx509_request_init(context, &req); + + hx509_request_init(context, &req); if (opt->subject_string) { hx509_name name = NULL; @@ -1152,7 +1302,7 @@ request_create(struct request_create_options *opt, int argc, char **argv) ret = hx509_parse_name(context, opt->subject_string, &name); if (ret) errx(1, "hx509_parse_name: %d\n", ret); - _hx509_request_set_name(context, req, name); + hx509_request_set_name(context, req, name); if (opt->verbose_flag) { char *s; @@ -1163,26 +1313,30 @@ request_create(struct request_create_options *opt, int argc, char **argv) } for (i = 0; i < opt->email_strings.num_strings; i++) { - ret = _hx509_request_add_email(context, req, + ret = _hx509_request_add_email(context, req, opt->email_strings.strings[i]); + if (ret) + hx509_err(context, 1, ret, "hx509_request_add_email"); } for (i = 0; i < opt->dnsname_strings.num_strings; i++) { - ret = _hx509_request_add_dns_name(context, req, + ret = _hx509_request_add_dns_name(context, req, opt->dnsname_strings.strings[i]); + if (ret) + hx509_err(context, 1, ret, "hx509_request_add_dns_name"); } - ret = _hx509_private_key2SPKI(context, signer, &key); + ret = hx509_private_key2SPKI(context, signer, &key); if (ret) - errx(1, "_hx509_private_key2SPKI: %d\n", ret); + errx(1, "hx509_private_key2SPKI: %d\n", ret); - ret = _hx509_request_set_SubjectPublicKeyInfo(context, + ret = hx509_request_set_SubjectPublicKeyInfo(context, req, &key); free_SubjectPublicKeyInfo(&key); if (ret) - hx509_err(context, 1, ret, "_hx509_request_set_SubjectPublicKeyInfo"); + hx509_err(context, 1, ret, "hx509_request_set_SubjectPublicKeyInfo"); ret = _hx509_request_to_pkcs10(context, req, @@ -1191,8 +1345,8 @@ request_create(struct request_create_options *opt, int argc, char **argv) if (ret) hx509_err(context, 1, ret, "_hx509_request_to_pkcs10"); - _hx509_private_key_free(&signer); - _hx509_request_free(&req); + hx509_private_key_free(&signer); + hx509_request_free(&req); if (ret == 0) rk_dumpdata(outfile, request.data, request.length); @@ -1216,7 +1370,7 @@ request_print(struct request_print_options *opt, int argc, char **argv) hx509_err(context, 1, ret, "parse_request: %s", argv[i]); ret = _hx509_request_print(context, req, stdout); - _hx509_request_free(&req); + hx509_request_free(&req); if (ret) hx509_err(context, 1, ret, "Failed to print file %s", argv[i]); } @@ -1240,6 +1394,15 @@ info(void *opt, int argc, char **argv) if (m != NULL) printf("dh: %s\n", m->name); } +#ifdef HAVE_OPENSSL + { + printf("ecdsa: ECDSA_METHOD-not-export\n"); + } +#else + { + printf("ecdsa: hcrypto null\n"); + } +#endif { int ret = RAND_status(); printf("rand: %s\n", ret == 1 ? "ok" : "not available"); @@ -1286,7 +1449,7 @@ crypto_available(struct crypto_available_options *opt, int argc, char **argv) { AlgorithmIdentifier *val; unsigned int len, i; - int ret, type; + int ret, type = HX509_SELECT_ALL; if (opt->type_string) { if (strcmp(opt->type_string, "all") == 0) @@ -1299,8 +1462,7 @@ crypto_available(struct crypto_available_options *opt, int argc, char **argv) type = HX509_SELECT_SECRET_ENC; else errx(1, "unknown type: %s", opt->type_string); - } else - type = HX509_SELECT_ALL; + } ret = hx509_crypto_available(context, type, NULL, &val, &len); if (ret) @@ -1323,7 +1485,7 @@ crypto_select(struct crypto_select_options *opt, int argc, char **argv) { hx509_peer_info peer = NULL; AlgorithmIdentifier selected; - int ret, type; + int ret, type = HX509_SELECT_DIGEST; char *s; if (opt->type_string) { @@ -1335,8 +1497,7 @@ crypto_select(struct crypto_select_options *opt, int argc, char **argv) type = HX509_SELECT_SECRET_ENC; else errx(1, "unknown type: %s", opt->type_string); - } else - type = HX509_SELECT_DIGEST; + } if (opt->peer_cmstype_strings.num_strings) peer_strings(context, &peer, &opt->peer_cmstype_strings); @@ -1371,15 +1532,17 @@ hxtool_hex(struct hex_options *opt, int argc, char **argv) len = hex_decode(p, buf2, strlen(p)); if (len < 0) errx(1, "hex_decode failed"); - if (fwrite(buf2, 1, len, stdout) != len) + if (fwrite(buf2, 1, len, stdout) != (size_t)len) errx(1, "fwrite failed"); } } else { - char buf[28], *p; - size_t len; + char buf[28], *p; + ssize_t len; while((len = fread(buf, 1, sizeof(buf), stdin)) != 0) { len = hex_encode(buf, len, &p); + if (len < 0) + continue; fprintf(stdout, "%s\n", p); free(p); } @@ -1387,112 +1550,193 @@ hxtool_hex(struct hex_options *opt, int argc, char **argv) return 0; } +struct cert_type_opt { + int pkinit; +}; + + static int -eval_types(hx509_context context, +https_server(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt) +{ + return hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkix_kp_serverAuth); +} + +static int +https_client(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt) +{ + return hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkix_kp_clientAuth); +} + +static int +peap_server(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt) +{ + return hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkix_kp_serverAuth); +} + +static int +pkinit_kdc(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt) +{ + opt->pkinit++; + return hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkkdcekuoid); +} + +static int +pkinit_client(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt) +{ + int ret; + + opt->pkinit++; + + ret = hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkekuoid); + if (ret) + return ret; + + ret = hx509_ca_tbs_add_eku(context, tbs, &asn1_oid_id_ms_client_authentication); + if (ret) + return ret; + + return hx509_ca_tbs_add_eku(context, tbs, &asn1_oid_id_pkinit_ms_eku); +} + +static int +email_client(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt) +{ + return hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkix_kp_emailProtection); +} + +struct { + const char *type; + const char *desc; + int (*eval)(hx509_context, hx509_ca_tbs, struct cert_type_opt *); +} certtypes[] = { + { + "https-server", + "Used for HTTPS server and many other TLS server certificate types", + https_server + }, + { + "https-client", + "Used for HTTPS client certificates", + https_client + }, + { + "email-client", + "Certificate will be use for email", + email_client + }, + { + "pkinit-client", + "Certificate used for Kerberos PK-INIT client certificates", + pkinit_client + }, + { + "pkinit-kdc", + "Certificates used for Kerberos PK-INIT KDC certificates", + pkinit_kdc + }, + { + "peap-server", + "Certificate used for Radius PEAP (Protected EAP)", + peap_server + } +}; + +static void +print_eval_types(FILE *out) +{ + rtbl_t table; + unsigned i; + + table = rtbl_create(); + rtbl_add_column_by_id (table, 0, "Name", 0); + rtbl_add_column_by_id (table, 1, "Description", 0); + + for (i = 0; i < sizeof(certtypes)/sizeof(certtypes[0]); i++) { + rtbl_add_column_entry_by_id(table, 0, certtypes[i].type); + rtbl_add_column_entry_by_id(table, 1, certtypes[i].desc); + } + + rtbl_format (table, out); + rtbl_destroy (table); +} + +static int +eval_types(hx509_context contextp, hx509_ca_tbs tbs, const struct certificate_sign_options *opt) { - int pkinit = 0; - int i, ret; + struct cert_type_opt ctopt; + int i; + size_t j; + int ret; + + memset(&ctopt, 0, sizeof(ctopt)); for (i = 0; i < opt->type_strings.num_strings; i++) { const char *type = opt->type_strings.strings[i]; - - if (strcmp(type, "https-server") == 0) { - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkix_kp_serverAuth()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - } else if (strcmp(type, "https-client") == 0) { - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkix_kp_clientAuth()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - } else if (strcmp(type, "peap-server") == 0) { - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkix_kp_serverAuth()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - } else if (strcmp(type, "pkinit-kdc") == 0) { - pkinit++; - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkkdcekuoid()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - } else if (strcmp(type, "pkinit-client") == 0) { - pkinit++; - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkekuoid()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_ms_client_authentication()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkinit_ms_eku()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - - } else if (strcmp(type, "email") == 0) { - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkix_kp_emailProtection()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - } else - errx(1, "unknown type %s", type); + for (j = 0; j < sizeof(certtypes)/sizeof(certtypes[0]); j++) { + if (strcasecmp(type, certtypes[j].type) == 0) { + ret = (*certtypes[j].eval)(contextp, tbs, &ctopt); + if (ret) + hx509_err(contextp, 1, ret, + "Failed to evaluate cert type %s", type); + break; + } + } + if (j >= sizeof(certtypes)/sizeof(certtypes[0])) { + fprintf(stderr, "Unknown certificate type %s\n\n", type); + fprintf(stderr, "Available types:\n"); + print_eval_types(stderr); + exit(1); + } } - if (pkinit > 1) - errx(1, "More the one PK-INIT type given"); - if (opt->pk_init_principal_string) { - if (!pkinit) + if (!ctopt.pkinit) errx(1, "pk-init principal given but no pk-init oid"); - ret = hx509_ca_tbs_add_san_pkinit(context, tbs, + ret = hx509_ca_tbs_add_san_pkinit(contextp, tbs, opt->pk_init_principal_string); if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_pkinit"); + hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_pkinit"); } if (opt->ms_upn_string) { - if (!pkinit) - errx(1, "MS up given but no pk-init oid"); + if (!ctopt.pkinit) + errx(1, "MS upn given but no pk-init oid"); - ret = hx509_ca_tbs_add_san_ms_upn(context, tbs, opt->ms_upn_string); + ret = hx509_ca_tbs_add_san_ms_upn(contextp, tbs, opt->ms_upn_string); if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_ms_upn"); + hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_ms_upn"); } - + for (i = 0; i < opt->hostname_strings.num_strings; i++) { const char *hostname = opt->hostname_strings.strings[i]; - ret = hx509_ca_tbs_add_san_hostname(context, tbs, hostname); + ret = hx509_ca_tbs_add_san_hostname(contextp, tbs, hostname); if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_hostname"); + hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_hostname"); } for (i = 0; i < opt->email_strings.num_strings; i++) { const char *email = opt->email_strings.strings[i]; - ret = hx509_ca_tbs_add_san_rfc822name(context, tbs, email); + ret = hx509_ca_tbs_add_san_rfc822name(contextp, tbs, email); if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_hostname"); - - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkix_kp_emailProtection()); + hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_hostname"); + + ret = hx509_ca_tbs_add_eku(contextp, tbs, + &asn1_oid_id_pkix_kp_emailProtection); if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); + hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_eku"); } if (opt->jid_string) { - ret = hx509_ca_tbs_add_san_jid(context, tbs, opt->jid_string); + ret = hx509_ca_tbs_add_san_jid(contextp, tbs, opt->jid_string); if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_jid"); + hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_jid"); } return 0; @@ -1557,6 +1801,9 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) if (opt->generate_key_string == NULL && opt->ca_private_key_string == NULL) errx(1, "no signing private key"); + + if (opt->req_string) + errx(1, "can't be self-signing and have a request at the same time"); } else errx(1, "missing ca key"); @@ -1566,9 +1813,9 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) if (ret) err(1, "read_private_key"); - ret = _hx509_private_key2SPKI(context, private_key, &spki); + ret = hx509_private_key2SPKI(context, private_key, &spki); if (ret) - errx(1, "_hx509_private_key2SPKI: %d\n", ret); + errx(1, "hx509_private_key2SPKI: %d\n", ret); if (opt->self_signed_flag) cert_key = private_key; @@ -1580,21 +1827,23 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) ret = _hx509_request_parse(context, opt->req_string, &req); if (ret) hx509_err(context, 1, ret, "parse_request: %s", opt->req_string); - ret = _hx509_request_get_name(context, req, &subject); + ret = hx509_request_get_name(context, req, &subject); if (ret) hx509_err(context, 1, ret, "get name"); - ret = _hx509_request_get_SubjectPublicKeyInfo(context, req, &spki); + ret = hx509_request_get_SubjectPublicKeyInfo(context, req, &spki); if (ret) hx509_err(context, 1, ret, "get spki"); - _hx509_request_free(&req); + hx509_request_free(&req); } if (opt->generate_key_string) { struct hx509_generate_private_context *keyctx; - ret = _hx509_generate_private_key_init(context, - oid_id_pkcs1_rsaEncryption(), + ret = _hx509_generate_private_key_init(context, + &asn1_oid_id_pkcs1_rsaEncryption, &keyctx); + if (ret) + hx509_err(context, 1, ret, "generate private key"); if (opt->issue_ca_flag) _hx509_generate_private_key_is_ca(context, keyctx); @@ -1608,10 +1857,10 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) _hx509_generate_private_key_free(&keyctx); if (ret) hx509_err(context, 1, ret, "generate private key"); - - ret = _hx509_private_key2SPKI(context, cert_key, &spki); + + ret = hx509_private_key2SPKI(context, cert_key, &spki); if (ret) - errx(1, "_hx509_private_key2SPKI: %d\n", ret); + errx(1, "hx509_private_key2SPKI: %d\n", ret); if (opt->self_signed_flag) private_key = cert_key; @@ -1638,7 +1887,7 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) ret = hx509_ca_tbs_init(context, &tbs); if (ret) hx509_err(context, 1, ret, "hx509_ca_tbs_init"); - + if (opt->template_certificate_string) { hx509_cert template; hx509_certs tcerts; @@ -1656,7 +1905,7 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) if (ret) hx509_err(context, 1, ret, "no template certificate found"); - flags = parse_units(opt->template_fields_string, + flags = parse_units(opt->template_fields_string, hx509_ca_tbs_template_units(), ""); ret = hx509_ca_tbs_set_template(context, tbs, flags, template); @@ -1692,7 +1941,7 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) } if (opt->crl_uri_string) { - ret = hx509_ca_tbs_add_crl_dp_uri(context, tbs, + ret = hx509_ca_tbs_add_crl_dp_uri(context, tbs, opt->crl_uri_string, NULL); if (ret) hx509_err(context, 1, ret, "hx509_ca_tbs_add_crl_dp_uri"); @@ -1720,7 +1969,7 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) ret = hx509_ca_tbs_set_notAfter_lifetime(context, tbs, delta); if (ret) hx509_err(context, 1, ret, "hx509_ca_tbs_set_notAfter_lifetime"); - } + } if (opt->self_signed_flag) { ret = hx509_ca_sign_self(context, tbs, private_key, &cert); @@ -1736,12 +1985,12 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) ret = _hx509_cert_assign_key(cert, cert_key); if (ret) hx509_err(context, 1, ret, "_hx509_cert_assign_key"); - } + } { hx509_certs certs; - ret = hx509_certs_init(context, opt->certificate_string, + ret = hx509_certs_init(context, opt->certificate_string, HX509_CERTS_CREATE, NULL, &certs); if (ret) hx509_err(context, 1, ret, "hx509_certs_init"); @@ -1765,8 +2014,8 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) free_SubjectPublicKeyInfo(&spki); if (private_key != cert_key) - _hx509_private_key_free(&private_key); - _hx509_private_key_free(&cert_key); + hx509_private_key_free(&private_key); + hx509_private_key_free(&cert_key); hx509_ca_tbs_free(&tbs); @@ -1790,7 +2039,7 @@ test_one_cert(hx509_context hxcontext, void *ctx, hx509_cert cert) if (ret) errx(1, "hx509_cms_create_signed_1"); - ret = hx509_cms_verify_signed(context, vctx, sd.data, sd.length, + ret = hx509_cms_verify_signed(context, vctx, 0, sd.data, sd.length, NULL, NULL, &type, &c, &signer); free(sd.data); if (ret) @@ -1815,6 +2064,7 @@ test_crypto(struct test_crypto_options *opt, int argc, char ** argv) lock_strings(lock, &opt->pass_strings); ret = hx509_certs_init(context, "MEMORY:test-crypto", 0, NULL, &certs); + if (ret) hx509_err(context, 1, ret, "hx509_certs_init: MEMORY"); for (i = 0; i < argc; i++) { ret = hx509_certs_append(context, certs, lock, argv[i]); @@ -1828,7 +2078,9 @@ test_crypto(struct test_crypto_options *opt, int argc, char ** argv) hx509_verify_attach_anchors(vctx, certs); - ret = hx509_certs_iter(context, certs, test_one_cert, vctx); + ret = hx509_certs_iter_f(context, certs, test_one_cert, vctx); + if (ret) + hx509_err(context, 1, ret, "hx509_cert_iter"); hx509_certs_free(&certs); @@ -1880,7 +2132,7 @@ crl_sign(struct crl_sign_options *opt, int argc, char **argv) ret = hx509_certs_init(context, opt->signer_string, 0, NULL, &certs); if (ret) - hx509_err(context, 1, ret, + hx509_err(context, 1, ret, "hx509_certs_init: %s", opt->signer_string); ret = hx509_query_alloc(context, &q); @@ -1912,6 +2164,9 @@ crl_sign(struct crl_sign_options *opt, int argc, char **argv) ret = hx509_certs_init(context, "MEMORY:revoked-certs", 0, NULL, &revoked); + if (ret) + hx509_err(context, 1, ret, + "hx509_certs_init: MEMORY cert"); for (i = 0; i < argc; i++) { ret = hx509_certs_append(context, revoked, lock, argv[i]); diff --git a/lib/hx509/keyset.c b/lib/hx509/keyset.c index 2fcff7b03b35..c0275d949d06 100644 --- a/lib/hx509/keyset.c +++ b/lib/hx509/keyset.c @@ -1,38 +1,39 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: keyset.c 22466 2008-01-16 14:26:35Z lha $"); /** * @page page_keyset Certificate store operations @@ -40,7 +41,7 @@ RCSID("$Id: keyset.c 22466 2008-01-16 14:26:35Z lha $"); * Type of certificates store: * - MEMORY * In memory based format. Doesnt support storing. - * - FILE + * - FILE * FILE supports raw DER certicates and PEM certicates. When PEM is * used the file can contain may certificates and match private * keys. Support storing the certificates. DER format only supports @@ -59,7 +60,7 @@ RCSID("$Id: keyset.c 22466 2008-01-16 14:26:35Z lha $"); */ struct hx509_certs_data { - int ref; + unsigned int ref; struct hx509_keyset_ops *ops; void *ops_data; }; @@ -84,7 +85,7 @@ _hx509_ks_register(hx509_context context, struct hx509_keyset_ops *ops) if (_hx509_ks_type(context, ops->name)) return; - val = realloc(context->ks_ops, + val = realloc(context->ks_ops, (context->ks_num_ops + 1) * sizeof(context->ks_ops[0])); if (val == NULL) return; @@ -138,10 +139,10 @@ hx509_certs_init(hx509_context context, hx509_clear_error_string(context); return ENOMEM; } - + ops = _hx509_ks_type(context, type); if (ops == NULL) { - hx509_set_error_string(context, 0, ENOENT, + hx509_set_error_string(context, 0, ENOENT, "Keyset type %s is not supported", type); free(type); return ENOENT; @@ -199,15 +200,15 @@ hx509_certs_store(hx509_context context, hx509_certs -_hx509_certs_ref(hx509_certs certs) +hx509_certs_ref(hx509_certs certs) { if (certs == NULL) return NULL; - if (certs->ref <= 0) - _hx509_abort("certs refcount <= 0"); - certs->ref++; if (certs->ref == 0) - _hx509_abort("certs refcount == 0"); + _hx509_abort("certs refcount == 0 on ref"); + if (certs->ref == UINT_MAX) + _hx509_abort("certs refcount == UINT_MAX on ref"); + certs->ref++; return certs; } @@ -223,8 +224,8 @@ void hx509_certs_free(hx509_certs *certs) { if (*certs) { - if ((*certs)->ref <= 0) - _hx509_abort("refcount <= 0"); + if ((*certs)->ref == 0) + _hx509_abort("cert refcount == 0 on free"); if (--(*certs)->ref > 0) return; @@ -257,8 +258,8 @@ hx509_certs_start_seq(hx509_context context, int ret; if (certs->ops->iter_start == NULL) { - hx509_set_error_string(context, 0, HX509_UNSUPPORTED_OPERATION, - "Keyset type %s doesn't support iteration", + hx509_set_error_string(context, 0, HX509_UNSUPPORTED_OPERATION, + "Keyset type %s doesn't support iteration", certs->ops->name); return HX509_UNSUPPORTED_OPERATION; } @@ -324,7 +325,7 @@ hx509_certs_end_seq(hx509_context context, * @param certs certificate store to iterate over. * @param func function to call for each certificate. The function * should return non-zero to abort the iteration, that value is passed - * back to te caller of hx509_certs_iter(). + * back to the caller of hx509_certs_iter_f(). * @param ctx context variable that will passed to the function. * * @return Returns an hx509 error code. @@ -333,10 +334,10 @@ hx509_certs_end_seq(hx509_context context, */ int -hx509_certs_iter(hx509_context context, - hx509_certs certs, - int (*func)(hx509_context, void *, hx509_cert), - void *ctx) +hx509_certs_iter_f(hx509_context context, + hx509_certs certs, + int (*func)(hx509_context, void *, hx509_cert), + void *ctx) { hx509_cursor cursor; hx509_cert c; @@ -345,7 +346,7 @@ hx509_certs_iter(hx509_context context, ret = hx509_certs_start_seq(context, certs, &cursor); if (ret) return ret; - + while (1) { ret = hx509_certs_next_cert(context, certs, cursor, &c); if (ret) @@ -365,13 +366,61 @@ hx509_certs_iter(hx509_context context, return ret; } - /** - * Function to use to hx509_certs_iter() as a function argument, the - * ctx variable to hx509_certs_iter() should be a FILE file descriptor. + * Iterate over all certificates in a keystore and call an function + * for each fo them. * * @param context a hx509 context. - * @param ctx used by hx509_certs_iter(). + * @param certs certificate store to iterate over. + * @param func function to call for each certificate. The function + * should return non-zero to abort the iteration, that value is passed + * back to the caller of hx509_certs_iter(). + * + * @return Returns an hx509 error code. + * + * @ingroup hx509_keyset + */ + +#ifdef __BLOCKS__ + +static int +certs_iter(hx509_context context, void *ctx, hx509_cert cert) +{ + int (^func)(hx509_cert) = ctx; + return func(cert); +} + +/** + * Iterate over all certificates in a keystore and call an block + * for each fo them. + * + * @param context a hx509 context. + * @param certs certificate store to iterate over. + * @param func block to call for each certificate. The function + * should return non-zero to abort the iteration, that value is passed + * back to the caller of hx509_certs_iter(). + * + * @return Returns an hx509 error code. + * + * @ingroup hx509_keyset + */ + +int +hx509_certs_iter(hx509_context context, + hx509_certs certs, + int (^func)(hx509_cert)) +{ + return hx509_certs_iter_f(context, certs, certs_iter, func); +} +#endif + + +/** + * Function to use to hx509_certs_iter_f() as a function argument, the + * ctx variable to hx509_certs_iter_f() should be a FILE file descriptor. + * + * @param context a hx509 context. + * @param ctx used by hx509_certs_iter_f(). * @param c a certificate * * @return Returns an hx509 error code. @@ -420,8 +469,8 @@ int hx509_certs_add(hx509_context context, hx509_certs certs, hx509_cert cert) { if (certs->ops->add == NULL) { - hx509_set_error_string(context, 0, ENOENT, - "Keyset type %s doesn't support add operation", + hx509_set_error_string(context, 0, ENOENT, + "Keyset type %s doesn't support add operation", certs->ops->name); return ENOENT; } @@ -445,7 +494,7 @@ hx509_certs_add(hx509_context context, hx509_certs certs, hx509_cert cert) int hx509_certs_find(hx509_context context, - hx509_certs certs, + hx509_certs certs, const hx509_query *q, hx509_cert *r) { @@ -481,6 +530,10 @@ hx509_certs_find(hx509_context context, hx509_certs_end_seq(context, certs, cursor); if (ret) return ret; + /** + * Return HX509_CERT_NOT_FOUND if no certificate in certs matched + * the query. + */ if (c == NULL) { hx509_clear_error_string(context); return HX509_CERT_NOT_FOUND; @@ -489,6 +542,77 @@ hx509_certs_find(hx509_context context, return 0; } +/** + * Filter certificate matching the query. + * + * @param context a hx509 context. + * @param certs certificate store to search. + * @param q query allocated with @ref hx509_query functions. + * @param result the filtered certificate store, caller must free with + * hx509_certs_free(). + * + * @return Returns an hx509 error code. + * + * @ingroup hx509_keyset + */ + +int +hx509_certs_filter(hx509_context context, + hx509_certs certs, + const hx509_query *q, + hx509_certs *result) +{ + hx509_cursor cursor; + hx509_cert c; + int ret, found = 0; + + _hx509_query_statistic(context, 0, q); + + ret = hx509_certs_init(context, "MEMORY:filter-certs", 0, + NULL, result); + if (ret) + return ret; + + ret = hx509_certs_start_seq(context, certs, &cursor); + if (ret) { + hx509_certs_free(result); + return ret; + } + + c = NULL; + while (1) { + ret = hx509_certs_next_cert(context, certs, cursor, &c); + if (ret) + break; + if (c == NULL) + break; + if (_hx509_query_match_cert(context, q, c)) { + hx509_certs_add(context, *result, c); + found = 1; + } + hx509_cert_free(c); + } + + hx509_certs_end_seq(context, certs, cursor); + if (ret) { + hx509_certs_free(result); + return ret; + } + + /** + * Return HX509_CERT_NOT_FOUND if no certificate in certs matched + * the query. + */ + if (!found) { + hx509_certs_free(result); + hx509_clear_error_string(context); + return HX509_CERT_NOT_FOUND; + } + + return 0; +} + + static int certs_merge_func(hx509_context context, void *ctx, hx509_cert c) { @@ -513,7 +637,7 @@ hx509_certs_merge(hx509_context context, hx509_certs to, hx509_certs from) { if (from == NULL) return 0; - return hx509_certs_iter(context, from, certs_merge_func, to); + return hx509_certs_iter_f(context, from, certs_merge_func, to); } /** @@ -604,7 +728,7 @@ certs_info_stdio(void *ctx, const char *str) */ int -hx509_certs_info(hx509_context context, +hx509_certs_info(hx509_context context, hx509_certs certs, int (*func)(void *, const char *), void *ctx) @@ -639,8 +763,8 @@ _hx509_pi_printf(int (*func)(void *, const char *), void *ctx, } int -_hx509_certs_keys_get(hx509_context context, - hx509_certs certs, +_hx509_certs_keys_get(hx509_context context, + hx509_certs certs, hx509_private_key **keys) { if (certs->ops->getkeys == NULL) { @@ -651,8 +775,8 @@ _hx509_certs_keys_get(hx509_context context, } int -_hx509_certs_keys_add(hx509_context context, - hx509_certs certs, +_hx509_certs_keys_add(hx509_context context, + hx509_certs certs, hx509_private_key key) { if (certs->ops->addkey == NULL) { @@ -672,6 +796,6 @@ _hx509_certs_keys_free(hx509_context context, { int i; for (i = 0; keys[i]; i++) - _hx509_private_key_free(&keys[i]); + hx509_private_key_free(&keys[i]); free(keys); } diff --git a/lib/hx509/ks_dir.c b/lib/hx509/ks_dir.c index a0bc875e5b8c..264b1bf552d8 100644 --- a/lib/hx509/ks_dir.c +++ b/lib/hx509/ks_dir.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: ks_dir.c 19778 2007-01-09 10:52:13Z lha $"); #include /* @@ -55,7 +54,7 @@ struct dircursor { static int dir_init(hx509_context context, - hx509_certs certs, void **data, int flags, + hx509_certs certs, void **data, int flags, const char *residue, hx509_lock lock) { *data = NULL; @@ -71,7 +70,7 @@ dir_init(hx509_context context, return ENOENT; } - if ((sb.st_mode & S_IFDIR) == 0) { + if (!S_ISDIR(sb.st_mode)) { hx509_set_error_string(context, 0, ENOTDIR, "%s is not a directory", residue); return ENOTDIR; @@ -94,9 +93,7 @@ dir_free(hx509_certs certs, void *data) return 0; } - - -static int +static int dir_iter_start(hx509_context context, hx509_certs certs, void *data, void **cursor) { @@ -116,6 +113,7 @@ dir_iter_start(hx509_context context, free(d); return errno; } + rk_cloexec_dir(d->dir); d->certs = NULL; d->iter = NULL; @@ -129,7 +127,7 @@ dir_iter(hx509_context context, { struct dircursor *d = iter; int ret = 0; - + *cert = NULL; do { @@ -160,10 +158,10 @@ dir_iter(hx509_context context, } if (strcmp(dir->d_name, ".") == 0 || strcmp(dir->d_name, "..") == 0) continue; - + if (asprintf(&fn, "FILE:%s/%s", (char *)data, dir->d_name) == -1) return ENOMEM; - + ret = hx509_certs_init(context, fn, 0, NULL, &d->certs); if (ret == 0) { diff --git a/lib/hx509/ks_file.c b/lib/hx509/ks_file.c index 87b97af401c5..d21d88928708 100644 --- a/lib/hx509/ks_file.c +++ b/lib/hx509/ks_file.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: ks_file.c 22465 2008-01-16 14:25:24Z lha $"); typedef enum { USE_PEM, USE_DER } outformat; @@ -47,10 +46,11 @@ struct ks_file { */ static int -parse_certificate(hx509_context context, const char *fn, - struct hx509_collector *c, +parse_certificate(hx509_context context, const char *fn, + struct hx509_collector *c, const hx509_pem_header *headers, - const void *data, size_t len) + const void *data, size_t len, + const AlgorithmIdentifier *ai) { hx509_cert cert; int ret; @@ -112,7 +112,7 @@ try_decrypt(hx509_context context, EVP_CipherInit_ex(&ctx, c, NULL, key, ivdata, 0); EVP_Cipher(&ctx, clear.data, cipher, len); EVP_CIPHER_CTX_cleanup(&ctx); - } + } ret = _hx509_collector_private_key_add(context, collector, @@ -130,10 +130,40 @@ try_decrypt(hx509_context context, } static int -parse_rsa_private_key(hx509_context context, const char *fn, - struct hx509_collector *c, +parse_pkcs8_private_key(hx509_context context, const char *fn, + struct hx509_collector *c, + const hx509_pem_header *headers, + const void *data, size_t length, + const AlgorithmIdentifier *ai) +{ + PKCS8PrivateKeyInfo ki; + heim_octet_string keydata; + + int ret; + + ret = decode_PKCS8PrivateKeyInfo(data, length, &ki, NULL); + if (ret) + return ret; + + keydata.data = rk_UNCONST(data); + keydata.length = length; + + ret = _hx509_collector_private_key_add(context, + c, + &ki.privateKeyAlgorithm, + NULL, + &ki.privateKey, + &keydata); + free_PKCS8PrivateKeyInfo(&ki); + return ret; +} + +static int +parse_pem_private_key(hx509_context context, const char *fn, + struct hx509_collector *c, const hx509_pem_header *headers, - const void *data, size_t len) + const void *data, size_t len, + const AlgorithmIdentifier *ai) { int ret = 0; const char *enc; @@ -147,7 +177,8 @@ parse_rsa_private_key(hx509_context context, const char *fn, const EVP_CIPHER *cipher; const struct _hx509_password *pw; hx509_lock lock; - int i, decrypted = 0; + int decrypted = 0; + size_t i; lock = _hx509_collector_get_lock(c); if (lock == NULL) { @@ -159,7 +190,7 @@ parse_rsa_private_key(hx509_context context, const char *fn, if (strcmp(enc, "4,ENCRYPTED") != 0) { hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "RSA key encrypted in unknown method %s " + "Private key encrypted in unknown method %s " "in file", enc, fn); hx509_clear_error_string(context); @@ -169,7 +200,7 @@ parse_rsa_private_key(hx509_context context, const char *fn, dek = hx509_pem_find_header(headers, "DEK-Info"); if (dek == NULL) { hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "Encrypted RSA missing DEK-Info"); + "Encrypted private key missing DEK-Info"); return HX509_PARSING_KEY_FAILED; } @@ -201,7 +232,7 @@ parse_rsa_private_key(hx509_context context, const char *fn, if (cipher == NULL) { free(ivdata); hx509_set_error_string(context, 0, HX509_ALG_NOT_SUPP, - "RSA key encrypted with " + "Private key encrypted with " "unsupported cipher: %s", type); free(type); @@ -218,10 +249,11 @@ parse_rsa_private_key(hx509_context context, const char *fn, if (ssize < 0 || ssize < PKCS5_SALT_LEN || ssize < EVP_CIPHER_iv_length(cipher)) { free(ivdata); hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "Salt have wrong length in RSA key file"); + "Salt have wrong length in " + "private key file"); return HX509_PARSING_KEY_FAILED; } - + pw = _hx509_lock_get_passwords(lock); if (pw != NULL) { const void *password; @@ -230,10 +262,9 @@ parse_rsa_private_key(hx509_context context, const char *fn, for (i = 0; i < pw->len; i++) { password = pw->val[i]; passwordlen = strlen(password); - - ret = try_decrypt(context, c, hx509_signature_rsa(), - cipher, ivdata, password, passwordlen, - data, len); + + ret = try_decrypt(context, c, ai, cipher, ivdata, + password, passwordlen, data, len); if (ret == 0) { decrypted = 1; break; @@ -253,9 +284,8 @@ parse_rsa_private_key(hx509_context context, const char *fn, ret = hx509_lock_prompt(lock, &prompt); if (ret == 0) - ret = try_decrypt(context, c, hx509_signature_rsa(), - cipher, ivdata, password, strlen(password), - data, len); + ret = try_decrypt(context, c, ai, cipher, ivdata, password, + strlen(password), data, len); /* XXX add password to lock password collection ? */ memset(password, 0, sizeof(password)); } @@ -267,12 +297,8 @@ parse_rsa_private_key(hx509_context context, const char *fn, keydata.data = rk_UNCONST(data); keydata.length = len; - ret = _hx509_collector_private_key_add(context, - c, - hx509_signature_rsa(), - NULL, - &keydata, - NULL); + ret = _hx509_collector_private_key_add(context, c, ai, NULL, + &keydata, NULL); } return ret; @@ -281,11 +307,15 @@ parse_rsa_private_key(hx509_context context, const char *fn, struct pem_formats { const char *name; - int (*func)(hx509_context, const char *, struct hx509_collector *, - const hx509_pem_header *, const void *, size_t); + int (*func)(hx509_context, const char *, struct hx509_collector *, + const hx509_pem_header *, const void *, size_t, + const AlgorithmIdentifier *); + const AlgorithmIdentifier *(*ai)(void); } formats[] = { - { "CERTIFICATE", parse_certificate }, - { "RSA PRIVATE KEY", parse_rsa_private_key } + { "CERTIFICATE", parse_certificate, NULL }, + { "PRIVATE KEY", parse_pkcs8_private_key, NULL }, + { "RSA PRIVATE KEY", parse_pem_private_key, hx509_signature_rsa }, + { "EC PRIVATE KEY", parse_pem_private_key, hx509_signature_ecPublicKey } }; @@ -300,14 +330,24 @@ pem_func(hx509_context context, const char *type, const void *data, size_t len, void *ctx) { struct pem_ctx *pem_ctx = (struct pem_ctx*)ctx; - int ret = 0, j; + int ret = 0; + size_t j; for (j = 0; j < sizeof(formats)/sizeof(formats[0]); j++) { const char *q = formats[j].name; if (strcasecmp(type, q) == 0) { - ret = (*formats[j].func)(context, NULL, pem_ctx->c, header, data, len); - if (ret == 0) - break; + const AlgorithmIdentifier *ai = NULL; + if (formats[j].ai != NULL) + ai = (*formats[j].ai)(); + + ret = (*formats[j].func)(context, NULL, pem_ctx->c, + header, data, len, ai); + if (ret && (pem_ctx->flags & HX509_CERTS_UNPROTECT_ALL)) { + hx509_set_error_string(context, HX509_ERROR_APPEND, ret, + "Failed parseing PEM format %s", type); + return ret; + } + break; } } if (j == sizeof(formats)/sizeof(formats[0])) { @@ -316,8 +356,6 @@ pem_func(hx509_context context, const char *type, "Found no matching PEM format for %s", type); return ret; } - if (ret && (pem_ctx->flags & HX509_CERTS_UNPROTECT_ALL)) - return ret; return 0; } @@ -327,11 +365,11 @@ pem_func(hx509_context context, const char *type, static int file_init_common(hx509_context context, - hx509_certs certs, void **data, int flags, + hx509_certs certs, void **data, int flags, const char *residue, hx509_lock lock, outformat format) { char *p, *pnext; - struct ks_file *f = NULL; + struct ks_file *ksf = NULL; hx509_private_key *keys = NULL; int ret; struct pem_ctx pem_ctx; @@ -344,31 +382,31 @@ file_init_common(hx509_context context, if (lock == NULL) lock = _hx509_empty_lock; - f = calloc(1, sizeof(*f)); - if (f == NULL) { + ksf = calloc(1, sizeof(*ksf)); + if (ksf == NULL) { hx509_clear_error_string(context); return ENOMEM; } - f->format = format; + ksf->format = format; - f->fn = strdup(residue); - if (f->fn == NULL) { + ksf->fn = strdup(residue); + if (ksf->fn == NULL) { hx509_clear_error_string(context); ret = ENOMEM; goto out; } - /* + /* * XXX this is broken, the function should parse the file before * overwriting it */ if (flags & HX509_CERTS_CREATE) { - ret = hx509_certs_init(context, "MEMORY:ks-file-create", - 0, lock, &f->certs); + ret = hx509_certs_init(context, "MEMORY:ks-file-create", + 0, lock, &ksf->certs); if (ret) goto out; - *data = f; + *data = ksf; return 0; } @@ -376,49 +414,56 @@ file_init_common(hx509_context context, if (ret) goto out; - for (p = f->fn; p != NULL; p = pnext) { + for (p = ksf->fn; p != NULL; p = pnext) { FILE *f; pnext = strchr(p, ','); if (pnext) *pnext++ = '\0'; - + if ((f = fopen(p, "r")) == NULL) { ret = ENOENT; - hx509_set_error_string(context, 0, ret, - "Failed to open PEM file \"%s\": %s", + hx509_set_error_string(context, 0, ret, + "Failed to open PEM file \"%s\": %s", p, strerror(errno)); goto out; } + rk_cloexec_file(f); ret = hx509_pem_read(context, f, pem_func, &pem_ctx); - fclose(f); + fclose(f); if (ret != 0 && ret != HX509_PARSING_KEY_FAILED) goto out; else if (ret == HX509_PARSING_KEY_FAILED) { size_t length; void *ptr; - int i; + size_t i; - ret = _hx509_map_file(p, &ptr, &length, NULL); + ret = rk_undumpdata(p, &ptr, &length); if (ret) { hx509_clear_error_string(context); goto out; } for (i = 0; i < sizeof(formats)/sizeof(formats[0]); i++) { - ret = (*formats[i].func)(context, p, pem_ctx.c, NULL, ptr, length); + const AlgorithmIdentifier *ai = NULL; + if (formats[i].ai != NULL) + ai = (*formats[i].ai)(); + + ret = (*formats[i].func)(context, p, pem_ctx.c, NULL, ptr, length, ai); if (ret == 0) break; } - _hx509_unmap_file(ptr, length); - if (ret) + rk_xfree(ptr); + if (ret) { + hx509_clear_error_string(context); goto out; + } } } - ret = _hx509_collector_collect_certs(context, pem_ctx.c, &f->certs); + ret = _hx509_collector_collect_certs(context, pem_ctx.c, &ksf->certs); if (ret) goto out; @@ -427,17 +472,17 @@ file_init_common(hx509_context context, int i; for (i = 0; keys[i]; i++) - _hx509_certs_keys_add(context, f->certs, keys[i]); + _hx509_certs_keys_add(context, ksf->certs, keys[i]); _hx509_certs_keys_free(context, keys); } out: if (ret == 0) - *data = f; + *data = ksf; else { - if (f->fn) - free(f->fn); - free(f); + if (ksf->fn) + free(ksf->fn); + free(ksf); } if (pem_ctx.c) _hx509_collector_free(pem_ctx.c); @@ -447,7 +492,7 @@ file_init_common(hx509_context context, static int file_init_pem(hx509_context context, - hx509_certs certs, void **data, int flags, + hx509_certs certs, void **data, int flags, const char *residue, hx509_lock lock) { return file_init_common(context, certs, data, flags, residue, lock, USE_PEM); @@ -455,7 +500,7 @@ file_init_pem(hx509_context context, static int file_init_der(hx509_context context, - hx509_certs certs, void **data, int flags, + hx509_certs certs, void **data, int flags, const char *residue, hx509_lock lock) { return file_init_common(context, certs, data, flags, residue, lock, USE_DER); @@ -464,10 +509,10 @@ file_init_der(hx509_context context, static int file_free(hx509_certs certs, void *data) { - struct ks_file *f = data; - hx509_certs_free(&f->certs); - free(f->fn); - free(f); + struct ks_file *ksf = data; + hx509_certs_free(&ksf->certs); + free(ksf->fn); + free(ksf); return 0; } @@ -486,19 +531,20 @@ store_func(hx509_context context, void *ctx, hx509_cert c) ret = hx509_cert_binary(context, c, &data); if (ret) return ret; - + switch (sc->format) { case USE_DER: fwrite(data.data, data.length, 1, sc->f); free(data.data); break; case USE_PEM: - hx509_pem_write(context, "CERTIFICATE", NULL, sc->f, + hx509_pem_write(context, "CERTIFICATE", NULL, sc->f, data.data, data.length); free(data.data); if (_hx509_cert_private_key_exportable(c)) { hx509_private_key key = _hx509_cert_private_key(c); - ret = _hx509_private_key_export(context, key, &data); + ret = _hx509_private_key_export(context, key, + HX509_KEY_FORMAT_DER, &data); if (ret) break; hx509_pem_write(context, _hx509_private_pem_name(key), NULL, sc->f, @@ -512,47 +558,48 @@ store_func(hx509_context context, void *ctx, hx509_cert c) } static int -file_store(hx509_context context, +file_store(hx509_context context, hx509_certs certs, void *data, int flags, hx509_lock lock) { - struct ks_file *f = data; + struct ks_file *ksf = data; struct store_ctx sc; int ret; - sc.f = fopen(f->fn, "w"); + sc.f = fopen(ksf->fn, "w"); if (sc.f == NULL) { hx509_set_error_string(context, 0, ENOENT, "Failed to open file %s for writing"); return ENOENT; } - sc.format = f->format; + rk_cloexec_file(sc.f); + sc.format = ksf->format; - ret = hx509_certs_iter(context, f->certs, store_func, &sc); + ret = hx509_certs_iter_f(context, ksf->certs, store_func, &sc); fclose(sc.f); return ret; } -static int +static int file_add(hx509_context context, hx509_certs certs, void *data, hx509_cert c) { - struct ks_file *f = data; - return hx509_certs_add(context, f->certs, c); + struct ks_file *ksf = data; + return hx509_certs_add(context, ksf->certs, c); } -static int +static int file_iter_start(hx509_context context, hx509_certs certs, void *data, void **cursor) { - struct ks_file *f = data; - return hx509_certs_start_seq(context, f->certs, cursor); + struct ks_file *ksf = data; + return hx509_certs_start_seq(context, ksf->certs, cursor); } static int file_iter(hx509_context context, hx509_certs certs, void *data, void *iter, hx509_cert *cert) { - struct ks_file *f = data; - return hx509_certs_next_cert(context, f->certs, iter, cert); + struct ks_file *ksf = data; + return hx509_certs_next_cert(context, ksf->certs, iter, cert); } static int @@ -561,8 +608,8 @@ file_iter_end(hx509_context context, void *data, void *cursor) { - struct ks_file *f = data; - return hx509_certs_end_seq(context, f->certs, cursor); + struct ks_file *ksf = data; + return hx509_certs_end_seq(context, ksf->certs, cursor); } static int @@ -571,8 +618,8 @@ file_getkeys(hx509_context context, void *data, hx509_private_key **keys) { - struct ks_file *f = data; - return _hx509_certs_keys_get(context, f->certs, keys); + struct ks_file *ksf = data; + return _hx509_certs_keys_get(context, ksf->certs, keys); } static int @@ -581,8 +628,8 @@ file_addkey(hx509_context context, void *data, hx509_private_key key) { - struct ks_file *f = data; - return _hx509_certs_keys_add(context, f->certs, key); + struct ks_file *ksf = data; + return _hx509_certs_keys_add(context, ksf->certs, key); } static struct hx509_keyset_ops keyset_file = { diff --git a/lib/hx509/ks_keychain.c b/lib/hx509/ks_keychain.c index f8181975d9d5..0552d8f7e97a 100644 --- a/lib/hx509/ks_keychain.c +++ b/lib/hx509/ks_keychain.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: ks_keychain.c 22084 2007-11-16 20:12:30Z lha $"); #ifdef HAVE_FRAMEWORK_SECURITY @@ -44,13 +43,14 @@ OSStatus SecKeyGetCSPHandle(SecKeyRef, CSSM_CSP_HANDLE *); OSStatus SecKeyGetCredentials(SecKeyRef, CSSM_ACL_AUTHORIZATION_TAG, int, const CSSM_ACCESS_CREDENTIALS **); #define kSecCredentialTypeDefault 0 +#define CSSM_SIZE uint32_t #endif static int getAttribute(SecKeychainItemRef itemRef, SecItemAttr item, SecKeychainAttributeList **attrs) -{ +{ SecKeychainAttributeInfo attrInfo; UInt32 attrFormat = 0; OSStatus ret; @@ -60,7 +60,7 @@ getAttribute(SecKeychainItemRef itemRef, SecItemAttr item, attrInfo.count = 1; attrInfo.tag = &item; attrInfo.format = &attrFormat; - + ret = SecKeychainItemCopyAttributesAndData(itemRef, &attrInfo, NULL, attrs, NULL, NULL); if (ret) @@ -101,7 +101,7 @@ kc_rsa_public_decrypt(int flen, static int -kc_rsa_private_encrypt(int flen, +kc_rsa_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, @@ -119,6 +119,8 @@ kc_rsa_private_encrypt(int flen, CSSM_DATA sig, in; int fret = 0; + if (padding != RSA_PKCS1_PADDING) + return -1; cret = SecKeyGetCSSMKey(privKeyRef, &cssmKey); if(cret) abort(); @@ -136,10 +138,10 @@ kc_rsa_private_encrypt(int flen, in.Data = (uint8 *)from; in.Length = flen; - + sig.Data = (uint8 *)to; sig.Length = kc->keysize; - + cret = CSSM_SignData(sigHandle, &in, 1, CSSM_ALGID_NONE, &sig); if(cret) { /* cssmErrorString(cret); */ @@ -157,10 +159,65 @@ static int kc_rsa_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA * rsa, int padding) { - return -1; + struct kc_rsa *kc = RSA_get_app_data(rsa); + + CSSM_RETURN cret; + OSStatus ret; + const CSSM_ACCESS_CREDENTIALS *creds; + SecKeyRef privKeyRef = (SecKeyRef)kc->item; + CSSM_CSP_HANDLE cspHandle; + const CSSM_KEY *cssmKey; + CSSM_CC_HANDLE handle = 0; + CSSM_DATA out, in, rem; + int fret = 0; + CSSM_SIZE outlen = 0; + char remdata[1024]; + + if (padding != RSA_PKCS1_PADDING) + return -1; + + cret = SecKeyGetCSSMKey(privKeyRef, &cssmKey); + if(cret) abort(); + + cret = SecKeyGetCSPHandle(privKeyRef, &cspHandle); + if(cret) abort(); + + ret = SecKeyGetCredentials(privKeyRef, CSSM_ACL_AUTHORIZATION_DECRYPT, + kSecCredentialTypeDefault, &creds); + if(ret) abort(); + + + ret = CSSM_CSP_CreateAsymmetricContext (cspHandle, + CSSM_ALGID_RSA, + creds, + cssmKey, + CSSM_PADDING_PKCS1, + &handle); + if(ret) abort(); + + in.Data = (uint8 *)from; + in.Length = flen; + + out.Data = (uint8 *)to; + out.Length = kc->keysize; + + rem.Data = (uint8 *)remdata; + rem.Length = sizeof(remdata); + + cret = CSSM_DecryptData(handle, &in, 1, &out, 1, &outlen, &rem); + if(cret) { + /* cssmErrorString(cret); */ + fret = -1; + } else + fret = out.Length; + + if(handle) + CSSM_DeleteContext(handle); + + return fret; } -static int +static int kc_rsa_init(RSA *rsa) { return 1; @@ -202,7 +259,7 @@ set_private_key(hx509_context context, RSA *rsa; int ret; - ret = _hx509_private_key_init(&key, NULL, NULL); + ret = hx509_private_key_init(&key, NULL, NULL); if (ret) return ret; @@ -245,7 +302,7 @@ set_private_key(hx509_context context, if (ret != 1) _hx509_abort("RSA_set_app_data"); - _hx509_private_key_assign_rsa(key, rsa); + hx509_private_key_assign_rsa(key, rsa); _hx509_cert_assign_key(cert, key); return 0; @@ -281,12 +338,12 @@ keychain_init(hx509_context context, ret = SecKeychainOpen(residue + 5, &ctx->keychain); if (ret != noErr) { - hx509_set_error_string(context, 0, ENOENT, + hx509_set_error_string(context, 0, ENOENT, "Failed to open %s", residue); return ENOENT; } } else { - hx509_set_error_string(context, 0, ENOENT, + hx509_set_error_string(context, 0, ENOENT, "Unknown subtype %s", residue); return ENOENT; } @@ -321,7 +378,7 @@ struct iter { SecKeychainSearchRef searchRef; }; -static int +static int keychain_iter_start(hx509_context context, hx509_certs certs, void *data, void **cursor) { @@ -339,7 +396,7 @@ keychain_iter_start(hx509_context context, int ret; int i; - ret = hx509_certs_init(context, "MEMORY:ks-file-create", + ret = hx509_certs_init(context, "MEMORY:ks-file-create", 0, NULL, &iter->certs); if (ret) { free(iter); @@ -350,12 +407,12 @@ keychain_iter_start(hx509_context context, if (ret != 0) { hx509_certs_free(&iter->certs); free(iter); - hx509_set_error_string(context, 0, ENOMEM, + hx509_set_error_string(context, 0, ENOMEM, "Can't get trust anchors from Keychain"); return ENOMEM; } for (i = 0; i < CFArrayGetCount(anchors); i++) { - SecCertificateRef cr; + SecCertificateRef cr; hx509_cert cert; CSSM_DATA cssm; @@ -390,7 +447,7 @@ keychain_iter_start(hx509_context context, &iter->searchRef); if (ret) { free(iter); - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Failed to start search for attributes"); return ENOMEM; } @@ -428,7 +485,7 @@ keychain_iter(hx509_context context, return 0; else if (ret != 0) return EINVAL; - + /* * Pick out certificate and matching "keyid" */ @@ -438,7 +495,7 @@ keychain_iter(hx509_context context, attrInfo.count = 1; attrInfo.tag = item; attrInfo.format = attrFormat; - + ret = SecKeychainItemCopyAttributesAndData(itemRef, &attrInfo, NULL, &attrs, &len, &ptr); if (ret) @@ -448,7 +505,7 @@ keychain_iter(hx509_context context, if (ret) goto out; - /* + /* * Find related private key if there is one by looking at * kSecPublicKeyHashItemAttr == kSecKeyLabel */ @@ -460,7 +517,7 @@ keychain_iter(hx509_context context, attrKeyid.tag = kSecKeyLabel; attrKeyid.length = attrs->attr[0].length; attrKeyid.data = attrs->attr[0].data; - + attrList.count = 1; attrList.attr = &attrKeyid; @@ -504,8 +561,7 @@ keychain_iter_end(hx509_context context, struct iter *iter = cursor; if (iter->certs) { - int ret; - ret = hx509_certs_end_seq(context, iter->certs, iter->cursor); + hx509_certs_end_seq(context, iter->certs, iter->cursor); hx509_certs_free(&iter->certs); } else { CFRelease(iter->searchRef); diff --git a/lib/hx509/ks_mem.c b/lib/hx509/ks_mem.c index efa19eb19c54..684acb0adf35 100644 --- a/lib/hx509/ks_mem.c +++ b/lib/hx509/ks_mem.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("Id$"); /* * Should use two hash/tree certificates intead of a array. Criteria @@ -74,12 +73,12 @@ mem_free(hx509_certs certs, void *data) { struct mem_data *mem = data; unsigned long i; - + for (i = 0; i < mem->certs.len; i++) hx509_cert_free(mem->certs.val[i]); free(mem->certs.val); for (i = 0; mem->keys && mem->keys[i]; i++) - _hx509_private_key_free(&mem->keys[i]); + hx509_private_key_free(&mem->keys[i]); free(mem->keys); free(mem->name); free(mem); @@ -87,13 +86,13 @@ mem_free(hx509_certs certs, void *data) return 0; } -static int +static int mem_add(hx509_context context, hx509_certs certs, void *data, hx509_cert c) { struct mem_data *mem = data; hx509_cert *val; - val = realloc(mem->certs.val, + val = realloc(mem->certs.val, (mem->certs.len + 1) * sizeof(mem->certs.val[0])); if (val == NULL) return ENOMEM; @@ -105,7 +104,7 @@ mem_add(hx509_context context, hx509_certs certs, void *data, hx509_cert c) return 0; } -static int +static int mem_iter_start(hx509_context context, hx509_certs certs, void *data, @@ -125,7 +124,7 @@ mem_iter_start(hx509_context context, static int mem_iter(hx509_context contexst, hx509_certs certs, - void *data, + void *data, void *cursor, hx509_cert *cert) { @@ -168,11 +167,11 @@ mem_getkeys(hx509_context context, (*keys)[i] = _hx509_private_key_ref(mem->keys[i]); if ((*keys)[i] == NULL) { while (--i >= 0) - _hx509_private_key_free(&(*keys)[i]); + hx509_private_key_free(&(*keys)[i]); hx509_set_error_string(context, 0, ENOMEM, "out of memory"); return ENOMEM; } - } + } (*keys)[i] = NULL; return 0; } @@ -195,8 +194,8 @@ mem_addkey(hx509_context context, return ENOMEM; } mem->keys = ptr; - mem->keys[i++] = _hx509_private_key_ref(key); - mem->keys[i++] = NULL; + mem->keys[i] = _hx509_private_key_ref(key); + mem->keys[i + 1] = NULL; return 0; } diff --git a/lib/hx509/ks_null.c b/lib/hx509/ks_null.c index 3be259fc6052..136d2d43459f 100644 --- a/lib/hx509/ks_null.c +++ b/lib/hx509/ks_null.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: ks_null.c 20901 2007-06-04 23:14:08Z lha $"); static int @@ -51,7 +50,7 @@ null_free(hx509_certs certs, void *data) return 0; } -static int +static int null_iter_start(hx509_context context, hx509_certs certs, void *data, void **cursor) { diff --git a/lib/hx509/ks_p11.c b/lib/hx509/ks_p11.c index 0d7c312c7241..120bf43ef437 100644 --- a/lib/hx509/ks_p11.c +++ b/lib/hx509/ks_p11.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: ks_p11.c 22071 2007-11-14 20:04:50Z lha $"); #ifdef HAVE_DLFCN_H #include #endif @@ -65,7 +64,7 @@ struct p11_module { void *dl_handle; CK_FUNCTION_LIST_PTR funcs; CK_ULONG num_slots; - unsigned int refcount; + unsigned int ref; struct p11_slot *slot; }; @@ -83,7 +82,7 @@ static void p11_release_module(struct p11_module *); static int p11_list_keys(hx509_context, struct p11_module *, - struct p11_slot *, + struct p11_slot *, CK_SESSION_HANDLE, hx509_lock, hx509_certs *); @@ -121,7 +120,7 @@ p11_rsa_public_decrypt(int flen, static int -p11_rsa_private_encrypt(int flen, +p11_rsa_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, @@ -152,8 +151,8 @@ p11_rsa_private_encrypt(int flen, return -1; } - ret = P11FUNC(p11rsa->p, Sign, - (session, (CK_BYTE *)from, flen, to, &ck_sigsize)); + ret = P11FUNC(p11rsa->p, Sign, + (session, (CK_BYTE *)(intptr_t)from, flen, to, &ck_sigsize)); p11_put_session(p11rsa->p, p11rsa->slot, session); if (ret != CKR_OK) return -1; @@ -190,8 +189,8 @@ p11_rsa_private_decrypt(int flen, const unsigned char *from, unsigned char *to, return -1; } - ret = P11FUNC(p11rsa->p, Decrypt, - (session, (CK_BYTE *)from, flen, to, &ck_sigsize)); + ret = P11FUNC(p11rsa->p, Decrypt, + (session, (CK_BYTE *)(intptr_t)from, flen, to, &ck_sigsize)); p11_put_session(p11rsa->p, p11rsa->slot, session); if (ret != CKR_OK) return -1; @@ -199,7 +198,7 @@ p11_rsa_private_decrypt(int flen, const unsigned char *from, unsigned char *to, return ck_sigsize; } -static int +static int p11_rsa_init(RSA *rsa) { return 1; @@ -299,7 +298,7 @@ p11_mech_info(hx509_context context, } static int -p11_init_slot(hx509_context context, +p11_init_slot(hx509_context context, struct p11_module *p, hx509_lock lock, CK_SLOT_ID id, @@ -309,7 +308,8 @@ p11_init_slot(hx509_context context, CK_SESSION_HANDLE session; CK_SLOT_INFO slot_info; CK_TOKEN_INFO token_info; - int ret, i; + size_t i; + int ret; slot->certs = NULL; slot->id = id; @@ -331,7 +331,7 @@ p11_init_slot(hx509_context context, } asprintf(&slot->name, "%.*s", - i, slot_info.slotDescription); + (int)i, slot_info.slotDescription); if ((slot_info.flags & CKF_TOKEN_PRESENT) == 0) return 0; @@ -375,14 +375,14 @@ p11_get_session(hx509_context context, if (slot->flags & P11_SESSION_IN_USE) _hx509_abort("slot already in session"); - + if (slot->flags & P11_SESSION) { slot->flags |= P11_SESSION_IN_USE; *psession = slot->session; return 0; } - ret = P11FUNC(p, OpenSession, (slot->id, + ret = P11FUNC(p, OpenSession, (slot->id, CKF_SERIAL_SESSION, NULL, NULL, @@ -395,10 +395,10 @@ p11_get_session(hx509_context context, (int)slot->id, ret); return HX509_PKCS11_OPEN_SESSION; } - + slot->flags |= P11_SESSION; - - /* + + /* * If we have have to login, and haven't tried before and have a * prompter or known to work pin code. * @@ -418,8 +418,6 @@ p11_get_session(hx509_context context, char pin[20]; char *str; - slot->flags |= P11_LOGIN_DONE; - if (slot->pin == NULL) { memset(&prompt, 0, sizeof(prompt)); @@ -429,7 +427,7 @@ p11_get_session(hx509_context context, prompt.type = HX509_PROMPT_TYPE_PASSWORD; prompt.reply.data = pin; prompt.reply.length = sizeof(pin); - + ret = hx509_lock_prompt(lock, &prompt); if (ret) { free(str); @@ -453,16 +451,16 @@ p11_get_session(hx509_context context, "Failed to login on slot id %d " "with error: 0x%08x", (int)slot->id, ret); - p11_put_session(p, slot, slot->session); return HX509_PKCS11_LOGIN; - } + } else + slot->flags |= P11_LOGIN_DONE; + if (slot->pin == NULL) { slot->pin = strdup(pin); if (slot->pin == NULL) { if (context) hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - p11_put_session(p, slot, slot->session); return ENOMEM; } } @@ -478,7 +476,7 @@ p11_get_session(hx509_context context, static int p11_put_session(struct p11_module *p, - struct p11_slot *slot, + struct p11_slot *slot, CK_SESSION_HANDLE session) { if ((slot->flags & P11_SESSION_IN_USE) == 0) @@ -502,7 +500,7 @@ iterate_entries(hx509_context context, { CK_OBJECT_HANDLE object; CK_ULONG object_count; - int ret, i; + int ret, ret2, i; ret = P11FUNC(p, FindObjectsInit, (session, search_data, num_search_data)); if (ret != CKR_OK) { @@ -515,11 +513,11 @@ iterate_entries(hx509_context context, } if (object_count == 0) break; - + for (i = 0; i < num_query; i++) query[i].pValue = NULL; - ret = P11FUNC(p, GetAttributeValue, + ret = P11FUNC(p, GetAttributeValue, (session, object, query, num_query)); if (ret != CKR_OK) { return -1; @@ -537,7 +535,7 @@ iterate_entries(hx509_context context, ret = -1; goto out; } - + ret = (*func)(context, p, slot, session, object, ptr, query, num_query); if (ret) goto out; @@ -556,20 +554,19 @@ iterate_entries(hx509_context context, query[i].pValue = NULL; } - ret = P11FUNC(p, FindObjectsFinal, (session)); - if (ret != CKR_OK) { - return -2; + ret2 = P11FUNC(p, FindObjectsFinal, (session)); + if (ret2 != CKR_OK) { + return ret2; } - - return 0; + return ret; } - + static BIGNUM * getattr_bn(struct p11_module *p, struct p11_slot *slot, CK_SESSION_HANDLE session, - CK_OBJECT_HANDLE object, + CK_OBJECT_HANDLE object, unsigned int type) { CK_ATTRIBUTE query; @@ -580,14 +577,14 @@ getattr_bn(struct p11_module *p, query.pValue = NULL; query.ulValueLen = 0; - ret = P11FUNC(p, GetAttributeValue, + ret = P11FUNC(p, GetAttributeValue, (session, object, &query, 1)); if (ret != CKR_OK) return NULL; query.pValue = malloc(query.ulValueLen); - ret = P11FUNC(p, GetAttributeValue, + ret = P11FUNC(p, GetAttributeValue, (session, object, &query, 1)); if (ret != CKR_OK) { free(query.pValue); @@ -616,7 +613,7 @@ collect_private_key(hx509_context context, localKeyId.data = query[0].pValue; localKeyId.length = query[0].ulValueLen; - ret = _hx509_private_key_init(&key, NULL, NULL); + ret = hx509_private_key_init(&key, NULL, NULL); if (ret) return ret; @@ -624,7 +621,7 @@ collect_private_key(hx509_context context, if (rsa == NULL) _hx509_abort("out of memory"); - /* + /* * The exponent and modulus should always be present according to * the pkcs11 specification, but some smartcards leaves it out, * let ignore any failure to fetch it. @@ -639,17 +636,19 @@ collect_private_key(hx509_context context, p11rsa->p = p; p11rsa->slot = slot; p11rsa->private_key = object; - - p->refcount++; - if (p->refcount == 0) - _hx509_abort("pkcs11 refcount to high"); + + if (p->ref == 0) + _hx509_abort("pkcs11 ref == 0 on alloc"); + p->ref++; + if (p->ref == UINT_MAX) + _hx509_abort("pkcs11 ref == UINT_MAX on alloc"); RSA_set_method(rsa, &p11_rsa_pkcs1_method); ret = RSA_set_app_data(rsa, p11rsa); if (ret != 1) _hx509_abort("RSA_set_app_data"); - _hx509_private_key_assign_rsa(key, rsa); + hx509_private_key_assign_rsa(key, rsa); ret = _hx509_collector_private_key_add(context, collector, @@ -659,7 +658,7 @@ collect_private_key(hx509_context context, &localKeyId); if (ret) { - _hx509_private_key_free(&key); + hx509_private_key_free(&key); return ret; } return 0; @@ -674,7 +673,7 @@ p11_cert_release(hx509_cert cert, void *ctx) static int -collect_cert(hx509_context context, +collect_cert(hx509_context context, struct p11_module *p, struct p11_slot *slot, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, @@ -685,31 +684,33 @@ collect_cert(hx509_context context, int ret; if ((CK_LONG)query[0].ulValueLen == -1 || - (CK_LONG)query[1].ulValueLen == -1) + (CK_LONG)query[1].ulValueLen == -1) { return 0; } - ret = hx509_cert_init_data(context, query[1].pValue, + ret = hx509_cert_init_data(context, query[1].pValue, query[1].ulValueLen, &cert); if (ret) return ret; - p->refcount++; - if (p->refcount == 0) - _hx509_abort("pkcs11 refcount to high"); + if (p->ref == 0) + _hx509_abort("pkcs11 ref == 0 on alloc"); + p->ref++; + if (p->ref == UINT_MAX) + _hx509_abort("pkcs11 ref to high"); _hx509_cert_set_release(cert, p11_cert_release, p); { heim_octet_string data; - + data.data = query[0].pValue; data.length = query[0].ulValueLen; - + _hx509_set_cert_attribute(context, cert, - oid_id_pkcs_9_at_localKeyId(), + &asn1_oid_id_pkcs_9_at_localKeyId, &data); } @@ -734,7 +735,7 @@ collect_cert(hx509_context context, static int p11_list_keys(hx509_context context, struct p11_module *p, - struct p11_slot *slot, + struct p11_slot *slot, CK_SESSION_HANDLE session, hx509_lock lock, hx509_certs *certs) @@ -788,7 +789,7 @@ p11_list_keys(hx509_context context, static int p11_init(hx509_context context, - hx509_certs certs, void **data, int flags, + hx509_certs certs, void **data, int flags, const char *residue, hx509_lock lock) { CK_C_GetFunctionList getFuncs; @@ -808,7 +809,7 @@ p11_init(hx509_context context, return ENOMEM; } - p->refcount = 1; + p->ref = 1; str = strchr(list, ','); if (str) @@ -834,11 +835,11 @@ p11_init(hx509_context context, goto out; } - getFuncs = dlsym(p->dl_handle, "C_GetFunctionList"); + getFuncs = (CK_C_GetFunctionList) dlsym(p->dl_handle, "C_GetFunctionList"); if (getFuncs == NULL) { ret = HX509_PKCS11_LOAD; hx509_set_error_string(context, 0, ret, - "C_GetFunctionList missing in %s: %s", + "C_GetFunctionList missing in %s: %s", list, dlerror()); goto out; } @@ -877,7 +878,8 @@ p11_init(hx509_context context, { CK_SLOT_ID_PTR slot_ids; - int i, num_tokens = 0; + int num_tokens = 0; + size_t i; slot_ids = malloc(p->num_slots * sizeof(*slot_ids)); if (slot_ids == NULL) { @@ -904,7 +906,7 @@ p11_init(hx509_context context, ret = ENOMEM; goto out; } - + for (i = 0; i < p->num_slots; i++) { ret = p11_init_slot(context, p, lock, slot_ids[i], i, &p->slot[i]); if (ret) @@ -924,7 +926,7 @@ p11_init(hx509_context context, *data = p; return 0; - out: + out: p11_release_module(p); return ret; } @@ -932,22 +934,18 @@ p11_init(hx509_context context, static void p11_release_module(struct p11_module *p) { - int i; + size_t i; - if (p->refcount == 0) - _hx509_abort("pkcs11 refcount to low"); - if (--p->refcount > 0) + if (p->ref == 0) + _hx509_abort("pkcs11 ref to low"); + if (--p->ref > 0) return; for (i = 0; i < p->num_slots; i++) { if (p->slot[i].flags & P11_SESSION_IN_USE) _hx509_abort("pkcs11 module release while session in use"); if (p->slot[i].flags & P11_SESSION) { - int ret; - - ret = P11FUNC(p, CloseSession, (p->slot[i].session)); - if (ret != CKR_OK) - ; + P11FUNC(p, CloseSession, (p->slot[i].session)); } if (p->slot[i].name) @@ -960,7 +958,7 @@ p11_release_module(struct p11_module *p) free(p->slot[i].mechs.list); if (p->slot[i].mechs.infos) { - int j; + size_t j; for (j = 0 ; j < p->slot[i].mechs.num ; j++) free(p->slot[i].mechs.infos[j]); @@ -984,7 +982,7 @@ static int p11_free(hx509_certs certs, void *data) { struct p11_module *p = data; - int i; + size_t i; for (i = 0; i < p->num_slots; i++) { if (p->slot[i].certs) @@ -999,13 +997,14 @@ struct p11_cursor { void *cursor; }; -static int +static int p11_iter_start(hx509_context context, hx509_certs certs, void *data, void **cursor) { struct p11_module *p = data; struct p11_cursor *c; - int ret, i; + int ret; + size_t i; c = malloc(sizeof(*c)); if (c == NULL) { @@ -1099,16 +1098,16 @@ static struct units mechflags[] = { #undef MECHFLAG static int -p11_printinfo(hx509_context context, - hx509_certs certs, +p11_printinfo(hx509_context context, + hx509_certs certs, void *data, int (*func)(void *, const char *), void *ctx) { struct p11_module *p = data; - int i, j; - - _hx509_pi_printf(func, ctx, "pkcs11 driver with %d slot%s", + size_t i, j; + + _hx509_pi_printf(func, ctx, "pkcs11 driver with %d slot%s", p->num_slots, p->num_slots > 1 ? "s" : ""); for (i = 0; i < p->num_slots; i++) { @@ -1117,7 +1116,7 @@ p11_printinfo(hx509_context context, _hx509_pi_printf(func, ctx, "slot %d: id: %d name: %s flags: %08x", i, (int)s->id, s->name, s->flags); - _hx509_pi_printf(func, ctx, "number of supported mechanisms: %lu", + _hx509_pi_printf(func, ctx, "number of supported mechanisms: %lu", (unsigned long)s->mechs.num); for (j = 0; j < s->mechs.num; j++) { const char *mechname = "unknown"; @@ -1142,7 +1141,6 @@ p11_printinfo(hx509_context context, MECHNAME(CKM_SHA256, "sha256"); MECHNAME(CKM_SHA_1, "sha1"); MECHNAME(CKM_MD5, "md5"); - MECHNAME(CKM_MD2, "md2"); MECHNAME(CKM_RIPEMD160, "ripemd-160"); MECHNAME(CKM_DES_ECB, "des-ecb"); MECHNAME(CKM_DES_CBC, "des-cbc"); @@ -1151,13 +1149,13 @@ p11_printinfo(hx509_context context, MECHNAME(CKM_DH_PKCS_PARAMETER_GEN, "dh-pkcs-parameter-gen"); default: snprintf(unknownname, sizeof(unknownname), - "unknown-mech-%lu", + "unknown-mech-%lu", (unsigned long)s->mechs.list[j]); mechname = unknownname; break; } #undef MECHNAME - unparse_flags(s->mechs.infos[j]->flags, mechflags, + unparse_flags(s->mechs.infos[j]->flags, mechflags, flags, sizeof(flags)); _hx509_pi_printf(func, ctx, " %s: %s", mechname, flags); diff --git a/lib/hx509/ks_p12.c b/lib/hx509/ks_p12.c index 12756e6c071d..0ca13de1eb34 100644 --- a/lib/hx509/ks_p12.c +++ b/lib/hx509/ks_p12.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: ks_p12.c 21146 2007-06-18 21:37:25Z lha $"); struct ks_pkcs12 { hx509_certs certs; @@ -45,19 +44,19 @@ typedef int (*collector_func)(hx509_context, const PKCS12_Attributes *); struct type { - const heim_oid * (*oid)(void); + const heim_oid *oid; collector_func func; }; static void -parse_pkcs12_type(hx509_context, struct hx509_collector *, const heim_oid *, +parse_pkcs12_type(hx509_context, struct hx509_collector *, const heim_oid *, const void *, size_t, const PKCS12_Attributes *); static const PKCS12_Attribute * find_attribute(const PKCS12_Attributes *attrs, const heim_oid *oid) { - int i; + size_t i; if (attrs == NULL) return NULL; for (i = 0; i < attrs->len; i++) @@ -68,7 +67,7 @@ find_attribute(const PKCS12_Attributes *attrs, const heim_oid *oid) static int keyBag_parser(hx509_context context, - struct hx509_collector *c, + struct hx509_collector *c, const void *data, size_t length, const PKCS12_Attributes *attrs) { @@ -77,14 +76,14 @@ keyBag_parser(hx509_context context, const heim_octet_string *os = NULL; int ret; - attr = find_attribute(attrs, oid_id_pkcs_9_at_localKeyId()); + attr = find_attribute(attrs, &asn1_oid_id_pkcs_9_at_localKeyId); if (attr) os = &attr->attrValues; ret = decode_PKCS8PrivateKeyInfo(data, length, &ki, NULL); if (ret) return ret; - + _hx509_collector_private_key_add(context, c, &ki.privateKeyAlgorithm, @@ -97,16 +96,16 @@ keyBag_parser(hx509_context context, static int ShroudedKeyBag_parser(hx509_context context, - struct hx509_collector *c, + struct hx509_collector *c, const void *data, size_t length, const PKCS12_Attributes *attrs) { PKCS8EncryptedPrivateKeyInfo pk; heim_octet_string content; int ret; - + memset(&pk, 0, sizeof(pk)); - + ret = decode_PKCS8EncryptedPrivateKeyInfo(data, length, &pk, NULL); if (ret) return ret; @@ -127,7 +126,7 @@ ShroudedKeyBag_parser(hx509_context context, static int certBag_parser(hx509_context context, - struct hx509_collector *c, + struct hx509_collector *c, const void *data, size_t length, const PKCS12_Attributes *attrs) { @@ -140,12 +139,12 @@ certBag_parser(hx509_context context, if (ret) return ret; - if (der_heim_oid_cmp(oid_id_pkcs_9_at_certTypes_x509(), &cb.certType)) { + if (der_heim_oid_cmp(&asn1_oid_id_pkcs_9_at_certTypes_x509, &cb.certType)) { free_PKCS12_CertBag(&cb); return 0; } - ret = decode_PKCS12_OctetString(cb.certValue.data, + ret = decode_PKCS12_OctetString(cb.certValue.data, cb.certValue.length, &os, NULL); @@ -166,18 +165,18 @@ certBag_parser(hx509_context context, { const PKCS12_Attribute *attr; - const heim_oid * (*oids[])(void) = { - oid_id_pkcs_9_at_localKeyId, oid_id_pkcs_9_at_friendlyName + const heim_oid *oids[] = { + &asn1_oid_id_pkcs_9_at_localKeyId, &asn1_oid_id_pkcs_9_at_friendlyName }; - int i; + size_t i; - for (i = 0; i < sizeof(oids)/sizeof(oids[0]); i++) { - const heim_oid *oid = (*(oids[i]))(); + for (i = 0; i < sizeof(oids)/sizeof(oids[0]); i++) { + const heim_oid *oid = oids[i]; attr = find_attribute(attrs, oid); if (attr) _hx509_set_cert_attribute(context, cert, oid, &attr->attrValues); - } + } } hx509_cert_free(cert); @@ -187,11 +186,12 @@ certBag_parser(hx509_context context, static int parse_safe_content(hx509_context context, - struct hx509_collector *c, + struct hx509_collector *c, const unsigned char *p, size_t len) { PKCS12_SafeContents sc; - int ret, i; + int ret; + size_t i; memset(&sc, 0, sizeof(sc)); @@ -213,7 +213,7 @@ parse_safe_content(hx509_context context, static int safeContent_parser(hx509_context context, - struct hx509_collector *c, + struct hx509_collector *c, const void *data, size_t length, const PKCS12_Attributes *attrs) { @@ -237,7 +237,7 @@ encryptedData_parser(hx509_context context, heim_octet_string content; heim_oid contentType; int ret; - + memset(&contentType, 0, sizeof(contentType)); ret = hx509_cms_decrypt_encrypted(context, @@ -248,7 +248,7 @@ encryptedData_parser(hx509_context context, if (ret) return ret; - if (der_heim_oid_cmp(&contentType, oid_id_pkcs7_data()) == 0) + if (der_heim_oid_cmp(&contentType, &asn1_oid_id_pkcs7_data) == 0) ret = parse_safe_content(context, c, content.data, content.length); der_free_octet_string(&content); @@ -266,7 +266,7 @@ envelopedData_parser(hx509_context context, heim_oid contentType; hx509_lock lock; int ret; - + memset(&contentType, 0, sizeof(contentType)); lock = _hx509_collector_get_lock(c); @@ -276,15 +276,16 @@ envelopedData_parser(hx509_context context, 0, data, length, NULL, + 0, &contentType, &content); if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, + hx509_set_error_string(context, HX509_ERROR_APPEND, ret, "PKCS12 failed to unenvelope"); return ret; } - if (der_heim_oid_cmp(&contentType, oid_id_pkcs7_data()) == 0) + if (der_heim_oid_cmp(&contentType, &asn1_oid_id_pkcs7_data) == 0) ret = parse_safe_content(context, c, content.data, content.length); der_free_octet_string(&content); @@ -295,31 +296,31 @@ envelopedData_parser(hx509_context context, struct type bagtypes[] = { - { oid_id_pkcs12_keyBag, keyBag_parser }, - { oid_id_pkcs12_pkcs8ShroudedKeyBag, ShroudedKeyBag_parser }, - { oid_id_pkcs12_certBag, certBag_parser }, - { oid_id_pkcs7_data, safeContent_parser }, - { oid_id_pkcs7_encryptedData, encryptedData_parser }, - { oid_id_pkcs7_envelopedData, envelopedData_parser } + { &asn1_oid_id_pkcs12_keyBag, keyBag_parser }, + { &asn1_oid_id_pkcs12_pkcs8ShroudedKeyBag, ShroudedKeyBag_parser }, + { &asn1_oid_id_pkcs12_certBag, certBag_parser }, + { &asn1_oid_id_pkcs7_data, safeContent_parser }, + { &asn1_oid_id_pkcs7_encryptedData, encryptedData_parser }, + { &asn1_oid_id_pkcs7_envelopedData, envelopedData_parser } }; static void parse_pkcs12_type(hx509_context context, struct hx509_collector *c, - const heim_oid *oid, + const heim_oid *oid, const void *data, size_t length, const PKCS12_Attributes *attrs) { - int i; + size_t i; for (i = 0; i < sizeof(bagtypes)/sizeof(bagtypes[0]); i++) - if (der_heim_oid_cmp((*bagtypes[i].oid)(), oid) == 0) + if (der_heim_oid_cmp(bagtypes[i].oid, oid) == 0) (*bagtypes[i].func)(context, c, data, length, attrs); } static int p12_init(hx509_context context, - hx509_certs certs, void **data, int flags, + hx509_certs certs, void **data, int flags, const char *residue, hx509_lock lock) { struct ks_pkcs12 *p12; @@ -327,7 +328,8 @@ p12_init(hx509_context context, void *buf; PKCS12_PFX pfx; PKCS12_AuthenticatedSafe as; - int ret, i; + int ret; + size_t i; struct hx509_collector *c; *data = NULL; @@ -361,21 +363,21 @@ p12_init(hx509_context context, goto out; } - ret = _hx509_map_file(residue, &buf, &len, NULL); + ret = rk_undumpdata(residue, &buf, &len); if (ret) { hx509_clear_error_string(context); goto out; } ret = decode_PKCS12_PFX(buf, len, &pfx, NULL); - _hx509_unmap_file(buf, len); + rk_xfree(buf); if (ret) { hx509_set_error_string(context, 0, ret, "Failed to decode the PFX in %s", residue); goto out; } - if (der_heim_oid_cmp(&pfx.authSafe.contentType, oid_id_pkcs7_data()) != 0) { + if (der_heim_oid_cmp(&pfx.authSafe.contentType, &asn1_oid_id_pkcs7_data) != 0) { free_PKCS12_PFX(&pfx); ret = EINVAL; hx509_set_error_string(context, 0, ret, @@ -403,7 +405,7 @@ p12_init(hx509_context context, hx509_clear_error_string(context); goto out; } - ret = decode_PKCS12_AuthenticatedSafe(asdata.data, + ret = decode_PKCS12_AuthenticatedSafe(asdata.data, asdata.length, &as, NULL); @@ -464,7 +466,7 @@ addBag(hx509_context context, hx509_set_error_string(context, 0, ret, "out of memory"); return ret; } - + as->val[as->len].content = calloc(1, sizeof(*as->val[0].content)); if (as->val[as->len].content == NULL) { der_free_oid(&as->val[as->len].contentType); @@ -505,7 +507,7 @@ store_func(hx509_context context, void *ctx, hx509_cert c) free(os.data); if (ret) goto out; - ret = der_copy_oid(oid_id_pkcs_9_at_certTypes_x509(), &cb.certType); + ret = der_copy_oid(&asn1_oid_id_pkcs_9_at_certTypes_x509, &cb.certType); if (ret) { free_PKCS12_CertBag(&cb); goto out; @@ -516,7 +518,7 @@ store_func(hx509_context context, void *ctx, hx509_cert c) if (ret) goto out; - ret = addBag(context, as, oid_id_pkcs12_certBag(), os.data, os.length); + ret = addBag(context, as, &asn1_oid_id_pkcs12_certBag, os.data, os.length); if (_hx509_cert_private_key_exportable(c)) { hx509_private_key key = _hx509_cert_private_key(c); @@ -527,7 +529,7 @@ store_func(hx509_context context, void *ctx, hx509_cert c) ret = der_parse_hex_heim_integer("00", &pki.version); if (ret) return ret; - ret = _hx509_private_key_oid(context, key, + ret = _hx509_private_key_oid(context, key, &pki.privateKeyAlgorithm.algorithm); if (ret) { free_PKCS8PrivateKeyInfo(&pki); @@ -535,12 +537,13 @@ store_func(hx509_context context, void *ctx, hx509_cert c) } ret = _hx509_private_key_export(context, _hx509_cert_private_key(c), + HX509_KEY_FORMAT_DER, &pki.privateKey); if (ret) { free_PKCS8PrivateKeyInfo(&pki); return ret; } - /* set attribute, oid_id_pkcs_9_at_localKeyId() */ + /* set attribute, asn1_oid_id_pkcs_9_at_localKeyId */ ASN1_MALLOC_ENCODE(PKCS8PrivateKeyInfo, os.data, os.length, &pki, &size, ret); @@ -548,7 +551,7 @@ store_func(hx509_context context, void *ctx, hx509_cert c) if (ret) return ret; - ret = addBag(context, as, oid_id_pkcs12_keyBag(), os.data, os.length); + ret = addBag(context, as, &asn1_oid_id_pkcs12_keyBag, os.data, os.length); if (ret) return ret; } @@ -558,7 +561,7 @@ store_func(hx509_context context, void *ctx, hx509_cert c) } static int -p12_store(hx509_context context, +p12_store(hx509_context context, hx509_certs certs, void *data, int flags, hx509_lock lock) { struct ks_pkcs12 *p12 = data; @@ -571,7 +574,7 @@ p12_store(hx509_context context, memset(&as, 0, sizeof(as)); memset(&pfx, 0, sizeof(pfx)); - ret = hx509_certs_iter(context, p12->certs, store_func, &as); + ret = hx509_certs_iter_f(context, p12->certs, store_func, &as); if (ret) goto out; @@ -580,7 +583,7 @@ p12_store(hx509_context context, free_PKCS12_AuthenticatedSafe(&as); if (ret) return ret; - + ret = der_parse_hex_heim_integer("03", &pfx.version); if (ret) { free(asdata.data); @@ -589,7 +592,7 @@ p12_store(hx509_context context, pfx.authSafe.content = calloc(1, sizeof(*pfx.authSafe.content)); - ASN1_MALLOC_ENCODE(PKCS12_OctetString, + ASN1_MALLOC_ENCODE(PKCS12_OctetString, pfx.authSafe.content->data, pfx.authSafe.content->length, &asdata, &size, ret); @@ -597,7 +600,7 @@ p12_store(hx509_context context, if (ret) goto out; - ret = der_copy_oid(oid_id_pkcs7_data(), &pfx.authSafe.contentType); + ret = der_copy_oid(&asn1_oid_id_pkcs7_data, &pfx.authSafe.contentType); if (ret) goto out; @@ -646,14 +649,14 @@ p12_free(hx509_certs certs, void *data) return 0; } -static int +static int p12_add(hx509_context context, hx509_certs certs, void *data, hx509_cert c) { struct ks_pkcs12 *p12 = data; return hx509_certs_add(context, p12->certs, c); } -static int +static int p12_iter_start(hx509_context context, hx509_certs certs, void *data, diff --git a/lib/hx509/libhx509-exports.def b/lib/hx509/libhx509-exports.def new file mode 100644 index 000000000000..f8973a091396 --- /dev/null +++ b/lib/hx509/libhx509-exports.def @@ -0,0 +1,235 @@ +EXPORTS + _hx509_cert_assign_key + _hx509_cert_private_key + _hx509_certs_keys_free + _hx509_certs_keys_get + _hx509_expr_eval + _hx509_expr_free + _hx509_expr_parse + _hx509_generate_private_key + _hx509_generate_private_key_bits + _hx509_generate_private_key_free + _hx509_generate_private_key_init + _hx509_generate_private_key_is_ca + _hx509_map_file_os + _hx509_name_from_Name + hx509_private_key2SPKI + hx509_private_key_free + _hx509_private_key_ref + _hx509_request_add_dns_name + _hx509_request_add_email + hx509_request_free + hx509_request_get_SubjectPublicKeyInfo + hx509_request_get_name + hx509_request_init + _hx509_request_parse + _hx509_request_print + hx509_request_set_SubjectPublicKeyInfo +; _hx509_request_set_email + hx509_request_set_name + _hx509_request_to_pkcs10 + _hx509_request_to_pkcs10 + _hx509_unmap_file_os + _hx509_write_file + hx509_bitstring_print + hx509_ca_sign + hx509_ca_sign_self + hx509_ca_tbs_add_crl_dp_uri + hx509_ca_tbs_add_eku + hx509_ca_tbs_add_san_hostname + hx509_ca_tbs_add_san_jid + hx509_ca_tbs_add_san_ms_upn + hx509_ca_tbs_add_san_otherName + hx509_ca_tbs_add_san_pkinit + hx509_ca_tbs_add_san_rfc822name + hx509_ca_tbs_free + hx509_ca_tbs_init + hx509_ca_tbs_set_ca + hx509_ca_tbs_set_domaincontroller + hx509_ca_tbs_set_notAfter + hx509_ca_tbs_set_notAfter_lifetime + hx509_ca_tbs_set_notBefore + hx509_ca_tbs_set_proxy + hx509_ca_tbs_set_serialnumber + hx509_ca_tbs_set_spki + hx509_ca_tbs_set_subject + hx509_ca_tbs_set_template + hx509_ca_tbs_subject_expand + hx509_ca_tbs_template_units +; hx509_cert +; hx509_cert_attribute + hx509_cert_binary + hx509_cert_check_eku + hx509_cert_cmp + hx509_cert_find_subjectAltName_otherName + hx509_cert_free + hx509_cert_get_SPKI + hx509_cert_get_SPKI_AlgorithmIdentifier + hx509_cert_get_attribute + hx509_cert_get_base_subject + hx509_cert_get_friendly_name + hx509_cert_get_issuer + hx509_cert_get_notAfter + hx509_cert_get_notBefore + hx509_cert_get_serialnumber + hx509_cert_get_subject + hx509_cert_init + hx509_cert_init_data + hx509_cert_keyusage_print + hx509_cert_ref + hx509_cert_set_friendly_name + hx509_certs_add + hx509_certs_append + hx509_certs_end_seq + hx509_certs_ref + hx509_certs_filter + hx509_certs_find + hx509_certs_free + hx509_certs_info + hx509_certs_init +; hx509_certs_iter + hx509_certs_iter_f + hx509_certs_merge + hx509_certs_next_cert + hx509_certs_start_seq + hx509_certs_store + hx509_ci_print_names + hx509_clear_error_string + hx509_cms_create_signed + hx509_cms_create_signed_1 + hx509_cms_decrypt_encrypted + hx509_cms_envelope_1 + hx509_cms_unenvelope + hx509_cms_unwrap_ContentInfo + hx509_cms_verify_signed + hx509_cms_wrap_ContentInfo + hx509_context_free + hx509_context_init + hx509_context_set_missing_revoke + hx509_crl_add_revoked_certs + hx509_crl_alloc + hx509_crl_free + hx509_crl_lifetime + hx509_crl_sign + hx509_crypto_aes128_cbc + hx509_crypto_aes256_cbc + hx509_crypto_allow_weak + hx509_crypto_available + hx509_crypto_decrypt + hx509_crypto_des_rsdi_ede3_cbc + hx509_crypto_destroy + hx509_crypto_encrypt + hx509_crypto_enctype_by_name + hx509_crypto_free_algs + hx509_crypto_get_params + hx509_crypto_init + hx509_crypto_provider + hx509_crypto_select + hx509_crypto_set_key_data + hx509_crypto_set_key_name + hx509_crypto_set_padding + hx509_crypto_set_params + hx509_crypto_set_random_key + hx509_env_add + hx509_env_add_binding + hx509_env_find + hx509_env_find_binding + hx509_env_free +; hx509_env_init + hx509_env_lfind + hx509_err + hx509_free_error_string + hx509_free_octet_string_list + hx509_general_name_unparse + hx509_get_error_string + hx509_get_one_cert + hx509_lock_add_cert + hx509_lock_add_certs + hx509_lock_add_password + hx509_lock_command_string + hx509_lock_free + hx509_lock_init + hx509_lock_prompt + hx509_lock_reset_certs + hx509_lock_reset_passwords + hx509_lock_reset_promper + hx509_lock_set_prompter + hx509_name_binary + hx509_name_cmp + hx509_name_copy + hx509_name_expand + hx509_name_free + hx509_name_is_null_p + hx509_name_normalize + hx509_name_to_Name + hx509_name_to_string + hx509_ocsp_request + hx509_ocsp_verify + hx509_oid_print + hx509_oid_sprint + hx509_parse_name + hx509_peer_info_add_cms_alg + hx509_peer_info_alloc + hx509_peer_info_free + hx509_peer_info_set_cert + hx509_peer_info_set_cms_algs + hx509_pem_add_header + hx509_pem_find_header + hx509_pem_free_header + hx509_pem_read + hx509_pem_write + hx509_print_stdout + hx509_print_cert + hx509_prompt_hidden + hx509_query_alloc + hx509_query_free + hx509_query_match_cmp_func + hx509_query_match_eku + hx509_query_match_expr + hx509_query_match_friendly_name + hx509_query_match_issuer_serial + hx509_query_match_option + hx509_query_statistic_file + hx509_query_unparse_stats + hx509_revoke_add_crl + hx509_revoke_add_ocsp + hx509_revoke_free + hx509_revoke_init + hx509_revoke_ocsp_print + hx509_revoke_verify + hx509_set_error_string + hx509_set_error_stringv + hx509_signature_md5 + hx509_signature_rsa + hx509_signature_rsa_with_md5 + hx509_signature_rsa_with_sha1 + hx509_signature_rsa_with_sha256 + hx509_signature_rsa_with_sha384 + hx509_signature_rsa_with_sha512 + hx509_signature_sha1 + hx509_signature_sha256 + hx509_signature_sha384 + hx509_signature_sha512 + hx509_unparse_der_name + hx509_validate_cert + hx509_validate_ctx_add_flags + hx509_validate_ctx_free + hx509_validate_ctx_init + hx509_validate_ctx_set_print + hx509_verify_attach_anchors + hx509_verify_attach_revoke + hx509_verify_ctx_f_allow_default_trustanchors + hx509_verify_destroy_ctx + hx509_verify_hostname + hx509_verify_init_ctx + hx509_verify_path + hx509_verify_set_max_depth + hx509_verify_set_proxy_certificate + hx509_verify_set_strict_rfc3280_verification + hx509_verify_set_time + hx509_verify_signature + hx509_xfree + initialize_hx_error_table_r + +; pkcs11 symbols + C_GetFunctionList diff --git a/lib/hx509/lock.c b/lib/hx509/lock.c index e835aee35af0..b72d45962b62 100644 --- a/lib/hx509/lock.c +++ b/lib/hx509/lock.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: lock.c 22327 2007-12-15 04:49:37Z lha $"); /** * @page page_lock Locking and unlocking certificates and encrypted data. @@ -69,8 +68,8 @@ hx509_lock_init(hx509_context context, hx509_lock *lock) if (l == NULL) return ENOMEM; - ret = hx509_certs_init(context, - "MEMORY:locks-internal", + ret = hx509_certs_init(context, + "MEMORY:locks-internal", 0, NULL, &l->certs); @@ -122,7 +121,7 @@ _hx509_lock_unlock_certs(hx509_lock lock) void hx509_lock_reset_passwords(hx509_lock lock) { - int i; + size_t i; for (i = 0; i < lock->password.len; i++) free(lock->password.val[i]); free(lock->password.val); @@ -147,8 +146,8 @@ hx509_lock_reset_certs(hx509_context context, hx509_lock lock) { hx509_certs certs = lock->certs; int ret; - - ret = hx509_certs_init(context, + + ret = hx509_certs_init(context, "MEMORY:locks-internal", 0, NULL, @@ -181,7 +180,7 @@ hx509_lock_reset_promper(hx509_lock lock) lock->prompt_data = NULL; } -static int +static int default_prompter(void *data, const hx509_prompt *prompter) { if (hx509_prompt_hidden(prompter->type)) { @@ -215,10 +214,12 @@ hx509_lock_prompt(hx509_lock lock, hx509_prompt *prompt) void hx509_lock_free(hx509_lock lock) { - hx509_certs_free(&lock->certs); - hx509_lock_reset_passwords(lock); - memset(lock, 0, sizeof(*lock)); - free(lock); + if (lock) { + hx509_certs_free(&lock->certs); + hx509_lock_reset_passwords(lock); + memset(lock, 0, sizeof(*lock)); + free(lock); + } } int diff --git a/lib/hx509/name.c b/lib/hx509/name.c index 69fafe1b8a17..efd7b703422f 100644 --- a/lib/hx509/name.c +++ b/lib/hx509/name.c @@ -1,38 +1,39 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: name.c 22432 2008-01-13 14:08:03Z lha $"); +#include +#include "char_map.h" /** * @page page_name PKIX/X.509 Names @@ -43,7 +44,7 @@ RCSID("$Id: name.c 22432 2008-01-13 14:08:03Z lha $"); * (RDN). Each RDN consists of an unordered list of typed strings. The * types are defined by OID and have long and short description. For * example id-at-commonName (2.5.4.3) have the long name CommonName - * and short name CN. The string itself can be of serveral encoding, + * and short name CN. The string itself can be of several encoding, * UTF8, UTF16, Teltex string, etc. The type limit what encoding * should be used. * @@ -62,27 +63,28 @@ RCSID("$Id: name.c 22432 2008-01-13 14:08:03Z lha $"); static const struct { const char *n; - const heim_oid *(*o)(void); + const heim_oid *o; + wind_profile_flags flags; } no[] = { - { "C", oid_id_at_countryName }, - { "CN", oid_id_at_commonName }, - { "DC", oid_id_domainComponent }, - { "L", oid_id_at_localityName }, - { "O", oid_id_at_organizationName }, - { "OU", oid_id_at_organizationalUnitName }, - { "S", oid_id_at_stateOrProvinceName }, - { "STREET", oid_id_at_streetAddress }, - { "UID", oid_id_Userid }, - { "emailAddress", oid_id_pkcs9_emailAddress }, - { "serialNumber", oid_id_at_serialNumber } + { "C", &asn1_oid_id_at_countryName, 0 }, + { "CN", &asn1_oid_id_at_commonName, 0 }, + { "DC", &asn1_oid_id_domainComponent, 0 }, + { "L", &asn1_oid_id_at_localityName, 0 }, + { "O", &asn1_oid_id_at_organizationName, 0 }, + { "OU", &asn1_oid_id_at_organizationalUnitName, 0 }, + { "S", &asn1_oid_id_at_stateOrProvinceName, 0 }, + { "STREET", &asn1_oid_id_at_streetAddress, 0 }, + { "UID", &asn1_oid_id_Userid, 0 }, + { "emailAddress", &asn1_oid_id_pkcs9_emailAddress, 0 }, + { "serialNumber", &asn1_oid_id_at_serialNumber, 0 } }; static char * -quote_string(const char *f, size_t len, size_t *rlen) +quote_string(const char *f, size_t len, int flags, size_t *rlen) { size_t i, j, tolen; - const char *from = f; - char *to; + const unsigned char *from = (const unsigned char *)f; + unsigned char *to; tolen = len * 3 + 1; to = malloc(tolen); @@ -90,37 +92,40 @@ quote_string(const char *f, size_t len, size_t *rlen) return NULL; for (i = 0, j = 0; i < len; i++) { - if (from[i] == ' ' && i + 1 < len) - to[j++] = from[i]; - else if (from[i] == ',' || from[i] == '=' || from[i] == '+' || - from[i] == '<' || from[i] == '>' || from[i] == '#' || - from[i] == ';' || from[i] == ' ') - { + unsigned char map = char_map[from[i]] & flags; + if (i == 0 && (map & Q_RFC2253_QUOTE_FIRST)) { to[j++] = '\\'; to[j++] = from[i]; - } else if (((unsigned char)from[i]) >= 32 && ((unsigned char)from[i]) <= 127) { + } else if ((i + 1) == len && (map & Q_RFC2253_QUOTE_LAST)) { + + to[j++] = '\\'; to[j++] = from[i]; - } else { - int l = snprintf(&to[j], tolen - j - 1, + } else if (map & Q_RFC2253_QUOTE) { + to[j++] = '\\'; + to[j++] = from[i]; + } else if (map & Q_RFC2253_HEX) { + int l = snprintf((char *)&to[j], tolen - j - 1, "#%02x", (unsigned char)from[i]); j += l; + } else { + to[j++] = from[i]; } } to[j] = '\0'; assert(j < tolen); *rlen = j; - return to; + return (char *)to; } static int -append_string(char **str, size_t *total_len, const char *ss, +append_string(char **str, size_t *total_len, const char *ss, size_t len, int quote) { char *s, *qs; if (quote) - qs = quote_string(ss, len, &len); + qs = quote_string(ss, len, Q_RFC2253, &len); else qs = rk_UNCONST(ss); @@ -141,9 +146,9 @@ oidtostring(const heim_oid *type) { char *s; size_t i; - + for (i = 0; i < sizeof(no)/sizeof(no[0]); i++) { - if (der_heim_oid_cmp((*no[i].o)(), type) == 0) + if (der_heim_oid_cmp(no[i].o, type) == 0) return strdup(no[i].n); } if (der_print_heim_oid(type, '.', &s) != 0) @@ -154,14 +159,15 @@ oidtostring(const heim_oid *type) static int stringtooid(const char *name, size_t len, heim_oid *oid) { - int i, ret; + int ret; + size_t i; char *s; - + memset(oid, 0, sizeof(*oid)); for (i = 0; i < sizeof(no)/sizeof(no[0]); i++) { if (strncasecmp(no[i].n, name, len) == 0) - return der_copy_oid((*no[i].o)(), oid); + return der_copy_oid(no[i].o, oid); } s = malloc(len + 1); if (s == NULL) @@ -195,63 +201,81 @@ int _hx509_Name_to_string(const Name *n, char **str) { size_t total_len = 0; - int i, j; + size_t i, j, m; + int ret; *str = strdup(""); if (*str == NULL) return ENOMEM; - for (i = n->u.rdnSequence.len - 1 ; i >= 0 ; i--) { - int len; + for (m = n->u.rdnSequence.len; m > 0; m--) { + size_t len; + i = m - 1; for (j = 0; j < n->u.rdnSequence.val[i].len; j++) { DirectoryString *ds = &n->u.rdnSequence.val[i].val[j].value; char *oidname; char *ss; - + oidname = oidtostring(&n->u.rdnSequence.val[i].val[j].type); switch(ds->element) { case choice_DirectoryString_ia5String: - ss = ds->u.ia5String; + ss = ds->u.ia5String.data; + len = ds->u.ia5String.length; break; case choice_DirectoryString_printableString: - ss = ds->u.printableString; + ss = ds->u.printableString.data; + len = ds->u.printableString.length; break; case choice_DirectoryString_utf8String: ss = ds->u.utf8String; + len = strlen(ss); break; case choice_DirectoryString_bmpString: { - uint16_t *bmp = ds->u.bmpString.data; + const uint16_t *bmp = ds->u.bmpString.data; size_t bmplen = ds->u.bmpString.length; size_t k; - ss = malloc(bmplen + 1); + ret = wind_ucs2utf8_length(bmp, bmplen, &k); + if (ret) + return ret; + + ss = malloc(k + 1); if (ss == NULL) _hx509_abort("allocation failure"); /* XXX */ - for (k = 0; k < bmplen; k++) - ss[k] = bmp[k] & 0xff; /* XXX */ + ret = wind_ucs2utf8(bmp, bmplen, ss, NULL); + if (ret) { + free(ss); + return ret; + } ss[k] = '\0'; + len = k; break; } case choice_DirectoryString_teletexString: - ss = malloc(ds->u.teletexString.length + 1); - if (ss == NULL) - _hx509_abort("allocation failure"); /* XXX */ - memcpy(ss, ds->u.teletexString.data, ds->u.teletexString.length); - ss[ds->u.teletexString.length] = '\0'; + ss = ds->u.teletexString; + len = strlen(ss); break; case choice_DirectoryString_universalString: { - uint32_t *uni = ds->u.universalString.data; + const uint32_t *uni = ds->u.universalString.data; size_t unilen = ds->u.universalString.length; size_t k; - ss = malloc(unilen + 1); + ret = wind_ucs4utf8_length(uni, unilen, &k); + if (ret) + return ret; + + ss = malloc(k + 1); if (ss == NULL) _hx509_abort("allocation failure"); /* XXX */ - for (k = 0; k < unilen; k++) - ss[k] = uni[k] & 0xff; /* XXX */ + ret = wind_ucs4utf8(uni, unilen, ss, NULL); + if (ret) { + free(ss); + return ret; + } ss[k] = '\0'; + len = k; break; } default: @@ -261,11 +285,9 @@ _hx509_Name_to_string(const Name *n, char **str) append_string(str, &total_len, oidname, strlen(oidname), 0); free(oidname); append_string(str, &total_len, "=", 1, 0); - len = strlen(ss); append_string(str, &total_len, ss, len, 1); - if (ds->element == choice_DirectoryString_universalString || - ds->element == choice_DirectoryString_bmpString || - ds->element == choice_DirectoryString_teletexString) + if (ds->element == choice_DirectoryString_bmpString || + ds->element == choice_DirectoryString_universalString) { free(ss); } @@ -279,95 +301,174 @@ _hx509_Name_to_string(const Name *n, char **str) return 0; } -/* - * XXX this function is broken, it needs to compare code points, not - * bytes. - */ +#define COPYCHARARRAY(_ds,_el,_l,_n) \ + (_l) = strlen(_ds->u._el); \ + (_n) = malloc((_l) * sizeof((_n)[0])); \ + if ((_n) == NULL) \ + return ENOMEM; \ + for (i = 0; i < (_l); i++) \ + (_n)[i] = _ds->u._el[i] -static void -prune_space(const unsigned char **s) + +#define COPYVALARRAY(_ds,_el,_l,_n) \ + (_l) = _ds->u._el.length; \ + (_n) = malloc((_l) * sizeof((_n)[0])); \ + if ((_n) == NULL) \ + return ENOMEM; \ + for (i = 0; i < (_l); i++) \ + (_n)[i] = _ds->u._el.data[i] + +#define COPYVOIDARRAY(_ds,_el,_l,_n) \ + (_l) = _ds->u._el.length; \ + (_n) = malloc((_l) * sizeof((_n)[0])); \ + if ((_n) == NULL) \ + return ENOMEM; \ + for (i = 0; i < (_l); i++) \ + (_n)[i] = ((unsigned char *)_ds->u._el.data)[i] + + + +static int +dsstringprep(const DirectoryString *ds, uint32_t **rname, size_t *rlen) { - while (**s == ' ') - (*s)++; -} + wind_profile_flags flags; + size_t i, len; + int ret; + uint32_t *name; -int -_hx509_name_ds_cmp(const DirectoryString *ds1, const DirectoryString *ds2) -{ - int c; + *rname = NULL; + *rlen = 0; - c = ds1->element - ds2->element; - if (c) - return c; - - switch(ds1->element) { + switch(ds->element) { case choice_DirectoryString_ia5String: - c = strcmp(ds1->u.ia5String, ds2->u.ia5String); + flags = WIND_PROFILE_LDAP; + COPYVOIDARRAY(ds, ia5String, len, name); + break; + case choice_DirectoryString_printableString: + flags = WIND_PROFILE_LDAP; + flags |= WIND_PROFILE_LDAP_CASE_EXACT_ATTRIBUTE; + COPYVOIDARRAY(ds, printableString, len, name); break; case choice_DirectoryString_teletexString: - c = der_heim_octet_string_cmp(&ds1->u.teletexString, - &ds2->u.teletexString); - break; - case choice_DirectoryString_printableString: { - const unsigned char *s1 = (unsigned char*)ds1->u.printableString; - const unsigned char *s2 = (unsigned char*)ds2->u.printableString; - prune_space(&s1); prune_space(&s2); - while (*s1 && *s2) { - if (toupper(*s1) != toupper(*s2)) { - c = toupper(*s1) - toupper(*s2); - break; - } - if (*s1 == ' ') { prune_space(&s1); prune_space(&s2); } - else { s1++; s2++; } - } - prune_space(&s1); prune_space(&s2); - c = *s1 - *s2; - break; - } - case choice_DirectoryString_utf8String: - c = strcmp(ds1->u.utf8String, ds2->u.utf8String); - break; - case choice_DirectoryString_universalString: - c = der_heim_universal_string_cmp(&ds1->u.universalString, - &ds2->u.universalString); + flags = WIND_PROFILE_LDAP_CASE; + COPYCHARARRAY(ds, teletexString, len, name); break; case choice_DirectoryString_bmpString: - c = der_heim_bmp_string_cmp(&ds1->u.bmpString, - &ds2->u.bmpString); + flags = WIND_PROFILE_LDAP; + COPYVALARRAY(ds, bmpString, len, name); + break; + case choice_DirectoryString_universalString: + flags = WIND_PROFILE_LDAP; + COPYVALARRAY(ds, universalString, len, name); + break; + case choice_DirectoryString_utf8String: + flags = WIND_PROFILE_LDAP; + ret = wind_utf8ucs4_length(ds->u.utf8String, &len); + if (ret) + return ret; + name = malloc(len * sizeof(name[0])); + if (name == NULL) + return ENOMEM; + ret = wind_utf8ucs4(ds->u.utf8String, name, &len); + if (ret) { + free(name); + return ret; + } break; default: - c = 1; - break; + _hx509_abort("unknown directory type: %d", ds->element); } - return c; + + *rlen = len; + /* try a couple of times to get the length right, XXX gross */ + for (i = 0; i < 4; i++) { + *rlen = *rlen * 2; + *rname = malloc(*rlen * sizeof((*rname)[0])); + + ret = wind_stringprep(name, len, *rname, rlen, flags); + if (ret == WIND_ERR_OVERRUN) { + free(*rname); + *rname = NULL; + continue; + } else + break; + } + free(name); + if (ret) { + if (*rname) + free(*rname); + *rname = NULL; + *rlen = 0; + return ret; + } + + return 0; } int -_hx509_name_cmp(const Name *n1, const Name *n2) +_hx509_name_ds_cmp(const DirectoryString *ds1, + const DirectoryString *ds2, + int *diff) { - int i, j, c; + uint32_t *ds1lp, *ds2lp; + size_t ds1len, ds2len, i; + int ret; - c = n1->u.rdnSequence.len - n2->u.rdnSequence.len; - if (c) - return c; + ret = dsstringprep(ds1, &ds1lp, &ds1len); + if (ret) + return ret; + ret = dsstringprep(ds2, &ds2lp, &ds2len); + if (ret) { + free(ds1lp); + return ret; + } - for (i = 0 ; i < n1->u.rdnSequence.len; i++) { - c = n1->u.rdnSequence.val[i].len - n2->u.rdnSequence.val[i].len; - if (c) - return c; - - for (j = 0; j < n1->u.rdnSequence.val[i].len; j++) { - c = der_heim_oid_cmp(&n1->u.rdnSequence.val[i].val[j].type, - &n1->u.rdnSequence.val[i].val[j].type); - if (c) - return c; - - c = _hx509_name_ds_cmp(&n1->u.rdnSequence.val[i].val[j].value, - &n2->u.rdnSequence.val[i].val[j].value); - if (c) - return c; + if (ds1len != ds2len) + *diff = ds1len - ds2len; + else { + for (i = 0; i < ds1len; i++) { + *diff = ds1lp[i] - ds2lp[i]; + if (*diff) + break; } } + free(ds1lp); + free(ds2lp); + + return 0; +} + +int +_hx509_name_cmp(const Name *n1, const Name *n2, int *c) +{ + int ret; + size_t i, j; + + *c = n1->u.rdnSequence.len - n2->u.rdnSequence.len; + if (*c) + return 0; + + for (i = 0 ; i < n1->u.rdnSequence.len; i++) { + *c = n1->u.rdnSequence.val[i].len - n2->u.rdnSequence.val[i].len; + if (*c) + return 0; + + for (j = 0; j < n1->u.rdnSequence.val[i].len; j++) { + *c = der_heim_oid_cmp(&n1->u.rdnSequence.val[i].val[j].type, + &n1->u.rdnSequence.val[i].val[j].type); + if (*c) + return 0; + + ret = _hx509_name_ds_cmp(&n1->u.rdnSequence.val[i].val[j].value, + &n2->u.rdnSequence.val[i].val[j].value, + c); + if (ret) + return ret; + if (*c) + return 0; + } + } + *c = 0; return 0; } @@ -386,7 +487,11 @@ _hx509_name_cmp(const Name *n1, const Name *n2) int hx509_name_cmp(hx509_name n1, hx509_name n2) { - return _hx509_name_cmp(&n1->der_name, &n2->der_name); + int ret, diff; + ret = _hx509_name_cmp(&n1->der_name, &n2->der_name, &diff); + if (ret) + return ret; + return diff; } @@ -407,17 +512,17 @@ _hx509_name_from_Name(const Name *n, hx509_name *name) int _hx509_name_modify(hx509_context context, - Name *name, + Name *name, int append, - const heim_oid *oid, + const heim_oid *oid, const char *str) { RelativeDistinguishedName *rdn; int ret; void *ptr; - ptr = realloc(name->u.rdnSequence.val, - sizeof(name->u.rdnSequence.val[0]) * + ptr = realloc(name->u.rdnSequence.val, + sizeof(name->u.rdnSequence.val[0]) * (name->u.rdnSequence.len + 1)); if (ptr == NULL) { hx509_set_error_string(context, 0, ENOMEM, "Out of memory"); @@ -430,9 +535,9 @@ _hx509_name_modify(hx509_context context, } else { memmove(&name->u.rdnSequence.val[1], &name->u.rdnSequence.val[0], - name->u.rdnSequence.len * + name->u.rdnSequence.len * sizeof(name->u.rdnSequence.val[0])); - + rdn = &name->u.rdnSequence.val[0]; } rdn->val = malloc(sizeof(rdn->val[0])); @@ -504,12 +609,12 @@ hx509_parse_name(hx509_context context, const char *str, hx509_name *name) } if (q == p) { ret = HX509_PARSING_NAME_FAILED; - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "missing name before = in %s", p); goto out; } - - if ((q - p) > len) { + + if ((size_t)(q - p) > len) { ret = HX509_PARSING_NAME_FAILED; hx509_set_error_string(context, 0, ret, " = after , in %s", p); goto out; @@ -518,16 +623,16 @@ hx509_parse_name(hx509_context context, const char *str, hx509_name *name) ret = stringtooid(p, q - p, &oid); if (ret) { ret = HX509_PARSING_NAME_FAILED; - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "unknown type: %.*s", (int)(q - p), p); goto out; } - + { size_t pstr_len = len - (q - p) - 1; const char *pstr = p + (q - p) + 1; char *r; - + r = malloc(pstr_len + 1); if (r == NULL) { der_free_oid(&oid); @@ -626,7 +731,7 @@ hx509_name_expand(hx509_context context, hx509_env env) { Name *n = &name->der_name; - int i, j; + size_t i, j; if (env == NULL) return 0; @@ -658,8 +763,8 @@ hx509_name_expand(hx509_context context, } p = strstr(ds->u.utf8String, "${"); if (p) { - strpool = rk_strpoolprintf(strpool, "%.*s", - (int)(p - ds->u.utf8String), + strpool = rk_strpoolprintf(strpool, "%.*s", + (int)(p - ds->u.utf8String), ds->u.utf8String); if (strpool == NULL) { hx509_set_error_string(context, 0, ENOMEM, "out of memory"); @@ -678,7 +783,7 @@ hx509_name_expand(hx509_context context, p += 2; value = hx509_env_lfind(context, env, p, p2 - p); if (value == NULL) { - hx509_set_error_string(context, 0, EINVAL, + hx509_set_error_string(context, 0, EINVAL, "variable %.*s missing", (int)(p2 - p), p); rk_strpoolfree(strpool); @@ -693,7 +798,7 @@ hx509_name_expand(hx509_context context, p = strstr(p2, "${"); if (p) - strpool = rk_strpoolprintf(strpool, "%.*s", + strpool = rk_strpoolprintf(strpool, "%.*s", (int)(p - p2), p2); else strpool = rk_strpoolprintf(strpool, "%s", p2); @@ -824,7 +929,7 @@ hx509_name_is_null_p(const hx509_name name) * @param name the name to print * @param str an allocated string returns the name in string form * - * @return An hx509 error code, see krb5_get_error_string(). + * @return An hx509 error code, see hx509_get_error_string(). * * @ingroup hx509_name */ @@ -838,21 +943,23 @@ hx509_general_name_unparse(GeneralName *name, char **str) switch (name->element) { case choice_GeneralName_otherName: { - char *str; - hx509_oid_sprint(&name->u.otherName.type_id, &str); - if (str == NULL) + char *oid; + hx509_oid_sprint(&name->u.otherName.type_id, &oid); + if (oid == NULL) return ENOMEM; - strpool = rk_strpoolprintf(strpool, "otherName: %s", str); - free(str); + strpool = rk_strpoolprintf(strpool, "otherName: %s", oid); + free(oid); break; } case choice_GeneralName_rfc822Name: - strpool = rk_strpoolprintf(strpool, "rfc822Name: %s\n", - name->u.rfc822Name); + strpool = rk_strpoolprintf(strpool, "rfc822Name: %.*s\n", + (int)name->u.rfc822Name.length, + (char *)name->u.rfc822Name.data); break; case choice_GeneralName_dNSName: - strpool = rk_strpoolprintf(strpool, "dNSName: %s\n", - name->u.dNSName); + strpool = rk_strpoolprintf(strpool, "dNSName: %.*s\n", + (int)name->u.dNSName.length, + (char *)name->u.dNSName.data); break; case choice_GeneralName_directoryName: { Name dir; @@ -869,8 +976,9 @@ hx509_general_name_unparse(GeneralName *name, char **str) break; } case choice_GeneralName_uniformResourceIdentifier: - strpool = rk_strpoolprintf(strpool, "URI: %s", - name->u.uniformResourceIdentifier); + strpool = rk_strpoolprintf(strpool, "URI: %.*s", + (int)name->u.uniformResourceIdentifier.length, + (char *)name->u.uniformResourceIdentifier.data); break; case choice_GeneralName_iPAddress: { unsigned char *a = name->u.iPAddress.data; @@ -879,31 +987,31 @@ hx509_general_name_unparse(GeneralName *name, char **str) if (strpool == NULL) break; if (name->u.iPAddress.length == 4) - strpool = rk_strpoolprintf(strpool, "%d.%d.%d.%d", + strpool = rk_strpoolprintf(strpool, "%d.%d.%d.%d", a[0], a[1], a[2], a[3]); else if (name->u.iPAddress.length == 16) - strpool = rk_strpoolprintf(strpool, + strpool = rk_strpoolprintf(strpool, "%02X:%02X:%02X:%02X:" "%02X:%02X:%02X:%02X:" "%02X:%02X:%02X:%02X:" - "%02X:%02X:%02X:%02X", + "%02X:%02X:%02X:%02X", a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15]); else - strpool = rk_strpoolprintf(strpool, + strpool = rk_strpoolprintf(strpool, "unknown IP address of length %lu", (unsigned long)name->u.iPAddress.length); break; } case choice_GeneralName_registeredID: { - char *str; - hx509_oid_sprint(&name->u.registeredID, &str); - if (str == NULL) + char *oid; + hx509_oid_sprint(&name->u.registeredID, &oid); + if (oid == NULL) return ENOMEM; - strpool = rk_strpoolprintf(strpool, "registeredID: %s", str); - free(str); + strpool = rk_strpoolprintf(strpool, "registeredID: %s", oid); + free(oid); break; } default: diff --git a/lib/hx509/ocsp.asn1 b/lib/hx509/ocsp.asn1 index d8ecd66ccf70..eb090a4cc768 100644 --- a/lib/hx509/ocsp.asn1 +++ b/lib/hx509/ocsp.asn1 @@ -1,5 +1,5 @@ -- From rfc2560 --- $Id: ocsp.asn1 19576 2006-12-30 12:40:43Z lha $ +-- $Id$ OCSP DEFINITIONS EXPLICIT TAGS::= BEGIN diff --git a/lib/hx509/ocsp.opt b/lib/hx509/ocsp.opt new file mode 100644 index 000000000000..697aa03e19e8 --- /dev/null +++ b/lib/hx509/ocsp.opt @@ -0,0 +1,2 @@ +--preserve-binary=OCSPTBSRequest +--preserve-binary=OCSPResponseData diff --git a/lib/hx509/peer.c b/lib/hx509/peer.c index eb0ecd2bdefb..457f6c4d04b6 100644 --- a/lib/hx509/peer.c +++ b/lib/hx509/peer.c @@ -1,38 +1,39 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: peer.c 22345 2007-12-26 19:03:51Z lha $"); /** * @page page_peer Hx509 crypto selecting functions @@ -120,6 +121,40 @@ hx509_peer_info_set_cert(hx509_peer_info peer, return 0; } +/** + * Add an additional algorithm that the peer supports. + * + * @param context A hx509 context. + * @param peer the peer to set the new algorithms for + * @param val an AlgorithmsIdentier to add + * + * @return An hx509 error code, see hx509_get_error_string(). + * + * @ingroup hx509_peer + */ + +int +hx509_peer_info_add_cms_alg(hx509_context context, + hx509_peer_info peer, + const AlgorithmIdentifier *val) +{ + void *ptr; + int ret; + + ptr = realloc(peer->val, sizeof(peer->val[0]) * (peer->len + 1)); + if (ptr == NULL) { + hx509_set_error_string(context, 0, ENOMEM, "out of memory"); + return ENOMEM; + } + peer->val = ptr; + ret = copy_AlgorithmIdentifier(val, &peer->val[peer->len]); + if (ret == 0) + peer->len += 1; + else + hx509_set_error_string(context, 0, ret, "out of memory"); + return ret; +} + /** * Set the algorithms that the peer supports. * diff --git a/lib/hx509/pkcs10.asn1 b/lib/hx509/pkcs10.asn1 index 518fe3bfa36a..f3fe37b1bf9e 100644 --- a/lib/hx509/pkcs10.asn1 +++ b/lib/hx509/pkcs10.asn1 @@ -1,4 +1,4 @@ --- $Id: pkcs10.asn1 16918 2006-04-01 09:46:57Z lha $ +-- $Id$ PKCS10 DEFINITIONS ::= BEGIN diff --git a/lib/hx509/pkcs10.opt b/lib/hx509/pkcs10.opt new file mode 100644 index 000000000000..499fab2f6ba2 --- /dev/null +++ b/lib/hx509/pkcs10.opt @@ -0,0 +1 @@ +--preserve-binary=CertificationRequestInfo diff --git a/lib/hx509/print.c b/lib/hx509/print.c index 78ebbafb2f67..1e8bcabfa7e9 100644 --- a/lib/hx509/print.c +++ b/lib/hx509/print.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: print.c 22420 2008-01-13 09:42:35Z lha $"); /** * @page page_print Hx509 printing functions @@ -114,7 +113,7 @@ print_func(hx509_vprint_func func, void *ctx, const char *fmt, ...) /** * Print a oid to a string. - * + * * @param oid oid to print * @param str allocated string, free with hx509_xfree(). * @@ -132,7 +131,7 @@ hx509_oid_sprint(const heim_oid *oid, char **str) /** * Print a oid using a hx509_vprint_func function. To print to stdout * use hx509_print_stdout(). - * + * * @param oid oid to print * @param func hx509_vprint_func to print with. * @param ctx context variable to hx509_vprint_func function. @@ -152,7 +151,7 @@ hx509_oid_print(const heim_oid *oid, hx509_vprint_func func, void *ctx) /** * Print a bitstring using a hx509_vprint_func function. To print to * stdout use hx509_print_stdout(). - * + * * @param b bit string to print. * @param func hx509_vprint_func to print with. * @param ctx context variable to hx509_vprint_func function. @@ -164,11 +163,11 @@ void hx509_bitstring_print(const heim_bit_string *b, hx509_vprint_func func, void *ctx) { - int i; + size_t i; print_func(func, ctx, "\tlength: %d\n\t", b->length); for (i = 0; i < (b->length + 7) / 8; i++) print_func(func, ctx, "%02x%s%s", - ((unsigned char *)b->data)[i], + ((unsigned char *)b->data)[i], i < (b->length - 7) / 8 && (i == 0 || (i % 16) != 15) ? ":" : "", i != 0 && (i % 16) == 15 ? @@ -177,7 +176,7 @@ hx509_bitstring_print(const heim_bit_string *b, /** * Print certificate usage for a certificate to a string. - * + * * @param context A hx509 context. * @param c a certificate print the keyusage for. * @param s the return string with the keysage printed in to, free @@ -234,7 +233,7 @@ validate_print(hx509_validate_ctx ctx, int flags, const char *fmt, ...) va_end(va); } -/* +/* * Dont Care, SHOULD critical, SHOULD NOT critical, MUST critical, * MUST NOT critical */ @@ -275,7 +274,7 @@ check_Null(hx509_validate_ctx ctx, } static int -check_subjectKeyIdentifier(hx509_validate_ctx ctx, +check_subjectKeyIdentifier(hx509_validate_ctx ctx, struct cert_status *status, enum critical_flag cf, const Extension *e) @@ -287,7 +286,7 @@ check_subjectKeyIdentifier(hx509_validate_ctx ctx, status->haveSKI = 1; check_Null(ctx, status, cf, e); - ret = decode_SubjectKeyIdentifier(e->extnValue.data, + ret = decode_SubjectKeyIdentifier(e->extnValue.data, e->extnValue.length, &si, &size); if (ret) { @@ -323,7 +322,7 @@ check_subjectKeyIdentifier(hx509_validate_ctx ctx, } static int -check_authorityKeyIdentifier(hx509_validate_ctx ctx, +check_authorityKeyIdentifier(hx509_validate_ctx ctx, struct cert_status *status, enum critical_flag cf, const Extension *e) @@ -335,10 +334,7 @@ check_authorityKeyIdentifier(hx509_validate_ctx ctx, status->haveAKI = 1; check_Null(ctx, status, cf, e); - status->haveSKI = 1; - check_Null(ctx, status, cf, e); - - ret = decode_AuthorityKeyIdentifier(e->extnValue.data, + ret = decode_AuthorityKeyIdentifier(e->extnValue.data, e->extnValue.length, &ai, &size); if (ret) { @@ -365,6 +361,56 @@ check_authorityKeyIdentifier(hx509_validate_ctx ctx, return 0; } +static int +check_extKeyUsage(hx509_validate_ctx ctx, + struct cert_status *status, + enum critical_flag cf, + const Extension *e) +{ + ExtKeyUsage eku; + size_t size, i; + int ret; + + check_Null(ctx, status, cf, e); + + ret = decode_ExtKeyUsage(e->extnValue.data, + e->extnValue.length, + &eku, &size); + if (ret) { + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + "Decoding ExtKeyUsage failed: %d", ret); + return 1; + } + if (size != e->extnValue.length) { + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + "Padding data in EKU"); + free_ExtKeyUsage(&eku); + return 1; + } + if (eku.len == 0) { + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + "ExtKeyUsage length is 0"); + return 1; + } + + for (i = 0; i < eku.len; i++) { + char *str; + ret = der_print_heim_oid (&eku.val[i], '.', &str); + if (ret) { + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + "\tEKU: failed to print oid %d", i); + free_ExtKeyUsage(&eku); + return 1; + } + validate_print(ctx, HX509_VALIDATE_F_VERBOSE, + "\teku-%d: %s\n", i, str);; + free(str); + } + + free_ExtKeyUsage(&eku); + + return 0; +} static int check_pkinit_san(hx509_validate_ctx ctx, heim_any *a) @@ -389,7 +435,7 @@ check_pkinit_san(hx509_validate_ctx ctx, heim_any *a) /* print kerberos principal, add code to quote / within components */ for (i = 0; i < kn.principalName.name_string.len; i++) { - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s", + validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s", kn.principalName.name_string.val[i]); if (i + 1 < kn.principalName.name_string.len) validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "/"); @@ -428,18 +474,19 @@ check_altnull(hx509_validate_ctx ctx, heim_any *a) } static int -check_CRLDistributionPoints(hx509_validate_ctx ctx, +check_CRLDistributionPoints(hx509_validate_ctx ctx, struct cert_status *status, enum critical_flag cf, const Extension *e) { CRLDistributionPoints dp; size_t size; - int ret, i; + int ret; + size_t i; check_Null(ctx, status, cf, e); - ret = decode_CRLDistributionPoints(e->extnValue.data, + ret = decode_CRLDistributionPoints(e->extnValue.data, e->extnValue.length, &dp, &size); if (ret) { @@ -453,12 +500,12 @@ check_CRLDistributionPoints(hx509_validate_ctx ctx, if (dp.val[i].distributionPoint) { DistributionPointName dpname; heim_any *data = dp.val[i].distributionPoint; - int j; - + size_t j; + ret = decode_DistributionPointName(data->data, data->length, &dpname, NULL); if (ret) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Failed to parse CRL Distribution Point Name: %d\n", ret); continue; } @@ -466,7 +513,7 @@ check_CRLDistributionPoints(hx509_validate_ctx ctx, switch (dpname.element) { case choice_DistributionPointName_fullName: validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "Fullname:\n"); - + for (j = 0 ; j < dpname.u.fullName.len; j++) { char *s; GeneralName *name = &dpname.u.fullName.val[j]; @@ -500,14 +547,14 @@ check_CRLDistributionPoints(hx509_validate_ctx ctx, struct { const char *name; - const heim_oid *(*oid)(void); + const heim_oid *oid; int (*func)(hx509_validate_ctx, heim_any *); -} check_altname[] = { - { "pk-init", oid_id_pkinit_san, check_pkinit_san }, - { "jabber", oid_id_pkix_on_xmppAddr, check_utf8_string_san }, - { "dns-srv", oid_id_pkix_on_dnsSRV, check_altnull }, - { "card-id", oid_id_uspkicommon_card_id, check_altnull }, - { "Microsoft NT-PRINCIPAL-NAME", oid_id_pkinit_ms_san, check_utf8_string_san } +} altname_types[] = { + { "pk-init", &asn1_oid_id_pkinit_san, check_pkinit_san }, + { "jabber", &asn1_oid_id_pkix_on_xmppAddr, check_utf8_string_san }, + { "dns-srv", &asn1_oid_id_pkix_on_dnsSRV, check_altnull }, + { "card-id", &asn1_oid_id_uspkicommon_card_id, check_altnull }, + { "Microsoft NT-PRINCIPAL-NAME", &asn1_oid_id_pkinit_ms_san, check_utf8_string_san } }; static int @@ -519,7 +566,8 @@ check_altName(hx509_validate_ctx ctx, { GeneralNames gn; size_t size; - int ret, i; + int ret; + size_t i; check_Null(ctx, status, cf, e); @@ -532,7 +580,7 @@ check_altName(hx509_validate_ctx ctx, &gn, &size); if (ret) { validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "\tret = %d while decoding %s GeneralNames\n", + "\tret = %d while decoding %s GeneralNames\n", ret, name); return 1; } @@ -550,17 +598,17 @@ check_altName(hx509_validate_ctx ctx, validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%sAltName otherName ", name); - for (j = 0; j < sizeof(check_altname)/sizeof(check_altname[0]); j++) { - if (der_heim_oid_cmp((*check_altname[j].oid)(), + for (j = 0; j < sizeof(altname_types)/sizeof(altname_types[0]); j++) { + if (der_heim_oid_cmp(altname_types[j].oid, &gn.val[i].u.otherName.type_id) != 0) continue; - - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s: ", - check_altname[j].name); - (*check_altname[j].func)(ctx, &gn.val[i].u.otherName.value); + + validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s: ", + altname_types[j].name); + (*altname_types[j].func)(ctx, &gn.val[i].u.otherName.value); break; } - if (j == sizeof(check_altname)/sizeof(check_altname[0])) { + if (j == sizeof(altname_types)/sizeof(altname_types[0])) { hx509_oid_print(&gn.val[i].u.otherName.type_id, validate_vprint, ctx); validate_print(ctx, HX509_VALIDATE_F_VERBOSE, " unknown"); @@ -610,9 +658,9 @@ check_issuerAltName(hx509_validate_ctx ctx, static int -check_basicConstraints(hx509_validate_ctx ctx, +check_basicConstraints(hx509_validate_ctx ctx, struct cert_status *status, - enum critical_flag cf, + enum critical_flag cf, const Extension *e) { BasicConstraints b; @@ -620,7 +668,7 @@ check_basicConstraints(hx509_validate_ctx ctx, int ret; check_Null(ctx, status, cf, e); - + ret = decode_BasicConstraints(e->extnValue.data, e->extnValue.length, &b, &size); if (ret) { @@ -653,9 +701,9 @@ check_basicConstraints(hx509_validate_ctx ctx, } static int -check_proxyCertInfo(hx509_validate_ctx ctx, +check_proxyCertInfo(hx509_validate_ctx ctx, struct cert_status *status, - enum critical_flag cf, + enum critical_flag cf, const Extension *e) { check_Null(ctx, status, cf, e); @@ -664,18 +712,19 @@ check_proxyCertInfo(hx509_validate_ctx ctx, } static int -check_authorityInfoAccess(hx509_validate_ctx ctx, +check_authorityInfoAccess(hx509_validate_ctx ctx, struct cert_status *status, - enum critical_flag cf, + enum critical_flag cf, const Extension *e) { AuthorityInfoAccessSyntax aia; size_t size; - int ret, i; + int ret; + size_t i; check_Null(ctx, status, cf, e); - ret = decode_AuthorityInfoAccessSyntax(e->extnValue.data, + ret = decode_AuthorityInfoAccessSyntax(e->extnValue.data, e->extnValue.length, &aia, &size); if (ret) { @@ -704,14 +753,14 @@ check_authorityInfoAccess(hx509_validate_ctx ctx, struct { const char *name; - const heim_oid *(*oid)(void); - int (*func)(hx509_validate_ctx ctx, + const heim_oid *oid; + int (*func)(hx509_validate_ctx ctx, struct cert_status *status, - enum critical_flag cf, + enum critical_flag cf, const Extension *); enum critical_flag cf; } check_extension[] = { -#define ext(name, checkname) #name, &oid_id_x509_ce_##name, check_##checkname +#define ext(name, checkname) #name, &asn1_oid_id_x509_ce_##name, check_##checkname { ext(subjectDirectoryAttributes, Null), M_N_C }, { ext(subjectKeyIdentifier, subjectKeyIdentifier), M_N_C }, { ext(keyUsage, Null), S_C }, @@ -727,28 +776,28 @@ struct { { ext(certificateIssuer, Null), M_C }, { ext(nameConstraints, Null), M_C }, { ext(cRLDistributionPoints, CRLDistributionPoints), S_N_C }, - { ext(certificatePolicies, Null) }, + { ext(certificatePolicies, Null), 0 }, { ext(policyMappings, Null), M_N_C }, { ext(authorityKeyIdentifier, authorityKeyIdentifier), M_N_C }, { ext(policyConstraints, Null), D_C }, - { ext(extKeyUsage, Null), D_C }, + { ext(extKeyUsage, extKeyUsage), D_C }, { ext(freshestCRL, Null), M_N_C }, { ext(inhibitAnyPolicy, Null), M_C }, #undef ext -#define ext(name, checkname) #name, &oid_id_pkix_pe_##name, check_##checkname +#define ext(name, checkname) #name, &asn1_oid_id_pkix_pe_##name, check_##checkname { ext(proxyCertInfo, proxyCertInfo), M_C }, { ext(authorityInfoAccess, authorityInfoAccess), M_C }, #undef ext - { "US Fed PKI - PIV Interim", oid_id_uspkicommon_piv_interim, + { "US Fed PKI - PIV Interim", &asn1_oid_id_uspkicommon_piv_interim, check_Null, D_C }, - { "Netscape cert comment", oid_id_netscape_cert_comment, + { "Netscape cert comment", &asn1_oid_id_netscape_cert_comment, check_Null, D_C }, - { NULL } + { NULL, NULL, NULL, 0 } }; /** * Allocate a hx509 validation/printing context. - * + * * @param context A hx509 context. * @param ctx a new allocated hx509 validation context, free with * hx509_validate_ctx_free(). @@ -770,7 +819,7 @@ hx509_validate_ctx_init(hx509_context context, hx509_validate_ctx *ctx) /** * Set the printing functions for the validation context. - * + * * @param ctx a hx509 valication context. * @param func the printing function to usea. * @param c the context variable to the printing function. @@ -781,7 +830,7 @@ hx509_validate_ctx_init(hx509_context context, hx509_validate_ctx *ctx) */ void -hx509_validate_ctx_set_print(hx509_validate_ctx ctx, +hx509_validate_ctx_set_print(hx509_validate_ctx ctx, hx509_vprint_func func, void *c) { @@ -792,7 +841,7 @@ hx509_validate_ctx_set_print(hx509_validate_ctx ctx, /** * Add flags to control the behaivor of the hx509_validate_cert() * function. - * + * * @param ctx A hx509 validation context. * @param flags flags to add to the validation context. * @@ -809,7 +858,7 @@ hx509_validate_ctx_add_flags(hx509_validate_ctx ctx, int flags) /** * Free an hx509 validate context. - * + * * @param ctx the hx509 validate context to free. * * @ingroup hx509_print @@ -823,7 +872,7 @@ hx509_validate_ctx_free(hx509_validate_ctx ctx) /** * Validate/Print the status of the certificate. - * + * * @param context A hx509 context. * @param ctx A hx509 validation context. * @param cert the cerificate to validate/print. @@ -850,11 +899,11 @@ hx509_validate_cert(hx509_context context, if (_hx509_cert_get_version(c) != 3) validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "Not version 3 certificate\n"); - + if ((t->version == NULL || *t->version < 2) && t->extensions) validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Not version 3 certificate with extensions\n"); - + if (_hx509_cert_get_version(c) >= 3 && t->extensions == NULL) validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Version 3 certificate without extensions\n"); @@ -890,7 +939,7 @@ hx509_validate_cert(hx509_context context, free(str); if (t->extensions) { - int i, j; + size_t i, j; if (t->extensions->len == 0) { validate_print(ctx, @@ -902,7 +951,7 @@ hx509_validate_cert(hx509_context context, for (i = 0; i < t->extensions->len; i++) { for (j = 0; check_extension[j].name; j++) - if (der_heim_oid_cmp((*check_extension[j].oid)(), + if (der_heim_oid_cmp(check_extension[j].oid, &t->extensions->val[i].extnID) == 0) break; if (check_extension[j].name == NULL) { @@ -913,7 +962,7 @@ hx509_validate_cert(hx509_context context, if (t->extensions->val[i].critical) validate_print(ctx, flags, "and is CRITICAL "); if (ctx->flags & flags) - hx509_oid_print(&t->extensions->val[i].extnID, + hx509_oid_print(&t->extensions->val[i].extnID, validate_vprint, ctx); validate_print(ctx, flags, " is\n"); continue; @@ -929,57 +978,57 @@ hx509_validate_cert(hx509_context context, } } else validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "no extentions\n"); - + if (status.isca) { if (!status.haveSKI) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "CA certificate have no SubjectKeyIdentifier\n"); } else { if (!status.haveAKI) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Is not CA and doesn't have " "AuthorityKeyIdentifier\n"); } - + if (!status.haveSKI) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Doesn't have SubjectKeyIdentifier\n"); if (status.isproxy && status.isca) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Proxy and CA at the same time!\n"); if (status.isproxy) { if (status.haveSAN) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Proxy and have SAN\n"); if (status.haveIAN) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Proxy and have IAN\n"); } if (hx509_name_is_null_p(subject) && !status.haveSAN) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "NULL subject DN and doesn't have a SAN\n"); if (!status.selfsigned && !status.haveCRLDP) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Not a CA nor PROXY and doesn't have" "CRL Dist Point\n"); if (status.selfsigned) { ret = _hx509_verify_signature_bitstring(context, - c, + cert, &c->signatureAlgorithm, &c->tbsCertificate._save, &c->signatureValue); if (ret == 0) - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, + validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "Self-signed certificate was self-signed\n"); else - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Self-signed certificate NOT really self-signed!\n"); } diff --git a/lib/hx509/quote.py b/lib/hx509/quote.py new file mode 100644 index 000000000000..41887e5d4487 --- /dev/null +++ b/lib/hx509/quote.py @@ -0,0 +1,101 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2010 Kungliga Tekniska Högskolan +# (Royal Institute of Technology, Stockholm, Sweden). +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# 3. Neither the name of the Institute nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# + +CONTROL_CHAR = 1 +PRINTABLE = 2 +RFC2253_QUOTE_FIRST = 4 +RFC2253_QUOTE_LAST = 8 +RFC2253_QUOTE = 16 +RFC2253_HEX = 32 + +chars = [] + +for i in range(0, 256): + chars.append(0); + +for i in range(0, 256): + if (i < 32 or i > 126): + chars[i] |= CONTROL_CHAR | RFC2253_HEX; + +for i in range(ord("A"), ord("Z") + 1): + chars[i] |= PRINTABLE +for i in range(ord("a"), ord("z") + 1): + chars[i] |= PRINTABLE +for i in range(ord("0"), ord("9") + 1): + chars[i] |= PRINTABLE + +chars[ord(' ')] |= PRINTABLE +chars[ord('+')] |= PRINTABLE +chars[ord(',')] |= PRINTABLE +chars[ord('-')] |= PRINTABLE +chars[ord('.')] |= PRINTABLE +chars[ord('/')] |= PRINTABLE +chars[ord(':')] |= PRINTABLE +chars[ord('=')] |= PRINTABLE +chars[ord('?')] |= PRINTABLE + +chars[ord(' ')] |= RFC2253_QUOTE_FIRST | RFC2253_QUOTE_FIRST + +chars[ord(',')] |= RFC2253_QUOTE +chars[ord('=')] |= RFC2253_QUOTE +chars[ord('+')] |= RFC2253_QUOTE +chars[ord('<')] |= RFC2253_QUOTE +chars[ord('>')] |= RFC2253_QUOTE +chars[ord('#')] |= RFC2253_QUOTE +chars[ord(';')] |= RFC2253_QUOTE + +print "#define Q_CONTROL_CHAR 1" +print "#define Q_PRINTABLE 2" +print "#define Q_RFC2253_QUOTE_FIRST 4" +print "#define Q_RFC2253_QUOTE_LAST 8" +print "#define Q_RFC2253_QUOTE 16" +print "#define Q_RFC2253_HEX 32" +print "" +print "#define Q_RFC2253 (Q_RFC2253_QUOTE_FIRST|Q_RFC2253_QUOTE_LAST|Q_RFC2253_QUOTE|Q_RFC2253_HEX)" +print "\n" * 2 + + + + +print "unsigned char char_map[] = {\n\t", +for x in range(0, 256): + if (x % 8) == 0 and x != 0: + print "\n\t", + print "0x%(char)02x" % { 'char' : chars[x] }, + if x < 255: + print ", ", + else: + print "" +print "};" diff --git a/lib/hx509/req.c b/lib/hx509/req.c index d7a85e1cecd2..e70ab4b6cce5 100644 --- a/lib/hx509/req.c +++ b/lib/hx509/req.c @@ -1,39 +1,38 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" #include -RCSID("$Id: req.c 21344 2007-06-26 14:22:34Z lha $"); struct hx509_request_data { hx509_name name; @@ -47,7 +46,7 @@ struct hx509_request_data { */ int -_hx509_request_init(hx509_context context, hx509_request *req) +hx509_request_init(hx509_context context, hx509_request *req) { *req = calloc(1, sizeof(**req)); if (*req == NULL) @@ -57,7 +56,7 @@ _hx509_request_init(hx509_context context, hx509_request *req) } void -_hx509_request_free(hx509_request *req) +hx509_request_free(hx509_request *req) { if ((*req)->name) hx509_name_free(&(*req)->name); @@ -70,7 +69,7 @@ _hx509_request_free(hx509_request *req) } int -_hx509_request_set_name(hx509_context context, +hx509_request_set_name(hx509_context context, hx509_request req, hx509_name name) { @@ -85,7 +84,7 @@ _hx509_request_set_name(hx509_context context, } int -_hx509_request_get_name(hx509_context context, +hx509_request_get_name(hx509_context context, hx509_request req, hx509_name *name) { @@ -97,7 +96,7 @@ _hx509_request_get_name(hx509_context context, } int -_hx509_request_set_SubjectPublicKeyInfo(hx509_context context, +hx509_request_set_SubjectPublicKeyInfo(hx509_context context, hx509_request req, const SubjectPublicKeyInfo *key) { @@ -106,7 +105,7 @@ _hx509_request_set_SubjectPublicKeyInfo(hx509_context context, } int -_hx509_request_get_SubjectPublicKeyInfo(hx509_context context, +hx509_request_get_SubjectPublicKeyInfo(hx509_context context, hx509_request req, SubjectPublicKeyInfo *key) { @@ -144,7 +143,8 @@ _hx509_request_add_dns_name(hx509_context context, memset(&name, 0, sizeof(name)); name.element = choice_GeneralName_dNSName; - name.u.dNSName = rk_UNCONST(hostname); + name.u.dNSName.data = rk_UNCONST(hostname); + name.u.dNSName.length = strlen(hostname); return add_GeneralNames(&req->san, &name); } @@ -158,7 +158,8 @@ _hx509_request_add_email(hx509_context context, memset(&name, 0, sizeof(name)); name.element = choice_GeneralName_rfc822Name; - name.u.dNSName = rk_UNCONST(email); + name.u.dNSName.data = rk_UNCONST(email); + name.u.dNSName.length = strlen(email); return add_GeneralNames(&req->san, &name); } @@ -195,14 +196,14 @@ _hx509_request_to_pkcs10(hx509_context context, &r.certificationRequestInfo.subjectPKInfo); if (ret) goto out; - r.certificationRequestInfo.attributes = + r.certificationRequestInfo.attributes = calloc(1, sizeof(*r.certificationRequestInfo.attributes)); if (r.certificationRequestInfo.attributes == NULL) { ret = ENOMEM; goto out; } - ASN1_MALLOC_ENCODE(CertificationRequestInfo, data.data, data.length, + ASN1_MALLOC_ENCODE(CertificationRequestInfo, data.data, data.length, &r.certificationRequestInfo, &size, ret); if (ret) goto out; @@ -237,7 +238,7 @@ _hx509_request_to_pkcs10(hx509_context context, } int -_hx509_request_parse(hx509_context context, +_hx509_request_parse(hx509_context context, const char *path, hx509_request *req) { @@ -257,20 +258,20 @@ _hx509_request_parse(hx509_context context, /* XXX PEM request */ - ret = _hx509_map_file(path, &p, &len, NULL); + ret = rk_undumpdata(path, &p, &len); if (ret) { hx509_set_error_string(context, 0, ret, "Failed to map file %s", path); return ret; } ret = decode_CertificationRequest(p, len, &r, &size); - _hx509_unmap_file(p, len); + rk_xfree(p); if (ret) { hx509_set_error_string(context, 0, ret, "Failed to decode %s", path); return ret; } - ret = _hx509_request_init(context, req); + ret = hx509_request_init(context, req); if (ret) { free_CertificationRequest(&r); return ret; @@ -278,25 +279,25 @@ _hx509_request_parse(hx509_context context, rinfo = &r.certificationRequestInfo; - ret = _hx509_request_set_SubjectPublicKeyInfo(context, *req, + ret = hx509_request_set_SubjectPublicKeyInfo(context, *req, &rinfo->subjectPKInfo); if (ret) { free_CertificationRequest(&r); - _hx509_request_free(req); + hx509_request_free(req); return ret; } ret = _hx509_name_from_Name(&rinfo->subject, &subject); if (ret) { free_CertificationRequest(&r); - _hx509_request_free(req); + hx509_request_free(req); return ret; } - ret = _hx509_request_set_name(context, *req, subject); + ret = hx509_request_set_name(context, *req, subject); hx509_name_free(&subject); free_CertificationRequest(&r); if (ret) { - _hx509_request_free(req); + hx509_request_free(req); return ret; } @@ -319,7 +320,7 @@ _hx509_request_print(hx509_context context, hx509_request req, FILE *f) fprintf(f, "name: %s\n", subject); free(subject); } - + return 0; } diff --git a/lib/hx509/revoke.c b/lib/hx509/revoke.c index cfde4396a1d4..29322807487c 100644 --- a/lib/hx509/revoke.c +++ b/lib/hx509/revoke.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /** @@ -50,7 +50,6 @@ */ #include "hx_locl.h" -RCSID("$Id: revoke.c 22275 2007-12-11 11:02:11Z lha $"); struct revoke_crl { char *path; @@ -70,7 +69,7 @@ struct revoke_ocsp { struct hx509_revoke_ctx_data { - unsigned ref; + unsigned int ref; struct { struct revoke_crl *val; size_t len; @@ -113,11 +112,11 @@ _hx509_revoke_ref(hx509_revoke_ctx ctx) { if (ctx == NULL) return NULL; - if (ctx->ref <= 0) - _hx509_abort("revoke ctx refcount <= 0"); - ctx->ref++; if (ctx->ref == 0) - _hx509_abort("revoke ctx refcount == 0"); + _hx509_abort("revoke ctx refcount == 0 on ref"); + ctx->ref++; + if (ctx->ref == UINT_MAX) + _hx509_abort("revoke ctx refcount == UINT_MAX on ref"); return ctx; } @@ -146,8 +145,8 @@ hx509_revoke_free(hx509_revoke_ctx *ctx) if (ctx == NULL || *ctx == NULL) return; - if ((*ctx)->ref <= 0) - _hx509_abort("revoke ctx refcount <= 0 on free"); + if ((*ctx)->ref == 0) + _hx509_abort("revoke ctx refcount == 0 on free"); if (--(*ctx)->ref > 0) return; @@ -177,9 +176,9 @@ verify_ocsp(hx509_context context, hx509_cert signer = NULL; hx509_query q; int ret; - + _hx509_query_clear(&q); - + /* * Need to match on issuer too in case there are two CA that have * issued the same name to a certificate. One example of this is @@ -199,7 +198,7 @@ verify_ocsp(hx509_context context, q.keyhash_sha1 = &ocsp->ocsp.tbsResponseData.responderID.u.byKey; break; } - + ret = hx509_certs_find(context, certs, &q, &signer); if (ret && ocsp->certs) ret = hx509_certs_find(context, ocsp->certs, &q, &signer); @@ -218,36 +217,36 @@ verify_ocsp(hx509_context context, ret = _hx509_cert_is_parent_cmp(s, p, 0); if (ret != 0) { ret = HX509_PARENT_NOT_CA; - hx509_set_error_string(context, 0, ret, "Revoke OSCP signer is " + hx509_set_error_string(context, 0, ret, "Revoke OCSP signer is " "doesn't have CA as signer certificate"); goto out; } ret = _hx509_verify_signature_bitstring(context, - p, + parent, &s->signatureAlgorithm, &s->tbsCertificate._save, &s->signatureValue); if (ret) { hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "OSCP signer signature invalid"); + "OCSP signer signature invalid"); goto out; } - ret = hx509_cert_check_eku(context, signer, - oid_id_pkix_kp_OCSPSigning(), 0); + ret = hx509_cert_check_eku(context, signer, + &asn1_oid_id_pkix_kp_OCSPSigning, 0); if (ret) goto out; } ret = _hx509_verify_signature_bitstring(context, - _hx509_get_cert(signer), + signer, &ocsp->ocsp.signatureAlgorithm, &ocsp->ocsp.tbsResponseData._save, &ocsp->ocsp.signature); if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "OSCP signature invalid"); + hx509_set_error_string(context, HX509_ERROR_APPEND, ret, + "OCSP signature invalid"); goto out; } @@ -294,8 +293,8 @@ parse_ocsp_basic(const void *data, size_t length, OCSPBasicOCSPResponse *basic) return EINVAL; } - ret = der_heim_oid_cmp(&resp.responseBytes->responseType, - oid_id_pkix_ocsp_basic()); + ret = der_heim_oid_cmp(&resp.responseBytes->responseType, + &asn1_oid_id_pkix_ocsp_basic); if (ret != 0) { free_OCSPResponse(&resp); return HX509_REVOKE_WRONG_DATA; @@ -333,12 +332,16 @@ load_ocsp(hx509_context context, struct revoke_ocsp *ocsp) void *data; int ret; - ret = _hx509_map_file(ocsp->path, &data, &length, &sb); + ret = rk_undumpdata(ocsp->path, &data, &length); if (ret) return ret; + ret = stat(ocsp->path, &sb); + if (ret) + return errno; + ret = parse_ocsp_basic(data, length, &basic); - _hx509_unmap_file(data, length); + rk_xfree(data); if (ret) { hx509_set_error_string(context, 0, ret, "Failed to parse OCSP response"); @@ -346,9 +349,9 @@ load_ocsp(hx509_context context, struct revoke_ocsp *ocsp) } if (basic.certs) { - int i; + size_t i; - ret = hx509_certs_init(context, "MEMORY:ocsp-certs", 0, + ret = hx509_certs_init(context, "MEMORY:ocsp-certs", 0, NULL, &certs); if (ret) { free_OCSPBasicOCSPResponse(&basic); @@ -357,11 +360,11 @@ load_ocsp(hx509_context context, struct revoke_ocsp *ocsp) for (i = 0; i < basic.certs->len; i++) { hx509_cert c; - + ret = hx509_cert_init(context, &basic.certs->val[i], &c); if (ret) continue; - + ret = hx509_certs_add(context, certs, c); hx509_cert_free(c); if (ret) @@ -416,7 +419,7 @@ hx509_revoke_add_ocsp(hx509_context context, return 0; } - data = realloc(ctx->ocsps.val, + data = realloc(ctx->ocsps.val, (ctx->ocsps.len + 1) * sizeof(ctx->ocsps.val[0])); if (data == NULL) { hx509_clear_error_string(context); @@ -425,7 +428,7 @@ hx509_revoke_add_ocsp(hx509_context context, ctx->ocsps.val = data; - memset(&ctx->ocsps.val[ctx->ocsps.len], 0, + memset(&ctx->ocsps.val[ctx->ocsps.len], 0, sizeof(ctx->ocsps.val[0])); ctx->ocsps.val[ctx->ocsps.len].path = strdup(path); @@ -460,7 +463,7 @@ verify_crl(hx509_context context, hx509_query q; time_t t; int ret; - + t = _hx509_Time2time_t(&crl->tbsCertList.thisUpdate); if (t > time_now) { hx509_set_error_string(context, 0, HX509_CRL_USED_BEFORE_TIME, @@ -482,7 +485,7 @@ verify_crl(hx509_context context, } _hx509_query_clear(&q); - + /* * If it's the signer have CRLSIGN bit set, use that as the signer * cert for the certificate, otherwise, search for a certificate. @@ -493,7 +496,7 @@ verify_crl(hx509_context context, q.match = HX509_QUERY_MATCH_SUBJECT_NAME; q.match |= HX509_QUERY_KU_CRLSIGN; q.subject_name = &crl->tbsCertList.issuer; - + ret = hx509_certs_find(context, certs, &q, &signer); if (ret) { hx509_set_error_string(context, HX509_ERROR_APPEND, ret, @@ -503,7 +506,7 @@ verify_crl(hx509_context context, } ret = _hx509_verify_signature_bitstring(context, - _hx509_get_cert(signer), + signer, &crl->signatureAlgorithm, &crl->tbsCertList._save, &crl->signatureValue); @@ -513,7 +516,7 @@ verify_crl(hx509_context context, goto out; } - /* + /* * If signer is not CA cert, need to check revoke status of this * CRL signing cert too, this include all parent CRL signer cert * up to the root *sigh*, assume root at least hve CERTSIGN flag @@ -523,11 +526,11 @@ verify_crl(hx509_context context, hx509_cert crl_parent; _hx509_query_clear(&q); - + q.match = HX509_QUERY_MATCH_SUBJECT_NAME; q.match |= HX509_QUERY_KU_CRLSIGN; q.subject_name = &_hx509_get_cert(signer)->tbsCertificate.issuer; - + ret = hx509_certs_find(context, certs, &q, &crl_parent); if (ret) { hx509_set_error_string(context, HX509_ERROR_APPEND, ret, @@ -536,7 +539,7 @@ verify_crl(hx509_context context, } ret = hx509_revoke_verify(context, - ctx, + ctx, certs, time_now, signer, @@ -567,14 +570,18 @@ load_crl(const char *path, time_t *t, CRLCertificateList *crl) memset(crl, 0, sizeof(*crl)); - ret = _hx509_map_file(path, &data, &length, &sb); + ret = rk_undumpdata(path, &data, &length); if (ret) return ret; + ret = stat(path, &sb); + if (ret) + return errno; + *t = sb.st_mtime; ret = decode_CRLCertificateList(data, length, crl, &size); - _hx509_unmap_file(data, length); + rk_xfree(data); if (ret) return ret; @@ -613,7 +620,7 @@ hx509_revoke_add_crl(hx509_context context, return HX509_UNSUPPORTED_OPERATION; } - + path += 5; for (i = 0; i < ctx->crls.len; i++) { @@ -621,7 +628,7 @@ hx509_revoke_add_crl(hx509_context context, return 0; } - data = realloc(ctx->crls.val, + data = realloc(ctx->crls.val, (ctx->crls.len + 1) * sizeof(ctx->crls.val[0])); if (data == NULL) { hx509_clear_error_string(context); @@ -637,7 +644,7 @@ hx509_revoke_add_crl(hx509_context context, return ENOMEM; } - ret = load_crl(path, + ret = load_crl(path, &ctx->crls.val[ctx->crls.len].last_modfied, &ctx->crls.val[ctx->crls.len].crl); if (ret) { @@ -711,7 +718,7 @@ hx509_revoke_verify(hx509_context context, &c->tbsCertificate.serialNumber); if (ret != 0) continue; - + /* verify issuer hashes hash */ ret = _hx509_verify_signature(context, NULL, @@ -736,7 +743,7 @@ hx509_revoke_verify(hx509_context context, case choice_OCSPCertStatus_good: break; case choice_OCSPCertStatus_revoked: - hx509_set_error_string(context, 0, + hx509_set_error_string(context, 0, HX509_CERT_REVOKED, "Certificate revoked by issuer in OCSP"); return HX509_CERT_REVOKED; @@ -745,7 +752,7 @@ hx509_revoke_verify(hx509_context context, } /* don't allow the update to be in the future */ - if (ocsp->ocsp.tbsResponseData.responses.val[j].thisUpdate > + if (ocsp->ocsp.tbsResponseData.responses.val[j].thisUpdate > now + context->ocsp_time_diff) continue; @@ -753,8 +760,7 @@ hx509_revoke_verify(hx509_context context, if (ocsp->ocsp.tbsResponseData.responses.val[j].nextUpdate) { if (*ocsp->ocsp.tbsResponseData.responses.val[j].nextUpdate < now) continue; - } else - /* Should force a refetch, but can we ? */; + } /* else should force a refetch, but can we ? */ return 0; } @@ -763,11 +769,12 @@ hx509_revoke_verify(hx509_context context, for (i = 0; i < ctx->crls.len; i++) { struct revoke_crl *crl = &ctx->crls.val[i]; struct stat sb; + int diff; /* check if cert.issuer == crls.val[i].crl.issuer */ - ret = _hx509_name_cmp(&c->tbsCertificate.issuer, - &crl->crl.tbsCertList.issuer); - if (ret) + ret = _hx509_name_cmp(&c->tbsCertificate.issuer, + &crl->crl.tbsCertList.issuer, &diff); + if (ret || diff) continue; ret = stat(crl->path, &sb); @@ -798,7 +805,7 @@ hx509_revoke_verify(hx509_context context, if (crl->crl.tbsCertList.crlExtensions) { for (j = 0; j < crl->crl.tbsCertList.crlExtensions->len; j++) { if (crl->crl.tbsCertList.crlExtensions->val[j].critical) { - hx509_set_error_string(context, 0, + hx509_set_error_string(context, 0, HX509_CRL_UNKNOWN_EXTENSION, "Unknown CRL extension"); return HX509_CRL_UNKNOWN_EXTENSION; @@ -821,13 +828,13 @@ hx509_revoke_verify(hx509_context context, t = _hx509_Time2time_t(&crl->crl.tbsCertList.revokedCertificates->val[j].revocationDate); if (t > now) continue; - + if (crl->crl.tbsCertList.revokedCertificates->val[j].crlEntryExtensions) for (k = 0; k < crl->crl.tbsCertList.revokedCertificates->val[j].crlEntryExtensions->len; k++) if (crl->crl.tbsCertList.revokedCertificates->val[j].crlEntryExtensions->val[k].critical) return HX509_CRL_UNKNOWN_EXTENSION; - - hx509_set_error_string(context, 0, + + hx509_set_error_string(context, 0, HX509_CERT_REVOKED, "Certificate revoked by issuer in CRL"); return HX509_CERT_REVOKED; @@ -839,7 +846,7 @@ hx509_revoke_verify(hx509_context context, if (context->flags & HX509_CTX_VERIFY_MISSING_OK) return 0; - hx509_set_error_string(context, HX509_ERROR_APPEND, + hx509_set_error_string(context, HX509_ERROR_APPEND, HX509_REVOKE_STATUS_MISSING, "No revoke status found for " "certificates"); @@ -865,13 +872,13 @@ add_to_req(hx509_context context, void *ptr, hx509_cert cert) hx509_query q; void *d; - d = realloc(ctx->req->requestList.val, + d = realloc(ctx->req->requestList.val, sizeof(ctx->req->requestList.val[0]) * (ctx->req->requestList.len + 1)); if (d == NULL) return ENOMEM; ctx->req->requestList.val = d; - + one = &ctx->req->requestList.val[ctx->req->requestList.len]; memset(one, 0, sizeof(*one)); @@ -911,7 +918,7 @@ add_to_req(hx509_context context, void *ptr, hx509_cert cert) goto out; os.data = p->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data; - os.length = + os.length = p->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.length / 8; ret = _hx509_create_signature(context, @@ -981,13 +988,13 @@ hx509_ocsp_request(hx509_context context, ctx.digest = digest; ctx.parent = NULL; - ret = hx509_certs_iter(context, reqcerts, add_to_req, &ctx); + ret = hx509_certs_iter_f(context, reqcerts, add_to_req, &ctx); hx509_cert_free(ctx.parent); if (ret) goto out; - + if (nonce) { - req.tbsRequest.requestExtensions = + req.tbsRequest.requestExtensions = calloc(1, sizeof(*req.tbsRequest.requestExtensions)); if (req.tbsRequest.requestExtensions == NULL) { ret = ENOMEM; @@ -995,15 +1002,14 @@ hx509_ocsp_request(hx509_context context, } es = req.tbsRequest.requestExtensions; - + es->val = calloc(es->len, sizeof(es->val[0])); if (es->val == NULL) { ret = ENOMEM; goto out; } es->len = 1; - - ret = der_copy_oid(oid_id_pkix_ocsp_nonce(), &es->val[0].extnID); + ret = der_copy_oid(&asn1_oid_id_pkix_ocsp_nonce, &es->val[0].extnID); if (ret) { free_OCSPRequest(&req); return ret; @@ -1015,7 +1021,7 @@ hx509_ocsp_request(hx509_context context, goto out; } es->val[0].extnValue.length = 10; - + ret = RAND_bytes(es->val[0].extnValue.data, es->val[0].extnValue.length); if (ret != 1) { @@ -1048,8 +1054,13 @@ static char * printable_time(time_t t) { static char s[128]; - strlcpy(s, ctime(&t)+ 4, sizeof(s)); - s[20] = 0; + char *p; + if ((p = ctime(&t)) == NULL) + strlcpy(s, "?", sizeof(s)); + else { + strlcpy(s, p + 4, sizeof(s)); + s[20] = 0; + } return s; } @@ -1069,8 +1080,9 @@ int hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out) { struct revoke_ocsp ocsp; - int ret, i; - + int ret; + size_t i; + if (out == NULL) out = stdout; @@ -1113,7 +1125,7 @@ hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out) break; } - fprintf(out, "producedAt: %s\n", + fprintf(out, "producedAt: %s\n", printable_time(ocsp.ocsp.tbsResponseData.producedAt)); fprintf(out, "replies: %d\n", ocsp.ocsp.tbsResponseData.responses.len); @@ -1134,19 +1146,19 @@ hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out) status = "element unknown"; } - fprintf(out, "\t%d. status: %s\n", i, status); + fprintf(out, "\t%zu. status: %s\n", i, status); - fprintf(out, "\tthisUpdate: %s\n", + fprintf(out, "\tthisUpdate: %s\n", printable_time(ocsp.ocsp.tbsResponseData.responses.val[i].thisUpdate)); if (ocsp.ocsp.tbsResponseData.responses.val[i].nextUpdate) - fprintf(out, "\tproducedAt: %s\n", + fprintf(out, "\tproducedAt: %s\n", printable_time(ocsp.ocsp.tbsResponseData.responses.val[i].thisUpdate)); } fprintf(out, "appended certs:\n"); if (ocsp.certs) - ret = hx509_certs_iter(context, ocsp.certs, hx509_ci_print_names, out); + ret = hx509_certs_iter_f(context, ocsp.certs, hx509_ci_print_names, out); free_ocsp(&ocsp); return ret; @@ -1181,7 +1193,8 @@ hx509_ocsp_verify(hx509_context context, { const Certificate *c = _hx509_get_cert(cert); OCSPBasicOCSPResponse basic; - int ret, i; + int ret; + size_t i; if (now == 0) now = time(NULL); @@ -1201,7 +1214,7 @@ hx509_ocsp_verify(hx509_context context, &c->tbsCertificate.serialNumber); if (ret != 0) continue; - + /* verify issuer hashes hash */ ret = _hx509_verify_signature(context, NULL, @@ -1220,7 +1233,7 @@ hx509_ocsp_verify(hx509_context context, } /* don't allow the update to be in the future */ - if (basic.tbsResponseData.responses.val[i].thisUpdate > + if (basic.tbsResponseData.responses.val[i].thisUpdate > now + context->ocsp_time_diff) continue; @@ -1241,7 +1254,7 @@ hx509_ocsp_verify(hx509_context context, { hx509_name name; char *subject; - + ret = hx509_cert_get_subject(cert, &name); if (ret) { hx509_clear_error_string(context); @@ -1314,7 +1327,7 @@ hx509_crl_alloc(hx509_context context, hx509_crl *crl) int hx509_crl_add_revoked_certs(hx509_context context, - hx509_crl crl, + hx509_crl crl, hx509_certs certs) { return hx509_certs_merge(context, crl->revoked, certs); @@ -1377,13 +1390,13 @@ add_revoked(hx509_context context, void *ctx, hx509_cert cert) } c->revokedCertificates->val = ptr; - ret = hx509_cert_get_serialnumber(cert, + ret = hx509_cert_get_serialnumber(cert, &c->revokedCertificates->val[num].userCertificate); if (ret) { hx509_clear_error_string(context); return ret; } - c->revokedCertificates->val[num].revocationDate.element = + c->revokedCertificates->val[num].revocationDate.element = choice_Time_generalTime; c->revokedCertificates->val[num].revocationDate.u.generalTime = time(NULL) - 3600 * 24; @@ -1392,7 +1405,7 @@ add_revoked(hx509_context context, void *ctx, hx509_cert cert) c->revokedCertificates->len++; return 0; -} +} /** * Sign a CRL and return an encode certificate. @@ -1470,7 +1483,7 @@ hx509_crl_sign(hx509_context context, c.tbsCertList.nextUpdate->u.generalTime = next; } - c.tbsCertList.revokedCertificates = + c.tbsCertList.revokedCertificates = calloc(1, sizeof(*c.tbsCertList.revokedCertificates)); if (c.tbsCertList.revokedCertificates == NULL) { hx509_set_error_string(context, 0, ENOMEM, "out of memory"); @@ -1479,7 +1492,7 @@ hx509_crl_sign(hx509_context context, } c.tbsCertList.crlExtensions = NULL; - ret = hx509_certs_iter(context, crl->revoked, add_revoked, &c.tbsCertList); + ret = hx509_certs_iter_f(context, crl->revoked, add_revoked, &c.tbsCertList); if (ret) goto out; @@ -1506,10 +1519,13 @@ hx509_crl_sign(hx509_context context, &c.signatureAlgorithm, &c.signatureValue); free(os->data); + if (ret) { + hx509_set_error_string(context, 0, ret, "Failed to sign CRL"); + goto out; + } ASN1_MALLOC_ENCODE(CRLCertificateList, os->data, os->length, &c, &size, ret); - free_CRLCertificateList(&c); if (ret) { hx509_set_error_string(context, 0, ret, "failed to encode CRL"); goto out; @@ -1517,6 +1533,8 @@ hx509_crl_sign(hx509_context context, if (size != os->length) _hx509_abort("internal ASN.1 encoder error"); + free_CRLCertificateList(&c); + return 0; out: diff --git a/lib/sl/parse.c b/lib/hx509/sel-gram.c similarity index 83% rename from lib/sl/parse.c rename to lib/hx509/sel-gram.c index f79318dc3862..70d83d645db6 100644 --- a/lib/sl/parse.c +++ b/lib/hx509/sel-gram.c @@ -66,75 +66,41 @@ /* Put the tokens into the symbol table, so that GDB and other debuggers know about them. */ enum yytokentype { - TABLE = 258, - REQUEST = 259, - UNKNOWN = 260, - UNIMPLEMENTED = 261, - END = 262, - STRING = 263 + kw_TRUE = 258, + kw_FALSE = 259, + kw_AND = 260, + kw_OR = 261, + kw_IN = 262, + kw_TAILMATCH = 263, + NUMBER = 264, + STRING = 265, + IDENTIFIER = 266 }; #endif /* Tokens. */ -#define TABLE 258 -#define REQUEST 259 -#define UNKNOWN 260 -#define UNIMPLEMENTED 261 -#define END 262 -#define STRING 263 +#define kw_TRUE 258 +#define kw_FALSE 259 +#define kw_AND 260 +#define kw_OR 261 +#define kw_IN 262 +#define kw_TAILMATCH 263 +#define NUMBER 264 +#define STRING 265 +#define IDENTIFIER 266 /* Copy the first part of user declarations. */ -#line 1 "parse.y" +#line 34 "sel-gram.y" -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "make_cmds.h" -RCSID("$Id: parse.y 21745 2007-07-31 16:11:25Z lha $"); - -static void yyerror (char *s); - -struct string_list* append_string(struct string_list*, char*); -void free_string_list(struct string_list *list); -unsigned string_to_flag(const char *); - -/* This is for bison */ - -#if !defined(alloca) && !defined(HAVE_ALLOCA) -#define alloca(x) malloc(x) +#ifdef HAVE_CONFIG_H +#include #endif +#include +#include +#include + @@ -158,14 +124,13 @@ unsigned string_to_flag(const char *); #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE -#line 52 "parse.y" +#line 45 "sel-gram.y" { - char *string; - unsigned number; - struct string_list *list; + char *string; + struct hx_expr *expr; } /* Line 193 of yacc.c. */ -#line 169 "parse.c" +#line 134 "sel-gram.c" YYSTYPE; # define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 @@ -178,7 +143,7 @@ typedef union YYSTYPE /* Line 216 of yacc.c. */ -#line 182 "parse.c" +#line 147 "sel-gram.c" #ifdef short # undef short @@ -391,22 +356,22 @@ union yyalloc #endif /* YYFINAL -- State number of the termination state. */ -#define YYFINAL 15 +#define YYFINAL 21 /* YYLAST -- Last index in YYTABLE. */ -#define YYLAST 37 +#define YYLAST 50 /* YYNTOKENS -- Number of terminals. */ -#define YYNTOKENS 13 +#define YYNTOKENS 21 /* YYNNTS -- Number of nonterminals. */ -#define YYNNTS 7 +#define YYNNTS 11 /* YYNRULES -- Number of rules. */ -#define YYNRULES 16 +#define YYNRULES 26 /* YYNRULES -- Number of states. */ -#define YYNSTATES 40 +#define YYNSTATES 50 /* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */ #define YYUNDEFTOK 2 -#define YYMAXUTOK 263 +#define YYMAXUTOK 266 #define YYTRANSLATE(YYX) \ ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK) @@ -417,16 +382,16 @@ static const yytype_uint8 yytranslate[] = 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 12, 2, 2, 2, 17, 2, 2, + 13, 14, 2, 2, 15, 2, 20, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 11, 12, 2, 2, 10, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 9, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 16, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 18, 2, 19, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, @@ -440,7 +405,7 @@ static const yytype_uint8 yytranslate[] = 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 2, 3, 4, - 5, 6, 7, 8 + 5, 6, 7, 8, 9, 10, 11 }; #if YYDEBUG @@ -448,27 +413,31 @@ static const yytype_uint8 yytranslate[] = YYRHS. */ static const yytype_uint8 yyprhs[] = { - 0, 0, 3, 4, 6, 8, 11, 15, 27, 35, - 43, 47, 50, 52, 56, 58, 62 + 0, 0, 3, 5, 7, 9, 12, 16, 20, 24, + 26, 28, 32, 37, 42, 46, 52, 56, 58, 60, + 62, 64, 66, 68, 73, 78, 82 }; /* YYRHS -- A `-1'-separated list of the rules' RHS. */ static const yytype_int8 yyrhs[] = { - 14, 0, -1, -1, 15, -1, 16, -1, 15, 16, - -1, 3, 8, 9, -1, 4, 8, 10, 8, 10, - 17, 10, 11, 18, 12, 9, -1, 4, 8, 10, - 8, 10, 17, 9, -1, 6, 8, 10, 8, 10, - 17, 9, -1, 5, 17, 9, -1, 7, 9, -1, - 8, -1, 17, 10, 8, -1, 19, -1, 18, 10, - 19, -1, 8, -1 + 22, 0, -1, 23, -1, 3, -1, 4, -1, 12, + 23, -1, 23, 5, 23, -1, 23, 6, 23, -1, + 13, 23, 14, -1, 25, -1, 26, -1, 26, 15, + 24, -1, 26, 16, 16, 26, -1, 26, 12, 16, + 26, -1, 26, 8, 26, -1, 26, 7, 13, 24, + 14, -1, 26, 7, 30, -1, 27, -1, 28, -1, + 29, -1, 30, -1, 9, -1, 10, -1, 11, 13, + 24, 14, -1, 17, 18, 31, 19, -1, 11, 20, + 31, -1, 11, -1 }; /* YYRLINE[YYN] -- source line where rule number YYN was defined. */ static const yytype_uint8 yyrline[] = { - 0, 65, 65, 66, 69, 70, 73, 77, 81, 85, - 91, 95, 101, 105, 111, 115, 120 + 0, 73, 73, 75, 76, 77, 78, 79, 80, 81, + 84, 85, 88, 89, 90, 91, 92, 95, 96, 97, + 98, 101, 102, 104, 107, 110, 112 }; #endif @@ -477,9 +446,11 @@ static const yytype_uint8 yyrline[] = First, the terminals, then, starting at YYNTOKENS, nonterminals. */ static const char *const yytname[] = { - "$end", "error", "$undefined", "TABLE", "REQUEST", "UNKNOWN", - "UNIMPLEMENTED", "END", "STRING", "';'", "','", "'('", "')'", "$accept", - "file", "statements", "statement", "aliases", "flags", "flag", 0 + "$end", "error", "$undefined", "kw_TRUE", "kw_FALSE", "kw_AND", "kw_OR", + "kw_IN", "kw_TAILMATCH", "NUMBER", "STRING", "IDENTIFIER", "'!'", "'('", + "')'", "','", "'='", "'%'", "'{'", "'}'", "'.'", "$accept", "start", + "expr", "words", "comp", "word", "number", "string", "function", + "variable", "variables", 0 }; #endif @@ -488,23 +459,26 @@ static const char *const yytname[] = token YYLEX-NUM. */ static const yytype_uint16 yytoknum[] = { - 0, 256, 257, 258, 259, 260, 261, 262, 263, 59, - 44, 40, 41 + 0, 256, 257, 258, 259, 260, 261, 262, 263, 264, + 265, 266, 33, 40, 41, 44, 61, 37, 123, 125, + 46 }; # endif /* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ static const yytype_uint8 yyr1[] = { - 0, 13, 14, 14, 15, 15, 16, 16, 16, 16, - 16, 16, 17, 17, 18, 18, 19 + 0, 21, 22, 23, 23, 23, 23, 23, 23, 23, + 24, 24, 25, 25, 25, 25, 25, 26, 26, 26, + 26, 27, 28, 29, 30, 31, 31 }; /* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */ static const yytype_uint8 yyr2[] = { - 0, 2, 0, 1, 1, 2, 3, 11, 7, 7, - 3, 2, 1, 3, 1, 3, 1 + 0, 2, 1, 1, 1, 2, 3, 3, 3, 1, + 1, 3, 4, 4, 3, 5, 3, 1, 1, 1, + 1, 1, 1, 4, 4, 3, 1 }; /* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state @@ -512,33 +486,37 @@ static const yytype_uint8 yyr2[] = means the default is an error. */ static const yytype_uint8 yydefact[] = { - 2, 0, 0, 0, 0, 0, 0, 3, 4, 0, - 0, 12, 0, 0, 11, 1, 5, 6, 0, 10, - 0, 0, 0, 13, 0, 0, 0, 0, 0, 8, - 0, 9, 0, 16, 0, 14, 0, 0, 15, 7 + 0, 3, 4, 21, 22, 0, 0, 0, 0, 0, + 2, 9, 0, 17, 18, 19, 20, 0, 5, 0, + 0, 1, 0, 0, 0, 0, 0, 0, 0, 10, + 8, 26, 0, 6, 7, 0, 16, 14, 0, 0, + 23, 0, 0, 24, 0, 13, 12, 11, 25, 15 }; /* YYDEFGOTO[NTERM-NUM]. */ static const yytype_int8 yydefgoto[] = { - -1, 6, 7, 8, 12, 34, 35 + -1, 9, 10, 28, 11, 12, 13, 14, 15, 16, + 32 }; /* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing STATE-NUM. */ -#define YYPACT_NINF -10 +#define YYPACT_NINF -31 static const yytype_int8 yypact[] = { - -3, 0, 10, 11, 12, 13, 21, -3, -10, 14, - 15, -10, 1, 16, -10, -10, -10, -10, 19, -10, - 20, 22, 23, -10, 24, 11, 11, 3, 5, -10, - -2, -10, 27, -10, -5, -10, 27, 28, -10, -10 + 22, -31, -31, -31, -31, -1, 22, 22, -11, 27, + 11, -31, -6, -31, -31, -31, -31, 19, 11, 9, + 26, -31, 22, 22, -4, 19, 24, 25, 28, 23, + -31, 29, 31, 11, 11, 19, -31, -31, 19, 19, + -31, 19, 26, -31, 30, -31, -31, -31, -31, -31 }; /* YYPGOTO[NTERM-NUM]. */ static const yytype_int8 yypgoto[] = { - -10, -10, -10, 17, -9, -10, -7 + -31, -31, -3, -30, -31, -17, -31, -31, -31, 21, + 1 }; /* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If @@ -548,28 +526,33 @@ static const yytype_int8 yypgoto[] = #define YYTABLE_NINF -1 static const yytype_uint8 yytable[] = { - 1, 2, 3, 4, 5, 36, 23, 37, 9, 32, - 19, 20, 29, 30, 31, 20, 27, 28, 10, 11, - 13, 15, 14, 17, 16, 18, 21, 22, 23, 38, - 24, 0, 0, 25, 26, 33, 0, 39 + 29, 24, 25, 18, 19, 44, 26, 20, 37, 35, + 27, 47, 17, 8, 22, 23, 22, 23, 29, 33, + 34, 45, 46, 30, 29, 1, 2, 21, 3, 4, + 5, 3, 4, 5, 6, 7, 8, 31, 41, 8, + 38, 39, 40, 48, 49, 36, 0, 0, 0, 42, + 43 }; static const yytype_int8 yycheck[] = { - 3, 4, 5, 6, 7, 10, 8, 12, 8, 11, - 9, 10, 9, 10, 9, 10, 25, 26, 8, 8, - 8, 0, 9, 9, 7, 10, 10, 8, 8, 36, - 8, -1, -1, 10, 10, 8, -1, 9 + 17, 7, 8, 6, 7, 35, 12, 18, 25, 13, + 16, 41, 13, 17, 5, 6, 5, 6, 35, 22, + 23, 38, 39, 14, 41, 3, 4, 0, 9, 10, + 11, 9, 10, 11, 12, 13, 17, 11, 15, 17, + 16, 16, 14, 42, 14, 24, -1, -1, -1, 20, + 19 }; /* YYSTOS[STATE-NUM] -- The (internal number of the) accessing symbol of state STATE-NUM. */ static const yytype_uint8 yystos[] = { - 0, 3, 4, 5, 6, 7, 14, 15, 16, 8, - 8, 8, 17, 8, 9, 0, 16, 9, 10, 9, - 10, 10, 8, 8, 8, 10, 10, 17, 17, 9, - 10, 9, 11, 8, 18, 19, 10, 12, 19, 9 + 0, 3, 4, 9, 10, 11, 12, 13, 17, 22, + 23, 25, 26, 27, 28, 29, 30, 13, 23, 23, + 18, 0, 5, 6, 7, 8, 12, 16, 24, 26, + 14, 11, 31, 23, 23, 13, 30, 26, 16, 16, + 14, 15, 20, 19, 24, 26, 26, 24, 31, 14 }; #define yyerrok (yyerrstatus = 0) @@ -1383,89 +1366,137 @@ yyparse () YY_REDUCE_PRINT (yyn); switch (yyn) { - case 6: -#line 74 "parse.y" - { - table_name = (yyvsp[(2) - (3)].string); - } + case 2: +#line 73 "sel-gram.y" + { _hx509_expr_input.expr = (yyvsp[(1) - (1)].expr); } + break; + + case 3: +#line 75 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(op_TRUE, NULL, NULL); } + break; + + case 4: +#line 76 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(op_FALSE, NULL, NULL); } + break; + + case 5: +#line 77 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(op_NOT, (yyvsp[(2) - (2)].expr), NULL); } + break; + + case 6: +#line 78 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(op_AND, (yyvsp[(1) - (3)].expr), (yyvsp[(3) - (3)].expr)); } break; case 7: -#line 78 "parse.y" - { - add_command((yyvsp[(2) - (11)].string), (yyvsp[(4) - (11)].string), (yyvsp[(6) - (11)].list), (yyvsp[(9) - (11)].number)); - } +#line 79 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(op_OR, (yyvsp[(1) - (3)].expr), (yyvsp[(3) - (3)].expr)); } break; case 8: -#line 82 "parse.y" - { - add_command((yyvsp[(2) - (7)].string), (yyvsp[(4) - (7)].string), (yyvsp[(6) - (7)].list), 0); - } +#line 80 "sel-gram.y" + { (yyval.expr) = (yyvsp[(2) - (3)].expr); } break; case 9: -#line 86 "parse.y" - { - free((yyvsp[(2) - (7)].string)); - free((yyvsp[(4) - (7)].string)); - free_string_list((yyvsp[(6) - (7)].list)); - } +#line 81 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(op_COMP, (yyvsp[(1) - (1)].expr), NULL); } break; case 10: -#line 92 "parse.y" - { - free_string_list((yyvsp[(2) - (3)].list)); - } +#line 84 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(expr_WORDS, (yyvsp[(1) - (1)].expr), NULL); } break; case 11: -#line 96 "parse.y" - { - YYACCEPT; - } +#line 85 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(expr_WORDS, (yyvsp[(1) - (3)].expr), (yyvsp[(3) - (3)].expr)); } break; case 12: -#line 102 "parse.y" - { - (yyval.list) = append_string(NULL, (yyvsp[(1) - (1)].string)); - } +#line 88 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(comp_EQ, (yyvsp[(1) - (4)].expr), (yyvsp[(4) - (4)].expr)); } break; case 13: -#line 106 "parse.y" - { - (yyval.list) = append_string((yyvsp[(1) - (3)].list), (yyvsp[(3) - (3)].string)); - } +#line 89 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(comp_NE, (yyvsp[(1) - (4)].expr), (yyvsp[(4) - (4)].expr)); } break; case 14: -#line 112 "parse.y" - { - (yyval.number) = (yyvsp[(1) - (1)].number); - } +#line 90 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(comp_TAILEQ, (yyvsp[(1) - (3)].expr), (yyvsp[(3) - (3)].expr)); } break; case 15: -#line 116 "parse.y" - { - (yyval.number) = (yyvsp[(1) - (3)].number) | (yyvsp[(3) - (3)].number); - } +#line 91 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(comp_IN, (yyvsp[(1) - (5)].expr), (yyvsp[(4) - (5)].expr)); } break; case 16: -#line 121 "parse.y" +#line 92 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(comp_IN, (yyvsp[(1) - (3)].expr), (yyvsp[(3) - (3)].expr)); } + break; + + case 17: +#line 95 "sel-gram.y" + { (yyval.expr) = (yyvsp[(1) - (1)].expr); } + break; + + case 18: +#line 96 "sel-gram.y" + { (yyval.expr) = (yyvsp[(1) - (1)].expr); } + break; + + case 19: +#line 97 "sel-gram.y" + { (yyval.expr) = (yyvsp[(1) - (1)].expr); } + break; + + case 20: +#line 98 "sel-gram.y" + { (yyval.expr) = (yyvsp[(1) - (1)].expr); } + break; + + case 21: +#line 101 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(expr_NUMBER, (yyvsp[(1) - (1)].string), NULL); } + break; + + case 22: +#line 102 "sel-gram.y" + { (yyval.expr) = _hx509_make_expr(expr_STRING, (yyvsp[(1) - (1)].string), NULL); } + break; + + case 23: +#line 104 "sel-gram.y" { - (yyval.number) = string_to_flag((yyvsp[(1) - (1)].string)); - free((yyvsp[(1) - (1)].string)); - } + (yyval.expr) = _hx509_make_expr(expr_FUNCTION, (yyvsp[(1) - (4)].string), (yyvsp[(3) - (4)].expr)); } + break; + + case 24: +#line 107 "sel-gram.y" + { (yyval.expr) = (yyvsp[(3) - (4)].expr); } + break; + + case 25: +#line 110 "sel-gram.y" + { + (yyval.expr) = _hx509_make_expr(expr_VAR, (yyvsp[(1) - (3)].string), (yyvsp[(3) - (3)].expr)); } + break; + + case 26: +#line 112 "sel-gram.y" + { + (yyval.expr) = _hx509_make_expr(expr_VAR, (yyvsp[(1) - (1)].string), NULL); } break; /* Line 1267 of yacc.c. */ -#line 1469 "parse.c" +#line 1500 "sel-gram.c" default: break; } YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); @@ -1679,46 +1710,4 @@ yyparse () } -#line 129 "parse.y" - - -static void -yyerror (char *s) -{ - error_message ("%s\n", s); -} - -struct string_list* -append_string(struct string_list *list, char *str) -{ - struct string_list *sl = malloc(sizeof(*sl)); - if (sl == NULL) - return sl; - sl->string = str; - sl->next = NULL; - if(list) { - *list->tail = sl; - list->tail = &sl->next; - return list; - } - sl->tail = &sl->next; - return sl; -} - -void -free_string_list(struct string_list *list) -{ - while(list) { - struct string_list *sl = list->next; - free(list->string); - free(list); - list = sl; - } -} - -unsigned -string_to_flag(const char *string) -{ - return 0; -} diff --git a/lib/sl/parse.h b/lib/hx509/sel-gram.h similarity index 82% rename from lib/sl/parse.h rename to lib/hx509/sel-gram.h index f7fef6dbefd2..13be3f9ab19c 100644 --- a/lib/sl/parse.h +++ b/lib/hx509/sel-gram.h @@ -39,35 +39,40 @@ /* Put the tokens into the symbol table, so that GDB and other debuggers know about them. */ enum yytokentype { - TABLE = 258, - REQUEST = 259, - UNKNOWN = 260, - UNIMPLEMENTED = 261, - END = 262, - STRING = 263 + kw_TRUE = 258, + kw_FALSE = 259, + kw_AND = 260, + kw_OR = 261, + kw_IN = 262, + kw_TAILMATCH = 263, + NUMBER = 264, + STRING = 265, + IDENTIFIER = 266 }; #endif /* Tokens. */ -#define TABLE 258 -#define REQUEST 259 -#define UNKNOWN 260 -#define UNIMPLEMENTED 261 -#define END 262 -#define STRING 263 +#define kw_TRUE 258 +#define kw_FALSE 259 +#define kw_AND 260 +#define kw_OR 261 +#define kw_IN 262 +#define kw_TAILMATCH 263 +#define NUMBER 264 +#define STRING 265 +#define IDENTIFIER 266 #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE -#line 52 "parse.y" +#line 45 "sel-gram.y" { - char *string; - unsigned number; - struct string_list *list; + char *string; + struct hx_expr *expr; } /* Line 1529 of yacc.c. */ -#line 71 "parse.h" +#line 76 "sel-gram.h" YYSTYPE; # define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 diff --git a/lib/hx509/sel-gram.y b/lib/hx509/sel-gram.y new file mode 100644 index 000000000000..7f7c9980e03b --- /dev/null +++ b/lib/hx509/sel-gram.y @@ -0,0 +1,114 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +%{ +#ifdef HAVE_CONFIG_H +#include +#endif +#include +#include +#include + + +%} + +%union { + char *string; + struct hx_expr *expr; +} + +%token kw_TRUE +%token kw_FALSE +%token kw_AND +%token kw_OR +%token kw_IN +%token kw_TAILMATCH + +%type expr +%type comp +%type word words +%type number +%type string +%type function +%type variable variables + +%token NUMBER +%token STRING +%token IDENTIFIER + +%start start + +%% + +start: expr { _hx509_expr_input.expr = $1; } + +expr : kw_TRUE { $$ = _hx509_make_expr(op_TRUE, NULL, NULL); } + | kw_FALSE { $$ = _hx509_make_expr(op_FALSE, NULL, NULL); } + | '!' expr { $$ = _hx509_make_expr(op_NOT, $2, NULL); } + | expr kw_AND expr { $$ = _hx509_make_expr(op_AND, $1, $3); } + | expr kw_OR expr { $$ = _hx509_make_expr(op_OR, $1, $3); } + | '(' expr ')' { $$ = $2; } + | comp { $$ = _hx509_make_expr(op_COMP, $1, NULL); } + ; + +words : word { $$ = _hx509_make_expr(expr_WORDS, $1, NULL); } + | word ',' words { $$ = _hx509_make_expr(expr_WORDS, $1, $3); } + ; + +comp : word '=' '=' word { $$ = _hx509_make_expr(comp_EQ, $1, $4); } + | word '!' '=' word { $$ = _hx509_make_expr(comp_NE, $1, $4); } + | word kw_TAILMATCH word { $$ = _hx509_make_expr(comp_TAILEQ, $1, $3); } + | word kw_IN '(' words ')' { $$ = _hx509_make_expr(comp_IN, $1, $4); } + | word kw_IN variable { $$ = _hx509_make_expr(comp_IN, $1, $3); } + ; + +word : number { $$ = $1; } + | string { $$ = $1; } + | function { $$ = $1; } + | variable { $$ = $1; } + ; + +number : NUMBER { $$ = _hx509_make_expr(expr_NUMBER, $1, NULL); }; +string : STRING { $$ = _hx509_make_expr(expr_STRING, $1, NULL); }; + +function: IDENTIFIER '(' words ')' { + $$ = _hx509_make_expr(expr_FUNCTION, $1, $3); } + ; +variable: '%' '{' variables '}' { $$ = $3; } + ; + +variables: IDENTIFIER '.' variables { + $$ = _hx509_make_expr(expr_VAR, $1, $3); } + | IDENTIFIER { + $$ = _hx509_make_expr(expr_VAR, $1, NULL); } + ; diff --git a/lib/sl/lex.c b/lib/hx509/sel-lex.c similarity index 85% rename from lib/sl/lex.c rename to lib/hx509/sel-lex.c index 57e6a7c4de90..51a5feaea2ba 100644 --- a/lib/sl/lex.c +++ b/lib/hx509/sel-lex.c @@ -1,5 +1,5 @@ -#line 3 "lex.c" +#line 3 "sel-lex.c" #define YY_INT_ALIGNED short int @@ -8,7 +8,7 @@ #define FLEX_SCANNER #define YY_FLEX_MAJOR_VERSION 2 #define YY_FLEX_MINOR_VERSION 5 -#define YY_FLEX_SUBMINOR_VERSION 33 +#define YY_FLEX_SUBMINOR_VERSION 35 #if YY_FLEX_SUBMINOR_VERSION > 0 #define FLEX_BETA #endif @@ -30,7 +30,7 @@ /* C99 systems have . Non-C99 systems may or may not. */ -#if __STDC_VERSION__ >= 199901L +#if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L /* C99 says to define __STDC_LIMIT_MACROS before including stdint.h, * if you want the limit (max/min) macros for int types. @@ -93,11 +93,12 @@ typedef unsigned int flex_uint32_t; #else /* ! __cplusplus */ -#if __STDC__ +/* C99 requires __STDC__ to be defined as 1. */ +#if defined (__STDC__) #define YY_USE_CONST -#endif /* __STDC__ */ +#endif /* defined (__STDC__) */ #endif /* ! __cplusplus */ #ifdef YY_USE_CONST @@ -151,7 +152,12 @@ typedef unsigned int flex_uint32_t; typedef struct yy_buffer_state *YY_BUFFER_STATE; #endif -extern int yyleng; +#ifndef YY_TYPEDEF_YY_SIZE_T +#define YY_TYPEDEF_YY_SIZE_T +typedef size_t yy_size_t; +#endif + +extern yy_size_t yyleng; extern FILE *yyin, *yyout; @@ -177,16 +183,6 @@ extern FILE *yyin, *yyout; #define unput(c) yyunput( c, (yytext_ptr) ) -/* The following is because we cannot portably get our hands on size_t - * (without autoconf's help, which isn't available because we want - * flex-generated scanners to compile on their own). - */ - -#ifndef YY_TYPEDEF_YY_SIZE_T -#define YY_TYPEDEF_YY_SIZE_T -typedef unsigned int yy_size_t; -#endif - #ifndef YY_STRUCT_YY_BUFFER_STATE #define YY_STRUCT_YY_BUFFER_STATE struct yy_buffer_state @@ -204,7 +200,7 @@ struct yy_buffer_state /* Number of characters read into yy_ch_buf, not including EOB * characters. */ - int yy_n_chars; + yy_size_t yy_n_chars; /* Whether we "own" the buffer - i.e., we know we created it, * and can realloc() it to grow it, and should free() it to @@ -274,8 +270,8 @@ static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */ /* yy_hold_char holds the character lost when yytext is formed. */ static char yy_hold_char; -static int yy_n_chars; /* number of characters read into yy_ch_buf */ -int yyleng; +static yy_size_t yy_n_chars; /* number of characters read into yy_ch_buf */ +yy_size_t yyleng; /* Points to current character in buffer. */ static char *yy_c_buf_p = (char *) 0; @@ -303,7 +299,7 @@ static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file ); YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size ); YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str ); -YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,int len ); +YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,yy_size_t len ); void *yyalloc (yy_size_t ); void *yyrealloc (void *,yy_size_t ); @@ -372,14 +368,12 @@ struct yy_trans_info flex_int32_t yy_verify; flex_int32_t yy_nxt; }; -static yyconst flex_int16_t yy_accept[54] = +static yyconst flex_int16_t yy_accept[36] = { 0, - 0, 0, 13, 11, 7, 8, 9, 6, 10, 10, - 10, 10, 10, 6, 10, 10, 10, 10, 10, 10, - 5, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 2, 10, 3, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 1, 4, 0 + 0, 0, 13, 12, 11, 9, 10, 8, 7, 7, + 7, 7, 7, 7, 7, 7, 7, 5, 4, 7, + 7, 3, 7, 7, 7, 7, 7, 1, 2, 7, + 7, 7, 7, 6, 0 } ; static yyconst flex_int32_t yy_ec[256] = @@ -387,17 +381,17 @@ static yyconst flex_int32_t yy_ec[256] = 1, 1, 1, 1, 1, 1, 1, 1, 2, 3, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 2, 1, 4, 5, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 6, 6, 6, + 1, 2, 4, 5, 1, 1, 4, 1, 1, 4, + 4, 1, 1, 4, 6, 4, 1, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 1, 1, 1, - 1, 1, 1, 1, 6, 6, 6, 6, 6, 6, - 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, - 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, - 1, 1, 1, 1, 7, 1, 8, 9, 10, 11, + 4, 1, 1, 1, 7, 8, 9, 10, 11, 12, + 8, 13, 14, 8, 8, 15, 16, 17, 18, 8, + 8, 19, 20, 21, 22, 8, 8, 8, 8, 8, + 1, 1, 1, 1, 6, 1, 8, 8, 8, 8, - 12, 6, 6, 6, 13, 6, 14, 15, 16, 17, - 18, 19, 20, 21, 22, 23, 24, 6, 25, 6, - 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 4, 1, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, @@ -414,61 +408,49 @@ static yyconst flex_int32_t yy_ec[256] = 1, 1, 1, 1, 1 } ; -static yyconst flex_int32_t yy_meta[26] = +static yyconst flex_int32_t yy_meta[23] = { 0, - 1, 1, 2, 1, 1, 3, 3, 3, 3, 3, - 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, - 3, 3, 3, 3, 3 + 1, 1, 1, 1, 1, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2 } ; -static yyconst flex_int16_t yy_base[57] = +static yyconst flex_int16_t yy_base[37] = { 0, - 0, 24, 69, 70, 70, 70, 70, 0, 0, 50, - 50, 54, 48, 0, 0, 48, 52, 42, 0, 45, - 0, 36, 43, 41, 49, 44, 36, 35, 30, 24, - 29, 18, 31, 18, 28, 22, 31, 0, 21, 0, - 12, 21, 24, 14, 21, 0, 2, 4, 3, 0, - 0, 0, 70, 48, 51, 3 + 0, 0, 43, 44, 44, 44, 44, 44, 25, 0, + 34, 23, 20, 16, 0, 28, 22, 0, 0, 22, + 12, 0, 13, 17, 20, 19, 13, 0, 0, 21, + 6, 17, 12, 0, 44, 22 } ; -static yyconst flex_int16_t yy_def[57] = +static yyconst flex_int16_t yy_def[37] = { 0, - 54, 54, 53, 53, 53, 53, 53, 55, 56, 56, - 56, 56, 56, 55, 56, 56, 56, 56, 56, 56, - 56, 56, 56, 56, 56, 56, 56, 56, 56, 56, - 56, 56, 56, 56, 56, 56, 56, 56, 56, 56, - 56, 56, 56, 56, 56, 56, 56, 56, 56, 56, - 56, 56, 0, 53, 53, 53 + 35, 1, 35, 35, 35, 35, 35, 35, 36, 36, + 36, 36, 36, 36, 36, 36, 36, 36, 36, 36, + 36, 36, 36, 36, 36, 36, 36, 36, 36, 36, + 36, 36, 36, 36, 0, 35 } ; -static yyconst flex_int16_t yy_nxt[96] = +static yyconst flex_int16_t yy_nxt[67] = { 0, - 4, 5, 6, 7, 8, 15, 53, 53, 53, 10, - 52, 11, 23, 24, 51, 50, 49, 53, 53, 53, - 12, 53, 48, 13, 4, 5, 6, 7, 8, 47, - 46, 45, 44, 10, 43, 11, 42, 41, 40, 39, - 38, 37, 36, 35, 12, 34, 33, 13, 9, 9, - 9, 14, 32, 14, 31, 30, 29, 28, 27, 26, - 25, 22, 21, 20, 19, 18, 17, 16, 53, 3, - 53, 53, 53, 53, 53, 53, 53, 53, 53, 53, - 53, 53, 53, 53, 53, 53, 53, 53, 53, 53, - 53, 53, 53, 53, 53 - + 4, 5, 6, 7, 8, 4, 9, 10, 10, 10, + 10, 11, 10, 12, 10, 10, 10, 13, 10, 10, + 14, 10, 20, 15, 34, 33, 32, 31, 30, 29, + 28, 27, 26, 25, 21, 24, 23, 22, 19, 18, + 17, 16, 35, 3, 35, 35, 35, 35, 35, 35, + 35, 35, 35, 35, 35, 35, 35, 35, 35, 35, + 35, 35, 35, 35, 35, 35 } ; -static yyconst flex_int16_t yy_chk[96] = +static yyconst flex_int16_t yy_chk[67] = { 0, - 1, 1, 1, 1, 1, 56, 0, 0, 0, 1, - 50, 1, 19, 19, 49, 48, 47, 0, 0, 0, - 1, 0, 46, 1, 2, 2, 2, 2, 2, 45, - 44, 43, 42, 2, 41, 2, 39, 37, 36, 35, - 34, 33, 32, 31, 2, 30, 29, 2, 54, 54, - 54, 55, 28, 55, 27, 26, 25, 24, 23, 22, - 20, 18, 17, 16, 13, 12, 11, 10, 3, 53, - 53, 53, 53, 53, 53, 53, 53, 53, 53, 53, - 53, 53, 53, 53, 53, 53, 53, 53, 53, 53, - 53, 53, 53, 53, 53 - + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 14, 36, 33, 32, 31, 30, 27, 26, + 25, 24, 23, 21, 14, 20, 17, 16, 13, 12, + 11, 9, 3, 35, 35, 35, 35, 35, 35, 35, + 35, 35, 35, 35, 35, 35, 35, 35, 35, 35, + 35, 35, 35, 35, 35, 35 } ; static yy_state_type yy_last_accepting_state; @@ -485,56 +467,74 @@ int yy_flex_debug = 0; #define YY_MORE_ADJ 0 #define YY_RESTORE_YY_MORE_OFFSET char *yytext; -#line 1 "lex.l" -#line 2 "lex.l" +#line 1 "sel-lex.l" +#line 2 "sel-lex.l" /* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004, 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#undef ECHO +/* $Id$ */ -#include "make_cmds.h" -#include "parse.h" - -RCSID("$Id: lex.l 10703 2001-09-16 23:10:10Z assar $"); - -static unsigned lineno = 1; -static int getstring(void); - -#define YY_NO_UNPUT +#ifdef HAVE_CONFIG_H +#include +#endif #undef ECHO -#line 538 "lex.c" +#include +#include +#include +#include +#include "sel.h" +#include "sel-gram.h" +unsigned lineno = 1; + +static char * handle_string(void); +static int lex_input(char *, int); + +struct hx_expr_input _hx509_expr_input; + +#ifndef YY_NULL +#define YY_NULL 0 +#endif + +#define YY_NO_UNPUT 1 + +#undef YY_INPUT +#define YY_INPUT(buf,res,maxsize) (res = lex_input(buf, maxsize)) + +#undef ECHO + +#line 538 "sel-lex.c" #define INITIAL 0 @@ -552,6 +552,35 @@ static int getstring(void); static int yy_init_globals (void ); +/* Accessor methods to globals. + These are made visible to non-reentrant scanners for convenience. */ + +int yylex_destroy (void ); + +int yyget_debug (void ); + +void yyset_debug (int debug_flag ); + +YY_EXTRA_TYPE yyget_extra (void ); + +void yyset_extra (YY_EXTRA_TYPE user_defined ); + +FILE *yyget_in (void ); + +void yyset_in (FILE * in_str ); + +FILE *yyget_out (void ); + +void yyset_out (FILE * out_str ); + +yy_size_t yyget_leng (void ); + +char *yyget_text (void ); + +int yyget_lineno (void ); + +void yyset_lineno (int line_number ); + /* Macros after this point can all be overridden by user definitions in * section 1. */ @@ -594,7 +623,7 @@ static int input (void ); /* This used to be an fputs(), but since the string might contain NUL's, * we now use fwrite(). */ -#define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) +#define ECHO fwrite( yytext, yyleng, 1, yyout ) #endif /* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, @@ -605,7 +634,7 @@ static int input (void ); if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \ { \ int c = '*'; \ - size_t n; \ + yy_size_t n; \ for ( n = 0; n < max_size && \ (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ buf[n] = (char) c; \ @@ -687,9 +716,10 @@ YY_DECL register char *yy_cp, *yy_bp; register int yy_act; -#line 52 "lex.l" +#line 68 "sel-lex.l" -#line 693 "lex.c" + +#line 723 "sel-lex.c" if ( !(yy_init) ) { @@ -742,13 +772,13 @@ YY_DECL while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 54 ) + if ( yy_current_state >= 36 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; ++yy_cp; } - while ( yy_base[yy_current_state] != 70 ); + while ( yy_base[yy_current_state] != 44 ); yy_find_action: yy_act = yy_accept[yy_current_state]; @@ -774,66 +804,69 @@ YY_DECL case 1: YY_RULE_SETUP -#line 53 "lex.l" -{ return TABLE; } +#line 70 "sel-lex.l" +{ return kw_TRUE; } YY_BREAK case 2: YY_RULE_SETUP -#line 54 "lex.l" -{ return REQUEST; } +#line 71 "sel-lex.l" +{ return kw_FALSE; } YY_BREAK case 3: YY_RULE_SETUP -#line 55 "lex.l" -{ return UNKNOWN; } +#line 72 "sel-lex.l" +{ return kw_AND; } YY_BREAK case 4: YY_RULE_SETUP -#line 56 "lex.l" -{ return UNIMPLEMENTED; } +#line 73 "sel-lex.l" +{ return kw_OR; } YY_BREAK case 5: YY_RULE_SETUP -#line 57 "lex.l" -{ return END; } +#line 74 "sel-lex.l" +{ return kw_IN; } YY_BREAK case 6: YY_RULE_SETUP -#line 58 "lex.l" -; +#line 75 "sel-lex.l" +{ return kw_TAILMATCH; } YY_BREAK case 7: YY_RULE_SETUP -#line 59 "lex.l" -; +#line 77 "sel-lex.l" +{ + yylval.string = strdup ((const char *)yytext); + return IDENTIFIER; + } YY_BREAK case 8: -/* rule 8 can match eol */ YY_RULE_SETUP -#line 60 "lex.l" -{ lineno++; } +#line 81 "sel-lex.l" +{ yylval.string = handle_string(); return STRING; } YY_BREAK case 9: +/* rule 9 can match eol */ YY_RULE_SETUP -#line 61 "lex.l" -{ return getstring(); } +#line 82 "sel-lex.l" +{ ++lineno; } YY_BREAK case 10: YY_RULE_SETUP -#line 62 "lex.l" -{ yylval.string = strdup(yytext); return STRING; } +#line 83 "sel-lex.l" +{ return *yytext; } YY_BREAK case 11: YY_RULE_SETUP -#line 63 "lex.l" -{ return *yytext; } +#line 84 "sel-lex.l" +; YY_BREAK case 12: YY_RULE_SETUP -#line 64 "lex.l" +#line 85 "sel-lex.l" ECHO; YY_BREAK -#line 837 "lex.c" +#line 870 "sel-lex.c" case YY_STATE_EOF(INITIAL): yyterminate(); @@ -1019,7 +1052,7 @@ static int yy_get_next_buffer (void) else { - int num_to_read = + yy_size_t num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; while ( num_to_read <= 0 ) @@ -1033,7 +1066,7 @@ static int yy_get_next_buffer (void) if ( b->yy_is_our_buffer ) { - int new_size = b->yy_buf_size * 2; + yy_size_t new_size = b->yy_buf_size * 2; if ( new_size <= 0 ) b->yy_buf_size += b->yy_buf_size / 8; @@ -1088,6 +1121,14 @@ static int yy_get_next_buffer (void) else ret_val = EOB_ACT_CONTINUE_SCAN; + if ((yy_size_t) ((yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) { + /* Extend the array by 50%, plus the number we really need. */ + yy_size_t new_size = (yy_n_chars) + number_to_move + ((yy_n_chars) >> 1); + YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) yyrealloc((void *) YY_CURRENT_BUFFER_LVALUE->yy_ch_buf,new_size ); + if ( ! YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) + YY_FATAL_ERROR( "out of dynamic memory in yy_get_next_buffer()" ); + } + (yy_n_chars) += number_to_move; YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR; YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR; @@ -1117,7 +1158,7 @@ static int yy_get_next_buffer (void) while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 54 ) + if ( yy_current_state >= 36 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; @@ -1145,11 +1186,11 @@ static int yy_get_next_buffer (void) while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 54 ) + if ( yy_current_state >= 36 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - yy_is_jam = (yy_current_state == 53); + yy_is_jam = (yy_current_state == 35); return yy_is_jam ? 0 : yy_current_state; } @@ -1166,7 +1207,7 @@ static int yy_get_next_buffer (void) if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) { /* need to shift things up to make room */ /* +2 for EOB chars. */ - register int number_to_move = (yy_n_chars) + 2; + register yy_size_t number_to_move = (yy_n_chars) + 2; register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[ YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2]; register char *source = @@ -1215,7 +1256,7 @@ static int yy_get_next_buffer (void) else { /* need more input */ - int offset = (yy_c_buf_p) - (yytext_ptr); + yy_size_t offset = (yy_c_buf_p) - (yytext_ptr); ++(yy_c_buf_p); switch ( yy_get_next_buffer( ) ) @@ -1491,7 +1532,7 @@ void yypop_buffer_state (void) */ static void yyensure_buffer_stack (void) { - int num_to_alloc; + yy_size_t num_to_alloc; if (!(yy_buffer_stack)) { @@ -1503,7 +1544,9 @@ static void yyensure_buffer_stack (void) (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc (num_to_alloc * sizeof(struct yy_buffer_state*) ); - + if ( ! (yy_buffer_stack) ) + YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); + memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*)); (yy_buffer_stack_max) = num_to_alloc; @@ -1521,6 +1564,8 @@ static void yyensure_buffer_stack (void) ((yy_buffer_stack), num_to_alloc * sizeof(struct yy_buffer_state*) ); + if ( ! (yy_buffer_stack) ) + YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); /* zero only the new slots.*/ memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*)); @@ -1565,7 +1610,7 @@ YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size ) /** Setup the input buffer state to scan a string. The next call to yylex() will * scan from a @e copy of @a str. - * @param str a NUL-terminated string to scan + * @param yystr a NUL-terminated string to scan * * @return the newly allocated buffer state object. * @note If you want to scan bytes that may contain NUL values, then use @@ -1584,12 +1629,11 @@ YY_BUFFER_STATE yy_scan_string (yyconst char * yystr ) * * @return the newly allocated buffer state object. */ -YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, int _yybytes_len ) +YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, yy_size_t _yybytes_len ) { YY_BUFFER_STATE b; char *buf; - yy_size_t n; - int i; + yy_size_t n, i; /* Get memory for full buffer, including space for trailing EOB's. */ n = _yybytes_len + 2; @@ -1671,7 +1715,7 @@ FILE *yyget_out (void) /** Get the length of the current token. * */ -int yyget_leng (void) +yy_size_t yyget_leng (void) { return yyleng; } @@ -1819,42 +1863,31 @@ void yyfree (void * ptr ) #define YYTABLES_NAME "yytables" -#line 64 "lex.l" +#line 85 "sel-lex.l" -#ifndef yywrap /* XXX */ -int -yywrap () +static char * +handle_string(void) { - return 1; -} -#endif - -static int -getstring(void) -{ - char x[128]; + char x[1024]; int i = 0; int c; - int backslash = 0; + int quote = 0; while((c = input()) != EOF){ - if(backslash) { - if(c == 'n') - c = '\n'; - else if(c == 't') - c = '\t'; + if(quote) { + x[i++] = '\\'; x[i++] = c; - backslash = 0; + quote = 0; continue; } if(c == '\n'){ - error_message("unterminated string"); + _hx509_sel_yyerror("unterminated string"); lineno++; break; } if(c == '\\'){ - backslash++; + quote++; continue; } if(c == '\"') @@ -1862,19 +1895,29 @@ getstring(void) x[i++] = c; } x[i] = '\0'; - yylval.string = strdup(x); - return STRING; + return strdup(x); } -void -error_message (const char *format, ...) +int +yywrap () { - va_list args; - - va_start (args, format); - fprintf (stderr, "%s:%d: ", filename, lineno); - vfprintf (stderr, format, args); - va_end (args); - numerror++; + return 1; +} + +static int +lex_input(char *buf, int max_size) +{ + int n; + + n = _hx509_expr_input.length - _hx509_expr_input.offset; + if (max_size < n) + n = max_size; + if (n <= 0) + return YY_NULL; + + memcpy(buf, _hx509_expr_input.buf + _hx509_expr_input.offset, n); + _hx509_expr_input.offset += n; + + return n; } diff --git a/lib/hx509/sel-lex.l b/lib/hx509/sel-lex.l new file mode 100644 index 000000000000..4c9396750a34 --- /dev/null +++ b/lib/hx509/sel-lex.l @@ -0,0 +1,139 @@ +%{ +/* + * Copyright (c) 2004, 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#undef ECHO + +#include +#include +#include +#include +#include "sel.h" +#include "sel-gram.h" +unsigned lineno = 1; + +static char * handle_string(void); +static int lex_input(char *, int); + +struct hx_expr_input _hx509_expr_input; + +#ifndef YY_NULL +#define YY_NULL 0 +#endif + +#define YY_NO_UNPUT 1 + +#undef YY_INPUT +#define YY_INPUT(buf,res,maxsize) (res = lex_input(buf, maxsize)) + +#undef ECHO + +%} +%% + +TRUE { return kw_TRUE; } +FALSE { return kw_FALSE; } +AND { return kw_AND; } +OR { return kw_OR; } +IN { return kw_IN; } +TAILMATCH { return kw_TAILMATCH; } + +[A-Za-z][-A-Za-z0-9_]* { + yylval.string = strdup ((const char *)yytext); + return IDENTIFIER; + } +"\"" { yylval.string = handle_string(); return STRING; } +\n { ++lineno; } +[,.!={}()%] { return *yytext; } +[ \t] ; +%% + +static char * +handle_string(void) +{ + char x[1024]; + int i = 0; + int c; + int quote = 0; + while((c = input()) != EOF){ + if(quote) { + x[i++] = '\\'; + x[i++] = c; + quote = 0; + continue; + } + if(c == '\n'){ + _hx509_sel_yyerror("unterminated string"); + lineno++; + break; + } + if(c == '\\'){ + quote++; + continue; + } + if(c == '\"') + break; + x[i++] = c; + } + x[i] = '\0'; + return strdup(x); +} + +int +yywrap () +{ + return 1; +} + +static int +lex_input(char *buf, int max_size) +{ + int n; + + n = _hx509_expr_input.length - _hx509_expr_input.offset; + if (max_size < n) + n = max_size; + if (n <= 0) + return YY_NULL; + + memcpy(buf, _hx509_expr_input.buf + _hx509_expr_input.offset, n); + _hx509_expr_input.offset += n; + + return n; +} diff --git a/lib/hx509/sel.c b/lib/hx509/sel.c new file mode 100644 index 000000000000..6930b50f7cda --- /dev/null +++ b/lib/hx509/sel.c @@ -0,0 +1,233 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hx_locl.h" + +struct hx_expr * +_hx509_make_expr(enum hx_expr_op op, void *arg1, void *arg2) +{ + struct hx_expr *expr; + + expr = malloc(sizeof(*expr)); + if (expr == NULL) + return NULL; + expr->op = op; + expr->arg1 = arg1; + expr->arg2 = arg2; + + return expr; +} + +static const char * +eval_word(hx509_context context, hx509_env env, struct hx_expr *word) +{ + switch (word->op) { + case expr_STRING: + return word->arg1; + case expr_VAR: + if (word->arg2 == NULL) + return hx509_env_find(context, env, word->arg1); + + env = hx509_env_find_binding(context, env, word->arg1); + if (env == NULL) + return NULL; + + return eval_word(context, env, word->arg2); + default: + return NULL; + } +} + +static hx509_env +find_variable(hx509_context context, hx509_env env, struct hx_expr *word) +{ + assert(word->op == expr_VAR); + + if (word->arg2 == NULL) + return hx509_env_find_binding(context, env, word->arg1); + + env = hx509_env_find_binding(context, env, word->arg1); + if (env == NULL) + return NULL; + return find_variable(context, env, word->arg2); +} + +static int +eval_comp(hx509_context context, hx509_env env, struct hx_expr *expr) +{ + switch (expr->op) { + case comp_NE: + case comp_EQ: + case comp_TAILEQ: { + const char *s1, *s2; + int ret; + + s1 = eval_word(context, env, expr->arg1); + s2 = eval_word(context, env, expr->arg2); + + if (s1 == NULL || s2 == NULL) + return FALSE; + + if (expr->op == comp_TAILEQ) { + size_t len1 = strlen(s1); + size_t len2 = strlen(s2); + + if (len1 < len2) + return 0; + ret = strcmp(s1 + (len1 - len2), s2) == 0; + } else { + ret = strcmp(s1, s2) == 0; + if (expr->op == comp_NE) + ret = !ret; + } + return ret; + } + case comp_IN: { + struct hx_expr *subexpr; + const char *w, *s1; + + w = eval_word(context, env, expr->arg1); + + subexpr = expr->arg2; + + if (subexpr->op == expr_WORDS) { + while (subexpr) { + s1 = eval_word(context, env, subexpr->arg1); + if (strcmp(w, s1) == 0) + return TRUE; + subexpr = subexpr->arg2; + } + } else if (subexpr->op == expr_VAR) { + hx509_env subenv; + + subenv = find_variable(context, env, subexpr); + if (subenv == NULL) + return FALSE; + + while (subenv) { + if (subenv->type != env_string) + continue; + if (strcmp(w, subenv->name) == 0) + return TRUE; + if (strcmp(w, subenv->u.string) == 0) + return TRUE; + subenv = subenv->next; + } + + } else + _hx509_abort("hx509 eval IN unknown op: %d", (int)subexpr->op); + + return FALSE; + } + default: + _hx509_abort("hx509 eval expr with unknown op: %d", (int)expr->op); + } + return FALSE; +} + +int +_hx509_expr_eval(hx509_context context, hx509_env env, struct hx_expr *expr) +{ + switch (expr->op) { + case op_TRUE: + return 1; + case op_FALSE: + return 0; + case op_NOT: + return ! _hx509_expr_eval(context, env, expr->arg1); + case op_AND: + return _hx509_expr_eval(context, env, expr->arg1) && + _hx509_expr_eval(context, env, expr->arg2); + case op_OR: + return _hx509_expr_eval(context, env, expr->arg1) || + _hx509_expr_eval(context, env, expr->arg2); + case op_COMP: + return eval_comp(context, env, expr->arg1); + default: + _hx509_abort("hx509 eval expr with unknown op: %d", (int)expr->op); + UNREACHABLE(return 0); + } +} + +void +_hx509_expr_free(struct hx_expr *expr) +{ + switch (expr->op) { + case expr_STRING: + case expr_NUMBER: + free(expr->arg1); + break; + case expr_WORDS: + case expr_FUNCTION: + case expr_VAR: + free(expr->arg1); + if (expr->arg2) + _hx509_expr_free(expr->arg2); + break; + default: + if (expr->arg1) + _hx509_expr_free(expr->arg1); + if (expr->arg2) + _hx509_expr_free(expr->arg2); + break; + } + free(expr); +} + +struct hx_expr * +_hx509_expr_parse(const char *buf) +{ + _hx509_expr_input.buf = buf; + _hx509_expr_input.length = strlen(buf); + _hx509_expr_input.offset = 0; + _hx509_expr_input.expr = NULL; + + if (_hx509_expr_input.error) { + free(_hx509_expr_input.error); + _hx509_expr_input.error = NULL; + } + + yyparse(); + + return _hx509_expr_input.expr; +} + +void +_hx509_sel_yyerror (const char *s) +{ + if (_hx509_expr_input.error) + free(_hx509_expr_input.error); + + _hx509_expr_input.error = strdup(s); +} + diff --git a/lib/hx509/sel.h b/lib/hx509/sel.h new file mode 100644 index 000000000000..177ec0a65b27 --- /dev/null +++ b/lib/hx509/sel.h @@ -0,0 +1,82 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +enum hx_expr_op { + op_TRUE, + op_FALSE, + op_NOT, + op_AND, + op_OR, + op_COMP, + + comp_EQ, + comp_NE, + comp_IN, + comp_TAILEQ, + + expr_NUMBER, + expr_STRING, + expr_FUNCTION, + expr_VAR, + expr_WORDS +}; + +struct hx_expr { + enum hx_expr_op op; + void *arg1; + void *arg2; +}; + +struct hx_expr_input { + const char *buf; + size_t length; + size_t offset; + struct hx_expr *expr; + char *error; +}; + +extern struct hx_expr_input _hx509_expr_input; + +#define yyparse _hx509_sel_yyparse +#define yylex _hx509_sel_yylex +#define yyerror _hx509_sel_yyerror +#define yylval _hx509_sel_yylval +#define yychar _hx509_sel_yychar +#define yydebug _hx509_sel_yydebug +#define yynerrs _hx509_sel_yynerrs +#define yywrap _hx509_sel_yywrap + +int _hx509_sel_yyparse(void); +int _hx509_sel_yylex(void); +void _hx509_sel_yyerror(const char *); + diff --git a/lib/hx509/softp11.c b/lib/hx509/softp11.c index 86bb1d6dbe75..38f587e0fea2 100644 --- a/lib/hx509/softp11.c +++ b/lib/hx509/softp11.c @@ -1,36 +1,38 @@ /* - * Copyright (c) 2004 - 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ +#define CRYPTOKI_EXPORTS 1 + #include "hx_locl.h" #include "pkcs11.h" @@ -38,6 +40,14 @@ #define HANDLE_OBJECT_ID(h) ((h) & OBJECT_ID_MASK) #define OBJECT_ID(obj) HANDLE_OBJECT_ID((obj)->object_handle) +#ifndef HAVE_RANDOM +#define random() rand() +#define srandom(s) srand(s) +#endif + +#ifdef _WIN32 +#include +#endif struct st_attr { CK_ATTRIBUTE attribute; @@ -127,11 +137,12 @@ snprintf_fill(char *str, size_t size, char fillchar, const char *fmt, ...) { int len; va_list ap; + va_start(ap, fmt); len = vsnprintf(str, size, fmt, ap); va_end(ap); - if (len < 0 || len > size) + if (len < 0 || (size_t)len > size) return; - while(len < size) + while ((size_t)len < size) str[len++] = fillchar; } @@ -141,9 +152,9 @@ snprintf_fill(char *str, size_t size, char fillchar, const char *fmt, ...) #define VERIFY_SESSION_HANDLE(s, state) \ { \ - CK_RV ret; \ - ret = verify_session_handle(s, state); \ - if (ret != CKR_OK) { \ + CK_RV xret; \ + xret = verify_session_handle(s, state); \ + if (xret != CKR_OK) { \ /* return CKR_OK */; \ } \ } @@ -152,7 +163,7 @@ static CK_RV verify_session_handle(CK_SESSION_HANDLE hSession, struct session_state **state) { - int i; + size_t i; for (i = 0; i < MAX_NUM_SESSION; i++){ if (soft_token.state[i].session_handle == hSession) @@ -295,13 +306,10 @@ add_st_object(void) struct st_object *o, **objs; int i; - o = malloc(sizeof(*o)); + o = calloc(1, sizeof(*o)); if (o == NULL) return NULL; - memset(o, 0, sizeof(*o)); - o->attrs = NULL; - o->num_attributes = 0; - + for (i = 0; i < soft_token.object.num_objs; i++) { if (soft_token.object.objs == NULL) { soft_token.object.objs[i] = o; @@ -317,7 +325,7 @@ add_st_object(void) } soft_token.object.objs = objs; soft_token.object.objs[soft_token.object.num_objs++] = o; - } + } soft_token.object.objs[i]->object_handle = (random() & (~OBJECT_ID_MASK)) | i; @@ -325,7 +333,7 @@ add_st_object(void) } static CK_RV -add_object_attribute(struct st_object *o, +add_object_attribute(struct st_object *o, int secret, CK_ATTRIBUTE_TYPE type, CK_VOID_PTR pValue, @@ -361,14 +369,14 @@ add_pubkey_info(hx509_context hxctx, struct st_object *o, CK_ULONG modulus_bits = 0; CK_BYTE *exponent = NULL; size_t exponent_len = 0; - + if (key_type != CKK_RSA) return CKR_OK; if (_hx509_cert_private_key(cert) == NULL) return CKR_OK; - num = _hx509_private_key_get_internal(context, - _hx509_cert_private_key(cert), + num = _hx509_private_key_get_internal(context, + _hx509_cert_private_key(cert), "rsa-modulus"); if (num == NULL) return CKR_GENERAL_ERROR; @@ -384,9 +392,9 @@ add_pubkey_info(hx509_context hxctx, struct st_object *o, &modulus_bits, sizeof(modulus_bits)); free(modulus); - - num = _hx509_private_key_get_internal(context, - _hx509_cert_private_key(cert), + + num = _hx509_private_key_get_internal(context, + _hx509_cert_private_key(cert), "rsa-exponent"); if (num == NULL) return CKR_GENERAL_ERROR; @@ -413,6 +421,7 @@ struct foo { static int add_cert(hx509_context hxctx, void *ctx, hx509_cert cert) { + static char empty[] = ""; struct foo *foo = (struct foo *)ctx; struct st_object *o = NULL; CK_OBJECT_CLASS type; @@ -512,8 +521,8 @@ add_cert(hx509_context hxctx, void *ctx, hx509_cert cert) add_object_attribute(o, 0, CKA_KEY_TYPE, &key_type, sizeof(key_type)); add_object_attribute(o, 0, CKA_ID, foo->id, strlen(foo->id)); - add_object_attribute(o, 0, CKA_START_DATE, "", 1); /* XXX */ - add_object_attribute(o, 0, CKA_END_DATE, "", 1); /* XXX */ + add_object_attribute(o, 0, CKA_START_DATE, empty, 1); /* XXX */ + add_object_attribute(o, 0, CKA_END_DATE, empty, 1); /* XXX */ add_object_attribute(o, 0, CKA_DERIVE, &bool_false, sizeof(bool_false)); add_object_attribute(o, 0, CKA_LOCAL, &bool_false, sizeof(bool_false)); mech_type = CKM_RSA_X_509; @@ -549,8 +558,8 @@ add_cert(hx509_context hxctx, void *ctx, hx509_cert cert) add_object_attribute(o, 0, CKA_KEY_TYPE, &key_type, sizeof(key_type)); add_object_attribute(o, 0, CKA_ID, foo->id, strlen(foo->id)); - add_object_attribute(o, 0, CKA_START_DATE, "", 1); /* XXX */ - add_object_attribute(o, 0, CKA_END_DATE, "", 1); /* XXX */ + add_object_attribute(o, 0, CKA_START_DATE, empty, 1); /* XXX */ + add_object_attribute(o, 0, CKA_END_DATE, empty, 1); /* XXX */ add_object_attribute(o, 0, CKA_DERIVE, &bool_false, sizeof(bool_false)); add_object_attribute(o, 0, CKA_LOCAL, &bool_false, sizeof(bool_false)); mech_type = CKM_RSA_X_509; @@ -621,7 +630,7 @@ add_certificate(const char *cert_file, return CKR_GENERAL_ERROR; } - ret = hx509_certs_iter(context, certs, add_cert, &foo); + ret = hx509_certs_iter_f(context, certs, add_cert, &foo); hx509_certs_free(&certs); if (ret) { st_logf("failed adding certs from file %s\n", cert_file); @@ -685,40 +694,43 @@ static CK_RV read_conf_file(const char *fn, CK_USER_TYPE userType, const char *pin) { char buf[1024], *type, *s, *p; - int anchor; FILE *f; CK_RV ret = CKR_OK; CK_RV failed = CKR_OK; + if (fn == NULL) { + st_logf("Can't open configuration file. No file specified\n"); + return CKR_GENERAL_ERROR; + } + f = fopen(fn, "r"); if (f == NULL) { st_logf("can't open configuration file %s\n", fn); return CKR_GENERAL_ERROR; } + rk_cloexec_file(f); while(fgets(buf, sizeof(buf), f) != NULL) { buf[strcspn(buf, "\n")] = '\0'; - anchor = 0; - st_logf("line: %s\n", buf); p = buf; - while (isspace(*p)) + while (isspace((unsigned char)*p)) p++; if (*p == '#') continue; - while (isspace(*p)) + while (isspace((unsigned char)*p)) p++; s = NULL; type = strtok_r(p, "\t", &s); if (type == NULL) continue; - + if (strcasecmp("certificate", type) == 0) { char *cert, *id, *label; - + id = strtok_r(NULL, "\t", &s); if (id == NULL) { st_logf("no id\n"); @@ -735,9 +747,9 @@ read_conf_file(const char *fn, CK_USER_TYPE userType, const char *pin) st_logf("no certfiicate store\n"); continue; } - + st_logf("adding: %s: %s in file %s\n", id, label, cert); - + ret = add_certificate(cert, pin, id, label); if (ret) failed = ret; @@ -755,11 +767,14 @@ read_conf_file(const char *fn, CK_USER_TYPE userType, const char *pin) if (strcasecmp(name, "stdout") == 0) soft_token.logfile = stdout; - else + else { soft_token.logfile = fopen(name, "a"); + if (soft_token.logfile) + rk_cloexec_file(soft_token.logfile); + } if (soft_token.logfile == NULL) st_logf("failed to open file: %s\n", name); - + } else if (strcasecmp("app-fatal", type) == 0) { char *name; @@ -793,12 +808,59 @@ func_not_supported(void) return CKR_FUNCTION_NOT_SUPPORTED; } -CK_RV +static char * +get_config_file_for_user(void) +{ + char *fn = NULL; + +#ifndef _WIN32 + char *home = NULL; + + if (!issuid()) { + fn = getenv("SOFTPKCS11RC"); + if (fn) + fn = strdup(fn); + home = getenv("HOME"); + } + if (fn == NULL && home == NULL) { + struct passwd *pw = getpwuid(getuid()); + if(pw != NULL) + home = pw->pw_dir; + } + if (fn == NULL) { + if (home) + asprintf(&fn, "%s/.soft-token.rc", home); + else + fn = strdup("/etc/soft-token.rc"); + } +#else /* Windows */ + + char appdatafolder[MAX_PATH]; + + fn = getenv("SOFTPKCS11RC"); + + /* Retrieve the roaming AppData folder for the current user. The + current user is the user account represented by the current + thread token. */ + + if (fn == NULL && + SUCCEEDED(SHGetFolderPath(NULL, CSIDL_APPDATA, NULL, SHGFP_TYPE_CURRENT, appdatafolder))) { + + asprintf(&fn, "%s\\.soft-token.rc", appdatafolder); + } + +#endif /* _WIN32 */ + + return fn; +} + + +CK_RV CK_SPEC C_Initialize(CK_VOID_PTR a) { CK_C_INITIALIZE_ARGS_PTR args = a; CK_RV ret; - int i; + size_t i; st_logf("Initialize\n"); @@ -806,7 +868,7 @@ C_Initialize(CK_VOID_PTR a) OpenSSL_add_all_algorithms(); - srandom(getpid() ^ time(NULL)); + srandom(getpid() ^ (int) time(NULL)); for (i = 0; i < MAX_NUM_SESSION; i++) { soft_token.state[i].session_handle = CK_INVALID_HANDLE; @@ -822,7 +884,7 @@ C_Initialize(CK_VOID_PTR a) soft_token.object.objs = NULL; soft_token.object.num_objs = 0; - + soft_token.logfile = NULL; #if 0 soft_token.logfile = stdout; @@ -839,29 +901,7 @@ C_Initialize(CK_VOID_PTR a) st_logf("\tFlags\t%04x\n", (unsigned int)args->flags); } - { - char *fn = NULL, *home = NULL; - - if (getuid() == geteuid()) { - fn = getenv("SOFTPKCS11RC"); - if (fn) - fn = strdup(fn); - home = getenv("HOME"); - } - if (fn == NULL && home == NULL) { - struct passwd *pw = getpwuid(getuid()); - if(pw != NULL) - home = pw->pw_dir; - } - if (fn == NULL) { - if (home) - asprintf(&fn, "%s/.soft-token.rc", home); - else - fn = strdup("/etc/soft-token.rc"); - } - - soft_token.config_file = fn; - } + soft_token.config_file = get_config_file_for_user(); /* * This operations doesn't return CKR_OK if any of the @@ -877,7 +917,7 @@ C_Initialize(CK_VOID_PTR a) CK_RV C_Finalize(CK_VOID_PTR args) { - int i; + size_t i; INIT_CONTEXT(); @@ -904,11 +944,11 @@ C_GetInfo(CK_INFO_PTR args) memset(args, 17, sizeof(*args)); args->cryptokiVersion.major = 2; args->cryptokiVersion.minor = 10; - snprintf_fill((char *)args->manufacturerID, + snprintf_fill((char *)args->manufacturerID, sizeof(args->manufacturerID), ' ', "Heimdal hx509 SoftToken"); - snprintf_fill((char *)args->libraryDescription, + snprintf_fill((char *)args->libraryDescription, sizeof(args->libraryDescription), ' ', "Heimdal hx509 SoftToken"); args->libraryVersion.major = 2; @@ -954,7 +994,7 @@ C_GetSlotInfo(CK_SLOT_ID slotID, if (slotID != 1) return CKR_ARGUMENTS_BAD; - snprintf_fill((char *)pInfo->slotDescription, + snprintf_fill((char *)pInfo->slotDescription, sizeof(pInfo->slotDescription), ' ', "Heimdal hx509 SoftToken (slot)"); @@ -969,7 +1009,7 @@ C_GetSlotInfo(CK_SLOT_ID slotID, pInfo->hardwareVersion.minor = 0; pInfo->firmwareVersion.major = 1; pInfo->firmwareVersion.minor = 0; - + return CKR_OK; } @@ -978,15 +1018,15 @@ C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo) { INIT_CONTEXT(); - st_logf("GetTokenInfo: %s\n", has_session()); + st_logf("GetTokenInfo: %s\n", has_session()); memset(pInfo, 19, sizeof(*pInfo)); - snprintf_fill((char *)pInfo->label, + snprintf_fill((char *)pInfo->label, sizeof(pInfo->label), ' ', "Heimdal hx509 SoftToken (token)"); - snprintf_fill((char *)pInfo->manufacturerID, + snprintf_fill((char *)pInfo->manufacturerID, sizeof(pInfo->manufacturerID), ' ', "Heimdal hx509 SoftToken (token)"); @@ -994,12 +1034,12 @@ C_GetTokenInfo(CK_SLOT_ID slotID, sizeof(pInfo->model), ' ', "Heimdal hx509 SoftToken (token)"); - snprintf_fill((char *)pInfo->serialNumber, + snprintf_fill((char *)pInfo->serialNumber, sizeof(pInfo->serialNumber), ' ', "4711"); - pInfo->flags = - CKF_TOKEN_INITIALIZED | + pInfo->flags = + CKF_TOKEN_INITIALIZED | CKF_USER_PIN_INITIALIZED; if (soft_token.flags.login_done == 0) @@ -1073,10 +1113,10 @@ C_OpenSession(CK_SLOT_ID slotID, CK_NOTIFY Notify, CK_SESSION_HANDLE_PTR phSession) { - int i; + size_t i; INIT_CONTEXT(); st_logf("OpenSession: slot: %d\n", (int)slotID); - + if (soft_token.open_sessions == MAX_NUM_SESSION) return CKR_SESSION_COUNT; @@ -1116,7 +1156,7 @@ C_CloseSession(CK_SESSION_HANDLE hSession) CK_RV C_CloseAllSessions(CK_SLOT_ID slotID) { - int i; + size_t i; INIT_CONTEXT(); st_logf("CloseAllSessions\n"); @@ -1134,7 +1174,7 @@ C_GetSessionInfo(CK_SESSION_HANDLE hSession, { st_logf("GetSessionInfo\n"); INIT_CONTEXT(); - + VERIFY_SESSION_HANDLE(hSession, NULL); memset(pInfo, 20, sizeof(*pInfo)); @@ -1178,7 +1218,7 @@ C_Login(CK_SESSION_HANDLE hSession, soft_token.flags.login_done = 1; free(pin); - + return soft_token.flags.login_done ? CKR_OK : CKR_PIN_INCORRECT; } @@ -1276,12 +1316,12 @@ C_FindObjectsInit(CK_SESSION_HANDLE hSession, print_attributes(pTemplate, ulCount); - state->find.attributes = + state->find.attributes = calloc(1, ulCount * sizeof(state->find.attributes[0])); if (state->find.attributes == NULL) return CKR_DEVICE_MEMORY; for (i = 0; i < ulCount; i++) { - state->find.attributes[i].pValue = + state->find.attributes[i].pValue = malloc(pTemplate[i].ulValueLen); if (state->find.attributes[i].pValue == NULL) { find_object_final(state); @@ -1390,7 +1430,7 @@ commonInit(CK_ATTRIBUTE *attr_match, int attr_match_len, static CK_RV -dup_mechanism(CK_MECHANISM_PTR *dup, const CK_MECHANISM_PTR pMechanism) +dup_mechanism(CK_MECHANISM_PTR *dp, const CK_MECHANISM_PTR pMechanism) { CK_MECHANISM_PTR p; @@ -1398,9 +1438,9 @@ dup_mechanism(CK_MECHANISM_PTR *dup, const CK_MECHANISM_PTR pMechanism) if (p == NULL) return CKR_DEVICE_MEMORY; - if (*dup) - free(*dup); - *dup = p; + if (*dp) + free(*dp); + *dp = p; memcpy(p, pMechanism, sizeof(*p)); return CKR_OK; @@ -1433,15 +1473,15 @@ C_SignInit(CK_SESSION_HANDLE hSession, INIT_CONTEXT(); st_logf("SignInit\n"); VERIFY_SESSION_HANDLE(hSession, &state); - - ret = commonInit(attr, sizeof(attr)/sizeof(attr[0]), + + ret = commonInit(attr, sizeof(attr)/sizeof(attr[0]), mechs, sizeof(mechs)/sizeof(mechs[0]), pMechanism, hKey, &o); if (ret) return ret; ret = dup_mechanism(&state->sign_mechanism, pMechanism); - if (ret == CKR_OK) + if (ret == CKR_OK) state->sign_object = OBJECT_ID(o); return CKR_OK; @@ -1457,7 +1497,7 @@ C_Sign(CK_SESSION_HANDLE hSession, struct session_state *state; struct st_object *o; CK_RV ret; - uint hret; + int hret; const AlgorithmIdentifier *alg; heim_octet_string sig, data; @@ -1498,7 +1538,7 @@ C_Sign(CK_SESSION_HANDLE hSession, ret = CKR_FUNCTION_NOT_SUPPORTED; goto out; } - + data.data = pData; data.length = ulDataLen; @@ -1566,17 +1606,17 @@ C_VerifyInit(CK_SESSION_HANDLE hSession, INIT_CONTEXT(); st_logf("VerifyInit\n"); VERIFY_SESSION_HANDLE(hSession, &state); - - ret = commonInit(attr, sizeof(attr)/sizeof(attr[0]), + + ret = commonInit(attr, sizeof(attr)/sizeof(attr[0]), mechs, sizeof(mechs)/sizeof(mechs[0]), pMechanism, hKey, &o); if (ret) return ret; ret = dup_mechanism(&state->verify_mechanism, pMechanism); - if (ret == CKR_OK) + if (ret == CKR_OK) state->verify_object = OBJECT_ID(o); - + return ret; } @@ -1618,7 +1658,7 @@ C_Verify(CK_SESSION_HANDLE hSession, data.length = ulSignatureLen; hret = _hx509_verify_signature(context, - _hx509_get_cert(o->cert), + o->cert, alg, &data, &sig); diff --git a/lib/hx509/test_ca.in b/lib/hx509/test_ca.in index 5cc124d3bc7b..2ca294ea79e9 100644 --- a/lib/hx509/test_ca.in +++ b/lib/hx509/test_ca.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan +# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $Id: test_ca.in 21345 2007-06-26 14:22:57Z lha $ +# $Id$ # srcdir="@srcdir@" diff --git a/lib/hx509/test_cert.in b/lib/hx509/test_cert.in index ed04bfac3b73..6cbf21bf0571 100644 --- a/lib/hx509/test_cert.in +++ b/lib/hx509/test_cert.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2007 Kungliga Tekniska Högskolan +# Copyright (c) 2007 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # @@ -65,5 +65,20 @@ ${hxtool} certificate-copy DER-FILE:cert-der.tmp PEM-FILE:cert-pem2.tmp || exit cmp cert-pem.tmp cert-pem2.tmp || exit 1 +echo "verify n0ll cert (fail)" +${hxtool} verify --missing-revoke \ + --hostname=foo.com \ + cert:FILE:$srcdir/data/n0ll.pem \ + anchor:FILE:$srcdir/data/n0ll.pem && exit 1 + +echo "verify n0ll cert (fail)" +${hxtool} verify --missing-revoke \ + cert:FILE:$srcdir/data/n0ll.pem \ + anchor:FILE:$srcdir/data/n0ll.pem && exit 1 + +echo "check that windows cert with utf16 in printable string works" +${hxtool} verify --missing-revoke \ + cert:FILE:$srcdir/data/win-u16-in-printablestring.der \ + anchor:FILE:$srcdir/data/win-u16-in-printablestring.der || exit 1 exit 0 diff --git a/lib/hx509/test_chain.in b/lib/hx509/test_chain.in index a99ae5e4cb54..df551d9c0a93 100644 --- a/lib/hx509/test_chain.in +++ b/lib/hx509/test_chain.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan +# Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $Id: test_chain.in 21278 2007-06-25 04:54:43Z lha $ +# $Id$ # srcdir="@srcdir@" @@ -187,6 +187,20 @@ ${hxtool} verify \ anchor:FILE:$srcdir/data/ca.crt \ crl:FILE:$srcdir/data/crl1.der > /dev/null && exit 1 +if ${hxtool} info | grep 'ecdsa: hcrypto null' > /dev/null ; then + echo "not testing ECDSA since hcrypto doesnt support ECDSA" +else + echo "eccert -> root" + ${hxtool} verify --missing-revoke \ + cert:FILE:$srcdir/data/secp160r2TestServer.cert.pem \ + anchor:FILE:$srcdir/data/secp160r1TestCA.cert.pem > /dev/null || exit 1 + + echo "eccert -> root" + ${hxtool} verify --missing-revoke \ + cert:FILE:$srcdir/data/secp160r2TestClient.cert.pem \ + anchor:FILE:$srcdir/data/secp160r1TestCA.cert.pem > /dev/null || exit 1 +fi + echo "proxy cert" ${hxtool} verify --missing-revoke \ --allow-proxy-certificate \ diff --git a/lib/hx509/test_cms.in b/lib/hx509/test_cms.in index a89e81023530..d519d25a22b2 100644 --- a/lib/hx509/test_cms.in +++ b/lib/hx509/test_cms.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2005 Kungliga Tekniska Högskolan +# Copyright (c) 2005 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $Id: test_cms.in 21311 2007-06-25 18:26:37Z lha $ +# $Id$ # srcdir="@srcdir@" @@ -48,6 +48,23 @@ if ${hxtool} info | grep 'rand: not available' > /dev/null ; then exit 77 fi +if ${hxtool} info | grep 'ecdsa: hcrypto null' > /dev/null ; then + echo "not testing ECDSA since hcrypto doesnt support ECDSA" +else + echo "create signed data (ec)" + ${hxtool} cms-create-sd \ + --certificate=FILE:$srcdir/data/secp160r2TestClient.pem \ + "$srcdir/test_chain.in" \ + sd.data > /dev/null || exit 1 + + echo "verify signed data (ec)" + ${hxtool} cms-verify-sd \ + --missing-revoke \ + --anchors=FILE:$srcdir/data/secp160r1TestCA.cert.pem \ + sd.data sd.data.out > /dev/null || exit 1 + cmp "$srcdir/test_chain.in" sd.data.out || exit 1 +fi + echo "create signed data" ${hxtool} cms-create-sd \ --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ @@ -61,6 +78,29 @@ ${hxtool} cms-verify-sd \ sd.data sd.data.out > /dev/null || exit 1 cmp "$srcdir/test_chain.in" sd.data.out || exit 1 +echo "create signed data (no signer)" +${hxtool} cms-create-sd \ + --no-signer \ + --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ + "$srcdir/test_chain.in" \ + sd.data > /dev/null || exit 1 + +echo "verify signed data (no signer)" +${hxtool} cms-verify-sd \ + --missing-revoke \ + --no-signer-allowed \ + --anchors=FILE:$srcdir/data/ca.crt \ + sd.data sd.data.out > signer.tmp || exit 1 +cmp "$srcdir/test_chain.in" sd.data.out || exit 1 +grep "unsigned" signer.tmp > /dev/null || exit 1 + +echo "verify signed data (no signer) (test failure)" +${hxtool} cms-verify-sd \ + --missing-revoke \ + --anchors=FILE:$srcdir/data/ca.crt \ + sd.data sd.data.out 2> signer.tmp && exit 1 +grep "No signers where found" signer.tmp > /dev/null || exit 1 + echo "create signed data (id-by-name)" ${hxtool} cms-create-sd \ --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ @@ -145,6 +185,14 @@ ${hxtool} cms-create-sd \ "$srcdir/test_chain.in" \ sd.data > /dev/null || exit 1 +echo "verify signed data (pem)" +${hxtool} cms-verify-sd \ + --missing-revoke \ + --anchors=FILE:$srcdir/data/ca.crt \ + --pem \ + sd.data sd.data.out > /dev/null +cmp "$srcdir/test_chain.in" sd.data.out || exit 1 + echo "create signed data (pem, detached)" ${hxtool} cms-create-sd \ --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ @@ -153,6 +201,15 @@ ${hxtool} cms-create-sd \ "$srcdir/test_chain.in" \ sd.data > /dev/null || exit 1 +echo "verify signed data (pem, detached)" +${hxtool} cms-verify-sd \ + --missing-revoke \ + --anchors=FILE:$srcdir/data/ca.crt \ + --pem \ + --signed-content="$srcdir/test_chain.in" \ + sd.data sd.data.out > /dev/null +cmp "$srcdir/test_chain.in" sd.data.out || exit 1 + echo "create signed data (p12)" ${hxtool} cms-create-sd \ --pass=PASS:foobar \ @@ -195,6 +252,31 @@ ${hxtool} cms-verify-sd \ sd.data.out > /dev/null || exit 1 cmp "$srcdir/data/static-file" sd.data.out || exit 1 +echo "verify signed data - sha1" +${hxtool} cms-verify-sd \ + --missing-revoke \ + --anchors=FILE:$srcdir/data/ca.crt \ + --content-info \ + "$srcdir/data/test-signed-sha-1" sd.data.out > /dev/null || exit 1 +cmp "$srcdir/data/static-file" sd.data.out || exit 1 + +echo "verify signed data - sha256" +${hxtool} cms-verify-sd \ + --missing-revoke \ + --anchors=FILE:$srcdir/data/ca.crt \ + --content-info \ + "$srcdir/data/test-signed-sha-256" sd.data.out > /dev/null || exit 1 +cmp "$srcdir/data/static-file" sd.data.out || exit 1 + +#echo "verify signed data - sha512" +#${hxtool} cms-verify-sd \ +# --missing-revoke \ +# --anchors=FILE:$srcdir/data/ca.crt \ +# --content-info \ +# "$srcdir/data/test-signed-sha-512" sd.data.out > /dev/null || exit 1 +#cmp "$srcdir/data/static-file" sd.data.out || exit 1 + + echo "create signed data (subcert, no certs)" ${hxtool} cms-create-sd \ --certificate=FILE:$srcdir/data/sub-cert.crt,$srcdir/data/sub-cert.key \ @@ -317,6 +399,60 @@ ${hxtool} cms-verify-sd \ sd.data sd.data.out > /dev/null 2>/dev/null || exit 1 cmp "$srcdir/test_chain.in" sd.data.out || exit 1 +echo "create signed data (pem, detached)" +cp "$srcdir/test_chain.in" sd +${hxtool} cms-sign \ + --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ + --detached-signature \ + --pem \ + sd > /dev/null || exit 1 + +echo "verify signed data (pem, detached)" +${hxtool} cms-verify-sd \ + --missing-revoke \ + --anchors=FILE:$srcdir/data/ca.crt \ + --pem \ + sd.pem > /dev/null + +echo "create signed data (no certs, detached sig)" +cp "$srcdir/test_chain.in" sd +${hxtool} cms-sign \ + --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ + --detached-signature \ + --no-embedded-certs \ + "$srcdir/data/static-file" \ + sd > /dev/null || exit 1 + +echo "create signed data (leif only, detached sig)" +cp "$srcdir/test_chain.in" sd +${hxtool} cms-sign \ + --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ + --detached-signature \ + --embed-leaf-only \ + "$srcdir/data/static-file" \ + sd > /dev/null || exit 1 + +echo "create signed data (no certs, detached sig, 2 signers)" +cp "$srcdir/test_chain.in" sd +${hxtool} cms-sign \ + --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ + --certificate=FILE:$srcdir/data/sub-cert.crt,$srcdir/data/sub-cert.key \ + --detached-signature \ + --no-embedded-certs \ + "$srcdir/data/static-file" \ + sd > /dev/null || exit 1 + +echo "create signed data (no certs, detached sig, 3 signers)" +cp "$srcdir/test_chain.in" sd +${hxtool} cms-sign \ + --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ + --certificate=FILE:$srcdir/data/sub-cert.crt,$srcdir/data/sub-cert.key \ + --certificate=FILE:$srcdir/data/test-ds-only.crt,$srcdir/data/test-ds-only.key \ + --detached-signature \ + --no-embedded-certs \ + "$srcdir/data/static-file" \ + sd > /dev/null || exit 1 + echo "envelope data (content-type)" ${hxtool} cms-envelope \ --certificate=FILE:$srcdir/data/test.crt \ @@ -370,6 +506,7 @@ for a in rc2-40 rc2-64 rc2-128 des-ede3 aes-128 aes-256; do ${hxtool} cms-unenvelope \ --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ --content-info \ + --allow-weak \ "$srcdir/data/test-enveloped-$a" ev.data.out > /dev/null || exit 1 cmp "$srcdir/data/static-file" ev.data.out || exit 1 done diff --git a/lib/hx509/test_crypto.in b/lib/hx509/test_crypto.in index 31b5233fe9e6..9206031bef7d 100644 --- a/lib/hx509/test_crypto.in +++ b/lib/hx509/test_crypto.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2006 Kungliga Tekniska Högskolan +# Copyright (c) 2006 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $Id: test_crypto.in 20898 2007-06-04 23:07:46Z lha $ +# $Id$ # srcdir="@srcdir@" @@ -144,12 +144,12 @@ ${hxtool} crypto-select \ cmp test ${srcdir}/tst-crypto-select7 > /dev/null || \ { echo "select7 failure"; exit 1; } -echo "crypto available1" -${hxtool} crypto-available \ - --type=all \ - > test || { echo "available1"; exit 1; } -cmp test ${srcdir}/tst-crypto-available1 > /dev/null || \ - { echo "available1 failure"; exit 1; } +#echo "crypto available1" +#${hxtool} crypto-available \ +# --type=all \ +# > test || { echo "available1"; exit 1; } +#cmp test ${srcdir}/tst-crypto-available1 > /dev/null || \ +# { echo "available1 failure"; exit 1; } echo "crypto available2" ${hxtool} crypto-available \ @@ -158,12 +158,12 @@ ${hxtool} crypto-available \ cmp test ${srcdir}/tst-crypto-available2 > /dev/null || \ { echo "available2 failure"; exit 1; } -echo "crypto available3" -${hxtool} crypto-available \ - --type=public-sig \ - > test || { echo "available3"; exit 1; } -cmp test ${srcdir}/tst-crypto-available3 > /dev/null || \ - { echo "available3 failure"; exit 1; } +#echo "crypto available3" +#${hxtool} crypto-available \ +# --type=public-sig \ +# > test || { echo "available3"; exit 1; } +#cmp test ${srcdir}/tst-crypto-available3 > /dev/null || \ +# { echo "available3 failure"; exit 1; } echo "copy keystore FILE existing -> FILE" ${hxtool} certificate-copy \ @@ -184,4 +184,9 @@ echo "print certificate with utf8" ${hxtool} print \ FILE:$srcdir/data/j.pem >/dev/null 2>/dev/null || exit 1 +echo "Make sure that we can parse EC private keys" +${hxtool} print --content \ + FILE:$srcdir/data/pkinit-ec.crt,$srcdir/data/pkinit-ec.key \ + > /dev/null || exit 1 + exit 0 diff --git a/lib/hx509/test_expr.c b/lib/hx509/test_expr.c new file mode 100644 index 000000000000..8c2c0a55517d --- /dev/null +++ b/lib/hx509/test_expr.c @@ -0,0 +1,87 @@ + +#include "hx_locl.h" +#include + +struct foo { + int val; + char *str; +} foo[] = { + { 0, "FALSE" }, + { 1, "TRUE" }, + { 0, "!TRUE" }, + { 0, "! TRUE" }, + { 0, "!\tTRUE" }, + { 0, "( FALSE AND FALSE )" }, + { 0, "( TRUE AND FALSE )" }, + { 1, "( TRUE AND TRUE )" }, + { 1, "( TRUE OR TRUE )" }, + { 1, "( TRUE OR FALSE )" }, + { 0, "( FALSE OR FALSE )" }, + { 1, "! ( FALSE OR FALSE )" }, + + { 1, "\"foo\" TAILMATCH \"foo\"" }, + { 1, "\"foobar\" TAILMATCH \"bar\"" }, + { 0, "\"foobar\" TAILMATCH \"foo\"" }, + + { 1, "\"foo\" == \"foo\"" }, + { 0, "\"foo\" == \"bar\"" }, + { 0, "\"foo\" != \"foo\"" }, + { 1, "\"foo\" != \"bar\"" }, + { 1, "%{variable} == \"foo\"" }, + { 0, "%{variable} == \"bar\"" }, + { 1, "%{context.variable} == \"foo\"" }, + { 0, "%{context.variable} == \"bar\"" }, + { 1, "\"foo\" IN ( \"bar\", \"foo\")" }, + { 0, "\"foo\" IN ( \"bar\", \"baz\")" }, + { 0, "\"bar\" IN %{context}" }, + { 1, "\"foo\" IN %{context}" }, + { 1, "\"variable\" IN %{context}" }, + + { 1, "\"foo\" IN %{context} AND %{context.variable} == \"foo\"" } +}; + +int +main(int argc, char **argv) +{ + struct hx_expr *expr; + hx509_context context; + hx509_env env = NULL, env2 = NULL; + int val, i, ret; + +#if 0 + extern int yydebug; + yydebug = 1; +#endif + + ret = hx509_context_init(&context); + if (ret) + errx(1, "hx509_context_init failed with %d", ret); + + hx509_env_add(context, &env, "variable", "foo"); + hx509_env_add(context, &env2, "variable", "foo"); + hx509_env_add_binding(context, &env, "context", env2); + + for (i = 0; i < sizeof(foo)/sizeof(foo[0]); i++) { + + expr = _hx509_expr_parse(foo[i].str); + if (expr == NULL) + errx(1, "_hx509_expr_parse failed for %d: %s", i, foo[i].str); + + val = _hx509_expr_eval(context, env, expr); + if (foo[i].val) { + if (val == 0) + errx(1, "_hx509_expr_eval not true when it should: %d: %s", + i, foo[i].str); + } else { + if (val) + errx(1, "_hx509_expr_eval true when it should not: %d: %s", + i, foo[i].str); + } + + _hx509_expr_free(expr); + } + + hx509_env_free(&env); + + return 0; +} diff --git a/lib/hx509/test_java_pkcs11.in b/lib/hx509/test_java_pkcs11.in index 35f61e61aa35..9a843a4888d2 100644 --- a/lib/hx509/test_java_pkcs11.in +++ b/lib/hx509/test_java_pkcs11.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2008 Kungliga Tekniska Högskolan +# Copyright (c) 2008 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # diff --git a/lib/hx509/test_name.c b/lib/hx509/test_name.c index 2c6dd516cb80..d932221ddf04 100644 --- a/lib/hx509/test_name.c +++ b/lib/hx509/test_name.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" -RCSID("$Id: test_name.c 19882 2007-01-13 01:02:57Z lha $"); static int test_name(hx509_context context, const char *name) @@ -72,13 +71,12 @@ test_name_fail(hx509_context context, const char *name) static int test_expand(hx509_context context, const char *name, const char *expected) { - hx509_env env; + hx509_env env = NULL; hx509_name n; char *s; int ret; - hx509_env_init(context, &env); - hx509_env_add(context, env, "uid", "lha"); + hx509_env_add(context, &env, "uid", "lha"); ret = hx509_parse_name(context, name, &n); if (ret) @@ -93,7 +91,7 @@ test_expand(hx509_context context, const char *name, const char *expected) hx509_name_free(&n); if (ret) return 1; - + ret = strcmp(s, expected) != 0; free(s); if (ret) @@ -102,6 +100,256 @@ test_expand(hx509_context context, const char *name, const char *expected) return 0; } +char certdata1[] = + "\x30\x82\x04\x1d\x30\x82\x03\x05\xa0\x03\x02\x01\x02\x02\x10\x4e" + "\x81\x2d\x8a\x82\x65\xe0\x0b\x02\xee\x3e\x35\x02\x46\xe5\x3d\x30" + "\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x30\x81" + "\x81\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x42\x31\x1b" + "\x30\x19\x06\x03\x55\x04\x08\x13\x12\x47\x72\x65\x61\x74\x65\x72" + "\x20\x4d\x61\x6e\x63\x68\x65\x73\x74\x65\x72\x31\x10\x30\x0e\x06" + "\x03\x55\x04\x07\x13\x07\x53\x61\x6c\x66\x6f\x72\x64\x31\x1a\x30" + "\x18\x06\x03\x55\x04\x0a\x13\x11\x43\x4f\x4d\x4f\x44\x4f\x20\x43" + "\x41\x20\x4c\x69\x6d\x69\x74\x65\x64\x31\x27\x30\x25\x06\x03\x55" + "\x04\x03\x13\x1e\x43\x4f\x4d\x4f\x44\x4f\x20\x43\x65\x72\x74\x69" + "\x66\x69\x63\x61\x74\x69\x6f\x6e\x20\x41\x75\x74\x68\x6f\x72\x69" + "\x74\x79\x30\x1e\x17\x0d\x30\x36\x31\x32\x30\x31\x30\x30\x30\x30" + "\x30\x30\x5a\x17\x0d\x32\x39\x31\x32\x33\x31\x32\x33\x35\x39\x35" + "\x39\x5a\x30\x81\x81\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02" + "\x47\x42\x31\x1b\x30\x19\x06\x03\x55\x04\x08\x13\x12\x47\x72\x65" + "\x61\x74\x65\x72\x20\x4d\x61\x6e\x63\x68\x65\x73\x74\x65\x72\x31" + "\x10\x30\x0e\x06\x03\x55\x04\x07\x13\x07\x53\x61\x6c\x66\x6f\x72" + "\x64\x31\x1a\x30\x18\x06\x03\x55\x04\x0a\x13\x11\x43\x4f\x4d\x4f" + "\x44\x4f\x20\x43\x41\x20\x4c\x69\x6d\x69\x74\x65\x64\x31\x27\x30" + "\x25\x06\x03\x55\x04\x03\x13\x1e\x43\x4f\x4d\x4f\x44\x4f\x20\x43" + "\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6f\x6e\x20\x41\x75\x74" + "\x68\x6f\x72\x69\x74\x79\x30\x82\x01\x22\x30\x0d\x06\x09\x2a\x86" + "\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x00\x30\x82" + "\x01\x0a\x02\x82\x01\x01\x00\xd0\x40\x8b\x8b\x72\xe3\x91\x1b\xf7" + "\x51\xc1\x1b\x54\x04\x98\xd3\xa9\xbf\xc1\xe6\x8a\x5d\x3b\x87\xfb" + "\xbb\x88\xce\x0d\xe3\x2f\x3f\x06\x96\xf0\xa2\x29\x50\x99\xae\xdb" + "\x3b\xa1\x57\xb0\x74\x51\x71\xcd\xed\x42\x91\x4d\x41\xfe\xa9\xc8" + "\xd8\x6a\x86\x77\x44\xbb\x59\x66\x97\x50\x5e\xb4\xd4\x2c\x70\x44" + "\xcf\xda\x37\x95\x42\x69\x3c\x30\xc4\x71\xb3\x52\xf0\x21\x4d\xa1" + "\xd8\xba\x39\x7c\x1c\x9e\xa3\x24\x9d\xf2\x83\x16\x98\xaa\x16\x7c" + "\x43\x9b\x15\x5b\xb7\xae\x34\x91\xfe\xd4\x62\x26\x18\x46\x9a\x3f" + "\xeb\xc1\xf9\xf1\x90\x57\xeb\xac\x7a\x0d\x8b\xdb\x72\x30\x6a\x66" + "\xd5\xe0\x46\xa3\x70\xdc\x68\xd9\xff\x04\x48\x89\x77\xde\xb5\xe9" + "\xfb\x67\x6d\x41\xe9\xbc\x39\xbd\x32\xd9\x62\x02\xf1\xb1\xa8\x3d" + "\x6e\x37\x9c\xe2\x2f\xe2\xd3\xa2\x26\x8b\xc6\xb8\x55\x43\x88\xe1" + "\x23\x3e\xa5\xd2\x24\x39\x6a\x47\xab\x00\xd4\xa1\xb3\xa9\x25\xfe" + "\x0d\x3f\xa7\x1d\xba\xd3\x51\xc1\x0b\xa4\xda\xac\x38\xef\x55\x50" + "\x24\x05\x65\x46\x93\x34\x4f\x2d\x8d\xad\xc6\xd4\x21\x19\xd2\x8e" + "\xca\x05\x61\x71\x07\x73\x47\xe5\x8a\x19\x12\xbd\x04\x4d\xce\x4e" + "\x9c\xa5\x48\xac\xbb\x26\xf7\x02\x03\x01\x00\x01\xa3\x81\x8e\x30" + "\x81\x8b\x30\x1d\x06\x03\x55\x1d\x0e\x04\x16\x04\x14\x0b\x58\xe5" + "\x8b\xc6\x4c\x15\x37\xa4\x40\xa9\x30\xa9\x21\xbe\x47\x36\x5a\x56" + "\xff\x30\x0e\x06\x03\x55\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01" + "\x06\x30\x0f\x06\x03\x55\x1d\x13\x01\x01\xff\x04\x05\x30\x03\x01" + "\x01\xff\x30\x49\x06\x03\x55\x1d\x1f\x04\x42\x30\x40\x30\x3e\xa0" + "\x3c\xa0\x3a\x86\x38\x68\x74\x74\x70\x3a\x2f\x2f\x63\x72\x6c\x2e" + "\x63\x6f\x6d\x6f\x64\x6f\x63\x61\x2e\x63\x6f\x6d\x2f\x43\x4f\x4d" + "\x4f\x44\x4f\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6f\x6e" + "\x41\x75\x74\x68\x6f\x72\x69\x74\x79\x2e\x63\x72\x6c\x30\x0d\x06" + "\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01\x01" + "\x00\x3e\x98\x9e\x9b\xf6\x1b\xe9\xd7\x39\xb7\x78\xae\x1d\x72\x18" + "\x49\xd3\x87\xe4\x43\x82\xeb\x3f\xc9\xaa\xf5\xa8\xb5\xef\x55\x7c" + "\x21\x52\x65\xf9\xd5\x0d\xe1\x6c\xf4\x3e\x8c\x93\x73\x91\x2e\x02" + "\xc4\x4e\x07\x71\x6f\xc0\x8f\x38\x61\x08\xa8\x1e\x81\x0a\xc0\x2f" + "\x20\x2f\x41\x8b\x91\xdc\x48\x45\xbc\xf1\xc6\xde\xba\x76\x6b\x33" + "\xc8\x00\x2d\x31\x46\x4c\xed\xe7\x9d\xcf\x88\x94\xff\x33\xc0\x56" + "\xe8\x24\x86\x26\xb8\xd8\x38\x38\xdf\x2a\x6b\xdd\x12\xcc\xc7\x3f" + "\x47\x17\x4c\xa2\xc2\x06\x96\x09\xd6\xdb\xfe\x3f\x3c\x46\x41\xdf" + "\x58\xe2\x56\x0f\x3c\x3b\xc1\x1c\x93\x35\xd9\x38\x52\xac\xee\xc8" + "\xec\x2e\x30\x4e\x94\x35\xb4\x24\x1f\x4b\x78\x69\xda\xf2\x02\x38" + "\xcc\x95\x52\x93\xf0\x70\x25\x59\x9c\x20\x67\xc4\xee\xf9\x8b\x57" + "\x61\xf4\x92\x76\x7d\x3f\x84\x8d\x55\xb7\xe8\xe5\xac\xd5\xf1\xf5" + "\x19\x56\xa6\x5a\xfb\x90\x1c\xaf\x93\xeb\xe5\x1c\xd4\x67\x97\x5d" + "\x04\x0e\xbe\x0b\x83\xa6\x17\x83\xb9\x30\x12\xa0\xc5\x33\x15\x05" + "\xb9\x0d\xfb\xc7\x05\x76\xe3\xd8\x4a\x8d\xfc\x34\x17\xa3\xc6\x21" + "\x28\xbe\x30\x45\x31\x1e\xc7\x78\xbe\x58\x61\x38\xac\x3b\xe2\x01" + "\x65"; + +char certdata2[] = + "\x30\x82\x03\x02\x30\x82\x02\x6b\x02\x10\x39\xca\x54\x89\xfe\x50" + "\x22\x32\xfe\x32\xd9\xdb\xfb\x1b\x84\x19\x30\x0d\x06\x09\x2a\x86" + "\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x30\x81\xc1\x31\x0b\x30\x09" + "\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31\x17\x30\x15\x06\x03\x55" + "\x04\x0a\x13\x0e\x56\x65\x72\x69\x53\x69\x67\x6e\x2c\x20\x49\x6e" + "\x63\x2e\x31\x3c\x30\x3a\x06\x03\x55\x04\x0b\x13\x33\x43\x6c\x61" + "\x73\x73\x20\x31\x20\x50\x75\x62\x6c\x69\x63\x20\x50\x72\x69\x6d" + "\x61\x72\x79\x20\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6f" + "\x6e\x20\x41\x75\x74\x68\x6f\x72\x69\x74\x79\x20\x2d\x20\x47\x32" + "\x31\x3a\x30\x38\x06\x03\x55\x04\x0b\x13\x31\x28\x63\x29\x20\x31" + "\x39\x39\x38\x20\x56\x65\x72\x69\x53\x69\x67\x6e\x2c\x20\x49\x6e" + "\x63\x2e\x20\x2d\x20\x46\x6f\x72\x20\x61\x75\x74\x68\x6f\x72\x69" + "\x7a\x65\x64\x20\x75\x73\x65\x20\x6f\x6e\x6c\x79\x31\x1f\x30\x1d" + "\x06\x03\x55\x04\x0b\x13\x16\x56\x65\x72\x69\x53\x69\x67\x6e\x20" + "\x54\x72\x75\x73\x74\x20\x4e\x65\x74\x77\x6f\x72\x6b\x30\x1e\x17" + "\x0d\x39\x38\x30\x35\x31\x38\x30\x30\x30\x30\x30\x30\x5a\x17\x0d" + "\x31\x38\x30\x35\x31\x38\x32\x33\x35\x39\x35\x39\x5a\x30\x81\xc1" + "\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31\x17\x30" + "\x15\x06\x03\x55\x04\x0a\x13\x0e\x56\x65\x72\x69\x53\x69\x67\x6e" + "\x2c\x20\x49\x6e\x63\x2e\x31\x3c\x30\x3a\x06\x03\x55\x04\x0b\x13" + "\x33\x43\x6c\x61\x73\x73\x20\x31\x20\x50\x75\x62\x6c\x69\x63\x20" + "\x50\x72\x69\x6d\x61\x72\x79\x20\x43\x65\x72\x74\x69\x66\x69\x63" + "\x61\x74\x69\x6f\x6e\x20\x41\x75\x74\x68\x6f\x72\x69\x74\x79\x20" + "\x2d\x20\x47\x32\x31\x3a\x30\x38\x06\x03\x55\x04\x0b\x13\x31\x28" + "\x63\x29\x20\x31\x39\x39\x38\x20\x56\x65\x72\x69\x53\x69\x67\x6e" + "\x2c\x20\x49\x6e\x63\x2e\x20\x2d\x20\x46\x6f\x72\x20\x61\x75\x74" + "\x68\x6f\x72\x69\x7a\x65\x64\x20\x75\x73\x65\x20\x6f\x6e\x6c\x79" + "\x31\x1f\x30\x1d\x06\x03\x55\x04\x0b\x13\x16\x56\x65\x72\x69\x53" + "\x69\x67\x6e\x20\x54\x72\x75\x73\x74\x20\x4e\x65\x74\x77\x6f\x72" + "\x6b\x30\x81\x9f\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01" + "\x01\x05\x00\x03\x81\x8d\x00\x30\x81\x89\x02\x81\x81\x00\xaa\xd0" + "\xba\xbe\x16\x2d\xb8\x83\xd4\xca\xd2\x0f\xbc\x76\x31\xca\x94\xd8" + "\x1d\x93\x8c\x56\x02\xbc\xd9\x6f\x1a\x6f\x52\x36\x6e\x75\x56\x0a" + "\x55\xd3\xdf\x43\x87\x21\x11\x65\x8a\x7e\x8f\xbd\x21\xde\x6b\x32" + "\x3f\x1b\x84\x34\x95\x05\x9d\x41\x35\xeb\x92\xeb\x96\xdd\xaa\x59" + "\x3f\x01\x53\x6d\x99\x4f\xed\xe5\xe2\x2a\x5a\x90\xc1\xb9\xc4\xa6" + "\x15\xcf\xc8\x45\xeb\xa6\x5d\x8e\x9c\x3e\xf0\x64\x24\x76\xa5\xcd" + "\xab\x1a\x6f\xb6\xd8\x7b\x51\x61\x6e\xa6\x7f\x87\xc8\xe2\xb7\xe5" + "\x34\xdc\x41\x88\xea\x09\x40\xbe\x73\x92\x3d\x6b\xe7\x75\x02\x03" + "\x01\x00\x01\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05" + "\x05\x00\x03\x81\x81\x00\x8b\xf7\x1a\x10\xce\x76\x5c\x07\xab\x83" + "\x99\xdc\x17\x80\x6f\x34\x39\x5d\x98\x3e\x6b\x72\x2c\xe1\xc7\xa2" + "\x7b\x40\x29\xb9\x78\x88\xba\x4c\xc5\xa3\x6a\x5e\x9e\x6e\x7b\xe3" + "\xf2\x02\x41\x0c\x66\xbe\xad\xfb\xae\xa2\x14\xce\x92\xf3\xa2\x34" + "\x8b\xb4\xb2\xb6\x24\xf2\xe5\xd5\xe0\xc8\xe5\x62\x6d\x84\x7b\xcb" + "\xbe\xbb\x03\x8b\x7c\x57\xca\xf0\x37\xa9\x90\xaf\x8a\xee\x03\xbe" + "\x1d\x28\x9c\xd9\x26\x76\xa0\xcd\xc4\x9d\x4e\xf0\xae\x07\x16\xd5" + "\xbe\xaf\x57\x08\x6a\xd0\xa0\x42\x42\x42\x1e\xf4\x20\xcc\xa5\x78" + "\x82\x95\x26\x38\x8a\x47"; + +char certdata3[] = + "\x30\x82\x04\x43\x30\x82\x03\x2b\xa0\x03\x02\x01\x02\x02\x01\x01" + "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x30" + "\x7f\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x42\x31\x1b" + "\x30\x19\x06\x03\x55\x04\x08\x0c\x12\x47\x72\x65\x61\x74\x65\x72" + "\x20\x4d\x61\x6e\x63\x68\x65\x73\x74\x65\x72\x31\x10\x30\x0e\x06" + "\x03\x55\x04\x07\x0c\x07\x53\x61\x6c\x66\x6f\x72\x64\x31\x1a\x30" + "\x18\x06\x03\x55\x04\x0a\x0c\x11\x43\x6f\x6d\x6f\x64\x6f\x20\x43" + "\x41\x20\x4c\x69\x6d\x69\x74\x65\x64\x31\x25\x30\x23\x06\x03\x55" + "\x04\x03\x0c\x1c\x54\x72\x75\x73\x74\x65\x64\x20\x43\x65\x72\x74" + "\x69\x66\x69\x63\x61\x74\x65\x20\x53\x65\x72\x76\x69\x63\x65\x73" + "\x30\x1e\x17\x0d\x30\x34\x30\x31\x30\x31\x30\x30\x30\x30\x30\x30" + "\x5a\x17\x0d\x32\x38\x31\x32\x33\x31\x32\x33\x35\x39\x35\x39\x5a" + "\x30\x7f\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x42\x31" + "\x1b\x30\x19\x06\x03\x55\x04\x08\x0c\x12\x47\x72\x65\x61\x74\x65" + "\x72\x20\x4d\x61\x6e\x63\x68\x65\x73\x74\x65\x72\x31\x10\x30\x0e" + "\x06\x03\x55\x04\x07\x0c\x07\x53\x61\x6c\x66\x6f\x72\x64\x31\x1a" + "\x30\x18\x06\x03\x55\x04\x0a\x0c\x11\x43\x6f\x6d\x6f\x64\x6f\x20" + "\x43\x41\x20\x4c\x69\x6d\x69\x74\x65\x64\x31\x25\x30\x23\x06\x03" + "\x55\x04\x03\x0c\x1c\x54\x72\x75\x73\x74\x65\x64\x20\x43\x65\x72" + "\x74\x69\x66\x69\x63\x61\x74\x65\x20\x53\x65\x72\x76\x69\x63\x65" + "\x73\x30\x82\x01\x22\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01" + "\x01\x01\x05\x00\x03\x82\x01\x0f\x00\x30\x82\x01\x0a\x02\x82\x01" + "\x01\x00\xdf\x71\x6f\x36\x58\x53\x5a\xf2\x36\x54\x57\x80\xc4\x74" + "\x08\x20\xed\x18\x7f\x2a\x1d\xe6\x35\x9a\x1e\x25\xac\x9c\xe5\x96" + "\x7e\x72\x52\xa0\x15\x42\xdb\x59\xdd\x64\x7a\x1a\xd0\xb8\x7b\xdd" + "\x39\x15\xbc\x55\x48\xc4\xed\x3a\x00\xea\x31\x11\xba\xf2\x71\x74" + "\x1a\x67\xb8\xcf\x33\xcc\xa8\x31\xaf\xa3\xe3\xd7\x7f\xbf\x33\x2d" + "\x4c\x6a\x3c\xec\x8b\xc3\x92\xd2\x53\x77\x24\x74\x9c\x07\x6e\x70" + "\xfc\xbd\x0b\x5b\x76\xba\x5f\xf2\xff\xd7\x37\x4b\x4a\x60\x78\xf7" + "\xf0\xfa\xca\x70\xb4\xea\x59\xaa\xa3\xce\x48\x2f\xa9\xc3\xb2\x0b" + "\x7e\x17\x72\x16\x0c\xa6\x07\x0c\x1b\x38\xcf\xc9\x62\xb7\x3f\xa0" + "\x93\xa5\x87\x41\xf2\xb7\x70\x40\x77\xd8\xbe\x14\x7c\xe3\xa8\xc0" + "\x7a\x8e\xe9\x63\x6a\xd1\x0f\x9a\xc6\xd2\xf4\x8b\x3a\x14\x04\x56" + "\xd4\xed\xb8\xcc\x6e\xf5\xfb\xe2\x2c\x58\xbd\x7f\x4f\x6b\x2b\xf7" + "\x60\x24\x58\x24\xce\x26\xef\x34\x91\x3a\xd5\xe3\x81\xd0\xb2\xf0" + "\x04\x02\xd7\x5b\xb7\x3e\x92\xac\x6b\x12\x8a\xf9\xe4\x05\xb0\x3b" + "\x91\x49\x5c\xb2\xeb\x53\xea\xf8\x9f\x47\x86\xee\xbf\x95\xc0\xc0" + "\x06\x9f\xd2\x5b\x5e\x11\x1b\xf4\xc7\x04\x35\x29\xd2\x55\x5c\xe4" + "\xed\xeb\x02\x03\x01\x00\x01\xa3\x81\xc9\x30\x81\xc6\x30\x1d\x06" + "\x03\x55\x1d\x0e\x04\x16\x04\x14\xc5\x7b\x58\xbd\xed\xda\x25\x69" + "\xd2\xf7\x59\x16\xa8\xb3\x32\xc0\x7b\x27\x5b\xf4\x30\x0e\x06\x03" + "\x55\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x06\x30\x0f\x06\x03" + "\x55\x1d\x13\x01\x01\xff\x04\x05\x30\x03\x01\x01\xff\x30\x81\x83" + "\x06\x03\x55\x1d\x1f\x04\x7c\x30\x7a\x30\x3c\xa0\x3a\xa0\x38\x86" + "\x36\x68\x74\x74\x70\x3a\x2f\x2f\x63\x72\x6c\x2e\x63\x6f\x6d\x6f" + "\x64\x6f\x63\x61\x2e\x63\x6f\x6d\x2f\x54\x72\x75\x73\x74\x65\x64" + "\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x65\x53\x65\x72\x76\x69" + "\x63\x65\x73\x2e\x63\x72\x6c\x30\x3a\xa0\x38\xa0\x36\x86\x34\x68" + "\x74\x74\x70\x3a\x2f\x2f\x63\x72\x6c\x2e\x63\x6f\x6d\x6f\x64\x6f" + "\x2e\x6e\x65\x74\x2f\x54\x72\x75\x73\x74\x65\x64\x43\x65\x72\x74" + "\x69\x66\x69\x63\x61\x74\x65\x53\x65\x72\x76\x69\x63\x65\x73\x2e" + "\x63\x72\x6c\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05" + "\x05\x00\x03\x82\x01\x01\x00\xc8\x93\x81\x3b\x89\xb4\xaf\xb8\x84" + "\x12\x4c\x8d\xd2\xf0\xdb\x70\xba\x57\x86\x15\x34\x10\xb9\x2f\x7f" + "\x1e\xb0\xa8\x89\x60\xa1\x8a\xc2\x77\x0c\x50\x4a\x9b\x00\x8b\xd8" + "\x8b\xf4\x41\xe2\xd0\x83\x8a\x4a\x1c\x14\x06\xb0\xa3\x68\x05\x70" + "\x31\x30\xa7\x53\x9b\x0e\xe9\x4a\xa0\x58\x69\x67\x0e\xae\x9d\xf6" + "\xa5\x2c\x41\xbf\x3c\x06\x6b\xe4\x59\xcc\x6d\x10\xf1\x96\x6f\x1f" + "\xdf\xf4\x04\x02\xa4\x9f\x45\x3e\xc8\xd8\xfa\x36\x46\x44\x50\x3f" + "\x82\x97\x91\x1f\x28\xdb\x18\x11\x8c\x2a\xe4\x65\x83\x57\x12\x12" + "\x8c\x17\x3f\x94\x36\xfe\x5d\xb0\xc0\x04\x77\x13\xb8\xf4\x15\xd5" + "\x3f\x38\xcc\x94\x3a\x55\xd0\xac\x98\xf5\xba\x00\x5f\xe0\x86\x19" + "\x81\x78\x2f\x28\xc0\x7e\xd3\xcc\x42\x0a\xf5\xae\x50\xa0\xd1\x3e" + "\xc6\xa1\x71\xec\x3f\xa0\x20\x8c\x66\x3a\x89\xb4\x8e\xd4\xd8\xb1" + "\x4d\x25\x47\xee\x2f\x88\xc8\xb5\xe1\x05\x45\xc0\xbe\x14\x71\xde" + "\x7a\xfd\x8e\x7b\x7d\x4d\x08\x96\xa5\x12\x73\xf0\x2d\xca\x37\x27" + "\x74\x12\x27\x4c\xcb\xb6\x97\xe9\xd9\xae\x08\x6d\x5a\x39\x40\xdd" + "\x05\x47\x75\x6a\x5a\x21\xb3\xa3\x18\xcf\x4e\xf7\x2e\x57\xb7\x98" + "\x70\x5e\xc8\xc4\x78\xb0\x62"; + + +static int +compare_subject(hx509_cert c1, hx509_cert c2, int *l) +{ + hx509_name n1, n2; + int ret; + + ret = hx509_cert_get_subject(c1, &n1); + if (ret) return 1; + ret = hx509_cert_get_subject(c2, &n2); + if (ret) return 1; + + *l = hx509_name_cmp(n1, n2); + hx509_name_free(&n1); + hx509_name_free(&n2); + + return 0; +} + +static int +test_compare(hx509_context context) +{ + int ret; + hx509_cert c1, c2, c3; + int l0, l1, l2, l3; + + /* check transative properties of name compare function */ + + ret = hx509_cert_init_data(context, certdata1, sizeof(certdata1) - 1, &c1); + if (ret) return 1; + + ret = hx509_cert_init_data(context, certdata2, sizeof(certdata2) - 1, &c2); + if (ret) return 1; + + ret = hx509_cert_init_data(context, certdata3, sizeof(certdata3) - 1, &c3); + if (ret) return 1; + + ret = compare_subject(c1, c1, &l0); + if (ret) return 1; + ret = compare_subject(c1, c2, &l1); + if (ret) return 1; + ret = compare_subject(c1, c3, &l2); + if (ret) return 1; + ret = compare_subject(c2, c3, &l3); + if (ret) return 1; + + if (l0 != 0) return 1; + if (l2 < l1) return 1; + if (l3 < l2) return 1; + if (l3 < l1) return 1; + + hx509_cert_free(c1); + hx509_cert_free(c2); + hx509_cert_free(c3); + + return 0; +} + + int main(int argc, char **argv) { @@ -126,6 +374,8 @@ main(int argc, char **argv) ret += test_expand(context, "UID=${uid}${uid},C=SE", "UID=lhalha,C=SE"); ret += test_expand(context, "UID=${uid}{uid},C=SE", "UID=lha{uid},C=SE"); + ret += test_compare(context); + hx509_context_free(&context); return ret; diff --git a/lib/hx509/test_nist.in b/lib/hx509/test_nist.in index 8306283fc9e0..9dffbe69177c 100644 --- a/lib/hx509/test_nist.in +++ b/lib/hx509/test_nist.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan +# Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $Id: test_nist.in 22240 2007-12-08 22:55:03Z lha $ +# $Id$ # srcdir="@srcdir@" @@ -96,7 +96,7 @@ while read id verify cert arg1 arg2 arg3 arg4 arg5 ; do args="$args crl:FILE:$nistdir/crls/TrustAnchorRootCRL.crl" args="$args cert:FILE:$nistdir/certs/$cert" - if ${hxtool} verify $args > /dev/null; then + if ${hxtool} verify --time=2008-05-20 $args > /dev/null; then if test "$verify" = "f"; then echo "verify passed on fail: $id $cert" exit 1 diff --git a/lib/hx509/test_nist2.in b/lib/hx509/test_nist2.in index 66161298953f..0c4276b07af4 100644 --- a/lib/hx509/test_nist2.in +++ b/lib/hx509/test_nist2.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan +# Copyright (c) 2004 - 2008 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # @@ -38,6 +38,7 @@ srcdir="@srcdir@" objdir="@objdir@" nistdir=${objdir}/PKITS_data nistzip=${srcdir}/data/PKITS_data.zip +egrep="@egrep@" limit="${1:-nolimit}" @@ -55,6 +56,22 @@ if ${hxtool} info | grep 'rand: not available' > /dev/null ; then exit 77 fi +#--------- Try to find unzip + +oldifs=$IFS +IFS=: +set -- $PATH +IFS=$oldifs +found= + +for p in "$@" ; do + test -x "$p/unzip" && { found=1 ; break; } +done +test "X$found" = "X" && exit 77 + +#--------- + + echo "nist tests, version 2" if [ ! -d "$nistdir" ] ; then @@ -80,13 +97,12 @@ while read result cert other ; do args="$args cert:FILE:$nistdir/certs/$cert" args="$args chain:DIR:$nistdir/certs" args="$args anchor:FILE:$nistdir/certs/TrustAnchorRootCertificate.crt" -# args="$args crl:FILE:$nistdir/crls/TrustAnchorRootCRL.crl" for a in $nistdir/crls/*.crl; do args="$args crl:FILE:$a" done - cmd="${hxtool} verify $args" + cmd="${hxtool} verify --time=2008-05-20 $args" eval ${cmd} > /dev/null res=$? @@ -97,12 +113,14 @@ while read result cert other ; do [123],*) r="PASSf";; *) echo="unknown result ${result},${res}" ; exit 1 ;; esac - if grep "${name} FAIL" $srcdir/data/nist-result2 > /dev/null; then + if ${egrep} "^${name} FAIL" $srcdir/data/nist-result2 > /dev/null; then if expr "$r" : "PASS" >/dev/null; then echo "${name} passed when expected not to" echo "# ${description}" > nist2-passed-${name}.tmp ec=1 fi + elif ${egrep} "^${name} EITHER" $srcdir/data/nist-result2 > /dev/null; then + : elif expr "$r" : "FAIL.*" >/dev/null ; then echo "$r ${name} ${description}" echo "# ${description}" > nist2-failed-${name}.tmp diff --git a/lib/hx509/test_nist_cert.in b/lib/hx509/test_nist_cert.in index 2d2bbe1f1983..8c683d6b8b1e 100644 --- a/lib/hx509/test_nist_cert.in +++ b/lib/hx509/test_nist_cert.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2006 Kungliga Tekniska Högskolan +# Copyright (c) 2006 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $Id: test_nist_cert.in 21823 2007-08-03 15:13:37Z lha $ +# $Id$ # srcdir="@srcdir@" diff --git a/lib/hx509/test_nist_pkcs12.in b/lib/hx509/test_nist_pkcs12.in index fe595f284784..7898eee2e1cf 100644 --- a/lib/hx509/test_nist_pkcs12.in +++ b/lib/hx509/test_nist_pkcs12.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan +# Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $Id: test_nist_pkcs12.in 22256 2007-12-09 06:04:02Z lha $ +# $Id$ # srcdir="@srcdir@" diff --git a/lib/hx509/test_pkcs11.in b/lib/hx509/test_pkcs11.in index 0a315bf5eaf7..278296ae66d8 100644 --- a/lib/hx509/test_pkcs11.in +++ b/lib/hx509/test_pkcs11.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2008 Kungliga Tekniska Högskolan +# Copyright (c) 2008 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # diff --git a/lib/hx509/test_query.in b/lib/hx509/test_query.in index 01e0c3123371..d29d78a23976 100644 --- a/lib/hx509/test_query.in +++ b/lib/hx509/test_query.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan +# Copyright (c) 2005 - 2008 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $Id: test_query.in 20782 2007-06-02 00:46:00Z lha $ +# $Id$ # srcdir="@srcdir@" @@ -44,8 +44,15 @@ hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" echo "try printing" ${hxtool} print \ --pass=PASS:foobar \ + --info --content \ PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1 +echo "try printing" +${hxtool} print \ + --pass=PASS:foobar \ + --info --content \ + FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null || exit 1 + ${hxtool} print \ --pass=PASS:foobar \ --info \ @@ -63,6 +70,16 @@ ${hxtool} query \ --friendlyname=friendlyname-test-not \ PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1 +echo "make sure entry is found (eku)" +${hxtool} query \ + --eku=1.3.6.1.5.2.3.5 \ + FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null || exit 1 + +echo "make sure entry is not found (eku)" +${hxtool} query \ + --eku=1.3.6.1.5.2.3.6 \ + FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null && exit 1 + echo "make sure entry is found (friendlyname, no-pw)" ${hxtool} query \ --friendlyname=friendlyname-cert \ @@ -142,5 +159,45 @@ ${hxtool} query \ --keyEncipherment \ FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1 -exit 0 +echo "make sure entry is found (eku) in query language" +${hxtool} query \ + --expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku}' \ + FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 +echo "make sure entry is not found (eku) in query language" +${hxtool} query \ + --expr='"1.3.6.1.5.2.3.6" IN %{certificate.eku}' \ + FILE:$srcdir/data/kdc.crt > /dev/null && exit 1 + +echo "make sure entry is found (subject) in query language" +${hxtool} query \ + --expr='%{certificate.subject} == "CN=kdc,C=SE"' \ + FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 + +echo "make sure entry is found using TAILMATCH (subject) in query language" +${hxtool} query \ + --expr='%{certificate.subject} TAILMATCH "C=SE"' \ + FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 + +echo "make sure entry is not found using TAILMATCH (subject) in query language" +${hxtool} query \ + --expr='%{certificate.subject} TAILMATCH "C=FI"' \ + FILE:$srcdir/data/kdc.crt > /dev/null && exit 1 + +echo "make sure entry is found (issuer) in query language" +${hxtool} query \ + --expr='%{certificate.issuer} == "C=SE,CN=hx509 Test Root CA"' \ + FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 + +echo "make sure entry match with EKU and TAILMATCH in query language" +${hxtool} query \ + --expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku} AND %{certificate.subject} TAILMATCH "C=SE"' \ + FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 + +echo "make sure entry match with hash.sha1" +${hxtool} query \ + --expr='"%{certificate.hash.sha1}EQ "412120212A2CBFD777DE5499ECB4724345F33F16"' \ + FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 + + +exit 0 diff --git a/lib/hx509/test_req.in b/lib/hx509/test_req.in index 2109ceb26dca..49919d918fa3 100644 --- a/lib/hx509/test_req.in +++ b/lib/hx509/test_req.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan +# Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $Id: test_req.in 21341 2007-06-26 14:20:56Z lha $ +# $Id$ # srcdir="@srcdir@" diff --git a/lib/hx509/test_soft_pkcs11.c b/lib/hx509/test_soft_pkcs11.c index e76f7720156d..c8fc2448ee76 100644 --- a/lib/hx509/test_soft_pkcs11.c +++ b/lib/hx509/test_soft_pkcs11.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -39,9 +39,9 @@ static CK_FUNCTION_LIST_PTR func; static CK_RV -find_object(CK_SESSION_HANDLE session, +find_object(CK_SESSION_HANDLE session, char *id, - CK_OBJECT_CLASS key_class, + CK_OBJECT_CLASS key_class, CK_OBJECT_HANDLE_PTR object) { CK_ULONG object_count; @@ -119,11 +119,11 @@ main(int argc, char **argv) if ((slot_info.flags & CKF_TOKEN_PRESENT) == 0) errx(1, "no token present"); - ret = (*func->C_OpenSession)(slot, CKF_SERIAL_SESSION, + ret = (*func->C_OpenSession)(slot, CKF_SERIAL_SESSION, NULL, NULL, &session); if (ret != CKR_OK) errx(1, "C_OpenSession failed: %d", (int)ret); - + ret = (*func->C_GetTokenInfo)(slot, &token_info); if (ret) errx(1, "C_GetTokenInfo1 failed: %d", (int)ret); @@ -159,7 +159,7 @@ main(int argc, char **argv) ret = (*func->C_SignInit)(session, &mechanism, private); if (ret != CKR_OK) return 1; - + ck_sigsize = sizeof(signature); ret = (*func->C_Sign)(session, (CK_BYTE *)sighash, strlen(sighash), (CK_BYTE *)signature, &ck_sigsize); @@ -172,7 +172,7 @@ main(int argc, char **argv) if (ret != CKR_OK) return 1; - ret = (*func->C_Verify)(session, (CK_BYTE *)signature, ck_sigsize, + ret = (*func->C_Verify)(session, (CK_BYTE *)signature, ck_sigsize, (CK_BYTE *)sighash, strlen(sighash)); if (ret != CKR_OK) { printf("message: %d\n", (int)ret); @@ -192,7 +192,7 @@ main(int argc, char **argv) ret = (*func->C_EncryptInit)(session, &mechanism, public); if (ret != CKR_OK) return 1; - + ck_sigsize = sizeof(signature); ret = (*func->C_Encrypt)(session, (CK_BYTE *)sighash, strlen(sighash), (CK_BYTE *)signature, &ck_sigsize); @@ -206,14 +206,14 @@ main(int argc, char **argv) return 1; outsize = sizeof(outdata); - ret = (*func->C_Decrypt)(session, (CK_BYTE *)signature, ck_sigsize, + ret = (*func->C_Decrypt)(session, (CK_BYTE *)signature, ck_sigsize, (CK_BYTE *)outdata, &outsize); if (ret != CKR_OK) { printf("message: %d\n", (int)ret); return 1; } - if (memcmp(sighash, outdata, strlen(sighash)) != 0) + if (ct_memcmp(sighash, outdata, strlen(sighash)) != 0) return 1; } #endif diff --git a/lib/hx509/test_windows.in b/lib/hx509/test_windows.in index 86145449a7f3..c617f81322e5 100644 --- a/lib/hx509/test_windows.in +++ b/lib/hx509/test_windows.in @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2007 Kungliga Tekniska Högskolan +# Copyright (c) 2007 Kungliga Tekniska Högskolan # (Royal Institute of Technology, Stockholm, Sweden). # All rights reserved. # @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $Id: test_windows.in 21004 2007-06-08 01:53:10Z lha $ +# $Id$ # srcdir="@srcdir@" diff --git a/lib/hx509/tst-crypto-available2 b/lib/hx509/tst-crypto-available2 index b3f76e376f0a..22c09206f038 100644 --- a/lib/hx509/tst-crypto-available2 +++ b/lib/hx509/tst-crypto-available2 @@ -1,4 +1,5 @@ +2.16.840.1.101.3.4.2.3 +2.16.840.1.101.3.4.2.2 2.16.840.1.101.3.4.2.1 1.3.14.3.2.26 1.2.840.113549.2.5 -1.2.840.113549.2.2 diff --git a/lib/hx509/tst-crypto-select1 b/lib/hx509/tst-crypto-select1 index eb0d095adf65..c343b5708234 100644 --- a/lib/hx509/tst-crypto-select1 +++ b/lib/hx509/tst-crypto-select1 @@ -1 +1 @@ -1.3.14.3.2.26 +2.16.840.1.101.3.4.2.1 diff --git a/lib/hx509/tst-crypto-select2 b/lib/hx509/tst-crypto-select2 index 749a54905dc2..399c883a9235 100644 --- a/lib/hx509/tst-crypto-select2 +++ b/lib/hx509/tst-crypto-select2 @@ -1 +1 @@ -1.2.840.113549.1.1.5 +1.2.840.113549.1.1.11 diff --git a/lib/hx509/version-script.map b/lib/hx509/version-script.map index 68ef73e8ecca..b05198c42c5d 100644 --- a/lib/hx509/version-script.map +++ b/lib/hx509/version-script.map @@ -1,8 +1,31 @@ # $Id$ -HEIMDAL_X509_1.0 { +HEIMDAL_X509_1.2 { global: - initialize_hx_error_table_r; + _hx509_cert_assign_key; + _hx509_cert_private_key; + _hx509_certs_keys_free; + _hx509_certs_keys_get; + _hx509_expr_eval; + _hx509_expr_free; + _hx509_expr_parse; + _hx509_generate_private_key; + _hx509_generate_private_key_bits; + _hx509_generate_private_key_free; + _hx509_generate_private_key_init; + _hx509_generate_private_key_is_ca; + _hx509_map_file_os; + _hx509_name_from_Name; + _hx509_private_key_ref; + _hx509_request_add_dns_name; + _hx509_request_add_email; + _hx509_request_parse; + _hx509_request_print; + _hx509_request_set_email; + _hx509_request_to_pkcs10; + _hx509_request_to_pkcs10; + _hx509_unmap_file_os; + _hx509_write_file; hx509_bitstring_print; hx509_ca_sign; hx509_ca_sign_self; @@ -26,15 +49,18 @@ HEIMDAL_X509_1.0 { hx509_ca_tbs_set_spki; hx509_ca_tbs_set_subject; hx509_ca_tbs_set_template; + hx509_ca_tbs_set_unique; hx509_ca_tbs_subject_expand; hx509_ca_tbs_template_units; + hx509_cert; + hx509_cert_attribute; hx509_cert_binary; hx509_cert_check_eku; hx509_cert_cmp; hx509_cert_find_subjectAltName_otherName; hx509_cert_free; hx509_cert_get_SPKI; - hx509_cert_attribute; + hx509_cert_get_SPKI_AlgorithmIdentifier; hx509_cert_get_attribute; hx509_cert_get_base_subject; hx509_cert_get_friendly_name; @@ -43,26 +69,32 @@ HEIMDAL_X509_1.0 { hx509_cert_get_notBefore; hx509_cert_get_serialnumber; hx509_cert_get_subject; + hx509_cert_get_issuer_unique_id; + hx509_cert_get_subject_unique_id; hx509_cert_init; hx509_cert_init_data; hx509_cert_keyusage_print; - hx509_cert; + hx509_cert_public_encrypt; hx509_cert_ref; hx509_cert_set_friendly_name; hx509_certs_add; hx509_certs_append; hx509_certs_end_seq; + hx509_certs_ref; + hx509_certs_filter; hx509_certs_find; hx509_certs_free; hx509_certs_info; hx509_certs_init; hx509_certs_iter; + hx509_certs_iter_f; hx509_certs_merge; hx509_certs_next_cert; hx509_certs_start_seq; hx509_certs_store; hx509_ci_print_names; hx509_clear_error_string; + hx509_cms_create_signed; hx509_cms_create_signed_1; hx509_cms_decrypt_encrypted; hx509_cms_envelope_1; @@ -80,6 +112,7 @@ HEIMDAL_X509_1.0 { hx509_crl_sign; hx509_crypto_aes128_cbc; hx509_crypto_aes256_cbc; + hx509_crypto_allow_weak; hx509_crypto_available; hx509_crypto_decrypt; hx509_crypto_des_rsdi_ede3_cbc; @@ -93,15 +126,20 @@ HEIMDAL_X509_1.0 { hx509_crypto_select; hx509_crypto_set_key_data; hx509_crypto_set_key_name; + hx509_crypto_set_padding; hx509_crypto_set_params; hx509_crypto_set_random_key; hx509_env_add; + hx509_env_add_binding; + hx509_env_find; + hx509_env_find_binding; hx509_env_free; hx509_env_init; hx509_env_lfind; hx509_err; hx509_free_error_string; hx509_free_octet_string_list; + hx509_find_private_alg; hx509_general_name_unparse; hx509_get_error_string; hx509_get_one_cert; @@ -116,6 +154,7 @@ HEIMDAL_X509_1.0 { hx509_lock_reset_passwords; hx509_lock_reset_promper; hx509_lock_set_prompter; + hx509_name_binary; hx509_name_cmp; hx509_name_copy; hx509_name_expand; @@ -123,27 +162,47 @@ HEIMDAL_X509_1.0 { hx509_name_is_null_p; hx509_name_normalize; hx509_name_to_Name; - hx509_name_binary; hx509_name_to_string; hx509_ocsp_request; hx509_ocsp_verify; hx509_oid_print; hx509_oid_sprint; hx509_parse_name; + hx509_parse_private_key; + hx509_peer_info_add_cms_alg; hx509_peer_info_alloc; hx509_peer_info_free; hx509_peer_info_set_cert; hx509_peer_info_set_cms_algs; + hx509_pem_add_header; + hx509_pem_find_header; + hx509_pem_free_header; + hx509_pem_read; + hx509_pem_write; hx509_print_stdout; + hx509_print_cert; + hx509_private_key_assign_rsa; + hx509_private_key_free; + hx509_private_key_private_decrypt; + hx509_private_key_init; + hx509_private_key2SPKI; hx509_prompt_hidden; hx509_query_alloc; hx509_query_free; hx509_query_match_cmp_func; + hx509_query_match_eku; + hx509_query_match_expr; hx509_query_match_friendly_name; hx509_query_match_issuer_serial; hx509_query_match_option; hx509_query_statistic_file; hx509_query_unparse_stats; + hx509_request_get_name; + hx509_request_get_SubjectPublicKeyInfo; + hx509_request_free; + hx509_request_init; + hx509_request_set_name; + hx509_request_set_SubjectPublicKeyInfo; hx509_revoke_add_crl; hx509_revoke_add_ocsp; hx509_revoke_free; @@ -152,10 +211,8 @@ HEIMDAL_X509_1.0 { hx509_revoke_verify; hx509_set_error_string; hx509_set_error_stringv; - hx509_signature_md2; hx509_signature_md5; hx509_signature_rsa; - hx509_signature_rsa_with_md2; hx509_signature_rsa_with_md5; hx509_signature_rsa_with_sha1; hx509_signature_rsa_with_sha256; @@ -183,42 +240,8 @@ HEIMDAL_X509_1.0 { hx509_verify_set_strict_rfc3280_verification; hx509_verify_set_time; hx509_verify_signature; - hx509_pem_write; - hx509_pem_add_header; - hx509_pem_find_header; - hx509_pem_free_header; hx509_xfree; - _hx509_write_file; - _hx509_map_file; - _hx509_map_file_os; - _hx509_unmap_file; - _hx509_unmap_file_os; - _hx509_certs_keys_free; - _hx509_certs_keys_get; - _hx509_request_init; - _hx509_request_add_dns_name; - _hx509_request_add_email; - _hx509_request_get_name; - _hx509_request_set_name; - _hx509_request_set_email; - _hx509_request_get_SubjectPublicKeyInfo; - _hx509_request_set_SubjectPublicKeyInfo; - _hx509_request_to_pkcs10; - _hx509_request_to_pkcs10; - _hx509_request_free; - _hx509_request_print; - _hx509_request_parse; - _hx509_private_key_ref; - _hx509_private_key_free; - _hx509_private_key2SPKI; - _hx509_generate_private_key_init; - _hx509_generate_private_key_is_ca; - _hx509_generate_private_key_bits; - _hx509_generate_private_key; - _hx509_generate_private_key_free; - _hx509_cert_assign_key; - _hx509_cert_private_key; - _hx509_name_from_Name; + initialize_hx_error_table_r; # pkcs11 symbols C_GetFunctionList; local: diff --git a/lib/ipc/Makefile.am b/lib/ipc/Makefile.am new file mode 100644 index 000000000000..fc3ba469d481 --- /dev/null +++ b/lib/ipc/Makefile.am @@ -0,0 +1,67 @@ +include $(top_srcdir)/Makefile.am.common + +noinst_LTLIBRARIES = libheim-ipcc.la libheim-ipcs.la + +dist_libheim_ipcc_la_SOURCES = hi_locl.h heim_ipc_types.h client.c common.c +dist_libheim_ipcs_la_SOURCES = hi_locl.h heim_ipc_types.h server.c common.c + +include_HEADERS = heim-ipc.h + +## +## Enable when this is not a noinst_ library +## +#libheim_ipcc_la_LDFLAGS = -version-info 0:0:0 +#libheim_ipcs_la_LDFLAGS = -version-info 0:0:0 +# +#if versionscript +#libheim_ipcc_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-scriptc.map +#libheim_ipcs_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-scripts.map +#endif + +libheim_ipcc_la_LIBADD = \ + $(LIB_heimbase) \ + $(LIB_roken) \ + $(PTHREAD_LIBADD) + +libheim_ipcs_la_LIBADD = $(libheim_ipcc_la_LIBADD) + +TESTS = $(check_PROGRAMS) + +noinst_PROGRAMS = tc ts ts-http + +ts_LDADD = libheim-ipcs.la $(LIB_roken) +ts_http_LDADD = $(ts_LDADD) +tc_LDADD = libheim-ipcc.la $(LIB_roken) + +if have_gcd + +EXTRA_DIST = heim_ipc.defs heim_ipc_async.defs heim_ipc_reply.defs + +heim_ipc.h heim_ipcUser.c heim_ipcServer.c heim_ipcServer.h: heim_ipc.defs + mig -header heim_ipc.h -user heim_ipcUser.c -sheader heim_ipcServer.h -server heim_ipcServer.c -I$(srcdir) $(srcdir)/heim_ipc.defs + +heim_ipc_async.h heim_ipc_asyncUser.c heim_ipc_asyncServer.c heim_ipc_asyncServer.h: heim_ipc_async.defs + mig -header heim_ipc_async.h -user heim_ipc_asyncUser.c -sheader heim_ipc_asyncServer.h -server heim_ipc_asyncServer.c -I$(srcdir) $(srcdir)/heim_ipc_async.defs + +heim_ipc_reply.h heim_ipc_replyUser.c: heim_ipc_reply.defs + mig -header heim_ipc_reply.h -user heim_ipc_replyUser.c -sheader /dev/null -server /dev/null -I$(srcdir) $(srcdir)/heim_ipc_reply.defs + +built_ipcc = heim_ipc.h heim_ipcUser.c +built_ipcc += heim_ipc_asyncServer.c heim_ipc_asyncServer.h + +nodist_libheim_ipcc_la_SOURCES = $(built_ipcc) + +built_ipcs = heim_ipcServer.c heim_ipcServer.h +built_ipcs += heim_ipc_asyncUser.c heim_ipc_async.h +built_ipcs += heim_ipc_reply.h heim_ipc_replyUser.c + +nodist_libheim_ipcs_la_SOURCES = $(built_ipcs) + +libheim_ipcs_la_LIBADD += -lbsm + +CLEANFILES = $(built_ipcc) $(built_ipcs) + +$(srcdir)/client.c: $(built_ipcc) +$(srcdir)/server.c: $(built_ipcs) + +endif \ No newline at end of file diff --git a/lib/ipc/Makefile.in b/lib/ipc/Makefile.in new file mode 100644 index 000000000000..1fd0c227bd6e --- /dev/null +++ b/lib/ipc/Makefile.in @@ -0,0 +1,1073 @@ +# Makefile.in generated by automake 1.11.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# $Id$ + +# $Id$ + + + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ + $(top_srcdir)/cf/Makefile.am.common +TESTS = +noinst_PROGRAMS = tc$(EXEEXT) ts$(EXEEXT) ts-http$(EXEEXT) +@have_gcd_TRUE@am__append_1 = -lbsm +subdir = lib/ipc +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ + $(top_srcdir)/cf/broken-getaddrinfo.m4 \ + $(top_srcdir)/cf/broken-glob.m4 \ + $(top_srcdir)/cf/broken-realloc.m4 \ + $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ + $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ + $(top_srcdir)/cf/capabilities.m4 \ + $(top_srcdir)/cf/check-compile-et.m4 \ + $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ + $(top_srcdir)/cf/check-man.m4 \ + $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ + $(top_srcdir)/cf/check-type-extra.m4 \ + $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ + $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ + $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/find-func-no-libs.m4 \ + $(top_srcdir)/cf/find-func-no-libs2.m4 \ + $(top_srcdir)/cf/find-func.m4 \ + $(top_srcdir)/cf/find-if-not-broken.m4 \ + $(top_srcdir)/cf/framework-security.m4 \ + $(top_srcdir)/cf/have-struct-field.m4 \ + $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ + $(top_srcdir)/cf/krb-bigendian.m4 \ + $(top_srcdir)/cf/krb-func-getlogin.m4 \ + $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ + $(top_srcdir)/cf/krb-readline.m4 \ + $(top_srcdir)/cf/krb-struct-spwd.m4 \ + $(top_srcdir)/cf/krb-struct-winsize.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ + $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ + $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ + $(top_srcdir)/cf/roken-frag.m4 \ + $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ + $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ + $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ + $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/include/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +LTLIBRARIES = $(noinst_LTLIBRARIES) +am__DEPENDENCIES_1 = +libheim_ipcc_la_DEPENDENCIES = $(LIB_heimbase) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) +dist_libheim_ipcc_la_OBJECTS = client.lo common.lo +@have_gcd_TRUE@am__objects_1 = heim_ipcUser.lo heim_ipc_asyncServer.lo +@have_gcd_TRUE@nodist_libheim_ipcc_la_OBJECTS = $(am__objects_1) +libheim_ipcc_la_OBJECTS = $(dist_libheim_ipcc_la_OBJECTS) \ + $(nodist_libheim_ipcc_la_OBJECTS) +am__DEPENDENCIES_2 = $(LIB_heimbase) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) +libheim_ipcs_la_DEPENDENCIES = $(am__DEPENDENCIES_2) \ + $(am__DEPENDENCIES_1) +dist_libheim_ipcs_la_OBJECTS = server.lo common.lo +@have_gcd_TRUE@am__objects_2 = heim_ipcServer.lo heim_ipc_asyncUser.lo \ +@have_gcd_TRUE@ heim_ipc_replyUser.lo +@have_gcd_TRUE@nodist_libheim_ipcs_la_OBJECTS = $(am__objects_2) +libheim_ipcs_la_OBJECTS = $(dist_libheim_ipcs_la_OBJECTS) \ + $(nodist_libheim_ipcs_la_OBJECTS) +PROGRAMS = $(noinst_PROGRAMS) +tc_SOURCES = tc.c +tc_OBJECTS = tc.$(OBJEXT) +tc_DEPENDENCIES = libheim-ipcc.la $(am__DEPENDENCIES_1) +ts_SOURCES = ts.c +ts_OBJECTS = ts.$(OBJEXT) +ts_DEPENDENCIES = libheim-ipcs.la $(am__DEPENDENCIES_1) +ts_http_SOURCES = ts-http.c +ts_http_OBJECTS = ts-http.$(OBJEXT) +am__DEPENDENCIES_3 = libheim-ipcs.la $(am__DEPENDENCIES_1) +ts_http_DEPENDENCIES = $(am__DEPENDENCIES_3) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(dist_libheim_ipcc_la_SOURCES) \ + $(nodist_libheim_ipcc_la_SOURCES) \ + $(dist_libheim_ipcs_la_SOURCES) \ + $(nodist_libheim_ipcs_la_SOURCES) tc.c ts.c ts-http.c +DIST_SOURCES = $(dist_libheim_ipcc_la_SOURCES) \ + $(dist_libheim_ipcs_la_SOURCES) tc.c ts.c ts-http.c +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__installdirs = "$(DESTDIR)$(includedir)" +HEADERS = $(include_HEADERS) +ETAGS = etags +CTAGS = ctags +am__tty_colors = \ +red=; grn=; lgn=; blu=; std= +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMTAR = @AMTAR@ +AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +COMPILE_ET = @COMPILE_ET@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ +DBLIB = @DBLIB@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DIR_com_err = @DIR_com_err@ +DIR_hcrypto = @DIR_hcrypto@ +DIR_hdbdir = @DIR_hdbdir@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GREP = @GREP@ +GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ +INCLUDE_hcrypto = @INCLUDE_hcrypto@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ +INCLUDE_openldap = @INCLUDE_openldap@ +INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBADD_roken = @LIBADD_roken@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_NDBM = @LIB_NDBM@ +LIB_XauFileName = @LIB_XauFileName@ +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_XauWriteAuth = @LIB_XauWriteAuth@ +LIB_bswap16 = @LIB_bswap16@ +LIB_bswap32 = @LIB_bswap32@ +LIB_com_err = @LIB_com_err@ +LIB_com_err_a = @LIB_com_err_a@ +LIB_com_err_so = @LIB_com_err_so@ +LIB_crypt = @LIB_crypt@ +LIB_db_create = @LIB_db_create@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ +LIB_door_create = @LIB_door_create@ +LIB_freeaddrinfo = @LIB_freeaddrinfo@ +LIB_gai_strerror = @LIB_gai_strerror@ +LIB_getaddrinfo = @LIB_getaddrinfo@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_gethostbyname2 = @LIB_gethostbyname2@ +LIB_getnameinfo = @LIB_getnameinfo@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_hcrypto = @LIB_hcrypto@ +LIB_hcrypto_a = @LIB_hcrypto_a@ +LIB_hcrypto_appl = @LIB_hcrypto_appl@ +LIB_hcrypto_so = @LIB_hcrypto_so@ +LIB_hesiod = @LIB_hesiod@ +LIB_hstrerror = @LIB_hstrerror@ +LIB_kdb = @LIB_kdb@ +LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ +LIB_loadquery = @LIB_loadquery@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_openldap = @LIB_openldap@ +LIB_openpty = @LIB_openpty@ +LIB_otp = @LIB_otp@ +LIB_pidfile = @LIB_pidfile@ +LIB_readline = @LIB_readline@ +LIB_res_ndestroy = @LIB_res_ndestroy@ +LIB_res_nsearch = @LIB_res_nsearch@ +LIB_res_search = @LIB_res_search@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ +STRIP = @STRIP@ +VERSION = @VERSION@ +VERSIONING = @VERSIONING@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +XMKMF = @XMKMF@ +X_CFLAGS = @X_CFLAGS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_LIBS = @X_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dpagaix_cflags = @dpagaix_cflags@ +dpagaix_ldadd = @dpagaix_ldadd@ +dpagaix_ldflags = @dpagaix_ldflags@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +subdirs = @subdirs@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) +@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME +AM_CFLAGS = $(WFLAGS) +CP = cp +buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_setpcred = @LIB_setpcred@ +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal +NROFF_MAN = groff -mandoc -Tascii +LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la + +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la +@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la +noinst_LTLIBRARIES = libheim-ipcc.la libheim-ipcs.la +dist_libheim_ipcc_la_SOURCES = hi_locl.h heim_ipc_types.h client.c common.c +dist_libheim_ipcs_la_SOURCES = hi_locl.h heim_ipc_types.h server.c common.c +include_HEADERS = heim-ipc.h + +#libheim_ipcc_la_LDFLAGS = -version-info 0:0:0 +#libheim_ipcs_la_LDFLAGS = -version-info 0:0:0 +# +#if versionscript +#libheim_ipcc_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-scriptc.map +#libheim_ipcs_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-scripts.map +#endif +libheim_ipcc_la_LIBADD = \ + $(LIB_heimbase) \ + $(LIB_roken) \ + $(PTHREAD_LIBADD) + +libheim_ipcs_la_LIBADD = $(libheim_ipcc_la_LIBADD) $(am__append_1) +ts_LDADD = libheim-ipcs.la $(LIB_roken) +ts_http_LDADD = $(ts_LDADD) +tc_LDADD = libheim-ipcc.la $(LIB_roken) +@have_gcd_TRUE@EXTRA_DIST = heim_ipc.defs heim_ipc_async.defs heim_ipc_reply.defs +@have_gcd_TRUE@built_ipcc = heim_ipc.h heim_ipcUser.c \ +@have_gcd_TRUE@ heim_ipc_asyncServer.c heim_ipc_asyncServer.h +@have_gcd_TRUE@nodist_libheim_ipcc_la_SOURCES = $(built_ipcc) +@have_gcd_TRUE@built_ipcs = heim_ipcServer.c heim_ipcServer.h \ +@have_gcd_TRUE@ heim_ipc_asyncUser.c heim_ipc_async.h \ +@have_gcd_TRUE@ heim_ipc_reply.h heim_ipc_replyUser.c +@have_gcd_TRUE@nodist_libheim_ipcs_la_SOURCES = $(built_ipcs) +@have_gcd_TRUE@CLEANFILES = $(built_ipcc) $(built_ipcs) +all: all-am + +.SUFFIXES: +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/ipc/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/ipc/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libheim-ipcc.la: $(libheim_ipcc_la_OBJECTS) $(libheim_ipcc_la_DEPENDENCIES) + $(LINK) $(libheim_ipcc_la_OBJECTS) $(libheim_ipcc_la_LIBADD) $(LIBS) +libheim-ipcs.la: $(libheim_ipcs_la_OBJECTS) $(libheim_ipcs_la_DEPENDENCIES) + $(LINK) $(libheim_ipcs_la_OBJECTS) $(libheim_ipcs_la_LIBADD) $(LIBS) + +clean-noinstPROGRAMS: + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +tc$(EXEEXT): $(tc_OBJECTS) $(tc_DEPENDENCIES) + @rm -f tc$(EXEEXT) + $(LINK) $(tc_OBJECTS) $(tc_LDADD) $(LIBS) +ts$(EXEEXT): $(ts_OBJECTS) $(ts_DEPENDENCIES) + @rm -f ts$(EXEEXT) + $(LINK) $(ts_OBJECTS) $(ts_LDADD) $(LIBS) +ts-http$(EXEEXT): $(ts_http_OBJECTS) $(ts_http_DEPENDENCIES) + @rm -f ts-http$(EXEEXT) + $(LINK) $(ts_http_OBJECTS) $(ts_http_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/client.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/common.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/heim_ipcServer.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/heim_ipcUser.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/heim_ipc_asyncServer.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/heim_ipc_asyncUser.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/heim_ipc_replyUser.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/server.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tc.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ts-http.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ts.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-includeHEADERS: $(include_HEADERS) + @$(NORMAL_INSTALL) + test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ + done + +uninstall-includeHEADERS: + @$(NORMAL_UNINSTALL) + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +check-TESTS: $(TESTS) + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ + srcdir=$(srcdir); export srcdir; \ + list=' $(TESTS) '; \ + $(am__tty_colors); \ + if test -n "$$list"; then \ + for tst in $$list; do \ + if test -f ./$$tst; then dir=./; \ + elif test -f $$tst; then dir=; \ + else dir="$(srcdir)/"; fi; \ + if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *[\ \ ]$$tst[\ \ ]*) \ + xpass=`expr $$xpass + 1`; \ + failed=`expr $$failed + 1`; \ + col=$$red; res=XPASS; \ + ;; \ + *) \ + col=$$grn; res=PASS; \ + ;; \ + esac; \ + elif test $$? -ne 77; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *[\ \ ]$$tst[\ \ ]*) \ + xfail=`expr $$xfail + 1`; \ + col=$$lgn; res=XFAIL; \ + ;; \ + *) \ + failed=`expr $$failed + 1`; \ + col=$$red; res=FAIL; \ + ;; \ + esac; \ + else \ + skip=`expr $$skip + 1`; \ + col=$$blu; res=SKIP; \ + fi; \ + echo "$${col}$$res$${std}: $$tst"; \ + done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ + if test "$$failed" -eq 0; then \ + if test "$$xfail" -eq 0; then \ + banner="$$All$$all $$tests passed"; \ + else \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ + fi; \ + else \ + if test "$$xpass" -eq 0; then \ + banner="$$failed of $$all $$tests failed"; \ + else \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ + fi; \ + fi; \ + dashes="$$banner"; \ + skipped=""; \ + if test "$$skip" -ne 0; then \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ + test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ + dashes="$$skipped"; \ + fi; \ + report=""; \ + if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ + report="Please report to $(PACKAGE_BUGREPORT)"; \ + test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ + dashes="$$report"; \ + fi; \ + dashes=`echo "$$dashes" | sed s/./=/g`; \ + if test "$$failed" -eq 0; then \ + echo "$$grn$$dashes"; \ + else \ + echo "$$red$$dashes"; \ + fi; \ + echo "$$banner"; \ + test -z "$$skipped" || echo "$$skipped"; \ + test -z "$$report" || echo "$$report"; \ + echo "$$dashes$$std"; \ + test "$$failed" -eq 0; \ + else :; fi + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$(top_distdir)" distdir="$(distdir)" \ + dist-hook +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local +check: check-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local +installdirs: + for dir in "$(DESTDIR)$(includedir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-noinstPROGRAMS mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-includeHEADERS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-data-hook +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-includeHEADERS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) uninstall-hook +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am + +.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ + check-local clean clean-generic clean-libtool \ + clean-noinstLTLIBRARIES clean-noinstPROGRAMS ctags dist-hook \ + distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-data-hook install-dvi install-dvi-am \ + install-exec install-exec-am install-exec-hook install-html \ + install-html-am install-includeHEADERS install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags uninstall uninstall-am uninstall-hook \ + uninstall-includeHEADERS + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) + @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done ; \ + foo='$(nobase_include_HEADERS)'; \ + for f in $$foo; do \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers + +check-local:: + @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ + foo=''; elif test '$(CHECK_LOCAL)'; then \ + foo='$(CHECK_LOCAL)'; else \ + foo='$(PROGRAMS)'; fi; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0 || exit 1; \ + fi + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +uninstall-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +install-data-hook: install-cat-mans +uninstall-hook: uninstall-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +# +# Useful target for debugging +# + +check-valgrind: + tobjdir=`cd $(top_builddir) && pwd` ; \ + tsrcdir=`cd $(top_srcdir) && pwd` ; \ + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check + +# +# Target to please samba build farm, builds distfiles in-tree. +# Will break when automake changes... +# + +distdir-in-tree: $(DISTFILES) $(INFO_DEPS) + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" != .; then \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ + fi ; \ + done + +@have_gcd_TRUE@heim_ipc.h heim_ipcUser.c heim_ipcServer.c heim_ipcServer.h: heim_ipc.defs +@have_gcd_TRUE@ mig -header heim_ipc.h -user heim_ipcUser.c -sheader heim_ipcServer.h -server heim_ipcServer.c -I$(srcdir) $(srcdir)/heim_ipc.defs + +@have_gcd_TRUE@heim_ipc_async.h heim_ipc_asyncUser.c heim_ipc_asyncServer.c heim_ipc_asyncServer.h: heim_ipc_async.defs +@have_gcd_TRUE@ mig -header heim_ipc_async.h -user heim_ipc_asyncUser.c -sheader heim_ipc_asyncServer.h -server heim_ipc_asyncServer.c -I$(srcdir) $(srcdir)/heim_ipc_async.defs + +@have_gcd_TRUE@heim_ipc_reply.h heim_ipc_replyUser.c: heim_ipc_reply.defs +@have_gcd_TRUE@ mig -header heim_ipc_reply.h -user heim_ipc_replyUser.c -sheader /dev/null -server /dev/null -I$(srcdir) $(srcdir)/heim_ipc_reply.defs + +@have_gcd_TRUE@$(srcdir)/client.c: $(built_ipcc) +@have_gcd_TRUE@$(srcdir)/server.c: $(built_ipcs) + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/lib/ipc/client.c b/lib/ipc/client.c new file mode 100644 index 000000000000..bb7d9750bffa --- /dev/null +++ b/lib/ipc/client.c @@ -0,0 +1,574 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hi_locl.h" + +#if defined(__APPLE__) && defined(HAVE_GCD) + +#include "heim_ipc.h" +#include "heim_ipc_asyncServer.h" + +#include +#include + +static dispatch_once_t jobqinited = 0; +static dispatch_queue_t jobq = NULL; +static dispatch_queue_t syncq; + +struct mach_ctx { + mach_port_t server; + char *name; +}; + +static int +mach_release(void *ctx); + +static int +mach_init(const char *service, void **ctx) +{ + struct mach_ctx *ipc; + mach_port_t sport; + int ret; + + dispatch_once(&jobqinited, ^{ + jobq = dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0); + syncq = dispatch_queue_create("heim-ipc-syncq", NULL); + }); + + ret = bootstrap_look_up(bootstrap_port, service, &sport); + if (ret) + return ret; + + ipc = malloc(sizeof(*ipc)); + if (ipc == NULL) { + mach_port_destroy(mach_task_self(), sport); + return ENOMEM; + } + + ipc->server = sport; + ipc->name = strdup(service); + if (ipc->name == NULL) { + mach_release(ipc); + return ENOMEM; + } + + *ctx = ipc; + + return 0; +} + +static int +mach_ipc(void *ctx, + const heim_idata *request, heim_idata *response, + heim_icred *cred) +{ + struct mach_ctx *ipc = ctx; + heim_ipc_message_inband_t requestin; + mach_msg_type_number_t requestin_length = 0; + heim_ipc_message_outband_t requestout = NULL; + mach_msg_type_number_t requestout_length = 0; + heim_ipc_message_inband_t replyin; + mach_msg_type_number_t replyin_length; + heim_ipc_message_outband_t replyout; + mach_msg_type_number_t replyout_length; + int ret, errorcode, retries = 0; + + memcpy(requestin, request->data, request->length); + requestin_length = request->length; + + while (retries < 2) { + __block mach_port_t sport; + + dispatch_sync(syncq, ^{ sport = ipc->server; }); + + ret = mheim_ipc_call(sport, + requestin, requestin_length, + requestout, requestout_length, + &errorcode, + replyin, &replyin_length, + &replyout, &replyout_length); + if (ret == MACH_SEND_INVALID_DEST) { + mach_port_t nport; + /* race other threads to get a new port */ + ret = bootstrap_look_up(bootstrap_port, ipc->name, &nport); + if (ret) + return ret; + dispatch_sync(syncq, ^{ + /* check if we lost the race to lookup the port */ + if (sport != ipc->server) { + mach_port_deallocate(mach_task_self(), nport); + } else { + mach_port_deallocate(mach_task_self(), ipc->server); + ipc->server = nport; + } + }); + retries++; + } else if (ret) { + return ret; + } else + break; + } + if (retries >= 2) + return EINVAL; + + if (errorcode) { + if (replyout_length) + vm_deallocate (mach_task_self (), (vm_address_t) replyout, + replyout_length); + return errorcode; + } + + if (replyout_length) { + response->data = malloc(replyout_length); + if (response->data == NULL) { + vm_deallocate (mach_task_self (), (vm_address_t) replyout, + replyout_length); + return ENOMEM; + } + memcpy(response->data, replyout, replyout_length); + response->length = replyout_length; + vm_deallocate (mach_task_self (), (vm_address_t) replyout, + replyout_length); + } else { + response->data = malloc(replyin_length); + if (response->data == NULL) + return ENOMEM; + memcpy(response->data, replyin, replyin_length); + response->length = replyin_length; + } + + return 0; +} + +struct async_client { + mach_port_t mp; + dispatch_source_t source; + dispatch_queue_t queue; + void (*func)(void *, int, heim_idata *, heim_icred); + void *userctx; +}; + +kern_return_t +mheim_ado_acall_reply(mach_port_t server_port, + audit_token_t client_creds, + int returnvalue, + heim_ipc_message_inband_t replyin, + mach_msg_type_number_t replyinCnt, + heim_ipc_message_outband_t replyout, + mach_msg_type_number_t replyoutCnt) +{ + struct async_client *c = dispatch_get_context(dispatch_get_current_queue()); + heim_idata response; + + if (returnvalue) { + response.data = NULL; + response.length = 0; + } else if (replyoutCnt) { + response.data = replyout; + response.length = replyoutCnt; + } else { + response.data = replyin; + response.length = replyinCnt; + } + + (*c->func)(c->userctx, returnvalue, &response, NULL); + + if (replyoutCnt) + vm_deallocate (mach_task_self (), (vm_address_t) replyout, replyoutCnt); + + dispatch_source_cancel(c->source); + + return 0; + + +} + + +static int +mach_async(void *ctx, const heim_idata *request, void *userctx, + void (*func)(void *, int, heim_idata *, heim_icred)) +{ + struct mach_ctx *ipc = ctx; + heim_ipc_message_inband_t requestin; + mach_msg_type_number_t requestin_length = 0; + heim_ipc_message_outband_t requestout = NULL; + mach_msg_type_number_t requestout_length = 0; + int ret, retries = 0; + kern_return_t kr; + struct async_client *c; + + /* first create the service that will catch the reply from the server */ + /* XXX these object should be cached and reused */ + + c = malloc(sizeof(*c)); + if (c == NULL) + return ENOMEM; + + kr = mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &c->mp); + if (kr != KERN_SUCCESS) + return EINVAL; + + c->queue = dispatch_queue_create("heim-ipc-async-client", NULL); + c->source = dispatch_source_create(DISPATCH_SOURCE_TYPE_MACH_RECV, c->mp, 0, c->queue); + dispatch_set_context(c->queue, c); + + dispatch_source_set_event_handler(c->source, ^{ + dispatch_mig_server(c->source, + sizeof(union __RequestUnion__mheim_ado_mheim_aipc_subsystem), + mheim_aipc_server); + }); + + dispatch_source_set_cancel_handler(c->source, ^{ + mach_port_mod_refs(mach_task_self(), c->mp, + MACH_PORT_RIGHT_RECEIVE, -1); + dispatch_release(c->queue); + dispatch_release(c->source); + free(c); + }); + + c->func = func; + c->userctx = userctx; + + dispatch_resume(c->source); + + /* ok, send the message */ + + memcpy(requestin, request->data, request->length); + requestin_length = request->length; + + while (retries < 2) { + __block mach_port_t sport; + + dispatch_sync(syncq, ^{ sport = ipc->server; }); + + ret = mheim_ipc_call_request(sport, c->mp, + requestin, requestin_length, + requestout, requestout_length); + if (ret == MACH_SEND_INVALID_DEST) { + ret = bootstrap_look_up(bootstrap_port, ipc->name, &sport); + if (ret) { + dispatch_source_cancel(c->source); + return ret; + } + mach_port_deallocate(mach_task_self(), ipc->server); + ipc->server = sport; + retries++; + } else if (ret) { + dispatch_source_cancel(c->source); + return ret; + } else + break; + } + if (retries >= 2) { + dispatch_source_cancel(c->source); + return EINVAL; + } + + return 0; +} + +static int +mach_release(void *ctx) +{ + struct mach_ctx *ipc = ctx; + if (ipc->server != MACH_PORT_NULL) + mach_port_deallocate(mach_task_self(), ipc->server); + free(ipc->name); + free(ipc); + return 0; +} + +#endif + +struct path_ctx { + char *path; + int fd; +}; + +static int common_release(void *); + +static int +connect_unix(struct path_ctx *s) +{ + struct sockaddr_un addr; + + addr.sun_family = AF_UNIX; + strlcpy(addr.sun_path, s->path, sizeof(addr.sun_path)); + + s->fd = socket(AF_UNIX, SOCK_STREAM, 0); + if (s->fd < 0) + return errno; + rk_cloexec(s->fd); + + if (connect(s->fd, (struct sockaddr *)&addr, sizeof(addr)) != 0) { + close(s->fd); + return errno; + } + + return 0; +} + +static int +common_path_init(const char *service, + const char *file, + void **ctx) +{ + struct path_ctx *s; + + s = malloc(sizeof(*s)); + if (s == NULL) + return ENOMEM; + s->fd = -1; + + asprintf(&s->path, "/var/run/.heim_%s-%s", service, file); + + *ctx = s; + + return 0; +} + +static int +unix_socket_init(const char *service, + void **ctx) +{ + int ret; + + ret = common_path_init(service, "socket", ctx); + if (ret) + return ret; + ret = connect_unix(*ctx); + if (ret) + common_release(*ctx); + + return ret; +} + +static int +unix_socket_ipc(void *ctx, + const heim_idata *req, heim_idata *rep, + heim_icred *cred) +{ + struct path_ctx *s = ctx; + uint32_t len = htonl(req->length); + uint32_t rv; + int retval; + + if (cred) + *cred = NULL; + + rep->data = NULL; + rep->length = 0; + + if (net_write(s->fd, &len, sizeof(len)) != sizeof(len)) + return -1; + if (net_write(s->fd, req->data, req->length) != (ssize_t)req->length) + return -1; + + if (net_read(s->fd, &len, sizeof(len)) != sizeof(len)) + return -1; + if (net_read(s->fd, &rv, sizeof(rv)) != sizeof(rv)) + return -1; + retval = ntohl(rv); + + rep->length = ntohl(len); + if (rep->length > 0) { + rep->data = malloc(rep->length); + if (rep->data == NULL) + return -1; + if (net_read(s->fd, rep->data, rep->length) != (ssize_t)rep->length) + return -1; + } else + rep->data = NULL; + + return retval; +} + +int +common_release(void *ctx) +{ + struct path_ctx *s = ctx; + if (s->fd >= 0) + close(s->fd); + free(s->path); + free(s); + return 0; +} + +#ifdef HAVE_DOOR + +static int +door_init(const char *service, + void **ctx) +{ + ret = common_path_init(context, service, "door", ctx); + if (ret) + return ret; + ret = connect_door(*ctx); + if (ret) + common_release(*ctx); + return ret; +} + +static int +door_ipc(void *ctx, + const heim_idata *request, heim_idata *response, + heim_icred *cred) +{ + door_arg_t arg; + int ret; + + arg.data_ptr = request->data; + arg.data_size = request->length; + arg.desc_ptr = NULL; + arg.desc_num = 0; + arg.rbuf = NULL; + arg.rsize = 0; + + ret = door_call(fd, &arg); + close(fd); + if (ret != 0) + return errno; + + response->data = malloc(arg.rsize); + if (response->data == NULL) { + munmap(arg.rbuf, arg.rsize); + return ENOMEM; + } + memcpy(response->data, arg.rbuf, arg.rsize); + response->length = arg.rsize; + munmap(arg.rbuf, arg.rsize); + + return ret; +} + +#endif + +struct hipc_ops { + const char *prefix; + int (*init)(const char *, void **); + int (*release)(void *); + int (*ipc)(void *,const heim_idata *, heim_idata *, heim_icred *); + int (*async)(void *, const heim_idata *, void *, + void (*)(void *, int, heim_idata *, heim_icred)); +}; + +struct hipc_ops ipcs[] = { +#if defined(__APPLE__) && defined(HAVE_GCD) + { "MACH", mach_init, mach_release, mach_ipc, mach_async }, +#endif +#ifdef HAVE_DOOR + { "DOOR", door_init, common_release, door_ipc, NULL } +#endif + { "UNIX", unix_socket_init, common_release, unix_socket_ipc, NULL } +}; + +struct heim_ipc { + struct hipc_ops *ops; + void *ctx; +}; + + +int +heim_ipc_init_context(const char *name, heim_ipc *ctx) +{ + unsigned int i; + int ret, any = 0; + + for(i = 0; i < sizeof(ipcs)/sizeof(ipcs[0]); i++) { + size_t prefix_len = strlen(ipcs[i].prefix); + heim_ipc c; + if(strncmp(ipcs[i].prefix, name, prefix_len) == 0 + && name[prefix_len] == ':') { + } else if (strncmp("ANY:", name, 4) == 0) { + prefix_len = 3; + any = 1; + } else + continue; + + c = calloc(1, sizeof(*c)); + if (c == NULL) + return ENOMEM; + + c->ops = &ipcs[i]; + + ret = (c->ops->init)(name + prefix_len + 1, &c->ctx); + if (ret) { + free(c); + if (any) + continue; + return ret; + } + + *ctx = c; + return 0; + } + + return ENOENT; +} + +void +heim_ipc_free_context(heim_ipc ctx) +{ + (ctx->ops->release)(ctx->ctx); + free(ctx); +} + +int +heim_ipc_call(heim_ipc ctx, const heim_idata *snd, heim_idata *rcv, + heim_icred *cred) +{ + if (cred) + *cred = NULL; + return (ctx->ops->ipc)(ctx->ctx, snd, rcv, cred); +} + +int +heim_ipc_async(heim_ipc ctx, const heim_idata *snd, void *userctx, + void (*func)(void *, int, heim_idata *, heim_icred)) +{ + if (ctx->ops->async == NULL) { + heim_idata rcv; + heim_icred cred = NULL; + int ret; + + ret = (ctx->ops->ipc)(ctx->ctx, snd, &rcv, &cred); + (*func)(userctx, ret, &rcv, cred); + heim_ipc_free_cred(cred); + free(rcv.data); + return ret; + } else { + return (ctx->ops->async)(ctx->ctx, snd, userctx, func); + } +} diff --git a/lib/ipc/common.c b/lib/ipc/common.c new file mode 100644 index 000000000000..0e8f36dd2090 --- /dev/null +++ b/lib/ipc/common.c @@ -0,0 +1,204 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hi_locl.h" +#ifdef HAVE_GCD +#include +#else +#include "heim_threads.h" +#endif + +struct heim_icred { + uid_t uid; + gid_t gid; + pid_t pid; + pid_t session; +}; + +void +heim_ipc_free_cred(heim_icred cred) +{ + free(cred); +} + +uid_t +heim_ipc_cred_get_uid(heim_icred cred) +{ + return cred->uid; +} + +gid_t +heim_ipc_cred_get_gid(heim_icred cred) +{ + return cred->gid; +} + +pid_t +heim_ipc_cred_get_pid(heim_icred cred) +{ + return cred->pid; +} + +pid_t +heim_ipc_cred_get_session(heim_icred cred) +{ + return cred->session; +} + + +int +_heim_ipc_create_cred(uid_t uid, gid_t gid, pid_t pid, pid_t session, heim_icred *cred) +{ + *cred = calloc(1, sizeof(**cred)); + if (*cred == NULL) + return ENOMEM; + (*cred)->uid = uid; + (*cred)->gid = gid; + (*cred)->pid = pid; + (*cred)->session = session; + return 0; +} + +#ifndef HAVE_GCD +struct heim_isemaphore { + HEIMDAL_MUTEX mutex; + pthread_cond_t cond; + long counter; +}; +#endif + +heim_isemaphore +heim_ipc_semaphore_create(long value) +{ +#ifdef HAVE_GCD + return (heim_isemaphore)dispatch_semaphore_create(value); +#elif !defined(ENABLE_PTHREAD_SUPPORT) + heim_assert(0, "no semaphore support w/o pthreads"); + return NULL; +#else + heim_isemaphore s = malloc(sizeof(*s)); + if (s == NULL) + return NULL; + HEIMDAL_MUTEX_init(&s->mutex); + pthread_cond_init(&s->cond, NULL); + s->counter = value; + return s; +#endif +} + +long +heim_ipc_semaphore_wait(heim_isemaphore s, time_t t) +{ +#ifdef HAVE_GCD + uint64_t timeout; + if (t == HEIM_IPC_WAIT_FOREVER) + timeout = DISPATCH_TIME_FOREVER; + else + timeout = (uint64_t)t * NSEC_PER_SEC; + + return dispatch_semaphore_wait((dispatch_semaphore_t)s, timeout); +#elif !defined(ENABLE_PTHREAD_SUPPORT) + heim_assert(0, "no semaphore support w/o pthreads"); + return 0; +#else + HEIMDAL_MUTEX_lock(&s->mutex); + /* if counter hits below zero, we get to wait */ + if (--s->counter < 0) { + int ret; + + if (t == HEIM_IPC_WAIT_FOREVER) + ret = pthread_cond_wait(&s->cond, &s->mutex); + else { + struct timespec ts; + ts.tv_sec = t; + ts.tv_nsec = 0; + ret = pthread_cond_timedwait(&s->cond, &s->mutex, &ts); + } + if (ret) { + HEIMDAL_MUTEX_unlock(&s->mutex); + return errno; + } + } + HEIMDAL_MUTEX_unlock(&s->mutex); + + return 0; +#endif +} + +long +heim_ipc_semaphore_signal(heim_isemaphore s) +{ +#ifdef HAVE_GCD + return dispatch_semaphore_signal((dispatch_semaphore_t)s); +#elif !defined(ENABLE_PTHREAD_SUPPORT) + heim_assert(0, "no semaphore support w/o pthreads"); + return EINVAL; +#else + int wakeup; + HEIMDAL_MUTEX_lock(&s->mutex); + wakeup = (++s->counter == 0) ; + HEIMDAL_MUTEX_unlock(&s->mutex); + if (wakeup) + pthread_cond_signal(&s->cond); + return 0; +#endif +} + +void +heim_ipc_semaphore_release(heim_isemaphore s) +{ +#ifdef HAVE_GCD + dispatch_release((dispatch_semaphore_t)s); +#elif !defined(ENABLE_PTHREAD_SUPPORT) + heim_assert(0, "no semaphore support w/o pthreads"); +#else + HEIMDAL_MUTEX_lock(&s->mutex); + if (s->counter != 0) + abort(); + HEIMDAL_MUTEX_unlock(&s->mutex); + HEIMDAL_MUTEX_destroy(&s->mutex); + pthread_cond_destroy(&s->cond); + free(s); +#endif +} + +void +heim_ipc_free_data(heim_idata *data) +{ + if (data->data) + free(data->data); + data->data = NULL; + data->length = 0; +} diff --git a/lib/ipc/heim-ipc.h b/lib/ipc/heim-ipc.h new file mode 100644 index 000000000000..6fbf309f7cd4 --- /dev/null +++ b/lib/ipc/heim-ipc.h @@ -0,0 +1,130 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +typedef struct heim_ipc *heim_ipc; +typedef struct heim_sipc *heim_sipc; +typedef struct heim_icred *heim_icred; +typedef struct heim_isemaphore *heim_isemaphore; +typedef struct heim_octet_string heim_idata; +typedef struct heim_sipc_call *heim_sipc_call; + +/* common */ + +void +heim_ipc_free_cred(heim_icred); + +uid_t +heim_ipc_cred_get_uid(heim_icred); + +gid_t +heim_ipc_cred_get_gid(heim_icred); + +pid_t +heim_ipc_cred_get_pid(heim_icred); + +pid_t +heim_ipc_cred_get_session(heim_icred); + +void +heim_ipc_main(void); + +heim_isemaphore +heim_ipc_semaphore_create(long); + +long +heim_ipc_semaphore_wait(heim_isemaphore, time_t); + +long +heim_ipc_semaphore_signal(heim_isemaphore); + +void +heim_ipc_semaphore_release(heim_isemaphore); + +#define HEIM_IPC_WAIT_FOREVER ((time_t)-1) + +void +heim_ipc_free_data(heim_idata *); + +/* client */ + +int +heim_ipc_init_context(const char *, heim_ipc *); + +void +heim_ipc_free_context(heim_ipc); + +int +heim_ipc_call(heim_ipc, const heim_idata *, heim_idata *, heim_icred *); + +int +heim_ipc_async(heim_ipc, const heim_idata *, void *, void (*func)(void *, int, heim_idata *, heim_icred)); + +/* server */ + +#define HEIM_SIPC_TYPE_IPC 1 +#define HEIM_SIPC_TYPE_UINT32 2 +#define HEIM_SIPC_TYPE_HTTP 4 + +typedef void +(*heim_ipc_complete)(heim_sipc_call, int, heim_idata *); + +typedef void +(*heim_ipc_callback)(void *, const heim_idata *, + const heim_icred, heim_ipc_complete, heim_sipc_call); + + +int +heim_sipc_launchd_mach_init(const char *, heim_ipc_callback, + void *, heim_sipc *); + +int +heim_sipc_stream_listener(int, int, heim_ipc_callback, + void *, heim_sipc *); + +int +heim_sipc_service_unix(const char *, heim_ipc_callback, + void *, heim_sipc *); + + +void +heim_sipc_timeout(time_t); + +void +heim_sipc_set_timeout_handler(void (*)(void)); + +void +heim_sipc_free_context(heim_sipc); diff --git a/lib/ipc/heim_ipc.defs b/lib/ipc/heim_ipc.defs new file mode 100644 index 000000000000..ae84791375d3 --- /dev/null +++ b/lib/ipc/heim_ipc.defs @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include + +type heim_ipc_message_inband_t = array [ * : 2048 ] of char; +type heim_ipc_message_outband_t = array [] of char; + +import "heim_ipc_types.h"; + +subsystem mheim_ipc 1; +userprefix mheim_ipc_; +serverprefix mheim_do_; + +routine call( + server_port : mach_port_t; + ServerAuditToken client_creds : audit_token_t; + sreplyport reply_port : mach_port_make_send_once_t; + in requestin : heim_ipc_message_inband_t; + in requestout : heim_ipc_message_outband_t; + out returnvalue : int; + out replyin : heim_ipc_message_inband_t; + out replyout : heim_ipc_message_outband_t, dealloc); + +simpleroutine call_request( + server_port : mach_port_t; + ServerAuditToken client_creds : audit_token_t; + in reply_to : mach_port_make_send_once_t; + in requestin : heim_ipc_message_inband_t; + in requestout : heim_ipc_message_outband_t); + + + diff --git a/lib/ipc/heim_ipc_async.defs b/lib/ipc/heim_ipc_async.defs new file mode 100644 index 000000000000..73157c0d1ae5 --- /dev/null +++ b/lib/ipc/heim_ipc_async.defs @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include + +type heim_ipc_message_inband_t = array [ * : 2048 ] of char; +type heim_ipc_message_outband_t = array [] of char; + +import "heim_ipc_types.h"; + +subsystem mheim_aipc 201; +userprefix mheim_aipc_; +serverprefix mheim_ado_; + +simpleroutine acall_reply( + server_port : mach_port_move_send_once_t; + ServerAuditToken client_creds : audit_token_t; + in returnvalue : int; + in requestin : heim_ipc_message_inband_t; + in requestout : heim_ipc_message_outband_t); + + + diff --git a/lib/ipc/heim_ipc_reply.defs b/lib/ipc/heim_ipc_reply.defs new file mode 100644 index 000000000000..8209485562f0 --- /dev/null +++ b/lib/ipc/heim_ipc_reply.defs @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include + +type heim_ipc_message_inband_t = array [ * : 2048 ] of char; +type heim_ipc_message_outband_t = array [] of char; + +import "heim_ipc_types.h"; + +subsystem heim_ipc 101; +userprefix mheim_ripc_; + +simpleroutine call_reply( + reply_port : mach_port_move_send_once_t; + returnvalue : int; + replyin : heim_ipc_message_inband_t; + replyout : heim_ipc_message_outband_t, dealloc); diff --git a/lib/ipc/heim_ipc_types.h b/lib/ipc/heim_ipc_types.h new file mode 100644 index 000000000000..c853610f1a49 --- /dev/null +++ b/lib/ipc/heim_ipc_types.h @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef _HEIM_IPC_TYPES_H_ +#define _HEIM_IPC_TYPES_H_ + +#define HEIM_KCM_BOOTSTRAP_NAME "org.h5l.Kerberos.kcm" + +typedef char heim_ipc_message_inband_t[2048]; +typedef char *heim_ipc_message_outband_t; + +#endif diff --git a/lib/ipc/hi_locl.h b/lib/ipc/hi_locl.h new file mode 100644 index 000000000000..7efe6ca841ee --- /dev/null +++ b/lib/ipc/hi_locl.h @@ -0,0 +1,83 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + +#include +#include +#ifdef HAVE_SYS_UN_H +#include +#endif + +#include + +#include +#include +#include +#include +#include + +#ifdef HAVE_GETPEERUCRED +#include +#endif + +#include +#include + +#include +#include + +#include + +#if defined(__APPLE__) && defined(HAVE_GCD) +#include +#include +#include +#include + +#ifndef __APPLE_PRIVATE__ /* awe, using private interface */ +typedef boolean_t (*dispatch_mig_callback_t)(mach_msg_header_t *message, mach_msg_header_t *reply); + +mach_msg_return_t +dispatch_mig_server(dispatch_source_t ds, size_t maxmsgsz, dispatch_mig_callback_t callback); +#endif + +#endif + + +#include + +int +_heim_ipc_create_cred(uid_t, gid_t, pid_t, pid_t, heim_icred *); diff --git a/lib/ipc/server.c b/lib/ipc/server.c new file mode 100644 index 000000000000..245f2e3c5d82 --- /dev/null +++ b/lib/ipc/server.c @@ -0,0 +1,1187 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hi_locl.h" +#include + +#define MAX_PACKET_SIZE (128 * 1024) + +struct heim_sipc { + int (*release)(heim_sipc ctx); + heim_ipc_callback callback; + void *userctx; + void *mech; +}; + +#if defined(__APPLE__) && defined(HAVE_GCD) + +#include "heim_ipcServer.h" +#include "heim_ipc_reply.h" +#include "heim_ipc_async.h" + +static dispatch_source_t timer; +static dispatch_queue_t timerq; +static uint64_t timeoutvalue; + +static dispatch_queue_t eventq; + +static dispatch_queue_t workq; + +static void +default_timer_ev(void) +{ + exit(0); +} + +static void (*timer_ev)(void) = default_timer_ev; + +static void +set_timer(void) +{ + dispatch_source_set_timer(timer, + dispatch_time(DISPATCH_TIME_NOW, + timeoutvalue * NSEC_PER_SEC), + timeoutvalue * NSEC_PER_SEC, 1000000); +} + +static void +init_globals(void) +{ + static dispatch_once_t once; + dispatch_once(&once, ^{ + timerq = dispatch_queue_create("hiem-sipc-timer-q", NULL); + timer = dispatch_source_create(DISPATCH_SOURCE_TYPE_TIMER, 0, 0, timerq); + dispatch_source_set_event_handler(timer, ^{ timer_ev(); } ); + + workq = dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0); + eventq = dispatch_queue_create("heim-ipc.event-queue", NULL); + }); +} + +static void +suspend_timer(void) +{ + dispatch_suspend(timer); +} + +static void +restart_timer(void) +{ + dispatch_sync(timerq, ^{ set_timer(); }); + dispatch_resume(timer); +} + +struct mach_service { + mach_port_t sport; + dispatch_source_t source; + dispatch_queue_t queue; +}; + +struct mach_call_ctx { + mach_port_t reply_port; + heim_icred cred; + heim_idata req; +}; + + +static void +mach_complete_sync(heim_sipc_call ctx, int returnvalue, heim_idata *reply) +{ + struct mach_call_ctx *s = (struct mach_call_ctx *)ctx; + heim_ipc_message_inband_t replyin; + mach_msg_type_number_t replyinCnt; + heim_ipc_message_outband_t replyout; + mach_msg_type_number_t replyoutCnt; + kern_return_t kr; + + if (returnvalue) { + /* on error, no reply */ + replyinCnt = 0; + replyout = 0; replyoutCnt = 0; + kr = KERN_SUCCESS; + } else if (reply->length < 2048) { + replyinCnt = reply->length; + memcpy(replyin, reply->data, replyinCnt); + replyout = 0; replyoutCnt = 0; + kr = KERN_SUCCESS; + } else { + replyinCnt = 0; + kr = vm_read(mach_task_self(), + (vm_address_t)reply->data, reply->length, + (vm_address_t *)&replyout, &replyoutCnt); + } + + mheim_ripc_call_reply(s->reply_port, returnvalue, + replyin, replyinCnt, + replyout, replyoutCnt); + + heim_ipc_free_cred(s->cred); + free(s->req.data); + free(s); + restart_timer(); +} + +static void +mach_complete_async(heim_sipc_call ctx, int returnvalue, heim_idata *reply) +{ + struct mach_call_ctx *s = (struct mach_call_ctx *)ctx; + heim_ipc_message_inband_t replyin; + mach_msg_type_number_t replyinCnt; + heim_ipc_message_outband_t replyout; + mach_msg_type_number_t replyoutCnt; + kern_return_t kr; + + if (returnvalue) { + /* on error, no reply */ + replyinCnt = 0; + replyout = 0; replyoutCnt = 0; + kr = KERN_SUCCESS; + } else if (reply->length < 2048) { + replyinCnt = reply->length; + memcpy(replyin, reply->data, replyinCnt); + replyout = 0; replyoutCnt = 0; + kr = KERN_SUCCESS; + } else { + replyinCnt = 0; + kr = vm_read(mach_task_self(), + (vm_address_t)reply->data, reply->length, + (vm_address_t *)&replyout, &replyoutCnt); + } + + kr = mheim_aipc_acall_reply(s->reply_port, returnvalue, + replyin, replyinCnt, + replyout, replyoutCnt); + heim_ipc_free_cred(s->cred); + free(s->req.data); + free(s); + restart_timer(); +} + + +kern_return_t +mheim_do_call(mach_port_t server_port, + audit_token_t client_creds, + mach_port_t reply_port, + heim_ipc_message_inband_t requestin, + mach_msg_type_number_t requestinCnt, + heim_ipc_message_outband_t requestout, + mach_msg_type_number_t requestoutCnt, + int *returnvalue, + heim_ipc_message_inband_t replyin, + mach_msg_type_number_t *replyinCnt, + heim_ipc_message_outband_t *replyout, + mach_msg_type_number_t *replyoutCnt) +{ + heim_sipc ctx = dispatch_get_context(dispatch_get_current_queue()); + struct mach_call_ctx *s; + kern_return_t kr; + uid_t uid; + gid_t gid; + pid_t pid; + au_asid_t session; + + *replyout = NULL; + *replyoutCnt = 0; + *replyinCnt = 0; + + s = malloc(sizeof(*s)); + if (s == NULL) + return KERN_MEMORY_FAILURE; /* XXX */ + + s->reply_port = reply_port; + + audit_token_to_au32(client_creds, NULL, &uid, &gid, NULL, NULL, &pid, &session, NULL); + + kr = _heim_ipc_create_cred(uid, gid, pid, session, &s->cred); + if (kr) { + free(s); + return kr; + } + + suspend_timer(); + + if (requestinCnt) { + s->req.data = malloc(requestinCnt); + memcpy(s->req.data, requestin, requestinCnt); + s->req.length = requestinCnt; + } else { + s->req.data = malloc(requestoutCnt); + memcpy(s->req.data, requestout, requestoutCnt); + s->req.length = requestoutCnt; + } + + dispatch_async(workq, ^{ + (ctx->callback)(ctx->userctx, &s->req, s->cred, + mach_complete_sync, (heim_sipc_call)s); + }); + + return MIG_NO_REPLY; +} + +kern_return_t +mheim_do_call_request(mach_port_t server_port, + audit_token_t client_creds, + mach_port_t reply_port, + heim_ipc_message_inband_t requestin, + mach_msg_type_number_t requestinCnt, + heim_ipc_message_outband_t requestout, + mach_msg_type_number_t requestoutCnt) +{ + heim_sipc ctx = dispatch_get_context(dispatch_get_current_queue()); + struct mach_call_ctx *s; + kern_return_t kr; + uid_t uid; + gid_t gid; + pid_t pid; + au_asid_t session; + + s = malloc(sizeof(*s)); + if (s == NULL) + return KERN_MEMORY_FAILURE; /* XXX */ + + s->reply_port = reply_port; + + audit_token_to_au32(client_creds, NULL, &uid, &gid, NULL, NULL, &pid, &session, NULL); + + kr = _heim_ipc_create_cred(uid, gid, pid, session, &s->cred); + if (kr) { + free(s); + return kr; + } + + suspend_timer(); + + if (requestinCnt) { + s->req.data = malloc(requestinCnt); + memcpy(s->req.data, requestin, requestinCnt); + s->req.length = requestinCnt; + } else { + s->req.data = malloc(requestoutCnt); + memcpy(s->req.data, requestout, requestoutCnt); + s->req.length = requestoutCnt; + } + + dispatch_async(workq, ^{ + (ctx->callback)(ctx->userctx, &s->req, s->cred, + mach_complete_async, (heim_sipc_call)s); + }); + + return KERN_SUCCESS; +} + +static int +mach_init(const char *service, mach_port_t sport, heim_sipc ctx) +{ + struct mach_service *s; + char *name; + + init_globals(); + + s = calloc(1, sizeof(*s)); + if (s == NULL) + return ENOMEM; + + asprintf(&name, "heim-ipc-mach-%s", service); + + s->queue = dispatch_queue_create(name, NULL); + free(name); + s->sport = sport; + + s->source = dispatch_source_create(DISPATCH_SOURCE_TYPE_MACH_RECV, + s->sport, 0, s->queue); + if (s->source == NULL) { + dispatch_release(s->queue); + free(s); + return ENOMEM; + } + ctx->mech = s; + + dispatch_set_context(s->queue, ctx); + dispatch_set_context(s->source, s); + + dispatch_source_set_event_handler(s->source, ^{ + dispatch_mig_server(s->source, sizeof(union __RequestUnion__mheim_do_mheim_ipc_subsystem), mheim_ipc_server); + }); + + dispatch_source_set_cancel_handler(s->source, ^{ + heim_sipc ctx = dispatch_get_context(dispatch_get_current_queue()); + struct mach_service *st = ctx->mech; + mach_port_mod_refs(mach_task_self(), st->sport, + MACH_PORT_RIGHT_RECEIVE, -1); + dispatch_release(st->queue); + dispatch_release(st->source); + free(st); + free(ctx); + }); + + dispatch_resume(s->source); + + return 0; +} + +static int +mach_release(heim_sipc ctx) +{ + struct mach_service *s = ctx->mech; + dispatch_source_cancel(s->source); + dispatch_release(s->source); + return 0; +} + +static mach_port_t +mach_checkin_or_register(const char *service) +{ + mach_port_t mp; + kern_return_t kr; + + kr = bootstrap_check_in(bootstrap_port, service, &mp); + if (kr == KERN_SUCCESS) + return mp; + +#if __MAC_OS_X_VERSION_MIN_REQUIRED <= 1050 + /* Pre SnowLeopard version */ + kr = mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &mp); + if (kr != KERN_SUCCESS) + return MACH_PORT_NULL; + + kr = mach_port_insert_right(mach_task_self(), mp, mp, + MACH_MSG_TYPE_MAKE_SEND); + if (kr != KERN_SUCCESS) { + mach_port_destroy(mach_task_self(), mp); + return MACH_PORT_NULL; + } + + kr = bootstrap_register(bootstrap_port, rk_UNCONST(service), mp); + if (kr != KERN_SUCCESS) { + mach_port_destroy(mach_task_self(), mp); + return MACH_PORT_NULL; + } + + return mp; +#else + return MACH_PORT_NULL; +#endif +} + + +#endif /* __APPLE__ && HAVE_GCD */ + + +int +heim_sipc_launchd_mach_init(const char *service, + heim_ipc_callback callback, + void *user, heim_sipc *ctx) +{ +#if defined(__APPLE__) && defined(HAVE_GCD) + mach_port_t sport = MACH_PORT_NULL; + heim_sipc c = NULL; + int ret; + + *ctx = NULL; + + sport = mach_checkin_or_register(service); + if (sport == MACH_PORT_NULL) { + ret = ENOENT; + goto error; + } + + c = calloc(1, sizeof(*c)); + if (c == NULL) { + ret = ENOMEM; + goto error; + } + c->release = mach_release; + c->userctx = user; + c->callback = callback; + + ret = mach_init(service, sport, c); + if (ret) + goto error; + + *ctx = c; + return 0; + error: + if (c) + free(c); + if (sport != MACH_PORT_NULL) + mach_port_mod_refs(mach_task_self(), sport, + MACH_PORT_RIGHT_RECEIVE, -1); + return ret; +#else /* !(__APPLE__ && HAVE_GCD) */ + *ctx = NULL; + return EINVAL; +#endif /* __APPLE__ && HAVE_GCD */ +} + +struct client { + int fd; + heim_ipc_callback callback; + void *userctx; + int flags; +#define LISTEN_SOCKET 1 +#define WAITING_READ 2 +#define WAITING_WRITE 4 +#define WAITING_CLOSE 8 + +#define HTTP_REPLY 16 + +#define INHERIT_MASK 0xffff0000 +#define INCLUDE_ERROR_CODE (1 << 16) +#define ALLOW_HTTP (1<<17) +#define UNIX_SOCKET (1<<18) + unsigned calls; + size_t ptr, len; + uint8_t *inmsg; + size_t olen; + uint8_t *outmsg; +#ifdef HAVE_GCD + dispatch_source_t in; + dispatch_source_t out; +#endif + struct { + uid_t uid; + gid_t gid; + pid_t pid; + } unixrights; +}; + +#ifndef HAVE_GCD +static unsigned num_clients = 0; +static struct client **clients = NULL; +#endif + +static void handle_read(struct client *); +static void handle_write(struct client *); +static int maybe_close(struct client *); + +/* + * Update peer credentials from socket. + * + * SCM_CREDS can only be updated the first time there is read data to + * read from the filedescriptor, so if we read do it before this + * point, the cred data might not be is not there yet. + */ + +static int +update_client_creds(struct client *c) +{ +#ifdef HAVE_GETPEERUCRED + /* Solaris 10 */ + { + ucred_t *peercred; + + if (getpeerucred(c->fd, &peercred) != 0) { + c->unixrights.uid = ucred_geteuid(peercred); + c->unixrights.gid = ucred_getegid(peercred); + c->unixrights.pid = 0; + ucred_free(peercred); + return 1; + } + } +#endif +#ifdef HAVE_GETPEEREID + /* FreeBSD, OpenBSD */ + { + uid_t uid; + gid_t gid; + + if (getpeereid(c->fd, &uid, &gid) == 0) { + c->unixrights.uid = uid; + c->unixrights.gid = gid; + c->unixrights.pid = 0; + return 1; + } + } +#endif +#ifdef SO_PEERCRED + /* Linux */ + { + struct ucred pc; + socklen_t pclen = sizeof(pc); + + if (getsockopt(c->fd, SOL_SOCKET, SO_PEERCRED, (void *)&pc, &pclen) == 0) { + c->unixrights.uid = pc.uid; + c->unixrights.gid = pc.gid; + c->unixrights.pid = pc.pid; + return 1; + } + } +#endif +#if defined(LOCAL_PEERCRED) && defined(XUCRED_VERSION) + { + struct xucred peercred; + socklen_t peercredlen = sizeof(peercred); + + if (getsockopt(c->fd, LOCAL_PEERCRED, 1, + (void *)&peercred, &peercredlen) == 0 + && peercred.cr_version == XUCRED_VERSION) + { + c->unixrights.uid = peercred.cr_uid; + c->unixrights.gid = peercred.cr_gid; + c->unixrights.pid = 0; + return 1; + } + } +#endif +#if defined(SOCKCREDSIZE) && defined(SCM_CREDS) + /* NetBSD */ + if (c->unixrights.uid == (uid_t)-1) { + struct msghdr msg; + socklen_t crmsgsize; + void *crmsg; + struct cmsghdr *cmp; + struct sockcred *sc; + + memset(&msg, 0, sizeof(msg)); + crmsgsize = CMSG_SPACE(SOCKCREDSIZE(NGROUPS)); + if (crmsgsize == 0) + return 1 ; + + crmsg = malloc(crmsgsize); + if (crmsg == NULL) + goto failed_scm_creds; + + memset(crmsg, 0, crmsgsize); + + msg.msg_control = crmsg; + msg.msg_controllen = crmsgsize; + + if (recvmsg(c->fd, &msg, 0) < 0) { + free(crmsg); + goto failed_scm_creds; + } + + if (msg.msg_controllen == 0 || (msg.msg_flags & MSG_CTRUNC) != 0) { + free(crmsg); + goto failed_scm_creds; + } + + cmp = CMSG_FIRSTHDR(&msg); + if (cmp->cmsg_level != SOL_SOCKET || cmp->cmsg_type != SCM_CREDS) { + free(crmsg); + goto failed_scm_creds; + } + + sc = (struct sockcred *)(void *)CMSG_DATA(cmp); + + c->unixrights.uid = sc->sc_euid; + c->unixrights.gid = sc->sc_egid; + c->unixrights.pid = 0; + + free(crmsg); + return 1; + } else { + /* we already got the cred, just return it */ + return 1; + } + failed_scm_creds: +#endif + return 0; +} + + +static struct client * +add_new_socket(int fd, + int flags, + heim_ipc_callback callback, + void *userctx) +{ + struct client *c; + int fileflags; + + c = calloc(1, sizeof(*c)); + if (c == NULL) + return NULL; + + if (flags & LISTEN_SOCKET) { + c->fd = fd; + } else { + c->fd = accept(fd, NULL, NULL); + if(c->fd < 0) { + free(c); + return NULL; + } + } + + c->flags = flags; + c->callback = callback; + c->userctx = userctx; + + fileflags = fcntl(c->fd, F_GETFL, 0); + fcntl(c->fd, F_SETFL, fileflags | O_NONBLOCK); + +#ifdef HAVE_GCD + init_globals(); + + c->in = dispatch_source_create(DISPATCH_SOURCE_TYPE_READ, + c->fd, 0, eventq); + c->out = dispatch_source_create(DISPATCH_SOURCE_TYPE_WRITE, + c->fd, 0, eventq); + + dispatch_source_set_event_handler(c->in, ^{ + int rw = (c->flags & WAITING_WRITE); + handle_read(c); + if (rw == 0 && (c->flags & WAITING_WRITE)) + dispatch_resume(c->out); + if ((c->flags & WAITING_READ) == 0) + dispatch_suspend(c->in); + maybe_close(c); + }); + dispatch_source_set_event_handler(c->out, ^{ + handle_write(c); + if ((c->flags & WAITING_WRITE) == 0) { + dispatch_suspend(c->out); + } + maybe_close(c); + }); + + dispatch_resume(c->in); +#else + clients = erealloc(clients, sizeof(clients[0]) * (num_clients + 1)); + clients[num_clients] = c; + num_clients++; +#endif + + return c; +} + +static int +maybe_close(struct client *c) +{ + if (c->calls != 0) + return 0; + if (c->flags & (WAITING_READ|WAITING_WRITE)) + return 0; + +#ifdef HAVE_GCD + dispatch_source_cancel(c->in); + if ((c->flags & WAITING_READ) == 0) + dispatch_resume(c->in); + dispatch_release(c->in); + + dispatch_source_cancel(c->out); + if ((c->flags & WAITING_WRITE) == 0) + dispatch_resume(c->out); + dispatch_release(c->out); +#endif + close(c->fd); /* ref count fd close */ + free(c); + return 1; +} + + +struct socket_call { + heim_idata in; + struct client *c; + heim_icred cred; +}; + +static void +output_data(struct client *c, const void *data, size_t len) +{ + if (c->olen + len < c->olen) + abort(); + c->outmsg = erealloc(c->outmsg, c->olen + len); + memcpy(&c->outmsg[c->olen], data, len); + c->olen += len; + c->flags |= WAITING_WRITE; +} + +static void +socket_complete(heim_sipc_call ctx, int returnvalue, heim_idata *reply) +{ + struct socket_call *sc = (struct socket_call *)ctx; + struct client *c = sc->c; + + /* double complete ? */ + if (c == NULL) + abort(); + + if ((c->flags & WAITING_CLOSE) == 0) { + uint32_t u32; + + /* length */ + u32 = htonl(reply->length); + output_data(c, &u32, sizeof(u32)); + + /* return value */ + if (c->flags & INCLUDE_ERROR_CODE) { + u32 = htonl(returnvalue); + output_data(c, &u32, sizeof(u32)); + } + + /* data */ + output_data(c, reply->data, reply->length); + + /* if HTTP, close connection */ + if (c->flags & HTTP_REPLY) { + c->flags |= WAITING_CLOSE; + c->flags &= ~WAITING_READ; + } + } + + c->calls--; + if (sc->cred) + heim_ipc_free_cred(sc->cred); + free(sc->in.data); + sc->c = NULL; /* so we can catch double complete */ + free(sc); + + maybe_close(c); +} + +/* remove HTTP %-quoting from buf */ +static int +de_http(char *buf) +{ + unsigned char *p, *q; + for(p = q = (unsigned char *)buf; *p; p++, q++) { + if(*p == '%' && isxdigit(p[1]) && isxdigit(p[2])) { + unsigned int x; + if(sscanf((char *)p + 1, "%2x", &x) != 1) + return -1; + *q = x; + p += 2; + } else + *q = *p; + } + *q = '\0'; + return 0; +} + +static struct socket_call * +handle_http_tcp(struct client *c) +{ + struct socket_call *cs; + char *s, *p, *t; + void *data; + char *proto; + int len; + + s = (char *)c->inmsg; + + p = strstr(s, "\r\n"); + if (p == NULL) + return NULL; + + *p = 0; + + p = NULL; + t = strtok_r(s, " \t", &p); + if (t == NULL) + return NULL; + + t = strtok_r(NULL, " \t", &p); + if (t == NULL) + return NULL; + + data = malloc(strlen(t)); + if (data == NULL) + return NULL; + + if(*t == '/') + t++; + if(de_http(t) != 0) { + free(data); + return NULL; + } + proto = strtok_r(NULL, " \t", &p); + if (proto == NULL) { + free(data); + return NULL; + } + len = base64_decode(t, data); + if(len <= 0){ + const char *msg = + " 404 Not found\r\n" + "Server: Heimdal/" VERSION "\r\n" + "Cache-Control: no-cache\r\n" + "Pragma: no-cache\r\n" + "Content-type: text/html\r\n" + "Content-transfer-encoding: 8bit\r\n\r\n" + "404 Not found\r\n" + "

404 Not found

\r\n" + "That page doesn't exist, maybe you are looking for " + "Heimdal?\r\n"; + free(data); + output_data(c, proto, strlen(proto)); + output_data(c, msg, strlen(msg)); + return NULL; + } + + cs = emalloc(sizeof(*cs)); + cs->c = c; + cs->in.data = data; + cs->in.length = len; + c->ptr = 0; + + { + const char *msg = + " 200 OK\r\n" + "Server: Heimdal/" VERSION "\r\n" + "Cache-Control: no-cache\r\n" + "Pragma: no-cache\r\n" + "Content-type: application/octet-stream\r\n" + "Content-transfer-encoding: binary\r\n\r\n"; + output_data(c, proto, strlen(proto)); + output_data(c, msg, strlen(msg)); + } + + return cs; +} + + +static void +handle_read(struct client *c) +{ + ssize_t len; + uint32_t dlen; + + if (c->flags & LISTEN_SOCKET) { + add_new_socket(c->fd, + WAITING_READ | (c->flags & INHERIT_MASK), + c->callback, + c->userctx); + return; + } + + if (c->ptr - c->len < 1024) { + c->inmsg = erealloc(c->inmsg, + c->len + 1024); + c->len += 1024; + } + + len = read(c->fd, c->inmsg + c->ptr, c->len - c->ptr); + if (len <= 0) { + c->flags |= WAITING_CLOSE; + c->flags &= ~WAITING_READ; + return; + } + c->ptr += len; + if (c->ptr > c->len) + abort(); + + while (c->ptr >= sizeof(dlen)) { + struct socket_call *cs; + + if((c->flags & ALLOW_HTTP) && c->ptr >= 4 && + strncmp((char *)c->inmsg, "GET ", 4) == 0 && + strncmp((char *)c->inmsg + c->ptr - 4, "\r\n\r\n", 4) == 0) { + + /* remove the trailing \r\n\r\n so the string is NUL terminated */ + c->inmsg[c->ptr - 4] = '\0'; + + c->flags |= HTTP_REPLY; + + cs = handle_http_tcp(c); + if (cs == NULL) { + c->flags |= WAITING_CLOSE; + c->flags &= ~WAITING_READ; + break; + } + } else { + memcpy(&dlen, c->inmsg, sizeof(dlen)); + dlen = ntohl(dlen); + + if (dlen > MAX_PACKET_SIZE) { + c->flags |= WAITING_CLOSE; + c->flags &= ~WAITING_READ; + return; + } + if (dlen > c->ptr - sizeof(dlen)) { + break; + } + + cs = emalloc(sizeof(*cs)); + cs->c = c; + cs->in.data = emalloc(dlen); + memcpy(cs->in.data, c->inmsg + sizeof(dlen), dlen); + cs->in.length = dlen; + + c->ptr -= sizeof(dlen) + dlen; + memmove(c->inmsg, + c->inmsg + sizeof(dlen) + dlen, + c->ptr); + } + + c->calls++; + + if ((c->flags & UNIX_SOCKET) != 0) { + if (update_client_creds(c)) + _heim_ipc_create_cred(c->unixrights.uid, c->unixrights.gid, + c->unixrights.pid, -1, &cs->cred); + } + + c->callback(c->userctx, &cs->in, + cs->cred, socket_complete, + (heim_sipc_call)cs); + } +} + +static void +handle_write(struct client *c) +{ + ssize_t len; + + len = write(c->fd, c->outmsg, c->olen); + if (len <= 0) { + c->flags |= WAITING_CLOSE; + c->flags &= ~(WAITING_WRITE); + } else if (c->olen != (size_t)len) { + memmove(&c->outmsg[0], &c->outmsg[len], c->olen - len); + c->olen -= len; + } else { + c->olen = 0; + free(c->outmsg); + c->outmsg = NULL; + c->flags &= ~(WAITING_WRITE); + } +} + + +#ifndef HAVE_GCD + +static void +process_loop(void) +{ + struct pollfd *fds; + unsigned n; + unsigned num_fds; + + while(num_clients > 0) { + + fds = malloc(num_clients * sizeof(fds[0])); + if(fds == NULL) + abort(); + + num_fds = num_clients; + + for (n = 0 ; n < num_fds; n++) { + fds[n].fd = clients[n]->fd; + fds[n].events = 0; + if (clients[n]->flags & WAITING_READ) + fds[n].events |= POLLIN; + if (clients[n]->flags & WAITING_WRITE) + fds[n].events |= POLLOUT; + + fds[n].revents = 0; + } + + poll(fds, num_fds, -1); + + for (n = 0 ; n < num_fds; n++) { + if (clients[n] == NULL) + continue; + if (fds[n].revents & POLLERR) { + clients[n]->flags |= WAITING_CLOSE; + continue; + } + + if (fds[n].revents & POLLIN) + handle_read(clients[n]); + if (fds[n].revents & POLLOUT) + handle_write(clients[n]); + } + + n = 0; + while (n < num_clients) { + struct client *c = clients[n]; + if (maybe_close(c)) { + if (n < num_clients - 1) + clients[n] = clients[num_clients - 1]; + num_clients--; + } else + n++; + } + + free(fds); + } +} + +#endif + +static int +socket_release(heim_sipc ctx) +{ + struct client *c = ctx->mech; + c->flags |= WAITING_CLOSE; + return 0; +} + +int +heim_sipc_stream_listener(int fd, int type, + heim_ipc_callback callback, + void *user, heim_sipc *ctx) +{ + heim_sipc ct = calloc(1, sizeof(*ct)); + struct client *c; + + if ((type & HEIM_SIPC_TYPE_IPC) && (type & (HEIM_SIPC_TYPE_UINT32|HEIM_SIPC_TYPE_HTTP))) + return EINVAL; + + switch (type) { + case HEIM_SIPC_TYPE_IPC: + c = add_new_socket(fd, LISTEN_SOCKET|WAITING_READ|INCLUDE_ERROR_CODE, callback, user); + break; + case HEIM_SIPC_TYPE_UINT32: + c = add_new_socket(fd, LISTEN_SOCKET|WAITING_READ, callback, user); + break; + case HEIM_SIPC_TYPE_HTTP: + case HEIM_SIPC_TYPE_UINT32|HEIM_SIPC_TYPE_HTTP: + c = add_new_socket(fd, LISTEN_SOCKET|WAITING_READ|ALLOW_HTTP, callback, user); + break; + default: + free(ct); + return EINVAL; + } + + ct->mech = c; + ct->release = socket_release; + + c->unixrights.uid = (uid_t) -1; + c->unixrights.gid = (gid_t) -1; + c->unixrights.pid = (pid_t) 0; + + *ctx = ct; + return 0; +} + +int +heim_sipc_service_unix(const char *service, + heim_ipc_callback callback, + void *user, heim_sipc *ctx) +{ + struct sockaddr_un un; + int fd, ret; + + un.sun_family = AF_UNIX; + + snprintf(un.sun_path, sizeof(un.sun_path), + "/var/run/.heim_%s-socket", service); + fd = socket(AF_UNIX, SOCK_STREAM, 0); + if (fd < 0) + return errno; + + socket_set_reuseaddr(fd, 1); +#ifdef LOCAL_CREDS + { + int one = 1; + setsockopt(fd, 0, LOCAL_CREDS, (void *)&one, sizeof(one)); + } +#endif + + unlink(un.sun_path); + + if (bind(fd, (struct sockaddr *)&un, sizeof(un)) < 0) { + close(fd); + return errno; + } + + if (listen(fd, SOMAXCONN) < 0) { + close(fd); + return errno; + } + + chmod(un.sun_path, 0666); + + ret = heim_sipc_stream_listener(fd, HEIM_SIPC_TYPE_IPC, + callback, user, ctx); + if (ret == 0) { + struct client *c = (*ctx)->mech; + c->flags |= UNIX_SOCKET; + } + + return ret; +} + +/** + * Set the idle timeout value + + * The timeout event handler is triggered recurrently every idle + * period `t'. The default action is rather draconian and just calls + * exit(0), so you might want to change this to something more + * graceful using heim_sipc_set_timeout_handler(). + */ + +void +heim_sipc_timeout(time_t t) +{ +#ifdef HAVE_GCD + static dispatch_once_t timeoutonce; + init_globals(); + dispatch_sync(timerq, ^{ + timeoutvalue = t; + set_timer(); + }); + dispatch_once(&timeoutonce, ^{ dispatch_resume(timer); }); +#else + abort(); +#endif +} + +/** + * Set the timeout event handler + * + * Replaces the default idle timeout action. + */ + +void +heim_sipc_set_timeout_handler(void (*func)(void)) +{ +#ifdef HAVE_GCD + init_globals(); + dispatch_sync(timerq, ^{ timer_ev = func; }); +#else + abort(); +#endif +} + + +void +heim_sipc_free_context(heim_sipc ctx) +{ + (ctx->release)(ctx); +} + +void +heim_ipc_main(void) +{ +#ifdef HAVE_GCD + dispatch_main(); +#else + process_loop(); +#endif +} + diff --git a/lib/ipc/tc.c b/lib/ipc/tc.c new file mode 100644 index 000000000000..8b56d21aa472 --- /dev/null +++ b/lib/ipc/tc.c @@ -0,0 +1,127 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +static int help_flag; +static int version_flag; + +static struct getargs args[] = { + { "help", 'h', arg_flag, &help_flag }, + { "version", 'v', arg_flag, &version_flag } +}; + +static int num_args = sizeof(args) / sizeof(args[0]); + +static void +usage(int ret) +{ + arg_printusage (args, num_args, NULL, ""); + exit (ret); +} + +static void +reply(void *ctx, int errorcode, heim_idata *reply, heim_icred cred) +{ + printf("got reply\n"); + heim_ipc_semaphore_signal((heim_isemaphore)ctx); /* tell caller we are done */ +} + +static void +test_ipc(const char *service) +{ + heim_isemaphore s; + heim_idata req, rep; + heim_ipc ipc; + int ret; + + ret = heim_ipc_init_context(service, &ipc); + if (ret) + errx(1, "heim_ipc_init_context: %d", ret); + + req.length = 0; + req.data = NULL; + + ret = heim_ipc_call(ipc, &req, &rep, NULL); + if (ret) + errx(1, "heim_ipc_call: %d", ret); + + s = heim_ipc_semaphore_create(0); + if (s == NULL) + errx(1, "heim_ipc_semaphore_create"); + + ret = heim_ipc_async(ipc, &req, s, reply); + if (ret) + errx(1, "heim_ipc_async: %d", ret); + + heim_ipc_semaphore_wait(s, HEIM_IPC_WAIT_FOREVER); /* wait for reply to complete the work */ + + heim_ipc_free_context(ipc); +} + + +int +main(int argc, char **argv) +{ + int optidx = 0; + + setprogname(argv[0]); + + if (getarg(args, num_args, argc, argv, &optidx)) + usage(1); + + if (help_flag) + usage(0); + + if (version_flag) { + print_version(NULL); + exit(0); + } + +#ifdef __APPLE__ + test_ipc("MACH:org.h5l.test-ipc"); +#endif + test_ipc("ANY:org.h5l.test-ipc"); + test_ipc("UNIX:org.h5l.test-ipc"); + + return 0; +} diff --git a/lib/ipc/ts-http.c b/lib/ipc/ts-http.c new file mode 100644 index 000000000000..b493079d94a3 --- /dev/null +++ b/lib/ipc/ts-http.c @@ -0,0 +1,136 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include +#include +#include +#include +#include + +static int help_flag; +static int version_flag; + +static struct getargs args[] = { + { "help", 'h', arg_flag, &help_flag }, + { "version", 'v', arg_flag, &version_flag } +}; + +static int num_args = sizeof(args) / sizeof(args[0]); + +static void +usage(int ret) +{ + arg_printusage (args, num_args, NULL, ""); + exit (ret); +} + +static void +test_service(void *ctx, const heim_idata *req, + const heim_icred cred, + heim_ipc_complete complete, + heim_sipc_call cctx) +{ + heim_idata rep; + printf("got request\n"); + rep.length = 3; + rep.data = strdup("hej"); + (*complete)(cctx, 0, &rep); +} + + +static void +setup_sockets(void) +{ + struct addrinfo hints, *res, *res0; + int ret, s; + heim_sipc u; + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = PF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + hints.ai_flags = AI_PASSIVE; + ret = getaddrinfo(NULL, "8080", &hints, &res0); + if (ret) + errx(1, "%s", gai_strerror(ret)); + + for (res = res0; res ; res = res->ai_next) { + s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); + if (s < 0) { + warn("socket"); + continue; + } + socket_set_reuseaddr(s, 1); + socket_set_ipv6only(s, 1); + + if (bind(s, res->ai_addr, res->ai_addrlen) < 0) { + warn("bind"); + close(s); + continue; + } + listen(s, 5); + ret = heim_sipc_stream_listener(s, HEIM_SIPC_TYPE_HTTP, + test_service, NULL, &u); + if (ret) + errx(1, "heim_sipc_stream_listener: %d", ret); + } + freeaddrinfo(res0); +} + + +int +main(int argc, char **argv) +{ + int optidx = 0; + + setprogname(argv[0]); + + if (getarg(args, num_args, argc, argv, &optidx)) + usage(1); + + if (help_flag) + usage(0); + + if (version_flag) { + print_version(NULL); + exit(0); + } + + setup_sockets(); + + heim_ipc_main(); + + return 0; +} diff --git a/lib/ipc/ts.c b/lib/ipc/ts.c new file mode 100644 index 000000000000..680d77bc913e --- /dev/null +++ b/lib/ipc/ts.c @@ -0,0 +1,105 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include +#include +#include +#include +#include + +static int help_flag; +static int version_flag; + +static struct getargs args[] = { + { "help", 'h', arg_flag, &help_flag }, + { "version", 'v', arg_flag, &version_flag } +}; + +static int num_args = sizeof(args) / sizeof(args[0]); + +static void +usage(int ret) +{ + arg_printusage (args, num_args, NULL, ""); + exit (ret); +} + +static void +test_service(void *ctx, const heim_idata *req, + const heim_icred cred, + heim_ipc_complete complete, + heim_sipc_call cctx) +{ + heim_idata rep; + printf("got request\n"); + rep.length = 0; + rep.data = NULL; + (*complete)(cctx, 0, &rep); +} + + +int +main(int argc, char **argv) +{ + heim_sipc u; + int optidx = 0; + + setprogname(argv[0]); + + if (getarg(args, num_args, argc, argv, &optidx)) + usage(1); + + if (help_flag) + usage(0); + + if (version_flag) { + print_version(NULL); + exit(0); + } + +#if __APPLE__ + { + heim_sipc mach; + heim_sipc_launchd_mach_init("org.h5l.test-ipc", + test_service, NULL, &mach); + } +#endif + heim_sipc_service_unix("org.h5l.test-ipc", + test_service, NULL, &u); + heim_ipc_main(); + + return 0; +} diff --git a/lib/kadm5/ChangeLog b/lib/kadm5/ChangeLog index 9b1235cf3082..50168279cf9e 100644 --- a/lib/kadm5/ChangeLog +++ b/lib/kadm5/ChangeLog @@ -1,13 +1,19 @@ -2008-01-21 Love Hörnquist Åstrand +2008-04-23 Love Hörnquist Ã…strand + + * ipropd_master.c: Only log "sending AYT" once, pointed out by Dr + A V Le Blanc. + + +2008-01-21 Love Hörnquist Ã…strand * default_keys.c: Use hdb_free_keys(). -2008-01-11 Love Hörnquist Åstrand +2008-01-11 Love Hörnquist Ã…strand * Makefile.am: add check-cracklib.pl, flush.c, sample_passwd_check.c -2007-12-07 Love Hörnquist Åstrand +2007-12-07 Love Hörnquist Ã…strand * use hdb_db_dir() and hdb_default_db() @@ -16,11 +22,11 @@ * init_c.c: We are getting default_client, not client. this way the user can override the result. -2007-09-29 Love Hörnquist Åstrand +2007-09-29 Love Hörnquist Ã…strand * iprop.8: fix spelling, From Antoine Jacoutt. -2007-08-16 Love Hörnquist Åstrand +2007-08-16 Love Hörnquist Ã…strand * version-script.map: export _kadm5_unmarshal_params, _kadm5_acl_check_permission @@ -29,26 +35,26 @@ * log.c: Unexport the specific log replay operations. -2007-08-10 Love Hörnquist Åstrand +2007-08-10 Love Hörnquist Ã…strand * Makefile.am: build sample_passwd_check.la as part of noinst. * sample_passwd_check.c: Add missing prototype for check_length(). -2007-08-07 Love Hörnquist Åstrand +2007-08-07 Love Hörnquist Ã…strand * log.c: Sprinkle krb5_set_error_string(). * ipropd_slave.c: Provide better error why kadm5_log_replay failed. -2007-08-06 Love Hörnquist Åstrand +2007-08-06 Love Hörnquist Ã…strand * ipropd_master.c: - don't push whole database to the new client every time. - make slaves get the whole new database if they have a newer log the the master (and thus have them go back in time). -2007-08-03 Love Hörnquist Åstrand +2007-08-03 Love Hörnquist Ã…strand * ipropd_slave.c: make more sane. @@ -63,12 +69,12 @@ * ipropd_master.c: Start the server at the current version, not 0. -2007-08-02 Love Hörnquist Åstrand +2007-08-02 Love Hörnquist Ã…strand * ipropd_master.c: Add more logging, to figure out what is happening in the master. -2007-08-01 Love Hörnquist Åstrand +2007-08-01 Love Hörnquist Ã…strand * Makefile.am: add version-script for libkadm5srv.la @@ -81,42 +87,42 @@ hostname, catch signals and print why we are quiting, make nop cause one new version, not two -2007-07-30 Love Hörnquist Åstrand +2007-07-30 Love Hörnquist Ã…strand * ipropd_master.c (send_diffs): make current slave's version uptodate when diff have been sent. -2007-07-27 Love Hörnquist Åstrand +2007-07-27 Love Hörnquist Ã…strand * ipropd_slave.c: More comments and some more error checking. -2007-07-26 Love Hörnquist Åstrand +2007-07-26 Love Hörnquist Ã…strand * init_c.c (get_cache_principal): make sure id is reset if we fail. From Benjamin Bennet. -2007-07-10 Love Hörnquist Åstrand +2007-07-10 Love Hörnquist Ã…strand * context_s.c (find_db_spec): match realm-less as the default realm. * Makefile.am: New library version. -2007-07-05 Love Hörnquist Åstrand +2007-07-05 Love Hörnquist Ã…strand * context_s.c: Use hdb_get_dbinfo to pick up configuration. ctx->config.realm can be NULL, check for that, from Bjorn S. -2007-07-04 Love Hörnquist Åstrand +2007-07-04 Love Hörnquist Ã…strand * init_c.c: Try harder to use the right principal. -2007-06-20 Love Hörnquist Åstrand +2007-06-20 Love Hörnquist Ã…strand * ipropd_slave.c: Catch return value from krb5_program_setup. From Steven Luo. -2007-05-08 Love Hörnquist Åstrand +2007-05-08 Love Hörnquist Ã…strand * delete_s.c: Write log entry after store is successful, rename out goto statments. @@ -131,7 +137,7 @@ * create_s.c: Write log entry after store is successful. -2007-05-07 Love Hörnquist Åstrand +2007-05-07 Love Hörnquist Ã…strand * iprop-commands.in: Add default values to make this working again. @@ -151,7 +157,7 @@ * log.c (kadm5_log_previous): document assumptions and make less broken. Bug report from Ronny Blomme. -2007-02-17 Love Hörnquist Åstrand +2007-02-17 Love Hörnquist Ã…strand * admin.h: add support to get aliases @@ -161,22 +167,22 @@ * iprop-log.8: Small fixes, from David Love. -2006-12-15 Love Hörnquist Åstrand +2006-12-15 Love Hörnquist Ã…strand * init_c.c: if the user have a kadmin/admin initial ticket, don't ask for password, just use the credential instead. -2006-12-06 Love Hörnquist Åstrand +2006-12-06 Love Hörnquist Ã…strand * ipropd_master.c: Use strcspn to remove \n from string returned - by fgets. From Björn Sandell + by fgets. From Björn Sandell -2006-11-30 Love Hörnquist Åstrand +2006-11-30 Love Hörnquist Ã…strand * init_c.c (kadm_connect): clear error string before trying to print a errno, this way we don't pick up a random failure code -2006-11-20 Love Hörnquist Åstrand +2006-11-20 Love Hörnquist Ã…strand * ipropd_slave.c: Make krb5_get_init_creds_opt_free take a context argument. @@ -184,15 +190,15 @@ * init_c.c: Make krb5_get_init_creds_opt_free take a context argument. -2006-10-22 Love Hörnquist Åstrand +2006-10-22 Love Hörnquist Ã…strand * ent_setup.c: Try to not leak memory. -2006-10-07 Love Hörnquist Åstrand +2006-10-07 Love Hörnquist Ã…strand * Makefile.am: split build files into dist_ and noinst_ SOURCES -2006-08-24 Love Hörnquist Åstrand +2006-08-24 Love Hörnquist Ã…strand * get_s.c: Add KRB5_KDB_ALLOW_DIGEST @@ -200,12 +206,12 @@ * admin.h: Add KRB5_KDB_ALLOW_DIGEST -2006-06-16 Love Hörnquist Åstrand +2006-06-16 Love Hörnquist Ã…strand * check-cracklib.pl: Add password reuse checking. From Harald Barth. -2006-06-14 Love Hörnquist Åstrand +2006-06-14 Love Hörnquist Ã…strand * ent_setup.c (attr_to_flags): Add KRB5_KDB_ALLOW_KERBEROS4 @@ -213,31 +219,31 @@ * admin.h: Add KRB5_KDB_ALLOW_KERBEROS4 -2006-06-06 Love Hörnquist Åstrand +2006-06-06 Love Hörnquist Ã…strand * ent_setup.c (attr_to_flags): Add KRB5_KDB_TRUSTED_FOR_DELEGATION -2006-05-30 Love Hörnquist Åstrand +2006-05-30 Love Hörnquist Ã…strand * password_quality.c (kadm5_check_password_quality): set error message in context. -2006-05-13 Love Hörnquist Åstrand +2006-05-13 Love Hörnquist Ã…strand * iprop-log.c: Avoid shadowing. * rename_s.c: Avoid shadowing. -2006-05-08 Love Hörnquist Åstrand +2006-05-08 Love Hörnquist Ã…strand * privs_c.c (kadm5_c_get_privs): privs is a uint32_t, let copy it that way. -2006-05-05 Love Hörnquist Åstrand +2006-05-05 Love Hörnquist Ã…strand * Rename u_intXX_t to uintXX_t -2006-04-27 Love Hörnquist Åstrand +2006-04-27 Love Hörnquist Ã…strand * chpass_s.c,delete_s.c,get_s.c,log.c,modify_s.c,randkey_s.c,rename_s.c: Pass in HDB_F_GET_ANY to all ->hdb fetch to hint what entries we are looking for @@ -265,12 +271,12 @@ * chpass_s.c: Break out the that we request from principal from the entry and pass it in as a separate argument. -2006-04-25 Love Hörnquist Åstrand +2006-04-25 Love Hörnquist Ã…strand * create_s.c (create_principal*): If client doesn't send kvno, make sure to set it to 1. -2006-04-10 Love Hörnquist Åstrand +2006-04-10 Love Hörnquist Ã…strand * log.c: (kadm5_log_rename): handle errors better Fixes Coverity, NetBSD CID#628 @@ -285,39 +291,39 @@ * init_c.c (_kadm5_c_get_cred_cache): Free client principal in case of error. Coverity NetBSD CID#1908 -2006-02-02 Love Hörnquist Åstrand +2006-02-02 Love Hörnquist Ã…strand * kadm5_err.et: (PASS_REUSE): Spelling, - from Václav H?la + from Václav H?la -2006-01-25 Love Hörnquist Åstrand +2006-01-25 Love Hörnquist Ã…strand * send_recv.c: Clear error-string when introducing new errors. * *_c.c: Clear error-string when introducing new errors. -2006-01-15 Love Hörnquist Åstrand +2006-01-15 Love Hörnquist Ã…strand * Makefile.am (libkadm5clnt.la) doesn't depend on libhdb, remove dependency -2005-12-13 Love Hörnquist Åstrand +2005-12-13 Love Hörnquist Ã…strand * memset hdb_entry_ex before use -2005-12-12 Love Hörnquist Åstrand +2005-12-12 Love Hörnquist Ã…strand * Wrap hdb_entry with hdb_entry_ex, patch originally from Andrew Bartlet -2005-11-30 Love Hörnquist Åstrand +2005-11-30 Love Hörnquist Ã…strand * context_s.c (set_field): try another way to calculate the path to the database/logfile/signal-socket * log.c (kadm5_log_init): set error string on failures -2005-09-08 Love Hörnquist Åstrand +2005-09-08 Love Hörnquist Ã…strand * Constify password. @@ -327,11 +333,11 @@ * get_s.c (kadm5_s_get_principal): clear error string -2005-08-25 Love Hörnquist Åstrand +2005-08-25 Love Hörnquist Ã…strand * iprop-log.8: More text about iprop-log. -2005-08-24 Love Hörnquist Åstrand +2005-08-24 Love Hörnquist Ã…strand * iprop.8: SEE ALSO iprop-log. @@ -343,7 +349,7 @@ iprop-log. * log.c (kadm5_log_foreach): add a context variable and pass it - down to `func´. + down to `func´. * iprop-commands.in: Move truncate_log and replay_log into iprop-log. @@ -371,7 +377,7 @@ * Makefile.am: New program iprop-log that incorperates dump_log as a subcommand, truncate_log and replay_log soon to come after. -2005-08-11 Love Hörnquist Åstrand +2005-08-11 Love Hörnquist Ã…strand * get_s.c: Implement KADM5_LAST_PWD_CHANGE. @@ -393,7 +399,7 @@ * admin.h: Add more TL types (password and extension). -2005-06-17 Love Hörnquist Åstrand +2005-06-17 Love Hörnquist Ã…strand * constify @@ -414,7 +420,7 @@ * common_glue.c: rename variable exp to expression -2005-05-30 Love Hörnquist Åstrand +2005-05-30 Love Hörnquist Ã…strand * ent_setup.c (attr_to_flags): check for KRB5_KDB_OK_AS_DELEGATE @@ -422,7 +428,7 @@ * admin.h: add KRB5_KDB_OK_AS_DELEGATE, sync KRB5_TL_ flags -2005-05-25 Love Hörnquist Åstrand +2005-05-25 Love Hörnquist Ã…strand * kadm5_pwcheck.3: please mdoclint @@ -441,7 +447,7 @@ * ipropd_master.c: Don't test HAVE_DAEMON since roken supplies it. -2005-05-13 Love Hörnquist Åstrand +2005-05-13 Love Hörnquist Ã…strand * init_c.c (_kadm5_c_init_context): fix memory leak in case of failure @@ -454,12 +460,12 @@ * test_pw_quality.c (main): Call kadm5_setup_passwd_quality_check and kadm5_add_passwd_quality_verifier. -2005-04-30 Love Hörnquist Åstrand +2005-04-30 Love Hörnquist Ã…strand * default_keys.c: #include , only print salt it its longer then 0, use krb5_err instead of errx where appropriate -2005-04-25 Love Hörnquist Åstrand +2005-04-25 Love Hörnquist Ã…strand * ipropd_slave.c: add the documented option --port @@ -467,25 +473,25 @@ * dump_log.c: use the newly generated units function -2005-04-24 Love Hörnquist Åstrand +2005-04-24 Love Hörnquist Ã…strand * dump_log.c: use strlcpy * password_quality.c: don't use sizeof(pointer) -2005-04-15 Love Hörnquist Åstrand +2005-04-15 Love Hörnquist Ã…strand * check-cracklib.pl: external password verifier sample * password_quality.c (kadm5_add_passwd_quality_verifier): if NULL is passed in, load defaults -2005-04-14 Love Hörnquist Åstrand +2005-04-14 Love Hörnquist Ã…strand * password_quality.c: add an end tag to the external password quality check protocol -2005-04-13 Love Hörnquist Åstrand +2005-04-13 Love Hörnquist Ã…strand * password_quality.c: add external passsword quality check builtin module @@ -497,7 +503,7 @@ To approve password a, make the test program return APPROVED on stderr and fail with exit code 0. -2004-10-12 Love Hörnquist Åstrand +2004-10-12 Love Hörnquist Ã…strand * Makefile.am: bump version to 7:7:0 and 6:5:2 @@ -511,7 +517,7 @@ * ipropd_master.c: add help strings to some options -2004-09-12 Love Hörnquist Åstrand +2004-09-12 Love Hörnquist Ã…strand * chpass_s.c: deal with changed prototype for _kadm5_free_keys @@ -522,7 +528,7 @@ (function) static variable and returned allocated memory (_kadm5_generate_key_set): free enctypes returned by parse_key_set -2004-09-06 Love Hörnquist Åstrand +2004-09-06 Love Hörnquist Ã…strand * set_keys.c: Fix memory leak, don't return stack variables From Andrew Bartlett @@ -530,7 +536,7 @@ * set_keys.c: make all_etypes const and move outside function to avoid returning data on stack -2004-08-26 Love Hörnquist Åstrand +2004-08-26 Love Hörnquist Ã…strand * acl.c (fetch_acl): use " \t\n" instead of just "\n" for the delim of the third element, this is so we can match @@ -539,7 +545,7 @@ what really happen was that the last was stamped out, and the it never strtok_r never needed to parse over it. -2004-08-25 Love Hörnquist Åstrand +2004-08-25 Love Hörnquist Ã…strand * set_keys.c (_kadm5_generate_key_set): since arcfour-hmac-md5 is without salting, some people tries to add the string @@ -550,17 +556,17 @@ * ipropd_slave.c: add --detach -2004-07-06 Love Hörnquist Åstrand +2004-07-06 Love Hörnquist Ã…strand * ad.c: use new tsasl interface remove debug printf add upn to computer-accounts -2004-06-28 Love Hörnquist Åstrand +2004-06-28 Love Hörnquist Ã…strand * ad.c: implement kadm5_ad_init_with_password_ctx set more error strings -2004-06-21 Love Hörnquist Åstrand +2004-06-21 Love Hörnquist Ã…strand * Makefile.am: man_MANS = kadm5_pwcheck.3 @@ -571,22 +577,22 @@ * kadm5-pwcheck.h: new password check interface -2004-06-08 Love Hörnquist Åstrand +2004-06-08 Love Hörnquist Ã…strand * ipropd_master.c (main): process all slaves, not just up to the last slave sending data - (bug report from Björn Sandell ) + (bug report from Björn Sandell ) (*): only send one ARE_YOU_THERE -2004-06-02 Love Hörnquist Åstrand +2004-06-02 Love Hörnquist Ã…strand * ad.c: use krb5_set_password_using_ccache -2004-06-01 Love Hörnquist Åstrand +2004-06-01 Love Hörnquist Ã…strand * ad.c: try handle spn's better -2004-05-31 Love Hörnquist Åstrand +2004-05-31 Love Hörnquist Ã…strand * ad.c: add expiration time @@ -594,7 +600,7 @@ * ad.c: handle create and delete -2004-05-27 Love Hörnquist Åstrand +2004-05-27 Love Hörnquist Ã…strand * ad.c: more code for get, handle attributes @@ -603,7 +609,7 @@ * ad.c: more code for get, only fetches kvno for now -2004-05-26 Love Hörnquist Åstrand +2004-05-26 Love Hörnquist Ã…strand * ad.c: add support for tsasl @@ -618,12 +624,12 @@ * ad.c: framework for windows AD backend -2004-03-07 Love Hörnquist Åstrand +2004-03-07 Love Hörnquist Ã…strand * create_s.c (kadm5_s_create_principal): remove old XXX command and related code, _kadm5_set_keys will do all this now -2004-02-29 Love Hörnquist Åstrand +2004-02-29 Love Hörnquist Ã…strand * set_keys.c (_kadm5_set_keys_randomly): make sure enctype to copy enctype for des keys From: Andrew Bartlett @@ -640,27 +646,27 @@ * set_keys.c (_kadm5_set_*): don't change the kvno, let the callee to that -2003-12-30 Love Hörnquist Åstrand +2003-12-30 Love Hörnquist Ã…strand * chpass_s.c (change): fix same-password-again by decrypting keys and setting an error code From: Buck Huppmann -2003-12-21 Love Hörnquist Åstrand +2003-12-21 Love Hörnquist Ã…strand * init_c.c (_kadm5_c_init_context): catch errors from strdup and other krb5_ functions -2003-12-08 Love Hörnquist Åstrand +2003-12-08 Love Hörnquist Ã…strand * rename_s.c (kadm5_s_rename_principal): allow principal to change realm From Panasas Inc -2003-12-07 Love Hörnquist Åstrand +2003-12-07 Love Hörnquist Ã…strand * destroy_c.c (kadm5_c_destroy): fix memory leaks, From Panasas, Inc -2003-11-23 Love Hörnquist Åstrand +2003-11-23 Love Hörnquist Ã…strand * iprop.h: don't include @@ -670,7 +676,7 @@ * ipropd_master.c: stop using krb5 lib private byte-frobbing functions and replace them with with krb5_storage -2003-11-19 Love Hörnquist Åstrand +2003-11-19 Love Hörnquist Ã…strand * ipropd_slave.c (receive_loop): when seeking over the entries we already have, skip over the trailer. From: Jeffrey Hutzelman @@ -680,14 +686,14 @@ replay_log.c,truncate_log.c: parse kdc.conf From: Jeffrey Hutzelman -2003-10-10 Love Hörnquist Åstrand +2003-10-10 Love Hörnquist Ã…strand * Makefile.am: += test_pw_quality * test_pw_quality.c: test program for verifying password quality function -2003-09-03 Love Hörnquist Åstrand +2003-09-03 Love Hörnquist Ã…strand * Makefile.am: add and enable check program default_keys @@ -696,61 +702,61 @@ * init_c.c: use krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free -2003-08-17 Love Hörnquist Åstrand +2003-08-17 Love Hörnquist Ã…strand * set_keys.c (_kadm5_set_keys_randomly): remove dup return * ipropd_master.c (main): make sure current_version is initialized -2003-08-15 Love Hörnquist Åstrand +2003-08-15 Love Hörnquist Ã…strand * set_keys.c: use default_keys for the both random keys and password derived keys if its defined -2003-07-24 Love Hörnquist Åstrand +2003-07-24 Love Hörnquist Ã…strand * ipropd_slave.c (receive_everything): switch close and rename From: Alf Wachsmann -2003-07-03 Love Hörnquist Åstrand +2003-07-03 Love Hörnquist Ã…strand * iprop.h, ipropd_master.c, ipropd_slave.c: Add probing from the server that the client is still there, also make the client check that the server is probing. -2003-07-02 Love Hörnquist Åstrand +2003-07-02 Love Hörnquist Ã…strand * truncate_log.c (main): add missing ``if (ret)'' -2003-06-26 Love Hörnquist Åstrand +2003-06-26 Love Hörnquist Ã…strand * set_keys.c (make_keys): add AES support * set_keys.c: fix off by one in the aes case, pointed out by Ken Raeburn -2003-04-30 Love Hörnquist Åstrand +2003-04-30 Love Hörnquist Ã…strand * set_keys.c (_kadm5_set_keys_randomly): add ETYPE_AES256_CTS_HMAC_SHA1_96 key when configuried with aes support -2003-04-16 Love Hörnquist Åstrand +2003-04-16 Love Hörnquist Ã…strand * send_recv.c: check return values from krb5_data_alloc * log.c: check return values from krb5_data_alloc -2003-04-16 Love Hörnquist Åstrand +2003-04-16 Love Hörnquist Ã…strand * dump_log.c (print_entry): check return values from krb5_data_alloc -2003-04-01 Love Hörnquist Åstrand +2003-04-01 Love Hörnquist Ã…strand * init_c.c (kadm_connect): if a context realm was passed in, use that to form the kadmin/admin principal -2003-03-19 Love Hörnquist Åstrand +2003-03-19 Love Hörnquist Ã…strand * ipropd_master.c (main): make sure we don't consider dead slave for select processing diff --git a/lib/kadm5/Makefile.am b/lib/kadm5/Makefile.am index 66ffd375c49a..e25ccd11784e 100644 --- a/lib/kadm5/Makefile.am +++ b/lib/kadm5/Makefile.am @@ -1,9 +1,7 @@ -# $Id: Makefile.am 22403 2008-01-11 14:37:26Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -SLC = $(top_builddir)/lib/sl/slc - lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la libkadm5srv_la_LDFLAGS = -version-info 8:1:0 libkadm5clnt_la_LDFLAGS = -version-info 7:1:0 @@ -34,7 +32,9 @@ default_keys_SOURCES = default_keys.c kadm5includedir = $(includedir)/kadm5 buildkadm5include = $(buildinclude)/kadm5 -dist_kadm5include_HEADERS = admin.h private.h kadm5-protos.h kadm5-private.h +dist_kadm5include_HEADERS = admin.h private.h kadm5-pwcheck.h +dist_kadm5include_HEADERS += kadm5-protos.h kadm5-private.h + nodist_kadm5include_HEADERS = kadm5_err.h install-build-headers:: $(dist_kadm5include_HEADERS) $(nodist_kadm5include_HEADERS) @@ -71,7 +71,6 @@ dist_libkadm5clnt_la_SOURCES = \ randkey_c.c \ rename_c.c \ send_recv.c \ - kadm5-pwcheck.h \ admin.h nodist_libkadm5clnt_la_SOURCES = \ @@ -108,13 +107,15 @@ dist_libkadm5srv_la_SOURCES = \ server_glue.c \ set_keys.c \ set_modifier.c \ - kadm5-pwcheck.h \ admin.h nodist_libkadm5srv_la_SOURCES = \ kadm5_err.c \ kadm5_err.h +libkadm5srv_la_DEPENDENCIES = \ + version-script.map + dist_iprop_log_SOURCES = iprop-log.c nodist_iprop_log_SOURCES = iprop-commands.c @@ -127,7 +128,6 @@ man_MANS = kadm5_pwcheck.3 iprop.8 iprop-log.8 LDADD = \ libkadm5srv.la \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_hcrypto) \ @@ -139,7 +139,6 @@ LDADD = \ iprop_log_LDADD = \ libkadm5srv.la \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_hcrypto) \ @@ -183,6 +182,12 @@ $(srcdir)/kadm5-private.h: || rm -f kadm5-private.h EXTRA_DIST = \ + NTMakefile \ + iprop-log-version.rc \ + ipropd-master-version.rc \ + ipropd-slave-version.rc \ + libkadm5srv-version.rc \ + libkadm5srv-exports.def \ kadm5_err.et \ iprop-commands.in \ $(man_MANS) \ diff --git a/lib/kadm5/Makefile.in b/lib/kadm5/Makefile.in index 81f1ced3d9e9..71f7659c2482 100644 --- a/lib/kadm5/Makefile.in +++ b/lib/kadm5/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,18 +15,19 @@ @SET_MAKE@ -# $Id: Makefile.am 22403 2008-01-11 14:37:26Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -51,7 +53,7 @@ libexec_PROGRAMS = ipropd-master$(EXEEXT) ipropd-slave$(EXEEXT) subdir = lib/kadm5 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -66,7 +68,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -80,9 +82,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -90,23 +95,38 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(libexecdir)" \ "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man3dir)" \ "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(kadm5includedir)" \ "$(DESTDIR)$(kadm5includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) $(noinst_LTLIBRARIES) am__DEPENDENCIES_1 = libkadm5clnt_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \ @@ -121,8 +141,6 @@ libkadm5clnt_la_OBJECTS = $(dist_libkadm5clnt_la_OBJECTS) \ libkadm5clnt_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libkadm5clnt_la_LDFLAGS) $(LDFLAGS) -o $@ -libkadm5srv_la_DEPENDENCIES = $(am__DEPENDENCIES_1) ../krb5/libkrb5.la \ - ../hdb/libhdb.la $(am__DEPENDENCIES_1) dist_libkadm5srv_la_OBJECTS = acl.lo bump_pw_expire.lo chpass_s.lo \ common_glue.lo context_s.lo create_s.lo delete_s.lo \ destroy_s.lo ent_setup.lo error.lo flush_s.lo free.lo \ @@ -141,14 +159,12 @@ sample_passwd_check_la_OBJECTS = $(am_sample_passwd_check_la_OBJECTS) sample_passwd_check_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(sample_passwd_check_la_LDFLAGS) $(LDFLAGS) -o $@ -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(libexec_PROGRAMS) $(noinst_PROGRAMS) $(sbin_PROGRAMS) am_default_keys_OBJECTS = default_keys.$(OBJEXT) default_keys_OBJECTS = $(am_default_keys_OBJECTS) default_keys_LDADD = $(LDADD) default_keys_DEPENDENCIES = libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/hdb/libhdb.la \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ @@ -158,7 +174,7 @@ nodist_iprop_log_OBJECTS = iprop-commands.$(OBJEXT) iprop_log_OBJECTS = $(dist_iprop_log_OBJECTS) \ $(nodist_iprop_log_OBJECTS) iprop_log_DEPENDENCIES = libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/hdb/libhdb.la \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ $(top_builddir)/lib/sl/libsl.la $(am__DEPENDENCIES_1) \ @@ -169,7 +185,7 @@ am_ipropd_master_OBJECTS = ipropd_master.$(OBJEXT) \ ipropd_master_OBJECTS = $(am_ipropd_master_OBJECTS) ipropd_master_LDADD = $(LDADD) ipropd_master_DEPENDENCIES = libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/hdb/libhdb.la \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ @@ -179,7 +195,7 @@ am_ipropd_slave_OBJECTS = ipropd_slave.$(OBJEXT) \ ipropd_slave_OBJECTS = $(am_ipropd_slave_OBJECTS) ipropd_slave_LDADD = $(LDADD) ipropd_slave_DEPENDENCIES = libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/hdb/libhdb.la \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ @@ -188,14 +204,14 @@ test_pw_quality_SOURCES = test_pw_quality.c test_pw_quality_OBJECTS = test_pw_quality.$(OBJEXT) test_pw_quality_LDADD = $(LDADD) test_pw_quality_DEPENDENCIES = libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/hdb/libhdb.la \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -221,8 +237,6 @@ DIST_SOURCES = $(dist_libkadm5clnt_la_SOURCES) \ man3dir = $(mandir)/man3 man8dir = $(mandir)/man8 MANS = $(man_MANS) -dist_kadm5includeHEADERS_INSTALL = $(INSTALL_HEADER) -nodist_kadm5includeHEADERS_INSTALL = $(INSTALL_HEADER) HEADERS = $(dist_kadm5include_HEADERS) $(nodist_kadm5include_HEADERS) ETAGS = etags CTAGS = ctags @@ -231,49 +245,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -297,10 +320,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -317,6 +341,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -332,31 +358,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -371,10 +411,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -415,31 +457,35 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SLC = $(top_builddir)/lib/sl/slc lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la libkadm5srv_la_LDFLAGS = -version-info 8:1:0 $(am__append_1) libkadm5clnt_la_LDFLAGS = -version-info 7:1:0 @@ -456,7 +502,8 @@ libkadm5clnt_la_LIBADD = \ default_keys_SOURCES = default_keys.c kadm5includedir = $(includedir)/kadm5 buildkadm5include = $(buildinclude)/kadm5 -dist_kadm5include_HEADERS = admin.h private.h kadm5-protos.h kadm5-private.h +dist_kadm5include_HEADERS = admin.h private.h kadm5-pwcheck.h \ + kadm5-protos.h kadm5-private.h nodist_kadm5include_HEADERS = kadm5_err.h dist_libkadm5clnt_la_SOURCES = \ ad.c \ @@ -479,7 +526,6 @@ dist_libkadm5clnt_la_SOURCES = \ randkey_c.c \ rename_c.c \ send_recv.c \ - kadm5-pwcheck.h \ admin.h nodist_libkadm5clnt_la_SOURCES = \ @@ -516,13 +562,15 @@ dist_libkadm5srv_la_SOURCES = \ server_glue.c \ set_keys.c \ set_modifier.c \ - kadm5-pwcheck.h \ admin.h nodist_libkadm5srv_la_SOURCES = \ kadm5_err.c \ kadm5_err.h +libkadm5srv_la_DEPENDENCIES = \ + version-script.map + dist_iprop_log_SOURCES = iprop-log.c nodist_iprop_log_SOURCES = iprop-commands.c ipropd_master_SOURCES = ipropd_master.c ipropd_common.c iprop.h kadm5_locl.h @@ -531,7 +579,6 @@ man_MANS = kadm5_pwcheck.3 iprop.8 iprop-log.8 LDADD = \ libkadm5srv.la \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_hcrypto) \ @@ -543,7 +590,6 @@ LDADD = \ iprop_log_LDADD = \ libkadm5srv.la \ $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_hcrypto) \ @@ -557,6 +603,12 @@ iprop_log_LDADD = \ CLEANFILES = kadm5_err.c kadm5_err.h iprop-commands.h iprop-commands.c proto_opts = -q -R '^(_|kadm5_c_|kadm5_s_|kadm5_log)' -P comment EXTRA_DIST = \ + NTMakefile \ + iprop-log-version.rc \ + ipropd-master-version.rc \ + ipropd-slave-version.rc \ + libkadm5srv-version.rc \ + libkadm5srv-exports.def \ kadm5_err.et \ iprop-commands.in \ $(man_MANS) \ @@ -568,19 +620,19 @@ EXTRA_DIST = \ all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/kadm5/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/kadm5/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kadm5/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/kadm5/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -598,23 +650,28 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -642,74 +699,108 @@ sample_passwd_check.la: $(sample_passwd_check_la_OBJECTS) $(sample_passwd_check_ $(sample_passwd_check_la_LINK) $(sample_passwd_check_la_OBJECTS) $(sample_passwd_check_la_LIBADD) $(LIBS) clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexecdir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexecdir)$$dir" || exit $$?; \ + } \ + ; done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$(libexecdir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexecdir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexecdir)" && rm -f $$files clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(libexec_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list install-sbinPROGRAMS: $(sbin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(sbindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(sbindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-sbinPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done + @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(sbindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(sbindir)" && rm -f $$files clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(sbin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list default_keys$(EXEEXT): $(default_keys_OBJECTS) $(default_keys_DEPENDENCIES) @rm -f default_keys$(EXEEXT) $(LINK) $(default_keys_OBJECTS) $(default_keys_LDADD) $(LIBS) @@ -732,194 +823,266 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/acl.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ad.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bump_pw_expire.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chpass_c.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chpass_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/client_glue.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/common_glue.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/context_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/create_c.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/create_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/default_keys.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/delete_c.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/delete_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/destroy_c.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/destroy_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ent_setup.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/error.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/flush_c.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/flush_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/free.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/get_c.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/get_princs_c.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/get_princs_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/get_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/init_c.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/init_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/iprop-commands.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/iprop-log.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ipropd_common.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ipropd_master.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ipropd_slave.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kadm5_err.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keys.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/log.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/marshall.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/modify_c.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/modify_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/password_quality.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/privs_c.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/privs_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/randkey_c.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/randkey_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rename_c.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rename_s.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sample_passwd_check.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/send_recv.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/server_glue.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/set_keys.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/set_modifier.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_pw_quality.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man3: $(man3_MANS) $(man_MANS) +install-man3: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)" - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man3dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.3[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ + done; } + uninstall-man3: @$(NORMAL_UNINSTALL) - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man3dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) + @list=''; test -n "$(man3dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.3[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man3dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man3dir)" && rm -f $$files; } +install-man8: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + uninstall-man8: @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } install-dist_kadm5includeHEADERS: $(dist_kadm5include_HEADERS) @$(NORMAL_INSTALL) test -z "$(kadm5includedir)" || $(MKDIR_P) "$(DESTDIR)$(kadm5includedir)" - @list='$(dist_kadm5include_HEADERS)'; for p in $$list; do \ + @list='$(dist_kadm5include_HEADERS)'; test -n "$(kadm5includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(dist_kadm5includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(kadm5includedir)/$$f'"; \ - $(dist_kadm5includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(kadm5includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(kadm5includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(kadm5includedir)" || exit $$?; \ done uninstall-dist_kadm5includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(dist_kadm5include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(kadm5includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(kadm5includedir)/$$f"; \ - done + @list='$(dist_kadm5include_HEADERS)'; test -n "$(kadm5includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(kadm5includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(kadm5includedir)" && rm -f $$files install-nodist_kadm5includeHEADERS: $(nodist_kadm5include_HEADERS) @$(NORMAL_INSTALL) test -z "$(kadm5includedir)" || $(MKDIR_P) "$(DESTDIR)$(kadm5includedir)" - @list='$(nodist_kadm5include_HEADERS)'; for p in $$list; do \ + @list='$(nodist_kadm5include_HEADERS)'; test -n "$(kadm5includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_kadm5includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(kadm5includedir)/$$f'"; \ - $(nodist_kadm5includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(kadm5includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(kadm5includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(kadm5includedir)" || exit $$?; \ done uninstall-nodist_kadm5includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(nodist_kadm5include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(kadm5includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(kadm5includedir)/$$f"; \ - done + @list='$(nodist_kadm5include_HEADERS)'; test -n "$(kadm5includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(kadm5includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(kadm5includedir)" && rm -f $$files ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -935,13 +1098,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -979,6 +1146,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -990,6 +1158,7 @@ clean-am: clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ clean-noinstPROGRAMS clean-sbinPROGRAMS mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -1000,6 +1169,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -1008,27 +1179,36 @@ install-data-am: install-dist_kadm5includeHEADERS install-man \ install-nodist_kadm5includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-libLTLIBRARIES install-libexecPROGRAMS \ install-sbinPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man3 install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -1051,11 +1231,10 @@ uninstall-am: uninstall-dist_kadm5includeHEADERS \ uninstall-sbinPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man3 uninstall-man8 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ @@ -1150,6 +1329,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -1235,7 +1417,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -1288,6 +1470,7 @@ $(srcdir)/kadm5-private.h: $(dist_libkadm5clnt_la_SOURCES) \ $(dist_libkadm5srv_la_SOURCES) \ || rm -f kadm5-private.h + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/kadm5/NTMakefile b/lib/kadm5/NTMakefile new file mode 100644 index 000000000000..3afe8e899543 --- /dev/null +++ b/lib/kadm5/NTMakefile @@ -0,0 +1,273 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\kadm5 + +!include ../../windows/NTMakefile.w32 + +dist_libkadm5clnt_la_SOURCES = \ + ad.c \ + chpass_c.c \ + client_glue.c \ + common_glue.c \ + create_c.c \ + delete_c.c \ + destroy_c.c \ + flush_c.c \ + free.c \ + get_c.c \ + get_princs_c.c \ + init_c.c \ + kadm5_locl.h \ + marshall.c \ + modify_c.c \ + private.h \ + privs_c.c \ + randkey_c.c \ + rename_c.c \ + send_recv.c \ + kadm5-pwcheck.h \ + admin.h + +dist_libkadm5srv_la_SOURCES = \ + acl.c \ + admin.h \ + bump_pw_expire.c \ + chpass_s.c \ + common_glue.c \ + context_s.c \ + create_s.c \ + delete_s.c \ + destroy_s.c \ + ent_setup.c \ + error.c \ + flush_s.c \ + free.c \ + get_princs_s.c \ + get_s.c \ + init_s.c \ + kadm5_locl.h \ + keys.c \ + log.c \ + marshall.c \ + modify_s.c \ + password_quality.c \ + private.h \ + privs_s.c \ + randkey_s.c \ + rename_s.c \ + server_glue.c \ + set_keys.c \ + set_modifier.c \ + kadm5-pwcheck.h \ + admin.h + +LIBKADM5CLNT_OBJS= \ + $(OBJ)\ad.obj \ + $(OBJ)\chpass_c.obj \ + $(OBJ)\client_glue.obj \ + $(OBJ)\common_glue.obj \ + $(OBJ)\create_c.obj \ + $(OBJ)\delete_c.obj \ + $(OBJ)\destroy_c.obj \ + $(OBJ)\flush_c.obj \ + $(OBJ)\free.obj \ + $(OBJ)\get_c.obj \ + $(OBJ)\get_princs_c.obj \ + $(OBJ)\init_c.obj \ + $(OBJ)\marshall.obj \ + $(OBJ)\modify_c.obj \ + $(OBJ)\privs_c.obj \ + $(OBJ)\randkey_c.obj \ + $(OBJ)\rename_c.obj \ + $(OBJ)\send_recv.obj \ + $(OBJ)\kadm5_err.obj + +LIBKADM5SRV_OBJS= \ + $(OBJ)\acl.obj \ + $(OBJ)\bump_pw_expire.obj \ + $(OBJ)\chpass_s.obj \ + $(OBJ)\common_glue.obj \ + $(OBJ)\context_s.obj \ + $(OBJ)\create_s.obj \ + $(OBJ)\delete_s.obj \ + $(OBJ)\destroy_s.obj \ + $(OBJ)\ent_setup.obj \ + $(OBJ)\error.obj \ + $(OBJ)\flush_s.obj \ + $(OBJ)\free.obj \ + $(OBJ)\get_princs_s.obj \ + $(OBJ)\get_s.obj \ + $(OBJ)\init_s.obj \ + $(OBJ)\keys.obj \ + $(OBJ)\log.obj \ + $(OBJ)\marshall.obj \ + $(OBJ)\modify_s.obj \ + $(OBJ)\password_quality.obj \ + $(OBJ)\privs_s.obj \ + $(OBJ)\randkey_s.obj \ + $(OBJ)\rename_s.obj \ + $(OBJ)\server_glue.obj \ + $(OBJ)\set_keys.obj \ + $(OBJ)\set_modifier.obj \ + $(OBJ)\kadm5_err.obj + + +proto_opts = -q -R "^(_|kadm5_c_|kadm5_s_|kadm5_log)" -P remove + +$(OBJ)\kadm5-protos.h: $(dist_libkadm5srv_la_SOURCES) $(dist_libkadm5clnt_la_SOURCES) + $(PERL) ..\..\cf\make-proto.pl $(proto_opts) \ + -o $@ \ + $(dist_libkadm5srv_la_SOURCES) \ + $(dist_libkadm5clnt_la_SOURCES) \ + || $(RM) $@ + +$(OBJ)\kadm5-private.h: $(dist_libkadm5srv_la_SOURCES) $(dist_libkadm5clnt_la_SOURCES) + $(PERL) ..\..\cf\make-proto.pl $(proto_opts) \ + -p $@ \ + $(dist_libkadm5srv_la_SOURCES) \ + $(dist_libkadm5clnt_la_SOURCES) \ + || $(RM) $@ + +$(OBJ)\iprop-commands.c $(OBJ)\iprop-commands.h: iprop-commands.in + cd $(OBJ) + $(CP) $(SRCDIR)\iprop-commands.in $(OBJ) + $(BINDIR)\slc.exe iprop-commands.in + cd $(SRCDIR) + +$(OBJ)\kadm5_err.h $(OBJ)kadm5_err.c: kadm5_err.et + cd $(OBJ) + $(BINDIR)\compile_et.exe $(SRCDIR)\kadm5_err.et + cd $(SRCDIR) + +$(KADM5INCDIR)\kadm5_err.h: $(OBJ)\kadm5_err.h + +KADM5INCDIR=$(INCDIR)\kadm5 + +INCFILES=\ + $(KADM5INCDIR)\kadm5_err.h \ + $(KADM5INCDIR)\admin.h \ + $(KADM5INCDIR)\private.h \ + $(KADM5INCDIR)\kadm5-protos.h \ + $(KADM5INCDIR)\kadm5-private.h \ + $(OBJ)\iprop-commands.h + +SBINPROGRAMS=$(SBINDIR)\iprop-log.exe + +LIBEXECPROGRAMS=$(LIBEXECDIR)\ipropd-master.exe $(LIBEXECDIR)\ipropd-slave.exe + +EXELIBDEPS= \ + $(LIBKADM5SRV) \ + $(LIBROKEN) \ + $(LIBHEIMDAL) \ + $(LIBHDB) \ + $(LIBSQLITE) \ + $(LIBSL) \ + $(LIBCOMERR) \ + $(LIBVERS) + +$(SBINDIR)\iprop-log.exe: $(OBJ)\iprop-log.obj $(OBJ)\iprop-commands.obj $(EXELIBDEPS) \ + $(OBJ)\iprop-log-version.res + $(EXECONLINK) + $(EXEPREP) + +$(LIBEXECDIR)\ipropd-master.exe: $(OBJ)\ipropd_master.obj $(OBJ)\ipropd_common.obj \ + $(EXELIBDEPS) $(OBJ)\ipropd-master-version.res + $(EXECONLINK) + $(EXEPREP) + +$(LIBEXECDIR)\ipropd-slave.exe: $(OBJ)\ipropd_slave.obj $(OBJ)\ipropd_common.obj \ + $(EXELIBDEPS) $(OBJ)\ipropd-slave-version.res + $(EXECONLINK) + $(EXEPREP) + +$(LIBKADM5CLNT): $(LIBKADM5CLNT_OBJS) + $(LIBCON) + +LIBKADM5SRVRES=$(OBJ)\libkadm5srv-version.res + +$(LIBKADM5SRV): $(BINDIR)\libkadm5srv.dll + +$(BINDIR)\libkadm5srv.dll: $(LIBKADM5SRV_OBJS) $(LIBHEIMDAL) $(LIBROKEN) $(LIBHDB) $(LIBCOMERR) $(LIBSQLITE) $(LIBKADM5SRVRES) + $(DLLGUILINK) -implib:$(LIBKADM5SRV) -def:libkadm5srv-exports.def + $(DLLPREP) + +all:: $(INCFILES) $(LIBKADM5SRV) $(LIBKADM5CLNT) + +all-tools:: $(SBINPROGRAMS) $(LIBEXECPROGRAMS) + +clean:: + -$(RM) $(INCFILES) + -$(RM) $(LIBKADM5CLNT) + -$(RM) $(LIBKADM5SRV) + -$(RM) $(BINDIR)\libkadm5srv.* + -$(RM) $(SBINPROGRAMS:.exe=.*) + -$(RM) $(LIBEXECPROGRAMS:.exe=.*) + +test:: test-binaries test-run + +test-binaries: \ + $(OBJ)\default_keys.exe \ + $(OBJ)\test_pw_quality.exe \ + $(OBJ)\sample_passwd_check.dll + +$(OBJ)\default_keys.exe: $(OBJ)\default_keys.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHDB) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_pw_quality.exe: $(OBJ)\test_pw_quality.obj \ + $(LIBROKEN) $(LIBKADM5SRV) $(LIBVERS) $(LIBHEIMDAL) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\sample_passwd_check.dll: $(OBJ)\sample_passwd_check.obj $(LIBHEIMDAL) + $(DLLGUILINK) /DEF:<< +EXPORTS + version DATA + check_length +<< + $(DLLPREP_NODIST) + +test-run: + +{$(OBJ)}.h{$(KADM5INCDIR)}.h: + $(CP) $< $@ + +{}.h{$(KADM5INCDIR)}.h: + $(CP) $< $@ + +{}.c{$(OBJ)}.obj:: + $(C2OBJ_P) -I$(OBJ) -I$(KADM5INCDIR) + +test-exports: + $(PERL) ..\..\cf\w32-check-exported-symbols.pl --vs version-script.map --def libkadm5srv-exports.def + +test:: test-exports diff --git a/lib/kadm5/acl.c b/lib/kadm5/acl.c index 9a2f75b6cbf6..5e263a32513a 100644 --- a/lib/kadm5/acl.c +++ b/lib/kadm5/acl.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: acl.c 17445 2006-05-05 10:37:46Z lha $"); +RCSID("$Id$"); static struct units acl_units[] = { { "all", KADM5_PRIV_ALL }, @@ -44,7 +44,7 @@ static struct units acl_units[] = { { "modify", KADM5_PRIV_MODIFY }, { "add", KADM5_PRIV_ADD }, { "get", KADM5_PRIV_GET }, - { NULL } + { NULL, 0 } }; kadm5_ret_t @@ -103,7 +103,7 @@ fetch_acl (kadm5_server_context *context, ret = krb5_parse_name(context->context, p, &this_princ); if(ret) break; - if(!krb5_principal_compare(context->context, + if(!krb5_principal_compare(context->context, context->caller, this_princ)) { krb5_free_principal(context->context, this_princ); continue; @@ -150,7 +150,7 @@ _kadm5_acl_init(kadm5_server_context *context) { krb5_principal princ; krb5_error_code ret; - + ret = krb5_parse_name(context->context, KADM5_ADMIN_SERVICE, &princ); if (ret) return ret; diff --git a/lib/kadm5/ad.c b/lib/kadm5/ad.c index 72288d978eaa..4ea5cdb08e85 100644 --- a/lib/kadm5/ad.c +++ b/lib/kadm5/ad.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #define HAVE_TSASL 1 @@ -47,7 +47,7 @@ #include #endif -RCSID("$Id: ad.c 17445 2006-05-05 10:37:46Z lha $"); +RCSID("$Id$"); #ifdef OPENLDAP @@ -141,7 +141,7 @@ ldap_tsasl_bind_s(LDAP *ld, rc = ldap_search_s(ld, "", LDAP_SCOPE_BASE, NULL, attrs, 0, &m0); if (rc != LDAP_SUCCESS) goto out; - + m = ldap_first_entry(ld, m0); if (m == NULL) { ldap_msgfree(m0); @@ -175,7 +175,7 @@ ldap_tsasl_bind_s(LDAP *ld, ret = tsasl_request(peer, &in, &out); if (in.tb_size != 0) { free(in.tb_data); - in.tb_data = NULL; + in.tb_data = NULL; in.tb_size = 0; } if (ret != TSASL_DONE && ret != TSASL_CONTINUE) { @@ -278,23 +278,23 @@ _kadm5_ad_connect(void *server_handle) asprintf(&domain, "_ldap._tcp.%s", context->realm); if (domain == NULL) { - krb5_set_error_string(context->context, "malloc"); + krb5_set_error_message(context->context, KADM5_NO_SRV, "malloc"); return KADM5_NO_SRV; } r = dns_lookup(domain, "SRV"); free(domain); if (r == NULL) { - krb5_set_error_string(context->context, "Didn't find ldap dns"); + krb5_set_error_message(context->context, KADM5_NO_SRV, "Didn't find ldap dns"); return KADM5_NO_SRV; - } + } for (rr = r->head ; rr != NULL; rr = rr->next) { - if (rr->type != T_SRV) + if (rr->type != rk_ns_t_srv) continue; s = realloc(servers, sizeof(*servers) * (num_servers + 1)); if (s == NULL) { - krb5_set_error_string(context->context, "malloc"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, "malloc"); dns_free_data(r); goto fail; } @@ -307,7 +307,7 @@ _kadm5_ad_connect(void *server_handle) } if (num_servers == 0) { - krb5_set_error_string(context->context, "No AD server found in DNS"); + krb5_set_error_message(context->context, KADM5_NO_SRV, "No AD server found in DNS"); return KADM5_NO_SRV; } @@ -318,29 +318,29 @@ _kadm5_ad_connect(void *server_handle) lp = ldap_init(servers[i].server, servers[i].port); if (lp == NULL) continue; - + if (ldap_set_option(lp, LDAP_OPT_PROTOCOL_VERSION, &version)) { ldap_unbind(lp); continue; } - + if (ldap_set_option(lp, LDAP_OPT_REFERRALS, LDAP_OPT_OFF)) { ldap_unbind(lp); continue; } - + #ifdef HAVE_TSASL lret = ldap_tsasl_bind_s(lp, NULL, NULL, NULL, servers[i].server); - + #else - lret = ldap_sasl_interactive_bind_s(lp, NULL, NULL, NULL, NULL, + lret = ldap_sasl_interactive_bind_s(lp, NULL, NULL, NULL, NULL, LDAP_SASL_QUIET, sasl_interact, NULL); #endif if (lret != LDAP_SUCCESS) { - krb5_set_error_string(context->context, - "Couldn't contact any AD servers: %s", - ldap_err2string(lret)); + krb5_set_error_message(context->context, 0, + "Couldn't contact any AD servers: %s", + ldap_err2string(lret)); ldap_unbind(lp); continue; } @@ -358,10 +358,10 @@ _kadm5_ad_connect(void *server_handle) int attrlen = 0; char **vals; int ret; - + laddattr(&attr, &attrlen, "defaultNamingContext"); - ret = ldap_search_s(CTX2LP(context), "", LDAP_SCOPE_BASE, + ret = ldap_search_s(CTX2LP(context), "", LDAP_SCOPE_BASE, "objectclass=*", attr, 0, &m); free(attr); if (check_ldap(context, ret)) @@ -370,16 +370,16 @@ _kadm5_ad_connect(void *server_handle) if (ldap_count_entries(CTX2LP(context), m) > 0) { m0 = ldap_first_entry(CTX2LP(context), m); if (m0 == NULL) { - krb5_set_error_string(context->context, - "Error in AD ldap responce"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, + "Error in AD ldap responce"); ldap_msgfree(m); goto fail; } - vals = ldap_get_values(CTX2LP(context), + vals = ldap_get_values(CTX2LP(context), m0, "defaultNamingContext"); if (vals == NULL) { - krb5_set_error_string(context->context, - "No naming context found"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, + "No naming context found"); goto fail; } context->base_dn = strdup(vals[0]); @@ -444,7 +444,7 @@ ad_find_entry(kadm5_ad_context *context, *name = NULL; if (fqdn) - asprintf(&filter, + asprintf(&filter, "(&(objectClass=computer)(|(dNSHostName=%s)(servicePrincipalName=%s)))", fqdn, pn); else if(pn) @@ -453,7 +453,7 @@ ad_find_entry(kadm5_ad_context *context, return KADM5_RPC_ERROR; ret = ldap_search_s(CTX2LP(context), CTX2BASE(context), - LDAP_SCOPE_SUBTREE, + LDAP_SCOPE_SUBTREE, filter, attr, 0, &m); free(filter); if (check_ldap(context, ret)) @@ -496,7 +496,7 @@ ad_get_cred(kadm5_ad_context *context, const char *password) ret = _kadm5_c_get_cred_cache(context->context, context->client_name, service, - password, krb5_prompter_posix, + password, krb5_prompter_posix, NULL, NULL, &cc); free(service); if(ret) @@ -522,14 +522,14 @@ kadm5_ad_chpass_principal(void *server_handle, krb5_data_zero (&result_code_string); krb5_data_zero (&result_string); - ret = krb5_set_password_using_ccache (context->context, + ret = krb5_set_password_using_ccache (context->context, context->ccache, password, principal, &result_code, &result_code_string, &result_string); - + krb5_data_free (&result_code_string); krb5_data_free (&result_string); @@ -548,7 +548,7 @@ get_fqdn(krb5_context context, const krb5_principal p) s = krb5_principal_get_comp_string(context, p, 0); if (p == NULL) return NULL; - + for (i = 0; i < sizeof(hosttypes)/sizeof(hosttypes[0]); i++) { if (strcasecmp(s, hosttypes[i]) == 0) return krb5_principal_get_comp_string(context, p, 1); @@ -574,42 +574,42 @@ kadm5_ad_create_principal(void *server_handle, #ifdef OPENLDAP LDAPMod *attrs[8], rattrs[7], *a; - char *useraccvals[2] = { NULL, NULL }, + char *useraccvals[2] = { NULL, NULL }, *samvals[2], *dnsvals[2], *spnvals[5], *upnvals[2], *tv[2]; - char *ocvals_spn[] = { "top", "person", "organizationalPerson", - "user", "computer", NULL}; + char *ocvals_spn[] = { "top", "person", "organizationalPerson", + "user", "computer", NULL}; char *p, *realmless_p, *p_msrealm = NULL, *dn = NULL; const char *fqdn; char *s, *samname = NULL, *short_spn = NULL; int ret, i; int32_t uf_flags = 0; - + if ((mask & KADM5_PRINCIPAL) == 0) return KADM5_BAD_MASK; for (i = 0; i < sizeof(rattrs)/sizeof(rattrs[0]); i++) attrs[i] = &rattrs[i]; attrs[i] = NULL; - + ret = ad_get_cred(context, NULL); if (ret) return ret; - + ret = _kadm5_ad_connect(server_handle); if (ret) return ret; - + fqdn = get_fqdn(context->context, entry->principal); - + ret = krb5_unparse_name(context->context, entry->principal, &p); if (ret) return ret; - + if (ad_find_entry(context, fqdn, p, NULL) == 0) { free(p); return KADM5_DUP; } - + if (mask & KADM5_ATTRIBUTES) { if (entry->attributes & KRB5_KDB_DISALLOW_ALL_TIX) uf_flags |= UF_ACCOUNTDISABLE|UF_LOCKOUT; @@ -618,7 +618,7 @@ kadm5_ad_create_principal(void *server_handle, if (entry->attributes & KRB5_KDB_REQUIRES_HW_AUTH) uf_flags |= UF_SMARTCARD_REQUIRED; } - + realmless_p = strdup(p); if (realmless_p == NULL) { ret = ENOMEM; @@ -627,7 +627,7 @@ kadm5_ad_create_principal(void *server_handle, s = strrchr(realmless_p, '@'); if (s) *s = '\0'; - + if (fqdn) { /* create computer account */ asprintf(&samname, "%s$", fqdn); @@ -640,7 +640,7 @@ kadm5_ad_create_principal(void *server_handle, s[0] = '$'; s[1] = '\0'; } - + short_spn = strdup(p); if (short_spn == NULL) { errno = ENOMEM; @@ -733,12 +733,12 @@ kadm5_ad_create_principal(void *server_handle, } else { /* create user account */ - + a = &rattrs[0]; a->mod_op = LDAP_MOD_ADD; a->mod_type = "userAccountControl"; a->mod_values = useraccvals; - asprintf(&useraccvals[0], "%d", + asprintf(&useraccvals[0], "%d", uf_flags | UF_PASSWD_NOT_EXPIRE); useraccvals[1] = NULL; @@ -788,7 +788,7 @@ kadm5_ad_create_principal(void *server_handle, return 0; #else - krb5_set_error_string(context->context, "Function not implemented"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented"); return KADM5_RPC_ERROR; #endif } @@ -830,7 +830,7 @@ kadm5_ad_delete_principal(void *server_handle, krb5_principal principal) return KADM5_RPC_ERROR; return 0; #else - krb5_set_error_string(context->context, "Function not implemented"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented"); return KADM5_RPC_ERROR; #endif } @@ -864,19 +864,14 @@ static kadm5_ret_t kadm5_ad_flush(void *server_handle) { kadm5_ad_context *context = server_handle; -#ifdef OPENLDAP - krb5_set_error_string(context->context, "Function not implemented"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented"); return KADM5_RPC_ERROR; -#else - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -#endif } static kadm5_ret_t kadm5_ad_get_principal(void *server_handle, - krb5_principal principal, - kadm5_principal_ent_t entry, + krb5_principal principal, + kadm5_principal_ent_t entry, uint32_t mask) { kadm5_ad_context *context = server_handle; @@ -921,14 +916,14 @@ kadm5_ad_get_principal(void *server_handle, if (q && (p != q && *(q - 1) != '\\')) *q = '/'; - asprintf(&filter, + asprintf(&filter, "(|(userPrincipalName=%s)(servicePrincipalName=%s)(servicePrincipalName=%s))", u, p, u); free(p); free(u); ret = ldap_search_s(CTX2LP(context), CTX2BASE(context), - LDAP_SCOPE_SUBTREE, + LDAP_SCOPE_SUBTREE, filter, attr, 0, &m); free(attr); if (check_ldap(context, ret)) @@ -995,7 +990,7 @@ kadm5_ad_get_principal(void *server_handle, } } if (mask & KADM5_KVNO) { - vals = ldap_get_values(CTX2LP(context), m0, + vals = ldap_get_values(CTX2LP(context), m0, "msDS-KeyVersionNumber"); if (vals) entry->kvno = atoi(vals[0]); @@ -1014,7 +1009,7 @@ kadm5_ad_get_principal(void *server_handle, fail: return KADM5_RPC_ERROR; #else - krb5_set_error_string(context->context, "Function not implemented"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented"); return KADM5_RPC_ERROR; #endif } @@ -1042,10 +1037,10 @@ kadm5_ad_get_principals(void *server_handle, if (ret) return ret; - krb5_set_error_string(context->context, "Function not implemented"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented"); return KADM5_RPC_ERROR; #else - krb5_set_error_string(context->context, "Function not implemented"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented"); return KADM5_RPC_ERROR; #endif } @@ -1054,7 +1049,7 @@ static kadm5_ret_t kadm5_ad_get_privs(void *server_handle, uint32_t*privs) { kadm5_ad_context *context = server_handle; - krb5_set_error_string(context->context, "Function not implemented"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented"); return KADM5_RPC_ERROR; } @@ -1065,7 +1060,7 @@ kadm5_ad_modify_principal(void *server_handle, { kadm5_ad_context *context = server_handle; - /* + /* * KADM5_ATTRIBUTES * KRB5_KDB_DISALLOW_ALL_TIX (| KADM5_KVNO) */ @@ -1109,14 +1104,14 @@ kadm5_ad_modify_principal(void *server_handle, if (q && (p != q && *(q - 1) != '\\')) *q = '\0'; - asprintf(&filter, + asprintf(&filter, "(|(userPrincipalName=%s)(servicePrincipalName=%s))", s, s); free(p); free(s); ret = ldap_search_s(CTX2LP(context), CTX2BASE(context), - LDAP_SCOPE_SUBTREE, + LDAP_SCOPE_SUBTREE, filter, attr, 0, &m); free(attr); free(filter); @@ -1199,7 +1194,7 @@ kadm5_ad_modify_principal(void *server_handle, a->mod_values = tv; a++; } - + vals = ldap_get_values(CTX2LP(context), m0, "distinguishedName"); if (vals == NULL) { ret = KADM5_RPC_ERROR; @@ -1224,7 +1219,7 @@ kadm5_ad_modify_principal(void *server_handle, free(tv[0]); return ret; #else - krb5_set_error_string(context->context, "Function not implemented"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented"); return KADM5_RPC_ERROR; #endif } @@ -1267,7 +1262,7 @@ kadm5_ad_randkey_principal(void *server_handle, krb5_data_zero (&result_code_string); krb5_data_zero (&result_string); - ret = krb5_set_password_using_ccache (context->context, + ret = krb5_set_password_using_ccache (context->context, context->ccache, password, principal, @@ -1308,7 +1303,7 @@ kadm5_ad_randkey_principal(void *server_handle, *keys = NULL; *n_keys = 0; - krb5_set_error_string(context->context, "Function not implemented"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented"); return KADM5_RPC_ERROR; #endif } @@ -1319,18 +1314,18 @@ kadm5_ad_rename_principal(void *server_handle, krb5_principal to) { kadm5_ad_context *context = server_handle; - krb5_set_error_string(context->context, "Function not implemented"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented"); return KADM5_RPC_ERROR; } static kadm5_ret_t -kadm5_ad_chpass_principal_with_key(void *server_handle, +kadm5_ad_chpass_principal_with_key(void *server_handle, krb5_principal princ, int n_key_data, krb5_key_data *key_data) { kadm5_ad_context *context = server_handle; - krb5_set_error_string(context->context, "Function not implemented"); + krb5_set_error_message(context->context, KADM5_RPC_ERROR, "Function not implemented"); return KADM5_RPC_ERROR; } @@ -1352,7 +1347,7 @@ set_funcs(kadm5_ad_context *c) SET(c, rename_principal); } -kadm5_ret_t +kadm5_ret_t kadm5_ad_init_with_password_ctx(krb5_context context, const char *client_name, const char *password, @@ -1415,7 +1410,7 @@ kadm5_ad_init_with_password_ctx(krb5_context context, return 0; } -kadm5_ret_t +kadm5_ret_t kadm5_ad_init_with_password(const char *client_name, const char *password, const char *service_name, @@ -1431,7 +1426,7 @@ kadm5_ad_init_with_password(const char *client_name, ret = krb5_init_context(&context); if (ret) return ret; - ret = kadm5_ad_init_with_password_ctx(context, + ret = kadm5_ad_init_with_password_ctx(context, client_name, password, service_name, diff --git a/lib/kadm5/admin.h b/lib/kadm5/admin.h index 30d68d823793..e3e6755c361d 100644 --- a/lib/kadm5/admin.h +++ b/lib/kadm5/admin.h @@ -1,36 +1,36 @@ /* - * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: admin.h 20237 2007-02-16 23:54:34Z lha $ */ +/* $Id$ */ #ifndef __KADM5_ADMIN_H__ #define __KADM5_ADMIN_H__ @@ -104,7 +104,7 @@ #define KADM5_HIST_PRINCIPAL "kadmin/history" #define KADM5_CHANGEPW_SERVICE "kadmin/changepw" -typedef struct _krb5_key_data { +typedef struct { int16_t key_data_ver; /* Version */ int16_t key_data_kvno; /* Key Version */ int16_t key_data_type[2]; /* Array of types */ @@ -114,9 +114,9 @@ typedef struct _krb5_key_data { typedef struct _krb5_tl_data { struct _krb5_tl_data* tl_data_next; - int16_t tl_data_type; - int16_t tl_data_length; - void* tl_data_contents; + int16_t tl_data_type; + int16_t tl_data_length; + void* tl_data_contents; } krb5_tl_data; #define KRB5_TL_LAST_PWD_CHANGE 0x0001 @@ -223,7 +223,7 @@ typedef krb5_error_code kadm5_ret_t; #if 0 /* unimplemented functions */ -kadm5_ret_t +kadm5_ret_t kadm5_decrypt_key(void *server_handle, kadm5_principal_ent_t entry, int32_t ktype, int32_t stype, int32_t @@ -232,7 +232,7 @@ kadm5_decrypt_key(void *server_handle, kadm5_ret_t kadm5_create_policy(void *server_handle, - kadm5_policy_ent_t policy, uint32_t mask); + kadm5_policy_ent_t policy, uint32_t mask); kadm5_ret_t kadm5_delete_policy(void *server_handle, char *policy); @@ -240,17 +240,17 @@ kadm5_delete_policy(void *server_handle, char *policy); kadm5_ret_t kadm5_modify_policy(void *server_handle, - kadm5_policy_ent_t policy, + kadm5_policy_ent_t policy, uint32_t mask); kadm5_ret_t -kadm5_get_policy(void *server_handle, char *policy, kadm5_policy_ent_t ent); +kadm5_get_policy(void *server_handle, char *policy, kadm5_policy_ent_t ent); kadm5_ret_t kadm5_get_policies(void *server_handle, char *exp, char ***pols, int *count); -void +void kadm5_free_policy_ent(kadm5_policy_ent_t policy); #endif diff --git a/lib/kadm5/bump_pw_expire.c b/lib/kadm5/bump_pw_expire.c index 17bd5e103cef..5d72360df91c 100644 --- a/lib/kadm5/bump_pw_expire.c +++ b/lib/kadm5/bump_pw_expire.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: bump_pw_expire.c 8797 2000-07-24 03:47:54Z assar $"); +RCSID("$Id$"); /* * extend password_expiration if it's defined diff --git a/lib/kadm5/check-cracklib.pl b/lib/kadm5/check-cracklib.pl index 229cc7f0a9be..a6fbd4c82d49 100755 --- a/lib/kadm5/check-cracklib.pl +++ b/lib/kadm5/check-cracklib.pl @@ -29,7 +29,7 @@ # policies = builtin:external-check # external_program = /check-cracklib.pl # -# $Id: check-cracklib.pl 20578 2007-05-07 22:21:51Z lha $ +# $Id$ use strict; use Crypt::Cracklib; @@ -40,6 +40,9 @@ my $database = '/usr/lib/cracklib_dict'; my $historydb = '/var/heimdal/historydb'; # NEED TO CHANGE THESE TO MATCH YOUR SYSTEM +# seconds password reuse allowed (to catch retries from clients) +my $reusetime = 60; + my %params; sub check_basic @@ -60,6 +63,7 @@ sub check_repeat my $result = 'Do not reuse passwords'; my %DB; my $md5context = new Digest::MD5; + my $timenow = scalar(time()); $md5context->reset(); $md5context->add($principal, ":", $passwd); @@ -67,8 +71,10 @@ sub check_repeat my $key=$md5context->hexdigest(); dbmopen(%DB,$historydb,0600) or die "Internal: Could not open $historydb"; - $result = "ok" if (!$DB{$key}); - $DB{$key}=scalar(time()); + if (!$DB{$key} || ($timenow - $DB{$key} < $reusetime)) { + $result = "ok"; + $DB{$key}=$timenow; + } dbmclose(%DB) or die "Internal: Could not close $historydb"; return $result; } @@ -80,7 +86,7 @@ sub badpassword exit 0 } -while (<>) { +while () { last if /^end$/; if (!/^([^:]+): (.+)$/) { die "key value pair not correct: $_"; diff --git a/lib/kadm5/chpass_c.c b/lib/kadm5/chpass_c.c index 5319ce9045b2..af4328c9c4fc 100644 --- a/lib/kadm5/chpass_c.c +++ b/lib/kadm5/chpass_c.c @@ -1,42 +1,42 @@ /* - * Copyright (c) 1997-2000, 2005-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2000, 2005-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: chpass_c.c 16661 2006-01-25 12:50:10Z lha $"); +RCSID("$Id$"); kadm5_ret_t -kadm5_c_chpass_principal(void *server_handle, +kadm5_c_chpass_principal(void *server_handle, krb5_principal princ, const char *password) { @@ -53,7 +53,7 @@ kadm5_c_chpass_principal(void *server_handle, sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); return ENOMEM; } krb5_store_int32(sp, kadm_chpass); @@ -61,24 +61,26 @@ kadm5_c_chpass_principal(void *server_handle, krb5_store_string(sp, password); ret = _kadm5_client_send(context, sp); krb5_storage_free(sp); + if (ret) + return ret; ret = _kadm5_client_recv(context, &reply); if(ret) return ret; sp = krb5_storage_from_data (&reply); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_data_free (&reply); return ENOMEM; } krb5_ret_int32(sp, &tmp); - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_storage_free(sp); krb5_data_free (&reply); return tmp; } kadm5_ret_t -kadm5_c_chpass_principal_with_key(void *server_handle, +kadm5_c_chpass_principal_with_key(void *server_handle, krb5_principal princ, int n_key_data, krb5_key_data *key_data) @@ -97,7 +99,7 @@ kadm5_c_chpass_principal_with_key(void *server_handle, sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); return ENOMEM; } krb5_store_int32(sp, kadm_chpass_with_key); @@ -107,17 +109,19 @@ kadm5_c_chpass_principal_with_key(void *server_handle, kadm5_store_key_data (sp, &key_data[i]); ret = _kadm5_client_send(context, sp); krb5_storage_free(sp); + if (ret) + return ret; ret = _kadm5_client_recv(context, &reply); if(ret) return ret; sp = krb5_storage_from_data (&reply); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_data_free (&reply); return ENOMEM; } krb5_ret_int32(sp, &tmp); - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_storage_free(sp); krb5_data_free (&reply); return tmp; diff --git a/lib/kadm5/chpass_s.c b/lib/kadm5/chpass_s.c index abef28c25508..d5407d1549f4 100644 --- a/lib/kadm5/chpass_s.c +++ b/lib/kadm5/chpass_s.c @@ -1,42 +1,42 @@ /* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: chpass_s.c 20608 2007-05-08 07:11:48Z lha $"); +RCSID("$Id$"); static kadm5_ret_t -change(void *server_handle, +change(void *server_handle, krb5_principal princ, const char *password, int cond) @@ -46,39 +46,55 @@ change(void *server_handle, kadm5_ret_t ret; Key *keys; size_t num_keys; - int cmp = 1; + int existsp = 0; memset(&ent, 0, sizeof(ent)); ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) return ret; - ret = context->db->hdb_fetch(context->context, context->db, princ, - HDB_F_DECRYPT|HDB_F_GET_ANY, &ent); - if(ret == HDB_ERR_NOENTRY) + + ret = context->db->hdb_fetch_kvno(context->context, context->db, princ, + HDB_F_DECRYPT|HDB_F_GET_ANY|HDB_F_ADMIN_DATA, 0, &ent); + if(ret) goto out; - num_keys = ent.entry.keys.len; - keys = ent.entry.keys.val; + if (context->db->hdb_capability_flags & HDB_CAP_F_HANDLE_PASSWORDS) { + ret = context->db->hdb_password(context->context, context->db, + &ent, password, cond); + if (ret) + goto out2; + } else { - ent.entry.keys.len = 0; - ent.entry.keys.val = NULL; + num_keys = ent.entry.keys.len; + keys = ent.entry.keys.val; - ret = _kadm5_set_keys(context, &ent.entry, password); - if(ret) { + ent.entry.keys.len = 0; + ent.entry.keys.val = NULL; + + ret = _kadm5_set_keys(context, &ent.entry, password); + if(ret) { + _kadm5_free_keys (context->context, num_keys, keys); + goto out2; + } + + if (cond) + existsp = _kadm5_exists_keys (ent.entry.keys.val, + ent.entry.keys.len, + keys, num_keys); _kadm5_free_keys (context->context, num_keys, keys); - goto out2; + + if (existsp) { + ret = KADM5_PASS_REUSE; + krb5_set_error_message(context->context, ret, + "Password reuse forbidden"); + goto out2; + } + + ret = hdb_seal_keys(context->context, context->db, &ent.entry); + if (ret) + goto out2; } ent.entry.kvno++; - if (cond) - cmp = _kadm5_cmp_keys (ent.entry.keys.val, ent.entry.keys.len, - keys, num_keys); - _kadm5_free_keys (context->context, num_keys, keys); - - if (cmp == 0) { - krb5_set_error_string(context->context, "Password reuse forbidden"); - ret = KADM5_PASS_REUSE; - goto out2; - } ret = _kadm5_set_modifier(context, &ent.entry); if(ret) @@ -88,11 +104,7 @@ change(void *server_handle, if (ret) goto out2; - ret = hdb_seal_keys(context->context, context->db, &ent.entry); - if (ret) - goto out2; - - ret = context->db->hdb_store(context->context, context->db, + ret = context->db->hdb_store(context->context, context->db, HDB_F_REPLACE, &ent); if (ret) goto out2; @@ -117,7 +129,7 @@ change(void *server_handle, */ kadm5_ret_t -kadm5_s_chpass_principal_cond(void *server_handle, +kadm5_s_chpass_principal_cond(void *server_handle, krb5_principal princ, const char *password) { @@ -129,7 +141,7 @@ kadm5_s_chpass_principal_cond(void *server_handle, */ kadm5_ret_t -kadm5_s_chpass_principal(void *server_handle, +kadm5_s_chpass_principal(void *server_handle, krb5_principal princ, const char *password) { @@ -141,7 +153,7 @@ kadm5_s_chpass_principal(void *server_handle, */ kadm5_ret_t -kadm5_s_chpass_principal_with_key(void *server_handle, +kadm5_s_chpass_principal_with_key(void *server_handle, krb5_principal princ, int n_key_data, krb5_key_data *key_data) @@ -154,8 +166,8 @@ kadm5_s_chpass_principal_with_key(void *server_handle, ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) return ret; - ret = context->db->hdb_fetch(context->context, context->db, princ, - HDB_F_GET_ANY, &ent); + ret = context->db->hdb_fetch_kvno(context->context, context->db, princ, 0, + HDB_F_GET_ANY|HDB_F_ADMIN_DATA, &ent); if(ret == HDB_ERR_NOENTRY) goto out; ret = _kadm5_set_keys2(context, &ent.entry, n_key_data, key_data); @@ -173,7 +185,7 @@ kadm5_s_chpass_principal_with_key(void *server_handle, if (ret) goto out2; - ret = context->db->hdb_store(context->context, context->db, + ret = context->db->hdb_store(context->context, context->db, HDB_F_REPLACE, &ent); if (ret) goto out2; diff --git a/lib/kadm5/client_glue.c b/lib/kadm5/client_glue.c index 24d91b3f0d6b..2783a9a4bec5 100644 --- a/lib/kadm5/client_glue.c +++ b/lib/kadm5/client_glue.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: client_glue.c 7464 1999-12-02 17:05:13Z joda $"); +RCSID("$Id$"); kadm5_ret_t kadm5_init_with_password(const char *client_name, diff --git a/lib/kadm5/common_glue.c b/lib/kadm5/common_glue.c index 48d9d845c0a4..59579223373f 100644 --- a/lib/kadm5/common_glue.c +++ b/lib/kadm5/common_glue.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: common_glue.c 17445 2006-05-05 10:37:46Z lha $"); +RCSID("$Id$"); #define __CALL(F, P) (*((kadm5_common_context*)server_handle)->funcs.F)P; diff --git a/lib/kadm5/context_s.c b/lib/kadm5/context_s.c index 6ac7a9cf2d1e..e121a48994b8 100644 --- a/lib/kadm5/context_s.c +++ b/lib/kadm5/context_s.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: context_s.c 22211 2007-12-07 19:27:27Z lha $"); +RCSID("$Id$"); static void set_funcs(kadm5_server_context *c) @@ -53,6 +53,8 @@ set_funcs(kadm5_server_context *c) SET(c, rename_principal); } +#ifndef NO_UNIX_SOCKETS + static void set_socket_name(krb5_context context, struct sockaddr_un *un) { @@ -61,7 +63,17 @@ set_socket_name(krb5_context context, struct sockaddr_un *un) memset(un, 0, sizeof(*un)); un->sun_family = AF_UNIX; strlcpy (un->sun_path, fn, sizeof(un->sun_path)); + } +#else + +static void +set_socket_info(krb5_context context, struct addrinfo **info) +{ + kadm5_log_signal_socket_info(context, 0, info); +} + +#endif static kadm5_ret_t find_db_spec(kadm5_server_context *ctx) @@ -75,27 +87,27 @@ find_db_spec(kadm5_server_context *ctx) ret = hdb_get_dbinfo(context, &info); if (ret) return ret; - + d = NULL; while ((d = hdb_dbinfo_get_next(info, d)) != NULL) { const char *p = hdb_dbinfo_get_realm(context, d); - + /* match default (realm-less) */ if(p != NULL && strcmp(ctx->config.realm, p) != 0) continue; - + p = hdb_dbinfo_get_dbname(context, d); if (p) ctx->config.dbname = strdup(p); - + p = hdb_dbinfo_get_acl_file(context, d); if (p) ctx->config.acl_file = strdup(p); - + p = hdb_dbinfo_get_mkey_file(context, d); if (p) ctx->config.stash_file = strdup(p); - + p = hdb_dbinfo_get_log_file(context, d); if (p) ctx->log_context.log_file = strdup(p); @@ -115,13 +127,17 @@ find_db_spec(kadm5_server_context *ctx) if (ctx->log_context.log_file == NULL) asprintf(&ctx->log_context.log_file, "%s/log", hdb_db_dir(context)); +#ifndef NO_UNIX_SOCKETS set_socket_name(context, &ctx->log_context.socket_name); +#else + set_socket_info(context, &ctx->log_context.socket_info); +#endif return 0; } kadm5_ret_t -_kadm5_s_init_context(kadm5_server_context **ctx, +_kadm5_s_init_context(kadm5_server_context **ctx, kadm5_config_params *params, krb5_context context) { @@ -143,11 +159,11 @@ _kadm5_s_init_context(kadm5_server_context **ctx, (*ctx)->config.acl_file = strdup(params->acl_file); if(is_set(STASH_FILE)) (*ctx)->config.stash_file = strdup(params->stash_file); - + find_db_spec(*ctx); - + /* PROFILE can't be specified for now */ - /* KADMIND_PORT is supposed to be used on the server also, + /* KADMIND_PORT is supposed to be used on the server also, but this doesn't make sense */ /* ADMIN_SERVER is client only */ /* ADNAME is not used at all (as far as I can tell) */ diff --git a/lib/kadm5/create_c.c b/lib/kadm5/create_c.c index 903a06af486f..e36b2969cf17 100644 --- a/lib/kadm5/create_c.c +++ b/lib/kadm5/create_c.c @@ -1,43 +1,43 @@ /* - * Copyright (c) 1997-2000, 2005-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2000, 2005-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: create_c.c 17445 2006-05-05 10:37:46Z lha $"); +RCSID("$Id$"); kadm5_ret_t kadm5_c_create_principal(void *server_handle, - kadm5_principal_ent_t princ, + kadm5_principal_ent_t princ, uint32_t mask, const char *password) { @@ -54,7 +54,7 @@ kadm5_c_create_principal(void *server_handle, sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); return ENOMEM; } krb5_store_int32(sp, kadm_create); @@ -63,17 +63,19 @@ kadm5_c_create_principal(void *server_handle, krb5_store_string(sp, password); ret = _kadm5_client_send(context, sp); krb5_storage_free(sp); + if (ret) + return ret; ret = _kadm5_client_recv(context, &reply); if(ret) return ret; sp = krb5_storage_from_data (&reply); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_data_free (&reply); return ENOMEM; } krb5_ret_int32(sp, &tmp); - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_storage_free(sp); krb5_data_free (&reply); return tmp; diff --git a/lib/kadm5/create_s.c b/lib/kadm5/create_s.c index 9465310cb586..04312c024ed3 100644 --- a/lib/kadm5/create_s.c +++ b/lib/kadm5/create_s.c @@ -1,53 +1,53 @@ /* - * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: create_s.c 20607 2007-05-08 07:11:11Z lha $"); +RCSID("$Id$"); static kadm5_ret_t -get_default(kadm5_server_context *context, krb5_principal princ, +get_default(kadm5_server_context *context, krb5_principal princ, kadm5_principal_ent_t def) { kadm5_ret_t ret; krb5_principal def_principal; - krb5_realm *realm = krb5_princ_realm(context->context, princ); + krb5_const_realm realm = krb5_principal_get_realm(context->context, princ); - ret = krb5_make_principal(context->context, &def_principal, - *realm, "default", NULL); + ret = krb5_make_principal(context->context, &def_principal, + realm, "default", NULL); if (ret) return ret; - ret = kadm5_s_get_principal(context, def_principal, def, + ret = kadm5_s_get_principal(context, def_principal, def, KADM5_PRINCIPAL_NORMAL_MASK); krb5_free_principal (context->context, def_principal); return ret; @@ -64,7 +64,7 @@ create_principal(kadm5_server_context *context, kadm5_ret_t ret; kadm5_principal_ent_rec defrec, *defent; uint32_t def_mask; - + if((mask & required_mask) != required_mask) return KADM5_BAD_MASK; if((mask & forbidden_mask)) @@ -73,11 +73,11 @@ create_principal(kadm5_server_context *context, /* XXX no real policies for now */ return KADM5_UNK_POLICY; memset(ent, 0, sizeof(*ent)); - ret = krb5_copy_principal(context->context, princ->principal, + ret = krb5_copy_principal(context->context, princ->principal, &ent->entry.principal); if(ret) return ret; - + defent = &defrec; ret = get_default(context, princ->principal, defent); if(ret) { @@ -93,12 +93,13 @@ create_principal(kadm5_server_context *context, defent, def_mask); if(defent) kadm5_free_principal_ent(context, defent); - - ent->entry.created_by.time = time(NULL); - ret = krb5_copy_principal(context->context, context->caller, - &ent->entry.created_by.principal); + if (ret) + return ret; - return ret; + ent->entry.created_by.time = time(NULL); + + return krb5_copy_principal(context->context, context->caller, + &ent->entry.created_by.principal); } kadm5_ret_t @@ -112,10 +113,10 @@ kadm5_s_create_principal_with_key(void *server_handle, ret = create_principal(context, princ, mask, &ent, KADM5_PRINCIPAL | KADM5_KEY_DATA, - KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME - | KADM5_MOD_NAME | KADM5_MKVNO - | KADM5_AUX_ATTRIBUTES - | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS + KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME + | KADM5_MOD_NAME | KADM5_MKVNO + | KADM5_AUX_ATTRIBUTES + | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS | KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT); if(ret) goto out; @@ -126,7 +127,7 @@ kadm5_s_create_principal_with_key(void *server_handle, ret = hdb_seal_keys(context->context, context->db, &ent.entry); if (ret) goto out; - + ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) goto out; @@ -140,11 +141,11 @@ kadm5_s_create_principal_with_key(void *server_handle, hdb_free_entry(context->context, &ent); return _kadm5_error_code(ret); } - + kadm5_ret_t kadm5_s_create_principal(void *server_handle, - kadm5_principal_ent_t princ, + kadm5_principal_ent_t princ, uint32_t mask, const char *password) { @@ -154,10 +155,10 @@ kadm5_s_create_principal(void *server_handle, ret = create_principal(context, princ, mask, &ent, KADM5_PRINCIPAL, - KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME - | KADM5_MOD_NAME | KADM5_MKVNO + KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME + | KADM5_MOD_NAME | KADM5_MKVNO | KADM5_AUX_ATTRIBUTES | KADM5_KEY_DATA - | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS + | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS | KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT); if(ret) goto out; @@ -175,7 +176,7 @@ kadm5_s_create_principal(void *server_handle, ret = hdb_seal_keys(context->context, context->db, &ent.entry); if (ret) goto out; - + ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) goto out; diff --git a/lib/kadm5/default_keys.c b/lib/kadm5/default_keys.c index 2a851cd8babf..6719e38461db 100644 --- a/lib/kadm5/default_keys.c +++ b/lib/kadm5/default_keys.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" #include -RCSID("$Id: default_keys.c 22494 2008-01-21 11:56:44Z lha $"); +RCSID("$Id$"); static void print_keys(krb5_context context, Key *keys, size_t nkeys) @@ -72,7 +72,7 @@ print_keys(krb5_context context, Key *keys, size_t nkeys) if (keys[i].salt->salt.length) printf("%.*s", (int)keys[i].salt->salt.length, (char *)keys[i].salt->salt.data); - } + } printf("\n"); } printf("end keys:\n"); @@ -102,7 +102,7 @@ main(int argc, char **argv) krb5_principal principal; ret = krb5_init_context(&context); - if (ret) + if (ret) errx(1, "krb5_init_context"); ret = krb5_parse_name(context, "lha@SU.SE", &principal); diff --git a/lib/kadm5/delete_c.c b/lib/kadm5/delete_c.c index 5018fd6cbf19..2c4ed77494d8 100644 --- a/lib/kadm5/delete_c.c +++ b/lib/kadm5/delete_c.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: delete_c.c 16661 2006-01-25 12:50:10Z lha $"); +RCSID("$Id$"); kadm5_ret_t kadm5_c_delete_principal(void *server_handle, krb5_principal princ) @@ -51,7 +51,7 @@ kadm5_c_delete_principal(void *server_handle, krb5_principal princ) sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); return ENOMEM; } krb5_store_int32(sp, kadm_delete); @@ -65,12 +65,12 @@ kadm5_c_delete_principal(void *server_handle, krb5_principal princ) return ret; sp = krb5_storage_from_data (&reply); if(sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_data_free (&reply); return ENOMEM; } krb5_ret_int32(sp, &tmp); - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_storage_free(sp); krb5_data_free (&reply); return tmp; diff --git a/lib/kadm5/delete_s.c b/lib/kadm5/delete_s.c index b4e5a37467fc..7f8f537b06c0 100644 --- a/lib/kadm5/delete_s.c +++ b/lib/kadm5/delete_s.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2001, 2003, 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001, 2003, 2005 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: delete_s.c 20612 2007-05-08 07:13:45Z lha $"); +RCSID("$Id$"); kadm5_ret_t kadm5_s_delete_principal(void *server_handle, krb5_principal princ) @@ -48,15 +48,15 @@ kadm5_s_delete_principal(void *server_handle, krb5_principal princ) krb5_warn(context->context, ret, "opening database"); return ret; } - ret = context->db->hdb_fetch(context->context, context->db, princ, - HDB_F_DECRYPT|HDB_F_GET_ANY, &ent); + ret = context->db->hdb_fetch_kvno(context->context, context->db, princ, + HDB_F_DECRYPT|HDB_F_GET_ANY|HDB_F_ADMIN_DATA, 0, &ent); if(ret == HDB_ERR_NOENTRY) goto out; if(ent.entry.flags.immutable) { ret = KADM5_PROTECT_PRINCIPAL; goto out2; } - + ret = hdb_seal_keys(context->context, context->db, &ent.entry); if (ret) goto out2; diff --git a/lib/kadm5/destroy_c.c b/lib/kadm5/destroy_c.c index 9ae2e9d17cb6..06a08025694e 100644 --- a/lib/kadm5/destroy_c.c +++ b/lib/kadm5/destroy_c.c @@ -1,41 +1,41 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: destroy_c.c 13198 2003-12-07 19:01:39Z lha $"); +RCSID("$Id$"); -kadm5_ret_t +kadm5_ret_t kadm5_c_destroy(void *server_handle) { kadm5_client_context *context = server_handle; diff --git a/lib/kadm5/destroy_s.c b/lib/kadm5/destroy_s.c index edfc6b53b9c9..25fc48ba214e 100644 --- a/lib/kadm5/destroy_s.c +++ b/lib/kadm5/destroy_s.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: destroy_s.c 12880 2003-09-19 00:25:35Z lha $"); +RCSID("$Id$"); /* * dealloc a `kadm5_config_params' @@ -56,14 +56,20 @@ static void destroy_kadm5_log_context (kadm5_log_context *c) { free (c->log_file); - close (c->socket_fd); + rk_closesocket (c->socket_fd); +#ifdef NO_UNIX_SOCKETS + if (c->socket_info) { + freeaddrinfo(c->socket_info); + c->socket_info = NULL; + } +#endif } /* * destroy a kadm5 handle */ -kadm5_ret_t +kadm5_ret_t kadm5_s_destroy(void *server_handle) { kadm5_ret_t ret; diff --git a/lib/kadm5/ent_setup.c b/lib/kadm5/ent_setup.c index dfc4a9b5aae0..f2d1f2f285bd 100644 --- a/lib/kadm5/ent_setup.c +++ b/lib/kadm5/ent_setup.c @@ -1,39 +1,41 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: ent_setup.c 18823 2006-10-22 10:15:53Z lha $"); +RCSID("$Id$"); #define set_value(X, V) do { if((X) == NULL) (X) = malloc(sizeof(*(X))); *(X) = V; } while(0) #define set_null(X) do { if((X) != NULL) free((X)); (X) = NULL; } while (0) @@ -66,7 +68,7 @@ attr_to_flags(unsigned attr, HDBFlags *flags) static kadm5_ret_t perform_tl_data(krb5_context context, HDB *db, - hdb_entry_ex *ent, + hdb_entry_ex *ent, const krb5_tl_data *tl_data) { kadm5_ret_t ret = 0; @@ -101,7 +103,7 @@ perform_tl_data(krb5_context context, NULL); if (ret) return KADM5_BAD_TL_TYPE; - + ret = hdb_replace_extension(context, &ent->entry, &ext); free_HDB_extension(&ext); } else { @@ -110,6 +112,17 @@ perform_tl_data(krb5_context context, return ret; } +static void +default_flags(hdb_entry_ex *ent, int server) +{ + ent->entry.flags.client = 1; + ent->entry.flags.server = !!server; + ent->entry.flags.forwardable = 1; + ent->entry.flags.proxiable = 1; + ent->entry.flags.renewable = 1; + ent->entry.flags.postdate = 1; +} + /* * Create the hdb entry `ent' based on data from `princ' with @@ -121,7 +134,7 @@ kadm5_ret_t _kadm5_setup_entry(kadm5_server_context *context, hdb_entry_ex *ent, uint32_t mask, - kadm5_principal_ent_t princ, + kadm5_principal_ent_t princ, uint32_t princ_mask, kadm5_principal_ent_t def, uint32_t def_mask) @@ -147,14 +160,10 @@ _kadm5_setup_entry(kadm5_server_context *context, attr_to_flags(def->attributes, &ent->entry.flags); ent->entry.flags.invalid = 0; } else { - ent->entry.flags.client = 1; - ent->entry.flags.server = 1; - ent->entry.flags.forwardable = 1; - ent->entry.flags.proxiable = 1; - ent->entry.flags.renewable = 1; - ent->entry.flags.postdate = 1; + default_flags(ent, 1); } } + if(mask & KADM5_MAX_LIFE) { if(princ_mask & KADM5_MAX_LIFE) { if(princ->max_life) diff --git a/lib/kadm5/error.c b/lib/kadm5/error.c index 46211d2b1111..e6a6dec56015 100644 --- a/lib/kadm5/error.c +++ b/lib/kadm5/error.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: error.c 7464 1999-12-02 17:05:13Z joda $"); +RCSID("$Id$"); kadm5_ret_t _kadm5_error_code(kadm5_ret_t code) diff --git a/lib/kadm5/flush.c b/lib/kadm5/flush.c index ad1574f02883..4409fe6dc06a 100644 --- a/lib/kadm5/flush.c +++ b/lib/kadm5/flush.c @@ -1,47 +1,47 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: flush.c 7464 1999-12-02 17:05:13Z joda $"); +RCSID("$Id$"); -kadm5_ret_t +kadm5_ret_t kadm5_s_flush(void *server_handle) { return 0; } -kadm5_ret_t +kadm5_ret_t kadm5_c_flush(void *server_handle) { return 0; diff --git a/lib/kadm5/flush_c.c b/lib/kadm5/flush_c.c index 748a49a8e2c5..c1a2a0a1cba5 100644 --- a/lib/kadm5/flush_c.c +++ b/lib/kadm5/flush_c.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,9 +32,9 @@ #include "kadm5_locl.h" -RCSID("$Id: flush_c.c 5723 1999-03-23 18:23:37Z joda $"); +RCSID("$Id$"); -kadm5_ret_t +kadm5_ret_t kadm5_c_flush(void *server_handle) { return 0; diff --git a/lib/kadm5/flush_s.c b/lib/kadm5/flush_s.c index 9bed0c6ce0b4..9a52458310f9 100644 --- a/lib/kadm5/flush_s.c +++ b/lib/kadm5/flush_s.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,9 +32,9 @@ #include "kadm5_locl.h" -RCSID("$Id: flush_s.c 5723 1999-03-23 18:23:37Z joda $"); +RCSID("$Id$"); -kadm5_ret_t +kadm5_ret_t kadm5_s_flush(void *server_handle) { return 0; diff --git a/lib/kadm5/free.c b/lib/kadm5/free.c index 1f1740d1eb16..670bc2c2aba5 100644 --- a/lib/kadm5/free.c +++ b/lib/kadm5/free.c @@ -1,49 +1,49 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: free.c 7464 1999-12-02 17:05:13Z joda $"); +RCSID("$Id$"); -void +void kadm5_free_key_data(void *server_handle, - int16_t *n_key_data, + int16_t *n_key_data, krb5_key_data *key_data) { int i; for(i = 0; i < *n_key_data; i++){ if(key_data[i].key_data_contents[0]){ - memset(key_data[i].key_data_contents[0], + memset(key_data[i].key_data_contents[0], 0, key_data[i].key_data_length[0]); free(key_data[i].key_data_contents[0]); @@ -55,7 +55,7 @@ kadm5_free_key_data(void *server_handle, } -void +void kadm5_free_principal_ent(void *server_handle, kadm5_principal_ent_t princ) { @@ -78,9 +78,9 @@ kadm5_free_principal_ent(void *server_handle, free (princ->key_data); } -void +void kadm5_free_name_list(void *server_handle, - char **names, + char **names, int *count) { int i; diff --git a/lib/kadm5/get_c.c b/lib/kadm5/get_c.c index 5f9724f86f87..3c31a515b2f3 100644 --- a/lib/kadm5/get_c.c +++ b/lib/kadm5/get_c.c @@ -1,44 +1,44 @@ /* - * Copyright (c) 1997 - 2000, 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000, 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: get_c.c 17445 2006-05-05 10:37:46Z lha $"); +RCSID("$Id$"); kadm5_ret_t -kadm5_c_get_principal(void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, +kadm5_c_get_principal(void *server_handle, + krb5_principal princ, + kadm5_principal_ent_t out, uint32_t mask) { kadm5_client_context *context = server_handle; @@ -54,7 +54,7 @@ kadm5_c_get_principal(void *server_handle, sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); return ENOMEM; } krb5_store_int32(sp, kadm_get); @@ -69,13 +69,13 @@ kadm5_c_get_principal(void *server_handle, return ret; sp = krb5_storage_from_data (&reply); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_data_free (&reply); return ENOMEM; } krb5_ret_int32(sp, &tmp); ret = tmp; - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); if(ret == 0) kadm5_ret_principal_ent(sp, out); krb5_storage_free(sp); diff --git a/lib/kadm5/get_princs_c.c b/lib/kadm5/get_princs_c.c index 81a3cfdb7b19..d5e3461d844a 100644 --- a/lib/kadm5/get_princs_c.c +++ b/lib/kadm5/get_princs_c.c @@ -1,44 +1,44 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: get_princs_c.c 15484 2005-06-17 05:21:07Z lha $"); +RCSID("$Id$"); kadm5_ret_t -kadm5_c_get_principals(void *server_handle, +kadm5_c_get_principals(void *server_handle, const char *expression, - char ***princs, + char ***princs, int *count) { kadm5_client_context *context = server_handle; @@ -61,6 +61,8 @@ kadm5_c_get_principals(void *server_handle, krb5_store_string(sp, expression); ret = _kadm5_client_send(context, sp); krb5_storage_free(sp); + if (ret) + return ret; ret = _kadm5_client_recv(context, &reply); if(ret) return ret; diff --git a/lib/kadm5/get_princs_s.c b/lib/kadm5/get_princs_s.c index cab6ef7467cf..55c8f2e98b60 100644 --- a/lib/kadm5/get_princs_s.c +++ b/lib/kadm5/get_princs_s.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: get_princs_s.c 16378 2005-12-12 12:40:12Z lha $"); +RCSID("$Id$"); struct foreach_data { const char *exp; @@ -77,9 +77,9 @@ foreach(krb5_context context, HDB *db, hdb_entry_ex *ent, void *data) } kadm5_ret_t -kadm5_s_get_principals(void *server_handle, +kadm5_s_get_principals(void *server_handle, const char *expression, - char ***princs, + char ***princs, int *count) { struct foreach_data d; @@ -99,7 +99,7 @@ kadm5_s_get_principals(void *server_handle, } d.princs = NULL; d.count = 0; - ret = hdb_foreach(context->context, context->db, 0, foreach, &d); + ret = hdb_foreach(context->context, context->db, HDB_F_ADMIN_DATA, foreach, &d); context->db->hdb_close(context->context, context->db); if(ret == 0) ret = add_princ(&d, NULL); diff --git a/lib/kadm5/get_s.c b/lib/kadm5/get_s.c index 5d0db9bc82a7..e03585e222a8 100644 --- a/lib/kadm5/get_s.c +++ b/lib/kadm5/get_s.c @@ -1,42 +1,42 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: get_s.c 21745 2007-07-31 16:11:25Z lha $"); +RCSID("$Id$"); static kadm5_ret_t -add_tl_data(kadm5_principal_ent_t ent, int16_t type, +add_tl_data(kadm5_principal_ent_t ent, int16_t type, const void *data, size_t size) { krb5_tl_data *tl; @@ -48,7 +48,7 @@ add_tl_data(kadm5_principal_ent_t ent, int16_t type, tl->tl_data_type = type; tl->tl_data_length = size; tl->tl_data_contents = malloc(size); - if (tl->tl_data_contents == NULL) { + if (tl->tl_data_contents == NULL && size != 0) { free(tl); return _kadm5_error_code(ENOMEM); } @@ -61,32 +61,32 @@ add_tl_data(kadm5_principal_ent_t ent, int16_t type, return 0; } -krb5_ssize_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL _krb5_put_int(void *buffer, unsigned long value, size_t size); /* XXX */ kadm5_ret_t -kadm5_s_get_principal(void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, +kadm5_s_get_principal(void *server_handle, + krb5_principal princ, + kadm5_principal_ent_t out, uint32_t mask) { kadm5_server_context *context = server_handle; kadm5_ret_t ret; hdb_entry_ex ent; - + memset(&ent, 0, sizeof(ent)); ret = context->db->hdb_open(context->context, context->db, O_RDONLY, 0); if(ret) return ret; - ret = context->db->hdb_fetch(context->context, context->db, princ, - HDB_F_DECRYPT|HDB_F_GET_ANY, &ent); + ret = context->db->hdb_fetch_kvno(context->context, context->db, princ, + HDB_F_DECRYPT|HDB_F_GET_ANY|HDB_F_ADMIN_DATA, 0, &ent); context->db->hdb_close(context->context, context->db); if(ret) return _kadm5_error_code(ret); memset(out, 0, sizeof(*out)); if(mask & KADM5_PRINCIPAL) - ret = krb5_copy_principal(context->context, ent.entry.principal, + ret = krb5_copy_principal(context->context, ent.entry.principal, &out->principal); if(ret) goto out; @@ -126,11 +126,11 @@ kadm5_s_get_principal(void *server_handle, if(mask & KADM5_MOD_NAME) { if(ent.entry.modified_by) { if (ent.entry.modified_by->principal != NULL) - ret = krb5_copy_principal(context->context, + ret = krb5_copy_principal(context->context, ent.entry.modified_by->principal, &out->mod_name); } else if(ent.entry.created_by.principal != NULL) - ret = krb5_copy_principal(context->context, + ret = krb5_copy_principal(context->context, ent.entry.created_by.principal, &out->mod_name); else @@ -142,7 +142,7 @@ kadm5_s_get_principal(void *server_handle, if(mask & KADM5_KVNO) out->kvno = ent.entry.kvno; if(mask & KADM5_MKVNO) { - int n; + size_t n; out->mkvno = 0; /* XXX */ for(n = 0; n < ent.entry.keys.len; n++) if(ent.entry.keys.val[n].mkvno) { @@ -150,8 +150,16 @@ kadm5_s_get_principal(void *server_handle, break; } } +#if 0 /* XXX implement */ if(mask & KADM5_AUX_ATTRIBUTES) - /* XXX implement */; + ; + if(mask & KADM5_LAST_SUCCESS) + ; + if(mask & KADM5_LAST_FAILED) + ; + if(mask & KADM5_FAIL_AUTH_COUNT) + ; +#endif if(mask & KADM5_POLICY) out->policy = NULL; if(mask & KADM5_MAX_RLIFE) { @@ -160,21 +168,15 @@ kadm5_s_get_principal(void *server_handle, else out->max_renewable_life = INT_MAX; } - if(mask & KADM5_LAST_SUCCESS) - /* XXX implement */; - if(mask & KADM5_LAST_FAILED) - /* XXX implement */; - if(mask & KADM5_FAIL_AUTH_COUNT) - /* XXX implement */; if(mask & KADM5_KEY_DATA){ - int i; + size_t i; Key *key; krb5_key_data *kd; krb5_salt salt; krb5_data *sp; krb5_get_pw_salt(context->context, ent.entry.principal, &salt); out->key_data = malloc(ent.entry.keys.len * sizeof(*out->key_data)); - if (out->key_data == NULL) { + if (out->key_data == NULL && ent.entry.keys.len != 0) { ret = ENOMEM; goto out; } @@ -191,11 +193,11 @@ kadm5_s_get_principal(void *server_handle, /* setup key */ kd->key_data_length[0] = key->key.keyvalue.length; kd->key_data_contents[0] = malloc(kd->key_data_length[0]); - if(kd->key_data_contents[0] == NULL){ + if(kd->key_data_contents[0] == NULL && kd->key_data_length[0] != 0){ ret = ENOMEM; break; } - memcpy(kd->key_data_contents[0], key->key.keyvalue.data, + memcpy(kd->key_data_contents[0], key->key.keyvalue.data, kd->key_data_length[0]); /* setup salt */ if(key->salt) @@ -221,6 +223,7 @@ kadm5_s_get_principal(void *server_handle, } if(mask & KADM5_TL_DATA) { time_t last_pw_expire; + const HDB_Ext_PKINIT_acl *acl; const HDB_Ext_Aliases *aliases; ret = hdb_entry_get_pw_change_time(&ent.entry, &last_pw_expire); @@ -233,21 +236,46 @@ kadm5_s_get_principal(void *server_handle, kadm5_free_principal_ent(context, out); goto out; } - /* + /* * If the client was allowed to get key data, let it have the * password too. */ if(mask & KADM5_KEY_DATA) { heim_utf8_string pw; - ret = hdb_entry_get_password(context->context, + ret = hdb_entry_get_password(context->context, context->db, &ent.entry, &pw); if (ret == 0) { ret = add_tl_data(out, KRB5_TL_PASSWORD, pw, strlen(pw) + 1); free(pw); } - krb5_clear_error_string(context->context); - ret = 0; + krb5_clear_error_message(context->context); + } + + ret = hdb_entry_get_pkinit_acl(&ent.entry, &acl); + if (ret == 0 && acl) { + krb5_data buf; + size_t len; + + ASN1_MALLOC_ENCODE(HDB_Ext_PKINIT_acl, buf.data, buf.length, + acl, &len, ret); + if (ret) { + kadm5_free_principal_ent(context, out); + goto out; + } + if (len != buf.length) + krb5_abortx(context->context, + "internal ASN.1 encoder error"); + ret = add_tl_data(out, KRB5_TL_PKINIT_ACL, buf.data, buf.length); + free(buf.data); + if (ret) { + kadm5_free_principal_ent(context, out); + goto out; + } + } + if(ret){ + kadm5_free_principal_ent(context, out); + goto out; } ret = hdb_entry_get_aliases(&ent.entry, &aliases); diff --git a/lib/kadm5/init_c.c b/lib/kadm5/init_c.c index be539924b4bc..1623ed1a995d 100644 --- a/lib/kadm5/init_c.c +++ b/lib/kadm5/init_c.c @@ -1,43 +1,49 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" #include +#ifdef HAVE_SYS_SOCKET_H #include +#endif +#ifdef HAVE_NETINET_IN_H #include +#endif +#ifdef HAVE_NETDB_H #include +#endif -RCSID("$Id: init_c.c 21972 2007-10-18 19:11:15Z lha $"); +RCSID("$Id$"); static void set_funcs(kadm5_client_context *c) @@ -58,7 +64,7 @@ set_funcs(kadm5_client_context *c) } kadm5_ret_t -_kadm5_c_init_context(kadm5_client_context **ctx, +_kadm5_c_init_context(kadm5_client_context **ctx, kadm5_config_params *params, krb5_context context) { @@ -117,7 +123,7 @@ _kadm5_c_init_context(kadm5_client_context **ctx, (*ctx)->kadmind_port = htons(strtol (colon, &end, 0)); } if ((*ctx)->kadmind_port == 0) - (*ctx)->kadmind_port = krb5_getportbyname (context, "kerberos-adm", + (*ctx)->kadmind_port = krb5_getportbyname (context, "kerberos-adm", "tcp", 749); return 0; } @@ -130,11 +136,11 @@ get_kadm_ticket(krb5_context context, { krb5_error_code ret; krb5_creds in, *out; - + memset(&in, 0, sizeof(in)); in.client = client; ret = krb5_parse_name(context, server_name, &in.server); - if(ret) + if(ret) return ret; ret = krb5_get_credentials(context, 0, id, &in, &out); if(ret == 0) @@ -156,14 +162,14 @@ get_new_cache(krb5_context context, krb5_creds cred; krb5_get_init_creds_opt *opt; krb5_ccache id; - + ret = krb5_get_init_creds_opt_alloc (context, &opt); if (ret) return ret; - krb5_get_init_creds_opt_set_default_flags(context, "kadmin", - krb5_principal_get_realm(context, - client), + krb5_get_init_creds_opt_set_default_flags(context, "kadmin", + krb5_principal_get_realm(context, + client), opt); @@ -210,7 +216,7 @@ get_new_cache(krb5_context context, default: return ret; } - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); + ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, &id); if(ret) return ret; ret = krb5_cc_initialize (context, id, cred.client); @@ -225,7 +231,7 @@ get_new_cache(krb5_context context, } /* - * Check the credential cache `id´ to figure out what principal to use + * Check the credential cache `id´ to figure out what principal to use * when talking to the kadmind. If there is a initial kadmin/admin@ * credential in the cache, use that client principal. Otherwise, use * the client principals first component and add /admin to the @@ -246,7 +252,7 @@ get_cache_principal(krb5_context context, *id = NULL; return ret; } - + ret = krb5_cc_get_principal(context, *id, &p1); if(ret) { krb5_cc_close(context, *id); @@ -254,7 +260,7 @@ get_cache_principal(krb5_context context, return ret; } - ret = krb5_make_principal(context, &p2, NULL, + ret = krb5_make_principal(context, &p2, NULL, "kadmin", "admin", NULL); if (ret) { krb5_cc_close(context, *id); @@ -319,16 +325,16 @@ _kadm5_c_get_cred_cache(krb5_context context, krb5_error_code ret; krb5_ccache id = NULL; krb5_principal default_client = NULL, client = NULL; - + /* treat empty password as NULL */ if(password && *password == '\0') password = NULL; if(server_name == NULL) server_name = KADM5_ADMIN_SERVICE; - + if(client_name != NULL) { ret = krb5_parse_name(context, client_name, &client); - if(ret) + if(ret) return ret; } @@ -342,7 +348,7 @@ _kadm5_c_get_cred_cache(krb5_context context, ret = get_cache_principal(context, &id, &default_client); if (ret) { - /* + /* * No client was specified by the caller and we cannot * determine the client from a credentials cache. */ @@ -351,10 +357,10 @@ _kadm5_c_get_cred_cache(krb5_context context, user = get_default_username (); if(user == NULL) { - krb5_set_error_string(context, "Unable to find local user name"); + krb5_set_error_message(context, KADM5_FAILURE, "Unable to find local user name"); return KADM5_FAILURE; } - ret = krb5_make_principal(context, &default_client, + ret = krb5_make_principal(context, &default_client, NULL, user, "admin", NULL); if(ret) return ret; @@ -369,9 +375,9 @@ _kadm5_c_get_cred_cache(krb5_context context, if (client == NULL && default_client != NULL) client = default_client; - - if(id && (default_client == NULL || - krb5_principal_compare(context, client, default_client))) { + + if(id && client && (default_client == NULL || + krb5_principal_compare(context, client, default_client) != 0)) { ret = get_kadm_ticket(context, id, client, server_name); if(ret == 0) { *ret_cache = id; @@ -390,7 +396,7 @@ _kadm5_c_get_cred_cache(krb5_context context, if (client != default_client) krb5_free_principal(context, default_client); - ret = get_new_cache(context, client, password, prompter, keytab, + ret = get_new_cache(context, client, password, prompter, keytab, server_name, ret_cache); krb5_free_principal(context, client); return ret; @@ -402,7 +408,7 @@ kadm_connect(kadm5_client_context *ctx) kadm5_ret_t ret; krb5_principal server; krb5_ccache cc; - int s; + rk_socket_t s = rk_INVALID_SOCKET; struct addrinfo *ai, *a; struct addrinfo hints; int error; @@ -414,7 +420,7 @@ kadm_connect(kadm5_client_context *ctx) memset (&hints, 0, sizeof(hints)); hints.ai_socktype = SOCK_STREAM; hints.ai_protocol = IPPROTO_TCP; - + snprintf (portstr, sizeof(portstr), "%u", ntohs(ctx->kadmind_port)); hostname = ctx->admin_server; @@ -424,37 +430,37 @@ kadm_connect(kadm5_client_context *ctx) error = getaddrinfo (hostname, portstr, &hints, &ai); if (error) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return KADM5_BAD_SERVER_NAME; } - + for (a = ai; a != NULL; a = a->ai_next) { s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); if (s < 0) continue; if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); krb5_warn (context, errno, "connect(%s)", hostname); - close (s); + rk_closesocket (s); continue; } break; } if (a == NULL) { freeaddrinfo (ai); - krb5_clear_error_string(context); + krb5_clear_error_message(context); krb5_warnx (context, "failed to contact %s", hostname); return KADM5_FAILURE; } ret = _kadm5_c_get_cred_cache(context, - ctx->client_name, - ctx->service_name, - NULL, ctx->prompter, ctx->keytab, + ctx->client_name, + ctx->service_name, + NULL, ctx->prompter, ctx->keytab, ctx->ccache, &cc); - + if(ret) { freeaddrinfo (ai); - close(s); + rk_closesocket(s); return ret; } @@ -465,8 +471,8 @@ kadm_connect(kadm5_client_context *ctx) if (service_name == NULL) { freeaddrinfo (ai); - close(s); - krb5_clear_error_string(context); + rk_closesocket(s); + krb5_clear_error_message(context); return ENOMEM; } @@ -476,14 +482,14 @@ kadm_connect(kadm5_client_context *ctx) freeaddrinfo (ai); if(ctx->ccache == NULL) krb5_cc_close(context, cc); - close(s); + rk_closesocket(s); return ret; } ctx->ac = NULL; - ret = krb5_sendauth(context, &ctx->ac, &s, - KADMIN_APPL_VERSION, NULL, - server, AP_OPTS_MUTUAL_REQUIRED, + ret = krb5_sendauth(context, &ctx->ac, &s, + KADMIN_APPL_VERSION, NULL, + server, AP_OPTS_MUTUAL_REQUIRED, NULL, NULL, cc, NULL, NULL, NULL); if(ret == 0) { krb5_data params; @@ -494,47 +500,47 @@ kadm_connect(kadm5_client_context *ctx) p.realm = ctx->realm; } ret = _kadm5_marshal_params(context, &p, ¶ms); - + ret = krb5_write_priv_message(context, ctx->ac, &s, ¶ms); krb5_data_free(¶ms); if(ret) { freeaddrinfo (ai); - close(s); + rk_closesocket(s); if(ctx->ccache == NULL) krb5_cc_close(context, cc); return ret; } } else if(ret == KRB5_SENDAUTH_BADAPPLVERS) { - close(s); + rk_closesocket(s); s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); if (s < 0) { freeaddrinfo (ai); - krb5_clear_error_string(context); + krb5_clear_error_message(context); return errno; } if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - close (s); + rk_closesocket (s); freeaddrinfo (ai); - krb5_clear_error_string(context); + krb5_clear_error_message(context); return errno; } - ret = krb5_sendauth(context, &ctx->ac, &s, - KADMIN_OLD_APPL_VERSION, NULL, - server, AP_OPTS_MUTUAL_REQUIRED, + ret = krb5_sendauth(context, &ctx->ac, &s, + KADMIN_OLD_APPL_VERSION, NULL, + server, AP_OPTS_MUTUAL_REQUIRED, NULL, NULL, cc, NULL, NULL, NULL); } freeaddrinfo (ai); if(ret) { - close(s); + rk_closesocket(s); return ret; } - + krb5_free_principal(context, server); if(ctx->ccache == NULL) krb5_cc_close(context, cc); ctx->sock = s; - + return 0; } @@ -547,9 +553,9 @@ _kadm5_connect(void *handle) return 0; } -static kadm5_ret_t +static kadm5_ret_t kadm5_c_init_with_context(krb5_context context, - const char *client_name, + const char *client_name, const char *password, krb5_prompter_fct prompter, const char *keytab, @@ -569,15 +575,15 @@ kadm5_c_init_with_context(krb5_context context, return ret; if(password != NULL && *password != '\0') { - ret = _kadm5_c_get_cred_cache(context, + ret = _kadm5_c_get_cred_cache(context, client_name, - service_name, + service_name, password, prompter, keytab, ccache, &cc); if(ret) return ret; /* XXX */ ccache = cc; } - + if (client_name != NULL) ctx->client_name = strdup(client_name); @@ -592,13 +598,13 @@ kadm5_c_init_with_context(krb5_context context, ctx->ccache = ccache; /* maybe we should copy the params here */ ctx->sock = -1; - + *server_handle = ctx; return 0; } -static kadm5_ret_t -init_context(const char *client_name, +static kadm5_ret_t +init_context(const char *client_name, const char *password, krb5_prompter_fct prompter, const char *keytab, @@ -612,7 +618,7 @@ init_context(const char *client_name, krb5_context context; kadm5_ret_t ret; kadm5_server_context *ctx; - + ret = krb5_init_context(&context); if (ret) return ret; @@ -636,9 +642,9 @@ init_context(const char *client_name, return 0; } -kadm5_ret_t +kadm5_ret_t kadm5_c_init_with_password_ctx(krb5_context context, - const char *client_name, + const char *client_name, const char *password, const char *service_name, kadm5_config_params *realm_params, @@ -659,8 +665,8 @@ kadm5_c_init_with_password_ctx(krb5_context context, server_handle); } -kadm5_ret_t -kadm5_c_init_with_password(const char *client_name, +kadm5_ret_t +kadm5_c_init_with_password(const char *client_name, const char *password, const char *service_name, kadm5_config_params *realm_params, @@ -668,21 +674,21 @@ kadm5_c_init_with_password(const char *client_name, unsigned long api_version, void **server_handle) { - return init_context(client_name, - password, + return init_context(client_name, + password, krb5_prompter_posix, NULL, NULL, - service_name, - realm_params, - struct_version, - api_version, + service_name, + realm_params, + struct_version, + api_version, server_handle); } -kadm5_ret_t +kadm5_ret_t kadm5_c_init_with_skey_ctx(krb5_context context, - const char *client_name, + const char *client_name, const char *keytab, const char *service_name, kadm5_config_params *realm_params, @@ -704,8 +710,8 @@ kadm5_c_init_with_skey_ctx(krb5_context context, } -kadm5_ret_t -kadm5_c_init_with_skey(const char *client_name, +kadm5_ret_t +kadm5_c_init_with_skey(const char *client_name, const char *keytab, const char *service_name, kadm5_config_params *realm_params, @@ -713,19 +719,19 @@ kadm5_c_init_with_skey(const char *client_name, unsigned long api_version, void **server_handle) { - return init_context(client_name, + return init_context(client_name, NULL, NULL, keytab, NULL, - service_name, - realm_params, - struct_version, - api_version, + service_name, + realm_params, + struct_version, + api_version, server_handle); } -kadm5_ret_t +kadm5_ret_t kadm5_c_init_with_creds_ctx(krb5_context context, const char *client_name, krb5_ccache ccache, @@ -748,7 +754,7 @@ kadm5_c_init_with_creds_ctx(krb5_context context, server_handle); } -kadm5_ret_t +kadm5_ret_t kadm5_c_init_with_creds(const char *client_name, krb5_ccache ccache, const char *service_name, @@ -757,20 +763,20 @@ kadm5_c_init_with_creds(const char *client_name, unsigned long api_version, void **server_handle) { - return init_context(client_name, + return init_context(client_name, NULL, NULL, NULL, ccache, - service_name, - realm_params, - struct_version, - api_version, + service_name, + realm_params, + struct_version, + api_version, server_handle); } #if 0 -kadm5_ret_t +kadm5_ret_t kadm5_init(char *client_name, char *pass, char *service_name, kadm5_config_params *realm_params, diff --git a/lib/kadm5/init_s.c b/lib/kadm5/init_s.c index dee464b4b9a4..1001fce6ddc6 100644 --- a/lib/kadm5/init_s.c +++ b/lib/kadm5/init_s.c @@ -1,44 +1,44 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: init_s.c 9441 2000-12-31 08:01:16Z assar $"); +RCSID("$Id$"); -static kadm5_ret_t +static kadm5_ret_t kadm5_s_init_with_context(krb5_context context, - const char *client_name, + const char *client_name, const char *service_name, kadm5_config_params *realm_params, unsigned long struct_version, @@ -55,19 +55,29 @@ kadm5_s_init_with_context(krb5_context context, assert(ctx->config.stash_file != NULL); assert(ctx->config.acl_file != NULL); assert(ctx->log_context.log_file != NULL); +#ifndef NO_UNIX_SOCKETS assert(ctx->log_context.socket_name.sun_path[0] != '\0'); +#else + assert(ctx->log_context.socket_info != NULL); +#endif ret = hdb_create(ctx->context, &ctx->db, ctx->config.dbname); if(ret) return ret; - ret = hdb_set_master_keyfile (ctx->context, + ret = hdb_set_master_keyfile (ctx->context, ctx->db, ctx->config.stash_file); if(ret) return ret; ctx->log_context.log_fd = -1; +#ifndef NO_UNIX_SOCKETS ctx->log_context.socket_fd = socket (AF_UNIX, SOCK_DGRAM, 0); +#else + ctx->log_context.socket_fd = socket (ctx->log_context.socket_info->ai_family, + ctx->log_context.socket_info->ai_socktype, + ctx->log_context.socket_info->ai_protocol); +#endif ret = krb5_parse_name(ctx->context, client_name, &ctx->caller); if(ret) @@ -76,14 +86,14 @@ kadm5_s_init_with_context(krb5_context context, ret = _kadm5_acl_init(ctx); if(ret) return ret; - + *server_handle = ctx; return 0; } -kadm5_ret_t +kadm5_ret_t kadm5_s_init_with_password_ctx(krb5_context context, - const char *client_name, + const char *client_name, const char *password, const char *service_name, kadm5_config_params *realm_params, @@ -100,8 +110,8 @@ kadm5_s_init_with_password_ctx(krb5_context context, server_handle); } -kadm5_ret_t -kadm5_s_init_with_password(const char *client_name, +kadm5_ret_t +kadm5_s_init_with_password(const char *client_name, const char *password, const char *service_name, kadm5_config_params *realm_params, @@ -116,13 +126,13 @@ kadm5_s_init_with_password(const char *client_name, ret = krb5_init_context(&context); if (ret) return ret; - ret = kadm5_s_init_with_password_ctx(context, - client_name, - password, - service_name, - realm_params, - struct_version, - api_version, + ret = kadm5_s_init_with_password_ctx(context, + client_name, + password, + service_name, + realm_params, + struct_version, + api_version, server_handle); if(ret){ krb5_free_context(context); @@ -133,9 +143,9 @@ kadm5_s_init_with_password(const char *client_name, return 0; } -kadm5_ret_t +kadm5_ret_t kadm5_s_init_with_skey_ctx(krb5_context context, - const char *client_name, + const char *client_name, const char *keytab, const char *service_name, kadm5_config_params *realm_params, @@ -152,7 +162,7 @@ kadm5_s_init_with_skey_ctx(krb5_context context, server_handle); } -kadm5_ret_t +kadm5_ret_t kadm5_s_init_with_skey(const char *client_name, const char *keytab, const char *service_name, @@ -168,13 +178,13 @@ kadm5_s_init_with_skey(const char *client_name, ret = krb5_init_context(&context); if (ret) return ret; - ret = kadm5_s_init_with_skey_ctx(context, - client_name, - keytab, - service_name, - realm_params, - struct_version, - api_version, + ret = kadm5_s_init_with_skey_ctx(context, + client_name, + keytab, + service_name, + realm_params, + struct_version, + api_version, server_handle); if(ret){ krb5_free_context(context); @@ -185,7 +195,7 @@ kadm5_s_init_with_skey(const char *client_name, return 0; } -kadm5_ret_t +kadm5_ret_t kadm5_s_init_with_creds_ctx(krb5_context context, const char *client_name, krb5_ccache ccache, @@ -204,7 +214,7 @@ kadm5_s_init_with_creds_ctx(krb5_context context, server_handle); } -kadm5_ret_t +kadm5_ret_t kadm5_s_init_with_creds(const char *client_name, krb5_ccache ccache, const char *service_name, @@ -220,13 +230,13 @@ kadm5_s_init_with_creds(const char *client_name, ret = krb5_init_context(&context); if (ret) return ret; - ret = kadm5_s_init_with_creds_ctx(context, - client_name, - ccache, - service_name, - realm_params, - struct_version, - api_version, + ret = kadm5_s_init_with_creds_ctx(context, + client_name, + ccache, + service_name, + realm_params, + struct_version, + api_version, server_handle); if(ret){ krb5_free_context(context); diff --git a/lib/kadm5/iprop-commands.in b/lib/kadm5/iprop-commands.in index 438594e01f59..78d88c9e36e3 100644 --- a/lib/kadm5/iprop-commands.in +++ b/lib/kadm5/iprop-commands.in @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan + * Copyright (c) 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -30,7 +30,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ -/* $Id: iprop-commands.in 20602 2007-05-08 03:08:35Z lha $ */ +/* $Id$ */ command = { name = "dump" diff --git a/lib/kadm5/iprop-log-version.rc b/lib/kadm5/iprop-log-version.rc new file mode 100644 index 000000000000..b8a2295771d5 --- /dev/null +++ b/lib/kadm5/iprop-log-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "IProp Log Tool" +#define RC_FILE_ORIG_0409 "iprop-log.exe" + +#include "../../windows/version.rc" diff --git a/lib/kadm5/iprop-log.8 b/lib/kadm5/iprop-log.8 index 599046b93fc3..7f84b0909d3a 100644 --- a/lib/kadm5/iprop-log.8 +++ b/lib/kadm5/iprop-log.8 @@ -1,110 +1,98 @@ -.\" $Id: iprop-log.8 21713 2007-07-27 14:38:49Z lha $ -.\" -.\" Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan +.\" $Id$ +.\" +.\" Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. .\" -.\" $Id: iprop-log.8 21713 2007-07-27 14:38:49Z lha $ +.\" $Id$ .\" .Dd February 18, 2007 .Dt IPROP-LOG 8 .Os Heimdal .Sh NAME .Nm iprop-log -.Nd -maintain the iprop log file +.Nd maintain the iprop log file .Sh SYNOPSIS .Nm -.Op Fl -version -.Op Fl h | Fl -help +.Op Fl Fl version +.Op Fl h | Fl Fl help .Ar command .Pp .Nm iprop-log truncate .Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file +.Fl Fl config-file= Ns Ar file .Xc .Oc .Oo Fl r Ar string \*(Ba Xo -.Fl -realm= Ns Ar string +.Fl Fl realm= Ns Ar string .Xc .Oc -.Op Fl h | Fl -help +.Op Fl h | Fl Fl help .Pp .Nm iprop-log dump .Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file +.Fl Fl config-file= Ns Ar file .Xc .Oc .Oo Fl r Ar string \*(Ba Xo -.Fl -realm= Ns Ar string +.Fl Fl realm= Ns Ar string .Xc .Oc -.Op Fl h | Fl -help +.Op Fl h | Fl Fl help .Pp .Nm iprop-log replay -.Op Fl -start-version= Ns Ar version-number -.Op Fl -end-version= Ns Ar version-number +.Op Fl Fl start-version= Ns Ar version-number +.Op Fl Fl end-version= Ns Ar version-number .Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file +.Fl Fl config-file= Ns Ar file .Xc .Oc .Oo Fl r Ar string \*(Ba Xo -.Fl -realm= Ns Ar string +.Fl Fl realm= Ns Ar string .Xc .Oc -.Op Fl h | Fl -help +.Op Fl h | Fl Fl help .Sh DESCRIPTION Supported options: .Bl -tag -width Ds -.It Xo -.Fl -version -.Xc -.It Xo -.Fl h , -.Fl -help -.Xc +.It Fl Fl version +.It Fl h , Fl Fl help .El .Pp command can be one of the following: .Bl -tag -width truncate .It truncate .Bl -tag -width Ds -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc +.It Fl c Ar file , Fl Fl config-file= Ns Ar file configuration file -.It Xo -.Fl r Ar string , -.Fl -realm= Ns Ar string -.Xc +.It Fl r Ar string , Fl Fl realm= Ns Ar string realm .El .Pp @@ -113,38 +101,27 @@ last entry of the old log. If the log is truncted by emptying the file, the log will start over at the first version (0). .It dump .Bl -tag -width Ds -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc +.It Fl c Ar file , Fl Fl config-file= Ns Ar file configuration file .It Xo .Fl r Ar string , -.Fl -realm= Ns Ar string +.Fl Fl realm= Ns Ar string .Xc realm .El .Pp -Print out all entires in the log to standard output. +Print out all entries in the log to standard output. .It replay .Bl -tag -width Ds -.It Xo -.Fl -start-version= Ns Ar version-number -.Xc +.It Fl Fl start-version= Ns Ar version-number start replay with this version .It Xo -.Fl -end-version= Ns Ar version-number +.Fl Fl end-version= Ns Ar version-number .Xc end replay with this version -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc +.It Fl c Ar file , Fl Fl config-file= Ns Ar file configuration file -.It Xo -.Fl r Ar string , -.Fl -realm= Ns Ar string -.Xc +.It Fl r Ar string , Fl Fl realm= Ns Ar string realm .El .Pp @@ -152,15 +129,9 @@ Replay the changes from specified entries (or all if none is specified) in the transaction log to the database. .It last-version .Bl -tag -width Ds -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc +.It Fl c Ar file , Fl Fl config-file= Ns Ar file configuration file -.It Xo -.Fl r Ar string , -.Fl -realm= Ns Ar string -.Xc +.It Fl r Ar string , Fl Fl realm= Ns Ar string realm .El .Pp diff --git a/lib/kadm5/iprop-log.c b/lib/kadm5/iprop-log.c index 7b43076832c3..b201de66d1f6 100644 --- a/lib/kadm5/iprop-log.c +++ b/lib/kadm5/iprop-log.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "iprop.h" @@ -36,7 +36,7 @@ #include #include "iprop-commands.h" -RCSID("$Id: iprop-log.c 22211 2007-12-07 19:27:27Z lha $"); +RCSID("$Id$"); static krb5_context context; @@ -75,7 +75,7 @@ get_kadmin_context(const char *config_file, char *realm) KADM5_ADMIN_SERVICE, NULL, KADM5_ADMIN_SERVICE, - &conf, 0, 0, + &conf, 0, 0, &kadm_handle); if (ret) krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); @@ -119,12 +119,12 @@ print_entry(kadm5_server_context *server_context, krb5_context scontext = server_context->context; off_t end = krb5_storage_seek(sp, 0, SEEK_CUR) + len; - + krb5_error_code ret; strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", localtime(×tamp)); - if(op < kadm_get || op > kadm_nop) { + if((int)op < (int)kadm_get || (int)op > (int)kadm_nop) { printf("unknown op: %d\n", op); krb5_storage_seek(sp, end, SEEK_SET); return; @@ -184,7 +184,7 @@ print_entry(kadm5_server_context *server_context, if(ent.valid_end == NULL) { strlcpy(t, "never", sizeof(t)); } else { - strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", + strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", localtime(ent.valid_end)); } printf(" expires = %s\n", t); @@ -193,7 +193,7 @@ print_entry(kadm5_server_context *server_context, if(ent.pw_end == NULL) { strlcpy(t, "never", sizeof(t)); } else { - strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", + strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", localtime(ent.pw_end)); } printf(" password exp = %s\n", t); @@ -201,7 +201,7 @@ print_entry(kadm5_server_context *server_context, if(mask & KADM5_LAST_PWD_CHANGE) { } if(mask & KADM5_ATTRIBUTES) { - unparse_flags(HDBFlags2int(ent.flags), + unparse_flags(HDBFlags2int(ent.flags), asn1_HDBFlags_units(), t, sizeof(t)); printf(" attributes = %s\n", t); } @@ -271,7 +271,7 @@ iprop_dump(struct dump_options *opt, int argc, char **argv) kadm5_server_context *server_context; krb5_error_code ret; - server_context = get_kadmin_context(opt->config_file_string, + server_context = get_kadmin_context(opt->config_file_string, opt->realm_string); ret = kadm5_log_init (server_context); @@ -294,7 +294,7 @@ iprop_truncate(struct truncate_options *opt, int argc, char **argv) kadm5_server_context *server_context; krb5_error_code ret; - server_context = get_kadmin_context(opt->config_file_string, + server_context = get_kadmin_context(opt->config_file_string, opt->realm_string); ret = kadm5_log_truncate (server_context); @@ -311,7 +311,7 @@ last_version(struct last_version_options *opt, int argc, char **argv) krb5_error_code ret; uint32_t version; - server_context = get_kadmin_context(opt->config_file_string, + server_context = get_kadmin_context(opt->config_file_string, opt->realm_string); ret = kadm5_log_init (server_context); @@ -344,14 +344,14 @@ apply_entry(kadm5_server_context *server_context, time_t timestamp, enum kadm_ops op, uint32_t len, - krb5_storage *sp, + krb5_storage *sp, void *ctx) { struct replay_options *opt = ctx; krb5_error_code ret; - if((opt->start_version_integer != -1 && ver < opt->start_version_integer) || - (opt->end_version_integer != -1 && ver > opt->end_version_integer)) { + if((opt->start_version_integer != -1 && ver < (uint32_t)opt->start_version_integer) || + (opt->end_version_integer != -1 && ver > (uint32_t)opt->end_version_integer)) { /* XXX skip this entry */ krb5_storage_seek(sp, len, SEEK_CUR); return; @@ -363,7 +363,7 @@ apply_entry(kadm5_server_context *server_context, op, ver, len, sp); if (ret) krb5_warn (server_context->context, ret, "kadm5_log_replay"); - + printf ("done\n"); } @@ -373,7 +373,7 @@ iprop_replay(struct replay_options *opt, int argc, char **argv) kadm5_server_context *server_context; krb5_error_code ret; - server_context = get_kadmin_context(opt->config_file_string, + server_context = get_kadmin_context(opt->config_file_string, opt->realm_string); ret = server_context->db->hdb_open(context, @@ -404,9 +404,9 @@ static int version_flag; static struct getargs args[] = { { "version", 0, arg_flag, &version_flag, - NULL, NULL - }, - { "help", 'h', arg_flag, &help_flag, + NULL, NULL + }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL } }; @@ -426,8 +426,11 @@ help(void *opt, int argc, char **argv) argv[0]); } else { if(c->func) { - char *fake[] = { NULL, "--help", NULL }; + static char shelp[] = "--help"; + char *fake[3]; fake[0] = argv[0]; + fake[1] = shelp; + fake[2] = NULL; (*c->func)(2, fake); fprintf(stderr, "\n"); } diff --git a/lib/kadm5/iprop-log.cat8 b/lib/kadm5/iprop-log.cat8 new file mode 100644 index 000000000000..be5630ff1e52 --- /dev/null +++ b/lib/kadm5/iprop-log.cat8 @@ -0,0 +1,82 @@ + +IPROP-LOG(8) BSD System Manager's Manual IPROP-LOG(8) + +NNAAMMEE + iipprroopp--lloogg -- maintain the iprop log file + +SSYYNNOOPPSSIISS + iipprroopp--lloogg [----vveerrssiioonn] [--hh | ----hheellpp] _c_o_m_m_a_n_d + + iipprroopp--lloogg ttrruunnccaattee [--cc _f_i_l_e | ----ccoonnffiigg--ffiillee==_f_i_l_e] [--rr _s_t_r_i_n_g | + ----rreeaallmm==_s_t_r_i_n_g] [--hh | ----hheellpp] + + iipprroopp--lloogg dduummpp [--cc _f_i_l_e | ----ccoonnffiigg--ffiillee==_f_i_l_e] [--rr _s_t_r_i_n_g | + ----rreeaallmm==_s_t_r_i_n_g] [--hh | ----hheellpp] + + iipprroopp--lloogg rreeppllaayy [----ssttaarrtt--vveerrssiioonn==_v_e_r_s_i_o_n_-_n_u_m_b_e_r] + [----eenndd--vveerrssiioonn==_v_e_r_s_i_o_n_-_n_u_m_b_e_r] [--cc _f_i_l_e | ----ccoonnffiigg--ffiillee==_f_i_l_e] + [--rr _s_t_r_i_n_g | ----rreeaallmm==_s_t_r_i_n_g] [--hh | ----hheellpp] + +DDEESSCCRRIIPPTTIIOONN + Supported options: + + ----vveerrssiioonn + + --hh, ----hheellpp + + command can be one of the following: + + truncate + + --cc _f_i_l_e, ----ccoonnffiigg--ffiillee==_f_i_l_e + configuration file + + --rr _s_t_r_i_n_g, ----rreeaallmm==_s_t_r_i_n_g + realm + + Truncates the log. Sets the new logs version number for the to + the last entry of the old log. If the log is truncted by emp- + tying the file, the log will start over at the first version + (0). + + dump + + --cc _f_i_l_e, ----ccoonnffiigg--ffiillee==_f_i_l_e + configuration file + + --rr _s_t_r_i_n_g, ----rreeaallmm==_s_t_r_i_n_g + realm + + Print out all entries in the log to standard output. + + replay + + ----ssttaarrtt--vveerrssiioonn==_v_e_r_s_i_o_n_-_n_u_m_b_e_r + start replay with this version + + ----eenndd--vveerrssiioonn==_v_e_r_s_i_o_n_-_n_u_m_b_e_r + end replay with this version + + --cc _f_i_l_e, ----ccoonnffiigg--ffiillee==_f_i_l_e + configuration file + + --rr _s_t_r_i_n_g, ----rreeaallmm==_s_t_r_i_n_g + realm + + Replay the changes from specified entries (or all if none is + specified) in the transaction log to the database. + + last-version + + --cc _f_i_l_e, ----ccoonnffiigg--ffiillee==_f_i_l_e + configuration file + + --rr _s_t_r_i_n_g, ----rreeaallmm==_s_t_r_i_n_g + realm + + prints the version of the last log entry. + +SSEEEE AALLSSOO + iprop(8) + +Heimdal February 18, 2007 Heimdal diff --git a/lib/kadm5/iprop.8 b/lib/kadm5/iprop.8 index d1e55cc61318..6be1f110c45c 100644 --- a/lib/kadm5/iprop.8 +++ b/lib/kadm5/iprop.8 @@ -1,35 +1,35 @@ -.\" $Id: iprop.8 21940 2007-09-28 22:28:09Z lha $ -.\" -.\" Copyright (c) 2005 Kungliga Tekniska Högskolan +.\" $Id$ +.\" +.\" Copyright (c) 2005 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. .\" .Dd May 24, 2005 .Dt IPROP 8 @@ -38,51 +38,49 @@ .Nm iprop , .Nm ipropd-master , .Nm ipropd-slave -.Nd -propagate changes to a Heimdal Kerberos master KDC to slave KDCs +.Nd propagate changes to a Heimdal Kerberos master KDC to slave KDCs .Sh SYNOPSIS .Nm ipropd-master .Oo Fl c Ar string \*(Ba Xo -.Fl -config-file= Ns Ar string +.Fl Fl config-file= Ns Ar string .Xc .Oc .Oo Fl r Ar string \*(Ba Xo -.Fl -realm= Ns Ar string +.Fl Fl realm= Ns Ar string .Xc .Oc .Oo Fl k Ar kspec \*(Ba Xo -.Fl -keytab= Ns Ar kspec +.Fl Fl keytab= Ns Ar kspec .Xc .Oc .Oo Fl d Ar file \*(Ba Xo -.Fl -database= Ns Ar file +.Fl Fl database= Ns Ar file .Xc .Oc -.Op Fl -slave-stats-file= Ns Ar file -.Op Fl -time-missing= Ns Ar time -.Op Fl -time-gone= Ns Ar time -.Op Fl -detach -.Op Fl -version -.Op Fl -help +.Op Fl Fl slave-stats-file= Ns Ar file +.Op Fl Fl time-missing= Ns Ar time +.Op Fl Fl time-gone= Ns Ar time +.Op Fl Fl detach +.Op Fl Fl version +.Op Fl Fl help .Nm ipropd-slave .Oo Fl c Ar string \*(Ba Xo -.Fl -config-file= Ns Ar string +.Fl Fl config-file= Ns Ar string .Xc .Oc .Oo Fl r Ar string \*(Ba Xo -.Fl -realm= Ns Ar string +.Fl Fl realm= Ns Ar string .Xc .Oc .Oo Fl k Ar kspec \*(Ba Xo -.Fl -keytab= Ns Ar kspec +.Fl Fl keytab= Ns Ar kspec .Xc .Oc -.Op Fl -time-lost= Ns Ar time -.Op Fl -detach -.Op Fl -version -.Op Fl -help +.Op Fl Fl time-lost= Ns Ar time +.Op Fl Fl detach +.Op Fl Fl version +.Op Fl Fl help .Ar master -.Pp .Sh DESCRIPTION .Nm ipropd-master is used to propagate changes to a Heimdal Kerberos database from the @@ -96,9 +94,9 @@ file in the KDC's database directory, e.g.\& .Pa /var/heimdal/slaves . This has principals one per-line of the form .Dl iprop/ Ns Ar slave Ns @ Ns Ar REALM -where -.Ar slave -is the hostname of the slave server in the given +where +.Ar slave +is the hostname of the slave server in the given .Ar REALM , e.g.\& .Dl iprop/kerberos-1.example.com@EXAMPLE.COM @@ -110,20 +108,23 @@ In contrast to .Xr hprop 8 , which sends the whole database to the slaves regularly, .Nm -normally sends only the changes as they happen on the master. The -master keeps track of all the changes by assigning a version number to -every change to the database. The slaves know which was the latest -version they saw, and in this way it can be determined if they are in -sync or not. A log of all the changes is kept on the master. When a -slave is at an older version than the oldest one in the log, the whole -database has to be sent. +normally sends only the changes as they happen on the master. +The master keeps track of all the changes by assigning a version +number to every change to the database. +The slaves know which was the latest version they saw, and in this +way it can be determined if they are in sync or not. +A log of all the changes is kept on the master. +When a slave is at an older version than the oldest one in the log, +the whole database has to be sent. .Pp The changes are propagated over a secure channel (on port 2121 by -default). This should normally be defined as +default). +This should normally be defined as .Dq iprop/tcp in .Pa /etc/services -or another source of the services database. The master and slaves +or another source of the services database. +The master and slaves must each have access to a keytab with keys for the .Nm iprop service principal on the local host. @@ -136,78 +137,37 @@ file (e.g.\& Supported options for .Nm ipropd-master : .Bl -tag -width Ds -.It Xo -.Fl c Ar string , -.Fl -config-file= Ns Ar string -.Xc -.It Xo -.Fl r Ar string , -.Fl -realm= Ns Ar string -.Xc -.It Xo -.Fl k Ar kspec , -.Fl -keytab= Ns Ar kspec -.Xc +.It Fl c Ar string , Fl Fl config-file= Ns Ar string +.It Fl r Ar string , Fl Fl realm= Ns Ar string +.It Fl k Ar kspec , Fl Fl keytab= Ns Ar kspec keytab to get authentication from -.It Xo -.Fl d Ar file , -.Fl -database= Ns Ar file -.Xc +.It Fl d Ar file , Fl Fl database= Ns Ar file Database (default per KDC) -.It Xo -.Fl -slave-stats-file= Ns Ar file -.Xc +.It Fl Fl slave-stats-file= Ns Ar file file for slave status information -.It Xo -.Fl -time-missing= Ns Ar time -.Xc +.It Fl Fl time-missing= Ns Ar time time before slave is polled for presence (default 2 min) -.It Xo -.Fl -time-gone= Ns Ar time -.Xc +.It Fl Fl time-gone= Ns Ar time time of inactivity after which a slave is considered gone (default 5 min) -.It Xo -.Fl -detach -.Xc +.It Fl Fl detach detach from console -.It Xo -.Fl -version -.Xc -.It Xo -.Fl -help -.Xc +.It Fl Fl version +.It Fl Fl help .El .Pp Supported options for .Nm ipropd-slave : .Bl -tag -width Ds -.It Xo -.Fl c Ar string , -.Fl -config-file= Ns Ar string -.Xc -.It Xo -.Fl r Ar string , -.Fl -realm= Ns Ar string -.Xc -.It Xo -.Fl k Ar kspec , -.Fl -keytab= Ns Ar kspec -.Xc +.It Fl c Ar string , Fl Fl config-file= Ns Ar string +.It Fl r Ar string , Fl Fl realm= Ns Ar string +.It Fl k Ar kspec , Fl Fl keytab= Ns Ar kspec keytab to get authentication from -.It Xo -.Fl -time-lost= Ns Ar time -.Xc +.It Fl Fl time-lost= Ns Ar time time before server is considered lost (default 5 min) -.It Xo -.Fl -detach -.Xc +.It Fl Fl detach detach from console -.It Xo -.Fl -version -.Xc -.It Xo -.Fl -help -.Xc +.It Fl Fl version +.It Fl Fl help .El Time arguments for the relevant options above may be specified in forms like 5 min, 300 s, or simply a number of seconds. @@ -216,8 +176,8 @@ like 5 min, 300 s, or simply a number of seconds. .Pa slave-stats in the database directory. .Sh SEE ALSO -.Xr hpropd 8 , +.Xr krb5.conf 5 , .Xr hprop 8 , -.Xr krb5.conf 8 , -.Xr kdc 8 , -.Xr iprop-log 8 . +.Xr hpropd 8 , +.Xr iprop-log 8 , +.Xr kdc 8 . diff --git a/lib/kadm5/iprop.cat8 b/lib/kadm5/iprop.cat8 new file mode 100644 index 000000000000..b2aebb839651 --- /dev/null +++ b/lib/kadm5/iprop.cat8 @@ -0,0 +1,106 @@ + +IPROP(8) BSD System Manager's Manual IPROP(8) + +NNAAMMEE + iipprroopp, iipprrooppdd--mmaasstteerr, iipprrooppdd--ssllaavvee -- propagate changes to a Heimdal Ker- + beros master KDC to slave KDCs + +SSYYNNOOPPSSIISS + iipprrooppdd--mmaasstteerr [--cc _s_t_r_i_n_g | ----ccoonnffiigg--ffiillee==_s_t_r_i_n_g] [--rr _s_t_r_i_n_g | + ----rreeaallmm==_s_t_r_i_n_g] [--kk _k_s_p_e_c | ----kkeeyyttaabb==_k_s_p_e_c] [--dd _f_i_l_e | + ----ddaattaabbaassee==_f_i_l_e] [----ssllaavvee--ssttaattss--ffiillee==_f_i_l_e] + [----ttiimmee--mmiissssiinngg==_t_i_m_e] [----ttiimmee--ggoonnee==_t_i_m_e] [----ddeettaacchh] + [----vveerrssiioonn] [----hheellpp] + iipprrooppdd--ssllaavvee [--cc _s_t_r_i_n_g | ----ccoonnffiigg--ffiillee==_s_t_r_i_n_g] [--rr _s_t_r_i_n_g | + ----rreeaallmm==_s_t_r_i_n_g] [--kk _k_s_p_e_c | ----kkeeyyttaabb==_k_s_p_e_c] + [----ttiimmee--lloosstt==_t_i_m_e] [----ddeettaacchh] [----vveerrssiioonn] [----hheellpp] _m_a_s_t_e_r + +DDEESSCCRRIIPPTTIIOONN + iipprrooppdd--mmaasstteerr is used to propagate changes to a Heimdal Kerberos database + from the master Kerberos server on which it runs to slave Kerberos + servers running iipprrooppdd--ssllaavvee. + + The slaves are specified by the contents of the _s_l_a_v_e_s file in the KDC's + database directory, e.g. _/_v_a_r_/_h_e_i_m_d_a_l_/_s_l_a_v_e_s. This has principals one + per-line of the form + iprop/_s_l_a_v_e@_R_E_A_L_M + where _s_l_a_v_e is the hostname of the slave server in the given _R_E_A_L_M, e.g. + iprop/kerberos-1.example.com@EXAMPLE.COM + On a slave, the argument _m_a_s_t_e_r specifies the hostname of the master + server from which to receive updates. + + In contrast to hprop(8), which sends the whole database to the slaves + regularly, iipprroopp normally sends only the changes as they happen on the + master. The master keeps track of all the changes by assigning a version + number to every change to the database. The slaves know which was the + latest version they saw, and in this way it can be determined if they are + in sync or not. A log of all the changes is kept on the master. When a + slave is at an older version than the oldest one in the log, the whole + database has to be sent. + + The changes are propagated over a secure channel (on port 2121 by + default). This should normally be defined as ``iprop/tcp'' in + _/_e_t_c_/_s_e_r_v_i_c_e_s or another source of the services database. The master and + slaves must each have access to a keytab with keys for the iipprroopp service + principal on the local host. + + There is a keep-alive feature logged in the master's _s_l_a_v_e_-_s_t_a_t_s file + (e.g. _/_v_a_r_/_h_e_i_m_d_a_l_/_s_l_a_v_e_-_s_t_a_t_s). + + Supported options for iipprrooppdd--mmaasstteerr: + + --cc _s_t_r_i_n_g, ----ccoonnffiigg--ffiillee==_s_t_r_i_n_g + + --rr _s_t_r_i_n_g, ----rreeaallmm==_s_t_r_i_n_g + + --kk _k_s_p_e_c, ----kkeeyyttaabb==_k_s_p_e_c + keytab to get authentication from + + --dd _f_i_l_e, ----ddaattaabbaassee==_f_i_l_e + Database (default per KDC) + + ----ssllaavvee--ssttaattss--ffiillee==_f_i_l_e + file for slave status information + + ----ttiimmee--mmiissssiinngg==_t_i_m_e + time before slave is polled for presence (default 2 min) + + ----ttiimmee--ggoonnee==_t_i_m_e + time of inactivity after which a slave is considered gone + (default 5 min) + + ----ddeettaacchh + detach from console + + ----vveerrssiioonn + + ----hheellpp + + Supported options for iipprrooppdd--ssllaavvee: + + --cc _s_t_r_i_n_g, ----ccoonnffiigg--ffiillee==_s_t_r_i_n_g + + --rr _s_t_r_i_n_g, ----rreeaallmm==_s_t_r_i_n_g + + --kk _k_s_p_e_c, ----kkeeyyttaabb==_k_s_p_e_c + keytab to get authentication from + + ----ttiimmee--lloosstt==_t_i_m_e + time before server is considered lost (default 5 min) + + ----ddeettaacchh + detach from console + + ----vveerrssiioonn + + ----hheellpp + Time arguments for the relevant options above may be specified in forms + like 5 min, 300 s, or simply a number of seconds. + +FFIILLEESS + _s_l_a_v_e_s, _s_l_a_v_e_-_s_t_a_t_s in the database directory. + +SSEEEE AALLSSOO + krb5.conf(5), hprop(8), hpropd(8), iprop-log(8), kdc(8). + +Heimdal May 24, 2005 Heimdal diff --git a/lib/kadm5/iprop.h b/lib/kadm5/iprop.h index beb54142f2bd..32a80cec92ec 100644 --- a/lib/kadm5/iprop.h +++ b/lib/kadm5/iprop.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1998-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998-2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: iprop.h 22211 2007-12-07 19:27:27Z lha $ */ +/* $Id$ */ #ifndef __IPROP_H__ #define __IPROP_H__ diff --git a/lib/kadm5/ipropd-master-version.rc b/lib/kadm5/ipropd-master-version.rc new file mode 100644 index 000000000000..f51a89168697 --- /dev/null +++ b/lib/kadm5/ipropd-master-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "IProp Master" +#define RC_FILE_ORIG_0409 "ipropd-master.exe" + +#include "../../windows/version.rc" diff --git a/lib/kadm5/ipropd-slave-version.rc b/lib/kadm5/ipropd-slave-version.rc new file mode 100644 index 000000000000..a1cee87e186a --- /dev/null +++ b/lib/kadm5/ipropd-slave-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "IProp Slave" +#define RC_FILE_ORIG_0409 "ipropd-slave.exe" + +#include "../../windows/version.rc" diff --git a/lib/kadm5/ipropd_common.c b/lib/kadm5/ipropd_common.c index e6561596d111..2e3d94107c90 100644 --- a/lib/kadm5/ipropd_common.c +++ b/lib/kadm5/ipropd_common.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "iprop.h" @@ -63,7 +63,11 @@ setup_signal(void) #else signal(SIGINT, sigterm); signal(SIGTERM, sigterm); +#ifndef NO_SIGXCPU signal(SIGXCPU, sigterm); +#endif +#ifndef NO_SIGPIPE signal(SIGPIPE, SIG_IGN); #endif +#endif } diff --git a/lib/kadm5/ipropd_master.c b/lib/kadm5/ipropd_master.c index bd8f71fd7b3f..492bbadbd2c2 100644 --- a/lib/kadm5/ipropd_master.c +++ b/lib/kadm5/ipropd_master.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "iprop.h" #include -RCSID("$Id: ipropd_master.c 22211 2007-12-07 19:27:27Z lha $"); - static krb5_log_facility *log_facility; const char *slave_stats_file; @@ -47,12 +45,13 @@ static int time_before_gone; const char *master_hostname; -static int +static krb5_socket_t make_signal_socket (krb5_context context) { +#ifndef NO_UNIX_SOCKETS struct sockaddr_un addr; const char *fn; - int fd; + krb5_socket_t fd; fn = kadm5_log_signal_socket(context); @@ -66,25 +65,39 @@ make_signal_socket (krb5_context context) if (bind (fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) krb5_err (context, 1, errno, "bind %s", addr.sun_path); return fd; +#else + struct addrinfo *ai = NULL; + krb5_socket_t fd; + + kadm5_log_signal_socket_info(context, 1, &ai); + + fd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); + if (rk_IS_BAD_SOCKET(fd)) + krb5_err (context, 1, rk_SOCK_ERRNO, "socket AF=%d", ai->ai_family); + + if (rk_IS_SOCKET_ERROR( bind (fd, ai->ai_addr, ai->ai_addrlen) )) + krb5_err (context, 1, rk_SOCK_ERRNO, "bind"); + return fd; +#endif } -static int +static krb5_socket_t make_listen_socket (krb5_context context, const char *port_str) { - int fd; + krb5_socket_t fd; int one = 1; struct sockaddr_in addr; fd = socket (AF_INET, SOCK_STREAM, 0); - if (fd < 0) - krb5_err (context, 1, errno, "socket AF_INET"); + if (rk_IS_BAD_SOCKET(fd)) + krb5_err (context, 1, rk_SOCK_ERRNO, "socket AF_INET"); setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, (void *)&one, sizeof(one)); memset (&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; if (port_str) { addr.sin_port = krb5_getportbyname (context, - port_str, "tcp", + port_str, "tcp", 0); if (addr.sin_port == 0) { char *ptr; @@ -96,7 +109,7 @@ make_listen_socket (krb5_context context, const char *port_str) addr.sin_port = htons(port); } } else { - addr.sin_port = krb5_getportbyname (context, IPROP_SERVICE, + addr.sin_port = krb5_getportbyname (context, IPROP_SERVICE, "tcp", IPROP_PORT); } if(bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) @@ -107,7 +120,7 @@ make_listen_socket (krb5_context context, const char *port_str) } struct slave { - int fd; + krb5_socket_t fd; struct sockaddr_in addr; char *name; krb5_auth_context ac; @@ -128,9 +141,11 @@ check_acl (krb5_context context, const char *name) FILE *fp; char buf[256]; int ret = 1; - char *slavefile; + char *slavefile = NULL; - asprintf(&slavefile, "%s/slaves", hdb_db_dir(context)); + if (asprintf(&slavefile, "%s/slaves", hdb_db_dir(context)) == -1 + || slavefile == NULL) + errx(1, "out of memory"); fn = krb5_config_get_string_default(context, NULL, @@ -182,9 +197,9 @@ slave_dead(krb5_context context, slave *s) { krb5_warnx(context, "slave %s dead", s->name); - if (s->fd >= 0) { - close (s->fd); - s->fd = -1; + if (!rk_IS_BAD_SOCKET(s->fd)) { + rk_closesocket (s->fd); + s->fd = rk_INVALID_SOCKET; } s->flags |= SLAVE_F_DEAD; slave_seen(s); @@ -195,8 +210,8 @@ remove_slave (krb5_context context, slave *s, slave **root) { slave **p; - if (s->fd >= 0) - close (s->fd); + if (!rk_IS_BAD_SOCKET(s->fd)) + rk_closesocket (s->fd); if (s->name) free (s->name); if (s->ac) @@ -211,7 +226,8 @@ remove_slave (krb5_context context, slave *s, slave **root) } static void -add_slave (krb5_context context, krb5_keytab keytab, slave **root, int fd) +add_slave (krb5_context context, krb5_keytab keytab, slave **root, + krb5_socket_t fd) { krb5_principal server; krb5_error_code ret; @@ -230,8 +246,8 @@ add_slave (krb5_context context, krb5_keytab keytab, slave **root, int fd) addr_len = sizeof(s->addr); s->fd = accept (fd, (struct sockaddr *)&s->addr, &addr_len); - if (s->fd < 0) { - krb5_warn (context, errno, "accept"); + if (rk_IS_BAD_SOCKET(s->fd)) { + krb5_warn (context, rk_SOCK_ERRNO, "accept"); goto error; } if (master_hostname) @@ -254,6 +270,7 @@ add_slave (krb5_context context, krb5_keytab keytab, slave **root, int fd) goto error; } ret = krb5_unparse_name (context, ticket->client, &s->name); + krb5_free_ticket (context, ticket); if (ret) { krb5_warn (context, ret, "krb5_unparse_name"); goto error; @@ -262,8 +279,6 @@ add_slave (krb5_context context, krb5_keytab keytab, slave **root, int fd) krb5_warnx (context, "%s not in acl", s->name); goto error; } - krb5_free_ticket (context, ticket); - ticket = NULL; { slave *l = *root; @@ -297,7 +312,7 @@ add_slave (krb5_context context, krb5_keytab keytab, slave **root, int fd) struct prop_context { krb5_auth_context auth_context; - int fd; + krb5_socket_t fd; }; static int @@ -364,7 +379,7 @@ send_complete (krb5_context context, slave *s, return ret; } - ret = hdb_foreach (context, db, 0, prop_one, s); + ret = hdb_foreach (context, db, HDB_F_ADMIN_DATA, prop_one, s); if (ret) { krb5_warn (context, ret, "hdb_foreach"); slave_dead(context, s); @@ -408,6 +423,8 @@ send_are_you_there (krb5_context context, slave *s) if (s->flags & (SLAVE_F_DEAD|SLAVE_F_AYT)) return 0; + krb5_warnx(context, "slave %s missing, sending AYT", s->name); + s->flags |= SLAVE_F_AYT; data.data = buf; @@ -467,7 +484,7 @@ send_diffs (krb5_context context, slave *s, int log_fd, for (;;) { ret = kadm5_log_previous (context, sp, &ver, ×tamp, &op, &len); if (ret) - krb5_err(context, 1, ret, + krb5_err(context, 1, ret, "send_diffs: failed to find previous entry"); left = krb5_storage_seek(sp, -16, SEEK_CUR); if (ver == s->version) @@ -475,6 +492,7 @@ send_diffs (krb5_context context, slave *s, int log_fd, if (ver == s->version + 1) break; if (left == 0) { + krb5_storage_free(sp); krb5_warnx(context, "slave %s (version %lu) out of sync with master " "(first version in log %lu), sending complete database", @@ -490,6 +508,7 @@ send_diffs (krb5_context context, slave *s, int log_fd, ret = krb5_data_alloc (&data, right - left + 4); if (ret) { + krb5_storage_free(sp); krb5_warn (context, ret, "send_diffs: krb5_data_alloc"); slave_dead(context, s); return 1; @@ -556,14 +575,15 @@ process_msg (krb5_context context, slave *s, int log_fd, } /* new started slave that have old log */ if (s->version == 0 && tmp != 0) { - if (s->version < tmp) { - krb5_warnx (context, "Slave %s have later version the master " - "OUT OF SYNC", s->name); - } else { - s->version = tmp; + if (current_version < (uint32_t)tmp) { + krb5_warnx (context, "Slave %s (version %lu) have later version " + "the master (version %lu) OUT OF SYNC", + s->name, (unsigned long)tmp, + (unsigned long)current_version); } + s->version = tmp; } - if (tmp < s->version) { + if ((uint32_t)tmp < s->version) { krb5_warnx (context, "Slave claims to not have " "version we already sent to it"); } else { @@ -580,6 +600,7 @@ process_msg (krb5_context context, slave *s, int log_fd, } krb5_data_free (&out); + krb5_storage_free (sp); slave_seen(s); @@ -627,7 +648,7 @@ write_master_down(krb5_context context) fp = open_stats(context); if (fp == NULL) return; - krb5_format_time(context, t, str, sizeof(str), TRUE); + krb5_format_time(context, t, str, sizeof(str), TRUE); fprintf(fp, "master down at %s\n", str); fclose(fp); @@ -645,7 +666,7 @@ write_stats(krb5_context context, slave *slaves, uint32_t current_version) if (fp == NULL) return; - krb5_format_time(context, t, str, sizeof(str), TRUE); + krb5_format_time(context, t, str, sizeof(str), TRUE); fprintf(fp, "Status for slaves, last updated: %s\n\n", str); fprintf(fp, "Master version: %lu\n\n", (unsigned long)current_version); @@ -669,7 +690,7 @@ write_stats(krb5_context context, slave *slaves, uint32_t current_version) krb5_address addr; krb5_error_code ret; rtbl_add_column_entry(tbl, SLAVE_NAME, slaves->name); - ret = krb5_sockaddr2address (context, + ret = krb5_sockaddr2address (context, (struct sockaddr*)&slaves->addr, &addr); if(ret == 0) { krb5_print_address(&addr, str, sizeof(str), NULL); @@ -677,7 +698,7 @@ write_stats(krb5_context context, slave *slaves, uint32_t current_version) rtbl_add_column_entry(tbl, SLAVE_ADDRESS, str); } else rtbl_add_column_entry(tbl, SLAVE_ADDRESS, ""); - + snprintf(str, sizeof(str), "%u", (unsigned)slaves->version); rtbl_add_column_entry(tbl, SLAVE_VERSION, str); @@ -686,7 +707,7 @@ write_stats(krb5_context context, slave *slaves, uint32_t current_version) else rtbl_add_column_entry(tbl, SLAVE_STATUS, "Up"); - ret = krb5_format_time(context, slaves->seen, str, sizeof(str), TRUE); + ret = krb5_format_time(context, slaves->seen, str, sizeof(str), TRUE); rtbl_add_column_entry(tbl, SLAVE_SEEN, str); slaves = slaves->next; @@ -699,35 +720,40 @@ write_stats(krb5_context context, slave *slaves, uint32_t current_version) } +static char sHDB[] = "HDB:"; static char *realm; static int version_flag; static int help_flag; -static char *keytab_str = "HDB:"; +static char *keytab_str = sHDB; static char *database; static char *config_file; static char *port_str; +#ifdef SUPPORT_DETACH static int detach_from_console = 0; +#endif static struct getargs args[] = { - { "config-file", 'c', arg_string, &config_file }, - { "realm", 'r', arg_string, &realm }, + { "config-file", 'c', arg_string, &config_file, NULL, NULL }, + { "realm", 'r', arg_string, &realm, NULL, NULL }, { "keytab", 'k', arg_string, &keytab_str, "keytab to get authentication from", "kspec" }, { "database", 'd', arg_string, &database, "database", "file"}, - { "slave-stats-file", 0, arg_string, &slave_stats_file, + { "slave-stats-file", 0, arg_string, rk_UNCONST(&slave_stats_file), "file for slave status information", "file"}, - { "time-missing", 0, arg_string, &slave_time_missing, + { "time-missing", 0, arg_string, rk_UNCONST(&slave_time_missing), "time before slave is polled for presence", "time"}, - { "time-gone", 0, arg_string, &slave_time_gone, + { "time-gone", 0, arg_string, rk_UNCONST(&slave_time_gone), "time of inactivity after which a slave is considered gone", "time"}, { "port", 0, arg_string, &port_str, "port ipropd will listen to", "port"}, - { "detach", 0, arg_flag, &detach_from_console, - "detach from console" }, - { "hostname", 0, arg_string, &master_hostname, +#ifdef SUPPORT_DETACH + { "detach", 0, arg_flag, &detach_from_console, + "detach from console", NULL }, +#endif + { "hostname", 0, arg_string, rk_UNCONST(&master_hostname), "hostname of master (if not same as hostname)", "hostname" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); @@ -739,16 +765,16 @@ main(int argc, char **argv) void *kadm_handle; kadm5_server_context *server_context; kadm5_config_params conf; - int signal_fd, listen_fd; + krb5_socket_t signal_fd, listen_fd; int log_fd; slave *slaves = NULL; uint32_t current_version = 0, old_version = 0; krb5_keytab keytab; int optidx; char **files; - + optidx = krb5_program_setup(&context, argc, argv, args, num_args, NULL); - + if(help_flag) krb5_std_usage(0, args, num_args); if(version_flag) { @@ -780,8 +806,10 @@ main(int argc, char **argv) if (time_before_missing < 0) krb5_errx (context, 1, "couldn't parse time: %s", slave_time_missing); +#ifdef SUPPORT_DETACH if (detach_from_console) daemon(0, 0); +#endif pidfile (NULL); krb5_openlog (context, "ipropd-master", &log_facility); krb5_set_warn_dest(context, log_facility); @@ -793,7 +821,7 @@ main(int argc, char **argv) ret = krb5_kt_resolve(context, keytab_str, &keytab); if(ret) krb5_err(context, 1, ret, "krb5_kt_resolve: %s", keytab_str); - + memset(&conf, 0, sizeof(conf)); if(realm) { conf.mask |= KADM5_CONFIG_REALM; @@ -803,7 +831,7 @@ main(int argc, char **argv) KADM5_ADMIN_SERVICE, NULL, KADM5_ADMIN_SERVICE, - &conf, 0, 0, + &conf, 0, 0, &kadm_handle); if (ret) krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); @@ -820,7 +848,7 @@ main(int argc, char **argv) kadm5_log_get_version_fd (log_fd, ¤t_version); - krb5_warnx(context, "ipropd-master started at version: %lu", + krb5_warnx(context, "ipropd-master started at version: %lu", (unsigned long)current_version); while(exit_flag == 0){ @@ -830,8 +858,10 @@ main(int argc, char **argv) struct timeval to = {30, 0}; uint32_t vers; +#ifndef NO_LIMIT_FD_SETSIZE if (signal_fd >= FD_SETSIZE || listen_fd >= FD_SETSIZE) krb5_errx (context, 1, "fd too large"); +#endif FD_ZERO(&readset); FD_SET(signal_fd, &readset); @@ -860,7 +890,7 @@ main(int argc, char **argv) kadm5_log_get_version_fd (log_fd, ¤t_version); if (current_version > old_version) { - krb5_warnx(context, + krb5_warnx(context, "Missed a signal, updating slaves %lu to %lu", (unsigned long)old_version, (unsigned long)current_version); @@ -873,7 +903,11 @@ main(int argc, char **argv) } if (ret && FD_ISSET(signal_fd, &readset)) { +#ifndef NO_UNIX_SOCKETS struct sockaddr_un peer_addr; +#else + struct sockaddr_storage peer_addr; +#endif socklen_t peer_len = sizeof(peer_addr); if(recvfrom(signal_fd, (void *)&vers, sizeof(vers), 0, @@ -886,14 +920,17 @@ main(int argc, char **argv) old_version = current_version; kadm5_log_get_version_fd (log_fd, ¤t_version); if (current_version > old_version) { - krb5_warnx(context, + krb5_warnx(context, "Got a signal, updating slaves %lu to %lu", (unsigned long)old_version, (unsigned long)current_version); - for (p = slaves; p != NULL; p = p->next) + for (p = slaves; p != NULL; p = p->next) { + if (p->flags & SLAVE_F_DEAD) + continue; send_diffs (context, p, log_fd, database, current_version); + } } else { - krb5_warnx(context, + krb5_warnx(context, "Got a signal, but no update in log version %lu", (unsigned long)current_version); } @@ -909,10 +946,8 @@ main(int argc, char **argv) slave_dead(context, p); } else if (slave_gone_p (p)) slave_dead(context, p); - else if (slave_missing_p (p)) { - krb5_warnx(context, "slave %s missing, sending AYT", p->name); + else if (slave_missing_p (p)) send_are_you_there (context, p); - } } if (ret && FD_ISSET(listen_fd, &readset)) { @@ -923,13 +958,15 @@ main(int argc, char **argv) write_stats(context, slaves, current_version); } - if(exit_flag == SIGXCPU) - krb5_warnx(context, "%s CPU time limit exceeded", getprogname()); - else if(exit_flag == SIGINT || exit_flag == SIGTERM) + if(exit_flag == SIGINT || exit_flag == SIGTERM) krb5_warnx(context, "%s terminated", getprogname()); +#ifdef SIGXCPU + else if(exit_flag == SIGXCPU) + krb5_warnx(context, "%s CPU time limit exceeded", getprogname()); +#endif else - krb5_warnx(context, "%s unexpected exit reason: %d", - getprogname(), exit_flag); + krb5_warnx(context, "%s unexpected exit reason: %ld", + getprogname(), (long)exit_flag); write_master_down(context); diff --git a/lib/kadm5/ipropd_slave.c b/lib/kadm5/ipropd_slave.c index 482a3f7a4095..38e9a7b7108c 100644 --- a/lib/kadm5/ipropd_slave.c +++ b/lib/kadm5/ipropd_slave.c @@ -1,42 +1,45 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "iprop.h" -RCSID("$Id: ipropd_slave.c 22211 2007-12-07 19:27:27Z lha $"); +RCSID("$Id$"); + +static const char *config_name = "ipropd-slave"; static krb5_log_facility *log_facility; -static char *server_time_lost = "5 min"; +static char five_min[] = "5 min"; +static char *server_time_lost = five_min; static int time_before_lost; const char *slave_str = NULL; @@ -44,39 +47,53 @@ static int connect_to_master (krb5_context context, const char *master, const char *port_str) { - int fd; - struct sockaddr_in addr; - struct hostent *he; + char port[NI_MAXSERV]; + struct addrinfo *ai, *a; + struct addrinfo hints; + int error; + int s = -1; - fd = socket (AF_INET, SOCK_STREAM, 0); - if (fd < 0) - krb5_err (context, 1, errno, "socket AF_INET"); - memset (&addr, 0, sizeof(addr)); - addr.sin_family = AF_INET; - if (port_str) { - addr.sin_port = krb5_getportbyname (context, - port_str, "tcp", - 0); - if (addr.sin_port == 0) { - char *ptr; - long port; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - krb5_errx (context, 1, "bad port `%s'", port_str); - addr.sin_port = htons(port); - } - } else { - addr.sin_port = krb5_getportbyname (context, IPROP_SERVICE, - "tcp", IPROP_PORT); + memset (&hints, 0, sizeof(hints)); + hints.ai_socktype = SOCK_STREAM; + + if (port_str == NULL) { + snprintf(port, sizeof(port), "%u", IPROP_PORT); + port_str = port; } - he = roken_gethostbyname (master); - if (he == NULL) - krb5_errx (context, 1, "gethostbyname: %s", hstrerror(h_errno)); - memcpy (&addr.sin_addr, he->h_addr, sizeof(addr.sin_addr)); - if(connect(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) - krb5_err (context, 1, errno, "connect"); - return fd; + + error = getaddrinfo (master, port_str, &hints, &ai); + if (error) { + krb5_warnx(context, "Failed to get address of to %s: %s", + master, gai_strerror(error)); + return -1; + } + + for (a = ai; a != NULL; a = a->ai_next) { + char node[NI_MAXHOST]; + error = getnameinfo(a->ai_addr, a->ai_addrlen, + node, sizeof(node), NULL, 0, NI_NUMERICHOST); + if (error) + strlcpy(node, "[unknown-addr]", sizeof(node)); + + s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); + if (s < 0) + continue; + if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { + krb5_warn(context, errno, "connection failed to %s[%s]", + master, node); + close (s); + continue; + } + krb5_warnx(context, "connection successful " + "to master: %s[%s]", master, node); + break; + } + freeaddrinfo (ai); + + if (a == NULL) + return -1; + + return s; } static void @@ -90,7 +107,7 @@ get_creds(krb5_context context, const char *keytab_str, krb5_creds creds; char *server; char keytab_buf[256]; - + if (keytab_str == NULL) { ret = krb5_kt_default_name (context, keytab_buf, sizeof(keytab_buf)); if (ret) @@ -101,7 +118,7 @@ get_creds(krb5_context context, const char *keytab_str, ret = krb5_kt_resolve(context, keytab_str, &keytab); if(ret) krb5_err(context, 1, ret, "%s", keytab_str); - + ret = krb5_sname_to_principal (context, slave_str, IPROP_NAME, KRB5_NT_SRV_HST, &client); @@ -119,21 +136,24 @@ get_creds(krb5_context context, const char *keytab_str, free (server); krb5_get_init_creds_opt_free(context, init_opts); if(ret) krb5_err(context, 1, ret, "krb5_get_init_creds"); - + ret = krb5_kt_close(context, keytab); if(ret) krb5_err(context, 1, ret, "krb5_kt_close"); - - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, cache); - if(ret) krb5_err(context, 1, ret, "krb5_cc_gen_new"); + + ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, cache); + if(ret) krb5_err(context, 1, ret, "krb5_cc_new_unique"); ret = krb5_cc_initialize(context, *cache, client); if(ret) krb5_err(context, 1, ret, "krb5_cc_initialize"); ret = krb5_cc_store_cred(context, *cache, &creds); if(ret) krb5_err(context, 1, ret, "krb5_cc_store_cred"); + + krb5_free_cred_contents(context, &creds); + krb5_free_principal(context, client); } -static void +static krb5_error_code ihave (krb5_context context, krb5_auth_context auth_context, int fd, uint32_t version) { @@ -148,10 +168,11 @@ ihave (krb5_context context, krb5_auth_context auth_context, krb5_storage_free (sp); data.length = 8; data.data = buf; - + ret = krb5_write_priv_message(context, auth_context, &fd, &data); if (ret) - krb5_err (context, 1, ret, "krb5_write_priv_message"); + krb5_warn (context, ret, "krb5_write_message"); + return ret; } static void @@ -178,9 +199,9 @@ receive_loop (krb5_context context, krb5_ret_int32 (sp, &tmp); op = tmp; krb5_ret_int32 (sp, &len); - if (vers <= server_context->log_context.version) + if ((uint32_t)vers <= server_context->log_context.version) krb5_storage_seek(sp, len + 8, SEEK_CUR); - } while(vers <= server_context->log_context.version); + } while((uint32_t)vers <= server_context->log_context.version); /* * Read up rest of the entires into the memory... @@ -226,8 +247,8 @@ receive_loop (krb5_context context, if (ret) krb5_errx(context, 1, "entry %ld: too short", (long)vers); if (len < 0) krb5_errx(context, 1, "log is corrupted, " - "negative length of entry version %ld: %ld", - (long)vers, (long)len); + "negative length of entry version %ld: %ld", + (long)vers, (long)len); cur = krb5_storage_seek(sp, 0, SEEK_CUR); krb5_warnx (context, "replaying entry %d", (int)vers); @@ -235,22 +256,22 @@ receive_loop (krb5_context context, ret = kadm5_log_replay (server_context, op, vers, len, sp); if (ret) { - char *s = krb5_get_error_message(server_context->context, ret); + const char *s = krb5_get_error_message(server_context->context, ret); krb5_warnx (context, - "kadm5_log_replay: %ld. Lost entry entry, " - "Database out of sync ?: %s (%d)", + "kadm5_log_replay: %ld. Lost entry entry, " + "Database out of sync ?: %s (%d)", (long)vers, s ? s : "unknown error", ret); - krb5_xfree(s); + krb5_free_error_message(context, s); } { - /* + /* * Make sure the krb5_log_replay does the right thing wrt * reading out data from the sp. */ cur2 = krb5_storage_seek(sp, 0, SEEK_CUR); if (cur + len != cur2) - krb5_errx(context, 1, + krb5_errx(context, 1, "kadm5_log_reply version: %ld didn't read the whole entry", (long)vers); } @@ -318,20 +339,20 @@ send_im_here (krb5_context context, int fd, krb5_err (context, 1, ret, "krb5_write_priv_message"); } -static void +static krb5_error_code receive_everything (krb5_context context, int fd, kadm5_server_context *server_context, krb5_auth_context auth_context) { int ret; krb5_data data; - int32_t vno; + int32_t vno = 0; int32_t opcode; krb5_storage *sp; char *dbname; HDB *mydb; - + krb5_warnx(context, "receive complete database"); asprintf(&dbname, "%s-NEW", server_context->db->hdb_name); @@ -339,12 +360,12 @@ receive_everything (krb5_context context, int fd, if(ret) krb5_err(context,1, ret, "hdb_create"); free(dbname); - + ret = hdb_set_master_keyfile (context, mydb, server_context->config.stash_file); if(ret) krb5_err(context,1, ret, "hdb_set_master_keyfile"); - + /* I really want to use O_EXCL here, but given that I can't easily clean up on error, I won't */ ret = mydb->hdb_open(context, mydb, O_RDWR | O_CREAT | O_TRUNC, 0600); @@ -355,8 +376,10 @@ receive_everything (krb5_context context, int fd, do { ret = krb5_read_priv_message(context, auth_context, &fd, &data); - if (ret) - krb5_err (context, 1, ret, "krb5_read_priv_message"); + if (ret) { + krb5_warn (context, ret, "krb5_read_priv_message"); + goto cleanup; + } sp = krb5_storage_from_data (&data); if (sp == NULL) @@ -408,12 +431,13 @@ receive_everything (krb5_context context, int fd, if (ret) krb5_err (context, 1, ret, "kadm5_log_nop"); - krb5_data_free (&data); - ret = mydb->hdb_rename (context, mydb, server_context->db->hdb_name); if (ret) krb5_err (context, 1, ret, "db->rename"); + cleanup: + krb5_data_free (&data); + ret = mydb->hdb_close (context, mydb); if (ret) krb5_err (context, 1, ret, "db->close"); @@ -423,6 +447,7 @@ receive_everything (krb5_context context, int fd, krb5_err (context, 1, ret, "db->destroy"); krb5_warnx(context, "receive complete database, version %ld", (long)vno); + return ret; } static char *config_file; @@ -431,27 +456,38 @@ static int version_flag; static int help_flag; static char *keytab_str; static char *port_str; +#ifdef SUPPORT_DETACH static int detach_from_console = 0; +#endif static struct getargs args[] = { - { "config-file", 'c', arg_string, &config_file }, - { "realm", 'r', arg_string, &realm }, + { "config-file", 'c', arg_string, &config_file, NULL, NULL }, + { "realm", 'r', arg_string, &realm, NULL, NULL }, { "keytab", 'k', arg_string, &keytab_str, "keytab to get authentication from", "kspec" }, { "time-lost", 0, arg_string, &server_time_lost, "time before server is considered lost", "time" }, { "port", 0, arg_string, &port_str, "port ipropd-slave will connect to", "port"}, - { "detach", 0, arg_flag, &detach_from_console, - "detach from console" }, - { "hostname", 0, arg_string, &slave_str, +#ifdef SUPPORT_DETACH + { "detach", 0, arg_flag, &detach_from_console, + "detach from console", NULL }, +#endif + { "hostname", 0, arg_string, rk_UNCONST(&slave_str), "hostname of slave (if not same as hostname)", "hostname" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } + { "version", 0, arg_flag, &version_flag, NULL, NULL }, + { "help", 0, arg_flag, &help_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); +static void +usage(int status) +{ + arg_printusage(args, num_args, NULL, "master"); + exit(status); +} + int main(int argc, char **argv) { @@ -465,24 +501,36 @@ main(int argc, char **argv) krb5_ccache ccache; krb5_principal server; char **files; - int optidx; + int optidx = 0; + time_t reconnect_min; + time_t backoff; + time_t reconnect_max; + time_t reconnect; + time_t before = 0; const char *master; - - optidx = krb5_program_setup(&context, argc, argv, args, num_args, NULL); - + + setprogname(argv[0]); + + if(getarg(args, num_args, argc, argv, &optidx)) + usage(1); + if(help_flag) - krb5_std_usage(0, args, num_args); + usage(0); if(version_flag) { print_version(NULL); exit(0); } + ret = krb5_init_context(&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + setup_signal(); if (config_file == NULL) { - asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); - if (config_file == NULL) + if (asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)) == -1 + || config_file == NULL) errx(1, "out of memory"); } @@ -499,12 +547,14 @@ main(int argc, char **argv) argv += optidx; if (argc != 1) - krb5_std_usage(1, args, num_args); + usage(1); master = argv[0]; +#ifdef SUPPORT_DETACH if (detach_from_console) daemon(0, 0); +#endif pidfile (NULL); krb5_openlog (context, "ipropd-slave", &log_facility); krb5_set_warn_dest(context, log_facility); @@ -526,7 +576,7 @@ main(int argc, char **argv) KADM5_ADMIN_SERVICE, NULL, KADM5_ADMIN_SERVICE, - &conf, 0, 0, + &conf, 0, 0, &kadm_handle); if (ret) krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); @@ -539,94 +589,160 @@ main(int argc, char **argv) get_creds(context, keytab_str, &ccache, master); - master_fd = connect_to_master (context, master, port_str); - ret = krb5_sname_to_principal (context, master, IPROP_NAME, KRB5_NT_SRV_HST, &server); if (ret) krb5_err (context, 1, ret, "krb5_sname_to_principal"); auth_context = NULL; - ret = krb5_sendauth (context, &auth_context, &master_fd, - IPROP_VERSION, NULL, server, - AP_OPTS_MUTUAL_REQUIRED, NULL, NULL, - ccache, NULL, NULL, NULL); - if (ret) - krb5_err (context, 1, ret, "krb5_sendauth"); + master_fd = -1; - krb5_warnx(context, "ipropd-slave started at version: %ld", - (long)server_context->log_context.version); + krb5_appdefault_time(context, config_name, NULL, "reconnect-min", + 10, &reconnect_min); + krb5_appdefault_time(context, config_name, NULL, "reconnect-max", + 300, &reconnect_max); + krb5_appdefault_time(context, config_name, NULL, "reconnect-backoff", + 10, &backoff); + reconnect = reconnect_min; - ihave (context, auth_context, master_fd, - server_context->log_context.version); + while (!exit_flag) { + time_t now, elapsed; + int connected = FALSE; - while (exit_flag == 0) { - krb5_data out; - krb5_storage *sp; - int32_t tmp; - fd_set readset; - struct timeval to; + now = time(NULL); + elapsed = now - before; - if (master_fd >= FD_SETSIZE) - krb5_errx (context, 1, "fd too large"); - - FD_ZERO(&readset); - FD_SET(master_fd, &readset); - - to.tv_sec = time_before_lost; - to.tv_usec = 0; - - ret = select (master_fd + 1, - &readset, NULL, NULL, &to); - if (ret < 0) { - if (errno == EINTR) - continue; - else - krb5_err (context, 1, errno, "select"); + if (elapsed < reconnect) { + time_t left = reconnect - elapsed; + krb5_warnx(context, "sleeping %d seconds before " + "retrying to connect", (int)left); + sleep(left); } - if (ret == 0) - krb5_errx (context, 1, "server didn't send a message " - "in %d seconds", time_before_lost); + before = now; - ret = krb5_read_priv_message(context, auth_context, &master_fd, &out); + master_fd = connect_to_master (context, master, port_str); + if (master_fd < 0) + goto retry; + reconnect = reconnect_min; + + if (auth_context) { + krb5_auth_con_free(context, auth_context); + auth_context = NULL; + krb5_cc_destroy(context, ccache); + get_creds(context, keytab_str, &ccache, master); + } + ret = krb5_sendauth (context, &auth_context, &master_fd, + IPROP_VERSION, NULL, server, + AP_OPTS_MUTUAL_REQUIRED, NULL, NULL, + ccache, NULL, NULL, NULL); + if (ret) { + krb5_warn (context, ret, "krb5_sendauth"); + goto retry; + } + + krb5_warnx(context, "ipropd-slave started at version: %ld", + (long)server_context->log_context.version); + + ret = ihave (context, auth_context, master_fd, + server_context->log_context.version); if (ret) - krb5_err (context, 1, ret, "krb5_read_priv_message"); + goto retry; + + connected = TRUE; + + while (connected && !exit_flag) { + krb5_data out; + krb5_storage *sp; + int32_t tmp; + fd_set readset; + struct timeval to; + +#ifndef NO_LIMIT_FD_SETSIZE + if (master_fd >= FD_SETSIZE) + krb5_errx (context, 1, "fd too large"); +#endif + + FD_ZERO(&readset); + FD_SET(master_fd, &readset); + + to.tv_sec = time_before_lost; + to.tv_usec = 0; + + ret = select (master_fd + 1, + &readset, NULL, NULL, &to); + if (ret < 0) { + if (errno == EINTR) + continue; + else + krb5_err (context, 1, errno, "select"); + } + if (ret == 0) + krb5_errx (context, 1, "server didn't send a message " + "in %d seconds", time_before_lost); + + ret = krb5_read_priv_message(context, auth_context, &master_fd, &out); + if (ret) { + krb5_warn (context, ret, "krb5_read_priv_message"); + connected = FALSE; + continue; + } + + sp = krb5_storage_from_mem (out.data, out.length); + krb5_ret_int32 (sp, &tmp); + switch (tmp) { + case FOR_YOU : + receive (context, sp, server_context); + ret = ihave (context, auth_context, master_fd, + server_context->log_context.version); + if (ret) + connected = FALSE; + break; + case TELL_YOU_EVERYTHING : + ret = receive_everything (context, master_fd, server_context, + auth_context); + if (ret) + connected = FALSE; + break; + case ARE_YOU_THERE : + send_im_here (context, master_fd, auth_context); + break; + case NOW_YOU_HAVE : + case I_HAVE : + case ONE_PRINC : + case I_AM_HERE : + default : + krb5_warnx (context, "Ignoring command %d", tmp); + break; + } + krb5_storage_free (sp); + krb5_data_free (&out); - sp = krb5_storage_from_mem (out.data, out.length); - krb5_ret_int32 (sp, &tmp); - switch (tmp) { - case FOR_YOU : - receive (context, sp, server_context); - ihave (context, auth_context, master_fd, - server_context->log_context.version); - break; - case TELL_YOU_EVERYTHING : - receive_everything (context, master_fd, server_context, - auth_context); - break; - case ARE_YOU_THERE : - send_im_here (context, master_fd, auth_context); - break; - case NOW_YOU_HAVE : - case I_HAVE : - case ONE_PRINC : - case I_AM_HERE : - default : - krb5_warnx (context, "Ignoring command %d", tmp); - break; } - krb5_storage_free (sp); - krb5_data_free (&out); + retry: + if (connected == FALSE) + krb5_warnx (context, "disconnected for server"); + if (exit_flag) + krb5_warnx (context, "got an exit signal"); + + if (master_fd >= 0) + close(master_fd); + + reconnect += backoff; + if (reconnect > reconnect_max) + reconnect = reconnect_max; } - - if(exit_flag == SIGXCPU) + + if (0); +#ifndef NO_SIGXCPU + else if(exit_flag == SIGXCPU) krb5_warnx(context, "%s CPU time limit exceeded", getprogname()); +#endif else if(exit_flag == SIGINT || exit_flag == SIGTERM) krb5_warnx(context, "%s terminated", getprogname()); else - krb5_warnx(context, "%s unexpected exit reason: %d", - getprogname(), exit_flag); + krb5_warnx(context, "%s unexpected exit reason: %ld", + getprogname(), (long)exit_flag); return 0; } diff --git a/lib/kadm5/kadm5-private.h b/lib/kadm5/kadm5-private.h index 56b2b3252d87..ab8d694dda74 100644 --- a/lib/kadm5/kadm5-private.h +++ b/lib/kadm5/kadm5-private.h @@ -45,19 +45,19 @@ _kadm5_client_send ( kadm5_client_context */*context*/, krb5_storage */*sp*/); -int -_kadm5_cmp_keys ( - Key */*keys1*/, - int /*len1*/, - Key */*keys2*/, - int /*len2*/); - kadm5_ret_t _kadm5_connect (void */*handle*/); kadm5_ret_t _kadm5_error_code (kadm5_ret_t /*code*/); +int +_kadm5_exists_keys ( + Key */*keys1*/, + int /*len1*/, + Key */*keys2*/, + int /*len2*/); + void _kadm5_free_keys ( krb5_context /*context*/, @@ -353,6 +353,12 @@ kadm5_log_set_version ( const char * kadm5_log_signal_socket (krb5_context /*context*/); +kadm5_ret_t +kadm5_log_signal_socket_info ( + krb5_context /*context*/, + int /*server_end*/, + struct addrinfo **/*ret_addrs*/); + kadm5_ret_t kadm5_log_truncate (kadm5_server_context */*server_context*/); diff --git a/lib/kadm5/kadm5-pwcheck.h b/lib/kadm5/kadm5-pwcheck.h index 96f3f1849f28..70cbae51f955 100644 --- a/lib/kadm5/kadm5-pwcheck.h +++ b/lib/kadm5/kadm5-pwcheck.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: kadm5-pwcheck.h 15489 2005-06-17 06:45:52Z lha $ */ +/* $Id$ */ #ifndef KADM5_PWCHECK_H #define KADM5_PWCHECK_H 1 @@ -44,7 +44,7 @@ typedef const char* (*kadm5_passwd_quality_check_func_v0)(krb5_context, krb5_principal, krb5_data*); -/* +/* * The 4th argument, is a tuning parameter for the quality check * function, the lib/caller will providing it for the password quality * module. diff --git a/lib/kadm5/kadm5_err.et b/lib/kadm5/kadm5_err.et index 1ac624a9ef90..ae7847275c55 100644 --- a/lib/kadm5/kadm5_err.et +++ b/lib/kadm5/kadm5_err.et @@ -3,7 +3,7 @@ # # This might look like a com_err file, but is not # -id "$Id: kadm5_err.et 16683 2006-02-02 13:11:47Z lha $" +id "$Id$" error_table ovk kadm5 diff --git a/lib/kadm5/kadm5_locl.h b/lib/kadm5/kadm5_locl.h index c79e6442f1f5..68b6a5ebf024 100644 --- a/lib/kadm5/kadm5_locl.h +++ b/lib/kadm5/kadm5_locl.h @@ -1,44 +1,43 @@ /* - * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: kadm5_locl.h 8579 2000-07-08 11:57:40Z assar $ */ +/* $Id$ */ #ifndef __KADM5_LOCL_H__ #define __KADM5_LOCL_H__ -#ifdef HAVE_CONFIG_H #include -#endif +#include #include #include @@ -78,7 +77,6 @@ #include "kadm5_err.h" #include #include -#include #include #include "private.h" diff --git a/lib/kadm5/kadm5_pwcheck.3 b/lib/kadm5/kadm5_pwcheck.3 index ee045c9e773d..5174d9b9283c 100644 --- a/lib/kadm5/kadm5_pwcheck.3 +++ b/lib/kadm5/kadm5_pwcheck.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: kadm5_pwcheck.3 15237 2005-05-25 13:16:27Z lha $ +.\" $Id$ .\" .Dd February 29, 2004 .Dt KADM5_PWCHECK 3 @@ -77,16 +77,17 @@ library. .Pp There are two versions of the shared object API; the old version (0) is deprecated, but still supported. The new version (1) supports -multiple password quality checking modules in the same shared object. +multiple password quality checking policies in the same shared object. See below for details. .Pp -The password quality checker will run over all tests that are -configured by the user. +The password quality checker will run all policies that are +configured by the user. If any policy rejects the password, the password +will be rejected. .Pp -Module names are of the form -.Ql vendor:test-name -or, if the the test name is unique enough, just -.Ql test-name . +Policy names are of the form +.Ql module-name:policy-name +or, if the the policy name is unique enough, just +.Ql policy-name . .Sh IMPLEMENTING A PASSWORD QUALITY CHECKING SHARED OBJECT (This refers to the version 1 API only.) .Pp @@ -101,10 +102,16 @@ Its .Ft name and .Ft vendor -fields should be contain the obvious information and +fields should contain the obvious information. +.Ft name +must match the +.Ql module-name +portion of the policy name (the part before the colon), if the policy name +contains a colon, or the policy will not be run. .Ft version should be .Dv KADM5_PASSWD_VERSION_V1 . +.Pp .Ft funcs contains an array of .Ft "struct kadm5_pw_policy_check_func" @@ -113,8 +120,14 @@ structures that is terminated with an entry whose component is .Dv NULL . The +.Ft name +field of the array must match the +.Ql policy-name +portion of a policy name (the part after the colon, or the complete policy +name if there is no colon) specified by the user or the policy will not be +run. The .Ft func -Fields of the array elements are functions that are exported by the +fields of the array elements are functions that are exported by the module to be called to check the password. They get the following arguments: the Kerberos context, principal, password, a tuning parameter, and a pointer to a message buffer and its length. The tuning parameter diff --git a/lib/kadm5/kadm5_pwcheck.cat3 b/lib/kadm5/kadm5_pwcheck.cat3 new file mode 100644 index 000000000000..c06434683420 --- /dev/null +++ b/lib/kadm5/kadm5_pwcheck.cat3 @@ -0,0 +1,88 @@ + +KADM5_PWCHECK(3) BSD Library Functions Manual KADM5_PWCHECK(3) + +NNAAMMEE + kkrrbb55__ppwwcchheecckk, kkaaddmm55__sseettuupp__ppaasssswwdd__qquuaalliittyy__cchheecckk, + kkaaddmm55__aadddd__ppaasssswwdd__qquuaalliittyy__vveerriiffiieerr, kkaaddmm55__cchheecckk__ppaasssswwoorrdd__qquuaalliittyy -- Heim- + dal warning and error functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkadm5srv, -lkadm5srv) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + ##iinncclluuddee <> + + _v_o_i_d + kkaaddmm55__sseettuupp__ppaasssswwdd__qquuaalliittyy__cchheecckk(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _c_o_n_s_t _c_h_a_r _*_c_h_e_c_k___l_i_b_r_a_r_y, _c_o_n_s_t _c_h_a_r _*_c_h_e_c_k___f_u_n_c_t_i_o_n); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkaaddmm55__aadddd__ppaasssswwdd__qquuaalliittyy__vveerriiffiieerr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _c_o_n_s_t _c_h_a_r _*_c_h_e_c_k___l_i_b_r_a_r_y); + + _c_o_n_s_t _c_h_a_r _* + kkaaddmm55__cchheecckk__ppaasssswwoorrdd__qquuaalliittyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _k_r_b_5___d_a_t_a _*_p_w_d___d_a_t_a); + + _i_n_t + ((**kkaaddmm55__ppaasssswwdd__qquuaalliittyy__cchheecckk__ffuunncc))(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _k_r_b_5___d_a_t_a _*_p_a_s_s_w_o_r_d, _c_o_n_s_t _c_h_a_r _*_t_u_n_i_n_g, + _c_h_a_r _*_m_e_s_s_a_g_e, _s_i_z_e___t _l_e_n_g_t_h); + +DDEESSCCRRIIPPTTIIOONN + These functions perform the quality check for the heimdal database + library. + + There are two versions of the shared object API; the old version (0) is + deprecated, but still supported. The new version (1) supports multiple + password quality checking policies in the same shared object. See below + for details. + + The password quality checker will run all policies that are configured by + the user. If any policy rejects the password, the password will be + rejected. + + Policy names are of the form `module-name:policy-name' or, if the the + policy name is unique enough, just `policy-name'. + +IIMMPPLLEEMMEENNTTIINNGG AA PPAASSSSWWOORRDD QQUUAALLIITTYY CCHHEECCKKIINNGG SSHHAARREEDD OOBBJJEECCTT + (This refers to the version 1 API only.) + + Module shared objects may conveniently be compiled and linked with + libtool(1). An object needs to export a symbol called + `kadm5_password_verifier' of the type _s_t_r_u_c_t _k_a_d_m_5___p_w___p_o_l_i_c_y___v_e_r_i_f_i_e_r. + + Its _n_a_m_e and _v_e_n_d_o_r fields should contain the obvious information. _n_a_m_e + must match the `module-name' portion of the policy name (the part before + the colon), if the policy name contains a colon, or the policy will not + be run. _v_e_r_s_i_o_n should be KADM5_PASSWD_VERSION_V1. + + _f_u_n_c_s contains an array of _s_t_r_u_c_t _k_a_d_m_5___p_w___p_o_l_i_c_y___c_h_e_c_k___f_u_n_c structures + that is terminated with an entry whose _n_a_m_e component is NULL. The _n_a_m_e + field of the array must match the `policy-name' portion of a policy name + (the part after the colon, or the complete policy name if there is no + colon) specified by the user or the policy will not be run. The _f_u_n_c + fields of the array elements are functions that are exported by the mod- + ule to be called to check the password. They get the following argu- + ments: the Kerberos context, principal, password, a tuning parameter, + and a pointer to a message buffer and its length. The tuning parameter + for the quality check function is currently always NULL. If the password + is acceptable, the function returns zero. Otherwise it returns non-zero + and fills in the message buffer with an appropriate explanation. + +RRUUNNNNIINNGG TTHHEE CCHHEECCKKSS + kkaaddmm55__sseettuupp__ppaasssswwdd__qquuaalliittyy__cchheecckk sets up type 0 checks. It sets up all + type 0 checks defined in krb5.conf(5) if called with the last two argu- + ments null. + + kkaaddmm55__aadddd__ppaasssswwdd__qquuaalliittyy__vveerriiffiieerr sets up type 1 checks. It sets up all + type 1 tests defined in krb5.conf(5) if called with a null second argu- + ment. kkaaddmm55__cchheecckk__ppaasssswwoorrdd__qquuaalliittyy runs the checks in the order in which + they are defined in krb5.conf(5) and the order in which they occur in a + module's _f_u_n_c_s array until one returns non-zero. + +SSEEEE AALLSSOO + libtool(1), krb5(3), krb5.conf(5) + +HEIMDAL February 29, 2004 HEIMDAL diff --git a/lib/kadm5/keys.c b/lib/kadm5/keys.c index 2521fae24385..d46b8db73865 100644 --- a/lib/kadm5/keys.c +++ b/lib/kadm5/keys.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: keys.c 14297 2004-10-11 23:50:25Z lha $"); +RCSID("$Id$"); /* * free all the memory used by (len, keys) @@ -64,37 +64,39 @@ _kadm5_init_keys (Key *keys, int len) } /* - * return 0 iff `keys1, len1' and `keys2, len2' are identical + * return 1 if any key in `keys1, len1' exists in `keys2, len2' */ int -_kadm5_cmp_keys(Key *keys1, int len1, Key *keys2, int len2) +_kadm5_exists_keys(Key *keys1, int len1, Key *keys2, int len2) { - int i; - - if (len1 != len2) - return 1; + int i, j; for (i = 0; i < len1; ++i) { - if ((keys1[i].salt != NULL && keys2[i].salt == NULL) - || (keys1[i].salt == NULL && keys2[i].salt != NULL)) + for (j = 0; j < len2; j++) { + if ((keys1[i].salt != NULL && keys2[j].salt == NULL) + || (keys1[i].salt == NULL && keys2[j].salt != NULL)) + continue; + + if (keys1[i].salt != NULL) { + if (keys1[i].salt->type != keys2[j].salt->type) + continue; + if (keys1[i].salt->salt.length != keys2[j].salt->salt.length) + continue; + if (memcmp (keys1[i].salt->salt.data, keys2[j].salt->salt.data, + keys1[i].salt->salt.length) != 0) + continue; + } + if (keys1[i].key.keytype != keys2[j].key.keytype) + continue; + if (keys1[i].key.keyvalue.length != keys2[j].key.keyvalue.length) + continue; + if (memcmp (keys1[i].key.keyvalue.data, keys2[j].key.keyvalue.data, + keys1[i].key.keyvalue.length) != 0) + continue; + return 1; - if (keys1[i].salt != NULL) { - if (keys1[i].salt->type != keys2[i].salt->type) - return 1; - if (keys1[i].salt->salt.length != keys2[i].salt->salt.length) - return 1; - if (memcmp (keys1[i].salt->salt.data, keys2[i].salt->salt.data, - keys1[i].salt->salt.length) != 0) - return 1; } - if (keys1[i].key.keytype != keys2[i].key.keytype) - return 1; - if (keys1[i].key.keyvalue.length != keys2[i].key.keyvalue.length) - return 1; - if (memcmp (keys1[i].key.keyvalue.data, keys2[i].key.keyvalue.data, - keys1[i].key.keyvalue.length) != 0) - return 1; } return 0; } diff --git a/lib/kadm5/libkadm5srv-exports.def b/lib/kadm5/libkadm5srv-exports.def new file mode 100644 index 000000000000..ad5fa37e9ea2 --- /dev/null +++ b/lib/kadm5/libkadm5srv-exports.def @@ -0,0 +1,61 @@ +EXPORTS +;! kadm5_ad_init_with_password +;! kadm5_ad_init_with_password_ctx + kadm5_add_passwd_quality_verifier + kadm5_check_password_quality + kadm5_chpass_principal + kadm5_chpass_principal_with_key + kadm5_create_principal + kadm5_delete_principal + kadm5_destroy + kadm5_flush + kadm5_free_key_data + kadm5_free_name_list + kadm5_free_principal_ent + kadm5_get_principal + kadm5_get_principals + kadm5_get_privs + kadm5_init_with_creds + kadm5_init_with_creds_ctx + kadm5_init_with_password + kadm5_init_with_password_ctx + kadm5_init_with_skey + kadm5_init_with_skey_ctx + kadm5_modify_principal + kadm5_randkey_principal + kadm5_rename_principal + kadm5_ret_key_data + kadm5_ret_principal_ent + kadm5_ret_principal_ent_mask + kadm5_ret_tl_data + kadm5_setup_passwd_quality_check + kadm5_store_key_data + kadm5_store_principal_ent + kadm5_store_principal_ent_mask + kadm5_store_tl_data + kadm5_s_init_with_password_ctx + kadm5_s_init_with_password + kadm5_s_init_with_skey_ctx + kadm5_s_init_with_skey + kadm5_s_init_with_creds_ctx + kadm5_s_init_with_creds + kadm5_s_chpass_principal_cond + kadm5_log_set_version +;! kadm5_log_signal_socket + kadm5_log_signal_socket_info ;! + kadm5_log_previous + kadm5_log_goto_end + kadm5_log_foreach + kadm5_log_get_version_fd + kadm5_log_get_version + kadm5_log_replay + kadm5_log_end + kadm5_log_reinit + kadm5_log_init + kadm5_log_nop + kadm5_log_truncate + kadm5_log_modify + _kadm5_acl_check_permission + _kadm5_unmarshal_params + _kadm5_s_get_db + _kadm5_privs_to_string diff --git a/lib/kadm5/libkadm5srv-version.rc b/lib/kadm5/libkadm5srv-version.rc new file mode 100644 index 000000000000..065c18f9598b --- /dev/null +++ b/lib/kadm5/libkadm5srv-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_DLL +#define RC_FILE_DESC_0409 "Heimdal Kerberos v5 Administration Library" +#define RC_FILE_ORIG_0409 "libkadm5srv.dll" + +#include "../../windows/version.rc" diff --git a/lib/kadm5/log.c b/lib/kadm5/log.c index 5c4aaefe707c..05b84b1e07cc 100644 --- a/lib/kadm5/log.c +++ b/lib/kadm5/log.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" #include "heim_threads.h" -RCSID("$Id: log.c 22211 2007-12-07 19:27:27Z lha $"); +RCSID("$Id$"); /* * A log record consists of: @@ -99,13 +99,15 @@ kadm5_log_init (kadm5_server_context *context) return 0; fd = open (log_context->log_file, O_RDWR | O_CREAT, 0600); if (fd < 0) { - krb5_set_error_string(context->context, "kadm5_log_init: open %s", + ret = errno; + krb5_set_error_message(context->context, ret, "kadm5_log_init: open %s", log_context->log_file); - return errno; + return ret; } if (flock (fd, LOCK_EX) < 0) { - krb5_set_error_string(context->context, "kadm5_log_init: flock %s", - log_context->log_file); + ret = errno; + krb5_set_error_message(context->context, ret, "kadm5_log_init: flock %s", + log_context->log_file); close (fd); return errno; } @@ -191,12 +193,12 @@ kadm5_log_flush (kadm5_log_context *log_context, { krb5_data data; size_t len; - int ret; + ssize_t ret; krb5_storage_to_data(sp, &data); len = data.length; ret = write (log_context->log_fd, data.data, len); - if (ret != len) { + if (ret < 0 || (size_t)ret != len) { krb5_data_free(&data); return errno; } @@ -204,15 +206,25 @@ kadm5_log_flush (kadm5_log_context *log_context, krb5_data_free(&data); return errno; } + /* * Try to send a signal to any running `ipropd-master' */ +#ifndef NO_UNIX_SOCKETS sendto (log_context->socket_fd, (void *)&log_context->version, sizeof(log_context->version), 0, (struct sockaddr *)&log_context->socket_name, sizeof(log_context->socket_name)); +#else + sendto (log_context->socket_fd, + (void *)&log_context->version, + sizeof(log_context->version), + 0, + log_context->socket_info->ai_addr, + log_context->socket_info->ai_addrlen); +#endif krb5_data_free(&data); return 0; @@ -279,15 +291,15 @@ kadm5_log_replay_create (kadm5_server_context *context, ret = krb5_data_alloc (&data, len); if (ret) { - krb5_set_error_string(context->context, "out of memory"); + krb5_set_error_message(context->context, ret, "out of memory"); return ret; } krb5_storage_read (sp, data.data, len); ret = hdb_value2entry (context->context, &data, &ent.entry); krb5_data_free(&data); if (ret) { - krb5_set_error_string(context->context, - "Unmarshaling hdb entry failed"); + krb5_set_error_message(context->context, ret, + "Unmarshaling hdb entry failed"); return ret; } ret = context->db->hdb_store(context->context, context->db, 0, &ent); @@ -358,8 +370,8 @@ kadm5_log_replay_delete (kadm5_server_context *context, ret = krb5_ret_principal (sp, &principal); if (ret) { - krb5_set_error_string(context->context, "Failed to read deleted " - "principal from log version: %ld", (long)ver); + krb5_set_error_message(context->context, ret, "Failed to read deleted " + "principal from log version: %ld", (long)ver); return ret; } @@ -456,8 +468,8 @@ kadm5_log_replay_rename (kadm5_server_context *context, off = krb5_storage_seek(sp, 0, SEEK_CUR); ret = krb5_ret_principal (sp, &source); if (ret) { - krb5_set_error_string(context->context, "Failed to read renamed " - "principal in log, version: %ld", (long)ver); + krb5_set_error_message(context->context, ret, "Failed to read renamed " + "principal in log, version: %ld", (long)ver); return ret; } princ_len = krb5_storage_seek(sp, 0, SEEK_CUR) - off; @@ -474,7 +486,7 @@ kadm5_log_replay_rename (kadm5_server_context *context, krb5_free_principal (context->context, source); return ret; } - ret = context->db->hdb_store (context->context, context->db, + ret = context->db->hdb_store (context->context, context->db, 0, &target_ent); hdb_free_entry (context->context, &target_ent); if (ret) { @@ -561,7 +573,7 @@ kadm5_log_replay_modify (kadm5_server_context *context, len -= 4; ret = krb5_data_alloc (&value, len); if (ret) { - krb5_set_error_string(context->context, "out of memory"); + krb5_set_error_message(context->context, ret, "out of memory"); return ret; } krb5_storage_read (sp, value.data, len); @@ -571,9 +583,9 @@ kadm5_log_replay_modify (kadm5_server_context *context, return ret; memset(&ent, 0, sizeof(ent)); - ret = context->db->hdb_fetch(context->context, context->db, - log_ent.entry.principal, - HDB_F_DECRYPT|HDB_F_GET_ANY, &ent); + ret = context->db->hdb_fetch_kvno(context->context, context->db, + log_ent.entry.principal, + HDB_F_DECRYPT|HDB_F_GET_ANY|HDB_F_ADMIN_DATA, 0, &ent); if (ret) goto out; if (mask & KADM5_PRINC_EXPIRE_TIME) { @@ -583,8 +595,8 @@ kadm5_log_replay_modify (kadm5_server_context *context, if (ent.entry.valid_end == NULL) { ent.entry.valid_end = malloc(sizeof(*ent.entry.valid_end)); if (ent.entry.valid_end == NULL) { - krb5_set_error_string(context->context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context->context, ret, "out of memory"); goto out; } } @@ -598,8 +610,8 @@ kadm5_log_replay_modify (kadm5_server_context *context, if (ent.entry.pw_end == NULL) { ent.entry.pw_end = malloc(sizeof(*ent.entry.pw_end)); if (ent.entry.pw_end == NULL) { - krb5_set_error_string(context->context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context->context, ret, "out of memory"); goto out; } } @@ -619,8 +631,8 @@ kadm5_log_replay_modify (kadm5_server_context *context, if (ent.entry.max_life == NULL) { ent.entry.max_life = malloc (sizeof(*ent.entry.max_life)); if (ent.entry.max_life == NULL) { - krb5_set_error_string(context->context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context->context, ret, "out of memory"); goto out; } } @@ -631,15 +643,15 @@ kadm5_log_replay_modify (kadm5_server_context *context, if (ent.entry.modified_by == NULL) { ent.entry.modified_by = malloc(sizeof(*ent.entry.modified_by)); if (ent.entry.modified_by == NULL) { - krb5_set_error_string(context->context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context->context, ret, "out of memory"); goto out; } } else free_Event(ent.entry.modified_by); ret = copy_Event(log_ent.entry.modified_by, ent.entry.modified_by); if (ret) { - krb5_set_error_string(context->context, "out of memory"); + krb5_set_error_message(context->context, ret, "out of memory"); goto out; } } @@ -665,8 +677,8 @@ kadm5_log_replay_modify (kadm5_server_context *context, if (ent.entry.max_renew == NULL) { ent.entry.max_renew = malloc (sizeof(*ent.entry.max_renew)); if (ent.entry.max_renew == NULL) { - krb5_set_error_string(context->context, "out of memory"); ret = ENOMEM; + krb5_set_error_message(context->context, ret, "out of memory"); goto out; } } @@ -684,7 +696,7 @@ kadm5_log_replay_modify (kadm5_server_context *context, } if (mask & KADM5_KEY_DATA) { size_t num; - int i; + size_t i; for (i = 0; i < ent.entry.keys.len; ++i) free_Key(&ent.entry.keys.val[i]); @@ -695,14 +707,14 @@ kadm5_log_replay_modify (kadm5_server_context *context, ent.entry.keys.len = num; ent.entry.keys.val = malloc(len * sizeof(*ent.entry.keys.val)); if (ent.entry.keys.val == NULL) { - krb5_set_error_string(context->context, "out of memory"); + krb5_set_error_message(context->context, ENOMEM, "out of memory"); return ENOMEM; } for (i = 0; i < ent.entry.keys.len; ++i) { ret = copy_Key(&log_ent.entry.keys.val[i], &ent.entry.keys.val[i]); if (ret) { - krb5_set_error_string(context->context, "out of memory"); + krb5_set_error_message(context->context, ret, "out of memory"); goto out; } } @@ -717,7 +729,7 @@ kadm5_log_replay_modify (kadm5_server_context *context, ret = copy_HDB_extensions(log_ent.entry.extensions, ent.entry.extensions); if (ret) { - krb5_set_error_string(context->context, "out of memory"); + krb5_set_error_message(context->context, ret, "out of memory"); free(ent.entry.extensions); ent.entry.extensions = es; goto out; @@ -727,7 +739,7 @@ kadm5_log_replay_modify (kadm5_server_context *context, free(es); } } - ret = context->db->hdb_store(context->context, context->db, + ret = context->db->hdb_store(context->context, context->db, HDB_F_REPLACE, &ent); out: hdb_free_entry (context->context, &ent); @@ -834,9 +846,9 @@ kadm5_log_goto_end (int fd) /* * Return previous log entry. - * - * The pointer in `sp´ is assumed to be at the top of the entry before - * previous entry. On success, the `sp´ pointer is set to data portion + * + * The pointer in `sp´ is assumed to be at the top of the entry before + * previous entry. On success, the `sp´ pointer is set to data portion * of previous entry. In case of error, it's not changed at all. */ @@ -860,16 +872,22 @@ kadm5_log_previous (krb5_context context, goto end_of_storage; *len = tmp; ret = krb5_ret_int32 (sp, &tmp); + if (ret) + goto end_of_storage; *ver = tmp; off = 24 + *len; krb5_storage_seek(sp, -off, SEEK_CUR); ret = krb5_ret_int32 (sp, &tmp); if (ret) goto end_of_storage; - if (tmp != *ver) { + if ((uint32_t)tmp != *ver) { krb5_storage_seek(sp, oldoff, SEEK_SET); - krb5_set_error_string(context, "kadm5_log_previous: log entry " - "have consistency failure, version number wrong"); + krb5_set_error_message(context, KADM5_BAD_DB, + "kadm5_log_previous: log entry " + "have consistency failure, version number wrong " + "(tmp %lu ver %lu)", + (unsigned long)tmp, + (unsigned long)*ver); return KADM5_BAD_DB; } ret = krb5_ret_int32 (sp, &tmp); @@ -877,22 +895,25 @@ kadm5_log_previous (krb5_context context, goto end_of_storage; *timestamp = tmp; ret = krb5_ret_int32 (sp, &tmp); + if (ret) + goto end_of_storage; *op = tmp; ret = krb5_ret_int32 (sp, &tmp); if (ret) goto end_of_storage; - if (tmp != *len) { + if ((uint32_t)tmp != *len) { krb5_storage_seek(sp, oldoff, SEEK_SET); - krb5_set_error_string(context, "kadm5_log_previous: log entry " - "have consistency failure, length wrong"); + krb5_set_error_message(context, KADM5_BAD_DB, + "kadm5_log_previous: log entry " + "have consistency failure, length wrong"); return KADM5_BAD_DB; } return 0; end_of_storage: krb5_storage_seek(sp, oldoff, SEEK_SET); - krb5_set_error_string(context, "kadm5_log_previous: end of storage " - "reached before end"); + krb5_set_error_message(context, ret, "kadm5_log_previous: end of storage " + "reached before end"); return ret; } @@ -919,8 +940,8 @@ kadm5_log_replay (kadm5_server_context *context, case kadm_nop : return kadm5_log_replay_nop (context, ver, len, sp); default : - krb5_set_error_string(context->context, - "Unsupported replay op %d", (int)op); + krb5_set_error_message(context->context, KADM5_FAILURE, + "Unsupported replay op %d", (int)op); return KADM5_FAILURE; } } @@ -962,6 +983,8 @@ kadm5_log_truncate (kadm5_server_context *server_context) } +#ifndef NO_UNIX_SOCKETS + static char *default_signal = NULL; static HEIMDAL_MUTEX signal_mutex = HEIMDAL_MUTEX_INITIALIZER; @@ -980,3 +1003,55 @@ kadm5_log_signal_socket(krb5_context context) "signal_socket", NULL); } + +#else /* NO_UNIX_SOCKETS */ + +#define SIGNAL_SOCKET_HOST "127.0.0.1" +#define SIGNAL_SOCKET_PORT "12701" + +kadm5_ret_t +kadm5_log_signal_socket_info(krb5_context context, + int server_end, + struct addrinfo **ret_addrs) +{ + struct addrinfo hints; + struct addrinfo *addrs = NULL; + kadm5_ret_t ret = KADM5_FAILURE; + int wsret; + + memset(&hints, 0, sizeof(hints)); + + hints.ai_flags = AI_NUMERICHOST; + if (server_end) + hints.ai_flags |= AI_PASSIVE; + hints.ai_family = AF_INET; + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_TCP; + + wsret = getaddrinfo(SIGNAL_SOCKET_HOST, + SIGNAL_SOCKET_PORT, + &hints, &addrs); + + if (wsret != 0) { + krb5_set_error_message(context, KADM5_FAILURE, + "%s", gai_strerror(wsret)); + goto done; + } + + if (addrs == NULL) { + krb5_set_error_message(context, KADM5_FAILURE, + "getaddrinfo() failed to return address list"); + goto done; + } + + *ret_addrs = addrs; + addrs = NULL; + ret = 0; + + done: + if (addrs) + freeaddrinfo(addrs); + return ret; +} + +#endif diff --git a/lib/kadm5/marshall.c b/lib/kadm5/marshall.c index 05ca33ffaa0d..65804afbf92b 100644 --- a/lib/kadm5/marshall.c +++ b/lib/kadm5/marshall.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: marshall.c 21745 2007-07-31 16:11:25Z lha $"); +RCSID("$Id$"); kadm5_ret_t kadm5_store_key_data(krb5_storage *sp, @@ -189,7 +189,7 @@ ret_principal_ent(krb5_storage *sp, if (mask & KADM5_PRINCIPAL) krb5_ret_principal(sp, &princ->principal); - + if (mask & KADM5_PRINC_EXPIRE_TIME) { krb5_ret_int32(sp, &tmp); princ->princ_expire_time = tmp; @@ -260,7 +260,7 @@ ret_principal_ent(krb5_storage *sp, krb5_ret_int32(sp, &tmp); princ->n_key_data = tmp; princ->key_data = malloc(princ->n_key_data * sizeof(*princ->key_data)); - if (princ->key_data == NULL) + if (princ->key_data == NULL && princ->n_key_data != 0) return ENOMEM; for(i = 0; i < princ->n_key_data; i++) kadm5_ret_key_data(sp, &princ->key_data[i]); @@ -301,14 +301,14 @@ kadm5_ret_principal_ent_mask(krb5_storage *sp, } kadm5_ret_t -_kadm5_marshal_params(krb5_context context, - kadm5_config_params *params, +_kadm5_marshal_params(krb5_context context, + kadm5_config_params *params, krb5_data *out) { krb5_storage *sp = krb5_storage_emem(); - + krb5_store_int32(sp, params->mask & (KADM5_CONFIG_REALM)); - + if(params->mask & KADM5_CONFIG_REALM) krb5_store_string(sp, params->realm); krb5_storage_to_data(sp, out); @@ -322,15 +322,23 @@ _kadm5_unmarshal_params(krb5_context context, krb5_data *in, kadm5_config_params *params) { - krb5_storage *sp = krb5_storage_from_data(in); + krb5_error_code ret; + krb5_storage *sp; int32_t mask; - - krb5_ret_int32(sp, &mask); + + sp = krb5_storage_from_data(in); + if (sp == NULL) + return ENOMEM; + + ret = krb5_ret_int32(sp, &mask); + if (ret) + goto out; params->mask = mask; - + if(params->mask & KADM5_CONFIG_REALM) - krb5_ret_string(sp, ¶ms->realm); + ret = krb5_ret_string(sp, ¶ms->realm); + out: krb5_storage_free(sp); - return 0; + return ret; } diff --git a/lib/kadm5/modify_c.c b/lib/kadm5/modify_c.c index ed399b3ce8de..dd96ae2742c4 100644 --- a/lib/kadm5/modify_c.c +++ b/lib/kadm5/modify_c.c @@ -1,43 +1,43 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: modify_c.c 17445 2006-05-05 10:37:46Z lha $"); +RCSID("$Id$"); kadm5_ret_t kadm5_c_modify_principal(void *server_handle, - kadm5_principal_ent_t princ, + kadm5_principal_ent_t princ, uint32_t mask) { kadm5_client_context *context = server_handle; @@ -53,7 +53,7 @@ kadm5_c_modify_principal(void *server_handle, sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); return ENOMEM; } krb5_store_int32(sp, kadm_modify); @@ -68,12 +68,12 @@ kadm5_c_modify_principal(void *server_handle, return ret; sp = krb5_storage_from_data (&reply); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_data_free (&reply); return ENOMEM; } krb5_ret_int32(sp, &tmp); - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_storage_free(sp); krb5_data_free (&reply); return tmp; diff --git a/lib/kadm5/modify_s.c b/lib/kadm5/modify_s.c index 449f6195cca8..7907995ec3b8 100644 --- a/lib/kadm5/modify_s.c +++ b/lib/kadm5/modify_s.c @@ -1,43 +1,43 @@ /* - * Copyright (c) 1997-2001, 2003, 2005-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2001, 2003, 2005-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: modify_s.c 20610 2007-05-08 07:12:37Z lha $"); +RCSID("$Id$"); static kadm5_ret_t modify_principal(void *server_handle, - kadm5_principal_ent_t princ, + kadm5_principal_ent_t princ, uint32_t mask, uint32_t forbidden_mask) { @@ -48,13 +48,13 @@ modify_principal(void *server_handle, return KADM5_BAD_MASK; if((mask & KADM5_POLICY) && strcmp(princ->policy, "default")) return KADM5_UNK_POLICY; - + memset(&ent, 0, sizeof(ent)); ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) return ret; - ret = context->db->hdb_fetch(context->context, context->db, - princ->principal, HDB_F_GET_ANY, &ent); + ret = context->db->hdb_fetch_kvno(context->context, context->db, + princ->principal, HDB_F_GET_ANY|HDB_F_ADMIN_DATA, 0, &ent); if(ret) goto out; ret = _kadm5_setup_entry(context, &ent, mask, princ, mask, NULL, 0); @@ -68,7 +68,7 @@ modify_principal(void *server_handle, if (ret) goto out2; - ret = context->db->hdb_store(context->context, context->db, + ret = context->db->hdb_store(context->context, context->db, HDB_F_REPLACE, &ent); if (ret) goto out2; @@ -87,12 +87,12 @@ modify_principal(void *server_handle, kadm5_ret_t kadm5_s_modify_principal(void *server_handle, - kadm5_principal_ent_t princ, + kadm5_principal_ent_t princ, uint32_t mask) { - return modify_principal(server_handle, princ, mask, - KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME - | KADM5_MOD_NAME | KADM5_MKVNO + return modify_principal(server_handle, princ, mask, + KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME + | KADM5_MOD_NAME | KADM5_MKVNO | KADM5_AUX_ATTRIBUTES | KADM5_LAST_SUCCESS | KADM5_LAST_FAILED); } diff --git a/lib/kadm5/password_quality.c b/lib/kadm5/password_quality.c index 2610ce878490..a6f0b3ef67ee 100644 --- a/lib/kadm5/password_quality.c +++ b/lib/kadm5/password_quality.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 1997-2000, 2003-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2000, 2003-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" #include "kadm5-pwcheck.h" -RCSID("$Id: password_quality.c 17595 2006-05-30 21:51:55Z lha $"); +RCSID("$Id$"); #ifdef HAVE_SYS_WAIT_H #include @@ -95,8 +95,8 @@ char_class_passwd_quality (krb5_context context, "1234567890", "!@#$%^&*()/?<>,.{[]}\\|'~`\" " }; - int i, counter = 0, req_classes; - size_t len; + int counter = 0, req_classes; + size_t i, len; char *pw; req_classes = krb5_config_get_int_default(context, NULL, 3, @@ -148,7 +148,7 @@ external_passwd_quality (krb5_context context, char reply[1024]; FILE *in = NULL, *out = NULL, *error = NULL; - if (memchr(pwd->data, pwd->length, '\n') != NULL) { + if (memchr(pwd->data, '\n', pwd->length) != NULL) { snprintf(message, length, "password contains newline, " "not valid for external test"); return 1; @@ -170,7 +170,7 @@ external_passwd_quality (krb5_context context, return 1; } - child = pipe_execv(&in, &out, &error, program, p, NULL); + child = pipe_execv(&in, &out, &error, program, program, p, NULL); if (child < 0) { snprintf(message, length, "external password quality " "program failed to execute for principal %s", p); @@ -182,7 +182,7 @@ external_passwd_quality (krb5_context context, "new-password: %.*s\n" "end\n", p, (int)pwd->length, (char *)pwd->data); - + fclose(in); if (fgets(reply, sizeof(reply), out) == NULL) { @@ -199,7 +199,7 @@ external_passwd_quality (krb5_context context, fclose(out); fclose(error); - waitpid(child, &status, 0); + wait_for_process(child); return 1; } reply[strcspn(reply, "\n")] = '\0'; @@ -207,12 +207,9 @@ external_passwd_quality (krb5_context context, fclose(out); fclose(error); - if (waitpid(child, &status, 0) < 0) { - snprintf(message, length, "external program failed: %s", reply); - free(p); - return 1; - } - if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) { + status = wait_for_process(child); + + if (SE_IS_ERROR(status) || SE_PROCSTATUS(status) != 0) { snprintf(message, length, "external program failed: %s", reply); free(p); return 1; @@ -230,18 +227,18 @@ external_passwd_quality (krb5_context context, } -static kadm5_passwd_quality_check_func_v0 passwd_quality_check = +static kadm5_passwd_quality_check_func_v0 passwd_quality_check = min_length_passwd_quality_v0; struct kadm5_pw_policy_check_func builtin_funcs[] = { { "minimum-length", min_length_passwd_quality }, { "character-class", char_class_passwd_quality }, { "external-check", external_passwd_quality }, - { NULL } + { NULL, NULL } }; struct kadm5_pw_policy_verifier builtin_verifier = { - "builtin", - KADM5_PASSWD_VERSION_V1, + "builtin", + KADM5_PASSWD_VERSION_V1, "Heimdal builtin", builtin_funcs }; @@ -269,17 +266,17 @@ kadm5_setup_passwd_quality_check(krb5_context context, const char *tmp; if(check_library == NULL) { - tmp = krb5_config_get_string(context, NULL, - "password_quality", - "check_library", + tmp = krb5_config_get_string(context, NULL, + "password_quality", + "check_library", NULL); if(tmp != NULL) check_library = tmp; } if(check_function == NULL) { - tmp = krb5_config_get_string(context, NULL, - "password_quality", - "check_function", + tmp = krb5_config_get_string(context, NULL, + "password_quality", + "check_function", NULL); if(tmp != NULL) check_function = tmp; @@ -294,7 +291,7 @@ kadm5_setup_passwd_quality_check(krb5_context context, krb5_warnx(context, "failed to open `%s'", check_library); return; } - version = dlsym(handle, "version"); + version = (int *) dlsym(handle, "version"); if(version == NULL) { krb5_warnx(context, "didn't find `version' symbol in `%s'", check_library); @@ -310,8 +307,8 @@ kadm5_setup_passwd_quality_check(krb5_context context, } sym = dlsym(handle, check_function); if(sym == NULL) { - krb5_warnx(context, - "didn't find `%s' symbol in `%s'", + krb5_warnx(context, + "didn't find `%s' symbol in `%s'", check_function, check_library); dlclose(handle); return; @@ -334,7 +331,7 @@ add_verifier(krb5_context context, const char *check_library) krb5_warnx(context, "failed to open `%s'", check_library); return ENOENT; } - v = dlsym(handle, "kadm5_password_verifier"); + v = (struct kadm5_pw_policy_verifier *) dlsym(handle, "kadm5_password_verifier"); if(v == NULL) { krb5_warnx(context, "didn't find `kadm5_password_verifier' symbol " @@ -385,21 +382,23 @@ kadm5_add_passwd_quality_verifier(krb5_context context, krb5_error_code ret; char **tmp; - tmp = krb5_config_get_strings(context, NULL, - "password_quality", - "policy_libraries", + tmp = krb5_config_get_strings(context, NULL, + "password_quality", + "policy_libraries", NULL); - if(tmp == NULL) + if(tmp == NULL || *tmp == NULL) return 0; - while(tmp) { + while (*tmp) { ret = add_verifier(context, *tmp); if (ret) return ret; tmp++; } + return 0; + } else { + return add_verifier(context, check_library); } - return add_verifier(context, check_library); #else return 0; #endif /* HAVE_DLOPEN */ @@ -419,10 +418,12 @@ find_func(krb5_context context, const char *name) p = strchr(name, ':'); if (p) { + size_t len = p - name + 1; func = p + 1; - module = strndup(name, p - name); + module = malloc(len); if (module == NULL) return NULL; + strlcpy(module, name, len); } else func = name; @@ -431,7 +432,7 @@ find_func(krb5_context context, const char *name) if (module && strcmp(module, verifiers[i]->name) != 0) continue; for (f = verifiers[i]->funcs; f->name ; f++) - if (strcmp(name, f->name) == 0) { + if (strcmp(func, f->name) == 0) { if (module) free(module); return f; @@ -466,13 +467,13 @@ kadm5_check_password_quality (krb5_context context, * Check if we should use the old version of policy function. */ - v = krb5_config_get_strings(context, NULL, - "password_quality", - "policies", + v = krb5_config_get_strings(context, NULL, + "password_quality", + "policies", NULL); if (v == NULL) { msg = (*passwd_quality_check) (context, principal, pwd_data); - krb5_set_error_string(context, "password policy failed: %s", msg); + krb5_set_error_message(context, 0, "password policy failed: %s", msg); return msg; } @@ -483,16 +484,16 @@ kadm5_check_password_quality (krb5_context context, proc = find_func(context, *vp); if (proc == NULL) { msg = "failed to find password verifier function"; - krb5_set_error_string(context, "Failed to find password policy " - "function: %s", *vp); + krb5_set_error_message(context, 0, "Failed to find password policy " + "function: %s", *vp); break; } ret = (proc->func)(context, principal, pwd_data, NULL, error_msg, sizeof(error_msg)); if (ret) { - krb5_set_error_string(context, "Password policy " - "%s failed with %s", - proc->name, error_msg); + krb5_set_error_message(context, 0, "Password policy " + "%s failed with %s", + proc->name, error_msg); msg = error_msg; break; } @@ -504,9 +505,9 @@ kadm5_check_password_quality (krb5_context context, if (msg == NULL && passwd_quality_check != min_length_passwd_quality_v0) { msg = (*passwd_quality_check) (context, principal, pwd_data); if (msg) - krb5_set_error_string(context, "(old) password policy " - "failed with %s", msg); - + krb5_set_error_message(context, 0, "(old) password policy " + "failed with %s", msg); + } return msg; } diff --git a/lib/kadm5/private.h b/lib/kadm5/private.h index d5e1380752a3..7c5b27f17691 100644 --- a/lib/kadm5/private.h +++ b/lib/kadm5/private.h @@ -1,54 +1,54 @@ /* - * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: private.h 22211 2007-12-07 19:27:27Z lha $ */ +/* $Id$ */ #ifndef __kadm5_privatex_h__ #define __kadm5_privatex_h__ struct kadm_func { kadm5_ret_t (*chpass_principal) (void *, krb5_principal, const char*); - kadm5_ret_t (*create_principal) (void*, kadm5_principal_ent_t, + kadm5_ret_t (*create_principal) (void*, kadm5_principal_ent_t, uint32_t, const char*); kadm5_ret_t (*delete_principal) (void*, krb5_principal); kadm5_ret_t (*destroy) (void*); kadm5_ret_t (*flush) (void*); - kadm5_ret_t (*get_principal) (void*, krb5_principal, + kadm5_ret_t (*get_principal) (void*, krb5_principal, kadm5_principal_ent_t, uint32_t); kadm5_ret_t (*get_principals) (void*, const char*, char***, int*); kadm5_ret_t (*get_privs) (void*, uint32_t*); kadm5_ret_t (*modify_principal) (void*, kadm5_principal_ent_t, uint32_t); - kadm5_ret_t (*randkey_principal) (void*, krb5_principal, + kadm5_ret_t (*randkey_principal) (void*, krb5_principal, krb5_keyblock**, int*); kadm5_ret_t (*rename_principal) (void*, krb5_principal, krb5_principal); kadm5_ret_t (*chpass_principal_with_key) (void *, krb5_principal, @@ -74,8 +74,12 @@ typedef struct kadm5_log_context { char *log_file; int log_fd; uint32_t version; +#ifndef NO_UNIX_SOCKETS struct sockaddr_un socket_name; - int socket_fd; +#else + struct addrinfo *socket_info; +#endif + krb5_socket_t socket_fd; } kadm5_log_context; typedef struct kadm5_server_context { diff --git a/lib/kadm5/privs_c.c b/lib/kadm5/privs_c.c index 58e6824dc11a..60facf68e5ed 100644 --- a/lib/kadm5/privs_c.c +++ b/lib/kadm5/privs_c.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: privs_c.c 17512 2006-05-08 13:43:17Z lha $"); +RCSID("$Id$"); kadm5_ret_t kadm5_c_get_privs(void *server_handle, uint32_t *privs) @@ -53,7 +53,7 @@ kadm5_c_get_privs(void *server_handle, uint32_t *privs) sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); return ENOMEM; } krb5_store_int32(sp, kadm_get_privs); @@ -66,12 +66,12 @@ kadm5_c_get_privs(void *server_handle, uint32_t *privs) return ret; sp = krb5_storage_from_data(&reply); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_data_free (&reply); return ENOMEM; } krb5_ret_int32(sp, &tmp); - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); ret = tmp; if(ret == 0){ krb5_ret_uint32(sp, privs); diff --git a/lib/kadm5/privs_s.c b/lib/kadm5/privs_s.c index 9c345e3c0f08..bfe298d2f73c 100644 --- a/lib/kadm5/privs_s.c +++ b/lib/kadm5/privs_s.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: privs_s.c 17445 2006-05-05 10:37:46Z lha $"); +RCSID("$Id$"); kadm5_ret_t kadm5_s_get_privs(void *server_handle, uint32_t *privs) diff --git a/lib/kadm5/randkey_c.c b/lib/kadm5/randkey_c.c index 60a3f53e1131..bfa12084f7e2 100644 --- a/lib/kadm5/randkey_c.c +++ b/lib/kadm5/randkey_c.c @@ -1,44 +1,44 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: randkey_c.c 16662 2006-01-25 12:53:09Z lha $"); +RCSID("$Id$"); kadm5_ret_t -kadm5_c_randkey_principal(void *server_handle, +kadm5_c_randkey_principal(void *server_handle, krb5_principal princ, - krb5_keyblock **new_keys, + krb5_keyblock **new_keys, int *n_keys) { kadm5_client_context *context = server_handle; @@ -54,7 +54,7 @@ kadm5_c_randkey_principal(void *server_handle, sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); return ENOMEM; } krb5_store_int32(sp, kadm_randkey); @@ -68,11 +68,11 @@ kadm5_c_randkey_principal(void *server_handle, return ret; sp = krb5_storage_from_data(&reply); if (sp == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_data_free (&reply); return ENOMEM; } - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_ret_int32(sp, &tmp); ret = tmp; if(ret == 0){ diff --git a/lib/kadm5/randkey_s.c b/lib/kadm5/randkey_s.c index cb0f0fab24bd..dcb179aac40f 100644 --- a/lib/kadm5/randkey_s.c +++ b/lib/kadm5/randkey_s.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997-2001, 2003-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2001, 2003-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: randkey_s.c 20611 2007-05-08 07:13:07Z lha $"); +RCSID("$Id$"); /* * Set the keys of `princ' to random values, returning the random keys @@ -41,9 +41,9 @@ RCSID("$Id: randkey_s.c 20611 2007-05-08 07:13:07Z lha $"); */ kadm5_ret_t -kadm5_s_randkey_principal(void *server_handle, +kadm5_s_randkey_principal(void *server_handle, krb5_principal princ, - krb5_keyblock **new_keys, + krb5_keyblock **new_keys, int *n_keys) { kadm5_server_context *context = server_handle; @@ -54,8 +54,8 @@ kadm5_s_randkey_principal(void *server_handle, ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) return ret; - ret = context->db->hdb_fetch(context->context, context->db, princ, - HDB_F_GET_ANY, &ent); + ret = context->db->hdb_fetch_kvno(context->context, context->db, princ, + HDB_F_GET_ANY|HDB_F_ADMIN_DATA, 0, &ent); if(ret) goto out; @@ -78,7 +78,7 @@ kadm5_s_randkey_principal(void *server_handle, if (ret) goto out2; - ret = context->db->hdb_store(context->context, context->db, + ret = context->db->hdb_store(context->context, context->db, HDB_F_REPLACE, &ent); if (ret) goto out2; diff --git a/lib/kadm5/rename_c.c b/lib/kadm5/rename_c.c index cec2fd3d48dd..25fcea2f16cc 100644 --- a/lib/kadm5/rename_c.c +++ b/lib/kadm5/rename_c.c @@ -1,42 +1,42 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: rename_c.c 8655 2000-07-11 16:00:19Z joda $"); +RCSID("$Id$"); kadm5_ret_t -kadm5_c_rename_principal(void *server_handle, +kadm5_c_rename_principal(void *server_handle, krb5_principal source, krb5_principal target) { diff --git a/lib/kadm5/rename_s.c b/lib/kadm5/rename_s.c index 2a19426a8b56..08351290c9a6 100644 --- a/lib/kadm5/rename_s.c +++ b/lib/kadm5/rename_s.c @@ -1,42 +1,42 @@ /* - * Copyright (c) 1997 - 2001, 2003, 2005 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001, 2003, 2005 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: rename_s.c 21745 2007-07-31 16:11:25Z lha $"); +RCSID("$Id$"); kadm5_ret_t -kadm5_s_rename_principal(void *server_handle, +kadm5_s_rename_principal(void *server_handle, krb5_principal source, krb5_principal target) { @@ -51,8 +51,8 @@ kadm5_s_rename_principal(void *server_handle, ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) return ret; - ret = context->db->hdb_fetch(context->context, context->db, - source, HDB_F_GET_ANY, &ent); + ret = context->db->hdb_fetch_kvno(context->context, context->db, + source, HDB_F_GET_ANY|HDB_F_ADMIN_DATA, 0, &ent); if(ret){ context->db->hdb_close(context->context, context->db); goto out; @@ -62,15 +62,16 @@ kadm5_s_rename_principal(void *server_handle, goto out2; { /* fix salt */ - int i; + size_t i; Salt salt; krb5_salt salt2; + memset(&salt, 0, sizeof(salt)); krb5_get_pw_salt(context->context, source, &salt2); salt.type = hdb_pw_salt; salt.salt = salt2.saltvalue; for(i = 0; i < ent.entry.keys.len; i++){ if(ent.entry.keys.val[i].salt == NULL){ - ent.entry.keys.val[i].salt = + ent.entry.keys.val[i].salt = malloc(sizeof(*ent.entry.keys.val[i].salt)); if(ent.entry.keys.val[i].salt == NULL) return ENOMEM; diff --git a/lib/kadm5/sample_passwd_check.c b/lib/kadm5/sample_passwd_check.c index 1a21c1099f80..6df9513e3f70 100644 --- a/lib/kadm5/sample_passwd_check.c +++ b/lib/kadm5/sample_passwd_check.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -30,7 +30,7 @@ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* $Id: sample_passwd_check.c 21901 2007-08-10 06:05:35Z lha $ */ +/* $Id$ */ #include #include diff --git a/lib/kadm5/send_recv.c b/lib/kadm5/send_recv.c index b64bbfec6348..cd63293f9e4a 100644 --- a/lib/kadm5/send_recv.c +++ b/lib/kadm5/send_recv.c @@ -1,41 +1,41 @@ /* - * Copyright (c) 1997-2003, 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2003, 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: send_recv.c 17311 2006-04-27 11:10:07Z lha $"); +RCSID("$Id$"); -kadm5_ret_t +kadm5_ret_t _kadm5_client_send(kadm5_client_context *context, krb5_storage *sp) { krb5_data msg, out; @@ -48,27 +48,27 @@ _kadm5_client_send(kadm5_client_context *context, krb5_storage *sp) len = krb5_storage_seek(sp, 0, SEEK_CUR); ret = krb5_data_alloc(&msg, len); if (ret) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); return ret; } krb5_storage_seek(sp, 0, SEEK_SET); krb5_storage_read(sp, msg.data, msg.length); - + ret = krb5_mk_priv(context->context, context->ac, &msg, &out, NULL); krb5_data_free(&msg); if(ret) return ret; - + sock = krb5_storage_from_fd(context->sock); if(sock == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_data_free(&out); return ENOMEM; } - + ret = krb5_store_data(sock, out); if (ret) - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); krb5_storage_free(sock); krb5_data_free(&out); return ret; @@ -83,12 +83,12 @@ _kadm5_client_recv(kadm5_client_context *context, krb5_data *reply) sock = krb5_storage_from_fd(context->sock); if(sock == NULL) { - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); return ENOMEM; } ret = krb5_ret_data(sock, &data); krb5_storage_free(sock); - krb5_clear_error_string(context->context); + krb5_clear_error_message(context->context); if(ret == KRB5_CC_END) return KADM5_RPC_ERROR; else if(ret) diff --git a/lib/kadm5/server_glue.c b/lib/kadm5/server_glue.c index 2862c36613a8..4b430b699c1b 100644 --- a/lib/kadm5/server_glue.c +++ b/lib/kadm5/server_glue.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: server_glue.c 7464 1999-12-02 17:05:13Z joda $"); +RCSID("$Id$"); kadm5_ret_t kadm5_init_with_password(const char *client_name, diff --git a/lib/kadm5/set_keys.c b/lib/kadm5/set_keys.c index ee4de3b093fa..ea0b816c1361 100644 --- a/lib/kadm5/set_keys.c +++ b/lib/kadm5/set_keys.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: set_keys.c 15888 2005-08-11 13:40:35Z lha $"); +RCSID("$Id$"); /* * Set the keys of `ent' to the string-to-key of `password' @@ -41,7 +41,7 @@ RCSID("$Id: set_keys.c 15888 2005-08-11 13:40:35Z lha $"); kadm5_ret_t _kadm5_set_keys(kadm5_server_context *context, - hdb_entry *ent, + hdb_entry *ent, const char *password) { Key *keys; @@ -49,7 +49,7 @@ _kadm5_set_keys(kadm5_server_context *context, kadm5_ret_t ret; ret = hdb_generate_key_set_password(context->context, - ent->principal, + ent->principal, password, &keys, &num_keys); if (ret) return ret; @@ -60,7 +60,7 @@ _kadm5_set_keys(kadm5_server_context *context, hdb_entry_set_pw_change_time(context->context, ent, 0); - if (krb5_config_get_bool_default(context->context, NULL, FALSE, + if (krb5_config_get_bool_default(context->context, NULL, FALSE, "kadmin", "save-password", NULL)) { ret = hdb_entry_set_password(context->context, context->db, @@ -78,8 +78,8 @@ _kadm5_set_keys(kadm5_server_context *context, kadm5_ret_t _kadm5_set_keys2(kadm5_server_context *context, - hdb_entry *ent, - int16_t n_key_data, + hdb_entry *ent, + int16_t n_key_data, krb5_key_data *key_data) { krb5_error_code ret; @@ -89,7 +89,7 @@ _kadm5_set_keys2(kadm5_server_context *context, len = n_key_data; keys = malloc (len * sizeof(*keys)); - if (keys == NULL) + if (keys == NULL && len != 0) return ENOMEM; _kadm5_init_keys (keys, len); @@ -105,14 +105,14 @@ _kadm5_set_keys2(kadm5_server_context *context, if(key_data[i].key_data_ver == 2) { Salt *salt; - salt = malloc(sizeof(*salt)); + salt = calloc(1, sizeof(*salt)); if(salt == NULL) { ret = ENOMEM; goto out; } keys[i].salt = salt; salt->type = key_data[i].key_data_type[1]; - krb5_data_copy(&salt->salt, + krb5_data_copy(&salt->salt, key_data[i].key_data_contents[1], key_data[i].key_data_length[1]); } else @@ -148,7 +148,7 @@ _kadm5_set_keys3(kadm5_server_context *context, len = n_keys; keys = malloc (len * sizeof(*keys)); - if (keys == NULL) + if (keys == NULL && len != 0) return ENOMEM; _kadm5_init_keys (keys, len); @@ -201,8 +201,8 @@ _kadm5_set_keys_randomly (kadm5_server_context *context, { krb5_keyblock *kblock = NULL; kadm5_ret_t ret = 0; - int i, des_keyblock; - size_t num_keys; + int des_keyblock; + size_t i, num_keys; Key *keys; ret = hdb_generate_key_set(context->context, ent->principal, @@ -221,7 +221,7 @@ _kadm5_set_keys_randomly (kadm5_server_context *context, des_keyblock = -1; for (i = 0; i < num_keys; i++) { - /* + /* * To make sure all des keys are the the same we generate only * the first one and then copy key to all other des keys. */ @@ -259,7 +259,7 @@ _kadm5_set_keys_randomly (kadm5_server_context *context, _kadm5_free_keys (context->context, num_keys, keys); return ret; } - + _kadm5_free_keys (context->context, ent->keys.len, ent->keys.val); ent->keys.val = keys; ent->keys.len = num_keys; diff --git a/lib/kadm5/set_modifier.c b/lib/kadm5/set_modifier.c index 62965191bd71..ee4d4a8a6833 100644 --- a/lib/kadm5/set_modifier.c +++ b/lib/kadm5/set_modifier.c @@ -1,39 +1,39 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" -RCSID("$Id: set_modifier.c 7464 1999-12-02 17:05:13Z joda $"); +RCSID("$Id$"); kadm5_ret_t _kadm5_set_modifier(kadm5_server_context *context, @@ -47,7 +47,7 @@ _kadm5_set_modifier(kadm5_server_context *context, } else free_Event(ent->modified_by); ent->modified_by->time = time(NULL); - ret = krb5_copy_principal(context->context, context->caller, + ret = krb5_copy_principal(context->context, context->caller, &ent->modified_by->principal); return ret; } diff --git a/lib/kadm5/test_pw_quality.c b/lib/kadm5/test_pw_quality.c index 745e03edc4cd..e3c8d2f0f432 100644 --- a/lib/kadm5/test_pw_quality.c +++ b/lib/kadm5/test_pw_quality.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 2003, 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003, 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadm5_locl.h" #include -RCSID("$Id: test_pw_quality.c 15105 2005-05-09 19:13:29Z lha $"); +RCSID("$Id$"); static int version_flag; static int help_flag; @@ -59,7 +59,7 @@ main(int argc, char **argv) krb5_data pw_data; krb5_program_setup(&context, argc, argv, args, num_args, NULL); - + if(help_flag) krb5_std_usage(0, args, num_args); if(version_flag) { diff --git a/lib/kafs/ChangeLog b/lib/kafs/ChangeLog index 861796a930aa..302146adc924 100644 --- a/lib/kafs/ChangeLog +++ b/lib/kafs/ChangeLog @@ -1,30 +1,40 @@ -2007-07-10 Love Hörnquist Åstrand +2008-07-17 Love Hörnquist Ã…strand + + * common.c: Try afs/cell@REALM before afs@REALM since that is what + OpenAFS folks have been saying is best pratices for some time + now. Patch from Derrick Brashear. + +2008-04-15 Love Hörnquist Ã…strand + * afssys.c: Avoid using entry points depending on _IOWR if there + is no _IOWR (on cygwin). + +2007-07-10 Love Hörnquist Ã…strand * Makefile.am: New library version. -2007-05-10 Love Hörnquist Åstrand +2007-05-10 Love Hörnquist Ã…strand * kafs.h: Add VIOCSETTOK2 -2006-10-21 Love Hörnquist Åstrand +2006-10-21 Love Hörnquist Ã…strand * Makefile.am: unbreak previous * Makefile.am: split dist and nodist sources -2006-10-20 Love Hörnquist Åstrand +2006-10-20 Love Hörnquist Ã…strand * Makefile.am: add more files -2006-05-01 Love Hörnquist Åstrand +2006-05-01 Love Hörnquist Ã…strand - * kafs.3: Spelling, from Björn Sandell. + * kafs.3: Spelling, from Björn Sandell. -2006-04-11 Love Hörnquist Åstrand +2006-04-11 Love Hörnquist Ã…strand * afssys.c: use afs_ioctlnum, From Tomas Olsson -2006-04-10 Love Hörnquist Åstrand +2006-04-10 Love Hörnquist Ã…strand * afssys.c: Try harder to get the pioctl to work via the /proc or /dev interface, OpenAFS choose to reuse the same ioctl number, @@ -34,13 +44,13 @@ * afskrb5.c (afslog_uid_int): use the simpler krb5_principal_get_realm function. -2005-12-21 Love Hörnquist Åstrand +2005-12-21 Love Hörnquist Ã…strand * Makefile.am: Remove dependency on config.h, breaks IRIX build, could depend on libkafs_la_OBJECTS, but that is just asking for trubble. -2005-10-20 Love Hörnquist Åstrand +2005-10-20 Love Hörnquist Ã…strand * afssys.c (k_hasafs_recheck): new function, allow rechecking if AFS client have started now, internaly it resets the internal @@ -48,7 +58,7 @@ with calling k_hasaf() is that is plays around with signals, and that cases problem for some systems/applications. -2005-10-02 Love Hörnquist Åstrand +2005-10-02 Love Hörnquist Ã…strand * kafs_locl.h: Maybe include . @@ -57,22 +67,22 @@ version. Every after 10.0 (darwin 8.0) uses the /dev/ version of the pioctl. -2005-10-01 Love Hörnquist Åstrand +2005-10-01 Love Hörnquist Ã…strand * afssys.c: Support the new MacOS X 10.4 ioctl interface that is a device node. Patched from Tomas Olson . -2005-08-26 Love Hörnquist Åstrand +2005-08-26 Love Hörnquist Ã…strand * afskrb5.c: Default to use 2b tokens. -2005-06-17 Love Hörnquist Åstrand +2005-06-17 Love Hörnquist Ã…strand * common.c: rename index to idx * afssys.c (k_afs_cell_of_file): unconst path -2005-06-02 Love Hörnquist Åstrand +2005-06-02 Love Hörnquist Ã…strand * use struct kafs_data everywhere, don't mix with the typedef kafs_data @@ -82,19 +92,19 @@ * afssys.c: Don't building map_syscall_name_to_number where its not used. -2005-02-24 Love Hörnquist Åstrand +2005-02-24 Love Hörnquist Ã…strand * Makefile.am: bump version to 4:1:4 -2005-02-03 Love Hörnquist Åstrand +2005-02-03 Love Hörnquist Ã…strand * kafs.h: de-__P -2004-12-06 Love Hörnquist Åstrand +2004-12-06 Love Hörnquist Ã…strand * afskrb5.c: s/KEYTYPE_DES/ETYPE_DES_CBC_CRC/ -2004-08-09 Love Hörnquist Åstrand +2004-08-09 Love Hörnquist Ã…strand * afssysdefs.h: ifdef protect AFS_SYSCALL for DragonFly since they still define __FreeBSD__ (and __FreeBSD_version), but claim that @@ -102,14 +112,14 @@ * afssysdefs.h: dragonflybsd uses 339 just like freebsd5 -2004-06-22 Love Hörnquist Åstrand +2004-06-22 Love Hörnquist Ã…strand * afssys.c: s/arla/nnpfs/ * afssys.c: support the linux /proc/fs/mumel/afs_ioctl afs "syscall" interface -2004-01-22 Love Hörnquist Åstrand +2004-01-22 Love Hörnquist Ã…strand * common.c: search paths for AFS configuration files for the OpenAFS MacOS X, fix comment @@ -117,42 +127,42 @@ * kafs.h: search paths for AFS configuration files for the OpenAFS MacOS X -2003-12-02 Love Hörnquist Åstrand +2003-12-02 Love Hörnquist Ã…strand * common.c: add _PATH_ARLA_OPENBSD & c/o * kafs.h: add _PATH_ARLA_OPENBSD & c/o -2003-11-14 Love Hörnquist Åstrand +2003-11-14 Love Hörnquist Ã…strand * common.c: typo, Bruno Rohee -2003-11-08 Love Hörnquist Åstrand +2003-11-08 Love Hörnquist Ã…strand * kafs.3: spelling, partly from jmc -2003-09-30 Love Hörnquist Åstrand +2003-09-30 Love Hörnquist Ã…strand * afskrb5.c (krb5_afslog_uid_home): be even more friendly to the user and fetch context and id ourself -2003-09-23 Love Hörnquist Åstrand +2003-09-23 Love Hörnquist Ã…strand * afskrb5.c (afslog_uid_int): just belive that realm hint the user passed us -2003-07-23 Love Hörnquist Åstrand +2003-07-23 Love Hörnquist Ã…strand * Makefile.am: always include v4 symbols * afskrb.c: provide dummy krb_ function to there is no need to bump major -2003-06-22 Love Hörnquist Åstrand +2003-06-22 Love Hörnquist Ã…strand * afskrb5.c (v5_convert): rename one of the two c to cred4 -2003-04-23 Love Hörnquist Åstrand +2003-04-23 Love Hörnquist Ã…strand * common.c, kafs.h: drop the int argument (the error code) from the logging function @@ -162,12 +172,12 @@ * afskrb5.c (v5_convert): better match what other functions do with values from krb5.conf, like case insensitivity -2003-04-16 Love Hörnquist Åstrand +2003-04-16 Love Hörnquist Ã…strand * kafs.3: Change .Fd #include to .In header.h from Thomas Klausner -2003-04-14 Love Hörnquist Åstrand +2003-04-14 Love Hörnquist Ã…strand * Makefile.am: (libkafs_la_LDFLAGS): update version @@ -192,7 +202,7 @@ * kafs_locl.h (kafs_data): add name (_kafs_foldup): internally export -2003-04-11 Love Hörnquist Åstrand +2003-04-11 Love Hörnquist Ã…strand * kafs.3: tell that cell-name is uppercased @@ -204,18 +214,18 @@ have updated their servers but not afs/cell@REALM. Add constant KAFS_RXKAD_2B_KVNO. -2003-04-06 Love Hörnquist Åstrand +2003-04-06 Love Hörnquist Ã…strand * kafs.3: s/kerberos/Kerberos/ -2003-03-19 Love Hörnquist Åstrand +2003-03-19 Love Hörnquist Ã…strand * kafs.3: spelling, from * kafs.3: document the kafs_settoken functions write about the krb5_appdefault option for kerberos 5 afs tokens fix prototypes -2003-03-18 Love Hörnquist Åstrand +2003-03-18 Love Hörnquist Ã…strand * afskrb5.c (kafs_settoken5): change signature to include a krb5_context, use v5_convert @@ -254,7 +264,7 @@ internal structure struct kafs_token that carries around for rxkad data that is independant of kerberos version -2003-02-18 Love Hörnquist Åstrand +2003-02-18 Love Hörnquist Ã…strand * dlfcn.h: s/intialize/initialize, from @@ -263,7 +273,7 @@ * afssysdefs.h: fix FreeBSD section -2003-02-06 Love Hörnquist Åstrand +2003-02-06 Love Hörnquist Ã…strand * afssysdefs.h: use syscall 208 on openbsd (all version) use syscall 339 on freebsd 5.0 and later, use 210 on 4.x and earlier diff --git a/lib/kafs/Makefile.am b/lib/kafs/Makefile.am index 15282f0fd69a..34a6144c7a17 100644 --- a/lib/kafs/Makefile.am +++ b/lib/kafs/Makefile.am @@ -1,18 +1,9 @@ -# $Id: Makefile.am 21446 2007-07-10 12:45:36Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common AM_CPPFLAGS += $(AFS_EXTRA_DEFS) $(ROKEN_RENAME) -if KRB4 -DEPLIB_krb4 = $(LIB_krb4) $(LIB_hcrypto) -krb4_am_workaround = $(INCLUDE_krb4) -else -DEPLIB_krb4 = -krb4_am_workaround = -endif # KRB4 -AM_CPPFLAGS += $(krb4_am_workaround) - if KRB5 DEPLIB_krb5 = ../krb5/libkrb5.la krb5_am_workaround = $(INCLUDE_hcrypto) -I$(top_srcdir)/lib/krb5 @@ -33,11 +24,7 @@ AFS_EXTRA_LD = -e _nostart endif if AIX_DYNAMIC_AFS -if HAVE_DLOPEN AIX_SRC = -else -AIX_SRC = dlfcn.c -endif AFS_EXTRA_LIBS = afslib.so AFS_EXTRA_DEFS = else @@ -51,7 +38,7 @@ AFSL_EXP = AIX_SRC = endif # AIX -libkafs_la_LIBADD = $(DEPLIB_krb5) $(LIBADD_roken) $(DEPLIB_krb4) +libkafs_la_LIBADD = $(DEPLIB_krb5) $(LIBADD_roken) lib_LTLIBRARIES = libkafs.la libkafs_la_LDFLAGS = -version-info 5:1:5 @@ -64,7 +51,7 @@ CLEANFILES= $(AFS_EXTRA_LIBS) $(ROKEN_SRCS) include_HEADERS = kafs.h if KRB5 -afskrb5_c = afskrb5.c +afskrb5_c = endif if do_roken_rename @@ -73,8 +60,7 @@ endif dist_libkafs_la_SOURCES = \ afssys.c \ - afskrb.c \ - $(afskrb5_c) \ + afskrb5.c \ common.c \ $(AIX_SRC) \ kafs_locl.h \ @@ -83,9 +69,9 @@ dist_libkafs_la_SOURCES = \ nodist_libkafs_la_SOURCES = $(ROKEN_SRCS) -EXTRA_libkafs_la_SOURCES = afskrb.c afskrb5.c dlfcn.c afslib.c dlfcn.h +EXTRA_libkafs_la_SOURCES = afskrb5.c afslib.c -EXTRA_DIST = README.dlfcn afsl.exp afslib.exp $(man_MANS) +EXTRA_DIST = NTMakefile afsl.exp afslib.exp $(man_MANS) man_MANS = kafs.3 diff --git a/lib/kafs/Makefile.in b/lib/kafs/Makefile.in index ae9a12a60ff8..07356bce6c1d 100644 --- a/lib/kafs/Makefile.in +++ b/lib/kafs/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,18 +15,19 @@ @SET_MAKE@ -# $Id: Makefile.am 21446 2007-07-10 12:45:36Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -46,7 +48,7 @@ DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ subdir = lib/kafs ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -61,7 +63,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -75,9 +77,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -85,48 +90,56 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(man3dir)" \ "$(DESTDIR)$(foodir)" "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) @KRB5_TRUE@am__DEPENDENCIES_1 = ../krb5/libkrb5.la am__DEPENDENCIES_2 = -@KRB4_TRUE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_2) \ -@KRB4_TRUE@ $(am__DEPENDENCIES_2) -libkafs_la_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_2) \ - $(am__DEPENDENCIES_3) -am__dist_libkafs_la_SOURCES_DIST = afssys.c afskrb.c afskrb5.c \ - common.c afslib.c dlfcn.c kafs_locl.h afssysdefs.h \ - roken_rename.h -@KRB5_TRUE@am__objects_1 = afskrb5.lo -@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@am__objects_2 = afslib.lo -@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@am__objects_2 = \ -@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@ dlfcn.lo -dist_libkafs_la_OBJECTS = afssys.lo afskrb.lo $(am__objects_1) \ - common.lo $(am__objects_2) -@do_roken_rename_TRUE@am__objects_3 = resolve.lo strtok_r.lo \ +libkafs_la_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_2) +am__dist_libkafs_la_SOURCES_DIST = afssys.c afskrb5.c common.c \ + afslib.c kafs_locl.h afssysdefs.h roken_rename.h +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@am__objects_1 = afslib.lo +dist_libkafs_la_OBJECTS = afssys.lo afskrb5.lo common.lo \ + $(am__objects_1) +@do_roken_rename_TRUE@am__objects_2 = resolve.lo strtok_r.lo \ @do_roken_rename_TRUE@ strlcpy.lo strsep.lo -nodist_libkafs_la_OBJECTS = $(am__objects_3) +nodist_libkafs_la_OBJECTS = $(am__objects_2) libkafs_la_OBJECTS = $(dist_libkafs_la_OBJECTS) \ $(nodist_libkafs_la_OBJECTS) libkafs_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libkafs_la_LDFLAGS) $(LDFLAGS) -o $@ -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -142,9 +155,7 @@ DIST_SOURCES = $(EXTRA_libkafs_la_SOURCES) \ $(am__dist_libkafs_la_SOURCES_DIST) man3dir = $(mandir)/man3 MANS = $(man_MANS) -fooDATA_INSTALL = $(INSTALL_DATA) DATA = $(foo_DATA) -includeHEADERS_INSTALL = $(INSTALL_HEADER) HEADERS = $(include_HEADERS) ETAGS = etags CTAGS = ctags @@ -153,49 +164,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -219,10 +239,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -239,6 +260,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -254,31 +277,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -293,10 +330,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -337,36 +376,36 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(AFS_EXTRA_DEFS) $(ROKEN_RENAME) $(krb4_am_workaround) \ +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(AFS_EXTRA_DEFS) $(ROKEN_RENAME) \ $(krb5_am_workaround) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -@KRB4_FALSE@DEPLIB_krb4 = -@KRB4_TRUE@DEPLIB_krb4 = $(LIB_krb4) $(LIB_hcrypto) -@KRB4_FALSE@krb4_am_workaround = -@KRB4_TRUE@krb4_am_workaround = $(INCLUDE_krb4) @KRB5_FALSE@DEPLIB_krb5 = @KRB5_TRUE@DEPLIB_krb5 = ../krb5/libkrb5.la @KRB5_FALSE@krb5_am_workaround = @@ -376,14 +415,13 @@ LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @AIX4_FALSE@@AIX_TRUE@AFS_EXTRA_LD = -e _nostart @AIX4_TRUE@@AIX_TRUE@AFS_EXTRA_LD = -bnoentry @AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@AIX_SRC = afslib.c -@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@AIX_SRC = dlfcn.c -@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@AIX_SRC = +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@AIX_SRC = @AIX_FALSE@AIX_SRC = @AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@AFS_EXTRA_LIBS = @AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@AFS_EXTRA_LIBS = afslib.so @AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@AFS_EXTRA_DEFS = -DSTATIC_AFS @AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@AFS_EXTRA_DEFS = -libkafs_la_LIBADD = $(DEPLIB_krb5) $(LIBADD_roken) $(DEPLIB_krb4) +libkafs_la_LIBADD = $(DEPLIB_krb5) $(LIBADD_roken) lib_LTLIBRARIES = libkafs.la libkafs_la_LDFLAGS = -version-info 5:1:5 foodir = $(libdir) @@ -391,12 +429,11 @@ foo_DATA = $(AFS_EXTRA_LIBS) # EXTRA_DATA = afslib.so CLEANFILES = $(AFS_EXTRA_LIBS) $(ROKEN_SRCS) include_HEADERS = kafs.h -@KRB5_TRUE@afskrb5_c = afskrb5.c +@KRB5_TRUE@afskrb5_c = @do_roken_rename_TRUE@ROKEN_SRCS = resolve.c strtok_r.c strlcpy.c strsep.c dist_libkafs_la_SOURCES = \ afssys.c \ - afskrb.c \ - $(afskrb5_c) \ + afskrb5.c \ common.c \ $(AIX_SRC) \ kafs_locl.h \ @@ -404,25 +441,25 @@ dist_libkafs_la_SOURCES = \ roken_rename.h nodist_libkafs_la_SOURCES = $(ROKEN_SRCS) -EXTRA_libkafs_la_SOURCES = afskrb.c afskrb5.c dlfcn.c afslib.c dlfcn.h -EXTRA_DIST = README.dlfcn afsl.exp afslib.exp $(man_MANS) +EXTRA_libkafs_la_SOURCES = afskrb5.c afslib.c +EXTRA_DIST = NTMakefile afsl.exp afslib.exp $(man_MANS) man_MANS = kafs.3 all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/kafs/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/kafs/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kafs/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/kafs/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -440,23 +477,28 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -476,149 +518,186 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/afskrb5.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/afslib.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/afssys.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/common.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/resolve.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strlcpy.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strsep.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strtok_r.Plo@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man3: $(man3_MANS) $(man_MANS) +install-man3: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)" - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man3dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.3[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ + done; } + uninstall-man3: @$(NORMAL_UNINSTALL) - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man3dir)/$$inst"; \ - done + @list=''; test -n "$(man3dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.3[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man3dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man3dir)" && rm -f $$files; } install-fooDATA: $(foo_DATA) @$(NORMAL_INSTALL) test -z "$(foodir)" || $(MKDIR_P) "$(DESTDIR)$(foodir)" - @list='$(foo_DATA)'; for p in $$list; do \ + @list='$(foo_DATA)'; test -n "$(foodir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(fooDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(foodir)/$$f'"; \ - $(fooDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(foodir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(foodir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(foodir)" || exit $$?; \ done uninstall-fooDATA: @$(NORMAL_UNINSTALL) - @list='$(foo_DATA)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(foodir)/$$f'"; \ - rm -f "$(DESTDIR)$(foodir)/$$f"; \ - done + @list='$(foo_DATA)'; test -n "$(foodir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(foodir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(foodir)" && rm -f $$files install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -634,13 +713,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -676,6 +759,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -686,6 +770,7 @@ clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -696,6 +781,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -703,26 +790,35 @@ info-am: install-data-am: install-fooDATA install-includeHEADERS install-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man3 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -743,11 +839,10 @@ uninstall-am: uninstall-fooDATA uninstall-includeHEADERS \ uninstall-libLTLIBRARIES uninstall-man @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man3 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ clean clean-generic clean-libLTLIBRARIES clean-libtool ctags \ @@ -836,6 +931,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -921,7 +1019,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -951,6 +1049,7 @@ strlcpy.c: strsep.c: $(LN_S) $(srcdir)/../roken/strsep.c . + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/kafs/NTMakefile b/lib/kafs/NTMakefile new file mode 100644 index 000000000000..4cff3426f10e --- /dev/null +++ b/lib/kafs/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\kafs + +!include ../../windows/NTMakefile.w32 + diff --git a/lib/kafs/README.dlfcn b/lib/kafs/README.dlfcn deleted file mode 100644 index cee1b751939e..000000000000 --- a/lib/kafs/README.dlfcn +++ /dev/null @@ -1,246 +0,0 @@ -Copyright (c) 1992,1993,1995,1996, Jens-Uwe Mager, Helios Software GmbH -Not derived from licensed software. - -Permission is granted to freely use, copy, modify, and redistribute -this software, provided that the author is not construed to be liable -for any results of using the software, alterations are clearly marked -as such, and this notice is not modified. - -libdl.a -------- - -This is an emulation library to emulate the SunOS/System V.4 functions -to access the runtime linker. The functions are emulated by using the -AIX load() function and by reading the .loader section of the loaded -module to find the exports. The to be loaded module should be linked as -follows (if using AIX 3): - - cc -o module.so -bM:SRE -bE:module.exp -e _nostart $(OBJS) - -For AIX 4: - - cc -o module.so -bM:SRE -bE:module.exp -bnoentry $(OBJS) - -If you want to reference symbols from the main part of the program in a -loaded module, you will have to link against the export file of the -main part: - - cc -o main -bE:main.exp $(MAIN_OBJS) - cc -o module.so -bM:SRE -bI:main.exp -bE:module.exp -bnoentry $(OBJS) - -Note that you explicitely have to specify what functions are supposed -to be accessible from your loaded modules, this is different from -SunOS/System V.4 where any global is automatically exported. If you -want to export all globals, the following script might be of help: - -#!/bin/sh -/usr/ucb/nm -g $* | awk '$2 == "B" || $2 == "D" { print $3 }' - -The module export file contains the symbols to be exported. Because -this library uses the loader section, the final module.so file can be -stripped. C++ users should build their shared objects using the script -makeC++SharedLib (part of the IBM C++ compiler), this will make sure -that constructors and destructors for static and global objects will be -called upon loading and unloading the module. GNU C++ users should use -the -shared option to g++ to link the shared object: - - g++ -o module.so -shared $(OBJS) - -If the shared object does have permissions for anybody, the shared -object will be loaded into the shared library segment and it will stay -there even if the main application terminates. If you rebuild your -shared object after a bugfix and you want to make sure that you really -get the newest version you will have to use the "slibclean" command -before starting the application again to garbage collect the shared -library segment. If the performance utilities (bosperf) are installed -you can use the following command to see what shared objects are -loaded: - -/usr/lpp/bosperf/genkld | sort | uniq - -For easier debugging you can avoid loading the shared object into the -shared library segment alltogether by removing permissions for others -from the module.so file: - -chmod o-rwx module.so - -This will ensure you get a fresh copy of the shared object for every -dlopen() call which is loaded into the application's data segment. - -Usage ------ - -void *dlopen(const char *path, int mode); - -This routine loads the module pointed to by path and reads its export -table. If the path does not contain a '/' character, dlopen will search -for the module using the LIBPATH environment variable. It returns an -opaque handle to the module or NULL on error. The mode parameter can be -either RTLD_LAZY (for lazy function binding) or RTLD_NOW for immediate -function binding. The AIX implementation currently does treat RTLD_NOW -the same as RTLD_LAZY. The flag RTLD_GLOBAL might be or'ed into the -mode parameter to allow loaded modules to bind to global variables or -functions in other loaded modules loaded by dlopen(). If RTLD_GLOBAL is -not specified, only globals from the main part of the executable or -shared libraries are used to look for undefined symbols in loaded -modules. - - -void *dlsym(void *handle, const char *symbol); - -This routine searches for the symbol in the module referred to by -handle and returns its address. If the symbol could not be found, the -function returns NULL. The return value must be casted to a proper -function pointer before it can be used. SunOS/System V.4 allows handle -to be a NULL pointer to refer to the module the call is made from, this -is not implemented. - -int dlclose(void *handle); - -This routine unloads the module referred to by the handle and disposes -of any local storage. this function returns -1 on failure. Any function -pointers obtained through dlsym() should be considered invalid after -closing a module. - -As AIX caches shared objects in the shared library segment, function -pointers obtained through dlsym() might still work even though the -module has been unloaded. This can introduce subtle bugs that will -segment fault later if AIX garbage collects or immediatly on -SunOS/System V.4 as the text segment is unmapped. - -char *dlerror(void); - -This routine can be used to retrieve a text message describing the most -recent error that occured on on of the above routines. This function -returns NULL if there is no error information. - -Initialization and termination handlers ---------------------------------------- - -The emulation provides for an initialization and a termination -handler. The dlfcn.h file contains a structure declaration named -dl_info with following members: - - void (*init)(void); - void (*fini)(void); - -The init function is called upon first referencing the library. The -fini function is called at dlclose() time or when the process exits. -The module should declare a variable named dl_info that contains this -structure which must be exported. These functions correspond to the -documented _init() and _fini() functions of SunOS 4.x, but these are -appearently not implemented in SunOS. When using SunOS 5.0, these -correspond to #pragma init and #pragma fini respectively. At the same -time any static or global C++ object's constructors or destructors will -be called. - -BUGS ----- - -Please note that there is currently a problem with implicitely loaded -shared C++ libaries: if you refer to a shared C++ library from a loaded -module that is not yet used by the main program, the dlopen() emulator -does not notice this and does not call the static constructors for the -implicitely loaded library. This can be easily demonstrated by -referencing the C++ standard streams from a loaded module if the main -program is a plain C program. - -Jens-Uwe Mager - -HELIOS Software GmbH -Lavesstr. 80 -30159 Hannover -Germany - -Phone: +49 511 36482-0 -FAX: +49 511 36482-69 -AppleLink: helios.de/jum -Internet: jum@helios.de - -Revison History ---------------- - -SCCS/s.dlfcn.h: - -D 1.4 95/04/25 09:36:52 jum 4 3 00018/00004/00028 -MRs: -COMMENTS: -added RTLD_GLOBAL, include and C++ guards - -D 1.3 92/12/27 20:58:32 jum 3 2 00001/00001/00031 -MRs: -COMMENTS: -we always have prototypes on RS/6000 - -D 1.2 92/08/16 17:45:11 jum 2 1 00009/00000/00023 -MRs: -COMMENTS: -added dl_info structure to implement initialize and terminate functions - -D 1.1 92/08/02 18:08:45 jum 1 0 00023/00000/00000 -MRs: -COMMENTS: -Erstellungsdatum und -uhrzeit 92/08/02 18:08:45 von jum - -SCCS/s.dlfcn.c: - -D 1.11 96/04/10 20:12:51 jum 13 12 00037/00000/00533 -MRs: -COMMENTS: -Integrated the changes from John W. Eaton to initialize -g++ generated shared objects. - -D 1.10 96/02/15 17:42:44 jum 12 10 00012/00007/00521 -MRs: -COMMENTS: -the C++ constructor and destructor chains are now called properly for either -xlC 2 or xlC 3 (CSet++). - -D 1.9 95/09/22 11:09:38 markus 10 9 00001/00008/00527 -MRs: -COMMENTS: -Fix version number - -D 1.8 95/09/22 10:14:34 markus 9 8 00008/00001/00527 -MRs: -COMMENTS: -Added version number for dl lib - -D 1.7 95/08/14 19:08:38 jum 8 6 00026/00004/00502 -MRs: -COMMENTS: -Integrated the fixes from Kirk Benell (kirk@rsinc.com) to allow loading of -shared objects generated under AIX 4. Fixed bug that symbols with exactly -8 characters would use garbage characters from the following symbol value. - -D 1.6 95/04/25 09:38:03 jum 6 5 00046/00006/00460 -MRs: -COMMENTS: -added handling of C++ static constructors and destructors, added RTLD_GLOBAL to bind against other loaded modules - -D 1.5 93/02/14 20:14:17 jum 5 4 00002/00000/00464 -MRs: -COMMENTS: -added path to dlopen error message to make clear where there error occured. - -D 1.4 93/01/03 19:13:56 jum 4 3 00061/00005/00403 -MRs: -COMMENTS: -to allow calling symbols in the main module call load with L_NOAUTODEFER and -do a loadbind later with the main module. - -D 1.3 92/12/27 20:59:55 jum 3 2 00066/00008/00342 -MRs: -COMMENTS: -added search by L_GETINFO if module got loaded by LIBPATH - -D 1.2 92/08/16 17:45:43 jum 2 1 00074/00006/00276 -MRs: -COMMENTS: -implemented initialize and terminate functions, added reference counting to avoid multiple loads of the same library - -D 1.1 92/08/02 18:08:45 jum 1 0 00282/00000/00000 -MRs: -COMMENTS: -Erstellungsdatum und -uhrzeit 92/08/02 18:08:45 von jum - diff --git a/lib/kafs/afskrb.c b/lib/kafs/afskrb.c deleted file mode 100644 index f5516a8b5269..000000000000 --- a/lib/kafs/afskrb.c +++ /dev/null @@ -1,217 +0,0 @@ -/* - * Copyright (c) 1995 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kafs_locl.h" - -RCSID("$Id: afskrb.c 15342 2005-06-02 07:38:22Z lha $"); - -#ifdef KRB4 - -struct krb_kafs_data { - const char *realm; -}; - -static int -get_cred(struct kafs_data *data, const char *name, const char *inst, - const char *realm, uid_t uid, struct kafs_token *kt) -{ - CREDENTIALS c; - KTEXT_ST tkt; - int ret = krb_get_cred((char*)name, (char*)inst, (char*)realm, &c); - - if (ret) { - ret = krb_mk_req(&tkt, (char*)name, (char*)inst, (char*)realm, 0); - if (ret == KSUCCESS) - ret = krb_get_cred((char*)name, (char*)inst, (char*)realm, &c); - } - if (ret == 0) - ret = _kafs_v4_to_kt(&c, uid, kt); - return ret; -} - -static int -afslog_uid_int(struct kafs_data *data, - const char *cell, - const char *realm_hint, - uid_t uid, - const char *homedir) -{ - int ret; - struct kafs_token kt; - char name[ANAME_SZ]; - char inst[INST_SZ]; - char realm[REALM_SZ]; - - kt.ticket = NULL; - - if (cell == 0 || cell[0] == 0) - return _kafs_afslog_all_local_cells (data, uid, homedir); - - /* Extract realm from ticket file. */ - ret = krb_get_tf_fullname(tkt_string(), name, inst, realm); - if (ret != KSUCCESS) - return ret; - - kt.ticket = NULL; - ret = _kafs_get_cred(data, cell, realm_hint, realm, uid, &kt); - - if (ret == 0) { - ret = kafs_settoken_rxkad(cell, &kt.ct, kt.ticket, kt.ticket_len); - free(kt.ticket); - } - return ret; -} - -static char * -get_realm(struct kafs_data *data, const char *host) -{ - char *r = krb_realmofhost(host); - if(r != NULL) - return strdup(r); - else - return NULL; -} - -int -krb_afslog_uid_home(const char *cell, const char *realm_hint, uid_t uid, - const char *homedir) -{ - struct kafs_data kd; - - kd.name = "krb4"; - kd.afslog_uid = afslog_uid_int; - kd.get_cred = get_cred; - kd.get_realm = get_realm; - kd.data = 0; - return afslog_uid_int(&kd, cell, realm_hint, uid, homedir); -} - -int -krb_afslog_uid(const char *cell, const char *realm_hint, uid_t uid) -{ - return krb_afslog_uid_home(cell, realm_hint, uid, NULL); -} - -int -krb_afslog(const char *cell, const char *realm_hint) -{ - return krb_afslog_uid(cell, realm_hint, getuid()); -} - -int -krb_afslog_home(const char *cell, const char *realm_hint, const char *homedir) -{ - return krb_afslog_uid_home(cell, realm_hint, getuid(), homedir); -} - -/* - * - */ - -int -krb_realm_of_cell(const char *cell, char **realm) -{ - struct kafs_data kd; - - kd.name = "krb4"; - kd.get_realm = get_realm; - return _kafs_realm_of_cell(&kd, cell, realm); -} - -int -kafs_settoken(const char *cell, uid_t uid, CREDENTIALS *c) -{ - struct kafs_token kt; - int ret; - - kt.ticket = NULL; - - ret = _kafs_v4_to_kt(c, uid, &kt); - if (ret) - return ret; - - if (kt.ct.EndTimestamp < time(NULL)) { - free(kt.ticket); - return 0; - } - - ret = kafs_settoken_rxkad(cell, &kt.ct, kt.ticket, kt.ticket_len); - free(kt.ticket); - return ret; -} - -#else /* KRB4 */ - -#define KAFS_KRBET_KDC_SERVICE_EXP 39525378 - -int -krb_afslog_uid_home(const char *cell, const char *realm_hint, uid_t uid, - const char *homedir) -{ - return KAFS_KRBET_KDC_SERVICE_EXP; -} - -int -krb_afslog_uid(const char *cell, const char *realm_hint, uid_t uid) -{ - return KAFS_KRBET_KDC_SERVICE_EXP; -} - -int -krb_afslog_home(const char *cell, const char *realm_hint, const char *homedir) -{ - return KAFS_KRBET_KDC_SERVICE_EXP; -} - -int -krb_afslog(const char *cell, const char *realm_hint) -{ - return KAFS_KRBET_KDC_SERVICE_EXP; -} - -int -krb_realm_of_cell(const char *cell, char **realm) -{ - *realm = NULL; - return KAFS_KRBET_KDC_SERVICE_EXP; -} - -int kafs_settoken (const char*, uid_t, struct credentials *); - -int -kafs_settoken(const char *cell, uid_t uid, struct credentials *c) -{ - return KAFS_KRBET_KDC_SERVICE_EXP; -} - -#endif /* KRB4 */ diff --git a/lib/kafs/afskrb5.c b/lib/kafs/afskrb5.c index 2b052672ffde..62db543665ef 100644 --- a/lib/kafs/afskrb5.c +++ b/lib/kafs/afskrb5.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995-2003 Kungliga Tekniska Högskolan + * Copyright (c) 1995-2003 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -33,15 +33,13 @@ #include "kafs_locl.h" -RCSID("$Id: afskrb5.c 17032 2006-04-10 08:45:04Z lha $"); - struct krb5_kafs_data { krb5_context context; krb5_ccache id; krb5_const_realm realm; }; -enum { +enum { KAFS_RXKAD_2B_KVNO = 213, KAFS_RXKAD_K5_KVNO = 256 }; @@ -113,7 +111,7 @@ v5_to_kt(krb5_creds *cred, uid_t uid, struct kafs_token *kt, int local524) static krb5_error_code v5_convert(krb5_context context, krb5_ccache id, - krb5_creds *cred, uid_t uid, + krb5_creds *cred, uid_t uid, const char *cell, struct kafs_token *kt) { @@ -129,26 +127,12 @@ v5_convert(krb5_context context, krb5_ccache id, "afs-use-524", "2b", &val); free(c); - if (strcasecmp(val, "local") == 0 || + if (strcasecmp(val, "local") == 0 || strcasecmp(val, "2b") == 0) ret = v5_to_kt(cred, uid, kt, 1); - else if(strcasecmp(val, "yes") == 0 || - strcasecmp(val, "true") == 0 || - atoi(val)) { - struct credentials cred4; - - if (id == NULL) - ret = krb524_convert_creds_kdc(context, cred, &cred4); - else - ret = krb524_convert_creds_kdc_ccache(context, id, cred, &cred4); - if (ret) - goto out; - - ret = _kafs_v4_to_kt(&cred4, uid, kt); - } else + else ret = v5_to_kt(cred, uid, kt, 0); - out: free(val); return ret; } @@ -159,16 +143,18 @@ v5_convert(krb5_context context, krb5_ccache id, */ static int -get_cred(struct kafs_data *data, const char *name, const char *inst, +get_cred(struct kafs_data *data, const char *name, const char *inst, const char *realm, uid_t uid, struct kafs_token *kt) { krb5_error_code ret; krb5_creds in_creds, *out_creds; struct krb5_kafs_data *d = data->data; + int invalid; memset(&in_creds, 0, sizeof(in_creds)); - ret = krb5_425_conv_principal(d->context, name, inst, realm, - &in_creds.server); + + ret = krb5_make_principal(d->context, &in_creds.server, + realm, name, inst, NULL); if(ret) return ret; ret = krb5_cc_get_principal(d->context, d->id, &in_creds.client); @@ -176,20 +162,45 @@ get_cred(struct kafs_data *data, const char *name, const char *inst, krb5_free_principal(d->context, in_creds.server); return ret; } + in_creds.session.keytype = ETYPE_DES_CBC_CRC; + + /* check if des is disable, and in that case enable it for afs */ + invalid = krb5_enctype_valid(d->context, in_creds.session.keytype); + if (invalid) + krb5_enctype_enable(d->context, in_creds.session.keytype); + ret = krb5_get_credentials(d->context, 0, d->id, &in_creds, &out_creds); + + if (invalid) + krb5_enctype_disable(d->context, in_creds.session.keytype); + krb5_free_principal(d->context, in_creds.server); krb5_free_principal(d->context, in_creds.client); if(ret) return ret; - ret = v5_convert(d->context, d->id, out_creds, uid, + ret = v5_convert(d->context, d->id, out_creds, uid, (inst != NULL && inst[0] != '\0') ? inst : realm, kt); krb5_free_creds(d->context, out_creds); return ret; } +static const char * +get_error(struct kafs_data *data, int error) +{ + struct krb5_kafs_data *d = data->data; + return krb5_get_error_message(d->context, error); +} + +static void +free_error(struct kafs_data *data, const char *str) +{ + struct krb5_kafs_data *d = data->data; + krb5_free_error_message(d->context, str); +} + static krb5_error_code afslog_uid_int(struct kafs_data *data, const char *cell, const char *rh, uid_t uid, const char *homedir) @@ -199,7 +210,7 @@ afslog_uid_int(struct kafs_data *data, const char *cell, const char *rh, krb5_principal princ; const char *trealm; /* ticket realm */ struct krb5_kafs_data *d = data->data; - + if (cell == 0 || cell[0] == 0) return _kafs_afslog_all_local_cells (data, uid, homedir); @@ -212,7 +223,7 @@ afslog_uid_int(struct kafs_data *data, const char *cell, const char *rh, kt.ticket = NULL; ret = _kafs_get_cred(data, cell, d->realm, trealm, uid, &kt); krb5_free_principal (d->context, princ); - + if(ret == 0) { ret = kafs_settoken_rxkad(cell, &kt.ct, kt.ticket, kt.ticket_len); free(kt.ticket); @@ -249,6 +260,8 @@ krb5_afslog_uid_home(krb5_context context, kd.afslog_uid = afslog_uid_int; kd.get_cred = get_cred; kd.get_realm = get_realm; + kd.get_error = get_error; + kd.free_error = free_error; kd.data = &d; if (context == NULL) { ret = krb5_init_context(&d.context); @@ -284,7 +297,7 @@ krb5_afslog_uid(krb5_context context, krb5_error_code krb5_afslog(krb5_context context, - krb5_ccache id, + krb5_ccache id, const char *cell, krb5_const_realm realm) { @@ -293,7 +306,7 @@ krb5_afslog(krb5_context context, krb5_error_code krb5_afslog_home(krb5_context context, - krb5_ccache id, + krb5_ccache id, const char *cell, krb5_const_realm realm, const char *homedir) @@ -312,6 +325,8 @@ krb5_realm_of_cell(const char *cell, char **realm) kd.name = "krb5"; kd.get_realm = get_realm; + kd.get_error = get_error; + kd.free_error = free_error; return _kafs_realm_of_cell(&kd, cell, realm); } diff --git a/lib/kafs/afslib.c b/lib/kafs/afslib.c index 4845b7f36b7c..f2ef8481ed8f 100644 --- a/lib/kafs/afslib.c +++ b/lib/kafs/afslib.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,12 @@ * SUCH DAMAGE. */ -/* - * This file is only used with AIX +/* + * This file is only used with AIX */ #include "kafs_locl.h" -RCSID("$Id: afslib.c 7463 1999-12-02 16:58:55Z joda $"); - int aix_pioctl(char *a_path, int o_opcode, diff --git a/lib/kafs/afssys.c b/lib/kafs/afssys.c index d9c6b8066aa8..740df0450584 100644 --- a/lib/kafs/afssys.c +++ b/lib/kafs/afssys.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2000, 2002, 2004, 2005 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2000, 2002, 2004, 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -33,8 +33,6 @@ #include "kafs_locl.h" -RCSID("$Id: afssys.c 17050 2006-04-11 08:12:29Z lha $"); - struct procdata { unsigned long param4; unsigned long param3; @@ -54,8 +52,10 @@ struct devdata { unsigned long param6; unsigned long retval; }; +#ifdef _IOWR #define VIOC_SYSCALL_DEV _IOWR('C', 2, struct devdata) #define VIOC_SYSCALL_DEV_OPENAFS _IOWR('C', 1, struct devdata) +#endif int _kafs_debug; /* this should be done in a better way */ @@ -103,7 +103,7 @@ try_aix(void) strlcpy(path, p, sizeof(path)); else snprintf(path, sizeof(path), "%s/afslib.so", LIBDIR); - + ptr = dlopen(path, RTLD_NOW); if(ptr == NULL) { if(_kafs_debug) { @@ -115,7 +115,7 @@ try_aix(void) return 1; } Setpag = (int (*)(void))dlsym(ptr, "aix_setpag"); - Pioctl = (int (*)(char*, int, + Pioctl = (int (*)(char*, int, struct ViceIoctl*, int))dlsym(ptr, "aix_pioctl"); #endif afs_entry_point = AIX_ENTRY_POINTS; @@ -123,9 +123,9 @@ try_aix(void) } #endif /* _AIX */ -/* +/* * This probably only works under Solaris and could get confused if - * there's a /etc/name_to_sysnum file. + * there's a /etc/name_to_sysnum file. */ #if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) @@ -163,7 +163,7 @@ map_syscall_name_to_number (const char *str, int *res) } #endif -static int +static int try_ioctlpath(const char *path, unsigned long ioctlnum, int entrypoint) { int fd, ret, saved_errno; @@ -189,13 +189,13 @@ try_ioctlpath(const char *path, unsigned long ioctlnum, int entrypoint) } saved_errno = errno; close(fd); - /* + /* * Be quite liberal in what error are ok, the first is the one * that should trigger given that params is NULL. */ - if (ret && + if (ret && (saved_errno != EFAULT && - saved_errno != EDOM && + saved_errno != EDOM && saved_errno != ENOTCONN)) return 1; afs_ioctlnum = ioctlnum; @@ -253,23 +253,23 @@ k_pioctl(char *a_path, case MACOS_DEV_POINT: { struct devdata data = { AFSCALL_PIOCTL, 0, 0, 0, 0, 0, 0, 0 }; int ret; - + data.param1 = (unsigned long)a_path; data.param2 = (unsigned long)o_opcode; data.param3 = (unsigned long)a_paramsP; data.param4 = (unsigned long)a_followSymlinks; - + ret = do_ioctl(&data); if (ret) return ret; - + return data.retval; } #ifdef _AIX case AIX_ENTRY_POINTS: return Pioctl(a_path, o_opcode, a_paramsP, a_followSymlinks); #endif - } + } errno = ENOSYS; #ifdef SIGSYS kill(getpid(), SIGSYS); /* You lose! */ @@ -328,7 +328,7 @@ k_setpag(void) return Setpag(); #endif } - + errno = ENOSYS; #ifdef SIGSYS kill(getpid(), SIGSYS); /* You lose! */ @@ -413,7 +413,7 @@ k_hasafs(void) if (!issuid()) env = getenv ("AFS_SYSCALL"); - + /* * Already checked presence of AFS syscalls? */ @@ -426,7 +426,7 @@ k_hasafs(void) * If the syscall is absent we recive a SIGSYS. */ afs_entry_point = NO_ENTRY_POINT; - + saved_errno = errno; #ifndef NO_AFS #ifdef SIGSYS @@ -439,10 +439,14 @@ k_hasafs(void) goto done; } if (strncmp("/dev/", env, 5) == 0) { +#ifdef VIOC_SYSCALL_DEV if (try_ioctlpath(env, VIOC_SYSCALL_DEV, MACOS_DEV_POINT) == 0) goto done; +#endif +#ifdef VIOC_SYSCALL_DEV_OPENAFS if (try_ioctlpath(env,VIOC_SYSCALL_DEV_OPENAFS,MACOS_DEV_POINT) ==0) goto done; +#endif } } @@ -450,18 +454,22 @@ k_hasafs(void) VIOC_SYSCALL_PROC, LINUX_PROC_POINT); if (ret == 0) goto done; - ret = try_ioctlpath("/proc/fs/nnpfs/afs_ioctl", + ret = try_ioctlpath("/proc/fs/nnpfs/afs_ioctl", VIOC_SYSCALL_PROC, LINUX_PROC_POINT); if (ret == 0) goto done; - ret = try_ioctlpath("/dev/openafs_ioctl", +#ifdef VIOC_SYSCALL_DEV_OPENAFS + ret = try_ioctlpath("/dev/openafs_ioctl", VIOC_SYSCALL_DEV_OPENAFS, MACOS_DEV_POINT); if (ret == 0) goto done; +#endif +#ifdef VIOC_SYSCALL_DEV ret = try_ioctlpath("/dev/nnpfs_ioctl", VIOC_SYSCALL_DEV, MACOS_DEV_POINT); if (ret == 0) goto done; +#endif #if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) { diff --git a/lib/kafs/afssysdefs.h b/lib/kafs/afssysdefs.h index dd52a214bee0..9143bbdf7ee9 100644 --- a/lib/kafs/afssysdefs.h +++ b/lib/kafs/afssysdefs.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2003 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2003 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: afssysdefs.h 14102 2004-08-09 13:41:32Z lha $ */ +/* $Id$ */ /* * This section is for machines using single entry point AFS syscalls! diff --git a/lib/kafs/common.c b/lib/kafs/common.c index 3466d950d74e..a14eea8dd2d2 100644 --- a/lib/kafs/common.c +++ b/lib/kafs/common.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kafs_locl.h" -RCSID("$Id: common.c 15461 2005-06-16 22:52:33Z lha $"); - #define AUTH_SUPERUSER "afs" /* @@ -75,7 +73,7 @@ kafs_settoken_rxkad(const char *cell, struct ClearToken *ct, struct ViceIoctl parms; char buf[2048], *t; int32_t sizeof_x; - + t = buf; /* * length of secret token followed by secret token @@ -141,47 +139,18 @@ _kafs_fixup_viceid(struct ClearToken *ct, uid_t uid) } } - -int -_kafs_v4_to_kt(CREDENTIALS *c, uid_t uid, struct kafs_token *kt) -{ - kt->ticket = NULL; - - if (c->ticket_st.length > MAX_KTXT_LEN) - return EINVAL; - - kt->ticket = malloc(c->ticket_st.length); - if (kt->ticket == NULL) - return ENOMEM; - kt->ticket_len = c->ticket_st.length; - memcpy(kt->ticket, c->ticket_st.dat, kt->ticket_len); - - /* - * Build a struct ClearToken - */ - kt->ct.AuthHandle = c->kvno; - memcpy (kt->ct.HandShakeKey, c->session, sizeof(c->session)); - kt->ct.ViceId = uid; - kt->ct.BeginTimestamp = c->issue_date; - kt->ct.EndTimestamp = krb_life_to_time(c->issue_date, c->lifetime); - - _kafs_fixup_viceid(&kt->ct, uid); - - return 0; -} - /* Try to get a db-server for an AFS cell from a AFSDB record */ static int dns_find_cell(const char *cell, char *dbserver, size_t len) { - struct dns_reply *r; + struct rk_dns_reply *r; int ok = -1; - r = dns_lookup(cell, "afsdb"); + r = rk_dns_lookup(cell, "afsdb"); if(r){ - struct resource_record *rr = r->head; + struct rk_resource_record *rr = r->head; while(rr){ - if(rr->type == T_AFSDB && rr->u.afsdb->preference == 1){ + if(rr->type == rk_ns_t_afsdb && rr->u.afsdb->preference == 1){ strlcpy(dbserver, rr->u.afsdb->domain, len); @@ -190,7 +159,7 @@ dns_find_cell(const char *cell, char *dbserver, size_t len) } rr = rr->next; } - dns_free_data(r); + rk_dns_free_data(r); } return ok; } @@ -282,7 +251,7 @@ _kafs_afslog_all_local_cells(struct kafs_data *data, find_cells(_PATH_ARLA_DEBIAN_THISCELL, &cells, &idx); find_cells(_PATH_ARLA_OPENBSD_THESECELLS, &cells, &idx); find_cells(_PATH_ARLA_OPENBSD_THISCELL, &cells, &idx); - + ret = afslog_cells(data, cells, idx, uid, homedir); while(idx > 0) free(cells[--idx]); @@ -292,7 +261,7 @@ _kafs_afslog_all_local_cells(struct kafs_data *data, static int -file_find_cell(struct kafs_data *data, +file_find_cell(struct kafs_data *data, const char *cell, char **realm, int exact) { FILE *F; @@ -378,11 +347,14 @@ _kafs_try_get_cred(struct kafs_data *data, const char *user, const char *cell, ret = (*data->get_cred)(data, user, cell, realm, uid, kt); if (kafs_verbose) { + const char *estr = (*data->get_error)(data, ret); char *str; - asprintf(&str, "%s tried afs%s%s@%s -> %d", - data->name, cell[0] == '\0' ? "" : "/", - cell, realm, ret); + asprintf(&str, "%s tried afs%s%s@%s -> %s (%d)", + data->name, cell ? "/" : "", + cell ? cell : "", realm, estr ? estr : "unknown", ret); (*kafs_verbose)(kafs_verbose_ctx, str); + if (estr) + (*data->free_error)(data, estr); free(str); } @@ -392,7 +364,7 @@ _kafs_try_get_cred(struct kafs_data *data, const char *user, const char *cell, int _kafs_get_cred(struct kafs_data *data, - const char *cell, + const char *cell, const char *realm_hint, const char *realm, uid_t uid, @@ -419,44 +391,43 @@ _kafs_get_cred(struct kafs_data *data, * really a long shot. * */ - + /* comments on the ordering of these tests */ /* If the user passes a realm, she probably knows something we don't * know and we should try afs@realm_hint. */ - + if (realm_hint) { ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, cell, realm_hint, uid, kt); if (ret == 0) return 0; ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - "", realm_hint, uid, kt); + NULL, realm_hint, uid, kt); if (ret == 0) return 0; } _kafs_foldup(CELL, cell); + /* + * If the AFS servers have a file /usr/afs/etc/krb.conf containing + * REALM we still don't have to resort to cross-cell authentication. + * Try afs.cell@REALM. + */ + ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, + cell, realm, uid, kt); + if (ret == 0) return 0; + /* * If cell == realm we don't need no cross-cell authentication. * Try afs@REALM. */ if (strcmp(CELL, realm) == 0) { ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - "", realm, uid, kt); + NULL, realm, uid, kt); if (ret == 0) return 0; - /* Try afs.cell@REALM below. */ } - /* - * If the AFS servers have a file /usr/afs/etc/krb.conf containing - * REALM we still don't have to resort to cross-cell authentication. - * Try afs.cell@REALM. - */ - ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - cell, realm, uid, kt); - if (ret == 0) return 0; - /* * We failed to get ``first class tickets'' for afs, * fall back to cross-cell authentication. @@ -464,9 +435,9 @@ _kafs_get_cred(struct kafs_data *data, * Try afs.cell@CELL. */ ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - "", CELL, uid, kt); + NULL, CELL, uid, kt); if (ret == 0) return 0; - ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, + ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, cell, CELL, uid, kt); if (ret == 0) return 0; @@ -483,7 +454,7 @@ _kafs_get_cred(struct kafs_data *data, cell, vl_realm, uid, kt); if (ret) ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - "", vl_realm, uid, kt); + NULL, vl_realm, uid, kt); free(vl_realm); if (ret == 0) return 0; } diff --git a/lib/kafs/dlfcn.c b/lib/kafs/dlfcn.c deleted file mode 100644 index 728cf5cdd768..000000000000 --- a/lib/kafs/dlfcn.c +++ /dev/null @@ -1,581 +0,0 @@ -/* - * @(#)dlfcn.c 1.11 revision of 96/04/10 20:12:51 - * This is an unpublished work copyright (c) 1992 HELIOS Software GmbH - * 30159 Hannover, Germany - */ - -/* - * Changes marked with `--jwe' were made on April 7 1996 by John W. Eaton - * to support g++ and/or use with Octave. - */ - -/* - * This makes my life easier with Octave. --jwe - */ -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include "dlfcn.h" - -/* - * We simulate dlopen() et al. through a call to load. Because AIX has - * no call to find an exported symbol we read the loader section of the - * loaded module and build a list of exported symbols and their virtual - * address. - */ - -typedef struct { - char *name; /* the symbols's name */ - void *addr; /* its relocated virtual address */ -} Export, *ExportPtr; - -/* - * xlC uses the following structure to list its constructors and - * destructors. This is gleaned from the output of munch. - */ -typedef struct { - void (*init)(void); /* call static constructors */ - void (*term)(void); /* call static destructors */ -} Cdtor, *CdtorPtr; - -typedef void (*GccCDtorPtr)(void); - -/* - * The void * handle returned from dlopen is actually a ModulePtr. - */ -typedef struct Module { - struct Module *next; - char *name; /* module name for refcounting */ - int refCnt; /* the number of references */ - void *entry; /* entry point from load */ - struct dl_info *info; /* optional init/terminate functions */ - CdtorPtr cdtors; /* optional C++ constructors */ - GccCDtorPtr gcc_ctor; /* g++ constructors --jwe */ - GccCDtorPtr gcc_dtor; /* g++ destructors --jwe */ - int nExports; /* the number of exports found */ - ExportPtr exports; /* the array of exports */ -} Module, *ModulePtr; - -/* - * We keep a list of all loaded modules to be able to call the fini - * handlers and destructors at atexit() time. - */ -static ModulePtr modList; - -/* - * The last error from one of the dl* routines is kept in static - * variables here. Each error is returned only once to the caller. - */ -static char errbuf[BUFSIZ]; -static int errvalid; - -/* - * The `fixed' gcc header files on AIX 3.2.5 provide a prototype for - * strdup(). --jwe - */ -#ifndef HAVE_STRDUP -extern char *strdup(const char *); -#endif -static void caterr(char *); -static int readExports(ModulePtr); -static void terminate(void); -static void *findMain(void); - -void *dlopen(const char *path, int mode) -{ - ModulePtr mp; - static void *mainModule; - - /* - * Upon the first call register a terminate handler that will - * close all libraries. Also get a reference to the main module - * for use with loadbind. - */ - if (!mainModule) { - if ((mainModule = findMain()) == NULL) - return NULL; - atexit(terminate); - } - /* - * Scan the list of modules if we have the module already loaded. - */ - for (mp = modList; mp; mp = mp->next) - if (strcmp(mp->name, path) == 0) { - mp->refCnt++; - return mp; - } - if ((mp = (ModulePtr)calloc(1, sizeof(*mp))) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), "calloc: %s", strerror(errno)); - return NULL; - } - if ((mp->name = strdup(path)) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), "strdup: %s", strerror(errno)); - free(mp); - return NULL; - } - /* - * load should be declared load(const char *...). Thus we - * cast the path to a normal char *. Ugly. - */ - if ((mp->entry = (void *)load((char *)path, L_NOAUTODEFER, NULL)) == NULL) { - free(mp->name); - free(mp); - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "dlopen: %s: ", path); - /* - * If AIX says the file is not executable, the error - * can be further described by querying the loader about - * the last error. - */ - if (errno == ENOEXEC) { - char *tmp[BUFSIZ/sizeof(char *)]; - if (loadquery(L_GETMESSAGES, tmp, sizeof(tmp)) == -1) - strlcpy(errbuf, - strerror(errno), - sizeof(errbuf)); - else { - char **p; - for (p = tmp; *p; p++) - caterr(*p); - } - } else - strlcat(errbuf, - strerror(errno), - sizeof(errbuf)); - return NULL; - } - mp->refCnt = 1; - mp->next = modList; - modList = mp; - if (loadbind(0, mainModule, mp->entry) == -1) { - dlclose(mp); - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "loadbind: %s", strerror(errno)); - return NULL; - } - /* - * If the user wants global binding, loadbind against all other - * loaded modules. - */ - if (mode & RTLD_GLOBAL) { - ModulePtr mp1; - for (mp1 = mp->next; mp1; mp1 = mp1->next) - if (loadbind(0, mp1->entry, mp->entry) == -1) { - dlclose(mp); - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "loadbind: %s", - strerror(errno)); - return NULL; - } - } - if (readExports(mp) == -1) { - dlclose(mp); - return NULL; - } - /* - * If there is a dl_info structure, call the init function. - */ - if (mp->info = (struct dl_info *)dlsym(mp, "dl_info")) { - if (mp->info->init) - (*mp->info->init)(); - } else - errvalid = 0; - /* - * If the shared object was compiled using xlC we will need - * to call static constructors (and later on dlclose destructors). - */ - if (mp->cdtors = (CdtorPtr)dlsym(mp, "__cdtors")) { - CdtorPtr cp = mp->cdtors; - while (cp->init || cp->term) { - if (cp->init && cp->init != (void (*)(void))0xffffffff) - (*cp->init)(); - cp++; - } - /* - * If the shared object was compiled using g++, we will need - * to call global constructors using the _GLOBAL__DI function, - * and later, global destructors using the _GLOBAL_DD - * funciton. --jwe - */ - } else if (mp->gcc_ctor = (GccCDtorPtr)dlsym(mp, "_GLOBAL__DI")) { - (*mp->gcc_ctor)(); - mp->gcc_dtor = (GccCDtorPtr)dlsym(mp, "_GLOBAL__DD"); - } else - errvalid = 0; - return mp; -} - -/* - * Attempt to decipher an AIX loader error message and append it - * to our static error message buffer. - */ -static void caterr(char *s) -{ - char *p = s; - - while (*p >= '0' && *p <= '9') - p++; - switch(atoi(s)) { - case L_ERROR_TOOMANY: - strlcat(errbuf, "to many errors", sizeof(errbuf)); - break; - case L_ERROR_NOLIB: - strlcat(errbuf, "can't load library", sizeof(errbuf)); - strlcat(errbuf, p, sizeof(errbuf)); - break; - case L_ERROR_UNDEF: - strlcat(errbuf, "can't find symbol", sizeof(errbuf)); - strlcat(errbuf, p, sizeof(errbuf)); - break; - case L_ERROR_RLDBAD: - strlcat(errbuf, "bad RLD", sizeof(errbuf)); - strlcat(errbuf, p, sizeof(errbuf)); - break; - case L_ERROR_FORMAT: - strlcat(errbuf, "bad exec format in", sizeof(errbuf)); - strlcat(errbuf, p, sizeof(errbuf)); - break; - case L_ERROR_ERRNO: - strlcat(errbuf, strerror(atoi(++p)), sizeof(errbuf)); - break; - default: - strlcat(errbuf, s, sizeof(errbuf)); - break; - } -} - -void *dlsym(void *handle, const char *symbol) -{ - ModulePtr mp = (ModulePtr)handle; - ExportPtr ep; - int i; - - /* - * Could speed up the search, but I assume that one assigns - * the result to function pointers anyways. - */ - for (ep = mp->exports, i = mp->nExports; i; i--, ep++) - if (strcmp(ep->name, symbol) == 0) - return ep->addr; - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "dlsym: undefined symbol %s", symbol); - return NULL; -} - -char *dlerror(void) -{ - if (errvalid) { - errvalid = 0; - return errbuf; - } - return NULL; -} - -int dlclose(void *handle) -{ - ModulePtr mp = (ModulePtr)handle; - int result; - ModulePtr mp1; - - if (--mp->refCnt > 0) - return 0; - if (mp->info && mp->info->fini) - (*mp->info->fini)(); - if (mp->cdtors) { - CdtorPtr cp = mp->cdtors; - while (cp->init || cp->term) { - if (cp->term && cp->init != (void (*)(void))0xffffffff) - (*cp->term)(); - cp++; - } - /* - * If the function to handle global destructors for g++ - * exists, call it. --jwe - */ - } else if (mp->gcc_dtor) { - (*mp->gcc_dtor)(); - } - result = unload(mp->entry); - if (result == -1) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "%s", strerror(errno)); - } - if (mp->exports) { - ExportPtr ep; - int i; - for (ep = mp->exports, i = mp->nExports; i; i--, ep++) - if (ep->name) - free(ep->name); - free(mp->exports); - } - if (mp == modList) - modList = mp->next; - else { - for (mp1 = modList; mp1; mp1 = mp1->next) - if (mp1->next == mp) { - mp1->next = mp->next; - break; - } - } - free(mp->name); - free(mp); - return result; -} - -static void terminate(void) -{ - while (modList) - dlclose(modList); -} - -/* - * Build the export table from the XCOFF .loader section. - */ -static int readExports(ModulePtr mp) -{ - LDFILE *ldp = NULL; - SCNHDR sh, shdata; - LDHDR *lhp; - char *ldbuf; - LDSYM *ls; - int i; - ExportPtr ep; - - if ((ldp = ldopen(mp->name, ldp)) == NULL) { - struct ld_info *lp; - char *buf; - int size = 4*1024; - if (errno != ENOENT) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: %s", - strerror(errno)); - return -1; - } - /* - * The module might be loaded due to the LIBPATH - * environment variable. Search for the loaded - * module using L_GETINFO. - */ - if ((buf = malloc(size)) == NULL) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: %s", - strerror(errno)); - return -1; - } - while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) { - free(buf); - size += 4*1024; - if ((buf = malloc(size)) == NULL) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: %s", - strerror(errno)); - return -1; - } - } - if (i == -1) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: %s", - strerror(errno)); - free(buf); - return -1; - } - /* - * Traverse the list of loaded modules. The entry point - * returned by load() does actually point to the data - * segment origin. - */ - lp = (struct ld_info *)buf; - while (lp) { - if (lp->ldinfo_dataorg == mp->entry) { - ldp = ldopen(lp->ldinfo_filename, ldp); - break; - } - if (lp->ldinfo_next == 0) - lp = NULL; - else - lp = (struct ld_info *)((char *)lp + lp->ldinfo_next); - } - free(buf); - if (!ldp) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "readExports: %s", strerror(errno)); - return -1; - } - } - if (TYPE(ldp) != U802TOCMAGIC) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), "readExports: bad magic"); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - /* - * Get the padding for the data section. This is needed for - * AIX 4.1 compilers. This is used when building the final - * function pointer to the exported symbol. - */ - if (ldnshread(ldp, _DATA, &shdata) != SUCCESS) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: cannot read data section header"); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - if (ldnshread(ldp, _LOADER, &sh) != SUCCESS) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: cannot read loader section header"); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - /* - * We read the complete loader section in one chunk, this makes - * finding long symbol names residing in the string table easier. - */ - if ((ldbuf = (char *)malloc(sh.s_size)) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "readExports: %s", strerror(errno)); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - if (FSEEK(ldp, sh.s_scnptr, BEGINNING) != OKFSEEK) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: cannot seek to loader section"); - free(ldbuf); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - if (FREAD(ldbuf, sh.s_size, 1, ldp) != 1) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: cannot read loader section"); - free(ldbuf); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - lhp = (LDHDR *)ldbuf; - ls = (LDSYM *)(ldbuf+LDHDRSZ); - /* - * Count the number of exports to include in our export table. - */ - for (i = lhp->l_nsyms; i; i--, ls++) { - if (!LDR_EXPORT(*ls)) - continue; - mp->nExports++; - } - if ((mp->exports = (ExportPtr)calloc(mp->nExports, sizeof(*mp->exports))) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "readExports: %s", strerror(errno)); - free(ldbuf); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - /* - * Fill in the export table. All entries are relative to - * the entry point we got from load. - */ - ep = mp->exports; - ls = (LDSYM *)(ldbuf+LDHDRSZ); - for (i = lhp->l_nsyms; i; i--, ls++) { - char *symname; - char tmpsym[SYMNMLEN+1]; - if (!LDR_EXPORT(*ls)) - continue; - if (ls->l_zeroes == 0) - symname = ls->l_offset+lhp->l_stoff+ldbuf; - else { - /* - * The l_name member is not zero terminated, we - * must copy the first SYMNMLEN chars and make - * sure we have a zero byte at the end. - */ - strlcpy (tmpsym, ls->l_name, - SYMNMLEN + 1); - symname = tmpsym; - } - ep->name = strdup(symname); - ep->addr = (void *)((unsigned long)mp->entry + - ls->l_value - shdata.s_vaddr); - ep++; - } - free(ldbuf); - while(ldclose(ldp) == FAILURE) - ; - return 0; -} - -/* - * Find the main modules entry point. This is used as export pointer - * for loadbind() to be able to resolve references to the main part. - */ -static void * findMain(void) -{ - struct ld_info *lp; - char *buf; - int size = 4*1024; - int i; - void *ret; - - if ((buf = malloc(size)) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "findMail: %s", strerror(errno)); - return NULL; - } - while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) { - free(buf); - size += 4*1024; - if ((buf = malloc(size)) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "findMail: %s", strerror(errno)); - return NULL; - } - } - if (i == -1) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "findMail: %s", strerror(errno)); - free(buf); - return NULL; - } - /* - * The first entry is the main module. The entry point - * returned by load() does actually point to the data - * segment origin. - */ - lp = (struct ld_info *)buf; - ret = lp->ldinfo_dataorg; - free(buf); - return ret; -} diff --git a/lib/kafs/dlfcn.h b/lib/kafs/dlfcn.h deleted file mode 100644 index b8dfd985a535..000000000000 --- a/lib/kafs/dlfcn.h +++ /dev/null @@ -1,46 +0,0 @@ -/* - * @(#)dlfcn.h 1.4 revision of 95/04/25 09:36:52 - * This is an unpublished work copyright (c) 1992 HELIOS Software GmbH - * 30159 Hannover, Germany - */ - -#ifndef __dlfcn_h__ -#define __dlfcn_h__ - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * Mode flags for the dlopen routine. - */ -#define RTLD_LAZY 1 /* lazy function call binding */ -#define RTLD_NOW 2 /* immediate function call binding */ -#define RTLD_GLOBAL 0x100 /* allow symbols to be global */ - -/* - * To be able to initialize, a library may provide a dl_info structure - * that contains functions to be called to initialize and terminate. - */ -struct dl_info { - void (*init)(void); - void (*fini)(void); -}; - -#if __STDC__ || defined(_IBMR2) -void *dlopen(const char *path, int mode); -void *dlsym(void *handle, const char *symbol); -char *dlerror(void); -int dlclose(void *handle); -#else -void *dlopen(); -void *dlsym(); -char *dlerror(); -int dlclose(); -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* __dlfcn_h__ */ diff --git a/lib/kafs/kafs.3 b/lib/kafs/kafs.3 index cd5b1fd5a070..d44e35e8c980 100644 --- a/lib/kafs/kafs.3 +++ b/lib/kafs/kafs.3 @@ -1,35 +1,35 @@ -.\" Copyright (c) 1998 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 1998 - 2006 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kafs.3 17380 2006-05-01 07:01:18Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .\" .Dd May 1, 2006 .Os HEIMDAL @@ -161,7 +161,7 @@ and .Pp .Fn krb5_afslog , .Fn kafs_settoken5 -can be configured to behave differently via a +can be configured to behave differently via a .Nm krb5_appdefault option .Li afs-use-524 @@ -279,6 +279,18 @@ usually (depending on the operating system) receive a SIGSYS signal. .%T File Server/Cache Manager Interface .%D 1991 .Re +.Sh FILES +libkafs will search for +.Pa ThisCell and +.Pa TheseCells +in the following locations: +.Pa /usr/vice/etc , +.Pa /etc/openafs , +.Pa /var/db/openafs/etc , +.Pa /usr/arla/etc , +.Pa /etc/arla , +and +.Pa /etc/afs .Sh BUGS .Ev AFS_SYSCALL has no effect under AIX. diff --git a/lib/kafs/kafs.cat3 b/lib/kafs/kafs.cat3 new file mode 100644 index 000000000000..d388e043ed6d --- /dev/null +++ b/lib/kafs/kafs.cat3 @@ -0,0 +1,175 @@ + +KAFS(3) BSD Library Functions Manual KAFS(3) + +NNAAMMEE + kk__hhaassaaffss, kk__hhaassaaffss__rreecchheecckk, kk__ppiiooccttll, kk__uunnlloogg, kk__sseettppaagg, + kk__aaffss__cceellll__ooff__ffiillee, kkaaffss__sseett__vveerrbboossee, kkaaffss__sseettttookkeenn__rrxxkkaadd, kkaaffss__sseettttookkeenn, + kkrrbb__aaffsslloogg, kkrrbb__aaffsslloogg__uuiidd, kkaaffss__sseettttookkeenn55, kkrrbb55__aaffsslloogg, kkrrbb55__aaffsslloogg__uuiidd + -- AFS library + +LLIIBBRRAARRYY + AFS cache manager access library (libkafs, -lkafs) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _i_n_t + kk__aaffss__cceellll__ooff__ffiillee(_c_o_n_s_t _c_h_a_r _*_p_a_t_h, _c_h_a_r _*_c_e_l_l, _i_n_t _l_e_n); + + _i_n_t + kk__hhaassaaffss(_v_o_i_d); + + _i_n_t + kk__hhaassaaffss__rreecchheecckk(_v_o_i_d); + + _i_n_t + kk__ppiiooccttll(_c_h_a_r _*_a___p_a_t_h, _i_n_t _o___o_p_c_o_d_e, _s_t_r_u_c_t _V_i_c_e_I_o_c_t_l _*_a___p_a_r_a_m_s_P, + _i_n_t _a___f_o_l_l_o_w_S_y_m_l_i_n_k_s); + + _i_n_t + kk__sseettppaagg(_v_o_i_d); + + _i_n_t + kk__uunnlloogg(_v_o_i_d); + + _v_o_i_d + kkaaffss__sseett__vveerrbboossee(_v_o_i_d _(_*_f_u_n_c_)_(_v_o_i_d _*_, _c_o_n_s_t _c_h_a_r _*_, _i_n_t_), _v_o_i_d _*); + + _i_n_t + kkaaffss__sseettttookkeenn__rrxxkkaadd(_c_o_n_s_t _c_h_a_r _*_c_e_l_l, _s_t_r_u_c_t _C_l_e_a_r_T_o_k_e_n _*_t_o_k_e_n, + _v_o_i_d _*_t_i_c_k_e_t, _s_i_z_e___t _t_i_c_k_e_t___l_e_n); + + _i_n_t + kkaaffss__sseettttookkeenn(_c_o_n_s_t _c_h_a_r _*_c_e_l_l, _u_i_d___t _u_i_d, _C_R_E_D_E_N_T_I_A_L_S _*_c); + + kkrrbb__aaffsslloogg(_c_h_a_r _*_c_e_l_l, _c_h_a_r _*_r_e_a_l_m); + + _i_n_t + kkrrbb__aaffsslloogg__uuiidd(_c_h_a_r _*_c_e_l_l, _c_h_a_r _*_r_e_a_l_m, _u_i_d___t _u_i_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aaffsslloogg__uuiidd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d, _c_o_n_s_t _c_h_a_r _*_c_e_l_l, + _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m, _u_i_d___t _u_i_d); + + _i_n_t + kkaaffss__sseettttookkeenn55(_c_o_n_s_t _c_h_a_r _*_c_e_l_l, _u_i_d___t _u_i_d, _k_r_b_5___c_r_e_d_s _*_c); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aaffsslloogg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d, _c_o_n_s_t _c_h_a_r _*_c_e_l_l, + _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m); + +DDEESSCCRRIIPPTTIIOONN + kk__hhaassaaffss() initializes some library internal structures, and tests for + the presence of AFS in the kernel, none of the other functions should be + called before kk__hhaassaaffss() is called, or if it fails. + + kk__hhaassaaffss__rreecchheecckk() forces a recheck if a AFS client has started since + last time kk__hhaassaaffss() or kk__hhaassaaffss__rreecchheecckk() was called. + + kkaaffss__sseett__vveerrbboossee() set a log function that will be called each time the + kafs library does something important so that the application using + libkafs can output verbose logging. Calling the function + _k_a_f_s___s_e_t___v_e_r_b_o_s_e with the function argument set to NULL will stop libkafs + from calling the logging function (if set). + + kkaaffss__sseettttookkeenn__rrxxkkaadd() set rxkad with the _t_o_k_e_n and _t_i_c_k_e_t (that have the + length _t_i_c_k_e_t___l_e_n) for a given _c_e_l_l. + + kkaaffss__sseettttookkeenn() and kkaaffss__sseettttookkeenn55() work the same way as + kkaaffss__sseettttookkeenn__rrxxkkaadd() but internally converts the Kerberos 4 or 5 creden- + tial to a afs cleartoken and ticket. + + kkrrbb__aaffsslloogg(), and kkrrbb__aaffsslloogg__uuiidd() obtains new tokens (and possibly tick- + ets) for the specified _c_e_l_l and _r_e_a_l_m. If _c_e_l_l is NULL, the local cell + is used. If _r_e_a_l_m is NULL, the function tries to guess what realm to use. + Unless you have some good knowledge of what cell or realm to use, you + should pass NULL. kkrrbb__aaffsslloogg() will use the real user-id for the ViceId + field in the token, kkrrbb__aaffsslloogg__uuiidd() will use _u_i_d. + + kkrrbb55__aaffsslloogg(), and kkrrbb55__aaffsslloogg__uuiidd() are the Kerberos 5 equivalents of + kkrrbb__aaffsslloogg(), and kkrrbb__aaffsslloogg__uuiidd(). + + kkrrbb55__aaffsslloogg(), kkaaffss__sseettttookkeenn55() can be configured to behave differently + via a kkrrbb55__aappppddeeffaauulltt option afs-use-524 in _k_r_b_5_._c_o_n_f. Possible values + for afs-use-524 are: + + yes use the 524 server in the realm to convert the ticket + + no use the Kerberos 5 ticket directly, can be used with if the afs + cell support 2b token. + + local, 2b + convert the Kerberos 5 credential to a 2b token locally (the same + work as a 2b 524 server should have done). + + Example: + + [appdefaults] + SU.SE = { afs-use-524 = local } + PDC.KTH.SE = { afs-use-524 = yes } + afs-use-524 = yes + + libkafs will use the libkafs as application name when running the + kkrrbb55__aappppddeeffaauulltt function call. + + The (uppercased) cell name is used as the realm to the kkrrbb55__aappppddeeffaauulltt + ffuunnccttiioonn.. + + kk__aaffss__cceellll__ooff__ffiillee() will in _c_e_l_l return the cell of a specified file, no + more than _l_e_n characters is put in _c_e_l_l. + + kk__ppiiooccttll() does a ppiiooccttll() system call with the specified arguments. This + function is equivalent to llppiiooccttll(). + + kk__sseettppaagg() initializes a new PAG. + + kk__uunnlloogg() removes destroys all tokens in the current PAG. + +RREETTUURRNN VVAALLUUEESS + kk__hhaassaaffss() returns 1 if AFS is present in the kernel, 0 otherwise. + kkrrbb__aaffsslloogg() and kkrrbb__aaffsslloogg__uuiidd() returns 0 on success, or a Kerberos + error number on failure. kk__aaffss__cceellll__ooff__ffiillee(), kk__ppiiooccttll(), kk__sseettppaagg(), + and kk__uunnlloogg() all return the value of the underlaying system call, 0 on + success. + +EENNVVIIRROONNMMEENNTT + The following environment variable affect the mode of operation of kkaaffss: + + AFS_SYSCALL Normally, kkaaffss will try to figure out the correct system + call(s) that are used by AFS by itself. If it does not man- + age to do that, or does it incorrectly, you can set this + variable to the system call number or list of system call + numbers that should be used. + +EEXXAAMMPPLLEESS + The following code from llooggiinn will obtain a new PAG and tokens for the + local cell and the cell of the users home directory. + + if (k_hasafs()) { + char cell[64]; + k_setpag(); + if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0) + krb_afslog(cell, NULL); + krb_afslog(NULL, NULL); + } + +EERRRROORRSS + If any of these functions (apart from kk__hhaassaaffss()) is called without AFS + being present in the kernel, the process will usually (depending on the + operating system) receive a SIGSYS signal. + +SSEEEE AALLSSOO + krb5_appdefault(3), krb5.conf(5) + + Transarc Corporation, "File Server/Cache Manager Interface", _A_F_S_-_3 + _P_r_o_g_r_a_m_m_e_r_'_s _R_e_f_e_r_e_n_c_e, 1991. + +FFIILLEESS + libkafs will search for _T_h_i_s_C_e_l_l _a_n_d _T_h_e_s_e_C_e_l_l_s in the following loca- + tions: _/_u_s_r_/_v_i_c_e_/_e_t_c, _/_e_t_c_/_o_p_e_n_a_f_s, _/_v_a_r_/_d_b_/_o_p_e_n_a_f_s_/_e_t_c, _/_u_s_r_/_a_r_l_a_/_e_t_c, + _/_e_t_c_/_a_r_l_a, and _/_e_t_c_/_a_f_s + +BBUUGGSS + AFS_SYSCALL has no effect under AIX. + +HEIMDAL May 1, 2006 HEIMDAL diff --git a/lib/kafs/kafs.h b/lib/kafs/kafs.h index d478039693e8..dd20cab52048 100644 --- a/lib/kafs/kafs.h +++ b/lib/kafs/kafs.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2001, 2003 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001, 2003 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: kafs.h 20652 2007-05-10 19:30:18Z lha $ */ +/* $Id$ */ #ifndef __KAFS_H #define __KAFS_H @@ -82,15 +82,15 @@ #define VIOC_AFS_SYSNAME _VICEIOCTL(38) #define VIOC_EXPORTAFS _VICEIOCTL(39) #define VIOCGETCACHEPARAMS _VICEIOCTL(40) -#define VIOC_GCPAGS _VICEIOCTL(48) +#define VIOC_GCPAGS _VICEIOCTL(48) #define VIOCGETTOK2 _AFSCIOCTL(7) #define VIOCSETTOK2 _AFSCIOCTL(8) struct ViceIoctl { caddr_t in, out; - short in_size; - short out_size; + unsigned short in_size; + unsigned short out_size; }; struct ClearToken { @@ -157,7 +157,7 @@ krb5_error_code krb5_afslog_uid (krb5_context context, krb5_const_realm realm, uid_t uid); krb5_error_code krb5_afslog (krb5_context context, - krb5_ccache id, + krb5_ccache id, const char *cell, krb5_const_realm realm); krb5_error_code krb5_afslog_uid_home (krb5_context context, diff --git a/lib/kafs/kafs_locl.h b/lib/kafs/kafs_locl.h index a564104a2942..ea670f31388d 100644 --- a/lib/kafs/kafs_locl.h +++ b/lib/kafs/kafs_locl.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: kafs_locl.h 16116 2005-10-02 03:14:47Z lha $ */ +/* $Id$ */ #ifndef __KAFS_LOCL_H__ #define __KAFS_LOCL_H__ @@ -94,15 +94,11 @@ #ifdef KRB5 #include #endif -#ifdef KRB4 -#include -#else #ifdef KRB5 #include "crypto-headers.h" #include typedef struct credentials CREDENTIALS; #endif /* KRB5 */ -#endif /* KRB4 */ #include #include @@ -117,7 +113,7 @@ typedef int (*afslog_uid_func_t)(struct kafs_data *, uid_t, const char *); -typedef int (*get_cred_func_t)(struct kafs_data*, const char*, const char*, +typedef int (*get_cred_func_t)(struct kafs_data*, const char*, const char*, const char*, uid_t, struct kafs_token *); typedef char* (*get_realm_func_t)(struct kafs_data*, const char*); @@ -127,6 +123,8 @@ struct kafs_data { afslog_uid_func_t afslog_uid; get_cred_func_t get_cred; get_realm_func_t get_realm; + const char *(*get_error)(struct kafs_data *, int); + void (*free_error)(struct kafs_data *, const char *); void *data; }; @@ -140,7 +138,7 @@ void _kafs_foldup(char *, const char *); int _kafs_afslog_all_local_cells(struct kafs_data*, uid_t, const char*); -int _kafs_get_cred(struct kafs_data*, const char*, const char*, const char *, +int _kafs_get_cred(struct kafs_data*, const char*, const char*, const char *, uid_t, struct kafs_token *); int diff --git a/lib/kafs/roken_rename.h b/lib/kafs/roken_rename.h index 6eb61fa31898..26da2656777e 100644 --- a/lib/kafs/roken_rename.h +++ b/lib/kafs/roken_rename.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 2001-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2001-2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: roken_rename.h 15341 2005-06-02 07:35:45Z lha $ */ +/* $Id$ */ #ifndef __roken_rename_h__ #define __roken_rename_h__ @@ -52,13 +52,13 @@ #define rk_dns_parse_reply _kafs_dns_parse_reply #ifndef HAVE_STRTOK_R -#define strtok_r _kafs_strtok_r +#define rk_strtok_r _kafs_strtok_r #endif #ifndef HAVE_STRLCPY -#define strlcpy _kafs_strlcpy +#define rk_strlcpy _kafs_strlcpy #endif #ifndef HAVE_STRSEP -#define strsep _kafs_strsep +#define rk_strsep _kafs_strsep #endif #endif /* __roken_rename_h__ */ diff --git a/lib/kdfs/ChangeLog b/lib/kdfs/ChangeLog new file mode 100644 index 000000000000..c4bc2a367c3a --- /dev/null +++ b/lib/kdfs/ChangeLog @@ -0,0 +1,28 @@ +2002-08-12 Johan Danielsson + + * k5dfspag.c: don't use ## in string concatenation + +2002-03-11 Assar Westerlund + + * Makefile.am (libkdfs_la_LDFLAGS): set versoin to 0:2:0 + +2002-01-23 Assar Westerlund + + * k5dfspag.c: use SIG_DFL and not SIG_IGN for SIGCHLD. + from "Todd C. Miller" + +2001-02-07 Assar Westerlund + + * k5dfspag.c: add config.h + +2000-12-11 Assar Westerlund + + * Makefile.am (libkdfs_la_LDFLAGS): set version to 0:1:0 + +2000-07-02 Assar Westerlund + + * k5dfspag.c: use krb5.h instead of krb5_locl.h + + * initial import from Ake Sandgren + + diff --git a/lib/kdfs/Makefile.am b/lib/kdfs/Makefile.am new file mode 100644 index 000000000000..e31b2408a108 --- /dev/null +++ b/lib/kdfs/Makefile.am @@ -0,0 +1,12 @@ +# $Id$ + +include $(top_srcdir)/Makefile.am.common + +lib_LTLIBRARIES = libkdfs.la + +libkdfs_la_SOURCES = \ + k5dfspag.c + +libkdfs_la_LDFLAGS = -version-info 0:3:0 + +EXTRA_DIST = NTMakefile diff --git a/lib/45/Makefile.in b/lib/kdfs/Makefile.in similarity index 70% rename from lib/45/Makefile.in rename to lib/kdfs/Makefile.in index fc6ff540cd48..e8ce07b8e5ff 100644 --- a/lib/45/Makefile.in +++ b/lib/kdfs/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,16 +15,17 @@ @SET_MAKE@ -# $Id: Makefile.am 14164 2004-08-26 11:55:29Z joda $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -40,11 +42,11 @@ build_triplet = @build@ host_triplet = @host@ DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = lib/45 + $(top_srcdir)/cf/Makefile.am.common ChangeLog +subdir = lib/kdfs ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -59,7 +61,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -73,9 +75,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -83,29 +88,45 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(libdir)" -libLIBRARIES_INSTALL = $(INSTALL_DATA) -LIBRARIES = $(lib_LIBRARIES) -ARFLAGS = cru -lib45_a_AR = $(AR) $(ARFLAGS) -lib45_a_LIBADD = -am_lib45_a_OBJECTS = get_ad_tkt.$(OBJEXT) mk_req.$(OBJEXT) -lib45_a_OBJECTS = $(am_lib45_a_OBJECTS) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +LTLIBRARIES = $(lib_LTLIBRARIES) +libkdfs_la_LIBADD = +am_libkdfs_la_OBJECTS = k5dfspag.lo +libkdfs_la_OBJECTS = $(am_libkdfs_la_OBJECTS) +libkdfs_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libkdfs_la_LDFLAGS) $(LDFLAGS) -o $@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -115,8 +136,8 @@ CCLD = $(CC) LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ -SOURCES = $(lib45_a_SOURCES) -DIST_SOURCES = $(lib45_a_SOURCES) +SOURCES = $(libkdfs_la_SOURCES) +DIST_SOURCES = $(libkdfs_la_SOURCES) ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -124,49 +145,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -190,10 +220,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -210,6 +241,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -225,31 +258,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -264,10 +311,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -308,50 +357,57 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -lib_LIBRARIES = @EXTRA_LIB45@ -EXTRA_LIBRARIES = lib45.a -lib45_a_SOURCES = get_ad_tkt.c mk_req.c 45_locl.h +lib_LTLIBRARIES = libkdfs.la +libkdfs_la_SOURCES = \ + k5dfspag.c + +libkdfs_la_LDFLAGS = -version-info 0:3:0 +EXTRA_DIST = NTMakefile all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/45/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/45/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kdfs/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/kdfs/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -369,39 +425,40 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLIBRARIES: $(lib_LIBRARIES) +$(am__aclocal_m4_deps): +install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(libLIBRARIES_INSTALL) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(libLIBRARIES_INSTALL) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done - @$(POST_INSTALL) - @list='$(lib_LIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - p=$(am__strip_dir) \ - echo " $(RANLIB) '$(DESTDIR)$(libdir)/$$p'"; \ - $(RANLIB) "$(DESTDIR)$(libdir)/$$p"; \ - else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } -uninstall-libLIBRARIES: +uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done -clean-libLIBRARIES: - -test -z "$(lib_LIBRARIES)" || rm -f $(lib_LIBRARIES) -lib45.a: $(lib45_a_OBJECTS) $(lib45_a_DEPENDENCIES) - -rm -f lib45.a - $(lib45_a_AR) lib45.a $(lib45_a_OBJECTS) $(lib45_a_LIBADD) - $(RANLIB) lib45.a +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libkdfs.la: $(libkdfs_la_OBJECTS) $(libkdfs_la_DEPENDENCIES) + $(libkdfs_la_LINK) -rpath $(libdir) $(libkdfs_la_OBJECTS) $(libkdfs_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -409,14 +466,28 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/k5dfspag.Plo@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo @@ -429,45 +500,49 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -488,13 +563,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -504,7 +583,7 @@ distdir: $(DISTFILES) check-am: all-am $(MAKE) $(AM_MAKEFLAGS) check-local check: check-am -all-am: Makefile $(LIBRARIES) all-local +all-am: Makefile $(LTLIBRARIES) all-local installdirs: for dir in "$(DESTDIR)$(libdir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ @@ -529,16 +608,18 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-generic clean-libLIBRARIES clean-libtool \ +clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -549,6 +630,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -556,26 +639,35 @@ info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am -install-exec-am: install-libLIBRARIES +install-dvi-am: + +install-exec-am: install-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -592,28 +684,27 @@ ps: ps-am ps-am: -uninstall-am: uninstall-libLIBRARIES +uninstall-am: uninstall-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libLIBRARIES clean-libtool ctags \ + clean clean-generic clean-libLTLIBRARIES clean-libtool ctags \ dist-hook distclean distclean-compile distclean-generic \ distclean-libtool distclean-tags distdir dvi dvi-am html \ html-am info info-am install install-am install-data \ install-data-am install-data-hook install-dvi install-dvi-am \ install-exec install-exec-am install-exec-hook install-html \ install-html-am install-info install-info-am \ - install-libLIBRARIES install-man install-pdf install-pdf-am \ + install-libLTLIBRARIES install-man install-pdf install-pdf-am \ install-ps install-ps-am install-strip installcheck \ installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ tags uninstall uninstall-am uninstall-hook \ - uninstall-libLIBRARIES + uninstall-libLTLIBRARIES install-suid-programs: @@ -684,6 +775,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -769,7 +863,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -782,6 +876,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/kdfs/NTMakefile b/lib/kdfs/NTMakefile new file mode 100644 index 000000000000..4ec8f31ad580 --- /dev/null +++ b/lib/kdfs/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\kdfs + +!include ../../windows/NTMakefile.w32 + diff --git a/lib/kdfs/k5dfspag.c b/lib/kdfs/k5dfspag.c new file mode 100644 index 000000000000..2db635bee860 --- /dev/null +++ b/lib/kdfs/k5dfspag.c @@ -0,0 +1,368 @@ +/* + * lib/krb5/os/k5dfspag.c + * + * New Kerberos module to issue the DFS PAG syscalls. + * It also contains the routine to fork and exec the + * k5dcecon routine to do most of the work. + * + * This file is designed to be as independent of DCE + * and DFS as possible. The only dependencies are on + * the syscall numbers. If DFS not running or not installed, + * the sig handlers will catch and the signal and + * will continue. + * + * krb5_dfs_newpag and krb5_dfs_getpag should not be real + * Kerberos routines, since they should be setpag and getpag + * in the DCE library, but without the DCE baggage. + * Thus they don't have context, and don't return a krb5 error. + * + * + * + * krb5_dfs_pag() + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +RCSID("$Id$"); + +#include + +#ifdef DCE + +#include +#include +#include +#include +#include + +/* Only run this DFS PAG code on systems with POSIX + * All that we are interested in dor:, AIX 4.x, + * Solaris 2.5.x, HPUX 10.x Even SunOS 4.1.4, AIX 3.2.5 + * and SGI 5.3 are OK. This simplifies + * the build/configure which I don't want to change now. + * All of them also have waitpid as well. + */ + +#define POSIX_SETJMP +#define POSIX_SIGNALS +#define HAVE_WAITPID + +#include +#include +#ifndef POSIX_SETJMP +#undef sigjmp_buf +#undef sigsetjmp +#undef siglongjmp +#define sigjmp_buf jmp_buf +#define sigsetjmp(j,s) setjmp(j) +#define siglongjmp longjmp +#endif + +#ifdef POSIX_SIGNALS +typedef struct sigaction handler; +#define handler_init(H,F) (sigemptyset(&(H).sa_mask), \ + (H).sa_flags=0, \ + (H).sa_handler=(F)) +#define handler_swap(S,NEW,OLD) sigaction(S, &NEW, &OLD) +#define handler_set(S,OLD) sigaction(S, &OLD, NULL) +#else +typedef sigtype (*handler)(); +#define handler_init(H,F) ((H) = (F)) +#define handler_swap(S,NEW,OLD) ((OLD) = signal ((S), (NEW))) +#define handler_set(S,OLD) (signal ((S), (OLD))) +#endif + +#define krb5_sigtype void +#define WAIT_USES_INT +typedef krb5_sigtype sigtype; + + +/* + * Need some syscall numbers based on different systems. + * These are based on: + * HPUX 10.10 /opt/dce/include/dcedfs/syscall.h + * Solaris 2.5 /opt/dcelocal/share/include/dcedfs/syscall.h + * AIX 4.2 - needs some funny games with load and kafs_syscall + * to get the kernel extentions. There should be a better way! + * + * DEE 5/27/97 + * + */ + + +#define AFSCALL_SETPAG 2 +#define AFSCALL_GETPAG 11 + +#if defined(sun) +#define AFS_SYSCALL 72 + +#elif defined(hpux) +/* assume HPUX 10 + or is it 50 */ +#define AFS_SYSCALL 326 + +#elif defined(_AIX) +#ifndef DPAGAIX +#define DPAGAIX LIBEXECDIR "/dpagaix" +#endif +int *load(); +static int (*dpagaix)(int, int, int, int, int, int) = 0; + +#elif defined(sgi) || defined(_sgi) +#define AFS_SYSCALL 206+1000 + +#else +#define AFS_SYSCALL (Unknown_DFS_AFS_SYSCALL) +#endif + + +#ifdef WAIT_USES_INT + int wait_status; +#else /* WAIT_USES_INT */ + union wait wait_status; +#endif /* WAIT_USES_INT */ + +#ifndef K5DCECON +#define K5DCECON LIBEXECDIR "/k5dcecon" +#endif + +/* + * mysig() + * + * signal handler if DFS not running + * + */ + +static sigjmp_buf setpag_buf; + +static sigtype mysig() +{ + siglongjmp(setpag_buf, 1); +} + +/* + * krb5_dfs_pag_syscall() + * + * wrapper for the syscall with signal handlers + * + */ + +static int krb5_dfs_pag_syscall(opt1,opt2) + int opt1; + int opt2; +{ + handler sa1, osa1; + handler sa2, osa2; + int pag = -2; + + handler_init (sa1, mysig); + handler_init (sa2, mysig); + handler_swap (SIGSYS, sa1, osa1); + handler_swap (SIGSEGV, sa2, osa2); + + if (sigsetjmp(setpag_buf, 1) == 0) { + +#if defined(_AIX) + if (!dpagaix) + dpagaix = load(DPAGAIX, 0, 0); + if (dpagaix) + pag = (*dpagaix)(opt1, opt2, 0, 0, 0, 0); +#else + pag = syscall(AFS_SYSCALL, opt1, opt2, 0, 0, 0, 0); +#endif + + handler_set (SIGSYS, osa1); + handler_set (SIGSEGV, osa2); + return(pag); + } + + /* syscall failed! return 0 */ + handler_set (SIGSYS, osa1); + handler_set (SIGSEGV, osa2); + return(-2); +} + +/* + * krb5_dfs_newpag() + * + * issue a DCE/DFS setpag system call to set the newpag + * for this process. This takes advantage of a currently + * undocumented feature of the Transarc port of DFS. + * Even in DCE 1.2.2 for which the source is available, + * (but no vendors have released), this feature is not + * there, but it should be, or could be added. + * If new_pag is zero, then the syscall will get a new pag + * and return its value. + */ + +int krb5_dfs_newpag(new_pag) + int new_pag; +{ + return(krb5_dfs_pag_syscall(AFSCALL_SETPAG, new_pag)); +} + +/* + * krb5_dfs_getpag() + * + * get the current PAG. Used mostly as a test. + */ + +int krb5_dfs_getpag() +{ + return(krb5_dfs_pag_syscall(AFSCALL_GETPAG, 0)); +} + +/* + * krb5_dfs_pag() + * + * Given a principal and local username, + * fork and exec the k5dcecon module to create + * refresh or join a new DCE/DFS + * Process Authentication Group (PAG) + * + * This routine should be called after krb5_kuserok has + * determined that this combination of local user and + * principal are acceptable for the local host. + * + * It should also be called after a forwarded ticket has + * been received, and the KRB5CCNAME environment variable + * has been set to point at it. k5dcecon will convert this + * to a new DCE context and a new pag and replace KRB5CCNAME + * in the environment. + * + * If there is no forwarded ticket, k5dcecon will attempt + * to join an existing PAG for the same principal and local + * user. + * + * And it should be called before access to the home directory + * as this may be in DFS, not accessable by root, and require + * the PAG to have been setup. + * + * The krb5_afs_pag can be called after this routine to + * use the the cache obtained by k5dcecon to get an AFS token. + * DEE - 7/97 + */ + +int krb5_dfs_pag(context, flag, principal, luser) + krb5_context context; + int flag; /* 1 if a forwarded TGT is to be used */ + krb5_principal principal; + const char *luser; + +{ + + struct stat stx; + int fd[2]; + int i,j; + int pid; + int new_pag; + int pag; + char newccname[MAXPATHLEN] = ""; + char *princ; + int err; + struct sigaction newsig, oldsig; + +#ifdef WAIT_USES_INT + int wait_status; +#else /* WAIT_USES_INT */ + union wait wait_status; +#endif /* WAIT_USES_INT */ + + if (krb5_unparse_name(context, principal, &princ)) + return(0); + + /* test if DFS is running or installed */ + if (krb5_dfs_getpag() == -2) + return(0); /* DFS not running, dont try */ + + if (pipe(fd) == -1) + return(0); + + /* Make sure that telnetd.c's SIGCHLD action don't happen right now... */ + memset((char *)&newsig, 0, sizeof(newsig)); + newsig.sa_handler = SIG_DFL; + sigaction(SIGCHLD, &newsig, &oldsig); + + pid = fork(); + if (pid <0) + return(0); + + if (pid == 0) { /* child process */ + + close(1); /* close stdout */ + dup(fd[1]); /* point stdout at pipe here */ + close(fd[0]); /* don't use end of pipe here */ + close(fd[1]); /* pipe now as stdout */ + + execl(K5DCECON, "k5dcecon", + (flag) ? "-f" : "-s" , + "-l", luser, + "-p", princ, (char *)0); + + exit(127); /* incase execl fails */ + } + + /* parent, wait for child to finish */ + + close(fd[1]); /* dont need this end of pipe */ + +/* #if defined(sgi) || defined(_sgi) */ + /* wait_status.w_status = 0; */ + /* waitpid((pid_t) pid, &wait_status.w_status, 0); */ +/* #else */ + + + wait_status = 0; +#ifdef HAVE_WAITPID + err = waitpid((pid_t) pid, &wait_status, 0); +#else /* HAVE_WAITPID */ + err = wait4(pid, &wait_status, 0, (struct rusage *) NULL); +#endif /* HAVE_WAITPID */ +/* #endif */ + + sigaction(SIGCHLD, &oldsig, 0); + if (WIFEXITED(wait_status)){ + if (WEXITSTATUS(wait_status) == 0) { + i = 1; + j = 0; + while (i != 0) { + i = read(fd[0], &newccname[j], sizeof(newccname)-1-j); + if ( i > 0) + j += i; + if (j >= sizeof(newccname)-1) + i = 0; + } + close(fd[0]); + if (j > 0) { + newccname[j] = '\0'; + esetenv("KRB5CCNAME",newccname,1); + sscanf(&newccname[j-8],"%8x",&new_pag); + if (new_pag && strncmp("FILE:/opt/dcelocal/var/security/creds/dcecred_", newccname, 46) == 0) { + if((pag = krb5_dfs_newpag(new_pag)) != -2) { + return(pag); + } + } + } + } + } + return(0); /* something not right */ +} + +#else /* DCE */ + +/* + * krb5_dfs_pag - dummy version for the lib for systems + * which don't have DFS, or the needed setpag kernel code. + */ + +krb5_boolean +krb5_dfs_pag(context, principal, luser) + krb5_context context; + krb5_principal principal; + const char *luser; +{ + return(0); +} + +#endif /* DCE */ diff --git a/lib/krb5/Makefile.am b/lib/krb5/Makefile.am index ced9616e162c..9429535eb962 100644 --- a/lib/krb5/Makefile.am +++ b/lib/krb5/Makefile.am @@ -1,25 +1,29 @@ -# $Id: Makefile.am 22501 2008-01-21 15:43:21Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -AM_CPPFLAGS += $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I../com_err -I$(srcdir)/../com_err +AM_CPPFLAGS += $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I../com_err -I$(srcdir)/../com_err $(INCLUDE_sqlite3) $(INCLUDE_libintl) bin_PROGRAMS = verify_krb5_conf noinst_PROGRAMS = \ krbhst-test \ + test_gic \ test_alname \ test_crypto \ + test_rfc3961 \ test_get_addrs \ test_kuserok \ test_renew \ test_forward +noinst_LTLIBRARIES = \ + librfc3961.la + TESTS = \ aes-test \ derived-key-test \ n-fold-test \ - name-45-test \ parse-name-test \ store-test \ string-to-key-test \ @@ -27,6 +31,7 @@ TESTS = \ test_addr \ test_cc \ test_config \ + test_fx \ test_prf \ test_store \ test_crypto_wrapping \ @@ -36,25 +41,54 @@ TESTS = \ test_plugin \ test_princ \ test_pkinit_dh2key \ - test_time + test_pknistkdf \ + test_time \ + test_x500 -check_PROGRAMS = $(TESTS) test_hostname +check_DATA = test_config_strings.out + +check_PROGRAMS = $(TESTS) test_hostname test_ap-req LDADD = libkrb5.la \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la \ $(LIB_roken) if PKINIT LIB_pkinit = ../hx509/libhx509.la endif +if have_scc +use_sqlite = $(LIB_sqlite3) +endif + libkrb5_la_LIBADD = \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/ipc/libheim-ipcc.la \ + $(top_builddir)/lib/wind/libwind.la \ + $(top_builddir)/base/libheimbase.la \ $(LIB_pkinit) \ + $(use_sqlite) \ $(LIB_com_err) \ $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_libintl) \ $(LIBADD_roken) \ + $(PTHREAD_LIBADD) \ + $(LIB_door_create) \ + $(LIB_dlopen) + +librfc3961_la_LIBADD = \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/ipc/libheim-ipcc.la \ + $(top_builddir)/lib/wind/libwind.la \ + $(LIB_pkinit) \ + $(use_sqlite) \ + $(LIB_com_err) \ + $(LIB_hcrypto) \ + $(LIB_libintl) \ + $(LIBADD_roken) \ + $(PTHREAD_LIBADD) \ $(LIB_door_create) \ $(LIB_dlopen) @@ -62,7 +96,15 @@ lib_LTLIBRARIES = libkrb5.la ERR_FILES = krb5_err.c krb_err.c heim_err.c k524_err.c -libkrb5_la_CPPFLAGS = -DBUILD_KRB5_LIB $(AM_CPPFLAGS) +libkrb5_la_CPPFLAGS = \ + -DBUILD_KRB5_LIB \ + $(AM_CPPFLAGS) \ + -DHEIMDAL_LOCALEDIR='"$(localedir)"' + +librfc3961_la_CPPFLAGS = \ + -DBUILD_KRB5_LIB \ + $(AM_CPPFLAGS) \ + -DHEIMDAL_LOCALEDIR='"$(localedir)"' dist_libkrb5_la_SOURCES = \ acache.c \ @@ -79,7 +121,6 @@ dist_libkrb5_la_SOURCES = \ changepw.c \ codec.c \ config_file.c \ - config_file_netinfo.c \ convert_creds.c \ constants.c \ context.c \ @@ -87,12 +128,25 @@ dist_libkrb5_la_SOURCES = \ crc.c \ creds.c \ crypto.c \ + crypto.h \ + crypto-aes.c \ + crypto-algs.c \ + crypto-arcfour.c \ + crypto-des.c \ + crypto-des-common.c \ + crypto-des3.c \ + crypto-evp.c \ + crypto-null.c \ + crypto-pk.c \ + crypto-rand.c \ doxygen.c \ data.c \ + deprecated.c \ digest.c \ eai_to_heim_errno.c \ error_string.c \ expand_hostname.c \ + expand_path.c \ fcache.c \ free.c \ free_host_realm.c \ @@ -105,11 +159,7 @@ dist_libkrb5_la_SOURCES = \ get_for_creds.c \ get_host_realm.c \ get_in_tkt.c \ - get_in_tkt_pw.c \ - get_in_tkt_with_keytab.c \ - get_in_tkt_with_skey.c \ get_port.c \ - heim_threads.h \ init_creds.c \ init_creds_pw.c \ kcm.c \ @@ -119,7 +169,6 @@ dist_libkrb5_la_SOURCES = \ keytab_any.c \ keytab_file.c \ keytab_keyfile.c \ - keytab_krb4.c \ keytab_memory.c \ krb5_locl.h \ krb5-v4compat.h \ @@ -140,6 +189,7 @@ dist_libkrb5_la_SOURCES = \ n-fold.c \ pac.c \ padata.c \ + pcache.c \ pkinit.c \ principal.c \ prog_setup.c \ @@ -153,11 +203,18 @@ dist_libkrb5_la_SOURCES = \ read_message.c \ recvauth.c \ replay.c \ + salt.c \ + salt-aes.c \ + salt-arcfour.c \ + salt-des.c \ + salt-des3.c \ + scache.c \ send_to_kdc.c \ sendauth.c \ set_default_realm.c \ sock_principal.c \ store.c \ + store-int.c \ store-int.h \ store_emem.c \ store_fd.c \ @@ -166,7 +223,6 @@ dist_libkrb5_la_SOURCES = \ ticket.c \ time.c \ transited.c \ - v4_glue.c \ verify_init.c \ verify_user.c \ version.c \ @@ -176,45 +232,73 @@ dist_libkrb5_la_SOURCES = \ nodist_libkrb5_la_SOURCES = \ $(ERR_FILES) -libkrb5_la_LDFLAGS = -version-info 24:0:0 +libkrb5_la_DEPENDENCIES = \ + version-script.map + +libkrb5_la_LDFLAGS = -version-info 26:0:0 if versionscript libkrb5_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map endif -$(libkrb5_la_OBJECTS) $(verify_krb5_conf_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h +$(libkrb5_la_OBJECTS) $(verify_krb5_conf_OBJECTS) $(librfc3961_la_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h krb5_err.h heim_err.h k524_err.h krb5_err.h krb_err.h k524_err.h + +librfc3961_la_SOURCES = \ + crc.c \ + crypto.c \ + crypto.h \ + crypto-aes.c \ + crypto-algs.c \ + crypto-arcfour.c \ + crypto-des.c \ + crypto-des-common.c \ + crypto-des3.c \ + crypto-evp.c \ + crypto-null.c \ + crypto-pk.c \ + crypto-rand.c \ + crypto-stubs.c \ + data.c \ + error_string.c \ + keyblock.c \ + n-fold.c \ + salt.c \ + salt-aes.c \ + salt-arcfour.c \ + salt-des.c \ + salt-des3.c \ + store-int.c \ + warn.c + +test_rfc3961_LDADD = \ + librfc3961.la \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la \ + $(LIB_hcrypto) \ + $(LIB_roken) $(srcdir)/krb5-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -E KRB5_LIB_FUNCTION -q -P comment -o krb5-protos.h $(dist_libkrb5_la_SOURCES) || rm -f krb5-protos.h + cd $(srcdir) && perl ../../cf/make-proto.pl -E KRB5_LIB -q -P comment -o krb5-protos.h $(dist_libkrb5_la_SOURCES) || rm -f krb5-protos.h $(srcdir)/krb5-private.h: cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p krb5-private.h $(dist_libkrb5_la_SOURCES) || rm -f krb5-private.h man_MANS = \ kerberos.8 \ - krb5.3 \ krb5.conf.5 \ krb524_convert_creds_kdc.3 \ krb5_425_conv_principal.3 \ krb5_acl_match_file.3 \ - krb5_address.3 \ krb5_aname_to_localname.3 \ krb5_appdefault.3 \ krb5_auth_context.3 \ krb5_c_make_checksum.3 \ - krb5_ccache.3 \ krb5_check_transited.3 \ - krb5_compare_creds.3 \ - krb5_config.3 \ - krb5_context.3 \ krb5_create_checksum.3 \ krb5_creds.3 \ - krb5_crypto_init.3 \ - krb5_data.3 \ krb5_digest.3 \ krb5_eai_to_heim_errno.3 \ krb5_encrypt.3 \ - krb5_expand_hostname.3 \ krb5_find_padata.3 \ krb5_generate_random_block.3 \ krb5_get_all_client_addrs.3 \ @@ -227,10 +311,7 @@ man_MANS = \ krb5_getportbyname.3 \ krb5_init_context.3 \ krb5_is_thread_safe.3 \ - krb5_keyblock.3 \ - krb5_keytab.3 \ krb5_krbhst_init.3 \ - krb5_kuserok.3 \ krb5_mk_req.3 \ krb5_mk_safe.3 \ krb5_openlog.3 \ @@ -241,14 +322,10 @@ man_MANS = \ krb5_rd_safe.3 \ krb5_set_default_realm.3 \ krb5_set_password.3 \ - krb5_storage.3 \ krb5_string_to_key.3 \ - krb5_ticket.3 \ krb5_timeofday.3 \ - krb5_unparse_name.3 \ krb5_verify_init_creds.3 \ krb5_verify_user.3 \ - krb5_warn.3 \ verify_krb5_conf.8 dist_include_HEADERS = \ @@ -257,18 +334,19 @@ dist_include_HEADERS = \ krb5-private.h \ krb5_ccapi.h -nodist_include_HEADERS = krb5_err.h heim_err.h k524_err.h +nodist_include_HEADERS = krb5_err.h heim_err.h k524_err.h # XXX use nobase_include_HEADERS = krb5/locate_plugin.h krb5dir = $(includedir)/krb5 -krb5_HEADERS = locate_plugin.h +krb5_HEADERS = locate_plugin.h send_to_kdc_plugin.h ccache_plugin.h build_HEADERZ = \ - heim_threads.h \ $(krb5_HEADERS) \ krb_err.h CLEANFILES = \ + test_config_strings.out \ + test-store-data \ krb5_err.c krb5_err.h \ krb_err.c krb_err.h \ heim_err.c heim_err.h \ @@ -276,13 +354,19 @@ CLEANFILES = \ $(libkrb5_la_OBJECTS): krb5_err.h krb_err.h heim_err.h k524_err.h +test_config_strings.out: test_config_strings.cfg + $(CP) $(srcdir)/test_config_strings.cfg test_config_strings.out + EXTRA_DIST = \ + NTMakefile \ + verify_krb5_conf-version.rc \ krb5_err.et \ krb_err.et \ heim_err.et \ k524_err.et \ $(man_MANS) \ version-script.map \ + test_config_strings.cfg \ krb5.moduli #sysconf_DATA = krb5.moduli diff --git a/lib/krb5/Makefile.in b/lib/krb5/Makefile.in index 60e09251227f..2473eb2cae51 100644 --- a/lib/krb5/Makefile.in +++ b/lib/krb5/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,18 +15,19 @@ @SET_MAKE@ -# $Id: Makefile.am 22501 2008-01-21 15:43:21Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -45,26 +47,28 @@ DIST_COMMON = $(dist_include_HEADERS) $(krb5_HEADERS) \ $(top_srcdir)/Makefile.am.common \ $(top_srcdir)/cf/Makefile.am.common bin_PROGRAMS = verify_krb5_conf$(EXEEXT) -noinst_PROGRAMS = krbhst-test$(EXEEXT) test_alname$(EXEEXT) \ - test_crypto$(EXEEXT) test_get_addrs$(EXEEXT) \ +noinst_PROGRAMS = krbhst-test$(EXEEXT) test_gic$(EXEEXT) \ + test_alname$(EXEEXT) test_crypto$(EXEEXT) \ + test_rfc3961$(EXEEXT) test_get_addrs$(EXEEXT) \ test_kuserok$(EXEEXT) test_renew$(EXEEXT) \ test_forward$(EXEEXT) TESTS = aes-test$(EXEEXT) derived-key-test$(EXEEXT) \ - n-fold-test$(EXEEXT) name-45-test$(EXEEXT) \ - parse-name-test$(EXEEXT) store-test$(EXEEXT) \ - string-to-key-test$(EXEEXT) test_acl$(EXEEXT) \ - test_addr$(EXEEXT) test_cc$(EXEEXT) test_config$(EXEEXT) \ - test_prf$(EXEEXT) test_store$(EXEEXT) \ - test_crypto_wrapping$(EXEEXT) test_keytab$(EXEEXT) \ - test_mem$(EXEEXT) test_pac$(EXEEXT) test_plugin$(EXEEXT) \ - test_princ$(EXEEXT) test_pkinit_dh2key$(EXEEXT) \ - test_time$(EXEEXT) -check_PROGRAMS = $(am__EXEEXT_1) test_hostname$(EXEEXT) + n-fold-test$(EXEEXT) parse-name-test$(EXEEXT) \ + store-test$(EXEEXT) string-to-key-test$(EXEEXT) \ + test_acl$(EXEEXT) test_addr$(EXEEXT) test_cc$(EXEEXT) \ + test_config$(EXEEXT) test_fx$(EXEEXT) test_prf$(EXEEXT) \ + test_store$(EXEEXT) test_crypto_wrapping$(EXEEXT) \ + test_keytab$(EXEEXT) test_mem$(EXEEXT) test_pac$(EXEEXT) \ + test_plugin$(EXEEXT) test_princ$(EXEEXT) \ + test_pkinit_dh2key$(EXEEXT) test_pknistkdf$(EXEEXT) \ + test_time$(EXEEXT) test_x500$(EXEEXT) +check_PROGRAMS = $(am__EXEEXT_1) test_hostname$(EXEEXT) \ + test_ap-req$(EXEEXT) @versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map subdir = lib/krb5 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -79,7 +83,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -93,9 +97,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -103,79 +110,97 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" \ "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(includedir)" \ "$(DESTDIR)$(krb5dir)" "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) +LTLIBRARIES = $(lib_LTLIBRARIES) $(noinst_LTLIBRARIES) am__DEPENDENCIES_1 = -libkrb5_la_DEPENDENCIES = $(LIB_pkinit) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) +@have_scc_TRUE@am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1) dist_libkrb5_la_OBJECTS = libkrb5_la-acache.lo libkrb5_la-acl.lo \ libkrb5_la-add_et_list.lo libkrb5_la-addr_families.lo \ libkrb5_la-aname_to_localname.lo libkrb5_la-appdefault.lo \ libkrb5_la-asn1_glue.lo libkrb5_la-auth_context.lo \ libkrb5_la-build_ap_req.lo libkrb5_la-build_auth.lo \ libkrb5_la-cache.lo libkrb5_la-changepw.lo libkrb5_la-codec.lo \ - libkrb5_la-config_file.lo libkrb5_la-config_file_netinfo.lo \ - libkrb5_la-convert_creds.lo libkrb5_la-constants.lo \ - libkrb5_la-context.lo libkrb5_la-copy_host_realm.lo \ - libkrb5_la-crc.lo libkrb5_la-creds.lo libkrb5_la-crypto.lo \ - libkrb5_la-doxygen.lo libkrb5_la-data.lo libkrb5_la-digest.lo \ + libkrb5_la-config_file.lo libkrb5_la-convert_creds.lo \ + libkrb5_la-constants.lo libkrb5_la-context.lo \ + libkrb5_la-copy_host_realm.lo libkrb5_la-crc.lo \ + libkrb5_la-creds.lo libkrb5_la-crypto.lo \ + libkrb5_la-crypto-aes.lo libkrb5_la-crypto-algs.lo \ + libkrb5_la-crypto-arcfour.lo libkrb5_la-crypto-des.lo \ + libkrb5_la-crypto-des-common.lo libkrb5_la-crypto-des3.lo \ + libkrb5_la-crypto-evp.lo libkrb5_la-crypto-null.lo \ + libkrb5_la-crypto-pk.lo libkrb5_la-crypto-rand.lo \ + libkrb5_la-doxygen.lo libkrb5_la-data.lo \ + libkrb5_la-deprecated.lo libkrb5_la-digest.lo \ libkrb5_la-eai_to_heim_errno.lo libkrb5_la-error_string.lo \ - libkrb5_la-expand_hostname.lo libkrb5_la-fcache.lo \ - libkrb5_la-free.lo libkrb5_la-free_host_realm.lo \ + libkrb5_la-expand_hostname.lo libkrb5_la-expand_path.lo \ + libkrb5_la-fcache.lo libkrb5_la-free.lo \ + libkrb5_la-free_host_realm.lo \ libkrb5_la-generate_seq_number.lo \ libkrb5_la-generate_subkey.lo libkrb5_la-get_addrs.lo \ libkrb5_la-get_cred.lo libkrb5_la-get_default_principal.lo \ libkrb5_la-get_default_realm.lo libkrb5_la-get_for_creds.lo \ libkrb5_la-get_host_realm.lo libkrb5_la-get_in_tkt.lo \ - libkrb5_la-get_in_tkt_pw.lo \ - libkrb5_la-get_in_tkt_with_keytab.lo \ - libkrb5_la-get_in_tkt_with_skey.lo libkrb5_la-get_port.lo \ - libkrb5_la-init_creds.lo libkrb5_la-init_creds_pw.lo \ - libkrb5_la-kcm.lo libkrb5_la-keyblock.lo libkrb5_la-keytab.lo \ + libkrb5_la-get_port.lo libkrb5_la-init_creds.lo \ + libkrb5_la-init_creds_pw.lo libkrb5_la-kcm.lo \ + libkrb5_la-keyblock.lo libkrb5_la-keytab.lo \ libkrb5_la-keytab_any.lo libkrb5_la-keytab_file.lo \ - libkrb5_la-keytab_keyfile.lo libkrb5_la-keytab_krb4.lo \ - libkrb5_la-keytab_memory.lo libkrb5_la-krbhst.lo \ - libkrb5_la-kuserok.lo libkrb5_la-log.lo libkrb5_la-mcache.lo \ - libkrb5_la-misc.lo libkrb5_la-mk_error.lo \ + libkrb5_la-keytab_keyfile.lo libkrb5_la-keytab_memory.lo \ + libkrb5_la-krbhst.lo libkrb5_la-kuserok.lo libkrb5_la-log.lo \ + libkrb5_la-mcache.lo libkrb5_la-misc.lo libkrb5_la-mk_error.lo \ libkrb5_la-mk_priv.lo libkrb5_la-mk_rep.lo \ libkrb5_la-mk_req.lo libkrb5_la-mk_req_ext.lo \ libkrb5_la-mk_safe.lo libkrb5_la-mit_glue.lo \ libkrb5_la-net_read.lo libkrb5_la-net_write.lo \ libkrb5_la-n-fold.lo libkrb5_la-pac.lo libkrb5_la-padata.lo \ - libkrb5_la-pkinit.lo libkrb5_la-principal.lo \ - libkrb5_la-prog_setup.lo libkrb5_la-prompter_posix.lo \ - libkrb5_la-rd_cred.lo libkrb5_la-rd_error.lo \ - libkrb5_la-rd_priv.lo libkrb5_la-rd_rep.lo \ - libkrb5_la-rd_req.lo libkrb5_la-rd_safe.lo \ - libkrb5_la-read_message.lo libkrb5_la-recvauth.lo \ - libkrb5_la-replay.lo libkrb5_la-send_to_kdc.lo \ + libkrb5_la-pcache.lo libkrb5_la-pkinit.lo \ + libkrb5_la-principal.lo libkrb5_la-prog_setup.lo \ + libkrb5_la-prompter_posix.lo libkrb5_la-rd_cred.lo \ + libkrb5_la-rd_error.lo libkrb5_la-rd_priv.lo \ + libkrb5_la-rd_rep.lo libkrb5_la-rd_req.lo \ + libkrb5_la-rd_safe.lo libkrb5_la-read_message.lo \ + libkrb5_la-recvauth.lo libkrb5_la-replay.lo libkrb5_la-salt.lo \ + libkrb5_la-salt-aes.lo libkrb5_la-salt-arcfour.lo \ + libkrb5_la-salt-des.lo libkrb5_la-salt-des3.lo \ + libkrb5_la-scache.lo libkrb5_la-send_to_kdc.lo \ libkrb5_la-sendauth.lo libkrb5_la-set_default_realm.lo \ libkrb5_la-sock_principal.lo libkrb5_la-store.lo \ - libkrb5_la-store_emem.lo libkrb5_la-store_fd.lo \ - libkrb5_la-store_mem.lo libkrb5_la-plugin.lo \ - libkrb5_la-ticket.lo libkrb5_la-time.lo \ - libkrb5_la-transited.lo libkrb5_la-v4_glue.lo \ - libkrb5_la-verify_init.lo libkrb5_la-verify_user.lo \ - libkrb5_la-version.lo libkrb5_la-warn.lo \ - libkrb5_la-write_message.lo + libkrb5_la-store-int.lo libkrb5_la-store_emem.lo \ + libkrb5_la-store_fd.lo libkrb5_la-store_mem.lo \ + libkrb5_la-plugin.lo libkrb5_la-ticket.lo libkrb5_la-time.lo \ + libkrb5_la-transited.lo libkrb5_la-verify_init.lo \ + libkrb5_la-verify_user.lo libkrb5_la-version.lo \ + libkrb5_la-warn.lo libkrb5_la-write_message.lo am__objects_1 = libkrb5_la-krb5_err.lo libkrb5_la-krb_err.lo \ libkrb5_la-heim_err.lo libkrb5_la-k524_err.lo nodist_libkrb5_la_OBJECTS = $(am__objects_1) @@ -184,171 +209,251 @@ libkrb5_la_OBJECTS = $(dist_libkrb5_la_OBJECTS) \ libkrb5_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libkrb5_la_LDFLAGS) $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) +librfc3961_la_DEPENDENCIES = $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/ipc/libheim-ipcc.la \ + $(top_builddir)/lib/wind/libwind.la $(LIB_pkinit) \ + $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) +am_librfc3961_la_OBJECTS = librfc3961_la-crc.lo \ + librfc3961_la-crypto.lo librfc3961_la-crypto-aes.lo \ + librfc3961_la-crypto-algs.lo librfc3961_la-crypto-arcfour.lo \ + librfc3961_la-crypto-des.lo librfc3961_la-crypto-des-common.lo \ + librfc3961_la-crypto-des3.lo librfc3961_la-crypto-evp.lo \ + librfc3961_la-crypto-null.lo librfc3961_la-crypto-pk.lo \ + librfc3961_la-crypto-rand.lo librfc3961_la-crypto-stubs.lo \ + librfc3961_la-data.lo librfc3961_la-error_string.lo \ + librfc3961_la-keyblock.lo librfc3961_la-n-fold.lo \ + librfc3961_la-salt.lo librfc3961_la-salt-aes.lo \ + librfc3961_la-salt-arcfour.lo librfc3961_la-salt-des.lo \ + librfc3961_la-salt-des3.lo librfc3961_la-store-int.lo \ + librfc3961_la-warn.lo +librfc3961_la_OBJECTS = $(am_librfc3961_la_OBJECTS) am__EXEEXT_1 = aes-test$(EXEEXT) derived-key-test$(EXEEXT) \ - n-fold-test$(EXEEXT) name-45-test$(EXEEXT) \ - parse-name-test$(EXEEXT) store-test$(EXEEXT) \ - string-to-key-test$(EXEEXT) test_acl$(EXEEXT) \ - test_addr$(EXEEXT) test_cc$(EXEEXT) test_config$(EXEEXT) \ - test_prf$(EXEEXT) test_store$(EXEEXT) \ - test_crypto_wrapping$(EXEEXT) test_keytab$(EXEEXT) \ - test_mem$(EXEEXT) test_pac$(EXEEXT) test_plugin$(EXEEXT) \ - test_princ$(EXEEXT) test_pkinit_dh2key$(EXEEXT) \ - test_time$(EXEEXT) + n-fold-test$(EXEEXT) parse-name-test$(EXEEXT) \ + store-test$(EXEEXT) string-to-key-test$(EXEEXT) \ + test_acl$(EXEEXT) test_addr$(EXEEXT) test_cc$(EXEEXT) \ + test_config$(EXEEXT) test_fx$(EXEEXT) test_prf$(EXEEXT) \ + test_store$(EXEEXT) test_crypto_wrapping$(EXEEXT) \ + test_keytab$(EXEEXT) test_mem$(EXEEXT) test_pac$(EXEEXT) \ + test_plugin$(EXEEXT) test_princ$(EXEEXT) \ + test_pkinit_dh2key$(EXEEXT) test_pknistkdf$(EXEEXT) \ + test_time$(EXEEXT) test_x500$(EXEEXT) PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) aes_test_SOURCES = aes-test.c aes_test_OBJECTS = aes-test.$(OBJEXT) aes_test_LDADD = $(LDADD) aes_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) derived_key_test_SOURCES = derived-key-test.c derived_key_test_OBJECTS = derived-key-test.$(OBJEXT) derived_key_test_LDADD = $(LDADD) derived_key_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) krbhst_test_SOURCES = krbhst-test.c krbhst_test_OBJECTS = krbhst-test.$(OBJEXT) krbhst_test_LDADD = $(LDADD) krbhst_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) n_fold_test_SOURCES = n-fold-test.c n_fold_test_OBJECTS = n-fold-test.$(OBJEXT) n_fold_test_LDADD = $(LDADD) n_fold_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -name_45_test_SOURCES = name-45-test.c -name_45_test_OBJECTS = name-45-test.$(OBJEXT) -name_45_test_LDADD = $(LDADD) -name_45_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) parse_name_test_SOURCES = parse-name-test.c parse_name_test_OBJECTS = parse-name-test.$(OBJEXT) parse_name_test_LDADD = $(LDADD) parse_name_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) store_test_SOURCES = store-test.c store_test_OBJECTS = store-test.$(OBJEXT) store_test_LDADD = $(LDADD) store_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) string_to_key_test_SOURCES = string-to-key-test.c string_to_key_test_OBJECTS = string-to-key-test.$(OBJEXT) string_to_key_test_LDADD = $(LDADD) string_to_key_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_acl_SOURCES = test_acl.c test_acl_OBJECTS = test_acl.$(OBJEXT) test_acl_LDADD = $(LDADD) test_acl_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_addr_SOURCES = test_addr.c test_addr_OBJECTS = test_addr.$(OBJEXT) test_addr_LDADD = $(LDADD) test_addr_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_alname_SOURCES = test_alname.c test_alname_OBJECTS = test_alname.$(OBJEXT) test_alname_LDADD = $(LDADD) test_alname_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) +test_ap_req_SOURCES = test_ap-req.c +test_ap_req_OBJECTS = test_ap-req.$(OBJEXT) +test_ap_req_LDADD = $(LDADD) +test_ap_req_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_cc_SOURCES = test_cc.c test_cc_OBJECTS = test_cc.$(OBJEXT) test_cc_LDADD = $(LDADD) test_cc_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_config_SOURCES = test_config.c test_config_OBJECTS = test_config.$(OBJEXT) test_config_LDADD = $(LDADD) test_config_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_crypto_SOURCES = test_crypto.c test_crypto_OBJECTS = test_crypto.$(OBJEXT) test_crypto_LDADD = $(LDADD) test_crypto_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_crypto_wrapping_SOURCES = test_crypto_wrapping.c test_crypto_wrapping_OBJECTS = test_crypto_wrapping.$(OBJEXT) test_crypto_wrapping_LDADD = $(LDADD) test_crypto_wrapping_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_forward_SOURCES = test_forward.c test_forward_OBJECTS = test_forward.$(OBJEXT) test_forward_LDADD = $(LDADD) test_forward_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) +test_fx_SOURCES = test_fx.c +test_fx_OBJECTS = test_fx.$(OBJEXT) +test_fx_LDADD = $(LDADD) +test_fx_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_get_addrs_SOURCES = test_get_addrs.c test_get_addrs_OBJECTS = test_get_addrs.$(OBJEXT) test_get_addrs_LDADD = $(LDADD) test_get_addrs_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) +test_gic_SOURCES = test_gic.c +test_gic_OBJECTS = test_gic.$(OBJEXT) +test_gic_LDADD = $(LDADD) +test_gic_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_hostname_SOURCES = test_hostname.c test_hostname_OBJECTS = test_hostname.$(OBJEXT) test_hostname_LDADD = $(LDADD) test_hostname_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_keytab_SOURCES = test_keytab.c test_keytab_OBJECTS = test_keytab.$(OBJEXT) test_keytab_LDADD = $(LDADD) test_keytab_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_kuserok_SOURCES = test_kuserok.c test_kuserok_OBJECTS = test_kuserok.$(OBJEXT) test_kuserok_LDADD = $(LDADD) test_kuserok_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_mem_SOURCES = test_mem.c test_mem_OBJECTS = test_mem.$(OBJEXT) test_mem_LDADD = $(LDADD) test_mem_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_pac_SOURCES = test_pac.c test_pac_OBJECTS = test_pac.$(OBJEXT) test_pac_LDADD = $(LDADD) test_pac_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_pkinit_dh2key_SOURCES = test_pkinit_dh2key.c test_pkinit_dh2key_OBJECTS = test_pkinit_dh2key.$(OBJEXT) test_pkinit_dh2key_LDADD = $(LDADD) test_pkinit_dh2key_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) +test_pknistkdf_SOURCES = test_pknistkdf.c +test_pknistkdf_OBJECTS = test_pknistkdf.$(OBJEXT) +test_pknistkdf_LDADD = $(LDADD) +test_pknistkdf_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_plugin_SOURCES = test_plugin.c test_plugin_OBJECTS = test_plugin.$(OBJEXT) test_plugin_LDADD = $(LDADD) test_plugin_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_prf_SOURCES = test_prf.c test_prf_OBJECTS = test_prf.$(OBJEXT) test_prf_LDADD = $(LDADD) test_prf_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_princ_SOURCES = test_princ.c test_princ_OBJECTS = test_princ.$(OBJEXT) test_princ_LDADD = $(LDADD) test_princ_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_renew_SOURCES = test_renew.c test_renew_OBJECTS = test_renew.$(OBJEXT) test_renew_LDADD = $(LDADD) test_renew_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) +test_rfc3961_SOURCES = test_rfc3961.c +test_rfc3961_OBJECTS = test_rfc3961.$(OBJEXT) +test_rfc3961_DEPENDENCIES = librfc3961.la \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) test_store_SOURCES = test_store.c test_store_OBJECTS = test_store.$(OBJEXT) test_store_LDADD = $(LDADD) test_store_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) test_time_SOURCES = test_time.c test_time_OBJECTS = test_time.$(OBJEXT) test_time_LDADD = $(LDADD) test_time_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) +test_x500_SOURCES = test_x500.c +test_x500_OBJECTS = test_x500.$(OBJEXT) +test_x500_LDADD = $(LDADD) +test_x500_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) verify_krb5_conf_SOURCES = verify_krb5_conf.c verify_krb5_conf_OBJECTS = verify_krb5_conf.$(OBJEXT) verify_krb5_conf_LDADD = $(LDADD) verify_krb5_conf_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -359,82 +464,93 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(dist_libkrb5_la_SOURCES) $(nodist_libkrb5_la_SOURCES) \ - aes-test.c derived-key-test.c krbhst-test.c n-fold-test.c \ - name-45-test.c parse-name-test.c store-test.c \ + $(librfc3961_la_SOURCES) aes-test.c derived-key-test.c \ + krbhst-test.c n-fold-test.c parse-name-test.c store-test.c \ string-to-key-test.c test_acl.c test_addr.c test_alname.c \ - test_cc.c test_config.c test_crypto.c test_crypto_wrapping.c \ - test_forward.c test_get_addrs.c test_hostname.c test_keytab.c \ + test_ap-req.c test_cc.c test_config.c test_crypto.c \ + test_crypto_wrapping.c test_forward.c test_fx.c \ + test_get_addrs.c test_gic.c test_hostname.c test_keytab.c \ test_kuserok.c test_mem.c test_pac.c test_pkinit_dh2key.c \ - test_plugin.c test_prf.c test_princ.c test_renew.c \ - test_store.c test_time.c verify_krb5_conf.c -DIST_SOURCES = $(dist_libkrb5_la_SOURCES) aes-test.c \ - derived-key-test.c krbhst-test.c n-fold-test.c name-45-test.c \ + test_pknistkdf.c test_plugin.c test_prf.c test_princ.c \ + test_renew.c test_rfc3961.c test_store.c test_time.c \ + test_x500.c verify_krb5_conf.c +DIST_SOURCES = $(dist_libkrb5_la_SOURCES) $(librfc3961_la_SOURCES) \ + aes-test.c derived-key-test.c krbhst-test.c n-fold-test.c \ parse-name-test.c store-test.c string-to-key-test.c test_acl.c \ - test_addr.c test_alname.c test_cc.c test_config.c \ - test_crypto.c test_crypto_wrapping.c test_forward.c \ - test_get_addrs.c test_hostname.c test_keytab.c test_kuserok.c \ - test_mem.c test_pac.c test_pkinit_dh2key.c test_plugin.c \ - test_prf.c test_princ.c test_renew.c test_store.c test_time.c \ - verify_krb5_conf.c + test_addr.c test_alname.c test_ap-req.c test_cc.c \ + test_config.c test_crypto.c test_crypto_wrapping.c \ + test_forward.c test_fx.c test_get_addrs.c test_gic.c \ + test_hostname.c test_keytab.c test_kuserok.c test_mem.c \ + test_pac.c test_pkinit_dh2key.c test_pknistkdf.c test_plugin.c \ + test_prf.c test_princ.c test_renew.c test_rfc3961.c \ + test_store.c test_time.c test_x500.c verify_krb5_conf.c man3dir = $(mandir)/man3 man5dir = $(mandir)/man5 man8dir = $(mandir)/man8 MANS = $(man_MANS) -dist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -krb5HEADERS_INSTALL = $(INSTALL_HEADER) -nodist_includeHEADERS_INSTALL = $(INSTALL_HEADER) HEADERS = $(dist_include_HEADERS) $(krb5_HEADERS) \ $(nodist_include_HEADERS) ETAGS = etags CTAGS = ctags +am__tty_colors = \ +red=; grn=; lgn=; blu=; std= DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -458,10 +574,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -478,6 +595,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -493,31 +612,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -532,10 +665,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -576,50 +711,90 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I../com_err \ - -I$(srcdir)/../com_err +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_krb4) $(INCLUDE_hcrypto) \ + -I../com_err -I$(srcdir)/../com_err $(INCLUDE_sqlite3) \ + $(INCLUDE_libintl) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la +noinst_LTLIBRARIES = \ + librfc3961.la + +check_DATA = test_config_strings.out LDADD = libkrb5.la \ $(LIB_hcrypto) \ $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la \ $(LIB_roken) @PKINIT_TRUE@LIB_pkinit = ../hx509/libhx509.la +@have_scc_TRUE@use_sqlite = $(LIB_sqlite3) libkrb5_la_LIBADD = \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/ipc/libheim-ipcc.la \ + $(top_builddir)/lib/wind/libwind.la \ + $(top_builddir)/base/libheimbase.la \ $(LIB_pkinit) \ + $(use_sqlite) \ $(LIB_com_err) \ $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_libintl) \ $(LIBADD_roken) \ + $(PTHREAD_LIBADD) \ + $(LIB_door_create) \ + $(LIB_dlopen) + +librfc3961_la_LIBADD = \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/ipc/libheim-ipcc.la \ + $(top_builddir)/lib/wind/libwind.la \ + $(LIB_pkinit) \ + $(use_sqlite) \ + $(LIB_com_err) \ + $(LIB_hcrypto) \ + $(LIB_libintl) \ + $(LIBADD_roken) \ + $(PTHREAD_LIBADD) \ $(LIB_door_create) \ $(LIB_dlopen) lib_LTLIBRARIES = libkrb5.la ERR_FILES = krb5_err.c krb_err.c heim_err.c k524_err.c -libkrb5_la_CPPFLAGS = -DBUILD_KRB5_LIB $(AM_CPPFLAGS) +libkrb5_la_CPPFLAGS = \ + -DBUILD_KRB5_LIB \ + $(AM_CPPFLAGS) \ + -DHEIMDAL_LOCALEDIR='"$(localedir)"' + +librfc3961_la_CPPFLAGS = \ + -DBUILD_KRB5_LIB \ + $(AM_CPPFLAGS) \ + -DHEIMDAL_LOCALEDIR='"$(localedir)"' + dist_libkrb5_la_SOURCES = \ acache.c \ acl.c \ @@ -635,7 +810,6 @@ dist_libkrb5_la_SOURCES = \ changepw.c \ codec.c \ config_file.c \ - config_file_netinfo.c \ convert_creds.c \ constants.c \ context.c \ @@ -643,12 +817,25 @@ dist_libkrb5_la_SOURCES = \ crc.c \ creds.c \ crypto.c \ + crypto.h \ + crypto-aes.c \ + crypto-algs.c \ + crypto-arcfour.c \ + crypto-des.c \ + crypto-des-common.c \ + crypto-des3.c \ + crypto-evp.c \ + crypto-null.c \ + crypto-pk.c \ + crypto-rand.c \ doxygen.c \ data.c \ + deprecated.c \ digest.c \ eai_to_heim_errno.c \ error_string.c \ expand_hostname.c \ + expand_path.c \ fcache.c \ free.c \ free_host_realm.c \ @@ -661,11 +848,7 @@ dist_libkrb5_la_SOURCES = \ get_for_creds.c \ get_host_realm.c \ get_in_tkt.c \ - get_in_tkt_pw.c \ - get_in_tkt_with_keytab.c \ - get_in_tkt_with_skey.c \ get_port.c \ - heim_threads.h \ init_creds.c \ init_creds_pw.c \ kcm.c \ @@ -675,7 +858,6 @@ dist_libkrb5_la_SOURCES = \ keytab_any.c \ keytab_file.c \ keytab_keyfile.c \ - keytab_krb4.c \ keytab_memory.c \ krb5_locl.h \ krb5-v4compat.h \ @@ -696,6 +878,7 @@ dist_libkrb5_la_SOURCES = \ n-fold.c \ pac.c \ padata.c \ + pcache.c \ pkinit.c \ principal.c \ prog_setup.c \ @@ -709,11 +892,18 @@ dist_libkrb5_la_SOURCES = \ read_message.c \ recvauth.c \ replay.c \ + salt.c \ + salt-aes.c \ + salt-arcfour.c \ + salt-des.c \ + salt-des3.c \ + scache.c \ send_to_kdc.c \ sendauth.c \ set_default_realm.c \ sock_principal.c \ store.c \ + store-int.c \ store-int.h \ store_emem.c \ store_fd.c \ @@ -722,7 +912,6 @@ dist_libkrb5_la_SOURCES = \ ticket.c \ time.c \ transited.c \ - v4_glue.c \ verify_init.c \ verify_user.c \ version.c \ @@ -732,32 +921,60 @@ dist_libkrb5_la_SOURCES = \ nodist_libkrb5_la_SOURCES = \ $(ERR_FILES) -libkrb5_la_LDFLAGS = -version-info 24:0:0 $(am__append_1) +libkrb5_la_DEPENDENCIES = \ + version-script.map + +libkrb5_la_LDFLAGS = -version-info 26:0:0 $(am__append_1) +librfc3961_la_SOURCES = \ + crc.c \ + crypto.c \ + crypto.h \ + crypto-aes.c \ + crypto-algs.c \ + crypto-arcfour.c \ + crypto-des.c \ + crypto-des-common.c \ + crypto-des3.c \ + crypto-evp.c \ + crypto-null.c \ + crypto-pk.c \ + crypto-rand.c \ + crypto-stubs.c \ + data.c \ + error_string.c \ + keyblock.c \ + n-fold.c \ + salt.c \ + salt-aes.c \ + salt-arcfour.c \ + salt-des.c \ + salt-des3.c \ + store-int.c \ + warn.c + +test_rfc3961_LDADD = \ + librfc3961.la \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/wind/libwind.la \ + $(LIB_hcrypto) \ + $(LIB_roken) + man_MANS = \ kerberos.8 \ - krb5.3 \ krb5.conf.5 \ krb524_convert_creds_kdc.3 \ krb5_425_conv_principal.3 \ krb5_acl_match_file.3 \ - krb5_address.3 \ krb5_aname_to_localname.3 \ krb5_appdefault.3 \ krb5_auth_context.3 \ krb5_c_make_checksum.3 \ - krb5_ccache.3 \ krb5_check_transited.3 \ - krb5_compare_creds.3 \ - krb5_config.3 \ - krb5_context.3 \ krb5_create_checksum.3 \ krb5_creds.3 \ - krb5_crypto_init.3 \ - krb5_data.3 \ krb5_digest.3 \ krb5_eai_to_heim_errno.3 \ krb5_encrypt.3 \ - krb5_expand_hostname.3 \ krb5_find_padata.3 \ krb5_generate_random_block.3 \ krb5_get_all_client_addrs.3 \ @@ -770,10 +987,7 @@ man_MANS = \ krb5_getportbyname.3 \ krb5_init_context.3 \ krb5_is_thread_safe.3 \ - krb5_keyblock.3 \ - krb5_keytab.3 \ krb5_krbhst_init.3 \ - krb5_kuserok.3 \ krb5_mk_req.3 \ krb5_mk_safe.3 \ krb5_openlog.3 \ @@ -784,14 +998,10 @@ man_MANS = \ krb5_rd_safe.3 \ krb5_set_default_realm.3 \ krb5_set_password.3 \ - krb5_storage.3 \ krb5_string_to_key.3 \ - krb5_ticket.3 \ krb5_timeofday.3 \ - krb5_unparse_name.3 \ krb5_verify_init_creds.3 \ krb5_verify_user.3 \ - krb5_warn.3 \ verify_krb5_conf.8 dist_include_HEADERS = \ @@ -800,47 +1010,51 @@ dist_include_HEADERS = \ krb5-private.h \ krb5_ccapi.h -nodist_include_HEADERS = krb5_err.h heim_err.h k524_err.h +nodist_include_HEADERS = krb5_err.h heim_err.h k524_err.h # XXX use nobase_include_HEADERS = krb5/locate_plugin.h krb5dir = $(includedir)/krb5 -krb5_HEADERS = locate_plugin.h +krb5_HEADERS = locate_plugin.h send_to_kdc_plugin.h ccache_plugin.h build_HEADERZ = \ - heim_threads.h \ $(krb5_HEADERS) \ krb_err.h CLEANFILES = \ + test_config_strings.out \ + test-store-data \ krb5_err.c krb5_err.h \ krb_err.c krb_err.h \ heim_err.c heim_err.h \ k524_err.c k524_err.h EXTRA_DIST = \ + NTMakefile \ + verify_krb5_conf-version.rc \ krb5_err.et \ krb_err.et \ heim_err.et \ k524_err.et \ $(man_MANS) \ version-script.map \ + test_config_strings.cfg \ krb5.moduli all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/krb5/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/krb5/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/krb5/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/krb5/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -858,23 +1072,28 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -885,50 +1104,80 @@ clean-libLTLIBRARIES: echo "rm -f \"$${dir}/so_locations\""; \ rm -f "$${dir}/so_locations"; \ done + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done libkrb5.la: $(libkrb5_la_OBJECTS) $(libkrb5_la_DEPENDENCIES) $(libkrb5_la_LINK) -rpath $(libdir) $(libkrb5_la_OBJECTS) $(libkrb5_la_LIBADD) $(LIBS) +librfc3961.la: $(librfc3961_la_OBJECTS) $(librfc3961_la_DEPENDENCIES) + $(LINK) $(librfc3961_la_OBJECTS) $(librfc3961_la_LIBADD) $(LIBS) install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list aes-test$(EXEEXT): $(aes_test_OBJECTS) $(aes_test_DEPENDENCIES) @rm -f aes-test$(EXEEXT) $(LINK) $(aes_test_OBJECTS) $(aes_test_LDADD) $(LIBS) @@ -941,9 +1190,6 @@ krbhst-test$(EXEEXT): $(krbhst_test_OBJECTS) $(krbhst_test_DEPENDENCIES) n-fold-test$(EXEEXT): $(n_fold_test_OBJECTS) $(n_fold_test_DEPENDENCIES) @rm -f n-fold-test$(EXEEXT) $(LINK) $(n_fold_test_OBJECTS) $(n_fold_test_LDADD) $(LIBS) -name-45-test$(EXEEXT): $(name_45_test_OBJECTS) $(name_45_test_DEPENDENCIES) - @rm -f name-45-test$(EXEEXT) - $(LINK) $(name_45_test_OBJECTS) $(name_45_test_LDADD) $(LIBS) parse-name-test$(EXEEXT): $(parse_name_test_OBJECTS) $(parse_name_test_DEPENDENCIES) @rm -f parse-name-test$(EXEEXT) $(LINK) $(parse_name_test_OBJECTS) $(parse_name_test_LDADD) $(LIBS) @@ -962,6 +1208,9 @@ test_addr$(EXEEXT): $(test_addr_OBJECTS) $(test_addr_DEPENDENCIES) test_alname$(EXEEXT): $(test_alname_OBJECTS) $(test_alname_DEPENDENCIES) @rm -f test_alname$(EXEEXT) $(LINK) $(test_alname_OBJECTS) $(test_alname_LDADD) $(LIBS) +test_ap-req$(EXEEXT): $(test_ap_req_OBJECTS) $(test_ap_req_DEPENDENCIES) + @rm -f test_ap-req$(EXEEXT) + $(LINK) $(test_ap_req_OBJECTS) $(test_ap_req_LDADD) $(LIBS) test_cc$(EXEEXT): $(test_cc_OBJECTS) $(test_cc_DEPENDENCIES) @rm -f test_cc$(EXEEXT) $(LINK) $(test_cc_OBJECTS) $(test_cc_LDADD) $(LIBS) @@ -977,9 +1226,15 @@ test_crypto_wrapping$(EXEEXT): $(test_crypto_wrapping_OBJECTS) $(test_crypto_wra test_forward$(EXEEXT): $(test_forward_OBJECTS) $(test_forward_DEPENDENCIES) @rm -f test_forward$(EXEEXT) $(LINK) $(test_forward_OBJECTS) $(test_forward_LDADD) $(LIBS) +test_fx$(EXEEXT): $(test_fx_OBJECTS) $(test_fx_DEPENDENCIES) + @rm -f test_fx$(EXEEXT) + $(LINK) $(test_fx_OBJECTS) $(test_fx_LDADD) $(LIBS) test_get_addrs$(EXEEXT): $(test_get_addrs_OBJECTS) $(test_get_addrs_DEPENDENCIES) @rm -f test_get_addrs$(EXEEXT) $(LINK) $(test_get_addrs_OBJECTS) $(test_get_addrs_LDADD) $(LIBS) +test_gic$(EXEEXT): $(test_gic_OBJECTS) $(test_gic_DEPENDENCIES) + @rm -f test_gic$(EXEEXT) + $(LINK) $(test_gic_OBJECTS) $(test_gic_LDADD) $(LIBS) test_hostname$(EXEEXT): $(test_hostname_OBJECTS) $(test_hostname_DEPENDENCIES) @rm -f test_hostname$(EXEEXT) $(LINK) $(test_hostname_OBJECTS) $(test_hostname_LDADD) $(LIBS) @@ -998,6 +1253,9 @@ test_pac$(EXEEXT): $(test_pac_OBJECTS) $(test_pac_DEPENDENCIES) test_pkinit_dh2key$(EXEEXT): $(test_pkinit_dh2key_OBJECTS) $(test_pkinit_dh2key_DEPENDENCIES) @rm -f test_pkinit_dh2key$(EXEEXT) $(LINK) $(test_pkinit_dh2key_OBJECTS) $(test_pkinit_dh2key_LDADD) $(LIBS) +test_pknistkdf$(EXEEXT): $(test_pknistkdf_OBJECTS) $(test_pknistkdf_DEPENDENCIES) + @rm -f test_pknistkdf$(EXEEXT) + $(LINK) $(test_pknistkdf_OBJECTS) $(test_pknistkdf_LDADD) $(LIBS) test_plugin$(EXEEXT): $(test_plugin_OBJECTS) $(test_plugin_DEPENDENCIES) @rm -f test_plugin$(EXEEXT) $(LINK) $(test_plugin_OBJECTS) $(test_plugin_LDADD) $(LIBS) @@ -1010,12 +1268,18 @@ test_princ$(EXEEXT): $(test_princ_OBJECTS) $(test_princ_DEPENDENCIES) test_renew$(EXEEXT): $(test_renew_OBJECTS) $(test_renew_DEPENDENCIES) @rm -f test_renew$(EXEEXT) $(LINK) $(test_renew_OBJECTS) $(test_renew_LDADD) $(LIBS) +test_rfc3961$(EXEEXT): $(test_rfc3961_OBJECTS) $(test_rfc3961_DEPENDENCIES) + @rm -f test_rfc3961$(EXEEXT) + $(LINK) $(test_rfc3961_OBJECTS) $(test_rfc3961_LDADD) $(LIBS) test_store$(EXEEXT): $(test_store_OBJECTS) $(test_store_DEPENDENCIES) @rm -f test_store$(EXEEXT) $(LINK) $(test_store_OBJECTS) $(test_store_LDADD) $(LIBS) test_time$(EXEEXT): $(test_time_OBJECTS) $(test_time_DEPENDENCIES) @rm -f test_time$(EXEEXT) $(LINK) $(test_time_OBJECTS) $(test_time_LDADD) $(LIBS) +test_x500$(EXEEXT): $(test_x500_OBJECTS) $(test_x500_DEPENDENCIES) + @rm -f test_x500$(EXEEXT) + $(LINK) $(test_x500_OBJECTS) $(test_x500_LDADD) $(LIBS) verify_krb5_conf$(EXEEXT): $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_DEPENDENCIES) @rm -f verify_krb5_conf$(EXEEXT) $(LINK) $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_LDADD) $(LIBS) @@ -1026,577 +1290,1452 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/derived-key-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krbhst-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-acache.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-acl.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-add_et_list.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-addr_families.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-aname_to_localname.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-appdefault.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-asn1_glue.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-auth_context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-build_ap_req.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-build_auth.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-cache.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-changepw.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-codec.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-config_file.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-constants.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-context.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-convert_creds.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-copy_host_realm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-crc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-creds.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-crypto-aes.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-crypto-algs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-crypto-arcfour.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-crypto-des-common.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-crypto-des.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-crypto-des3.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-crypto-evp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-crypto-null.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-crypto-pk.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-crypto-rand.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-crypto.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-data.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-deprecated.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-digest.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-doxygen.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-eai_to_heim_errno.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-error_string.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-expand_hostname.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-expand_path.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-fcache.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-free.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-free_host_realm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-generate_seq_number.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-generate_subkey.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-get_addrs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-get_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-get_default_principal.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-get_default_realm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-get_for_creds.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-get_host_realm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-get_in_tkt.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-get_port.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-heim_err.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-init_creds.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-init_creds_pw.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-k524_err.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-kcm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-keyblock.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-keytab.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-keytab_any.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-keytab_file.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-keytab_keyfile.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-keytab_memory.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-krb5_err.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-krb_err.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-krbhst.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-kuserok.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-log.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-mcache.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-misc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-mit_glue.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-mk_error.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-mk_priv.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-mk_rep.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-mk_req.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-mk_req_ext.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-mk_safe.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-n-fold.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-net_read.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-net_write.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-pac.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-padata.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-pcache.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-pkinit.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-plugin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-principal.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-prog_setup.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-prompter_posix.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-rd_cred.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-rd_error.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-rd_priv.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-rd_rep.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-rd_req.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-rd_safe.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-read_message.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-recvauth.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-replay.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-salt-aes.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-salt-arcfour.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-salt-des.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-salt-des3.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-salt.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-scache.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-send_to_kdc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-sendauth.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-set_default_realm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-sock_principal.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-store-int.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-store.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-store_emem.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-store_fd.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-store_mem.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-ticket.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-time.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-transited.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-verify_init.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-verify_user.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-version.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-warn.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libkrb5_la-write_message.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crypto-aes.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crypto-algs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crypto-arcfour.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crypto-des-common.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crypto-des.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crypto-des3.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crypto-evp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crypto-null.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crypto-pk.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crypto-rand.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crypto-stubs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-crypto.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-data.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-error_string.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-keyblock.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-n-fold.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-salt-aes.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-salt-arcfour.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-salt-des.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-salt-des3.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-salt.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-store-int.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/librfc3961_la-warn.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/n-fold-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parse-name-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/string-to-key-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_acl.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_addr.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_alname.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_ap-req.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_cc.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_config.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_crypto.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_crypto_wrapping.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_forward.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_fx.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_get_addrs.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_gic.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_hostname.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_keytab.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_kuserok.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_mem.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_pac.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_pkinit_dh2key.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_pknistkdf.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_plugin.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_prf.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_princ.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_renew.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_rfc3961.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_store.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_time.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_x500.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/verify_krb5_conf.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< libkrb5_la-acache.lo: acache.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-acache.lo `test -f 'acache.c' || echo '$(srcdir)/'`acache.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-acache.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-acache.Tpo -c -o libkrb5_la-acache.lo `test -f 'acache.c' || echo '$(srcdir)/'`acache.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-acache.Tpo $(DEPDIR)/libkrb5_la-acache.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='acache.c' object='libkrb5_la-acache.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-acache.lo `test -f 'acache.c' || echo '$(srcdir)/'`acache.c libkrb5_la-acl.lo: acl.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-acl.lo `test -f 'acl.c' || echo '$(srcdir)/'`acl.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-acl.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-acl.Tpo -c -o libkrb5_la-acl.lo `test -f 'acl.c' || echo '$(srcdir)/'`acl.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-acl.Tpo $(DEPDIR)/libkrb5_la-acl.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='acl.c' object='libkrb5_la-acl.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-acl.lo `test -f 'acl.c' || echo '$(srcdir)/'`acl.c libkrb5_la-add_et_list.lo: add_et_list.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-add_et_list.lo `test -f 'add_et_list.c' || echo '$(srcdir)/'`add_et_list.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-add_et_list.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-add_et_list.Tpo -c -o libkrb5_la-add_et_list.lo `test -f 'add_et_list.c' || echo '$(srcdir)/'`add_et_list.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-add_et_list.Tpo $(DEPDIR)/libkrb5_la-add_et_list.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='add_et_list.c' object='libkrb5_la-add_et_list.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-add_et_list.lo `test -f 'add_et_list.c' || echo '$(srcdir)/'`add_et_list.c libkrb5_la-addr_families.lo: addr_families.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-addr_families.lo `test -f 'addr_families.c' || echo '$(srcdir)/'`addr_families.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-addr_families.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-addr_families.Tpo -c -o libkrb5_la-addr_families.lo `test -f 'addr_families.c' || echo '$(srcdir)/'`addr_families.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-addr_families.Tpo $(DEPDIR)/libkrb5_la-addr_families.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='addr_families.c' object='libkrb5_la-addr_families.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-addr_families.lo `test -f 'addr_families.c' || echo '$(srcdir)/'`addr_families.c libkrb5_la-aname_to_localname.lo: aname_to_localname.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-aname_to_localname.lo `test -f 'aname_to_localname.c' || echo '$(srcdir)/'`aname_to_localname.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-aname_to_localname.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-aname_to_localname.Tpo -c -o libkrb5_la-aname_to_localname.lo `test -f 'aname_to_localname.c' || echo '$(srcdir)/'`aname_to_localname.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-aname_to_localname.Tpo $(DEPDIR)/libkrb5_la-aname_to_localname.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='aname_to_localname.c' object='libkrb5_la-aname_to_localname.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-aname_to_localname.lo `test -f 'aname_to_localname.c' || echo '$(srcdir)/'`aname_to_localname.c libkrb5_la-appdefault.lo: appdefault.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-appdefault.lo `test -f 'appdefault.c' || echo '$(srcdir)/'`appdefault.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-appdefault.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-appdefault.Tpo -c -o libkrb5_la-appdefault.lo `test -f 'appdefault.c' || echo '$(srcdir)/'`appdefault.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-appdefault.Tpo $(DEPDIR)/libkrb5_la-appdefault.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='appdefault.c' object='libkrb5_la-appdefault.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-appdefault.lo `test -f 'appdefault.c' || echo '$(srcdir)/'`appdefault.c libkrb5_la-asn1_glue.lo: asn1_glue.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-asn1_glue.lo `test -f 'asn1_glue.c' || echo '$(srcdir)/'`asn1_glue.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-asn1_glue.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-asn1_glue.Tpo -c -o libkrb5_la-asn1_glue.lo `test -f 'asn1_glue.c' || echo '$(srcdir)/'`asn1_glue.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-asn1_glue.Tpo $(DEPDIR)/libkrb5_la-asn1_glue.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1_glue.c' object='libkrb5_la-asn1_glue.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-asn1_glue.lo `test -f 'asn1_glue.c' || echo '$(srcdir)/'`asn1_glue.c libkrb5_la-auth_context.lo: auth_context.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-auth_context.lo `test -f 'auth_context.c' || echo '$(srcdir)/'`auth_context.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-auth_context.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-auth_context.Tpo -c -o libkrb5_la-auth_context.lo `test -f 'auth_context.c' || echo '$(srcdir)/'`auth_context.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-auth_context.Tpo $(DEPDIR)/libkrb5_la-auth_context.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='auth_context.c' object='libkrb5_la-auth_context.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-auth_context.lo `test -f 'auth_context.c' || echo '$(srcdir)/'`auth_context.c libkrb5_la-build_ap_req.lo: build_ap_req.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-build_ap_req.lo `test -f 'build_ap_req.c' || echo '$(srcdir)/'`build_ap_req.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-build_ap_req.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-build_ap_req.Tpo -c -o libkrb5_la-build_ap_req.lo `test -f 'build_ap_req.c' || echo '$(srcdir)/'`build_ap_req.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-build_ap_req.Tpo $(DEPDIR)/libkrb5_la-build_ap_req.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='build_ap_req.c' object='libkrb5_la-build_ap_req.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-build_ap_req.lo `test -f 'build_ap_req.c' || echo '$(srcdir)/'`build_ap_req.c libkrb5_la-build_auth.lo: build_auth.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-build_auth.lo `test -f 'build_auth.c' || echo '$(srcdir)/'`build_auth.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-build_auth.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-build_auth.Tpo -c -o libkrb5_la-build_auth.lo `test -f 'build_auth.c' || echo '$(srcdir)/'`build_auth.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-build_auth.Tpo $(DEPDIR)/libkrb5_la-build_auth.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='build_auth.c' object='libkrb5_la-build_auth.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-build_auth.lo `test -f 'build_auth.c' || echo '$(srcdir)/'`build_auth.c libkrb5_la-cache.lo: cache.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-cache.lo `test -f 'cache.c' || echo '$(srcdir)/'`cache.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-cache.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-cache.Tpo -c -o libkrb5_la-cache.lo `test -f 'cache.c' || echo '$(srcdir)/'`cache.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-cache.Tpo $(DEPDIR)/libkrb5_la-cache.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='cache.c' object='libkrb5_la-cache.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-cache.lo `test -f 'cache.c' || echo '$(srcdir)/'`cache.c libkrb5_la-changepw.lo: changepw.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-changepw.lo `test -f 'changepw.c' || echo '$(srcdir)/'`changepw.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-changepw.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-changepw.Tpo -c -o libkrb5_la-changepw.lo `test -f 'changepw.c' || echo '$(srcdir)/'`changepw.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-changepw.Tpo $(DEPDIR)/libkrb5_la-changepw.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='changepw.c' object='libkrb5_la-changepw.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-changepw.lo `test -f 'changepw.c' || echo '$(srcdir)/'`changepw.c libkrb5_la-codec.lo: codec.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-codec.lo `test -f 'codec.c' || echo '$(srcdir)/'`codec.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-codec.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-codec.Tpo -c -o libkrb5_la-codec.lo `test -f 'codec.c' || echo '$(srcdir)/'`codec.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-codec.Tpo $(DEPDIR)/libkrb5_la-codec.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='codec.c' object='libkrb5_la-codec.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-codec.lo `test -f 'codec.c' || echo '$(srcdir)/'`codec.c libkrb5_la-config_file.lo: config_file.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-config_file.lo `test -f 'config_file.c' || echo '$(srcdir)/'`config_file.c - -libkrb5_la-config_file_netinfo.lo: config_file_netinfo.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-config_file_netinfo.lo `test -f 'config_file_netinfo.c' || echo '$(srcdir)/'`config_file_netinfo.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-config_file.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-config_file.Tpo -c -o libkrb5_la-config_file.lo `test -f 'config_file.c' || echo '$(srcdir)/'`config_file.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-config_file.Tpo $(DEPDIR)/libkrb5_la-config_file.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='config_file.c' object='libkrb5_la-config_file.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-config_file.lo `test -f 'config_file.c' || echo '$(srcdir)/'`config_file.c libkrb5_la-convert_creds.lo: convert_creds.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-convert_creds.lo `test -f 'convert_creds.c' || echo '$(srcdir)/'`convert_creds.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-convert_creds.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-convert_creds.Tpo -c -o libkrb5_la-convert_creds.lo `test -f 'convert_creds.c' || echo '$(srcdir)/'`convert_creds.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-convert_creds.Tpo $(DEPDIR)/libkrb5_la-convert_creds.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='convert_creds.c' object='libkrb5_la-convert_creds.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-convert_creds.lo `test -f 'convert_creds.c' || echo '$(srcdir)/'`convert_creds.c libkrb5_la-constants.lo: constants.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-constants.lo `test -f 'constants.c' || echo '$(srcdir)/'`constants.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-constants.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-constants.Tpo -c -o libkrb5_la-constants.lo `test -f 'constants.c' || echo '$(srcdir)/'`constants.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-constants.Tpo $(DEPDIR)/libkrb5_la-constants.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='constants.c' object='libkrb5_la-constants.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-constants.lo `test -f 'constants.c' || echo '$(srcdir)/'`constants.c libkrb5_la-context.lo: context.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-context.lo `test -f 'context.c' || echo '$(srcdir)/'`context.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-context.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-context.Tpo -c -o libkrb5_la-context.lo `test -f 'context.c' || echo '$(srcdir)/'`context.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-context.Tpo $(DEPDIR)/libkrb5_la-context.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='context.c' object='libkrb5_la-context.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-context.lo `test -f 'context.c' || echo '$(srcdir)/'`context.c libkrb5_la-copy_host_realm.lo: copy_host_realm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-copy_host_realm.lo `test -f 'copy_host_realm.c' || echo '$(srcdir)/'`copy_host_realm.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-copy_host_realm.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-copy_host_realm.Tpo -c -o libkrb5_la-copy_host_realm.lo `test -f 'copy_host_realm.c' || echo '$(srcdir)/'`copy_host_realm.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-copy_host_realm.Tpo $(DEPDIR)/libkrb5_la-copy_host_realm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='copy_host_realm.c' object='libkrb5_la-copy_host_realm.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-copy_host_realm.lo `test -f 'copy_host_realm.c' || echo '$(srcdir)/'`copy_host_realm.c libkrb5_la-crc.lo: crc.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crc.lo `test -f 'crc.c' || echo '$(srcdir)/'`crc.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-crc.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-crc.Tpo -c -o libkrb5_la-crc.lo `test -f 'crc.c' || echo '$(srcdir)/'`crc.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-crc.Tpo $(DEPDIR)/libkrb5_la-crc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crc.c' object='libkrb5_la-crc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crc.lo `test -f 'crc.c' || echo '$(srcdir)/'`crc.c libkrb5_la-creds.lo: creds.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-creds.lo `test -f 'creds.c' || echo '$(srcdir)/'`creds.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-creds.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-creds.Tpo -c -o libkrb5_la-creds.lo `test -f 'creds.c' || echo '$(srcdir)/'`creds.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-creds.Tpo $(DEPDIR)/libkrb5_la-creds.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='creds.c' object='libkrb5_la-creds.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-creds.lo `test -f 'creds.c' || echo '$(srcdir)/'`creds.c libkrb5_la-crypto.lo: crypto.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-crypto.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-crypto.Tpo -c -o libkrb5_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-crypto.Tpo $(DEPDIR)/libkrb5_la-crypto.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto.c' object='libkrb5_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c + +libkrb5_la-crypto-aes.lo: crypto-aes.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-crypto-aes.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-crypto-aes.Tpo -c -o libkrb5_la-crypto-aes.lo `test -f 'crypto-aes.c' || echo '$(srcdir)/'`crypto-aes.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-crypto-aes.Tpo $(DEPDIR)/libkrb5_la-crypto-aes.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-aes.c' object='libkrb5_la-crypto-aes.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto-aes.lo `test -f 'crypto-aes.c' || echo '$(srcdir)/'`crypto-aes.c + +libkrb5_la-crypto-algs.lo: crypto-algs.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-crypto-algs.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-crypto-algs.Tpo -c -o libkrb5_la-crypto-algs.lo `test -f 'crypto-algs.c' || echo '$(srcdir)/'`crypto-algs.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-crypto-algs.Tpo $(DEPDIR)/libkrb5_la-crypto-algs.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-algs.c' object='libkrb5_la-crypto-algs.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto-algs.lo `test -f 'crypto-algs.c' || echo '$(srcdir)/'`crypto-algs.c + +libkrb5_la-crypto-arcfour.lo: crypto-arcfour.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-crypto-arcfour.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-crypto-arcfour.Tpo -c -o libkrb5_la-crypto-arcfour.lo `test -f 'crypto-arcfour.c' || echo '$(srcdir)/'`crypto-arcfour.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-crypto-arcfour.Tpo $(DEPDIR)/libkrb5_la-crypto-arcfour.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-arcfour.c' object='libkrb5_la-crypto-arcfour.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto-arcfour.lo `test -f 'crypto-arcfour.c' || echo '$(srcdir)/'`crypto-arcfour.c + +libkrb5_la-crypto-des.lo: crypto-des.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-crypto-des.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-crypto-des.Tpo -c -o libkrb5_la-crypto-des.lo `test -f 'crypto-des.c' || echo '$(srcdir)/'`crypto-des.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-crypto-des.Tpo $(DEPDIR)/libkrb5_la-crypto-des.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-des.c' object='libkrb5_la-crypto-des.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto-des.lo `test -f 'crypto-des.c' || echo '$(srcdir)/'`crypto-des.c + +libkrb5_la-crypto-des-common.lo: crypto-des-common.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-crypto-des-common.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-crypto-des-common.Tpo -c -o libkrb5_la-crypto-des-common.lo `test -f 'crypto-des-common.c' || echo '$(srcdir)/'`crypto-des-common.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-crypto-des-common.Tpo $(DEPDIR)/libkrb5_la-crypto-des-common.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-des-common.c' object='libkrb5_la-crypto-des-common.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto-des-common.lo `test -f 'crypto-des-common.c' || echo '$(srcdir)/'`crypto-des-common.c + +libkrb5_la-crypto-des3.lo: crypto-des3.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-crypto-des3.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-crypto-des3.Tpo -c -o libkrb5_la-crypto-des3.lo `test -f 'crypto-des3.c' || echo '$(srcdir)/'`crypto-des3.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-crypto-des3.Tpo $(DEPDIR)/libkrb5_la-crypto-des3.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-des3.c' object='libkrb5_la-crypto-des3.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto-des3.lo `test -f 'crypto-des3.c' || echo '$(srcdir)/'`crypto-des3.c + +libkrb5_la-crypto-evp.lo: crypto-evp.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-crypto-evp.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-crypto-evp.Tpo -c -o libkrb5_la-crypto-evp.lo `test -f 'crypto-evp.c' || echo '$(srcdir)/'`crypto-evp.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-crypto-evp.Tpo $(DEPDIR)/libkrb5_la-crypto-evp.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-evp.c' object='libkrb5_la-crypto-evp.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto-evp.lo `test -f 'crypto-evp.c' || echo '$(srcdir)/'`crypto-evp.c + +libkrb5_la-crypto-null.lo: crypto-null.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-crypto-null.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-crypto-null.Tpo -c -o libkrb5_la-crypto-null.lo `test -f 'crypto-null.c' || echo '$(srcdir)/'`crypto-null.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-crypto-null.Tpo $(DEPDIR)/libkrb5_la-crypto-null.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-null.c' object='libkrb5_la-crypto-null.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto-null.lo `test -f 'crypto-null.c' || echo '$(srcdir)/'`crypto-null.c + +libkrb5_la-crypto-pk.lo: crypto-pk.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-crypto-pk.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-crypto-pk.Tpo -c -o libkrb5_la-crypto-pk.lo `test -f 'crypto-pk.c' || echo '$(srcdir)/'`crypto-pk.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-crypto-pk.Tpo $(DEPDIR)/libkrb5_la-crypto-pk.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-pk.c' object='libkrb5_la-crypto-pk.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto-pk.lo `test -f 'crypto-pk.c' || echo '$(srcdir)/'`crypto-pk.c + +libkrb5_la-crypto-rand.lo: crypto-rand.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-crypto-rand.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-crypto-rand.Tpo -c -o libkrb5_la-crypto-rand.lo `test -f 'crypto-rand.c' || echo '$(srcdir)/'`crypto-rand.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-crypto-rand.Tpo $(DEPDIR)/libkrb5_la-crypto-rand.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-rand.c' object='libkrb5_la-crypto-rand.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto-rand.lo `test -f 'crypto-rand.c' || echo '$(srcdir)/'`crypto-rand.c libkrb5_la-doxygen.lo: doxygen.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-doxygen.lo `test -f 'doxygen.c' || echo '$(srcdir)/'`doxygen.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-doxygen.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-doxygen.Tpo -c -o libkrb5_la-doxygen.lo `test -f 'doxygen.c' || echo '$(srcdir)/'`doxygen.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-doxygen.Tpo $(DEPDIR)/libkrb5_la-doxygen.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='doxygen.c' object='libkrb5_la-doxygen.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-doxygen.lo `test -f 'doxygen.c' || echo '$(srcdir)/'`doxygen.c libkrb5_la-data.lo: data.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-data.lo `test -f 'data.c' || echo '$(srcdir)/'`data.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-data.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-data.Tpo -c -o libkrb5_la-data.lo `test -f 'data.c' || echo '$(srcdir)/'`data.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-data.Tpo $(DEPDIR)/libkrb5_la-data.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='data.c' object='libkrb5_la-data.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-data.lo `test -f 'data.c' || echo '$(srcdir)/'`data.c + +libkrb5_la-deprecated.lo: deprecated.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-deprecated.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-deprecated.Tpo -c -o libkrb5_la-deprecated.lo `test -f 'deprecated.c' || echo '$(srcdir)/'`deprecated.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-deprecated.Tpo $(DEPDIR)/libkrb5_la-deprecated.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='deprecated.c' object='libkrb5_la-deprecated.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-deprecated.lo `test -f 'deprecated.c' || echo '$(srcdir)/'`deprecated.c libkrb5_la-digest.lo: digest.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-digest.lo `test -f 'digest.c' || echo '$(srcdir)/'`digest.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-digest.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-digest.Tpo -c -o libkrb5_la-digest.lo `test -f 'digest.c' || echo '$(srcdir)/'`digest.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-digest.Tpo $(DEPDIR)/libkrb5_la-digest.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='digest.c' object='libkrb5_la-digest.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-digest.lo `test -f 'digest.c' || echo '$(srcdir)/'`digest.c libkrb5_la-eai_to_heim_errno.lo: eai_to_heim_errno.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-eai_to_heim_errno.lo `test -f 'eai_to_heim_errno.c' || echo '$(srcdir)/'`eai_to_heim_errno.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-eai_to_heim_errno.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-eai_to_heim_errno.Tpo -c -o libkrb5_la-eai_to_heim_errno.lo `test -f 'eai_to_heim_errno.c' || echo '$(srcdir)/'`eai_to_heim_errno.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-eai_to_heim_errno.Tpo $(DEPDIR)/libkrb5_la-eai_to_heim_errno.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='eai_to_heim_errno.c' object='libkrb5_la-eai_to_heim_errno.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-eai_to_heim_errno.lo `test -f 'eai_to_heim_errno.c' || echo '$(srcdir)/'`eai_to_heim_errno.c libkrb5_la-error_string.lo: error_string.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-error_string.lo `test -f 'error_string.c' || echo '$(srcdir)/'`error_string.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-error_string.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-error_string.Tpo -c -o libkrb5_la-error_string.lo `test -f 'error_string.c' || echo '$(srcdir)/'`error_string.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-error_string.Tpo $(DEPDIR)/libkrb5_la-error_string.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='error_string.c' object='libkrb5_la-error_string.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-error_string.lo `test -f 'error_string.c' || echo '$(srcdir)/'`error_string.c libkrb5_la-expand_hostname.lo: expand_hostname.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-expand_hostname.lo `test -f 'expand_hostname.c' || echo '$(srcdir)/'`expand_hostname.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-expand_hostname.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-expand_hostname.Tpo -c -o libkrb5_la-expand_hostname.lo `test -f 'expand_hostname.c' || echo '$(srcdir)/'`expand_hostname.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-expand_hostname.Tpo $(DEPDIR)/libkrb5_la-expand_hostname.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='expand_hostname.c' object='libkrb5_la-expand_hostname.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-expand_hostname.lo `test -f 'expand_hostname.c' || echo '$(srcdir)/'`expand_hostname.c + +libkrb5_la-expand_path.lo: expand_path.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-expand_path.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-expand_path.Tpo -c -o libkrb5_la-expand_path.lo `test -f 'expand_path.c' || echo '$(srcdir)/'`expand_path.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-expand_path.Tpo $(DEPDIR)/libkrb5_la-expand_path.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='expand_path.c' object='libkrb5_la-expand_path.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-expand_path.lo `test -f 'expand_path.c' || echo '$(srcdir)/'`expand_path.c libkrb5_la-fcache.lo: fcache.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-fcache.lo `test -f 'fcache.c' || echo '$(srcdir)/'`fcache.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-fcache.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-fcache.Tpo -c -o libkrb5_la-fcache.lo `test -f 'fcache.c' || echo '$(srcdir)/'`fcache.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-fcache.Tpo $(DEPDIR)/libkrb5_la-fcache.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='fcache.c' object='libkrb5_la-fcache.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-fcache.lo `test -f 'fcache.c' || echo '$(srcdir)/'`fcache.c libkrb5_la-free.lo: free.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-free.lo `test -f 'free.c' || echo '$(srcdir)/'`free.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-free.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-free.Tpo -c -o libkrb5_la-free.lo `test -f 'free.c' || echo '$(srcdir)/'`free.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-free.Tpo $(DEPDIR)/libkrb5_la-free.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='free.c' object='libkrb5_la-free.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-free.lo `test -f 'free.c' || echo '$(srcdir)/'`free.c libkrb5_la-free_host_realm.lo: free_host_realm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-free_host_realm.lo `test -f 'free_host_realm.c' || echo '$(srcdir)/'`free_host_realm.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-free_host_realm.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-free_host_realm.Tpo -c -o libkrb5_la-free_host_realm.lo `test -f 'free_host_realm.c' || echo '$(srcdir)/'`free_host_realm.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-free_host_realm.Tpo $(DEPDIR)/libkrb5_la-free_host_realm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='free_host_realm.c' object='libkrb5_la-free_host_realm.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-free_host_realm.lo `test -f 'free_host_realm.c' || echo '$(srcdir)/'`free_host_realm.c libkrb5_la-generate_seq_number.lo: generate_seq_number.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-generate_seq_number.lo `test -f 'generate_seq_number.c' || echo '$(srcdir)/'`generate_seq_number.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-generate_seq_number.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-generate_seq_number.Tpo -c -o libkrb5_la-generate_seq_number.lo `test -f 'generate_seq_number.c' || echo '$(srcdir)/'`generate_seq_number.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-generate_seq_number.Tpo $(DEPDIR)/libkrb5_la-generate_seq_number.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='generate_seq_number.c' object='libkrb5_la-generate_seq_number.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-generate_seq_number.lo `test -f 'generate_seq_number.c' || echo '$(srcdir)/'`generate_seq_number.c libkrb5_la-generate_subkey.lo: generate_subkey.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-generate_subkey.lo `test -f 'generate_subkey.c' || echo '$(srcdir)/'`generate_subkey.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-generate_subkey.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-generate_subkey.Tpo -c -o libkrb5_la-generate_subkey.lo `test -f 'generate_subkey.c' || echo '$(srcdir)/'`generate_subkey.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-generate_subkey.Tpo $(DEPDIR)/libkrb5_la-generate_subkey.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='generate_subkey.c' object='libkrb5_la-generate_subkey.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-generate_subkey.lo `test -f 'generate_subkey.c' || echo '$(srcdir)/'`generate_subkey.c libkrb5_la-get_addrs.lo: get_addrs.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_addrs.lo `test -f 'get_addrs.c' || echo '$(srcdir)/'`get_addrs.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-get_addrs.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-get_addrs.Tpo -c -o libkrb5_la-get_addrs.lo `test -f 'get_addrs.c' || echo '$(srcdir)/'`get_addrs.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-get_addrs.Tpo $(DEPDIR)/libkrb5_la-get_addrs.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='get_addrs.c' object='libkrb5_la-get_addrs.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_addrs.lo `test -f 'get_addrs.c' || echo '$(srcdir)/'`get_addrs.c libkrb5_la-get_cred.lo: get_cred.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_cred.lo `test -f 'get_cred.c' || echo '$(srcdir)/'`get_cred.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-get_cred.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-get_cred.Tpo -c -o libkrb5_la-get_cred.lo `test -f 'get_cred.c' || echo '$(srcdir)/'`get_cred.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-get_cred.Tpo $(DEPDIR)/libkrb5_la-get_cred.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='get_cred.c' object='libkrb5_la-get_cred.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_cred.lo `test -f 'get_cred.c' || echo '$(srcdir)/'`get_cred.c libkrb5_la-get_default_principal.lo: get_default_principal.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_default_principal.lo `test -f 'get_default_principal.c' || echo '$(srcdir)/'`get_default_principal.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-get_default_principal.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-get_default_principal.Tpo -c -o libkrb5_la-get_default_principal.lo `test -f 'get_default_principal.c' || echo '$(srcdir)/'`get_default_principal.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-get_default_principal.Tpo $(DEPDIR)/libkrb5_la-get_default_principal.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='get_default_principal.c' object='libkrb5_la-get_default_principal.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_default_principal.lo `test -f 'get_default_principal.c' || echo '$(srcdir)/'`get_default_principal.c libkrb5_la-get_default_realm.lo: get_default_realm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_default_realm.lo `test -f 'get_default_realm.c' || echo '$(srcdir)/'`get_default_realm.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-get_default_realm.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-get_default_realm.Tpo -c -o libkrb5_la-get_default_realm.lo `test -f 'get_default_realm.c' || echo '$(srcdir)/'`get_default_realm.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-get_default_realm.Tpo $(DEPDIR)/libkrb5_la-get_default_realm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='get_default_realm.c' object='libkrb5_la-get_default_realm.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_default_realm.lo `test -f 'get_default_realm.c' || echo '$(srcdir)/'`get_default_realm.c libkrb5_la-get_for_creds.lo: get_for_creds.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_for_creds.lo `test -f 'get_for_creds.c' || echo '$(srcdir)/'`get_for_creds.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-get_for_creds.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-get_for_creds.Tpo -c -o libkrb5_la-get_for_creds.lo `test -f 'get_for_creds.c' || echo '$(srcdir)/'`get_for_creds.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-get_for_creds.Tpo $(DEPDIR)/libkrb5_la-get_for_creds.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='get_for_creds.c' object='libkrb5_la-get_for_creds.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_for_creds.lo `test -f 'get_for_creds.c' || echo '$(srcdir)/'`get_for_creds.c libkrb5_la-get_host_realm.lo: get_host_realm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_host_realm.lo `test -f 'get_host_realm.c' || echo '$(srcdir)/'`get_host_realm.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-get_host_realm.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-get_host_realm.Tpo -c -o libkrb5_la-get_host_realm.lo `test -f 'get_host_realm.c' || echo '$(srcdir)/'`get_host_realm.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-get_host_realm.Tpo $(DEPDIR)/libkrb5_la-get_host_realm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='get_host_realm.c' object='libkrb5_la-get_host_realm.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_host_realm.lo `test -f 'get_host_realm.c' || echo '$(srcdir)/'`get_host_realm.c libkrb5_la-get_in_tkt.lo: get_in_tkt.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_in_tkt.lo `test -f 'get_in_tkt.c' || echo '$(srcdir)/'`get_in_tkt.c - -libkrb5_la-get_in_tkt_pw.lo: get_in_tkt_pw.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_in_tkt_pw.lo `test -f 'get_in_tkt_pw.c' || echo '$(srcdir)/'`get_in_tkt_pw.c - -libkrb5_la-get_in_tkt_with_keytab.lo: get_in_tkt_with_keytab.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_in_tkt_with_keytab.lo `test -f 'get_in_tkt_with_keytab.c' || echo '$(srcdir)/'`get_in_tkt_with_keytab.c - -libkrb5_la-get_in_tkt_with_skey.lo: get_in_tkt_with_skey.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_in_tkt_with_skey.lo `test -f 'get_in_tkt_with_skey.c' || echo '$(srcdir)/'`get_in_tkt_with_skey.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-get_in_tkt.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-get_in_tkt.Tpo -c -o libkrb5_la-get_in_tkt.lo `test -f 'get_in_tkt.c' || echo '$(srcdir)/'`get_in_tkt.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-get_in_tkt.Tpo $(DEPDIR)/libkrb5_la-get_in_tkt.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='get_in_tkt.c' object='libkrb5_la-get_in_tkt.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_in_tkt.lo `test -f 'get_in_tkt.c' || echo '$(srcdir)/'`get_in_tkt.c libkrb5_la-get_port.lo: get_port.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_port.lo `test -f 'get_port.c' || echo '$(srcdir)/'`get_port.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-get_port.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-get_port.Tpo -c -o libkrb5_la-get_port.lo `test -f 'get_port.c' || echo '$(srcdir)/'`get_port.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-get_port.Tpo $(DEPDIR)/libkrb5_la-get_port.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='get_port.c' object='libkrb5_la-get_port.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_port.lo `test -f 'get_port.c' || echo '$(srcdir)/'`get_port.c libkrb5_la-init_creds.lo: init_creds.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-init_creds.lo `test -f 'init_creds.c' || echo '$(srcdir)/'`init_creds.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-init_creds.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-init_creds.Tpo -c -o libkrb5_la-init_creds.lo `test -f 'init_creds.c' || echo '$(srcdir)/'`init_creds.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-init_creds.Tpo $(DEPDIR)/libkrb5_la-init_creds.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='init_creds.c' object='libkrb5_la-init_creds.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-init_creds.lo `test -f 'init_creds.c' || echo '$(srcdir)/'`init_creds.c libkrb5_la-init_creds_pw.lo: init_creds_pw.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-init_creds_pw.lo `test -f 'init_creds_pw.c' || echo '$(srcdir)/'`init_creds_pw.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-init_creds_pw.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-init_creds_pw.Tpo -c -o libkrb5_la-init_creds_pw.lo `test -f 'init_creds_pw.c' || echo '$(srcdir)/'`init_creds_pw.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-init_creds_pw.Tpo $(DEPDIR)/libkrb5_la-init_creds_pw.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='init_creds_pw.c' object='libkrb5_la-init_creds_pw.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-init_creds_pw.lo `test -f 'init_creds_pw.c' || echo '$(srcdir)/'`init_creds_pw.c libkrb5_la-kcm.lo: kcm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-kcm.lo `test -f 'kcm.c' || echo '$(srcdir)/'`kcm.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-kcm.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-kcm.Tpo -c -o libkrb5_la-kcm.lo `test -f 'kcm.c' || echo '$(srcdir)/'`kcm.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-kcm.Tpo $(DEPDIR)/libkrb5_la-kcm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='kcm.c' object='libkrb5_la-kcm.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-kcm.lo `test -f 'kcm.c' || echo '$(srcdir)/'`kcm.c libkrb5_la-keyblock.lo: keyblock.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keyblock.lo `test -f 'keyblock.c' || echo '$(srcdir)/'`keyblock.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-keyblock.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-keyblock.Tpo -c -o libkrb5_la-keyblock.lo `test -f 'keyblock.c' || echo '$(srcdir)/'`keyblock.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-keyblock.Tpo $(DEPDIR)/libkrb5_la-keyblock.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='keyblock.c' object='libkrb5_la-keyblock.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keyblock.lo `test -f 'keyblock.c' || echo '$(srcdir)/'`keyblock.c libkrb5_la-keytab.lo: keytab.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab.lo `test -f 'keytab.c' || echo '$(srcdir)/'`keytab.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-keytab.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-keytab.Tpo -c -o libkrb5_la-keytab.lo `test -f 'keytab.c' || echo '$(srcdir)/'`keytab.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-keytab.Tpo $(DEPDIR)/libkrb5_la-keytab.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='keytab.c' object='libkrb5_la-keytab.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab.lo `test -f 'keytab.c' || echo '$(srcdir)/'`keytab.c libkrb5_la-keytab_any.lo: keytab_any.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_any.lo `test -f 'keytab_any.c' || echo '$(srcdir)/'`keytab_any.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-keytab_any.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-keytab_any.Tpo -c -o libkrb5_la-keytab_any.lo `test -f 'keytab_any.c' || echo '$(srcdir)/'`keytab_any.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-keytab_any.Tpo $(DEPDIR)/libkrb5_la-keytab_any.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='keytab_any.c' object='libkrb5_la-keytab_any.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_any.lo `test -f 'keytab_any.c' || echo '$(srcdir)/'`keytab_any.c libkrb5_la-keytab_file.lo: keytab_file.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_file.lo `test -f 'keytab_file.c' || echo '$(srcdir)/'`keytab_file.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-keytab_file.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-keytab_file.Tpo -c -o libkrb5_la-keytab_file.lo `test -f 'keytab_file.c' || echo '$(srcdir)/'`keytab_file.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-keytab_file.Tpo $(DEPDIR)/libkrb5_la-keytab_file.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='keytab_file.c' object='libkrb5_la-keytab_file.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_file.lo `test -f 'keytab_file.c' || echo '$(srcdir)/'`keytab_file.c libkrb5_la-keytab_keyfile.lo: keytab_keyfile.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_keyfile.lo `test -f 'keytab_keyfile.c' || echo '$(srcdir)/'`keytab_keyfile.c - -libkrb5_la-keytab_krb4.lo: keytab_krb4.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_krb4.lo `test -f 'keytab_krb4.c' || echo '$(srcdir)/'`keytab_krb4.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-keytab_keyfile.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-keytab_keyfile.Tpo -c -o libkrb5_la-keytab_keyfile.lo `test -f 'keytab_keyfile.c' || echo '$(srcdir)/'`keytab_keyfile.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-keytab_keyfile.Tpo $(DEPDIR)/libkrb5_la-keytab_keyfile.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='keytab_keyfile.c' object='libkrb5_la-keytab_keyfile.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_keyfile.lo `test -f 'keytab_keyfile.c' || echo '$(srcdir)/'`keytab_keyfile.c libkrb5_la-keytab_memory.lo: keytab_memory.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_memory.lo `test -f 'keytab_memory.c' || echo '$(srcdir)/'`keytab_memory.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-keytab_memory.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-keytab_memory.Tpo -c -o libkrb5_la-keytab_memory.lo `test -f 'keytab_memory.c' || echo '$(srcdir)/'`keytab_memory.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-keytab_memory.Tpo $(DEPDIR)/libkrb5_la-keytab_memory.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='keytab_memory.c' object='libkrb5_la-keytab_memory.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_memory.lo `test -f 'keytab_memory.c' || echo '$(srcdir)/'`keytab_memory.c libkrb5_la-krbhst.lo: krbhst.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-krbhst.lo `test -f 'krbhst.c' || echo '$(srcdir)/'`krbhst.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-krbhst.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-krbhst.Tpo -c -o libkrb5_la-krbhst.lo `test -f 'krbhst.c' || echo '$(srcdir)/'`krbhst.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-krbhst.Tpo $(DEPDIR)/libkrb5_la-krbhst.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krbhst.c' object='libkrb5_la-krbhst.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-krbhst.lo `test -f 'krbhst.c' || echo '$(srcdir)/'`krbhst.c libkrb5_la-kuserok.lo: kuserok.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-kuserok.lo `test -f 'kuserok.c' || echo '$(srcdir)/'`kuserok.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-kuserok.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-kuserok.Tpo -c -o libkrb5_la-kuserok.lo `test -f 'kuserok.c' || echo '$(srcdir)/'`kuserok.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-kuserok.Tpo $(DEPDIR)/libkrb5_la-kuserok.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='kuserok.c' object='libkrb5_la-kuserok.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-kuserok.lo `test -f 'kuserok.c' || echo '$(srcdir)/'`kuserok.c libkrb5_la-log.lo: log.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-log.lo `test -f 'log.c' || echo '$(srcdir)/'`log.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-log.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-log.Tpo -c -o libkrb5_la-log.lo `test -f 'log.c' || echo '$(srcdir)/'`log.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-log.Tpo $(DEPDIR)/libkrb5_la-log.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='log.c' object='libkrb5_la-log.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-log.lo `test -f 'log.c' || echo '$(srcdir)/'`log.c libkrb5_la-mcache.lo: mcache.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mcache.lo `test -f 'mcache.c' || echo '$(srcdir)/'`mcache.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-mcache.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-mcache.Tpo -c -o libkrb5_la-mcache.lo `test -f 'mcache.c' || echo '$(srcdir)/'`mcache.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-mcache.Tpo $(DEPDIR)/libkrb5_la-mcache.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='mcache.c' object='libkrb5_la-mcache.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mcache.lo `test -f 'mcache.c' || echo '$(srcdir)/'`mcache.c libkrb5_la-misc.lo: misc.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-misc.lo `test -f 'misc.c' || echo '$(srcdir)/'`misc.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-misc.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-misc.Tpo -c -o libkrb5_la-misc.lo `test -f 'misc.c' || echo '$(srcdir)/'`misc.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-misc.Tpo $(DEPDIR)/libkrb5_la-misc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='misc.c' object='libkrb5_la-misc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-misc.lo `test -f 'misc.c' || echo '$(srcdir)/'`misc.c libkrb5_la-mk_error.lo: mk_error.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_error.lo `test -f 'mk_error.c' || echo '$(srcdir)/'`mk_error.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-mk_error.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-mk_error.Tpo -c -o libkrb5_la-mk_error.lo `test -f 'mk_error.c' || echo '$(srcdir)/'`mk_error.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-mk_error.Tpo $(DEPDIR)/libkrb5_la-mk_error.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='mk_error.c' object='libkrb5_la-mk_error.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_error.lo `test -f 'mk_error.c' || echo '$(srcdir)/'`mk_error.c libkrb5_la-mk_priv.lo: mk_priv.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_priv.lo `test -f 'mk_priv.c' || echo '$(srcdir)/'`mk_priv.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-mk_priv.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-mk_priv.Tpo -c -o libkrb5_la-mk_priv.lo `test -f 'mk_priv.c' || echo '$(srcdir)/'`mk_priv.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-mk_priv.Tpo $(DEPDIR)/libkrb5_la-mk_priv.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='mk_priv.c' object='libkrb5_la-mk_priv.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_priv.lo `test -f 'mk_priv.c' || echo '$(srcdir)/'`mk_priv.c libkrb5_la-mk_rep.lo: mk_rep.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_rep.lo `test -f 'mk_rep.c' || echo '$(srcdir)/'`mk_rep.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-mk_rep.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-mk_rep.Tpo -c -o libkrb5_la-mk_rep.lo `test -f 'mk_rep.c' || echo '$(srcdir)/'`mk_rep.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-mk_rep.Tpo $(DEPDIR)/libkrb5_la-mk_rep.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='mk_rep.c' object='libkrb5_la-mk_rep.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_rep.lo `test -f 'mk_rep.c' || echo '$(srcdir)/'`mk_rep.c libkrb5_la-mk_req.lo: mk_req.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_req.lo `test -f 'mk_req.c' || echo '$(srcdir)/'`mk_req.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-mk_req.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-mk_req.Tpo -c -o libkrb5_la-mk_req.lo `test -f 'mk_req.c' || echo '$(srcdir)/'`mk_req.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-mk_req.Tpo $(DEPDIR)/libkrb5_la-mk_req.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='mk_req.c' object='libkrb5_la-mk_req.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_req.lo `test -f 'mk_req.c' || echo '$(srcdir)/'`mk_req.c libkrb5_la-mk_req_ext.lo: mk_req_ext.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_req_ext.lo `test -f 'mk_req_ext.c' || echo '$(srcdir)/'`mk_req_ext.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-mk_req_ext.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-mk_req_ext.Tpo -c -o libkrb5_la-mk_req_ext.lo `test -f 'mk_req_ext.c' || echo '$(srcdir)/'`mk_req_ext.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-mk_req_ext.Tpo $(DEPDIR)/libkrb5_la-mk_req_ext.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='mk_req_ext.c' object='libkrb5_la-mk_req_ext.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_req_ext.lo `test -f 'mk_req_ext.c' || echo '$(srcdir)/'`mk_req_ext.c libkrb5_la-mk_safe.lo: mk_safe.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_safe.lo `test -f 'mk_safe.c' || echo '$(srcdir)/'`mk_safe.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-mk_safe.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-mk_safe.Tpo -c -o libkrb5_la-mk_safe.lo `test -f 'mk_safe.c' || echo '$(srcdir)/'`mk_safe.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-mk_safe.Tpo $(DEPDIR)/libkrb5_la-mk_safe.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='mk_safe.c' object='libkrb5_la-mk_safe.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_safe.lo `test -f 'mk_safe.c' || echo '$(srcdir)/'`mk_safe.c libkrb5_la-mit_glue.lo: mit_glue.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mit_glue.lo `test -f 'mit_glue.c' || echo '$(srcdir)/'`mit_glue.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-mit_glue.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-mit_glue.Tpo -c -o libkrb5_la-mit_glue.lo `test -f 'mit_glue.c' || echo '$(srcdir)/'`mit_glue.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-mit_glue.Tpo $(DEPDIR)/libkrb5_la-mit_glue.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='mit_glue.c' object='libkrb5_la-mit_glue.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mit_glue.lo `test -f 'mit_glue.c' || echo '$(srcdir)/'`mit_glue.c libkrb5_la-net_read.lo: net_read.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-net_read.lo `test -f 'net_read.c' || echo '$(srcdir)/'`net_read.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-net_read.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-net_read.Tpo -c -o libkrb5_la-net_read.lo `test -f 'net_read.c' || echo '$(srcdir)/'`net_read.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-net_read.Tpo $(DEPDIR)/libkrb5_la-net_read.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='net_read.c' object='libkrb5_la-net_read.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-net_read.lo `test -f 'net_read.c' || echo '$(srcdir)/'`net_read.c libkrb5_la-net_write.lo: net_write.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-net_write.lo `test -f 'net_write.c' || echo '$(srcdir)/'`net_write.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-net_write.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-net_write.Tpo -c -o libkrb5_la-net_write.lo `test -f 'net_write.c' || echo '$(srcdir)/'`net_write.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-net_write.Tpo $(DEPDIR)/libkrb5_la-net_write.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='net_write.c' object='libkrb5_la-net_write.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-net_write.lo `test -f 'net_write.c' || echo '$(srcdir)/'`net_write.c libkrb5_la-n-fold.lo: n-fold.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-n-fold.lo `test -f 'n-fold.c' || echo '$(srcdir)/'`n-fold.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-n-fold.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-n-fold.Tpo -c -o libkrb5_la-n-fold.lo `test -f 'n-fold.c' || echo '$(srcdir)/'`n-fold.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-n-fold.Tpo $(DEPDIR)/libkrb5_la-n-fold.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='n-fold.c' object='libkrb5_la-n-fold.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-n-fold.lo `test -f 'n-fold.c' || echo '$(srcdir)/'`n-fold.c libkrb5_la-pac.lo: pac.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-pac.lo `test -f 'pac.c' || echo '$(srcdir)/'`pac.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-pac.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-pac.Tpo -c -o libkrb5_la-pac.lo `test -f 'pac.c' || echo '$(srcdir)/'`pac.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-pac.Tpo $(DEPDIR)/libkrb5_la-pac.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='pac.c' object='libkrb5_la-pac.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-pac.lo `test -f 'pac.c' || echo '$(srcdir)/'`pac.c libkrb5_la-padata.lo: padata.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-padata.lo `test -f 'padata.c' || echo '$(srcdir)/'`padata.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-padata.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-padata.Tpo -c -o libkrb5_la-padata.lo `test -f 'padata.c' || echo '$(srcdir)/'`padata.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-padata.Tpo $(DEPDIR)/libkrb5_la-padata.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='padata.c' object='libkrb5_la-padata.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-padata.lo `test -f 'padata.c' || echo '$(srcdir)/'`padata.c + +libkrb5_la-pcache.lo: pcache.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-pcache.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-pcache.Tpo -c -o libkrb5_la-pcache.lo `test -f 'pcache.c' || echo '$(srcdir)/'`pcache.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-pcache.Tpo $(DEPDIR)/libkrb5_la-pcache.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='pcache.c' object='libkrb5_la-pcache.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-pcache.lo `test -f 'pcache.c' || echo '$(srcdir)/'`pcache.c libkrb5_la-pkinit.lo: pkinit.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-pkinit.lo `test -f 'pkinit.c' || echo '$(srcdir)/'`pkinit.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-pkinit.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-pkinit.Tpo -c -o libkrb5_la-pkinit.lo `test -f 'pkinit.c' || echo '$(srcdir)/'`pkinit.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-pkinit.Tpo $(DEPDIR)/libkrb5_la-pkinit.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='pkinit.c' object='libkrb5_la-pkinit.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-pkinit.lo `test -f 'pkinit.c' || echo '$(srcdir)/'`pkinit.c libkrb5_la-principal.lo: principal.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-principal.lo `test -f 'principal.c' || echo '$(srcdir)/'`principal.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-principal.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-principal.Tpo -c -o libkrb5_la-principal.lo `test -f 'principal.c' || echo '$(srcdir)/'`principal.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-principal.Tpo $(DEPDIR)/libkrb5_la-principal.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='principal.c' object='libkrb5_la-principal.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-principal.lo `test -f 'principal.c' || echo '$(srcdir)/'`principal.c libkrb5_la-prog_setup.lo: prog_setup.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-prog_setup.lo `test -f 'prog_setup.c' || echo '$(srcdir)/'`prog_setup.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-prog_setup.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-prog_setup.Tpo -c -o libkrb5_la-prog_setup.lo `test -f 'prog_setup.c' || echo '$(srcdir)/'`prog_setup.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-prog_setup.Tpo $(DEPDIR)/libkrb5_la-prog_setup.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='prog_setup.c' object='libkrb5_la-prog_setup.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-prog_setup.lo `test -f 'prog_setup.c' || echo '$(srcdir)/'`prog_setup.c libkrb5_la-prompter_posix.lo: prompter_posix.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-prompter_posix.lo `test -f 'prompter_posix.c' || echo '$(srcdir)/'`prompter_posix.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-prompter_posix.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-prompter_posix.Tpo -c -o libkrb5_la-prompter_posix.lo `test -f 'prompter_posix.c' || echo '$(srcdir)/'`prompter_posix.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-prompter_posix.Tpo $(DEPDIR)/libkrb5_la-prompter_posix.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='prompter_posix.c' object='libkrb5_la-prompter_posix.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-prompter_posix.lo `test -f 'prompter_posix.c' || echo '$(srcdir)/'`prompter_posix.c libkrb5_la-rd_cred.lo: rd_cred.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_cred.lo `test -f 'rd_cred.c' || echo '$(srcdir)/'`rd_cred.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-rd_cred.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-rd_cred.Tpo -c -o libkrb5_la-rd_cred.lo `test -f 'rd_cred.c' || echo '$(srcdir)/'`rd_cred.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-rd_cred.Tpo $(DEPDIR)/libkrb5_la-rd_cred.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rd_cred.c' object='libkrb5_la-rd_cred.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_cred.lo `test -f 'rd_cred.c' || echo '$(srcdir)/'`rd_cred.c libkrb5_la-rd_error.lo: rd_error.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_error.lo `test -f 'rd_error.c' || echo '$(srcdir)/'`rd_error.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-rd_error.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-rd_error.Tpo -c -o libkrb5_la-rd_error.lo `test -f 'rd_error.c' || echo '$(srcdir)/'`rd_error.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-rd_error.Tpo $(DEPDIR)/libkrb5_la-rd_error.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rd_error.c' object='libkrb5_la-rd_error.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_error.lo `test -f 'rd_error.c' || echo '$(srcdir)/'`rd_error.c libkrb5_la-rd_priv.lo: rd_priv.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_priv.lo `test -f 'rd_priv.c' || echo '$(srcdir)/'`rd_priv.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-rd_priv.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-rd_priv.Tpo -c -o libkrb5_la-rd_priv.lo `test -f 'rd_priv.c' || echo '$(srcdir)/'`rd_priv.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-rd_priv.Tpo $(DEPDIR)/libkrb5_la-rd_priv.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rd_priv.c' object='libkrb5_la-rd_priv.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_priv.lo `test -f 'rd_priv.c' || echo '$(srcdir)/'`rd_priv.c libkrb5_la-rd_rep.lo: rd_rep.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_rep.lo `test -f 'rd_rep.c' || echo '$(srcdir)/'`rd_rep.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-rd_rep.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-rd_rep.Tpo -c -o libkrb5_la-rd_rep.lo `test -f 'rd_rep.c' || echo '$(srcdir)/'`rd_rep.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-rd_rep.Tpo $(DEPDIR)/libkrb5_la-rd_rep.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rd_rep.c' object='libkrb5_la-rd_rep.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_rep.lo `test -f 'rd_rep.c' || echo '$(srcdir)/'`rd_rep.c libkrb5_la-rd_req.lo: rd_req.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_req.lo `test -f 'rd_req.c' || echo '$(srcdir)/'`rd_req.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-rd_req.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-rd_req.Tpo -c -o libkrb5_la-rd_req.lo `test -f 'rd_req.c' || echo '$(srcdir)/'`rd_req.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-rd_req.Tpo $(DEPDIR)/libkrb5_la-rd_req.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rd_req.c' object='libkrb5_la-rd_req.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_req.lo `test -f 'rd_req.c' || echo '$(srcdir)/'`rd_req.c libkrb5_la-rd_safe.lo: rd_safe.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_safe.lo `test -f 'rd_safe.c' || echo '$(srcdir)/'`rd_safe.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-rd_safe.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-rd_safe.Tpo -c -o libkrb5_la-rd_safe.lo `test -f 'rd_safe.c' || echo '$(srcdir)/'`rd_safe.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-rd_safe.Tpo $(DEPDIR)/libkrb5_la-rd_safe.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rd_safe.c' object='libkrb5_la-rd_safe.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_safe.lo `test -f 'rd_safe.c' || echo '$(srcdir)/'`rd_safe.c libkrb5_la-read_message.lo: read_message.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-read_message.lo `test -f 'read_message.c' || echo '$(srcdir)/'`read_message.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-read_message.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-read_message.Tpo -c -o libkrb5_la-read_message.lo `test -f 'read_message.c' || echo '$(srcdir)/'`read_message.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-read_message.Tpo $(DEPDIR)/libkrb5_la-read_message.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='read_message.c' object='libkrb5_la-read_message.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-read_message.lo `test -f 'read_message.c' || echo '$(srcdir)/'`read_message.c libkrb5_la-recvauth.lo: recvauth.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-recvauth.lo `test -f 'recvauth.c' || echo '$(srcdir)/'`recvauth.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-recvauth.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-recvauth.Tpo -c -o libkrb5_la-recvauth.lo `test -f 'recvauth.c' || echo '$(srcdir)/'`recvauth.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-recvauth.Tpo $(DEPDIR)/libkrb5_la-recvauth.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='recvauth.c' object='libkrb5_la-recvauth.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-recvauth.lo `test -f 'recvauth.c' || echo '$(srcdir)/'`recvauth.c libkrb5_la-replay.lo: replay.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-replay.lo `test -f 'replay.c' || echo '$(srcdir)/'`replay.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-replay.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-replay.Tpo -c -o libkrb5_la-replay.lo `test -f 'replay.c' || echo '$(srcdir)/'`replay.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-replay.Tpo $(DEPDIR)/libkrb5_la-replay.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='replay.c' object='libkrb5_la-replay.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-replay.lo `test -f 'replay.c' || echo '$(srcdir)/'`replay.c + +libkrb5_la-salt.lo: salt.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-salt.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-salt.Tpo -c -o libkrb5_la-salt.lo `test -f 'salt.c' || echo '$(srcdir)/'`salt.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-salt.Tpo $(DEPDIR)/libkrb5_la-salt.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='salt.c' object='libkrb5_la-salt.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-salt.lo `test -f 'salt.c' || echo '$(srcdir)/'`salt.c + +libkrb5_la-salt-aes.lo: salt-aes.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-salt-aes.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-salt-aes.Tpo -c -o libkrb5_la-salt-aes.lo `test -f 'salt-aes.c' || echo '$(srcdir)/'`salt-aes.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-salt-aes.Tpo $(DEPDIR)/libkrb5_la-salt-aes.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='salt-aes.c' object='libkrb5_la-salt-aes.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-salt-aes.lo `test -f 'salt-aes.c' || echo '$(srcdir)/'`salt-aes.c + +libkrb5_la-salt-arcfour.lo: salt-arcfour.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-salt-arcfour.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-salt-arcfour.Tpo -c -o libkrb5_la-salt-arcfour.lo `test -f 'salt-arcfour.c' || echo '$(srcdir)/'`salt-arcfour.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-salt-arcfour.Tpo $(DEPDIR)/libkrb5_la-salt-arcfour.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='salt-arcfour.c' object='libkrb5_la-salt-arcfour.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-salt-arcfour.lo `test -f 'salt-arcfour.c' || echo '$(srcdir)/'`salt-arcfour.c + +libkrb5_la-salt-des.lo: salt-des.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-salt-des.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-salt-des.Tpo -c -o libkrb5_la-salt-des.lo `test -f 'salt-des.c' || echo '$(srcdir)/'`salt-des.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-salt-des.Tpo $(DEPDIR)/libkrb5_la-salt-des.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='salt-des.c' object='libkrb5_la-salt-des.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-salt-des.lo `test -f 'salt-des.c' || echo '$(srcdir)/'`salt-des.c + +libkrb5_la-salt-des3.lo: salt-des3.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-salt-des3.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-salt-des3.Tpo -c -o libkrb5_la-salt-des3.lo `test -f 'salt-des3.c' || echo '$(srcdir)/'`salt-des3.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-salt-des3.Tpo $(DEPDIR)/libkrb5_la-salt-des3.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='salt-des3.c' object='libkrb5_la-salt-des3.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-salt-des3.lo `test -f 'salt-des3.c' || echo '$(srcdir)/'`salt-des3.c + +libkrb5_la-scache.lo: scache.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-scache.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-scache.Tpo -c -o libkrb5_la-scache.lo `test -f 'scache.c' || echo '$(srcdir)/'`scache.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-scache.Tpo $(DEPDIR)/libkrb5_la-scache.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='scache.c' object='libkrb5_la-scache.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-scache.lo `test -f 'scache.c' || echo '$(srcdir)/'`scache.c libkrb5_la-send_to_kdc.lo: send_to_kdc.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-send_to_kdc.lo `test -f 'send_to_kdc.c' || echo '$(srcdir)/'`send_to_kdc.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-send_to_kdc.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-send_to_kdc.Tpo -c -o libkrb5_la-send_to_kdc.lo `test -f 'send_to_kdc.c' || echo '$(srcdir)/'`send_to_kdc.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-send_to_kdc.Tpo $(DEPDIR)/libkrb5_la-send_to_kdc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='send_to_kdc.c' object='libkrb5_la-send_to_kdc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-send_to_kdc.lo `test -f 'send_to_kdc.c' || echo '$(srcdir)/'`send_to_kdc.c libkrb5_la-sendauth.lo: sendauth.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-sendauth.lo `test -f 'sendauth.c' || echo '$(srcdir)/'`sendauth.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-sendauth.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-sendauth.Tpo -c -o libkrb5_la-sendauth.lo `test -f 'sendauth.c' || echo '$(srcdir)/'`sendauth.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-sendauth.Tpo $(DEPDIR)/libkrb5_la-sendauth.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sendauth.c' object='libkrb5_la-sendauth.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-sendauth.lo `test -f 'sendauth.c' || echo '$(srcdir)/'`sendauth.c libkrb5_la-set_default_realm.lo: set_default_realm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-set_default_realm.lo `test -f 'set_default_realm.c' || echo '$(srcdir)/'`set_default_realm.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-set_default_realm.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-set_default_realm.Tpo -c -o libkrb5_la-set_default_realm.lo `test -f 'set_default_realm.c' || echo '$(srcdir)/'`set_default_realm.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-set_default_realm.Tpo $(DEPDIR)/libkrb5_la-set_default_realm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='set_default_realm.c' object='libkrb5_la-set_default_realm.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-set_default_realm.lo `test -f 'set_default_realm.c' || echo '$(srcdir)/'`set_default_realm.c libkrb5_la-sock_principal.lo: sock_principal.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-sock_principal.lo `test -f 'sock_principal.c' || echo '$(srcdir)/'`sock_principal.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-sock_principal.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-sock_principal.Tpo -c -o libkrb5_la-sock_principal.lo `test -f 'sock_principal.c' || echo '$(srcdir)/'`sock_principal.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-sock_principal.Tpo $(DEPDIR)/libkrb5_la-sock_principal.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='sock_principal.c' object='libkrb5_la-sock_principal.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-sock_principal.lo `test -f 'sock_principal.c' || echo '$(srcdir)/'`sock_principal.c libkrb5_la-store.lo: store.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store.lo `test -f 'store.c' || echo '$(srcdir)/'`store.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-store.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-store.Tpo -c -o libkrb5_la-store.lo `test -f 'store.c' || echo '$(srcdir)/'`store.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-store.Tpo $(DEPDIR)/libkrb5_la-store.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='store.c' object='libkrb5_la-store.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store.lo `test -f 'store.c' || echo '$(srcdir)/'`store.c + +libkrb5_la-store-int.lo: store-int.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-store-int.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-store-int.Tpo -c -o libkrb5_la-store-int.lo `test -f 'store-int.c' || echo '$(srcdir)/'`store-int.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-store-int.Tpo $(DEPDIR)/libkrb5_la-store-int.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='store-int.c' object='libkrb5_la-store-int.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store-int.lo `test -f 'store-int.c' || echo '$(srcdir)/'`store-int.c libkrb5_la-store_emem.lo: store_emem.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store_emem.lo `test -f 'store_emem.c' || echo '$(srcdir)/'`store_emem.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-store_emem.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-store_emem.Tpo -c -o libkrb5_la-store_emem.lo `test -f 'store_emem.c' || echo '$(srcdir)/'`store_emem.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-store_emem.Tpo $(DEPDIR)/libkrb5_la-store_emem.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='store_emem.c' object='libkrb5_la-store_emem.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store_emem.lo `test -f 'store_emem.c' || echo '$(srcdir)/'`store_emem.c libkrb5_la-store_fd.lo: store_fd.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store_fd.lo `test -f 'store_fd.c' || echo '$(srcdir)/'`store_fd.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-store_fd.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-store_fd.Tpo -c -o libkrb5_la-store_fd.lo `test -f 'store_fd.c' || echo '$(srcdir)/'`store_fd.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-store_fd.Tpo $(DEPDIR)/libkrb5_la-store_fd.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='store_fd.c' object='libkrb5_la-store_fd.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store_fd.lo `test -f 'store_fd.c' || echo '$(srcdir)/'`store_fd.c libkrb5_la-store_mem.lo: store_mem.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store_mem.lo `test -f 'store_mem.c' || echo '$(srcdir)/'`store_mem.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-store_mem.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-store_mem.Tpo -c -o libkrb5_la-store_mem.lo `test -f 'store_mem.c' || echo '$(srcdir)/'`store_mem.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-store_mem.Tpo $(DEPDIR)/libkrb5_la-store_mem.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='store_mem.c' object='libkrb5_la-store_mem.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store_mem.lo `test -f 'store_mem.c' || echo '$(srcdir)/'`store_mem.c libkrb5_la-plugin.lo: plugin.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-plugin.lo `test -f 'plugin.c' || echo '$(srcdir)/'`plugin.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-plugin.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-plugin.Tpo -c -o libkrb5_la-plugin.lo `test -f 'plugin.c' || echo '$(srcdir)/'`plugin.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-plugin.Tpo $(DEPDIR)/libkrb5_la-plugin.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='plugin.c' object='libkrb5_la-plugin.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-plugin.lo `test -f 'plugin.c' || echo '$(srcdir)/'`plugin.c libkrb5_la-ticket.lo: ticket.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-ticket.lo `test -f 'ticket.c' || echo '$(srcdir)/'`ticket.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-ticket.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-ticket.Tpo -c -o libkrb5_la-ticket.lo `test -f 'ticket.c' || echo '$(srcdir)/'`ticket.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-ticket.Tpo $(DEPDIR)/libkrb5_la-ticket.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ticket.c' object='libkrb5_la-ticket.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-ticket.lo `test -f 'ticket.c' || echo '$(srcdir)/'`ticket.c libkrb5_la-time.lo: time.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-time.lo `test -f 'time.c' || echo '$(srcdir)/'`time.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-time.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-time.Tpo -c -o libkrb5_la-time.lo `test -f 'time.c' || echo '$(srcdir)/'`time.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-time.Tpo $(DEPDIR)/libkrb5_la-time.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='time.c' object='libkrb5_la-time.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-time.lo `test -f 'time.c' || echo '$(srcdir)/'`time.c libkrb5_la-transited.lo: transited.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-transited.lo `test -f 'transited.c' || echo '$(srcdir)/'`transited.c - -libkrb5_la-v4_glue.lo: v4_glue.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-v4_glue.lo `test -f 'v4_glue.c' || echo '$(srcdir)/'`v4_glue.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-transited.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-transited.Tpo -c -o libkrb5_la-transited.lo `test -f 'transited.c' || echo '$(srcdir)/'`transited.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-transited.Tpo $(DEPDIR)/libkrb5_la-transited.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='transited.c' object='libkrb5_la-transited.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-transited.lo `test -f 'transited.c' || echo '$(srcdir)/'`transited.c libkrb5_la-verify_init.lo: verify_init.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-verify_init.lo `test -f 'verify_init.c' || echo '$(srcdir)/'`verify_init.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-verify_init.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-verify_init.Tpo -c -o libkrb5_la-verify_init.lo `test -f 'verify_init.c' || echo '$(srcdir)/'`verify_init.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-verify_init.Tpo $(DEPDIR)/libkrb5_la-verify_init.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='verify_init.c' object='libkrb5_la-verify_init.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-verify_init.lo `test -f 'verify_init.c' || echo '$(srcdir)/'`verify_init.c libkrb5_la-verify_user.lo: verify_user.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-verify_user.lo `test -f 'verify_user.c' || echo '$(srcdir)/'`verify_user.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-verify_user.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-verify_user.Tpo -c -o libkrb5_la-verify_user.lo `test -f 'verify_user.c' || echo '$(srcdir)/'`verify_user.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-verify_user.Tpo $(DEPDIR)/libkrb5_la-verify_user.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='verify_user.c' object='libkrb5_la-verify_user.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-verify_user.lo `test -f 'verify_user.c' || echo '$(srcdir)/'`verify_user.c libkrb5_la-version.lo: version.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-version.lo `test -f 'version.c' || echo '$(srcdir)/'`version.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-version.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-version.Tpo -c -o libkrb5_la-version.lo `test -f 'version.c' || echo '$(srcdir)/'`version.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-version.Tpo $(DEPDIR)/libkrb5_la-version.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='version.c' object='libkrb5_la-version.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-version.lo `test -f 'version.c' || echo '$(srcdir)/'`version.c libkrb5_la-warn.lo: warn.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-warn.lo `test -f 'warn.c' || echo '$(srcdir)/'`warn.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-warn.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-warn.Tpo -c -o libkrb5_la-warn.lo `test -f 'warn.c' || echo '$(srcdir)/'`warn.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-warn.Tpo $(DEPDIR)/libkrb5_la-warn.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='warn.c' object='libkrb5_la-warn.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-warn.lo `test -f 'warn.c' || echo '$(srcdir)/'`warn.c libkrb5_la-write_message.lo: write_message.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-write_message.lo `test -f 'write_message.c' || echo '$(srcdir)/'`write_message.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-write_message.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-write_message.Tpo -c -o libkrb5_la-write_message.lo `test -f 'write_message.c' || echo '$(srcdir)/'`write_message.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-write_message.Tpo $(DEPDIR)/libkrb5_la-write_message.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='write_message.c' object='libkrb5_la-write_message.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-write_message.lo `test -f 'write_message.c' || echo '$(srcdir)/'`write_message.c libkrb5_la-krb5_err.lo: krb5_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-krb5_err.lo `test -f 'krb5_err.c' || echo '$(srcdir)/'`krb5_err.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-krb5_err.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-krb5_err.Tpo -c -o libkrb5_la-krb5_err.lo `test -f 'krb5_err.c' || echo '$(srcdir)/'`krb5_err.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-krb5_err.Tpo $(DEPDIR)/libkrb5_la-krb5_err.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5_err.c' object='libkrb5_la-krb5_err.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-krb5_err.lo `test -f 'krb5_err.c' || echo '$(srcdir)/'`krb5_err.c libkrb5_la-krb_err.lo: krb_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-krb_err.lo `test -f 'krb_err.c' || echo '$(srcdir)/'`krb_err.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-krb_err.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-krb_err.Tpo -c -o libkrb5_la-krb_err.lo `test -f 'krb_err.c' || echo '$(srcdir)/'`krb_err.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-krb_err.Tpo $(DEPDIR)/libkrb5_la-krb_err.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb_err.c' object='libkrb5_la-krb_err.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-krb_err.lo `test -f 'krb_err.c' || echo '$(srcdir)/'`krb_err.c libkrb5_la-heim_err.lo: heim_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-heim_err.lo `test -f 'heim_err.c' || echo '$(srcdir)/'`heim_err.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-heim_err.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-heim_err.Tpo -c -o libkrb5_la-heim_err.lo `test -f 'heim_err.c' || echo '$(srcdir)/'`heim_err.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-heim_err.Tpo $(DEPDIR)/libkrb5_la-heim_err.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='heim_err.c' object='libkrb5_la-heim_err.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-heim_err.lo `test -f 'heim_err.c' || echo '$(srcdir)/'`heim_err.c libkrb5_la-k524_err.lo: k524_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-k524_err.lo `test -f 'k524_err.c' || echo '$(srcdir)/'`k524_err.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libkrb5_la-k524_err.lo -MD -MP -MF $(DEPDIR)/libkrb5_la-k524_err.Tpo -c -o libkrb5_la-k524_err.lo `test -f 'k524_err.c' || echo '$(srcdir)/'`k524_err.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libkrb5_la-k524_err.Tpo $(DEPDIR)/libkrb5_la-k524_err.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='k524_err.c' object='libkrb5_la-k524_err.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-k524_err.lo `test -f 'k524_err.c' || echo '$(srcdir)/'`k524_err.c + +librfc3961_la-crc.lo: crc.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crc.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crc.Tpo -c -o librfc3961_la-crc.lo `test -f 'crc.c' || echo '$(srcdir)/'`crc.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crc.Tpo $(DEPDIR)/librfc3961_la-crc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crc.c' object='librfc3961_la-crc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crc.lo `test -f 'crc.c' || echo '$(srcdir)/'`crc.c + +librfc3961_la-crypto.lo: crypto.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crypto.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crypto.Tpo -c -o librfc3961_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crypto.Tpo $(DEPDIR)/librfc3961_la-crypto.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto.c' object='librfc3961_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c + +librfc3961_la-crypto-aes.lo: crypto-aes.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crypto-aes.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crypto-aes.Tpo -c -o librfc3961_la-crypto-aes.lo `test -f 'crypto-aes.c' || echo '$(srcdir)/'`crypto-aes.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crypto-aes.Tpo $(DEPDIR)/librfc3961_la-crypto-aes.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-aes.c' object='librfc3961_la-crypto-aes.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crypto-aes.lo `test -f 'crypto-aes.c' || echo '$(srcdir)/'`crypto-aes.c + +librfc3961_la-crypto-algs.lo: crypto-algs.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crypto-algs.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crypto-algs.Tpo -c -o librfc3961_la-crypto-algs.lo `test -f 'crypto-algs.c' || echo '$(srcdir)/'`crypto-algs.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crypto-algs.Tpo $(DEPDIR)/librfc3961_la-crypto-algs.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-algs.c' object='librfc3961_la-crypto-algs.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crypto-algs.lo `test -f 'crypto-algs.c' || echo '$(srcdir)/'`crypto-algs.c + +librfc3961_la-crypto-arcfour.lo: crypto-arcfour.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crypto-arcfour.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crypto-arcfour.Tpo -c -o librfc3961_la-crypto-arcfour.lo `test -f 'crypto-arcfour.c' || echo '$(srcdir)/'`crypto-arcfour.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crypto-arcfour.Tpo $(DEPDIR)/librfc3961_la-crypto-arcfour.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-arcfour.c' object='librfc3961_la-crypto-arcfour.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crypto-arcfour.lo `test -f 'crypto-arcfour.c' || echo '$(srcdir)/'`crypto-arcfour.c + +librfc3961_la-crypto-des.lo: crypto-des.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crypto-des.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crypto-des.Tpo -c -o librfc3961_la-crypto-des.lo `test -f 'crypto-des.c' || echo '$(srcdir)/'`crypto-des.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crypto-des.Tpo $(DEPDIR)/librfc3961_la-crypto-des.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-des.c' object='librfc3961_la-crypto-des.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crypto-des.lo `test -f 'crypto-des.c' || echo '$(srcdir)/'`crypto-des.c + +librfc3961_la-crypto-des-common.lo: crypto-des-common.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crypto-des-common.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crypto-des-common.Tpo -c -o librfc3961_la-crypto-des-common.lo `test -f 'crypto-des-common.c' || echo '$(srcdir)/'`crypto-des-common.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crypto-des-common.Tpo $(DEPDIR)/librfc3961_la-crypto-des-common.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-des-common.c' object='librfc3961_la-crypto-des-common.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crypto-des-common.lo `test -f 'crypto-des-common.c' || echo '$(srcdir)/'`crypto-des-common.c + +librfc3961_la-crypto-des3.lo: crypto-des3.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crypto-des3.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crypto-des3.Tpo -c -o librfc3961_la-crypto-des3.lo `test -f 'crypto-des3.c' || echo '$(srcdir)/'`crypto-des3.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crypto-des3.Tpo $(DEPDIR)/librfc3961_la-crypto-des3.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-des3.c' object='librfc3961_la-crypto-des3.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crypto-des3.lo `test -f 'crypto-des3.c' || echo '$(srcdir)/'`crypto-des3.c + +librfc3961_la-crypto-evp.lo: crypto-evp.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crypto-evp.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crypto-evp.Tpo -c -o librfc3961_la-crypto-evp.lo `test -f 'crypto-evp.c' || echo '$(srcdir)/'`crypto-evp.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crypto-evp.Tpo $(DEPDIR)/librfc3961_la-crypto-evp.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-evp.c' object='librfc3961_la-crypto-evp.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crypto-evp.lo `test -f 'crypto-evp.c' || echo '$(srcdir)/'`crypto-evp.c + +librfc3961_la-crypto-null.lo: crypto-null.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crypto-null.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crypto-null.Tpo -c -o librfc3961_la-crypto-null.lo `test -f 'crypto-null.c' || echo '$(srcdir)/'`crypto-null.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crypto-null.Tpo $(DEPDIR)/librfc3961_la-crypto-null.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-null.c' object='librfc3961_la-crypto-null.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crypto-null.lo `test -f 'crypto-null.c' || echo '$(srcdir)/'`crypto-null.c + +librfc3961_la-crypto-pk.lo: crypto-pk.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crypto-pk.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crypto-pk.Tpo -c -o librfc3961_la-crypto-pk.lo `test -f 'crypto-pk.c' || echo '$(srcdir)/'`crypto-pk.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crypto-pk.Tpo $(DEPDIR)/librfc3961_la-crypto-pk.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-pk.c' object='librfc3961_la-crypto-pk.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crypto-pk.lo `test -f 'crypto-pk.c' || echo '$(srcdir)/'`crypto-pk.c + +librfc3961_la-crypto-rand.lo: crypto-rand.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crypto-rand.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crypto-rand.Tpo -c -o librfc3961_la-crypto-rand.lo `test -f 'crypto-rand.c' || echo '$(srcdir)/'`crypto-rand.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crypto-rand.Tpo $(DEPDIR)/librfc3961_la-crypto-rand.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-rand.c' object='librfc3961_la-crypto-rand.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crypto-rand.lo `test -f 'crypto-rand.c' || echo '$(srcdir)/'`crypto-rand.c + +librfc3961_la-crypto-stubs.lo: crypto-stubs.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-crypto-stubs.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-crypto-stubs.Tpo -c -o librfc3961_la-crypto-stubs.lo `test -f 'crypto-stubs.c' || echo '$(srcdir)/'`crypto-stubs.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-crypto-stubs.Tpo $(DEPDIR)/librfc3961_la-crypto-stubs.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto-stubs.c' object='librfc3961_la-crypto-stubs.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-crypto-stubs.lo `test -f 'crypto-stubs.c' || echo '$(srcdir)/'`crypto-stubs.c + +librfc3961_la-data.lo: data.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-data.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-data.Tpo -c -o librfc3961_la-data.lo `test -f 'data.c' || echo '$(srcdir)/'`data.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-data.Tpo $(DEPDIR)/librfc3961_la-data.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='data.c' object='librfc3961_la-data.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-data.lo `test -f 'data.c' || echo '$(srcdir)/'`data.c + +librfc3961_la-error_string.lo: error_string.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-error_string.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-error_string.Tpo -c -o librfc3961_la-error_string.lo `test -f 'error_string.c' || echo '$(srcdir)/'`error_string.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-error_string.Tpo $(DEPDIR)/librfc3961_la-error_string.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='error_string.c' object='librfc3961_la-error_string.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-error_string.lo `test -f 'error_string.c' || echo '$(srcdir)/'`error_string.c + +librfc3961_la-keyblock.lo: keyblock.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-keyblock.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-keyblock.Tpo -c -o librfc3961_la-keyblock.lo `test -f 'keyblock.c' || echo '$(srcdir)/'`keyblock.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-keyblock.Tpo $(DEPDIR)/librfc3961_la-keyblock.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='keyblock.c' object='librfc3961_la-keyblock.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-keyblock.lo `test -f 'keyblock.c' || echo '$(srcdir)/'`keyblock.c + +librfc3961_la-n-fold.lo: n-fold.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-n-fold.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-n-fold.Tpo -c -o librfc3961_la-n-fold.lo `test -f 'n-fold.c' || echo '$(srcdir)/'`n-fold.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-n-fold.Tpo $(DEPDIR)/librfc3961_la-n-fold.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='n-fold.c' object='librfc3961_la-n-fold.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-n-fold.lo `test -f 'n-fold.c' || echo '$(srcdir)/'`n-fold.c + +librfc3961_la-salt.lo: salt.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-salt.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-salt.Tpo -c -o librfc3961_la-salt.lo `test -f 'salt.c' || echo '$(srcdir)/'`salt.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-salt.Tpo $(DEPDIR)/librfc3961_la-salt.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='salt.c' object='librfc3961_la-salt.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-salt.lo `test -f 'salt.c' || echo '$(srcdir)/'`salt.c + +librfc3961_la-salt-aes.lo: salt-aes.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-salt-aes.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-salt-aes.Tpo -c -o librfc3961_la-salt-aes.lo `test -f 'salt-aes.c' || echo '$(srcdir)/'`salt-aes.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-salt-aes.Tpo $(DEPDIR)/librfc3961_la-salt-aes.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='salt-aes.c' object='librfc3961_la-salt-aes.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-salt-aes.lo `test -f 'salt-aes.c' || echo '$(srcdir)/'`salt-aes.c + +librfc3961_la-salt-arcfour.lo: salt-arcfour.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-salt-arcfour.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-salt-arcfour.Tpo -c -o librfc3961_la-salt-arcfour.lo `test -f 'salt-arcfour.c' || echo '$(srcdir)/'`salt-arcfour.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-salt-arcfour.Tpo $(DEPDIR)/librfc3961_la-salt-arcfour.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='salt-arcfour.c' object='librfc3961_la-salt-arcfour.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-salt-arcfour.lo `test -f 'salt-arcfour.c' || echo '$(srcdir)/'`salt-arcfour.c + +librfc3961_la-salt-des.lo: salt-des.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-salt-des.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-salt-des.Tpo -c -o librfc3961_la-salt-des.lo `test -f 'salt-des.c' || echo '$(srcdir)/'`salt-des.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-salt-des.Tpo $(DEPDIR)/librfc3961_la-salt-des.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='salt-des.c' object='librfc3961_la-salt-des.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-salt-des.lo `test -f 'salt-des.c' || echo '$(srcdir)/'`salt-des.c + +librfc3961_la-salt-des3.lo: salt-des3.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-salt-des3.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-salt-des3.Tpo -c -o librfc3961_la-salt-des3.lo `test -f 'salt-des3.c' || echo '$(srcdir)/'`salt-des3.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-salt-des3.Tpo $(DEPDIR)/librfc3961_la-salt-des3.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='salt-des3.c' object='librfc3961_la-salt-des3.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-salt-des3.lo `test -f 'salt-des3.c' || echo '$(srcdir)/'`salt-des3.c + +librfc3961_la-store-int.lo: store-int.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-store-int.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-store-int.Tpo -c -o librfc3961_la-store-int.lo `test -f 'store-int.c' || echo '$(srcdir)/'`store-int.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-store-int.Tpo $(DEPDIR)/librfc3961_la-store-int.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='store-int.c' object='librfc3961_la-store-int.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-store-int.lo `test -f 'store-int.c' || echo '$(srcdir)/'`store-int.c + +librfc3961_la-warn.lo: warn.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT librfc3961_la-warn.lo -MD -MP -MF $(DEPDIR)/librfc3961_la-warn.Tpo -c -o librfc3961_la-warn.lo `test -f 'warn.c' || echo '$(srcdir)/'`warn.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/librfc3961_la-warn.Tpo $(DEPDIR)/librfc3961_la-warn.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='warn.c' object='librfc3961_la-warn.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(librfc3961_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o librfc3961_la-warn.lo `test -f 'warn.c' || echo '$(srcdir)/'`warn.c mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man3: $(man3_MANS) $(man_MANS) +install-man3: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)" - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man3dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.3[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ + done; } + uninstall-man3: @$(NORMAL_UNINSTALL) - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man3dir)/$$inst"; \ - done -install-man5: $(man5_MANS) $(man_MANS) + @list=''; test -n "$(man3dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.3[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man3dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man3dir)" && rm -f $$files; } +install-man5: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)" - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man5dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.5[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ + done; } + uninstall-man5: @$(NORMAL_UNINSTALL) - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man5dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) + @list=''; test -n "$(man5dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.5[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man5dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man5dir)" && rm -f $$files; } +install-man8: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man8dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + uninstall-man8: @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man8dir)" && rm -f $$files; } install-dist_includeHEADERS: $(dist_include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(dist_include_HEADERS)'; for p in $$list; do \ + @list='$(dist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(dist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(dist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-dist_includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(dist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(dist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files install-krb5HEADERS: $(krb5_HEADERS) @$(NORMAL_INSTALL) test -z "$(krb5dir)" || $(MKDIR_P) "$(DESTDIR)$(krb5dir)" - @list='$(krb5_HEADERS)'; for p in $$list; do \ + @list='$(krb5_HEADERS)'; test -n "$(krb5dir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(krb5HEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(krb5dir)/$$f'"; \ - $(krb5HEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(krb5dir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(krb5dir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(krb5dir)" || exit $$?; \ done uninstall-krb5HEADERS: @$(NORMAL_UNINSTALL) - @list='$(krb5_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(krb5dir)/$$f'"; \ - rm -f "$(DESTDIR)$(krb5dir)/$$f"; \ - done + @list='$(krb5_HEADERS)'; test -n "$(krb5dir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(krb5dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(krb5dir)" && rm -f $$files install-nodist_includeHEADERS: $(nodist_include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nodist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-nodist_includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ srcdir=$(srcdir); export srcdir; \ list=' $(TESTS) '; \ + $(am__tty_colors); \ if test -n "$$list"; then \ for tst in $$list; do \ if test -f ./$$tst; then dir=./; \ @@ -1605,49 +2744,63 @@ check-TESTS: $(TESTS) if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xpass=`expr $$xpass + 1`; \ failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ + col=$$red; res=XPASS; \ ;; \ *) \ - echo "PASS: $$tst"; \ + col=$$grn; res=PASS; \ ;; \ esac; \ elif test $$? -ne 77; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ + col=$$lgn; res=XFAIL; \ ;; \ *) \ failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ + col=$$red; res=FAIL; \ ;; \ esac; \ else \ skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ + col=$$blu; res=SKIP; \ fi; \ + echo "$${col}$$res$${std}: $$tst"; \ done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ if test "$$failed" -eq 0; then \ if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ + banner="$$All$$all $$tests passed"; \ else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ fi; \ else \ if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ + banner="$$failed of $$all $$tests failed"; \ else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ fi; \ fi; \ dashes="$$banner"; \ skipped=""; \ if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ dashes="$$skipped"; \ fi; \ @@ -1658,15 +2811,32 @@ check-TESTS: $(TESTS) dashes="$$report"; \ fi; \ dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ + if test "$$failed" -eq 0; then \ + echo "$$grn$$dashes"; \ + else \ + echo "$$red$$dashes"; \ + fi; \ echo "$$banner"; \ test -z "$$skipped" || echo "$$skipped"; \ test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ + echo "$$dashes$$std"; \ test "$$failed" -eq 0; \ else :; fi distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -1682,13 +2852,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -1696,7 +2870,7 @@ distdir: $(DISTFILES) top_distdir="$(top_distdir)" distdir="$(distdir)" \ dist-hook check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) + $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) $(check_DATA) $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local check: check-am all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(HEADERS) \ @@ -1728,6 +2902,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -1735,10 +2910,11 @@ maintainer-clean-generic: clean: clean-am clean-am: clean-binPROGRAMS clean-checkPROGRAMS clean-generic \ - clean-libLTLIBRARIES clean-libtool clean-noinstPROGRAMS \ - mostlyclean-am + clean-libLTLIBRARIES clean-libtool clean-noinstLTLIBRARIES \ + clean-noinstPROGRAMS mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -1749,6 +2925,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -1757,26 +2935,35 @@ install-data-am: install-dist_includeHEADERS install-krb5HEADERS \ install-man install-nodist_includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-binPROGRAMS install-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man3 install-man5 install-man8 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -1798,24 +2985,24 @@ uninstall-am: uninstall-binPROGRAMS uninstall-dist_includeHEADERS \ uninstall-nodist_includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man3 uninstall-man5 uninstall-man8 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ check-local clean clean-binPROGRAMS clean-checkPROGRAMS \ clean-generic clean-libLTLIBRARIES clean-libtool \ - clean-noinstPROGRAMS ctags dist-hook distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-binPROGRAMS install-data \ - install-data-am install-data-hook install-dist_includeHEADERS \ - install-dvi install-dvi-am install-exec install-exec-am \ - install-exec-hook install-html install-html-am install-info \ - install-info-am install-krb5HEADERS install-libLTLIBRARIES \ - install-man install-man3 install-man5 install-man8 \ + clean-noinstLTLIBRARIES clean-noinstPROGRAMS ctags dist-hook \ + distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-binPROGRAMS \ + install-data install-data-am install-data-hook \ + install-dist_includeHEADERS install-dvi install-dvi-am \ + install-exec install-exec-am install-exec-hook install-html \ + install-html-am install-info install-info-am \ + install-krb5HEADERS install-libLTLIBRARIES install-man \ + install-man3 install-man5 install-man8 \ install-nodist_includeHEADERS install-pdf install-pdf-am \ install-ps install-ps-am install-strip installcheck \ installcheck-am installdirs maintainer-clean \ @@ -1896,6 +3083,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -1981,7 +3171,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -1995,16 +3185,19 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) fi ; \ done -$(libkrb5_la_OBJECTS) $(verify_krb5_conf_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h +$(libkrb5_la_OBJECTS) $(verify_krb5_conf_OBJECTS) $(librfc3961_la_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h krb5_err.h heim_err.h k524_err.h krb5_err.h krb_err.h k524_err.h $(srcdir)/krb5-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -E KRB5_LIB_FUNCTION -q -P comment -o krb5-protos.h $(dist_libkrb5_la_SOURCES) || rm -f krb5-protos.h + cd $(srcdir) && perl ../../cf/make-proto.pl -E KRB5_LIB -q -P comment -o krb5-protos.h $(dist_libkrb5_la_SOURCES) || rm -f krb5-protos.h $(srcdir)/krb5-private.h: cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p krb5-private.h $(dist_libkrb5_la_SOURCES) || rm -f krb5-private.h $(libkrb5_la_OBJECTS): krb5_err.h krb_err.h heim_err.h k524_err.h +test_config_strings.out: test_config_strings.cfg + $(CP) $(srcdir)/test_config_strings.cfg test_config_strings.out + #sysconf_DATA = krb5.moduli # to help stupid solaris make @@ -2016,6 +3209,7 @@ krb_err.h: krb_err.et heim_err.h: heim_err.et k524_err.h: k524_err.et + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/krb5/NTMakefile b/lib/krb5/NTMakefile new file mode 100644 index 000000000000..733121c80a9f --- /dev/null +++ b/lib/krb5/NTMakefile @@ -0,0 +1,485 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\krb5 + +!include ../../windows/NTMakefile.w32 + +libkrb5_OBJS = \ + $(OBJ)\acache.obj \ + $(OBJ)\acl.obj \ + $(OBJ)\add_et_list.obj \ + $(OBJ)\addr_families.obj \ + $(OBJ)\aname_to_localname.obj \ + $(OBJ)\appdefault.obj \ + $(OBJ)\asn1_glue.obj \ + $(OBJ)\auth_context.obj \ + $(OBJ)\build_ap_req.obj \ + $(OBJ)\build_auth.obj \ + $(OBJ)\cache.obj \ + $(OBJ)\changepw.obj \ + $(OBJ)\codec.obj \ + $(OBJ)\config_file.obj \ + $(OBJ)\config_reg.obj \ + $(OBJ)\constants.obj \ + $(OBJ)\context.obj \ + $(OBJ)\copy_host_realm.obj \ + $(OBJ)\crc.obj \ + $(OBJ)\creds.obj \ + $(OBJ)\crypto.obj \ + $(OBJ)\crypto-aes.obj \ + $(OBJ)\crypto-algs.obj \ + $(OBJ)\crypto-arcfour.obj \ + $(OBJ)\crypto-des-common.obj \ + $(OBJ)\crypto-des.obj \ + $(OBJ)\crypto-des3.obj \ + $(OBJ)\crypto-evp.obj \ + $(OBJ)\crypto-null.obj \ + $(OBJ)\crypto-pk.obj \ + $(OBJ)\crypto-rand.obj \ + $(OBJ)\data.obj \ + $(OBJ)\deprecated.obj \ + $(OBJ)\digest.obj \ + $(OBJ)\dll.obj \ + $(OBJ)\eai_to_heim_errno.obj \ + $(OBJ)\error_string.obj \ + $(OBJ)\expand_hostname.obj \ + $(OBJ)\expand_path.obj \ + $(OBJ)\fcache.obj \ + $(OBJ)\free.obj \ + $(OBJ)\free_host_realm.obj \ + $(OBJ)\generate_seq_number.obj \ + $(OBJ)\generate_subkey.obj \ + $(OBJ)\get_addrs.obj \ + $(OBJ)\get_cred.obj \ + $(OBJ)\get_default_principal.obj \ + $(OBJ)\get_default_realm.obj \ + $(OBJ)\get_for_creds.obj \ + $(OBJ)\get_host_realm.obj \ + $(OBJ)\get_in_tkt.obj \ + $(OBJ)\get_port.obj \ + $(OBJ)\init_creds.obj \ + $(OBJ)\init_creds_pw.obj \ + $(OBJ)\kcm.obj \ + $(OBJ)\keyblock.obj \ + $(OBJ)\keytab.obj \ + $(OBJ)\keytab_any.obj \ + $(OBJ)\keytab_file.obj \ + $(OBJ)\keytab_keyfile.obj \ + $(OBJ)\keytab_memory.obj \ + $(OBJ)\krbhst.obj \ + $(OBJ)\kuserok.obj \ + $(OBJ)\log.obj \ + $(OBJ)\mcache.obj \ + $(OBJ)\misc.obj \ + $(OBJ)\mit_glue.obj \ + $(OBJ)\mk_error.obj \ + $(OBJ)\mk_priv.obj \ + $(OBJ)\mk_rep.obj \ + $(OBJ)\mk_req.obj \ + $(OBJ)\mk_req_ext.obj \ + $(OBJ)\mk_safe.obj \ + $(OBJ)\net_read.obj \ + $(OBJ)\net_write.obj \ + $(OBJ)\n-fold.obj \ + $(OBJ)\pac.obj \ + $(OBJ)\padata.obj \ + $(OBJ)\pkinit.obj \ + $(OBJ)\principal.obj \ + $(OBJ)\prog_setup.obj \ + $(OBJ)\prompter_posix.obj \ + $(OBJ)\rd_cred.obj \ + $(OBJ)\rd_error.obj \ + $(OBJ)\rd_priv.obj \ + $(OBJ)\rd_rep.obj \ + $(OBJ)\rd_req.obj \ + $(OBJ)\rd_safe.obj \ + $(OBJ)\read_message.obj \ + $(OBJ)\recvauth.obj \ + $(OBJ)\replay.obj \ + $(OBJ)\salt-aes.obj \ + $(OBJ)\salt-arcfour.obj \ + $(OBJ)\salt-des.obj \ + $(OBJ)\salt-des3.obj \ + $(OBJ)\salt.obj \ + $(OBJ)\scache.obj \ + $(OBJ)\send_to_kdc.obj \ + $(OBJ)\sendauth.obj \ + $(OBJ)\set_default_realm.obj \ + $(OBJ)\sock_principal.obj \ + $(OBJ)\store.obj \ + $(OBJ)\store-int.obj \ + $(OBJ)\store_emem.obj \ + $(OBJ)\store_fd.obj \ + $(OBJ)\store_mem.obj \ + $(OBJ)\pcache.obj \ + $(OBJ)\plugin.obj \ + $(OBJ)\ticket.obj \ + $(OBJ)\time.obj \ + $(OBJ)\transited.obj \ + $(OBJ)\verify_init.obj \ + $(OBJ)\verify_user.obj \ + $(OBJ)\version.obj \ + $(OBJ)\warn.obj \ + $(OBJ)\write_message.obj + +libkrb5_gen_OBJS= \ + $(OBJ)\krb5_err.obj \ + $(OBJ)\krb_err.obj \ + $(OBJ)\heim_err.obj \ + $(OBJ)\k524_err.obj + +INCFILES= \ + $(INCDIR)\heim_err.h \ + $(INCDIR)\k524_err.h \ + $(INCDIR)\kcm.h \ + $(INCDIR)\krb_err.h \ + $(INCDIR)\krb5.h \ + $(INCDIR)\krb5_ccapi.h \ + $(INCDIR)\krb5_err.h \ + $(INCDIR)\krb5_locl.h \ + $(INCDIR)\krb5-protos.h \ + $(INCDIR)\krb5-private.h \ + $(INCDIR)\krb5-v4compat.h \ + $(INCDIR)\crypto.h + +all:: $(INCFILES) + +clean:: + -$(RM) $(INCFILES) + +dist_libkrb5_la_SOURCES = \ + acache.c \ + acl.c \ + add_et_list.c \ + addr_families.c \ + aname_to_localname.c \ + appdefault.c \ + asn1_glue.c \ + auth_context.c \ + build_ap_req.c \ + build_auth.c \ + cache.c \ + changepw.c \ + codec.c \ + config_file.c \ + config_reg.c \ + constants.c \ + context.c \ + copy_host_realm.c \ + crc.c \ + creds.c \ + crypto.c \ + crypto.h \ + crypto-aes.c \ + crypto-algs.c \ + crypto-arcfour.c \ + crypto-des.c \ + crypto-des-common.c \ + crypto-des3.c \ + crypto-evp.c \ + crypto-pk.c \ + crypto-rand.c \ + doxygen.c \ + data.c \ + deprecated.c \ + digest.c \ + eai_to_heim_errno.c \ + error_string.c \ + expand_hostname.c \ + expand_path.c \ + fcache.c \ + free.c \ + free_host_realm.c \ + generate_seq_number.c \ + generate_subkey.c \ + get_addrs.c \ + get_cred.c \ + get_default_principal.c \ + get_default_realm.c \ + get_for_creds.c \ + get_host_realm.c \ + get_in_tkt.c \ + get_port.c \ + init_creds.c \ + init_creds_pw.c \ + kcm.c \ + kcm.h \ + keyblock.c \ + keytab.c \ + keytab_any.c \ + keytab_file.c \ + keytab_keyfile.c \ + keytab_memory.c \ + krb5_locl.h \ + krb5-v4compat.h \ + krbhst.c \ + kuserok.c \ + log.c \ + mcache.c \ + misc.c \ + mk_error.c \ + mk_priv.c \ + mk_rep.c \ + mk_req.c \ + mk_req_ext.c \ + mk_safe.c \ + mit_glue.c \ + net_read.c \ + net_write.c \ + n-fold.c \ + pac.c \ + padata.c \ + pkinit.c \ + principal.c \ + prog_setup.c \ + prompter_posix.c \ + rd_cred.c \ + rd_error.c \ + rd_priv.c \ + rd_rep.c \ + rd_req.c \ + rd_safe.c \ + read_message.c \ + recvauth.c \ + replay.c \ + salt.c \ + salt-aes.c \ + salt-arcfour.c \ + salt-des.c \ + salt-des3.c \ + scache.c \ + send_to_kdc.c \ + sendauth.c \ + set_default_realm.c \ + sock_principal.c \ + store.c \ + store-int.c \ + store-int.h \ + store_emem.c \ + store_fd.c \ + store_mem.c \ + pcache.c \ + plugin.c \ + ticket.c \ + time.c \ + transited.c \ + verify_init.c \ + verify_user.c \ + version.c \ + warn.c \ + write_message.c + +$(OBJ)\krb5-protos.h: $(dist_libkrb5_la_SOURCES) + $(PERL) ..\..\cf\make-proto.pl -E KRB5_LIB -q -P remove -o $(OBJ)\krb5-protos.h $(dist_libkrb5_la_SOURCES) || $(RM) -f $(OBJ)\krb5-protos.h + +$(OBJ)\krb5-private.h: $(dist_libkrb5_la_SOURCES) + $(PERL) ..\..\cf\make-proto.pl -q -P remove -p $(OBJ)\krb5-private.h $(dist_libkrb5_la_SOURCES) || $(RM) -f $(OBJ)\krb5-private.h + +$(OBJ)\krb5_err.c $(OBJ)\krb5_err.h: krb5_err.et + cd $(OBJ) + $(BINDIR)\compile_et.exe $(SRCDIR)\krb5_err.et + cd $(SRCDIR) + +$(OBJ)\krb_err.c $(OBJ)\krb_err.h: krb_err.et + cd $(OBJ) + $(BINDIR)\compile_et.exe $(SRCDIR)\krb_err.et + cd $(SRCDIR) + +$(OBJ)\heim_err.c $(OBJ)\heim_err.h: heim_err.et + cd $(OBJ) + $(BINDIR)\compile_et.exe $(SRCDIR)\heim_err.et + cd $(SRCDIR) + +$(OBJ)\k524_err.c $(OBJ)\k524_err.h: k524_err.et + cd $(OBJ) + $(BINDIR)\compile_et.exe $(SRCDIR)\k524_err.et + cd $(SRCDIR) + +#---------------------------------------------------------------------- +# libkrb5 + +$(LIBKRB5): $(libkrb5_OBJS) $(libkrb5_gen_OBJS) + $(LIBCON) + +all:: $(LIBKRB5) + +clean:: + -$(RM) $(LIBKRB5) + +$(OBJ)\libkrb5-exports.def: libkrb5-exports.def.in $(INCDIR)\config.h + $(CPREPROCESSOUT) libkrb5-exports.def.in > $@ || $(RM) $@ + +all:: $(OBJ)\libkrb5-exports.def + +clean:: + -$(RM) $(OBJ)\libkrb5-exports.def + +#---------------------------------------------------------------------- +# librfc3961 + +librfc3961_OBJS=\ + $(OBJ)\crc.obj \ + $(OBJ)\crypto.obj \ + $(OBJ)\crypto-aes.obj \ + $(OBJ)\crypto-algs.obj \ + $(OBJ)\crypto-arcfour.obj \ + $(OBJ)\crypto-des.obj \ + $(OBJ)\crypto-des-common.obj \ + $(OBJ)\crypto-des3.obj \ + $(OBJ)\crypto-evp.obj \ + $(OBJ)\crypto-null.obj \ + $(OBJ)\crypto-pk.obj \ + $(OBJ)\crypto-rand.obj \ + $(OBJ)\crypto-stubs.obj \ + $(OBJ)\data.obj \ + $(OBJ)\error_string.obj \ + $(OBJ)\keyblock.obj \ + $(OBJ)\n-fold.obj \ + $(OBJ)\salt.obj \ + $(OBJ)\salt-aes.obj \ + $(OBJ)\salt-arcfour.obj \ + $(OBJ)\salt-des.obj \ + $(OBJ)\salt-des3.obj \ + $(OBJ)\store-int.obj \ + $(OBJ)\warn.obj + +$(LIBRFC3961): $(librfc3961_OBJS) + $(LIBCON) + +all:: $(LIBRFC3961) + +clean:: + -$(RM) $(LIBRFC3961) + +#---------------------------------------------------------------------- +# Tools + +all-tools:: $(BINDIR)\verify_krb5_conf.exe + +clean:: + -$(RM) $(BINDIR)\verify_krb5_conf.* + +$(BINDIR)\verify_krb5_conf.exe: $(OBJ)\verify_krb5_conf.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS) $(OBJ)\verify_krb5_conf-version.res + $(EXECONLINK) + $(EXEPREP) + +{}.c{$(OBJ)}.obj:: + $(C2OBJ_P) -DBUILD_KRB5_LIB -DASN1_LIB + +{$(OBJ)}.c{$(OBJ)}.obj:: + $(C2OBJ_P) -DBUILD_KRB5_LIB -DASN1_LIB + +#---------------------------------------------------------------------- +# Tests + +test:: test-binaries test-files test-run + +test_binaries = \ + $(OBJ)\aes-test.exe \ + $(OBJ)\derived-key-test.exe \ + $(OBJ)\krbhst-test.exe \ + $(OBJ)\n-fold-test.exe \ + $(OBJ)\parse-name-test.exe \ + $(OBJ)\store-test.exe \ + $(OBJ)\string-to-key-test.exe \ + $(OBJ)\test_acl.exe \ + $(OBJ)\test_addr.exe \ + $(OBJ)\test_alname.exe \ + $(OBJ)\test_cc.exe \ + $(OBJ)\test_config.exe \ + $(OBJ)\test_crypto.exe \ + $(OBJ)\test_crypto_wrapping.exe \ + $(OBJ)\test_forward.exe \ + $(OBJ)\test_get_addrs.exe \ + $(OBJ)\test_hostname.exe \ + $(OBJ)\test_keytab.exe \ + $(OBJ)\test_kuserok.exe \ + $(OBJ)\test_mem.exe \ + $(OBJ)\test_pac.exe \ + $(OBJ)\test_pkinit_dh2key.exe \ + $(OBJ)\test_pknistkdf.exe \ + $(OBJ)\test_plugin.exe \ + $(OBJ)\test_prf.exe \ + $(OBJ)\test_princ.exe \ + $(OBJ)\test_renew.exe \ + $(OBJ)\test_rfc3961.exe \ + $(OBJ)\test_store.exe \ + $(OBJ)\test_time.exe \ + +test-binaries: $(test_binaries) + +test-files: $(OBJ)\test_config_strings.out + +$(OBJ)\test_config_strings.out: test_config_strings.cfg + $(CP) $** $@ + +test-run: + cd $(OBJ) + aes-test.exe + derived-key-test.exe + n-fold-test.exe + parse-name-test.exe + store-test.exe + string-to-key-test.exe + test_acl.exe + test_addr.exe + test_cc.exe + test_config.exe + test_prf.exe + test_store.exe + test_crypto.exe + test_crypto_wrapping.exe + test_keytab.exe + test_mem.exe + test_pac.exe + test_plugin.exe + test_princ.exe + test_pkinit_dh2key.exe + test_pknistkdf.exe + test_time.exe + cd $(SRCDIR) + +$(test_binaries): $$(@R).obj $(LIBHEIMDAL) $(LIBVERS) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(OBJ)\test_rfc3961.exe: $(OBJ)\test_rfc3961.obj $(LIBRFC3961) $(LIBHEIMDAL) $(LIBVERS) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +$(test_binaries:.exe=.obj): $$(@B).c + $(C2OBJ_C) -Fo$@ -Fd$(@D)\ $** -DBlah + +test-exports: + $(PERL) ..\..\cf\w32-check-exported-symbols.pl --vs version-script.map --def libkrb5-exports.def.in + +test:: test-exports diff --git a/lib/krb5/acache.c b/lib/krb5/acache.c index 30a6d90c3451..19eeecda429b 100644 --- a/lib/krb5/acache.c +++ b/lib/krb5/acache.c @@ -1,34 +1,36 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" @@ -37,14 +39,15 @@ #include #endif -RCSID("$Id: acache.c 22099 2007-12-03 17:14:34Z lha $"); +#ifndef KCM_IS_API_CACHE -/* XXX should we fetch these for each open ? */ static HEIMDAL_MUTEX acc_mutex = HEIMDAL_MUTEX_INITIALIZER; static cc_initialize_func init_func; +static void (KRB5_CALLCONV *set_target_uid)(uid_t); +static void (KRB5_CALLCONV *clear_target)(void); #ifdef HAVE_DLOPEN -static void *cc_handle; +static void *cc_handle; #endif typedef struct krb5_acc { @@ -53,7 +56,7 @@ typedef struct krb5_acc { cc_ccache_t ccache; } krb5_acc; -static krb5_error_code acc_close(krb5_context, krb5_ccache); +static krb5_error_code KRB5_CALLCONV acc_close(krb5_context, krb5_ccache); #define ACACHE(X) ((krb5_acc *)(X)->data.data) @@ -68,14 +71,15 @@ static const struct { { ccIteratorEnd, KRB5_CC_END }, { ccErrNoMem, KRB5_CC_NOMEM }, { ccErrServerUnavailable, KRB5_CC_NOSUPP }, + { ccErrInvalidCCache, KRB5_CC_BADNAME }, { ccNoError, 0 } }; static krb5_error_code translate_cc_error(krb5_context context, cc_int32 error) { - int i; - krb5_clear_error_string(context); + size_t i; + krb5_clear_error_message(context); for(i = 0; i < sizeof(cc_errors)/sizeof(cc_errors[0]); i++) if (cc_errors[i].error == error) return cc_errors[i].ret; @@ -85,21 +89,25 @@ translate_cc_error(krb5_context context, cc_int32 error) static krb5_error_code init_ccapi(krb5_context context) { - const char *lib; + const char *lib = NULL; HEIMDAL_MUTEX_lock(&acc_mutex); if (init_func) { HEIMDAL_MUTEX_unlock(&acc_mutex); - krb5_clear_error_string(context); + if (context) + krb5_clear_error_message(context); return 0; } - lib = krb5_config_get_string(context, NULL, - "libdefaults", "ccapi_library", - NULL); + if (context) + lib = krb5_config_get_string(context, NULL, + "libdefaults", "ccapi_library", + NULL); if (lib == NULL) { #ifdef __APPLE__ lib = "/System/Library/Frameworks/Kerberos.framework/Kerberos"; +#elif defined(KRB5_USE_PATH_TOKENS) && defined(_WIN32) + lib = "%{LIBDIR}/libkrb5_cc.dll"; #else lib = "/usr/lib/libkrb5_cc.so"; #endif @@ -109,20 +117,43 @@ init_ccapi(krb5_context context) #ifndef RTLD_LAZY #define RTLD_LAZY 0 +#endif +#ifndef RTLD_LOCAL +#define RTLD_LOCAL 0 +#endif + +#ifdef KRB5_USE_PATH_TOKENS + { + char * explib = NULL; + if (_krb5_expand_path_tokens(context, lib, &explib) == 0) { + cc_handle = dlopen(explib, RTLD_LAZY|RTLD_LOCAL); + free(explib); + } + } +#else + cc_handle = dlopen(lib, RTLD_LAZY|RTLD_LOCAL); #endif - cc_handle = dlopen(lib, RTLD_LAZY); if (cc_handle == NULL) { HEIMDAL_MUTEX_unlock(&acc_mutex); - krb5_set_error_string(context, "Failed to load %s", lib); + if (context) + krb5_set_error_message(context, KRB5_CC_NOSUPP, + N_("Failed to load API cache module %s", "file"), + lib); return KRB5_CC_NOSUPP; } init_func = (cc_initialize_func)dlsym(cc_handle, "cc_initialize"); + set_target_uid = (void (KRB5_CALLCONV *)(uid_t)) + dlsym(cc_handle, "krb5_ipc_client_set_target_uid"); + clear_target = (void (KRB5_CALLCONV *)(void)) + dlsym(cc_handle, "krb5_ipc_client_clear_target"); HEIMDAL_MUTEX_unlock(&acc_mutex); if (init_func == NULL) { - krb5_set_error_string(context, "Failed to find cc_initialize" - "in %s: %s", lib, dlerror()); + if (context) + krb5_set_error_message(context, KRB5_CC_NOSUPP, + N_("Failed to find cc_initialize" + "in %s: %s", "file, error"), lib, dlerror()); dlclose(cc_handle); return KRB5_CC_NOSUPP; } @@ -130,10 +161,28 @@ init_ccapi(krb5_context context) return 0; #else HEIMDAL_MUTEX_unlock(&acc_mutex); - krb5_set_error_string(context, "no support for shared object"); + if (context) + krb5_set_error_message(context, KRB5_CC_NOSUPP, + N_("no support for shared object", "")); return KRB5_CC_NOSUPP; #endif -} +} + +void +_heim_krb5_ipc_client_set_target_uid(uid_t uid) +{ + init_ccapi(NULL); + if (set_target_uid != NULL) + (*set_target_uid)(uid); +} + +void +_heim_krb5_ipc_client_clear_target(void) +{ + init_ccapi(NULL); + if (clear_target != NULL) + (*clear_target)(); +} static krb5_error_code make_cred_from_ccred(krb5_context context, @@ -141,7 +190,7 @@ make_cred_from_ccred(krb5_context context, krb5_creds *cred) { krb5_error_code ret; - int i; + unsigned int i; memset(cred, 0, sizeof(*cred)); @@ -180,13 +229,13 @@ make_cred_from_ccred(krb5_context context, cred->authdata.val = NULL; cred->authdata.len = 0; - + cred->addresses.val = NULL; cred->addresses.len = 0; - + for (i = 0; incred->authdata && incred->authdata[i]; i++) ; - + if (i) { cred->authdata.val = calloc(i, sizeof(cred->authdata.val[0])); if (cred->authdata.val == NULL) @@ -201,16 +250,16 @@ make_cred_from_ccred(krb5_context context, goto nomem; } } - + for (i = 0; incred->addresses && incred->addresses[i]; i++) ; - + if (i) { cred->addresses.val = calloc(i, sizeof(cred->addresses.val[0])); if (cred->addresses.val == NULL) goto nomem; cred->addresses.len = i; - + for (i = 0; i < cred->addresses.len; i++) { cred->addresses.val[i].addr_type = incred->addresses[i]->type; ret = krb5_data_copy(&cred->addresses.val[i].address, @@ -220,7 +269,7 @@ make_cred_from_ccred(krb5_context context, goto nomem; } } - + cred->flags.i = 0; if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_FORWARDABLE) cred->flags.b.forwardable = 1; @@ -252,11 +301,11 @@ make_cred_from_ccred(krb5_context context, cred->flags.b.anonymous = 1; return 0; - + nomem: ret = ENOMEM; - krb5_set_error_string(context, "malloc - out of memory"); - + krb5_set_error_message(context, ret, N_("malloc: out of memory", "malloc")); + fail: krb5_free_cred_contents(context, cred); return ret; @@ -288,7 +337,7 @@ make_ccred_from_cred(krb5_context context, cc_credentials_v5_t *cred) { krb5_error_code ret; - int i; + size_t i; memset(cred, 0, sizeof(*cred)); @@ -317,8 +366,8 @@ make_ccred_from_cred(krb5_context context, /* XXX this one should also be filled in */ cred->authdata = NULL; - - cred->addresses = calloc(incred->addresses.len + 1, + + cred->addresses = calloc(incred->addresses.len + 1, sizeof(cred->addresses[0])); if (cred->addresses == NULL) { @@ -337,10 +386,11 @@ make_ccred_from_cred(krb5_context context, addr->length = incred->addresses.val[i].address.length; addr->data = malloc(addr->length); if (addr->data == NULL) { + free(addr); ret = ENOMEM; goto fail; } - memcpy(addr->data, incred->addresses.val[i].address.data, + memcpy(addr->data, incred->addresses.val[i].address.data, addr->length); cred->addresses[i] = addr; } @@ -378,49 +428,69 @@ make_ccred_from_cred(krb5_context context, return 0; -fail: +fail: free_ccred(cred); - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } -static char * -get_cc_name(cc_ccache_t cache) +static cc_int32 +get_cc_name(krb5_acc *a) { cc_string_t name; cc_int32 error; - char *str; - error = (*cache->func->get_name)(cache, &name); + error = (*a->ccache->func->get_name)(a->ccache, &name); if (error) - return NULL; + return error; - str = strdup(name->data); + a->cache_name = strdup(name->data); (*name->func->release)(name); - return str; + if (a->cache_name == NULL) + return ccErrNoMem; + return ccNoError; } -static const char* +static const char* KRB5_CALLCONV acc_get_name(krb5_context context, krb5_ccache id) { krb5_acc *a = ACACHE(id); - static char n[255]; - char *name; + int32_t error; - name = get_cc_name(a->ccache); - if (name == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return NULL; + if (a->cache_name == NULL) { + krb5_error_code ret; + krb5_principal principal; + char *name; + + ret = _krb5_get_default_principal_local(context, &principal); + if (ret) + return NULL; + + ret = krb5_unparse_name(context, principal, &name); + krb5_free_principal(context, principal); + if (ret) + return NULL; + + error = (*a->context->func->create_new_ccache)(a->context, + cc_credentials_v5, + name, + &a->ccache); + krb5_xfree(name); + if (error) + return NULL; + + error = get_cc_name(a); + if (error) + return NULL; } - strlcpy(n, name, sizeof(n)); - free(name); - return n; + + return a->cache_name; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_alloc(krb5_context context, krb5_ccache *id) { krb5_error_code ret; @@ -433,10 +503,10 @@ acc_alloc(krb5_context context, krb5_ccache *id) ret = krb5_data_alloc(&(*id)->data, sizeof(*a)); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } - + a = ACACHE(*id); error = (*init_func)(&a->context, ccapi_version_3, NULL, NULL); @@ -450,7 +520,7 @@ acc_alloc(krb5_context context, krb5_ccache *id) return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_resolve(krb5_context context, krb5_ccache *id, const char *res) { krb5_error_code ret; @@ -463,20 +533,25 @@ acc_resolve(krb5_context context, krb5_ccache *id, const char *res) a = ACACHE(*id); - error = (*a->context->func->open_ccache)(a->context, res, - &a->ccache); - if (error == 0) { - a->cache_name = get_cc_name(a->ccache); - if (a->cache_name == NULL) { + error = (*a->context->func->open_ccache)(a->context, res, &a->ccache); + if (error == ccNoError) { + cc_time_t offset; + error = get_cc_name(a); + if (error != ccNoError) { acc_close(context, *id); *id = NULL; - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; + return translate_cc_error(context, error); } + + error = (*a->ccache->func->get_kdc_time_offset)(a->ccache, + cc_credentials_v5, + &offset); + if (error == 0) + context->kdc_sec_offset = offset; + } else if (error == ccErrCCacheNotFound) { a->ccache = NULL; a->cache_name = NULL; - error = 0; } else { *id = NULL; return translate_cc_error(context, error); @@ -485,7 +560,7 @@ acc_resolve(krb5_context context, krb5_ccache *id, const char *res) return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_gen_new(krb5_context context, krb5_ccache *id) { krb5_error_code ret; @@ -503,7 +578,7 @@ acc_gen_new(krb5_context context, krb5_ccache *id) return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_initialize(krb5_context context, krb5_ccache id, krb5_principal primary_principal) @@ -517,16 +592,47 @@ acc_initialize(krb5_context context, if (ret) return ret; - error = (*a->context->func->create_new_ccache)(a->context, - cc_credentials_v5, - name, - &a->ccache); - free(name); + if (a->cache_name == NULL) { + error = (*a->context->func->create_new_ccache)(a->context, + cc_credentials_v5, + name, + &a->ccache); + free(name); + if (error == ccNoError) + error = get_cc_name(a); + } else { + cc_credentials_iterator_t iter; + cc_credentials_t ccred; + + error = (*a->ccache->func->new_credentials_iterator)(a->ccache, &iter); + if (error) { + free(name); + return translate_cc_error(context, error); + } + + while (1) { + error = (*iter->func->next)(iter, &ccred); + if (error) + break; + (*a->ccache->func->remove_credentials)(a->ccache, ccred); + (*ccred->func->release)(ccred); + } + (*iter->func->release)(iter); + + error = (*a->ccache->func->set_principal)(a->ccache, + cc_credentials_v5, + name); + } + + if (error == 0 && context->kdc_sec_offset) + error = (*a->ccache->func->set_kdc_time_offset)(a->ccache, + cc_credentials_v5, + context->kdc_sec_offset); return translate_cc_error(context, error); } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_close(krb5_context context, krb5_ccache id) { @@ -540,13 +646,15 @@ acc_close(krb5_context context, free(a->cache_name); a->cache_name = NULL; } - (*a->context->func->release)(a->context); - a->context = NULL; + if (a->context) { + (*a->context->func->release)(a->context); + a->context = NULL; + } krb5_data_free(&id->data); return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_destroy(krb5_context context, krb5_ccache id) { @@ -564,7 +672,7 @@ acc_destroy(krb5_context context, return translate_cc_error(context, error); } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_store_cred(krb5_context context, krb5_ccache id, krb5_creds *creds) @@ -574,16 +682,17 @@ acc_store_cred(krb5_context context, cc_credentials_v5_t v5cred; krb5_error_code ret; cc_int32 error; - + if (a->ccache == NULL) { - krb5_set_error_string(context, "No API credential found"); + krb5_set_error_message(context, KRB5_CC_NOTFOUND, + N_("No API credential found", "")); return KRB5_CC_NOTFOUND; } cred.version = cc_credentials_v5; cred.credentials.credentials_v5 = &v5cred; - ret = make_ccred_from_cred(context, + ret = make_ccred_from_cred(context, creds, &v5cred); if (ret) @@ -598,7 +707,7 @@ acc_store_cred(krb5_context context, return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_get_principal(krb5_context context, krb5_ccache id, krb5_principal *principal) @@ -609,7 +718,8 @@ acc_get_principal(krb5_context context, cc_string_t name; if (a->ccache == NULL) { - krb5_set_error_string(context, "No API credential found"); + krb5_set_error_message(context, KRB5_CC_NOTFOUND, + N_("No API credential found", "")); return KRB5_CC_NOTFOUND; } @@ -618,14 +728,14 @@ acc_get_principal(krb5_context context, &name); if (error) return translate_cc_error(context, error); - + ret = krb5_parse_name(context, name->data, principal); - + (*name->func->release)(name); return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_get_first (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor) @@ -633,15 +743,16 @@ acc_get_first (krb5_context context, cc_credentials_iterator_t iter; krb5_acc *a = ACACHE(id); int32_t error; - + if (a->ccache == NULL) { - krb5_set_error_string(context, "No API credential found"); + krb5_set_error_message(context, KRB5_CC_NOTFOUND, + N_("No API credential found", "")); return KRB5_CC_NOTFOUND; } error = (*a->ccache->func->new_credentials_iterator)(a->ccache, &iter); if (error) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ENOENT; } *cursor = iter; @@ -649,7 +760,7 @@ acc_get_first (krb5_context context, } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_get_next (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor, @@ -669,14 +780,14 @@ acc_get_next (krb5_context context, (*cred->func->release)(cred); } - ret = make_cred_from_ccred(context, + ret = make_cred_from_ccred(context, cred->data->credentials.credentials_v5, creds); (*cred->func->release)(cred); return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_end_get (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor) @@ -686,7 +797,7 @@ acc_end_get (krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_remove_cred(krb5_context context, krb5_ccache id, krb5_flags which, @@ -698,9 +809,10 @@ acc_remove_cred(krb5_context context, krb5_error_code ret; cc_int32 error; char *client, *server; - + if (a->ccache == NULL) { - krb5_set_error_string(context, "No API credential found"); + krb5_set_error_message(context, KRB5_CC_NOTFOUND, + N_("No API credential found", "")); return KRB5_CC_NOTFOUND; } @@ -752,15 +864,16 @@ acc_remove_cred(krb5_context context, (*iter->func->release)(iter); if (ret) - krb5_set_error_string(context, "Can't find credential %s in cache", - server); + krb5_set_error_message(context, ret, + N_("Can't find credential %s in cache", + "principal"), server); free(server); free(client); return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_set_flags(krb5_context context, krb5_ccache id, krb5_flags flags) @@ -768,19 +881,19 @@ acc_set_flags(krb5_context context, return 0; } -static krb5_error_code +static int KRB5_CALLCONV acc_get_version(krb5_context context, krb5_ccache id) { return 0; } - + struct cache_iter { cc_context_t context; cc_ccache_iterator_t iter; }; -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_get_cache_first(krb5_context context, krb5_cc_cursor *cursor) { struct cache_iter *iter; @@ -793,7 +906,7 @@ acc_get_cache_first(krb5_context context, krb5_cc_cursor *cursor) iter = calloc(1, sizeof(*iter)); if (iter == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } @@ -807,14 +920,14 @@ acc_get_cache_first(krb5_context context, krb5_cc_cursor *cursor) &iter->iter); if (error) { free(iter); - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ENOENT; } *cursor = iter; return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_get_cache_next(krb5_context context, krb5_cc_cursor cursor, krb5_ccache *id) { struct cache_iter *iter = cursor; @@ -843,17 +956,16 @@ acc_get_cache_next(krb5_context context, krb5_cc_cursor cursor, krb5_ccache *id) a = ACACHE(*id); a->ccache = cache; - a->cache_name = get_cc_name(a->ccache); - if (a->cache_name == NULL) { + error = get_cc_name(a); + if (error) { acc_close(context, *id); *id = NULL; - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } + return translate_cc_error(context, error); + } return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_end_cache_get(krb5_context context, krb5_cc_cursor cursor) { struct cache_iter *iter = cursor; @@ -866,7 +978,7 @@ acc_end_cache_get(krb5_context context, krb5_cc_cursor cursor) return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV acc_move(krb5_context context, krb5_ccache from, krb5_ccache to) { krb5_acc *afrom = ACACHE(from); @@ -881,7 +993,7 @@ acc_move(krb5_context context, krb5_ccache from, krb5_ccache to) &name); if (error) return translate_cc_error(context, error); - + error = (*ato->context->func->create_new_ccache)(ato->context, cc_credentials_v5, name->data, @@ -891,13 +1003,15 @@ acc_move(krb5_context context, krb5_ccache from, krb5_ccache to) return translate_cc_error(context, error); } - error = (*ato->ccache->func->move)(afrom->ccache, ato->ccache); + + acc_destroy(context, from); + return translate_cc_error(context, error); } -static krb5_error_code -acc_default_name(krb5_context context, char **str) +static krb5_error_code KRB5_CALLCONV +acc_get_default_name(krb5_context context, char **str) { krb5_error_code ret; cc_context_t cc; @@ -917,18 +1031,58 @@ acc_default_name(krb5_context context, char **str) (*cc->func->release)(cc); return translate_cc_error(context, error); } - - asprintf(str, "API:%s", name->data); + + error = asprintf(str, "API:%s", name->data); (*name->func->release)(name); (*cc->func->release)(cc); - if (*str == NULL) { - krb5_set_error_string(context, "out of memory"); + if (error < 0 || *str == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } return 0; } +static krb5_error_code KRB5_CALLCONV +acc_set_default(krb5_context context, krb5_ccache id) +{ + krb5_acc *a = ACACHE(id); + cc_int32 error; + + if (a->ccache == NULL) { + krb5_set_error_message(context, KRB5_CC_NOTFOUND, + N_("No API credential found", "")); + return KRB5_CC_NOTFOUND; + } + + error = (*a->ccache->func->set_default)(a->ccache); + if (error) + return translate_cc_error(context, error); + + return 0; +} + +static krb5_error_code KRB5_CALLCONV +acc_lastchange(krb5_context context, krb5_ccache id, krb5_timestamp *mtime) +{ + krb5_acc *a = ACACHE(id); + cc_int32 error; + cc_time_t t; + + if (a->ccache == NULL) { + krb5_set_error_message(context, KRB5_CC_NOTFOUND, + N_("No API credential found", "")); + return KRB5_CC_NOTFOUND; + } + + error = (*a->ccache->func->get_change_time)(a->ccache, &t); + if (error) + return translate_cc_error(context, error); + + *mtime = t; + + return 0; +} /** * Variable containing the API based credential cache implemention. @@ -936,7 +1090,8 @@ acc_default_name(krb5_context context, char **str) * @ingroup krb5_ccache */ -const krb5_cc_ops krb5_acc_ops = { +KRB5_LIB_VARIABLE const krb5_cc_ops krb5_acc_ops = { + KRB5_CC_OPS_VERSION, "API", acc_get_name, acc_resolve, @@ -957,5 +1112,11 @@ const krb5_cc_ops krb5_acc_ops = { acc_get_cache_next, acc_end_cache_get, acc_move, - acc_default_name + acc_get_default_name, + acc_set_default, + acc_lastchange, + NULL, + NULL, }; + +#endif diff --git a/lib/krb5/acl.c b/lib/krb5/acl.c index cab68367f80a..c94aae361b8e 100644 --- a/lib/krb5/acl.c +++ b/lib/krb5/acl.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2000 - 2002, 2004 Kungliga Tekniska Högskolan + * Copyright (c) 2000 - 2002, 2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -34,8 +34,6 @@ #include "krb5_locl.h" #include -RCSID("$Id: acl.c 22119 2007-12-03 22:02:48Z lha $"); - struct acl_field { enum { acl_string, acl_fnmatch, acl_retval } type; union { @@ -83,7 +81,8 @@ acl_parse_format(krb5_context context, for(p = format; *p != '\0'; p++) { tmp = malloc(sizeof(*tmp)); if(tmp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); acl_free_list(acl, 0); return ENOMEM; } @@ -98,8 +97,9 @@ acl_parse_format(krb5_context context, tmp->u.retv = va_arg(ap, char **); *tmp->u.retv = NULL; } else { - krb5_set_error_string(context, "acl_parse_format: " - "unknown format specifier %c", *p); + krb5_set_error_message(context, EINVAL, + N_("Unknown format specifier %c while " + "parsing ACL", "specifier"), *p); acl_free_list(acl, 0); free(tmp); return EINVAL; @@ -180,7 +180,7 @@ acl_match_acl(krb5_context context, * * @code * char *s; - * + * * ret = krb5_acl_match_string(context, "foo", "s", "foo"); * if (ret) * krb5_errx(context, 1, "acl didn't match"); @@ -198,7 +198,7 @@ acl_match_acl(krb5_context context, * @ingroup krb5_support */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_acl_match_string(krb5_context context, const char *string, const char *format, @@ -220,11 +220,11 @@ krb5_acl_match_string(krb5_context context, if (found) { return 0; } else { - krb5_set_error_string(context, "ACL did not match"); + krb5_set_error_message(context, EACCES, N_("ACL did not match", "")); return EACCES; } } - + /** * krb5_acl_match_file matches ACL format against each line in a file * using krb5_acl_match_string(). Lines starting with # are treated @@ -241,7 +241,7 @@ krb5_acl_match_string(krb5_context context, * @ingroup krb5_support */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_acl_match_file(krb5_context context, const char *file, const char *format, @@ -257,11 +257,13 @@ krb5_acl_match_file(krb5_context context, f = fopen(file, "r"); if(f == NULL) { int save_errno = errno; - - krb5_set_error_string(context, "open(%s): %s", file, - strerror(save_errno)); + rk_strerror_r(save_errno, buf, sizeof(buf)); + krb5_set_error_message(context, save_errno, + N_("open(%s): %s", "file, errno"), + file, buf); return save_errno; } + rk_cloexec_file(f); va_start(ap, format); ret = acl_parse_format(context, &acl, format, ap); @@ -287,7 +289,7 @@ krb5_acl_match_file(krb5_context context, if (found) { return 0; } else { - krb5_set_error_string(context, "ACL did not match"); + krb5_set_error_message(context, EACCES, N_("ACL did not match", "")); return EACCES; } } diff --git a/lib/krb5/add_et_list.c b/lib/krb5/add_et_list.c index a6005c685903..082014e107a7 100644 --- a/lib/krb5/add_et_list.c +++ b/lib/krb5/add_et_list.c @@ -1,47 +1,53 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: add_et_list.c 13713 2004-04-13 14:33:45Z lha $"); - -/* +/** * Add a specified list of error messages to the et list in context. * Call func (probably a comerr-generated function) with a pointer to * the current et_list. + * + * @param context A kerberos context. + * @param func The generated com_err et function. + * + * @return Returns 0 to indicate success. Otherwise an kerberos et + * error code is returned, see krb5_get_error_message(). + * + * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_et_list (krb5_context context, void (*func)(struct et_list **)) { diff --git a/lib/krb5/addr_families.c b/lib/krb5/addr_families.c index f364f5974d47..5d321a7e917d 100644 --- a/lib/krb5/addr_families.c +++ b/lib/krb5/addr_families.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: addr_families.c 22039 2007-11-10 11:47:35Z lha $"); - struct addr_operations { int af; krb5_address_type atype; @@ -46,14 +44,15 @@ struct addr_operations { void (*h_addr2sockaddr)(const char *, struct sockaddr *, krb5_socklen_t *, int); krb5_error_code (*h_addr2addr)(const char *, krb5_address *); krb5_boolean (*uninteresting)(const struct sockaddr *); + krb5_boolean (*is_loopback)(const struct sockaddr *); void (*anyaddr)(struct sockaddr *, krb5_socklen_t *, int); int (*print_addr)(const krb5_address *, char *, size_t); int (*parse_addr)(krb5_context, const char*, krb5_address *); int (*order_addr)(krb5_context, const krb5_address*, const krb5_address*); int (*free_addr)(krb5_context, krb5_address*); int (*copy_addr)(krb5_context, const krb5_address*, krb5_address*); - int (*mask_boundary)(krb5_context, const krb5_address*, unsigned long, - krb5_address*, krb5_address*); + int (*mask_boundary)(krb5_context, const krb5_address*, unsigned long, + krb5_address*, krb5_address*); }; /* @@ -138,6 +137,17 @@ ipv4_uninteresting (const struct sockaddr *sa) return FALSE; } +static krb5_boolean +ipv4_is_loopback (const struct sockaddr *sa) +{ + const struct sockaddr_in *sin4 = (const struct sockaddr_in *)sa; + + if ((ntohl(sin4->sin_addr.s_addr) >> 24) == IN_LOOPBACKNET) + return TRUE; + + return FALSE; +} + static void ipv4_anyaddr (struct sockaddr *sa, krb5_socklen_t *sa_size, int port) { @@ -177,16 +187,8 @@ ipv4_parse_addr (krb5_context context, const char *address, krb5_address *addr) return -1; } else p = address; -#ifdef HAVE_INET_ATON if(inet_aton(p, &a) == 0) return -1; -#elif defined(HAVE_INET_ADDR) - a.s_addr = inet_addr(p); - if(a.s_addr == INADDR_NONE) - return -1; -#else - return -1; -#endif addr->addr_type = KRB5_ADDRESS_INET; if(krb5_data_alloc(&addr->address, 4) != 0) return -1; @@ -202,7 +204,8 @@ ipv4_mask_boundary(krb5_context context, const krb5_address *inaddr, uint32_t l, h, m = 0xffffffff; if (len > 32) { - krb5_set_error_string(context, "IPv4 prefix too large (%ld)", len); + krb5_set_error_message(context, KRB5_PROG_ATYPE_NOSUPP, + N_("IPv4 prefix too large (%ld)", "len"), len); return KRB5_PROG_ATYPE_NOSUPP; } m = m << (32 - len); @@ -310,7 +313,7 @@ ipv6_h_addr2addr (const char *addr, } /* - * + * */ static krb5_boolean @@ -318,12 +321,20 @@ ipv6_uninteresting (const struct sockaddr *sa) { const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; const struct in6_addr *in6 = (const struct in6_addr *)&sin6->sin6_addr; - - return - IN6_IS_ADDR_LINKLOCAL(in6) + + return IN6_IS_ADDR_LINKLOCAL(in6) || IN6_IS_ADDR_V4COMPAT(in6); } +static krb5_boolean +ipv6_is_loopback (const struct sockaddr *sa) +{ + const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; + const struct in6_addr *in6 = (const struct in6_addr *)&sin6->sin6_addr; + + return (IN6_IS_ADDR_LOOPBACK(in6)); +} + static void ipv6_anyaddr (struct sockaddr *sa, krb5_socklen_t *sa_size, int port) { @@ -340,12 +351,10 @@ static int ipv6_print_addr (const krb5_address *addr, char *str, size_t len) { char buf[128], buf2[3]; -#ifdef HAVE_INET_NTOP if(inet_ntop(AF_INET6, addr->address.data, buf, sizeof(buf)) == NULL) -#endif { /* XXX this is pretty ugly, but better than abort() */ - int i; + size_t i; unsigned char *p = addr->address.data; buf[0] = '\0'; for(i = 0; i < addr->address.length; i++) { @@ -395,12 +404,14 @@ ipv6_mask_boundary(krb5_context context, const krb5_address *inaddr, int i, sub_len; if (len > 128) { - krb5_set_error_string(context, "IPv6 prefix too large (%ld)", len); + krb5_set_error_message(context, KRB5_PROG_ATYPE_NOSUPP, + N_("IPv6 prefix too large (%ld)", "length"), len); return KRB5_PROG_ATYPE_NOSUPP; } if (inaddr->address.length != sizeof(addr)) { - krb5_set_error_string(context, "IPv6 addr bad length"); + krb5_set_error_message(context, KRB5_PROG_ATYPE_NOSUPP, + N_("IPv6 addr bad length", "")); return KRB5_PROG_ATYPE_NOSUPP; } @@ -410,7 +421,7 @@ ipv6_mask_boundary(krb5_context context, const krb5_address *inaddr, sub_len = min(8, len); m = 0xff << (8 - sub_len); - + laddr.s6_addr[i] = addr.s6_addr[i] & m; haddr.s6_addr[i] = (addr.s6_addr[i] & m) | ~m; @@ -437,6 +448,8 @@ ipv6_mask_boundary(krb5_context context, const krb5_address *inaddr, #endif /* IPv6 */ +#ifndef HEIMDAL_SMALLER + /* * table */ @@ -449,17 +462,17 @@ struct arange { }; static int -arange_parse_addr (krb5_context context, +arange_parse_addr (krb5_context context, const char *address, krb5_address *addr) { char buf[1024], *p; krb5_address low0, high0; struct arange *a; krb5_error_code ret; - + if(strncasecmp(address, "RANGE:", 6) != 0) return -1; - + address += 6; p = strrchr(address, '/'); @@ -478,7 +491,7 @@ arange_parse_addr (krb5_context context, krb5_free_addresses(context, &addrmask); return -1; } - + address += p - address + 1; num = strtol(address, &q, 10); @@ -495,7 +508,7 @@ arange_parse_addr (krb5_context context, } else { krb5_addresses low, high; - + strsep_copy(&address, "-", buf, sizeof(buf)); ret = krb5_parse_address(context, buf, &low); if(ret) @@ -504,14 +517,14 @@ arange_parse_addr (krb5_context context, krb5_free_addresses(context, &low); return -1; } - + strsep_copy(&address, "-", buf, sizeof(buf)); ret = krb5_parse_address(context, buf, &high); if(ret) { krb5_free_addresses(context, &low); return ret; } - + if(high.len != 1 && high.val[0].addr_type != low.val[0].addr_type) { krb5_free_addresses(context, &low); krb5_free_addresses(context, &high); @@ -557,7 +570,7 @@ arange_free (krb5_context context, krb5_address *addr) static int -arange_copy (krb5_context context, const krb5_address *inaddr, +arange_copy (krb5_context context, const krb5_address *inaddr, krb5_address *outaddr) { krb5_error_code ret; @@ -597,7 +610,7 @@ arange_print_addr (const krb5_address *addr, char *str, size_t len) if (l > len) l = len; size = l; - + ret = krb5_print_address (&a->low, str + size, len - size, &l); if (ret) return ret; @@ -623,8 +636,8 @@ arange_print_addr (const krb5_address *addr, char *str, size_t len) } static int -arange_order_addr(krb5_context context, - const krb5_address *addr1, +arange_order_addr(krb5_context context, + const krb5_address *addr1, const krb5_address *addr2) { int tmp1, tmp2, sign; @@ -639,9 +652,11 @@ arange_order_addr(krb5_context context, a = addr2->address.data; a2 = addr1; sign = -1; - } else + } else { abort(); - + UNREACHABLE(return 0); + } + if(a2->addr_type == KRB5_ADDRESS_ARANGE) { struct arange *b = a2->address.data; tmp1 = krb5_address_order(context, &a->low, &b->low); @@ -661,6 +676,8 @@ arange_order_addr(krb5_context context, } } +#endif /* HEIMDAL_SMALLER */ + static int addrport_print_addr (const krb5_address *addr, char *str, size_t len) { @@ -671,6 +688,9 @@ addrport_print_addr (const krb5_address *addr, char *str, size_t len) krb5_storage *sp; sp = krb5_storage_from_data((krb5_data*)rk_UNCONST(&addr->address)); + if (sp == NULL) + return ENOMEM; + /* for totally obscure reasons, these are not in network byteorder */ krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE); @@ -709,32 +729,78 @@ addrport_print_addr (const krb5_address *addr, char *str, size_t len) } static struct addr_operations at[] = { - {AF_INET, KRB5_ADDRESS_INET, sizeof(struct sockaddr_in), - ipv4_sockaddr2addr, - ipv4_sockaddr2port, - ipv4_addr2sockaddr, - ipv4_h_addr2sockaddr, - ipv4_h_addr2addr, - ipv4_uninteresting, ipv4_anyaddr, ipv4_print_addr, ipv4_parse_addr, - NULL, NULL, NULL, ipv4_mask_boundary }, + { + AF_INET, KRB5_ADDRESS_INET, sizeof(struct sockaddr_in), + ipv4_sockaddr2addr, + ipv4_sockaddr2port, + ipv4_addr2sockaddr, + ipv4_h_addr2sockaddr, + ipv4_h_addr2addr, + ipv4_uninteresting, + ipv4_is_loopback, + ipv4_anyaddr, + ipv4_print_addr, + ipv4_parse_addr, + NULL, + NULL, + NULL, + ipv4_mask_boundary + }, #ifdef HAVE_IPV6 - {AF_INET6, KRB5_ADDRESS_INET6, sizeof(struct sockaddr_in6), - ipv6_sockaddr2addr, - ipv6_sockaddr2port, - ipv6_addr2sockaddr, - ipv6_h_addr2sockaddr, - ipv6_h_addr2addr, - ipv6_uninteresting, ipv6_anyaddr, ipv6_print_addr, ipv6_parse_addr, - NULL, NULL, NULL, ipv6_mask_boundary } , + { + AF_INET6, KRB5_ADDRESS_INET6, sizeof(struct sockaddr_in6), + ipv6_sockaddr2addr, + ipv6_sockaddr2port, + ipv6_addr2sockaddr, + ipv6_h_addr2sockaddr, + ipv6_h_addr2addr, + ipv6_uninteresting, + ipv6_is_loopback, + ipv6_anyaddr, + ipv6_print_addr, + ipv6_parse_addr, + NULL, + NULL, + NULL, + ipv6_mask_boundary + } , #endif - {KRB5_ADDRESS_ADDRPORT, KRB5_ADDRESS_ADDRPORT, 0, - NULL, NULL, NULL, NULL, NULL, - NULL, NULL, addrport_print_addr, NULL, NULL, NULL, NULL }, +#ifndef HEIMDAL_SMALLER /* fake address type */ - {KRB5_ADDRESS_ARANGE, KRB5_ADDRESS_ARANGE, sizeof(struct arange), - NULL, NULL, NULL, NULL, NULL, NULL, NULL, - arange_print_addr, arange_parse_addr, - arange_order_addr, arange_free, arange_copy } + { + KRB5_ADDRESS_ARANGE, KRB5_ADDRESS_ARANGE, sizeof(struct arange), + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + arange_print_addr, + arange_parse_addr, + arange_order_addr, + arange_free, + arange_copy, + NULL + }, +#endif + { + KRB5_ADDRESS_ADDRPORT, KRB5_ADDRESS_ADDRPORT, 0, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + addrport_print_addr, + NULL, + NULL, + NULL, + NULL + } }; static int num_addrs = sizeof(at) / sizeof(at[0]); @@ -757,7 +823,7 @@ find_af(int af) } static struct addr_operations * -find_atype(int atype) +find_atype(krb5_address_type atype) { struct addr_operations *a; @@ -769,7 +835,7 @@ find_atype(int atype) /** * krb5_sockaddr2address stores a address a "struct sockaddr" sa in - * the krb5_address addr. + * the krb5_address addr. * * @param context a Keberos context * @param sa a struct sockaddr to extract the address from @@ -780,14 +846,15 @@ find_atype(int atype) * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sockaddr2address (krb5_context context, const struct sockaddr *sa, krb5_address *addr) { struct addr_operations *a = find_af(sa->sa_family); if (a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", - sa->sa_family); + krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP, + N_("Address family %d not supported", ""), + sa->sa_family); return KRB5_PROG_ATYPE_NOSUPP; } return (*a->sockaddr2addr)(sa, addr); @@ -807,14 +874,15 @@ krb5_sockaddr2address (krb5_context context, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sockaddr2port (krb5_context context, const struct sockaddr *sa, int16_t *port) { struct addr_operations *a = find_af(sa->sa_family); if (a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", - sa->sa_family); + krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP, + N_("Address family %d not supported", ""), + sa->sa_family); return KRB5_PROG_ATYPE_NOSUPP; } return (*a->sockaddr2port)(sa, port); @@ -841,7 +909,7 @@ krb5_sockaddr2port (krb5_context context, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_addr2sockaddr (krb5_context context, const krb5_address *addr, struct sockaddr *sa, @@ -851,14 +919,17 @@ krb5_addr2sockaddr (krb5_context context, struct addr_operations *a = find_atype(addr->addr_type); if (a == NULL) { - krb5_set_error_string (context, "Address type %d not supported", - addr->addr_type); + krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP, + N_("Address type %d not supported", + "krb5_address type"), + addr->addr_type); return KRB5_PROG_ATYPE_NOSUPP; } if (a->addr2sockaddr == NULL) { - krb5_set_error_string (context, - "Can't convert address type %d to sockaddr", - addr->addr_type); + krb5_set_error_message (context, + KRB5_PROG_ATYPE_NOSUPP, + N_("Can't convert address type %d to sockaddr", ""), + addr->addr_type); return KRB5_PROG_ATYPE_NOSUPP; } (*a->addr2sockaddr)(addr, sa, sa_size, port); @@ -874,7 +945,7 @@ krb5_addr2sockaddr (krb5_context context, * @ingroup krb5_address */ -size_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL krb5_max_sockaddr_size (void) { if (max_sockaddr_size == 0) { @@ -898,7 +969,7 @@ krb5_max_sockaddr_size (void) * @ingroup krb5_address */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_sockaddr_uninteresting(const struct sockaddr *sa) { struct addr_operations *a = find_af(sa->sa_family); @@ -907,6 +978,15 @@ krb5_sockaddr_uninteresting(const struct sockaddr *sa) return (*a->uninteresting)(sa); } +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_sockaddr_is_loopback(const struct sockaddr *sa) +{ + struct addr_operations *a = find_af(sa->sa_family); + if (a == NULL || a->is_loopback == NULL) + return TRUE; + return (*a->is_loopback)(sa); +} + /** * krb5_h_addr2sockaddr initializes a "struct sockaddr sa" from af and * the "struct hostent" (see gethostbyname(3) ) h_addr_list @@ -926,7 +1006,7 @@ krb5_sockaddr_uninteresting(const struct sockaddr *sa) * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_h_addr2sockaddr (krb5_context context, int af, const char *addr, struct sockaddr *sa, @@ -935,7 +1015,8 @@ krb5_h_addr2sockaddr (krb5_context context, { struct addr_operations *a = find_af(af); if (a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", af); + krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP, + "Address family %d not supported", af); return KRB5_PROG_ATYPE_NOSUPP; } (*a->h_addr2sockaddr)(addr, sa, sa_size, port); @@ -956,14 +1037,15 @@ krb5_h_addr2sockaddr (krb5_context context, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_h_addr2addr (krb5_context context, int af, const char *haddr, krb5_address *addr) { struct addr_operations *a = find_af(af); if (a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", af); + krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP, + N_("Address family %d not supported", ""), af); return KRB5_PROG_ATYPE_NOSUPP; } return (*a->h_addr2addr)(haddr, addr); @@ -986,7 +1068,7 @@ krb5_h_addr2addr (krb5_context context, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_anyaddr (krb5_context context, int af, struct sockaddr *sa, @@ -996,7 +1078,8 @@ krb5_anyaddr (krb5_context context, struct addr_operations *a = find_af (af); if (a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", af); + krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP, + N_("Address family %d not supported", ""), af); return KRB5_PROG_ATYPE_NOSUPP; } @@ -1020,8 +1103,8 @@ krb5_anyaddr (krb5_context context, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_print_address (const krb5_address *addr, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_print_address (const krb5_address *addr, char *str, size_t len, size_t *ret_len) { struct addr_operations *a = find_atype(addr->addr_type); @@ -1030,17 +1113,17 @@ krb5_print_address (const krb5_address *addr, if (a == NULL || a->print_addr == NULL) { char *s; int l; - int i; + size_t i; s = str; l = snprintf(s, len, "TYPE_%d:", addr->addr_type); - if (l < 0 || l >= len) + if (l < 0 || (size_t)l >= len) return EINVAL; s += l; len -= l; for(i = 0; i < addr->address.length; i++) { l = snprintf(s, len, "%02x", ((char*)addr->address.data)[i]); - if (l < 0 || l >= len) + if (l < 0 || (size_t)l >= len) return EINVAL; len -= l; s += l; @@ -1070,7 +1153,7 @@ krb5_print_address (const krb5_address *addr, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_address(krb5_context context, const char *string, krb5_addresses *addresses) @@ -1089,7 +1172,8 @@ krb5_parse_address(krb5_context context, if((*at[i].parse_addr)(context, string, &addr) == 0) { ALLOC_SEQ(addresses, 1); if (addresses->val == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } addresses->val[0] = addr; @@ -1100,18 +1184,22 @@ krb5_parse_address(krb5_context context, error = getaddrinfo (string, NULL, NULL, &ai); if (error) { + krb5_error_code ret2; save_errno = errno; - krb5_set_error_string (context, "%s: %s", string, gai_strerror(error)); - return krb5_eai_to_heim_errno(error, save_errno); + ret2 = krb5_eai_to_heim_errno(error, save_errno); + krb5_set_error_message (context, ret2, "%s: %s", + string, gai_strerror(error)); + return ret2; } - + n = 0; for (a = ai; a != NULL; a = a->ai_next) ++n; ALLOC_SEQ(addresses, n); if (addresses->val == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); freeaddrinfo(ai); return ENOMEM; } @@ -1120,10 +1208,12 @@ krb5_parse_address(krb5_context context, for (a = ai, i = 0; a != NULL; a = a->ai_next) { if (krb5_sockaddr2address (context, ai->ai_addr, &addresses->val[i])) continue; - if(krb5_address_search(context, &addresses->val[i], addresses)) + if(krb5_address_search(context, &addresses->val[i], addresses)) { + krb5_free_address(context, &addresses->val[i]); continue; - addresses->len = i; + } i++; + addresses->len = i; } freeaddrinfo (ai); return 0; @@ -1132,7 +1222,7 @@ krb5_parse_address(krb5_context context, /** * krb5_address_order compares the addresses addr1 and addr2 so that * it can be used for sorting addresses. If the addresses are the same - * address krb5_address_order will return 0. Behavies like memcmp(2). + * address krb5_address_order will return 0. Behavies like memcmp(2). * * @param context a Keberos context * @param addr1 krb5_address to compare @@ -1144,7 +1234,7 @@ krb5_parse_address(krb5_context context, * @ingroup krb5_address */ -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_address_order(krb5_context context, const krb5_address *addr1, const krb5_address *addr2) @@ -1152,21 +1242,23 @@ krb5_address_order(krb5_context context, /* this sucks; what if both addresses have order functions, which should we call? this works for now, though */ struct addr_operations *a; - a = find_atype(addr1->addr_type); + a = find_atype(addr1->addr_type); if(a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", - addr1->addr_type); + krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP, + N_("Address family %d not supported", ""), + addr1->addr_type); return KRB5_PROG_ATYPE_NOSUPP; } - if(a->order_addr != NULL) - return (*a->order_addr)(context, addr1, addr2); - a = find_atype(addr2->addr_type); + if(a->order_addr != NULL) + return (*a->order_addr)(context, addr1, addr2); + a = find_atype(addr2->addr_type); if(a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", - addr2->addr_type); + krb5_set_error_message (context, KRB5_PROG_ATYPE_NOSUPP, + N_("Address family %d not supported", ""), + addr2->addr_type); return KRB5_PROG_ATYPE_NOSUPP; } - if(a->order_addr != NULL) + if(a->order_addr != NULL) return (*a->order_addr)(context, addr1, addr2); if(addr1->addr_type != addr2->addr_type) @@ -1191,7 +1283,7 @@ krb5_address_order(krb5_context context, * @ingroup krb5_address */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_address_compare(krb5_context context, const krb5_address *addr1, const krb5_address *addr2) @@ -1212,12 +1304,12 @@ krb5_address_compare(krb5_context context, * @ingroup krb5_address */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_address_search(krb5_context context, const krb5_address *addr, const krb5_addresses *addrlist) { - int i; + size_t i; for (i = 0; i < addrlist->len; ++i) if (krb5_address_compare (context, addr, &addrlist->val[i])) @@ -1237,7 +1329,7 @@ krb5_address_search(krb5_context context, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_address(krb5_context context, krb5_address *address) { @@ -1261,11 +1353,11 @@ krb5_free_address(krb5_context context, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_addresses(krb5_context context, krb5_addresses *addresses) { - int i; + size_t i; for(i = 0; i < addresses->len; i++) krb5_free_address(context, &addresses->val[i]); free(addresses->val); @@ -1287,7 +1379,7 @@ krb5_free_addresses(krb5_context context, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_address(krb5_context context, const krb5_address *inaddr, krb5_address *outaddr) @@ -1311,12 +1403,12 @@ krb5_copy_address(krb5_context context, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_addresses(krb5_context context, const krb5_addresses *inaddr, krb5_addresses *outaddr) { - int i; + size_t i; ALLOC_SEQ(outaddr, inaddr->len); if(inaddr->len > 0 && outaddr->val == NULL) return ENOMEM; @@ -1338,18 +1430,19 @@ krb5_copy_addresses(krb5_context context, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_append_addresses(krb5_context context, krb5_addresses *dest, const krb5_addresses *source) { krb5_address *tmp; krb5_error_code ret; - int i; + size_t i; if(source->len > 0) { tmp = realloc(dest->val, (dest->len + source->len) * sizeof(*tmp)); if(tmp == NULL) { - krb5_set_error_string(context, "realloc: out of memory"); + krb5_set_error_message (context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } dest->val = tmp; @@ -1357,8 +1450,8 @@ krb5_append_addresses(krb5_context context, /* skip duplicates */ if(krb5_address_search(context, &source->val[i], dest)) continue; - ret = krb5_copy_address(context, - &source->val[i], + ret = krb5_copy_address(context, + &source->val[i], &dest->val[dest->len]); if(ret) return ret; @@ -1381,7 +1474,7 @@ krb5_append_addresses(krb5_context context, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_make_addrport (krb5_context context, krb5_address **res, const krb5_address *addr, int16_t port) { @@ -1391,13 +1484,15 @@ krb5_make_addrport (krb5_context context, *res = malloc (sizeof(**res)); if (*res == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } (*res)->addr_type = KRB5_ADDRESS_ADDRPORT; ret = krb5_data_alloc (&(*res)->address, len); if (ret) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message (context, ret, + N_("malloc: out of memory", "")); free (*res); *res = NULL; return ret; @@ -1427,7 +1522,6 @@ krb5_make_addrport (krb5_context context, *p++ = (2 >> 24) & 0xFF; memcpy (p, &port, 2); - p += 2; return 0; } @@ -1447,7 +1541,7 @@ krb5_make_addrport (krb5_context context, * @ingroup krb5_address */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_address_prefixlen_boundary(krb5_context context, const krb5_address *inaddr, unsigned long prefixlen, @@ -1457,7 +1551,9 @@ krb5_address_prefixlen_boundary(krb5_context context, struct addr_operations *a = find_atype (inaddr->addr_type); if(a != NULL && a->mask_boundary != NULL) return (*a->mask_boundary)(context, inaddr, prefixlen, low, high); - krb5_set_error_string(context, "Address family %d doesn't support " - "address mask operation", inaddr->addr_type); + krb5_set_error_message(context, KRB5_PROG_ATYPE_NOSUPP, + N_("Address family %d doesn't support " + "address mask operation", ""), + inaddr->addr_type); return KRB5_PROG_ATYPE_NOSUPP; } diff --git a/lib/krb5/aes-test.c b/lib/krb5/aes-test.c index 82b3431add54..19b0ddd07502 100644 --- a/lib/krb5/aes-test.c +++ b/lib/krb5/aes-test.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -33,13 +33,12 @@ #include "krb5_locl.h" #include #include +#include #ifdef HAVE_OPENSSL #include #endif -RCSID("$Id: aes-test.c 18301 2006-10-07 13:50:34Z lha $"); - static int verbose = 0; static void @@ -62,16 +61,16 @@ struct { char *pbkdf2; char *key; } keys[] = { - { + { "password", "ATHENA.MIT.EDUraeburn", -1, - 1, + 1, ETYPE_AES128_CTS_HMAC_SHA1_96, 16, "\xcd\xed\xb5\x28\x1b\xb2\xf8\x01\x56\x5a\x11\x22\xb2\x56\x35\x15", "\x42\x26\x3c\x6e\x89\xf4\xfc\x28\xb8\xdf\x68\xee\x09\x79\x9f\x15" }, { "password", "ATHENA.MIT.EDUraeburn", -1, - 1, + 1, ETYPE_AES256_CTS_HMAC_SHA1_96, 32, "\xcd\xed\xb5\x28\x1b\xb2\xf8\x01\x56\x5a\x11\x22\xb2\x56\x35\x15" "\x0a\xd1\xf7\xa0\x4b\xb9\xf3\xa3\x33\xec\xc0\xe2\xe1\xf7\x08\x37", @@ -87,7 +86,7 @@ struct { }, { "password", "ATHENA.MIT.EDUraeburn", -1, - 2, + 2, ETYPE_AES256_CTS_HMAC_SHA1_96, 32, "\x01\xdb\xee\x7f\x4a\x9e\x24\x3e\x98\x8b\x62\xc7\x3c\xda\x93\x5d" "\xa0\x53\x78\xb9\x32\x44\xec\x8f\x48\xa9\x9e\x61\xad\x79\x9d\x86", @@ -96,14 +95,14 @@ struct { }, { "password", "ATHENA.MIT.EDUraeburn", -1, - 1200, + 1200, ETYPE_AES128_CTS_HMAC_SHA1_96, 16, "\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b", "\x4c\x01\xcd\x46\xd6\x32\xd0\x1e\x6d\xbe\x23\x0a\x01\xed\x64\x2a" }, { "password", "ATHENA.MIT.EDUraeburn", -1, - 1200, + 1200, ETYPE_AES256_CTS_HMAC_SHA1_96, 32, "\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b" "\xa7\xe5\x2d\xdb\xc5\xe5\x14\x2f\x70\x8a\x31\xe2\xe6\x2b\x1e\x13", @@ -180,14 +179,14 @@ struct { "\x57\x18\x48\xb7\x84\xa3\xd6\xbd\xc3\x46\x58\x9a\x3e\x39\x3f\x9e" }, { - "foo", "", -1, + "foo", "", -1, 0, ETYPE_ARCFOUR_HMAC_MD5, 16, NULL, "\xac\x8e\x65\x7f\x83\xdf\x82\xbe\xea\x5d\x43\xbd\xaf\x78\x00\xcc" }, { - "test", "", -1, + "test", "", -1, 0, ETYPE_ARCFOUR_HMAC_MD5, 16, NULL, @@ -215,11 +214,11 @@ string_to_key_test(krb5_context context) salt.saltvalue.length = strlen(salt.saltvalue.data); else salt.saltvalue.length = keys[i].saltlen; - + opaque.data = iter; opaque.length = sizeof(iter); _krb5_put_int(iter, keys[i].iterations, 4); - + if (keys[i].pbkdf2) { unsigned char keyout[32]; @@ -228,15 +227,15 @@ string_to_key_test(krb5_context context) PKCS5_PBKDF2_HMAC_SHA1(password.data, password.length, salt.saltvalue.data, salt.saltvalue.length, - keys[i].iterations, + keys[i].iterations, keys[i].keylen, keyout); - + if (memcmp(keyout, keys[i].pbkdf2, keys[i].keylen) != 0) { krb5_warnx(context, "%d: pbkdf2", i); val = 1; continue; } - + if (verbose) { printf("PBKDF2:\n"); hex_dump_data(keyout, keys[i].keylen); @@ -248,31 +247,31 @@ string_to_key_test(krb5_context context) ret = krb5_string_to_key_data_salt_opaque (context, keys[i].enctype, - password, - salt, - opaque, + password, + salt, + opaque, &key); if (ret) { - krb5_warn(context, ret, "%d: string_to_key_data_salt_opaque", + krb5_warn(context, ret, "%d: string_to_key_data_salt_opaque", i); val = 1; continue; } - + if (key.keyvalue.length != keys[i].keylen) { krb5_warnx(context, "%d: key wrong length (%lu/%lu)", - i, (unsigned long)key.keyvalue.length, + i, (unsigned long)key.keyvalue.length, (unsigned long)keys[i].keylen); val = 1; continue; } - + if (memcmp(key.keyvalue.data, keys[i].key, keys[i].keylen) != 0) { krb5_warnx(context, "%d: key wrong", i); val = 1; continue; } - + if (verbose) { printf("key:\n"); hex_dump_data(key.keyvalue.data, key.keyvalue.length); @@ -283,295 +282,11 @@ string_to_key_test(krb5_context context) return val; } -struct enc_test { - size_t len; - char *input; - char *output; - char *nextiv; -}; - -struct enc_test encs1[] = { - { - 17, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20", - "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f" - "\x97", - "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f" - }, - { - 31, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20", - "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22" - "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5", - "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22" - }, - { - 32, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43", - "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8" - "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84", - "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8" - }, - { - 47, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c", - "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84" - "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e" - "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5", - "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e" - }, - { - 48, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20", - "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84" - "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8" - "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8", - "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8" - }, - { - 64, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" - "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e", - "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84" - "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8" - "\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40" - "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8", - "\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40" - } -}; - - -struct enc_test encs2[] = { - { - 17, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20", - "\x5c\x13\x26\x27\xc4\xcb\xca\x04\x14\x43\x8a\xb5\x97\x97\x7c\x10" - "\x16" - }, - { - 31, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20", - "\x16\xb3\xd8\xe5\xcd\x93\xe6\x2c\x28\x70\xa0\x36\x6e\x9a\xb9\x74" - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53" - }, - { - 32, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43", - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - }, - { - 47, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\xe5\x56\xb4\x88\x41\xb9\xde\x27\xf0\x07\xa1\x6e\x89\x94\x47\xf1" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff" - }, - { - 48, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - }, - { - 64, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" - "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62\x27\x67" - "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30" - }, - { - 78, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" - "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e" - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30" - "\x73\xfb\x2c\x36\x76\xaf\xcf\x31\xff\xe3\x8a\x89\x0c\x7e\x99\x3f" - "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62" - }, - { - 83, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" - "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e" - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" - "\x41\x41\x41", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30" - "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62\x27\x67" - "\x65\x39\x3a\xdb\x92\x05\x4d\x4f\x08\xa1\xfa\x59\xda\x56\x58\x0e" - "\x3b\xac\x12" - }, - { - 92, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" - "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e" - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30" - "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62\x27\x67" - "\x0c\xff\xd7\x63\x50\xf8\x4e\xf9\xec\x56\x1c\x79\xc5\xc8\xfe\x50" - "\x3b\xac\x12\x6e\xd3\x2d\x02\xc4\xe5\x06\x43\x5f" - }, - { - 96, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" - "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e" - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30" - "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62\x27\x67" - "\x08\x28\x49\xad\xfc\x2d\x8e\x86\xae\x69\xa5\xa8\xd9\x29\x9e\xe4" - "\x3b\xac\x12\x6e\xd3\x2d\x02\xc4\xe5\x06\x43\x5f\x4c\x41\xd1\xb8" - } -}; - - - -char *aes_key1 = - "\x63\x68\x69\x63\x6b\x65\x6e\x20\x74\x65\x72\x69\x79\x61\x6b\x69"; - -char *aes_key2 = - "\x63\x68\x69\x63\x6b\x65\x6e\x20\x74\x65\x72\x69\x79\x61\x6b\x69" - "\x2c\x20\x79\x75\x6d\x6d\x79\x20\x79\x75\x6d\x6d\x79\x21\x21\x21"; - - -static int -samep(int testn, char *type, const void *pp1, const void *pp2, size_t len) -{ - const unsigned char *p1 = pp1, *p2 = pp2; - size_t i; - int val = 1; - - for (i = 0; i < len; i++) { - if (p1[i] != p2[i]) { - if (verbose) - printf("M"); - val = 0; - } else { - if (verbose) - printf("."); - } - } - if (verbose) - printf("\n"); - return val; -} - -static int -encryption_test(krb5_context context, const void *key, size_t keylen, - struct enc_test *enc, int numenc) -{ - unsigned char iv[AES_BLOCK_SIZE]; - int i, val, failed = 0; - AES_KEY ekey, dkey; - unsigned char *p; - - AES_set_encrypt_key(key, keylen, &ekey); - AES_set_decrypt_key(key, keylen, &dkey); - - for (i = 0; i < numenc; i++) { - val = 0; - - if (verbose) - printf("test: %d\n", i); - memset(iv, 0, sizeof(iv)); - - p = malloc(enc[i].len + 1); - if (p == NULL) - krb5_errx(context, 1, "malloc"); - - p[enc[i].len] = '\0'; - - memcpy(p, enc[i].input, enc[i].len); - - _krb5_aes_cts_encrypt(p, p, enc[i].len, - &ekey, iv, AES_ENCRYPT); - - if (p[enc[i].len] != '\0') { - krb5_warnx(context, "%d: encrypt modified off end", i); - val = 1; - } - - if (!samep(i, "cipher", p, enc[i].output, enc[i].len)) { - krb5_warnx(context, "%d: cipher", i); - val = 1; - } - - if (enc[i].nextiv && !samep(i, "iv", iv, enc[i].nextiv, 16)){ /*XXX*/ - krb5_warnx(context, "%d: iv", i); - val = 1; - } - - memset(iv, 0, sizeof(iv)); - - _krb5_aes_cts_encrypt(p, p, enc[i].len, - &dkey, iv, AES_DECRYPT); - - if (p[enc[i].len] != '\0') { - krb5_warnx(context, "%d: decrypt modified off end", i); - val = 1; - } - - if (!samep(i, "clear", p, enc[i].input, enc[i].len)) - val = 1; - - if (enc[i].nextiv && !samep(i, "iv", iv, enc[i].nextiv, 16)){ /*XXX*/ - krb5_warnx(context, "%d: iv", i); - val = 1; - } - - free(p); - - if (val) { - printf("test %d failed\n", i); - failed = 1; - } - val = 0; - } - return failed; -} - static int krb_enc(krb5_context context, - krb5_crypto crypto, + krb5_crypto crypto, unsigned usage, - krb5_data *cipher, + krb5_data *cipher, krb5_data *clear) { krb5_data decrypt; @@ -602,14 +317,214 @@ krb_enc(krb5_context context, return 0; } +static int +krb_enc_iov2(krb5_context context, + krb5_crypto crypto, + unsigned usage, + size_t cipher_len, + krb5_data *clear) +{ + krb5_crypto_iov iov[4]; + krb5_data decrypt; + int ret; + char *p, *q; + size_t len, i; + + p = clear->data; + len = clear->length; + + iov[0].flags = KRB5_CRYPTO_TYPE_HEADER; + krb5_crypto_length(context, crypto, iov[0].flags, &iov[0].data.length); + iov[0].data.data = emalloc(iov[0].data.length); + + iov[1].flags = KRB5_CRYPTO_TYPE_DATA; + iov[1].data.length = len; + iov[1].data.data = emalloc(iov[1].data.length); + memcpy(iov[1].data.data, p, iov[1].data.length); + + /* padding buffer */ + iov[2].flags = KRB5_CRYPTO_TYPE_PADDING; + krb5_crypto_length(context, crypto, KRB5_CRYPTO_TYPE_PADDING, &iov[2].data.length); + iov[2].data.data = emalloc(iov[2].data.length); + + iov[3].flags = KRB5_CRYPTO_TYPE_TRAILER; + krb5_crypto_length(context, crypto, iov[3].flags, &iov[3].data.length); + iov[3].data.data = emalloc(iov[3].data.length); + + ret = krb5_encrypt_iov_ivec(context, crypto, usage, + iov, sizeof(iov)/sizeof(iov[0]), NULL); + if (ret) + errx(1, "encrypt iov failed: %d", ret); + + /* check len */ + for (i = 0, len = 0; i < sizeof(iov)/sizeof(iov[0]); i++) + len += iov[i].data.length; + if (len != cipher_len) + errx(1, "cipher len wrong"); + + /* + * Plain decrypt + */ + + p = q = emalloc(len); + for (i = 0; i < sizeof(iov)/sizeof(iov[0]); i++) { + memcpy(q, iov[i].data.data, iov[i].data.length); + q += iov[i].data.length; + } + + ret = krb5_decrypt(context, crypto, usage, p, len, &decrypt); + if (ret) + krb5_err(context, 1, ret, "krb5_decrypt"); + else + krb5_data_free(&decrypt); + + free(p); + + /* + * Now decrypt use iov + */ + + /* padding turn into data */ + p = q = emalloc(iov[1].data.length + iov[2].data.length); + + memcpy(q, iov[1].data.data, iov[1].data.length); + q += iov[1].data.length; + memcpy(q, iov[2].data.data, iov[2].data.length); + + free(iov[1].data.data); + free(iov[2].data.data); + + iov[1].data.data = p; + iov[1].data.length += iov[2].data.length; + + iov[2].flags = KRB5_CRYPTO_TYPE_EMPTY; + iov[2].data.length = 0; + + ret = krb5_decrypt_iov_ivec(context, crypto, usage, + iov, sizeof(iov)/sizeof(iov[0]), NULL); + free(iov[0].data.data); + free(iov[3].data.data); + + if (ret) + krb5_err(context, 1, ret, "decrypt iov failed: %d", ret); + + if (clear->length != iov[1].data.length) + errx(1, "length incorrect"); + + p = clear->data; + if (memcmp(iov[1].data.data, p, iov[1].data.length) != 0) + errx(1, "iov[1] incorrect"); + + free(iov[1].data.data); + + return 0; +} + + +static int +krb_enc_iov(krb5_context context, + krb5_crypto crypto, + unsigned usage, + krb5_data *cipher, + krb5_data *clear) +{ + krb5_crypto_iov iov[3]; + int ret; + char *p; + size_t len; + + p = cipher->data; + len = cipher->length; + + iov[0].flags = KRB5_CRYPTO_TYPE_HEADER; + krb5_crypto_length(context, crypto, iov[0].flags, &iov[0].data.length); + iov[0].data.data = emalloc(iov[0].data.length); + memcpy(iov[0].data.data, p, iov[0].data.length); + p += iov[0].data.length; + len -= iov[0].data.length; + + iov[1].flags = KRB5_CRYPTO_TYPE_TRAILER; + krb5_crypto_length(context, crypto, iov[1].flags, &iov[1].data.length); + iov[1].data.data = emalloc(iov[1].data.length); + memcpy(iov[1].data.data, p + len - iov[1].data.length, iov[1].data.length); + len -= iov[1].data.length; + + iov[2].flags = KRB5_CRYPTO_TYPE_DATA; + iov[2].data.length = len; + iov[2].data.data = emalloc(len); + memcpy(iov[2].data.data, p, len); + + ret = krb5_decrypt_iov_ivec(context, crypto, usage, + iov, sizeof(iov)/sizeof(iov[0]), NULL); + if (ret) + krb5_err(context, 1, ret, "krb_enc_iov decrypt iov failed: %d", ret); + + if (clear->length != iov[2].data.length) + errx(1, "length incorrect"); + + p = clear->data; + if (memcmp(iov[2].data.data, p, iov[2].data.length) != 0) + errx(1, "iov[2] incorrect"); + + free(iov[0].data.data); + free(iov[1].data.data); + free(iov[2].data.data); + + + return 0; +} + +static int +krb_checksum_iov(krb5_context context, + krb5_crypto crypto, + unsigned usage, + krb5_data *plain) +{ + krb5_crypto_iov iov[4]; + int ret; + char *p; + size_t len; + + p = plain->data; + len = plain->length; + + iov[0].flags = KRB5_CRYPTO_TYPE_CHECKSUM; + krb5_crypto_length(context, crypto, iov[0].flags, &iov[0].data.length); + iov[0].data.data = emalloc(iov[0].data.length); + + iov[1].flags = KRB5_CRYPTO_TYPE_DATA; + iov[1].data.length = len; + iov[1].data.data = p; + + iov[2].flags = KRB5_CRYPTO_TYPE_TRAILER; + krb5_crypto_length(context, crypto, iov[0].flags, &iov[2].data.length); + iov[2].data.data = malloc(iov[2].data.length); + + ret = krb5_create_checksum_iov(context, crypto, usage, + iov, sizeof(iov)/sizeof(iov[0]), NULL); + if (ret) + krb5_err(context, 1, ret, "krb5_create_checksum_iov failed"); + + ret = krb5_verify_checksum_iov(context, crypto, usage, iov, sizeof(iov)/sizeof(iov[0]), NULL); + if (ret) + krb5_err(context, 1, ret, "krb5_verify_checksum_iov"); + + free(iov[0].data.data); + free(iov[2].data.data); + + return 0; +} + + static int krb_enc_mit(krb5_context context, krb5_enctype enctype, krb5_keyblock *key, unsigned usage, - krb5_data *cipher, + krb5_data *cipher, krb5_data *clear) { +#ifndef HEIMDAL_SMALLER krb5_error_code ret; krb5_enc_data e; krb5_data decrypt; @@ -640,7 +555,7 @@ krb_enc_mit(krb5_context context, (unsigned long)len, (unsigned long)cipher->length); return EINVAL; } - +#endif /* HEIMDAL_SMALLER */ return 0; } @@ -655,10 +570,10 @@ struct { size_t plen; void *pdata; } krbencs[] = { - { + { ETYPE_AES256_CTS_HMAC_SHA1_96, 7, - 32, + 32, "\x47\x75\x69\x64\x65\x6c\x69\x6e\x65\x73\x20\x74\x6f\x20\x41\x75" "\x74\x68\x6f\x72\x73\x20\x6f\x66\x20\x49\x6e\x74\x65\x72\x6e\x65", 44, @@ -678,7 +593,7 @@ krb_enc_test(krb5_context context) krb5_crypto crypto; krb5_keyblock kb; krb5_data cipher, plain; - int i, failed = 0; + int i; for (i = 0; i < sizeof(krbencs)/sizeof(krbencs[0]); i++) { @@ -692,27 +607,216 @@ krb_enc_test(krb5_context context) cipher.data = krbencs[i].edata; plain.length = krbencs[i].plen; plain.data = krbencs[i].pdata; - + ret = krb_enc(context, crypto, krbencs[i].usage, &cipher, &plain); - - if (ret) { - failed = 1; - printf("krb_enc failed with %d\n", ret); - } + + if (ret) + errx(1, "krb_enc failed with %d for test %d", ret, i); + + ret = krb_enc_iov(context, crypto, krbencs[i].usage, &cipher, &plain); + if (ret) + errx(1, "krb_enc_iov failed with %d for test %d", ret, i); + + ret = krb_enc_iov2(context, crypto, krbencs[i].usage, + cipher.length, &plain); + if (ret) + errx(1, "krb_enc_iov2 failed with %d for test %d", ret, i); + + ret = krb_checksum_iov(context, crypto, krbencs[i].usage, &plain); + if (ret) + errx(1, "krb_checksum_iov failed with %d for test %d", ret, i); + krb5_crypto_destroy(context, crypto); - ret = krb_enc_mit(context, krbencs[i].enctype, &kb, + ret = krb_enc_mit(context, krbencs[i].enctype, &kb, krbencs[i].usage, &cipher, &plain); - if (ret) { - failed = 1; - printf("krb_enc_mit failed with %d\n", ret); - } - + if (ret) + errx(1, "krb_enc_mit failed with %d for test %d", ret, i); } - return failed; + return 0; } +static int +iov_test(krb5_context context) +{ + krb5_enctype enctype = ENCTYPE_AES256_CTS_HMAC_SHA1_96; + krb5_error_code ret; + krb5_crypto crypto; + krb5_keyblock key; + krb5_data signonly, in, in2; + krb5_crypto_iov iov[6]; + size_t len, i; + unsigned char *base, *p; + + ret = krb5_generate_random_keyblock(context, enctype, &key); + if (ret) + krb5_err(context, 1, ret, "krb5_generate_random_keyblock"); + + ret = krb5_crypto_init(context, &key, 0, &crypto); + if (ret) + krb5_err(context, 1, ret, "krb5_crypto_init"); + + + ret = krb5_crypto_length(context, crypto, KRB5_CRYPTO_TYPE_HEADER, &len); + if (ret) + krb5_err(context, 1, ret, "krb5_crypto_length"); + + signonly.data = "This should be signed"; + signonly.length = strlen(signonly.data); + in.data = "inputdata"; + in.length = strlen(in.data); + + in2.data = "INPUTDATA"; + in2.length = strlen(in2.data); + + + memset(iov, 0, sizeof(iov)); + + iov[0].flags = KRB5_CRYPTO_TYPE_HEADER; + iov[1].flags = KRB5_CRYPTO_TYPE_DATA; + iov[1].data = in; + iov[2].flags = KRB5_CRYPTO_TYPE_SIGN_ONLY; + iov[2].data = signonly; + iov[3].flags = KRB5_CRYPTO_TYPE_EMPTY; + iov[4].flags = KRB5_CRYPTO_TYPE_PADDING; + iov[5].flags = KRB5_CRYPTO_TYPE_TRAILER; + + ret = krb5_crypto_length_iov(context, crypto, iov, + sizeof(iov)/sizeof(iov[0])); + if (ret) + krb5_err(context, 1, ret, "krb5_crypto_length_iov"); + + for (len = 0, i = 0; i < sizeof(iov)/sizeof(iov[0]); i++) { + if (iov[i].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue; + len += iov[i].data.length; + } + + base = emalloc(len); + + /* + * Allocate data for the fields + */ + + for (p = base, i = 0; i < sizeof(iov)/sizeof(iov[0]); i++) { + if (iov[i].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue;; + iov[i].data.data = p; + p += iov[i].data.length; + } + assert(iov[1].data.length == in.length); + memcpy(iov[1].data.data, in.data, iov[1].data.length); + + /* + * Encrypt + */ + + ret = krb5_encrypt_iov_ivec(context, crypto, 7, iov, + sizeof(iov)/sizeof(iov[0]), NULL); + if (ret) + krb5_err(context, 1, ret, "krb5_encrypt_iov_ivec"); + + /* + * Decrypt + */ + + ret = krb5_decrypt_iov_ivec(context, crypto, 7, + iov, sizeof(iov)/sizeof(iov[0]), NULL); + if (ret) + krb5_err(context, 1, ret, "krb5_decrypt_iov_ivec"); + + /* + * Verify data + */ + + if (krb5_data_cmp(&iov[1].data, &in) != 0) + krb5_errx(context, 1, "decrypted data not same"); + + /* + * Free memory + */ + + free(base); + + /* Set up for second try */ + + iov[3].flags = KRB5_CRYPTO_TYPE_DATA; + iov[3].data = in; + + ret = krb5_crypto_length_iov(context, crypto, + iov, sizeof(iov)/sizeof(iov[0])); + if (ret) + krb5_err(context, 1, ret, "krb5_crypto_length_iov"); + + for (len = 0, i = 0; i < sizeof(iov)/sizeof(iov[0]); i++) { + if (iov[i].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue; + len += iov[i].data.length; + } + + base = emalloc(len); + + /* + * Allocate data for the fields + */ + + for (p = base, i = 0; i < sizeof(iov)/sizeof(iov[0]); i++) { + if (iov[i].flags == KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue;; + iov[i].data.data = p; + p += iov[i].data.length; + } + assert(iov[1].data.length == in.length); + memcpy(iov[1].data.data, in.data, iov[1].data.length); + + assert(iov[3].data.length == in2.length); + memcpy(iov[3].data.data, in2.data, iov[3].data.length); + + + + /* + * Encrypt + */ + + ret = krb5_encrypt_iov_ivec(context, crypto, 7, + iov, sizeof(iov)/sizeof(iov[0]), NULL); + if (ret) + krb5_err(context, 1, ret, "krb5_encrypt_iov_ivec"); + + /* + * Decrypt + */ + + ret = krb5_decrypt_iov_ivec(context, crypto, 7, + iov, sizeof(iov)/sizeof(iov[0]), NULL); + if (ret) + krb5_err(context, 1, ret, "krb5_decrypt_iov_ivec"); + + /* + * Verify data + */ + + if (krb5_data_cmp(&iov[1].data, &in) != 0) + krb5_errx(context, 1, "decrypted data 2.1 not same"); + + if (krb5_data_cmp(&iov[3].data, &in2) != 0) + krb5_errx(context, 1, "decrypted data 2.2 not same"); + + /* + * Free memory + */ + + free(base); + + krb5_crypto_destroy(context, crypto); + + krb5_free_keyblock_contents(context, &key); + + return 0; +} + + static int random_to_key(krb5_context context) @@ -746,26 +850,22 @@ random_to_key(krb5_context context) return 0; } - int main(int argc, char **argv) { krb5_error_code ret; krb5_context context; int val = 0; - + ret = krb5_init_context (&context); if (ret) errx (1, "krb5_init_context failed: %d", ret); val |= string_to_key_test(context); - val |= encryption_test(context, aes_key1, 128, - encs1, sizeof(encs1)/sizeof(encs1[0])); - val |= encryption_test(context, aes_key2, 256, - encs2, sizeof(encs2)/sizeof(encs2[0])); val |= krb_enc_test(context); val |= random_to_key(context); + val |= iov_test(context); if (verbose && val == 0) printf("all ok\n"); diff --git a/lib/krb5/aname_to_localname.c b/lib/krb5/aname_to_localname.c index 5800404d9819..7bfd861da94e 100644 --- a/lib/krb5/aname_to_localname.c +++ b/lib/krb5/aname_to_localname.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 1999, 2002 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999, 2002 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" -RCSID("$Id: aname_to_localname.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_aname_to_localname (krb5_context context, krb5_const_principal aname, size_t lnsize, @@ -74,7 +72,7 @@ krb5_aname_to_localname (krb5_context context, ret = krb5_copy_principal(context, aname, &rootprinc); if (ret) return ret; - + userok = krb5_kuserok(context, rootprinc, res); krb5_free_principal(context, rootprinc); if (!userok) diff --git a/lib/krb5/appdefault.c b/lib/krb5/appdefault.c index b0bb171f4a14..d4e963d74ab1 100644 --- a/lib/krb5/appdefault.c +++ b/lib/krb5/appdefault.c @@ -1,118 +1,116 @@ /* - * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: appdefault.c 14465 2005-01-05 05:40:59Z lukeh $"); - -void KRB5_LIB_FUNCTION -krb5_appdefault_boolean(krb5_context context, const char *appname, +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_appdefault_boolean(krb5_context context, const char *appname, krb5_const_realm realm, const char *option, krb5_boolean def_val, krb5_boolean *ret_val) { - + if(appname == NULL) appname = getprogname(); - def_val = krb5_config_get_bool_default(context, NULL, def_val, + def_val = krb5_config_get_bool_default(context, NULL, def_val, "libdefaults", option, NULL); if(realm != NULL) - def_val = krb5_config_get_bool_default(context, NULL, def_val, + def_val = krb5_config_get_bool_default(context, NULL, def_val, "realms", realm, option, NULL); - - def_val = krb5_config_get_bool_default(context, NULL, def_val, - "appdefaults", - option, + + def_val = krb5_config_get_bool_default(context, NULL, def_val, + "appdefaults", + option, NULL); if(realm != NULL) def_val = krb5_config_get_bool_default(context, NULL, def_val, - "appdefaults", - realm, - option, + "appdefaults", + realm, + option, NULL); if(appname != NULL) { - def_val = krb5_config_get_bool_default(context, NULL, def_val, - "appdefaults", - appname, - option, + def_val = krb5_config_get_bool_default(context, NULL, def_val, + "appdefaults", + appname, + option, NULL); if(realm != NULL) def_val = krb5_config_get_bool_default(context, NULL, def_val, - "appdefaults", - appname, - realm, - option, + "appdefaults", + appname, + realm, + option, NULL); } *ret_val = def_val; } -void KRB5_LIB_FUNCTION -krb5_appdefault_string(krb5_context context, const char *appname, +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_appdefault_string(krb5_context context, const char *appname, krb5_const_realm realm, const char *option, const char *def_val, char **ret_val) { if(appname == NULL) appname = getprogname(); - def_val = krb5_config_get_string_default(context, NULL, def_val, + def_val = krb5_config_get_string_default(context, NULL, def_val, "libdefaults", option, NULL); if(realm != NULL) - def_val = krb5_config_get_string_default(context, NULL, def_val, + def_val = krb5_config_get_string_default(context, NULL, def_val, "realms", realm, option, NULL); - def_val = krb5_config_get_string_default(context, NULL, def_val, - "appdefaults", - option, + def_val = krb5_config_get_string_default(context, NULL, def_val, + "appdefaults", + option, NULL); if(realm != NULL) def_val = krb5_config_get_string_default(context, NULL, def_val, - "appdefaults", - realm, - option, + "appdefaults", + realm, + option, NULL); if(appname != NULL) { - def_val = krb5_config_get_string_default(context, NULL, def_val, - "appdefaults", - appname, - option, + def_val = krb5_config_get_string_default(context, NULL, def_val, + "appdefaults", + appname, + option, NULL); if(realm != NULL) def_val = krb5_config_get_string_default(context, NULL, def_val, - "appdefaults", - appname, - realm, - option, + "appdefaults", + appname, + realm, + option, NULL); } if(def_val != NULL) @@ -121,7 +119,7 @@ krb5_appdefault_string(krb5_context context, const char *appname, *ret_val = NULL; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_appdefault_time(krb5_context context, const char *appname, krb5_const_realm realm, const char *option, time_t def_val, time_t *ret_val) diff --git a/lib/krb5/asn1_glue.c b/lib/krb5/asn1_glue.c index b3f775b4bea3..a821faff93e8 100644 --- a/lib/krb5/asn1_glue.c +++ b/lib/krb5/asn1_glue.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /* @@ -37,28 +37,36 @@ #include "krb5_locl.h" -RCSID("$Id: asn1_glue.c 21745 2007-07-31 16:11:25Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_principal2principalname (PrincipalName *p, const krb5_principal from) { return copy_PrincipalName(&from->name, p); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_principalname2krb5_principal (krb5_context context, krb5_principal *principal, const PrincipalName from, const Realm realm) { - krb5_principal p = malloc(sizeof(*p)); + krb5_error_code ret; + krb5_principal p; + + p = malloc(sizeof(*p)); if (p == NULL) return ENOMEM; - copy_PrincipalName(&from, &p->name); + ret = copy_PrincipalName(&from, &p->name); + if (ret) { + free(p); + return ret; + } p->realm = strdup(realm); - if (p->realm == NULL) + if (p->realm == NULL) { + free_PrincipalName(&p->name); + free(p); return ENOMEM; + } *principal = p; return 0; } diff --git a/lib/krb5/auth_context.c b/lib/krb5/auth_context.c index 323f17a24534..25ae15cf0f3b 100644 --- a/lib/krb5/auth_context.c +++ b/lib/krb5/auth_context.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: auth_context.c 21745 2007-07-31 16:11:25Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_init(krb5_context context, krb5_auth_context *auth_context) { @@ -43,13 +41,13 @@ krb5_auth_con_init(krb5_context context, ALLOC(p, 1); if(!p) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } memset(p, 0, sizeof(*p)); ALLOC(p->authenticator, 1); if (!p->authenticator) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); free(p); return ENOMEM; } @@ -60,13 +58,13 @@ krb5_auth_con_init(krb5_context context, p->remote_address = NULL; p->local_port = 0; p->remote_port = 0; - p->keytype = KEYTYPE_NULL; + p->keytype = ENCTYPE_NULL; p->cksumtype = CKSUMTYPE_NONE; *auth_context = p; return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_free(krb5_context context, krb5_auth_context auth_context) { @@ -88,7 +86,7 @@ krb5_auth_con_free(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setflags(krb5_context context, krb5_auth_context auth_context, int32_t flags) @@ -98,7 +96,7 @@ krb5_auth_con_setflags(krb5_context context, } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getflags(krb5_context context, krb5_auth_context auth_context, int32_t *flags) @@ -107,7 +105,7 @@ krb5_auth_con_getflags(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_addflags(krb5_context context, krb5_auth_context auth_context, int32_t addflags, @@ -119,7 +117,7 @@ krb5_auth_con_addflags(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_removeflags(krb5_context context, krb5_auth_context auth_context, int32_t removeflags, @@ -131,7 +129,7 @@ krb5_auth_con_removeflags(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setaddrs(krb5_context context, krb5_auth_context auth_context, krb5_address *local_addr, @@ -156,10 +154,10 @@ krb5_auth_con_setaddrs(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_genaddrs(krb5_context context, - krb5_auth_context auth_context, - int fd, int flags) +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_auth_con_genaddrs(krb5_context context, + krb5_auth_context auth_context, + krb5_socket_t fd, int flags) { krb5_error_code ret; krb5_address local_k_address, remote_k_address; @@ -172,10 +170,11 @@ krb5_auth_con_genaddrs(krb5_context context, if(flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR) { if (auth_context->local_address == NULL) { len = sizeof(ss_local); - if(getsockname(fd, local, &len) < 0) { - ret = errno; - krb5_set_error_string (context, "getsockname: %s", - strerror(ret)); + if(rk_IS_SOCKET_ERROR(getsockname(fd, local, &len))) { + char buf[128]; + ret = rk_SOCK_ERRNO; + rk_strerror_r(ret, buf, sizeof(buf)); + krb5_set_error_message(context, ret, "getsockname: %s", buf); goto out; } ret = krb5_sockaddr2address (context, local, &local_k_address); @@ -189,9 +188,11 @@ krb5_auth_con_genaddrs(krb5_context context, } if(flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR) { len = sizeof(ss_remote); - if(getpeername(fd, remote, &len) < 0) { - ret = errno; - krb5_set_error_string (context, "getpeername: %s", strerror(ret)); + if(rk_IS_SOCKET_ERROR(getpeername(fd, remote, &len))) { + char buf[128]; + ret = rk_SOCK_ERRNO; + rk_strerror_r(ret, buf, sizeof(buf)); + krb5_set_error_message(context, ret, "getpeername: %s", buf); goto out; } ret = krb5_sockaddr2address (context, remote, &remote_k_address); @@ -215,12 +216,12 @@ krb5_auth_con_genaddrs(krb5_context context, } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setaddrs_from_fd (krb5_context context, krb5_auth_context auth_context, void *p_fd) { - int fd = *(int*)p_fd; + krb5_socket_t fd = *(krb5_socket_t *)p_fd; int flags = 0; if(auth_context->local_address == NULL) flags |= KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR; @@ -229,7 +230,7 @@ krb5_auth_con_setaddrs_from_fd (krb5_context context, return krb5_auth_con_genaddrs(context, auth_context, fd, flags); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getaddrs(krb5_context context, krb5_auth_context auth_context, krb5_address **local_addr, @@ -239,7 +240,7 @@ krb5_auth_con_getaddrs(krb5_context context, krb5_free_address (context, *local_addr); *local_addr = malloc (sizeof(**local_addr)); if (*local_addr == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } krb5_copy_address(context, @@ -250,7 +251,7 @@ krb5_auth_con_getaddrs(krb5_context context, krb5_free_address (context, *remote_addr); *remote_addr = malloc (sizeof(**remote_addr)); if (*remote_addr == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); krb5_free_address (context, *local_addr); *local_addr = NULL; return ENOMEM; @@ -261,6 +262,7 @@ krb5_auth_con_getaddrs(krb5_context context, return 0; } +/* coverity[+alloc : arg-*2] */ static krb5_error_code copy_key(krb5_context context, krb5_keyblock *in, @@ -272,7 +274,7 @@ copy_key(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock) @@ -280,7 +282,7 @@ krb5_auth_con_getkey(krb5_context context, return copy_key(context, auth_context->keyblock, keyblock); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getlocalsubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock) @@ -288,7 +290,8 @@ krb5_auth_con_getlocalsubkey(krb5_context context, return copy_key(context, auth_context->local_subkey, keyblock); } -krb5_error_code KRB5_LIB_FUNCTION +/* coverity[+alloc : arg-*2] */ +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getremotesubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock) @@ -296,7 +299,7 @@ krb5_auth_con_getremotesubkey(krb5_context context, return copy_key(context, auth_context->remote_subkey, keyblock); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock *keyblock) @@ -306,7 +309,7 @@ krb5_auth_con_setkey(krb5_context context, return copy_key(context, keyblock, &auth_context->keyblock); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setlocalsubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock *keyblock) @@ -316,7 +319,7 @@ krb5_auth_con_setlocalsubkey(krb5_context context, return copy_key(context, keyblock, &auth_context->local_subkey); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_generatelocalsubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock *key) @@ -336,7 +339,7 @@ krb5_auth_con_generatelocalsubkey(krb5_context context, } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setremotesubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock *keyblock) @@ -346,7 +349,7 @@ krb5_auth_con_setremotesubkey(krb5_context context, return copy_key(context, keyblock, &auth_context->remote_subkey); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setcksumtype(krb5_context context, krb5_auth_context auth_context, krb5_cksumtype cksumtype) @@ -355,7 +358,7 @@ krb5_auth_con_setcksumtype(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getcksumtype(krb5_context context, krb5_auth_context auth_context, krb5_cksumtype *cksumtype) @@ -364,7 +367,7 @@ krb5_auth_con_getcksumtype(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setkeytype (krb5_context context, krb5_auth_context auth_context, krb5_keytype keytype) @@ -373,7 +376,7 @@ krb5_auth_con_setkeytype (krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getkeytype (krb5_context context, krb5_auth_context auth_context, krb5_keytype *keytype) @@ -383,7 +386,7 @@ krb5_auth_con_getkeytype (krb5_context context, } #if 0 -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setenctype(krb5_context context, krb5_auth_context auth_context, krb5_enctype etype) @@ -397,7 +400,7 @@ krb5_auth_con_setenctype(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getenctype(krb5_context context, krb5_auth_context auth_context, krb5_enctype *etype) @@ -406,7 +409,7 @@ krb5_auth_con_getenctype(krb5_context context, } #endif -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getlocalseqnumber(krb5_context context, krb5_auth_context auth_context, int32_t *seqnumber) @@ -415,7 +418,7 @@ krb5_auth_con_getlocalseqnumber(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setlocalseqnumber (krb5_context context, krb5_auth_context auth_context, int32_t seqnumber) @@ -424,16 +427,16 @@ krb5_auth_con_setlocalseqnumber (krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_getremoteseqnumber(krb5_context context, - krb5_auth_context auth_context, - int32_t *seqnumber) +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_auth_con_getremoteseqnumber(krb5_context context, + krb5_auth_context auth_context, + int32_t *seqnumber) { *seqnumber = auth_context->remote_seqnumber; return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setremoteseqnumber (krb5_context context, krb5_auth_context auth_context, int32_t seqnumber) @@ -443,14 +446,14 @@ krb5_auth_con_setremoteseqnumber (krb5_context context, } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getauthenticator(krb5_context context, krb5_auth_context auth_context, krb5_authenticator *authenticator) { *authenticator = malloc(sizeof(**authenticator)); if (*authenticator == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } @@ -460,7 +463,7 @@ krb5_auth_con_getauthenticator(krb5_context context, } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_authenticator(krb5_context context, krb5_authenticator *authenticator) { @@ -470,7 +473,7 @@ krb5_free_authenticator(krb5_context context, } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setuserkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock *keyblock) @@ -480,7 +483,7 @@ krb5_auth_con_setuserkey(krb5_context context, return krb5_copy_keyblock(context, keyblock, &auth_context->keyblock); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getrcache(krb5_context context, krb5_auth_context auth_context, krb5_rcache *rcache) @@ -489,7 +492,7 @@ krb5_auth_con_getrcache(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setrcache(krb5_context context, krb5_auth_context auth_context, krb5_rcache rcache) @@ -500,7 +503,7 @@ krb5_auth_con_setrcache(krb5_context context, #if 0 /* not implemented */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_initivector(krb5_context context, krb5_auth_context auth_context) { @@ -508,7 +511,7 @@ krb5_auth_con_initivector(krb5_context context, } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setivector(krb5_context context, krb5_auth_context auth_context, krb5_pointer ivector) diff --git a/lib/krb5/build_ap_req.c b/lib/krb5/build_ap_req.c index b1968fe817b7..d56a0a194e1e 100644 --- a/lib/krb5/build_ap_req.c +++ b/lib/krb5/build_ap_req.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" -RCSID("$Id: build_ap_req.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_build_ap_req (krb5_context context, krb5_enctype enctype, krb5_creds *cred, @@ -47,13 +45,13 @@ krb5_build_ap_req (krb5_context context, AP_REQ ap; Ticket t; size_t len; - + ap.pvno = 5; ap.msg_type = krb_ap_req; memset(&ap.ap_options, 0, sizeof(ap.ap_options)); ap.ap_options.use_session_key = (ap_options & AP_OPTS_USE_SESSION_KEY) > 0; ap.ap_options.mutual_required = (ap_options & AP_OPTS_MUTUAL_REQUIRED) > 0; - + ap.ticket.tkt_vno = 5; copy_Realm(&cred->server->realm, &ap.ticket.realm); copy_PrincipalName(&cred->server->name, &ap.ticket.sname); diff --git a/lib/krb5/build_auth.c b/lib/krb5/build_auth.c index f8739c044d16..01145a28c604 100644 --- a/lib/krb5/build_auth.c +++ b/lib/krb5/build_auth.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include - -RCSID("$Id: build_auth.c 17033 2006-04-10 08:53:21Z lha $"); +#include "krb5_locl.h" static krb5_error_code make_etypelist(krb5_context context, @@ -43,10 +41,12 @@ make_etypelist(krb5_context context, krb5_error_code ret; krb5_authdata ad; u_char *buf; - size_t len; + size_t len = 0; size_t buf_size; - - ret = krb5_init_etype(context, &etypes.len, &etypes.val, NULL); + + ret = _krb5_init_etype(context, KRB5_PDU_NONE, + &etypes.len, &etypes.val, + NULL); if (ret) return ret; @@ -62,7 +62,7 @@ make_etypelist(krb5_context context, ALLOC_SEQ(&ad, 1); if (ad.val == NULL) { free(buf); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } @@ -74,21 +74,23 @@ make_etypelist(krb5_context context, if (ret) { free_AuthorizationData(&ad); return ret; - } + } if(buf_size != len) krb5_abortx(context, "internal error in ASN.1 encoder"); free_AuthorizationData(&ad); ALLOC(*auth_data, 1); if (*auth_data == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + free(buf); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } ALLOC_SEQ(*auth_data, 1); if ((*auth_data)->val == NULL) { + free(*auth_data); free(buf); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } @@ -99,71 +101,76 @@ make_etypelist(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_authenticator (krb5_context context, - krb5_auth_context auth_context, - krb5_enctype enctype, - krb5_creds *cred, - Checksum *cksum, - Authenticator **auth_result, - krb5_data *result, - krb5_key_usage usage) +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_build_authenticator (krb5_context context, + krb5_auth_context auth_context, + krb5_enctype enctype, + krb5_creds *cred, + Checksum *cksum, + krb5_data *result, + krb5_key_usage usage) { - Authenticator *auth; + Authenticator auth; u_char *buf = NULL; size_t buf_size; - size_t len; + size_t len = 0; krb5_error_code ret; krb5_crypto crypto; - auth = calloc(1, sizeof(*auth)); - if (auth == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } + memset(&auth, 0, sizeof(auth)); - auth->authenticator_vno = 5; - copy_Realm(&cred->client->realm, &auth->crealm); - copy_PrincipalName(&cred->client->name, &auth->cname); + auth.authenticator_vno = 5; + copy_Realm(&cred->client->realm, &auth.crealm); + copy_PrincipalName(&cred->client->name, &auth.cname); - krb5_us_timeofday (context, &auth->ctime, &auth->cusec); - - ret = krb5_auth_con_getlocalsubkey(context, auth_context, &auth->subkey); + krb5_us_timeofday (context, &auth.ctime, &auth.cusec); + + ret = krb5_auth_con_getlocalsubkey(context, auth_context, &auth.subkey); if(ret) goto fail; if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { if(auth_context->local_seqnumber == 0) krb5_generate_seq_number (context, - &cred->session, + &cred->session, &auth_context->local_seqnumber); - ALLOC(auth->seq_number, 1); - if(auth->seq_number == NULL) { + ALLOC(auth.seq_number, 1); + if(auth.seq_number == NULL) { ret = ENOMEM; goto fail; } - *auth->seq_number = auth_context->local_seqnumber; + *auth.seq_number = auth_context->local_seqnumber; } else - auth->seq_number = NULL; - auth->authorization_data = NULL; - auth->cksum = cksum; + auth.seq_number = NULL; + auth.authorization_data = NULL; - if (cksum != NULL && cksum->cksumtype == CKSUMTYPE_GSSAPI) { - /* - * This is not GSS-API specific, we only enable it for - * GSS for now - */ - ret = make_etypelist(context, &auth->authorization_data); + if (cksum) { + ALLOC(auth.cksum, 1); + if (auth.cksum == NULL) { + ret = ENOMEM; + goto fail; + } + ret = copy_Checksum(cksum, auth.cksum); if (ret) goto fail; + + if (auth.cksum->cksumtype == CKSUMTYPE_GSSAPI) { + /* + * This is not GSS-API specific, we only enable it for + * GSS for now + */ + ret = make_etypelist(context, &auth.authorization_data); + if (ret) + goto fail; + } } /* XXX - Copy more to auth_context? */ - auth_context->authenticator->ctime = auth->ctime; - auth_context->authenticator->cusec = auth->cusec; + auth_context->authenticator->ctime = auth.ctime; + auth_context->authenticator->cusec = auth.cusec; - ASN1_MALLOC_ENCODE(Authenticator, buf, buf_size, auth, &len, ret); + ASN1_MALLOC_ENCODE(Authenticator, buf, buf_size, &auth, &len, ret); if (ret) goto fail; if(buf_size != len) @@ -175,7 +182,7 @@ krb5_build_authenticator (krb5_context context, ret = krb5_encrypt (context, crypto, usage /* KRB5_KU_AP_REQ_AUTH */, - buf + buf_size - len, + buf, len, result); krb5_crypto_destroy(context, crypto); @@ -183,20 +190,9 @@ krb5_build_authenticator (krb5_context context, if (ret) goto fail; + fail: + free_Authenticator (&auth); free (buf); - if (auth_result) - *auth_result = auth; - else { - /* Don't free the `cksum', it's allocated by the caller */ - auth->cksum = NULL; - free_Authenticator (auth); - free (auth); - } - return ret; - fail: - free_Authenticator (auth); - free (auth); - free (buf); return ret; } diff --git a/lib/krb5/cache.c b/lib/krb5/cache.c index 5db6d2b2cf8a..616044e67baa 100644 --- a/lib/krb5/cache.c +++ b/lib/krb5/cache.c @@ -1,39 +1,104 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: cache.c 22127 2007-12-04 00:54:37Z lha $"); +/** + * @page krb5_ccache_intro The credential cache functions + * @section section_krb5_ccache Kerberos credential caches + * + * krb5_ccache structure holds a Kerberos credential cache. + * + * Heimdal support the follow types of credential caches: + * + * - SCC + * Store the credential in a database + * - FILE + * Store the credential in memory + * - MEMORY + * Store the credential in memory + * - API + * A credential cache server based solution for Mac OS X + * - KCM + * A credential cache server based solution for all platforms + * + * @subsection Example + * + * This is a minimalistic version of klist: +@code +#include + +int +main (int argc, char **argv) +{ + krb5_context context; + krb5_cc_cursor cursor; + krb5_error_code ret; + krb5_ccache id; + krb5_creds creds; + + if (krb5_init_context (&context) != 0) + errx(1, "krb5_context"); + + ret = krb5_cc_default (context, &id); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_default"); + + ret = krb5_cc_start_seq_get(context, id, &cursor); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_start_seq_get"); + + while((ret = krb5_cc_next_cred(context, id, &cursor, &creds)) == 0){ + char *principal; + + krb5_unparse_name(context, creds.server, &principal); + printf("principal: %s\\n", principal); + free(principal); + krb5_free_cred_contents (context, &creds); + } + ret = krb5_cc_end_seq_get(context, id, &cursor); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_end_seq_get"); + + krb5_cc_close(context, id); + + krb5_free_context(context); + return 0; +} +* @endcode +*/ /** * Add a new ccache type with operations `ops', overwriting any @@ -44,43 +109,44 @@ RCSID("$Id: cache.c 22127 2007-12-04 00:54:37Z lha $"); * @param override flag to select if the registration is to overide * an existing ops with the same name. * - * @return Return an error code or 0. + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_register(krb5_context context, - const krb5_cc_ops *ops, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_register(krb5_context context, + const krb5_cc_ops *ops, krb5_boolean override) { int i; - for(i = 0; i < context->num_cc_ops && context->cc_ops[i].prefix; i++) { - if(strcmp(context->cc_ops[i].prefix, ops->prefix) == 0) { + for(i = 0; i < context->num_cc_ops && context->cc_ops[i]->prefix; i++) { + if(strcmp(context->cc_ops[i]->prefix, ops->prefix) == 0) { if(!override) { - krb5_set_error_string(context, - "ccache type %s already exists", - ops->prefix); + krb5_set_error_message(context, + KRB5_CC_TYPE_EXISTS, + N_("cache type %s already exists", "type"), + ops->prefix); return KRB5_CC_TYPE_EXISTS; } break; } } if(i == context->num_cc_ops) { - krb5_cc_ops *o = realloc(context->cc_ops, - (context->num_cc_ops + 1) * - sizeof(*context->cc_ops)); + const krb5_cc_ops **o = realloc(rk_UNCONST(context->cc_ops), + (context->num_cc_ops + 1) * + sizeof(context->cc_ops[0])); if(o == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); return KRB5_CC_NOMEM; } - context->num_cc_ops++; context->cc_ops = o; - memset(context->cc_ops + i, 0, - (context->num_cc_ops - i) * sizeof(*context->cc_ops)); + context->cc_ops[context->num_cc_ops] = NULL; + context->num_cc_ops++; } - memcpy(&context->cc_ops[i], ops, sizeof(context->cc_ops[i])); + context->cc_ops[i] = ops; return 0; } @@ -90,7 +156,7 @@ krb5_cc_register(krb5_context context, */ krb5_error_code -_krb5_cc_allocate(krb5_context context, +_krb5_cc_allocate(krb5_context context, const krb5_cc_ops *ops, krb5_ccache *id) { @@ -98,7 +164,8 @@ _krb5_cc_allocate(krb5_context context, p = malloc (sizeof(*p)); if(p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); return KRB5_CC_NOMEM; } p->ops = ops; @@ -119,16 +186,58 @@ allocate_ccache (krb5_context context, krb5_ccache *id) { krb5_error_code ret; +#ifdef KRB5_USE_PATH_TOKENS + char * exp_residual = NULL; - ret = _krb5_cc_allocate(context, ops, id); + ret = _krb5_expand_path_tokens(context, residual, &exp_residual); if (ret) return ret; + + residual = exp_residual; +#endif + + ret = _krb5_cc_allocate(context, ops, id); + if (ret) { +#ifdef KRB5_USE_PATH_TOKENS + if (exp_residual) + free(exp_residual); +#endif + return ret; + } + ret = (*id)->ops->resolve(context, id, residual); - if(ret) + if(ret) { free(*id); + *id = NULL; + } + +#ifdef KRB5_USE_PATH_TOKENS + if (exp_residual) + free(exp_residual); +#endif + return ret; } +static int +is_possible_path_name(const char * name) +{ + const char * colon; + + if ((colon = strchr(name, ':')) == NULL) + return TRUE; + +#ifdef _WIN32 + /* :\path\to\cache ? */ + + if (colon == name + 1 && + strchr(colon + 1, ':') == NULL) + return TRUE; +#endif + + return FALSE; +} + /** * Find and allocate a ccache in `id' from the specification in `residual'. * If the ccache name doesn't contain any colon, interpret it as a file name. @@ -138,13 +247,13 @@ allocate_ccache (krb5_context context, * @param id return pointer to a found credential cache. * * @return Return 0 or an error code. In case of an error, id is set - * to NULL. + * to NULL, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_resolve(krb5_context context, const char *name, krb5_ccache *id) @@ -153,41 +262,25 @@ krb5_cc_resolve(krb5_context context, *id = NULL; - for(i = 0; i < context->num_cc_ops && context->cc_ops[i].prefix; i++) { - size_t prefix_len = strlen(context->cc_ops[i].prefix); + for(i = 0; i < context->num_cc_ops && context->cc_ops[i]->prefix; i++) { + size_t prefix_len = strlen(context->cc_ops[i]->prefix); - if(strncmp(context->cc_ops[i].prefix, name, prefix_len) == 0 + if(strncmp(context->cc_ops[i]->prefix, name, prefix_len) == 0 && name[prefix_len] == ':') { - return allocate_ccache (context, &context->cc_ops[i], + return allocate_ccache (context, context->cc_ops[i], name + prefix_len + 1, id); } } - if (strchr (name, ':') == NULL) + if (is_possible_path_name(name)) return allocate_ccache (context, &krb5_fcc_ops, name, id); else { - krb5_set_error_string(context, "unknown ccache type %s", name); + krb5_set_error_message(context, KRB5_CC_UNKNOWN_TYPE, + N_("unknown ccache type %s", "name"), name); return KRB5_CC_UNKNOWN_TYPE; } } -/** - * Generate a new ccache of type `ops' in `id'. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_gen_new(krb5_context context, - const krb5_cc_ops *ops, - krb5_ccache *id) -{ - return krb5_cc_new_unique(context, ops->prefix, NULL, id); -} - /** * Generates a new unique ccache of `type` in `id'. If `type' is NULL, * the library chooses the default credential cache type. The supplied @@ -195,31 +288,34 @@ krb5_cc_gen_new(krb5_context context, * type can use to base the name of the credential on, this is to make * it easier for the user to differentiate the credentials. * - * @return Returns 0 or an error code. + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_new_unique(krb5_context context, const char *type, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_new_unique(krb5_context context, const char *type, const char *hint, krb5_ccache *id) { - const krb5_cc_ops *ops = KRB5_DEFAULT_CCTYPE; + const krb5_cc_ops *ops; krb5_error_code ret; - if (type) { - ops = krb5_cc_get_prefix_ops(context, type); - if (ops == NULL) { - krb5_set_error_string(context, - "Credential cache type %s is unknown", type); - return KRB5_CC_UNKNOWN_TYPE; - } + ops = krb5_cc_get_prefix_ops(context, type); + if (ops == NULL) { + krb5_set_error_message(context, KRB5_CC_UNKNOWN_TYPE, + "Credential cache type %s is unknown", type); + return KRB5_CC_UNKNOWN_TYPE; } ret = _krb5_cc_allocate(context, ops, id); if (ret) return ret; - return (*id)->ops->gen_new(context, id); + ret = (*id)->ops->gen_new(context, id); + if (ret) { + free(*id); + *id = NULL; + } + return ret; } /** @@ -229,7 +325,7 @@ krb5_cc_new_unique(krb5_context context, const char *type, */ -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_cc_get_name(krb5_context context, krb5_ccache id) { @@ -243,7 +339,7 @@ krb5_cc_get_name(krb5_context context, */ -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_cc_get_type(krb5_context context, krb5_ccache id) { @@ -251,15 +347,19 @@ krb5_cc_get_type(krb5_context context, } /** - * Return the complete resolvable name the ccache `id' in `str´. - * `str` should be freed with free(3). - * Returns 0 or an error (and then *str is set to NULL). + * Return the complete resolvable name the cache + + * @param context a Keberos context + * @param id return pointer to a found credential cache + * @param str the returned name of a credential cache, free with krb5_xfree() + * + * @return Returns 0 or an error (and then *str is set to NULL). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_full_name(krb5_context context, krb5_ccache id, char **str) @@ -270,18 +370,20 @@ krb5_cc_get_full_name(krb5_context context, type = krb5_cc_get_type(context, id); if (type == NULL) { - krb5_set_error_string(context, "cache have no name of type"); + krb5_set_error_message(context, KRB5_CC_UNKNOWN_TYPE, + "cache have no name of type"); return KRB5_CC_UNKNOWN_TYPE; } name = krb5_cc_get_name(context, id); if (name == NULL) { - krb5_set_error_string(context, "cache of type %s have no name", type); + krb5_set_error_message(context, KRB5_CC_BADNAME, + "cache of type %s have no name", type); return KRB5_CC_BADNAME; } - + if (asprintf(str, "%s:%s", type, name) == -1) { - krb5_set_error_string(context, "malloc - out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); *str = NULL; return ENOMEM; } @@ -295,7 +397,7 @@ krb5_cc_get_full_name(krb5_context context, */ -const krb5_cc_ops * +KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL krb5_cc_get_ops(krb5_context context, krb5_ccache id) { return id->ops; @@ -308,68 +410,7 @@ krb5_cc_get_ops(krb5_context context, krb5_ccache id) krb5_error_code _krb5_expand_default_cc_name(krb5_context context, const char *str, char **res) { - size_t tlen, len = 0; - char *tmp, *tmp2, *append; - - *res = NULL; - - while (str && *str) { - tmp = strstr(str, "%{"); - if (tmp && tmp != str) { - append = malloc((tmp - str) + 1); - if (append) { - memcpy(append, str, tmp - str); - append[tmp - str] = '\0'; - } - str = tmp; - } else if (tmp) { - tmp2 = strchr(tmp, '}'); - if (tmp2 == NULL) { - free(*res); - *res = NULL; - krb5_set_error_string(context, "variable missing }"); - return KRB5_CONFIG_BADFORMAT; - } - if (strncasecmp(tmp, "%{uid}", 6) == 0) - asprintf(&append, "%u", (unsigned)getuid()); - else if (strncasecmp(tmp, "%{null}", 7) == 0) - append = strdup(""); - else { - free(*res); - *res = NULL; - krb5_set_error_string(context, - "expand default cache unknown " - "variable \"%.*s\"", - (int)(tmp2 - tmp) - 2, tmp + 2); - return KRB5_CONFIG_BADFORMAT; - } - str = tmp2 + 1; - } else { - append = strdup(str); - str = NULL; - } - if (append == NULL) { - free(*res); - *res = NULL; - krb5_set_error_string(context, "malloc - out of memory"); - return ENOMEM; - } - - tlen = strlen(append); - tmp = realloc(*res, len + tlen + 1); - if (tmp == NULL) { - free(append); - free(*res); - *res = NULL; - krb5_set_error_string(context, "malloc - out of memory"); - return ENOMEM; - } - *res = tmp; - memcpy(*res + len, append, tlen + 1); - len = len + tlen; - free(append); - } - return 0; + return _krb5_expand_path_tokens(context, str, res); } /* @@ -386,6 +427,12 @@ environment_changed(krb5_context context) if (context->default_cc_name_set) return 0; + /* XXX performance: always ask KCM/API if default name has changed */ + if (context->default_cc_name && + (strncmp(context->default_cc_name, "KCM:", 4) == 0 || + strncmp(context->default_cc_name, "API:", 4) == 0)) + return 1; + if(issuid()) return 0; @@ -405,18 +452,53 @@ environment_changed(krb5_context context) return 0; } +/** + * Switch the default default credential cache for a specific + * credcache type (and name for some implementations). + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_switch(krb5_context context, krb5_ccache id) +{ + + if (id->ops->set_default == NULL) + return 0; + + return (*id->ops->set_default)(context, id); +} + +/** + * Return true if the default credential cache support switch + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_cc_support_switch(krb5_context context, const char *type) +{ + const krb5_cc_ops *ops; + + ops = krb5_cc_get_prefix_ops(context, type); + if (ops && ops->set_default) + return 1; + return FALSE; +} + /** * Set the default cc name for `context' to `name'. * * @ingroup krb5_ccache */ - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_default_name(krb5_context context, const char *name) { krb5_error_code ret = 0; - char *p; + char *p = NULL, *exp_p = NULL; if (name == NULL) { const char *e = NULL; @@ -430,6 +512,12 @@ krb5_cc_set_default_name(krb5_context context, const char *name) context->default_cc_name_env = strdup(e); } } + +#ifdef _WIN32 + if (e == NULL) { + e = p = _krb5_get_default_cc_name_from_registry(); + } +#endif if (e == NULL) { e = krb5_config_get_string(context, NULL, "libdefaults", "default_cc_name", NULL); @@ -440,7 +528,19 @@ krb5_cc_set_default_name(krb5_context context, const char *name) } if (e == NULL) { const krb5_cc_ops *ops = KRB5_DEFAULT_CCTYPE; - ret = (*ops->default_name)(context, &p); + e = krb5_config_get_string(context, NULL, "libdefaults", + "default_cc_type", NULL); + if (e) { + ops = krb5_cc_get_prefix_ops(context, e); + if (ops == NULL) { + krb5_set_error_message(context, + KRB5_CC_UNKNOWN_TYPE, + "Credential cache type %s " + "is unknown", e); + return KRB5_CC_UNKNOWN_TYPE; + } + } + ret = (*ops->get_default_name)(context, &p); if (ret) return ret; } @@ -452,16 +552,21 @@ krb5_cc_set_default_name(krb5_context context, const char *name) } if (p == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } + ret = _krb5_expand_path_tokens(context, p, &exp_p); + free(p); + if (ret) + return ret; + if (context->default_cc_name) free(context->default_cc_name); - context->default_cc_name = p; + context->default_cc_name = exp_p; - return ret; + return 0; } /** @@ -474,7 +579,7 @@ krb5_cc_set_default_name(krb5_context context, const char *name) */ -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_cc_default_name(krb5_context context) { if (context->default_cc_name == NULL || environment_changed(context)) @@ -486,20 +591,20 @@ krb5_cc_default_name(krb5_context context) /** * Open the default ccache in `id'. * - * @return Return 0 or an error code. + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_default(krb5_context context, krb5_ccache *id) { const char *p = krb5_cc_default_name(context); if (p == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } return krb5_cc_resolve(context, p, id); @@ -508,13 +613,13 @@ krb5_cc_default(krb5_context context, /** * Create a new ccache in `id' for `primary_principal'. * - * @return Return 0 or an error code. + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_initialize(krb5_context context, krb5_ccache id, krb5_principal primary_principal) @@ -526,13 +631,13 @@ krb5_cc_initialize(krb5_context context, /** * Remove the ccache `id'. * - * @return Return 0 or an error code. + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_destroy(krb5_context context, krb5_ccache id) { @@ -546,13 +651,13 @@ krb5_cc_destroy(krb5_context context, /** * Stop using the ccache `id' and free the related resources. * - * @return Return 0 or an error code. + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_close(krb5_context context, krb5_ccache id) { @@ -565,13 +670,13 @@ krb5_cc_close(krb5_context context, /** * Store `creds' in the ccache `id'. * - * @return Return 0 or an error code. + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_store_cred(krb5_context context, krb5_ccache id, krb5_creds *creds) @@ -584,13 +689,20 @@ krb5_cc_store_cred(krb5_context context, * from `id' in `creds'. 'creds' must be free by the caller using * krb5_free_cred_contents. * - * @return Return 0 or an error code. + * @param context A Kerberos 5 context + * @param id a Kerberos 5 credential cache + * @param whichfields what fields to use for matching credentials, same + * flags as whichfields in krb5_compare_creds() + * @param mcreds template credential to use for comparing + * @param creds returned credential, free with krb5_free_cred_contents() + * + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_retrieve_cred(krb5_context context, krb5_ccache id, krb5_flags whichfields, @@ -622,13 +734,13 @@ krb5_cc_retrieve_cred(krb5_context context, /** * Return the principal of `id' in `principal'. * - * @return Return 0 or an error code. + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_principal(krb5_context context, krb5_ccache id, krb5_principal *principal) @@ -638,15 +750,15 @@ krb5_cc_get_principal(krb5_context context, /** * Start iterating over `id', `cursor' is initialized to the - * beginning. + * beginning. Caller must free the cursor with krb5_cc_end_seq_get(). * - * @return Return 0 or an error code. + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_start_seq_get (krb5_context context, const krb5_ccache id, krb5_cc_cursor *cursor) @@ -658,13 +770,13 @@ krb5_cc_start_seq_get (krb5_context context, * Retrieve the next cred pointed to by (`id', `cursor') in `creds' * and advance `cursor'. * - * @return Return 0 or an error code. + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_next_cred (krb5_context context, const krb5_ccache id, krb5_cc_cursor *cursor, @@ -673,32 +785,6 @@ krb5_cc_next_cred (krb5_context context, return (*id->ops->get_next)(context, id, cursor, creds); } -/** - * Like krb5_cc_next_cred, but allow for selective retrieval - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_next_cred_match(krb5_context context, - const krb5_ccache id, - krb5_cc_cursor * cursor, - krb5_creds * creds, - krb5_flags whichfields, - const krb5_creds * mcreds) -{ - krb5_error_code ret; - while (1) { - ret = krb5_cc_next_cred(context, id, cursor, creds); - if (ret) - return ret; - if (mcreds == NULL || krb5_compare_creds(context, whichfields, mcreds, creds)) - return 0; - krb5_free_cred_contents(context, creds); - } -} - /** * Destroy the cursor `cursor'. * @@ -706,7 +792,7 @@ krb5_cc_next_cred_match(krb5_context context, */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_end_seq_get (krb5_context context, const krb5_ccache id, krb5_cc_cursor *cursor) @@ -721,16 +807,17 @@ krb5_cc_end_seq_get (krb5_context context, */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_remove_cred(krb5_context context, krb5_ccache id, krb5_flags which, krb5_creds *cred) { if(id->ops->remove_cred == NULL) { - krb5_set_error_string(context, - "ccache %s does not support remove_cred", - id->ops->prefix); + krb5_set_error_message(context, + EACCES, + "ccache %s does not support remove_cred", + id->ops->prefix); return EACCES; /* XXX */ } return (*id->ops->remove_cred)(context, id, which, cred); @@ -743,34 +830,61 @@ krb5_cc_remove_cred(krb5_context context, */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_flags(krb5_context context, krb5_ccache id, krb5_flags flags) { return (*id->ops->set_flags)(context, id, flags); } - + /** - * Copy the contents of `from' to `to'. + * Get the flags of `id', store them in `flags'. * * @ingroup krb5_ccache */ +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_get_flags(krb5_context context, + krb5_ccache id, + krb5_flags *flags) +{ + *flags = 0; + return 0; +} -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_copy_cache_match(krb5_context context, - const krb5_ccache from, - krb5_ccache to, - krb5_flags whichfields, - const krb5_creds * mcreds, - unsigned int *matched) +/** + * Copy the contents of `from' to `to' if the given match function + * return true. + * + * @param context A Kerberos 5 context. + * @param from the cache to copy data from. + * @param to the cache to copy data to. + * @param match a match function that should return TRUE if cred argument should be copied, if NULL, all credentials are copied. + * @param matchctx context passed to match function. + * @param matched set to true if there was a credential that matched, may be NULL. + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_copy_match_f(krb5_context context, + const krb5_ccache from, + krb5_ccache to, + krb5_boolean (*match)(krb5_context, void *, const krb5_creds *), + void *matchctx, + unsigned int *matched) { krb5_error_code ret; krb5_cc_cursor cursor; krb5_creds cred; krb5_principal princ; + if (matched) + *matched = 0; + ret = krb5_cc_get_principal(context, from, &princ); if (ret) return ret; @@ -784,34 +898,36 @@ krb5_cc_copy_cache_match(krb5_context context, krb5_free_principal(context, princ); return ret; } - if (matched) - *matched = 0; - while (ret == 0 && - krb5_cc_next_cred_match(context, from, &cursor, &cred, - whichfields, mcreds) == 0) { - if (matched) - (*matched)++; - ret = krb5_cc_store_cred(context, to, &cred); - krb5_free_cred_contents(context, &cred); + + while ((ret = krb5_cc_next_cred(context, from, &cursor, &cred)) == 0) { + if (match == NULL || (*match)(context, matchctx, &cred) == 0) { + if (matched) + (*matched)++; + ret = krb5_cc_store_cred(context, to, &cred); + if (ret) + break; + } + krb5_free_cred_contents(context, &cred); } krb5_cc_end_seq_get(context, from, &cursor); krb5_free_principal(context, princ); + if (ret == KRB5_CC_END) + ret = 0; return ret; } /** - * Just like krb5_cc_copy_cache_match, but copy everything. + * Just like krb5_cc_copy_match_f(), but copy everything. * - * @ingroup krb5_ccache + * @ingroup @krb5_ccache */ - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_copy_cache(krb5_context context, const krb5_ccache from, krb5_ccache to) { - return krb5_cc_copy_cache_match(context, from, to, 0, NULL, NULL); + return krb5_cc_copy_match_f(context, from, to, NULL, NULL, NULL); } /** @@ -821,7 +937,7 @@ krb5_cc_copy_cache(krb5_context context, */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_version(krb5_context context, const krb5_ccache id) { @@ -838,7 +954,7 @@ krb5_cc_get_version(krb5_context context, */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_cc_clear_mcred(krb5_creds *mcred) { memset(mcred, 0, sizeof(*mcred)); @@ -846,37 +962,41 @@ krb5_cc_clear_mcred(krb5_creds *mcred) /** * Get the cc ops that is registered in `context' to handle the - * `prefix'. `prefix' can be a complete credential cache name or a + * prefix. prefix can be a complete credential cache name or a * prefix, the function will only use part up to the first colon (:) - * if there is one. - * Returns NULL if ops not found. + * if there is one. If prefix the argument is NULL, the default ccache + * implemtation is returned. + * + * @return Returns NULL if ops not found. * * @ingroup krb5_ccache */ -const krb5_cc_ops * +KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL krb5_cc_get_prefix_ops(krb5_context context, const char *prefix) { char *p, *p1; int i; - + + if (prefix == NULL) + return KRB5_DEFAULT_CCTYPE; if (prefix[0] == '/') return &krb5_fcc_ops; p = strdup(prefix); if (p == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return NULL; } p1 = strchr(p, ':'); if (p1) *p1 = '\0'; - for(i = 0; i < context->num_cc_ops && context->cc_ops[i].prefix; i++) { - if(strcmp(context->cc_ops[i].prefix, p) == 0) { + for(i = 0; i < context->num_cc_ops && context->cc_ops[i]->prefix; i++) { + if(strcmp(context->cc_ops[i]->prefix, p) == 0) { free(p); - return &context->cc_ops[i]; + return context->cc_ops[i]; } } free(p); @@ -889,16 +1009,20 @@ struct krb5_cc_cache_cursor_data { }; /** - * Start iterating over all caches of `type'. If `type' is NULL, the - * default type is * used. `cursor' is initialized to the beginning. + * Start iterating over all caches of specified type. See also + * krb5_cccol_cursor_new(). + + * @param context A Kerberos 5 context + * @param type optional type to iterate over, if NULL, the default cache is used. + * @param cursor cursor should be freed with krb5_cc_cache_end_seq_get(). * - * @return Return 0 or an error code. + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_get_first (krb5_context context, const char *type, krb5_cc_cache_cursor *cursor) @@ -911,20 +1035,23 @@ krb5_cc_cache_get_first (krb5_context context, ops = krb5_cc_get_prefix_ops(context, type); if (ops == NULL) { - krb5_set_error_string(context, "Unknown type \"%s\" when iterating " - "trying to iterate the credential caches", type); + krb5_set_error_message(context, KRB5_CC_UNKNOWN_TYPE, + "Unknown type \"%s\" when iterating " + "trying to iterate the credential caches", type); return KRB5_CC_UNKNOWN_TYPE; } if (ops->get_cache_first == NULL) { - krb5_set_error_string(context, "Credential cache type %s doesn't support " - "iterations over caches", ops->prefix); + krb5_set_error_message(context, KRB5_CC_NOSUPP, + N_("Credential cache type %s doesn't support " + "iterations over caches", "type"), + ops->prefix); return KRB5_CC_NOSUPP; } *cursor = calloc(1, sizeof(**cursor)); if (*cursor == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } @@ -942,13 +1069,18 @@ krb5_cc_cache_get_first (krb5_context context, * Retrieve the next cache pointed to by (`cursor') in `id' * and advance `cursor'. * - * @return Return 0 or an error code. + * @param context A Kerberos 5 context + * @param cursor the iterator cursor, returned by krb5_cc_cache_get_first() + * @param id next ccache + * + * @return Return 0 or an error code. Returns KRB5_CC_END when the end + * of caches is reached, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_next (krb5_context context, krb5_cc_cache_cursor cursor, krb5_ccache *id) @@ -959,13 +1091,13 @@ krb5_cc_cache_next (krb5_context context, /** * Destroy the cursor `cursor'. * - * @return Return 0 or an error code. + * @return Return an error code or 0, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_end_seq_get (krb5_context context, krb5_cc_cache_cursor cursor) { @@ -977,10 +1109,13 @@ krb5_cc_cache_end_seq_get (krb5_context context, } /** - * Search for a matching credential cache of type `type' that have the - * `principal' as the default principal. If NULL is used for `type', - * the default type is used. On success, `id' needs to be freed with - * krb5_cc_close or krb5_cc_destroy. + * Search for a matching credential cache that have the + * `principal' as the default principal. On success, `id' needs to be + * freed with krb5_cc_close() or krb5_cc_destroy(). + * + * @param context A Kerberos 5 context + * @param client The principal to search for + * @param id the returned credential cache * * @return On failure, error code is returned and `id' is set to NULL. * @@ -988,29 +1123,28 @@ krb5_cc_cache_end_seq_get (krb5_context context, */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_match (krb5_context context, krb5_principal client, - const char *type, krb5_ccache *id) { - krb5_cc_cache_cursor cursor; + krb5_cccol_cursor cursor; krb5_error_code ret; krb5_ccache cache = NULL; *id = NULL; - ret = krb5_cc_cache_get_first (context, type, &cursor); + ret = krb5_cccol_cursor_new (context, &cursor); if (ret) return ret; - while ((ret = krb5_cc_cache_next (context, cursor, &cache)) == 0) { + while (krb5_cccol_cursor_next (context, cursor, &cache) == 0 && cache != NULL) { krb5_principal principal; ret = krb5_cc_get_principal(context, cache, &principal); if (ret == 0) { krb5_boolean match; - + match = krb5_principal_compare(context, principal, client); krb5_free_principal(context, principal); if (match) @@ -1021,15 +1155,17 @@ krb5_cc_cache_match (krb5_context context, cache = NULL; } - krb5_cc_cache_end_seq_get(context, cursor); + krb5_cccol_cursor_free(context, &cursor); if (cache == NULL) { char *str; krb5_unparse_name(context, client, &str); - krb5_set_error_string(context, "Principal %s not found in a " - "credential cache", str ? str : ""); + krb5_set_error_message(context, KRB5_CC_NOTFOUND, + N_("Principal %s not found in any " + "credential cache", ""), + str ? str : ""); if (str) free(str); return KRB5_CC_NOTFOUND; @@ -1041,26 +1177,27 @@ krb5_cc_cache_match (krb5_context context, /** * Move the content from one credential cache to another. The - * operation is an atomic switch. + * operation is an atomic switch. * * @param context a Keberos context * @param from the credential cache to move the content from * @param to the credential cache to move the content to * @return On sucess, from is freed. On failure, error code is - * returned and from and to are both still allocated. + * returned and from and to are both still allocated, see krb5_get_error_message(). * * @ingroup krb5_ccache */ -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_move(krb5_context context, krb5_ccache from, krb5_ccache to) { krb5_error_code ret; if (strcmp(from->ops->prefix, to->ops->prefix) != 0) { - krb5_set_error_string(context, "Moving credentials between diffrent " - "types not yet supported"); + krb5_set_error_message(context, KRB5_CC_NOSUPP, + N_("Moving credentials between diffrent " + "types not yet supported", "")); return KRB5_CC_NOSUPP; } @@ -1071,3 +1208,520 @@ krb5_cc_move(krb5_context context, krb5_ccache from, krb5_ccache to) } return ret; } + +#define KRB5_CONF_NAME "krb5_ccache_conf_data" +#define KRB5_REALM_NAME "X-CACHECONF:" + +static krb5_error_code +build_conf_principals(krb5_context context, krb5_ccache id, + krb5_const_principal principal, + const char *name, krb5_creds *cred) +{ + krb5_principal client; + krb5_error_code ret; + char *pname = NULL; + + memset(cred, 0, sizeof(*cred)); + + ret = krb5_cc_get_principal(context, id, &client); + if (ret) + return ret; + + if (principal) { + ret = krb5_unparse_name(context, principal, &pname); + if (ret) + return ret; + } + + ret = krb5_make_principal(context, &cred->server, + KRB5_REALM_NAME, + KRB5_CONF_NAME, name, pname, NULL); + free(pname); + if (ret) { + krb5_free_principal(context, client); + return ret; + } + ret = krb5_copy_principal(context, client, &cred->client); + krb5_free_principal(context, client); + return ret; +} + +/** + * Return TRUE (non zero) if the principal is a configuration + * principal (generated part of krb5_cc_set_config()). Returns FALSE + * (zero) if not a configuration principal. + * + * @param context a Keberos context + * @param principal principal to check if it a configuration principal + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_is_config_principal(krb5_context context, + krb5_const_principal principal) +{ + if (strcmp(principal->realm, KRB5_REALM_NAME) != 0) + return FALSE; + + if (principal->name.name_string.len == 0 || + strcmp(principal->name.name_string.val[0], KRB5_CONF_NAME) != 0) + return FALSE; + + return TRUE; +} + +/** + * Store some configuration for the credential cache in the cache. + * Existing configuration under the same name is over-written. + * + * @param context a Keberos context + * @param id the credential cache to store the data for + * @param principal configuration for a specific principal, if + * NULL, global for the whole cache. + * @param name name under which the configuraion is stored. + * @param data data to store, if NULL, configure is removed. + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_set_config(krb5_context context, krb5_ccache id, + krb5_const_principal principal, + const char *name, krb5_data *data) +{ + krb5_error_code ret; + krb5_creds cred; + + ret = build_conf_principals(context, id, principal, name, &cred); + if (ret) + goto out; + + /* Remove old configuration */ + ret = krb5_cc_remove_cred(context, id, 0, &cred); + if (ret && ret != KRB5_CC_NOTFOUND) + goto out; + + if (data) { + /* not that anyone care when this expire */ + cred.times.authtime = time(NULL); + cred.times.endtime = cred.times.authtime + 3600 * 24 * 30; + + ret = krb5_data_copy(&cred.ticket, data->data, data->length); + if (ret) + goto out; + + ret = krb5_cc_store_cred(context, id, &cred); + } + +out: + krb5_free_cred_contents (context, &cred); + return ret; +} + +/** + * Get some configuration for the credential cache in the cache. + * + * @param context a Keberos context + * @param id the credential cache to store the data for + * @param principal configuration for a specific principal, if + * NULL, global for the whole cache. + * @param name name under which the configuraion is stored. + * @param data data to fetched, free with krb5_data_free() + * + * @ingroup krb5_ccache + */ + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_get_config(krb5_context context, krb5_ccache id, + krb5_const_principal principal, + const char *name, krb5_data *data) +{ + krb5_creds mcred, cred; + krb5_error_code ret; + + memset(&cred, 0, sizeof(cred)); + krb5_data_zero(data); + + ret = build_conf_principals(context, id, principal, name, &mcred); + if (ret) + goto out; + + ret = krb5_cc_retrieve_cred(context, id, 0, &mcred, &cred); + if (ret) + goto out; + + ret = krb5_data_copy(data, cred.ticket.data, cred.ticket.length); + +out: + krb5_free_cred_contents (context, &cred); + krb5_free_cred_contents (context, &mcred); + return ret; +} + +/* + * + */ + +struct krb5_cccol_cursor_data { + int idx; + krb5_cc_cache_cursor cursor; +}; + +/** + * Get a new cache interation cursor that will interate over all + * credentials caches independent of type. + * + * @param context a Keberos context + * @param cursor passed into krb5_cccol_cursor_next() and free with krb5_cccol_cursor_free(). + * + * @return Returns 0 or and error code, see krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cccol_cursor_new(krb5_context context, krb5_cccol_cursor *cursor) +{ + *cursor = calloc(1, sizeof(**cursor)); + if (*cursor == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + (*cursor)->idx = 0; + (*cursor)->cursor = NULL; + + return 0; +} + +/** + * Get next credential cache from the iteration. + * + * @param context A Kerberos 5 context + * @param cursor the iteration cursor + * @param cache the returned cursor, pointer is set to NULL on failure + * and a cache on success. The returned cache needs to be freed + * with krb5_cc_close() or destroyed with krb5_cc_destroy(). + * MIT Kerberos behavies slightly diffrent and sets cache to NULL + * when all caches are iterated over and return 0. + * + * @return Return 0 or and error, KRB5_CC_END is returned at the end + * of iteration. See krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cccol_cursor_next(krb5_context context, krb5_cccol_cursor cursor, + krb5_ccache *cache) +{ + krb5_error_code ret; + + *cache = NULL; + + while (cursor->idx < context->num_cc_ops) { + + if (cursor->cursor == NULL) { + ret = krb5_cc_cache_get_first (context, + context->cc_ops[cursor->idx]->prefix, + &cursor->cursor); + if (ret) { + cursor->idx++; + continue; + } + } + ret = krb5_cc_cache_next(context, cursor->cursor, cache); + if (ret == 0) + break; + + krb5_cc_cache_end_seq_get(context, cursor->cursor); + cursor->cursor = NULL; + if (ret != KRB5_CC_END) + break; + + cursor->idx++; + } + if (cursor->idx >= context->num_cc_ops) { + krb5_set_error_message(context, KRB5_CC_END, + N_("Reached end of credential caches", "")); + return KRB5_CC_END; + } + + return 0; +} + +/** + * End an iteration and free all resources, can be done before end is reached. + * + * @param context A Kerberos 5 context + * @param cursor the iteration cursor to be freed. + * + * @return Return 0 or and error, KRB5_CC_END is returned at the end + * of iteration. See krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cccol_cursor_free(krb5_context context, krb5_cccol_cursor *cursor) +{ + krb5_cccol_cursor c = *cursor; + + *cursor = NULL; + if (c) { + if (c->cursor) + krb5_cc_cache_end_seq_get(context, c->cursor); + free(c); + } + return 0; +} + +/** + * Return the last time the credential cache was modified. + * + * @param context A Kerberos 5 context + * @param id The credential cache to probe + * @param mtime the last modification time, set to 0 on error. + + * @return Return 0 or and error. See krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_last_change_time(krb5_context context, + krb5_ccache id, + krb5_timestamp *mtime) +{ + *mtime = 0; + return (*id->ops->lastchange)(context, id, mtime); +} + +/** + * Return the last modfication time for a cache collection. The query + * can be limited to a specific cache type. If the function return 0 + * and mtime is 0, there was no credentials in the caches. + * + * @param context A Kerberos 5 context + * @param type The credential cache to probe, if NULL, all type are traversed. + * @param mtime the last modification time, set to 0 on error. + + * @return Return 0 or and error. See krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cccol_last_change_time(krb5_context context, + const char *type, + krb5_timestamp *mtime) +{ + krb5_cccol_cursor cursor; + krb5_error_code ret; + krb5_ccache id; + krb5_timestamp t = 0; + + *mtime = 0; + + ret = krb5_cccol_cursor_new (context, &cursor); + if (ret) + return ret; + + while (krb5_cccol_cursor_next(context, cursor, &id) == 0 && id != NULL) { + + if (type && strcmp(krb5_cc_get_type(context, id), type) != 0) + continue; + + ret = krb5_cc_last_change_time(context, id, &t); + krb5_cc_close(context, id); + if (ret) + continue; + if (t > *mtime) + *mtime = t; + } + + krb5_cccol_cursor_free(context, &cursor); + + return 0; +} +/** + * Return a friendly name on credential cache. Free the result with krb5_xfree(). + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_get_friendly_name(krb5_context context, + krb5_ccache id, + char **name) +{ + krb5_error_code ret; + krb5_data data; + + ret = krb5_cc_get_config(context, id, NULL, "FriendlyName", &data); + if (ret) { + krb5_principal principal; + ret = krb5_cc_get_principal(context, id, &principal); + if (ret) + return ret; + ret = krb5_unparse_name(context, principal, name); + krb5_free_principal(context, principal); + } else { + ret = asprintf(name, "%.*s", (int)data.length, (char *)data.data); + krb5_data_free(&data); + if (ret <= 0) { + ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + } else + ret = 0; + } + + return ret; +} + +/** + * Set the friendly name on credential cache. + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_set_friendly_name(krb5_context context, + krb5_ccache id, + const char *name) +{ + krb5_data data; + + data.data = rk_UNCONST(name); + data.length = strlen(name); + + return krb5_cc_set_config(context, id, NULL, "FriendlyName", &data); +} + +/** + * Get the lifetime of the initial ticket in the cache + * + * Get the lifetime of the initial ticket in the cache, if the initial + * ticket was not found, the error code KRB5_CC_END is returned. + * + * @param context A Kerberos 5 context. + * @param id a credential cache + * @param t the relative lifetime of the initial ticket + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_get_lifetime(krb5_context context, krb5_ccache id, time_t *t) +{ + krb5_cc_cursor cursor; + krb5_error_code ret; + krb5_creds cred; + time_t now; + + *t = 0; + now = time(NULL); + + ret = krb5_cc_start_seq_get(context, id, &cursor); + if (ret) + return ret; + + while ((ret = krb5_cc_next_cred(context, id, &cursor, &cred)) == 0) { + if (cred.flags.b.initial) { + if (now < cred.times.endtime) + *t = cred.times.endtime - now; + krb5_free_cred_contents(context, &cred); + break; + } + krb5_free_cred_contents(context, &cred); + } + + krb5_cc_end_seq_get(context, id, &cursor); + + return ret; +} + +/** + * Set the time offset betwen the client and the KDC + * + * If the backend doesn't support KDC offset, use the context global setting. + * + * @param context A Kerberos 5 context. + * @param id a credential cache + * @param offset the offset in seconds + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_set_kdc_offset(krb5_context context, krb5_ccache id, krb5_deltat offset) +{ + if (id->ops->set_kdc_offset == NULL) { + context->kdc_sec_offset = offset; + context->kdc_usec_offset = 0; + return 0; + } + return (*id->ops->set_kdc_offset)(context, id, offset); +} + +/** + * Get the time offset betwen the client and the KDC + * + * If the backend doesn't support KDC offset, use the context global setting. + * + * @param context A Kerberos 5 context. + * @param id a credential cache + * @param offset the offset in seconds + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_get_kdc_offset(krb5_context context, krb5_ccache id, krb5_deltat *offset) +{ + if (id->ops->get_kdc_offset == NULL) { + *offset = context->kdc_sec_offset; + return 0; + } + return (*id->ops->get_kdc_offset)(context, id, offset); +} + + +#ifdef _WIN32 + +char * +_krb5_get_default_cc_name_from_registry() +{ + HKEY hk_k5 = 0; + LONG code; + char * ccname = NULL; + + code = RegOpenKeyEx(HKEY_CURRENT_USER, + "Software\\MIT\\Kerberos5", + 0, KEY_READ, &hk_k5); + + if (code != ERROR_SUCCESS) + return NULL; + + ccname = _krb5_parse_reg_value_as_string(NULL, hk_k5, "ccname", + REG_NONE, 0); + + RegCloseKey(hk_k5); + + return ccname; +} + +#endif diff --git a/lib/krb5/ccache_plugin.h b/lib/krb5/ccache_plugin.h new file mode 100644 index 000000000000..f6871d65d16b --- /dev/null +++ b/lib/krb5/ccache_plugin.h @@ -0,0 +1,39 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#ifndef HEIMDAL_KRB5_CCACHE_PLUGIN_H +#define HEIMDAL_KRB5_CCACHE_PLUGIN_H 1 + +#include + +#define KRB5_PLUGIN_CCACHE "ccache_ops" + +#endif /* HEIMDAL_KRB5_CCACHE_PLUGIN_H */ diff --git a/lib/krb5/changepw.c b/lib/krb5/changepw.c index 703cf43eb6fb..1e7cd0d464f0 100644 --- a/lib/krb5/changepw.c +++ b/lib/krb5/changepw.c @@ -1,39 +1,41 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" + +#undef __attribute__ +#define __attribute__(X) -RCSID("$Id: changepw.c 21505 2007-07-12 12:28:38Z lha $"); static void str2data (krb5_data *d, @@ -57,7 +59,7 @@ str2data (krb5_data *d, /* * Change password protocol defined by * draft-ietf-cat-kerb-chg-password-02.txt - * + * * Share the response part of the protocol with MS set password * (RFC3244) */ @@ -68,7 +70,7 @@ chgpw_send_request (krb5_context context, krb5_creds *creds, krb5_principal targprinc, int is_stream, - int sock, + rk_socket_t sock, const char *passwd, const char *host) { @@ -78,7 +80,6 @@ chgpw_send_request (krb5_context context, krb5_data passwd_data; size_t len; u_char header[6]; - u_char *p; struct iovec iov[3]; struct msghdr msghdr; @@ -114,13 +115,12 @@ chgpw_send_request (krb5_context context, goto out2; len = 6 + ap_req_data.length + krb_priv_data.length; - p = header; - *p++ = (len >> 8) & 0xFF; - *p++ = (len >> 0) & 0xFF; - *p++ = 0; - *p++ = 1; - *p++ = (ap_req_data.length >> 8) & 0xFF; - *p++ = (ap_req_data.length >> 0) & 0xFF; + header[0] = (len >> 8) & 0xFF; + header[1] = (len >> 0) & 0xFF; + header[2] = 0; + header[3] = 1; + header[4] = (ap_req_data.length >> 8) & 0xFF; + header[5] = (ap_req_data.length >> 0) & 0xFF; memset(&msghdr, 0, sizeof(msghdr)); msghdr.msg_name = NULL; @@ -139,9 +139,10 @@ chgpw_send_request (krb5_context context, iov[2].iov_base = krb_priv_data.data; iov[2].iov_len = krb_priv_data.length; - if (sendmsg (sock, &msghdr, 0) < 0) { - ret = errno; - krb5_set_error_string(context, "sendmsg %s: %s", host, strerror(ret)); + if (rk_IS_SOCKET_ERROR( sendmsg (sock, &msghdr, 0) )) { + ret = rk_SOCK_ERRNO; + krb5_set_error_message(context, ret, "sendmsg %s: %s", + host, strerror(ret)); } krb5_data_free (&krb_priv_data); @@ -161,7 +162,7 @@ setpw_send_request (krb5_context context, krb5_creds *creds, krb5_principal targprinc, int is_stream, - int sock, + rk_socket_t sock, const char *passwd, const char *host) { @@ -170,7 +171,7 @@ setpw_send_request (krb5_context context, krb5_data krb_priv_data; krb5_data pwd_data; ChangePasswdDataMS chpw; - size_t len; + size_t len = 0; u_char header[4 + 6]; u_char *p; struct iovec iov[3]; @@ -196,7 +197,7 @@ setpw_send_request (krb5_context context, chpw.targname = NULL; chpw.targrealm = NULL; } - + ASN1_MALLOC_ENCODE(ChangePasswdDataMS, pwd_data.data, pwd_data.length, &chpw, &len, ret); if (ret) { @@ -226,7 +227,7 @@ setpw_send_request (krb5_context context, *p++ = 0xff; *p++ = 0x80; *p++ = (ap_req_data.length >> 8) & 0xFF; - *p++ = (ap_req_data.length >> 0) & 0xFF; + *p = (ap_req_data.length >> 0) & 0xFF; memset(&msghdr, 0, sizeof(msghdr)); msghdr.msg_name = NULL; @@ -248,9 +249,10 @@ setpw_send_request (krb5_context context, iov[2].iov_base = krb_priv_data.data; iov[2].iov_len = krb_priv_data.length; - if (sendmsg (sock, &msghdr, 0) < 0) { - ret = errno; - krb5_set_error_string(context, "sendmsg %s: %s", host, strerror(ret)); + if (rk_IS_SOCKET_ERROR( sendmsg (sock, &msghdr, 0) )) { + ret = rk_SOCK_ERRNO; + krb5_set_error_message(context, ret, "sendmsg %s: %s", + host, strerror(ret)); } krb5_data_free (&krb_priv_data); @@ -264,7 +266,7 @@ static krb5_error_code process_reply (krb5_context context, krb5_auth_context auth_context, int is_stream, - int sock, + rk_socket_t sock, int *result_code, krb5_data *result_code_string, krb5_data *result_string, @@ -272,7 +274,7 @@ process_reply (krb5_context context, { krb5_error_code ret; u_char reply[1024 * 3]; - ssize_t len; + size_t len; uint16_t pkt_len, pkt_ver; krb5_data ap_rep_data; int save_errno; @@ -282,15 +284,16 @@ process_reply (krb5_context context, while (len < sizeof(reply)) { unsigned long size; - ret = recvfrom (sock, reply + len, sizeof(reply) - len, + ret = recvfrom (sock, reply + len, sizeof(reply) - len, 0, NULL, NULL); - if (ret < 0) { - save_errno = errno; - krb5_set_error_string(context, "recvfrom %s: %s", - host, strerror(save_errno)); + if (rk_IS_SOCKET_ERROR(ret)) { + save_errno = rk_SOCK_ERRNO; + krb5_set_error_message(context, save_errno, + "recvfrom %s: %s", + host, strerror(save_errno)); return save_errno; } else if (ret == 0) { - krb5_set_error_string(context, "recvfrom timeout %s", host); + krb5_set_error_message(context, 1,"recvfrom timeout %s", host); return 1; } len += ret; @@ -299,21 +302,23 @@ process_reply (krb5_context context, _krb5_get_int(reply, &size, 4); if (size + 4 < len) continue; - memmove(reply, reply + 4, size); + memmove(reply, reply + 4, size); len = size; break; } if (len == sizeof(reply)) { - krb5_set_error_string(context, "message too large from %s", - host); + krb5_set_error_message(context, ENOMEM, + N_("Message too large from %s", "host"), + host); return ENOMEM; } } else { ret = recvfrom (sock, reply, sizeof(reply), 0, NULL, NULL); - if (ret < 0) { - save_errno = errno; - krb5_set_error_string(context, "recvfrom %s: %s", - host, strerror(save_errno)); + if (rk_IS_SOCKET_ERROR(ret)) { + save_errno = rk_SOCK_ERRNO; + krb5_set_error_message(context, save_errno, + "recvfrom %s: %s", + host, strerror(save_errno)); return save_errno; } len = ret; @@ -321,7 +326,7 @@ process_reply (krb5_context context, if (len < 6) { str2data (result_string, "server %s sent to too short message " - "(%ld bytes)", host, (long)len); + "(%zu bytes)", host, len); *result_code = KRB5_KPASSWD_MALFORMED; return 0; } @@ -352,7 +357,7 @@ process_reply (krb5_context context, *result_code = (p[0] << 8) | p[1]; if (error.e_data->length == 2) str2data(result_string, "server only sent error code"); - else + else krb5_data_copy (result_string, p + 2, error.e_data->length - 2); @@ -374,7 +379,7 @@ process_reply (krb5_context context, ap_rep_data.data = reply + 6; ap_rep_data.length = (reply[4] << 8) | (reply[5]); - + if (reply + len < (u_char *)ap_rep_data.data + ap_rep_data.length) { str2data (result_string, "client: wrong AP len in reply"); *result_code = KRB5_KPASSWD_MALFORMED; @@ -416,7 +421,7 @@ process_reply (krb5_context context, } p = result_code_string->data; - + *result_code = (p[0] << 8) | p[1]; krb5_data_copy (result_string, (unsigned char*)result_code_string->data + 2, @@ -426,7 +431,7 @@ process_reply (krb5_context context, KRB_ERROR error; size_t size; u_char *p; - + ret = decode_KRB_ERROR(reply + 6, len - 6, &error, &size); if (ret) { return ret; @@ -457,13 +462,13 @@ typedef krb5_error_code (*kpwd_send_request) (krb5_context, krb5_creds *, krb5_principal, int, - int, + rk_socket_t, const char *, const char *); typedef krb5_error_code (*kpwd_process_reply) (krb5_context, krb5_auth_context, int, - int, + rk_socket_t, int *, krb5_data *, krb5_data *, @@ -478,9 +483,9 @@ static struct kpwd_proc { kpwd_process_reply process_rep; } procs[] = { { - "MS set password", + "MS set password", SUPPORT_TCP|SUPPORT_UDP, - setpw_send_request, + setpw_send_request, process_reply }, { @@ -489,20 +494,9 @@ static struct kpwd_proc { chgpw_send_request, process_reply }, - { NULL } + { NULL, 0, NULL, NULL } }; -static struct kpwd_proc * -find_chpw_proto(const char *name) -{ - struct kpwd_proc *p; - for (p = procs; p->name != NULL; p++) { - if (strcmp(p->name, name) == 0) - return p; - } - return NULL; -} - /* * */ @@ -521,8 +515,8 @@ change_password_loop (krb5_context context, krb5_auth_context auth_context = NULL; krb5_krbhst_handle handle = NULL; krb5_krbhst_info *hi; - int sock; - int i; + rk_socket_t sock; + unsigned int i; int done = 0; krb5_realm realm; @@ -568,20 +562,21 @@ change_password_loop (krb5_context context, for (a = ai; !done && a != NULL; a = a->ai_next) { int replied = 0; - sock = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (sock < 0) + sock = socket (a->ai_family, a->ai_socktype | SOCK_CLOEXEC, a->ai_protocol); + if (rk_IS_BAD_SOCKET(sock)) continue; + rk_cloexec(sock); ret = connect(sock, a->ai_addr, a->ai_addrlen); - if (ret < 0) { - close (sock); + if (rk_IS_SOCKET_ERROR(ret)) { + rk_closesocket (sock); goto out; } ret = krb5_auth_con_genaddrs (context, auth_context, sock, KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR); if (ret) { - close (sock); + rk_closesocket (sock); goto out; } @@ -591,7 +586,7 @@ change_password_loop (krb5_context context, if (!replied) { replied = 0; - + ret = (*proc->send_req) (context, &auth_context, creds, @@ -601,17 +596,20 @@ change_password_loop (krb5_context context, newpw, hi->hostname); if (ret) { - close(sock); + rk_closesocket(sock); goto out; } } - + +#ifndef NO_LIMIT_FD_SETSIZE if (sock >= FD_SETSIZE) { - krb5_set_error_string(context, "fd %d too large", sock); ret = ERANGE; - close (sock); + krb5_set_error_message(context, ret, + "fd %d too large", sock); + rk_closesocket (sock); goto out; } +#endif FD_ZERO(&fdset); FD_SET(sock, &fdset); @@ -619,8 +617,8 @@ change_password_loop (krb5_context context, tv.tv_sec = 1 + (1 << i); ret = select (sock + 1, &fdset, NULL, NULL, &tv); - if (ret < 0 && errno != EINTR) { - close(sock); + if (rk_IS_SOCKET_ERROR(ret) && rk_SOCK_ERRNO != EINTR) { + rk_closesocket(sock); goto out; } if (ret == 1) { @@ -640,40 +638,60 @@ change_password_loop (krb5_context context, ret = KRB5_KDC_UNREACH; } } - close (sock); + rk_closesocket (sock); } } out: krb5_krbhst_free (context, handle); krb5_auth_con_free (context, auth_context); - if (done) - return 0; - else { - if (ret == KRB5_KDC_UNREACH) { - krb5_set_error_string(context, - "unable to reach any changepw server " - " in realm %s", realm); - *result_code = KRB5_KPASSWD_HARDERROR; - } - return ret; + + if (ret == KRB5_KDC_UNREACH) { + krb5_set_error_message(context, + ret, + N_("Unable to reach any changepw server " + " in realm %s", "realm"), realm); + *result_code = KRB5_KPASSWD_HARDERROR; } + return ret; } +#ifndef HEIMDAL_SMALLER -/* - * change the password using the credentials in `creds' (for the - * principal indicated in them) to `newpw', storing the result of - * the operation in `result_*' and an error code or 0. +static struct kpwd_proc * +find_chpw_proto(const char *name) +{ + struct kpwd_proc *p; + for (p = procs; p->name != NULL; p++) { + if (strcmp(p->name, name) == 0) + return p; + } + return NULL; +} + +/** + * Deprecated: krb5_change_password() is deprecated, use krb5_set_password(). + * + * @param context a Keberos context + * @param creds + * @param newpw + * @param result_code + * @param result_code_string + * @param result_string + * + * @return On sucess password is changed. + + * @ingroup @krb5_deprecated */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_change_password (krb5_context context, krb5_creds *creds, const char *newpw, int *result_code, krb5_data *result_code_string, krb5_data *result_string) + KRB5_DEPRECATED_FUNCTION("Use X instead") { struct kpwd_proc *p = find_chpw_proto("change password"); @@ -684,16 +702,31 @@ krb5_change_password (krb5_context context, if (p == NULL) return KRB5_KPASSWD_MALFORMED; - return change_password_loop(context, creds, NULL, newpw, - result_code, result_code_string, + return change_password_loop(context, creds, NULL, newpw, + result_code, result_code_string, result_string, p); } +#endif /* HEIMDAL_SMALLER */ -/* +/** + * Change password using creds. * + * @param context a Keberos context + * @param creds The initial kadmin/passwd for the principal or an admin principal + * @param newpw The new password to set + * @param targprinc if unset, the default principal is used. + * @param result_code Result code, KRB5_KPASSWD_SUCCESS is when password is changed. + * @param result_code_string binary message from the server, contains + * at least the result_code. + * @param result_string A message from the kpasswd service or the + * library in human printable form. The string is NUL terminated. + * + * @return On sucess and *result_code is KRB5_KPASSWD_SUCCESS, the password is changed. + + * @ingroup @krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_password(krb5_context context, krb5_creds *creds, const char *newpw, @@ -707,8 +740,8 @@ krb5_set_password(krb5_context context, int i; *result_code = KRB5_KPASSWD_MALFORMED; - result_code_string->data = result_string->data = NULL; - result_code_string->length = result_string->length = 0; + krb5_data_zero(result_code_string); + krb5_data_zero(result_string); if (targprinc == NULL) { ret = krb5_get_default_principal(context, &principal); @@ -719,9 +752,9 @@ krb5_set_password(krb5_context context, for (i = 0; procs[i].name != NULL; i++) { *result_code = 0; - ret = change_password_loop(context, creds, principal, newpw, - result_code, result_code_string, - result_string, + ret = change_password_loop(context, creds, principal, newpw, + result_code, result_code_string, + result_string, &procs[i]); if (ret == 0 && *result_code == 0) break; @@ -736,7 +769,7 @@ krb5_set_password(krb5_context context, * */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_password_using_ccache(krb5_context context, krb5_ccache ccache, const char *newpw, @@ -762,7 +795,7 @@ krb5_set_password_using_ccache(krb5_context context, } else principal = targprinc; - ret = krb5_make_principal(context, &creds.server, + ret = krb5_make_principal(context, &creds.server, krb5_principal_get_realm(context, principal), "kadmin", "changepw", NULL); if (ret) @@ -788,7 +821,7 @@ krb5_set_password_using_ccache(krb5_context context, result_code_string, result_string); - krb5_free_creds(context, credsp); + krb5_free_creds(context, credsp); return ret; out: @@ -801,7 +834,7 @@ krb5_set_password_using_ccache(krb5_context context, * */ -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_passwd_result_to_string (krb5_context context, int result) { diff --git a/lib/krb5/codec.c b/lib/krb5/codec.c index 0d36b4b44268..5e754c60cba7 100644 --- a/lib/krb5/codec.c +++ b/lib/krb5/codec.c @@ -1,196 +1,214 @@ /* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: codec.c 13863 2004-05-25 21:46:46Z lha $"); +#ifndef HEIMDAL_SMALLER -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_EncTicketPart (krb5_context context, const void *data, size_t length, EncTicketPart *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return decode_EncTicketPart(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_EncTicketPart (krb5_context context, void *data, size_t length, EncTicketPart *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return encode_EncTicketPart(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_EncASRepPart (krb5_context context, const void *data, size_t length, EncASRepPart *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return decode_EncASRepPart(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_EncASRepPart (krb5_context context, void *data, size_t length, EncASRepPart *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return encode_EncASRepPart(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_EncTGSRepPart (krb5_context context, const void *data, size_t length, EncTGSRepPart *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return decode_EncTGSRepPart(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_EncTGSRepPart (krb5_context context, void *data, size_t length, EncTGSRepPart *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return encode_EncTGSRepPart(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_EncAPRepPart (krb5_context context, const void *data, size_t length, EncAPRepPart *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return decode_EncAPRepPart(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_EncAPRepPart (krb5_context context, void *data, size_t length, EncAPRepPart *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return encode_EncAPRepPart(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_Authenticator (krb5_context context, const void *data, size_t length, Authenticator *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return decode_Authenticator(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_Authenticator (krb5_context context, void *data, size_t length, Authenticator *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return encode_Authenticator(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_EncKrbCredPart (krb5_context context, const void *data, size_t length, EncKrbCredPart *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return decode_EncKrbCredPart(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_EncKrbCredPart (krb5_context context, void *data, size_t length, EncKrbCredPart *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return encode_EncKrbCredPart (data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_ETYPE_INFO (krb5_context context, const void *data, size_t length, ETYPE_INFO *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return decode_ETYPE_INFO(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_ETYPE_INFO (krb5_context context, void *data, size_t length, ETYPE_INFO *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return encode_ETYPE_INFO (data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_ETYPE_INFO2 (krb5_context context, const void *data, size_t length, ETYPE_INFO2 *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return decode_ETYPE_INFO2(data, length, t, len); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_ETYPE_INFO2 (krb5_context context, void *data, size_t length, ETYPE_INFO2 *t, size_t *len) + KRB5_DEPRECATED_FUNCTION("Use X instead") { return encode_ETYPE_INFO2 (data, length, t, len); } + +#endif /* HEIMDAL_SMALLER */ diff --git a/lib/krb5/config_file.c b/lib/krb5/config_file.c index ac5eba39dcff..4ac25ae28703 100644 --- a/lib/krb5/config_file.c +++ b/lib/krb5/config_file.c @@ -1,40 +1,43 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: config_file.c 19213 2006-12-04 23:36:36Z lha $"); -#ifndef HAVE_NETINFO +#ifdef __APPLE__ +#include +#endif /* Gaah! I want a portable funopen */ struct fileptr { @@ -58,7 +61,7 @@ config_fgets(char *str, size_t len, struct fileptr *ptr) p = ptr->s + strcspn(ptr->s, "\n"); if(*p == '\n') p++; - l = min(len, p - ptr->s); + l = min(len, (size_t)(p - ptr->s)); if(len > 0) { memcpy(str, ptr->s, l); str[l] = '\0'; @@ -70,23 +73,23 @@ config_fgets(char *str, size_t len, struct fileptr *ptr) static krb5_error_code parse_section(char *p, krb5_config_section **s, krb5_config_section **res, - const char **error_message); + const char **err_message); static krb5_error_code parse_binding(struct fileptr *f, unsigned *lineno, char *p, krb5_config_binding **b, krb5_config_binding **parent, - const char **error_message); + const char **err_message); static krb5_error_code parse_list(struct fileptr *f, unsigned *lineno, krb5_config_binding **parent, - const char **error_message); + const char **err_message); -static krb5_config_section * -get_entry(krb5_config_section **parent, const char *name, int type) +krb5_config_section * +_krb5_config_get_entry(krb5_config_section **parent, const char *name, int type) { krb5_config_section **q; for(q = parent; *q != NULL; q = &(*q)->next) - if(type == krb5_config_list && - type == (*q)->type && + if(type == krb5_config_list && + (unsigned)type == (*q)->type && strcmp(name, (*q)->name) == 0) return *q; *q = calloc(1, sizeof(**q)); @@ -111,28 +114,28 @@ get_entry(krb5_config_section **parent, const char *name, int type) * a * } * ... - * + * * starting at the line in `p', storing the resulting structure in * `s' and hooking it into `parent'. - * Store the error message in `error_message'. + * Store the error message in `err_message'. */ static krb5_error_code parse_section(char *p, krb5_config_section **s, krb5_config_section **parent, - const char **error_message) + const char **err_message) { char *p1; krb5_config_section *tmp; p1 = strchr (p + 1, ']'); if (p1 == NULL) { - *error_message = "missing ]"; + *err_message = "missing ]"; return KRB5_CONFIG_BADFORMAT; } *p1 = '\0'; - tmp = get_entry(parent, p + 1, krb5_config_list); + tmp = _krb5_config_get_entry(parent, p + 1, krb5_config_list); if(tmp == NULL) { - *error_message = "out of memory"; + *err_message = "out of memory"; return KRB5_CONFIG_BADFORMAT; } *s = tmp; @@ -142,14 +145,14 @@ parse_section(char *p, krb5_config_section **s, krb5_config_section **parent, /* * Parse a brace-enclosed list from `f', hooking in the structure at * `parent'. - * Store the error message in `error_message'. + * Store the error message in `err_message'. */ static krb5_error_code parse_list(struct fileptr *f, unsigned *lineno, krb5_config_binding **parent, - const char **error_message) + const char **err_message) { - char buf[BUFSIZ]; + char buf[KRB5_BUFSIZ]; krb5_error_code ret; krb5_config_binding *b = NULL; unsigned beg_lineno = *lineno; @@ -170,12 +173,12 @@ parse_list(struct fileptr *f, unsigned *lineno, krb5_config_binding **parent, return 0; if (*p == '\0') continue; - ret = parse_binding (f, lineno, p, &b, parent, error_message); + ret = parse_binding (f, lineno, p, &b, parent, err_message); if (ret) return ret; } *lineno = beg_lineno; - *error_message = "unclosed {"; + *err_message = "unclosed {"; return KRB5_CONFIG_BADFORMAT; } @@ -186,7 +189,7 @@ parse_list(struct fileptr *f, unsigned *lineno, krb5_config_binding **parent, static krb5_error_code parse_binding(struct fileptr *f, unsigned *lineno, char *p, krb5_config_binding **b, krb5_config_binding **parent, - const char **error_message) + const char **err_message) { krb5_config_binding *tmp; char *p1, *p2; @@ -196,14 +199,14 @@ parse_binding(struct fileptr *f, unsigned *lineno, char *p, while (*p && *p != '=' && !isspace((unsigned char)*p)) ++p; if (*p == '\0') { - *error_message = "missing ="; + *err_message = "missing ="; return KRB5_CONFIG_BADFORMAT; } p2 = p; while (isspace((unsigned char)*p)) ++p; if (*p != '=') { - *error_message = "missing ="; + *err_message = "missing ="; return KRB5_CONFIG_BADFORMAT; } ++p; @@ -211,16 +214,16 @@ parse_binding(struct fileptr *f, unsigned *lineno, char *p, ++p; *p2 = '\0'; if (*p == '{') { - tmp = get_entry(parent, p1, krb5_config_list); + tmp = _krb5_config_get_entry(parent, p1, krb5_config_list); if (tmp == NULL) { - *error_message = "out of memory"; + *err_message = "out of memory"; return KRB5_CONFIG_BADFORMAT; } - ret = parse_list (f, lineno, &tmp->u.list, error_message); + ret = parse_list (f, lineno, &tmp->u.list, err_message); } else { - tmp = get_entry(parent, p1, krb5_config_string); + tmp = _krb5_config_get_entry(parent, p1, krb5_config_string); if (tmp == NULL) { - *error_message = "out of memory"; + *err_message = "out of memory"; return KRB5_CONFIG_BADFORMAT; } p1 = p; @@ -234,20 +237,120 @@ parse_binding(struct fileptr *f, unsigned *lineno, char *p, return ret; } +#if defined(__APPLE__) + +#if MAC_OS_X_VERSION_MIN_REQUIRED >= 1060 +#define HAVE_CFPROPERTYLISTCREATEWITHSTREAM 1 +#endif + +static char * +cfstring2cstring(CFStringRef string) +{ + CFIndex len; + char *str; + + str = (char *) CFStringGetCStringPtr(string, kCFStringEncodingUTF8); + if (str) + return strdup(str); + + len = CFStringGetLength(string); + len = 1 + CFStringGetMaximumSizeForEncoding(len, kCFStringEncodingUTF8); + str = malloc(len); + if (str == NULL) + return NULL; + + if (!CFStringGetCString (string, str, len, kCFStringEncodingUTF8)) { + free (str); + return NULL; + } + return str; +} + +static void +convert_content(const void *key, const void *value, void *context) +{ + krb5_config_section *tmp, **parent = context; + char *k; + + if (CFGetTypeID(key) != CFStringGetTypeID()) + return; + + k = cfstring2cstring(key); + if (k == NULL) + return; + + if (CFGetTypeID(value) == CFStringGetTypeID()) { + tmp = _krb5_config_get_entry(parent, k, krb5_config_string); + tmp->u.string = cfstring2cstring(value); + } else if (CFGetTypeID(value) == CFDictionaryGetTypeID()) { + tmp = _krb5_config_get_entry(parent, k, krb5_config_list); + CFDictionaryApplyFunction(value, convert_content, &tmp->u.list); + } else { + /* log */ + } + free(k); +} + +static krb5_error_code +parse_plist_config(krb5_context context, const char *path, krb5_config_section **parent) +{ + CFReadStreamRef s; + CFDictionaryRef d; + CFURLRef url; + + url = CFURLCreateFromFileSystemRepresentation(kCFAllocatorDefault, (UInt8 *)path, strlen(path), FALSE); + if (url == NULL) { + krb5_clear_error_message(context); + return ENOMEM; + } + + s = CFReadStreamCreateWithFile(kCFAllocatorDefault, url); + CFRelease(url); + if (s == NULL) { + krb5_clear_error_message(context); + return ENOMEM; + } + + if (!CFReadStreamOpen(s)) { + CFRelease(s); + krb5_clear_error_message(context); + return ENOENT; + } + +#ifdef HAVE_CFPROPERTYLISTCREATEWITHSTREAM + d = (CFDictionaryRef)CFPropertyListCreateWithStream(NULL, s, 0, kCFPropertyListImmutable, NULL, NULL); +#else + d = (CFDictionaryRef)CFPropertyListCreateFromStream(NULL, s, 0, kCFPropertyListImmutable, NULL, NULL); +#endif + CFRelease(s); + if (d == NULL) { + krb5_clear_error_message(context); + return ENOENT; + } + + CFDictionaryApplyFunction(d, convert_content, parent); + CFRelease(d); + + return 0; +} + +#endif + + /* * Parse the config file `fname', generating the structures into `res' - * returning error messages in `error_message' + * returning error messages in `err_message' */ static krb5_error_code krb5_config_parse_debug (struct fileptr *f, krb5_config_section **res, unsigned *lineno, - const char **error_message) + const char **err_message) { krb5_config_section *s = NULL; krb5_config_binding *b = NULL; - char buf[BUFSIZ]; + char buf[KRB5_BUFSIZ]; krb5_error_code ret; while (config_fgets(buf, sizeof(buf), f) != NULL) { @@ -261,19 +364,19 @@ krb5_config_parse_debug (struct fileptr *f, if (*p == '#' || *p == ';') continue; if (*p == '[') { - ret = parse_section(p, &s, res, error_message); - if (ret) + ret = parse_section(p, &s, res, err_message); + if (ret) return ret; b = NULL; } else if (*p == '}') { - *error_message = "unmatched }"; + *err_message = "unmatched }"; return EINVAL; /* XXX */ } else if(*p != '\0') { if (s == NULL) { - *error_message = "binding before section"; + *err_message = "binding before section"; return EINVAL; } - ret = parse_binding(f, lineno, p, &b, &s->u.list, error_message); + ret = parse_binding(f, lineno, p, &b, &s->u.list, err_message); if (ret) return ret; } @@ -281,53 +384,142 @@ krb5_config_parse_debug (struct fileptr *f, return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_config_parse_string_multi(krb5_context context, - const char *string, - krb5_config_section **res) +static int +is_plist_file(const char *fname) { - const char *str; - unsigned lineno = 0; - krb5_error_code ret; - struct fileptr f; - f.f = NULL; - f.s = string; - - ret = krb5_config_parse_debug (&f, res, &lineno, &str); - if (ret) { - krb5_set_error_string (context, "%s:%u: %s", "", lineno, str); - return ret; - } - return 0; + size_t len = strlen(fname); + char suffix[] = ".plist"; + if (len < sizeof(suffix)) + return 0; + if (strcasecmp(&fname[len - (sizeof(suffix) - 1)], suffix) != 0) + return 0; + return 1; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Parse a configuration file and add the result into res. This + * interface can be used to parse several configuration files into one + * resulting krb5_config_section by calling it repeatably. + * + * @param context a Kerberos 5 context. + * @param fname a file name to a Kerberos configuration file + * @param res the returned result, must be free with krb5_free_config_files(). + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_parse_file_multi (krb5_context context, const char *fname, krb5_config_section **res) { const char *str; + char *newfname = NULL; unsigned lineno = 0; krb5_error_code ret; struct fileptr f; - f.f = fopen(fname, "r"); - f.s = NULL; - if(f.f == NULL) { - ret = errno; - krb5_set_error_string (context, "open %s: %s", fname, strerror(ret)); - return ret; + + /** + * If the fname starts with "~/" parse configuration file in the + * current users home directory. The behavior can be disabled and + * enabled by calling krb5_set_home_dir_access(). + */ + if (fname[0] == '~' && fname[1] == '/') { +#ifndef KRB5_USE_PATH_TOKENS + const char *home = NULL; + + if (!_krb5_homedir_access(context)) { + krb5_set_error_message(context, EPERM, + "Access to home directory not allowed"); + return EPERM; + } + + if(!issuid()) + home = getenv("HOME"); + + if (home == NULL) { + struct passwd *pw = getpwuid(getuid()); + if(pw != NULL) + home = pw->pw_dir; + } + if (home) { + asprintf(&newfname, "%s%s", home, &fname[1]); + if (newfname == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + fname = newfname; + } +#else /* KRB5_USE_PATH_TOKENS */ + if (asprintf(&newfname, "%%{USERCONFIG}%s", &fname[1]) < 0 || + newfname == NULL) + { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + fname = newfname; +#endif } - ret = krb5_config_parse_debug (&f, res, &lineno, &str); - fclose(f.f); - if (ret) { - krb5_set_error_string (context, "%s:%u: %s", fname, lineno, str); - return ret; + if (is_plist_file(fname)) { +#ifdef __APPLE__ + ret = parse_plist_config(context, fname, res); + if (ret) { + krb5_set_error_message(context, ret, + "Failed to parse plist %s", fname); + if (newfname) + free(newfname); + return ret; + } +#else + krb5_set_error_message(context, ENOENT, + "no support for plist configuration files"); + return ENOENT; +#endif + } else { +#ifdef KRB5_USE_PATH_TOKENS + char * exp_fname = NULL; + + ret = _krb5_expand_path_tokens(context, fname, &exp_fname); + if (ret) { + if (newfname) + free(newfname); + return ret; + } + + if (newfname) + free(newfname); + fname = newfname = exp_fname; +#endif + + f.f = fopen(fname, "r"); + f.s = NULL; + if(f.f == NULL) { + ret = errno; + krb5_set_error_message (context, ret, "open %s: %s", + fname, strerror(ret)); + if (newfname) + free(newfname); + return ret; + } + + ret = krb5_config_parse_debug (&f, res, &lineno, &str); + fclose(f.f); + if (ret) { + krb5_set_error_message (context, ret, "%s:%u: %s", + fname, lineno, str); + if (newfname) + free(newfname); + return ret; + } } return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_parse_file (krb5_context context, const char *fname, krb5_config_section **res) @@ -336,8 +528,6 @@ krb5_config_parse_file (krb5_context context, return krb5_config_parse_file_multi(context, fname, res); } -#endif /* !HAVE_NETINFO */ - static void free_binding (krb5_context context, krb5_config_binding *b) { @@ -350,7 +540,7 @@ free_binding (krb5_context context, krb5_config_binding *b) else if (b->type == krb5_config_list) free_binding (context, b->u.list); else - krb5_abortx(context, "unknown binding type (%d) in free_binding", + krb5_abortx(context, "unknown binding type (%d) in free_binding", b->type); next_b = b->next; free (b); @@ -358,25 +548,76 @@ free_binding (krb5_context context, krb5_config_binding *b) } } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Free configuration file section, the result of + * krb5_config_parse_file() and krb5_config_parse_file_multi(). + * + * @param context A Kerberos 5 context + * @param s the configuration section to free + * + * @return returns 0 on successes, otherwise an error code, see + * krb5_get_error_message() + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_file_free (krb5_context context, krb5_config_section *s) { free_binding (context, s); return 0; } -const void * -krb5_config_get_next (krb5_context context, - const krb5_config_section *c, - const krb5_config_binding **pointer, - int type, - ...) +#ifndef HEIMDAL_SMALLER + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_config_copy(krb5_context context, + krb5_config_section *c, + krb5_config_section **head) +{ + krb5_config_binding *d, *previous = NULL; + + *head = NULL; + + while (c) { + d = calloc(1, sizeof(*d)); + + if (*head == NULL) + *head = d; + + d->name = strdup(c->name); + d->type = c->type; + if (d->type == krb5_config_string) + d->u.string = strdup(c->u.string); + else if (d->type == krb5_config_list) + _krb5_config_copy (context, c->u.list, &d->u.list); + else + krb5_abortx(context, + "unknown binding type (%d) in krb5_config_copy", + d->type); + if (previous) + previous->next = d; + + previous = d; + c = c->next; + } + return 0; +} + +#endif /* HEIMDAL_SMALLER */ + +KRB5_LIB_FUNCTION const void * KRB5_LIB_CALL +_krb5_config_get_next (krb5_context context, + const krb5_config_section *c, + const krb5_config_binding **pointer, + int type, + ...) { const char *ret; va_list args; va_start(args, type); - ret = krb5_config_vget_next (context, c, pointer, type, args); + ret = _krb5_config_vget_next (context, c, pointer, type, args); va_end(args); return ret; } @@ -392,7 +633,7 @@ vget_next(krb5_context context, const char *p = va_arg(args, const char *); while(b != NULL) { if(strcmp(b->name, name) == 0) { - if(b->type == type && p == NULL) { + if(b->type == (unsigned)type && p == NULL) { *pointer = b; return b->u.generic; } else if(b->type == krb5_config_list && p != NULL) { @@ -404,12 +645,12 @@ vget_next(krb5_context context, return NULL; } -const void * -krb5_config_vget_next (krb5_context context, - const krb5_config_section *c, - const krb5_config_binding **pointer, - int type, - va_list args) +KRB5_LIB_FUNCTION const void * KRB5_LIB_CALL +_krb5_config_vget_next (krb5_context context, + const krb5_config_section *c, + const krb5_config_binding **pointer, + int type, + va_list args) { const krb5_config_binding *b; const char *p; @@ -432,7 +673,7 @@ krb5_config_vget_next (krb5_context context, /* we were called again, so just look for more entries with the same name and type */ for (b = (*pointer)->next; b != NULL; b = b->next) { - if(strcmp(b->name, (*pointer)->name) == 0 && b->type == type) { + if(strcmp(b->name, (*pointer)->name) == 0 && b->type == (unsigned)type) { *pointer = b; return b->u.generic; } @@ -440,33 +681,46 @@ krb5_config_vget_next (krb5_context context, return NULL; } -const void * -krb5_config_get (krb5_context context, - const krb5_config_section *c, - int type, - ...) +KRB5_LIB_FUNCTION const void * KRB5_LIB_CALL +_krb5_config_get (krb5_context context, + const krb5_config_section *c, + int type, + ...) { const void *ret; va_list args; va_start(args, type); - ret = krb5_config_vget (context, c, type, args); + ret = _krb5_config_vget (context, c, type, args); va_end(args); return ret; } + const void * -krb5_config_vget (krb5_context context, - const krb5_config_section *c, - int type, - va_list args) +_krb5_config_vget (krb5_context context, + const krb5_config_section *c, + int type, + va_list args) { const krb5_config_binding *foo = NULL; - return krb5_config_vget_next (context, c, &foo, type, args); + return _krb5_config_vget_next (context, c, &foo, type, args); } -const krb5_config_binding * +/** + * Get a list of configuration binding list for more processing + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param ... a list of names, terminated with NULL. + * + * @return NULL if configuration list is not found, a list otherwise + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL krb5_config_get_list (krb5_context context, const krb5_config_section *c, ...) @@ -480,15 +734,42 @@ krb5_config_get_list (krb5_context context, return ret; } -const krb5_config_binding * +/** + * Get a list of configuration binding list for more processing + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param args a va_list of arguments + * + * @return NULL if configuration list is not found, a list otherwise + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL krb5_config_vget_list (krb5_context context, const krb5_config_section *c, va_list args) { - return krb5_config_vget (context, c, krb5_config_list, args); + return _krb5_config_vget (context, c, krb5_config_list, args); } -const char* KRB5_LIB_FUNCTION +/** + * Returns a "const char *" to a string in the configuration database. + * The string may not be valid after a reload of the configuration + * database so a caller should make a local copy if it needs to keep + * the string. + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param ... a list of names, terminated with NULL. + * + * @return NULL if configuration string not found, a string otherwise + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_get_string (krb5_context context, const krb5_config_section *c, ...) @@ -502,15 +783,42 @@ krb5_config_get_string (krb5_context context, return ret; } -const char* KRB5_LIB_FUNCTION +/** + * Like krb5_config_get_string(), but uses a va_list instead of ... + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param args a va_list of arguments + * + * @return NULL if configuration string not found, a string otherwise + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_vget_string (krb5_context context, const krb5_config_section *c, va_list args) { - return krb5_config_vget (context, c, krb5_config_string, args); + return _krb5_config_vget (context, c, krb5_config_string, args); } -const char* KRB5_LIB_FUNCTION +/** + * Like krb5_config_vget_string(), but instead of returning NULL, + * instead return a default value. + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param def_value the default value to return if no configuration + * found in the database. + * @param args a va_list of arguments + * + * @return a configuration string + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_vget_string_default (krb5_context context, const krb5_config_section *c, const char *def_value, @@ -524,7 +832,22 @@ krb5_config_vget_string_default (krb5_context context, return ret; } -const char* KRB5_LIB_FUNCTION +/** + * Like krb5_config_get_string(), but instead of returning NULL, + * instead return a default value. + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param def_value the default value to return if no configuration + * found in the database. + * @param ... a list of names, terminated with NULL. + * + * @return a configuration string + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_get_string_default (krb5_context context, const krb5_config_section *c, const char *def_value, @@ -539,7 +862,64 @@ krb5_config_get_string_default (krb5_context context, return ret; } -char ** KRB5_LIB_FUNCTION +static char * +next_component_string(char * begin, const char * delims, char **state) +{ + char * end; + + if (begin == NULL) + begin = *state; + + if (*begin == '\0') + return NULL; + + end = begin; + while (*end == '"') { + char * t = strchr(end + 1, '"'); + + if (t) + end = ++t; + else + end += strlen(end); + } + + if (*end != '\0') { + size_t pos; + + pos = strcspn(end, delims); + end = end + pos; + } + + if (*end != '\0') { + *end = '\0'; + *state = end + 1; + if (*begin == '"' && *(end - 1) == '"' && begin + 1 < end) { + begin++; *(end - 1) = '\0'; + } + return begin; + } + + *state = end; + if (*begin == '"' && *(end - 1) == '"' && begin + 1 < end) { + begin++; *(end - 1) = '\0'; + } + return begin; +} + +/** + * Get a list of configuration strings, free the result with + * krb5_config_free_strings(). + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param args a va_list of arguments + * + * @return TRUE or FALSE + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION char ** KRB5_LIB_CALL krb5_config_vget_strings(krb5_context context, const krb5_config_section *c, va_list args) @@ -549,14 +929,14 @@ krb5_config_vget_strings(krb5_context context, const krb5_config_binding *b = NULL; const char *p; - while((p = krb5_config_vget_next(context, c, &b, - krb5_config_string, args))) { + while((p = _krb5_config_vget_next(context, c, &b, + krb5_config_string, args))) { char *tmp = strdup(p); char *pos = NULL; char *s; if(tmp == NULL) goto cleanup; - s = strtok_r(tmp, " \t", &pos); + s = next_component_string(tmp, " \t", &pos); while(s){ char **tmp2 = realloc(strings, (nstr + 1) * sizeof(*strings)); if(tmp2 == NULL) @@ -566,7 +946,7 @@ krb5_config_vget_strings(krb5_context context, nstr++; if(strings[nstr-1] == NULL) goto cleanup; - s = strtok_r(NULL, " \t", &pos); + s = next_component_string(NULL, " \t", &pos); } free(tmp); } @@ -586,7 +966,20 @@ krb5_config_vget_strings(krb5_context context, } -char** +/** + * Get a list of configuration strings, free the result with + * krb5_config_free_strings(). + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param ... a list of names, terminated with NULL. + * + * @return TRUE or FALSE + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION char** KRB5_LIB_CALL krb5_config_get_strings(krb5_context context, const krb5_config_section *c, ...) @@ -599,7 +992,16 @@ krb5_config_get_strings(krb5_context context, return ret; } -void KRB5_LIB_FUNCTION +/** + * Free the resulting strings from krb5_config-get_strings() and + * krb5_config_vget_strings(). + * + * @param strings strings to free + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_config_free_strings(char **strings) { char **s = strings; @@ -610,7 +1012,25 @@ krb5_config_free_strings(char **strings) free(strings); } -krb5_boolean KRB5_LIB_FUNCTION +/** + * Like krb5_config_get_bool_default() but with a va_list list of + * configuration selection. + * + * Configuration value to a boolean value, where yes/true and any + * non-zero number means TRUE and other value is FALSE. + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param def_value the default value to return if no configuration + * found in the database. + * @param args a va_list of arguments + * + * @return TRUE or FALSE + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_vget_bool_default (krb5_context context, const krb5_config_section *c, krb5_boolean def_value, @@ -626,7 +1046,21 @@ krb5_config_vget_bool_default (krb5_context context, return FALSE; } -krb5_boolean KRB5_LIB_FUNCTION +/** + * krb5_config_get_bool() will convert the configuration + * option value to a boolean value, where yes/true and any non-zero + * number means TRUE and other value is FALSE. + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param args a va_list of arguments + * + * @return TRUE or FALSE + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_vget_bool (krb5_context context, const krb5_config_section *c, va_list args) @@ -634,7 +1068,23 @@ krb5_config_vget_bool (krb5_context context, return krb5_config_vget_bool_default (context, c, FALSE, args); } -krb5_boolean KRB5_LIB_FUNCTION +/** + * krb5_config_get_bool_default() will convert the configuration + * option value to a boolean value, where yes/true and any non-zero + * number means TRUE and other value is FALSE. + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param def_value the default value to return if no configuration + * found in the database. + * @param ... a list of names, terminated with NULL. + * + * @return TRUE or FALSE + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_get_bool_default (krb5_context context, const krb5_config_section *c, krb5_boolean def_value, @@ -648,7 +1098,23 @@ krb5_config_get_bool_default (krb5_context context, return ret; } -krb5_boolean KRB5_LIB_FUNCTION +/** + * Like krb5_config_get_bool() but with a va_list list of + * configuration selection. + * + * Configuration value to a boolean value, where yes/true and any + * non-zero number means TRUE and other value is FALSE. + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param ... a list of names, terminated with NULL. + * + * @return TRUE or FALSE + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_get_bool (krb5_context context, const krb5_config_section *c, ...) @@ -661,7 +1127,24 @@ krb5_config_get_bool (krb5_context context, return ret; } -int KRB5_LIB_FUNCTION +/** + * Get the time from the configuration file using a relative time. + * + * Like krb5_config_get_time_default() but with a va_list list of + * configuration selection. + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param def_value the default value to return if no configuration + * found in the database. + * @param args a va_list of arguments + * + * @return parsed the time (or def_value on parse error) + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_time_default (krb5_context context, const krb5_config_section *c, int def_value, @@ -678,7 +1161,19 @@ krb5_config_vget_time_default (krb5_context context, return t; } -int KRB5_LIB_FUNCTION +/** + * Get the time from the configuration file using a relative time, for example: 1h30s + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param args a va_list of arguments + * + * @return parsed the time or -1 on error + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_time (krb5_context context, const krb5_config_section *c, va_list args) @@ -686,7 +1181,21 @@ krb5_config_vget_time (krb5_context context, return krb5_config_vget_time_default (context, c, -1, args); } -int KRB5_LIB_FUNCTION +/** + * Get the time from the configuration file using a relative time, for example: 1h30s + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param def_value the default value to return if no configuration + * found in the database. + * @param ... a list of names, terminated with NULL. + * + * @return parsed the time (or def_value on parse error) + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_time_default (krb5_context context, const krb5_config_section *c, int def_value, @@ -700,7 +1209,19 @@ krb5_config_get_time_default (krb5_context context, return ret; } -int KRB5_LIB_FUNCTION +/** + * Get the time from the configuration file using a relative time, for example: 1h30s + * + * @param context A Kerberos 5 context. + * @param c a configuration section, or NULL to use the section from context + * @param ... a list of names, terminated with NULL. + * + * @return parsed the time or -1 on error + * + * @ingroup krb5_support + */ + +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_time (krb5_context context, const krb5_config_section *c, ...) @@ -714,7 +1235,7 @@ krb5_config_get_time (krb5_context context, } -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_int_default (krb5_context context, const krb5_config_section *c, int def_value, @@ -724,18 +1245,18 @@ krb5_config_vget_int_default (krb5_context context, str = krb5_config_vget_string (context, c, args); if(str == NULL) return def_value; - else { - char *endptr; - long l; - l = strtol(str, &endptr, 0); - if (endptr == str) - return def_value; - else + else { + char *endptr; + long l; + l = strtol(str, &endptr, 0); + if (endptr == str) + return def_value; + else return l; } } -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_int (krb5_context context, const krb5_config_section *c, va_list args) @@ -743,7 +1264,7 @@ krb5_config_vget_int (krb5_context context, return krb5_config_vget_int_default (context, c, -1, args); } -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_int_default (krb5_context context, const krb5_config_section *c, int def_value, @@ -757,7 +1278,7 @@ krb5_config_get_int_default (krb5_context context, return ret; } -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_int (krb5_context context, const krb5_config_section *c, ...) @@ -769,3 +1290,36 @@ krb5_config_get_int (krb5_context context, va_end(ap); return ret; } + + +#ifndef HEIMDAL_SMALLER + +/** + * Deprecated: configuration files are not strings + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_config_parse_string_multi(krb5_context context, + const char *string, + krb5_config_section **res) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + const char *str; + unsigned lineno = 0; + krb5_error_code ret; + struct fileptr f; + f.f = NULL; + f.s = string; + + ret = krb5_config_parse_debug (&f, res, &lineno, &str); + if (ret) { + krb5_set_error_message (context, ret, "%s:%u: %s", + "", lineno, str); + return ret; + } + return 0; +} + +#endif diff --git a/lib/krb5/config_file_netinfo.c b/lib/krb5/config_file_netinfo.c deleted file mode 100644 index 1e01e7c5ffbc..000000000000 --- a/lib/krb5/config_file_netinfo.c +++ /dev/null @@ -1,180 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -RCSID("$Id: config_file_netinfo.c 13863 2004-05-25 21:46:46Z lha $"); - -/* - * Netinfo implementation from Luke Howard - */ - -#ifdef HAVE_NETINFO -#include -static ni_status -ni_proplist2binding(ni_proplist *pl, krb5_config_section **ret) -{ - int i, j; - krb5_config_section **next = NULL; - - for (i = 0; i < pl->ni_proplist_len; i++) { - if (!strcmp(pl->nipl_val[i].nip_name, "name")) - continue; - - for (j = 0; j < pl->nipl_val[i].nip_val.ni_namelist_len; j++) { - krb5_config_binding *b; - - b = malloc(sizeof(*b)); - if (b == NULL) - return NI_FAILED; - - b->next = NULL; - b->type = krb5_config_string; - b->name = ni_name_dup(pl->nipl_val[i].nip_name); - b->u.string = ni_name_dup(pl->nipl_val[i].nip_val.ninl_val[j]); - - if (next == NULL) { - *ret = b; - } else { - *next = b; - } - next = &b->next; - } - } - return NI_OK; -} - -static ni_status -ni_idlist2binding(void *ni, ni_idlist *idlist, krb5_config_section **ret) -{ - int i; - ni_status nis; - krb5_config_section **next; - - for (i = 0; i < idlist->ni_idlist_len; i++) { - ni_proplist pl; - ni_id nid; - ni_idlist children; - krb5_config_binding *b; - ni_index index; - - nid.nii_instance = 0; - nid.nii_object = idlist->ni_idlist_val[i]; - - nis = ni_read(ni, &nid, &pl); - - if (nis != NI_OK) { - return nis; - } - index = ni_proplist_match(pl, "name", NULL); - b = malloc(sizeof(*b)); - if (b == NULL) return NI_FAILED; - - if (i == 0) { - *ret = b; - } else { - *next = b; - } - - b->type = krb5_config_list; - b->name = ni_name_dup(pl.nipl_val[index].nip_val.ninl_val[0]); - b->next = NULL; - b->u.list = NULL; - - /* get the child directories */ - nis = ni_children(ni, &nid, &children); - if (nis == NI_OK) { - nis = ni_idlist2binding(ni, &children, &b->u.list); - if (nis != NI_OK) { - return nis; - } - } - - nis = ni_proplist2binding(&pl, b->u.list == NULL ? &b->u.list : &b->u.list->next); - ni_proplist_free(&pl); - if (nis != NI_OK) { - return nis; - } - next = &b->next; - } - ni_idlist_free(idlist); - return NI_OK; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_config_parse_file (krb5_context context, - const char *fname, - krb5_config_section **res) -{ - void *ni = NULL, *lastni = NULL; - int i; - ni_status nis; - ni_id nid; - ni_idlist children; - - krb5_config_section *s; - int ret; - - s = NULL; - - for (i = 0; i < 256; i++) { - if (i == 0) { - nis = ni_open(NULL, ".", &ni); - } else { - if (lastni != NULL) ni_free(lastni); - lastni = ni; - nis = ni_open(lastni, "..", &ni); - } - if (nis != NI_OK) - break; - nis = ni_pathsearch(ni, &nid, "/locations/kerberos"); - if (nis == NI_OK) { - nis = ni_children(ni, &nid, &children); - if (nis != NI_OK) - break; - nis = ni_idlist2binding(ni, &children, &s); - break; - } - } - - if (ni != NULL) ni_free(ni); - if (ni != lastni && lastni != NULL) ni_free(lastni); - - ret = (nis == NI_OK) ? 0 : -1; - if (ret == 0) { - *res = s; - } else { - *res = NULL; - } - return ret; -} -#endif /* HAVE_NETINFO */ diff --git a/lib/krb5/constants.c b/lib/krb5/constants.c index 5188a1d3a864..bbb4832657fb 100644 --- a/lib/krb5/constants.c +++ b/lib/krb5/constants.c @@ -1,43 +1,61 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: constants.c 14253 2004-09-23 07:57:37Z joda $"); - -const char *krb5_config_file = +KRB5_LIB_VARIABLE const char *krb5_config_file = #ifdef __APPLE__ -"/Library/Preferences/edu.mit.Kerberos:" +"~/Library/Preferences/com.apple.Kerberos.plist" PATH_SEP +"/Library/Preferences/com.apple.Kerberos.plist" PATH_SEP +"~/Library/Preferences/edu.mit.Kerberos" PATH_SEP +"/Library/Preferences/edu.mit.Kerberos" PATH_SEP +#endif /* __APPLE__ */ +"~/.krb5/config" PATH_SEP +SYSCONFDIR "/krb5.conf" +#ifdef _WIN32 +PATH_SEP "%{COMMON_APPDATA}/Kerberos/krb5.conf" +PATH_SEP "%{WINDOWS}/krb5.ini" +#else +PATH_SEP "/etc/krb5.conf" #endif -SYSCONFDIR "/krb5.conf:/etc/krb5.conf"; -const char *krb5_defkeyname = KEYTAB_DEFAULT; +; + +KRB5_LIB_VARIABLE const char *krb5_defkeyname = KEYTAB_DEFAULT; + +KRB5_LIB_VARIABLE const char *krb5_cc_type_api = "API"; +KRB5_LIB_VARIABLE const char *krb5_cc_type_file = "FILE"; +KRB5_LIB_VARIABLE const char *krb5_cc_type_memory = "MEMORY"; +KRB5_LIB_VARIABLE const char *krb5_cc_type_kcm = "KCM"; +KRB5_LIB_VARIABLE const char *krb5_cc_type_scc = "SCC"; diff --git a/lib/krb5/context.c b/lib/krb5/context.c index 256783310e93..99bf1b419b0a 100644 --- a/lib/krb5/context.c +++ b/lib/krb5/context.c @@ -1,41 +1,42 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2010 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" +#include #include -RCSID("$Id: context.c 22293 2007-12-14 05:25:59Z lha $"); - #define INIT_FIELD(C, T, E, D, F) \ (C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), \ "libdefaults", F, NULL) @@ -60,7 +61,7 @@ set_etypes (krb5_context context, char **etypes_str; krb5_enctype *etypes = NULL; - etypes_str = krb5_config_get_strings(context, NULL, "libdefaults", + etypes_str = krb5_config_get_strings(context, NULL, "libdefaults", name, NULL); if(etypes_str){ int i, j, k; @@ -68,7 +69,7 @@ set_etypes (krb5_context context, etypes = malloc((i+1) * sizeof(*etypes)); if (etypes == NULL) { krb5_config_free_strings (etypes_str); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } for(j = 0, k = 0; j < i; j++) { @@ -81,7 +82,7 @@ set_etypes (krb5_context context, } etypes[k] = ETYPE_NULL; krb5_config_free_strings(etypes_str); - } + } *ret_enctypes = etypes; return 0; } @@ -95,6 +96,7 @@ init_context_from_config_file(krb5_context context) { krb5_error_code ret; const char * tmp; + char **s; krb5_enctype *tmptypes; INIT_FIELD(context, time, max_skew, 5 * 60, "clockskew"); @@ -102,19 +104,49 @@ init_context_from_config_file(krb5_context context) INIT_FIELD(context, int, max_retries, 3, "max_retries"); INIT_FIELD(context, string, http_proxy, NULL, "http_proxy"); - + + ret = krb5_config_get_bool_default(context, NULL, FALSE, + "libdefaults", + "allow_weak_crypto", NULL); + if (ret) { + krb5_enctype_enable(context, ETYPE_DES_CBC_CRC); + krb5_enctype_enable(context, ETYPE_DES_CBC_MD4); + krb5_enctype_enable(context, ETYPE_DES_CBC_MD5); + krb5_enctype_enable(context, ETYPE_DES_CBC_NONE); + krb5_enctype_enable(context, ETYPE_DES_CFB64_NONE); + krb5_enctype_enable(context, ETYPE_DES_PCBC_NONE); + } + ret = set_etypes (context, "default_etypes", &tmptypes); if(ret) return ret; free(context->etypes); context->etypes = tmptypes; - + ret = set_etypes (context, "default_etypes_des", &tmptypes); if(ret) return ret; free(context->etypes_des); context->etypes_des = tmptypes; + ret = set_etypes (context, "default_as_etypes", &tmptypes); + if(ret) + return ret; + free(context->as_etypes); + context->as_etypes = tmptypes; + + ret = set_etypes (context, "default_tgs_etypes", &tmptypes); + if(ret) + return ret; + free(context->tgs_etypes); + context->tgs_etypes = tmptypes; + + ret = set_etypes (context, "permitted_enctypes", &tmptypes); + if(ret) + return ret; + free(context->permitted_enctypes); + context->permitted_enctypes = tmptypes; + /* default keytab name */ tmp = NULL; if(!issuid()) @@ -122,27 +154,27 @@ init_context_from_config_file(krb5_context context) if(tmp != NULL) context->default_keytab = tmp; else - INIT_FIELD(context, string, default_keytab, + INIT_FIELD(context, string, default_keytab, KEYTAB_DEFAULT, "default_keytab_name"); - INIT_FIELD(context, string, default_keytab_modify, + INIT_FIELD(context, string, default_keytab_modify, NULL, "default_keytab_modify_name"); - INIT_FIELD(context, string, time_fmt, + INIT_FIELD(context, string, time_fmt, "%Y-%m-%dT%H:%M:%S", "time_format"); - INIT_FIELD(context, string, date_fmt, + INIT_FIELD(context, string, date_fmt, "%Y-%m-%d", "date_format"); - INIT_FIELD(context, bool, log_utc, + INIT_FIELD(context, bool, log_utc, FALSE, "log_utc"); - + /* init dns-proxy slime */ - tmp = krb5_config_get_string(context, NULL, "libdefaults", + tmp = krb5_config_get_string(context, NULL, "libdefaults", "dns_proxy", NULL); - if(tmp) + if(tmp) roken_gethostby_setup(context->http_proxy, tmp); krb5_free_host_realm (context, context->default_realms); context->default_realms = NULL; @@ -152,9 +184,9 @@ init_context_from_config_file(krb5_context context) char **adr, **a; krb5_set_extra_addresses(context, NULL); - adr = krb5_config_get_strings(context, NULL, - "libdefaults", - "extra_addresses", + adr = krb5_config_get_strings(context, NULL, + "libdefaults", + "extra_addresses", NULL); memset(&addresses, 0, sizeof(addresses)); for(a = adr; a && *a; a++) { @@ -167,9 +199,9 @@ init_context_from_config_file(krb5_context context) krb5_config_free_strings(adr); krb5_set_ignore_addresses(context, NULL); - adr = krb5_config_get_strings(context, NULL, - "libdefaults", - "ignore_addresses", + adr = krb5_config_get_strings(context, NULL, + "libdefaults", + "ignore_addresses", NULL); memset(&addresses, 0, sizeof(addresses)); for(a = adr; a && *a; a++) { @@ -181,7 +213,7 @@ init_context_from_config_file(krb5_context context) } krb5_config_free_strings(adr); } - + INIT_FIELD(context, bool, scan_interfaces, TRUE, "scan_interfaces"); INIT_FIELD(context, int, fcache_vno, 0, "fcache_version"); /* prefer dns_lookup_kdc over srv_lookup. */ @@ -192,9 +224,138 @@ init_context_from_config_file(krb5_context context) INIT_FLAG(context, flags, KRB5_CTX_F_CHECK_PAC, TRUE, "check_pac"); context->default_cc_name = NULL; context->default_cc_name_set = 0; + + s = krb5_config_get_strings(context, NULL, "logging", "krb5", NULL); + if(s) { + char **p; + krb5_initlog(context, "libkrb5", &context->debug_dest); + for(p = s; *p; p++) + krb5_addlog_dest(context, context->debug_dest, *p); + krb5_config_free_strings(s); + } + + tmp = krb5_config_get_string(context, NULL, "libdefaults", + "check-rd-req-server", NULL); + if (tmp == NULL && !issuid()) + tmp = getenv("KRB5_CHECK_RD_REQ_SERVER"); + if(tmp) { + if (strcasecmp(tmp, "ignore") == 0) + context->flags |= KRB5_CTX_F_RD_REQ_IGNORE; + } + return 0; } +static krb5_error_code +cc_ops_register(krb5_context context) +{ + context->cc_ops = NULL; + context->num_cc_ops = 0; + +#ifndef KCM_IS_API_CACHE + krb5_cc_register(context, &krb5_acc_ops, TRUE); +#endif + krb5_cc_register(context, &krb5_fcc_ops, TRUE); + krb5_cc_register(context, &krb5_mcc_ops, TRUE); +#ifdef HAVE_SCC + krb5_cc_register(context, &krb5_scc_ops, TRUE); +#endif +#ifdef HAVE_KCM +#ifdef KCM_IS_API_CACHE + krb5_cc_register(context, &krb5_akcm_ops, TRUE); +#endif + krb5_cc_register(context, &krb5_kcm_ops, TRUE); +#endif + _krb5_load_ccache_plugins(context); + return 0; +} + +static krb5_error_code +cc_ops_copy(krb5_context context, const krb5_context src_context) +{ + const krb5_cc_ops **cc_ops; + + context->cc_ops = NULL; + context->num_cc_ops = 0; + + if (src_context->num_cc_ops == 0) + return 0; + + cc_ops = malloc(sizeof(cc_ops[0]) * src_context->num_cc_ops); + if (cc_ops == NULL) { + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); + return KRB5_CC_NOMEM; + } + + memcpy(rk_UNCONST(cc_ops), src_context->cc_ops, + sizeof(cc_ops[0]) * src_context->num_cc_ops); + context->cc_ops = cc_ops; + context->num_cc_ops = src_context->num_cc_ops; + + return 0; +} + +static krb5_error_code +kt_ops_register(krb5_context context) +{ + context->num_kt_types = 0; + context->kt_types = NULL; + + krb5_kt_register (context, &krb5_fkt_ops); + krb5_kt_register (context, &krb5_wrfkt_ops); + krb5_kt_register (context, &krb5_javakt_ops); + krb5_kt_register (context, &krb5_mkt_ops); +#ifndef HEIMDAL_SMALLER + krb5_kt_register (context, &krb5_akf_ops); +#endif + krb5_kt_register (context, &krb5_any_ops); + return 0; +} + +static krb5_error_code +kt_ops_copy(krb5_context context, const krb5_context src_context) +{ + context->num_kt_types = 0; + context->kt_types = NULL; + + if (src_context->num_kt_types == 0) + return 0; + + context->kt_types = malloc(sizeof(context->kt_types[0]) * src_context->num_kt_types); + if (context->kt_types == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + + context->num_kt_types = src_context->num_kt_types; + memcpy(context->kt_types, src_context->kt_types, + sizeof(context->kt_types[0]) * src_context->num_kt_types); + + return 0; +} + +static const char *sysplugin_dirs[] = { + LIBDIR "/plugin/krb5", +#ifdef __APPLE__ + "/Library/KerberosPlugins/KerberosFrameworkPlugins", + "/System/Library/KerberosPlugins/KerberosFrameworkPlugins", +#endif + NULL +}; + +static void +init_context_once(void *ctx) +{ + krb5_context context = ctx; + + _krb5_load_plugins(context, "krb5", sysplugin_dirs); + + bindtextdomain(HEIMDAL_TEXTDOMAIN, HEIMDAL_LOCALEDIR); +} + + /** * Initializes the context structure and reads the configuration file * /etc/krb5.conf. The structure should be freed by calling @@ -210,9 +371,10 @@ init_context_from_config_file(krb5_context context) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_context(krb5_context *context) { + static heim_base_once_t init_context = HEIM_BASE_ONCE_INIT; krb5_context p; krb5_error_code ret; char **files; @@ -230,55 +392,181 @@ krb5_init_context(krb5_context *context) } HEIMDAL_MUTEX_init(p->mutex); + p->flags |= KRB5_CTX_F_HOMEDIR_ACCESS; + ret = krb5_get_default_config_files(&files); - if(ret) + if(ret) goto out; ret = krb5_set_config_files(p, files); krb5_free_config_files(files); - if(ret) + if(ret) goto out; /* init error tables */ krb5_init_ets(p); + cc_ops_register(p); + kt_ops_register(p); - p->cc_ops = NULL; - p->num_cc_ops = 0; - krb5_cc_register(p, &krb5_acc_ops, TRUE); - krb5_cc_register(p, &krb5_fcc_ops, TRUE); - krb5_cc_register(p, &krb5_mcc_ops, TRUE); -#ifdef HAVE_KCM - krb5_cc_register(p, &krb5_kcm_ops, TRUE); +#ifdef PKINIT + ret = hx509_context_init(&p->hx509ctx); + if (ret) + goto out; #endif - - p->num_kt_types = 0; - p->kt_types = NULL; - krb5_kt_register (p, &krb5_fkt_ops); - krb5_kt_register (p, &krb5_wrfkt_ops); - krb5_kt_register (p, &krb5_javakt_ops); - krb5_kt_register (p, &krb5_mkt_ops); - krb5_kt_register (p, &krb5_akf_ops); - krb5_kt_register (p, &krb4_fkt_ops); - krb5_kt_register (p, &krb5_srvtab_fkt_ops); - krb5_kt_register (p, &krb5_any_ops); + if (rk_SOCK_INIT()) + p->flags |= KRB5_CTX_F_SOCKETS_INITIALIZED; out: if(ret) { krb5_free_context(p); p = NULL; + } else { + heim_base_once_f(&init_context, p, init_context_once); } *context = p; return ret; } +#ifndef HEIMDAL_SMALLER + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_permitted_enctypes(krb5_context context, + krb5_enctype **etypes) +{ + return krb5_get_default_in_tkt_etypes(context, KRB5_PDU_NONE, etypes); +} + +/* + * + */ + +static krb5_error_code +copy_etypes (krb5_context context, + krb5_enctype *enctypes, + krb5_enctype **ret_enctypes) +{ + unsigned int i; + + for (i = 0; enctypes[i]; i++) + ; + i++; + + *ret_enctypes = malloc(sizeof(ret_enctypes[0]) * i); + if (*ret_enctypes == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + memcpy(*ret_enctypes, enctypes, sizeof(ret_enctypes[0]) * i); + return 0; +} + +/** + * Make a copy for the Kerberos 5 context, the new krb5_context shoud + * be freed with krb5_free_context(). + * + * @param context the Kerberos context to copy + * @param out the copy of the Kerberos, set to NULL error. + * + * @return Returns 0 to indicate success. Otherwise an kerberos et + * error code is returned, see krb5_get_error_message(). + * + * @ingroup krb5 + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_copy_context(krb5_context context, krb5_context *out) +{ + krb5_error_code ret; + krb5_context p; + + *out = NULL; + + p = calloc(1, sizeof(*p)); + if (p == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + + p->mutex = malloc(sizeof(HEIMDAL_MUTEX)); + if (p->mutex == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + free(p); + return ENOMEM; + } + HEIMDAL_MUTEX_init(p->mutex); + + + if (context->default_cc_name) + p->default_cc_name = strdup(context->default_cc_name); + if (context->default_cc_name_env) + p->default_cc_name_env = strdup(context->default_cc_name_env); + + if (context->etypes) { + ret = copy_etypes(context, context->etypes, &p->etypes); + if (ret) + goto out; + } + if (context->etypes_des) { + ret = copy_etypes(context, context->etypes_des, &p->etypes_des); + if (ret) + goto out; + } + + if (context->default_realms) { + ret = krb5_copy_host_realm(context, + context->default_realms, &p->default_realms); + if (ret) + goto out; + } + + ret = _krb5_config_copy(context, context->cf, &p->cf); + if (ret) + goto out; + + /* XXX should copy */ + krb5_init_ets(p); + + cc_ops_copy(p, context); + kt_ops_copy(p, context); + +#if 0 /* XXX */ + if(context->warn_dest != NULL) + ; + if(context->debug_dest != NULL) + ; +#endif + + ret = krb5_set_extra_addresses(p, context->extra_addresses); + if (ret) + goto out; + ret = krb5_set_extra_addresses(p, context->ignore_addresses); + if (ret) + goto out; + + ret = _krb5_copy_send_to_kdc_func(p, context); + if (ret) + goto out; + + *out = p; + + return 0; + + out: + krb5_free_context(p); + return ret; +} + +#endif + /** * Frees the krb5_context allocated by krb5_init_context(). * * @param context context to be freed. * - * @ingroup krb5 -*/ + * @ingroup krb5 + */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_context(krb5_context context) { if (context->default_cc_name) @@ -290,18 +578,28 @@ krb5_free_context(krb5_context context) krb5_free_host_realm (context, context->default_realms); krb5_config_file_free (context, context->cf); free_error_table (context->et_list); - free(context->cc_ops); + free(rk_UNCONST(context->cc_ops)); free(context->kt_types); - krb5_clear_error_string(context); + krb5_clear_error_message(context); if(context->warn_dest != NULL) krb5_closelog(context, context->warn_dest); + if(context->debug_dest != NULL) + krb5_closelog(context, context->debug_dest); krb5_set_extra_addresses(context, NULL); krb5_set_ignore_addresses(context, NULL); krb5_set_send_to_kdc_func(context, NULL, NULL); - if (context->mutex != NULL) { - HEIMDAL_MUTEX_destroy(context->mutex); - free(context->mutex); + +#ifdef PKINIT + if (context->hx509ctx) + hx509_context_free(&context->hx509ctx); +#endif + + HEIMDAL_MUTEX_destroy(context->mutex); + free(context->mutex); + if (context->flags & KRB5_CTX_F_SOCKETS_INITIALIZED) { + rk_SOCK_EXIT(); } + memset(context, 0, sizeof(*context)); free(context); } @@ -318,14 +616,14 @@ krb5_free_context(krb5_context context) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_config_files(krb5_context context, char **filenames) { krb5_error_code ret; krb5_config_binding *tmp = NULL; while(filenames != NULL && *filenames != NULL && **filenames != '\0') { ret = krb5_config_parse_file_multi(context, *filenames, &tmp); - if(ret != 0 && ret != ENOENT && ret != EACCES) { + if(ret != 0 && ret != ENOENT && ret != EACCES && ret != EPERM) { krb5_config_file_free(context, tmp); return ret; } @@ -337,6 +635,11 @@ krb5_set_config_files(krb5_context context, char **filenames) if(tmp == NULL) return ENXIO; #endif + +#ifdef _WIN32 + _krb5_load_config_from_registry(context, &tmp); +#endif + krb5_config_file_free(context, context->cf); context->cf = tmp; ret = init_context_from_config_file(context); @@ -373,7 +676,7 @@ add_file(char ***pfilenames, int *len, char *file) * `pq' isn't free, it's up the the caller */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_prepend_config_files(const char *filelist, char **pq, char ***ret_pp) { krb5_error_code ret; @@ -389,7 +692,7 @@ krb5_prepend_config_files(const char *filelist, char **pq, char ***ret_pp) while(1) { ssize_t l; q = p; - l = strsep_copy(&q, ":", NULL, 0); + l = strsep_copy(&q, PATH_SEP, NULL, 0); if(l == -1) break; fn = malloc(l + 1); @@ -397,7 +700,7 @@ krb5_prepend_config_files(const char *filelist, char **pq, char ***ret_pp) krb5_free_config_files(pp); return ENOMEM; } - l = strsep_copy(&p, ":", fn, l + 1); + (void)strsep_copy(&p, PATH_SEP, fn, l + 1); ret = add_file(&pp, &len, fn); if (ret) { krb5_free_config_files(pp); @@ -438,12 +741,12 @@ krb5_prepend_config_files(const char *filelist, char **pq, char ***ret_pp) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_prepend_config_files_default(const char *filelist, char ***pfilenames) { krb5_error_code ret; char **defpp, **pp = NULL; - + ret = krb5_get_default_config_files(&defpp); if (ret) return ret; @@ -452,11 +755,50 @@ krb5_prepend_config_files_default(const char *filelist, char ***pfilenames) krb5_free_config_files(defpp); if (ret) { return ret; - } + } *pfilenames = pp; return 0; } +#ifdef _WIN32 + +/** + * Checks the registry for configuration file location + * + * Kerberos for Windows and other legacy Kerberos applications expect + * to find the configuration file location in the + * SOFTWARE\MIT\Kerberos registry key under the value "config". + */ +char * +_krb5_get_default_config_config_files_from_registry() +{ + static const char * KeyName = "Software\\MIT\\Kerberos"; + char *config_file = NULL; + LONG rcode; + HKEY key; + + rcode = RegOpenKeyEx(HKEY_CURRENT_USER, KeyName, 0, KEY_READ, &key); + if (rcode == ERROR_SUCCESS) { + config_file = _krb5_parse_reg_value_as_multi_string(NULL, key, "config", + REG_NONE, 0, PATH_SEP); + RegCloseKey(key); + } + + if (config_file) + return config_file; + + rcode = RegOpenKeyEx(HKEY_LOCAL_MACHINE, KeyName, 0, KEY_READ, &key); + if (rcode == ERROR_SUCCESS) { + config_file = _krb5_parse_reg_value_as_multi_string(NULL, key, "config", + REG_NONE, 0, PATH_SEP); + RegCloseKey(key); + } + + return config_file; +} + +#endif + /** * Get the global configuration list. * @@ -468,7 +810,7 @@ krb5_prepend_config_files_default(const char *filelist, char ***pfilenames) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_config_files(char ***pfilenames) { const char *files = NULL; @@ -477,6 +819,22 @@ krb5_get_default_config_files(char ***pfilenames) return EINVAL; if(!issuid()) files = getenv("KRB5_CONFIG"); + +#ifdef _WIN32 + if (files == NULL) { + char * reg_files; + reg_files = _krb5_get_default_config_config_files_from_registry(); + if (reg_files != NULL) { + krb5_error_code code; + + code = krb5_prepend_config_files(reg_files, NULL, pfilenames); + free(reg_files); + + return code; + } + } +#endif + if (files == NULL) files = krb5_config_file; @@ -486,7 +844,8 @@ krb5_get_default_config_files(char ***pfilenames) /** * Free a list of configuration files. * - * @param filenames list to be freed. + * @param filenames list, terminated with a NULL pointer, to be + * freed. NULL is an valid argument. * * @return Returns 0 to indicate success. Otherwise an kerberos et * error code is returned, see krb5_get_error_message(). @@ -494,11 +853,11 @@ krb5_get_default_config_files(char ***pfilenames) * @ingroup krb5 */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_config_files(char **filenames) { char **p; - for(p = filenames; *p != NULL; p++) + for(p = filenames; p && *p != NULL; p++) free(*p); free(filenames); } @@ -516,7 +875,7 @@ krb5_free_config_files(char **filenames) * @ingroup krb5 */ -const krb5_enctype * KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const krb5_enctype * KRB5_LIB_CALL krb5_kerberos_enctypes(krb5_context context) { static const krb5_enctype p[] = { @@ -533,6 +892,41 @@ krb5_kerberos_enctypes(krb5_context context) return p; } +/* + * + */ + +static krb5_error_code +copy_enctypes(krb5_context context, + const krb5_enctype *in, + krb5_enctype **out) +{ + krb5_enctype *p = NULL; + size_t m, n; + + for (n = 0; in[n]; n++) + ; + n++; + ALLOC(p, n); + if(p == NULL) + return krb5_enomem(context); + for (n = 0, m = 0; in[n]; n++) { + if (krb5_enctype_valid(context, in[n]) != 0) + continue; + p[m++] = in[n]; + } + p[m] = KRB5_ENCTYPE_NULL; + if (m == 0) { + free(p); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + N_("no valid enctype set", "")); + return KRB5_PROG_ETYPE_NOSUPP; + } + *out = p; + return 0; +} + + /* * set `etype' to a malloced list of the default enctypes */ @@ -540,28 +934,8 @@ krb5_kerberos_enctypes(krb5_context context) static krb5_error_code default_etypes(krb5_context context, krb5_enctype **etype) { - const krb5_enctype *p; - krb5_enctype *e = NULL, *ep; - int i, n = 0; - - p = krb5_kerberos_enctypes(context); - - for (i = 0; p[i] != ETYPE_NULL; i++) { - if (krb5_enctype_valid(context, p[i]) != 0) - continue; - ep = realloc(e, (n + 2) * sizeof(*e)); - if (ep == NULL) { - free(e); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - e = ep; - e[n] = p[i]; - e[n + 1] = ETYPE_NULL; - n++; - } - *etype = e; - return 0; + const krb5_enctype *p = krb5_kerberos_enctypes(context); + return copy_enctypes(context, p, etype); } /** @@ -577,27 +951,17 @@ default_etypes(krb5_context context, krb5_enctype **etype) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_default_in_tkt_etypes(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_set_default_in_tkt_etypes(krb5_context context, const krb5_enctype *etypes) { + krb5_error_code ret; krb5_enctype *p = NULL; - int i; if(etypes) { - for (i = 0; etypes[i]; ++i) { - krb5_error_code ret; - ret = krb5_enctype_valid(context, etypes[i]); - if (ret) - return ret; - } - ++i; - ALLOC(p, i); - if(!p) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - memmove(p, etypes, i * sizeof(krb5_enctype)); + ret = copy_enctypes(context, etypes, &p); + if (ret) + return ret; } if(context->etypes) free(context->etypes); @@ -619,75 +983,69 @@ krb5_set_default_in_tkt_etypes(krb5_context context, * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_in_tkt_etypes(krb5_context context, + krb5_pdu pdu_type, krb5_enctype **etypes) { - krb5_enctype *p; - int i; - krb5_error_code ret; + krb5_enctype *enctypes = NULL; + krb5_error_code ret; + krb5_enctype *p; - if(context->etypes) { - for(i = 0; context->etypes[i]; i++); - ++i; - ALLOC(p, i); - if(!p) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; + heim_assert(pdu_type == KRB5_PDU_AS_REQUEST || + pdu_type == KRB5_PDU_TGS_REQUEST || + pdu_type == KRB5_PDU_NONE, "pdu contant not as expected"); + + if (pdu_type == KRB5_PDU_AS_REQUEST && context->as_etypes != NULL) + enctypes = context->as_etypes; + else if (pdu_type == KRB5_PDU_TGS_REQUEST && context->tgs_etypes != NULL) + enctypes = context->tgs_etypes; + else if (context->etypes != NULL) + enctypes = context->etypes; + + if (enctypes != NULL) { + ret = copy_enctypes(context, enctypes, &p); + if (ret) + return ret; + } else { + ret = default_etypes(context, &p); + if (ret) + return ret; } - memmove(p, context->etypes, i * sizeof(krb5_enctype)); - } else { - ret = default_etypes(context, &p); - if (ret) - return ret; - } - *etypes = p; - return 0; + *etypes = p; + return 0; } /** - * Return the error string for the error code. The caller must not - * free the string. - * - * @param context Kerberos 5 context. - * @param code Kerberos error code. - * - * @return the error message matching code - * - * @ingroup krb5 - */ - -const char* KRB5_LIB_FUNCTION -krb5_get_err_text(krb5_context context, krb5_error_code code) -{ - const char *p = NULL; - if(context != NULL) - p = com_right(context->et_list, code); - if(p == NULL) - p = strerror(code); - if (p == NULL) - p = "Unknown error"; - return p; -} - -/** - * Init the built-in ets in the Kerberos library. + * Init the built-in ets in the Kerberos library. * * @param context kerberos context to add the ets too * * @ingroup krb5 */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_init_ets(krb5_context context) { if(context->et_list == NULL){ krb5_add_et_list(context, initialize_krb5_error_table_r); krb5_add_et_list(context, initialize_asn1_error_table_r); krb5_add_et_list(context, initialize_heim_error_table_r); + krb5_add_et_list(context, initialize_k524_error_table_r); + +#ifdef COM_ERR_BINDDOMAIN_krb5 + bindtextdomain(COM_ERR_BINDDOMAIN_krb5, HEIMDAL_LOCALEDIR); + bindtextdomain(COM_ERR_BINDDOMAIN_asn1, HEIMDAL_LOCALEDIR); + bindtextdomain(COM_ERR_BINDDOMAIN_heim, HEIMDAL_LOCALEDIR); + bindtextdomain(COM_ERR_BINDDOMAIN_k524, HEIMDAL_LOCALEDIR); +#endif + #ifdef PKINIT krb5_add_et_list(context, initialize_hx_error_table_r); +#ifdef COM_ERR_BINDDOMAIN_hx + bindtextdomain(COM_ERR_BINDDOMAIN_hx, HEIMDAL_LOCALEDIR); +#endif #endif } } @@ -701,7 +1059,7 @@ krb5_init_ets(krb5_context context) * @ingroup krb5 */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_use_admin_kdc (krb5_context context, krb5_boolean flag) { context->use_admin_kdc = flag; @@ -717,7 +1075,7 @@ krb5_set_use_admin_kdc (krb5_context context, krb5_boolean flag) * @ingroup krb5 */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_get_use_admin_kdc (krb5_context context) { return context->use_admin_kdc; @@ -736,12 +1094,12 @@ krb5_get_use_admin_kdc (krb5_context context) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_extra_addresses(krb5_context context, krb5_addresses *addresses) { if(context->extra_addresses) - return krb5_append_addresses(context, + return krb5_append_addresses(context, context->extra_addresses, addresses); else return krb5_set_extra_addresses(context, addresses); @@ -760,7 +1118,7 @@ krb5_add_extra_addresses(krb5_context context, krb5_addresses *addresses) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_extra_addresses(krb5_context context, const krb5_addresses *addresses) { if(context->extra_addresses) @@ -776,7 +1134,7 @@ krb5_set_extra_addresses(krb5_context context, const krb5_addresses *addresses) if(context->extra_addresses == NULL) { context->extra_addresses = malloc(sizeof(*context->extra_addresses)); if(context->extra_addresses == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } } @@ -796,7 +1154,7 @@ krb5_set_extra_addresses(krb5_context context, const krb5_addresses *addresses) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_extra_addresses(krb5_context context, krb5_addresses *addresses) { if(context->extra_addresses == NULL) { @@ -819,12 +1177,12 @@ krb5_get_extra_addresses(krb5_context context, krb5_addresses *addresses) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_ignore_addresses(krb5_context context, krb5_addresses *addresses) { if(context->ignore_addresses) - return krb5_append_addresses(context, + return krb5_append_addresses(context, context->ignore_addresses, addresses); else return krb5_set_ignore_addresses(context, addresses); @@ -843,7 +1201,7 @@ krb5_add_ignore_addresses(krb5_context context, krb5_addresses *addresses) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_ignore_addresses(krb5_context context, const krb5_addresses *addresses) { if(context->ignore_addresses) @@ -858,7 +1216,7 @@ krb5_set_ignore_addresses(krb5_context context, const krb5_addresses *addresses) if(context->ignore_addresses == NULL) { context->ignore_addresses = malloc(sizeof(*context->ignore_addresses)); if(context->ignore_addresses == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } } @@ -878,7 +1236,7 @@ krb5_set_ignore_addresses(krb5_context context, const krb5_addresses *addresses) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_ignore_addresses(krb5_context context, krb5_addresses *addresses) { if(context->ignore_addresses == NULL) { @@ -900,7 +1258,7 @@ krb5_get_ignore_addresses(krb5_context context, krb5_addresses *addresses) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_fcache_version(krb5_context context, int version) { context->fcache_vno = version; @@ -919,7 +1277,7 @@ krb5_set_fcache_version(krb5_context context, int version) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_fcache_version(krb5_context context, int *version) { *version = context->fcache_vno; @@ -935,7 +1293,7 @@ krb5_get_fcache_version(krb5_context context, int *version) */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_is_thread_safe(void) { #ifdef ENABLE_PTHREAD_SUPPORT @@ -954,7 +1312,7 @@ krb5_is_thread_safe(void) * @ingroup krb5 */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_dns_canonicalize_hostname (krb5_context context, krb5_boolean flag) { if (flag) @@ -973,7 +1331,7 @@ krb5_set_dns_canonicalize_hostname (krb5_context context, krb5_boolean flag) * @ingroup krb5 */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_get_dns_canonicalize_hostname (krb5_context context) { return (context->flags & KRB5_CTX_F_DNS_CANONICALIZE_HOSTNAME) ? 1 : 0; @@ -986,12 +1344,12 @@ krb5_get_dns_canonicalize_hostname (krb5_context context) * @param sec seconds part of offset. * @param usec micro seconds part of offset. * - * @return return non zero if the library uses DNS to canonicalize hostnames. + * @return returns zero * * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_kdc_sec_offset (krb5_context context, int32_t *sec, int32_t *usec) { if (sec) @@ -1001,6 +1359,27 @@ krb5_get_kdc_sec_offset (krb5_context context, int32_t *sec, int32_t *usec) return 0; } +/** + * Set current offset in time to the KDC. + * + * @param context Kerberos 5 context. + * @param sec seconds part of offset. + * @param usec micro seconds part of offset. + * + * @return returns zero + * + * @ingroup krb5 + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_set_kdc_sec_offset (krb5_context context, int32_t sec, int32_t usec) +{ + context->kdc_sec_offset = sec; + if (usec >= 0) + context->kdc_usec_offset = usec; + return 0; +} + /** * Get max time skew allowed. * @@ -1011,7 +1390,7 @@ krb5_get_kdc_sec_offset (krb5_context context, int32_t *sec, int32_t *usec) * @ingroup krb5 */ -time_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL krb5_get_max_time_skew (krb5_context context) { return context->max_skew; @@ -1026,8 +1405,112 @@ krb5_get_max_time_skew (krb5_context context) * @ingroup krb5 */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_max_time_skew (krb5_context context, time_t t) { context->max_skew = t; } + +/* + * Init encryption types in len, val with etypes. + * + * @param context Kerberos 5 context. + * @param pdu_type type of pdu + * @param len output length of val. + * @param val output array of enctypes. + * @param etypes etypes to set val and len to, if NULL, use default enctypes. + + * @return Returns 0 to indicate success. Otherwise an kerberos et + * error code is returned, see krb5_get_error_message(). + * + * @ingroup krb5 + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_init_etype(krb5_context context, + krb5_pdu pdu_type, + unsigned *len, + krb5_enctype **val, + const krb5_enctype *etypes) +{ + krb5_error_code ret; + + if (etypes == NULL) + ret = krb5_get_default_in_tkt_etypes(context, pdu_type, val); + else + ret = copy_enctypes(context, etypes, val); + if (ret) + return ret; + + if (len) { + *len = 0; + while ((*val)[*len] != KRB5_ENCTYPE_NULL) + (*len)++; + } + return 0; +} + +/* + * Allow homedir accces + */ + +static HEIMDAL_MUTEX homedir_mutex = HEIMDAL_MUTEX_INITIALIZER; +static krb5_boolean allow_homedir = TRUE; + +krb5_boolean +_krb5_homedir_access(krb5_context context) +{ + krb5_boolean allow; + +#ifdef HAVE_GETEUID + /* is never allowed for root */ + if (geteuid() == 0) + return FALSE; +#endif + + if (context && (context->flags & KRB5_CTX_F_HOMEDIR_ACCESS) == 0) + return FALSE; + + HEIMDAL_MUTEX_lock(&homedir_mutex); + allow = allow_homedir; + HEIMDAL_MUTEX_unlock(&homedir_mutex); + return allow; +} + +/** + * Enable and disable home directory access on either the global state + * or the krb5_context state. By calling krb5_set_home_dir_access() + * with context set to NULL, the global state is configured otherwise + * the state for the krb5_context is modified. + * + * For home directory access to be allowed, both the global state and + * the krb5_context state have to be allowed. + * + * Administrator (root user), never uses the home directory. + * + * @param context a Kerberos 5 context or NULL + * @param allow allow if TRUE home directory + * @return the old value + * + * @ingroup krb5 + */ + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_set_home_dir_access(krb5_context context, krb5_boolean allow) +{ + krb5_boolean old; + if (context) { + old = (context->flags & KRB5_CTX_F_HOMEDIR_ACCESS) ? TRUE : FALSE; + if (allow) + context->flags |= KRB5_CTX_F_HOMEDIR_ACCESS; + else + context->flags &= ~KRB5_CTX_F_HOMEDIR_ACCESS; + } else { + HEIMDAL_MUTEX_lock(&homedir_mutex); + old = allow_homedir; + allow_homedir = allow; + HEIMDAL_MUTEX_unlock(&homedir_mutex); + } + + return old; +} diff --git a/lib/krb5/convert_creds.c b/lib/krb5/convert_creds.c index b2af0187eac3..fc371c637764 100644 --- a/lib/krb5/convert_creds.c +++ b/lib/krb5/convert_creds.c @@ -1,46 +1,40 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: convert_creds.c 22050 2007-11-11 11:20:46Z lha $"); - #include "krb5-v4compat.h" -static krb5_error_code -check_ticket_flags(TicketFlags f) -{ - return 0; /* maybe add some more tests here? */ -} +#ifndef HEIMDAL_SMALLER /** * Convert the v5 credentials in in_cred to v4-dito in v4creds. This @@ -58,90 +52,16 @@ check_ticket_flags(TicketFlags f) * @ingroup krb5_v4compat */ -krb5_error_code KRB5_LIB_FUNCTION -krb524_convert_creds_kdc(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb524_convert_creds_kdc(krb5_context context, krb5_creds *in_cred, struct credentials *v4creds) + KRB5_DEPRECATED_FUNCTION("Use X instead") { - krb5_error_code ret; - krb5_data reply; - krb5_storage *sp; - int32_t tmp; - krb5_data ticket; - char realm[REALM_SZ]; - krb5_creds *v5_creds = in_cred; - - ret = check_ticket_flags(v5_creds->flags.b); - if(ret) - goto out2; - - { - krb5_krbhst_handle handle; - - ret = krb5_krbhst_init(context, - krb5_principal_get_realm(context, - v5_creds->server), - KRB5_KRBHST_KRB524, - &handle); - if (ret) - goto out2; - - ret = krb5_sendto (context, - &v5_creds->ticket, - handle, - &reply); - krb5_krbhst_free(context, handle); - if (ret) - goto out2; - } - sp = krb5_storage_from_mem(reply.data, reply.length); - if(sp == NULL) { - ret = ENOMEM; - krb5_set_error_string (context, "malloc: out of memory"); - goto out2; - } - krb5_ret_int32(sp, &tmp); - ret = tmp; - if(ret == 0) { - memset(v4creds, 0, sizeof(*v4creds)); - ret = krb5_ret_int32(sp, &tmp); - if(ret) - goto out; - v4creds->kvno = tmp; - ret = krb5_ret_data(sp, &ticket); - if(ret) - goto out; - v4creds->ticket_st.length = ticket.length; - memcpy(v4creds->ticket_st.dat, ticket.data, ticket.length); - krb5_data_free(&ticket); - ret = krb5_524_conv_principal(context, - v5_creds->server, - v4creds->service, - v4creds->instance, - v4creds->realm); - if(ret) - goto out; - v4creds->issue_date = v5_creds->times.starttime; - v4creds->lifetime = _krb5_krb_time_to_life(v4creds->issue_date, - v5_creds->times.endtime); - ret = krb5_524_conv_principal(context, v5_creds->client, - v4creds->pname, - v4creds->pinst, - realm); - if(ret) - goto out; - memcpy(v4creds->session, v5_creds->session.keyvalue.data, 8); - } else { - krb5_set_error_string(context, "converting credentials: %s", - krb5_get_err_text(context, ret)); - } -out: - krb5_storage_free(sp); - krb5_data_free(&reply); -out2: - if (v5_creds != in_cred) - krb5_free_creds (context, v5_creds); - return ret; + memset(v4creds, 0, sizeof(*v4creds)); + krb5_set_error_message(context, EINVAL, + N_("krb524_convert_creds_kdc not supported", "")); + return EINVAL; } /** @@ -159,46 +79,17 @@ krb524_convert_creds_kdc(krb5_context context, * @ingroup krb5_v4compat */ -krb5_error_code KRB5_LIB_FUNCTION -krb524_convert_creds_kdc_ccache(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb524_convert_creds_kdc_ccache(krb5_context context, krb5_ccache ccache, krb5_creds *in_cred, struct credentials *v4creds) + KRB5_DEPRECATED_FUNCTION("Use X instead") { - krb5_error_code ret; - krb5_creds *v5_creds = in_cred; - krb5_keytype keytype; - - keytype = v5_creds->session.keytype; - - if (keytype != ENCTYPE_DES_CBC_CRC) { - /* MIT krb524d doesn't like nothing but des-cbc-crc tickets, - so go get one */ - krb5_creds template; - - memset (&template, 0, sizeof(template)); - template.session.keytype = ENCTYPE_DES_CBC_CRC; - ret = krb5_copy_principal (context, in_cred->client, &template.client); - if (ret) { - krb5_free_cred_contents (context, &template); - return ret; - } - ret = krb5_copy_principal (context, in_cred->server, &template.server); - if (ret) { - krb5_free_cred_contents (context, &template); - return ret; - } - - ret = krb5_get_credentials (context, 0, ccache, - &template, &v5_creds); - krb5_free_cred_contents (context, &template); - if (ret) - return ret; - } - - ret = krb524_convert_creds_kdc(context, v5_creds, v4creds); - - if (v5_creds != in_cred) - krb5_free_creds (context, v5_creds); - return ret; + memset(v4creds, 0, sizeof(*v4creds)); + krb5_set_error_message(context, EINVAL, + N_("krb524_convert_creds_kdc_ccache not supported", "")); + return EINVAL; } + +#endif diff --git a/lib/krb5/copy_host_realm.c b/lib/krb5/copy_host_realm.c index 8c4f39b4ac4c..73bc117f12af 100644 --- a/lib/krb5/copy_host_realm.c +++ b/lib/krb5/copy_host_realm.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: copy_host_realm.c 22057 2007-11-11 15:13:13Z lha $"); - /** * Copy the list of realms from `from' to `to'. * @@ -48,29 +46,30 @@ RCSID("$Id: copy_host_realm.c 22057 2007-11-11 15:13:13Z lha $"); * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_host_realm(krb5_context context, const krb5_realm *from, krb5_realm **to) { - int n, i; + unsigned int n, i; const krb5_realm *p; - for (n = 0, p = from; *p != NULL; ++p) + for (n = 1, p = from; *p != NULL; ++p) ++n; - ++n; - *to = malloc (n * sizeof(**to)); + + *to = calloc (n, sizeof(**to)); if (*to == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } - for (i = 0; i < n; ++i) - (*to)[i] = NULL; + for (i = 0, p = from; *p != NULL; ++p, ++i) { (*to)[i] = strdup(*p); if ((*to)[i] == NULL) { krb5_free_host_realm (context, *to); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } } diff --git a/lib/krb5/crc.c b/lib/krb5/crc.c index 072c29d68974..eab946541db7 100644 --- a/lib/krb5/crc.c +++ b/lib/krb5/crc.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: crc.c 17442 2006-05-05 09:31:15Z lha $"); - static u_long table[256]; #define CRC_GEN 0xEDB88320L @@ -44,8 +42,8 @@ _krb5_crc_init_table(void) { static int flag = 0; unsigned long crc, poly; - int i, j; - + unsigned int i, j; + if(flag) return; poly = CRC_GEN; for (i = 0; i < 256; i++) { diff --git a/lib/krb5/creds.c b/lib/krb5/creds.c index 17ef46dfa3b6..7ef8eb96095f 100644 --- a/lib/krb5/creds.c +++ b/lib/krb5/creds.c @@ -1,50 +1,38 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: creds.c 22062 2007-11-11 15:41:50Z lha $"); - -#undef __attribute__ -#define __attribute__(X) - -/* keep this for compatibility with older code */ -krb5_error_code KRB5_LIB_FUNCTION __attribute__((deprecated)) -krb5_free_creds_contents (krb5_context context, krb5_creds *c) -{ - return krb5_free_cred_contents (context, c); -} - /** * Free content of krb5_creds. * @@ -57,7 +45,7 @@ krb5_free_creds_contents (krb5_context context, krb5_creds *c) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_cred_contents (krb5_context context, krb5_creds *c) { krb5_free_principal (context, c->client); @@ -86,7 +74,7 @@ krb5_free_cred_contents (krb5_context context, krb5_creds *c) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_creds_contents (krb5_context context, const krb5_creds *incred, krb5_creds *c) @@ -143,7 +131,7 @@ krb5_copy_creds_contents (krb5_context context, * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_creds (krb5_context context, const krb5_creds *incred, krb5_creds **outcred) @@ -152,7 +140,8 @@ krb5_copy_creds (krb5_context context, c = malloc (sizeof (*c)); if (c == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message (context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } memset (c, 0, sizeof(*c)); @@ -172,7 +161,7 @@ krb5_copy_creds (krb5_context context, * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_creds (krb5_context context, krb5_creds *c) { krb5_free_cred_contents (context, c); @@ -194,6 +183,18 @@ krb5_times_equal(const krb5_times *a, const krb5_times *b) * Return TRUE if `mcreds' and `creds' are equal (`whichfields' * determines what equal means). * + * + * The following flags, set in whichfields affects the comparison: + * - KRB5_TC_MATCH_SRV_NAMEONLY Consider all realms equal when comparing the service principal. + * - KRB5_TC_MATCH_KEYTYPE Compare enctypes. + * - KRB5_TC_MATCH_FLAGS_EXACT Make sure that the ticket flags are identical. + * - KRB5_TC_MATCH_FLAGS Make sure that all ticket flags set in mcreds are also present in creds . + * - KRB5_TC_MATCH_TIMES_EXACT Compares the ticket times exactly. + * - KRB5_TC_MATCH_TIMES Compares only the expiration times of the creds. + * - KRB5_TC_MATCH_AUTHDATA Compares the authdata fields. + * - KRB5_TC_MATCH_2ND_TKT Compares the second tickets (used by user-to-user authentication). + * - KRB5_TC_MATCH_IS_SKEY Compares the existance of the second ticket. + * * @param context Kerberos 5 context. * @param whichfields which fields to compare. * @param mcreds cred to compare with. @@ -204,34 +205,32 @@ krb5_times_equal(const krb5_times *a, const krb5_times *b) * @ingroup krb5 */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_compare_creds(krb5_context context, krb5_flags whichfields, const krb5_creds * mcreds, const krb5_creds * creds) { krb5_boolean match = TRUE; - + if (match && mcreds->server) { - if (whichfields & (KRB5_TC_DONT_MATCH_REALM | KRB5_TC_MATCH_SRV_NAMEONLY)) - match = krb5_principal_compare_any_realm (context, mcreds->server, + if (whichfields & (KRB5_TC_DONT_MATCH_REALM | KRB5_TC_MATCH_SRV_NAMEONLY)) + match = krb5_principal_compare_any_realm (context, mcreds->server, creds->server); else - match = krb5_principal_compare (context, mcreds->server, + match = krb5_principal_compare (context, mcreds->server, creds->server); } if (match && mcreds->client) { if(whichfields & KRB5_TC_DONT_MATCH_REALM) - match = krb5_principal_compare_any_realm (context, mcreds->client, + match = krb5_principal_compare_any_realm (context, mcreds->client, creds->client); else - match = krb5_principal_compare (context, mcreds->client, + match = krb5_principal_compare (context, mcreds->client, creds->client); } - + if (match && (whichfields & KRB5_TC_MATCH_KEYTYPE)) - match = krb5_enctypes_compatible_keys(context, - mcreds->session.keytype, - creds->session.keytype); + match = mcreds->session.keytype == creds->session.keytype; if (match && (whichfields & KRB5_TC_MATCH_FLAGS_EXACT)) match = mcreds->flags.i == creds->flags.i; @@ -241,7 +240,7 @@ krb5_compare_creds(krb5_context context, krb5_flags whichfields, if (match && (whichfields & KRB5_TC_MATCH_TIMES_EXACT)) match = krb5_times_equal(&mcreds->times, &creds->times); - + if (match && (whichfields & KRB5_TC_MATCH_TIMES)) /* compare only expiration times */ match = (mcreds->times.renew_till <= creds->times.renew_till) && @@ -253,7 +252,7 @@ krb5_compare_creds(krb5_context context, krb5_flags whichfields, match = FALSE; else for(i = 0; match && i < mcreds->authdata.len; i++) - match = (mcreds->authdata.val[i].ad_type == + match = (mcreds->authdata.val[i].ad_type == creds->authdata.val[i].ad_type) && (krb5_data_cmp(&mcreds->authdata.val[i].ad_data, &creds->authdata.val[i].ad_data) == 0); @@ -262,8 +261,25 @@ krb5_compare_creds(krb5_context context, krb5_flags whichfields, match = (krb5_data_cmp(&mcreds->second_ticket, &creds->second_ticket) == 0); if (match && (whichfields & KRB5_TC_MATCH_IS_SKEY)) - match = ((mcreds->second_ticket.length == 0) == + match = ((mcreds->second_ticket.length == 0) == (creds->second_ticket.length == 0)); return match; } + +/** + * Returns the ticket flags for the credentials in creds. + * See also krb5_ticket_get_flags(). + * + * @param creds credential to get ticket flags from + * + * @return ticket flags + * + * @ingroup krb5 + */ + +KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL +krb5_creds_get_ticket_flags(krb5_creds *creds) +{ + return TicketFlags2int(creds->flags.b); +} diff --git a/lib/krb5/crypto-aes.c b/lib/krb5/crypto-aes.c new file mode 100644 index 000000000000..b97854206ced --- /dev/null +++ b/lib/krb5/crypto-aes.c @@ -0,0 +1,170 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +/* + * AES + */ + +static struct _krb5_key_type keytype_aes128 = { + ENCTYPE_AES128_CTS_HMAC_SHA1_96, + "aes-128", + 128, + 16, + sizeof(struct _krb5_evp_schedule), + NULL, + _krb5_evp_schedule, + _krb5_AES_salt, + NULL, + _krb5_evp_cleanup, + EVP_aes_128_cbc +}; + +static struct _krb5_key_type keytype_aes256 = { + ENCTYPE_AES256_CTS_HMAC_SHA1_96, + "aes-256", + 256, + 32, + sizeof(struct _krb5_evp_schedule), + NULL, + _krb5_evp_schedule, + _krb5_AES_salt, + NULL, + _krb5_evp_cleanup, + EVP_aes_256_cbc +}; + +struct _krb5_checksum_type _krb5_checksum_hmac_sha1_aes128 = { + CKSUMTYPE_HMAC_SHA1_96_AES_128, + "hmac-sha1-96-aes128", + 64, + 12, + F_KEYED | F_CPROOF | F_DERIVED, + _krb5_SP_HMAC_SHA1_checksum, + NULL +}; + +struct _krb5_checksum_type _krb5_checksum_hmac_sha1_aes256 = { + CKSUMTYPE_HMAC_SHA1_96_AES_256, + "hmac-sha1-96-aes256", + 64, + 12, + F_KEYED | F_CPROOF | F_DERIVED, + _krb5_SP_HMAC_SHA1_checksum, + NULL +}; + +static krb5_error_code +AES_PRF(krb5_context context, + krb5_crypto crypto, + const krb5_data *in, + krb5_data *out) +{ + struct _krb5_checksum_type *ct = crypto->et->checksum; + krb5_error_code ret; + Checksum result; + krb5_keyblock *derived; + + result.cksumtype = ct->type; + ret = krb5_data_alloc(&result.checksum, ct->checksumsize); + if (ret) { + krb5_set_error_message(context, ret, N_("malloc: out memory", "")); + return ret; + } + + ret = (*ct->checksum)(context, NULL, in->data, in->length, 0, &result); + if (ret) { + krb5_data_free(&result.checksum); + return ret; + } + + if (result.checksum.length < crypto->et->blocksize) + krb5_abortx(context, "internal prf error"); + + derived = NULL; + ret = krb5_derive_key(context, crypto->key.key, + crypto->et->type, "prf", 3, &derived); + if (ret) + krb5_abortx(context, "krb5_derive_key"); + + ret = krb5_data_alloc(out, crypto->et->blocksize); + if (ret) + krb5_abortx(context, "malloc failed"); + + { + const EVP_CIPHER *c = (*crypto->et->keytype->evp)(); + EVP_CIPHER_CTX ctx; + + EVP_CIPHER_CTX_init(&ctx); /* ivec all zero */ + EVP_CipherInit_ex(&ctx, c, NULL, derived->keyvalue.data, NULL, 1); + EVP_Cipher(&ctx, out->data, result.checksum.data, + crypto->et->blocksize); + EVP_CIPHER_CTX_cleanup(&ctx); + } + + krb5_data_free(&result.checksum); + krb5_free_keyblock(context, derived); + + return ret; +} + +struct _krb5_encryption_type _krb5_enctype_aes128_cts_hmac_sha1 = { + ETYPE_AES128_CTS_HMAC_SHA1_96, + "aes128-cts-hmac-sha1-96", + 16, + 1, + 16, + &keytype_aes128, + &_krb5_checksum_sha1, + &_krb5_checksum_hmac_sha1_aes128, + F_DERIVED, + _krb5_evp_encrypt_cts, + 16, + AES_PRF +}; + +struct _krb5_encryption_type _krb5_enctype_aes256_cts_hmac_sha1 = { + ETYPE_AES256_CTS_HMAC_SHA1_96, + "aes256-cts-hmac-sha1-96", + 16, + 1, + 16, + &keytype_aes256, + &_krb5_checksum_sha1, + &_krb5_checksum_hmac_sha1_aes256, + F_DERIVED, + _krb5_evp_encrypt_cts, + 16, + AES_PRF +}; diff --git a/lib/krb5/crypto-algs.c b/lib/krb5/crypto-algs.c new file mode 100644 index 000000000000..ed31377bd070 --- /dev/null +++ b/lib/krb5/crypto-algs.c @@ -0,0 +1,87 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +#ifndef HEIMDAL_SMALLER +#define DES3_OLD_ENCTYPE 1 +#endif + +struct _krb5_checksum_type *_krb5_checksum_types[] = { + &_krb5_checksum_none, +#ifdef HEIM_WEAK_CRYPTO + &_krb5_checksum_crc32, + &_krb5_checksum_rsa_md4, + &_krb5_checksum_rsa_md4_des, + &_krb5_checksum_rsa_md5_des, +#endif +#ifdef DES3_OLD_ENCTYPE + &_krb5_checksum_rsa_md5_des3, +#endif + &_krb5_checksum_rsa_md5, + &_krb5_checksum_sha1, + &_krb5_checksum_hmac_sha1_des3, + &_krb5_checksum_hmac_sha1_aes128, + &_krb5_checksum_hmac_sha1_aes256, + &_krb5_checksum_hmac_md5 +}; + +int _krb5_num_checksums + = sizeof(_krb5_checksum_types) / sizeof(_krb5_checksum_types[0]); + +/* + * these should currently be in reverse preference order. + * (only relevant for !F_PSEUDO) */ + +struct _krb5_encryption_type *_krb5_etypes[] = { + &_krb5_enctype_aes256_cts_hmac_sha1, + &_krb5_enctype_aes128_cts_hmac_sha1, + &_krb5_enctype_des3_cbc_sha1, + &_krb5_enctype_des3_cbc_none, /* used by the gss-api mech */ + &_krb5_enctype_arcfour_hmac_md5, +#ifdef DES3_OLD_ENCTYPE + &_krb5_enctype_des3_cbc_md5, + &_krb5_enctype_old_des3_cbc_sha1, +#endif +#ifdef HEIM_WEAK_CRYPTO + &_krb5_enctype_des_cbc_md5, + &_krb5_enctype_des_cbc_md4, + &_krb5_enctype_des_cbc_crc, + &_krb5_enctype_des_cbc_none, + &_krb5_enctype_des_cfb64_none, + &_krb5_enctype_des_pcbc_none, +#endif + &_krb5_enctype_null +}; + +int _krb5_num_etypes = sizeof(_krb5_etypes) / sizeof(_krb5_etypes[0]); diff --git a/lib/krb5/crypto-arcfour.c b/lib/krb5/crypto-arcfour.c new file mode 100644 index 000000000000..1b369d2fda14 --- /dev/null +++ b/lib/krb5/crypto-arcfour.c @@ -0,0 +1,325 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * ARCFOUR + */ + +#include "krb5_locl.h" + +static struct _krb5_key_type keytype_arcfour = { + ENCTYPE_ARCFOUR_HMAC_MD5, + "arcfour", + 128, + 16, + sizeof(struct _krb5_evp_schedule), + NULL, + _krb5_evp_schedule, + _krb5_arcfour_salt, + NULL, + _krb5_evp_cleanup, + EVP_rc4 +}; + +/* + * checksum according to section 5. of draft-brezak-win2k-krb-rc4-hmac-03.txt + */ + +krb5_error_code +_krb5_HMAC_MD5_checksum(krb5_context context, + struct _krb5_key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *result) +{ + EVP_MD_CTX *m; + struct _krb5_checksum_type *c = _krb5_find_checksum (CKSUMTYPE_RSA_MD5); + const char signature[] = "signaturekey"; + Checksum ksign_c; + struct _krb5_key_data ksign; + krb5_keyblock kb; + unsigned char t[4]; + unsigned char tmp[16]; + unsigned char ksign_c_data[16]; + krb5_error_code ret; + + m = EVP_MD_CTX_create(); + if (m == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + ksign_c.checksum.length = sizeof(ksign_c_data); + ksign_c.checksum.data = ksign_c_data; + ret = _krb5_internal_hmac(context, c, signature, sizeof(signature), + 0, key, &ksign_c); + if (ret) { + EVP_MD_CTX_destroy(m); + return ret; + } + ksign.key = &kb; + kb.keyvalue = ksign_c.checksum; + EVP_DigestInit_ex(m, EVP_md5(), NULL); + t[0] = (usage >> 0) & 0xFF; + t[1] = (usage >> 8) & 0xFF; + t[2] = (usage >> 16) & 0xFF; + t[3] = (usage >> 24) & 0xFF; + EVP_DigestUpdate(m, t, 4); + EVP_DigestUpdate(m, data, len); + EVP_DigestFinal_ex (m, tmp, NULL); + EVP_MD_CTX_destroy(m); + + ret = _krb5_internal_hmac(context, c, tmp, sizeof(tmp), 0, &ksign, result); + if (ret) + return ret; + return 0; +} + +struct _krb5_checksum_type _krb5_checksum_hmac_md5 = { + CKSUMTYPE_HMAC_MD5, + "hmac-md5", + 64, + 16, + F_KEYED | F_CPROOF, + _krb5_HMAC_MD5_checksum, + NULL +}; + +/* + * section 6 of draft-brezak-win2k-krb-rc4-hmac-03 + * + * warning: not for small children + */ + +static krb5_error_code +ARCFOUR_subencrypt(krb5_context context, + struct _krb5_key_data *key, + void *data, + size_t len, + unsigned usage, + void *ivec) +{ + EVP_CIPHER_CTX ctx; + struct _krb5_checksum_type *c = _krb5_find_checksum (CKSUMTYPE_RSA_MD5); + Checksum k1_c, k2_c, k3_c, cksum; + struct _krb5_key_data ke; + krb5_keyblock kb; + unsigned char t[4]; + unsigned char *cdata = data; + unsigned char k1_c_data[16], k2_c_data[16], k3_c_data[16]; + krb5_error_code ret; + + t[0] = (usage >> 0) & 0xFF; + t[1] = (usage >> 8) & 0xFF; + t[2] = (usage >> 16) & 0xFF; + t[3] = (usage >> 24) & 0xFF; + + k1_c.checksum.length = sizeof(k1_c_data); + k1_c.checksum.data = k1_c_data; + + ret = _krb5_internal_hmac(NULL, c, t, sizeof(t), 0, key, &k1_c); + if (ret) + krb5_abortx(context, "hmac failed"); + + memcpy (k2_c_data, k1_c_data, sizeof(k1_c_data)); + + k2_c.checksum.length = sizeof(k2_c_data); + k2_c.checksum.data = k2_c_data; + + ke.key = &kb; + kb.keyvalue = k2_c.checksum; + + cksum.checksum.length = 16; + cksum.checksum.data = data; + + ret = _krb5_internal_hmac(NULL, c, cdata + 16, len - 16, 0, &ke, &cksum); + if (ret) + krb5_abortx(context, "hmac failed"); + + ke.key = &kb; + kb.keyvalue = k1_c.checksum; + + k3_c.checksum.length = sizeof(k3_c_data); + k3_c.checksum.data = k3_c_data; + + ret = _krb5_internal_hmac(NULL, c, data, 16, 0, &ke, &k3_c); + if (ret) + krb5_abortx(context, "hmac failed"); + + EVP_CIPHER_CTX_init(&ctx); + + EVP_CipherInit_ex(&ctx, EVP_rc4(), NULL, k3_c.checksum.data, NULL, 1); + EVP_Cipher(&ctx, cdata + 16, cdata + 16, len - 16); + EVP_CIPHER_CTX_cleanup(&ctx); + + memset (k1_c_data, 0, sizeof(k1_c_data)); + memset (k2_c_data, 0, sizeof(k2_c_data)); + memset (k3_c_data, 0, sizeof(k3_c_data)); + return 0; +} + +static krb5_error_code +ARCFOUR_subdecrypt(krb5_context context, + struct _krb5_key_data *key, + void *data, + size_t len, + unsigned usage, + void *ivec) +{ + EVP_CIPHER_CTX ctx; + struct _krb5_checksum_type *c = _krb5_find_checksum (CKSUMTYPE_RSA_MD5); + Checksum k1_c, k2_c, k3_c, cksum; + struct _krb5_key_data ke; + krb5_keyblock kb; + unsigned char t[4]; + unsigned char *cdata = data; + unsigned char k1_c_data[16], k2_c_data[16], k3_c_data[16]; + unsigned char cksum_data[16]; + krb5_error_code ret; + + t[0] = (usage >> 0) & 0xFF; + t[1] = (usage >> 8) & 0xFF; + t[2] = (usage >> 16) & 0xFF; + t[3] = (usage >> 24) & 0xFF; + + k1_c.checksum.length = sizeof(k1_c_data); + k1_c.checksum.data = k1_c_data; + + ret = _krb5_internal_hmac(NULL, c, t, sizeof(t), 0, key, &k1_c); + if (ret) + krb5_abortx(context, "hmac failed"); + + memcpy (k2_c_data, k1_c_data, sizeof(k1_c_data)); + + k2_c.checksum.length = sizeof(k2_c_data); + k2_c.checksum.data = k2_c_data; + + ke.key = &kb; + kb.keyvalue = k1_c.checksum; + + k3_c.checksum.length = sizeof(k3_c_data); + k3_c.checksum.data = k3_c_data; + + ret = _krb5_internal_hmac(NULL, c, cdata, 16, 0, &ke, &k3_c); + if (ret) + krb5_abortx(context, "hmac failed"); + + EVP_CIPHER_CTX_init(&ctx); + EVP_CipherInit_ex(&ctx, EVP_rc4(), NULL, k3_c.checksum.data, NULL, 0); + EVP_Cipher(&ctx, cdata + 16, cdata + 16, len - 16); + EVP_CIPHER_CTX_cleanup(&ctx); + + ke.key = &kb; + kb.keyvalue = k2_c.checksum; + + cksum.checksum.length = 16; + cksum.checksum.data = cksum_data; + + ret = _krb5_internal_hmac(NULL, c, cdata + 16, len - 16, 0, &ke, &cksum); + if (ret) + krb5_abortx(context, "hmac failed"); + + memset (k1_c_data, 0, sizeof(k1_c_data)); + memset (k2_c_data, 0, sizeof(k2_c_data)); + memset (k3_c_data, 0, sizeof(k3_c_data)); + + if (ct_memcmp (cksum.checksum.data, data, 16) != 0) { + krb5_clear_error_message (context); + return KRB5KRB_AP_ERR_BAD_INTEGRITY; + } else { + return 0; + } +} + +/* + * convert the usage numbers used in + * draft-ietf-cat-kerb-key-derivation-00.txt to the ones in + * draft-brezak-win2k-krb-rc4-hmac-04.txt + */ + +krb5_error_code +_krb5_usage2arcfour(krb5_context context, unsigned *usage) +{ + switch (*usage) { + case KRB5_KU_AS_REP_ENC_PART : /* 3 */ + *usage = 8; + return 0; + case KRB5_KU_USAGE_SEAL : /* 22 */ + *usage = 13; + return 0; + case KRB5_KU_USAGE_SIGN : /* 23 */ + *usage = 15; + return 0; + case KRB5_KU_USAGE_SEQ: /* 24 */ + *usage = 0; + return 0; + default : + return 0; + } +} + +static krb5_error_code +ARCFOUR_encrypt(krb5_context context, + struct _krb5_key_data *key, + void *data, + size_t len, + krb5_boolean encryptp, + int usage, + void *ivec) +{ + krb5_error_code ret; + unsigned keyusage = usage; + + if((ret = _krb5_usage2arcfour (context, &keyusage)) != 0) + return ret; + + if (encryptp) + return ARCFOUR_subencrypt (context, key, data, len, keyusage, ivec); + else + return ARCFOUR_subdecrypt (context, key, data, len, keyusage, ivec); +} + +struct _krb5_encryption_type _krb5_enctype_arcfour_hmac_md5 = { + ETYPE_ARCFOUR_HMAC_MD5, + "arcfour-hmac-md5", + 1, + 1, + 8, + &keytype_arcfour, + &_krb5_checksum_hmac_md5, + NULL, + F_SPECIAL, + ARCFOUR_encrypt, + 0, + NULL +}; diff --git a/lib/krb5/crypto-des-common.c b/lib/krb5/crypto-des-common.c new file mode 100644 index 000000000000..f8313952dc7c --- /dev/null +++ b/lib/krb5/crypto-des-common.c @@ -0,0 +1,152 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* Functions which are used by both single and triple DES enctypes */ + +#include "krb5_locl.h" + +/* + * A = A xor B. A & B are 8 bytes. + */ + +void +_krb5_xor (DES_cblock *key, const unsigned char *b) +{ + unsigned char *a = (unsigned char*)key; + a[0] ^= b[0]; + a[1] ^= b[1]; + a[2] ^= b[2]; + a[3] ^= b[3]; + a[4] ^= b[4]; + a[5] ^= b[5]; + a[6] ^= b[6]; + a[7] ^= b[7]; +} + +#if defined(DES3_OLD_ENCTYPE) || defined(HEIM_WEAK_CRYPTO) +krb5_error_code +_krb5_des_checksum(krb5_context context, + const EVP_MD *evp_md, + struct _krb5_key_data *key, + const void *data, + size_t len, + Checksum *cksum) +{ + struct _krb5_evp_schedule *ctx = key->schedule->data; + EVP_MD_CTX *m; + DES_cblock ivec; + unsigned char *p = cksum->checksum.data; + + krb5_generate_random_block(p, 8); + + m = EVP_MD_CTX_create(); + if (m == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + + EVP_DigestInit_ex(m, evp_md, NULL); + EVP_DigestUpdate(m, p, 8); + EVP_DigestUpdate(m, data, len); + EVP_DigestFinal_ex (m, p + 8, NULL); + EVP_MD_CTX_destroy(m); + memset (&ivec, 0, sizeof(ivec)); + EVP_CipherInit_ex(&ctx->ectx, NULL, NULL, NULL, (void *)&ivec, -1); + EVP_Cipher(&ctx->ectx, p, p, 24); + + return 0; +} + +krb5_error_code +_krb5_des_verify(krb5_context context, + const EVP_MD *evp_md, + struct _krb5_key_data *key, + const void *data, + size_t len, + Checksum *C) +{ + struct _krb5_evp_schedule *ctx = key->schedule->data; + EVP_MD_CTX *m; + unsigned char tmp[24]; + unsigned char res[16]; + DES_cblock ivec; + krb5_error_code ret = 0; + + m = EVP_MD_CTX_create(); + if (m == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + + memset(&ivec, 0, sizeof(ivec)); + EVP_CipherInit_ex(&ctx->dctx, NULL, NULL, NULL, (void *)&ivec, -1); + EVP_Cipher(&ctx->dctx, tmp, C->checksum.data, 24); + + EVP_DigestInit_ex(m, evp_md, NULL); + EVP_DigestUpdate(m, tmp, 8); /* confounder */ + EVP_DigestUpdate(m, data, len); + EVP_DigestFinal_ex (m, res, NULL); + EVP_MD_CTX_destroy(m); + if(ct_memcmp(res, tmp + 8, sizeof(res)) != 0) { + krb5_clear_error_message (context); + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; + } + memset(tmp, 0, sizeof(tmp)); + memset(res, 0, sizeof(res)); + return ret; +} + +#endif + +static krb5_error_code +RSA_MD5_checksum(krb5_context context, + struct _krb5_key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *C) +{ + if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md5(), NULL) != 1) + krb5_abortx(context, "md5 checksum failed"); + return 0; +} + +struct _krb5_checksum_type _krb5_checksum_rsa_md5 = { + CKSUMTYPE_RSA_MD5, + "rsa-md5", + 64, + 16, + F_CPROOF, + RSA_MD5_checksum, + NULL +}; diff --git a/lib/krb5/crypto-des.c b/lib/krb5/crypto-des.c new file mode 100644 index 000000000000..f6f1c6881c91 --- /dev/null +++ b/lib/krb5/crypto-des.c @@ -0,0 +1,377 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +#ifdef HEIM_WEAK_CRYPTO + + +static void +krb5_DES_random_key(krb5_context context, + krb5_keyblock *key) +{ + DES_cblock *k = key->keyvalue.data; + do { + krb5_generate_random_block(k, sizeof(DES_cblock)); + DES_set_odd_parity(k); + } while(DES_is_weak_key(k)); +} + +static void +krb5_DES_schedule_old(krb5_context context, + struct _krb5_key_type *kt, + struct _krb5_key_data *key) +{ + DES_set_key_unchecked(key->key->keyvalue.data, key->schedule->data); +} + +static void +krb5_DES_random_to_key(krb5_context context, + krb5_keyblock *key, + const void *data, + size_t size) +{ + DES_cblock *k = key->keyvalue.data; + memcpy(k, data, key->keyvalue.length); + DES_set_odd_parity(k); + if(DES_is_weak_key(k)) + _krb5_xor(k, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); +} + +static struct _krb5_key_type keytype_des_old = { + ETYPE_DES_CBC_CRC, + "des-old", + 56, + 8, + sizeof(DES_key_schedule), + krb5_DES_random_key, + krb5_DES_schedule_old, + _krb5_des_salt, + krb5_DES_random_to_key, + NULL, + NULL +}; + +static struct _krb5_key_type keytype_des = { + ETYPE_DES_CBC_CRC, + "des", + 56, + 8, + sizeof(struct _krb5_evp_schedule), + krb5_DES_random_key, + _krb5_evp_schedule, + _krb5_des_salt, + krb5_DES_random_to_key, + _krb5_evp_cleanup, + EVP_des_cbc +}; + +static krb5_error_code +CRC32_checksum(krb5_context context, + struct _krb5_key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *C) +{ + uint32_t crc; + unsigned char *r = C->checksum.data; + _krb5_crc_init_table (); + crc = _krb5_crc_update (data, len, 0); + r[0] = crc & 0xff; + r[1] = (crc >> 8) & 0xff; + r[2] = (crc >> 16) & 0xff; + r[3] = (crc >> 24) & 0xff; + return 0; +} + +static krb5_error_code +RSA_MD4_checksum(krb5_context context, + struct _krb5_key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *C) +{ + if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_md4(), NULL) != 1) + krb5_abortx(context, "md4 checksum failed"); + return 0; +} + +static krb5_error_code +RSA_MD4_DES_checksum(krb5_context context, + struct _krb5_key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *cksum) +{ + return _krb5_des_checksum(context, EVP_md4(), key, data, len, cksum); +} + +static krb5_error_code +RSA_MD4_DES_verify(krb5_context context, + struct _krb5_key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *C) +{ + return _krb5_des_verify(context, EVP_md4(), key, data, len, C); +} + +static krb5_error_code +RSA_MD5_DES_checksum(krb5_context context, + struct _krb5_key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *C) +{ + return _krb5_des_checksum(context, EVP_md5(), key, data, len, C); +} + +static krb5_error_code +RSA_MD5_DES_verify(krb5_context context, + struct _krb5_key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *C) +{ + return _krb5_des_verify(context, EVP_md5(), key, data, len, C); +} + +struct _krb5_checksum_type _krb5_checksum_crc32 = { + CKSUMTYPE_CRC32, + "crc32", + 1, + 4, + 0, + CRC32_checksum, + NULL +}; + +struct _krb5_checksum_type _krb5_checksum_rsa_md4 = { + CKSUMTYPE_RSA_MD4, + "rsa-md4", + 64, + 16, + F_CPROOF, + RSA_MD4_checksum, + NULL +}; + +struct _krb5_checksum_type _krb5_checksum_rsa_md4_des = { + CKSUMTYPE_RSA_MD4_DES, + "rsa-md4-des", + 64, + 24, + F_KEYED | F_CPROOF | F_VARIANT, + RSA_MD4_DES_checksum, + RSA_MD4_DES_verify +}; + +struct _krb5_checksum_type _krb5_checksum_rsa_md5_des = { + CKSUMTYPE_RSA_MD5_DES, + "rsa-md5-des", + 64, + 24, + F_KEYED | F_CPROOF | F_VARIANT, + RSA_MD5_DES_checksum, + RSA_MD5_DES_verify +}; + +static krb5_error_code +evp_des_encrypt_null_ivec(krb5_context context, + struct _krb5_key_data *key, + void *data, + size_t len, + krb5_boolean encryptp, + int usage, + void *ignore_ivec) +{ + struct _krb5_evp_schedule *ctx = key->schedule->data; + EVP_CIPHER_CTX *c; + DES_cblock ivec; + memset(&ivec, 0, sizeof(ivec)); + c = encryptp ? &ctx->ectx : &ctx->dctx; + EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1); + EVP_Cipher(c, data, data, len); + return 0; +} + +static krb5_error_code +evp_des_encrypt_key_ivec(krb5_context context, + struct _krb5_key_data *key, + void *data, + size_t len, + krb5_boolean encryptp, + int usage, + void *ignore_ivec) +{ + struct _krb5_evp_schedule *ctx = key->schedule->data; + EVP_CIPHER_CTX *c; + DES_cblock ivec; + memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); + c = encryptp ? &ctx->ectx : &ctx->dctx; + EVP_CipherInit_ex(c, NULL, NULL, NULL, (void *)&ivec, -1); + EVP_Cipher(c, data, data, len); + return 0; +} + +static krb5_error_code +DES_CFB64_encrypt_null_ivec(krb5_context context, + struct _krb5_key_data *key, + void *data, + size_t len, + krb5_boolean encryptp, + int usage, + void *ignore_ivec) +{ + DES_cblock ivec; + int num = 0; + DES_key_schedule *s = key->schedule->data; + memset(&ivec, 0, sizeof(ivec)); + + DES_cfb64_encrypt(data, data, len, s, &ivec, &num, encryptp); + return 0; +} + +static krb5_error_code +DES_PCBC_encrypt_key_ivec(krb5_context context, + struct _krb5_key_data *key, + void *data, + size_t len, + krb5_boolean encryptp, + int usage, + void *ignore_ivec) +{ + DES_cblock ivec; + DES_key_schedule *s = key->schedule->data; + memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); + + DES_pcbc_encrypt(data, data, len, s, &ivec, encryptp); + return 0; +} + +struct _krb5_encryption_type _krb5_enctype_des_cbc_crc = { + ETYPE_DES_CBC_CRC, + "des-cbc-crc", + 8, + 8, + 8, + &keytype_des, + &_krb5_checksum_crc32, + NULL, + F_DISABLED|F_WEAK, + evp_des_encrypt_key_ivec, + 0, + NULL +}; + +struct _krb5_encryption_type _krb5_enctype_des_cbc_md4 = { + ETYPE_DES_CBC_MD4, + "des-cbc-md4", + 8, + 8, + 8, + &keytype_des, + &_krb5_checksum_rsa_md4, + &_krb5_checksum_rsa_md4_des, + F_DISABLED|F_WEAK, + evp_des_encrypt_null_ivec, + 0, + NULL +}; + +struct _krb5_encryption_type _krb5_enctype_des_cbc_md5 = { + ETYPE_DES_CBC_MD5, + "des-cbc-md5", + 8, + 8, + 8, + &keytype_des, + &_krb5_checksum_rsa_md5, + &_krb5_checksum_rsa_md5_des, + F_DISABLED|F_WEAK, + evp_des_encrypt_null_ivec, + 0, + NULL +}; + +struct _krb5_encryption_type _krb5_enctype_des_cbc_none = { + ETYPE_DES_CBC_NONE, + "des-cbc-none", + 8, + 8, + 0, + &keytype_des, + &_krb5_checksum_none, + NULL, + F_PSEUDO|F_DISABLED|F_WEAK, + evp_des_encrypt_null_ivec, + 0, + NULL +}; + +struct _krb5_encryption_type _krb5_enctype_des_cfb64_none = { + ETYPE_DES_CFB64_NONE, + "des-cfb64-none", + 1, + 1, + 0, + &keytype_des_old, + &_krb5_checksum_none, + NULL, + F_PSEUDO|F_DISABLED|F_WEAK, + DES_CFB64_encrypt_null_ivec, + 0, + NULL +}; + +struct _krb5_encryption_type _krb5_enctype_des_pcbc_none = { + ETYPE_DES_PCBC_NONE, + "des-pcbc-none", + 8, + 8, + 0, + &keytype_des_old, + &_krb5_checksum_none, + NULL, + F_PSEUDO|F_DISABLED|F_WEAK, + DES_PCBC_encrypt_key_ivec, + 0, + NULL +}; +#endif /* HEIM_WEAK_CRYPTO */ diff --git a/lib/krb5/crypto-des3.c b/lib/krb5/crypto-des3.c new file mode 100644 index 000000000000..43806038b714 --- /dev/null +++ b/lib/krb5/crypto-des3.c @@ -0,0 +1,226 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +/* + * + */ + +static void +DES3_random_key(krb5_context context, + krb5_keyblock *key) +{ + DES_cblock *k = key->keyvalue.data; + do { + krb5_generate_random_block(k, 3 * sizeof(DES_cblock)); + DES_set_odd_parity(&k[0]); + DES_set_odd_parity(&k[1]); + DES_set_odd_parity(&k[2]); + } while(DES_is_weak_key(&k[0]) || + DES_is_weak_key(&k[1]) || + DES_is_weak_key(&k[2])); +} + + +#ifdef DES3_OLD_ENCTYPE +static struct _krb5_key_type keytype_des3 = { + ETYPE_OLD_DES3_CBC_SHA1, + "des3", + 168, + 24, + sizeof(struct _krb5_evp_schedule), + DES3_random_key, + _krb5_evp_schedule, + _krb5_des3_salt, + _krb5_DES3_random_to_key, + _krb5_evp_cleanup, + EVP_des_ede3_cbc +}; +#endif + +static struct _krb5_key_type keytype_des3_derived = { + ETYPE_OLD_DES3_CBC_SHA1, + "des3", + 168, + 24, + sizeof(struct _krb5_evp_schedule), + DES3_random_key, + _krb5_evp_schedule, + _krb5_des3_salt_derived, + _krb5_DES3_random_to_key, + _krb5_evp_cleanup, + EVP_des_ede3_cbc +}; + +#ifdef DES3_OLD_ENCTYPE +static krb5_error_code +RSA_MD5_DES3_checksum(krb5_context context, + struct _krb5_key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *C) +{ + return _krb5_des_checksum(context, EVP_md5(), key, data, len, C); +} + +static krb5_error_code +RSA_MD5_DES3_verify(krb5_context context, + struct _krb5_key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *C) +{ + return _krb5_des_verify(context, EVP_md5(), key, data, len, C); +} + +struct _krb5_checksum_type _krb5_checksum_rsa_md5_des3 = { + CKSUMTYPE_RSA_MD5_DES3, + "rsa-md5-des3", + 64, + 24, + F_KEYED | F_CPROOF | F_VARIANT, + RSA_MD5_DES3_checksum, + RSA_MD5_DES3_verify +}; +#endif + +struct _krb5_checksum_type _krb5_checksum_hmac_sha1_des3 = { + CKSUMTYPE_HMAC_SHA1_DES3, + "hmac-sha1-des3", + 64, + 20, + F_KEYED | F_CPROOF | F_DERIVED, + _krb5_SP_HMAC_SHA1_checksum, + NULL +}; + +#ifdef DES3_OLD_ENCTYPE +struct _krb5_encryption_type _krb5_enctype_des3_cbc_md5 = { + ETYPE_DES3_CBC_MD5, + "des3-cbc-md5", + 8, + 8, + 8, + &keytype_des3, + &_krb5_checksum_rsa_md5, + &_krb5_checksum_rsa_md5_des3, + 0, + _krb5_evp_encrypt, + 0, + NULL +}; +#endif + +struct _krb5_encryption_type _krb5_enctype_des3_cbc_sha1 = { + ETYPE_DES3_CBC_SHA1, + "des3-cbc-sha1", + 8, + 8, + 8, + &keytype_des3_derived, + &_krb5_checksum_sha1, + &_krb5_checksum_hmac_sha1_des3, + F_DERIVED, + _krb5_evp_encrypt, + 0, + NULL +}; + +#ifdef DES3_OLD_ENCTYPE +struct _krb5_encryption_type _krb5_enctype_old_des3_cbc_sha1 = { + ETYPE_OLD_DES3_CBC_SHA1, + "old-des3-cbc-sha1", + 8, + 8, + 8, + &keytype_des3, + &_krb5_checksum_sha1, + &_krb5_checksum_hmac_sha1_des3, + 0, + _krb5_evp_encrypt, + 0, + NULL +}; +#endif + +struct _krb5_encryption_type _krb5_enctype_des3_cbc_none = { + ETYPE_DES3_CBC_NONE, + "des3-cbc-none", + 8, + 8, + 0, + &keytype_des3_derived, + &_krb5_checksum_none, + NULL, + F_PSEUDO, + _krb5_evp_encrypt, + 0, + NULL +}; + +void +_krb5_DES3_random_to_key(krb5_context context, + krb5_keyblock *key, + const void *data, + size_t size) +{ + unsigned char *x = key->keyvalue.data; + const u_char *q = data; + DES_cblock *k; + int i, j; + + memset(key->keyvalue.data, 0, key->keyvalue.length); + for (i = 0; i < 3; ++i) { + unsigned char foo; + for (j = 0; j < 7; ++j) { + unsigned char b = q[7 * i + j]; + + x[8 * i + j] = b; + } + foo = 0; + for (j = 6; j >= 0; --j) { + foo |= q[7 * i + j] & 1; + foo <<= 1; + } + x[8 * i + 7] = foo; + } + k = key->keyvalue.data; + for (i = 0; i < 3; i++) { + DES_set_odd_parity(&k[i]); + if(DES_is_weak_key(&k[i])) + _krb5_xor(&k[i], (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); + } +} diff --git a/lib/krb5/crypto-evp.c b/lib/krb5/crypto-evp.c new file mode 100644 index 000000000000..e8fb1caf6ae8 --- /dev/null +++ b/lib/krb5/crypto-evp.c @@ -0,0 +1,182 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +void +_krb5_evp_schedule(krb5_context context, + struct _krb5_key_type *kt, + struct _krb5_key_data *kd) +{ + struct _krb5_evp_schedule *key = kd->schedule->data; + const EVP_CIPHER *c = (*kt->evp)(); + + EVP_CIPHER_CTX_init(&key->ectx); + EVP_CIPHER_CTX_init(&key->dctx); + + EVP_CipherInit_ex(&key->ectx, c, NULL, kd->key->keyvalue.data, NULL, 1); + EVP_CipherInit_ex(&key->dctx, c, NULL, kd->key->keyvalue.data, NULL, 0); +} + +void +_krb5_evp_cleanup(krb5_context context, struct _krb5_key_data *kd) +{ + struct _krb5_evp_schedule *key = kd->schedule->data; + EVP_CIPHER_CTX_cleanup(&key->ectx); + EVP_CIPHER_CTX_cleanup(&key->dctx); +} + +krb5_error_code +_krb5_evp_encrypt(krb5_context context, + struct _krb5_key_data *key, + void *data, + size_t len, + krb5_boolean encryptp, + int usage, + void *ivec) +{ + struct _krb5_evp_schedule *ctx = key->schedule->data; + EVP_CIPHER_CTX *c; + c = encryptp ? &ctx->ectx : &ctx->dctx; + if (ivec == NULL) { + /* alloca ? */ + size_t len2 = EVP_CIPHER_CTX_iv_length(c); + void *loiv = malloc(len2); + if (loiv == NULL) { + krb5_clear_error_message(context); + return ENOMEM; + } + memset(loiv, 0, len2); + EVP_CipherInit_ex(c, NULL, NULL, NULL, loiv, -1); + free(loiv); + } else + EVP_CipherInit_ex(c, NULL, NULL, NULL, ivec, -1); + EVP_Cipher(c, data, data, len); + return 0; +} + +static const unsigned char zero_ivec[EVP_MAX_BLOCK_LENGTH] = { 0 }; + +krb5_error_code +_krb5_evp_encrypt_cts(krb5_context context, + struct _krb5_key_data *key, + void *data, + size_t len, + krb5_boolean encryptp, + int usage, + void *ivec) +{ + size_t i, blocksize; + struct _krb5_evp_schedule *ctx = key->schedule->data; + unsigned char tmp[EVP_MAX_BLOCK_LENGTH], ivec2[EVP_MAX_BLOCK_LENGTH]; + EVP_CIPHER_CTX *c; + unsigned char *p; + + c = encryptp ? &ctx->ectx : &ctx->dctx; + + blocksize = EVP_CIPHER_CTX_block_size(c); + + if (len < blocksize) { + krb5_set_error_message(context, EINVAL, + "message block too short"); + return EINVAL; + } else if (len == blocksize) { + EVP_CipherInit_ex(c, NULL, NULL, NULL, zero_ivec, -1); + EVP_Cipher(c, data, data, len); + return 0; + } + + if (ivec) + EVP_CipherInit_ex(c, NULL, NULL, NULL, ivec, -1); + else + EVP_CipherInit_ex(c, NULL, NULL, NULL, zero_ivec, -1); + + if (encryptp) { + + p = data; + i = ((len - 1) / blocksize) * blocksize; + EVP_Cipher(c, p, p, i); + p += i - blocksize; + len -= i; + memcpy(ivec2, p, blocksize); + + for (i = 0; i < len; i++) + tmp[i] = p[i + blocksize] ^ ivec2[i]; + for (; i < blocksize; i++) + tmp[i] = 0 ^ ivec2[i]; + + EVP_CipherInit_ex(c, NULL, NULL, NULL, zero_ivec, -1); + EVP_Cipher(c, p, tmp, blocksize); + + memcpy(p + blocksize, ivec2, len); + if (ivec) + memcpy(ivec, p, blocksize); + } else { + unsigned char tmp2[EVP_MAX_BLOCK_LENGTH], tmp3[EVP_MAX_BLOCK_LENGTH]; + + p = data; + if (len > blocksize * 2) { + /* remove last two blocks and round up, decrypt this with cbc, then do cts dance */ + i = ((((len - blocksize * 2) + blocksize - 1) / blocksize) * blocksize); + memcpy(ivec2, p + i - blocksize, blocksize); + EVP_Cipher(c, p, p, i); + p += i; + len -= i + blocksize; + } else { + if (ivec) + memcpy(ivec2, ivec, blocksize); + else + memcpy(ivec2, zero_ivec, blocksize); + len -= blocksize; + } + + memcpy(tmp, p, blocksize); + EVP_CipherInit_ex(c, NULL, NULL, NULL, zero_ivec, -1); + EVP_Cipher(c, tmp2, p, blocksize); + + memcpy(tmp3, p + blocksize, len); + memcpy(tmp3 + len, tmp2 + len, blocksize - len); /* xor 0 */ + + for (i = 0; i < len; i++) + p[i + blocksize] = tmp2[i] ^ tmp3[i]; + + EVP_CipherInit_ex(c, NULL, NULL, NULL, zero_ivec, -1); + EVP_Cipher(c, p, tmp3, blocksize); + + for (i = 0; i < blocksize; i++) + p[i] ^= ivec2[i]; + if (ivec) + memcpy(ivec, tmp, blocksize); + } + return 0; +} diff --git a/lib/krb5/crypto-null.c b/lib/krb5/crypto-null.c new file mode 100644 index 000000000000..3b643123f529 --- /dev/null +++ b/lib/krb5/crypto-null.c @@ -0,0 +1,97 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +#ifndef HEIMDAL_SMALLER +#define DES3_OLD_ENCTYPE 1 +#endif + +static struct _krb5_key_type keytype_null = { + ENCTYPE_NULL, + "null", + 0, + 0, + 0, + NULL, + NULL, + NULL +}; + +static krb5_error_code +NONE_checksum(krb5_context context, + struct _krb5_key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *C) +{ + return 0; +} + +struct _krb5_checksum_type _krb5_checksum_none = { + CKSUMTYPE_NONE, + "none", + 1, + 0, + 0, + NONE_checksum, + NULL +}; + +static krb5_error_code +NULL_encrypt(krb5_context context, + struct _krb5_key_data *key, + void *data, + size_t len, + krb5_boolean encryptp, + int usage, + void *ivec) +{ + return 0; +} + +struct _krb5_encryption_type _krb5_enctype_null = { + ETYPE_NULL, + "null", + 1, + 1, + 0, + &keytype_null, + &_krb5_checksum_none, + NULL, + F_DISABLED, + NULL_encrypt, + 0, + NULL +}; diff --git a/lib/krb5/crypto-pk.c b/lib/krb5/crypto-pk.c new file mode 100644 index 000000000000..7fedb65c9ede --- /dev/null +++ b/lib/krb5/crypto-pk.c @@ -0,0 +1,301 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +#include + +krb5_error_code +_krb5_pk_octetstring2key(krb5_context context, + krb5_enctype type, + const void *dhdata, + size_t dhsize, + const heim_octet_string *c_n, + const heim_octet_string *k_n, + krb5_keyblock *key) +{ + struct _krb5_encryption_type *et = _krb5_find_enctype(type); + krb5_error_code ret; + size_t keylen, offset; + void *keydata; + unsigned char counter; + unsigned char shaoutput[SHA_DIGEST_LENGTH]; + EVP_MD_CTX *m; + + if(et == NULL) { + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + type); + return KRB5_PROG_ETYPE_NOSUPP; + } + keylen = (et->keytype->bits + 7) / 8; + + keydata = malloc(keylen); + if (keydata == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + + m = EVP_MD_CTX_create(); + if (m == NULL) { + free(keydata); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + + counter = 0; + offset = 0; + do { + + EVP_DigestInit_ex(m, EVP_sha1(), NULL); + EVP_DigestUpdate(m, &counter, 1); + EVP_DigestUpdate(m, dhdata, dhsize); + + if (c_n) + EVP_DigestUpdate(m, c_n->data, c_n->length); + if (k_n) + EVP_DigestUpdate(m, k_n->data, k_n->length); + + EVP_DigestFinal_ex(m, shaoutput, NULL); + + memcpy((unsigned char *)keydata + offset, + shaoutput, + min(keylen - offset, sizeof(shaoutput))); + + offset += sizeof(shaoutput); + counter++; + } while(offset < keylen); + memset(shaoutput, 0, sizeof(shaoutput)); + + EVP_MD_CTX_destroy(m); + + ret = krb5_random_to_key(context, type, keydata, keylen, key); + memset(keydata, 0, sizeof(keylen)); + free(keydata); + return ret; +} + +static krb5_error_code +encode_uvinfo(krb5_context context, krb5_const_principal p, krb5_data *data) +{ + KRB5PrincipalName pn; + krb5_error_code ret; + size_t size = 0; + + pn.principalName = p->name; + pn.realm = p->realm; + + ASN1_MALLOC_ENCODE(KRB5PrincipalName, data->data, data->length, + &pn, &size, ret); + if (ret) { + krb5_data_zero(data); + krb5_set_error_message(context, ret, + N_("Failed to encode KRB5PrincipalName", "")); + return ret; + } + if (data->length != size) + krb5_abortx(context, "asn1 compiler internal error"); + return 0; +} + +static krb5_error_code +encode_otherinfo(krb5_context context, + const AlgorithmIdentifier *ai, + krb5_const_principal client, + krb5_const_principal server, + krb5_enctype enctype, + const krb5_data *as_req, + const krb5_data *pk_as_rep, + const Ticket *ticket, + krb5_data *other) +{ + PkinitSP80056AOtherInfo otherinfo; + PkinitSuppPubInfo pubinfo; + krb5_error_code ret; + krb5_data pub; + size_t size = 0; + + krb5_data_zero(other); + memset(&otherinfo, 0, sizeof(otherinfo)); + memset(&pubinfo, 0, sizeof(pubinfo)); + + pubinfo.enctype = enctype; + pubinfo.as_REQ = *as_req; + pubinfo.pk_as_rep = *pk_as_rep; + pubinfo.ticket = *ticket; + ASN1_MALLOC_ENCODE(PkinitSuppPubInfo, pub.data, pub.length, + &pubinfo, &size, ret); + if (ret) { + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + return ret; + } + if (pub.length != size) + krb5_abortx(context, "asn1 compiler internal error"); + + ret = encode_uvinfo(context, client, &otherinfo.partyUInfo); + if (ret) { + free(pub.data); + return ret; + } + ret = encode_uvinfo(context, server, &otherinfo.partyVInfo); + if (ret) { + free(otherinfo.partyUInfo.data); + free(pub.data); + return ret; + } + + otherinfo.algorithmID = *ai; + otherinfo.suppPubInfo = &pub; + + ASN1_MALLOC_ENCODE(PkinitSP80056AOtherInfo, other->data, other->length, + &otherinfo, &size, ret); + free(otherinfo.partyUInfo.data); + free(otherinfo.partyVInfo.data); + free(pub.data); + if (ret) { + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + return ret; + } + if (other->length != size) + krb5_abortx(context, "asn1 compiler internal error"); + + return 0; +} + + + +krb5_error_code +_krb5_pk_kdf(krb5_context context, + const struct AlgorithmIdentifier *ai, + const void *dhdata, + size_t dhsize, + krb5_const_principal client, + krb5_const_principal server, + krb5_enctype enctype, + const krb5_data *as_req, + const krb5_data *pk_as_rep, + const Ticket *ticket, + krb5_keyblock *key) +{ + struct _krb5_encryption_type *et; + krb5_error_code ret; + krb5_data other; + size_t keylen, offset; + uint32_t counter; + unsigned char *keydata; + unsigned char shaoutput[SHA512_DIGEST_LENGTH]; + const EVP_MD *md; + EVP_MD_CTX *m; + + if (der_heim_oid_cmp(&asn1_oid_id_pkinit_kdf_ah_sha1, &ai->algorithm) == 0) { + md = EVP_sha1(); + } else if (der_heim_oid_cmp(&asn1_oid_id_pkinit_kdf_ah_sha256, &ai->algorithm) == 0) { + md = EVP_sha256(); + } else if (der_heim_oid_cmp(&asn1_oid_id_pkinit_kdf_ah_sha512, &ai->algorithm) == 0) { + md = EVP_sha512(); + } else { + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + N_("KDF not supported", "")); + return KRB5_PROG_ETYPE_NOSUPP; + } + if (ai->parameters != NULL && + (ai->parameters->length != 2 || + memcmp(ai->parameters->data, "\x05\x00", 2) != 0)) + { + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + N_("kdf params not NULL or the NULL-type", + "")); + return KRB5_PROG_ETYPE_NOSUPP; + } + + et = _krb5_find_enctype(enctype); + if(et == NULL) { + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + enctype); + return KRB5_PROG_ETYPE_NOSUPP; + } + keylen = (et->keytype->bits + 7) / 8; + + keydata = malloc(keylen); + if (keydata == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + + ret = encode_otherinfo(context, ai, client, server, + enctype, as_req, pk_as_rep, ticket, &other); + if (ret) { + free(keydata); + return ret; + } + + m = EVP_MD_CTX_create(); + if (m == NULL) { + free(keydata); + free(other.data); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + + offset = 0; + counter = 1; + do { + unsigned char cdata[4]; + + EVP_DigestInit_ex(m, md, NULL); + _krb5_put_int(cdata, counter, 4); + EVP_DigestUpdate(m, cdata, 4); + EVP_DigestUpdate(m, dhdata, dhsize); + EVP_DigestUpdate(m, other.data, other.length); + + EVP_DigestFinal_ex(m, shaoutput, NULL); + + memcpy((unsigned char *)keydata + offset, + shaoutput, + min(keylen - offset, EVP_MD_CTX_size(m))); + + offset += EVP_MD_CTX_size(m); + counter++; + } while(offset < keylen); + memset(shaoutput, 0, sizeof(shaoutput)); + + EVP_MD_CTX_destroy(m); + free(other.data); + + ret = krb5_random_to_key(context, enctype, keydata, keylen, key); + memset(keydata, 0, sizeof(keylen)); + free(keydata); + + return ret; +} diff --git a/lib/krb5/crypto-rand.c b/lib/krb5/crypto-rand.c new file mode 100644 index 000000000000..49bd67936259 --- /dev/null +++ b/lib/krb5/crypto-rand.c @@ -0,0 +1,109 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +#define ENTROPY_NEEDED 128 + +static HEIMDAL_MUTEX crypto_mutex = HEIMDAL_MUTEX_INITIALIZER; + +static int +seed_something(void) +{ + char buf[1024], seedfile[256]; + + /* If there is a seed file, load it. But such a file cannot be trusted, + so use 0 for the entropy estimate */ + if (RAND_file_name(seedfile, sizeof(seedfile))) { + int fd; + fd = open(seedfile, O_RDONLY | O_BINARY | O_CLOEXEC); + if (fd >= 0) { + ssize_t ret; + rk_cloexec(fd); + ret = read(fd, buf, sizeof(buf)); + if (ret > 0) + RAND_add(buf, ret, 0.0); + close(fd); + } else + seedfile[0] = '\0'; + } else + seedfile[0] = '\0'; + + /* Calling RAND_status() will try to use /dev/urandom if it exists so + we do not have to deal with it. */ + if (RAND_status() != 1) { +#ifndef _WIN32 + krb5_context context; + const char *p; + + /* Try using egd */ + if (!krb5_init_context(&context)) { + p = krb5_config_get_string(context, NULL, "libdefaults", + "egd_socket", NULL); + if (p != NULL) + RAND_egd_bytes(p, ENTROPY_NEEDED); + krb5_free_context(context); + } +#else + /* TODO: Once a Windows CryptoAPI RAND method is defined, we + can use that and failover to another method. */ +#endif + } + + if (RAND_status() == 1) { + /* Update the seed file */ + if (seedfile[0]) + RAND_write_file(seedfile); + + return 0; + } else + return -1; +} + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_generate_random_block(void *buf, size_t len) +{ + static int rng_initialized = 0; + + HEIMDAL_MUTEX_lock(&crypto_mutex); + if (!rng_initialized) { + if (seed_something()) + krb5_abortx(NULL, "Fatal: could not seed the " + "random number generator"); + + rng_initialized = 1; + } + HEIMDAL_MUTEX_unlock(&crypto_mutex); + if (RAND_bytes(buf, len) <= 0) + krb5_abortx(NULL, "Failed to generate random block"); +} diff --git a/lib/krb5/crypto-stubs.c b/lib/krb5/crypto-stubs.c new file mode 100644 index 000000000000..b462680643fb --- /dev/null +++ b/lib/krb5/crypto-stubs.c @@ -0,0 +1,102 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +/* These are stub functions for the standalone RFC3961 crypto library */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_context(krb5_context *context) +{ + krb5_context p; + + *context = NULL; + + /* should have a run_once */ + bindtextdomain(HEIMDAL_TEXTDOMAIN, HEIMDAL_LOCALEDIR); + + p = calloc(1, sizeof(*p)); + if(!p) + return ENOMEM; + + p->mutex = malloc(sizeof(HEIMDAL_MUTEX)); + if (p->mutex == NULL) { + free(p); + return ENOMEM; + } + HEIMDAL_MUTEX_init(p->mutex); + + *context = p; + return 0; +} + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_free_context(krb5_context context) +{ + krb5_clear_error_message(context); + + HEIMDAL_MUTEX_destroy(context->mutex); + free(context->mutex); + if (context->flags & KRB5_CTX_F_SOCKETS_INITIALIZED) { + rk_SOCK_EXIT(); + } + + memset(context, 0, sizeof(*context)); + free(context); +} + +krb5_boolean +_krb5_homedir_access(krb5_context context) { + return 0; +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_log(krb5_context context, + krb5_log_facility *fac, + int level, + const char *fmt, + ...) +{ + return 0; +} + +/* This function is currently just used to get the location of the EGD + * socket. If we're not using an EGD, then we can just return NULL */ + +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL +krb5_config_get_string (krb5_context context, + const krb5_config_section *c, + ...) +{ + return NULL; +} diff --git a/lib/krb5/crypto.c b/lib/krb5/crypto.c index 2e6349094683..37eb2c5460f5 100644 --- a/lib/krb5/crypto.c +++ b/lib/krb5/crypto.c @@ -1,1134 +1,133 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: crypto.c 22200 2007-12-07 13:48:01Z lha $"); -#undef CRYPTO_DEBUG -#ifdef CRYPTO_DEBUG -static void krb5_crypto_debug(krb5_context, int, size_t, krb5_keyblock*); -#endif - - -struct key_data { - krb5_keyblock *key; - krb5_data *schedule; -}; - -struct key_usage { +struct _krb5_key_usage { unsigned usage; - struct key_data key; + struct _krb5_key_data key; }; -struct krb5_crypto_data { - struct encryption_type *et; - struct key_data key; - int num_key_usage; - struct key_usage *key_usage; -}; -#define CRYPTO_ETYPE(C) ((C)->et->type) - -/* bits for `flags' below */ -#define F_KEYED 1 /* checksum is keyed */ -#define F_CPROOF 2 /* checksum is collision proof */ -#define F_DERIVED 4 /* uses derived keys */ -#define F_VARIANT 8 /* uses `variant' keys (6.4.3) */ -#define F_PSEUDO 16 /* not a real protocol type */ -#define F_SPECIAL 32 /* backwards */ -#define F_DISABLED 64 /* enctype/checksum disabled */ - -struct salt_type { - krb5_salttype type; - const char *name; - krb5_error_code (*string_to_key)(krb5_context, krb5_enctype, krb5_data, - krb5_salt, krb5_data, krb5_keyblock*); -}; - -struct key_type { - krb5_keytype type; /* XXX */ - const char *name; - size_t bits; - size_t size; - size_t schedule_size; -#if 0 - krb5_enctype best_etype; +#ifndef HEIMDAL_SMALLER +#define DES3_OLD_ENCTYPE 1 #endif - void (*random_key)(krb5_context, krb5_keyblock*); - void (*schedule)(krb5_context, struct key_data *); - struct salt_type *string_to_key; - void (*random_to_key)(krb5_context, krb5_keyblock*, const void*, size_t); -}; -struct checksum_type { - krb5_cksumtype type; - const char *name; - size_t blocksize; - size_t checksumsize; - unsigned flags; - void (*checksum)(krb5_context context, - struct key_data *key, - const void *buf, size_t len, - unsigned usage, - Checksum *csum); - krb5_error_code (*verify)(krb5_context context, - struct key_data *key, - const void *buf, size_t len, - unsigned usage, - Checksum *csum); -}; +static krb5_error_code _get_derived_key(krb5_context, krb5_crypto, + unsigned, struct _krb5_key_data**); +static struct _krb5_key_data *_new_derived_key(krb5_crypto crypto, unsigned usage); -struct encryption_type { - krb5_enctype type; - const char *name; - heim_oid *oid; - size_t blocksize; - size_t padsize; - size_t confoundersize; - struct key_type *keytype; - struct checksum_type *checksum; - struct checksum_type *keyed_checksum; - unsigned flags; - krb5_error_code (*encrypt)(krb5_context context, - struct key_data *key, - void *data, size_t len, - krb5_boolean encryptp, - int usage, - void *ivec); - size_t prf_length; - krb5_error_code (*prf)(krb5_context, - krb5_crypto, const krb5_data *, krb5_data *); -}; - -#define ENCRYPTION_USAGE(U) (((U) << 8) | 0xAA) -#define INTEGRITY_USAGE(U) (((U) << 8) | 0x55) -#define CHECKSUM_USAGE(U) (((U) << 8) | 0x99) - -static struct checksum_type *_find_checksum(krb5_cksumtype type); -static struct encryption_type *_find_enctype(krb5_enctype type); -static struct key_type *_find_keytype(krb5_keytype type); -static krb5_error_code _get_derived_key(krb5_context, krb5_crypto, - unsigned, struct key_data**); -static struct key_data *_new_derived_key(krb5_crypto crypto, unsigned usage); -static krb5_error_code derive_key(krb5_context context, - struct encryption_type *et, - struct key_data *key, - const void *constant, - size_t len); -static krb5_error_code hmac(krb5_context context, - struct checksum_type *cm, - const void *data, - size_t len, - unsigned usage, - struct key_data *keyblock, - Checksum *result); -static void free_key_data(krb5_context context, struct key_data *key); -static krb5_error_code usage2arcfour (krb5_context, unsigned *); -static void xor (DES_cblock *, const unsigned char *); +static void free_key_schedule(krb5_context, + struct _krb5_key_data *, + struct _krb5_encryption_type *); /************************************************************ * * ************************************************************/ -static HEIMDAL_MUTEX crypto_mutex = HEIMDAL_MUTEX_INITIALIZER; - - -static void -krb5_DES_random_key(krb5_context context, - krb5_keyblock *key) -{ - DES_cblock *k = key->keyvalue.data; - do { - krb5_generate_random_block(k, sizeof(DES_cblock)); - DES_set_odd_parity(k); - } while(DES_is_weak_key(k)); -} - -static void -krb5_DES_schedule(krb5_context context, - struct key_data *key) -{ - DES_set_key(key->key->keyvalue.data, key->schedule->data); -} - -#ifdef ENABLE_AFS_STRING_TO_KEY - -/* This defines the Andrew string_to_key function. It accepts a password - * string as input and converts it via a one-way encryption algorithm to a DES - * encryption key. It is compatible with the original Andrew authentication - * service password database. - */ - -/* - * Short passwords, i.e 8 characters or less. - */ -static void -krb5_DES_AFS3_CMU_string_to_key (krb5_data pw, - krb5_data cell, - DES_cblock *key) -{ - char password[8+1]; /* crypt is limited to 8 chars anyway */ - int i; - - for(i = 0; i < 8; i++) { - char c = ((i < pw.length) ? ((char*)pw.data)[i] : 0) ^ - ((i < cell.length) ? - tolower(((unsigned char*)cell.data)[i]) : 0); - password[i] = c ? c : 'X'; - } - password[8] = '\0'; - - memcpy(key, crypt(password, "p1") + 2, sizeof(DES_cblock)); - - /* parity is inserted into the LSB so left shift each byte up one - bit. This allows ascii characters with a zero MSB to retain as - much significance as possible. */ - for (i = 0; i < sizeof(DES_cblock); i++) - ((unsigned char*)key)[i] <<= 1; - DES_set_odd_parity (key); -} - -/* - * Long passwords, i.e 9 characters or more. - */ -static void -krb5_DES_AFS3_Transarc_string_to_key (krb5_data pw, - krb5_data cell, - DES_cblock *key) -{ - DES_key_schedule schedule; - DES_cblock temp_key; - DES_cblock ivec; - char password[512]; - size_t passlen; - - memcpy(password, pw.data, min(pw.length, sizeof(password))); - if(pw.length < sizeof(password)) { - int len = min(cell.length, sizeof(password) - pw.length); - int i; - - memcpy(password + pw.length, cell.data, len); - for (i = pw.length; i < pw.length + len; ++i) - password[i] = tolower((unsigned char)password[i]); - } - passlen = min(sizeof(password), pw.length + cell.length); - memcpy(&ivec, "kerberos", 8); - memcpy(&temp_key, "kerberos", 8); - DES_set_odd_parity (&temp_key); - DES_set_key (&temp_key, &schedule); - DES_cbc_cksum ((void*)password, &ivec, passlen, &schedule, &ivec); - - memcpy(&temp_key, &ivec, 8); - DES_set_odd_parity (&temp_key); - DES_set_key (&temp_key, &schedule); - DES_cbc_cksum ((void*)password, key, passlen, &schedule, &ivec); - memset(&schedule, 0, sizeof(schedule)); - memset(&temp_key, 0, sizeof(temp_key)); - memset(&ivec, 0, sizeof(ivec)); - memset(password, 0, sizeof(password)); - - DES_set_odd_parity (key); -} - -static krb5_error_code -DES_AFS3_string_to_key(krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - DES_cblock tmp; - if(password.length > 8) - krb5_DES_AFS3_Transarc_string_to_key(password, salt.saltvalue, &tmp); - else - krb5_DES_AFS3_CMU_string_to_key(password, salt.saltvalue, &tmp); - key->keytype = enctype; - krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp)); - memset(&key, 0, sizeof(key)); - return 0; -} -#endif /* ENABLE_AFS_STRING_TO_KEY */ - -static void -DES_string_to_key_int(unsigned char *data, size_t length, DES_cblock *key) -{ - DES_key_schedule schedule; - int i; - int reverse = 0; - unsigned char *p; - - unsigned char swap[] = { 0x0, 0x8, 0x4, 0xc, 0x2, 0xa, 0x6, 0xe, - 0x1, 0x9, 0x5, 0xd, 0x3, 0xb, 0x7, 0xf }; - memset(key, 0, 8); - - p = (unsigned char*)key; - for (i = 0; i < length; i++) { - unsigned char tmp = data[i]; - if (!reverse) - *p++ ^= (tmp << 1); - else - *--p ^= (swap[tmp & 0xf] << 4) | swap[(tmp & 0xf0) >> 4]; - if((i % 8) == 7) - reverse = !reverse; - } - DES_set_odd_parity(key); - if(DES_is_weak_key(key)) - (*key)[7] ^= 0xF0; - DES_set_key(key, &schedule); - DES_cbc_cksum((void*)data, key, length, &schedule, key); - memset(&schedule, 0, sizeof(schedule)); - DES_set_odd_parity(key); - if(DES_is_weak_key(key)) - (*key)[7] ^= 0xF0; -} - -static krb5_error_code -krb5_DES_string_to_key(krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - unsigned char *s; - size_t len; - DES_cblock tmp; - -#ifdef ENABLE_AFS_STRING_TO_KEY - if (opaque.length == 1) { - unsigned long v; - _krb5_get_int(opaque.data, &v, 1); - if (v == 1) - return DES_AFS3_string_to_key(context, enctype, password, - salt, opaque, key); - } -#endif - - len = password.length + salt.saltvalue.length; - s = malloc(len); - if(len > 0 && s == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(s, password.data, password.length); - memcpy(s + password.length, salt.saltvalue.data, salt.saltvalue.length); - DES_string_to_key_int(s, len, &tmp); - key->keytype = enctype; - krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp)); - memset(&tmp, 0, sizeof(tmp)); - memset(s, 0, len); - free(s); - return 0; -} - -static void -krb5_DES_random_to_key(krb5_context context, - krb5_keyblock *key, - const void *data, - size_t size) -{ - DES_cblock *k = key->keyvalue.data; - memcpy(k, data, key->keyvalue.length); - DES_set_odd_parity(k); - if(DES_is_weak_key(k)) - xor(k, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); -} - -/* - * - */ - -static void -DES3_random_key(krb5_context context, - krb5_keyblock *key) -{ - DES_cblock *k = key->keyvalue.data; - do { - krb5_generate_random_block(k, 3 * sizeof(DES_cblock)); - DES_set_odd_parity(&k[0]); - DES_set_odd_parity(&k[1]); - DES_set_odd_parity(&k[2]); - } while(DES_is_weak_key(&k[0]) || - DES_is_weak_key(&k[1]) || - DES_is_weak_key(&k[2])); -} - -static void -DES3_schedule(krb5_context context, - struct key_data *key) -{ - DES_cblock *k = key->key->keyvalue.data; - DES_key_schedule *s = key->schedule->data; - DES_set_key(&k[0], &s[0]); - DES_set_key(&k[1], &s[1]); - DES_set_key(&k[2], &s[2]); -} - -/* - * A = A xor B. A & B are 8 bytes. - */ - -static void -xor (DES_cblock *key, const unsigned char *b) -{ - unsigned char *a = (unsigned char*)key; - a[0] ^= b[0]; - a[1] ^= b[1]; - a[2] ^= b[2]; - a[3] ^= b[3]; - a[4] ^= b[4]; - a[5] ^= b[5]; - a[6] ^= b[6]; - a[7] ^= b[7]; -} - -static krb5_error_code -DES3_string_to_key(krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - char *str; - size_t len; - unsigned char tmp[24]; - DES_cblock keys[3]; - krb5_error_code ret; - - len = password.length + salt.saltvalue.length; - str = malloc(len); - if(len != 0 && str == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(str, password.data, password.length); - memcpy(str + password.length, salt.saltvalue.data, salt.saltvalue.length); - { - DES_cblock ivec; - DES_key_schedule s[3]; - int i; - - ret = _krb5_n_fold(str, len, tmp, 24); - if (ret) { - memset(str, 0, len); - free(str); - krb5_set_error_string(context, "out of memory"); - return ret; - } - - for(i = 0; i < 3; i++){ - memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); - DES_set_odd_parity(keys + i); - if(DES_is_weak_key(keys + i)) - xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); - DES_set_key(keys + i, &s[i]); - } - memset(&ivec, 0, sizeof(ivec)); - DES_ede3_cbc_encrypt(tmp, - tmp, sizeof(tmp), - &s[0], &s[1], &s[2], &ivec, DES_ENCRYPT); - memset(s, 0, sizeof(s)); - memset(&ivec, 0, sizeof(ivec)); - for(i = 0; i < 3; i++){ - memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); - DES_set_odd_parity(keys + i); - if(DES_is_weak_key(keys + i)) - xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); - } - memset(tmp, 0, sizeof(tmp)); - } - key->keytype = enctype; - krb5_data_copy(&key->keyvalue, keys, sizeof(keys)); - memset(keys, 0, sizeof(keys)); - memset(str, 0, len); - free(str); - return 0; -} - -static krb5_error_code -DES3_string_to_key_derived(krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - krb5_error_code ret; - size_t len = password.length + salt.saltvalue.length; - char *s; - - s = malloc(len); - if(len != 0 && s == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(s, password.data, password.length); - memcpy(s + password.length, salt.saltvalue.data, salt.saltvalue.length); - ret = krb5_string_to_key_derived(context, - s, - len, - enctype, - key); - memset(s, 0, len); - free(s); - return ret; -} - -static void -DES3_random_to_key(krb5_context context, - krb5_keyblock *key, - const void *data, - size_t size) -{ - unsigned char *x = key->keyvalue.data; - const u_char *q = data; - DES_cblock *k; - int i, j; - - memset(x, 0, sizeof(x)); - for (i = 0; i < 3; ++i) { - unsigned char foo; - for (j = 0; j < 7; ++j) { - unsigned char b = q[7 * i + j]; - - x[8 * i + j] = b; - } - foo = 0; - for (j = 6; j >= 0; --j) { - foo |= q[7 * i + j] & 1; - foo <<= 1; - } - x[8 * i + 7] = foo; - } - k = key->keyvalue.data; - for (i = 0; i < 3; i++) { - DES_set_odd_parity(&k[i]); - if(DES_is_weak_key(&k[i])) - xor(&k[i], (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); - } -} - -/* - * ARCFOUR - */ - -static void -ARCFOUR_schedule(krb5_context context, - struct key_data *kd) -{ - RC4_set_key (kd->schedule->data, - kd->key->keyvalue.length, kd->key->keyvalue.data); -} - -static krb5_error_code -ARCFOUR_string_to_key(krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - char *s, *p; - size_t len; - int i; - MD4_CTX m; - krb5_error_code ret; - - len = 2 * password.length; - s = malloc (len); - if (len != 0 && s == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - for (p = s, i = 0; i < password.length; ++i) { - *p++ = ((char *)password.data)[i]; - *p++ = 0; - } - MD4_Init (&m); - MD4_Update (&m, s, len); - key->keytype = enctype; - ret = krb5_data_alloc (&key->keyvalue, 16); - if (ret) { - krb5_set_error_string(context, "malloc: out of memory"); - goto out; - } - MD4_Final (key->keyvalue.data, &m); - memset (s, 0, len); - ret = 0; -out: - free (s); - return ret; -} - -/* - * AES - */ - -int _krb5_AES_string_to_default_iterator = 4096; - -static krb5_error_code -AES_string_to_key(krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - krb5_error_code ret; - uint32_t iter; - struct encryption_type *et; - struct key_data kd; - - if (opaque.length == 0) - iter = _krb5_AES_string_to_default_iterator; - else if (opaque.length == 4) { - unsigned long v; - _krb5_get_int(opaque.data, &v, 4); - iter = ((uint32_t)v); - } else - return KRB5_PROG_KEYTYPE_NOSUPP; /* XXX */ - - et = _find_enctype(enctype); - if (et == NULL) - return KRB5_PROG_KEYTYPE_NOSUPP; - - kd.schedule = NULL; - ALLOC(kd.key, 1); - if(kd.key == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - kd.key->keytype = enctype; - ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); - if (ret) { - krb5_set_error_string(context, "Failed to allocate pkcs5 key"); - return ret; - } - - ret = PKCS5_PBKDF2_HMAC_SHA1(password.data, password.length, - salt.saltvalue.data, salt.saltvalue.length, - iter, - et->keytype->size, kd.key->keyvalue.data); - if (ret != 1) { - free_key_data(context, &kd); - krb5_set_error_string(context, "Error calculating s2k"); - return KRB5_PROG_KEYTYPE_NOSUPP; - } - - ret = derive_key(context, et, &kd, "kerberos", strlen("kerberos")); - if (ret == 0) - ret = krb5_copy_keyblock_contents(context, kd.key, key); - free_key_data(context, &kd); - - return ret; -} - -struct krb5_aes_schedule { - AES_KEY ekey; - AES_KEY dkey; -}; - -static void -AES_schedule(krb5_context context, - struct key_data *kd) -{ - struct krb5_aes_schedule *key = kd->schedule->data; - int bits = kd->key->keyvalue.length * 8; - - memset(key, 0, sizeof(*key)); - AES_set_encrypt_key(kd->key->keyvalue.data, bits, &key->ekey); - AES_set_decrypt_key(kd->key->keyvalue.data, bits, &key->dkey); -} - -/* - * - */ - -static struct salt_type des_salt[] = { - { - KRB5_PW_SALT, - "pw-salt", - krb5_DES_string_to_key - }, -#ifdef ENABLE_AFS_STRING_TO_KEY - { - KRB5_AFS3_SALT, - "afs3-salt", - DES_AFS3_string_to_key - }, -#endif - { 0 } -}; - -static struct salt_type des3_salt[] = { - { - KRB5_PW_SALT, - "pw-salt", - DES3_string_to_key - }, - { 0 } -}; - -static struct salt_type des3_salt_derived[] = { - { - KRB5_PW_SALT, - "pw-salt", - DES3_string_to_key_derived - }, - { 0 } -}; - -static struct salt_type AES_salt[] = { - { - KRB5_PW_SALT, - "pw-salt", - AES_string_to_key - }, - { 0 } -}; - -static struct salt_type arcfour_salt[] = { - { - KRB5_PW_SALT, - "pw-salt", - ARCFOUR_string_to_key - }, - { 0 } -}; - -/* - * - */ - -static struct key_type keytype_null = { - KEYTYPE_NULL, - "null", - 0, - 0, - 0, - NULL, - NULL, - NULL -}; - -static struct key_type keytype_des = { - KEYTYPE_DES, - "des", - 56, - sizeof(DES_cblock), - sizeof(DES_key_schedule), - krb5_DES_random_key, - krb5_DES_schedule, - des_salt, - krb5_DES_random_to_key -}; - -static struct key_type keytype_des3 = { - KEYTYPE_DES3, - "des3", - 168, - 3 * sizeof(DES_cblock), - 3 * sizeof(DES_key_schedule), - DES3_random_key, - DES3_schedule, - des3_salt, - DES3_random_to_key -}; - -static struct key_type keytype_des3_derived = { - KEYTYPE_DES3, - "des3", - 168, - 3 * sizeof(DES_cblock), - 3 * sizeof(DES_key_schedule), - DES3_random_key, - DES3_schedule, - des3_salt_derived, - DES3_random_to_key -}; - -static struct key_type keytype_aes128 = { - KEYTYPE_AES128, - "aes-128", - 128, - 16, - sizeof(struct krb5_aes_schedule), - NULL, - AES_schedule, - AES_salt -}; - -static struct key_type keytype_aes256 = { - KEYTYPE_AES256, - "aes-256", - 256, - 32, - sizeof(struct krb5_aes_schedule), - NULL, - AES_schedule, - AES_salt -}; - -static struct key_type keytype_arcfour = { - KEYTYPE_ARCFOUR, - "arcfour", - 128, - 16, - sizeof(RC4_KEY), - NULL, - ARCFOUR_schedule, - arcfour_salt -}; - -static struct key_type *keytypes[] = { - &keytype_null, - &keytype_des, - &keytype_des3_derived, - &keytype_des3, - &keytype_aes128, - &keytype_aes256, - &keytype_arcfour -}; - -static int num_keytypes = sizeof(keytypes) / sizeof(keytypes[0]); - -static struct key_type * -_find_keytype(krb5_keytype type) -{ - int i; - for(i = 0; i < num_keytypes; i++) - if(keytypes[i]->type == type) - return keytypes[i]; - return NULL; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_salttype_to_string (krb5_context context, - krb5_enctype etype, - krb5_salttype stype, - char **string) -{ - struct encryption_type *e; - struct salt_type *st; - - e = _find_enctype (etype); - if (e == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - etype); - return KRB5_PROG_ETYPE_NOSUPP; - } - for (st = e->keytype->string_to_key; st && st->type; st++) { - if (st->type == stype) { - *string = strdup (st->name); - if (*string == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - return 0; - } - } - krb5_set_error_string(context, "salttype %d not supported", stype); - return HEIM_ERR_SALTTYPE_NOSUPP; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_salttype (krb5_context context, - krb5_enctype etype, - const char *string, - krb5_salttype *salttype) -{ - struct encryption_type *e; - struct salt_type *st; - - e = _find_enctype (etype); - if (e == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - etype); - return KRB5_PROG_ETYPE_NOSUPP; - } - for (st = e->keytype->string_to_key; st && st->type; st++) { - if (strcasecmp (st->name, string) == 0) { - *salttype = st->type; - return 0; - } - } - krb5_set_error_string(context, "salttype %s not supported", string); - return HEIM_ERR_SALTTYPE_NOSUPP; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_pw_salt(krb5_context context, - krb5_const_principal principal, - krb5_salt *salt) -{ - size_t len; - int i; - krb5_error_code ret; - char *p; - - salt->salttype = KRB5_PW_SALT; - len = strlen(principal->realm); - for (i = 0; i < principal->name.name_string.len; ++i) - len += strlen(principal->name.name_string.val[i]); - ret = krb5_data_alloc (&salt->saltvalue, len); - if (ret) - return ret; - p = salt->saltvalue.data; - memcpy (p, principal->realm, strlen(principal->realm)); - p += strlen(principal->realm); - for (i = 0; i < principal->name.name_string.len; ++i) { - memcpy (p, - principal->name.name_string.val[i], - strlen(principal->name.name_string.val[i])); - p += strlen(principal->name.name_string.val[i]); - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_salt(krb5_context context, - krb5_salt salt) -{ - krb5_data_free(&salt.saltvalue); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_data (krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_principal principal, - krb5_keyblock *key) -{ - krb5_error_code ret; - krb5_salt salt; - - ret = krb5_get_pw_salt(context, principal, &salt); - if(ret) - return ret; - ret = krb5_string_to_key_data_salt(context, enctype, password, salt, key); - krb5_free_salt(context, salt); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key (krb5_context context, - krb5_enctype enctype, - const char *password, - krb5_principal principal, - krb5_keyblock *key) -{ - krb5_data pw; - pw.data = rk_UNCONST(password); - pw.length = strlen(password); - return krb5_string_to_key_data(context, enctype, pw, principal, key); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_data_salt (krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_keyblock *key) -{ - krb5_data opaque; - krb5_data_zero(&opaque); - return krb5_string_to_key_data_salt_opaque(context, enctype, password, - salt, opaque, key); -} - -/* - * Do a string -> key for encryption type `enctype' operation on - * `password' (with salt `salt' and the enctype specific data string - * `opaque'), returning the resulting key in `key' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_data_salt_opaque (krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - struct encryption_type *et =_find_enctype(enctype); - struct salt_type *st; - if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - enctype); - return KRB5_PROG_ETYPE_NOSUPP; - } - for(st = et->keytype->string_to_key; st && st->type; st++) - if(st->type == salt.salttype) - return (*st->string_to_key)(context, enctype, password, - salt, opaque, key); - krb5_set_error_string(context, "salt type %d not supported", - salt.salttype); - return HEIM_ERR_SALTTYPE_NOSUPP; -} - -/* - * Do a string -> key for encryption type `enctype' operation on the - * string `password' (with salt `salt'), returning the resulting key - * in `key' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_salt (krb5_context context, - krb5_enctype enctype, - const char *password, - krb5_salt salt, - krb5_keyblock *key) -{ - krb5_data pw; - pw.data = rk_UNCONST(password); - pw.length = strlen(password); - return krb5_string_to_key_data_salt(context, enctype, pw, salt, key); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_salt_opaque (krb5_context context, - krb5_enctype enctype, - const char *password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - krb5_data pw; - pw.data = rk_UNCONST(password); - pw.length = strlen(password); - return krb5_string_to_key_data_salt_opaque(context, enctype, - pw, salt, opaque, key); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytype_to_string(krb5_context context, - krb5_keytype keytype, - char **string) -{ - struct key_type *kt = _find_keytype(keytype); - if(kt == NULL) { - krb5_set_error_string(context, "key type %d not supported", keytype); - return KRB5_PROG_KEYTYPE_NOSUPP; - } - *string = strdup(kt->name); - if(*string == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_keytype(krb5_context context, - const char *string, - krb5_keytype *keytype) -{ - int i; - for(i = 0; i < num_keytypes; i++) - if(strcasecmp(keytypes[i]->name, string) == 0){ - *keytype = keytypes[i]->type; - return 0; - } - krb5_set_error_string(context, "key type %s not supported", string); - return KRB5_PROG_KEYTYPE_NOSUPP; -} - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_keysize(krb5_context context, krb5_enctype type, size_t *keysize) { - struct encryption_type *et = _find_enctype(type); + struct _krb5_encryption_type *et = _krb5_find_enctype(type); if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + type); return KRB5_PROG_ETYPE_NOSUPP; } *keysize = et->keytype->size; return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_keybits(krb5_context context, krb5_enctype type, size_t *keybits) { - struct encryption_type *et = _find_enctype(type); + struct _krb5_encryption_type *et = _krb5_find_enctype(type); if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + type); return KRB5_PROG_ETYPE_NOSUPP; } *keybits = et->keytype->bits; return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_generate_random_keyblock(krb5_context context, krb5_enctype type, krb5_keyblock *key) { krb5_error_code ret; - struct encryption_type *et = _find_enctype(type); + struct _krb5_encryption_type *et = _krb5_find_enctype(type); if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + type); return KRB5_PROG_ETYPE_NOSUPP; } ret = krb5_data_alloc(&key->keyvalue, et->keytype->size); - if(ret) + if(ret) return ret; key->keytype = type; if(et->keytype->random_key) (*et->keytype->random_key)(context, key); else - krb5_generate_random_block(key->keyvalue.data, + krb5_generate_random_block(key->keyvalue.data, key->keyvalue.length); return 0; } static krb5_error_code _key_schedule(krb5_context context, - struct key_data *key) + struct _krb5_key_data *key) { krb5_error_code ret; - struct encryption_type *et = _find_enctype(key->key->keytype); - struct key_type *kt = et->keytype; + struct _krb5_encryption_type *et = _krb5_find_enctype(key->key->keytype); + struct _krb5_key_type *kt; + + if (et == NULL) { + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + key->key->keytype); + return KRB5_PROG_ETYPE_NOSUPP; + } + + kt = et->keytype; if(kt->schedule == NULL) return 0; @@ -1136,7 +135,7 @@ _key_schedule(krb5_context context, return 0; ALLOC(key->schedule, 1); if(key->schedule == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } ret = krb5_data_alloc(key->schedule, kt->schedule_size); @@ -1145,7 +144,7 @@ _key_schedule(krb5_context context, key->schedule = NULL; return ret; } - (*kt->schedule)(context, key); + (*kt->schedule)(context, kt, key); return 0; } @@ -1153,277 +152,34 @@ _key_schedule(krb5_context context, * * ************************************************************/ -static void -NONE_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ -} - -static void -CRC32_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - uint32_t crc; - unsigned char *r = C->checksum.data; - _krb5_crc_init_table (); - crc = _krb5_crc_update (data, len, 0); - r[0] = crc & 0xff; - r[1] = (crc >> 8) & 0xff; - r[2] = (crc >> 16) & 0xff; - r[3] = (crc >> 24) & 0xff; -} - -static void -RSA_MD4_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD4_CTX m; - - MD4_Init (&m); - MD4_Update (&m, data, len); - MD4_Final (C->checksum.data, &m); -} - -static void -RSA_MD4_DES_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *cksum) -{ - MD4_CTX md4; - DES_cblock ivec; - unsigned char *p = cksum->checksum.data; - - krb5_generate_random_block(p, 8); - MD4_Init (&md4); - MD4_Update (&md4, p, 8); - MD4_Update (&md4, data, len); - MD4_Final (p + 8, &md4); - memset (&ivec, 0, sizeof(ivec)); - DES_cbc_encrypt(p, - p, - 24, - key->schedule->data, - &ivec, - DES_ENCRYPT); -} - static krb5_error_code -RSA_MD4_DES_verify(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD4_CTX md4; - unsigned char tmp[24]; - unsigned char res[16]; - DES_cblock ivec; - krb5_error_code ret = 0; - - memset(&ivec, 0, sizeof(ivec)); - DES_cbc_encrypt(C->checksum.data, - (void*)tmp, - C->checksum.length, - key->schedule->data, - &ivec, - DES_DECRYPT); - MD4_Init (&md4); - MD4_Update (&md4, tmp, 8); /* confounder */ - MD4_Update (&md4, data, len); - MD4_Final (res, &md4); - if(memcmp(res, tmp + 8, sizeof(res)) != 0) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - } - memset(tmp, 0, sizeof(tmp)); - memset(res, 0, sizeof(res)); - return ret; -} - -static void -RSA_MD5_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD5_CTX m; - - MD5_Init (&m); - MD5_Update(&m, data, len); - MD5_Final (C->checksum.data, &m); -} - -static void -RSA_MD5_DES_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD5_CTX md5; - DES_cblock ivec; - unsigned char *p = C->checksum.data; - - krb5_generate_random_block(p, 8); - MD5_Init (&md5); - MD5_Update (&md5, p, 8); - MD5_Update (&md5, data, len); - MD5_Final (p + 8, &md5); - memset (&ivec, 0, sizeof(ivec)); - DES_cbc_encrypt(p, - p, - 24, - key->schedule->data, - &ivec, - DES_ENCRYPT); -} - -static krb5_error_code -RSA_MD5_DES_verify(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD5_CTX md5; - unsigned char tmp[24]; - unsigned char res[16]; - DES_cblock ivec; - DES_key_schedule *sched = key->schedule->data; - krb5_error_code ret = 0; - - memset(&ivec, 0, sizeof(ivec)); - DES_cbc_encrypt(C->checksum.data, - (void*)tmp, - C->checksum.length, - &sched[0], - &ivec, - DES_DECRYPT); - MD5_Init (&md5); - MD5_Update (&md5, tmp, 8); /* confounder */ - MD5_Update (&md5, data, len); - MD5_Final (res, &md5); - if(memcmp(res, tmp + 8, sizeof(res)) != 0) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - } - memset(tmp, 0, sizeof(tmp)); - memset(res, 0, sizeof(res)); - return ret; -} - -static void -RSA_MD5_DES3_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD5_CTX md5; - DES_cblock ivec; - unsigned char *p = C->checksum.data; - DES_key_schedule *sched = key->schedule->data; - - krb5_generate_random_block(p, 8); - MD5_Init (&md5); - MD5_Update (&md5, p, 8); - MD5_Update (&md5, data, len); - MD5_Final (p + 8, &md5); - memset (&ivec, 0, sizeof(ivec)); - DES_ede3_cbc_encrypt(p, - p, - 24, - &sched[0], &sched[1], &sched[2], - &ivec, - DES_ENCRYPT); -} - -static krb5_error_code -RSA_MD5_DES3_verify(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD5_CTX md5; - unsigned char tmp[24]; - unsigned char res[16]; - DES_cblock ivec; - DES_key_schedule *sched = key->schedule->data; - krb5_error_code ret = 0; - - memset(&ivec, 0, sizeof(ivec)); - DES_ede3_cbc_encrypt(C->checksum.data, - (void*)tmp, - C->checksum.length, - &sched[0], &sched[1], &sched[2], - &ivec, - DES_DECRYPT); - MD5_Init (&md5); - MD5_Update (&md5, tmp, 8); /* confounder */ - MD5_Update (&md5, data, len); - MD5_Final (res, &md5); - if(memcmp(res, tmp + 8, sizeof(res)) != 0) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - } - memset(tmp, 0, sizeof(tmp)); - memset(res, 0, sizeof(res)); - return ret; -} - -static void SHA1_checksum(krb5_context context, - struct key_data *key, + struct _krb5_key_data *key, const void *data, size_t len, unsigned usage, Checksum *C) { - SHA_CTX m; - - SHA1_Init(&m); - SHA1_Update(&m, data, len); - SHA1_Final(C->checksum.data, &m); + if (EVP_Digest(data, len, C->checksum.data, NULL, EVP_sha1(), NULL) != 1) + krb5_abortx(context, "sha1 checksum failed"); + return 0; } /* HMAC according to RFC2104 */ -static krb5_error_code -hmac(krb5_context context, - struct checksum_type *cm, - const void *data, - size_t len, - unsigned usage, - struct key_data *keyblock, - Checksum *result) +krb5_error_code +_krb5_internal_hmac(krb5_context context, + struct _krb5_checksum_type *cm, + const void *data, + size_t len, + unsigned usage, + struct _krb5_key_data *keyblock, + Checksum *result) { unsigned char *ipad, *opad; unsigned char *key; size_t key_len; - int i; - + size_t i; + ipad = malloc(cm->blocksize + len); if (ipad == NULL) return ENOMEM; @@ -1436,10 +192,10 @@ hmac(krb5_context context, memset(opad, 0x5c, cm->blocksize); if(keyblock->key->keyvalue.length > cm->blocksize){ - (*cm->checksum)(context, - keyblock, - keyblock->key->keyvalue.data, - keyblock->key->keyvalue.length, + (*cm->checksum)(context, + keyblock, + keyblock->key->keyvalue.data, + keyblock->key->keyvalue.length, usage, result); key = result->checksum.data; @@ -1455,9 +211,9 @@ hmac(krb5_context context, memcpy(ipad + cm->blocksize, data, len); (*cm->checksum)(context, keyblock, ipad, cm->blocksize + len, usage, result); - memcpy(opad + cm->blocksize, result->checksum.data, + memcpy(opad + cm->blocksize, result->checksum.data, result->checksum.length); - (*cm->checksum)(context, keyblock, opad, + (*cm->checksum)(context, keyblock, opad, cm->blocksize + cm->checksumsize, usage, result); memset(ipad, 0, cm->blocksize + len); free(ipad); @@ -1467,45 +223,46 @@ hmac(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_hmac(krb5_context context, krb5_cksumtype cktype, const void *data, size_t len, - unsigned usage, + unsigned usage, krb5_keyblock *key, Checksum *result) { - struct checksum_type *c = _find_checksum(cktype); - struct key_data kd; + struct _krb5_checksum_type *c = _krb5_find_checksum(cktype); + struct _krb5_key_data kd; krb5_error_code ret; if (c == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - cktype); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("checksum type %d not supported", ""), + cktype); return KRB5_PROG_SUMTYPE_NOSUPP; } kd.key = key; kd.schedule = NULL; - ret = hmac(context, c, data, len, usage, &kd, result); + ret = _krb5_internal_hmac(context, c, data, len, usage, &kd, result); if (kd.schedule) krb5_free_data(context, kd.schedule); return ret; - } +} -static void -SP_HMAC_SHA1_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *result) +krb5_error_code +_krb5_SP_HMAC_SHA1_checksum(krb5_context context, + struct _krb5_key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *result) { - struct checksum_type *c = _find_checksum(CKSUMTYPE_SHA1); + struct _krb5_checksum_type *c = _krb5_find_checksum(CKSUMTYPE_SHA1); Checksum res; char sha1_data[20]; krb5_error_code ret; @@ -1513,183 +270,14 @@ SP_HMAC_SHA1_checksum(krb5_context context, res.checksum.data = sha1_data; res.checksum.length = sizeof(sha1_data); - ret = hmac(context, c, data, len, usage, key, &res); + ret = _krb5_internal_hmac(context, c, data, len, usage, key, &res); if (ret) krb5_abortx(context, "hmac failed"); memcpy(result->checksum.data, res.checksum.data, result->checksum.length); + return 0; } -/* - * checksum according to section 5. of draft-brezak-win2k-krb-rc4-hmac-03.txt - */ - -static void -HMAC_MD5_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *result) -{ - MD5_CTX md5; - struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5); - const char signature[] = "signaturekey"; - Checksum ksign_c; - struct key_data ksign; - krb5_keyblock kb; - unsigned char t[4]; - unsigned char tmp[16]; - unsigned char ksign_c_data[16]; - krb5_error_code ret; - - ksign_c.checksum.length = sizeof(ksign_c_data); - ksign_c.checksum.data = ksign_c_data; - ret = hmac(context, c, signature, sizeof(signature), 0, key, &ksign_c); - if (ret) - krb5_abortx(context, "hmac failed"); - ksign.key = &kb; - kb.keyvalue = ksign_c.checksum; - MD5_Init (&md5); - t[0] = (usage >> 0) & 0xFF; - t[1] = (usage >> 8) & 0xFF; - t[2] = (usage >> 16) & 0xFF; - t[3] = (usage >> 24) & 0xFF; - MD5_Update (&md5, t, 4); - MD5_Update (&md5, data, len); - MD5_Final (tmp, &md5); - ret = hmac(context, c, tmp, sizeof(tmp), 0, &ksign, result); - if (ret) - krb5_abortx(context, "hmac failed"); -} - -/* - * same as previous but being used while encrypting. - */ - -static void -HMAC_MD5_checksum_enc(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *result) -{ - struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5); - Checksum ksign_c; - struct key_data ksign; - krb5_keyblock kb; - unsigned char t[4]; - unsigned char ksign_c_data[16]; - krb5_error_code ret; - - t[0] = (usage >> 0) & 0xFF; - t[1] = (usage >> 8) & 0xFF; - t[2] = (usage >> 16) & 0xFF; - t[3] = (usage >> 24) & 0xFF; - - ksign_c.checksum.length = sizeof(ksign_c_data); - ksign_c.checksum.data = ksign_c_data; - ret = hmac(context, c, t, sizeof(t), 0, key, &ksign_c); - if (ret) - krb5_abortx(context, "hmac failed"); - ksign.key = &kb; - kb.keyvalue = ksign_c.checksum; - ret = hmac(context, c, data, len, 0, &ksign, result); - if (ret) - krb5_abortx(context, "hmac failed"); -} - -static struct checksum_type checksum_none = { - CKSUMTYPE_NONE, - "none", - 1, - 0, - 0, - NONE_checksum, - NULL -}; -static struct checksum_type checksum_crc32 = { - CKSUMTYPE_CRC32, - "crc32", - 1, - 4, - 0, - CRC32_checksum, - NULL -}; -static struct checksum_type checksum_rsa_md4 = { - CKSUMTYPE_RSA_MD4, - "rsa-md4", - 64, - 16, - F_CPROOF, - RSA_MD4_checksum, - NULL -}; -static struct checksum_type checksum_rsa_md4_des = { - CKSUMTYPE_RSA_MD4_DES, - "rsa-md4-des", - 64, - 24, - F_KEYED | F_CPROOF | F_VARIANT, - RSA_MD4_DES_checksum, - RSA_MD4_DES_verify -}; -#if 0 -static struct checksum_type checksum_des_mac = { - CKSUMTYPE_DES_MAC, - "des-mac", - 0, - 0, - 0, - DES_MAC_checksum -}; -static struct checksum_type checksum_des_mac_k = { - CKSUMTYPE_DES_MAC_K, - "des-mac-k", - 0, - 0, - 0, - DES_MAC_K_checksum -}; -static struct checksum_type checksum_rsa_md4_des_k = { - CKSUMTYPE_RSA_MD4_DES_K, - "rsa-md4-des-k", - 0, - 0, - 0, - RSA_MD4_DES_K_checksum, - RSA_MD4_DES_K_verify -}; -#endif -static struct checksum_type checksum_rsa_md5 = { - CKSUMTYPE_RSA_MD5, - "rsa-md5", - 64, - 16, - F_CPROOF, - RSA_MD5_checksum, - NULL -}; -static struct checksum_type checksum_rsa_md5_des = { - CKSUMTYPE_RSA_MD5_DES, - "rsa-md5-des", - 64, - 24, - F_KEYED | F_CPROOF | F_VARIANT, - RSA_MD5_DES_checksum, - RSA_MD5_DES_verify -}; -static struct checksum_type checksum_rsa_md5_des3 = { - CKSUMTYPE_RSA_MD5_DES3, - "rsa-md5-des3", - 64, - 24, - F_KEYED | F_CPROOF | F_VARIANT, - RSA_MD5_DES3_checksum, - RSA_MD5_DES3_verify -}; -static struct checksum_type checksum_sha1 = { +struct _krb5_checksum_type _krb5_checksum_sha1 = { CKSUMTYPE_SHA1, "sha1", 64, @@ -1698,115 +286,43 @@ static struct checksum_type checksum_sha1 = { SHA1_checksum, NULL }; -static struct checksum_type checksum_hmac_sha1_des3 = { - CKSUMTYPE_HMAC_SHA1_DES3, - "hmac-sha1-des3", - 64, - 20, - F_KEYED | F_CPROOF | F_DERIVED, - SP_HMAC_SHA1_checksum, - NULL -}; -static struct checksum_type checksum_hmac_sha1_aes128 = { - CKSUMTYPE_HMAC_SHA1_96_AES_128, - "hmac-sha1-96-aes128", - 64, - 12, - F_KEYED | F_CPROOF | F_DERIVED, - SP_HMAC_SHA1_checksum, - NULL -}; - -static struct checksum_type checksum_hmac_sha1_aes256 = { - CKSUMTYPE_HMAC_SHA1_96_AES_256, - "hmac-sha1-96-aes256", - 64, - 12, - F_KEYED | F_CPROOF | F_DERIVED, - SP_HMAC_SHA1_checksum, - NULL -}; - -static struct checksum_type checksum_hmac_md5 = { - CKSUMTYPE_HMAC_MD5, - "hmac-md5", - 64, - 16, - F_KEYED | F_CPROOF, - HMAC_MD5_checksum, - NULL -}; - -static struct checksum_type checksum_hmac_md5_enc = { - CKSUMTYPE_HMAC_MD5_ENC, - "hmac-md5-enc", - 64, - 16, - F_KEYED | F_CPROOF | F_PSEUDO, - HMAC_MD5_checksum_enc, - NULL -}; - -static struct checksum_type *checksum_types[] = { - &checksum_none, - &checksum_crc32, - &checksum_rsa_md4, - &checksum_rsa_md4_des, -#if 0 - &checksum_des_mac, - &checksum_des_mac_k, - &checksum_rsa_md4_des_k, -#endif - &checksum_rsa_md5, - &checksum_rsa_md5_des, - &checksum_rsa_md5_des3, - &checksum_sha1, - &checksum_hmac_sha1_des3, - &checksum_hmac_sha1_aes128, - &checksum_hmac_sha1_aes256, - &checksum_hmac_md5, - &checksum_hmac_md5_enc -}; - -static int num_checksums = sizeof(checksum_types) / sizeof(checksum_types[0]); - -static struct checksum_type * -_find_checksum(krb5_cksumtype type) +struct _krb5_checksum_type * +_krb5_find_checksum(krb5_cksumtype type) { int i; - for(i = 0; i < num_checksums; i++) - if(checksum_types[i]->type == type) - return checksum_types[i]; + for(i = 0; i < _krb5_num_checksums; i++) + if(_krb5_checksum_types[i]->type == type) + return _krb5_checksum_types[i]; return NULL; } static krb5_error_code -get_checksum_key(krb5_context context, +get_checksum_key(krb5_context context, krb5_crypto crypto, unsigned usage, /* not krb5_key_usage */ - struct checksum_type *ct, - struct key_data **key) + struct _krb5_checksum_type *ct, + struct _krb5_key_data **key) { krb5_error_code ret = 0; if(ct->flags & F_DERIVED) ret = _get_derived_key(context, crypto, usage, key); else if(ct->flags & F_VARIANT) { - int i; + size_t i; *key = _new_derived_key(crypto, 0xff/* KRB5_KU_RFC1510_VARIANT */); if(*key == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } ret = krb5_copy_keyblock(context, crypto->key.key, &(*key)->key); - if(ret) + if(ret) return ret; for(i = 0; i < (*key)->key->keyvalue.length; i++) ((unsigned char*)(*key)->key->keyvalue.data)[i] ^= 0xF0; } else { - *key = &crypto->key; + *key = &crypto->key; } if(ret == 0) ret = _key_schedule(context, *key); @@ -1815,7 +331,7 @@ get_checksum_key(krb5_context context, static krb5_error_code create_checksum (krb5_context context, - struct checksum_type *ct, + struct _krb5_checksum_type *ct, krb5_crypto crypto, unsigned usage, void *data, @@ -1823,18 +339,19 @@ create_checksum (krb5_context context, Checksum *result) { krb5_error_code ret; - struct key_data *dkey; + struct _krb5_key_data *dkey; int keyed_checksum; - + if (ct->flags & F_DISABLED) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_PROG_SUMTYPE_NOSUPP; } keyed_checksum = (ct->flags & F_KEYED) != 0; if(keyed_checksum && crypto == NULL) { - krb5_set_error_string (context, "Checksum type %s is keyed " - "but no crypto context (key) was passed in", - ct->name); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("Checksum type %s is keyed but no " + "crypto context (key) was passed in", ""), + ct->name); return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ } if(keyed_checksum) { @@ -1847,18 +364,17 @@ create_checksum (krb5_context context, ret = krb5_data_alloc(&result->checksum, ct->checksumsize); if (ret) return (ret); - (*ct->checksum)(context, dkey, data, len, usage, result); - return 0; + return (*ct->checksum)(context, dkey, data, len, usage, result); } static int -arcfour_checksum_p(struct checksum_type *ct, krb5_crypto crypto) +arcfour_checksum_p(struct _krb5_checksum_type *ct, krb5_crypto crypto) { return (ct->type == CKSUMTYPE_HMAC_MD5) && (crypto->key.key->keytype == KEYTYPE_ARCFOUR); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_create_checksum(krb5_context context, krb5_crypto crypto, krb5_key_usage usage, @@ -1867,12 +383,12 @@ krb5_create_checksum(krb5_context context, size_t len, Checksum *result) { - struct checksum_type *ct = NULL; + struct _krb5_checksum_type *ct = NULL; unsigned keyusage; /* type 0 -> pick from crypto */ if (type) { - ct = _find_checksum(type); + ct = _krb5_find_checksum(type); } else if (crypto) { ct = crypto->et->keyed_checksum; if (ct == NULL) @@ -1880,14 +396,15 @@ krb5_create_checksum(krb5_context context, } if(ct == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - type); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("checksum type %d not supported", ""), + type); return KRB5_PROG_SUMTYPE_NOSUPP; } if (arcfour_checksum_p(ct, crypto)) { keyusage = usage; - usage2arcfour(context, &keyusage); + _krb5_usage2arcfour(context, &keyusage); } else keyusage = CHECKSUM_USAGE(usage); @@ -1904,45 +421,85 @@ verify_checksum(krb5_context context, Checksum *cksum) { krb5_error_code ret; - struct key_data *dkey; + struct _krb5_key_data *dkey; int keyed_checksum; Checksum c; - struct checksum_type *ct; + struct _krb5_checksum_type *ct; - ct = _find_checksum(cksum->cksumtype); + ct = _krb5_find_checksum(cksum->cksumtype); if (ct == NULL || (ct->flags & F_DISABLED)) { - krb5_set_error_string (context, "checksum type %d not supported", - cksum->cksumtype); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("checksum type %d not supported", ""), + cksum->cksumtype); return KRB5_PROG_SUMTYPE_NOSUPP; } if(ct->checksumsize != cksum->checksum.length) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); + krb5_set_error_message(context, KRB5KRB_AP_ERR_BAD_INTEGRITY, + N_("Decrypt integrity check failed for checksum type %s, " + "length was %u, expected %u", ""), + ct->name, (unsigned)cksum->checksum.length, + (unsigned)ct->checksumsize); + return KRB5KRB_AP_ERR_BAD_INTEGRITY; /* XXX */ } keyed_checksum = (ct->flags & F_KEYED) != 0; - if(keyed_checksum && crypto == NULL) { - krb5_set_error_string (context, "Checksum type %s is keyed " - "but no crypto context (key) was passed in", - ct->name); - return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ - } - if(keyed_checksum) + if(keyed_checksum) { + struct _krb5_checksum_type *kct; + if (crypto == NULL) { + krb5_set_error_message(context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("Checksum type %s is keyed but no " + "crypto context (key) was passed in", ""), + ct->name); + return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ + } + kct = crypto->et->keyed_checksum; + if (kct != NULL && kct->type != ct->type) { + krb5_set_error_message(context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("Checksum type %s is keyed, but " + "the key type %s passed didnt have that checksum " + "type as the keyed type", ""), + ct->name, crypto->et->name); + return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ + } + ret = get_checksum_key(context, crypto, usage, ct, &dkey); - else + if (ret) + return ret; + } else dkey = NULL; - if(ct->verify) - return (*ct->verify)(context, dkey, data, len, usage, cksum); + + /* + * If checksum have a verify function, lets use that instead of + * calling ->checksum and then compare result. + */ + + if(ct->verify) { + ret = (*ct->verify)(context, dkey, data, len, usage, cksum); + if (ret) + krb5_set_error_message(context, ret, + N_("Decrypt integrity check failed for checksum " + "type %s, key type %s", ""), + ct->name, (crypto != NULL)? crypto->et->name : "(none)"); + return ret; + } ret = krb5_data_alloc (&c.checksum, ct->checksumsize); if (ret) return ret; - (*ct->checksum)(context, dkey, data, len, usage, &c); + ret = (*ct->checksum)(context, dkey, data, len, usage, &c); + if (ret) { + krb5_data_free(&c.checksum); + return ret; + } - if(c.checksum.length != cksum->checksum.length || - memcmp(c.checksum.data, cksum->checksum.data, c.checksum.length)) { - krb5_clear_error_string (context); + if(krb5_data_ct_cmp(&c.checksum, &cksum->checksum) != 0) { ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; + krb5_set_error_message(context, ret, + N_("Decrypt integrity check failed for checksum " + "type %s, key type %s", ""), + ct->name, crypto ? crypto->et->name : "(unkeyed)"); } else { ret = 0; } @@ -1950,27 +507,28 @@ verify_checksum(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_checksum(krb5_context context, krb5_crypto crypto, - krb5_key_usage usage, + krb5_key_usage usage, void *data, size_t len, Checksum *cksum) { - struct checksum_type *ct; + struct _krb5_checksum_type *ct; unsigned keyusage; - ct = _find_checksum(cksum->cksumtype); + ct = _krb5_find_checksum(cksum->cksumtype); if(ct == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - cksum->cksumtype); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("checksum type %d not supported", ""), + cksum->cksumtype); return KRB5_PROG_SUMTYPE_NOSUPP; } if (arcfour_checksum_p(ct, crypto)) { keyusage = usage; - usage2arcfour(context, &keyusage); + _krb5_usage2arcfour(context, &keyusage); } else keyusage = CHECKSUM_USAGE(usage); @@ -1978,82 +536,87 @@ krb5_verify_checksum(krb5_context context, data, len, cksum); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_get_checksum_type(krb5_context context, krb5_crypto crypto, krb5_cksumtype *type) { - struct checksum_type *ct = NULL; - + struct _krb5_checksum_type *ct = NULL; + if (crypto != NULL) { ct = crypto->et->keyed_checksum; if (ct == NULL) ct = crypto->et->checksum; } - + if (ct == NULL) { - krb5_set_error_string (context, "checksum type not found"); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("checksum type not found", "")); return KRB5_PROG_SUMTYPE_NOSUPP; - } + } *type = ct->type; - - return 0; + + return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_checksumsize(krb5_context context, krb5_cksumtype type, size_t *size) { - struct checksum_type *ct = _find_checksum(type); + struct _krb5_checksum_type *ct = _krb5_find_checksum(type); if(ct == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - type); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("checksum type %d not supported", ""), + type); return KRB5_PROG_SUMTYPE_NOSUPP; } *size = ct->checksumsize; return 0; } -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_checksum_is_keyed(krb5_context context, krb5_cksumtype type) { - struct checksum_type *ct = _find_checksum(type); + struct _krb5_checksum_type *ct = _krb5_find_checksum(type); if(ct == NULL) { if (context) - krb5_set_error_string (context, "checksum type %d not supported", - type); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("checksum type %d not supported", ""), + type); return KRB5_PROG_SUMTYPE_NOSUPP; } return ct->flags & F_KEYED; } -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_checksum_is_collision_proof(krb5_context context, krb5_cksumtype type) { - struct checksum_type *ct = _find_checksum(type); + struct _krb5_checksum_type *ct = _krb5_find_checksum(type); if(ct == NULL) { if (context) - krb5_set_error_string (context, "checksum type %d not supported", - type); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("checksum type %d not supported", ""), + type); return KRB5_PROG_SUMTYPE_NOSUPP; } return ct->flags & F_CPROOF; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_checksum_disable(krb5_context context, krb5_cksumtype type) { - struct checksum_type *ct = _find_checksum(type); + struct _krb5_checksum_type *ct = _krb5_find_checksum(type); if(ct == NULL) { if (context) - krb5_set_error_string (context, "checksum type %d not supported", - type); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("checksum type %d not supported", ""), + type); return KRB5_PROG_SUMTYPE_NOSUPP; } ct->flags |= F_DISABLED; @@ -2064,912 +627,163 @@ krb5_checksum_disable(krb5_context context, * * ************************************************************/ -static krb5_error_code -NULL_encrypt(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ivec) -{ - return 0; -} - -static krb5_error_code -DES_CBC_encrypt_null_ivec(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ignore_ivec) -{ - DES_cblock ivec; - DES_key_schedule *s = key->schedule->data; - memset(&ivec, 0, sizeof(ivec)); - DES_cbc_encrypt(data, data, len, s, &ivec, encryptp); - return 0; -} - -static krb5_error_code -DES_CBC_encrypt_key_ivec(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ignore_ivec) -{ - DES_cblock ivec; - DES_key_schedule *s = key->schedule->data; - memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); - DES_cbc_encrypt(data, data, len, s, &ivec, encryptp); - return 0; -} - -static krb5_error_code -DES3_CBC_encrypt(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ivec) -{ - DES_cblock local_ivec; - DES_key_schedule *s = key->schedule->data; - if(ivec == NULL) { - ivec = &local_ivec; - memset(local_ivec, 0, sizeof(local_ivec)); - } - DES_ede3_cbc_encrypt(data, data, len, &s[0], &s[1], &s[2], ivec, encryptp); - return 0; -} - -static krb5_error_code -DES_CFB64_encrypt_null_ivec(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ignore_ivec) -{ - DES_cblock ivec; - int num = 0; - DES_key_schedule *s = key->schedule->data; - memset(&ivec, 0, sizeof(ivec)); - - DES_cfb64_encrypt(data, data, len, s, &ivec, &num, encryptp); - return 0; -} - -static krb5_error_code -DES_PCBC_encrypt_key_ivec(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ignore_ivec) -{ - DES_cblock ivec; - DES_key_schedule *s = key->schedule->data; - memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); - - DES_pcbc_encrypt(data, data, len, s, &ivec, encryptp); - return 0; -} - -/* - * AES draft-raeburn-krb-rijndael-krb-02 - */ - -void KRB5_LIB_FUNCTION -_krb5_aes_cts_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const AES_KEY *key, - unsigned char *ivec, const int encryptp) -{ - unsigned char tmp[AES_BLOCK_SIZE]; - int i; - - /* - * In the framework of kerberos, the length can never be shorter - * then at least one blocksize. - */ - - if (encryptp) { - - while(len > AES_BLOCK_SIZE) { - for (i = 0; i < AES_BLOCK_SIZE; i++) - tmp[i] = in[i] ^ ivec[i]; - AES_encrypt(tmp, out, key); - memcpy(ivec, out, AES_BLOCK_SIZE); - len -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - - for (i = 0; i < len; i++) - tmp[i] = in[i] ^ ivec[i]; - for (; i < AES_BLOCK_SIZE; i++) - tmp[i] = 0 ^ ivec[i]; - - AES_encrypt(tmp, out - AES_BLOCK_SIZE, key); - - memcpy(out, ivec, len); - memcpy(ivec, out - AES_BLOCK_SIZE, AES_BLOCK_SIZE); - - } else { - unsigned char tmp2[AES_BLOCK_SIZE]; - unsigned char tmp3[AES_BLOCK_SIZE]; - - while(len > AES_BLOCK_SIZE * 2) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(in, out, key); - for (i = 0; i < AES_BLOCK_SIZE; i++) - out[i] ^= ivec[i]; - memcpy(ivec, tmp, AES_BLOCK_SIZE); - len -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - - len -= AES_BLOCK_SIZE; - - memcpy(tmp, in, AES_BLOCK_SIZE); /* save last iv */ - AES_decrypt(in, tmp2, key); - - memcpy(tmp3, in + AES_BLOCK_SIZE, len); - memcpy(tmp3 + len, tmp2 + len, AES_BLOCK_SIZE - len); /* xor 0 */ - - for (i = 0; i < len; i++) - out[i + AES_BLOCK_SIZE] = tmp2[i] ^ tmp3[i]; - - AES_decrypt(tmp3, out, key); - for (i = 0; i < AES_BLOCK_SIZE; i++) - out[i] ^= ivec[i]; - memcpy(ivec, tmp, AES_BLOCK_SIZE); - } -} - -static krb5_error_code -AES_CTS_encrypt(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ivec) -{ - struct krb5_aes_schedule *aeskey = key->schedule->data; - char local_ivec[AES_BLOCK_SIZE]; - AES_KEY *k; - - if (encryptp) - k = &aeskey->ekey; - else - k = &aeskey->dkey; - - if (len < AES_BLOCK_SIZE) - krb5_abortx(context, "invalid use of AES_CTS_encrypt"); - if (len == AES_BLOCK_SIZE) { - if (encryptp) - AES_encrypt(data, data, k); - else - AES_decrypt(data, data, k); - } else { - if(ivec == NULL) { - memset(local_ivec, 0, sizeof(local_ivec)); - ivec = local_ivec; - } - _krb5_aes_cts_encrypt(data, data, len, k, ivec, encryptp); - } - - return 0; -} - -/* - * section 6 of draft-brezak-win2k-krb-rc4-hmac-03 - * - * warning: not for small children - */ - -static krb5_error_code -ARCFOUR_subencrypt(krb5_context context, - struct key_data *key, - void *data, - size_t len, - unsigned usage, - void *ivec) -{ - struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5); - Checksum k1_c, k2_c, k3_c, cksum; - struct key_data ke; - krb5_keyblock kb; - unsigned char t[4]; - RC4_KEY rc4_key; - unsigned char *cdata = data; - unsigned char k1_c_data[16], k2_c_data[16], k3_c_data[16]; - krb5_error_code ret; - - t[0] = (usage >> 0) & 0xFF; - t[1] = (usage >> 8) & 0xFF; - t[2] = (usage >> 16) & 0xFF; - t[3] = (usage >> 24) & 0xFF; - - k1_c.checksum.length = sizeof(k1_c_data); - k1_c.checksum.data = k1_c_data; - - ret = hmac(NULL, c, t, sizeof(t), 0, key, &k1_c); - if (ret) - krb5_abortx(context, "hmac failed"); - - memcpy (k2_c_data, k1_c_data, sizeof(k1_c_data)); - - k2_c.checksum.length = sizeof(k2_c_data); - k2_c.checksum.data = k2_c_data; - - ke.key = &kb; - kb.keyvalue = k2_c.checksum; - - cksum.checksum.length = 16; - cksum.checksum.data = data; - - ret = hmac(NULL, c, cdata + 16, len - 16, 0, &ke, &cksum); - if (ret) - krb5_abortx(context, "hmac failed"); - - ke.key = &kb; - kb.keyvalue = k1_c.checksum; - - k3_c.checksum.length = sizeof(k3_c_data); - k3_c.checksum.data = k3_c_data; - - ret = hmac(NULL, c, data, 16, 0, &ke, &k3_c); - if (ret) - krb5_abortx(context, "hmac failed"); - - RC4_set_key (&rc4_key, k3_c.checksum.length, k3_c.checksum.data); - RC4 (&rc4_key, len - 16, cdata + 16, cdata + 16); - memset (k1_c_data, 0, sizeof(k1_c_data)); - memset (k2_c_data, 0, sizeof(k2_c_data)); - memset (k3_c_data, 0, sizeof(k3_c_data)); - return 0; -} - -static krb5_error_code -ARCFOUR_subdecrypt(krb5_context context, - struct key_data *key, - void *data, - size_t len, - unsigned usage, - void *ivec) -{ - struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5); - Checksum k1_c, k2_c, k3_c, cksum; - struct key_data ke; - krb5_keyblock kb; - unsigned char t[4]; - RC4_KEY rc4_key; - unsigned char *cdata = data; - unsigned char k1_c_data[16], k2_c_data[16], k3_c_data[16]; - unsigned char cksum_data[16]; - krb5_error_code ret; - - t[0] = (usage >> 0) & 0xFF; - t[1] = (usage >> 8) & 0xFF; - t[2] = (usage >> 16) & 0xFF; - t[3] = (usage >> 24) & 0xFF; - - k1_c.checksum.length = sizeof(k1_c_data); - k1_c.checksum.data = k1_c_data; - - ret = hmac(NULL, c, t, sizeof(t), 0, key, &k1_c); - if (ret) - krb5_abortx(context, "hmac failed"); - - memcpy (k2_c_data, k1_c_data, sizeof(k1_c_data)); - - k2_c.checksum.length = sizeof(k2_c_data); - k2_c.checksum.data = k2_c_data; - - ke.key = &kb; - kb.keyvalue = k1_c.checksum; - - k3_c.checksum.length = sizeof(k3_c_data); - k3_c.checksum.data = k3_c_data; - - ret = hmac(NULL, c, cdata, 16, 0, &ke, &k3_c); - if (ret) - krb5_abortx(context, "hmac failed"); - - RC4_set_key (&rc4_key, k3_c.checksum.length, k3_c.checksum.data); - RC4 (&rc4_key, len - 16, cdata + 16, cdata + 16); - - ke.key = &kb; - kb.keyvalue = k2_c.checksum; - - cksum.checksum.length = 16; - cksum.checksum.data = cksum_data; - - ret = hmac(NULL, c, cdata + 16, len - 16, 0, &ke, &cksum); - if (ret) - krb5_abortx(context, "hmac failed"); - - memset (k1_c_data, 0, sizeof(k1_c_data)); - memset (k2_c_data, 0, sizeof(k2_c_data)); - memset (k3_c_data, 0, sizeof(k3_c_data)); - - if (memcmp (cksum.checksum.data, data, 16) != 0) { - krb5_clear_error_string (context); - return KRB5KRB_AP_ERR_BAD_INTEGRITY; - } else { - return 0; - } -} - -/* - * convert the usage numbers used in - * draft-ietf-cat-kerb-key-derivation-00.txt to the ones in - * draft-brezak-win2k-krb-rc4-hmac-04.txt - */ - -static krb5_error_code -usage2arcfour (krb5_context context, unsigned *usage) -{ - switch (*usage) { - case KRB5_KU_AS_REP_ENC_PART : /* 3 */ - case KRB5_KU_TGS_REP_ENC_PART_SUB_KEY : /* 9 */ - *usage = 8; - return 0; - case KRB5_KU_USAGE_SEAL : /* 22 */ - *usage = 13; - return 0; - case KRB5_KU_USAGE_SIGN : /* 23 */ - *usage = 15; - return 0; - case KRB5_KU_USAGE_SEQ: /* 24 */ - *usage = 0; - return 0; - default : - return 0; - } -} - -static krb5_error_code -ARCFOUR_encrypt(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ivec) -{ - krb5_error_code ret; - unsigned keyusage = usage; - - if((ret = usage2arcfour (context, &keyusage)) != 0) - return ret; - - if (encryptp) - return ARCFOUR_subencrypt (context, key, data, len, keyusage, ivec); - else - return ARCFOUR_subdecrypt (context, key, data, len, keyusage, ivec); -} - - -/* - * - */ - -static krb5_error_code -AES_PRF(krb5_context context, - krb5_crypto crypto, - const krb5_data *in, - krb5_data *out) -{ - struct checksum_type *ct = crypto->et->checksum; - krb5_error_code ret; - Checksum result; - krb5_keyblock *derived; - - result.cksumtype = ct->type; - ret = krb5_data_alloc(&result.checksum, ct->checksumsize); - if (ret) { - krb5_set_error_string(context, "out memory"); - return ret; - } - - (*ct->checksum)(context, NULL, in->data, in->length, 0, &result); - - if (result.checksum.length < crypto->et->blocksize) - krb5_abortx(context, "internal prf error"); - - derived = NULL; - ret = krb5_derive_key(context, crypto->key.key, - crypto->et->type, "prf", 3, &derived); - if (ret) - krb5_abortx(context, "krb5_derive_key"); - - ret = krb5_data_alloc(out, crypto->et->blocksize); - if (ret) - krb5_abortx(context, "malloc failed"); - - { - AES_KEY key; - - AES_set_encrypt_key(derived->keyvalue.data, - crypto->et->keytype->bits, &key); - AES_encrypt(result.checksum.data, out->data, &key); - memset(&key, 0, sizeof(key)); - } - - krb5_data_free(&result.checksum); - krb5_free_keyblock(context, derived); - - return ret; -} - -/* - * these should currently be in reverse preference order. - * (only relevant for !F_PSEUDO) */ - -static struct encryption_type enctype_null = { - ETYPE_NULL, - "null", - NULL, - 1, - 1, - 0, - &keytype_null, - &checksum_none, - NULL, - F_DISABLED, - NULL_encrypt, - 0, - NULL -}; -static struct encryption_type enctype_des_cbc_crc = { - ETYPE_DES_CBC_CRC, - "des-cbc-crc", - NULL, - 8, - 8, - 8, - &keytype_des, - &checksum_crc32, - NULL, - 0, - DES_CBC_encrypt_key_ivec, - 0, - NULL -}; -static struct encryption_type enctype_des_cbc_md4 = { - ETYPE_DES_CBC_MD4, - "des-cbc-md4", - NULL, - 8, - 8, - 8, - &keytype_des, - &checksum_rsa_md4, - &checksum_rsa_md4_des, - 0, - DES_CBC_encrypt_null_ivec, - 0, - NULL -}; -static struct encryption_type enctype_des_cbc_md5 = { - ETYPE_DES_CBC_MD5, - "des-cbc-md5", - NULL, - 8, - 8, - 8, - &keytype_des, - &checksum_rsa_md5, - &checksum_rsa_md5_des, - 0, - DES_CBC_encrypt_null_ivec, - 0, - NULL -}; -static struct encryption_type enctype_arcfour_hmac_md5 = { - ETYPE_ARCFOUR_HMAC_MD5, - "arcfour-hmac-md5", - NULL, - 1, - 1, - 8, - &keytype_arcfour, - &checksum_hmac_md5, - NULL, - F_SPECIAL, - ARCFOUR_encrypt, - 0, - NULL -}; -static struct encryption_type enctype_des3_cbc_md5 = { - ETYPE_DES3_CBC_MD5, - "des3-cbc-md5", - NULL, - 8, - 8, - 8, - &keytype_des3, - &checksum_rsa_md5, - &checksum_rsa_md5_des3, - 0, - DES3_CBC_encrypt, - 0, - NULL -}; -static struct encryption_type enctype_des3_cbc_sha1 = { - ETYPE_DES3_CBC_SHA1, - "des3-cbc-sha1", - NULL, - 8, - 8, - 8, - &keytype_des3_derived, - &checksum_sha1, - &checksum_hmac_sha1_des3, - F_DERIVED, - DES3_CBC_encrypt, - 0, - NULL -}; -static struct encryption_type enctype_old_des3_cbc_sha1 = { - ETYPE_OLD_DES3_CBC_SHA1, - "old-des3-cbc-sha1", - NULL, - 8, - 8, - 8, - &keytype_des3, - &checksum_sha1, - &checksum_hmac_sha1_des3, - 0, - DES3_CBC_encrypt, - 0, - NULL -}; -static struct encryption_type enctype_aes128_cts_hmac_sha1 = { - ETYPE_AES128_CTS_HMAC_SHA1_96, - "aes128-cts-hmac-sha1-96", - NULL, - 16, - 1, - 16, - &keytype_aes128, - &checksum_sha1, - &checksum_hmac_sha1_aes128, - F_DERIVED, - AES_CTS_encrypt, - 16, - AES_PRF -}; -static struct encryption_type enctype_aes256_cts_hmac_sha1 = { - ETYPE_AES256_CTS_HMAC_SHA1_96, - "aes256-cts-hmac-sha1-96", - NULL, - 16, - 1, - 16, - &keytype_aes256, - &checksum_sha1, - &checksum_hmac_sha1_aes256, - F_DERIVED, - AES_CTS_encrypt, - 16, - AES_PRF -}; -static struct encryption_type enctype_des_cbc_none = { - ETYPE_DES_CBC_NONE, - "des-cbc-none", - NULL, - 8, - 8, - 0, - &keytype_des, - &checksum_none, - NULL, - F_PSEUDO, - DES_CBC_encrypt_null_ivec, - 0, - NULL -}; -static struct encryption_type enctype_des_cfb64_none = { - ETYPE_DES_CFB64_NONE, - "des-cfb64-none", - NULL, - 1, - 1, - 0, - &keytype_des, - &checksum_none, - NULL, - F_PSEUDO, - DES_CFB64_encrypt_null_ivec, - 0, - NULL -}; -static struct encryption_type enctype_des_pcbc_none = { - ETYPE_DES_PCBC_NONE, - "des-pcbc-none", - NULL, - 8, - 8, - 0, - &keytype_des, - &checksum_none, - NULL, - F_PSEUDO, - DES_PCBC_encrypt_key_ivec, - 0, - NULL -}; -static struct encryption_type enctype_des3_cbc_none = { - ETYPE_DES3_CBC_NONE, - "des3-cbc-none", - NULL, - 8, - 8, - 0, - &keytype_des3_derived, - &checksum_none, - NULL, - F_PSEUDO, - DES3_CBC_encrypt, - 0, - NULL -}; - -static struct encryption_type *etypes[] = { - &enctype_null, - &enctype_des_cbc_crc, - &enctype_des_cbc_md4, - &enctype_des_cbc_md5, - &enctype_arcfour_hmac_md5, - &enctype_des3_cbc_md5, - &enctype_des3_cbc_sha1, - &enctype_old_des3_cbc_sha1, - &enctype_aes128_cts_hmac_sha1, - &enctype_aes256_cts_hmac_sha1, - &enctype_des_cbc_none, - &enctype_des_cfb64_none, - &enctype_des_pcbc_none, - &enctype_des3_cbc_none -}; - -static unsigned num_etypes = sizeof(etypes) / sizeof(etypes[0]); - - -static struct encryption_type * -_find_enctype(krb5_enctype type) +struct _krb5_encryption_type * +_krb5_find_enctype(krb5_enctype type) { int i; - for(i = 0; i < num_etypes; i++) - if(etypes[i]->type == type) - return etypes[i]; + for(i = 0; i < _krb5_num_etypes; i++) + if(_krb5_etypes[i]->type == type) + return _krb5_etypes[i]; return NULL; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_to_string(krb5_context context, krb5_enctype etype, char **string) { - struct encryption_type *e; - e = _find_enctype(etype); + struct _krb5_encryption_type *e; + e = _krb5_find_enctype(etype); if(e == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + etype); *string = NULL; return KRB5_PROG_ETYPE_NOSUPP; } *string = strdup(e->name); if(*string == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_enctype(krb5_context context, const char *string, krb5_enctype *etype) { int i; - for(i = 0; i < num_etypes; i++) - if(strcasecmp(etypes[i]->name, string) == 0){ - *etype = etypes[i]->type; + for(i = 0; i < _krb5_num_etypes; i++) + if(strcasecmp(_krb5_etypes[i]->name, string) == 0){ + *etype = _krb5_etypes[i]->type; return 0; } - krb5_set_error_string (context, "encryption type %s not supported", - string); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %s not supported", ""), + string); return KRB5_PROG_ETYPE_NOSUPP; } -krb5_error_code KRB5_LIB_FUNCTION -_krb5_enctype_to_oid(krb5_context context, - krb5_enctype etype, - heim_oid *oid) -{ - struct encryption_type *et = _find_enctype(etype); - if(et == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); - return KRB5_PROG_ETYPE_NOSUPP; - } - if(et->oid == NULL) { - krb5_set_error_string (context, "%s have not oid", et->name); - return KRB5_PROG_ETYPE_NOSUPP; - } - krb5_clear_error_string(context); - return der_copy_oid(et->oid, oid); -} - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_oid_to_enctype(krb5_context context, - const heim_oid *oid, - krb5_enctype *etype) -{ - int i; - for(i = 0; i < num_etypes; i++) { - if(etypes[i]->oid && der_heim_oid_cmp(etypes[i]->oid, oid) == 0) { - *etype = etypes[i]->type; - return 0; - } - } - krb5_set_error_string(context, "enctype for oid not supported"); - return KRB5_PROG_ETYPE_NOSUPP; -} - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_to_keytype(krb5_context context, krb5_enctype etype, krb5_keytype *keytype) { - struct encryption_type *e = _find_enctype(etype); + struct _krb5_encryption_type *e = _krb5_find_enctype(etype); if(e == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + etype); return KRB5_PROG_ETYPE_NOSUPP; } *keytype = e->keytype->type; /* XXX */ return 0; } -#if 0 -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytype_to_enctype(krb5_context context, - krb5_keytype keytype, - krb5_enctype *etype) -{ - struct key_type *kt = _find_keytype(keytype); - krb5_warnx(context, "krb5_keytype_to_enctype(%u)", keytype); - if(kt == NULL) - return KRB5_PROG_KEYTYPE_NOSUPP; - *etype = kt->best_etype; - return 0; -} -#endif - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytype_to_enctypes (krb5_context context, - krb5_keytype keytype, - unsigned *len, - krb5_enctype **val) -{ - int i; - unsigned n = 0; - krb5_enctype *ret; - - for (i = num_etypes - 1; i >= 0; --i) { - if (etypes[i]->keytype->type == keytype - && !(etypes[i]->flags & F_PSEUDO)) - ++n; - } - ret = malloc(n * sizeof(*ret)); - if (ret == NULL && n != 0) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - n = 0; - for (i = num_etypes - 1; i >= 0; --i) { - if (etypes[i]->keytype->type == keytype - && !(etypes[i]->flags & F_PSEUDO)) - ret[n++] = etypes[i]->type; - } - *len = n; - *val = ret; - return 0; -} - -/* - * First take the configured list of etypes for `keytype' if available, - * else, do `krb5_keytype_to_enctypes'. +/** + * Check if a enctype is valid, return 0 if it is. + * + * @param context Kerberos context + * @param etype enctype to check if its valid or not + * + * @return Return an error code for an failure or 0 on success (enctype valid). + * @ingroup krb5_crypto */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytype_to_enctypes_default (krb5_context context, - krb5_keytype keytype, - unsigned *len, - krb5_enctype **val) +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_enctype_valid(krb5_context context, + krb5_enctype etype) { - int i, n; - krb5_enctype *ret; - - if (keytype != KEYTYPE_DES || context->etypes_des == NULL) - return krb5_keytype_to_enctypes (context, keytype, len, val); - - for (n = 0; context->etypes_des[n]; ++n) - ; - ret = malloc (n * sizeof(*ret)); - if (ret == NULL && n != 0) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - for (i = 0; i < n; ++i) - ret[i] = context->etypes_des[i]; - *len = n; - *val = ret; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_valid(krb5_context context, - krb5_enctype etype) -{ - struct encryption_type *e = _find_enctype(etype); + struct _krb5_encryption_type *e = _krb5_find_enctype(etype); + if(e && (e->flags & F_DISABLED) == 0) + return 0; + if (context == NULL) + return KRB5_PROG_ETYPE_NOSUPP; if(e == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + etype); return KRB5_PROG_ETYPE_NOSUPP; } - if (e->flags & F_DISABLED) { - krb5_set_error_string (context, "encryption type %s is disabled", - e->name); - return KRB5_PROG_ETYPE_NOSUPP; - } - return 0; + /* Must be (e->flags & F_DISABLED) */ + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %s is disabled", ""), + e->name); + return KRB5_PROG_ETYPE_NOSUPP; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_cksumtype_valid(krb5_context context, +/** + * Return the coresponding encryption type for a checksum type. + * + * @param context Kerberos context + * @param ctype The checksum type to get the result enctype for + * @param etype The returned encryption, when the matching etype is + * not found, etype is set to ETYPE_NULL. + * + * @return Return an error code for an failure or 0 on success. + * @ingroup krb5_crypto + */ + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cksumtype_to_enctype(krb5_context context, + krb5_cksumtype ctype, + krb5_enctype *etype) +{ + int i; + + *etype = ETYPE_NULL; + + for(i = 0; i < _krb5_num_etypes; i++) { + if(_krb5_etypes[i]->keyed_checksum && + _krb5_etypes[i]->keyed_checksum->type == ctype) + { + *etype = _krb5_etypes[i]->type; + return 0; + } + } + + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("checksum type %d not supported", ""), + (int)ctype); + return KRB5_PROG_SUMTYPE_NOSUPP; +} + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cksumtype_valid(krb5_context context, krb5_cksumtype ctype) { - struct checksum_type *c = _find_checksum(ctype); + struct _krb5_checksum_type *c = _krb5_find_checksum(ctype); if (c == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - ctype); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("checksum type %d not supported", ""), + ctype); return KRB5_PROG_SUMTYPE_NOSUPP; } if (c->flags & F_DISABLED) { - krb5_set_error_string (context, "checksum type %s is disabled", - c->name); + krb5_set_error_message (context, KRB5_PROG_SUMTYPE_NOSUPP, + N_("checksum type %s is disabled", ""), + c->name); return KRB5_PROG_SUMTYPE_NOSUPP; } return 0; } -/* if two enctypes have compatible keys */ -krb5_boolean KRB5_LIB_FUNCTION -krb5_enctypes_compatible_keys(krb5_context context, - krb5_enctype etype1, - krb5_enctype etype2) -{ - struct encryption_type *e1 = _find_enctype(etype1); - struct encryption_type *e2 = _find_enctype(etype2); - return e1 != NULL && e2 != NULL && e1->keytype == e2->keytype; -} - static krb5_boolean derived_crypto(krb5_context context, krb5_crypto crypto) @@ -3000,9 +814,9 @@ encrypt_internal_derived(krb5_context context, Checksum cksum; unsigned char *p, *q; krb5_error_code ret; - struct key_data *dkey; - const struct encryption_type *et = crypto->et; - + struct _krb5_key_data *dkey; + const struct _krb5_encryption_type *et = crypto->et; + checksum_sz = CHECKSUMSIZE(et->keyed_checksum); sz = et->confoundersize + len; @@ -3010,25 +824,25 @@ encrypt_internal_derived(krb5_context context, total_sz = block_sz + checksum_sz; p = calloc(1, total_sz); if(p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } - + q = p; krb5_generate_random_block(q, et->confoundersize); /* XXX */ q += et->confoundersize; memcpy(q, data, len); - - ret = create_checksum(context, + + ret = create_checksum(context, et->keyed_checksum, - crypto, + crypto, INTEGRITY_USAGE(usage), - p, + p, block_sz, &cksum); if(ret == 0 && cksum.checksum.length != checksum_sz) { free_Checksum (&cksum); - krb5_clear_error_string (context); + krb5_clear_error_message (context); ret = KRB5_CRYPTO_INTERNAL; } if(ret) @@ -3041,9 +855,6 @@ encrypt_internal_derived(krb5_context context, ret = _key_schedule(context, dkey); if(ret) goto fail; -#ifdef CRYPTO_DEBUG - krb5_crypto_debug(context, 1, block_sz, dkey->key); -#endif ret = (*et->encrypt)(context, dkey, p, block_sz, 1, usage, ivec); if (ret) goto fail; @@ -3069,18 +880,18 @@ encrypt_internal(krb5_context context, Checksum cksum; unsigned char *p, *q; krb5_error_code ret; - const struct encryption_type *et = crypto->et; - + const struct _krb5_encryption_type *et = crypto->et; + checksum_sz = CHECKSUMSIZE(et->checksum); - + sz = et->confoundersize + checksum_sz + len; block_sz = (sz + et->padsize - 1) &~ (et->padsize - 1); /* pad */ p = calloc(1, block_sz); if(p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } - + q = p; krb5_generate_random_block(q, et->confoundersize); /* XXX */ q += et->confoundersize; @@ -3088,15 +899,15 @@ encrypt_internal(krb5_context context, q += checksum_sz; memcpy(q, data, len); - ret = create_checksum(context, + ret = create_checksum(context, et->checksum, crypto, 0, - p, + p, block_sz, &cksum); if(ret == 0 && cksum.checksum.length != checksum_sz) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); free_Checksum(&cksum); ret = KRB5_CRYPTO_INTERNAL; } @@ -3107,9 +918,6 @@ encrypt_internal(krb5_context context, ret = _key_schedule(context, &crypto->key); if(ret) goto fail; -#ifdef CRYPTO_DEBUG - krb5_crypto_debug(context, 1, block_sz, crypto->key.key); -#endif ret = (*et->encrypt)(context, &crypto->key, p, block_sz, 1, 0, ivec); if (ret) { memset(p, 0, block_sz); @@ -3134,7 +942,7 @@ encrypt_internal_special(krb5_context context, krb5_data *result, void *ivec) { - struct encryption_type *et = crypto->et; + struct _krb5_encryption_type *et = crypto->et; size_t cksum_sz = CHECKSUMSIZE(et->checksum); size_t sz = len + cksum_sz + et->confoundersize; char *tmp, *p; @@ -3142,7 +950,7 @@ encrypt_internal_special(krb5_context context, tmp = malloc (sz); if (tmp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } p = tmp; @@ -3175,25 +983,26 @@ decrypt_internal_derived(krb5_context context, Checksum cksum; unsigned char *p; krb5_error_code ret; - struct key_data *dkey; - struct encryption_type *et = crypto->et; + struct _krb5_key_data *dkey; + struct _krb5_encryption_type *et = crypto->et; unsigned long l; - + checksum_sz = CHECKSUMSIZE(et->keyed_checksum); if (len < checksum_sz + et->confoundersize) { - krb5_set_error_string(context, "Encrypted data shorter then " - "checksum + confunder"); + krb5_set_error_message(context, KRB5_BAD_MSIZE, + N_("Encrypted data shorter then " + "checksum + confunder", "")); return KRB5_BAD_MSIZE; } if (((len - checksum_sz) % et->padsize) != 0) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return KRB5_BAD_MSIZE; } p = malloc(len); if(len != 0 && p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } memcpy(p, data, len); @@ -3210,9 +1019,6 @@ decrypt_internal_derived(krb5_context context, free(p); return ret; } -#ifdef CRYPTO_DEBUG - krb5_crypto_debug(context, 0, len, dkey->key); -#endif ret = (*et->encrypt)(context, dkey, p, len, 0, usage, ivec); if (ret) { free(p); @@ -3238,7 +1044,7 @@ decrypt_internal_derived(krb5_context context, result->data = realloc(p, l); if(result->data == NULL && l != 0) { free(p); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } result->length = l; @@ -3257,29 +1063,32 @@ decrypt_internal(krb5_context context, unsigned char *p; Checksum cksum; size_t checksum_sz, l; - struct encryption_type *et = crypto->et; - + struct _krb5_encryption_type *et = crypto->et; + if ((len % et->padsize) != 0) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); + return KRB5_BAD_MSIZE; + } + checksum_sz = CHECKSUMSIZE(et->checksum); + if (len < checksum_sz + et->confoundersize) { + krb5_set_error_message(context, KRB5_BAD_MSIZE, + N_("Encrypted data shorter then " + "checksum + confunder", "")); return KRB5_BAD_MSIZE; } - checksum_sz = CHECKSUMSIZE(et->checksum); p = malloc(len); if(len != 0 && p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } memcpy(p, data, len); - + ret = _key_schedule(context, &crypto->key); if(ret) { free(p); return ret; } -#ifdef CRYPTO_DEBUG - krb5_crypto_debug(context, 0, len, crypto->key.key); -#endif ret = (*et->encrypt)(context, &crypto->key, p, len, 0, 0, ivec); if (ret) { free(p); @@ -3303,7 +1112,7 @@ decrypt_internal(krb5_context context, result->data = realloc(p, l); if(result->data == NULL && l != 0) { free(p); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } result->length = l; @@ -3319,24 +1128,30 @@ decrypt_internal_special(krb5_context context, krb5_data *result, void *ivec) { - struct encryption_type *et = crypto->et; + struct _krb5_encryption_type *et = crypto->et; size_t cksum_sz = CHECKSUMSIZE(et->checksum); size_t sz = len - cksum_sz - et->confoundersize; unsigned char *p; krb5_error_code ret; if ((len % et->padsize) != 0) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); + return KRB5_BAD_MSIZE; + } + if (len < cksum_sz + et->confoundersize) { + krb5_set_error_message(context, KRB5_BAD_MSIZE, + N_("Encrypted data shorter then " + "checksum + confunder", "")); return KRB5_BAD_MSIZE; } p = malloc (len); if (p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } memcpy(p, data, len); - + ret = (*et->encrypt)(context, &crypto->key, p, len, FALSE, usage, ivec); if (ret) { free(p); @@ -3347,15 +1162,583 @@ decrypt_internal_special(krb5_context context, result->data = realloc(p, sz); if(result->data == NULL && sz != 0) { free(p); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } result->length = sz; return 0; } +static krb5_crypto_iov * +find_iv(krb5_crypto_iov *data, size_t num_data, unsigned type) +{ + size_t i; + for (i = 0; i < num_data; i++) + if (data[i].flags == type) + return &data[i]; + return NULL; +} -krb5_error_code KRB5_LIB_FUNCTION +/** + * Inline encrypt a kerberos message + * + * @param context Kerberos context + * @param crypto Kerberos crypto context + * @param usage Key usage for this buffer + * @param data array of buffers to process + * @param num_data length of array + * @param ivec initial cbc/cts vector + * + * @return Return an error code or 0. + * @ingroup krb5_crypto + * + * Kerberos encrypted data look like this: + * + * 1. KRB5_CRYPTO_TYPE_HEADER + * 2. array [1,...] KRB5_CRYPTO_TYPE_DATA and array [0,...] + * KRB5_CRYPTO_TYPE_SIGN_ONLY in any order, however the receiver + * have to aware of the order. KRB5_CRYPTO_TYPE_SIGN_ONLY is + * commonly used headers and trailers. + * 3. KRB5_CRYPTO_TYPE_PADDING, at least on padsize long if padsize > 1 + * 4. KRB5_CRYPTO_TYPE_TRAILER + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_encrypt_iov_ivec(krb5_context context, + krb5_crypto crypto, + unsigned usage, + krb5_crypto_iov *data, + int num_data, + void *ivec) +{ + size_t headersz, trailersz, len; + int i; + size_t sz, block_sz, pad_sz; + Checksum cksum; + unsigned char *p, *q; + krb5_error_code ret; + struct _krb5_key_data *dkey; + const struct _krb5_encryption_type *et = crypto->et; + krb5_crypto_iov *tiv, *piv, *hiv; + + if (num_data < 0) { + krb5_clear_error_message(context); + return KRB5_CRYPTO_INTERNAL; + } + + if(!derived_crypto(context, crypto)) { + krb5_clear_error_message(context); + return KRB5_CRYPTO_INTERNAL; + } + + headersz = et->confoundersize; + trailersz = CHECKSUMSIZE(et->keyed_checksum); + + for (len = 0, i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_DATA) + continue; + len += data[i].data.length; + } + + sz = headersz + len; + block_sz = (sz + et->padsize - 1) &~ (et->padsize - 1); /* pad */ + + pad_sz = block_sz - sz; + + /* header */ + + hiv = find_iv(data, num_data, KRB5_CRYPTO_TYPE_HEADER); + if (hiv == NULL || hiv->data.length != headersz) + return KRB5_BAD_MSIZE; + + krb5_generate_random_block(hiv->data.data, hiv->data.length); + + /* padding */ + piv = find_iv(data, num_data, KRB5_CRYPTO_TYPE_PADDING); + /* its ok to have no TYPE_PADDING if there is no padding */ + if (piv == NULL && pad_sz != 0) + return KRB5_BAD_MSIZE; + if (piv) { + if (piv->data.length < pad_sz) + return KRB5_BAD_MSIZE; + piv->data.length = pad_sz; + if (pad_sz) + memset(piv->data.data, pad_sz, pad_sz); + else + piv = NULL; + } + + /* trailer */ + tiv = find_iv(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); + if (tiv == NULL || tiv->data.length != trailersz) + return KRB5_BAD_MSIZE; + + /* + * XXX replace with EVP_Sign? at least make create_checksum an iov + * function. + * XXX CTS EVP is broken, can't handle multi buffers :( + */ + + len = block_sz; + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue; + len += data[i].data.length; + } + + p = q = malloc(len); + + memcpy(q, hiv->data.data, hiv->data.length); + q += hiv->data.length; + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_DATA && + data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue; + memcpy(q, data[i].data.data, data[i].data.length); + q += data[i].data.length; + } + if (piv) + memset(q, 0, piv->data.length); + + ret = create_checksum(context, + et->keyed_checksum, + crypto, + INTEGRITY_USAGE(usage), + p, + len, + &cksum); + free(p); + if(ret == 0 && cksum.checksum.length != trailersz) { + free_Checksum (&cksum); + krb5_clear_error_message (context); + ret = KRB5_CRYPTO_INTERNAL; + } + if(ret) + return ret; + + /* save cksum at end */ + memcpy(tiv->data.data, cksum.checksum.data, cksum.checksum.length); + free_Checksum (&cksum); + + /* XXX replace with EVP_Cipher */ + p = q = malloc(block_sz); + if(p == NULL) + return ENOMEM; + + memcpy(q, hiv->data.data, hiv->data.length); + q += hiv->data.length; + + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_DATA) + continue; + memcpy(q, data[i].data.data, data[i].data.length); + q += data[i].data.length; + } + if (piv) + memset(q, 0, piv->data.length); + + + ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey); + if(ret) { + free(p); + return ret; + } + ret = _key_schedule(context, dkey); + if(ret) { + free(p); + return ret; + } + + ret = (*et->encrypt)(context, dkey, p, block_sz, 1, usage, ivec); + if (ret) { + free(p); + return ret; + } + + /* now copy data back to buffers */ + q = p; + + memcpy(hiv->data.data, q, hiv->data.length); + q += hiv->data.length; + + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_DATA) + continue; + memcpy(data[i].data.data, q, data[i].data.length); + q += data[i].data.length; + } + if (piv) + memcpy(piv->data.data, q, pad_sz); + + free(p); + + return ret; +} + +/** + * Inline decrypt a Kerberos message. + * + * @param context Kerberos context + * @param crypto Kerberos crypto context + * @param usage Key usage for this buffer + * @param data array of buffers to process + * @param num_data length of array + * @param ivec initial cbc/cts vector + * + * @return Return an error code or 0. + * @ingroup krb5_crypto + * + * 1. KRB5_CRYPTO_TYPE_HEADER + * 2. one KRB5_CRYPTO_TYPE_DATA and array [0,...] of KRB5_CRYPTO_TYPE_SIGN_ONLY in + * any order, however the receiver have to aware of the + * order. KRB5_CRYPTO_TYPE_SIGN_ONLY is commonly used unencrypoted + * protocol headers and trailers. The output data will be of same + * size as the input data or shorter. + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_decrypt_iov_ivec(krb5_context context, + krb5_crypto crypto, + unsigned usage, + krb5_crypto_iov *data, + unsigned int num_data, + void *ivec) +{ + unsigned int i; + size_t headersz, trailersz, len; + Checksum cksum; + unsigned char *p, *q; + krb5_error_code ret; + struct _krb5_key_data *dkey; + struct _krb5_encryption_type *et = crypto->et; + krb5_crypto_iov *tiv, *hiv; + + if(!derived_crypto(context, crypto)) { + krb5_clear_error_message(context); + return KRB5_CRYPTO_INTERNAL; + } + + headersz = et->confoundersize; + + hiv = find_iv(data, num_data, KRB5_CRYPTO_TYPE_HEADER); + if (hiv == NULL || hiv->data.length != headersz) + return KRB5_BAD_MSIZE; + + /* trailer */ + trailersz = CHECKSUMSIZE(et->keyed_checksum); + + tiv = find_iv(data, num_data, KRB5_CRYPTO_TYPE_TRAILER); + if (tiv->data.length != trailersz) + return KRB5_BAD_MSIZE; + + /* Find length of data we will decrypt */ + + len = headersz; + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_DATA) + continue; + len += data[i].data.length; + } + + if ((len % et->padsize) != 0) { + krb5_clear_error_message(context); + return KRB5_BAD_MSIZE; + } + + /* XXX replace with EVP_Cipher */ + + p = q = malloc(len); + if (p == NULL) + return ENOMEM; + + memcpy(q, hiv->data.data, hiv->data.length); + q += hiv->data.length; + + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_DATA) + continue; + memcpy(q, data[i].data.data, data[i].data.length); + q += data[i].data.length; + } + + ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey); + if(ret) { + free(p); + return ret; + } + ret = _key_schedule(context, dkey); + if(ret) { + free(p); + return ret; + } + + ret = (*et->encrypt)(context, dkey, p, len, 0, usage, ivec); + if (ret) { + free(p); + return ret; + } + + /* copy data back to buffers */ + memcpy(hiv->data.data, p, hiv->data.length); + q = p + hiv->data.length; + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_DATA) + continue; + memcpy(data[i].data.data, q, data[i].data.length); + q += data[i].data.length; + } + + free(p); + + /* check signature */ + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue; + len += data[i].data.length; + } + + p = q = malloc(len); + if (p == NULL) + return ENOMEM; + + memcpy(q, hiv->data.data, hiv->data.length); + q += hiv->data.length; + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_DATA && + data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue; + memcpy(q, data[i].data.data, data[i].data.length); + q += data[i].data.length; + } + + cksum.checksum.data = tiv->data.data; + cksum.checksum.length = tiv->data.length; + cksum.cksumtype = CHECKSUMTYPE(et->keyed_checksum); + + ret = verify_checksum(context, + crypto, + INTEGRITY_USAGE(usage), + p, + len, + &cksum); + free(p); + return ret; +} + +/** + * Create a Kerberos message checksum. + * + * @param context Kerberos context + * @param crypto Kerberos crypto context + * @param usage Key usage for this buffer + * @param data array of buffers to process + * @param num_data length of array + * @param type output data + * + * @return Return an error code or 0. + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_create_checksum_iov(krb5_context context, + krb5_crypto crypto, + unsigned usage, + krb5_crypto_iov *data, + unsigned int num_data, + krb5_cksumtype *type) +{ + Checksum cksum; + krb5_crypto_iov *civ; + krb5_error_code ret; + size_t i; + size_t len; + char *p, *q; + + if(!derived_crypto(context, crypto)) { + krb5_clear_error_message(context); + return KRB5_CRYPTO_INTERNAL; + } + + civ = find_iv(data, num_data, KRB5_CRYPTO_TYPE_CHECKSUM); + if (civ == NULL) + return KRB5_BAD_MSIZE; + + len = 0; + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_DATA && + data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue; + len += data[i].data.length; + } + + p = q = malloc(len); + + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_DATA && + data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue; + memcpy(q, data[i].data.data, data[i].data.length); + q += data[i].data.length; + } + + ret = krb5_create_checksum(context, crypto, usage, 0, p, len, &cksum); + free(p); + if (ret) + return ret; + + if (type) + *type = cksum.cksumtype; + + if (cksum.checksum.length > civ->data.length) { + krb5_set_error_message(context, KRB5_BAD_MSIZE, + N_("Checksum larger then input buffer", "")); + free_Checksum(&cksum); + return KRB5_BAD_MSIZE; + } + + civ->data.length = cksum.checksum.length; + memcpy(civ->data.data, cksum.checksum.data, civ->data.length); + free_Checksum(&cksum); + + return 0; +} + +/** + * Verify a Kerberos message checksum. + * + * @param context Kerberos context + * @param crypto Kerberos crypto context + * @param usage Key usage for this buffer + * @param data array of buffers to process + * @param num_data length of array + * @param type return checksum type if not NULL + * + * @return Return an error code or 0. + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_verify_checksum_iov(krb5_context context, + krb5_crypto crypto, + unsigned usage, + krb5_crypto_iov *data, + unsigned int num_data, + krb5_cksumtype *type) +{ + struct _krb5_encryption_type *et = crypto->et; + Checksum cksum; + krb5_crypto_iov *civ; + krb5_error_code ret; + size_t i; + size_t len; + char *p, *q; + + if(!derived_crypto(context, crypto)) { + krb5_clear_error_message(context); + return KRB5_CRYPTO_INTERNAL; + } + + civ = find_iv(data, num_data, KRB5_CRYPTO_TYPE_CHECKSUM); + if (civ == NULL) + return KRB5_BAD_MSIZE; + + len = 0; + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_DATA && + data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue; + len += data[i].data.length; + } + + p = q = malloc(len); + + for (i = 0; i < num_data; i++) { + if (data[i].flags != KRB5_CRYPTO_TYPE_DATA && + data[i].flags != KRB5_CRYPTO_TYPE_SIGN_ONLY) + continue; + memcpy(q, data[i].data.data, data[i].data.length); + q += data[i].data.length; + } + + cksum.cksumtype = CHECKSUMTYPE(et->keyed_checksum); + cksum.checksum.length = civ->data.length; + cksum.checksum.data = civ->data.data; + + ret = krb5_verify_checksum(context, crypto, usage, p, len, &cksum); + free(p); + + if (ret == 0 && type) + *type = cksum.cksumtype; + + return ret; +} + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_crypto_length(krb5_context context, + krb5_crypto crypto, + int type, + size_t *len) +{ + if (!derived_crypto(context, crypto)) { + krb5_set_error_message(context, EINVAL, "not a derived crypto"); + return EINVAL; + } + + switch(type) { + case KRB5_CRYPTO_TYPE_EMPTY: + *len = 0; + return 0; + case KRB5_CRYPTO_TYPE_HEADER: + *len = crypto->et->blocksize; + return 0; + case KRB5_CRYPTO_TYPE_DATA: + case KRB5_CRYPTO_TYPE_SIGN_ONLY: + /* len must already been filled in */ + return 0; + case KRB5_CRYPTO_TYPE_PADDING: + if (crypto->et->padsize > 1) + *len = crypto->et->padsize; + else + *len = 0; + return 0; + case KRB5_CRYPTO_TYPE_TRAILER: + *len = CHECKSUMSIZE(crypto->et->keyed_checksum); + return 0; + case KRB5_CRYPTO_TYPE_CHECKSUM: + if (crypto->et->keyed_checksum) + *len = CHECKSUMSIZE(crypto->et->keyed_checksum); + else + *len = CHECKSUMSIZE(crypto->et->checksum); + return 0; + } + krb5_set_error_message(context, EINVAL, + "%d not a supported type", type); + return EINVAL; +} + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_crypto_length_iov(krb5_context context, + krb5_crypto crypto, + krb5_crypto_iov *data, + unsigned int num_data) +{ + krb5_error_code ret; + size_t i; + + for (i = 0; i < num_data; i++) { + ret = krb5_crypto_length(context, crypto, + data[i].flags, + &data[i].data.length); + if (ret) + return ret; + } + return 0; +} + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encrypt_ivec(krb5_context context, krb5_crypto crypto, unsigned usage, @@ -3365,7 +1748,7 @@ krb5_encrypt_ivec(krb5_context context, void *ivec) { if(derived_crypto(context, crypto)) - return encrypt_internal_derived(context, crypto, usage, + return encrypt_internal_derived(context, crypto, usage, data, len, result, ivec); else if (special_crypto(context, crypto)) return encrypt_internal_special (context, crypto, usage, @@ -3374,7 +1757,7 @@ krb5_encrypt_ivec(krb5_context context, return encrypt_internal(context, crypto, data, len, result, ivec); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encrypt(krb5_context context, krb5_crypto crypto, unsigned usage, @@ -3385,7 +1768,7 @@ krb5_encrypt(krb5_context context, return krb5_encrypt_ivec(context, crypto, usage, data, len, result, NULL); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encrypt_EncryptedData(krb5_context context, krb5_crypto crypto, unsigned usage, @@ -3403,7 +1786,7 @@ krb5_encrypt_EncryptedData(krb5_context context, return krb5_encrypt(context, crypto, usage, data, len, &result->cipher); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decrypt_ivec(krb5_context context, krb5_crypto crypto, unsigned usage, @@ -3413,7 +1796,7 @@ krb5_decrypt_ivec(krb5_context context, void *ivec) { if(derived_crypto(context, crypto)) - return decrypt_internal_derived(context, crypto, usage, + return decrypt_internal_derived(context, crypto, usage, data, len, result, ivec); else if (special_crypto (context, crypto)) return decrypt_internal_special(context, crypto, usage, @@ -3422,7 +1805,7 @@ krb5_decrypt_ivec(krb5_context context, return decrypt_internal(context, crypto, data, len, result, ivec); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decrypt(krb5_context context, krb5_crypto crypto, unsigned usage, @@ -3434,14 +1817,14 @@ krb5_decrypt(krb5_context context, NULL); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decrypt_EncryptedData(krb5_context context, krb5_crypto crypto, unsigned usage, const EncryptedData *e, krb5_data *result) { - return krb5_decrypt(context, crypto, usage, + return krb5_decrypt(context, crypto, usage, e->cipher.data, e->cipher.length, result); } @@ -3449,96 +1832,17 @@ krb5_decrypt_EncryptedData(krb5_context context, * * ************************************************************/ -#define ENTROPY_NEEDED 128 - -static int -seed_something(void) +krb5_error_code +_krb5_derive_key(krb5_context context, + struct _krb5_encryption_type *et, + struct _krb5_key_data *key, + const void *constant, + size_t len) { - char buf[1024], seedfile[256]; - - /* If there is a seed file, load it. But such a file cannot be trusted, - so use 0 for the entropy estimate */ - if (RAND_file_name(seedfile, sizeof(seedfile))) { - int fd; - fd = open(seedfile, O_RDONLY); - if (fd >= 0) { - ssize_t ret; - ret = read(fd, buf, sizeof(buf)); - if (ret > 0) - RAND_add(buf, ret, 0.0); - close(fd); - } else - seedfile[0] = '\0'; - } else - seedfile[0] = '\0'; - - /* Calling RAND_status() will try to use /dev/urandom if it exists so - we do not have to deal with it. */ - if (RAND_status() != 1) { - krb5_context context; - const char *p; - - /* Try using egd */ - if (!krb5_init_context(&context)) { - p = krb5_config_get_string(context, NULL, "libdefaults", - "egd_socket", NULL); - if (p != NULL) - RAND_egd_bytes(p, ENTROPY_NEEDED); - krb5_free_context(context); - } - } - - if (RAND_status() == 1) { - /* Update the seed file */ - if (seedfile[0]) - RAND_write_file(seedfile); - - return 0; - } else - return -1; -} - -void KRB5_LIB_FUNCTION -krb5_generate_random_block(void *buf, size_t len) -{ - static int rng_initialized = 0; - - HEIMDAL_MUTEX_lock(&crypto_mutex); - if (!rng_initialized) { - if (seed_something()) - krb5_abortx(NULL, "Fatal: could not seed the " - "random number generator"); - - rng_initialized = 1; - } - HEIMDAL_MUTEX_unlock(&crypto_mutex); - if (RAND_bytes(buf, len) != 1) - krb5_abortx(NULL, "Failed to generate random block"); -} - -static void -DES3_postproc(krb5_context context, - unsigned char *k, size_t len, struct key_data *key) -{ - DES3_random_to_key(context, key->key, k, len); - - if (key->schedule) { - krb5_free_data(context, key->schedule); - key->schedule = NULL; - } -} - -static krb5_error_code -derive_key(krb5_context context, - struct encryption_type *et, - struct key_data *key, - const void *constant, - size_t len) -{ - unsigned char *k; + unsigned char *k = NULL; unsigned int nblocks = 0, i; krb5_error_code ret = 0; - struct key_type *kt = et->keytype; + struct _krb5_key_type *kt = et->keytype; ret = _key_schedule(context, key); if(ret) @@ -3547,18 +1851,19 @@ derive_key(krb5_context context, nblocks = (kt->bits + et->blocksize * 8 - 1) / (et->blocksize * 8); k = malloc(nblocks * et->blocksize); if(k == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; + ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + goto out; } ret = _krb5_n_fold(constant, len, k, et->blocksize); if (ret) { - free(k); - krb5_set_error_string(context, "out of memory"); - return ret; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + goto out; } + for(i = 0; i < nblocks; i++) { if(i > 0) - memcpy(k + i * et->blocksize, + memcpy(k + i * et->blocksize, k + (i - 1) * et->blocksize, et->blocksize); (*et->encrypt)(context, key, k + i * et->blocksize, et->blocksize, @@ -3570,55 +1875,59 @@ derive_key(krb5_context context, size_t res_len = (kt->bits + 7) / 8; if(len != 0 && c == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; + ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + goto out; } memcpy(c, constant, len); (*et->encrypt)(context, key, c, len, 1, 0, NULL); k = malloc(res_len); if(res_len != 0 && k == NULL) { free(c); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; + ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + goto out; } ret = _krb5_n_fold(c, len, k, res_len); - if (ret) { - free(k); - krb5_set_error_string(context, "out of memory"); - return ret; - } free(c); + if (ret) { + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + goto out; + } } - + /* XXX keytype dependent post-processing */ switch(kt->type) { - case KEYTYPE_DES3: - DES3_postproc(context, k, nblocks * et->blocksize, key); + case ETYPE_OLD_DES3_CBC_SHA1: + _krb5_DES3_random_to_key(context, key->key, k, nblocks * et->blocksize); break; - case KEYTYPE_AES128: - case KEYTYPE_AES256: + case ENCTYPE_AES128_CTS_HMAC_SHA1_96: + case ENCTYPE_AES256_CTS_HMAC_SHA1_96: memcpy(key->key->keyvalue.data, k, key->key->keyvalue.length); break; default: - krb5_set_error_string(context, - "derive_key() called with unknown keytype (%u)", - kt->type); ret = KRB5_CRYPTO_INTERNAL; + krb5_set_error_message(context, ret, + N_("derive_key() called with unknown keytype (%u)", ""), + kt->type); break; } + out: if (key->schedule) { - krb5_free_data(context, key->schedule); + free_key_schedule(context, key, et); key->schedule = NULL; } - memset(k, 0, nblocks * et->blocksize); - free(k); + if (k) { + memset(k, 0, nblocks * et->blocksize); + free(k); + } return ret; } -static struct key_data * +static struct _krb5_key_data * _new_derived_key(krb5_crypto crypto, unsigned usage) { - struct key_usage *d = crypto->key_usage; + struct _krb5_key_usage *d = crypto->key_usage; d = realloc(d, (crypto->num_key_usage + 1) * sizeof(*d)); if(d == NULL) return NULL; @@ -3629,7 +1938,7 @@ _new_derived_key(krb5_crypto crypto, unsigned usage) return &d->key; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_derive_key(krb5_context context, const krb5_keyblock *key, krb5_enctype etype, @@ -3638,15 +1947,16 @@ krb5_derive_key(krb5_context context, krb5_keyblock **derived_key) { krb5_error_code ret; - struct encryption_type *et; - struct key_data d; + struct _krb5_encryption_type *et; + struct _krb5_key_data d; *derived_key = NULL; - et = _find_enctype (etype); + et = _krb5_find_enctype (etype); if (et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - etype); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + etype); return KRB5_PROG_ETYPE_NOSUPP; } @@ -3655,21 +1965,21 @@ krb5_derive_key(krb5_context context, return ret; d.schedule = NULL; - ret = derive_key(context, et, &d, constant, constant_len); + ret = _krb5_derive_key(context, et, &d, constant, constant_len); if (ret == 0) ret = krb5_copy_keyblock(context, d.key, derived_key); - free_key_data(context, &d); + _krb5_free_key_data(context, &d, et); return ret; } static krb5_error_code -_get_derived_key(krb5_context context, - krb5_crypto crypto, - unsigned usage, - struct key_data **key) +_get_derived_key(krb5_context context, + krb5_crypto crypto, + unsigned usage, + struct _krb5_key_data **key) { int i; - struct key_data *d; + struct _krb5_key_data *d; unsigned char constant[5]; for(i = 0; i < crypto->num_key_usage; i++) @@ -3679,18 +1989,35 @@ _get_derived_key(krb5_context context, } d = _new_derived_key(crypto, usage); if(d == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } krb5_copy_keyblock(context, crypto->key.key, &d->key); _krb5_put_int(constant, usage, 5); - derive_key(context, crypto->et, d, constant, sizeof(constant)); + _krb5_derive_key(context, crypto->et, d, constant, sizeof(constant)); *key = d; return 0; } +/** + * Create a crypto context used for all encryption and signature + * operation. The encryption type to use is taken from the key, but + * can be overridden with the enctype parameter. This can be useful + * for encryptions types which is compatiable (DES for example). + * + * To free the crypto context, use krb5_crypto_destroy(). + * + * @param context Kerberos context + * @param key the key block information with all key data + * @param etype the encryption type + * @param crypto the resulting crypto context + * + * @return Return an error code or 0. + * + * @ingroup krb5_crypto + */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_init(krb5_context context, const krb5_keyblock *key, krb5_enctype etype, @@ -3699,23 +2026,25 @@ krb5_crypto_init(krb5_context context, krb5_error_code ret; ALLOC(*crypto, 1); if(*crypto == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } if(etype == ETYPE_NULL) etype = key->keytype; - (*crypto)->et = _find_enctype(etype); + (*crypto)->et = _krb5_find_enctype(etype); if((*crypto)->et == NULL || ((*crypto)->et->flags & F_DISABLED)) { free(*crypto); *crypto = NULL; - krb5_set_error_string (context, "encryption type %d not supported", - etype); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + etype); return KRB5_PROG_ETYPE_NOSUPP; } if((*crypto)->et->keytype->size != key->keyvalue.length) { free(*crypto); *crypto = NULL; - krb5_set_error_string (context, "encryption key has bad length"); + krb5_set_error_message (context, KRB5_BAD_KEYSIZE, + "encryption key has bad length"); return KRB5_BAD_KEYSIZE; } ret = krb5_copy_keyblock(context, key, &(*crypto)->key.key); @@ -3731,36 +2060,72 @@ krb5_crypto_init(krb5_context context, } static void -free_key_data(krb5_context context, struct key_data *key) +free_key_schedule(krb5_context context, + struct _krb5_key_data *key, + struct _krb5_encryption_type *et) +{ + if (et->keytype->cleanup) + (*et->keytype->cleanup)(context, key); + memset(key->schedule->data, 0, key->schedule->length); + krb5_free_data(context, key->schedule); +} + +void +_krb5_free_key_data(krb5_context context, struct _krb5_key_data *key, + struct _krb5_encryption_type *et) { krb5_free_keyblock(context, key->key); if(key->schedule) { - memset(key->schedule->data, 0, key->schedule->length); - krb5_free_data(context, key->schedule); + free_key_schedule(context, key, et); + key->schedule = NULL; } } static void -free_key_usage(krb5_context context, struct key_usage *ku) +free_key_usage(krb5_context context, struct _krb5_key_usage *ku, + struct _krb5_encryption_type *et) { - free_key_data(context, &ku->key); + _krb5_free_key_data(context, &ku->key, et); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Free a crypto context created by krb5_crypto_init(). + * + * @param context Kerberos context + * @param crypto crypto context to free + * + * @return Return an error code or 0. + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_destroy(krb5_context context, krb5_crypto crypto) { int i; - + for(i = 0; i < crypto->num_key_usage; i++) - free_key_usage(context, &crypto->key_usage[i]); + free_key_usage(context, &crypto->key_usage[i], crypto->et); free(crypto->key_usage); - free_key_data(context, &crypto->key); + _krb5_free_key_data(context, &crypto->key, crypto->et); free (crypto); return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Return the blocksize used algorithm referenced by the crypto context + * + * @param context Kerberos context + * @param crypto crypto context to query + * @param blocksize the resulting blocksize + * + * @return Return an error code or 0. + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getblocksize(krb5_context context, krb5_crypto crypto, size_t *blocksize) @@ -3769,25 +2134,61 @@ krb5_crypto_getblocksize(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Return the encryption type used by the crypto context + * + * @param context Kerberos context + * @param crypto crypto context to query + * @param enctype the resulting encryption type + * + * @return Return an error code or 0. + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getenctype(krb5_context context, krb5_crypto crypto, krb5_enctype *enctype) { *enctype = crypto->et->type; - return 0; + return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Return the padding size used by the crypto context + * + * @param context Kerberos context + * @param crypto crypto context to query + * @param padsize the return padding size + * + * @return Return an error code or 0. + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getpadsize(krb5_context context, krb5_crypto crypto, - size_t *padsize) + size_t *padsize) { *padsize = crypto->et->padsize; return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Return the confounder size used by the crypto context + * + * @param context Kerberos context + * @param crypto crypto context to query + * @param confoundersize the returned confounder size + * + * @return Return an error code or 0. + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getconfoundersize(krb5_context context, krb5_crypto crypto, size_t *confoundersize) @@ -3796,76 +2197,86 @@ krb5_crypto_getconfoundersize(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION + +/** + * Disable encryption type + * + * @param context Kerberos 5 context + * @param enctype encryption type to disable + * + * @return Return an error code or 0. + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_disable(krb5_context context, krb5_enctype enctype) { - struct encryption_type *et = _find_enctype(enctype); + struct _krb5_encryption_type *et = _krb5_find_enctype(enctype); if(et == NULL) { if (context) - krb5_set_error_string (context, "encryption type %d not supported", - enctype); + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + enctype); return KRB5_PROG_ETYPE_NOSUPP; } et->flags |= F_DISABLED; return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_derived(krb5_context context, - const void *str, - size_t len, - krb5_enctype etype, - krb5_keyblock *key) -{ - struct encryption_type *et = _find_enctype(etype); - krb5_error_code ret; - struct key_data kd; - size_t keylen; - u_char *tmp; +/** + * Enable encryption type + * + * @param context Kerberos 5 context + * @param enctype encryption type to enable + * + * @return Return an error code or 0. + * + * @ingroup krb5_crypto + */ +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_enctype_enable(krb5_context context, + krb5_enctype enctype) +{ + struct _krb5_encryption_type *et = _krb5_find_enctype(enctype); if(et == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); + if (context) + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + enctype); return KRB5_PROG_ETYPE_NOSUPP; } - keylen = et->keytype->bits / 8; + et->flags &= ~F_DISABLED; + return 0; +} - ALLOC(kd.key, 1); - if(kd.key == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); - if(ret) { - free(kd.key); - return ret; - } - kd.key->keytype = etype; - tmp = malloc (keylen); - if(tmp == NULL) { - krb5_free_keyblock(context, kd.key); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - ret = _krb5_n_fold(str, len, tmp, keylen); - if (ret) { - free(tmp); - krb5_set_error_string(context, "out of memory"); - return ret; - } - kd.schedule = NULL; - DES3_postproc (context, tmp, keylen, &kd); /* XXX */ - memset(tmp, 0, keylen); - free(tmp); - ret = derive_key(context, - et, - &kd, - "kerberos", /* XXX well known constant */ - strlen("kerberos")); - ret = krb5_copy_keyblock_contents(context, kd.key, key); - free_key_data(context, &kd); - return ret; +/** + * Enable or disable all weak encryption types + * + * @param context Kerberos 5 context + * @param enable true to enable, false to disable + * + * @return Return an error code or 0. + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_allow_weak_crypto(krb5_context context, + krb5_boolean enable) +{ + int i; + + for(i = 0; i < _krb5_num_etypes; i++) + if(_krb5_etypes[i]->flags & F_WEAK) { + if(enable) + _krb5_etypes[i]->flags &= ~F_DISABLED; + else + _krb5_etypes[i]->flags |= F_DISABLED; + } + return 0; } static size_t @@ -3873,7 +2284,7 @@ wrapped_length (krb5_context context, krb5_crypto crypto, size_t data_len) { - struct encryption_type *et = crypto->et; + struct _krb5_encryption_type *et = crypto->et; size_t padsize = et->padsize; size_t checksumsize = CHECKSUMSIZE(et->checksum); size_t res; @@ -3888,7 +2299,7 @@ wrapped_length_dervied (krb5_context context, krb5_crypto crypto, size_t data_len) { - struct encryption_type *et = crypto->et; + struct _krb5_encryption_type *et = crypto->et; size_t padsize = et->padsize; size_t res; @@ -3905,7 +2316,7 @@ wrapped_length_dervied (krb5_context context, * Return the size of an encrypted packet of length `data_len' */ -size_t +KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL krb5_get_wrapped_length (krb5_context context, krb5_crypto crypto, size_t data_len) @@ -3924,7 +2335,7 @@ static size_t crypto_overhead (krb5_context context, krb5_crypto crypto) { - struct encryption_type *et = crypto->et; + struct _krb5_encryption_type *et = crypto->et; size_t res; res = CHECKSUMSIZE(et->checksum); @@ -3938,7 +2349,7 @@ static size_t crypto_overhead_dervied (krb5_context context, krb5_crypto crypto) { - struct encryption_type *et = crypto->et; + struct _krb5_encryption_type *et = crypto->et; size_t res; if (et->keyed_checksum) @@ -3951,7 +2362,7 @@ crypto_overhead_dervied (krb5_context context, return res; } -size_t +KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL krb5_crypto_overhead (krb5_context context, krb5_crypto crypto) { if (derived_crypto (context, crypto)) @@ -3960,7 +2371,24 @@ krb5_crypto_overhead (krb5_context context, krb5_crypto crypto) return crypto_overhead (context, crypto); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Converts the random bytestring to a protocol key according to + * Kerberos crypto frame work. It may be assumed that all the bits of + * the input string are equally random, even though the entropy + * present in the random source may be limited. + * + * @param context Kerberos 5 context + * @param type the enctype resulting key will be of + * @param data input random data to convert to a key + * @param size size of input random data, at least krb5_enctype_keysize() long + * @param key key, output key, free with krb5_free_keyblock_contents() + * + * @return Return an error code or 0. + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_random_to_key(krb5_context context, krb5_enctype type, const void *data, @@ -3968,20 +2396,23 @@ krb5_random_to_key(krb5_context context, krb5_keyblock *key) { krb5_error_code ret; - struct encryption_type *et = _find_enctype(type); + struct _krb5_encryption_type *et = _krb5_find_enctype(type); if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + type); return KRB5_PROG_ETYPE_NOSUPP; } if ((et->keytype->bits + 7) / 8 > size) { - krb5_set_error_string(context, "encryption key %s needs %d bytes " - "of random to make an encryption key out of it", - et->name, (int)et->keytype->size); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption key %s needs %d bytes " + "of random to make an encryption key " + "out of it", ""), + et->name, (int)et->keytype->size); return KRB5_PROG_ETYPE_NOSUPP; } ret = krb5_data_alloc(&key->keyvalue, et->keytype->size); - if(ret) + if(ret) return ret; key->keytype = type; if (et->keytype->random_to_key) @@ -3992,74 +2423,19 @@ krb5_random_to_key(krb5_context context, return 0; } -krb5_error_code -_krb5_pk_octetstring2key(krb5_context context, - krb5_enctype type, - const void *dhdata, - size_t dhsize, - const heim_octet_string *c_n, - const heim_octet_string *k_n, - krb5_keyblock *key) -{ - struct encryption_type *et = _find_enctype(type); - krb5_error_code ret; - size_t keylen, offset; - void *keydata; - unsigned char counter; - unsigned char shaoutput[20]; - if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); - return KRB5_PROG_ETYPE_NOSUPP; - } - keylen = (et->keytype->bits + 7) / 8; - keydata = malloc(keylen); - if (keydata == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - counter = 0; - offset = 0; - do { - SHA_CTX m; - - SHA1_Init(&m); - SHA1_Update(&m, &counter, 1); - SHA1_Update(&m, dhdata, dhsize); - if (c_n) - SHA1_Update(&m, c_n->data, c_n->length); - if (k_n) - SHA1_Update(&m, k_n->data, k_n->length); - SHA1_Final(shaoutput, &m); - - memcpy((unsigned char *)keydata + offset, - shaoutput, - min(keylen - offset, sizeof(shaoutput))); - - offset += sizeof(shaoutput); - counter++; - } while(offset < keylen); - memset(shaoutput, 0, sizeof(shaoutput)); - - ret = krb5_random_to_key(context, type, keydata, keylen, key); - memset(keydata, 0, sizeof(keylen)); - free(keydata); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_prf_length(krb5_context context, krb5_enctype type, size_t *length) { - struct encryption_type *et = _find_enctype(type); + struct _krb5_encryption_type *et = _krb5_find_enctype(type); if(et == NULL || et->prf_length == 0) { - krb5_set_error_string(context, "encryption type %d not supported", - type); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + type); return KRB5_PROG_ETYPE_NOSUPP; } @@ -4067,126 +2443,207 @@ krb5_crypto_prf_length(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_prf(krb5_context context, const krb5_crypto crypto, - const krb5_data *input, + const krb5_data *input, krb5_data *output) { - struct encryption_type *et = crypto->et; + struct _krb5_encryption_type *et = crypto->et; krb5_data_zero(output); if(et->prf == NULL) { - krb5_set_error_string(context, "kerberos prf for %s not supported", - et->name); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "kerberos prf for %s not supported", + et->name); return KRB5_PROG_ETYPE_NOSUPP; } return (*et->prf)(context, crypto, input, output); } - - - - -#ifdef CRYPTO_DEBUG static krb5_error_code -krb5_get_keyid(krb5_context context, - krb5_keyblock *key, - uint32_t *keyid) +krb5_crypto_prfplus(krb5_context context, + const krb5_crypto crypto, + const krb5_data *input, + size_t length, + krb5_data *output) { - MD5_CTX md5; - unsigned char tmp[16]; - - MD5_Init (&md5); - MD5_Update (&md5, key->keyvalue.data, key->keyvalue.length); - MD5_Final (tmp, &md5); - *keyid = (tmp[12] << 24) | (tmp[13] << 16) | (tmp[14] << 8) | tmp[15]; - return 0; -} - -static void -krb5_crypto_debug(krb5_context context, - int encryptp, - size_t len, - krb5_keyblock *key) -{ - uint32_t keyid; - char *kt; - krb5_get_keyid(context, key, &keyid); - krb5_enctype_to_string(context, key->keytype, &kt); - krb5_warnx(context, "%s %lu bytes with key-id %#x (%s)", - encryptp ? "encrypting" : "decrypting", - (unsigned long)len, - keyid, - kt); - free(kt); -} - -#endif /* CRYPTO_DEBUG */ - -#if 0 -int -main() -{ -#if 0 - int i; - krb5_context context; - krb5_crypto crypto; - struct key_data *d; - krb5_keyblock key; - char constant[4]; - unsigned usage = ENCRYPTION_USAGE(3); krb5_error_code ret; + krb5_data input2; + unsigned char i = 1; + unsigned char *p; - ret = krb5_init_context(&context); + krb5_data_zero(&input2); + krb5_data_zero(output); + + krb5_clear_error_message(context); + + ret = krb5_data_alloc(output, length); + if (ret) goto out; + ret = krb5_data_alloc(&input2, input->length + 1); + if (ret) goto out; + + krb5_clear_error_message(context); + + memcpy(((unsigned char *)input2.data) + 1, input->data, input->length); + + p = output->data; + + while (length) { + krb5_data block; + + ((unsigned char *)input2.data)[0] = i++; + + ret = krb5_crypto_prf(context, crypto, &input2, &block); + if (ret) + goto out; + + if (block.length < length) { + memcpy(p, block.data, block.length); + length -= block.length; + } else { + memcpy(p, block.data, length); + length = 0; + } + p += block.length; + krb5_data_free(&block); + } + + out: + krb5_data_free(&input2); if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - key.keytype = ETYPE_NEW_DES3_CBC_SHA1; - key.keyvalue.data = "\xb3\x85\x58\x94\xd9\xdc\x7c\xc8" - "\x25\xe9\x85\xab\x3e\xb5\xfb\x0e" - "\xc8\xdf\xab\x26\x86\x64\x15\x25"; - key.keyvalue.length = 24; - - krb5_crypto_init(context, &key, 0, &crypto); - - d = _new_derived_key(crypto, usage); - if(d == NULL) - krb5_errx(context, 1, "_new_derived_key failed"); - krb5_copy_keyblock(context, crypto->key.key, &d->key); - _krb5_put_int(constant, usage, 4); - derive_key(context, crypto->et, d, constant, sizeof(constant)); + krb5_data_free(output); return 0; -#else - int i; - krb5_context context; - krb5_crypto crypto; - struct key_data *d; - krb5_keyblock key; - krb5_error_code ret; - Checksum res; - - char *data = "what do ya want for nothing?"; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - key.keytype = ETYPE_NEW_DES3_CBC_SHA1; - key.keyvalue.data = "Jefe"; - /* "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" - "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; */ - key.keyvalue.length = 4; - - d = ecalloc(1, sizeof(*d)); - d->key = &key; - res.checksum.length = 20; - res.checksum.data = emalloc(res.checksum.length); - SP_HMAC_SHA1_checksum(context, d, data, 28, &res); - - return 0; -#endif } -#endif + +/** + * The FX-CF2 key derivation function, used in FAST and preauth framework. + * + * @param context Kerberos 5 context + * @param crypto1 first key to combine + * @param crypto2 second key to combine + * @param pepper1 factor to combine with first key to garante uniqueness + * @param pepper2 factor to combine with second key to garante uniqueness + * @param enctype the encryption type of the resulting key + * @param res allocated key, free with krb5_free_keyblock_contents() + * + * @return Return an error code or 0. + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_crypto_fx_cf2(krb5_context context, + const krb5_crypto crypto1, + const krb5_crypto crypto2, + krb5_data *pepper1, + krb5_data *pepper2, + krb5_enctype enctype, + krb5_keyblock *res) +{ + krb5_error_code ret; + krb5_data os1, os2; + size_t i, keysize; + + memset(res, 0, sizeof(*res)); + + ret = krb5_enctype_keysize(context, enctype, &keysize); + if (ret) + return ret; + + ret = krb5_data_alloc(&res->keyvalue, keysize); + if (ret) + goto out; + ret = krb5_crypto_prfplus(context, crypto1, pepper1, keysize, &os1); + if (ret) + goto out; + ret = krb5_crypto_prfplus(context, crypto2, pepper2, keysize, &os2); + if (ret) + goto out; + + res->keytype = enctype; + { + unsigned char *p1 = os1.data, *p2 = os2.data, *p3 = res->keyvalue.data; + for (i = 0; i < keysize; i++) + p3[i] = p1[i] ^ p2[i]; + } + out: + if (ret) + krb5_data_free(&res->keyvalue); + krb5_data_free(&os1); + krb5_data_free(&os2); + + return ret; +} + + + +#ifndef HEIMDAL_SMALLER + +/** + * Deprecated: keytypes doesn't exists, they are really enctypes. + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_keytype_to_enctypes (krb5_context context, + krb5_keytype keytype, + unsigned *len, + krb5_enctype **val) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + int i; + unsigned n = 0; + krb5_enctype *ret; + + for (i = _krb5_num_etypes - 1; i >= 0; --i) { + if (_krb5_etypes[i]->keytype->type == keytype + && !(_krb5_etypes[i]->flags & F_PSEUDO) + && krb5_enctype_valid(context, _krb5_etypes[i]->type) == 0) + ++n; + } + if (n == 0) { + krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP, + "Keytype have no mapping"); + return KRB5_PROG_KEYTYPE_NOSUPP; + } + + ret = malloc(n * sizeof(*ret)); + if (ret == NULL && n != 0) { + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + n = 0; + for (i = _krb5_num_etypes - 1; i >= 0; --i) { + if (_krb5_etypes[i]->keytype->type == keytype + && !(_krb5_etypes[i]->flags & F_PSEUDO) + && krb5_enctype_valid(context, _krb5_etypes[i]->type) == 0) + ret[n++] = _krb5_etypes[i]->type; + } + *len = n; + *val = ret; + return 0; +} + +/** + * Deprecated: keytypes doesn't exists, they are really enctypes. + * + * @ingroup krb5_deprecated + */ + +/* if two enctypes have compatible keys */ +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_enctypes_compatible_keys(krb5_context context, + krb5_enctype etype1, + krb5_enctype etype2) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + struct _krb5_encryption_type *e1 = _krb5_find_enctype(etype1); + struct _krb5_encryption_type *e2 = _krb5_find_enctype(etype2); + return e1 != NULL && e2 != NULL && e1->keytype == e2->keytype; +} + +#endif /* HEIMDAL_SMALLER */ diff --git a/lib/krb5/crypto.h b/lib/krb5/crypto.h new file mode 100644 index 000000000000..9b95b8f0cbcc --- /dev/null +++ b/lib/krb5/crypto.h @@ -0,0 +1,179 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef HEIMDAL_SMALLER +#define DES3_OLD_ENCTYPE 1 +#endif + +struct _krb5_key_data { + krb5_keyblock *key; + krb5_data *schedule; +}; + +struct _krb5_key_usage; + +struct krb5_crypto_data { + struct _krb5_encryption_type *et; + struct _krb5_key_data key; + int num_key_usage; + struct _krb5_key_usage *key_usage; +}; + +#define CRYPTO_ETYPE(C) ((C)->et->type) + +/* bits for `flags' below */ +#define F_KEYED 1 /* checksum is keyed */ +#define F_CPROOF 2 /* checksum is collision proof */ +#define F_DERIVED 4 /* uses derived keys */ +#define F_VARIANT 8 /* uses `variant' keys (6.4.3) */ +#define F_PSEUDO 16 /* not a real protocol type */ +#define F_SPECIAL 32 /* backwards */ +#define F_DISABLED 64 /* enctype/checksum disabled */ +#define F_WEAK 128 /* enctype is considered weak */ + +struct salt_type { + krb5_salttype type; + const char *name; + krb5_error_code (*string_to_key)(krb5_context, krb5_enctype, krb5_data, + krb5_salt, krb5_data, krb5_keyblock*); +}; + +struct _krb5_key_type { + krb5_enctype type; + const char *name; + size_t bits; + size_t size; + size_t schedule_size; + void (*random_key)(krb5_context, krb5_keyblock*); + void (*schedule)(krb5_context, struct _krb5_key_type *, struct _krb5_key_data *); + struct salt_type *string_to_key; + void (*random_to_key)(krb5_context, krb5_keyblock*, const void*, size_t); + void (*cleanup)(krb5_context, struct _krb5_key_data *); + const EVP_CIPHER *(*evp)(void); +}; + +struct _krb5_checksum_type { + krb5_cksumtype type; + const char *name; + size_t blocksize; + size_t checksumsize; + unsigned flags; + krb5_error_code (*checksum)(krb5_context context, + struct _krb5_key_data *key, + const void *buf, size_t len, + unsigned usage, + Checksum *csum); + krb5_error_code (*verify)(krb5_context context, + struct _krb5_key_data *key, + const void *buf, size_t len, + unsigned usage, + Checksum *csum); +}; + +struct _krb5_encryption_type { + krb5_enctype type; + const char *name; + size_t blocksize; + size_t padsize; + size_t confoundersize; + struct _krb5_key_type *keytype; + struct _krb5_checksum_type *checksum; + struct _krb5_checksum_type *keyed_checksum; + unsigned flags; + krb5_error_code (*encrypt)(krb5_context context, + struct _krb5_key_data *key, + void *data, size_t len, + krb5_boolean encryptp, + int usage, + void *ivec); + size_t prf_length; + krb5_error_code (*prf)(krb5_context, + krb5_crypto, const krb5_data *, krb5_data *); +}; + +#define ENCRYPTION_USAGE(U) (((U) << 8) | 0xAA) +#define INTEGRITY_USAGE(U) (((U) << 8) | 0x55) +#define CHECKSUM_USAGE(U) (((U) << 8) | 0x99) + +/* Checksums */ + +extern struct _krb5_checksum_type _krb5_checksum_none; +extern struct _krb5_checksum_type _krb5_checksum_crc32; +extern struct _krb5_checksum_type _krb5_checksum_rsa_md4; +extern struct _krb5_checksum_type _krb5_checksum_rsa_md4_des; +extern struct _krb5_checksum_type _krb5_checksum_rsa_md5_des; +extern struct _krb5_checksum_type _krb5_checksum_rsa_md5_des3; +extern struct _krb5_checksum_type _krb5_checksum_rsa_md5; +extern struct _krb5_checksum_type _krb5_checksum_hmac_sha1_des3; +extern struct _krb5_checksum_type _krb5_checksum_hmac_sha1_aes128; +extern struct _krb5_checksum_type _krb5_checksum_hmac_sha1_aes256; +extern struct _krb5_checksum_type _krb5_checksum_hmac_md5; +extern struct _krb5_checksum_type _krb5_checksum_sha1; + +extern struct _krb5_checksum_type *_krb5_checksum_types[]; +extern int _krb5_num_checksums; + +/* Salts */ + +extern struct salt_type _krb5_AES_salt[]; +extern struct salt_type _krb5_arcfour_salt[]; +extern struct salt_type _krb5_des_salt[]; +extern struct salt_type _krb5_des3_salt[]; +extern struct salt_type _krb5_des3_salt_derived[]; + +/* Encryption types */ + +extern struct _krb5_encryption_type _krb5_enctype_aes256_cts_hmac_sha1; +extern struct _krb5_encryption_type _krb5_enctype_aes128_cts_hmac_sha1; +extern struct _krb5_encryption_type _krb5_enctype_des3_cbc_sha1; +extern struct _krb5_encryption_type _krb5_enctype_des3_cbc_md5; +extern struct _krb5_encryption_type _krb5_enctype_des3_cbc_none; +extern struct _krb5_encryption_type _krb5_enctype_arcfour_hmac_md5; +extern struct _krb5_encryption_type _krb5_enctype_des_cbc_md5; +extern struct _krb5_encryption_type _krb5_enctype_old_des3_cbc_sha1; +extern struct _krb5_encryption_type _krb5_enctype_des_cbc_crc; +extern struct _krb5_encryption_type _krb5_enctype_des_cbc_md4; +extern struct _krb5_encryption_type _krb5_enctype_des_cbc_md5; +extern struct _krb5_encryption_type _krb5_enctype_des_cbc_none; +extern struct _krb5_encryption_type _krb5_enctype_des_cfb64_none; +extern struct _krb5_encryption_type _krb5_enctype_des_pcbc_none; +extern struct _krb5_encryption_type _krb5_enctype_null; + +extern struct _krb5_encryption_type *_krb5_etypes[]; +extern int _krb5_num_etypes; + +/* Interface to the EVP crypto layer provided by hcrypto */ +struct _krb5_evp_schedule { + EVP_CIPHER_CTX ectx; + EVP_CIPHER_CTX dctx; +}; diff --git a/lib/krb5/data.c b/lib/krb5/data.c index eda1a8b2598b..f62a5532ab60 100644 --- a/lib/krb5/data.c +++ b/lib/krb5/data.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: data.c 22064 2007-11-11 16:28:14Z lha $"); - /** * Reset the (potentially uninitalized) krb5_data structure. * @@ -43,7 +41,7 @@ RCSID("$Id: data.c 22064 2007-11-11 16:28:14Z lha $"); * @ingroup krb5 */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_data_zero(krb5_data *p) { p->length = 0; @@ -52,14 +50,16 @@ krb5_data_zero(krb5_data *p) /** * Free the content of krb5_data structure, its ok to free a zeroed - * structure. When done, the structure will be zeroed. - * + * structure (with memset() or krb5_data_zero()). When done, the + * structure will be zeroed. The same function is called + * krb5_free_data_contents() in MIT Kerberos. + * * @param p krb5_data to free. * * @ingroup krb5 */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_data_free(krb5_data *p) { if(p->data != NULL) @@ -67,31 +67,16 @@ krb5_data_free(krb5_data *p) krb5_data_zero(p); } -/** - * Same as krb5_data_free(). - * - * @param context Kerberos 5 context. - * @param data krb5_data to free. - * - * @ingroup krb5 - */ - -void KRB5_LIB_FUNCTION -krb5_free_data_contents(krb5_context context, krb5_data *data) -{ - krb5_data_free(data); -} - /** * Free krb5_data (and its content). - * + * * @param context Kerberos 5 context. * @param p krb5_data to free. * * @ingroup krb5 */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_data(krb5_context context, krb5_data *p) { @@ -101,8 +86,8 @@ krb5_free_data(krb5_context context, /** * Allocate data of and krb5_data. - * - * @param p krb5_data to free. + * + * @param p krb5_data to allocate. * @param len size to allocate. * * @return Returns 0 to indicate success. Otherwise an kerberos et @@ -111,7 +96,7 @@ krb5_free_data(krb5_context context, * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_data_alloc(krb5_data *p, int len) { p->data = malloc(len); @@ -123,7 +108,7 @@ krb5_data_alloc(krb5_data *p, int len) /** * Grow (or shrink) the content of krb5_data to a new size. - * + * * @param p krb5_data to free. * @param len new size. * @@ -133,7 +118,7 @@ krb5_data_alloc(krb5_data *p, int len) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_data_realloc(krb5_data *p, int len) { void *tmp; @@ -147,7 +132,7 @@ krb5_data_realloc(krb5_data *p, int len) /** * Copy the data of len into the krb5_data. - * + * * @param p krb5_data to copy into. * @param data data to copy.. * @param len new size. @@ -158,7 +143,7 @@ krb5_data_realloc(krb5_data *p, int len) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_data_copy(krb5_data *p, const void *data, size_t len) { if (len) { @@ -173,7 +158,7 @@ krb5_data_copy(krb5_data *p, const void *data, size_t len) /** * Copy the data into a newly allocated krb5_data. - * + * * @param context Kerberos 5 context. * @param indata the krb5_data data to copy * @param outdata new krb5_date to copy too. Free with krb5_free_data(). @@ -184,20 +169,20 @@ krb5_data_copy(krb5_data *p, const void *data, size_t len) * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_data(krb5_context context, - const krb5_data *indata, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_copy_data(krb5_context context, + const krb5_data *indata, krb5_data **outdata) { krb5_error_code ret; ALLOC(*outdata, 1); if(*outdata == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } ret = der_copy_octet_string(indata, *outdata); if(ret) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); free(*outdata); *outdata = NULL; } @@ -206,7 +191,7 @@ krb5_copy_data(krb5_context context, /** * Compare to data. - * + * * @param data1 krb5_data to compare * @param data2 krb5_data to compare * @@ -215,10 +200,29 @@ krb5_copy_data(krb5_context context, * @ingroup krb5 */ -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_data_cmp(const krb5_data *data1, const krb5_data *data2) { if (data1->length != data2->length) return data1->length - data2->length; return memcmp(data1->data, data2->data, data1->length); } + +/** + * Compare to data not exposing timing information from the checksum data + * + * @param data1 krb5_data to compare + * @param data2 krb5_data to compare + * + * @return returns zero for same data, otherwise non zero. + * + * @ingroup krb5 + */ + +KRB5_LIB_FUNCTION int KRB5_LIB_CALL +krb5_data_ct_cmp(const krb5_data *data1, const krb5_data *data2) +{ + if (data1->length != data2->length) + return data1->length - data2->length; + return ct_memcmp(data1->data, data2->data, data1->length); +} diff --git a/lib/krb5/deprecated.c b/lib/krb5/deprecated.c new file mode 100644 index 000000000000..1d44d21b1706 --- /dev/null +++ b/lib/krb5/deprecated.c @@ -0,0 +1,609 @@ +/* + * Copyright (c) 1997 - 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +#undef __attribute__ +#define __attribute__(x) + +#ifndef HEIMDAL_SMALLER + +/** + * Same as krb5_data_free(). MIT compat. + * + * Deprecated: use krb5_data_free(). + * + * @param context Kerberos 5 context. + * @param data krb5_data to free. + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_free_data_contents(krb5_context context, krb5_data *data) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + krb5_data_free(data); +} + +/** + * Deprecated: keytypes doesn't exists, they are really enctypes. + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_keytype_to_enctypes_default (krb5_context context, + krb5_keytype keytype, + unsigned *len, + krb5_enctype **val) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + unsigned int i, n; + krb5_enctype *ret; + + if (keytype != KEYTYPE_DES || context->etypes_des == NULL) + return krb5_keytype_to_enctypes (context, keytype, len, val); + + for (n = 0; context->etypes_des[n]; ++n) + ; + ret = malloc (n * sizeof(*ret)); + if (ret == NULL && n != 0) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + for (i = 0; i < n; ++i) + ret[i] = context->etypes_des[i]; + *len = n; + *val = ret; + return 0; +} + + +static struct { + const char *name; + krb5_keytype type; +} keys[] = { + { "null", ENCTYPE_NULL }, + { "des", ETYPE_DES_CBC_CRC }, + { "des3", ETYPE_OLD_DES3_CBC_SHA1 }, + { "aes-128", ETYPE_AES128_CTS_HMAC_SHA1_96 }, + { "aes-256", ETYPE_AES256_CTS_HMAC_SHA1_96 }, + { "arcfour", ETYPE_ARCFOUR_HMAC_MD5 }, + { "arcfour-56", ETYPE_ARCFOUR_HMAC_MD5_56 } +}; + +static int num_keys = sizeof(keys) / sizeof(keys[0]); + +/** + * Deprecated: keytypes doesn't exists, they are really enctypes in + * most cases, use krb5_enctype_to_string(). + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_keytype_to_string(krb5_context context, + krb5_keytype keytype, + char **string) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + const char *name = NULL; + int i; + + for(i = 0; i < num_keys; i++) { + if(keys[i].type == keytype) { + name = keys[i].name; + break; + } + } + + if(i >= num_keys) { + krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP, + "key type %d not supported", keytype); + return KRB5_PROG_KEYTYPE_NOSUPP; + } + *string = strdup(name); + if(*string == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + return 0; +} + +/** + * Deprecated: keytypes doesn't exists, they are really enctypes in + * most cases, use krb5_string_to_enctype(). + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_string_to_keytype(krb5_context context, + const char *string, + krb5_keytype *keytype) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + char *end; + int i; + + for(i = 0; i < num_keys; i++) + if(strcasecmp(keys[i].name, string) == 0){ + *keytype = keys[i].type; + return 0; + } + + /* check if the enctype is a number */ + *keytype = strtol(string, &end, 0); + if(*end == '\0' && *keytype != 0) { + if (krb5_enctype_valid(context, *keytype) == 0) + return 0; + } + + krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP, + "key type %s not supported", string); + return KRB5_PROG_KEYTYPE_NOSUPP; +} + +/** + * Deprecated: use krb5_get_init_creds() and friends. + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV +krb5_password_key_proc (krb5_context context, + krb5_enctype type, + krb5_salt salt, + krb5_const_pointer keyseed, + krb5_keyblock **key) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + krb5_error_code ret; + const char *password = (const char *)keyseed; + char buf[BUFSIZ]; + + *key = malloc (sizeof (**key)); + if (*key == NULL) { + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + if (password == NULL) { + if(UI_UTIL_read_pw_string (buf, sizeof(buf), "Password: ", 0)) { + free (*key); + krb5_clear_error_message(context); + return KRB5_LIBOS_PWDINTR; + } + password = buf; + } + ret = krb5_string_to_key_salt (context, type, password, salt, *key); + memset (buf, 0, sizeof(buf)); + return ret; +} + +/** + * Deprecated: use krb5_get_init_creds() and friends. + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_in_tkt_with_password (krb5_context context, + krb5_flags options, + krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *pre_auth_types, + const char *password, + krb5_ccache ccache, + krb5_creds *creds, + krb5_kdc_rep *ret_as_reply) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + return krb5_get_in_tkt (context, + options, + addrs, + etypes, + pre_auth_types, + krb5_password_key_proc, + password, + NULL, + NULL, + creds, + ccache, + ret_as_reply); +} + +static krb5_error_code KRB5_CALLCONV +krb5_skey_key_proc (krb5_context context, + krb5_enctype type, + krb5_salt salt, + krb5_const_pointer keyseed, + krb5_keyblock **key) +{ + return krb5_copy_keyblock (context, keyseed, key); +} + +/** + * Deprecated: use krb5_get_init_creds() and friends. + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_in_tkt_with_skey (krb5_context context, + krb5_flags options, + krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *pre_auth_types, + const krb5_keyblock *key, + krb5_ccache ccache, + krb5_creds *creds, + krb5_kdc_rep *ret_as_reply) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + if(key == NULL) + return krb5_get_in_tkt_with_keytab (context, + options, + addrs, + etypes, + pre_auth_types, + NULL, + ccache, + creds, + ret_as_reply); + else + return krb5_get_in_tkt (context, + options, + addrs, + etypes, + pre_auth_types, + krb5_skey_key_proc, + key, + NULL, + NULL, + creds, + ccache, + ret_as_reply); +} + +/** + * Deprecated: use krb5_get_init_creds() and friends. + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV +krb5_keytab_key_proc (krb5_context context, + krb5_enctype enctype, + krb5_salt salt, + krb5_const_pointer keyseed, + krb5_keyblock **key) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + krb5_keytab_key_proc_args *args = rk_UNCONST(keyseed); + krb5_keytab keytab = args->keytab; + krb5_principal principal = args->principal; + krb5_error_code ret; + krb5_keytab real_keytab; + krb5_keytab_entry entry; + + if(keytab == NULL) + krb5_kt_default(context, &real_keytab); + else + real_keytab = keytab; + + ret = krb5_kt_get_entry (context, real_keytab, principal, + 0, enctype, &entry); + + if (keytab == NULL) + krb5_kt_close (context, real_keytab); + + if (ret) + return ret; + + ret = krb5_copy_keyblock (context, &entry.keyblock, key); + krb5_kt_free_entry(context, &entry); + return ret; +} + +/** + * Deprecated: use krb5_get_init_creds() and friends. + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_in_tkt_with_keytab (krb5_context context, + krb5_flags options, + krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *pre_auth_types, + krb5_keytab keytab, + krb5_ccache ccache, + krb5_creds *creds, + krb5_kdc_rep *ret_as_reply) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + krb5_keytab_key_proc_args a; + + a.principal = creds->client; + a.keytab = keytab; + + return krb5_get_in_tkt (context, + options, + addrs, + etypes, + pre_auth_types, + krb5_keytab_key_proc, + &a, + NULL, + NULL, + creds, + ccache, + ret_as_reply); +} + +/** + * Generate a new ccache of type `ops' in `id'. + * + * Deprecated: use krb5_cc_new_unique() instead. + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_ccache + */ + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_gen_new(krb5_context context, + const krb5_cc_ops *ops, + krb5_ccache *id) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + return krb5_cc_new_unique(context, ops->prefix, NULL, id); +} + +/** + * Deprecated: use krb5_principal_get_realm() + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_realm * KRB5_LIB_CALL +krb5_princ_realm(krb5_context context, + krb5_principal principal) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + return &principal->realm; +} + + +/** + * Deprecated: use krb5_principal_set_realm() + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_princ_set_realm(krb5_context context, + krb5_principal principal, + krb5_realm *realm) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + principal->realm = *realm; +} + +/** + * Deprecated: use krb5_free_cred_contents() + * + * @ingroup krb5_deprecated + */ + +/* keep this for compatibility with older code */ +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_free_creds_contents (krb5_context context, krb5_creds *c) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + return krb5_free_cred_contents (context, c); +} + +/** + * Free the error message returned by krb5_get_error_string(). + * + * Deprecated: use krb5_free_error_message() + * + * @param context Kerberos context + * @param str error message to free + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_free_error_string(krb5_context context, char *str) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + krb5_free_error_message(context, str); +} + +/** + * Set the error message returned by krb5_get_error_string(). + * + * Deprecated: use krb5_get_error_message() + * + * @param context Kerberos context + * @param fmt error message to free + * + * @return Return an error code or 0. + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_set_error_string(krb5_context context, const char *fmt, ...) + __attribute__((format (printf, 2, 3))) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + va_list ap; + + va_start(ap, fmt); + krb5_vset_error_message (context, 0, fmt, ap); + va_end(ap); + return 0; +} + +/** + * Set the error message returned by krb5_get_error_string(), + * deprecated, use krb5_set_error_message(). + * + * Deprecated: use krb5_vset_error_message() + * + * @param context Kerberos context + * @param msg error message to free + * + * @return Return an error code or 0. + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_vset_error_string(krb5_context context, const char *fmt, va_list args) + __attribute__ ((format (printf, 2, 0))) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + krb5_vset_error_message(context, 0, fmt, args); + return 0; +} + +/** + * Clear the error message returned by krb5_get_error_string(). + * + * Deprecated: use krb5_clear_error_message() + * + * @param context Kerberos context + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_clear_error_string(krb5_context context) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + krb5_clear_error_message(context); +} + +/** + * Deprecated: use krb5_get_credentials_with_flags(). + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_cred_from_kdc_opt(krb5_context context, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_creds **out_creds, + krb5_creds ***ret_tgts, + krb5_flags flags) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + krb5_kdc_flags f; + f.i = flags; + return _krb5_get_cred_kdc_any(context, f, ccache, + in_creds, NULL, NULL, + out_creds, ret_tgts); +} + +/** + * Deprecated: use krb5_get_credentials_with_flags(). + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_cred_from_kdc(krb5_context context, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_creds **out_creds, + krb5_creds ***ret_tgts) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + return krb5_get_cred_from_kdc_opt(context, ccache, + in_creds, out_creds, ret_tgts, 0); +} + +/** + * Deprecated: use krb5_xfree(). + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_free_unparsed_name(krb5_context context, char *str) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + krb5_xfree(str); +} + +/** + * Deprecated: use krb5_generate_subkey_extended() + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_generate_subkey(krb5_context context, + const krb5_keyblock *key, + krb5_keyblock **subkey) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + return krb5_generate_subkey_extended(context, key, ETYPE_NULL, subkey); +} + +/** + * Deprecated: use krb5_auth_con_getremoteseqnumber() + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_auth_getremoteseqnumber(krb5_context context, + krb5_auth_context auth_context, + int32_t *seqnumber) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + *seqnumber = auth_context->remote_seqnumber; + return 0; +} + +#endif /* HEIMDAL_SMALLER */ diff --git a/lib/krb5/derived-key-test.c b/lib/krb5/derived-key-test.c index debadb8bb956..a67c95a54cb6 100644 --- a/lib/krb5/derived-key-test.c +++ b/lib/krb5/derived-key-test.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -33,8 +33,6 @@ #include "krb5_locl.h" #include -RCSID("$Id: derived-key-test.c 16342 2005-12-02 14:14:43Z lha $"); - enum { MAXSIZE = 24 }; static struct testcase { @@ -77,7 +75,7 @@ static struct testcase { {0} }; -int KRB5_LIB_FUNCTION +int main(int argc, char **argv) { struct testcase *t; diff --git a/lib/krb5/digest.c b/lib/krb5/digest.c index 6e612ed6bbb0..ef3267b3a766 100644 --- a/lib/krb5/digest.c +++ b/lib/krb5/digest.c @@ -1,40 +1,41 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: digest.c 22156 2007-12-04 20:02:49Z lha $"); #include "digest_asn1.h" +#ifndef HEIMDAL_SMALLER + struct krb5_digest_data { char *cbtype; char *cbbinding; @@ -45,7 +46,7 @@ struct krb5_digest_data { DigestResponse response; }; -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_alloc(krb5_context context, krb5_digest *digest) { krb5_digest d; @@ -53,7 +54,7 @@ krb5_digest_alloc(krb5_context context, krb5_digest *digest) d = calloc(1, sizeof(*d)); if (d == NULL) { *digest = NULL; - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } *digest = d; @@ -61,7 +62,7 @@ krb5_digest_alloc(krb5_context context, krb5_digest *digest) return 0; } -void +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_digest_free(krb5_digest digest) { if (digest == NULL) @@ -75,14 +76,15 @@ krb5_digest_free(krb5_digest digest) return; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_server_cb(krb5_context context, krb5_digest digest, const char *type, const char *binding) { if (digest->init.channel) { - krb5_set_error_string(context, "server channel binding already set"); + krb5_set_error_message(context, EINVAL, + N_("server channel binding already set", "")); return EINVAL; } digest->init.channel = calloc(1, sizeof(*digest->init.channel)); @@ -94,54 +96,54 @@ krb5_digest_set_server_cb(krb5_context context, goto error; digest->init.channel->cb_binding = strdup(binding); - if (digest->init.channel->cb_binding == NULL) + if (digest->init.channel->cb_binding == NULL) goto error; return 0; -error: + error: if (digest->init.channel) { free(digest->init.channel->cb_type); free(digest->init.channel->cb_binding); free(digest->init.channel); digest->init.channel = NULL; } - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_type(krb5_context context, krb5_digest digest, const char *type) { if (digest->init.type) { - krb5_set_error_string(context, "client type already set"); + krb5_set_error_message(context, EINVAL, "client type already set"); return EINVAL; } digest->init.type = strdup(type); if (digest->init.type == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_hostname(krb5_context context, krb5_digest digest, const char *hostname) { if (digest->init.hostname) { - krb5_set_error_string(context, "server hostname already set"); + krb5_set_error_message(context, EINVAL, "server hostname already set"); return EINVAL; } digest->init.hostname = malloc(sizeof(*digest->init.hostname)); if (digest->init.hostname == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } *digest->init.hostname = strdup(hostname); if (*digest->init.hostname == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); free(digest->init.hostname); digest->init.hostname = NULL; return ENOMEM; @@ -149,55 +151,55 @@ krb5_digest_set_hostname(krb5_context context, return 0; } -const char * +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL krb5_digest_get_server_nonce(krb5_context context, krb5_digest digest) { return digest->initReply.nonce; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_server_nonce(krb5_context context, krb5_digest digest, const char *nonce) { if (digest->request.serverNonce) { - krb5_set_error_string(context, "nonce already set"); + krb5_set_error_message(context, EINVAL, N_("nonce already set", "")); return EINVAL; } digest->request.serverNonce = strdup(nonce); if (digest->request.serverNonce == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } return 0; } -const char * +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL krb5_digest_get_opaque(krb5_context context, krb5_digest digest) { return digest->initReply.opaque; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_opaque(krb5_context context, krb5_digest digest, const char *opaque) { if (digest->request.opaque) { - krb5_set_error_string(context, "opaque already set"); + krb5_set_error_message(context, EINVAL, "opaque already set"); return EINVAL; } digest->request.opaque = strdup(opaque); if (digest->request.opaque == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } return 0; } -const char * +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL krb5_digest_get_identifier(krb5_context context, krb5_digest digest) { @@ -206,23 +208,23 @@ krb5_digest_get_identifier(krb5_context context, return *digest->initReply.identifier; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_identifier(krb5_context context, krb5_digest digest, const char *id) { if (digest->request.identifier) { - krb5_set_error_string(context, "identifier already set"); + krb5_set_error_message(context, EINVAL, N_("identifier already set", "")); return EINVAL; } digest->request.identifier = calloc(1, sizeof(*digest->request.identifier)); if (digest->request.identifier == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } *digest->request.identifier = strdup(id); if (*digest->request.identifier == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); free(digest->request.identifier); digest->request.identifier = NULL; return ENOMEM; @@ -242,7 +244,7 @@ digest_request(krb5_context context, DigestREP rep; krb5_error_code ret; krb5_data data, data2; - size_t size; + size_t size = 0; krb5_crypto crypto = NULL; krb5_auth_context ac = NULL; krb5_principal principal = NULL; @@ -272,7 +274,7 @@ digest_request(krb5_context context, * */ - ret = krb5_make_principal(context, &principal, + ret = krb5_make_principal(context, &principal, r, KRB5_DIGEST_NAME, r, NULL); if (ret) goto out; @@ -280,14 +282,14 @@ digest_request(krb5_context context, ASN1_MALLOC_ENCODE(DigestReqInner, data.data, data.length, ireq, &size, ret); if (ret) { - krb5_set_error_string(context, - "Failed to encode digest inner request"); + krb5_set_error_message(context, ret, + N_("Failed to encode digest inner request", "")); goto out; } if (size != data.length) krb5_abortx(context, "ASN.1 internal encoder error"); - ret = krb5_mk_req_exact(context, &ac, + ret = krb5_mk_req_exact(context, &ac, AP_OPTS_USE_SUBKEY|AP_OPTS_MUTUAL_REQUIRED, principal, NULL, id, &req.apReq); if (ret) @@ -300,8 +302,9 @@ digest_request(krb5_context context, if (ret) goto out; if (key == NULL) { - krb5_set_error_string(context, "Digest failed to get local subkey"); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("Digest failed to get local subkey", "")); goto out; } @@ -312,7 +315,7 @@ digest_request(krb5_context context, } ret = krb5_encrypt_EncryptedData(context, crypto, usage, - data.data, data.length, 0, + data.data, data.length, 0, &req.innerReq); if (ret) goto out; @@ -322,7 +325,8 @@ digest_request(krb5_context context, ASN1_MALLOC_ENCODE(DigestREQ, data.data, data.length, &req, &size, ret); if (ret) { - krb5_set_error_string(context, "Failed to encode DigestREQest"); + krb5_set_error_message(context, ret, + N_("Failed to encode DigestREQest", "")); goto out; } if (size != data.length) @@ -334,7 +338,8 @@ digest_request(krb5_context context, ret = decode_DigestREP(data2.data, data2.length, &rep, NULL); if (ret) { - krb5_set_error_string(context, "Failed to parse digest response"); + krb5_set_error_message(context, ret, + N_("Failed to parse digest response", "")); goto out; } @@ -355,8 +360,8 @@ digest_request(krb5_context context, goto out; if (key == NULL) { ret = EINVAL; - krb5_set_error_string(context, - "Digest reply have no remote subkey"); + krb5_set_error_message(context, ret, + N_("Digest reply have no remote subkey", "")); goto out; } @@ -372,14 +377,15 @@ digest_request(krb5_context context, &rep.innerRep, &data); if (ret) goto out; - + ret = decode_DigestRepInner(data.data, data.length, irep, NULL); if (ret) { - krb5_set_error_string(context, "Failed to decode digest inner reply"); + krb5_set_error_message(context, ret, + N_("Failed to decode digest inner reply", "")); goto out; } -out: + out: if (ccache == NULL && id) krb5_cc_close(context, id); if (realm == NULL && r) @@ -400,7 +406,7 @@ digest_request(krb5_context context, return ret; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_init_request(krb5_context context, krb5_digest digest, krb5_realm realm, @@ -414,7 +420,8 @@ krb5_digest_init_request(krb5_context context, memset(&irep, 0, sizeof(irep)); if (digest->init.type == NULL) { - krb5_set_error_string(context, "Type missing from init req"); + krb5_set_error_message(context, EINVAL, + N_("Type missing from init req", "")); return EINVAL; } @@ -427,49 +434,52 @@ krb5_digest_init_request(krb5_context context, goto out; if (irep.element == choice_DigestRepInner_error) { - krb5_set_error_string(context, "Digest init error: %s", - irep.u.error.reason); ret = irep.u.error.code; + krb5_set_error_message(context, ret, N_("Digest init error: %s", ""), + irep.u.error.reason); goto out; } if (irep.element != choice_DigestRepInner_initReply) { - krb5_set_error_string(context, "digest reply not an initReply"); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("digest reply not an initReply", "")); goto out; } ret = copy_DigestInitReply(&irep.u.initReply, &digest->initReply); if (ret) { - krb5_set_error_string(context, "Failed to copy initReply"); + krb5_set_error_message(context, ret, + N_("Failed to copy initReply", "")); goto out; } -out: + out: free_DigestRepInner(&irep); return ret; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_client_nonce(krb5_context context, krb5_digest digest, const char *nonce) { if (digest->request.clientNonce) { - krb5_set_error_string(context, "clientNonce already set"); + krb5_set_error_message(context, EINVAL, + N_("clientNonce already set", "")); return EINVAL; } - digest->request.clientNonce = + digest->request.clientNonce = calloc(1, sizeof(*digest->request.clientNonce)); if (digest->request.clientNonce == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } *digest->request.clientNonce = strdup(nonce); if (*digest->request.clientNonce == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); free(digest->request.clientNonce); digest->request.clientNonce = NULL; return ENOMEM; @@ -477,57 +487,58 @@ krb5_digest_set_client_nonce(krb5_context context, return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_digest(krb5_context context, krb5_digest digest, const char *dgst) { if (digest->request.digest) { - krb5_set_error_string(context, "digest already set"); + krb5_set_error_message(context, EINVAL, + N_("digest already set", "")); return EINVAL; } digest->request.digest = strdup(dgst); if (digest->request.digest == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_username(krb5_context context, krb5_digest digest, const char *username) { if (digest->request.username) { - krb5_set_error_string(context, "username already set"); + krb5_set_error_message(context, EINVAL, "username already set"); return EINVAL; } digest->request.username = strdup(username); if (digest->request.username == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_authid(krb5_context context, krb5_digest digest, const char *authid) { if (digest->request.authid) { - krb5_set_error_string(context, "authid already set"); + krb5_set_error_message(context, EINVAL, "authid already set"); return EINVAL; } digest->request.authid = malloc(sizeof(*digest->request.authid)); if (digest->request.authid == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } *digest->request.authid = strdup(authid); if (*digest->request.authid == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); free(digest->request.authid); digest->request.authid = NULL; return ENOMEM; @@ -535,7 +546,7 @@ krb5_digest_set_authid(krb5_context context, return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_authentication_user(krb5_context context, krb5_digest digest, krb5_principal authentication_user) @@ -543,36 +554,35 @@ krb5_digest_set_authentication_user(krb5_context context, krb5_error_code ret; if (digest->request.authentication_user) { - krb5_set_error_string(context, "authentication_user already set"); + krb5_set_error_message(context, EINVAL, + N_("authentication_user already set", "")); return EINVAL; } ret = krb5_copy_principal(context, authentication_user, &digest->request.authentication_user); - if (digest->request.authentication_user == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } + if (ret) + return ret; return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_realm(krb5_context context, krb5_digest digest, const char *realm) { if (digest->request.realm) { - krb5_set_error_string(context, "realm already set"); + krb5_set_error_message(context, EINVAL, "realm already set"); return EINVAL; } digest->request.realm = malloc(sizeof(*digest->request.realm)); if (digest->request.realm == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } *digest->request.realm = strdup(realm); if (*digest->request.realm == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); free(digest->request.realm); digest->request.realm = NULL; return ENOMEM; @@ -580,23 +590,24 @@ krb5_digest_set_realm(krb5_context context, return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_method(krb5_context context, krb5_digest digest, const char *method) { if (digest->request.method) { - krb5_set_error_string(context, "method already set"); + krb5_set_error_message(context, EINVAL, + N_("method already set", "")); return EINVAL; } digest->request.method = malloc(sizeof(*digest->request.method)); if (digest->request.method == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } *digest->request.method = strdup(method); if (*digest->request.method == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); free(digest->request.method); digest->request.method = NULL; return ENOMEM; @@ -604,23 +615,23 @@ krb5_digest_set_method(krb5_context context, return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_uri(krb5_context context, krb5_digest digest, const char *uri) { if (digest->request.uri) { - krb5_set_error_string(context, "uri already set"); + krb5_set_error_message(context, EINVAL, N_("uri already set", "")); return EINVAL; } digest->request.uri = malloc(sizeof(*digest->request.uri)); if (digest->request.uri == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } *digest->request.uri = strdup(uri); if (*digest->request.uri == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); free(digest->request.uri); digest->request.uri = NULL; return ENOMEM; @@ -628,24 +639,25 @@ krb5_digest_set_uri(krb5_context context, return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_nonceCount(krb5_context context, krb5_digest digest, const char *nonce_count) { if (digest->request.nonceCount) { - krb5_set_error_string(context, "nonceCount already set"); + krb5_set_error_message(context, EINVAL, + N_("nonceCount already set", "")); return EINVAL; } - digest->request.nonceCount = + digest->request.nonceCount = malloc(sizeof(*digest->request.nonceCount)); if (digest->request.nonceCount == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } *digest->request.nonceCount = strdup(nonce_count); if (*digest->request.nonceCount == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); free(digest->request.nonceCount); digest->request.nonceCount = NULL; return ENOMEM; @@ -653,23 +665,23 @@ krb5_digest_set_nonceCount(krb5_context context, return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_qop(krb5_context context, krb5_digest digest, const char *qop) { if (digest->request.qop) { - krb5_set_error_string(context, "qop already set"); + krb5_set_error_message(context, EINVAL, "qop already set"); return EINVAL; } digest->request.qop = malloc(sizeof(*digest->request.qop)); if (digest->request.qop == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } *digest->request.qop = strdup(qop); if (*digest->request.qop == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); free(digest->request.qop); digest->request.qop = NULL; return ENOMEM; @@ -677,20 +689,20 @@ krb5_digest_set_qop(krb5_context context, return 0; } -int +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_digest_set_responseData(krb5_context context, krb5_digest digest, const char *response) { digest->request.responseData = strdup(response); if (digest->request.responseData == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_request(krb5_context context, krb5_digest digest, krb5_realm realm, @@ -708,14 +720,17 @@ krb5_digest_request(krb5_context context, if (digest->request.type == NULL) { if (digest->init.type == NULL) { - krb5_set_error_string(context, "Type missing from req"); + krb5_set_error_message(context, EINVAL, + N_("Type missing from req", "")); return EINVAL; } ireq.u.digestRequest.type = digest->init.type; } - if (ireq.u.digestRequest.digest == NULL) - ireq.u.digestRequest.digest = "md5"; + if (ireq.u.digestRequest.digest == NULL) { + static char md5[] = "md5"; + ireq.u.digestRequest.digest = md5; + } ret = digest_request(context, realm, ccache, KRB5_KU_DIGEST_ENCRYPT, &ireq, &irep); @@ -723,38 +738,41 @@ krb5_digest_request(krb5_context context, return ret; if (irep.element == choice_DigestRepInner_error) { - krb5_set_error_string(context, "Digest response error: %s", - irep.u.error.reason); ret = irep.u.error.code; + krb5_set_error_message(context, ret, + N_("Digest response error: %s", ""), + irep.u.error.reason); goto out; } if (irep.element != choice_DigestRepInner_response) { - krb5_set_error_string(context, "digest reply not an DigestResponse"); + krb5_set_error_message(context, EINVAL, + N_("digest reply not an DigestResponse", "")); ret = EINVAL; goto out; } ret = copy_DigestResponse(&irep.u.response, &digest->response); if (ret) { - krb5_set_error_string(context, "Failed to copy initReply"); + krb5_set_error_message(context, ret, + N_("Failed to copy initReply,", "")); goto out; } -out: + out: free_DigestRepInner(&irep); return ret; } -krb5_boolean -krb5_digest_rep_get_status(krb5_context context, +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_digest_rep_get_status(krb5_context context, krb5_digest digest) { return digest->response.success ? TRUE : FALSE; } -const char * +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL krb5_digest_get_rsp(krb5_context context, krb5_digest digest) { @@ -763,7 +781,7 @@ krb5_digest_get_rsp(krb5_context context, return *digest->response.rsp; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_get_tickets(krb5_context context, krb5_digest digest, Ticket **tickets) @@ -773,7 +791,7 @@ krb5_digest_get_tickets(krb5_context context, } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_get_client_binding(krb5_context context, krb5_digest digest, char **type, @@ -785,7 +803,7 @@ krb5_digest_get_client_binding(krb5_context context, if (*type == NULL || *binding == NULL) { free(*type); free(*binding); - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } } else { @@ -795,7 +813,7 @@ krb5_digest_get_client_binding(krb5_context context, return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_get_session_key(krb5_context context, krb5_digest digest, krb5_data *data) @@ -807,7 +825,7 @@ krb5_digest_get_session_key(krb5_context context, return 0; ret = der_copy_octet_string(digest->response.session_key, data); if (ret) - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } @@ -819,19 +837,19 @@ struct krb5_ntlm_data { NTLMResponse response; }; -krb5_error_code -krb5_ntlm_alloc(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_ntlm_alloc(krb5_context context, krb5_ntlm *ntlm) { *ntlm = calloc(1, sizeof(**ntlm)); if (*ntlm == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_free(krb5_context context, krb5_ntlm ntlm) { free_NTLMInit(&ntlm->init); @@ -844,8 +862,8 @@ krb5_ntlm_free(krb5_context context, krb5_ntlm ntlm) } -krb5_error_code -krb5_ntlm_init_request(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_ntlm_init_request(krb5_context context, krb5_ntlm ntlm, krb5_realm realm, krb5_ccache ccache, @@ -879,31 +897,33 @@ krb5_ntlm_init_request(krb5_context context, goto out; if (irep.element == choice_DigestRepInner_error) { - krb5_set_error_string(context, "Digest init error: %s", - irep.u.error.reason); ret = irep.u.error.code; + krb5_set_error_message(context, ret, N_("Digest init error: %s", ""), + irep.u.error.reason); goto out; } if (irep.element != choice_DigestRepInner_ntlmInitReply) { - krb5_set_error_string(context, "ntlm reply not an initReply"); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("ntlm reply not an initReply", "")); goto out; } ret = copy_NTLMInitReply(&irep.u.ntlmInitReply, &ntlm->initReply); if (ret) { - krb5_set_error_string(context, "Failed to copy initReply"); + krb5_set_error_message(context, ret, + N_("Failed to copy initReply", "")); goto out; } -out: + out: free_DigestRepInner(&irep); return ret; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_init_get_flags(krb5_context context, krb5_ntlm ntlm, uint32_t *flags) @@ -912,7 +932,7 @@ krb5_ntlm_init_get_flags(krb5_context context, return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_init_get_challange(krb5_context context, krb5_ntlm ntlm, krb5_data *challange) @@ -921,12 +941,12 @@ krb5_ntlm_init_get_challange(krb5_context context, ret = der_copy_octet_string(&ntlm->initReply.challange, challange); if (ret) - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_init_get_opaque(krb5_context context, krb5_ntlm ntlm, krb5_data *opaque) @@ -935,25 +955,25 @@ krb5_ntlm_init_get_opaque(krb5_context context, ret = der_copy_octet_string(&ntlm->initReply.opaque, opaque); if (ret) - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_init_get_targetname(krb5_context context, krb5_ntlm ntlm, char **name) { *name = strdup(ntlm->initReply.targetname); if (*name == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ENOMEM; } return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_init_get_targetinfo(krb5_context context, krb5_ntlm ntlm, krb5_data *data) @@ -969,14 +989,14 @@ krb5_ntlm_init_get_targetinfo(krb5_context context, ntlm->initReply.targetinfo->data, ntlm->initReply.targetinfo->length); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_request(krb5_context context, krb5_ntlm ntlm, krb5_realm realm, @@ -998,32 +1018,35 @@ krb5_ntlm_request(krb5_context context, return ret; if (irep.element == choice_DigestRepInner_error) { - krb5_set_error_string(context, "NTLM response error: %s", - irep.u.error.reason); ret = irep.u.error.code; + krb5_set_error_message(context, ret, + N_("NTLM response error: %s", ""), + irep.u.error.reason); goto out; } if (irep.element != choice_DigestRepInner_ntlmResponse) { - krb5_set_error_string(context, "NTLM reply not an NTLMResponse"); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("NTLM reply not an NTLMResponse", "")); goto out; } ret = copy_NTLMResponse(&irep.u.ntlmResponse, &ntlm->response); if (ret) { - krb5_set_error_string(context, "Failed to copy NTLMResponse"); + krb5_set_error_message(context, ret, + N_("Failed to copy NTLMResponse", "")); goto out; } -out: + out: free_DigestRepInner(&irep); return ret; } -krb5_error_code -krb5_ntlm_req_set_flags(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_ntlm_req_set_flags(krb5_context context, krb5_ntlm ntlm, uint32_t flags) { @@ -1031,40 +1054,40 @@ krb5_ntlm_req_set_flags(krb5_context context, return 0; } -krb5_error_code -krb5_ntlm_req_set_username(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_ntlm_req_set_username(krb5_context context, krb5_ntlm ntlm, const char *username) { ntlm->request.username = strdup(username); if (ntlm->request.username == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } return 0; } -krb5_error_code -krb5_ntlm_req_set_targetname(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_ntlm_req_set_targetname(krb5_context context, krb5_ntlm ntlm, const char *targetname) { ntlm->request.targetname = strdup(targetname); if (ntlm->request.targetname == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } return 0; } -krb5_error_code -krb5_ntlm_req_set_lm(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_ntlm_req_set_lm(krb5_context context, krb5_ntlm ntlm, void *hash, size_t len) { ntlm->request.lm.data = malloc(len); - if (ntlm->request.lm.data == NULL) { - krb5_set_error_string(context, "out of memory"); + if (ntlm->request.lm.data == NULL && len != 0) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } ntlm->request.lm.length = len; @@ -1072,14 +1095,14 @@ krb5_ntlm_req_set_lm(krb5_context context, return 0; } -krb5_error_code -krb5_ntlm_req_set_ntlm(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_ntlm_req_set_ntlm(krb5_context context, krb5_ntlm ntlm, void *hash, size_t len) { ntlm->request.ntlm.data = malloc(len); - if (ntlm->request.ntlm.data == NULL) { - krb5_set_error_string(context, "out of memory"); + if (ntlm->request.ntlm.data == NULL && len != 0) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } ntlm->request.ntlm.length = len; @@ -1087,14 +1110,14 @@ krb5_ntlm_req_set_ntlm(krb5_context context, return 0; } -krb5_error_code -krb5_ntlm_req_set_opaque(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_ntlm_req_set_opaque(krb5_context context, krb5_ntlm ntlm, krb5_data *opaque) { ntlm->request.opaque.data = malloc(opaque->length); - if (ntlm->request.opaque.data == NULL) { - krb5_set_error_string(context, "out of memory"); + if (ntlm->request.opaque.data == NULL && opaque->length != 0) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } ntlm->request.opaque.length = opaque->length; @@ -1102,19 +1125,19 @@ krb5_ntlm_req_set_opaque(krb5_context context, return 0; } -krb5_error_code -krb5_ntlm_req_set_session(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_ntlm_req_set_session(krb5_context context, krb5_ntlm ntlm, void *sessionkey, size_t length) { ntlm->request.sessionkey = calloc(1, sizeof(*ntlm->request.sessionkey)); if (ntlm->request.sessionkey == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } ntlm->request.sessionkey->data = malloc(length); - if (ntlm->request.sessionkey->data == NULL) { - krb5_set_error_string(context, "out of memory"); + if (ntlm->request.sessionkey->data == NULL && length != 0) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } memcpy(ntlm->request.sessionkey->data, sessionkey, length); @@ -1122,23 +1145,24 @@ krb5_ntlm_req_set_session(krb5_context context, return 0; } -krb5_boolean -krb5_ntlm_rep_get_status(krb5_context context, +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_ntlm_rep_get_status(krb5_context context, krb5_ntlm ntlm) { return ntlm->response.success ? TRUE : FALSE; } -krb5_error_code -krb5_ntlm_rep_get_sessionkey(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_ntlm_rep_get_sessionkey(krb5_context context, krb5_ntlm ntlm, krb5_data *data) { if (ntlm->response.sessionkey == NULL) { - krb5_set_error_string(context, "no ntlm session key"); + krb5_set_error_message(context, EINVAL, + N_("no ntlm session key", "")); return EINVAL; } - krb5_clear_error_string(context); + krb5_clear_error_message(context); return krb5_data_copy(data, ntlm->response.sessionkey->data, ntlm->response.sessionkey->length); @@ -1157,7 +1181,7 @@ krb5_ntlm_rep_get_sessionkey(krb5_context context, * @ingroup krb5_digest */ -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_probe(krb5_context context, krb5_realm realm, krb5_ccache ccache, @@ -1178,22 +1202,24 @@ krb5_digest_probe(krb5_context context, goto out; if (irep.element == choice_DigestRepInner_error) { - krb5_set_error_string(context, "Digest probe error: %s", - irep.u.error.reason); ret = irep.u.error.code; + krb5_set_error_message(context, ret, "Digest probe error: %s", + irep.u.error.reason); goto out; } if (irep.element != choice_DigestRepInner_supportedMechs) { - krb5_set_error_string(context, "Digest reply not an probe"); ret = EINVAL; + krb5_set_error_message(context, ret, "Digest reply not an probe"); goto out; } *flags = DigestTypes2int(irep.u.supportedMechs); -out: + out: free_DigestRepInner(&irep); return ret; } + +#endif /* HEIMDAL_SMALLER */ diff --git a/lib/krb5/doxygen.c b/lib/krb5/doxygen.c index b7c6f8fcfdd0..fec9a671930a 100644 --- a/lib/krb5/doxygen.c +++ b/lib/krb5/doxygen.c @@ -1,67 +1,700 @@ /* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2007-2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id$"); /** - * + * */ -/*! \mainpage Heimdal Kerberos 5 library +/*! @mainpage Heimdal Kerberos 5 library * - * \section intro Introduction + * @section intro Introduction * * Heimdal libkrb5 library is a implementation of the Kerberos * protocol. - * + * * Kerberos is a system for authenticating users and services on a * network. It is built upon the assumption that the network is * ``unsafe''. For example, data sent over the network can be * eavesdropped and altered, and addresses can also be faked. * Therefore they cannot be used for authentication purposes. * - * The project web page:\n - * http://www.h5l.org/ + * + * - @ref krb5_introduction + * - @ref krb5_principal_intro + * - @ref krb5_ccache_intro + * - @ref krb5_keytab_intro + * + * If you want to know more about the file formats that is used by + * Heimdal, please see: @ref krb5_fileformats + * + * The project web page: http://www.h5l.org/ * */ /** @defgroup krb5 Heimdal Kerberos 5 library */ /** @defgroup krb5_address Heimdal Kerberos 5 address functions */ +/** @defgroup krb5_principal Heimdal Kerberos 5 principal functions */ /** @defgroup krb5_ccache Heimdal Kerberos 5 credential cache functions */ +/** @defgroup krb5_crypto Heimdal Kerberos 5 cryptography functions */ /** @defgroup krb5_credential Heimdal Kerberos 5 credential handing functions */ /** @defgroup krb5_deprecated Heimdal Kerberos 5 deprecated functions */ /** @defgroup krb5_digest Heimdal Kerberos 5 digest service */ /** @defgroup krb5_error Heimdal Kerberos 5 error reporting functions */ +/** @defgroup krb5_keytab Heimdal Kerberos 5 keytab handling functions */ +/** @defgroup krb5_ticket Heimdal Kerberos 5 ticket functions */ +/** @defgroup krb5_pac Heimdal Kerberos 5 PAC handling functions */ /** @defgroup krb5_v4compat Heimdal Kerberos 4 compatiblity functions */ +/** @defgroup krb5_storage Heimdal Kerberos 5 storage functions */ /** @defgroup krb5_support Heimdal Kerberos 5 support functions */ +/** @defgroup krb5_auth Heimdal Kerberos 5 authentication functions */ + + +/** + * @page krb5_introduction Introduction to the Kerberos 5 API + * @section api_overview Kerberos 5 API Overview + * + * All functions are documented in manual pages. This section tries + * to give an overview of the major components used in Kerberos + * library, and point to where to look for a specific function. + * + * @subsection intro_krb5_context Kerberos context + * + * A kerberos context (krb5_context) holds all per thread state. All + * global variables that are context specific are stored in this + * structure, including default encryption types, credential cache + * (for example, a ticket file), and default realms. + * + * The internals of the structure should never be accessed directly, + * functions exist for extracting information. + * + * See the manual page for krb5_init_context() how to create a context + * and module @ref krb5 for more information about the functions. + * + * @subsection intro_krb5_auth_context Kerberos authentication context + * + * Kerberos authentication context (krb5_auth_context) holds all + * context related to an authenticated connection, in a similar way to + * the kerberos context that holds the context for the thread or + * process. + * + * The krb5_auth_context is used by various functions that are + * directly related to authentication between the + * server/client. Example of data that this structure contains are + * various flags, addresses of client and server, port numbers, + * keyblocks (and subkeys), sequence numbers, replay cache, and + * checksum types. + * + * @subsection intro_krb5_principal Kerberos principal + * + * The Kerberos principal is the structure that identifies a user or + * service in Kerberos. The structure that holds the principal is the + * krb5_principal. There are function to extract the realm and + * elements of the principal, but most applications have no reason to + * inspect the content of the structure. + * + * The are several ways to create a principal (with different degree of + * portability), and one way to free it. + * + * See also the page @ref krb5_principal_intro for more information and also + * module @ref krb5_principal. + * + * @subsection intro_krb5_ccache Credential cache + * + * A credential cache holds the tickets for a user. A given user can + * have several credential caches, one for each realm where the user + * have the initial tickets (the first krbtgt). + * + * The credential cache data can be stored internally in different + * way, each of them for different proposes. File credential (FILE) + * caches and processes based (KCM) caches are for permanent + * storage. While memory caches (MEMORY) are local caches to the local + * process. + * + * Caches are opened with krb5_cc_resolve() or created with + * krb5_cc_new_unique(). + * + * If the cache needs to be opened again (using krb5_cc_resolve()) + * krb5_cc_close() will close the handle, but not the remove the + * cache. krb5_cc_destroy() will zero out the cache, remove the cache + * so it can no longer be referenced. + * + * See also @ref krb5_ccache_intro and @ref krb5_ccache . + * + * @subsection intro_krb5_error_code Kerberos errors + * + * Kerberos errors are based on the com_err library. All error codes are + * 32-bit signed numbers, the first 24 bits define what subsystem the + * error originates from, and last 8 bits are 255 error codes within the + * library. Each error code have fixed string associated with it. For + * example, the error-code -1765328383 have the symbolic name + * KRB5KDC_ERR_NAME_EXP, and associated error string ``Client's entry in + * database has expired''. + * + * This is a great improvement compared to just getting one of the unix + * error-codes back. However, Heimdal have an extention to pass back + * customised errors messages. Instead of getting ``Key table entry not + * found'', the user might back ``failed to find + * host/host.example.com\@EXAMLE.COM(kvno 3) in keytab /etc/krb5.keytab + * (des-cbc-crc)''. This improves the chance that the user find the + * cause of the error so you should use the customised error message + * whenever it's available. + * + * See also module @ref krb5_error . + * + * + * @subsection intro_krb5_keytab Keytab management + * + * A keytab is a storage for locally stored keys. Heimdal includes keytab + * support for Kerberos 5 keytabs, Kerberos 4 srvtab, AFS-KeyFile's, + * and for storing keys in memory. + * + * Keytabs are used for servers and long-running services. + * + * See also @ref krb5_keytab_intro and @ref krb5_keytab . + * + * @subsection intro_krb5_crypto Kerberos crypto + * + * Heimdal includes a implementation of the Kerberos crypto framework, + * all crypto operations. To create a crypto context call krb5_crypto_init(). + * + * See also module @ref krb5_crypto . + * + * @section kerberos5_client Walkthrough of a sample Kerberos 5 client + * + * This example contains parts of a sample TCP Kerberos 5 clients, if you + * want a real working client, please look in appl/test directory in + * the Heimdal distribution. + * + * All Kerberos error-codes that are returned from kerberos functions in + * this program are passed to krb5_err, that will print a + * descriptive text of the error code and exit. Graphical programs can + * convert error-code to a human readable error-string with the + * krb5_get_error_message() function. + * + * Note that you should not use any Kerberos function before + * krb5_init_context() have completed successfully. That is the + * reason err() is used when krb5_init_context() fails. + * + * First the client needs to call krb5_init_context to initialise + * the Kerberos 5 library. This is only needed once per thread + * in the program. If the function returns a non-zero value it indicates + * that either the Kerberos implementation is failing or it's disabled on + * this host. + * + * @code + * #include + * + * int + * main(int argc, char **argv) + * { + * krb5_context context; + * + * if (krb5_init_context(&context)) + * errx (1, "krb5_context"); + * @endcode + * + * Now the client wants to connect to the host at the other end. The + * preferred way of doing this is using getaddrinfo (for + * operating system that have this function implemented), since getaddrinfo + * is neutral to the address type and can use any protocol that is available. + * + * @code + * struct addrinfo *ai, *a; + * struct addrinfo hints; + * int error; + * + * memset (&hints, 0, sizeof(hints)); + * hints.ai_socktype = SOCK_STREAM; + * hints.ai_protocol = IPPROTO_TCP; + * + * error = getaddrinfo (hostname, "pop3", &hints, &ai); + * if (error) + * errx (1, "%s: %s", hostname, gai_strerror(error)); + * + * for (a = ai; a != NULL; a = a->ai_next) { + * int s; + * + * s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); + * if (s < 0) + * continue; + * if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { + * warn ("connect(%s)", hostname); + * close (s); + * continue; + * } + * freeaddrinfo (ai); + * ai = NULL; + * } + * if (ai) { + * freeaddrinfo (ai); + * errx ("failed to contact %s", hostname); + * } + * @endcode + * + * Before authenticating, an authentication context needs to be + * created. This context keeps all information for one (to be) authenticated + * connection (see krb5_auth_context). + * + * @code + * status = krb5_auth_con_init (context, &auth_context); + * if (status) + * krb5_err (context, 1, status, "krb5_auth_con_init"); + * @endcode + * + * For setting the address in the authentication there is a help function + * krb5_auth_con_setaddrs_from_fd() that does everything that is needed + * when given a connected file descriptor to the socket. + * + * @code + * status = krb5_auth_con_setaddrs_from_fd (context, + * auth_context, + * &sock); + * if (status) + * krb5_err (context, 1, status, + * "krb5_auth_con_setaddrs_from_fd"); + * @endcode + * + * The next step is to build a server principal for the service we want + * to connect to. (See also krb5_sname_to_principal().) + * + * @code + * status = krb5_sname_to_principal (context, + * hostname, + * service, + * KRB5_NT_SRV_HST, + * &server); + * if (status) + * krb5_err (context, 1, status, "krb5_sname_to_principal"); + * @endcode + * + * The client principal is not passed to krb5_sendauth() + * function, this causes the krb5_sendauth() function to try to figure it + * out itself. + * + * The server program is using the function krb5_recvauth() to + * receive the Kerberos 5 authenticator. + * + * In this case, mutual authentication will be tried. That means that the server + * will authenticate to the client. Using mutual authentication + * is good since it enables the user to verify that they are talking to the + * right server (a server that knows the key). + * + * If you are using a non-blocking socket you will need to do all work of + * krb5_sendauth() yourself. Basically you need to send over the + * authenticator from krb5_mk_req() and, in case of mutual + * authentication, verifying the result from the server with + * krb5_rd_rep(). + * + * @code + * status = krb5_sendauth (context, + * &auth_context, + * &sock, + * VERSION, + * NULL, + * server, + * AP_OPTS_MUTUAL_REQUIRED, + * NULL, + * NULL, + * NULL, + * NULL, + * NULL, + * NULL); + * if (status) + * krb5_err (context, 1, status, "krb5_sendauth"); + * @endcode + * + * Once authentication has been performed, it is time to send some + * data. First we create a krb5_data structure, then we sign it with + * krb5_mk_safe() using the auth_context that contains the + * session-key that was exchanged in the + * krb5_sendauth()/krb5_recvauth() authentication + * sequence. + * + * @code + * data.data = "hej"; + * data.length = 3; + * + * krb5_data_zero (&packet); + * + * status = krb5_mk_safe (context, + * auth_context, + * &data, + * &packet, + * NULL); + * if (status) + * krb5_err (context, 1, status, "krb5_mk_safe"); + * @endcode + * + * And send it over the network. + * + * @code + * len = packet.length; + * net_len = htonl(len); + * + * if (krb5_net_write (context, &sock, &net_len, 4) != 4) + * err (1, "krb5_net_write"); + * if (krb5_net_write (context, &sock, packet.data, len) != len) + * err (1, "krb5_net_write"); + * @endcode + * + * To send encrypted (and signed) data krb5_mk_priv() should be + * used instead. krb5_mk_priv() works the same way as + * krb5_mk_safe(), with the exception that it encrypts the data + * in addition to signing it. + * + * @code + * data.data = "hemligt"; + * data.length = 7; + * + * krb5_data_free (&packet); + * + * status = krb5_mk_priv (context, + * auth_context, + * &data, + * &packet, + * NULL); + * if (status) + * krb5_err (context, 1, status, "krb5_mk_priv"); + * @endcode + * + * And send it over the network. + * + * @code + * len = packet.length; + * net_len = htonl(len); + * + * if (krb5_net_write (context, &sock, &net_len, 4) != 4) + * err (1, "krb5_net_write"); + * if (krb5_net_write (context, &sock, packet.data, len) != len) + * err (1, "krb5_net_write"); + * + * @endcode + * + * The server is using krb5_rd_safe() and + * krb5_rd_priv() to verify the signature and decrypt the packet. + * + * @section intro_krb5_verify_user Validating a password in an application + * + * See the manual page for krb5_verify_user(). + * + * @section mit_differences API differences to MIT Kerberos + * + * This section is somewhat disorganised, but so far there is no overall + * structure to the differences, though some of the have their root in + * that Heimdal uses an ASN.1 compiler and MIT doesn't. + * + * @subsection mit_krb5_principal Principal and realms + * + * Heimdal stores the realm as a krb5_realm, that is a char *. + * MIT Kerberos uses a krb5_data to store a realm. + * + * In Heimdal krb5_principal doesn't contain the component + * name_type; it's instead stored in component + * name.name_type. To get and set the nametype in Heimdal, use + * krb5_principal_get_type() and + * krb5_principal_set_type(). + * + * For more information about principal and realms, see + * krb5_principal. + * + * @subsection mit_krb5_error_code Error messages + * + * To get the error string, Heimdal uses + * krb5_get_error_message(). This is to return custom error messages + * (like ``Can't find host/datan.example.com\@CODE.COM in + * /etc/krb5.conf.'' instead of a ``Key table entry not found'' that + * error_message returns. + * + * Heimdal uses a threadsafe(r) version of the com_err interface; the + * global com_err table isn't initialised. Then + * error_message returns quite a boring error string (just + * the error code itself). + * + * + */ + +/** + * + * + * @page krb5_fileformats File formats + * + * @section fileformats File formats + * + * This section documents the diffrent file formats that are used in + * Heimdal and other Kerberos implementations. + * + * @subsection file_keytab keytab + * + * The keytab binary format is not a standard format. The format has + * evolved and may continue to. It is however understood by several + * Kerberos implementations including Heimdal, MIT, Sun's Java ktab and + * are created by the ktpass.exe utility from Windows. So it has + * established itself as the defacto format for storing Kerberos keys. + * + * The following C-like structure definitions illustrate the MIT keytab + * file format. All values are in network byte order. All text is ASCII. + * + * @code + * keytab { + * uint16_t file_format_version; # 0x502 + * keytab_entry entries[*]; + * }; + * + * keytab_entry { + * int32_t size; + * uint16_t num_components; # subtract 1 if version 0x501 + * counted_octet_string realm; + * counted_octet_string components[num_components]; + * uint32_t name_type; # not present if version 0x501 + * uint32_t timestamp; + * uint8_t vno8; + * keyblock key; + * uint32_t vno; #only present if >= 4 bytes left in entry + * uint32_t flags; #only present if >= 4 bytes left in entry + * }; + * + * counted_octet_string { + * uint16_t length; + * uint8_t data[length]; + * }; + * + * keyblock { + * uint16_t type; + * counted_octet_string; + * }; + * @endcode + * + * All numbers are stored in network byteorder (big endian) format. + * + * The keytab file format begins with the 16 bit file_format_version which + * at the time this document was authored is 0x502. The format of older + * keytabs is described at the end of this document. + * + * The file_format_version is immediately followed by an array of + * keytab_entry structures which are prefixed with a 32 bit size indicating + * the number of bytes that follow in the entry. Note that the size should be + * evaluated as signed. This is because a negative value indicates that the + * entry is in fact empty (e.g. it has been deleted) and that the negative + * value of that negative value (which is of course a positive value) is + * the offset to the next keytab_entry. Based on these size values alone + * the entire keytab file can be traversed. + * + * The size is followed by a 16 bit num_components field indicating the + * number of counted_octet_string components in the components array. + * + * The num_components field is followed by a counted_octet_string + * representing the realm of the principal. + * + * A counted_octet_string is simply an array of bytes prefixed with a 16 + * bit length. For the realm and name components, the counted_octet_string + * bytes are ASCII encoded text with no zero terminator. + * + * Following the realm is the components array that represents the name of + * the principal. The text of these components may be joined with slashs + * to construct the typical SPN representation. For example, the service + * principal HTTP/www.foo.net\@FOO.NET would consist of name components + * "HTTP" followed by "www.foo.net". + * + * Following the components array is the 32 bit name_type (e.g. 1 is + * KRB5_NT_PRINCIPAL, 2 is KRB5_NT_SRV_INST, 5 is KRB5_NT_UID, etc). In + * practice the name_type is almost certainly 1 meaning KRB5_NT_PRINCIPAL. + * + * The 32 bit timestamp indicates the time the key was established for that + * principal. The value represents the number of seconds since Jan 1, 1970. + * + * The 8 bit vno8 field is the version number of the key. This value is + * overridden by the 32 bit vno field if it is present. The vno8 field is + * filled with the lower 8 bits of the 32 bit protocol kvno field. + * + * The keyblock structure consists of a 16 bit value indicating the + * encryption type and is a counted_octet_string containing the key. The + * encryption type is the same as the Kerberos standard (e.g. 3 is + * des-cbc-md5, 23 is arcfour-hmac-md5, etc). + * + * The last field of the keytab_entry structure is optional. If the size of + * the keytab_entry indicates that there are at least 4 bytes remaining, + * a 32 bit value representing the key version number is present. This + * value supersedes the 8 bit vno8 value preceeding the keyblock. + * + * Older keytabs with a file_format_version of 0x501 are different in + * three ways: + * + * - All integers are in host byte order [1]. + * - The num_components field is 1 too large (i.e. after decoding, decrement by 1). + * - The 32 bit name_type field is not present. + * + * [1] The file_format_version field should really be treated as two + * separate 8 bit quantities representing the major and minor version + * number respectively. + * + * @subsection file_hdb_dump Heimdal database dump file + * + * Format of the Heimdal text dump file as of Heimdal 0.6.3: + * + * Each line in the dump file is one entry in the database. + * + * Each field of a line is separated by one or more spaces, with the + * exception of fields consisting of principals containing spaces, where + * space can be quoted with \ and \ is quoted by \. + * + * Fields and their types are: + * + * @code + * Quoted princial (quote character is \) [string] + * Keys [keys] + * Created by [event] + * Modified by [event optional] + * Valid start time [time optional] + * Valid end time [time optional] + * Password end valid time [time optional] + * Max lifetime of ticket [time optional] + * Max renew time of ticket [integer optional] + * Flags [hdb flags] + * Generation number [generation optional] + * Extensions [extentions optional] + * @endcode + * + * Fields following these silently are ignored. + * + * All optional fields will be skipped if they fail to parse (or comprise + * the optional field marker of "-", w/o quotes). + * + * Example: + * + * @code + * fred\@CODE.COM 27:1:16:e8b4c8fc7e60b9e641dcf4cff3f08a701d982a2f89ba373733d26ca59ba6c789666f6b8bfcf169412bb1e5dceb9b33cda29f3412:-:1:3:4498a933881178c744f4232172dcd774c64e81fa6d05ecdf643a7e390624a0ebf3c7407a:-:1:2:b01934b13eb795d76f3a80717d469639b4da0cfb644161340ef44fdeb375e54d684dbb85:-:1:1:ea8e16d8078bf60c781da90f508d4deccba70595258b9d31888d33987cd31af0c9cced2e:- 20020415130120:admin\@CODE.COM 20041221112428:fred\@CODE.COM - - - 86400 604800 126 20020415130120:793707:28 - + * @endcode + * + * Encoding of types are as follows: + * + * - keys + * + * @code + * kvno:[masterkvno:keytype:keydata:salt]{zero or more separated by :} + * @endcode + * + * kvno is the key version number. + * + * keydata is hex-encoded + * + * masterkvno is the kvno of the database master key. If this field is + * empty, the kadmin load and merge operations will encrypt the key data + * with the master key if there is one. Otherwise the key data will be + * imported asis. + * + * salt is encoded as "-" (no/default salt) or + * + * @code + * salt-type / + * salt-type / "string" + * salt-type / hex-encoded-data + * @endcode + * + * keytype is the protocol enctype number; see enum ENCTYPE in + * include/krb5_asn1.h for values. + * + * Example: + * @code + * 27:1:16:e8b4c8fc7e60b9e641dcf4cff3f08a701d982a2f89ba373733d26ca59ba6c789666f6b8bfcf169412bb1e5dceb9b33cda29f3412:-:1:3:4498a933881178c744f4232172dcd774c64e81fa6d05ecdf643a7e390624a0ebf3c7407a:-:1:2:b01934b13eb795d76f3a80717d469639b4da0cfb644161340ef44fdeb375e54d684dbb85:-:1:1:ea8e16d8078bf60c781da90f508d4deccba70595258b9d31888d33987cd31af0c9cced2e:- + * @endcode + * + * + * @code + * kvno=27,{key: masterkvno=1,keytype=des3-cbc-sha1,keydata=..., default salt}... + * @endcode + * + * - time + * + * Format of the time is: YYYYmmddHHMMSS, corresponding to strftime + * format "%Y%m%d%k%M%S". + * + * Time is expressed in UTC. + * + * Time can be optional (using -), when the time 0 is used. + * + * Example: + * + * @code + * 20041221112428 + * @endcode + * + * - event + * + * @code + * time:principal + * @endcode + * + * time is as given in format time + * + * principal is a string. Not quoting it may not work in earlier + * versions of Heimdal. + * + * Example: + * @code + * 20041221112428:bloggs\@CODE.COM + * @endcode + * + * - hdb flags + * + * Integer encoding of HDB flags, see HDBFlags in lib/hdb/hdb.asn1. Each + * bit in the integer is the same as the bit in the specification. + * + * - generation: + * + * @code + * time:usec:gen + * @endcode + * + * + * usec is a the microsecond, integer. + * gen is generation number, integer. + * + * The generation can be defaulted (using '-') or the empty string + * + * - extensions: + * + * @code + * first-hex-encoded-HDB-Extension[:second-...] + * @endcode + * + * HDB-extension is encoded the DER encoded HDB-Extension from + * lib/hdb/hdb.asn1. Consumers HDB extensions should be aware that + * unknown entires needs to be preserved even thought the ASN.1 data + * content might be unknown. There is a critical flag in the data to show + * to the KDC that the entry MUST be understod if the entry is to be + * used. + * + * + */ diff --git a/lib/krb5/eai_to_heim_errno.c b/lib/krb5/eai_to_heim_errno.c index 19315cea8678..ef11e370f443 100644 --- a/lib/krb5/eai_to_heim_errno.c +++ b/lib/krb5/eai_to_heim_errno.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include - -RCSID("$Id: eai_to_heim_errno.c 22065 2007-11-11 16:41:06Z lha $"); +#include "krb5_locl.h" /** * Convert the getaddrinfo() error code to a Kerberos et error code. @@ -46,7 +44,7 @@ RCSID("$Id: eai_to_heim_errno.c 22065 2007-11-11 16:41:06Z lha $"); * @ingroup krb5_error */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_eai_to_heim_errno(int eai_errno, int system_error) { switch(eai_errno) { @@ -76,8 +74,10 @@ krb5_eai_to_heim_errno(int eai_errno, int system_error) return HEIM_EAI_SERVICE; case EAI_SOCKTYPE: return HEIM_EAI_SOCKTYPE; +#ifdef EAI_SYSTEM case EAI_SYSTEM: return system_error; +#endif default: return HEIM_EAI_UNKNOWN; /* XXX */ } @@ -94,7 +94,7 @@ krb5_eai_to_heim_errno(int eai_errno, int system_error) * @ingroup krb5_error */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_h_errno_to_heim_errno(int eai_errno) { switch(eai_errno) { diff --git a/lib/krb5/error_string.c b/lib/krb5/error_string.c index ff6e98a3dcaf..bebd4c490ee1 100644 --- a/lib/krb5/error_string.c +++ b/lib/krb5/error_string.c @@ -1,91 +1,196 @@ /* - * Copyright (c) 2001, 2003, 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2001, 2003, 2005 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: error_string.c 22142 2007-12-04 16:56:02Z lha $"); - #undef __attribute__ -#define __attribute__(X) +#define __attribute__(x) -void KRB5_LIB_FUNCTION -krb5_free_error_string(krb5_context context, char *str) +/** + * Clears the error message from the Kerberos 5 context. + * + * @param context The Kerberos 5 context to clear + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_clear_error_message(krb5_context context) { HEIMDAL_MUTEX_lock(context->mutex); - if (str != context->error_buf) - free(str); - HEIMDAL_MUTEX_unlock(context->mutex); -} - -void KRB5_LIB_FUNCTION -krb5_clear_error_string(krb5_context context) -{ - HEIMDAL_MUTEX_lock(context->mutex); - if (context->error_string != NULL - && context->error_string != context->error_buf) + if (context->error_string) free(context->error_string); + context->error_code = 0; context->error_string = NULL; HEIMDAL_MUTEX_unlock(context->mutex); } -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_error_string(krb5_context context, const char *fmt, ...) - __attribute__((format (printf, 2, 3))) +/** + * Set the context full error string for a specific error code. + * The error that is stored should be internationalized. + * + * The if context is NULL, no error string is stored. + * + * @param context Kerberos 5 context + * @param ret The error code + * @param fmt Error string for the error code + * @param ... printf(3) style parameters. + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_set_error_message(krb5_context context, krb5_error_code ret, + const char *fmt, ...) + __attribute__ ((format (printf, 3, 4))) { - krb5_error_code ret; va_list ap; va_start(ap, fmt); - ret = krb5_vset_error_string (context, fmt, ap); + krb5_vset_error_message (context, ret, fmt, ap); va_end(ap); - return ret; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_vset_error_string(krb5_context context, const char *fmt, va_list args) - __attribute__ ((format (printf, 2, 0))) +/** + * Set the context full error string for a specific error code. + * + * The if context is NULL, no error string is stored. + * + * @param context Kerberos 5 context + * @param ret The error code + * @param fmt Error string for the error code + * @param args printf(3) style parameters. + * + * @ingroup krb5_error + */ + + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_vset_error_message (krb5_context context, krb5_error_code ret, + const char *fmt, va_list args) + __attribute__ ((format (printf, 3, 0))) { - krb5_clear_error_string(context); + int r; + + if (context == NULL) + return; + HEIMDAL_MUTEX_lock(context->mutex); - vasprintf(&context->error_string, fmt, args); - if(context->error_string == NULL) { - vsnprintf (context->error_buf, sizeof(context->error_buf), fmt, args); - context->error_string = context->error_buf; + if (context->error_string) { + free(context->error_string); + context->error_string = NULL; } + context->error_code = ret; + r = vasprintf(&context->error_string, fmt, args); + if (r < 0) + context->error_string = NULL; HEIMDAL_MUTEX_unlock(context->mutex); - return 0; } +/** + * Prepend the context full error string for a specific error code. + * The error that is stored should be internationalized. + * + * The if context is NULL, no error string is stored. + * + * @param context Kerberos 5 context + * @param ret The error code + * @param fmt Error string for the error code + * @param ... printf(3) style parameters. + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_prepend_error_message(krb5_context context, krb5_error_code ret, + const char *fmt, ...) + __attribute__ ((format (printf, 3, 4))) +{ + va_list ap; + + va_start(ap, fmt); + krb5_vprepend_error_message(context, ret, fmt, ap); + va_end(ap); +} + +/** + * Prepend the contexts's full error string for a specific error code. + * + * The if context is NULL, no error string is stored. + * + * @param context Kerberos 5 context + * @param ret The error code + * @param fmt Error string for the error code + * @param args printf(3) style parameters. + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_vprepend_error_message(krb5_context context, krb5_error_code ret, + const char *fmt, va_list args) + __attribute__ ((format (printf, 3, 0))) +{ + char *str = NULL, *str2 = NULL; + + if (context == NULL) + return; + + HEIMDAL_MUTEX_lock(context->mutex); + if (context->error_code != ret) { + HEIMDAL_MUTEX_unlock(context->mutex); + return; + } + if (vasprintf(&str, fmt, args) < 0 || str == NULL) { + HEIMDAL_MUTEX_unlock(context->mutex); + return; + } + if (context->error_string) { + int e; + + e = asprintf(&str2, "%s: %s", str, context->error_string); + free(context->error_string); + if (e < 0 || str2 == NULL) + context->error_string = NULL; + else + context->error_string = str2; + free(str); + } else + context->error_string = str; + HEIMDAL_MUTEX_unlock(context->mutex); +} + + /** * Return the error message in context. On error or no error string, * the function returns NULL. @@ -93,12 +198,12 @@ krb5_vset_error_string(krb5_context context, const char *fmt, va_list args) * @param context Kerberos 5 context * * @return an error string, needs to be freed with - * krb5_free_error_string(). The functions return NULL on error. + * krb5_free_error_message(). The functions return NULL on error. * * @ingroup krb5_error */ -char * KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION char * KRB5_LIB_CALL krb5_get_error_string(krb5_context context) { char *ret = NULL; @@ -110,7 +215,7 @@ krb5_get_error_string(krb5_context context) return ret; } -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_have_error_string(krb5_context context) { char *str; @@ -121,35 +226,93 @@ krb5_have_error_string(krb5_context context) } /** - * Return the error message for `code' in context. On error the - * function returns NULL. + * Return the error message for `code' in context. On memory + * allocation error the function returns NULL. * * @param context Kerberos 5 context * @param code Error code related to the error * * @return an error string, needs to be freed with - * krb5_free_error_string(). The functions return NULL on error. + * krb5_free_error_message(). The functions return NULL on error. * * @ingroup krb5_error */ -char * KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL krb5_get_error_message(krb5_context context, krb5_error_code code) { - const char *cstr; char *str; - str = krb5_get_error_string(context); - if (str) - return str; + HEIMDAL_MUTEX_lock(context->mutex); + if (context->error_string && + (code == context->error_code || context->error_code == 0)) + { + str = strdup(context->error_string); + if (str) { + HEIMDAL_MUTEX_unlock(context->mutex); + return str; + } + } + HEIMDAL_MUTEX_unlock(context->mutex); - cstr = krb5_get_err_text(context, code); - if (cstr) - return strdup(cstr); + if (code == 0) + return strdup("Success"); + { + const char *msg; + char buf[128]; + msg = com_right_r(context->et_list, code, buf, sizeof(buf)); + if (msg) + return strdup(msg); + } - if (asprintf(&str, "", code) == -1) + if (asprintf(&str, "", (int)code) == -1 || str == NULL) return NULL; return str; } + +/** + * Free the error message returned by krb5_get_error_message(). + * + * @param context Kerberos context + * @param msg error message to free, returned byg + * krb5_get_error_message(). + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_free_error_message(krb5_context context, const char *msg) +{ + free(rk_UNCONST(msg)); +} + + +/** + * Return the error string for the error code. The caller must not + * free the string. + * + * This function is deprecated since its not threadsafe. + * + * @param context Kerberos 5 context. + * @param code Kerberos error code. + * + * @return the error message matching code + * + * @ingroup krb5 + */ + +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL +krb5_get_err_text(krb5_context context, krb5_error_code code) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + const char *p = NULL; + if(context != NULL) + p = com_right(context->et_list, code); + if(p == NULL) + p = strerror(code); + if (p == NULL) + p = "Unknown error"; + return p; +} diff --git a/lib/krb5/expand_hostname.c b/lib/krb5/expand_hostname.c index 28e39afb42f7..7b638d5f0176 100644 --- a/lib/krb5/expand_hostname.c +++ b/lib/krb5/expand_hostname.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: expand_hostname.c 22229 2007-12-08 21:40:59Z lha $"); - static krb5_error_code copy_hostname(krb5_context context, const char *orig_hostname, @@ -42,19 +40,30 @@ copy_hostname(krb5_context context, { *new_hostname = strdup (orig_hostname); if (*new_hostname == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } strlwr (*new_hostname); return 0; } -/* - * Try to make `orig_hostname' into a more canonical one in the newly - * allocated space returned in `new_hostname'. +/** + * krb5_expand_hostname() tries to make orig_hostname into a more + * canonical one in the newly allocated space returned in + * new_hostname. + + * @param context a Keberos context + * @param orig_hostname hostname to canonicalise. + * @param new_hostname output hostname, caller must free hostname with + * krb5_xfree(). + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_support */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_expand_hostname (krb5_context context, const char *orig_hostname, char **new_hostname) @@ -76,7 +85,8 @@ krb5_expand_hostname (krb5_context context, *new_hostname = strdup (a->ai_canonname); freeaddrinfo (ai); if (*new_hostname == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } else { return 0; @@ -112,12 +122,25 @@ vanilla_hostname (krb5_context context, return 0; } -/* - * expand `hostname' to a name we believe to be a hostname in newly - * allocated space in `host' and return realms in `realms'. +/** + * krb5_expand_hostname_realms() expands orig_hostname to a name we + * believe to be a hostname in newly allocated space in new_hostname + * and return the realms new_hostname is believed to belong to in + * realms. + * + * @param context a Keberos context + * @param orig_hostname hostname to canonicalise. + * @param new_hostname output hostname, caller must free hostname with + * krb5_xfree(). + * @param realms output possible realms, is an array that is terminated + * with NULL. Caller must free with krb5_free_host_realm(). + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_support */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_expand_hostname_realms (krb5_context context, const char *orig_hostname, char **new_hostname, diff --git a/lib/krb5/expand_path.c b/lib/krb5/expand_path.c new file mode 100644 index 000000000000..4c4898a79ea1 --- /dev/null +++ b/lib/krb5/expand_path.c @@ -0,0 +1,500 @@ + +/*********************************************************************** + * Copyright (c) 2009, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#include "krb5_locl.h" + +typedef int PTYPE; + +#ifdef _WIN32 +#include +#include + +/* + * Expand a %{TEMP} token + * + * The %{TEMP} token expands to the temporary path for the current + * user as returned by GetTempPath(). + * + * @note: Since the GetTempPath() function relies on the TMP or TEMP + * environment variables, this function will failover to the system + * temporary directory until the user profile is loaded. In addition, + * the returned path may or may not exist. + */ +static int +_expand_temp_folder(krb5_context context, PTYPE param, const char *postfix, char **ret) +{ + TCHAR tpath[MAX_PATH]; + size_t len; + + if (!GetTempPath(sizeof(tpath)/sizeof(tpath[0]), tpath)) { + if (context) + krb5_set_error_message(context, EINVAL, + "Failed to get temporary path (GLE=%d)", + GetLastError()); + return EINVAL; + } + + len = strlen(tpath); + + if (len > 0 && tpath[len - 1] == '\\') + tpath[len - 1] = '\0'; + + *ret = strdup(tpath); + + if (*ret == NULL) { + if (context) + krb5_set_error_message(context, ENOMEM, "strdup - Out of memory"); + return ENOMEM; + } + + return 0; +} + +extern HINSTANCE _krb5_hInstance; + +/* + * Expand a %{BINDIR} token + * + * This is also used to expand a few other tokens on Windows, since + * most of the executable binaries end up in the same directory. The + * "bin" directory is considered to be the directory in which the + * krb5.dll is located. + */ +static int +_expand_bin_dir(krb5_context context, PTYPE param, const char *postfix, char **ret) +{ + TCHAR path[MAX_PATH]; + TCHAR *lastSlash; + DWORD nc; + + nc = GetModuleFileName(_krb5_hInstance, path, sizeof(path)/sizeof(path[0])); + if (nc == 0 || + nc == sizeof(path)/sizeof(path[0])) { + return EINVAL; + } + + lastSlash = strrchr(path, '\\'); + if (lastSlash != NULL) { + TCHAR *fslash = strrchr(lastSlash, '/'); + + if (fslash != NULL) + lastSlash = fslash; + + *lastSlash = '\0'; + } + + if (postfix) { + if (strlcat(path, postfix, sizeof(path)/sizeof(path[0])) >= sizeof(path)/sizeof(path[0])) + return EINVAL; + } + + *ret = strdup(path); + if (*ret == NULL) + return ENOMEM; + + return 0; +} + +/* + * Expand a %{USERID} token + * + * The %{USERID} token expands to the string representation of the + * user's SID. The user account that will be used is the account + * corresponding to the current thread's security token. This means + * that: + * + * - If the current thread token has the anonymous impersonation + * level, the call will fail. + * + * - If the current thread is impersonating a token at + * SecurityIdentification level the call will fail. + * + */ +static int +_expand_userid(krb5_context context, PTYPE param, const char *postfix, char **ret) +{ + int rv = EINVAL; + HANDLE hThread = NULL; + HANDLE hToken = NULL; + PTOKEN_OWNER pOwner = NULL; + DWORD len = 0; + LPTSTR strSid = NULL; + + hThread = GetCurrentThread(); + + if (!OpenThreadToken(hThread, TOKEN_QUERY, + FALSE, /* Open the thread token as the + current thread user. */ + &hToken)) { + + DWORD le = GetLastError(); + + if (le == ERROR_NO_TOKEN) { + HANDLE hProcess = GetCurrentProcess(); + + le = 0; + if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken)) + le = GetLastError(); + } + + if (le != 0) { + if (context) + krb5_set_error_message(context, rv, + "Can't open thread token (GLE=%d)", le); + goto _exit; + } + } + + if (!GetTokenInformation(hToken, TokenOwner, NULL, 0, &len)) { + if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) { + if (context) + krb5_set_error_message(context, rv, + "Unexpected error reading token information (GLE=%d)", + GetLastError()); + goto _exit; + } + + if (len == 0) { + if (context) + krb5_set_error_message(context, rv, + "GetTokenInformation() returned truncated buffer"); + goto _exit; + } + + pOwner = malloc(len); + if (pOwner == NULL) { + if (context) + krb5_set_error_message(context, rv, "Out of memory"); + goto _exit; + } + } else { + if (context) + krb5_set_error_message(context, rv, "GetTokenInformation() returned truncated buffer"); + goto _exit; + } + + if (!GetTokenInformation(hToken, TokenOwner, pOwner, len, &len)) { + if (context) + krb5_set_error_message(context, rv, "GetTokenInformation() failed. GLE=%d", GetLastError()); + goto _exit; + } + + if (!ConvertSidToStringSid(pOwner->Owner, &strSid)) { + if (context) + krb5_set_error_message(context, rv, "Can't convert SID to string. GLE=%d", GetLastError()); + goto _exit; + } + + *ret = strdup(strSid); + if (*ret == NULL && context) + krb5_set_error_message(context, rv, "Out of memory"); + + rv = 0; + + _exit: + if (hToken != NULL) + CloseHandle(hToken); + + if (pOwner != NULL) + free (pOwner); + + if (strSid != NULL) + LocalFree(strSid); + + return rv; +} + +/* + * Expand a folder identified by a CSIDL + */ + +static int +_expand_csidl(krb5_context context, PTYPE folder, const char *postfix, char **ret) +{ + TCHAR path[MAX_PATH]; + size_t len; + + if (SHGetFolderPath(NULL, folder, NULL, SHGFP_TYPE_CURRENT, path) != S_OK) { + if (context) + krb5_set_error_message(context, EINVAL, "Unable to determine folder path"); + return EINVAL; + } + + len = strlen(path); + + if (len > 0 && path[len - 1] == '\\') + path[len - 1] = '\0'; + + if (postfix && + strlcat(path, postfix, sizeof(path)/sizeof(path[0])) >= sizeof(path)/sizeof(path[0])) { + return ENOMEM; + } + + *ret = strdup(path); + if (*ret == NULL) { + if (context) + krb5_set_error_message(context, ENOMEM, "Out of memory"); + return ENOMEM; + } + return 0; +} + +#else + +static int +_expand_path(krb5_context context, PTYPE param, const char *postfix, char **ret) +{ + *ret = strdup(postfix); + if (*ret == NULL) { + krb5_set_error_message(context, ENOMEM, "malloc - out of memory"); + return ENOMEM; + } + return 0; +} + +static int +_expand_temp_folder(krb5_context context, PTYPE param, const char *postfix, char **ret) +{ + const char *p = NULL; + + if (issuid()) + p = getenv("TEMP"); + if (p) + *ret = strdup(p); + else + *ret = strdup("/tmp"); + if (*ret == NULL) + return ENOMEM; + return 0; +} + +static int +_expand_userid(krb5_context context, PTYPE param, const char *postfix, char **str) +{ + int ret = asprintf(str, "%ld", (unsigned long)getuid()); + if (ret < 0 || *str == NULL) + return ENOMEM; + return 0; +} + + +#endif /* _WIN32 */ + +/** + * Expand a %{null} token + * + * The expansion of a %{null} token is always the empty string. + */ + +static int +_expand_null(krb5_context context, PTYPE param, const char *postfix, char **ret) +{ + *ret = strdup(""); + if (*ret == NULL) { + if (context) + krb5_set_error_message(context, ENOMEM, "Out of memory"); + return ENOMEM; + } + return 0; +} + + +static const struct token { + const char * tok; + int ftype; +#define FTYPE_CSIDL 0 +#define FTYPE_SPECIAL 1 + + PTYPE param; + const char * postfix; + + int (*exp_func)(krb5_context, PTYPE, const char *, char **); + +#define SPECIALP(f, P) FTYPE_SPECIAL, 0, P, f +#define SPECIAL(f) SPECIALP(f, NULL) + +} tokens[] = { +#ifdef _WIN32 +#define CSIDLP(C,P) FTYPE_CSIDL, C, P, _expand_csidl +#define CSIDL(C) CSIDLP(C, NULL) + + {"APPDATA", CSIDL(CSIDL_APPDATA)}, /* Roaming application data (for current user) */ + {"COMMON_APPDATA", CSIDL(CSIDL_COMMON_APPDATA)}, /* Application data (all users) */ + {"LOCAL_APPDATA", CSIDL(CSIDL_LOCAL_APPDATA)}, /* Local application data (for current user) */ + {"SYSTEM", CSIDL(CSIDL_SYSTEM)}, /* Windows System folder (e.g. %WINDIR%\System32) */ + {"WINDOWS", CSIDL(CSIDL_WINDOWS)}, /* Windows folder */ + {"USERCONFIG", CSIDLP(CSIDL_APPDATA, "\\" PACKAGE)}, /* Per user Heimdal configuration file path */ + {"COMMONCONFIG", CSIDLP(CSIDL_COMMON_APPDATA, "\\" PACKAGE)}, /* Common Heimdal configuration file path */ + {"LIBDIR", SPECIAL(_expand_bin_dir)}, + {"BINDIR", SPECIAL(_expand_bin_dir)}, + {"LIBEXEC", SPECIAL(_expand_bin_dir)}, + {"SBINDIR", SPECIAL(_expand_bin_dir)}, +#else + {"LIBDIR", FTYPE_SPECIAL, 0, LIBDIR, _expand_path}, + {"BINDIR", FTYPE_SPECIAL, 0, BINDIR, _expand_path}, + {"LIBEXEC", FTYPE_SPECIAL, 0, LIBEXECDIR, _expand_path}, + {"SBINDIR", FTYPE_SPECIAL, 0, SBINDIR, _expand_path}, +#endif + {"TEMP", SPECIAL(_expand_temp_folder)}, + {"USERID", SPECIAL(_expand_userid)}, + {"uid", SPECIAL(_expand_userid)}, + {"null", SPECIAL(_expand_null)} +}; + +static int +_expand_token(krb5_context context, + const char *token, + const char *token_end, + char **ret) +{ + size_t i; + + *ret = NULL; + + if (token[0] != '%' || token[1] != '{' || token_end[0] != '}' || + token_end - token <= 2) { + if (context) + krb5_set_error_message(context, EINVAL,"Invalid token."); + return EINVAL; + } + + for (i = 0; i < sizeof(tokens)/sizeof(tokens[0]); i++) { + if (!strncmp(token+2, tokens[i].tok, (token_end - token) - 2)) + return tokens[i].exp_func(context, tokens[i].param, + tokens[i].postfix, ret); + } + + if (context) + krb5_set_error_message(context, EINVAL, "Invalid token."); + return EINVAL; +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_expand_path_tokens(krb5_context context, + const char *path_in, + char **ppath_out) +{ + char *tok_begin, *tok_end, *append; + const char *path_left; + size_t len = 0; + + if (path_in == NULL || *path_in == '\0') { + *ppath_out = strdup(""); + return 0; + } + + *ppath_out = NULL; + + for (path_left = path_in; path_left && *path_left; ) { + + tok_begin = strstr(path_left, "%{"); + + if (tok_begin && tok_begin != path_left) { + + append = malloc((tok_begin - path_left) + 1); + if (append) { + memcpy(append, path_left, tok_begin - path_left); + append[tok_begin - path_left] = '\0'; + } + path_left = tok_begin; + + } else if (tok_begin) { + + tok_end = strchr(tok_begin, '}'); + if (tok_end == NULL) { + if (*ppath_out) + free(*ppath_out); + *ppath_out = NULL; + if (context) + krb5_set_error_message(context, EINVAL, "variable missing }"); + return EINVAL; + } + + if (_expand_token(context, tok_begin, tok_end, &append)) { + if (*ppath_out) + free(*ppath_out); + *ppath_out = NULL; + return EINVAL; + } + + path_left = tok_end + 1; + } else { + + append = strdup(path_left); + path_left = NULL; + + } + + if (append == NULL) { + + if (*ppath_out) + free(*ppath_out); + *ppath_out = NULL; + if (context) + krb5_set_error_message(context, ENOMEM, "malloc - out of memory"); + return ENOMEM; + + } + + { + size_t append_len = strlen(append); + char * new_str = realloc(*ppath_out, len + append_len + 1); + + if (new_str == NULL) { + free(append); + if (*ppath_out) + free(*ppath_out); + *ppath_out = NULL; + if (context) + krb5_set_error_message(context, ENOMEM, "malloc - out of memory"); + return ENOMEM; + } + + *ppath_out = new_str; + memcpy(*ppath_out + len, append, append_len + 1); + len = len + append_len; + free(append); + } + } + +#ifdef _WIN32 + /* Also deal with slashes */ + if (*ppath_out) { + char * c; + for (c = *ppath_out; *c; c++) + if (*c == '/') + *c = '\\'; + } +#endif + + return 0; +} diff --git a/lib/krb5/fcache.c b/lib/krb5/fcache.c index 3857b58bf675..731f2934146b 100644 --- a/lib/krb5/fcache.c +++ b/lib/krb5/fcache.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: fcache.c 22522 2008-01-24 11:56:25Z lha $"); - typedef struct krb5_fcache{ char *filename; int version; @@ -58,10 +58,13 @@ struct fcc_cursor { #define FCC_CURSOR(C) ((struct fcc_cursor*)(C)) -static const char* +static const char* KRB5_CALLCONV fcc_get_name(krb5_context context, krb5_ccache id) { + if (FCACHE(id) == NULL) + return NULL; + return FILENAME(id); } @@ -90,17 +93,22 @@ _krb5_xlock(krb5_context context, int fd, krb5_boolean exclusive, case 0: break; case EINVAL: /* filesystem doesn't support locking, let the user have it */ - ret = 0; + ret = 0; break; case EAGAIN: - krb5_set_error_string(context, "timed out locking cache file %s", - filename); + krb5_set_error_message(context, ret, + N_("timed out locking cache file %s", "file"), + filename); break; - default: - krb5_set_error_string(context, "error locking cache file %s: %s", - filename, strerror(ret)); + default: { + char buf[128]; + rk_strerror_r(ret, buf, sizeof(buf)); + krb5_set_error_message(context, ret, + N_("error locking cache file %s: %s", + "file, error"), filename, buf); break; } + } return ret; } @@ -124,42 +132,72 @@ _krb5_xunlock(krb5_context context, int fd) case 0: break; case EINVAL: /* filesystem doesn't support locking, let the user have it */ - ret = 0; + ret = 0; break; - default: - krb5_set_error_string(context, - "Failed to unlock file: %s", strerror(ret)); + default: { + char buf[128]; + rk_strerror_r(ret, buf, sizeof(buf)); + krb5_set_error_message(context, ret, + N_("Failed to unlock file: %s", ""), buf); break; } + } return ret; } static krb5_error_code +write_storage(krb5_context context, krb5_storage *sp, int fd) +{ + krb5_error_code ret; + krb5_data data; + ssize_t sret; + + ret = krb5_storage_to_data(sp, &data); + if (ret) { + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + return ret; + } + sret = write(fd, data.data, data.length); + ret = (sret != (ssize_t)data.length); + krb5_data_free(&data); + if (ret) { + ret = errno; + krb5_set_error_message(context, ret, + N_("Failed to write FILE credential data", "")); + return ret; + } + return 0; +} + + +static krb5_error_code KRB5_CALLCONV fcc_lock(krb5_context context, krb5_ccache id, int fd, krb5_boolean exclusive) { return _krb5_xlock(context, fd, exclusive, fcc_get_name(context, id)); } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_unlock(krb5_context context, int fd) { return _krb5_xunlock(context, fd); } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_resolve(krb5_context context, krb5_ccache *id, const char *res) { krb5_fcache *f; f = malloc(sizeof(*f)); if(f == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); return KRB5_CC_NOMEM; } f->filename = strdup(res); if(f->filename == NULL){ free(f); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); return KRB5_CC_NOMEM; } f->version = 0; @@ -185,13 +223,17 @@ scrub_file (int fd) return errno; memset(buf, 0, sizeof(buf)); while(pos > 0) { - ssize_t tmp = write(fd, buf, min(sizeof(buf), pos)); + ssize_t tmp = write(fd, buf, min((off_t)sizeof(buf), pos)); if (tmp < 0) return errno; pos -= tmp; } +#ifdef _MSC_VER + _commit (fd); +#else fsync (fd); +#endif return 0; } @@ -202,8 +244,8 @@ scrub_file (int fd) * hardlink) */ -static krb5_error_code -erase_file(const char *filename) +krb5_error_code +_krb5_erase_file(krb5_context context, const char *filename) { int fd; struct stat sb1, sb2; @@ -220,12 +262,20 @@ erase_file(const char *filename) else return errno; } + rk_cloexec(fd); + ret = _krb5_xlock(context, fd, 1, filename); + if (ret) { + close(fd); + return ret; + } if (unlink(filename) < 0) { + _krb5_xunlock(context, fd); close (fd); return errno; } ret = fstat (fd, &sb2); if (ret < 0) { + _krb5_xunlock(context, fd); close (fd); return errno; } @@ -233,6 +283,7 @@ erase_file(const char *filename) /* check if someone was playing with symlinks */ if (sb1.st_dev != sb2.st_dev || sb1.st_ino != sb2.st_ino) { + _krb5_xunlock(context, fd); close (fd); return EPERM; } @@ -240,43 +291,60 @@ erase_file(const char *filename) /* there are still hard links to this file */ if (sb2.st_nlink != 0) { + _krb5_xunlock(context, fd); close (fd); return 0; } ret = scrub_file (fd); + if (ret) { + _krb5_xunlock(context, fd); + close(fd); + return ret; + } + ret = _krb5_xunlock(context, fd); close (fd); return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_gen_new(krb5_context context, krb5_ccache *id) { + char *file = NULL, *exp_file = NULL; + krb5_error_code ret; krb5_fcache *f; int fd; - char *file; f = malloc(sizeof(*f)); if(f == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); return KRB5_CC_NOMEM; } - asprintf (&file, "%sXXXXXX", KRB5_DEFAULT_CCFILE_ROOT); - if(file == NULL) { + ret = asprintf (&file, "%sXXXXXX", KRB5_DEFAULT_CCFILE_ROOT); + if(ret < 0 || file == NULL) { free(f); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); return KRB5_CC_NOMEM; } - fd = mkstemp(file); - if(fd < 0) { - int ret = errno; - krb5_set_error_string(context, "mkstemp %s", file); - free(f); - free(file); + ret = _krb5_expand_path_tokens(context, file, &exp_file); + free(file); + if (ret) return ret; + + file = exp_file; + + fd = mkstemp(exp_file); + if(fd < 0) { + int xret = errno; + krb5_set_error_message(context, xret, N_("mkstemp %s failed", ""), exp_file); + free(f); + free(exp_file); + return xret; } close(fd); - f->filename = file; + f->filename = exp_file; f->version = 0; (*id)->data.data = f; (*id)->data.length = sizeof(*f); @@ -302,13 +370,13 @@ storage_set_flags(krb5_context context, krb5_storage *sp, int vno) case KRB5_FCC_FVNO_4: break; default: - krb5_abortx(context, + krb5_abortx(context, "storage_set_flags called with bad vno (%x)", vno); } krb5_storage_set_flags(sp, flags); } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_open(krb5_context context, krb5_ccache id, int *fd_ret, @@ -318,16 +386,25 @@ fcc_open(krb5_context context, krb5_boolean exclusive = ((flags | O_WRONLY) == flags || (flags | O_RDWR) == flags); krb5_error_code ret; - const char *filename = FILENAME(id); + const char *filename; int fd; + + if (FCACHE(id) == NULL) + return krb5_einval(context, 2); + + filename = FILENAME(id); + fd = open(filename, flags, mode); if(fd < 0) { + char buf[128]; ret = errno; - krb5_set_error_string(context, "open(%s): %s", filename, - strerror(ret)); + rk_strerror_r(ret, buf, sizeof(buf)); + krb5_set_error_message(context, ret, N_("open(%s): %s", "file, error"), + filename, buf); return ret; } - + rk_cloexec(fd); + if((ret = fcc_lock(context, id, fd, exclusive)) != 0) { close(fd); return ret; @@ -336,7 +413,7 @@ fcc_open(krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_initialize(krb5_context context, krb5_ccache id, krb5_principal primary_principal) @@ -344,16 +421,18 @@ fcc_initialize(krb5_context context, krb5_fcache *f = FCACHE(id); int ret = 0; int fd; - char *filename = f->filename; - unlink (filename); - - ret = fcc_open(context, id, &fd, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600); + if (f == NULL) + return krb5_einval(context, 2); + + unlink (f->filename); + + ret = fcc_open(context, id, &fd, O_RDWR | O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC, 0600); if(ret) return ret; { - krb5_storage *sp; - sp = krb5_storage_from_fd(fd); + krb5_storage *sp; + sp = krb5_storage_emem(); krb5_storage_set_eof_code(sp, KRB5_CC_END); if(context->fcache_vno != 0) f->version = context->fcache_vno; @@ -375,37 +454,47 @@ fcc_initialize(krb5_context context, } } ret |= krb5_store_principal(sp, primary_principal); - + + ret |= write_storage(context, sp, fd); + krb5_storage_free(sp); } fcc_unlock(context, fd); if (close(fd) < 0) if (ret == 0) { + char buf[128]; ret = errno; - krb5_set_error_string (context, "close %s: %s", - FILENAME(id), strerror(ret)); + rk_strerror_r(ret, buf, sizeof(buf)); + krb5_set_error_message (context, ret, N_("close %s: %s", ""), + FILENAME(id), buf); } return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_close(krb5_context context, krb5_ccache id) { + if (FCACHE(id) == NULL) + return krb5_einval(context, 2); + free (FILENAME(id)); krb5_data_free(&id->data); return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_destroy(krb5_context context, krb5_ccache id) { - erase_file(FILENAME(id)); + if (FCACHE(id) == NULL) + return krb5_einval(context, 2); + + _krb5_erase_file(context, FILENAME(id)); return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_store_cred(krb5_context context, krb5_ccache id, krb5_creds *creds) @@ -413,12 +502,13 @@ fcc_store_cred(krb5_context context, int ret; int fd; - ret = fcc_open(context, id, &fd, O_WRONLY | O_APPEND | O_BINARY, 0); + ret = fcc_open(context, id, &fd, O_WRONLY | O_APPEND | O_BINARY | O_CLOEXEC, 0); if(ret) return ret; { krb5_storage *sp; - sp = krb5_storage_from_fd(fd); + + sp = krb5_storage_emem(); krb5_storage_set_eof_code(sp, KRB5_CC_END); storage_set_flags(context, sp, FCACHE(id)->version); if (!krb5_config_get_bool_default(context, NULL, TRUE, @@ -427,15 +517,20 @@ fcc_store_cred(krb5_context context, NULL)) krb5_storage_set_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER); ret = krb5_store_creds(sp, creds); + if (ret == 0) + ret = write_storage(context, sp, fd); krb5_storage_free(sp); } fcc_unlock(context, fd); - if (close(fd) < 0) + if (close(fd) < 0) { if (ret == 0) { + char buf[128]; + rk_strerror_r(ret, buf, sizeof(buf)); ret = errno; - krb5_set_error_string (context, "close %s: %s", - FILENAME(id), strerror(ret)); + krb5_set_error_message (context, ret, N_("close %s: %s", ""), + FILENAME(id), buf); } + } return ret; } @@ -443,20 +538,24 @@ static krb5_error_code init_fcc (krb5_context context, krb5_ccache id, krb5_storage **ret_sp, - int *ret_fd) + int *ret_fd, + krb5_deltat *kdc_offset) { int fd; int8_t pvno, tag; krb5_storage *sp; krb5_error_code ret; - ret = fcc_open(context, id, &fd, O_RDONLY | O_BINARY, 0); + if (kdc_offset) + *kdc_offset = 0; + + ret = fcc_open(context, id, &fd, O_RDONLY | O_BINARY | O_CLOEXEC, 0); if(ret) return ret; - + sp = krb5_storage_from_fd(fd); if(sp == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = ENOMEM; goto out; } @@ -464,25 +563,28 @@ init_fcc (krb5_context context, ret = krb5_ret_int8(sp, &pvno); if(ret != 0) { if(ret == KRB5_CC_END) { - krb5_set_error_string(context, "Empty credential cache file: %s", - FILENAME(id)); ret = ENOENT; + krb5_set_error_message(context, ret, + N_("Empty credential cache file: %s", ""), + FILENAME(id)); } else - krb5_set_error_string(context, "Error reading pvno in " - "cache file: %s", FILENAME(id)); + krb5_set_error_message(context, ret, N_("Error reading pvno " + "in cache file: %s", ""), + FILENAME(id)); goto out; } if(pvno != 5) { - krb5_set_error_string(context, "Bad version number in credential " - "cache file: %s", FILENAME(id)); ret = KRB5_CCACHE_BADVNO; + krb5_set_error_message(context, ret, N_("Bad version number in credential " + "cache file: %s", ""), + FILENAME(id)); goto out; } ret = krb5_ret_int8(sp, &tag); /* should not be host byte order */ if(ret != 0) { - krb5_set_error_string(context, "Error reading tag in " - "cache file: %s", FILENAME(id)); ret = KRB5_CC_FORMAT; + krb5_set_error_message(context, ret, "Error reading tag in " + "cache file: %s", FILENAME(id)); goto out; } FCACHE(id)->version = tag; @@ -494,8 +596,9 @@ init_fcc (krb5_context context, ret = krb5_ret_int16 (sp, &length); if(ret) { ret = KRB5_CC_FORMAT; - krb5_set_error_string(context, "Error reading tag length in " - "cache file: %s", FILENAME(id)); + krb5_set_error_message(context, ret, + N_("Error reading tag length in " + "cache file: %s", ""), FILENAME(id)); goto out; } while(length > 0) { @@ -505,43 +608,49 @@ init_fcc (krb5_context context, ret = krb5_ret_int16 (sp, &dtag); if(ret) { - krb5_set_error_string(context, "Error reading dtag in " - "cache file: %s", FILENAME(id)); ret = KRB5_CC_FORMAT; + krb5_set_error_message(context, ret, N_("Error reading dtag in " + "cache file: %s", ""), + FILENAME(id)); goto out; } ret = krb5_ret_int16 (sp, &data_len); if(ret) { - krb5_set_error_string(context, "Error reading dlength in " - "cache file: %s", FILENAME(id)); ret = KRB5_CC_FORMAT; + krb5_set_error_message(context, ret, + N_("Error reading dlength " + "in cache file: %s",""), + FILENAME(id)); goto out; } switch (dtag) { - case FCC_TAG_DELTATIME : - ret = krb5_ret_int32 (sp, &context->kdc_sec_offset); + case FCC_TAG_DELTATIME : { + int32_t offset; + + ret = krb5_ret_int32 (sp, &offset); + ret |= krb5_ret_int32 (sp, &context->kdc_usec_offset); if(ret) { - krb5_set_error_string(context, "Error reading kdc_sec in " - "cache file: %s", FILENAME(id)); - ret = KRB5_CC_FORMAT; - goto out; - } - ret = krb5_ret_int32 (sp, &context->kdc_usec_offset); - if(ret) { - krb5_set_error_string(context, "Error reading kdc_usec in " - "cache file: %s", FILENAME(id)); ret = KRB5_CC_FORMAT; + krb5_set_error_message(context, ret, + N_("Error reading kdc_sec in " + "cache file: %s", ""), + FILENAME(id)); goto out; } + context->kdc_sec_offset = offset; + if (kdc_offset) + *kdc_offset = offset; break; + } default : for (i = 0; i < data_len; ++i) { ret = krb5_ret_int8 (sp, &dummy); if(ret) { - krb5_set_error_string(context, "Error reading unknown " - "tag in cache file: %s", - FILENAME(id)); ret = KRB5_CC_FORMAT; + krb5_set_error_message(context, ret, + N_("Error reading unknown " + "tag in cache file: %s", ""), + FILENAME(id)); goto out; } } @@ -557,14 +666,15 @@ init_fcc (krb5_context context, break; default : ret = KRB5_CCACHE_BADVNO; - krb5_set_error_string(context, "Unknown version number (%d) in " - "credential cache file: %s", - (int)tag, FILENAME(id)); + krb5_set_error_message(context, ret, + N_("Unknown version number (%d) in " + "credential cache file: %s", ""), + (int)tag, FILENAME(id)); goto out; } *ret_sp = sp; *ret_fd = fd; - + return 0; out: if(sp != NULL) @@ -574,7 +684,7 @@ init_fcc (krb5_context context, return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_get_principal(krb5_context context, krb5_ccache id, krb5_principal *principal) @@ -583,24 +693,24 @@ fcc_get_principal(krb5_context context, int fd; krb5_storage *sp; - ret = init_fcc (context, id, &sp, &fd); + ret = init_fcc (context, id, &sp, &fd, NULL); if (ret) return ret; ret = krb5_ret_principal(sp, principal); if (ret) - krb5_clear_error_string(context); + krb5_clear_error_message(context); krb5_storage_free(sp); fcc_unlock(context, fd); close(fd); return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_end_get (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor); -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_get_first (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor) @@ -608,15 +718,18 @@ fcc_get_first (krb5_context context, krb5_error_code ret; krb5_principal principal; + if (FCACHE(id) == NULL) + return krb5_einval(context, 2); + *cursor = malloc(sizeof(struct fcc_cursor)); if (*cursor == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } memset(*cursor, 0, sizeof(struct fcc_cursor)); - ret = init_fcc (context, id, &FCC_CURSOR(*cursor)->sp, - &FCC_CURSOR(*cursor)->fd); + ret = init_fcc (context, id, &FCC_CURSOR(*cursor)->sp, + &FCC_CURSOR(*cursor)->fd, NULL); if (ret) { free(*cursor); *cursor = NULL; @@ -624,7 +737,7 @@ fcc_get_first (krb5_context context, } ret = krb5_ret_principal (FCC_CURSOR(*cursor)->sp, &principal); if(ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); fcc_end_get(context, id, cursor); return ret; } @@ -633,29 +746,43 @@ fcc_get_first (krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_get_next (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor, krb5_creds *creds) { krb5_error_code ret; + + if (FCACHE(id) == NULL) + return krb5_einval(context, 2); + + if (FCC_CURSOR(*cursor) == NULL) + return krb5_einval(context, 3); + if((ret = fcc_lock(context, id, FCC_CURSOR(*cursor)->fd, FALSE)) != 0) return ret; ret = krb5_ret_creds(FCC_CURSOR(*cursor)->sp, creds); if (ret) - krb5_clear_error_string(context); + krb5_clear_error_message(context); fcc_unlock(context, FCC_CURSOR(*cursor)->fd); return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_end_get (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor) { + + if (FCACHE(id) == NULL) + return krb5_einval(context, 2); + + if (FCC_CURSOR(*cursor) == NULL) + return krb5_einval(context, 3); + krb5_storage_free(FCC_CURSOR(*cursor)->sp); close (FCC_CURSOR(*cursor)->fd); free(*cursor); @@ -663,16 +790,21 @@ fcc_end_get (krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_remove_cred(krb5_context context, krb5_ccache id, krb5_flags which, krb5_creds *cred) { krb5_error_code ret; - krb5_ccache copy; + krb5_ccache copy, newfile; + char *newname = NULL; + int fd; - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, ©); + if (FCACHE(id) == NULL) + return krb5_einval(context, 2); + + ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, ©); if (ret) return ret; @@ -688,49 +820,86 @@ fcc_remove_cred(krb5_context context, return ret; } - fcc_destroy(context, id); + ret = asprintf(&newname, "FILE:%s.XXXXXX", FILENAME(id)); + if (ret < 0 || newname == NULL) { + krb5_cc_destroy(context, copy); + return ENOMEM; + } - ret = krb5_cc_copy_cache(context, copy, id); + fd = mkstemp(&newname[5]); + if (fd < 0) { + ret = errno; + krb5_cc_destroy(context, copy); + return ret; + } + close(fd); + + ret = krb5_cc_resolve(context, newname, &newfile); + if (ret) { + unlink(&newname[5]); + free(newname); + krb5_cc_destroy(context, copy); + return ret; + } + + ret = krb5_cc_copy_cache(context, copy, newfile); krb5_cc_destroy(context, copy); + if (ret) { + free(newname); + krb5_cc_destroy(context, newfile); + return ret; + } + + ret = rk_rename(&newname[5], FILENAME(id)); + if (ret) + ret = errno; + free(newname); + krb5_cc_close(context, newfile); return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_set_flags(krb5_context context, krb5_ccache id, krb5_flags flags) { + if (FCACHE(id) == NULL) + return krb5_einval(context, 2); + return 0; /* XXX */ } -static krb5_error_code +static int KRB5_CALLCONV fcc_get_version(krb5_context context, krb5_ccache id) { + if (FCACHE(id) == NULL) + return -1; + return FCACHE(id)->version; } - + struct fcache_iter { int first; }; -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_get_cache_first(krb5_context context, krb5_cc_cursor *cursor) { struct fcache_iter *iter; iter = calloc(1, sizeof(*iter)); if (iter == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; - } + } iter->first = 1; *cursor = iter; return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_get_cache_next(krb5_context context, krb5_cc_cursor cursor, krb5_ccache *id) { struct fcache_iter *iter = cursor; @@ -738,47 +907,68 @@ fcc_get_cache_next(krb5_context context, krb5_cc_cursor cursor, krb5_ccache *id) const char *fn; char *expandedfn = NULL; + if (iter == NULL) + return krb5_einval(context, 2); + if (!iter->first) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return KRB5_CC_END; } iter->first = 0; fn = krb5_cc_default_name(context); - if (strncasecmp(fn, "FILE:", 5) != 0) { - ret = _krb5_expand_default_cc_name(context, + if (fn == NULL || strncasecmp(fn, "FILE:", 5) != 0) { + ret = _krb5_expand_default_cc_name(context, KRB5_DEFAULT_CCNAME_FILE, &expandedfn); if (ret) return ret; + fn = expandedfn; + } + /* check if file exists, don't return a non existant "next" */ + if (strncasecmp(fn, "FILE:", 5) == 0) { + struct stat sb; + ret = stat(fn + 5, &sb); + if (ret) { + ret = KRB5_CC_END; + goto out; + } } ret = krb5_cc_resolve(context, fn, id); + out: if (expandedfn) free(expandedfn); - + return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_end_cache_get(krb5_context context, krb5_cc_cursor cursor) { struct fcache_iter *iter = cursor; + + if (iter == NULL) + return krb5_einval(context, 2); + free(iter); return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fcc_move(krb5_context context, krb5_ccache from, krb5_ccache to) { krb5_error_code ret = 0; - ret = rename(FILENAME(from), FILENAME(to)); + ret = rk_rename(FILENAME(from), FILENAME(to)); + if (ret && errno != EXDEV) { + char buf[128]; ret = errno; - krb5_set_error_string(context, - "Rename of file from %s to %s failed: %s", - FILENAME(from), FILENAME(to), - strerror(ret)); + rk_strerror_r(ret, buf, sizeof(buf)); + krb5_set_error_message(context, ret, + N_("Rename of file from %s " + "to %s failed: %s", ""), + FILENAME(from), FILENAME(to), buf); return ret; } else if (ret && errno == EXDEV) { /* make a copy and delete the orignal */ @@ -786,14 +976,14 @@ fcc_move(krb5_context context, krb5_ccache from, krb5_ccache to) int fd1, fd2; char buf[BUFSIZ]; - ret = fcc_open(context, from, &fd1, O_RDONLY | O_BINARY, 0); + ret = fcc_open(context, from, &fd1, O_RDONLY | O_BINARY | O_CLOEXEC, 0); if(ret) return ret; unlink(FILENAME(to)); - ret = fcc_open(context, to, &fd2, - O_WRONLY | O_CREAT | O_EXCL | O_BINARY, 0600); + ret = fcc_open(context, to, &fd2, + O_WRONLY | O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC, 0600); if(ret) goto out1; @@ -801,21 +991,19 @@ fcc_move(krb5_context context, krb5_ccache from, krb5_ccache to) sz2 = write(fd2, buf, sz1); if (sz1 != sz2) { ret = EIO; - krb5_set_error_string(context, - "Failed to write data from one file " - "credential cache to the other"); + krb5_set_error_message(context, ret, + N_("Failed to write data from one file " + "credential cache to the other", "")); goto out2; } } if (sz1 < 0) { ret = EIO; - krb5_set_error_string(context, - "Failed to read data from one file " - "credential cache to the other"); + krb5_set_error_message(context, ret, + N_("Failed to read data from one file " + "credential cache to the other", "")); goto out2; } - erase_file(FILENAME(from)); - out2: fcc_unlock(context, fd2); close(fd2); @@ -824,8 +1012,10 @@ fcc_move(krb5_context context, krb5_ccache from, krb5_ccache to) fcc_unlock(context, fd1); close(fd1); + _krb5_erase_file(context, FILENAME(from)); + if (ret) { - erase_file(FILENAME(to)); + _krb5_erase_file(context, FILENAME(to)); return ret; } } @@ -834,29 +1024,78 @@ fcc_move(krb5_context context, krb5_ccache from, krb5_ccache to) { krb5_storage *sp; int fd; - ret = init_fcc (context, to, &sp, &fd); - krb5_storage_free(sp); - fcc_unlock(context, fd); - close(fd); - } + if ((ret = init_fcc (context, to, &sp, &fd, NULL)) == 0) { + if (sp) + krb5_storage_free(sp); + fcc_unlock(context, fd); + close(fd); + } + } + + fcc_close(context, from); + return ret; } -static krb5_error_code -fcc_default_name(krb5_context context, char **str) +static krb5_error_code KRB5_CALLCONV +fcc_get_default_name(krb5_context context, char **str) { - return _krb5_expand_default_cc_name(context, + return _krb5_expand_default_cc_name(context, KRB5_DEFAULT_CCNAME_FILE, str); } +static krb5_error_code KRB5_CALLCONV +fcc_lastchange(krb5_context context, krb5_ccache id, krb5_timestamp *mtime) +{ + krb5_error_code ret; + struct stat sb; + int fd; + + ret = fcc_open(context, id, &fd, O_RDONLY | O_BINARY | O_CLOEXEC, 0); + if(ret) + return ret; + ret = fstat(fd, &sb); + close(fd); + if (ret) { + ret = errno; + krb5_set_error_message(context, ret, N_("Failed to stat cache file", "")); + return ret; + } + *mtime = sb.st_mtime; + return 0; +} + +static krb5_error_code KRB5_CALLCONV +fcc_set_kdc_offset(krb5_context context, krb5_ccache id, krb5_deltat kdc_offset) +{ + return 0; +} + +static krb5_error_code KRB5_CALLCONV +fcc_get_kdc_offset(krb5_context context, krb5_ccache id, krb5_deltat *kdc_offset) +{ + krb5_error_code ret; + krb5_storage *sp = NULL; + int fd; + ret = init_fcc(context, id, &sp, &fd, kdc_offset); + if (sp) + krb5_storage_free(sp); + fcc_unlock(context, fd); + close(fd); + + return ret; +} + + /** * Variable containing the FILE based credential cache implemention. * * @ingroup krb5_ccache */ -const krb5_cc_ops krb5_fcc_ops = { +KRB5_LIB_VARIABLE const krb5_cc_ops krb5_fcc_ops = { + KRB5_CC_OPS_VERSION, "FILE", fcc_get_name, fcc_resolve, @@ -877,5 +1116,9 @@ const krb5_cc_ops krb5_fcc_ops = { fcc_get_cache_next, fcc_end_cache_get, fcc_move, - fcc_default_name + fcc_get_default_name, + NULL, + fcc_lastchange, + fcc_set_kdc_offset, + fcc_get_kdc_offset }; diff --git a/lib/krb5/free.c b/lib/krb5/free.c index 1b0bd05412f2..5bb33b443cb9 100644 --- a/lib/krb5/free.c +++ b/lib/krb5/free.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 1999, 2004 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999, 2004 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: free.c 15175 2005-05-18 10:06:16Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_kdc_rep(krb5_context context, krb5_kdc_rep *rep) { free_KDC_REP(&rep->kdc_rep); @@ -45,7 +43,7 @@ krb5_free_kdc_rep(krb5_context context, krb5_kdc_rep *rep) return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_xfree (void *ptr) { free (ptr); diff --git a/lib/krb5/free_host_realm.c b/lib/krb5/free_host_realm.c index 6b13ce7d0e04..0932674e9bef 100644 --- a/lib/krb5/free_host_realm.c +++ b/lib/krb5/free_host_realm.c @@ -1,45 +1,50 @@ /* - * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: free_host_realm.c 13863 2004-05-25 21:46:46Z lha $"); - -/* +/** * Free all memory allocated by `realmlist' + * + * @param context A Kerberos 5 context. + * @param realmlist realmlist to free, NULL is ok + * + * @return a Kerberos error code, always 0. + * + * @ingroup krb5_support */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_host_realm(krb5_context context, krb5_realm *realmlist) { diff --git a/lib/krb5/generate_seq_number.c b/lib/krb5/generate_seq_number.c index 8a04f048c8c8..6001d6926138 100644 --- a/lib/krb5/generate_seq_number.c +++ b/lib/krb5/generate_seq_number.c @@ -1,62 +1,48 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" -RCSID("$Id: generate_seq_number.c 17442 2006-05-05 09:31:15Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_generate_seq_number(krb5_context context, const krb5_keyblock *key, uint32_t *seqno) { - krb5_error_code ret; - krb5_keyblock *subkey; - uint32_t q; - u_char *p; - int i; - - ret = krb5_generate_subkey (context, key, &subkey); - if (ret) - return ret; - - q = 0; - for (p = (u_char *)subkey->keyvalue.data, i = 0; - i < subkey->keyvalue.length; - ++i, ++p) - q = (q << 8) | *p; - q &= 0xffffffff; - *seqno = q; - krb5_free_keyblock (context, subkey); + if (RAND_bytes((void *)seqno, sizeof(*seqno)) <= 0) + krb5_abortx(context, "Failed to generate random block"); + /* MIT used signed numbers, lets not stomp into that space directly */ + *seqno &= 0x3fffffff; + if (*seqno == 0) + *seqno = 1; return 0; } diff --git a/lib/krb5/generate_subkey.c b/lib/krb5/generate_subkey.c index fb99cbbf3f74..e09dc2a91685 100644 --- a/lib/krb5/generate_subkey.c +++ b/lib/krb5/generate_subkey.c @@ -1,49 +1,52 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" -RCSID("$Id: generate_subkey.c 14455 2005-01-05 02:39:21Z lukeh $"); +/** + * Generate subkey, from keyblock + * + * @param context kerberos context + * @param key session key + * @param etype encryption type of subkey, if ETYPE_NULL, use key's enctype + * @param subkey returned new, free with krb5_free_keyblock(). + * + * @return 0 on success or a Kerberos 5 error code + * +* @ingroup krb5_crypto + */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_generate_subkey(krb5_context context, - const krb5_keyblock *key, - krb5_keyblock **subkey) -{ - return krb5_generate_subkey_extended(context, key, key->keytype, subkey); -} - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_generate_subkey_extended(krb5_context context, const krb5_keyblock *key, krb5_enctype etype, @@ -53,7 +56,7 @@ krb5_generate_subkey_extended(krb5_context context, ALLOC(*subkey, 1); if (*subkey == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM,N_("malloc: out of memory", "")); return ENOMEM; } diff --git a/lib/krb5/get_addrs.c b/lib/krb5/get_addrs.c index a7fd2ea84b1b..0e2bfcf66f94 100644 --- a/lib/krb5/get_addrs.c +++ b/lib/krb5/get_addrs.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: get_addrs.c 13863 2004-05-25 21:46:46Z lha $"); - #ifdef __osf__ /* hate */ struct rtentry; @@ -54,20 +52,20 @@ gethostname_fallback (krb5_context context, krb5_addresses *res) if (gethostname (hostname, sizeof(hostname))) { ret = errno; - krb5_set_error_string (context, "gethostname: %s", strerror(ret)); + krb5_set_error_message(context, ret, "gethostname: %s", strerror(ret)); return ret; } hostent = roken_gethostbyname (hostname); if (hostent == NULL) { ret = errno; - krb5_set_error_string (context, "gethostbyname %s: %s", - hostname, strerror(ret)); + krb5_set_error_message (context, ret, "gethostbyname %s: %s", + hostname, strerror(ret)); return ret; } res->len = 1; res->val = malloc (sizeof(*res->val)); if (res->val == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } res->val[0].addr_type = hostent->h_addrtype; @@ -84,8 +82,8 @@ gethostname_fallback (krb5_context context, krb5_addresses *res) } enum { - LOOP = 1, /* do include loopback interfaces */ - LOOP_IF_NONE = 2, /* include loopback if no other if's */ + LOOP = 1, /* do include loopback addrs */ + LOOP_IF_NONE = 2, /* include loopback addrs if no others */ EXTRA_ADDRESSES = 4, /* include extra addresses */ SCAN_INTERFACES = 8 /* scan interfaces for addresses */ }; @@ -100,15 +98,13 @@ find_all_addresses (krb5_context context, krb5_addresses *res, int flags) { struct sockaddr sa_zero; struct ifaddrs *ifa0, *ifa; - krb5_error_code ret = ENXIO; - int num, idx; + krb5_error_code ret = ENXIO; + unsigned int num, idx; krb5_addresses ignore_addresses; - res->val = NULL; - if (getifaddrs(&ifa0) == -1) { ret = errno; - krb5_set_error_string(context, "getifaddrs: %s", strerror(ret)); + krb5_set_error_message(context, ret, "getifaddrs: %s", strerror(ret)); return (ret); } @@ -120,7 +116,7 @@ find_all_addresses (krb5_context context, krb5_addresses *res, int flags) if (num == 0) { freeifaddrs(ifa0); - krb5_set_error_string(context, "no addresses found"); + krb5_set_error_message(context, ENXIO, N_("no addresses found", "")); return (ENXIO); } @@ -136,8 +132,8 @@ find_all_addresses (krb5_context context, krb5_addresses *res, int flags) if (res->val == NULL) { krb5_free_addresses(context, &ignore_addresses); freeifaddrs(ifa0); - krb5_set_error_string (context, "malloc: out of memory"); - return (ENOMEM); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; } /* Now traverse the list. */ @@ -150,11 +146,9 @@ find_all_addresses (krb5_context context, krb5_addresses *res, int flags) continue; if (krb5_sockaddr_uninteresting(ifa->ifa_addr)) continue; - if ((ifa->ifa_flags & IFF_LOOPBACK) != 0) { + if (krb5_sockaddr_is_loopback(ifa->ifa_addr) && (flags & LOOP) == 0) /* We'll deal with the LOOP_IF_NONE case later. */ - if ((flags & LOOP) == 0) - continue; - } + continue; ret = krb5_sockaddr2address(context, ifa->ifa_addr, &res->val[idx]); if (ret) { @@ -167,7 +161,7 @@ find_all_addresses (krb5_context context, krb5_addresses *res, int flags) continue; } /* possibly skip this address? */ - if((flags & EXTRA_ADDRESSES) && + if((flags & EXTRA_ADDRESSES) && krb5_address_search(context, &res->val[idx], &ignore_addresses)) { krb5_free_address(context, &res->val[idx]); flags &= ~LOOP_IF_NONE; /* we actually found an address, @@ -193,33 +187,32 @@ find_all_addresses (krb5_context context, krb5_addresses *res, int flags) continue; if (krb5_sockaddr_uninteresting(ifa->ifa_addr)) continue; - - if ((ifa->ifa_flags & IFF_LOOPBACK) != 0) { - ret = krb5_sockaddr2address(context, - ifa->ifa_addr, &res->val[idx]); - if (ret) { - /* - * See comment above. - */ - continue; - } - if((flags & EXTRA_ADDRESSES) && - krb5_address_search(context, &res->val[idx], - &ignore_addresses)) { - krb5_free_address(context, &res->val[idx]); - continue; - } - idx++; + if (!krb5_sockaddr_is_loopback(ifa->ifa_addr)) + continue; + if ((ifa->ifa_flags & IFF_LOOPBACK) == 0) + /* Presumably loopback addrs are only used on loopback ifs! */ + continue; + ret = krb5_sockaddr2address(context, + ifa->ifa_addr, &res->val[idx]); + if (ret) + continue; /* We don't consider this failure fatal */ + if((flags & EXTRA_ADDRESSES) && + krb5_address_search(context, &res->val[idx], + &ignore_addresses)) { + krb5_free_address(context, &res->val[idx]); + continue; } + idx++; } } if (flags & EXTRA_ADDRESSES) krb5_free_addresses(context, &ignore_addresses); freeifaddrs(ifa0); - if (ret) + if (ret) { free(res->val); - else + res->val = NULL; + } else res->len = idx; /* Now a count. */ return (ret); } @@ -229,13 +222,14 @@ get_addrs_int (krb5_context context, krb5_addresses *res, int flags) { krb5_error_code ret = -1; + res->len = 0; + res->val = NULL; + if (flags & SCAN_INTERFACES) { ret = find_all_addresses (context, res, flags); if(ret || res->len == 0) ret = gethostname_fallback (context, res); } else { - res->len = 0; - res->val = NULL; ret = 0; } @@ -268,7 +262,7 @@ get_addrs_int (krb5_context context, krb5_addresses *res, int flags) * Only include loopback address if there are no other. */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_all_client_addrs (krb5_context context, krb5_addresses *res) { int flags = LOOP_IF_NONE | EXTRA_ADDRESSES; @@ -284,7 +278,7 @@ krb5_get_all_client_addrs (krb5_context context, krb5_addresses *res) * If that fails, we return the address corresponding to `hostname'. */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_all_server_addrs (krb5_context context, krb5_addresses *res) { return get_addrs_int (context, res, LOOP | SCAN_INTERFACES); diff --git a/lib/krb5/get_cred.c b/lib/krb5/get_cred.c index ce0ec6d29283..e3bb23a2e9d7 100644 --- a/lib/krb5/get_cred.c +++ b/lib/krb5/get_cred.c @@ -1,39 +1,45 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" +#include -RCSID("$Id: get_cred.c 21668 2007-07-22 11:28:05Z lha $"); +static krb5_error_code +get_cred_kdc_capath(krb5_context, krb5_kdc_flags, + krb5_ccache, krb5_creds *, krb5_principal, + Ticket *, krb5_creds **, krb5_creds ***); /* * Take the `body' and encode it into `padata' using the credentials @@ -41,16 +47,15 @@ RCSID("$Id: get_cred.c 21668 2007-07-22 11:28:05Z lha $"); */ static krb5_error_code -make_pa_tgs_req(krb5_context context, +make_pa_tgs_req(krb5_context context, krb5_auth_context ac, KDC_REQ_BODY *body, PA_DATA *padata, - krb5_creds *creds, - krb5_key_usage usage) + krb5_creds *creds) { u_char *buf; size_t buf_size; - size_t len; + size_t len = 0; krb5_data in_data; krb5_error_code ret; @@ -65,8 +70,7 @@ make_pa_tgs_req(krb5_context context, ret = _krb5_mk_req_internal(context, &ac, 0, &in_data, creds, &padata->padata_value, KRB5_KU_TGS_REQ_AUTH_CKSUM, - usage - /* KRB5_KU_TGS_REQ_AUTH */); + KRB5_KU_TGS_REQ_AUTH); out: free (buf); if(ret) @@ -83,10 +87,10 @@ static krb5_error_code set_auth_data (krb5_context context, KDC_REQ_BODY *req_body, krb5_authdata *authdata, - krb5_keyblock *key) + krb5_keyblock *subkey) { if(authdata->len) { - size_t len, buf_size; + size_t len = 0, buf_size; unsigned char *buf; krb5_crypto crypto; krb5_error_code ret; @@ -101,20 +105,20 @@ set_auth_data (krb5_context context, ALLOC(req_body->enc_authorization_data, 1); if (req_body->enc_authorization_data == NULL) { free (buf); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } - ret = krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_crypto_init(context, subkey, 0, &crypto); if (ret) { free (buf); free (req_body->enc_authorization_data); req_body->enc_authorization_data = NULL; return ret; } - krb5_encrypt_EncryptedData(context, + krb5_encrypt_EncryptedData(context, crypto, - KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY, - /* KRB5_KU_TGS_REQ_AUTH_DAT_SESSION? */ + KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY, buf, len, 0, @@ -125,7 +129,7 @@ set_auth_data (krb5_context context, req_body->enc_authorization_data = NULL; } return 0; -} +} /* * Create a tgs-req in `t' with `addresses', `flags', `second_ticket' @@ -144,9 +148,9 @@ init_tgs_req (krb5_context context, unsigned nonce, const METHOD_DATA *padata, krb5_keyblock **subkey, - TGS_REQ *t, - krb5_key_usage usage) + TGS_REQ *t) { + krb5_auth_context ac = NULL; krb5_error_code ret = 0; memset(t, 0, sizeof(*t)); @@ -156,15 +160,17 @@ init_tgs_req (krb5_context context, ALLOC_SEQ(&t->req_body.etype, 1); if(t->req_body.etype.val == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto fail; } t->req_body.etype.val[0] = in_creds->session.keytype; } else { - ret = krb5_init_etype(context, - &t->req_body.etype.len, - &t->req_body.etype.val, - NULL); + ret = _krb5_init_etype(context, + KRB5_PDU_TGS_REQUEST, + &t->req_body.etype.len, + &t->req_body.etype.val, + NULL); } if (ret) goto fail; @@ -176,7 +182,7 @@ init_tgs_req (krb5_context context, ALLOC(t->req_body.sname, 1); if (t->req_body.sname == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } @@ -192,107 +198,83 @@ init_tgs_req (krb5_context context, ALLOC(t->req_body.till, 1); if(t->req_body.till == NULL){ ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } *t->req_body.till = in_creds->times.endtime; - + t->req_body.nonce = nonce; if(second_ticket){ ALLOC(t->req_body.additional_tickets, 1); if (t->req_body.additional_tickets == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto fail; } ALLOC_SEQ(t->req_body.additional_tickets, 1); if (t->req_body.additional_tickets->val == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto fail; } - ret = copy_Ticket(second_ticket, t->req_body.additional_tickets->val); + ret = copy_Ticket(second_ticket, t->req_body.additional_tickets->val); if (ret) goto fail; } ALLOC(t->padata, 1); if (t->padata == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } ALLOC_SEQ(t->padata, 1 + padata->len); if (t->padata->val == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } { - int i; + size_t i; for (i = 0; i < padata->len; i++) { ret = copy_PA_DATA(&padata->val[i], &t->padata->val[i + 1]); if (ret) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto fail; } } } - { - krb5_auth_context ac; - krb5_keyblock *key = NULL; + ret = krb5_auth_con_init(context, &ac); + if(ret) + goto fail; - ret = krb5_auth_con_init(context, &ac); - if(ret) - goto fail; + ret = krb5_auth_con_generatelocalsubkey(context, ac, &krbtgt->session); + if (ret) + goto fail; - if (krb5_config_get_bool_default(context, NULL, FALSE, - "realms", - krbtgt->server->realm, - "tgs_require_subkey", - NULL)) - { - ret = krb5_generate_subkey (context, &krbtgt->session, &key); - if (ret) { - krb5_auth_con_free (context, ac); - goto fail; - } + ret = set_auth_data (context, &t->req_body, &in_creds->authdata, + ac->local_subkey); + if (ret) + goto fail; - ret = krb5_auth_con_setlocalsubkey(context, ac, key); - if (ret) { - if (key) - krb5_free_keyblock (context, key); - krb5_auth_con_free (context, ac); - goto fail; - } - } + ret = make_pa_tgs_req(context, + ac, + &t->req_body, + &t->padata->val[0], + krbtgt); + if(ret) + goto fail; - ret = set_auth_data (context, &t->req_body, &in_creds->authdata, - key ? key : &krbtgt->session); - if (ret) { - if (key) - krb5_free_keyblock (context, key); - krb5_auth_con_free (context, ac); - goto fail; - } + ret = krb5_auth_con_getlocalsubkey(context, ac, subkey); + if (ret) + goto fail; - ret = make_pa_tgs_req(context, - ac, - &t->req_body, - &t->padata->val[0], - krbtgt, - usage); - if(ret) { - if (key) - krb5_free_keyblock (context, key); - krb5_auth_con_free(context, ac); - goto fail; - } - *subkey = key; - - krb5_auth_con_free(context, ac); - } fail: + if (ac) + krb5_auth_con_free(context, ac); if (ret) { t->req_body.addresses = NULL; free_TGS_REQ (t); @@ -315,7 +297,7 @@ _krb5_get_krbtgt(krb5_context context, if (ret) return ret; - ret = krb5_make_principal(context, + ret = krb5_make_principal(context, &tmp_cred.server, realm, KRB5_TGS_NAME, @@ -338,29 +320,27 @@ _krb5_get_krbtgt(krb5_context context, } /* DCE compatible decrypt proc */ -static krb5_error_code +static krb5_error_code KRB5_CALLCONV decrypt_tkt_with_subkey (krb5_context context, krb5_keyblock *key, krb5_key_usage usage, - krb5_const_pointer subkey, + krb5_const_pointer skey, krb5_kdc_rep *dec_rep) { - krb5_error_code ret; + const krb5_keyblock *subkey = skey; + krb5_error_code ret = 0; krb5_data data; size_t size; krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - return ret; - ret = krb5_decrypt_EncryptedData (context, - crypto, - usage, - &dec_rep->kdc_rep.enc_part, - &data); - krb5_crypto_destroy(context, crypto); - if(ret && subkey){ - /* DCE compat -- try to decrypt with subkey */ + + assert(usage == 0); + + krb5_data_zero(&data); + + /* + * start out with trying with subkey if we have one + */ + if (subkey) { ret = krb5_crypto_init(context, subkey, 0, &crypto); if (ret) return ret; @@ -369,37 +349,59 @@ decrypt_tkt_with_subkey (krb5_context context, KRB5_KU_TGS_REP_ENC_PART_SUB_KEY, &dec_rep->kdc_rep.enc_part, &data); + /* + * If the is Windows 2000 DC, we need to retry with key usage + * 8 when doing ARCFOUR. + */ + if (ret && subkey->keytype == ETYPE_ARCFOUR_HMAC_MD5) { + ret = krb5_decrypt_EncryptedData(context, + crypto, + 8, + &dec_rep->kdc_rep.enc_part, + &data); + } + krb5_crypto_destroy(context, crypto); + } + if (subkey == NULL || ret) { + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) + return ret; + ret = krb5_decrypt_EncryptedData (context, + crypto, + KRB5_KU_TGS_REP_ENC_PART_SESSION, + &dec_rep->kdc_rep.enc_part, + &data); krb5_crypto_destroy(context, crypto); } if (ret) return ret; - - ret = krb5_decode_EncASRepPart(context, - data.data, + + ret = decode_EncASRepPart(data.data, + data.length, + &dec_rep->enc_part, + &size); + if (ret) + ret = decode_EncTGSRepPart(data.data, data.length, - &dec_rep->enc_part, + &dec_rep->enc_part, &size); if (ret) - ret = krb5_decode_EncTGSRepPart(context, - data.data, - data.length, - &dec_rep->enc_part, - &size); + krb5_set_error_message(context, ret, + N_("Failed to decode encpart in ticket", "")); krb5_data_free (&data); return ret; } static krb5_error_code -get_cred_kdc_usage(krb5_context context, - krb5_ccache id, - krb5_kdc_flags flags, - krb5_addresses *addresses, - krb5_creds *in_creds, - krb5_creds *krbtgt, - krb5_principal impersonate_principal, - Ticket *second_ticket, - krb5_creds *out_creds, - krb5_key_usage usage) +get_cred_kdc(krb5_context context, + krb5_ccache id, + krb5_kdc_flags flags, + krb5_addresses *addresses, + krb5_creds *in_creds, + krb5_creds *krbtgt, + krb5_principal impersonate_principal, + Ticket *second_ticket, + krb5_creds *out_creds) { TGS_REQ req; krb5_data enc; @@ -409,10 +411,10 @@ get_cred_kdc_usage(krb5_context context, krb5_error_code ret; unsigned nonce; krb5_keyblock *subkey = NULL; - size_t len; + size_t len = 0; Ticket second_ticket_data; METHOD_DATA padata; - + krb5_data_zero(&resp); krb5_data_zero(&enc); padata.val = NULL; @@ -420,10 +422,10 @@ get_cred_kdc_usage(krb5_context context, krb5_generate_random_block(&nonce, sizeof(nonce)); nonce &= 0xffffffff; - + if(flags.b.enc_tkt_in_skey && second_ticket == NULL){ - ret = decode_Ticket(in_creds->second_ticket.data, - in_creds->second_ticket.length, + ret = decode_Ticket(in_creds->second_ticket.data, + in_creds->second_ticket.length, &second_ticket_data, &len); if(ret) return ret; @@ -436,12 +438,12 @@ get_cred_kdc_usage(krb5_context context, PA_S4U2Self self; krb5_data data; void *buf; - size_t size; + size_t size = 0; self.name = impersonate_principal->name; self.realm = impersonate_principal->realm; self.auth = estrdup("Kerberos"); - + ret = _krb5_s4u2self_to_checksumdata(context, &self, &data); if (ret) { free(self.auth); @@ -460,7 +462,7 @@ get_cred_kdc_usage(krb5_context context, KRB5_KU_OTHER_CKSUM, 0, data.data, - data.length, + data.length, &self.cksum); krb5_crypto_destroy(context, crypto); krb5_data_free(&data); @@ -476,8 +478,8 @@ get_cred_kdc_usage(krb5_context context, goto out; if (len != size) krb5_abortx(context, "internal asn1 error"); - - ret = krb5_padata_add(context, &padata, KRB5_PADATA_S4U2SELF, buf, len); + + ret = krb5_padata_add(context, &padata, KRB5_PADATA_FOR_USER, buf, len); if (ret) goto out; } @@ -491,14 +493,13 @@ get_cred_kdc_usage(krb5_context context, krbtgt, nonce, &padata, - &subkey, - &req, - usage); + &subkey, + &req); if (ret) goto out; ASN1_MALLOC_ENCODE(TGS_REQ, enc.data, enc.length, &req, &len, ret); - if (ret) + if (ret) goto out; if(enc.length != len) krb5_abortx(context, "internal error in ASN.1 encoder"); @@ -526,42 +527,48 @@ get_cred_kdc_usage(krb5_context context, goto out; memset(&rep, 0, sizeof(rep)); - if(decode_TGS_REP(resp.data, resp.length, &rep.kdc_rep, &len) == 0){ - ret = krb5_copy_principal(context, - in_creds->client, + if(decode_TGS_REP(resp.data, resp.length, &rep.kdc_rep, &len) == 0) { + unsigned eflags = 0; + + ret = krb5_copy_principal(context, + in_creds->client, &out_creds->client); if(ret) - goto out; - ret = krb5_copy_principal(context, - in_creds->server, + goto out2; + ret = krb5_copy_principal(context, + in_creds->server, &out_creds->server); if(ret) - goto out; + goto out2; /* this should go someplace else */ out_creds->times.endtime = in_creds->times.endtime; + /* XXX should do better testing */ + if (flags.b.constrained_delegation || impersonate_principal) + eflags |= EXTRACT_TICKET_ALLOW_CNAME_MISMATCH; + ret = _krb5_extract_ticket(context, &rep, out_creds, &krbtgt->session, NULL, - KRB5_KU_TGS_REP_ENC_PART_SESSION, + 0, &krbtgt->addresses, nonce, - EXTRACT_TICKET_ALLOW_CNAME_MISMATCH| - EXTRACT_TICKET_ALLOW_SERVER_MISMATCH, + eflags, decrypt_tkt_with_subkey, subkey); + out2: krb5_free_kdc_rep(context, &rep); } else if(krb5_rd_error(context, &resp, &error) == 0) { ret = krb5_error_from_rd_error(context, &error, in_creds); krb5_free_error_contents(context, &error); - } else if(resp.data && ((char*)resp.data)[0] == 4) { + } else if(resp.length > 0 && ((char*)resp.data)[0] == 4) { ret = KRB5KRB_AP_ERR_V4_REPLY; - krb5_clear_error_string(context); + krb5_clear_error_message(context); } else { ret = KRB5KRB_AP_ERR_MSG_TYPE; - krb5_clear_error_string(context); + krb5_clear_error_message(context); } out: @@ -570,62 +577,58 @@ get_cred_kdc_usage(krb5_context context, free_METHOD_DATA(&padata); krb5_data_free(&resp); krb5_data_free(&enc); - if(subkey){ - krb5_free_keyblock_contents(context, subkey); - free(subkey); - } + if(subkey) + krb5_free_keyblock(context, subkey); return ret; - + } +/* + * same as above, just get local addresses first if the krbtgt have + * them and the realm is not addressless + */ + static krb5_error_code -get_cred_kdc(krb5_context context, - krb5_ccache id, - krb5_kdc_flags flags, - krb5_addresses *addresses, - krb5_creds *in_creds, - krb5_creds *krbtgt, - krb5_principal impersonate_principal, - Ticket *second_ticket, - krb5_creds *out_creds) +get_cred_kdc_address(krb5_context context, + krb5_ccache id, + krb5_kdc_flags flags, + krb5_addresses *addrs, + krb5_creds *in_creds, + krb5_creds *krbtgt, + krb5_principal impersonate_principal, + Ticket *second_ticket, + krb5_creds *out_creds) { krb5_error_code ret; + krb5_addresses addresses = { 0, NULL }; - ret = get_cred_kdc_usage(context, id, flags, addresses, in_creds, - krbtgt, impersonate_principal, second_ticket, - out_creds, KRB5_KU_TGS_REQ_AUTH); - if (ret == KRB5KRB_AP_ERR_BAD_INTEGRITY) { - krb5_clear_error_string (context); - ret = get_cred_kdc_usage(context, id, flags, addresses, in_creds, - krbtgt, impersonate_principal, second_ticket, - out_creds, KRB5_KU_AP_REQ_AUTH); + /* + * Inherit the address-ness of the krbtgt if the address is not + * specified. + */ + + if (addrs == NULL && krbtgt->addresses.len != 0) { + krb5_boolean noaddr; + + krb5_appdefault_boolean(context, NULL, krbtgt->server->realm, + "no-addresses", FALSE, &noaddr); + + if (!noaddr) { + krb5_get_all_client_addrs(context, &addresses); + /* XXX this sucks. */ + addrs = &addresses; + if(addresses.len == 0) + addrs = NULL; + } } - return ret; -} - -/* same as above, just get local addresses first */ - -static krb5_error_code -get_cred_kdc_la(krb5_context context, krb5_ccache id, krb5_kdc_flags flags, - krb5_creds *in_creds, krb5_creds *krbtgt, - krb5_principal impersonate_principal, Ticket *second_ticket, - krb5_creds *out_creds) -{ - krb5_error_code ret; - krb5_addresses addresses, *addrs = &addresses; - - krb5_get_all_client_addrs(context, &addresses); - /* XXX this sucks. */ - if(addresses.len == 0) - addrs = NULL; - ret = get_cred_kdc(context, id, flags, addrs, - in_creds, krbtgt, impersonate_principal, second_ticket, - out_creds); + ret = get_cred_kdc(context, id, flags, addrs, in_creds, + krbtgt, impersonate_principal, + second_ticket, out_creds); krb5_free_addresses(context, &addresses); return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_kdc_cred(krb5_context context, krb5_ccache id, krb5_kdc_flags flags, @@ -640,7 +643,8 @@ krb5_get_kdc_cred(krb5_context context, *out_creds = calloc(1, sizeof(**out_creds)); if(*out_creds == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } ret = _krb5_get_krbtgt (context, @@ -649,29 +653,34 @@ krb5_get_kdc_cred(krb5_context context, &krbtgt); if(ret) { free(*out_creds); + *out_creds = NULL; return ret; } - ret = get_cred_kdc(context, id, flags, addresses, + ret = get_cred_kdc(context, id, flags, addresses, in_creds, krbtgt, NULL, NULL, *out_creds); krb5_free_creds (context, krbtgt); - if(ret) + if(ret) { free(*out_creds); + *out_creds = NULL; + } return ret; } -static void -not_found(krb5_context context, krb5_const_principal p) +static int +not_found(krb5_context context, krb5_const_principal p, krb5_error_code code) { krb5_error_code ret; char *str; ret = krb5_unparse_name(context, p, &str); if(ret) { - krb5_clear_error_string(context); - return; + krb5_clear_error_message(context); + return code; } - krb5_set_error_string(context, "Matching credential (%s) not found", str); + krb5_set_error_message(context, code, + N_("Matching credential (%s) not found", ""), str); free(str); + return code; } static krb5_error_code @@ -686,24 +695,23 @@ find_cred(krb5_context context, krb5_cc_clear_mcred(&mcreds); mcreds.server = server; - ret = krb5_cc_retrieve_cred(context, id, KRB5_TC_DONT_MATCH_REALM, + ret = krb5_cc_retrieve_cred(context, id, KRB5_TC_DONT_MATCH_REALM, &mcreds, out_creds); if(ret == 0) return 0; while(tgts && *tgts){ - if(krb5_compare_creds(context, KRB5_TC_DONT_MATCH_REALM, + if(krb5_compare_creds(context, KRB5_TC_DONT_MATCH_REALM, &mcreds, *tgts)){ ret = krb5_copy_creds_contents(context, *tgts, out_creds); return ret; } tgts++; } - not_found(context, server); - return KRB5_CC_NOTFOUND; + return not_found(context, server, KRB5_CC_NOTFOUND); } static krb5_error_code -add_cred(krb5_context context, krb5_creds ***tgts, krb5_creds *tkt) +add_cred(krb5_context context, krb5_creds const *tkt, krb5_creds ***tgts) { int i; krb5_error_code ret; @@ -712,7 +720,8 @@ add_cred(krb5_context context, krb5_creds ***tgts, krb5_creds *tkt) for(i = 0; tmp && tmp[i]; i++); /* XXX */ tmp = realloc(tmp, (i+2)*sizeof(*tmp)); if(tmp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } *tgts = tmp; @@ -721,6 +730,141 @@ add_cred(krb5_context context, krb5_creds ***tgts, krb5_creds *tkt) return ret; } +static krb5_error_code +get_cred_kdc_capath_worker(krb5_context context, + krb5_kdc_flags flags, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_const_realm try_realm, + krb5_principal impersonate_principal, + Ticket *second_ticket, + krb5_creds **out_creds, + krb5_creds ***ret_tgts) +{ + krb5_error_code ret; + krb5_creds *tgt, tmp_creds; + krb5_const_realm client_realm, server_realm; + int ok_as_delegate = 1; + + *out_creds = NULL; + + client_realm = krb5_principal_get_realm(context, in_creds->client); + server_realm = krb5_principal_get_realm(context, in_creds->server); + memset(&tmp_creds, 0, sizeof(tmp_creds)); + ret = krb5_copy_principal(context, in_creds->client, &tmp_creds.client); + if(ret) + return ret; + + ret = krb5_make_principal(context, + &tmp_creds.server, + try_realm, + KRB5_TGS_NAME, + server_realm, + NULL); + if(ret){ + krb5_free_principal(context, tmp_creds.client); + return ret; + } + { + krb5_creds tgts; + + ret = find_cred(context, ccache, tmp_creds.server, + *ret_tgts, &tgts); + if(ret == 0){ + /* only allow implicit ok_as_delegate if the realm is the clients realm */ + if (strcmp(try_realm, client_realm) != 0 || strcmp(try_realm, server_realm) != 0) + ok_as_delegate = tgts.flags.b.ok_as_delegate; + + *out_creds = calloc(1, sizeof(**out_creds)); + if(*out_creds == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); + } else { + ret = get_cred_kdc_address(context, ccache, flags, NULL, + in_creds, &tgts, + impersonate_principal, + second_ticket, + *out_creds); + if (ret) { + free (*out_creds); + *out_creds = NULL; + } else if (ok_as_delegate == 0) + (*out_creds)->flags.b.ok_as_delegate = 0; + } + krb5_free_cred_contents(context, &tgts); + krb5_free_principal(context, tmp_creds.server); + krb5_free_principal(context, tmp_creds.client); + return ret; + } + } + if(krb5_realm_compare(context, in_creds->client, in_creds->server)) + return not_found(context, in_creds->server, KRB5_CC_NOTFOUND); + + /* XXX this can loop forever */ + while(1){ + heim_general_string tgt_inst; + + ret = get_cred_kdc_capath(context, flags, ccache, &tmp_creds, + NULL, NULL, &tgt, ret_tgts); + if(ret) { + krb5_free_principal(context, tmp_creds.server); + krb5_free_principal(context, tmp_creds.client); + return ret; + } + /* + * if either of the chain or the ok_as_delegate was stripped + * by the kdc, make sure we strip it too. + */ + if (ok_as_delegate == 0 || tgt->flags.b.ok_as_delegate == 0) { + ok_as_delegate = 0; + tgt->flags.b.ok_as_delegate = 0; + } + + ret = add_cred(context, tgt, ret_tgts); + if(ret) { + krb5_free_principal(context, tmp_creds.server); + krb5_free_principal(context, tmp_creds.client); + return ret; + } + tgt_inst = tgt->server->name.name_string.val[1]; + if(strcmp(tgt_inst, server_realm) == 0) + break; + krb5_free_principal(context, tmp_creds.server); + ret = krb5_make_principal(context, &tmp_creds.server, + tgt_inst, KRB5_TGS_NAME, server_realm, NULL); + if(ret) { + krb5_free_principal(context, tmp_creds.server); + krb5_free_principal(context, tmp_creds.client); + return ret; + } + ret = krb5_free_creds(context, tgt); + if(ret) { + krb5_free_principal(context, tmp_creds.server); + krb5_free_principal(context, tmp_creds.client); + return ret; + } + } + + krb5_free_principal(context, tmp_creds.server); + krb5_free_principal(context, tmp_creds.client); + *out_creds = calloc(1, sizeof(**out_creds)); + if(*out_creds == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + } else { + ret = get_cred_kdc_address (context, ccache, flags, NULL, + in_creds, tgt, impersonate_principal, + second_ticket, *out_creds); + if (ret) { + free (*out_creds); + *out_creds = NULL; + } + } + krb5_free_creds(context, tgt); + return ret; +} + /* get_cred(server) creds = cc_get_cred(server) @@ -737,187 +881,243 @@ get_cred(server) */ static krb5_error_code -get_cred_from_kdc_flags(krb5_context context, - krb5_kdc_flags flags, - krb5_ccache ccache, - krb5_creds *in_creds, - krb5_principal impersonate_principal, - Ticket *second_ticket, - krb5_creds **out_creds, - krb5_creds ***ret_tgts) +get_cred_kdc_capath(krb5_context context, + krb5_kdc_flags flags, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_principal impersonate_principal, + Ticket *second_ticket, + krb5_creds **out_creds, + krb5_creds ***ret_tgts) { krb5_error_code ret; - krb5_creds *tgt, tmp_creds; krb5_const_realm client_realm, server_realm, try_realm; + client_realm = krb5_principal_get_realm(context, in_creds->client); + server_realm = krb5_principal_get_realm(context, in_creds->server); + + try_realm = client_realm; + ret = get_cred_kdc_capath_worker(context, flags, ccache, in_creds, try_realm, + impersonate_principal, second_ticket, out_creds, + ret_tgts); + + if (ret == KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN) { + try_realm = krb5_config_get_string(context, NULL, "capaths", + client_realm, server_realm, NULL); + + if (try_realm != NULL && strcmp(try_realm, client_realm)) { + ret = get_cred_kdc_capath_worker(context, flags, ccache, in_creds, + try_realm, impersonate_principal, + second_ticket, out_creds, ret_tgts); + } + } + + return ret; +} + +static krb5_error_code +get_cred_kdc_referral(krb5_context context, + krb5_kdc_flags flags, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_principal impersonate_principal, + Ticket *second_ticket, + krb5_creds **out_creds, + krb5_creds ***ret_tgts) +{ + krb5_const_realm client_realm; + krb5_error_code ret; + krb5_creds tgt, referral, ticket; + int loop = 0; + int ok_as_delegate = 1; + + if (in_creds->server->name.name_string.len < 2 && !flags.b.canonicalize) { + krb5_set_error_message(context, KRB5KDC_ERR_PATH_NOT_ACCEPTED, + N_("Name too short to do referals, skipping", "")); + return KRB5KDC_ERR_PATH_NOT_ACCEPTED; + } + + memset(&tgt, 0, sizeof(tgt)); + memset(&ticket, 0, sizeof(ticket)); + + flags.b.canonicalize = 1; + *out_creds = NULL; client_realm = krb5_principal_get_realm(context, in_creds->client); - server_realm = krb5_principal_get_realm(context, in_creds->server); - memset(&tmp_creds, 0, sizeof(tmp_creds)); - ret = krb5_copy_principal(context, in_creds->client, &tmp_creds.client); - if(ret) - return ret; - try_realm = krb5_config_get_string(context, NULL, "capaths", - client_realm, server_realm, NULL); - -#if 1 - /* XXX remove in future release */ - if(try_realm == NULL) - try_realm = krb5_config_get_string(context, NULL, "libdefaults", - "capath", server_realm, NULL); -#endif - - if (try_realm == NULL) - try_realm = client_realm; - - ret = krb5_make_principal(context, - &tmp_creds.server, - try_realm, - KRB5_TGS_NAME, - server_realm, - NULL); - if(ret){ - krb5_free_principal(context, tmp_creds.client); - return ret; - } + /* find tgt for the clients base realm */ { - krb5_creds tgts; - /* XXX try krb5_cc_retrieve_cred first? */ - ret = find_cred(context, ccache, tmp_creds.server, - *ret_tgts, &tgts); - if(ret == 0){ - *out_creds = calloc(1, sizeof(**out_creds)); - if(*out_creds == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - } else { - krb5_boolean noaddr; + krb5_principal tgtname; - krb5_appdefault_boolean(context, NULL, tgts.server->realm, - "no-addresses", FALSE, &noaddr); - - if (noaddr) - ret = get_cred_kdc(context, ccache, flags, NULL, - in_creds, &tgts, - impersonate_principal, - second_ticket, - *out_creds); - else - ret = get_cred_kdc_la(context, ccache, flags, - in_creds, &tgts, - impersonate_principal, - second_ticket, - *out_creds); - if (ret) { - free (*out_creds); - *out_creds = NULL; - } - } - krb5_free_cred_contents(context, &tgts); - krb5_free_principal(context, tmp_creds.server); - krb5_free_principal(context, tmp_creds.client); + ret = krb5_make_principal(context, &tgtname, + client_realm, + KRB5_TGS_NAME, + client_realm, + NULL); + if(ret) + return ret; + + ret = find_cred(context, ccache, tgtname, *ret_tgts, &tgt); + krb5_free_principal(context, tgtname); + if (ret) return ret; - } } - if(krb5_realm_compare(context, in_creds->client, in_creds->server)) { - not_found(context, in_creds->server); - return KRB5_CC_NOTFOUND; - } - /* XXX this can loop forever */ - while(1){ - heim_general_string tgt_inst; - ret = get_cred_from_kdc_flags(context, flags, ccache, &tmp_creds, - NULL, NULL, &tgt, ret_tgts); - if(ret) { - krb5_free_principal(context, tmp_creds.server); - krb5_free_principal(context, tmp_creds.client); - return ret; - } - ret = add_cred(context, ret_tgts, tgt); - if(ret) { - krb5_free_principal(context, tmp_creds.server); - krb5_free_principal(context, tmp_creds.client); - return ret; - } - tgt_inst = tgt->server->name.name_string.val[1]; - if(strcmp(tgt_inst, server_realm) == 0) - break; - krb5_free_principal(context, tmp_creds.server); - ret = krb5_make_principal(context, &tmp_creds.server, - tgt_inst, KRB5_TGS_NAME, server_realm, NULL); - if(ret) { - krb5_free_principal(context, tmp_creds.server); - krb5_free_principal(context, tmp_creds.client); - return ret; - } - ret = krb5_free_creds(context, tgt); - if(ret) { - krb5_free_principal(context, tmp_creds.server); - krb5_free_principal(context, tmp_creds.client); - return ret; - } + referral = *in_creds; + ret = krb5_copy_principal(context, in_creds->server, &referral.server); + if (ret) { + krb5_free_cred_contents(context, &tgt); + return ret; + } + ret = krb5_principal_set_realm(context, referral.server, client_realm); + if (ret) { + krb5_free_cred_contents(context, &tgt); + krb5_free_principal(context, referral.server); + return ret; } - - krb5_free_principal(context, tmp_creds.server); - krb5_free_principal(context, tmp_creds.client); - *out_creds = calloc(1, sizeof(**out_creds)); - if(*out_creds == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - } else { - krb5_boolean noaddr; - krb5_appdefault_boolean(context, NULL, tgt->server->realm, - "no-addresses", KRB5_ADDRESSLESS_DEFAULT, - &noaddr); - if (noaddr) - ret = get_cred_kdc (context, ccache, flags, NULL, - in_creds, tgt, NULL, NULL, - *out_creds); - else - ret = get_cred_kdc_la(context, ccache, flags, - in_creds, tgt, NULL, NULL, - *out_creds); + while (loop++ < 17) { + krb5_creds **tickets; + krb5_creds mcreds; + char *referral_realm; + + /* Use cache if we are not doing impersonation or contrainte deleg */ + if (impersonate_principal == NULL || flags.b.constrained_delegation) { + krb5_cc_clear_mcred(&mcreds); + mcreds.server = referral.server; + ret = krb5_cc_retrieve_cred(context, ccache, 0, &mcreds, &ticket); + } else + ret = EINVAL; + if (ret) { - free (*out_creds); - *out_creds = NULL; + ret = get_cred_kdc_address(context, ccache, flags, NULL, + &referral, &tgt, impersonate_principal, + second_ticket, &ticket); + if (ret) + goto out; } + + /* Did we get the right ticket ? */ + if (krb5_principal_compare_any_realm(context, + referral.server, + ticket.server)) + break; + + if (!krb5_principal_is_krbtgt(context, ticket.server)) { + krb5_set_error_message(context, KRB5KRB_AP_ERR_NOT_US, + N_("Got back an non krbtgt " + "ticket referrals", "")); + ret = KRB5KRB_AP_ERR_NOT_US; + goto out; + } + + referral_realm = ticket.server->name.name_string.val[1]; + + /* check that there are no referrals loops */ + tickets = *ret_tgts; + + krb5_cc_clear_mcred(&mcreds); + mcreds.server = ticket.server; + + while(tickets && *tickets){ + if(krb5_compare_creds(context, + KRB5_TC_DONT_MATCH_REALM, + &mcreds, + *tickets)) + { + krb5_set_error_message(context, KRB5_GET_IN_TKT_LOOP, + N_("Referral from %s " + "loops back to realm %s", ""), + tgt.server->realm, + referral_realm); + ret = KRB5_GET_IN_TKT_LOOP; + goto out; + } + tickets++; + } + + /* + * if either of the chain or the ok_as_delegate was stripped + * by the kdc, make sure we strip it too. + */ + + if (ok_as_delegate == 0 || ticket.flags.b.ok_as_delegate == 0) { + ok_as_delegate = 0; + ticket.flags.b.ok_as_delegate = 0; + } + + ret = add_cred(context, &ticket, ret_tgts); + if (ret) + goto out; + + /* try realm in the referral */ + ret = krb5_principal_set_realm(context, + referral.server, + referral_realm); + krb5_free_cred_contents(context, &tgt); + tgt = ticket; + memset(&ticket, 0, sizeof(ticket)); + if (ret) + goto out; } - krb5_free_creds(context, tgt); + + ret = krb5_copy_creds(context, &ticket, out_creds); + +out: + krb5_free_principal(context, referral.server); + krb5_free_cred_contents(context, &tgt); + krb5_free_cred_contents(context, &ticket); return ret; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_cred_from_kdc_opt(krb5_context context, - krb5_ccache ccache, - krb5_creds *in_creds, - krb5_creds **out_creds, - krb5_creds ***ret_tgts, - krb5_flags flags) -{ - krb5_kdc_flags f; - f.i = flags; - return get_cred_from_kdc_flags(context, f, ccache, - in_creds, NULL, NULL, - out_creds, ret_tgts); -} -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_cred_from_kdc(krb5_context context, +/* + * Glue function between referrals version and old client chasing + * codebase. + */ + +krb5_error_code +_krb5_get_cred_kdc_any(krb5_context context, + krb5_kdc_flags flags, krb5_ccache ccache, krb5_creds *in_creds, + krb5_principal impersonate_principal, + Ticket *second_ticket, krb5_creds **out_creds, krb5_creds ***ret_tgts) { - return krb5_get_cred_from_kdc_opt(context, ccache, - in_creds, out_creds, ret_tgts, 0); -} - + krb5_error_code ret; + krb5_deltat offset; -krb5_error_code KRB5_LIB_FUNCTION + ret = krb5_cc_get_kdc_offset(context, ccache, &offset); + if (ret) { + context->kdc_sec_offset = offset; + context->kdc_usec_offset = 0; + } + + ret = get_cred_kdc_referral(context, + flags, + ccache, + in_creds, + impersonate_principal, + second_ticket, + out_creds, + ret_tgts); + if (ret == 0 || flags.b.canonicalize) + return ret; + return get_cred_kdc_capath(context, + flags, + ccache, + in_creds, + impersonate_principal, + second_ticket, + out_creds, + ret_tgts); +} + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_credentials_with_flags(krb5_context context, krb5_flags options, krb5_kdc_flags flags, @@ -929,18 +1129,25 @@ krb5_get_credentials_with_flags(krb5_context context, krb5_creds **tgts; krb5_creds *res_creds; int i; - + + if (in_creds->session.keytype) { + ret = krb5_enctype_valid(context, in_creds->session.keytype); + if (ret) + return ret; + } + *out_creds = NULL; res_creds = calloc(1, sizeof(*res_creds)); if (res_creds == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } if (in_creds->session.keytype) options |= KRB5_TC_MATCH_KEYTYPE; - /* + /* * If we got a credential, check if credential is expired before * returning it. */ @@ -949,7 +1156,7 @@ krb5_get_credentials_with_flags(krb5_context context, in_creds->session.keytype ? KRB5_TC_MATCH_KEYTYPE : 0, in_creds, res_creds); - /* + /* * If we got a credential, check if credential is expired before * returning it, but only if KRB5_GC_EXPIRED_OK is not set. */ @@ -961,7 +1168,7 @@ krb5_get_credentials_with_flags(krb5_context context, *out_creds = res_creds; return 0; } - + krb5_timeofday(context, &timeret); if(res_creds->times.endtime > timeret) { *out_creds = res_creds; @@ -975,18 +1182,17 @@ krb5_get_credentials_with_flags(krb5_context context, return ret; } free(res_creds); - if(options & KRB5_GC_CACHED) { - not_found(context, in_creds->server); - return KRB5_CC_NOTFOUND; - } + if(options & KRB5_GC_CACHED) + return not_found(context, in_creds->server, KRB5_CC_NOTFOUND); + if(options & KRB5_GC_USER_USER) flags.b.enc_tkt_in_skey = 1; if (flags.b.enc_tkt_in_skey) options |= KRB5_GC_NO_STORE; tgts = NULL; - ret = get_cred_from_kdc_flags(context, flags, ccache, - in_creds, NULL, NULL, out_creds, &tgts); + ret = _krb5_get_cred_kdc_any(context, flags, ccache, + in_creds, NULL, NULL, out_creds, &tgts); for(i = 0; tgts && tgts[i]; i++) { krb5_cc_store_cred(context, ccache, tgts[i]); krb5_free_creds(context, tgts[i]); @@ -997,7 +1203,7 @@ krb5_get_credentials_with_flags(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_credentials(krb5_context context, krb5_flags options, krb5_ccache ccache, @@ -1018,27 +1224,32 @@ struct krb5_get_creds_opt_data { }; -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_creds_opt_alloc(krb5_context context, krb5_get_creds_opt *opt) { *opt = calloc(1, sizeof(**opt)); if (*opt == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } return 0; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_creds_opt_free(krb5_context context, krb5_get_creds_opt opt) { if (opt->self) krb5_free_principal(context, opt->self); + if (opt->ticket) { + free_Ticket(opt->ticket); + free(opt->ticket); + } memset(opt, 0, sizeof(*opt)); free(opt); } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_creds_opt_set_options(krb5_context context, krb5_get_creds_opt opt, krb5_flags options) @@ -1046,7 +1257,7 @@ krb5_get_creds_opt_set_options(krb5_context context, opt->options = options; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_creds_opt_add_options(krb5_context context, krb5_get_creds_opt opt, krb5_flags options) @@ -1054,7 +1265,7 @@ krb5_get_creds_opt_add_options(krb5_context context, opt->options |= options; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_creds_opt_set_enctype(krb5_context context, krb5_get_creds_opt opt, krb5_enctype enctype) @@ -1062,7 +1273,7 @@ krb5_get_creds_opt_set_enctype(krb5_context context, opt->enctype = enctype; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_creds_opt_set_impersonate(krb5_context context, krb5_get_creds_opt opt, krb5_const_principal self) @@ -1072,7 +1283,7 @@ krb5_get_creds_opt_set_impersonate(krb5_context context, return krb5_copy_principal(context, self, &opt->self); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_creds_opt_set_ticket(krb5_context context, krb5_get_creds_opt opt, const Ticket *ticket) @@ -1087,14 +1298,16 @@ krb5_get_creds_opt_set_ticket(krb5_context context, opt->ticket = malloc(sizeof(*ticket)); if (opt->ticket == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } ret = copy_Ticket(ticket, opt->ticket); if (ret) { free(opt->ticket); opt->ticket = NULL; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); return ret; } } @@ -1103,7 +1316,7 @@ krb5_get_creds_opt_set_ticket(krb5_context context, -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_creds(krb5_context context, krb5_get_creds_opt opt, krb5_ccache ccache, @@ -1117,7 +1330,13 @@ krb5_get_creds(krb5_context context, krb5_creds **tgts; krb5_creds *res_creds; int i; - + + if (opt && opt->enctype) { + ret = krb5_enctype_valid(context, opt->enctype); + if (ret) + return ret; + } + memset(&in_creds, 0, sizeof(in_creds)); in_creds.server = rk_UNCONST(inprinc); @@ -1125,31 +1344,35 @@ krb5_get_creds(krb5_context context, if (ret) return ret; - options = opt->options; + if (opt) + options = opt->options; + else + options = 0; flags.i = 0; *out_creds = NULL; res_creds = calloc(1, sizeof(*res_creds)); if (res_creds == NULL) { krb5_free_principal(context, in_creds.client); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } - if (opt->enctype) { + if (opt && opt->enctype) { in_creds.session.keytype = opt->enctype; options |= KRB5_TC_MATCH_KEYTYPE; } - /* + /* * If we got a credential, check if credential is expired before * returning it. */ ret = krb5_cc_retrieve_cred(context, ccache, - opt->enctype ? KRB5_TC_MATCH_KEYTYPE : 0, + options & KRB5_TC_MATCH_KEYTYPE, &in_creds, res_creds); - /* + /* * If we got a credential, check if credential is expired before * returning it, but only if KRB5_GC_EXPIRED_OK is not set. */ @@ -1160,14 +1383,14 @@ krb5_get_creds(krb5_context context, if(options & KRB5_GC_EXPIRED_OK) { *out_creds = res_creds; krb5_free_principal(context, in_creds.client); - return 0; + goto out; } - + krb5_timeofday(context, &timeret); if(res_creds->times.endtime > timeret) { *out_creds = res_creds; krb5_free_principal(context, in_creds.client); - return 0; + goto out; } if(options & KRB5_GC_CACHED) krb5_cc_remove_cred(context, ccache, 0, res_creds); @@ -1175,13 +1398,13 @@ krb5_get_creds(krb5_context context, } else if(ret != KRB5_CC_END) { free(res_creds); krb5_free_principal(context, in_creds.client); - return ret; + goto out; } free(res_creds); if(options & KRB5_GC_CACHED) { - not_found(context, in_creds.server); krb5_free_principal(context, in_creds.client); - return KRB5_CC_NOTFOUND; + ret = not_found(context, in_creds.server, KRB5_CC_NOTFOUND); + goto out; } if(options & KRB5_GC_USER_USER) { flags.b.enc_tkt_in_skey = 1; @@ -1195,11 +1418,13 @@ krb5_get_creds(krb5_context context, flags.b.request_anonymous = 1; /* XXX ARGH confusion */ flags.b.constrained_delegation = 1; } + if (options & KRB5_GC_CANONICALIZE) + flags.b.canonicalize = 1; tgts = NULL; - ret = get_cred_from_kdc_flags(context, flags, ccache, - &in_creds, opt->self, opt->ticket, - out_creds, &tgts); + ret = _krb5_get_cred_kdc_any(context, flags, ccache, + &in_creds, opt->self, opt->ticket, + out_creds, &tgts); krb5_free_principal(context, in_creds.client); for(i = 0; tgts && tgts[i]; i++) { krb5_cc_store_cred(context, ccache, tgts[i]); @@ -1208,6 +1433,10 @@ krb5_get_creds(krb5_context context, free(tgts); if(ret == 0 && (options & KRB5_GC_NO_STORE) == 0) krb5_cc_store_cred(context, ccache, *out_creds); + + out: + _krb5_debug(context, 5, "krb5_get_creds: ret = %d", ret); + return ret; } @@ -1215,7 +1444,7 @@ krb5_get_creds(krb5_context context, * */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_renewed_creds(krb5_context context, krb5_creds *creds, krb5_const_principal client, @@ -1241,7 +1470,7 @@ krb5_get_renewed_creds(krb5_context context, } } else { const char *realm = krb5_principal_get_realm(context, client); - + ret = krb5_make_principal(context, &in.server, realm, KRB5_TGS_NAME, realm, NULL); if (ret) { diff --git a/lib/krb5/get_default_principal.c b/lib/krb5/get_default_principal.c index 83fb2b0fa984..44baa6d1c2cd 100644 --- a/lib/krb5/get_default_principal.c +++ b/lib/krb5/get_default_principal.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: get_default_principal.c 14870 2005-04-20 20:53:29Z lha $"); - /* * Try to find out what's a reasonable default principal. */ @@ -50,6 +48,8 @@ get_env_user(void) return user; } +#ifndef _WIN32 + /* * Will only use operating-system dependant operation to get the * default principal, for use of functions that in ccache layer to @@ -57,7 +57,7 @@ get_env_user(void) */ krb5_error_code -_krb5_get_default_principal_local (krb5_context context, +_krb5_get_default_principal_local (krb5_context context, krb5_principal *princ) { krb5_error_code ret; @@ -66,7 +66,7 @@ _krb5_get_default_principal_local (krb5_context context, *princ = NULL; - uid = getuid(); + uid = getuid(); if(uid == 0) { user = getlogin(); if(user == NULL) @@ -76,7 +76,7 @@ _krb5_get_default_principal_local (krb5_context context, else ret = krb5_make_principal(context, princ, NULL, "root", NULL); } else { - struct passwd *pw = getpwuid(uid); + struct passwd *pw = getpwuid(uid); if(pw != NULL) user = pw->pw_name; else { @@ -85,8 +85,9 @@ _krb5_get_default_principal_local (krb5_context context, user = getlogin(); } if(user == NULL) { - krb5_set_error_string(context, - "unable to figure out current principal"); + krb5_set_error_message(context, ENOTTY, + N_("unable to figure out current " + "principal", "")); return ENOTTY; /* XXX */ } ret = krb5_make_principal(context, princ, NULL, user, NULL); @@ -94,7 +95,56 @@ _krb5_get_default_principal_local (krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +#else /* _WIN32 */ + +#define SECURITY_WIN32 +#include + +krb5_error_code +_krb5_get_default_principal_local(krb5_context context, + krb5_principal *princ) +{ + /* See if we can get the principal first. We only expect this to + work if logged into a domain. */ + { + char username[1024]; + ULONG sz = sizeof(username); + + if (GetUserNameEx(NameUserPrincipal, username, &sz)) { + return krb5_parse_name_flags(context, username, + KRB5_PRINCIPAL_PARSE_ENTERPRISE, + princ); + } + } + + /* Just get the Windows username. This should pretty much always + work. */ + { + char username[1024]; + DWORD dsz = sizeof(username); + + if (GetUserName(username, &dsz)) { + return krb5_make_principal(context, princ, NULL, username, NULL); + } + } + + /* Failing that, we look at the environment */ + { + const char * username = get_env_user(); + + if (username == NULL) { + krb5_set_error_string(context, + "unable to figure out current principal"); + return ENOTTY; /* Really? */ + } + + return krb5_make_principal(context, princ, NULL, username, NULL); + } +} + +#endif + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_principal (krb5_context context, krb5_principal *princ) { diff --git a/lib/krb5/get_default_realm.c b/lib/krb5/get_default_realm.c index 09c8577b2601..2a4933a62a7d 100644 --- a/lib/krb5/get_default_realm.c +++ b/lib/krb5/get_default_realm.c @@ -1,46 +1,44 @@ /* - * Copyright (c) 1997 - 2001, 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001, 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: get_default_realm.c 13863 2004-05-25 21:46:46Z lha $"); - /* * Return a NULL-terminated list of default realms in `realms'. * Free this memory with krb5_free_host_realm. */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_realms (krb5_context context, krb5_realm **realms) { @@ -59,7 +57,7 @@ krb5_get_default_realms (krb5_context context, * Return the first default realm. For compatibility. */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_realm(krb5_context context, krb5_realm *realm) { @@ -68,7 +66,7 @@ krb5_get_default_realm(krb5_context context, if (context->default_realms == NULL || context->default_realms[0] == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = krb5_set_default_realm (context, NULL); if (ret) return ret; @@ -76,7 +74,8 @@ krb5_get_default_realm(krb5_context context, res = strdup (context->default_realms[0]); if (res == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } *realm = res; diff --git a/lib/krb5/get_for_creds.c b/lib/krb5/get_for_creds.c index cb8b7c8641a6..979fc9b0ae99 100644 --- a/lib/krb5/get_for_creds.c +++ b/lib/krb5/get_for_creds.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include - -RCSID("$Id: get_for_creds.c 22504 2008-01-21 15:49:58Z lha $"); +#include "krb5_locl.h" static krb5_error_code add_addrs(krb5_context context, @@ -51,8 +49,8 @@ add_addrs(krb5_context context, tmp = realloc(addr->val, (addr->len + n) * sizeof(*addr->val)); if (tmp == NULL && (addr->len + n) != 0) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } addr->val = tmp; @@ -72,7 +70,7 @@ add_addrs(krb5_context context, addr->val[i++] = ad; } else if (ret == KRB5_PROG_ATYPE_NOSUPP) - krb5_clear_error_string (context); + krb5_clear_error_message (context); else goto fail; addr->len = i; @@ -102,7 +100,7 @@ add_addrs(krb5_context context, * @ingroup krb5_credential */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_fwd_tgt_creds (krb5_context context, krb5_auth_context auth_context, const char *hostname, @@ -129,23 +127,22 @@ krb5_fwd_tgt_creds (krb5_context context, if (inst != NULL && strcmp(inst, "host") == 0 && - host != NULL && + host != NULL && krb5_principal_get_comp_string(context, server, 2) == NULL) hostname = host; } client_realm = krb5_principal_get_realm(context, client); - + memset (&creds, 0, sizeof(creds)); creds.client = client; - ret = krb5_build_principal(context, - &creds.server, - strlen(client_realm), - client_realm, - KRB5_TGS_NAME, - client_realm, - NULL); + ret = krb5_make_principal(context, + &creds.server, + client_realm, + KRB5_TGS_NAME, + client_realm, + NULL); if (ret) return ret; @@ -163,7 +160,7 @@ krb5_fwd_tgt_creds (krb5_context context, * Gets tickets forwarded to hostname. If the tickets that are * forwarded are address-less, the forwarded tickets will also be * address-less. - * + * * If the ticket have any address, hostname will be used for figure * out the address to forward the ticket too. This since this might * use DNS, its insecure and also doesn't represent configured all @@ -186,7 +183,7 @@ krb5_fwd_tgt_creds (krb5_context context, * @ingroup krb5_credential */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_forwarded_creds (krb5_context context, krb5_auth_context auth_context, krb5_ccache ccache, @@ -207,7 +204,6 @@ krb5_get_forwarded_creds (krb5_context context, krb5_kdc_flags kdc_flags; krb5_crypto crypto; struct addrinfo *ai; - int save_errno; krb5_creds *ticket; paddrs = NULL; @@ -222,14 +218,14 @@ krb5_get_forwarded_creds (krb5_context context, } else { krb5_boolean noaddr; krb5_appdefault_boolean(context, NULL, - krb5_principal_get_realm(context, + krb5_principal_get_realm(context, in_creds->client), "no-addresses", KRB5_ADDRESSLESS_DEFAULT, &noaddr); if (!noaddr) paddrs = &addrs; } - + /* * If tickets have addresses, get the address of the remote host. */ @@ -238,18 +234,20 @@ krb5_get_forwarded_creds (krb5_context context, ret = getaddrinfo (hostname, NULL, NULL, &ai); if (ret) { - save_errno = errno; - krb5_set_error_string(context, "resolving %s: %s", + krb5_error_code ret2 = krb5_eai_to_heim_errno(ret, errno); + krb5_set_error_message(context, ret2, + N_("resolving host %s failed: %s", + "hostname, error"), hostname, gai_strerror(ret)); - return krb5_eai_to_heim_errno(ret, save_errno); + return ret2; } - + ret = add_addrs (context, &addrs, ai); freeaddrinfo (ai); if (ret) return ret; } - + kdc_flags.b = int2KDCOptions(flags); ret = krb5_get_kdc_cred (context, @@ -269,7 +267,7 @@ krb5_get_forwarded_creds (krb5_context context, ALLOC_SEQ(&cred.tickets, 1); if (cred.tickets.val == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto out2; } ret = decode_Ticket(out_creds->ticket.data, @@ -282,27 +280,27 @@ krb5_get_forwarded_creds (krb5_context context, ALLOC_SEQ(&enc_krb_cred_part.ticket_info, 1); if (enc_krb_cred_part.ticket_info.val == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto out4; } - + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { krb5_timestamp sec; int32_t usec; - + krb5_us_timeofday (context, &sec, &usec); - + ALLOC(enc_krb_cred_part.timestamp, 1); if (enc_krb_cred_part.timestamp == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto out4; } *enc_krb_cred_part.timestamp = sec; ALLOC(enc_krb_cred_part.usec, 1); if (enc_krb_cred_part.usec == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto out4; } *enc_krb_cred_part.usec = usec; @@ -346,7 +344,8 @@ krb5_get_forwarded_creds (krb5_context context, ALLOC(enc_krb_cred_part.r_address, 1); if (enc_krb_cred_part.r_address == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto out4; } @@ -389,7 +388,7 @@ krb5_get_forwarded_creds (krb5_context context, /* encode EncKrbCredPart */ - ASN1_MALLOC_ENCODE(EncKrbCredPart, buf, buf_size, + ASN1_MALLOC_ENCODE(EncKrbCredPart, buf, buf_size, &enc_krb_cred_part, &len, ret); free_EncKrbCredPart (&enc_krb_cred_part); if (ret) { @@ -413,13 +412,13 @@ krb5_get_forwarded_creds (krb5_context context, cred.enc_part.cipher.data = buf; cred.enc_part.cipher.length = buf_size; } else { - /* + /* * Here older versions then 0.7.2 of Heimdal used the local or * remote subkey. That is wrong, the session key should be * used. Heimdal 0.7.2 and newer have code to try both in the * receiving end. */ - + ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); if (ret) { free(buf); diff --git a/lib/krb5/get_host_realm.c b/lib/krb5/get_host_realm.c index d709e4b38d17..ed7f54b3d698 100644 --- a/lib/krb5/get_host_realm.c +++ b/lib/krb5/get_host_realm.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" #include -RCSID("$Id: get_host_realm.c 18541 2006-10-17 19:28:36Z lha $"); - /* To automagically find the correct realm of a host (without * [domain_realm] in krb5.conf) add a text record for your domain with * the name of your realm, like this: @@ -51,14 +49,14 @@ RCSID("$Id: get_host_realm.c 18541 2006-10-17 19:28:36Z lha $"); */ static int -copy_txt_to_realms (struct resource_record *head, +copy_txt_to_realms (struct rk_resource_record *head, krb5_realm **realms) { - struct resource_record *rr; - int n, i; + struct rk_resource_record *rr; + unsigned int n, i; for(n = 0, rr = head; rr; rr = rr->next) - if (rr->type == T_TXT) + if (rr->type == rk_ns_t_txt) ++n; if (n == 0) @@ -72,7 +70,7 @@ copy_txt_to_realms (struct resource_record *head, (*realms)[i] = NULL; for (i = 0, rr = head; rr; rr = rr->next) { - if (rr->type == T_TXT) { + if (rr->type == rk_ns_t_txt) { char *tmp; tmp = strdup(rr->u.txt); @@ -96,11 +94,11 @@ dns_find_realm(krb5_context context, { static const char *default_labels[] = { "_kerberos", NULL }; char dom[MAXHOSTNAMELEN]; - struct dns_reply *r; + struct rk_dns_reply *r; const char **labels; char **config_labels; int i, ret; - + config_labels = krb5_config_get_strings(context, NULL, "libdefaults", "dns_lookup_realm_labels", NULL); if(config_labels != NULL) @@ -111,15 +109,15 @@ dns_find_realm(krb5_context context, domain++; for (i = 0; labels[i] != NULL; i++) { ret = snprintf(dom, sizeof(dom), "%s.%s.", labels[i], domain); - if(ret < 0 || ret >= sizeof(dom)) { + if(ret < 0 || (size_t)ret >= sizeof(dom)) { if (config_labels) krb5_config_free_strings(config_labels); return -1; } - r = dns_lookup(dom, "TXT"); + r = rk_dns_lookup(dom, "TXT"); if(r != NULL) { ret = copy_txt_to_realms (r->head, realms); - dns_free_data(r); + rk_dns_free_data(r); if(ret == 0) { if (config_labels) krb5_config_free_strings(config_labels); @@ -138,8 +136,8 @@ dns_find_realm(krb5_context context, */ static int -config_find_realm(krb5_context context, - const char *domain, +config_find_realm(krb5_context context, + const char *domain, krb5_realm **realms) { char **tmp = krb5_config_get_strings (context, NULL, @@ -160,7 +158,7 @@ config_find_realm(krb5_context context, * fall back to guessing */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_get_host_realm_int (krb5_context context, const char *host, krb5_boolean use_dns, @@ -178,8 +176,8 @@ _krb5_get_host_realm_int (krb5_context context, for (q = host; q != NULL; q = strchr(q + 1, '.')) if(dns_find_realm(context, q, realms) == 0) return 0; - continue; - } else + continue; + } else return 0; } else if(use_dns && dns_locate_enable) { @@ -192,21 +190,23 @@ _krb5_get_host_realm_int (krb5_context context, p++; *realms = malloc(2 * sizeof(krb5_realm)); if (*realms == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } (*realms)[0] = strdup(p); if((*realms)[0] == NULL) { free(*realms); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } strupr((*realms)[0]); (*realms)[1] = NULL; return 0; } - krb5_set_error_string(context, "unable to find realm of host %s", host); + krb5_set_error_message(context, KRB5_ERR_HOST_REALM_UNKNOWN, + N_("unable to find realm of host %s", ""), + host); return KRB5_ERR_HOST_REALM_UNKNOWN; } @@ -215,7 +215,7 @@ _krb5_get_host_realm_int (krb5_context context, * `realms'. Free `realms' with krb5_free_host_realm(). */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_host_realm(krb5_context context, const char *targethost, krb5_realm **realms) @@ -233,7 +233,7 @@ krb5_get_host_realm(krb5_context context, host = hostname; } - /* + /* * If our local hostname is without components, don't even try to dns. */ @@ -248,8 +248,9 @@ krb5_get_host_realm(krb5_context context, */ ret = krb5_get_default_realms(context, realms); if (ret) { - krb5_set_error_string(context, "Unable to find realm of host %s", - host); + krb5_set_error_message(context, KRB5_ERR_HOST_REALM_UNKNOWN, + N_("Unable to find realm of host %s", ""), + host); return KRB5_ERR_HOST_REALM_UNKNOWN; } } diff --git a/lib/krb5/get_in_tkt.c b/lib/krb5/get_in_tkt.c index ffd4ca2b04e4..41618b9616a4 100644 --- a/lib/krb5/get_in_tkt.c +++ b/lib/krb5/get_in_tkt.c @@ -1,331 +1,54 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: get_in_tkt.c 20226 2007-02-16 03:31:50Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_init_etype (krb5_context context, - unsigned *len, - krb5_enctype **val, - const krb5_enctype *etypes) -{ - int i; - krb5_error_code ret; - krb5_enctype *tmp = NULL; - - ret = 0; - if (etypes == NULL) { - ret = krb5_get_default_in_tkt_etypes(context, - &tmp); - if (ret) - return ret; - etypes = tmp; - } - - for (i = 0; etypes[i]; ++i) - ; - *len = i; - *val = malloc(i * sizeof(**val)); - if (i != 0 && *val == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto cleanup; - } - memmove (*val, - etypes, - i * sizeof(*tmp)); -cleanup: - if (tmp != NULL) - free (tmp); - return ret; -} - +#ifndef HEIMDAL_SMALLER static krb5_error_code -decrypt_tkt (krb5_context context, - krb5_keyblock *key, - krb5_key_usage usage, - krb5_const_pointer decrypt_arg, - krb5_kdc_rep *dec_rep) -{ - krb5_error_code ret; - krb5_data data; - size_t size; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - return ret; - - ret = krb5_decrypt_EncryptedData (context, - crypto, - usage, - &dec_rep->kdc_rep.enc_part, - &data); - krb5_crypto_destroy(context, crypto); - - if (ret) - return ret; - - ret = krb5_decode_EncASRepPart(context, - data.data, - data.length, - &dec_rep->enc_part, - &size); - if (ret) - ret = krb5_decode_EncTGSRepPart(context, - data.data, - data.length, - &dec_rep->enc_part, - &size); - krb5_data_free (&data); - if (ret) - return ret; - return 0; -} - -int -_krb5_extract_ticket(krb5_context context, - krb5_kdc_rep *rep, - krb5_creds *creds, - krb5_keyblock *key, - krb5_const_pointer keyseed, - krb5_key_usage key_usage, - krb5_addresses *addrs, - unsigned nonce, - unsigned flags, - krb5_decrypt_proc decrypt_proc, - krb5_const_pointer decryptarg) -{ - krb5_error_code ret; - krb5_principal tmp_principal; - int tmp; - size_t len; - time_t tmp_time; - krb5_timestamp sec_now; - - ret = _krb5_principalname2krb5_principal (context, - &tmp_principal, - rep->kdc_rep.cname, - rep->kdc_rep.crealm); - if (ret) - goto out; - - /* compare client */ - - if((flags & EXTRACT_TICKET_ALLOW_CNAME_MISMATCH) == 0){ - tmp = krb5_principal_compare (context, tmp_principal, creds->client); - if (!tmp) { - krb5_free_principal (context, tmp_principal); - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_MODIFIED; - goto out; - } - } - - krb5_free_principal (context, creds->client); - creds->client = tmp_principal; - - /* extract ticket */ - ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length, - &rep->kdc_rep.ticket, &len, ret); - if(ret) - goto out; - if (creds->ticket.length != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - creds->second_ticket.length = 0; - creds->second_ticket.data = NULL; - - /* compare server */ - - ret = _krb5_principalname2krb5_principal (context, - &tmp_principal, - rep->kdc_rep.ticket.sname, - rep->kdc_rep.ticket.realm); - if (ret) - goto out; - if(flags & EXTRACT_TICKET_ALLOW_SERVER_MISMATCH){ - krb5_free_principal(context, creds->server); - creds->server = tmp_principal; - tmp_principal = NULL; - } else { - tmp = krb5_principal_compare (context, tmp_principal, - creds->server); - krb5_free_principal (context, tmp_principal); - if (!tmp) { - ret = KRB5KRB_AP_ERR_MODIFIED; - krb5_clear_error_string (context); - goto out; - } - } - - /* decrypt */ - - if (decrypt_proc == NULL) - decrypt_proc = decrypt_tkt; - - ret = (*decrypt_proc)(context, key, key_usage, decryptarg, rep); - if (ret) - goto out; - - /* verify names */ - if(flags & EXTRACT_TICKET_MATCH_REALM){ - const char *srealm = krb5_principal_get_realm(context, creds->server); - const char *crealm = krb5_principal_get_realm(context, creds->client); - - if (strcmp(rep->enc_part.srealm, srealm) != 0 || - strcmp(rep->enc_part.srealm, crealm) != 0) - { - ret = KRB5KRB_AP_ERR_MODIFIED; - krb5_clear_error_string(context); - goto out; - } - } - - /* compare nonces */ - - if (nonce != rep->enc_part.nonce) { - ret = KRB5KRB_AP_ERR_MODIFIED; - krb5_set_error_string(context, "malloc: out of memory"); - goto out; - } - - /* set kdc-offset */ - - krb5_timeofday (context, &sec_now); - if (rep->enc_part.flags.initial - && context->kdc_sec_offset == 0 - && krb5_config_get_bool (context, NULL, - "libdefaults", - "kdc_timesync", - NULL)) { - context->kdc_sec_offset = rep->enc_part.authtime - sec_now; - krb5_timeofday (context, &sec_now); - } - - /* check all times */ - - if (rep->enc_part.starttime) { - tmp_time = *rep->enc_part.starttime; - } else - tmp_time = rep->enc_part.authtime; - - if (creds->times.starttime == 0 - && abs(tmp_time - sec_now) > context->max_skew) { - ret = KRB5KRB_AP_ERR_SKEW; - krb5_set_error_string (context, - "time skew (%d) larger than max (%d)", - abs(tmp_time - sec_now), - (int)context->max_skew); - goto out; - } - - if (creds->times.starttime != 0 - && tmp_time != creds->times.starttime) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_MODIFIED; - goto out; - } - - creds->times.starttime = tmp_time; - - if (rep->enc_part.renew_till) { - tmp_time = *rep->enc_part.renew_till; - } else - tmp_time = 0; - - if (creds->times.renew_till != 0 - && tmp_time > creds->times.renew_till) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_MODIFIED; - goto out; - } - - creds->times.renew_till = tmp_time; - - creds->times.authtime = rep->enc_part.authtime; - - if (creds->times.endtime != 0 - && rep->enc_part.endtime > creds->times.endtime) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_MODIFIED; - goto out; - } - - creds->times.endtime = rep->enc_part.endtime; - - if(rep->enc_part.caddr) - krb5_copy_addresses (context, rep->enc_part.caddr, &creds->addresses); - else if(addrs) - krb5_copy_addresses (context, addrs, &creds->addresses); - else { - creds->addresses.len = 0; - creds->addresses.val = NULL; - } - creds->flags.b = rep->enc_part.flags; - - creds->authdata.len = 0; - creds->authdata.val = NULL; - creds->session.keyvalue.length = 0; - creds->session.keyvalue.data = NULL; - creds->session.keytype = rep->enc_part.key.keytype; - ret = krb5_data_copy (&creds->session.keyvalue, - rep->enc_part.key.keyvalue.data, - rep->enc_part.key.keyvalue.length); - -out: - memset (rep->enc_part.key.keyvalue.data, 0, - rep->enc_part.key.keyvalue.length); - return ret; -} - - -static krb5_error_code -make_pa_enc_timestamp(krb5_context context, PA_DATA *pa, +make_pa_enc_timestamp(krb5_context context, PA_DATA *pa, krb5_enctype etype, krb5_keyblock *key) { PA_ENC_TS_ENC p; unsigned char *buf; size_t buf_size; - size_t len; + size_t len = 0; EncryptedData encdata; krb5_error_code ret; int32_t usec; int usec2; krb5_crypto crypto; - + krb5_us_timeofday (context, &p.patimestamp, &usec); usec2 = usec; p.pausec = &usec2; @@ -340,7 +63,7 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa, free(buf); return ret; } - ret = krb5_encrypt_EncryptedData(context, + ret = krb5_encrypt_EncryptedData(context, crypto, KRB5_KU_PA_ENC_TIMESTAMP, buf, @@ -351,7 +74,7 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa, krb5_crypto_destroy(context, crypto); if (ret) return ret; - + ASN1_MALLOC_ENCODE(EncryptedData, buf, buf_size, &encdata, &len, ret); free_EncryptedData(&encdata); if (ret) @@ -366,7 +89,7 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa, static krb5_error_code add_padata(krb5_context context, - METHOD_DATA *md, + METHOD_DATA *md, krb5_principal client, krb5_key_proc key_proc, krb5_const_pointer keyseed, @@ -378,11 +101,13 @@ add_padata(krb5_context context, PA_DATA *pa2; krb5_salt salt2; krb5_enctype *ep; - int i; - + size_t i; + if(salt == NULL) { /* default to standard salt */ ret = krb5_get_pw_salt (context, client, &salt2); + if (ret) + return ret; salt = &salt2; } if (!enctypes) { @@ -393,7 +118,7 @@ add_padata(krb5_context context, } pa2 = realloc (md->val, (md->len + netypes) * sizeof(*md->val)); if (pa2 == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } md->val = pa2; @@ -440,13 +165,13 @@ init_as_req (krb5_context context, a->req_body.cname = malloc(sizeof(*a->req_body.cname)); if (a->req_body.cname == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } a->req_body.sname = malloc(sizeof(*a->req_body.sname)); if (a->req_body.sname == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } ret = _krb5_principal2principalname (a->req_body.cname, creds->client); @@ -463,7 +188,7 @@ init_as_req (krb5_context context, a->req_body.from = malloc(sizeof(*a->req_body.from)); if (a->req_body.from == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } *a->req_body.from = creds->times.starttime; @@ -476,13 +201,14 @@ init_as_req (krb5_context context, a->req_body.rtime = malloc(sizeof(*a->req_body.rtime)); if (a->req_body.rtime == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } *a->req_body.rtime = creds->times.renew_till; } a->req_body.nonce = nonce; - ret = krb5_init_etype (context, + ret = _krb5_init_etype(context, + KRB5_PDU_AS_REQUEST, &a->req_body.etype.len, &a->req_body.etype.val, etypes); @@ -499,7 +225,7 @@ init_as_req (krb5_context context, a->req_body.addresses = malloc(sizeof(*a->req_body.addresses)); if (a->req_body.addresses == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } @@ -520,18 +246,18 @@ init_as_req (krb5_context context, a->req_body.additional_tickets = NULL; if(preauth != NULL) { - int i; + size_t i; ALLOC(a->padata, 1); if(a->padata == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } a->padata->val = NULL; a->padata->len = 0; for(i = 0; i < preauth->len; i++) { if(preauth->val[i].type == KRB5_PADATA_ENC_TIMESTAMP){ - int j; + size_t j; for(j = 0; j < preauth->val[i].info.len; j++) { krb5_salt *sp = &salt; @@ -546,8 +272,8 @@ init_as_req (krb5_context context, sp = NULL; else krb5_data_zero(&salt.saltvalue); - ret = add_padata(context, a->padata, creds->client, - key_proc, keyseed, + ret = add_padata(context, a->padata, creds->client, + key_proc, keyseed, &preauth->val[i].info.val[j].etype, 1, sp); if (ret == 0) @@ -555,7 +281,7 @@ init_as_req (krb5_context context, } } } - } else + } else /* not sure this is the way to use `ptypes' */ if (ptypes == NULL || *ptypes == KRB5_PADATA_NONE) a->padata = NULL; @@ -563,27 +289,28 @@ init_as_req (krb5_context context, ALLOC(a->padata, 1); if (a->padata == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } a->padata->len = 0; a->padata->val = NULL; /* make a v5 salted pa-data */ - add_padata(context, a->padata, creds->client, + add_padata(context, a->padata, creds->client, key_proc, keyseed, a->req_body.etype.val, a->req_body.etype.len, NULL); - + /* make a v4 salted pa-data */ salt.salttype = KRB5_PW_SALT; krb5_data_zero(&salt.saltvalue); - add_padata(context, a->padata, creds->client, + add_padata(context, a->padata, creds->client, key_proc, keyseed, a->req_body.etype.val, a->req_body.etype.len, &salt); } else { - krb5_set_error_string (context, "pre-auth type %d not supported", - *ptypes); ret = KRB5_PREAUTH_BAD_TYPE; + krb5_set_error_message (context, ret, + N_("pre-auth type %d not supported", ""), + *ptypes); goto fail; } return 0; @@ -594,7 +321,7 @@ init_as_req (krb5_context context, static int set_ptypes(krb5_context context, - KRB_ERROR *error, + KRB_ERROR *error, const krb5_preauthtype **ptypes, krb5_preauthdata **preauth) { @@ -603,10 +330,10 @@ set_ptypes(krb5_context context, if(error->e_data) { METHOD_DATA md; - int i; - decode_METHOD_DATA(error->e_data->data, - error->e_data->length, - &md, + size_t i; + decode_METHOD_DATA(error->e_data->data, + error->e_data->length, + &md, NULL); for(i = 0; i < md.len; i++){ switch(md.val[i].padata_type){ @@ -617,11 +344,10 @@ set_ptypes(krb5_context context, *preauth = &preauth2; ALLOC_SEQ(*preauth, 1); (*preauth)->val[0].type = KRB5_PADATA_ENC_TIMESTAMP; - krb5_decode_ETYPE_INFO(context, - md.val[i].padata_value.data, - md.val[i].padata_value.length, - &(*preauth)->val[0].info, - NULL); + decode_ETYPE_INFO(md.val[i].padata_value.data, + md.val[i].padata_value.length, + &(*preauth)->val[0].info, + NULL); break; default: break; @@ -634,7 +360,7 @@ set_ptypes(krb5_context context, return(1); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_cred(krb5_context context, krb5_flags options, const krb5_addresses *addrs, @@ -647,12 +373,13 @@ krb5_get_in_cred(krb5_context context, krb5_const_pointer decryptarg, krb5_creds *creds, krb5_kdc_rep *ret_as_reply) + KRB5_DEPRECATED_FUNCTION("Use X instead") { krb5_error_code ret; AS_REQ a; krb5_kdc_rep rep; krb5_data req, resp; - size_t len; + size_t len = 0; krb5_salt salt; krb5_keyblock *key; size_t size; @@ -725,7 +452,7 @@ krb5_get_in_cred(krb5_context context, done = 0; preauth = my_preauth; krb5_free_error_contents(context, &error); - krb5_clear_error_string(context); + krb5_clear_error_message(context); continue; } if(ret_as_reply) @@ -738,29 +465,29 @@ krb5_get_in_cred(krb5_context context, } krb5_data_free(&resp); } while(!done); - + pa = NULL; etype = rep.kdc_rep.enc_part.etype; if(rep.kdc_rep.padata){ int i = 0; - pa = krb5_find_padata(rep.kdc_rep.padata->val, rep.kdc_rep.padata->len, + pa = krb5_find_padata(rep.kdc_rep.padata->val, rep.kdc_rep.padata->len, KRB5_PADATA_PW_SALT, &i); if(pa == NULL) { i = 0; - pa = krb5_find_padata(rep.kdc_rep.padata->val, - rep.kdc_rep.padata->len, + pa = krb5_find_padata(rep.kdc_rep.padata->val, + rep.kdc_rep.padata->len, KRB5_PADATA_AFS3_SALT, &i); } } if(pa) { - salt.salttype = pa->padata_type; + salt.salttype = (krb5_salttype)pa->padata_type; salt.saltvalue = pa->padata_value; - + ret = (*key_proc)(context, etype, salt, keyseed, &key); } else { /* make a v5 salted pa-data */ ret = krb5_get_pw_salt (context, creds->client, &salt); - + if (ret) goto out; ret = (*key_proc)(context, etype, salt, keyseed, &key); @@ -768,22 +495,22 @@ krb5_get_in_cred(krb5_context context, } if (ret) goto out; - + { - unsigned flags = 0; + unsigned flags = EXTRACT_TICKET_TIMESYNC; if (opts.request_anonymous) flags |= EXTRACT_TICKET_ALLOW_SERVER_MISMATCH; - ret = _krb5_extract_ticket(context, - &rep, - creds, - key, - keyseed, + ret = _krb5_extract_ticket(context, + &rep, + creds, + key, + keyseed, KRB5_KU_AS_REP_ENC_PART, - NULL, - nonce, + NULL, + nonce, flags, - decrypt_proc, + decrypt_proc, decryptarg); } memset (key->keyvalue.data, 0, key->keyvalue.length); @@ -798,7 +525,7 @@ krb5_get_in_cred(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt(krb5_context context, krb5_flags options, const krb5_addresses *addrs, @@ -811,9 +538,10 @@ krb5_get_in_tkt(krb5_context context, krb5_creds *creds, krb5_ccache ccache, krb5_kdc_rep *ret_as_reply) + KRB5_DEPRECATED_FUNCTION("Use X instead") { krb5_error_code ret; - + ret = krb5_get_in_cred (context, options, addrs, @@ -826,9 +554,11 @@ krb5_get_in_tkt(krb5_context context, decryptarg, creds, ret_as_reply); - if(ret) + if(ret) return ret; if (ccache) ret = krb5_cc_store_cred (context, ccache, creds); return ret; } + +#endif /* HEIMDAL_SMALLER */ diff --git a/lib/krb5/get_in_tkt_pw.c b/lib/krb5/get_in_tkt_pw.c deleted file mode 100644 index 21b27c61b47e..000000000000 --- a/lib/krb5/get_in_tkt_pw.c +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: get_in_tkt_pw.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_password_key_proc (krb5_context context, - krb5_enctype type, - krb5_salt salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - krb5_error_code ret; - const char *password = (const char *)keyseed; - char buf[BUFSIZ]; - - *key = malloc (sizeof (**key)); - if (*key == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - if (password == NULL) { - if(UI_UTIL_read_pw_string (buf, sizeof(buf), "Password: ", 0)) { - free (*key); - krb5_clear_error_string(context); - return KRB5_LIBOS_PWDINTR; - } - password = buf; - } - ret = krb5_string_to_key_salt (context, type, password, salt, *key); - memset (buf, 0, sizeof(buf)); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_tkt_with_password (krb5_context context, - krb5_flags options, - krb5_addresses *addrs, - const krb5_enctype *etypes, - const krb5_preauthtype *pre_auth_types, - const char *password, - krb5_ccache ccache, - krb5_creds *creds, - krb5_kdc_rep *ret_as_reply) -{ - return krb5_get_in_tkt (context, - options, - addrs, - etypes, - pre_auth_types, - krb5_password_key_proc, - password, - NULL, - NULL, - creds, - ccache, - ret_as_reply); -} diff --git a/lib/krb5/get_in_tkt_with_keytab.c b/lib/krb5/get_in_tkt_with_keytab.c deleted file mode 100644 index 52f95c4bc45e..000000000000 --- a/lib/krb5/get_in_tkt_with_keytab.c +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: get_in_tkt_with_keytab.c 15477 2005-06-17 04:56:44Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytab_key_proc (krb5_context context, - krb5_enctype enctype, - krb5_salt salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - krb5_keytab_key_proc_args *args = rk_UNCONST(keyseed); - krb5_keytab keytab = args->keytab; - krb5_principal principal = args->principal; - krb5_error_code ret; - krb5_keytab real_keytab; - krb5_keytab_entry entry; - - if(keytab == NULL) - krb5_kt_default(context, &real_keytab); - else - real_keytab = keytab; - - ret = krb5_kt_get_entry (context, real_keytab, principal, - 0, enctype, &entry); - - if (keytab == NULL) - krb5_kt_close (context, real_keytab); - - if (ret) - return ret; - - ret = krb5_copy_keyblock (context, &entry.keyblock, key); - krb5_kt_free_entry(context, &entry); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_tkt_with_keytab (krb5_context context, - krb5_flags options, - krb5_addresses *addrs, - const krb5_enctype *etypes, - const krb5_preauthtype *pre_auth_types, - krb5_keytab keytab, - krb5_ccache ccache, - krb5_creds *creds, - krb5_kdc_rep *ret_as_reply) -{ - krb5_keytab_key_proc_args a; - - a.principal = creds->client; - a.keytab = keytab; - - return krb5_get_in_tkt (context, - options, - addrs, - etypes, - pre_auth_types, - krb5_keytab_key_proc, - &a, - NULL, - NULL, - creds, - ccache, - ret_as_reply); -} diff --git a/lib/krb5/get_in_tkt_with_skey.c b/lib/krb5/get_in_tkt_with_skey.c deleted file mode 100644 index 1936fa166458..000000000000 --- a/lib/krb5/get_in_tkt_with_skey.c +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: get_in_tkt_with_skey.c 13863 2004-05-25 21:46:46Z lha $"); - -static krb5_error_code -krb5_skey_key_proc (krb5_context context, - krb5_enctype type, - krb5_salt salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - return krb5_copy_keyblock (context, keyseed, key); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_tkt_with_skey (krb5_context context, - krb5_flags options, - krb5_addresses *addrs, - const krb5_enctype *etypes, - const krb5_preauthtype *pre_auth_types, - const krb5_keyblock *key, - krb5_ccache ccache, - krb5_creds *creds, - krb5_kdc_rep *ret_as_reply) -{ - if(key == NULL) - return krb5_get_in_tkt_with_keytab (context, - options, - addrs, - etypes, - pre_auth_types, - NULL, - ccache, - creds, - ret_as_reply); - else - return krb5_get_in_tkt (context, - options, - addrs, - etypes, - pre_auth_types, - krb5_skey_key_proc, - key, - NULL, - NULL, - creds, - ccache, - ret_as_reply); -} diff --git a/lib/krb5/get_port.c b/lib/krb5/get_port.c index 85587ea76620..93d9433cd039 100644 --- a/lib/krb5/get_port.c +++ b/lib/krb5/get_port.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" -RCSID("$Id: get_port.c 13863 2004-05-25 21:46:46Z lha $"); - -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_getportbyname (krb5_context context, const char *service, const char *proto, @@ -45,7 +43,7 @@ krb5_getportbyname (krb5_context context, if ((sp = roken_getservbyname (service, proto)) == NULL) { #if 0 - krb5_warnx(context, "%s/%s unknown service, using default port %d", + krb5_warnx(context, "%s/%s unknown service, using default port %d", service, proto, default_port); #endif return htons(default_port); diff --git a/lib/krb5/heim_err.et b/lib/krb5/heim_err.et index 1b8ab49bc11e..c47f77092f13 100644 --- a/lib/krb5/heim_err.et +++ b/lib/krb5/heim_err.et @@ -3,7 +3,7 @@ # # This might look like a com_err file, but is not # -id "$Id: heim_err.et 13352 2004-02-13 16:23:40Z lha $" +id "$Id$" error_table heim @@ -17,6 +17,9 @@ error_code OPNOTSUPP, "Operation not supported" error_code EOF, "End of file" error_code BAD_MKEY, "Failed to get the master key" error_code SERVICE_NOMATCH, "Unacceptable service used" +error_code NOT_SEEKABLE, "File descriptor not seekable" +error_code TOO_BIG, "Offset too large" +error_code BAD_HDBENT_ENCODING, "Invalid HDB entry encoding" index 64 prefix HEIM_PKINIT diff --git a/lib/krb5/init_creds.c b/lib/krb5/init_creds.c index a59c903bd9e1..25bef0f34045 100644 --- a/lib/krb5/init_creds.c +++ b/lib/krb5/init_creds.c @@ -1,8 +1,10 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -33,32 +35,41 @@ #include "krb5_locl.h" -RCSID("$Id: init_creds.c 21711 2007-07-27 14:22:02Z lha $"); +#undef __attribute__ +#define __attribute__(x) -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt) -{ - memset (opt, 0, sizeof(*opt)); - opt->flags = 0; - opt->opt_private = NULL; -} +/** + * @page krb5_init_creds_intro The initial credential handing functions + * @section section_krb5_init_creds Initial credential + * + * Functions to get initial credentials: @ref krb5_credential . + */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_alloc(krb5_context context, +/** + * Allocate a new krb5_get_init_creds_opt structure, free with + * krb5_get_init_creds_opt_free(). + * + * @ingroup krb5_credential + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_init_creds_opt_alloc(krb5_context context, krb5_get_init_creds_opt **opt) { krb5_get_init_creds_opt *o; - + *opt = NULL; o = calloc(1, sizeof(*o)); if (o == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } - krb5_get_init_creds_opt_init(o); + o->opt_private = calloc(1, sizeof(*o->opt_private)); if (o->opt_private == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); free(o); return ENOMEM; } @@ -67,69 +78,13 @@ krb5_get_init_creds_opt_alloc(krb5_context context, return 0; } -krb5_error_code -_krb5_get_init_creds_opt_copy(krb5_context context, - const krb5_get_init_creds_opt *in, - krb5_get_init_creds_opt **out) -{ - krb5_get_init_creds_opt *opt; +/** + * Free krb5_get_init_creds_opt structure. + * + * @ingroup krb5_credential + */ - *out = NULL; - opt = calloc(1, sizeof(*opt)); - if (opt == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - if (in) - *opt = *in; - if(opt->opt_private == NULL) { - opt->opt_private = calloc(1, sizeof(*opt->opt_private)); - if (opt->opt_private == NULL) { - krb5_set_error_string(context, "out of memory"); - free(opt); - return ENOMEM; - } - opt->opt_private->refcount = 1; - } else - opt->opt_private->refcount++; - *out = opt; - return 0; -} - -void KRB5_LIB_FUNCTION -_krb5_get_init_creds_opt_free_krb5_error(krb5_get_init_creds_opt *opt) -{ - if (opt->opt_private == NULL || opt->opt_private->error == NULL) - return; - free_KRB_ERROR(opt->opt_private->error); - free(opt->opt_private->error); - opt->opt_private->error = NULL; -} - -void KRB5_LIB_FUNCTION -_krb5_get_init_creds_opt_set_krb5_error(krb5_context context, - krb5_get_init_creds_opt *opt, - const KRB_ERROR *error) -{ - krb5_error_code ret; - - if (opt->opt_private == NULL) - return; - - _krb5_get_init_creds_opt_free_krb5_error(opt); - - opt->opt_private->error = malloc(sizeof(*opt->opt_private->error)); - if (opt->opt_private->error == NULL) - return; - ret = copy_KRB_ERROR(error, opt->opt_private->error); - if (ret) { - free(opt->opt_private->error); - opt->opt_private->error = NULL; - } -} - - -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_free(krb5_context context, krb5_get_init_creds_opt *opt) { @@ -138,7 +93,6 @@ krb5_get_init_creds_opt_free(krb5_context context, if (opt->opt_private->refcount < 1) /* abort ? */ return; if (--opt->opt_private->refcount == 0) { - _krb5_get_init_creds_opt_free_krb5_error(opt); _krb5_get_init_creds_opt_free_pkinit(opt); free(opt->opt_private); } @@ -172,20 +126,21 @@ get_config_time (krb5_context context, static krb5_boolean get_config_bool (krb5_context context, + krb5_boolean def_value, const char *realm, const char *name) { - return krb5_config_get_bool (context, - NULL, - "realms", - realm, - name, - NULL) - || krb5_config_get_bool (context, - NULL, - "libdefaults", - name, - NULL); + krb5_boolean b; + + b = krb5_config_get_bool_default(context, NULL, def_value, + "realms", realm, name, NULL); + if (b != def_value) + return b; + b = krb5_config_get_bool_default (context, NULL, def_value, + "libdefaults", name, NULL); + if (b != def_value) + return b; + return def_value; } /* @@ -195,7 +150,7 @@ get_config_bool (krb5_context context, * [realms] or [libdefaults] for some of the values. */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_default_flags(krb5_context context, const char *appname, krb5_const_realm realm, @@ -204,11 +159,12 @@ krb5_get_init_creds_opt_set_default_flags(krb5_context context, krb5_boolean b; time_t t; - b = get_config_bool (context, realm, "forwardable"); + b = get_config_bool (context, KRB5_FORWARDABLE_DEFAULT, + realm, "forwardable"); krb5_appdefault_boolean(context, appname, realm, "forwardable", b, &b); krb5_get_init_creds_opt_set_forwardable(opt, b); - b = get_config_bool (context, realm, "proxiable"); + b = get_config_bool (context, FALSE, realm, "proxiable"); krb5_appdefault_boolean(context, appname, realm, "proxiable", b, &b); krb5_get_init_creds_opt_set_proxiable (opt, b); @@ -224,7 +180,7 @@ krb5_get_init_creds_opt_set_default_flags(krb5_context context, if(t != 0) krb5_get_init_creds_opt_set_renew_life(opt, t); - krb5_appdefault_boolean(context, appname, realm, "no-addresses", + krb5_appdefault_boolean(context, appname, realm, "no-addresses", KRB5_ADDRESSLESS_DEFAULT, &b); krb5_get_init_creds_opt_set_addressless (context, opt, b); @@ -245,7 +201,7 @@ krb5_get_init_creds_opt_set_default_flags(krb5_context context, } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_tkt_life(krb5_get_init_creds_opt *opt, krb5_deltat tkt_life) { @@ -253,7 +209,7 @@ krb5_get_init_creds_opt_set_tkt_life(krb5_get_init_creds_opt *opt, opt->tkt_life = tkt_life; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_renew_life(krb5_get_init_creds_opt *opt, krb5_deltat renew_life) { @@ -261,7 +217,7 @@ krb5_get_init_creds_opt_set_renew_life(krb5_get_init_creds_opt *opt, opt->renew_life = renew_life; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_forwardable(krb5_get_init_creds_opt *opt, int forwardable) { @@ -269,7 +225,7 @@ krb5_get_init_creds_opt_set_forwardable(krb5_get_init_creds_opt *opt, opt->forwardable = forwardable; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_proxiable(krb5_get_init_creds_opt *opt, int proxiable) { @@ -277,7 +233,7 @@ krb5_get_init_creds_opt_set_proxiable(krb5_get_init_creds_opt *opt, opt->proxiable = proxiable; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_etype_list(krb5_get_init_creds_opt *opt, krb5_enctype *etype_list, int etype_list_length) @@ -287,7 +243,7 @@ krb5_get_init_creds_opt_set_etype_list(krb5_get_init_creds_opt *opt, opt->etype_list_length = etype_list_length; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_address_list(krb5_get_init_creds_opt *opt, krb5_addresses *addresses) { @@ -295,7 +251,7 @@ krb5_get_init_creds_opt_set_address_list(krb5_get_init_creds_opt *opt, opt->address_list = addresses; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_preauth_list(krb5_get_init_creds_opt *opt, krb5_preauthtype *preauth_list, int preauth_list_length) @@ -305,7 +261,7 @@ krb5_get_init_creds_opt_set_preauth_list(krb5_get_init_creds_opt *opt, opt->preauth_list = preauth_list; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt, krb5_data *salt) { @@ -313,7 +269,7 @@ krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt, opt->salt = salt; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_anonymous(krb5_get_init_creds_opt *opt, int anonymous) { @@ -327,13 +283,14 @@ require_ext_opt(krb5_context context, const char *type) { if (opt->opt_private == NULL) { - krb5_set_error_string(context, "%s on non extendable opt", type); + krb5_set_error_message(context, EINVAL, + N_("%s on non extendable opt", ""), type); return EINVAL; } return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_set_pa_password(krb5_context context, krb5_get_init_creds_opt *opt, const char *password, @@ -348,7 +305,7 @@ krb5_get_init_creds_opt_set_pa_password(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_set_pac_request(krb5_context context, krb5_get_init_creds_opt *opt, krb5_boolean req_pac) @@ -363,36 +320,7 @@ krb5_get_init_creds_opt_set_pac_request(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_get_error(krb5_context context, - krb5_get_init_creds_opt *opt, - KRB_ERROR **error) -{ - krb5_error_code ret; - - *error = NULL; - - ret = require_ext_opt(context, opt, "init_creds_opt_get_error"); - if (ret) - return ret; - - if (opt->opt_private->error == NULL) - return 0; - - *error = malloc(sizeof(**error)); - if (*error == NULL) { - krb5_set_error_string(context, "malloc - out memory"); - return ENOMEM; - } - - ret = copy_KRB_ERROR(opt->opt_private->error, *error); - if (ret) - krb5_clear_error_string(context); - - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_set_addressless(krb5_context context, krb5_get_init_creds_opt *opt, krb5_boolean addressless) @@ -408,7 +336,7 @@ krb5_get_init_creds_opt_set_addressless(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_set_canonicalize(krb5_context context, krb5_get_init_creds_opt *opt, krb5_boolean req) @@ -424,7 +352,7 @@ krb5_get_init_creds_opt_set_canonicalize(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_set_win2k(krb5_context context, krb5_get_init_creds_opt *opt, krb5_boolean req) @@ -433,10 +361,74 @@ krb5_get_init_creds_opt_set_win2k(krb5_context context, ret = require_ext_opt(context, opt, "init_creds_opt_set_win2k"); if (ret) return ret; - if (req) + if (req) { opt->opt_private->flags |= KRB5_INIT_CREDS_NO_C_CANON_CHECK; - else + opt->opt_private->flags |= KRB5_INIT_CREDS_NO_C_NO_EKU_CHECK; + } else { opt->opt_private->flags &= ~KRB5_INIT_CREDS_NO_C_CANON_CHECK; + opt->opt_private->flags &= ~KRB5_INIT_CREDS_NO_C_NO_EKU_CHECK; + } return 0; } + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_init_creds_opt_set_process_last_req(krb5_context context, + krb5_get_init_creds_opt *opt, + krb5_gic_process_last_req func, + void *ctx) +{ + krb5_error_code ret; + ret = require_ext_opt(context, opt, "init_creds_opt_set_win2k"); + if (ret) + return ret; + + opt->opt_private->lr.func = func; + opt->opt_private->lr.ctx = ctx; + + return 0; +} + + +#ifndef HEIMDAL_SMALLER + +/** + * Deprecated: use krb5_get_init_creds_opt_alloc(). + * + * The reason krb5_get_init_creds_opt_init() is deprecated is that + * krb5_get_init_creds_opt is a static structure and for ABI reason it + * can't grow, ie can't add new functionality. + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + memset (opt, 0, sizeof(*opt)); +} + +/** + * Deprecated: use the new krb5_init_creds_init() and + * krb5_init_creds_get_error(). + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_init_creds_opt_get_error(krb5_context context, + krb5_get_init_creds_opt *opt, + KRB_ERROR **error) + KRB5_DEPRECATED_FUNCTION("Use X instead") +{ + *error = calloc(1, sizeof(**error)); + if (*error == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + + return 0; +} + +#endif /* HEIMDAL_SMALLER */ diff --git a/lib/krb5/init_creds_pw.c b/lib/krb5/init_creds_pw.c index 441adff8fdf9..37f4147c372a 100644 --- a/lib/krb5/init_creds_pw.c +++ b/lib/krb5/init_creds_pw.c @@ -1,47 +1,47 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: init_creds_pw.c 21931 2007-08-27 14:11:55Z lha $"); - typedef struct krb5_get_init_creds_ctx { KDCOptions flags; krb5_creds cred; krb5_addresses *addrs; krb5_enctype *etypes; krb5_preauthtype *pre_auth_types; - const char *in_tkt_service; + char *in_tkt_service; unsigned nonce; unsigned pk_nonce; @@ -49,17 +49,53 @@ typedef struct krb5_get_init_creds_ctx { AS_REQ as_req; int pa_counter; - const char *password; - krb5_s2k_proc key_proc; + /* password and keytab_data is freed on completion */ + char *password; + krb5_keytab_key_proc_args *keytab_data; + + krb5_pointer *keyseed; + krb5_s2k_proc keyproc; krb5_get_init_creds_tristate req_pac; krb5_pk_init_ctx pk_init_ctx; int ic_flags; + + int used_pa_types; +#define USED_PKINIT 1 +#define USED_PKINIT_W2K 2 +#define USED_ENC_TS_GUESS 4 +#define USED_ENC_TS_INFO 8 + + METHOD_DATA md; + KRB_ERROR error; + AS_REP as_rep; + EncKDCRepPart enc_part; + + krb5_prompter_fct prompter; + void *prompter_data; + + struct pa_info_data *ppaid; + } krb5_get_init_creds_ctx; -static krb5_error_code -default_s2k_func(krb5_context context, krb5_enctype type, + +struct pa_info_data { + krb5_enctype etype; + krb5_salt salt; + krb5_data *s2kparams; +}; + +static void +free_paid(krb5_context context, struct pa_info_data *ppaid) +{ + krb5_free_salt(context, ppaid->salt); + if (ppaid->s2kparams) + krb5_free_data(context, ppaid->s2kparams); +} + +static krb5_error_code KRB5_CALLCONV +default_s2k_func(krb5_context context, krb5_enctype type, krb5_const_pointer keyseed, krb5_salt salt, krb5_data *s2kparms, krb5_keyblock **key) @@ -68,13 +104,15 @@ default_s2k_func(krb5_context context, krb5_enctype type, krb5_data password; krb5_data opaque; + _krb5_debug(context, 5, "krb5_get_init_creds: using default_s2k_func"); + password.data = rk_UNCONST(keyseed); password.length = strlen(keyseed); if (s2kparms) opaque = *s2kparms; else krb5_data_zero(&opaque); - + *key = malloc(sizeof(**key)); if (*key == NULL) return ENOMEM; @@ -88,14 +126,32 @@ default_s2k_func(krb5_context context, krb5_enctype type, } static void -free_init_creds_ctx(krb5_context context, krb5_get_init_creds_ctx *ctx) +free_init_creds_ctx(krb5_context context, krb5_init_creds_context ctx) { if (ctx->etypes) free(ctx->etypes); if (ctx->pre_auth_types) free (ctx->pre_auth_types); + if (ctx->in_tkt_service) + free(ctx->in_tkt_service); + if (ctx->keytab_data) + free(ctx->keytab_data); + if (ctx->password) { + memset(ctx->password, 0, strlen(ctx->password)); + free(ctx->password); + } + krb5_data_free(&ctx->req_buffer); + krb5_free_cred_contents(context, &ctx->cred); + free_METHOD_DATA(&ctx->md); + free_AS_REP(&ctx->as_rep); + free_EncKDCRepPart(&ctx->enc_part); + free_KRB_ERROR(&ctx->error); free_AS_REQ(&ctx->as_req); - memset(&ctx->as_req, 0, sizeof(ctx->as_req)); + if (ctx->ppaid) { + free_paid(context, ctx->ppaid); + free(ctx->ppaid); + } + memset(ctx, 0, sizeof(*ctx)); } static int @@ -127,18 +183,16 @@ init_cred (krb5_context context, krb5_creds *cred, krb5_principal client, krb5_deltat start_time, - const char *in_tkt_service, krb5_get_init_creds_opt *options) { krb5_error_code ret; - krb5_const_realm client_realm; int tmp; krb5_timestamp now; krb5_timeofday (context, &now); memset (cred, 0, sizeof(*cred)); - + if (client) krb5_copy_principal(context, client, &cred->client); else { @@ -148,8 +202,6 @@ init_cred (krb5_context context, goto out; } - client_realm = krb5_principal_get_realm (context, cred->client); - if (start_time) cred->times.starttime = now + start_time; @@ -164,22 +216,6 @@ init_cred (krb5_context context, cred->times.renew_till = now + options->renew_life; } - if (in_tkt_service) { - krb5_realm server_realm; - - ret = krb5_parse_name (context, in_tkt_service, &cred->server); - if (ret) - goto out; - server_realm = strdup (client_realm); - free (*krb5_princ_realm(context, cred->server)); - krb5_princ_set_realm (context, cred->server, &server_realm); - } else { - ret = krb5_make_principal(context, &cred->server, - client_realm, KRB5_TGS_NAME, client_realm, - NULL); - if (ret) - goto out; - } return 0; out: @@ -198,29 +234,73 @@ report_expiration (krb5_context context, const char *str, time_t now) { - char *p; - - asprintf (&p, "%s%s", str, ctime(&now)); - (*prompter) (context, data, NULL, p, 0, NULL); - free (p); + char *p = NULL; + + if (asprintf(&p, "%s%s", str, ctime(&now)) < 0 || p == NULL) + return; + (*prompter)(context, data, NULL, p, 0, NULL); + free(p); } /* - * Parse the last_req data and show it to the user if it's interesting + * Check the context, and in the case there is a expiration warning, + * use the prompter to print the warning. + * + * @param context A Kerberos 5 context. + * @param options An GIC options structure + * @param ctx The krb5_init_creds_context check for expiration. */ -static void -print_expire (krb5_context context, - krb5_const_realm realm, - krb5_kdc_rep *rep, - krb5_prompter_fct prompter, - krb5_data *data) +static krb5_error_code +process_last_request(krb5_context context, + krb5_get_init_creds_opt *options, + krb5_init_creds_context ctx) { - int i; - LastReq *lr = &rep->enc_part.last_req; + krb5_const_realm realm; + LastReq *lr; + krb5_boolean reported = FALSE; krb5_timestamp sec; time_t t; - krb5_boolean reported = FALSE; + size_t i; + + /* + * First check if there is a API consumer. + */ + + realm = krb5_principal_get_realm (context, ctx->cred.client); + lr = &ctx->enc_part.last_req; + + if (options && options->opt_private && options->opt_private->lr.func) { + krb5_last_req_entry **lre; + + lre = calloc(lr->len + 1, sizeof(**lre)); + if (lre == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + for (i = 0; i < lr->len; i++) { + lre[i] = calloc(1, sizeof(*lre[i])); + if (lre[i] == NULL) + break; + lre[i]->lr_type = lr->val[i].lr_type; + lre[i]->value = lr->val[i].lr_value; + } + + (*options->opt_private->lr.func)(context, lre, + options->opt_private->lr.ctx); + + for (i = 0; i < lr->len; i++) + free(lre[i]); + free(lre); + } + + /* + * Now check if we should prompt the user + */ + + if (ctx->prompter == NULL) + return 0; krb5_timeofday (context, &sec); @@ -233,13 +313,15 @@ print_expire (krb5_context context, if (lr->val[i].lr_value <= t) { switch (abs(lr->val[i].lr_type)) { case LR_PW_EXPTIME : - report_expiration(context, prompter, data, + report_expiration(context, ctx->prompter, + ctx->prompter_data, "Your password will expire at ", lr->val[i].lr_value); reported = TRUE; break; case LR_ACCT_EXPTIME : - report_expiration(context, prompter, data, + report_expiration(context, ctx->prompter, + ctx->prompter_data, "Your account will expire at ", lr->val[i].lr_value); reported = TRUE; @@ -249,12 +331,14 @@ print_expire (krb5_context context, } if (!reported - && rep->enc_part.key_expiration - && *rep->enc_part.key_expiration <= t) { - report_expiration(context, prompter, data, + && ctx->enc_part.key_expiration + && *ctx->enc_part.key_expiration <= t) { + report_expiration(context, ctx->prompter, + ctx->prompter_data, "Your password/account will expire at ", - *rep->enc_part.key_expiration); + *ctx->enc_part.key_expiration); } + return 0; } static krb5_addresses no_addrs = { 0, NULL }; @@ -263,11 +347,10 @@ static krb5_error_code get_init_creds_common(krb5_context context, krb5_principal client, krb5_deltat start_time, - const char *in_tkt_service, krb5_get_init_creds_opt *options, - krb5_get_init_creds_ctx *ctx) + krb5_init_creds_context ctx) { - krb5_get_init_creds_opt default_opt; + krb5_get_init_creds_opt *default_opt = NULL; krb5_error_code ret; krb5_enctype *etypes; krb5_preauthtype *pre_auth_types; @@ -275,37 +358,51 @@ get_init_creds_common(krb5_context context, memset(ctx, 0, sizeof(*ctx)); if (options == NULL) { - krb5_get_init_creds_opt_init (&default_opt); - options = &default_opt; - } else { - _krb5_get_init_creds_opt_free_krb5_error(options); + const char *realm = krb5_principal_get_realm(context, client); + + krb5_get_init_creds_opt_alloc (context, &default_opt); + options = default_opt; + krb5_get_init_creds_opt_set_default_flags(context, NULL, realm, options); } if (options->opt_private) { - ctx->password = options->opt_private->password; - ctx->key_proc = options->opt_private->key_proc; + if (options->opt_private->password) { + ret = krb5_init_creds_set_password(context, ctx, + options->opt_private->password); + if (ret) + goto out; + } + + ctx->keyproc = options->opt_private->key_proc; ctx->req_pac = options->opt_private->req_pac; ctx->pk_init_ctx = options->opt_private->pk_init_ctx; ctx->ic_flags = options->opt_private->flags; } else ctx->req_pac = KRB5_INIT_CREDS_TRISTATE_UNSET; - if (ctx->key_proc == NULL) - ctx->key_proc = default_s2k_func; + if (ctx->keyproc == NULL) + ctx->keyproc = default_s2k_func; - if (ctx->ic_flags & KRB5_INIT_CREDS_CANONICALIZE) + /* Enterprise name implicitly turns on canonicalize */ + if ((ctx->ic_flags & KRB5_INIT_CREDS_CANONICALIZE) || + krb5_principal_get_type(context, client) == KRB5_NT_ENTERPRISE_PRINCIPAL) ctx->flags.canonicalize = 1; ctx->pre_auth_types = NULL; ctx->addrs = NULL; ctx->etypes = NULL; ctx->pre_auth_types = NULL; - ctx->in_tkt_service = in_tkt_service; - ret = init_cred (context, &ctx->cred, client, start_time, - in_tkt_service, options); - if (ret) + ret = init_cred(context, &ctx->cred, client, start_time, options); + if (ret) { + if (default_opt) + krb5_get_init_creds_opt_free(context, default_opt); return ret; + } + + ret = krb5_init_creds_set_service(context, ctx, NULL); + if (ret) + goto out; if (options->flags & KRB5_GET_INIT_CREDS_OPT_FORWARDABLE) ctx->flags.forwardable = options->forwardable; @@ -337,11 +434,15 @@ get_init_creds_common(krb5_context context, } } if (options->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST) { + if (ctx->etypes) + free(ctx->etypes); + etypes = malloc((options->etype_list_length + 1) * sizeof(krb5_enctype)); if (etypes == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; + ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + goto out; } memcpy (etypes, options->etype_list, options->etype_list_length * sizeof(krb5_enctype)); @@ -352,19 +453,24 @@ get_init_creds_common(krb5_context context, pre_auth_types = malloc((options->preauth_list_length + 1) * sizeof(krb5_preauthtype)); if (pre_auth_types == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; + ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + goto out; } memcpy (pre_auth_types, options->preauth_list, options->preauth_list_length * sizeof(krb5_preauthtype)); pre_auth_types[options->preauth_list_length] = KRB5_PADATA_NONE; ctx->pre_auth_types = pre_auth_types; } - if (options->flags & KRB5_GET_INIT_CREDS_OPT_SALT) - ; /* XXX */ if (options->flags & KRB5_GET_INIT_CREDS_OPT_ANONYMOUS) ctx->flags.request_anonymous = options->anonymous; + if (default_opt) + krb5_get_init_creds_opt_free(context, default_opt); return 0; + out: + if (default_opt) + krb5_get_init_creds_opt_free(context, default_opt); + return ret; } static krb5_error_code @@ -386,18 +492,20 @@ change_password (krb5_context context, krb5_data result_code_string; krb5_data result_string; char *p; - krb5_get_init_creds_opt options; + krb5_get_init_creds_opt *options; memset (&cpw_cred, 0, sizeof(cpw_cred)); - krb5_get_init_creds_opt_init (&options); - krb5_get_init_creds_opt_set_tkt_life (&options, 60); - krb5_get_init_creds_opt_set_forwardable (&options, FALSE); - krb5_get_init_creds_opt_set_proxiable (&options, FALSE); + ret = krb5_get_init_creds_opt_alloc(context, &options); + if (ret) + return ret; + krb5_get_init_creds_opt_set_tkt_life (options, 60); + krb5_get_init_creds_opt_set_forwardable (options, FALSE); + krb5_get_init_creds_opt_set_proxiable (options, FALSE); if (old_options && old_options->flags & KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST) - krb5_get_init_creds_opt_set_preauth_list (&options, + krb5_get_init_creds_opt_set_preauth_list (options, old_options->preauth_list, - old_options->preauth_list_length); + old_options->preauth_list_length); krb5_data_zero (&result_code_string); krb5_data_zero (&result_string); @@ -410,7 +518,8 @@ change_password (krb5_context context, data, 0, "kadmin/changepw", - &options); + options); + krb5_get_init_creds_opt_free(context, options); if (ret) goto out; @@ -444,28 +553,36 @@ change_password (krb5_context context, memset (buf1, 0, sizeof(buf1)); memset (buf2, 0, sizeof(buf2)); } - - ret = krb5_change_password (context, - &cpw_cred, - buf1, - &result_code, - &result_code_string, - &result_string); + + ret = krb5_set_password (context, + &cpw_cred, + buf1, + client, + &result_code, + &result_code_string, + &result_string); if (ret) goto out; - asprintf (&p, "%s: %.*s\n", - result_code ? "Error" : "Success", - (int)result_string.length, - result_string.length > 0 ? (char*)result_string.data : ""); + if (asprintf(&p, "%s: %.*s\n", + result_code ? "Error" : "Success", + (int)result_string.length, + result_string.length > 0 ? (char*)result_string.data : "") < 0) + { + ret = ENOMEM; + goto out; + } + + /* return the result */ + (*prompter) (context, data, NULL, p, 0, NULL); - ret = (*prompter) (context, data, NULL, p, 0, NULL); free (p); if (result_code == 0) { strlcpy (newpw, buf1, newpw_sz); ret = 0; } else { - krb5_set_error_string (context, "failed changing password"); ret = ENOTTY; + krb5_set_error_message(context, ret, + N_("failed changing password", "")); } out: @@ -477,7 +594,8 @@ change_password (krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keyblock_key_proc (krb5_context context, krb5_keytype type, krb5_data *salt, @@ -487,68 +605,17 @@ krb5_keyblock_key_proc (krb5_context context, return krb5_copy_keyblock (context, keyseed, key); } -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_keytab(krb5_context context, - krb5_creds *creds, - krb5_principal client, - krb5_keytab keytab, - krb5_deltat start_time, - const char *in_tkt_service, - krb5_get_init_creds_opt *options) -{ - krb5_get_init_creds_ctx ctx; - krb5_error_code ret; - krb5_keytab_key_proc_args *a; - - ret = get_init_creds_common(context, client, start_time, - in_tkt_service, options, &ctx); - if (ret) - goto out; - - a = malloc (sizeof(*a)); - if (a == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - a->principal = ctx.cred.client; - a->keytab = keytab; - - ret = krb5_get_in_cred (context, - KDCOptions2int(ctx.flags), - ctx.addrs, - ctx.etypes, - ctx.pre_auth_types, - NULL, - krb5_keytab_key_proc, - a, - NULL, - NULL, - &ctx.cred, - NULL); - free (a); - - if (ret == 0 && creds) - *creds = ctx.cred; - else - krb5_free_cred_contents (context, &ctx.cred); - - out: - free_init_creds_ctx(context, &ctx); - return ret; -} - /* * */ static krb5_error_code -init_creds_init_as_req (krb5_context context, - KDCOptions opts, - const krb5_creds *creds, - const krb5_addresses *addrs, - const krb5_enctype *etypes, - AS_REQ *a) +init_as_req (krb5_context context, + KDCOptions opts, + const krb5_creds *creds, + const krb5_addresses *addrs, + const krb5_enctype *etypes, + AS_REQ *a) { krb5_error_code ret; @@ -560,13 +627,13 @@ init_creds_init_as_req (krb5_context context, a->req_body.cname = malloc(sizeof(*a->req_body.cname)); if (a->req_body.cname == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } a->req_body.sname = malloc(sizeof(*a->req_body.sname)); if (a->req_body.sname == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } @@ -585,7 +652,7 @@ init_creds_init_as_req (krb5_context context, a->req_body.from = malloc(sizeof(*a->req_body.from)); if (a->req_body.from == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } *a->req_body.from = creds->times.starttime; @@ -598,13 +665,14 @@ init_creds_init_as_req (krb5_context context, a->req_body.rtime = malloc(sizeof(*a->req_body.rtime)); if (a->req_body.rtime == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } *a->req_body.rtime = creds->times.renew_till; } a->req_body.nonce = 0; - ret = krb5_init_etype (context, + ret = _krb5_init_etype(context, + KRB5_PDU_AS_REQUEST, &a->req_body.etype.len, &a->req_body.etype.val, etypes); @@ -621,7 +689,7 @@ init_creds_init_as_req (krb5_context context, a->req_body.addresses = malloc(sizeof(*a->req_body.addresses)); if (a->req_body.addresses == NULL) { ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } @@ -650,20 +718,6 @@ init_creds_init_as_req (krb5_context context, return ret; } -struct pa_info_data { - krb5_enctype etype; - krb5_salt salt; - krb5_data *s2kparams; -}; - -static void -free_paid(krb5_context context, struct pa_info_data *ppaid) -{ - krb5_free_salt(context, ppaid->salt); - if (ppaid->s2kparams) - krb5_free_data(context, ppaid->s2kparams); -} - static krb5_error_code set_paid(struct pa_info_data *paid, krb5_context context, @@ -675,7 +729,7 @@ set_paid(struct pa_info_data *paid, krb5_context context, paid->salt.salttype = salttype; paid->salt.saltvalue.data = malloc(salt_len + 1); if (paid->salt.saltvalue.data == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ENOMEM; } memcpy(paid->salt.saltvalue.data, salt_string, salt_len); @@ -686,7 +740,7 @@ set_paid(struct pa_info_data *paid, krb5_context context, ret = krb5_copy_data(context, s2kparams, &paid->s2kparams); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); krb5_free_salt(context, paid->salt); return ret; } @@ -698,15 +752,15 @@ set_paid(struct pa_info_data *paid, krb5_context context, static struct pa_info_data * pa_etype_info2(krb5_context context, - const krb5_principal client, + const krb5_principal client, const AS_REQ *asreq, - struct pa_info_data *paid, + struct pa_info_data *paid, heim_octet_string *data) { krb5_error_code ret; ETYPE_INFO2 e; size_t sz; - int i, j; + size_t i, j; memset(&e, 0, sizeof(e)); ret = decode_ETYPE_INFO2(data->data, data->length, &e, &sz); @@ -728,7 +782,7 @@ pa_etype_info2(krb5_context context, if (ret == 0) ret = set_paid(paid, context, e.val[i].etype, KRB5_PW_SALT, - salt.saltvalue.data, + salt.saltvalue.data, salt.saltvalue.length, e.val[i].s2kparams); if (e.val[i].salt == NULL) @@ -747,7 +801,7 @@ pa_etype_info2(krb5_context context, static struct pa_info_data * pa_etype_info(krb5_context context, - const krb5_principal client, + const krb5_principal client, const AS_REQ *asreq, struct pa_info_data *paid, heim_octet_string *data) @@ -755,7 +809,7 @@ pa_etype_info(krb5_context context, krb5_error_code ret; ETYPE_INFO e; size_t sz; - int i, j; + size_t i, j; memset(&e, 0, sizeof(e)); ret = decode_ETYPE_INFO(data->data, data->length, &e, &sz); @@ -779,7 +833,7 @@ pa_etype_info(krb5_context context, if (ret == 0) { ret = set_paid(paid, context, e.val[i].etype, salt.salttype, - salt.saltvalue.data, + salt.saltvalue.data, salt.saltvalue.length, NULL); if (e.val[i].salt == NULL) @@ -799,7 +853,7 @@ pa_etype_info(krb5_context context, static struct pa_info_data * pa_pw_or_afs3_salt(krb5_context context, - const krb5_principal client, + const krb5_principal client, const AS_REQ *asreq, struct pa_info_data *paid, heim_octet_string *data) @@ -807,10 +861,10 @@ pa_pw_or_afs3_salt(krb5_context context, krb5_error_code ret; if (paid->etype == ENCTYPE_NULL) return NULL; - ret = set_paid(paid, context, + ret = set_paid(paid, context, paid->etype, paid->salt.salttype, - data->data, + data->data, data->length, NULL); if (ret) @@ -822,9 +876,9 @@ pa_pw_or_afs3_salt(krb5_context context, struct pa_info { krb5_preauthtype type; struct pa_info_data *(*salt_info)(krb5_context, - const krb5_principal, + const krb5_principal, const AS_REQ *, - struct pa_info_data *, + struct pa_info_data *, heim_octet_string *); }; @@ -834,11 +888,11 @@ static struct pa_info pa_prefs[] = { { KRB5_PADATA_PW_SALT, pa_pw_or_afs3_salt }, { KRB5_PADATA_AFS3_SALT, pa_pw_or_afs3_salt } }; - + static PA_DATA * -find_pa_data(const METHOD_DATA *md, int type) +find_pa_data(const METHOD_DATA *md, unsigned type) { - int i; + size_t i; if (md == NULL) return NULL; for (i = 0; i < md->len; i++) @@ -848,20 +902,20 @@ find_pa_data(const METHOD_DATA *md, int type) } static struct pa_info_data * -process_pa_info(krb5_context context, - const krb5_principal client, +process_pa_info(krb5_context context, + const krb5_principal client, const AS_REQ *asreq, struct pa_info_data *paid, METHOD_DATA *md) { struct pa_info_data *p = NULL; - int i; + size_t i; for (i = 0; p == NULL && i < sizeof(pa_prefs)/sizeof(pa_prefs[0]); i++) { PA_DATA *pa = find_pa_data(md, pa_prefs[i].type); if (pa == NULL) continue; - paid->salt.salttype = pa_prefs[i].type; + paid->salt.salttype = (krb5_salttype)pa_prefs[i].type; p = (*pa_prefs[i].salt_info)(context, client, asreq, paid, &pa->padata_value); } @@ -869,19 +923,19 @@ process_pa_info(krb5_context context, } static krb5_error_code -make_pa_enc_timestamp(krb5_context context, METHOD_DATA *md, +make_pa_enc_timestamp(krb5_context context, METHOD_DATA *md, krb5_enctype etype, krb5_keyblock *key) { PA_ENC_TS_ENC p; unsigned char *buf; size_t buf_size; - size_t len; + size_t len = 0; EncryptedData encdata; krb5_error_code ret; int32_t usec; int usec2; krb5_crypto crypto; - + krb5_us_timeofday (context, &p.patimestamp, &usec); usec2 = usec; p.pausec = &usec2; @@ -897,7 +951,7 @@ make_pa_enc_timestamp(krb5_context context, METHOD_DATA *md, free(buf); return ret; } - ret = krb5_encrypt_EncryptedData(context, + ret = krb5_encrypt_EncryptedData(context, crypto, KRB5_KU_PA_ENC_TIMESTAMP, buf, @@ -908,7 +962,7 @@ make_pa_enc_timestamp(krb5_context context, METHOD_DATA *md, krb5_crypto_destroy(context, crypto); if (ret) return ret; - + ASN1_MALLOC_ENCODE(EncryptedData, buf, buf_size, &encdata, &len, ret); free_EncryptedData(&encdata); if (ret) @@ -924,9 +978,9 @@ make_pa_enc_timestamp(krb5_context context, METHOD_DATA *md, static krb5_error_code add_enc_ts_padata(krb5_context context, - METHOD_DATA *md, + METHOD_DATA *md, krb5_principal client, - krb5_s2k_proc key_proc, + krb5_s2k_proc keyproc, krb5_const_pointer keyseed, krb5_enctype *enctypes, unsigned netypes, @@ -936,11 +990,13 @@ add_enc_ts_padata(krb5_context context, krb5_error_code ret; krb5_salt salt2; krb5_enctype *ep; - int i; - + size_t i; + if(salt == NULL) { /* default to standard salt */ ret = krb5_get_pw_salt (context, client, &salt2); + if (ret) + return ret; salt = &salt2; } if (!enctypes) { @@ -953,8 +1009,10 @@ add_enc_ts_padata(krb5_context context, for (i = 0; i < netypes; ++i) { krb5_keyblock *key; - ret = (*key_proc)(context, enctypes[i], keyseed, - *salt, s2kparams, &key); + _krb5_debug(context, 5, "krb5_get_init_creds: using ENC-TS with enctype %d", enctypes[i]); + + ret = (*keyproc)(context, enctypes[i], keyseed, + *salt, s2kparams, &key); if (ret) continue; ret = make_pa_enc_timestamp (context, md, enctypes[i], key); @@ -975,29 +1033,31 @@ pa_data_to_md_ts_enc(krb5_context context, struct pa_info_data *ppaid, METHOD_DATA *md) { - if (ctx->key_proc == NULL || ctx->password == NULL) + if (ctx->keyproc == NULL || ctx->keyseed == NULL) return 0; if (ppaid) { - add_enc_ts_padata(context, md, client, - ctx->key_proc, ctx->password, + add_enc_ts_padata(context, md, client, + ctx->keyproc, ctx->keyseed, &ppaid->etype, 1, &ppaid->salt, ppaid->s2kparams); } else { krb5_salt salt; - + + _krb5_debug(context, 5, "krb5_get_init_creds: pa-info not found, guessing salt"); + /* make a v5 salted pa-data */ - add_enc_ts_padata(context, md, client, - ctx->key_proc, ctx->password, - a->req_body.etype.val, a->req_body.etype.len, + add_enc_ts_padata(context, md, client, + ctx->keyproc, ctx->keyseed, + a->req_body.etype.val, a->req_body.etype.len, NULL, NULL); - + /* make a v4 salted pa-data */ salt.salttype = KRB5_PW_SALT; krb5_data_zero(&salt.saltvalue); - add_enc_ts_padata(context, md, client, - ctx->key_proc, ctx->password, - a->req_body.etype.val, a->req_body.etype.len, + add_enc_ts_padata(context, md, client, + ctx->keyproc, ctx->keyseed, + a->req_body.etype.val, a->req_body.etype.len, &salt, NULL); } return 0; @@ -1014,7 +1074,7 @@ pa_data_to_key_plain(krb5_context context, { krb5_error_code ret; - ret = (*ctx->key_proc)(context, etype, ctx->password, + ret = (*ctx->keyproc)(context, etype, ctx->keyseed, salt, s2kparams, key); return ret; } @@ -1024,6 +1084,7 @@ static krb5_error_code pa_data_to_md_pkinit(krb5_context context, const AS_REQ *a, const krb5_principal client, + int win2k, krb5_get_init_creds_ctx *ctx, METHOD_DATA *md) { @@ -1031,12 +1092,15 @@ pa_data_to_md_pkinit(krb5_context context, return 0; #ifdef PKINIT return _krb5_pk_mk_padata(context, - ctx->pk_init_ctx, - &a->req_body, - ctx->pk_nonce, - md); + ctx->pk_init_ctx, + ctx->ic_flags, + win2k, + &a->req_body, + ctx->pk_nonce, + md); #else - krb5_set_error_string(context, "no support for PKINIT compiled in"); + krb5_set_error_message(context, EINVAL, + N_("no support for PKINIT compiled in", "")); return EINVAL; #endif } @@ -1046,11 +1110,11 @@ pa_data_add_pac_request(krb5_context context, krb5_get_init_creds_ctx *ctx, METHOD_DATA *md) { - size_t len, length; + size_t len = 0, length; krb5_error_code ret; PA_PAC_REQUEST req; void *buf; - + switch (ctx->req_pac) { case KRB5_INIT_CREDS_TRISTATE_UNSET: return 0; /* don't bother */ @@ -1059,9 +1123,9 @@ pa_data_add_pac_request(krb5_context context, break; case KRB5_INIT_CREDS_TRISTATE_FALSE: req.include_pac = 0; - } + } - ASN1_MALLOC_ENCODE(PA_PAC_REQUEST, buf, length, + ASN1_MALLOC_ENCODE(PA_PAC_REQUEST, buf, length, &req, &len, ret); if (ret) return ret; @@ -1093,12 +1157,19 @@ process_pa_data_to_md(krb5_context context, ALLOC(*out_md, 1); if (*out_md == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } (*out_md)->len = 0; (*out_md)->val = NULL; - + + if (_krb5_have_debug(context, 5)) { + unsigned i; + _krb5_debug(context, 5, "KDC send %d patypes", in_md->len); + for (i = 0; i < in_md->len; i++) + _krb5_debug(context, 5, "KDC send PA-DATA type: %d", in_md->val[i].padata_type); + } + /* * Make sure we don't sent both ENC-TS and PK-INIT pa data, no * need to expose our password protecting our PKCS12 key. @@ -1106,21 +1177,62 @@ process_pa_data_to_md(krb5_context context, if (ctx->pk_init_ctx) { - ret = pa_data_to_md_pkinit(context, a, creds->client, ctx, *out_md); + _krb5_debug(context, 5, "krb5_get_init_creds: " + "prepareing PKINIT padata (%s)", + (ctx->used_pa_types & USED_PKINIT_W2K) ? "win2k" : "ietf"); + + if (ctx->used_pa_types & USED_PKINIT_W2K) { + krb5_set_error_message(context, KRB5_GET_IN_TKT_LOOP, + "Already tried pkinit, looping"); + return KRB5_GET_IN_TKT_LOOP; + } + + ret = pa_data_to_md_pkinit(context, a, creds->client, + (ctx->used_pa_types & USED_PKINIT), + ctx, *out_md); if (ret) return ret; + if (ctx->used_pa_types & USED_PKINIT) + ctx->used_pa_types |= USED_PKINIT_W2K; + else + ctx->used_pa_types |= USED_PKINIT; + } else if (in_md->len != 0) { - struct pa_info_data paid, *ppaid; - - memset(&paid, 0, sizeof(paid)); - - paid.etype = ENCTYPE_NULL; - ppaid = process_pa_info(context, creds->client, a, &paid, in_md); - + struct pa_info_data *paid, *ppaid; + unsigned flag; + + paid = calloc(1, sizeof(*paid)); + + paid->etype = ENCTYPE_NULL; + ppaid = process_pa_info(context, creds->client, a, paid, in_md); + + if (ppaid) + flag = USED_ENC_TS_INFO; + else + flag = USED_ENC_TS_GUESS; + + if (ctx->used_pa_types & flag) { + if (ppaid) + free_paid(context, ppaid); + krb5_set_error_message(context, KRB5_GET_IN_TKT_LOOP, + "Already tried ENC-TS-%s, looping", + flag == USED_ENC_TS_INFO ? "info" : "guess"); + return KRB5_GET_IN_TKT_LOOP; + } + pa_data_to_md_ts_enc(context, a, creds->client, ctx, ppaid, *out_md); - if (ppaid) - free_paid(context, ppaid); + + ctx->used_pa_types |= flag; + + if (ppaid) { + if (ctx->ppaid) { + free_paid(context, ctx->ppaid); + free(ctx->ppaid); + } + ctx->ppaid = ppaid; + } else + free(paid); } pa_data_add_pac_request(context, ctx, *out_md); @@ -1138,7 +1250,7 @@ process_pa_data_to_key(krb5_context context, krb5_get_init_creds_ctx *ctx, krb5_creds *creds, AS_REQ *a, - krb5_kdc_rep *rep, + AS_REP *rep, const krb5_krbhst_info *hi, krb5_keyblock **key) { @@ -1149,38 +1261,43 @@ process_pa_data_to_key(krb5_context context, memset(&paid, 0, sizeof(paid)); - etype = rep->kdc_rep.enc_part.etype; + etype = rep->enc_part.etype; - if (rep->kdc_rep.padata) { + if (rep->padata) { paid.etype = etype; - ppaid = process_pa_info(context, creds->client, a, &paid, - rep->kdc_rep.padata); + ppaid = process_pa_info(context, creds->client, a, &paid, + rep->padata); } + if (ppaid == NULL) + ppaid = ctx->ppaid; if (ppaid == NULL) { ret = krb5_get_pw_salt (context, creds->client, &paid.salt); if (ret) return ret; paid.etype = etype; paid.s2kparams = NULL; + ppaid = &paid; } pa = NULL; - if (rep->kdc_rep.padata) { + if (rep->padata) { int idx = 0; - pa = krb5_find_padata(rep->kdc_rep.padata->val, - rep->kdc_rep.padata->len, + pa = krb5_find_padata(rep->padata->val, + rep->padata->len, KRB5_PADATA_PK_AS_REP, &idx); if (pa == NULL) { idx = 0; - pa = krb5_find_padata(rep->kdc_rep.padata->val, - rep->kdc_rep.padata->len, + pa = krb5_find_padata(rep->padata->val, + rep->padata->len, KRB5_PADATA_PK_AS_REP_19, &idx); } } if (pa && ctx->pk_init_ctx) { #ifdef PKINIT + _krb5_debug(context, 5, "krb5_get_init_creds: using PKINIT"); + ret = _krb5_pk_rd_pa_reply(context, a->req_body.realm, ctx->pk_init_ctx, @@ -1191,124 +1308,442 @@ process_pa_data_to_key(krb5_context context, pa, key); #else - krb5_set_error_string(context, "no support for PKINIT compiled in"); ret = EINVAL; + krb5_set_error_message(context, ret, N_("no support for PKINIT compiled in", "")); #endif - } else if (ctx->password) - ret = pa_data_to_key_plain(context, creds->client, ctx, - paid.salt, paid.s2kparams, etype, key); - else { - krb5_set_error_string(context, "No usable pa data type"); + } else if (ctx->keyseed) { + _krb5_debug(context, 5, "krb5_get_init_creds: using keyproc"); + ret = pa_data_to_key_plain(context, creds->client, ctx, + ppaid->salt, ppaid->s2kparams, etype, key); + } else { ret = EINVAL; + krb5_set_error_message(context, ret, N_("No usable pa data type", "")); } free_paid(context, &paid); return ret; } -static krb5_error_code -init_cred_loop(krb5_context context, - krb5_get_init_creds_opt *init_cred_opts, - const krb5_prompter_fct prompter, - void *prompter_data, - krb5_get_init_creds_ctx *ctx, - krb5_creds *creds, - krb5_kdc_rep *ret_as_reply) +/** + * Start a new context to get a new initial credential. + * + * @param context A Kerberos 5 context. + * @param client The Kerberos principal to get the credential for, if + * NULL is given, the default principal is used as determined by + * krb5_get_default_principal(). + * @param prompter + * @param prompter_data + * @param start_time the time the ticket should start to be valid or 0 for now. + * @param options a options structure, can be NULL for default options. + * @param rctx A new allocated free with krb5_init_creds_free(). + * + * @return 0 for success or an Kerberos 5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_credential + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_init(krb5_context context, + krb5_principal client, + krb5_prompter_fct prompter, + void *prompter_data, + krb5_deltat start_time, + krb5_get_init_creds_opt *options, + krb5_init_creds_context *rctx) { + krb5_init_creds_context ctx; krb5_error_code ret; - krb5_kdc_rep rep; - METHOD_DATA md; - krb5_data resp; - size_t len; - size_t size; - krb5_krbhst_info *hi = NULL; - krb5_sendto_ctx stctx = NULL; + *rctx = NULL; - memset(&md, 0, sizeof(md)); - memset(&rep, 0, sizeof(rep)); + ctx = calloc(1, sizeof(*ctx)); + if (ctx == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } - _krb5_get_init_creds_opt_free_krb5_error(init_cred_opts); - - if (ret_as_reply) - memset(ret_as_reply, 0, sizeof(*ret_as_reply)); - - ret = init_creds_init_as_req(context, ctx->flags, creds, - ctx->addrs, ctx->etypes, &ctx->as_req); - if (ret) + ret = get_init_creds_common(context, client, start_time, options, ctx); + if (ret) { + free(ctx); return ret; - - ret = krb5_sendto_ctx_alloc(context, &stctx); - if (ret) - goto out; - krb5_sendto_ctx_set_func(stctx, _krb5_kdc_retry, NULL); + } /* Set a new nonce. */ krb5_generate_random_block (&ctx->nonce, sizeof(ctx->nonce)); - ctx->nonce &= 0xffffffff; + ctx->nonce &= 0x7fffffff; /* XXX these just needs to be the same when using Windows PK-INIT */ ctx->pk_nonce = ctx->nonce; + ctx->prompter = prompter; + ctx->prompter_data = prompter_data; + + *rctx = ctx; + + return ret; +} + +/** + * Sets the service that the is requested. This call is only neede for + * special initial tickets, by default the a krbtgt is fetched in the default realm. + * + * @param context a Kerberos 5 context. + * @param ctx a krb5_init_creds_context context. + * @param service the service given as a string, for example + * "kadmind/admin". If NULL, the default krbtgt in the clients + * realm is set. + * + * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). + * @ingroup krb5_credential + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_set_service(krb5_context context, + krb5_init_creds_context ctx, + const char *service) +{ + krb5_const_realm client_realm; + krb5_principal principal; + krb5_error_code ret; + + client_realm = krb5_principal_get_realm (context, ctx->cred.client); + + if (service) { + ret = krb5_parse_name (context, service, &principal); + if (ret) + return ret; + krb5_principal_set_realm (context, principal, client_realm); + } else { + ret = krb5_make_principal(context, &principal, + client_realm, KRB5_TGS_NAME, client_realm, + NULL); + if (ret) + return ret; + } + /* - * Increase counter when we want other pre-auth types then - * KRB5_PA_ENC_TIMESTAMP. + * This is for Windows RODC that are picky about what name type + * the server principal have, and the really strange part is that + * they are picky about the AS-REQ name type and not the TGS-REQ + * later. Oh well. */ -#define MAX_PA_COUNTER 3 - ctx->pa_counter = 0; - while (ctx->pa_counter < MAX_PA_COUNTER) { + if (krb5_principal_is_krbtgt(context, principal)) + krb5_principal_set_type(context, principal, KRB5_NT_SRV_INST); - ctx->pa_counter++; + krb5_free_principal(context, ctx->cred.server); + ctx->cred.server = principal; - if (ctx->as_req.padata) { - free_METHOD_DATA(ctx->as_req.padata); - free(ctx->as_req.padata); - ctx->as_req.padata = NULL; + return 0; +} + +/** + * Sets the password that will use for the request. + * + * @param context a Kerberos 5 context. + * @param ctx ctx krb5_init_creds_context context. + * @param password the password to use. + * + * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). + * @ingroup krb5_credential + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_set_password(krb5_context context, + krb5_init_creds_context ctx, + const char *password) +{ + if (ctx->password) { + memset(ctx->password, 0, strlen(ctx->password)); + free(ctx->password); + } + if (password) { + ctx->password = strdup(password); + if (ctx->password == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; } + ctx->keyseed = (void *) ctx->password; + } else { + ctx->keyseed = NULL; + ctx->password = NULL; + } - /* Set a new nonce. */ - ctx->as_req.req_body.nonce = ctx->nonce; + return 0; +} - /* fill_in_md_data */ - ret = process_pa_data_to_md(context, creds, &ctx->as_req, ctx, - &md, &ctx->as_req.padata, - prompter, prompter_data); - if (ret) - goto out; +static krb5_error_code KRB5_CALLCONV +keytab_key_proc(krb5_context context, krb5_enctype enctype, + krb5_const_pointer keyseed, + krb5_salt salt, krb5_data *s2kparms, + krb5_keyblock **key) +{ + krb5_keytab_key_proc_args *args = rk_UNCONST(keyseed); + krb5_keytab keytab = args->keytab; + krb5_principal principal = args->principal; + krb5_error_code ret; + krb5_keytab real_keytab; + krb5_keytab_entry entry; - krb5_data_free(&ctx->req_buffer); + if(keytab == NULL) + krb5_kt_default(context, &real_keytab); + else + real_keytab = keytab; - ASN1_MALLOC_ENCODE(AS_REQ, - ctx->req_buffer.data, ctx->req_buffer.length, - &ctx->as_req, &len, ret); - if (ret) - goto out; - if(len != ctx->req_buffer.length) - krb5_abortx(context, "internal error in ASN.1 encoder"); + ret = krb5_kt_get_entry (context, real_keytab, principal, + 0, enctype, &entry); - ret = krb5_sendto_context (context, stctx, &ctx->req_buffer, - creds->client->realm, &resp); - if (ret) - goto out; + if (keytab == NULL) + krb5_kt_close (context, real_keytab); - memset (&rep, 0, sizeof(rep)); - ret = decode_AS_REP(resp.data, resp.length, &rep.kdc_rep, &size); + if (ret) + return ret; + + ret = krb5_copy_keyblock (context, &entry.keyblock, key); + krb5_kt_free_entry(context, &entry); + return ret; +} + + +/** + * Set the keytab to use for authentication. + * + * @param context a Kerberos 5 context. + * @param ctx ctx krb5_init_creds_context context. + * @param keytab the keytab to read the key from. + * + * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). + * @ingroup krb5_credential + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_set_keytab(krb5_context context, + krb5_init_creds_context ctx, + krb5_keytab keytab) +{ + krb5_keytab_key_proc_args *a; + krb5_keytab_entry entry; + krb5_kt_cursor cursor; + krb5_enctype *etypes = NULL; + krb5_error_code ret; + size_t netypes = 0; + int kvno = 0; + + a = malloc(sizeof(*a)); + if (a == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + + a->principal = ctx->cred.client; + a->keytab = keytab; + + ctx->keytab_data = a; + ctx->keyseed = (void *)a; + ctx->keyproc = keytab_key_proc; + + /* + * We need to the KDC what enctypes we support for this keytab, + * esp if the keytab is really a password based entry, then the + * KDC might have more enctypes in the database then what we have + * in the keytab. + */ + + ret = krb5_kt_start_seq_get(context, keytab, &cursor); + if(ret) + goto out; + + while(krb5_kt_next_entry(context, keytab, &entry, &cursor) == 0){ + void *ptr; + + if (!krb5_principal_compare(context, entry.principal, ctx->cred.client)) + goto next; + + /* check if we ahve this kvno already */ + if (entry.vno > kvno) { + /* remove old list of etype */ + if (etypes) + free(etypes); + etypes = NULL; + netypes = 0; + kvno = entry.vno; + } else if (entry.vno != kvno) + goto next; + + /* check if enctype is supported */ + if (krb5_enctype_valid(context, entry.keyblock.keytype) != 0) + goto next; + + /* add enctype to supported list */ + ptr = realloc(etypes, sizeof(etypes[0]) * (netypes + 2)); + if (ptr == NULL) + goto next; + + etypes = ptr; + etypes[netypes] = entry.keyblock.keytype; + etypes[netypes + 1] = ETYPE_NULL; + netypes++; + next: + krb5_kt_free_entry(context, &entry); + } + krb5_kt_end_seq_get(context, keytab, &cursor); + + if (etypes) { + if (ctx->etypes) + free(ctx->etypes); + ctx->etypes = etypes; + } + + out: + return 0; +} + +static krb5_error_code KRB5_CALLCONV +keyblock_key_proc(krb5_context context, krb5_enctype enctype, + krb5_const_pointer keyseed, + krb5_salt salt, krb5_data *s2kparms, + krb5_keyblock **key) +{ + return krb5_copy_keyblock (context, keyseed, key); +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_set_keyblock(krb5_context context, + krb5_init_creds_context ctx, + krb5_keyblock *keyblock) +{ + ctx->keyseed = (void *)keyblock; + ctx->keyproc = keyblock_key_proc; + + return 0; +} + +/** + * The core loop if krb5_get_init_creds() function family. Create the + * packets and have the caller send them off to the KDC. + * + * If the caller want all work been done for them, use + * krb5_init_creds_get() instead. + * + * @param context a Kerberos 5 context. + * @param ctx ctx krb5_init_creds_context context. + * @param in input data from KDC, first round it should be reset by krb5_data_zer(). + * @param out reply to KDC. + * @param hostinfo KDC address info, first round it can be NULL. + * @param flags status of the round, if + * KRB5_INIT_CREDS_STEP_FLAG_CONTINUE is set, continue one more round. + * + * @return 0 for success, or an Kerberos 5 error code, see + * krb5_get_error_message(). + * + * @ingroup krb5_credential + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_step(krb5_context context, + krb5_init_creds_context ctx, + krb5_data *in, + krb5_data *out, + krb5_krbhst_info *hostinfo, + unsigned int *flags) +{ + krb5_error_code ret; + size_t len = 0; + size_t size; + + krb5_data_zero(out); + + if (ctx->as_req.req_body.cname == NULL) { + ret = init_as_req(context, ctx->flags, &ctx->cred, + ctx->addrs, ctx->etypes, &ctx->as_req); + if (ret) { + free_init_creds_ctx(context, ctx); + return ret; + } + } + +#define MAX_PA_COUNTER 10 + if (ctx->pa_counter > MAX_PA_COUNTER) { + krb5_set_error_message(context, KRB5_GET_IN_TKT_LOOP, + N_("Looping %d times while getting " + "initial credentials", ""), + ctx->pa_counter); + return KRB5_GET_IN_TKT_LOOP; + } + ctx->pa_counter++; + + _krb5_debug(context, 5, "krb5_get_init_creds: loop %d", ctx->pa_counter); + + /* Lets process the input packet */ + if (in && in->length) { + krb5_kdc_rep rep; + + memset(&rep, 0, sizeof(rep)); + + _krb5_debug(context, 5, "krb5_get_init_creds: processing input"); + + ret = decode_AS_REP(in->data, in->length, &rep.kdc_rep, &size); if (ret == 0) { - krb5_data_free(&resp); - krb5_clear_error_string(context); - break; + krb5_keyblock *key = NULL; + unsigned eflags = EXTRACT_TICKET_AS_REQ | EXTRACT_TICKET_TIMESYNC; + + if (ctx->flags.canonicalize) { + eflags |= EXTRACT_TICKET_ALLOW_SERVER_MISMATCH; + eflags |= EXTRACT_TICKET_MATCH_REALM; + } + if (ctx->ic_flags & KRB5_INIT_CREDS_NO_C_CANON_CHECK) + eflags |= EXTRACT_TICKET_ALLOW_CNAME_MISMATCH; + + ret = process_pa_data_to_key(context, ctx, &ctx->cred, + &ctx->as_req, &rep.kdc_rep, hostinfo, &key); + if (ret) { + free_AS_REP(&rep.kdc_rep); + goto out; + } + + _krb5_debug(context, 5, "krb5_get_init_creds: extracting ticket"); + + ret = _krb5_extract_ticket(context, + &rep, + &ctx->cred, + key, + NULL, + KRB5_KU_AS_REP_ENC_PART, + NULL, + ctx->nonce, + eflags, + NULL, + NULL); + krb5_free_keyblock(context, key); + + *flags = 0; + + if (ret == 0) + ret = copy_EncKDCRepPart(&rep.enc_part, &ctx->enc_part); + + free_AS_REP(&rep.kdc_rep); + free_EncASRepPart(&rep.enc_part); + + return ret; + } else { /* let's try to parse it as a KRB-ERROR */ - KRB_ERROR error; - ret = krb5_rd_error(context, &resp, &error); - if(ret && resp.data && ((char*)resp.data)[0] == 4) + _krb5_debug(context, 5, "krb5_get_init_creds: got an error"); + + free_KRB_ERROR(&ctx->error); + + ret = krb5_rd_error(context, in, &ctx->error); + if(ret && in->length && ((char*)in->data)[0] == 4) ret = KRB5KRB_AP_ERR_V4_REPLY; - krb5_data_free(&resp); - if (ret) + if (ret) { + _krb5_debug(context, 5, "krb5_get_init_creds: failed to read error"); goto out; + } - ret = krb5_error_from_rd_error(context, &error, creds); + ret = krb5_error_from_rd_error(context, &ctx->error, &ctx->cred); + + _krb5_debug(context, 5, "krb5_get_init_creds: KRB-ERROR %d", ret); /* * If no preauth was set and KDC requires it, give it one @@ -1316,223 +1751,212 @@ init_cred_loop(krb5_context context, */ if (ret == KRB5KDC_ERR_PREAUTH_REQUIRED) { - free_METHOD_DATA(&md); - memset(&md, 0, sizeof(md)); - if (error.e_data) { - ret = decode_METHOD_DATA(error.e_data->data, - error.e_data->length, - &md, + free_METHOD_DATA(&ctx->md); + memset(&ctx->md, 0, sizeof(ctx->md)); + + if (ctx->error.e_data) { + ret = decode_METHOD_DATA(ctx->error.e_data->data, + ctx->error.e_data->length, + &ctx->md, NULL); if (ret) - krb5_set_error_string(context, - "failed to decode METHOD DATA"); + krb5_set_error_message(context, ret, + N_("Failed to decode METHOD-DATA", "")); } else { - /* XXX guess what the server want here add add md */ + krb5_set_error_message(context, ret, + N_("Preauth required but no preauth " + "options send by KDC", "")); } - krb5_free_error_contents(context, &error); - if (ret) + } else if (ret == KRB5KRB_AP_ERR_SKEW && context->kdc_sec_offset == 0) { + /* + * Try adapt to timeskrew when we are using pre-auth, and + * if there was a time skew, try again. + */ + krb5_set_real_time(context, ctx->error.stime, -1); + if (context->kdc_sec_offset) + ret = 0; + + _krb5_debug(context, 10, "init_creds: err skew updateing kdc offset to %d", + context->kdc_sec_offset); + + ctx->used_pa_types = 0; + + } else if (ret == KRB5_KDC_ERR_WRONG_REALM && ctx->flags.canonicalize) { + /* client referal to a new realm */ + + if (ctx->error.crealm == NULL) { + krb5_set_error_message(context, ret, + N_("Got a client referral, not but no realm", "")); goto out; - } else { - _krb5_get_init_creds_opt_set_krb5_error(context, - init_cred_opts, - &error); - if (ret_as_reply) - rep.error = error; - else - krb5_free_error_contents(context, &error); - goto out; + } + _krb5_debug(context, 5, + "krb5_get_init_creds: got referal to realm %s", + *ctx->error.crealm); + + ret = krb5_principal_set_realm(context, + ctx->cred.client, + *ctx->error.crealm); + + ctx->used_pa_types = 0; } + if (ret) + goto out; } } - { - krb5_keyblock *key = NULL; - unsigned flags = 0; - - if (ctx->flags.request_anonymous) - flags |= EXTRACT_TICKET_ALLOW_SERVER_MISMATCH; - if (ctx->flags.canonicalize) { - flags |= EXTRACT_TICKET_ALLOW_CNAME_MISMATCH; - flags |= EXTRACT_TICKET_ALLOW_SERVER_MISMATCH; - flags |= EXTRACT_TICKET_MATCH_REALM; - } - - ret = process_pa_data_to_key(context, ctx, creds, - &ctx->as_req, &rep, hi, &key); - if (ret) - goto out; - - ret = _krb5_extract_ticket(context, - &rep, - creds, - key, - NULL, - KRB5_KU_AS_REP_ENC_PART, - NULL, - ctx->nonce, - flags, - NULL, - NULL); - krb5_free_keyblock(context, key); + if (ctx->as_req.padata) { + free_METHOD_DATA(ctx->as_req.padata); + free(ctx->as_req.padata); + ctx->as_req.padata = NULL; } - /* - * Verify referral data - */ - if ((ctx->ic_flags & KRB5_INIT_CREDS_CANONICALIZE) && - (ctx->ic_flags & KRB5_INIT_CREDS_NO_C_CANON_CHECK) == 0) - { - PA_ClientCanonicalized canon; - krb5_crypto crypto; - krb5_data data; - PA_DATA *pa; - size_t len; - pa = find_pa_data(rep.kdc_rep.padata, KRB5_PADATA_CLIENT_CANONICALIZED); - if (pa == NULL) { - ret = EINVAL; - krb5_set_error_string(context, "Client canonicalizion not signed"); - goto out; - } - - ret = decode_PA_ClientCanonicalized(pa->padata_value.data, - pa->padata_value.length, - &canon, &len); - if (ret) { - krb5_set_error_string(context, "Failed to decode " - "PA_ClientCanonicalized"); - goto out; - } + /* Set a new nonce. */ + ctx->as_req.req_body.nonce = ctx->nonce; - ASN1_MALLOC_ENCODE(PA_ClientCanonicalizedNames, data.data, data.length, - &canon.names, &len, ret); - if (ret) - goto out; - if (data.length != len) - krb5_abortx(context, "internal asn.1 error"); - - ret = krb5_crypto_init(context, &creds->session, 0, &crypto); - if (ret) { - free(data.data); - free_PA_ClientCanonicalized(&canon); - goto out; - } - - ret = krb5_verify_checksum(context, crypto, KRB5_KU_CANONICALIZED_NAMES, - data.data, data.length, - &canon.canon_checksum); - krb5_crypto_destroy(context, crypto); - free(data.data); - free_PA_ClientCanonicalized(&canon); - if (ret) { - krb5_set_error_string(context, "Failed to verify " - "client canonicalized data"); - goto out; - } - } -out: - if (stctx) - krb5_sendto_ctx_free(context, stctx); - krb5_data_free(&ctx->req_buffer); - free_METHOD_DATA(&md); - memset(&md, 0, sizeof(md)); - - if (ret == 0 && ret_as_reply) - *ret_as_reply = rep; - else - krb5_free_kdc_rep (context, &rep); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds(krb5_context context, - krb5_creds *creds, - krb5_principal client, - krb5_prompter_fct prompter, - void *data, - krb5_deltat start_time, - const char *in_tkt_service, - krb5_get_init_creds_opt *options) -{ - krb5_get_init_creds_ctx ctx; - krb5_kdc_rep kdc_reply; - krb5_error_code ret; - char buf[BUFSIZ]; - int done; - - memset(&kdc_reply, 0, sizeof(kdc_reply)); - - ret = get_init_creds_common(context, client, start_time, - in_tkt_service, options, &ctx); + /* fill_in_md_data */ + ret = process_pa_data_to_md(context, &ctx->cred, &ctx->as_req, ctx, + &ctx->md, &ctx->as_req.padata, + ctx->prompter, ctx->prompter_data); if (ret) goto out; - done = 0; - while(!done) { - memset(&kdc_reply, 0, sizeof(kdc_reply)); + krb5_data_free(&ctx->req_buffer); - ret = init_cred_loop(context, - options, - prompter, - data, - &ctx, - &ctx.cred, - &kdc_reply); - - switch (ret) { - case 0 : - done = 1; - break; - case KRB5KDC_ERR_KEY_EXPIRED : - /* try to avoid recursion */ + ASN1_MALLOC_ENCODE(AS_REQ, + ctx->req_buffer.data, ctx->req_buffer.length, + &ctx->as_req, &len, ret); + if (ret) + goto out; + if(len != ctx->req_buffer.length) + krb5_abortx(context, "internal error in ASN.1 encoder"); - /* don't try to change password where then where none */ - if (prompter == NULL || ctx.password == NULL) - goto out; + out->data = ctx->req_buffer.data; + out->length = ctx->req_buffer.length; - krb5_clear_error_string (context); - - if (ctx.in_tkt_service != NULL - && strcmp (ctx.in_tkt_service, "kadmin/changepw") == 0) - goto out; - - ret = change_password (context, - client, - ctx.password, - buf, - sizeof(buf), - prompter, - data, - options); - if (ret) - goto out; - ctx.password = buf; - break; - default: - goto out; - } - } - - if (prompter) - print_expire (context, - krb5_principal_get_realm (context, ctx.cred.client), - &kdc_reply, - prompter, - data); + *flags = KRB5_INIT_CREDS_STEP_FLAG_CONTINUE; + return 0; out: - memset (buf, 0, sizeof(buf)); - free_init_creds_ctx(context, &ctx); - krb5_free_kdc_rep (context, &kdc_reply); - if (ret == 0) - *creds = ctx.cred; - else - krb5_free_cred_contents (context, &ctx.cred); + return ret; +} + +/** + * Extract the newly acquired credentials from krb5_init_creds_context + * context. + * + * @param context A Kerberos 5 context. + * @param ctx + * @param cred credentials, free with krb5_free_cred_contents(). + * + * @return 0 for sucess or An Kerberos error code, see krb5_get_error_message(). + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_get_creds(krb5_context context, + krb5_init_creds_context ctx, + krb5_creds *cred) +{ + return krb5_copy_creds_contents(context, &ctx->cred, cred); +} + +/** + * Get the last error from the transaction. + * + * @return Returns 0 or an error code + * + * @ingroup krb5_credential + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_get_error(krb5_context context, + krb5_init_creds_context ctx, + KRB_ERROR *error) +{ + krb5_error_code ret; + + ret = copy_KRB_ERROR(&ctx->error, error); + if (ret) + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Free the krb5_init_creds_context allocated by krb5_init_creds_init(). + * + * @param context A Kerberos 5 context. + * @param ctx The krb5_init_creds_context to free. + * + * @ingroup krb5_credential + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_init_creds_free(krb5_context context, + krb5_init_creds_context ctx) +{ + free_init_creds_ctx(context, ctx); + free(ctx); +} + +/** + * Get new credentials as setup by the krb5_init_creds_context. + * + * @param context A Kerberos 5 context. + * @param ctx The krb5_init_creds_context to process. + * + * @ingroup krb5_credential + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_get(krb5_context context, krb5_init_creds_context ctx) +{ + krb5_sendto_ctx stctx = NULL; + krb5_krbhst_info *hostinfo = NULL; + krb5_error_code ret; + krb5_data in, out; + unsigned int flags = 0; + + krb5_data_zero(&in); + krb5_data_zero(&out); + + ret = krb5_sendto_ctx_alloc(context, &stctx); + if (ret) + goto out; + krb5_sendto_ctx_set_func(stctx, _krb5_kdc_retry, NULL); + + while (1) { + flags = 0; + ret = krb5_init_creds_step(context, ctx, &in, &out, hostinfo, &flags); + krb5_data_free(&in); + if (ret) + goto out; + + if ((flags & 1) == 0) + break; + + ret = krb5_sendto_context (context, stctx, &out, + ctx->cred.client->realm, &in); + if (ret) + goto out; + + } + + out: + if (stctx) + krb5_sendto_ctx_free(context, stctx); + + return ret; +} + +/** + * Get new credentials using password. + * + * @ingroup krb5_credential + */ + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_password(krb5_context context, krb5_creds *creds, krb5_principal client, @@ -1541,29 +1965,23 @@ krb5_get_init_creds_password(krb5_context context, void *data, krb5_deltat start_time, const char *in_tkt_service, - krb5_get_init_creds_opt *in_options) + krb5_get_init_creds_opt *options) { - krb5_get_init_creds_opt *options; + krb5_init_creds_context ctx; char buf[BUFSIZ]; krb5_error_code ret; + int chpw = 0; - if (in_options == NULL) { - const char *realm = krb5_principal_get_realm(context, client); - ret = krb5_get_init_creds_opt_alloc(context, &options); - if (ret == 0) - krb5_get_init_creds_opt_set_default_flags(context, - NULL, - realm, - options); - } else - ret = _krb5_get_init_creds_opt_copy(context, in_options, &options); + again: + ret = krb5_init_creds_init(context, client, prompter, data, start_time, options, &ctx); if (ret) - return ret; + goto out; - if (password == NULL && - options->opt_private->password == NULL && - options->opt_private->pk_init_ctx == NULL) - { + ret = krb5_init_creds_set_service(context, ctx, in_tkt_service); + if (ret) + goto out; + + if (prompter != NULL && ctx->password == NULL && password == NULL) { krb5_prompt prompt; krb5_data password_data; char *p, *q; @@ -1582,42 +2000,69 @@ krb5_get_init_creds_password(krb5_context context, free (q); if (ret) { memset (buf, 0, sizeof(buf)); - krb5_get_init_creds_opt_free(context, options); ret = KRB5_LIBOS_PWDINTR; - krb5_clear_error_string (context); - return ret; + krb5_clear_error_message (context); + goto out; } password = password_data.data; } - if (options->opt_private->password == NULL) { - ret = krb5_get_init_creds_opt_set_pa_password(context, options, - password, NULL); - if (ret) { - krb5_get_init_creds_opt_free(context, options); - memset(buf, 0, sizeof(buf)); - return ret; - } + if (password) { + ret = krb5_init_creds_set_password(context, ctx, password); + if (ret) + goto out; } - ret = krb5_get_init_creds(context, creds, client, prompter, - data, start_time, in_tkt_service, options); - krb5_get_init_creds_opt_free(context, options); + ret = krb5_init_creds_get(context, ctx); + + if (ret == 0) + process_last_request(context, options, ctx); + + + if (ret == KRB5KDC_ERR_KEY_EXPIRED && chpw == 0) { + char buf2[1024]; + + /* try to avoid recursion */ + if (in_tkt_service != NULL && strcmp(in_tkt_service, "kadmin/changepw") == 0) + goto out; + + /* don't try to change password where then where none */ + if (prompter == NULL) + goto out; + + ret = change_password (context, + client, + ctx->password, + buf2, + sizeof(buf), + prompter, + data, + options); + if (ret) + goto out; + chpw = 1; + krb5_init_creds_free(context, ctx); + goto again; + } + + out: + if (ret == 0) + krb5_init_creds_get_creds(context, ctx, creds); + + if (ctx) + krb5_init_creds_free(context, ctx); + memset(buf, 0, sizeof(buf)); return ret; } -static krb5_error_code -init_creds_keyblock_key_proc (krb5_context context, - krb5_enctype type, - krb5_salt salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - return krb5_copy_keyblock (context, keyseed, key); -} +/** + * Get new credentials using keyblock. + * + * @ingroup krb5_credential + */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_keyblock(krb5_context context, krb5_creds *creds, krb5_principal client, @@ -1626,33 +2071,80 @@ krb5_get_init_creds_keyblock(krb5_context context, const char *in_tkt_service, krb5_get_init_creds_opt *options) { - struct krb5_get_init_creds_ctx ctx; + krb5_init_creds_context ctx; krb5_error_code ret; - - ret = get_init_creds_common(context, client, start_time, - in_tkt_service, options, &ctx); + + memset(creds, 0, sizeof(*creds)); + + ret = krb5_init_creds_init(context, client, NULL, NULL, start_time, options, &ctx); if (ret) goto out; - ret = krb5_get_in_cred (context, - KDCOptions2int(ctx.flags), - ctx.addrs, - ctx.etypes, - ctx.pre_auth_types, - NULL, - init_creds_keyblock_key_proc, - keyblock, - NULL, - NULL, - &ctx.cred, - NULL); + ret = krb5_init_creds_set_service(context, ctx, in_tkt_service); + if (ret) + goto out; - if (ret == 0 && creds) - *creds = ctx.cred; - else - krb5_free_cred_contents (context, &ctx.cred); + ret = krb5_init_creds_set_keyblock(context, ctx, keyblock); + if (ret) + goto out; + + ret = krb5_init_creds_get(context, ctx); + + if (ret == 0) + process_last_request(context, options, ctx); out: - free_init_creds_ctx(context, &ctx); + if (ret == 0) + krb5_init_creds_get_creds(context, ctx, creds); + + if (ctx) + krb5_init_creds_free(context, ctx); + + return ret; +} + +/** + * Get new credentials using keytab. + * + * @ingroup krb5_credential + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_init_creds_keytab(krb5_context context, + krb5_creds *creds, + krb5_principal client, + krb5_keytab keytab, + krb5_deltat start_time, + const char *in_tkt_service, + krb5_get_init_creds_opt *options) +{ + krb5_init_creds_context ctx; + krb5_error_code ret; + + memset(creds, 0, sizeof(*creds)); + + ret = krb5_init_creds_init(context, client, NULL, NULL, start_time, options, &ctx); + if (ret) + goto out; + + ret = krb5_init_creds_set_service(context, ctx, in_tkt_service); + if (ret) + goto out; + + ret = krb5_init_creds_set_keytab(context, ctx, keytab); + if (ret) + goto out; + + ret = krb5_init_creds_get(context, ctx); + if (ret == 0) + process_last_request(context, options, ctx); + + out: + if (ret == 0) + krb5_init_creds_get_creds(context, ctx, creds); + + if (ctx) + krb5_init_creds_free(context, ctx); + return ret; } diff --git a/lib/krb5/k524_err.et b/lib/krb5/k524_err.et index 0ca25f74d474..4827b397af02 100644 --- a/lib/krb5/k524_err.et +++ b/lib/krb5/k524_err.et @@ -3,7 +3,7 @@ # # This might look like a com_err file, but is not # -id "$Id: k524_err.et 10141 2001-06-20 02:45:58Z joda $" +id "$Id$" error_table k524 diff --git a/lib/krb5/kcm.c b/lib/krb5/kcm.c index 8afaa6ea80a1..5a28b5138b5f 100644 --- a/lib/krb5/kcm.c +++ b/lib/krb5/kcm.c @@ -2,6 +2,8 @@ * Copyright (c) 2005, PADL Software Pty Ltd. * All rights reserved. * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -37,130 +39,68 @@ * Client library for Kerberos Credentials Manager (KCM) daemon */ -#ifdef HAVE_SYS_UN_H -#include -#endif - #include "kcm.h" +#include -RCSID("$Id: kcm.c 22108 2007-12-03 17:23:53Z lha $"); +static krb5_error_code +kcm_set_kdc_offset(krb5_context, krb5_ccache, krb5_deltat); + +static const char *kcm_ipc_name = "ANY:org.h5l.kcm"; typedef struct krb5_kcmcache { char *name; - struct sockaddr_un path; - char *door_path; } krb5_kcmcache; +typedef struct krb5_kcm_cursor { + unsigned long offset; + unsigned long length; + kcmuuid_t *uuids; +} *krb5_kcm_cursor; + + #define KCMCACHE(X) ((krb5_kcmcache *)(X)->data.data) #define CACHENAME(X) (KCMCACHE(X)->name) -#define KCMCURSOR(C) (*(uint32_t *)(C)) +#define KCMCURSOR(C) ((krb5_kcm_cursor)(C)) -static krb5_error_code -try_door(krb5_context context, const krb5_kcmcache *k, - krb5_data *request_data, - krb5_data *response_data) -{ -#ifdef HAVE_DOOR_CREATE - door_arg_t arg; - int fd; - int ret; +static HEIMDAL_MUTEX kcm_mutex = HEIMDAL_MUTEX_INITIALIZER; +static heim_ipc kcm_ipc = NULL; - memset(&arg, 0, sizeof(arg)); - - fd = open(k->door_path, O_RDWR); - if (fd < 0) - return KRB5_CC_IO; - - arg.data_ptr = request_data->data; - arg.data_size = request_data->length; - arg.desc_ptr = NULL; - arg.desc_num = 0; - arg.rbuf = NULL; - arg.rsize = 0; - - ret = door_call(fd, &arg); - close(fd); - if (ret != 0) - return KRB5_CC_IO; - - ret = krb5_data_copy(response_data, arg.rbuf, arg.rsize); - munmap(arg.rbuf, arg.rsize); - if (ret) - return ret; - - return 0; -#else - return KRB5_CC_IO; -#endif -} - -static krb5_error_code -try_unix_socket(krb5_context context, const krb5_kcmcache *k, - krb5_data *request_data, - krb5_data *response_data) -{ - krb5_error_code ret; - int fd; - - fd = socket(AF_UNIX, SOCK_STREAM, 0); - if (fd < 0) - return KRB5_CC_IO; - - if (connect(fd, rk_UNCONST(&k->path), sizeof(k->path)) != 0) { - close(fd); - return KRB5_CC_IO; - } - - ret = _krb5_send_and_recv_tcp(fd, context->kdc_timeout, - request_data, response_data); - close(fd); - return ret; -} - static krb5_error_code kcm_send_request(krb5_context context, - krb5_kcmcache *k, krb5_storage *request, krb5_data *response_data) { - krb5_error_code ret; + krb5_error_code ret = 0; krb5_data request_data; - int i; - response_data->data = NULL; - response_data->length = 0; + HEIMDAL_MUTEX_lock(&kcm_mutex); + if (kcm_ipc == NULL) + ret = heim_ipc_init_context(kcm_ipc_name, &kcm_ipc); + HEIMDAL_MUTEX_unlock(&kcm_mutex); + if (ret) + return KRB5_CC_NOSUPP; ret = krb5_storage_to_data(request, &request_data); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return KRB5_CC_NOMEM; } - ret = KRB5_CC_IO; - - for (i = 0; i < context->max_retries; i++) { - ret = try_door(context, k, &request_data, response_data); - if (ret == 0 && response_data->length != 0) - break; - ret = try_unix_socket(context, k, &request_data, response_data); - if (ret == 0 && response_data->length != 0) - break; - } - + ret = heim_ipc_call(kcm_ipc, &request_data, response_data, NULL); krb5_data_free(&request_data); if (ret) { - krb5_clear_error_string(context); - ret = KRB5_CC_IO; + krb5_clear_error_message(context); + ret = KRB5_CC_NOSUPP; } return ret; } -static krb5_error_code -kcm_storage_request(krb5_context context, - kcm_operation opcode, - krb5_storage **storage_p) +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_kcm_storage_request(krb5_context context, + uint16_t opcode, + krb5_storage **storage_p) { krb5_storage *sp; krb5_error_code ret; @@ -169,7 +109,7 @@ kcm_storage_request(krb5_context context, sp = krb5_storage_emem(); if (sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_CC_NOMEM, N_("malloc: out of memory", "")); return KRB5_CC_NOMEM; } @@ -187,22 +127,23 @@ kcm_storage_request(krb5_context context, *storage_p = sp; fail: if (ret) { - krb5_set_error_string(context, "Failed to encode request"); + krb5_set_error_message(context, ret, + N_("Failed to encode KCM request", "")); krb5_storage_free(sp); } - - return ret; + + return ret; } static krb5_error_code kcm_alloc(krb5_context context, const char *name, krb5_ccache *id) { krb5_kcmcache *k; - const char *path; k = malloc(sizeof(*k)); if (k == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); return KRB5_CC_NOMEM; } @@ -210,40 +151,24 @@ kcm_alloc(krb5_context context, const char *name, krb5_ccache *id) k->name = strdup(name); if (k->name == NULL) { free(k); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); return KRB5_CC_NOMEM; } } else k->name = NULL; - path = krb5_config_get_string_default(context, NULL, - _PATH_KCM_SOCKET, - "libdefaults", - "kcm_socket", - NULL); - - k->path.sun_family = AF_UNIX; - strlcpy(k->path.sun_path, path, sizeof(k->path.sun_path)); - - path = krb5_config_get_string_default(context, NULL, - _PATH_KCM_DOOR, - "libdefaults", - "kcm_door", - NULL); - k->door_path = strdup(path); - (*id)->data.data = k; (*id)->data.length = sizeof(*k); return 0; } -static krb5_error_code -kcm_call(krb5_context context, - krb5_kcmcache *k, - krb5_storage *request, - krb5_storage **response_p, - krb5_data *response_data_p) +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_kcm_call(krb5_context context, + krb5_storage *request, + krb5_storage **response_p, + krb5_data *response_data_p) { krb5_data response_data; krb5_error_code ret; @@ -253,10 +178,11 @@ kcm_call(krb5_context context, if (response_p != NULL) *response_p = NULL; - ret = kcm_send_request(context, k, request, &response_data); - if (ret) { + krb5_data_zero(&response_data); + + ret = kcm_send_request(context, request, &response_data); + if (ret) return ret; - } response = krb5_storage_from_data(&response_data); if (response == NULL) { @@ -298,13 +224,9 @@ kcm_free(krb5_context context, krb5_ccache *id) if (k != NULL) { if (k->name != NULL) free(k->name); - if (k->door_path) - free(k->door_path); memset(k, 0, sizeof(*k)); krb5_data_free(&(*id)->data); } - - *id = NULL; } static const char * @@ -340,13 +262,13 @@ kcm_gen_new(krb5_context context, krb5_ccache *id) k = KCMCACHE(*id); - ret = kcm_storage_request(context, KCM_OP_GEN_NEW, &request); + ret = krb5_kcm_storage_request(context, KCM_OP_GEN_NEW, &request); if (ret) { kcm_free(context, id); return ret; } - ret = kcm_call(context, k, request, &response, &response_data); + ret = krb5_kcm_call(context, request, &response, &response_data); if (ret) { krb5_storage_free(request); kcm_free(context, id); @@ -384,7 +306,7 @@ kcm_initialize(krb5_context context, krb5_kcmcache *k = KCMCACHE(id); krb5_storage *request; - ret = kcm_storage_request(context, KCM_OP_INITIALIZE, &request); + ret = krb5_kcm_storage_request(context, KCM_OP_INITIALIZE, &request); if (ret) return ret; @@ -400,9 +322,13 @@ kcm_initialize(krb5_context context, return ret; } - ret = kcm_call(context, k, request, NULL, NULL); + ret = krb5_kcm_call(context, request, NULL, NULL); krb5_storage_free(request); + + if (context->kdc_sec_offset) + kcm_set_kdc_offset(context, id, context->kdc_sec_offset); + return ret; } @@ -429,7 +355,7 @@ kcm_destroy(krb5_context context, krb5_kcmcache *k = KCMCACHE(id); krb5_storage *request; - ret = kcm_storage_request(context, KCM_OP_DESTROY, &request); + ret = krb5_kcm_storage_request(context, KCM_OP_DESTROY, &request); if (ret) return ret; @@ -439,7 +365,7 @@ kcm_destroy(krb5_context context, return ret; } - ret = kcm_call(context, k, request, NULL, NULL); + ret = krb5_kcm_call(context, request, NULL, NULL); krb5_storage_free(request); return ret; @@ -462,7 +388,7 @@ kcm_store_cred(krb5_context context, krb5_kcmcache *k = KCMCACHE(id); krb5_storage *request; - ret = kcm_storage_request(context, KCM_OP_STORE, &request); + ret = krb5_kcm_storage_request(context, KCM_OP_STORE, &request); if (ret) return ret; @@ -478,12 +404,13 @@ kcm_store_cred(krb5_context context, return ret; } - ret = kcm_call(context, k, request, NULL, NULL); + ret = krb5_kcm_call(context, request, NULL, NULL); krb5_storage_free(request); return ret; } +#if 0 /* * Request: * NameZ @@ -506,7 +433,7 @@ kcm_retrieve(krb5_context context, krb5_storage *request, *response; krb5_data response_data; - ret = kcm_storage_request(context, KCM_OP_RETRIEVE, &request); + ret = krb5_kcm_storage_request(context, KCM_OP_RETRIEVE, &request); if (ret) return ret; @@ -528,7 +455,7 @@ kcm_retrieve(krb5_context context, return ret; } - ret = kcm_call(context, k, request, &response, &response_data); + ret = krb5_kcm_call(context, request, &response, &response_data); if (ret) { krb5_storage_free(request); return ret; @@ -544,6 +471,7 @@ kcm_retrieve(krb5_context context, return ret; } +#endif /* * Request: @@ -562,7 +490,7 @@ kcm_get_principal(krb5_context context, krb5_storage *request, *response; krb5_data response_data; - ret = kcm_storage_request(context, KCM_OP_GET_PRINCIPAL, &request); + ret = krb5_kcm_storage_request(context, KCM_OP_GET_PRINCIPAL, &request); if (ret) return ret; @@ -572,7 +500,7 @@ kcm_get_principal(krb5_context context, return ret; } - ret = kcm_call(context, k, request, &response, &response_data); + ret = krb5_kcm_call(context, request, &response, &response_data); if (ret) { krb5_storage_free(request); return ret; @@ -603,12 +531,12 @@ kcm_get_first (krb5_context context, krb5_cc_cursor *cursor) { krb5_error_code ret; + krb5_kcm_cursor c; krb5_kcmcache *k = KCMCACHE(id); krb5_storage *request, *response; krb5_data response_data; - int32_t tmp; - ret = kcm_storage_request(context, KCM_OP_GET_FIRST, &request); + ret = krb5_kcm_storage_request(context, KCM_OP_GET_CRED_UUID_LIST, &request); if (ret) return ret; @@ -618,28 +546,57 @@ kcm_get_first (krb5_context context, return ret; } - ret = kcm_call(context, k, request, &response, &response_data); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_ret_int32(response, &tmp); - if (ret || tmp < 0) - ret = KRB5_CC_IO; - + ret = krb5_kcm_call(context, request, &response, &response_data); krb5_storage_free(request); - krb5_storage_free(response); - krb5_data_free(&response_data); - if (ret) return ret; - *cursor = malloc(sizeof(tmp)); - if (*cursor == NULL) - return KRB5_CC_NOMEM; + c = calloc(1, sizeof(*c)); + if (c == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); + return ret; + } - KCMCURSOR(*cursor) = tmp; + while (1) { + ssize_t sret; + kcmuuid_t uuid; + void *ptr; + + sret = krb5_storage_read(response, &uuid, sizeof(uuid)); + if (sret == 0) { + ret = 0; + break; + } else if (sret != sizeof(uuid)) { + ret = EINVAL; + break; + } + + ptr = realloc(c->uuids, sizeof(c->uuids[0]) * (c->length + 1)); + if (ptr == NULL) { + free(c->uuids); + free(c); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + c->uuids = ptr; + + memcpy(&c->uuids[c->length], &uuid, sizeof(uuid)); + c->length += 1; + } + + krb5_storage_free(response); + krb5_data_free(&response_data); + + if (ret) { + free(c->uuids); + free(c); + return ret; + } + + *cursor = c; return 0; } @@ -660,10 +617,17 @@ kcm_get_next (krb5_context context, { krb5_error_code ret; krb5_kcmcache *k = KCMCACHE(id); + krb5_kcm_cursor c = KCMCURSOR(*cursor); krb5_storage *request, *response; krb5_data response_data; + ssize_t sret; - ret = kcm_storage_request(context, KCM_OP_GET_NEXT, &request); + again: + + if (c->offset >= c->length) + return KRB5_CC_END; + + ret = krb5_kcm_storage_request(context, KCM_OP_GET_CRED_BY_UUID, &request); if (ret) return ret; @@ -673,23 +637,26 @@ kcm_get_next (krb5_context context, return ret; } - ret = krb5_store_int32(request, KCMCURSOR(*cursor)); - if (ret) { + sret = krb5_storage_write(request, + &c->uuids[c->offset], + sizeof(c->uuids[c->offset])); + c->offset++; + if (sret != sizeof(c->uuids[c->offset])) { krb5_storage_free(request); - return ret; + krb5_clear_error_message(context); + return ENOMEM; } - ret = kcm_call(context, k, request, &response, &response_data); - if (ret) { - krb5_storage_free(request); - return ret; + ret = krb5_kcm_call(context, request, &response, &response_data); + krb5_storage_free(request); + if (ret == KRB5_CC_END) { + goto again; } ret = krb5_ret_creds(response, creds); if (ret) ret = KRB5_CC_IO; - krb5_storage_free(request); krb5_storage_free(response); krb5_data_free(&response_data); @@ -709,39 +676,14 @@ kcm_end_get (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor) { - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; + krb5_kcm_cursor c = KCMCURSOR(*cursor); - ret = kcm_storage_request(context, KCM_OP_END_GET, &request); - if (ret) - return ret; + free(c->uuids); + free(c); - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int32(request, KCMCURSOR(*cursor)); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); - if (ret) { - krb5_storage_free(request); - return ret; - } - - krb5_storage_free(request); - - KCMCURSOR(*cursor) = 0; - free(*cursor); *cursor = NULL; - return ret; + return 0; } /* @@ -763,7 +705,7 @@ kcm_remove_cred(krb5_context context, krb5_kcmcache *k = KCMCACHE(id); krb5_storage *request; - ret = kcm_storage_request(context, KCM_OP_REMOVE_CRED, &request); + ret = krb5_kcm_storage_request(context, KCM_OP_REMOVE_CRED, &request); if (ret) return ret; @@ -785,7 +727,7 @@ kcm_remove_cred(krb5_context context, return ret; } - ret = kcm_call(context, k, request, NULL, NULL); + ret = krb5_kcm_call(context, request, NULL, NULL); krb5_storage_free(request); return ret; @@ -800,7 +742,7 @@ kcm_set_flags(krb5_context context, krb5_kcmcache *k = KCMCACHE(id); krb5_storage *request; - ret = kcm_storage_request(context, KCM_OP_SET_FLAGS, &request); + ret = krb5_kcm_storage_request(context, KCM_OP_SET_FLAGS, &request); if (ret) return ret; @@ -816,32 +758,342 @@ kcm_set_flags(krb5_context context, return ret; } - ret = kcm_call(context, k, request, NULL, NULL); + ret = krb5_kcm_call(context, request, NULL, NULL); krb5_storage_free(request); return ret; } -static krb5_error_code +static int kcm_get_version(krb5_context context, krb5_ccache id) { return 0; } +/* + * Send nothing + * get back list of uuids + */ + static krb5_error_code -kcm_move(krb5_context context, krb5_ccache from, krb5_ccache to) +kcm_get_cache_first(krb5_context context, krb5_cc_cursor *cursor) { - krb5_set_error_string(context, "kcm_move not implemented"); - return EINVAL; + krb5_error_code ret; + krb5_kcm_cursor c; + krb5_storage *request, *response; + krb5_data response_data; + + *cursor = NULL; + + c = calloc(1, sizeof(*c)); + if (c == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); + goto out; + } + + ret = krb5_kcm_storage_request(context, KCM_OP_GET_CACHE_UUID_LIST, &request); + if (ret) + goto out; + + ret = krb5_kcm_call(context, request, &response, &response_data); + krb5_storage_free(request); + if (ret) + goto out; + + while (1) { + ssize_t sret; + kcmuuid_t uuid; + void *ptr; + + sret = krb5_storage_read(response, &uuid, sizeof(uuid)); + if (sret == 0) { + ret = 0; + break; + } else if (sret != sizeof(uuid)) { + ret = EINVAL; + goto out; + } + + ptr = realloc(c->uuids, sizeof(c->uuids[0]) * (c->length + 1)); + if (ptr == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); + goto out; + } + c->uuids = ptr; + + memcpy(&c->uuids[c->length], &uuid, sizeof(uuid)); + c->length += 1; + } + + krb5_storage_free(response); + krb5_data_free(&response_data); + + out: + if (ret && c) { + free(c->uuids); + free(c); + } else + *cursor = c; + + return ret; +} + +/* + * Send uuid + * Recv cache name + */ + +static krb5_error_code +kcm_get_cache_next(krb5_context context, krb5_cc_cursor cursor, const krb5_cc_ops *ops, krb5_ccache *id) +{ + krb5_error_code ret; + krb5_kcm_cursor c = KCMCURSOR(cursor); + krb5_storage *request, *response; + krb5_data response_data; + ssize_t sret; + char *name; + + *id = NULL; + + again: + + if (c->offset >= c->length) + return KRB5_CC_END; + + ret = krb5_kcm_storage_request(context, KCM_OP_GET_CACHE_BY_UUID, &request); + if (ret) + return ret; + + sret = krb5_storage_write(request, + &c->uuids[c->offset], + sizeof(c->uuids[c->offset])); + c->offset++; + if (sret != sizeof(c->uuids[c->offset])) { + krb5_storage_free(request); + krb5_clear_error_message(context); + return ENOMEM; + } + + ret = krb5_kcm_call(context, request, &response, &response_data); + krb5_storage_free(request); + if (ret == KRB5_CC_END) + goto again; + + ret = krb5_ret_stringz(response, &name); + krb5_storage_free(response); + krb5_data_free(&response_data); + + if (ret == 0) { + ret = _krb5_cc_allocate(context, ops, id); + if (ret == 0) + ret = kcm_alloc(context, name, id); + krb5_xfree(name); + } + + return ret; } static krb5_error_code -kcm_default_name(krb5_context context, char **str) +kcm_get_cache_next_kcm(krb5_context context, krb5_cc_cursor cursor, krb5_ccache *id) { - return _krb5_expand_default_cc_name(context, - KRB5_DEFAULT_CCNAME_KCM, - str); +#ifndef KCM_IS_API_CACHE + return kcm_get_cache_next(context, cursor, &krb5_kcm_ops, id); +#else + return KRB5_CC_END; +#endif +} + +static krb5_error_code +kcm_get_cache_next_api(krb5_context context, krb5_cc_cursor cursor, krb5_ccache *id) +{ + return kcm_get_cache_next(context, cursor, &krb5_akcm_ops, id); +} + + +static krb5_error_code +kcm_end_cache_get(krb5_context context, krb5_cc_cursor cursor) +{ + krb5_kcm_cursor c = KCMCURSOR(cursor); + + free(c->uuids); + free(c); + return 0; +} + + +static krb5_error_code +kcm_move(krb5_context context, krb5_ccache from, krb5_ccache to) +{ + krb5_error_code ret; + krb5_kcmcache *oldk = KCMCACHE(from); + krb5_kcmcache *newk = KCMCACHE(to); + krb5_storage *request; + + ret = krb5_kcm_storage_request(context, KCM_OP_MOVE_CACHE, &request); + if (ret) + return ret; + + ret = krb5_store_stringz(request, oldk->name); + if (ret) { + krb5_storage_free(request); + return ret; + } + + ret = krb5_store_stringz(request, newk->name); + if (ret) { + krb5_storage_free(request); + return ret; + } + ret = krb5_kcm_call(context, request, NULL, NULL); + + krb5_storage_free(request); + return ret; +} + +static krb5_error_code +kcm_get_default_name(krb5_context context, const krb5_cc_ops *ops, + const char *defstr, char **str) +{ + krb5_error_code ret; + krb5_storage *request, *response; + krb5_data response_data; + char *name; + + *str = NULL; + + ret = krb5_kcm_storage_request(context, KCM_OP_GET_DEFAULT_CACHE, &request); + if (ret) + return ret; + + ret = krb5_kcm_call(context, request, &response, &response_data); + krb5_storage_free(request); + if (ret) + return _krb5_expand_default_cc_name(context, defstr, str); + + ret = krb5_ret_stringz(response, &name); + krb5_storage_free(response); + krb5_data_free(&response_data); + if (ret) + return ret; + + asprintf(str, "%s:%s", ops->prefix, name); + free(name); + if (str == NULL) + return ENOMEM; + + return 0; +} + +static krb5_error_code +kcm_get_default_name_api(krb5_context context, char **str) +{ + return kcm_get_default_name(context, &krb5_akcm_ops, + KRB5_DEFAULT_CCNAME_KCM_API, str); +} + +static krb5_error_code +kcm_get_default_name_kcm(krb5_context context, char **str) +{ + return kcm_get_default_name(context, &krb5_kcm_ops, + KRB5_DEFAULT_CCNAME_KCM_KCM, str); +} + +static krb5_error_code +kcm_set_default(krb5_context context, krb5_ccache id) +{ + krb5_error_code ret; + krb5_storage *request; + krb5_kcmcache *k = KCMCACHE(id); + + ret = krb5_kcm_storage_request(context, KCM_OP_SET_DEFAULT_CACHE, &request); + if (ret) + return ret; + + ret = krb5_store_stringz(request, k->name); + if (ret) { + krb5_storage_free(request); + return ret; + } + + ret = krb5_kcm_call(context, request, NULL, NULL); + krb5_storage_free(request); + + return ret; +} + +static krb5_error_code +kcm_lastchange(krb5_context context, krb5_ccache id, krb5_timestamp *mtime) +{ + *mtime = time(NULL); + return 0; +} + +static krb5_error_code +kcm_set_kdc_offset(krb5_context context, krb5_ccache id, krb5_deltat kdc_offset) +{ + krb5_kcmcache *k = KCMCACHE(id); + krb5_error_code ret; + krb5_storage *request; + + ret = krb5_kcm_storage_request(context, KCM_OP_SET_KDC_OFFSET, &request); + if (ret) + return ret; + + ret = krb5_store_stringz(request, k->name); + if (ret) { + krb5_storage_free(request); + return ret; + } + ret = krb5_store_int32(request, kdc_offset); + if (ret) { + krb5_storage_free(request); + return ret; + } + + ret = krb5_kcm_call(context, request, NULL, NULL); + krb5_storage_free(request); + + return ret; +} + +static krb5_error_code +kcm_get_kdc_offset(krb5_context context, krb5_ccache id, krb5_deltat *kdc_offset) +{ + krb5_kcmcache *k = KCMCACHE(id); + krb5_error_code ret; + krb5_storage *request, *response; + krb5_data response_data; + int32_t offset; + + ret = krb5_kcm_storage_request(context, KCM_OP_GET_KDC_OFFSET, &request); + if (ret) + return ret; + + ret = krb5_store_stringz(request, k->name); + if (ret) { + krb5_storage_free(request); + return ret; + } + + ret = krb5_kcm_call(context, request, &response, &response_data); + krb5_storage_free(request); + if (ret) + return ret; + + ret = krb5_ret_int32(response, &offset); + krb5_storage_free(response); + krb5_data_free(&response_data); + if (ret) + return ret; + + *kdc_offset = offset; + + return 0; } /** @@ -850,7 +1102,8 @@ kcm_default_name(krb5_context context, char **str) * @ingroup krb5_ccache */ -const krb5_cc_ops krb5_kcm_ops = { +KRB5_LIB_VARIABLE const krb5_cc_ops krb5_kcm_ops = { + KRB5_CC_OPS_VERSION, "KCM", kcm_get_name, kcm_resolve, @@ -859,7 +1112,7 @@ const krb5_cc_ops krb5_kcm_ops = { kcm_destroy, kcm_close, kcm_store_cred, - kcm_retrieve, + NULL /* kcm_retrieve */, kcm_get_principal, kcm_get_first, kcm_get_next, @@ -867,14 +1120,48 @@ const krb5_cc_ops krb5_kcm_ops = { kcm_remove_cred, kcm_set_flags, kcm_get_version, - NULL, - NULL, - NULL, + kcm_get_cache_first, + kcm_get_cache_next_kcm, + kcm_end_cache_get, kcm_move, - kcm_default_name + kcm_get_default_name_kcm, + kcm_set_default, + kcm_lastchange, + kcm_set_kdc_offset, + kcm_get_kdc_offset }; -krb5_boolean +KRB5_LIB_VARIABLE const krb5_cc_ops krb5_akcm_ops = { + KRB5_CC_OPS_VERSION, + "API", + kcm_get_name, + kcm_resolve, + kcm_gen_new, + kcm_initialize, + kcm_destroy, + kcm_close, + kcm_store_cred, + NULL /* kcm_retrieve */, + kcm_get_principal, + kcm_get_first, + kcm_get_next, + kcm_end_get, + kcm_remove_cred, + kcm_set_flags, + kcm_get_version, + kcm_get_cache_first, + kcm_get_cache_next_api, + kcm_end_cache_get, + kcm_move, + kcm_get_default_name_api, + kcm_set_default, + kcm_lastchange, + NULL, + NULL +}; + + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL _krb5_kcm_is_running(krb5_context context) { krb5_error_code ret; @@ -899,107 +1186,18 @@ _krb5_kcm_is_running(krb5_context context) * Response: * */ -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_kcm_noop(krb5_context context, krb5_ccache id) { krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); krb5_storage *request; - ret = kcm_storage_request(context, KCM_OP_NOOP, &request); + ret = krb5_kcm_storage_request(context, KCM_OP_NOOP, &request); if (ret) return ret; - ret = kcm_call(context, k, request, NULL, NULL); - - krb5_storage_free(request); - return ret; -} - - -/* - * Request: - * NameZ - * Mode - * - * Response: - * - */ -krb5_error_code -_krb5_kcm_chmod(krb5_context context, - krb5_ccache id, - uint16_t mode) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_CHMOD, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int16(request, mode); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); - - krb5_storage_free(request); - return ret; -} - - -/* - * Request: - * NameZ - * UID - * GID - * - * Response: - * - */ -krb5_error_code -_krb5_kcm_chown(krb5_context context, - krb5_ccache id, - uint32_t uid, - uint32_t gid) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_CHOWN, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int32(request, uid); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int32(request, gid); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); + ret = krb5_kcm_call(context, request, NULL, NULL); krb5_storage_free(request); return ret; @@ -1016,17 +1214,17 @@ _krb5_kcm_chown(krb5_context context, * Repsonse: * */ -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_kcm_get_initial_ticket(krb5_context context, krb5_ccache id, krb5_principal server, krb5_keyblock *key) { - krb5_error_code ret; krb5_kcmcache *k = KCMCACHE(id); + krb5_error_code ret; krb5_storage *request; - ret = kcm_storage_request(context, KCM_OP_GET_INITIAL_TICKET, &request); + ret = krb5_kcm_storage_request(context, KCM_OP_GET_INITIAL_TICKET, &request); if (ret) return ret; @@ -1056,7 +1254,7 @@ _krb5_kcm_get_initial_ticket(krb5_context context, return ret; } - ret = kcm_call(context, k, request, NULL, NULL); + ret = krb5_kcm_call(context, request, NULL, NULL); krb5_storage_free(request); return ret; @@ -1073,7 +1271,7 @@ _krb5_kcm_get_initial_ticket(krb5_context context, * Repsonse: * */ -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_kcm_get_ticket(krb5_context context, krb5_ccache id, krb5_kdc_flags flags, @@ -1084,7 +1282,7 @@ _krb5_kcm_get_ticket(krb5_context context, krb5_kcmcache *k = KCMCACHE(id); krb5_storage *request; - ret = kcm_storage_request(context, KCM_OP_GET_TICKET, &request); + ret = krb5_kcm_storage_request(context, KCM_OP_GET_TICKET, &request); if (ret) return ret; @@ -1112,11 +1310,10 @@ _krb5_kcm_get_ticket(krb5_context context, return ret; } - ret = kcm_call(context, k, request, NULL, NULL); + ret = krb5_kcm_call(context, request, NULL, NULL); krb5_storage_free(request); return ret; } - #endif /* HAVE_KCM */ diff --git a/lib/krb5/kcm.h b/lib/krb5/kcm.h index 10dfa440f1d7..27197fec3eda 100644 --- a/lib/krb5/kcm.h +++ b/lib/krb5/kcm.h @@ -2,6 +2,8 @@ * Copyright (c) 2005, PADL Software Pty Ltd. * All rights reserved. * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -37,9 +39,11 @@ * KCM protocol definitions */ -#define KCM_PROTOCOL_VERSION_MAJOR 1 +#define KCM_PROTOCOL_VERSION_MAJOR 2 #define KCM_PROTOCOL_VERSION_MINOR 0 +typedef unsigned char kcmuuid_t[16]; + typedef enum kcm_operation { KCM_OP_NOOP, KCM_OP_GET_NAME, @@ -50,20 +54,37 @@ typedef enum kcm_operation { KCM_OP_STORE, KCM_OP_RETRIEVE, KCM_OP_GET_PRINCIPAL, - KCM_OP_GET_FIRST, - KCM_OP_GET_NEXT, - KCM_OP_END_GET, + KCM_OP_GET_CRED_UUID_LIST, + KCM_OP_GET_CRED_BY_UUID, KCM_OP_REMOVE_CRED, KCM_OP_SET_FLAGS, KCM_OP_CHOWN, KCM_OP_CHMOD, KCM_OP_GET_INITIAL_TICKET, KCM_OP_GET_TICKET, + KCM_OP_MOVE_CACHE, + KCM_OP_GET_CACHE_UUID_LIST, + KCM_OP_GET_CACHE_BY_UUID, + KCM_OP_GET_DEFAULT_CACHE, + KCM_OP_SET_DEFAULT_CACHE, + KCM_OP_GET_KDC_OFFSET, + KCM_OP_SET_KDC_OFFSET, + /* NTLM operations */ + KCM_OP_ADD_NTLM_CRED, + KCM_OP_HAVE_NTLM_CRED, + KCM_OP_DEL_NTLM_CRED, + KCM_OP_DO_NTLM_AUTH, + KCM_OP_GET_NTLM_USER_LIST, KCM_OP_MAX } kcm_operation; #define _PATH_KCM_SOCKET "/var/run/.kcm_socket" #define _PATH_KCM_DOOR "/var/run/.kcm_door" +#define KCM_NTLM_FLAG_SESSIONKEY 1 +#define KCM_NTLM_FLAG_NTLM2_SESSION 2 +#define KCM_NTLM_FLAG_KEYEX 4 +#define KCM_NTLM_FLAG_AV_GUEST 8 + #endif /* __KCM_H__ */ diff --git a/lib/krb5/kerberos.8 b/lib/krb5/kerberos.8 index e45c947d10c8..94d49955180b 100644 --- a/lib/krb5/kerberos.8 +++ b/lib/krb5/kerberos.8 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2000 Kungliga Tekniska Högskolan +.\" Copyright (c) 2000 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: kerberos.8 16121 2005-10-03 14:24:36Z lha $ +.\" $Id$ .\" .Dd September 1, 2000 .Dt KERBEROS 8 diff --git a/lib/krb5/kerberos.cat8 b/lib/krb5/kerberos.cat8 new file mode 100644 index 000000000000..a6e1fa3fe370 --- /dev/null +++ b/lib/krb5/kerberos.cat8 @@ -0,0 +1,57 @@ + +KERBEROS(8) BSD System Manager's Manual KERBEROS(8) + +NNAAMMEE + kkeerrbbeerrooss -- introduction to the Kerberos system + +DDEESSCCRRIIPPTTIIOONN + Kerberos is a network authentication system. Its purpose is to securely + authenticate users and services in an insecure network environment. + + This is done with a Kerberos server acting as a trusted third party, + keeping a database with secret keys for all users and services (collec- + tively called _p_r_i_n_c_i_p_a_l_s). + + Each principal belongs to exactly one _r_e_a_l_m, which is the administrative + domain in Kerberos. A realm usually corresponds to an organisation, and + the realm should normally be derived from that organisation's domain + name. A realm is served by one or more Kerberos servers. + + The authentication process involves exchange of `tickets' and + `authenticators' which together prove the principal's identity. + + When you login to the Kerberos system, either through the normal system + login or with the kinit(1) program, you acquire a _t_i_c_k_e_t _g_r_a_n_t_i_n_g _t_i_c_k_e_t + which allows you to get new tickets for other services, such as tteellnneett or + ffttpp, without giving your password. + + For more information on how Kerberos works, and other general Kerberos + questions see the Kerberos FAQ at + _h_t_t_p_:_/_/_w_w_w_._n_r_l_._n_a_v_y_._m_i_l_/_C_C_S_/_p_e_o_p_l_e_/_k_e_n_h_/_k_e_r_b_e_r_o_s_-_f_a_q_._h_t_m_l. + + For setup instructions see the Heimdal Texinfo manual. + +SSEEEE AALLSSOO + ftp(1), kdestroy(1), kinit(1), klist(1), kpasswd(1), telnet(1) + +HHIISSTTOORRYY + The Kerberos authentication system was developed in the late 1980's as + part of the Athena Project at the Massachusetts Institute of Technology. + Versions one through three never reached outside MIT, but version 4 was + (and still is) quite popular, especially in the academic community, but + is also used in commercial products like the AFS filesystem. + + The problems with version 4 are that it has many limitations, the code + was not too well written (since it had been developed over a long time), + and it has a number of known security problems. To resolve many of these + issues work on version five started, and resulted in IETF RFC 1510 in + 1993. IETF RFC 1510 was obsoleted in 2005 with IETF RFC 4120, also known + as Kerberos clarifications. With the arrival of IETF RFC 4120, the work + on adding extensibility and internationalization have started (Kerberos + extensions), and a new RFC will hopefully appear soon. + + This manual page is part of the HHeeiimmddaall Kerberos 5 distribution, which + has been in development at the Royal Institute of Technology in Stock- + holm, Sweden, since about 1997. + +HEIMDAL September 1, 2000 HEIMDAL diff --git a/lib/krb5/keyblock.c b/lib/krb5/keyblock.c index ff4f972e57d7..9ba9c4b290da 100644 --- a/lib/krb5/keyblock.c +++ b/lib/krb5/keyblock.c @@ -1,48 +1,63 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: keyblock.c 15167 2005-05-18 04:21:57Z lha $"); +/** + * Zero out a keyblock + * + * @param keyblock keyblock to zero out + * + * @ingroup krb5_crypto + */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_keyblock_zero(krb5_keyblock *keyblock) { keyblock->keytype = 0; krb5_data_zero(&keyblock->keyvalue); } -void KRB5_LIB_FUNCTION +/** + * Free a keyblock's content, also zero out the content of the keyblock. + * + * @param context a Kerberos 5 context + * @param keyblock keyblock content to free, NULL is valid argument + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_keyblock_contents(krb5_context context, krb5_keyblock *keyblock) { @@ -54,7 +69,17 @@ krb5_free_keyblock_contents(krb5_context context, } } -void KRB5_LIB_FUNCTION +/** + * Free a keyblock, also zero out the content of the keyblock, uses + * krb5_free_keyblock_contents() to free the content. + * + * @param context a Kerberos 5 context + * @param keyblock keyblock to free, NULL is valid argument + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_keyblock(krb5_context context, krb5_keyblock *keyblock) { @@ -64,7 +89,20 @@ krb5_free_keyblock(krb5_context context, } } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Copy a keyblock, free the output keyblock with + * krb5_free_keyblock_contents(). + * + * @param context a Kerberos 5 context + * @param inblock the key to copy + * @param to the output key. + * + * @return 0 on success or a Kerberos 5 error code + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_keyblock_contents (krb5_context context, const krb5_keyblock *inblock, krb5_keyblock *to) @@ -72,34 +110,67 @@ krb5_copy_keyblock_contents (krb5_context context, return copy_EncryptionKey(inblock, to); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Copy a keyblock, free the output keyblock with + * krb5_free_keyblock(). + * + * @param context a Kerberos 5 context + * @param inblock the key to copy + * @param to the output key. + * + * @return 0 on success or a Kerberos 5 error code + * + * @ingroup krb5_crypto + */ + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_keyblock (krb5_context context, const krb5_keyblock *inblock, krb5_keyblock **to) { + krb5_error_code ret; krb5_keyblock *k; - k = malloc (sizeof(*k)); + *to = NULL; + + k = calloc (1, sizeof(*k)); if (k == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } + + ret = krb5_copy_keyblock_contents (context, inblock, k); + if (ret) { + free(k); + return ret; + } *to = k; - return krb5_copy_keyblock_contents (context, inblock, k); + return 0; } -krb5_enctype +/** + * Get encryption type of a keyblock. + * + * @ingroup krb5_crypto + */ + +KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL krb5_keyblock_get_enctype(const krb5_keyblock *block) { return block->keytype; } -/* +/** * Fill in `key' with key data of type `enctype' from `data' of length - * `size'. Key should be freed using krb5_free_keyblock_contents. + * `size'. Key should be freed using krb5_free_keyblock_contents(). + * + * @return 0 on success or a Kerberos 5 error code + * + * @ingroup krb5_crypto */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keyblock_init(krb5_context context, krb5_enctype type, const void *data, @@ -116,15 +187,15 @@ krb5_keyblock_init(krb5_context context, return ret; if (len != size) { - krb5_set_error_string(context, "Encryption key %d is %lu bytes " - "long, %lu was passed in", - type, (unsigned long)len, (unsigned long)size); + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "Encryption key %d is %lu bytes " + "long, %lu was passed in", + type, (unsigned long)len, (unsigned long)size); return KRB5_PROG_ETYPE_NOSUPP; } ret = krb5_data_copy(&key->keyvalue, data, len); if(ret) { - krb5_set_error_string(context, "malloc failed: %lu", - (unsigned long)len); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); return ret; } key->keytype = type; diff --git a/lib/krb5/keytab.c b/lib/krb5/keytab.c index f6c7858c12ec..8ca515f2133d 100644 --- a/lib/krb5/keytab.c +++ b/lib/krb5/keytab.c @@ -1,60 +1,161 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: keytab.c 20211 2007-02-09 07:11:03Z lha $"); +/** + * @page krb5_keytab_intro The keytab handing functions + * @section section_krb5_keytab Kerberos Keytabs + * + * See the library functions here: @ref krb5_keytab + * + * Keytabs are long term key storage for servers, their equvalment of + * password files. + * + * Normally the only function that useful for server are to specify + * what keytab to use to other core functions like krb5_rd_req() + * krb5_kt_resolve(), and krb5_kt_close(). + * + * @subsection krb5_keytab_names Keytab names + * + * A keytab name is on the form type:residual. The residual part is + * specific to each keytab-type. + * + * When a keytab-name is resolved, the type is matched with an internal + * list of keytab types. If there is no matching keytab type, + * the default keytab is used. The current default type is FILE. + * + * The default value can be changed in the configuration file + * /etc/krb5.conf by setting the variable + * [defaults]default_keytab_name. + * + * The keytab types that are implemented in Heimdal are: + * - file + * store the keytab in a file, the type's name is FILE . The + * residual part is a filename. For compatibility with other + * Kerberos implemtation WRFILE and JAVA14 is also accepted. WRFILE + * has the same format as FILE. JAVA14 have a format that is + * compatible with older versions of MIT kerberos and SUN's Java + * based installation. They store a truncted kvno, so when the knvo + * excess 255, they are truncted in this format. + * + * - keytab + * store the keytab in a AFS keyfile (usually /usr/afs/etc/KeyFile ), + * the type's name is AFSKEYFILE. The residual part is a filename. + * + * - memory + * The keytab is stored in a memory segment. This allows sensitive + * and/or temporary data not to be stored on disk. The type's name + * is MEMORY. Each MEMORY keytab is referenced counted by and + * opened by the residual name, so two handles can point to the + * same memory area. When the last user closes using krb5_kt_close() + * the keytab, the keys in they keytab is memset() to zero and freed + * and can no longer be looked up by name. + * + * + * @subsection krb5_keytab_example Keytab example + * + * This is a minimalistic version of ktutil. + * + * @code +int +main (int argc, char **argv) +{ + krb5_context context; + krb5_keytab keytab; + krb5_kt_cursor cursor; + krb5_keytab_entry entry; + krb5_error_code ret; + char *principal; -/* - * Register a new keytab in `ops' - * Return 0 or an error. + if (krb5_init_context (&context) != 0) + errx(1, "krb5_context"); + + ret = krb5_kt_default (context, &keytab); + if (ret) + krb5_err(context, 1, ret, "krb5_kt_default"); + + ret = krb5_kt_start_seq_get(context, keytab, &cursor); + if (ret) + krb5_err(context, 1, ret, "krb5_kt_start_seq_get"); + while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0){ + krb5_unparse_name(context, entry.principal, &principal); + printf("principal: %s\n", principal); + free(principal); + krb5_kt_free_entry(context, &entry); + } + ret = krb5_kt_end_seq_get(context, keytab, &cursor); + if (ret) + krb5_err(context, 1, ret, "krb5_kt_end_seq_get"); + ret = krb5_kt_close(context, keytab); + if (ret) + krb5_err(context, 1, ret, "krb5_kt_close"); + krb5_free_context(context); + return 0; +} + * @endcode + * */ -krb5_error_code KRB5_LIB_FUNCTION + +/** + * Register a new keytab backend. + * + * @param context a Keberos context. + * @param ops a backend to register. + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_register(krb5_context context, const krb5_kt_ops *ops) { struct krb5_keytab_data *tmp; if (strlen(ops->prefix) > KRB5_KT_PREFIX_MAX_LEN - 1) { - krb5_set_error_string(context, "krb5_kt_register; prefix too long"); + krb5_set_error_message(context, KRB5_KT_BADNAME, + N_("can't register cache type, prefix too long", "")); return KRB5_KT_BADNAME; } tmp = realloc(context->kt_types, (context->num_kt_types + 1) * sizeof(*context->kt_types)); if(tmp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } memcpy(&tmp[context->num_kt_types], ops, @@ -64,13 +165,49 @@ krb5_kt_register(krb5_context context, return 0; } -/* +static const char * +keytab_name(const char *name, const char **type, size_t *type_len) +{ + const char *residual; + + residual = strchr(name, ':'); + + if (residual == NULL || + name[0] == '/' +#ifdef _WIN32 + /* Avoid treating : as a keytab type + * specification */ + || name + 1 == residual +#endif + ) { + + *type = "FILE"; + *type_len = strlen(*type); + residual = name; + } else { + *type = name; + *type_len = residual - name; + residual++; + } + + return residual; +} + +/** * Resolve the keytab name (of the form `type:residual') in `name' * into a keytab in `id'. - * Return 0 or an error + * + * @param context a Keberos context. + * @param name name to resolve + * @param id resulting keytab, free with krb5_kt_close(). + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_resolve(krb5_context context, const char *name, krb5_keytab *id) @@ -81,30 +218,22 @@ krb5_kt_resolve(krb5_context context, size_t type_len; krb5_error_code ret; - residual = strchr(name, ':'); - if(residual == NULL) { - type = "FILE"; - type_len = strlen(type); - residual = name; - } else { - type = name; - type_len = residual - name; - residual++; - } - + residual = keytab_name(name, &type, &type_len); + for(i = 0; i < context->num_kt_types; i++) { if(strncasecmp(type, context->kt_types[i].prefix, type_len) == 0) break; } if(i == context->num_kt_types) { - krb5_set_error_string(context, "unknown keytab type %.*s", - (int)type_len, type); + krb5_set_error_message(context, KRB5_KT_UNKNOWN_TYPE, + N_("unknown keytab type %.*s", "type"), + (int)type_len, type); return KRB5_KT_UNKNOWN_TYPE; } - + k = malloc (sizeof(*k)); if (k == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } memcpy(k, &context->kt_types[i], sizeof(*k)); @@ -118,27 +247,41 @@ krb5_kt_resolve(krb5_context context, return ret; } -/* +/** * copy the name of the default keytab into `name'. - * Return 0 or KRB5_CONFIG_NOTENUFSPACE if `namesize' is too short. + * + * @param context a Keberos context. + * @param name buffer where the name will be written + * @param namesize length of name + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_default_name(krb5_context context, char *name, size_t namesize) { if (strlcpy (name, context->default_keytab, namesize) >= namesize) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_CONFIG_NOTENUFSPACE; } return 0; } -/* - * copy the name of the default modify keytab into `name'. - * Return 0 or KRB5_CONFIG_NOTENUFSPACE if `namesize' is too short. +/** + * Copy the name of the default modify keytab into `name'. + * + * @param context a Keberos context. + * @param name buffer where the name will be written + * @param namesize length of name + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_default_modify_name(krb5_context context, char *name, size_t namesize) { const char *kt = NULL; @@ -148,40 +291,56 @@ krb5_kt_default_modify_name(krb5_context context, char *name, size_t namesize) else { size_t len = strcspn(context->default_keytab + 4, ","); if(len >= namesize) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return KRB5_CONFIG_NOTENUFSPACE; } strlcpy(name, context->default_keytab + 4, namesize); name[len] = '\0'; return 0; - } + } } else kt = context->default_keytab_modify; if (strlcpy (name, kt, namesize) >= namesize) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_CONFIG_NOTENUFSPACE; } return 0; } -/* +/** * Set `id' to the default keytab. - * Return 0 or an error. + * + * @param context a Keberos context. + * @param id the new default keytab. + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_default(krb5_context context, krb5_keytab *id) { return krb5_kt_resolve (context, context->default_keytab, id); } -/* +/** * Read the key identified by `(principal, vno, enctype)' from the * keytab in `keyprocarg' (the default if == NULL) into `*key'. - * Return 0 or an error. + * + * @param context a Keberos context. + * @param keyprocarg + * @param principal + * @param vno + * @param enctype + * @param key + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_read_service_key(krb5_context context, krb5_pointer keyprocarg, krb5_principal principal, @@ -210,12 +369,21 @@ krb5_kt_read_service_key(krb5_context context, return ret; } -/* +/** * Return the type of the `keytab' in the string `prefix of length * `prefixsize'. + * + * @param context a Keberos context. + * @param keytab the keytab to get the prefix for + * @param prefix prefix buffer + * @param prefixsize length of prefix buffer + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_type(krb5_context context, krb5_keytab keytab, char *prefix, @@ -225,13 +393,21 @@ krb5_kt_get_type(krb5_context context, return 0; } -/* +/** * Retrieve the name of the keytab `keytab' into `name', `namesize' - * Return 0 or an error. + * + * @param context a Keberos context. + * @param keytab the keytab to get the name for. + * @param name name buffer. + * @param namesize size of name buffer. + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_get_name(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_kt_get_name(krb5_context context, krb5_keytab keytab, char *name, size_t namesize) @@ -239,21 +415,29 @@ krb5_kt_get_name(krb5_context context, return (*keytab->get_name)(context, keytab, name, namesize); } -/* +/** * Retrieve the full name of the keytab `keytab' and store the name in - * `str'. `str' needs to be freed by the caller using free(3). - * Returns 0 or an error. On error, *str is set to NULL. + * `str'. + * + * @param context a Keberos context. + * @param keytab keytab to get name for. + * @param str the name of the keytab name, usee krb5_xfree() to free + * the string. On error, *str is set to NULL. + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_get_full_name(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_kt_get_full_name(krb5_context context, krb5_keytab keytab, char **str) { char type[KRB5_KT_PREFIX_MAX_LEN]; char name[MAXPATHLEN]; krb5_error_code ret; - + *str = NULL; ret = krb5_kt_get_type(context, keytab, type, sizeof(type)); @@ -265,7 +449,7 @@ krb5_kt_get_full_name(krb5_context context, return ret; if (asprintf(str, "%s:%s", type, name) == -1) { - krb5_set_error_string(context, "malloc - out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); *str = NULL; return ENOMEM; } @@ -273,13 +457,20 @@ krb5_kt_get_full_name(krb5_context context, return 0; } -/* +/** * Finish using the keytab in `id'. All resources will be released, - * even on errors. Return 0 or an error. + * even on errors. + * + * @param context a Keberos context. + * @param id keytab to close. + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_close(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_kt_close(krb5_context context, krb5_keytab id) { krb5_error_code ret; @@ -290,21 +481,73 @@ krb5_kt_close(krb5_context context, return ret; } +/** + * Destroy (remove) the keytab in `id'. All resources will be released, + * even on errors, does the equvalment of krb5_kt_close() on the resources. + * + * @param context a Keberos context. + * @param id keytab to destroy. + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_kt_destroy(krb5_context context, + krb5_keytab id) +{ + krb5_error_code ret; + + ret = (*id->destroy)(context, id); + krb5_kt_close(context, id); + return ret; +} + /* + * Match any aliases in keytab `entry' with `principal'. + */ + +static krb5_boolean +compare_aliseses(krb5_context context, + krb5_keytab_entry *entry, + krb5_const_principal principal) +{ + unsigned int i; + if (entry->aliases == NULL) + return FALSE; + for (i = 0; i < entry->aliases->len; i++) + if (krb5_principal_compare(context, &entry->aliases->val[i], principal)) + return TRUE; + return FALSE; +} + +/** * Compare `entry' against `principal, vno, enctype'. * Any of `principal, vno, enctype' might be 0 which acts as a wildcard. * Return TRUE if they compare the same, FALSE otherwise. + * + * @param context a Keberos context. + * @param entry an entry to match with. + * @param principal principal to match, NULL matches all principals. + * @param vno key version to match, 0 matches all key version numbers. + * @param enctype encryption type to match, 0 matches all encryption types. + * + * @return Return TRUE or match, FALSE if not matched. + * + * @ingroup krb5_keytab */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_kt_compare(krb5_context context, - krb5_keytab_entry *entry, + krb5_keytab_entry *entry, krb5_const_principal principal, krb5_kvno vno, krb5_enctype enctype) { - if(principal != NULL && - !krb5_principal_compare(context, entry->principal, principal)) + if(principal != NULL && + !(krb5_principal_compare(context, entry->principal, principal) || + compare_aliseses(context, entry, principal))) return FALSE; if(vno && vno != entry->vno) return FALSE; @@ -313,14 +556,56 @@ krb5_kt_compare(krb5_context context, return TRUE; } -/* +krb5_error_code +_krb5_kt_principal_not_found(krb5_context context, + krb5_error_code ret, + krb5_keytab id, + krb5_const_principal principal, + krb5_enctype enctype, + int kvno) +{ + char princ[256], kvno_str[25], *kt_name; + char *enctype_str = NULL; + + krb5_unparse_name_fixed (context, principal, princ, sizeof(princ)); + krb5_kt_get_full_name (context, id, &kt_name); + krb5_enctype_to_string(context, enctype, &enctype_str); + + if (kvno) + snprintf(kvno_str, sizeof(kvno_str), "(kvno %d)", kvno); + else + kvno_str[0] = '\0'; + + krb5_set_error_message (context, ret, + N_("Failed to find %s%s in keytab %s (%s)", + "principal, kvno, keytab file, enctype"), + princ, + kvno_str, + kt_name ? kt_name : "unknown keytab", + enctype_str ? enctype_str : "unknown enctype"); + free(kt_name); + free(enctype_str); + return ret; +} + + +/** * Retrieve the keytab entry for `principal, kvno, enctype' into `entry' - * from the keytab `id'. - * kvno == 0 is a wildcard and gives the keytab with the highest vno. - * Return 0 or an error. + * from the keytab `id'. Matching is done like krb5_kt_compare(). + * + * @param context a Keberos context. + * @param id a keytab. + * @param principal principal to match, NULL matches all principals. + * @param kvno key version to match, 0 matches all key version numbers. + * @param enctype encryption type to match, 0 matches all encryption types. + * @param entry the returned entry, free with krb5_kt_free_entry(). + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_entry(krb5_context context, krb5_keytab id, krb5_const_principal principal, @@ -337,8 +622,10 @@ krb5_kt_get_entry(krb5_context context, ret = krb5_kt_start_seq_get (context, id, &cursor); if (ret) { - krb5_clear_error_string(context); - return KRB5_KT_NOTFOUND; /* XXX i.e. file not found */ + /* This is needed for krb5_verify_init_creds, but keep error + * string from previous error for the human. */ + context->error_code = KRB5_KT_NOTFOUND; + return KRB5_KT_NOTFOUND; } entry->vno = 0; @@ -361,38 +648,25 @@ krb5_kt_get_entry(krb5_context context, krb5_kt_free_entry(context, &tmp); } krb5_kt_end_seq_get (context, id, &cursor); - if (entry->vno) { - return 0; - } else { - char princ[256], kvno_str[25], *kt_name; - char *enctype_str = NULL; - - krb5_unparse_name_fixed (context, principal, princ, sizeof(princ)); - krb5_kt_get_full_name (context, id, &kt_name); - krb5_enctype_to_string(context, enctype, &enctype_str); - - if (kvno) - snprintf(kvno_str, sizeof(kvno_str), "(kvno %d)", kvno); - else - kvno_str[0] = '\0'; - - krb5_set_error_string (context, - "Failed to find %s%s in keytab %s (%s)", - princ, - kvno_str, - kt_name ? kt_name : "unknown keytab", - enctype_str ? enctype_str : "unknown enctype"); - free(kt_name); - free(enctype_str); - return KRB5_KT_NOTFOUND; - } + if (entry->vno == 0) + return _krb5_kt_principal_not_found(context, KRB5_KT_NOTFOUND, + id, principal, enctype, kvno); + return 0; } -/* +/** * Copy the contents of `in' into `out'. - * Return 0 or an error. */ + * + * @param context a Keberos context. + * @param in the keytab entry to copy. + * @param out the copy of the keytab entry, free with krb5_kt_free_entry(). + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab + */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_copy_entry_contents(krb5_context context, const krb5_keytab_entry *in, krb5_keytab_entry *out) @@ -417,11 +691,18 @@ krb5_kt_copy_entry_contents(krb5_context context, return ret; } -/* +/** * Free the contents of `entry'. + * + * @param context a Keberos context. + * @param entry the entry to free + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *entry) { @@ -431,98 +712,182 @@ krb5_kt_free_entry(krb5_context context, return 0; } -/* +/** * Set `cursor' to point at the beginning of `id'. - * Return 0 or an error. + * + * @param context a Keberos context. + * @param id a keytab. + * @param cursor a newly allocated cursor, free with krb5_kt_end_seq_get(). + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_start_seq_get(krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor) { if(id->start_seq_get == NULL) { - krb5_set_error_string(context, - "start_seq_get is not supported in the %s " - " keytab", id->prefix); + krb5_set_error_message(context, HEIM_ERR_OPNOTSUPP, + N_("start_seq_get is not supported " + "in the %s keytab type", ""), + id->prefix); return HEIM_ERR_OPNOTSUPP; } return (*id->start_seq_get)(context, id, cursor); } -/* - * Get the next entry from `id' pointed to by `cursor' and advance the - * `cursor'. - * Return 0 or an error. +/** + * Get the next entry from keytab, advance the cursor. On last entry + * the function will return KRB5_KT_END. + * + * @param context a Keberos context. + * @param id a keytab. + * @param entry the returned entry, free with krb5_kt_free_entry(). + * @param cursor the cursor of the iteration. + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_next_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry, krb5_kt_cursor *cursor) { if(id->next_entry == NULL) { - krb5_set_error_string(context, - "next_entry is not supported in the %s " - " keytab", id->prefix); + krb5_set_error_message(context, HEIM_ERR_OPNOTSUPP, + N_("next_entry is not supported in the %s " + " keytab", ""), + id->prefix); return HEIM_ERR_OPNOTSUPP; } return (*id->next_entry)(context, id, entry, cursor); } -/* +/** * Release all resources associated with `cursor'. + * + * @param context a Keberos context. + * @param id a keytab. + * @param cursor the cursor to free. + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_end_seq_get(krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor) { if(id->end_seq_get == NULL) { - krb5_set_error_string(context, - "end_seq_get is not supported in the %s " - " keytab", id->prefix); + krb5_set_error_message(context, HEIM_ERR_OPNOTSUPP, + "end_seq_get is not supported in the %s " + " keytab", id->prefix); return HEIM_ERR_OPNOTSUPP; } return (*id->end_seq_get)(context, id, cursor); } -/* +/** * Add the entry in `entry' to the keytab `id'. - * Return 0 or an error. + * + * @param context a Keberos context. + * @param id a keytab. + * @param entry the entry to add + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_add_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry) { if(id->add == NULL) { - krb5_set_error_string(context, "Add is not supported in the %s keytab", - id->prefix); + krb5_set_error_message(context, KRB5_KT_NOWRITE, + N_("Add is not supported in the %s keytab", ""), + id->prefix); return KRB5_KT_NOWRITE; } entry->timestamp = time(NULL); return (*id->add)(context, id,entry); } -/* - * Remove the entry `entry' from the keytab `id'. - * Return 0 or an error. +/** + * Remove an entry from the keytab, matching is done using + * krb5_kt_compare(). + + * @param context a Keberos context. + * @param id a keytab. + * @param entry the entry to remove + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_remove_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry) { if(id->remove == NULL) { - krb5_set_error_string(context, - "Remove is not supported in the %s keytab", - id->prefix); + krb5_set_error_message(context, KRB5_KT_NOWRITE, + N_("Remove is not supported in the %s keytab", ""), + id->prefix); return KRB5_KT_NOWRITE; } return (*id->remove)(context, id, entry); } + +/** + * Return true if the keytab exists and have entries + * + * @param context a Keberos context. + * @param id a keytab. + * + * @return Return an error code or 0, see krb5_get_error_message(). + * + * @ingroup krb5_keytab + */ + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_kt_have_content(krb5_context context, + krb5_keytab id) +{ + krb5_keytab_entry entry; + krb5_kt_cursor cursor; + krb5_error_code ret; + char *name; + + ret = krb5_kt_start_seq_get(context, id, &cursor); + if (ret) + goto notfound; + + ret = krb5_kt_next_entry(context, id, &entry, &cursor); + krb5_kt_end_seq_get(context, id, &cursor); + if (ret) + goto notfound; + + krb5_kt_free_entry(context, &entry); + + return 0; + + notfound: + ret = krb5_kt_get_full_name(context, id, &name); + if (ret == 0) { + krb5_set_error_message(context, KRB5_KT_NOTFOUND, + N_("No entry in keytab: %s", ""), name); + free(name); + } + return KRB5_KT_NOTFOUND; +} diff --git a/lib/krb5/keytab_any.c b/lib/krb5/keytab_any.c index 54272d48453f..d5ac4883db10 100644 --- a/lib/krb5/keytab_any.c +++ b/lib/krb5/keytab_any.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 2001-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2001-2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: keytab_any.c 17035 2006-04-10 09:20:13Z lha $"); - struct any_data { krb5_keytab kt; char *name; @@ -55,7 +53,7 @@ free_list (krb5_context context, struct any_data *a) } } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV any_resolve(krb5_context context, const char *name, krb5_keytab id) { struct any_data *a, *a0 = NULL, *prev = NULL; @@ -63,7 +61,7 @@ any_resolve(krb5_context context, const char *name, krb5_keytab id) char buf[256]; while (strsep_copy(&name, ",", buf, sizeof(buf)) != -1) { - a = malloc(sizeof(*a)); + a = calloc(1, sizeof(*a)); if (a == NULL) { ret = ENOMEM; goto fail; @@ -72,8 +70,8 @@ any_resolve(krb5_context context, const char *name, krb5_keytab id) a0 = a; a->name = strdup(buf); if (a->name == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto fail; } } else @@ -87,7 +85,7 @@ any_resolve(krb5_context context, const char *name, krb5_keytab id) prev = a; } if (a0 == NULL) { - krb5_set_error_string(context, "empty ANY: keytab"); + krb5_set_error_message(context, ENOENT, N_("empty ANY: keytab", "")); return ENOENT; } id->data = a0; @@ -97,7 +95,7 @@ any_resolve(krb5_context context, const char *name, krb5_keytab id) return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV any_get_name (krb5_context context, krb5_keytab id, char *name, @@ -108,7 +106,7 @@ any_get_name (krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV any_close (krb5_context context, krb5_keytab id) { @@ -123,9 +121,9 @@ struct any_cursor_extra_data { krb5_kt_cursor cursor; }; -static krb5_error_code -any_start_seq_get(krb5_context context, - krb5_keytab id, +static krb5_error_code KRB5_CALLCONV +any_start_seq_get(krb5_context context, + krb5_keytab id, krb5_kt_cursor *c) { struct any_data *a = id->data; @@ -134,21 +132,25 @@ any_start_seq_get(krb5_context context, c->data = malloc (sizeof(struct any_cursor_extra_data)); if(c->data == NULL){ - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } ed = (struct any_cursor_extra_data *)c->data; - ed->a = a; - ret = krb5_kt_start_seq_get(context, ed->a->kt, &ed->cursor); - if (ret) { + for (ed->a = a; ed->a != NULL; ed->a = ed->a->next) { + ret = krb5_kt_start_seq_get(context, ed->a->kt, &ed->cursor); + if (ret == 0) + break; + } + if (ed->a == NULL) { free (c->data); c->data = NULL; - return ret; + krb5_clear_error_message (context); + return KRB5_KT_END; } return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV any_next_entry (krb5_context context, krb5_keytab id, krb5_keytab_entry *entry, @@ -174,13 +176,13 @@ any_next_entry (krb5_context context, break; } if (ed->a == NULL) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_KT_END; } } while (1); } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV any_end_seq_get(krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor) @@ -196,7 +198,7 @@ any_end_seq_get(krb5_context context, return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV any_add_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry) @@ -206,8 +208,9 @@ any_add_entry(krb5_context context, while(a != NULL) { ret = krb5_kt_add_entry(context, a->kt, entry); if(ret != 0 && ret != KRB5_KT_NOWRITE) { - krb5_set_error_string(context, "failed to add entry to %s", - a->name); + krb5_set_error_message(context, ret, + N_("failed to add entry to %s", ""), + a->name); return ret; } a = a->next; @@ -215,7 +218,7 @@ any_add_entry(krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV any_remove_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry) @@ -229,8 +232,10 @@ any_remove_entry(krb5_context context, found++; else { if(ret != KRB5_KT_NOWRITE && ret != KRB5_KT_NOTFOUND) { - krb5_set_error_string(context, "failed to remove entry from %s", - a->name); + krb5_set_error_message(context, ret, + N_("Failed to remove keytab " + "entry from %s", "keytab name"), + a->name); return ret; } } @@ -246,6 +251,7 @@ const krb5_kt_ops krb5_any_ops = { any_resolve, any_get_name, any_close, + NULL, /* destroy */ NULL, /* get */ any_start_seq_get, any_next_entry, diff --git a/lib/krb5/keytab_file.c b/lib/krb5/keytab_file.c index 4ada3a463ea8..ccaf62fcb4c2 100644 --- a/lib/krb5/keytab_file.c +++ b/lib/krb5/keytab_file.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: keytab_file.c 17457 2006-05-05 12:36:57Z lha $"); - #define KRB5_KT_VNO_1 1 #define KRB5_KT_VNO_2 2 #define KRB5_KT_VNO KRB5_KT_VNO_2 @@ -62,7 +60,7 @@ krb5_kt_ret_data(krb5_context context, data->length = size; data->data = malloc(size); if (data->data == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } ret = krb5_storage_read(sp, data->data, size); @@ -83,7 +81,7 @@ krb5_kt_ret_string(krb5_context context, return ret; *data = malloc(size + 1); if (*data == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } ret = krb5_storage_read(sp, *data, size); @@ -103,7 +101,7 @@ krb5_kt_store_data(krb5_context context, if(ret < 0) return ret; ret = krb5_storage_write(sp, data.data, data.length); - if(ret != data.length){ + if(ret != (int)data.length){ if(ret < 0) return errno; return KRB5_KT_END; @@ -121,7 +119,7 @@ krb5_kt_store_string(krb5_storage *sp, if(ret < 0) return ret; ret = krb5_storage_write(sp, data, len); - if(ret != len){ + if(ret != (int)len){ if(ret < 0) return errno; return KRB5_KT_END; @@ -130,76 +128,113 @@ krb5_kt_store_string(krb5_storage *sp, } static krb5_error_code -krb5_kt_ret_keyblock(krb5_context context, krb5_storage *sp, krb5_keyblock *p) +krb5_kt_ret_keyblock(krb5_context context, + struct fkt_data *fkt, + krb5_storage *sp, + krb5_keyblock *p) { int ret; int16_t tmp; ret = krb5_ret_int16(sp, &tmp); /* keytype + etype */ - if(ret) return ret; + if(ret) { + krb5_set_error_message(context, ret, + N_("Cant read keyblock from file %s", ""), + fkt->filename); + return ret; + } p->keytype = tmp; ret = krb5_kt_ret_data(context, sp, &p->keyvalue); + if (ret) + krb5_set_error_message(context, ret, + N_("Cant read keyblock from file %s", ""), + fkt->filename); return ret; } static krb5_error_code krb5_kt_store_keyblock(krb5_context context, - krb5_storage *sp, + struct fkt_data *fkt, + krb5_storage *sp, krb5_keyblock *p) { int ret; ret = krb5_store_int16(sp, p->keytype); /* keytype + etype */ - if(ret) return ret; + if(ret) { + krb5_set_error_message(context, ret, + N_("Cant store keyblock to file %s", ""), + fkt->filename); + return ret; + } ret = krb5_kt_store_data(context, sp, p->keyvalue); + if (ret) + krb5_set_error_message(context, ret, + N_("Cant store keyblock to file %s", ""), + fkt->filename); return ret; } static krb5_error_code krb5_kt_ret_principal(krb5_context context, + struct fkt_data *fkt, krb5_storage *sp, krb5_principal *princ) { - int i; + size_t i; int ret; krb5_principal p; int16_t len; - + ALLOC(p, 1); if(p == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } ret = krb5_ret_int16(sp, &len); if(ret) { - krb5_set_error_string(context, - "Failed decoding length of keytab principal"); + krb5_set_error_message(context, ret, + N_("Failed decoding length of " + "keytab principal in keytab file %s", ""), + fkt->filename); goto out; } if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS)) len--; if (len < 0) { - krb5_set_error_string(context, - "Keytab principal contains invalid length"); ret = KRB5_KT_END; + krb5_set_error_message(context, ret, + N_("Keytab principal contains " + "invalid length in keytab %s", ""), + fkt->filename); goto out; } ret = krb5_kt_ret_string(context, sp, &p->realm); - if(ret) + if(ret) { + krb5_set_error_message(context, ret, + N_("Can't read realm from keytab: %s", ""), + fkt->filename); goto out; + } p->name.name_string.val = calloc(len, sizeof(*p->name.name_string.val)); if(p->name.name_string.val == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto out; } p->name.name_string.len = len; for(i = 0; i < p->name.name_string.len; i++){ ret = krb5_kt_ret_string(context, sp, p->name.name_string.val + i); - if(ret) + if(ret) { + krb5_set_error_message(context, ret, + N_("Can't read principal from " + "keytab: %s", ""), + fkt->filename); goto out; + } } if (krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) p->name.name_type = KRB5_NT_UNKNOWN; @@ -207,8 +242,13 @@ krb5_kt_ret_principal(krb5_context context, int32_t tmp32; ret = krb5_ret_int32(sp, &tmp32); p->name.name_type = tmp32; - if (ret) + if (ret) { + krb5_set_error_message(context, ret, + N_("Can't read name-type from " + "keytab: %s", ""), + fkt->filename); goto out; + } } *princ = p; return 0; @@ -222,9 +262,9 @@ krb5_kt_store_principal(krb5_context context, krb5_storage *sp, krb5_principal p) { - int i; + size_t i; int ret; - + if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS)) ret = krb5_store_int16(sp, p->name.name_string.len + 1); else @@ -246,20 +286,20 @@ krb5_kt_store_principal(krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fkt_resolve(krb5_context context, const char *name, krb5_keytab id) { struct fkt_data *d; d = malloc(sizeof(*d)); if(d == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } d->filename = strdup(name); if(d->filename == NULL) { free(d); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } d->flags = 0; @@ -267,7 +307,7 @@ fkt_resolve(krb5_context context, const char *name, krb5_keytab id) return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fkt_resolve_java14(krb5_context context, const char *name, krb5_keytab id) { krb5_error_code ret; @@ -280,7 +320,7 @@ fkt_resolve_java14(krb5_context context, const char *name, krb5_keytab id) return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fkt_close(krb5_context context, krb5_keytab id) { struct fkt_data *d = id->data; @@ -289,10 +329,18 @@ fkt_close(krb5_context context, krb5_keytab id) return 0; } -static krb5_error_code -fkt_get_name(krb5_context context, - krb5_keytab id, - char *name, +static krb5_error_code KRB5_CALLCONV +fkt_destroy(krb5_context context, krb5_keytab id) +{ + struct fkt_data *d = id->data; + _krb5_erase_file(context, d->filename); + return 0; +} + +static krb5_error_code KRB5_CALLCONV +fkt_get_name(krb5_context context, + krb5_keytab id, + char *name, size_t namesize) { /* This function is XXX */ @@ -314,15 +362,15 @@ storage_set_flags(krb5_context context, krb5_storage *sp, int vno) case KRB5_KT_VNO_2: break; default: - krb5_warnx(context, + krb5_warnx(context, "storage_set_flags called with bad vno (%d)", vno); } krb5_storage_set_flags(sp, flags); } static krb5_error_code -fkt_start_seq_get_int(krb5_context context, - krb5_keytab id, +fkt_start_seq_get_int(krb5_context context, + krb5_keytab id, int flags, int exclusive, krb5_kt_cursor *c) @@ -330,14 +378,16 @@ fkt_start_seq_get_int(krb5_context context, int8_t pvno, tag; krb5_error_code ret; struct fkt_data *d = id->data; - + c->fd = open (d->filename, flags); if (c->fd < 0) { ret = errno; - krb5_set_error_string(context, "%s: %s", d->filename, - strerror(ret)); + krb5_set_error_message(context, ret, + N_("keytab %s open failed: %s", ""), + d->filename, strerror(ret)); return ret; } + rk_cloexec(c->fd); ret = _krb5_xlock(context, c->fd, exclusive, d->filename); if (ret) { close(c->fd); @@ -347,7 +397,8 @@ fkt_start_seq_get_int(krb5_context context, if (c->sp == NULL) { _krb5_xunlock(context, c->fd); close(c->fd); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } krb5_storage_set_eof_code(c->sp, KRB5_KT_END); @@ -356,14 +407,14 @@ fkt_start_seq_get_int(krb5_context context, krb5_storage_free(c->sp); _krb5_xunlock(context, c->fd); close(c->fd); - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } if(pvno != 5) { krb5_storage_free(c->sp); _krb5_xunlock(context, c->fd); close(c->fd); - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_KEYTAB_BADVNO; } ret = krb5_ret_int8(c->sp, &tag); @@ -371,7 +422,7 @@ fkt_start_seq_get_int(krb5_context context, krb5_storage_free(c->sp); _krb5_xunlock(context, c->fd); close(c->fd); - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } id->version = tag; @@ -379,26 +430,28 @@ fkt_start_seq_get_int(krb5_context context, return 0; } -static krb5_error_code -fkt_start_seq_get(krb5_context context, - krb5_keytab id, +static krb5_error_code KRB5_CALLCONV +fkt_start_seq_get(krb5_context context, + krb5_keytab id, krb5_kt_cursor *c) { - return fkt_start_seq_get_int(context, id, O_RDONLY | O_BINARY, 0, c); + return fkt_start_seq_get_int(context, id, O_RDONLY | O_BINARY | O_CLOEXEC, 0, c); } static krb5_error_code -fkt_next_entry_int(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry, +fkt_next_entry_int(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry, krb5_kt_cursor *cursor, off_t *start, off_t *end) { + struct fkt_data *d = id->data; int32_t len; int ret; int8_t tmp8; int32_t tmp32; + uint32_t utmp32; off_t pos, curpos; pos = krb5_storage_seek(cursor->sp, 0, SEEK_CUR); @@ -410,18 +463,18 @@ fkt_next_entry_int(krb5_context context, pos = krb5_storage_seek(cursor->sp, -len, SEEK_CUR); goto loop; } - ret = krb5_kt_ret_principal (context, cursor->sp, &entry->principal); + ret = krb5_kt_ret_principal (context, d, cursor->sp, &entry->principal); if (ret) goto out; - ret = krb5_ret_int32(cursor->sp, &tmp32); - entry->timestamp = tmp32; + ret = krb5_ret_uint32(cursor->sp, &utmp32); + entry->timestamp = utmp32; if (ret) goto out; ret = krb5_ret_int8(cursor->sp, &tmp8); if (ret) goto out; entry->vno = tmp8; - ret = krb5_kt_ret_keyblock (context, cursor->sp, &entry->keyblock); + ret = krb5_kt_ret_keyblock (context, d, cursor->sp, &entry->keyblock); if (ret) goto out; /* there might be a 32 bit kvno here @@ -430,10 +483,19 @@ fkt_next_entry_int(krb5_context context, curpos = krb5_storage_seek(cursor->sp, 0, SEEK_CUR); if(len + 4 + pos - curpos >= 4) { ret = krb5_ret_int32(cursor->sp, &tmp32); - if (ret == 0 && tmp32 != 0) { + if (ret == 0 && tmp32 != 0) entry->vno = tmp32; - } } + /* there might be a flags field here */ + if(len + 4 + pos - curpos >= 8) { + ret = krb5_ret_uint32(cursor->sp, &utmp32); + if (ret == 0) + entry->flags = utmp32; + } else + entry->flags = 0; + + entry->aliases = NULL; + if(start) *start = pos; if(end) *end = pos + 4 + len; out: @@ -441,17 +503,17 @@ fkt_next_entry_int(krb5_context context, return ret; } -static krb5_error_code -fkt_next_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry, +static krb5_error_code KRB5_CALLCONV +fkt_next_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry, krb5_kt_cursor *cursor) { return fkt_next_entry_int(context, id, entry, cursor, NULL, NULL); } -static krb5_error_code -fkt_end_seq_get(krb5_context context, +static krb5_error_code KRB5_CALLCONV +fkt_end_seq_get(krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor) { @@ -461,7 +523,7 @@ fkt_end_seq_get(krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fkt_setup_keytab(krb5_context context, krb5_keytab id, krb5_storage *sp) @@ -474,8 +536,8 @@ fkt_setup_keytab(krb5_context context, id->version = KRB5_KT_VNO; return krb5_store_int8 (sp, id->version); } - -static krb5_error_code + +static krb5_error_code KRB5_CALLCONV fkt_add_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry) @@ -486,16 +548,19 @@ fkt_add_entry(krb5_context context, struct fkt_data *d = id->data; krb5_data keytab; int32_t len; - - fd = open (d->filename, O_RDWR | O_BINARY); + + fd = open (d->filename, O_RDWR | O_BINARY | O_CLOEXEC); if (fd < 0) { - fd = open (d->filename, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600); + fd = open (d->filename, O_RDWR | O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC, 0600); if (fd < 0) { ret = errno; - krb5_set_error_string(context, "open(%s): %s", d->filename, - strerror(ret)); + krb5_set_error_message(context, ret, + N_("open(%s): %s", ""), d->filename, + strerror(ret)); return ret; } + rk_cloexec(fd); + ret = _krb5_xlock(context, fd, 1, d->filename); if (ret) { close(fd); @@ -510,6 +575,9 @@ fkt_add_entry(krb5_context context, storage_set_flags(context, sp, id->version); } else { int8_t pvno, tag; + + rk_cloexec(fd); + ret = _krb5_xlock(context, fd, 1, d->filename); if (ret) { close(fd); @@ -523,22 +591,26 @@ fkt_add_entry(krb5_context context, properly */ ret = fkt_setup_keytab(context, id, sp); if(ret) { - krb5_set_error_string(context, "%s: keytab is corrupted: %s", - d->filename, strerror(ret)); + krb5_set_error_message(context, ret, + N_("%s: keytab is corrupted: %s", ""), + d->filename, strerror(ret)); goto out; } storage_set_flags(context, sp, id->version); } else { if(pvno != 5) { ret = KRB5_KEYTAB_BADVNO; - krb5_set_error_string(context, "%s: %s", - d->filename, strerror(ret)); + krb5_set_error_message(context, ret, + N_("Bad version in keytab %s", ""), + d->filename); goto out; } ret = krb5_ret_int8 (sp, &tag); if (ret) { - krb5_set_error_string(context, "%s: reading tag: %s", - d->filename, strerror(ret)); + krb5_set_error_message(context, ret, + N_("failed reading tag from " + "keytab %s", ""), + d->filename); goto out; } id->version = tag; @@ -551,25 +623,38 @@ fkt_add_entry(krb5_context context, emem = krb5_storage_emem(); if(emem == NULL) { ret = ENOMEM; - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto out; } ret = krb5_kt_store_principal(context, emem, entry->principal); if(ret) { + krb5_set_error_message(context, ret, + N_("Failed storing principal " + "in keytab %s", ""), + d->filename); krb5_storage_free(emem); goto out; } ret = krb5_store_int32 (emem, entry->timestamp); if(ret) { + krb5_set_error_message(context, ret, + N_("Failed storing timpstamp " + "in keytab %s", ""), + d->filename); krb5_storage_free(emem); goto out; } ret = krb5_store_int8 (emem, entry->vno % 256); if(ret) { + krb5_set_error_message(context, ret, + N_("Failed storing kvno " + "in keytab %s", ""), + d->filename); krb5_storage_free(emem); goto out; } - ret = krb5_kt_store_keyblock (context, emem, &entry->keyblock); + ret = krb5_kt_store_keyblock (context, d, emem, &entry->keyblock); if(ret) { krb5_storage_free(emem); goto out; @@ -577,6 +662,19 @@ fkt_add_entry(krb5_context context, if ((d->flags & KRB5_KT_FL_JAVA) == 0) { ret = krb5_store_int32 (emem, entry->vno); if (ret) { + krb5_set_error_message(context, ret, + N_("Failed storing extended kvno " + "in keytab %s", ""), + d->filename); + krb5_storage_free(emem); + goto out; + } + ret = krb5_store_uint32 (emem, entry->flags); + if (ret) { + krb5_set_error_message(context, ret, + N_("Failed storing extended kvno " + "in keytab %s", ""), + d->filename); krb5_storage_free(emem); goto out; } @@ -584,10 +682,15 @@ fkt_add_entry(krb5_context context, ret = krb5_storage_to_data(emem, &keytab); krb5_storage_free(emem); - if(ret) + if(ret) { + krb5_set_error_message(context, ret, + N_("Failed converting keytab entry " + "to memory block for keytab %s", ""), + d->filename); goto out; + } } - + while(1) { ret = krb5_ret_int32(sp, &len); if(ret == KRB5_KT_END) { @@ -596,7 +699,7 @@ fkt_add_entry(krb5_context context, } if(len < 0) { len = -len; - if(len >= keytab.length) { + if(len >= (int)keytab.length) { krb5_storage_seek(sp, -4, SEEK_CUR); break; } @@ -604,8 +707,13 @@ fkt_add_entry(krb5_context context, krb5_storage_seek(sp, len, SEEK_CUR); } ret = krb5_store_int32(sp, len); - if(krb5_storage_write(sp, keytab.data, keytab.length) < 0) + if(krb5_storage_write(sp, keytab.data, keytab.length) < 0) { ret = errno; + krb5_set_error_message(context, ret, + N_("Failed writing keytab block " + "in keytab %s: %s", ""), + d->filename, strerror(ret)); + } memset(keytab.data, 0, keytab.length); krb5_data_free(&keytab); out: @@ -615,7 +723,7 @@ fkt_add_entry(krb5_context context, return ret; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV fkt_remove_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry) @@ -625,13 +733,13 @@ fkt_remove_entry(krb5_context context, off_t pos_start, pos_end; int found = 0; krb5_error_code ret; - - ret = fkt_start_seq_get_int(context, id, O_RDWR | O_BINARY, 1, &cursor); - if(ret != 0) + + ret = fkt_start_seq_get_int(context, id, O_RDWR | O_BINARY | O_CLOEXEC, 1, &cursor); + if(ret != 0) goto out; /* return other error here? */ - while(fkt_next_entry_int(context, id, &e, &cursor, + while(fkt_next_entry_int(context, id, &e, &cursor, &pos_start, &pos_end) == 0) { - if(krb5_kt_compare(context, &e, entry->principal, + if(krb5_kt_compare(context, &e, entry->principal, entry->vno, entry->keyblock.keytype)) { int32_t len; unsigned char buf[128]; @@ -641,8 +749,9 @@ fkt_remove_entry(krb5_context context, krb5_store_int32(cursor.sp, -len); memset(buf, 0, sizeof(buf)); while(len > 0) { - krb5_storage_write(cursor.sp, buf, min(len, sizeof(buf))); - len -= min(len, sizeof(buf)); + krb5_storage_write(cursor.sp, buf, + min((size_t)len, sizeof(buf))); + len -= min((size_t)len, sizeof(buf)); } } krb5_kt_free_entry(context, &e); @@ -650,7 +759,7 @@ fkt_remove_entry(krb5_context context, krb5_kt_end_seq_get(context, id, &cursor); out: if (!found) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_KT_NOTFOUND; } return 0; @@ -661,6 +770,7 @@ const krb5_kt_ops krb5_fkt_ops = { fkt_resolve, fkt_get_name, fkt_close, + fkt_destroy, NULL, /* get */ fkt_start_seq_get, fkt_next_entry, @@ -674,6 +784,7 @@ const krb5_kt_ops krb5_wrfkt_ops = { fkt_resolve, fkt_get_name, fkt_close, + fkt_destroy, NULL, /* get */ fkt_start_seq_get, fkt_next_entry, @@ -687,6 +798,7 @@ const krb5_kt_ops krb5_javakt_ops = { fkt_resolve_java14, fkt_get_name, fkt_close, + fkt_destroy, NULL, /* get */ fkt_start_seq_get, fkt_next_entry, diff --git a/lib/krb5/keytab_keyfile.c b/lib/krb5/keytab_keyfile.c index 77455ba5f7c2..ea74c32780f8 100644 --- a/lib/krb5/keytab_keyfile.c +++ b/lib/krb5/keytab_keyfile.c @@ -1,45 +1,45 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: keytab_keyfile.c 20695 2007-05-30 14:09:09Z lha $"); +#ifndef HEIMDAL_SMALLER /* afs keyfile operations --------------------------------------- */ /* * Minimum tools to handle the AFS KeyFile. - * + * * Format of the KeyFile is: * {[ ] * numkeys} * @@ -52,7 +52,7 @@ RCSID("$Id: keytab_keyfile.c 20695 2007-05-30 14:09:09Z lha $"); #define AFS_SERVERMAGICKRBCONF "/usr/afs/etc/krb.conf" struct akf_data { - int num_entries; + uint32_t num_entries; char *filename; char *cell; char *realm; @@ -72,13 +72,17 @@ get_cell_and_realm (krb5_context context, struct akf_data *d) f = fopen (AFS_SERVERTHISCELL, "r"); if (f == NULL) { ret = errno; - krb5_set_error_string (context, "open %s: %s", AFS_SERVERTHISCELL, - strerror(ret)); + krb5_set_error_message (context, ret, + N_("Open ThisCell %s: %s", ""), + AFS_SERVERTHISCELL, + strerror(ret)); return ret; } if (fgets (buf, sizeof(buf), f) == NULL) { fclose (f); - krb5_set_error_string (context, "no cell in %s", AFS_SERVERTHISCELL); + krb5_set_error_message (context, EINVAL, + N_("No cell in ThisCell file %s", ""), + AFS_SERVERTHISCELL); return EINVAL; } buf[strcspn(buf, "\n")] = '\0'; @@ -86,7 +90,8 @@ get_cell_and_realm (krb5_context context, struct akf_data *d) d->cell = strdup (buf); if (d->cell == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } @@ -96,8 +101,9 @@ get_cell_and_realm (krb5_context context, struct akf_data *d) free (d->cell); d->cell = NULL; fclose (f); - krb5_set_error_string (context, "no realm in %s", - AFS_SERVERMAGICKRBCONF); + krb5_set_error_message (context, EINVAL, + N_("No realm in ThisCell file %s", ""), + AFS_SERVERMAGICKRBCONF); return EINVAL; } buf[strcspn(buf, "\n")] = '\0'; @@ -106,12 +112,13 @@ get_cell_and_realm (krb5_context context, struct akf_data *d) /* uppercase */ for (cp = buf; *cp != '\0'; cp++) *cp = toupper((unsigned char)*cp); - + d->realm = strdup (buf); if (d->realm == NULL) { free (d->cell); d->cell = NULL; - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } return 0; @@ -121,17 +128,18 @@ get_cell_and_realm (krb5_context context, struct akf_data *d) * init and get filename */ -static krb5_error_code +static krb5_error_code KRB5_CALLCONV akf_resolve(krb5_context context, const char *name, krb5_keytab id) { int ret; struct akf_data *d = malloc(sizeof (struct akf_data)); if (d == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } - + d->num_entries = 0; ret = get_cell_and_realm (context, d); if (ret) { @@ -143,11 +151,12 @@ akf_resolve(krb5_context context, const char *name, krb5_keytab id) free (d->cell); free (d->realm); free (d); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } id->data = d; - + return 0; } @@ -155,7 +164,7 @@ akf_resolve(krb5_context context, const char *name, krb5_keytab id) * cleanup */ -static krb5_error_code +static krb5_error_code KRB5_CALLCONV akf_close(krb5_context context, krb5_keytab id) { struct akf_data *d = id->data; @@ -170,10 +179,10 @@ akf_close(krb5_context context, krb5_keytab id) * Return filename */ -static krb5_error_code -akf_get_name(krb5_context context, - krb5_keytab id, - char *name, +static krb5_error_code KRB5_CALLCONV +akf_get_name(krb5_context context, + krb5_keytab id, + char *name, size_t name_sz) { struct akf_data *d = id->data; @@ -183,31 +192,32 @@ akf_get_name(krb5_context context, } /* - * Init + * Init */ -static krb5_error_code -akf_start_seq_get(krb5_context context, - krb5_keytab id, +static krb5_error_code KRB5_CALLCONV +akf_start_seq_get(krb5_context context, + krb5_keytab id, krb5_kt_cursor *c) { int32_t ret; struct akf_data *d = id->data; - c->fd = open (d->filename, O_RDONLY|O_BINARY, 0600); + c->fd = open (d->filename, O_RDONLY | O_BINARY | O_CLOEXEC, 0600); if (c->fd < 0) { ret = errno; - krb5_set_error_string(context, "open(%s): %s", d->filename, - strerror(ret)); + krb5_set_error_message(context, ret, + N_("keytab afs keyfile open %s failed: %s", ""), + d->filename, strerror(ret)); return ret; } c->sp = krb5_storage_from_fd(c->fd); - ret = krb5_ret_int32(c->sp, &d->num_entries); + ret = krb5_ret_uint32(c->sp, &d->num_entries); if(ret) { krb5_storage_free(c->sp); close(c->fd); - krb5_clear_error_string (context); + krb5_clear_error_message (context); if(ret == KRB5_KT_END) return KRB5_KT_NOTFOUND; return ret; @@ -216,10 +226,10 @@ akf_start_seq_get(krb5_context context, return 0; } -static krb5_error_code -akf_next_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry, +static krb5_error_code KRB5_CALLCONV +akf_next_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry, krb5_kt_cursor *cursor) { struct akf_data *d = id->data; @@ -250,7 +260,8 @@ akf_next_entry(krb5_context context, entry->keyblock.keyvalue.data = malloc (8); if (entry->keyblock.keyvalue.data == NULL) { krb5_free_principal (context, entry->principal); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); ret = ENOMEM; goto out; } @@ -262,14 +273,16 @@ akf_next_entry(krb5_context context, ret = 0; entry->timestamp = time(NULL); + entry->flags = 0; + entry->aliases = NULL; out: krb5_storage_seek(cursor->sp, pos + 4 + 8, SEEK_SET); return ret; } -static krb5_error_code -akf_end_seq_get(krb5_context context, +static krb5_error_code KRB5_CALLCONV +akf_end_seq_get(krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor) { @@ -278,7 +291,7 @@ akf_end_seq_get(krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV akf_add_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry) @@ -301,14 +314,16 @@ akf_add_entry(krb5_context context, return 0; } - fd = open (d->filename, O_RDWR | O_BINARY); + fd = open (d->filename, O_RDWR | O_BINARY | O_CLOEXEC); if (fd < 0) { fd = open (d->filename, - O_RDWR | O_BINARY | O_CREAT | O_EXCL, 0600); + O_RDWR | O_BINARY | O_CREAT | O_EXCL | O_CLOEXEC, 0600); if (fd < 0) { ret = errno; - krb5_set_error_string(context, "open(%s): %s", d->filename, - strerror(ret)); + krb5_set_error_message(context, ret, + N_("open keyfile(%s): %s", ""), + d->filename, + strerror(ret)); return ret; } created = 1; @@ -317,7 +332,8 @@ akf_add_entry(krb5_context context, sp = krb5_storage_from_fd(fd); if(sp == NULL) { close(fd); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } if (created) @@ -327,10 +343,12 @@ akf_add_entry(krb5_context context, ret = errno; krb5_storage_free(sp); close(fd); - krb5_set_error_string (context, "seek: %s", strerror(ret)); + krb5_set_error_message(context, ret, + N_("seeking in keyfile: %s", ""), + strerror(ret)); return ret; } - + ret = krb5_ret_int32(sp, &len); if(ret) { krb5_storage_free(sp); @@ -350,11 +368,15 @@ akf_add_entry(krb5_context context, for (i = 0; i < len; i++) { ret = krb5_ret_int32(sp, &kvno); if (ret) { - krb5_set_error_string (context, "Failed to get kvno "); + krb5_set_error_message (context, ret, + N_("Failed getting kvno from keyfile", "")); goto out; } if(krb5_storage_seek(sp, 8, SEEK_CUR) < 0) { - krb5_set_error_string (context, "seek: %s", strerror(ret)); + ret = errno; + krb5_set_error_message (context, ret, + N_("Failed seeing in keyfile: %s", ""), + strerror(ret)); goto out; } if (kvno == entry->vno) { @@ -365,38 +387,45 @@ akf_add_entry(krb5_context context, } len++; - + if(krb5_storage_seek(sp, 0, SEEK_SET) < 0) { ret = errno; - krb5_set_error_string (context, "seek: %s", strerror(ret)); + krb5_set_error_message (context, ret, + N_("Failed seeing in keyfile: %s", ""), + strerror(ret)); goto out; } - + ret = krb5_store_int32(sp, len); if(ret) { - krb5_set_error_string(context, "keytab keyfile failed new length"); + ret = errno; + krb5_set_error_message (context, ret, + N_("keytab keyfile failed new length", "")); return ret; } if(krb5_storage_seek(sp, (len - 1) * (8 + 4), SEEK_CUR) < 0) { ret = errno; - krb5_set_error_string (context, "seek to end: %s", strerror(ret)); + krb5_set_error_message (context, ret, + N_("seek to end: %s", ""), strerror(ret)); goto out; } - + ret = krb5_store_int32(sp, entry->vno); if(ret) { - krb5_set_error_string(context, "keytab keyfile failed store kvno"); + krb5_set_error_message(context, ret, + N_("keytab keyfile failed store kvno", "")); goto out; } - ret = krb5_storage_write(sp, entry->keyblock.keyvalue.data, + ret = krb5_storage_write(sp, entry->keyblock.keyvalue.data, entry->keyblock.keyvalue.length); if(ret != entry->keyblock.keyvalue.length) { if (ret < 0) ret = errno; else ret = ENOTTY; - krb5_set_error_string(context, "keytab keyfile failed to add key"); + krb5_set_error_message(context, ret, + N_("keytab keyfile failed to add key", "")); goto out; } ret = 0; @@ -411,6 +440,7 @@ const krb5_kt_ops krb5_akf_ops = { akf_resolve, akf_get_name, akf_close, + NULL, /* destroy */ NULL, /* get */ akf_start_seq_get, akf_next_entry, @@ -418,3 +448,5 @@ const krb5_kt_ops krb5_akf_ops = { akf_add_entry, NULL /* remove */ }; + +#endif /* HEIMDAL_SMALLER */ diff --git a/lib/krb5/keytab_krb4.c b/lib/krb5/keytab_krb4.c deleted file mode 100644 index 907836c144f7..000000000000 --- a/lib/krb5/keytab_krb4.c +++ /dev/null @@ -1,448 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: keytab_krb4.c 17046 2006-04-10 17:10:53Z lha $"); - -struct krb4_kt_data { - char *filename; -}; - -static krb5_error_code -krb4_kt_resolve(krb5_context context, const char *name, krb5_keytab id) -{ - struct krb4_kt_data *d; - - d = malloc (sizeof(*d)); - if (d == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - d->filename = strdup (name); - if (d->filename == NULL) { - free(d); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - id->data = d; - return 0; -} - -static krb5_error_code -krb4_kt_get_name (krb5_context context, - krb5_keytab id, - char *name, - size_t name_sz) -{ - struct krb4_kt_data *d = id->data; - - strlcpy (name, d->filename, name_sz); - return 0; -} - -static krb5_error_code -krb4_kt_close (krb5_context context, - krb5_keytab id) -{ - struct krb4_kt_data *d = id->data; - - free (d->filename); - free (d); - return 0; -} - -struct krb4_cursor_extra_data { - krb5_keytab_entry entry; - int num; -}; - -static int -open_flock(const char *filename, int flags, int mode) -{ - int lock_mode; - int tries = 0; - int fd = open(filename, flags, mode); - if(fd < 0) - return fd; - if((flags & O_ACCMODE) == O_RDONLY) - lock_mode = LOCK_SH | LOCK_NB; - else - lock_mode = LOCK_EX | LOCK_NB; - while(flock(fd, lock_mode) < 0) { - if(++tries < 5) { - sleep(1); - } else { - close(fd); - return -1; - } - } - return fd; -} - - - -static krb5_error_code -krb4_kt_start_seq_get_int (krb5_context context, - krb5_keytab id, - int flags, - krb5_kt_cursor *c) -{ - struct krb4_kt_data *d = id->data; - struct krb4_cursor_extra_data *ed; - int ret; - - ed = malloc (sizeof(*ed)); - if (ed == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - ed->entry.principal = NULL; - ed->num = -1; - c->data = ed; - c->fd = open_flock (d->filename, flags, 0); - if (c->fd < 0) { - ret = errno; - free (ed); - krb5_set_error_string(context, "open(%s): %s", d->filename, - strerror(ret)); - return ret; - } - c->sp = krb5_storage_from_fd(c->fd); - if(c->sp == NULL) { - close(c->fd); - free(ed); - return ENOMEM; - } - krb5_storage_set_eof_code(c->sp, KRB5_KT_END); - return 0; -} - -static krb5_error_code -krb4_kt_start_seq_get (krb5_context context, - krb5_keytab id, - krb5_kt_cursor *c) -{ - return krb4_kt_start_seq_get_int (context, id, O_BINARY | O_RDONLY, c); -} - -static krb5_error_code -read_v4_entry (krb5_context context, - struct krb4_kt_data *d, - krb5_kt_cursor *c, - struct krb4_cursor_extra_data *ed) -{ - unsigned char des_key[8]; - krb5_error_code ret; - char *service, *instance, *realm; - int8_t kvno; - - ret = krb5_ret_stringz(c->sp, &service); - if (ret) - return ret; - ret = krb5_ret_stringz(c->sp, &instance); - if (ret) { - free (service); - return ret; - } - ret = krb5_ret_stringz(c->sp, &realm); - if (ret) { - free (service); - free (instance); - return ret; - } - ret = krb5_425_conv_principal (context, service, instance, realm, - &ed->entry.principal); - free (service); - free (instance); - free (realm); - if (ret) - return ret; - ret = krb5_ret_int8(c->sp, &kvno); - if (ret) { - krb5_free_principal (context, ed->entry.principal); - return ret; - } - ret = krb5_storage_read(c->sp, des_key, sizeof(des_key)); - if (ret < 0) { - krb5_free_principal(context, ed->entry.principal); - return ret; - } - if (ret < 8) { - krb5_free_principal(context, ed->entry.principal); - return EINVAL; - } - ed->entry.vno = kvno; - ret = krb5_data_copy (&ed->entry.keyblock.keyvalue, - des_key, sizeof(des_key)); - if (ret) - return ret; - ed->entry.timestamp = time(NULL); - ed->num = 0; - return 0; -} - -static krb5_error_code -krb4_kt_next_entry (krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry, - krb5_kt_cursor *c) -{ - krb5_error_code ret; - struct krb4_kt_data *d = id->data; - struct krb4_cursor_extra_data *ed = c->data; - const krb5_enctype keytypes[] = {ETYPE_DES_CBC_MD5, - ETYPE_DES_CBC_MD4, - ETYPE_DES_CBC_CRC}; - - if (ed->num == -1) { - ret = read_v4_entry (context, d, c, ed); - if (ret) - return ret; - } - ret = krb5_kt_copy_entry_contents (context, - &ed->entry, - entry); - if (ret) - return ret; - entry->keyblock.keytype = keytypes[ed->num]; - if (++ed->num == 3) { - krb5_kt_free_entry (context, &ed->entry); - ed->num = -1; - } - return 0; -} - -static krb5_error_code -krb4_kt_end_seq_get (krb5_context context, - krb5_keytab id, - krb5_kt_cursor *c) -{ - struct krb4_cursor_extra_data *ed = c->data; - - krb5_storage_free (c->sp); - if (ed->num != -1) - krb5_kt_free_entry (context, &ed->entry); - free (c->data); - close (c->fd); - return 0; -} - -static krb5_error_code -krb4_store_keytab_entry(krb5_context context, - krb5_keytab_entry *entry, - krb5_storage *sp) -{ - krb5_error_code ret; -#define ANAME_SZ 40 -#define INST_SZ 40 -#define REALM_SZ 40 - char service[ANAME_SZ]; - char instance[INST_SZ]; - char realm[REALM_SZ]; - ret = krb5_524_conv_principal (context, entry->principal, - service, instance, realm); - if (ret) - return ret; - if (entry->keyblock.keyvalue.length == 8 - && entry->keyblock.keytype == ETYPE_DES_CBC_MD5) { - ret = krb5_store_stringz(sp, service); - ret = krb5_store_stringz(sp, instance); - ret = krb5_store_stringz(sp, realm); - ret = krb5_store_int8(sp, entry->vno); - ret = krb5_storage_write(sp, entry->keyblock.keyvalue.data, 8); - } - return 0; -} - -static krb5_error_code -krb4_kt_add_entry (krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - struct krb4_kt_data *d = id->data; - krb5_storage *sp; - krb5_error_code ret; - int fd; - - fd = open_flock (d->filename, O_WRONLY | O_APPEND | O_BINARY, 0); - if (fd < 0) { - fd = open_flock (d->filename, - O_WRONLY | O_APPEND | O_BINARY | O_CREAT, 0600); - if (fd < 0) { - ret = errno; - krb5_set_error_string(context, "open(%s): %s", d->filename, - strerror(ret)); - return ret; - } - } - sp = krb5_storage_from_fd(fd); - if(sp == NULL) { - close(fd); - return ENOMEM; - } - krb5_storage_set_eof_code(sp, KRB5_KT_END); - ret = krb4_store_keytab_entry(context, entry, sp); - krb5_storage_free(sp); - if(close (fd) < 0) - return errno; - return ret; -} - -static krb5_error_code -krb4_kt_remove_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - struct krb4_kt_data *d = id->data; - krb5_error_code ret; - krb5_keytab_entry e; - krb5_kt_cursor cursor; - krb5_storage *sp; - int remove_flag = 0; - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - ret = krb5_kt_start_seq_get(context, id, &cursor); - if (ret) { - krb5_storage_free(sp); - return ret; - } - while(krb5_kt_next_entry(context, id, &e, &cursor) == 0) { - if(!krb5_kt_compare(context, &e, entry->principal, - entry->vno, entry->keyblock.keytype)) { - ret = krb4_store_keytab_entry(context, &e, sp); - if(ret) { - krb5_kt_free_entry(context, &e); - krb5_storage_free(sp); - return ret; - } - } else - remove_flag = 1; - krb5_kt_free_entry(context, &e); - } - krb5_kt_end_seq_get(context, id, &cursor); - if(remove_flag) { - int fd; - unsigned char buf[1024]; - ssize_t n; - krb5_data data; - struct stat st; - - krb5_storage_to_data(sp, &data); - krb5_storage_free(sp); - - fd = open_flock (d->filename, O_RDWR | O_BINARY, 0); - if(fd < 0) { - memset(data.data, 0, data.length); - krb5_data_free(&data); - if(errno == EACCES || errno == EROFS) - return KRB5_KT_NOWRITE; - return errno; - } - - if(write(fd, data.data, data.length) != data.length) { - memset(data.data, 0, data.length); - krb5_data_free(&data); - close(fd); - krb5_set_error_string(context, "failed writing to \"%s\"", d->filename); - return errno; - } - memset(data.data, 0, data.length); - if(fstat(fd, &st) < 0) { - krb5_data_free(&data); - close(fd); - krb5_set_error_string(context, "failed getting size of \"%s\"", d->filename); - return errno; - } - st.st_size -= data.length; - memset(buf, 0, sizeof(buf)); - while(st.st_size > 0) { - n = min(st.st_size, sizeof(buf)); - n = write(fd, buf, n); - if(n <= 0) { - krb5_data_free(&data); - close(fd); - krb5_set_error_string(context, "failed writing to \"%s\"", d->filename); - return errno; - - } - st.st_size -= n; - } - if(ftruncate(fd, data.length) < 0) { - krb5_data_free(&data); - close(fd); - krb5_set_error_string(context, "failed truncating \"%s\"", d->filename); - return errno; - } - krb5_data_free(&data); - if(close(fd) < 0) { - krb5_set_error_string(context, "error closing \"%s\"", d->filename); - return errno; - } - return 0; - } else { - krb5_storage_free(sp); - return KRB5_KT_NOTFOUND; - } -} - - -const krb5_kt_ops krb4_fkt_ops = { - "krb4", - krb4_kt_resolve, - krb4_kt_get_name, - krb4_kt_close, - NULL, /* get */ - krb4_kt_start_seq_get, - krb4_kt_next_entry, - krb4_kt_end_seq_get, - krb4_kt_add_entry, /* add_entry */ - krb4_kt_remove_entry /* remove_entry */ -}; - -const krb5_kt_ops krb5_srvtab_fkt_ops = { - "SRVTAB", - krb4_kt_resolve, - krb4_kt_get_name, - krb4_kt_close, - NULL, /* get */ - krb4_kt_start_seq_get, - krb4_kt_next_entry, - krb4_kt_end_seq_get, - krb4_kt_add_entry, /* add_entry */ - krb4_kt_remove_entry /* remove_entry */ -}; diff --git a/lib/krb5/keytab_memory.c b/lib/krb5/keytab_memory.c index 0ad8720c3fb8..0ee684d36382 100644 --- a/lib/krb5/keytab_memory.c +++ b/lib/krb5/keytab_memory.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: keytab_memory.c 16352 2005-12-05 18:39:46Z lha $"); - /* memory operations -------------------------------------------- */ struct mkt_data { @@ -45,14 +43,14 @@ struct mkt_data { struct mkt_data *next; }; -/* this mutex protects mkt_head, ->refcount, and ->next +/* this mutex protects mkt_head, ->refcount, and ->next * content is not protected (name is static and need no protection) */ static HEIMDAL_MUTEX mkt_mutex = HEIMDAL_MUTEX_INITIALIZER; static struct mkt_data *mkt_head; -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mkt_resolve(krb5_context context, const char *name, krb5_keytab id) { struct mkt_data *d; @@ -75,14 +73,16 @@ mkt_resolve(krb5_context context, const char *name, krb5_keytab id) d = calloc(1, sizeof(*d)); if(d == NULL) { HEIMDAL_MUTEX_unlock(&mkt_mutex); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } d->name = strdup(name); if (d->name == NULL) { HEIMDAL_MUTEX_unlock(&mkt_mutex); free(d); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } d->entries = NULL; @@ -95,7 +95,7 @@ mkt_resolve(krb5_context context, const char *name, krb5_keytab id) return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mkt_close(krb5_context context, krb5_keytab id) { struct mkt_data *d = id->data, **dp; @@ -103,7 +103,7 @@ mkt_close(krb5_context context, krb5_keytab id) HEIMDAL_MUTEX_lock(&mkt_mutex); if (d->refcount < 1) - krb5_abortx(context, + krb5_abortx(context, "krb5 internal error, memory keytab refcount < 1 on close"); if (--d->refcount > 0) { @@ -126,10 +126,10 @@ mkt_close(krb5_context context, krb5_keytab id) return 0; } -static krb5_error_code -mkt_get_name(krb5_context context, - krb5_keytab id, - char *name, +static krb5_error_code KRB5_CALLCONV +mkt_get_name(krb5_context context, + krb5_keytab id, + char *name, size_t namesize) { struct mkt_data *d = id->data; @@ -137,9 +137,9 @@ mkt_get_name(krb5_context context, return 0; } -static krb5_error_code -mkt_start_seq_get(krb5_context context, - krb5_keytab id, +static krb5_error_code KRB5_CALLCONV +mkt_start_seq_get(krb5_context context, + krb5_keytab id, krb5_kt_cursor *c) { /* XXX */ @@ -147,10 +147,10 @@ mkt_start_seq_get(krb5_context context, return 0; } -static krb5_error_code -mkt_next_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry, +static krb5_error_code KRB5_CALLCONV +mkt_next_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry, krb5_kt_cursor *c) { struct mkt_data *d = id->data; @@ -159,15 +159,15 @@ mkt_next_entry(krb5_context context, return krb5_kt_copy_entry_contents(context, &d->entries[c->fd++], entry); } -static krb5_error_code -mkt_end_seq_get(krb5_context context, +static krb5_error_code KRB5_CALLCONV +mkt_end_seq_get(krb5_context context, krb5_keytab id, krb5_kt_cursor *cursor) { return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mkt_add_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry) @@ -176,15 +176,16 @@ mkt_add_entry(krb5_context context, krb5_keytab_entry *tmp; tmp = realloc(d->entries, (d->num_entries + 1) * sizeof(*d->entries)); if(tmp == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } d->entries = tmp; - return krb5_kt_copy_entry_contents(context, entry, + return krb5_kt_copy_entry_contents(context, entry, &d->entries[d->num_entries++]); } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mkt_remove_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry) @@ -192,15 +193,15 @@ mkt_remove_entry(krb5_context context, struct mkt_data *d = id->data; krb5_keytab_entry *e, *end; int found = 0; - + if (d->num_entries == 0) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return KRB5_KT_NOTFOUND; } /* do this backwards to minimize copying */ for(end = d->entries + d->num_entries, e = end - 1; e >= d->entries; e--) { - if(krb5_kt_compare(context, e, entry->principal, + if(krb5_kt_compare(context, e, entry->principal, entry->vno, entry->keyblock.keytype)) { krb5_kt_free_entry(context, e); memmove(e, e + 1, (end - e - 1) * sizeof(*e)); @@ -211,7 +212,7 @@ mkt_remove_entry(krb5_context context, } } if (!found) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_KT_NOTFOUND; } e = realloc(d->entries, d->num_entries * sizeof(*d->entries)); @@ -225,6 +226,7 @@ const krb5_kt_ops krb5_mkt_ops = { mkt_resolve, mkt_get_name, mkt_close, + NULL, /* destroy */ NULL, /* get */ mkt_start_seq_get, mkt_next_entry, diff --git a/lib/krb5/krb5-private.h b/lib/krb5/krb5-private.h index 7e04446fe07c..a6500f38e3b5 100644 --- a/lib/krb5/krb5-private.h +++ b/lib/krb5/krb5-private.h @@ -4,14 +4,59 @@ #include -void KRB5_LIB_FUNCTION -_krb5_aes_cts_encrypt ( - const unsigned char */*in*/, - unsigned char */*out*/, +#if !defined(__GNUC__) && !defined(__attribute__) +#define __attribute__(x) +#endif + +#ifndef KRB5_DEPRECATED_FUNCTION +#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) +#define KRB5_DEPRECATED_FUNCTION(X) __attribute__((__deprecated__)) +#else +#define KRB5_DEPRECATED_FUNCTION(X) +#endif +#endif + + +void +_heim_krb5_ipc_client_clear_target (void); + +void +_heim_krb5_ipc_client_set_target_uid (uid_t /*uid*/); + +void +_krb5_DES3_random_to_key ( + krb5_context /*context*/, + krb5_keyblock */*key*/, + const void */*data*/, + size_t /*size*/); + +krb5_error_code +_krb5_HMAC_MD5_checksum ( + krb5_context /*context*/, + struct _krb5_key_data */*key*/, + const void */*data*/, size_t /*len*/, - const AES_KEY */*key*/, - unsigned char */*ivec*/, - const int /*encryptp*/); + unsigned /*usage*/, + Checksum */*result*/); + +krb5_error_code +_krb5_SP_HMAC_SHA1_checksum ( + krb5_context /*context*/, + struct _krb5_key_data */*key*/, + const void */*data*/, + size_t /*len*/, + unsigned /*usage*/, + Checksum */*result*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_build_authenticator ( + krb5_context /*context*/, + krb5_auth_context /*auth_context*/, + krb5_enctype /*enctype*/, + krb5_creds */*cred*/, + Checksum */*cksum*/, + krb5_data */*result*/, + krb5_key_usage /*usage*/); krb5_error_code _krb5_cc_allocate ( @@ -19,6 +64,53 @@ _krb5_cc_allocate ( const krb5_cc_ops */*ops*/, krb5_ccache */*id*/); +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_config_copy ( + krb5_context /*context*/, + krb5_config_section */*c*/, + krb5_config_section **/*head*/); + +KRB5_LIB_FUNCTION const void * KRB5_LIB_CALL +_krb5_config_get ( + krb5_context /*context*/, + const krb5_config_section */*c*/, + int /*type*/, + ...); + +krb5_config_section * +_krb5_config_get_entry ( + krb5_config_section **/*parent*/, + const char */*name*/, + int /*type*/); + +KRB5_LIB_FUNCTION const void * KRB5_LIB_CALL +_krb5_config_get_next ( + krb5_context /*context*/, + const krb5_config_section */*c*/, + const krb5_config_binding **/*pointer*/, + int /*type*/, + ...); + +const void * +_krb5_config_vget ( + krb5_context /*context*/, + const krb5_config_section */*c*/, + int /*type*/, + va_list /*args*/); + +KRB5_LIB_FUNCTION const void * KRB5_LIB_CALL +_krb5_config_vget_next ( + krb5_context /*context*/, + const krb5_config_section */*c*/, + const krb5_config_binding **/*pointer*/, + int /*type*/, + va_list /*args*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_copy_send_to_kdc_func ( + krb5_context /*context*/, + krb5_context /*to*/); + void _krb5_crc_init_table (void); @@ -28,6 +120,43 @@ _krb5_crc_update ( size_t /*len*/, uint32_t /*res*/); +void KRB5_LIB_FUNCTION +_krb5_debug ( + krb5_context /*context*/, + int /*level*/, + const char */*fmt*/, + ...) + __attribute__((format (printf, 3, 4))); + +void +_krb5_debug_backtrace (krb5_context /*context*/); + +krb5_error_code +_krb5_derive_key ( + krb5_context /*context*/, + struct _krb5_encryption_type */*et*/, + struct _krb5_key_data */*key*/, + const void */*constant*/, + size_t /*len*/); + +krb5_error_code +_krb5_des_checksum ( + krb5_context /*context*/, + const EVP_MD */*evp_md*/, + struct _krb5_key_data */*key*/, + const void */*data*/, + size_t /*len*/, + Checksum */*cksum*/); + +krb5_error_code +_krb5_des_verify ( + krb5_context /*context*/, + const EVP_MD */*evp_md*/, + struct _krb5_key_data */*key*/, + const void */*data*/, + size_t /*len*/, + Checksum */*C*/); + krb5_error_code _krb5_dh_group_ok ( krb5_context /*context*/, @@ -38,11 +167,47 @@ _krb5_dh_group_ok ( struct krb5_dh_moduli **/*moduli*/, char **/*name*/); -krb5_error_code KRB5_LIB_FUNCTION -_krb5_enctype_to_oid ( +krb5_error_code +_krb5_einval ( krb5_context /*context*/, - krb5_enctype /*etype*/, - heim_oid */*oid*/); + const char */*func*/, + unsigned long /*argn*/); + +krb5_error_code +_krb5_erase_file ( + krb5_context /*context*/, + const char */*filename*/); + +void +_krb5_evp_cleanup ( + krb5_context /*context*/, + struct _krb5_key_data */*kd*/); + +krb5_error_code +_krb5_evp_encrypt ( + krb5_context /*context*/, + struct _krb5_key_data */*key*/, + void */*data*/, + size_t /*len*/, + krb5_boolean /*encryptp*/, + int /*usage*/, + void */*ivec*/); + +krb5_error_code +_krb5_evp_encrypt_cts ( + krb5_context /*context*/, + struct _krb5_key_data */*key*/, + void */*data*/, + size_t /*len*/, + krb5_boolean /*encryptp*/, + int /*usage*/, + void */*ivec*/); + +void +_krb5_evp_schedule ( + krb5_context /*context*/, + struct _krb5_key_type */*kt*/, + struct _krb5_key_data */*kd*/); krb5_error_code _krb5_expand_default_cc_name ( @@ -50,6 +215,12 @@ _krb5_expand_default_cc_name ( const char */*str*/, char **/*res*/); +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_expand_path_tokens ( + krb5_context /*context*/, + const char */*path_in*/, + char **/*ppath_out*/); + int _krb5_extract_ticket ( krb5_context /*context*/, @@ -64,43 +235,57 @@ _krb5_extract_ticket ( krb5_decrypt_proc /*decrypt_proc*/, krb5_const_pointer /*decryptarg*/); +struct _krb5_checksum_type * +_krb5_find_checksum (krb5_cksumtype /*type*/); + +struct _krb5_encryption_type * +_krb5_find_enctype (krb5_enctype /*type*/); + +void +_krb5_free_key_data ( + krb5_context /*context*/, + struct _krb5_key_data */*key*/, + struct _krb5_encryption_type */*et*/); + void _krb5_free_krbhst_info (krb5_krbhst_info */*hi*/); void _krb5_free_moduli (struct krb5_dh_moduli **/*moduli*/); +krb5_error_code +_krb5_get_cred_kdc_any ( + krb5_context /*context*/, + krb5_kdc_flags /*flags*/, + krb5_ccache /*ccache*/, + krb5_creds */*in_creds*/, + krb5_principal /*impersonate_principal*/, + Ticket */*second_ticket*/, + krb5_creds **/*out_creds*/, + krb5_creds ***/*ret_tgts*/); + +char * +_krb5_get_default_cc_name_from_registry (void); + +char * +_krb5_get_default_config_config_files_from_registry (void); + krb5_error_code _krb5_get_default_principal_local ( krb5_context /*context*/, krb5_principal */*princ*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_get_host_realm_int ( krb5_context /*context*/, const char */*host*/, krb5_boolean /*use_dns*/, krb5_realm **/*realms*/); -krb5_error_code -_krb5_get_init_creds_opt_copy ( - krb5_context /*context*/, - const krb5_get_init_creds_opt */*in*/, - krb5_get_init_creds_opt **/*out*/); - -void KRB5_LIB_FUNCTION -_krb5_get_init_creds_opt_free_krb5_error (krb5_get_init_creds_opt */*opt*/); - -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL _krb5_get_init_creds_opt_free_pkinit (krb5_get_init_creds_opt */*opt*/); -void KRB5_LIB_FUNCTION -_krb5_get_init_creds_opt_set_krb5_error ( - krb5_context /*context*/, - krb5_get_init_creds_opt */*opt*/, - const KRB_ERROR */*error*/); - -krb5_ssize_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL _krb5_get_int ( void */*buffer*/, unsigned long */*value*/, @@ -113,27 +298,40 @@ _krb5_get_krbtgt ( krb5_realm /*realm*/, krb5_creds **/*cred*/); -krb5_error_code -_krb5_kcm_chmod ( +krb5_boolean KRB5_LIB_FUNCTION +_krb5_have_debug ( krb5_context /*context*/, - krb5_ccache /*id*/, - uint16_t /*mode*/); + int /*level*/); + +krb5_boolean +_krb5_homedir_access (krb5_context /*context*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_init_etype ( + krb5_context /*context*/, + krb5_pdu /*pdu_type*/, + unsigned */*len*/, + krb5_enctype **/*val*/, + const krb5_enctype */*etypes*/); krb5_error_code -_krb5_kcm_chown ( +_krb5_internal_hmac ( krb5_context /*context*/, - krb5_ccache /*id*/, - uint32_t /*uid*/, - uint32_t /*gid*/); + struct _krb5_checksum_type */*cm*/, + const void */*data*/, + size_t /*len*/, + unsigned /*usage*/, + struct _krb5_key_data */*keyblock*/, + Checksum */*result*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_kcm_get_initial_ticket ( krb5_context /*context*/, krb5_ccache /*id*/, krb5_principal /*server*/, krb5_keyblock */*key*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_kcm_get_ticket ( krb5_context /*context*/, krb5_ccache /*id*/, @@ -141,15 +339,15 @@ _krb5_kcm_get_ticket ( krb5_enctype /*enctype*/, krb5_principal /*server*/); -krb5_boolean +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL _krb5_kcm_is_running (krb5_context /*context*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_kcm_noop ( krb5_context /*context*/, krb5_ccache /*id*/); -krb5_error_code +krb5_error_code KRB5_CALLCONV _krb5_kdc_retry ( krb5_context /*context*/, krb5_sendto_ctx /*ctx*/, @@ -157,114 +355,33 @@ _krb5_kdc_retry ( const krb5_data */*reply*/, int */*action*/); -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_cr_err_reply ( - krb5_context /*context*/, - const char */*name*/, - const char */*inst*/, - const char */*realm*/, - uint32_t /*time_ws*/, - uint32_t /*e*/, - const char */*e_string*/, - krb5_data */*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_create_auth_reply ( - krb5_context /*context*/, - const char */*pname*/, - const char */*pinst*/, - const char */*prealm*/, - int32_t /*time_ws*/, - int /*n*/, - uint32_t /*x_date*/, - unsigned char /*kvno*/, - const krb5_data */*cipher*/, - krb5_data */*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_create_ciph ( - krb5_context /*context*/, - const krb5_keyblock */*session*/, - const char */*service*/, - const char */*instance*/, - const char */*realm*/, - uint32_t /*life*/, - unsigned char /*kvno*/, - const krb5_data */*ticket*/, - uint32_t /*kdc_time*/, - const krb5_keyblock */*key*/, - krb5_data */*enc_data*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_create_ticket ( - krb5_context /*context*/, - unsigned char /*flags*/, - const char */*pname*/, - const char */*pinstance*/, - const char */*prealm*/, - int32_t /*paddress*/, - const krb5_keyblock */*session*/, - int16_t /*life*/, - int32_t /*life_sec*/, - const char */*sname*/, - const char */*sinstance*/, - const krb5_keyblock */*key*/, - krb5_data */*enc_data*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_decomp_ticket ( - krb5_context /*context*/, - const krb5_data */*enc_ticket*/, - const krb5_keyblock */*key*/, - const char */*local_realm*/, - char **/*sname*/, - char **/*sinstance*/, - struct _krb5_krb_auth_data */*ad*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_dest_tkt ( - krb5_context /*context*/, - const char */*tkfile*/); - -void KRB5_LIB_FUNCTION -_krb5_krb_free_auth_data ( - krb5_context /*context*/, - struct _krb5_krb_auth_data */*ad*/); - -time_t KRB5_LIB_FUNCTION -_krb5_krb_life_to_time ( - int /*start*/, - int /*life_*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_rd_req ( - krb5_context /*context*/, - krb5_data */*authent*/, - const char */*service*/, - const char */*instance*/, - const char */*local_realm*/, - int32_t /*from_addr*/, - const krb5_keyblock */*key*/, - struct _krb5_krb_auth_data */*ad*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_tf_setup ( - krb5_context /*context*/, - struct credentials */*v4creds*/, - const char */*tkfile*/, - int /*append*/); - -int KRB5_LIB_FUNCTION -_krb5_krb_time_to_life ( - time_t /*start*/, - time_t /*end*/); - krb5_error_code _krb5_krbhost_info_move ( krb5_context /*context*/, krb5_krbhst_info */*from*/, krb5_krbhst_info **/*to*/); +const char * +_krb5_krbhst_get_realm (krb5_krbhst_handle /*handle*/); + +krb5_error_code +_krb5_kt_principal_not_found ( + krb5_context /*context*/, + krb5_error_code /*ret*/, + krb5_keytab /*id*/, + krb5_const_principal /*principal*/, + krb5_enctype /*enctype*/, + int /*kvno*/); + +krb5_error_code +_krb5_load_ccache_plugins (krb5_context /*context*/); + +void +_krb5_load_plugins ( + krb5_context /*context*/, + const char */*name*/, + const char **/*paths*/); + krb5_error_code _krb5_mk_req_internal ( krb5_context /*context*/, @@ -276,19 +393,13 @@ _krb5_mk_req_internal ( krb5_key_usage /*checksum_usage*/, krb5_key_usage /*encrypt_usage*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_n_fold ( const void */*str*/, size_t /*len*/, void */*key*/, size_t /*size*/); -krb5_error_code KRB5_LIB_FUNCTION -_krb5_oid_to_enctype ( - krb5_context /*context*/, - const heim_oid */*oid*/, - krb5_enctype */*etype*/); - krb5_error_code _krb5_pac_sign ( krb5_context /*context*/, @@ -313,15 +424,24 @@ _krb5_parse_moduli_line ( char */*p*/, struct krb5_dh_moduli **/*m*/); -void KRB5_LIB_FUNCTION -_krb5_pk_allow_proxy_certificate ( - struct krb5_pk_identity */*id*/, - int /*boolean*/); - -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL _krb5_pk_cert_free (struct krb5_pk_cert */*cert*/); -krb5_error_code KRB5_LIB_FUNCTION +krb5_error_code +_krb5_pk_kdf ( + krb5_context /*context*/, + const struct AlgorithmIdentifier */*ai*/, + const void */*dhdata*/, + size_t /*dhsize*/, + krb5_const_principal /*client*/, + krb5_const_principal /*server*/, + krb5_enctype /*enctype*/, + const krb5_data */*as_req*/, + const krb5_data */*pk_as_rep*/, + const Ticket */*ticket*/, + krb5_keyblock */*key*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_pk_load_id ( krb5_context /*context*/, struct krb5_pk_identity **/*ret_id*/, @@ -333,17 +453,19 @@ _krb5_pk_load_id ( void */*prompter_data*/, char */*password*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_pk_mk_ContentInfo ( krb5_context /*context*/, const krb5_data */*buf*/, const heim_oid */*oid*/, struct ContentInfo */*content_info*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_pk_mk_padata ( krb5_context /*context*/, void */*c*/, + int /*ic_flags*/, + int /*win2k*/, const KDC_REQ_BODY */*req_body*/, unsigned /*nonce*/, METHOD_DATA */*md*/); @@ -358,7 +480,7 @@ _krb5_pk_octetstring2key ( const heim_octet_string */*k_n*/, krb5_keyblock */*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_pk_rd_pa_reply ( krb5_context /*context*/, const char */*realm*/, @@ -370,16 +492,6 @@ _krb5_pk_rd_pa_reply ( PA_DATA */*pa*/, krb5_keyblock **/*key*/); -krb5_error_code KRB5_LIB_FUNCTION -_krb5_pk_verify_sign ( - krb5_context /*context*/, - const void */*data*/, - size_t /*length*/, - struct krb5_pk_identity */*id*/, - heim_oid */*contentType*/, - krb5_data */*content*/, - struct krb5_pk_cert **/*signer*/); - krb5_error_code _krb5_plugin_find ( krb5_context /*context*/, @@ -396,30 +508,41 @@ _krb5_plugin_get_next (struct krb5_plugin */*p*/); void * _krb5_plugin_get_symbol (struct krb5_plugin */*p*/); -krb5_error_code KRB5_LIB_FUNCTION +krb5_error_code +_krb5_plugin_run_f ( + krb5_context /*context*/, + const char */*module*/, + const char */*name*/, + int /*min_version*/, + int /*flags*/, + void */*userctx*/, + krb5_error_code (*/*func*/)(krb5_context, const void *, void *, void *)); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_principal2principalname ( PrincipalName */*p*/, const krb5_principal /*from*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +_krb5_principal_compare_PrincipalName ( + krb5_context /*context*/, + krb5_const_principal /*princ1*/, + PrincipalName */*princ2*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_principalname2krb5_principal ( krb5_context /*context*/, krb5_principal */*principal*/, const PrincipalName /*from*/, const Realm /*realm*/); -krb5_ssize_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL _krb5_put_int ( void */*buffer*/, unsigned long /*value*/, size_t /*size*/); -krb5_error_code KRB5_LIB_FUNCTION -_krb5_rd_req_out_ctx_alloc ( - krb5_context /*context*/, - krb5_rd_req_out_ctx */*ctx*/); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_s4u2self_to_checksumdata ( krb5_context /*context*/, const PA_S4U2Self */*self*/, @@ -427,11 +550,21 @@ _krb5_s4u2self_to_checksumdata ( int _krb5_send_and_recv_tcp ( - int /*fd*/, + krb5_socket_t /*fd*/, time_t /*tmout*/, const krb5_data */*req*/, krb5_data */*rep*/); +void +_krb5_unload_plugins ( + krb5_context /*context*/, + const char */*name*/); + +krb5_error_code +_krb5_usage2arcfour ( + krb5_context /*context*/, + unsigned */*usage*/); + int _krb5_xlock ( krb5_context /*context*/, @@ -439,9 +572,17 @@ _krb5_xlock ( krb5_boolean /*exclusive*/, const char */*filename*/); +void +_krb5_xor ( + DES_cblock */*key*/, + const unsigned char */*b*/); + int _krb5_xunlock ( krb5_context /*context*/, int /*fd*/); +#undef KRB5_DEPRECATED_FUNCTION +#define KRB5_DEPRECATED_FUNCTION(X) + #endif /* __krb5_private_h__ */ diff --git a/lib/krb5/krb5-protos.h b/lib/krb5/krb5-protos.h index 647d8886b7cc..c72e796afe20 100644 --- a/lib/krb5/krb5-protos.h +++ b/lib/krb5/krb5-protos.h @@ -8,119 +8,98 @@ #define __attribute__(x) #endif +#ifndef KRB5_DEPRECATED_FUNCTION +#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) +#define KRB5_DEPRECATED_FUNCTION(X) __attribute__((__deprecated__)) +#else +#define KRB5_DEPRECATED_FUNCTION(X) +#endif +#endif + + #ifdef __cplusplus extern "C" { #endif +#ifndef KRB5_LIB #ifndef KRB5_LIB_FUNCTION #if defined(_WIN32) -#define KRB5_LIB_FUNCTION _stdcall +#define KRB5_LIB_FUNCTION __declspec(dllimport) +#define KRB5_LIB_CALL __stdcall +#define KRB5_LIB_VARIABLE __declspec(dllimport) #else #define KRB5_LIB_FUNCTION +#define KRB5_LIB_CALL +#define KRB5_LIB_VARIABLE #endif #endif - -krb5_error_code KRB5_LIB_FUNCTION +#endif +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb524_convert_creds_kdc ( krb5_context /*context*/, krb5_creds */*in_cred*/, - struct credentials */*v4creds*/); + struct credentials */*v4creds*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb524_convert_creds_kdc_ccache ( krb5_context /*context*/, krb5_ccache /*ccache*/, krb5_creds */*in_cred*/, - struct credentials */*v4creds*/); + struct credentials */*v4creds*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal ( - krb5_context /*context*/, - const char */*name*/, - const char */*instance*/, - const char */*realm*/, - krb5_principal */*princ*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal_ext ( - krb5_context /*context*/, - const char */*name*/, - const char */*instance*/, - const char */*realm*/, - krb5_boolean (*/*func*/)(krb5_context, krb5_principal), - krb5_boolean /*resolve*/, - krb5_principal */*principal*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal_ext2 ( - krb5_context /*context*/, - const char */*name*/, - const char */*instance*/, - const char */*realm*/, - krb5_boolean (*/*func*/)(krb5_context, void *, krb5_principal), - void */*funcctx*/, - krb5_boolean /*resolve*/, - krb5_principal */*princ*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_524_conv_principal ( - krb5_context /*context*/, - const krb5_principal /*principal*/, - char */*name*/, - char */*instance*/, - char */*realm*/); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_abort ( krb5_context /*context*/, krb5_error_code /*code*/, const char */*fmt*/, ...) - __attribute__ ((noreturn, format (printf, 3, 4))); + __attribute__ ((noreturn, format (printf, 3, 4))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_abortx ( krb5_context /*context*/, const char */*fmt*/, ...) - __attribute__ ((noreturn, format (printf, 2, 3))); + __attribute__ ((noreturn, format (printf, 2, 3))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_acl_match_file ( krb5_context /*context*/, const char */*file*/, const char */*format*/, ...); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_acl_match_string ( krb5_context /*context*/, const char */*string*/, const char */*format*/, ...); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_et_list ( krb5_context /*context*/, void (*/*func*/)(struct et_list **)); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_extra_addresses ( krb5_context /*context*/, krb5_addresses */*addresses*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_ignore_addresses ( krb5_context /*context*/, krb5_addresses */*addresses*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_addlog_dest ( krb5_context /*context*/, krb5_log_facility */*f*/, const char */*orig*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_addlog_func ( krb5_context /*context*/, krb5_log_facility */*fac*/, @@ -130,7 +109,7 @@ krb5_addlog_func ( krb5_log_close_func_t /*close_func*/, void */*data*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_addr2sockaddr ( krb5_context /*context*/, const krb5_address */*addr*/, @@ -138,19 +117,19 @@ krb5_addr2sockaddr ( krb5_socklen_t */*sa_size*/, int /*port*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_address_compare ( krb5_context /*context*/, const krb5_address */*addr1*/, const krb5_address */*addr2*/); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_address_order ( krb5_context /*context*/, const krb5_address */*addr1*/, const krb5_address */*addr2*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_address_prefixlen_boundary ( krb5_context /*context*/, const krb5_address */*inaddr*/, @@ -158,20 +137,25 @@ krb5_address_prefixlen_boundary ( krb5_address */*low*/, krb5_address */*high*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_address_search ( krb5_context /*context*/, const krb5_address */*addr*/, const krb5_addresses */*addrlist*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_allow_weak_crypto ( + krb5_context /*context*/, + krb5_boolean /*enable*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_aname_to_localname ( krb5_context /*context*/, krb5_const_principal /*aname*/, size_t /*lnsize*/, char */*lname*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_anyaddr ( krb5_context /*context*/, int /*af*/, @@ -179,7 +163,7 @@ krb5_anyaddr ( krb5_socklen_t */*sa_size*/, int /*port*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_appdefault_boolean ( krb5_context /*context*/, const char */*appname*/, @@ -188,7 +172,7 @@ krb5_appdefault_boolean ( krb5_boolean /*def_val*/, krb5_boolean */*ret_val*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_appdefault_string ( krb5_context /*context*/, const char */*appname*/, @@ -197,7 +181,7 @@ krb5_appdefault_string ( const char */*def_val*/, char **/*ret_val*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_appdefault_time ( krb5_context /*context*/, const char */*appname*/, @@ -206,190 +190,221 @@ krb5_appdefault_time ( time_t /*def_val*/, time_t */*ret_val*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_append_addresses ( krb5_context /*context*/, krb5_addresses */*dest*/, const krb5_addresses */*source*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_addflags ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, int32_t /*addflags*/, int32_t */*flags*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_free ( krb5_context /*context*/, krb5_auth_context /*auth_context*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_genaddrs ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, - int /*fd*/, + krb5_socket_t /*fd*/, int /*flags*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_generatelocalsubkey ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_keyblock */*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getaddrs ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_address **/*local_addr*/, krb5_address **/*remote_addr*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getauthenticator ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_authenticator */*authenticator*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getcksumtype ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_cksumtype */*cksumtype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getflags ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, int32_t */*flags*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getkey ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_keyblock **/*keyblock*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getkeytype ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_keytype */*keytype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getlocalseqnumber ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, int32_t */*seqnumber*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getlocalsubkey ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_keyblock **/*keyblock*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getrcache ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_rcache */*rcache*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_auth_con_getrecvsubkey ( + krb5_context /*context*/, + krb5_auth_context /*auth_context*/, + krb5_keyblock **/*keyblock*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_auth_con_getremoteseqnumber ( + krb5_context /*context*/, + krb5_auth_context /*auth_context*/, + int32_t */*seqnumber*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_getremotesubkey ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_keyblock **/*keyblock*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_auth_con_getsendsubkey ( + krb5_context /*context*/, + krb5_auth_context /*auth_context*/, + krb5_keyblock **/*keyblock*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_init ( krb5_context /*context*/, krb5_auth_context */*auth_context*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_removeflags ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, int32_t /*removeflags*/, int32_t */*flags*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setaddrs ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_address */*local_addr*/, krb5_address */*remote_addr*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setaddrs_from_fd ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, void */*p_fd*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setcksumtype ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_cksumtype /*cksumtype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setflags ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, int32_t /*flags*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setkey ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_keyblock */*keyblock*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setkeytype ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_keytype /*keytype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setlocalseqnumber ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, int32_t /*seqnumber*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setlocalsubkey ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_keyblock */*keyblock*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setrcache ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_rcache /*rcache*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_auth_con_setrecvsubkey ( + krb5_context /*context*/, + krb5_auth_context /*auth_context*/, + krb5_keyblock */*keyblock*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setremoteseqnumber ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, int32_t /*seqnumber*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setremotesubkey ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_keyblock */*keyblock*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_auth_con_setsendsubkey ( + krb5_context /*context*/, + krb5_auth_context /*auth_context*/, + krb5_keyblock */*keyblock*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_con_setuserkey ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_keyblock */*keyblock*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_auth_getremoteseqnumber ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, - int32_t */*seqnumber*/); + int32_t */*seqnumber*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_build_ap_req ( krb5_context /*context*/, krb5_enctype /*enctype*/, @@ -398,18 +413,7 @@ krb5_build_ap_req ( krb5_data /*authenticator*/, krb5_data */*retdata*/); -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_authenticator ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_enctype /*enctype*/, - krb5_creds */*cred*/, - Checksum */*cksum*/, - Authenticator **/*auth_result*/, - krb5_data */*result*/, - krb5_key_usage /*usage*/); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_build_principal ( krb5_context /*context*/, krb5_principal */*principal*/, @@ -417,7 +421,7 @@ krb5_build_principal ( krb5_const_realm /*realm*/, ...); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_build_principal_ext ( krb5_context /*context*/, krb5_principal */*principal*/, @@ -425,7 +429,7 @@ krb5_build_principal_ext ( krb5_const_realm /*realm*/, ...); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_build_principal_va ( krb5_context /*context*/, krb5_principal */*principal*/, @@ -433,7 +437,7 @@ krb5_build_principal_va ( krb5_const_realm /*realm*/, va_list /*ap*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_build_principal_va_ext ( krb5_context /*context*/, krb5_principal */*principal*/, @@ -441,19 +445,19 @@ krb5_build_principal_va_ext ( krb5_const_realm /*realm*/, va_list /*ap*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_block_size ( krb5_context /*context*/, krb5_enctype /*enctype*/, size_t */*blocksize*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_checksum_length ( krb5_context /*context*/, krb5_cksumtype /*cksumtype*/, size_t */*length*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_decrypt ( krb5_context /*context*/, const krb5_keyblock /*key*/, @@ -462,7 +466,7 @@ krb5_c_decrypt ( krb5_enc_data */*input*/, krb5_data */*output*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_encrypt ( krb5_context /*context*/, const krb5_keyblock */*key*/, @@ -471,41 +475,42 @@ krb5_c_encrypt ( const krb5_data */*input*/, krb5_enc_data */*output*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_encrypt_length ( krb5_context /*context*/, krb5_enctype /*enctype*/, size_t /*inputlen*/, size_t */*length*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_enctype_compare ( krb5_context /*context*/, krb5_enctype /*e1*/, krb5_enctype /*e2*/, - krb5_boolean */*similar*/); + krb5_boolean */*similar*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_get_checksum ( krb5_context /*context*/, const krb5_checksum */*cksum*/, krb5_cksumtype */*type*/, krb5_data **/*data*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_c_is_coll_proof_cksum (krb5_cksumtype /*ctype*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_c_is_keyed_cksum (krb5_cksumtype /*ctype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_keylengths ( krb5_context /*context*/, krb5_enctype /*enctype*/, size_t */*ilen*/, size_t */*keylen*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_make_checksum ( krb5_context /*context*/, krb5_cksumtype /*cksumtype*/, @@ -514,39 +519,44 @@ krb5_c_make_checksum ( const krb5_data */*input*/, krb5_checksum */*cksum*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_make_random_key ( krb5_context /*context*/, krb5_enctype /*enctype*/, krb5_keyblock */*random_key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_prf ( krb5_context /*context*/, const krb5_keyblock */*key*/, const krb5_data */*input*/, krb5_data */*output*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_prf_length ( krb5_context /*context*/, krb5_enctype /*type*/, size_t */*length*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_c_random_make_octets ( + krb5_context /*context*/, + krb5_data * /*data*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_set_checksum ( krb5_context /*context*/, krb5_checksum */*cksum*/, krb5_cksumtype /*type*/, const krb5_data */*data*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_c_valid_cksumtype (krb5_cksumtype /*ctype*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_c_valid_enctype (krb5_enctype /*etype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_verify_checksum ( krb5_context /*context*/, const krb5_keyblock */*key*/, @@ -555,170 +565,205 @@ krb5_c_verify_checksum ( const krb5_checksum */*cksum*/, krb5_boolean */*valid*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_end_seq_get ( krb5_context /*context*/, krb5_cc_cache_cursor /*cursor*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_get_first ( krb5_context /*context*/, const char */*type*/, krb5_cc_cache_cursor */*cursor*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_match ( krb5_context /*context*/, krb5_principal /*client*/, - const char */*type*/, krb5_ccache */*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_cache_next ( krb5_context /*context*/, krb5_cc_cache_cursor /*cursor*/, krb5_ccache */*id*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_cc_clear_mcred (krb5_creds */*mcred*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_close ( krb5_context /*context*/, krb5_ccache /*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_copy_cache ( krb5_context /*context*/, const krb5_ccache /*from*/, krb5_ccache /*to*/); -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_copy_cache_match ( +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_copy_creds ( + krb5_context /*context*/, + const krb5_ccache /*from*/, + krb5_ccache /*to*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_copy_match_f ( krb5_context /*context*/, const krb5_ccache /*from*/, krb5_ccache /*to*/, - krb5_flags /*whichfields*/, - const krb5_creds * /*mcreds*/, + krb5_boolean (*/*match*/)(krb5_context, void *, const krb5_creds *), + void */*matchctx*/, unsigned int */*matched*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_default ( krb5_context /*context*/, krb5_ccache */*id*/); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_cc_default_name (krb5_context /*context*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_destroy ( krb5_context /*context*/, krb5_ccache /*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_end_seq_get ( krb5_context /*context*/, const krb5_ccache /*id*/, krb5_cc_cursor */*cursor*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_gen_new ( krb5_context /*context*/, const krb5_cc_ops */*ops*/, - krb5_ccache */*id*/); + krb5_ccache */*id*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_get_config ( + krb5_context /*context*/, + krb5_ccache /*id*/, + krb5_const_principal /*principal*/, + const char */*name*/, + krb5_data */*data*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_get_flags ( + krb5_context /*context*/, + krb5_ccache /*id*/, + krb5_flags */*flags*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_get_friendly_name ( + krb5_context /*context*/, + krb5_ccache /*id*/, + char **/*name*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_full_name ( krb5_context /*context*/, krb5_ccache /*id*/, char **/*str*/); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_get_kdc_offset ( + krb5_context /*context*/, + krb5_ccache /*id*/, + krb5_deltat */*offset*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_get_lifetime ( + krb5_context /*context*/, + krb5_ccache /*id*/, + time_t */*t*/); + +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_cc_get_name ( krb5_context /*context*/, krb5_ccache /*id*/); -const krb5_cc_ops * +KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL krb5_cc_get_ops ( krb5_context /*context*/, krb5_ccache /*id*/); -const krb5_cc_ops * +KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL krb5_cc_get_prefix_ops ( krb5_context /*context*/, const char */*prefix*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_principal ( krb5_context /*context*/, krb5_ccache /*id*/, krb5_principal */*principal*/); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_cc_get_type ( krb5_context /*context*/, krb5_ccache /*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_get_version ( krb5_context /*context*/, const krb5_ccache /*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_initialize ( krb5_context /*context*/, krb5_ccache /*id*/, krb5_principal /*primary_principal*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_last_change_time ( + krb5_context /*context*/, + krb5_ccache /*id*/, + krb5_timestamp */*mtime*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_move ( krb5_context /*context*/, krb5_ccache /*from*/, krb5_ccache /*to*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_new_unique ( krb5_context /*context*/, const char */*type*/, const char */*hint*/, krb5_ccache */*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_next_cred ( krb5_context /*context*/, const krb5_ccache /*id*/, krb5_cc_cursor */*cursor*/, krb5_creds */*creds*/); -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_next_cred_match ( - krb5_context /*context*/, - const krb5_ccache /*id*/, - krb5_cc_cursor * /*cursor*/, - krb5_creds * /*creds*/, - krb5_flags /*whichfields*/, - const krb5_creds * /*mcreds*/); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_register ( krb5_context /*context*/, const krb5_cc_ops */*ops*/, krb5_boolean /*override*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_remove_cred ( krb5_context /*context*/, krb5_ccache /*id*/, krb5_flags /*which*/, krb5_creds */*cred*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_resolve ( krb5_context /*context*/, const char */*name*/, krb5_ccache */*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_retrieve_cred ( krb5_context /*context*/, krb5_ccache /*id*/, @@ -726,351 +771,390 @@ krb5_cc_retrieve_cred ( const krb5_creds */*mcreds*/, krb5_creds */*creds*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_set_config ( + krb5_context /*context*/, + krb5_ccache /*id*/, + krb5_const_principal /*principal*/, + const char */*name*/, + krb5_data */*data*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_default_name ( krb5_context /*context*/, const char */*name*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_set_flags ( krb5_context /*context*/, krb5_ccache /*id*/, krb5_flags /*flags*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_set_friendly_name ( + krb5_context /*context*/, + krb5_ccache /*id*/, + const char */*name*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_set_kdc_offset ( + krb5_context /*context*/, + krb5_ccache /*id*/, + krb5_deltat /*offset*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_start_seq_get ( krb5_context /*context*/, const krb5_ccache /*id*/, krb5_cc_cursor */*cursor*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_store_cred ( krb5_context /*context*/, krb5_ccache /*id*/, krb5_creds */*creds*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_cc_support_switch ( + krb5_context /*context*/, + const char */*type*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_switch ( + krb5_context /*context*/, + krb5_ccache /*id*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cccol_cursor_free ( + krb5_context /*context*/, + krb5_cccol_cursor */*cursor*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cccol_cursor_new ( + krb5_context /*context*/, + krb5_cccol_cursor */*cursor*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cccol_cursor_next ( + krb5_context /*context*/, + krb5_cccol_cursor /*cursor*/, + krb5_ccache */*cache*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cccol_last_change_time ( + krb5_context /*context*/, + const char */*type*/, + krb5_timestamp */*mtime*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_change_password ( krb5_context /*context*/, krb5_creds */*creds*/, const char */*newpw*/, int */*result_code*/, krb5_data */*result_code_string*/, - krb5_data */*result_string*/); + krb5_data */*result_string*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_check_transited ( krb5_context /*context*/, krb5_const_realm /*client_realm*/, krb5_const_realm /*server_realm*/, krb5_realm */*realms*/, - int /*num_realms*/, + unsigned int /*num_realms*/, int */*bad_realm*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_check_transited_realms ( krb5_context /*context*/, const char *const */*realms*/, - int /*num_realms*/, + unsigned int /*num_realms*/, int */*bad_realm*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_checksum_disable ( krb5_context /*context*/, krb5_cksumtype /*type*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_checksum_free ( krb5_context /*context*/, krb5_checksum */*cksum*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_checksum_is_collision_proof ( krb5_context /*context*/, krb5_cksumtype /*type*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_checksum_is_keyed ( krb5_context /*context*/, krb5_cksumtype /*type*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_checksumsize ( krb5_context /*context*/, krb5_cksumtype /*type*/, size_t */*size*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cksumtype_to_enctype ( + krb5_context /*context*/, + krb5_cksumtype /*ctype*/, + krb5_enctype */*etype*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cksumtype_valid ( krb5_context /*context*/, krb5_cksumtype /*ctype*/); -void KRB5_LIB_FUNCTION -krb5_clear_error_string (krb5_context /*context*/); +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_clear_error_message (krb5_context /*context*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_clear_error_string (krb5_context /*context*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_closelog ( krb5_context /*context*/, krb5_log_facility */*fac*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_compare_creds ( krb5_context /*context*/, krb5_flags /*whichfields*/, const krb5_creds * /*mcreds*/, const krb5_creds * /*creds*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_file_free ( krb5_context /*context*/, krb5_config_section */*s*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_config_free_strings (char **/*strings*/); -const void * -krb5_config_get ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - int /*type*/, - ...); - -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_get_bool ( krb5_context /*context*/, const krb5_config_section */*c*/, ...); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_get_bool_default ( krb5_context /*context*/, const krb5_config_section */*c*/, krb5_boolean /*def_value*/, ...); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_int ( krb5_context /*context*/, const krb5_config_section */*c*/, ...); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_int_default ( krb5_context /*context*/, const krb5_config_section */*c*/, int /*def_value*/, ...); -const krb5_config_binding * +KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL krb5_config_get_list ( krb5_context /*context*/, const krb5_config_section */*c*/, ...); -const void * -krb5_config_get_next ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - const krb5_config_binding **/*pointer*/, - int /*type*/, - ...); - -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_get_string ( krb5_context /*context*/, const krb5_config_section */*c*/, ...); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_get_string_default ( krb5_context /*context*/, const krb5_config_section */*c*/, const char */*def_value*/, ...); -char** +KRB5_LIB_FUNCTION char** KRB5_LIB_CALL krb5_config_get_strings ( krb5_context /*context*/, const krb5_config_section */*c*/, ...); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_time ( krb5_context /*context*/, const krb5_config_section */*c*/, ...); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_get_time_default ( krb5_context /*context*/, const krb5_config_section */*c*/, int /*def_value*/, ...); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_parse_file ( krb5_context /*context*/, const char */*fname*/, krb5_config_section **/*res*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_parse_file_multi ( krb5_context /*context*/, const char */*fname*/, krb5_config_section **/*res*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_config_parse_string_multi ( krb5_context /*context*/, const char */*string*/, - krb5_config_section **/*res*/); + krb5_config_section **/*res*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -const void * -krb5_config_vget ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - int /*type*/, - va_list /*args*/); - -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_vget_bool ( krb5_context /*context*/, const krb5_config_section */*c*/, va_list /*args*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_config_vget_bool_default ( krb5_context /*context*/, const krb5_config_section */*c*/, krb5_boolean /*def_value*/, va_list /*args*/); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_int ( krb5_context /*context*/, const krb5_config_section */*c*/, va_list /*args*/); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_int_default ( krb5_context /*context*/, const krb5_config_section */*c*/, int /*def_value*/, va_list /*args*/); -const krb5_config_binding * +KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL krb5_config_vget_list ( krb5_context /*context*/, const krb5_config_section */*c*/, va_list /*args*/); -const void * -krb5_config_vget_next ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - const krb5_config_binding **/*pointer*/, - int /*type*/, - va_list /*args*/); - -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_vget_string ( krb5_context /*context*/, const krb5_config_section */*c*/, va_list /*args*/); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_config_vget_string_default ( krb5_context /*context*/, const krb5_config_section */*c*/, const char */*def_value*/, va_list /*args*/); -char ** KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION char ** KRB5_LIB_CALL krb5_config_vget_strings ( krb5_context /*context*/, const krb5_config_section */*c*/, va_list /*args*/); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_time ( krb5_context /*context*/, const krb5_config_section */*c*/, va_list /*args*/); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_config_vget_time_default ( krb5_context /*context*/, const krb5_config_section */*c*/, int /*def_value*/, va_list /*args*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_address ( krb5_context /*context*/, const krb5_address */*inaddr*/, krb5_address */*outaddr*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_addresses ( krb5_context /*context*/, const krb5_addresses */*inaddr*/, krb5_addresses */*outaddr*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_checksum ( krb5_context /*context*/, const krb5_checksum */*old*/, krb5_checksum **/*new*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_copy_context ( + krb5_context /*context*/, + krb5_context */*out*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_creds ( krb5_context /*context*/, const krb5_creds */*incred*/, krb5_creds **/*outcred*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_creds_contents ( krb5_context /*context*/, const krb5_creds */*incred*/, krb5_creds */*c*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_data ( krb5_context /*context*/, const krb5_data */*indata*/, krb5_data **/*outdata*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_host_realm ( krb5_context /*context*/, const krb5_realm */*from*/, krb5_realm **/*to*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_keyblock ( krb5_context /*context*/, const krb5_keyblock */*inblock*/, krb5_keyblock **/*to*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_keyblock_contents ( krb5_context /*context*/, const krb5_keyblock */*inblock*/, krb5_keyblock */*to*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_principal ( krb5_context /*context*/, krb5_const_principal /*inprinc*/, krb5_principal */*outprinc*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_ticket ( krb5_context /*context*/, const krb5_ticket */*from*/, krb5_ticket **/*to*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_create_checksum ( krb5_context /*context*/, krb5_crypto /*crypto*/, @@ -1080,164 +1164,213 @@ krb5_create_checksum ( size_t /*len*/, Checksum */*result*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_create_checksum_iov ( + krb5_context /*context*/, + krb5_crypto /*crypto*/, + unsigned /*usage*/, + krb5_crypto_iov */*data*/, + unsigned int /*num_data*/, + krb5_cksumtype */*type*/); + +KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL +krb5_creds_get_ticket_flags (krb5_creds */*creds*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_destroy ( krb5_context /*context*/, krb5_crypto /*crypto*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_crypto_fx_cf2 ( + krb5_context /*context*/, + const krb5_crypto /*crypto1*/, + const krb5_crypto /*crypto2*/, + krb5_data */*pepper1*/, + krb5_data */*pepper2*/, + krb5_enctype /*enctype*/, + krb5_keyblock */*res*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_get_checksum_type ( krb5_context /*context*/, krb5_crypto /*crypto*/, krb5_cksumtype */*type*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getblocksize ( krb5_context /*context*/, krb5_crypto /*crypto*/, size_t */*blocksize*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getconfoundersize ( krb5_context /*context*/, krb5_crypto /*crypto*/, size_t */*confoundersize*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getenctype ( krb5_context /*context*/, krb5_crypto /*crypto*/, krb5_enctype */*enctype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_getpadsize ( krb5_context /*context*/, krb5_crypto /*crypto*/, size_t */*padsize*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_init ( krb5_context /*context*/, const krb5_keyblock */*key*/, krb5_enctype /*etype*/, krb5_crypto */*crypto*/); -size_t +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_crypto_length ( + krb5_context /*context*/, + krb5_crypto /*crypto*/, + int /*type*/, + size_t */*len*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_crypto_length_iov ( + krb5_context /*context*/, + krb5_crypto /*crypto*/, + krb5_crypto_iov */*data*/, + unsigned int /*num_data*/); + +KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL krb5_crypto_overhead ( krb5_context /*context*/, krb5_crypto /*crypto*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_prf ( krb5_context /*context*/, const krb5_crypto /*crypto*/, const krb5_data */*input*/, krb5_data */*output*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_crypto_prf_length ( krb5_context /*context*/, krb5_enctype /*type*/, size_t */*length*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_data_alloc ( krb5_data */*p*/, int /*len*/); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_data_cmp ( const krb5_data */*data1*/, const krb5_data */*data2*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_data_copy ( krb5_data */*p*/, const void */*data*/, size_t /*len*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL +krb5_data_ct_cmp ( + const krb5_data */*data1*/, + const krb5_data */*data2*/); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_data_free (krb5_data */*p*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_data_realloc ( krb5_data */*p*/, int /*len*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_data_zero (krb5_data */*p*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_Authenticator ( krb5_context /*context*/, const void */*data*/, size_t /*length*/, Authenticator */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_ETYPE_INFO ( krb5_context /*context*/, const void */*data*/, size_t /*length*/, ETYPE_INFO */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_ETYPE_INFO2 ( krb5_context /*context*/, const void */*data*/, size_t /*length*/, ETYPE_INFO2 */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_EncAPRepPart ( krb5_context /*context*/, const void */*data*/, size_t /*length*/, EncAPRepPart */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_EncASRepPart ( krb5_context /*context*/, const void */*data*/, size_t /*length*/, EncASRepPart */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_EncKrbCredPart ( krb5_context /*context*/, const void */*data*/, size_t /*length*/, EncKrbCredPart */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_EncTGSRepPart ( krb5_context /*context*/, const void */*data*/, size_t /*length*/, EncTGSRepPart */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_EncTicketPart ( krb5_context /*context*/, const void */*data*/, size_t /*length*/, EncTicketPart */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_ap_req ( krb5_context /*context*/, const krb5_data */*inbuf*/, krb5_ap_req */*ap_req*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decrypt ( krb5_context /*context*/, krb5_crypto /*crypto*/, @@ -1246,7 +1379,7 @@ krb5_decrypt ( size_t /*len*/, krb5_data */*result*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decrypt_EncryptedData ( krb5_context /*context*/, krb5_crypto /*crypto*/, @@ -1254,7 +1387,16 @@ krb5_decrypt_EncryptedData ( const EncryptedData */*e*/, krb5_data */*result*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_decrypt_iov_ivec ( + krb5_context /*context*/, + krb5_crypto /*crypto*/, + unsigned /*usage*/, + krb5_crypto_iov */*data*/, + unsigned int /*num_data*/, + void */*ivec*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decrypt_ivec ( krb5_context /*context*/, krb5_crypto /*crypto*/, @@ -1264,7 +1406,7 @@ krb5_decrypt_ivec ( krb5_data */*result*/, void */*ivec*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decrypt_ticket ( krb5_context /*context*/, Ticket */*ticket*/, @@ -1272,7 +1414,7 @@ krb5_decrypt_ticket ( EncTicketPart */*out*/, krb5_flags /*flags*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_derive_key ( krb5_context /*context*/, const krb5_keyblock */*key*/, @@ -1281,267 +1423,275 @@ krb5_derive_key ( size_t /*constant_len*/, krb5_keyblock **/*derived_key*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_alloc ( krb5_context /*context*/, krb5_digest */*digest*/); -void +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_digest_free (krb5_digest /*digest*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_get_client_binding ( krb5_context /*context*/, krb5_digest /*digest*/, char **/*type*/, char **/*binding*/); -const char * +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL krb5_digest_get_identifier ( krb5_context /*context*/, krb5_digest /*digest*/); -const char * +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL krb5_digest_get_opaque ( krb5_context /*context*/, krb5_digest /*digest*/); -const char * +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL krb5_digest_get_rsp ( krb5_context /*context*/, krb5_digest /*digest*/); -const char * +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL krb5_digest_get_server_nonce ( krb5_context /*context*/, krb5_digest /*digest*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_get_session_key ( krb5_context /*context*/, krb5_digest /*digest*/, krb5_data */*data*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_get_tickets ( krb5_context /*context*/, krb5_digest /*digest*/, Ticket **/*tickets*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_init_request ( krb5_context /*context*/, krb5_digest /*digest*/, krb5_realm /*realm*/, krb5_ccache /*ccache*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_probe ( krb5_context /*context*/, krb5_realm /*realm*/, krb5_ccache /*ccache*/, unsigned */*flags*/); -krb5_boolean +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_digest_rep_get_status ( krb5_context /*context*/, krb5_digest /*digest*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_request ( krb5_context /*context*/, krb5_digest /*digest*/, krb5_realm /*realm*/, krb5_ccache /*ccache*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_authentication_user ( krb5_context /*context*/, krb5_digest /*digest*/, krb5_principal /*authentication_user*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_authid ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*authid*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_client_nonce ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*nonce*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_digest ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*dgst*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_hostname ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*hostname*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_identifier ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*id*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_method ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*method*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_nonceCount ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*nonce_count*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_opaque ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*opaque*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_qop ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*qop*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_realm ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*realm*/); -int +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_digest_set_responseData ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*response*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_server_cb ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*type*/, const char */*binding*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_server_nonce ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*nonce*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_type ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*type*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_uri ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*uri*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_set_username ( krb5_context /*context*/, krb5_digest /*digest*/, const char */*username*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_domain_x500_decode ( krb5_context /*context*/, krb5_data /*tr*/, char ***/*realms*/, - int */*num_realms*/, + unsigned int */*num_realms*/, const char */*client_realm*/, const char */*server_realm*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_domain_x500_encode ( char **/*realms*/, - int /*num_realms*/, + unsigned int /*num_realms*/, krb5_data */*encoding*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_eai_to_heim_errno ( int /*eai_errno*/, int /*system_error*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_Authenticator ( krb5_context /*context*/, void */*data*/, size_t /*length*/, Authenticator */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_ETYPE_INFO ( krb5_context /*context*/, void */*data*/, size_t /*length*/, ETYPE_INFO */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_ETYPE_INFO2 ( krb5_context /*context*/, void */*data*/, size_t /*length*/, ETYPE_INFO2 */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_EncAPRepPart ( krb5_context /*context*/, void */*data*/, size_t /*length*/, EncAPRepPart */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_EncASRepPart ( krb5_context /*context*/, void */*data*/, size_t /*length*/, EncASRepPart */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_EncKrbCredPart ( krb5_context /*context*/, void */*data*/, size_t /*length*/, EncKrbCredPart */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_EncTGSRepPart ( krb5_context /*context*/, void */*data*/, size_t /*length*/, EncTGSRepPart */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encode_EncTicketPart ( krb5_context /*context*/, void */*data*/, size_t /*length*/, EncTicketPart */*t*/, - size_t */*len*/); + size_t */*len*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encrypt ( krb5_context /*context*/, krb5_crypto /*crypto*/, @@ -1550,7 +1700,7 @@ krb5_encrypt ( size_t /*len*/, krb5_data */*result*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encrypt_EncryptedData ( krb5_context /*context*/, krb5_crypto /*crypto*/, @@ -1560,7 +1710,16 @@ krb5_encrypt_EncryptedData ( int /*kvno*/, EncryptedData */*result*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_encrypt_iov_ivec ( + krb5_context /*context*/, + krb5_crypto /*crypto*/, + unsigned /*usage*/, + krb5_crypto_iov */*data*/, + int /*num_data*/, + void */*ivec*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_encrypt_ivec ( krb5_context /*context*/, krb5_crypto /*crypto*/, @@ -1570,93 +1729,99 @@ krb5_encrypt_ivec ( krb5_data */*result*/, void */*ivec*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_disable ( krb5_context /*context*/, krb5_enctype /*enctype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_enctype_enable ( + krb5_context /*context*/, + krb5_enctype /*enctype*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_keybits ( krb5_context /*context*/, krb5_enctype /*type*/, size_t */*keybits*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_keysize ( krb5_context /*context*/, krb5_enctype /*type*/, size_t */*keysize*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_to_keytype ( krb5_context /*context*/, krb5_enctype /*etype*/, krb5_keytype */*keytype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_to_string ( krb5_context /*context*/, krb5_enctype /*etype*/, char **/*string*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_enctype_valid ( krb5_context /*context*/, krb5_enctype /*etype*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_enctypes_compatible_keys ( krb5_context /*context*/, krb5_enctype /*etype1*/, - krb5_enctype /*etype2*/); + krb5_enctype /*etype2*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +krb5_error_code +krb5_enomem (krb5_context /*context*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_err ( krb5_context /*context*/, int /*eval*/, krb5_error_code /*code*/, const char */*fmt*/, ...) - __attribute__ ((noreturn, format (printf, 4, 5))); + __attribute__ ((noreturn, format (printf, 4, 5))); -krb5_error_code KRB5_LIB_FUNCTION - __attribute__((deprecated)) krb5_free_creds_contents (krb5_context context, krb5_creds *c); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_error_from_rd_error ( krb5_context /*context*/, const krb5_error */*error*/, const krb5_creds */*creds*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_errx ( krb5_context /*context*/, int /*eval*/, const char */*fmt*/, ...) - __attribute__ ((noreturn, format (printf, 3, 4))); + __attribute__ ((noreturn, format (printf, 3, 4))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_expand_hostname ( krb5_context /*context*/, const char */*orig_hostname*/, char **/*new_hostname*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_expand_hostname_realms ( krb5_context /*context*/, const char */*orig_hostname*/, char **/*new_hostname*/, char ***/*realms*/); -PA_DATA * +KRB5_LIB_FUNCTION PA_DATA * KRB5_LIB_CALL krb5_find_padata ( PA_DATA */*val*/, unsigned /*len*/, int /*type*/, int */*idx*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_format_time ( krb5_context /*context*/, time_t /*t*/, @@ -1664,118 +1829,142 @@ krb5_format_time ( size_t /*len*/, krb5_boolean /*include_time*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_address ( krb5_context /*context*/, krb5_address */*address*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_addresses ( krb5_context /*context*/, krb5_addresses */*addresses*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_ap_rep_enc_part ( krb5_context /*context*/, krb5_ap_rep_enc_part */*val*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_authenticator ( krb5_context /*context*/, krb5_authenticator */*authenticator*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_checksum ( krb5_context /*context*/, krb5_checksum */*cksum*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_checksum_contents ( krb5_context /*context*/, krb5_checksum */*cksum*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_config_files (char **/*filenames*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_context (krb5_context /*context*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_cred_contents ( krb5_context /*context*/, krb5_creds */*c*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_creds ( krb5_context /*context*/, krb5_creds */*c*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_free_creds_contents ( + krb5_context /*context*/, + krb5_creds */*c*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_data ( krb5_context /*context*/, krb5_data */*p*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_data_contents ( krb5_context /*context*/, - krb5_data */*data*/); + krb5_data */*data*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_free_default_realm ( + krb5_context /*context*/, + krb5_realm /*realm*/); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_error ( krb5_context /*context*/, krb5_error */*error*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_error_contents ( krb5_context /*context*/, krb5_error */*error*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_free_error_message ( + krb5_context /*context*/, + const char */*msg*/); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_error_string ( krb5_context /*context*/, - char */*str*/); + char */*str*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_host_realm ( krb5_context /*context*/, krb5_realm */*realmlist*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_kdc_rep ( krb5_context /*context*/, krb5_kdc_rep */*rep*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_keyblock ( krb5_context /*context*/, krb5_keyblock */*keyblock*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_keyblock_contents ( krb5_context /*context*/, krb5_keyblock */*keyblock*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_krbhst ( krb5_context /*context*/, char **/*hostlist*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_principal ( krb5_context /*context*/, krb5_principal /*p*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_salt ( krb5_context /*context*/, krb5_salt /*salt*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_ticket ( krb5_context /*context*/, krb5_ticket */*ticket*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_free_unparsed_name ( + krb5_context /*context*/, + char */*str*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_fwd_tgt_creds ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, @@ -1786,64 +1975,67 @@ krb5_fwd_tgt_creds ( int /*forwardable*/, krb5_data */*out_data*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_generate_random_block ( void */*buf*/, size_t /*len*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_generate_random_keyblock ( krb5_context /*context*/, krb5_enctype /*type*/, krb5_keyblock */*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_generate_seq_number ( krb5_context /*context*/, const krb5_keyblock */*key*/, uint32_t */*seqno*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_generate_subkey ( krb5_context /*context*/, const krb5_keyblock */*key*/, - krb5_keyblock **/*subkey*/); + krb5_keyblock **/*subkey*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_generate_subkey_extended ( krb5_context /*context*/, const krb5_keyblock */*key*/, krb5_enctype /*etype*/, krb5_keyblock **/*subkey*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_all_client_addrs ( krb5_context /*context*/, krb5_addresses */*res*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_all_server_addrs ( krb5_context /*context*/, krb5_addresses */*res*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_cred_from_kdc ( krb5_context /*context*/, krb5_ccache /*ccache*/, krb5_creds */*in_creds*/, krb5_creds **/*out_creds*/, - krb5_creds ***/*ret_tgts*/); + krb5_creds ***/*ret_tgts*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_cred_from_kdc_opt ( krb5_context /*context*/, krb5_ccache /*ccache*/, krb5_creds */*in_creds*/, krb5_creds **/*out_creds*/, krb5_creds ***/*ret_tgts*/, - krb5_flags /*flags*/); + krb5_flags /*flags*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_credentials ( krb5_context /*context*/, krb5_flags /*options*/, @@ -1851,7 +2043,7 @@ krb5_get_credentials ( krb5_creds */*in_creds*/, krb5_creds **/*out_creds*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_credentials_with_flags ( krb5_context /*context*/, krb5_flags /*options*/, @@ -1860,7 +2052,7 @@ krb5_get_credentials_with_flags ( krb5_creds */*in_creds*/, krb5_creds **/*out_creds*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_creds ( krb5_context /*context*/, krb5_get_creds_opt /*opt*/, @@ -1868,96 +2060,98 @@ krb5_get_creds ( krb5_const_principal /*inprinc*/, krb5_creds **/*out_creds*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_creds_opt_add_options ( krb5_context /*context*/, krb5_get_creds_opt /*opt*/, krb5_flags /*options*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_creds_opt_alloc ( krb5_context /*context*/, krb5_get_creds_opt */*opt*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_creds_opt_free ( krb5_context /*context*/, krb5_get_creds_opt /*opt*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_creds_opt_set_enctype ( krb5_context /*context*/, krb5_get_creds_opt /*opt*/, krb5_enctype /*enctype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_creds_opt_set_impersonate ( krb5_context /*context*/, krb5_get_creds_opt /*opt*/, krb5_const_principal /*self*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_creds_opt_set_options ( krb5_context /*context*/, krb5_get_creds_opt /*opt*/, krb5_flags /*options*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_creds_opt_set_ticket ( krb5_context /*context*/, krb5_get_creds_opt /*opt*/, const Ticket */*ticket*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_config_files (char ***/*pfilenames*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_in_tkt_etypes ( krb5_context /*context*/, + krb5_pdu /*pdu_type*/, krb5_enctype **/*etypes*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_principal ( krb5_context /*context*/, krb5_principal */*princ*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_realm ( krb5_context /*context*/, krb5_realm */*realm*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_default_realms ( krb5_context /*context*/, krb5_realm **/*realms*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_get_dns_canonicalize_hostname (krb5_context /*context*/); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_get_err_text ( krb5_context /*context*/, - krb5_error_code /*code*/); + krb5_error_code /*code*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -char * KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL krb5_get_error_message ( krb5_context /*context*/, krb5_error_code /*code*/); -char * KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION char * KRB5_LIB_CALL krb5_get_error_string (krb5_context /*context*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_extra_addresses ( krb5_context /*context*/, krb5_addresses */*addresses*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_fcache_version ( krb5_context /*context*/, int */*version*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_forwarded_creds ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, @@ -1967,18 +2161,18 @@ krb5_get_forwarded_creds ( krb5_creds */*in_creds*/, krb5_data */*out_data*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_host_realm ( krb5_context /*context*/, const char */*targethost*/, krb5_realm **/*realms*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_ignore_addresses ( krb5_context /*context*/, krb5_addresses */*addresses*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_cred ( krb5_context /*context*/, krb5_flags /*options*/, @@ -1991,9 +2185,10 @@ krb5_get_in_cred ( krb5_decrypt_proc /*decrypt_proc*/, krb5_const_pointer /*decryptarg*/, krb5_creds */*creds*/, - krb5_kdc_rep */*ret_as_reply*/); + krb5_kdc_rep */*ret_as_reply*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt ( krb5_context /*context*/, krb5_flags /*options*/, @@ -2006,9 +2201,10 @@ krb5_get_in_tkt ( krb5_const_pointer /*decryptarg*/, krb5_creds */*creds*/, krb5_ccache /*ccache*/, - krb5_kdc_rep */*ret_as_reply*/); + krb5_kdc_rep */*ret_as_reply*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt_with_keytab ( krb5_context /*context*/, krb5_flags /*options*/, @@ -2018,9 +2214,10 @@ krb5_get_in_tkt_with_keytab ( krb5_keytab /*keytab*/, krb5_ccache /*ccache*/, krb5_creds */*creds*/, - krb5_kdc_rep */*ret_as_reply*/); + krb5_kdc_rep */*ret_as_reply*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt_with_password ( krb5_context /*context*/, krb5_flags /*options*/, @@ -2030,9 +2227,10 @@ krb5_get_in_tkt_with_password ( const char */*password*/, krb5_ccache /*ccache*/, krb5_creds */*creds*/, - krb5_kdc_rep */*ret_as_reply*/); + krb5_kdc_rep */*ret_as_reply*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_in_tkt_with_skey ( krb5_context /*context*/, krb5_flags /*options*/, @@ -2042,20 +2240,10 @@ krb5_get_in_tkt_with_skey ( const krb5_keyblock */*key*/, krb5_ccache /*ccache*/, krb5_creds */*creds*/, - krb5_kdc_rep */*ret_as_reply*/); + krb5_kdc_rep */*ret_as_reply*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds ( - krb5_context /*context*/, - krb5_creds */*creds*/, - krb5_principal /*client*/, - krb5_prompter_fct /*prompter*/, - void */*data*/, - krb5_deltat /*start_time*/, - const char */*in_tkt_service*/, - krb5_get_init_creds_opt */*options*/); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_keyblock ( krb5_context /*context*/, krb5_creds */*creds*/, @@ -2065,7 +2253,7 @@ krb5_get_init_creds_keyblock ( const char */*in_tkt_service*/, krb5_get_init_creds_opt */*options*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_keytab ( krb5_context /*context*/, krb5_creds */*creds*/, @@ -2075,79 +2263,81 @@ krb5_get_init_creds_keytab ( const char */*in_tkt_service*/, krb5_get_init_creds_opt */*options*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_alloc ( krb5_context /*context*/, krb5_get_init_creds_opt **/*opt*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_free ( krb5_context /*context*/, krb5_get_init_creds_opt */*opt*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_get_error ( krb5_context /*context*/, krb5_get_init_creds_opt */*opt*/, - KRB_ERROR **/*error*/); + KRB_ERROR **/*error*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_init (krb5_get_init_creds_opt */*opt*/); +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_get_init_creds_opt_init (krb5_get_init_creds_opt */*opt*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_address_list ( krb5_get_init_creds_opt */*opt*/, krb5_addresses */*addresses*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_set_addressless ( krb5_context /*context*/, krb5_get_init_creds_opt */*opt*/, krb5_boolean /*addressless*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_anonymous ( krb5_get_init_creds_opt */*opt*/, int /*anonymous*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_set_canonicalize ( krb5_context /*context*/, krb5_get_init_creds_opt */*opt*/, krb5_boolean /*req*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_default_flags ( krb5_context /*context*/, const char */*appname*/, krb5_const_realm /*realm*/, krb5_get_init_creds_opt */*opt*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_etype_list ( krb5_get_init_creds_opt */*opt*/, krb5_enctype */*etype_list*/, int /*etype_list_length*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_forwardable ( krb5_get_init_creds_opt */*opt*/, int /*forwardable*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_set_pa_password ( krb5_context /*context*/, krb5_get_init_creds_opt */*opt*/, const char */*password*/, krb5_s2k_proc /*key_proc*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_set_pac_request ( krb5_context /*context*/, krb5_get_init_creds_opt */*opt*/, krb5_boolean /*req_pac*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_set_pkinit ( krb5_context /*context*/, krb5_get_init_creds_opt */*opt*/, @@ -2161,39 +2351,52 @@ krb5_get_init_creds_opt_set_pkinit ( void */*prompter_data*/, char */*password*/); -void KRB5_LIB_FUNCTION +krb5_error_code KRB5_LIB_FUNCTION +krb5_get_init_creds_opt_set_pkinit_user_certs ( + krb5_context /*context*/, + krb5_get_init_creds_opt */*opt*/, + struct hx509_certs_data */*certs*/); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_preauth_list ( krb5_get_init_creds_opt */*opt*/, krb5_preauthtype */*preauth_list*/, int /*preauth_list_length*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_init_creds_opt_set_process_last_req ( + krb5_context /*context*/, + krb5_get_init_creds_opt */*opt*/, + krb5_gic_process_last_req /*func*/, + void */*ctx*/); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_proxiable ( krb5_get_init_creds_opt */*opt*/, int /*proxiable*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_renew_life ( krb5_get_init_creds_opt */*opt*/, krb5_deltat /*renew_life*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_salt ( krb5_get_init_creds_opt */*opt*/, krb5_data */*salt*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_set_tkt_life ( krb5_get_init_creds_opt */*opt*/, krb5_deltat /*tkt_life*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_set_win2k ( krb5_context /*context*/, krb5_get_init_creds_opt */*opt*/, krb5_boolean /*req*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_password ( krb5_context /*context*/, krb5_creds */*creds*/, @@ -2203,9 +2406,9 @@ krb5_get_init_creds_password ( void */*data*/, krb5_deltat /*start_time*/, const char */*in_tkt_service*/, - krb5_get_init_creds_opt */*in_options*/); + krb5_get_init_creds_opt */*options*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_kdc_cred ( krb5_context /*context*/, krb5_ccache /*id*/, @@ -2215,46 +2418,51 @@ krb5_get_kdc_cred ( krb5_creds */*in_creds*/, krb5_creds **out_creds ); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_kdc_sec_offset ( krb5_context /*context*/, int32_t */*sec*/, int32_t */*usec*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_krb524hst ( krb5_context /*context*/, const krb5_realm */*realm*/, char ***/*hostlist*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_krb_admin_hst ( krb5_context /*context*/, const krb5_realm */*realm*/, char ***/*hostlist*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_krb_changepw_hst ( krb5_context /*context*/, const krb5_realm */*realm*/, char ***/*hostlist*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_krbhst ( krb5_context /*context*/, const krb5_realm */*realm*/, char ***/*hostlist*/); -time_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL krb5_get_max_time_skew (krb5_context /*context*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_permitted_enctypes ( + krb5_context /*context*/, + krb5_enctype **/*etypes*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_pw_salt ( krb5_context /*context*/, krb5_const_principal /*principal*/, krb5_salt */*salt*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_renewed_creds ( krb5_context /*context*/, krb5_creds */*creds*/, @@ -2262,39 +2470,47 @@ krb5_get_renewed_creds ( krb5_ccache /*ccache*/, const char */*in_tkt_service*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_server_rcache ( krb5_context /*context*/, const krb5_data */*piece*/, krb5_rcache */*id*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_get_use_admin_kdc (krb5_context /*context*/); -krb5_log_facility * KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_validated_creds ( + krb5_context /*context*/, + krb5_creds */*creds*/, + krb5_principal /*client*/, + krb5_ccache /*ccache*/, + char */*service*/); + +KRB5_LIB_FUNCTION krb5_log_facility * KRB5_LIB_CALL krb5_get_warn_dest (krb5_context /*context*/); -size_t +KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL krb5_get_wrapped_length ( krb5_context /*context*/, krb5_crypto /*crypto*/, size_t /*data_len*/); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_getportbyname ( krb5_context /*context*/, const char */*service*/, const char */*proto*/, int /*default_port*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_h_addr2addr ( krb5_context /*context*/, int /*af*/, const char */*haddr*/, krb5_address */*addr*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_h_addr2sockaddr ( krb5_context /*context*/, int /*af*/, @@ -2303,13 +2519,13 @@ krb5_h_addr2sockaddr ( krb5_socklen_t */*sa_size*/, int /*port*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_h_errno_to_heim_errno (int /*eai_errno*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_have_error_string (krb5_context /*context*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_hmac ( krb5_context /*context*/, krb5_cksumtype /*cktype*/, @@ -2319,35 +2535,111 @@ krb5_hmac ( krb5_keyblock */*key*/, Checksum */*result*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_context (krb5_context */*context*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_init_creds_free ( + krb5_context /*context*/, + krb5_init_creds_context /*ctx*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_get ( + krb5_context /*context*/, + krb5_init_creds_context /*ctx*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_get_creds ( + krb5_context /*context*/, + krb5_init_creds_context /*ctx*/, + krb5_creds */*cred*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_get_error ( + krb5_context /*context*/, + krb5_init_creds_context /*ctx*/, + KRB_ERROR */*error*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_init ( + krb5_context /*context*/, + krb5_principal /*client*/, + krb5_prompter_fct /*prompter*/, + void */*prompter_data*/, + krb5_deltat /*start_time*/, + krb5_get_init_creds_opt */*options*/, + krb5_init_creds_context */*rctx*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_set_keyblock ( + krb5_context /*context*/, + krb5_init_creds_context /*ctx*/, + krb5_keyblock */*keyblock*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_set_keytab ( + krb5_context /*context*/, + krb5_init_creds_context /*ctx*/, + krb5_keytab /*keytab*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_set_password ( + krb5_context /*context*/, + krb5_init_creds_context /*ctx*/, + const char */*password*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_set_service ( + krb5_context /*context*/, + krb5_init_creds_context /*ctx*/, + const char */*service*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_init_creds_step ( + krb5_context /*context*/, + krb5_init_creds_context /*ctx*/, + krb5_data */*in*/, + krb5_data */*out*/, + krb5_krbhst_info */*hostinfo*/, + unsigned int */*flags*/); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_init_ets (krb5_context /*context*/); -krb5_error_code KRB5_LIB_FUNCTION -krb5_init_etype ( - krb5_context /*context*/, - unsigned */*len*/, - krb5_enctype **/*val*/, - const krb5_enctype */*etypes*/); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_initlog ( krb5_context /*context*/, const char */*program*/, krb5_log_facility **/*fac*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_is_config_principal ( + krb5_context /*context*/, + krb5_const_principal /*principal*/); + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_is_thread_safe (void); -const krb5_enctype * KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_kcm_call ( + krb5_context /*context*/, + krb5_storage */*request*/, + krb5_storage **/*response_p*/, + krb5_data */*response_data_p*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_kcm_storage_request ( + krb5_context /*context*/, + uint16_t /*opcode*/, + krb5_storage **/*storage_p*/); + +KRB5_LIB_FUNCTION const krb5_enctype * KRB5_LIB_CALL krb5_kerberos_enctypes (krb5_context /*context*/); -krb5_enctype +KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL krb5_keyblock_get_enctype (const krb5_keyblock */*block*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keyblock_init ( krb5_context /*context*/, krb5_enctype /*type*/, @@ -2355,7 +2647,7 @@ krb5_keyblock_init ( size_t /*size*/, krb5_keyblock */*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keyblock_key_proc ( krb5_context /*context*/, krb5_keytype /*type*/, @@ -2363,63 +2655,67 @@ krb5_keyblock_key_proc ( krb5_const_pointer /*keyseed*/, krb5_keyblock **/*key*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_keyblock_zero (krb5_keyblock */*keyblock*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV krb5_keytab_key_proc ( krb5_context /*context*/, krb5_enctype /*enctype*/, krb5_salt /*salt*/, krb5_const_pointer /*keyseed*/, - krb5_keyblock **/*key*/); + krb5_keyblock **/*key*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keytype_to_enctypes ( krb5_context /*context*/, krb5_keytype /*keytype*/, unsigned */*len*/, - krb5_enctype **/*val*/); + krb5_enctype **/*val*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keytype_to_enctypes_default ( krb5_context /*context*/, krb5_keytype /*keytype*/, unsigned */*len*/, - krb5_enctype **/*val*/); + krb5_enctype **/*val*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_keytype_to_string ( krb5_context /*context*/, krb5_keytype /*keytype*/, - char **/*string*/); + char **/*string*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_format_string ( krb5_context /*context*/, const krb5_krbhst_info */*host*/, char */*hostname*/, size_t /*hostlen*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_krbhst_free ( krb5_context /*context*/, krb5_krbhst_handle /*handle*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_get_addrinfo ( krb5_context /*context*/, krb5_krbhst_info */*host*/, struct addrinfo **/*ai*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_init ( krb5_context /*context*/, const char */*realm*/, unsigned int /*type*/, krb5_krbhst_handle */*handle*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_init_flags ( krb5_context /*context*/, const char */*realm*/, @@ -2427,36 +2723,36 @@ krb5_krbhst_init_flags ( int /*flags*/, krb5_krbhst_handle */*handle*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_next ( krb5_context /*context*/, krb5_krbhst_handle /*handle*/, krb5_krbhst_info **/*host*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_next_as_string ( krb5_context /*context*/, krb5_krbhst_handle /*handle*/, char */*hostname*/, size_t /*hostlen*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_krbhst_reset ( krb5_context /*context*/, krb5_krbhst_handle /*handle*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_add_entry ( krb5_context /*context*/, krb5_keytab /*id*/, krb5_keytab_entry */*entry*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_close ( krb5_context /*context*/, krb5_keytab /*id*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_kt_compare ( krb5_context /*context*/, krb5_keytab_entry */*entry*/, @@ -2464,41 +2760,46 @@ krb5_kt_compare ( krb5_kvno /*vno*/, krb5_enctype /*enctype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_copy_entry_contents ( krb5_context /*context*/, const krb5_keytab_entry */*in*/, krb5_keytab_entry */*out*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_default ( krb5_context /*context*/, krb5_keytab */*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_default_modify_name ( krb5_context /*context*/, char */*name*/, size_t /*namesize*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_default_name ( krb5_context /*context*/, char */*name*/, size_t /*namesize*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_kt_destroy ( + krb5_context /*context*/, + krb5_keytab /*id*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_end_seq_get ( krb5_context /*context*/, krb5_keytab /*id*/, krb5_kt_cursor */*cursor*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_free_entry ( krb5_context /*context*/, krb5_keytab_entry */*entry*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_entry ( krb5_context /*context*/, krb5_keytab /*id*/, @@ -2507,34 +2808,39 @@ krb5_kt_get_entry ( krb5_enctype /*enctype*/, krb5_keytab_entry */*entry*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_full_name ( krb5_context /*context*/, krb5_keytab /*keytab*/, char **/*str*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_name ( krb5_context /*context*/, krb5_keytab /*keytab*/, char */*name*/, size_t /*namesize*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_get_type ( krb5_context /*context*/, krb5_keytab /*keytab*/, char */*prefix*/, size_t /*prefixsize*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_kt_have_content ( + krb5_context /*context*/, + krb5_keytab /*id*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_next_entry ( krb5_context /*context*/, krb5_keytab /*id*/, krb5_keytab_entry */*entry*/, krb5_kt_cursor */*cursor*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_read_service_key ( krb5_context /*context*/, krb5_pointer /*keyprocarg*/, @@ -2543,45 +2849,45 @@ krb5_kt_read_service_key ( krb5_enctype /*enctype*/, krb5_keyblock **/*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_register ( krb5_context /*context*/, const krb5_kt_ops */*ops*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_remove_entry ( krb5_context /*context*/, krb5_keytab /*id*/, krb5_keytab_entry */*entry*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_resolve ( krb5_context /*context*/, const char */*name*/, krb5_keytab */*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_start_seq_get ( krb5_context /*context*/, krb5_keytab /*id*/, krb5_kt_cursor */*cursor*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_kuserok ( krb5_context /*context*/, krb5_principal /*principal*/, const char */*luser*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_log ( krb5_context /*context*/, krb5_log_facility */*fac*/, int /*level*/, const char */*fmt*/, ...) - __attribute__((format (printf, 4, 5))); + __attribute__((format (printf, 4, 5))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_log_msg ( krb5_context /*context*/, krb5_log_facility */*fac*/, @@ -2589,26 +2895,26 @@ krb5_log_msg ( char **/*reply*/, const char */*fmt*/, ...) - __attribute__((format (printf, 5, 6))); + __attribute__((format (printf, 5, 6))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_make_addrport ( krb5_context /*context*/, krb5_address **/*res*/, const krb5_address */*addr*/, int16_t /*port*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_make_principal ( krb5_context /*context*/, krb5_principal */*principal*/, krb5_const_realm /*realm*/, ...); -size_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL krb5_max_sockaddr_size (void); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_error ( krb5_context /*context*/, krb5_error_code /*error_code*/, @@ -2620,7 +2926,7 @@ krb5_mk_error ( int */*client_usec*/, krb5_data */*reply*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_priv ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, @@ -2628,13 +2934,13 @@ krb5_mk_priv ( krb5_data */*outbuf*/, krb5_replay_data */*outdata*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_rep ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_data */*outbuf*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_req ( krb5_context /*context*/, krb5_auth_context */*auth_context*/, @@ -2645,7 +2951,7 @@ krb5_mk_req ( krb5_ccache /*ccache*/, krb5_data */*outbuf*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_req_exact ( krb5_context /*context*/, krb5_auth_context */*auth_context*/, @@ -2655,7 +2961,7 @@ krb5_mk_req_exact ( krb5_ccache /*ccache*/, krb5_data */*outbuf*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_req_extended ( krb5_context /*context*/, krb5_auth_context */*auth_context*/, @@ -2664,7 +2970,7 @@ krb5_mk_req_extended ( krb5_creds */*in_creds*/, krb5_data */*outbuf*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_safe ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, @@ -2672,21 +2978,21 @@ krb5_mk_safe ( krb5_data */*outbuf*/, krb5_replay_data */*outdata*/); -krb5_ssize_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_net_read ( krb5_context /*context*/, void */*p_fd*/, void */*buf*/, size_t /*len*/); -krb5_ssize_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_net_write ( krb5_context /*context*/, void */*p_fd*/, const void */*buf*/, size_t /*len*/); -krb5_ssize_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_net_write_block ( krb5_context /*context*/, void */*p_fd*/, @@ -2694,47 +3000,47 @@ krb5_net_write_block ( size_t /*len*/, time_t /*timeout*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_alloc ( krb5_context /*context*/, krb5_ntlm */*ntlm*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_free ( krb5_context /*context*/, krb5_ntlm /*ntlm*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_init_get_challange ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, krb5_data */*challange*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_init_get_flags ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, uint32_t */*flags*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_init_get_opaque ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, krb5_data */*opaque*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_init_get_targetinfo ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, krb5_data */*data*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_init_get_targetname ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, char **/*name*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_init_request ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, @@ -2744,114 +3050,114 @@ krb5_ntlm_init_request ( const char */*hostname*/, const char */*domainname*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_rep_get_sessionkey ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, krb5_data */*data*/); -krb5_boolean +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_ntlm_rep_get_status ( krb5_context /*context*/, krb5_ntlm /*ntlm*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_req_set_flags ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, uint32_t /*flags*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_req_set_lm ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, void */*hash*/, size_t /*len*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_req_set_ntlm ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, void */*hash*/, size_t /*len*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_req_set_opaque ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, krb5_data */*opaque*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_req_set_session ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, void */*sessionkey*/, size_t /*length*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_req_set_targetname ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, const char */*targetname*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_req_set_username ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, const char */*username*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ntlm_request ( krb5_context /*context*/, krb5_ntlm /*ntlm*/, krb5_realm /*realm*/, krb5_ccache /*ccache*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_openlog ( krb5_context /*context*/, const char */*program*/, krb5_log_facility **/*fac*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_add_buffer ( krb5_context /*context*/, krb5_pac /*p*/, uint32_t /*type*/, const krb5_data */*data*/); -void +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_pac_free ( krb5_context /*context*/, krb5_pac /*pac*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_get_buffer ( krb5_context /*context*/, krb5_pac /*p*/, uint32_t /*type*/, krb5_data */*data*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_get_types ( krb5_context /*context*/, krb5_pac /*p*/, size_t */*len*/, uint32_t **/*types*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_init ( krb5_context /*context*/, krb5_pac */*pac*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_parse ( krb5_context /*context*/, const void */*ptr*/, size_t /*len*/, krb5_pac */*pac*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_verify ( krb5_context /*context*/, const krb5_pac /*pac*/, @@ -2860,7 +3166,7 @@ krb5_pac_verify ( const krb5_keyblock */*server*/, const krb5_keyblock */*privsvr*/); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_padata_add ( krb5_context /*context*/, METHOD_DATA */*md*/, @@ -2868,130 +3174,165 @@ krb5_padata_add ( void */*buf*/, size_t /*len*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_address ( krb5_context /*context*/, const char */*string*/, krb5_addresses */*addresses*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_name ( krb5_context /*context*/, const char */*name*/, krb5_principal */*principal*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_name_flags ( krb5_context /*context*/, const char */*name*/, int /*flags*/, krb5_principal */*principal*/); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_nametype ( krb5_context /*context*/, const char */*str*/, int32_t */*nametype*/); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_passwd_result_to_string ( krb5_context /*context*/, int /*result*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV krb5_password_key_proc ( krb5_context /*context*/, krb5_enctype /*type*/, krb5_salt /*salt*/, krb5_const_pointer /*keyseed*/, - krb5_keyblock **/*key*/); + krb5_keyblock **/*key*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_pk_enterprise_cert ( + krb5_context /*context*/, + const char */*user_id*/, + krb5_const_realm /*realm*/, + krb5_principal */*principal*/, + struct hx509_certs_data **/*res*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_plugin_register ( krb5_context /*context*/, enum krb5_plugin_type /*type*/, const char */*name*/, void */*symbol*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_prepend_config_files ( const char */*filelist*/, char **/*pq*/, char ***/*ret_pp*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_prepend_config_files_default ( const char */*filelist*/, char ***/*pfilenames*/); -krb5_realm * KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_prepend_error_message ( + krb5_context /*context*/, + krb5_error_code /*ret*/, + const char */*fmt*/, + ...) + __attribute__ ((format (printf, 3, 4))); + +KRB5_LIB_FUNCTION krb5_realm * KRB5_LIB_CALL krb5_princ_realm ( krb5_context /*context*/, - krb5_principal /*principal*/); + krb5_principal /*principal*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_princ_set_realm ( krb5_context /*context*/, krb5_principal /*principal*/, - krb5_realm */*realm*/); + krb5_realm */*realm*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_compare ( krb5_context /*context*/, krb5_const_principal /*princ1*/, krb5_const_principal /*princ2*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_compare_any_realm ( krb5_context /*context*/, krb5_const_principal /*princ1*/, krb5_const_principal /*princ2*/); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_principal_get_comp_string ( krb5_context /*context*/, krb5_const_principal /*principal*/, unsigned int /*component*/); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION unsigned int KRB5_LIB_CALL +krb5_principal_get_num_comp ( + krb5_context /*context*/, + krb5_const_principal /*principal*/); + +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_principal_get_realm ( krb5_context /*context*/, krb5_const_principal /*principal*/); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_principal_get_type ( krb5_context /*context*/, krb5_const_principal /*principal*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_principal_is_krbtgt ( + krb5_context /*context*/, + krb5_const_principal /*p*/); + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_match ( krb5_context /*context*/, krb5_const_principal /*princ*/, krb5_const_principal /*pattern*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_principal_set_realm ( + krb5_context /*context*/, + krb5_principal /*principal*/, + krb5_const_realm /*realm*/); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_principal_set_type ( krb5_context /*context*/, krb5_principal /*principal*/, int /*type*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_print_address ( const krb5_address */*addr*/, char */*str*/, size_t /*len*/, size_t */*ret_len*/); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_program_setup ( krb5_context */*context*/, int /*argc*/, char **/*argv*/, struct getargs */*args*/, int /*num_args*/, - void (*/*usage*/)(int, struct getargs*, int)); + void (KRB5_LIB_CALL *usage)(int, struct getargs*, int)); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_CALLCONV krb5_prompter_posix ( krb5_context /*context*/, void */*data*/, @@ -3000,7 +3341,7 @@ krb5_prompter_posix ( int /*num_prompts*/, krb5_prompt prompts[]); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_random_to_key ( krb5_context /*context*/, krb5_enctype /*type*/, @@ -3008,84 +3349,84 @@ krb5_random_to_key ( size_t /*size*/, krb5_keyblock */*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_close ( krb5_context /*context*/, krb5_rcache /*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_default ( krb5_context /*context*/, krb5_rcache */*id*/); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_rc_default_name (krb5_context /*context*/); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_rc_default_type (krb5_context /*context*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_destroy ( krb5_context /*context*/, krb5_rcache /*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_expunge ( krb5_context /*context*/, krb5_rcache /*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_get_lifespan ( krb5_context /*context*/, krb5_rcache /*id*/, krb5_deltat */*auth_lifespan*/); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_rc_get_name ( krb5_context /*context*/, krb5_rcache /*id*/); -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_rc_get_type ( krb5_context /*context*/, krb5_rcache /*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_initialize ( krb5_context /*context*/, krb5_rcache /*id*/, krb5_deltat /*auth_lifespan*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_recover ( krb5_context /*context*/, krb5_rcache /*id*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_resolve ( krb5_context /*context*/, krb5_rcache /*id*/, const char */*name*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_resolve_full ( krb5_context /*context*/, krb5_rcache */*id*/, const char */*string_name*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_resolve_type ( krb5_context /*context*/, krb5_rcache */*id*/, const char */*type*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_store ( krb5_context /*context*/, krb5_rcache /*id*/, krb5_donot_replay */*rep*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_cred ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, @@ -3093,20 +3434,20 @@ krb5_rd_cred ( krb5_creds ***/*ret_creds*/, krb5_replay_data */*outdata*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_cred2 ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, krb5_ccache /*ccache*/, krb5_data */*in_data*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_error ( krb5_context /*context*/, const krb5_data */*msg*/, KRB_ERROR */*result*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_priv ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, @@ -3114,14 +3455,14 @@ krb5_rd_priv ( krb5_data */*outbuf*/, krb5_replay_data */*outdata*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_rep ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, const krb5_data */*inbuf*/, krb5_ap_rep_enc_part **/*repl*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req ( krb5_context /*context*/, krb5_auth_context */*auth_context*/, @@ -3131,7 +3472,7 @@ krb5_rd_req ( krb5_flags */*ap_req_options*/, krb5_ticket **/*ticket*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_ctx ( krb5_context /*context*/, krb5_auth_context */*auth_context*/, @@ -3140,58 +3481,64 @@ krb5_rd_req_ctx ( krb5_rd_req_in_ctx /*inctx*/, krb5_rd_req_out_ctx */*outctx*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_ctx_alloc ( krb5_context /*context*/, krb5_rd_req_in_ctx */*ctx*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_rd_req_in_ctx_free ( krb5_context /*context*/, krb5_rd_req_in_ctx /*ctx*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_set_keyblock ( krb5_context /*context*/, krb5_rd_req_in_ctx /*in*/, krb5_keyblock */*keyblock*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_set_keytab ( krb5_context /*context*/, krb5_rd_req_in_ctx /*in*/, krb5_keytab /*keytab*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_set_pac_check ( krb5_context /*context*/, krb5_rd_req_in_ctx /*in*/, krb5_boolean /*flag*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_rd_req_out_ctx_free ( krb5_context /*context*/, krb5_rd_req_out_ctx /*ctx*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_out_get_ap_req_options ( krb5_context /*context*/, krb5_rd_req_out_ctx /*out*/, krb5_flags */*ap_req_options*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_out_get_keyblock ( krb5_context /*context*/, krb5_rd_req_out_ctx /*out*/, krb5_keyblock **/*keyblock*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_rd_req_out_get_server ( + krb5_context /*context*/, + krb5_rd_req_out_ctx /*out*/, + krb5_principal */*principal*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_out_get_ticket ( krb5_context /*context*/, krb5_rd_req_out_ctx /*out*/, krb5_ticket **/*ticket*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_with_keyblock ( krb5_context /*context*/, krb5_auth_context */*auth_context*/, @@ -3201,7 +3548,7 @@ krb5_rd_req_with_keyblock ( krb5_flags */*ap_req_options*/, krb5_ticket **/*ticket*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_safe ( krb5_context /*context*/, krb5_auth_context /*auth_context*/, @@ -3209,33 +3556,33 @@ krb5_rd_safe ( krb5_data */*outbuf*/, krb5_replay_data */*outdata*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_read_message ( krb5_context /*context*/, krb5_pointer /*p_fd*/, krb5_data */*data*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_read_priv_message ( krb5_context /*context*/, krb5_auth_context /*ac*/, krb5_pointer /*p_fd*/, krb5_data */*data*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_read_safe_message ( krb5_context /*context*/, krb5_auth_context /*ac*/, krb5_pointer /*p_fd*/, krb5_data */*data*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_realm_compare ( krb5_context /*context*/, krb5_const_principal /*princ1*/, krb5_const_principal /*princ2*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_recvauth ( krb5_context /*context*/, krb5_auth_context */*auth_context*/, @@ -3246,7 +3593,7 @@ krb5_recvauth ( krb5_keytab /*keytab*/, krb5_ticket **/*ticket*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_recvauth_match_version ( krb5_context /*context*/, krb5_auth_context */*auth_context*/, @@ -3258,104 +3605,104 @@ krb5_recvauth_match_version ( krb5_keytab /*keytab*/, krb5_ticket **/*ticket*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_address ( krb5_storage */*sp*/, krb5_address */*adr*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_addrs ( krb5_storage */*sp*/, krb5_addresses */*adr*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_authdata ( krb5_storage */*sp*/, krb5_authdata */*auth*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_creds ( krb5_storage */*sp*/, krb5_creds */*creds*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_creds_tag ( krb5_storage */*sp*/, krb5_creds */*creds*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_data ( krb5_storage */*sp*/, krb5_data */*data*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_int16 ( krb5_storage */*sp*/, int16_t */*value*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_int32 ( krb5_storage */*sp*/, int32_t */*value*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_int8 ( krb5_storage */*sp*/, int8_t */*value*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_keyblock ( krb5_storage */*sp*/, krb5_keyblock */*p*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_principal ( krb5_storage */*sp*/, krb5_principal */*princ*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_string ( krb5_storage */*sp*/, char **/*string*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_stringnl ( krb5_storage */*sp*/, char **/*string*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_stringz ( krb5_storage */*sp*/, char **/*string*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_times ( krb5_storage */*sp*/, krb5_times */*times*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_uint16 ( krb5_storage */*sp*/, uint16_t */*value*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_uint32 ( krb5_storage */*sp*/, uint32_t */*value*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_uint8 ( krb5_storage */*sp*/, uint8_t */*value*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_salttype_to_string ( krb5_context /*context*/, krb5_enctype /*etype*/, krb5_salttype /*stype*/, char **/*string*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sendauth ( krb5_context /*context*/, krb5_auth_context */*auth_context*/, @@ -3371,14 +3718,14 @@ krb5_sendauth ( krb5_ap_rep_enc_part **/*rep_result*/, krb5_creds **/*out_creds*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sendto ( krb5_context /*context*/, const krb5_data */*send_data*/, krb5_krbhst_handle /*handle*/, krb5_data */*receive*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sendto_context ( krb5_context /*context*/, krb5_sendto_ctx /*ctx*/, @@ -3386,43 +3733,43 @@ krb5_sendto_context ( const krb5_realm /*realm*/, krb5_data */*receive*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_sendto_ctx_add_flags ( krb5_sendto_ctx /*ctx*/, int /*flags*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sendto_ctx_alloc ( krb5_context /*context*/, krb5_sendto_ctx */*ctx*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_sendto_ctx_free ( krb5_context /*context*/, krb5_sendto_ctx /*ctx*/); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_sendto_ctx_get_flags (krb5_sendto_ctx /*ctx*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_sendto_ctx_set_func ( krb5_sendto_ctx /*ctx*/, krb5_sendto_ctx_func /*func*/, void */*data*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_sendto_ctx_set_type ( krb5_sendto_ctx /*ctx*/, int /*type*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sendto_kdc ( krb5_context /*context*/, const krb5_data */*send_data*/, const krb5_realm */*realm*/, krb5_data */*receive*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sendto_kdc_flags ( krb5_context /*context*/, const krb5_data */*send_data*/, @@ -3430,54 +3777,73 @@ krb5_sendto_kdc_flags ( krb5_data */*receive*/, int /*flags*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_config_files ( krb5_context /*context*/, char **/*filenames*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_default_in_tkt_etypes ( krb5_context /*context*/, const krb5_enctype */*etypes*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_default_realm ( krb5_context /*context*/, const char */*realm*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_dns_canonicalize_hostname ( krb5_context /*context*/, krb5_boolean /*flag*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_set_error_message ( + krb5_context /*context*/, + krb5_error_code /*ret*/, + const char */*fmt*/, + ...) + __attribute__ ((format (printf, 3, 4))); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_error_string ( krb5_context /*context*/, const char */*fmt*/, ...) - __attribute__((format (printf, 2, 3))); + __attribute__((format (printf, 2, 3))) KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_extra_addresses ( krb5_context /*context*/, const krb5_addresses */*addresses*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_fcache_version ( krb5_context /*context*/, int /*version*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_set_home_dir_access ( + krb5_context /*context*/, + krb5_boolean /*allow*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_ignore_addresses ( krb5_context /*context*/, const krb5_addresses */*addresses*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_set_kdc_sec_offset ( + krb5_context /*context*/, + int32_t /*sec*/, + int32_t /*usec*/); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_max_time_skew ( krb5_context /*context*/, time_t /*t*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_password ( krb5_context /*context*/, krb5_creds */*creds*/, @@ -3487,7 +3853,7 @@ krb5_set_password ( krb5_data */*result_code_string*/, krb5_data */*result_string*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_password_using_ccache ( krb5_context /*context*/, krb5_ccache /*ccache*/, @@ -3497,29 +3863,29 @@ krb5_set_password_using_ccache ( krb5_data */*result_code_string*/, krb5_data */*result_string*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_real_time ( krb5_context /*context*/, krb5_timestamp /*sec*/, int32_t /*usec*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_send_to_kdc_func ( krb5_context /*context*/, krb5_send_to_kdc_func /*func*/, void */*data*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_set_use_admin_kdc ( krb5_context /*context*/, krb5_boolean /*flag*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_warn_dest ( krb5_context /*context*/, krb5_log_facility */*fac*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sname_to_principal ( krb5_context /*context*/, const char */*hostname*/, @@ -3527,7 +3893,7 @@ krb5_sname_to_principal ( int32_t /*type*/, krb5_principal */*ret_princ*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sock_to_principal ( krb5_context /*context*/, int /*sock*/, @@ -3535,204 +3901,218 @@ krb5_sock_to_principal ( int32_t /*type*/, krb5_principal */*ret_princ*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sockaddr2address ( krb5_context /*context*/, const struct sockaddr */*sa*/, krb5_address */*addr*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sockaddr2port ( krb5_context /*context*/, const struct sockaddr */*sa*/, int16_t */*port*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_sockaddr_is_loopback (const struct sockaddr */*sa*/); + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_sockaddr_uninteresting (const struct sockaddr */*sa*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_std_usage ( int /*code*/, struct getargs */*args*/, int /*num_args*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_clear_flags ( krb5_storage */*sp*/, krb5_flags /*flags*/); -krb5_storage * KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL krb5_storage_emem (void); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_storage_free (krb5_storage */*sp*/); -krb5_storage * KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL krb5_storage_from_data (krb5_data */*data*/); -krb5_storage * KRB5_LIB_FUNCTION -krb5_storage_from_fd (int /*fd*/); +KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL +krb5_storage_from_fd (krb5_socket_t /*fd_in*/); -krb5_storage * KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL krb5_storage_from_mem ( void */*buf*/, size_t /*len*/); -krb5_storage * KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL krb5_storage_from_readonly_mem ( const void */*buf*/, size_t /*len*/); -krb5_flags KRB5_LIB_FUNCTION -krb5_storage_get_byteorder ( - krb5_storage */*sp*/, - krb5_flags /*byteorder*/); +KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL +krb5_storage_get_byteorder (krb5_storage */*sp*/); -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL +krb5_storage_get_eof_code (krb5_storage */*sp*/); + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_storage_is_flags ( krb5_storage */*sp*/, krb5_flags /*flags*/); -krb5_ssize_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_storage_read ( krb5_storage */*sp*/, void */*buf*/, size_t /*len*/); -off_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL krb5_storage_seek ( krb5_storage */*sp*/, off_t /*offset*/, int /*whence*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_byteorder ( krb5_storage */*sp*/, krb5_flags /*byteorder*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_eof_code ( krb5_storage */*sp*/, int /*code*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_flags ( krb5_storage */*sp*/, krb5_flags /*flags*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_storage_set_max_alloc ( + krb5_storage */*sp*/, + size_t /*size*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_storage_to_data ( krb5_storage */*sp*/, krb5_data */*data*/); -krb5_ssize_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL +krb5_storage_truncate ( + krb5_storage */*sp*/, + off_t /*offset*/); + +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_storage_write ( krb5_storage */*sp*/, const void */*buf*/, size_t /*len*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_address ( krb5_storage */*sp*/, krb5_address /*p*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_addrs ( krb5_storage */*sp*/, krb5_addresses /*p*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_authdata ( krb5_storage */*sp*/, krb5_authdata /*auth*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_creds ( krb5_storage */*sp*/, krb5_creds */*creds*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_creds_tag ( krb5_storage */*sp*/, krb5_creds */*creds*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_data ( krb5_storage */*sp*/, krb5_data /*data*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_int16 ( krb5_storage */*sp*/, int16_t /*value*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_int32 ( krb5_storage */*sp*/, int32_t /*value*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_int8 ( krb5_storage */*sp*/, int8_t /*value*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_keyblock ( krb5_storage */*sp*/, krb5_keyblock /*p*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_principal ( krb5_storage */*sp*/, krb5_const_principal /*p*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_string ( krb5_storage */*sp*/, const char */*s*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_stringnl ( krb5_storage */*sp*/, const char */*s*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_stringz ( krb5_storage */*sp*/, const char */*s*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_times ( krb5_storage */*sp*/, krb5_times /*times*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_uint16 ( krb5_storage */*sp*/, uint16_t /*value*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_uint32 ( krb5_storage */*sp*/, uint32_t /*value*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_uint8 ( krb5_storage */*sp*/, uint8_t /*value*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_deltat ( const char */*string*/, krb5_deltat */*deltat*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_enctype ( krb5_context /*context*/, const char */*string*/, krb5_enctype */*etype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_key ( krb5_context /*context*/, krb5_enctype /*enctype*/, @@ -3740,7 +4120,7 @@ krb5_string_to_key ( krb5_principal /*principal*/, krb5_keyblock */*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_key_data ( krb5_context /*context*/, krb5_enctype /*enctype*/, @@ -3748,7 +4128,7 @@ krb5_string_to_key_data ( krb5_principal /*principal*/, krb5_keyblock */*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_key_data_salt ( krb5_context /*context*/, krb5_enctype /*enctype*/, @@ -3756,7 +4136,7 @@ krb5_string_to_key_data_salt ( krb5_salt /*salt*/, krb5_keyblock */*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_key_data_salt_opaque ( krb5_context /*context*/, krb5_enctype /*enctype*/, @@ -3765,7 +4145,7 @@ krb5_string_to_key_data_salt_opaque ( krb5_data /*opaque*/, krb5_keyblock */*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_key_derived ( krb5_context /*context*/, const void */*str*/, @@ -3773,7 +4153,7 @@ krb5_string_to_key_derived ( krb5_enctype /*etype*/, krb5_keyblock */*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_key_salt ( krb5_context /*context*/, krb5_enctype /*enctype*/, @@ -3781,7 +4161,7 @@ krb5_string_to_key_salt ( krb5_salt /*salt*/, krb5_keyblock */*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_key_salt_opaque ( krb5_context /*context*/, krb5_enctype /*enctype*/, @@ -3790,62 +4170,68 @@ krb5_string_to_key_salt_opaque ( krb5_data /*opaque*/, krb5_keyblock */*key*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_keytype ( krb5_context /*context*/, const char */*string*/, - krb5_keytype */*keytype*/); + krb5_keytype */*keytype*/) + KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_salttype ( krb5_context /*context*/, krb5_enctype /*etype*/, const char */*string*/, krb5_salttype */*salttype*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ticket_get_authorization_data_type ( krb5_context /*context*/, krb5_ticket */*ticket*/, int /*type*/, krb5_data */*data*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ticket_get_client ( krb5_context /*context*/, const krb5_ticket */*ticket*/, krb5_principal */*client*/); -time_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL krb5_ticket_get_endtime ( krb5_context /*context*/, const krb5_ticket */*ticket*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL +krb5_ticket_get_flags ( + krb5_context /*context*/, + const krb5_ticket */*ticket*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ticket_get_server ( krb5_context /*context*/, const krb5_ticket */*ticket*/, krb5_principal */*server*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_timeofday ( krb5_context /*context*/, krb5_timestamp */*timeret*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name ( krb5_context /*context*/, krb5_const_principal /*principal*/, char **/*name*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_fixed ( krb5_context /*context*/, krb5_const_principal /*principal*/, char */*name*/, size_t /*len*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_fixed_flags ( krb5_context /*context*/, krb5_const_principal /*principal*/, @@ -3853,48 +4239,48 @@ krb5_unparse_name_fixed_flags ( char */*name*/, size_t /*len*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_fixed_short ( krb5_context /*context*/, krb5_const_principal /*principal*/, char */*name*/, size_t /*len*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_flags ( krb5_context /*context*/, krb5_const_principal /*principal*/, int /*flags*/, char **/*name*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_short ( krb5_context /*context*/, krb5_const_principal /*principal*/, char **/*name*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_us_timeofday ( krb5_context /*context*/, krb5_timestamp */*sec*/, int32_t */*usec*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vabort ( krb5_context /*context*/, krb5_error_code /*code*/, const char */*fmt*/, va_list /*ap*/) - __attribute__ ((noreturn, format (printf, 3, 0))); + __attribute__ ((noreturn, format (printf, 3, 0))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vabortx ( krb5_context /*context*/, const char */*fmt*/, va_list /*ap*/) - __attribute__ ((noreturn, format (printf, 2, 0))); + __attribute__ ((noreturn, format (printf, 2, 0))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_ap_req ( krb5_context /*context*/, krb5_auth_context */*auth_context*/, @@ -3905,7 +4291,7 @@ krb5_verify_ap_req ( krb5_flags */*ap_req_options*/, krb5_ticket **/*ticket*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_ap_req2 ( krb5_context /*context*/, krb5_auth_context */*auth_context*/, @@ -3917,14 +4303,14 @@ krb5_verify_ap_req2 ( krb5_ticket **/*ticket*/, krb5_key_usage /*usage*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_authenticator_checksum ( krb5_context /*context*/, krb5_auth_context /*ac*/, void */*data*/, size_t /*len*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_checksum ( krb5_context /*context*/, krb5_crypto /*crypto*/, @@ -3933,7 +4319,16 @@ krb5_verify_checksum ( size_t /*len*/, Checksum */*cksum*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_verify_checksum_iov ( + krb5_context /*context*/, + krb5_crypto /*crypto*/, + unsigned /*usage*/, + krb5_crypto_iov */*data*/, + unsigned int /*num_data*/, + krb5_cksumtype */*type*/); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_init_creds ( krb5_context /*context*/, krb5_creds */*creds*/, @@ -3942,51 +4337,51 @@ krb5_verify_init_creds ( krb5_ccache */*ccache*/, krb5_verify_init_creds_opt */*options*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_init_creds_opt_init (krb5_verify_init_creds_opt */*options*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_init_creds_opt_set_ap_req_nofail ( krb5_verify_init_creds_opt */*options*/, int /*ap_req_nofail*/); -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_verify_opt_alloc ( krb5_context /*context*/, krb5_verify_opt **/*opt*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_free (krb5_verify_opt */*opt*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_init (krb5_verify_opt */*opt*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_set_ccache ( krb5_verify_opt */*opt*/, krb5_ccache /*ccache*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_set_flags ( krb5_verify_opt */*opt*/, unsigned int /*flags*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_set_keytab ( krb5_verify_opt */*opt*/, krb5_keytab /*keytab*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_set_secure ( krb5_verify_opt */*opt*/, krb5_boolean /*secure*/); -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_set_service ( krb5_verify_opt */*opt*/, const char */*service*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_user ( krb5_context /*context*/, krb5_principal /*principal*/, @@ -3995,7 +4390,7 @@ krb5_verify_user ( krb5_boolean /*secure*/, const char */*service*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_user_lrealm ( krb5_context /*context*/, krb5_principal /*principal*/, @@ -4004,40 +4399,40 @@ krb5_verify_user_lrealm ( krb5_boolean /*secure*/, const char */*service*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_user_opt ( krb5_context /*context*/, krb5_principal /*principal*/, const char */*password*/, krb5_verify_opt */*opt*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verr ( krb5_context /*context*/, int /*eval*/, krb5_error_code /*code*/, const char */*fmt*/, va_list /*ap*/) - __attribute__ ((noreturn, format (printf, 4, 0))); + __attribute__ ((noreturn, format (printf, 4, 0))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verrx ( krb5_context /*context*/, int /*eval*/, const char */*fmt*/, va_list /*ap*/) - __attribute__ ((noreturn, format (printf, 3, 0))); + __attribute__ ((noreturn, format (printf, 3, 0))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vlog ( krb5_context /*context*/, krb5_log_facility */*fac*/, int /*level*/, const char */*fmt*/, va_list /*ap*/) - __attribute__((format (printf, 4, 0))); + __attribute__((format (printf, 4, 0))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vlog_msg ( krb5_context /*context*/, krb5_log_facility */*fac*/, @@ -4045,70 +4440,88 @@ krb5_vlog_msg ( int /*level*/, const char */*fmt*/, va_list /*ap*/) - __attribute__((format (printf, 5, 0))); + __attribute__((format (printf, 5, 0))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_vprepend_error_message ( + krb5_context /*context*/, + krb5_error_code /*ret*/, + const char */*fmt*/, + va_list /*args*/) + __attribute__ ((format (printf, 3, 0))); + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_vset_error_message ( + krb5_context /*context*/, + krb5_error_code /*ret*/, + const char */*fmt*/, + va_list /*args*/) + __attribute__ ((format (printf, 3, 0))); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vset_error_string ( krb5_context /*context*/, const char */*fmt*/, va_list /*args*/) - __attribute__ ((format (printf, 2, 0))); + __attribute__ ((format (printf, 2, 0))) KRB5_DEPRECATED_FUNCTION("Use X instead"); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vwarn ( krb5_context /*context*/, krb5_error_code /*code*/, const char */*fmt*/, va_list /*ap*/) - __attribute__ ((format (printf, 3, 0))); + __attribute__ ((format (printf, 3, 0))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vwarnx ( krb5_context /*context*/, const char */*fmt*/, va_list /*ap*/) - __attribute__ ((format (printf, 2, 0))); + __attribute__ ((format (printf, 2, 0))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_warn ( krb5_context /*context*/, krb5_error_code /*code*/, const char */*fmt*/, ...) - __attribute__ ((format (printf, 3, 4))); + __attribute__ ((format (printf, 3, 4))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_warnx ( krb5_context /*context*/, const char */*fmt*/, ...) - __attribute__ ((format (printf, 2, 3))); + __attribute__ ((format (printf, 2, 3))); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_write_message ( krb5_context /*context*/, krb5_pointer /*p_fd*/, krb5_data */*data*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_write_priv_message ( krb5_context /*context*/, krb5_auth_context /*ac*/, krb5_pointer /*p_fd*/, krb5_data */*data*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_write_safe_message ( krb5_context /*context*/, krb5_auth_context /*ac*/, krb5_pointer /*p_fd*/, krb5_data */*data*/); -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_xfree (void */*ptr*/); #ifdef __cplusplus } #endif +#undef KRB5_DEPRECATED_FUNCTION + #endif /* __krb5_protos_h__ */ diff --git a/lib/krb5/krb5-v4compat.h b/lib/krb5/krb5-v4compat.h index dfd7e944607f..324c8c1d3c89 100644 --- a/lib/krb5/krb5-v4compat.h +++ b/lib/krb5/krb5-v4compat.h @@ -1,44 +1,44 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: krb5-v4compat.h 21575 2007-07-16 07:44:54Z lha $ */ +/* $Id$ */ #ifndef __KRB5_V4COMPAT_H__ #define __KRB5_V4COMPAT_H__ #include "krb_err.h" -/* +/* * This file must only be included with v4 compat glue stuff in * heimdal sources. * @@ -105,8 +105,12 @@ struct credentials { #define CLOCK_SKEW 5*60 #ifndef TKT_ROOT +#ifdef KRB5_USE_PATH_TOKENS +#define TKT_ROOT "%{TEMP}/tkt" +#else #define TKT_ROOT "/tmp/tkt" #endif +#endif struct _krb5_krb_auth_data { int8_t k_flags; /* Flags from ticket */ @@ -120,11 +124,18 @@ struct _krb5_krb_auth_data { uint32_t address; /* Address in ticket */ }; -time_t _krb5_krb_life_to_time (int, int); -int _krb5_krb_time_to_life (time_t, time_t); -krb5_error_code _krb5_krb_tf_setup (krb5_context, struct credentials *, - const char *, int); -krb5_error_code _krb5_krb_dest_tkt(krb5_context, const char *); +KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL +_krb5_krb_life_to_time (int, int); + +KRB5_LIB_FUNCTION int KRB5_LIB_CALL +_krb5_krb_time_to_life (time_t, time_t); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_krb_tf_setup (krb5_context, struct credentials *, + const char *, int); + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_krb_dest_tkt(krb5_context, const char *); #define krb_time_to_life _krb5_krb_time_to_life #define krb_life_to_time _krb5_krb_life_to_time diff --git a/lib/krb5/krb5.3 b/lib/krb5/krb5.3 deleted file mode 100644 index 3ce8c1fe9c11..000000000000 --- a/lib/krb5/krb5.3 +++ /dev/null @@ -1,526 +0,0 @@ -.\" Copyright (c) 2001, 2003 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5.3 18212 2006-10-03 10:39:35Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5 3 -.Os -.Sh NAME -.Nm krb5 -.Nd Kerberos 5 library -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Sh DESCRIPTION -These functions constitute the Kerberos 5 library, -.Em libkrb5 . -.Sh LIST OF FUNCTIONS -.sp 2 -.nf -.ta \w'krb5_ticket_get_authorization_data_type.3'u+2n +\w'Description goes here'u -\fIName/Page\fP \fIDescription\fP -.ta \w'krb5_ticket_get_authorization_data_type.3'u+2n +\w'Description goes here'u+6nC -.sp 5p -krb524_convert_creds_kdc.3 -krb524_convert_creds_kdc_cache.3 -krb5_425_conv_principal.3 -krb5_425_conv_principal_ext.3 -krb5_524_conv_principal.3 -krb5_abort.3 -krb5_abortx.3 -krb5_acl_match_file.3 -krb5_acl_match_string.3 -krb5_add_et_list.3 -krb5_add_extra_addresses.3 -krb5_add_ignore_addresses.3 -krb5_addlog_dest.3 -krb5_addlog_func.3 -krb5_addr2sockaddr.3 -krb5_address.3 -krb5_address_compare.3 -krb5_address_order.3 -krb5_address_search.3 -krb5_addresses.3 -krb5_aname_to_localname.3 -krb5_anyaddr.3 -krb5_appdefault_boolean.3 -krb5_appdefault_string.3 -krb5_appdefault_time.3 -krb5_append_addresses.3 -krb5_auth_con_addflags.3 -krb5_auth_con_free.3 -krb5_auth_con_genaddrs.3 -krb5_auth_con_generatelocalsubkey.3 -krb5_auth_con_getaddrs.3 -krb5_auth_con_getauthenticator.3 -krb5_auth_con_getcksumtype.3 -krb5_auth_con_getflags.3 -krb5_auth_con_getkey.3 -krb5_auth_con_getkeytype.3 -krb5_auth_con_getlocalseqnumber.3 -krb5_auth_con_getlocalsubkey.3 -krb5_auth_con_getrcache.3 -krb5_auth_con_getremotesubkey.3 -krb5_auth_con_getuserkey.3 -krb5_auth_con_init.3 -krb5_auth_con_initivector.3 -krb5_auth_con_removeflags.3 -krb5_auth_con_setaddrs.3 -krb5_auth_con_setaddrs_from_fd.3 -krb5_auth_con_setcksumtype.3 -krb5_auth_con_setflags.3 -krb5_auth_con_setivector.3 -krb5_auth_con_setkey.3 -krb5_auth_con_setkeytype.3 -krb5_auth_con_setlocalseqnumber.3 -krb5_auth_con_setlocalsubkey.3 -krb5_auth_con_setrcache.3 -krb5_auth_con_setremoteseqnumber.3 -krb5_auth_con_setremotesubkey.3 -krb5_auth_con_setuserkey.3 -krb5_auth_context.3 -krb5_auth_getremoteseqnumber.3 -krb5_build_principal.3 -krb5_build_principal_ext.3 -krb5_build_principal_va.3 -krb5_build_principal_va_ext.3 -krb5_c_block_size.3 -krb5_c_checksum_length.3 -krb5_c_decrypt.3 -krb5_c_encrypt.3 -krb5_c_encrypt_length.3 -krb5_c_enctype_compare.3 -krb5_c_get_checksum.3 -krb5_c_is_coll_proof_cksum.3 -krb5_c_is_keyed_cksum.3 -krb5_c_make_checksum.3 -krb5_c_make_random_key.3 -krb5_c_set_checksum.3 -krb5_c_valid_cksumtype.3 -krb5_c_valid_enctype.3 -krb5_c_verify_checksum.3 -krb5_cc_cache_end_seq_get.3 -krb5_cc_cache_get_first.3 -krb5_cc_cache_match.3 -krb5_cc_cache_next.3 -krb5_cc_close.3 -krb5_cc_copy_cache.3 -krb5_cc_default.3 -krb5_cc_default_name.3 -krb5_cc_destroy.3 -krb5_cc_end_seq_get.3 -krb5_cc_gen_new.3 -krb5_cc_get_full_name.3 -krb5_cc_get_name.3 -krb5_cc_get_ops.3 -krb5_cc_get_principal.3 -krb5_cc_get_type.3 -krb5_cc_get_version.3 -krb5_cc_initialize.3 -krb5_cc_new_unique.3 -krb5_cc_next_cred.3 -krb5_cc_register.3 -krb5_cc_remove_cred.3 -krb5_cc_resolve.3 -krb5_cc_retrieve_cred.3 -krb5_cc_set_default_name.3 -krb5_cc_set_flags.3 -krb5_cc_store_cred.3 -krb5_change_password.3 -krb5_check_transited.3 -krb5_check_transited_realms.3 -krb5_checksum_disable.3 -krb5_checksum_free.3 -krb5_checksum_is_collision_proof.3 -krb5_checksum_is_keyed.3 -krb5_checksumsize.3 -krb5_clear_error_string.3 -krb5_closelog.3 -krb5_config_file_free.3 -krb5_config_free_strings.3 -krb5_config_get.3 -krb5_config_get_bool.3 -krb5_config_get_bool_default.3 -krb5_config_get_int.3 -krb5_config_get_int_default.3 -krb5_config_get_list.3 -krb5_config_get_next.3 -krb5_config_get_string.3 -krb5_config_get_string_default.3 -krb5_config_get_strings.3 -krb5_config_get_time.3 -krb5_config_get_time_default.3 -krb5_config_parse_file.3 -krb5_config_parse_file_multi.3 -krb5_config_vget.3 -krb5_config_vget_bool.3 -krb5_config_vget_bool_default.3 -krb5_config_vget_int.3 -krb5_config_vget_int_default.3 -krb5_config_vget_list.3 -krb5_config_vget_next.3 -krb5_config_vget_string.3 -krb5_config_vget_string_default.3 -krb5_config_vget_strings.3 -krb5_config_vget_time.3 -krb5_config_vget_time_default.3 -krb5_context.3 -krb5_copy_address.3 -krb5_copy_addresses.3 -krb5_copy_checksum.3 -krb5_copy_data.3 -krb5_copy_host_realm.3 -krb5_copy_keyblock.3 -krb5_copy_keyblock_contents.3 -krb5_copy_principal.3 -krb5_copy_ticket.3 -krb5_create_checksum.3 -krb5_creds.3 -krb5_crypto_destroy.3 -krb5_crypto_get_checksum_type.3 -krb5_crypto_getblocksize.3 -krb5_crypto_getconfoundersize.3 -krb5_crypto_getenctype.3 -krb5_crypto_getpadsize.3 -krb5_crypto_init.3 -krb5_data_alloc.3 -krb5_data_copy.3 -krb5_data_free.3 -krb5_data_realloc.3 -krb5_data_zero.3 -krb5_decrypt.3 -krb5_decrypt_EncryptedData.3 -krb5_digest.3 -krb5_digest_alloc.3 -krb5_digest_free.3 -krb5_digest_get_a1_hash.3 -krb5_digest_get_client_binding.3 -krb5_digest_get_identifier.3 -krb5_digest_get_opaque.3 -krb5_digest_get_responseData.3 -krb5_digest_get_rsp.3 -krb5_digest_get_server_nonce.3 -krb5_digest_get_tickets.3 -krb5_digest_init_request.3 -krb5_digest_request.3 -krb5_digest_set_authentication_user.3 -krb5_digest_set_authid.3 -krb5_digest_set_client_nonce.3 -krb5_digest_set_digest.3 -krb5_digest_set_hostname.3 -krb5_digest_set_identifier.3 -krb5_digest_set_method.3 -krb5_digest_set_nonceCount.3 -krb5_digest_set_opaque.3 -krb5_digest_set_qop.3 -krb5_digest_set_realm.3 -krb5_digest_set_server_cb.3 -krb5_digest_set_server_nonce.3 -krb5_digest_set_type.3 -krb5_digest_set_uri.3 -krb5_digest_set_username.3 -krb5_domain_x500_decode.3 -krb5_domain_x500_encode.3 -krb5_eai_to_heim_errno.3 -krb5_encrypt.3 -krb5_encrypt_EncryptedData.3 -krb5_enctype_disable.3 -krb5_enctype_to_string.3 -krb5_enctype_valid.3 -krb5_err.3 -krb5_errx.3 -krb5_expand_hostname.3 -krb5_expand_hostname_realms.3 -krb5_find_padata.3 -krb5_format_time.3 -krb5_free_address.3 -krb5_free_addresses.3 -krb5_free_authenticator.3 -krb5_free_checksum.3 -krb5_free_checksum_contents.3 -krb5_free_config_files.3 -krb5_free_context.3 -krb5_free_data.3 -krb5_free_data_contents.3 -krb5_free_error_string.3 -krb5_free_host_realm.3 -krb5_free_kdc_rep.3 -krb5_free_keyblock.3 -krb5_free_keyblock_contents.3 -krb5_free_krbhst.3 -krb5_free_principal.3 -krb5_free_salt.3 -krb5_free_ticket.3 -krb5_fwd_tgt_creds.3 -krb5_generate_random_block.3 -krb5_generate_random_keyblock.3 -krb5_generate_subkey.3 -krb5_get_all_client_addrs.3 -krb5_get_all_server_addrs.3 -krb5_get_cred_from_kdc.3 -krb5_get_cred_from_kdc_opt.3 -krb5_get_credentials.3 -krb5_get_credentials_with_flags.3 -krb5_get_default_config_files.3 -krb5_get_default_principal.3 -krb5_get_default_realm.3 -krb5_get_default_realms.3 -krb5_get_err_text.3 -krb5_get_error_message.3 -krb5_get_error_string.3 -krb5_get_extra_addresses.3 -krb5_get_fcache_version.3 -krb5_get_forwarded_creds.3 -krb5_get_host_realm.3 -krb5_get_ignore_addresses.3 -krb5_get_in_cred.3 -krb5_get_in_tkt.3 -krb5_get_in_tkt_with_keytab.3 -krb5_get_in_tkt_with_password.3 -krb5_get_in_tkt_with_skey.3 -krb5_get_init_creds.3 -krb5_get_init_creds_keytab.3 -krb5_get_init_creds_opt_alloc.3 -krb5_get_init_creds_opt_free.3 -krb5_get_init_creds_opt_free_pkinit.3 -krb5_get_init_creds_opt_init.3 -krb5_get_init_creds_opt_set_address_list.3 -krb5_get_init_creds_opt_set_anonymous.3 -krb5_get_init_creds_opt_set_default_flags.3 -krb5_get_init_creds_opt_set_etype_list.3 -krb5_get_init_creds_opt_set_forwardable.3 -krb5_get_init_creds_opt_set_pa_password.3 -krb5_get_init_creds_opt_set_paq_request.3 -krb5_get_init_creds_opt_set_pkinit.3 -krb5_get_init_creds_opt_set_preauth_list.3 -krb5_get_init_creds_opt_set_proxiable.3 -krb5_get_init_creds_opt_set_renew_life.3 -krb5_get_init_creds_opt_set_salt.3 -krb5_get_init_creds_opt_set_tkt_life.3 -krb5_get_init_creds_password.3 -krb5_get_kdc_cred.3 -krb5_get_krb524hst.3 -krb5_get_krb_admin_hst.3 -krb5_get_krb_changepw_hst.3 -krb5_get_krbhst.3 -krb5_get_pw_salt.3 -krb5_get_server_rcache.3 -krb5_get_use_admin_kdc.3 -krb5_get_wrapped_length.3 -krb5_getportbyname.3 -krb5_h_addr2addr.3 -krb5_h_addr2sockaddr.3 -krb5_h_errno_to_heim_errno.3 -krb5_have_error_string.3 -krb5_hmac.3 -krb5_init_context.3 -krb5_init_ets.3 -krb5_initlog.3 -krb5_keyblock_get_enctype.3 -krb5_keyblock_zero.3 -krb5_keytab_entry.3 -krb5_krbhst_format_string.3 -krb5_krbhst_free.3 -krb5_krbhst_get_addrinfo.3 -krb5_krbhst_init.3 -krb5_krbhst_init_flags.3 -krb5_krbhst_next.3 -krb5_krbhst_next_as_string.3 -krb5_krbhst_reset.3 -krb5_kt_add_entry.3 -krb5_kt_close.3 -krb5_kt_compare.3 -krb5_kt_copy_entry_contents.3 -krb5_kt_cursor.3 -krb5_kt_default.3 -krb5_kt_default_modify_name.3 -krb5_kt_default_name.3 -krb5_kt_end_seq_get.3 -krb5_kt_free_entry.3 -krb5_kt_get_entry.3 -krb5_kt_get_name.3 -krb5_kt_get_type.3 -krb5_kt_next_entry.3 -krb5_kt_ops.3 -krb5_kt_read_service_key.3 -krb5_kt_register.3 -krb5_kt_remove_entry.3 -krb5_kt_resolve.3.3 -krb5_kt_start_seq_get -krb5_kuserok.3 -krb5_log.3 -krb5_log_msg.3 -krb5_make_addrport.3 -krb5_make_principal.3 -krb5_max_sockaddr_size.3 -krb5_openlog.3 -krb5_padata_add.3 -krb5_parse_address.3 -krb5_parse_name.3 -krb5_passwd_result_to_string.3 -krb5_password_key_proc.3 -krb5_prepend_config_files.3 -krb5_prepend_config_files_default.3 -krb5_princ_realm.3 -krb5_princ_set_realm.3 -krb5_principal.3 -krb5_principal_compare.3 -krb5_principal_compare_any_realm.3 -krb5_principal_get_comp_string.3 -krb5_principal_get_realm.3 -krb5_principal_get_type.3 -krb5_principal_match.3 -krb5_principal_set_type.3 -krb5_print_address.3 -krb5_rc_close.3 -krb5_rc_default.3 -krb5_rc_default_name.3 -krb5_rc_default_type.3 -krb5_rc_destroy.3 -krb5_rc_expunge.3 -krb5_rc_get_lifespan.3 -krb5_rc_get_name.3 -krb5_rc_get_type.3 -krb5_rc_initialize.3 -krb5_rc_recover.3 -krb5_rc_resolve.3 -krb5_rc_resolve_full.3 -krb5_rc_resolve_type.3 -krb5_rc_store.3 -krb5_rcache.3 -krb5_realm_compare.3 -krb5_ret_address.3 -krb5_ret_addrs.3 -krb5_ret_authdata.3 -krb5_ret_creds.3 -krb5_ret_data.3 -krb5_ret_int16.3 -krb5_ret_int32.3 -krb5_ret_int8.3 -krb5_ret_keyblock.3 -krb5_ret_principal.3 -krb5_ret_string.3 -krb5_ret_stringz.3 -krb5_ret_times.3 -krb5_set_config_files.3 -krb5_set_default_realm.3 -krb5_set_error_string.3 -krb5_set_extra_addresses.3 -krb5_set_fcache_version.3 -krb5_set_ignore_addresses.3 -krb5_set_password.3 -krb5_set_password_using_ccache.3 -krb5_set_real_time.3 -krb5_set_use_admin_kdc.3 -krb5_set_warn_dest.3 -krb5_sname_to_principal.3 -krb5_sock_to_principal.3 -krb5_sockaddr2address.3 -krb5_sockaddr2port.3 -krb5_sockaddr_uninteresting.3 -krb5_storage.3 -krb5_storage_clear_flags.3 -krb5_storage_emem.3 -krb5_storage_free.3 -krb5_storage_from_data.3 -krb5_storage_from_fd.3 -krb5_storage_from_mem.3 -krb5_storage_get_byteorder.3 -krb5_storage_is_flags.3 -krb5_storage_read.3 -krb5_storage_seek.3 -krb5_storage_set_byteorder.3 -krb5_storage_set_eof_code.3 -krb5_storage_set_flags.3 -krb5_storage_to_data.3 -krb5_storage_write.3 -krb5_store_address.3 -krb5_store_addrs.3 -krb5_store_authdata.3 -krb5_store_creds.3 -krb5_store_data.3 -krb5_store_int16.3 -krb5_store_int32.3 -krb5_store_int8.3 -krb5_store_keyblock.3 -krb5_store_principal.3 -krb5_store_string.3 -krb5_store_stringz.3 -krb5_store_times.3 -krb5_string_to_deltat.3 -krb5_string_to_enctype.3 -krb5_string_to_key.3 -krb5_string_to_key_data.3 -krb5_string_to_key_data_salt.3 -krb5_string_to_key_data_salt_opaque.3 -krb5_string_to_key_salt.3 -krb5_string_to_key_salt_opaque.3 -krb5_ticket.3 -krb5_ticket_get_authorization_data_type.3 -krb5_ticket_get_client.3 -krb5_ticket_get_server.3 -krb5_timeofday.3 -krb5_unparse_name.3 -krb5_unparse_name_fixed.3 -krb5_unparse_name_fixed_short.3 -krb5_unparse_name_short.3 -krb5_us_timeofday.3 -krb5_vabort.3 -krb5_vabortx.3 -krb5_verify_checksum.3 -krb5_verify_init_creds.3 -krb5_verify_init_creds_opt_init.3 -krb5_verify_init_creds_opt_set_ap_req_nofail.3 -krb5_verify_opt_init.3 -krb5_verify_opt_set_ccache.3 -krb5_verify_opt_set_flags.3 -krb5_verify_opt_set_keytab.3 -krb5_verify_opt_set_secure.3 -krb5_verify_opt_set_service.3 -krb5_verify_user.3 -krb5_verify_user_lrealm.3 -krb5_verify_user_opt.3 -krb5_verr.3 -krb5_verrx.3 -krb5_vlog.3 -krb5_vlog_msg.3 -krb5_vset_error_string.3 -krb5_vwarn.3 -krb5_vwarnx.3 -krb5_warn.3 -krb5_warnx.3 -.ta -.Fi -.Sh SEE ALSO -.Xr krb5.conf 5 , -.Xr kerberos 8 diff --git a/lib/krb5/krb5.conf.5 b/lib/krb5/krb5.conf.5 index ceb16a401aa6..9e1edc7b6ca1 100644 --- a/lib/krb5/krb5.conf.5 +++ b/lib/krb5/krb5.conf.5 @@ -1,4 +1,4 @@ -.\" Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan +.\" Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5.conf.5 15514 2005-06-23 18:43:34Z lha $ +.\" $Id$ .\" .Dd May 4, 2005 .Dt KRB5.CONF 5 @@ -143,6 +143,9 @@ Default realm to use, this is also known as your .Dq local realm . The default is the result of .Fn krb5_get_host_realm "local hostname" . +.It Li allow_weak_crypto = Va boolean +is weaks crypto algorithms allowed to be used, among others, DES is +considered weak. .It Li clockskew = Va time Maximum time differential (in seconds) allowed when comparing times. @@ -160,17 +163,28 @@ manual page. .It ... .It Li } .El -This is deprecated, see the +This is deprecated, see the .Li capaths section below. +.It Li default_cc_type = Va cctype +sets the default credentials type. .It Li default_cc_name = Va ccname the default credentials cache name. +If you want to change the type only use +.Li default_cc_type . The string can contain variables that are expanded on runtime. Only support variable now is .Li %{uid} that expands to the current user id. .It Li default_etypes = Va etypes ... -A list of default encryption types to use. +A list of default encryption types to use. (Default: all enctypes if +allow_weak_crypto = TRUE, else all enctypes except single DES enctypes.) +.It Li default_as_etypes = Va etypes ... +A list of default encryption types to use in AS requests. (Default: the +value of default_etypes.) +.It Li default_tgs_etypes = Va etypes ... +A list of default encryption types to use in TGS requests. (Default: +the value of default_etypes.) .It Li default_etypes_des = Va etypes ... A list of default encryption types to use when requesting a DES credential. .It Li default_keytab_name = Va keytab @@ -241,6 +255,11 @@ older than Heimdal 0.7. Setting this flag to .Dv TRUE make it store the MIT way, this is default for Heimdal 0.7. +.It Li check-rd-req-server +If set to "ignore", the framework will ignore any the server input to +.Xr krb5_rd_req 3, +this is very useful when the GSS-API server input the +wrong server name into the gss_accept_sec_context call. .El .It Li [domain_realm] This is a list of mappings from DNS domain to Kerberos realm. @@ -326,7 +345,7 @@ obtain credentials for a service in the .Va server-realm . Secondly, it tells the KDC (and other servers) which realms are allowed in a multi-hop traversal from -.Va client-realm +.Va client-realm to .Va server-realm . Except for the client case, the order of the realms are not important. @@ -351,7 +370,7 @@ manual page for a list of defined destinations. .Bl -tag -width "xxx" -offset indent .It Li dbname Li = Va DATABASENAME Use this database for this realm. -See the info documetation how to configure diffrent database backends. +See the info documetation how to configure different database backends. .It Li realm Li = Va REALM Specifies the realm that will be stored in this database. It realm isn't set, it will used as the default database, there can @@ -393,6 +412,24 @@ Default is the same as Should the kdc answer kdc-requests over http. .It Li enable-kaserver = Va BOOL If this kdc should emulate the AFS kaserver. +.It Li as-use-strongest-session-key = Va BOOL +If this is TRUE then the KDC will prefer the strongest key from the +client's AS-REQ enctype list, that is also supported by the KDC and the +target principal, for the ticket session key. Else it will prefer the +first key from the client's AS-REQ enctype list that is also supported +by the KDC and the target principal. Defaults to TRUE. +.It Li preauth-use-strongest-session-key = Va BOOL +Like as-use-strongest-session-key, but applies to the session key +enctype selection for PA-ETYPE-INFO2 (i.e., for password-based +pre-authentication). Defaults to TRUE. +.It Li tgs-use-strongest-session-key = Va BOOL +Like as-use-strongest-session-key, but applies to the session key +enctype of tickets issued by the TGS. Defaults to TRUE. +.It Li use-strongest-server-key = Va BOOL +If TRUE then the KDC picks, for the ticket encrypted part's key, the +first supported enctype from the target service principal's hdb entry's +current keyset. Else the KDC picks the first supported enctype from the +target service principal's hdb entry's current keyset. Defaults to TRUE. .It Li check-ticket-addresses = Va BOOL Verify the addresses in the tickets used in tgs requests. .\" XXX @@ -425,6 +462,11 @@ The default value is account . .It Li hdb-ldap-create-base Va creation dn is the dn that will be appended to the principal when creating entries. Default value is the search dn. +.It Li enable-digest = Va BOOL +Should the kdc answer digest requests. The default is FALSE. +.It Li digests_allowed = Va list of digests +Specifies the digests the kdc will reply to. The default is +.Li ntlm-v2 . .El .It Li [kadmin] .Bl -tag -width "xxx" -offset indent @@ -462,7 +504,7 @@ When true, this is the same as .Pp and is only left for backwards compatibility. .El -.It Li [password-quality] +.It Li [password_quality] Check the Password quality assurance in the info documentation for more information. .Bl -tag -width "xxx" -offset indent diff --git a/lib/krb5/krb5.conf.cat5 b/lib/krb5/krb5.conf.cat5 new file mode 100644 index 000000000000..7d10cae2c3e8 --- /dev/null +++ b/lib/krb5/krb5.conf.cat5 @@ -0,0 +1,598 @@ + +KRB5.CONF(5) BSD File Formats Manual KRB5.CONF(5) + +NNAAMMEE + kkrrbb55..ccoonnff -- configuration file for Kerberos 5 + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + +DDEESSCCRRIIPPTTIIOONN + The kkrrbb55..ccoonnff file specifies several configuration parameters for the + Kerberos 5 library, as well as for some programs. + + The file consists of one or more sections, containing a number of bind- + ings. The value of each binding can be either a string or a list of + other bindings. The grammar looks like: + + file: + /* empty */ + sections + + sections: + section sections + section + + section: + '[' section_name ']' bindings + + section_name: + STRING + + bindings: + binding bindings + binding + + binding: + name '=' STRING + name '=' '{' bindings '}' + + name: + STRING + + STRINGs consists of one or more non-whitespace characters. + + STRINGs that are specified later in this man-page uses the following + notation. + + boolean + values can be either yes/true or no/false. + + time + values can be a list of year, month, day, hour, min, second. + Example: 1 month 2 days 30 min. If no unit is given, seconds + is assumed. + + etypes + valid encryption types are: des-cbc-crc, des-cbc-md4, des-cbc- + md5, des3-cbc-sha1, arcfour-hmac-md5, aes128-cts-hmac-sha1-96, + and aes256-cts-hmac-sha1-96 . + + address + an address can be either a IPv4 or a IPv6 address. + + Currently recognised sections and bindings are: + + [appdefaults] + Specifies the default values to be used for Kerberos applica- + tions. You can specify defaults per application, realm, or a + combination of these. The preference order is: + 1. _a_p_p_l_i_c_a_t_i_o_n _r_e_a_l_m _o_p_t_i_o_n + 2. _a_p_p_l_i_c_a_t_i_o_n _o_p_t_i_o_n + 3. _r_e_a_l_m _o_p_t_i_o_n + 4. _o_p_t_i_o_n + + The supported options are: + + forwardable = _b_o_o_l_e_a_n + When obtaining initial credentials, make the cre- + dentials forwardable. + + proxiable = _b_o_o_l_e_a_n + When obtaining initial credentials, make the cre- + dentials proxiable. + + no-addresses = _b_o_o_l_e_a_n + When obtaining initial credentials, request them + for an empty set of addresses, making the tickets + valid from any address. + + ticket_lifetime = _t_i_m_e + Default ticket lifetime. + + renew_lifetime = _t_i_m_e + Default renewable ticket lifetime. + + encrypt = _b_o_o_l_e_a_n + Use encryption, when available. + + forward = _b_o_o_l_e_a_n + Forward credentials to remote host (for rsh(1), + telnet(1), etc). + + [libdefaults] + + default_realm = _R_E_A_L_M + Default realm to use, this is also known as your + ``local realm''. The default is the result of + kkrrbb55__ggeett__hhoosstt__rreeaallmm(_l_o_c_a_l _h_o_s_t_n_a_m_e). + + allow_weak_crypto = _b_o_o_l_e_a_n + is weaks crypto algorithms allowed to be used, + among others, DES is considered weak. + + clockskew = _t_i_m_e + Maximum time differential (in seconds) allowed when + comparing times. Default is 300 seconds (five min- + utes). + + kdc_timeout = _t_i_m_e + Maximum time to wait for a reply from the kdc, + default is 3 seconds. + + v4_name_convert + + v4_instance_resolve + These are described in the + krb5_425_conv_principal(3) manual page. + + capath = { + + _d_e_s_t_i_n_a_t_i_o_n_-_r_e_a_l_m = _n_e_x_t_-_h_o_p_-_r_e_a_l_m + + ... + + } + This is deprecated, see the capaths section below. + + default_cc_type = _c_c_t_y_p_e + sets the default credentials type. + + default_cc_name = _c_c_n_a_m_e + the default credentials cache name. If you want to + change the type only use default_cc_type. The + string can contain variables that are expanded on + runtime. Only support variable now is %{uid} that + expands to the current user id. + + default_etypes = _e_t_y_p_e_s _._._. + A list of default encryption types to use. + (Default: all enctypes if allow_weak_crypto = TRUE, + else all enctypes except single DES enctypes.) + + default_as_etypes = _e_t_y_p_e_s _._._. + A list of default encryption types to use in AS + requests. (Default: the value of default_etypes.) + + default_tgs_etypes = _e_t_y_p_e_s _._._. + A list of default encryption types to use in TGS + requests. (Default: the value of default_etypes.) + + default_etypes_des = _e_t_y_p_e_s _._._. + A list of default encryption types to use when + requesting a DES credential. + + default_keytab_name = _k_e_y_t_a_b + The keytab to use if no other is specified, default + is ``FILE:/etc/krb5.keytab''. + + dns_lookup_kdc = _b_o_o_l_e_a_n + Use DNS SRV records to lookup KDC services loca- + tion. + + dns_lookup_realm = _b_o_o_l_e_a_n + Use DNS TXT records to lookup domain to realm map- + pings. + + kdc_timesync = _b_o_o_l_e_a_n + Try to keep track of the time differential between + the local machine and the KDC, and then compensate + for that when issuing requests. + + max_retries = _n_u_m_b_e_r + The max number of times to try to contact each KDC. + + large_msg_size = _n_u_m_b_e_r + The threshold where protocols with tiny maximum + message sizes are not considered usable to send + messages to the KDC. + + ticket_lifetime = _t_i_m_e + Default ticket lifetime. + + renew_lifetime = _t_i_m_e + Default renewable ticket lifetime. + + forwardable = _b_o_o_l_e_a_n + When obtaining initial credentials, make the cre- + dentials forwardable. This option is also valid in + the [realms] section. + + proxiable = _b_o_o_l_e_a_n + When obtaining initial credentials, make the cre- + dentials proxiable. This option is also valid in + the [realms] section. + + verify_ap_req_nofail = _b_o_o_l_e_a_n + If enabled, failure to verify credentials against a + local key is a fatal error. The application has to + be able to read the corresponding service key for + this to work. Some applications, like su(1), + enable this option unconditionally. + + warn_pwexpire = _t_i_m_e + How soon to warn for expiring password. Default is + seven days. + + http_proxy = _p_r_o_x_y_-_s_p_e_c + A HTTP-proxy to use when talking to the KDC via + HTTP. + + dns_proxy = _p_r_o_x_y_-_s_p_e_c + Enable using DNS via HTTP. + + extra_addresses = _a_d_d_r_e_s_s _._._. + A list of addresses to get tickets for along with + all local addresses. + + time_format = _s_t_r_i_n_g + How to print time strings in logs, this string is + passed to strftime(3). + + date_format = _s_t_r_i_n_g + How to print date strings in logs, this string is + passed to strftime(3). + + log_utc = _b_o_o_l_e_a_n + Write log-entries using UTC instead of your local + time zone. + + scan_interfaces = _b_o_o_l_e_a_n + Scan all network interfaces for addresses, as + opposed to simply using the address associated with + the system's host name. + + fcache_version = _i_n_t + Use file credential cache format version specified. + + krb4_get_tickets = _b_o_o_l_e_a_n + Also get Kerberos 4 tickets in kkiinniitt, llooggiinn, and + other programs. This option is also valid in the + [realms] section. + + fcc-mit-ticketflags = _b_o_o_l_e_a_n + Use MIT compatible format for file credential + cache. It's the field ticketflags that is stored + in reverse bit order for older than Heimdal 0.7. + Setting this flag to TRUE make it store the MIT + way, this is default for Heimdal 0.7. + + check-rd-req-server + If set to "ignore", the framework will ignore any + the server input to krb5_rd_req(3,) this is very + useful when the GSS-API server input the wrong + server name into the gss_accept_sec_context call. + + [domain_realm] + This is a list of mappings from DNS domain to Kerberos realm. + Each binding in this section looks like: + + domain = realm + + The domain can be either a full name of a host or a trailing + component, in the latter case the domain-string should start + with a period. The trailing component only matches hosts that + are in the same domain, ie ``.example.com'' matches + ``foo.example.com'', but not ``foo.test.example.com''. + + The realm may be the token `dns_locate', in which case the + actual realm will be determined using DNS (independently of + the setting of the `dns_lookup_realm' option). + + [realms] + + _R_E_A_L_M = { + + kdc = _[_s_e_r_v_i_c_e_/_]_h_o_s_t_[_:_p_o_r_t_] + Specifies a list of kdcs for this realm. + If the optional _p_o_r_t is absent, the + default value for the ``kerberos/udp'' + ``kerberos/tcp'', and ``http/tcp'' port + (depending on service) will be used. + The kdcs will be used in the order that + they are specified. + + The optional _s_e_r_v_i_c_e specifies over what + medium the kdc should be contacted. + Possible services are ``udp'', ``tcp'', + and ``http''. Http can also be written + as ``http://''. Default service is + ``udp'' and ``tcp''. + + admin_server = _h_o_s_t_[_:_p_o_r_t_] + Specifies the admin server for this + realm, where all the modifications to + the database are performed. + + kpasswd_server = _h_o_s_t_[_:_p_o_r_t_] + Points to the server where all the pass- + word changes are performed. If there is + no such entry, the kpasswd port on the + admin_server host will be tried. + + krb524_server = _h_o_s_t_[_:_p_o_r_t_] + Points to the server that does 524 con- + versions. If it is not mentioned, the + krb524 port on the kdcs will be tried. + + v4_instance_convert + + v4_name_convert + + default_domain + See krb5_425_conv_principal(3). + + tgs_require_subkey + a boolan variable that defaults to + false. Old DCE secd (pre 1.1) might + need this to be true. + + } + + [capaths] + + _c_l_i_e_n_t_-_r_e_a_l_m = { + + _s_e_r_v_e_r_-_r_e_a_l_m = _h_o_p_-_r_e_a_l_m _._._. + This serves two purposes. First the + first listed _h_o_p_-_r_e_a_l_m tells a client + which realm it should contact in order + to ultimately obtain credentials for a + service in the _s_e_r_v_e_r_-_r_e_a_l_m. Secondly, + it tells the KDC (and other servers) + which realms are allowed in a multi-hop + traversal from _c_l_i_e_n_t_-_r_e_a_l_m to + _s_e_r_v_e_r_-_r_e_a_l_m. Except for the client + case, the order of the realms are not + important. + + _} + + [logging] + + _e_n_t_i_t_y = _d_e_s_t_i_n_a_t_i_o_n + Specifies that _e_n_t_i_t_y should use the specified + destination for logging. See the krb5_openlog(3) + manual page for a list of defined destinations. + + [kdc] + + database = { + + dbname = _D_A_T_A_B_A_S_E_N_A_M_E + Use this database for this realm. See + the info documetation how to configure + different database backends. + + realm = _R_E_A_L_M + Specifies the realm that will be stored + in this database. It realm isn't set, + it will used as the default database, + there can only be one entry that doesn't + have a realm stanza. + + mkey_file = _F_I_L_E_N_A_M_E + Use this keytab file for the master key + of this database. If not specified + _D_A_T_A_B_A_S_E_N_A_M_E.mkey will be used. + + acl_file = PA FILENAME + Use this file for the ACL list of this + database. + + log_file = _F_I_L_E_N_A_M_E + Use this file as the log of changes per- + formed to the database. This file is + used by iipprrooppdd--mmaasstteerr for propagating + changes to slaves. + + } + + max-request = _S_I_Z_E + Maximum size of a kdc request. + + require-preauth = _B_O_O_L + If set pre-authentication is required. Since krb4 + requests are not pre-authenticated they will be + rejected. + + ports = _l_i_s_t _o_f _p_o_r_t_s + List of ports the kdc should listen to. + + addresses = _l_i_s_t _o_f _i_n_t_e_r_f_a_c_e_s + List of addresses the kdc should bind to. + + enable-kerberos4 = _B_O_O_L + Turn on Kerberos 4 support. + + v4-realm = _R_E_A_L_M + To what realm v4 requests should be mapped. + + enable-524 = _B_O_O_L + Should the Kerberos 524 converting facility be + turned on. Default is the same as + _e_n_a_b_l_e_-_k_e_r_b_e_r_o_s_4. + + enable-http = _B_O_O_L + Should the kdc answer kdc-requests over http. + + enable-kaserver = _B_O_O_L + If this kdc should emulate the AFS kaserver. + + as-use-strongest-session-key = _B_O_O_L + If this is TRUE then the KDC will prefer the + strongest key from the client's AS-REQ enctype + list, that is also supported by the KDC and the + target principal, for the ticket session key. Else + it will prefer the first key from the client's AS- + REQ enctype list that is also supported by the KDC + and the target principal. Defaults to TRUE. + + preauth-use-strongest-session-key = _B_O_O_L + Like as-use-strongest-session-key, but applies to + the session key enctype selection for PA-ETYPE- + INFO2 (i.e., for password-based pre-authentica- + tion). Defaults to TRUE. + + tgs-use-strongest-session-key = _B_O_O_L + Like as-use-strongest-session-key, but applies to + the session key enctype of tickets issued by the + TGS. Defaults to TRUE. + + use-strongest-server-key = _B_O_O_L + If TRUE then the KDC picks, for the ticket + encrypted part's key, the first supported enctype + from the target service principal's hdb entry's + current keyset. Else the KDC picks the first sup- + ported enctype from the target service principal's + hdb entry's current keyset. Defaults to TRUE. + + check-ticket-addresses = _B_O_O_L + Verify the addresses in the tickets used in tgs + requests. + + allow-null-ticket-addresses = _B_O_O_L + Allow address-less tickets. + + allow-anonymous = _B_O_O_L + If the kdc is allowed to hand out anonymous tick- + ets. + + encode_as_rep_as_tgs_rep = _B_O_O_L + Encode as-rep as tgs-rep tobe compatible with mis- + takes older DCE secd did. + + kdc_warn_pwexpire = _T_I_M_E + The time before expiration that the user should be + warned that her password is about to expire. + + logging = _L_o_g_g_i_n_g + What type of logging the kdc should use, see also + [logging]/kdc. + + use_2b = { + + _p_r_i_n_c_i_p_a_l = _B_O_O_L + boolean value if the 524 daemon should + return AFS 2b tokens for _p_r_i_n_c_i_p_a_l. + + ... + + } + + hdb-ldap-structural-object _s_t_r_u_c_t_u_r_a_l _o_b_j_e_c_t + If the LDAP backend is used for storing principals, + this is the structural object that will be used + when creating and when reading objects. The + default value is account . + + hdb-ldap-create-base _c_r_e_a_t_i_o_n _d_n + is the dn that will be appended to the principal + when creating entries. Default value is the search + dn. + + enable-digest = _B_O_O_L + Should the kdc answer digest requests. The default + is FALSE. + + digests_allowed = _l_i_s_t _o_f _d_i_g_e_s_t_s + Specifies the digests the kdc will reply to. The + default is ntlm-v2. + + [kadmin] + + require-preauth = _B_O_O_L + If pre-authentication is required to talk to the + kadmin server. + + password_lifetime = _t_i_m_e + If a principal already have its password set for + expiration, this is the time it will be valid for + after a change. + + default_keys = _k_e_y_t_y_p_e_s_._._. + For each entry in _d_e_f_a_u_l_t___k_e_y_s try to parse it as a + sequence of _e_t_y_p_e_:_s_a_l_t_t_y_p_e_:_s_a_l_t syntax of this if + something like: + + [(des|des3|etype):](pw-salt|afs3-salt)[:string] + + If _e_t_y_p_e is omitted it means everything, and if + string is omitted it means the default salt string + (for that principal and encryption type). Addi- + tional special values of keytypes are: + + v5 The Kerberos 5 salt _p_w_-_s_a_l_t + + v4 The Kerberos 4 salt _d_e_s_:_p_w_-_s_a_l_t_: + + use_v4_salt = _B_O_O_L + When true, this is the same as + + _d_e_f_a_u_l_t___k_e_y_s _= _d_e_s_3_:_p_w_-_s_a_l_t _v_4 + + and is only left for backwards compatibility. + + [password_quality] + Check the Password quality assurance in the info documentation + for more information. + + check_library = _l_i_b_r_a_r_y_-_n_a_m_e + Library name that contains the password check_func- + tion + + check_function = _f_u_n_c_t_i_o_n_-_n_a_m_e + Function name for checking passwords in + check_library + + policy_libraries = _l_i_b_r_a_r_y_1 _._._. _l_i_b_r_a_r_y_N + List of libraries that can do password policy + checks + + policies = _p_o_l_i_c_y_1 _._._. _p_o_l_i_c_y_N + List of policy names to apply to the password. + Builtin policies are among other minimum-length, + character-class, external-check. + +EENNVVIIRROONNMMEENNTT + KRB5_CONFIG points to the configuration file to read. + +FFIILLEESS + /etc/krb5.conf configuration file for Kerberos 5. + +EEXXAAMMPPLLEESS + [libdefaults] + default_realm = FOO.SE + [domain_realm] + .foo.se = FOO.SE + .bar.se = FOO.SE + [realms] + FOO.SE = { + kdc = kerberos.foo.se + v4_name_convert = { + rcmd = host + } + v4_instance_convert = { + xyz = xyz.bar.se + } + default_domain = foo.se + } + [logging] + kdc = FILE:/var/heimdal/kdc.log + kdc = SYSLOG:INFO + default = SYSLOG:INFO:USER + +DDIIAAGGNNOOSSTTIICCSS + Since kkrrbb55..ccoonnff is read and parsed by the krb5 library, there is not a + lot of opportunities for programs to report parsing errors in any useful + format. To help overcome this problem, there is a program + vveerriiffyy__kkrrbb55__ccoonnff that reads kkrrbb55..ccoonnff and tries to emit useful diagnos- + tics from parsing errors. Note that this program does not have any way + of knowing what options are actually used and thus cannot warn about + unknown or misspelled ones. + +SSEEEE AALLSSOO + kinit(1), krb5_425_conv_principal(3), krb5_openlog(3), strftime(3), + verify_krb5_conf(8) + +HEIMDAL May 4, 2005 HEIMDAL diff --git a/lib/krb5/krb5.h b/lib/krb5/krb5.h index 571eb6192ae0..2d555ea0604f 100644 --- a/lib/krb5/krb5.h +++ b/lib/krb5/krb5.h @@ -1,37 +1,39 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: krb5.h 22100 2007-12-03 17:15:00Z lha $ */ +/* $Id$ */ #ifndef __KRB5_H__ #define __KRB5_H__ @@ -51,6 +53,12 @@ #define KRB5KDC_ERR_KEY_EXP KRB5KDC_ERR_KEY_EXPIRED #endif +#ifdef _WIN32 +#define KRB5_CALLCONV __stdcall +#else +#define KRB5_CALLCONV +#endif + /* simple constants */ #ifndef TRUE @@ -62,7 +70,7 @@ typedef int krb5_boolean; typedef int32_t krb5_error_code; -typedef int krb5_kvno; +typedef int32_t krb5_kvno; typedef uint32_t krb5_flags; @@ -92,6 +100,8 @@ typedef Checksum krb5_checksum; typedef ENCTYPE krb5_enctype; +typedef struct krb5_get_init_creds_ctx *krb5_init_creds_context; + typedef heim_octet_string krb5_data; /* PKINIT related forward declarations */ @@ -108,28 +118,69 @@ typedef struct krb5_enc_data { /* alternative names */ enum { - ENCTYPE_NULL = ETYPE_NULL, - ENCTYPE_DES_CBC_CRC = ETYPE_DES_CBC_CRC, - ENCTYPE_DES_CBC_MD4 = ETYPE_DES_CBC_MD4, - ENCTYPE_DES_CBC_MD5 = ETYPE_DES_CBC_MD5, - ENCTYPE_DES3_CBC_MD5 = ETYPE_DES3_CBC_MD5, - ENCTYPE_OLD_DES3_CBC_SHA1 = ETYPE_OLD_DES3_CBC_SHA1, - ENCTYPE_SIGN_DSA_GENERATE = ETYPE_SIGN_DSA_GENERATE, - ENCTYPE_ENCRYPT_RSA_PRIV = ETYPE_ENCRYPT_RSA_PRIV, - ENCTYPE_ENCRYPT_RSA_PUB = ETYPE_ENCRYPT_RSA_PUB, - ENCTYPE_DES3_CBC_SHA1 = ETYPE_DES3_CBC_SHA1, - ENCTYPE_AES128_CTS_HMAC_SHA1_96 = ETYPE_AES128_CTS_HMAC_SHA1_96, - ENCTYPE_AES256_CTS_HMAC_SHA1_96 = ETYPE_AES256_CTS_HMAC_SHA1_96, - ENCTYPE_ARCFOUR_HMAC = ETYPE_ARCFOUR_HMAC_MD5, - ENCTYPE_ARCFOUR_HMAC_MD5 = ETYPE_ARCFOUR_HMAC_MD5, - ENCTYPE_ARCFOUR_HMAC_MD5_56 = ETYPE_ARCFOUR_HMAC_MD5_56, - ENCTYPE_ENCTYPE_PK_CROSS = ETYPE_ENCTYPE_PK_CROSS, - ENCTYPE_DES_CBC_NONE = ETYPE_DES_CBC_NONE, - ENCTYPE_DES3_CBC_NONE = ETYPE_DES3_CBC_NONE, - ENCTYPE_DES_CFB64_NONE = ETYPE_DES_CFB64_NONE, - ENCTYPE_DES_PCBC_NONE = ETYPE_DES_PCBC_NONE + ENCTYPE_NULL = KRB5_ENCTYPE_NULL, + ENCTYPE_DES_CBC_CRC = KRB5_ENCTYPE_DES_CBC_CRC, + ENCTYPE_DES_CBC_MD4 = KRB5_ENCTYPE_DES_CBC_MD4, + ENCTYPE_DES_CBC_MD5 = KRB5_ENCTYPE_DES_CBC_MD5, + ENCTYPE_DES3_CBC_MD5 = KRB5_ENCTYPE_DES3_CBC_MD5, + ENCTYPE_OLD_DES3_CBC_SHA1 = KRB5_ENCTYPE_OLD_DES3_CBC_SHA1, + ENCTYPE_SIGN_DSA_GENERATE = KRB5_ENCTYPE_SIGN_DSA_GENERATE, + ENCTYPE_ENCRYPT_RSA_PRIV = KRB5_ENCTYPE_ENCRYPT_RSA_PRIV, + ENCTYPE_ENCRYPT_RSA_PUB = KRB5_ENCTYPE_ENCRYPT_RSA_PUB, + ENCTYPE_DES3_CBC_SHA1 = KRB5_ENCTYPE_DES3_CBC_SHA1, + ENCTYPE_AES128_CTS_HMAC_SHA1_96 = KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96, + ENCTYPE_AES256_CTS_HMAC_SHA1_96 = KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96, + ENCTYPE_ARCFOUR_HMAC = KRB5_ENCTYPE_ARCFOUR_HMAC_MD5, + ENCTYPE_ARCFOUR_HMAC_MD5 = KRB5_ENCTYPE_ARCFOUR_HMAC_MD5, + ENCTYPE_ARCFOUR_HMAC_MD5_56 = KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56, + ENCTYPE_ENCTYPE_PK_CROSS = KRB5_ENCTYPE_ENCTYPE_PK_CROSS, + ENCTYPE_DES_CBC_NONE = KRB5_ENCTYPE_DES_CBC_NONE, + ENCTYPE_DES3_CBC_NONE = KRB5_ENCTYPE_DES3_CBC_NONE, + ENCTYPE_DES_CFB64_NONE = KRB5_ENCTYPE_DES_CFB64_NONE, + ENCTYPE_DES_PCBC_NONE = KRB5_ENCTYPE_DES_PCBC_NONE, + ETYPE_NULL = KRB5_ENCTYPE_NULL, + ETYPE_DES_CBC_CRC = KRB5_ENCTYPE_DES_CBC_CRC, + ETYPE_DES_CBC_MD4 = KRB5_ENCTYPE_DES_CBC_MD4, + ETYPE_DES_CBC_MD5 = KRB5_ENCTYPE_DES_CBC_MD5, + ETYPE_DES3_CBC_MD5 = KRB5_ENCTYPE_DES3_CBC_MD5, + ETYPE_OLD_DES3_CBC_SHA1 = KRB5_ENCTYPE_OLD_DES3_CBC_SHA1, + ETYPE_SIGN_DSA_GENERATE = KRB5_ENCTYPE_SIGN_DSA_GENERATE, + ETYPE_ENCRYPT_RSA_PRIV = KRB5_ENCTYPE_ENCRYPT_RSA_PRIV, + ETYPE_ENCRYPT_RSA_PUB = KRB5_ENCTYPE_ENCRYPT_RSA_PUB, + ETYPE_DES3_CBC_SHA1 = KRB5_ENCTYPE_DES3_CBC_SHA1, + ETYPE_AES128_CTS_HMAC_SHA1_96 = KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96, + ETYPE_AES256_CTS_HMAC_SHA1_96 = KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96, + ETYPE_ARCFOUR_HMAC_MD5 = KRB5_ENCTYPE_ARCFOUR_HMAC_MD5, + ETYPE_ARCFOUR_HMAC_MD5_56 = KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56, + ETYPE_ENCTYPE_PK_CROSS = KRB5_ENCTYPE_ENCTYPE_PK_CROSS, + ETYPE_ARCFOUR_MD4 = KRB5_ENCTYPE_ARCFOUR_MD4, + ETYPE_ARCFOUR_HMAC_OLD = KRB5_ENCTYPE_ARCFOUR_HMAC_OLD, + ETYPE_ARCFOUR_HMAC_OLD_EXP = KRB5_ENCTYPE_ARCFOUR_HMAC_OLD_EXP, + ETYPE_DES_CBC_NONE = KRB5_ENCTYPE_DES_CBC_NONE, + ETYPE_DES3_CBC_NONE = KRB5_ENCTYPE_DES3_CBC_NONE, + ETYPE_DES_CFB64_NONE = KRB5_ENCTYPE_DES_CFB64_NONE, + ETYPE_DES_PCBC_NONE = KRB5_ENCTYPE_DES_PCBC_NONE, + ETYPE_DIGEST_MD5_NONE = KRB5_ENCTYPE_DIGEST_MD5_NONE, + ETYPE_CRAM_MD5_NONE = KRB5_ENCTYPE_CRAM_MD5_NONE + }; +/* PDU types */ +typedef enum krb5_pdu { + KRB5_PDU_ERROR = 0, + KRB5_PDU_TICKET = 1, + KRB5_PDU_AS_REQUEST = 2, + KRB5_PDU_AS_REPLY = 3, + KRB5_PDU_TGS_REQUEST = 4, + KRB5_PDU_TGS_REPLY = 5, + KRB5_PDU_AP_REQUEST = 6, + KRB5_PDU_AP_REPLY = 7, + KRB5_PDU_KRB_SAFE = 8, + KRB5_PDU_KRB_PRIV = 9, + KRB5_PDU_KRB_CRED = 10, + KRB5_PDU_NONE = 11 /* See krb5_get_permitted_enctypes() */ +} krb5_pdu; + typedef PADATA_TYPE krb5_preauthtype; typedef enum krb5_key_usage { @@ -205,7 +256,7 @@ typedef enum krb5_key_usage { /* acceptor sign in GSSAPI CFX krb5 mechanism */ KRB5_KU_USAGE_ACCEPTOR_SIGN = 23, /* acceptor seal in GSSAPI CFX krb5 mechanism */ - KRB5_KU_USAGE_INITIATOR_SEAL = 24, + KRB5_KU_USAGE_INITIATOR_SEAL = 24, /* initiator sign in GSSAPI CFX krb5 mechanism */ KRB5_KU_USAGE_INITIATOR_SIGN = 25, /* initiator seal in GSSAPI CFX krb5 mechanism */ @@ -219,6 +270,10 @@ typedef enum krb5_key_usage { /* Keyusage for the server referral in a TGS req */ KRB5_KU_SAM_ENC_NONCE_SAD = 27, /* Encryption of the SAM-NONCE-OR-SAD field */ + KRB5_KU_PA_PKINIT_KX = 44, + /* Encryption type of the kdc session contribution in pk-init */ + KRB5_KU_AS_REQ = 56, + /* Checksum of over the AS-REQ send by the KDC in PA-REQ-ENC-PA-REP */ KRB5_KU_DIGEST_ENCRYPT = -18, /* Encryption key usage used in the digest encryption field */ KRB5_KU_DIGEST_OPAQUE = -19, @@ -253,7 +308,7 @@ typedef struct krb5_preauthdata { krb5_preauthdata_entry *val; }krb5_preauthdata; -typedef enum krb5_address_type { +typedef enum krb5_address_type { KRB5_ADDRESS_INET = 2, KRB5_ADDRESS_NETBIOS = 20, KRB5_ADDRESS_INET6 = 24, @@ -271,15 +326,17 @@ typedef HostAddress krb5_address; typedef HostAddresses krb5_addresses; -typedef enum krb5_keytype { - KEYTYPE_NULL = 0, - KEYTYPE_DES = 1, - KEYTYPE_DES3 = 7, - KEYTYPE_AES128 = 17, - KEYTYPE_AES256 = 18, - KEYTYPE_ARCFOUR = 23, - KEYTYPE_ARCFOUR_56 = 24 -} krb5_keytype; +typedef krb5_enctype krb5_keytype; + +enum krb5_keytype_old { + KEYTYPE_NULL = ETYPE_NULL, + KEYTYPE_DES = ETYPE_DES_CBC_CRC, + KEYTYPE_DES3 = ETYPE_OLD_DES3_CBC_SHA1, + KEYTYPE_AES128 = ETYPE_AES128_CTS_HMAC_SHA1_96, + KEYTYPE_AES256 = ETYPE_AES256_CTS_HMAC_SHA1_96, + KEYTYPE_ARCFOUR = ETYPE_ARCFOUR_HMAC_MD5, + KEYTYPE_ARCFOUR_56 = ETYPE_ARCFOUR_HMAC_MD5_56 +}; typedef EncryptionKey krb5_keyblock; @@ -287,7 +344,15 @@ typedef AP_REQ krb5_ap_req; struct krb5_cc_ops; +#ifdef _WIN32 +#define KRB5_USE_PATH_TOKENS 1 +#endif + +#ifdef KRB5_USE_PATH_TOKENS +#define KRB5_DEFAULT_CCFILE_ROOT "%{TEMP}/krb5cc_" +#else #define KRB5_DEFAULT_CCFILE_ROOT "/tmp/krb5cc_" +#endif #define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT @@ -297,6 +362,7 @@ struct krb5_cc_ops; NULL) typedef void *krb5_cc_cursor; +typedef struct krb5_cccol_cursor_data *krb5_cccol_cursor; typedef struct krb5_ccache_data { const struct krb5_cc_ops *ops; @@ -316,6 +382,7 @@ typedef const char *krb5_const_realm; /* stupid language */ typedef Principal krb5_principal_data; typedef struct Principal *krb5_principal; typedef const struct Principal *krb5_const_principal; +typedef struct Principals *krb5_principals; typedef time_t krb5_deltat; typedef time_t krb5_timestamp; @@ -363,6 +430,7 @@ typedef union { #define KRB5_GC_FORWARDABLE (1U << 4) #define KRB5_GC_NO_TRANSIT_CHECK (1U << 5) #define KRB5_GC_CONSTRAINED_DELEGATION (1U << 6) +#define KRB5_GC_CANONICALIZE (1U << 7) /* constants for compare_creds (and cc_retrieve_cred) */ #define KRB5_TC_DONT_MATCH_REALM (1U << 31) @@ -377,6 +445,10 @@ typedef union { #define KRB5_TC_MATCH_2ND_TKT (1 << 23) #define KRB5_TC_MATCH_IS_SKEY (1 << 22) +/* constants for get_flags and set_flags */ +#define KRB5_TC_OPENCLOSE 0x00000001 +#define KRB5_TC_NOTICKET 0x00000002 + typedef AuthorizationData krb5_authdata; typedef KRB_ERROR krb5_error; @@ -395,31 +467,39 @@ typedef struct krb5_creds { typedef struct krb5_cc_cache_cursor_data *krb5_cc_cache_cursor; +#define KRB5_CC_OPS_VERSION 3 + typedef struct krb5_cc_ops { + int version; const char *prefix; - const char* (*get_name)(krb5_context, krb5_ccache); - krb5_error_code (*resolve)(krb5_context, krb5_ccache *, const char *); - krb5_error_code (*gen_new)(krb5_context, krb5_ccache *); - krb5_error_code (*init)(krb5_context, krb5_ccache, krb5_principal); - krb5_error_code (*destroy)(krb5_context, krb5_ccache); - krb5_error_code (*close)(krb5_context, krb5_ccache); - krb5_error_code (*store)(krb5_context, krb5_ccache, krb5_creds*); - krb5_error_code (*retrieve)(krb5_context, krb5_ccache, - krb5_flags, const krb5_creds*, krb5_creds *); - krb5_error_code (*get_princ)(krb5_context, krb5_ccache, krb5_principal*); - krb5_error_code (*get_first)(krb5_context, krb5_ccache, krb5_cc_cursor *); - krb5_error_code (*get_next)(krb5_context, krb5_ccache, - krb5_cc_cursor*, krb5_creds*); - krb5_error_code (*end_get)(krb5_context, krb5_ccache, krb5_cc_cursor*); - krb5_error_code (*remove_cred)(krb5_context, krb5_ccache, - krb5_flags, krb5_creds*); - krb5_error_code (*set_flags)(krb5_context, krb5_ccache, krb5_flags); - int (*get_version)(krb5_context, krb5_ccache); - krb5_error_code (*get_cache_first)(krb5_context, krb5_cc_cursor *); - krb5_error_code (*get_cache_next)(krb5_context, krb5_cc_cursor, krb5_ccache *); - krb5_error_code (*end_cache_get)(krb5_context, krb5_cc_cursor); - krb5_error_code (*move)(krb5_context, krb5_ccache, krb5_ccache); - krb5_error_code (*default_name)(krb5_context, char **); + const char* (KRB5_CALLCONV * get_name)(krb5_context, krb5_ccache); + krb5_error_code (KRB5_CALLCONV * resolve)(krb5_context, krb5_ccache *, const char *); + krb5_error_code (KRB5_CALLCONV * gen_new)(krb5_context, krb5_ccache *); + krb5_error_code (KRB5_CALLCONV * init)(krb5_context, krb5_ccache, krb5_principal); + krb5_error_code (KRB5_CALLCONV * destroy)(krb5_context, krb5_ccache); + krb5_error_code (KRB5_CALLCONV * close)(krb5_context, krb5_ccache); + krb5_error_code (KRB5_CALLCONV * store)(krb5_context, krb5_ccache, krb5_creds*); + krb5_error_code (KRB5_CALLCONV * retrieve)(krb5_context, krb5_ccache, + krb5_flags, const krb5_creds*, krb5_creds *); + krb5_error_code (KRB5_CALLCONV * get_princ)(krb5_context, krb5_ccache, krb5_principal*); + krb5_error_code (KRB5_CALLCONV * get_first)(krb5_context, krb5_ccache, krb5_cc_cursor *); + krb5_error_code (KRB5_CALLCONV * get_next)(krb5_context, krb5_ccache, + krb5_cc_cursor*, krb5_creds*); + krb5_error_code (KRB5_CALLCONV * end_get)(krb5_context, krb5_ccache, krb5_cc_cursor*); + krb5_error_code (KRB5_CALLCONV * remove_cred)(krb5_context, krb5_ccache, + krb5_flags, krb5_creds*); + krb5_error_code (KRB5_CALLCONV * set_flags)(krb5_context, krb5_ccache, krb5_flags); + int (KRB5_CALLCONV * get_version)(krb5_context, krb5_ccache); + krb5_error_code (KRB5_CALLCONV * get_cache_first)(krb5_context, krb5_cc_cursor *); + krb5_error_code (KRB5_CALLCONV * get_cache_next)(krb5_context, krb5_cc_cursor, + krb5_ccache *); + krb5_error_code (KRB5_CALLCONV * end_cache_get)(krb5_context, krb5_cc_cursor); + krb5_error_code (KRB5_CALLCONV * move)(krb5_context, krb5_ccache, krb5_ccache); + krb5_error_code (KRB5_CALLCONV * get_default_name)(krb5_context, char **); + krb5_error_code (KRB5_CALLCONV * set_default)(krb5_context, krb5_ccache); + krb5_error_code (KRB5_CALLCONV * lastchange)(krb5_context, krb5_ccache, krb5_timestamp *); + krb5_error_code (KRB5_CALLCONV * set_kdc_offset)(krb5_context, krb5_ccache, krb5_deltat); + krb5_error_code (KRB5_CALLCONV * get_kdc_offset)(krb5_context, krb5_ccache, krb5_deltat *); } krb5_cc_ops; struct krb5_log_facility; @@ -471,6 +551,8 @@ typedef struct krb5_keytab_entry { krb5_kvno vno; krb5_keyblock keyblock; uint32_t timestamp; + uint32_t flags; + krb5_principals aliases; } krb5_keytab_entry; typedef struct krb5_kt_cursor { @@ -487,17 +569,18 @@ typedef struct krb5_keytab_data *krb5_keytab; struct krb5_keytab_data { const char *prefix; - krb5_error_code (*resolve)(krb5_context, const char*, krb5_keytab); - krb5_error_code (*get_name)(krb5_context, krb5_keytab, char*, size_t); - krb5_error_code (*close)(krb5_context, krb5_keytab); - krb5_error_code (*get)(krb5_context, krb5_keytab, krb5_const_principal, - krb5_kvno, krb5_enctype, krb5_keytab_entry*); - krb5_error_code (*start_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); - krb5_error_code (*next_entry)(krb5_context, krb5_keytab, - krb5_keytab_entry*, krb5_kt_cursor*); - krb5_error_code (*end_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); - krb5_error_code (*add)(krb5_context, krb5_keytab, krb5_keytab_entry*); - krb5_error_code (*remove)(krb5_context, krb5_keytab, krb5_keytab_entry*); + krb5_error_code (KRB5_CALLCONV * resolve)(krb5_context, const char*, krb5_keytab); + krb5_error_code (KRB5_CALLCONV * get_name)(krb5_context, krb5_keytab, char*, size_t); + krb5_error_code (KRB5_CALLCONV * close)(krb5_context, krb5_keytab); + krb5_error_code (KRB5_CALLCONV * destroy)(krb5_context, krb5_keytab); + krb5_error_code (KRB5_CALLCONV * get)(krb5_context, krb5_keytab, krb5_const_principal, + krb5_kvno, krb5_enctype, krb5_keytab_entry*); + krb5_error_code (KRB5_CALLCONV * start_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); + krb5_error_code (KRB5_CALLCONV * next_entry)(krb5_context, krb5_keytab, + krb5_keytab_entry*, krb5_kt_cursor*); + krb5_error_code (KRB5_CALLCONV * end_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); + krb5_error_code (KRB5_CALLCONV * add)(krb5_context, krb5_keytab, krb5_keytab_entry*); + krb5_error_code (KRB5_CALLCONV * remove)(krb5_context, krb5_keytab, krb5_keytab_entry*); void *data; int32_t version; }; @@ -551,14 +634,14 @@ typedef struct krb5_auth_context_data { uint32_t remote_seqnumber; krb5_authenticator authenticator; - + krb5_pointer i_vector; - + krb5_rcache rcache; - krb5_keytype keytype; /* ¿requested key type ? */ - krb5_cksumtype cksumtype; /* ¡requested checksum type! */ - + krb5_keytype keytype; /* ¿requested key type ? */ + krb5_cksumtype cksumtype; /* ¡requested checksum type! */ + }krb5_auth_context_data, *krb5_auth_context; typedef struct { @@ -569,8 +652,8 @@ typedef struct { extern const char *heimdal_version, *heimdal_long_version; -typedef void (*krb5_log_log_func_t)(const char*, const char*, void*); -typedef void (*krb5_log_close_func_t)(void*); +typedef void (KRB5_CALLCONV * krb5_log_log_func_t)(const char*, const char*, void*); +typedef void (KRB5_CALLCONV * krb5_log_close_func_t)(void*); typedef struct krb5_log_facility { char *program; @@ -586,14 +669,10 @@ typedef EncAPRepPart krb5_ap_rep_enc_part; #define KRB5_TGS_NAME_SIZE (6) #define KRB5_TGS_NAME ("krbtgt") - +#define KRB5_WELLKNOWN_NAME ("WELLKNOWN") +#define KRB5_ANON_NAME ("ANONYMOUS") #define KRB5_DIGEST_NAME ("digest") -/* variables */ - -extern const char *krb5_config_file; -extern const char *krb5_defkeyname; - typedef enum { KRB5_PROMPT_TYPE_PASSWORD = 0x1, KRB5_PROMPT_TYPE_NEW_PASSWORD = 0x2, @@ -609,32 +688,32 @@ typedef struct _krb5_prompt { krb5_prompt_type type; } krb5_prompt; -typedef int (*krb5_prompter_fct)(krb5_context /*context*/, - void * /*data*/, - const char * /*name*/, - const char * /*banner*/, - int /*num_prompts*/, - krb5_prompt /*prompts*/[]); -typedef krb5_error_code (*krb5_key_proc)(krb5_context /*context*/, - krb5_enctype /*type*/, - krb5_salt /*salt*/, - krb5_const_pointer /*keyseed*/, - krb5_keyblock ** /*key*/); -typedef krb5_error_code (*krb5_decrypt_proc)(krb5_context /*context*/, - krb5_keyblock * /*key*/, - krb5_key_usage /*usage*/, - krb5_const_pointer /*decrypt_arg*/, - krb5_kdc_rep * /*dec_rep*/); -typedef krb5_error_code (*krb5_s2k_proc)(krb5_context /*context*/, - krb5_enctype /*type*/, - krb5_const_pointer /*keyseed*/, - krb5_salt /*salt*/, - krb5_data * /*s2kparms*/, - krb5_keyblock ** /*key*/); +typedef int (KRB5_CALLCONV * krb5_prompter_fct)(krb5_context /*context*/, + void * /*data*/, + const char * /*name*/, + const char * /*banner*/, + int /*num_prompts*/, + krb5_prompt /*prompts*/[]); +typedef krb5_error_code (KRB5_CALLCONV * krb5_key_proc)(krb5_context /*context*/, + krb5_enctype /*type*/, + krb5_salt /*salt*/, + krb5_const_pointer /*keyseed*/, + krb5_keyblock ** /*key*/); +typedef krb5_error_code (KRB5_CALLCONV * krb5_decrypt_proc)(krb5_context /*context*/, + krb5_keyblock * /*key*/, + krb5_key_usage /*usage*/, + krb5_const_pointer /*decrypt_arg*/, + krb5_kdc_rep * /*dec_rep*/); +typedef krb5_error_code (KRB5_CALLCONV * krb5_s2k_proc)(krb5_context /*context*/, + krb5_enctype /*type*/, + krb5_const_pointer /*keyseed*/, + krb5_salt /*salt*/, + krb5_data * /*s2kparms*/, + krb5_keyblock ** /*key*/); struct _krb5_get_init_creds_opt_private; -typedef struct _krb5_get_init_creds_opt { +struct _krb5_get_init_creds_opt { krb5_flags flags; krb5_deltat tkt_life; krb5_deltat renew_life; @@ -650,7 +729,9 @@ typedef struct _krb5_get_init_creds_opt { int preauth_list_length; krb5_data *salt; struct _krb5_get_init_creds_opt_private *opt_private; -} krb5_get_init_creds_opt; +}; + +typedef struct _krb5_get_init_creds_opt krb5_get_init_creds_opt; #define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001 #define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002 @@ -659,10 +740,13 @@ typedef struct _krb5_get_init_creds_opt { #define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010 #define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020 #define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040 -#define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 +#define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 /* no supported */ #define KRB5_GET_INIT_CREDS_OPT_ANONYMOUS 0x0100 #define KRB5_GET_INIT_CREDS_OPT_DISABLE_TRANSITED_CHECK 0x0200 +/* krb5_init_creds_step flags argument */ +#define KRB5_INIT_CREDS_STEP_FLAG_CONTINUE 0x0001 + typedef struct _krb5_verify_init_creds_opt { krb5_flags flags; int ap_req_nofail; @@ -681,20 +765,6 @@ typedef struct krb5_verify_opt { #define KRB5_VERIFY_LREALMS 1 #define KRB5_VERIFY_NO_ADDRESSES 2 -extern const krb5_cc_ops krb5_acc_ops; -extern const krb5_cc_ops krb5_fcc_ops; -extern const krb5_cc_ops krb5_mcc_ops; -extern const krb5_cc_ops krb5_kcm_ops; - -extern const krb5_kt_ops krb5_fkt_ops; -extern const krb5_kt_ops krb5_wrfkt_ops; -extern const krb5_kt_ops krb5_javakt_ops; -extern const krb5_kt_ops krb5_mkt_ops; -extern const krb5_kt_ops krb5_akf_ops; -extern const krb5_kt_ops krb4_fkt_ops; -extern const krb5_kt_ops krb5_srvtab_fkt_ops; -extern const krb5_kt_ops krb5_any_ops; - #define KRB5_KPASSWD_VERS_CHANGEPW 1 #define KRB5_KPASSWD_VERS_SETPW 0xff80 @@ -736,24 +806,22 @@ enum { KRB5_KRBHST_FLAGS_LARGE_MSG = 2 }; -typedef krb5_error_code (*krb5_send_to_kdc_func)(krb5_context, - void *, - krb5_krbhst_info *, - const krb5_data *, - krb5_data *); +typedef krb5_error_code +(KRB5_CALLCONV * krb5_send_to_kdc_func)(krb5_context, void *, krb5_krbhst_info *, time_t, + const krb5_data *, krb5_data *); -/* flags for krb5_parse_name_flags */ +/** flags for krb5_parse_name_flags */ enum { - KRB5_PRINCIPAL_PARSE_NO_REALM = 1, - KRB5_PRINCIPAL_PARSE_MUST_REALM = 2, - KRB5_PRINCIPAL_PARSE_ENTERPRISE = 4 + KRB5_PRINCIPAL_PARSE_NO_REALM = 1, /**< Require that there are no realm */ + KRB5_PRINCIPAL_PARSE_REQUIRE_REALM = 2, /**< Require a realm present */ + KRB5_PRINCIPAL_PARSE_ENTERPRISE = 4 /**< Parse as a NT-ENTERPRISE name */ }; -/* flags for krb5_unparse_name_flags */ +/** flags for krb5_unparse_name_flags */ enum { - KRB5_PRINCIPAL_UNPARSE_SHORT = 1, - KRB5_PRINCIPAL_UNPARSE_NO_REALM = 2, - KRB5_PRINCIPAL_UNPARSE_DISPLAY = 4 + KRB5_PRINCIPAL_UNPARSE_SHORT = 1, /**< No realm if it is the default realm */ + KRB5_PRINCIPAL_UNPARSE_NO_REALM = 2, /**< No realm */ + KRB5_PRINCIPAL_UNPARSE_DISPLAY = 4 /**< No quoting */ }; typedef struct krb5_sendto_ctx_data *krb5_sendto_ctx; @@ -762,7 +830,9 @@ typedef struct krb5_sendto_ctx_data *krb5_sendto_ctx; #define KRB5_SENDTO_RESTART 1 #define KRB5_SENDTO_CONTINUE 2 -typedef krb5_error_code (*krb5_sendto_ctx_func)(krb5_context, krb5_sendto_ctx, void *, const krb5_data *, int *); +typedef krb5_error_code +(KRB5_CALLCONV * krb5_sendto_ctx_func)(krb5_context, krb5_sendto_ctx, void *, + const krb5_data *, int *); struct krb5_plugin; enum krb5_plugin_type { @@ -774,7 +844,73 @@ struct credentials; /* this is to keep the compiler happy */ struct getargs; struct sockaddr; +/** + * Semi private, not stable yet + */ + +typedef struct krb5_crypto_iov { + unsigned int flags; + /* ignored */ +#define KRB5_CRYPTO_TYPE_EMPTY 0 + /* OUT krb5_crypto_length(KRB5_CRYPTO_TYPE_HEADER) */ +#define KRB5_CRYPTO_TYPE_HEADER 1 + /* IN and OUT */ +#define KRB5_CRYPTO_TYPE_DATA 2 + /* IN */ +#define KRB5_CRYPTO_TYPE_SIGN_ONLY 3 + /* (only for encryption) OUT krb5_crypto_length(KRB5_CRYPTO_TYPE_TRAILER) */ +#define KRB5_CRYPTO_TYPE_PADDING 4 + /* OUT krb5_crypto_length(KRB5_CRYPTO_TYPE_TRAILER) */ +#define KRB5_CRYPTO_TYPE_TRAILER 5 + /* OUT krb5_crypto_length(KRB5_CRYPTO_TYPE_CHECKSUM) */ +#define KRB5_CRYPTO_TYPE_CHECKSUM 6 + krb5_data data; +} krb5_crypto_iov; + + +/* Glue for MIT */ + +typedef struct { + int32_t lr_type; + krb5_timestamp value; +} krb5_last_req_entry; + +typedef krb5_error_code +(KRB5_CALLCONV * krb5_gic_process_last_req)(krb5_context, krb5_last_req_entry **, void *); + +/* + * + */ + +struct hx509_certs_data; + #include +/* variables */ + +extern KRB5_LIB_VARIABLE const char *krb5_config_file; +extern KRB5_LIB_VARIABLE const char *krb5_defkeyname; + + +extern KRB5_LIB_VARIABLE const krb5_cc_ops krb5_acc_ops; +extern KRB5_LIB_VARIABLE const krb5_cc_ops krb5_fcc_ops; +extern KRB5_LIB_VARIABLE const krb5_cc_ops krb5_mcc_ops; +extern KRB5_LIB_VARIABLE const krb5_cc_ops krb5_kcm_ops; +extern KRB5_LIB_VARIABLE const krb5_cc_ops krb5_akcm_ops; +extern KRB5_LIB_VARIABLE const krb5_cc_ops krb5_scc_ops; + +extern KRB5_LIB_VARIABLE const krb5_kt_ops krb5_fkt_ops; +extern KRB5_LIB_VARIABLE const krb5_kt_ops krb5_wrfkt_ops; +extern KRB5_LIB_VARIABLE const krb5_kt_ops krb5_javakt_ops; +extern KRB5_LIB_VARIABLE const krb5_kt_ops krb5_mkt_ops; +extern KRB5_LIB_VARIABLE const krb5_kt_ops krb5_akf_ops; +extern KRB5_LIB_VARIABLE const krb5_kt_ops krb5_any_ops; + +extern KRB5_LIB_VARIABLE const char *krb5_cc_type_api; +extern KRB5_LIB_VARIABLE const char *krb5_cc_type_file; +extern KRB5_LIB_VARIABLE const char *krb5_cc_type_memory; +extern KRB5_LIB_VARIABLE const char *krb5_cc_type_kcm; +extern KRB5_LIB_VARIABLE const char *krb5_cc_type_scc; + #endif /* __KRB5_H__ */ diff --git a/lib/krb5/krb5.moduli b/lib/krb5/krb5.moduli index f67d2b29be86..a27bae5dfa25 100644 --- a/lib/krb5/krb5.moduli +++ b/lib/krb5/krb5.moduli @@ -1,3 +1,3 @@ -# $Id: krb5.moduli 16154 2005-10-08 15:39:42Z lha $ +# $Id$ # comment security-bits-decimal secure-prime(p)-hex generator(g)-hex (q)-hex rfc3526-MODP-group14 1760 FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF 02 7FFFFFFFFFFFFFFFE487ED5110B4611A62633145C06E0E68948127044533E63A0105DF531D89CD9128A5043CC71A026EF7CA8CD9E69D218D98158536F92F8A1BA7F09AB6B6A8E122F242DABB312F3F637A262174D31BF6B585FFAE5B7A035BF6F71C35FDAD44CFD2D74F9208BE258FF324943328F6722D9EE1003E5C50B1DF82CC6D241B0E2AE9CD348B1FD47E9267AFC1B2AE91EE51D6CB0E3179AB1042A95DCF6A9483B84B4B36B3861AA7255E4C0278BA3604650C10BE19482F23171B671DF1CF3B960C074301CD93C1D17603D147DAE2AEF837A62964EF15E5FB4AAC0B8C1CCAA4BE754AB5728AE9130C4C7D02880AB9472D455655347FFFFFFFFFFFFFFF diff --git a/lib/krb5/krb524_convert_creds_kdc.3 b/lib/krb5/krb524_convert_creds_kdc.3 index 1f4b9bf8a9ec..511eabd915e3 100644 --- a/lib/krb5/krb524_convert_creds_kdc.3 +++ b/lib/krb5/krb524_convert_creds_kdc.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb524_convert_creds_kdc.3 15239 2005-05-25 13:19:16Z lha $ +.\" $Id$ .\" .Dd March 20, 2004 .Dt KRB524_CONVERT_CREDS_KDC 3 @@ -66,7 +66,7 @@ to Kerberos 4 credential that is stored in .Fa credentials . .Pp .Fn krb524_convert_creds_kdc_ccache -is diffrent from +is different from .Fn krb524_convert_creds_kdc in that way that if .Fa in_cred diff --git a/lib/krb5/krb524_convert_creds_kdc.cat3 b/lib/krb5/krb524_convert_creds_kdc.cat3 new file mode 100644 index 000000000000..84d48c34489f --- /dev/null +++ b/lib/krb5/krb524_convert_creds_kdc.cat3 @@ -0,0 +1,43 @@ + +KRB524_CONVERT_CREDS_... BSD Library Functions Manual KRB524_CONVERT_CREDS_... + +NNAAMMEE + kkrrbb552244__ccoonnvveerrtt__ccrreeddss__kkddcc, kkrrbb552244__ccoonnvveerrtt__ccrreeddss__kkddcc__ccccaacchhee -- converts + Kerberos 5 credentials to Kerberos 4 credentials + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb552244__ccoonnvveerrtt__ccrreeddss__kkddcc(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_e_d_s _*_i_n___c_r_e_d, + _s_t_r_u_c_t _c_r_e_d_e_n_t_i_a_l_s _*_v_4_c_r_e_d_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb552244__ccoonnvveerrtt__ccrreeddss__kkddcc__ccccaacchhee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, + _k_r_b_5___c_r_e_d_s _*_i_n___c_r_e_d, _s_t_r_u_c_t _c_r_e_d_e_n_t_i_a_l_s _*_v_4_c_r_e_d_s); + +DDEESSCCRRIIPPTTIIOONN + Convert the Kerberos 5 credential to Kerberos 4 credential. This is done + by sending them to the 524 service in the KDC. + + kkrrbb552244__ccoonnvveerrtt__ccrreeddss__kkddcc() converts the Kerberos 5 credential in _i_n___c_r_e_d + to Kerberos 4 credential that is stored in _c_r_e_d_e_n_t_i_a_l_s. + + kkrrbb552244__ccoonnvveerrtt__ccrreeddss__kkddcc__ccccaacchhee() is different from + kkrrbb552244__ccoonnvveerrtt__ccrreeddss__kkddcc() in that way that if _i_n___c_r_e_d doesn't contain a + DES session key, then a new one is fetched from the KDC and stored in the + cred cache _c_c_a_c_h_e, and then the KDC is queried to convert the credential. + + This interfaces are used to make the migration to Kerberos 5 from Ker- + beros 4 easier. There are few services that still need Kerberos 4, and + this is mainly for compatibility for those services. Some services, like + AFS, really have Kerberos 5 supports, but still uses the 524 interface to + make the migration easier. + +SSEEEE AALLSSOO + krb5(3), krb5.conf(5) + +HEIMDAL March 20, 2004 HEIMDAL diff --git a/lib/krb5/krb5_425_conv_principal.3 b/lib/krb5/krb5_425_conv_principal.3 index 16c118f8ace7..49028f42660c 100644 --- a/lib/krb5/krb5_425_conv_principal.3 +++ b/lib/krb5/krb5_425_conv_principal.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 1997-2003 Kungliga Tekniska Högskolan +.\" Copyright (c) 1997-2003 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_425_conv_principal.3 12734 2003-09-03 00:13:07Z lha $ +.\" $Id$ .\" .Dd September 3, 2003 .Dt KRB5_425_CONV_PRINCIPAL 3 diff --git a/lib/krb5/krb5_425_conv_principal.cat3 b/lib/krb5/krb5_425_conv_principal.cat3 new file mode 100644 index 000000000000..abef9b0db8ff --- /dev/null +++ b/lib/krb5/krb5_425_conv_principal.cat3 @@ -0,0 +1,141 @@ + +KRB5_425_CONV_PRINCIP... BSD Library Functions Manual KRB5_425_CONV_PRINCIP... + +NNAAMMEE + kkrrbb55__442255__ccoonnvv__pprriinncciippaall, kkrrbb55__442255__ccoonnvv__pprriinncciippaall__eexxtt, + kkrrbb55__552244__ccoonnvv__pprriinncciippaall -- converts to and from version 4 principals + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__442255__ccoonnvv__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_n_a_m_e, + _c_o_n_s_t _c_h_a_r _*_i_n_s_t_a_n_c_e, _c_o_n_s_t _c_h_a_r _*_r_e_a_l_m, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__442255__ccoonnvv__pprriinncciippaall__eexxtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_n_a_m_e, + _c_o_n_s_t _c_h_a_r _*_i_n_s_t_a_n_c_e, _c_o_n_s_t _c_h_a_r _*_r_e_a_l_m, + _k_r_b_5___b_o_o_l_e_a_n _(_*_f_u_n_c_)_(_k_r_b_5___c_o_n_t_e_x_t_, _k_r_b_5___p_r_i_n_c_i_p_a_l_), + _k_r_b_5___b_o_o_l_e_a_n _r_e_s_o_l_v_e, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__552244__ccoonnvv__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _c_o_n_s_t _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _c_h_a_r _*_n_a_m_e, _c_h_a_r _*_i_n_s_t_a_n_c_e, + _c_h_a_r _*_r_e_a_l_m); + +DDEESSCCRRIIPPTTIIOONN + Converting between version 4 and version 5 principals can at best be + described as a mess. + + A version 4 principal consists of a name, an instance, and a realm. A + version 5 principal consists of one or more components, and a realm. In + some cases also the first component/name will differ between version 4 + and version 5. Furthermore the second component of a host principal will + be the fully qualified domain name of the host in question, while the + instance of a version 4 principal will only contain the first part (short + hostname). Because of these problems the conversion between principals + will have to be site customized. + + kkrrbb55__442255__ccoonnvv__pprriinncciippaall__eexxtt() will try to convert a version 4 principal, + given by _n_a_m_e, _i_n_s_t_a_n_c_e, and _r_e_a_l_m, to a version 5 principal. This can + result in several possible principals, and if _f_u_n_c is non-NULL, it will + be called for each candidate principal. _f_u_n_c should return true if the + principal was ``good''. To accomplish this, + kkrrbb55__442255__ccoonnvv__pprriinncciippaall__eexxtt() will look up the name in _k_r_b_5_._c_o_n_f. It + first looks in the v4_name_convert/host subsection, which should contain + a list of version 4 names whose instance should be treated as a hostname. + This list can be specified for each realm (in the realms section), or in + the libdefaults section. If the name is found the resulting name of the + principal will be the value of this binding. The instance is then first + looked up in v4_instance_convert for the specified realm. If found the + resulting value will be used as instance (this can be used for special + cases), no further attempts will be made to find a conversion if this + fails (with _f_u_n_c). If the _r_e_s_o_l_v_e parameter is true, the instance will + be looked up with ggeetthhoossttbbyynnaammee(). This can be a time consuming, error + prone, and unsafe operation. Next a list of hostnames will be created + from the instance and the v4_domains variable, which should contain a + list of possible domains for the specific realm. + + On the other hand, if the name is not found in a host section, it is + looked up in a v4_name_convert/plain binding. If found here the name will + be converted, but the instance will be untouched. + + This list of default host-type conversions is compiled-in: + + v4_name_convert = { + host = { + ftp = ftp + hprop = hprop + imap = imap + pop = pop + rcmd = host + smtp = smtp + } + } + + It will only be used if there isn't an entry for these names in the con- + fig file, so you can override these defaults. + + kkrrbb55__442255__ccoonnvv__pprriinncciippaall() will call kkrrbb55__442255__ccoonnvv__pprriinncciippaall__eexxtt() with + NULL as _f_u_n_c, and the value of v4_instance_resolve (from the libdefaults + section) as _r_e_s_o_l_v_e. + + kkrrbb55__552244__ccoonnvv__pprriinncciippaall() basically does the opposite of + kkrrbb55__442255__ccoonnvv__pprriinncciippaall(), it just doesn't have to look up any names, but + will instead truncate instances found to belong to a host principal. The + _n_a_m_e, _i_n_s_t_a_n_c_e, and _r_e_a_l_m should be at least 40 characters long. + +EEXXAAMMPPLLEESS + Since this is confusing an example is in place. + + Assume that we have the ``foo.com'', and ``bar.com'' domains that have + shared a single version 4 realm, FOO.COM. The version 4 _k_r_b_._r_e_a_l_m_s file + looked like: + + foo.com FOO.COM + .foo.com FOO.COM + .bar.com FOO.COM + + A _k_r_b_5_._c_o_n_f file that covers this case might look like: + + [libdefaults] + v4_instance_resolve = yes + [realms] + FOO.COM = { + kdc = kerberos.foo.com + v4_instance_convert = { + foo = foo.com + } + v4_domains = foo.com + } + + With this setup and the following host table: + + foo.com + a-host.foo.com + b-host.bar.com + the following conversions will be made: + + rcmd.a-host -> host/a-host.foo.com + ftp.b-host -> ftp/b-host.bar.com + pop.foo -> pop/foo.com + ftp.other -> ftp/other.foo.com + other.a-host -> other/a-host + + The first three are what you expect. If you remove the ``v4_domains'', + the fourth entry will result in an error (since the host ``other'' can't + be found). Even if ``a-host'' is a valid host name, the last entry will + not be converted, since the ``other'' name is not known to represent a + host-type principal. If you turn off ``v4_instance_resolve'' the second + example will result in ``ftp/b-host.foo.com'' (because of the default + domain). And all of this is of course only valid if you have working name + resolving. + +SSEEEE AALLSSOO + krb5_build_principal(3), krb5_free_principal(3), krb5_parse_name(3), + krb5_sname_to_principal(3), krb5_unparse_name(3), krb5.conf(5) + +HEIMDAL September 3, 2003 HEIMDAL diff --git a/lib/krb5/krb5_acl_match_file.3 b/lib/krb5/krb5_acl_match_file.3 index 342645edd2d2..a1eb1e4e7a25 100644 --- a/lib/krb5/krb5_acl_match_file.3 +++ b/lib/krb5/krb5_acl_match_file.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004, 2006 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004, 2006 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_acl_match_file.3 17534 2006-05-11 22:43:44Z lha $ +.\" $Id$ .\" .Dd May 12, 2006 .Dt KRB5_ACL_MATCH_FILE 3 diff --git a/lib/krb5/krb5_acl_match_file.cat3 b/lib/krb5/krb5_acl_match_file.cat3 new file mode 100644 index 000000000000..8aebb87a949e --- /dev/null +++ b/lib/krb5/krb5_acl_match_file.cat3 @@ -0,0 +1,61 @@ + +KRB5_ACL_MATCH_FILE(3) BSD Library Functions Manual KRB5_ACL_MATCH_FILE(3) + +NNAAMMEE + kkrrbb55__aaccll__mmaattcchh__ffiillee, kkrrbb55__aaccll__mmaattcchh__ssttrriinngg -- ACL matching functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aaccll__mmaattcchh__ffiillee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_f_i_l_e, + _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _._._.); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aaccll__mmaattcchh__ssttrriinngg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_s_t_r_i_n_g, + _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _._._.); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__aaccll__mmaattcchh__ffiillee matches ACL format against each line in a file. + Lines starting with # are treated like comments and ignored. + + kkrrbb55__aaccll__mmaattcchh__ssttrriinngg matches ACL format against a string. + + The ACL format has three format specifiers: s, f, and r. Each specifier + will retrieve one argument from the variable arguments for either match- + ing or storing data. The input string is split up using " " and "\t" as + a delimiter; multiple " " and "\t" in a row are considered to be the + same. + + s Matches a string using strcmp(3) (case sensitive). + + f Matches the string with fnmatch(3). The _f_l_a_g_s argument (the + last argument) passed to the fnmatch function is 0. + + r Returns a copy of the string in the char ** passed in; the + copy must be freed with free(3). There is no need to free(3) + the string on error: the function will clean up and set the + pointer to NULL. + + All unknown format specifiers cause an error. + +EEXXAAMMPPLLEESS + char *s; + + ret = krb5_acl_match_string(context, "foo", "s", "foo"); + if (ret) + krb5_errx(context, 1, "acl didn't match"); + ret = krb5_acl_match_string(context, "foo foo baz/kaka", + "ss", "foo", &s, "foo/*"); + if (ret) { + /* no need to free(s) on error */ + assert(s == NULL); + krb5_errx(context, 1, "acl didn't match"); + } + free(s); + +SSEEEE AALLSSOO + krb5(3) + +HEIMDAL May 12, 2006 HEIMDAL diff --git a/lib/krb5/krb5_address.3 b/lib/krb5/krb5_address.3 deleted file mode 100644 index 06f7fa5cd02c..000000000000 --- a/lib/krb5/krb5_address.3 +++ /dev/null @@ -1,359 +0,0 @@ -.\" Copyright (c) 2003, 2005 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_address.3 17461 2006-05-05 13:13:18Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_ADDRESS 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_address , -.Nm krb5_addresses , -.Nm krb5_sockaddr2address , -.Nm krb5_sockaddr2port , -.Nm krb5_addr2sockaddr , -.Nm krb5_max_sockaddr_size , -.Nm krb5_sockaddr_uninteresting , -.Nm krb5_h_addr2sockaddr , -.Nm krb5_h_addr2addr , -.Nm krb5_anyaddr , -.Nm krb5_print_address , -.Nm krb5_parse_address , -.Nm krb5_address_order , -.Nm krb5_address_compare , -.Nm krb5_address_search , -.Nm krb5_free_address , -.Nm krb5_free_addresses , -.Nm krb5_copy_address , -.Nm krb5_copy_addresses , -.Nm krb5_append_addresses , -.Nm krb5_make_addrport -.Nd mange addresses in Kerberos -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Ft krb5_error_code -.Fo krb5_sockaddr2address -.Fa "krb5_context context" -.Fa "const struct sockaddr *sa" -.Fa "krb5_address *addr" -.Fc -.Ft krb5_error_code -.Fo krb5_sockaddr2port -.Fa "krb5_context context" -.Fa "const struct sockaddr *sa" -.Fa "int16_t *port" -.Fc -.Ft krb5_error_code -.Fo krb5_addr2sockaddr -.Fa "krb5_context context" -.Fa "const krb5_address *addr" -.Fa "struct sockaddr *sa" -.Fa "krb5_socklen_t *sa_size" -.Fa "int port" -.Fc -.Ft size_t -.Fo krb5_max_sockaddr_size -.Fa "void" -.Fc -.Ft "krb5_boolean" -.Fo krb5_sockaddr_uninteresting -.Fa "const struct sockaddr *sa" -.Fc -.Ft krb5_error_code -.Fo krb5_h_addr2sockaddr -.Fa "krb5_context context" -.Fa "int af" -.Fa "const char *addr" -.Fa "struct sockaddr *sa" -.Fa "krb5_socklen_t *sa_size" -.Fa "int port" -.Fc -.Ft krb5_error_code -.Fo krb5_h_addr2addr -.Fa "krb5_context context" -.Fa "int af" -.Fa "const char *haddr" -.Fa "krb5_address *addr" -.Fc -.Ft krb5_error_code -.Fo krb5_anyaddr -.Fa "krb5_context context" -.Fa "int af" -.Fa "struct sockaddr *sa" -.Fa "krb5_socklen_t *sa_size" -.Fa "int port" -.Fc -.Ft krb5_error_code -.Fo krb5_print_address -.Fa "const krb5_address *addr" -.Fa "char *str" -.Fa "size_t len" -.Fa "size_t *ret_len" -.Fc -.Ft krb5_error_code -.Fo krb5_parse_address -.Fa "krb5_context context" -.Fa "const char *string" -.Fa "krb5_addresses *addresses" -.Fc -.Ft int -.Fo "krb5_address_order" -.Fa "krb5_context context" -.Fa "const krb5_address *addr1" -.Fa "const krb5_address *addr2" -.Fc -.Ft "krb5_boolean" -.Fo krb5_address_compare -.Fa "krb5_context context" -.Fa "const krb5_address *addr1" -.Fa "const krb5_address *addr2" -.Fc -.Ft "krb5_boolean" -.Fo krb5_address_search -.Fa "krb5_context context" -.Fa "const krb5_address *addr" -.Fa "const krb5_addresses *addrlist" -.Fc -.Ft krb5_error_code -.Fo krb5_free_address -.Fa "krb5_context context" -.Fa "krb5_address *address" -.Fc -.Ft krb5_error_code -.Fo krb5_free_addresses -.Fa "krb5_context context" -.Fa "krb5_addresses *addresses" -.Fc -.Ft krb5_error_code -.Fo krb5_copy_address -.Fa "krb5_context context" -.Fa "const krb5_address *inaddr" -.Fa "krb5_address *outaddr" -.Fc -.Ft krb5_error_code -.Fo krb5_copy_addresses -.Fa "krb5_context context" -.Fa "const krb5_addresses *inaddr" -.Fa "krb5_addresses *outaddr" -.Fc -.Ft krb5_error_code -.Fo krb5_append_addresses -.Fa "krb5_context context" -.Fa "krb5_addresses *dest" -.Fa "const krb5_addresses *source" -.Fc -.Ft krb5_error_code -.Fo krb5_make_addrport -.Fa "krb5_context context" -.Fa "krb5_address **res" -.Fa "const krb5_address *addr" -.Fa "int16_t port" -.Fc -.Sh DESCRIPTION -The -.Li krb5_address -structure holds a address that can be used in Kerberos API -calls. There are help functions to set and extract address information -of the address. -.Pp -The -.Li krb5_addresses -structure holds a set of krb5_address:es. -.Pp -.Fn krb5_sockaddr2address -stores a address a -.Li "struct sockaddr" -.Fa sa -in the krb5_address -.Fa addr . -.Pp -.Fn krb5_sockaddr2port -extracts a -.Fa port -(if possible) from a -.Li "struct sockaddr" -.Fa sa . -.Pp -.Fn krb5_addr2sockaddr -sets the -struct sockaddr -.Fa sockaddr -from -.Fa addr -and -.Fa port . -The argument -.Fa sa_size -should initially contain the size of the -.Fa sa , -and after the call, it will contain the actual length of the address. -.Pp -.Fn krb5_max_sockaddr_size -returns the max size of the -.Li struct sockaddr -that the Kerberos library will return. -.Pp -.Fn krb5_sockaddr_uninteresting -returns -.Dv TRUE -for all -.Fa sa -that the kerberos library thinks are uninteresting. -One example are link local addresses. -.Pp -.Fn krb5_h_addr2sockaddr -initializes a -.Li "struct sockaddr" -.Fa sa -from -.Fa af -and the -.Li "struct hostent" -(see -.Xr gethostbyname 3 ) -.Fa h_addr_list -component. -The argument -.Fa sa_size -should initially contain the size of the -.Fa sa , -and after the call, it will contain the actual length of the address. -.Pp -.Fn krb5_h_addr2addr -works like -.Fn krb5_h_addr2sockaddr -with the exception that it operates on a -.Li krb5_address -instead of a -.Li struct sockaddr . -.Pp -.Fn krb5_anyaddr -fills in a -.Li "struct sockaddr" -.Fa sa -that can be used to -.Xr bind 2 -to. -The argument -.Fa sa_size -should initially contain the size of the -.Fa sa , -and after the call, it will contain the actual length of the address. -.Pp -.Fn krb5_print_address -prints the address in -.Fa addr -to the string -.Fa string -that have the length -.Fa len . -If -.Fa ret_len -is not -.Dv NULL , -it will be filled with the length of the string if size were unlimited (not -including the final -.Ql \e0 ) . -.Pp -.Fn krb5_parse_address -Returns the resolved hostname in -.Fa string -to the -.Li krb5_addresses -.Fa addresses . -.Pp -.Fn krb5_address_order -compares the addresses -.Fa addr1 -and -.Fa addr2 -so that it can be used for sorting addresses. If the addresses are the -same address -.Fa krb5_address_order -will return 0. -.Pp -.Fn krb5_address_compare -compares the addresses -.Fa addr1 -and -.Fa addr2 . -Returns -.Dv TRUE -if the two addresses are the same. -.Pp -.Fn krb5_address_search -checks if the address -.Fa addr -is a member of the address set list -.Fa addrlist . -.Pp -.Fn krb5_free_address -frees the data stored in the -.Fa address -that is alloced with any of the krb5_address functions. -.Pp -.Fn krb5_free_addresses -frees the data stored in the -.Fa addresses -that is alloced with any of the krb5_address functions. -.Pp -.Fn krb5_copy_address -copies the content of address -.Fa inaddr -to -.Fa outaddr . -.Pp -.Fn krb5_copy_addresses -copies the content of the address list -.Fa inaddr -to -.Fa outaddr . -.Pp -.Fn krb5_append_addresses -adds the set of addresses in -.Fa source -to -.Fa dest . -While copying the addresses, duplicates are also sorted out. -.Pp -.Fn krb5_make_addrport -allocates and creates an -krb5_address in -.Fa res -of type KRB5_ADDRESS_ADDRPORT from -.Fa ( addr , port ) . -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5.conf 5 , -.Xr kerberos 8 diff --git a/lib/krb5/krb5_aname_to_localname.3 b/lib/krb5/krb5_aname_to_localname.3 index a0c3e4b41507..a50e935fd2ff 100644 --- a/lib/krb5/krb5_aname_to_localname.3 +++ b/lib/krb5/krb5_aname_to_localname.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan +.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_aname_to_localname.3 22071 2007-11-14 20:04:50Z lha $ +.\" $Id$ .\" .Dd February 18, 2006 .Dt KRB5_ANAME_TO_LOCALNAME 3 diff --git a/lib/krb5/krb5_aname_to_localname.cat3 b/lib/krb5/krb5_aname_to_localname.cat3 new file mode 100644 index 000000000000..03565c1eaafe --- /dev/null +++ b/lib/krb5/krb5_aname_to_localname.cat3 @@ -0,0 +1,39 @@ + +KRB5_ANAME_TO_LOCALNA... BSD Library Functions Manual KRB5_ANAME_TO_LOCALNA... + +NNAAMMEE + kkrrbb55__aannaammee__ttoo__llooccaallnnaammee -- converts a principal to a system local name + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__aannaammee__ttoo__llooccaallnnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _n_a_m_e, + _s_i_z_e___t _l_n_s_i_z_e, _c_h_a_r _*_l_n_a_m_e); + +DDEESSCCRRIIPPTTIIOONN + This function takes a principal _n_a_m_e, verifies that it is in the local + realm (using kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmmss()) and then returns the local name + of the principal. + + If _n_a_m_e isn't in one of the local realms an error is returned. + + If the size (_l_n_s_i_z_e) of the local name (_l_n_a_m_e) is too small, an error is + returned. + + kkrrbb55__aannaammee__ttoo__llooccaallnnaammee() should only be use by an application that + implements protocols that don't transport the login name and thus needs + to convert a principal to a local name. + + Protocols should be designed so that they authenticate using Kerberos, + send over the login name and then verify the principal that is authenti- + cated is allowed to login and the login name. A way to check if a user + is allowed to login is using the function kkrrbb55__kkuusseerrookk(). + +SSEEEE AALLSSOO + krb5_get_default_realms(3), krb5_kuserok(3) + +HEIMDAL February 18, 2006 HEIMDAL diff --git a/lib/krb5/krb5_appdefault.3 b/lib/krb5/krb5_appdefault.3 index f5b532937db4..780c2ff7f5e1 100644 --- a/lib/krb5/krb5_appdefault.3 +++ b/lib/krb5/krb5_appdefault.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2000 Kungliga Tekniska Högskolan +.\" Copyright (c) 2000 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_appdefault.3 12329 2003-05-26 14:09:04Z lha $ +.\" $Id$ .\" .Dd July 25, 2000 .Dt KRB5_APPDEFAULT 3 diff --git a/lib/krb5/krb5_appdefault.cat3 b/lib/krb5/krb5_appdefault.cat3 new file mode 100644 index 000000000000..5000115c20a3 --- /dev/null +++ b/lib/krb5/krb5_appdefault.cat3 @@ -0,0 +1,57 @@ + +KRB5_APPDEFAULT(3) BSD Library Functions Manual KRB5_APPDEFAULT(3) + +NNAAMMEE + kkrrbb55__aappppddeeffaauulltt__bboooolleeaann, kkrrbb55__aappppddeeffaauulltt__ssttrriinngg, kkrrbb55__aappppddeeffaauulltt__ttiimmee -- + get application configuration value + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _v_o_i_d + kkrrbb55__aappppddeeffaauulltt__bboooolleeaann(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_a_p_p_n_a_m_e, + _k_r_b_5___r_e_a_l_m _r_e_a_l_m, _c_o_n_s_t _c_h_a_r _*_o_p_t_i_o_n, _k_r_b_5___b_o_o_l_e_a_n _d_e_f___v_a_l, + _k_r_b_5___b_o_o_l_e_a_n _*_r_e_t___v_a_l); + + _v_o_i_d + kkrrbb55__aappppddeeffaauulltt__ssttrriinngg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_a_p_p_n_a_m_e, + _k_r_b_5___r_e_a_l_m _r_e_a_l_m, _c_o_n_s_t _c_h_a_r _*_o_p_t_i_o_n, _c_o_n_s_t _c_h_a_r _*_d_e_f___v_a_l, + _c_h_a_r _*_*_r_e_t___v_a_l); + + _v_o_i_d + kkrrbb55__aappppddeeffaauulltt__ttiimmee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_a_p_p_n_a_m_e, + _k_r_b_5___r_e_a_l_m _r_e_a_l_m, _c_o_n_s_t _c_h_a_r _*_o_p_t_i_o_n, _t_i_m_e___t _d_e_f___v_a_l, + _t_i_m_e___t _*_r_e_t___v_a_l); + +DDEESSCCRRIIPPTTIIOONN + These functions get application defaults from the appdefaults section of + the krb5.conf(5) configuration file. These defaults can be specified per + application, and/or per realm. + + These values will be looked for in krb5.conf(5), in order of descending + importance. + + [appdefaults] + appname = { + realm = { + option = value + } + } + appname = { + option = value + } + realm = { + option = value + } + option = value + _a_p_p_n_a_m_e is the name of the application, and _r_e_a_l_m is the realm name. If + the realm is omitted it will not be used for resolving values. _d_e_f___v_a_l + is the value to return if no value is found in krb5.conf(5). + +SSEEEE AALLSSOO + krb5_config(3), krb5.conf(5) + +HEIMDAL July 25, 2000 HEIMDAL diff --git a/lib/krb5/krb5_auth_context.3 b/lib/krb5/krb5_auth_context.3 index 66d150ef8589..ec7f8b31cf85 100644 --- a/lib/krb5/krb5_auth_context.3 +++ b/lib/krb5/krb5_auth_context.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2001 - 2005 Kungliga Tekniska Högskolan +.\" Copyright (c) 2001 - 2005 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_auth_context.3 15240 2005-05-25 13:47:58Z lha $ +.\" $Id$ .\" .Dd May 17, 2005 .Dt KRB5_AUTH_CONTEXT 3 diff --git a/lib/krb5/krb5_auth_context.cat3 b/lib/krb5/krb5_auth_context.cat3 new file mode 100644 index 000000000000..f74bb606c11c --- /dev/null +++ b/lib/krb5/krb5_auth_context.cat3 @@ -0,0 +1,221 @@ + +KRB5_AUTH_CONTEXT(3) BSD Library Functions Manual KRB5_AUTH_CONTEXT(3) + +NNAAMMEE + kkrrbb55__aauutthh__ccoonn__aaddddffllaaggss, kkrrbb55__aauutthh__ccoonn__ffrreeee, kkrrbb55__aauutthh__ccoonn__ggeennaaddddrrss, + kkrrbb55__aauutthh__ccoonn__ggeenneerraatteellooccaallssuubbkkeeyy, kkrrbb55__aauutthh__ccoonn__ggeettaaddddrrss, + kkrrbb55__aauutthh__ccoonn__ggeettaauutthheennttiiccaattoorr, kkrrbb55__aauutthh__ccoonn__ggeettffllaaggss, + kkrrbb55__aauutthh__ccoonn__ggeettkkeeyy, kkrrbb55__aauutthh__ccoonn__ggeettllooccaallssuubbkkeeyy, + kkrrbb55__aauutthh__ccoonn__ggeettrrccaacchhee, kkrrbb55__aauutthh__ccoonn__ggeettrreemmootteessuubbkkeeyy, + kkrrbb55__aauutthh__ccoonn__ggeettuusseerrkkeeyy, kkrrbb55__aauutthh__ccoonn__iinniitt, kkrrbb55__aauutthh__ccoonn__iinniittiivveeccttoorr, + kkrrbb55__aauutthh__ccoonn__rreemmoovveeffllaaggss, kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss, + kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss__ffrroomm__ffdd, kkrrbb55__aauutthh__ccoonn__sseettffllaaggss, + kkrrbb55__aauutthh__ccoonn__sseettiivveeccttoorr, kkrrbb55__aauutthh__ccoonn__sseettkkeeyy, + kkrrbb55__aauutthh__ccoonn__sseettllooccaallssuubbkkeeyy, kkrrbb55__aauutthh__ccoonn__sseettrrccaacchhee, + kkrrbb55__aauutthh__ccoonn__sseettrreemmootteessuubbkkeeyy, kkrrbb55__aauutthh__ccoonn__sseettuusseerrkkeeyy, + kkrrbb55__aauutthh__ccoonntteexxtt, kkrrbb55__aauutthh__ggeettcckkssuummttyyppee, kkrrbb55__aauutthh__ggeettkkeeyyttyyppee, + kkrrbb55__aauutthh__ggeettllooccaallsseeqqnnuummbbeerr, kkrrbb55__aauutthh__ggeettrreemmootteesseeqqnnuummbbeerr, + kkrrbb55__aauutthh__sseettcckkssuummttyyppee, kkrrbb55__aauutthh__sseettkkeeyyttyyppee, + kkrrbb55__aauutthh__sseettllooccaallsseeqqnnuummbbeerr, kkrrbb55__aauutthh__sseettrreemmootteesseeqqnnuummbbeerr, + kkrrbb55__ffrreeee__aauutthheennttiiccaattoorr -- manage authentication on connection level + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__iinniitt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _*_a_u_t_h___c_o_n_t_e_x_t); + + _v_o_i_d + kkrrbb55__aauutthh__ccoonn__ffrreeee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__sseettffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _i_n_t_3_2___t _f_l_a_g_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__ggeettffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _i_n_t_3_2___t _*_f_l_a_g_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__aaddddffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _i_n_t_3_2___t _a_d_d_f_l_a_g_s, _i_n_t_3_2___t _*_f_l_a_g_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__rreemmoovveeffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _i_n_t_3_2___t _r_e_m_o_v_e_l_a_g_s, _i_n_t_3_2___t _*_f_l_a_g_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s _*_l_o_c_a_l___a_d_d_r, + _k_r_b_5___a_d_d_r_e_s_s _*_r_e_m_o_t_e___a_d_d_r); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__ggeettaaddddrrss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s _*_*_l_o_c_a_l___a_d_d_r, + _k_r_b_5___a_d_d_r_e_s_s _*_*_r_e_m_o_t_e___a_d_d_r); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__ggeennaaddddrrss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _i_n_t _f_d, _i_n_t _f_l_a_g_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss__ffrroomm__ffdd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _v_o_i_d _*_p___f_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__ggeettkkeeyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___k_e_y_b_l_o_c_k _*_*_k_e_y_b_l_o_c_k); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__ggeettllooccaallssuubbkkeeyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___k_e_y_b_l_o_c_k _*_*_k_e_y_b_l_o_c_k); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__ggeettrreemmootteessuubbkkeeyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___k_e_y_b_l_o_c_k _*_*_k_e_y_b_l_o_c_k); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__ggeenneerraatteellooccaallssuubbkkeeyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___k_e_y_b_l_o_c_k, _*_k_e_y_"); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__iinniittiivveeccttoorr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aauutthh__ccoonn__sseettiivveeccttoorr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _*_a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___p_o_i_n_t_e_r _i_v_e_c_t_o_r); + + _v_o_i_d + kkrrbb55__ffrreeee__aauutthheennttiiccaattoorr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h_e_n_t_i_c_a_t_o_r _*_a_u_t_h_e_n_t_i_c_a_t_o_r); + +DDEESSCCRRIIPPTTIIOONN + The kkrrbb55__aauutthh__ccoonntteexxtt structure holds all context related to an authenti- + cated connection, in a similar way to kkrrbb55__ccoonntteexxtt that holds the context + for the thread or process. kkrrbb55__aauutthh__ccoonntteexxtt is used by various func- + tions that are directly related to authentication between the + server/client. Example of data that this structure contains are various + flags, addresses of client and server, port numbers, keyblocks (and sub- + keys), sequence numbers, replay cache, and checksum-type. + + kkrrbb55__aauutthh__ccoonn__iinniitt() allocates and initializes the kkrrbb55__aauutthh__ccoonntteexxtt + structure. Default values can be changed with + kkrrbb55__aauutthh__ccoonn__sseettcckkssuummttyyppee() and kkrrbb55__aauutthh__ccoonn__sseettffllaaggss(). The + aauutthh__ccoonntteexxtt structure must be freed by kkrrbb55__aauutthh__ccoonn__ffrreeee(). + + kkrrbb55__aauutthh__ccoonn__ggeettffllaaggss(), kkrrbb55__aauutthh__ccoonn__sseettffllaaggss(), + kkrrbb55__aauutthh__ccoonn__aaddddffllaaggss() and kkrrbb55__aauutthh__ccoonn__rreemmoovveeffllaaggss() gets and modi- + fies the flags for a kkrrbb55__aauutthh__ccoonntteexxtt structure. Possible flags to set + are: + + KRB5_AUTH_CONTEXT_DO_SEQUENCE + Generate and check sequence-number on each packet. + + KRB5_AUTH_CONTEXT_DO_TIME + Check timestamp on incoming packets. + + KRB5_AUTH_CONTEXT_RET_SEQUENCE, KRB5_AUTH_CONTEXT_RET_TIME + Return sequence numbers and time stamps in the outdata parame- + ters. + + KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED + will force kkrrbb55__ggeett__ffoorrwwaarrddeedd__ccrreeddss() and kkrrbb55__ffwwdd__ttggtt__ccrreeddss() to + create unencrypted ) ENCTYPE_NULL) credentials. This is for use + with old MIT server and JAVA based servers as they can't handle + encrypted KRB-CRED. Note that sending such KRB-CRED is clear + exposes crypto keys and tickets and is insecure, make sure the + packet is encrypted in the protocol. krb5_rd_cred(3), + krb5_rd_priv(3), krb5_rd_safe(3), krb5_mk_priv(3) and + krb5_mk_safe(3). Setting this flag requires that parameter to be + passed to these functions. + + The flags KRB5_AUTH_CONTEXT_DO_TIME also modifies the behavior + the function kkrrbb55__ggeett__ffoorrwwaarrddeedd__ccrreeddss() by removing the timestamp + in the forward credential message, this have backward compatibil- + ity problems since not all versions of the heimdal supports time- + less credentional messages. Is very useful since it always the + sender of the message to cache forward message and thus avoiding + a round trip to the KDC for each time a credential is forwarded. + The same functionality can be obtained by using address-less + tickets. + + kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss(), kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss__ffrroomm__ffdd() and + kkrrbb55__aauutthh__ccoonn__ggeettaaddddrrss() gets and sets the addresses that are checked + when a packet is received. It is mandatory to set an address for the + remote host. If the local address is not set, it iss deduced from the + underlaying operating system. kkrrbb55__aauutthh__ccoonn__ggeettaaddddrrss() will call + kkrrbb55__ffrreeee__aaddddrreessss() on any address that is passed in _l_o_c_a_l___a_d_d_r or + _r_e_m_o_t_e___a_d_d_r. kkrrbb55__aauutthh__ccoonn__sseettaaddddrr() allows passing in a NULL pointer as + _l_o_c_a_l___a_d_d_r and _r_e_m_o_t_e___a_d_d_r, in that case it will just not set that + address. + + kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss__ffrroomm__ffdd() fetches the addresses from a file + descriptor. + + kkrrbb55__aauutthh__ccoonn__ggeennaaddddrrss() fetches the address information from the given + file descriptor _f_d depending on the bitmap argument _f_l_a_g_s. + + Possible values on _f_l_a_g_s are: + + _K_R_B_5___A_U_T_H___C_O_N_T_E_X_T___G_E_N_E_R_A_T_E___L_O_C_A_L___A_D_D_R + fetches the local address from _f_d. + + _K_R_B_5___A_U_T_H___C_O_N_T_E_X_T___G_E_N_E_R_A_T_E___R_E_M_O_T_E___A_D_D_R + fetches the remote address from _f_d. + + kkrrbb55__aauutthh__ccoonn__sseettkkeeyy(), kkrrbb55__aauutthh__ccoonn__sseettuusseerrkkeeyy() and + kkrrbb55__aauutthh__ccoonn__ggeettkkeeyy() gets and sets the key used for this auth context. + The keyblock returned by kkrrbb55__aauutthh__ccoonn__ggeettkkeeyy() should be freed with + kkrrbb55__ffrreeee__kkeeyybblloocckk(). The keyblock send into kkrrbb55__aauutthh__ccoonn__sseettkkeeyy() is + copied into the kkrrbb55__aauutthh__ccoonntteexxtt, and thus no special handling is + needed. NULL is not a valid keyblock to kkrrbb55__aauutthh__ccoonn__sseettkkeeyy(). + + kkrrbb55__aauutthh__ccoonn__sseettuusseerrkkeeyy() is only useful when doing user to user authen- + tication. kkrrbb55__aauutthh__ccoonn__sseettkkeeyy() is equivalent to + kkrrbb55__aauutthh__ccoonn__sseettuusseerrkkeeyy(). + + kkrrbb55__aauutthh__ccoonn__ggeettllooccaallssuubbkkeeyy(), kkrrbb55__aauutthh__ccoonn__sseettllooccaallssuubbkkeeyy(), + kkrrbb55__aauutthh__ccoonn__ggeettrreemmootteessuubbkkeeyy() and kkrrbb55__aauutthh__ccoonn__sseettrreemmootteessuubbkkeeyy() gets + and sets the keyblock for the local and remote subkey. The keyblock + returned by kkrrbb55__aauutthh__ccoonn__ggeettllooccaallssuubbkkeeyy() and + kkrrbb55__aauutthh__ccoonn__ggeettrreemmootteessuubbkkeeyy() must be freed with kkrrbb55__ffrreeee__kkeeyybblloocckk(). + + kkrrbb55__aauutthh__sseettcckkssuummttyyppee() and kkrrbb55__aauutthh__ggeettcckkssuummttyyppee() sets and gets the + checksum type that should be used for this connection. + + kkrrbb55__aauutthh__ccoonn__ggeenneerraatteellooccaallssuubbkkeeyy() generates a local subkey that have + the same encryption type as _k_e_y. + + kkrrbb55__aauutthh__ggeettrreemmootteesseeqqnnuummbbeerr() kkrrbb55__aauutthh__sseettrreemmootteesseeqqnnuummbbeerr(), + kkrrbb55__aauutthh__ggeettllooccaallsseeqqnnuummbbeerr() and kkrrbb55__aauutthh__sseettllooccaallsseeqqnnuummbbeerr() gets and + sets the sequence-number for the local and remote sequence-number + counter. + + kkrrbb55__aauutthh__sseettkkeeyyttyyppee() and kkrrbb55__aauutthh__ggeettkkeeyyttyyppee() gets and gets the key- + type of the keyblock in kkrrbb55__aauutthh__ccoonntteexxtt. + + kkrrbb55__aauutthh__ccoonn__ggeettaauutthheennttiiccaattoorr() Retrieves the authenticator that was + used during mutual authentication. The authenticator returned should be + freed by calling kkrrbb55__ffrreeee__aauutthheennttiiccaattoorr(). + + kkrrbb55__aauutthh__ccoonn__ggeettrrccaacchhee() and kkrrbb55__aauutthh__ccoonn__sseettrrccaacchhee() gets and sets the + replay-cache. + + kkrrbb55__aauutthh__ccoonn__iinniittiivveeccttoorr() allocates memory for and zeros the initial + vector in the _a_u_t_h___c_o_n_t_e_x_t keyblock. + + kkrrbb55__aauutthh__ccoonn__sseettiivveeccttoorr() sets the i_vector portion of _a_u_t_h___c_o_n_t_e_x_t to + _i_v_e_c_t_o_r. + + kkrrbb55__ffrreeee__aauutthheennttiiccaattoorr() free the content of _a_u_t_h_e_n_t_i_c_a_t_o_r and + _a_u_t_h_e_n_t_i_c_a_t_o_r itself. + +SSEEEE AALLSSOO + krb5_context(3), kerberos(8) + +HEIMDAL May 17, 2005 HEIMDAL diff --git a/lib/krb5/krb5_c_make_checksum.3 b/lib/krb5/krb5_c_make_checksum.3 index a323ccee1d32..77be59adbe76 100644 --- a/lib/krb5/krb5_c_make_checksum.3 +++ b/lib/krb5/krb5_c_make_checksum.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan +.\" Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_c_make_checksum.3 19066 2006-11-17 22:09:25Z lha $ +.\" $Id$ .\" .Dd Nov 17, 2006 .Dt KRB5_C_MAKE_CHECKSUM 3 @@ -112,7 +112,7 @@ Kerberos 5 Library (libkrb5, -lkrb5) .Fc .Ft krb5_error_code .Fo krb5_c_verify_checksum -.Fa "krb5_context context +.Fa "krb5_context context" .Fa "const krb5_keyblock *key" .Fa "krb5_keyusage usage" .Fa "const krb5_data *data" @@ -185,7 +185,7 @@ decrypts .Fa input and store the data in .Fa output. -If +If .Fa ivec is .Dv NULL @@ -257,7 +257,7 @@ If some either of .Fa data or .Fa checksum -is not needed for the application, +is not needed for the application, .Dv NULL can be passed in. .Pp @@ -279,14 +279,14 @@ is a keyed checksum type. .Fn krb5_c_is_coll_proof_cksum returns true if .Fa ctype -is a collition proof checksum type. +is a collision proof checksum type. .Pp .Fn krb5_c_keylengths -return the minimum length ( -.Fa inlength ) +return the minimum length +.Fa ( inlength ) bytes needed to create a key and the -length ( -.Fa keylength ) +length +.Fa ( keylength ) of the resulting key for the .Fa enctype . diff --git a/lib/krb5/krb5_c_make_checksum.cat3 b/lib/krb5/krb5_c_make_checksum.cat3 new file mode 100644 index 000000000000..ac19146733bd --- /dev/null +++ b/lib/krb5/krb5_c_make_checksum.cat3 @@ -0,0 +1,142 @@ + +KRB5_C_MAKE_CHECKSUM(3) BSD Library Functions Manual KRB5_C_MAKE_CHECKSUM(3) + +NNAAMMEE + kkrrbb55__cc__bblloocckk__ssiizzee, kkrrbb55__cc__ddeeccrryypptt, kkrrbb55__cc__eennccrryypptt, kkrrbb55__cc__eennccrryypptt__lleennggtthh, + kkrrbb55__cc__eennccttyyppee__ccoommppaarree, kkrrbb55__cc__ggeett__cchheecckkssuumm, kkrrbb55__cc__iiss__ccoollll__pprrooooff__cckkssuumm, + kkrrbb55__cc__iiss__kkeeyyeedd__cckkssuumm, kkrrbb55__cc__kkeeyylleennggtthh, kkrrbb55__cc__mmaakkee__cchheecckkssuumm, + kkrrbb55__cc__mmaakkee__rraannddoomm__kkeeyy, kkrrbb55__cc__sseett__cchheecckkssuumm, kkrrbb55__cc__vvaalliidd__cckkssuummttyyppee, + kkrrbb55__cc__vvaalliidd__eennccttyyppee, kkrrbb55__cc__vveerriiffyy__cchheecckkssuumm, kkrrbb55__cc__cchheecckkssuumm__lleennggtthh -- + Kerberos 5 crypto API + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cc__bblloocckk__ssiizzee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, + _s_i_z_e___t _*_b_l_o_c_k_s_i_z_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cc__ddeeccrryypptt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___k_e_y_b_l_o_c_k _k_e_y, + _k_r_b_5___k_e_y_u_s_a_g_e _u_s_a_g_e, _c_o_n_s_t _k_r_b_5___d_a_t_a _*_i_v_e_c, _k_r_b_5___e_n_c___d_a_t_a _*_i_n_p_u_t, + _k_r_b_5___d_a_t_a _*_o_u_t_p_u_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cc__eennccrryypptt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y, + _k_r_b_5___k_e_y_u_s_a_g_e _u_s_a_g_e, _c_o_n_s_t _k_r_b_5___d_a_t_a _*_i_v_e_c, _c_o_n_s_t _k_r_b_5___d_a_t_a _*_i_n_p_u_t, + _k_r_b_5___e_n_c___d_a_t_a _*_o_u_t_p_u_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cc__eennccrryypptt__lleennggtthh(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, + _s_i_z_e___t _i_n_p_u_t_l_e_n, _s_i_z_e___t _*_l_e_n_g_t_h); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cc__eennccttyyppee__ccoommppaarree(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_1, + _k_r_b_5___e_n_c_t_y_p_e _e_2, _k_r_b_5___b_o_o_l_e_a_n _*_s_i_m_i_l_a_r); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cc__mmaakkee__rraannddoomm__kkeeyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, + _k_r_b_5___k_e_y_b_l_o_c_k _*_r_a_n_d_o_m___k_e_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cc__mmaakkee__cchheecckkssuumm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_k_s_u_m_t_y_p_e _c_k_s_u_m_t_y_p_e, + _c_o_n_s_t _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y, _k_r_b_5___k_e_y_u_s_a_g_e _u_s_a_g_e, + _c_o_n_s_t _k_r_b_5___d_a_t_a _*_i_n_p_u_t, _k_r_b_5___c_h_e_c_k_s_u_m _*_c_k_s_u_m); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cc__vveerriiffyy__cchheecckkssuumm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y, + _k_r_b_5___k_e_y_u_s_a_g_e _u_s_a_g_e, _c_o_n_s_t _k_r_b_5___d_a_t_a _*_d_a_t_a, + _c_o_n_s_t _k_r_b_5___c_h_e_c_k_s_u_m _*_c_k_s_u_m, _k_r_b_5___b_o_o_l_e_a_n _*_v_a_l_i_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cc__cchheecckkssuumm__lleennggtthh(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_k_s_u_m_t_y_p_e _c_k_s_u_m_t_y_p_e, + _s_i_z_e___t _*_l_e_n_g_t_h); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cc__ggeett__cchheecckkssuumm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___c_h_e_c_k_s_u_m _*_c_k_s_u_m, + _k_r_b_5___c_k_s_u_m_t_y_p_e _*_t_y_p_e, _k_r_b_5___d_a_t_a _*_*_d_a_t_a); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cc__sseett__cchheecckkssuumm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_h_e_c_k_s_u_m _*_c_k_s_u_m, + _k_r_b_5___c_k_s_u_m_t_y_p_e _t_y_p_e, _c_o_n_s_t _k_r_b_5___d_a_t_a _*_d_a_t_a); + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__cc__vvaalliidd__eennccttyyppee(_k_r_b_5___e_n_c_t_y_p_e, _e_t_y_p_e_"); + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__cc__vvaalliidd__cckkssuummttyyppee(_k_r_b_5___c_k_s_u_m_t_y_p_e _c_t_y_p_e); + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__cc__iiss__ccoollll__pprrooooff__cckkssuumm(_k_r_b_5___c_k_s_u_m_t_y_p_e _c_t_y_p_e); + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__cc__iiss__kkeeyyeedd__cckkssuumm(_k_r_b_5___c_k_s_u_m_t_y_p_e _c_t_y_p_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cc__kkeeyylleennggtthhss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, + _s_i_z_e___t _*_i_n_l_e_n_g_t_h, _s_i_z_e___t _*_k_e_y_l_e_n_g_t_h); + +DDEESSCCRRIIPPTTIIOONN + The functions starting with krb5_c are compat functions with MIT ker- + beros. + + The krb5_enc_data structure holds and encrypted data. There are two pub- + lic accessable members of krb5_enc_data. enctype that holds the encryp- + tion type of the data encrypted and ciphertext that is a _k_r_b_5___d_a_t_a that + might contain the encrypted data. + + kkrrbb55__cc__bblloocckk__ssiizzee() returns the blocksize of the encryption type. + + kkrrbb55__cc__ddeeccrryypptt() decrypts _i_n_p_u_t and store the data in _o_u_t_p_u_t_. If _i_v_e_c is + NULL the default initialization vector for that encryption type will be + used. + + kkrrbb55__cc__eennccrryypptt() encrypts the plaintext in _i_n_p_u_t and store the ciphertext + in _o_u_t_p_u_t. + + kkrrbb55__cc__eennccrryypptt__lleennggtthh() returns the length the encrypted data given the + plaintext length. + + kkrrbb55__cc__eennccttyyppee__ccoommppaarree() compares to encryption types and returns if they + use compatible encryption key types. + + kkrrbb55__cc__mmaakkee__cchheecckkssuumm() creates a checksum _c_k_s_u_m with the checksum type + _c_k_s_u_m_t_y_p_e of the data in _d_a_t_a. _k_e_y and _u_s_a_g_e are used if the checksum is + a keyed checksum type. Returns 0 or an error code. + + kkrrbb55__cc__vveerriiffyy__cchheecckkssuumm() verifies the checksum of _d_a_t_a in _c_k_s_u_m that was + created with _k_e_y using the key usage _u_s_a_g_e. _v_e_r_i_f_y is set to non-zero if + the checksum verifies correctly and zero if not. Returns 0 or an error + code. + + kkrrbb55__cc__cchheecckkssuumm__lleennggtthh() returns the length of the checksum. + + kkrrbb55__cc__sseett__cchheecckkssuumm() sets the krb5_checksum structure given _t_y_p_e and + _d_a_t_a. The content of _c_k_s_u_m should be freeed with + kkrrbb55__cc__ffrreeee__cchheecckkssuumm__ccoonntteennttss(). + + kkrrbb55__cc__ggeett__cchheecckkssuumm() retrieves the components of the krb5_checksum. + structure. _d_a_t_a should be free with kkrrbb55__ffrreeee__ddaattaa(). If some either of + _d_a_t_a or _c_h_e_c_k_s_u_m is not needed for the application, NULL can be passed + in. + + kkrrbb55__cc__vvaalliidd__eennccttyyppee() returns true if _e_t_y_p_e is a valid encryption type. + + kkrrbb55__cc__vvaalliidd__cckkssuummttyyppee() returns true if _c_t_y_p_e is a valid checksum type. + + kkrrbb55__cc__iiss__kkeeyyeedd__cckkssuumm() return true if _c_t_y_p_e is a keyed checksum type. + + kkrrbb55__cc__iiss__ccoollll__pprrooooff__cckkssuumm() returns true if _c_t_y_p_e is a collision proof + checksum type. + + kkrrbb55__cc__kkeeyylleennggtthhss() return the minimum length (_i_n_l_e_n_g_t_h) bytes needed to + create a key and the length (_k_e_y_l_e_n_g_t_h) of the resulting key for the + _e_n_c_t_y_p_e. + +SSEEEE AALLSSOO + krb5(3), krb5_create_checksum(3), krb5_free_data(3), kerberos(8) + +HEIMDAL Nov 17, 2006 HEIMDAL diff --git a/lib/krb5/krb5_ccache.3 b/lib/krb5/krb5_ccache.3 deleted file mode 100644 index 3fca5956e7dd..000000000000 --- a/lib/krb5/krb5_ccache.3 +++ /dev/null @@ -1,517 +0,0 @@ -.\" Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_ccache.3 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd October 19, 2005 -.Dt KRB5_CCACHE 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_ccache , -.Nm krb5_cc_cursor , -.Nm krb5_cc_ops , -.Nm krb5_fcc_ops , -.Nm krb5_mcc_ops , -.Nm krb5_cc_clear_mcred , -.Nm krb5_cc_close , -.Nm krb5_cc_copy_cache , -.Nm krb5_cc_default , -.Nm krb5_cc_default_name , -.Nm krb5_cc_destroy , -.Nm krb5_cc_end_seq_get , -.Nm krb5_cc_gen_new , -.Nm krb5_cc_get_full_name , -.Nm krb5_cc_get_name , -.Nm krb5_cc_get_ops , -.Nm krb5_cc_get_prefix_ops , -.Nm krb5_cc_get_principal , -.Nm krb5_cc_get_type , -.Nm krb5_cc_get_version , -.Nm krb5_cc_initialize , -.Nm krb5_cc_next_cred , -.Nm krb5_cc_next_cred_match , -.Nm krb5_cc_new_unique , -.Nm krb5_cc_register , -.Nm krb5_cc_remove_cred , -.Nm krb5_cc_resolve , -.Nm krb5_cc_retrieve_cred , -.Nm krb5_cc_set_default_name , -.Nm krb5_cc_set_flags , -.Nm krb5_cc_start_seq_get , -.Nm krb5_cc_store_cred -.Nd mange credential cache -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li "struct krb5_ccache;" -.Pp -.Li "struct krb5_cc_cursor;" -.Pp -.Li "struct krb5_cc_ops;" -.Pp -.Li "struct krb5_cc_ops *krb5_fcc_ops;" -.Pp -.Li "struct krb5_cc_ops *krb5_mcc_ops;" -.Pp -.Ft void -.Fo krb5_cc_clear_mcred -.Fa "krb5_creds *mcred" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_close -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_copy_cache -.Fa "krb5_context context" -.Fa "const krb5_ccache from" -.Fa "krb5_ccache to" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_default -.Fa "krb5_context context" -.Fa "krb5_ccache *id" -.Fc -.Ft "const char *" -.Fo krb5_cc_default_name -.Fa "krb5_context context" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_destroy -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_end_seq_get -.Fa "krb5_context context" -.Fa "const krb5_ccache id" -.Fa "krb5_cc_cursor *cursor" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_gen_new -.Fa "krb5_context context" -.Fa "const krb5_cc_ops *ops" -.Fa "krb5_ccache *id" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_get_full_name -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "char **str" -.Fc -.Ft "const char *" -.Fo krb5_cc_get_name -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_get_principal -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "krb5_principal *principal" -.Fc -.Ft "const char *" -.Fo krb5_cc_get_type -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fc -.Ft "const krb5_cc_ops *" -.Fo krb5_cc_get_ops -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fc -.Ft "const krb5_cc_ops *" -.Fo krb5_cc_get_prefix_ops -.Fa "krb5_context context" -.Fa "const char *prefix" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_get_version -.Fa "krb5_context context" -.Fa "const krb5_ccache id" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_initialize -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "krb5_principal primary_principal" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_register -.Fa "krb5_context context" -.Fa "const krb5_cc_ops *ops" -.Fa "krb5_boolean override" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_resolve -.Fa "krb5_context context" -.Fa "const char *name" -.Fa "krb5_ccache *id" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_retrieve_cred -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "krb5_flags whichfields" -.Fa "const krb5_creds *mcreds" -.Fa "krb5_creds *creds" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_remove_cred -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "krb5_flags which" -.Fa "krb5_creds *cred" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_set_default_name -.Fa "krb5_context context" -.Fa "const char *name" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_start_seq_get -.Fa "krb5_context context" -.Fa "const krb5_ccache id" -.Fa "krb5_cc_cursor *cursor" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_store_cred -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "krb5_creds *creds" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_set_flags -.Fa "krb5_context context" -.Fa "krb5_cc_set_flags id" -.Fa "krb5_flags flags" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_next_cred -.Fa "krb5_context context" -.Fa "const krb5_ccache id" -.Fa "krb5_cc_cursor *cursor" -.Fa "krb5_creds *creds" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_next_cred_match -.Fa "krb5_context context" -.Fa "const krb5_ccache id" -.Fa "krb5_cc_cursor *cursor" -.Fa "krb5_creds *creds" -.Fa "krb5_flags whichfields" -.Fa "const krb5_creds *mcreds" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_new_unique -.Fa "krb5_context context" -.Fa "const char *type" -.Fa "const char *hint" -.Fa "krb5_ccache *id" -.Fc -.Sh DESCRIPTION -The -.Li krb5_ccache -structure holds a Kerberos credential cache. -.Pp -The -.Li krb5_cc_cursor -structure holds current position in a credential cache when -iterating over the cache. -.Pp -The -.Li krb5_cc_ops -structure holds a set of operations that can me preformed on a -credential cache. -.Pp -There is no component inside -.Li krb5_ccache , -.Li krb5_cc_cursor -nor -.Li krb5_fcc_ops -that is directly referable. -.Pp -The -.Li krb5_creds -holds a Kerberos credential, see manpage for -.Xr krb5_creds 3 . -.Pp -.Fn krb5_cc_default_name -and -.Fn krb5_cc_set_default_name -gets and sets the default name for the -.Fa context . -.Pp -.Fn krb5_cc_default -opens the default credential cache in -.Fa id . -Return 0 or an error code. -.Pp -.Fn krb5_cc_gen_new -generates a new credential cache of type -.Fa ops -in -.Fa id . -Return 0 or an error code. -The Heimdal version of this function also runs -.Fn krb5_cc_initialize -on the credential cache, but since the MIT version doesn't, portable -code must call krb5_cc_initialize. -.Pp -.Fn krb5_cc_new_unique -generates a new unique credential cache of -.Fa type -in -.Fa id . -If type is -.Dv NULL , -the library chooses the default credential cache type. -The supplied -.Fa hint -(that can be -.Dv NULL ) -is a string that the credential cache type can use to base the name of -the credential on, this is to make it easier for the user to -differentiate the credentials. -The returned credential cache -.Fa id -should be freed using -.Fn krb5_cc_close -or -.Fn krb5_cc_destroy . -Returns 0 or an error code. -.Pp -.Fn krb5_cc_resolve -finds and allocates a credential cache in -.Fa id -from the specification in -.Fa residual . -If the credential cache name doesn't contain any colon (:), interpret it as a -file name. -Return 0 or an error code. -.Pp -.Fn krb5_cc_initialize -creates a new credential cache in -.Fa id -for -.Fa primary_principal . -Return 0 or an error code. -.Pp -.Fn krb5_cc_close -stops using the credential cache -.Fa id -and frees the related resources. -Return 0 or an error code. -.Fn krb5_cc_destroy -removes the credential cache -and closes (by calling -.Fn krb5_cc_close ) -.Fa id . -Return 0 or an error code. -.Pp -.Fn krb5_cc_copy_cache -copys the contents of -.Fa from -to -.Fa to . -.Pp -.Fn krb5_cc_get_full_name -returns the complete resolvable name of the credential cache -.Fa id -in -.Fa str . -.Fa str -should be freed with -.Xr free 3 . -Returns 0 or an error, on error -.Fa *str -is set to -.Dv NULL . -.Pp -.Fn krb5_cc_get_name -returns the name of the credential cache -.Fa id . -.Pp -.Fn krb5_cc_get_principal -returns the principal of -.Fa id -in -.Fa principal . -Return 0 or an error code. -.Pp -.Fn krb5_cc_get_type -returns the type of the credential cache -.Fa id . -.Pp -.Fn krb5_cc_get_ops -returns the ops of the credential cache -.Fa id . -.Pp -.Fn krb5_cc_get_version -returns the version of -.Fa id . -.Pp -.Fn krb5_cc_register -Adds a new credential cache type with operations -.Fa ops , -overwriting any existing one if -.Fa override . -Return an error code or 0. -.Pp -.Fn krb5_cc_get_prefix_ops -Get the cc ops that is registered in -.Fa context -to handle the -.Fa prefix . -Returns -.Dv NULL -if ops not found. -.Pp -.Fn krb5_cc_remove_cred -removes the credential identified by -.Fa ( cred , -.Fa which ) -from -.Fa id . -.Pp -.Fn krb5_cc_store_cred -stores -.Fa creds -in the credential cache -.Fa id . -Return 0 or an error code. -.Pp -.Fn krb5_cc_set_flags -sets the flags of -.Fa id -to -.Fa flags . -.Pp -.Fn krb5_cc_clear_mcred -clears the -.Fa mcreds -argument so it is reset and can be used with -.Fa krb5_cc_retrieve_cred . -.Pp -.Fn krb5_cc_retrieve_cred , -retrieves the credential identified by -.Fa mcreds -(and -.Fa whichfields ) -from -.Fa id -in -.Fa creds . -.Fa creds -should be freed using -.Fn krb5_free_cred_contents . -Return 0 or an error code. -.Pp -.Fn krb5_cc_start_seq_get -initiates the -.Li krb5_cc_cursor -structure to be used for iteration over the credential cache. -.Pp -.Fn krb5_cc_next_cred -retrieves the next cred pointed to by -.Fa ( id , -.Fa cursor ) -in -.Fa creds , -and advance -.Fa cursor . -Return 0 or an error code. -.Pp -.Fn krb5_cc_next_cred_match -is similar to -.Fn krb5_cc_next_cred -except that it will only return creds matching -.Fa whichfields -and -.Fa mcreds -(as interpreted by -.Xr krb5_compare_creds 3 . ) -.Pp -.Fn krb5_cc_end_seq_get -Destroys the cursor -.Fa cursor . -.Sh EXAMPLE -This is a minimalistic version of -.Nm klist . -.Pp -.Bd -literal -#include - -int -main (int argc, char **argv) -{ - krb5_context context; - krb5_cc_cursor cursor; - krb5_error_code ret; - krb5_ccache id; - krb5_creds creds; - - if (krb5_init_context (&context) != 0) - errx(1, "krb5_context"); - - ret = krb5_cc_default (context, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_default"); - - ret = krb5_cc_start_seq_get(context, id, &cursor); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_start_seq_get"); - - while((ret = krb5_cc_next_cred(context, id, &cursor, &creds)) == 0){ - char *principal; - - krb5_unparse_name_short(context, creds.server, &principal); - printf("principal: %s\\n", principal); - free(principal); - krb5_free_cred_contents (context, &creds); - } - ret = krb5_cc_end_seq_get(context, id, &cursor); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_end_seq_get"); - - krb5_cc_close(context, id); - - krb5_free_context(context); - return 0; -} -.Ed -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5.conf 5 , -.Xr kerberos 8 diff --git a/lib/krb5/krb5_ccapi.h b/lib/krb5/krb5_ccapi.h index 59a38425c252..5a7fe6a41334 100644 --- a/lib/krb5/krb5_ccapi.h +++ b/lib/krb5/krb5_ccapi.h @@ -1,43 +1,47 @@ /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: krb5_ccapi.h 22090 2007-12-02 23:23:43Z lha $ */ +/* $Id$ */ #ifndef KRB5_CCAPI_H #define KRB5_CCAPI_H 1 #include + #ifdef __APPLE__ +#pragma pack(push,2) +#endif + enum { cc_credentials_v5 = 2 }; @@ -49,7 +53,7 @@ enum { enum { ccNoError = 0, - + ccIteratorEnd = 201, ccErrBadParam, ccErrNoMem, @@ -61,25 +65,25 @@ enum { ccErrInvalidCCacheIterator, ccErrInvalidCredentialsIterator, ccErrInvalidLock, - + ccErrBadName, /* 211 */ ccErrBadCredentialsVersion, ccErrBadAPIVersion, ccErrContextLocked, ccErrContextUnlocked, - + ccErrCCacheLocked, /* 216 */ ccErrCCacheUnlocked, ccErrBadLockType, ccErrNeverDefault, ccErrCredentialsNotFound, - + ccErrCCacheNotFound, /* 221 */ ccErrContextNotFound, ccErrServerUnavailable, ccErrServerInsecure, ccErrServerCantBecomeUID, - + ccErrTimeOffsetNotSet /* 226 */ }; @@ -92,7 +96,7 @@ typedef struct cc_credentials_v5_t cc_credentials_v5_t; typedef struct cc_credentials_t *cc_credentials_t; typedef struct cc_credentials_iterator_t *cc_credentials_iterator_t; typedef struct cc_string_t *cc_string_t; -typedef time_t cc_time_t; +typedef cc_uint32 cc_time_t; typedef struct cc_data { cc_uint32 type; @@ -224,7 +228,12 @@ struct cc_context_t { const struct cc_context_functions* func; }; -typedef cc_int32 +typedef cc_int32 (*cc_initialize_func)(cc_context_t*, cc_int32, cc_int32 *, char const **); +#ifdef __APPLE__ +#pragma pack(pop) +#endif + + #endif /* KRB5_CCAPI_H */ diff --git a/lib/krb5/krb5_check_transited.3 b/lib/krb5/krb5_check_transited.3 index 65ce0774225f..4d4dae3086c8 100644 --- a/lib/krb5/krb5_check_transited.3 +++ b/lib/krb5/krb5_check_transited.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004, 2006 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004, 2006 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_check_transited.3 17382 2006-05-01 07:09:16Z lha $ +.\" $Id$ .\" .Dd May 1, 2006 .Dt KRB5_CHECK_TRANSITED 3 @@ -86,7 +86,7 @@ where and .Fa num_realms is the realms between them. -If the function returns an error value, +If the function returns an error value, .Fa bad_realm will be set to the realm in the list causing the error. .Fn krb5_check_transited diff --git a/lib/krb5/krb5_check_transited.cat3 b/lib/krb5/krb5_check_transited.cat3 new file mode 100644 index 000000000000..97a97e72b6bf --- /dev/null +++ b/lib/krb5/krb5_check_transited.cat3 @@ -0,0 +1,49 @@ + +KRB5_CHECK_TRANSITED(3) BSD Library Functions Manual KRB5_CHECK_TRANSITED(3) + +NNAAMMEE + kkrrbb55__cchheecckk__ttrraannssiitteedd, kkrrbb55__cchheecckk__ttrraannssiitteedd__rreeaallmmss, + kkrrbb55__ddoommaaiinn__xx550000__ddeeccooddee, kkrrbb55__ddoommaaiinn__xx550000__eennccooddee -- realm transit verifi- + cation and encoding/decoding functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cchheecckk__ttrraannssiitteedd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_o_n_s_t___r_e_a_l_m _c_l_i_e_n_t___r_e_a_l_m, + _k_r_b_5___c_o_n_s_t___r_e_a_l_m _s_e_r_v_e_r___r_e_a_l_m, _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m_s, _i_n_t _n_u_m___r_e_a_l_m_s, + _i_n_t _*_b_a_d___r_e_a_l_m); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cchheecckk__ttrraannssiitteedd__rreeaallmmss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _c_o_n_s_t _c_h_a_r _*_c_o_n_s_t _*_r_e_a_l_m_s, _i_n_t _n_u_m___r_e_a_l_m_s, _i_n_t _*_b_a_d___r_e_a_l_m); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddoommaaiinn__xx550000__ddeeccooddee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_a_t_a _t_r, + _c_h_a_r _*_*_*_r_e_a_l_m_s, _i_n_t _*_n_u_m___r_e_a_l_m_s, _c_o_n_s_t _c_h_a_r _*_c_l_i_e_n_t___r_e_a_l_m, + _c_o_n_s_t _c_h_a_r _*_s_e_r_v_e_r___r_e_a_l_m); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddoommaaiinn__xx550000__eennccooddee(_c_h_a_r _*_*_r_e_a_l_m_s, _i_n_t _n_u_m___r_e_a_l_m_s, + _k_r_b_5___d_a_t_a _*_e_n_c_o_d_i_n_g); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__cchheecckk__ttrraannssiitteedd() checks the path from _c_l_i_e_n_t___r_e_a_l_m to _s_e_r_v_e_r___r_e_a_l_m + where _r_e_a_l_m_s and _n_u_m___r_e_a_l_m_s is the realms between them. If the function + returns an error value, _b_a_d___r_e_a_l_m will be set to the realm in the list + causing the error. kkrrbb55__cchheecckk__ttrraannssiitteedd() is used internally by the KDC + and libkrb5 and should not be called by client applications. + + kkrrbb55__cchheecckk__ttrraannssiitteedd__rreeaallmmss() is deprecated. + + kkrrbb55__ddoommaaiinn__xx550000__eennccooddee() and kkrrbb55__ddoommaaiinn__xx550000__ddeeccooddee() encodes and + decodes the realm names in the X500 format that Kerberos uses to describe + the transited realms in krbtgts. + +SSEEEE AALLSSOO + krb5(3), krb5.conf(5) + +HEIMDAL May 1, 2006 HEIMDAL diff --git a/lib/krb5/krb5_compare_creds.3 b/lib/krb5/krb5_compare_creds.3 deleted file mode 100644 index 9fd2bbbbb684..000000000000 --- a/lib/krb5/krb5_compare_creds.3 +++ /dev/null @@ -1,104 +0,0 @@ -.\" Copyright (c) 2004-2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_compare_creds.3 15110 2005-05-10 09:21:06Z lha $ -.\" -.Dd May 10, 2005 -.Dt KRB5_COMPARE_CREDS 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_compare_creds -.Nd compare Kerberos 5 credentials -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_boolean -.Fo krb5_compare_creds -.Fa "krb5_context context" -.Fa "krb5_flags whichfields" -.Fa "const krb5_creds *mcreds" -.Fa "const krb5_creds *creds" -.Fc -.Sh DESCRIPTION -.Fn krb5_compare_creds -compares -.Fa mcreds -(usually filled in by the application) -to -.Fa creds -(most often from a credentials cache) -and return -.Dv TRUE -if they are equal. -Unless -.Va mcreds-\*[Gt]server -is -.Dv NULL , -the service of the credentials are always compared. If the client -name in -.Fa mcreds -is present, the client names are also compared. This function is -normally only called indirectly via -.Xr krb5_cc_retrieve_cred 3 . -.Pp -The following flags, set in -.Fa whichfields , -affects the comparison: -.Bl -tag -width KRB5_TC_MATCH_SRV_NAMEONLY -compact -offset indent -.It KRB5_TC_MATCH_SRV_NAMEONLY -Consider all realms equal when comparing the service principal. -.It KRB5_TC_MATCH_KEYTYPE -Compare enctypes. -.It KRB5_TC_MATCH_FLAGS_EXACT -Make sure that the ticket flags are identical. -.It KRB5_TC_MATCH_FLAGS -Make sure that all ticket flags set in -.Fa mcreds -are also present in -.Fa creds . -.It KRB5_TC_MATCH_TIMES_EXACT -Compares the ticket times exactly. -.It KRB5_TC_MATCH_TIMES -Compares only the expiration times of the creds. -.It KRB5_TC_MATCH_AUTHDATA -Compares the authdata fields. -.It KRB5_TC_MATCH_2ND_TKT -Compares the second tickets (used by user-to-user authentication). -.It KRB5_TC_MATCH_IS_SKEY -Compares the existance of the second ticket. -.El -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_cc_retrieve_cred 3 , -.Xr krb5_creds 3 , -.Xr krb5_get_init_creds 3 , -.Xr kerberos 8 diff --git a/lib/krb5/krb5_config.3 b/lib/krb5/krb5_config.3 deleted file mode 100644 index 9c302ae2f3a3..000000000000 --- a/lib/krb5/krb5_config.3 +++ /dev/null @@ -1,307 +0,0 @@ -.\" Copyright (c) 2000 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" -.\" $Id: krb5_config.3 21905 2007-08-10 10:16:45Z lha $ -.\" -.Dd August 10, 2007 -.Dt KRB5_CONFIG_GET 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_config_file_free , -.Nm krb5_config_free_strings , -.Nm krb5_config_get , -.Nm krb5_config_get_bool , -.Nm krb5_config_get_bool_default , -.Nm krb5_config_get_int , -.Nm krb5_config_get_int_default , -.Nm krb5_config_get_list , -.Nm krb5_config_get_next , -.Nm krb5_config_get_string , -.Nm krb5_config_get_string_default , -.Nm krb5_config_get_strings , -.Nm krb5_config_get_time , -.Nm krb5_config_get_time_default , -.Nm krb5_config_parse_file , -.Nm krb5_config_parse_file_multi , -.Nm krb5_config_vget , -.Nm krb5_config_vget_bool , -.Nm krb5_config_vget_bool_default , -.Nm krb5_config_vget_int , -.Nm krb5_config_vget_int_default , -.Nm krb5_config_vget_list , -.Nm krb5_config_vget_next , -.Nm krb5_config_vget_string , -.Nm krb5_config_vget_string_default , -.Nm krb5_config_vget_strings , -.Nm krb5_config_vget_time , -.Nm krb5_config_vget_time_default -.Nd get configuration value -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_config_file_free -.Fa "krb5_context context" -.Fa "krb5_config_section *s" -.Fc -.Ft void -.Fo krb5_config_free_strings -.Fa "char **strings" -.Fc -.Ft "const void *" -.Fo krb5_config_get -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "int type" -.Fa "..." -.Fc -.Ft krb5_boolean -.Fo krb5_config_get_bool -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "..." -.Fc -.Ft krb5_boolean -.Fo krb5_config_get_bool_default -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "krb5_boolean def_value" -.Fa "..." -.Fc -.Ft int -.Fo krb5_config_get_int -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "..." -.Fc -.Ft int -.Fo krb5_config_get_int_default -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "int def_value" -.Fa "..." -.Fc -.Ft const char* -.Fo krb5_config_get_string -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "..." -.Fc -.Ft const char* -.Fo krb5_config_get_string_default -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "const char *def_value" -.Fa "..." -.Fc -.Ft "char**" -.Fo krb5_config_get_strings -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "..." -.Fc -.Ft int -.Fo krb5_config_get_time -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "..." -.Fc -.Ft int -.Fo krb5_config_get_time_default -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "int def_value" -.Fa "..." -.Fc -.Ft krb5_error_code -.Fo krb5_config_parse_file -.Fa "krb5_context context" -.Fa "const char *fname" -.Fa "krb5_config_section **res" -.Fc -.Ft krb5_error_code -.Fo krb5_config_parse_file_multi -.Fa "krb5_context context" -.Fa "const char *fname" -.Fa "krb5_config_section **res" -.Fc -.Ft "const void *" -.Fo krb5_config_vget -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "int type" -.Fa "va_list args" -.Fc -.Ft krb5_boolean -.Fo krb5_config_vget_bool -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "va_list args" -.Fc -.Ft krb5_boolean -.Fo krb5_config_vget_bool_default -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "krb5_boolean def_value" -.Fa "va_list args" -.Fc -.Ft int -.Fo krb5_config_vget_int -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "va_list args" -.Fc -.Ft int -.Fo krb5_config_vget_int_default -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "int def_value" -.Fa "va_list args" -.Fc -.Ft "const krb5_config_binding *" -.Fo krb5_config_vget_list -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "va_list args" -.Fc -.Ft "const void *" -.Fo krb5_config_vget_next -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "const krb5_config_binding **pointer" -.Fa "int type" -.Fa "va_list args" -.Fc -.Ft "const char *" -.Fo krb5_config_vget_string -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "va_list args" -.Fc -.Ft "const char *" -.Fo krb5_config_vget_string_default -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "const char *def_value" -.Fa "va_list args" -.Fc -.Ft char ** -.Fo krb5_config_vget_strings -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "va_list args" -.Fc -.Ft int -.Fo krb5_config_vget_time -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "va_list args" -.Fc -.Ft int -.Fo krb5_config_vget_time_default -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "int def_value" -.Fa "va_list args" -.Fc -.Sh DESCRIPTION -These functions get values from the -.Xr krb5.conf 5 -configuration file, or another configuration database specified by the -.Fa c -parameter. -.Pp -The variable arguments should be a list of strings naming each -subsection to look for. For example: -.Bd -literal -offset indent -krb5_config_get_bool_default(context, NULL, FALSE, - "libdefaults", "log_utc", NULL); -.Ed -.Pp -gets the boolean value for the -.Dv log_utc -option, defaulting to -.Dv FALSE . -.Pp -.Fn krb5_config_get_bool_default -will convert the option value to a boolean value, where -.Sq yes , -.Sq true , -and any non-zero number means -.Dv TRUE , -and any other value -.Dv FALSE . -.Pp -.Fn krb5_config_get_int_default -will convert the value to an integer. -.Pp -.Fn krb5_config_get_time_default -will convert the value to a period of time (not a time stamp) in -seconds, so the string -.Sq 2 weeks -will be converted to -1209600 (2 * 7 * 24 * 60 * 60). -.Pp -.Fn krb5_config_get_string -returns a -.Ft "const char *" -to a string in the configuration database. The string not be valid -after reload of the configuration database -.\" or a call to .Fn krb5_config_set_string , -so a caller should make a local copy if its need to keep the database. -.Pp -.Fn krb5_config_free_strings -free -.Fa strings -as returned by -.Fn krb5_config_get_strings -and -.Fn krb5_config_vget_strings . -If the argument -.Fa strings -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn krb5_config_file_free -free the result of -.Fn krb5_config_parse_file -and -.Fn krb5_config_parse_file_multi . -.Sh SEE ALSO -.Xr krb5_appdefault 3 , -.Xr krb5_init_context 3 , -.Xr krb5.conf 5 -.Sh BUGS -For the default functions, other than for the string case, there's no -way to tell whether there was a value specified or not. diff --git a/lib/krb5/krb5_create_checksum.3 b/lib/krb5/krb5_create_checksum.3 index 43d5b4e5d32c..06d806e1441e 100644 --- a/lib/krb5/krb5_create_checksum.3 +++ b/lib/krb5/krb5_create_checksum.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 1999-2005 Kungliga Tekniska Högskolan +.\" Copyright (c) 1999-2005 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_create_checksum.3 15921 2005-08-12 09:01:22Z lha $ +.\" $Id$ .\" .Dd August 12, 2005 .Dt NAME 3 @@ -217,7 +217,7 @@ and keyblock Note that keyusage is not always used in checksums. .Pp .Nm krb5_checksum_disable -globally disables the checksum type. +globally disables the checksum type. .\" .Sh EXAMPLE .\" .Sh BUGS .Sh SEE ALSO diff --git a/lib/krb5/krb5_create_checksum.cat3 b/lib/krb5/krb5_create_checksum.cat3 new file mode 100644 index 000000000000..e2050b141a4d --- /dev/null +++ b/lib/krb5/krb5_create_checksum.cat3 @@ -0,0 +1,113 @@ + +NAME(3) BSD Library Functions Manual NAME(3) + +NNAAMMEE + kkrrbb55__cchheecckkssuumm, kkrrbb55__cchheecckkssuumm__ddiissaabbllee, kkrrbb55__cchheecckkssuumm__iiss__ccoolllliissiioonn__pprrooooff, + kkrrbb55__cchheecckkssuumm__iiss__kkeeyyeedd, kkrrbb55__cchheecckkssuummssiizzee, kkrrbb55__cckkssuummttyyppee__vvaalliidd, + kkrrbb55__ccooppyy__cchheecckkssuumm, kkrrbb55__ccrreeaattee__cchheecckkssuumm, kkrrbb55__ccrryyppttoo__ggeett__cchheecckkssuumm__ttyyppee + kkrrbb55__ffrreeee__cchheecckkssuumm, kkrrbb55__ffrreeee__cchheecckkssuumm__ccoonntteennttss, kkrrbb55__hhmmaacc, + kkrrbb55__vveerriiffyy__cchheecckkssuumm -- creates, handles and verifies checksums + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + typedef Checksum krb5_checksum; + + _v_o_i_d + kkrrbb55__cchheecckkssuumm__ddiissaabbllee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_k_s_u_m_t_y_p_e _t_y_p_e); + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__cchheecckkssuumm__iiss__ccoolllliissiioonn__pprrooooff(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___c_k_s_u_m_t_y_p_e _t_y_p_e); + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__cchheecckkssuumm__iiss__kkeeyyeedd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_k_s_u_m_t_y_p_e _t_y_p_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cckkssuummttyyppee__vvaalliidd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_k_s_u_m_t_y_p_e _c_t_y_p_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cchheecckkssuummssiizzee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_k_s_u_m_t_y_p_e _t_y_p_e, + _s_i_z_e___t _*_s_i_z_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ccrreeaattee__cchheecckkssuumm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, + _k_r_b_5___k_e_y___u_s_a_g_e _u_s_a_g_e, _i_n_t _t_y_p_e, _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n, + _C_h_e_c_k_s_u_m _*_r_e_s_u_l_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__vveerriiffyy__cchheecckkssuumm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, + _k_r_b_5___k_e_y___u_s_a_g_e _u_s_a_g_e, _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n, _C_h_e_c_k_s_u_m _*_c_k_s_u_m); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ccrryyppttoo__ggeett__cchheecckkssuumm__ttyyppee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, + _k_r_b_5___c_k_s_u_m_t_y_p_e _*_t_y_p_e); + + _v_o_i_d + kkrrbb55__ffrreeee__cchheecckkssuumm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_h_e_c_k_s_u_m _*_c_k_s_u_m); + + _v_o_i_d + kkrrbb55__ffrreeee__cchheecckkssuumm__ccoonntteennttss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_h_e_c_k_s_u_m _*_c_k_s_u_m); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__hhmmaacc(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_k_s_u_m_t_y_p_e _c_k_t_y_p_e, _c_o_n_s_t _v_o_i_d _*_d_a_t_a, + _s_i_z_e___t _l_e_n, _u_n_s_i_g_n_e_d _u_s_a_g_e, _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y, _C_h_e_c_k_s_u_m _*_r_e_s_u_l_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ccooppyy__cchheecckkssuumm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___c_h_e_c_k_s_u_m _*_o_l_d, + _k_r_b_5___c_h_e_c_k_s_u_m _*_*_n_e_w); + +DDEESSCCRRIIPPTTIIOONN + The krb5_checksum structure holds a Kerberos checksum. There is no com- + ponent inside krb5_checksum that is directly referable. + + The functions are used to create and verify checksums. + kkrrbb55__ccrreeaattee__cchheecckkssuumm() creates a checksum of the specified data, and puts + it in _r_e_s_u_l_t. If _c_r_y_p_t_o is NULL, _u_s_a_g_e___o_r___t_y_p_e specifies the checksum + type to use; it must not be keyed. Otherwise _c_r_y_p_t_o is an encryption con- + text created by kkrrbb55__ccrryyppttoo__iinniitt(), and _u_s_a_g_e___o_r___t_y_p_e specifies a key- + usage. + + kkrrbb55__vveerriiffyy__cchheecckkssuumm() verifies the _c_h_e_c_k_s_u_m against the provided data. + + kkrrbb55__cchheecckkssuumm__iiss__ccoolllliissiioonn__pprrooooff() returns true is the specified checksum + is collision proof (that it's very unlikely that two strings has the same + hash value, and that it's hard to find two strings that has the same + hash). Examples of collision proof checksums are MD5, and SHA1, while + CRC32 is not. + + kkrrbb55__cchheecckkssuumm__iiss__kkeeyyeedd() returns true if the specified checksum type is + keyed (that the hash value is a function of both the data, and a separate + key). Examples of keyed hash algorithms are HMAC-SHA1-DES3, and RSA- + MD5-DES. The ``plain'' hash functions MD5, and SHA1 are not keyed. + + kkrrbb55__ccrryyppttoo__ggeett__cchheecckkssuumm__ttyyppee() returns the checksum type that will be + used when creating a checksum for the given _c_r_y_p_t_o context. This func- + tion is useful in combination with kkrrbb55__cchheecckkssuummssiizzee() when you want to + know the size a checksum will use when you create it. + + kkrrbb55__cckkssuummttyyppee__vvaalliidd() returns 0 or an error if the checksumtype is + implemented and not currently disabled in this kerberos library. + + kkrrbb55__cchheecckkssuummssiizzee() returns the size of the outdata of checksum function. + + kkrrbb55__ccooppyy__cchheecckkssuumm() returns a copy of the checksum kkrrbb55__ffrreeee__cchheecckkssuumm() + should use used to free the _n_e_w checksum. + + kkrrbb55__ffrreeee__cchheecckkssuumm() free the checksum and the content of the checksum. + + kkrrbb55__ffrreeee__cchheecckkssuumm__ccoonntteennttss() frees the content of checksum in _c_k_s_u_m. + + kkrrbb55__hhmmaacc() calculates the HMAC over _d_a_t_a (with length _l_e_n) using the + keyusage _u_s_a_g_e and keyblock _k_e_y. Note that keyusage is not always used + in checksums. + + kkrrbb55__cchheecckkssuumm__ddiissaabbllee globally disables the checksum type. + +SSEEEE AALLSSOO + krb5_crypto_init(3), krb5_c_encrypt(3), krb5_encrypt(3) + +HEIMDAL August 12, 2005 HEIMDAL diff --git a/lib/krb5/krb5_creds.3 b/lib/krb5/krb5_creds.3 index 9eb9a2be9492..b22550e6c956 100644 --- a/lib/krb5/krb5_creds.3 +++ b/lib/krb5/krb5_creds.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004, 2006 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004, 2006 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_creds.3 17383 2006-05-01 07:13:03Z lha $ +.\" $Id$ .\" .Dd May 1, 2006 .Dt KRB5_CREDS 3 @@ -104,7 +104,7 @@ should be freed by the called with .Fn krb5_free_creds_contents . .Pp .Fn krb5_free_creds -frees the content of the +frees the content of the .Fa cred structure and the structure itself. .Pp diff --git a/lib/krb5/krb5_creds.cat3 b/lib/krb5/krb5_creds.cat3 new file mode 100644 index 000000000000..f7b07dd54d20 --- /dev/null +++ b/lib/krb5/krb5_creds.cat3 @@ -0,0 +1,58 @@ + +KRB5_CREDS(3) BSD Library Functions Manual KRB5_CREDS(3) + +NNAAMMEE + kkrrbb55__ccrreeddss, kkrrbb55__ccooppyy__ccrreeddss, kkrrbb55__ccooppyy__ccrreeddss__ccoonntteennttss, kkrrbb55__ffrreeee__ccrreeddss, + kkrrbb55__ffrreeee__ccrreedd__ccoonntteennttss -- Kerberos 5 credential handling functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ccooppyy__ccrreeddss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___c_r_e_d_s _*_i_n_c_r_e_d, + _k_r_b_5___c_r_e_d_s _*_*_o_u_t_c_r_e_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ccooppyy__ccrreeddss__ccoonntteennttss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___c_r_e_d_s _*_i_n_c_r_e_d, + _k_r_b_5___c_r_e_d_s _*_o_u_t_c_r_e_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ffrreeee__ccrreeddss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_e_d_s _*_o_u_t_c_r_e_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ffrreeee__ccrreedd__ccoonntteennttss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_e_d_s _*_c_r_e_d); + +DDEESSCCRRIIPPTTIIOONN + _k_r_b_5___c_r_e_d_s holds Kerberos credentials: + + typedef struct krb5_creds { + krb5_principal client; + krb5_principal server; + krb5_keyblock session; + krb5_times times; + krb5_data ticket; + krb5_data second_ticket; + krb5_authdata authdata; + krb5_addresses addresses; + krb5_ticket_flags flags; + } krb5_creds; + + kkrrbb55__ccooppyy__ccrreeddss() makes a copy of _i_n_c_r_e_d to _o_u_t_c_r_e_d. _o_u_t_c_r_e_d should be + freed with kkrrbb55__ffrreeee__ccrreeddss() by the caller. + + kkrrbb55__ccooppyy__ccrreeddss__ccoonntteennttss() makes a copy of the content of _i_n_c_r_e_d to + _o_u_t_c_r_e_d_s. _o_u_t_c_r_e_d_s should be freed by the called with + kkrrbb55__ffrreeee__ccrreeddss__ccoonntteennttss(). + + kkrrbb55__ffrreeee__ccrreeddss() frees the content of the _c_r_e_d structure and the struc- + ture itself. + + kkrrbb55__ffrreeee__ccrreedd__ccoonntteennttss() frees the content of the _c_r_e_d structure. + +SSEEEE AALLSSOO + krb5(3), krb5_compare_creds(3), krb5_get_init_creds(3), kerberos(8) + +HEIMDAL May 1, 2006 HEIMDAL diff --git a/lib/krb5/krb5_data.3 b/lib/krb5/krb5_data.3 deleted file mode 100644 index 2ccff19251da..000000000000 --- a/lib/krb5/krb5_data.3 +++ /dev/null @@ -1,159 +0,0 @@ -.\" Copyright (c) 2003 - 2005, 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_data.3 20040 2007-01-23 20:35:12Z lha $ -.\" -.Dd Jan 23, 2007 -.Dt KRB5_DATA 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_data , -.Nm krb5_data_zero , -.Nm krb5_data_free , -.Nm krb5_free_data_contents , -.Nm krb5_free_data , -.Nm krb5_data_alloc , -.Nm krb5_data_realloc , -.Nm krb5_data_copy , -.Nm krb5_copy_data , -.Nm krb5_data_cmp -.Nd operates on the Kerberos datatype krb5_data -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li "struct krb5_data;" -.Ft void -.Fn krb5_data_zero "krb5_data *p" -.Ft void -.Fn krb5_data_free "krb5_data *p" -.Ft void -.Fn krb5_free_data_contents "krb5_context context" "krb5_data *p" -.Ft void -.Fn krb5_free_data "krb5_context context" "krb5_data *p" -.Ft krb5_error_code -.Fn krb5_data_alloc "krb5_data *p" "int len" -.Ft krb5_error_code -.Fn krb5_data_realloc "krb5_data *p" "int len" -.Ft krb5_error_code -.Fn krb5_data_copy "krb5_data *p" "const void *data" "size_t len" -.Ft krb5_error_code -.Fn krb5_copy_data "krb5_context context" "const krb5_data *indata" "krb5_data **outdata" -.Ft krb5_error_code -.Fn krb5_data_cmp "const krb5_data *data1" "const krb5_data *data2" -.Sh DESCRIPTION -The -.Li krb5_data -structure holds a data element. -The structure contains two public accessible elements -.Fa length -(the length of data) -and -.Fa data -(the data itself). -The structure must always be initiated and freed by the functions -documented in this manual. -.Pp -.Fn krb5_data_zero -resets the content of -.Fa p . -.Pp -.Fn krb5_data_free -free the data in -.Fa p -and reset the content of the structure with -.Fn krb5_data_zero . -.Pp -.Fn krb5_free_data_contents -works the same way as -.Fa krb5_data_free . -The diffrence is that krb5_free_data_contents is more portable (exists -in MIT api). -.Pp -.Fn krb5_free_data -frees the data in -.Fa p -and -.Fa p -itself. -.Pp -.Fn krb5_data_alloc -allocates -.Fa len -bytes in -.Fa p . -Returns 0 or an error. -.Pp -.Fn krb5_data_realloc -reallocates the length of -.Fa p -to the length in -.Fa len . -Returns 0 or an error. -.Pp -.Fn krb5_data_copy -copies the -.Fa data -that have the length -.Fa len -into -.Fa p . -.Fa p -is not freed so the calling function should make sure the -.Fa p -doesn't contain anything needs to be freed. -Returns 0 or an error. -.Pp -.Fn krb5_copy_data -copies the -.Li krb5_data -in -.Fa indata -to -.Fa outdata . -.Fa outdata -is not freed so the calling function should make sure the -.Fa outdata -doesn't contain anything needs to be freed. -.Fa outdata -should be freed using -.Fn krb5_free_data . -Returns 0 or an error. -.Pp -.Fn krb5_data_cmp -will compare two data object and check if they are the same in a -simular way as memcmp does it. The return value can be used for -sorting. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_storage 3 , -.Xr kerberos 8 diff --git a/lib/krb5/krb5_digest.3 b/lib/krb5/krb5_digest.3 index f9d7571b072d..a4ee75631a6b 100644 --- a/lib/krb5/krb5_digest.3 +++ b/lib/krb5/krb5_digest.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan +.\" Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_digest.3 20259 2007-02-17 23:49:54Z lha $ +.\" $Id$ .\" .Dd February 18, 2007 .Dt KRB5_DIGEST 3 diff --git a/lib/krb5/krb5_digest.cat3 b/lib/krb5/krb5_digest.cat3 new file mode 100644 index 000000000000..905d334ea67e --- /dev/null +++ b/lib/krb5/krb5_digest.cat3 @@ -0,0 +1,146 @@ + +KRB5_DIGEST(3) BSD Library Functions Manual KRB5_DIGEST(3) + +NNAAMMEE + kkrrbb55__ddiiggeesstt, kkrrbb55__ddiiggeesstt__aalllloocc, kkrrbb55__ddiiggeesstt__ffrreeee, + kkrrbb55__ddiiggeesstt__sseett__sseerrvveerr__ccbb, kkrrbb55__ddiiggeesstt__sseett__ttyyppee, + kkrrbb55__ddiiggeesstt__sseett__hhoossttnnaammee, kkrrbb55__ddiiggeesstt__ggeett__sseerrvveerr__nnoonnccee, + kkrrbb55__ddiiggeesstt__sseett__sseerrvveerr__nnoonnccee, kkrrbb55__ddiiggeesstt__ggeett__ooppaaqquuee, + kkrrbb55__ddiiggeesstt__sseett__ooppaaqquuee, kkrrbb55__ddiiggeesstt__ggeett__iiddeennttiiffiieerr, + kkrrbb55__ddiiggeesstt__sseett__iiddeennttiiffiieerr, kkrrbb55__ddiiggeesstt__iinniitt__rreeqquueesstt, + kkrrbb55__ddiiggeesstt__sseett__cclliieenntt__nnoonnccee, kkrrbb55__ddiiggeesstt__sseett__ddiiggeesstt, + kkrrbb55__ddiiggeesstt__sseett__uusseerrnnaammee, kkrrbb55__ddiiggeesstt__sseett__aauutthhiidd, + kkrrbb55__ddiiggeesstt__sseett__aauutthheennttiiccaattiioonn__uusseerr, kkrrbb55__ddiiggeesstt__sseett__rreeaallmm, + kkrrbb55__ddiiggeesstt__sseett__mmeetthhoodd, kkrrbb55__ddiiggeesstt__sseett__uurrii, kkrrbb55__ddiiggeesstt__sseett__nnoonncceeCCoouunntt, + kkrrbb55__ddiiggeesstt__sseett__qqoopp, kkrrbb55__ddiiggeesstt__rreeqquueesstt, kkrrbb55__ddiiggeesstt__ggeett__rreessppoonnsseeDDaattaa, + kkrrbb55__ddiiggeesstt__ggeett__rrsspp, kkrrbb55__ddiiggeesstt__ggeett__ttiicckkeettss, + kkrrbb55__ddiiggeesstt__ggeett__cclliieenntt__bbiinnddiinngg, kkrrbb55__ddiiggeesstt__ggeett__aa11__hhaasshh -- remote digest + (HTTP-DIGEST, SASL, CHAP) suppport + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + typedef struct krb5_digest *krb5_digest; + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__aalllloocc(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _*_d_i_g_e_s_t); + + _v_o_i_d + kkrrbb55__ddiiggeesstt__ffrreeee(_k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__ttyyppee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_t_y_p_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__sseerrvveerr__ccbb(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_t_y_p_e, _c_o_n_s_t _c_h_a_r _*_b_i_n_d_i_n_g); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__hhoossttnnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_h_o_s_t_n_a_m_e); + + _c_o_n_s_t _c_h_a_r _* + kkrrbb55__ddiiggeesstt__ggeett__sseerrvveerr__nnoonnccee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__sseerrvveerr__nnoonnccee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_n_o_n_c_e); + + _c_o_n_s_t _c_h_a_r _* + kkrrbb55__ddiiggeesstt__ggeett__ooppaaqquuee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__ooppaaqquuee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_o_p_a_q_u_e); + + _c_o_n_s_t _c_h_a_r _* + kkrrbb55__ddiiggeesstt__ggeett__iiddeennttiiffiieerr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__iiddeennttiiffiieerr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_i_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__iinniitt__rreeqquueesstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _k_r_b_5___r_e_a_l_m _r_e_a_l_m, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__cclliieenntt__nnoonnccee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_n_o_n_c_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__ddiiggeesstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_d_g_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__uusseerrnnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_u_s_e_r_n_a_m_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__aauutthhiidd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_a_u_t_h_i_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__aauutthheennttiiccaattiioonn__uusseerr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _a_u_t_h_e_n_t_i_c_a_t_i_o_n___u_s_e_r); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_r_e_a_l_m); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__mmeetthhoodd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_m_e_t_h_o_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__uurrii(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_u_r_i); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__nnoonncceeCCoouunntt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_n_o_n_c_e___c_o_u_n_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__sseett__qqoopp(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_o_n_s_t _c_h_a_r _*_q_o_p); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__rreeqquueesstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _k_r_b_5___r_e_a_l_m _r_e_a_l_m, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e); + + _c_o_n_s_t _c_h_a_r _* + kkrrbb55__ddiiggeesstt__ggeett__rreessppoonnsseeDDaattaa(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t); + + _c_o_n_s_t _c_h_a_r _* + kkrrbb55__ddiiggeesstt__ggeett__rrsspp(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__ggeett__ttiicckkeettss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _T_i_c_k_e_t _*_*_t_i_c_k_e_t_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__ggeett__cclliieenntt__bbiinnddiinngg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _c_h_a_r _*_*_t_y_p_e, _c_h_a_r _*_*_b_i_n_d_i_n_g); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddiiggeesstt__ggeett__aa11__hhaasshh(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_i_g_e_s_t _d_i_g_e_s_t, + _k_r_b_5___d_a_t_a _*_d_a_t_a); + +DDEESSCCRRIIPPTTIIOONN + The kkrrbb55__ddiiggeesstt__aalllloocc() function allocatates the _d_i_g_e_s_t structure. The + structure should be freed with kkrrbb55__ddiiggeesstt__ffrreeee() when it is no longer + being used. + + kkrrbb55__ddiiggeesstt__aalllloocc() returns 0 to indicate success. Otherwise an kerberos + code is returned and the pointer that _d_i_g_e_s_t points to is set to NULL. + + kkrrbb55__ddiiggeesstt__ffrreeee() free the structure _d_i_g_e_s_t. + +SSEEEE AALLSSOO + krb5(3), kerberos(8) + +HEIMDAL February 18, 2007 HEIMDAL diff --git a/lib/krb5/krb5_eai_to_heim_errno.3 b/lib/krb5/krb5_eai_to_heim_errno.3 index fcada92bc94b..0c83a33f8cd9 100644 --- a/lib/krb5/krb5_eai_to_heim_errno.3 +++ b/lib/krb5/krb5_eai_to_heim_errno.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_eai_to_heim_errno.3 14086 2004-08-03 11:13:46Z lha $ +.\" $Id$ .\" .Dd April 13, 2004 .Dt KRB5_EAI_TO_HEIM_ERRNO 3 diff --git a/lib/krb5/krb5_eai_to_heim_errno.cat3 b/lib/krb5/krb5_eai_to_heim_errno.cat3 new file mode 100644 index 000000000000..a71698b49fe6 --- /dev/null +++ b/lib/krb5/krb5_eai_to_heim_errno.cat3 @@ -0,0 +1,29 @@ + +KRB5_EAI_TO_HEIM_ERRN... BSD Library Functions Manual KRB5_EAI_TO_HEIM_ERRN... + +NNAAMMEE + kkrrbb55__eeaaii__ttoo__hheeiimm__eerrrrnnoo, kkrrbb55__hh__eerrrrnnoo__ttoo__hheeiimm__eerrrrnnoo -- convert resolver + error code to com_err error codes + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__eeaaii__ttoo__hheeiimm__eerrrrnnoo(_i_n_t _e_a_i___e_r_r_n_o, _i_n_t _s_y_s_t_e_m___e_r_r_o_r); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__hh__eerrrrnnoo__ttoo__hheeiimm__eerrrrnnoo(_i_n_t _e_a_i___e_r_r_n_o); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__eeaaii__ttoo__hheeiimm__eerrrrnnoo() and kkrrbb55__hh__eerrrrnnoo__ttoo__hheeiimm__eerrrrnnoo() convert + getaddrinfo(3), getnameinfo(3), and h_errno(3) to com_err error code that + are used by Heimdal, this is useful for for function returning kerberos + errors and needs to communicate failures from resolver function. + +SSEEEE AALLSSOO + krb5(3), kerberos(8) + +HEIMDAL April 13, 2004 HEIMDAL diff --git a/lib/krb5/krb5_encrypt.3 b/lib/krb5/krb5_encrypt.3 index 76cb4c700c1c..2b1f58708c81 100644 --- a/lib/krb5/krb5_encrypt.3 +++ b/lib/krb5/krb5_encrypt.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 1999 - 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 1999 - 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_encrypt.3 22071 2007-11-14 20:04:50Z lha $ +.\" $Id$ .\" .Dd March 20, 2004 .Dt KRB5_ENCRYPT 3 @@ -141,7 +141,7 @@ Kerberos 5 Library (libkrb5, -lkrb5) .Ft krb5_error_code .Fo krb5_crypto_getconfoundersize .Fa "krb5_context context" -.Fa "krb5_crypto crypto +.Fa "krb5_crypto crypto" .Fa size_t *confoundersize" .Fc .Ft krb5_error_code @@ -199,7 +199,7 @@ should be the appropriate key-usage. .Fa ivec is a pointer to a initial IV, it is modified to the end IV at the end of the round. -Ivec should be the size of +Ivec should be the size of If .Dv NULL is passed in, the default IV is used. @@ -229,7 +229,7 @@ and works similarly. .Pp .Fn krb5_decrypt_ticket -decrypts the encrypted part of +decrypts the encrypted part of .Fa ticket with .Fa key . diff --git a/lib/krb5/krb5_encrypt.cat3 b/lib/krb5/krb5_encrypt.cat3 new file mode 100644 index 000000000000..052af50d99ad --- /dev/null +++ b/lib/krb5/krb5_encrypt.cat3 @@ -0,0 +1,138 @@ + +KRB5_ENCRYPT(3) BSD Library Functions Manual KRB5_ENCRYPT(3) + +NNAAMMEE + kkrrbb55__ccrryyppttoo__ggeettbblloocckkssiizzee, kkrrbb55__ccrryyppttoo__ggeettccoonnffoouunnddeerrssiizzee + kkrrbb55__ccrryyppttoo__ggeetteennccttyyppee, kkrrbb55__ccrryyppttoo__ggeettppaaddssiizzee, kkrrbb55__ccrryyppttoo__oovveerrhheeaadd, + kkrrbb55__ddeeccrryypptt, kkrrbb55__ddeeccrryypptt__EEnnccrryypptteeddDDaattaa, kkrrbb55__ddeeccrryypptt__iivveecc, + kkrrbb55__ddeeccrryypptt__ttiicckkeett, kkrrbb55__eennccrryypptt, kkrrbb55__eennccrryypptt__EEnnccrryypptteeddDDaattaa, + kkrrbb55__eennccrryypptt__iivveecc, kkrrbb55__eennccttyyppee__ddiissaabbllee, kkrrbb55__eennccttyyppee__kkeeyyssiizzee, + kkrrbb55__eennccttyyppee__ttoo__ssttrriinngg, kkrrbb55__eennccttyyppee__vvaalliidd, kkrrbb55__ggeett__wwrraappppeedd__lleennggtthh, + kkrrbb55__ssttrriinngg__ttoo__eennccttyyppee -- encrypt and decrypt data, set and get encryp- + tion type parameters + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__eennccrryypptt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, _u_n_s_i_g_n_e_d _u_s_a_g_e, + _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__eennccrryypptt__EEnnccrryypptteeddDDaattaa(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, + _u_n_s_i_g_n_e_d _u_s_a_g_e, _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n, _i_n_t _k_v_n_o, + _E_n_c_r_y_p_t_e_d_D_a_t_a _*_r_e_s_u_l_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__eennccrryypptt__iivveecc(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, + _u_n_s_i_g_n_e_d _u_s_a_g_e, _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t, + _v_o_i_d _*_i_v_e_c); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddeeccrryypptt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, _u_n_s_i_g_n_e_d _u_s_a_g_e, + _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddeeccrryypptt__EEnnccrryypptteeddDDaattaa(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, + _u_n_s_i_g_n_e_d _u_s_a_g_e, _E_n_c_r_y_p_t_e_d_D_a_t_a _*_e, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddeeccrryypptt__iivveecc(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, + _u_n_s_i_g_n_e_d _u_s_a_g_e, _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t, + _v_o_i_d _*_i_v_e_c); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ddeeccrryypptt__ttiicckkeett(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _T_i_c_k_e_t _*_t_i_c_k_e_t, + _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y, _E_n_c_T_i_c_k_e_t_P_a_r_t _*_o_u_t, _k_r_b_5___f_l_a_g_s _f_l_a_g_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ccrryyppttoo__ggeettbblloocckkssiizzee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _s_i_z_e___t _*_b_l_o_c_k_s_i_z_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ccrryyppttoo__ggeetteennccttyyppee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, + _k_r_b_5___e_n_c_t_y_p_e _*_e_n_c_t_y_p_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ccrryyppttoo__ggeettppaaddssiizzee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _s_i_z_e___t, _*_p_a_d_s_i_z_e_"); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ccrryyppttoo__ggeettccoonnffoouunnddeerrssiizzee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, + _s_i_z_e___t, _*_c_o_n_f_o_u_n_d_e_r_s_i_z_e_"); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__eennccttyyppee__kkeeyyssiizzee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _t_y_p_e, + _s_i_z_e___t _*_k_e_y_s_i_z_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ccrryyppttoo__oovveerrhheeaadd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _s_i_z_e___t, _*_p_a_d_s_i_z_e_"); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ssttrriinngg__ttoo__eennccttyyppee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_s_t_r_i_n_g, + _k_r_b_5___e_n_c_t_y_p_e _*_e_t_y_p_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__eennccttyyppee__ttoo__ssttrriinngg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_t_y_p_e, + _c_h_a_r _*_*_s_t_r_i_n_g); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__eennccttyyppee__vvaalliidd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_t_y_p_e); + + _v_o_i_d + kkrrbb55__eennccttyyppee__ddiissaabbllee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_t_y_p_e); + + _s_i_z_e___t + kkrrbb55__ggeett__wwrraappppeedd__lleennggtthh(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, + _s_i_z_e___t _d_a_t_a___l_e_n); + +DDEESSCCRRIIPPTTIIOONN + These functions are used to encrypt and decrypt data. + + kkrrbb55__eennccrryypptt__iivveecc() puts the encrypted version of _d_a_t_a (of size _l_e_n) in + _r_e_s_u_l_t. If the encryption type supports using derived keys, _u_s_a_g_e should + be the appropriate key-usage. _i_v_e_c is a pointer to a initial IV, it is + modified to the end IV at the end of the round. Ivec should be the size + of If NULL is passed in, the default IV is used. kkrrbb55__eennccrryypptt() does the + same as kkrrbb55__eennccrryypptt__iivveecc() but with _i_v_e_c being NULL. + kkrrbb55__eennccrryypptt__EEnnccrryypptteeddDDaattaa() does the same as kkrrbb55__eennccrryypptt(), but it puts + the encrypted data in a _E_n_c_r_y_p_t_e_d_D_a_t_a structure instead. If _k_v_n_o is not + zero, it will be put in the (optional) _k_v_n_o field in the _E_n_c_r_y_p_t_e_d_D_a_t_a. + + kkrrbb55__ddeeccrryypptt__iivveecc(), kkrrbb55__ddeeccrryypptt(), and kkrrbb55__ddeeccrryypptt__EEnnccrryypptteeddDDaattaa() + works similarly. + + kkrrbb55__ddeeccrryypptt__ttiicckkeett() decrypts the encrypted part of _t_i_c_k_e_t with _k_e_y. + kkrrbb55__ddeeccrryypptt__ttiicckkeett() also verifies the timestamp in the ticket, invalid + flag and if the KDC haven't verified the transited path, the transit + path. + + kkrrbb55__eennccttyyppee__kkeeyyssiizzee(), kkrrbb55__ccrryyppttoo__ggeettccoonnffoouunnddeerrssiizzee(), + kkrrbb55__ccrryyppttoo__ggeettbblloocckkssiizzee(), kkrrbb55__ccrryyppttoo__ggeetteennccttyyppee(), + kkrrbb55__ccrryyppttoo__ggeettppaaddssiizzee(), kkrrbb55__ccrryyppttoo__oovveerrhheeaadd() all returns various + (sometimes) useful information from a crypto context. + kkrrbb55__ccrryyppttoo__oovveerrhheeaadd() is the combination of krb5_crypto_getconfounder- + size, krb5_crypto_getblocksize and krb5_crypto_getpadsize and return the + maximum overhead size. + + kkrrbb55__eennccttyyppee__ttoo__ssttrriinngg() converts a encryption type number to a string + that can be printable and stored. The strings returned should be freed + with free(3). + + kkrrbb55__ssttrriinngg__ttoo__eennccttyyppee() converts a encryption type strings to a encryp- + tion type number that can use used for other Kerberos crypto functions. + + kkrrbb55__eennccttyyppee__vvaalliidd() returns 0 if the encrypt is supported and not dis- + abled, otherwise and error code is returned. + + kkrrbb55__eennccttyyppee__ddiissaabbllee() (globally, for all contextes) disables the + _e_n_c_t_y_p_e. + + kkrrbb55__ggeett__wwrraappppeedd__lleennggtthh() returns the size of an encrypted packet by + _c_r_y_p_t_o of length _d_a_t_a___l_e_n. + +SSEEEE AALLSSOO + krb5_create_checksum(3), krb5_crypto_init(3) + +HEIMDAL March 20, 2004 HEIMDAL diff --git a/lib/krb5/krb5_err.et b/lib/krb5/krb5_err.et index 6714401e4503..098e04b95928 100644 --- a/lib/krb5/krb5_err.et +++ b/lib/krb5/krb5_err.et @@ -3,7 +3,7 @@ # # This might look like a com_err file, but is not # -id "$Id: krb5_err.et 21050 2007-06-12 02:00:40Z lha $" +id "$Id$" error_table krb5 @@ -106,11 +106,17 @@ error_code PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED, "Public key encryption not suppo #error_code ERR_KDC_NOT_FOUND, "IAKERB proxy could not find a KDC" #error_code ERR_KDC_NO_RESPONSE, "IAKERB proxy never reeived a response from a KDC" -# 82-127 are reserved +# 82-93 are reserved + +index 94 +error_code INVALID_HASH_ALG, "Invalid OTP digest algorithm" +error_code INVALID_ITERATION_COUNT, "Invalid OTP iteration count" + +# 97-127 are reserved index 128 prefix -error_code KRB5_ERR_RCSID, "$Id: krb5_err.et 21050 2007-06-12 02:00:40Z lha $" +error_code KRB5_ERR_RCSID, "$Id$" error_code KRB5_LIBOS_BADLOCKFLAG, "Invalid flag for file lock mode" error_code KRB5_LIBOS_CANTREADPWD, "Cannot read password" @@ -262,5 +268,7 @@ error_code KRB5_ERR_BAD_S2K_PARAMS, "Invalid key generation parameters from KDC" error_code KRB5_ERR_NO_SERVICE, "Service not available" error_code KRB5_CC_NOSUPP, "Credential cache function not supported" error_code KRB5_DELTAT_BADFORMAT, "Invalid format of Kerberos lifetime or clock skew string" +error_code KRB5_PLUGIN_NO_HANDLE, "Supplied data not handled by this plugin" +error_code KRB5_PLUGIN_OP_NOTSUPP, "Plugin does not support the operaton" end diff --git a/lib/krb5/krb5_find_padata.3 b/lib/krb5/krb5_find_padata.3 index b72678493152..377a2cb0efbf 100644 --- a/lib/krb5/krb5_find_padata.3 +++ b/lib/krb5/krb5_find_padata.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_find_padata.3 13595 2004-03-21 13:17:41Z lha $ +.\" $Id$ .\" .Dd March 21, 2004 .Dt KRB5_FIND_PADATA 3 diff --git a/lib/krb5/krb5_find_padata.cat3 b/lib/krb5/krb5_find_padata.cat3 new file mode 100644 index 000000000000..9d8c8393fb61 --- /dev/null +++ b/lib/krb5/krb5_find_padata.cat3 @@ -0,0 +1,33 @@ + +KRB5_FIND_PADATA(3) BSD Library Functions Manual KRB5_FIND_PADATA(3) + +NNAAMMEE + kkrrbb55__ffiinndd__ppaaddaattaa, kkrrbb55__ppaaddaattaa__aadddd -- Kerberos 5 pre-authentication data + handling functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _P_A___D_A_T_A _* + kkrrbb55__ffiinndd__ppaaddaattaa(_P_A___D_A_T_A _*_v_a_l, _u_n_s_i_g_n_e_d _l_e_n, _i_n_t _t_y_p_e, _i_n_t _*_i_n_d_e_x); + + _i_n_t + kkrrbb55__ppaaddaattaa__aadddd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _M_E_T_H_O_D___D_A_T_A _*_m_d, _i_n_t _t_y_p_e, + _v_o_i_d _*_b_u_f, _s_i_z_e___t _l_e_n); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__ffiinndd__ppaaddaattaa() tries to find the pre-authentication data entry of + type _t_y_p_e in the array _v_a_l of length _l_e_n. The search is started at entry + pointed out by _*_i_n_d_e_x (zero based indexing). If the type isn't found, + NULL is returned. + + kkrrbb55__ppaaddaattaa__aadddd() adds a pre-authentication data entry of type _t_y_p_e + pointed out by _b_u_f and _l_e_n to _m_d. + +SSEEEE AALLSSOO + krb5(3), kerberos(8) + +HEIMDAL March 21, 2004 HEIMDAL diff --git a/lib/krb5/krb5_generate_random_block.3 b/lib/krb5/krb5_generate_random_block.3 index 4b46954fa90a..8fad9493f4b8 100644 --- a/lib/krb5/krb5_generate_random_block.3 +++ b/lib/krb5/krb5_generate_random_block.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_generate_random_block.3 17385 2006-05-01 08:48:55Z lha $ +.\" $Id$ .\" .Dd March 21, 2004 .Dt KRB5_GENERATE_RANDOM_BLOCK 3 diff --git a/lib/krb5/krb5_generate_random_block.cat3 b/lib/krb5/krb5_generate_random_block.cat3 new file mode 100644 index 000000000000..10c33b359dcc --- /dev/null +++ b/lib/krb5/krb5_generate_random_block.cat3 @@ -0,0 +1,23 @@ + +KRB5_GENERATE_RANDOM_... BSD Library Functions Manual KRB5_GENERATE_RANDOM_... + +NNAAMMEE + kkrrbb55__ggeenneerraattee__rraannddoomm__bblloocckk -- Kerberos 5 random functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _v_o_i_d + kkrrbb55__ggeenneerraattee__rraannddoomm__bblloocckk(_v_o_i_d _*_b_u_f, _s_i_z_e___t _l_e_n); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__ggeenneerraattee__rraannddoomm__bblloocckk() generates a cryptographically strong pseudo- + random block into the buffer _b_u_f of length _l_e_n. + +SSEEEE AALLSSOO + krb5(3), krb5.conf(5) + +HEIMDAL March 21, 2004 HEIMDAL diff --git a/lib/krb5/krb5_get_all_client_addrs.3 b/lib/krb5/krb5_get_all_client_addrs.3 index f6f4c85c97aa..56a5322399bb 100644 --- a/lib/krb5/krb5_get_all_client_addrs.3 +++ b/lib/krb5/krb5_get_all_client_addrs.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2001 Kungliga Tekniska Högskolan +.\" Copyright (c) 2001 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_get_all_client_addrs.3 12329 2003-05-26 14:09:04Z lha $ +.\" $Id$ .\" .Dd July 1, 2001 .Dt KRB5_GET_ADDRS 3 diff --git a/lib/krb5/krb5_get_all_client_addrs.cat3 b/lib/krb5/krb5_get_all_client_addrs.cat3 new file mode 100644 index 000000000000..ba33859fa4bb --- /dev/null +++ b/lib/krb5/krb5_get_all_client_addrs.cat3 @@ -0,0 +1,39 @@ + +KRB5_GET_ADDRS(3) BSD Library Functions Manual KRB5_GET_ADDRS(3) + +NNAAMMEE + kkrrbb55__ggeett__aallll__cclliieenntt__aaddddrrss, kkrrbb55__ggeett__aallll__sseerrvveerr__aaddddrrss -- return local + addresses + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__aallll__cclliieenntt__aaddddrrss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__aallll__sseerrvveerr__aaddddrrss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_s); + +DDEESSCCRRIIPPTTIIOONN + These functions return in _a_d_d_r_s a list of addresses associated with the + local host. + + The server variant returns all configured interface addresses (if possi- + ble), including loop-back addresses. This is useful if you want to create + sockets to listen to. + + The client version will also scan local interfaces (can be turned off by + setting libdefaults/scan_interfaces to false in _k_r_b_5_._c_o_n_f), but will not + include loop-back addresses, unless there are no other addresses found. + It will remove all addresses included in libdefaults/ignore_addresses but + will unconditionally include addresses in libdefaults/extra_addresses. + + The returned addresses should be freed by calling kkrrbb55__ffrreeee__aaddddrreesssseess(). + +SSEEEE AALLSSOO + krb5_free_addresses(3) + +HEIMDAL July 1, 2001 HEIMDAL diff --git a/lib/krb5/krb5_get_credentials.3 b/lib/krb5/krb5_get_credentials.3 index 32e0ffe1eef3..112f308277e3 100644 --- a/lib/krb5/krb5_get_credentials.3 +++ b/lib/krb5/krb5_get_credentials.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_get_credentials.3 22071 2007-11-14 20:04:50Z lha $ +.\" $Id$ .\" .Dd July 26, 2004 .Dt KRB5_GET_CREDENTIALS 3 @@ -37,8 +37,6 @@ .Sh NAME .Nm krb5_get_credentials , .Nm krb5_get_credentials_with_flags , -.Nm krb5_get_cred_from_kdc , -.Nm krb5_get_cred_from_kdc_opt , .Nm krb5_get_kdc_cred , .Nm krb5_get_renewed_creds .Nd get credentials from the KDC using krbtgt @@ -64,23 +62,6 @@ Kerberos 5 Library (libkrb5, -lkrb5) .Fa "krb5_creds **out_creds" .Fc .Ft krb5_error_code -.Fo krb5_get_cred_from_kdc -.Fa "krb5_context context" -.Fa "krb5_ccache ccache" -.Fa "krb5_creds *in_creds" -.Fa "krb5_creds **out_creds" -.Fa "krb5_creds ***ret_tgts" -.Fc -.Ft krb5_error_code -.Fo krb5_get_cred_from_kdc_opt -.Fa "krb5_context context" -.Fa "krb5_ccache ccache" -.Fa "krb5_creds *in_creds" -.Fa "krb5_creds **out_creds" -.Fa "krb5_creds ***ret_tgts" -.Fa "krb5_flags flags" -.Fc -.Ft krb5_error_code .Fo krb5_get_kdc_cred .Fa "krb5_context context" .Fa "krb5_ccache id" @@ -121,7 +102,7 @@ Valid flags to pass into .Fa options argument are: .Pp -.Bl -tag -width "KRB5_GC_USER_USER" -compact +.Bl -tag -width "KRB5_GC_EXPIRED_OK" -compact .It KRB5_GC_CACHED Only check the .Fa ccache , @@ -147,14 +128,6 @@ except that the .Fa flags field is missing. .Pp -.Fn krb5_get_cred_from_kdc -and -.Fn krb5_get_cred_from_kdc_opt -fetches the credential from the KDC very much like -.Fn krb5_get_credentials, but doesn't look in the -.Fa ccache -if the credential exists there first. -.Pp .Fn krb5_get_kdc_cred does the same as the functions above, but the caller must fill in all the information andits closer to the wire protocol. @@ -185,7 +158,7 @@ getcred(krb5_context context, krb5_ccache id, krb5_creds **creds) krb5_error_code ret; krb5_creds in; - ret = krb5_parse_name(context, "client@EXAMPLE.COM", + ret = krb5_parse_name(context, "client@EXAMPLE.COM", &in.client); if (ret) krb5_err(context, 1, ret, "krb5_parse_name"); diff --git a/lib/krb5/krb5_get_credentials.cat3 b/lib/krb5/krb5_get_credentials.cat3 new file mode 100644 index 000000000000..57ad184a7c06 --- /dev/null +++ b/lib/krb5/krb5_get_credentials.cat3 @@ -0,0 +1,97 @@ + +KRB5_GET_CREDENTIALS(3) BSD Library Functions Manual KRB5_GET_CREDENTIALS(3) + +NNAAMMEE + kkrrbb55__ggeett__ccrreeddeennttiiaallss, kkrrbb55__ggeett__ccrreeddeennttiiaallss__wwiitthh__ffllaaggss, kkrrbb55__ggeett__kkddcc__ccrreedd, + kkrrbb55__ggeett__rreenneewweedd__ccrreeddss -- get credentials from the KDC using krbtgt + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ccrreeddeennttiiaallss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___f_l_a_g_s _o_p_t_i_o_n_s, + _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, _k_r_b_5___c_r_e_d_s _*_i_n___c_r_e_d_s, _k_r_b_5___c_r_e_d_s _*_*_o_u_t___c_r_e_d_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ccrreeddeennttiiaallss__wwiitthh__ffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___f_l_a_g_s _o_p_t_i_o_n_s, + _k_r_b_5___k_d_c___f_l_a_g_s _f_l_a_g_s, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, _k_r_b_5___c_r_e_d_s _*_i_n___c_r_e_d_s, + _k_r_b_5___c_r_e_d_s _*_*_o_u_t___c_r_e_d_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__kkddcc__ccrreedd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d, + _k_r_b_5___k_d_c___f_l_a_g_s _f_l_a_g_s, _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_e_s_s_e_s, + _T_i_c_k_e_t _*_s_e_c_o_n_d___t_i_c_k_e_t, _k_r_b_5___c_r_e_d_s _*_i_n___c_r_e_d_s, _k_r_b_5___c_r_e_d_s _*_*_o_u_t___c_r_e_d_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__rreenneewweedd__ccrreeddss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _c_l_i_e_n_t, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, + _c_o_n_s_t _c_h_a_r _*_i_n___t_k_t___s_e_r_v_i_c_e); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__ggeett__ccrreeddeennttiiaallss__wwiitthh__ffllaaggss() get credentials specified by + _i_n___c_r_e_d_s_-_>_s_e_r_v_e_r and _i_n___c_r_e_d_s_-_>_c_l_i_e_n_t (the rest of the _i_n___c_r_e_d_s structure + is ignored) by first looking in the _c_c_a_c_h_e and if doesn't exists or is + expired, fetch the credential from the KDC using the krbtgt in _c_c_a_c_h_e. + The credential is returned in _o_u_t___c_r_e_d_s and should be freed using the + function kkrrbb55__ffrreeee__ccrreeddss(). + + Valid flags to pass into _o_p_t_i_o_n_s argument are: + + KRB5_GC_CACHED Only check the _c_c_a_c_h_e, don't got out on network to + fetch credential. + KRB5_GC_USER_USER Request a user to user ticket. This option doesn't + store the resulting user to user credential in the + _c_c_a_c_h_e. + KRB5_GC_EXPIRED_OK returns the credential even if it is expired, default + behavior is trying to refetch the credential from the + KDC. + + _F_l_a_g_s are KDCOptions, note the caller must fill in the bit-field and not + use the integer associated structure. + + kkrrbb55__ggeett__ccrreeddeennttiiaallss() works the same way as + kkrrbb55__ggeett__ccrreeddeennttiiaallss__wwiitthh__ffllaaggss() except that the _f_l_a_g_s field is missing. + + kkrrbb55__ggeett__kkddcc__ccrreedd() does the same as the functions above, but the caller + must fill in all the information andits closer to the wire protocol. + + kkrrbb55__ggeett__rreenneewweedd__ccrreeddss() renews a credential given by _i_n___t_k_t___s_e_r_v_i_c_e (if + NULL the default krbtgt) using the credential cache _c_c_a_c_h_e. The result + is stored in _c_r_e_d_s and should be freed using _k_r_b_5___f_r_e_e___c_r_e_d_s. + +EEXXAAMMPPLLEESS + Here is a example function that get a credential from a credential cache + _i_d or the KDC and returns it to the caller. + + #include + + int + getcred(krb5_context context, krb5_ccache id, krb5_creds **creds) + { + krb5_error_code ret; + krb5_creds in; + + ret = krb5_parse_name(context, "client@EXAMPLE.COM", + &in.client); + if (ret) + krb5_err(context, 1, ret, "krb5_parse_name"); + + ret = krb5_parse_name(context, "host/server.example.com@EXAMPLE.COM", + &in.server); + if (ret) + krb5_err(context, 1, ret, "krb5_parse_name"); + + ret = krb5_get_credentials(context, 0, id, &in, creds); + if (ret) + krb5_err(context, 1, ret, "krb5_get_credentials"); + + return 0; + } + +SSEEEE AALLSSOO + krb5(3), krb5_get_forwarded_creds(3), krb5.conf(5) + +HEIMDAL July 26, 2004 HEIMDAL diff --git a/lib/krb5/krb5_get_creds.3 b/lib/krb5/krb5_get_creds.3 index 189c93f408da..e0ab8a91db6f 100644 --- a/lib/krb5/krb5_get_creds.3 +++ b/lib/krb5/krb5_get_creds.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2006 Kungliga Tekniska Högskolan +.\" Copyright (c) 2006 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_get_creds.3 22071 2007-11-14 20:04:50Z lha $ +.\" $Id$ .\" .Dd June 15, 2006 .Dt KRB5_GET_CREDS 3 diff --git a/lib/krb5/krb5_get_creds.cat3 b/lib/krb5/krb5_get_creds.cat3 new file mode 100644 index 000000000000..9aef83e6fbb7 --- /dev/null +++ b/lib/krb5/krb5_get_creds.cat3 @@ -0,0 +1,92 @@ + +KRB5_GET_CREDS(3) BSD Library Functions Manual KRB5_GET_CREDS(3) + +NNAAMMEE + kkrrbb55__ggeett__ccrreeddss, kkrrbb55__ggeett__ccrreeddss__oopptt__aadddd__ooppttiioonnss, kkrrbb55__ggeett__ccrreeddss__oopptt__aalllloocc, + kkrrbb55__ggeett__ccrreeddss__oopptt__ffrreeee, kkrrbb55__ggeett__ccrreeddss__oopptt__sseett__eennccttyyppee, + kkrrbb55__ggeett__ccrreeddss__oopptt__sseett__iimmppeerrssoonnaattee, kkrrbb55__ggeett__ccrreeddss__oopptt__sseett__ooppttiioonnss, + kkrrbb55__ggeett__ccrreeddss__oopptt__sseett__ttiicckkeett -- get credentials from the KDC + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ccrreeddss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___g_e_t___c_r_e_d_s___o_p_t _o_p_t, + _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _i_n_p_r_i_n_c, + _k_r_b_5___c_r_e_d_s _*_*_o_u_t___c_r_e_d_s); + + _v_o_i_d + kkrrbb55__ggeett__ccrreeddss__oopptt__aadddd__ooppttiioonnss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___g_e_t___c_r_e_d_s___o_p_t _o_p_t, _k_r_b_5___f_l_a_g_s _o_p_t_i_o_n_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ccrreeddss__oopptt__aalllloocc(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___g_e_t___c_r_e_d_s___o_p_t _*_o_p_t); + + _v_o_i_d + kkrrbb55__ggeett__ccrreeddss__oopptt__ffrreeee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___g_e_t___c_r_e_d_s___o_p_t _o_p_t); + + _v_o_i_d + kkrrbb55__ggeett__ccrreeddss__oopptt__sseett__eennccttyyppee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___g_e_t___c_r_e_d_s___o_p_t _o_p_t, _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ccrreeddss__oopptt__sseett__iimmppeerrssoonnaattee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___g_e_t___c_r_e_d_s___o_p_t _o_p_t, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _s_e_l_f); + + _v_o_i_d + kkrrbb55__ggeett__ccrreeddss__oopptt__sseett__ooppttiioonnss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___g_e_t___c_r_e_d_s___o_p_t _o_p_t, _k_r_b_5___f_l_a_g_s _o_p_t_i_o_n_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ccrreeddss__oopptt__sseett__ttiicckkeett(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___g_e_t___c_r_e_d_s___o_p_t _o_p_t, _c_o_n_s_t _T_i_c_k_e_t _*_t_i_c_k_e_t); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__ggeett__ccrreeddss() fetches credentials specified by _o_p_t by first looking in + the _c_c_a_c_h_e, and then it doesn't exists, fetch the credential from the KDC + using the krbtgts in _c_c_a_c_h_e. The credential is returned in _o_u_t___c_r_e_d_s and + should be freed using the function kkrrbb55__ffrreeee__ccrreeddss(). + + The structure krb5_get_creds_opt controls the behavior of + kkrrbb55__ggeett__ccrreeddss(). The structure is opaque to consumers that can set the + content of the structure with accessors functions. All accessor functions + make copies of the data that is passed into accessor functions, so exter- + nal consumers free the memory before calling kkrrbb55__ggeett__ccrreeddss(). + + The structure krb5_get_creds_opt is allocated with + kkrrbb55__ggeett__ccrreeddss__oopptt__aalllloocc() and freed with kkrrbb55__ggeett__ccrreeddss__oopptt__ffrreeee(). The + free function also frees the content of the structure set by the accessor + functions. + + kkrrbb55__ggeett__ccrreeddss__oopptt__aadddd__ooppttiioonnss() and kkrrbb55__ggeett__ccrreeddss__oopptt__sseett__ooppttiioonnss() + adds and sets options to the structure . The possible options to set are + KRB5_GC_CACHED Only check the _c_c_a_c_h_e, don't got out on network to + fetch credential. + KRB5_GC_USER_USER request a user to user ticket. This options doesn't + store the resulting user to user credential in the + _c_c_a_c_h_e. + KRB5_GC_EXPIRED_OK + returns the credential even if it is expired, default + behavior is trying to refetch the credential from the + KDC. + KRB5_GC_NO_STORE Do not store the resulting credentials in the _c_c_a_c_h_e. + + kkrrbb55__ggeett__ccrreeddss__oopptt__sseett__eennccttyyppee() sets the preferred encryption type of + the application. Don't set this unless you have to since if there is no + match in the KDC, the function call will fail. + + kkrrbb55__ggeett__ccrreeddss__oopptt__sseett__iimmppeerrssoonnaattee() sets the principal to impersonate., + Returns a ticket that have the impersonation principal as a client and + the requestor as the service. Note that the requested principal have to + be the same as the client principal in the krbtgt. + + kkrrbb55__ggeett__ccrreeddss__oopptt__sseett__ttiicckkeett() sets the extra ticket used in user-to- + user or contrained delegation use case. + +SSEEEE AALLSSOO + krb5(3), krb5_get_credentials(3), krb5.conf(5) + +HEIMDAL June 15, 2006 HEIMDAL diff --git a/lib/krb5/krb5_get_forwarded_creds.3 b/lib/krb5/krb5_get_forwarded_creds.3 index bbe46ec44784..a6483177b2c9 100644 --- a/lib/krb5/krb5_get_forwarded_creds.3 +++ b/lib/krb5/krb5_get_forwarded_creds.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_get_forwarded_creds.3 14068 2004-07-26 13:34:33Z lha $ +.\" $Id$ .\" .Dd July 26, 2004 .Dt KRB5_GET_FORWARDED_CREDS 3 diff --git a/lib/krb5/krb5_get_forwarded_creds.cat3 b/lib/krb5/krb5_get_forwarded_creds.cat3 new file mode 100644 index 000000000000..659006d77042 --- /dev/null +++ b/lib/krb5/krb5_get_forwarded_creds.cat3 @@ -0,0 +1,33 @@ + +KRB5_GET_FORWARDED_CR... BSD Library Functions Manual KRB5_GET_FORWARDED_CR... + +NNAAMMEE + kkrrbb55__ggeett__ffoorrwwaarrddeedd__ccrreeddss, kkrrbb55__ffwwdd__ttggtt__ccrreeddss -- get forwarded credentials + from the KDC + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ffoorrwwaarrddeedd__ccrreeddss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, _k_r_b_5___f_l_a_g_s _f_l_a_g_s, + _c_o_n_s_t _c_h_a_r _*_h_o_s_t_n_a_m_e, _k_r_b_5___c_r_e_d_s _*_i_n___c_r_e_d_s, _k_r_b_5___d_a_t_a _*_o_u_t___d_a_t_a); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ffwwdd__ttggtt__ccrreeddss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, + _c_o_n_s_t _c_h_a_r _*_h_o_s_t_n_a_m_e, _k_r_b_5___p_r_i_n_c_i_p_a_l _c_l_i_e_n_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _s_e_r_v_e_r, + _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, _i_n_t _f_o_r_w_a_r_d_a_b_l_e, _k_r_b_5___d_a_t_a _*_o_u_t___d_a_t_a); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__ggeett__ffoorrwwaarrddeedd__ccrreeddss() and kkrrbb55__ffwwdd__ttggtt__ccrreeddss() get tickets forwarded + to _h_o_s_t_n_a_m_e_. If the tickets that are forwarded are address-less, the for- + warded tickets will also be address-less, otherwise _h_o_s_t_n_a_m_e will be used + for figure out the address to forward the ticket too. + +SSEEEE AALLSSOO + krb5(3), krb5_get_credentials(3), krb5.conf(5) + +HEIMDAL July 26, 2004 HEIMDAL diff --git a/lib/krb5/krb5_get_in_cred.3 b/lib/krb5/krb5_get_in_cred.3 index 290e3c5c694d..c415aeca35c0 100644 --- a/lib/krb5/krb5_get_in_cred.3 +++ b/lib/krb5/krb5_get_in_cred.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003 Kungliga Tekniska Högskolan +.\" Copyright (c) 2003 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_get_in_cred.3 17593 2006-05-29 14:55:18Z lha $ +.\" $Id$ .\" .Dd May 31, 2003 .Dt KRB5_GET_IN_TKT 3 @@ -169,7 +169,7 @@ but are more specialized. .Nm krb5_get_in_tkt_with_password uses the clients password to authenticate. If the password argument is -.DV NULL +.Dv NULL the user user queried with the default password query function. .Pp .Nm krb5_get_in_tkt_with_keytab diff --git a/lib/krb5/krb5_get_in_cred.cat3 b/lib/krb5/krb5_get_in_cred.cat3 new file mode 100644 index 000000000000..6506c18f46fe --- /dev/null +++ b/lib/krb5/krb5_get_in_cred.cat3 @@ -0,0 +1,132 @@ + +KRB5_GET_IN_TKT(3) BSD Library Functions Manual KRB5_GET_IN_TKT(3) + +NNAAMMEE + kkrrbb55__ggeett__iinn__ttkktt, kkrrbb55__ggeett__iinn__ccrreedd, kkrrbb55__ggeett__iinn__ttkktt__wwiitthh__ppaasssswwoorrdd, + kkrrbb55__ggeett__iinn__ttkktt__wwiitthh__kkeeyyttaabb, kkrrbb55__ggeett__iinn__ttkktt__wwiitthh__sskkeeyy, + kkrrbb55__ffrreeee__kkddcc__rreepp, kkrrbb55__ppaasssswwoorrdd__kkeeyy__pprroocc -- deprecated initial authenti- + cation functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinn__ttkktt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___f_l_a_g_s _o_p_t_i_o_n_s, + _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_s, _c_o_n_s_t _k_r_b_5___e_n_c_t_y_p_e _*_e_t_y_p_e_s, + _c_o_n_s_t _k_r_b_5___p_r_e_a_u_t_h_t_y_p_e _*_p_t_y_p_e_s, _k_r_b_5___k_e_y___p_r_o_c _k_e_y___p_r_o_c, + _k_r_b_5___c_o_n_s_t___p_o_i_n_t_e_r _k_e_y_s_e_e_d, _k_r_b_5___d_e_c_r_y_p_t___p_r_o_c _d_e_c_r_y_p_t___p_r_o_c, + _k_r_b_5___c_o_n_s_t___p_o_i_n_t_e_r _d_e_c_r_y_p_t_a_r_g, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, + _k_r_b_5___k_d_c___r_e_p _*_r_e_t___a_s___r_e_p_l_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinn__ccrreedd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___f_l_a_g_s _o_p_t_i_o_n_s, + _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_s, _c_o_n_s_t _k_r_b_5___e_n_c_t_y_p_e _*_e_t_y_p_e_s, + _c_o_n_s_t _k_r_b_5___p_r_e_a_u_t_h_t_y_p_e _*_p_t_y_p_e_s, _c_o_n_s_t _k_r_b_5___p_r_e_a_u_t_h_d_a_t_a _*_p_r_e_a_u_t_h, + _k_r_b_5___k_e_y___p_r_o_c _k_e_y___p_r_o_c, _k_r_b_5___c_o_n_s_t___p_o_i_n_t_e_r _k_e_y_s_e_e_d, + _k_r_b_5___d_e_c_r_y_p_t___p_r_o_c _d_e_c_r_y_p_t___p_r_o_c, _k_r_b_5___c_o_n_s_t___p_o_i_n_t_e_r _d_e_c_r_y_p_t_a_r_g, + _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s, _k_r_b_5___k_d_c___r_e_p _*_r_e_t___a_s___r_e_p_l_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinn__ttkktt__wwiitthh__ppaasssswwoorrdd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___f_l_a_g_s _o_p_t_i_o_n_s, + _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_s, _c_o_n_s_t _k_r_b_5___e_n_c_t_y_p_e _*_e_t_y_p_e_s, + _c_o_n_s_t _k_r_b_5___p_r_e_a_u_t_h_t_y_p_e _*_p_r_e___a_u_t_h___t_y_p_e_s, _c_o_n_s_t _c_h_a_r _*_p_a_s_s_w_o_r_d, + _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s, _k_r_b_5___k_d_c___r_e_p _*_r_e_t___a_s___r_e_p_l_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinn__ttkktt__wwiitthh__kkeeyyttaabb(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___f_l_a_g_s _o_p_t_i_o_n_s, + _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_s, _c_o_n_s_t _k_r_b_5___e_n_c_t_y_p_e _*_e_t_y_p_e_s, + _c_o_n_s_t _k_r_b_5___p_r_e_a_u_t_h_t_y_p_e _*_p_r_e___a_u_t_h___t_y_p_e_s, _k_r_b_5___k_e_y_t_a_b _k_e_y_t_a_b, + _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s, _k_r_b_5___k_d_c___r_e_p _*_r_e_t___a_s___r_e_p_l_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinn__ttkktt__wwiitthh__sskkeeyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___f_l_a_g_s _o_p_t_i_o_n_s, + _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_s, _c_o_n_s_t _k_r_b_5___e_n_c_t_y_p_e _*_e_t_y_p_e_s, + _c_o_n_s_t _k_r_b_5___p_r_e_a_u_t_h_t_y_p_e _*_p_r_e___a_u_t_h___t_y_p_e_s, _c_o_n_s_t _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y, + _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s, _k_r_b_5___k_d_c___r_e_p _*_r_e_t___a_s___r_e_p_l_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ffrreeee__kkddcc__rreepp(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_d_c___r_e_p _*_r_e_p); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ppaasssswwoorrdd__kkeeyy__pprroocc(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _t_y_p_e, + _k_r_b_5___s_a_l_t _s_a_l_t, _k_r_b_5___c_o_n_s_t___p_o_i_n_t_e_r _k_e_y_s_e_e_d, _k_r_b_5___k_e_y_b_l_o_c_k _*_*_k_e_y); + +DDEESSCCRRIIPPTTIIOONN + _A_l_l _t_h_e _f_u_n_c_t_i_o_n_s _i_n _t_h_i_s _m_a_n_u_a_l _p_a_g_e _a_r_e _d_e_p_r_e_c_a_t_e_d _i_n _t_h_e _M_I_T _i_m_p_l_e_m_e_n_- + _t_a_t_i_o_n_, _a_n_d _w_i_l_l _s_o_o_n _b_e _d_e_p_r_e_c_a_t_e_d _i_n _H_e_i_m_d_a_l _t_o_o_, _d_o_n_'_t _u_s_e _t_h_e_m_. + + Getting initial credential ticket for a principal. kkrrbb55__ggeett__iinn__ccrreedd is + the function all other krb5_get_in function uses to fetch tickets. The + other krb5_get_in function are more specialized and therefor somewhat + easier to use. + + If your need is only to verify a user and password, consider using + krb5_verify_user(3) instead, it have a much simpler interface. + + kkrrbb55__ggeett__iinn__ttkktt and kkrrbb55__ggeett__iinn__ccrreedd fetches initial credential, queries + after key using the _k_e_y___p_r_o_c argument. The differences between the two + function is that kkrrbb55__ggeett__iinn__ttkktt stores the credential in a krb5_creds + while kkrrbb55__ggeett__iinn__ccrreedd stores the credential in a krb5_ccache. + + kkrrbb55__ggeett__iinn__ttkktt__wwiitthh__ppaasssswwoorrdd, kkrrbb55__ggeett__iinn__ttkktt__wwiitthh__kkeeyyttaabb, and + kkrrbb55__ggeett__iinn__ttkktt__wwiitthh__sskkeeyy does the same work as kkrrbb55__ggeett__iinn__ccrreedd but are + more specialized. + + kkrrbb55__ggeett__iinn__ttkktt__wwiitthh__ppaasssswwoorrdd uses the clients password to authenticate. + If the password argument is NULL the user user queried with the default + password query function. + + kkrrbb55__ggeett__iinn__ttkktt__wwiitthh__kkeeyyttaabb searches the given keytab for a service entry + for the client principal. If the keytab is NULL the default keytab is + used. + + kkrrbb55__ggeett__iinn__ttkktt__wwiitthh__sskkeeyy uses a key to get the initial credential. + + There are some common arguments to the krb5_get_in functions, these are: + + _o_p_t_i_o_n_s are the KDC_OPT flags. + + _e_t_y_p_e_s is a NULL terminated array of encryption types that the client + approves. + + _a_d_d_r_s a list of the addresses that the initial ticket. If it is NULL the + list will be generated by the library. + + _p_r_e___a_u_t_h___t_y_p_e_s a NULL terminated array of pre-authentication types. If + _p_r_e___a_u_t_h___t_y_p_e_s is NULL the function will try without pre-authentication + and return those pre-authentication that the KDC returned. + + _r_e_t___a_s___r_e_p_l_y will (if not NULL) be filled in with the response of the KDC + and should be free with kkrrbb55__ffrreeee__kkddcc__rreepp(). + + _k_e_y___p_r_o_c is a pointer to a function that should return a key salted + appropriately. Using NULL will use the default password query function. + + _d_e_c_r_y_p_t___p_r_o_c Using NULL will use the default decryption function. + + _d_e_c_r_y_p_t_a_r_g will be passed to the decryption function _d_e_c_r_y_p_t___p_r_o_c. + + _c_r_e_d_s creds should be filled in with the template for a credential that + should be requested. The client and server elements of the creds struc- + ture must be filled in. Upon return of the function it will be contain + the content of the requested credential (_k_r_b_5___g_e_t___i_n___c_r_e_d), or it will be + freed with krb5_free_creds(3) (all the other krb5_get_in functions). + + _c_c_a_c_h_e will store the credential in the credential cache _c_c_a_c_h_e. The + credential cache will not be initialized, thats up the the caller. + + kkrrbb55__ppaasssswwoorrdd__kkeeyy__pprroocc is a library function that is suitable using as + the _k_r_b_5___k_e_y___p_r_o_c argument to kkrrbb55__ggeett__iinn__ccrreedd or kkrrbb55__ggeett__iinn__ttkktt. + _k_e_y_s_e_e_d should be a pointer to a NUL terminated string or NULL. + kkrrbb55__ppaasssswwoorrdd__kkeeyy__pprroocc will query the user for the pass on the console if + the password isn't given as the argument _k_e_y_s_e_e_d. + + kkrrbb55__ffrreeee__kkddcc__rreepp() frees the content of _r_e_p. + +SSEEEE AALLSSOO + krb5(3), krb5_verify_user(3), krb5.conf(5), kerberos(8) + +HEIMDAL May 31, 2003 HEIMDAL diff --git a/lib/krb5/krb5_get_init_creds.3 b/lib/krb5/krb5_get_init_creds.3 index 3838c1449a57..764efb47e441 100644 --- a/lib/krb5/krb5_get_init_creds.3 +++ b/lib/krb5/krb5_get_init_creds.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan +.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_get_init_creds.3 20266 2007-02-18 10:41:10Z lha $ +.\" $Id$ .\" .Dd Sep 16, 2006 .Dt KRB5_GET_INIT_CREDS 3 @@ -222,7 +222,7 @@ Getting initial credential ticket for a principal. That may include changing an expired password, and doing preauthentication. This interface that replaces the deprecated .Fa krb5_in_tkt -and +and .Fa krb5_in_cred functions. .Pp diff --git a/lib/krb5/krb5_get_init_creds.cat3 b/lib/krb5/krb5_get_init_creds.cat3 new file mode 100644 index 000000000000..f727ab77ca60 --- /dev/null +++ b/lib/krb5/krb5_get_init_creds.cat3 @@ -0,0 +1,245 @@ + +KRB5_GET_INIT_CREDS(3) BSD Library Functions Manual KRB5_GET_INIT_CREDS(3) + +NNAAMMEE + kkrrbb55__ggeett__iinniitt__ccrreeddss, kkrrbb55__ggeett__iinniitt__ccrreeddss__kkeeyyttaabb, kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__aalllloocc, kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__ffrreeee, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__iinniitt, kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__aaddddrreessss__lliisstt, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__aaddddrreesssslleessss, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__aannoonnyymmoouuss, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ddeeffaauulltt__ffllaaggss, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__eettyyppee__lliisstt, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ffoorrwwaarrddaabbllee, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ppaa__ppaasssswwoorrdd, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ppaaqq__rreeqquueesstt, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__pprreeaauutthh__lliisstt, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__pprrooxxiiaabbllee, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__rreenneeww__lliiffee, kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ssaalltt, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ttkktt__lliiffee, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ccaannoonniiccaalliizzee, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__wwiinn22kk, kkrrbb55__ggeett__iinniitt__ccrreeddss__ppaasssswwoorrdd, + kkrrbb55__pprroommpptt, kkrrbb55__pprroommpptteerr__ppoossiixx -- Kerberos 5 initial authentication + functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t_; + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__aalllloocc(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_*_o_p_t); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__ffrreeee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__iinniitt(_k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__aaddddrreessss__lliisstt(_k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, + _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_e_s_s_e_s); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__aaddddrreesssslleessss(_k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, + _k_r_b_5___b_o_o_l_e_a_n _a_d_d_r_e_s_s_l_e_s_s); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__aannoonnyymmoouuss(_k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, + _i_n_t _a_n_o_n_y_m_o_u_s); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ddeeffaauulltt__ffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _c_o_n_s_t _c_h_a_r _*_a_p_p_n_a_m_e, _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m, + _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__eettyyppee__lliisstt(_k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, + _k_r_b_5___e_n_c_t_y_p_e _*_e_t_y_p_e___l_i_s_t, _i_n_t _e_t_y_p_e___l_i_s_t___l_e_n_g_t_h); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ffoorrwwaarrddaabbllee(_k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, + _i_n_t _f_o_r_w_a_r_d_a_b_l_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ppaa__ppaasssswwoorrdd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, _c_o_n_s_t _c_h_a_r _*_p_a_s_s_w_o_r_d, + _k_r_b_5___s_2_k___p_r_o_c _k_e_y___p_r_o_c); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ppaaqq__rreeqquueesstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, _k_r_b_5___b_o_o_l_e_a_n _r_e_q___p_a_c); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ppkkiinniitt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, _c_o_n_s_t _c_h_a_r _*_c_e_r_t___f_i_l_e, + _c_o_n_s_t _c_h_a_r _*_k_e_y___f_i_l_e, _c_o_n_s_t _c_h_a_r _*_x_5_0_9___a_n_c_h_o_r_s, _i_n_t _f_l_a_g_s, + _c_h_a_r _*_p_a_s_s_w_o_r_d); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__pprreeaauutthh__lliisstt(_k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, + _k_r_b_5___p_r_e_a_u_t_h_t_y_p_e _*_p_r_e_a_u_t_h___l_i_s_t, _i_n_t _p_r_e_a_u_t_h___l_i_s_t___l_e_n_g_t_h); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__pprrooxxiiaabbllee(_k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, + _i_n_t _p_r_o_x_i_a_b_l_e); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__rreenneeww__lliiffee(_k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, + _k_r_b_5___d_e_l_t_a_t _r_e_n_e_w___l_i_f_e); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ssaalltt(_k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, + _k_r_b_5___d_a_t_a _*_s_a_l_t); + + _v_o_i_d + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ttkktt__lliiffee(_k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, + _k_r_b_5___d_e_l_t_a_t _t_k_t___l_i_f_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ccaannoonniiccaalliizzee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, _k_r_b_5___b_o_o_l_e_a_n _r_e_q); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__wwiinn22kk(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t, _k_r_b_5___b_o_o_l_e_a_n _r_e_q); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinniitt__ccrreeddss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s, + _k_r_b_5___p_r_i_n_c_i_p_a_l _c_l_i_e_n_t, _k_r_b_5___p_r_o_m_p_t_e_r___f_c_t _p_r_o_m_p_t_e_r, + _v_o_i_d _*_p_r_o_m_p_t_e_r___d_a_t_a, _k_r_b_5___d_e_l_t_a_t _s_t_a_r_t___t_i_m_e, + _c_o_n_s_t _c_h_a_r _*_i_n___t_k_t___s_e_r_v_i_c_e, _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t_i_o_n_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinniitt__ccrreeddss__ppaasssswwoorrdd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s, + _k_r_b_5___p_r_i_n_c_i_p_a_l _c_l_i_e_n_t, _c_o_n_s_t _c_h_a_r _*_p_a_s_s_w_o_r_d, + _k_r_b_5___p_r_o_m_p_t_e_r___f_c_t _p_r_o_m_p_t_e_r, _v_o_i_d _*_p_r_o_m_p_t_e_r___d_a_t_a, + _k_r_b_5___d_e_l_t_a_t _s_t_a_r_t___t_i_m_e, _c_o_n_s_t _c_h_a_r _*_i_n___t_k_t___s_e_r_v_i_c_e, + _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_i_n___o_p_t_i_o_n_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iinniitt__ccrreeddss__kkeeyyttaabb(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s, + _k_r_b_5___p_r_i_n_c_i_p_a_l _c_l_i_e_n_t, _k_r_b_5___k_e_y_t_a_b _k_e_y_t_a_b, _k_r_b_5___d_e_l_t_a_t _s_t_a_r_t___t_i_m_e, + _c_o_n_s_t _c_h_a_r _*_i_n___t_k_t___s_e_r_v_i_c_e, _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t_i_o_n_s); + + _i_n_t + kkrrbb55__pprroommpptteerr__ppoossiixx(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _v_o_i_d _*_d_a_t_a, _c_o_n_s_t _c_h_a_r _*_n_a_m_e, + _c_o_n_s_t _c_h_a_r _*_b_a_n_n_e_r, _i_n_t _n_u_m___p_r_o_m_p_t_s, _k_r_b_5___p_r_o_m_p_t _p_r_o_m_p_t_s_[_]); + +DDEESSCCRRIIPPTTIIOONN + Getting initial credential ticket for a principal. That may include + changing an expired password, and doing preauthentication. This inter- + face that replaces the deprecated _k_r_b_5___i_n___t_k_t and _k_r_b_5___i_n___c_r_e_d functions. + + If you only want to verify a username and password, consider using + krb5_verify_user(3) instead, since it also verifies that initial creden- + tials with using a keytab to make sure the response was from the KDC. + + First a krb5_get_init_creds_opt structure is initialized with + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__aalllloocc() or kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__iinniitt(). + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__aalllloocc() allocates a extendible structures that + needs to be freed with kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__ffrreeee(). The structure may + be modified by any of the kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett() functions to + change request parameters and authentication information. + + If the caller want to use the default options, NULL can be passed + instead. + + The the actual request to the KDC is done by any of the + kkrrbb55__ggeett__iinniitt__ccrreeddss(), kkrrbb55__ggeett__iinniitt__ccrreeddss__ppaasssswwoorrdd(), or + kkrrbb55__ggeett__iinniitt__ccrreeddss__kkeeyyttaabb() functions. kkrrbb55__ggeett__iinniitt__ccrreeddss() is the + least specialized function and can, with the right in data, behave like + the latter two. The latter two are there for compatibility with older + releases and they are slightly easier to use. + + krb5_prompt is a structure containing the following elements: + + typedef struct { + const char *prompt; + int hidden; + krb5_data *reply; + krb5_prompt_type type + } krb5_prompt; + + _p_r_o_m_p_t is the prompt that should shown to the user If _h_i_d_d_e_n is set, the + prompter function shouldn't echo the output to the display device. _r_e_p_l_y + must be preallocated; it will not be allocated by the prompter function. + Possible values for the _t_y_p_e element are: + + KRB5_PROMPT_TYPE_PASSWORD + KRB5_PROMPT_TYPE_NEW_PASSWORD + KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN + KRB5_PROMPT_TYPE_PREAUTH + KRB5_PROMPT_TYPE_INFO + + kkrrbb55__pprroommpptteerr__ppoossiixx() is the default prompter function in a POSIX envi- + ronment. It matches the _k_r_b_5___p_r_o_m_p_t_e_r___f_c_t and can be used in the + _k_r_b_5___g_e_t___i_n_i_t___c_r_e_d_s functions. kkrrbb55__pprroommpptteerr__ppoossiixx() doesn't require + _p_r_o_m_p_t_e_r___d_a_t_a_. + + If the _s_t_a_r_t___t_i_m_e is zero, then the requested ticket will be valid begin- + ning immediately. Otherwise, the _s_t_a_r_t___t_i_m_e indicates how far in the + future the ticket should be postdated. + + If the _i_n___t_k_t___s_e_r_v_i_c_e name is non-NULL, that principal name will be used + as the server name for the initial ticket request. The realm of the name + specified will be ignored and will be set to the realm of the client + name. If no in_tkt_service name is specified, krbtgt/CLIENT- + REALM@CLIENT-REALM will be used. + + For the rest of arguments, a configuration or library default will be + used if no value is specified in the options structure. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__aaddddrreessss__lliisstt() sets the list of _a_d_d_r_e_s_s_e_s + that is should be stored in the ticket. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__aaddddrreesssslleessss() controls if the ticket is + requested with addresses or not, + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__aaddddrreessss__lliisstt() overrides this option. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__aannoonnyymmoouuss() make the request anonymous if the + _a_n_o_n_y_m_o_u_s parameter is non-zero. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ddeeffaauulltt__ffllaaggss() sets the default flags using + the configuration file. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__eettyyppee__lliisstt() set a list of enctypes that the + client is willing to support in the request. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ffoorrwwaarrddaabbllee() request a forwardable ticket. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ppaa__ppaasssswwoorrdd() set the _p_a_s_s_w_o_r_d and _k_e_y___p_r_o_c + that is going to be used to get a new ticket. _p_a_s_s_w_o_r_d or _k_e_y___p_r_o_c can + be NULL if the caller wants to use the default values. If the _p_a_s_s_w_o_r_d + is unset and needed, the user will be prompted for it. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ppaaqq__rreeqquueesstt() sets the password that is going + to be used to get a new ticket. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__pprreeaauutthh__lliisstt() sets the list of client-sup- + ported preauth types. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__pprrooxxiiaabbllee() makes the request proxiable. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__rreenneeww__lliiffee() sets the requested renewable + lifetime. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ssaalltt() sets the salt that is going to be used + in the request. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ttkktt__lliiffee() sets requested ticket lifetime. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__ccaannoonniiccaalliizzee() requests that the KDC canoni- + calize the client pricipal if possible. + + kkrrbb55__ggeett__iinniitt__ccrreeddss__oopptt__sseett__wwiinn22kk() turns on compatibility with Windows + 2000. + +SSEEEE AALLSSOO + krb5(3), krb5_creds(3), krb5_verify_user(3), krb5.conf(5), kerberos(8) + +HEIMDAL Sep 16, 2006 HEIMDAL diff --git a/lib/krb5/krb5_get_krbhst.3 b/lib/krb5/krb5_get_krbhst.3 index d613a0d6df11..55fb8f2a0b0f 100644 --- a/lib/krb5/krb5_get_krbhst.3 +++ b/lib/krb5/krb5_get_krbhst.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2001 Kungliga Tekniska Högskolan +.\" Copyright (c) 2001 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_get_krbhst.3 14905 2005-04-24 07:46:59Z lha $ +.\" $Id$ .\" .Dd April 24, 2005 .Dt KRB5_GET_KRBHST 3 diff --git a/lib/krb5/krb5_get_krbhst.cat3 b/lib/krb5/krb5_get_krbhst.cat3 new file mode 100644 index 000000000000..bb538993f476 --- /dev/null +++ b/lib/krb5/krb5_get_krbhst.cat3 @@ -0,0 +1,56 @@ + +KRB5_GET_KRBHST(3) BSD Library Functions Manual KRB5_GET_KRBHST(3) + +NNAAMMEE + kkrrbb55__ggeett__kkrrbbhhsstt, kkrrbb55__ggeett__kkrrbb__aaddmmiinn__hhsstt, kkrrbb55__ggeett__kkrrbb__cchhaannggeeppww__hhsstt, + kkrrbb55__ggeett__kkrrbb552244hhsstt, kkrrbb55__ffrreeee__kkrrbbhhsstt -- lookup Kerberos KDC hosts + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__kkrrbbhhsstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m, + _c_h_a_r _*_*_*_h_o_s_t_l_i_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__kkrrbb__aaddmmiinn__hhsstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m, + _c_h_a_r _*_*_*_h_o_s_t_l_i_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__kkrrbb__cchhaannggeeppww__hhsstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m, + _c_h_a_r _*_*_*_h_o_s_t_l_i_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__kkrrbb552244hhsstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m, + _c_h_a_r _*_*_*_h_o_s_t_l_i_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ffrreeee__kkrrbbhhsstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_h_a_r _*_*_h_o_s_t_l_i_s_t); + +DDEESSCCRRIIPPTTIIOONN + These functions implement the old API to get a list of Kerberos hosts, + and are thus similar to the kkrrbb55__kkrrbbhhsstt__iinniitt() functions. However, since + these functions returns _a_l_l hosts in one go, they potentially have to do + more lookups than necessary. These functions remain for compatibility + reasons. + + After a call to one of these functions, _h_o_s_t_l_i_s_t is a NULL terminated + list of strings, pointing to the requested Kerberos hosts. These should + be freed with kkrrbb55__ffrreeee__kkrrbbhhsstt() when done with. + +EEXXAAMMPPLLEESS + The following code will print the KDCs of the realm ``MY.REALM''. + + char **hosts, **p; + krb5_get_krbhst(context, "MY.REALM", &hosts); + for(p = hosts; *p; p++) + printf("%s\n", *p); + krb5_free_krbhst(context, hosts); + +SSEEEE AALLSSOO + krb5_krbhst_init(3) + +HEIMDAL April 24, 2005 HEIMDAL diff --git a/lib/krb5/krb5_getportbyname.3 b/lib/krb5/krb5_getportbyname.3 index 143606090031..0e9b7cbac8e0 100644 --- a/lib/krb5/krb5_getportbyname.3 +++ b/lib/krb5/krb5_getportbyname.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_getportbyname.3 22071 2007-11-14 20:04:50Z lha $ +.\" $Id$ .\" .Dd August 15, 2004 .Dt NAME 3 diff --git a/lib/krb5/krb5_getportbyname.cat3 b/lib/krb5/krb5_getportbyname.cat3 new file mode 100644 index 000000000000..80124f36cc00 --- /dev/null +++ b/lib/krb5/krb5_getportbyname.cat3 @@ -0,0 +1,29 @@ + +NAME(3) BSD Library Functions Manual NAME(3) + +NNAAMMEE + kkrrbb55__ggeettppoorrttbbyynnaammee -- get port number by name + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _i_n_t + kkrrbb55__ggeettppoorrttbbyynnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_s_e_r_v_i_c_e, + _c_o_n_s_t _c_h_a_r _*_p_r_o_t_o, _i_n_t _d_e_f_a_u_l_t___p_o_r_t); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__ggeettppoorrttbbyynnaammee() gets the port number for _s_e_r_v_i_c_e _/ _p_r_o_t_o pair from + the global service table for and returns it in network order. If it + isn't found in the global table, the _d_e_f_a_u_l_t___p_o_r_t (given in host order) + is returned. + +EEXXAAMMPPLLEE + int port = krb5_getportbyname(context, "kerberos", "tcp", 88); + +SSEEEE AALLSSOO + krb5(3) + +HEIMDAL August 15, 2004 HEIMDAL diff --git a/lib/krb5/krb5_init_context.3 b/lib/krb5/krb5_init_context.3 index cf9d69698501..3a6199b95476 100644 --- a/lib/krb5/krb5_init_context.3 +++ b/lib/krb5/krb5_init_context.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2001 - 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2001 - 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_init_context.3 19980 2007-01-17 18:06:33Z lha $ +.\" $Id$ .\" .Dd December 8, 2004 .Dt KRB5_CONTEXT 3 @@ -156,7 +156,7 @@ Kerberos 5 Library (libkrb5, -lkrb5) .Fa "const char *filelist" .Fa "char ***pfilenames" .Fc -.Ft krb5_error_code +.Ft krb5_error_code .Fo krb5_get_default_config_files .Fa "char ***pfilenames" .Fc @@ -211,7 +211,7 @@ libs to This is done by .Fn krb5_init_context . .Pp -.Fn krb5_add_et_list +.Fn krb5_add_et_list adds a .Xr com_err 3 error-code handler @@ -219,7 +219,7 @@ error-code handler to the specified .Fa context . The error handler must generated by the the re-rentrant version of the -.Xr compile_et 3 +.Xr compile_et 1 program. .Fn krb5_add_extra_addresses add a list of addresses that should be added when requesting tickets. @@ -265,7 +265,7 @@ set the list of configuration files to use and re-initialize the configuration from the files. .Pp .Fn krb5_prepend_config_files -parse the +parse the .Fa filelist and prepend the result to the already existing list .Fa pq @@ -275,7 +275,7 @@ and should be freed with .Fn krb5_free_config_files . .Pp .Fn krb5_prepend_config_files_default -parse the +parse the .Fa filelist and append that to the default list of configuration files. diff --git a/lib/krb5/krb5_init_context.cat3 b/lib/krb5/krb5_init_context.cat3 new file mode 100644 index 000000000000..d5676b31422c --- /dev/null +++ b/lib/krb5/krb5_init_context.cat3 @@ -0,0 +1,185 @@ + +KRB5_CONTEXT(3) BSD Library Functions Manual KRB5_CONTEXT(3) + +NNAAMMEE + kkrrbb55__aadddd__eett__lliisstt, kkrrbb55__aadddd__eexxttrraa__aaddddrreesssseess, kkrrbb55__aadddd__iiggnnoorree__aaddddrreesssseess, + kkrrbb55__ccoonntteexxtt, kkrrbb55__ffrreeee__ccoonnffiigg__ffiilleess, kkrrbb55__ffrreeee__ccoonntteexxtt, + kkrrbb55__ggeett__ddeeffaauulltt__ccoonnffiigg__ffiilleess, kkrrbb55__ggeett__ddnnss__ccaannoonniizzee__hhoossttnnaammee, + kkrrbb55__ggeett__eexxttrraa__aaddddrreesssseess, kkrrbb55__ggeett__ffccaacchhee__vveerrssiioonn, + kkrrbb55__ggeett__iiggnnoorree__aaddddrreesssseess, kkrrbb55__ggeett__kkddcc__sseecc__ooffffsseett, + kkrrbb55__ggeett__mmaaxx__ttiimmee__sskkeeww, kkrrbb55__ggeett__uussee__aaddmmiinn__kkddcc kkrrbb55__iinniitt__ccoonntteexxtt, + kkrrbb55__iinniitt__eettss, kkrrbb55__pprreeppeenndd__ccoonnffiigg__ffiilleess, + kkrrbb55__pprreeppeenndd__ccoonnffiigg__ffiilleess__ddeeffaauulltt, kkrrbb55__sseett__ccoonnffiigg__ffiilleess, + kkrrbb55__sseett__ddnnss__ccaannoonniizzee__hhoossttnnaammee, kkrrbb55__sseett__eexxttrraa__aaddddrreesssseess, + kkrrbb55__sseett__ffccaacchhee__vveerrssiioonn, kkrrbb55__sseett__iiggnnoorree__aaddddrreesssseess, + kkrrbb55__sseett__mmaaxx__ttiimmee__sskkeeww, kkrrbb55__sseett__uussee__aaddmmiinn__kkddcc, -- create, modify and + delete krb5_context structures + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + struct krb5_context; + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__iinniitt__ccoonntteexxtt(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t); + + _v_o_i_d + kkrrbb55__ffrreeee__ccoonntteexxtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t); + + _v_o_i_d + kkrrbb55__iinniitt__eettss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aadddd__eett__lliisstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _v_o_i_d _(_*_f_u_n_c_)_(_s_t_r_u_c_t _e_t___l_i_s_t _*_*_)); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aadddd__eexxttrraa__aaddddrreesssseess(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_e_s_s_e_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__sseett__eexxttrraa__aaddddrreesssseess(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_e_s_s_e_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__eexxttrraa__aaddddrreesssseess(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_e_s_s_e_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aadddd__iiggnnoorree__aaddddrreesssseess(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_e_s_s_e_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__sseett__iiggnnoorree__aaddddrreesssseess(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_e_s_s_e_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__iiggnnoorree__aaddddrreesssseess(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_e_s_s_e_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__sseett__ffccaacchhee__vveerrssiioonn(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t _v_e_r_s_i_o_n); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ffccaacchhee__vveerrssiioonn(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t _*_v_e_r_s_i_o_n); + + _v_o_i_d + kkrrbb55__sseett__ddnnss__ccaannoonniizzee__hhoossttnnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___b_o_o_l_e_a_n _f_l_a_g); + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__ggeett__ddnnss__ccaannoonniizzee__hhoossttnnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__kkddcc__sseecc__ooffffsseett(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t_3_2___t _*_s_e_c, + _i_n_t_3_2___t _*_u_s_e_c); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__sseett__ccoonnffiigg__ffiilleess(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_h_a_r _*_*_f_i_l_e_n_a_m_e_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__pprreeppeenndd__ccoonnffiigg__ffiilleess(_c_o_n_s_t _c_h_a_r _*_f_i_l_e_l_i_s_t, _c_h_a_r _*_*_p_q, + _c_h_a_r _*_*_*_r_e_t___p_p); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__pprreeppeenndd__ccoonnffiigg__ffiilleess__ddeeffaauulltt(_c_o_n_s_t _c_h_a_r _*_f_i_l_e_l_i_s_t, + _c_h_a_r _*_*_*_p_f_i_l_e_n_a_m_e_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ddeeffaauulltt__ccoonnffiigg__ffiilleess(_c_h_a_r _*_*_*_p_f_i_l_e_n_a_m_e_s); + + _v_o_i_d + kkrrbb55__ffrreeee__ccoonnffiigg__ffiilleess(_c_h_a_r _*_*_f_i_l_e_n_a_m_e_s); + + _v_o_i_d + kkrrbb55__sseett__uussee__aaddmmiinn__kkddcc(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___b_o_o_l_e_a_n _f_l_a_g); + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__ggeett__uussee__aaddmmiinn__kkddcc(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t); + + _t_i_m_e___t + kkrrbb55__ggeett__mmaaxx__ttiimmee__sskkeeww(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__sseett__mmaaxx__ttiimmee__sskkeeww(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _t_i_m_e___t _t_i_m_e); + +DDEESSCCRRIIPPTTIIOONN + The kkrrbb55__iinniitt__ccoonntteexxtt() function initializes the _c_o_n_t_e_x_t structure and + reads the configuration file _/_e_t_c_/_k_r_b_5_._c_o_n_f. + + The structure should be freed by calling kkrrbb55__ffrreeee__ccoonntteexxtt() when it is + no longer being used. + + kkrrbb55__iinniitt__ccoonntteexxtt() returns 0 to indicate success. Otherwise an errno + code is returned. Failure means either that something bad happened dur- + ing initialization (typically [ENOMEM]) or that Kerberos should not be + used [ENXIO]. + + kkrrbb55__iinniitt__eettss() adds all com_err(3) libs to _c_o_n_t_e_x_t. This is done by + kkrrbb55__iinniitt__ccoonntteexxtt(). + + kkrrbb55__aadddd__eett__lliisstt() adds a com_err(3) error-code handler _f_u_n_c to the spec- + ified _c_o_n_t_e_x_t. The error handler must generated by the the re-rentrant + version of the compile_et(1) program. kkrrbb55__aadddd__eexxttrraa__aaddddrreesssseess() add a + list of addresses that should be added when requesting tickets. + + kkrrbb55__aadddd__iiggnnoorree__aaddddrreesssseess() add a list of addresses that should be + ignored when requesting tickets. + + kkrrbb55__ggeett__eexxttrraa__aaddddrreesssseess() get the list of addresses that should be added + when requesting tickets. + + kkrrbb55__ggeett__iiggnnoorree__aaddddrreesssseess() get the list of addresses that should be + ignored when requesting tickets. + + kkrrbb55__sseett__iiggnnoorree__aaddddrreesssseess() set the list of addresses that should be + ignored when requesting tickets. + + kkrrbb55__sseett__eexxttrraa__aaddddrreesssseess() set the list of addresses that should be added + when requesting tickets. + + kkrrbb55__sseett__ffccaacchhee__vveerrssiioonn() sets the version of file credentials caches + that should be used. + + kkrrbb55__ggeett__ffccaacchhee__vveerrssiioonn() gets the version of file credentials caches + that should be used. + + kkrrbb55__sseett__ddnnss__ccaannoonniizzee__hhoossttnnaammee() sets if the context is configured to + canonicalize hostnames using DNS. + + kkrrbb55__ggeett__ddnnss__ccaannoonniizzee__hhoossttnnaammee() returns if the context is configured to + canonicalize hostnames using DNS. + + kkrrbb55__ggeett__kkddcc__sseecc__ooffffsseett() returns the offset between the localtime and + the KDC's time. _s_e_c and _u_s_e_c are both optional argument and NULL can be + passed in. + + kkrrbb55__sseett__ccoonnffiigg__ffiilleess() set the list of configuration files to use and + re-initialize the configuration from the files. + + kkrrbb55__pprreeppeenndd__ccoonnffiigg__ffiilleess() parse the _f_i_l_e_l_i_s_t and prepend the result to + the already existing list _p_q The result is returned in _r_e_t___p_p and should + be freed with kkrrbb55__ffrreeee__ccoonnffiigg__ffiilleess(). + + kkrrbb55__pprreeppeenndd__ccoonnffiigg__ffiilleess__ddeeffaauulltt() parse the _f_i_l_e_l_i_s_t and append that to + the default list of configuration files. + + kkrrbb55__ggeett__ddeeffaauulltt__ccoonnffiigg__ffiilleess() get a list of default configuration + files. + + kkrrbb55__ffrreeee__ccoonnffiigg__ffiilleess() free a list of configuration files returned by + kkrrbb55__ggeett__ddeeffaauulltt__ccoonnffiigg__ffiilleess(), kkrrbb55__pprreeppeenndd__ccoonnffiigg__ffiilleess__ddeeffaauulltt(), or + kkrrbb55__pprreeppeenndd__ccoonnffiigg__ffiilleess(). + + kkrrbb55__sseett__uussee__aaddmmiinn__kkddcc() sets if all KDC requests should go admin KDC. + + kkrrbb55__ggeett__uussee__aaddmmiinn__kkddcc() gets if all KDC requests should go admin KDC. + + kkrrbb55__ggeett__mmaaxx__ttiimmee__sskkeeww() and kkrrbb55__sseett__mmaaxx__ttiimmee__sskkeeww() get and sets the + maximum allowed time skew between client and server. + +SSEEEE AALLSSOO + errno(2), krb5(3), krb5_config(3), krb5_context(3), kerberos(8) + +HEIMDAL December 8, 2004 HEIMDAL diff --git a/lib/krb5/krb5_is_thread_safe.3 b/lib/krb5/krb5_is_thread_safe.3 index 9f0a919d3571..1a73e853e8bb 100644 --- a/lib/krb5/krb5_is_thread_safe.3 +++ b/lib/krb5/krb5_is_thread_safe.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2005 Kungliga Tekniska Högskolan +.\" Copyright (c) 2005 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_is_thread_safe.3 17462 2006-05-05 13:18:39Z lha $ +.\" $Id$ .\" .Dd May 5, 2006 .Dt KRB5_IS_THREAD_SAFE 3 @@ -50,7 +50,7 @@ returns if the library was compiled with with multithread support. If the library isn't compiled, the consumer have to use a global lock to make sure Kerboros functions are not called at the same time by -diffrent threads. +different threads. .\" .Sh EXAMPLE .\" .Sh BUGS .Sh SEE ALSO diff --git a/lib/krb5/krb5_is_thread_safe.cat3 b/lib/krb5/krb5_is_thread_safe.cat3 new file mode 100644 index 000000000000..37383c8d35bf --- /dev/null +++ b/lib/krb5/krb5_is_thread_safe.cat3 @@ -0,0 +1,26 @@ + +KRB5_IS_THREAD_SAFE(3) BSD Library Functions Manual KRB5_IS_THREAD_SAFE(3) + +NNAAMMEE + kkrrbb55__iiss__tthhrreeaadd__ssaaffee -- is the Kerberos library compiled with multithread + support + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__iiss__tthhrreeaadd__ssaaffee(_v_o_i_d); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__iiss__tthhrreeaadd__ssaaffee returns TRUE if the library was compiled with with + multithread support. If the library isn't compiled, the consumer have to + use a global lock to make sure Kerboros functions are not called at the + same time by different threads. + +SSEEEE AALLSSOO + krb5_create_checksum(3), krb5_encrypt(3) + +HEIMDAL May 5, 2006 HEIMDAL diff --git a/lib/krb5/krb5_keyblock.3 b/lib/krb5/krb5_keyblock.3 deleted file mode 100644 index 9fabd32a0d01..000000000000 --- a/lib/krb5/krb5_keyblock.3 +++ /dev/null @@ -1,218 +0,0 @@ -.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_keyblock.3 17385 2006-05-01 08:48:55Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_KEYBLOCK 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_keyblock , -.Nm krb5_keyblock_get_enctype , -.Nm krb5_copy_keyblock , -.Nm krb5_copy_keyblock_contents , -.Nm krb5_free_keyblock , -.Nm krb5_free_keyblock_contents , -.Nm krb5_generate_random_keyblock , -.Nm krb5_generate_subkey , -.Nm krb5_generate_subkey_extended , -.Nm krb5_keyblock_init , -.Nm krb5_keyblock_zero , -.Nm krb5_random_to_key -.Nd Kerberos 5 key handling functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li krb5_keyblock ; -.Ft krb5_enctype -.Fo krb5_keyblock_get_enctype -.Fa "const krb5_keyblock *block" -.Fc -.Ft krb5_error_code -.Fo krb5_copy_keyblock -.Fa "krb5_context context" -.Fa "krb5_keyblock **to" -.Fc -.Ft krb5_error_code -.Fo krb5_copy_keyblock_contents -.Fa "krb5_context context" -.Fa "const krb5_keyblock *inblock" -.Fa "krb5_keyblock *to" -.Fc -.Ft void -.Fo krb5_free_keyblock -.Fa "krb5_context context" -.Fa "krb5_keyblock *keyblock" -.Fc -.Ft void -.Fo krb5_free_keyblock_contents -.Fa "krb5_context context" -.Fa "krb5_keyblock *keyblock" -.Fc -.Ft krb5_error_code -.Fo krb5_generate_random_keyblock -.Fa "krb5_context context" -.Fa "krb5_enctype type" -.Fa "krb5_keyblock *key" -.Fc -.Ft krb5_error_code -.Fo krb5_generate_subkey -.Fa "krb5_context context" -.Fa "const krb5_keyblock *key" -.Fa "krb5_keyblock **subkey" -.Fc -.Ft krb5_error_code -.Fo krb5_generate_subkey_extended -.Fa "krb5_context context" -.Fa "const krb5_keyblock *key" -.Fa "krb5_enctype enctype" -.Fa "krb5_keyblock **subkey" -.Fc -.Ft krb5_error_code -.Fo krb5_keyblock_init -.Fa "krb5_context context" -.Fa "krb5_enctype type" -.Fa "const void *data" -.Fa "size_t size" -.Fa "krb5_keyblock *key" -.Fc -.Ft void -.Fo krb5_keyblock_zero -.Fa "krb5_keyblock *keyblock" -.Fc -.Ft krb5_error_code -.Fo krb5_random_to_key -.Fa "krb5_context context" -.Fa "krb5_enctype type" -.Fa "const void *data" -.Fa "size_t size" -.Fa "krb5_keyblock *key" -.Fc -.Sh DESCRIPTION -.Li krb5_keyblock -holds the encryption key for a specific encryption type. -There is no component inside -.Li krb5_keyblock -that is directly referable. -.Pp -.Fn krb5_keyblock_get_enctype -returns the encryption type of the keyblock. -.Pp -.Fn krb5_copy_keyblock -makes a copy the keyblock -.Fa inblock -to the -output -.Fa out . -.Fa out -should be freed by the caller with -.Fa krb5_free_keyblock . -.Pp -.Fn krb5_copy_keyblock_contents -copies the contents of -.Fa inblock -to the -.Fa to -keyblock. -The destination keyblock is overritten. -.Pp -.Fn krb5_free_keyblock -zeros out and frees the content and the keyblock itself. -.Pp -.Fn krb5_free_keyblock_contents -zeros out and frees the content of the keyblock. -.Pp -.Fn krb5_generate_random_keyblock -creates a new content of the keyblock -.Fa key -of type encrytion type -.Fa type . -The content of -.Fa key -is overwritten and not freed, so the caller should be sure it is -freed before calling the function. -.Pp -.Fn krb5_generate_subkey -generates a -.Fa subkey -of the same type as -.Fa key . -The caller must free the subkey with -.Fa krb5_free_keyblock . -.Pp -.Fn krb5_generate_subkey_extended -generates a -.Fa subkey -of the specified encryption type -.Fa type . -If -.Fa type -is -.Dv ETYPE_NULL , -of the same type as -.Fa key . -The caller must free the subkey with -.Fa krb5_free_keyblock . -.Pp -.Fn krb5_keyblock_init -Fill in -.Fa key -with key data of type -.Fa enctype -from -.Fa data -of length -.Fa size . -Key should be freed using -.Fn krb5_free_keyblock_contents . -.Pp -.Fn krb5_keyblock_zero -zeros out the keyblock to to make sure no keymaterial is in -memory. -Note that -.Fn krb5_free_keyblock_contents -also zeros out the memory. -.Pp -.Fn krb5_random_to_key -converts the random bytestring to a protocol key according to Kerberos -crypto frame work. -It the resulting key will be of type -.Fa enctype . -It may be assumed that all the bits of the input string are equally -random, even though the entropy present in the random source may be -limited -.\" .Sh EXAMPLES -.Sh SEE ALSO -.Xr krb5_crypto_init 3 , -.Xr krb5 3 , -.Xr krb5.conf 5 diff --git a/lib/krb5/krb5_keytab.3 b/lib/krb5/krb5_keytab.3 deleted file mode 100644 index b6cb1a26cc00..000000000000 --- a/lib/krb5/krb5_keytab.3 +++ /dev/null @@ -1,482 +0,0 @@ -.\" Copyright (c) 2001 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_keytab.3 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd August 12, 2005 -.Dt KRB5_KEYTAB 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_kt_ops , -.Nm krb5_keytab_entry , -.Nm krb5_kt_cursor , -.Nm krb5_kt_add_entry , -.Nm krb5_kt_close , -.Nm krb5_kt_compare , -.Nm krb5_kt_copy_entry_contents , -.Nm krb5_kt_default , -.Nm krb5_kt_default_modify_name , -.Nm krb5_kt_default_name , -.Nm krb5_kt_end_seq_get , -.Nm krb5_kt_free_entry , -.Nm krb5_kt_get_entry , -.Nm krb5_kt_get_name , -.Nm krb5_kt_get_type , -.Nm krb5_kt_next_entry , -.Nm krb5_kt_read_service_key , -.Nm krb5_kt_register , -.Nm krb5_kt_remove_entry , -.Nm krb5_kt_resolve , -.Nm krb5_kt_start_seq_get -.Nd manage keytab (key storage) files -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Ft krb5_error_code -.Fo krb5_kt_add_entry -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fa "krb5_keytab_entry *entry" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_close -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fc -.Ft krb5_boolean -.Fo krb5_kt_compare -.Fa "krb5_context context" -.Fa "krb5_keytab_entry *entry" -.Fa "krb5_const_principal principal" -.Fa "krb5_kvno vno" -.Fa "krb5_enctype enctype" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_copy_entry_contents -.Fa "krb5_context context" -.Fa "const krb5_keytab_entry *in" -.Fa "krb5_keytab_entry *out" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_default -.Fa "krb5_context context" -.Fa "krb5_keytab *id" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_default_modify_name -.Fa "krb5_context context" -.Fa "char *name" -.Fa "size_t namesize" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_default_name -.Fa "krb5_context context" -.Fa "char *name" -.Fa "size_t namesize" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_end_seq_get -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fa "krb5_kt_cursor *cursor" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_free_entry -.Fa "krb5_context context" -.Fa "krb5_keytab_entry *entry" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_get_entry -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fa "krb5_const_principal principal" -.Fa "krb5_kvno kvno" -.Fa "krb5_enctype enctype" -.Fa "krb5_keytab_entry *entry" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_get_name -.Fa "krb5_context context" -.Fa "krb5_keytab keytab" -.Fa "char *name" -.Fa "size_t namesize" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_get_type -.Fa "krb5_context context" -.Fa "krb5_keytab keytab" -.Fa "char *prefix" -.Fa "size_t prefixsize" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_next_entry -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fa "krb5_keytab_entry *entry" -.Fa "krb5_kt_cursor *cursor" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_read_service_key -.Fa "krb5_context context" -.Fa "krb5_pointer keyprocarg" -.Fa "krb5_principal principal" -.Fa "krb5_kvno vno" -.Fa "krb5_enctype enctype" -.Fa "krb5_keyblock **key" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_register -.Fa "krb5_context context" -.Fa "const krb5_kt_ops *ops" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_remove_entry -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fa "krb5_keytab_entry *entry" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_resolve -.Fa "krb5_context context" -.Fa "const char *name" -.Fa "krb5_keytab *id" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_start_seq_get -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fa "krb5_kt_cursor *cursor" -.Fc -.Sh DESCRIPTION -A keytab name is on the form -.Li type:residual . -The -.Li residual -part is specific to each keytab-type. -.Pp -When a keytab-name is resolved, the type is matched with an internal -list of keytab types. If there is no matching keytab type, -the default keytab is used. The current default type is -.Nm file . -The default value can be changed in the configuration file -.Pa /etc/krb5.conf -by setting the variable -.Li [defaults]default_keytab_name . -.Pp -The keytab types that are implemented in Heimdal -are: -.Bl -tag -width Ds -.It Nm file -store the keytab in a file, the type's name is -.Li FILE . -The residual part is a filename. -For compatibility with other Kerberos implemtation -.Li WRFILE -and -.LI JAVA14 -is also accepted. -.Li WRFILE -has the same format as -.Li FILE . -.Li JAVA14 -have a format that is compatible with older versions of MIT kerberos -and SUN's Java based installation. They store a truncted kvno, so -when the knvo excess 255, they are truncted in this format. -.It Nm keyfile -store the keytab in a -.Li AFS -keyfile (usually -.Pa /usr/afs/etc/KeyFile ) , -the type's name is -.Li AFSKEYFILE . -The residual part is a filename. -.It Nm krb4 -the keytab is a Kerberos 4 -.Pa srvtab -that is on-the-fly converted to a keytab. The type's name is -.Li krb4 . -The residual part is a filename. -.It Nm memory -The keytab is stored in a memory segment. This allows sensitive and/or -temporary data not to be stored on disk. The type's name is -.Li MEMORY . -Each -.Li MEMORY -keytab is referenced counted by and opened by the residual name, so two -handles can point to the same memory area. -When the last user closes the entry, it disappears. -.El -.Pp -.Nm krb5_keytab_entry -holds all data for an entry in a keytab file, like principal name, -key-type, key, key-version number, etc. -.Nm krb5_kt_cursor -holds the current position that is used when iterating through a -keytab entry with -.Fn krb5_kt_start_seq_get , -.Fn krb5_kt_next_entry , -and -.Fn krb5_kt_end_seq_get . -.Pp -.Nm krb5_kt_ops -contains the different operations that can be done to a keytab. This -structure is normally only used when doing a new keytab-type -implementation. -.Pp -.Fn krb5_kt_resolve -is the equivalent of an -.Xr open 2 -on keytab. Resolve the keytab name in -.Fa name -into a keytab in -.Fa id . -Returns 0 or an error. The opposite of -.Fn krb5_kt_resolve -is -.Fn krb5_kt_close . -.Pp -.Fn krb5_kt_close -frees all resources allocated to the keytab, even on failure. -Returns 0 or an error. -.Pp -.Fn krb5_kt_default -sets the argument -.Fa id -to the default keytab. -Returns 0 or an error. -.Pp -.Fn krb5_kt_default_modify_name -copies the name of the default modify keytab into -.Fa name . -Return 0 or KRB5_CONFIG_NOTENUFSPACE if -.Fa namesize -is too short. -.Pp -.Fn krb5_kt_default_name -copies the name of the default keytab into -.Fa name . -Return 0 or KRB5_CONFIG_NOTENUFSPACE if -.Fa namesize -is too short. -.Pp -.Fn krb5_kt_add_entry -adds a new -.Fa entry -to the keytab -.Fa id . -.Li KRB5_KT_NOWRITE -is returned if the keytab is a readonly keytab. -.Pp -.Fn krb5_kt_compare -compares the passed in -.Fa entry -against -.Fa principal , -.Fa vno , -and -.Fa enctype . -Any of -.Fa principal , -.Fa vno -or -.Fa enctype -might be 0 which acts as a wildcard. Return TRUE if they compare the -same, FALSE otherwise. -.Pp -.Fn krb5_kt_copy_entry_contents -copies the contents of -.Fa in -into -.Fa out . -Returns 0 or an error. -.Pp -.Fn krb5_kt_get_name -retrieves the name of the keytab -.Fa keytab -into -.Fa name , -.Fa namesize . -Returns 0 or an error. -.Pp -.Fn krb5_kt_get_type -retrieves the type of the keytab -.Fa keytab -and store the prefix/name for type of the keytab into -.Fa prefix , -.Fa prefixsize . -The prefix will have the maximum length of -.Dv KRB5_KT_PREFIX_MAX_LEN -(including terminating -.Dv NUL ) . -Returns 0 or an error. -.Pp -.Fn krb5_kt_free_entry -frees the contents of -.Fa entry . -.Pp -.Fn krb5_kt_start_seq_get -sets -.Fa cursor -to point at the beginning of -.Fa id . -Returns 0 or an error. -.Pp -.Fn krb5_kt_next_entry -gets the next entry from -.Fa id -pointed to by -.Fa cursor -and advance the -.Fa cursor . -On success the returne entry must be freed with -.Fn krb5_kt_free_entry . -Returns 0 or an error. -.Pp -.Fn krb5_kt_end_seq_get -releases all resources associated with -.Fa cursor . -.Pp -.Fn krb5_kt_get_entry -retrieves the keytab entry for -.Fa principal , -.Fa kvno , -.Fa enctype -into -.Fa entry -from the keytab -.Fa id . -When comparing an entry in the keytab to determine a match, the -function -.Fn krb5_kt_compare -is used, so the wildcard rules applies to the argument of -.F krb5_kt_get_entry -too. -On success the returne entry must be freed with -.Fn krb5_kt_free_entry . -Returns 0 or an error. -.Pp -.Fn krb5_kt_read_service_key -reads the key identified by -.Fa ( principal , -.Fa vno , -.Fa enctype ) -from the keytab in -.Fa keyprocarg -(the system default keytab if -.Dv NULL -is used) into -.Fa *key . -.Fa keyprocarg -is the same argument as to -.Fa name -argument to -.Fn krb5_kt_resolve . -Internal -.Fn krb5_kt_compare -will be used, so the same wildcard rules applies -to -.Fn krb5_kt_read_service_key . -On success the returned key must be freed with -.Fa krb5_free_keyblock . -Returns 0 or an error. -.Pp -.Fn krb5_kt_remove_entry -removes the entry -.Fa entry -from the keytab -.Fa id . -When comparing an entry in the keytab to determine a match, the -function -.Fn krb5_kt_compare -is use, so the wildcard rules applies to the argument of -.Fn krb5_kt_remove_entry . -Returns 0, -.Dv KRB5_KT_NOTFOUND -if not entry matched or another error. -.Pp -.Fn krb5_kt_register -registers a new keytab type -.Fa ops . -Returns 0 or an error. -.Sh EXAMPLES -This is a minimalistic version of -.Nm ktutil . -.Pp -.Bd -literal -int -main (int argc, char **argv) -{ - krb5_context context; - krb5_keytab keytab; - krb5_kt_cursor cursor; - krb5_keytab_entry entry; - krb5_error_code ret; - char *principal; - - if (krb5_init_context (&context) != 0) - errx(1, "krb5_context"); - - ret = krb5_kt_default (context, &keytab); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_default"); - - ret = krb5_kt_start_seq_get(context, keytab, &cursor); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_start_seq_get"); - while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0){ - krb5_unparse_name_short(context, entry.principal, &principal); - printf("principal: %s\\n", principal); - free(principal); - krb5_kt_free_entry(context, &entry); - } - ret = krb5_kt_end_seq_get(context, keytab, &cursor); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_end_seq_get"); - ret = krb5_kt_close(context, keytab); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_close"); - krb5_free_context(context); - return 0; -} -.Ed -.Sh COMPATIBILITY -Heimdal stored the ticket flags in machine bit-field order before -Heimdal 0.7. The behavior is possible to change in with the option -.Li [libdefaults]fcc-mit-ticketflags . -Heimdal 0.7 also code to detech that ticket flags was in the wrong -order and correct them. This matters when doing delegation in GSS-API -because the client code looks at the flag to determin if it is possible -to do delegation if the user requested it. -.Sh SEE ALSO -.Xr krb5.conf 5 , -.Xr kerberos 8 diff --git a/lib/krb5/krb5_krbhst_init.3 b/lib/krb5/krb5_krbhst_init.3 index 1d906bfafc0b..8abb00fea494 100644 --- a/lib/krb5/krb5_krbhst_init.3 +++ b/lib/krb5/krb5_krbhst_init.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2001-2005 Kungliga Tekniska Högskolan +.\" Copyright (c) 2001-2005 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_krbhst_init.3 15110 2005-05-10 09:21:06Z lha $ +.\" $Id$ .\" .Dd May 10, 2005 .Dt KRB5_KRBHST_INIT 3 diff --git a/lib/krb5/krb5_krbhst_init.cat3 b/lib/krb5/krb5_krbhst_init.cat3 new file mode 100644 index 000000000000..22bf5b250778 --- /dev/null +++ b/lib/krb5/krb5_krbhst_init.cat3 @@ -0,0 +1,119 @@ + +KRB5_KRBHST_INIT(3) BSD Library Functions Manual KRB5_KRBHST_INIT(3) + +NNAAMMEE + kkrrbb55__kkrrbbhhsstt__iinniitt, kkrrbb55__kkrrbbhhsstt__iinniitt__ffllaaggss, kkrrbb55__kkrrbbhhsstt__nneexxtt, + kkrrbb55__kkrrbbhhsstt__nneexxtt__aass__ssttrriinngg, kkrrbb55__kkrrbbhhsstt__rreesseett, kkrrbb55__kkrrbbhhsstt__ffrreeee, + kkrrbb55__kkrrbbhhsstt__ffoorrmmaatt__ssttrriinngg, kkrrbb55__kkrrbbhhsstt__ggeett__aaddddrriinnffoo -- lookup Kerberos + KDC hosts + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__kkrrbbhhsstt__iinniitt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_r_e_a_l_m, + _u_n_s_i_g_n_e_d _i_n_t _t_y_p_e, _k_r_b_5___k_r_b_h_s_t___h_a_n_d_l_e _*_h_a_n_d_l_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__kkrrbbhhsstt__iinniitt__ffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_r_e_a_l_m, + _u_n_s_i_g_n_e_d _i_n_t _t_y_p_e, _i_n_t _f_l_a_g_s, _k_r_b_5___k_r_b_h_s_t___h_a_n_d_l_e _*_h_a_n_d_l_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__kkrrbbhhsstt__nneexxtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_r_b_h_s_t___h_a_n_d_l_e _h_a_n_d_l_e, + _k_r_b_5___k_r_b_h_s_t___i_n_f_o _*_*_h_o_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__kkrrbbhhsstt__nneexxtt__aass__ssttrriinngg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___k_r_b_h_s_t___h_a_n_d_l_e _h_a_n_d_l_e, _c_h_a_r _*_h_o_s_t_n_a_m_e, _s_i_z_e___t _h_o_s_t_l_e_n); + + _v_o_i_d + kkrrbb55__kkrrbbhhsstt__rreesseett(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_r_b_h_s_t___h_a_n_d_l_e _h_a_n_d_l_e); + + _v_o_i_d + kkrrbb55__kkrrbbhhsstt__ffrreeee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_r_b_h_s_t___h_a_n_d_l_e _h_a_n_d_l_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__kkrrbbhhsstt__ffoorrmmaatt__ssttrriinngg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _c_o_n_s_t _k_r_b_5___k_r_b_h_s_t___i_n_f_o _*_h_o_s_t, _c_h_a_r _*_h_o_s_t_n_a_m_e, _s_i_z_e___t _h_o_s_t_l_e_n); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__kkrrbbhhsstt__ggeett__aaddddrriinnffoo(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_r_b_h_s_t___i_n_f_o _*_h_o_s_t, + _s_t_r_u_c_t _a_d_d_r_i_n_f_o _*_*_a_i); + +DDEESSCCRRIIPPTTIIOONN + These functions are used to sequence through all Kerberos hosts of a par- + ticular realm and service. The service type can be the KDCs, the adminis- + trative servers, the password changing servers, or the servers for Ker- + beros 4 ticket conversion. + + First a handle to a particular service is obtained by calling + kkrrbb55__kkrrbbhhsstt__iinniitt() (or kkrrbb55__kkrrbbhhsstt__iinniitt__ffllaaggss()) with the _r_e_a_l_m of inter- + est and the type of service to lookup. The _t_y_p_e can be one of: + + KRB5_KRBHST_KDC + KRB5_KRBHST_ADMIN + KRB5_KRBHST_CHANGEPW + KRB5_KRBHST_KRB524 + + The _h_a_n_d_l_e is returned to the caller, and should be passed to the other + functions. + + The _f_l_a_g argument to kkrrbb55__kkrrbbhhsstt__iinniitt__ffllaaggss is the same flags as + kkrrbb55__sseenndd__ttoo__kkddcc__ffllaaggss() uses. Possible values are: + + KRB5_KRBHST_FLAGS_MASTER only talk to master (readwrite) KDC + KRB5_KRBHST_FLAGS_LARGE_MSG this is a large message, so use trans- + port that can handle that. + + For each call to kkrrbb55__kkrrbbhhsstt__nneexxtt() information on a new host is + returned. The former function returns in _h_o_s_t a pointer to a structure + containing information about the host, such as protocol, hostname, and + port: + + typedef struct krb5_krbhst_info { + enum { KRB5_KRBHST_UDP, + KRB5_KRBHST_TCP, + KRB5_KRBHST_HTTP } proto; + unsigned short port; + struct addrinfo *ai; + struct krb5_krbhst_info *next; + char hostname[1]; + } krb5_krbhst_info; + + The related function, kkrrbb55__kkrrbbhhsstt__nneexxtt__aass__ssttrriinngg(), return the same + information as a URL-like string. + + When there are no more hosts, these functions return KRB5_KDC_UNREACH. + + To re-iterate over all hosts, call kkrrbb55__kkrrbbhhsstt__rreesseett() and the next call + to kkrrbb55__kkrrbbhhsstt__nneexxtt() will return the first host. + + When done with the handle, kkrrbb55__kkrrbbhhsstt__ffrreeee() should be called. + + To use a _k_r_b_5___k_r_b_h_s_t___i_n_f_o, there are two functions: + kkrrbb55__kkrrbbhhsstt__ffoorrmmaatt__ssttrriinngg() that will return a printable representation + of that struct and kkrrbb55__kkrrbbhhsstt__ggeett__aaddddrriinnffoo() that will return a _s_t_r_u_c_t + _a_d_d_r_i_n_f_o that can then be used for communicating with the server men- + tioned. + +EEXXAAMMPPLLEESS + The following code will print the KDCs of the realm ``MY.REALM'': + + krb5_krbhst_handle handle; + char host[MAXHOSTNAMELEN]; + krb5_krbhst_init(context, "MY.REALM", KRB5_KRBHST_KDC, &handle); + while(krb5_krbhst_next_as_string(context, handle, + host, sizeof(host)) == 0) + printf("%s\n", host); + krb5_krbhst_free(context, handle); + +SSEEEE AALLSSOO + getaddrinfo(3), krb5_get_krbhst(3), krb5_send_to_kdc_flags(3) + +HHIISSTTOORRYY + These functions first appeared in Heimdal 0.3g. + +HEIMDAL May 10, 2005 HEIMDAL diff --git a/lib/krb5/krb5_kuserok.3 b/lib/krb5/krb5_kuserok.3 deleted file mode 100644 index e5e5c9937de3..000000000000 --- a/lib/krb5/krb5_kuserok.3 +++ /dev/null @@ -1,103 +0,0 @@ -.\" Copyright (c) 2003-2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_kuserok.3 15083 2005-05-04 12:11:22Z joda $ -.\" -.Dd May 4, 2005 -.Dt KRB5_KUSEROK 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_kuserok -.Nd "checks if a principal is permitted to login as a user" -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_boolean -.Fo krb5_kuserok -.Fa "krb5_context context" -.Fa "krb5_principal principal" -.Fa "const char *user" -.Fc -.Sh DESCRIPTION -This function takes the name of a local -.Fa user -and checks if -.Fa principal -is allowed to log in as that user. -.Pp -The -.Fa user -may have a -.Pa ~/.k5login -file listing principals that are allowed to login as that user. If -that file does not exist, all principals with a first component -identical to the username, and a realm considered local, are allowed -access. -.Pp -The -.Pa .k5login -file must contain one principal per line, be owned by -.Fa user , -and not be writable by group or other (but must be readable by -anyone). -.Pp -Note that if the file exists, no implicit access rights are given to -.Fa user Ns @ Ns Aq localrealm . -.Pp -Optionally, a set of files may be put in -.Pa ~/.k5login.d ( Ns -a directory), in which case they will all be checked in the same -manner as -.Pa .k5login . -The files may be called anything, but files starting with a hash -.Dq ( # ) , -or ending with a tilde -.Dq ( ~ ) -are ignored. Subdirectories are not traversed. Note that this -directory may not be checked by other implementations. -.Sh RETURN VALUES -.Nm -returns -.Dv TRUE -if access should be granted, -.Dv FALSE -otherwise. -.Sh HISTORY -The -.Pa ~/.k5login.d -feature appeared in Heimdal 0.7. -.Sh SEE ALSO -.Xr krb5_get_default_realms 3 , -.Xr krb5_verify_user 3 , -.Xr krb5_verify_user_lrealm 3 , -.Xr krb5_verify_user_opt 3 , -.Xr krb5.conf 5 diff --git a/lib/krb5/krb5_locl.h b/lib/krb5/krb5_locl.h index 8b7c41cc80d9..d0c68927ffbd 100644 --- a/lib/krb5/krb5_locl.h +++ b/lib/krb5/krb5_locl.h @@ -1,44 +1,44 @@ /* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: krb5_locl.h 22226 2007-12-08 21:31:53Z lha $ */ +/* $Id$ */ #ifndef __KRB5_LOCL_H__ #define __KRB5_LOCL_H__ -#ifdef HAVE_CONFIG_H #include -#endif #include #include @@ -47,6 +47,8 @@ #include #include +#include + #ifdef HAVE_SYS_TYPES_H #include #endif @@ -116,6 +118,21 @@ struct sockaddr_dl; #include #endif +#include + +#include + +#define HEIMDAL_TEXTDOMAIN "heimdal_krb5" + +#ifdef LIBINTL +#include +#define N_(x,y) dgettext(HEIMDAL_TEXTDOMAIN, x) +#else +#define N_(x,y) (x) +#define bindtextdomain(package, localedir) +#endif + + #ifdef HAVE_CRYPT_H #undef des_encrypt #define des_encrypt wingless_pigs_mostly_fail_to_fly @@ -131,6 +148,9 @@ struct sockaddr_dl; #include #include +#include + +#define HC_DEPRECATED_CRYPTO #include "crypto-headers.h" @@ -139,9 +159,11 @@ struct sockaddr_dl; struct send_to_kdc; /* XXX glue for pkinit */ +struct hx509_certs_data; struct krb5_pk_identity; struct krb5_pk_cert; struct ContentInfo; +struct AlgorithmIdentifier; typedef struct krb5_pk_init_ctx_data *krb5_pk_init_ctx; struct krb5_dh_moduli; @@ -154,8 +176,11 @@ struct _krb5_krb_auth_data; #include #include #ifdef PKINIT -#include +#include #endif + +#include "crypto.h" + #include #include "heim_threads.h" @@ -163,17 +188,37 @@ struct _krb5_krb_auth_data; #define ALLOC(X, N) (X) = calloc((N), sizeof(*(X))) #define ALLOC_SEQ(X, N) do { (X)->len = (N); ALLOC((X)->val, (N)); } while(0) +#ifndef __func__ +#define __func__ "unknown-function" +#endif + +#define krb5_einval(context, argnum) _krb5_einval((context), __func__, (argnum)) + +#ifndef PATH_SEP +#define PATH_SEP ":" +#endif + /* should this be public? */ -#define KEYTAB_DEFAULT "ANY:FILE:" SYSCONFDIR "/krb5.keytab,krb4:" SYSCONFDIR "/srvtab" +#define KEYTAB_DEFAULT "FILE:" SYSCONFDIR "/krb5.keytab" #define KEYTAB_DEFAULT_MODIFY "FILE:" SYSCONFDIR "/krb5.keytab" + #define MODULI_FILE SYSCONFDIR "/krb5.moduli" #ifndef O_BINARY #define O_BINARY 0 #endif -#define KRB5_BUFSIZ 1024 +#ifndef O_CLOEXEC +#define O_CLOEXEC 0 +#endif + +#ifndef SOCK_CLOEXEC +#define SOCK_CLOEXEC 0 +#endif + + +#define KRB5_BUFSIZ 2048 typedef enum { KRB5_INIT_CREDS_TRISTATE_UNSET = 0, @@ -190,16 +235,25 @@ struct _krb5_get_init_creds_opt_private { krb5_get_init_creds_tristate req_pac; /* PKINIT */ krb5_pk_init_ctx pk_init_ctx; - KRB_ERROR *error; krb5_get_init_creds_tristate addressless; int flags; #define KRB5_INIT_CREDS_CANONICALIZE 1 #define KRB5_INIT_CREDS_NO_C_CANON_CHECK 2 +#define KRB5_INIT_CREDS_NO_C_NO_EKU_CHECK 4 + struct { + krb5_gic_process_last_req func; + void *ctx; + } lr; }; +typedef uint32_t krb5_enctype_set; + typedef struct krb5_context_data { krb5_enctype *etypes; - krb5_enctype *etypes_des; + krb5_enctype *etypes_des;/* deprecated */ + krb5_enctype *as_etypes; + krb5_enctype *tgs_etypes; + krb5_enctype *permitted_enctypes; char **default_realms; time_t max_skew; time_t kdc_timeout; @@ -209,7 +263,8 @@ typedef struct krb5_context_data { krb5_config_section *cf; struct et_list *et_list; struct krb5_log_facility *warn_dest; - krb5_cc_ops *cc_ops; + struct krb5_log_facility *debug_dest; + const krb5_cc_ops **cc_ops; int num_cc_ops; const char *http_proxy; const char *time_fmt; @@ -227,7 +282,7 @@ typedef struct krb5_context_data { struct krb5_keytab_data *kt_types; /* registered keytab types */ const char *date_fmt; char *error_string; - char error_buf[256]; + krb5_error_code error_code; krb5_addresses *ignore_addresses; char *default_cc_name; char *default_cc_name_env; @@ -237,16 +292,29 @@ typedef struct krb5_context_data { int flags; #define KRB5_CTX_F_DNS_CANONICALIZE_HOSTNAME 1 #define KRB5_CTX_F_CHECK_PAC 2 +#define KRB5_CTX_F_HOMEDIR_ACCESS 4 +#define KRB5_CTX_F_SOCKETS_INITIALIZED 8 +#define KRB5_CTX_F_RD_REQ_IGNORE 16 struct send_to_kdc *send_to_kdc; +#ifdef PKINIT + hx509_context hx509ctx; +#endif } krb5_context_data; +#ifndef KRB5_USE_PATH_TOKENS #define KRB5_DEFAULT_CCNAME_FILE "FILE:/tmp/krb5cc_%{uid}" +#else +#define KRB5_DEFAULT_CCNAME_FILE "FILE:%{TEMP}/krb5cc_%{uid}" +#endif #define KRB5_DEFAULT_CCNAME_API "API:" -#define KRB5_DEFAULT_CCNAME_KCM "KCM:%{uid}" +#define KRB5_DEFAULT_CCNAME_KCM_KCM "KCM:%{uid}" +#define KRB5_DEFAULT_CCNAME_KCM_API "API:%{uid}" #define EXTRACT_TICKET_ALLOW_CNAME_MISMATCH 1 #define EXTRACT_TICKET_ALLOW_SERVER_MISMATCH 2 #define EXTRACT_TICKET_MATCH_REALM 4 +#define EXTRACT_TICKET_AS_REQ 8 +#define EXTRACT_TICKET_TIMESYNC 16 /* * Configurable options @@ -264,4 +332,28 @@ typedef struct krb5_context_data { #define KRB5_ADDRESSLESS_DEFAULT TRUE #endif +#ifndef KRB5_FORWARDABLE_DEFAULT +#define KRB5_FORWARDABLE_DEFAULT TRUE +#endif + +#ifdef PKINIT + +struct krb5_pk_identity { + hx509_verify_ctx verify_ctx; + hx509_certs certs; + hx509_cert cert; + hx509_certs anchors; + hx509_certs certpool; + hx509_revoke_ctx revokectx; + int flags; +#define PKINIT_BTMM 1 +}; + +enum krb5_pk_type { + PKINIT_WIN2K = 1, + PKINIT_27 = 2 +}; + +#endif /* PKINIT */ + #endif /* __KRB5_LOCL_H__ */ diff --git a/lib/krb5/krb5_mk_req.3 b/lib/krb5/krb5_mk_req.3 index e37d8e7e975f..41701b02992a 100644 --- a/lib/krb5/krb5_mk_req.3 +++ b/lib/krb5/krb5_mk_req.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2005 Kungliga Tekniska Högskolan +.\" Copyright (c) 2005 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_mk_req.3 16100 2005-09-26 05:38:55Z lha $ +.\" $Id$ .\" .Dd August 27, 2005 .Dt KRB5_MK_REQ 3 @@ -123,7 +123,7 @@ or .Dv NULL passed in, in that case, it will be allocated and freed internally. .Pp -The input data +The input data .Fa in_data will have a checksum calculated over it and checksum will be transported in the message to the server. diff --git a/lib/krb5/krb5_mk_req.cat3 b/lib/krb5/krb5_mk_req.cat3 new file mode 100644 index 000000000000..9d36e6a2bb82 --- /dev/null +++ b/lib/krb5/krb5_mk_req.cat3 @@ -0,0 +1,89 @@ + +KRB5_MK_REQ(3) BSD Library Functions Manual KRB5_MK_REQ(3) + +NNAAMMEE + kkrrbb55__mmkk__rreeqq, kkrrbb55__mmkk__rreeqq__eexxaacctt, kkrrbb55__mmkk__rreeqq__eexxtteennddeedd, kkrrbb55__rrdd__rreeqq, + kkrrbb55__rrdd__rreeqq__wwiitthh__kkeeyybblloocckk, kkrrbb55__mmkk__rreepp, kkrrbb55__mmkk__rreepp__eexxaacctt, + kkrrbb55__mmkk__rreepp__eexxtteennddeedd, kkrrbb55__rrdd__rreepp, kkrrbb55__bbuuiilldd__aapp__rreeqq, kkrrbb55__vveerriiffyy__aapp__rreeqq + -- create and read application authentication request + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__mmkk__rreeqq(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _*_a_u_t_h___c_o_n_t_e_x_t, + _c_o_n_s_t _k_r_b_5___f_l_a_g_s _a_p___r_e_q___o_p_t_i_o_n_s, _c_o_n_s_t _c_h_a_r _*_s_e_r_v_i_c_e, + _c_o_n_s_t _c_h_a_r _*_h_o_s_t_n_a_m_e, _k_r_b_5___d_a_t_a _*_i_n___d_a_t_a, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, + _k_r_b_5___d_a_t_a _*_o_u_t_b_u_f); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__mmkk__rreeqq__eexxtteennddeedd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _*_a_u_t_h___c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___f_l_a_g_s _a_p___r_e_q___o_p_t_i_o_n_s, + _k_r_b_5___d_a_t_a _*_i_n___d_a_t_a, _k_r_b_5___c_r_e_d_s _*_i_n___c_r_e_d_s, _k_r_b_5___d_a_t_a _*_o_u_t_b_u_f); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrdd__rreeqq(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _*_a_u_t_h___c_o_n_t_e_x_t, + _c_o_n_s_t _k_r_b_5___d_a_t_a _*_i_n_b_u_f, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _s_e_r_v_e_r, + _k_r_b_5___k_e_y_t_a_b _k_e_y_t_a_b, _k_r_b_5___f_l_a_g_s _*_a_p___r_e_q___o_p_t_i_o_n_s, + _k_r_b_5___t_i_c_k_e_t _*_*_t_i_c_k_e_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__bbuuiilldd__aapp__rreeqq(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, + _k_r_b_5___c_r_e_d_s _*_c_r_e_d, _k_r_b_5___f_l_a_g_s _a_p___o_p_t_i_o_n_s, _k_r_b_5___d_a_t_a _a_u_t_h_e_n_t_i_c_a_t_o_r, + _k_r_b_5___d_a_t_a _*_r_e_t_d_a_t_a); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__vveerriiffyy__aapp__rreeqq(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _*_a_u_t_h___c_o_n_t_e_x_t, + _k_r_b_5___a_p___r_e_q _*_a_p___r_e_q, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _s_e_r_v_e_r, + _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y_b_l_o_c_k, _k_r_b_5___f_l_a_g_s _f_l_a_g_s, + _k_r_b_5___f_l_a_g_s _*_a_p___r_e_q___o_p_t_i_o_n_s, _k_r_b_5___t_i_c_k_e_t _*_*_t_i_c_k_e_t); + +DDEESSCCRRIIPPTTIIOONN + The functions documented in this manual page document the functions that + facilitates the exchange between a Kerberos client and server. They are + the core functions used in the authentication exchange between the client + and the server. + + The kkrrbb55__mmkk__rreeqq and kkrrbb55__mmkk__rreeqq__eexxtteennddeedd creates the Kerberos message + KRB_AP_REQ that is sent from the client to the server as the first packet + in a client/server exchange. The result that should be sent to server is + stored in _o_u_t_b_u_f. + + _a_u_t_h___c_o_n_t_e_x_t should be allocated with kkrrbb55__aauutthh__ccoonn__iinniitt() or NULL passed + in, in that case, it will be allocated and freed internally. + + The input data _i_n___d_a_t_a will have a checksum calculated over it and check- + sum will be transported in the message to the server. + + _a_p___r_e_q___o_p_t_i_o_n_s can be set to one or more of the following flags: + + AP_OPTS_USE_SESSION_KEY + Use the session key when creating the request, used for user to + user authentication. + + AP_OPTS_MUTUAL_REQUIRED + Mark the request as mutual authenticate required so that the + receiver returns a mutual authentication packet. + + The kkrrbb55__rrdd__rreeqq read the AP_REQ in _i_n_b_u_f and verify and extract the con- + tent. If _s_e_r_v_e_r is specified, that server will be fetched from the + _k_e_y_t_a_b and used unconditionally. If _s_e_r_v_e_r is NULL, the _k_e_y_t_a_b will be + search for a matching principal. + + The _k_e_y_t_a_b argument specifies what keytab to search for receiving princi- + pals. The arguments _a_p___r_e_q___o_p_t_i_o_n_s and _t_i_c_k_e_t returns the content. + + When the AS-REQ is a user to user request, neither of _k_e_y_t_a_b or _p_r_i_n_c_i_p_a_l + are used, instead kkrrbb55__rrdd__rreeqq() expects the session key to be set in + _a_u_t_h___c_o_n_t_e_x_t. + + The kkrrbb55__vveerriiffyy__aapp__rreeqq and kkrrbb55__bbuuiilldd__aapp__rreeqq both constructs and verify + the AP_REQ message, should not be used by external code. + +SSEEEE AALLSSOO + krb5(3), krb5.conf(5) + +HEIMDAL August 27, 2005 HEIMDAL diff --git a/lib/krb5/krb5_mk_safe.3 b/lib/krb5/krb5_mk_safe.3 index 25b65411f80b..e8f45598e481 100644 --- a/lib/krb5/krb5_mk_safe.3 +++ b/lib/krb5/krb5_mk_safe.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003 Kungliga Tekniska Högskolan +.\" Copyright (c) 2003 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_mk_safe.3 17385 2006-05-01 08:48:55Z lha $ +.\" $Id$ .\" .Dd May 1, 2006 .Dt KRB5_MK_SAFE 3 diff --git a/lib/krb5/krb5_mk_safe.cat3 b/lib/krb5/krb5_mk_safe.cat3 new file mode 100644 index 000000000000..5a26fd72d041 --- /dev/null +++ b/lib/krb5/krb5_mk_safe.cat3 @@ -0,0 +1,36 @@ + +KRB5_MK_SAFE(3) BSD Library Functions Manual KRB5_MK_SAFE(3) + +NNAAMMEE + kkrrbb55__mmkk__ssaaffee, kkrrbb55__mmkk__pprriivv -- generates integrity protected and/or + encrypted messages + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__mmkk__pprriivv(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, + _c_o_n_s_t _k_r_b_5___d_a_t_a _*_u_s_e_r_d_a_t_a, _k_r_b_5___d_a_t_a _*_o_u_t_b_u_f, + _k_r_b_5___r_e_p_l_a_y___d_a_t_a _*_o_u_t_d_a_t_a); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__mmkk__ssaaffee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, + _c_o_n_s_t _k_r_b_5___d_a_t_a _*_u_s_e_r_d_a_t_a, _k_r_b_5___d_a_t_a _*_o_u_t_b_u_f, + _k_r_b_5___r_e_p_l_a_y___d_a_t_a _*_o_u_t_d_a_t_a); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__mmkk__ssaaffee() and kkrrbb55__mmkk__pprriivv() formats KRB-SAFE (integrity protected) + and KRB-PRIV (also encrypted) messages into _o_u_t_b_u_f. The actual message + data is taken from _u_s_e_r_d_a_t_a. If the KRB5_AUTH_CONTEXT_DO_SEQUENCE or + KRB5_AUTH_CONTEXT_DO_TIME flags are set in the _a_u_t_h___c_o_n_t_e_x_t, sequence + numbers and time stamps are generated. If the + KRB5_AUTH_CONTEXT_RET_SEQUENCE or KRB5_AUTH_CONTEXT_RET_TIME flags are + set they are also returned in the _o_u_t_d_a_t_a parameter. + +SSEEEE AALLSSOO + krb5_auth_con_init(3), krb5_rd_priv(3), krb5_rd_safe(3) + +HEIMDAL May 1, 2006 HEIMDAL diff --git a/lib/krb5/krb5_openlog.3 b/lib/krb5/krb5_openlog.3 index 4acad4175ae8..28e9a1f4bc88 100644 --- a/lib/krb5/krb5_openlog.3 +++ b/lib/krb5/krb5_openlog.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 1997, 1999, 2001 - 2002 Kungliga Tekniska Högskolan +.\" Copyright (c) 1997, 1999, 2001 - 2002 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_openlog.3 12329 2003-05-26 14:09:04Z lha $ +.\" $Id$ .Dd August 6, 1997 .Dt KRB5_OPENLOG 3 .Os HEIMDAL diff --git a/lib/krb5/krb5_openlog.cat3 b/lib/krb5/krb5_openlog.cat3 new file mode 100644 index 000000000000..2b53b3b8d74b --- /dev/null +++ b/lib/krb5/krb5_openlog.cat3 @@ -0,0 +1,159 @@ + +KRB5_OPENLOG(3) BSD Library Functions Manual KRB5_OPENLOG(3) + +NNAAMMEE + kkrrbb55__iinniittlloogg, kkrrbb55__ooppeennlloogg, kkrrbb55__cclloosseelloogg, kkrrbb55__aaddddlloogg__ddeesstt, + kkrrbb55__aaddddlloogg__ffuunncc, kkrrbb55__lloogg, kkrrbb55__vvlloogg, kkrrbb55__lloogg__mmssgg, kkrrbb55__vvlloogg__mmssgg -- + Heimdal logging functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _t_y_p_e_d_e_f _v_o_i_d + (**kkrrbb55__lloogg__lloogg__ffuunncc__tt)(_c_o_n_s_t _c_h_a_r _*_t_i_m_e, _c_o_n_s_t _c_h_a_r _*_m_e_s_s_a_g_e, + _v_o_i_d _*_d_a_t_a); + + _t_y_p_e_d_e_f _v_o_i_d + (**kkrrbb55__lloogg__cclloossee__ffuunncc__tt)(_v_o_i_d _*_d_a_t_a); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aaddddlloogg__ddeesstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y, + _c_o_n_s_t _c_h_a_r _*_d_e_s_t_i_n_a_t_i_o_n); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__aaddddlloogg__ffuunncc(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y, + _i_n_t _m_i_n, _i_n_t _m_a_x, _k_r_b_5___l_o_g___l_o_g___f_u_n_c___t _l_o_g, + _k_r_b_5___l_o_g___c_l_o_s_e___f_u_n_c___t _c_l_o_s_e, _v_o_i_d _*_d_a_t_a); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cclloosseelloogg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__iinniittlloogg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_p_r_o_g_r_a_m, + _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_*_f_a_c_i_l_i_t_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__lloogg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y, _i_n_t _l_e_v_e_l, + _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _._._.); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__lloogg__mmssgg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y, + _c_h_a_r _*_*_r_e_p_l_y, _i_n_t _l_e_v_e_l, _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _._._.); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ooppeennlloogg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_p_r_o_g_r_a_m, + _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_*_f_a_c_i_l_i_t_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__vvlloogg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y, _i_n_t _l_e_v_e_l, + _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _v_a___l_i_s_t _a_r_g_l_i_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__vvlloogg__mmssgg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y, + _c_h_a_r _*_*_r_e_p_l_y, _i_n_t _l_e_v_e_l, _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _v_a___l_i_s_t _a_r_g_l_i_s_t); + +DDEESSCCRRIIPPTTIIOONN + These functions logs messages to one or more destinations. + + The kkrrbb55__ooppeennlloogg() function creates a logging _f_a_c_i_l_i_t_y, that is used to + log messages. A facility consists of one or more destinations (which can + be files or syslog or some other device). The _p_r_o_g_r_a_m parameter should be + the generic name of the program that is doing the logging. This name is + used to lookup which destinations to use. This information is contained + in the logging section of the _k_r_b_5_._c_o_n_f configuration file. If no entry + is found for _p_r_o_g_r_a_m, the entry for default is used, or if that is miss- + ing too, SYSLOG will be used as destination. + + To close a logging facility, use the kkrrbb55__cclloosseelloogg() function. + + To log a message to a facility use one of the functions kkrrbb55__lloogg(), + kkrrbb55__lloogg__mmssgg(), kkrrbb55__vvlloogg(), or kkrrbb55__vvlloogg__mmssgg(). The functions ending in + _msg return in _r_e_p_l_y a pointer to the message that just got logged. This + string is allocated, and should be freed with ffrreeee(). The _f_o_r_m_a_t is a + standard pprriinnttff() style format string (but see the BUGS section). + + If you want better control of where things gets logged, you can instead + of using kkrrbb55__ooppeennlloogg() call kkrrbb55__iinniittlloogg(), which just initializes a + facility, but doesn't define any actual logging destinations. You can + then add destinations with the kkrrbb55__aaddddlloogg__ddeesstt() and kkrrbb55__aaddddlloogg__ffuunncc() + functions. The first of these takes a string specifying a logging desti- + nation, and adds this to the facility. If you want to do some non-stan- + dard logging you can use the kkrrbb55__aaddddlloogg__ffuunncc() function, which takes a + function to use when logging. The _l_o_g function is called for each mes- + sage with _t_i_m_e being a string specifying the current time, and _m_e_s_s_a_g_e + the message to log. _c_l_o_s_e is called when the facility is closed. You can + pass application specific data in the _d_a_t_a parameter. The _m_i_n and _m_a_x + parameter are the same as in a destination (defined below). To specify a + max of infinity, pass -1. + + kkrrbb55__ooppeennlloogg() calls kkrrbb55__iinniittlloogg() and then calls kkrrbb55__aaddddlloogg__ddeesstt() for + each destination found. + + DDeessttiinnaattiioonnss + The defined destinations (as specified in _k_r_b_5_._c_o_n_f) follows: + + STDERR + This logs to the program's stderr. + + FILE:_/_f_i_l_e + + FILE=_/_f_i_l_e + Log to the specified file. The form using a colon appends to + the file, the form with an equal truncates the file. The trun- + cating form keeps the file open, while the appending form + closes it after each log message (which makes it possible to + rotate logs). The truncating form is mainly for compatibility + with the MIT libkrb5. + + DEVICE=_/_d_e_v_i_c_e + This logs to the specified device, at present this is the same + as FILE:/device. + + CONSOLE + Log to the console, this is the same as DEVICE=/dev/console. + + SYSLOG[:priority[:facility]] + Send messages to the syslog system, using priority, and facil- + ity. To get the name for one of these, you take the name of + the macro passed to syslog(3), and remove the leading LOG_ + (LOG_NOTICE becomes NOTICE). The default values (as well as + the values used for unrecognised values), are ERR, and AUTH, + respectively. See syslog(3) for a list of priorities and + facilities. + + Each destination may optionally be prepended with a range of logging lev- + els, specified as min-max/. If the _l_e_v_e_l parameter to kkrrbb55__lloogg() is + within this range (inclusive) the message gets logged to this destina- + tion, otherwise not. Either of the min and max valued may be omitted, in + this case min is assumed to be zero, and max is assumed to be infinity. + If you don't include a dash, both min and max gets set to the specified + value. If no range is specified, all messages gets logged. + +EEXXAAMMPPLLEESS + [logging] + kdc = 0/FILE:/var/log/kdc.log + kdc = 1-/SYSLOG:INFO:USER + default = STDERR + + This will log all messages from the kkddcc program with level 0 to + _/_v_a_r_/_l_o_g_/_k_d_c_._l_o_g, other messages will be logged to syslog with priority + LOG_INFO, and facility LOG_USER. All other programs will log all mes- + sages to their stderr. + +SSEEEE AALLSSOO + syslog(3), krb5.conf(5) + +BBUUGGSS + These functions use aasspprriinnttff() to format the message. If your operating + system does not have a working aasspprriinnttff(), a replacement will be used. At + present this replacement does not handle some correct conversion specifi- + cations (like floating point numbers). Until this is fixed, the use of + these conversions should be avoided. + + If logging is done to the syslog facility, these functions might not be + thread-safe, depending on the implementation of ooppeennlloogg(), and ssyysslloogg(). + +HEIMDAL August 6, 1997 HEIMDAL diff --git a/lib/krb5/krb5_parse_name.3 b/lib/krb5/krb5_parse_name.3 index e876ee3cb0b3..eb4a2d28c562 100644 --- a/lib/krb5/krb5_parse_name.3 +++ b/lib/krb5/krb5_parse_name.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 1997 Kungliga Tekniska Högskolan +.\" Copyright (c) 1997 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_parse_name.3 17385 2006-05-01 08:48:55Z lha $ +.\" $Id$ .\" .Dd May 1, 2006 .Dt KRB5_PARSE_NAME 3 diff --git a/lib/krb5/krb5_parse_name.cat3 b/lib/krb5/krb5_parse_name.cat3 new file mode 100644 index 000000000000..47021d33cc2d --- /dev/null +++ b/lib/krb5/krb5_parse_name.cat3 @@ -0,0 +1,31 @@ + +KRB5_PARSE_NAME(3) BSD Library Functions Manual KRB5_PARSE_NAME(3) + +NNAAMMEE + kkrrbb55__ppaarrssee__nnaammee -- string to principal conversion + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ppaarrssee__nnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_n_a_m_e, + _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__ppaarrssee__nnaammee() converts a string representation of a principal name to + kkrrbb55__pprriinncciippaall. The _p_r_i_n_c_i_p_a_l will point to allocated data that should + be freed with kkrrbb55__ffrreeee__pprriinncciippaall(). + + The string should consist of one or more name components separated with + slashes (``/''), optionally followed with an ``@'' and a realm name. A + slash or @ may be contained in a name component by quoting it with a + backslash (``\''). A realm should not contain slashes or colons. + +SSEEEE AALLSSOO + krb5_425_conv_principal(3), krb5_build_principal(3), + krb5_free_principal(3), krb5_sname_to_principal(3), krb5_unparse_name(3) + +HEIMDAL May 1, 2006 HEIMDAL diff --git a/lib/krb5/krb5_principal.3 b/lib/krb5/krb5_principal.3 index 1b0c2da32a97..2998130a80e3 100644 --- a/lib/krb5/krb5_principal.3 +++ b/lib/krb5/krb5_principal.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan +.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_principal.3 21255 2007-06-21 04:36:31Z lha $ +.\" $Id$ .\" .Dd May 1, 2006 .Dt KRB5_PRINCIPAL 3 @@ -47,7 +47,6 @@ .Nm krb5_parse_name , .Nm krb5_parse_name_flags , .Nm krb5_parse_nametype , -.Nm krb5_princ_realm , .Nm krb5_princ_set_realm , .Nm krb5_principal_compare , .Nm krb5_principal_compare_any_realm , @@ -90,8 +89,6 @@ Kerberos 5 Library (libkrb5, -lkrb5) .Fn "krb5_unparse_name_short" "krb5_context context" "krb5_const_principal principal" "char **name" .Ft krb5_error_code .Fn krb5_unparse_name_fixed_short "krb5_context context" "krb5_const_principal principal" "char *name" "size_t len" -.Ft krb5_realm * -.Fn krb5_princ_realm "krb5_context context" "krb5_principal principal" .Ft void .Fn krb5_princ_set_realm "krb5_context context" "krb5_principal principal" "krb5_realm *realm" .Ft krb5_error_code @@ -158,12 +155,12 @@ takes an extra argument the following flags can be passed in .Bl -tag -width Ds .It Dv KRB5_PRINCIPAL_PARSE_NO_REALM -requries the input string to be without a realm, and no realm is +requires the input string to be without a realm, and no realm is stored in the .Fa principal return argument. -.It Dv KRB5_PRINCIPAL_PARSE_MUST_REALM -requries the input string to with a realm. +.It Dv KRB5_PRINCIPAL_PARSE_REQUIRE_REALM +requires the input string to with a realm. .El .Pp .Fn krb5_unparse_name @@ -176,7 +173,7 @@ to the string .Fa name should be freed with .Xr free 3 . -To the +To the .Fa flags argument the following flags can be passed in .Bl -tag -width Ds @@ -287,7 +284,6 @@ is returned. and .Fn krb5_principal_get_comp_string are replacements for -.Fn krb5_princ_realm , .Fn krb5_princ_component and related macros, described as internal in the MIT API specification. @@ -309,14 +305,6 @@ get and sets the name type for a principal. Name type handling is tricky and not often needed, don't use this unless you know what you do. .Pp -.Fn krb5_princ_realm -returns the realm component of the principal. -The caller must not free realm unless -.Fn krb5_princ_set_realm -is called to set a new realm after freeing the realm. -.Fn krb5_princ_set_realm -sets the realm component of a principal. The old realm is not freed. -.Pp .Fn krb5_sname_to_principal and .Fn krb5_sock_to_principal diff --git a/lib/krb5/krb5_principal.cat3 b/lib/krb5/krb5_principal.cat3 new file mode 100644 index 000000000000..33ab1505da43 --- /dev/null +++ b/lib/krb5/krb5_principal.cat3 @@ -0,0 +1,260 @@ + +KRB5_PRINCIPAL(3) BSD Library Functions Manual KRB5_PRINCIPAL(3) + +NNAAMMEE + kkrrbb55__ggeett__ddeeffaauulltt__pprriinncciippaall, kkrrbb55__pprriinncciippaall, kkrrbb55__bbuuiilldd__pprriinncciippaall, + kkrrbb55__bbuuiilldd__pprriinncciippaall__eexxtt, kkrrbb55__bbuuiilldd__pprriinncciippaall__vvaa, + kkrrbb55__bbuuiilldd__pprriinncciippaall__vvaa__eexxtt, kkrrbb55__ccooppyy__pprriinncciippaall, kkrrbb55__ffrreeee__pprriinncciippaall, + kkrrbb55__mmaakkee__pprriinncciippaall, kkrrbb55__ppaarrssee__nnaammee, kkrrbb55__ppaarrssee__nnaammee__ffllaaggss, + kkrrbb55__ppaarrssee__nnaammeettyyppee, kkrrbb55__pprriinncc__sseett__rreeaallmm, kkrrbb55__pprriinncciippaall__ccoommppaarree, + kkrrbb55__pprriinncciippaall__ccoommppaarree__aannyy__rreeaallmm, kkrrbb55__pprriinncciippaall__ggeett__ccoommpp__ssttrriinngg, + kkrrbb55__pprriinncciippaall__ggeett__rreeaallmm, kkrrbb55__pprriinncciippaall__ggeett__ttyyppee, kkrrbb55__pprriinncciippaall__mmaattcchh, + kkrrbb55__pprriinncciippaall__sseett__ttyyppee, kkrrbb55__rreeaallmm__ccoommppaarree, kkrrbb55__ssnnaammee__ttoo__pprriinncciippaall, + kkrrbb55__ssoocckk__ttoo__pprriinncciippaall, kkrrbb55__uunnppaarrssee__nnaammee, kkrrbb55__uunnppaarrssee__nnaammee__ffllaaggss, + kkrrbb55__uunnppaarrssee__nnaammee__ffiixxeedd, kkrrbb55__uunnppaarrssee__nnaammee__ffiixxeedd__ffllaaggss, + kkrrbb55__uunnppaarrssee__nnaammee__ffiixxeedd__sshhoorrtt, kkrrbb55__uunnppaarrssee__nnaammee__sshhoorrtt -- Kerberos 5 + principal handling functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + krb5_principal; + + _v_o_i_d + kkrrbb55__ffrreeee__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ppaarrssee__nnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_n_a_m_e, + _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ppaarrssee__nnaammee__ffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_n_a_m_e, _i_n_t _f_l_a_g_s, + _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__uunnppaarrssee__nnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, + _c_h_a_r _*_*_n_a_m_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__uunnppaarrssee__nnaammee__ffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _i_n_t _f_l_a_g_s, _c_h_a_r _*_*_n_a_m_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__uunnppaarrssee__nnaammee__ffiixxeedd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _c_h_a_r _*_n_a_m_e, _s_i_z_e___t _l_e_n); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__uunnppaarrssee__nnaammee__ffiixxeedd__ffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _i_n_t _f_l_a_g_s, _c_h_a_r _*_n_a_m_e, _s_i_z_e___t _l_e_n); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__uunnppaarrssee__nnaammee__sshhoorrtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _c_h_a_r _*_*_n_a_m_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__uunnppaarrssee__nnaammee__ffiixxeedd__sshhoorrtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _c_h_a_r _*_n_a_m_e, _s_i_z_e___t _l_e_n); + + _v_o_i_d + kkrrbb55__pprriinncc__sseett__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, + _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__bbuuiilldd__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l, + _i_n_t _r_l_e_n, _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m, _._._.); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__bbuuiilldd__pprriinncciippaall__vvaa(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l, + _i_n_t _r_l_e_n, _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m, _v_a___l_i_s_t _a_p); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__bbuuiilldd__pprriinncciippaall__eexxtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l, + _i_n_t _r_l_e_n, _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m, _._._.); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__bbuuiilldd__pprriinncciippaall__vvaa__eexxtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l, _i_n_t _r_l_e_n, _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m, + _v_a___l_i_s_t _a_p); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__mmaakkee__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l, + _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m, _._._.); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ccooppyy__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _i_n_p_r_i_n_c, + _k_r_b_5___p_r_i_n_c_i_p_a_l _*_o_u_t_p_r_i_n_c); + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__pprriinncciippaall__ccoommppaarree(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_1, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_2); + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__pprriinncciippaall__ccoommppaarree__aannyy__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_1, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_2); + + _c_o_n_s_t _c_h_a_r _* + kkrrbb55__pprriinncciippaall__ggeett__ccoommpp__ssttrriinngg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _u_n_s_i_g_n_e_d _i_n_t _c_o_m_p_o_n_e_n_t); + + _c_o_n_s_t _c_h_a_r _* + kkrrbb55__pprriinncciippaall__ggeett__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l); + + _i_n_t + kkrrbb55__pprriinncciippaall__ggeett__ttyyppee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l); + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__pprriinncciippaall__mmaattcchh(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_a_t_t_e_r_n); + + _v_o_i_d + kkrrbb55__pprriinncciippaall__sseett__ttyyppee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, + _i_n_t _t_y_p_e); + + _k_r_b_5___b_o_o_l_e_a_n + kkrrbb55__rreeaallmm__ccoommppaarree(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_1, + _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_2); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ssnnaammee__ttoo__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_h_o_s_t_n_a_m_e, + _c_o_n_s_t _c_h_a_r _*_s_n_a_m_e, _i_n_t_3_2___t _t_y_p_e, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_r_e_t___p_r_i_n_c); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ssoocckk__ttoo__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t _s_o_c_k_e_t, + _c_o_n_s_t _c_h_a_r _*_s_n_a_m_e, _i_n_t_3_2___t _t_y_p_e, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ddeeffaauulltt__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ppaarrssee__nnaammeettyyppee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_s_t_r, + _i_n_t_3_2___t _*_t_y_p_e); + +DDEESSCCRRIIPPTTIIOONN + krb5_principal holds the name of a user or service in Kerberos. + + A principal has two parts, a PrincipalName and a realm. The Principal- + Name consists of one or more components. In printed form, the components + are separated by /. The PrincipalName also has a name-type. + + Examples of a principal are nisse/root@EXAMPLE.COM and + host/datan.kth.se@KTH.SE. kkrrbb55__ppaarrssee__nnaammee() and kkrrbb55__ppaarrssee__nnaammee__ffllaaggss() + passes a principal name in _n_a_m_e to the kerberos principal structure. + kkrrbb55__ppaarrssee__nnaammee__ffllaaggss() takes an extra _f_l_a_g_s argument the following flags + can be passed in + + KRB5_PRINCIPAL_PARSE_NO_REALM + requires the input string to be without a realm, and no realm is + stored in the _p_r_i_n_c_i_p_a_l return argument. + + KRB5_PRINCIPAL_PARSE_REQUIRE_REALM + requires the input string to with a realm. + + kkrrbb55__uunnppaarrssee__nnaammee() and kkrrbb55__uunnppaarrssee__nnaammee__ffllaaggss() prints the principal + _p_r_i_n_c to the string _n_a_m_e. _n_a_m_e should be freed with free(3). To the + _f_l_a_g_s argument the following flags can be passed in + + KRB5_PRINCIPAL_UNPARSE_SHORT + no realm if the realm is one of the local realms. + + KRB5_PRINCIPAL_UNPARSE_NO_REALM + never include any realm in the principal name. + + KRB5_PRINCIPAL_UNPARSE_DISPLAY + don't quote + On failure _n_a_m_e is set to NULL. kkrrbb55__uunnppaarrssee__nnaammee__ffiixxeedd() and + kkrrbb55__uunnppaarrssee__nnaammee__ffiixxeedd__ffllaaggss() behaves just like kkrrbb55__uunnppaarrssee(), but + instead unparses the principal into a fixed size buffer. + + kkrrbb55__uunnppaarrssee__nnaammee__sshhoorrtt() just returns the principal without the realm if + the principal is in the default realm. If the principal isn't, the full + name is returned. kkrrbb55__uunnppaarrssee__nnaammee__ffiixxeedd__sshhoorrtt() works just like + kkrrbb55__uunnppaarrssee__nnaammee__sshhoorrtt() but on a fixed size buffer. + + kkrrbb55__bbuuiilldd__pprriinncciippaall() builds a principal from the realm _r_e_a_l_m that has + the length _r_l_e_n. The following arguments form the components of the + principal. The list of components is terminated with NULL. + + kkrrbb55__bbuuiilldd__pprriinncciippaall__vvaa() works like kkrrbb55__bbuuiilldd__pprriinncciippaall() using vargs. + + kkrrbb55__bbuuiilldd__pprriinncciippaall__eexxtt() and kkrrbb55__bbuuiilldd__pprriinncciippaall__vvaa__eexxtt() take a list + of length-value pairs, the list is terminated with a zero length. + + kkrrbb55__mmaakkee__pprriinncciippaall() works the same way as kkrrbb55__bbuuiilldd__pprriinncciippaall(), + except it figures out the length of the realm itself. + + kkrrbb55__ccooppyy__pprriinncciippaall() makes a copy of a principal. The copy needs to be + freed with kkrrbb55__ffrreeee__pprriinncciippaall(). + + kkrrbb55__pprriinncciippaall__ccoommppaarree() compares the two principals, including realm of + the principals and returns TRUE if they are the same and FALSE if not. + + kkrrbb55__pprriinncciippaall__ccoommppaarree__aannyy__rreeaallmm() works the same way as + kkrrbb55__pprriinncciippaall__ccoommppaarree() but doesn't compare the realm component of the + principal. + + kkrrbb55__rreeaallmm__ccoommppaarree() compares the realms of the two principals and + returns TRUE is they are the same, and FALSE if not. + + kkrrbb55__pprriinncciippaall__mmaattcchh() matches a _p_r_i_n_c_i_p_a_l against a _p_a_t_t_e_r_n. The pat- + tern is a globbing expression, where each component (separated by /) is + matched against the corresponding component of the principal. + + The kkrrbb55__pprriinncciippaall__ggeett__rreeaallmm() and kkrrbb55__pprriinncciippaall__ggeett__ccoommpp__ssttrriinngg() func- + tions return parts of the _p_r_i_n_c_i_p_a_l, either the realm or a specific com- + ponent. Both functions return string pointers to data inside the princi- + pal, so they are valid only as long as the principal exists. + + The _c_o_m_p_o_n_e_n_t argument to kkrrbb55__pprriinncciippaall__ggeett__ccoommpp__ssttrriinngg() is the index + of the component to return, from zero to the total number of components + minus one. If the index is out of range NULL is returned. + + kkrrbb55__pprriinncciippaall__ggeett__rreeaallmm() and kkrrbb55__pprriinncciippaall__ggeett__ccoommpp__ssttrriinngg() are + replacements for kkrrbb55__pprriinncc__ccoommppoonneenntt() and related macros, described as + internal in the MIT API specification. Unlike the macros, these func- + tions return strings, not krb5_data. A reason to return krb5_data was + that it was believed that principal components could contain binary data, + but this belief was unfounded, and it has been decided that principal + components are infact UTF8, so it's safe to use zero terminated strings. + + It's generally not necessary to look at the components of a principal. + + kkrrbb55__pprriinncciippaall__ggeett__ttyyppee() and kkrrbb55__pprriinncciippaall__sseett__ttyyppee() get and sets the + name type for a principal. Name type handling is tricky and not often + needed, don't use this unless you know what you do. + + kkrrbb55__ssnnaammee__ttoo__pprriinncciippaall() and kkrrbb55__ssoocckk__ttoo__pprriinncciippaall() are for easy cre- + ation of ``service'' principals that can, for instance, be used to lookup + a key in a keytab. For both functions the _s_n_a_m_e parameter will be used + for the first component of the created principal. If _s_n_a_m_e is NULL, + ``host'' will be used instead. + + kkrrbb55__ssnnaammee__ttoo__pprriinncciippaall() will use the passed _h_o_s_t_n_a_m_e for the second + component. If _t_y_p_e is KRB5_NT_SRV_HST this name will be looked up with + ggeetthhoossttbbyynnaammee(). If _h_o_s_t_n_a_m_e is NULL, the local hostname will be used. + + kkrrbb55__ssoocckk__ttoo__pprriinncciippaall() will use the ``sockname'' of the passed _s_o_c_k_e_t, + which should be a bound AF_INET or AF_INET6 socket. There must be a map- + ping between the address and ``sockname''. The function may try to + resolve the name in DNS. + + kkrrbb55__ggeett__ddeeffaauulltt__pprriinncciippaall() tries to find out what's a reasonable + default principal by looking at the environment it is running in. + + kkrrbb55__ppaarrssee__nnaammeettyyppee() parses and returns the name type integer value in + _t_y_p_e. On failure the function returns an error code and set the error + string. + +SSEEEE AALLSSOO + krb5_425_conv_principal(3), krb5_config(3), krb5.conf(5) + +BBUUGGSS + You can not have a NUL in a component in some of the variable argument + functions above. Until someone can give a good example of where it would + be a good idea to have NUL's in a component, this will not be fixed. + +HEIMDAL May 1, 2006 HEIMDAL diff --git a/lib/krb5/krb5_rcache.3 b/lib/krb5/krb5_rcache.3 index 0b7e83aa0717..5b121b80c6d5 100644 --- a/lib/krb5/krb5_rcache.3 +++ b/lib/krb5/krb5_rcache.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_rcache.3 17462 2006-05-05 13:18:39Z lha $ +.\" $Id$ .\" .Dd May 1, 2006 .Dt KRB5_RCACHE 3 diff --git a/lib/krb5/krb5_rcache.cat3 b/lib/krb5/krb5_rcache.cat3 new file mode 100644 index 000000000000..84631967a1fa --- /dev/null +++ b/lib/krb5/krb5_rcache.cat3 @@ -0,0 +1,84 @@ + +KRB5_RCACHE(3) BSD Library Functions Manual KRB5_RCACHE(3) + +NNAAMMEE + kkrrbb55__rrccaacchhee, kkrrbb55__rrcc__cclloossee, kkrrbb55__rrcc__ddeeffaauulltt, kkrrbb55__rrcc__ddeeffaauulltt__nnaammee, + kkrrbb55__rrcc__ddeeffaauulltt__ttyyppee, kkrrbb55__rrcc__ddeessttrrooyy, kkrrbb55__rrcc__eexxppuunnggee, + kkrrbb55__rrcc__ggeett__lliiffeessppaann, kkrrbb55__rrcc__ggeett__nnaammee, kkrrbb55__rrcc__ggeett__ttyyppee, + kkrrbb55__rrcc__iinniittiiaalliizzee, kkrrbb55__rrcc__rreeccoovveerr, kkrrbb55__rrcc__rreessoollvvee, + kkrrbb55__rrcc__rreessoollvvee__ffuullll, kkrrbb55__rrcc__rreessoollvvee__ttyyppee, kkrrbb55__rrcc__ssttoorree, + kkrrbb55__ggeett__sseerrvveerr__rrccaacchhee -- Kerberos 5 replay cache + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + struct krb5_rcache; + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrcc__cclloossee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _i_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrcc__ddeeffaauulltt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _*_i_d); + + _c_o_n_s_t _c_h_a_r _* + kkrrbb55__rrcc__ddeeffaauulltt__nnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t); + + _c_o_n_s_t _c_h_a_r _* + kkrrbb55__rrcc__ddeeffaauulltt__ttyyppee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrcc__ddeessttrrooyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _i_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrcc__eexxppuunnggee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _i_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrcc__ggeett__lliiffeessppaann(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _i_d, + _k_r_b_5___d_e_l_t_a_t _*_a_u_t_h___l_i_f_e_s_p_a_n); + + _c_o_n_s_t _c_h_a_r_* + kkrrbb55__rrcc__ggeett__nnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _i_d); + + _c_o_n_s_t _c_h_a_r_* + kkrrbb55__rrcc__ggeett__ttyyppee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _i_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrcc__iinniittiiaalliizzee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _i_d, + _k_r_b_5___d_e_l_t_a_t _a_u_t_h___l_i_f_e_s_p_a_n); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrcc__rreeccoovveerr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _i_d); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrcc__rreessoollvvee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _i_d, _c_o_n_s_t _c_h_a_r _*_n_a_m_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrcc__rreessoollvvee__ffuullll(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _*_i_d, + _c_o_n_s_t _c_h_a_r _*_s_t_r_i_n_g___n_a_m_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrcc__rreessoollvvee__ttyyppee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _*_i_d, + _c_o_n_s_t _c_h_a_r _*_t_y_p_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrcc__ssttoorree(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_c_a_c_h_e _i_d, + _k_r_b_5___d_o_n_o_t___r_e_p_l_a_y _*_r_e_p); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__sseerrvveerr__rrccaacchhee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___d_a_t_a _*_p_i_e_c_e, + _k_r_b_5___r_c_a_c_h_e _*_i_d); + +DDEESSCCRRIIPPTTIIOONN + The krb5_rcache structure holds a storage element that is used for data + manipulation. The structure contains no public accessible elements. + + kkrrbb55__rrcc__iinniittiiaalliizzee() Creates the reply cache _i_d and sets it lifespan to + _a_u_t_h___l_i_f_e_s_p_a_n. If the cache already exists, the content is destroyed. + +SSEEEE AALLSSOO + krb5(3), krb5_data(3), kerberos(8) + +HEIMDAL May 1, 2006 HEIMDAL diff --git a/lib/krb5/krb5_rd_error.3 b/lib/krb5/krb5_rd_error.3 index 00203cdae240..19c092e650be 100644 --- a/lib/krb5/krb5_rd_error.3 +++ b/lib/krb5/krb5_rd_error.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_rd_error.3 21059 2007-06-12 17:52:46Z lha $ +.\" $Id$ .\" .Dd July 26, 2004 .Dt KRB5_RD_ERROR 3 diff --git a/lib/krb5/krb5_rd_error.cat3 b/lib/krb5/krb5_rd_error.cat3 new file mode 100644 index 000000000000..5b64c3daf2b5 --- /dev/null +++ b/lib/krb5/krb5_rd_error.cat3 @@ -0,0 +1,52 @@ + +KRB5_RD_ERROR(3) BSD Library Functions Manual KRB5_RD_ERROR(3) + +NNAAMMEE + kkrrbb55__rrdd__eerrrroorr, kkrrbb55__ffrreeee__eerrrroorr, kkrrbb55__ffrreeee__eerrrroorr__ccoonntteennttss, + kkrrbb55__eerrrroorr__ffrroomm__rrdd__eerrrroorr -- parse, free and read error from KRB-ERROR + message + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrdd__eerrrroorr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___d_a_t_a _*_m_s_g, + _K_R_B___E_R_R_O_R _*_r_e_s_u_l_t); + + _v_o_i_d + kkrrbb55__ffrreeee__eerrrroorr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_r_r_o_r _*_e_r_r_o_r); + + _v_o_i_d + kkrrbb55__ffrreeee__eerrrroorr__ccoonntteennttss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_r_r_o_r _*_e_r_r_o_r); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__eerrrroorr__ffrroomm__rrdd__eerrrroorr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___e_r_r_o_r _*_e_r_r_o_r, + _c_o_n_s_t _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s); + +DDEESSCCRRIIPPTTIIOONN + Usually applications never needs to parse and understand Kerberos error + messages since higher level functions will parse and push up the error in + the krb5_context. These functions are described for completeness. + + kkrrbb55__rrdd__eerrrroorr() parses and returns the kerboeros error message, the + structure should be freed with kkrrbb55__ffrreeee__eerrrroorr__ccoonntteennttss() when the caller + is done with the structure. + + kkrrbb55__ffrreeee__eerrrroorr() frees the content and the memory region holding the + structure iself. + + kkrrbb55__ffrreeee__eerrrroorr__ccoonntteennttss() free the content of the KRB-ERROR message. + + kkrrbb55__eerrrroorr__ffrroomm__rrdd__eerrrroorr() will parse the error message and set the error + buffer in krb5_context to the error string passed back or the matching + error code in the KRB-ERROR message. Caller should pick up the message + with kkrrbb55__ggeett__eerrrroorr__ssttrriinngg(_3) (don't forget to free the returned string + with kkrrbb55__ffrreeee__eerrrroorr__ssttrriinngg()). + +SSEEEE AALLSSOO + krb5(3), krb5_set_error_string(3), krb5_get_error_string(3), krb5.conf(5) + +HEIMDAL July 26, 2004 HEIMDAL diff --git a/lib/krb5/krb5_rd_safe.3 b/lib/krb5/krb5_rd_safe.3 index d024ae48e206..bb6294e66dd1 100644 --- a/lib/krb5/krb5_rd_safe.3 +++ b/lib/krb5/krb5_rd_safe.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003 Kungliga Tekniska Högskolan +.\" Copyright (c) 2003 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_rd_safe.3 17385 2006-05-01 08:48:55Z lha $ +.\" $Id$ .\" .Dd May 1, 2006 .Dt KRB5_RD_SAFE 3 diff --git a/lib/krb5/krb5_rd_safe.cat3 b/lib/krb5/krb5_rd_safe.cat3 new file mode 100644 index 000000000000..9eb55c83fe2f --- /dev/null +++ b/lib/krb5/krb5_rd_safe.cat3 @@ -0,0 +1,35 @@ + +KRB5_RD_SAFE(3) BSD Library Functions Manual KRB5_RD_SAFE(3) + +NNAAMMEE + kkrrbb55__rrdd__ssaaffee, kkrrbb55__rrdd__pprriivv -- verifies authenticity of messages + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrdd__pprriivv(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, + _c_o_n_s_t _k_r_b_5___d_a_t_a _*_i_n_b_u_f, _k_r_b_5___d_a_t_a _*_o_u_t_b_u_f, + _k_r_b_5___r_e_p_l_a_y___d_a_t_a _*_o_u_t_d_a_t_a); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__rrdd__ssaaffee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, + _c_o_n_s_t _k_r_b_5___d_a_t_a _*_i_n_b_u_f, _k_r_b_5___d_a_t_a _*_o_u_t_b_u_f, + _k_r_b_5___r_e_p_l_a_y___d_a_t_a _*_o_u_t_d_a_t_a); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__rrdd__ssaaffee() and kkrrbb55__rrdd__pprriivv() parses KRB-SAFE and KRB-PRIV messages + (as generated by krb5_mk_safe(3) and krb5_mk_priv(3)) from _i_n_b_u_f and ver- + ifies its integrity. The user data part of the message in put in _o_u_t_b_u_f. + The encryption state, including keyblocks and addresses, is taken from + _a_u_t_h___c_o_n_t_e_x_t. If the KRB5_AUTH_CONTEXT_RET_SEQUENCE or + KRB5_AUTH_CONTEXT_RET_TIME flags are set in the _a_u_t_h___c_o_n_t_e_x_t the sequence + number and time are returned in the _o_u_t_d_a_t_a parameter. + +SSEEEE AALLSSOO + krb5_auth_con_init(3), krb5_mk_priv(3), krb5_mk_safe(3) + +HEIMDAL May 1, 2006 HEIMDAL diff --git a/lib/krb5/krb5_set_default_realm.3 b/lib/krb5/krb5_set_default_realm.3 index 27467d816b3b..b1ab61f05f3c 100644 --- a/lib/krb5/krb5_set_default_realm.3 +++ b/lib/krb5/krb5_set_default_realm.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan +.\" Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_set_default_realm.3 17462 2006-05-05 13:18:39Z lha $ +.\" $Id$ .\" .Dd April 24, 2005 .Dt KRB5_SET_DEFAULT_REALM 3 diff --git a/lib/krb5/krb5_set_default_realm.cat3 b/lib/krb5/krb5_set_default_realm.cat3 new file mode 100644 index 000000000000..0100a0654f7d --- /dev/null +++ b/lib/krb5/krb5_set_default_realm.cat3 @@ -0,0 +1,70 @@ + +KRB5_SET_DEFAULT_REAL... BSD Library Functions Manual KRB5_SET_DEFAULT_REAL... + +NNAAMMEE + kkrrbb55__ccooppyy__hhoosstt__rreeaallmm, kkrrbb55__ffrreeee__hhoosstt__rreeaallmm, kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmm, + kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmmss, kkrrbb55__ggeett__hhoosstt__rreeaallmm, kkrrbb55__sseett__ddeeffaauulltt__rreeaallmm -- + default and host realm read and manipulation routines + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ccooppyy__hhoosstt__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___r_e_a_l_m _*_f_r_o_m, + _k_r_b_5___r_e_a_l_m _*_*_t_o); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ffrreeee__hhoosstt__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m_l_i_s_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmmss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_e_a_l_m _*_*_r_e_a_l_m); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__hhoosstt__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_h_o_s_t, + _k_r_b_5___r_e_a_l_m _*_*_r_e_a_l_m_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__sseett__ddeeffaauulltt__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_r_e_a_l_m); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__ccooppyy__hhoosstt__rreeaallmm() copies the list of realms from _f_r_o_m to _t_o. _t_o + should be freed by the caller using _k_r_b_5___f_r_e_e___h_o_s_t___r_e_a_l_m. + + kkrrbb55__ffrreeee__hhoosstt__rreeaallmm() frees all memory allocated by _r_e_a_l_m_l_i_s_t. + + kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmm() returns the first default realm for this host. + The realm returned should be freed with ffrreeee(). + + kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmmss() returns a NULL terminated list of default + realms for this context. Realms returned by kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmmss() + should be freed with kkrrbb55__ffrreeee__hhoosstt__rreeaallmm(). + + kkrrbb55__ggeett__hhoosstt__rreeaallmm() returns a NULL terminated list of realms for _h_o_s_t + by looking up the information in the [domain_realm] in _k_r_b_5_._c_o_n_f or in + DNS. If the mapping in [domain_realm] results in the string dns_locate, + DNS is used to lookup the realm. + + When using DNS to a resolve the domain for the host a.b.c, + kkrrbb55__ggeett__hhoosstt__rreeaallmm() looks for a TXT resource record named + _kerberos.a.b.c, and if not found, it strips off the first component and + tries a again (_kerberos.b.c) until it reaches the root. + + If there is no configuration or DNS information found, + kkrrbb55__ggeett__hhoosstt__rreeaallmm() assumes it can use the domain part of the _h_o_s_t to + form a realm. Caller must free _r_e_a_l_m_l_i_s_t with kkrrbb55__ffrreeee__hhoosstt__rreeaallmm(). + + kkrrbb55__sseett__ddeeffaauulltt__rreeaallmm() sets the default realm for the _c_o_n_t_e_x_t. If NULL + is used as a _r_e_a_l_m, the [libdefaults]default_realm stanza in _k_r_b_5_._c_o_n_f is + used. If there is no such stanza in the configuration file, the + kkrrbb55__ggeett__hhoosstt__rreeaallmm() function is used to form a default realm. + +SSEEEE AALLSSOO + free(3), krb5.conf(5) + +HEIMDAL April 24, 2005 HEIMDAL diff --git a/lib/krb5/krb5_set_password.3 b/lib/krb5/krb5_set_password.3 index 45ed41d477f6..14cd29979afa 100644 --- a/lib/krb5/krb5_set_password.3 +++ b/lib/krb5/krb5_set_password.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_set_password.3 14052 2004-07-15 14:39:06Z lha $ +.\" $Id$ .\" .Dd July 15, 2004 .Dt KRB5_SET_PASSWORD 3 diff --git a/lib/krb5/krb5_set_password.cat3 b/lib/krb5/krb5_set_password.cat3 new file mode 100644 index 000000000000..447c229c5cf8 --- /dev/null +++ b/lib/krb5/krb5_set_password.cat3 @@ -0,0 +1,66 @@ + +KRB5_SET_PASSWORD(3) BSD Library Functions Manual KRB5_SET_PASSWORD(3) + +NNAAMMEE + kkrrbb55__cchhaannggee__ppaasssswwoorrdd, kkrrbb55__sseett__ppaasssswwoorrdd, kkrrbb55__sseett__ppaasssswwoorrdd__uussiinngg__ccccaacchhee, + kkrrbb55__ppaasssswwdd__rreessuulltt__ttoo__ssttrriinngg -- change password functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__cchhaannggee__ppaasssswwoorrdd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s, + _c_h_a_r _*_n_e_w_p_w, _i_n_t _*_r_e_s_u_l_t___c_o_d_e, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t___c_o_d_e___s_t_r_i_n_g, + _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t___s_t_r_i_n_g); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__sseett__ppaasssswwoorrdd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s, _c_h_a_r _*_n_e_w_p_w, + _k_r_b_5___p_r_i_n_c_i_p_a_l _t_a_r_g_p_r_i_n_c, _i_n_t _*_r_e_s_u_l_t___c_o_d_e, + _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t___c_o_d_e___s_t_r_i_n_g, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t___s_t_r_i_n_g); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__sseett__ppaasssswwoorrdd__uussiinngg__ccccaacchhee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, + _c_h_a_r _*_n_e_w_p_w, _k_r_b_5___p_r_i_n_c_i_p_a_l _t_a_r_g_p_r_i_n_c, _i_n_t _*_r_e_s_u_l_t___c_o_d_e, + _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t___c_o_d_e___s_t_r_i_n_g, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t___s_t_r_i_n_g); + + _c_o_n_s_t _c_h_a_r _* + kkrrbb55__ppaasssswwdd__rreessuulltt__ttoo__ssttrriinngg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t _r_e_s_u_l_t); + +DDEESSCCRRIIPPTTIIOONN + These functions change the password for a given principal. + + kkrrbb55__sseett__ppaasssswwoorrdd() and kkrrbb55__sseett__ppaasssswwoorrdd__uussiinngg__ccccaacchhee() are the newer of + the three functions, and use a newer version of the protocol (and also + fall back to the older set-password protocol if the newer protocol + doesn't work). + + kkrrbb55__cchhaannggee__ppaasssswwoorrdd() sets the password _n_e_w_p_a_s_s_w_d for the client princi- + pal in _c_r_e_d_s. The server principal of creds must be kadmin/changepw. + + kkrrbb55__sseett__ppaasssswwoorrdd() and kkrrbb55__sseett__ppaasssswwoorrdd__uussiinngg__ccccaacchhee() change the pass- + word for the principal _t_a_r_g_p_r_i_n_c. + + kkrrbb55__sseett__ppaasssswwoorrdd() requires that the credential for + kadmin/changepw@REALM is in _c_r_e_d_s. If the user caller isn't an adminis- + trator, this credential needs to be an initial credential, see + krb5_get_init_creds(3) how to get such credentials. + + kkrrbb55__sseett__ppaasssswwoorrdd__uussiinngg__ccccaacchhee() will get the credential from _c_c_a_c_h_e. + + If _t_a_r_g_p_r_i_n_c is NULL, kkrrbb55__sseett__ppaasssswwoorrdd__uussiinngg__ccccaacchhee() uses the the + default principal in _c_c_a_c_h_e and kkrrbb55__sseett__ppaasssswwoorrdd() uses the global the + default principal. + + All three functions return an error in _r_e_s_u_l_t___c_o_d_e and maybe an error + string to print in _r_e_s_u_l_t___s_t_r_i_n_g. + + kkrrbb55__ppaasssswwdd__rreessuulltt__ttoo__ssttrriinngg() returns an human readable string describ- + ing the error code in _r_e_s_u_l_t___c_o_d_e from the kkrrbb55__sseett__ppaasssswwoorrdd() functions. + +SSEEEE AALLSSOO + krb5_ccache(3), krb5_init_context(3) + +HEIMDAL July 15, 2004 HEIMDAL diff --git a/lib/krb5/krb5_storage.3 b/lib/krb5/krb5_storage.3 deleted file mode 100644 index cc03c5b5e24a..000000000000 --- a/lib/krb5/krb5_storage.3 +++ /dev/null @@ -1,427 +0,0 @@ -.\" Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_storage.3 17884 2006-08-18 08:41:09Z lha $ -.\" -.Dd Aug 18, 2006 -.Dt KRB5_STORAGE 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_storage , -.Nm krb5_storage_emem , -.Nm krb5_storage_from_data , -.Nm krb5_storage_from_fd , -.Nm krb5_storage_from_mem , -.Nm krb5_storage_set_flags , -.Nm krb5_storage_clear_flags , -.Nm krb5_storage_is_flags , -.Nm krb5_storage_set_byteorder , -.Nm krb5_storage_get_byteorder , -.Nm krb5_storage_set_eof_code , -.Nm krb5_storage_seek , -.Nm krb5_storage_read , -.Nm krb5_storage_write , -.Nm krb5_storage_free , -.Nm krb5_storage_to_data , -.Nm krb5_store_int32 , -.Nm krb5_ret_int32 , -.Nm krb5_store_uint32 , -.Nm krb5_ret_uint32 , -.Nm krb5_store_int16 , -.Nm krb5_ret_int16 , -.Nm krb5_store_uint16 , -.Nm krb5_ret_uint16 , -.Nm krb5_store_int8 , -.Nm krb5_ret_int8 , -.Nm krb5_store_uint8 , -.Nm krb5_ret_uint8 , -.Nm krb5_store_data , -.Nm krb5_ret_data , -.Nm krb5_store_string , -.Nm krb5_ret_string , -.Nm krb5_store_stringnl , -.Nm krb5_ret_stringnl , -.Nm krb5_store_stringz , -.Nm krb5_ret_stringz , -.Nm krb5_store_principal , -.Nm krb5_ret_principal , -.Nm krb5_store_keyblock , -.Nm krb5_ret_keyblock , -.Nm krb5_store_times , -.Nm krb5_ret_times , -.Nm krb5_store_address , -.Nm krb5_ret_address , -.Nm krb5_store_addrs , -.Nm krb5_ret_addrs , -.Nm krb5_store_authdata , -.Nm krb5_ret_authdata , -.Nm krb5_store_creds , -.Nm krb5_ret_creds -.Nd operates on the Kerberos datatype krb5_storage -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li "struct krb5_storage;" -.Pp -.Ft "krb5_storage *" -.Fn krb5_storage_from_fd "int fd" -.Ft "krb5_storage *" -.Fn krb5_storage_emem "void" -.Ft "krb5_storage *" -.Fn krb5_storage_from_mem "void *buf" "size_t len" -.Ft "krb5_storage *" -.Fn krb5_storage_from_data "krb5_data *data" -.Ft void -.Fn krb5_storage_set_flags "krb5_storage *sp" "krb5_flags flags" -.Ft void -.Fn krb5_storage_clear_flags "krb5_storage *sp" "krb5_flags flags" -.Ft krb5_boolean -.Fn krb5_storage_is_flags "krb5_storage *sp" "krb5_flags flags" -.Ft void -.Fn krb5_storage_set_byteorder "krb5_storage *sp" "krb5_flags byteorder" -.Ft krb5_flags -.Fn krb5_storage_get_byteorder "krb5_storage *sp" "krb5_flags byteorder" -.Ft void -.Fn krb5_storage_set_eof_code "krb5_storage *sp" "int code" -.Ft off_t -.Fn krb5_storage_seek "krb5_storage *sp" "off_t offset" "int whence" -.Ft krb5_ssize_t -.Fn krb5_storage_read "krb5_storage *sp" "void *buf" "size_t len" -.Ft krb5_ssize_t -.Fn krb5_storage_write "krb5_storage *sp" "const void *buf" "size_t len" -.Ft krb5_error_code -.Fn krb5_storage_free "krb5_storage *sp" -.Ft krb5_error_code -.Fn krb5_storage_to_data "krb5_storage *sp" "krb5_data *data" -.Ft krb5_error_code -.Fn krb5_store_int32 "krb5_storage *sp" "int32_t value" -.Ft krb5_error_code -.Fn krb5_ret_int32 "krb5_storage *sp" "int32_t *value" -.Ft krb5_error_code -.Fn krb5_ret_uint32 "krb5_storage *sp" "uint32_t *value" -.Ft krb5_error_code -.Fn krb5_store_uint32 "krb5_storage *sp" "uint32_t value" -.Ft krb5_error_code -.Fn krb5_store_int16 "krb5_storage *sp" "int16_t value" -.Ft krb5_error_code -.Fn krb5_ret_int16 "krb5_storage *sp" "int16_t *value" -.Ft krb5_error_code -.Fn krb5_store_uint16 "krb5_storage *sp" "uint16_t value" -.Ft krb5_error_code -.Fn krb5_ret_uint16 "krb5_storage *sp" "u_int16_t *value" -.Ft krb5_error_code -.Fn krb5_store_int8 "krb5_storage *sp" "int8_t value" -.Ft krb5_error_code -.Fn krb5_ret_int8 "krb5_storage *sp" "int8_t *value" -.Ft krb5_error_code -.Fn krb5_store_uint8 "krb5_storage *sp" "u_int8_t value" -.Ft krb5_error_code -.Fn krb5_ret_uint8 "krb5_storage *sp" "u_int8_t *value" -.Ft krb5_error_code -.Fn krb5_store_data "krb5_storage *sp" "krb5_data data" -.Ft krb5_error_code -.Fn krb5_ret_data "krb5_storage *sp" "krb5_data *data" -.Ft krb5_error_code -.Fn krb5_store_string "krb5_storage *sp" "const char *s" -.Ft krb5_error_code -.Fn krb5_ret_string "krb5_storage *sp" "char **string" -.Ft krb5_error_code -.Fn krb5_store_stringnl "krb5_storage *sp" "const char *s" -.Ft krb5_error_code -.Fn krb5_ret_stringnl "krb5_storage *sp" "char **string" -.Ft krb5_error_code -.Fn krb5_store_stringz "krb5_storage *sp" "const char *s" -.Ft krb5_error_code -.Fn krb5_ret_stringz "krb5_storage *sp" "char **string" -.Ft krb5_error_code -.Fn krb5_store_principal "krb5_storage *sp" "krb5_const_principal p" -.Ft krb5_error_code -.Fn krb5_ret_principal "krb5_storage *sp" "krb5_principal *princ" -.Ft krb5_error_code -.Fn krb5_store_keyblock "krb5_storage *sp" "krb5_keyblock p" -.Ft krb5_error_code -.Fn krb5_ret_keyblock "krb5_storage *sp" "krb5_keyblock *p" -.Ft krb5_error_code -.Fn krb5_store_times "krb5_storage *sp" "krb5_times times" -.Ft krb5_error_code -.Fn krb5_ret_times "krb5_storage *sp" "krb5_times *times" -.Ft krb5_error_code -.Fn krb5_store_address "krb5_storage *sp" "krb5_address p" -.Ft krb5_error_code -.Fn krb5_ret_address "krb5_storage *sp" "krb5_address *adr" -.Ft krb5_error_code -.Fn krb5_store_addrs "krb5_storage *sp" "krb5_addresses p" -.Ft krb5_error_code -.Fn krb5_ret_addrs "krb5_storage *sp" "krb5_addresses *adr" -.Ft krb5_error_code -.Fn krb5_store_authdata "krb5_storage *sp" "krb5_authdata auth" -.Ft krb5_error_code -.Fn krb5_ret_authdata "krb5_storage *sp" "krb5_authdata *auth" -.Ft krb5_error_code -.Fn krb5_store_creds "krb5_storage *sp" "krb5_creds *creds" -.Ft krb5_error_code -.Fn krb5_ret_creds "krb5_storage *sp" "krb5_creds *creds" -.Sh DESCRIPTION -The -.Li krb5_storage -structure holds a storage element that is used for data manipulation. -The structure contains no public accessible elements. -.Pp -.Fn krb5_storage_emem -create a memory based krb5 storage unit that dynamicly resized to the -ammount of data stored in. -The storage never returns errors, on memory allocation errors -.Xr exit 3 -will be called. -.Pp -.Fn krb5_storage_from_data -create a krb5 storage unit that will read is data from a -.Li krb5_data . -There is no copy made of the -.Fa data , -so the caller must not free -.Fa data -until the storage is freed. -.Pp -.Fn krb5_storage_from_fd -create a krb5 storage unit that will read is data from a -file descriptor. -The descriptor must be seekable if -.Fn krb5_storage_seek -is used. -Caller must not free the file descriptor before the storage is freed. -.Pp -.Fn krb5_storage_from_mem -create a krb5 storage unit that will read is data from a -memory region. -There is no copy made of the -.Fa data , -so the caller must not free -.Fa data -until the storage is freed. -.Pp -.Fn krb5_storage_set_flags -and -.Fn krb5_storage_clear_flags -modifies the behavior of the storage functions. -.Fn krb5_storage_is_flags -tests if the -.Fa flags -are set on the -.Li krb5_storage . -Valid flags to set, is and clear is are: -.Pp -.Bl -tag -width "Fan vet..." -compact -offset indent -.It KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS -Stores the number of principal componets one too many when storing -principal namees, used for compatibility with version 1 of file -keytabs and version 1 of file credential caches. -.It KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE -Doesn't store the name type in when storing a principal name, used for -compatibility with version 1 of file keytabs and version 1 of file -credential caches. -.It KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE -Stores the keyblock type twice storing a keyblock, used for -compatibility version 3 of file credential caches. -.It KRB5_STORAGE_BYTEORDER_MASK -bitmask that can be used to and out what type of byte order order is used. -.It KRB5_STORAGE_BYTEORDER_BE -Store integers in in big endian byte order, this is the default mode. -.It KRB5_STORAGE_BYTEORDER_LE -Store integers in in little endian byte order. -.It KRB5_STORAGE_BYTEORDER_HOST -Stores the integers in host byte order, used for compatibility with -version 1 of file keytabs and version 1 and 2 of file credential -caches. -.It KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER -Store the credential flags in a krb5_creds in the reverse bit order. -.El -.Pp -.Fn krb5_storage_set_byteorder -and -.Fn krb5_storage_get_byteorder -modifies the byte order used in the storage for integers. -The flags used is same as above. -The valid flags are -.Dv KRB5_STORAGE_BYTEORDER_BE , -.Dv KRB5_STORAGE_BYTEORDER_LE -and -.Dv KRB5_STORAGE_BYTEORDER_HOST . -.Pp -.Fn krb5_storage_set_eof_code -sets the error code that will be returned on end of file condition to -.Fa code . -.Pp -.Fn krb5_storage_seek -seeks -.Fa offset -bytes in the storage -.Fa sp . -The -.Fa whence -argument is one of -.Bl -tag -width SEEK_SET -compact -offset indent -.It SEEK_SET -offset is from begining of storage. -.It SEEK_CUR -offset is relative from current offset. -.It SEEK_END -offset is from end of storage. -.El -.Pp -.Fn krb5_storage_read -reads -.Fa len -(or less bytes in case of end of file) into -.Fa buf -from the current offset in the storage -.Fa sp . -.Pp -.Fn krb5_storage_write -writes -.Fa len -or (less bytes in case of end of file) from -.Fa buf -from the current offset in the storage -.Fa sp . -.Pp -.Fn krb5_storage_free -frees the storage -.Fa sp . -.Pp -.Fn krb5_storage_to_data -converts the data in storage -.Fa sp -into a -.Li krb5_data -structure. -.Fa data -must be freed with -.Fn krb5_data_free -by the caller when done with the -.Fa data . -.Pp -All -.Li krb5_store -and -.Li krb5_ret -functions move the current offset forward when the functions returns. -.Pp -.Fn krb5_store_int32 , -.Fn krb5_ret_int32 , -.Fn krb5_store_uint32 , -.Fn krb5_ret_uint32 , -.Fn krb5_store_int16 , -.Fn krb5_ret_int16 , -.Fn krb5_store_uint16 , -.Fn krb5_ret_uint16 , -.Fn krb5_store_int8 , -.Fn krb5_ret_int8 -.Fn krb5_store_uint8 , -and -.Fn krb5_ret_uint8 -stores and reads an integer from -.Fa sp -in the byte order specified by the flags set on the -.Fa sp . -.Pp -.Fn krb5_store_data -and -.Fn krb5_ret_data -store and reads a krb5_data. -The length of the data is stored with -.Fn krb5_store_int32 . -.Pp -.Fn krb5_store_string -and -.Fn krb5_ret_string -store and reads a string by storing the length of the string with -.Fn krb5_store_int32 -followed by the string itself. -.Pp -.Fn krb5_store_stringnl -and -.Fn krb5_ret_stringnl -store and reads a string by storing string followed by a -.Dv '\n' . -.Pp -.Fn krb5_store_stringz -and -.Fn krb5_ret_stringz -store and reads a string by storing string followed by a -.Dv NUL . -.Pp -.Fn krb5_store_principal -and -.Fn krb5_ret_principal -store and reads a principal. -.Pp -.Fn krb5_store_keyblock -and -.Fn krb5_ret_keyblock -store and reads a -.Li krb5_keyblock . -.Pp -.Fn krb5_store_times -.Fn krb5_ret_times -store and reads -.Li krb5_times -structure . -.Pp -.Fn krb5_store_address -and -.Fn krb5_ret_address -store and reads a -.Li krb5_address . -.Pp -.Fn krb5_store_addrs -and -.Fn krb5_ret_addrs -store and reads a -.Li krb5_addresses . -.Pp -.Fn krb5_store_authdata -and -.Fn krb5_ret_authdata -store and reads a -.Li krb5_authdata . -.Pp -.Fn krb5_store_creds -and -.Fn krb5_ret_creds -store and reads a -.Li krb5_creds . -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_data 3 , -.Xr kerberos 8 diff --git a/lib/krb5/krb5_string_to_key.3 b/lib/krb5/krb5_string_to_key.3 index cf96f4e013bf..c77d4594cdbb 100644 --- a/lib/krb5/krb5_string_to_key.3 +++ b/lib/krb5/krb5_string_to_key.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_string_to_key.3 17820 2006-07-10 14:28:01Z lha $ +.\" $Id$ .\" .Dd July 10, 2006 .Dt KRB5_STRING_TO_KEY 3 @@ -114,7 +114,7 @@ The string to key functions convert a string to a kerberos key. .Pp .Fn krb5_string_to_key_data_salt_opaque is the function that does all the work, the rest of the functions are -just wrapers around +just wrappers around .Fn krb5_string_to_key_data_salt_opaque that calls it with default values. .Pp diff --git a/lib/krb5/krb5_string_to_key.cat3 b/lib/krb5/krb5_string_to_key.cat3 new file mode 100644 index 000000000000..3fe0b85b0671 --- /dev/null +++ b/lib/krb5/krb5_string_to_key.cat3 @@ -0,0 +1,74 @@ + +KRB5_STRING_TO_KEY(3) BSD Library Functions Manual KRB5_STRING_TO_KEY(3) + +NNAAMMEE + kkrrbb55__ssttrriinngg__ttoo__kkeeyy, kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ddaattaa, + kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ddaattaa__ssaalltt, kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ddaattaa__ssaalltt__ooppaaqquuee, + kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ssaalltt, kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ssaalltt__ooppaaqquuee, + kkrrbb55__ggeett__ppww__ssaalltt, kkrrbb55__ffrreeee__ssaalltt -- turns a string to a Kerberos key + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ssttrriinngg__ttoo__kkeeyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, + _c_o_n_s_t _c_h_a_r _*_p_a_s_s_w_o_r_d, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ddaattaa(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, + _k_r_b_5___d_a_t_a _p_a_s_s_w_o_r_d, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ddaattaa__ssaalltt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, + _k_r_b_5___d_a_t_a _p_a_s_s_w_o_r_d, _k_r_b_5___s_a_l_t _s_a_l_t, _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ddaattaa__ssaalltt__ooppaaqquuee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, _k_r_b_5___d_a_t_a _p_a_s_s_w_o_r_d, _k_r_b_5___s_a_l_t _s_a_l_t, + _k_r_b_5___d_a_t_a _o_p_a_q_u_e, _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ssaalltt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, + _c_o_n_s_t _c_h_a_r _*_p_a_s_s_w_o_r_d, _k_r_b_5___s_a_l_t _s_a_l_t, _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ssaalltt__ooppaaqquuee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, + _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, _c_o_n_s_t _c_h_a_r _*_p_a_s_s_w_o_r_d, _k_r_b_5___s_a_l_t _s_a_l_t, + _k_r_b_5___d_a_t_a _o_p_a_q_u_e, _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ggeett__ppww__ssaalltt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, + _k_r_b_5___s_a_l_t _*_s_a_l_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ffrreeee__ssaalltt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___s_a_l_t _s_a_l_t); + +DDEESSCCRRIIPPTTIIOONN + The string to key functions convert a string to a kerberos key. + + kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ddaattaa__ssaalltt__ooppaaqquuee() is the function that does all the + work, the rest of the functions are just wrappers around + kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ddaattaa__ssaalltt__ooppaaqquuee() that calls it with default values. + + kkrrbb55__ssttrriinngg__ttoo__kkeeyy__ddaattaa__ssaalltt__ooppaaqquuee() transforms the _p_a_s_s_w_o_r_d with the + given salt-string _s_a_l_t and the opaque, encryption type specific parameter + _o_p_a_q_u_e to a encryption key _k_e_y according to the string to key function + associated with _e_n_c_t_y_p_e. + + The _k_e_y should be freed with kkrrbb55__ffrreeee__kkeeyybblloocckk__ccoonntteennttss(). + + If one of the functions that doesn't take a krb5_salt as it argument + kkrrbb55__ggeett__ppww__ssaalltt() is used to get the salt value. + + kkrrbb55__ggeett__ppww__ssaalltt() get the default password salt for a principal, use + kkrrbb55__ffrreeee__ssaalltt() to free the salt when done. + + kkrrbb55__ffrreeee__ssaalltt() frees the content of _s_a_l_t. + +SSEEEE AALLSSOO + krb5(3), krb5_data(3), krb5_keyblock(3), kerberos(8) + +HEIMDAL July 10, 2006 HEIMDAL diff --git a/lib/krb5/krb5_ticket.3 b/lib/krb5/krb5_ticket.3 deleted file mode 100644 index 4f6d45ba5765..000000000000 --- a/lib/krb5/krb5_ticket.3 +++ /dev/null @@ -1,137 +0,0 @@ -.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_ticket.3 19543 2006-12-28 20:48:50Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_TICKET 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_ticket , -.Nm krb5_free_ticket , -.Nm krb5_copy_ticket , -.Nm krb5_ticket_get_authorization_data_type , -.Nm krb5_ticket_get_client , -.Nm krb5_ticket_get_server , -.Nm krb5_ticket_get_endtime -.Nd Kerberos 5 ticket access and handling functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li krb5_ticket ; -.Pp -.Ft krb5_error_code -.Fo krb5_free_ticket -.Fa "krb5_context context" -.Fa "krb5_ticket *ticket" -.Fc -.Ft krb5_error_code -.Fo krb5_copy_ticket -.Fa "krb5_context context" -.Fa "const krb5_ticket *from" -.Fa "krb5_ticket **to" -.Fc -.Ft krb5_error_code -.Fo krb5_ticket_get_authorization_data_type -.Fa "krb5_context context" -.Fa "krb5_ticket *ticket" -.Fa "int type" -.Fa "krb5_data *data" -.Fc -.Ft krb5_error_code -.Fo krb5_ticket_get_client -.Fa "krb5_context context" -.Fa "const krb5_ticket *ticket" -.Fa "krb5_principal *client" -.Fc -.Ft krb5_error_code -.Fo krb5_ticket_get_server -.Fa "krb5_context context" -.Fa "const krb5_ticket *ticket" -.Fa "krb5_principal *server" -.Fc -.Ft time_t -.Fo krb5_ticket_get_endtime -.Fa "krb5_context context" -.Fa "const krb5_ticket *ticket" -.Fc -.Sh DESCRIPTION -.Li krb5_ticket -holds a kerberos ticket. -The internals of the structure should never be accessed directly, -functions exist for extracting information. -.Pp -.Fn krb5_free_ticket -frees the -.Fa ticket -and its content. -Used to free the result of -.Fn krb5_copy_ticket -and -.Fn krb5_recvauth . -.Pp -.Fn krb5_copy_ticket -copies the content of the ticket -.Fa from -to the ticket -.Fa to . -The result -.Fa to -should be freed with -.Fn krb5_free_ticket . -.Pp -.Fn krb5_ticket_get_authorization_data_type -fetches the authorization data of the type -.Fa type -from the -.Fa ticket . -If there isn't any authorization data of type -.Fa type , -.Dv ENOENT -is returned. -.Fa data -needs to be freed with -.Fn krb5_data_free -on success. -.Pp -.Fn krb5_ticket_get_client -and -.Fn krb5_ticket_get_server -returns a copy of the client/server principal from the ticket. -The principal returned should be free using -.Xr krb5_free_principal 3 . -.Pp -.Fn krb5_ticket_get_endtime -return the end time of the ticket. -.Sh SEE ALSO -.Xr krb5 3 diff --git a/lib/krb5/krb5_timeofday.3 b/lib/krb5/krb5_timeofday.3 index 4163cc1b7165..b065ade1bdd5 100644 --- a/lib/krb5/krb5_timeofday.3 +++ b/lib/krb5/krb5_timeofday.3 @@ -1,6 +1,6 @@ -.\" $Id: krb5_timeofday.3 18093 2006-09-16 09:27:28Z lha $ +.\" $Id$ .\" -.\" Copyright (c) 2001, 2003, 2006 Kungliga Tekniska Högskolan +.\" Copyright (c) 2001, 2003, 2006 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -31,7 +31,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_timeofday.3 18093 2006-09-16 09:27:28Z lha $ +.\" $Id$ .\" .Dd Sepember 16, 2006 .Dt KRB5_TIMEOFDAY 3 diff --git a/lib/krb5/krb5_timeofday.cat3 b/lib/krb5/krb5_timeofday.cat3 new file mode 100644 index 000000000000..6bffbd449866 --- /dev/null +++ b/lib/krb5/krb5_timeofday.cat3 @@ -0,0 +1,55 @@ + +KRB5_TIMEOFDAY(3) BSD Library Functions Manual KRB5_TIMEOFDAY(3) + +NNAAMMEE + kkrrbb55__ttiimmeeooffddaayy, kkrrbb55__sseett__rreeaall__ttiimmee, kkrrbb55__uuss__ttiimmeeooffddaayy, kkrrbb55__ffoorrmmaatt__ttiimmee, + kkrrbb55__ssttrriinngg__ttoo__ddeellttaatt -- Kerberos 5 time handling functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + krb5_timestamp; + + krb5_deltat; + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__sseett__rreeaall__ttiimmee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___t_i_m_e_s_t_a_m_p _s_e_c, + _i_n_t_3_2___t _u_s_e_c); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ttiimmeeooffddaayy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___t_i_m_e_s_t_a_m_p _*_t_i_m_e_r_e_t); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__uuss__ttiimmeeooffddaayy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___t_i_m_e_s_t_a_m_p _*_s_e_c, + _i_n_t_3_2___t _*_u_s_e_c); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ffoorrmmaatt__ttiimmee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _t_i_m_e___t _t, _c_h_a_r _*_s, _s_i_z_e___t _l_e_n, + _k_r_b_5___b_o_o_l_e_a_n _i_n_c_l_u_d_e___t_i_m_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__ssttrriinngg__ttoo__ddeellttaatt(_c_o_n_s_t _c_h_a_r _*_s_t_r_i_n_g, _k_r_b_5___d_e_l_t_a_t _*_d_e_l_t_a_t); + +DDEESSCCRRIIPPTTIIOONN + kkrrbb55__sseett__rreeaall__ttiimmee sets the absolute time that the caller knows the KDC + has. With this the Kerberos library can calculate the relative differ- + ence between the KDC time and the local system time and store it in the + _c_o_n_t_e_x_t. With this information the Kerberos library can adjust all time + stamps in Kerberos packages. + + kkrrbb55__ttiimmeeooffddaayy() returns the current time, but adjusted with the time + difference between the local host and the KDC. kkrrbb55__uuss__ttiimmeeooffddaayy() also + returns microseconds. + + kkrrbb55__ffoorrmmaatt__ttiimmee formats the time _t into the string _s of length _l_e_n. If + _i_n_c_l_u_d_e___t_i_m_e is set, the time is set include_time. + + kkrrbb55__ssttrriinngg__ttoo__ddeellttaatt parses delta time _s_t_r_i_n_g into _d_e_l_t_a_t. + +SSEEEE AALLSSOO + gettimeofday(2), krb5(3) + +HEIMDAL Sepember 16, 2006 HEIMDAL diff --git a/lib/krb5/krb5_verify_init_creds.3 b/lib/krb5/krb5_verify_init_creds.3 index 9a34648981b4..0fe958289a15 100644 --- a/lib/krb5/krb5_verify_init_creds.3 +++ b/lib/krb5/krb5_verify_init_creds.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan +.\" Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_verify_init_creds.3 22071 2007-11-14 20:04:50Z lha $ +.\" $Id$ .\" .Dd May 1, 2006 .Dt KRB5_VERIFY_INIT_CREDS 3 diff --git a/lib/krb5/krb5_verify_init_creds.cat3 b/lib/krb5/krb5_verify_init_creds.cat3 new file mode 100644 index 000000000000..bfe8e08b32f6 --- /dev/null +++ b/lib/krb5/krb5_verify_init_creds.cat3 @@ -0,0 +1,52 @@ + +KRB5_VERIFY_INIT_CRED... BSD Library Functions Manual KRB5_VERIFY_INIT_CRED... + +NNAAMMEE + kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss__oopptt__iinniitt, + kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss__oopptt__sseett__aapp__rreeqq__nnooffaaiill, kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss -- + verifies a credential cache is correct by using a local keytab + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + struct krb5_verify_init_creds_opt; + + _v_o_i_d + kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss__oopptt__iinniitt(_k_r_b_5___v_e_r_i_f_y___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t_i_o_n_s); + + _v_o_i_d + kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss__oopptt__sseett__aapp__rreeqq__nnooffaaiill(_k_r_b_5___v_e_r_i_f_y___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t_i_o_n_s, + _i_n_t _a_p___r_e_q___n_o_f_a_i_l); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s, + _k_r_b_5___p_r_i_n_c_i_p_a_l _a_p___r_e_q___s_e_r_v_e_r, _k_r_b_5___c_c_a_c_h_e _*_c_c_a_c_h_e, + _k_r_b_5___v_e_r_i_f_y___i_n_i_t___c_r_e_d_s___o_p_t _*_o_p_t_i_o_n_s); + +DDEESSCCRRIIPPTTIIOONN + The kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss function verifies the initial tickets with the + local keytab to make sure the response of the KDC was spoof-ed. + + kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss will use principal _a_p___r_e_q___s_e_r_v_e_r from the local + keytab, if NULL is passed in, the code will guess the local hostname and + use that to form host/hostname/GUESSED-REALM-FOR-HOSTNAME. _c_r_e_d_s is the + credential that kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss should verify. If _c_c_a_c_h_e is given + kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss() stores all credentials it fetched from the KDC + there, otherwise it will use a memory credential cache that is destroyed + when done. + + kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss__oopptt__iinniitt() cleans the the structure, must be used + before trying to pass it in to kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss(). + + kkrrbb55__vveerriiffyy__iinniitt__ccrreeddss__oopptt__sseett__aapp__rreeqq__nnooffaaiill() controls controls the + behavior if _a_p___r_e_q___s_e_r_v_e_r doesn't exists in the local keytab or in the + KDC's database, if it's true, the error will be ignored. Note that this + use is possible insecure. + +SSEEEE AALLSSOO + krb5(3), krb5_get_init_creds(3), krb5_verify_user(3), krb5.conf(5) + +HEIMDAL May 1, 2006 HEIMDAL diff --git a/lib/krb5/krb5_verify_user.3 b/lib/krb5/krb5_verify_user.3 index 8086bc04baf4..a32986d1a4ce 100644 --- a/lib/krb5/krb5_verify_user.3 +++ b/lib/krb5/krb5_verify_user.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2001 - 2006 Kungliga Tekniska Högskolan +.\" Copyright (c) 2001 - 2006 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: krb5_verify_user.3 22071 2007-11-14 20:04:50Z lha $ +.\" $Id$ .\" .Dd May 1, 2006 .Dt KRB5_VERIFY_USER 3 diff --git a/lib/krb5/krb5_verify_user.cat3 b/lib/krb5/krb5_verify_user.cat3 new file mode 100644 index 000000000000..2d5747bc650f --- /dev/null +++ b/lib/krb5/krb5_verify_user.cat3 @@ -0,0 +1,141 @@ + +KRB5_VERIFY_USER(3) BSD Library Functions Manual KRB5_VERIFY_USER(3) + +NNAAMMEE + kkrrbb55__vveerriiffyy__uusseerr, kkrrbb55__vveerriiffyy__uusseerr__llrreeaallmm, kkrrbb55__vveerriiffyy__uusseerr__oopptt, + kkrrbb55__vveerriiffyy__oopptt__iinniitt, kkrrbb55__vveerriiffyy__oopptt__aalllloocc, kkrrbb55__vveerriiffyy__oopptt__ffrreeee, + kkrrbb55__vveerriiffyy__oopptt__sseett__ccccaacchhee, kkrrbb55__vveerriiffyy__oopptt__sseett__ffllaaggss, + kkrrbb55__vveerriiffyy__oopptt__sseett__sseerrvviiccee, kkrrbb55__vveerriiffyy__oopptt__sseett__sseeccuurree, + kkrrbb55__vveerriiffyy__oopptt__sseett__kkeeyyttaabb -- Heimdal password verifying functions + +LLIIBBRRAARRYY + Kerberos 5 Library (libkrb5, -lkrb5) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__vveerriiffyy__uusseerr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, + _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, _c_o_n_s_t _c_h_a_r _*_p_a_s_s_w_o_r_d, _k_r_b_5___b_o_o_l_e_a_n _s_e_c_u_r_e, + _c_o_n_s_t _c_h_a_r _*_s_e_r_v_i_c_e); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__vveerriiffyy__uusseerr__llrreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, + _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, _c_o_n_s_t _c_h_a_r _*_p_a_s_s_w_o_r_d, _k_r_b_5___b_o_o_l_e_a_n _s_e_c_u_r_e, + _c_o_n_s_t _c_h_a_r _*_s_e_r_v_i_c_e); + + _v_o_i_d + kkrrbb55__vveerriiffyy__oopptt__iinniitt(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t); + + _v_o_i_d + kkrrbb55__vveerriiffyy__oopptt__aalllloocc(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_*_o_p_t); + + _v_o_i_d + kkrrbb55__vveerriiffyy__oopptt__ffrreeee(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t); + + _v_o_i_d + kkrrbb55__vveerriiffyy__oopptt__sseett__ccccaacchhee(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e); + + _v_o_i_d + kkrrbb55__vveerriiffyy__oopptt__sseett__kkeeyyttaabb(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t, _k_r_b_5___k_e_y_t_a_b _k_e_y_t_a_b); + + _v_o_i_d + kkrrbb55__vveerriiffyy__oopptt__sseett__sseeccuurree(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t, _k_r_b_5___b_o_o_l_e_a_n _s_e_c_u_r_e); + + _v_o_i_d + kkrrbb55__vveerriiffyy__oopptt__sseett__sseerrvviiccee(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t, _c_o_n_s_t _c_h_a_r _*_s_e_r_v_i_c_e); + + _v_o_i_d + kkrrbb55__vveerriiffyy__oopptt__sseett__ffllaaggss(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t, _u_n_s_i_g_n_e_d _i_n_t _f_l_a_g_s); + + _k_r_b_5___e_r_r_o_r___c_o_d_e + kkrrbb55__vveerriiffyy__uusseerr__oopptt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, + _c_o_n_s_t _c_h_a_r _*_p_a_s_s_w_o_r_d, _k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t); + +DDEESSCCRRIIPPTTIIOONN + The kkrrbb55__vveerriiffyy__uusseerr function verifies the password supplied by a user. + The principal whose password will be verified is specified in _p_r_i_n_c_i_p_a_l. + New tickets will be obtained as a side-effect and stored in _c_c_a_c_h_e (if + NULL, the default ccache is used). kkrrbb55__vveerriiffyy__uusseerr() will call + kkrrbb55__cccc__iinniittiiaalliizzee() on the given _c_c_a_c_h_e, so _c_c_a_c_h_e must only initialized + with kkrrbb55__cccc__rreessoollvvee() or kkrrbb55__cccc__ggeenn__nneeww(). If the password is not sup- + plied in _p_a_s_s_w_o_r_d (and is given as NULL) the user will be prompted for + it. If _s_e_c_u_r_e the ticket will be verified against the locally stored + service key _s_e_r_v_i_c_e (by default `host' if given as NULL ). + + The kkrrbb55__vveerriiffyy__uusseerr__llrreeaallmm() function does the same, except that it + ignores the realm in _p_r_i_n_c_i_p_a_l and tries all the local realms (see + krb5.conf(5)). After a successful return, the principal is set to the + authenticated realm. If the call fails, the principal will not be mean- + ingful, and should only be freed with krb5_free_principal(3). + + kkrrbb55__vveerriiffyy__oopptt__aalllloocc() and kkrrbb55__vveerriiffyy__oopptt__ffrreeee() allocates and frees a + krb5_verify_opt. You should use the the alloc and free function instead + of allocation the structure yourself, this is because in a future release + the structure wont be exported. + + kkrrbb55__vveerriiffyy__oopptt__iinniitt() resets all opt to default values. + + None of the krb5_verify_opt_set function makes a copy of the data struc- + ture that they are called with. It's up the caller to free them after the + kkrrbb55__vveerriiffyy__uusseerr__oopptt() is called. + + kkrrbb55__vveerriiffyy__oopptt__sseett__ccccaacchhee() sets the _c_c_a_c_h_e that user of _o_p_t will use. + If not set, the default credential cache will be used. + + kkrrbb55__vveerriiffyy__oopptt__sseett__kkeeyyttaabb() sets the _k_e_y_t_a_b that user of _o_p_t will use. + If not set, the default keytab will be used. + + kkrrbb55__vveerriiffyy__oopptt__sseett__sseeccuurree() if _s_e_c_u_r_e if true, the password verification + will require that the ticket will be verified against the locally stored + service key. If not set, default value is true. + + kkrrbb55__vveerriiffyy__oopptt__sseett__sseerrvviiccee() sets the _s_e_r_v_i_c_e principal that user of _o_p_t + will use. If not set, the `host' service will be used. + + kkrrbb55__vveerriiffyy__oopptt__sseett__ffllaaggss() sets _f_l_a_g_s that user of _o_p_t will use. If the + flag KRB5_VERIFY_LREALMS is used, the _p_r_i_n_c_i_p_a_l will be modified like + kkrrbb55__vveerriiffyy__uusseerr__llrreeaallmm() modifies it. + + kkrrbb55__vveerriiffyy__uusseerr__oopptt() function verifies the _p_a_s_s_w_o_r_d supplied by a user. + The principal whose password will be verified is specified in _p_r_i_n_c_i_p_a_l. + Options the to the verification process is pass in in _o_p_t. + +EEXXAAMMPPLLEESS + Here is a example program that verifies a password. it uses the + `host/`hostname`' service principal in _k_r_b_5_._k_e_y_t_a_b. + + #include + + int + main(int argc, char **argv) + { + char *user; + krb5_error_code error; + krb5_principal princ; + krb5_context context; + + if (argc != 2) + errx(1, "usage: verify_passwd "); + + user = argv[1]; + + if (krb5_init_context(&context) < 0) + errx(1, "krb5_init_context"); + + if ((error = krb5_parse_name(context, user, &princ)) != 0) + krb5_err(context, 1, error, "krb5_parse_name"); + + error = krb5_verify_user(context, princ, NULL, NULL, TRUE, NULL); + if (error) + krb5_err(context, 1, error, "krb5_verify_user"); + + return 0; + } + +SSEEEE AALLSSOO + krb5_cc_gen_new(3), krb5_cc_initialize(3), krb5_cc_resolve(3), + krb5_err(3), krb5_free_principal(3), krb5_init_context(3), + krb5_kt_default(3), krb5.conf(5) + +HEIMDAL May 1, 2006 HEIMDAL diff --git a/lib/krb5/krb5_warn.3 b/lib/krb5/krb5_warn.3 deleted file mode 100644 index 5610cd8dc42e..000000000000 --- a/lib/krb5/krb5_warn.3 +++ /dev/null @@ -1,233 +0,0 @@ -.\" Copyright (c) 1997, 2001 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_warn.3 19085 2006-11-21 07:55:20Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_WARN 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_abort , -.Nm krb5_abortx , -.Nm krb5_clear_error_string , -.Nm krb5_err , -.Nm krb5_errx , -.Nm krb5_free_error_string , -.Nm krb5_get_err_text , -.Nm krb5_get_error_message , -.Nm krb5_get_error_string , -.Nm krb5_have_error_string , -.Nm krb5_set_error_string , -.Nm krb5_set_warn_dest , -.Nm krb5_get_warn_dest , -.Nm krb5_vabort , -.Nm krb5_vabortx , -.Nm krb5_verr , -.Nm krb5_verrx , -.Nm krb5_vset_error_string , -.Nm krb5_vwarn , -.Nm krb5_vwarnx , -.Nm krb5_warn , -.Nm krb5_warnx -.Nd Heimdal warning and error functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn krb5_abort "krb5_context context" "krb5_error_code code" "const char *fmt" "..." -.Ft krb5_error_code -.Fn krb5_abortx "krb5_context context" "krb5_error_code code" "const char *fmt" "..." -.Ft void -.Fn krb5_clear_error_string "krb5_context context" -.Ft krb5_error_code -.Fn krb5_err "krb5_context context" "int eval" "krb5_error_code code" "const char *format" "..." -.Ft krb5_error_code -.Fn krb5_errx "krb5_context context" "int eval" "const char *format" "..." -.Ft void -.Fn krb5_free_error_string "krb5_context context" "char *str" -.Ft krb5_error_code -.Fn krb5_verr "krb5_context context" "int eval" "krb5_error_code code" "const char *format" "va_list ap" -.Ft krb5_error_code -.Fn krb5_verrx "krb5_context context" "int eval" "const char *format" "va_list ap" -.Ft krb5_error_code -.Fn krb5_vset_error_string "krb5_context context" "const char *fmt" "va_list args" -.Ft krb5_error_code -.Fn krb5_vwarn "krb5_context context" "krb5_error_code code" "const char *format" "va_list ap" -.Ft krb5_error_code -.Fn krb5_vwarnx "krb5_context context" "const char *format" "va_list ap" -.Ft krb5_error_code -.Fn krb5_warn "krb5_context context" "krb5_error_code code" "const char *format" "..." -.Ft krb5_error_code -.Fn krb5_warnx "krb5_context context" "const char *format" "..." -.Ft krb5_error_code -.Fn krb5_set_error_string "krb5_context context" "const char *fmt" "..." -.Ft krb5_error_code -.Fn krb5_set_warn_dest "krb5_context context" "krb5_log_facility *facility" -.Ft "char *" -.Ft krb5_log_facility * -.Fo krb5_get_warn_dest -.Fa "krb5_context context" -.Fc -.Fn krb5_get_err_text "krb5_context context" "krb5_error_code code" -.Ft char* -.Fn krb5_get_error_string "krb5_context context" -.Ft char* -.Fn krb5_get_error_message "krb5_context context, krb5_error_code code" -.Ft krb5_boolean -.Fn krb5_have_error_string "krb5_context context" -.Ft krb5_error_code -.Fn krb5_vabortx "krb5_context context" "const char *fmt" "va_list ap" -.Ft krb5_error_code -.Fn krb5_vabort "krb5_context context" "const char *fmt" "va_list ap" -.Sh DESCRIPTION -These functions print a warning message to some destination. -.Fa format -is a printf style format specifying the message to print. The forms not ending in an -.Dq x -print the error string associated with -.Fa code -along with the message. -The -.Dq err -functions exit with exit status -.Fa eval -after printing the message. -.Pp -Applications that want to get the error message to report it to a user -or store it in a log want to use -.Fn krb5_get_error_message . -.Pp -The -.Fn krb5_set_warn_func -function sets the destination for warning messages to the specified -.Fa facility . -Messages logged with the -.Dq warn -functions have a log level of 1, while the -.Dq err -functions log with level 0. -.Pp -.Fn krb5_get_err_text -fetches the human readable strings describing the error-code. -.Pp -.Fn krb5_abort -and -.Nm krb5_abortx -behaves like -.Nm krb5_err -and -.Nm krb5_errx -but instead of exiting using the -.Xr exit 3 -call, -.Xr abort 3 -is used. -.Pp -.Fn krb5_free_error_string -frees the error string -.Fa str -returned by -.Fn krb5_get_error_string . -.Pp -.Fn krb5_clear_error_string -clears the error string from the -.Fa context . -.Pp -.Fn krb5_set_error_string -and -.Fn krb5_vset_error_string -sets an verbose error string in -.Fa context . -.Pp -.Fn krb5_get_error_string -fetches the error string from -.Fa context . -The error message in the context is consumed and must be freed using -.Fn krb5_free_error_string -by the caller. -See also -.Fn krb5_get_error_message , -what is usually less verbose to use. -.Pp -.Fn krb5_have_error_string -returns -.Dv TRUE -if there is a verbose error message in the -.Fa context . -.Pp -.Fn krb5_get_error_message -fetches the error string from the context, or if there -is no customized error string in -.Fa context , -uses -.Fa code -to return a error string. -In either case, the error message in the context is consumed and must -be freed using -.Fn krb5_free_error_string -by the caller. -.Pp -.Fn krb5_set_warn_dest -and -.Fn krb5_get_warn_dest -sets and get the log context that is used by -.Fn krb5_warn -and friends. By using this the application can control where the -output should go. For example, this is imperative to inetd servers -where logging status and error message will end up on the output -stream to the client. -.Sh EXAMPLES -Below is a simple example how to report error messages from the -Kerberos library in an application. -.Bd -literal -#include - -krb5_error_code -function (krb5_context context) -{ - krb5_error_code ret; - - ret = krb5_function (context, arg1, arg2); - if (ret) { - char *s = krb5_get_error_message(context, ret); - if (s == NULL) - errx(1, "kerberos error: %d (and out of memory)", ret); - application_logger("krb5_function failed: %s", s); - krb5_free_error_string(context, s); - return ret; - } - return 0; -} -.Ed -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_openlog 3 diff --git a/lib/krb5/krbhst-test.c b/lib/krb5/krbhst-test.c index 38b0b6a36c30..873734fce77a 100644 --- a/lib/krb5/krbhst-test.c +++ b/lib/krb5/krbhst-test.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2001 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2001 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" @@ -36,8 +36,6 @@ #include #include -RCSID("$Id: krbhst-test.c 15466 2005-06-17 04:21:47Z lha $"); - static int version_flag = 0; static int help_flag = 0; @@ -67,12 +65,12 @@ main(int argc, char **argv) KRB5_KRBHST_KRB524}; const char *type_str[] = {"kdc", "admin", "changepw", "krb524"}; int optidx = 0; - + setprogname (argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -95,7 +93,7 @@ main(int argc, char **argv) krb5_krbhst_init(context, argv[i], types[j], &handle); while(krb5_krbhst_next_as_string(context, handle, host, sizeof(host)) == 0) - printf("%s\n", host); + printf("\thost: %s\n", host); krb5_krbhst_reset(context, handle); printf ("\n"); } diff --git a/lib/krb5/krbhst.c b/lib/krb5/krbhst.c index 094fd4f9c64d..3242cdb99956 100644 --- a/lib/krb5/krbhst.c +++ b/lib/krb5/krbhst.c @@ -1,50 +1,48 @@ /* - * Copyright (c) 2001 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2001 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" #include #include "locate_plugin.h" -RCSID("$Id: krbhst.c 21457 2007-07-10 12:53:25Z lha $"); - static int string_to_proto(const char *string) { if(strcasecmp(string, "udp") == 0) return KRB5_KRBHST_UDP; - else if(strcasecmp(string, "tcp") == 0) + else if(strcasecmp(string, "tcp") == 0) return KRB5_KRBHST_TCP; - else if(strcasecmp(string, "http") == 0) + else if(strcasecmp(string, "http") == 0) return KRB5_KRBHST_HTTP; return -1; } @@ -56,13 +54,13 @@ string_to_proto(const char *string) */ static krb5_error_code -srv_find_realm(krb5_context context, krb5_krbhst_info ***res, int *count, +srv_find_realm(krb5_context context, krb5_krbhst_info ***res, int *count, const char *realm, const char *dns_type, const char *proto, const char *service, int port) { char domain[1024]; - struct dns_reply *r; - struct resource_record *rr; + struct rk_dns_reply *r; + struct rk_resource_record *rr; int num_srv; int proto_num; int def_port; @@ -72,7 +70,9 @@ srv_find_realm(krb5_context context, krb5_krbhst_info ***res, int *count, proto_num = string_to_proto(proto); if(proto_num < 0) { - krb5_set_error_string(context, "unknown protocol `%s'", proto); + krb5_set_error_message(context, EINVAL, + N_("unknown protocol `%s' to lookup", ""), + proto); return EINVAL; } @@ -85,31 +85,35 @@ srv_find_realm(krb5_context context, krb5_krbhst_info ***res, int *count, snprintf(domain, sizeof(domain), "_%s._%s.%s.", service, proto, realm); - r = dns_lookup(domain, dns_type); - if(r == NULL) + r = rk_dns_lookup(domain, dns_type); + if(r == NULL) { + _krb5_debug(context, 0, + "DNS lookup failed domain: %s", domain); return KRB5_KDC_UNREACH; + } - for(num_srv = 0, rr = r->head; rr; rr = rr->next) - if(rr->type == T_SRV) + for(num_srv = 0, rr = r->head; rr; rr = rr->next) + if(rr->type == rk_ns_t_srv) num_srv++; *res = malloc(num_srv * sizeof(**res)); if(*res == NULL) { - dns_free_data(r); - krb5_set_error_string(context, "malloc: out of memory"); + rk_dns_free_data(r); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } - dns_srv_order(r); + rk_dns_srv_order(r); - for(num_srv = 0, rr = r->head; rr; rr = rr->next) - if(rr->type == T_SRV) { + for(num_srv = 0, rr = r->head; rr; rr = rr->next) + if(rr->type == rk_ns_t_srv) { krb5_krbhst_info *hi; size_t len = strlen(rr->u.srv->target); hi = calloc(1, sizeof(*hi) + len); if(hi == NULL) { - dns_free_data(r); + rk_dns_free_data(r); while(--num_srv >= 0) free((*res)[num_srv]); free(*res); @@ -119,7 +123,7 @@ srv_find_realm(krb5_context context, krb5_krbhst_info ***res, int *count, (*res)[num_srv++] = hi; hi->proto = proto_num; - + hi->def_port = def_port; if (port != 0) hi->port = port; @@ -130,8 +134,8 @@ srv_find_realm(krb5_context context, krb5_krbhst_info ***res, int *count, } *count = num_srv; - - dns_free_data(r); + + rk_dns_free_data(r); return 0; } @@ -149,7 +153,7 @@ struct krb5_krbhst_data { #define KD_CONFIG_EXISTS 32 #define KD_LARGE_MSG 64 #define KD_PLUGIN 128 - krb5_error_code (*get_next)(krb5_context, struct krb5_krbhst_data *, + krb5_error_code (*get_next)(krb5_context, struct krb5_krbhst_data *, krb5_krbhst_info**); unsigned int fallback_count; @@ -175,6 +179,15 @@ krbhst_get_default_proto(struct krb5_krbhst_data *kd) return KRB5_KRBHST_UDP; } +/* + * + */ + +const char * +_krb5_krbhst_get_realm(krb5_krbhst_handle handle) +{ + return handle->realm; +} /* * parse `spec' into a krb5_krbhst_info, defaulting the port to `def_port' @@ -185,13 +198,13 @@ static struct krb5_krbhst_info* parse_hostspec(krb5_context context, struct krb5_krbhst_data *kd, const char *spec, int def_port, int port) { - const char *p = spec; + const char *p = spec, *q; struct krb5_krbhst_info *hi; - + hi = calloc(1, sizeof(*hi) + strlen(spec)); if(hi == NULL) return NULL; - + hi->proto = krbhst_get_default_proto(kd); if(strncmp(p, "http://", 7) == 0){ @@ -208,7 +221,17 @@ parse_hostspec(krb5_context context, struct krb5_krbhst_data *kd, p += 4; } - if(strsep_copy(&p, ":", hi->hostname, strlen(spec) + 1) < 0) { + if (p[0] == '[' && (q = strchr(p, ']')) != NULL) { + /* if address looks like [foo:bar] or [foo:bar]: its a ipv6 + adress, strip of [] */ + memcpy(hi->hostname, &p[1], q - p - 1); + hi->hostname[q - p - 1] = '\0'; + p = q + 1; + /* get trailing : */ + if (p[0] == ':') + p++; + } else if(strsep_copy(&p, ":", hi->hostname, strlen(spec) + 1) < 0) { + /* copy everything before : */ free(hi); return NULL; } @@ -217,7 +240,7 @@ parse_hostspec(krb5_context context, struct krb5_krbhst_data *kd, strlwr(hi->hostname); hi->port = hi->def_port = def_port; - if(p != NULL) { + if(p != NULL && p[0]) { char *end; hi->port = strtol(p, &end, 0); if(end == p) { @@ -245,9 +268,10 @@ _krb5_krbhost_info_move(krb5_context context, { size_t hostnamelen = strlen(from->hostname); /* trailing NUL is included in structure */ - *to = calloc(1, sizeof(**to) + hostnamelen); + *to = calloc(1, sizeof(**to) + hostnamelen); if(*to == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } @@ -268,8 +292,8 @@ append_host_hostinfo(struct krb5_krbhst_data *kd, struct krb5_krbhst_info *host) struct krb5_krbhst_info *h; for(h = kd->hosts; h; h = h->next) - if(h->proto == host->proto && - h->port == host->port && + if(h->proto == host->proto && + h->port == host->port && strcmp(h->hostname, host->hostname) == 0) { _krb5_free_krbhst_info(host); return; @@ -287,7 +311,7 @@ append_host_string(krb5_context context, struct krb5_krbhst_data *kd, hi = parse_hostspec(context, kd, host, def_port, port); if(hi == NULL) return ENOMEM; - + append_host_hostinfo(kd, hi); return 0; } @@ -296,8 +320,8 @@ append_host_string(krb5_context context, struct krb5_krbhst_data *kd, * return a readable representation of `host' in `hostname, hostlen' */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_format_string(krb5_context context, const krb5_krbhst_info *host, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_krbhst_format_string(krb5_context context, const krb5_krbhst_info *host, char *hostname, size_t hostlen) { const char *proto = ""; @@ -332,28 +356,66 @@ make_hints(struct addrinfo *hints, int proto) } } -/* - * return an `struct addrinfo *' in `ai' corresponding to the information - * in `host'. free:ing is handled by krb5_krbhst_free. +/** + * Return an `struct addrinfo *' for a KDC host. + * + * Returns an the struct addrinfo in in that corresponds to the + * information in `host'. free:ing is handled by krb5_krbhst_free, so + * the returned ai must not be released. + * + * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_get_addrinfo(krb5_context context, krb5_krbhst_info *host, struct addrinfo **ai) { - struct addrinfo hints; - char portstr[NI_MAXSERV]; - int ret; + int ret = 0; if (host->ai == NULL) { - make_hints(&hints, host->proto); + struct addrinfo hints; + char portstr[NI_MAXSERV]; + char *hostname = host->hostname; + snprintf (portstr, sizeof(portstr), "%d", host->port); + make_hints(&hints, host->proto); + + /** + * First try this as an IP address, this allows us to add a + * dot at the end to stop using the search domains. + */ + + hints.ai_flags |= AI_NUMERICHOST | AI_NUMERICSERV; + ret = getaddrinfo(host->hostname, portstr, &hints, &host->ai); - if (ret) - return krb5_eai_to_heim_errno(ret, errno); + if (ret == 0) + goto out; + + /** + * If the hostname contains a dot, assumes it's a FQDN and + * don't use search domains since that might be painfully slow + * when machine is disconnected from that network. + */ + + hints.ai_flags &= ~(AI_NUMERICHOST); + + if (strchr(hostname, '.') && hostname[strlen(hostname) - 1] != '.') { + ret = asprintf(&hostname, "%s.", host->hostname); + if (ret < 0 || hostname == NULL) + return ENOMEM; + } + + ret = getaddrinfo(hostname, portstr, &hints, &host->ai); + if (hostname != host->hostname) + free(hostname); + if (ret) { + ret = krb5_eai_to_heim_errno(ret, errno); + goto out; + } } + out: *ai = host->ai; - return 0; + return ret; } static krb5_boolean @@ -369,14 +431,18 @@ get_next(struct krb5_krbhst_data *kd, krb5_krbhst_info **host) } static void -srv_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, +srv_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, const char *proto, const char *service) { + krb5_error_code ret; krb5_krbhst_info **res; int count, i; - if (srv_find_realm(context, &res, &count, kd->realm, "SRV", proto, service, - kd->port)) + ret = srv_find_realm(context, &res, &count, kd->realm, "SRV", proto, service, + kd->port); + _krb5_debug(context, 2, "searching DNS for realm %s %s.%s -> %d", + kd->realm, proto, service, ret); + if (ret) return; for(i = 0; i < count; i++) append_host_hostinfo(kd, res[i]); @@ -389,15 +455,17 @@ srv_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, */ static void -config_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, +config_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, const char *conf_string) { int i; - char **hostlist; - hostlist = krb5_config_get_strings(context, NULL, + hostlist = krb5_config_get_strings(context, NULL, "realms", kd->realm, conf_string, NULL); + _krb5_debug(context, 2, "configuration file for realm %s%s found", + kd->realm, hostlist ? "" : " not"); + if(hostlist == NULL) return; kd->flags |= KD_CONFIG_EXISTS; @@ -410,21 +478,24 @@ config_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, /* * as a fallback, look for `serv_string.kd->realm' (typically * kerberos.REALM, kerberos-1.REALM, ... - * `port' is the default port for the service, and `proto' the + * `port' is the default port for the service, and `proto' the * protocol */ static krb5_error_code -fallback_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, +fallback_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, const char *serv_string, int port, int proto) { - char *host; + char *host = NULL; int ret; struct addrinfo *ai; struct addrinfo hints; char portstr[NI_MAXSERV]; - /* + _krb5_debug(context, 2, "fallback lookup %d for realm %s (service %s)", + kd->fallback_count, kd->realm, serv_string); + + /* * Don't try forever in case the DNS server keep returning us * entries (like wildcard entries or the .nu TLD) */ @@ -434,14 +505,14 @@ fallback_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, } if(kd->fallback_count == 0) - asprintf(&host, "%s.%s.", serv_string, kd->realm); + ret = asprintf(&host, "%s.%s.", serv_string, kd->realm); else - asprintf(&host, "%s-%d.%s.", - serv_string, kd->fallback_count, kd->realm); + ret = asprintf(&host, "%s-%d.%s.", + serv_string, kd->fallback_count, kd->realm); - if (host == NULL) + if (ret < 0 || host == NULL) return ENOMEM; - + make_hints(&hints, proto); snprintf(portstr, sizeof(portstr), "%d", port); ret = getaddrinfo(host, portstr, &hints, &ai); @@ -475,7 +546,7 @@ fallback_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, * Fetch hosts from plugin */ -static krb5_error_code +static krb5_error_code add_locate(void *ctx, int type, struct sockaddr *addr) { struct krb5_krbhst_info *hi; @@ -503,7 +574,7 @@ add_locate(void *ctx, int type, struct sockaddr *addr) hi = calloc(1, sizeof(*hi) + hostlen); if(hi == NULL) return ENOMEM; - + hi->proto = krbhst_get_default_proto(kd); hi->port = hi->def_port = socket_get_port(addr); hi->ai = ai; @@ -522,12 +593,11 @@ plugin_get_hosts(krb5_context context, struct krb5_plugin *list = NULL, *e; krb5_error_code ret; - ret = _krb5_plugin_find(context, PLUGIN_TYPE_DATA, "resolve", &list); + ret = _krb5_plugin_find(context, PLUGIN_TYPE_DATA, + KRB5_PLUGIN_LOCATE, &list); if(ret != 0 || list == NULL) return; - kd->flags |= KD_CONFIG_EXISTS; - for (e = list; e != NULL; e = _krb5_plugin_get_next(e)) { krb5plugin_service_locate_ftable *service; void *ctx; @@ -535,14 +605,20 @@ plugin_get_hosts(krb5_context context, service = _krb5_plugin_get_symbol(e); if (service->minor_version != 0) continue; - + (*service->init)(context, &ctx); ret = (*service->lookup)(ctx, type, kd->realm, 0, 0, add_locate, kd); (*service->fini)(ctx); - if (ret) { - krb5_set_error_string(context, "Plugin failed to lookup"); + if (ret && ret != KRB5_PLUGIN_NO_HANDLE) { + krb5_set_error_message(context, ret, + N_("Locate plugin failed to lookup realm %s: %d", ""), + kd->realm, ret); break; + } else if (ret == 0) { + _krb5_debug(context, 2, "plugin found result for realm %s", kd->realm); + kd->flags |= KD_CONFIG_EXISTS; } + } _krb5_plugin_free(list); } @@ -572,8 +648,12 @@ kdc_get_next(krb5_context context, return 0; } - if (kd->flags & KD_CONFIG_EXISTS) - return KRB5_KDC_UNREACH; /* XXX */ + if (kd->flags & KD_CONFIG_EXISTS) { + _krb5_debug(context, 1, + "Configuration exists for realm %s, wont go to DNS", + kd->realm); + return KRB5_KDC_UNREACH; + } if(context->srv_lookup) { if((kd->flags & KD_SRV_UDP) == 0 && (kd->flags & KD_LARGE_MSG) == 0) { @@ -599,7 +679,7 @@ kdc_get_next(krb5_context context, while((kd->flags & KD_FALLBACK) == 0) { ret = fallback_get_hosts(context, kd, "kerberos", - kd->def_port, + kd->def_port, krbhst_get_default_proto(kd)); if(ret) return ret; @@ -607,6 +687,8 @@ kdc_get_next(krb5_context context, return 0; } + _krb5_debug(context, 0, "No KDC entries found for %s", kd->realm); + return KRB5_KDC_UNREACH; /* XXX */ } @@ -631,8 +713,12 @@ admin_get_next(krb5_context context, return 0; } - if (kd->flags & KD_CONFIG_EXISTS) - return KRB5_KDC_UNREACH; /* XXX */ + if (kd->flags & KD_CONFIG_EXISTS) { + _krb5_debug(context, 1, + "Configuration exists for realm %s, wont go to DNS", + kd->realm); + return KRB5_KDC_UNREACH; + } if(context->srv_lookup) { if((kd->flags & KD_SRV_TCP) == 0) { @@ -655,6 +741,8 @@ admin_get_next(krb5_context context, return 0; } + _krb5_debug(context, 0, "No admin entries found for realm %s", kd->realm); + return KRB5_KDC_UNREACH; /* XXX */ } @@ -679,8 +767,12 @@ kpasswd_get_next(krb5_context context, return 0; } - if (kd->flags & KD_CONFIG_EXISTS) - return KRB5_KDC_UNREACH; /* XXX */ + if (kd->flags & KD_CONFIG_EXISTS) { + _krb5_debug(context, 1, + "Configuration exists for realm %s, wont go to DNS", + kd->realm); + return KRB5_KDC_UNREACH; + } if(context->srv_lookup) { if((kd->flags & KD_SRV_UDP) == 0) { @@ -709,7 +801,9 @@ kpasswd_get_next(krb5_context context, return ret; } - return KRB5_KDC_UNREACH; /* XXX */ + _krb5_debug(context, 0, "No kpasswd entries found for realm %s", kd->realm); + + return KRB5_KDC_UNREACH; } static krb5_error_code @@ -731,8 +825,12 @@ krb524_get_next(krb5_context context, kd->flags |= KD_CONFIG; } - if (kd->flags & KD_CONFIG_EXISTS) - return KRB5_KDC_UNREACH; /* XXX */ + if (kd->flags & KD_CONFIG_EXISTS) { + _krb5_debug(context, 1, + "Configuration exists for realm %s, wont go to DNS", + kd->realm); + return KRB5_KDC_UNREACH; + } if(context->srv_lookup) { if((kd->flags & KD_SRV_UDP) == 0) { @@ -759,11 +857,14 @@ krb524_get_next(krb5_context context, return (*kd->get_next)(context, kd, host); } - return KRB5_KDC_UNREACH; /* XXX */ + _krb5_debug(context, 0, "No kpasswd entries found for realm %s", kd->realm); + + return KRB5_KDC_UNREACH; } static struct krb5_krbhst_data* common_init(krb5_context context, + const char *service, const char *realm, int flags) { @@ -777,6 +878,9 @@ common_init(krb5_context context, return NULL; } + _krb5_debug(context, 2, "Trying to find service %s for realm %s flags %x", + service, realm, flags); + /* For 'realms' without a . do not even think of going to DNS */ if (!strchr(realm, '.')) kd->flags |= KD_CONFIG_EXISTS; @@ -791,7 +895,7 @@ common_init(krb5_context context, * initialize `handle' to look for hosts of type `type' in realm `realm' */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_init(krb5_context context, const char *realm, unsigned int type, @@ -800,7 +904,7 @@ krb5_krbhst_init(krb5_context context, return krb5_krbhst_init_flags(context, realm, type, 0, handle); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_init_flags(krb5_context context, const char *realm, unsigned int type, @@ -808,34 +912,40 @@ krb5_krbhst_init_flags(krb5_context context, krb5_krbhst_handle *handle) { struct krb5_krbhst_data *kd; - krb5_error_code (*next)(krb5_context, struct krb5_krbhst_data *, + krb5_error_code (*next)(krb5_context, struct krb5_krbhst_data *, krb5_krbhst_info **); int def_port; + const char *service; switch(type) { case KRB5_KRBHST_KDC: next = kdc_get_next; def_port = ntohs(krb5_getportbyname (context, "kerberos", "udp", 88)); + service = "kdc"; break; case KRB5_KRBHST_ADMIN: next = admin_get_next; def_port = ntohs(krb5_getportbyname (context, "kerberos-adm", "tcp", 749)); + service = "admin"; break; case KRB5_KRBHST_CHANGEPW: next = kpasswd_get_next; def_port = ntohs(krb5_getportbyname (context, "kpasswd", "udp", KPASSWD_PORT)); + service = "change_password"; break; case KRB5_KRBHST_KRB524: next = krb524_get_next; def_port = ntohs(krb5_getportbyname (context, "krb524", "udp", 4444)); + service = "524"; break; default: - krb5_set_error_string(context, "unknown krbhst type (%u)", type); + krb5_set_error_message(context, ENOTTY, + N_("unknown krbhst type (%u)", ""), type); return ENOTTY; } - if((kd = common_init(context, realm, flags)) == NULL) + if((kd = common_init(context, service, realm, flags)) == NULL) return ENOMEM; kd->get_next = next; kd->def_port = def_port; @@ -847,7 +957,7 @@ krb5_krbhst_init_flags(krb5_context context, * return the next host information from `handle' in `host' */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_next(krb5_context context, krb5_krbhst_handle handle, krb5_krbhst_info **host) @@ -863,7 +973,7 @@ krb5_krbhst_next(krb5_context context, * in `hostname' (or length `hostlen) */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_krbhst_next_as_string(krb5_context context, krb5_krbhst_handle handle, char *hostname, @@ -878,13 +988,13 @@ krb5_krbhst_next_as_string(krb5_context context, } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_krbhst_reset(krb5_context context, krb5_krbhst_handle handle) { handle->index = &handle->hosts; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_krbhst_free(krb5_context context, krb5_krbhst_handle handle) { krb5_krbhst_info *h, *next; @@ -904,7 +1014,7 @@ krb5_krbhst_free(krb5_context context, krb5_krbhst_handle handle) /* backwards compatibility ahead */ static krb5_error_code -gethostlist(krb5_context context, const char *realm, +gethostlist(krb5_context context, const char *realm, unsigned int type, char ***hostlist) { krb5_error_code ret; @@ -920,7 +1030,8 @@ gethostlist(krb5_context context, const char *realm, while(krb5_krbhst_next(context, handle, &hostinfo) == 0) nhost++; if(nhost == 0) { - krb5_set_error_string(context, "No KDC found for realm %s", realm); + krb5_set_error_message(context, KRB5_KDC_UNREACH, + N_("No KDC found for realm %s", ""), realm); return KRB5_KDC_UNREACH; } *hostlist = calloc(nhost + 1, sizeof(**hostlist)); @@ -931,7 +1042,7 @@ gethostlist(krb5_context context, const char *realm, krb5_krbhst_reset(context, handle); nhost = 0; - while(krb5_krbhst_next_as_string(context, handle, + while(krb5_krbhst_next_as_string(context, handle, host, sizeof(host)) == 0) { if(((*hostlist)[nhost++] = strdup(host)) == NULL) { krb5_free_krbhst(context, *hostlist); @@ -939,7 +1050,7 @@ gethostlist(krb5_context context, const char *realm, return ENOMEM; } } - (*hostlist)[nhost++] = NULL; + (*hostlist)[nhost] = NULL; krb5_krbhst_free(context, handle); return 0; } @@ -948,7 +1059,7 @@ gethostlist(krb5_context context, const char *realm, * return an malloced list of kadmin-hosts for `realm' in `hostlist' */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_krb_admin_hst (krb5_context context, const krb5_realm *realm, char ***hostlist) @@ -960,7 +1071,7 @@ krb5_get_krb_admin_hst (krb5_context context, * return an malloced list of changepw-hosts for `realm' in `hostlist' */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_krb_changepw_hst (krb5_context context, const krb5_realm *realm, char ***hostlist) @@ -972,7 +1083,7 @@ krb5_get_krb_changepw_hst (krb5_context context, * return an malloced list of 524-hosts for `realm' in `hostlist' */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_krb524hst (krb5_context context, const krb5_realm *realm, char ***hostlist) @@ -985,7 +1096,7 @@ krb5_get_krb524hst (krb5_context context, * return an malloced list of KDC's for `realm' in `hostlist' */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_krbhst (krb5_context context, const krb5_realm *realm, char ***hostlist) @@ -997,7 +1108,7 @@ krb5_get_krbhst (krb5_context context, * free all the memory allocated in `hostlist' */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_krbhst (krb5_context context, char **hostlist) { diff --git a/lib/krb5/kuserok.c b/lib/krb5/kuserok.c index 8f0ff996960d..2fe4e490aa41 100644 --- a/lib/krb5/kuserok.c +++ b/lib/krb5/kuserok.c @@ -1,62 +1,63 @@ /* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" #include -RCSID("$Id: kuserok.c 16048 2005-09-09 10:33:33Z lha $"); +#ifndef _WIN32 /* see if principal is mentioned in the filename access file, return TRUE (in result) if so, FALSE otherwise */ static krb5_error_code -check_one_file(krb5_context context, - const char *filename, +check_one_file(krb5_context context, + const char *filename, struct passwd *pwd, - krb5_principal principal, + krb5_principal principal, krb5_boolean *result) { FILE *f; char buf[BUFSIZ]; krb5_error_code ret; struct stat st; - + *result = FALSE; f = fopen (filename, "r"); if (f == NULL) return errno; - + rk_cloexec_file(f); + /* check type and mode of file */ if (fstat(fileno(f), &st) != 0) { fclose (f); @@ -105,10 +106,10 @@ check_one_file(krb5_context context, } static krb5_error_code -check_directory(krb5_context context, - const char *dirname, +check_directory(krb5_context context, + const char *dirname, struct passwd *pwd, - krb5_principal principal, + krb5_principal principal, krb5_boolean *result) { DIR *d; @@ -124,16 +125,15 @@ check_directory(krb5_context context, if (!S_ISDIR(st.st_mode)) return ENOTDIR; - + if (st.st_uid != pwd->pw_uid && st.st_uid != 0) return EACCES; if ((st.st_mode & (S_IWGRP | S_IWOTH)) != 0) return EACCES; - if((d = opendir(dirname)) == NULL) + if((d = opendir(dirname)) == NULL) return errno; -#ifdef HAVE_DIRFD { int fd; struct stat st2; @@ -148,7 +148,6 @@ check_directory(krb5_context context, return EACCES; } } -#endif while((dent = readdir(d)) != NULL) { if(strcmp(dent->d_name, ".") == 0 || @@ -166,6 +165,8 @@ check_directory(krb5_context context, return ret; } +#endif /* !_WIN32 */ + static krb5_boolean match_local_principals(krb5_context context, krb5_principal principal, @@ -174,7 +175,7 @@ match_local_principals(krb5_context context, krb5_error_code ret; krb5_realm *realms, *r; krb5_boolean result = FALSE; - + /* multi-component principals can never match */ if(krb5_principal_get_comp_string(context, principal, 1) != NULL) return FALSE; @@ -182,7 +183,7 @@ match_local_principals(krb5_context context, ret = krb5_get_default_realms (context, &realms); if (ret) return FALSE; - + for (r = realms; *r != NULL; ++r) { if(strcmp(krb5_principal_get_realm(context, principal), *r) != 0) @@ -198,17 +199,50 @@ match_local_principals(krb5_context context, } /** - * Return TRUE iff `principal' is allowed to login as `luser'. + * This function takes the name of a local user and checks if + * principal is allowed to log in as that user. + * + * The user may have a ~/.k5login file listing principals that are + * allowed to login as that user. If that file does not exist, all + * principals with a first component identical to the username, and a + * realm considered local, are allowed access. + * + * The .k5login file must contain one principal per line, be owned by + * user and not be writable by group or other (but must be readable by + * anyone). + * + * Note that if the file exists, no implicit access rights are given + * to user@@LOCALREALM. + * + * Optionally, a set of files may be put in ~/.k5login.d (a + * directory), in which case they will all be checked in the same + * manner as .k5login. The files may be called anything, but files + * starting with a hash (#) , or ending with a tilde (~) are + * ignored. Subdirectories are not traversed. Note that this directory + * may not be checked by other Kerberos implementations. + * + * If no configuration file exists, match user against local domains, + * ie luser@@LOCAL-REALMS-IN-CONFIGURATION-FILES. + * + * @param context Kerberos 5 context. + * @param principal principal to check if allowed to login + * @param luser local user id + * + * @return returns TRUE if access should be granted, FALSE otherwise. + * + * @ingroup krb5_support */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_kuserok (krb5_context context, krb5_principal principal, const char *luser) { +#ifndef _WIN32 char *buf; size_t buflen; - struct passwd *pwd; + struct passwd *pwd = NULL; + char *profile_dir = NULL; krb5_error_code ret; krb5_boolean result = FALSE; @@ -225,14 +259,15 @@ krb5_kuserok (krb5_context context, #endif if (pwd == NULL) return FALSE; + profile_dir = pwd->pw_dir; #define KLOGIN "/.k5login" - buflen = strlen(pwd->pw_dir) + sizeof(KLOGIN) + 2; /* 2 for .d */ + buflen = strlen(profile_dir) + sizeof(KLOGIN) + 2; /* 2 for .d */ buf = malloc(buflen); if(buf == NULL) return FALSE; /* check user's ~/.k5login */ - strlcpy(buf, pwd->pw_dir, buflen); + strlcpy(buf, profile_dir, buflen); strlcat(buf, KLOGIN, buflen); ret = check_one_file(context, buf, pwd, principal, &result); @@ -241,7 +276,7 @@ krb5_kuserok (krb5_context context, return TRUE; } - if(ret != ENOENT) + if(ret != ENOENT) found_file = TRUE; strlcat(buf, ".d", buflen); @@ -250,7 +285,7 @@ krb5_kuserok (krb5_context context, if(ret == 0 && result == TRUE) return TRUE; - if(ret != ENOENT && ret != ENOTDIR) + if(ret != ENOENT && ret != ENOTDIR) found_file = TRUE; /* finally if no files exist, allow all principals matching @@ -259,4 +294,10 @@ krb5_kuserok (krb5_context context, return match_local_principals(context, principal, luser); return FALSE; +#else + /* The .k5login file may be on a remote profile and we don't have + access to the profile until we have a token handle for the + user's credentials. */ + return match_local_principals(context, principal, luser); +#endif } diff --git a/lib/krb5/locate_plugin.h b/lib/krb5/locate_plugin.h index 251712c8940d..b1b1f0ef230e 100644 --- a/lib/krb5/locate_plugin.h +++ b/lib/krb5/locate_plugin.h @@ -1,42 +1,42 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: locate_plugin.h 18998 2006-11-12 19:00:03Z lha $ */ +/* $Id$ */ #ifndef HEIMDAL_KRB5_LOCATE_PLUGIN_H #define HEIMDAL_KRB5_LOCATE_PLUGIN_H 1 -#include +#define KRB5_PLUGIN_LOCATE "service_locator" enum locate_service_type { locate_service_kdc = 1, @@ -46,9 +46,9 @@ enum locate_service_type { locate_service_kpasswd }; -typedef krb5_error_code +typedef krb5_error_code (*krb5plugin_service_locate_lookup) (void *, enum locate_service_type, - const char *, int, int, + const char *, int, int, int (*)(void *,int,struct sockaddr *), void *); diff --git a/lib/krb5/log.c b/lib/krb5/log.c index c04f50fd9aa8..4b289afd807d 100644 --- a/lib/krb5/log.c +++ b/lib/krb5/log.c @@ -1,39 +1,40 @@ /* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" - -RCSID("$Id: log.c 19088 2006-11-21 08:08:46Z lha $"); +#include struct facility { int min; @@ -114,27 +115,29 @@ find_value(const char *s, struct s2i *table) return table->val; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_initlog(krb5_context context, const char *program, krb5_log_facility **fac) { krb5_log_facility *f = calloc(1, sizeof(*f)); if(f == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } f->program = strdup(program); if(f->program == NULL){ free(f); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } *fac = f; return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_addlog_func(krb5_context context, krb5_log_facility *fac, int min, @@ -145,7 +148,8 @@ krb5_addlog_func(krb5_context context, { struct facility *fp = log_realloc(fac); if(fp == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } fp->min = min; @@ -161,17 +165,17 @@ struct _heimdal_syslog_data{ int priority; }; -static void +static void KRB5_CALLCONV log_syslog(const char *timestr, const char *msg, void *data) - + { struct _heimdal_syslog_data *s = data; syslog(s->priority, "%s", msg); } -static void +static void KRB5_CALLCONV close_syslog(void *data) { free(data); @@ -187,7 +191,8 @@ open_syslog(krb5_context context, int i; if(sd == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } i = find_value(sev, syslogvals); @@ -210,24 +215,33 @@ struct file_data{ int keep_open; }; -static void +static void KRB5_CALLCONV log_file(const char *timestr, const char *msg, void *data) { struct file_data *f = data; + char *msgclean; + size_t len = strlen(msg); if(f->keep_open == 0) f->fd = fopen(f->filename, f->mode); if(f->fd == NULL) return; - fprintf(f->fd, "%s %s\n", timestr, msg); + /* make sure the log doesn't contain special chars */ + msgclean = malloc((len + 1) * 4); + if (msgclean == NULL) + goto out; + strvisx(msgclean, rk_UNCONST(msg), len, VIS_OCTAL); + fprintf(f->fd, "%s %s\n", timestr, msgclean); + free(msgclean); + out: if(f->keep_open == 0) { fclose(f->fd); f->fd = NULL; } } -static void +static void KRB5_CALLCONV close_file(void *data) { struct file_data *f = data; @@ -242,7 +256,8 @@ open_file(krb5_context context, krb5_log_facility *fac, int min, int max, { struct file_data *fd = malloc(sizeof(*fd)); if(fd == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } fd->filename = filename; @@ -255,7 +270,7 @@ open_file(krb5_context context, krb5_log_facility *fac, int min, int max, -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_addlog_dest(krb5_context context, krb5_log_facility *f, const char *orig) { krb5_error_code ret = 0; @@ -277,7 +292,8 @@ krb5_addlog_dest(krb5_context context, krb5_log_facility *f, const char *orig) if(n){ p = strchr(p, '/'); if(p == NULL) { - krb5_set_error_string (context, "failed to parse \"%s\"", orig); + krb5_set_error_message(context, HEIM_ERR_LOG_PARSE, + N_("failed to parse \"%s\"", ""), orig); return HEIM_ERR_LOG_PARSE; } p++; @@ -292,25 +308,29 @@ krb5_addlog_dest(krb5_context context, krb5_log_facility *f, const char *orig) int keep_open = 0; fn = strdup(p + 5); if(fn == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } if(p[4] == '='){ - int i = open(fn, O_WRONLY | O_CREAT | + int i = open(fn, O_WRONLY | O_CREAT | O_TRUNC | O_APPEND, 0666); if(i < 0) { ret = errno; - krb5_set_error_string (context, "open(%s): %s", fn, + krb5_set_error_message(context, ret, + N_("open(%s) logile: %s", ""), fn, strerror(ret)); free(fn); return ret; } + rk_cloexec(i); file = fdopen(i, "a"); if(file == NULL){ ret = errno; close(i); - krb5_set_error_string (context, "fdopen(%s): %s", fn, - strerror(ret)); + krb5_set_error_message(context, ret, + N_("fdopen(%s) logfile: %s", ""), + fn, strerror(ret)); free(fn); return ret; } @@ -333,14 +353,15 @@ krb5_addlog_dest(krb5_context context, krb5_log_facility *f, const char *orig) strlcpy(facility, "AUTH", sizeof(facility)); ret = open_syslog(context, f, min, max, severity, facility); }else{ - krb5_set_error_string (context, "unknown log type: %s", p); ret = HEIM_ERR_LOG_PARSE; /* XXX */ + krb5_set_error_message (context, ret, + N_("unknown log type: %s", ""), p); } return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_openlog(krb5_context context, const char *program, krb5_log_facility **fac) @@ -356,15 +377,15 @@ krb5_openlog(krb5_context context, if(p == NULL) p = krb5_config_get_strings(context, NULL, "logging", "default", NULL); if(p){ - for(q = p; *q; q++) + for(q = p; *q && ret == 0; q++) ret = krb5_addlog_dest(context, *fac, *q); krb5_config_free_strings(p); }else ret = krb5_addlog_dest(context, *fac, "SYSLOG"); - return 0; + return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_closelog(krb5_context context, krb5_log_facility *fac) { @@ -383,7 +404,7 @@ krb5_closelog(krb5_context context, #undef __attribute__ #define __attribute__(X) -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vlog_msg(krb5_context context, krb5_log_facility *fac, char **reply, @@ -392,7 +413,7 @@ krb5_vlog_msg(krb5_context context, va_list ap) __attribute__((format (printf, 5, 0))) { - + char *msg = NULL; const char *actual = NULL; char buf[64]; @@ -400,15 +421,15 @@ krb5_vlog_msg(krb5_context context, int i; for(i = 0; fac && i < fac->len; i++) - if(fac->val[i].min <= level && + if(fac->val[i].min <= level && (fac->val[i].max < 0 || fac->val[i].max >= level)) { if(t == 0) { t = time(NULL); krb5_format_time(context, t, buf, sizeof(buf), TRUE); } if(actual == NULL) { - vasprintf(&msg, fmt, ap); - if(msg == NULL) + int ret = vasprintf(&msg, fmt, ap); + if(ret < 0 || msg == NULL) actual = fmt; else actual = msg; @@ -422,7 +443,7 @@ krb5_vlog_msg(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vlog(krb5_context context, krb5_log_facility *fac, int level, @@ -433,7 +454,7 @@ krb5_vlog(krb5_context context, return krb5_vlog_msg(context, fac, NULL, level, fmt, ap); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_log_msg(krb5_context context, krb5_log_facility *fac, int level, @@ -452,7 +473,7 @@ krb5_log_msg(krb5_context context, } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_log(krb5_context context, krb5_log_facility *fac, int level, @@ -469,3 +490,27 @@ krb5_log(krb5_context context, return ret; } +void KRB5_LIB_FUNCTION +_krb5_debug(krb5_context context, + int level, + const char *fmt, + ...) + __attribute__((format (printf, 3, 4))) +{ + va_list ap; + + if (context == NULL || context->debug_dest == NULL) + return; + + va_start(ap, fmt); + krb5_vlog(context, context->debug_dest, level, fmt, ap); + va_end(ap); +} + +krb5_boolean KRB5_LIB_FUNCTION +_krb5_have_debug(krb5_context context, int level) +{ + if (context == NULL || context->debug_dest == NULL) + return 0 ; + return 1; +} diff --git a/lib/krb5/mcache.c b/lib/krb5/mcache.c index 01bcb09d3bea..e4b90c17e7b2 100644 --- a/lib/krb5/mcache.c +++ b/lib/krb5/mcache.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: mcache.c 22107 2007-12-03 17:22:51Z lha $"); - typedef struct krb5_mcache { char *name; unsigned int refcnt; @@ -45,6 +45,8 @@ typedef struct krb5_mcache { struct link *next; } *creds; struct krb5_mcache *next; + time_t mtime; + krb5_deltat kdc_offset; } krb5_mcache; static HEIMDAL_MUTEX mcc_mutex = HEIMDAL_MUTEX_INITIALIZER; @@ -54,26 +56,27 @@ static struct krb5_mcache *mcc_head; #define MISDEAD(X) ((X)->dead) -static const char* +static const char* KRB5_CALLCONV mcc_get_name(krb5_context context, krb5_ccache id) { return MCACHE(id)->name; } -static krb5_mcache * +static krb5_mcache * KRB5_CALLCONV mcc_alloc(const char *name) { krb5_mcache *m, *m_c; + int ret = 0; ALLOC(m, 1); if(m == NULL) return NULL; if(name == NULL) - asprintf(&m->name, "%p", m); + ret = asprintf(&m->name, "%p", m); else m->name = strdup(name); - if(m->name == NULL) { + if(ret < 0 || m->name == NULL) { free(m); return NULL; } @@ -93,13 +96,15 @@ mcc_alloc(const char *name) m->refcnt = 1; m->primary_principal = NULL; m->creds = NULL; + m->mtime = time(NULL); + m->kdc_offset = 0; m->next = mcc_head; mcc_head = m; HEIMDAL_MUTEX_unlock(&mcc_mutex); return m; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_resolve(krb5_context context, krb5_ccache *id, const char *res) { krb5_mcache *m; @@ -119,10 +124,11 @@ mcc_resolve(krb5_context context, krb5_ccache *id, const char *res) m = mcc_alloc(res); if (m == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); return KRB5_CC_NOMEM; } - + (*id)->data.data = m; (*id)->data.length = sizeof(*m); @@ -130,7 +136,7 @@ mcc_resolve(krb5_context context, krb5_ccache *id, const char *res) } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_gen_new(krb5_context context, krb5_ccache *id) { krb5_mcache *m; @@ -138,7 +144,8 @@ mcc_gen_new(krb5_context context, krb5_ccache *id) m = mcc_alloc(NULL); if (m == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); return KRB5_CC_NOMEM; } @@ -148,13 +155,14 @@ mcc_gen_new(krb5_context context, krb5_ccache *id) return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_initialize(krb5_context context, krb5_ccache id, krb5_principal primary_principal) { krb5_mcache *m = MCACHE(id); m->dead = 0; + m->mtime = time(NULL); return krb5_copy_principal (context, primary_principal, &m->primary_principal); @@ -173,7 +181,7 @@ mcc_close_internal(krb5_mcache *m) return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_close(krb5_context context, krb5_ccache id) { @@ -182,7 +190,7 @@ mcc_close(krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_destroy(krb5_context context, krb5_ccache id) { @@ -212,7 +220,7 @@ mcc_destroy(krb5_context context, l = m->creds; while (l != NULL) { struct link *old; - + krb5_free_cred_contents (context, &l->cred); old = l; l = l->next; @@ -223,7 +231,7 @@ mcc_destroy(krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_store_cred(krb5_context context, krb5_ccache id, krb5_creds *creds) @@ -237,7 +245,8 @@ mcc_store_cred(krb5_context context, l = malloc (sizeof(*l)); if (l == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); return KRB5_CC_NOMEM; } l->next = m->creds; @@ -249,10 +258,11 @@ mcc_store_cred(krb5_context context, free (l); return ret; } + m->mtime = time(NULL); return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_get_principal(krb5_context context, krb5_ccache id, krb5_principal *principal) @@ -266,7 +276,7 @@ mcc_get_principal(krb5_context context, principal); } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_get_first (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor) @@ -280,7 +290,7 @@ mcc_get_first (krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_get_next (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor, @@ -302,7 +312,7 @@ mcc_get_next (krb5_context context, return KRB5_CC_END; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_end_get (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor) @@ -310,7 +320,7 @@ mcc_end_get (krb5_context context, return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_remove_cred(krb5_context context, krb5_ccache id, krb5_flags which, @@ -323,34 +333,36 @@ mcc_remove_cred(krb5_context context, *q = p->next; krb5_free_cred_contents(context, &p->cred); free(p); + m->mtime = time(NULL); } else q = &p->next; } return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_set_flags(krb5_context context, krb5_ccache id, krb5_flags flags) { return 0; /* XXX */ } - + struct mcache_iter { krb5_mcache *cache; }; -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_get_cache_first(krb5_context context, krb5_cc_cursor *cursor) { struct mcache_iter *iter; iter = calloc(1, sizeof(*iter)); if (iter == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; - } + } HEIMDAL_MUTEX_lock(&mcc_mutex); iter->cache = mcc_head; @@ -362,7 +374,7 @@ mcc_get_cache_first(krb5_context context, krb5_cc_cursor *cursor) return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_get_cache_next(krb5_context context, krb5_cc_cursor cursor, krb5_ccache *id) { struct mcache_iter *iter = cursor; @@ -389,7 +401,7 @@ mcc_get_cache_next(krb5_context context, krb5_cc_cursor cursor, krb5_ccache *id) return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_end_cache_get(krb5_context context, krb5_cc_cursor cursor) { struct mcache_iter *iter = cursor; @@ -401,7 +413,7 @@ mcc_end_cache_get(krb5_context context, krb5_cc_cursor cursor) return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_move(krb5_context context, krb5_ccache from, krb5_ccache to) { krb5_mcache *mfrom = MCACHE(from), *mto = MCACHE(to); @@ -428,23 +440,49 @@ mcc_move(krb5_context context, krb5_ccache from, krb5_ccache to) mto->primary_principal = mfrom->primary_principal; mfrom->primary_principal = principal; + mto->mtime = mfrom->mtime = time(NULL); + HEIMDAL_MUTEX_unlock(&mcc_mutex); mcc_destroy(context, from); return 0; } -static krb5_error_code +static krb5_error_code KRB5_CALLCONV mcc_default_name(krb5_context context, char **str) { *str = strdup("MEMORY:"); if (*str == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } return 0; } +static krb5_error_code KRB5_CALLCONV +mcc_lastchange(krb5_context context, krb5_ccache id, krb5_timestamp *mtime) +{ + *mtime = MCACHE(id)->mtime; + return 0; +} + +static krb5_error_code KRB5_CALLCONV +mcc_set_kdc_offset(krb5_context context, krb5_ccache id, krb5_deltat kdc_offset) +{ + krb5_mcache *m = MCACHE(id); + m->kdc_offset = kdc_offset; + return 0; +} + +static krb5_error_code KRB5_CALLCONV +mcc_get_kdc_offset(krb5_context context, krb5_ccache id, krb5_deltat *kdc_offset) +{ + krb5_mcache *m = MCACHE(id); + *kdc_offset = m->kdc_offset; + return 0; +} + /** * Variable containing the MEMORY based credential cache implemention. @@ -452,7 +490,8 @@ mcc_default_name(krb5_context context, char **str) * @ingroup krb5_ccache */ -const krb5_cc_ops krb5_mcc_ops = { +KRB5_LIB_VARIABLE const krb5_cc_ops krb5_mcc_ops = { + KRB5_CC_OPS_VERSION, "MEMORY", mcc_get_name, mcc_resolve, @@ -473,5 +512,9 @@ const krb5_cc_ops krb5_mcc_ops = { mcc_get_cache_next, mcc_end_cache_get, mcc_move, - mcc_default_name + mcc_default_name, + NULL, + mcc_lastchange, + mcc_set_kdc_offset, + mcc_get_kdc_offset }; diff --git a/lib/krb5/misc.c b/lib/krb5/misc.c index 8050bdb9b467..ac6720c4e992 100644 --- a/lib/krb5/misc.c +++ b/lib/krb5/misc.c @@ -1,54 +1,55 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" +#ifdef HAVE_EXECINFO_H +#include +#endif -RCSID("$Id: misc.c 21174 2007-06-19 10:10:58Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_s4u2self_to_checksumdata(krb5_context context, - const PA_S4U2Self *self, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_s4u2self_to_checksumdata(krb5_context context, + const PA_S4U2Self *self, krb5_data *data) { krb5_error_code ret; krb5_ssize_t ssize; krb5_storage *sp; size_t size; - int i; + size_t i; sp = krb5_storage_emem(); if (sp == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ENOMEM; } krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); @@ -58,20 +59,20 @@ _krb5_s4u2self_to_checksumdata(krb5_context context, for (i = 0; i < self->name.name_string.len; i++) { size = strlen(self->name.name_string.val[i]); ssize = krb5_storage_write(sp, self->name.name_string.val[i], size); - if (ssize != size) { + if (ssize != (krb5_ssize_t)size) { ret = ENOMEM; goto out; } } size = strlen(self->realm); ssize = krb5_storage_write(sp, self->realm, size); - if (ssize != size) { + if (ssize != (krb5_ssize_t)size) { ret = ENOMEM; goto out; } size = strlen(self->auth); ssize = krb5_storage_write(sp, self->auth, size); - if (ssize != size) { + if (ssize != (krb5_ssize_t)size) { ret = ENOMEM; goto out; } @@ -81,6 +82,47 @@ _krb5_s4u2self_to_checksumdata(krb5_context context, return ret; out: - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } + +krb5_error_code +krb5_enomem(krb5_context context) +{ + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; +} + +void +_krb5_debug_backtrace(krb5_context context) +{ +#if defined(HAVE_BACKTRACE) && !defined(HEIMDAL_SMALLER) + void *stack[128]; + char **strs = NULL; + int i, frames = backtrace(stack, sizeof(stack) / sizeof(stack[0])); + if (frames > 0) + strs = backtrace_symbols(stack, frames); + if (strs) { + for (i = 0; i < frames; i++) + _krb5_debug(context, 10, "frame %d: %s", i, strs[i]); + free(strs); + } +#endif +} + +krb5_error_code +_krb5_einval(krb5_context context, const char *func, unsigned long argn) +{ +#ifndef HEIMDAL_SMALLER + krb5_set_error_message(context, EINVAL, + N_("programmer error: invalid argument to %s argument %lu", + "function:line"), + func, argn); + if (_krb5_have_debug(context, 10)) { + _krb5_debug(context, 10, "invalid argument to function %s argument %lu", + func, argn); + _krb5_debug_backtrace(context); + } +#endif + return EINVAL; +} diff --git a/lib/krb5/mit_glue.c b/lib/krb5/mit_glue.c index 7440d5476279..16c230a11f96 100644 --- a/lib/krb5/mit_glue.c +++ b/lib/krb5/mit_glue.c @@ -1,49 +1,50 @@ /* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: mit_glue.c 20042 2007-01-23 20:37:43Z lha $"); + +#ifndef HEIMDAL_SMALLER /* * Glue for MIT API */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_make_checksum(krb5_context context, - krb5_cksumtype cksumtype, - const krb5_keyblock *key, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_c_make_checksum(krb5_context context, + krb5_cksumtype cksumtype, + const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *input, + const krb5_data *input, krb5_checksum *cksum) { krb5_error_code ret; @@ -60,7 +61,7 @@ krb5_c_make_checksum(krb5_context context, return ret ; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key, krb5_keyusage usage, const krb5_data *data, const krb5_checksum *cksum, krb5_boolean *valid) @@ -76,8 +77,7 @@ krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key, return ret; if (data_cksum.cksumtype == cksum->cksumtype - && data_cksum.checksum.length == cksum->checksum.length - && memcmp(data_cksum.checksum.data, cksum->checksum.data, cksum->checksum.length) == 0) + && krb5_data_ct_cmp(&data_cksum.checksum, &cksum->checksum) == 0) *valid = 1; krb5_free_checksum_contents(context, &data_cksum); @@ -85,7 +85,7 @@ krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_get_checksum(krb5_context context, const krb5_checksum *cksum, krb5_cksumtype *type, krb5_data **data) { @@ -108,7 +108,7 @@ krb5_c_get_checksum(krb5_context context, const krb5_checksum *cksum, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_set_checksum(krb5_context context, krb5_checksum *cksum, krb5_cksumtype type, const krb5_data *data) { @@ -116,51 +116,51 @@ krb5_c_set_checksum(krb5_context context, krb5_checksum *cksum, return der_copy_octet_string(data, &cksum->checksum); } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_checksum (krb5_context context, krb5_checksum *cksum) { krb5_checksum_free(context, cksum); free(cksum); } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_checksum_contents(krb5_context context, krb5_checksum *cksum) { krb5_checksum_free(context, cksum); memset(cksum, 0, sizeof(*cksum)); } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_checksum_free(krb5_context context, krb5_checksum *cksum) { free_Checksum(cksum); } -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_c_valid_enctype (krb5_enctype etype) { - return krb5_enctype_valid(NULL, etype); + return !krb5_enctype_valid(NULL, etype); } -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_c_valid_cksumtype(krb5_cksumtype ctype) { return krb5_cksumtype_valid(NULL, ctype); } -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_c_is_coll_proof_cksum(krb5_cksumtype ctype) { return krb5_checksum_is_collision_proof(NULL, ctype); } -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_c_is_keyed_cksum(krb5_cksumtype ctype) { return krb5_checksum_is_keyed(NULL, ctype); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_checksum (krb5_context context, const krb5_checksum *old, krb5_checksum **new) @@ -171,16 +171,16 @@ krb5_copy_checksum (krb5_context context, return copy_Checksum(old, *new); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_checksum_length (krb5_context context, krb5_cksumtype cksumtype, size_t *length) { return krb5_checksumsize(context, cksumtype, length); } -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_block_size(krb5_context context, - krb5_enctype enctype, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_c_block_size(krb5_context context, + krb5_enctype enctype, size_t *blocksize) { krb5_error_code ret; @@ -201,12 +201,12 @@ krb5_c_block_size(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_decrypt(krb5_context context, - const krb5_keyblock key, - krb5_keyusage usage, - const krb5_data *ivec, - krb5_enc_data *input, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_c_decrypt(krb5_context context, + const krb5_keyblock key, + krb5_keyusage usage, + const krb5_data *ivec, + krb5_enc_data *input, krb5_data *output) { krb5_error_code ret; @@ -224,16 +224,16 @@ krb5_c_decrypt(krb5_context context, krb5_crypto_destroy(context, crypto); return ret; } - + if (blocksize > ivec->length) { krb5_crypto_destroy(context, crypto); return KRB5_BAD_MSIZE; } } - ret = krb5_decrypt_ivec(context, crypto, usage, - input->ciphertext.data, input->ciphertext.length, - output, + ret = krb5_decrypt_ivec(context, crypto, usage, + input->ciphertext.data, input->ciphertext.length, + output, ivec ? ivec->data : NULL); krb5_crypto_destroy(context, crypto); @@ -241,11 +241,11 @@ krb5_c_decrypt(krb5_context context, return ret ; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_encrypt(krb5_context context, - const krb5_keyblock *key, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_c_encrypt(krb5_context context, + const krb5_keyblock *key, krb5_keyusage usage, - const krb5_data *ivec, + const krb5_data *ivec, const krb5_data *input, krb5_enc_data *output) { @@ -271,9 +271,9 @@ krb5_c_encrypt(krb5_context context, } } - ret = krb5_encrypt_ivec(context, crypto, usage, - input->data, input->length, - &output->ciphertext, + ret = krb5_encrypt_ivec(context, crypto, usage, + input->data, input->length, + &output->ciphertext, ivec ? ivec->data : NULL); output->kvno = 0; krb5_crypto_getenctype(context, crypto, &output->enctype); @@ -283,9 +283,9 @@ krb5_c_encrypt(krb5_context context, return ret ; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_encrypt_length(krb5_context context, - krb5_enctype enctype, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_c_encrypt_length(krb5_context context, + krb5_enctype enctype, size_t inputlen, size_t *length) { @@ -308,25 +308,32 @@ krb5_c_encrypt_length(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_enctype_compare(krb5_context context, +/** + * Deprecated: keytypes doesn't exists, they are really enctypes. + * + * @ingroup krb5_deprecated + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_c_enctype_compare(krb5_context context, krb5_enctype e1, - krb5_enctype e2, + krb5_enctype e2, krb5_boolean *similar) + KRB5_DEPRECATED_FUNCTION("Use X instead") { - *similar = krb5_enctypes_compatible_keys(context, e1, e2); + *similar = (e1 == e2); return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_make_random_key(krb5_context context, - krb5_enctype enctype, + krb5_enctype enctype, krb5_keyblock *random_key) { return krb5_generate_random_keyblock(context, enctype, random_key); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_keylengths(krb5_context context, krb5_enctype enctype, size_t *ilen, @@ -341,7 +348,7 @@ krb5_c_keylengths(krb5_context context, return krb5_enctype_keysize(context, enctype, keylen); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_prf_length(krb5_context context, krb5_enctype type, size_t *length) @@ -349,10 +356,10 @@ krb5_c_prf_length(krb5_context context, return krb5_crypto_prf_length(context, type, length); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_c_prf(krb5_context context, const krb5_keyblock *key, - const krb5_data *input, + const krb5_data *input, krb5_data *output) { krb5_crypto crypto; @@ -367,3 +374,59 @@ krb5_c_prf(krb5_context context, return ret; } + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_c_random_make_octets(krb5_context context, krb5_data * data) +{ + return krb5_generate_random_keyblock(context, data->length, data->data); +} + +/** + * MIT compat glue + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_cc_copy_creds(krb5_context context, + const krb5_ccache from, + krb5_ccache to) +{ + return krb5_cc_copy_cache(context, from, to); +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_auth_con_getsendsubkey(krb5_context context, krb5_auth_context auth_context, + krb5_keyblock **keyblock) +{ + return krb5_auth_con_getlocalsubkey(context, auth_context, keyblock); +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_auth_con_getrecvsubkey(krb5_context context, krb5_auth_context auth_context, + krb5_keyblock **keyblock) +{ + return krb5_auth_con_getremotesubkey(context, auth_context, keyblock); +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_auth_con_setsendsubkey(krb5_context context, krb5_auth_context auth_context, + krb5_keyblock *keyblock) +{ + return krb5_auth_con_setlocalsubkey(context, auth_context, keyblock); +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_auth_con_setrecvsubkey(krb5_context context, krb5_auth_context auth_context, + krb5_keyblock *keyblock) +{ + return krb5_auth_con_setremotesubkey(context, auth_context, keyblock); +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_free_default_realm(krb5_context context, krb5_realm realm) +{ + return krb5_xfree(realm); +} + +#endif /* HEIMDAL_SMALLER */ diff --git a/lib/krb5/mk_error.c b/lib/krb5/mk_error.c index 704664993435..5fee1d6bed63 100644 --- a/lib/krb5/mk_error.c +++ b/lib/krb5/mk_error.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: mk_error.c 15457 2005-06-16 21:16:40Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_error(krb5_context context, krb5_error_code error_code, const char *e_text, @@ -46,10 +44,11 @@ krb5_mk_error(krb5_context context, int *client_usec, krb5_data *reply) { + const char *e_text2 = NULL; KRB_ERROR msg; krb5_timestamp sec; int32_t usec; - size_t len; + size_t len = 0; krb5_error_code ret = 0; krb5_us_timeofday (context, &sec, &usec); @@ -64,7 +63,7 @@ krb5_mk_error(krb5_context context, /* Make sure we only send `protocol' error codes */ if(error_code < KRB5KDC_ERR_NONE || error_code >= KRB5_ERR_RCSID) { if(e_text == NULL) - e_text = krb5_get_err_text(context, error_code); + e_text = e_text2 = krb5_get_error_message(context, error_code); error_code = KRB5KRB_ERR_GENERIC; } msg.error_code = error_code - KRB5KDC_ERR_NONE; @@ -76,7 +75,8 @@ krb5_mk_error(krb5_context context, msg.realm = server->realm; msg.sname = server->name; }else{ - msg.realm = ""; + static char unspec[] = ""; + msg.realm = unspec; } if(client){ msg.crealm = &client->realm; @@ -84,6 +84,8 @@ krb5_mk_error(krb5_context context, } ASN1_MALLOC_ENCODE(KRB_ERROR, reply->data, reply->length, &msg, &len, ret); + if (e_text2) + krb5_free_error_message(context, e_text2); if (ret) return ret; if(reply->length != len) diff --git a/lib/krb5/mk_priv.c b/lib/krb5/mk_priv.c index 87e429af8cba..dede6d2fa4dc 100644 --- a/lib/krb5/mk_priv.c +++ b/lib/krb5/mk_priv.c @@ -1,42 +1,39 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" -RCSID("$Id: mk_priv.c 16680 2006-02-01 12:39:26Z lha $"); - - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_priv(krb5_context context, krb5_auth_context auth_context, const krb5_data *userdata, @@ -48,12 +45,12 @@ krb5_mk_priv(krb5_context context, EncKrbPrivPart part; u_char *buf = NULL; size_t buf_size; - size_t len; + size_t len = 0; krb5_crypto crypto; krb5_keyblock *key; krb5_replay_data rdata; - if ((auth_context->flags & + if ((auth_context->flags & (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && outdata == NULL) return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */ @@ -92,7 +89,7 @@ krb5_mk_priv(krb5_context context, if (auth_context->flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE) outdata->seq = auth_context->local_seqnumber; - + part.s_address = auth_context->local_address; part.r_address = auth_context->remote_address; @@ -114,10 +111,10 @@ krb5_mk_priv(krb5_context context, free (buf); return ret; } - ret = krb5_encrypt (context, + ret = krb5_encrypt (context, crypto, KRB5_KU_KRB_PRIV, - buf + buf_size - len, + buf + buf_size - len, len, &s.enc_part.cipher); krb5_crypto_destroy(context, crypto); @@ -138,7 +135,8 @@ krb5_mk_priv(krb5_context context, ret = krb5_data_copy(outbuf, buf + buf_size - len, len); if (ret) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); free(buf); return ENOMEM; } diff --git a/lib/krb5/mk_rep.c b/lib/krb5/mk_rep.c index 570a83720132..84c315291c1a 100644 --- a/lib/krb5/mk_rep.c +++ b/lib/krb5/mk_rep.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" -RCSID("$Id: mk_rep.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_rep(krb5_context context, krb5_auth_context auth_context, krb5_data *outbuf) @@ -45,7 +43,7 @@ krb5_mk_rep(krb5_context context, EncAPRepPart body; u_char *buf = NULL; size_t buf_size; - size_t len; + size_t len = 0; krb5_crypto crypto; ap.pvno = 5; @@ -61,8 +59,6 @@ krb5_mk_rep(krb5_context context, auth_context, auth_context->keyblock); if(ret) { - krb5_set_error_string (context, - "krb5_mk_rep: generating subkey"); free_EncAPRepPart(&body); return ret; } @@ -70,21 +66,21 @@ krb5_mk_rep(krb5_context context, ret = krb5_copy_keyblock(context, auth_context->local_subkey, &body.subkey); if (ret) { - krb5_set_error_string (context, - "krb5_copy_keyblock: out of memory"); free_EncAPRepPart(&body); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } } else body.subkey = NULL; if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { - if(auth_context->local_seqnumber == 0) + if(auth_context->local_seqnumber == 0) krb5_generate_seq_number (context, auth_context->keyblock, &auth_context->local_seqnumber); ALLOC(body.seq_number, 1); if (body.seq_number == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); free_EncAPRepPart(&body); return ENOMEM; } @@ -101,7 +97,7 @@ krb5_mk_rep(krb5_context context, return ret; if (buf_size != len) krb5_abortx(context, "internal error in ASN.1 encoder"); - ret = krb5_crypto_init(context, auth_context->keyblock, + ret = krb5_crypto_init(context, auth_context->keyblock, 0 /* ap.enc_part.etype */, &crypto); if (ret) { free (buf); @@ -110,7 +106,7 @@ krb5_mk_rep(krb5_context context, ret = krb5_encrypt (context, crypto, KRB5_KU_AP_REQ_ENC_PART, - buf + buf_size - len, + buf + buf_size - len, len, &ap.enc_part.cipher); krb5_crypto_destroy(context, crypto); diff --git a/lib/krb5/mk_req.c b/lib/krb5/mk_req.c index 5f64f01e9560..44e6c8b68a15 100644 --- a/lib/krb5/mk_req.c +++ b/lib/krb5/mk_req.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" -RCSID("$Id: mk_req.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_req_exact(krb5_context context, krb5_auth_context *auth_context, const krb5_flags ap_req_options, @@ -50,7 +48,7 @@ krb5_mk_req_exact(krb5_context context, memset(&this_cred, 0, sizeof(this_cred)); ret = krb5_cc_get_principal(context, ccache, &this_cred.client); - + if(ret) return ret; @@ -79,7 +77,7 @@ krb5_mk_req_exact(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_req(krb5_context context, krb5_auth_context *auth_context, const krb5_flags ap_req_options, diff --git a/lib/krb5/mk_req_ext.c b/lib/krb5/mk_req_ext.c index b6d55c8815ac..af68e4e19530 100644 --- a/lib/krb5/mk_req_ext.c +++ b/lib/krb5/mk_req_ext.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include - -RCSID("$Id: mk_req_ext.c 19511 2006-12-27 12:07:22Z lha $"); +#include "krb5_locl.h" krb5_error_code _krb5_mk_req_internal(krb5_context context, @@ -61,10 +59,10 @@ _krb5_mk_req_internal(krb5_context context, ret = krb5_auth_con_init(context, &ac); if(ret) return ret; - + if(ac->local_subkey == NULL && (ap_req_options & AP_OPTS_USE_SUBKEY)) { ret = krb5_auth_con_generatelocalsubkey(context, - ac, + ac, &in_creds->session); if(ret) goto out; @@ -74,7 +72,7 @@ _krb5_mk_req_internal(krb5_context context, ret = krb5_copy_keyblock(context, &in_creds->session, &ac->keyblock); if (ret) goto out; - + /* it's unclear what type of checksum we can use. try the best one, except: * a) if it's configured differently for the current realm, or * b) if the session key is des-cbc-crc @@ -83,7 +81,7 @@ _krb5_mk_req_internal(krb5_context context, if (in_data) { if(ac->keyblock->keytype == ETYPE_DES_CBC_CRC) { /* this is to make DCE secd (and older MIT kdcs?) happy */ - ret = krb5_create_checksum(context, + ret = krb5_create_checksum(context, NULL, 0, CKSUMTYPE_RSA_MD4, @@ -94,8 +92,8 @@ _krb5_mk_req_internal(krb5_context context, ac->keyblock->keytype == ETYPE_ARCFOUR_HMAC_MD5_56 || ac->keyblock->keytype == ETYPE_DES_CBC_MD4 || ac->keyblock->keytype == ETYPE_DES_CBC_MD5) { - /* this is to make MS kdc happy */ - ret = krb5_create_checksum(context, + /* this is to make MS kdc happy */ + ret = krb5_create_checksum(context, NULL, 0, CKSUMTYPE_RSA_MD5, @@ -108,7 +106,7 @@ _krb5_mk_req_internal(krb5_context context, ret = krb5_crypto_init(context, ac->keyblock, 0, &crypto); if (ret) goto out; - ret = krb5_create_checksum(context, + ret = krb5_create_checksum(context, crypto, checksum_usage, 0, @@ -124,13 +122,12 @@ _krb5_mk_req_internal(krb5_context context, if (ret) goto out; - - ret = krb5_build_authenticator (context, + + ret = _krb5_build_authenticator(context, ac, ac->keyblock->keytype, in_creds, c_opt, - NULL, &authenticator, encrypt_usage); if (c_opt) @@ -138,7 +135,7 @@ _krb5_mk_req_internal(krb5_context context, if (ret) goto out; - ret = krb5_build_ap_req (context, ac->keyblock->keytype, + ret = krb5_build_ap_req (context, ac->keyblock->keytype, in_creds, ap_req_options, authenticator, outbuf); out: if(auth_context == NULL) @@ -146,7 +143,7 @@ _krb5_mk_req_internal(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_req_extended(krb5_context context, krb5_auth_context *auth_context, const krb5_flags ap_req_options, diff --git a/lib/krb5/mk_safe.c b/lib/krb5/mk_safe.c index 0b75759a5f65..b327e1ce72f6 100644 --- a/lib/krb5/mk_safe.c +++ b/lib/krb5/mk_safe.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" -RCSID("$Id: mk_safe.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_mk_safe(krb5_context context, krb5_auth_context auth_context, const krb5_data *userdata, @@ -46,12 +44,12 @@ krb5_mk_safe(krb5_context context, KRB_SAFE s; u_char *buf = NULL; size_t buf_size; - size_t len; + size_t len = 0; krb5_crypto crypto; krb5_keyblock *key; krb5_replay_data rdata; - if ((auth_context->flags & + if ((auth_context->flags & (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && outdata == NULL) return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */ @@ -79,7 +77,7 @@ krb5_mk_safe(krb5_context context, s.safe_body.timestamp = NULL; s.safe_body.usec = NULL; } - + if (auth_context->flags & KRB5_AUTH_CONTEXT_RET_TIME) { outdata->timestamp = rdata.timestamp; outdata->usec = rdata.usec; @@ -88,12 +86,12 @@ krb5_mk_safe(krb5_context context, if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { rdata.seq = auth_context->local_seqnumber; s.safe_body.seq_number = &rdata.seq; - } else + } else s.safe_body.seq_number = NULL; if (auth_context->flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE) outdata->seq = auth_context->local_seqnumber; - + s.safe_body.s_address = auth_context->local_address; s.safe_body.r_address = auth_context->remote_address; @@ -111,7 +109,7 @@ krb5_mk_safe(krb5_context context, free (buf); return ret; } - ret = krb5_create_checksum(context, + ret = krb5_create_checksum(context, crypto, KRB5_KU_KRB_SAFE_CKSUM, 0, diff --git a/lib/krb5/n-fold-test.c b/lib/krb5/n-fold-test.c index 248e232c0569..452964522be8 100644 --- a/lib/krb5/n-fold-test.c +++ b/lib/krb5/n-fold-test.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,8 +32,6 @@ #include "krb5_locl.h" -RCSID("$Id: n-fold-test.c 21745 2007-07-31 16:11:25Z lha $"); - enum { MAXSIZE = 24 }; static struct testcase { diff --git a/lib/krb5/n-fold.c b/lib/krb5/n-fold.c index 53528cfd1f78..2e6092c5ca80 100644 --- a/lib/krb5/n-fold.c +++ b/lib/krb5/n-fold.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,8 +32,6 @@ #include "krb5_locl.h" -RCSID("$Id: n-fold.c 22190 2007-12-06 16:24:22Z lha $"); - static krb5_error_code rr13(unsigned char *buf, size_t len) { @@ -45,7 +43,7 @@ rr13(unsigned char *buf, size_t len) { const int bits = 13 % len; const int lbit = len % 8; - + tmp = malloc(bytes); if (tmp == NULL) return ENOMEM; @@ -66,11 +64,11 @@ rr13(unsigned char *buf, size_t len) /* byte offset and shift count */ b1 = bb / 8; s1 = bb % 8; - - if(bb + 8 > bytes * 8) + + if(bb + 8 > bytes * 8) /* watch for wraparound */ s2 = (len + 8 - s1) % 8; - else + else s2 = 8 - s1; b2 = (b1 + 1) % bytes; buf[i] = (tmp[b1] << s1) | (tmp[b2] >> s2); @@ -98,7 +96,7 @@ add1(unsigned char *a, unsigned char *b, size_t len) } } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_n_fold(const void *str, size_t len, void *key, size_t size) { /* if len < size we need at most N * len bytes, ie < 2 * size; @@ -108,9 +106,11 @@ _krb5_n_fold(const void *str, size_t len, void *key, size_t size) size_t l = 0; unsigned char *tmp = malloc(maxlen); unsigned char *buf = malloc(len); - - if (tmp == NULL || buf == NULL) - return ENOMEM; + + if (tmp == NULL || buf == NULL) { + ret = ENOMEM; + goto out; + } memcpy(buf, str, len); memset(key, 0, size); @@ -129,9 +129,13 @@ _krb5_n_fold(const void *str, size_t len, void *key, size_t size) } } while(l != 0); out: - memset(buf, 0, len); - free(buf); - memset(tmp, 0, maxlen); - free(tmp); + if (buf) { + memset(buf, 0, len); + free(buf); + } + if (tmp) { + memset(tmp, 0, maxlen); + free(tmp); + } return ret; } diff --git a/lib/krb5/name-45-test.c b/lib/krb5/name-45-test.c deleted file mode 100644 index 0bb05f5531a5..000000000000 --- a/lib/krb5/name-45-test.c +++ /dev/null @@ -1,294 +0,0 @@ -/* - * Copyright (c) 2002 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: name-45-test.c 19763 2007-01-08 13:35:49Z lha $"); - -enum { MAX_COMPONENTS = 3 }; - -static struct testcase { - const char *v4_name; - const char *v4_inst; - const char *v4_realm; - - krb5_realm v5_realm; - unsigned ncomponents; - char *comp_val[MAX_COMPONENTS]; - - const char *config_file; - krb5_error_code ret; /* expected error code from 524 */ - - krb5_error_code ret2; /* expected error code from 425 */ -} tests[] = { - {"", "", "", "", 1, {""}, NULL, 0, 0}, - {"a", "", "", "", 1, {"a"}, NULL, 0, 0}, - {"a", "b", "", "", 2, {"a", "b"}, NULL, 0, 0}, - {"a", "b", "c", "c", 2, {"a", "b"}, NULL, 0, 0}, - - {"krbtgt", "FOO.SE", "FOO.SE", "FOO.SE", 2, - {"krbtgt", "FOO.SE"}, NULL, 0, 0}, - - {"foo", "bar2", "BAZ", "BAZ", 2, - {"foo", "bar2"}, NULL, 0, 0}, - {"foo", "bar2", "BAZ", "BAZ", 2, - {"foo", "bar2"}, - "[libdefaults]\n" - " v4_name_convert = {\n" - " host = {\n" - " foo = foo5\n" - " }\n" - "}\n", - HEIM_ERR_V4_PRINC_NO_CONV, 0}, - {"foo", "bar2", "BAZ", "BAZ", 2, - {"foo5", "bar2.baz"}, - "[realms]\n" - " BAZ = {\n" - " v4_name_convert = {\n" - " host = {\n" - " foo = foo5\n" - " }\n" - " }\n" - " v4_instance_convert = {\n" - " bar2 = bar2.baz\n" - " }\n" - " }\n", - 0, 0}, - - {"rcmd", "foo", "realm", "realm", 2, {"host", "foo"}, NULL, - HEIM_ERR_V4_PRINC_NO_CONV, 0}, - {"rcmd", "foo", "realm", "realm", 2, {"host", "foo.realm"}, - "[realms]\n" - " realm = {\n" - " v4_instance_convert = {\n" - " foo = foo.realm\n" - " }\n" - " }\n", - 0, 0}, - - {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2, - {"pop", "mail0.nada.kth.se"}, "", HEIM_ERR_V4_PRINC_NO_CONV, 0}, - {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2, - {"pop", "mail0.nada.kth.se"}, - "[realms]\n" - " NADA.KTH.SE = {\n" - " default_domain = nada.kth.se\n" - " }\n", - 0, 0}, - {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2, - {"pop", "mail0.nada.kth.se"}, - "[libdefaults]\n" - " v4_instance_resolve = true\n", - HEIM_ERR_V4_PRINC_NO_CONV, 0}, - - {"rcmd", "hokkigai", "NADA.KTH.SE", "NADA.KTH.SE", 2, - {"host", "hokkigai.pdc.kth.se"}, "", HEIM_ERR_V4_PRINC_NO_CONV, 0}, - {"rcmd", "hokkigai", "NADA.KTH.SE", "NADA.KTH.SE", 2, - {"host", "hokkigai.pdc.kth.se"}, - "[libdefaults]\n" - " v4_instance_resolve = true\n" - "[realms]\n" - " NADA.KTH.SE = {\n" - " v4_name_convert = {\n" - " host = {\n" - " rcmd = host\n" - " }\n" - " }\n" - " default_domain = pdc.kth.se\n" - " }\n", - 0, 0}, - - {"0123456789012345678901234567890123456789", - "0123456789012345678901234567890123456789", - "0123456789012345678901234567890123456789", - "0123456789012345678901234567890123456789", - 2, {"0123456789012345678901234567890123456789", - "0123456789012345678901234567890123456789"}, NULL, - 0, KRB5_PARSE_MALFORMED}, - - {"012345678901234567890123456789012345678", - "012345678901234567890123456789012345678", - "012345678901234567890123456789012345678", - "012345678901234567890123456789012345678", - 2, {"012345678901234567890123456789012345678", - "012345678901234567890123456789012345678"}, NULL, - 0, 0}, - - {NULL, NULL, NULL, NULL, 0, {NULL}, NULL, 0} -}; - -int -main(int argc, char **argv) -{ - struct testcase *t; - krb5_context context; - krb5_error_code ret; - char hostname[1024]; - int val = 0; - - setprogname(argv[0]); - - gethostname(hostname, sizeof(hostname)); - if (!(strstr(hostname, "kth.se") != NULL || strstr(hostname, "su.se") != NULL)) - return 0; - - for (t = tests; t->v4_name; ++t) { - krb5_principal princ; - int i; - char name[40], inst[40], realm[40]; - char printable_princ[256]; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - if (t->config_file != NULL) { - char template[] = "/tmp/krb5-conf-XXXXXX"; - int fd = mkstemp(template); - char *files[2]; - - if (fd < 0) - krb5_err (context, 1, errno, "mkstemp %s", template); - - if (write (fd, t->config_file, strlen(t->config_file)) - != strlen(t->config_file)) - krb5_err (context, 1, errno, "write %s", template); - close (fd); - files[0] = template; - files[1] = NULL; - - ret = krb5_set_config_files (context, files); - unlink (template); - if (ret) - krb5_err (context, 1, ret, "krb5_set_config_files"); - } - - ret = krb5_425_conv_principal (context, - t->v4_name, - t->v4_inst, - t->v4_realm, - &princ); - if (ret) { - if (ret != t->ret) { - krb5_warn (context, ret, - "krb5_425_conv_principal %s.%s@%s", - t->v4_name, t->v4_inst, t->v4_realm); - val = 1; - } - } else { - if (t->ret) { - char *s; - krb5_unparse_name(context, princ, &s); - krb5_warnx (context, - "krb5_425_conv_principal %s.%s@%s " - "passed unexpected: %s", - t->v4_name, t->v4_inst, t->v4_realm, s); - free(s); - val = 1; - krb5_free_context(context); - continue; - } - } - - if (ret) { - krb5_free_context(context); - continue; - } - - if (strcmp (t->v5_realm, princ->realm) != 0) { - printf ("wrong realm (\"%s\" should be \"%s\")" - " for \"%s.%s@%s\"\n", - princ->realm, t->v5_realm, - t->v4_name, - t->v4_inst, - t->v4_realm); - val = 1; - } - - if (t->ncomponents != princ->name.name_string.len) { - printf ("wrong number of components (%u should be %u)" - " for \"%s.%s@%s\"\n", - princ->name.name_string.len, t->ncomponents, - t->v4_name, - t->v4_inst, - t->v4_realm); - val = 1; - } else { - for (i = 0; i < t->ncomponents; ++i) { - if (strcmp(t->comp_val[i], - princ->name.name_string.val[i]) != 0) { - printf ("bad component %d (\"%s\" should be \"%s\")" - " for \"%s.%s@%s\"\n", - i, - princ->name.name_string.val[i], - t->comp_val[i], - t->v4_name, - t->v4_inst, - t->v4_realm); - val = 1; - } - } - } - ret = krb5_524_conv_principal (context, princ, - name, inst, realm); - if (krb5_unparse_name_fixed(context, princ, - printable_princ, sizeof(printable_princ))) - strlcpy(printable_princ, "unknown principal", - sizeof(printable_princ)); - if (ret) { - if (ret != t->ret2) { - krb5_warn (context, ret, - "krb5_524_conv_principal %s", printable_princ); - val = 1; - } - } else { - if (t->ret2) { - krb5_warnx (context, - "krb5_524_conv_principal %s " - "passed unexpected", printable_princ); - val = 1; - krb5_free_context(context); - continue; - } - } - if (ret) { - krb5_free_principal (context, princ); - krb5_free_context(context); - continue; - } - - krb5_free_principal (context, princ); - krb5_free_context(context); - } - return val; -} diff --git a/lib/krb5/net_read.c b/lib/krb5/net_read.c index f0fa2ce7a0e9..f6d781c27c0b 100644 --- a/lib/krb5/net_read.c +++ b/lib/krb5/net_read.c @@ -1,47 +1,44 @@ /* - * Copyright (c) 1997, 1998, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1998, 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: net_read.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_ssize_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_net_read (krb5_context context, void *p_fd, void *buf, size_t len) { - int fd = *((int *)p_fd); - - return net_read (fd, buf, len); + krb5_socket_t fd = *((krb5_socket_t *)p_fd); + return net_read(fd, buf, len); } diff --git a/lib/krb5/net_write.c b/lib/krb5/net_write.c index 868015fa9214..289b96541feb 100644 --- a/lib/krb5/net_write.c +++ b/lib/krb5/net_write.c @@ -1,59 +1,56 @@ /* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: net_write.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_ssize_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_net_write (krb5_context context, void *p_fd, const void *buf, size_t len) { - int fd = *((int *)p_fd); - - return net_write (fd, buf, len); + krb5_socket_t fd = *((krb5_socket_t *)p_fd); + return net_write(fd, buf, len); } -krb5_ssize_t KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_net_write_block(krb5_context context, void *p_fd, const void *buf, size_t len, time_t timeout) { - int fd = *((int *)p_fd); + krb5_socket_t fd = *((krb5_socket_t *)p_fd); int ret; struct timeval tv, *tvp; const char *cbuf = (const char *)buf; @@ -64,7 +61,7 @@ krb5_net_write_block(krb5_context context, do { FD_ZERO(&wfds); FD_SET(fd, &wfds); - + if (timeout != 0) { tv.tv_sec = timeout; tv.tv_usec = 0; @@ -73,29 +70,45 @@ krb5_net_write_block(krb5_context context, tvp = NULL; ret = select(fd + 1, NULL, &wfds, NULL, tvp); - if (ret < 0) { - if (errno == EINTR) + if (rk_IS_SOCKET_ERROR(ret)) { + if (rk_SOCK_ERRNO == EINTR) continue; return -1; - } else if (ret == 0) + } + +#ifdef HAVE_WINSOCK + if (ret == 0) { + WSASetLastError( WSAETIMEDOUT ); return 0; - + } + + count = send (fd, cbuf, rem, 0); + + if (rk_IS_SOCKET_ERROR(count)) { + return -1; + } + +#else + if (ret == 0) { + return 0; + } + if (!FD_ISSET(fd, &wfds)) { errno = ETIMEDOUT; return -1; } -#ifdef WIN32 - count = send (fd, cbuf, rem, 0); -#else count = write (fd, cbuf, rem); -#endif + if (count < 0) { if (errno == EINTR) continue; else return count; } + +#endif + cbuf += count; rem -= count; diff --git a/lib/krb5/pac.c b/lib/krb5/pac.c index 1b21750e5d4d..f4caaddc264b 100644 --- a/lib/krb5/pac.c +++ b/lib/krb5/pac.c @@ -1,39 +1,38 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" - -RCSID("$Id: pac.c 21934 2007-08-27 14:21:04Z lha $"); +#include struct PAC_INFO_BUFFER { uint32_t type; @@ -44,7 +43,7 @@ struct PAC_INFO_BUFFER { struct PACTYPE { uint32_t numbuffers; - uint32_t version; + uint32_t version; struct PAC_INFO_BUFFER buffers[1]; }; @@ -69,18 +68,55 @@ struct krb5_pac_data { #define CHECK(r,f,l) \ do { \ if (((r) = f ) != 0) { \ - krb5_clear_error_string(context); \ + krb5_clear_error_message(context); \ goto l; \ } \ } while(0) static const char zeros[PAC_ALIGNMENT] = { 0 }; +/* + * HMAC-MD5 checksum over any key (needed for the PAC routines) + */ + +static krb5_error_code +HMAC_MD5_any_checksum(krb5_context context, + const krb5_keyblock *key, + const void *data, + size_t len, + unsigned usage, + Checksum *result) +{ + struct _krb5_key_data local_key; + krb5_error_code ret; + + memset(&local_key, 0, sizeof(local_key)); + + ret = krb5_copy_keyblock(context, key, &local_key.key); + if (ret) + return ret; + + ret = krb5_data_alloc (&result->checksum, 16); + if (ret) { + krb5_free_keyblock(context, local_key.key); + return ret; + } + + result->cksumtype = CKSUMTYPE_HMAC_MD5; + ret = _krb5_HMAC_MD5_checksum(context, &local_key, data, len, usage, result); + if (ret) + krb5_data_free(&result->checksum); + + krb5_free_keyblock(context, local_key.key); + return ret; +} + + /* * */ -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_parse(krb5_context context, const void *ptr, size_t len, krb5_pac *pac) { @@ -91,15 +127,13 @@ krb5_pac_parse(krb5_context context, const void *ptr, size_t len, p = calloc(1, sizeof(*p)); if (p == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); + ret = krb5_enomem(context); goto out; } sp = krb5_storage_from_readonly_mem(ptr, len); if (sp == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); + ret = krb5_enomem(context); goto out; } krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); @@ -107,21 +141,22 @@ krb5_pac_parse(krb5_context context, const void *ptr, size_t len, CHECK(ret, krb5_ret_uint32(sp, &tmp), out); CHECK(ret, krb5_ret_uint32(sp, &tmp2), out); if (tmp < 1) { - krb5_set_error_string(context, "PAC have too few buffer"); ret = EINVAL; /* Too few buffers */ + krb5_set_error_message(context, ret, N_("PAC have too few buffer", "")); goto out; } if (tmp2 != 0) { - krb5_set_error_string(context, "PAC have wrong version"); ret = EINVAL; /* Wrong version */ + krb5_set_error_message(context, ret, + N_("PAC have wrong version %d", ""), + (int)tmp2); goto out; } - p->pac = calloc(1, + p->pac = calloc(1, sizeof(*p->pac) + (sizeof(p->pac->buffers[0]) * (tmp - 1))); if (p->pac == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; + ret = krb5_enomem(context); goto out; } @@ -142,51 +177,59 @@ krb5_pac_parse(krb5_context context, const void *ptr, size_t len, /* consistency checks */ if (p->pac->buffers[i].offset_lo & (PAC_ALIGNMENT - 1)) { - krb5_set_error_string(context, "PAC out of allignment"); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("PAC out of allignment", "")); goto out; } if (p->pac->buffers[i].offset_hi) { - krb5_set_error_string(context, "PAC high offset set"); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("PAC high offset set", "")); goto out; } if (p->pac->buffers[i].offset_lo > len) { - krb5_set_error_string(context, "PAC offset off end"); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("PAC offset off end", "")); goto out; } if (p->pac->buffers[i].offset_lo < header_end) { - krb5_set_error_string(context, "PAC offset inside header: %d %d", - p->pac->buffers[i].offset_lo, header_end); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("PAC offset inside header: %lu %lu", ""), + (unsigned long)p->pac->buffers[i].offset_lo, + (unsigned long)header_end); goto out; } if (p->pac->buffers[i].buffersize > len - p->pac->buffers[i].offset_lo){ - krb5_set_error_string(context, "PAC length off end"); ret = EINVAL; + krb5_set_error_message(context, ret, N_("PAC length off end", "")); goto out; } /* let save pointer to data we need later */ if (p->pac->buffers[i].type == PAC_SERVER_CHECKSUM) { if (p->server_checksum) { - krb5_set_error_string(context, "PAC have two server checksums"); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("PAC have two server checksums", "")); goto out; } p->server_checksum = &p->pac->buffers[i]; } else if (p->pac->buffers[i].type == PAC_PRIVSVR_CHECKSUM) { if (p->privsvr_checksum) { - krb5_set_error_string(context, "PAC have two KDC checksums"); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("PAC have two KDC checksums", "")); goto out; } p->privsvr_checksum = &p->pac->buffers[i]; } else if (p->pac->buffers[i].type == PAC_LOGON_NAME) { if (p->logon_name) { - krb5_set_error_string(context, "PAC have two logon names"); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("PAC have two logon names", "")); goto out; } p->logon_name = &p->pac->buffers[i]; @@ -215,7 +258,7 @@ krb5_pac_parse(krb5_context context, const void *ptr, size_t len, return ret; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_init(krb5_context context, krb5_pac *pac) { krb5_error_code ret; @@ -223,31 +266,27 @@ krb5_pac_init(krb5_context context, krb5_pac *pac) p = calloc(1, sizeof(*p)); if (p == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; + return krb5_enomem(context); } p->pac = calloc(1, sizeof(*p->pac)); if (p->pac == NULL) { free(p); - krb5_set_error_string(context, "out of memory"); - return ENOMEM; + return krb5_enomem(context); } ret = krb5_data_alloc(&p->data, PACTYPE_SIZE); if (ret) { free (p->pac); free(p); - krb5_set_error_string(context, "out of memory"); - return ret; + return krb5_enomem(context); } - *pac = p; return 0; } -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_add_buffer(krb5_context context, krb5_pac p, uint32_t type, const krb5_data *data) { @@ -260,10 +299,9 @@ krb5_pac_add_buffer(krb5_context context, krb5_pac p, ptr = realloc(p->pac, sizeof(*p->pac) + (sizeof(p->pac->buffers[0]) * len)); - if (ptr == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } + if (ptr == NULL) + return krb5_enomem(context); + p->pac = ptr; for (i = 0; i < len; i++) @@ -279,20 +317,20 @@ krb5_pac_add_buffer(krb5_context context, krb5_pac p, old_end = p->data.length; len = p->data.length + data->length + PAC_INFO_BUFFER_SIZE; if (len < p->data.length) { - krb5_set_error_string(context, "integer overrun"); + krb5_set_error_message(context, EINVAL, "integer overrun"); return EINVAL; } - + /* align to PAC_ALIGNMENT */ len = ((len + PAC_ALIGNMENT - 1) / PAC_ALIGNMENT) * PAC_ALIGNMENT; ret = krb5_data_realloc(&p->data, len); if (ret) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); return ret; } - /* + /* * make place for new PAC INFO BUFFER header */ header_end = PACTYPE_SIZE + (PAC_INFO_BUFFER_SIZE * p->pac->numbuffers); @@ -315,43 +353,43 @@ krb5_pac_add_buffer(krb5_context context, krb5_pac p, return 0; } -krb5_error_code +/** + * Get the PAC buffer of specific type from the pac. + * + * @param context Kerberos 5 context. + * @param p the pac structure returned by krb5_pac_parse(). + * @param type type of buffer to get + * @param data return data, free with krb5_data_free(). + * + * @return Returns 0 to indicate success. Otherwise an kerberos et + * error code is returned, see krb5_get_error_message(). + * + * @ingroup krb5_pac + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_get_buffer(krb5_context context, krb5_pac p, uint32_t type, krb5_data *data) { krb5_error_code ret; uint32_t i; - /* - * Hide the checksums from external consumers - */ - - if (type == PAC_PRIVSVR_CHECKSUM || type == PAC_SERVER_CHECKSUM) { - ret = krb5_data_alloc(data, 16); - if (ret) { - krb5_set_error_string(context, "out of memory"); - return ret; - } - memset(data->data, 0, data->length); - return 0; - } - for (i = 0; i < p->pac->numbuffers; i++) { - size_t len = p->pac->buffers[i].buffersize; - size_t offset = p->pac->buffers[i].offset_lo; + const size_t len = p->pac->buffers[i].buffersize; + const size_t offset = p->pac->buffers[i].offset_lo; if (p->pac->buffers[i].type != type) continue; ret = krb5_data_copy(data, (unsigned char *)p->data.data + offset, len); if (ret) { - krb5_set_error_string(context, "Out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); return ret; } return 0; } - krb5_set_error_string(context, "No PAC buffer of type %lu was found", - (unsigned long)type); + krb5_set_error_message(context, ENOENT, "No PAC buffer of type %lu was found", + (unsigned long)type); return ENOENT; } @@ -359,7 +397,7 @@ krb5_pac_get_buffer(krb5_context context, krb5_pac p, * */ -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_get_types(krb5_context context, krb5_pac p, size_t *len, @@ -370,8 +408,7 @@ krb5_pac_get_types(krb5_context context, *types = calloc(p->pac->numbuffers, sizeof(*types)); if (*types == NULL) { *len = 0; - krb5_set_error_string(context, "out of memory"); - return ENOMEM; + return krb5_enomem(context); } for (i = 0; i < p->pac->numbuffers; i++) (*types)[i] = p->pac->buffers[i].type; @@ -384,7 +421,7 @@ krb5_pac_get_types(krb5_context context, * */ -void +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_pac_free(krb5_context context, krb5_pac pac) { krb5_data_free(&pac->data); @@ -403,7 +440,6 @@ verify_checksum(krb5_context context, void *ptr, size_t len, const krb5_keyblock *key) { - krb5_crypto crypto = NULL; krb5_storage *sp = NULL; uint32_t type; krb5_error_code ret; @@ -413,44 +449,71 @@ verify_checksum(krb5_context context, sp = krb5_storage_from_mem((char *)data->data + sig->offset_lo, sig->buffersize); - if (sp == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } + if (sp == NULL) + return krb5_enomem(context); + krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); CHECK(ret, krb5_ret_uint32(sp, &type), out); cksum.cksumtype = type; - cksum.checksum.length = + cksum.checksum.length = sig->buffersize - krb5_storage_seek(sp, 0, SEEK_CUR); cksum.checksum.data = malloc(cksum.checksum.length); if (cksum.checksum.data == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; + ret = krb5_enomem(context); goto out; } ret = krb5_storage_read(sp, cksum.checksum.data, cksum.checksum.length); - if (ret != cksum.checksum.length) { - krb5_set_error_string(context, "PAC checksum missing checksum"); + if (ret != (int)cksum.checksum.length) { ret = EINVAL; + krb5_set_error_message(context, ret, "PAC checksum missing checksum"); goto out; } if (!krb5_checksum_is_keyed(context, cksum.cksumtype)) { - krb5_set_error_string (context, "Checksum type %d not keyed", - cksum.cksumtype); ret = EINVAL; + krb5_set_error_message(context, ret, "Checksum type %d not keyed", + cksum.cksumtype); goto out; } - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - goto out; + /* If the checksum is HMAC-MD5, the checksum type is not tied to + * the key type, instead the HMAC-MD5 checksum is applied blindly + * on whatever key is used for this connection, avoiding issues + * with unkeyed checksums on des-cbc-md5 and des-cbc-crc. See + * http://comments.gmane.org/gmane.comp.encryption.kerberos.devel/8743 + * for the same issue in MIT, and + * http://blogs.msdn.com/b/openspecification/archive/2010/01/01/verifying-the-server-signature-in-kerberos-privilege-account-certificate.aspx + * for Microsoft's explaination */ - ret = krb5_verify_checksum(context, crypto, KRB5_KU_OTHER_CKSUM, - ptr, len, &cksum); + if (cksum.cksumtype == CKSUMTYPE_HMAC_MD5) { + Checksum local_checksum; + + memset(&local_checksum, 0, sizeof(local_checksum)); + + ret = HMAC_MD5_any_checksum(context, key, ptr, len, + KRB5_KU_OTHER_CKSUM, &local_checksum); + + if (ret != 0 || krb5_data_ct_cmp(&local_checksum.checksum, &cksum.checksum) != 0) { + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; + krb5_set_error_message(context, ret, + N_("PAC integrity check failed for " + "hmac-md5 checksum", "")); + } + krb5_data_free(&local_checksum.checksum); + + } else { + krb5_crypto crypto = NULL; + + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) + goto out; + + ret = krb5_verify_checksum(context, crypto, KRB5_KU_OTHER_CKSUM, + ptr, len, &cksum); + krb5_crypto_destroy(context, crypto); + } free(cksum.checksum.data); - krb5_crypto_destroy(context, crypto); krb5_storage_free(sp); return ret; @@ -460,14 +523,13 @@ verify_checksum(krb5_context context, free(cksum.checksum.data); if (sp) krb5_storage_free(sp); - if (crypto) - krb5_crypto_destroy(context, crypto); return ret; } static krb5_error_code create_checksum(krb5_context context, const krb5_keyblock *key, + uint32_t cksumtype, void *data, size_t datalen, void *sig, size_t siglen) { @@ -475,18 +537,31 @@ create_checksum(krb5_context context, krb5_error_code ret; Checksum cksum; - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - return ret; + /* If the checksum is HMAC-MD5, the checksum type is not tied to + * the key type, instead the HMAC-MD5 checksum is applied blindly + * on whatever key is used for this connection, avoiding issues + * with unkeyed checksums on des-cbc-md5 and des-cbc-crc. See + * http://comments.gmane.org/gmane.comp.encryption.kerberos.devel/8743 + * for the same issue in MIT, and + * http://blogs.msdn.com/b/openspecification/archive/2010/01/01/verifying-the-server-signature-in-kerberos-privilege-account-certificate.aspx + * for Microsoft's explaination */ - ret = krb5_create_checksum(context, crypto, KRB5_KU_OTHER_CKSUM, 0, - data, datalen, &cksum); - krb5_crypto_destroy(context, crypto); - if (ret) - return ret; + if (cksumtype == (uint32_t)CKSUMTYPE_HMAC_MD5) { + ret = HMAC_MD5_any_checksum(context, key, data, datalen, + KRB5_KU_OTHER_CKSUM, &cksum); + } else { + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) + return ret; + ret = krb5_create_checksum(context, crypto, KRB5_KU_OTHER_CKSUM, 0, + data, datalen, &cksum); + krb5_crypto_destroy(context, crypto); + if (ret) + return ret; + } if (cksum.checksum.length != siglen) { - krb5_set_error_string(context, "pac checksum wrong length"); + krb5_set_error_message(context, EINVAL, "pac checksum wrong length"); free_Checksum(&cksum); return EINVAL; } @@ -528,10 +603,8 @@ verify_logonname(krb5_context context, sp = krb5_storage_from_readonly_mem((const char *)data->data + logon_name->offset_lo, logon_name->buffersize); - if (sp == NULL) { - krb5_set_error_string(context, "Out of memory"); - return ENOMEM; - } + if (sp == NULL) + return krb5_enomem(context); krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); @@ -544,79 +617,74 @@ verify_logonname(krb5_context context, t2 = ((uint64_t)time2 << 32) | time1; if (t1 != t2) { krb5_storage_free(sp); - krb5_set_error_string(context, "PAC timestamp mismatch"); + krb5_set_error_message(context, EINVAL, "PAC timestamp mismatch"); return EINVAL; } } CHECK(ret, krb5_ret_uint16(sp, &len), out); if (len == 0) { krb5_storage_free(sp); - krb5_set_error_string(context, "PAC logon name length missing"); + krb5_set_error_message(context, EINVAL, "PAC logon name length missing"); return EINVAL; } s = malloc(len); if (s == NULL) { krb5_storage_free(sp); - krb5_set_error_string(context, "Out of memory"); - return ENOMEM; + return krb5_enomem(context); } ret = krb5_storage_read(sp, s, len); if (ret != len) { krb5_storage_free(sp); - krb5_set_error_string(context, "Failed to read pac logon name"); + krb5_set_error_message(context, EINVAL, "Failed to read PAC logon name"); return EINVAL; } krb5_storage_free(sp); -#if 1 /* cheat for now */ - { - size_t i; - - if (len & 1) { - krb5_set_error_string(context, "PAC logon name malformed"); - return EINVAL; - } - - for (i = 0; i < len / 2; i++) { - if (s[(i * 2) + 1]) { - krb5_set_error_string(context, "PAC logon name not ASCII"); - return EINVAL; - } - s[i] = s[i * 2]; - } - s[i] = '\0'; - } -#else { + size_t ucs2len = len / 2; uint16_t *ucs2; - ssize_t ucs2len; size_t u8len; + unsigned int flags = WIND_RW_LE; - ucs2 = malloc(sizeof(ucs2[0]) * len / 2); - if (ucs2) - abort(); - ucs2len = wind_ucs2read(s, len / 2, ucs2); + ucs2 = malloc(sizeof(ucs2[0]) * ucs2len); + if (ucs2 == NULL) + return krb5_enomem(context); + + ret = wind_ucs2read(s, len, &flags, ucs2, &ucs2len); free(s); - if (len < 0) - return -1; - ret = wind_ucs2toutf8(ucs2, ucs2len, NULL, &u8len); - if (ret < 0) - abort(); - s = malloc(u8len + 1); - if (s == NULL) - abort(); - wind_ucs2toutf8(ucs2, ucs2len, s, &u8len); + if (ret) { + free(ucs2); + krb5_set_error_message(context, ret, "Failed to convert string to UCS-2"); + return ret; + } + ret = wind_ucs2utf8_length(ucs2, ucs2len, &u8len); + if (ret) { + free(ucs2); + krb5_set_error_message(context, ret, "Failed to count length of UCS-2 string"); + return ret; + } + u8len += 1; /* Add space for NUL */ + s = malloc(u8len); + if (s == NULL) { + free(ucs2); + return krb5_enomem(context); + } + ret = wind_ucs2utf8(ucs2, ucs2len, s, &u8len); free(ucs2); + if (ret) { + free(s); + krb5_set_error_message(context, ret, "Failed to convert to UTF-8"); + return ret; + } } -#endif ret = krb5_parse_name_flags(context, s, KRB5_PRINCIPAL_PARSE_NO_REALM, &p2); free(s); if (ret) return ret; - + if (krb5_principal_compare_any_realm(context, principal, p2) != TRUE) { - krb5_set_error_string(context, "PAC logon name mismatch"); ret = EINVAL; + krb5_set_error_message(context, ret, "PAC logon name mismatch"); } krb5_free_principal(context, p2); return ret; @@ -629,9 +697,9 @@ verify_logonname(krb5_context context, */ static krb5_error_code -build_logon_name(krb5_context context, +build_logon_name(krb5_context context, time_t authtime, - krb5_const_principal principal, + krb5_const_principal principal, krb5_data *logon) { krb5_error_code ret; @@ -645,10 +713,9 @@ build_logon_name(krb5_context context, krb5_data_zero(logon); sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } + if (sp == NULL) + return krb5_enomem(context); + krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); CHECK(ret, krb5_store_uint32(sp, t & 0xffffffff), out); @@ -660,13 +727,13 @@ build_logon_name(krb5_context context, goto out; len = strlen(s); - + CHECK(ret, krb5_store_uint16(sp, len * 2), out); #if 1 /* cheat for now */ s2 = malloc(len * 2); if (s2 == NULL) { - ret = ENOMEM; + ret = krb5_enomem(context); free(s); goto out; } @@ -681,8 +748,8 @@ build_logon_name(krb5_context context, ret = krb5_storage_write(sp, s2, len * 2); free(s2); - if (ret != len * 2) { - ret = ENOMEM; + if (ret != (int)(len * 2)) { + ret = krb5_enomem(context); goto out; } ret = krb5_storage_to_data(sp, logon); @@ -697,12 +764,24 @@ build_logon_name(krb5_context context, } -/* +/** + * Verify the PAC. * + * @param context Kerberos 5 context. + * @param pac the pac structure returned by krb5_pac_parse(). + * @param authtime The time of the ticket the PAC belongs to. + * @param principal the principal to verify. + * @param server The service key, most always be given. + * @param privsvr The KDC key, may be given. + + * @return Returns 0 to indicate success. Otherwise an kerberos et + * error code is returned, see krb5_get_error_message(). + * + * @ingroup krb5_pac */ -krb5_error_code -krb5_pac_verify(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_pac_verify(krb5_context context, const krb5_pac pac, time_t authtime, krb5_const_principal principal, @@ -712,19 +791,19 @@ krb5_pac_verify(krb5_context context, krb5_error_code ret; if (pac->server_checksum == NULL) { - krb5_set_error_string(context, "PAC missing server checksum"); + krb5_set_error_message(context, EINVAL, "PAC missing server checksum"); return EINVAL; } if (pac->privsvr_checksum == NULL) { - krb5_set_error_string(context, "PAC missing kdc checksum"); + krb5_set_error_message(context, EINVAL, "PAC missing kdc checksum"); return EINVAL; } if (pac->logon_name == NULL) { - krb5_set_error_string(context, "PAC missing logon name"); + krb5_set_error_message(context, EINVAL, "PAC missing logon name"); return EINVAL; } - ret = verify_logonname(context, + ret = verify_logonname(context, pac->logon_name, &pac->data, authtime, @@ -732,7 +811,7 @@ krb5_pac_verify(krb5_context context, if (ret) return ret; - /* + /* * in the service case, clean out data option of the privsvr and * server checksum before checking the checksum. */ @@ -767,6 +846,7 @@ krb5_pac_verify(krb5_context context, return ret; } if (privsvr) { + /* The priv checksum covers the server checksum */ ret = verify_checksum(context, pac->privsvr_checksum, &pac->data, @@ -796,17 +876,16 @@ fill_zeros(krb5_context context, krb5_storage *sp, size_t len) if (l > sizeof(zeros)) l = sizeof(zeros); sret = krb5_storage_write(sp, zeros, l); - if (sret <= 0) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } + if (sret <= 0) + return krb5_enomem(context); + len -= sret; } return 0; } static krb5_error_code -pac_checksum(krb5_context context, +pac_checksum(krb5_context context, const krb5_keyblock *key, uint32_t *cksumtype, size_t *cksumsize) @@ -820,19 +899,19 @@ pac_checksum(krb5_context context, return ret; ret = krb5_crypto_get_checksum_type(context, crypto, &cktype); - ret = krb5_crypto_destroy(context, crypto); + krb5_crypto_destroy(context, crypto); if (ret) return ret; if (krb5_checksum_is_keyed(context, cktype) == FALSE) { - krb5_set_error_string(context, "PAC checksum type is not keyed"); - return EINVAL; + *cksumtype = CKSUMTYPE_HMAC_MD5; + *cksumsize = 16; } ret = krb5_checksumsize(context, cktype, cksumsize); if (ret) return ret; - + *cksumtype = (uint32_t)cktype; return 0; @@ -853,7 +932,8 @@ _krb5_pac_sign(krb5_context context, size_t server_size, priv_size; uint32_t server_offset = 0, priv_offset = 0; uint32_t server_cksumtype = 0, priv_cksumtype = 0; - int i, num = 0; + int num = 0; + size_t i; krb5_data logon, d; krb5_data_zero(&logon); @@ -869,10 +949,9 @@ _krb5_pac_sign(krb5_context context, void *ptr; ptr = realloc(p->pac, sizeof(*p->pac) + (sizeof(p->pac->buffers[0]) * (p->pac->numbuffers + num - 1))); - if (ptr == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } + if (ptr == NULL) + return krb5_enomem(context); + p->pac = ptr; if (p->logon_name == NULL) { @@ -907,17 +986,15 @@ _krb5_pac_sign(krb5_context context, /* Encode PAC */ sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } + if (sp == NULL) + return krb5_enomem(context); + krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); spdata = krb5_storage_emem(); if (spdata == NULL) { krb5_storage_free(sp); - krb5_set_error_string(context, "out of memory"); - return ENOMEM; + return krb5_enomem(context); } krb5_storage_set_flags(spdata, KRB5_STORAGE_BYTEORDER_LE); @@ -955,8 +1032,7 @@ _krb5_pac_sign(krb5_context context, sret = krb5_storage_write(spdata, ptr, len); if (sret != len) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; + ret = krb5_enomem(context); goto out; } /* XXX if not aligned, fill_zeros */ @@ -974,7 +1050,7 @@ _krb5_pac_sign(krb5_context context, end += len; e = ((end + PAC_ALIGNMENT - 1) / PAC_ALIGNMENT) * PAC_ALIGNMENT; - if (end != e) { + if ((int32_t)end != e) { CHECK(ret, fill_zeros(context, spdata, e - end), out); } end = e; @@ -987,35 +1063,32 @@ _krb5_pac_sign(krb5_context context, /* export PAC */ ret = krb5_storage_to_data(spdata, &d); if (ret) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto out; } ret = krb5_storage_write(sp, d.data, d.length); - if (ret != d.length) { + if (ret != (int)d.length) { krb5_data_free(&d); - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; + ret = krb5_enomem(context); goto out; } krb5_data_free(&d); ret = krb5_storage_to_data(sp, &d); if (ret) { - krb5_set_error_string(context, "out of memory"); + ret = krb5_enomem(context); goto out; } /* sign */ - - ret = create_checksum(context, server_key, + ret = create_checksum(context, server_key, server_cksumtype, d.data, d.length, (char *)d.data + server_offset, server_size); if (ret) { krb5_data_free(&d); goto out; } - - ret = create_checksum(context, priv_key, + ret = create_checksum(context, priv_key, priv_cksumtype, (char *)d.data + server_offset, server_size, (char *)d.data + priv_offset, priv_size); if (ret) { diff --git a/lib/krb5/padata.c b/lib/krb5/padata.c index b2b70f52e786..babe22cb3876 100644 --- a/lib/krb5/padata.c +++ b/lib/krb5/padata.c @@ -1,50 +1,48 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: padata.c 15469 2005-06-17 04:28:35Z lha $"); - -PA_DATA * +KRB5_LIB_FUNCTION PA_DATA * KRB5_LIB_CALL krb5_find_padata(PA_DATA *val, unsigned len, int type, int *idx) { - for(; *idx < len; (*idx)++) - if(val[*idx].padata_type == type) + for(; *idx < (int)len; (*idx)++) + if(val[*idx].padata_type == (unsigned)type) return val + *idx; - return NULL; + return NULL; } -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_padata_add(krb5_context context, METHOD_DATA *md, int type, void *buf, size_t len) { @@ -52,7 +50,8 @@ krb5_padata_add(krb5_context context, METHOD_DATA *md, pa = realloc (md->val, (md->len + 1) * sizeof(*md->val)); if (pa == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } md->val = pa; @@ -60,7 +59,7 @@ krb5_padata_add(krb5_context context, METHOD_DATA *md, pa[md->len].padata_type = type; pa[md->len].padata_value.length = len; pa[md->len].padata_value.data = buf; - md->len++; + md->len++; return 0; } diff --git a/lib/krb5/parse-name-test.c b/lib/krb5/parse-name-test.c index 7e6070538904..bb2fc024e612 100644 --- a/lib/krb5/parse-name-test.c +++ b/lib/krb5/parse-name-test.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -33,8 +33,6 @@ #include "krb5_locl.h" #include -RCSID("$Id: parse-name-test.c 16342 2005-12-02 14:14:43Z lha $"); - enum { MAX_COMPONENTS = 3 }; static struct testcase { @@ -63,7 +61,7 @@ static struct testcase { {"a/b/c", "a/b/c@", "", 3, {"a", "b", "c"}, FALSE}, {NULL, NULL, "", 0, { NULL }, FALSE}}; -int KRB5_LIB_FUNCTION +int main(int argc, char **argv) { struct testcase *t; diff --git a/lib/krb5/pcache.c b/lib/krb5/pcache.c new file mode 100644 index 000000000000..23d5389a607d --- /dev/null +++ b/lib/krb5/pcache.c @@ -0,0 +1,66 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#include "krb5_locl.h" +#include "ccache_plugin.h" +#ifdef HAVE_DLFCN_H +#include +#endif +#include + +krb5_error_code +_krb5_load_ccache_plugins(krb5_context context) +{ + struct krb5_plugin * plist = NULL; + struct krb5_plugin *p; + krb5_error_code code; + + code = _krb5_plugin_find(context, PLUGIN_TYPE_DATA, KRB5_PLUGIN_CCACHE, + &plist); + if (code) + return code; + + for (p = plist; p != NULL; p = _krb5_plugin_get_next(p)) { + krb5_cc_ops * ccops; + krb5_error_code c_load; + + ccops = _krb5_plugin_get_symbol(p); + if (ccops != NULL && ccops->version == KRB5_CC_OPS_VERSION) { + c_load = krb5_cc_register(context, ccops, TRUE); + if (c_load != 0) + code = c_load; + } + } + + _krb5_plugin_free(plist); + + return code; +} diff --git a/lib/krb5/pkinit.c b/lib/krb5/pkinit.c index a0b6a4e07938..1103a17807be 100644 --- a/lib/krb5/pkinit.c +++ b/lib/krb5/pkinit.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: pkinit.c 22433 2008-01-13 14:11:46Z lha $"); - struct krb5_dh_moduli { char *name; unsigned long bits; @@ -45,8 +45,6 @@ struct krb5_dh_moduli { #ifdef PKINIT -#include -#include #include #include #include @@ -56,53 +54,44 @@ struct krb5_dh_moduli { #include -#include - -enum { - COMPAT_WIN2K = 1, - COMPAT_IETF = 2 -}; - -struct krb5_pk_identity { - hx509_context hx509ctx; - hx509_verify_ctx verify_ctx; - hx509_certs certs; - hx509_certs anchors; - hx509_certs certpool; - hx509_revoke_ctx revokectx; -}; - struct krb5_pk_cert { hx509_cert cert; }; struct krb5_pk_init_ctx_data { struct krb5_pk_identity *id; - DH *dh; + enum { USE_RSA, USE_DH, USE_ECDH } keyex; + union { + DH *dh; +#ifdef HAVE_OPENSSL + EC_KEY *eckey; +#endif + } u; krb5_data *clientDHNonce; struct krb5_dh_moduli **m; hx509_peer_info peer; - int type; + enum krb5_pk_type type; unsigned int require_binding:1; unsigned int require_eku:1; unsigned int require_krbtgt_otherName:1; unsigned int require_hostname_match:1; unsigned int trustedCertifiers:1; + unsigned int anonymous:1; }; static void -_krb5_pk_copy_error(krb5_context context, - hx509_context hx509ctx, - int hxret, - const char *fmt, - ...) +pk_copy_error(krb5_context context, + hx509_context hx509ctx, + int hxret, + const char *fmt, + ...) __attribute__ ((format (printf, 4, 5))); /* * */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL _krb5_pk_cert_free(struct krb5_pk_cert *cert) { if (cert->cert) { @@ -117,7 +106,7 @@ BN_to_integer(krb5_context context, BIGNUM *bn, heim_integer *integer) integer->length = BN_num_bytes(bn); integer->data = malloc(integer->length); if (integer->data == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ENOMEM; } BN_bn2bin(bn, integer->data); @@ -132,60 +121,136 @@ integer_to_BN(krb5_context context, const char *field, const heim_integer *f) bn = BN_bin2bn((const unsigned char *)f->data, f->length, NULL); if (bn == NULL) { - krb5_set_error_string(context, "PKINIT: parsing BN failed %s", field); + krb5_set_error_message(context, ENOMEM, + N_("PKINIT: parsing BN failed %s", ""), field); return NULL; } BN_set_negative(bn, f->negative); return bn; } +static krb5_error_code +select_dh_group(krb5_context context, DH *dh, unsigned long bits, + struct krb5_dh_moduli **moduli) +{ + const struct krb5_dh_moduli *m; + + if (bits == 0) { + m = moduli[1]; /* XXX */ + if (m == NULL) + m = moduli[0]; /* XXX */ + } else { + int i; + for (i = 0; moduli[i] != NULL; i++) { + if (bits < moduli[i]->bits) + break; + } + if (moduli[i] == NULL) { + krb5_set_error_message(context, EINVAL, + N_("Did not find a DH group parameter " + "matching requirement of %lu bits", ""), + bits); + return EINVAL; + } + m = moduli[i]; + } + + dh->p = integer_to_BN(context, "p", &m->p); + if (dh->p == NULL) + return ENOMEM; + dh->g = integer_to_BN(context, "g", &m->g); + if (dh->g == NULL) + return ENOMEM; + dh->q = integer_to_BN(context, "q", &m->q); + if (dh->q == NULL) + return ENOMEM; + + return 0; +} + +struct certfind { + const char *type; + const heim_oid *oid; +}; + +/* + * Try searchin the key by to use by first looking for for PK-INIT + * EKU, then the Microsoft smart card EKU and last, no special EKU at all. + */ static krb5_error_code -_krb5_pk_create_sign(krb5_context context, - const heim_oid *eContentType, - krb5_data *eContent, - struct krb5_pk_identity *id, - hx509_peer_info peer, - krb5_data *sd_data) +find_cert(krb5_context context, struct krb5_pk_identity *id, + hx509_query *q, hx509_cert *cert) { - hx509_cert cert; - hx509_query *q; - int ret; + struct certfind cf[4] = { + { "MobileMe EKU" }, + { "PKINIT EKU" }, + { "MS EKU" }, + { "any (or no)" } + }; + int ret = HX509_CERT_NOT_FOUND; + size_t i, start = 1; + unsigned oids[] = { 1, 2, 840, 113635, 100, 3, 2, 1 }; + const heim_oid mobileMe = { sizeof(oids)/sizeof(oids[0]), oids }; - ret = hx509_query_alloc(id->hx509ctx, &q); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Allocate query to find signing certificate"); - return ret; + + if (id->flags & PKINIT_BTMM) + start = 0; + + cf[0].oid = &mobileMe; + cf[1].oid = &asn1_oid_id_pkekuoid; + cf[2].oid = &asn1_oid_id_pkinit_ms_eku; + cf[3].oid = NULL; + + for (i = start; i < sizeof(cf)/sizeof(cf[0]); i++) { + ret = hx509_query_match_eku(q, cf[i].oid); + if (ret) { + pk_copy_error(context, context->hx509ctx, ret, + "Failed setting %s OID", cf[i].type); + return ret; + } + + ret = hx509_certs_find(context->hx509ctx, id->certs, q, cert); + if (ret == 0) + break; + pk_copy_error(context, context->hx509ctx, ret, + "Failed finding certificate with %s OID", cf[i].type); } + return ret; +} - hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); - ret = hx509_certs_find(id->hx509ctx, id->certs, q, &cert); - hx509_query_free(id->hx509ctx, q); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Find certificate to signed CMS data"); - return ret; - } +static krb5_error_code +create_signature(krb5_context context, + const heim_oid *eContentType, + krb5_data *eContent, + struct krb5_pk_identity *id, + hx509_peer_info peer, + krb5_data *sd_data) +{ + int ret, flags = 0; - ret = hx509_cms_create_signed_1(id->hx509ctx, - 0, + if (id->cert == NULL) + flags |= HX509_CMS_SIGNATURE_NO_SIGNER; + + ret = hx509_cms_create_signed_1(context->hx509ctx, + flags, eContentType, eContent->data, eContent->length, NULL, - cert, + id->cert, peer, NULL, id->certs, sd_data); - if (ret) - _krb5_pk_copy_error(context, id->hx509ctx, ret, "create CMS signedData"); - hx509_cert_free(cert); + if (ret) { + pk_copy_error(context, context->hx509ctx, ret, + "Create CMS signedData"); + return ret; + } - return ret; + return 0; } static int @@ -197,6 +262,9 @@ cert2epi(hx509_context context, void *ctx, hx509_cert c) void *p; int ret; + if (ids->len > 10) + return 0; + memset(&id, 0, sizeof(id)); ret = hx509_cert_get_subject(c, &subject); @@ -211,7 +279,7 @@ cert2epi(hx509_context context, void *ctx, hx509_cert c) free_ExternalPrincipalIdentifier(&id); return ENOMEM; } - + ret = hx509_name_binary(subject, id.subjectName); if (ret) { hx509_name_free(&subject); @@ -231,8 +299,8 @@ cert2epi(hx509_context context, void *ctx, hx509_cert c) { IssuerAndSerialNumber iasn; hx509_name issuer; - size_t size; - + size_t size = 0; + memset(&iasn, 0, sizeof(iasn)); ret = hx509_cert_get_issuer(c, &issuer); @@ -247,7 +315,7 @@ cert2epi(hx509_context context, void *ctx, hx509_cert c) free_ExternalPrincipalIdentifier(&id); return ret; } - + ret = hx509_cert_get_serialnumber(c, &iasn.serialNumber); if (ret) { free_IssuerAndSerialNumber(&iasn); @@ -256,7 +324,7 @@ cert2epi(hx509_context context, void *ctx, hx509_cert c) } ASN1_MALLOC_ENCODE(IssuerAndSerialNumber, - id.issuerAndSerialNumber->data, + id.issuerAndSerialNumber->data, id.issuerAndSerialNumber->length, &iasn, &size, ret); free_IssuerAndSerialNumber(&iasn); @@ -268,7 +336,7 @@ cert2epi(hx509_context context, void *ctx, hx509_cert c) id.subjectKeyIdentifier = NULL; - p = realloc(ids->val, sizeof(ids->val[0]) * (ids->len + 1)); + p = realloc(ids->val, sizeof(ids->val[0]) * (ids->len + 1)); if (p == NULL) { free_ExternalPrincipalIdentifier(&id); return ENOMEM; @@ -287,25 +355,24 @@ build_edi(krb5_context context, hx509_certs certs, ExternalPrincipalIdentifiers *ids) { - return hx509_certs_iter(hx509ctx, certs, cert2epi, ids); + return hx509_certs_iter_f(hx509ctx, certs, cert2epi, ids); } static krb5_error_code build_auth_pack(krb5_context context, unsigned nonce, krb5_pk_init_ctx ctx, - DH *dh, const KDC_REQ_BODY *body, AuthPack *a) { - size_t buf_size, len; + size_t buf_size, len = 0; krb5_error_code ret; void *buf; krb5_timestamp sec; int32_t usec; Checksum checksum; - krb5_clear_error_string(context); + krb5_clear_error_message(context); memset(&checksum, 0, sizeof(checksum)); @@ -327,12 +394,13 @@ build_auth_pack(krb5_context context, len, &checksum); free(buf); - if (ret) + if (ret) return ret; ALLOC(a->pkAuthenticator.paChecksum, 1); if (a->pkAuthenticator.paChecksum == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } @@ -342,25 +410,62 @@ build_auth_pack(krb5_context context, if (ret) return ret; - if (dh) { - DomainParameters dp; - heim_integer dh_pub_key; + if (ctx->keyex == USE_DH || ctx->keyex == USE_ECDH) { + const char *moduli_file; + unsigned long dh_min_bits; krb5_data dhbuf; - size_t size; + size_t size = 0; + + krb5_data_zero(&dhbuf); + + + + moduli_file = krb5_config_get_string(context, NULL, + "libdefaults", + "moduli", + NULL); + + dh_min_bits = + krb5_config_get_int_default(context, NULL, 0, + "libdefaults", + "pkinit_dh_min_bits", + NULL); + + ret = _krb5_parse_moduli(context, moduli_file, &ctx->m); + if (ret) + return ret; + + ctx->u.dh = DH_new(); + if (ctx->u.dh == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + + ret = select_dh_group(context, ctx->u.dh, dh_min_bits, ctx->m); + if (ret) + return ret; + + if (DH_generate_key(ctx->u.dh) != 1) { + krb5_set_error_message(context, ENOMEM, + N_("pkinit: failed to generate DH key", "")); + return ENOMEM; + } + if (1 /* support_cached_dh */) { ALLOC(a->clientDHNonce, 1); if (a->clientDHNonce == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ENOMEM; } ret = krb5_data_alloc(a->clientDHNonce, 40); if (a->clientDHNonce == NULL) { - krb5_clear_error_string(context); - return ENOMEM; + krb5_clear_error_message(context); + return ret; } - memset(a->clientDHNonce->data, 0, a->clientDHNonce->length); - ret = krb5_copy_data(context, a->clientDHNonce, + RAND_bytes(a->clientDHNonce->data, a->clientDHNonce->length); + ret = krb5_copy_data(context, a->clientDHNonce, &ctx->clientDHNonce); if (ret) return ret; @@ -369,60 +474,131 @@ build_auth_pack(krb5_context context, ALLOC(a->clientPublicValue, 1); if (a->clientPublicValue == NULL) return ENOMEM; - ret = der_copy_oid(oid_id_dhpublicnumber(), - &a->clientPublicValue->algorithm.algorithm); - if (ret) - return ret; - - memset(&dp, 0, sizeof(dp)); - ret = BN_to_integer(context, dh->p, &dp.p); - if (ret) { + if (ctx->keyex == USE_DH) { + DH *dh = ctx->u.dh; + DomainParameters dp; + heim_integer dh_pub_key; + + ret = der_copy_oid(&asn1_oid_id_dhpublicnumber, + &a->clientPublicValue->algorithm.algorithm); + if (ret) + return ret; + + memset(&dp, 0, sizeof(dp)); + + ret = BN_to_integer(context, dh->p, &dp.p); + if (ret) { + free_DomainParameters(&dp); + return ret; + } + ret = BN_to_integer(context, dh->g, &dp.g); + if (ret) { + free_DomainParameters(&dp); + return ret; + } + ret = BN_to_integer(context, dh->q, &dp.q); + if (ret) { + free_DomainParameters(&dp); + return ret; + } + dp.j = NULL; + dp.validationParms = NULL; + + a->clientPublicValue->algorithm.parameters = + malloc(sizeof(*a->clientPublicValue->algorithm.parameters)); + if (a->clientPublicValue->algorithm.parameters == NULL) { + free_DomainParameters(&dp); + return ret; + } + + ASN1_MALLOC_ENCODE(DomainParameters, + a->clientPublicValue->algorithm.parameters->data, + a->clientPublicValue->algorithm.parameters->length, + &dp, &size, ret); free_DomainParameters(&dp); - return ret; - } - ret = BN_to_integer(context, dh->g, &dp.g); - if (ret) { - free_DomainParameters(&dp); - return ret; - } - ret = BN_to_integer(context, dh->q, &dp.q); - if (ret) { - free_DomainParameters(&dp); - return ret; - } - dp.j = NULL; - dp.validationParms = NULL; + if (ret) + return ret; + if (size != a->clientPublicValue->algorithm.parameters->length) + krb5_abortx(context, "Internal ASN1 encoder error"); - a->clientPublicValue->algorithm.parameters = - malloc(sizeof(*a->clientPublicValue->algorithm.parameters)); - if (a->clientPublicValue->algorithm.parameters == NULL) { - free_DomainParameters(&dp); - return ret; - } + ret = BN_to_integer(context, dh->pub_key, &dh_pub_key); + if (ret) + return ret; - ASN1_MALLOC_ENCODE(DomainParameters, - a->clientPublicValue->algorithm.parameters->data, - a->clientPublicValue->algorithm.parameters->length, - &dp, &size, ret); - free_DomainParameters(&dp); - if (ret) - return ret; - if (size != a->clientPublicValue->algorithm.parameters->length) - krb5_abortx(context, "Internal ASN1 encoder error"); + ASN1_MALLOC_ENCODE(DHPublicKey, dhbuf.data, dhbuf.length, + &dh_pub_key, &size, ret); + der_free_heim_integer(&dh_pub_key); + if (ret) + return ret; + if (size != dhbuf.length) + krb5_abortx(context, "asn1 internal error"); + } else if (ctx->keyex == USE_ECDH) { +#ifdef HAVE_OPENSSL + ECParameters ecp; + unsigned char *p; + int xlen; - ret = BN_to_integer(context, dh->pub_key, &dh_pub_key); - if (ret) - return ret; + /* copy in public key, XXX find the best curve that the server support or use the clients curve if possible */ - ASN1_MALLOC_ENCODE(DHPublicKey, dhbuf.data, dhbuf.length, - &dh_pub_key, &size, ret); - der_free_heim_integer(&dh_pub_key); - if (ret) - return ret; - if (size != dhbuf.length) - krb5_abortx(context, "asn1 internal error"); + ecp.element = choice_ECParameters_namedCurve; + ret = der_copy_oid(&asn1_oid_id_ec_group_secp256r1, + &ecp.u.namedCurve); + if (ret) + return ret; + ALLOC(a->clientPublicValue->algorithm.parameters, 1); + if (a->clientPublicValue->algorithm.parameters == NULL) { + free_ECParameters(&ecp); + return ENOMEM; + } + ASN1_MALLOC_ENCODE(ECParameters, p, xlen, &ecp, &size, ret); + free_ECParameters(&ecp); + if (ret) + return ret; + if ((int)size != xlen) + krb5_abortx(context, "asn1 internal error"); + + a->clientPublicValue->algorithm.parameters->data = p; + a->clientPublicValue->algorithm.parameters->length = size; + + /* copy in public key */ + + ret = der_copy_oid(&asn1_oid_id_ecPublicKey, + &a->clientPublicValue->algorithm.algorithm); + if (ret) + return ret; + + ctx->u.eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); + if (ctx->u.eckey == NULL) + return ENOMEM; + + ret = EC_KEY_generate_key(ctx->u.eckey); + if (ret != 1) + return EINVAL; + + /* encode onto dhkey */ + + xlen = i2o_ECPublicKey(ctx->u.eckey, NULL); + if (xlen <= 0) + abort(); + + dhbuf.data = malloc(xlen); + if (dhbuf.data == NULL) + abort(); + dhbuf.length = xlen; + p = dhbuf.data; + + xlen = i2o_ECPublicKey(ctx->u.eckey, &p); + if (xlen <= 0) + abort(); + + /* XXX verify that this is right with RFC3279 */ +#else + return EINVAL; +#endif + } else + krb5_abortx(context, "internal error"); a->clientPublicValue->subjectPublicKey.length = dhbuf.length * 8; a->clientPublicValue->subjectPublicKey.data = dhbuf.data; } @@ -432,7 +608,8 @@ build_auth_pack(krb5_context context, if (a->supportedCMSTypes == NULL) return ENOMEM; - ret = hx509_crypto_available(ctx->id->hx509ctx, HX509_SELECT_ALL, NULL, + ret = hx509_crypto_available(context->hx509ctx, HX509_SELECT_ALL, + ctx->id->cert, &a->supportedCMSTypes->val, &a->supportedCMSTypes->len); if (ret) @@ -442,9 +619,9 @@ build_auth_pack(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_pk_mk_ContentInfo(krb5_context context, - const krb5_data *buf, + const krb5_data *buf, const heim_oid *oid, struct ContentInfo *content_info) { @@ -473,16 +650,16 @@ pk_mk_padata(krb5_context context, { struct ContentInfo content_info; krb5_error_code ret; - const heim_oid *oid; - size_t size; + const heim_oid *oid = NULL; + size_t size = 0; krb5_data buf, sd_buf; - int pa_type; + int pa_type = -1; krb5_data_zero(&buf); krb5_data_zero(&sd_buf); memset(&content_info, 0, sizeof(content_info)); - if (ctx->type == COMPAT_WIN2K) { + if (ctx->type == PKINIT_WIN2K) { AuthPack_Win2k ap; krb5_timestamp sec; int32_t usec; @@ -493,13 +670,13 @@ pk_mk_padata(krb5_context context, ret = copy_PrincipalName(req_body->sname, &ap.pkAuthenticator.kdcName); if (ret) { free_AuthPack_Win2k(&ap); - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } ret = copy_Realm(&req_body->realm, &ap.pkAuthenticator.kdcRealm); if (ret) { free_AuthPack_Win2k(&ap); - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } @@ -512,19 +689,21 @@ pk_mk_padata(krb5_context context, &ap, &size, ret); free_AuthPack_Win2k(&ap); if (ret) { - krb5_set_error_string(context, "AuthPack_Win2k: %d", ret); + krb5_set_error_message(context, ret, + N_("Failed encoding AuthPackWin: %d", ""), + (int)ret); goto out; } if (buf.length != size) krb5_abortx(context, "internal ASN1 encoder error"); - oid = oid_id_pkcs7_data(); - } else if (ctx->type == COMPAT_IETF) { + oid = &asn1_oid_id_pkcs7_data; + } else if (ctx->type == PKINIT_27) { AuthPack ap; - + memset(&ap, 0, sizeof(ap)); - ret = build_auth_pack(context, nonce, ctx, ctx->dh, req_body, &ap); + ret = build_auth_pack(context, nonce, ctx, req_body, &ap); if (ret) { free_AuthPack(&ap); goto out; @@ -533,35 +712,33 @@ pk_mk_padata(krb5_context context, ASN1_MALLOC_ENCODE(AuthPack, buf.data, buf.length, &ap, &size, ret); free_AuthPack(&ap); if (ret) { - krb5_set_error_string(context, "AuthPack: %d", ret); + krb5_set_error_message(context, ret, + N_("Failed encoding AuthPack: %d", ""), + (int)ret); goto out; } if (buf.length != size) krb5_abortx(context, "internal ASN1 encoder error"); - oid = oid_id_pkauthdata(); + oid = &asn1_oid_id_pkauthdata; } else krb5_abortx(context, "internal pkinit error"); - ret = _krb5_pk_create_sign(context, - oid, - &buf, - ctx->id, - ctx->peer, - &sd_buf); + ret = create_signature(context, oid, &buf, ctx->id, + ctx->peer, &sd_buf); krb5_data_free(&buf); if (ret) goto out; - ret = hx509_cms_wrap_ContentInfo(oid_id_pkcs7_signedData(), &sd_buf, &buf); + ret = hx509_cms_wrap_ContentInfo(&asn1_oid_id_pkcs7_signedData, &sd_buf, &buf); krb5_data_free(&sd_buf); if (ret) { - krb5_set_error_string(context, - "ContentInfo wrapping of signedData failed"); + krb5_set_error_message(context, ret, + N_("ContentInfo wrapping of signedData failed","")); goto out; } - if (ctx->type == COMPAT_WIN2K) { + if (ctx->type == PKINIT_WIN2K) { PA_PK_AS_REQ_Win2k winreq; pa_type = KRB5_PADATA_PK_AS_REQ_WIN; @@ -574,26 +751,30 @@ pk_mk_padata(krb5_context context, &winreq, &size, ret); free_PA_PK_AS_REQ_Win2k(&winreq); - } else if (ctx->type == COMPAT_IETF) { + } else if (ctx->type == PKINIT_27) { PA_PK_AS_REQ req; pa_type = KRB5_PADATA_PK_AS_REQ; memset(&req, 0, sizeof(req)); - req.signedAuthPack = buf; + req.signedAuthPack = buf; if (ctx->trustedCertifiers) { req.trustedCertifiers = calloc(1, sizeof(*req.trustedCertifiers)); if (req.trustedCertifiers == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + ret = ENOMEM; + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); free_PA_PK_AS_REQ(&req); goto out; } - ret = build_edi(context, ctx->id->hx509ctx, + ret = build_edi(context, context->hx509ctx, ctx->id->anchors, req.trustedCertifiers); if (ret) { - krb5_set_error_string(context, "pk-init: failed to build trustedCertifiers"); + krb5_set_error_message(context, ret, + N_("pk-init: failed to build " + "trustedCertifiers", "")); free_PA_PK_AS_REQ(&req); goto out; } @@ -608,7 +789,7 @@ pk_mk_padata(krb5_context context, } else krb5_abortx(context, "internal pkinit error"); if (ret) { - krb5_set_error_string(context, "PA-PK-AS-REQ %d", ret); + krb5_set_error_message(context, ret, "PA-PK-AS-REQ %d", (int)ret); goto out; } if (buf.length != size) @@ -618,19 +799,21 @@ pk_mk_padata(krb5_context context, if (ret) free(buf.data); - if (ret == 0 && ctx->type == COMPAT_WIN2K) - krb5_padata_add(context, md, KRB5_PADATA_PK_AS_09_BINDING, NULL, 0); + if (ret == 0) + krb5_padata_add(context, md, KRB5_PADATA_PK_AS_09_BINDING, NULL, 0); -out: + out: free_ContentInfo(&content_info); return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_pk_mk_padata(krb5_context context, void *c, + int ic_flags, + int win2k, const KDC_REQ_BODY *req_body, unsigned nonce, METHOD_DATA *md) @@ -638,33 +821,44 @@ _krb5_pk_mk_padata(krb5_context context, krb5_pk_init_ctx ctx = c; int win2k_compat; + if (ctx->id->certs == NULL && ctx->anonymous == 0) { + krb5_set_error_message(context, HEIM_PKINIT_NO_PRIVATE_KEY, + N_("PKINIT: No user certificate given", "")); + return HEIM_PKINIT_NO_PRIVATE_KEY; + } + win2k_compat = krb5_config_get_bool_default(context, NULL, - FALSE, + win2k, "realms", req_body->realm, "pkinit_win2k", NULL); if (win2k_compat) { - ctx->require_binding = + ctx->require_binding = krb5_config_get_bool_default(context, NULL, - FALSE, + TRUE, "realms", req_body->realm, "pkinit_win2k_require_binding", NULL); - ctx->type = COMPAT_WIN2K; + ctx->type = PKINIT_WIN2K; } else - ctx->type = COMPAT_IETF; + ctx->type = PKINIT_27; - ctx->require_eku = + ctx->require_eku = krb5_config_get_bool_default(context, NULL, TRUE, "realms", req_body->realm, "pkinit_require_eku", NULL); - ctx->require_krbtgt_otherName = + if (ic_flags & KRB5_INIT_CREDS_NO_C_NO_EKU_CHECK) + ctx->require_eku = 0; + if (ctx->id->flags & PKINIT_BTMM) + ctx->require_eku = 0; + + ctx->require_krbtgt_otherName = krb5_config_get_bool_default(context, NULL, TRUE, "realms", @@ -672,7 +866,7 @@ _krb5_pk_mk_padata(krb5_context context, "pkinit_require_krbtgt_otherName", NULL); - ctx->require_hostname_match = + ctx->require_hostname_match = krb5_config_get_bool_default(context, NULL, FALSE, "realms", @@ -680,7 +874,7 @@ _krb5_pk_mk_padata(krb5_context context, "pkinit_require_hostname_match", NULL); - ctx->trustedCertifiers = + ctx->trustedCertifiers = krb5_config_get_bool_default(context, NULL, TRUE, "realms", @@ -691,22 +885,30 @@ _krb5_pk_mk_padata(krb5_context context, return pk_mk_padata(context, ctx, req_body, nonce, md); } -krb5_error_code KRB5_LIB_FUNCTION -_krb5_pk_verify_sign(krb5_context context, - const void *data, - size_t length, - struct krb5_pk_identity *id, - heim_oid *contentType, - krb5_data *content, - struct krb5_pk_cert **signer) +static krb5_error_code +pk_verify_sign(krb5_context context, + const void *data, + size_t length, + struct krb5_pk_identity *id, + heim_oid *contentType, + krb5_data *content, + struct krb5_pk_cert **signer) { hx509_certs signer_certs; - int ret; + int ret, flags = 0; + + /* BTMM is broken in Leo and SnowLeo */ + if (id->flags & PKINIT_BTMM) { + flags |= HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH; + flags |= HX509_CMS_VS_NO_KU_CHECK; + flags |= HX509_CMS_VS_NO_VALIDATE; + } *signer = NULL; - ret = hx509_cms_verify_signed(id->hx509ctx, + ret = hx509_cms_verify_signed(context->hx509ctx, id->verify_ctx, + flags, data, length, NULL, @@ -715,26 +917,26 @@ _krb5_pk_verify_sign(krb5_context context, content, &signer_certs); if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "CMS verify signed failed"); + pk_copy_error(context, context->hx509ctx, ret, + "CMS verify signed failed"); return ret; } *signer = calloc(1, sizeof(**signer)); if (*signer == NULL) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = ENOMEM; goto out; } - - ret = hx509_get_one_cert(id->hx509ctx, signer_certs, &(*signer)->cert); + + ret = hx509_get_one_cert(context->hx509ctx, signer_certs, &(*signer)->cert); if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed to get on of the signer certs"); + pk_copy_error(context, context->hx509ctx, ret, + "Failed to get on of the signer certs"); goto out; } -out: + out: hx509_certs_free(&signer_certs); if (ret) { if (*signer) { @@ -762,29 +964,32 @@ get_reply_key_win(krb5_context context, &key_pack, &size); if (ret) { - krb5_set_error_string(context, "PKINIT decoding reply key failed"); + krb5_set_error_message(context, ret, + N_("PKINIT decoding reply key failed", "")); free_ReplyKeyPack_Win2k(&key_pack); return ret; } - - if (key_pack.nonce != nonce) { - krb5_set_error_string(context, "PKINIT enckey nonce is wrong"); + + if ((unsigned)key_pack.nonce != nonce) { + krb5_set_error_message(context, ret, + N_("PKINIT enckey nonce is wrong", "")); free_ReplyKeyPack_Win2k(&key_pack); return KRB5KRB_AP_ERR_MODIFIED; } *key = malloc (sizeof (**key)); if (*key == NULL) { - krb5_set_error_string(context, "PKINIT failed allocating reply key"); free_ReplyKeyPack_Win2k(&key_pack); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } ret = copy_EncryptionKey(&key_pack.replyKey, *key); free_ReplyKeyPack_Win2k(&key_pack); if (ret) { - krb5_set_error_string(context, "PKINIT failed copying reply key"); + krb5_set_error_message(context, ret, + N_("PKINIT failed copying reply key", "")); free(*key); *key = NULL; } @@ -807,15 +1012,16 @@ get_reply_key(krb5_context context, &key_pack, &size); if (ret) { - krb5_set_error_string(context, "PKINIT decoding reply key failed"); + krb5_set_error_message(context, ret, + N_("PKINIT decoding reply key failed", "")); free_ReplyKeyPack(&key_pack); return ret; } - + { krb5_crypto crypto; - /* + /* * XXX Verify kp.replyKey is a allowed enctype in the * configuration file */ @@ -838,16 +1044,17 @@ get_reply_key(krb5_context context, *key = malloc (sizeof (**key)); if (*key == NULL) { - krb5_set_error_string(context, "PKINIT failed allocating reply key"); free_ReplyKeyPack(&key_pack); - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } ret = copy_EncryptionKey(&key_pack.replyKey, *key); free_ReplyKeyPack(&key_pack); if (ret) { - krb5_set_error_string(context, "PKINIT failed copying reply key"); + krb5_set_error_message(context, ret, + N_("PKINIT failed copying reply key", "")); free(*key); *key = NULL; } @@ -866,24 +1073,27 @@ pk_verify_host(krb5_context context, krb5_error_code ret = 0; if (ctx->require_eku) { - ret = hx509_cert_check_eku(ctx->id->hx509ctx, host->cert, - oid_id_pkkdcekuoid(), 0); + ret = hx509_cert_check_eku(context->hx509ctx, host->cert, + &asn1_oid_id_pkkdcekuoid, 0); if (ret) { - krb5_set_error_string(context, "No PK-INIT KDC EKU in kdc certificate"); + krb5_set_error_message(context, ret, + N_("No PK-INIT KDC EKU in kdc certificate", "")); return ret; } } if (ctx->require_krbtgt_otherName) { hx509_octet_string_list list; - int i; + size_t i; - ret = hx509_cert_find_subjectAltName_otherName(ctx->id->hx509ctx, + ret = hx509_cert_find_subjectAltName_otherName(context->hx509ctx, host->cert, - oid_id_pkinit_san(), + &asn1_oid_id_pkinit_san, &list); if (ret) { - krb5_set_error_string(context, "Failed to find the PK-INIT " - "subjectAltName in the KDC certificate"); + krb5_set_error_message(context, ret, + N_("Failed to find the PK-INIT " + "subjectAltName in the KDC " + "certificate", "")); return ret; } @@ -896,8 +1106,10 @@ pk_verify_host(krb5_context context, &r, NULL); if (ret) { - krb5_set_error_string(context, "Failed to decode the PK-INIT " - "subjectAltName in the KDC certificate"); + krb5_set_error_message(context, ret, + N_("Failed to decode the PK-INIT " + "subjectAltName in the " + "KDC certificate", "")); break; } @@ -906,11 +1118,12 @@ pk_verify_host(krb5_context context, strcmp(r.principalName.name_string.val[0], KRB5_TGS_NAME) != 0 || strcmp(r.principalName.name_string.val[1], realm) != 0 || strcmp(r.realm, realm) != 0) - { - krb5_set_error_string(context, "KDC have wrong realm name in " - "the certificate"); - ret = KRB5_KDC_ERR_INVALID_CERTIFICATE; - } + { + ret = KRB5_KDC_ERR_INVALID_CERTIFICATE; + krb5_set_error_message(context, ret, + N_("KDC have wrong realm name in " + "the certificate", "")); + } free_KRB5PrincipalName(&r); if (ret) @@ -920,17 +1133,18 @@ pk_verify_host(krb5_context context, } if (ret) return ret; - + if (hi) { - ret = hx509_verify_hostname(ctx->id->hx509ctx, host->cert, + ret = hx509_verify_hostname(context->hx509ctx, host->cert, ctx->require_hostname_match, HX509_HN_HOSTNAME, hi->hostname, hi->ai->ai_addr, hi->ai->ai_addrlen); if (ret) - krb5_set_error_string(context, "Address mismatch in " - "the KDC certificate"); + krb5_set_error_message(context, ret, + N_("Address mismatch in " + "the KDC certificate", "")); } return ret; } @@ -947,81 +1161,91 @@ pk_rd_pa_reply_enckey(krb5_context context, unsigned nonce, const krb5_data *req_buffer, PA_DATA *pa, - krb5_keyblock **key) + krb5_keyblock **key) { krb5_error_code ret; struct krb5_pk_cert *host = NULL; krb5_data content; heim_oid contentType = { 0, NULL }; + int flags = HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT; - if (der_heim_oid_cmp(oid_id_pkcs7_envelopedData(), dataType)) { - krb5_set_error_string(context, "PKINIT: Invalid content type"); + if (der_heim_oid_cmp(&asn1_oid_id_pkcs7_envelopedData, dataType)) { + krb5_set_error_message(context, EINVAL, + N_("PKINIT: Invalid content type", "")); return EINVAL; } - ret = hx509_cms_unenvelope(ctx->id->hx509ctx, + if (ctx->type == PKINIT_WIN2K) + flags |= HX509_CMS_UE_ALLOW_WEAK; + + ret = hx509_cms_unenvelope(context->hx509ctx, ctx->id->certs, - HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT, + flags, indata->data, indata->length, NULL, + 0, &contentType, &content); if (ret) { - _krb5_pk_copy_error(context, ctx->id->hx509ctx, ret, - "Failed to unenvelope CMS data in PK-INIT reply"); + pk_copy_error(context, context->hx509ctx, ret, + "Failed to unenvelope CMS data in PK-INIT reply"); return ret; } der_free_oid(&contentType); -#if 0 /* windows LH with interesting CMS packets, leaks memory */ - { - size_t ph = 1 + der_length_len (length); - unsigned char *ptr = malloc(length + ph); - size_t l; - - memcpy(ptr + ph, p, length); - - ret = der_put_length_and_tag (ptr + ph - 1, ph, length, - ASN1_C_UNIV, CONS, UT_Sequence, &l); - if (ret) - return ret; - ptr += ph - l; - length += l; - p = ptr; - } -#endif - /* win2k uses ContentInfo */ - if (type == COMPAT_WIN2K) { - heim_oid type; + if (type == PKINIT_WIN2K) { + heim_oid type2; heim_octet_string out; - ret = hx509_cms_unwrap_ContentInfo(&content, &type, &out, NULL); - if (der_heim_oid_cmp(&type, oid_id_pkcs7_signedData())) { + ret = hx509_cms_unwrap_ContentInfo(&content, &type2, &out, NULL); + if (ret) { + /* windows LH with interesting CMS packets */ + size_t ph = 1 + der_length_len(content.length); + unsigned char *ptr = malloc(content.length + ph); + size_t l; + + memcpy(ptr + ph, content.data, content.length); + + ret = der_put_length_and_tag (ptr + ph - 1, ph, content.length, + ASN1_C_UNIV, CONS, UT_Sequence, &l); + if (ret) + return ret; + free(content.data); + content.data = ptr; + content.length += ph; + + ret = hx509_cms_unwrap_ContentInfo(&content, &type2, &out, NULL); + if (ret) + goto out; + } + if (der_heim_oid_cmp(&type2, &asn1_oid_id_pkcs7_signedData)) { ret = EINVAL; /* XXX */ - krb5_set_error_string(context, "PKINIT: Invalid content type"); - der_free_oid(&type); + krb5_set_error_message(context, ret, + N_("PKINIT: Invalid content type", "")); + der_free_oid(&type2); der_free_octet_string(&out); goto out; } - der_free_oid(&type); + der_free_oid(&type2); krb5_data_free(&content); ret = krb5_data_copy(&content, out.data, out.length); der_free_octet_string(&out); if (ret) { - krb5_set_error_string(context, "PKINIT: out of memory"); + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto out; } } - ret = _krb5_pk_verify_sign(context, - content.data, - content.length, - ctx->id, - &contentType, - &content, - &host); + ret = pk_verify_sign(context, + content.data, + content.length, + ctx->id, + &contentType, + &content, + &host); if (ret) goto out; @@ -1032,28 +1256,28 @@ pk_rd_pa_reply_enckey(krb5_context context, } #if 0 - if (type == COMPAT_WIN2K) { - if (der_heim_oid_cmp(&contentType, oid_id_pkcs7_data()) != 0) { - krb5_set_error_string(context, "PKINIT: reply key, wrong oid"); + if (type == PKINIT_WIN2K) { + if (der_heim_oid_cmp(&contentType, &asn1_oid_id_pkcs7_data) != 0) { ret = KRB5KRB_AP_ERR_MSG_TYPE; + krb5_set_error_message(context, ret, "PKINIT: reply key, wrong oid"); goto out; } } else { - if (der_heim_oid_cmp(&contentType, oid_id_pkrkeydata()) != 0) { - krb5_set_error_string(context, "PKINIT: reply key, wrong oid"); + if (der_heim_oid_cmp(&contentType, &asn1_oid_id_pkrkeydata) != 0) { ret = KRB5KRB_AP_ERR_MSG_TYPE; + krb5_set_error_message(context, ret, "PKINIT: reply key, wrong oid"); goto out; } } #endif switch(type) { - case COMPAT_WIN2K: + case PKINIT_WIN2K: ret = get_reply_key(context, &content, req_buffer, key); if (ret != 0 && ctx->require_binding == 0) ret = get_reply_key_win(context, &content, nonce, key); break; - case COMPAT_IETF: + case PKINIT_27: ret = get_reply_key(context, &content, req_buffer, key); break; } @@ -1085,31 +1309,33 @@ pk_rd_pa_reply_dh(krb5_context context, PA_DATA *pa, krb5_keyblock **key) { - unsigned char *p, *dh_gen_key = NULL; + const unsigned char *p; + unsigned char *dh_gen_key = NULL; struct krb5_pk_cert *host = NULL; BIGNUM *kdc_dh_pubkey = NULL; KDCDHKeyInfo kdc_dh_info; heim_oid contentType = { 0, NULL }; krb5_data content; krb5_error_code ret; - int dh_gen_keylen; + int dh_gen_keylen = 0; size_t size; krb5_data_zero(&content); memset(&kdc_dh_info, 0, sizeof(kdc_dh_info)); - if (der_heim_oid_cmp(oid_id_pkcs7_signedData(), dataType)) { - krb5_set_error_string(context, "PKINIT: Invalid content type"); + if (der_heim_oid_cmp(&asn1_oid_id_pkcs7_signedData, dataType)) { + krb5_set_error_message(context, EINVAL, + N_("PKINIT: Invalid content type", "")); return EINVAL; } - ret = _krb5_pk_verify_sign(context, - indata->data, - indata->length, - ctx->id, - &contentType, - &content, - &host); + ret = pk_verify_sign(context, + indata->data, + indata->length, + ctx->id, + &contentType, + &content, + &host); if (ret) goto out; @@ -1118,9 +1344,10 @@ pk_rd_pa_reply_dh(krb5_context context, if (ret) goto out; - if (der_heim_oid_cmp(&contentType, oid_id_pkdhkeydata())) { - krb5_set_error_string(context, "pkinit - dh reply contains wrong oid"); + if (der_heim_oid_cmp(&contentType, &asn1_oid_id_pkdhkeydata)) { ret = KRB5KRB_AP_ERR_MSG_TYPE; + krb5_set_error_message(context, ret, + N_("pkinit - dh reply contains wrong oid", "")); goto out; } @@ -1130,35 +1357,40 @@ pk_rd_pa_reply_dh(krb5_context context, &size); if (ret) { - krb5_set_error_string(context, "pkinit - " - "failed to decode KDC DH Key Info"); + krb5_set_error_message(context, ret, + N_("pkinit - failed to decode " + "KDC DH Key Info", "")); goto out; } if (kdc_dh_info.nonce != nonce) { - krb5_set_error_string(context, "PKINIT: DH nonce is wrong"); ret = KRB5KRB_AP_ERR_MODIFIED; + krb5_set_error_message(context, ret, + N_("PKINIT: DH nonce is wrong", "")); goto out; } if (kdc_dh_info.dhKeyExpiration) { if (k_n == NULL) { - krb5_set_error_string(context, "pkinit; got key expiration " - "without server nonce"); ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, + N_("pkinit; got key expiration " + "without server nonce", "")); goto out; } if (c_n == NULL) { - krb5_set_error_string(context, "pkinit; got DH reuse but no " - "client nonce"); ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, + N_("pkinit; got DH reuse but no " + "client nonce", "")); goto out; } } else { if (k_n) { - krb5_set_error_string(context, "pkinit: got server nonce " - "without key expiration"); ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, + N_("pkinit: got server nonce " + "without key expiration", "")); goto out; } c_n = NULL; @@ -1168,49 +1400,110 @@ pk_rd_pa_reply_dh(krb5_context context, p = kdc_dh_info.subjectPublicKey.data; size = (kdc_dh_info.subjectPublicKey.length + 7) / 8; - { + if (ctx->keyex == USE_DH) { DHPublicKey k; ret = decode_DHPublicKey(p, size, &k, NULL); if (ret) { - krb5_set_error_string(context, "pkinit: can't decode " - "without key expiration"); + krb5_set_error_message(context, ret, + N_("pkinit: can't decode " + "without key expiration", "")); goto out; } kdc_dh_pubkey = integer_to_BN(context, "DHPublicKey", &k); free_DHPublicKey(&k); if (kdc_dh_pubkey == NULL) { - ret = KRB5KRB_ERR_GENERIC; + ret = ENOMEM; goto out; } - } - - dh_gen_keylen = DH_size(ctx->dh); - size = BN_num_bytes(ctx->dh->p); - if (size < dh_gen_keylen) - size = dh_gen_keylen; - dh_gen_key = malloc(size); - if (dh_gen_key == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - memset(dh_gen_key, 0, size - dh_gen_keylen); - dh_gen_keylen = DH_compute_key(dh_gen_key + (size - dh_gen_keylen), - kdc_dh_pubkey, ctx->dh); - if (dh_gen_keylen == -1) { - krb5_set_error_string(context, - "PKINIT: Can't compute Diffie-Hellman key"); - ret = KRB5KRB_ERR_GENERIC; + size = DH_size(ctx->u.dh); + + dh_gen_key = malloc(size); + if (dh_gen_key == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + goto out; + } + + dh_gen_keylen = DH_compute_key(dh_gen_key, kdc_dh_pubkey, ctx->u.dh); + if (dh_gen_keylen == -1) { + ret = KRB5KRB_ERR_GENERIC; + dh_gen_keylen = 0; + krb5_set_error_message(context, ret, + N_("PKINIT: Can't compute Diffie-Hellman key", "")); + goto out; + } + if (dh_gen_keylen < (int)size) { + size -= dh_gen_keylen; + memmove(dh_gen_key + size, dh_gen_key, dh_gen_keylen); + memset(dh_gen_key, 0, size); + } + + } else { +#ifdef HAVE_OPENSSL + const EC_GROUP *group; + EC_KEY *public = NULL; + + group = EC_KEY_get0_group(ctx->u.eckey); + + public = EC_KEY_new(); + if (public == NULL) { + ret = ENOMEM; + goto out; + } + if (EC_KEY_set_group(public, group) != 1) { + EC_KEY_free(public); + ret = ENOMEM; + goto out; + } + + if (o2i_ECPublicKey(&public, &p, size) == NULL) { + EC_KEY_free(public); + ret = KRB5KRB_ERR_GENERIC; + krb5_set_error_message(context, ret, + N_("PKINIT: Can't parse ECDH public key", "")); + goto out; + } + + size = (EC_GROUP_get_degree(group) + 7) / 8; + dh_gen_key = malloc(size); + if (dh_gen_key == NULL) { + EC_KEY_free(public); + ret = ENOMEM; + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); + goto out; + } + dh_gen_keylen = ECDH_compute_key(dh_gen_key, size, + EC_KEY_get0_public_key(public), ctx->u.eckey, NULL); + EC_KEY_free(public); + if (dh_gen_keylen == -1) { + ret = KRB5KRB_ERR_GENERIC; + dh_gen_keylen = 0; + krb5_set_error_message(context, ret, + N_("PKINIT: Can't compute ECDH public key", "")); + goto out; + } +#else + ret = EINVAL; +#endif + } + + if (dh_gen_keylen <= 0) { + ret = EINVAL; + krb5_set_error_message(context, ret, + N_("PKINIT: resulting DH key <= 0", "")); + dh_gen_keylen = 0; goto out; } *key = malloc (sizeof (**key)); if (*key == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto out; } @@ -1220,8 +1513,8 @@ pk_rd_pa_reply_dh(krb5_context context, c_n, k_n, *key); if (ret) { - krb5_set_error_string(context, - "PKINIT: can't create key from DH key"); + krb5_set_error_message(context, ret, + N_("PKINIT: can't create key from DH key", "")); free(*key); *key = NULL; goto out; @@ -1231,7 +1524,7 @@ pk_rd_pa_reply_dh(krb5_context context, if (kdc_dh_pubkey) BN_free(kdc_dh_pubkey); if (dh_gen_key) { - memset(dh_gen_key, 0, DH_size(ctx->dh)); + memset(dh_gen_key, 0, dh_gen_keylen); free(dh_gen_key); } if (host) @@ -1244,7 +1537,7 @@ pk_rd_pa_reply_dh(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_pk_rd_pa_reply(krb5_context context, const char *realm, void *c, @@ -1260,13 +1553,14 @@ _krb5_pk_rd_pa_reply(krb5_context context, size_t size; /* Check for IETF PK-INIT first */ - if (ctx->type == COMPAT_IETF) { + if (ctx->type == PKINIT_27) { PA_PK_AS_REP rep; heim_octet_string os, data; heim_oid oid; - + if (pa->padata_type != KRB5_PADATA_PK_AS_REP) { - krb5_set_error_string(context, "PKINIT: wrong padata recv"); + krb5_set_error_message(context, EINVAL, + N_("PKINIT: wrong padata recv", "")); return EINVAL; } @@ -1275,28 +1569,65 @@ _krb5_pk_rd_pa_reply(krb5_context context, &rep, &size); if (ret) { - krb5_set_error_string(context, "Failed to decode pkinit AS rep"); + krb5_set_error_message(context, ret, + N_("Failed to decode pkinit AS rep", "")); return ret; } switch (rep.element) { case choice_PA_PK_AS_REP_dhInfo: + _krb5_debug(context, 5, "krb5_get_init_creds: using pkinit dh"); os = rep.u.dhInfo.dhSignedData; break; case choice_PA_PK_AS_REP_encKeyPack: + _krb5_debug(context, 5, "krb5_get_init_creds: using kinit enc reply key"); os = rep.u.encKeyPack; break; - default: + default: { + PA_PK_AS_REP_BTMM btmm; free_PA_PK_AS_REP(&rep); - krb5_set_error_string(context, "PKINIT: -27 reply " - "invalid content type"); - return EINVAL; + memset(&rep, 0, sizeof(rep)); + + _krb5_debug(context, 5, "krb5_get_init_creds: using BTMM kinit enc reply key"); + + ret = decode_PA_PK_AS_REP_BTMM(pa->padata_value.data, + pa->padata_value.length, + &btmm, + &size); + if (ret) { + krb5_set_error_message(context, EINVAL, + N_("PKINIT: -27 reply " + "invalid content type", "")); + return EINVAL; + } + + if (btmm.dhSignedData || btmm.encKeyPack == NULL) { + free_PA_PK_AS_REP_BTMM(&btmm); + ret = EINVAL; + krb5_set_error_message(context, ret, + N_("DH mode not supported for BTMM mode", "")); + return ret; + } + + /* + * Transform to IETF style PK-INIT reply so that free works below + */ + + rep.element = choice_PA_PK_AS_REP_encKeyPack; + rep.u.encKeyPack.data = btmm.encKeyPack->data; + rep.u.encKeyPack.length = btmm.encKeyPack->length; + btmm.encKeyPack->data = NULL; + btmm.encKeyPack->length = 0; + free_PA_PK_AS_REP_BTMM(&btmm); + os = rep.u.encKeyPack; + } } ret = hx509_cms_unwrap_ContentInfo(&os, &oid, &data, NULL); if (ret) { free_PA_PK_AS_REP(&rep); - krb5_set_error_string(context, "PKINIT: failed to unwrap CI"); + krb5_set_error_message(context, ret, + N_("PKINIT: failed to unwrap CI", "")); return ret; } @@ -1308,7 +1639,7 @@ _krb5_pk_rd_pa_reply(krb5_context context, nonce, pa, key); break; case choice_PA_PK_AS_REP_encKeyPack: - ret = pk_rd_pa_reply_enckey(context, COMPAT_IETF, &data, &oid, realm, + ret = pk_rd_pa_reply_enckey(context, PKINIT_27, &data, &oid, realm, ctx, etype, hi, nonce, req_buffer, pa, key); break; default: @@ -1318,46 +1649,49 @@ _krb5_pk_rd_pa_reply(krb5_context context, der_free_oid(&oid); free_PA_PK_AS_REP(&rep); - } else if (ctx->type == COMPAT_WIN2K) { + } else if (ctx->type == PKINIT_WIN2K) { PA_PK_AS_REP_Win2k w2krep; - /* Check for Windows encoding of the AS-REP pa data */ + /* Check for Windows encoding of the AS-REP pa data */ #if 0 /* should this be ? */ if (pa->padata_type != KRB5_PADATA_PK_AS_REP) { - krb5_set_error_string(context, "PKINIT: wrong padata recv"); + krb5_set_error_message(context, EINVAL, + "PKINIT: wrong padata recv"); return EINVAL; } #endif memset(&w2krep, 0, sizeof(w2krep)); - + ret = decode_PA_PK_AS_REP_Win2k(pa->padata_value.data, pa->padata_value.length, &w2krep, &size); if (ret) { - krb5_set_error_string(context, "PKINIT: Failed decoding windows " - "pkinit reply %d", ret); + krb5_set_error_message(context, ret, + N_("PKINIT: Failed decoding windows " + "pkinit reply %d", ""), (int)ret); return ret; } - krb5_clear_error_string(context); - + krb5_clear_error_message(context); + switch (w2krep.element) { case choice_PA_PK_AS_REP_Win2k_encKeyPack: { heim_octet_string data; heim_oid oid; - - ret = hx509_cms_unwrap_ContentInfo(&w2krep.u.encKeyPack, + + ret = hx509_cms_unwrap_ContentInfo(&w2krep.u.encKeyPack, &oid, &data, NULL); free_PA_PK_AS_REP_Win2k(&w2krep); if (ret) { - krb5_set_error_string(context, "PKINIT: failed to unwrap CI"); + krb5_set_error_message(context, ret, + N_("PKINIT: failed to unwrap CI", "")); return ret; } - ret = pk_rd_pa_reply_enckey(context, COMPAT_WIN2K, &data, &oid, realm, + ret = pk_rd_pa_reply_enckey(context, PKINIT_WIN2K, &data, &oid, realm, ctx, etype, hi, nonce, req_buffer, pa, key); der_free_octet_string(&data); der_free_oid(&oid); @@ -1366,15 +1700,17 @@ _krb5_pk_rd_pa_reply(krb5_context context, } default: free_PA_PK_AS_REP_Win2k(&w2krep); - krb5_set_error_string(context, "PKINIT: win2k reply invalid " - "content type"); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("PKINIT: win2k reply invalid " + "content type", "")); break; } - + } else { - krb5_set_error_string(context, "PKINIT: unknown reply type"); ret = EINVAL; + krb5_set_error_message(context, ret, + N_("PKINIT: unknown reply type", "")); } return ret; @@ -1386,14 +1722,14 @@ struct prompter { void *prompter_data; }; -static int +static int hx_pass_prompter(void *data, const hx509_prompt *prompter) { krb5_error_code ret; krb5_prompt prompt; krb5_data password_data; struct prompter *p = data; - + password_data.data = prompter->reply.data; password_data.length = prompter->reply.length; @@ -1410,8 +1746,8 @@ hx_pass_prompter(void *data, const hx509_prompt *prompter) default: prompt.type = KRB5_PROMPT_TYPE_PASSWORD; break; - } - + } + ret = (*p->prompter)(p->context, p->prompter_data, NULL, NULL, 1, &prompt); if (ret) { memset (prompter->reply.data, 0, prompter->reply.length); @@ -1420,16 +1756,80 @@ hx_pass_prompter(void *data, const hx509_prompt *prompter) return 0; } - -void KRB5_LIB_FUNCTION -_krb5_pk_allow_proxy_certificate(struct krb5_pk_identity *id, - int boolean) +static krb5_error_code +_krb5_pk_set_user_id(krb5_context context, + krb5_principal principal, + krb5_pk_init_ctx ctx, + struct hx509_certs_data *certs) { - hx509_verify_set_proxy_certificate(id->verify_ctx, boolean); + hx509_certs c = hx509_certs_ref(certs); + hx509_query *q = NULL; + int ret; + + if (ctx->id->certs) + hx509_certs_free(&ctx->id->certs); + if (ctx->id->cert) { + hx509_cert_free(ctx->id->cert); + ctx->id->cert = NULL; + } + + ctx->id->certs = c; + ctx->anonymous = 0; + + ret = hx509_query_alloc(context->hx509ctx, &q); + if (ret) { + pk_copy_error(context, context->hx509ctx, ret, + "Allocate query to find signing certificate"); + return ret; + } + + hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); + hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); + + if (principal && strncmp("LKDC:SHA1.", krb5_principal_get_realm(context, principal), 9) == 0) { + ctx->id->flags |= PKINIT_BTMM; + } + + ret = find_cert(context, ctx->id, q, &ctx->id->cert); + hx509_query_free(context->hx509ctx, q); + + if (ret == 0 && _krb5_have_debug(context, 2)) { + hx509_name name; + char *str, *sn; + heim_integer i; + + ret = hx509_cert_get_subject(ctx->id->cert, &name); + if (ret) + goto out; + + ret = hx509_name_to_string(name, &str); + hx509_name_free(&name); + if (ret) + goto out; + + ret = hx509_cert_get_serialnumber(ctx->id->cert, &i); + if (ret) { + free(str); + goto out; + } + + ret = der_print_hex_heim_integer(&i, &sn); + der_free_heim_integer(&i); + if (ret) { + free(name); + goto out; + } + + _krb5_debug(context, 2, "using cert: subject: %s sn: %s", str, sn); + free(str); + free(sn); + } + out: + + return ret; } - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL _krb5_pk_load_id(krb5_context context, struct krb5_pk_identity **ret_id, const char *user_id, @@ -1441,190 +1841,187 @@ _krb5_pk_load_id(krb5_context context, char *password) { struct krb5_pk_identity *id = NULL; - hx509_lock lock = NULL; struct prompter p; int ret; *ret_id = NULL; if (anchor_id == NULL) { - krb5_set_error_string(context, "PKINIT: No anchor given"); + krb5_set_error_message(context, HEIM_PKINIT_NO_VALID_CA, + N_("PKINIT: No anchor given", "")); return HEIM_PKINIT_NO_VALID_CA; } - if (user_id == NULL) { - krb5_set_error_string(context, - "PKINIT: No user certificate given"); - return HEIM_PKINIT_NO_PRIVATE_KEY; - } - /* load cert */ id = calloc(1, sizeof(*id)); if (id == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; - } + } - ret = hx509_context_init(&id->hx509ctx); - if (ret) - goto out; + if (user_id) { + hx509_lock lock; - ret = hx509_lock_init(id->hx509ctx, &lock); - if (password && password[0]) - hx509_lock_add_password(lock, password); - - if (prompter) { - p.context = context; - p.prompter = prompter; - p.prompter_data = prompter_data; - - ret = hx509_lock_set_prompter(lock, hx_pass_prompter, &p); - if (ret) + ret = hx509_lock_init(context->hx509ctx, &lock); + if (ret) { + pk_copy_error(context, context->hx509ctx, ret, "Failed init lock"); goto out; + } + + if (password && password[0]) + hx509_lock_add_password(lock, password); + + if (prompter) { + p.context = context; + p.prompter = prompter; + p.prompter_data = prompter_data; + + ret = hx509_lock_set_prompter(lock, hx_pass_prompter, &p); + if (ret) { + hx509_lock_free(lock); + goto out; + } + } + + ret = hx509_certs_init(context->hx509ctx, user_id, 0, lock, &id->certs); + hx509_lock_free(lock); + if (ret) { + pk_copy_error(context, context->hx509ctx, ret, + "Failed to init cert certs"); + goto out; + } + } else { + id->certs = NULL; } - ret = hx509_certs_init(id->hx509ctx, user_id, 0, lock, &id->certs); + ret = hx509_certs_init(context->hx509ctx, anchor_id, 0, NULL, &id->anchors); if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed to init cert certs"); + pk_copy_error(context, context->hx509ctx, ret, + "Failed to init anchors"); goto out; } - ret = hx509_certs_init(id->hx509ctx, anchor_id, 0, NULL, &id->anchors); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed to init anchors"); - goto out; - } - - ret = hx509_certs_init(id->hx509ctx, "MEMORY:pkinit-cert-chain", + ret = hx509_certs_init(context->hx509ctx, "MEMORY:pkinit-cert-chain", 0, NULL, &id->certpool); if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed to init chain"); + pk_copy_error(context, context->hx509ctx, ret, + "Failed to init chain"); goto out; } while (chain_list && *chain_list) { - ret = hx509_certs_append(id->hx509ctx, id->certpool, + ret = hx509_certs_append(context->hx509ctx, id->certpool, NULL, *chain_list); if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed to laod chain %s", - *chain_list); + pk_copy_error(context, context->hx509ctx, ret, + "Failed to laod chain %s", + *chain_list); goto out; } chain_list++; } if (revoke_list) { - ret = hx509_revoke_init(id->hx509ctx, &id->revokectx); + ret = hx509_revoke_init(context->hx509ctx, &id->revokectx); if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed init revoke list"); + pk_copy_error(context, context->hx509ctx, ret, + "Failed init revoke list"); goto out; } while (*revoke_list) { - ret = hx509_revoke_add_crl(id->hx509ctx, + ret = hx509_revoke_add_crl(context->hx509ctx, id->revokectx, *revoke_list); if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed load revoke list"); + pk_copy_error(context, context->hx509ctx, ret, + "Failed load revoke list"); goto out; } revoke_list++; } } else - hx509_context_set_missing_revoke(id->hx509ctx, 1); + hx509_context_set_missing_revoke(context->hx509ctx, 1); - ret = hx509_verify_init_ctx(id->hx509ctx, &id->verify_ctx); + ret = hx509_verify_init_ctx(context->hx509ctx, &id->verify_ctx); if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed init verify context"); + pk_copy_error(context, context->hx509ctx, ret, + "Failed init verify context"); goto out; } hx509_verify_attach_anchors(id->verify_ctx, id->anchors); hx509_verify_attach_revoke(id->verify_ctx, id->revokectx); -out: + out: if (ret) { hx509_verify_destroy_ctx(id->verify_ctx); hx509_certs_free(&id->certs); hx509_certs_free(&id->anchors); hx509_certs_free(&id->certpool); hx509_revoke_free(&id->revokectx); - hx509_context_free(&id->hx509ctx); free(id); } else *ret_id = id; - hx509_lock_free(lock); - return ret; } -static krb5_error_code -select_dh_group(krb5_context context, DH *dh, unsigned long bits, - struct krb5_dh_moduli **moduli) -{ - const struct krb5_dh_moduli *m; +/* + * + */ - if (bits == 0) { - m = moduli[1]; /* XXX */ - if (m == NULL) - m = moduli[0]; /* XXX */ - } else { - int i; - for (i = 0; moduli[i] != NULL; i++) { - if (bits < moduli[i]->bits) - break; - } - if (moduli[i] == NULL) { - krb5_set_error_string(context, - "Did not find a DH group parameter " - "matching requirement of %lu bits", - bits); - return EINVAL; - } - m = moduli[i]; +static void +pk_copy_error(krb5_context context, + hx509_context hx509ctx, + int hxret, + const char *fmt, + ...) +{ + va_list va; + char *s, *f; + int ret; + + va_start(va, fmt); + ret = vasprintf(&f, fmt, va); + va_end(va); + if (ret == -1 || f == NULL) { + krb5_clear_error_message(context); + return; } - dh->p = integer_to_BN(context, "p", &m->p); - if (dh->p == NULL) - return ENOMEM; - dh->g = integer_to_BN(context, "g", &m->g); - if (dh->g == NULL) - return ENOMEM; - dh->q = integer_to_BN(context, "q", &m->q); - if (dh->q == NULL) - return ENOMEM; - - return 0; + s = hx509_get_error_string(hx509ctx, hxret); + if (s == NULL) { + krb5_clear_error_message(context); + free(f); + return; + } + krb5_set_error_message(context, hxret, "%s: %s", f, s); + free(s); + free(f); } -#endif /* PKINIT */ - static int -parse_integer(krb5_context context, char **p, const char *file, int lineno, +parse_integer(krb5_context context, char **p, const char *file, int lineno, const char *name, heim_integer *integer) { int ret; char *p1; p1 = strsep(p, " \t"); if (p1 == NULL) { - krb5_set_error_string(context, "moduli file %s missing %s on line %d", - file, name, lineno); + krb5_set_error_message(context, EINVAL, + N_("moduli file %s missing %s on line %d", ""), + file, name, lineno); return EINVAL; } ret = der_parse_hex_heim_integer(p1, integer); if (ret) { - krb5_set_error_string(context, "moduli file %s failed parsing %s " - "on line %d", - file, name, lineno); + krb5_set_error_message(context, ret, + N_("moduli file %s failed parsing %s " + "on line %d", ""), + file, name, lineno); return ret; } @@ -1632,7 +2029,7 @@ parse_integer(krb5_context context, char **p, const char *file, int lineno, } krb5_error_code -_krb5_parse_moduli_line(krb5_context context, +_krb5_parse_moduli_line(krb5_context context, const char *file, int lineno, char *p, @@ -1646,43 +2043,49 @@ _krb5_parse_moduli_line(krb5_context context, m1 = calloc(1, sizeof(*m1)); if (m1 == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } while (isspace((unsigned char)*p)) p++; - if (*p == '#') + if (*p == '#') { + free(m1); return 0; + } ret = EINVAL; p1 = strsep(&p, " \t"); if (p1 == NULL) { - krb5_set_error_string(context, "moduli file %s missing name " - "on line %d", file, lineno); + krb5_set_error_message(context, ret, + N_("moduli file %s missing name on line %d", ""), + file, lineno); goto out; } m1->name = strdup(p1); - if (p1 == NULL) { - krb5_set_error_string(context, "malloc - out of memeory"); + if (m1->name == NULL) { ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memeory", "")); goto out; } p1 = strsep(&p, " \t"); if (p1 == NULL) { - krb5_set_error_string(context, "moduli file %s missing bits on line %d", - file, lineno); + krb5_set_error_message(context, ret, + N_("moduli file %s missing bits on line %d", ""), + file, lineno); goto out; } m1->bits = atoi(p1); if (m1->bits == 0) { - krb5_set_error_string(context, "moduli file %s have un-parsable " - "bits on line %d", file, lineno); + krb5_set_error_message(context, ret, + N_("moduli file %s have un-parsable " + "bits on line %d", ""), file, lineno); goto out; } - + ret = parse_integer(context, &p, file, lineno, "p", &m1->p); if (ret) goto out; @@ -1696,7 +2099,7 @@ _krb5_parse_moduli_line(krb5_context context, *m = m1; return 0; -out: + out: free(m1->name); der_free_heim_integer(&m1->p); der_free_heim_integer(&m1->g); @@ -1788,7 +2191,8 @@ _krb5_parse_moduli(krb5_context context, const char *file, m = calloc(1, sizeof(m[0]) * 3); if (m == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } @@ -1812,11 +2216,26 @@ _krb5_parse_moduli(krb5_context context, const char *file, if (file == NULL) file = MODULI_FILE; +#ifdef KRB5_USE_PATH_TOKENS + { + char * exp_file; + + if (_krb5_expand_path_tokens(context, file, &exp_file) == 0) { + f = fopen(exp_file, "r"); + krb5_xfree(exp_file); + } else { + f = NULL; + } + } +#else f = fopen(file, "r"); +#endif + if (f == NULL) { *moduli = m; return 0; } + rk_cloexec_file(f); while(fgets(buf, sizeof(buf), f) != NULL) { struct krb5_dh_moduli *element; @@ -1826,12 +2245,13 @@ _krb5_parse_moduli(krb5_context context, const char *file, m2 = realloc(m, (n + 2) * sizeof(m[0])); if (m2 == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); _krb5_free_moduli(m); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } m = m2; - + m[n] = NULL; ret = _krb5_parse_moduli_line(context, file, lineno, buf, &element); @@ -1865,23 +2285,29 @@ _krb5_dh_group_ok(krb5_context context, unsigned long bits, if (der_heim_integer_cmp(&moduli[i]->g, g) == 0 && der_heim_integer_cmp(&moduli[i]->p, p) == 0 && (q == NULL || der_heim_integer_cmp(&moduli[i]->q, q) == 0)) - { - if (bits && bits > moduli[i]->bits) { - krb5_set_error_string(context, "PKINIT: DH group parameter %s " - "no accepted, not enough bits generated", - moduli[i]->name); - return KRB5_KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED; + { + if (bits && bits > moduli[i]->bits) { + krb5_set_error_message(context, + KRB5_KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED, + N_("PKINIT: DH group parameter %s " + "no accepted, not enough bits " + "generated", ""), + moduli[i]->name); + return KRB5_KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED; + } + if (name) + *name = strdup(moduli[i]->name); + return 0; } - if (name) - *name = strdup(moduli[i]->name); - return 0; - } } - krb5_set_error_string(context, "PKINIT: DH group parameter no ok"); + krb5_set_error_message(context, + KRB5_KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED, + N_("PKINIT: DH group parameter no ok", "")); return KRB5_KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED; } +#endif /* PKINIT */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL _krb5_get_init_creds_opt_free_pkinit(krb5_get_init_creds_opt *opt) { #ifdef PKINIT @@ -1890,15 +2316,26 @@ _krb5_get_init_creds_opt_free_pkinit(krb5_get_init_creds_opt *opt) if (opt->opt_private == NULL || opt->opt_private->pk_init_ctx == NULL) return; ctx = opt->opt_private->pk_init_ctx; - if (ctx->dh) - DH_free(ctx->dh); - ctx->dh = NULL; + switch (ctx->keyex) { + case USE_DH: + if (ctx->u.dh) + DH_free(ctx->u.dh); + break; + case USE_RSA: + break; + case USE_ECDH: +#ifdef HAVE_OPENSSL + if (ctx->u.eckey) + EC_KEY_free(ctx->u.eckey); +#endif + break; + } if (ctx->id) { hx509_verify_destroy_ctx(ctx->id->verify_ctx); hx509_certs_free(&ctx->id->certs); + hx509_cert_free(ctx->id->cert); hx509_certs_free(&ctx->id->anchors); hx509_certs_free(&ctx->id->certpool); - hx509_context_free(&ctx->id->hx509ctx); if (ctx->clientDHNonce) { krb5_free_data(NULL, ctx->clientDHNonce); @@ -1913,8 +2350,8 @@ _krb5_get_init_creds_opt_free_pkinit(krb5_get_init_creds_opt *opt) opt->opt_private->pk_init_ctx = NULL; #endif } - -krb5_error_code KRB5_LIB_FUNCTION + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_set_pkinit(krb5_context context, krb5_get_init_creds_opt *opt, krb5_principal principal, @@ -1932,19 +2369,18 @@ krb5_get_init_creds_opt_set_pkinit(krb5_context context, char *anchors = NULL; if (opt->opt_private == NULL) { - krb5_set_error_string(context, "PKINIT: on non extendable opt"); + krb5_set_error_message(context, EINVAL, + N_("PKINIT: on non extendable opt", "")); return EINVAL; } - opt->opt_private->pk_init_ctx = + opt->opt_private->pk_init_ctx = calloc(1, sizeof(*opt->opt_private->pk_init_ctx)); if (opt->opt_private->pk_init_ctx == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } - opt->opt_private->pk_init_ctx->dh = NULL; - opt->opt_private->pk_init_ctx->id = NULL; - opt->opt_private->pk_init_ctx->clientDHNonce = NULL; opt->opt_private->pk_init_ctx->require_binding = 0; opt->opt_private->pk_init_ctx->require_eku = 1; opt->opt_private->pk_init_ctx->require_krbtgt_otherName = 1; @@ -1953,23 +2389,26 @@ krb5_get_init_creds_opt_set_pkinit(krb5_context context, /* XXX implement krb5_appdefault_strings */ if (pool == NULL) pool = krb5_config_get_strings(context, NULL, - "appdefaults", - "pkinit_pool", + "appdefaults", + "pkinit_pool", NULL); if (pki_revoke == NULL) pki_revoke = krb5_config_get_strings(context, NULL, - "appdefaults", - "pkinit_revoke", + "appdefaults", + "pkinit_revoke", NULL); if (x509_anchors == NULL) { krb5_appdefault_string(context, "kinit", - krb5_principal_get_realm(context, principal), + krb5_principal_get_realm(context, principal), "pkinit_anchors", NULL, &anchors); x509_anchors = anchors; } + if (flags & 4) + opt->opt_private->pk_init_ctx->anonymous = 1; + ret = _krb5_pk_load_id(context, &opt->opt_private->pk_init_ctx->id, user_id, @@ -1985,86 +2424,218 @@ krb5_get_init_creds_opt_set_pkinit(krb5_context context, return ret; } + if (opt->opt_private->pk_init_ctx->id->certs) { + _krb5_pk_set_user_id(context, + principal, + opt->opt_private->pk_init_ctx, + opt->opt_private->pk_init_ctx->id->certs); + } else + opt->opt_private->pk_init_ctx->id->cert = NULL; + if ((flags & 2) == 0) { - const char *moduli_file; - unsigned long dh_min_bits; + hx509_context hx509ctx = context->hx509ctx; + hx509_cert cert = opt->opt_private->pk_init_ctx->id->cert; - moduli_file = krb5_config_get_string(context, NULL, - "libdefaults", - "moduli", - NULL); + opt->opt_private->pk_init_ctx->keyex = USE_DH; - dh_min_bits = - krb5_config_get_int_default(context, NULL, 0, - "libdefaults", - "pkinit_dh_min_bits", - NULL); + /* + * If its a ECDSA certs, lets select ECDSA as the keyex algorithm. + */ + if (cert) { + AlgorithmIdentifier alg; - ret = _krb5_parse_moduli(context, moduli_file, - &opt->opt_private->pk_init_ctx->m); - if (ret) { - _krb5_get_init_creds_opt_free_pkinit(opt); - return ret; - } - - opt->opt_private->pk_init_ctx->dh = DH_new(); - if (opt->opt_private->pk_init_ctx->dh == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - _krb5_get_init_creds_opt_free_pkinit(opt); - return ENOMEM; + ret = hx509_cert_get_SPKI_AlgorithmIdentifier(hx509ctx, cert, &alg); + if (ret == 0) { + if (der_heim_oid_cmp(&alg.algorithm, &asn1_oid_id_ecPublicKey) == 0) + opt->opt_private->pk_init_ctx->keyex = USE_ECDH; + free_AlgorithmIdentifier(&alg); + } } - ret = select_dh_group(context, opt->opt_private->pk_init_ctx->dh, - dh_min_bits, - opt->opt_private->pk_init_ctx->m); - if (ret) { - _krb5_get_init_creds_opt_free_pkinit(opt); - return ret; - } + } else { + opt->opt_private->pk_init_ctx->keyex = USE_RSA; - if (DH_generate_key(opt->opt_private->pk_init_ctx->dh) != 1) { - krb5_set_error_string(context, "pkinit: failed to generate DH key"); - _krb5_get_init_creds_opt_free_pkinit(opt); - return ENOMEM; + if (opt->opt_private->pk_init_ctx->id->certs == NULL) { + krb5_set_error_message(context, EINVAL, + N_("No anonymous pkinit support in RSA mode", "")); + return EINVAL; } } return 0; #else - krb5_set_error_string(context, "no support for PKINIT compiled in"); + krb5_set_error_message(context, EINVAL, + N_("no support for PKINIT compiled in", "")); return EINVAL; #endif } +krb5_error_code KRB5_LIB_FUNCTION +krb5_get_init_creds_opt_set_pkinit_user_certs(krb5_context context, + krb5_get_init_creds_opt *opt, + struct hx509_certs_data *certs) +{ +#ifdef PKINIT + if (opt->opt_private == NULL) { + krb5_set_error_message(context, EINVAL, + N_("PKINIT: on non extendable opt", "")); + return EINVAL; + } + if (opt->opt_private->pk_init_ctx == NULL) { + krb5_set_error_message(context, EINVAL, + N_("PKINIT: on pkinit context", "")); + return EINVAL; + } + + _krb5_pk_set_user_id(context, NULL, opt->opt_private->pk_init_ctx, certs); + + return 0; +#else + krb5_set_error_message(context, EINVAL, + N_("no support for PKINIT compiled in", "")); + return EINVAL; +#endif +} + +#ifdef PKINIT + +static int +get_ms_san(hx509_context context, hx509_cert cert, char **upn) +{ + hx509_octet_string_list list; + int ret; + + *upn = NULL; + + ret = hx509_cert_find_subjectAltName_otherName(context, + cert, + &asn1_oid_id_pkinit_ms_san, + &list); + if (ret) + return 0; + + if (list.len > 0 && list.val[0].length > 0) + ret = decode_MS_UPN_SAN(list.val[0].data, list.val[0].length, + upn, NULL); + else + ret = 1; + hx509_free_octet_string_list(&list); + + return ret; +} + +static int +find_ms_san(hx509_context context, hx509_cert cert, void *ctx) +{ + char *upn; + int ret; + + ret = get_ms_san(context, cert, &upn); + if (ret == 0) + free(upn); + return ret; +} + + + +#endif + /* - * + * Private since it need to be redesigned using krb5_get_init_creds() */ -static void -_krb5_pk_copy_error(krb5_context context, - hx509_context hx509ctx, - int hxret, - const char *fmt, - ...) +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_pk_enterprise_cert(krb5_context context, + const char *user_id, + krb5_const_realm realm, + krb5_principal *principal, + struct hx509_certs_data **res) { - va_list va; - char *s, *f; +#ifdef PKINIT + krb5_error_code ret; + hx509_certs certs, result; + hx509_cert cert = NULL; + hx509_query *q; + char *name; - va_start(va, fmt); - vasprintf(&f, fmt, va); - va_end(va); - if (f == NULL) { - krb5_clear_error_string(context); - return; + *principal = NULL; + if (res) + *res = NULL; + + if (user_id == NULL) { + krb5_set_error_message(context, ENOENT, "no user id"); + return ENOENT; } - s = hx509_get_error_string(hx509ctx, hxret); - if (s == NULL) { - krb5_clear_error_string(context); - free(f); - return; + ret = hx509_certs_init(context->hx509ctx, user_id, 0, NULL, &certs); + if (ret) { + pk_copy_error(context, context->hx509ctx, ret, + "Failed to init cert certs"); + goto out; } - krb5_set_error_string(context, "%s: %s", f, s); - free(s); - free(f); + + ret = hx509_query_alloc(context->hx509ctx, &q); + if (ret) { + krb5_set_error_message(context, ret, "out of memory"); + hx509_certs_free(&certs); + goto out; + } + + hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); + hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); + hx509_query_match_eku(q, &asn1_oid_id_pkinit_ms_eku); + hx509_query_match_cmp_func(q, find_ms_san, NULL); + + ret = hx509_certs_filter(context->hx509ctx, certs, q, &result); + hx509_query_free(context->hx509ctx, q); + hx509_certs_free(&certs); + if (ret) { + pk_copy_error(context, context->hx509ctx, ret, + "Failed to find PKINIT certificate"); + return ret; + } + + ret = hx509_get_one_cert(context->hx509ctx, result, &cert); + hx509_certs_free(&result); + if (ret) { + pk_copy_error(context, context->hx509ctx, ret, + "Failed to get one cert"); + goto out; + } + + ret = get_ms_san(context->hx509ctx, cert, &name); + if (ret) { + pk_copy_error(context, context->hx509ctx, ret, + "Failed to get MS SAN"); + goto out; + } + + ret = krb5_make_principal(context, principal, realm, name, NULL); + free(name); + if (ret) + goto out; + + krb5_principal_set_type(context, *principal, KRB5_NT_ENTERPRISE_PRINCIPAL); + + if (res) { + ret = hx509_certs_init(context->hx509ctx, "MEMORY:", 0, NULL, res); + if (ret) + goto out; + + ret = hx509_certs_add(context->hx509ctx, *res, cert); + if (ret) { + hx509_certs_free(res); + goto out; + } + } + + out: + hx509_cert_free(cert); + + return ret; +#else + krb5_set_error_message(context, EINVAL, + N_("no support for PKINIT compiled in", "")); + return EINVAL; +#endif } diff --git a/lib/krb5/plugin.c b/lib/krb5/plugin.c index bae28496aaf8..9303b6c615b7 100644 --- a/lib/krb5/plugin.c +++ b/lib/krb5/plugin.c @@ -1,38 +1,38 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: plugin.c 22033 2007-11-10 10:39:47Z lha $"); + #ifdef HAVE_DLFCN_H #include #endif @@ -40,21 +40,36 @@ RCSID("$Id: plugin.c 22033 2007-11-10 10:39:47Z lha $"); struct krb5_plugin { void *symbol; - void *dsohandle; struct krb5_plugin *next; }; struct plugin { - enum krb5_plugin_type type; - void *name; - void *symbol; + enum { DSO, SYMBOL } type; + union { + struct { + char *path; + void *dsohandle; + } dso; + struct { + enum krb5_plugin_type type; + char *name; + char *symbol; + } symbol; + } u; struct plugin *next; }; static HEIMDAL_MUTEX plugin_mutex = HEIMDAL_MUTEX_INITIALIZER; static struct plugin *registered = NULL; +static int plugins_needs_scan = 1; -static const char *plugin_dir = LIBDIR "/plugin/krb5"; +static const char *sysplugin_dirs[] = { + LIBDIR "/plugin/krb5", +#ifdef __APPLE__ + "/System/Library/KerberosPlugins/KerberosFrameworkPlugins", +#endif + NULL +}; /* * @@ -79,39 +94,30 @@ _krb5_plugin_get_next(struct krb5_plugin *p) #ifdef HAVE_DLOPEN static krb5_error_code -loadlib(krb5_context context, - enum krb5_plugin_type type, - const char *name, - const char *lib, - struct krb5_plugin **e) +loadlib(krb5_context context, char *path) { - *e = calloc(1, sizeof(**e)); - if (*e == NULL) { - krb5_set_error_string(context, "out of memory"); + struct plugin *e; + + e = calloc(1, sizeof(*e)); + if (e == NULL) { + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + free(path); return ENOMEM; } #ifndef RTLD_LAZY #define RTLD_LAZY 0 #endif +#ifndef RTLD_LOCAL +#define RTLD_LOCAL 0 +#endif + e->type = DSO; + /* ignore error from dlopen, and just keep it as negative cache entry */ + e->u.dso.dsohandle = dlopen(path, RTLD_LOCAL|RTLD_LAZY); + e->u.dso.path = path; - (*e)->dsohandle = dlopen(lib, RTLD_LAZY); - if ((*e)->dsohandle == NULL) { - free(*e); - *e = NULL; - krb5_set_error_string(context, "Failed to load %s: %s", - lib, dlerror()); - return ENOMEM; - } - - /* dlsym doesn't care about the type */ - (*e)->symbol = dlsym((*e)->dsohandle, name); - if ((*e)->symbol == NULL) { - dlclose((*e)->dsohandle); - free(*e); - krb5_clear_error_string(context); - return ENOMEM; - } + e->next = registered; + registered = e; return 0; } @@ -129,29 +135,43 @@ loadlib(krb5_context context, * @ingroup krb5_support */ -krb5_error_code +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_plugin_register(krb5_context context, enum krb5_plugin_type type, - const char *name, + const char *name, void *symbol) { struct plugin *e; + HEIMDAL_MUTEX_lock(&plugin_mutex); + + /* check for duplicates */ + for (e = registered; e != NULL; e = e->next) { + if (e->type == SYMBOL && + strcmp(e->u.symbol.name, name) == 0 && + e->u.symbol.type == type && e->u.symbol.symbol == symbol) { + HEIMDAL_MUTEX_unlock(&plugin_mutex); + return 0; + } + } + e = calloc(1, sizeof(*e)); if (e == NULL) { - krb5_set_error_string(context, "out of memory"); + HEIMDAL_MUTEX_unlock(&plugin_mutex); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } - e->type = type; - e->name = strdup(name); - if (e->name == NULL) { + e->type = SYMBOL; + e->u.symbol.type = type; + e->u.symbol.name = strdup(name); + if (e->u.symbol.name == NULL) { + HEIMDAL_MUTEX_unlock(&plugin_mutex); free(e); - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } - e->symbol = symbol; + e->u.symbol.symbol = symbol; - HEIMDAL_MUTEX_lock(&plugin_mutex); e->next = registered; registered = e; HEIMDAL_MUTEX_unlock(&plugin_mutex); @@ -159,95 +179,191 @@ krb5_plugin_register(krb5_context context, return 0; } -krb5_error_code -_krb5_plugin_find(krb5_context context, - enum krb5_plugin_type type, - const char *name, - struct krb5_plugin **list) +static int +is_valid_plugin_filename(const char * n) { - struct krb5_plugin *e; - struct plugin *p; + if (n[0] == '.' && (n[1] == '\0' || (n[1] == '.' && n[2] == '\0'))) + return 0; + +#ifdef _WIN32 + /* On Windows, we only attempt to load .dll files as plug-ins. */ + { + const char * ext; + + ext = strrchr(n, '.'); + if (ext == NULL) + return 0; + + return !stricmp(ext, ".dll"); + } +#else + return 1; +#endif +} + +static void +trim_trailing_slash(char * path) +{ + size_t l; + + l = strlen(path); + while (l > 0 && (path[l - 1] == '/' +#ifdef BACKSLASH_PATH_DELIM + || path[l - 1] == '\\' +#endif + )) { + path[--l] = '\0'; + } +} + +static krb5_error_code +load_plugins(krb5_context context) +{ + struct plugin *e; krb5_error_code ret; - char *sysdirs[2] = { NULL, NULL }; char **dirs = NULL, **di; struct dirent *entry; char *path; DIR *d = NULL; + if (!plugins_needs_scan) + return 0; + plugins_needs_scan = 0; + +#ifdef HAVE_DLOPEN + + dirs = krb5_config_get_strings(context, NULL, "libdefaults", + "plugin_dir", NULL); + if (dirs == NULL) + dirs = rk_UNCONST(sysplugin_dirs); + + for (di = dirs; *di != NULL; di++) { + char * dir = *di; + +#ifdef KRB5_USE_PATH_TOKENS + if (_krb5_expand_path_tokens(context, *di, &dir)) + goto next_dir; +#endif + + trim_trailing_slash(dir); + + d = opendir(dir); + + if (d == NULL) + goto next_dir; + + rk_cloexec_dir(d); + + while ((entry = readdir(d)) != NULL) { + char *n = entry->d_name; + + /* skip . and .. */ + if (!is_valid_plugin_filename(n)) + continue; + + path = NULL; + ret = 0; +#ifdef __APPLE__ + { /* support loading bundles on MacOS */ + size_t len = strlen(n); + if (len > 7 && strcmp(&n[len - 7], ".bundle") == 0) + ret = asprintf(&path, "%s/%s/Contents/MacOS/%.*s", dir, n, (int)(len - 7), n); + } +#endif + if (ret < 0 || path == NULL) + ret = asprintf(&path, "%s/%s", dir, n); + + if (ret < 0 || path == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, "malloc: out of memory"); + return ret; + } + + /* check if already tried */ + for (e = registered; e != NULL; e = e->next) + if (e->type == DSO && strcmp(e->u.dso.path, path) == 0) + break; + if (e) { + free(path); + } else { + loadlib(context, path); /* store or frees path */ + } + } + closedir(d); + + next_dir: + if (dir != *di) + free(dir); + } + if (dirs != rk_UNCONST(sysplugin_dirs)) + krb5_config_free_strings(dirs); +#endif /* HAVE_DLOPEN */ + return 0; +} + +static krb5_error_code +add_symbol(krb5_context context, struct krb5_plugin **list, void *symbol) +{ + struct krb5_plugin *e; + + e = calloc(1, sizeof(*e)); + if (e == NULL) { + krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + return ENOMEM; + } + e->symbol = symbol; + e->next = *list; + *list = e; + return 0; +} + +krb5_error_code +_krb5_plugin_find(krb5_context context, + enum krb5_plugin_type type, + const char *name, + struct krb5_plugin **list) +{ + struct plugin *e; + krb5_error_code ret; + *list = NULL; HEIMDAL_MUTEX_lock(&plugin_mutex); - for (p = registered; p != NULL; p = p->next) { - if (p->type != type || strcmp(p->name, name) != 0) - continue; + load_plugins(context); - e = calloc(1, sizeof(*e)); - if (e == NULL) { - HEIMDAL_MUTEX_unlock(&plugin_mutex); - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - e->symbol = p->symbol; - e->dsohandle = NULL; - e->next = *list; - *list = e; - } - HEIMDAL_MUTEX_unlock(&plugin_mutex); - -#ifdef HAVE_DLOPEN - - dirs = krb5_config_get_strings(context, NULL, "libdefaults", - "plugin_dir", NULL); - if (dirs == NULL) { - sysdirs[0] = rk_UNCONST(plugin_dir); - dirs = sysdirs; - } - - for (di = dirs; *di != NULL; di++) { - - d = opendir(*di); - if (d == NULL) - continue; - - while ((entry = readdir(d)) != NULL) { - asprintf(&path, "%s/%s", *di, entry->d_name); - if (path == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - ret = loadlib(context, type, name, path, &e); - free(path); - if (ret) + for (ret = 0, e = registered; e != NULL; e = e->next) { + switch(e->type) { + case DSO: { + void *sym; + if (e->u.dso.dsohandle == NULL) continue; - - e->next = *list; - *list = e; + sym = dlsym(e->u.dso.dsohandle, name); + if (sym) + ret = add_symbol(context, list, sym); + break; + } + case SYMBOL: + if (strcmp(e->u.symbol.name, name) == 0 && e->u.symbol.type == type) + ret = add_symbol(context, list, e->u.symbol.symbol); + break; + } + if (ret) { + _krb5_plugin_free(*list); + *list = NULL; } - closedir(d); } - if (dirs != sysdirs) - krb5_config_free_strings(dirs); -#endif /* HAVE_DLOPEN */ + + HEIMDAL_MUTEX_unlock(&plugin_mutex); + if (ret) + return ret; if (*list == NULL) { - krb5_set_error_string(context, "Did not find a plugin for %s", name); + krb5_set_error_message(context, ENOENT, "Did not find a plugin for %s", name); return ENOENT; } return 0; - -out: - if (dirs && dirs != sysdirs) - krb5_config_free_strings(dirs); - if (d) - closedir(d); - _krb5_plugin_free(*list); - *list = NULL; - - return ret; } void @@ -256,9 +372,264 @@ _krb5_plugin_free(struct krb5_plugin *list) struct krb5_plugin *next; while (list) { next = list->next; - if (list->dsohandle) - dlclose(list->dsohandle); free(list); list = next; } } +/* + * module - dict of { + * ModuleName = [ + * plugin = object{ + * array = { ptr, ctx } + * } + * ] + * } + */ + +static heim_dict_t modules; + +struct plugin2 { + heim_string_t path; + void *dsohandle; + heim_dict_t names; +}; + +static void +plug_dealloc(void *ptr) +{ + struct plugin2 *p = ptr; + heim_release(p->path); + heim_release(p->names); + if (p->dsohandle) + dlclose(p->dsohandle); +} + + +void +_krb5_load_plugins(krb5_context context, const char *name, const char **paths) +{ +#ifdef HAVE_DLOPEN + heim_string_t s = heim_string_create(name); + heim_dict_t module; + struct dirent *entry; + krb5_error_code ret; + const char **di; + DIR *d; + + HEIMDAL_MUTEX_lock(&plugin_mutex); + + if (modules == NULL) { + modules = heim_dict_create(11); + if (modules == NULL) { + HEIMDAL_MUTEX_unlock(&plugin_mutex); + return; + } + } + + module = heim_dict_copy_value(modules, s); + if (module == NULL) { + module = heim_dict_create(11); + if (module == NULL) { + HEIMDAL_MUTEX_unlock(&plugin_mutex); + heim_release(s); + return; + } + heim_dict_add_value(modules, s, module); + } + heim_release(s); + + for (di = paths; *di != NULL; di++) { + d = opendir(*di); + if (d == NULL) + continue; + rk_cloexec_dir(d); + + while ((entry = readdir(d)) != NULL) { + char *n = entry->d_name; + char *path = NULL; + heim_string_t spath; + struct plugin2 *p; + + /* skip . and .. */ + if (n[0] == '.' && (n[1] == '\0' || (n[1] == '.' && n[2] == '\0'))) + continue; + + ret = 0; +#ifdef __APPLE__ + { /* support loading bundles on MacOS */ + size_t len = strlen(n); + if (len > 7 && strcmp(&n[len - 7], ".bundle") == 0) + ret = asprintf(&path, "%s/%s/Contents/MacOS/%.*s", *di, n, (int)(len - 7), n); + } +#endif + if (ret < 0 || path == NULL) + ret = asprintf(&path, "%s/%s", *di, n); + + if (ret < 0 || path == NULL) + continue; + + spath = heim_string_create(n); + if (spath == NULL) { + free(path); + continue; + } + + /* check if already cached */ + p = heim_dict_copy_value(module, spath); + if (p == NULL) { + p = heim_alloc(sizeof(*p), "krb5-plugin", plug_dealloc); + if (p) + p->dsohandle = dlopen(path, RTLD_LOCAL|RTLD_LAZY); + + if (p->dsohandle) { + p->path = heim_retain(spath); + p->names = heim_dict_create(11); + heim_dict_add_value(module, spath, p); + } + } + heim_release(spath); + heim_release(p); + free(path); + } + closedir(d); + } + heim_release(module); + HEIMDAL_MUTEX_unlock(&plugin_mutex); +#endif /* HAVE_DLOPEN */ +} + +void +_krb5_unload_plugins(krb5_context context, const char *name) +{ + HEIMDAL_MUTEX_lock(&plugin_mutex); + heim_release(modules); + modules = NULL; + HEIMDAL_MUTEX_unlock(&plugin_mutex); +} + +/* + * + */ + +struct common_plugin_method { + int version; + krb5_error_code (*init)(krb5_context, void **); + void (*fini)(void *); +}; + +struct plug { + void *dataptr; + void *ctx; +}; + +static void +plug_free(void *ptr) +{ + struct plug *pl = ptr; + if (pl->dataptr) { + struct common_plugin_method *cpm = pl->dataptr; + cpm->fini(pl->ctx); + } +} + +struct iter_ctx { + krb5_context context; + heim_string_t n; + const char *name; + int min_version; + heim_array_t result; + krb5_error_code (*func)(krb5_context, const void *, void *, void *); + void *userctx; + krb5_error_code ret; +}; + +static void +search_modules(void *ctx, heim_object_t key, heim_object_t value) +{ + struct iter_ctx *s = ctx; + struct plugin2 *p = value; + struct plug *pl = heim_dict_copy_value(p->names, s->n); + struct common_plugin_method *cpm; + + if (pl == NULL) { + if (p->dsohandle == NULL) + return; + + pl = heim_alloc(sizeof(*pl), "struct-plug", plug_free); + + cpm = pl->dataptr = dlsym(p->dsohandle, s->name); + if (cpm) { + int ret; + + ret = cpm->init(s->context, &pl->ctx); + if (ret) + cpm = pl->dataptr = NULL; + } + heim_dict_add_value(p->names, s->n, pl); + } else { + cpm = pl->dataptr; + } + + if (cpm && cpm->version >= s->min_version) + heim_array_append_value(s->result, pl); + + heim_release(pl); +} + +static void +eval_results(heim_object_t value, void *ctx) +{ + struct plug *pl = value; + struct iter_ctx *s = ctx; + + if (s->ret != KRB5_PLUGIN_NO_HANDLE) + return; + + s->ret = s->func(s->context, pl->dataptr, pl->ctx, s->userctx); +} + +krb5_error_code +_krb5_plugin_run_f(krb5_context context, + const char *module, + const char *name, + int min_version, + int flags, + void *userctx, + krb5_error_code (*func)(krb5_context, const void *, void *, void *)) +{ + heim_string_t m = heim_string_create(module); + heim_dict_t dict; + struct iter_ctx s; + + HEIMDAL_MUTEX_lock(&plugin_mutex); + + dict = heim_dict_copy_value(modules, m); + heim_release(m); + if (dict == NULL) { + HEIMDAL_MUTEX_unlock(&plugin_mutex); + return KRB5_PLUGIN_NO_HANDLE; + } + + s.context = context; + s.name = name; + s.n = heim_string_create(name); + s.min_version = min_version; + s.result = heim_array_create(); + s.func = func; + s.userctx = userctx; + + heim_dict_iterate_f(dict, search_modules, &s); + + heim_release(dict); + + HEIMDAL_MUTEX_unlock(&plugin_mutex); + + s.ret = KRB5_PLUGIN_NO_HANDLE; + + heim_array_iterate_f(s.result, eval_results, &s); + + heim_release(s.result); + heim_release(s.n); + + return s.ret; +} diff --git a/lib/krb5/principal.c b/lib/krb5/principal.c index 8d9c8805415a..a10d2d079803 100644 --- a/lib/krb5/principal.c +++ b/lib/krb5/principal.c @@ -1,34 +1,50 @@ /* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/** + * @page krb5_principal_intro The principal handing functions. + * + * A Kerberos principal is a email address looking string that + * contains to parts separeted by a @. The later part is the kerbero + * realm the principal belongs to and the former is a list of 0 or + * more components. For example + * @verbatim +lha@SU.SE +host/hummel.it.su.se@SU.SE +host/admin@H5L.ORG +@endverbatim + * + * See the library functions here: @ref krb5_principal */ #include "krb5_locl.h" @@ -41,15 +57,26 @@ #include #include "resolve.h" -RCSID("$Id: principal.c 21741 2007-07-31 16:00:37Z lha $"); - #define princ_num_comp(P) ((P)->name.name_string.len) #define princ_type(P) ((P)->name.name_type) #define princ_comp(P) ((P)->name.name_string.val) #define princ_ncomp(P, N) ((P)->name.name_string.val[(N)]) #define princ_realm(P) ((P)->realm) -void KRB5_LIB_FUNCTION +/** + * Frees a Kerberos principal allocated by the library with + * krb5_parse_name(), krb5_make_principal() or any other related + * principal functions. + * + * @param context A Kerberos context. + * @param p a principal to free. + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_principal(krb5_context context, krb5_principal p) { @@ -59,7 +86,19 @@ krb5_free_principal(krb5_context context, } } -void KRB5_LIB_FUNCTION +/** + * Set the type of the principal + * + * @param context A Kerberos context. + * @param principal principal to set the type for + * @param type the new type + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_principal_set_type(krb5_context context, krb5_principal principal, int type) @@ -67,21 +106,43 @@ krb5_principal_set_type(krb5_context context, princ_type(principal) = type; } -int KRB5_LIB_FUNCTION +/** + * Get the type of the principal + * + * @param context A Kerberos context. + * @param principal principal to get the type for + * + * @return the type of principal + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_principal_get_type(krb5_context context, krb5_const_principal principal) { return princ_type(principal); } -const char* KRB5_LIB_FUNCTION +/** + * Get the realm of the principal + * + * @param context A Kerberos context. + * @param principal principal to get the realm for + * + * @return realm of the principal, don't free or use after krb5_principal is freed + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_principal_get_realm(krb5_context context, krb5_const_principal principal) { return princ_realm(principal); -} +} -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_principal_get_comp_string(krb5_context context, krb5_const_principal principal, unsigned int component) @@ -91,7 +152,38 @@ krb5_principal_get_comp_string(krb5_context context, return princ_ncomp(principal, component); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Get number of component is principal. + * + * @param context Kerberos 5 context + * @param principal principal to query + * + * @return number of components in string + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION unsigned int KRB5_LIB_CALL +krb5_principal_get_num_comp(krb5_context context, + krb5_const_principal principal) +{ + return princ_num_comp(principal); +} + +/** + * Parse a name into a krb5_principal structure, flags controls the behavior. + * + * @param context Kerberos 5 context + * @param name name to parse into a Kerberos principal + * @param flags flags to control the behavior + * @param principal returned principal, free with krb5_free_principal(). + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_name_flags(krb5_context context, const char *name, int flags, @@ -112,14 +204,15 @@ krb5_parse_name_flags(krb5_context context, int got_realm = 0; int first_at = 1; int enterprise = (flags & KRB5_PRINCIPAL_PARSE_ENTERPRISE); - + *principal = NULL; -#define RFLAGS (KRB5_PRINCIPAL_PARSE_NO_REALM|KRB5_PRINCIPAL_PARSE_MUST_REALM) +#define RFLAGS (KRB5_PRINCIPAL_PARSE_NO_REALM|KRB5_PRINCIPAL_PARSE_REQUIRE_REALM) if ((flags & RFLAGS) == RFLAGS) { - krb5_set_error_string(context, "Can't require both realm and " - "no realm at the same time"); + krb5_set_error_message(context, KRB5_ERR_NO_SERVICE, + N_("Can't require both realm and " + "no realm at the same time", "")); return KRB5_ERR_NO_SERVICE; } #undef RFLAGS @@ -132,8 +225,8 @@ krb5_parse_name_flags(krb5_context context, for(p = name; *p; p++){ if(*p=='\\'){ if(!p[1]) { - krb5_set_error_string (context, - "trailing \\ in principal name"); + krb5_set_error_message(context, KRB5_PARSE_MALFORMED, + N_("trailing \\ in principal name", "")); return KRB5_PARSE_MALFORMED; } p++; @@ -145,15 +238,17 @@ krb5_parse_name_flags(krb5_context context, } comp = calloc(ncomp, sizeof(*comp)); if (comp == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } - + n = 0; p = start = q = s = strdup(name); if (start == NULL) { free (comp); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } while(*p){ @@ -169,9 +264,9 @@ krb5_parse_name_flags(krb5_context context, else if(c == '0') c = '\0'; else if(c == '\0') { - krb5_set_error_string (context, - "trailing \\ in principal name"); ret = KRB5_PARSE_MALFORMED; + krb5_set_error_message(context, ret, + N_("trailing \\ in principal name", "")); goto exit; } }else if(enterprise && first_at) { @@ -179,15 +274,16 @@ krb5_parse_name_flags(krb5_context context, first_at = 0; }else if((c == '/' && !enterprise) || c == '@'){ if(got_realm){ - krb5_set_error_string (context, - "part after realm in principal name"); ret = KRB5_PARSE_MALFORMED; + krb5_set_error_message(context, ret, + N_("part after realm in principal name", "")); goto exit; }else{ comp[n] = malloc(q - start + 1); if (comp[n] == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto exit; } memcpy(comp[n], start, q - start); @@ -199,34 +295,37 @@ krb5_parse_name_flags(krb5_context context, start = q; continue; } - if(got_realm && (c == ':' || c == '/' || c == '\0')) { - krb5_set_error_string (context, - "part after realm in principal name"); + if(got_realm && (c == '/' || c == '\0')) { ret = KRB5_PARSE_MALFORMED; + krb5_set_error_message(context, ret, + N_("part after realm in principal name", "")); goto exit; } *q++ = c; } if(got_realm){ if (flags & KRB5_PRINCIPAL_PARSE_NO_REALM) { - krb5_set_error_string (context, "realm found in 'short' principal " - "expected to be without one"); ret = KRB5_PARSE_MALFORMED; + krb5_set_error_message(context, ret, + N_("realm found in 'short' principal " + "expected to be without one", "")); goto exit; } realm = malloc(q - start + 1); if (realm == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto exit; } memcpy(realm, start, q - start); realm[q - start] = 0; }else{ - if (flags & KRB5_PRINCIPAL_PARSE_MUST_REALM) { - krb5_set_error_string (context, "realm NOT found in principal " - "expected to be with one"); + if (flags & KRB5_PRINCIPAL_PARSE_REQUIRE_REALM) { ret = KRB5_PARSE_MALFORMED; + krb5_set_error_message(context, ret, + N_("realm NOT found in principal " + "expected to be with one", "")); goto exit; } else if (flags & KRB5_PRINCIPAL_PARSE_NO_REALM) { realm = NULL; @@ -238,8 +337,9 @@ krb5_parse_name_flags(krb5_context context, comp[n] = malloc(q - start + 1); if (comp[n] == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto exit; } memcpy(comp[n], start, q - start); @@ -248,8 +348,9 @@ krb5_parse_name_flags(krb5_context context, } *principal = malloc(sizeof(**principal)); if (*principal == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); ret = ENOMEM; + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto exit; } if (enterprise) @@ -271,7 +372,19 @@ krb5_parse_name_flags(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Parse a name into a krb5_principal structure + * + * @param context Kerberos 5 context + * @param name name to parse into a Kerberos principal + * @param principal returned principal, free with krb5_free_principal(). + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_name(krb5_context context, const char *name, krb5_principal *principal) @@ -313,14 +426,15 @@ unparse_name_fixed(krb5_context context, int flags) { size_t idx = 0; - int i; + size_t i; int short_form = (flags & KRB5_PRINCIPAL_UNPARSE_SHORT) != 0; int no_realm = (flags & KRB5_PRINCIPAL_UNPARSE_NO_REALM) != 0; int display = (flags & KRB5_PRINCIPAL_UNPARSE_DISPLAY) != 0; if (!no_realm && princ_realm(principal) == NULL) { - krb5_set_error_string(context, "Realm missing from principal, " - "can't unparse"); + krb5_set_error_message(context, ERANGE, + N_("Realm missing from principal, " + "can't unparse", "")); return ERANGE; } @@ -329,10 +443,11 @@ unparse_name_fixed(krb5_context context, add_char(name, idx, len, '/'); idx = quote_string(princ_ncomp(principal, i), name, idx, len, display); if(idx == len) { - krb5_set_error_string(context, "Out of space printing principal"); + krb5_set_error_message(context, ERANGE, + N_("Out of space printing principal", "")); return ERANGE; } - } + } /* add realm if different from default realm */ if(short_form && !no_realm) { krb5_realm r; @@ -348,15 +463,29 @@ unparse_name_fixed(krb5_context context, add_char(name, idx, len, '@'); idx = quote_string(princ_realm(principal), name, idx, len, display); if(idx == len) { - krb5_set_error_string(context, - "Out of space printing realm of principal"); + krb5_set_error_message(context, ERANGE, + N_("Out of space printing " + "realm of principal", "")); return ERANGE; } } return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Unparse the principal name to a fixed buffer + * + * @param context A Kerberos context. + * @param principal principal to unparse + * @param name buffer to write name to + * @param len length of buffer + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_fixed(krb5_context context, krb5_const_principal principal, char *name, @@ -365,17 +494,45 @@ krb5_unparse_name_fixed(krb5_context context, return unparse_name_fixed(context, principal, name, len, 0); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Unparse the principal name to a fixed buffer. The realm is skipped + * if its a default realm. + * + * @param context A Kerberos context. + * @param principal principal to unparse + * @param name buffer to write name to + * @param len length of buffer + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_fixed_short(krb5_context context, krb5_const_principal principal, char *name, size_t len) { - return unparse_name_fixed(context, principal, name, len, + return unparse_name_fixed(context, principal, name, len, KRB5_PRINCIPAL_UNPARSE_SHORT); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Unparse the principal name with unparse flags to a fixed buffer. + * + * @param context A Kerberos context. + * @param principal principal to unparse + * @param flags unparse flags + * @param name buffer to write name to + * @param len length of buffer + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_fixed_flags(krb5_context context, krb5_const_principal principal, int flags, @@ -392,7 +549,7 @@ unparse_name(krb5_context context, int flags) { size_t len = 0, plen; - int i; + size_t i; krb5_error_code ret; /* count length */ if (princ_realm(principal)) { @@ -415,7 +572,8 @@ unparse_name(krb5_context context, len++; /* '\0' */ *name = malloc(len); if(*name == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } ret = unparse_name_fixed(context, principal, *name, len, flags); @@ -426,7 +584,19 @@ unparse_name(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Unparse the Kerberos name into a string + * + * @param context Kerberos 5 context + * @param principal principal to query + * @param name resulting string, free with krb5_xfree() + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name(krb5_context context, krb5_const_principal principal, char **name) @@ -434,7 +604,20 @@ krb5_unparse_name(krb5_context context, return unparse_name(context, principal, name, 0); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Unparse the Kerberos name into a string + * + * @param context Kerberos 5 context + * @param principal principal to query + * @param flags flag to determine the behavior + * @param name resulting string, free with krb5_xfree() + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_flags(krb5_context context, krb5_const_principal principal, int flags, @@ -443,7 +626,20 @@ krb5_unparse_name_flags(krb5_context context, return unparse_name(context, principal, name, flags); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Unparse the principal name to a allocated buffer. The realm is + * skipped if its a default realm. + * + * @param context A Kerberos context. + * @param principal principal to unparse + * @param name returned buffer, free with krb5_xfree() + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_unparse_name_short(krb5_context context, krb5_const_principal principal, char **name) @@ -451,37 +647,52 @@ krb5_unparse_name_short(krb5_context context, return unparse_name(context, principal, name, KRB5_PRINCIPAL_UNPARSE_SHORT); } -#if 0 /* not implemented */ +/** + * Set a new realm for a principal, and as a side-effect free the + * previous realm. + * + * @param context A Kerberos context. + * @param principal principal set the realm for + * @param realm the new realm to set + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name_ext(krb5_context context, - krb5_const_principal principal, - char **name, - size_t *size) +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_principal_set_realm(krb5_context context, + krb5_principal principal, + krb5_const_realm realm) { - krb5_abortx(context, "unimplemented krb5_unparse_name_ext called"); + if (princ_realm(principal)) + free(princ_realm(principal)); + + princ_realm(principal) = strdup(realm); + if (princ_realm(principal) == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + return 0; } -#endif +#ifndef HEIMDAL_SMALLER +/** + * Build a principal using vararg style building + * + * @param context A Kerberos context. + * @param principal returned principal + * @param rlen length of realm + * @param realm realm name + * @param ... a list of components ended with NULL. + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ -krb5_realm * KRB5_LIB_FUNCTION -krb5_princ_realm(krb5_context context, - krb5_principal principal) -{ - return &princ_realm(principal); -} - - -void KRB5_LIB_FUNCTION -krb5_princ_set_realm(krb5_context context, - krb5_principal principal, - krb5_realm *realm) -{ - princ_realm(principal) = *realm; -} - - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_build_principal(krb5_context context, krb5_principal *principal, int rlen, @@ -495,9 +706,46 @@ krb5_build_principal(krb5_context context, va_end(ap); return ret; } +#endif + +/** + * Build a principal using vararg style building + * + * @param context A Kerberos context. + * @param principal returned principal + * @param realm realm name + * @param ... a list of components ended with NULL. + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_make_principal(krb5_context context, + krb5_principal *principal, + krb5_const_realm realm, + ...) +{ + krb5_error_code ret; + krb5_realm r = NULL; + va_list ap; + if(realm == NULL) { + ret = krb5_get_default_realm(context, &r); + if(ret) + return ret; + realm = r; + } + va_start(ap, realm); + ret = krb5_build_principal_va(context, principal, strlen(realm), realm, ap); + va_end(ap); + if(r) + free(r); + return ret; +} static krb5_error_code -append_component(krb5_context context, krb5_principal p, +append_component(krb5_context context, krb5_principal p, const char *comp, size_t comp_len) { @@ -506,13 +754,15 @@ append_component(krb5_context context, krb5_principal p, tmp = realloc(princ_comp(p), (len + 1) * sizeof(*tmp)); if(tmp == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } princ_comp(p) = tmp; princ_ncomp(p, len) = malloc(comp_len + 1); if (princ_ncomp(p, len) == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } memcpy (princ_ncomp(p, len), comp, comp_len); @@ -547,7 +797,6 @@ va_princ(krb5_context context, krb5_principal p, va_list ap) } } - static krb5_error_code build_principal(krb5_context context, krb5_principal *principal, @@ -557,10 +806,11 @@ build_principal(krb5_context context, va_list ap) { krb5_principal p; - + p = calloc(1, sizeof(*p)); if (p == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } princ_type(p) = KRB5_NT_PRINCIPAL; @@ -568,41 +818,19 @@ build_principal(krb5_context context, princ_realm(p) = strdup(realm); if(p->realm == NULL){ free(p); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } - + (*func)(context, p, ap); *principal = p; return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_make_principal(krb5_context context, - krb5_principal *principal, - krb5_const_realm realm, - ...) -{ - krb5_error_code ret; - krb5_realm r = NULL; - va_list ap; - if(realm == NULL) { - ret = krb5_get_default_realm(context, &r); - if(ret) - return ret; - realm = r; - } - va_start(ap, realm); - ret = krb5_build_principal_va(context, principal, strlen(realm), realm, ap); - va_end(ap); - if(r) - free(r); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_principal_va(krb5_context context, - krb5_principal *principal, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_build_principal_va(krb5_context context, + krb5_principal *principal, int rlen, krb5_const_realm realm, va_list ap) @@ -610,9 +838,9 @@ krb5_build_principal_va(krb5_context context, return build_principal(context, principal, rlen, realm, va_princ, ap); } -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_principal_va_ext(krb5_context context, - krb5_principal *principal, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_build_principal_va_ext(krb5_context context, + krb5_principal *principal, int rlen, krb5_const_realm realm, va_list ap) @@ -621,7 +849,7 @@ krb5_build_principal_va_ext(krb5_context context, } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_build_principal_ext(krb5_context context, krb5_principal *principal, int rlen, @@ -636,36 +864,60 @@ krb5_build_principal_ext(krb5_context context, return ret; } +/** + * Copy a principal + * + * @param context A Kerberos context. + * @param inprinc principal to copy + * @param outprinc copied principal, free with krb5_free_principal() + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal + */ -krb5_error_code KRB5_LIB_FUNCTION + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_principal(krb5_context context, krb5_const_principal inprinc, krb5_principal *outprinc) { krb5_principal p = malloc(sizeof(*p)); if (p == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } if(copy_Principal(inprinc, p)) { free(p); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } *outprinc = p; return 0; } -/* - * return TRUE iff princ1 == princ2 (without considering the realm) +/** + * Return TRUE iff princ1 == princ2 (without considering the realm) + * + * @param context Kerberos 5 context + * @param princ1 first principal to compare + * @param princ2 second principal to compare + * + * @return non zero if equal, 0 if not + * + * @ingroup krb5_principal + * @see krb5_principal_compare() + * @see krb5_realm_compare() */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_compare_any_realm(krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2) { - int i; + size_t i; if(princ_num_comp(princ1) != princ_num_comp(princ2)) return FALSE; for(i = 0; i < princ_num_comp(princ1); i++){ @@ -675,11 +927,40 @@ krb5_principal_compare_any_realm(krb5_context context, return TRUE; } +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +_krb5_principal_compare_PrincipalName(krb5_context context, + krb5_const_principal princ1, + PrincipalName *princ2) +{ + size_t i; + if (princ_num_comp(princ1) != princ2->name_string.len) + return FALSE; + for(i = 0; i < princ_num_comp(princ1); i++){ + if(strcmp(princ_ncomp(princ1, i), princ2->name_string.val[i]) != 0) + return FALSE; + } + return TRUE; +} + + +/** + * Compares the two principals, including realm of the principals and returns + * TRUE if they are the same and FALSE if not. + * + * @param context Kerberos 5 context + * @param princ1 first principal to compare + * @param princ2 second principal to compare + * + * @ingroup krb5_principal + * @see krb5_principal_compare_any_realm() + * @see krb5_realm_compare() + */ + /* * return TRUE iff princ1 == princ2 */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_compare(krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2) @@ -689,11 +970,19 @@ krb5_principal_compare(krb5_context context, return krb5_principal_compare_any_realm(context, princ1, princ2); } -/* +/** * return TRUE iff realm(princ1) == realm(princ2) + * + * @param context Kerberos 5 context + * @param princ1 first principal to compare + * @param princ2 second principal to compare + * + * @ingroup krb5_principal + * @see krb5_principal_compare_any_realm() + * @see krb5_principal_compare() */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_realm_compare(krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2) @@ -701,16 +990,18 @@ krb5_realm_compare(krb5_context context, return strcmp(princ_realm(princ1), princ_realm(princ2)) == 0; } -/* +/** * return TRUE iff princ matches pattern + * + * @ingroup krb5_principal */ -krb5_boolean KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_principal_match(krb5_context context, krb5_const_principal princ, krb5_const_principal pattern) { - int i; + size_t i; if(princ_num_comp(princ) != princ_num_comp(pattern)) return FALSE; if(fnmatch(princ_realm(pattern), princ_realm(princ), 0) != 0) @@ -722,461 +1013,23 @@ krb5_principal_match(krb5_context context, return TRUE; } - -static struct v4_name_convert { - const char *from; - const char *to; -} default_v4_name_convert[] = { - { "ftp", "ftp" }, - { "hprop", "hprop" }, - { "pop", "pop" }, - { "imap", "imap" }, - { "rcmd", "host" }, - { "smtp", "smtp" }, - { NULL, NULL } -}; - -/* - * return the converted instance name of `name' in `realm'. - * look in the configuration file and then in the default set above. - * return NULL if no conversion is appropriate. +/** + * Create a principal for the service running on hostname. If + * KRB5_NT_SRV_HST is used, the hostname is canonization using DNS (or + * some other service), this is potentially insecure. + * + * @param context A Kerberos context. + * @param hostname hostname to use + * @param sname Service name to use + * @param type name type of pricipal, use KRB5_NT_SRV_HST or KRB5_NT_UNKNOWN. + * @param ret_princ return principal, free with krb5_free_principal(). + * + * @return An krb5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_principal */ -static const char* -get_name_conversion(krb5_context context, const char *realm, const char *name) -{ - struct v4_name_convert *q; - const char *p; - - p = krb5_config_get_string(context, NULL, "realms", realm, - "v4_name_convert", "host", name, NULL); - if(p == NULL) - p = krb5_config_get_string(context, NULL, "libdefaults", - "v4_name_convert", "host", name, NULL); - if(p) - return p; - - /* XXX should be possible to override default list */ - p = krb5_config_get_string(context, NULL, - "realms", - realm, - "v4_name_convert", - "plain", - name, - NULL); - if(p) - return NULL; - p = krb5_config_get_string(context, NULL, - "libdefaults", - "v4_name_convert", - "plain", - name, - NULL); - if(p) - return NULL; - for(q = default_v4_name_convert; q->from; q++) - if(strcmp(q->from, name) == 0) - return q->to; - return NULL; -} - -/* - * convert the v4 principal `name.instance@realm' to a v5 principal in `princ'. - * if `resolve', use DNS. - * if `func', use that function for validating the conversion - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal_ext2(krb5_context context, - const char *name, - const char *instance, - const char *realm, - krb5_boolean (*func)(krb5_context, - void *, krb5_principal), - void *funcctx, - krb5_boolean resolve, - krb5_principal *princ) -{ - const char *p; - krb5_error_code ret; - krb5_principal pr; - char host[MAXHOSTNAMELEN]; - char local_hostname[MAXHOSTNAMELEN]; - - /* do the following: if the name is found in the - `v4_name_convert:host' part, is assumed to be a `host' type - principal, and the instance is looked up in the - `v4_instance_convert' part. if not found there the name is - (optionally) looked up as a hostname, and if that doesn't yield - anything, the `default_domain' is appended to the instance - */ - - if(instance == NULL) - goto no_host; - if(instance[0] == 0){ - instance = NULL; - goto no_host; - } - p = get_name_conversion(context, realm, name); - if(p == NULL) - goto no_host; - name = p; - p = krb5_config_get_string(context, NULL, "realms", realm, - "v4_instance_convert", instance, NULL); - if(p){ - instance = p; - ret = krb5_make_principal(context, &pr, realm, name, instance, NULL); - if(func == NULL || (*func)(context, funcctx, pr)){ - *princ = pr; - return 0; - } - krb5_free_principal(context, pr); - *princ = NULL; - krb5_clear_error_string (context); - return HEIM_ERR_V4_PRINC_NO_CONV; - } - if(resolve){ - krb5_boolean passed = FALSE; - char *inst = NULL; -#ifdef USE_RESOLVER - struct dns_reply *r; - - r = dns_lookup(instance, "aaaa"); - if (r) { - if (r->head && r->head->type == T_AAAA) { - inst = strdup(r->head->domain); - passed = TRUE; - } - dns_free_data(r); - } else { - r = dns_lookup(instance, "a"); - if (r) { - if(r->head && r->head->type == T_A) { - inst = strdup(r->head->domain); - passed = TRUE; - } - dns_free_data(r); - } - } -#else - struct addrinfo hints, *ai; - - memset (&hints, 0, sizeof(hints)); - hints.ai_flags = AI_CANONNAME; - ret = getaddrinfo(instance, NULL, &hints, &ai); - if (ret == 0) { - const struct addrinfo *a; - for (a = ai; a != NULL; a = a->ai_next) { - if (a->ai_canonname != NULL) { - inst = strdup (a->ai_canonname); - passed = TRUE; - break; - } - } - freeaddrinfo (ai); - } -#endif - if (passed) { - if (inst == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - strlwr(inst); - ret = krb5_make_principal(context, &pr, realm, name, inst, - NULL); - free (inst); - if(ret == 0) { - if(func == NULL || (*func)(context, funcctx, pr)){ - *princ = pr; - return 0; - } - krb5_free_principal(context, pr); - } - } - } - if(func != NULL) { - snprintf(host, sizeof(host), "%s.%s", instance, realm); - strlwr(host); - ret = krb5_make_principal(context, &pr, realm, name, host, NULL); - if((*func)(context, funcctx, pr)){ - *princ = pr; - return 0; - } - krb5_free_principal(context, pr); - } - - /* - * if the instance is the first component of the local hostname, - * the converted host should be the long hostname. - */ - - if (func == NULL && - gethostname (local_hostname, sizeof(local_hostname)) == 0 && - strncmp(instance, local_hostname, strlen(instance)) == 0 && - local_hostname[strlen(instance)] == '.') { - strlcpy(host, local_hostname, sizeof(host)); - goto local_host; - } - - { - char **domains, **d; - domains = krb5_config_get_strings(context, NULL, "realms", realm, - "v4_domains", NULL); - for(d = domains; d && *d; d++){ - snprintf(host, sizeof(host), "%s.%s", instance, *d); - ret = krb5_make_principal(context, &pr, realm, name, host, NULL); - if(func == NULL || (*func)(context, funcctx, pr)){ - *princ = pr; - krb5_config_free_strings(domains); - return 0; - } - krb5_free_principal(context, pr); - } - krb5_config_free_strings(domains); - } - - - p = krb5_config_get_string(context, NULL, "realms", realm, - "default_domain", NULL); - if(p == NULL){ - /* this should be an error, just faking a name is not good */ - krb5_clear_error_string (context); - return HEIM_ERR_V4_PRINC_NO_CONV; - } - - if (*p == '.') - ++p; - snprintf(host, sizeof(host), "%s.%s", instance, p); -local_host: - ret = krb5_make_principal(context, &pr, realm, name, host, NULL); - if(func == NULL || (*func)(context, funcctx, pr)){ - *princ = pr; - return 0; - } - krb5_free_principal(context, pr); - krb5_clear_error_string (context); - return HEIM_ERR_V4_PRINC_NO_CONV; -no_host: - p = krb5_config_get_string(context, NULL, - "realms", - realm, - "v4_name_convert", - "plain", - name, - NULL); - if(p == NULL) - p = krb5_config_get_string(context, NULL, - "libdefaults", - "v4_name_convert", - "plain", - name, - NULL); - if(p) - name = p; - - ret = krb5_make_principal(context, &pr, realm, name, instance, NULL); - if(func == NULL || (*func)(context, funcctx, pr)){ - *princ = pr; - return 0; - } - krb5_free_principal(context, pr); - krb5_clear_error_string (context); - return HEIM_ERR_V4_PRINC_NO_CONV; -} - -static krb5_boolean -convert_func(krb5_context conxtext, void *funcctx, krb5_principal principal) -{ - krb5_boolean (*func)(krb5_context, krb5_principal) = funcctx; - return (*func)(conxtext, principal); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal_ext(krb5_context context, - const char *name, - const char *instance, - const char *realm, - krb5_boolean (*func)(krb5_context, krb5_principal), - krb5_boolean resolve, - krb5_principal *principal) -{ - return krb5_425_conv_principal_ext2(context, - name, - instance, - realm, - func ? convert_func : NULL, - func, - resolve, - principal); -} - - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal(krb5_context context, - const char *name, - const char *instance, - const char *realm, - krb5_principal *princ) -{ - krb5_boolean resolve = krb5_config_get_bool(context, - NULL, - "libdefaults", - "v4_instance_resolve", - NULL); - - return krb5_425_conv_principal_ext(context, name, instance, realm, - NULL, resolve, princ); -} - - -static int -check_list(const krb5_config_binding *l, const char *name, const char **out) -{ - while(l){ - if (l->type != krb5_config_string) - continue; - if(strcmp(name, l->u.string) == 0) { - *out = l->name; - return 1; - } - l = l->next; - } - return 0; -} - -static int -name_convert(krb5_context context, const char *name, const char *realm, - const char **out) -{ - const krb5_config_binding *l; - l = krb5_config_get_list (context, - NULL, - "realms", - realm, - "v4_name_convert", - "host", - NULL); - if(l && check_list(l, name, out)) - return KRB5_NT_SRV_HST; - l = krb5_config_get_list (context, - NULL, - "libdefaults", - "v4_name_convert", - "host", - NULL); - if(l && check_list(l, name, out)) - return KRB5_NT_SRV_HST; - l = krb5_config_get_list (context, - NULL, - "realms", - realm, - "v4_name_convert", - "plain", - NULL); - if(l && check_list(l, name, out)) - return KRB5_NT_UNKNOWN; - l = krb5_config_get_list (context, - NULL, - "libdefaults", - "v4_name_convert", - "host", - NULL); - if(l && check_list(l, name, out)) - return KRB5_NT_UNKNOWN; - - /* didn't find it in config file, try built-in list */ - { - struct v4_name_convert *q; - for(q = default_v4_name_convert; q->from; q++) { - if(strcmp(name, q->to) == 0) { - *out = q->from; - return KRB5_NT_SRV_HST; - } - } - } - return -1; -} - -/* - * convert the v5 principal in `principal' into a v4 corresponding one - * in `name, instance, realm' - * this is limited interface since there's no length given for these - * three parameters. They have to be 40 bytes each (ANAME_SZ). - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_524_conv_principal(krb5_context context, - const krb5_principal principal, - char *name, - char *instance, - char *realm) -{ - const char *n, *i, *r; - char tmpinst[40]; - int type = princ_type(principal); - const int aname_sz = 40; - - r = principal->realm; - - switch(principal->name.name_string.len){ - case 1: - n = principal->name.name_string.val[0]; - i = ""; - break; - case 2: - n = principal->name.name_string.val[0]; - i = principal->name.name_string.val[1]; - break; - default: - krb5_set_error_string (context, - "cannot convert a %d component principal", - principal->name.name_string.len); - return KRB5_PARSE_MALFORMED; - } - - { - const char *tmp; - int t = name_convert(context, n, r, &tmp); - if(t >= 0) { - type = t; - n = tmp; - } - } - - if(type == KRB5_NT_SRV_HST){ - char *p; - - strlcpy (tmpinst, i, sizeof(tmpinst)); - p = strchr(tmpinst, '.'); - if(p) - *p = 0; - i = tmpinst; - } - - if (strlcpy (name, n, aname_sz) >= aname_sz) { - krb5_set_error_string (context, - "too long name component to convert"); - return KRB5_PARSE_MALFORMED; - } - if (strlcpy (instance, i, aname_sz) >= aname_sz) { - krb5_set_error_string (context, - "too long instance component to convert"); - return KRB5_PARSE_MALFORMED; - } - if (strlcpy (realm, r, aname_sz) >= aname_sz) { - krb5_set_error_string (context, - "too long realm component to convert"); - return KRB5_PARSE_MALFORMED; - } - return 0; -} - -/* - * Create a principal in `ret_princ' for the service `sname' running - * on host `hostname'. */ - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sname_to_principal (krb5_context context, const char *hostname, const char *sname, @@ -1186,14 +1039,22 @@ krb5_sname_to_principal (krb5_context context, krb5_error_code ret; char localhost[MAXHOSTNAMELEN]; char **realms, *host = NULL; - + if(type != KRB5_NT_SRV_HST && type != KRB5_NT_UNKNOWN) { - krb5_set_error_string (context, "unsupported name type %d", - type); + krb5_set_error_message(context, KRB5_SNAME_UNSUPP_NAMETYPE, + N_("unsupported name type %d", ""), + (int)type); return KRB5_SNAME_UNSUPP_NAMETYPE; } if(hostname == NULL) { - gethostname(localhost, sizeof(localhost)); + ret = gethostname(localhost, sizeof(localhost) - 1); + if (ret != 0) { + ret = errno; + krb5_set_error_message(context, ret, + N_("Failed to get local hostname", "")); + return ret; + } + localhost[sizeof(localhost) - 1] = '\0'; hostname = localhost; } if(sname == NULL) @@ -1235,20 +1096,41 @@ static const struct { { "ENT_PRINCIPAL_AND_ID", KRB5_NT_ENT_PRINCIPAL_AND_ID }, { "MS_PRINCIPAL", KRB5_NT_MS_PRINCIPAL }, { "MS_PRINCIPAL_AND_ID", KRB5_NT_MS_PRINCIPAL_AND_ID }, - { NULL } + { NULL, 0 } }; -krb5_error_code +/** + * Parse nametype string and return a nametype integer + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_parse_nametype(krb5_context context, const char *str, int32_t *nametype) { size_t i; - + for(i = 0; nametypes[i].type; i++) { if (strcasecmp(nametypes[i].type, str) == 0) { *nametype = nametypes[i].value; return 0; } } - krb5_set_error_string(context, "Failed to find name type %s", str); + krb5_set_error_message(context, KRB5_PARSE_MALFORMED, + N_("Failed to find name type %s", ""), str); return KRB5_PARSE_MALFORMED; } + +/** + * Check if the cname part of the principal is a krbtgt principal + * + * @ingroup krb5_principal + */ + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL +krb5_principal_is_krbtgt(krb5_context context, krb5_const_principal p) +{ + return p->name.name_string.len == 2 && + strcmp(p->name.name_string.val[0], KRB5_TGS_NAME) == 0; + +} diff --git a/lib/krb5/prog_setup.c b/lib/krb5/prog_setup.c index 0586155ac461..21afbf8d1037 100644 --- a/lib/krb5/prog_setup.c +++ b/lib/krb5/prog_setup.c @@ -1,53 +1,51 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" #include #include -RCSID("$Id: prog_setup.c 15470 2005-06-17 04:29:41Z lha $"); - -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_std_usage(int code, struct getargs *args, int num_args) { arg_printusage(args, num_args, NULL, ""); exit(code); } -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_program_setup(krb5_context *context, int argc, char **argv, - struct getargs *args, int num_args, - void (*usage)(int, struct getargs*, int)) + struct getargs *args, int num_args, + void (KRB5_LIB_CALL *usage)(int, struct getargs*, int)) { krb5_error_code ret; int optidx = 0; @@ -59,7 +57,7 @@ krb5_program_setup(krb5_context *context, int argc, char **argv, ret = krb5_init_context(context); if (ret) errx (1, "krb5_init_context failed: %d", ret); - + if(getarg(args, num_args, argc, argv, &optidx)) (*usage)(1, args, num_args); return optidx; diff --git a/lib/krb5/prompter_posix.c b/lib/krb5/prompter_posix.c index e0f407fb247e..1bf748c51231 100644 --- a/lib/krb5/prompter_posix.c +++ b/lib/krb5/prompter_posix.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: prompter_posix.c 13863 2004-05-25 21:46:46Z lha $"); - -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_CALLCONV krb5_prompter_posix (krb5_context context, void *data, const char *name, diff --git a/lib/krb5/rd_cred.c b/lib/krb5/rd_cred.c index c3f732201f3d..c08547112b27 100644 --- a/lib/krb5/rd_cred.c +++ b/lib/krb5/rd_cred.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include - -RCSID("$Id: rd_cred.c 20304 2007-04-11 11:15:05Z lha $"); +#include "krb5_locl.h" static krb5_error_code compare_addrs(krb5_context context, @@ -49,11 +47,12 @@ compare_addrs(krb5_context context, krb5_print_address (a, a_str, sizeof(a_str), &len); krb5_print_address (b, b_str, sizeof(b_str), &len); - krb5_set_error_string(context, "%s: %s != %s", message, b_str, a_str); + krb5_set_error_message(context, KRB5KRB_AP_ERR_BADADDR, + "%s: %s != %s", message, b_str, a_str); return KRB5KRB_AP_ERR_BADADDR; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_cred(krb5_context context, krb5_auth_context auth_context, krb5_data *in_data, @@ -66,43 +65,44 @@ krb5_rd_cred(krb5_context context, EncKrbCredPart enc_krb_cred_part; krb5_data enc_krb_cred_part_data; krb5_crypto crypto; - int i; + size_t i; memset(&enc_krb_cred_part, 0, sizeof(enc_krb_cred_part)); + krb5_data_zero(&enc_krb_cred_part_data); - if ((auth_context->flags & + if ((auth_context->flags & (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && outdata == NULL) return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */ *ret_creds = NULL; - ret = decode_KRB_CRED(in_data->data, in_data->length, + ret = decode_KRB_CRED(in_data->data, in_data->length, &cred, &len); if(ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } if (cred.pvno != 5) { ret = KRB5KRB_AP_ERR_BADVERSION; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto out; } if (cred.msg_type != krb_cred) { ret = KRB5KRB_AP_ERR_MSG_TYPE; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto out; } - if (cred.enc_part.etype == ETYPE_NULL) { + if (cred.enc_part.etype == ETYPE_NULL) { /* DK: MIT GSS-API Compatibility */ enc_krb_cred_part_data.length = cred.enc_part.cipher.length; enc_krb_cred_part_data.data = cred.enc_part.cipher.data; } else { /* Try both subkey and session key. - * + * * RFC4120 claims we should use the session key, but Heimdal * before 0.8 used the remote subkey if it was send in the * auth_context. @@ -119,12 +119,12 @@ krb5_rd_cred(krb5_context context, KRB5_KU_KRB_CRED, &cred.enc_part, &enc_krb_cred_part_data); - + krb5_crypto_destroy(context, crypto); } - /* - * If there was not subkey, or we failed using subkey, + /* + * If there was not subkey, or we failed using subkey, * retry using the session key */ if (auth_context->remote_subkey == NULL || ret == KRB5KRB_AP_ERR_BAD_INTEGRITY) @@ -135,28 +135,31 @@ krb5_rd_cred(krb5_context context, if (ret) goto out; - + ret = krb5_decrypt_EncryptedData(context, crypto, KRB5_KU_KRB_CRED, &cred.enc_part, &enc_krb_cred_part_data); - + krb5_crypto_destroy(context, crypto); } if (ret) goto out; } - ret = krb5_decode_EncKrbCredPart (context, - enc_krb_cred_part_data.data, - enc_krb_cred_part_data.length, - &enc_krb_cred_part, - &len); + ret = decode_EncKrbCredPart(enc_krb_cred_part_data.data, + enc_krb_cred_part_data.length, + &enc_krb_cred_part, + &len); if (enc_krb_cred_part_data.data != cred.enc_part.cipher.data) krb5_data_free(&enc_krb_cred_part_data); - if (ret) + if (ret) { + krb5_set_error_message(context, ret, + N_("Failed to decode " + "encrypte credential part", "")); goto out; + } /* check sender address */ @@ -172,8 +175,9 @@ krb5_rd_cred(krb5_context context, goto out; - ret = compare_addrs(context, a, enc_krb_cred_part.s_address, - "sender address is wrong in received creds"); + ret = compare_addrs(context, a, enc_krb_cred_part.s_address, + N_("sender address is wrong " + "in received creds", "")); krb5_free_address(context, a); free(a); if(ret) @@ -192,9 +196,10 @@ krb5_rd_cred(krb5_context context, auth_context->local_port); if (ret) goto out; - - ret = compare_addrs(context, a, enc_krb_cred_part.r_address, - "receiver address is wrong in received creds"); + + ret = compare_addrs(context, a, enc_krb_cred_part.r_address, + N_("receiver address is wrong " + "in received creds", "")); krb5_free_address(context, a); free(a); if(ret) @@ -202,7 +207,8 @@ krb5_rd_cred(krb5_context context, } else { ret = compare_addrs(context, auth_context->local_address, enc_krb_cred_part.r_address, - "receiver address is wrong in received creds"); + N_("receiver address is wrong " + "in received creds", "")); if(ret) goto out; } @@ -218,13 +224,13 @@ krb5_rd_cred(krb5_context context, enc_krb_cred_part.usec == NULL || abs(*enc_krb_cred_part.timestamp - sec) > context->max_skew) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); ret = KRB5KRB_AP_ERR_SKEW; goto out; } } - if ((auth_context->flags & + if ((auth_context->flags & (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE))) { /* if these fields are not present in the cred-part, silently return zero */ @@ -236,15 +242,16 @@ krb5_rd_cred(krb5_context context, if(enc_krb_cred_part.nonce) outdata->seq = *enc_krb_cred_part.nonce; } - + /* Convert to NULL terminated list of creds */ - *ret_creds = calloc(enc_krb_cred_part.ticket_info.len + 1, + *ret_creds = calloc(enc_krb_cred_part.ticket_info.len + 1, sizeof(**ret_creds)); if (*ret_creds == NULL) { ret = ENOMEM; - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto out; } @@ -255,11 +262,12 @@ krb5_rd_cred(krb5_context context, creds = calloc(1, sizeof(*creds)); if(creds == NULL) { ret = ENOMEM; - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto out; } - ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length, + ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length, &cred.tickets.val[i], &len, ret); if (ret) { free(creds); @@ -292,9 +300,9 @@ krb5_rd_cred(krb5_context context, krb5_copy_addresses (context, kci->caddr, &creds->addresses); - + (*ret_creds)[i] = creds; - + } (*ret_creds)[i] = NULL; @@ -315,7 +323,7 @@ krb5_rd_cred(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_cred2 (krb5_context context, krb5_auth_context auth_context, krb5_ccache ccache, diff --git a/lib/krb5/rd_error.c b/lib/krb5/rd_error.c index e7646467afdb..d778c68cd63b 100644 --- a/lib/krb5/rd_error.c +++ b/lib/krb5/rd_error.c @@ -1,59 +1,57 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: rd_error.c 21057 2007-06-12 17:22:31Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_error(krb5_context context, const krb5_data *msg, KRB_ERROR *result) { - + size_t len; krb5_error_code ret; ret = decode_KRB_ERROR(msg->data, msg->length, result, &len); if(ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } result->error_code += KRB5KDC_ERR_NONE; return 0; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_error_contents (krb5_context context, krb5_error *error) { @@ -61,7 +59,7 @@ krb5_free_error_contents (krb5_context context, memset(error, 0, sizeof(*error)); } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_error (krb5_context context, krb5_error *error) { @@ -69,7 +67,7 @@ krb5_free_error (krb5_context context, free (error); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_error_from_rd_error(krb5_context context, const krb5_error *error, const krb5_creds *creds) @@ -78,7 +76,7 @@ krb5_error_from_rd_error(krb5_context context, ret = error->error_code; if (error->e_text != NULL) { - krb5_set_error_string(context, "%s", *error->e_text); + krb5_set_error_message(context, ret, "%s", *error->e_text); } else { char clientname[256], servername[256]; @@ -91,31 +89,35 @@ krb5_error_from_rd_error(krb5_context context, switch (ret) { case KRB5KDC_ERR_NAME_EXP : - krb5_set_error_string(context, "Client %s%s%s expired", - creds ? "(" : "", - creds ? clientname : "", - creds ? ")" : ""); + krb5_set_error_message(context, ret, + N_("Client %s%s%s expired", ""), + creds ? "(" : "", + creds ? clientname : "", + creds ? ")" : ""); break; case KRB5KDC_ERR_SERVICE_EXP : - krb5_set_error_string(context, "Server %s%s%s expired", - creds ? "(" : "", - creds ? servername : "", - creds ? ")" : ""); + krb5_set_error_message(context, ret, + N_("Server %s%s%s expired", ""), + creds ? "(" : "", + creds ? servername : "", + creds ? ")" : ""); break; case KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN : - krb5_set_error_string(context, "Client %s%s%s unknown", - creds ? "(" : "", - creds ? clientname : "", - creds ? ")" : ""); + krb5_set_error_message(context, ret, + N_("Client %s%s%s unknown", ""), + creds ? "(" : "", + creds ? clientname : "", + creds ? ")" : ""); break; case KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN : - krb5_set_error_string(context, "Server %s%s%s unknown", - creds ? "(" : "", - creds ? servername : "", - creds ? ")" : ""); + krb5_set_error_message(context, ret, + N_("Server %s%s%s unknown", ""), + creds ? "(" : "", + creds ? servername : "", + creds ? ")" : ""); break; default : - krb5_clear_error_string(context); + krb5_clear_error_message(context); break; } } diff --git a/lib/krb5/rd_priv.c b/lib/krb5/rd_priv.c index ed7a2ccc5278..8a46195b694f 100644 --- a/lib/krb5/rd_priv.c +++ b/lib/krb5/rd_priv.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" -RCSID("$Id: rd_priv.c 21751 2007-07-31 20:42:20Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_priv(krb5_context context, krb5_auth_context auth_context, const krb5_data *inbuf, @@ -50,29 +48,33 @@ krb5_rd_priv(krb5_context context, krb5_keyblock *key; krb5_crypto crypto; - if (outbuf) - krb5_data_zero(outbuf); + krb5_data_zero(outbuf); - if ((auth_context->flags & - (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && - outdata == NULL) { - krb5_clear_error_string (context); - return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */ + if ((auth_context->flags & + (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE))) + { + if (outdata == NULL) { + krb5_clear_error_message (context); + return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */ + } + /* if these fields are not present in the priv-part, silently + return zero */ + memset(outdata, 0, sizeof(*outdata)); } memset(&priv, 0, sizeof(priv)); ret = decode_KRB_PRIV (inbuf->data, inbuf->length, &priv, &len); if (ret) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto failure; } if (priv.pvno != 5) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); ret = KRB5KRB_AP_ERR_BADVERSION; goto failure; } if (priv.msg_type != krb_priv) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); ret = KRB5KRB_AP_ERR_MSG_TYPE; goto failure; } @@ -93,16 +95,16 @@ krb5_rd_priv(krb5_context context, &priv.enc_part, &plain); krb5_crypto_destroy(context, crypto); - if (ret) + if (ret) goto failure; ret = decode_EncKrbPrivPart (plain.data, plain.length, &part, &len); krb5_data_free (&plain); if (ret) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto failure; } - + /* check sender address */ if (part.s_address @@ -110,7 +112,7 @@ krb5_rd_priv(krb5_context context, && !krb5_address_compare (context, auth_context->remote_address, part.s_address)) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); ret = KRB5KRB_AP_ERR_BADADDR; goto failure_part; } @@ -122,7 +124,7 @@ krb5_rd_priv(krb5_context context, && !krb5_address_compare (context, auth_context->local_address, part.r_address)) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); ret = KRB5KRB_AP_ERR_BADADDR; goto failure_part; } @@ -135,7 +137,7 @@ krb5_rd_priv(krb5_context context, if (part.timestamp == NULL || part.usec == NULL || abs(*part.timestamp - sec) > context->max_skew) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); ret = KRB5KRB_AP_ERR_SKEW; goto failure_part; } @@ -152,7 +154,7 @@ krb5_rd_priv(krb5_context context, && auth_context->remote_seqnumber != 0) || (part.seq_number != NULL && *part.seq_number != auth_context->remote_seqnumber)) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); ret = KRB5KRB_AP_ERR_BADORDER; goto failure_part; } @@ -163,11 +165,8 @@ krb5_rd_priv(krb5_context context, if (ret) goto failure_part; - if ((auth_context->flags & + if ((auth_context->flags & (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE))) { - /* if these fields are not present in the priv-part, silently - return zero */ - memset(outdata, 0, sizeof(*outdata)); if(part.timestamp) outdata->timestamp = *part.timestamp; if(part.usec) diff --git a/lib/krb5/rd_rep.c b/lib/krb5/rd_rep.c index 8c9b7bb441d7..391d81c191b8 100644 --- a/lib/krb5/rd_rep.c +++ b/lib/krb5/rd_rep.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include +#include "krb5_locl.h" -RCSID("$Id: rd_rep.c 17890 2006-08-21 09:19:22Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_rep(krb5_context context, krb5_auth_context auth_context, const krb5_data *inbuf, @@ -48,27 +46,26 @@ krb5_rd_rep(krb5_context context, krb5_crypto crypto; krb5_data_zero (&data); - ret = 0; ret = decode_AP_REP(inbuf->data, inbuf->length, &ap_rep, &len); if (ret) return ret; if (ap_rep.pvno != 5) { ret = KRB5KRB_AP_ERR_BADVERSION; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto out; } if (ap_rep.msg_type != krb_ap_rep) { ret = KRB5KRB_AP_ERR_MSG_TYPE; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto out; } ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); if (ret) goto out; - ret = krb5_decrypt_EncryptedData (context, - crypto, + ret = krb5_decrypt_EncryptedData (context, + crypto, KRB5_KU_AP_REQ_ENC_PART, &ap_rep.enc_part, &data); @@ -79,25 +76,23 @@ krb5_rd_rep(krb5_context context, *repl = malloc(sizeof(**repl)); if (*repl == NULL) { ret = ENOMEM; - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); goto out; } - ret = krb5_decode_EncAPRepPart(context, - data.data, - data.length, - *repl, - &len); - if (ret) + ret = decode_EncAPRepPart(data.data, data.length, *repl, &len); + if (ret) { + krb5_set_error_message(context, ret, N_("Failed to decode EncAPRepPart", "")); return ret; - - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { + } + + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { if ((*repl)->ctime != auth_context->authenticator->ctime || - (*repl)->cusec != auth_context->authenticator->cusec) + (*repl)->cusec != auth_context->authenticator->cusec) { krb5_free_ap_rep_enc_part(context, *repl); *repl = NULL; ret = KRB5KRB_AP_ERR_MUT_FAIL; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto out; } } @@ -106,14 +101,14 @@ krb5_rd_rep(krb5_context context, *((*repl)->seq_number)); if ((*repl)->subkey) krb5_auth_con_setremotesubkey(context, auth_context, (*repl)->subkey); - + out: krb5_data_free (&data); free_AP_REP (&ap_rep); return ret; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_free_ap_rep_enc_part (krb5_context context, krb5_ap_rep_enc_part *val) { diff --git a/lib/krb5/rd_req.c b/lib/krb5/rd_req.c index 0f33b9716454..21daeb596b55 100644 --- a/lib/krb5/rd_req.c +++ b/lib/krb5/rd_req.c @@ -1,39 +1,38 @@ + /* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include - -RCSID("$Id: rd_req.c 22235 2007-12-08 21:52:07Z lha $"); +#include "krb5_locl.h" static krb5_error_code decrypt_tkt_enc_part (krb5_context context, @@ -58,8 +57,11 @@ decrypt_tkt_enc_part (krb5_context context, if (ret) return ret; - ret = krb5_decode_EncTicketPart(context, plain.data, plain.length, - decr_part, &len); + ret = decode_EncTicketPart(plain.data, plain.length, decr_part, &len); + if (ret) + krb5_set_error_message(context, ret, + N_("Failed to decode encrypted " + "ticket part", "")); krb5_data_free (&plain); return ret; } @@ -95,13 +97,13 @@ decrypt_authenticator (krb5_context context, if (ret) return ret; - ret = krb5_decode_Authenticator(context, plain.data, plain.length, - authenticator, &len); + ret = decode_Authenticator(plain.data, plain.length, + authenticator, &len); krb5_data_free (&plain); return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decode_ap_req(krb5_context context, const krb5_data *inbuf, krb5_ap_req *ap_req) @@ -113,17 +115,17 @@ krb5_decode_ap_req(krb5_context context, return ret; if (ap_req->pvno != 5){ free_AP_REQ(ap_req); - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5KRB_AP_ERR_BADVERSION; } if (ap_req->msg_type != krb_ap_req){ free_AP_REQ(ap_req); - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5KRB_AP_ERR_MSG_TYPE; } if (ap_req->ticket.tkt_vno != 5){ free_AP_REQ(ap_req); - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5KRB_AP_ERR_BADVERSION; } return 0; @@ -133,10 +135,10 @@ static krb5_error_code check_transited(krb5_context context, Ticket *ticket, EncTicketPart *enc) { char **realms; - int num_realms; + unsigned int num_realms, n; krb5_error_code ret; - - /* + + /* * Windows 2000 and 2003 uses this inside their TGT so it's normaly * not seen by others, however, samba4 joined with a Windows AD as * a Domain Controller gets exposed to this. @@ -150,15 +152,17 @@ check_transited(krb5_context context, Ticket *ticket, EncTicketPart *enc) if(enc->transited.contents.length == 0) return 0; - ret = krb5_domain_x500_decode(context, enc->transited.contents, - &realms, &num_realms, + ret = krb5_domain_x500_decode(context, enc->transited.contents, + &realms, &num_realms, enc->crealm, ticket->realm); if(ret) return ret; - ret = krb5_check_transited(context, enc->crealm, - ticket->realm, + ret = krb5_check_transited(context, enc->crealm, + ticket->realm, realms, num_realms, NULL); + for (n = 0; n < num_realms; n++) + free(realms[n]); free(realms); return ret; } @@ -173,7 +177,7 @@ find_etypelist(krb5_context context, krb5_authdata adIfRelevant; unsigned i; - adIfRelevant.len = 0; + memset(&adIfRelevant, 0, sizeof(adIfRelevant)); etypes->len = 0; etypes->val = NULL; @@ -209,14 +213,14 @@ find_etypelist(krb5_context context, etypes, NULL); if (ret) - krb5_clear_error_string(context); + krb5_clear_error_message(context); free_AD_IF_RELEVANT(&adIfRelevant); return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_decrypt_ticket(krb5_context context, Ticket *ticket, krb5_keyblock *key, @@ -228,7 +232,7 @@ krb5_decrypt_ticket(krb5_context context, ret = decrypt_tkt_enc_part (context, key, &ticket->enc_part, &t); if (ret) return ret; - + { krb5_timestamp now; time_t start = t.authtime; @@ -240,15 +244,15 @@ krb5_decrypt_ticket(krb5_context context, || (t.flags.invalid && !(flags & KRB5_VERIFY_AP_REQ_IGNORE_INVALID))) { free_EncTicketPart(&t); - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5KRB_AP_ERR_TKT_NYV; } if(now - t.endtime > context->max_skew) { free_EncTicketPart(&t); - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5KRB_AP_ERR_TKT_EXPIRED; } - + if(!t.flags.transited_policy_checked) { ret = check_transited(context, ticket, &t); if(ret) { @@ -257,7 +261,7 @@ krb5_decrypt_ticket(krb5_context context, } } } - + if(out) *out = t; else @@ -265,7 +269,7 @@ krb5_decrypt_ticket(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_authenticator_checksum(krb5_context context, krb5_auth_context ac, void *data, @@ -275,7 +279,7 @@ krb5_verify_authenticator_checksum(krb5_context context, krb5_keyblock *key; krb5_authenticator authenticator; krb5_crypto crypto; - + ret = krb5_auth_con_getauthenticator (context, ac, &authenticator); @@ -307,7 +311,7 @@ krb5_verify_authenticator_checksum(krb5_context context, } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_ap_req(krb5_context context, krb5_auth_context *auth_context, krb5_ap_req *ap_req, @@ -328,7 +332,7 @@ krb5_verify_ap_req(krb5_context context, KRB5_KU_AP_REQ_AUTH); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_ap_req2(krb5_context context, krb5_auth_context *auth_context, krb5_ap_req *ap_req, @@ -343,7 +347,7 @@ krb5_verify_ap_req2(krb5_context context, krb5_auth_context ac; krb5_error_code ret; EtypeList etypes; - + if (ticket) *ticket = NULL; @@ -358,42 +362,37 @@ krb5_verify_ap_req2(krb5_context context, t = calloc(1, sizeof(*t)); if (t == NULL) { ret = ENOMEM; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto out; } if (ap_req->ap_options.use_session_key && ac->keyblock){ - ret = krb5_decrypt_ticket(context, &ap_req->ticket, - ac->keyblock, + ret = krb5_decrypt_ticket(context, &ap_req->ticket, + ac->keyblock, &t->ticket, flags); krb5_free_keyblock(context, ac->keyblock); ac->keyblock = NULL; }else - ret = krb5_decrypt_ticket(context, &ap_req->ticket, - keyblock, + ret = krb5_decrypt_ticket(context, &ap_req->ticket, + keyblock, &t->ticket, flags); - + if(ret) goto out; ret = _krb5_principalname2krb5_principal(context, &t->server, - ap_req->ticket.sname, + ap_req->ticket.sname, ap_req->ticket.realm); if (ret) goto out; ret = _krb5_principalname2krb5_principal(context, &t->client, - t->ticket.cname, + t->ticket.cname, t->ticket.crealm); if (ret) goto out; - /* save key */ - - ret = krb5_copy_keyblock(context, &t->ticket.key, &ac->keyblock); - if (ret) goto out; - ret = decrypt_authenticator (context, &t->ticket.key, &ap_req->authenticator, @@ -405,13 +404,13 @@ krb5_verify_ap_req2(krb5_context context, { krb5_principal p1, p2; krb5_boolean res; - + _krb5_principalname2krb5_principal(context, &p1, ac->authenticator->cname, ac->authenticator->crealm); _krb5_principalname2krb5_principal(context, - &p2, + &p2, t->ticket.cname, t->ticket.crealm); res = krb5_principal_compare (context, p1, p2); @@ -419,7 +418,7 @@ krb5_verify_ap_req2(krb5_context context, krb5_free_principal (context, p2); if (!res) { ret = KRB5KRB_AP_ERR_BADMATCH; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto out; } } @@ -432,7 +431,7 @@ krb5_verify_ap_req2(krb5_context context, ac->remote_address, t->ticket.caddr)) { ret = KRB5KRB_AP_ERR_BADADDR; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto out; } @@ -444,7 +443,7 @@ krb5_verify_ap_req2(krb5_context context, if (abs(ac->authenticator->ctime - now) > context->max_skew) { ret = KRB5KRB_AP_ERR_SKEW; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto out; } } @@ -469,7 +468,7 @@ krb5_verify_ap_req2(krb5_context context, ac->keytype = ETYPE_NULL; if (etypes.val) { - int i; + size_t i; for (i = 0; i < etypes.len; i++) { if (krb5_enctype_valid(context, etypes.val[i]) == 0) { @@ -479,6 +478,10 @@ krb5_verify_ap_req2(krb5_context context, } } + /* save key */ + ret = krb5_copy_keyblock(context, &t->ticket.key, &ac->keyblock); + if (ret) goto out; + if (ap_req_options) { *ap_req_options = 0; if (ac->keytype != ETYPE_NULL) @@ -507,7 +510,7 @@ krb5_verify_ap_req2(krb5_context context, krb5_auth_con_free (context, ac); return ret; } - + /* * */ @@ -522,47 +525,72 @@ struct krb5_rd_req_out_ctx_data { krb5_keyblock *keyblock; krb5_flags ap_req_options; krb5_ticket *ticket; + krb5_principal server; }; -/* +/** + * Allocate a krb5_rd_req_in_ctx as an input parameter to + * krb5_rd_req_ctx(). The caller should free the context with + * krb5_rd_req_in_ctx_free() when done with the context. * + * @param context Keberos 5 context. + * @param ctx in ctx to krb5_rd_req_ctx(). + * + * @return Kerberos 5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_auth */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_ctx_alloc(krb5_context context, krb5_rd_req_in_ctx *ctx) { *ctx = calloc(1, sizeof(**ctx)); if (*ctx == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } (*ctx)->check_pac = (context->flags & KRB5_CTX_F_CHECK_PAC) ? 1 : 0; return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_in_set_keytab(krb5_context context, +/** + * Set the keytab that krb5_rd_req_ctx() will use. + * + * @param context Keberos 5 context. + * @param in in ctx to krb5_rd_req_ctx(). + * @param keytab keytab that krb5_rd_req_ctx() will use, only copy the + * pointer, so the caller must free they keytab after + * krb5_rd_req_in_ctx_free() is called. + * + * @return Kerberos 5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_auth + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_rd_req_in_set_keytab(krb5_context context, krb5_rd_req_in_ctx in, krb5_keytab keytab) { - in->keytab = keytab; /* XXX should make copy */ + in->keytab = keytab; return 0; } /** * Set if krb5_rq_red() is going to check the Windows PAC or not - * + * * @param context Keberos 5 context. * @param in krb5_rd_req_in_ctx to check the option on. * @param flag flag to select if to check the pac (TRUE) or not (FALSE). * * @return Kerberos 5 error code, see krb5_get_error_message(). * - * @ingroup krb5 + * @ingroup krb5_auth */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_in_set_pac_check(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_rd_req_in_set_pac_check(krb5_context context, krb5_rd_req_in_ctx in, krb5_boolean flag) { @@ -571,8 +599,8 @@ krb5_rd_req_in_set_pac_check(krb5_context context, } -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_in_set_keyblock(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_rd_req_in_set_keyblock(krb5_context context, krb5_rd_req_in_ctx in, krb5_keyblock *keyblock) { @@ -580,8 +608,8 @@ krb5_rd_req_in_set_keyblock(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_out_get_ap_req_options(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_rd_req_out_get_ap_req_options(krb5_context context, krb5_rd_req_out_ctx out, krb5_flags *ap_req_options) { @@ -589,43 +617,66 @@ krb5_rd_req_out_get_ap_req_options(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_out_get_ticket(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_rd_req_out_get_ticket(krb5_context context, krb5_rd_req_out_ctx out, krb5_ticket **ticket) { return krb5_copy_ticket(context, out->ticket, ticket); } -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_out_get_keyblock(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_rd_req_out_get_keyblock(krb5_context context, krb5_rd_req_out_ctx out, krb5_keyblock **keyblock) { return krb5_copy_keyblock(context, out->keyblock, keyblock); } -void KRB5_LIB_FUNCTION +/** + * Get the principal that was used in the request from the + * client. Might not match whats in the ticket if krb5_rd_req_ctx() + * searched in the keytab for a matching key. + * + * @param context a Kerberos 5 context. + * @param out a krb5_rd_req_out_ctx from krb5_rd_req_ctx(). + * @param principal return principal, free with krb5_free_principal(). + * + * @ingroup krb5_auth + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_rd_req_out_get_server(krb5_context context, + krb5_rd_req_out_ctx out, + krb5_principal *principal) +{ + return krb5_copy_principal(context, out->server, principal); +} + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_rd_req_in_ctx_free(krb5_context context, krb5_rd_req_in_ctx ctx) { free(ctx); } -krb5_error_code KRB5_LIB_FUNCTION -_krb5_rd_req_out_ctx_alloc(krb5_context context, krb5_rd_req_out_ctx *ctx) -{ - *ctx = calloc(1, sizeof(**ctx)); - if (*ctx == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} +/** + * Free the krb5_rd_req_out_ctx. + * + * @param context Keberos 5 context. + * @param ctx krb5_rd_req_out_ctx context to free. + * + * @ingroup krb5_auth + */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_rd_req_out_ctx_free(krb5_context context, krb5_rd_req_out_ctx ctx) { - krb5_free_keyblock(context, ctx->keyblock); + if (ctx->ticket) + krb5_free_ticket(context, ctx->ticket); + if (ctx->keyblock) + krb5_free_keyblock(context, ctx->keyblock); + if (ctx->server) + krb5_free_principal(context, ctx->server); free(ctx); } @@ -633,7 +684,7 @@ krb5_rd_req_out_ctx_free(krb5_context context, krb5_rd_req_out_ctx ctx) * */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req(krb5_context context, krb5_auth_context *auth_context, const krb5_data *inbuf, @@ -649,7 +700,7 @@ krb5_rd_req(krb5_context context, ret = krb5_rd_req_in_ctx_alloc(context, &in); if (ret) return ret; - + ret = krb5_rd_req_in_set_keytab(context, in, keytab); if (ret) { krb5_rd_req_in_ctx_free(context, in); @@ -678,7 +729,7 @@ krb5_rd_req(krb5_context context, * */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_with_keyblock(krb5_context context, krb5_auth_context *auth_context, const krb5_data *inbuf, @@ -694,7 +745,7 @@ krb5_rd_req_with_keyblock(krb5_context context, ret = krb5_rd_req_in_ctx_alloc(context, &in); if (ret) return ret; - + ret = krb5_rd_req_in_set_keyblock(context, in, keyblock); if (ret) { krb5_rd_req_in_ctx_free(context, in); @@ -725,7 +776,6 @@ krb5_rd_req_with_keyblock(krb5_context context, static krb5_error_code get_key_from_keytab(krb5_context context, - krb5_auth_context *auth_context, krb5_ap_req *ap_req, krb5_const_principal server, krb5_keytab keytab, @@ -740,7 +790,7 @@ get_key_from_keytab(krb5_context context, krb5_kt_default(context, &real_keytab); else real_keytab = keytab; - + if (ap_req->ticket.enc_part.kvno) kvno = *ap_req->ticket.enc_part.kvno; else @@ -756,18 +806,38 @@ get_key_from_keytab(krb5_context context, goto out; ret = krb5_copy_keyblock(context, &entry.keyblock, out_key); krb5_kt_free_entry (context, &entry); -out: +out: if(keytab == NULL) krb5_kt_close(context, real_keytab); - + return ret; } -/* +/** + * The core server function that verify application authentication + * requests from clients. * + * @param context Keberos 5 context. + * @param auth_context the authentication context, can be NULL, then + * default values for the authentication context will used. + * @param inbuf the (AP-REQ) authentication buffer + * + * @param server the server with authenticate as, if NULL the function + * will try to find any available credential in the keytab + * that will verify the reply. The function will prefer the + * server the server client specified in the AP-REQ, but if + * there is no mach, it will try all keytab entries for a + * match. This have serious performance issues for larger keytabs. + * + * @param inctx control the behavior of the function, if NULL, the + * default behavior is used. + * @param outctx the return outctx, free with krb5_rd_req_out_ctx_free(). + * @return Kerberos 5 error code, see krb5_get_error_message(). + * + * @ingroup krb5_auth */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_ctx(krb5_context context, krb5_auth_context *auth_context, const krb5_data *inbuf, @@ -777,12 +847,18 @@ krb5_rd_req_ctx(krb5_context context, { krb5_error_code ret; krb5_ap_req ap_req; - krb5_principal service = NULL; krb5_rd_req_out_ctx o = NULL; + krb5_keytab id = NULL, keytab = NULL; + krb5_principal service = NULL; - ret = _krb5_rd_req_out_ctx_alloc(context, &o); - if (ret) - goto out; + *outctx = NULL; + + o = calloc(1, sizeof(*o)); + if (o == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } if (*auth_context == NULL) { ret = krb5_auth_con_init(context, auth_context); @@ -794,66 +870,171 @@ krb5_rd_req_ctx(krb5_context context, if(ret) goto out; - if(server == NULL){ - ret = _krb5_principalname2krb5_principal(context, - &service, - ap_req.ticket.sname, - ap_req.ticket.realm); - if (ret) - goto out; - server = service; - } + /* Save that principal that was in the request */ + ret = _krb5_principalname2krb5_principal(context, + &o->server, + ap_req.ticket.sname, + ap_req.ticket.realm); + if (ret) + goto out; + if (ap_req.ap_options.use_session_key && (*auth_context)->keyblock == NULL) { - krb5_set_error_string(context, "krb5_rd_req: user to user auth " - "without session key given"); ret = KRB5KRB_AP_ERR_NOKEY; + krb5_set_error_message(context, ret, + N_("krb5_rd_req: user to user auth " + "without session key given", "")); goto out; } + if (inctx && inctx->keytab) + id = inctx->keytab; + if((*auth_context)->keyblock){ ret = krb5_copy_keyblock(context, (*auth_context)->keyblock, &o->keyblock); if (ret) goto out; - } else if(inctx->keyblock){ + } else if(inctx && inctx->keyblock){ ret = krb5_copy_keyblock(context, inctx->keyblock, &o->keyblock); if (ret) goto out; } else { - krb5_keytab keytab = NULL; - if (inctx && inctx->keytab) - keytab = inctx->keytab; + if(id == NULL) { + krb5_kt_default(context, &keytab); + id = keytab; + } + if (id == NULL) + goto out; - ret = get_key_from_keytab(context, - auth_context, + if (server == NULL) { + ret = _krb5_principalname2krb5_principal(context, + &service, + ap_req.ticket.sname, + ap_req.ticket.realm); + if (ret) + goto out; + server = service; + } + + ret = get_key_from_keytab(context, &ap_req, server, - keytab, + id, &o->keyblock); - if(ret) - goto out; + if (ret) { + /* If caller specified a server, fail. */ + if (service == NULL && (context->flags & KRB5_CTX_F_RD_REQ_IGNORE) == 0) + goto out; + /* Otherwise, fall back to iterating over the keytab. This + * have serious performace issues for larger keytab. + */ + o->keyblock = NULL; + } } - ret = krb5_verify_ap_req2(context, - auth_context, - &ap_req, - server, - o->keyblock, - 0, - &o->ap_req_options, - &o->ticket, - KRB5_KU_AP_REQ_AUTH); + if (o->keyblock) { + /* + * We got an exact keymatch, use that. + */ - if (ret) - goto out; + ret = krb5_verify_ap_req2(context, + auth_context, + &ap_req, + server, + o->keyblock, + 0, + &o->ap_req_options, + &o->ticket, + KRB5_KU_AP_REQ_AUTH); + + if (ret) + goto out; + + } else { + /* + * Interate over keytab to find a key that can decrypt the request. + */ + + krb5_keytab_entry entry; + krb5_kt_cursor cursor; + int done = 0, kvno = 0; + + memset(&cursor, 0, sizeof(cursor)); + + if (ap_req.ticket.enc_part.kvno) + kvno = *ap_req.ticket.enc_part.kvno; + + ret = krb5_kt_start_seq_get(context, id, &cursor); + if (ret) + goto out; + + done = 0; + while (!done) { + krb5_principal p; + + ret = krb5_kt_next_entry(context, id, &entry, &cursor); + if (ret) { + _krb5_kt_principal_not_found(context, ret, id, o->server, + ap_req.ticket.enc_part.etype, + kvno); + goto out; + } + + if (entry.keyblock.keytype != ap_req.ticket.enc_part.etype) { + krb5_kt_free_entry (context, &entry); + continue; + } + + ret = krb5_verify_ap_req2(context, + auth_context, + &ap_req, + server, + &entry.keyblock, + 0, + &o->ap_req_options, + &o->ticket, + KRB5_KU_AP_REQ_AUTH); + if (ret) { + krb5_kt_free_entry (context, &entry); + continue; + } + + /* + * Found a match, save the keyblock for PAC processing, + * and update the service principal in the ticket to match + * whatever is in the keytab. + */ + + ret = krb5_copy_keyblock(context, + &entry.keyblock, + &o->keyblock); + if (ret) { + krb5_kt_free_entry (context, &entry); + goto out; + } + + ret = krb5_copy_principal(context, entry.principal, &p); + if (ret) { + krb5_kt_free_entry (context, &entry); + goto out; + } + krb5_free_principal(context, o->ticket->server); + o->ticket->server = p; + + krb5_kt_free_entry (context, &entry); + + done = 1; + } + krb5_kt_end_seq_get (context, id, &cursor); + } /* If there is a PAC, verify its server signature */ - if (inctx->check_pac) { + if (inctx == NULL || inctx->check_pac) { krb5_pac pac; krb5_data data; @@ -866,27 +1047,33 @@ krb5_rd_req_ctx(krb5_context context, krb5_data_free(&data); if (ret) goto out; - + ret = krb5_pac_verify(context, - pac, + pac, o->ticket->ticket.authtime, - o->ticket->client, - o->keyblock, + o->ticket->client, + o->keyblock, NULL); krb5_pac_free(context, pac); if (ret) goto out; - } - ret = 0; + } else + ret = 0; } out: + if (ret || outctx == NULL) { krb5_rd_req_out_ctx_free(context, o); - } else + } else *outctx = o; free_AP_REQ(&ap_req); - if(service) + + if (service) krb5_free_principal(context, service); + + if (keytab) + krb5_kt_close(context, keytab); + return ret; } diff --git a/lib/krb5/rd_safe.c b/lib/krb5/rd_safe.c index b2fb5c59d776..e62906b1f723 100644 --- a/lib/krb5/rd_safe.c +++ b/lib/krb5/rd_safe.c @@ -1,39 +1,37 @@ /* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#include - -RCSID("$Id: rd_safe.c 19827 2007-01-11 02:54:59Z lha $"); +#include "krb5_locl.h" static krb5_error_code verify_checksum(krb5_context context, @@ -43,7 +41,7 @@ verify_checksum(krb5_context context, krb5_error_code ret; u_char *buf; size_t buf_size; - size_t len; + size_t len = 0; Checksum c; krb5_crypto crypto; krb5_keyblock *key; @@ -82,7 +80,7 @@ verify_checksum(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_safe(krb5_context context, krb5_auth_context auth_context, const krb5_data *inbuf, @@ -93,33 +91,39 @@ krb5_rd_safe(krb5_context context, KRB_SAFE safe; size_t len; - if (outbuf) - krb5_data_zero(outbuf); + krb5_data_zero(outbuf); - if ((auth_context->flags & - (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && - outdata == NULL) { - krb5_set_error_string(context, "rd_safe: need outdata to return data"); - return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */ + if ((auth_context->flags & + (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE))) + { + if (outdata == NULL) { + krb5_set_error_message(context, KRB5_RC_REQUIRED, + N_("rd_safe: need outdata " + "to return data", "")); + return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */ + } + /* if these fields are not present in the safe-part, silently + return zero */ + memset(outdata, 0, sizeof(*outdata)); } ret = decode_KRB_SAFE (inbuf->data, inbuf->length, &safe, &len); - if (ret) + if (ret) return ret; if (safe.pvno != 5) { ret = KRB5KRB_AP_ERR_BADVERSION; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto failure; } if (safe.msg_type != krb_safe) { ret = KRB5KRB_AP_ERR_MSG_TYPE; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto failure; } if (!krb5_checksum_is_keyed(context, safe.cksum.cksumtype) || !krb5_checksum_is_collision_proof(context, safe.cksum.cksumtype)) { ret = KRB5KRB_AP_ERR_INAPP_CKSUM; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto failure; } @@ -131,7 +135,7 @@ krb5_rd_safe(krb5_context context, auth_context->remote_address, safe.safe_body.s_address)) { ret = KRB5KRB_AP_ERR_BADADDR; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto failure; } @@ -143,7 +147,7 @@ krb5_rd_safe(krb5_context context, auth_context->local_address, safe.safe_body.r_address)) { ret = KRB5KRB_AP_ERR_BADADDR; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto failure; } @@ -157,7 +161,7 @@ krb5_rd_safe(krb5_context context, safe.safe_body.usec == NULL || abs(*safe.safe_body.timestamp - sec) > context->max_skew) { ret = KRB5KRB_AP_ERR_SKEW; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto failure; } } @@ -174,7 +178,7 @@ krb5_rd_safe(krb5_context context, && *safe.safe_body.seq_number != auth_context->remote_seqnumber)) { ret = KRB5KRB_AP_ERR_BADORDER; - krb5_clear_error_string (context); + krb5_clear_error_message (context); goto failure; } auth_context->remote_seqnumber++; @@ -183,22 +187,20 @@ krb5_rd_safe(krb5_context context, ret = verify_checksum (context, auth_context, &safe); if (ret) goto failure; - + outbuf->length = safe.safe_body.user_data.length; outbuf->data = malloc(outbuf->length); if (outbuf->data == NULL && outbuf->length != 0) { ret = ENOMEM; - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); krb5_data_zero(outbuf); goto failure; } memcpy (outbuf->data, safe.safe_body.user_data.data, outbuf->length); - if ((auth_context->flags & + if ((auth_context->flags & (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE))) { - /* if these fields are not present in the safe-part, silently - return zero */ - memset(outdata, 0, sizeof(*outdata)); + if(safe.safe_body.timestamp) outdata->timestamp = *safe.safe_body.timestamp; if(safe.safe_body.usec) diff --git a/lib/krb5/read_message.c b/lib/krb5/read_message.c index 5e03507b66a5..4e9bd012dd67 100644 --- a/lib/krb5/read_message.c +++ b/lib/krb5/read_message.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: read_message.c 21750 2007-07-31 20:41:25Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_read_message (krb5_context context, krb5_pointer p_fd, krb5_data *data) @@ -49,29 +47,29 @@ krb5_read_message (krb5_context context, ret = krb5_net_read (context, p_fd, buf, 4); if(ret == -1) { ret = errno; - krb5_clear_error_string (context); + krb5_clear_error_message (context); return ret; } if(ret < 4) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return HEIM_ERR_EOF; } len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3]; ret = krb5_data_alloc (data, len); if (ret) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } if (krb5_net_read (context, p_fd, data->data, len) != len) { ret = errno; krb5_data_free (data); - krb5_clear_error_string (context); + krb5_clear_error_message (context); return ret; } return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_read_priv_message(krb5_context context, krb5_auth_context ac, krb5_pointer p_fd, @@ -88,7 +86,7 @@ krb5_read_priv_message(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_read_safe_message(krb5_context context, krb5_auth_context ac, krb5_pointer p_fd, diff --git a/lib/krb5/recvauth.c b/lib/krb5/recvauth.c index 03482851268c..78e98a10fc1b 100644 --- a/lib/krb5/recvauth.c +++ b/lib/krb5/recvauth.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: recvauth.c 20306 2007-04-11 11:15:55Z lha $"); - /* * See `sendauth.c' for the format. */ @@ -45,7 +43,7 @@ match_exact(const void *data, const char *appl_version) return strcmp(data, appl_version) == 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_recvauth(krb5_context context, krb5_auth_context *auth_context, krb5_pointer p_fd, @@ -61,11 +59,11 @@ krb5_recvauth(krb5_context context, keytab, ticket); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_recvauth_match_version(krb5_context context, krb5_auth_context *auth_context, krb5_pointer p_fd, - krb5_boolean (*match_appl_version)(const void *, + krb5_boolean (*match_appl_version)(const void *, const char*), const void *match_data, krb5_principal server, @@ -103,11 +101,12 @@ krb5_recvauth_match_version(krb5_context context, n = krb5_net_read (context, p_fd, &len, 4); if (n < 0) { ret = errno; - krb5_set_error_string (context, "read: %s", strerror(errno)); + krb5_set_error_message(context, ret, "read: %s", strerror(ret)); return ret; } if (n == 0) { - krb5_set_error_string (context, "Failed to receive sendauth data"); + krb5_set_error_message(context, KRB5_SENDAUTH_BADAUTHVERS, + N_("Failed to receive sendauth data", "")); return KRB5_SENDAUTH_BADAUTHVERS; } len = ntohl(len); @@ -116,7 +115,7 @@ krb5_recvauth_match_version(krb5_context context, || strncmp (version, her_version, len)) { repl = 1; krb5_net_write (context, p_fd, &repl, 1); - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_SENDAUTH_BADAUTHVERS; } } @@ -124,11 +123,11 @@ krb5_recvauth_match_version(krb5_context context, n = krb5_net_read (context, p_fd, &len, 4); if (n < 0) { ret = errno; - krb5_set_error_string (context, "read: %s", strerror(errno)); + krb5_set_error_message(context, ret, "read: %s", strerror(ret)); return ret; } if (n == 0) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_SENDAUTH_BADAPPLVERS; } len = ntohl(len); @@ -136,14 +135,16 @@ krb5_recvauth_match_version(krb5_context context, if (her_appl_version == NULL) { repl = 2; krb5_net_write (context, p_fd, &repl, 1); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } if (krb5_net_read (context, p_fd, her_appl_version, len) != len || !(*match_appl_version)(match_data, her_appl_version)) { repl = 2; krb5_net_write (context, p_fd, &repl, 1); - krb5_set_error_string (context, "wrong sendauth version (%s)", + krb5_set_error_message(context, KRB5_SENDAUTH_BADAPPLVERS, + N_("wrong sendauth version (%s)", ""), her_appl_version); free (her_appl_version); return KRB5_SENDAUTH_BADAPPLVERS; @@ -153,7 +154,7 @@ krb5_recvauth_match_version(krb5_context context, repl = 0; if (krb5_net_write (context, p_fd, &repl, 1) != 1) { ret = errno; - krb5_set_error_string (context, "write: %s", strerror(errno)); + krb5_set_error_message(context, ret, "write: %s", strerror(ret)); return ret; } @@ -188,23 +189,31 @@ krb5_recvauth_match_version(krb5_context context, krb5_data_free (&error_data); } return ret; - } + } len = 0; if (krb5_net_write (context, p_fd, &len, 4) != 4) { ret = errno; - krb5_set_error_string (context, "write: %s", strerror(errno)); + krb5_set_error_message(context, ret, "write: %s", strerror(ret)); + krb5_free_ticket(context, *ticket); + *ticket = NULL; return ret; } if (ap_options & AP_OPTS_MUTUAL_REQUIRED) { ret = krb5_mk_rep (context, *auth_context, &data); - if (ret) + if (ret) { + krb5_free_ticket(context, *ticket); + *ticket = NULL; return ret; + } ret = krb5_write_message (context, p_fd, &data); - if (ret) + if (ret) { + krb5_free_ticket(context, *ticket); + *ticket = NULL; return ret; + } krb5_data_free (&data); } return 0; diff --git a/lib/krb5/replay.c b/lib/krb5/replay.c index 12894d96a95e..965dd44437d9 100644 --- a/lib/krb5/replay.c +++ b/lib/krb5/replay.c @@ -1,78 +1,79 @@ /* - * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" #include -RCSID("$Id: replay.c 17047 2006-04-10 17:13:49Z lha $"); - struct krb5_rcache_data { char *name; }; -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_resolve(krb5_context context, krb5_rcache id, const char *name) { id->name = strdup(name); if(id->name == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_RC_MALLOC, + N_("malloc: out of memory", "")); return KRB5_RC_MALLOC; } return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_resolve_type(krb5_context context, krb5_rcache *id, const char *type) { *id = NULL; if(strcmp(type, "FILE")) { - krb5_set_error_string (context, "replay cache type %s not supported", - type); + krb5_set_error_message (context, KRB5_RC_TYPE_NOTFOUND, + N_("replay cache type %s not supported", ""), + type); return KRB5_RC_TYPE_NOTFOUND; } *id = calloc(1, sizeof(**id)); if(*id == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, KRB5_RC_MALLOC, + N_("malloc: out of memory", "")); return KRB5_RC_MALLOC; } return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_resolve_full(krb5_context context, krb5_rcache *id, const char *string_name) @@ -82,7 +83,8 @@ krb5_rc_resolve_full(krb5_context context, *id = NULL; if(strncmp(string_name, "FILE:", 5)) { - krb5_set_error_string (context, "replay cache type %s not supported", + krb5_set_error_message(context, KRB5_RC_TYPE_NOTFOUND, + N_("replay cache type %s not supported", ""), string_name); return KRB5_RC_TYPE_NOTFOUND; } @@ -97,19 +99,19 @@ krb5_rc_resolve_full(krb5_context context, return ret; } -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_rc_default_name(krb5_context context) { return "FILE:/var/run/default_rcache"; } -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_rc_default_type(krb5_context context) { return "FILE"; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_default(krb5_context context, krb5_rcache *id) { @@ -121,7 +123,7 @@ struct rc_entry{ unsigned char data[16]; }; -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_initialize(krb5_context context, krb5_rcache id, krb5_deltat auth_lifespan) @@ -131,9 +133,10 @@ krb5_rc_initialize(krb5_context context, int ret; if(f == NULL) { + char buf[128]; ret = errno; - krb5_set_error_string (context, "open(%s): %s", id->name, - strerror(ret)); + rk_strerror_r(ret, buf, sizeof(buf)); + krb5_set_error_message(context, ret, "open(%s): %s", id->name, buf); return ret; } tmp.stamp = auth_lifespan; @@ -142,29 +145,30 @@ krb5_rc_initialize(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_recover(krb5_context context, krb5_rcache id) { return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_destroy(krb5_context context, krb5_rcache id) { int ret; if(remove(id->name) < 0) { + char buf[128]; ret = errno; - krb5_set_error_string (context, "remove(%s): %s", id->name, - strerror(ret)); + rk_strerror_r(ret, buf, sizeof(buf)); + krb5_set_error_message(context, ret, "remove(%s): %s", id->name, buf); return ret; } return krb5_rc_close(context, id); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_close(krb5_context context, krb5_rcache id) { @@ -176,20 +180,23 @@ krb5_rc_close(krb5_context context, static void checksum_authenticator(Authenticator *auth, void *data) { - MD5_CTX md5; - int i; + EVP_MD_CTX *m = EVP_MD_CTX_create(); + unsigned i; - MD5_Init (&md5); - MD5_Update (&md5, auth->crealm, strlen(auth->crealm)); + EVP_DigestInit_ex(m, EVP_md5(), NULL); + + EVP_DigestUpdate(m, auth->crealm, strlen(auth->crealm)); for(i = 0; i < auth->cname.name_string.len; i++) - MD5_Update(&md5, auth->cname.name_string.val[i], + EVP_DigestUpdate(m, auth->cname.name_string.val[i], strlen(auth->cname.name_string.val[i])); - MD5_Update (&md5, &auth->ctime, sizeof(auth->ctime)); - MD5_Update (&md5, &auth->cusec, sizeof(auth->cusec)); - MD5_Final (data, &md5); + EVP_DigestUpdate(m, &auth->ctime, sizeof(auth->ctime)); + EVP_DigestUpdate(m, &auth->cusec, sizeof(auth->cusec)); + + EVP_DigestFinal_ex(m, data, NULL); + EVP_MD_CTX_destroy(m); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_store(krb5_context context, krb5_rcache id, krb5_donot_replay *rep) @@ -203,11 +210,13 @@ krb5_rc_store(krb5_context context, checksum_authenticator(rep, ent.data); f = fopen(id->name, "r"); if(f == NULL) { + char buf[128]; ret = errno; - krb5_set_error_string (context, "open(%s): %s", id->name, - strerror(ret)); + rk_strerror_r(ret, buf, sizeof(buf)); + krb5_set_error_message(context, ret, "open(%s): %s", id->name, buf); return ret; } + rk_cloexec_file(f); fread(&tmp, sizeof(ent), 1, f); t = ent.stamp - tmp.stamp; while(fread(&tmp, sizeof(ent), 1, f)){ @@ -215,21 +224,26 @@ krb5_rc_store(krb5_context context, continue; if(memcmp(tmp.data, ent.data, sizeof(ent.data)) == 0){ fclose(f); - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_RC_REPLAY; } } if(ferror(f)){ + char buf[128]; ret = errno; fclose(f); - krb5_set_error_string (context, "%s: %s", id->name, strerror(ret)); + rk_strerror_r(ret, buf, sizeof(buf)); + krb5_set_error_message(context, ret, "%s: %s", + id->name, buf); return ret; } fclose(f); f = fopen(id->name, "a"); if(f == NULL) { - krb5_set_error_string (context, "open(%s): %s", id->name, - strerror(errno)); + char buf[128]; + rk_strerror_r(errno, buf, sizeof(buf)); + krb5_set_error_message(context, KRB5_RC_IO_UNKNOWN, + "open(%s): %s", id->name, buf); return KRB5_RC_IO_UNKNOWN; } fwrite(&ent, 1, sizeof(ent), f); @@ -237,14 +251,14 @@ krb5_rc_store(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_expunge(krb5_context context, krb5_rcache id) { return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rc_get_lifespan(krb5_context context, krb5_rcache id, krb5_deltat *auth_lifespan) @@ -258,27 +272,27 @@ krb5_rc_get_lifespan(krb5_context context, *auth_lifespan = ent.stamp; return 0; } - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_RC_IO_UNKNOWN; } -const char* KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_rc_get_name(krb5_context context, krb5_rcache id) { return id->name; } - -const char* KRB5_LIB_FUNCTION + +KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL krb5_rc_get_type(krb5_context context, krb5_rcache id) { return "FILE"; } - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_server_rcache(krb5_context context, - const krb5_data *piece, + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_server_rcache(krb5_context context, + const krb5_data *piece, krb5_rcache *id) { krb5_rcache rcache; @@ -288,18 +302,20 @@ krb5_get_server_rcache(krb5_context context, char *name; if(tmp == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } strvisx(tmp, piece->data, piece->length, VIS_WHITE | VIS_OCTAL); #ifdef HAVE_GETEUID - asprintf(&name, "FILE:rc_%s_%u", tmp, (unsigned)geteuid()); + ret = asprintf(&name, "FILE:rc_%s_%u", tmp, (unsigned)geteuid()); #else - asprintf(&name, "FILE:rc_%s", tmp); + ret = asprintf(&name, "FILE:rc_%s", tmp); #endif free(tmp); - if(name == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + if(ret < 0 || name == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } diff --git a/lib/krb5/salt-aes.c b/lib/krb5/salt-aes.c new file mode 100644 index 000000000000..32dafd68cb88 --- /dev/null +++ b/lib/krb5/salt-aes.c @@ -0,0 +1,103 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +int _krb5_AES_string_to_default_iterator = 4096; + +static krb5_error_code +AES_string_to_key(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_data opaque, + krb5_keyblock *key) +{ + krb5_error_code ret; + uint32_t iter; + struct _krb5_encryption_type *et; + struct _krb5_key_data kd; + + if (opaque.length == 0) + iter = _krb5_AES_string_to_default_iterator; + else if (opaque.length == 4) { + unsigned long v; + _krb5_get_int(opaque.data, &v, 4); + iter = ((uint32_t)v); + } else + return KRB5_PROG_KEYTYPE_NOSUPP; /* XXX */ + + et = _krb5_find_enctype(enctype); + if (et == NULL) + return KRB5_PROG_KEYTYPE_NOSUPP; + + kd.schedule = NULL; + ALLOC(kd.key, 1); + if(kd.key == NULL) { + krb5_set_error_message (context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + kd.key->keytype = enctype; + ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); + if (ret) { + krb5_set_error_message (context, ret, N_("malloc: out of memory", "")); + return ret; + } + + ret = PKCS5_PBKDF2_HMAC_SHA1(password.data, password.length, + salt.saltvalue.data, salt.saltvalue.length, + iter, + et->keytype->size, kd.key->keyvalue.data); + if (ret != 1) { + _krb5_free_key_data(context, &kd, et); + krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP, + "Error calculating s2k"); + return KRB5_PROG_KEYTYPE_NOSUPP; + } + + ret = _krb5_derive_key(context, et, &kd, "kerberos", strlen("kerberos")); + if (ret == 0) + ret = krb5_copy_keyblock_contents(context, kd.key, key); + _krb5_free_key_data(context, &kd, et); + + return ret; +} + +struct salt_type _krb5_AES_salt[] = { + { + KRB5_PW_SALT, + "pw-salt", + AES_string_to_key + }, + { 0 } +}; diff --git a/lib/krb5/salt-arcfour.c b/lib/krb5/salt-arcfour.c new file mode 100644 index 000000000000..ab5e51270c8e --- /dev/null +++ b/lib/krb5/salt-arcfour.c @@ -0,0 +1,112 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +static krb5_error_code +ARCFOUR_string_to_key(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_data opaque, + krb5_keyblock *key) +{ + krb5_error_code ret; + uint16_t *s = NULL; + size_t len = 0, i; + EVP_MD_CTX *m; + + m = EVP_MD_CTX_create(); + if (m == NULL) { + ret = ENOMEM; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + goto out; + } + + EVP_DigestInit_ex(m, EVP_md4(), NULL); + + ret = wind_utf8ucs2_length(password.data, &len); + if (ret) { + krb5_set_error_message (context, ret, + N_("Password not an UCS2 string", "")); + goto out; + } + + s = malloc (len * sizeof(s[0])); + if (len != 0 && s == NULL) { + krb5_set_error_message (context, ENOMEM, + N_("malloc: out of memory", "")); + ret = ENOMEM; + goto out; + } + + ret = wind_utf8ucs2(password.data, s, &len); + if (ret) { + krb5_set_error_message (context, ret, + N_("Password not an UCS2 string", "")); + goto out; + } + + /* LE encoding */ + for (i = 0; i < len; i++) { + unsigned char p; + p = (s[i] & 0xff); + EVP_DigestUpdate (m, &p, 1); + p = (s[i] >> 8) & 0xff; + EVP_DigestUpdate (m, &p, 1); + } + + key->keytype = enctype; + ret = krb5_data_alloc (&key->keyvalue, 16); + if (ret) { + krb5_set_error_message (context, ENOMEM, N_("malloc: out of memory", "")); + goto out; + } + EVP_DigestFinal_ex (m, key->keyvalue.data, NULL); + + out: + EVP_MD_CTX_destroy(m); + if (s) + memset (s, 0, len); + free (s); + return ret; +} + +struct salt_type _krb5_arcfour_salt[] = { + { + KRB5_PW_SALT, + "pw-salt", + ARCFOUR_string_to_key + }, + { 0 } +}; diff --git a/lib/krb5/salt-des.c b/lib/krb5/salt-des.c new file mode 100644 index 000000000000..56b285f72ed0 --- /dev/null +++ b/lib/krb5/salt-des.c @@ -0,0 +1,224 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +#ifdef HEIM_WEAK_CRYPTO + +#ifdef ENABLE_AFS_STRING_TO_KEY + +/* This defines the Andrew string_to_key function. It accepts a password + * string as input and converts it via a one-way encryption algorithm to a DES + * encryption key. It is compatible with the original Andrew authentication + * service password database. + */ + +/* + * Short passwords, i.e 8 characters or less. + */ +static void +krb5_DES_AFS3_CMU_string_to_key (krb5_data pw, + krb5_data cell, + DES_cblock *key) +{ + char password[8+1]; /* crypt is limited to 8 chars anyway */ + size_t i; + + for(i = 0; i < 8; i++) { + char c = ((i < pw.length) ? ((char*)pw.data)[i] : 0) ^ + ((i < cell.length) ? + tolower(((unsigned char*)cell.data)[i]) : 0); + password[i] = c ? c : 'X'; + } + password[8] = '\0'; + + memcpy(key, crypt(password, "p1") + 2, sizeof(DES_cblock)); + + /* parity is inserted into the LSB so left shift each byte up one + bit. This allows ascii characters with a zero MSB to retain as + much significance as possible. */ + for (i = 0; i < sizeof(DES_cblock); i++) + ((unsigned char*)key)[i] <<= 1; + DES_set_odd_parity (key); +} + +/* + * Long passwords, i.e 9 characters or more. + */ +static void +krb5_DES_AFS3_Transarc_string_to_key (krb5_data pw, + krb5_data cell, + DES_cblock *key) +{ + DES_key_schedule schedule; + DES_cblock temp_key; + DES_cblock ivec; + char password[512]; + size_t passlen; + + memcpy(password, pw.data, min(pw.length, sizeof(password))); + if(pw.length < sizeof(password)) { + int len = min(cell.length, sizeof(password) - pw.length); + size_t i; + + memcpy(password + pw.length, cell.data, len); + for (i = pw.length; i < pw.length + len; ++i) + password[i] = tolower((unsigned char)password[i]); + } + passlen = min(sizeof(password), pw.length + cell.length); + memcpy(&ivec, "kerberos", 8); + memcpy(&temp_key, "kerberos", 8); + DES_set_odd_parity (&temp_key); + DES_set_key_unchecked (&temp_key, &schedule); + DES_cbc_cksum ((void*)password, &ivec, passlen, &schedule, &ivec); + + memcpy(&temp_key, &ivec, 8); + DES_set_odd_parity (&temp_key); + DES_set_key_unchecked (&temp_key, &schedule); + DES_cbc_cksum ((void*)password, key, passlen, &schedule, &ivec); + memset(&schedule, 0, sizeof(schedule)); + memset(&temp_key, 0, sizeof(temp_key)); + memset(&ivec, 0, sizeof(ivec)); + memset(password, 0, sizeof(password)); + + DES_set_odd_parity (key); +} + +static krb5_error_code +DES_AFS3_string_to_key(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_data opaque, + krb5_keyblock *key) +{ + DES_cblock tmp; + if(password.length > 8) + krb5_DES_AFS3_Transarc_string_to_key(password, salt.saltvalue, &tmp); + else + krb5_DES_AFS3_CMU_string_to_key(password, salt.saltvalue, &tmp); + key->keytype = enctype; + krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp)); + memset(&key, 0, sizeof(key)); + return 0; +} +#endif /* ENABLE_AFS_STRING_TO_KEY */ + +static void +DES_string_to_key_int(unsigned char *data, size_t length, DES_cblock *key) +{ + DES_key_schedule schedule; + size_t i; + int reverse = 0; + unsigned char *p; + + unsigned char swap[] = { 0x0, 0x8, 0x4, 0xc, 0x2, 0xa, 0x6, 0xe, + 0x1, 0x9, 0x5, 0xd, 0x3, 0xb, 0x7, 0xf }; + memset(key, 0, 8); + + p = (unsigned char*)key; + for (i = 0; i < length; i++) { + unsigned char tmp = data[i]; + if (!reverse) + *p++ ^= (tmp << 1); + else + *--p ^= (swap[tmp & 0xf] << 4) | swap[(tmp & 0xf0) >> 4]; + if((i % 8) == 7) + reverse = !reverse; + } + DES_set_odd_parity(key); + if(DES_is_weak_key(key)) + (*key)[7] ^= 0xF0; + DES_set_key_unchecked(key, &schedule); + DES_cbc_cksum((void*)data, key, length, &schedule, key); + memset(&schedule, 0, sizeof(schedule)); + DES_set_odd_parity(key); + if(DES_is_weak_key(key)) + (*key)[7] ^= 0xF0; +} + +static krb5_error_code +krb5_DES_string_to_key(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_data opaque, + krb5_keyblock *key) +{ + unsigned char *s; + size_t len; + DES_cblock tmp; + +#ifdef ENABLE_AFS_STRING_TO_KEY + if (opaque.length == 1) { + unsigned long v; + _krb5_get_int(opaque.data, &v, 1); + if (v == 1) + return DES_AFS3_string_to_key(context, enctype, password, + salt, opaque, key); + } +#endif + + len = password.length + salt.saltvalue.length; + s = malloc(len); + if(len > 0 && s == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + memcpy(s, password.data, password.length); + memcpy(s + password.length, salt.saltvalue.data, salt.saltvalue.length); + DES_string_to_key_int(s, len, &tmp); + key->keytype = enctype; + krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp)); + memset(&tmp, 0, sizeof(tmp)); + memset(s, 0, len); + free(s); + return 0; +} + +struct salt_type _krb5_des_salt[] = { + { + KRB5_PW_SALT, + "pw-salt", + krb5_DES_string_to_key + }, +#ifdef ENABLE_AFS_STRING_TO_KEY + { + KRB5_AFS3_SALT, + "afs3-salt", + DES_AFS3_string_to_key + }, +#endif + { 0 } +}; +#endif diff --git a/lib/krb5/salt-des3.c b/lib/krb5/salt-des3.c new file mode 100644 index 000000000000..79140a274f9e --- /dev/null +++ b/lib/krb5/salt-des3.c @@ -0,0 +1,150 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +#ifdef DES3_OLD_ENCTYPE +static krb5_error_code +DES3_string_to_key(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_data opaque, + krb5_keyblock *key) +{ + char *str; + size_t len; + unsigned char tmp[24]; + DES_cblock keys[3]; + krb5_error_code ret; + + len = password.length + salt.saltvalue.length; + str = malloc(len); + if(len != 0 && str == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + memcpy(str, password.data, password.length); + memcpy(str + password.length, salt.saltvalue.data, salt.saltvalue.length); + { + DES_cblock ivec; + DES_key_schedule s[3]; + int i; + + ret = _krb5_n_fold(str, len, tmp, 24); + if (ret) { + memset(str, 0, len); + free(str); + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + return ret; + } + + for(i = 0; i < 3; i++){ + memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); + DES_set_odd_parity(keys + i); + if(DES_is_weak_key(keys + i)) + _krb5_xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); + DES_set_key_unchecked(keys + i, &s[i]); + } + memset(&ivec, 0, sizeof(ivec)); + DES_ede3_cbc_encrypt(tmp, + tmp, sizeof(tmp), + &s[0], &s[1], &s[2], &ivec, DES_ENCRYPT); + memset(s, 0, sizeof(s)); + memset(&ivec, 0, sizeof(ivec)); + for(i = 0; i < 3; i++){ + memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); + DES_set_odd_parity(keys + i); + if(DES_is_weak_key(keys + i)) + _krb5_xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); + } + memset(tmp, 0, sizeof(tmp)); + } + key->keytype = enctype; + krb5_data_copy(&key->keyvalue, keys, sizeof(keys)); + memset(keys, 0, sizeof(keys)); + memset(str, 0, len); + free(str); + return 0; +} +#endif + +static krb5_error_code +DES3_string_to_key_derived(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_data opaque, + krb5_keyblock *key) +{ + krb5_error_code ret; + size_t len = password.length + salt.saltvalue.length; + char *s; + + s = malloc(len); + if(len != 0 && s == NULL) { + krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + memcpy(s, password.data, password.length); + memcpy(s + password.length, salt.saltvalue.data, salt.saltvalue.length); + ret = krb5_string_to_key_derived(context, + s, + len, + enctype, + key); + memset(s, 0, len); + free(s); + return ret; +} + + +#ifdef DES3_OLD_ENCTYPE +struct salt_type _krb5_des3_salt[] = { + { + KRB5_PW_SALT, + "pw-salt", + DES3_string_to_key + }, + { 0 } +}; +#endif + +struct salt_type _krb5_des3_salt_derived[] = { + { + KRB5_PW_SALT, + "pw-salt", + DES3_string_to_key_derived + }, + { 0 } +}; diff --git a/lib/krb5/salt.c b/lib/krb5/salt.c new file mode 100644 index 000000000000..5e4c8a1c8572 --- /dev/null +++ b/lib/krb5/salt.c @@ -0,0 +1,305 @@ +/* + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +/* coverity[+alloc : arg-*3] */ +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_salttype_to_string (krb5_context context, + krb5_enctype etype, + krb5_salttype stype, + char **string) +{ + struct _krb5_encryption_type *e; + struct salt_type *st; + + e = _krb5_find_enctype (etype); + if (e == NULL) { + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + "encryption type %d not supported", + etype); + return KRB5_PROG_ETYPE_NOSUPP; + } + for (st = e->keytype->string_to_key; st && st->type; st++) { + if (st->type == stype) { + *string = strdup (st->name); + if (*string == NULL) { + krb5_set_error_message (context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + return 0; + } + } + krb5_set_error_message (context, HEIM_ERR_SALTTYPE_NOSUPP, + "salttype %d not supported", stype); + return HEIM_ERR_SALTTYPE_NOSUPP; +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_string_to_salttype (krb5_context context, + krb5_enctype etype, + const char *string, + krb5_salttype *salttype) +{ + struct _krb5_encryption_type *e; + struct salt_type *st; + + e = _krb5_find_enctype (etype); + if (e == NULL) { + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + etype); + return KRB5_PROG_ETYPE_NOSUPP; + } + for (st = e->keytype->string_to_key; st && st->type; st++) { + if (strcasecmp (st->name, string) == 0) { + *salttype = st->type; + return 0; + } + } + krb5_set_error_message(context, HEIM_ERR_SALTTYPE_NOSUPP, + N_("salttype %s not supported", ""), string); + return HEIM_ERR_SALTTYPE_NOSUPP; +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_pw_salt(krb5_context context, + krb5_const_principal principal, + krb5_salt *salt) +{ + size_t len; + size_t i; + krb5_error_code ret; + char *p; + + salt->salttype = KRB5_PW_SALT; + len = strlen(principal->realm); + for (i = 0; i < principal->name.name_string.len; ++i) + len += strlen(principal->name.name_string.val[i]); + ret = krb5_data_alloc (&salt->saltvalue, len); + if (ret) + return ret; + p = salt->saltvalue.data; + memcpy (p, principal->realm, strlen(principal->realm)); + p += strlen(principal->realm); + for (i = 0; i < principal->name.name_string.len; ++i) { + memcpy (p, + principal->name.name_string.val[i], + strlen(principal->name.name_string.val[i])); + p += strlen(principal->name.name_string.val[i]); + } + return 0; +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_free_salt(krb5_context context, + krb5_salt salt) +{ + krb5_data_free(&salt.saltvalue); + return 0; +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_string_to_key_data (krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_principal principal, + krb5_keyblock *key) +{ + krb5_error_code ret; + krb5_salt salt; + + ret = krb5_get_pw_salt(context, principal, &salt); + if(ret) + return ret; + ret = krb5_string_to_key_data_salt(context, enctype, password, salt, key); + krb5_free_salt(context, salt); + return ret; +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_string_to_key (krb5_context context, + krb5_enctype enctype, + const char *password, + krb5_principal principal, + krb5_keyblock *key) +{ + krb5_data pw; + pw.data = rk_UNCONST(password); + pw.length = strlen(password); + return krb5_string_to_key_data(context, enctype, pw, principal, key); +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_string_to_key_data_salt (krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_keyblock *key) +{ + krb5_data opaque; + krb5_data_zero(&opaque); + return krb5_string_to_key_data_salt_opaque(context, enctype, password, + salt, opaque, key); +} + +/* + * Do a string -> key for encryption type `enctype' operation on + * `password' (with salt `salt' and the enctype specific data string + * `opaque'), returning the resulting key in `key' + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_string_to_key_data_salt_opaque (krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_data opaque, + krb5_keyblock *key) +{ + struct _krb5_encryption_type *et =_krb5_find_enctype(enctype); + struct salt_type *st; + if(et == NULL) { + krb5_set_error_message(context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + enctype); + return KRB5_PROG_ETYPE_NOSUPP; + } + for(st = et->keytype->string_to_key; st && st->type; st++) + if(st->type == salt.salttype) + return (*st->string_to_key)(context, enctype, password, + salt, opaque, key); + krb5_set_error_message(context, HEIM_ERR_SALTTYPE_NOSUPP, + N_("salt type %d not supported", ""), + salt.salttype); + return HEIM_ERR_SALTTYPE_NOSUPP; +} + +/* + * Do a string -> key for encryption type `enctype' operation on the + * string `password' (with salt `salt'), returning the resulting key + * in `key' + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_string_to_key_salt (krb5_context context, + krb5_enctype enctype, + const char *password, + krb5_salt salt, + krb5_keyblock *key) +{ + krb5_data pw; + pw.data = rk_UNCONST(password); + pw.length = strlen(password); + return krb5_string_to_key_data_salt(context, enctype, pw, salt, key); +} + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_string_to_key_salt_opaque (krb5_context context, + krb5_enctype enctype, + const char *password, + krb5_salt salt, + krb5_data opaque, + krb5_keyblock *key) +{ + krb5_data pw; + pw.data = rk_UNCONST(password); + pw.length = strlen(password); + return krb5_string_to_key_data_salt_opaque(context, enctype, + pw, salt, opaque, key); +} + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_string_to_key_derived(krb5_context context, + const void *str, + size_t len, + krb5_enctype etype, + krb5_keyblock *key) +{ + struct _krb5_encryption_type *et = _krb5_find_enctype(etype); + krb5_error_code ret; + struct _krb5_key_data kd; + size_t keylen; + u_char *tmp; + + if(et == NULL) { + krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP, + N_("encryption type %d not supported", ""), + etype); + return KRB5_PROG_ETYPE_NOSUPP; + } + keylen = et->keytype->bits / 8; + + ALLOC(kd.key, 1); + if(kd.key == NULL) { + krb5_set_error_message (context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); + if(ret) { + free(kd.key); + return ret; + } + kd.key->keytype = etype; + tmp = malloc (keylen); + if(tmp == NULL) { + krb5_free_keyblock(context, kd.key); + krb5_set_error_message (context, ENOMEM, N_("malloc: out of memory", "")); + return ENOMEM; + } + ret = _krb5_n_fold(str, len, tmp, keylen); + if (ret) { + free(tmp); + krb5_set_error_message (context, ENOMEM, N_("malloc: out of memory", "")); + return ret; + } + kd.schedule = NULL; + _krb5_DES3_random_to_key(context, kd.key, tmp, keylen); + memset(tmp, 0, keylen); + free(tmp); + ret = _krb5_derive_key(context, + et, + &kd, + "kerberos", /* XXX well known constant */ + strlen("kerberos")); + if (ret) { + _krb5_free_key_data(context, &kd, et); + return ret; + } + ret = krb5_copy_keyblock_contents(context, kd.key, key); + _krb5_free_key_data(context, &kd, et); + return ret; +} diff --git a/lib/krb5/scache.c b/lib/krb5/scache.c new file mode 100644 index 000000000000..5c422c6a4491 --- /dev/null +++ b/lib/krb5/scache.c @@ -0,0 +1,1451 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +#ifdef HAVE_SCC + +#include + +typedef struct krb5_scache { + char *name; + char *file; + sqlite3 *db; + + sqlite_uint64 cid; + + sqlite3_stmt *icred; + sqlite3_stmt *dcred; + sqlite3_stmt *iprincipal; + + sqlite3_stmt *icache; + sqlite3_stmt *ucachen; + sqlite3_stmt *ucachep; + sqlite3_stmt *dcache; + sqlite3_stmt *scache; + sqlite3_stmt *scache_name; + sqlite3_stmt *umaster; + +} krb5_scache; + +#define SCACHE(X) ((krb5_scache *)(X)->data.data) + +#define SCACHE_DEF_NAME "Default-cache" +#ifdef KRB5_USE_PATH_TOKENS +#define KRB5_SCACHE_DB "%{TEMP}/krb5scc_%{uid}" +#else +#define KRB5_SCACHE_DB "/tmp/krb5scc_%{uid}" +#endif +#define KRB5_SCACHE_NAME "SCC:" SCACHE_DEF_NAME ":" KRB5_SCACHE_DB + +#define SCACHE_INVALID_CID ((sqlite_uint64)-1) + +/* + * + */ + +#define SQL_CMASTER "" \ + "CREATE TABLE master (" \ + "oid INTEGER PRIMARY KEY," \ + "version INTEGER NOT NULL," \ + "defaultcache TEXT NOT NULL" \ + ")" + +#define SQL_SETUP_MASTER \ + "INSERT INTO master (version,defaultcache) VALUES(2, \"" SCACHE_DEF_NAME "\")" +#define SQL_UMASTER "UPDATE master SET defaultcache=? WHERE version=2" + +#define SQL_CCACHE "" \ + "CREATE TABLE caches (" \ + "oid INTEGER PRIMARY KEY," \ + "principal TEXT," \ + "name TEXT NOT NULL" \ + ")" + +#define SQL_TCACHE "" \ + "CREATE TRIGGER CacheDropCreds AFTER DELETE ON caches " \ + "FOR EACH ROW BEGIN " \ + "DELETE FROM credentials WHERE cid=old.oid;" \ + "END" + +#define SQL_ICACHE "INSERT INTO caches (name) VALUES(?)" +#define SQL_UCACHE_NAME "UPDATE caches SET name=? WHERE OID=?" +#define SQL_UCACHE_PRINCIPAL "UPDATE caches SET principal=? WHERE OID=?" +#define SQL_DCACHE "DELETE FROM caches WHERE OID=?" +#define SQL_SCACHE "SELECT principal,name FROM caches WHERE OID=?" +#define SQL_SCACHE_NAME "SELECT oid FROM caches WHERE NAME=?" + +#define SQL_CCREDS "" \ + "CREATE TABLE credentials (" \ + "oid INTEGER PRIMARY KEY," \ + "cid INTEGER NOT NULL," \ + "kvno INTEGER NOT NULL," \ + "etype INTEGER NOT NULL," \ + "created_at INTEGER NOT NULL," \ + "cred BLOB NOT NULL" \ + ")" + +#define SQL_TCRED "" \ + "CREATE TRIGGER credDropPrincipal AFTER DELETE ON credentials " \ + "FOR EACH ROW BEGIN " \ + "DELETE FROM principals WHERE credential_id=old.oid;" \ + "END" + +#define SQL_ICRED "INSERT INTO credentials (cid, kvno, etype, cred, created_at) VALUES (?,?,?,?,?)" +#define SQL_DCRED "DELETE FROM credentials WHERE cid=?" + +#define SQL_CPRINCIPALS "" \ + "CREATE TABLE principals (" \ + "oid INTEGER PRIMARY KEY," \ + "principal TEXT NOT NULL," \ + "type INTEGER NOT NULL," \ + "credential_id INTEGER NOT NULL" \ + ")" + +#define SQL_IPRINCIPAL "INSERT INTO principals (principal, type, credential_id) VALUES (?,?,?)" + +/* + * sqlite destructors + */ + +static void +free_data(void *data) +{ + free(data); +} + +static void +free_krb5(void *str) +{ + krb5_xfree(str); +} + +static void +scc_free(krb5_scache *s) +{ + if (s->file) + free(s->file); + if (s->name) + free(s->name); + + if (s->icred) + sqlite3_finalize(s->icred); + if (s->dcred) + sqlite3_finalize(s->dcred); + if (s->iprincipal) + sqlite3_finalize(s->iprincipal); + if (s->icache) + sqlite3_finalize(s->icache); + if (s->ucachen) + sqlite3_finalize(s->ucachen); + if (s->ucachep) + sqlite3_finalize(s->ucachep); + if (s->dcache) + sqlite3_finalize(s->dcache); + if (s->scache) + sqlite3_finalize(s->scache); + if (s->scache_name) + sqlite3_finalize(s->scache_name); + if (s->umaster) + sqlite3_finalize(s->umaster); + + if (s->db) + sqlite3_close(s->db); + free(s); +} + +#ifdef TRACEME +static void +trace(void* ptr, const char * str) +{ + printf("SQL: %s\n", str); +} +#endif + +static krb5_error_code +prepare_stmt(krb5_context context, sqlite3 *db, + sqlite3_stmt **stmt, const char *str) +{ + int ret; + + ret = sqlite3_prepare_v2(db, str, -1, stmt, NULL); + if (ret != SQLITE_OK) { + krb5_set_error_message(context, ENOENT, + N_("Failed to prepare stmt %s: %s", ""), + str, sqlite3_errmsg(db)); + return ENOENT; + } + return 0; +} + +static krb5_error_code +exec_stmt(krb5_context context, sqlite3 *db, const char *str, + krb5_error_code code) +{ + int ret; + + ret = sqlite3_exec(db, str, NULL, NULL, NULL); + if (ret != SQLITE_OK && code) { + krb5_set_error_message(context, code, + N_("scache execute %s: %s", ""), str, + sqlite3_errmsg(db)); + return code; + } + return 0; +} + +static krb5_error_code +default_db(krb5_context context, sqlite3 **db) +{ + char *name; + int ret; + + ret = _krb5_expand_default_cc_name(context, KRB5_SCACHE_DB, &name); + if (ret) + return ret; + + ret = sqlite3_open_v2(name, db, SQLITE_OPEN_READWRITE, NULL); + free(name); + if (ret != SQLITE_OK) { + krb5_clear_error_message(context); + return ENOENT; + } + +#ifdef TRACEME + sqlite3_trace(*db, trace, NULL); +#endif + + return 0; +} + +static krb5_error_code +get_def_name(krb5_context context, char **str) +{ + krb5_error_code ret; + sqlite3_stmt *stmt; + const char *name; + sqlite3 *db; + + ret = default_db(context, &db); + if (ret) + return ret; + + ret = prepare_stmt(context, db, &stmt, "SELECT defaultcache FROM master"); + if (ret) { + sqlite3_close(db); + return ret; + } + + ret = sqlite3_step(stmt); + if (ret != SQLITE_ROW) + goto out; + + if (sqlite3_column_type(stmt, 0) != SQLITE_TEXT) + goto out; + + name = (const char *)sqlite3_column_text(stmt, 0); + if (name == NULL) + goto out; + + *str = strdup(name); + if (*str == NULL) + goto out; + + sqlite3_finalize(stmt); + sqlite3_close(db); + return 0; +out: + sqlite3_finalize(stmt); + sqlite3_close(db); + krb5_clear_error_message(context); + return ENOENT; +} + + + +static krb5_scache * KRB5_CALLCONV +scc_alloc(krb5_context context, const char *name) +{ + krb5_error_code ret; + krb5_scache *s; + + ALLOC(s, 1); + if(s == NULL) + return NULL; + + s->cid = SCACHE_INVALID_CID; + + if (name) { + char *file; + + if (*name == '\0') { + krb5_error_code ret; + ret = get_def_name(context, &s->name); + if (ret) + s->name = strdup(SCACHE_DEF_NAME); + } else + s->name = strdup(name); + + file = strrchr(s->name, ':'); + if (file) { + *file++ = '\0'; + s->file = strdup(file); + ret = 0; + } else { + ret = _krb5_expand_default_cc_name(context, KRB5_SCACHE_DB, &s->file); + } + } else { + _krb5_expand_default_cc_name(context, KRB5_SCACHE_DB, &s->file); + ret = asprintf(&s->name, "unique-%p", s); + } + if (ret < 0 || s->file == NULL || s->name == NULL) { + scc_free(s); + return NULL; + } + + return s; +} + +static krb5_error_code +open_database(krb5_context context, krb5_scache *s, int flags) +{ + int ret; + + ret = sqlite3_open_v2(s->file, &s->db, SQLITE_OPEN_READWRITE|flags, NULL); + if (ret) { + if (s->db) { + krb5_set_error_message(context, ENOENT, + N_("Error opening scache file %s: %s", ""), + s->file, sqlite3_errmsg(s->db)); + sqlite3_close(s->db); + s->db = NULL; + } else + krb5_set_error_message(context, ENOENT, + N_("malloc: out of memory", "")); + return ENOENT; + } + return 0; +} + +static krb5_error_code +create_cache(krb5_context context, krb5_scache *s) +{ + int ret; + + sqlite3_bind_text(s->icache, 1, s->name, -1, NULL); + do { + ret = sqlite3_step(s->icache); + } while (ret == SQLITE_ROW); + if (ret != SQLITE_DONE) { + krb5_set_error_message(context, KRB5_CC_IO, + N_("Failed to add scache: %d", ""), ret); + return KRB5_CC_IO; + } + sqlite3_reset(s->icache); + + s->cid = sqlite3_last_insert_rowid(s->db); + + return 0; +} + +static krb5_error_code +make_database(krb5_context context, krb5_scache *s) +{ + int created_file = 0; + int ret; + + if (s->db) + return 0; + + ret = open_database(context, s, 0); + if (ret) { + mode_t oldumask = umask(077); + ret = open_database(context, s, SQLITE_OPEN_CREATE); + umask(oldumask); + if (ret) goto out; + + created_file = 1; + + ret = exec_stmt(context, s->db, SQL_CMASTER, KRB5_CC_IO); + if (ret) goto out; + ret = exec_stmt(context, s->db, SQL_CCACHE, KRB5_CC_IO); + if (ret) goto out; + ret = exec_stmt(context, s->db, SQL_CCREDS, KRB5_CC_IO); + if (ret) goto out; + ret = exec_stmt(context, s->db, SQL_CPRINCIPALS, KRB5_CC_IO); + if (ret) goto out; + ret = exec_stmt(context, s->db, SQL_SETUP_MASTER, KRB5_CC_IO); + if (ret) goto out; + + ret = exec_stmt(context, s->db, SQL_TCACHE, KRB5_CC_IO); + if (ret) goto out; + ret = exec_stmt(context, s->db, SQL_TCRED, KRB5_CC_IO); + if (ret) goto out; + } + +#ifdef TRACEME + sqlite3_trace(s->db, trace, NULL); +#endif + + ret = prepare_stmt(context, s->db, &s->icred, SQL_ICRED); + if (ret) goto out; + ret = prepare_stmt(context, s->db, &s->dcred, SQL_DCRED); + if (ret) goto out; + ret = prepare_stmt(context, s->db, &s->iprincipal, SQL_IPRINCIPAL); + if (ret) goto out; + ret = prepare_stmt(context, s->db, &s->icache, SQL_ICACHE); + if (ret) goto out; + ret = prepare_stmt(context, s->db, &s->ucachen, SQL_UCACHE_NAME); + if (ret) goto out; + ret = prepare_stmt(context, s->db, &s->ucachep, SQL_UCACHE_PRINCIPAL); + if (ret) goto out; + ret = prepare_stmt(context, s->db, &s->dcache, SQL_DCACHE); + if (ret) goto out; + ret = prepare_stmt(context, s->db, &s->scache, SQL_SCACHE); + if (ret) goto out; + ret = prepare_stmt(context, s->db, &s->scache_name, SQL_SCACHE_NAME); + if (ret) goto out; + ret = prepare_stmt(context, s->db, &s->umaster, SQL_UMASTER); + if (ret) goto out; + + return 0; + +out: + if (s->db) + sqlite3_close(s->db); + if (created_file) + unlink(s->file); + + return ret; +} + +static krb5_error_code +bind_principal(krb5_context context, + sqlite3 *db, + sqlite3_stmt *stmt, + int col, + krb5_const_principal principal) +{ + krb5_error_code ret; + char *str; + + ret = krb5_unparse_name(context, principal, &str); + if (ret) + return ret; + + ret = sqlite3_bind_text(stmt, col, str, -1, free_krb5); + if (ret != SQLITE_OK) { + krb5_xfree(str); + krb5_set_error_message(context, ENOMEM, + N_("scache bind principal: %s", ""), + sqlite3_errmsg(db)); + return ENOMEM; + } + return 0; +} + +/* + * + */ + +static const char* KRB5_CALLCONV +scc_get_name(krb5_context context, + krb5_ccache id) +{ + return SCACHE(id)->name; +} + +static krb5_error_code KRB5_CALLCONV +scc_resolve(krb5_context context, krb5_ccache *id, const char *res) +{ + krb5_scache *s; + int ret; + + s = scc_alloc(context, res); + if (s == NULL) { + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); + return KRB5_CC_NOMEM; + } + + ret = make_database(context, s); + if (ret) { + scc_free(s); + return ret; + } + + ret = sqlite3_bind_text(s->scache_name, 1, s->name, -1, NULL); + if (ret != SQLITE_OK) { + krb5_set_error_message(context, ENOMEM, + "bind name: %s", sqlite3_errmsg(s->db)); + scc_free(s); + return ENOMEM; + } + + if (sqlite3_step(s->scache_name) == SQLITE_ROW) { + + if (sqlite3_column_type(s->scache_name, 0) != SQLITE_INTEGER) { + sqlite3_reset(s->scache_name); + krb5_set_error_message(context, KRB5_CC_END, + N_("Cache name of wrong type " + "for scache %s", ""), + s->name); + scc_free(s); + return KRB5_CC_END; + } + + s->cid = sqlite3_column_int(s->scache_name, 0); + } else { + s->cid = SCACHE_INVALID_CID; + } + sqlite3_reset(s->scache_name); + + (*id)->data.data = s; + (*id)->data.length = sizeof(*s); + + return 0; +} + +static krb5_error_code KRB5_CALLCONV +scc_gen_new(krb5_context context, krb5_ccache *id) +{ + krb5_scache *s; + + s = scc_alloc(context, NULL); + + if (s == NULL) { + krb5_set_error_message(context, KRB5_CC_NOMEM, + N_("malloc: out of memory", "")); + return KRB5_CC_NOMEM; + } + + (*id)->data.data = s; + (*id)->data.length = sizeof(*s); + + return 0; +} + +static krb5_error_code KRB5_CALLCONV +scc_initialize(krb5_context context, + krb5_ccache id, + krb5_principal primary_principal) +{ + krb5_scache *s = SCACHE(id); + krb5_error_code ret; + + ret = make_database(context, s); + if (ret) + return ret; + + ret = exec_stmt(context, s->db, "BEGIN IMMEDIATE TRANSACTION", KRB5_CC_IO); + if (ret) return ret; + + if (s->cid == SCACHE_INVALID_CID) { + ret = create_cache(context, s); + if (ret) + goto rollback; + } else { + sqlite3_bind_int(s->dcred, 1, s->cid); + do { + ret = sqlite3_step(s->dcred); + } while (ret == SQLITE_ROW); + sqlite3_reset(s->dcred); + if (ret != SQLITE_DONE) { + ret = KRB5_CC_IO; + krb5_set_error_message(context, ret, + N_("Failed to delete old " + "credentials: %s", ""), + sqlite3_errmsg(s->db)); + goto rollback; + } + } + + ret = bind_principal(context, s->db, s->ucachep, 1, primary_principal); + if (ret) + goto rollback; + sqlite3_bind_int(s->ucachep, 2, s->cid); + + do { + ret = sqlite3_step(s->ucachep); + } while (ret == SQLITE_ROW); + sqlite3_reset(s->ucachep); + if (ret != SQLITE_DONE) { + ret = KRB5_CC_IO; + krb5_set_error_message(context, ret, + N_("Failed to bind principal to cache %s", ""), + sqlite3_errmsg(s->db)); + goto rollback; + } + + ret = exec_stmt(context, s->db, "COMMIT", KRB5_CC_IO); + if (ret) return ret; + + return 0; + +rollback: + exec_stmt(context, s->db, "ROLLBACK", 0); + + return ret; + +} + +static krb5_error_code KRB5_CALLCONV +scc_close(krb5_context context, + krb5_ccache id) +{ + scc_free(SCACHE(id)); + return 0; +} + +static krb5_error_code KRB5_CALLCONV +scc_destroy(krb5_context context, + krb5_ccache id) +{ + krb5_scache *s = SCACHE(id); + int ret; + + if (s->cid == SCACHE_INVALID_CID) + return 0; + + sqlite3_bind_int(s->dcache, 1, s->cid); + do { + ret = sqlite3_step(s->dcache); + } while (ret == SQLITE_ROW); + sqlite3_reset(s->dcache); + if (ret != SQLITE_DONE) { + krb5_set_error_message(context, KRB5_CC_IO, + N_("Failed to destroy cache %s: %s", ""), + s->name, sqlite3_errmsg(s->db)); + return KRB5_CC_IO; + } + return 0; +} + +static krb5_error_code +encode_creds(krb5_context context, krb5_creds *creds, krb5_data *data) +{ + krb5_error_code ret; + krb5_storage *sp; + + sp = krb5_storage_emem(); + if (sp == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + + ret = krb5_store_creds(sp, creds); + if (ret) { + krb5_set_error_message(context, ret, + N_("Failed to store credential in scache", "")); + krb5_storage_free(sp); + return ret; + } + + ret = krb5_storage_to_data(sp, data); + krb5_storage_free(sp); + if (ret) + krb5_set_error_message(context, ret, + N_("Failed to encode credential in scache", "")); + return ret; +} + +static krb5_error_code +decode_creds(krb5_context context, const void *data, size_t length, + krb5_creds *creds) +{ + krb5_error_code ret; + krb5_storage *sp; + + sp = krb5_storage_from_readonly_mem(data, length); + if (sp == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + + ret = krb5_ret_creds(sp, creds); + krb5_storage_free(sp); + if (ret) { + krb5_set_error_message(context, ret, + N_("Failed to read credential in scache", "")); + return ret; + } + return 0; +} + + +static krb5_error_code KRB5_CALLCONV +scc_store_cred(krb5_context context, + krb5_ccache id, + krb5_creds *creds) +{ + sqlite_uint64 credid; + krb5_scache *s = SCACHE(id); + krb5_error_code ret; + krb5_data data; + + ret = make_database(context, s); + if (ret) + return ret; + + ret = encode_creds(context, creds, &data); + if (ret) + return ret; + + sqlite3_bind_int(s->icred, 1, s->cid); + { + krb5_enctype etype = 0; + int kvno = 0; + Ticket t; + size_t len; + + ret = decode_Ticket(creds->ticket.data, + creds->ticket.length, &t, &len); + if (ret == 0) { + if(t.enc_part.kvno) + kvno = *t.enc_part.kvno; + + etype = t.enc_part.etype; + + free_Ticket(&t); + } + + sqlite3_bind_int(s->icred, 2, kvno); + sqlite3_bind_int(s->icred, 3, etype); + + } + + sqlite3_bind_blob(s->icred, 4, data.data, data.length, free_data); + sqlite3_bind_int(s->icred, 5, time(NULL)); + + ret = exec_stmt(context, s->db, "BEGIN IMMEDIATE TRANSACTION", KRB5_CC_IO); + if (ret) return ret; + + do { + ret = sqlite3_step(s->icred); + } while (ret == SQLITE_ROW); + sqlite3_reset(s->icred); + if (ret != SQLITE_DONE) { + ret = KRB5_CC_IO; + krb5_set_error_message(context, ret, + N_("Failed to add credential: %s", ""), + sqlite3_errmsg(s->db)); + goto rollback; + } + + credid = sqlite3_last_insert_rowid(s->db); + + { + bind_principal(context, s->db, s->iprincipal, 1, creds->server); + sqlite3_bind_int(s->iprincipal, 2, 1); + sqlite3_bind_int(s->iprincipal, 3, credid); + + do { + ret = sqlite3_step(s->iprincipal); + } while (ret == SQLITE_ROW); + sqlite3_reset(s->iprincipal); + if (ret != SQLITE_DONE) { + ret = KRB5_CC_IO; + krb5_set_error_message(context, ret, + N_("Failed to add principal: %s", ""), + sqlite3_errmsg(s->db)); + goto rollback; + } + } + + { + bind_principal(context, s->db, s->iprincipal, 1, creds->client); + sqlite3_bind_int(s->iprincipal, 2, 0); + sqlite3_bind_int(s->iprincipal, 3, credid); + + do { + ret = sqlite3_step(s->iprincipal); + } while (ret == SQLITE_ROW); + sqlite3_reset(s->iprincipal); + if (ret != SQLITE_DONE) { + ret = KRB5_CC_IO; + krb5_set_error_message(context, ret, + N_("Failed to add principal: %s", ""), + sqlite3_errmsg(s->db)); + goto rollback; + } + } + + ret = exec_stmt(context, s->db, "COMMIT", KRB5_CC_IO); + if (ret) return ret; + + return 0; + +rollback: + exec_stmt(context, s->db, "ROLLBACK", 0); + + return ret; +} + +static krb5_error_code KRB5_CALLCONV +scc_get_principal(krb5_context context, + krb5_ccache id, + krb5_principal *principal) +{ + krb5_scache *s = SCACHE(id); + krb5_error_code ret; + const char *str; + + *principal = NULL; + + ret = make_database(context, s); + if (ret) + return ret; + + sqlite3_bind_int(s->scache, 1, s->cid); + + if (sqlite3_step(s->scache) != SQLITE_ROW) { + sqlite3_reset(s->scache); + krb5_set_error_message(context, KRB5_CC_END, + N_("No principal for cache SCC:%s:%s", ""), + s->name, s->file); + return KRB5_CC_END; + } + + if (sqlite3_column_type(s->scache, 0) != SQLITE_TEXT) { + sqlite3_reset(s->scache); + krb5_set_error_message(context, KRB5_CC_END, + N_("Principal data of wrong type " + "for SCC:%s:%s", ""), + s->name, s->file); + return KRB5_CC_END; + } + + str = (const char *)sqlite3_column_text(s->scache, 0); + if (str == NULL) { + sqlite3_reset(s->scache); + krb5_set_error_message(context, KRB5_CC_END, + N_("Principal not set for SCC:%s:%s", ""), + s->name, s->file); + return KRB5_CC_END; + } + + ret = krb5_parse_name(context, str, principal); + + sqlite3_reset(s->scache); + + return ret; +} + +struct cred_ctx { + char *drop; + sqlite3_stmt *stmt; + sqlite3_stmt *credstmt; +}; + +static krb5_error_code KRB5_CALLCONV +scc_get_first (krb5_context context, + krb5_ccache id, + krb5_cc_cursor *cursor) +{ + krb5_scache *s = SCACHE(id); + krb5_error_code ret; + struct cred_ctx *ctx; + char *str = NULL, *name = NULL; + + *cursor = NULL; + + ctx = calloc(1, sizeof(*ctx)); + if (ctx == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + + ret = make_database(context, s); + if (ret) { + free(ctx); + return ret; + } + + if (s->cid == SCACHE_INVALID_CID) { + krb5_set_error_message(context, KRB5_CC_END, + N_("Iterating a invalid scache %s", ""), + s->name); + free(ctx); + return KRB5_CC_END; + } + + ret = asprintf(&name, "credIteration%pPid%d", + ctx, (int)getpid()); + if (ret < 0 || name == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + free(ctx); + return ENOMEM; + } + + ret = asprintf(&ctx->drop, "DROP TABLE %s", name); + if (ret < 0 || ctx->drop == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + free(name); + free(ctx); + return ENOMEM; + } + + ret = asprintf(&str, "CREATE TEMPORARY TABLE %s " + "AS SELECT oid,created_at FROM credentials WHERE cid = %lu", + name, (unsigned long)s->cid); + if (ret < 0 || str == NULL) { + free(ctx->drop); + free(name); + free(ctx); + return ENOMEM; + } + + ret = exec_stmt(context, s->db, str, KRB5_CC_IO); + free(str); + str = NULL; + if (ret) { + free(ctx->drop); + free(name); + free(ctx); + return ret; + } + + ret = asprintf(&str, "SELECT oid FROM %s ORDER BY created_at", name); + if (ret < 0 || str == NULL) { + exec_stmt(context, s->db, ctx->drop, 0); + free(ctx->drop); + free(name); + free(ctx); + return ret; + } + + ret = prepare_stmt(context, s->db, &ctx->stmt, str); + free(str); + str = NULL; + free(name); + if (ret) { + exec_stmt(context, s->db, ctx->drop, 0); + free(ctx->drop); + free(ctx); + return ret; + } + + ret = prepare_stmt(context, s->db, &ctx->credstmt, + "SELECT cred FROM credentials WHERE oid = ?"); + if (ret) { + sqlite3_finalize(ctx->stmt); + exec_stmt(context, s->db, ctx->drop, 0); + free(ctx->drop); + free(ctx); + return ret; + } + + *cursor = ctx; + + return 0; +} + +static krb5_error_code KRB5_CALLCONV +scc_get_next (krb5_context context, + krb5_ccache id, + krb5_cc_cursor *cursor, + krb5_creds *creds) +{ + struct cred_ctx *ctx = *cursor; + krb5_scache *s = SCACHE(id); + krb5_error_code ret; + sqlite_uint64 oid; + const void *data = NULL; + size_t len = 0; + +next: + ret = sqlite3_step(ctx->stmt); + if (ret == SQLITE_DONE) { + krb5_clear_error_message(context); + return KRB5_CC_END; + } else if (ret != SQLITE_ROW) { + krb5_set_error_message(context, KRB5_CC_IO, + N_("scache Database failed: %s", ""), + sqlite3_errmsg(s->db)); + return KRB5_CC_IO; + } + + oid = sqlite3_column_int64(ctx->stmt, 0); + + /* read cred from credentials table */ + + sqlite3_bind_int(ctx->credstmt, 1, oid); + + ret = sqlite3_step(ctx->credstmt); + if (ret != SQLITE_ROW) { + sqlite3_reset(ctx->credstmt); + goto next; + } + + if (sqlite3_column_type(ctx->credstmt, 0) != SQLITE_BLOB) { + krb5_set_error_message(context, KRB5_CC_END, + N_("credential of wrong type for SCC:%s:%s", ""), + s->name, s->file); + sqlite3_reset(ctx->credstmt); + return KRB5_CC_END; + } + + data = sqlite3_column_blob(ctx->credstmt, 0); + len = sqlite3_column_bytes(ctx->credstmt, 0); + + ret = decode_creds(context, data, len, creds); + sqlite3_reset(ctx->credstmt); + return ret; +} + +static krb5_error_code KRB5_CALLCONV +scc_end_get (krb5_context context, + krb5_ccache id, + krb5_cc_cursor *cursor) +{ + struct cred_ctx *ctx = *cursor; + krb5_scache *s = SCACHE(id); + + sqlite3_finalize(ctx->stmt); + sqlite3_finalize(ctx->credstmt); + + exec_stmt(context, s->db, ctx->drop, 0); + + free(ctx->drop); + free(ctx); + + return 0; +} + +static krb5_error_code KRB5_CALLCONV +scc_remove_cred(krb5_context context, + krb5_ccache id, + krb5_flags which, + krb5_creds *mcreds) +{ + krb5_scache *s = SCACHE(id); + krb5_error_code ret; + sqlite3_stmt *stmt; + sqlite_uint64 credid = 0; + const void *data = NULL; + size_t len = 0; + + ret = make_database(context, s); + if (ret) + return ret; + + ret = prepare_stmt(context, s->db, &stmt, + "SELECT cred,oid FROM credentials " + "WHERE cid = ?"); + if (ret) + return ret; + + sqlite3_bind_int(stmt, 1, s->cid); + + /* find credential... */ + while (1) { + krb5_creds creds; + + ret = sqlite3_step(stmt); + if (ret == SQLITE_DONE) { + ret = 0; + break; + } else if (ret != SQLITE_ROW) { + ret = KRB5_CC_IO; + krb5_set_error_message(context, ret, + N_("scache Database failed: %s", ""), + sqlite3_errmsg(s->db)); + break; + } + + if (sqlite3_column_type(stmt, 0) != SQLITE_BLOB) { + ret = KRB5_CC_END; + krb5_set_error_message(context, ret, + N_("Credential of wrong type " + "for SCC:%s:%s", ""), + s->name, s->file); + break; + } + + data = sqlite3_column_blob(stmt, 0); + len = sqlite3_column_bytes(stmt, 0); + + ret = decode_creds(context, data, len, &creds); + if (ret) + break; + + ret = krb5_compare_creds(context, which, mcreds, &creds); + krb5_free_cred_contents(context, &creds); + if (ret) { + credid = sqlite3_column_int64(stmt, 1); + ret = 0; + break; + } + } + + sqlite3_finalize(stmt); + + if (id) { + ret = prepare_stmt(context, s->db, &stmt, + "DELETE FROM credentials WHERE oid=?"); + if (ret) + return ret; + sqlite3_bind_int(stmt, 1, credid); + + do { + ret = sqlite3_step(stmt); + } while (ret == SQLITE_ROW); + sqlite3_finalize(stmt); + if (ret != SQLITE_DONE) { + ret = KRB5_CC_IO; + krb5_set_error_message(context, ret, + N_("failed to delete scache credental", "")); + } else + ret = 0; + } + + return ret; +} + +static krb5_error_code KRB5_CALLCONV +scc_set_flags(krb5_context context, + krb5_ccache id, + krb5_flags flags) +{ + return 0; /* XXX */ +} + +struct cache_iter { + char *drop; + sqlite3 *db; + sqlite3_stmt *stmt; +}; + +static krb5_error_code KRB5_CALLCONV +scc_get_cache_first(krb5_context context, krb5_cc_cursor *cursor) +{ + struct cache_iter *ctx; + krb5_error_code ret; + char *name = NULL, *str = NULL; + + *cursor = NULL; + + ctx = calloc(1, sizeof(*ctx)); + if (ctx == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + + ret = default_db(context, &ctx->db); + if (ctx->db == NULL) { + free(ctx); + return ret; + } + + ret = asprintf(&name, "cacheIteration%pPid%d", + ctx, (int)getpid()); + if (ret < 0 || name == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + sqlite3_close(ctx->db); + free(ctx); + return ENOMEM; + } + + ret = asprintf(&ctx->drop, "DROP TABLE %s", name); + if (ret < 0 || ctx->drop == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + sqlite3_close(ctx->db); + free(name); + free(ctx); + return ENOMEM; + } + + ret = asprintf(&str, "CREATE TEMPORARY TABLE %s AS SELECT name FROM caches", + name); + if (ret < 0 || str == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + sqlite3_close(ctx->db); + free(name); + free(ctx->drop); + free(ctx); + return ENOMEM; + } + + ret = exec_stmt(context, ctx->db, str, KRB5_CC_IO); + free(str); + str = NULL; + if (ret) { + sqlite3_close(ctx->db); + free(name); + free(ctx->drop); + free(ctx); + return ret; + } + + ret = asprintf(&str, "SELECT name FROM %s", name); + free(name); + if (ret < 0 || str == NULL) { + exec_stmt(context, ctx->db, ctx->drop, 0); + sqlite3_close(ctx->db); + free(name); + free(ctx->drop); + free(ctx); + return ENOMEM; + } + + ret = prepare_stmt(context, ctx->db, &ctx->stmt, str); + free(str); + if (ret) { + exec_stmt(context, ctx->db, ctx->drop, 0); + sqlite3_close(ctx->db); + free(ctx->drop); + free(ctx); + return ret; + } + + *cursor = ctx; + + return 0; +} + +static krb5_error_code KRB5_CALLCONV +scc_get_cache_next(krb5_context context, + krb5_cc_cursor cursor, + krb5_ccache *id) +{ + struct cache_iter *ctx = cursor; + krb5_error_code ret; + const char *name; + +again: + ret = sqlite3_step(ctx->stmt); + if (ret == SQLITE_DONE) { + krb5_clear_error_message(context); + return KRB5_CC_END; + } else if (ret != SQLITE_ROW) { + krb5_set_error_message(context, KRB5_CC_IO, + N_("Database failed: %s", ""), + sqlite3_errmsg(ctx->db)); + return KRB5_CC_IO; + } + + if (sqlite3_column_type(ctx->stmt, 0) != SQLITE_TEXT) + goto again; + + name = (const char *)sqlite3_column_text(ctx->stmt, 0); + if (name == NULL) + goto again; + + ret = _krb5_cc_allocate(context, &krb5_scc_ops, id); + if (ret) + return ret; + + return scc_resolve(context, id, name); +} + +static krb5_error_code KRB5_CALLCONV +scc_end_cache_get(krb5_context context, krb5_cc_cursor cursor) +{ + struct cache_iter *ctx = cursor; + + exec_stmt(context, ctx->db, ctx->drop, 0); + sqlite3_finalize(ctx->stmt); + sqlite3_close(ctx->db); + free(ctx->drop); + free(ctx); + return 0; +} + +static krb5_error_code KRB5_CALLCONV +scc_move(krb5_context context, krb5_ccache from, krb5_ccache to) +{ + krb5_scache *sfrom = SCACHE(from); + krb5_scache *sto = SCACHE(to); + krb5_error_code ret; + + if (strcmp(sfrom->file, sto->file) != 0) { + krb5_set_error_message(context, KRB5_CC_BADNAME, + N_("Can't handle cross database " + "credential move: %s -> %s", ""), + sfrom->file, sto->file); + return KRB5_CC_BADNAME; + } + + ret = make_database(context, sfrom); + if (ret) + return ret; + + ret = exec_stmt(context, sfrom->db, + "BEGIN IMMEDIATE TRANSACTION", KRB5_CC_IO); + if (ret) return ret; + + if (sto->cid != SCACHE_INVALID_CID) { + /* drop old cache entry */ + + sqlite3_bind_int(sfrom->dcache, 1, sto->cid); + do { + ret = sqlite3_step(sfrom->dcache); + } while (ret == SQLITE_ROW); + sqlite3_reset(sfrom->dcache); + if (ret != SQLITE_DONE) { + krb5_set_error_message(context, KRB5_CC_IO, + N_("Failed to delete old cache: %d", ""), + (int)ret); + goto rollback; + } + } + + sqlite3_bind_text(sfrom->ucachen, 1, sto->name, -1, NULL); + sqlite3_bind_int(sfrom->ucachen, 2, sfrom->cid); + + do { + ret = sqlite3_step(sfrom->ucachen); + } while (ret == SQLITE_ROW); + sqlite3_reset(sfrom->ucachen); + if (ret != SQLITE_DONE) { + krb5_set_error_message(context, KRB5_CC_IO, + N_("Failed to update new cache: %d", ""), + (int)ret); + goto rollback; + } + + sto->cid = sfrom->cid; + + ret = exec_stmt(context, sfrom->db, "COMMIT", KRB5_CC_IO); + if (ret) return ret; + + scc_free(sfrom); + + return 0; + +rollback: + exec_stmt(context, sfrom->db, "ROLLBACK", 0); + scc_free(sfrom); + + return KRB5_CC_IO; +} + +static krb5_error_code KRB5_CALLCONV +scc_get_default_name(krb5_context context, char **str) +{ + krb5_error_code ret; + char *name; + + *str = NULL; + + ret = get_def_name(context, &name); + if (ret) + return _krb5_expand_default_cc_name(context, KRB5_SCACHE_NAME, str); + + ret = asprintf(str, "SCC:%s", name); + free(name); + if (ret < 0 || *str == NULL) { + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); + return ENOMEM; + } + return 0; +} + +static krb5_error_code KRB5_CALLCONV +scc_set_default(krb5_context context, krb5_ccache id) +{ + krb5_scache *s = SCACHE(id); + krb5_error_code ret; + + if (s->cid == SCACHE_INVALID_CID) { + krb5_set_error_message(context, KRB5_CC_IO, + N_("Trying to set a invalid cache " + "as default %s", ""), + s->name); + return KRB5_CC_IO; + } + + ret = sqlite3_bind_text(s->umaster, 1, s->name, -1, NULL); + if (ret) { + sqlite3_reset(s->umaster); + krb5_set_error_message(context, KRB5_CC_IO, + N_("Failed to set name of default cache", "")); + return KRB5_CC_IO; + } + + do { + ret = sqlite3_step(s->umaster); + } while (ret == SQLITE_ROW); + sqlite3_reset(s->umaster); + if (ret != SQLITE_DONE) { + krb5_set_error_message(context, KRB5_CC_IO, + N_("Failed to update default cache", "")); + return KRB5_CC_IO; + } + + return 0; +} + +/** + * Variable containing the SCC based credential cache implemention. + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_VARIABLE const krb5_cc_ops krb5_scc_ops = { + KRB5_CC_OPS_VERSION, + "SCC", + scc_get_name, + scc_resolve, + scc_gen_new, + scc_initialize, + scc_destroy, + scc_close, + scc_store_cred, + NULL, /* scc_retrieve */ + scc_get_principal, + scc_get_first, + scc_get_next, + scc_end_get, + scc_remove_cred, + scc_set_flags, + NULL, + scc_get_cache_first, + scc_get_cache_next, + scc_end_cache_get, + scc_move, + scc_get_default_name, + scc_set_default +}; + +#endif diff --git a/lib/krb5/send_to_kdc.c b/lib/krb5/send_to_kdc.c index 2582a615c052..edf1d33c9d1c 100644 --- a/lib/krb5/send_to_kdc.c +++ b/lib/krb5/send_to_kdc.c @@ -1,39 +1,38 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" - -RCSID("$Id: send_to_kdc.c 21934 2007-08-27 14:21:04Z lha $"); +#include "send_to_kdc_plugin.h" struct send_to_kdc { krb5_send_to_kdc_func func; @@ -48,7 +47,7 @@ struct send_to_kdc { */ static int -recv_loop (int fd, +recv_loop (krb5_socket_t fd, time_t tmout, int udp, size_t limit, @@ -59,9 +58,11 @@ recv_loop (int fd, int ret; int nbytes; +#ifndef NO_LIMIT_FD_SETSIZE if (fd >= FD_SETSIZE) { return -1; } +#endif krb5_data_zero(rep); do { @@ -79,7 +80,7 @@ recv_loop (int fd, } else { void *tmp; - if (ioctl (fd, FIONREAD, &nbytes) < 0) { + if (rk_SOCK_IOCTL (fd, FIONREAD, &nbytes) < 0) { krb5_data_free (rep); return -1; } @@ -87,7 +88,7 @@ recv_loop (int fd, return 0; if (limit) - nbytes = min(nbytes, limit - rep->length); + nbytes = min((size_t)nbytes, limit - rep->length); tmp = realloc (rep->data, rep->length + nbytes); if (tmp == NULL) { @@ -112,7 +113,7 @@ recv_loop (int fd, */ static int -send_and_recv_udp(int fd, +send_and_recv_udp(krb5_socket_t fd, time_t tmout, const krb5_data *req, krb5_data *rep) @@ -131,7 +132,7 @@ send_and_recv_udp(int fd, */ static int -send_and_recv_tcp(int fd, +send_and_recv_tcp(krb5_socket_t fd, time_t tmout, const krb5_data *req, krb5_data *rep) @@ -141,9 +142,9 @@ send_and_recv_tcp(int fd, krb5_data len_data; _krb5_put_int(len, req->length, 4); - if(net_write(fd, len, sizeof(len)) < 0) + if(net_write (fd, len, sizeof(len)) < 0) return -1; - if(net_write(fd, req->data, req->length) < 0) + if(net_write (fd, req->data, req->length) < 0) return -1; if (recv_loop (fd, tmout, 0, 4, &len_data) < 0) return -1; @@ -163,7 +164,7 @@ send_and_recv_tcp(int fd, } int -_krb5_send_and_recv_tcp(int fd, +_krb5_send_and_recv_tcp(krb5_socket_t fd, time_t tmout, const krb5_data *req, krb5_data *rep) @@ -176,22 +177,22 @@ _krb5_send_and_recv_tcp(int fd, */ static int -send_and_recv_http(int fd, +send_and_recv_http(krb5_socket_t fd, time_t tmout, const char *prefix, const krb5_data *req, krb5_data *rep) { - char *request; + char *request = NULL; char *str; int ret; int len = base64_encode(req->data, req->length, &str); if(len < 0) return -1; - asprintf(&request, "GET %s%s HTTP/1.0\r\n\r\n", prefix, str); + ret = asprintf(&request, "GET %s%s HTTP/1.0\r\n\r\n", prefix, str); free(str); - if (request == NULL) + if (ret < 0 || request == NULL) return -1; ret = net_write (fd, request, strlen(request)); free (request); @@ -260,14 +261,14 @@ send_via_proxy (krb5_context context, { char *proxy2 = strdup(context->http_proxy); char *proxy = proxy2; - char *prefix; + char *prefix = NULL; char *colon; struct addrinfo hints; struct addrinfo *ai, *a; int ret; - int s = -1; + krb5_socket_t s = rk_INVALID_SOCKET; char portstr[NI_MAXSERV]; - + if (proxy == NULL) return ENOMEM; if (strncmp (proxy, "http://", 7) == 0) @@ -287,11 +288,12 @@ send_via_proxy (krb5_context context, return krb5_eai_to_heim_errno(ret, errno); for (a = ai; a != NULL; a = a->ai_next) { - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); + s = socket (a->ai_family, a->ai_socktype | SOCK_CLOEXEC, a->ai_protocol); if (s < 0) continue; + rk_cloexec(s); if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - close (s); + rk_closesocket (s); continue; } break; @@ -302,34 +304,74 @@ send_via_proxy (krb5_context context, } freeaddrinfo (ai); - asprintf(&prefix, "http://%s/", hi->hostname); - if(prefix == NULL) { + ret = asprintf(&prefix, "http://%s/", hi->hostname); + if(ret < 0 || prefix == NULL) { close(s); return 1; } ret = send_and_recv_http(s, context->kdc_timeout, prefix, send_data, receive); - close (s); + rk_closesocket (s); free(prefix); if(ret == 0 && receive->length != 0) return 0; return 1; } +static krb5_error_code +send_via_plugin(krb5_context context, + krb5_krbhst_info *hi, + time_t timeout, + const krb5_data *send_data, + krb5_data *receive) +{ + struct krb5_plugin *list = NULL, *e; + krb5_error_code ret; + + ret = _krb5_plugin_find(context, PLUGIN_TYPE_DATA, KRB5_PLUGIN_SEND_TO_KDC, &list); + if(ret != 0 || list == NULL) + return KRB5_PLUGIN_NO_HANDLE; + + for (e = list; e != NULL; e = _krb5_plugin_get_next(e)) { + krb5plugin_send_to_kdc_ftable *service; + void *ctx; + + service = _krb5_plugin_get_symbol(e); + if (service->minor_version != 0) + continue; + + (*service->init)(context, &ctx); + ret = (*service->send_to_kdc)(context, ctx, hi, + timeout, send_data, receive); + (*service->fini)(ctx); + if (ret == 0) + break; + if (ret != KRB5_PLUGIN_NO_HANDLE) { + krb5_set_error_message(context, ret, + N_("Plugin send_to_kdc failed to " + "lookup with error: %d", ""), ret); + break; + } + } + _krb5_plugin_free(list); + return KRB5_PLUGIN_NO_HANDLE; +} + + /* * Send the data `send' to one host from `handle` and get back the reply * in `receive'. */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sendto (krb5_context context, const krb5_data *send_data, - krb5_krbhst_handle handle, + krb5_krbhst_handle handle, krb5_data *receive) { krb5_error_code ret; - int fd; - int i; + krb5_socket_t fd; + size_t i; krb5_data_zero(receive); @@ -339,16 +381,27 @@ krb5_sendto (krb5_context context, while (krb5_krbhst_next(context, handle, &hi) == 0) { struct addrinfo *ai, *a; + _krb5_debug(context, 2, + "trying to communicate with host %s in realm %s", + hi->hostname, _krb5_krbhst_get_realm(handle)); + if (context->send_to_kdc) { struct send_to_kdc *s = context->send_to_kdc; - ret = (*s->func)(context, s->data, - hi, send_data, receive); + ret = (*s->func)(context, s->data, hi, + context->kdc_timeout, send_data, receive); if (ret == 0 && receive->length != 0) goto out; continue; } + ret = send_via_plugin(context, hi, context->kdc_timeout, + send_data, receive); + if (ret == 0 && receive->length != 0) + goto out; + else if (ret != KRB5_PLUGIN_NO_HANDLE) + continue; + if(hi->proto == KRB5_KRBHST_HTTP && context->http_proxy) { if (send_via_proxy (context, hi, send_data, receive) == 0) { ret = 0; @@ -362,11 +415,12 @@ krb5_sendto (krb5_context context, continue; for (a = ai; a != NULL; a = a->ai_next) { - fd = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (fd < 0) + fd = socket (a->ai_family, a->ai_socktype | SOCK_CLOEXEC, a->ai_protocol); + if (rk_IS_BAD_SOCKET(fd)) continue; + rk_cloexec(fd); if (connect (fd, a->ai_addr, a->ai_addrlen) < 0) { - close (fd); + rk_closesocket (fd); continue; } switch (hi->proto) { @@ -383,20 +437,23 @@ krb5_sendto (krb5_context context, send_data, receive); break; } - close (fd); + rk_closesocket (fd); if(ret == 0 && receive->length != 0) goto out; } } krb5_krbhst_reset(context, handle); } - krb5_clear_error_string (context); + krb5_clear_error_message (context); ret = KRB5_KDC_UNREACH; out: + _krb5_debug(context, 2, + "result of trying to talk to realm %s = %d", + _krb5_krbhst_get_realm(handle), ret); return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sendto_kdc(krb5_context context, const krb5_data *send_data, const krb5_realm *realm, @@ -405,7 +462,7 @@ krb5_sendto_kdc(krb5_context context, return krb5_sendto_kdc_flags(context, send_data, realm, receive, 0); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sendto_kdc_flags(krb5_context context, const krb5_data *send_data, const krb5_realm *realm, @@ -426,8 +483,8 @@ krb5_sendto_kdc_flags(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_send_to_kdc_func(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_set_send_to_kdc_func(krb5_context context, krb5_send_to_kdc_func func, void *data) { @@ -439,7 +496,8 @@ krb5_set_send_to_kdc_func(krb5_context context, context->send_to_kdc = malloc(sizeof(*context->send_to_kdc)); if (context->send_to_kdc == NULL) { - krb5_set_error_string(context, "Out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } @@ -448,6 +506,19 @@ krb5_set_send_to_kdc_func(krb5_context context, return 0; } +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +_krb5_copy_send_to_kdc_func(krb5_context context, krb5_context to) +{ + if (context->send_to_kdc) + return krb5_set_send_to_kdc_func(to, + context->send_to_kdc->func, + context->send_to_kdc->data); + else + return krb5_set_send_to_kdc_func(to, NULL, NULL); +} + + + struct krb5_sendto_ctx_data { int flags; int type; @@ -455,37 +526,38 @@ struct krb5_sendto_ctx_data { void *data; }; -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sendto_ctx_alloc(krb5_context context, krb5_sendto_ctx *ctx) { *ctx = calloc(1, sizeof(**ctx)); if (*ctx == NULL) { - krb5_set_error_string(context, "out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } return 0; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_sendto_ctx_add_flags(krb5_sendto_ctx ctx, int flags) { ctx->flags |= flags; } -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_sendto_ctx_get_flags(krb5_sendto_ctx ctx) { return ctx->flags; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_sendto_ctx_set_type(krb5_sendto_ctx ctx, int type) { ctx->type = type; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_sendto_ctx_set_func(krb5_sendto_ctx ctx, krb5_sendto_ctx_func func, void *data) @@ -494,14 +566,14 @@ krb5_sendto_ctx_set_func(krb5_sendto_ctx ctx, ctx->data = data; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_sendto_ctx_free(krb5_context context, krb5_sendto_ctx ctx) { memset(ctx, 0, sizeof(*ctx)); free(ctx); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sendto_context(krb5_context context, krb5_sendto_ctx ctx, const krb5_data *send_data, @@ -530,7 +602,7 @@ krb5_sendto_context(krb5_context context, type = KRB5_KRBHST_KDC; } - if (send_data->length > context->large_msg_size) + if ((int)send_data->length > context->large_msg_size) ctx->flags |= KRB5_KRBHST_FLAGS_LARGE_MSG; /* loop until we get back a appropriate response */ @@ -541,7 +613,7 @@ krb5_sendto_context(krb5_context context, krb5_data_free(receive); if (handle == NULL) { - ret = krb5_krbhst_init_flags(context, realm, type, + ret = krb5_krbhst_init_flags(context, realm, type, ctx->flags, &handle); if (ret) { if (freectx) @@ -549,7 +621,7 @@ krb5_sendto_context(krb5_context context, return ret; } } - + ret = krb5_sendto(context, send_data, handle, receive); if (ret) break; @@ -566,8 +638,9 @@ krb5_sendto_context(krb5_context context, if (handle) krb5_krbhst_free(context, handle); if (ret == KRB5_KDC_UNREACH) - krb5_set_error_string(context, - "unable to reach any KDC in realm %s", realm); + krb5_set_error_message(context, ret, + N_("unable to reach any KDC in realm %s", ""), + realm); if (ret) krb5_data_free(receive); if (freectx) @@ -575,7 +648,7 @@ krb5_sendto_context(krb5_context context, return ret; } -krb5_error_code +krb5_error_code KRB5_CALLCONV _krb5_kdc_retry(krb5_context context, krb5_sendto_ctx ctx, void *data, const krb5_data *reply, int *action) { diff --git a/lib/krb5/send_to_kdc_plugin.h b/lib/krb5/send_to_kdc_plugin.h new file mode 100644 index 000000000000..c729a1286bae --- /dev/null +++ b/lib/krb5/send_to_kdc_plugin.h @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef HEIMDAL_KRB5_SEND_TO_KDC_PLUGIN_H +#define HEIMDAL_KRB5_SEND_TO_KDC_PLUGIN_H 1 + +#include + +#define KRB5_PLUGIN_SEND_TO_KDC "send_to_kdc" + +typedef krb5_error_code +(*krb5plugin_send_to_kdc_func)(krb5_context, + void *, + krb5_krbhst_info *, + time_t timeout, + const krb5_data *, + krb5_data *); + +typedef struct krb5plugin_send_to_kdc_ftable { + int minor_version; + krb5_error_code (*init)(krb5_context, void **); + void (*fini)(void *); + krb5plugin_send_to_kdc_func send_to_kdc; +} krb5plugin_send_to_kdc_ftable; + +#endif /* HEIMDAL_KRB5_SEND_TO_KDC_PLUGIN_H */ diff --git a/lib/krb5/sendauth.c b/lib/krb5/sendauth.c index a7242f0daf9c..d334d34497ab 100644 --- a/lib/krb5/sendauth.c +++ b/lib/krb5/sendauth.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: sendauth.c 17442 2006-05-05 09:31:15Z lha $"); - /* * The format seems to be: * client -> server @@ -62,7 +60,7 @@ RCSID("$Id: sendauth.c 17442 2006-05-05 09:31:15Z lha $"); * } */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sendauth(krb5_context context, krb5_auth_context *auth_context, krb5_pointer p_fd, @@ -93,7 +91,7 @@ krb5_sendauth(krb5_context context, if (krb5_net_write (context, p_fd, &net_len, 4) != 4 || krb5_net_write (context, p_fd, version, len) != len) { ret = errno; - krb5_set_error_string (context, "write: %s", strerror(ret)); + krb5_set_error_message (context, ret, "write: %s", strerror(ret)); return ret; } @@ -102,22 +100,22 @@ krb5_sendauth(krb5_context context, if (krb5_net_write (context, p_fd, &net_len, 4) != 4 || krb5_net_write (context, p_fd, appl_version, len) != len) { ret = errno; - krb5_set_error_string (context, "write: %s", strerror(ret)); + krb5_set_error_message (context, ret, "write: %s", strerror(ret)); return ret; } sret = krb5_net_read (context, p_fd, &repl, sizeof(repl)); if (sret < 0) { ret = errno; - krb5_set_error_string (context, "read: %s", strerror(ret)); + krb5_set_error_message (context, ret, "read: %s", strerror(ret)); return ret; } else if (sret != sizeof(repl)) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_SENDAUTH_BADRESPONSE; } if (repl != 0) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5_SENDAUTH_REJECTED; } @@ -205,14 +203,15 @@ krb5_sendauth(krb5_context context, } return ret; } else { - krb5_clear_error_string(context); + krb5_clear_error_message(context); return ret; } - } + } else + krb5_data_free (&error_data); if (ap_req_options & AP_OPTS_MUTUAL_REQUIRED) { krb5_data ap_rep; - krb5_ap_rep_enc_part *ignore; + krb5_ap_rep_enc_part *ignore = NULL; krb5_data_zero (&ap_rep); ret = krb5_read_message (context, diff --git a/lib/krb5/set_default_realm.c b/lib/krb5/set_default_realm.c index 98040bc2e9d6..ddce677c1ac8 100644 --- a/lib/krb5/set_default_realm.c +++ b/lib/krb5/set_default_realm.c @@ -1,42 +1,40 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: set_default_realm.c 13863 2004-05-25 21:46:46Z lha $"); - /* - * Convert the simple string `s' into a NULL-terminated and freshly allocated + * Convert the simple string `s' into a NULL-terminated and freshly allocated * list in `list'. Return an error code. */ @@ -46,13 +44,15 @@ string_to_list (krb5_context context, const char *s, krb5_realm **list) *list = malloc (2 * sizeof(**list)); if (*list == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } (*list)[0] = strdup (s); if ((*list)[0] == NULL) { free (*list); - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } (*list)[1] = NULL; @@ -62,10 +62,10 @@ string_to_list (krb5_context context, const char *s, krb5_realm **list) /* * Set the knowledge of the default realm(s) in `context'. * If realm != NULL, that's the new default realm. - * Otherwise, the realm(s) are figured out from configuration or DNS. + * Otherwise, the realm(s) are figured out from configuration or DNS. */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_default_realm(krb5_context context, const char *realm) { diff --git a/lib/krb5/sock_principal.c b/lib/krb5/sock_principal.c index 9b4ba978a1b6..a43546de3405 100644 --- a/lib/krb5/sock_principal.c +++ b/lib/krb5/sock_principal.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: sock_principal.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sock_to_principal (krb5_context context, int sock, const char *sname, @@ -50,15 +48,15 @@ krb5_sock_to_principal (krb5_context context, if (getsockname (sock, sa, &salen) < 0) { ret = errno; - krb5_set_error_string (context, "getsockname: %s", strerror(ret)); + krb5_set_error_message (context, ret, "getsockname: %s", strerror(ret)); return ret; } ret = getnameinfo (sa, salen, hostname, sizeof(hostname), NULL, 0, 0); if (ret) { int save_errno = errno; - - krb5_set_error_string (context, "getnameinfo: %s", gai_strerror(ret)); - return krb5_eai_to_heim_errno(ret, save_errno); + krb5_error_code ret2 = krb5_eai_to_heim_errno(ret, save_errno); + krb5_set_error_message (context, ret2, "getnameinfo: %s", gai_strerror(ret)); + return ret2; } ret = krb5_sname_to_principal (context, diff --git a/lib/krb5/store-int.c b/lib/krb5/store-int.c new file mode 100644 index 000000000000..d57762971816 --- /dev/null +++ b/lib/krb5/store-int.c @@ -0,0 +1,58 @@ +/* + * Copyright (c) 1997-2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL +_krb5_put_int(void *buffer, unsigned long value, size_t size) +{ + unsigned char *p = buffer; + int i; + for (i = size - 1; i >= 0; i--) { + p[i] = value & 0xff; + value >>= 8; + } + return size; +} + +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL +_krb5_get_int(void *buffer, unsigned long *value, size_t size) +{ + unsigned char *p = buffer; + unsigned long v = 0; + size_t i; + for (i = 0; i < size; i++) + v = (v << 8) + p[i]; + *value = v; + return size; +} diff --git a/lib/krb5/store-int.h b/lib/krb5/store-int.h index 42e695a11bc6..877ccc008dc9 100644 --- a/lib/krb5/store-int.h +++ b/lib/krb5/store-int.h @@ -1,34 +1,34 @@ /* - * Copyright (c) 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #ifndef __store_int_h__ @@ -39,9 +39,11 @@ struct krb5_storage_data { ssize_t (*fetch)(struct krb5_storage_data*, void*, size_t); ssize_t (*store)(struct krb5_storage_data*, const void*, size_t); off_t (*seek)(struct krb5_storage_data*, off_t, int); + int (*trunc)(struct krb5_storage_data*, off_t); void (*free)(struct krb5_storage_data*); krb5_flags flags; int eof_code; + size_t max_alloc; }; #endif /* __store_int_h__ */ diff --git a/lib/krb5/store-test.c b/lib/krb5/store-test.c index aec2dfe7cb35..3d0f9e0b46cf 100644 --- a/lib/krb5/store-test.c +++ b/lib/krb5/store-test.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,8 +32,6 @@ #include "krb5_locl.h" -RCSID("$Id: store-test.c 16344 2005-12-02 15:15:43Z lha $"); - static void print_data(unsigned char *data, size_t len) { @@ -51,7 +49,8 @@ compare(const char *name, krb5_storage *sp, void *expected, size_t len) { int ret = 0; krb5_data data; - krb5_storage_to_data(sp, &data); + if (krb5_storage_to_data(sp, &data)) + errx(1, "krb5_storage_to_data failed"); krb5_storage_free(sp); if(data.length != len || memcmp(data.data, expected, len) != 0) { printf("%s mismatch\n", name); @@ -72,7 +71,7 @@ main(int argc, char **argv) krb5_storage *sp; krb5_context context; krb5_principal principal; - + krb5_init_context(&context); @@ -96,9 +95,9 @@ main(int argc, char **argv) { int test = 1; void *data; - if(*(char*)&test) + if(*(char*)&test) data = "\x4\x3\x2\x1"; - else + else data = "\x1\x2\x3\x4"; nerr += compare("Integer (host)", sp, data, 4); } @@ -111,7 +110,7 @@ main(int argc, char **argv) "\x0\x0\x0\x1" "\x0\x0\x0\x4TEST" "\x0\x0\x0\x6""foobar", 26); - + krb5_free_context(context); return nerr ? 1 : 0; diff --git a/lib/krb5/store.c b/lib/krb5/store.c index c9cbbb5cef33..3aeb8d628144 100644 --- a/lib/krb5/store.c +++ b/lib/krb5/store.c @@ -1,127 +1,273 @@ /* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" #include "store-int.h" -RCSID("$Id: store.c 22071 2007-11-14 20:04:50Z lha $"); - #define BYTEORDER_IS(SP, V) (((SP)->flags & KRB5_STORAGE_BYTEORDER_MASK) == (V)) #define BYTEORDER_IS_LE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_LE) #define BYTEORDER_IS_BE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_BE) #define BYTEORDER_IS_HOST(SP) (BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_HOST) || \ krb5_storage_is_flags((SP), KRB5_STORAGE_HOST_BYTEORDER)) -void KRB5_LIB_FUNCTION +/** + * Add the flags on a storage buffer by or-ing in the flags to the buffer. + * + * @param sp the storage buffer to set the flags on + * @param flags the flags to set + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_flags(krb5_storage *sp, krb5_flags flags) { sp->flags |= flags; } -void KRB5_LIB_FUNCTION +/** + * Clear the flags on a storage buffer + * + * @param sp the storage buffer to clear the flags on + * @param flags the flags to clear + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_clear_flags(krb5_storage *sp, krb5_flags flags) { sp->flags &= ~flags; } -krb5_boolean KRB5_LIB_FUNCTION +/** + * Return true or false depending on if the storage flags is set or + * not. NB testing for the flag 0 always return true. + * + * @param sp the storage buffer to check flags on + * @param flags The flags to test for + * + * @return true if all the flags are set, false if not. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL krb5_storage_is_flags(krb5_storage *sp, krb5_flags flags) { return (sp->flags & flags) == flags; } -void KRB5_LIB_FUNCTION +/** + * Set the new byte order of the storage buffer. + * + * @param sp the storage buffer to set the byte order for. + * @param byteorder the new byte order. + * + * The byte order are: KRB5_STORAGE_BYTEORDER_BE, + * KRB5_STORAGE_BYTEORDER_LE and KRB5_STORAGE_BYTEORDER_HOST. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_byteorder(krb5_storage *sp, krb5_flags byteorder) { sp->flags &= ~KRB5_STORAGE_BYTEORDER_MASK; sp->flags |= byteorder; } -krb5_flags KRB5_LIB_FUNCTION -krb5_storage_get_byteorder(krb5_storage *sp, krb5_flags byteorder) +/** + * Return the current byteorder for the buffer. See krb5_storage_set_byteorder() for the list or byte order contants. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL +krb5_storage_get_byteorder(krb5_storage *sp) { return sp->flags & KRB5_STORAGE_BYTEORDER_MASK; } -off_t KRB5_LIB_FUNCTION +/** + * Set the max alloc value + * + * @param sp the storage buffer set the max allow for + * @param size maximum size to allocate, use 0 to remove limit + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL +krb5_storage_set_max_alloc(krb5_storage *sp, size_t size) +{ + sp->max_alloc = size; +} + +/* don't allocate unresonable amount of memory */ +static krb5_error_code +size_too_large(krb5_storage *sp, size_t size) +{ + if (sp->max_alloc && sp->max_alloc < size) + return HEIM_ERR_TOO_BIG; + return 0; +} + +static krb5_error_code +size_too_large_num(krb5_storage *sp, size_t count, size_t size) +{ + if (sp->max_alloc == 0 || size == 0) + return 0; + size = sp->max_alloc / size; + if (size < count) + return HEIM_ERR_TOO_BIG; + return 0; +} + +/** + * Seek to a new offset. + * + * @param sp the storage buffer to seek in. + * @param offset the offset to seek + * @param whence relateive searching, SEEK_CUR from the current + * position, SEEK_END from the end, SEEK_SET absolute from the start. + * + * @return The new current offset + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL krb5_storage_seek(krb5_storage *sp, off_t offset, int whence) { return (*sp->seek)(sp, offset, whence); } -krb5_ssize_t KRB5_LIB_FUNCTION +/** + * Truncate the storage buffer in sp to offset. + * + * @param sp the storage buffer to truncate. + * @param offset the offset to truncate too. + * + * @return An Kerberos 5 error code. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION int KRB5_LIB_CALL +krb5_storage_truncate(krb5_storage *sp, off_t offset) +{ + return (*sp->trunc)(sp, offset); +} + +/** + * Read to the storage buffer. + * + * @param sp the storage buffer to read from + * @param buf the buffer to store the data in + * @param len the length to read + * + * @return The length of data read (can be shorter then len), or negative on error. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_storage_read(krb5_storage *sp, void *buf, size_t len) { return sp->fetch(sp, buf, len); } -krb5_ssize_t KRB5_LIB_FUNCTION +/** + * Write to the storage buffer. + * + * @param sp the storage buffer to write to + * @param buf the buffer to write to the storage buffer + * @param len the length to write + * + * @return The length of data written (can be shorter then len), or negative on error. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL krb5_storage_write(krb5_storage *sp, const void *buf, size_t len) { return sp->store(sp, buf, len); } -void KRB5_LIB_FUNCTION +/** + * Set the return code that will be used when end of storage is reached. + * + * @param sp the storage + * @param code the error code to return on end of storage + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_storage_set_eof_code(krb5_storage *sp, int code) { sp->eof_code = code; } -krb5_ssize_t KRB5_LIB_FUNCTION -_krb5_put_int(void *buffer, unsigned long value, size_t size) +/** + * Get the return code that will be used when end of storage is reached. + * + * @param sp the storage + * + * @return storage error code + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION int KRB5_LIB_CALL +krb5_storage_get_eof_code(krb5_storage *sp) { - unsigned char *p = buffer; - int i; - for (i = size - 1; i >= 0; i--) { - p[i] = value & 0xff; - value >>= 8; - } - return size; + return sp->eof_code; } -krb5_ssize_t KRB5_LIB_FUNCTION -_krb5_get_int(void *buffer, unsigned long *value, size_t size) -{ - unsigned char *p = buffer; - unsigned long v = 0; - int i; - for (i = 0; i < size; i++) - v = (v << 8) + p[i]; - *value = v; - return size; -} +/** + * Free a krb5 storage. + * + * @param sp the storage to free. + * + * @return An Kerberos 5 error code. + * + * @ingroup krb5_storage + */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_storage_free(krb5_storage *sp) { if(sp->free) @@ -131,16 +277,31 @@ krb5_storage_free(krb5_storage *sp) return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Copy the contnent of storage + * + * @param sp the storage to copy to a data + * @param data the copied data, free with krb5_data_free() + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_storage_to_data(krb5_storage *sp, krb5_data *data) { - off_t pos; - size_t size; + off_t pos, size; krb5_error_code ret; pos = sp->seek(sp, 0, SEEK_CUR); - size = (size_t)sp->seek(sp, 0, SEEK_END); - ret = krb5_data_alloc (data, size); + if (pos < 0) + return HEIM_ERR_NOT_SEEKABLE; + size = sp->seek(sp, 0, SEEK_END); + ret = size_too_large(sp, size); + if (ret) + return ret; + ret = krb5_data_alloc(data, size); if (ret) { sp->seek(sp, pos, SEEK_SET); return ret; @@ -165,12 +326,26 @@ krb5_store_int(krb5_storage *sp, return EINVAL; _krb5_put_int(v, value, len); ret = sp->store(sp, v, len); - if (ret != len) - return (ret<0)?errno:sp->eof_code; + if (ret < 0) + return errno; + if ((size_t)ret != len) + return sp->eof_code; return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Store a int32 to storage, byte order is controlled by the settings + * on the storage, see krb5_storage_set_byteorder(). + * + * @param sp the storage to write too + * @param value the value to store + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_int32(krb5_storage *sp, int32_t value) { @@ -181,7 +356,19 @@ krb5_store_int32(krb5_storage *sp, return krb5_store_int(sp, value, 4); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Store a uint32 to storage, byte order is controlled by the settings + * on the storage, see krb5_storage_set_byteorder(). + * + * @param sp the storage to write too + * @param value the value to store + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_uint32(krb5_storage *sp, uint32_t value) { @@ -197,14 +384,28 @@ krb5_ret_int(krb5_storage *sp, unsigned char v[4]; unsigned long w; ret = sp->fetch(sp, v, len); - if(ret != len) - return (ret<0)?errno:sp->eof_code; + if (ret < 0) + return errno; + if ((size_t)ret != len) + return sp->eof_code; _krb5_get_int(v, &w, len); *value = w; return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a int32 from storage, byte order is controlled by the settings + * on the storage, see krb5_storage_set_byteorder(). + * + * @param sp the storage to write too + * @param value the value read from the buffer + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_int32(krb5_storage *sp, int32_t *value) { @@ -218,7 +419,19 @@ krb5_ret_int32(krb5_storage *sp, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a uint32 from storage, byte order is controlled by the settings + * on the storage, see krb5_storage_set_byteorder(). + * + * @param sp the storage to write too + * @param value the value read from the buffer + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_uint32(krb5_storage *sp, uint32_t *value) { @@ -232,7 +445,19 @@ krb5_ret_uint32(krb5_storage *sp, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Store a int16 to storage, byte order is controlled by the settings + * on the storage, see krb5_storage_set_byteorder(). + * + * @param sp the storage to write too + * @param value the value to store + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_int16(krb5_storage *sp, int16_t value) { @@ -243,14 +468,38 @@ krb5_store_int16(krb5_storage *sp, return krb5_store_int(sp, value, 2); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Store a uint16 to storage, byte order is controlled by the settings + * on the storage, see krb5_storage_set_byteorder(). + * + * @param sp the storage to write too + * @param value the value to store + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_uint16(krb5_storage *sp, uint16_t value) { return krb5_store_int16(sp, (int16_t)value); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a int16 from storage, byte order is controlled by the settings + * on the storage, see krb5_storage_set_byteorder(). + * + * @param sp the storage to write too + * @param value the value read from the buffer + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_int16(krb5_storage *sp, int16_t *value) { @@ -267,7 +516,19 @@ krb5_ret_int16(krb5_storage *sp, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a int16 from storage, byte order is controlled by the settings + * on the storage, see krb5_storage_set_byteorder(). + * + * @param sp the storage to write too + * @param value the value read from the buffer + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_uint16(krb5_storage *sp, uint16_t *value) { @@ -281,7 +542,18 @@ krb5_ret_uint16(krb5_storage *sp, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Store a int8 to storage. + * + * @param sp the storage to write too + * @param value the value to store + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_int8(krb5_storage *sp, int8_t value) { @@ -293,14 +565,36 @@ krb5_store_int8(krb5_storage *sp, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Store a uint8 to storage. + * + * @param sp the storage to write too + * @param value the value to store + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_uint8(krb5_storage *sp, uint8_t value) { return krb5_store_int8(sp, (int8_t)value); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a int8 from storage + * + * @param sp the storage to write too + * @param value the value read from the buffer + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_int8(krb5_storage *sp, int8_t *value) { @@ -312,7 +606,18 @@ krb5_ret_int8(krb5_storage *sp, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a uint8 from storage + * + * @param sp the storage to write too + * @param value the value read from the buffer + * + * @return 0 for success, or a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_uint8(krb5_storage *sp, uint8_t *value) { @@ -326,7 +631,19 @@ krb5_ret_uint8(krb5_storage *sp, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Store a data to the storage. The data is stored with an int32 as + * lenght plus the data (not padded). + * + * @param sp the storage buffer to write to + * @param data the buffer to store. + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_data(krb5_storage *sp, krb5_data data) { @@ -335,15 +652,25 @@ krb5_store_data(krb5_storage *sp, if(ret < 0) return ret; ret = sp->store(sp, data.data, data.length); - if(ret != data.length){ - if(ret < 0) - return errno; + if(ret < 0) + return errno; + if((size_t)ret != data.length) return sp->eof_code; - } return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Parse a data from the storage. + * + * @param sp the storage buffer to read from + * @param data the parsed data + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_data(krb5_storage *sp, krb5_data *data) { @@ -353,6 +680,9 @@ krb5_ret_data(krb5_storage *sp, ret = krb5_ret_int32(sp, &size); if(ret) return ret; + ret = size_too_large(sp, size); + if (ret) + return ret; ret = krb5_data_alloc (data, size); if (ret) return ret; @@ -364,7 +694,19 @@ krb5_ret_data(krb5_storage *sp, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Store a string to the buffer. The data is formated as an len:uint32 + * plus the string itself (not padded). + * + * @param sp the storage buffer to write to + * @param s the string to store. + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_string(krb5_storage *sp, const char *s) { krb5_data data; @@ -373,7 +715,19 @@ krb5_store_string(krb5_storage *sp, const char *s) return krb5_store_data(sp, data); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Parse a string from the storage. + * + * @param sp the storage buffer to read from + * @param string the parsed string + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_string(krb5_storage *sp, char **string) { @@ -391,23 +745,44 @@ krb5_ret_string(krb5_storage *sp, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Store a zero terminated string to the buffer. The data is stored + * one character at a time until a NUL is stored. + * + * @param sp the storage buffer to write to + * @param s the string to store. + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_stringz(krb5_storage *sp, const char *s) { size_t len = strlen(s) + 1; ssize_t ret; ret = sp->store(sp, s, len); - if(ret != len) { - if(ret < 0) - return ret; - else - return sp->eof_code; - } + if(ret < 0) + return ret; + if((size_t)ret != len) + return sp->eof_code; return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Parse zero terminated string from the storage. + * + * @param sp the storage buffer to read from + * @param string the parsed string + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_stringz(krb5_storage *sp, char **string) { @@ -420,6 +795,9 @@ krb5_ret_stringz(krb5_storage *sp, char *tmp; len++; + ret = size_too_large(sp, len); + if (ret) + break; tmp = realloc (s, len); if (tmp == NULL) { free (s); @@ -440,19 +818,17 @@ krb5_ret_stringz(krb5_storage *sp, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_stringnl(krb5_storage *sp, const char *s) { size_t len = strlen(s); ssize_t ret; ret = sp->store(sp, s, len); - if(ret != len) { - if(ret < 0) - return ret; - else - return sp->eof_code; - } + if(ret < 0) + return ret; + if((size_t)ret != len) + return sp->eof_code; ret = sp->store(sp, "\n", 1); if(ret != 1) { if(ret < 0) @@ -465,7 +841,7 @@ krb5_store_stringnl(krb5_storage *sp, const char *s) } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_stringnl(krb5_storage *sp, char **string) { @@ -488,6 +864,9 @@ krb5_ret_stringnl(krb5_storage *sp, } len++; + ret = size_too_large(sp, len); + if (ret) + break; tmp = realloc (s, len); if (tmp == NULL) { free (s); @@ -510,12 +889,22 @@ krb5_ret_stringnl(krb5_storage *sp, return 0; } +/** + * Write a principal block to storage. + * + * @param sp the storage buffer to write to + * @param p the principal block to write. + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_principal(krb5_storage *sp, krb5_const_principal p) { - int i; + size_t i; int ret; if(!krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) { @@ -526,7 +915,7 @@ krb5_store_principal(krb5_storage *sp, ret = krb5_store_int32(sp, p->name.name_string.len + 1); else ret = krb5_store_int32(sp, p->name.name_string.len); - + if(ret) return ret; ret = krb5_store_string(sp, p->realm); if(ret) return ret; @@ -537,7 +926,18 @@ krb5_store_principal(krb5_storage *sp, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Parse principal from the storage. + * + * @param sp the storage buffer to read from + * @param princ the parsed principal + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_principal(krb5_storage *sp, krb5_principal *princ) { @@ -546,7 +946,7 @@ krb5_ret_principal(krb5_storage *sp, krb5_principal p; int32_t type; int32_t ncomp; - + p = calloc(1, sizeof(*p)); if(p == NULL) return ENOMEM; @@ -567,6 +967,11 @@ krb5_ret_principal(krb5_storage *sp, free(p); return EINVAL; } + ret = size_too_large_num(sp, ncomp, sizeof(p->name.name_string.val[0])); + if (ret) { + free(p); + return ret; + } p->name.name_type = type; p->name.name_string.len = ncomp; ret = krb5_ret_string(sp, &p->realm); @@ -574,7 +979,7 @@ krb5_ret_principal(krb5_storage *sp, free(p); return ret; } - p->name.name_string.val = calloc(ncomp, sizeof(*p->name.name_string.val)); + p->name.name_string.val = calloc(ncomp, sizeof(p->name.name_string.val[0])); if(p->name.name_string.val == NULL && ncomp != 0){ free(p->realm); free(p); @@ -594,7 +999,18 @@ krb5_ret_principal(krb5_storage *sp, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Store a keyblock to the storage. + * + * @param sp the storage buffer to write to + * @param p the keyblock to write + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_keyblock(krb5_storage *sp, krb5_keyblock p) { int ret; @@ -612,7 +1028,18 @@ krb5_store_keyblock(krb5_storage *sp, krb5_keyblock p) return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a keyblock from the storage. + * + * @param sp the storage buffer to write to + * @param p the keyblock read from storage, free using krb5_free_keyblock() + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_keyblock(krb5_storage *sp, krb5_keyblock *p) { int ret; @@ -631,7 +1058,18 @@ krb5_ret_keyblock(krb5_storage *sp, krb5_keyblock *p) return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Write a times block to storage. + * + * @param sp the storage buffer to write to + * @param times the times block to write. + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_times(krb5_storage *sp, krb5_times times) { int ret; @@ -645,7 +1083,18 @@ krb5_store_times(krb5_storage *sp, krb5_times times) return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a times block from the storage. + * + * @param sp the storage buffer to write to + * @param times the times block read from storage + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_times(krb5_storage *sp, krb5_times *times) { int ret; @@ -664,7 +1113,18 @@ krb5_ret_times(krb5_storage *sp, krb5_times *times) return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Write a address block to storage. + * + * @param sp the storage buffer to write to + * @param p the address block to write. + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_address(krb5_storage *sp, krb5_address p) { int ret; @@ -674,7 +1134,18 @@ krb5_store_address(krb5_storage *sp, krb5_address p) return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a address block from the storage. + * + * @param sp the storage buffer to write to + * @param adr the address block read from storage + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_address(krb5_storage *sp, krb5_address *adr) { int16_t t; @@ -686,10 +1157,21 @@ krb5_ret_address(krb5_storage *sp, krb5_address *adr) return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Write a addresses block to storage. + * + * @param sp the storage buffer to write to + * @param p the addresses block to write. + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_addrs(krb5_storage *sp, krb5_addresses p) { - int i; + size_t i; int ret; ret = krb5_store_int32(sp, p.len); if(ret) return ret; @@ -700,15 +1182,28 @@ krb5_store_addrs(krb5_storage *sp, krb5_addresses p) return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a addresses block from the storage. + * + * @param sp the storage buffer to write to + * @param adr the addresses block read from storage + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_addrs(krb5_storage *sp, krb5_addresses *adr) { - int i; + size_t i; int ret; int32_t tmp; ret = krb5_ret_int32(sp, &tmp); if(ret) return ret; + ret = size_too_large_num(sp, tmp, sizeof(adr->val[0])); + if (ret) return ret; adr->len = tmp; ALLOC(adr->val, adr->len); if (adr->val == NULL && adr->len != 0) @@ -720,11 +1215,22 @@ krb5_ret_addrs(krb5_storage *sp, krb5_addresses *adr) return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Write a auth data block to storage. + * + * @param sp the storage buffer to write to + * @param auth the auth data block to write. + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_authdata(krb5_storage *sp, krb5_authdata auth) { krb5_error_code ret; - int i; + size_t i; ret = krb5_store_int32(sp, auth.len); if(ret) return ret; for(i = 0; i < auth.len; i++){ @@ -736,7 +1242,18 @@ krb5_store_authdata(krb5_storage *sp, krb5_authdata auth) return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a auth data from the storage. + * + * @param sp the storage buffer to write to + * @param auth the auth data block read from storage + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_authdata(krb5_storage *sp, krb5_authdata *auth) { krb5_error_code ret; @@ -745,6 +1262,8 @@ krb5_ret_authdata(krb5_storage *sp, krb5_authdata *auth) int i; ret = krb5_ret_int32(sp, &tmp); if(ret) return ret; + ret = size_too_large_num(sp, tmp, sizeof(auth->val[0])); + if (ret) return ret; ALLOC_SEQ(auth, tmp); if (auth->val == NULL && tmp != 0) return ENOMEM; @@ -770,12 +1289,18 @@ bitswap32(int32_t b) return r; } - -/* +/** + * Write a credentials block to storage. * + * @param sp the storage buffer to write to + * @param creds the creds block to write. + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_creds(krb5_storage *sp, krb5_creds *creds) { int ret; @@ -816,7 +1341,18 @@ krb5_store_creds(krb5_storage *sp, krb5_creds *creds) return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a credentials block from the storage. + * + * @param sp the storage buffer to write to + * @param creds the credentials block read from storage + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_creds(krb5_storage *sp, krb5_creds *creds) { krb5_error_code ret; @@ -862,7 +1398,7 @@ krb5_ret_creds(krb5_storage *sp, krb5_creds *creds) ret = krb5_ret_data (sp, &creds->second_ticket); cleanup: if(ret) { -#if 0 +#if 0 krb5_free_cred_contents(context, creds); /* XXX */ #endif } @@ -877,11 +1413,18 @@ krb5_ret_creds(krb5_storage *sp, krb5_creds *creds) #define SC_AUTHDATA 0x0020 #define SC_ADDRESSES 0x0040 -/* +/** + * Write a tagged credentials block to storage. * + * @param sp the storage buffer to write to + * @param creds the creds block to write. + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_store_creds_tag(krb5_storage *sp, krb5_creds *creds) { int ret; @@ -903,6 +1446,8 @@ krb5_store_creds_tag(krb5_storage *sp, krb5_creds *creds) header |= SC_ADDRESSES; ret = krb5_store_int32(sp, header); + if (ret) + return ret; if (creds->client) { ret = krb5_store_principal(sp, creds->client); @@ -960,7 +1505,18 @@ krb5_store_creds_tag(krb5_storage *sp, krb5_creds *creds) return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Read a tagged credentials block from the storage. + * + * @param sp the storage buffer to write to + * @param creds the credentials block read from storage + * + * @return 0 on success, a Kerberos 5 error code on failure. + * + * @ingroup krb5_storage + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_creds_tag(krb5_storage *sp, krb5_creds *creds) { @@ -1027,7 +1583,7 @@ krb5_ret_creds_tag(krb5_storage *sp, cleanup: if(ret) { -#if 0 +#if 0 krb5_free_cred_contents(context, creds); /* XXX */ #endif } diff --git a/lib/krb5/store_emem.c b/lib/krb5/store_emem.c index b59a647f8043..7f91b0848627 100644 --- a/lib/krb5/store_emem.c +++ b/lib/krb5/store_emem.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" #include "store-int.h" -RCSID("$Id: store_emem.c 21745 2007-07-31 16:11:25Z lha $"); - typedef struct emem_storage{ unsigned char *base; size_t size; @@ -47,7 +45,7 @@ static ssize_t emem_fetch(krb5_storage *sp, void *data, size_t size) { emem_storage *s = (emem_storage*)sp->data; - if(s->base + s->len - s->ptr < size) + if((size_t)(s->base + s->len - s->ptr) < size) size = s->base + s->len - s->ptr; memmove(data, s->ptr, size); sp->seek(sp, size, SEEK_CUR); @@ -58,7 +56,7 @@ static ssize_t emem_store(krb5_storage *sp, const void *data, size_t size) { emem_storage *s = (emem_storage*)sp->data; - if(size > s->base + s->size - s->ptr){ + if(size > (size_t)(s->base + s->size - s->ptr)){ void *base; size_t sz, off; off = s->ptr - s->base; @@ -67,7 +65,7 @@ emem_store(krb5_storage *sp, const void *data, size_t size) sz *= 2; base = realloc(s->base, sz); if(base == NULL) - return 0; + return -1; s->size = sz; s->base = base; s->ptr = (unsigned char*)base + off; @@ -83,12 +81,12 @@ emem_seek(krb5_storage *sp, off_t offset, int whence) emem_storage *s = (emem_storage*)sp->data; switch(whence){ case SEEK_SET: - if(offset > s->size) + if((size_t)offset > s->size) offset = s->size; if(offset < 0) offset = 0; s->ptr = s->base + offset; - if(offset > s->len) + if((size_t)offset > s->len) s->len = offset; break; case SEEK_CUR: @@ -104,6 +102,39 @@ emem_seek(krb5_storage *sp, off_t offset, int whence) return s->ptr - s->base; } +static int +emem_trunc(krb5_storage *sp, off_t offset) +{ + emem_storage *s = (emem_storage*)sp->data; + /* + * If offset is larget then current size, or current size is + * shrunk more then half of the current size, adjust buffer. + */ + if (offset == 0) { + free(s->base); + s->size = 0; + s->base = NULL; + s->ptr = NULL; + } else if ((size_t)offset > s->size || (s->size / 2) > (size_t)offset) { + void *base; + size_t off; + off = s->ptr - s->base; + base = realloc(s->base, offset); + if(base == NULL) + return ENOMEM; + if ((size_t)offset > s->size) + memset((char *)base + s->size, 0, offset - s->size); + s->size = offset; + s->base = base; + s->ptr = (unsigned char *)base + off; + } + s->len = offset; + if ((s->ptr - s->base) > offset) + s->ptr = s->base + offset; + return 0; +} + + static void emem_free(krb5_storage *sp) { @@ -112,13 +143,32 @@ emem_free(krb5_storage *sp) free(s->base); } -krb5_storage * KRB5_LIB_FUNCTION +/** + * Create a elastic (allocating) memory storage backend. Memory is + * allocated on demand. Free returned krb5_storage with + * krb5_storage_free(). + * + * @return A krb5_storage on success, or NULL on out of memory error. + * + * @ingroup krb5_storage + * + * @sa krb5_storage_from_mem() + * @sa krb5_storage_from_readonly_mem() + * @sa krb5_storage_from_fd() + * @sa krb5_storage_from_data() + */ + +KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL krb5_storage_emem(void) { - krb5_storage *sp = malloc(sizeof(krb5_storage)); + krb5_storage *sp; + emem_storage *s; + + sp = malloc(sizeof(krb5_storage)); if (sp == NULL) return NULL; - emem_storage *s = malloc(sizeof(*s)); + + s = malloc(sizeof(*s)); if (s == NULL) { free(sp); return NULL; @@ -138,6 +188,8 @@ krb5_storage_emem(void) sp->fetch = emem_fetch; sp->store = emem_store; sp->seek = emem_seek; + sp->trunc = emem_trunc; sp->free = emem_free; + sp->max_alloc = UINT_MAX/8; return sp; } diff --git a/lib/krb5/store_fd.c b/lib/krb5/store_fd.c index 15f86fcac30b..2b72dea3a3fc 100644 --- a/lib/krb5/store_fd.c +++ b/lib/krb5/store_fd.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -34,8 +34,6 @@ #include "krb5_locl.h" #include "store-int.h" -RCSID("$Id: store_fd.c 17779 2006-06-30 21:23:19Z lha $"); - typedef struct fd_storage { int fd; } fd_storage; @@ -60,18 +58,53 @@ fd_seek(krb5_storage * sp, off_t offset, int whence) return lseek(FD(sp), offset, whence); } +static int +fd_trunc(krb5_storage * sp, off_t offset) +{ + if (ftruncate(FD(sp), offset) == -1) + return errno; + return 0; +} + static void fd_free(krb5_storage * sp) { close(FD(sp)); } -krb5_storage * KRB5_LIB_FUNCTION -krb5_storage_from_fd(int fd) +/** + * + * + * @return A krb5_storage on success, or NULL on out of memory error. + * + * @ingroup krb5_storage + * + * @sa krb5_storage_emem() + * @sa krb5_storage_from_mem() + * @sa krb5_storage_from_readonly_mem() + * @sa krb5_storage_from_data() + */ + +KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL +krb5_storage_from_fd(krb5_socket_t fd_in) { krb5_storage *sp; + int fd; + +#ifdef SOCKET_IS_NOT_AN_FD +#ifdef _MSC_VER + if (_get_osfhandle(fd_in) != -1) { + fd = dup(fd_in); + } else { + fd = _open_osfhandle(fd_in, 0); + } +#else +#error Dont know how to deal with fd that may or may not be a socket. +#endif +#else /* SOCKET_IS_NOT_AN_FD */ + fd = dup(fd_in); +#endif - fd = dup(fd); if (fd < 0) return NULL; @@ -93,6 +126,8 @@ krb5_storage_from_fd(int fd) sp->fetch = fd_fetch; sp->store = fd_store; sp->seek = fd_seek; + sp->trunc = fd_trunc; sp->free = fd_free; + sp->max_alloc = UINT_MAX/8; return sp; } diff --git a/lib/krb5/store_mem.c b/lib/krb5/store_mem.c index e6e62b5a62e4..e674a95dbad0 100644 --- a/lib/krb5/store_mem.c +++ b/lib/krb5/store_mem.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2000, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2000, 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" #include "store-int.h" -RCSID("$Id: store_mem.c 20307 2007-04-11 11:16:28Z lha $"); - typedef struct mem_storage{ unsigned char *base; size_t size; @@ -46,7 +44,7 @@ static ssize_t mem_fetch(krb5_storage *sp, void *data, size_t size) { mem_storage *s = (mem_storage*)sp->data; - if(size > s->base + s->size - s->ptr) + if(size > (size_t)(s->base + s->size - s->ptr)) size = s->base + s->size - s->ptr; memmove(data, s->ptr, size); sp->seek(sp, size, SEEK_CUR); @@ -57,7 +55,7 @@ static ssize_t mem_store(krb5_storage *sp, const void *data, size_t size) { mem_storage *s = (mem_storage*)sp->data; - if(size > s->base + s->size - s->ptr) + if(size > (size_t)(s->base + s->size - s->ptr)) size = s->base + s->size - s->ptr; memmove(s->ptr, data, size); sp->seek(sp, size, SEEK_CUR); @@ -76,7 +74,7 @@ mem_seek(krb5_storage *sp, off_t offset, int whence) mem_storage *s = (mem_storage*)sp->data; switch(whence){ case SEEK_SET: - if(offset > s->size) + if((size_t)offset > s->size) offset = s->size; if(offset < 0) offset = 0; @@ -93,7 +91,38 @@ mem_seek(krb5_storage *sp, off_t offset, int whence) return s->ptr - s->base; } -krb5_storage * KRB5_LIB_FUNCTION +static int +mem_trunc(krb5_storage *sp, off_t offset) +{ + mem_storage *s = (mem_storage*)sp->data; + if((size_t)offset > s->size) + return ERANGE; + s->size = offset; + if ((s->ptr - s->base) > offset) + s->ptr = s->base + offset; + return 0; +} + +static int +mem_no_trunc(krb5_storage *sp, off_t offset) +{ + return EINVAL; +} + +/** + * Create a fixed size memory storage block + * + * @return A krb5_storage on success, or NULL on out of memory error. + * + * @ingroup krb5_storage + * + * @sa krb5_storage_mem() + * @sa krb5_storage_from_readonly_mem() + * @sa krb5_storage_from_data() + * @sa krb5_storage_from_fd() + */ + +KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL krb5_storage_from_mem(void *buf, size_t len) { krb5_storage *sp = malloc(sizeof(krb5_storage)); @@ -114,17 +143,45 @@ krb5_storage_from_mem(void *buf, size_t len) sp->fetch = mem_fetch; sp->store = mem_store; sp->seek = mem_seek; + sp->trunc = mem_trunc; sp->free = NULL; + sp->max_alloc = UINT_MAX/8; return sp; } -krb5_storage * KRB5_LIB_FUNCTION +/** + * Create a fixed size memory storage block + * + * @return A krb5_storage on success, or NULL on out of memory error. + * + * @ingroup krb5_storage + * + * @sa krb5_storage_mem() + * @sa krb5_storage_from_mem() + * @sa krb5_storage_from_readonly_mem() + * @sa krb5_storage_from_fd() + */ + +KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL krb5_storage_from_data(krb5_data *data) { return krb5_storage_from_mem(data->data, data->length); } -krb5_storage * KRB5_LIB_FUNCTION +/** + * Create a fixed size memory storage block that is read only + * + * @return A krb5_storage on success, or NULL on out of memory error. + * + * @ingroup krb5_storage + * + * @sa krb5_storage_mem() + * @sa krb5_storage_from_mem() + * @sa krb5_storage_from_data() + * @sa krb5_storage_from_fd() + */ + +KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL krb5_storage_from_readonly_mem(const void *buf, size_t len) { krb5_storage *sp = malloc(sizeof(krb5_storage)); @@ -145,6 +202,8 @@ krb5_storage_from_readonly_mem(const void *buf, size_t len) sp->fetch = mem_fetch; sp->store = mem_no_store; sp->seek = mem_seek; + sp->trunc = mem_no_trunc; sp->free = NULL; + sp->max_alloc = UINT_MAX/8; return sp; } diff --git a/lib/krb5/string-to-key-test.c b/lib/krb5/string-to-key-test.c index 30075ea6b956..cb7081b9e0f4 100644 --- a/lib/krb5/string-to-key-test.c +++ b/lib/krb5/string-to-key-test.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -33,8 +33,6 @@ #include "krb5_locl.h" #include -RCSID("$Id: string-to-key-test.c 16344 2005-12-02 15:15:43Z lha $"); - enum { MAXSIZE = 24 }; static struct testcase { @@ -43,12 +41,26 @@ static struct testcase { krb5_enctype enctype; unsigned char res[MAXSIZE]; } tests[] = { +#ifdef HEIM_WEAK_CRYPTO {"@", "", ETYPE_DES_CBC_MD5, {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0xf1}}, {"nisse@FOO.SE", "hej", ETYPE_DES_CBC_MD5, {0xfe, 0x67, 0xbf, 0x9e, 0x57, 0x6b, 0xfe, 0x52}}, {"assar/liten@FOO.SE", "hemligt", ETYPE_DES_CBC_MD5, {0x5b, 0x9b, 0xcb, 0xf2, 0x97, 0x43, 0xc8, 0x40}}, + {"raeburn@ATHENA.MIT.EDU", "password", ETYPE_DES_CBC_MD5, + {0xcb, 0xc2, 0x2f, 0xae, 0x23, 0x52, 0x98, 0xe3}}, + {"danny@WHITEHOUSE.GOV", "potatoe", ETYPE_DES_CBC_MD5, + {0xdf, 0x3d, 0x32, 0xa7, 0x4f, 0xd9, 0x2a, 0x01}}, + {"buckaroo@EXAMPLE.COM", "penny", ETYPE_DES_CBC_MD5, + {0x94, 0x43, 0xa2, 0xe5, 0x32, 0xfd, 0xc4, 0xf1}}, + {"Juri\xc5\xa1i\xc4\x87@ATHENA.MIT.EDU", "\xc3\x9f", ETYPE_DES_CBC_MD5, + {0x62, 0xc8, 0x1a, 0x52, 0x32, 0xb5, 0xe6, 0x9d}}, + {"AAAAAAAA", "11119999", ETYPE_DES_CBC_MD5, + {0x98, 0x40, 0x54, 0xd0, 0xf1, 0xa7, 0x3e, 0x31}}, + {"FFFFAAAA", "NNNN6666", ETYPE_DES_CBC_MD5, + {0xc4, 0xbf, 0x6b, 0x25, 0xad, 0xf7, 0xa4, 0xf8}}, +#endif #if 0 {"@", "", ETYPE_DES3_CBC_SHA1, {0xce, 0xa2, 0x2f, 0x9b, 0x52, 0x2c, 0xb0, 0x15, 0x6e, 0x6b, 0x64, @@ -66,18 +78,6 @@ static struct testcase { {"does/not@MATTER", "foo", ETYPE_ARCFOUR_HMAC_MD5, {0xac, 0x8e, 0x65, 0x7f, 0x83, 0xdf, 0x82, 0xbe, 0xea, 0x5d, 0x43, 0xbd, 0xaf, 0x78, 0x00, 0xcc}}, - {"raeburn@ATHENA.MIT.EDU", "password", ETYPE_DES_CBC_MD5, - {0xcb, 0xc2, 0x2f, 0xae, 0x23, 0x52, 0x98, 0xe3}}, - {"danny@WHITEHOUSE.GOV", "potatoe", ETYPE_DES_CBC_MD5, - {0xdf, 0x3d, 0x32, 0xa7, 0x4f, 0xd9, 0x2a, 0x01}}, - {"buckaroo@EXAMPLE.COM", "penny", ETYPE_DES_CBC_MD5, - {0x94, 0x43, 0xa2, 0xe5, 0x32, 0xfd, 0xc4, 0xf1}}, - {"Juri\xc5\xa1i\xc4\x87@ATHENA.MIT.EDU", "\xc3\x9f", ETYPE_DES_CBC_MD5, - {0x62, 0xc8, 0x1a, 0x52, 0x32, 0xb5, 0xe6, 0x9d}}, - {"AAAAAAAA", "11119999", ETYPE_DES_CBC_MD5, - {0x98, 0x40, 0x54, 0xd0, 0xf1, 0xa7, 0x3e, 0x31}}, - {"FFFFAAAA", "NNNN6666", ETYPE_DES_CBC_MD5, - {0xc4, 0xbf, 0x6b, 0x25, 0xad, 0xf7, 0xa4, 0xf8}}, {"raeburn@ATHENA.MIT.EDU", "password", ETYPE_DES3_CBC_SHA1, {0x85, 0x0b, 0xb5, 0x13, 0x58, 0x54, 0x8c, 0xd0, 0x5e, 0x86, 0x76, 0x8c, 0x31, 0x3e, 0x3b, 0xfe, 0xf7, 0x51, 0x19, 0x37, 0xdc, 0xf7, 0x2c, 0x3e}}, {"danny@WHITEHOUSE.GOV", "potatoe", ETYPE_DES3_CBC_SHA1, diff --git a/lib/krb5/test_acl.c b/lib/krb5/test_acl.c index e52f31a8b5a1..9e27c0408643 100644 --- a/lib/krb5/test_acl.c +++ b/lib/krb5/test_acl.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -33,8 +33,6 @@ #include "krb5_locl.h" #include -RCSID("$Id: test_acl.c 15036 2005-04-30 15:19:58Z lha $"); - #define RETVAL(c, r, e, s) \ do { if (r != e) krb5_errx(c, 1, "%s", s); } while (0) #define STRINGMATCH(c, s, _s1, _s2) \ @@ -72,6 +70,13 @@ test_match_string(krb5_context context) RETVAL(context, ret, 0, "liternal fnmatch"); ret = krb5_acl_match_string(context, "foo/bar", "f", "foo/*"); RETVAL(context, ret, 0, "foo/*"); + ret = krb5_acl_match_string(context, "foo/bar.example.org", "f", + "foo/*.example.org"); + RETVAL(context, ret, 0, "foo/*.example.org"); + ret = krb5_acl_match_string(context, "foo/bar.example.com", "f", + "foo/*.example.org"); + RETVAL(context, ret, EACCES, "foo/*.example.com"); + ret = krb5_acl_match_string(context, "foo/bar/baz", "f", "foo/*/baz"); RETVAL(context, ret, 0, "foo/*/baz"); diff --git a/lib/krb5/test_addr.c b/lib/krb5/test_addr.c index 1ab47aecc028..79a55ff303ef 100644 --- a/lib/krb5/test_addr.c +++ b/lib/krb5/test_addr.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -33,8 +33,6 @@ #include "krb5_locl.h" #include -RCSID("$Id: test_addr.c 15036 2005-04-30 15:19:58Z lha $"); - static void print_addr(krb5_context context, const char *addr) { @@ -51,20 +49,22 @@ print_addr(krb5_context context, const char *addr) if (addresses.len < 1) krb5_err(context, 1, ret, "too few addresses"); - + for (i = 0; i < addresses.len; i++) { krb5_print_address(&addresses.val[i], buf, sizeof(buf), &len); #if 0 - printf("addr %d: %s (%d/%d)\n", i, buf, (int)len, (int)strlen(buf)); + printf("addr %d: %s (%d/%d)\n", i, buf, (int)len, (int)strlen(buf)); #endif if (strlen(buf) > sizeof(buf)) - abort(); + krb5_err(context, 1, ret, "len %d larger then buf %d", + (int)strlen(buf), (int)sizeof(buf)); krb5_print_address(&addresses.val[i], buf2, sizeof(buf2), &len); #if 0 - printf("addr %d: %s (%d/%d)\n", i, buf2, (int)len, (int)strlen(buf2)); + printf("addr %d: %s (%d/%d)\n", i, buf2, (int)len, (int)strlen(buf2)); #endif if (strlen(buf2) > sizeof(buf2)) - abort(); + krb5_err(context, 1, ret, "len %d larger then buf %d", + (int)strlen(buf2), (int)sizeof(buf2)); } krb5_free_addresses(context, &addresses); @@ -72,7 +72,7 @@ print_addr(krb5_context context, const char *addr) } static void -truncated_addr(krb5_context context, const char *addr, +truncated_addr(krb5_context context, const char *addr, size_t truncate_len, size_t outlen) { krb5_addresses addresses; @@ -88,22 +88,25 @@ truncated_addr(krb5_context context, const char *addr, if (addresses.len != 1) krb5_err(context, 1, ret, "addresses should be one"); - + krb5_print_address(&addresses.val[0], buf, truncate_len, &len); - + #if 0 - printf("addr %s (%d/%d)\n", buf, (int)len, (int)strlen(buf)); + printf("addr %s (%d/%d) should be %d\n", buf, (int)len, (int)strlen(buf), (int)outlen); #endif - + if (truncate_len > strlen(buf) + 1) - abort(); + krb5_err(context, 1, ret, "%s truncate_len %d larger then strlen %d source %s", + buf, (int)truncate_len, (int)strlen(buf), addr); + if (outlen != len) - abort(); - + krb5_err(context, 1, ret, "%s: outlen %d != len %d", + buf, (int)outlen, (int)strlen(buf)); + krb5_print_address(&addresses.val[0], buf, outlen + 1, &len); #if 0 - printf("addr %s (%d/%d)\n", buf, (int)len, (int)strlen(buf)); + printf("addr %s (%d/%d)\n", buf, (int)len, (int)strlen(buf)); #endif if (len != outlen) @@ -120,12 +123,14 @@ check_truncation(krb5_context context, const char *addr) { int i, len = strlen(addr); + truncated_addr(context, addr, len, len); + for (i = 0; i < len; i++) truncated_addr(context, addr, i, len); } static void -match_addr(krb5_context context, const char *range_addr, +match_addr(krb5_context context, const char *range_addr, const char *one_addr, int match) { krb5_addresses range, one; @@ -137,7 +142,7 @@ match_addr(krb5_context context, const char *range_addr, if (range.len != 1) krb5_err(context, 1, ret, "wrong num of addresses"); - + ret = krb5_parse_address(context, one_addr, &one); if (ret) krb5_err(context, 1, ret, "krb5_parse_address"); @@ -157,12 +162,41 @@ match_addr(krb5_context context, const char *range_addr, krb5_free_addresses(context, &one); } +#ifdef _MSC_VER + +/* For the truncation tests, calling strcpy_s() or strcat_s() with a + size of 0 results in the invalid parameter handler being invoked. + For the debug version, the runtime also throws an assert. */ + +static void +inv_param_handler(const wchar_t* expression, + const wchar_t* function, + const wchar_t* file, + unsigned int line, + uintptr_t pReserved) +{ + printf("Invalid parameter handler invoked for: %S in %S(%d) [%S]\n", + function, file, line, expression); +} + +static _invalid_parameter_handler _inv_old = NULL; + +#define SET_INVALID_PARAM_HANDLER _inv_old = _set_invalid_parameter_handler(inv_param_handler) + +#else + +#define SET_INVALID_PARAM_HANDLER ((void) 0) + +#endif + int main(int argc, char **argv) { krb5_context context; krb5_error_code ret; + SET_INVALID_PARAM_HANDLER; + setprogname(argv[0]); ret = krb5_init_context(&context); @@ -174,7 +208,7 @@ main(int argc, char **argv) print_addr(context, "RANGE:IPv4:127.0.0.0-IPv4:127.0.0.255"); print_addr(context, "RANGE:130.237.237.4/29"); #ifdef HAVE_IPV6 - print_addr(context, "RANGE:fe80::209:6bff:fea0:e522/64"); + print_addr(context, "RANGE:2001:db8:1:2:3:4:1428:7ab/64"); print_addr(context, "RANGE:IPv6:fe80::209:6bff:fea0:e522/64"); print_addr(context, "RANGE:IPv6:fe80::-IPv6:fe80::ffff:ffff:ffff:ffff"); print_addr(context, "RANGE:fe80::-fe80::ffff:ffff:ffff:ffff"); @@ -183,7 +217,10 @@ main(int argc, char **argv) check_truncation(context, "IPv4:127.0.0.0"); check_truncation(context, "RANGE:IPv4:127.0.0.0-IPv4:127.0.0.255"); #ifdef HAVE_IPV6 + check_truncation(context, "IPv6:::"); check_truncation(context, "IPv6:::1"); + check_truncation(context, "IPv6:2001:db8:1:2:3:4:1428:7ab"); + check_truncation(context, "IPv6:fe80::209:0:0:0"); check_truncation(context, "IPv6:fe80::ffff:ffff:ffff:ffff"); #endif diff --git a/lib/krb5/test_alname.c b/lib/krb5/test_alname.c index e8397b748026..21e4bff8d82c 100644 --- a/lib/krb5/test_alname.c +++ b/lib/krb5/test_alname.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,11 +34,9 @@ #include #include -RCSID("$Id: test_alname.c 15474 2005-06-17 04:48:02Z lha $"); - static void test_alname(krb5_context context, krb5_const_realm realm, - const char *user, const char *inst, + const char *user, const char *inst, const char *localuser, int ok) { krb5_principal p; @@ -60,20 +58,20 @@ test_alname(krb5_context context, krb5_const_realm realm, if (ret) { if (!ok) return; - krb5_err(context, 1, ret, "krb5_aname_to_localname: %s -> %s", + krb5_err(context, 1, ret, "krb5_aname_to_localname: %s -> %s", princ, localuser); } if (strcmp(localname, localuser) != 0) { if (ok) - errx(1, "compared failed %s != %s (should have succeded)", + errx(1, "compared failed %s != %s (should have succeded)", localname, localuser); } else { if (!ok) - errx(1, "compared failed %s == %s (should have failed)", + errx(1, "compared failed %s == %s (should have failed)", localname, localuser); } - + } static int version_flag = 0; @@ -109,7 +107,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -140,12 +138,12 @@ main(int argc, char **argv) test_alname(context, "FOO.BAR.BAZ.KAKA", user, NULL, user, 0); test_alname(context, "FOO.BAR.BAZ.KAKA", user, "root", "root", 0); - test_alname(context, realm, user, NULL, + test_alname(context, realm, user, NULL, "not-same-as-user", 0); test_alname(context, realm, user, "root", "not-same-as-user", 0); - test_alname(context, "FOO.BAR.BAZ.KAKA", user, NULL, + test_alname(context, "FOO.BAR.BAZ.KAKA", user, NULL, "not-same-as-user", 0); test_alname(context, "FOO.BAR.BAZ.KAKA", user, "root", "not-same-as-user", 0); diff --git a/tests/kdc/ap-req.c b/lib/krb5/test_ap-req.c similarity index 86% rename from tests/kdc/ap-req.c rename to lib/krb5/test_ap-req.c index 24cc6111c7dc..dcdddb814981 100644 --- a/tests/kdc/ap-req.c +++ b/lib/krb5/test_ap-req.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -30,10 +30,7 @@ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: ap-req.c 19807 2007-01-10 19:35:45Z lha $"); -#endif #include #include @@ -43,12 +40,15 @@ RCSID("$Id: ap-req.c 19807 2007-01-10 19:35:45Z lha $"); #include static int verify_pac = 0; +static int server_any = 0; static int version_flag = 0; static int help_flag = 0; static struct getargs args[] = { {"verify-pac",0, arg_flag, &verify_pac, "verify the PAC", NULL }, + {"server-any",0, arg_flag, &server_any, + "let server pick the principal", NULL }, {"version", 0, arg_flag, &version_flag, "print version", NULL }, {"help", 0, arg_flag, &help_flag, @@ -65,10 +65,11 @@ usage (int ret) static void test_ap(krb5_context context, - krb5_principal sprincipal, + krb5_principal target, + krb5_principal server, krb5_keytab keytab, krb5_ccache ccache, - const krb5_flags client_flags) + const krb5_flags client_flags) { krb5_error_code ret; krb5_auth_context client_ac = NULL, server_ac = NULL; @@ -80,7 +81,7 @@ test_ap(krb5_context context, ret = krb5_mk_req_exact(context, &client_ac, client_flags, - sprincipal, + target, NULL, ccache, &data); @@ -90,7 +91,7 @@ test_ap(krb5_context context, ret = krb5_rd_req(context, &server_ac, &data, - sprincipal, + server, keytab, &server_flags, &ticket); @@ -123,8 +124,8 @@ test_ap(krb5_context context, krb5_errx(context, 1, "server flag missing mutual req"); } - krb5_auth_getremoteseqnumber(context, server_ac, &server_seq); - krb5_auth_getremoteseqnumber(context, client_ac, &client_seq); + krb5_auth_con_getremoteseqnumber(context, server_ac, &server_seq); + krb5_auth_con_getremoteseqnumber(context, client_ac, &client_seq); if (server_seq != client_seq) krb5_errx(context, 1, "seq num differ"); @@ -167,13 +168,13 @@ main(int argc, char **argv) const char *principal, *keytab, *ccache; krb5_ccache id; krb5_keytab kt; - krb5_principal sprincipal; + krb5_principal sprincipal, server; setprogname(argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -187,7 +188,7 @@ main(int argc, char **argv) if (argc < 3) usage(1); - + principal = argv[0]; keytab = argv[1]; ccache = argv[2]; @@ -208,8 +209,13 @@ main(int argc, char **argv) if (ret) krb5_err(context, 1, ret, "krb5_kt_resolve"); - test_ap(context, sprincipal, kt, id, 0); - test_ap(context, sprincipal, kt, id, AP_OPTS_MUTUAL_REQUIRED); + if (server_any) + server = NULL; + else + server = sprincipal; + + test_ap(context, sprincipal, server, kt, id, 0); + test_ap(context, sprincipal, server, kt, id, AP_OPTS_MUTUAL_REQUIRED); krb5_cc_close(context, id); krb5_kt_close(context, kt); diff --git a/lib/krb5/test_cc.c b/lib/krb5/test_cc.c index 075cfe237fba..911fba52405c 100644 --- a/lib/krb5/test_cc.c +++ b/lib/krb5/test_cc.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,17 +34,21 @@ #include #include -RCSID("$Id: test_cc.c 22115 2007-12-03 21:21:42Z lha $"); - static int debug_flag = 0; static int version_flag = 0; static int help_flag = 0; +#ifdef KRB5_USE_PATH_TOKENS +#define TEST_CC_NAME "%{TEMP}/krb5-cc-test-foo" +#else +#define TEST_CC_NAME "/tmp/krb5-cc-test-foo" +#endif + static void test_default_name(krb5_context context) { krb5_error_code ret; - const char *p, *test_cc_name = "/tmp/krb5-cc-test-foo"; + const char *p, *test_cc_name = TEST_CC_NAME; char *p1, *p2, *p3; p = krb5_cc_default_name(context); @@ -63,18 +67,23 @@ test_default_name(krb5_context context) if (strcmp(p1, p2) != 0) krb5_errx (context, 1, "krb5_cc_default_name no longer same"); - + ret = krb5_cc_set_default_name(context, test_cc_name); if (p == NULL) krb5_errx (context, 1, "krb5_cc_set_default_name 1 failed"); - + p = krb5_cc_default_name(context); if (p == NULL) krb5_errx (context, 1, "krb5_cc_default_name 2 failed"); p3 = estrdup(p); - + +#ifndef KRB5_USE_PATH_TOKENS + /* If we are using path tokens, we don't expect the p3 and + test_cc_name to match since p3 is going to have expanded + tokens. */ if (strcmp(p3, test_cc_name) != 0) krb5_errx (context, 1, "krb5_cc_set_default_name 1 failed"); +#endif free(p1); free(p2); @@ -99,9 +108,9 @@ test_mcache(krb5_context context) if (ret) krb5_err(context, 1, ret, "krb5_parse_name"); - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); + ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, &id); if (ret) - krb5_err(context, 1, ret, "krb5_cc_gen_new"); + krb5_err(context, 1, ret, "krb5_cc_new_unique"); ret = krb5_cc_initialize(context, id, p); if (ret) @@ -115,10 +124,11 @@ test_mcache(krb5_context context) if (tc == NULL) krb5_errx(context, 1, "krb5_cc_get_name"); - asprintf(&c, "%s:%s", tc, nc); - + if (asprintf(&c, "%s:%s", tc, nc) < 0 || c == NULL) + errx(1, "malloc"); + krb5_cc_close(context, id); - + ret = krb5_cc_resolve(context, c, &id2); if (ret) krb5_err(context, 1, ret, "krb5_cc_resolve"); @@ -151,24 +161,26 @@ test_mcache(krb5_context context) */ static void -test_init_vs_destroy(krb5_context context, const krb5_cc_ops *ops) +test_init_vs_destroy(krb5_context context, const char *type) { krb5_error_code ret; krb5_ccache id, id2; krb5_principal p, p2; - char *n; + char *n = NULL; ret = krb5_parse_name(context, "lha@SU.SE", &p); if (ret) krb5_err(context, 1, ret, "krb5_parse_name"); - ret = krb5_cc_gen_new(context, ops, &id); + ret = krb5_cc_new_unique(context, type, NULL, &id); if (ret) - krb5_err(context, 1, ret, "krb5_cc_gen_new"); + krb5_err(context, 1, ret, "krb5_cc_new_unique: %s", type); + + if (asprintf(&n, "%s:%s", + krb5_cc_get_type(context, id), + krb5_cc_get_name(context, id)) < 0 || n == NULL) + errx(1, "malloc"); - asprintf(&n, "%s:%s", - krb5_cc_get_type(context, id), - krb5_cc_get_name(context, id)); ret = krb5_cc_resolve(context, n, &id2); free(n); @@ -191,7 +203,7 @@ test_init_vs_destroy(krb5_context context, const krb5_cc_ops *ops) } static void -test_fcache_remove(krb5_context context) +test_cache_remove(krb5_context context, const char *type) { krb5_error_code ret; krb5_ccache id; @@ -202,9 +214,9 @@ test_fcache_remove(krb5_context context) if (ret) krb5_err(context, 1, ret, "krb5_parse_name"); - ret = krb5_cc_gen_new(context, &krb5_fcc_ops, &id); + ret = krb5_cc_new_unique(context, type, NULL, &id); if (ret) - krb5_err(context, 1, ret, "krb5_cc_gen_new"); + krb5_err(context, 1, ret, "krb5_cc_gen_new: %s", type); ret = krb5_cc_initialize(context, id, p); if (ret) @@ -280,12 +292,33 @@ struct { char *res; } cc_names[] = { { "foo", 0, "foo" }, + { "foo%}", 0, "foo%}" }, { "%{uid}", 0 }, { "foo%{null}", 0, "foo" }, { "foo%{null}bar", 0, "foobar" }, { "%{", 1 }, { "%{foo %{", 1 }, { "%{{", 1 }, + { "%{{}", 1 }, + { "%{nulll}", 1 }, + { "%{does not exist}", 1 }, + { "%{}", 1 }, +#ifdef KRB5_USE_PATH_TOKENS + { "%{APPDATA}", 0 }, + { "%{COMMON_APPDATA}", 0}, + { "%{LOCAL_APPDATA}", 0}, + { "%{SYSTEM}", 0}, + { "%{WINDOWS}", 0}, + { "%{TEMP}", 0}, + { "%{USERID}", 0}, + { "%{uid}", 0}, + { "%{USERCONFIG}", 0}, + { "%{COMMONCONFIG}", 0}, + { "%{LIBDIR}", 0}, + { "%{BINDIR}", 0}, + { "%{LIBEXEC}", 0}, + { "%{SBINDIR}", 0}, +#endif }; static void @@ -299,14 +332,14 @@ test_def_cc_name(krb5_context context) ret = _krb5_expand_default_cc_name(context, cc_names[i].str, &str); if (ret) { if (cc_names[i].fail == 0) - krb5_errx(context, 1, "test %d \"%s\" failed", + krb5_errx(context, 1, "test %d \"%s\" failed", i, cc_names[i].str); } else { if (cc_names[i].fail) - krb5_errx(context, 1, "test %d \"%s\" was successful", + krb5_errx(context, 1, "test %d \"%s\" was successful", i, cc_names[i].str); if (cc_names[i].res && strcmp(cc_names[i].res, str) != 0) - krb5_errx(context, 1, "test %d %s != %s", + krb5_errx(context, 1, "test %d %s != %s", i, cc_names[i].res, str); if (debug_flag) printf("%s => %s\n", cc_names[i].str, str); @@ -316,8 +349,7 @@ test_def_cc_name(krb5_context context) } static void -test_cache_find(krb5_context context, const char *type, const char *principal, - int find) +test_cache_find(krb5_context context, const char *principal, int find) { krb5_principal client; krb5_error_code ret; @@ -326,8 +358,8 @@ test_cache_find(krb5_context context, const char *type, const char *principal, ret = krb5_parse_name(context, principal, &client); if (ret) krb5_err(context, 1, ret, "parse_name for %s failed", principal); - - ret = krb5_cc_cache_match(context, client, type, &id); + + ret = krb5_cc_cache_match(context, client, &id); if (ret && find) krb5_err(context, 1, ret, "cc_cache_match for %s failed", principal); if (ret == 0 && !find) @@ -345,7 +377,7 @@ test_cache_iter(krb5_context context, const char *type, int destroy) krb5_cc_cache_cursor cursor; krb5_error_code ret; krb5_ccache id; - + ret = krb5_cc_cache_get_first (context, type, &cursor); if (ret == KRB5_CC_NOSUPP) return; @@ -379,36 +411,62 @@ test_cache_iter(krb5_context context, const char *type, int destroy) } static void -test_copy(krb5_context context, const char *fromtype, const char *totype) +test_cache_iter_all(krb5_context context) +{ + krb5_cccol_cursor cursor; + krb5_error_code ret; + krb5_ccache id; + + ret = krb5_cccol_cursor_new (context, &cursor); + if (ret) + krb5_err(context, 1, ret, "krb5_cccol_cursor_new"); + + + while ((ret = krb5_cccol_cursor_next (context, cursor, &id)) == 0 && id != NULL) { + krb5_principal principal; + char *name; + + if (debug_flag) + printf("name: %s\n", krb5_cc_get_name(context, id)); + ret = krb5_cc_get_principal(context, id, &principal); + if (ret == 0) { + ret = krb5_unparse_name(context, principal, &name); + if (ret == 0) { + if (debug_flag) + printf("\tprincipal: %s\n", name); + free(name); + } + krb5_free_principal(context, principal); + } + krb5_cc_close(context, id); + } + + krb5_cccol_cursor_free(context, &cursor); +} + + +static void +test_copy(krb5_context context, const char *from, const char *to) { - const krb5_cc_ops *from, *to; krb5_ccache fromid, toid; krb5_error_code ret; krb5_principal p, p2; - from = krb5_cc_get_prefix_ops(context, fromtype); - if (from == NULL) - krb5_errx(context, 1, "%s isn't a type", fromtype); - - to = krb5_cc_get_prefix_ops(context, totype); - if (to == NULL) - krb5_errx(context, 1, "%s isn't a type", totype); - ret = krb5_parse_name(context, "lha@SU.SE", &p); if (ret) krb5_err(context, 1, ret, "krb5_parse_name"); - ret = krb5_cc_gen_new(context, from, &fromid); + ret = krb5_cc_new_unique(context, from, NULL, &fromid); if (ret) - krb5_err(context, 1, ret, "krb5_cc_gen_new"); + krb5_err(context, 1, ret, "krb5_cc_new_unique: %s", from); ret = krb5_cc_initialize(context, fromid, p); if (ret) krb5_err(context, 1, ret, "krb5_cc_initialize"); - ret = krb5_cc_gen_new(context, to, &toid); + ret = krb5_cc_new_unique(context, to, NULL, &toid); if (ret) - krb5_err(context, 1, ret, "krb5_cc_gen_new"); + krb5_err(context, 1, ret, "krb5_cc_gen_new: %s", to); ret = krb5_cc_copy_cache(context, fromid, toid); if (ret) @@ -428,6 +486,55 @@ test_copy(krb5_context context, const char *fromtype, const char *totype) krb5_cc_destroy(context, toid); } +static void +test_move(krb5_context context, const char *type) +{ + const krb5_cc_ops *ops; + krb5_ccache fromid, toid; + krb5_error_code ret; + krb5_principal p, p2; + + ops = krb5_cc_get_prefix_ops(context, type); + if (ops == NULL) + return; + + ret = krb5_cc_new_unique(context, type, NULL, &fromid); + if (ret == KRB5_CC_NOSUPP) + return; + else if (ret) + krb5_err(context, 1, ret, "krb5_cc_new_unique: %s", type); + + ret = krb5_parse_name(context, "lha@SU.SE", &p); + if (ret) + krb5_err(context, 1, ret, "krb5_parse_name"); + + ret = krb5_cc_initialize(context, fromid, p); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_initialize"); + + ret = krb5_cc_new_unique(context, type, NULL, &toid); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_new_unique"); + + ret = krb5_cc_initialize(context, toid, p); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_initialize"); + + ret = krb5_cc_get_principal(context, toid, &p2); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_get_principal"); + + if (krb5_principal_compare(context, p, p2) == FALSE) + krb5_errx(context, 1, "p != p2"); + + krb5_free_principal(context, p); + krb5_free_principal(context, p2); + + krb5_cc_destroy(context, toid); + krb5_cc_destroy(context, fromid); +} + + static void test_prefix_ops(krb5_context context, const char *name, const krb5_cc_ops *ops) { @@ -441,6 +548,68 @@ test_prefix_ops(krb5_context context, const char *name, const krb5_cc_ops *ops) "the expected %s != %s", name, o->prefix, ops->prefix); } +static void +test_cc_config(krb5_context context) +{ + krb5_error_code ret; + krb5_principal p; + krb5_ccache id; + unsigned int i; + + ret = krb5_cc_new_unique(context, "MEMORY", "bar", &id); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_new_unique"); + + ret = krb5_parse_name(context, "lha@SU.SE", &p); + if (ret) + krb5_err(context, 1, ret, "krb5_parse_name"); + + ret = krb5_cc_initialize(context, id, p); + if (ret) + krb5_err(context, 1, ret, "krb5_cc_initialize"); + + for (i = 0; i < 1000; i++) { + krb5_data data, data2; + const char *name = "foo"; + krb5_principal p1 = NULL; + + if (i & 1) + p1 = p; + + data.data = rk_UNCONST(name); + data.length = strlen(name); + + ret = krb5_cc_set_config(context, id, p1, "FriendlyName", &data); + if (ret) + krb5_errx(context, 1, "krb5_cc_set_config: add"); + + ret = krb5_cc_get_config(context, id, p1, "FriendlyName", &data2); + if (ret) + krb5_errx(context, 1, "krb5_cc_get_config: first"); + krb5_data_free(&data2); + + ret = krb5_cc_set_config(context, id, p1, "FriendlyName", &data); + if (ret) + krb5_errx(context, 1, "krb5_cc_set_config: add -second"); + + ret = krb5_cc_get_config(context, id, p1, "FriendlyName", &data2); + if (ret) + krb5_errx(context, 1, "krb5_cc_get_config: second"); + krb5_data_free(&data2); + + ret = krb5_cc_set_config(context, id, p1, "FriendlyName", NULL); + if (ret) + krb5_errx(context, 1, "krb5_cc_set_config: delete"); + + ret = krb5_cc_get_config(context, id, p1, "FriendlyName", &data2); + if (ret == 0) + krb5_errx(context, 1, "krb5_cc_get_config: non-existant"); + } + + krb5_cc_destroy(context, id); + krb5_free_principal(context, p); +} + static struct getargs args[] = { {"debug", 'd', arg_flag, &debug_flag, @@ -470,7 +639,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -486,47 +655,82 @@ main(int argc, char **argv) if (ret) errx (1, "krb5_init_context failed: %d", ret); - test_fcache_remove(context); + test_cache_remove(context, krb5_cc_type_file); + test_cache_remove(context, krb5_cc_type_memory); +#ifdef USE_SQLITE + test_cache_remove(context, krb5_cc_type_scc); +#endif + test_default_name(context); test_mcache(context); - test_init_vs_destroy(context, &krb5_mcc_ops); - test_init_vs_destroy(context, &krb5_fcc_ops); + test_init_vs_destroy(context, krb5_cc_type_memory); + test_init_vs_destroy(context, krb5_cc_type_file); +#if 0 + test_init_vs_destroy(context, krb5_cc_type_api); +#endif + test_init_vs_destroy(context, krb5_cc_type_scc); test_mcc_default(); test_def_cc_name(context); - test_cache_iter(context, "MEMORY", 0); + + test_cache_iter_all(context); + + test_cache_iter(context, krb5_cc_type_memory, 0); { krb5_principal p; - krb5_cc_new_unique(context, "MEMORY", "bar", &id1); - krb5_cc_new_unique(context, "MEMORY", "baz", &id2); + krb5_cc_new_unique(context, krb5_cc_type_memory, "bar", &id1); + krb5_cc_new_unique(context, krb5_cc_type_memory, "baz", &id2); krb5_parse_name(context, "lha@SU.SE", &p); krb5_cc_initialize(context, id1, p); krb5_free_principal(context, p); } - test_cache_find(context, "MEMORY", "lha@SU.SE", 1); - test_cache_find(context, "MEMORY", "hulabundulahotentot@SU.SE", 0); + test_cache_find(context, "lha@SU.SE", 1); + test_cache_find(context, "hulabundulahotentot@SU.SE", 0); - test_cache_iter(context, "MEMORY", 0); - test_cache_iter(context, "MEMORY", 1); - test_cache_iter(context, "MEMORY", 0); - test_cache_iter(context, "FILE", 0); - test_cache_iter(context, "API", 0); + test_cache_iter(context, krb5_cc_type_memory, 0); + test_cache_iter(context, krb5_cc_type_memory, 1); + test_cache_iter(context, krb5_cc_type_memory, 0); + test_cache_iter(context, krb5_cc_type_file, 0); + test_cache_iter(context, krb5_cc_type_api, 0); + test_cache_iter(context, krb5_cc_type_scc, 0); + test_cache_iter(context, krb5_cc_type_scc, 1); - test_copy(context, "FILE", "FILE"); - test_copy(context, "MEMORY", "MEMORY"); - test_copy(context, "FILE", "MEMORY"); - test_copy(context, "MEMORY", "FILE"); + test_copy(context, krb5_cc_type_file, krb5_cc_type_file); + test_copy(context, krb5_cc_type_memory, krb5_cc_type_memory); + test_copy(context, krb5_cc_type_file, krb5_cc_type_memory); + test_copy(context, krb5_cc_type_memory, krb5_cc_type_file); + test_copy(context, krb5_cc_type_scc, krb5_cc_type_file); + test_copy(context, krb5_cc_type_file, krb5_cc_type_scc); + test_copy(context, krb5_cc_type_scc, krb5_cc_type_memory); + test_copy(context, krb5_cc_type_memory, krb5_cc_type_scc); + + test_move(context, krb5_cc_type_file); + test_move(context, krb5_cc_type_memory); +#ifdef HAVE_KCM + test_move(context, krb5_cc_type_kcm); +#endif + test_move(context, krb5_cc_type_scc); test_prefix_ops(context, "FILE:/tmp/foo", &krb5_fcc_ops); test_prefix_ops(context, "FILE", &krb5_fcc_ops); test_prefix_ops(context, "MEMORY", &krb5_mcc_ops); test_prefix_ops(context, "MEMORY:foo", &krb5_mcc_ops); test_prefix_ops(context, "/tmp/kaka", &krb5_fcc_ops); +#ifdef HAVE_SCC + test_prefix_ops(context, "SCC:", &krb5_scc_ops); + test_prefix_ops(context, "SCC:foo", &krb5_scc_ops); +#endif krb5_cc_destroy(context, id1); krb5_cc_destroy(context, id2); + test_cc_config(context); + krb5_free_context(context); +#if 0 + sleep(60); +#endif + return 0; } diff --git a/lib/krb5/test_config.c b/lib/krb5/test_config.c index 7fe224e68812..a2816332dabb 100644 --- a/lib/krb5/test_config.c +++ b/lib/krb5/test_config.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,8 +34,6 @@ #include "krb5_locl.h" #include -RCSID("$Id: test_config.c 15036 2005-04-30 15:19:58Z lha $"); - static int check_config_file(krb5_context context, char *filelist, char **res, int def) { @@ -49,39 +47,39 @@ check_config_file(krb5_context context, char *filelist, char **res, int def) ret = krb5_prepend_config_files_default(filelist, &pp); else ret = krb5_prepend_config_files(filelist, NULL, &pp); - + if (ret) krb5_err(context, 1, ret, "prepend_config_files"); - + for (i = 0; res[i] && pp[i]; i++) if (strcmp(pp[i], res[i]) != 0) krb5_errx(context, 1, "'%s' != '%s'", pp[i], res[i]); - + if (res[i] != NULL) krb5_errx(context, 1, "pp ended before res list"); - + if (def) { char **deflist; int j; - + ret = krb5_get_default_config_files(&deflist); if (ret) krb5_err(context, 1, ret, "get_default_config_files"); - + for (j = 0 ; pp[i] && deflist[j]; i++, j++) if (strcmp(pp[i], deflist[j]) != 0) krb5_errx(context, 1, "'%s' != '%s'", pp[i], deflist[j]); - + if (deflist[j] != NULL) krb5_errx(context, 1, "pp ended before def list"); krb5_free_config_files(deflist); } - + if (pp[i] != NULL) krb5_errx(context, 1, "pp ended after res (and def) list"); - + krb5_free_config_files(pp); - + return 0; } @@ -94,12 +92,12 @@ struct { char **res; } test[] = { { "/tmp/foo", NULL }, - { "/tmp/foo:/tmp/foo/bar", NULL }, + { "/tmp/foo" PATH_SEP "/tmp/foo/bar", NULL }, { "", NULL } }; -int -main(int argc, char **argv) +static void +check_config_files(void) { krb5_context context; krb5_error_code ret; @@ -119,6 +117,130 @@ main(int argc, char **argv) } krb5_free_context(context); +} +const char *config_string_result0[] = { + "A", "B", "C", "D", NULL +}; + +const char *config_string_result1[] = { + "A", "B", "C D", NULL +}; + +const char *config_string_result2[] = { + "A", "B", "", NULL +}; + +const char *config_string_result3[] = { + "A B;C: D", NULL +}; + +const char *config_string_result4[] = { + "\"\"", "", "\"\"", NULL +}; + +const char *config_string_result5[] = { + "A\"BQd", NULL +}; + +const char *config_string_result6[] = { + "efgh\"", "ABC", NULL +}; + +const char *config_string_result7[] = { + "SnapeKills\\", "Dumbledore", NULL +}; + +const char *config_string_result8[] = { + "\"TownOf Sandwich: Massachusetts\"Oldest", "Town", "In", "Cape Cod", NULL +}; + +const char *config_string_result9[] = { + "\"Begins and\"ends", "In", "One", "String", NULL +}; + +const char *config_string_result10[] = { + "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:", + "1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.", + "2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.", + "3. Neither the name of the Institute nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.", + "THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", + "Why do we test with such long strings? Because some people have config files", + "That", "look", "Like this.", NULL +}; + +const struct { + const char * name; + const char ** expected; +} config_strings_tests[] = { + { "foo", config_string_result0 }, + { "bar", config_string_result1 }, + { "baz", config_string_result2 }, + { "quux", config_string_result3 }, + { "questionable", config_string_result4 }, + { "mismatch1", config_string_result5 }, + { "mismatch2", config_string_result6 }, + { "internal1", config_string_result7 }, + { "internal2", config_string_result8 }, + { "internal3", config_string_result9 }, + { "longer_strings", config_string_result10 } +}; + +static void +check_escaped_strings(void) +{ + krb5_context context; + krb5_config_section *c = NULL; + krb5_error_code ret; + int i; + + ret = krb5_init_context(&context); + if (ret) + errx(1, "krb5_init_context %d", ret); + + ret = krb5_config_parse_file(context, "test_config_strings.out", &c); + if (ret) + krb5_errx(context, 1, "krb5_config_parse_file()"); + + for (i=0; i < sizeof(config_strings_tests)/sizeof(config_strings_tests[0]); i++) { + char **ps; + const char **s; + const char **e; + + ps = krb5_config_get_strings(context, c, "escapes", config_strings_tests[i].name, + NULL); + if (ps == NULL) + errx(1, "Failed to read string value %s", config_strings_tests[i].name); + + e = config_strings_tests[i].expected; + + for (s = (const char **)ps; *s && *e; s++, e++) { + if (strcmp(*s, *e)) + errx(1, + "Unexpected configuration string at value [%s].\n" + "Actual=[%s]\n" + "Expected=[%s]\n", + config_strings_tests[i].name, *s, *e); + } + + if (*s || *e) + errx(1, "Configuation string list for value [%s] has incorrect length.", + config_strings_tests[i].name); + + krb5_config_free_strings(ps); + } + + ret = krb5_config_file_free(context, c); + if (ret) + krb5_errx(context, 1, "krb5_config_file_free()"); + + krb5_free_context(context); +} + +int +main(int argc, char **argv) +{ + check_config_files(); + check_escaped_strings(); return 0; } diff --git a/lib/krb5/test_config_strings.cfg b/lib/krb5/test_config_strings.cfg new file mode 100644 index 000000000000..c62201b13363 --- /dev/null +++ b/lib/krb5/test_config_strings.cfg @@ -0,0 +1,12 @@ +[escapes] + foo = A B C D + bar = A B "C D" + baz = A B "" + quux = "A B;C: D" + questionable="""" "" """" + mismatch1 = A"BQd + mismatch2 = efgh" ABC + internal1 = "SnapeKills\" "Dumbledore" + internal2 = "TownOf Sandwich: Massachusetts"Oldest Town In "Cape Cod" + internal3 = "Begins and"ends In One String + longer_strings = "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:" "1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer." "2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution." "3. Neither the name of the Institute nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission." "THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." "Why do we test with such long strings? Because some people have config files" That look "Like this." diff --git a/lib/krb5/test_crypto.c b/lib/krb5/test_crypto.c index 0837911f26aa..972af0c5f47b 100644 --- a/lib/krb5/test_crypto.c +++ b/lib/krb5/test_crypto.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,8 +34,6 @@ #include #include -RCSID("$Id: test_crypto.c 16290 2005-11-24 09:57:50Z lha $"); - static void time_encryption(krb5_context context, size_t size, krb5_enctype etype, int iterations) @@ -79,7 +77,7 @@ time_encryption(krb5_context context, size_t size, timevalsub(&tv2, &tv1); - printf("%s size: %7lu iterations: %d time: %3ld.%06ld\n", + printf("%s size: %7lu iterations: %d time: %3ld.%06ld\n", etype_name, (unsigned long)size, iterations, (long)tv2.tv_sec, (long)tv2.tv_usec); @@ -91,7 +89,7 @@ time_encryption(krb5_context context, size_t size, static void time_s2k(krb5_context context, - krb5_enctype etype, + krb5_enctype etype, const char *password, krb5_salt salt, int iterations) @@ -124,7 +122,7 @@ time_s2k(krb5_context context, timevalsub(&tv2, &tv1); - printf("%s string2key %d iterations time: %3ld.%06ld\n", + printf("%s string2key %d iterations time: %3ld.%06ld\n", etype_name, iterations, (long)tv2.tv_sec, (long)tv2.tv_usec); free(etype_name); @@ -159,7 +157,7 @@ main(int argc, char **argv) int optidx = 0; krb5_salt salt; - krb5_enctype enctypes[] = { + krb5_enctype enctypes[] = { ETYPE_DES_CBC_CRC, ETYPE_DES3_CBC_SHA1, ETYPE_ARCFOUR_HMAC_MD5, @@ -171,7 +169,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -180,9 +178,6 @@ main(int argc, char **argv) exit(0); } - argc -= optidx; - argv += optidx; - salt.salttype = KRB5_PW_SALT; salt.saltvalue.data = NULL; salt.saltvalue.length = 0; @@ -196,6 +191,8 @@ main(int argc, char **argv) for (i = 0; i < sizeof(enctypes)/sizeof(enctypes[0]); i++) { + krb5_enctype_enable(context, enctypes[i]); + time_encryption(context, 16, enctypes[i], enciter); time_encryption(context, 32, enctypes[i], enciter); time_encryption(context, 512, enctypes[i], enciter); diff --git a/lib/krb5/test_crypto_wrapping.c b/lib/krb5/test_crypto_wrapping.c index 1618fdf11797..81905a8eadd7 100644 --- a/lib/krb5/test_crypto_wrapping.c +++ b/lib/krb5/test_crypto_wrapping.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,8 +34,6 @@ #include #include -RCSID("$Id: test_crypto_wrapping.c 18809 2006-10-22 07:11:43Z lha $"); - static void test_wrapping(krb5_context context, size_t min_size, @@ -124,10 +122,12 @@ main(int argc, char **argv) krb5_error_code ret; int i, optidx = 0; - krb5_enctype enctypes[] = { + krb5_enctype enctypes[] = { +#ifdef HEIM_WEAK_CRYPTO ETYPE_DES_CBC_CRC, ETYPE_DES_CBC_MD4, ETYPE_DES_CBC_MD5, +#endif ETYPE_DES3_CBC_SHA1, ETYPE_ARCFOUR_HMAC_MD5, ETYPE_AES128_CTS_HMAC_SHA1_96, @@ -138,7 +138,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -155,6 +155,8 @@ main(int argc, char **argv) errx (1, "krb5_init_context failed: %d", ret); for (i = 0; i < sizeof(enctypes)/sizeof(enctypes[0]); i++) { + krb5_enctype_enable(context, enctypes[i]); + test_wrapping(context, 0, 1024, 1, enctypes[i]); test_wrapping(context, 1024, 1024 * 100, 1024, enctypes[i]); } diff --git a/lib/krb5/test_forward.c b/lib/krb5/test_forward.c index 163995334ed9..3782e5074f6d 100644 --- a/lib/krb5/test_forward.c +++ b/lib/krb5/test_forward.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,8 +34,6 @@ #include #include -RCSID("$Id$"); - static int version_flag = 0; static int help_flag = 0; @@ -72,7 +70,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -97,11 +95,11 @@ main(int argc, char **argv) ret = krb5_cc_default(context, &id); if (ret) - krb5_err(context, 1, ret, "krb5_cc_default failed: %d", ret); + krb5_err(context, 1, ret, "krb5_cc_default failed"); ret = krb5_auth_con_init(context, &ac); if (ret) - krb5_err(context, 1, ret, "krb5_auth_con_init failed: %d", ret); + krb5_err(context, 1, ret, "krb5_auth_con_init failed"); krb5_auth_con_addflags(context, ac, KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED, NULL); diff --git a/lib/krb5/test_fx.c b/lib/krb5/test_fx.c new file mode 100644 index 000000000000..10aa2aebdc73 --- /dev/null +++ b/lib/krb5/test_fx.c @@ -0,0 +1,210 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "krb5_locl.h" +#include +#include + +struct { + char *p1; + char *pepper1; + krb5_enctype e1; + char *p2; + char *pepper2; + krb5_enctype e2; + krb5_enctype e3; + char *key; + size_t len; +} cf2[] = { + { + "key1", "a", ETYPE_AES128_CTS_HMAC_SHA1_96, + "key2", "b", ETYPE_AES128_CTS_HMAC_SHA1_96, + ETYPE_AES128_CTS_HMAC_SHA1_96, + "\x97\xdf\x97\xe4\xb7\x98\xb2\x9e\xb3\x1e\xd7\x28\x02\x87\xa9\x2a", + 16 + }, + { + "key1", "a", ETYPE_AES256_CTS_HMAC_SHA1_96, + "key2", "b", ETYPE_AES256_CTS_HMAC_SHA1_96, + ETYPE_AES256_CTS_HMAC_SHA1_96, + "\x4d\x6c\xa4\xe6\x29\x78\x5c\x1f\x01\xba\xf5\x5e\x2e\x54\x85\x66" + "\xb9\x61\x7a\xe3\xa9\x68\x68\xc3\x37\xcb\x93\xb5\xe7\x2b\x1c\x7b", + 32 + }, + { + "key1", "a", ETYPE_AES128_CTS_HMAC_SHA1_96, + "key2", "b", ETYPE_AES128_CTS_HMAC_SHA1_96, + ETYPE_AES256_CTS_HMAC_SHA1_96, + "\x97\xdf\x97\xe4\xb7\x98\xb2\x9e\xb3\x1e\xd7\x28\x2\x87\xa9\x2a" + "\x1\x96\xfa\xf2\x44\xf8\x11\x20\xc2\x1c\x51\x17\xb3\xe6\xeb\x98", + 32 + }, + { + "key1", "a", ETYPE_AES256_CTS_HMAC_SHA1_96, + "key2", "b", ETYPE_AES256_CTS_HMAC_SHA1_96, + ETYPE_AES128_CTS_HMAC_SHA1_96, + "\x4d\x6c\xa4\xe6\x29\x78\x5c\x1f\x01\xba\xf5\x5e\x2e\x54\x85\x66", + 16 + }, + { + "key1", "a", ETYPE_AES128_CTS_HMAC_SHA1_96, + "key2", "b", ETYPE_AES256_CTS_HMAC_SHA1_96, + ETYPE_AES256_CTS_HMAC_SHA1_96, + "\x88\xbd\xb2\xa9\xf\x3e\x52\x5a\xb0\x5f\x68\xc5\x43\x9a\x4d\x5e" + "\x9c\x2b\xfd\x2b\x02\x24\xde\x39\xb5\x82\xf4\xbb\x05\xfe\x2\x2e", + 32 + } +}; + + +static void +test_cf2(krb5_context context) +{ + krb5_error_code ret; + krb5_data pw, p1, p2; + krb5_salt salt; + krb5_keyblock k1, k2, k3; + krb5_crypto c1, c2; + unsigned int i; + + for (i = 0; i < sizeof(cf2)/sizeof(cf2[0]); i++) { + pw.data = cf2[i].p1; + pw.length = strlen(cf2[i].p1); + salt.salttype = (krb5_salttype)KRB5_PADATA_PW_SALT; + salt.saltvalue.data = cf2[i].p1; + salt.saltvalue.length = strlen(cf2[i].p1); + + ret = krb5_string_to_key_data_salt(context, + cf2[i].e1, + pw, + salt, + &k1); + if (ret) + krb5_err(context, 1, ret, "krb5_string_to_key_data_salt"); + + ret = krb5_crypto_init(context, &k1, 0, &c1); + if (ret) + krb5_err(context, 1, ret, "krb5_crypto_init"); + + pw.data = cf2[i].p2; + pw.length = strlen(cf2[i].p2); + salt.saltvalue.data = cf2[i].p2; + salt.saltvalue.length = strlen(cf2[i].p2); + + ret = krb5_string_to_key_data_salt(context, + cf2[i].e2, + pw, + salt, + &k2); + if (ret) + krb5_err(context, 1, ret, "krb5_string_to_key_data_salt"); + + ret = krb5_crypto_init(context, &k2, 0, &c2); + if (ret) + krb5_err(context, 1, ret, "krb5_crypto_init"); + + + p1.data = cf2[i].pepper1; + p1.length = strlen(cf2[i].pepper1); + + p2.data = cf2[i].pepper2; + p2.length = strlen(cf2[i].pepper2); + + ret = krb5_crypto_fx_cf2(context, c1, c2, &p1, &p2, cf2[i].e3, &k3); + if (ret) + krb5_err(context, 1, ret, "krb5_crypto_fx_cf2"); + + if (k3.keytype != cf2[i].e3) + krb5_errx(context, 1, "length not right"); + if (k3.keyvalue.length != cf2[i].len || + memcmp(k3.keyvalue.data, cf2[i].key, cf2[i].len) != 0) + krb5_errx(context, 1, "key not same"); + + krb5_crypto_destroy(context, c1); + krb5_crypto_destroy(context, c2); + + krb5_free_keyblock_contents(context, &k1); + krb5_free_keyblock_contents(context, &k2); + krb5_free_keyblock_contents(context, &k3); + } +} + +static int version_flag = 0; +static int help_flag = 0; + +static struct getargs args[] = { + {"version", 0, arg_flag, &version_flag, + "print version", NULL }, + {"help", 0, arg_flag, &help_flag, + NULL, NULL } +}; + +static void +usage (int ret) +{ + arg_printusage (args, + sizeof(args)/sizeof(*args), + NULL, + ""); + exit (ret); +} + +int +main(int argc, char **argv) +{ + krb5_context context; + krb5_error_code ret; + int optidx = 0; + + setprogname(argv[0]); + + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) + usage(1); + + if (help_flag) + usage (0); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + ret = krb5_init_context(&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + test_cf2(context); + + krb5_free_context(context); + + return 0; +} diff --git a/lib/krb5/test_get_addrs.c b/lib/krb5/test_get_addrs.c index 1d53e0eb8c68..33ca929e6e85 100644 --- a/lib/krb5/test_get_addrs.c +++ b/lib/krb5/test_get_addrs.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,8 +34,6 @@ #include #include -RCSID("$Id: test_get_addrs.c 15474 2005-06-17 04:48:02Z lha $"); - /* print all addresses that we find */ static void @@ -44,7 +42,7 @@ print_addresses (krb5_context context, const krb5_addresses *addrs) int i; char buf[256]; size_t len; - + for (i = 0; i < addrs->len; ++i) { krb5_print_address (&addrs->val[i], buf, sizeof(buf), &len); printf ("%s\n", buf); @@ -83,7 +81,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -92,9 +90,6 @@ main(int argc, char **argv) exit(0); } - argc -= optidx; - argv += optidx; - ret = krb5_init_context(&context); if (ret) errx (1, "krb5_init_context failed: %d", ret); diff --git a/lib/krb5/test_gic.c b/lib/krb5/test_gic.c new file mode 100644 index 000000000000..f22a6930fcff --- /dev/null +++ b/lib/krb5/test_gic.c @@ -0,0 +1,148 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "krb5_locl.h" +#include +#include + +static char *password_str; + +static krb5_error_code +lr_proc(krb5_context context, krb5_last_req_entry **e, void *ctx) +{ + while (e && *e) { + printf("e type: %d value: %d\n", (*e)->lr_type, (int)(*e)->value); + e++; + } + return 0; +} + +static void +test_get_init_creds(krb5_context context, + krb5_principal client) +{ + krb5_error_code ret; + krb5_get_init_creds_opt *opt; + krb5_creds cred; + + ret = krb5_get_init_creds_opt_alloc(context, &opt); + if (ret) + krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc"); + + + ret = krb5_get_init_creds_opt_set_process_last_req(context, + opt, + lr_proc, + NULL); + if (ret) + krb5_err(context, 1, ret, + "krb5_get_init_creds_opt_set_process_last_req"); + + ret = krb5_get_init_creds_password(context, + &cred, + client, + password_str, + krb5_prompter_posix, + NULL, + 0, + NULL, + opt); + if (ret) + krb5_err(context, 1, ret, "krb5_get_init_creds_password"); + + krb5_get_init_creds_opt_free(context, opt); +} + +static char *client_str = NULL; +static int debug_flag = 0; +static int version_flag = 0; +static int help_flag = 0; + +static struct getargs args[] = { + {"client", 0, arg_string, &client_str, + "client principal to use", NULL }, + {"password",0, arg_string, &password_str, + "password", NULL }, + {"debug", 'd', arg_flag, &debug_flag, + "turn on debuggin", NULL }, + {"version", 0, arg_flag, &version_flag, + "print version", NULL }, + {"help", 0, arg_flag, &help_flag, + NULL, NULL } +}; + +static void +usage (int ret) +{ + arg_printusage (args, sizeof(args)/sizeof(*args), NULL, "hostname ..."); + exit (ret); +} + + +int +main(int argc, char **argv) +{ + krb5_context context; + krb5_error_code ret; + int optidx = 0, errors = 0; + krb5_principal client; + + setprogname(argv[0]); + + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) + usage(1); + + if (help_flag) + usage (0); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + if(client_str == NULL) + errx(1, "client is not set"); + + ret = krb5_init_context(&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + ret = krb5_parse_name(context, client_str, &client); + if (ret) + krb5_err(context, 1, ret, "krb5_parse_name: %d", ret); + + test_get_init_creds(context, client); + + krb5_free_context(context); + + return errors; +} diff --git a/lib/krb5/test_hostname.c b/lib/krb5/test_hostname.c index 095cb391633e..fbdb5c9c322a 100644 --- a/lib/krb5/test_hostname.c +++ b/lib/krb5/test_hostname.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,8 +34,6 @@ #include #include -RCSID("$Id: test_hostname.c 15965 2005-08-23 20:18:55Z lha $"); - static int debug_flag = 0; static int version_flag = 0; static int help_flag = 0; @@ -122,7 +120,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); diff --git a/lib/krb5/test_keytab.c b/lib/krb5/test_keytab.c index 97361cc19a31..134b0f17e693 100644 --- a/lib/krb5/test_keytab.c +++ b/lib/krb5/test_keytab.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,8 +32,7 @@ #include "krb5_locl.h" #include - -RCSID("$Id: test_keytab.c 18809 2006-10-22 07:11:43Z lha $"); +#include /* * Test that removal entry from of empty keytab doesn't corrupts @@ -55,6 +54,10 @@ test_empty_keytab(krb5_context context, const char *keytab) krb5_kt_remove_entry(context, id, &entry); + ret = krb5_kt_have_content(context, id); + if (ret == 0) + krb5_errx(context, 1, "supposed to be empty keytab isn't"); + ret = krb5_kt_close(context, id); if (ret) krb5_err(context, 1, ret, "krb5_kt_close"); @@ -167,23 +170,120 @@ test_memory_keytab(krb5_context context, const char *keytab, const char *keytab2 krb5_free_keyblock_contents(context, &entry3.keyblock); } +static void +perf_add(krb5_context context, krb5_keytab id, int times) +{ +} + +static void +perf_find(krb5_context context, krb5_keytab id, int times) +{ +} + +static void +perf_delete(krb5_context context, krb5_keytab id, int forward, int times) +{ +} + + +static int version_flag = 0; +static int help_flag = 0; +static char *perf_str = NULL; +static int times = 1000; + +static struct getargs args[] = { + {"performance", 0, arg_string, &perf_str, + "test performance for named keytab", "keytab" }, + {"times", 0, arg_integer, ×, + "number of times to run the perforamce test", "number" }, + {"version", 0, arg_flag, &version_flag, + "print version", NULL }, + {"help", 0, arg_flag, &help_flag, + NULL, NULL } +}; + +static void +usage (int ret) +{ + arg_printusage (args, + sizeof(args)/sizeof(*args), + NULL, + ""); + exit (ret); +} + int main(int argc, char **argv) { krb5_context context; krb5_error_code ret; + int optidx = 0; setprogname(argv[0]); + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) + usage(1); + + if (help_flag) + usage (0); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + argc -= optidx; + argv += optidx; + + if (argc != 0) + errx(1, "argc != 0"); + ret = krb5_init_context(&context); if (ret) errx (1, "krb5_init_context failed: %d", ret); - test_empty_keytab(context, "MEMORY:foo"); - test_empty_keytab(context, "FILE:foo"); - test_empty_keytab(context, "KRB4:foo"); + if (perf_str) { + krb5_keytab id; - test_memory_keytab(context, "MEMORY:foo", "MEMORY:foo2"); + ret = krb5_kt_resolve(context, perf_str, &id); + if (ret) + krb5_err(context, 1, ret, "krb5_kt_resolve: %s", perf_str); + + /* add, find, delete on keytab */ + perf_add(context, id, times); + perf_find(context, id, times); + perf_delete(context, id, 0, times); + + /* add and find again on used keytab */ + perf_add(context, id, times); + perf_find(context, id, times); + + ret = krb5_kt_destroy(context, id); + if (ret) + krb5_err(context, 1, ret, "krb5_kt_destroy: %s", perf_str); + + ret = krb5_kt_resolve(context, perf_str, &id); + if (ret) + krb5_err(context, 1, ret, "krb5_kt_resolve: %s", perf_str); + + /* try delete backwards */ +#if 0 + perf_add(context, id, times); + perf_delete(context, id, 1, times); +#endif + + ret = krb5_kt_destroy(context, id); + if (ret) + krb5_err(context, 1, ret, "krb5_kt_destroy"); + + } else { + + test_empty_keytab(context, "MEMORY:foo"); + test_empty_keytab(context, "FILE:foo"); + + test_memory_keytab(context, "MEMORY:foo", "MEMORY:foo2"); + + } krb5_free_context(context); diff --git a/lib/krb5/test_kuserok.c b/lib/krb5/test_kuserok.c index 04a6f210a05e..5beb1b75732f 100644 --- a/lib/krb5/test_kuserok.c +++ b/lib/krb5/test_kuserok.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,8 +34,6 @@ #include #include -RCSID("$Id: test_kuserok.c 15033 2005-04-30 15:15:38Z lha $"); - static int version_flag = 0; static int help_flag = 0; @@ -69,7 +67,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &o)) usage(1); - + if (help_flag) usage (0); @@ -91,7 +89,7 @@ main(int argc, char **argv) ret = krb5_parse_name(context, argv[0], &principal); if (ret) krb5_err(context, 1, ret, "krb5_parse_name"); - + ret = krb5_unparse_name(context, principal, &p); if (ret) krb5_err(context, 1, ret, "krb5_unparse_name"); diff --git a/lib/krb5/test_mem.c b/lib/krb5/test_mem.c index 8989caed7484..3333d0dc6d93 100644 --- a/lib/krb5/test_mem.c +++ b/lib/krb5/test_mem.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -33,8 +33,6 @@ #include "krb5_locl.h" #include -RCSID("$Id: test_mem.c 15931 2005-08-12 13:43:46Z lha $"); - /* * Test run functions, to be used with valgrind to detect memoryleaks. */ @@ -52,11 +50,11 @@ check_log(void) ret = krb5_init_context(&context); if (ret) errx (1, "krb5_init_context failed: %d", ret); - + krb5_initlog(context, "test-mem", &logfacility); krb5_addlog_dest(context, logfacility, "0/STDERR:"); krb5_set_warn_dest(context, logfacility); - + krb5_free_context(context); } } diff --git a/lib/krb5/test_pac.c b/lib/krb5/test_pac.c index a22fe3a8c6c5..983294ecf90c 100644 --- a/lib/krb5/test_pac.c +++ b/lib/krb5/test_pac.c @@ -1,58 +1,56 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: test_pac.c 21934 2007-08-27 14:21:04Z lha $"); - /* * This PAC and keys are copied (with permission) from Samba torture * regression test suite, they where created by Andrew Bartlet. */ static const unsigned char saved_pac[] = { - 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xd8, 0x01, 0x00, 0x00, + 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xd8, 0x01, 0x00, 0x00, 0x48, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x20, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x40, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x58, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x10, 0x08, 0x00, 0xcc, 0xcc, 0xcc, 0xcc, - 0xc8, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x30, 0xdf, 0xa6, 0xcb, - 0x4f, 0x7d, 0xc5, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, + 0xc8, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x30, 0xdf, 0xa6, 0xcb, + 0x4f, 0x7d, 0xc5, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f, 0xc0, 0x3c, 0x4e, 0x59, 0x62, 0x73, 0xc5, 0x01, 0xc0, 0x3c, 0x4e, 0x59, 0x62, 0x73, 0xc5, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f, 0x16, 0x00, 0x16, 0x00, 0x04, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x0c, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x14, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x02, 0x00, 0x65, 0x00, 0x00, 0x00, + 0x0c, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x14, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x02, 0x00, 0x65, 0x00, 0x00, 0x00, 0xed, 0x03, 0x00, 0x00, 0x04, 0x02, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x1c, 0x00, 0x02, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x16, 0x00, 0x20, 0x00, 0x02, 0x00, 0x16, 0x00, 0x18, 0x00, @@ -95,7 +93,70 @@ static const krb5_keyblock member_keyblock = { }; static time_t authtime = 1120440609; -static const char *user = "w2003final$@WIN2K3.THINKER.LOCAL"; +static const char *user = "w2003final$"; + +/* + * This pac from Christan Krause + */ + +static const unsigned char saved_pac2[] = + "\x05\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\xc8\x01\x00\x00" + "\x58\x00\x00\x00\x00\x00\x00\x00\x0a\x00\x00\x00\x18\x00\x00\x00" + "\x20\x02\x00\x00\x00\x00\x00\x00\x0c\x00\x00\x00\x70\x00\x00\x00" + "\x38\x02\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x14\x00\x00\x00" + "\xa8\x02\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x14\x00\x00\x00" + "\xc0\x02\x00\x00\x00\x00\x00\x00\x01\x10\x08\x00\xcc\xcc\xcc\xcc" + "\xb8\x01\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x7d\xee\x09\x76" + "\xf2\x39\xc9\x01\xff\xff\xff\xff\xff\xff\xff\x7f\xff\xff\xff\xff" + "\xff\xff\xff\x7f\x6d\x49\x38\x62\xf2\x39\xc9\x01\x6d\x09\xa2\x8c" + "\xbb\x3a\xc9\x01\xff\xff\xff\xff\xff\xff\xff\x7f\x0e\x00\x0e\x00" + "\x04\x00\x02\x00\x10\x00\x10\x00\x08\x00\x02\x00\x00\x00\x00\x00" + "\x0c\x00\x02\x00\x00\x00\x00\x00\x10\x00\x02\x00\x00\x00\x00\x00" + "\x14\x00\x02\x00\x00\x00\x00\x00\x18\x00\x02\x00\x02\x01\x00\x00" + "\x52\x04\x00\x00\x01\x02\x00\x00\x03\x00\x00\x00\x1c\x00\x02\x00" + "\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x10\x00\x12\x00\x20\x00\x02\x00\x0e\x00\x10\x00" + "\x24\x00\x02\x00\x28\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x10\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x07\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00" + "\x6f\x00\x70\x00\x65\x00\x6e\x00\x6d\x00\x73\x00\x70\x00\x00\x00" + "\x08\x00\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x6f\x00\x70\x00" + "\x65\x00\x6e\x00\x20\x00\x6d\x00\x73\x00\x70\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00" + "\x60\x04\x00\x00\x07\x00\x00\x00\x01\x02\x00\x00\x07\x00\x00\x00" + "\x5e\x04\x00\x00\x07\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00" + "\x08\x00\x00\x00\x43\x00\x48\x00\x4b\x00\x52\x00\x2d\x00\x41\x00" + "\x44\x00\x53\x00\x08\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00" + "\x4d\x00\x53\x00\x50\x00\x2d\x00\x41\x00\x44\x00\x53\x00\x00\x00" + "\x04\x00\x00\x00\x01\x04\x00\x00\x00\x00\x00\x05\x15\x00\x00\x00" + "\x91\xad\xdc\x4c\x63\xb8\xb5\x48\xd5\x53\xd2\xd1\x00\x00\x00\x00" + "\x00\x66\xeb\x75\xf2\x39\xc9\x01\x0e\x00\x6f\x00\x70\x00\x65\x00" + "\x6e\x00\x6d\x00\x73\x00\x70\x00\x38\x00\x10\x00\x28\x00\x48\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x6f\x00\x70\x00\x65\x00\x6e\x00" + "\x6d\x00\x73\x00\x70\x00\x40\x00\x6d\x00\x73\x00\x70\x00\x2d\x00" + "\x61\x00\x64\x00\x73\x00\x2e\x00\x70\x00\x65\x00\x70\x00\x70\x00" + "\x65\x00\x72\x00\x63\x00\x6f\x00\x6e\x00\x2e\x00\x64\x00\x65\x00" + "\x4d\x00\x53\x00\x50\x00\x2d\x00\x41\x00\x44\x00\x53\x00\x2e\x00" + "\x50\x00\x45\x00\x50\x00\x50\x00\x45\x00\x52\x00\x43\x00\x4f\x00" + "\x4e\x00\x2e\x00\x44\x00\x45\x00\x76\xff\xff\xff\xb3\x56\x15\x29" + "\x37\xc6\x5c\xf7\x97\x35\xfa\xec\x59\xe8\x96\xa0\x00\x00\x00\x00" + "\x76\xff\xff\xff\x50\x71\xa2\xb1\xa3\x64\x82\x5c\xfd\x23\xea\x3b" + "\xb0\x19\x12\xd4\x00\x00\x00\x00"; + + +static const krb5_keyblock member_keyblock2 = { + ETYPE_DES_CBC_MD5, + { 8, "\x9e\x37\x83\x25\x4a\x7f\xf2\xf8" } +}; + +static time_t authtime2 = 1225304188; +static const char *user2 = "openmsp"; + + int main(int argc, char **argv) @@ -104,13 +165,16 @@ main(int argc, char **argv) krb5_context context; krb5_pac pac; krb5_data data; - krb5_principal p; + krb5_principal p, p2; ret = krb5_init_context(&context); if (ret) errx(1, "krb5_init_contex"); - ret = krb5_parse_name(context, user, &p); + krb5_enctype_enable(context, ETYPE_DES_CBC_MD5); + + ret = krb5_parse_name_flags(context, user, + KRB5_PRINCIPAL_PARSE_NO_REALM, &p); if (ret) krb5_err(context, 1, ret, "krb5_parse_name"); @@ -123,7 +187,7 @@ main(int argc, char **argv) if (ret) krb5_err(context, 1, ret, "krb5_pac_verify"); - ret = _krb5_pac_sign(context, pac, authtime, p, + ret = _krb5_pac_sign(context, pac, authtime, p, &member_keyblock, &kdc_keyblock, &data); if (ret) krb5_err(context, 1, ret, "_krb5_pac_sign"); @@ -166,10 +230,10 @@ main(int argc, char **argv) if (list[i] == 1) { if (type_1_length != data.length) - krb5_errx(context, 1, "type 1 have wrong length: %lu", + krb5_errx(context, 1, "type 1 have wrong length: %lu", (unsigned long)data.length); } else - krb5_errx(context, 1, "unknown type %lu", + krb5_errx(context, 1, "unknown type %lu", (unsigned long)list[i]); ret = krb5_pac_add_buffer(context, pac2, list[i], &data); @@ -178,28 +242,50 @@ main(int argc, char **argv) krb5_data_free(&data); } free(list); - - ret = _krb5_pac_sign(context, pac2, authtime, p, + + ret = _krb5_pac_sign(context, pac2, authtime, p, &member_keyblock, &kdc_keyblock, &data); if (ret) krb5_err(context, 1, ret, "_krb5_pac_sign 4"); - + krb5_pac_free(context, pac2); ret = krb5_pac_parse(context, data.data, data.length, &pac2); + krb5_data_free(&data); if (ret) krb5_err(context, 1, ret, "krb5_pac_parse 4"); - + ret = krb5_pac_verify(context, pac2, authtime, p, &member_keyblock, &kdc_keyblock); if (ret) krb5_err(context, 1, ret, "krb5_pac_verify 4"); - + krb5_pac_free(context, pac2); } krb5_pac_free(context, pac); + /* + * check pac from Christian + */ + + ret = krb5_parse_name_flags(context, user2, + KRB5_PRINCIPAL_PARSE_NO_REALM, &p2); + if (ret) + krb5_err(context, 1, ret, "krb5_parse_name"); + + ret = krb5_pac_parse(context, saved_pac2, sizeof(saved_pac2) -1, &pac); + if (ret) + krb5_err(context, 1, ret, "krb5_pac_parse"); + + ret = krb5_pac_verify(context, pac, authtime2, p2, + &member_keyblock2, NULL); + if (ret) + krb5_err(context, 1, ret, "krb5_pac_verify c1"); + + krb5_pac_free(context, pac); + krb5_free_principal(context, p2); + /* * Test empty free */ @@ -256,7 +342,7 @@ main(int argc, char **argv) krb5_data_free(&data); } - ret = _krb5_pac_sign(context, pac, authtime, p, + ret = _krb5_pac_sign(context, pac, authtime, p, &member_keyblock, &kdc_keyblock, &data); if (ret) krb5_err(context, 1, ret, "_krb5_pac_sign"); diff --git a/lib/krb5/test_pkinit_dh2key.c b/lib/krb5/test_pkinit_dh2key.c index e23bef9a9ee0..e18fd174a580 100644 --- a/lib/krb5/test_pkinit_dh2key.c +++ b/lib/krb5/test_pkinit_dh2key.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,11 +34,9 @@ #include #include -RCSID("$Id: test_pkinit_dh2key.c 18809 2006-10-22 07:11:43Z lha $"); - static void test_dh2key(int i, - krb5_context context, + krb5_context context, const heim_octet_string *dh, const heim_octet_string *c_n, const heim_octet_string *k_n, @@ -191,7 +189,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -208,7 +206,7 @@ main(int argc, char **argv) errx (1, "krb5_init_context failed: %d", ret); for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { - test_dh2key(i, context, &tests[i].X, NULL, NULL, + test_dh2key(i, context, &tests[i].X, NULL, NULL, tests[i].type, &tests[i].key); } diff --git a/lib/krb5/test_pknistkdf.c b/lib/krb5/test_pknistkdf.c new file mode 100644 index 000000000000..ca78e3c04d34 --- /dev/null +++ b/lib/krb5/test_pknistkdf.c @@ -0,0 +1,365 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "krb5_locl.h" +#include +#include +#include +#include + +static int verbose_flag = 0; + +struct testcase { + const heim_oid *oid; + krb5_data Z; + const char *client; + const char *server; + krb5_enctype enctype; + krb5_data as_req; + krb5_data pk_as_rep; + krb5_data ticket; + + krb5_data key; +} tests[] = { + /* 0 */ + { + NULL, /* AlgorithmIdentifier */ + { /* Z */ + 256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + }, + "lha@SU.SE", /* client, partyUInfo */ + "krbtgt/SU.SE@SU.SE", /* server, partyVInfo */ + ETYPE_AES256_CTS_HMAC_SHA1_96, /* enctype */ + { /* as_req */ + 10, + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + }, + { /* pk_as_rep */ + 9, + "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB" + }, + { /* ticket */ + 55, + "\x61\x35\x30\x33\xa0\x03\x02\x01\x05\xa1\x07\x1b\x05\x53\x55\x2e" + "\x53\x45\xa2\x10\x30\x0e\xa0\x03\x02\x01\x01\xa1\x07\x30\x05\x1b" + "\x03\x6c\x68\x61\xa3\x11\x30\x0f\xa0\x03\x02\x01\x12\xa2\x08\x04" + "\x06\x68\x65\x6a\x68\x65\x6a" + }, + { /* key */ + 32, + "\xc7\x62\x89\xec\x4b\x28\xa6\x91\xff\xce\x80\xbb\xb7\xec\x82\x41" + "\x52\x3f\x99\xb1\x90\xcf\x2d\x34\x8f\x54\xa8\x65\x81\x2c\x32\x73" + } + }, + /* 1 */ + { + NULL, /* AlgorithmIdentifier */ + { /* Z */ + 256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + }, + "lha@SU.SE", /* client, partyUInfo */ + "krbtgt/SU.SE@SU.SE", /* server, partyVInfo */ + ETYPE_AES256_CTS_HMAC_SHA1_96, /* enctype */ + { /* as_req */ + 10, + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + }, + { /* pk_as_rep */ + 9, + "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB" + }, + { /* ticket */ + 55, + "\x61\x35\x30\x33\xa0\x03\x02\x01\x05\xa1\x07\x1b\x05\x53\x55\x2e" + "\x53\x45\xa2\x10\x30\x0e\xa0\x03\x02\x01\x01\xa1\x07\x30\x05\x1b" + "\x03\x6c\x68\x61\xa3\x11\x30\x0f\xa0\x03\x02\x01\x12\xa2\x08\x04" + "\x06\x68\x65\x6a\x68\x65\x6a" + }, + { /* key */ + 32, + "\x59\xf3\xca\x77\x5b\x20\x17\xe9\xad\x36\x3f\x47\xca\xbd\x43\xb8" + "\x8c\xb8\x90\x35\x8d\xc6\x0d\x52\x0d\x11\x9f\xb0\xdc\x24\x0b\x61" + } + }, + /* 2 */ + { + NULL, /* AlgorithmIdentifier */ + { /* Z */ + 256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + }, + "lha@SU.SE", /* client, partyUInfo */ + "krbtgt/SU.SE@SU.SE", /* server, partyVInfo */ + ETYPE_AES256_CTS_HMAC_SHA1_96, /* enctype */ + { /* as_req */ + 10, + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + }, + { /* pk_as_rep */ + 9, + "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB" + }, + { /* ticket */ + 55, + "\x61\x35\x30\x33\xa0\x03\x02\x01\x05\xa1\x07\x1b\x05\x53\x55\x2e" + "\x53\x45\xa2\x10\x30\x0e\xa0\x03\x02\x01\x01\xa1\x07\x30\x05\x1b" + "\x03\x6c\x68\x61\xa3\x11\x30\x0f\xa0\x03\x02\x01\x12\xa2\x08\x04" + "\x06\x68\x65\x6a\x68\x65\x6a" + }, + { /* key */ + 32, + "\x8a\x9a\xc5\x5f\x45\xda\x1a\x73\xd9\x1e\xe9\x88\x1f\xa9\x48\x81" + "\xce\xac\x66\x2d\xb1\xd3\xb9\x0a\x9d\x0e\x52\x83\xdf\xe1\x84\x3d" + } + } +}; + +#ifdef MAKETICKET +static void +fooTicket(void) +{ + krb5_error_code ret; + krb5_data data; + size_t size; + Ticket t; + + t.tkt_vno = 5; + t.realm = "SU.SE"; + t.sname.name_type = KRB5_NT_PRINCIPAL; + t.sname.name_string.len = 1; + t.sname.name_string.val = ecalloc(1, sizeof(t.sname.name_string.val[0])); + t.sname.name_string.val[0] = estrdup("lha"); + t.enc_part.etype = ETYPE_AES256_CTS_HMAC_SHA1_96; + t.enc_part.kvno = NULL; + t.enc_part.cipher.length = 6; + t.enc_part.cipher.data = "hejhej"; + + ASN1_MALLOC_ENCODE(Ticket, data.data, data.length, &t, &size, ret); + if (ret) + errx(1, "ASN1_MALLOC_ENCODE(Ticket)"); + + rk_dumpdata("foo", data.data, data.length); + free(data.data); +} +#endif + +static void +test_dh2key(krb5_context context, int i, struct testcase *c) +{ + krb5_error_code ret; + krb5_keyblock key; + krb5_principal client, server; + Ticket ticket; + AlgorithmIdentifier ai; + size_t size; + + memset(&ticket, 0, sizeof(&ticket)); + + ai.algorithm = *c->oid; + ai.parameters = NULL; + + ret = decode_Ticket(c->ticket.data, c->ticket.length, &ticket, &size); + if (ret) + krb5_errx(context, 1, "decode ticket: %d", ret); + + ret = krb5_parse_name(context, c->client, &client); + if (ret) + krb5_err(context, 1, ret, "parse_name: %s", c->client); + ret = krb5_parse_name(context, c->server, &server); + if (ret) + krb5_err(context, 1, ret, "parse_name: %s", c->server); + + if (verbose_flag) { + char *str; + hex_encode(c->Z.data, c->Z.length, &str); + printf("Z: %s\n", str); + free(str); + printf("client: %s\n", c->client); + printf("server: %s\n", c->server); + printf("enctype: %d\n", (int)c->enctype); + hex_encode(c->as_req.data, c->as_req.length, &str); + printf("as-req: %s\n", str); + free(str); + hex_encode(c->pk_as_rep.data, c->pk_as_rep.length, &str); + printf("pk-as-rep: %s\n", str); + free(str); + hex_encode(c->ticket.data, c->ticket.length, &str); + printf("ticket: %s\n", str); + free(str); + } + + ret = _krb5_pk_kdf(context, + &ai, + c->Z.data, + c->Z.length, + client, + server, + c->enctype, + &c->as_req, + &c->pk_as_rep, + &ticket, + &key); + krb5_free_principal(context, client); + krb5_free_principal(context, server); + if (ret) + krb5_err(context, 1, ret, "_krb5_pk_kdf: %d", i); + + if (verbose_flag) { + char *str; + hex_encode(key.keyvalue.data, key.keyvalue.length, &str); + printf("key: %s\n", str); + free(str); + } + + if (key.keyvalue.length != c->key.length || + memcmp(key.keyvalue.data, c->key.data, c->key.length) != 0) + krb5_errx(context, 1, "resulting key wrong: %d", i); + + krb5_free_keyblock_contents(context, &key); + free_Ticket(&ticket); +} + + + + +static int version_flag = 0; +static int help_flag = 0; + +static struct getargs args[] = { + {"verbose", 0, arg_flag, &verbose_flag, + "verbose output", NULL }, + {"version", 0, arg_flag, &version_flag, + "print version", NULL }, + {"help", 0, arg_flag, &help_flag, + NULL, NULL } +}; + +static void +usage (int ret) +{ + arg_printusage (args, + sizeof(args)/sizeof(*args), + NULL, + ""); + exit (ret); +} + + +int +main(int argc, char **argv) +{ + krb5_context context; + krb5_error_code ret; + int i, optidx = 0; + + setprogname(argv[0]); + + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) + usage(1); + + if (help_flag) + usage (0); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + argc -= optidx; + argv += optidx; + +#ifdef MAKETICKET + fooTicket(); +#endif + + ret = krb5_init_context(&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + tests[0].oid = &asn1_oid_id_pkinit_kdf_ah_sha1; + tests[1].oid = &asn1_oid_id_pkinit_kdf_ah_sha256; + tests[2].oid = &asn1_oid_id_pkinit_kdf_ah_sha512; + + for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) + test_dh2key(context, i, &tests[i]); + + krb5_free_context(context); + + return 0; +} diff --git a/lib/krb5/test_plugin.c b/lib/krb5/test_plugin.c index 18e9fcd28674..4235442b999e 100644 --- a/lib/krb5/test_plugin.c +++ b/lib/krb5/test_plugin.c @@ -1,38 +1,37 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include -RCSID("$Id: test_plugin.c 22024 2007-11-03 21:36:55Z lha $"); #include "locate_plugin.h" static krb5_error_code @@ -52,7 +51,7 @@ resolve_lookup(void *ctx, enum locate_service_type service, const char *realm, int domain, - int type, + int type, int (*add)(void *,int,struct sockaddr *), void *addctx) { @@ -97,7 +96,8 @@ main(int argc, char **argv) if (ret) errx(1, "krb5_init_contex"); - ret = krb5_plugin_register(context, PLUGIN_TYPE_DATA, "resolve", &resolve); + ret = krb5_plugin_register(context, PLUGIN_TYPE_DATA, + KRB5_PLUGIN_LOCATE, &resolve); if (ret) krb5_err(context, 1, ret, "krb5_plugin_register"); @@ -110,7 +110,7 @@ main(int argc, char **argv) if (ret) krb5_err(context, 1, ret, "krb5_krbhst_init_flags"); - + while(krb5_krbhst_next_as_string(context, handle, host, sizeof(host)) == 0){ found++; if (strcmp(host, "127.0.0.2") != 0) diff --git a/lib/krb5/test_prf.c b/lib/krb5/test_prf.c index 94fb67dffaee..26ba2a6ef49a 100644 --- a/lib/krb5/test_prf.c +++ b/lib/krb5/test_prf.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -33,8 +33,6 @@ #include "krb5_locl.h" -RCSID("$Id: test_prf.c 20843 2007-06-03 14:23:20Z lha $"); - #include #include @@ -42,7 +40,7 @@ RCSID("$Id: test_prf.c 20843 2007-06-03 14:23:20Z lha $"); * key: string2key(aes256, "testkey", "testkey", default_params) * input: unhex(1122334455667788) * output: 58b594b8a61df6e9439b7baa991ff5c1 - * + * * key: string2key(aes128, "testkey", "testkey", default_params) * input: unhex(1122334455667788) * output: ffa2f823aa7f83a8ce3c5fb730587129 @@ -93,7 +91,7 @@ main(int argc, char **argv) krb5_data_free(&output2); krb5_crypto_destroy(context, crypto); - + krb5_free_keyblock_contents(context, &key); krb5_free_context(context); diff --git a/lib/krb5/test_princ.c b/lib/krb5/test_princ.c index d1036c1b3b44..98e61e3d8bf8 100644 --- a/lib/krb5/test_princ.c +++ b/lib/krb5/test_princ.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -33,8 +33,6 @@ #include "krb5_locl.h" #include -RCSID("$Id: test_princ.c 22071 2007-11-14 20:04:50Z lha $"); - /* * Check that a closed cc still keeps it data and that it's no longer * there when it's destroyed. @@ -67,7 +65,7 @@ test_princ(krb5_context context) free(princ_unparsed); - ret = krb5_unparse_name_flags(context, p, + ret = krb5_unparse_name_flags(context, p, KRB5_PRINCIPAL_UNPARSE_NO_REALM, &princ_unparsed); if (ret) @@ -76,10 +74,11 @@ test_princ(krb5_context context) if (strcmp(princ_short, princ_unparsed)) krb5_errx(context, 1, "%s != %s", princ_short, princ_unparsed); free(princ_unparsed); - + realm = krb5_principal_get_realm(context, p); - asprintf(&princ_reformed, "%s@%s", princ_short, realm); + if (asprintf(&princ_reformed, "%s@%s", princ_short, realm) < 0 || princ_reformed == NULL) + errx(1, "malloc"); ret = krb5_parse_name(context, princ_reformed, &p2); free(princ_reformed); @@ -88,7 +87,7 @@ test_princ(krb5_context context) if (!krb5_principal_compare(context, p, p2)) { krb5_errx(context, 1, "p != p2"); - } + } krb5_free_principal(context, p2); @@ -96,7 +95,7 @@ test_princ(krb5_context context) if (ret) krb5_err(context, 1, ret, "krb5_parse_name"); - ret = krb5_unparse_name_flags(context, p, + ret = krb5_unparse_name_flags(context, p, KRB5_PRINCIPAL_UNPARSE_SHORT, &princ_unparsed); if (ret) @@ -181,20 +180,20 @@ test_princ(krb5_context context) krb5_errx(context, 1, "'%s' != '%s'", princ, princ_unparsed); free(princ_unparsed); - ret = krb5_parse_name_flags(context, princ, + ret = krb5_parse_name_flags(context, princ, KRB5_PRINCIPAL_PARSE_NO_REALM, &p2); if (!ret) krb5_err(context, 1, ret, "Should have failed to parse %s a " "short name", princ); - ret = krb5_parse_name_flags(context, princ_short, + ret = krb5_parse_name_flags(context, princ_short, KRB5_PRINCIPAL_PARSE_NO_REALM, &p2); if (ret) krb5_err(context, 1, ret, "krb5_parse_name"); - ret = krb5_unparse_name_flags(context, p2, + ret = krb5_unparse_name_flags(context, p2, KRB5_PRINCIPAL_UNPARSE_NO_REALM, &princ_unparsed); krb5_free_principal(context, p2); @@ -205,23 +204,23 @@ test_princ(krb5_context context) krb5_errx(context, 1, "'%s' != '%s'", princ_short, princ_unparsed); free(princ_unparsed); - ret = krb5_parse_name_flags(context, princ_short, - KRB5_PRINCIPAL_PARSE_MUST_REALM, + ret = krb5_parse_name_flags(context, princ_short, + KRB5_PRINCIPAL_PARSE_REQUIRE_REALM, &p2); if (!ret) krb5_err(context, 1, ret, "Should have failed to parse %s " "because it lacked a realm", princ_short); ret = krb5_parse_name_flags(context, princ, - KRB5_PRINCIPAL_PARSE_MUST_REALM, + KRB5_PRINCIPAL_PARSE_REQUIRE_REALM, &p2); if (ret) krb5_err(context, 1, ret, "krb5_parse_name"); - + if (!krb5_principal_compare(context, p, p2)) krb5_errx(context, 1, "p != p2"); - ret = krb5_unparse_name_flags(context, p2, + ret = krb5_unparse_name_flags(context, p2, KRB5_PRINCIPAL_UNPARSE_NO_REALM, &princ_unparsed); krb5_free_principal(context, p2); @@ -274,7 +273,7 @@ test_enterprise(krb5_context context) if (ret) krb5_err(context, 1, ret, "krb5_parse_name"); - ret = krb5_parse_name_flags(context, "lha@su.se@WIN.SU.SE", + ret = krb5_parse_name_flags(context, "lha@su.se@WIN.SU.SE", KRB5_PRINCIPAL_PARSE_ENTERPRISE, &p); if (ret) krb5_err(context, 1, ret, "krb5_parse_name_flags"); @@ -293,7 +292,7 @@ test_enterprise(krb5_context context) * */ - ret = krb5_parse_name_flags(context, "lha\\@su.se@WIN.SU.SE", + ret = krb5_parse_name_flags(context, "lha\\@su.se@WIN.SU.SE", KRB5_PRINCIPAL_PARSE_ENTERPRISE, &p); if (ret) krb5_err(context, 1, ret, "krb5_parse_name_flags"); @@ -328,7 +327,7 @@ test_enterprise(krb5_context context) * */ - ret = krb5_parse_name_flags(context, "lha@su.se", + ret = krb5_parse_name_flags(context, "lha@su.se", KRB5_PRINCIPAL_PARSE_ENTERPRISE, &p); if (ret) krb5_err(context, 1, ret, "krb5_parse_name_flags"); diff --git a/lib/krb5/test_renew.c b/lib/krb5/test_renew.c index 5fa2de1b9fa0..40d373917aba 100644 --- a/lib/krb5/test_renew.c +++ b/lib/krb5/test_renew.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -35,9 +35,6 @@ #include #include -RCSID("$Id$"); - - static int version_flag = 0; static int help_flag = 0; @@ -66,14 +63,14 @@ main(int argc, char **argv) const char *in_tkt_service = NULL; krb5_ccache id; krb5_error_code ret; - krb5_creds out;; + krb5_creds out; int optidx = 0; setprogname(argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -109,7 +106,7 @@ main(int argc, char **argv) in_tkt_service); if(ret) - krb5_err(context, 1, ret, "krb5_get_kdc_cred"); + krb5_err(context, 1, ret, "krb5_get_renewed_creds"); if (krb5_principal_compare(context, out.client, client) != TRUE) krb5_errx(context, 1, "return principal is not as expected"); diff --git a/lib/krb5/test_rfc3961.c b/lib/krb5/test_rfc3961.c new file mode 100644 index 000000000000..972af0c5f47b --- /dev/null +++ b/lib/krb5/test_rfc3961.c @@ -0,0 +1,212 @@ +/* + * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "krb5_locl.h" +#include +#include + +static void +time_encryption(krb5_context context, size_t size, + krb5_enctype etype, int iterations) +{ + struct timeval tv1, tv2; + krb5_error_code ret; + krb5_keyblock key; + krb5_crypto crypto; + krb5_data data; + char *etype_name; + void *buf; + int i; + + ret = krb5_generate_random_keyblock(context, etype, &key); + if (ret) + krb5_err(context, 1, ret, "krb5_generate_random_keyblock"); + + ret = krb5_enctype_to_string(context, etype, &etype_name); + if (ret) + krb5_err(context, 1, ret, "krb5_enctype_to_string"); + + buf = malloc(size); + if (buf == NULL) + krb5_errx(context, 1, "out of memory"); + memset(buf, 0, size); + + ret = krb5_crypto_init(context, &key, 0, &crypto); + if (ret) + krb5_err(context, 1, ret, "krb5_crypto_init"); + + gettimeofday(&tv1, NULL); + + for (i = 0; i < iterations; i++) { + ret = krb5_encrypt(context, crypto, 0, buf, size, &data); + if (ret) + krb5_err(context, 1, ret, "encrypt: %d", i); + krb5_data_free(&data); + } + + gettimeofday(&tv2, NULL); + + timevalsub(&tv2, &tv1); + + printf("%s size: %7lu iterations: %d time: %3ld.%06ld\n", + etype_name, (unsigned long)size, iterations, + (long)tv2.tv_sec, (long)tv2.tv_usec); + + free(buf); + free(etype_name); + krb5_crypto_destroy(context, crypto); + krb5_free_keyblock_contents(context, &key); +} + +static void +time_s2k(krb5_context context, + krb5_enctype etype, + const char *password, + krb5_salt salt, + int iterations) +{ + struct timeval tv1, tv2; + krb5_error_code ret; + krb5_keyblock key; + krb5_data opaque; + char *etype_name; + int i; + + ret = krb5_enctype_to_string(context, etype, &etype_name); + if (ret) + krb5_err(context, 1, ret, "krb5_enctype_to_string"); + + opaque.data = NULL; + opaque.length = 0; + + gettimeofday(&tv1, NULL); + + for (i = 0; i < iterations; i++) { + ret = krb5_string_to_key_salt_opaque(context, etype, password, salt, + opaque, &key); + if (ret) + krb5_err(context, 1, ret, "krb5_string_to_key_data_salt_opaque"); + krb5_free_keyblock_contents(context, &key); + } + + gettimeofday(&tv2, NULL); + + timevalsub(&tv2, &tv1); + + printf("%s string2key %d iterations time: %3ld.%06ld\n", + etype_name, iterations, (long)tv2.tv_sec, (long)tv2.tv_usec); + free(etype_name); + +} + +static int version_flag = 0; +static int help_flag = 0; + +static struct getargs args[] = { + {"version", 0, arg_flag, &version_flag, + "print version", NULL }, + {"help", 0, arg_flag, &help_flag, + NULL, NULL } +}; + +static void +usage (int ret) +{ + arg_printusage (args, + sizeof(args)/sizeof(*args), + NULL, + ""); + exit (ret); +} + +int +main(int argc, char **argv) +{ + krb5_context context; + krb5_error_code ret; + int i, enciter, s2kiter; + int optidx = 0; + krb5_salt salt; + + krb5_enctype enctypes[] = { + ETYPE_DES_CBC_CRC, + ETYPE_DES3_CBC_SHA1, + ETYPE_ARCFOUR_HMAC_MD5, + ETYPE_AES128_CTS_HMAC_SHA1_96, + ETYPE_AES256_CTS_HMAC_SHA1_96 + }; + + setprogname(argv[0]); + + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) + usage(1); + + if (help_flag) + usage (0); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + salt.salttype = KRB5_PW_SALT; + salt.saltvalue.data = NULL; + salt.saltvalue.length = 0; + + ret = krb5_init_context(&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + enciter = 1000; + s2kiter = 100; + + for (i = 0; i < sizeof(enctypes)/sizeof(enctypes[0]); i++) { + + krb5_enctype_enable(context, enctypes[i]); + + time_encryption(context, 16, enctypes[i], enciter); + time_encryption(context, 32, enctypes[i], enciter); + time_encryption(context, 512, enctypes[i], enciter); + time_encryption(context, 1024, enctypes[i], enciter); + time_encryption(context, 2048, enctypes[i], enciter); + time_encryption(context, 4096, enctypes[i], enciter); + time_encryption(context, 8192, enctypes[i], enciter); + time_encryption(context, 16384, enctypes[i], enciter); + time_encryption(context, 32768, enctypes[i], enciter); + + time_s2k(context, enctypes[i], "mYsecreitPassword", salt, s2kiter); + } + + krb5_free_context(context); + + return 0; +} diff --git a/lib/krb5/test_store.c b/lib/krb5/test_store.c index 2ce6c8dac363..6b930775c0cc 100644 --- a/lib/krb5/test_store.c +++ b/lib/krb5/test_store.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -33,8 +33,6 @@ #include "krb5_locl.h" #include -RCSID("$Id: test_store.c 20192 2007-02-05 23:21:03Z lha $"); - static void test_int8(krb5_context context, krb5_storage *sp) { @@ -44,6 +42,8 @@ test_int8(krb5_context context, krb5_storage *sp) 0, 1, -1, 128, -127 }, v; + krb5_storage_truncate(sp, 0); + for (i = 0; i < sizeof(val[0])/sizeof(val); i++) { ret = krb5_store_int8(sp, val[i]); @@ -67,6 +67,8 @@ test_int16(krb5_context context, krb5_storage *sp) 0, 1, -1, 32768, -32767 }, v; + krb5_storage_truncate(sp, 0); + for (i = 0; i < sizeof(val[0])/sizeof(val); i++) { ret = krb5_store_int16(sp, val[i]); @@ -90,6 +92,8 @@ test_int32(krb5_context context, krb5_storage *sp) 0, 1, -1, 2147483647, -2147483646 }, v; + krb5_storage_truncate(sp, 0); + for (i = 0; i < sizeof(val[0])/sizeof(val); i++) { ret = krb5_store_int32(sp, val[i]); @@ -113,6 +117,8 @@ test_uint8(krb5_context context, krb5_storage *sp) 0, 1, 255 }, v; + krb5_storage_truncate(sp, 0); + for (i = 0; i < sizeof(val[0])/sizeof(val); i++) { ret = krb5_store_uint8(sp, val[i]); @@ -136,6 +142,8 @@ test_uint16(krb5_context context, krb5_storage *sp) 0, 1, 65535 }, v; + krb5_storage_truncate(sp, 0); + for (i = 0; i < sizeof(val[0])/sizeof(val); i++) { ret = krb5_store_uint16(sp, val[i]); @@ -159,6 +167,8 @@ test_uint32(krb5_context context, krb5_storage *sp) 0, 1, 4294967295UL }, v; + krb5_storage_truncate(sp, 0); + for (i = 0; i < sizeof(val[0])/sizeof(val); i++) { ret = krb5_store_uint32(sp, val[i]); @@ -175,22 +185,54 @@ test_uint32(krb5_context context, krb5_storage *sp) static void -test_storage(krb5_context context) +test_storage(krb5_context context, krb5_storage *sp) { - krb5_storage *sp; - - sp = krb5_storage_emem(); - if (sp == NULL) - krb5_errx(context, 1, "krb5_storage_emem: no mem"); - test_int8(context, sp); test_int16(context, sp); test_int32(context, sp); test_uint8(context, sp); test_uint16(context, sp); test_uint32(context, sp); +} - krb5_storage_free(sp); + +static void +test_truncate(krb5_context context, krb5_storage *sp, int fd) +{ + struct stat sb; + + krb5_store_string(sp, "hej"); + krb5_storage_truncate(sp, 2); + + if (fstat(fd, &sb) != 0) + krb5_err(context, 1, errno, "fstat"); + if (sb.st_size != 2) + krb5_errx(context, 1, "length not 2"); + + krb5_storage_truncate(sp, 1024); + + if (fstat(fd, &sb) != 0) + krb5_err(context, 1, errno, "fstat"); + if (sb.st_size != 1024) + krb5_errx(context, 1, "length not 2"); +} + +static void +check_too_large(krb5_context context, krb5_storage *sp) +{ + uint32_t too_big_sizes[] = { INT_MAX, INT_MAX / 2, INT_MAX / 4, INT_MAX / 8 + 1}; + krb5_error_code ret; + krb5_data data; + size_t n; + + for (n = 0; n < sizeof(too_big_sizes) / sizeof(too_big_sizes); n++) { + krb5_storage_truncate(sp, 0); + krb5_store_uint32(sp, too_big_sizes[n]); + krb5_storage_seek(sp, 0, SEEK_SET); + ret = krb5_ret_data(sp, &data); + if (ret != HEIM_ERR_TOO_BIG) + errx(1, "not too big: %lu", (unsigned long)n); + } } /* @@ -222,13 +264,15 @@ main(int argc, char **argv) { krb5_context context; krb5_error_code ret; - int optidx = 0; + int fd, optidx = 0; + krb5_storage *sp; + const char *fn = "test-store-data"; setprogname(argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -244,7 +288,48 @@ main(int argc, char **argv) if (ret) errx (1, "krb5_init_context failed: %d", ret); - test_storage(context); + /* + * Test encoding/decoding of primotive types on diffrent backends + */ + + sp = krb5_storage_emem(); + if (sp == NULL) + krb5_errx(context, 1, "krb5_storage_emem: no mem"); + + test_storage(context, sp); + check_too_large(context, sp); + krb5_storage_free(sp); + + + fd = open(fn, O_RDWR|O_CREAT|O_TRUNC, 0600); + if (fd < 0) + krb5_err(context, 1, errno, "open(%s)", fn); + + sp = krb5_storage_from_fd(fd); + close(fd); + if (sp == NULL) + krb5_errx(context, 1, "krb5_storage_from_fd: %s no mem", fn); + + test_storage(context, sp); + krb5_storage_free(sp); + unlink(fn); + + /* + * test truncate behavior + */ + + fd = open(fn, O_RDWR|O_CREAT|O_TRUNC, 0600); + if (fd < 0) + krb5_err(context, 1, errno, "open(%s)", fn); + + sp = krb5_storage_from_fd(fd); + if (sp == NULL) + krb5_errx(context, 1, "krb5_storage_from_fd: %s no mem", fn); + + test_truncate(context, sp, fd); + krb5_storage_free(sp); + close(fd); + unlink(fn); krb5_free_context(context); diff --git a/lib/krb5/test_time.c b/lib/krb5/test_time.c index 02a0204477c7..5f6625c90906 100644 --- a/lib/krb5/test_time.c +++ b/lib/krb5/test_time.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -34,8 +34,6 @@ #include "krb5_locl.h" #include -RCSID("$Id: test_time.c 18809 2006-10-22 07:11:43Z lha $"); - static void check_set_time(krb5_context context) { @@ -51,7 +49,7 @@ check_set_time(krb5_context context) ret = krb5_set_real_time(context, tv.tv_sec + diff, tv.tv_usec); if (ret) krb5_err(context, 1, ret, "krb5_us_timeofday"); - + ret = krb5_us_timeofday(context, &sec, &usec); if (ret) krb5_err(context, 1, ret, "krb5_us_timeofday"); diff --git a/lib/krb5/test_x500.c b/lib/krb5/test_x500.c new file mode 100644 index 000000000000..ecad7798e7f2 --- /dev/null +++ b/lib/krb5/test_x500.c @@ -0,0 +1,110 @@ +/* + * Copyright (c) 2011 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "krb5_locl.h" +#include + +/* + * + */ + +static void +check_linear(krb5_context context, + const char *client_realm, + const char *server_realm, + const char *realm, + ...) +{ + unsigned int num_inrealms = 0, num_realms = 0, n; + char **inrealms = NULL; + char **realms = NULL; + krb5_error_code ret; + krb5_data tr; + va_list va; + + krb5_data_zero(&tr); + + va_start(va, realm); + + while (realm) { + inrealms = erealloc(inrealms, (num_inrealms + 2) * sizeof(inrealms[0])); + inrealms[num_inrealms] = rk_UNCONST(realm); + num_inrealms++; + realm = va_arg(va, const char *); + } + if (inrealms) + inrealms[num_inrealms] = NULL; + + ret = krb5_domain_x500_encode(inrealms, num_inrealms, &tr); + if (ret) + krb5_err(context, 1, ret, "krb5_domain_x500_encode"); + + ret = krb5_domain_x500_decode(context, tr, + &realms, &num_realms, + client_realm, server_realm); + if (ret) + krb5_err(context, 1, ret, "krb5_domain_x500_decode"); + + krb5_data_free(&tr); + + if (num_inrealms != num_realms) + errx(1, "num_inrealms != num_realms"); + + for(n = 0; n < num_realms; n++) + free(realms[n]); + free(realms); + + free(inrealms); +} + + +int +main(int argc, char **argv) +{ + krb5_context context; + krb5_error_code ret; + + setprogname(argv[0]); + + ret = krb5_init_context(&context); + if (ret) + errx(1, "krb5_init_context"); + + + check_linear(context, "KTH1.SE", "KTH1.SE", NULL); + check_linear(context, "KTH1.SE", "KTH2.SE", NULL); + check_linear(context, "KTH1.SE", "KTH3.SE", "KTH2.SE", NULL); + check_linear(context, "KTH1.SE", "KTH4.SE", "KTH3.SE", "KTH2.SE", NULL); + check_linear(context, "KTH1.SE", "KTH5.SE", "KTH4.SE", "KTH3.SE", "KTH2.SE", NULL); + + return 0; +} diff --git a/lib/krb5/ticket.c b/lib/krb5/ticket.c index 7eb4d32fad57..4845a93d9446 100644 --- a/lib/krb5/ticket.c +++ b/lib/krb5/ticket.c @@ -1,41 +1,53 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: ticket.c 19544 2006-12-28 20:49:18Z lha $"); +/** + * Free ticket and content + * + * @param context a Kerberos 5 context + * @param ticket ticket to free + * + * @return Returns 0 to indicate success. Otherwise an kerberos et + * error code is returned, see krb5_get_error_message(). + * + * @ingroup krb5 + */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_free_ticket(krb5_context context, krb5_ticket *ticket) { @@ -46,7 +58,20 @@ krb5_free_ticket(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Copy ticket and content + * + * @param context a Kerberos 5 context + * @param from ticket to copy + * @param to new copy of ticket, free with krb5_free_ticket() + * + * @return Returns 0 to indicate success. Otherwise an kerberos et + * error code is returned, see krb5_get_error_message(). + * + * @ingroup krb5 + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_ticket(krb5_context context, const krb5_ticket *from, krb5_ticket **to) @@ -57,7 +82,8 @@ krb5_copy_ticket(krb5_context context, *to = NULL; tmp = malloc(sizeof(*tmp)); if(tmp == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } if((ret = copy_EncTicketPart(&from->ticket, &tmp->ticket))){ @@ -81,7 +107,20 @@ krb5_copy_ticket(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Return client principal in ticket + * + * @param context a Kerberos 5 context + * @param ticket ticket to copy + * @param client client principal, free with krb5_free_principal() + * + * @return Returns 0 to indicate success. Otherwise an kerberos et + * error code is returned, see krb5_get_error_message(). + * + * @ingroup krb5 + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ticket_get_client(krb5_context context, const krb5_ticket *ticket, krb5_principal *client) @@ -89,7 +128,20 @@ krb5_ticket_get_client(krb5_context context, return krb5_copy_principal(context, ticket->client, client); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Return server principal in ticket + * + * @param context a Kerberos 5 context + * @param ticket ticket to copy + * @param server server principal, free with krb5_free_principal() + * + * @return Returns 0 to indicate success. Otherwise an kerberos et + * error code is returned, see krb5_get_error_message(). + * + * @ingroup krb5 + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ticket_get_server(krb5_context context, const krb5_ticket *ticket, krb5_principal *server) @@ -97,16 +149,44 @@ krb5_ticket_get_server(krb5_context context, return krb5_copy_principal(context, ticket->server, server); } -time_t KRB5_LIB_FUNCTION +/** + * Return end time of ticket + * + * @param context a Kerberos 5 context + * @param ticket ticket to copy + * + * @return end time of ticket + * + * @ingroup krb5 + */ + +KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL krb5_ticket_get_endtime(krb5_context context, const krb5_ticket *ticket) { return ticket->ticket.endtime; } +/** + * Get the flags from the Kerberos ticket + * + * @param context Kerberos context + * @param ticket Kerberos ticket + * + * @return ticket flags + * + * @ingroup krb5_ticket + */ +KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL +krb5_ticket_get_flags(krb5_context context, + const krb5_ticket *ticket) +{ + return TicketFlags2int(ticket->ticket.flags); +} + static int find_type_in_ad(krb5_context context, - int type, + int type, krb5_data *data, krb5_boolean *found, krb5_boolean failp, @@ -115,12 +195,14 @@ find_type_in_ad(krb5_context context, int level) { krb5_error_code ret = 0; - int i; + size_t i; if (level > 9) { - krb5_set_error_string(context, "Authorization data nested deeper " - "then %d levels, stop searching", level); ret = ENOENT; /* XXX */ + krb5_set_error_message(context, ret, + N_("Authorization data nested deeper " + "then %d levels, stop searching", ""), + level); goto out; } @@ -133,7 +215,8 @@ find_type_in_ad(krb5_context context, if (!*found && ad->val[i].ad_type == type) { ret = der_copy_octet_string(&ad->val[i].ad_data, data); if (ret) { - krb5_set_error_string(context, "malloc - out of memory"); + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto out; } *found = TRUE; @@ -147,8 +230,10 @@ find_type_in_ad(krb5_context context, &child, NULL); if (ret) { - krb5_set_error_string(context, "Failed to decode " - "IF_RELEVANT with %d", ret); + krb5_set_error_message(context, ret, + N_("Failed to decode " + "IF_RELEVANT with %d", ""), + (int)ret); goto out; } ret = find_type_in_ad(context, type, data, found, FALSE, @@ -167,8 +252,10 @@ find_type_in_ad(krb5_context context, &child, NULL); if (ret) { - krb5_set_error_string(context, "Failed to decode " - "AD_KDCIssued with %d", ret); + krb5_set_error_message(context, ret, + N_("Failed to decode " + "AD_KDCIssued with %d", ""), + ret); goto out; } if (failp) { @@ -176,11 +263,11 @@ find_type_in_ad(krb5_context context, krb5_data buf; size_t len; - ASN1_MALLOC_ENCODE(AuthorizationData, buf.data, buf.length, + ASN1_MALLOC_ENCODE(AuthorizationData, buf.data, buf.length, &child.elements, &len, ret); if (ret) { free_AD_KDCIssued(&child); - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } if(buf.length != len) @@ -194,7 +281,7 @@ find_type_in_ad(krb5_context context, goto out; } if (!valid) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = ENOENT; free_AD_KDCIssued(&child); goto out; @@ -211,17 +298,20 @@ find_type_in_ad(krb5_context context, case KRB5_AUTHDATA_AND_OR: if (!failp) break; - krb5_set_error_string(context, "Authorization data contains " - "AND-OR element that is unknown to the " - "application"); ret = ENOENT; /* XXX */ + krb5_set_error_message(context, ret, + N_("Authorization data contains " + "AND-OR element that is unknown to the " + "application", "")); goto out; default: if (!failp) break; - krb5_set_error_string(context, "Authorization data contains " - "unknown type (%d) ", ad->val[i].ad_type); ret = ENOENT; /* XXX */ + krb5_set_error_message(context, ret, + N_("Authorization data contains " + "unknown type (%d) ", ""), + ad->val[i].ad_type); goto out; } } @@ -235,13 +325,20 @@ find_type_in_ad(krb5_context context, return ret; } -/* - * Extract the authorization data type of `type' from the - * 'ticket'. Store the field in `data'. This function is to use for - * kerberos applications. +/** + * Extract the authorization data type of type from the ticket. Store + * the field in data. This function is to use for kerberos + * applications. + * + * @param context a Kerberos 5 context + * @param ticket Kerberos ticket + * @param type type to fetch + * @param data returned data, free with krb5_data_free() + * + * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ticket_get_authorization_data_type(krb5_context context, krb5_ticket *ticket, int type, @@ -255,7 +352,8 @@ krb5_ticket_get_authorization_data_type(krb5_context context, ad = ticket->ticket.authorization_data; if (ticket->ticket.authorization_data == NULL) { - krb5_set_error_string(context, "Ticket have not authorization data"); + krb5_set_error_message(context, ENOENT, + N_("Ticket have not authorization data", "")); return ENOENT; /* XXX */ } @@ -264,9 +362,489 @@ krb5_ticket_get_authorization_data_type(krb5_context context, if (ret) return ret; if (!found) { - krb5_set_error_string(context, "Ticket have not authorization " - "data of type %d", type); + krb5_set_error_message(context, ENOENT, + N_("Ticket have not " + "authorization data of type %d", ""), + type); return ENOENT; /* XXX */ } return 0; } + +static krb5_error_code +check_server_referral(krb5_context context, + krb5_kdc_rep *rep, + unsigned flags, + krb5_const_principal requested, + krb5_const_principal returned, + krb5_keyblock * key) +{ + krb5_error_code ret; + PA_ServerReferralData ref; + krb5_crypto session; + EncryptedData ed; + size_t len; + krb5_data data; + PA_DATA *pa; + int i = 0, cmp; + + if (rep->kdc_rep.padata == NULL) + goto noreferral; + + pa = krb5_find_padata(rep->kdc_rep.padata->val, + rep->kdc_rep.padata->len, + KRB5_PADATA_SERVER_REFERRAL, &i); + if (pa == NULL) + goto noreferral; + + memset(&ed, 0, sizeof(ed)); + memset(&ref, 0, sizeof(ref)); + + ret = decode_EncryptedData(pa->padata_value.data, + pa->padata_value.length, + &ed, &len); + if (ret) + return ret; + if (len != pa->padata_value.length) { + free_EncryptedData(&ed); + krb5_set_error_message(context, KRB5KRB_AP_ERR_MODIFIED, + N_("Referral EncryptedData wrong for realm %s", + "realm"), requested->realm); + return KRB5KRB_AP_ERR_MODIFIED; + } + + ret = krb5_crypto_init(context, key, 0, &session); + if (ret) { + free_EncryptedData(&ed); + return ret; + } + + ret = krb5_decrypt_EncryptedData(context, session, + KRB5_KU_PA_SERVER_REFERRAL, + &ed, &data); + free_EncryptedData(&ed); + krb5_crypto_destroy(context, session); + if (ret) + return ret; + + ret = decode_PA_ServerReferralData(data.data, data.length, &ref, &len); + if (ret) { + krb5_data_free(&data); + return ret; + } + krb5_data_free(&data); + + if (strcmp(requested->realm, returned->realm) != 0) { + free_PA_ServerReferralData(&ref); + krb5_set_error_message(context, KRB5KRB_AP_ERR_MODIFIED, + N_("server ref realm mismatch, " + "requested realm %s got back %s", ""), + requested->realm, returned->realm); + return KRB5KRB_AP_ERR_MODIFIED; + } + + if (krb5_principal_is_krbtgt(context, returned)) { + const char *realm = returned->name.name_string.val[1]; + + if (ref.referred_realm == NULL + || strcmp(*ref.referred_realm, realm) != 0) + { + free_PA_ServerReferralData(&ref); + krb5_set_error_message(context, KRB5KRB_AP_ERR_MODIFIED, + N_("tgt returned with wrong ref", "")); + return KRB5KRB_AP_ERR_MODIFIED; + } + } else if (krb5_principal_compare(context, returned, requested) == 0) { + free_PA_ServerReferralData(&ref); + krb5_set_error_message(context, KRB5KRB_AP_ERR_MODIFIED, + N_("req princ no same as returned", "")); + return KRB5KRB_AP_ERR_MODIFIED; + } + + if (ref.requested_principal_name) { + cmp = _krb5_principal_compare_PrincipalName(context, + requested, + ref.requested_principal_name); + if (!cmp) { + free_PA_ServerReferralData(&ref); + krb5_set_error_message(context, KRB5KRB_AP_ERR_MODIFIED, + N_("referred principal not same " + "as requested", "")); + return KRB5KRB_AP_ERR_MODIFIED; + } + } else if (flags & EXTRACT_TICKET_AS_REQ) { + free_PA_ServerReferralData(&ref); + krb5_set_error_message(context, KRB5KRB_AP_ERR_MODIFIED, + N_("Requested principal missing on AS-REQ", "")); + return KRB5KRB_AP_ERR_MODIFIED; + } + + free_PA_ServerReferralData(&ref); + + return ret; +noreferral: + /* + * Expect excact match or that we got a krbtgt + */ + if (krb5_principal_compare(context, requested, returned) != TRUE && + (krb5_realm_compare(context, requested, returned) != TRUE && + krb5_principal_is_krbtgt(context, returned) != TRUE)) + { + krb5_set_error_message(context, KRB5KRB_AP_ERR_MODIFIED, + N_("Not same server principal returned " + "as requested", "")); + return KRB5KRB_AP_ERR_MODIFIED; + } + return 0; +} + + +/* + * Verify referral data + */ + + +static krb5_error_code +check_client_referral(krb5_context context, + krb5_kdc_rep *rep, + krb5_const_principal requested, + krb5_const_principal mapped, + krb5_keyblock const * key) +{ + krb5_error_code ret; + PA_ClientCanonicalized canon; + krb5_crypto crypto; + krb5_data data; + PA_DATA *pa; + size_t len; + int i = 0; + + if (rep->kdc_rep.padata == NULL) + goto noreferral; + + pa = krb5_find_padata(rep->kdc_rep.padata->val, + rep->kdc_rep.padata->len, + KRB5_PADATA_CLIENT_CANONICALIZED, &i); + if (pa == NULL) + goto noreferral; + + ret = decode_PA_ClientCanonicalized(pa->padata_value.data, + pa->padata_value.length, + &canon, &len); + if (ret) { + krb5_set_error_message(context, ret, + N_("Failed to decode ClientCanonicalized " + "from realm %s", ""), requested->realm); + return ret; + } + + ASN1_MALLOC_ENCODE(PA_ClientCanonicalizedNames, data.data, data.length, + &canon.names, &len, ret); + if (ret) { + free_PA_ClientCanonicalized(&canon); + return ret; + } + if (data.length != len) + krb5_abortx(context, "internal asn.1 error"); + + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) { + free(data.data); + free_PA_ClientCanonicalized(&canon); + return ret; + } + + ret = krb5_verify_checksum(context, crypto, KRB5_KU_CANONICALIZED_NAMES, + data.data, data.length, + &canon.canon_checksum); + krb5_crypto_destroy(context, crypto); + free(data.data); + if (ret) { + krb5_set_error_message(context, ret, + N_("Failed to verify client canonicalized " + "data from realm %s", ""), + requested->realm); + free_PA_ClientCanonicalized(&canon); + return ret; + } + + if (!_krb5_principal_compare_PrincipalName(context, + requested, + &canon.names.requested_name)) + { + free_PA_ClientCanonicalized(&canon); + krb5_set_error_message(context, KRB5_PRINC_NOMATCH, + N_("Requested name doesn't match" + " in client referral", "")); + return KRB5_PRINC_NOMATCH; + } + if (!_krb5_principal_compare_PrincipalName(context, + mapped, + &canon.names.mapped_name)) + { + free_PA_ClientCanonicalized(&canon); + krb5_set_error_message(context, KRB5_PRINC_NOMATCH, + N_("Mapped name doesn't match" + " in client referral", "")); + return KRB5_PRINC_NOMATCH; + } + + return 0; + +noreferral: + if (krb5_principal_compare(context, requested, mapped) == FALSE) { + krb5_set_error_message(context, KRB5KRB_AP_ERR_MODIFIED, + N_("Not same client principal returned " + "as requested", "")); + return KRB5KRB_AP_ERR_MODIFIED; + } + return 0; +} + + +static krb5_error_code KRB5_CALLCONV +decrypt_tkt (krb5_context context, + krb5_keyblock *key, + krb5_key_usage usage, + krb5_const_pointer decrypt_arg, + krb5_kdc_rep *dec_rep) +{ + krb5_error_code ret; + krb5_data data; + size_t size; + krb5_crypto crypto; + + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) + return ret; + + ret = krb5_decrypt_EncryptedData (context, + crypto, + usage, + &dec_rep->kdc_rep.enc_part, + &data); + krb5_crypto_destroy(context, crypto); + + if (ret) + return ret; + + ret = decode_EncASRepPart(data.data, + data.length, + &dec_rep->enc_part, + &size); + if (ret) + ret = decode_EncTGSRepPart(data.data, + data.length, + &dec_rep->enc_part, + &size); + krb5_data_free (&data); + if (ret) { + krb5_set_error_message(context, ret, + N_("Failed to decode encpart in ticket", "")); + return ret; + } + return 0; +} + +int +_krb5_extract_ticket(krb5_context context, + krb5_kdc_rep *rep, + krb5_creds *creds, + krb5_keyblock *key, + krb5_const_pointer keyseed, + krb5_key_usage key_usage, + krb5_addresses *addrs, + unsigned nonce, + unsigned flags, + krb5_decrypt_proc decrypt_proc, + krb5_const_pointer decryptarg) +{ + krb5_error_code ret; + krb5_principal tmp_principal; + size_t len = 0; + time_t tmp_time; + krb5_timestamp sec_now; + + /* decrypt */ + + if (decrypt_proc == NULL) + decrypt_proc = decrypt_tkt; + + ret = (*decrypt_proc)(context, key, key_usage, decryptarg, rep); + if (ret) + goto out; + + /* save session key */ + + creds->session.keyvalue.length = 0; + creds->session.keyvalue.data = NULL; + creds->session.keytype = rep->enc_part.key.keytype; + ret = krb5_data_copy (&creds->session.keyvalue, + rep->enc_part.key.keyvalue.data, + rep->enc_part.key.keyvalue.length); + if (ret) { + krb5_clear_error_message(context); + goto out; + } + + /* compare client and save */ + ret = _krb5_principalname2krb5_principal (context, + &tmp_principal, + rep->kdc_rep.cname, + rep->kdc_rep.crealm); + if (ret) + goto out; + + /* check client referral and save principal */ + /* anonymous here ? */ + if((flags & EXTRACT_TICKET_ALLOW_CNAME_MISMATCH) == 0) { + ret = check_client_referral(context, rep, + creds->client, + tmp_principal, + &creds->session); + if (ret) { + krb5_free_principal (context, tmp_principal); + goto out; + } + } + krb5_free_principal (context, creds->client); + creds->client = tmp_principal; + + /* check server referral and save principal */ + ret = _krb5_principalname2krb5_principal (context, + &tmp_principal, + rep->kdc_rep.ticket.sname, + rep->kdc_rep.ticket.realm); + if (ret) + goto out; + if((flags & EXTRACT_TICKET_ALLOW_SERVER_MISMATCH) == 0){ + ret = check_server_referral(context, + rep, + flags, + creds->server, + tmp_principal, + &creds->session); + if (ret) { + krb5_free_principal (context, tmp_principal); + goto out; + } + } + krb5_free_principal(context, creds->server); + creds->server = tmp_principal; + + /* verify names */ + if(flags & EXTRACT_TICKET_MATCH_REALM){ + const char *srealm = krb5_principal_get_realm(context, creds->server); + const char *crealm = krb5_principal_get_realm(context, creds->client); + + if (strcmp(rep->enc_part.srealm, srealm) != 0 || + strcmp(rep->enc_part.srealm, crealm) != 0) + { + ret = KRB5KRB_AP_ERR_MODIFIED; + krb5_clear_error_message(context); + goto out; + } + } + + /* compare nonces */ + + if (nonce != (unsigned)rep->enc_part.nonce) { + ret = KRB5KRB_AP_ERR_MODIFIED; + krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); + goto out; + } + + /* set kdc-offset */ + + krb5_timeofday (context, &sec_now); + if (rep->enc_part.flags.initial + && (flags & EXTRACT_TICKET_TIMESYNC) + && context->kdc_sec_offset == 0 + && krb5_config_get_bool (context, NULL, + "libdefaults", + "kdc_timesync", + NULL)) { + context->kdc_sec_offset = rep->enc_part.authtime - sec_now; + krb5_timeofday (context, &sec_now); + } + + /* check all times */ + + if (rep->enc_part.starttime) { + tmp_time = *rep->enc_part.starttime; + } else + tmp_time = rep->enc_part.authtime; + + if (creds->times.starttime == 0 + && abs(tmp_time - sec_now) > context->max_skew) { + ret = KRB5KRB_AP_ERR_SKEW; + krb5_set_error_message (context, ret, + N_("time skew (%d) larger than max (%d)", ""), + abs(tmp_time - sec_now), + (int)context->max_skew); + goto out; + } + + if (creds->times.starttime != 0 + && tmp_time != creds->times.starttime) { + krb5_clear_error_message (context); + ret = KRB5KRB_AP_ERR_MODIFIED; + goto out; + } + + creds->times.starttime = tmp_time; + + if (rep->enc_part.renew_till) { + tmp_time = *rep->enc_part.renew_till; + } else + tmp_time = 0; + + if (creds->times.renew_till != 0 + && tmp_time > creds->times.renew_till) { + krb5_clear_error_message (context); + ret = KRB5KRB_AP_ERR_MODIFIED; + goto out; + } + + creds->times.renew_till = tmp_time; + + creds->times.authtime = rep->enc_part.authtime; + + if (creds->times.endtime != 0 + && rep->enc_part.endtime > creds->times.endtime) { + krb5_clear_error_message (context); + ret = KRB5KRB_AP_ERR_MODIFIED; + goto out; + } + + creds->times.endtime = rep->enc_part.endtime; + + if(rep->enc_part.caddr) + krb5_copy_addresses (context, rep->enc_part.caddr, &creds->addresses); + else if(addrs) + krb5_copy_addresses (context, addrs, &creds->addresses); + else { + creds->addresses.len = 0; + creds->addresses.val = NULL; + } + creds->flags.b = rep->enc_part.flags; + + creds->authdata.len = 0; + creds->authdata.val = NULL; + + /* extract ticket */ + ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length, + &rep->kdc_rep.ticket, &len, ret); + if(ret) + goto out; + if (creds->ticket.length != len) + krb5_abortx(context, "internal error in ASN.1 encoder"); + creds->second_ticket.length = 0; + creds->second_ticket.data = NULL; + + +out: + memset (rep->enc_part.key.keyvalue.data, 0, + rep->enc_part.key.keyvalue.length); + return ret; +} diff --git a/lib/krb5/time.c b/lib/krb5/time.c index 4cd992d48f27..247549ba2372 100644 --- a/lib/krb5/time.c +++ b/lib/krb5/time.c @@ -1,62 +1,77 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: time.c 14308 2004-10-13 17:57:11Z lha $"); - -/* +/** * Set the absolute time that the caller knows the kdc has so the * kerberos library can calculate the relative diffrence beteen the * KDC time and local system time. + * + * @param context Keberos 5 context. + * @param sec The applications new of "now" in seconds + * @param usec The applications new of "now" in micro seconds + + * @return Kerberos 5 error code, see krb5_get_error_message(). + * + * @ingroup krb5 */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_real_time (krb5_context context, krb5_timestamp sec, int32_t usec) { struct timeval tv; - + gettimeofday(&tv, NULL); context->kdc_sec_offset = sec - tv.tv_sec; - context->kdc_usec_offset = usec - tv.tv_usec; - if (context->kdc_usec_offset < 0) { - context->kdc_sec_offset--; - context->kdc_usec_offset += 1000000; - } + /** + * If the caller passes in a negative usec, its assumed to be + * unknown and the function will use the current time usec. + */ + if (usec >= 0) { + context->kdc_usec_offset = usec - tv.tv_usec; + + if (context->kdc_usec_offset < 0) { + context->kdc_sec_offset--; + context->kdc_usec_offset += 1000000; + } + } else + context->kdc_usec_offset = tv.tv_usec; + return 0; } @@ -64,7 +79,7 @@ krb5_set_real_time (krb5_context context, * return ``corrected'' time in `timeret'. */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_timeofday (krb5_context context, krb5_timestamp *timeret) { @@ -76,7 +91,7 @@ krb5_timeofday (krb5_context context, * like gettimeofday but with time correction to the KDC */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_us_timeofday (krb5_context context, krb5_timestamp *sec, int32_t *usec) @@ -90,8 +105,8 @@ krb5_us_timeofday (krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_format_time(krb5_context context, time_t t, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_format_time(krb5_context context, time_t t, char *s, size_t len, krb5_boolean include_time) { struct tm *tm; @@ -105,7 +120,7 @@ krb5_format_time(krb5_context context, time_t t, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_string_to_deltat(const char *string, krb5_deltat *deltat) { if((*deltat = parse_time(string, "s")) == -1) diff --git a/lib/krb5/transited.c b/lib/krb5/transited.c index 9b67ecc04f26..5e21987bca91 100644 --- a/lib/krb5/transited.c +++ b/lib/krb5/transited.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: transited.c 21745 2007-07-31 16:11:25Z lha $"); - /* this is an attempt at one of the most horrible `compression' schemes that has ever been invented; it's so amazingly brain-dead that words can not describe it, and all this just to save a few @@ -57,16 +55,15 @@ free_realms(struct tr_realm *r) r = r->next; free(p->realm); free(p); - } + } } static int make_path(krb5_context context, struct tr_realm *r, const char *from, const char *to) { - const char *p; - struct tr_realm *path = r->next; struct tr_realm *tmp; + const char *p; if(strlen(from) < strlen(to)){ const char *str; @@ -74,71 +71,65 @@ make_path(krb5_context context, struct tr_realm *r, from = to; to = str; } - + if(strcmp(from + strlen(from) - strlen(to), to) == 0){ p = from; while(1){ p = strchr(p, '.'); if(p == NULL) { - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5KDC_ERR_POLICY; } p++; if(strcmp(p, to) == 0) break; tmp = calloc(1, sizeof(*tmp)); - if(tmp == NULL){ - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - tmp->next = path; - path = tmp; - path->realm = strdup(p); - if(path->realm == NULL){ - r->next = path; /* XXX */ - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM;; + if(tmp == NULL) + return krb5_enomem(context); + tmp->next = r->next; + r->next = tmp; + tmp->realm = strdup(p); + if(tmp->realm == NULL){ + r->next = tmp->next; + free(tmp); + return krb5_enomem(context); } } }else if(strncmp(from, to, strlen(to)) == 0){ p = from + strlen(from); while(1){ while(p >= from && *p != '/') p--; - if(p == from) { - r->next = path; /* XXX */ + if(p == from) return KRB5KDC_ERR_POLICY; - } + if(strncmp(to, from, p - from) == 0) break; tmp = calloc(1, sizeof(*tmp)); - if(tmp == NULL){ - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; + if(tmp == NULL) + return krb5_enomem(context); + tmp->next = r->next; + r->next = tmp; + tmp->realm = malloc(p - from + 1); + if(tmp->realm == NULL){ + r->next = tmp->next; + free(tmp); + return krb5_enomem(context); } - tmp->next = path; - path = tmp; - path->realm = malloc(p - from + 1); - if(path->realm == NULL){ - r->next = path; /* XXX */ - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(path->realm, from, p - from); - path->realm[p - from] = '\0'; + memcpy(tmp->realm, from, p - from); + tmp->realm[p - from] = '\0'; p--; } } else { - krb5_clear_error_string (context); + krb5_clear_error_message (context); return KRB5KDC_ERR_POLICY; } - r->next = path; - + return 0; } static int make_paths(krb5_context context, - struct tr_realm *realms, const char *client_realm, + struct tr_realm *realms, const char *client_realm, const char *server_realm) { struct tr_realm *r; @@ -186,8 +177,7 @@ expand_realms(krb5_context context, tmp = realloc(r->realm, len); if(tmp == NULL){ free_realms(realms); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; + return krb5_enomem(context); } r->realm = tmp; strlcat(r->realm, prev_realm, len); @@ -200,8 +190,7 @@ expand_realms(krb5_context context, tmp = malloc(len); if(tmp == NULL){ free_realms(realms); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; + return krb5_enomem(context); } strlcpy(tmp, prev_realm, len); strlcat(tmp, r->realm, len); @@ -285,17 +274,14 @@ decode_realms(krb5_context context, } if(tr[i] == ','){ tmp = malloc(tr + i - start + 1); - if(tmp == NULL){ - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } + if(tmp == NULL) + return krb5_enomem(context); memcpy(tmp, start, tr + i - start); tmp[tr + i - start] = '\0'; r = make_realm(tmp); if(r == NULL){ free_realms(*realms); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; + return krb5_enomem(context); } *realms = append_realm(*realms, r); start = tr + i + 1; @@ -304,32 +290,30 @@ decode_realms(krb5_context context, tmp = malloc(tr + i - start + 1); if(tmp == NULL){ free(*realms); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; + return krb5_enomem(context); } memcpy(tmp, start, tr + i - start); tmp[tr + i - start] = '\0'; r = make_realm(tmp); if(r == NULL){ free_realms(*realms); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; + return krb5_enomem(context); } *realms = append_realm(*realms, r); - + return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_domain_x500_decode(krb5_context context, - krb5_data tr, char ***realms, int *num_realms, + krb5_data tr, char ***realms, unsigned int *num_realms, const char *client_realm, const char *server_realm) { struct tr_realm *r = NULL; struct tr_realm *p, **q; int ret; - + if(tr.length == 0) { *realms = NULL; *num_realms = 0; @@ -340,39 +324,37 @@ krb5_domain_x500_decode(krb5_context context, ret = decode_realms(context, tr.data, tr.length, &r); if(ret) return ret; - + /* apply prefix rule */ ret = expand_realms(context, r, client_realm); if(ret) return ret; - + ret = make_paths(context, r, client_realm, server_realm); if(ret) return ret; - + /* remove empty components and count realms */ - q = &r; *num_realms = 0; - for(p = r; p; ){ - if(p->realm[0] == '\0'){ - free(p->realm); - *q = p->next; - free(p); + for(q = &r; *q; ){ + if((*q)->realm[0] == '\0'){ p = *q; + *q = (*q)->next; + free(p->realm); + free(p); }else{ - q = &p->next; - p = p->next; + q = &(*q)->next; (*num_realms)++; } } - if (*num_realms < 0 || *num_realms + 1 > UINT_MAX/sizeof(**realms)) + if (*num_realms + 1 > UINT_MAX/sizeof(**realms)) return ERANGE; { char **R; R = malloc((*num_realms + 1) * sizeof(*R)); if (R == NULL) - return ENOMEM; + return krb5_enomem(context); *realms = R; while(r){ *R++ = r->realm; @@ -384,12 +366,13 @@ krb5_domain_x500_decode(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_domain_x500_encode(char **realms, int num_realms, krb5_data *encoding) +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_domain_x500_encode(char **realms, unsigned int num_realms, + krb5_data *encoding) { char *s = NULL; int len = 0; - int i; + unsigned int i; krb5_data_zero(encoding); if (num_realms == 0) return 0; @@ -404,7 +387,7 @@ krb5_domain_x500_encode(char **realms, int num_realms, krb5_data *encoding) return ENOMEM; *s = '\0'; for(i = 0; i < num_realms; i++){ - if(i && i < num_realms - 1) + if(i) strlcat(s, ",", len + 1); if(realms[i][0] == '/') strlcat(s, " ", len + 1); @@ -415,25 +398,25 @@ krb5_domain_x500_encode(char **realms, int num_realms, krb5_data *encoding) return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_check_transited(krb5_context context, krb5_const_realm client_realm, krb5_const_realm server_realm, krb5_realm *realms, - int num_realms, + unsigned int num_realms, int *bad_realm) { char **tr_realms; char **p; - int i; + size_t i; if(num_realms == 0) return 0; - - tr_realms = krb5_config_get_strings(context, NULL, - "capaths", - client_realm, - server_realm, + + tr_realms = krb5_config_get_strings(context, NULL, + "capaths", + client_realm, + server_realm, NULL); for(i = 0; i < num_realms; i++) { for(p = tr_realms; p && *p; p++) { @@ -442,8 +425,10 @@ krb5_check_transited(krb5_context context, } if(p == NULL || *p == NULL) { krb5_config_free_strings(tr_realms); - krb5_set_error_string (context, "no transit through realm %s", - realms[i]); + krb5_set_error_message (context, KRB5KRB_AP_ERR_ILL_CR_TKT, + N_("no transit allowed " + "through realm %s", ""), + realms[i]); if(bad_realm) *bad_realm = i; return KRB5KRB_AP_ERR_ILL_CR_TKT; @@ -453,17 +438,17 @@ krb5_check_transited(krb5_context context, return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_check_transited_realms(krb5_context context, - const char *const *realms, - int num_realms, + const char *const *realms, + unsigned int num_realms, int *bad_realm) { - int i; + size_t i; int ret = 0; - char **bad_realms = krb5_config_get_strings(context, NULL, - "libdefaults", - "transited_realms_reject", + char **bad_realms = krb5_config_get_strings(context, NULL, + "libdefaults", + "transited_realms_reject", NULL); if(bad_realms == NULL) return 0; @@ -472,9 +457,11 @@ krb5_check_transited_realms(krb5_context context, char **p; for(p = bad_realms; *p; p++) if(strcmp(*p, realms[i]) == 0) { - krb5_set_error_string (context, "no transit through realm %s", - *p); ret = KRB5KRB_AP_ERR_ILL_CR_TKT; + krb5_set_error_message (context, ret, + N_("no transit allowed " + "through realm %s", ""), + *p); if(bad_realm) *bad_realm = i; break; diff --git a/lib/krb5/v4_glue.c b/lib/krb5/v4_glue.c deleted file mode 100644 index 37b1e35dd188..000000000000 --- a/lib/krb5/v4_glue.c +++ /dev/null @@ -1,939 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -RCSID("$Id: v4_glue.c 22071 2007-11-14 20:04:50Z lha $"); - -#include "krb5-v4compat.h" - -/* - * - */ - -#define RCHECK(r,func,label) \ - do { (r) = func ; if (r) goto label; } while(0); - - -/* include this here, to avoid dependencies on libkrb */ - -static const int _tkt_lifetimes[TKTLIFENUMFIXED] = { - 38400, 41055, 43894, 46929, 50174, 53643, 57352, 61318, - 65558, 70091, 74937, 80119, 85658, 91581, 97914, 104684, - 111922, 119661, 127935, 136781, 146239, 156350, 167161, 178720, - 191077, 204289, 218415, 233517, 249664, 266926, 285383, 305116, - 326213, 348769, 372885, 398668, 426234, 455705, 487215, 520904, - 556921, 595430, 636601, 680618, 727680, 777995, 831789, 889303, - 950794, 1016537, 1086825, 1161973, 1242318, 1328218, 1420057, 1518247, - 1623226, 1735464, 1855462, 1983758, 2120925, 2267576, 2424367, 2592000 -}; - -int KRB5_LIB_FUNCTION -_krb5_krb_time_to_life(time_t start, time_t end) -{ - int i; - time_t life = end - start; - - if (life > MAXTKTLIFETIME || life <= 0) - return 0; -#if 0 - if (krb_no_long_lifetimes) - return (life + 5*60 - 1)/(5*60); -#endif - - if (end >= NEVERDATE) - return TKTLIFENOEXPIRE; - if (life < _tkt_lifetimes[0]) - return (life + 5*60 - 1)/(5*60); - for (i=0; i TKTLIFEMAXFIXED) - return start + MAXTKTLIFETIME; - return start + _tkt_lifetimes[life - TKTLIFEMINFIXED]; -} - -/* - * Get the name of the krb4 credentials cache, will use `tkfile' as - * the name if that is passed in. `cc' must be free()ed by caller, - */ - -static krb5_error_code -get_krb4_cc_name(const char *tkfile, char **cc) -{ - - *cc = NULL; - if(tkfile == NULL) { - char *path; - if(!issuid()) { - path = getenv("KRBTKFILE"); - if (path) - *cc = strdup(path); - } - if(*cc == NULL) - if (asprintf(cc, "%s%u", TKT_ROOT, (unsigned)getuid()) < 0) - return errno; - } else { - *cc = strdup(tkfile); - if (*cc == NULL) - return ENOMEM; - } - return 0; -} - -/* - * Write a Kerberos 4 ticket file - */ - -#define KRB5_TF_LCK_RETRY_COUNT 50 -#define KRB5_TF_LCK_RETRY 1 - -static krb5_error_code -write_v4_cc(krb5_context context, const char *tkfile, - krb5_storage *sp, int append) -{ - krb5_error_code ret; - struct stat sb; - krb5_data data; - char *path; - int fd, i; - - ret = get_krb4_cc_name(tkfile, &path); - if (ret) { - krb5_set_error_string(context, - "krb5_krb_tf_setup: failed getting " - "the krb4 credentials cache name"); - return ret; - } - - fd = open(path, O_WRONLY|O_CREAT, 0600); - if (fd < 0) { - ret = errno; - krb5_set_error_string(context, - "krb5_krb_tf_setup: error opening file %s", - path); - free(path); - return ret; - } - - if (fstat(fd, &sb) != 0 || !S_ISREG(sb.st_mode)) { - krb5_set_error_string(context, - "krb5_krb_tf_setup: tktfile %s is not a file", - path); - free(path); - close(fd); - return KRB5_FCC_PERM; - } - - for (i = 0; i < KRB5_TF_LCK_RETRY_COUNT; i++) { - if (flock(fd, LOCK_EX | LOCK_NB) < 0) { - sleep(KRB5_TF_LCK_RETRY); - } else - break; - } - if (i == KRB5_TF_LCK_RETRY_COUNT) { - krb5_set_error_string(context, - "krb5_krb_tf_setup: failed to lock %s", - path); - free(path); - close(fd); - return KRB5_FCC_PERM; - } - - if (!append) { - ret = ftruncate(fd, 0); - if (ret < 0) { - flock(fd, LOCK_UN); - krb5_set_error_string(context, - "krb5_krb_tf_setup: failed to truncate %s", - path); - free(path); - close(fd); - return KRB5_FCC_PERM; - } - } - ret = lseek(fd, 0L, SEEK_END); - if (ret < 0) { - ret = errno; - flock(fd, LOCK_UN); - free(path); - close(fd); - return ret; - } - - krb5_storage_to_data(sp, &data); - - ret = write(fd, data.data, data.length); - if (ret != data.length) - ret = KRB5_CC_IO; - - krb5_free_data_contents(context, &data); - - flock(fd, LOCK_UN); - free(path); - close(fd); - - return 0; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_tf_setup(krb5_context context, - struct credentials *v4creds, - const char *tkfile, - int append) -{ - krb5_error_code ret; - krb5_storage *sp; - - sp = krb5_storage_emem(); - if (sp == NULL) - return ENOMEM; - - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_HOST); - krb5_storage_set_eof_code(sp, KRB5_CC_IO); - - krb5_clear_error_string(context); - - if (!append) { - RCHECK(ret, krb5_store_stringz(sp, v4creds->pname), error); - RCHECK(ret, krb5_store_stringz(sp, v4creds->pinst), error); - } - - /* cred */ - RCHECK(ret, krb5_store_stringz(sp, v4creds->service), error); - RCHECK(ret, krb5_store_stringz(sp, v4creds->instance), error); - RCHECK(ret, krb5_store_stringz(sp, v4creds->realm), error); - ret = krb5_storage_write(sp, v4creds->session, 8); - if (ret != 8) { - ret = KRB5_CC_IO; - goto error; - } - RCHECK(ret, krb5_store_int32(sp, v4creds->lifetime), error); - RCHECK(ret, krb5_store_int32(sp, v4creds->kvno), error); - RCHECK(ret, krb5_store_int32(sp, v4creds->ticket_st.length), error); - - ret = krb5_storage_write(sp, v4creds->ticket_st.dat, - v4creds->ticket_st.length); - if (ret != v4creds->ticket_st.length) { - ret = KRB5_CC_IO; - goto error; - } - RCHECK(ret, krb5_store_int32(sp, v4creds->issue_date), error); - - ret = write_v4_cc(context, tkfile, sp, append); - - error: - krb5_storage_free(sp); - - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_dest_tkt(krb5_context context, const char *tkfile) -{ - krb5_error_code ret; - char *path; - - ret = get_krb4_cc_name(tkfile, &path); - if (ret) { - krb5_set_error_string(context, - "krb5_krb_tf_setup: failed getting " - "the krb4 credentials cache name"); - return ret; - } - - if (unlink(path) < 0) { - ret = errno; - krb5_set_error_string(context, - "krb5_krb_dest_tkt failed removing the cache " - "with error %s", strerror(ret)); - } - free(path); - - return ret; -} - -/* - * - */ - -static krb5_error_code -decrypt_etext(krb5_context context, const krb5_keyblock *key, - const krb5_data *cdata, krb5_data *data) -{ - krb5_error_code ret; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, ETYPE_DES_PCBC_NONE, &crypto); - if (ret) - return ret; - - ret = krb5_decrypt(context, crypto, 0, cdata->data, cdata->length, data); - krb5_crypto_destroy(context, crypto); - - return ret; -} - - -/* - * - */ - -static const char eightzeros[8] = "\x00\x00\x00\x00\x00\x00\x00\x00"; - -static krb5_error_code -storage_to_etext(krb5_context context, - krb5_storage *sp, - const krb5_keyblock *key, - krb5_data *enc_data) -{ - krb5_error_code ret; - krb5_crypto crypto; - krb5_ssize_t size; - krb5_data data; - - /* multiple of eight bytes */ - - size = krb5_storage_seek(sp, 0, SEEK_END); - if (size < 0) - return KRB4ET_RD_AP_UNDEC; - size = 8 - (size & 7); - - ret = krb5_storage_write(sp, eightzeros, size); - if (ret != size) - return KRB4ET_RD_AP_UNDEC; - - ret = krb5_storage_to_data(sp, &data); - if (ret) - return ret; - - ret = krb5_crypto_init(context, key, ETYPE_DES_PCBC_NONE, &crypto); - if (ret) { - krb5_data_free(&data); - return ret; - } - - ret = krb5_encrypt(context, crypto, 0, data.data, data.length, enc_data); - - krb5_data_free(&data); - krb5_crypto_destroy(context, crypto); - - return ret; -} - -/* - * - */ - -static krb5_error_code -put_nir(krb5_storage *sp, const char *name, - const char *instance, const char *realm) -{ - krb5_error_code ret; - - RCHECK(ret, krb5_store_stringz(sp, name), error); - RCHECK(ret, krb5_store_stringz(sp, instance), error); - if (realm) { - RCHECK(ret, krb5_store_stringz(sp, realm), error); - } - error: - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_create_ticket(krb5_context context, - unsigned char flags, - const char *pname, - const char *pinstance, - const char *prealm, - int32_t paddress, - const krb5_keyblock *session, - int16_t life, - int32_t life_sec, - const char *sname, - const char *sinstance, - const krb5_keyblock *key, - krb5_data *enc_data) -{ - krb5_error_code ret; - krb5_storage *sp; - - krb5_data_zero(enc_data); - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - - RCHECK(ret, krb5_store_int8(sp, flags), error); - RCHECK(ret, put_nir(sp, pname, pinstance, prealm), error); - RCHECK(ret, krb5_store_int32(sp, ntohl(paddress)), error); - - /* session key */ - ret = krb5_storage_write(sp, - session->keyvalue.data, - session->keyvalue.length); - if (ret != session->keyvalue.length) { - ret = KRB4ET_INTK_PROT; - goto error; - } - - RCHECK(ret, krb5_store_int8(sp, life), error); - RCHECK(ret, krb5_store_int32(sp, life_sec), error); - RCHECK(ret, put_nir(sp, sname, sinstance, NULL), error); - - ret = storage_to_etext(context, sp, key, enc_data); - - error: - krb5_storage_free(sp); - if (ret) - krb5_set_error_string(context, "Failed to encode kerberos 4 ticket"); - - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_create_ciph(krb5_context context, - const krb5_keyblock *session, - const char *service, - const char *instance, - const char *realm, - uint32_t life, - unsigned char kvno, - const krb5_data *ticket, - uint32_t kdc_time, - const krb5_keyblock *key, - krb5_data *enc_data) -{ - krb5_error_code ret; - krb5_storage *sp; - - krb5_data_zero(enc_data); - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - - /* session key */ - ret = krb5_storage_write(sp, - session->keyvalue.data, - session->keyvalue.length); - if (ret != session->keyvalue.length) { - ret = KRB4ET_INTK_PROT; - goto error; - } - - RCHECK(ret, put_nir(sp, service, instance, realm), error); - RCHECK(ret, krb5_store_int8(sp, life), error); - RCHECK(ret, krb5_store_int8(sp, kvno), error); - RCHECK(ret, krb5_store_int8(sp, ticket->length), error); - ret = krb5_storage_write(sp, ticket->data, ticket->length); - if (ret != ticket->length) { - ret = KRB4ET_INTK_PROT; - goto error; - } - RCHECK(ret, krb5_store_int32(sp, kdc_time), error); - - ret = storage_to_etext(context, sp, key, enc_data); - - error: - krb5_storage_free(sp); - if (ret) - krb5_set_error_string(context, "Failed to encode kerberos 4 ticket"); - - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_create_auth_reply(krb5_context context, - const char *pname, - const char *pinst, - const char *prealm, - int32_t time_ws, - int n, - uint32_t x_date, - unsigned char kvno, - const krb5_data *cipher, - krb5_data *data) -{ - krb5_error_code ret; - krb5_storage *sp; - - krb5_data_zero(data); - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - - RCHECK(ret, krb5_store_int8(sp, KRB_PROT_VERSION), error); - RCHECK(ret, krb5_store_int8(sp, AUTH_MSG_KDC_REPLY), error); - RCHECK(ret, put_nir(sp, pname, pinst, prealm), error); - RCHECK(ret, krb5_store_int32(sp, time_ws), error); - RCHECK(ret, krb5_store_int8(sp, n), error); - RCHECK(ret, krb5_store_int32(sp, x_date), error); - RCHECK(ret, krb5_store_int8(sp, kvno), error); - RCHECK(ret, krb5_store_int16(sp, cipher->length), error); - ret = krb5_storage_write(sp, cipher->data, cipher->length); - if (ret != cipher->length) { - ret = KRB4ET_INTK_PROT; - goto error; - } - - ret = krb5_storage_to_data(sp, data); - - error: - krb5_storage_free(sp); - if (ret) - krb5_set_error_string(context, "Failed to encode kerberos 4 ticket"); - - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_cr_err_reply(krb5_context context, - const char *name, - const char *inst, - const char *realm, - uint32_t time_ws, - uint32_t e, - const char *e_string, - krb5_data *data) -{ - krb5_error_code ret; - krb5_storage *sp; - - krb5_data_zero(data); - - if (name == NULL) name = ""; - if (inst == NULL) inst = ""; - if (realm == NULL) realm = ""; - if (e_string == NULL) e_string = ""; - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - - RCHECK(ret, krb5_store_int8(sp, KRB_PROT_VERSION), error); - RCHECK(ret, krb5_store_int8(sp, AUTH_MSG_ERR_REPLY), error); - RCHECK(ret, put_nir(sp, name, inst, realm), error); - RCHECK(ret, krb5_store_int32(sp, time_ws), error); - /* If it is a Kerberos 4 error-code, remove the et BASE */ - if (e >= ERROR_TABLE_BASE_krb && e <= ERROR_TABLE_BASE_krb + 255) - e -= ERROR_TABLE_BASE_krb; - RCHECK(ret, krb5_store_int32(sp, e), error); - RCHECK(ret, krb5_store_stringz(sp, e_string), error); - - ret = krb5_storage_to_data(sp, data); - - error: - krb5_storage_free(sp); - if (ret) - krb5_set_error_string(context, "Failed to encode kerberos 4 error"); - - return 0; -} - -static krb5_error_code -get_v4_stringz(krb5_storage *sp, char **str, size_t max_len) -{ - krb5_error_code ret; - - ret = krb5_ret_stringz(sp, str); - if (ret) - return ret; - if (strlen(*str) > max_len) { - free(*str); - *str = NULL; - return KRB4ET_INTK_PROT; - } - return 0; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_decomp_ticket(krb5_context context, - const krb5_data *enc_ticket, - const krb5_keyblock *key, - const char *local_realm, - char **sname, - char **sinstance, - struct _krb5_krb_auth_data *ad) -{ - krb5_error_code ret; - krb5_ssize_t size; - krb5_storage *sp = NULL; - krb5_data ticket; - unsigned char des_key[8]; - - memset(ad, 0, sizeof(*ad)); - krb5_data_zero(&ticket); - - *sname = NULL; - *sinstance = NULL; - - RCHECK(ret, decrypt_etext(context, key, enc_ticket, &ticket), error); - - sp = krb5_storage_from_data(&ticket); - if (sp == NULL) { - krb5_data_free(&ticket); - krb5_set_error_string(context, "alloc: out of memory"); - return ENOMEM; - } - - krb5_storage_set_eof_code(sp, KRB4ET_INTK_PROT); - - RCHECK(ret, krb5_ret_int8(sp, &ad->k_flags), error); - RCHECK(ret, get_v4_stringz(sp, &ad->pname, ANAME_SZ), error); - RCHECK(ret, get_v4_stringz(sp, &ad->pinst, INST_SZ), error); - RCHECK(ret, get_v4_stringz(sp, &ad->prealm, REALM_SZ), error); - RCHECK(ret, krb5_ret_uint32(sp, &ad->address), error); - - size = krb5_storage_read(sp, des_key, sizeof(des_key)); - if (size != sizeof(des_key)) { - ret = KRB4ET_INTK_PROT; - goto error; - } - - RCHECK(ret, krb5_ret_uint8(sp, &ad->life), error); - - if (ad->k_flags & 1) - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE); - else - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - - RCHECK(ret, krb5_ret_uint32(sp, &ad->time_sec), error); - - RCHECK(ret, get_v4_stringz(sp, sname, ANAME_SZ), error); - RCHECK(ret, get_v4_stringz(sp, sinstance, INST_SZ), error); - - ret = krb5_keyblock_init(context, ETYPE_DES_PCBC_NONE, - des_key, sizeof(des_key), &ad->session); - if (ret) - goto error; - - if (strlen(ad->prealm) == 0) { - free(ad->prealm); - ad->prealm = strdup(local_realm); - if (ad->prealm == NULL) { - ret = ENOMEM; - goto error; - } - } - - error: - memset(des_key, 0, sizeof(des_key)); - if (sp) - krb5_storage_free(sp); - krb5_data_free(&ticket); - if (ret) { - if (*sname) { - free(*sname); - *sname = NULL; - } - if (*sinstance) { - free(*sinstance); - *sinstance = NULL; - } - _krb5_krb_free_auth_data(context, ad); - krb5_set_error_string(context, "Failed to decode v4 ticket"); - } - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_rd_req(krb5_context context, - krb5_data *authent, - const char *service, - const char *instance, - const char *local_realm, - int32_t from_addr, - const krb5_keyblock *key, - struct _krb5_krb_auth_data *ad) -{ - krb5_error_code ret; - krb5_storage *sp; - krb5_data ticket, eaut, aut; - krb5_ssize_t size; - int little_endian; - int8_t pvno; - int8_t type; - int8_t s_kvno; - uint8_t ticket_length; - uint8_t eaut_length; - uint8_t time_5ms; - char *realm = NULL; - char *sname = NULL; - char *sinstance = NULL; - char *r_realm = NULL; - char *r_name = NULL; - char *r_instance = NULL; - - uint32_t r_time_sec; /* Coarse time from authenticator */ - unsigned long delta_t; /* Time in authenticator - local time */ - long tkt_age; /* Age of ticket */ - - struct timeval tv; - - krb5_data_zero(&ticket); - krb5_data_zero(&eaut); - krb5_data_zero(&aut); - - sp = krb5_storage_from_data(authent); - if (sp == NULL) { - krb5_set_error_string(context, "alloc: out of memory"); - return ENOMEM; - } - - krb5_storage_set_eof_code(sp, KRB4ET_INTK_PROT); - - ret = krb5_ret_int8(sp, &pvno); - if (ret) { - krb5_set_error_string(context, "Failed reading v4 pvno"); - goto error; - } - - if (pvno != KRB_PROT_VERSION) { - ret = KRB4ET_RD_AP_VERSION; - krb5_set_error_string(context, "Failed v4 pvno not 4"); - goto error; - } - - ret = krb5_ret_int8(sp, &type); - if (ret) { - krb5_set_error_string(context, "Failed readin v4 type"); - goto error; - } - - little_endian = type & 1; - type &= ~1; - - if(type != AUTH_MSG_APPL_REQUEST && type != AUTH_MSG_APPL_REQUEST_MUTUAL) { - ret = KRB4ET_RD_AP_MSG_TYPE; - krb5_set_error_string(context, "Not a valid v4 request type"); - goto error; - } - - RCHECK(ret, krb5_ret_int8(sp, &s_kvno), error); - RCHECK(ret, get_v4_stringz(sp, &realm, REALM_SZ), error); - RCHECK(ret, krb5_ret_uint8(sp, &ticket_length), error); - RCHECK(ret, krb5_ret_uint8(sp, &eaut_length), error); - RCHECK(ret, krb5_data_alloc(&ticket, ticket_length), error); - - size = krb5_storage_read(sp, ticket.data, ticket.length); - if (size != ticket.length) { - ret = KRB4ET_INTK_PROT; - krb5_set_error_string(context, "Failed reading v4 ticket"); - goto error; - } - - /* Decrypt and take apart ticket */ - ret = _krb5_krb_decomp_ticket(context, &ticket, key, local_realm, - &sname, &sinstance, ad); - if (ret) - goto error; - - RCHECK(ret, krb5_data_alloc(&eaut, eaut_length), error); - - size = krb5_storage_read(sp, eaut.data, eaut.length); - if (size != eaut.length) { - ret = KRB4ET_INTK_PROT; - krb5_set_error_string(context, "Failed reading v4 authenticator"); - goto error; - } - - krb5_storage_free(sp); - sp = NULL; - - ret = decrypt_etext(context, &ad->session, &eaut, &aut); - if (ret) - goto error; - - sp = krb5_storage_from_data(&aut); - if (sp == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "alloc: out of memory"); - goto error; - } - - if (little_endian) - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE); - else - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - - RCHECK(ret, get_v4_stringz(sp, &r_name, ANAME_SZ), error); - RCHECK(ret, get_v4_stringz(sp, &r_instance, INST_SZ), error); - RCHECK(ret, get_v4_stringz(sp, &r_realm, REALM_SZ), error); - - RCHECK(ret, krb5_ret_uint32(sp, &ad->checksum), error); - RCHECK(ret, krb5_ret_uint8(sp, &time_5ms), error); - RCHECK(ret, krb5_ret_uint32(sp, &r_time_sec), error); - - if (strcmp(ad->pname, r_name) != 0 || - strcmp(ad->pinst, r_instance) != 0 || - strcmp(ad->prealm, r_realm) != 0) { - krb5_set_error_string(context, "v4 principal mismatch"); - ret = KRB4ET_RD_AP_INCON; - goto error; - } - - if (from_addr && ad->address && from_addr != ad->address) { - krb5_set_error_string(context, "v4 bad address in ticket"); - ret = KRB4ET_RD_AP_BADD; - goto error; - } - - gettimeofday(&tv, NULL); - delta_t = abs((int)(tv.tv_sec - r_time_sec)); - if (delta_t > CLOCK_SKEW) { - ret = KRB4ET_RD_AP_TIME; - krb5_set_error_string(context, "v4 clock skew"); - goto error; - } - - /* Now check for expiration of ticket */ - - tkt_age = tv.tv_sec - ad->time_sec; - - if ((tkt_age < 0) && (-tkt_age > CLOCK_SKEW)) { - ret = KRB4ET_RD_AP_NYV; - krb5_set_error_string(context, "v4 clock skew for expiration"); - goto error; - } - - if (tv.tv_sec > _krb5_krb_life_to_time(ad->time_sec, ad->life)) { - ret = KRB4ET_RD_AP_EXP; - krb5_set_error_string(context, "v4 ticket expired"); - goto error; - } - - ret = 0; - error: - krb5_data_free(&ticket); - krb5_data_free(&eaut); - krb5_data_free(&aut); - if (realm) - free(realm); - if (sname) - free(sname); - if (sinstance) - free(sinstance); - if (r_name) - free(r_name); - if (r_instance) - free(r_instance); - if (r_realm) - free(r_realm); - if (sp) - krb5_storage_free(sp); - - if (ret) - krb5_clear_error_string(context); - - return ret; -} - -/* - * - */ - -void KRB5_LIB_FUNCTION -_krb5_krb_free_auth_data(krb5_context context, struct _krb5_krb_auth_data *ad) -{ - if (ad->pname) - free(ad->pname); - if (ad->pinst) - free(ad->pinst); - if (ad->prealm) - free(ad->prealm); - krb5_free_keyblock_contents(context, &ad->session); - memset(ad, 0, sizeof(*ad)); -} diff --git a/lib/krb5/verify_init.c b/lib/krb5/verify_init.c index 37db34669290..2e77b7e59d9c 100644 --- a/lib/krb5/verify_init.c +++ b/lib/krb5/verify_init.c @@ -1,47 +1,45 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: verify_init.c 15555 2005-07-06 00:48:16Z lha $"); - -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_init_creds_opt_init(krb5_verify_init_creds_opt *options) { memset (options, 0, sizeof(*options)); } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_init_creds_opt_set_ap_req_nofail(krb5_verify_init_creds_opt *options, int ap_req_nofail) { @@ -69,7 +67,7 @@ fail_verify_is_ok (krb5_context context, return TRUE; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_init_creds(krb5_context context, krb5_creds *creds, krb5_principal ap_req_server, @@ -92,8 +90,8 @@ krb5_verify_init_creds(krb5_context context, if (gethostname (local_hostname, sizeof(local_hostname)) < 0) { ret = errno; - krb5_set_error_string (context, "gethostname: %s", - strerror(ret)); + krb5_set_error_message (context, ret, "gethostname: %s", + strerror(ret)); return ret; } @@ -117,7 +115,8 @@ krb5_verify_init_creds(krb5_context context, if (ccache && *ccache) local_ccache = *ccache; else { - ret = krb5_cc_gen_new (context, &krb5_mcc_ops, &local_ccache); + ret = krb5_cc_new_unique(context, krb5_cc_type_memory, + NULL, &local_ccache); if (ret) goto cleanup; ret = krb5_cc_initialize (context, @@ -159,7 +158,7 @@ krb5_verify_init_creds(krb5_context context, NULL, creds, &req); - + krb5_auth_con_free (context, auth_context); auth_context = NULL; @@ -197,3 +196,48 @@ krb5_verify_init_creds(krb5_context context, return ret; } + +/** + * Validate the newly fetch credential, see also krb5_verify_init_creds(). + * + * @param context a Kerberos 5 context + * @param creds the credentials to verify + * @param client the client name to match up + * @param ccache the credential cache to use + * @param service a service name to use, used with + * krb5_sname_to_principal() to build a hostname to use to + * verify. + * + * @ingroup krb5_ccache + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_get_validated_creds(krb5_context context, + krb5_creds *creds, + krb5_principal client, + krb5_ccache ccache, + char *service) +{ + krb5_verify_init_creds_opt vopt; + krb5_principal server; + krb5_error_code ret; + + if (krb5_principal_compare(context, creds->client, client) != TRUE) { + krb5_set_error_message(context, KRB5_PRINC_NOMATCH, + N_("Validation credentials and client " + "doesn't match", "")); + return KRB5_PRINC_NOMATCH; + } + + ret = krb5_sname_to_principal (context, NULL, service, + KRB5_NT_SRV_HST, &server); + if(ret) + return ret; + + krb5_verify_init_creds_opt_init(&vopt); + + ret = krb5_verify_init_creds(context, creds, server, NULL, NULL, &vopt); + krb5_free_principal(context, server); + + return ret; +} diff --git a/lib/krb5/verify_krb5_conf-version.rc b/lib/krb5/verify_krb5_conf-version.rc new file mode 100644 index 000000000000..f7d90dfae8fc --- /dev/null +++ b/lib/krb5/verify_krb5_conf-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_APP +#define RC_FILE_DESC_0409 "Krb5.conf Verification Tool" +#define RC_FILE_ORIG_0409 "verify_krb5_conf.exe" + +#include "../../windows/version.rc" diff --git a/lib/krb5/verify_krb5_conf.8 b/lib/krb5/verify_krb5_conf.8 index 28f84aba41e0..fc580feaa2d5 100644 --- a/lib/krb5/verify_krb5_conf.8 +++ b/lib/krb5/verify_krb5_conf.8 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: verify_krb5_conf.8 14375 2004-12-08 17:52:41Z lha $ +.\" $Id$ .\" .Dd December 8, 2004 .Dt VERIFY_KRB5_CONF 8 @@ -45,7 +45,7 @@ reads the configuration file .Pa krb5.conf , or the file given on the command line, -and parses it, thereby verifying that the syntax is not correctly wrong. +parses it, checking verifying that the syntax is not correctly wrong. .Pp If the file is syntactically correct, .Nm @@ -79,7 +79,7 @@ versa, or just that is confused. .It : unknown entry Means that is not known by -.Nm "" . +.Nm . .El .Sh SEE ALSO .Xr krb5.conf 5 diff --git a/lib/krb5/verify_krb5_conf.c b/lib/krb5/verify_krb5_conf.c index b55fbd7a86b0..d554423a16d1 100644 --- a/lib/krb5/verify_krb5_conf.c +++ b/lib/krb5/verify_krb5_conf.c @@ -1,41 +1,40 @@ /* - * Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" #include #include #include -RCSID("$Id: verify_krb5_conf.c 22233 2007-12-08 21:43:37Z lha $"); /* verify krb5.conf */ @@ -45,9 +44,9 @@ static int help_flag = 0; static int warn_mit_syntax_flag = 0; static struct getargs args[] = { - {"dumpconfig", 0, arg_flag, &dumpconfig_flag, + {"dumpconfig", 0, arg_flag, &dumpconfig_flag, "show the parsed config files", NULL }, - {"warn-mit-syntax", 0, arg_flag, &warn_mit_syntax_flag, + {"warn-mit-syntax", 0, arg_flag, &warn_mit_syntax_flag, "show the parsed config files", NULL }, {"version", 0, arg_flag, &version_flag, "print version", NULL }, @@ -88,11 +87,17 @@ check_time(krb5_context context, const char *path, char *data) static int check_numeric(krb5_context context, const char *path, char *data) { - long int v; + long v; char *end; v = strtol(data, &end, 0); + + if ((v == LONG_MIN || v == LONG_MAX) && errno != 0) { + krb5_warnx(context, "%s: over/under flow for \"%s\"", + path, data); + return 1; + } if(*end != '\0') { - krb5_warnx(context, "%s: failed to parse \"%s\" as a number", + krb5_warnx(context, "%s: failed to parse \"%s\" as a number", path, data); return 1; } @@ -111,12 +116,12 @@ check_boolean(krb5_context context, const char *path, char *data) return 0; v = strtol(data, &end, 0); if(*end != '\0') { - krb5_warnx(context, "%s: failed to parse \"%s\" as a boolean", + krb5_warnx(context, "%s: failed to parse \"%s\" as a boolean", path, data); return 1; } if(v != 0 && v != 1) - krb5_warnx(context, "%s: numeric value \"%s\" is treated as \"true\"", + krb5_warnx(context, "%s: numeric value \"%s\" is treated as \"true\"", path, data); return 0; } @@ -130,7 +135,7 @@ check_524(krb5_context context, const char *path, char *data) strcasecmp(data, "local") == 0) return 0; - krb5_warnx(context, "%s: didn't contain a valid option `%s'", + krb5_warnx(context, "%s: didn't contain a valid option `%s'", path, data); return 1; } @@ -155,7 +160,7 @@ check_host(krb5_context context, const char *path, char *data) hints.ai_canonname = NULL; hints.ai_addr = NULL; hints.ai_next = NULL; - + /* XXX data could be a list of hosts that this code can't handle */ /* XXX copied from krbhst.c */ if(strncmp(p, "http://", 7) == 0){ @@ -191,7 +196,7 @@ check_host(krb5_context context, const char *path, char *data) char *end; int tmp = strtol(p, &end, 0); if(end == p) { - krb5_warnx(context, "%s: failed to parse port number in %s", + krb5_warnx(context, "%s: failed to parse port number in %s", path, data); return 1; } @@ -304,7 +309,7 @@ check_log(krb5_context context, const char *path, char *data) } p++; } - if(strcmp(p, "STDERR") == 0 || + if(strcmp(p, "STDERR") == 0 || strcmp(p, "CONSOLE") == 0 || (strncmp(p, "FILE", 4) == 0 && (p[4] == ':' || p[4] == '=')) || (strncmp(p, "DEVICE", 6) == 0 && p[6] == '=')) @@ -323,12 +328,12 @@ check_log(krb5_context context, const char *path, char *data) if(*facility == '\0') strlcpy(facility, "AUTH", sizeof(facility)); if(find_value(severity, syslogvals) == -1) { - krb5_warnx(context, "%s: unknown syslog facility \"%s\"", + krb5_warnx(context, "%s: unknown syslog facility \"%s\"", path, facility); ret++; } if(find_value(severity, syslogvals) == -1) { - krb5_warnx(context, "%s: unknown syslog severity \"%s\"", + krb5_warnx(context, "%s: unknown syslog severity \"%s\"", path, severity); ret++; } @@ -344,6 +349,7 @@ struct entry { const char *name; int type; void *check_data; + int deprecated; }; struct entry all_strings[] = { @@ -365,7 +371,8 @@ struct entry v4_name_convert_entries[] = { struct entry libdefaults_entries[] = { { "accept_null_addresses", krb5_config_string, check_boolean }, - { "capath", krb5_config_list, all_strings }, + { "allow_weak_crypto", krb5_config_string, check_boolean }, + { "capath", krb5_config_list, all_strings, 1 }, { "check_pac", krb5_config_string, check_boolean }, { "clockskew", krb5_config_string, check_time }, { "date_format", krb5_config_string, NULL }, @@ -395,7 +402,7 @@ struct entry libdefaults_entries[] = { { "maxretries", krb5_config_string, check_numeric }, { "scan_interfaces", krb5_config_string, check_boolean }, { "srv_lookup", krb5_config_string, check_boolean }, - { "srv_try_txt", krb5_config_string, check_boolean }, + { "srv_try_txt", krb5_config_string, check_boolean }, { "ticket_lifetime", krb5_config_string, check_time }, { "time_format", krb5_config_string, NULL }, { "transited_realms_reject", krb5_config_string, NULL }, @@ -571,17 +578,19 @@ struct entry toplevel_sections[] = { static int -check_section(krb5_context context, const char *path, krb5_config_section *cf, +check_section(krb5_context context, const char *path, krb5_config_section *cf, struct entry *entries) { int error = 0; krb5_config_section *p; struct entry *e; - + char *local; - + for(p = cf; p != NULL; p = p->next) { - asprintf(&local, "%s/%s", path, p->name); + local = NULL; + if (asprintf(&local, "%s/%s", path, p->name) < 0 || local == NULL) + errx(1, "out of memory"); for(e = entries; e->name != NULL; e++) { if(*e->name == '\0' || strcmp(e->name, p->name) == 0) { if(e->type != p->type) { @@ -592,6 +601,10 @@ check_section(krb5_context context, const char *path, krb5_config_section *cf, } else if(p->type == krb5_config_list && e->check_data != NULL) { error |= check_section(context, local, p->u.list, e->check_data); } + if(e->deprecated) { + krb5_warnx(context, "%s: is a deprecated entry", local); + error |= 1; + } break; } } @@ -646,7 +659,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -671,6 +684,6 @@ main(int argc, char **argv) if(dumpconfig_flag) dumpconfig(0, tmp_cf); - + return check_section(context, "", tmp_cf, toplevel_sections); } diff --git a/lib/krb5/verify_krb5_conf.cat8 b/lib/krb5/verify_krb5_conf.cat8 new file mode 100644 index 000000000000..25143916cfc9 --- /dev/null +++ b/lib/krb5/verify_krb5_conf.cat8 @@ -0,0 +1,57 @@ + +VERIFY_KRB5_CONF(8) BSD System Manager's Manual VERIFY_KRB5_CONF(8) + +NNAAMMEE + vveerriiffyy__kkrrbb55__ccoonnff -- checks krb5.conf for obvious errors + +SSYYNNOOPPSSIISS + vveerriiffyy__kkrrbb55__ccoonnff _[_c_o_n_f_i_g_-_f_i_l_e_] + +DDEESSCCRRIIPPTTIIOONN + vveerriiffyy__kkrrbb55__ccoonnff reads the configuration file _k_r_b_5_._c_o_n_f, or the file + given on the command line, parses it, checking verifying that the syntax + is not correctly wrong. + + If the file is syntactically correct, vveerriiffyy__kkrrbb55__ccoonnff tries to verify + that the contents of the file is of relevant nature. + +EENNVVIIRROONNMMEENNTT + KRB5_CONFIG points to the configuration file to read. + +FFIILLEESS + /etc/krb5.conf Kerberos 5 configuration file + +DDIIAAGGNNOOSSTTIICCSS + Possible output from vveerriiffyy__kkrrbb55__ccoonnff include: + + : failed to parse as size/time/number/boolean + Usually means that is misspelled, or that it contains + weird characters. The parsing done by vveerriiffyy__kkrrbb55__ccoonnff is more + strict than the one performed by libkrb5, so strings that work in + real life might be reported as bad. + + : host not found () + Means that is supposed to point to a host, but it can't be + recognised as one. + + : unknown or wrong type + Means that is either a string when it should be a list, + vice versa, or just that vveerriiffyy__kkrrbb55__ccoonnff is confused. + + : unknown entry + Means that is not known by vveerriiffyy__kkrrbb55__ccoonnff. + +SSEEEE AALLSSOO + krb5.conf(5) + +BBUUGGSS + Since each application can put almost anything in the config file, it's + hard to come up with a watertight verification process. Most of the + default settings are sanity checked, but this does not mean that every + problem is discovered, or that everything that is reported as a possible + problem actually is one. This tool should thus be used with some care. + + It should warn about obsolete data, or bad practice, but currently + doesn't. + +HEIMDAL December 8, 2004 HEIMDAL diff --git a/lib/krb5/verify_user.c b/lib/krb5/verify_user.c index 1edbaff7e23b..01562ef562a3 100644 --- a/lib/krb5/verify_user.c +++ b/lib/krb5/verify_user.c @@ -1,40 +1,38 @@ /* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: verify_user.c 19078 2006-11-20 18:12:41Z lha $"); - static krb5_error_code verify_common (krb5_context context, krb5_principal principal, @@ -90,7 +88,7 @@ verify_common (krb5_context context, * As a side effect, fresh tickets are obtained and stored in `ccache'. */ -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_init(krb5_verify_opt *opt) { memset(opt, 0, sizeof(*opt)); @@ -98,49 +96,50 @@ krb5_verify_opt_init(krb5_verify_opt *opt) opt->service = "host"; } -int KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION int KRB5_LIB_CALL krb5_verify_opt_alloc(krb5_context context, krb5_verify_opt **opt) { *opt = calloc(1, sizeof(**opt)); if ((*opt) == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } krb5_verify_opt_init(*opt); return 0; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_free(krb5_verify_opt *opt) { free(opt); } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_set_ccache(krb5_verify_opt *opt, krb5_ccache ccache) { opt->ccache = ccache; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_set_keytab(krb5_verify_opt *opt, krb5_keytab keytab) { opt->keytab = keytab; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_set_secure(krb5_verify_opt *opt, krb5_boolean secure) { opt->secure = secure; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_set_service(krb5_verify_opt *opt, const char *service) { opt->service = service; } -void KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_verify_opt_set_flags(krb5_verify_opt *opt, unsigned int flags) { opt->flags |= flags; @@ -160,8 +159,8 @@ verify_user_opt_int(krb5_context context, ret = krb5_get_init_creds_opt_alloc (context, &opt); if (ret) return ret; - krb5_get_init_creds_opt_set_default_flags(context, NULL, - krb5_principal_get_realm(context, principal), + krb5_get_init_creds_opt_set_default_flags(context, NULL, + krb5_principal_get_realm(context, principal), opt); ret = krb5_get_init_creds_password (context, &cred, @@ -176,13 +175,13 @@ verify_user_opt_int(krb5_context context, if(ret) return ret; #define OPT(V, D) ((vopt && (vopt->V)) ? (vopt->V) : (D)) - return verify_common (context, principal, OPT(ccache, NULL), - OPT(keytab, NULL), vopt ? vopt->secure : TRUE, + return verify_common (context, principal, OPT(ccache, NULL), + OPT(keytab, NULL), vopt ? vopt->secure : TRUE, OPT(service, "host"), cred); #undef OPT } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verify_user_opt(krb5_context context, krb5_principal principal, const char *password, @@ -196,18 +195,14 @@ krb5_verify_user_opt(krb5_context context, if (ret) return ret; ret = KRB5_CONFIG_NODEFREALM; - + for (r = realms; *r != NULL && ret != 0; ++r) { - char *tmp = strdup (*r); - - if (tmp == NULL) { + ret = krb5_principal_set_realm(context, principal, *r); + if (ret) { krb5_free_host_realm (context, realms); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; + return ret; } - free (*krb5_princ_realm (context, principal)); - krb5_princ_set_realm (context, principal, &tmp); - + ret = verify_user_opt_int(context, principal, password, opt); } krb5_free_host_realm (context, realms); @@ -220,8 +215,8 @@ krb5_verify_user_opt(krb5_context context, /* compat function that calls above */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_user(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_verify_user(krb5_context context, krb5_principal principal, krb5_ccache ccache, const char *password, @@ -229,13 +224,13 @@ krb5_verify_user(krb5_context context, const char *service) { krb5_verify_opt opt; - + krb5_verify_opt_init(&opt); - + krb5_verify_opt_set_ccache(&opt, ccache); krb5_verify_opt_set_secure(&opt, secure); krb5_verify_opt_set_service(&opt, service); - + return krb5_verify_user_opt(context, principal, password, &opt); } @@ -244,8 +239,8 @@ krb5_verify_user(krb5_context context, * ignored and all the local realms are tried. */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_user_lrealm(krb5_context context, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_verify_user_lrealm(krb5_context context, krb5_principal principal, krb5_ccache ccache, const char *password, @@ -253,13 +248,13 @@ krb5_verify_user_lrealm(krb5_context context, const char *service) { krb5_verify_opt opt; - + krb5_verify_opt_init(&opt); - + krb5_verify_opt_set_ccache(&opt, ccache); krb5_verify_opt_set_secure(&opt, secure); krb5_verify_opt_set_service(&opt, service); krb5_verify_opt_set_flags(&opt, KRB5_VERIFY_LREALMS); - + return krb5_verify_user_opt(context, principal, password, &opt); } diff --git a/lib/krb5/version-script.map b/lib/krb5/version-script.map index df8804a4e316..818e6e071cbd 100644 --- a/lib/krb5/version-script.map +++ b/lib/krb5/version-script.map @@ -1,6 +1,4 @@ -# $Id$ - -HEIMDAL_KRB5_1.0 { +HEIMDAL_KRB5_2.0 { global: krb524_convert_creds_kdc; krb524_convert_creds_kdc_ccache; @@ -22,6 +20,7 @@ HEIMDAL_KRB5_1.0 { krb5_address_order; krb5_address_prefixlen_boundary; krb5_address_search; + krb5_allow_weak_crypto; krb5_aname_to_localname; krb5_anyaddr; krb5_appdefault_boolean; @@ -41,6 +40,7 @@ HEIMDAL_KRB5_1.0 { krb5_auth_con_getlocalseqnumber; krb5_auth_con_getlocalsubkey; krb5_auth_con_getrcache; + krb5_auth_con_getremoteseqnumber; krb5_auth_con_getremotesubkey; krb5_auth_con_init; krb5_auth_con_removeflags; @@ -58,7 +58,6 @@ HEIMDAL_KRB5_1.0 { krb5_auth_con_setuserkey; krb5_auth_getremoteseqnumber; krb5_build_ap_req; - krb5_build_authenticator; krb5_build_principal; krb5_build_principal_ext; krb5_build_principal_va; @@ -88,13 +87,17 @@ HEIMDAL_KRB5_1.0 { krb5_cc_clear_mcred; krb5_cc_close; krb5_cc_copy_cache; - krb5_cc_copy_cache_match; + krb5_cc_copy_match_f; krb5_cc_default; krb5_cc_default_name; krb5_cc_destroy; krb5_cc_end_seq_get; krb5_cc_gen_new; + krb5_cc_get_config; + krb5_cc_get_friendly_name; krb5_cc_get_full_name; + krb5_cc_get_kdc_offset; + krb5_cc_get_lifetime; krb5_cc_get_name; krb5_cc_get_ops; krb5_cc_get_prefix_ops; @@ -102,6 +105,7 @@ HEIMDAL_KRB5_1.0 { krb5_cc_get_type; krb5_cc_get_version; krb5_cc_initialize; + krb5_cc_last_change_time; krb5_cc_move; krb5_cc_new_unique; krb5_cc_next_cred; @@ -110,10 +114,15 @@ HEIMDAL_KRB5_1.0 { krb5_cc_remove_cred; krb5_cc_resolve; krb5_cc_retrieve_cred; + krb5_cc_set_config; krb5_cc_set_default_name; krb5_cc_set_flags; + krb5_cc_set_kdc_offset; krb5_cc_start_seq_get; krb5_cc_store_cred; + krb5_cc_support_switch; + krb5_cc_switch; + krb5_cc_set_friendly_name; krb5_change_password; krb5_check_transited; krb5_check_transited_realms; @@ -122,19 +131,19 @@ HEIMDAL_KRB5_1.0 { krb5_checksum_is_collision_proof; krb5_checksum_is_keyed; krb5_checksumsize; + krb5_cksumtype_to_enctype; krb5_cksumtype_valid; krb5_clear_error_string; + krb5_clear_error_message; krb5_closelog; krb5_compare_creds; krb5_config_file_free; krb5_config_free_strings; - krb5_config_get; krb5_config_get_bool; krb5_config_get_bool_default; krb5_config_get_int; krb5_config_get_int_default; krb5_config_get_list; - krb5_config_get_next; krb5_config_get_string; krb5_config_get_string_default; krb5_config_get_strings; @@ -143,13 +152,11 @@ HEIMDAL_KRB5_1.0 { krb5_config_parse_file; krb5_config_parse_file_multi; krb5_config_parse_string_multi; - krb5_config_vget; krb5_config_vget_bool; krb5_config_vget_bool_default; krb5_config_vget_int; krb5_config_vget_int_default; krb5_config_vget_list; - krb5_config_vget_next; krb5_config_vget_string; krb5_config_vget_string_default; krb5_config_vget_strings; @@ -160,6 +167,7 @@ HEIMDAL_KRB5_1.0 { krb5_copy_checksum; krb5_copy_creds; krb5_copy_creds_contents; + krb5_copy_context; krb5_copy_data; krb5_copy_host_realm; krb5_copy_keyblock; @@ -167,7 +175,9 @@ HEIMDAL_KRB5_1.0 { krb5_copy_principal; krb5_copy_ticket; krb5_create_checksum; + krb5_create_checksum_iov; krb5_crypto_destroy; + krb5_crypto_fx_cf2; krb5_crypto_get_checksum_type; krb5_crypto_getblocksize; krb5_crypto_getconfoundersize; @@ -177,7 +187,13 @@ HEIMDAL_KRB5_1.0 { krb5_crypto_overhead; krb5_crypto_prf; krb5_crypto_prf_length; + krb5_crypto_length; + krb5_crypto_length_iov; + krb5_decrypt_iov_ivec; + krb5_encrypt_iov_ivec; + krb5_enomem; krb5_data_alloc; + krb5_data_ct_cmp; krb5_data_cmp; krb5_data_copy; krb5_data_free; @@ -241,6 +257,7 @@ HEIMDAL_KRB5_1.0 { krb5_encrypt; krb5_encrypt_EncryptedData; krb5_encrypt_ivec; + krb5_enctype_enable; krb5_enctype_disable; krb5_enctype_keybits; krb5_enctype_keysize; @@ -268,9 +285,11 @@ HEIMDAL_KRB5_1.0 { krb5_free_creds_contents; krb5_free_data; krb5_free_data_contents; + krb5_free_default_realm; krb5_free_error; krb5_free_error_contents; krb5_free_error_string; + krb5_free_error_message; krb5_free_host_realm; krb5_free_kdc_rep; krb5_free_keyblock; @@ -279,6 +298,7 @@ HEIMDAL_KRB5_1.0 { krb5_free_principal; krb5_free_salt; krb5_free_ticket; + krb5_free_unparsed_name; krb5_fwd_tgt_creds; krb5_generate_random_block; krb5_generate_random_keyblock; @@ -314,6 +334,7 @@ HEIMDAL_KRB5_1.0 { krb5_get_host_realm; krb5_get_ignore_addresses; krb5_get_in_cred; + krb5_cccol_last_change_time; krb5_get_in_tkt; krb5_get_in_tkt_with_keytab; krb5_get_in_tkt_with_password; @@ -336,6 +357,7 @@ HEIMDAL_KRB5_1.0 { krb5_get_init_creds_opt_set_pac_request; krb5_get_init_creds_opt_set_pkinit; krb5_get_init_creds_opt_set_preauth_list; + krb5_get_init_creds_opt_set_process_last_req; krb5_get_init_creds_opt_set_proxiable; krb5_get_init_creds_opt_set_renew_life; krb5_get_init_creds_opt_set_salt; @@ -363,9 +385,11 @@ HEIMDAL_KRB5_1.0 { krb5_hmac; krb5_init_context; krb5_init_ets; - krb5_init_etype; krb5_initlog; + krb5_is_config_principal; krb5_is_thread_safe; + krb5_kcm_call; + krb5_kcm_storage_request; krb5_kerberos_enctypes; krb5_keyblock_get_enctype; krb5_keyblock_init; @@ -390,12 +414,14 @@ HEIMDAL_KRB5_1.0 { krb5_kt_default; krb5_kt_default_modify_name; krb5_kt_default_name; + krb5_kt_destroy; krb5_kt_end_seq_get; krb5_kt_free_entry; krb5_kt_get_entry; krb5_kt_get_full_name; krb5_kt_get_name; krb5_kt_get_type; + krb5_kt_have_content; krb5_kt_next_entry; krb5_kt_read_service_key; krb5_kt_register; @@ -451,18 +477,23 @@ HEIMDAL_KRB5_1.0 { krb5_parse_nametype; krb5_passwd_result_to_string; krb5_password_key_proc; + krb5_get_permitted_enctypes; krb5_plugin_register; krb5_prepend_config_files; krb5_prepend_config_files_default; + krb5_prepend_error_message; krb5_princ_realm; krb5_princ_set_realm; krb5_principal_compare; krb5_principal_compare_any_realm; krb5_principal_get_comp_string; + krb5_principal_get_num_comp; krb5_principal_get_realm; krb5_principal_get_type; krb5_principal_match; + krb5_principal_set_realm; krb5_principal_set_type; + krb5_principal_is_krbtgt; krb5_print_address; krb5_program_setup; krb5_prompter_posix; @@ -540,10 +571,13 @@ HEIMDAL_KRB5_1.0 { krb5_set_default_in_tkt_etypes; krb5_set_default_realm; krb5_set_dns_canonicalize_hostname; + krb5_set_error_message; krb5_set_error_string; krb5_set_extra_addresses; krb5_set_fcache_version; + krb5_set_home_dir_access; krb5_set_ignore_addresses; + krb5_set_kdc_sec_offset; krb5_set_max_time_skew; krb5_set_password; krb5_set_password_using_ccache; @@ -565,13 +599,16 @@ HEIMDAL_KRB5_1.0 { krb5_storage_from_mem; krb5_storage_from_readonly_mem; krb5_storage_get_byteorder; + krb5_storage_get_eof_code; krb5_storage_is_flags; krb5_storage_read; krb5_storage_seek; krb5_storage_set_byteorder; krb5_storage_set_eof_code; krb5_storage_set_flags; + krb5_storage_set_max_alloc; krb5_storage_to_data; + krb5_storage_truncate; krb5_storage_write; krb5_store_address; krb5_store_addrs; @@ -620,6 +657,7 @@ HEIMDAL_KRB5_1.0 { krb5_verify_ap_req; krb5_verify_authenticator_checksum; krb5_verify_checksum; + krb5_verify_checksum_iov; krb5_verify_init_creds; krb5_verify_init_creds_opt_init; krb5_verify_init_creds_opt_set_ap_req_nofail; @@ -638,6 +676,8 @@ HEIMDAL_KRB5_1.0 { krb5_verrx; krb5_vlog; krb5_vlog_msg; + krb5_vprepend_error_message; + krb5_vset_error_message; krb5_vset_error_string; krb5_vwarn; krb5_vwarnx; @@ -647,6 +687,9 @@ HEIMDAL_KRB5_1.0 { krb5_write_priv_message; krb5_write_safe_message; krb5_xfree; + krb5_cccol_cursor_new; + krb5_cccol_cursor_next; + krb5_cccol_cursor_free; # com_err error tables initialize_krb5_error_table_r; @@ -662,22 +705,27 @@ HEIMDAL_KRB5_1.0 { krb5_mcc_ops; krb5_acc_ops; krb5_fcc_ops; + krb5_scc_ops; krb5_kcm_ops; - krb4_fkt_ops; krb5_wrfkt_ops; krb5_mkt_ops; - krb5_fkt_ops; krb5_akf_ops; - krb5_srvtab_fkt_ops; krb5_any_ops; heimdal_version; heimdal_long_version; krb5_config_file; krb5_defkeyname; + krb5_cc_type_api; + krb5_cc_type_file; + krb5_cc_type_memory; + krb5_cc_type_kcm; + krb5_cc_type_scc; # Shared with GSSAPI krb5 _krb5_crc_init_table; _krb5_crc_update; + _krb5_get_krbtgt; + _krb5_build_authenticator; # V4 compat glue _krb5_krb_tf_setup; @@ -694,24 +742,28 @@ HEIMDAL_KRB5_1.0 { _krb5_krb_cr_err_reply; # Shared with libkdc - _krb5_principalname2krb5_principal; - _krb5_principal2principalname; - _krb5_s4u2self_to_checksumdata; - _krb5_put_int; - _krb5_get_int; - _krb5_pk_load_id; - _krb5_parse_moduli; - _krb5_pk_mk_ContentInfo; - _krb5_dh_group_ok; - _krb5_pk_octetstring2key; - _krb5_pk_allow_proxy_certificate; - _krb5_pac_sign; - _krb5_plugin_find; - _krb5_plugin_get_symbol; - _krb5_plugin_get_next; - _krb5_plugin_free; _krb5_AES_string_to_default_iterator; + _krb5_dh_group_ok; _krb5_get_host_realm_int; + _krb5_get_int; + _krb5_pac_sign; + _krb5_parse_moduli; + _krb5_pk_kdf; + _krb5_pk_load_id; + _krb5_pk_mk_ContentInfo; + _krb5_pk_octetstring2key; + _krb5_plugin_find; + _krb5_plugin_free; + _krb5_plugin_get_next; + _krb5_plugin_get_symbol; + _krb5_principal2principalname; + _krb5_principalname2krb5_principal; + _krb5_put_int; + _krb5_s4u2self_to_checksumdata; + + # kinit helper + krb5_get_init_creds_opt_set_pkinit_user_certs; + krb5_pk_enterprise_cert; # testing _krb5_aes_cts_encrypt; diff --git a/lib/krb5/version.c b/lib/krb5/version.c index f7ccff5bc882..302854de3f24 100644 --- a/lib/krb5/version.c +++ b/lib/krb5/version.c @@ -1,43 +1,39 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: version.c 7464 1999-12-02 17:05:13Z joda $"); - /* this is just to get a version stamp in the library file */ -#define heimdal_version __heimdal_version -#define heimdal_long_version __heimdal_long_version #include "version.h" diff --git a/lib/krb5/warn.c b/lib/krb5/warn.c index 85f143b8b4b6..cb3be76fccff 100644 --- a/lib/krb5/warn.c +++ b/lib/krb5/warn.c @@ -1,88 +1,81 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" #include -RCSID("$Id: warn.c 19086 2006-11-21 08:06:40Z lha $"); - -static krb5_error_code _warnerr(krb5_context context, int do_errtext, +static krb5_error_code _warnerr(krb5_context context, int do_errtext, krb5_error_code code, int level, const char *fmt, va_list ap) __attribute__((__format__(__printf__, 5, 0))); - + static krb5_error_code -_warnerr(krb5_context context, int do_errtext, +_warnerr(krb5_context context, int do_errtext, krb5_error_code code, int level, const char *fmt, va_list ap) { char xfmt[7] = ""; const char *args[2], **arg; char *msg = NULL; - char *err_str = NULL; - + const char *err_str = NULL; + krb5_error_code ret; + args[0] = args[1] = NULL; arg = args; if(fmt){ strlcat(xfmt, "%s", sizeof(xfmt)); if(do_errtext) strlcat(xfmt, ": ", sizeof(xfmt)); - vasprintf(&msg, fmt, ap); - if(msg == NULL) + ret = vasprintf(&msg, fmt, ap); + if(ret < 0 || msg == NULL) return ENOMEM; *arg++ = msg; } if(context && do_errtext){ - const char *err_msg; - strlcat(xfmt, "%s", sizeof(xfmt)); - err_str = krb5_get_error_string(context); + err_str = krb5_get_error_message(context, code); if (err_str != NULL) { - *arg++ = err_str; + *arg = err_str; } else { - err_msg = krb5_get_err_text(context, code); - if (err_msg) - *arg++ = err_msg; - else - *arg++ = ""; + *arg= ""; } } - + if(context && context->warn_dest) krb5_log(context, context->warn_dest, level, xfmt, args[0], args[1]); else warnx(xfmt, args[0], args[1]); free(msg); - free(err_str); + krb5_free_error_message(context, err_str); return 0; } @@ -96,16 +89,38 @@ _warnerr(krb5_context context, int do_errtext, #undef __attribute__ #define __attribute__(X) -krb5_error_code KRB5_LIB_FUNCTION -krb5_vwarn(krb5_context context, krb5_error_code code, +/** + * Log a warning to the log, default stderr, include the error from + * the last failure. + * + * @param context A Kerberos 5 context. + * @param code error code of the last error + * @param fmt message to print + * @param ap arguments + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_vwarn(krb5_context context, krb5_error_code code, const char *fmt, va_list ap) __attribute__ ((format (printf, 3, 0))) { return _warnerr(context, 1, code, 1, fmt, ap); } +/** + * Log a warning to the log, default stderr, include the error from + * the last failure. + * + * @param context A Kerberos 5 context. + * @param code error code of the last error + * @param fmt message to print + * + * @ingroup krb5_error + */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_warn(krb5_context context, krb5_error_code code, const char *fmt, ...) __attribute__ ((format (printf, 3, 4))) { @@ -113,14 +128,33 @@ krb5_warn(krb5_context context, krb5_error_code code, const char *fmt, ...) return ret; } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Log a warning to the log, default stderr. + * + * @param context A Kerberos 5 context. + * @param fmt message to print + * @param ap arguments + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vwarnx(krb5_context context, const char *fmt, va_list ap) __attribute__ ((format (printf, 2, 0))) { return _warnerr(context, 0, 0, 1, fmt, ap); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Log a warning to the log, default stderr. + * + * @param context A Kerberos 5 context. + * @param fmt message to print + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_warnx(krb5_context context, const char *fmt, ...) __attribute__ ((format (printf, 2, 3))) { @@ -128,83 +162,185 @@ krb5_warnx(krb5_context context, const char *fmt, ...) return ret; } -krb5_error_code KRB5_LIB_FUNCTION -krb5_verr(krb5_context context, int eval, krb5_error_code code, +/** + * Log a warning to the log, default stderr, include bthe error from + * the last failure and then exit. + * + * @param context A Kerberos 5 context + * @param eval the exit code to exit with + * @param code error code of the last error + * @param fmt message to print + * @param ap arguments + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_verr(krb5_context context, int eval, krb5_error_code code, const char *fmt, va_list ap) __attribute__ ((noreturn, format (printf, 4, 0))) { _warnerr(context, 1, code, 0, fmt, ap); exit(eval); + UNREACHABLE(return 0); } +/** + * Log a warning to the log, default stderr, include bthe error from + * the last failure and then exit. + * + * @param context A Kerberos 5 context + * @param eval the exit code to exit with + * @param code error code of the last error + * @param fmt message to print + * + * @ingroup krb5_error + */ -krb5_error_code KRB5_LIB_FUNCTION -krb5_err(krb5_context context, int eval, krb5_error_code code, +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_err(krb5_context context, int eval, krb5_error_code code, const char *fmt, ...) __attribute__ ((noreturn, format (printf, 4, 5))) { FUNC(1, code, 0); exit(eval); + UNREACHABLE(return 0); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Log a warning to the log, default stderr, and then exit. + * + * @param context A Kerberos 5 context + * @param eval the exit code to exit with + * @param fmt message to print + * @param ap arguments + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_verrx(krb5_context context, int eval, const char *fmt, va_list ap) __attribute__ ((noreturn, format (printf, 3, 0))) { _warnerr(context, 0, 0, 0, fmt, ap); exit(eval); + UNREACHABLE(return 0); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Log a warning to the log, default stderr, and then exit. + * + * @param context A Kerberos 5 context + * @param eval the exit code to exit with + * @param fmt message to print + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_errx(krb5_context context, int eval, const char *fmt, ...) __attribute__ ((noreturn, format (printf, 3, 4))) { FUNC(0, 0, 0); exit(eval); + UNREACHABLE(return 0); } -krb5_error_code KRB5_LIB_FUNCTION -krb5_vabort(krb5_context context, krb5_error_code code, +/** + * Log a warning to the log, default stderr, include bthe error from + * the last failure and then abort. + * + * @param context A Kerberos 5 context + * @param code error code of the last error + * @param fmt message to print + * @param ap arguments + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL +krb5_vabort(krb5_context context, krb5_error_code code, const char *fmt, va_list ap) __attribute__ ((noreturn, format (printf, 3, 0))) { _warnerr(context, 1, code, 0, fmt, ap); abort(); + UNREACHABLE(return 0); } +/** + * Log a warning to the log, default stderr, include the error from + * the last failure and then abort. + * + * @param context A Kerberos 5 context + * @param code error code of the last error + * @param fmt message to print + * + * @ingroup krb5_error + */ -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_abort(krb5_context context, krb5_error_code code, const char *fmt, ...) __attribute__ ((noreturn, format (printf, 3, 4))) { FUNC(1, code, 0); abort(); + UNREACHABLE(return 0); } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_vabortx(krb5_context context, const char *fmt, va_list ap) __attribute__ ((noreturn, format (printf, 2, 0))) { _warnerr(context, 0, 0, 0, fmt, ap); abort(); + UNREACHABLE(return 0); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Log a warning to the log, default stderr, and then abort. + * + * @param context A Kerberos 5 context + * @param code error code of the last error + * @param fmt message to print + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_abortx(krb5_context context, const char *fmt, ...) __attribute__ ((noreturn, format (printf, 2, 3))) { FUNC(0, 0, 0); abort(); + UNREACHABLE(return 0); } -krb5_error_code KRB5_LIB_FUNCTION +/** + * Set the default logging facility. + * + * @param context A Kerberos 5 context + * @param fac Facility to use for logging. + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_set_warn_dest(krb5_context context, krb5_log_facility *fac) { context->warn_dest = fac; return 0; } -krb5_log_facility * KRB5_LIB_FUNCTION +/** + * Get the default logging facility. + * + * @param context A Kerberos 5 context + * + * @ingroup krb5_error + */ + +KRB5_LIB_FUNCTION krb5_log_facility * KRB5_LIB_CALL krb5_get_warn_dest(krb5_context context) { return context->warn_dest; diff --git a/lib/krb5/write_message.c b/lib/krb5/write_message.c index 1694a1075e41..84100461444a 100644 --- a/lib/krb5/write_message.c +++ b/lib/krb5/write_message.c @@ -1,41 +1,39 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" -RCSID("$Id: write_message.c 17442 2006-05-05 09:31:15Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_write_message (krb5_context context, krb5_pointer p_fd, krb5_data *data) @@ -49,13 +47,13 @@ krb5_write_message (krb5_context context, if (krb5_net_write (context, p_fd, buf, 4) != 4 || krb5_net_write (context, p_fd, data->data, len) != len) { ret = errno; - krb5_set_error_string (context, "write: %s", strerror(ret)); + krb5_set_error_message (context, ret, "write: %s", strerror(ret)); return ret; } return 0; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_write_priv_message(krb5_context context, krb5_auth_context ac, krb5_pointer p_fd, @@ -72,7 +70,7 @@ krb5_write_priv_message(krb5_context context, return ret; } -krb5_error_code KRB5_LIB_FUNCTION +KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_write_safe_message(krb5_context context, krb5_auth_context ac, krb5_pointer p_fd, diff --git a/lib/libedit/COPYING b/lib/libedit/COPYING new file mode 100644 index 000000000000..742f005f8f9c --- /dev/null +++ b/lib/libedit/COPYING @@ -0,0 +1,30 @@ +Copyright (c) 1992, 1993 + The Regents of the University of California. All rights reserved. + +This code is derived from software contributed to Berkeley by +Christos Zoulas of Cornell University. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. Neither the name of the University nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + diff --git a/lib/libedit/ChangeLog b/lib/libedit/ChangeLog new file mode 100644 index 000000000000..bdcb1e26c772 --- /dev/null +++ b/lib/libedit/ChangeLog @@ -0,0 +1,300 @@ + * See also NetBSD changelog: + http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libedit + +2011-02-27 Jess Thrysoee + + * version-info: 0:36:0 + + * all: sync with upstream source. + +2010-04-24 Jess Thrysoee + + * version-info: 0:35:0 + + * all: sync with upstream source. + Now with UTF-8 support. To enable this run 'configure --enable-widec'. + For now an UTF-32 encoded wchar_t is required. + This requirement is met on NetBSD, Solaris and OS X for any UTF-8 locale, + and any system that define __STDC_ISO_10646__ (e.g. GNU libc on Linux). + +2009-09-23 Jess Thrysoee + * version-info: 0:34:0 + + * all: apply Apple patches from: + http://opensource.apple.com/source/libedit/libedit-11/patches + +2009-09-05 Jess Thrysoee + + * version-info: 0:33:0 + + * all: Use predefined macro __sun to identify Solaris + + * src/el.c: Ignore comment lines in .editrc + +2009-07-23 Jess Thrysoee + + * version-info: 0:32:0 + + * all: sync with upstream source. + +2009-06-10 Jess Thrysoee + + * version-info: 0:31:0 + + * all: sync with upstream source. + +2009-05-03 Jess Thrysoee + + * version-info: 0:30:0 + + * all: sync with upstream source. + +2009-04-05 Jess Thrysoee + + * version-info: 0:29:0 + + * all: sync with upstream source. + +2009-01-11 Jess Thrysoee + + * version-info: 0:28:0 + + * all: sync with upstream source. MAJOR.MINOR version is now 3.0. + This is due to NetBSD changing time_t and dev_t to 64 bits. It does + not really effect this package. + + * configure.ac: Remove '--enable-debug' configure flag. The autoconf way + to control flags is by specifying them when running configure, + e.g. 'CFLAGS="-O0 -g" ./configure' + +2008-07-12 Jess Thrysoee + + * version-info: 0:27:0 + + * configure.ac: Added '--enable-debug' configure flag, to produce debugging + information. + + * examples/fileman.c: cast stat struct members, st_nlink and st_size, + appropriately (see also 'man 2 stat'). Patch by Alex Elder. + + * all: sync with upstream source. MINOR version is now 11. + +2007-08-31 Jess Thrysoee + + * version-info: 0:26:0 + + * libedit.pc.in,Makefile.am,configure.ac,patches/extra_dist_list.sh: + Added pkg-config support for libedit. Patch by Masatake YAMATO. + +2007-08-13 Jess Thrysoee + + * version-info: 0:25:0 + + * all: sync with upstream source. + +2007-03-02 Jess Thrysoee + + * version-info: 0:24:0 + + * all: sync with upstream source. + +2006-10-22 Jess Thrysoee + + * version-info: 0:23:0 + + * src/shlib_version: Upstream bumped minor version from 9 to 10. + + * all: sync with upstream source. More readline functions. + +2006-10-22 Jess Thrysoee + + * version-info: 0:22:0 + + * all: sync with upstream source. + +2006-08-29 Jess Thrysoee + + * version-info: 0:21:0 + + * all: License cleanup. All 4-clause advertising BSD licenses has been + changed to the 3-clause version by upstream. + + * src/fgetln.c: use src/tools/compat/fgetln.c instead of + othersrc/libexec/tnftpd/libnetbsd/fgetln.c + +2006-08-16 Jess Thrysoee + + * version-info: 0:20:0 + + * all: sync with upstream source. + +2006-06-03 Jess Thrysoee + + * version-info: 0:19:0 + + * COPYING: added global license file + + * all: sync with upstream source. + +2006-02-13 Jess Thrysoee + + * version-info: 0:18:0 + + * src/readline.c: Partial rl_getc_function support, patch by Kjeld Borch + Egevang. + + * src/readline.c: Make write_history and read_history returncode readline + compatible. Upstream patch. + +2006-01-03 Jess Thrysoee + + * version-info: 0:17:0 + + * patches/cvs_export.sh: strlcat.c and strlcpy.c was moved to + src/common/lib/libc/string in the upstream cvs repository. + + * all: sync with upstream source. + +2005-10-22 Jess Thrysoee + + * version-info: 0:16:0 + + * patches/*.patch, configure.ac: define SCCSID, undef LIBC_SCCS. Remove + fourteen cosmetic patches. + + * all: sync with upstream source. + +2005-09-11 Jess Thrysoee + + * version-info: 0:15:0 + + * src/Makefile.am: fix typo that meant generated files were distributes, + and make generated file targets dependent on the the 'makelist' input + files. + + * all: sync with upstream source. This is just a manpage update + +2005-08-28 Jess Thrysoee + + * version-info: 0:14:0 + + * src/sys.h: include config.h to avoid "redefinition of + `u_int32_t'". Patch by Norihiko Murase. + + * src/search.c: explicitly include sys/types.h, because regex.h on + FreeBSD needs it and does not include it itself. Patch by Norihiko Murase. + + * acinclude.m4: added EL_GETPW_R_DRAFT test and use AC_TRY_LINK instead + of AC_TRY_COMPILE. Suggested by Norihiko Murase. + + * all: sync with upstream source. + +2005-08-16 Jess Thrysoee + + * version-info: 0:13:0 + + * all: sync with upstream source. + +2005-08-05 Jess Thrysoee + + * version-info: 0:12:0 + + * all: sync with upstream source. + +2005-07-24 Jess Thrysoee + + * version-info: 0:11:0 + + * histedit.h, histedit.c, readline.c, editline/readline.h: From + upstream; added remove_history(). + +2005-07-07 Jess Thrysoee + + * version-info: 0:10:0 + + * history.c, key.c: From upstream source; Fix memory leaks found by + valgrind. + +2005-06-28 Jess Thrysoee + + * version-info: 0:9:0 + + * src/readline.c: getpwent_r is not POSIX, always use getpwent. + Reported by Gerrit P. Haase. + + * src/Makefile.am: Added libtool -no-undefined. This is needed on Cygwin + to get a shared editline library. Should not affect other platforms. + Suggested by Gerrit P. Haase. + +2005-06-15 Jess Thrysoee + + * version-info: 0:8:0 + + * all: sync with upstream source. + +2005-06-01 Jess Thrysoee + + * version-info: 0:7:0 + + * all: sync with upstream source. + + * src/readline.c, src/filecomplete.c: Solaris use POSIX draft versions + of getpwent_r, getpwnam_r and getpwuid_r which return 'struct passwd *'. + Define HAVE_GETPW_R_POSIX if these functions are (non draft) POSIX + compatible. Patch by Julien Torrès. + +2005-05-28 Jess Thrysoee + + * version-info: 0:6:0 + + * all: sync with upstream source. + +2005-03-11 Jess Thrysoee + + * version-info: 0:5:0 + + * all: sync with upstream source. + +2004-12-07 Jess Thrysoee + + * version-info: 0:4:0 + + * src/readline.c: d_namlen (in struct dirent) is not portable, always + use strlen. Patch by Scott Rankin. + +2004-11-27 Jess Thrysoee + + * version-info: 0:3:0 + + * src/history.c: bug #26785 fixed upstream, removed local patch. + +2004-11-06 Jess Thrysoee + + * version-info: 0:2:0 + + * all: sync with upstream source. + + * doc/Makefile.am: If mdoc2man fails, remove empty file. Patch by + Darren Tucker. + +2004-10-14 Jess Thrysoee + + * version-info: 0:1:0 + + * doc/Makefile.am: 'make install' twice fails. Remove old links before + trying to link the man pages. Patch by Rick Richardson. + +2004-09-28 Jess Thrysoee + + * version-info: 0:0:0 + + * acinclude.m4 configure.ac src/Makefile.am: Adhere to + LibTools library interface versions recommendation. + http://www.gnu.org/software/libtool/manual.html#SEC32 + + * doc/Makefile.am: name all manpage links as el_* (e.g. el_history.3) + to avoid conflicts. + +2004-09-08 Jess Thrysoee + + * all: Initial package. diff --git a/lib/libedit/INSTALL b/lib/libedit/INSTALL new file mode 100644 index 000000000000..54caf7c190f2 --- /dev/null +++ b/lib/libedit/INSTALL @@ -0,0 +1,229 @@ +Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002 Free Software +Foundation, Inc. + + This file is free documentation; the Free Software Foundation gives +unlimited permission to copy, distribute and modify it. + +Basic Installation +================== + + These are generic installation instructions. + + The `configure' shell script attempts to guess correct values for +various system-dependent variables used during compilation. It uses +those values to create a `Makefile' in each directory of the package. +It may also create one or more `.h' files containing system-dependent +definitions. Finally, it creates a shell script `config.status' that +you can run in the future to recreate the current configuration, and a +file `config.log' containing compiler output (useful mainly for +debugging `configure'). + + It can also use an optional file (typically called `config.cache' +and enabled with `--cache-file=config.cache' or simply `-C') that saves +the results of its tests to speed up reconfiguring. (Caching is +disabled by default to prevent problems with accidental use of stale +cache files.) + + If you need to do unusual things to compile the package, please try +to figure out how `configure' could check whether to do them, and mail +diffs or instructions to the address given in the `README' so they can +be considered for the next release. If you are using the cache, and at +some point `config.cache' contains results you don't want to keep, you +may remove or edit it. + + The file `configure.ac' (or `configure.in') is used to create +`configure' by a program called `autoconf'. You only need +`configure.ac' if you want to change it or regenerate `configure' using +a newer version of `autoconf'. + +The simplest way to compile this package is: + + 1. `cd' to the directory containing the package's source code and type + `./configure' to configure the package for your system. If you're + using `csh' on an old version of System V, you might need to type + `sh ./configure' instead to prevent `csh' from trying to execute + `configure' itself. + + Running `configure' takes awhile. While running, it prints some + messages telling which features it is checking for. + + 2. Type `make' to compile the package. + + 3. Optionally, type `make check' to run any self-tests that come with + the package. + + 4. Type `make install' to install the programs and any data files and + documentation. + + 5. You can remove the program binaries and object files from the + source code directory by typing `make clean'. To also remove the + files that `configure' created (so you can compile the package for + a different kind of computer), type `make distclean'. There is + also a `make maintainer-clean' target, but that is intended mainly + for the package's developers. If you use it, you may have to get + all sorts of other programs in order to regenerate files that came + with the distribution. + +Compilers and Options +===================== + + Some systems require unusual options for compilation or linking that +the `configure' script does not know about. Run `./configure --help' +for details on some of the pertinent environment variables. + + You can give `configure' initial values for configuration parameters +by setting variables in the command line or in the environment. Here +is an example: + + ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix + + *Note Defining Variables::, for more details. + +Compiling For Multiple Architectures +==================================== + + You can compile the package for more than one kind of computer at the +same time, by placing the object files for each architecture in their +own directory. To do this, you must use a version of `make' that +supports the `VPATH' variable, such as GNU `make'. `cd' to the +directory where you want the object files and executables to go and run +the `configure' script. `configure' automatically checks for the +source code in the directory that `configure' is in and in `..'. + + If you have to use a `make' that does not support the `VPATH' +variable, you have to compile the package for one architecture at a +time in the source code directory. After you have installed the +package for one architecture, use `make distclean' before reconfiguring +for another architecture. + +Installation Names +================== + + By default, `make install' will install the package's files in +`/usr/local/bin', `/usr/local/man', etc. You can specify an +installation prefix other than `/usr/local' by giving `configure' the +option `--prefix=PATH'. + + You can specify separate installation prefixes for +architecture-specific files and architecture-independent files. If you +give `configure' the option `--exec-prefix=PATH', the package will use +PATH as the prefix for installing programs and libraries. +Documentation and other data files will still use the regular prefix. + + In addition, if you use an unusual directory layout you can give +options like `--bindir=PATH' to specify different values for particular +kinds of files. Run `configure --help' for a list of the directories +you can set and what kinds of files go in them. + + If the package supports it, you can cause programs to be installed +with an extra prefix or suffix on their names by giving `configure' the +option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. + +Optional Features +================= + + Some packages pay attention to `--enable-FEATURE' options to +`configure', where FEATURE indicates an optional part of the package. +They may also pay attention to `--with-PACKAGE' options, where PACKAGE +is something like `gnu-as' or `x' (for the X Window System). The +`README' should mention any `--enable-' and `--with-' options that the +package recognizes. + + For packages that use the X Window System, `configure' can usually +find the X include and library files automatically, but if it doesn't, +you can use the `configure' options `--x-includes=DIR' and +`--x-libraries=DIR' to specify their locations. + +Specifying the System Type +========================== + + There may be some features `configure' cannot figure out +automatically, but needs to determine by the type of machine the package +will run on. Usually, assuming the package is built to be run on the +_same_ architectures, `configure' can figure that out, but if it prints +a message saying it cannot guess the machine type, give it the +`--build=TYPE' option. TYPE can either be a short name for the system +type, such as `sun4', or a canonical name which has the form: + + CPU-COMPANY-SYSTEM + +where SYSTEM can have one of these forms: + + OS KERNEL-OS + + See the file `config.sub' for the possible values of each field. If +`config.sub' isn't included in this package, then this package doesn't +need to know the machine type. + + If you are _building_ compiler tools for cross-compiling, you should +use the `--target=TYPE' option to select the type of system they will +produce code for. + + If you want to _use_ a cross compiler, that generates code for a +platform different from the build platform, you should specify the +"host" platform (i.e., that on which the generated programs will +eventually be run) with `--host=TYPE'. + +Sharing Defaults +================ + + If you want to set default values for `configure' scripts to share, +you can create a site shell script called `config.site' that gives +default values for variables like `CC', `cache_file', and `prefix'. +`configure' looks for `PREFIX/share/config.site' if it exists, then +`PREFIX/etc/config.site' if it exists. Or, you can set the +`CONFIG_SITE' environment variable to the location of the site script. +A warning: not all `configure' scripts look for a site script. + +Defining Variables +================== + + Variables not defined in a site shell script can be set in the +environment passed to `configure'. However, some packages may run +configure again during the build, and the customized values of these +variables may be lost. In order to avoid this problem, you should set +them in the `configure' command line, using `VAR=value'. For example: + + ./configure CC=/usr/local2/bin/gcc + +will cause the specified gcc to be used as the C compiler (unless it is +overridden in the site shell script). + +`configure' Invocation +====================== + + `configure' recognizes the following options to control how it +operates. + +`--help' +`-h' + Print a summary of the options to `configure', and exit. + +`--version' +`-V' + Print the version of Autoconf used to generate the `configure' + script, and exit. + +`--cache-file=FILE' + Enable the cache: use and save the results of the tests in FILE, + traditionally `config.cache'. FILE defaults to `/dev/null' to + disable caching. + +`--config-cache' +`-C' + Alias for `--cache-file=config.cache'. + +`--quiet' +`--silent' +`-q' + Do not print messages saying which checks are being made. To + suppress all normal output, redirect it to `/dev/null' (any error + messages will still be shown). + +`--srcdir=DIR' + Look for the package's source code in directory DIR. Usually + `configure' can determine that directory automatically. + +`configure' also accepts some other, not widely useful, options. Run +`configure --help' for more details. + diff --git a/lib/libedit/Makefile.am b/lib/libedit/Makefile.am new file mode 100644 index 000000000000..4018edca54f7 --- /dev/null +++ b/lib/libedit/Makefile.am @@ -0,0 +1,9 @@ + +AUTOMAKE_OPTIONS = foreign + +#SUBDIRS = src examples doc +SUBDIRS = src + +#EXTRA_DIST = libedit.pc.in +#pkgconfigdir = $(libdir)/pkgconfig +#pkgconfig_DATA = libedit.pc diff --git a/lib/libedit/Makefile.in b/lib/libedit/Makefile.in new file mode 100644 index 000000000000..2af565df6a5b --- /dev/null +++ b/lib/libedit/Makefile.in @@ -0,0 +1,734 @@ +# Makefile.in generated by automake 1.11.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = . +DIST_COMMON = $(am__configure_deps) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in $(srcdir)/config.h.in \ + $(top_srcdir)/configure COPYING ChangeLog INSTALL THANKS \ + config.guess config.sub depcomp install-sh ltmain.sh missing +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ + configure.lineno config.status.lineno +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +AM_V_GEN = $(am__v_GEN_$(V)) +am__v_GEN_ = $(am__v_GEN_$(AM_DEFAULT_VERBOSITY)) +am__v_GEN_0 = @echo " GEN " $@; +AM_V_at = $(am__v_at_$(V)) +am__v_at_ = $(am__v_at_$(AM_DEFAULT_VERBOSITY)) +am__v_at_0 = @ +SOURCES = +DIST_SOURCES = +RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ + html-recursive info-recursive install-data-recursive \ + install-dvi-recursive install-exec-recursive \ + install-html-recursive install-info-recursive \ + install-pdf-recursive install-ps-recursive install-recursive \ + installcheck-recursive installdirs-recursive pdf-recursive \ + ps-recursive uninstall-recursive +RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ + distclean-recursive maintainer-clean-recursive +AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \ + $(RECURSIVE_CLEAN_TARGETS:-recursive=) tags TAGS ctags CTAGS \ + distdir dist dist-all distcheck +ETAGS = etags +CTAGS = ctags +DIST_SUBDIRS = $(SUBDIRS) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +distdir = $(PACKAGE)-$(VERSION) +top_distdir = $(distdir) +am__remove_distdir = \ + { test ! -d "$(distdir)" \ + || { find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \ + && rm -fr "$(distdir)"; }; } +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" +DIST_ARCHIVES = $(distdir).tar.gz +GZIP_ENV = --best +distuninstallcheck_listfiles = find . -type f -print +distcleancheck_listfiles = find . -type f -print +ACLOCAL = @ACLOCAL@ +ALLOCA = @ALLOCA@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +LT_VERSION = @LT_VERSION@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MANTYPE = @MANTYPE@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +AUTOMAKE_OPTIONS = foreign + +#SUBDIRS = src examples doc +SUBDIRS = src +all: config.h + $(MAKE) $(AM_MAKEFLAGS) all-recursive + +.SUFFIXES: +am--refresh: + @: +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + echo ' cd $(srcdir) && $(AUTOMAKE) --foreign'; \ + $(am__cd) $(srcdir) && $(AUTOMAKE) --foreign \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + echo ' $(SHELL) ./config.status'; \ + $(SHELL) ./config.status;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + $(SHELL) ./config.status --recheck + +$(top_srcdir)/configure: $(am__configure_deps) + $(am__cd) $(srcdir) && $(AUTOCONF) +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + $(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) +$(am__aclocal_m4_deps): + +config.h: stamp-h1 + @if test ! -f $@; then \ + rm -f stamp-h1; \ + $(MAKE) $(AM_MAKEFLAGS) stamp-h1; \ + else :; fi + +stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status + @rm -f stamp-h1 + cd $(top_builddir) && $(SHELL) ./config.status config.h +$(srcdir)/config.h.in: $(am__configure_deps) + ($(am__cd) $(top_srcdir) && $(AUTOHEADER)) + rm -f stamp-h1 + touch $@ + +distclean-hdr: + -rm -f config.h stamp-h1 + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + -rm -f libtool config.lt + +# This directory's subdirectories are mostly independent; you can cd +# into them and run `make' without going through this Makefile. +# To change the values of `make' variables: instead of editing Makefiles, +# (1) if the variable is set in `config.status', edit `config.status' +# (which will cause the Makefiles to be regenerated when you run `make'); +# (2) otherwise, pass the desired values on the `make' command line. +$(RECURSIVE_TARGETS): + @fail= failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ + dot_seen=no; \ + target=`echo $@ | sed s/-recursive//`; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + dot_seen=yes; \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done; \ + if test "$$dot_seen" = "no"; then \ + $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ + fi; test -z "$$fail" + +$(RECURSIVE_CLEAN_TARGETS): + @fail= failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ + dot_seen=no; \ + case "$@" in \ + distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ + *) list='$(SUBDIRS)' ;; \ + esac; \ + rev=''; for subdir in $$list; do \ + if test "$$subdir" = "."; then :; else \ + rev="$$subdir $$rev"; \ + fi; \ + done; \ + rev="$$rev ."; \ + target=`echo $@ | sed s/-recursive//`; \ + for subdir in $$rev; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done && test -z "$$fail" +tags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + done +ctags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + done + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: tags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test ! -f $$subdir/TAGS || \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ + fi; \ + done; \ + list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: CTAGS +CTAGS: ctags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + $(am__remove_distdir) + test -d "$(distdir)" || mkdir "$(distdir)" + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test -d "$(distdir)/$$subdir" \ + || $(MKDIR_P) "$(distdir)/$$subdir" \ + || exit 1; \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ + am__remove_distdir=: \ + am__skip_length_check=: \ + am__skip_mode_fix=: \ + distdir) \ + || exit 1; \ + fi; \ + done + -test -n "$(am__skip_mode_fix)" \ + || find "$(distdir)" -type d ! -perm -755 \ + -exec chmod u+rwx,go+rx {} \; -o \ + ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ + ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ + ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \ + || chmod -R a+r "$(distdir)" +dist-gzip: distdir + tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz + $(am__remove_distdir) + +dist-bzip2: distdir + tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2 + $(am__remove_distdir) + +dist-lzma: distdir + tardir=$(distdir) && $(am__tar) | lzma -9 -c >$(distdir).tar.lzma + $(am__remove_distdir) + +dist-xz: distdir + tardir=$(distdir) && $(am__tar) | xz -c >$(distdir).tar.xz + $(am__remove_distdir) + +dist-tarZ: distdir + tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z + $(am__remove_distdir) + +dist-shar: distdir + shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz + $(am__remove_distdir) + +dist-zip: distdir + -rm -f $(distdir).zip + zip -rq $(distdir).zip $(distdir) + $(am__remove_distdir) + +dist dist-all: distdir + tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz + $(am__remove_distdir) + +# This target untars the dist file and tries a VPATH configuration. Then +# it guarantees that the distribution is self-contained by making another +# tarfile. +distcheck: dist + case '$(DIST_ARCHIVES)' in \ + *.tar.gz*) \ + GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\ + *.tar.bz2*) \ + bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\ + *.tar.lzma*) \ + lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\ + *.tar.xz*) \ + xz -dc $(distdir).tar.xz | $(am__untar) ;;\ + *.tar.Z*) \ + uncompress -c $(distdir).tar.Z | $(am__untar) ;;\ + *.shar.gz*) \ + GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\ + *.zip*) \ + unzip $(distdir).zip ;;\ + esac + chmod -R a-w $(distdir); chmod a+w $(distdir) + mkdir $(distdir)/_build + mkdir $(distdir)/_inst + chmod a-w $(distdir) + test -d $(distdir)/_build || exit 0; \ + dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ + && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ + && am__cwd=`pwd` \ + && $(am__cd) $(distdir)/_build \ + && ../configure --srcdir=.. --prefix="$$dc_install_base" \ + $(DISTCHECK_CONFIGURE_FLAGS) \ + && $(MAKE) $(AM_MAKEFLAGS) \ + && $(MAKE) $(AM_MAKEFLAGS) dvi \ + && $(MAKE) $(AM_MAKEFLAGS) check \ + && $(MAKE) $(AM_MAKEFLAGS) install \ + && $(MAKE) $(AM_MAKEFLAGS) installcheck \ + && $(MAKE) $(AM_MAKEFLAGS) uninstall \ + && $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \ + distuninstallcheck \ + && chmod -R a-w "$$dc_install_base" \ + && ({ \ + (cd ../.. && umask 077 && mkdir "$$dc_destdir") \ + && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \ + && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \ + && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \ + distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \ + } || { rm -rf "$$dc_destdir"; exit 1; }) \ + && rm -rf "$$dc_destdir" \ + && $(MAKE) $(AM_MAKEFLAGS) dist \ + && rm -rf $(DIST_ARCHIVES) \ + && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \ + && cd "$$am__cwd" \ + || exit 1 + $(am__remove_distdir) + @(echo "$(distdir) archives ready for distribution: "; \ + list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ + sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x' +distuninstallcheck: + @$(am__cd) '$(distuninstallcheck_dir)' \ + && test `$(distuninstallcheck_listfiles) | wc -l` -le 1 \ + || { echo "ERROR: files left after uninstall:" ; \ + if test -n "$(DESTDIR)"; then \ + echo " (check DESTDIR support)"; \ + fi ; \ + $(distuninstallcheck_listfiles) ; \ + exit 1; } >&2 +distcleancheck: distclean + @if test '$(srcdir)' = . ; then \ + echo "ERROR: distcleancheck can only run from a VPATH build" ; \ + exit 1 ; \ + fi + @test `$(distcleancheck_listfiles) | wc -l` -eq 0 \ + || { echo "ERROR: files left in build directory after distclean:" ; \ + $(distcleancheck_listfiles) ; \ + exit 1; } >&2 +check-am: all-am +check: check-recursive +all-am: Makefile config.h +installdirs: installdirs-recursive +installdirs-am: +install: install-recursive +install-exec: install-exec-recursive +install-data: install-data-recursive +uninstall: uninstall-recursive + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-recursive +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-recursive + +clean-am: clean-generic clean-libtool mostlyclean-am + +distclean: distclean-recursive + -rm -f $(am__CONFIG_DISTCLEAN_FILES) + -rm -f Makefile +distclean-am: clean-am distclean-generic distclean-hdr \ + distclean-libtool distclean-tags + +dvi: dvi-recursive + +dvi-am: + +html: html-recursive + +html-am: + +info: info-recursive + +info-am: + +install-data-am: + +install-dvi: install-dvi-recursive + +install-dvi-am: + +install-exec-am: + +install-html: install-html-recursive + +install-html-am: + +install-info: install-info-recursive + +install-info-am: + +install-man: + +install-pdf: install-pdf-recursive + +install-pdf-am: + +install-ps: install-ps-recursive + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-recursive + -rm -f $(am__CONFIG_DISTCLEAN_FILES) + -rm -rf $(top_srcdir)/autom4te.cache + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-recursive + +mostlyclean-am: mostlyclean-generic mostlyclean-libtool + +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + +uninstall-am: + +.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) all \ + ctags-recursive install-am install-strip tags-recursive + +.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ + all all-am am--refresh check check-am clean clean-generic \ + clean-libtool ctags ctags-recursive dist dist-all dist-bzip2 \ + dist-gzip dist-lzma dist-shar dist-tarZ dist-xz dist-zip \ + distcheck distclean distclean-generic distclean-hdr \ + distclean-libtool distclean-tags distcleancheck distdir \ + distuninstallcheck dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + installdirs-am maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ + ps ps-am tags tags-recursive uninstall uninstall-am + + +#EXTRA_DIST = libedit.pc.in +#pkgconfigdir = $(libdir)/pkgconfig +#pkgconfig_DATA = libedit.pc + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/lib/libedit/THANKS b/lib/libedit/THANKS new file mode 100644 index 000000000000..98ad22b8bc61 --- /dev/null +++ b/lib/libedit/THANKS @@ -0,0 +1 @@ +Thanks to the NetBSD Project maintainers of libedit! diff --git a/lib/libedit/acinclude.m4 b/lib/libedit/acinclude.m4 new file mode 100644 index 000000000000..4a581894bc7c --- /dev/null +++ b/lib/libedit/acinclude.m4 @@ -0,0 +1,85 @@ + +dnl +dnl read lib version from file (and trim trailing newline) +dnl +define([EL_RELEASE], [patsubst(esyscmd([. src/shlib_version; echo $major.$minor]), [ +])]) + +dnl +dnl read cvsexport timestamp from file (and trim trailing newline) +dnl +define([EL_TIMESTAMP], [patsubst(esyscmd([date +"%Y%m%d"]), [ +])]) + + +dnl +dnl NetBSD use the -mdoc macro package for manpages, but e.g. +dnl AIX and Solaris only support the -man package. +dnl +AC_DEFUN([EL_MANTYPE], +[ + MANTYPE= + TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" + AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath) + if ${NROFF} -mdoc ${srcdir}/doc/editrc.5.roff >/dev/null 2>&1; then + MANTYPE=mdoc + fi + AC_SUBST(MANTYPE) +]) + + +dnl +dnl Check if getpwnam_r and getpwuid_r are POSIX.1 compatible +dnl POSIX draft version returns 'struct passwd *' (used on Solaris) +dnl NOTE: getpwent_r is not POSIX so we always use getpwent +dnl +AC_DEFUN([EL_GETPW_R_POSIX], +[ + AC_MSG_CHECKING([whether getpwnam_r and getpwuid_r are posix like]) + # The prototype for the POSIX version is: + # int getpwnam_r(char *, struct passwd *, char *, size_t, struct passwd **) + # int getpwuid_r(uid_t, struct passwd *, char *, size_t, struct passwd **); + AC_TRY_LINK([#include + #include + #include ], + [getpwnam_r(NULL, NULL, NULL, (size_t)0, NULL); + getpwuid_r((uid_t)0, NULL, NULL, (size_t)0, NULL);], + [AC_DEFINE([HAVE_GETPW_R_POSIX], 1, [Define to 1 if you have getpwnam_r and getpwuid_r that are POSIX.1 compatible.]) + AC_MSG_RESULT(yes)], + [AC_MSG_RESULT(no)]) +]) + +AC_DEFUN([EL_GETPW_R_DRAFT], +[ + AC_MSG_CHECKING([whether getpwnam_r and getpwuid_r are posix _draft_ like]) + # The prototype for the POSIX draft version is: + # struct passwd *getpwuid_r(uid_t, struct passwd *, char *, int); + # struct passwd *getpwnam_r(char *, struct passwd *, char *, int); + AC_TRY_LINK([#include + #include + #include ], + [getpwnam_r(NULL, NULL, NULL, (size_t)0); + getpwuid_r((uid_t)0, NULL, NULL, (size_t)0);], + [AC_DEFINE([HAVE_GETPW_R_DRAFT], 1, [Define to 1 if you have getpwnam_r and getpwuid_r that are draft POSIX.1 versions.]) + AC_MSG_RESULT(yes)], + [AC_MSG_RESULT(no)]) +]) + + +dnl +dnl use option --enable-widec to turn on use of wide-character support +dnl +AC_DEFUN([EL_ENABLE_WIDEC], +[ + AC_MSG_CHECKING(if you want wide-character code) + AC_ARG_ENABLE(widec, + [ --enable-widec compile with wide-char/UTF-8 code], + [with_widec=$enableval], + [with_widec=no]) + AC_MSG_RESULT($with_widec) + if test "$with_widec" = yes ; then + AC_DEFINE(WIDECHAR, 1, [Define to 1 if you want wide-character code]) + fi + AM_CONDITIONAL([WIDECHAR], [test "$with_widec" = yes]) +]) + diff --git a/lib/libedit/aclocal.m4 b/lib/libedit/aclocal.m4 new file mode 100644 index 000000000000..22f6418d3936 --- /dev/null +++ b/lib/libedit/aclocal.m4 @@ -0,0 +1,9406 @@ +# generated automatically by aclocal 1.11.1 -*- Autoconf -*- + +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, +# 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc. +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +m4_ifndef([AC_AUTOCONF_VERSION], + [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl +m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.65],, +[m4_warning([this file was generated for autoconf 2.65. +You have another version of autoconf. It may work, but is not guaranteed to. +If you have problems, you may need to regenerate the build system entirely. +To do so, use the procedure documented by the package, typically `autoreconf'.])]) + +# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- +# +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, +# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, +# Inc. +# Written by Gordon Matzigkeit, 1996 +# +# This file is free software; the Free Software Foundation gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. + +m4_define([_LT_COPYING], [dnl +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, +# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, +# Inc. +# Written by Gordon Matzigkeit, 1996 +# +# This file is part of GNU Libtool. +# +# GNU Libtool is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of +# the License, or (at your option) any later version. +# +# As a special exception to the GNU General Public License, +# if you distribute this file as part of a program or library that +# is built using GNU Libtool, you may include this file under the +# same distribution terms that you use for the rest of that program. +# +# GNU Libtool is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GNU Libtool; see the file COPYING. If not, a copy +# can be downloaded from http://www.gnu.org/licenses/gpl.html, or +# obtained by writing to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +]) + +# serial 57 LT_INIT + + +# LT_PREREQ(VERSION) +# ------------------ +# Complain and exit if this libtool version is less that VERSION. +m4_defun([LT_PREREQ], +[m4_if(m4_version_compare(m4_defn([LT_PACKAGE_VERSION]), [$1]), -1, + [m4_default([$3], + [m4_fatal([Libtool version $1 or higher is required], + 63)])], + [$2])]) + + +# _LT_CHECK_BUILDDIR +# ------------------ +# Complain if the absolute build directory name contains unusual characters +m4_defun([_LT_CHECK_BUILDDIR], +[case `pwd` in + *\ * | *\ *) + AC_MSG_WARN([Libtool does not cope well with whitespace in `pwd`]) ;; +esac +]) + + +# LT_INIT([OPTIONS]) +# ------------------ +AC_DEFUN([LT_INIT], +[AC_PREREQ([2.58])dnl We use AC_INCLUDES_DEFAULT +AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl +AC_BEFORE([$0], [LT_LANG])dnl +AC_BEFORE([$0], [LT_OUTPUT])dnl +AC_BEFORE([$0], [LTDL_INIT])dnl +m4_require([_LT_CHECK_BUILDDIR])dnl + +dnl Autoconf doesn't catch unexpanded LT_ macros by default: +m4_pattern_forbid([^_?LT_[A-Z_]+$])dnl +m4_pattern_allow([^(_LT_EOF|LT_DLGLOBAL|LT_DLLAZY_OR_NOW|LT_MULTI_MODULE)$])dnl +dnl aclocal doesn't pull ltoptions.m4, ltsugar.m4, or ltversion.m4 +dnl unless we require an AC_DEFUNed macro: +AC_REQUIRE([LTOPTIONS_VERSION])dnl +AC_REQUIRE([LTSUGAR_VERSION])dnl +AC_REQUIRE([LTVERSION_VERSION])dnl +AC_REQUIRE([LTOBSOLETE_VERSION])dnl +m4_require([_LT_PROG_LTMAIN])dnl + +_LT_SHELL_INIT([SHELL=${CONFIG_SHELL-/bin/sh}]) + +dnl Parse OPTIONS +_LT_SET_OPTIONS([$0], [$1]) + +# This can be used to rebuild libtool when needed +LIBTOOL_DEPS="$ltmain" + +# Always use our own libtool. +LIBTOOL='$(SHELL) $(top_builddir)/libtool' +AC_SUBST(LIBTOOL)dnl + +_LT_SETUP + +# Only expand once: +m4_define([LT_INIT]) +])# LT_INIT + +# Old names: +AU_ALIAS([AC_PROG_LIBTOOL], [LT_INIT]) +AU_ALIAS([AM_PROG_LIBTOOL], [LT_INIT]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_PROG_LIBTOOL], []) +dnl AC_DEFUN([AM_PROG_LIBTOOL], []) + + +# _LT_CC_BASENAME(CC) +# ------------------- +# Calculate cc_basename. Skip known compiler wrappers and cross-prefix. +m4_defun([_LT_CC_BASENAME], +[for cc_temp in $1""; do + case $cc_temp in + compile | *[[\\/]]compile | ccache | *[[\\/]]ccache ) ;; + distcc | *[[\\/]]distcc | purify | *[[\\/]]purify ) ;; + \-*) ;; + *) break;; + esac +done +cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"` +]) + + +# _LT_FILEUTILS_DEFAULTS +# ---------------------- +# It is okay to use these file commands and assume they have been set +# sensibly after `m4_require([_LT_FILEUTILS_DEFAULTS])'. +m4_defun([_LT_FILEUTILS_DEFAULTS], +[: ${CP="cp -f"} +: ${MV="mv -f"} +: ${RM="rm -f"} +])# _LT_FILEUTILS_DEFAULTS + + +# _LT_SETUP +# --------- +m4_defun([_LT_SETUP], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +AC_REQUIRE([AC_CANONICAL_BUILD])dnl +AC_REQUIRE([_LT_PREPARE_SED_QUOTE_VARS])dnl +AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl + +_LT_DECL([], [host_alias], [0], [The host system])dnl +_LT_DECL([], [host], [0])dnl +_LT_DECL([], [host_os], [0])dnl +dnl +_LT_DECL([], [build_alias], [0], [The build system])dnl +_LT_DECL([], [build], [0])dnl +_LT_DECL([], [build_os], [0])dnl +dnl +AC_REQUIRE([AC_PROG_CC])dnl +AC_REQUIRE([LT_PATH_LD])dnl +AC_REQUIRE([LT_PATH_NM])dnl +dnl +AC_REQUIRE([AC_PROG_LN_S])dnl +test -z "$LN_S" && LN_S="ln -s" +_LT_DECL([], [LN_S], [1], [Whether we need soft or hard links])dnl +dnl +AC_REQUIRE([LT_CMD_MAX_LEN])dnl +_LT_DECL([objext], [ac_objext], [0], [Object file suffix (normally "o")])dnl +_LT_DECL([], [exeext], [0], [Executable file suffix (normally "")])dnl +dnl +m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_CHECK_SHELL_FEATURES])dnl +m4_require([_LT_PATH_CONVERSION_FUNCTIONS])dnl +m4_require([_LT_CMD_RELOAD])dnl +m4_require([_LT_CHECK_MAGIC_METHOD])dnl +m4_require([_LT_CHECK_SHAREDLIB_FROM_LINKLIB])dnl +m4_require([_LT_CMD_OLD_ARCHIVE])dnl +m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl +m4_require([_LT_WITH_SYSROOT])dnl + +_LT_CONFIG_LIBTOOL_INIT([ +# See if we are running on zsh, and set the options which allow our +# commands through without removal of \ escapes INIT. +if test -n "\${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST +fi +]) +if test -n "${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST +fi + +_LT_CHECK_OBJDIR + +m4_require([_LT_TAG_COMPILER])dnl + +case $host_os in +aix3*) + # AIX sometimes has problems with the GCC collect2 program. For some + # reason, if we set the COLLECT_NAMES environment variable, the problems + # vanish in a puff of smoke. + if test "X${COLLECT_NAMES+set}" != Xset; then + COLLECT_NAMES= + export COLLECT_NAMES + fi + ;; +esac + +# Global variables: +ofile=libtool +can_build_shared=yes + +# All known linkers require a `.a' archive for static linking (except MSVC, +# which needs '.lib'). +libext=a + +with_gnu_ld="$lt_cv_prog_gnu_ld" + +old_CC="$CC" +old_CFLAGS="$CFLAGS" + +# Set sane defaults for various variables +test -z "$CC" && CC=cc +test -z "$LTCC" && LTCC=$CC +test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS +test -z "$LD" && LD=ld +test -z "$ac_objext" && ac_objext=o + +_LT_CC_BASENAME([$compiler]) + +# Only perform the check for file, if the check method requires it +test -z "$MAGIC_CMD" && MAGIC_CMD=file +case $deplibs_check_method in +file_magic*) + if test "$file_magic_cmd" = '$MAGIC_CMD'; then + _LT_PATH_MAGIC + fi + ;; +esac + +# Use C for the default configuration in the libtool script +LT_SUPPORTED_TAG([CC]) +_LT_LANG_C_CONFIG +_LT_LANG_DEFAULT_CONFIG +_LT_CONFIG_COMMANDS +])# _LT_SETUP + + +# _LT_PREPARE_SED_QUOTE_VARS +# -------------------------- +# Define a few sed substitution that help us do robust quoting. +m4_defun([_LT_PREPARE_SED_QUOTE_VARS], +[# Backslashify metacharacters that are still active within +# double-quoted strings. +sed_quote_subst='s/\([["`$\\]]\)/\\\1/g' + +# Same as above, but do not quote variable references. +double_quote_subst='s/\([["`\\]]\)/\\\1/g' + +# Sed substitution to delay expansion of an escaped shell variable in a +# double_quote_subst'ed string. +delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' + +# Sed substitution to delay expansion of an escaped single quote. +delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g' + +# Sed substitution to avoid accidental globbing in evaled expressions +no_glob_subst='s/\*/\\\*/g' +]) + +# _LT_PROG_LTMAIN +# --------------- +# Note that this code is called both from `configure', and `config.status' +# now that we use AC_CONFIG_COMMANDS to generate libtool. Notably, +# `config.status' has no value for ac_aux_dir unless we are using Automake, +# so we pass a copy along to make sure it has a sensible value anyway. +m4_defun([_LT_PROG_LTMAIN], +[m4_ifdef([AC_REQUIRE_AUX_FILE], [AC_REQUIRE_AUX_FILE([ltmain.sh])])dnl +_LT_CONFIG_LIBTOOL_INIT([ac_aux_dir='$ac_aux_dir']) +ltmain="$ac_aux_dir/ltmain.sh" +])# _LT_PROG_LTMAIN + + + +# So that we can recreate a full libtool script including additional +# tags, we accumulate the chunks of code to send to AC_CONFIG_COMMANDS +# in macros and then make a single call at the end using the `libtool' +# label. + + +# _LT_CONFIG_LIBTOOL_INIT([INIT-COMMANDS]) +# ---------------------------------------- +# Register INIT-COMMANDS to be passed to AC_CONFIG_COMMANDS later. +m4_define([_LT_CONFIG_LIBTOOL_INIT], +[m4_ifval([$1], + [m4_append([_LT_OUTPUT_LIBTOOL_INIT], + [$1 +])])]) + +# Initialize. +m4_define([_LT_OUTPUT_LIBTOOL_INIT]) + + +# _LT_CONFIG_LIBTOOL([COMMANDS]) +# ------------------------------ +# Register COMMANDS to be passed to AC_CONFIG_COMMANDS later. +m4_define([_LT_CONFIG_LIBTOOL], +[m4_ifval([$1], + [m4_append([_LT_OUTPUT_LIBTOOL_COMMANDS], + [$1 +])])]) + +# Initialize. +m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS]) + + +# _LT_CONFIG_SAVE_COMMANDS([COMMANDS], [INIT_COMMANDS]) +# ----------------------------------------------------- +m4_defun([_LT_CONFIG_SAVE_COMMANDS], +[_LT_CONFIG_LIBTOOL([$1]) +_LT_CONFIG_LIBTOOL_INIT([$2]) +]) + + +# _LT_FORMAT_COMMENT([COMMENT]) +# ----------------------------- +# Add leading comment marks to the start of each line, and a trailing +# full-stop to the whole comment if one is not present already. +m4_define([_LT_FORMAT_COMMENT], +[m4_ifval([$1], [ +m4_bpatsubst([m4_bpatsubst([$1], [^ *], [# ])], + [['`$\]], [\\\&])]m4_bmatch([$1], [[!?.]$], [], [.]) +)]) + + + + + +# _LT_DECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION], [IS-TAGGED?]) +# ------------------------------------------------------------------- +# CONFIGNAME is the name given to the value in the libtool script. +# VARNAME is the (base) name used in the configure script. +# VALUE may be 0, 1 or 2 for a computed quote escaped value based on +# VARNAME. Any other value will be used directly. +m4_define([_LT_DECL], +[lt_if_append_uniq([lt_decl_varnames], [$2], [, ], + [lt_dict_add_subkey([lt_decl_dict], [$2], [libtool_name], + [m4_ifval([$1], [$1], [$2])]) + lt_dict_add_subkey([lt_decl_dict], [$2], [value], [$3]) + m4_ifval([$4], + [lt_dict_add_subkey([lt_decl_dict], [$2], [description], [$4])]) + lt_dict_add_subkey([lt_decl_dict], [$2], + [tagged?], [m4_ifval([$5], [yes], [no])])]) +]) + + +# _LT_TAGDECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION]) +# -------------------------------------------------------- +m4_define([_LT_TAGDECL], [_LT_DECL([$1], [$2], [$3], [$4], [yes])]) + + +# lt_decl_tag_varnames([SEPARATOR], [VARNAME1...]) +# ------------------------------------------------ +m4_define([lt_decl_tag_varnames], +[_lt_decl_filter([tagged?], [yes], $@)]) + + +# _lt_decl_filter(SUBKEY, VALUE, [SEPARATOR], [VARNAME1..]) +# --------------------------------------------------------- +m4_define([_lt_decl_filter], +[m4_case([$#], + [0], [m4_fatal([$0: too few arguments: $#])], + [1], [m4_fatal([$0: too few arguments: $#: $1])], + [2], [lt_dict_filter([lt_decl_dict], [$1], [$2], [], lt_decl_varnames)], + [3], [lt_dict_filter([lt_decl_dict], [$1], [$2], [$3], lt_decl_varnames)], + [lt_dict_filter([lt_decl_dict], $@)])[]dnl +]) + + +# lt_decl_quote_varnames([SEPARATOR], [VARNAME1...]) +# -------------------------------------------------- +m4_define([lt_decl_quote_varnames], +[_lt_decl_filter([value], [1], $@)]) + + +# lt_decl_dquote_varnames([SEPARATOR], [VARNAME1...]) +# --------------------------------------------------- +m4_define([lt_decl_dquote_varnames], +[_lt_decl_filter([value], [2], $@)]) + + +# lt_decl_varnames_tagged([SEPARATOR], [VARNAME1...]) +# --------------------------------------------------- +m4_define([lt_decl_varnames_tagged], +[m4_assert([$# <= 2])dnl +_$0(m4_quote(m4_default([$1], [[, ]])), + m4_ifval([$2], [[$2]], [m4_dquote(lt_decl_tag_varnames)]), + m4_split(m4_normalize(m4_quote(_LT_TAGS)), [ ]))]) +m4_define([_lt_decl_varnames_tagged], +[m4_ifval([$3], [lt_combine([$1], [$2], [_], $3)])]) + + +# lt_decl_all_varnames([SEPARATOR], [VARNAME1...]) +# ------------------------------------------------ +m4_define([lt_decl_all_varnames], +[_$0(m4_quote(m4_default([$1], [[, ]])), + m4_if([$2], [], + m4_quote(lt_decl_varnames), + m4_quote(m4_shift($@))))[]dnl +]) +m4_define([_lt_decl_all_varnames], +[lt_join($@, lt_decl_varnames_tagged([$1], + lt_decl_tag_varnames([[, ]], m4_shift($@))))dnl +]) + + +# _LT_CONFIG_STATUS_DECLARE([VARNAME]) +# ------------------------------------ +# Quote a variable value, and forward it to `config.status' so that its +# declaration there will have the same value as in `configure'. VARNAME +# must have a single quote delimited value for this to work. +m4_define([_LT_CONFIG_STATUS_DECLARE], +[$1='`$ECHO "$][$1" | $SED "$delay_single_quote_subst"`']) + + +# _LT_CONFIG_STATUS_DECLARATIONS +# ------------------------------ +# We delimit libtool config variables with single quotes, so when +# we write them to config.status, we have to be sure to quote all +# embedded single quotes properly. In configure, this macro expands +# each variable declared with _LT_DECL (and _LT_TAGDECL) into: +# +# ='`$ECHO "$" | $SED "$delay_single_quote_subst"`' +m4_defun([_LT_CONFIG_STATUS_DECLARATIONS], +[m4_foreach([_lt_var], m4_quote(lt_decl_all_varnames), + [m4_n([_LT_CONFIG_STATUS_DECLARE(_lt_var)])])]) + + +# _LT_LIBTOOL_TAGS +# ---------------- +# Output comment and list of tags supported by the script +m4_defun([_LT_LIBTOOL_TAGS], +[_LT_FORMAT_COMMENT([The names of the tagged configurations supported by this script])dnl +available_tags="_LT_TAGS"dnl +]) + + +# _LT_LIBTOOL_DECLARE(VARNAME, [TAG]) +# ----------------------------------- +# Extract the dictionary values for VARNAME (optionally with TAG) and +# expand to a commented shell variable setting: +# +# # Some comment about what VAR is for. +# visible_name=$lt_internal_name +m4_define([_LT_LIBTOOL_DECLARE], +[_LT_FORMAT_COMMENT(m4_quote(lt_dict_fetch([lt_decl_dict], [$1], + [description])))[]dnl +m4_pushdef([_libtool_name], + m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [libtool_name])))[]dnl +m4_case(m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [value])), + [0], [_libtool_name=[$]$1], + [1], [_libtool_name=$lt_[]$1], + [2], [_libtool_name=$lt_[]$1], + [_libtool_name=lt_dict_fetch([lt_decl_dict], [$1], [value])])[]dnl +m4_ifval([$2], [_$2])[]m4_popdef([_libtool_name])[]dnl +]) + + +# _LT_LIBTOOL_CONFIG_VARS +# ----------------------- +# Produce commented declarations of non-tagged libtool config variables +# suitable for insertion in the LIBTOOL CONFIG section of the `libtool' +# script. Tagged libtool config variables (even for the LIBTOOL CONFIG +# section) are produced by _LT_LIBTOOL_TAG_VARS. +m4_defun([_LT_LIBTOOL_CONFIG_VARS], +[m4_foreach([_lt_var], + m4_quote(_lt_decl_filter([tagged?], [no], [], lt_decl_varnames)), + [m4_n([_LT_LIBTOOL_DECLARE(_lt_var)])])]) + + +# _LT_LIBTOOL_TAG_VARS(TAG) +# ------------------------- +m4_define([_LT_LIBTOOL_TAG_VARS], +[m4_foreach([_lt_var], m4_quote(lt_decl_tag_varnames), + [m4_n([_LT_LIBTOOL_DECLARE(_lt_var, [$1])])])]) + + +# _LT_TAGVAR(VARNAME, [TAGNAME]) +# ------------------------------ +m4_define([_LT_TAGVAR], [m4_ifval([$2], [$1_$2], [$1])]) + + +# _LT_CONFIG_COMMANDS +# ------------------- +# Send accumulated output to $CONFIG_STATUS. Thanks to the lists of +# variables for single and double quote escaping we saved from calls +# to _LT_DECL, we can put quote escaped variables declarations +# into `config.status', and then the shell code to quote escape them in +# for loops in `config.status'. Finally, any additional code accumulated +# from calls to _LT_CONFIG_LIBTOOL_INIT is expanded. +m4_defun([_LT_CONFIG_COMMANDS], +[AC_PROVIDE_IFELSE([LT_OUTPUT], + dnl If the libtool generation code has been placed in $CONFIG_LT, + dnl instead of duplicating it all over again into config.status, + dnl then we will have config.status run $CONFIG_LT later, so it + dnl needs to know what name is stored there: + [AC_CONFIG_COMMANDS([libtool], + [$SHELL $CONFIG_LT || AS_EXIT(1)], [CONFIG_LT='$CONFIG_LT'])], + dnl If the libtool generation code is destined for config.status, + dnl expand the accumulated commands and init code now: + [AC_CONFIG_COMMANDS([libtool], + [_LT_OUTPUT_LIBTOOL_COMMANDS], [_LT_OUTPUT_LIBTOOL_COMMANDS_INIT])]) +])#_LT_CONFIG_COMMANDS + + +# Initialize. +m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS_INIT], +[ + +# The HP-UX ksh and POSIX shell print the target directory to stdout +# if CDPATH is set. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +sed_quote_subst='$sed_quote_subst' +double_quote_subst='$double_quote_subst' +delay_variable_subst='$delay_variable_subst' +_LT_CONFIG_STATUS_DECLARATIONS +LTCC='$LTCC' +LTCFLAGS='$LTCFLAGS' +compiler='$compiler_DEFAULT' + +# A function that is used when there is no print builtin or printf. +func_fallback_echo () +{ + eval 'cat <<_LTECHO_EOF +\$[]1 +_LTECHO_EOF' +} + +# Quote evaled strings. +for var in lt_decl_all_varnames([[ \ +]], lt_decl_quote_varnames); do + case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in + *[[\\\\\\\`\\"\\\$]]*) + eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" + ;; + *) + eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" + ;; + esac +done + +# Double-quote double-evaled strings. +for var in lt_decl_all_varnames([[ \ +]], lt_decl_dquote_varnames); do + case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in + *[[\\\\\\\`\\"\\\$]]*) + eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" + ;; + *) + eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" + ;; + esac +done + +_LT_OUTPUT_LIBTOOL_INIT +]) + +# _LT_GENERATED_FILE_INIT(FILE, [COMMENT]) +# ------------------------------------ +# Generate a child script FILE with all initialization necessary to +# reuse the environment learned by the parent script, and make the +# file executable. If COMMENT is supplied, it is inserted after the +# `#!' sequence but before initialization text begins. After this +# macro, additional text can be appended to FILE to form the body of +# the child script. The macro ends with non-zero status if the +# file could not be fully written (such as if the disk is full). +m4_ifdef([AS_INIT_GENERATED], +[m4_defun([_LT_GENERATED_FILE_INIT],[AS_INIT_GENERATED($@)])], +[m4_defun([_LT_GENERATED_FILE_INIT], +[m4_require([AS_PREPARE])]dnl +[m4_pushdef([AS_MESSAGE_LOG_FD])]dnl +[lt_write_fail=0 +cat >$1 <<_ASEOF || lt_write_fail=1 +#! $SHELL +# Generated by $as_me. +$2 +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>$1 <<\_ASEOF || lt_write_fail=1 +AS_SHELL_SANITIZE +_AS_PREPARE +exec AS_MESSAGE_FD>&1 +_ASEOF +test $lt_write_fail = 0 && chmod +x $1[]dnl +m4_popdef([AS_MESSAGE_LOG_FD])])])# _LT_GENERATED_FILE_INIT + +# LT_OUTPUT +# --------- +# This macro allows early generation of the libtool script (before +# AC_OUTPUT is called), incase it is used in configure for compilation +# tests. +AC_DEFUN([LT_OUTPUT], +[: ${CONFIG_LT=./config.lt} +AC_MSG_NOTICE([creating $CONFIG_LT]) +_LT_GENERATED_FILE_INIT(["$CONFIG_LT"], +[# Run this file to recreate a libtool stub with the current configuration.]) + +cat >>"$CONFIG_LT" <<\_LTEOF +lt_cl_silent=false +exec AS_MESSAGE_LOG_FD>>config.log +{ + echo + AS_BOX([Running $as_me.]) +} >&AS_MESSAGE_LOG_FD + +lt_cl_help="\ +\`$as_me' creates a local libtool stub from the current configuration, +for use in further configure time tests before the real libtool is +generated. + +Usage: $[0] [[OPTIONS]] + + -h, --help print this help, then exit + -V, --version print version number, then exit + -q, --quiet do not print progress messages + -d, --debug don't remove temporary files + +Report bugs to ." + +lt_cl_version="\ +m4_ifset([AC_PACKAGE_NAME], [AC_PACKAGE_NAME ])config.lt[]dnl +m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION]) +configured by $[0], generated by m4_PACKAGE_STRING. + +Copyright (C) 2010 Free Software Foundation, Inc. +This config.lt script is free software; the Free Software Foundation +gives unlimited permision to copy, distribute and modify it." + +while test $[#] != 0 +do + case $[1] in + --version | --v* | -V ) + echo "$lt_cl_version"; exit 0 ;; + --help | --h* | -h ) + echo "$lt_cl_help"; exit 0 ;; + --debug | --d* | -d ) + debug=: ;; + --quiet | --q* | --silent | --s* | -q ) + lt_cl_silent=: ;; + + -*) AC_MSG_ERROR([unrecognized option: $[1] +Try \`$[0] --help' for more information.]) ;; + + *) AC_MSG_ERROR([unrecognized argument: $[1] +Try \`$[0] --help' for more information.]) ;; + esac + shift +done + +if $lt_cl_silent; then + exec AS_MESSAGE_FD>/dev/null +fi +_LTEOF + +cat >>"$CONFIG_LT" <<_LTEOF +_LT_OUTPUT_LIBTOOL_COMMANDS_INIT +_LTEOF + +cat >>"$CONFIG_LT" <<\_LTEOF +AC_MSG_NOTICE([creating $ofile]) +_LT_OUTPUT_LIBTOOL_COMMANDS +AS_EXIT(0) +_LTEOF +chmod +x "$CONFIG_LT" + +# configure is writing to config.log, but config.lt does its own redirection, +# appending to config.log, which fails on DOS, as config.log is still kept +# open by configure. Here we exec the FD to /dev/null, effectively closing +# config.log, so it can be properly (re)opened and appended to by config.lt. +lt_cl_success=: +test "$silent" = yes && + lt_config_lt_args="$lt_config_lt_args --quiet" +exec AS_MESSAGE_LOG_FD>/dev/null +$SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false +exec AS_MESSAGE_LOG_FD>>config.log +$lt_cl_success || AS_EXIT(1) +])# LT_OUTPUT + + +# _LT_CONFIG(TAG) +# --------------- +# If TAG is the built-in tag, create an initial libtool script with a +# default configuration from the untagged config vars. Otherwise add code +# to config.status for appending the configuration named by TAG from the +# matching tagged config vars. +m4_defun([_LT_CONFIG], +[m4_require([_LT_FILEUTILS_DEFAULTS])dnl +_LT_CONFIG_SAVE_COMMANDS([ + m4_define([_LT_TAG], m4_if([$1], [], [C], [$1]))dnl + m4_if(_LT_TAG, [C], [ + # See if we are running on zsh, and set the options which allow our + # commands through without removal of \ escapes. + if test -n "${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST + fi + + cfgfile="${ofile}T" + trap "$RM \"$cfgfile\"; exit 1" 1 2 15 + $RM "$cfgfile" + + cat <<_LT_EOF >> "$cfgfile" +#! $SHELL + +# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services. +# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION +# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: +# NOTE: Changes made to this file will be lost: look at ltmain.sh. +# +_LT_COPYING +_LT_LIBTOOL_TAGS + +# ### BEGIN LIBTOOL CONFIG +_LT_LIBTOOL_CONFIG_VARS +_LT_LIBTOOL_TAG_VARS +# ### END LIBTOOL CONFIG + +_LT_EOF + + case $host_os in + aix3*) + cat <<\_LT_EOF >> "$cfgfile" +# AIX sometimes has problems with the GCC collect2 program. For some +# reason, if we set the COLLECT_NAMES environment variable, the problems +# vanish in a puff of smoke. +if test "X${COLLECT_NAMES+set}" != Xset; then + COLLECT_NAMES= + export COLLECT_NAMES +fi +_LT_EOF + ;; + esac + + _LT_PROG_LTMAIN + + # We use sed instead of cat because bash on DJGPP gets confused if + # if finds mixed CR/LF and LF-only lines. Since sed operates in + # text mode, it properly converts lines to CR/LF. This bash problem + # is reportedly fixed, but why not run on old versions too? + sed '$q' "$ltmain" >> "$cfgfile" \ + || (rm -f "$cfgfile"; exit 1) + + _LT_PROG_REPLACE_SHELLFNS + + mv -f "$cfgfile" "$ofile" || + (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") + chmod +x "$ofile" +], +[cat <<_LT_EOF >> "$ofile" + +dnl Unfortunately we have to use $1 here, since _LT_TAG is not expanded +dnl in a comment (ie after a #). +# ### BEGIN LIBTOOL TAG CONFIG: $1 +_LT_LIBTOOL_TAG_VARS(_LT_TAG) +# ### END LIBTOOL TAG CONFIG: $1 +_LT_EOF +])dnl /m4_if +], +[m4_if([$1], [], [ + PACKAGE='$PACKAGE' + VERSION='$VERSION' + TIMESTAMP='$TIMESTAMP' + RM='$RM' + ofile='$ofile'], []) +])dnl /_LT_CONFIG_SAVE_COMMANDS +])# _LT_CONFIG + + +# LT_SUPPORTED_TAG(TAG) +# --------------------- +# Trace this macro to discover what tags are supported by the libtool +# --tag option, using: +# autoconf --trace 'LT_SUPPORTED_TAG:$1' +AC_DEFUN([LT_SUPPORTED_TAG], []) + + +# C support is built-in for now +m4_define([_LT_LANG_C_enabled], []) +m4_define([_LT_TAGS], []) + + +# LT_LANG(LANG) +# ------------- +# Enable libtool support for the given language if not already enabled. +AC_DEFUN([LT_LANG], +[AC_BEFORE([$0], [LT_OUTPUT])dnl +m4_case([$1], + [C], [_LT_LANG(C)], + [C++], [_LT_LANG(CXX)], + [Java], [_LT_LANG(GCJ)], + [Fortran 77], [_LT_LANG(F77)], + [Fortran], [_LT_LANG(FC)], + [Windows Resource], [_LT_LANG(RC)], + [m4_ifdef([_LT_LANG_]$1[_CONFIG], + [_LT_LANG($1)], + [m4_fatal([$0: unsupported language: "$1"])])])dnl +])# LT_LANG + + +# _LT_LANG(LANGNAME) +# ------------------ +m4_defun([_LT_LANG], +[m4_ifdef([_LT_LANG_]$1[_enabled], [], + [LT_SUPPORTED_TAG([$1])dnl + m4_append([_LT_TAGS], [$1 ])dnl + m4_define([_LT_LANG_]$1[_enabled], [])dnl + _LT_LANG_$1_CONFIG($1)])dnl +])# _LT_LANG + + +# _LT_LANG_DEFAULT_CONFIG +# ----------------------- +m4_defun([_LT_LANG_DEFAULT_CONFIG], +[AC_PROVIDE_IFELSE([AC_PROG_CXX], + [LT_LANG(CXX)], + [m4_define([AC_PROG_CXX], defn([AC_PROG_CXX])[LT_LANG(CXX)])]) + +AC_PROVIDE_IFELSE([AC_PROG_F77], + [LT_LANG(F77)], + [m4_define([AC_PROG_F77], defn([AC_PROG_F77])[LT_LANG(F77)])]) + +AC_PROVIDE_IFELSE([AC_PROG_FC], + [LT_LANG(FC)], + [m4_define([AC_PROG_FC], defn([AC_PROG_FC])[LT_LANG(FC)])]) + +dnl The call to [A][M_PROG_GCJ] is quoted like that to stop aclocal +dnl pulling things in needlessly. +AC_PROVIDE_IFELSE([AC_PROG_GCJ], + [LT_LANG(GCJ)], + [AC_PROVIDE_IFELSE([A][M_PROG_GCJ], + [LT_LANG(GCJ)], + [AC_PROVIDE_IFELSE([LT_PROG_GCJ], + [LT_LANG(GCJ)], + [m4_ifdef([AC_PROG_GCJ], + [m4_define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[LT_LANG(GCJ)])]) + m4_ifdef([A][M_PROG_GCJ], + [m4_define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[LT_LANG(GCJ)])]) + m4_ifdef([LT_PROG_GCJ], + [m4_define([LT_PROG_GCJ], defn([LT_PROG_GCJ])[LT_LANG(GCJ)])])])])]) + +AC_PROVIDE_IFELSE([LT_PROG_RC], + [LT_LANG(RC)], + [m4_define([LT_PROG_RC], defn([LT_PROG_RC])[LT_LANG(RC)])]) +])# _LT_LANG_DEFAULT_CONFIG + +# Obsolete macros: +AU_DEFUN([AC_LIBTOOL_CXX], [LT_LANG(C++)]) +AU_DEFUN([AC_LIBTOOL_F77], [LT_LANG(Fortran 77)]) +AU_DEFUN([AC_LIBTOOL_FC], [LT_LANG(Fortran)]) +AU_DEFUN([AC_LIBTOOL_GCJ], [LT_LANG(Java)]) +AU_DEFUN([AC_LIBTOOL_RC], [LT_LANG(Windows Resource)]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_CXX], []) +dnl AC_DEFUN([AC_LIBTOOL_F77], []) +dnl AC_DEFUN([AC_LIBTOOL_FC], []) +dnl AC_DEFUN([AC_LIBTOOL_GCJ], []) +dnl AC_DEFUN([AC_LIBTOOL_RC], []) + + +# _LT_TAG_COMPILER +# ---------------- +m4_defun([_LT_TAG_COMPILER], +[AC_REQUIRE([AC_PROG_CC])dnl + +_LT_DECL([LTCC], [CC], [1], [A C compiler])dnl +_LT_DECL([LTCFLAGS], [CFLAGS], [1], [LTCC compiler flags])dnl +_LT_TAGDECL([CC], [compiler], [1], [A language specific compiler])dnl +_LT_TAGDECL([with_gcc], [GCC], [0], [Is the compiler the GNU compiler?])dnl + +# If no C compiler was specified, use CC. +LTCC=${LTCC-"$CC"} + +# If no C compiler flags were specified, use CFLAGS. +LTCFLAGS=${LTCFLAGS-"$CFLAGS"} + +# Allow CC to be a program name with arguments. +compiler=$CC +])# _LT_TAG_COMPILER + + +# _LT_COMPILER_BOILERPLATE +# ------------------------ +# Check for compiler boilerplate output or warnings with +# the simple compiler test code. +m4_defun([_LT_COMPILER_BOILERPLATE], +[m4_require([_LT_DECL_SED])dnl +ac_outfile=conftest.$ac_objext +echo "$lt_simple_compile_test_code" >conftest.$ac_ext +eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err +_lt_compiler_boilerplate=`cat conftest.err` +$RM conftest* +])# _LT_COMPILER_BOILERPLATE + + +# _LT_LINKER_BOILERPLATE +# ---------------------- +# Check for linker boilerplate output or warnings with +# the simple link test code. +m4_defun([_LT_LINKER_BOILERPLATE], +[m4_require([_LT_DECL_SED])dnl +ac_outfile=conftest.$ac_objext +echo "$lt_simple_link_test_code" >conftest.$ac_ext +eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err +_lt_linker_boilerplate=`cat conftest.err` +$RM -r conftest* +])# _LT_LINKER_BOILERPLATE + +# _LT_REQUIRED_DARWIN_CHECKS +# ------------------------- +m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ + case $host_os in + rhapsody* | darwin*) + AC_CHECK_TOOL([DSYMUTIL], [dsymutil], [:]) + AC_CHECK_TOOL([NMEDIT], [nmedit], [:]) + AC_CHECK_TOOL([LIPO], [lipo], [:]) + AC_CHECK_TOOL([OTOOL], [otool], [:]) + AC_CHECK_TOOL([OTOOL64], [otool64], [:]) + _LT_DECL([], [DSYMUTIL], [1], + [Tool to manipulate archived DWARF debug symbol files on Mac OS X]) + _LT_DECL([], [NMEDIT], [1], + [Tool to change global to local symbols on Mac OS X]) + _LT_DECL([], [LIPO], [1], + [Tool to manipulate fat objects and archives on Mac OS X]) + _LT_DECL([], [OTOOL], [1], + [ldd/readelf like tool for Mach-O binaries on Mac OS X]) + _LT_DECL([], [OTOOL64], [1], + [ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4]) + + AC_CACHE_CHECK([for -single_module linker flag],[lt_cv_apple_cc_single_mod], + [lt_cv_apple_cc_single_mod=no + if test -z "${LT_MULTI_MODULE}"; then + # By default we will add the -single_module flag. You can override + # by either setting the environment variable LT_MULTI_MODULE + # non-empty at configure time, or by adding -multi_module to the + # link flags. + rm -rf libconftest.dylib* + echo "int foo(void){return 1;}" > conftest.c + echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ +-dynamiclib -Wl,-single_module conftest.c" >&AS_MESSAGE_LOG_FD + $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ + -dynamiclib -Wl,-single_module conftest.c 2>conftest.err + _lt_result=$? + if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then + lt_cv_apple_cc_single_mod=yes + else + cat conftest.err >&AS_MESSAGE_LOG_FD + fi + rm -rf libconftest.dylib* + rm -f conftest.* + fi]) + AC_CACHE_CHECK([for -exported_symbols_list linker flag], + [lt_cv_ld_exported_symbols_list], + [lt_cv_ld_exported_symbols_list=no + save_LDFLAGS=$LDFLAGS + echo "_main" > conftest.sym + LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym" + AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])], + [lt_cv_ld_exported_symbols_list=yes], + [lt_cv_ld_exported_symbols_list=no]) + LDFLAGS="$save_LDFLAGS" + ]) + AC_CACHE_CHECK([for -force_load linker flag],[lt_cv_ld_force_load], + [lt_cv_ld_force_load=no + cat > conftest.c << _LT_EOF +int forced_loaded() { return 2;} +_LT_EOF + echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD + $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD + echo "$AR cru libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD + $AR cru libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD + echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD + $RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD + cat > conftest.c << _LT_EOF +int main() { return 0;} +_LT_EOF + echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&AS_MESSAGE_LOG_FD + $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err + _lt_result=$? + if test -f conftest && test ! -s conftest.err && test $_lt_result = 0 && $GREP forced_load conftest 2>&1 >/dev/null; then + lt_cv_ld_force_load=yes + else + cat conftest.err >&AS_MESSAGE_LOG_FD + fi + rm -f conftest.err libconftest.a conftest conftest.c + rm -rf conftest.dSYM + ]) + case $host_os in + rhapsody* | darwin1.[[012]]) + _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;; + darwin1.*) + _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; + darwin*) # darwin 5.x on + # if running on 10.5 or later, the deployment target defaults + # to the OS version, if on x86, and 10.4, the deployment + # target defaults to 10.4. Don't you love it? + case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in + 10.0,*86*-darwin8*|10.0,*-darwin[[91]]*) + _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; + 10.[[012]]*) + _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; + 10.*) + _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; + esac + ;; + esac + if test "$lt_cv_apple_cc_single_mod" = "yes"; then + _lt_dar_single_mod='$single_module' + fi + if test "$lt_cv_ld_exported_symbols_list" = "yes"; then + _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym' + else + _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}' + fi + if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then + _lt_dsymutil='~$DSYMUTIL $lib || :' + else + _lt_dsymutil= + fi + ;; + esac +]) + + +# _LT_DARWIN_LINKER_FEATURES +# -------------------------- +# Checks for linker and compiler features on darwin +m4_defun([_LT_DARWIN_LINKER_FEATURES], +[ + m4_require([_LT_REQUIRED_DARWIN_CHECKS]) + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_TAGVAR(hardcode_direct, $1)=no + _LT_TAGVAR(hardcode_automatic, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported + if test "$lt_cv_ld_force_load" = "yes"; then + _LT_TAGVAR(whole_archive_flag_spec, $1)='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' + else + _LT_TAGVAR(whole_archive_flag_spec, $1)='' + fi + _LT_TAGVAR(link_all_deplibs, $1)=yes + _LT_TAGVAR(allow_undefined_flag, $1)="$_lt_dar_allow_undefined" + case $cc_basename in + ifort*) _lt_dar_can_shared=yes ;; + *) _lt_dar_can_shared=$GCC ;; + esac + if test "$_lt_dar_can_shared" = "yes"; then + output_verbose_link_cmd=func_echo_all + _LT_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}" + _LT_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}" + _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}" + _LT_TAGVAR(module_expsym_cmds, $1)="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}" + m4_if([$1], [CXX], +[ if test "$lt_cv_apple_cc_single_mod" != "yes"; then + _LT_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dsymutil}" + _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dar_export_syms}${_lt_dsymutil}" + fi +],[]) + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi +]) + +# _LT_SYS_MODULE_PATH_AIX([TAGNAME]) +# ---------------------------------- +# Links a minimal program and checks the executable +# for the system default hardcoded library path. In most cases, +# this is /usr/lib:/lib, but when the MPI compilers are used +# the location of the communication and MPI libs are included too. +# If we don't find anything, use the default library path according +# to the aix ld manual. +# Store the results from the different compilers for each TAGNAME. +# Allow to override them for all tags through lt_cv_aix_libpath. +m4_defun([_LT_SYS_MODULE_PATH_AIX], +[m4_require([_LT_DECL_SED])dnl +if test "${lt_cv_aix_libpath+set}" = set; then + aix_libpath=$lt_cv_aix_libpath +else + AC_CACHE_VAL([_LT_TAGVAR([lt_cv_aix_libpath_], [$1])], + [AC_LINK_IFELSE([AC_LANG_PROGRAM],[ + lt_aix_libpath_sed='[ + /Import File Strings/,/^$/ { + /^0/ { + s/^0 *\([^ ]*\) *$/\1/ + p + } + }]' + _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + # Check for a 64-bit object if we didn't find anything. + if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then + _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + fi],[]) + if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then + _LT_TAGVAR([lt_cv_aix_libpath_], [$1])="/usr/lib:/lib" + fi + ]) + aix_libpath=$_LT_TAGVAR([lt_cv_aix_libpath_], [$1]) +fi +])# _LT_SYS_MODULE_PATH_AIX + + +# _LT_SHELL_INIT(ARG) +# ------------------- +m4_define([_LT_SHELL_INIT], +[m4_divert_text([M4SH-INIT], [$1 +])])# _LT_SHELL_INIT + + + +# _LT_PROG_ECHO_BACKSLASH +# ----------------------- +# Find how we can fake an echo command that does not interpret backslash. +# In particular, with Autoconf 2.60 or later we add some code to the start +# of the generated configure script which will find a shell with a builtin +# printf (which we can use as an echo command). +m4_defun([_LT_PROG_ECHO_BACKSLASH], +[ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO +ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO + +AC_MSG_CHECKING([how to print strings]) +# Test print first, because it will be a builtin if present. +if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \ + test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then + ECHO='print -r --' +elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then + ECHO='printf %s\n' +else + # Use this function as a fallback that always works. + func_fallback_echo () + { + eval 'cat <<_LTECHO_EOF +$[]1 +_LTECHO_EOF' + } + ECHO='func_fallback_echo' +fi + +# func_echo_all arg... +# Invoke $ECHO with all args, space-separated. +func_echo_all () +{ + $ECHO "$*" +} + +case "$ECHO" in + printf*) AC_MSG_RESULT([printf]) ;; + print*) AC_MSG_RESULT([print -r]) ;; + *) AC_MSG_RESULT([cat]) ;; +esac + +m4_ifdef([_AS_DETECT_SUGGESTED], +[_AS_DETECT_SUGGESTED([ + test -n "${ZSH_VERSION+set}${BASH_VERSION+set}" || ( + ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' + ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO + ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO + PATH=/empty FPATH=/empty; export PATH FPATH + test "X`printf %s $ECHO`" = "X$ECHO" \ + || test "X`print -r -- $ECHO`" = "X$ECHO" )])]) + +_LT_DECL([], [SHELL], [1], [Shell to use when invoking shell scripts]) +_LT_DECL([], [ECHO], [1], [An echo program that protects backslashes]) +])# _LT_PROG_ECHO_BACKSLASH + + +# _LT_WITH_SYSROOT +# ---------------- +AC_DEFUN([_LT_WITH_SYSROOT], +[AC_MSG_CHECKING([for sysroot]) +AC_ARG_WITH([sysroot], +[ --with-sysroot[=DIR] Search for dependent libraries within DIR + (or the compiler's sysroot if not specified).], +[], [with_sysroot=no]) + +dnl lt_sysroot will always be passed unquoted. We quote it here +dnl in case the user passed a directory name. +lt_sysroot= +case ${with_sysroot} in #( + yes) + if test "$GCC" = yes; then + lt_sysroot=`$CC --print-sysroot 2>/dev/null` + fi + ;; #( + /*) + lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` + ;; #( + no|'') + ;; #( + *) + AC_MSG_RESULT([${with_sysroot}]) + AC_MSG_ERROR([The sysroot must be an absolute path.]) + ;; +esac + + AC_MSG_RESULT([${lt_sysroot:-no}]) +_LT_DECL([], [lt_sysroot], [0], [The root where to search for ]dnl +[dependent libraries, and in which our libraries should be installed.])]) + +# _LT_ENABLE_LOCK +# --------------- +m4_defun([_LT_ENABLE_LOCK], +[AC_ARG_ENABLE([libtool-lock], + [AS_HELP_STRING([--disable-libtool-lock], + [avoid locking (might break parallel builds)])]) +test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes + +# Some flags need to be propagated to the compiler or linker for good +# libtool support. +case $host in +ia64-*-hpux*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if AC_TRY_EVAL(ac_compile); then + case `/usr/bin/file conftest.$ac_objext` in + *ELF-32*) + HPUX_IA64_MODE="32" + ;; + *ELF-64*) + HPUX_IA64_MODE="64" + ;; + esac + fi + rm -rf conftest* + ;; +*-*-irix6*) + # Find out which ABI we are using. + echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext + if AC_TRY_EVAL(ac_compile); then + if test "$lt_cv_prog_gnu_ld" = yes; then + case `/usr/bin/file conftest.$ac_objext` in + *32-bit*) + LD="${LD-ld} -melf32bsmip" + ;; + *N32*) + LD="${LD-ld} -melf32bmipn32" + ;; + *64-bit*) + LD="${LD-ld} -melf64bmip" + ;; + esac + else + case `/usr/bin/file conftest.$ac_objext` in + *32-bit*) + LD="${LD-ld} -32" + ;; + *N32*) + LD="${LD-ld} -n32" + ;; + *64-bit*) + LD="${LD-ld} -64" + ;; + esac + fi + fi + rm -rf conftest* + ;; + +x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ +s390*-*linux*|s390*-*tpf*|sparc*-*linux*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if AC_TRY_EVAL(ac_compile); then + case `/usr/bin/file conftest.o` in + *32-bit*) + case $host in + x86_64-*kfreebsd*-gnu) + LD="${LD-ld} -m elf_i386_fbsd" + ;; + x86_64-*linux*) + LD="${LD-ld} -m elf_i386" + ;; + ppc64-*linux*|powerpc64-*linux*) + LD="${LD-ld} -m elf32ppclinux" + ;; + s390x-*linux*) + LD="${LD-ld} -m elf_s390" + ;; + sparc64-*linux*) + LD="${LD-ld} -m elf32_sparc" + ;; + esac + ;; + *64-bit*) + case $host in + x86_64-*kfreebsd*-gnu) + LD="${LD-ld} -m elf_x86_64_fbsd" + ;; + x86_64-*linux*) + LD="${LD-ld} -m elf_x86_64" + ;; + ppc*-*linux*|powerpc*-*linux*) + LD="${LD-ld} -m elf64ppc" + ;; + s390*-*linux*|s390*-*tpf*) + LD="${LD-ld} -m elf64_s390" + ;; + sparc*-*linux*) + LD="${LD-ld} -m elf64_sparc" + ;; + esac + ;; + esac + fi + rm -rf conftest* + ;; + +*-*-sco3.2v5*) + # On SCO OpenServer 5, we need -belf to get full-featured binaries. + SAVE_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -belf" + AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf, + [AC_LANG_PUSH(C) + AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],[[]])],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no]) + AC_LANG_POP]) + if test x"$lt_cv_cc_needs_belf" != x"yes"; then + # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf + CFLAGS="$SAVE_CFLAGS" + fi + ;; +sparc*-*solaris*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if AC_TRY_EVAL(ac_compile); then + case `/usr/bin/file conftest.o` in + *64-bit*) + case $lt_cv_prog_gnu_ld in + yes*) LD="${LD-ld} -m elf64_sparc" ;; + *) + if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then + LD="${LD-ld} -64" + fi + ;; + esac + ;; + esac + fi + rm -rf conftest* + ;; +esac + +need_locks="$enable_libtool_lock" +])# _LT_ENABLE_LOCK + + +# _LT_PROG_AR +# ----------- +m4_defun([_LT_PROG_AR], +[AC_CHECK_TOOLS(AR, [ar], false) +: ${AR=ar} +: ${AR_FLAGS=cru} +_LT_DECL([], [AR], [1], [The archiver]) +_LT_DECL([], [AR_FLAGS], [1], [Flags to create an archive]) + +AC_CACHE_CHECK([for archiver @FILE support], [lt_cv_ar_at_file], + [lt_cv_ar_at_file=no + AC_COMPILE_IFELSE([AC_LANG_PROGRAM], + [echo conftest.$ac_objext > conftest.lst + lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&AS_MESSAGE_LOG_FD' + AC_TRY_EVAL([lt_ar_try]) + if test "$ac_status" -eq 0; then + # Ensure the archiver fails upon bogus file names. + rm -f conftest.$ac_objext libconftest.a + AC_TRY_EVAL([lt_ar_try]) + if test "$ac_status" -ne 0; then + lt_cv_ar_at_file=@ + fi + fi + rm -f conftest.* libconftest.a + ]) + ]) + +if test "x$lt_cv_ar_at_file" = xno; then + archiver_list_spec= +else + archiver_list_spec=$lt_cv_ar_at_file +fi +_LT_DECL([], [archiver_list_spec], [1], + [How to feed a file listing to the archiver]) +])# _LT_PROG_AR + + +# _LT_CMD_OLD_ARCHIVE +# ------------------- +m4_defun([_LT_CMD_OLD_ARCHIVE], +[_LT_PROG_AR + +AC_CHECK_TOOL(STRIP, strip, :) +test -z "$STRIP" && STRIP=: +_LT_DECL([], [STRIP], [1], [A symbol stripping program]) + +AC_CHECK_TOOL(RANLIB, ranlib, :) +test -z "$RANLIB" && RANLIB=: +_LT_DECL([], [RANLIB], [1], + [Commands used to install an old-style archive]) + +# Determine commands to create old-style static archives. +old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs' +old_postinstall_cmds='chmod 644 $oldlib' +old_postuninstall_cmds= + +if test -n "$RANLIB"; then + case $host_os in + openbsd*) + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" + ;; + *) + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" + ;; + esac + old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" +fi + +case $host_os in + darwin*) + lock_old_archive_extraction=yes ;; + *) + lock_old_archive_extraction=no ;; +esac +_LT_DECL([], [old_postinstall_cmds], [2]) +_LT_DECL([], [old_postuninstall_cmds], [2]) +_LT_TAGDECL([], [old_archive_cmds], [2], + [Commands used to build an old-style archive]) +_LT_DECL([], [lock_old_archive_extraction], [0], + [Whether to use a lock for old archive extraction]) +])# _LT_CMD_OLD_ARCHIVE + + +# _LT_COMPILER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS, +# [OUTPUT-FILE], [ACTION-SUCCESS], [ACTION-FAILURE]) +# ---------------------------------------------------------------- +# Check whether the given compiler option works +AC_DEFUN([_LT_COMPILER_OPTION], +[m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_DECL_SED])dnl +AC_CACHE_CHECK([$1], [$2], + [$2=no + m4_if([$4], , [ac_outfile=conftest.$ac_objext], [ac_outfile=$4]) + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + lt_compiler_flag="$3" + # Insert the option either (1) after the last *FLAGS variable, or + # (2) before a word containing "conftest.", or (3) at the end. + # Note that $ac_compile itself does not contain backslashes and begins + # with a dollar sign (not a hyphen), so the echo should work correctly. + # The option is referenced via a variable to avoid confusing sed. + lt_compile=`echo "$ac_compile" | $SED \ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` + (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD) + (eval "$lt_compile" 2>conftest.err) + ac_status=$? + cat conftest.err >&AS_MESSAGE_LOG_FD + echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD + if (exit $ac_status) && test -s "$ac_outfile"; then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings other than the usual output. + $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then + $2=yes + fi + fi + $RM conftest* +]) + +if test x"[$]$2" = xyes; then + m4_if([$5], , :, [$5]) +else + m4_if([$6], , :, [$6]) +fi +])# _LT_COMPILER_OPTION + +# Old name: +AU_ALIAS([AC_LIBTOOL_COMPILER_OPTION], [_LT_COMPILER_OPTION]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_COMPILER_OPTION], []) + + +# _LT_LINKER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS, +# [ACTION-SUCCESS], [ACTION-FAILURE]) +# ---------------------------------------------------- +# Check whether the given linker option works +AC_DEFUN([_LT_LINKER_OPTION], +[m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_DECL_SED])dnl +AC_CACHE_CHECK([$1], [$2], + [$2=no + save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $3" + echo "$lt_simple_link_test_code" > conftest.$ac_ext + if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then + # The linker can only warn and ignore the option if not recognized + # So say no if there are warnings + if test -s conftest.err; then + # Append any errors to the config.log. + cat conftest.err 1>&AS_MESSAGE_LOG_FD + $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if diff conftest.exp conftest.er2 >/dev/null; then + $2=yes + fi + else + $2=yes + fi + fi + $RM -r conftest* + LDFLAGS="$save_LDFLAGS" +]) + +if test x"[$]$2" = xyes; then + m4_if([$4], , :, [$4]) +else + m4_if([$5], , :, [$5]) +fi +])# _LT_LINKER_OPTION + +# Old name: +AU_ALIAS([AC_LIBTOOL_LINKER_OPTION], [_LT_LINKER_OPTION]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_LINKER_OPTION], []) + + +# LT_CMD_MAX_LEN +#--------------- +AC_DEFUN([LT_CMD_MAX_LEN], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +# find the maximum length of command line arguments +AC_MSG_CHECKING([the maximum length of command line arguments]) +AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl + i=0 + teststring="ABCD" + + case $build_os in + msdosdjgpp*) + # On DJGPP, this test can blow up pretty badly due to problems in libc + # (any single argument exceeding 2000 bytes causes a buffer overrun + # during glob expansion). Even if it were fixed, the result of this + # check would be larger than it should be. + lt_cv_sys_max_cmd_len=12288; # 12K is about right + ;; + + gnu*) + # Under GNU Hurd, this test is not required because there is + # no limit to the length of command line arguments. + # Libtool will interpret -1 as no limit whatsoever + lt_cv_sys_max_cmd_len=-1; + ;; + + cygwin* | mingw* | cegcc*) + # On Win9x/ME, this test blows up -- it succeeds, but takes + # about 5 minutes as the teststring grows exponentially. + # Worse, since 9x/ME are not pre-emptively multitasking, + # you end up with a "frozen" computer, even though with patience + # the test eventually succeeds (with a max line length of 256k). + # Instead, let's just punt: use the minimum linelength reported by + # all of the supported platforms: 8192 (on NT/2K/XP). + lt_cv_sys_max_cmd_len=8192; + ;; + + mint*) + # On MiNT this can take a long time and run out of memory. + lt_cv_sys_max_cmd_len=8192; + ;; + + amigaos*) + # On AmigaOS with pdksh, this test takes hours, literally. + # So we just punt and use a minimum line length of 8192. + lt_cv_sys_max_cmd_len=8192; + ;; + + netbsd* | freebsd* | openbsd* | darwin* | dragonfly*) + # This has been around since 386BSD, at least. Likely further. + if test -x /sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` + elif test -x /usr/sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` + else + lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs + fi + # And add a safety zone + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` + ;; + + interix*) + # We know the value 262144 and hardcode it with a safety zone (like BSD) + lt_cv_sys_max_cmd_len=196608 + ;; + + osf*) + # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure + # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not + # nice to cause kernel panics so lets avoid the loop below. + # First set a reasonable default. + lt_cv_sys_max_cmd_len=16384 + # + if test -x /sbin/sysconfig; then + case `/sbin/sysconfig -q proc exec_disable_arg_limit` in + *1*) lt_cv_sys_max_cmd_len=-1 ;; + esac + fi + ;; + sco3.2v5*) + lt_cv_sys_max_cmd_len=102400 + ;; + sysv5* | sco5v6* | sysv4.2uw2*) + kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` + if test -n "$kargmax"; then + lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[[ ]]//'` + else + lt_cv_sys_max_cmd_len=32768 + fi + ;; + *) + lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` + if test -n "$lt_cv_sys_max_cmd_len"; then + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` + else + # Make teststring a little bigger before we do anything with it. + # a 1K string should be a reasonable start. + for i in 1 2 3 4 5 6 7 8 ; do + teststring=$teststring$teststring + done + SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} + # If test is not a shell built-in, we'll probably end up computing a + # maximum length that is only half of the actual maximum length, but + # we can't tell. + while { test "X"`func_fallback_echo "$teststring$teststring" 2>/dev/null` \ + = "X$teststring$teststring"; } >/dev/null 2>&1 && + test $i != 17 # 1/2 MB should be enough + do + i=`expr $i + 1` + teststring=$teststring$teststring + done + # Only check the string length outside the loop. + lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1` + teststring= + # Add a significant safety factor because C++ compilers can tack on + # massive amounts of additional arguments before passing them to the + # linker. It appears as though 1/2 is a usable value. + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` + fi + ;; + esac +]) +if test -n $lt_cv_sys_max_cmd_len ; then + AC_MSG_RESULT($lt_cv_sys_max_cmd_len) +else + AC_MSG_RESULT(none) +fi +max_cmd_len=$lt_cv_sys_max_cmd_len +_LT_DECL([], [max_cmd_len], [0], + [What is the maximum length of a command?]) +])# LT_CMD_MAX_LEN + +# Old name: +AU_ALIAS([AC_LIBTOOL_SYS_MAX_CMD_LEN], [LT_CMD_MAX_LEN]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN], []) + + +# _LT_HEADER_DLFCN +# ---------------- +m4_defun([_LT_HEADER_DLFCN], +[AC_CHECK_HEADERS([dlfcn.h], [], [], [AC_INCLUDES_DEFAULT])dnl +])# _LT_HEADER_DLFCN + + +# _LT_TRY_DLOPEN_SELF (ACTION-IF-TRUE, ACTION-IF-TRUE-W-USCORE, +# ACTION-IF-FALSE, ACTION-IF-CROSS-COMPILING) +# ---------------------------------------------------------------- +m4_defun([_LT_TRY_DLOPEN_SELF], +[m4_require([_LT_HEADER_DLFCN])dnl +if test "$cross_compiling" = yes; then : + [$4] +else + lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 + lt_status=$lt_dlunknown + cat > conftest.$ac_ext <<_LT_EOF +[#line $LINENO "configure" +#include "confdefs.h" + +#if HAVE_DLFCN_H +#include +#endif + +#include + +#ifdef RTLD_GLOBAL +# define LT_DLGLOBAL RTLD_GLOBAL +#else +# ifdef DL_GLOBAL +# define LT_DLGLOBAL DL_GLOBAL +# else +# define LT_DLGLOBAL 0 +# endif +#endif + +/* We may have to define LT_DLLAZY_OR_NOW in the command line if we + find out it does not work in some platform. */ +#ifndef LT_DLLAZY_OR_NOW +# ifdef RTLD_LAZY +# define LT_DLLAZY_OR_NOW RTLD_LAZY +# else +# ifdef DL_LAZY +# define LT_DLLAZY_OR_NOW DL_LAZY +# else +# ifdef RTLD_NOW +# define LT_DLLAZY_OR_NOW RTLD_NOW +# else +# ifdef DL_NOW +# define LT_DLLAZY_OR_NOW DL_NOW +# else +# define LT_DLLAZY_OR_NOW 0 +# endif +# endif +# endif +# endif +#endif + +/* When -fvisbility=hidden is used, assume the code has been annotated + correspondingly for the symbols needed. */ +#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) +int fnord () __attribute__((visibility("default"))); +#endif + +int fnord () { return 42; } +int main () +{ + void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); + int status = $lt_dlunknown; + + if (self) + { + if (dlsym (self,"fnord")) status = $lt_dlno_uscore; + else + { + if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; + else puts (dlerror ()); + } + /* dlclose (self); */ + } + else + puts (dlerror ()); + + return status; +}] +_LT_EOF + if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext} 2>/dev/null; then + (./conftest; exit; ) >&AS_MESSAGE_LOG_FD 2>/dev/null + lt_status=$? + case x$lt_status in + x$lt_dlno_uscore) $1 ;; + x$lt_dlneed_uscore) $2 ;; + x$lt_dlunknown|x*) $3 ;; + esac + else : + # compilation failed + $3 + fi +fi +rm -fr conftest* +])# _LT_TRY_DLOPEN_SELF + + +# LT_SYS_DLOPEN_SELF +# ------------------ +AC_DEFUN([LT_SYS_DLOPEN_SELF], +[m4_require([_LT_HEADER_DLFCN])dnl +if test "x$enable_dlopen" != xyes; then + enable_dlopen=unknown + enable_dlopen_self=unknown + enable_dlopen_self_static=unknown +else + lt_cv_dlopen=no + lt_cv_dlopen_libs= + + case $host_os in + beos*) + lt_cv_dlopen="load_add_on" + lt_cv_dlopen_libs= + lt_cv_dlopen_self=yes + ;; + + mingw* | pw32* | cegcc*) + lt_cv_dlopen="LoadLibrary" + lt_cv_dlopen_libs= + ;; + + cygwin*) + lt_cv_dlopen="dlopen" + lt_cv_dlopen_libs= + ;; + + darwin*) + # if libdl is installed we need to link against it + AC_CHECK_LIB([dl], [dlopen], + [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],[ + lt_cv_dlopen="dyld" + lt_cv_dlopen_libs= + lt_cv_dlopen_self=yes + ]) + ;; + + *) + AC_CHECK_FUNC([shl_load], + [lt_cv_dlopen="shl_load"], + [AC_CHECK_LIB([dld], [shl_load], + [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"], + [AC_CHECK_FUNC([dlopen], + [lt_cv_dlopen="dlopen"], + [AC_CHECK_LIB([dl], [dlopen], + [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"], + [AC_CHECK_LIB([svld], [dlopen], + [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"], + [AC_CHECK_LIB([dld], [dld_link], + [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"]) + ]) + ]) + ]) + ]) + ]) + ;; + esac + + if test "x$lt_cv_dlopen" != xno; then + enable_dlopen=yes + else + enable_dlopen=no + fi + + case $lt_cv_dlopen in + dlopen) + save_CPPFLAGS="$CPPFLAGS" + test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H" + + save_LDFLAGS="$LDFLAGS" + wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\" + + save_LIBS="$LIBS" + LIBS="$lt_cv_dlopen_libs $LIBS" + + AC_CACHE_CHECK([whether a program can dlopen itself], + lt_cv_dlopen_self, [dnl + _LT_TRY_DLOPEN_SELF( + lt_cv_dlopen_self=yes, lt_cv_dlopen_self=yes, + lt_cv_dlopen_self=no, lt_cv_dlopen_self=cross) + ]) + + if test "x$lt_cv_dlopen_self" = xyes; then + wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\" + AC_CACHE_CHECK([whether a statically linked program can dlopen itself], + lt_cv_dlopen_self_static, [dnl + _LT_TRY_DLOPEN_SELF( + lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=yes, + lt_cv_dlopen_self_static=no, lt_cv_dlopen_self_static=cross) + ]) + fi + + CPPFLAGS="$save_CPPFLAGS" + LDFLAGS="$save_LDFLAGS" + LIBS="$save_LIBS" + ;; + esac + + case $lt_cv_dlopen_self in + yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;; + *) enable_dlopen_self=unknown ;; + esac + + case $lt_cv_dlopen_self_static in + yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;; + *) enable_dlopen_self_static=unknown ;; + esac +fi +_LT_DECL([dlopen_support], [enable_dlopen], [0], + [Whether dlopen is supported]) +_LT_DECL([dlopen_self], [enable_dlopen_self], [0], + [Whether dlopen of programs is supported]) +_LT_DECL([dlopen_self_static], [enable_dlopen_self_static], [0], + [Whether dlopen of statically linked programs is supported]) +])# LT_SYS_DLOPEN_SELF + +# Old name: +AU_ALIAS([AC_LIBTOOL_DLOPEN_SELF], [LT_SYS_DLOPEN_SELF]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_DLOPEN_SELF], []) + + +# _LT_COMPILER_C_O([TAGNAME]) +# --------------------------- +# Check to see if options -c and -o are simultaneously supported by compiler. +# This macro does not hard code the compiler like AC_PROG_CC_C_O. +m4_defun([_LT_COMPILER_C_O], +[m4_require([_LT_DECL_SED])dnl +m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_TAG_COMPILER])dnl +AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext], + [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)], + [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=no + $RM -r conftest 2>/dev/null + mkdir conftest + cd conftest + mkdir out + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + + lt_compiler_flag="-o out/conftest2.$ac_objext" + # Insert the option either (1) after the last *FLAGS variable, or + # (2) before a word containing "conftest.", or (3) at the end. + # Note that $ac_compile itself does not contain backslashes and begins + # with a dollar sign (not a hyphen), so the echo should work correctly. + lt_compile=`echo "$ac_compile" | $SED \ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` + (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD) + (eval "$lt_compile" 2>out/conftest.err) + ac_status=$? + cat out/conftest.err >&AS_MESSAGE_LOG_FD + echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD + if (exit $ac_status) && test -s out/conftest2.$ac_objext + then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings + $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp + $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 + if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then + _LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes + fi + fi + chmod u+w . 2>&AS_MESSAGE_LOG_FD + $RM conftest* + # SGI C++ compiler will create directory out/ii_files/ for + # template instantiation + test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files + $RM out/* && rmdir out + cd .. + $RM -r conftest + $RM conftest* +]) +_LT_TAGDECL([compiler_c_o], [lt_cv_prog_compiler_c_o], [1], + [Does compiler simultaneously support -c and -o options?]) +])# _LT_COMPILER_C_O + + +# _LT_COMPILER_FILE_LOCKS([TAGNAME]) +# ---------------------------------- +# Check to see if we can do hard links to lock some files if needed +m4_defun([_LT_COMPILER_FILE_LOCKS], +[m4_require([_LT_ENABLE_LOCK])dnl +m4_require([_LT_FILEUTILS_DEFAULTS])dnl +_LT_COMPILER_C_O([$1]) + +hard_links="nottested" +if test "$_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)" = no && test "$need_locks" != no; then + # do not overwrite the value of need_locks provided by the user + AC_MSG_CHECKING([if we can lock with hard links]) + hard_links=yes + $RM conftest* + ln conftest.a conftest.b 2>/dev/null && hard_links=no + touch conftest.a + ln conftest.a conftest.b 2>&5 || hard_links=no + ln conftest.a conftest.b 2>/dev/null && hard_links=no + AC_MSG_RESULT([$hard_links]) + if test "$hard_links" = no; then + AC_MSG_WARN([`$CC' does not support `-c -o', so `make -j' may be unsafe]) + need_locks=warn + fi +else + need_locks=no +fi +_LT_DECL([], [need_locks], [1], [Must we lock files when doing compilation?]) +])# _LT_COMPILER_FILE_LOCKS + + +# _LT_CHECK_OBJDIR +# ---------------- +m4_defun([_LT_CHECK_OBJDIR], +[AC_CACHE_CHECK([for objdir], [lt_cv_objdir], +[rm -f .libs 2>/dev/null +mkdir .libs 2>/dev/null +if test -d .libs; then + lt_cv_objdir=.libs +else + # MS-DOS does not allow filenames that begin with a dot. + lt_cv_objdir=_libs +fi +rmdir .libs 2>/dev/null]) +objdir=$lt_cv_objdir +_LT_DECL([], [objdir], [0], + [The name of the directory that contains temporary libtool files])dnl +m4_pattern_allow([LT_OBJDIR])dnl +AC_DEFINE_UNQUOTED(LT_OBJDIR, "$lt_cv_objdir/", + [Define to the sub-directory in which libtool stores uninstalled libraries.]) +])# _LT_CHECK_OBJDIR + + +# _LT_LINKER_HARDCODE_LIBPATH([TAGNAME]) +# -------------------------------------- +# Check hardcoding attributes. +m4_defun([_LT_LINKER_HARDCODE_LIBPATH], +[AC_MSG_CHECKING([how to hardcode library paths into programs]) +_LT_TAGVAR(hardcode_action, $1)= +if test -n "$_LT_TAGVAR(hardcode_libdir_flag_spec, $1)" || + test -n "$_LT_TAGVAR(runpath_var, $1)" || + test "X$_LT_TAGVAR(hardcode_automatic, $1)" = "Xyes" ; then + + # We can hardcode non-existent directories. + if test "$_LT_TAGVAR(hardcode_direct, $1)" != no && + # If the only mechanism to avoid hardcoding is shlibpath_var, we + # have to relink, otherwise we might link with an installed library + # when we should be linking with a yet-to-be-installed one + ## test "$_LT_TAGVAR(hardcode_shlibpath_var, $1)" != no && + test "$_LT_TAGVAR(hardcode_minus_L, $1)" != no; then + # Linking always hardcodes the temporary library directory. + _LT_TAGVAR(hardcode_action, $1)=relink + else + # We can link without hardcoding, and we can hardcode nonexisting dirs. + _LT_TAGVAR(hardcode_action, $1)=immediate + fi +else + # We cannot hardcode anything, or else we can only hardcode existing + # directories. + _LT_TAGVAR(hardcode_action, $1)=unsupported +fi +AC_MSG_RESULT([$_LT_TAGVAR(hardcode_action, $1)]) + +if test "$_LT_TAGVAR(hardcode_action, $1)" = relink || + test "$_LT_TAGVAR(inherit_rpath, $1)" = yes; then + # Fast installation is not supported + enable_fast_install=no +elif test "$shlibpath_overrides_runpath" = yes || + test "$enable_shared" = no; then + # Fast installation is not necessary + enable_fast_install=needless +fi +_LT_TAGDECL([], [hardcode_action], [0], + [How to hardcode a shared library path into an executable]) +])# _LT_LINKER_HARDCODE_LIBPATH + + +# _LT_CMD_STRIPLIB +# ---------------- +m4_defun([_LT_CMD_STRIPLIB], +[m4_require([_LT_DECL_EGREP]) +striplib= +old_striplib= +AC_MSG_CHECKING([whether stripping libraries is possible]) +if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then + test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" + test -z "$striplib" && striplib="$STRIP --strip-unneeded" + AC_MSG_RESULT([yes]) +else +# FIXME - insert some real tests, host_os isn't really good enough + case $host_os in + darwin*) + if test -n "$STRIP" ; then + striplib="$STRIP -x" + old_striplib="$STRIP -S" + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + fi + ;; + *) + AC_MSG_RESULT([no]) + ;; + esac +fi +_LT_DECL([], [old_striplib], [1], [Commands to strip libraries]) +_LT_DECL([], [striplib], [1]) +])# _LT_CMD_STRIPLIB + + +# _LT_SYS_DYNAMIC_LINKER([TAG]) +# ----------------------------- +# PORTME Fill in your ld.so characteristics +m4_defun([_LT_SYS_DYNAMIC_LINKER], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +m4_require([_LT_DECL_EGREP])dnl +m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_DECL_OBJDUMP])dnl +m4_require([_LT_DECL_SED])dnl +m4_require([_LT_CHECK_SHELL_FEATURES])dnl +AC_MSG_CHECKING([dynamic linker characteristics]) +m4_if([$1], + [], [ +if test "$GCC" = yes; then + case $host_os in + darwin*) lt_awk_arg="/^libraries:/,/LR/" ;; + *) lt_awk_arg="/^libraries:/" ;; + esac + case $host_os in + mingw* | cegcc*) lt_sed_strip_eq="s,=\([[A-Za-z]]:\),\1,g" ;; + *) lt_sed_strip_eq="s,=/,/,g" ;; + esac + lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq` + case $lt_search_path_spec in + *\;*) + # if the path contains ";" then we assume it to be the separator + # otherwise default to the standard path separator (i.e. ":") - it is + # assumed that no part of a normal pathname contains ";" but that should + # okay in the real world where ";" in dirpaths is itself problematic. + lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'` + ;; + *) + lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"` + ;; + esac + # Ok, now we have the path, separated by spaces, we can step through it + # and add multilib dir if necessary. + lt_tmp_lt_search_path_spec= + lt_multi_os_dir=`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null` + for lt_sys_path in $lt_search_path_spec; do + if test -d "$lt_sys_path/$lt_multi_os_dir"; then + lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path/$lt_multi_os_dir" + else + test -d "$lt_sys_path" && \ + lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path" + fi + done + lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk ' +BEGIN {RS=" "; FS="/|\n";} { + lt_foo=""; + lt_count=0; + for (lt_i = NF; lt_i > 0; lt_i--) { + if ($lt_i != "" && $lt_i != ".") { + if ($lt_i == "..") { + lt_count++; + } else { + if (lt_count == 0) { + lt_foo="/" $lt_i lt_foo; + } else { + lt_count--; + } + } + } + } + if (lt_foo != "") { lt_freq[[lt_foo]]++; } + if (lt_freq[[lt_foo]] == 1) { print lt_foo; } +}'` + # AWK program above erroneously prepends '/' to C:/dos/paths + # for these hosts. + case $host_os in + mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\ + $SED 's,/\([[A-Za-z]]:\),\1,g'` ;; + esac + sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP` +else + sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" +fi]) +library_names_spec= +libname_spec='lib$name' +soname_spec= +shrext_cmds=".so" +postinstall_cmds= +postuninstall_cmds= +finish_cmds= +finish_eval= +shlibpath_var= +shlibpath_overrides_runpath=unknown +version_type=none +dynamic_linker="$host_os ld.so" +sys_lib_dlsearch_path_spec="/lib /usr/lib" +need_lib_prefix=unknown +hardcode_into_libs=no + +# when you set need_version to no, make sure it does not cause -set_version +# flags to be left without arguments +need_version=unknown + +case $host_os in +aix3*) + version_type=linux + library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' + shlibpath_var=LIBPATH + + # AIX 3 has no versioning support, so we append a major version to the name. + soname_spec='${libname}${release}${shared_ext}$major' + ;; + +aix[[4-9]]*) + version_type=linux + need_lib_prefix=no + need_version=no + hardcode_into_libs=yes + if test "$host_cpu" = ia64; then + # AIX 5 supports IA64 + library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + else + # With GCC up to 2.95.x, collect2 would create an import file + # for dependence libraries. The import file would start with + # the line `#! .'. This would cause the generated library to + # depend on `.', always an invalid library. This was fixed in + # development snapshots of GCC prior to 3.0. + case $host_os in + aix4 | aix4.[[01]] | aix4.[[01]].*) + if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' + echo ' yes ' + echo '#endif'; } | ${CC} -E - | $GREP yes > /dev/null; then + : + else + can_build_shared=no + fi + ;; + esac + # AIX (on Power*) has no versioning support, so currently we can not hardcode correct + # soname into executable. Probably we can add versioning support to + # collect2, so additional links can be useful in future. + if test "$aix_use_runtimelinking" = yes; then + # If using run time linking (on AIX 4.2 or later) use lib.so + # instead of lib.a to let people know that these are not + # typical AIX shared libraries. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + else + # We preserve .a as extension for shared libraries through AIX4.2 + # and later when we are not doing run time linking. + library_names_spec='${libname}${release}.a $libname.a' + soname_spec='${libname}${release}${shared_ext}$major' + fi + shlibpath_var=LIBPATH + fi + ;; + +amigaos*) + case $host_cpu in + powerpc) + # Since July 2007 AmigaOS4 officially supports .so libraries. + # When compiling the executable, add -use-dynld -Lsobjs: to the compileline. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + ;; + m68k) + library_names_spec='$libname.ixlibrary $libname.a' + # Create ${libname}_ixlibrary.a entries in /sys/libs. + finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' + ;; + esac + ;; + +beos*) + library_names_spec='${libname}${shared_ext}' + dynamic_linker="$host_os ld.so" + shlibpath_var=LIBRARY_PATH + ;; + +bsdi[[45]]*) + version_type=linux + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' + shlibpath_var=LD_LIBRARY_PATH + sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" + sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" + # the default ld.so.conf also contains /usr/contrib/lib and + # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow + # libtool to hard-code these into programs + ;; + +cygwin* | mingw* | pw32* | cegcc*) + version_type=windows + shrext_cmds=".dll" + need_version=no + need_lib_prefix=no + + case $GCC,$cc_basename in + yes,*) + # gcc + library_names_spec='$libname.dll.a' + # DLL is installed to $(libdir)/../bin by postinstall_cmds + postinstall_cmds='base_file=`basename \${file}`~ + dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ + dldir=$destdir/`dirname \$dlpath`~ + test -d \$dldir || mkdir -p \$dldir~ + $install_prog $dir/$dlname \$dldir/$dlname~ + chmod a+x \$dldir/$dlname~ + if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then + eval '\''$striplib \$dldir/$dlname'\'' || exit \$?; + fi' + postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ + dlpath=$dir/\$dldll~ + $RM \$dlpath' + shlibpath_overrides_runpath=yes + + case $host_os in + cygwin*) + # Cygwin DLLs use 'cyg' prefix rather than 'lib' + soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' +m4_if([$1], [],[ + sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"]) + ;; + mingw* | cegcc*) + # MinGW DLLs use traditional 'lib' prefix + soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' + ;; + pw32*) + # pw32 DLLs use 'pw' prefix rather than 'lib' + library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' + ;; + esac + dynamic_linker='Win32 ld.exe' + ;; + + *,cl*) + # Native MSVC + libname_spec='$name' + soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' + library_names_spec='${libname}.dll.lib' + + case $build_os in + mingw*) + sys_lib_search_path_spec= + lt_save_ifs=$IFS + IFS=';' + for lt_path in $LIB + do + IFS=$lt_save_ifs + # Let DOS variable expansion print the short 8.3 style file name. + lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"` + sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path" + done + IFS=$lt_save_ifs + # Convert to MSYS style. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([[a-zA-Z]]\\):| /\\1|g' -e 's|^ ||'` + ;; + cygwin*) + # Convert to unix form, then to dos form, then back to unix form + # but this time dos style (no spaces!) so that the unix form looks + # like /cygdrive/c/PROGRA~1:/cygdr... + sys_lib_search_path_spec=`cygpath --path --unix "$LIB"` + sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null` + sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + ;; + *) + sys_lib_search_path_spec="$LIB" + if $ECHO "$sys_lib_search_path_spec" | [$GREP ';[c-zC-Z]:/' >/dev/null]; then + # It is most probably a Windows format PATH. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` + else + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + fi + # FIXME: find the short name or the path components, as spaces are + # common. (e.g. "Program Files" -> "PROGRA~1") + ;; + esac + + # DLL is installed to $(libdir)/../bin by postinstall_cmds + postinstall_cmds='base_file=`basename \${file}`~ + dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ + dldir=$destdir/`dirname \$dlpath`~ + test -d \$dldir || mkdir -p \$dldir~ + $install_prog $dir/$dlname \$dldir/$dlname' + postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ + dlpath=$dir/\$dldll~ + $RM \$dlpath' + shlibpath_overrides_runpath=yes + dynamic_linker='Win32 link.exe' + ;; + + *) + # Assume MSVC wrapper + library_names_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext} $libname.lib' + dynamic_linker='Win32 ld.exe' + ;; + esac + # FIXME: first we should search . and the directory the executable is in + shlibpath_var=PATH + ;; + +darwin* | rhapsody*) + dynamic_linker="$host_os dyld" + version_type=darwin + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext' + soname_spec='${libname}${release}${major}$shared_ext' + shlibpath_overrides_runpath=yes + shlibpath_var=DYLD_LIBRARY_PATH + shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' +m4_if([$1], [],[ + sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib"]) + sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' + ;; + +dgux*) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + ;; + +freebsd1*) + dynamic_linker=no + ;; + +freebsd* | dragonfly*) + # DragonFly does not have aout. When/if they implement a new + # versioning mechanism, adjust this. + if test -x /usr/bin/objformat; then + objformat=`/usr/bin/objformat` + else + case $host_os in + freebsd[[123]]*) objformat=aout ;; + *) objformat=elf ;; + esac + fi + version_type=freebsd-$objformat + case $version_type in + freebsd-elf*) + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' + need_version=no + need_lib_prefix=no + ;; + freebsd-*) + library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' + need_version=yes + ;; + esac + shlibpath_var=LD_LIBRARY_PATH + case $host_os in + freebsd2*) + shlibpath_overrides_runpath=yes + ;; + freebsd3.[[01]]* | freebsdelf3.[[01]]*) + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + ;; + freebsd3.[[2-9]]* | freebsdelf3.[[2-9]]* | \ + freebsd4.[[0-5]] | freebsdelf4.[[0-5]] | freebsd4.1.1 | freebsdelf4.1.1) + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + ;; + *) # from 4.6 on, and DragonFly + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + ;; + esac + ;; + +gnu*) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + hardcode_into_libs=yes + ;; + +haiku*) + version_type=linux + need_lib_prefix=no + need_version=no + dynamic_linker="$host_os runtime_loader" + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LIBRARY_PATH + shlibpath_overrides_runpath=yes + sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib' + hardcode_into_libs=yes + ;; + +hpux9* | hpux10* | hpux11*) + # Give a soname corresponding to the major version so that dld.sl refuses to + # link against other versions. + version_type=sunos + need_lib_prefix=no + need_version=no + case $host_cpu in + ia64*) + shrext_cmds='.so' + hardcode_into_libs=yes + dynamic_linker="$host_os dld.so" + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + if test "X$HPUX_IA64_MODE" = X32; then + sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" + else + sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" + fi + sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec + ;; + hppa*64*) + shrext_cmds='.sl' + hardcode_into_libs=yes + dynamic_linker="$host_os dld.sl" + shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH + shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" + sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec + ;; + *) + shrext_cmds='.sl' + dynamic_linker="$host_os dld.sl" + shlibpath_var=SHLIB_PATH + shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + ;; + esac + # HP-UX runs *really* slowly unless shared libraries are mode 555, ... + postinstall_cmds='chmod 555 $lib' + # or fails outright, so override atomically: + install_override_mode=555 + ;; + +interix[[3-9]]*) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + ;; + +irix5* | irix6* | nonstopux*) + case $host_os in + nonstopux*) version_type=nonstopux ;; + *) + if test "$lt_cv_prog_gnu_ld" = yes; then + version_type=linux + else + version_type=irix + fi ;; + esac + need_lib_prefix=no + need_version=no + soname_spec='${libname}${release}${shared_ext}$major' + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' + case $host_os in + irix5* | nonstopux*) + libsuff= shlibsuff= + ;; + *) + case $LD in # libtool.m4 will add one of these switches to LD + *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") + libsuff= shlibsuff= libmagic=32-bit;; + *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") + libsuff=32 shlibsuff=N32 libmagic=N32;; + *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") + libsuff=64 shlibsuff=64 libmagic=64-bit;; + *) libsuff= shlibsuff= libmagic=never-match;; + esac + ;; + esac + shlibpath_var=LD_LIBRARY${shlibsuff}_PATH + shlibpath_overrides_runpath=no + sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" + sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" + hardcode_into_libs=yes + ;; + +# No shared lib support for Linux oldld, aout, or coff. +linux*oldld* | linux*aout* | linux*coff*) + dynamic_linker=no + ;; + +# This must be Linux ELF. +linux* | k*bsd*-gnu | kopensolaris*-gnu) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + + # Some binutils ld are patched to set DT_RUNPATH + AC_CACHE_VAL([lt_cv_shlibpath_overrides_runpath], + [lt_cv_shlibpath_overrides_runpath=no + save_LDFLAGS=$LDFLAGS + save_libdir=$libdir + eval "libdir=/foo; wl=\"$_LT_TAGVAR(lt_prog_compiler_wl, $1)\"; \ + LDFLAGS=\"\$LDFLAGS $_LT_TAGVAR(hardcode_libdir_flag_spec, $1)\"" + AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])], + [AS_IF([ ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null], + [lt_cv_shlibpath_overrides_runpath=yes])]) + LDFLAGS=$save_LDFLAGS + libdir=$save_libdir + ]) + shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath + + # This implies no fast_install, which is unacceptable. + # Some rework will be needed to allow for fast_install + # before this can be enabled. + hardcode_into_libs=yes + + # Append ld.so.conf contents to the search path + if test -f /etc/ld.so.conf; then + lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '` + sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" + fi + + # We used to test for /lib/ld.so.1 and disable shared libraries on + # powerpc, because MkLinux only supported shared libraries with the + # GNU dynamic linker. Since this was broken with cross compilers, + # most powerpc-linux boxes support dynamic linking these days and + # people can always --disable-shared, the test was removed, and we + # assume the GNU/Linux dynamic linker is in use. + dynamic_linker='GNU/Linux ld.so' + ;; + +netbsd*) + version_type=sunos + need_lib_prefix=no + need_version=no + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' + finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' + dynamic_linker='NetBSD (a.out) ld.so' + else + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + dynamic_linker='NetBSD ld.elf_so' + fi + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + ;; + +newsos6) + version_type=linux + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + ;; + +*nto* | *qnx*) + version_type=qnx + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + dynamic_linker='ldqnx.so' + ;; + +openbsd*) + version_type=sunos + sys_lib_dlsearch_path_spec="/usr/lib" + need_lib_prefix=no + # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. + case $host_os in + openbsd3.3 | openbsd3.3.*) need_version=yes ;; + *) need_version=no ;; + esac + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' + finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' + shlibpath_var=LD_LIBRARY_PATH + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + case $host_os in + openbsd2.[[89]] | openbsd2.[[89]].*) + shlibpath_overrides_runpath=no + ;; + *) + shlibpath_overrides_runpath=yes + ;; + esac + else + shlibpath_overrides_runpath=yes + fi + ;; + +os2*) + libname_spec='$name' + shrext_cmds=".dll" + need_lib_prefix=no + library_names_spec='$libname${shared_ext} $libname.a' + dynamic_linker='OS/2 ld.exe' + shlibpath_var=LIBPATH + ;; + +osf3* | osf4* | osf5*) + version_type=osf + need_lib_prefix=no + need_version=no + soname_spec='${libname}${release}${shared_ext}$major' + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" + sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" + ;; + +rdos*) + dynamic_linker=no + ;; + +solaris*) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + # ldd complains unless libraries are executable + postinstall_cmds='chmod +x $lib' + ;; + +sunos4*) + version_type=sunos + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' + finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + if test "$with_gnu_ld" = yes; then + need_lib_prefix=no + fi + need_version=yes + ;; + +sysv4 | sysv4.3*) + version_type=linux + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + case $host_vendor in + sni) + shlibpath_overrides_runpath=no + need_lib_prefix=no + runpath_var=LD_RUN_PATH + ;; + siemens) + need_lib_prefix=no + ;; + motorola) + need_lib_prefix=no + need_version=no + shlibpath_overrides_runpath=no + sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' + ;; + esac + ;; + +sysv4*MP*) + if test -d /usr/nec ;then + version_type=linux + library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' + soname_spec='$libname${shared_ext}.$major' + shlibpath_var=LD_LIBRARY_PATH + fi + ;; + +sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) + version_type=freebsd-elf + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + if test "$with_gnu_ld" = yes; then + sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' + else + sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' + case $host_os in + sco3.2v5*) + sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" + ;; + esac + fi + sys_lib_dlsearch_path_spec='/usr/lib' + ;; + +tpf*) + # TPF is a cross-target only. Preferred cross-host = GNU/Linux. + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + ;; + +uts4*) + version_type=linux + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + ;; + +*) + dynamic_linker=no + ;; +esac +AC_MSG_RESULT([$dynamic_linker]) +test "$dynamic_linker" = no && can_build_shared=no + +variables_saved_for_relink="PATH $shlibpath_var $runpath_var" +if test "$GCC" = yes; then + variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" +fi + +if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then + sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" +fi +if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then + sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" +fi + +_LT_DECL([], [variables_saved_for_relink], [1], + [Variables whose values should be saved in libtool wrapper scripts and + restored at link time]) +_LT_DECL([], [need_lib_prefix], [0], + [Do we need the "lib" prefix for modules?]) +_LT_DECL([], [need_version], [0], [Do we need a version for libraries?]) +_LT_DECL([], [version_type], [0], [Library versioning type]) +_LT_DECL([], [runpath_var], [0], [Shared library runtime path variable]) +_LT_DECL([], [shlibpath_var], [0],[Shared library path variable]) +_LT_DECL([], [shlibpath_overrides_runpath], [0], + [Is shlibpath searched before the hard-coded library search path?]) +_LT_DECL([], [libname_spec], [1], [Format of library name prefix]) +_LT_DECL([], [library_names_spec], [1], + [[List of archive names. First name is the real one, the rest are links. + The last name is the one that the linker finds with -lNAME]]) +_LT_DECL([], [soname_spec], [1], + [[The coded name of the library, if different from the real name]]) +_LT_DECL([], [install_override_mode], [1], + [Permission mode override for installation of shared libraries]) +_LT_DECL([], [postinstall_cmds], [2], + [Command to use after installation of a shared archive]) +_LT_DECL([], [postuninstall_cmds], [2], + [Command to use after uninstallation of a shared archive]) +_LT_DECL([], [finish_cmds], [2], + [Commands used to finish a libtool library installation in a directory]) +_LT_DECL([], [finish_eval], [1], + [[As "finish_cmds", except a single script fragment to be evaled but + not shown]]) +_LT_DECL([], [hardcode_into_libs], [0], + [Whether we should hardcode library paths into libraries]) +_LT_DECL([], [sys_lib_search_path_spec], [2], + [Compile-time system search path for libraries]) +_LT_DECL([], [sys_lib_dlsearch_path_spec], [2], + [Run-time system search path for libraries]) +])# _LT_SYS_DYNAMIC_LINKER + + +# _LT_PATH_TOOL_PREFIX(TOOL) +# -------------------------- +# find a file program which can recognize shared library +AC_DEFUN([_LT_PATH_TOOL_PREFIX], +[m4_require([_LT_DECL_EGREP])dnl +AC_MSG_CHECKING([for $1]) +AC_CACHE_VAL(lt_cv_path_MAGIC_CMD, +[case $MAGIC_CMD in +[[\\/*] | ?:[\\/]*]) + lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path. + ;; +*) + lt_save_MAGIC_CMD="$MAGIC_CMD" + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR +dnl $ac_dummy forces splitting on constant user-supplied paths. +dnl POSIX.2 word splitting is done only on the output of word expansions, +dnl not every word. This closes a longstanding sh security hole. + ac_dummy="m4_if([$2], , $PATH, [$2])" + for ac_dir in $ac_dummy; do + IFS="$lt_save_ifs" + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$1; then + lt_cv_path_MAGIC_CMD="$ac_dir/$1" + if test -n "$file_magic_test_file"; then + case $deplibs_check_method in + "file_magic "*) + file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"` + MAGIC_CMD="$lt_cv_path_MAGIC_CMD" + if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null | + $EGREP "$file_magic_regex" > /dev/null; then + : + else + cat <<_LT_EOF 1>&2 + +*** Warning: the command libtool uses to detect shared libraries, +*** $file_magic_cmd, produces output that libtool cannot recognize. +*** The result is that libtool may fail to recognize shared libraries +*** as such. This will affect the creation of libtool libraries that +*** depend on shared libraries, but programs linked with such libtool +*** libraries will work regardless of this problem. Nevertheless, you +*** may want to report the problem to your system manager and/or to +*** bug-libtool@gnu.org + +_LT_EOF + fi ;; + esac + fi + break + fi + done + IFS="$lt_save_ifs" + MAGIC_CMD="$lt_save_MAGIC_CMD" + ;; +esac]) +MAGIC_CMD="$lt_cv_path_MAGIC_CMD" +if test -n "$MAGIC_CMD"; then + AC_MSG_RESULT($MAGIC_CMD) +else + AC_MSG_RESULT(no) +fi +_LT_DECL([], [MAGIC_CMD], [0], + [Used to examine libraries when file_magic_cmd begins with "file"])dnl +])# _LT_PATH_TOOL_PREFIX + +# Old name: +AU_ALIAS([AC_PATH_TOOL_PREFIX], [_LT_PATH_TOOL_PREFIX]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_PATH_TOOL_PREFIX], []) + + +# _LT_PATH_MAGIC +# -------------- +# find a file program which can recognize a shared library +m4_defun([_LT_PATH_MAGIC], +[_LT_PATH_TOOL_PREFIX(${ac_tool_prefix}file, /usr/bin$PATH_SEPARATOR$PATH) +if test -z "$lt_cv_path_MAGIC_CMD"; then + if test -n "$ac_tool_prefix"; then + _LT_PATH_TOOL_PREFIX(file, /usr/bin$PATH_SEPARATOR$PATH) + else + MAGIC_CMD=: + fi +fi +])# _LT_PATH_MAGIC + + +# LT_PATH_LD +# ---------- +# find the pathname to the GNU or non-GNU linker +AC_DEFUN([LT_PATH_LD], +[AC_REQUIRE([AC_PROG_CC])dnl +AC_REQUIRE([AC_CANONICAL_HOST])dnl +AC_REQUIRE([AC_CANONICAL_BUILD])dnl +m4_require([_LT_DECL_SED])dnl +m4_require([_LT_DECL_EGREP])dnl +m4_require([_LT_PROG_ECHO_BACKSLASH])dnl + +AC_ARG_WITH([gnu-ld], + [AS_HELP_STRING([--with-gnu-ld], + [assume the C compiler uses GNU ld @<:@default=no@:>@])], + [test "$withval" = no || with_gnu_ld=yes], + [with_gnu_ld=no])dnl + +ac_prog=ld +if test "$GCC" = yes; then + # Check if gcc -print-prog-name=ld gives a path. + AC_MSG_CHECKING([for ld used by $CC]) + case $host in + *-*-mingw*) + # gcc leaves a trailing carriage return which upsets mingw + ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; + *) + ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; + esac + case $ac_prog in + # Accept absolute paths. + [[\\/]]* | ?:[[\\/]]*) + re_direlt='/[[^/]][[^/]]*/\.\./' + # Canonicalize the pathname of ld + ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'` + while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do + ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"` + done + test -z "$LD" && LD="$ac_prog" + ;; + "") + # If it fails, then pretend we aren't using GCC. + ac_prog=ld + ;; + *) + # If it is relative, then search for the first ld in PATH. + with_gnu_ld=unknown + ;; + esac +elif test "$with_gnu_ld" = yes; then + AC_MSG_CHECKING([for GNU ld]) +else + AC_MSG_CHECKING([for non-GNU ld]) +fi +AC_CACHE_VAL(lt_cv_path_LD, +[if test -z "$LD"; then + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR + for ac_dir in $PATH; do + IFS="$lt_save_ifs" + test -z "$ac_dir" && ac_dir=. + if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then + lt_cv_path_LD="$ac_dir/$ac_prog" + # Check to see if the program is GNU ld. I'd rather use --version, + # but apparently some variants of GNU ld only accept -v. + # Break only if it was the GNU/non-GNU ld that we prefer. + case `"$lt_cv_path_LD" -v 2>&1 &1 /dev/null 2>&1; then + lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' + lt_cv_file_magic_cmd='func_win32_libid' + else + # Keep this pattern in sync with the one in func_win32_libid. + lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' + lt_cv_file_magic_cmd='$OBJDUMP -f' + fi + ;; + +cegcc*) + # use the weaker test based on 'objdump'. See mingw*. + lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?' + lt_cv_file_magic_cmd='$OBJDUMP -f' + ;; + +darwin* | rhapsody*) + lt_cv_deplibs_check_method=pass_all + ;; + +freebsd* | dragonfly*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then + case $host_cpu in + i*86 ) + # Not sure whether the presence of OpenBSD here was a mistake. + # Let's accept both of them until this is cleared up. + lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library' + lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` + ;; + esac + else + lt_cv_deplibs_check_method=pass_all + fi + ;; + +gnu*) + lt_cv_deplibs_check_method=pass_all + ;; + +haiku*) + lt_cv_deplibs_check_method=pass_all + ;; + +hpux10.20* | hpux11*) + lt_cv_file_magic_cmd=/usr/bin/file + case $host_cpu in + ia64*) + lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64' + lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so + ;; + hppa*64*) + [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]'] + lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl + ;; + *) + lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]]\.[[0-9]]) shared library' + lt_cv_file_magic_test_file=/usr/lib/libc.sl + ;; + esac + ;; + +interix[[3-9]]*) + # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|\.a)$' + ;; + +irix5* | irix6* | nonstopux*) + case $LD in + *-32|*"-32 ") libmagic=32-bit;; + *-n32|*"-n32 ") libmagic=N32;; + *-64|*"-64 ") libmagic=64-bit;; + *) libmagic=never-match;; + esac + lt_cv_deplibs_check_method=pass_all + ;; + +# This must be Linux ELF. +linux* | k*bsd*-gnu | kopensolaris*-gnu) + lt_cv_deplibs_check_method=pass_all + ;; + +netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' + else + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|_pic\.a)$' + fi + ;; + +newos6*) + lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)' + lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_test_file=/usr/lib/libnls.so + ;; + +*nto* | *qnx*) + lt_cv_deplibs_check_method=pass_all + ;; + +openbsd*) + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$' + else + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' + fi + ;; + +osf3* | osf4* | osf5*) + lt_cv_deplibs_check_method=pass_all + ;; + +rdos*) + lt_cv_deplibs_check_method=pass_all + ;; + +solaris*) + lt_cv_deplibs_check_method=pass_all + ;; + +sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) + lt_cv_deplibs_check_method=pass_all + ;; + +sysv4 | sysv4.3*) + case $host_vendor in + motorola) + lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib) M[[0-9]][[0-9]]* Version [[0-9]]' + lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` + ;; + ncr) + lt_cv_deplibs_check_method=pass_all + ;; + sequent) + lt_cv_file_magic_cmd='/bin/file' + lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )' + ;; + sni) + lt_cv_file_magic_cmd='/bin/file' + lt_cv_deplibs_check_method="file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB dynamic lib" + lt_cv_file_magic_test_file=/lib/libc.so + ;; + siemens) + lt_cv_deplibs_check_method=pass_all + ;; + pc) + lt_cv_deplibs_check_method=pass_all + ;; + esac + ;; + +tpf*) + lt_cv_deplibs_check_method=pass_all + ;; +esac +]) + +file_magic_glob= +want_nocaseglob=no +if test "$build" = "$host"; then + case $host_os in + mingw* | pw32*) + if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then + want_nocaseglob=yes + else + file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[[\1]]\/[[\1]]\/g;/g"` + fi + ;; + esac +fi + +file_magic_cmd=$lt_cv_file_magic_cmd +deplibs_check_method=$lt_cv_deplibs_check_method +test -z "$deplibs_check_method" && deplibs_check_method=unknown + +_LT_DECL([], [deplibs_check_method], [1], + [Method to check whether dependent libraries are shared objects]) +_LT_DECL([], [file_magic_cmd], [1], + [Command to use when deplibs_check_method = "file_magic"]) +_LT_DECL([], [file_magic_glob], [1], + [How to find potential files when deplibs_check_method = "file_magic"]) +_LT_DECL([], [want_nocaseglob], [1], + [Find potential files using nocaseglob when deplibs_check_method = "file_magic"]) +])# _LT_CHECK_MAGIC_METHOD + + +# LT_PATH_NM +# ---------- +# find the pathname to a BSD- or MS-compatible name lister +AC_DEFUN([LT_PATH_NM], +[AC_REQUIRE([AC_PROG_CC])dnl +AC_CACHE_CHECK([for BSD- or MS-compatible name lister (nm)], lt_cv_path_NM, +[if test -n "$NM"; then + # Let the user override the test. + lt_cv_path_NM="$NM" +else + lt_nm_to_check="${ac_tool_prefix}nm" + if test -n "$ac_tool_prefix" && test "$build" = "$host"; then + lt_nm_to_check="$lt_nm_to_check nm" + fi + for lt_tmp_nm in $lt_nm_to_check; do + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR + for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do + IFS="$lt_save_ifs" + test -z "$ac_dir" && ac_dir=. + tmp_nm="$ac_dir/$lt_tmp_nm" + if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then + # Check to see if the nm accepts a BSD-compat flag. + # Adding the `sed 1q' prevents false positives on HP-UX, which says: + # nm: unknown option "B" ignored + # Tru64's nm complains that /dev/null is an invalid object file + case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in + */dev/null* | *'Invalid file or object type'*) + lt_cv_path_NM="$tmp_nm -B" + break + ;; + *) + case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in + */dev/null*) + lt_cv_path_NM="$tmp_nm -p" + break + ;; + *) + lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but + continue # so that we can try to find one that supports BSD flags + ;; + esac + ;; + esac + fi + done + IFS="$lt_save_ifs" + done + : ${lt_cv_path_NM=no} +fi]) +if test "$lt_cv_path_NM" != "no"; then + NM="$lt_cv_path_NM" +else + # Didn't find any BSD compatible name lister, look for dumpbin. + if test -n "$DUMPBIN"; then : + # Let the user override the test. + else + AC_CHECK_TOOLS(DUMPBIN, [dumpbin "link -dump"], :) + case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in + *COFF*) + DUMPBIN="$DUMPBIN -symbols" + ;; + *) + DUMPBIN=: + ;; + esac + fi + AC_SUBST([DUMPBIN]) + if test "$DUMPBIN" != ":"; then + NM="$DUMPBIN" + fi +fi +test -z "$NM" && NM=nm +AC_SUBST([NM]) +_LT_DECL([], [NM], [1], [A BSD- or MS-compatible name lister])dnl + +AC_CACHE_CHECK([the name lister ($NM) interface], [lt_cv_nm_interface], + [lt_cv_nm_interface="BSD nm" + echo "int some_variable = 0;" > conftest.$ac_ext + (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&AS_MESSAGE_LOG_FD) + (eval "$ac_compile" 2>conftest.err) + cat conftest.err >&AS_MESSAGE_LOG_FD + (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&AS_MESSAGE_LOG_FD) + (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) + cat conftest.err >&AS_MESSAGE_LOG_FD + (eval echo "\"\$as_me:$LINENO: output\"" >&AS_MESSAGE_LOG_FD) + cat conftest.out >&AS_MESSAGE_LOG_FD + if $GREP 'External.*some_variable' conftest.out > /dev/null; then + lt_cv_nm_interface="MS dumpbin" + fi + rm -f conftest*]) +])# LT_PATH_NM + +# Old names: +AU_ALIAS([AM_PROG_NM], [LT_PATH_NM]) +AU_ALIAS([AC_PROG_NM], [LT_PATH_NM]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AM_PROG_NM], []) +dnl AC_DEFUN([AC_PROG_NM], []) + +# _LT_CHECK_SHAREDLIB_FROM_LINKLIB +# -------------------------------- +# how to determine the name of the shared library +# associated with a specific link library. +# -- PORTME fill in with the dynamic library characteristics +m4_defun([_LT_CHECK_SHAREDLIB_FROM_LINKLIB], +[m4_require([_LT_DECL_EGREP]) +m4_require([_LT_DECL_OBJDUMP]) +m4_require([_LT_DECL_DLLTOOL]) +AC_CACHE_CHECK([how to associate runtime and link libraries], +lt_cv_sharedlib_from_linklib_cmd, +[lt_cv_sharedlib_from_linklib_cmd='unknown' + +case $host_os in +cygwin* | mingw* | pw32* | cegcc*) + # two different shell functions defined in ltmain.sh + # decide which to use based on capabilities of $DLLTOOL + case `$DLLTOOL --help 2>&1` in + *--identify-strict*) + lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib + ;; + *) + lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback + ;; + esac + ;; +*) + # fallback: assume linklib IS sharedlib + lt_cv_sharedlib_from_linklib_cmd="$ECHO" + ;; +esac +]) +sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd +test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO + +_LT_DECL([], [sharedlib_from_linklib_cmd], [1], + [Command to associate shared and link libraries]) +])# _LT_CHECK_SHAREDLIB_FROM_LINKLIB + + +# _LT_PATH_MANIFEST_TOOL +# ---------------------- +# locate the manifest tool +m4_defun([_LT_PATH_MANIFEST_TOOL], +[AC_CHECK_TOOL(MANIFEST_TOOL, mt, :) +test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt +AC_CACHE_CHECK([if $MANIFEST_TOOL is a manifest tool], [lt_cv_path_mainfest_tool], + [lt_cv_path_mainfest_tool=no + echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&AS_MESSAGE_LOG_FD + $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out + cat conftest.err >&AS_MESSAGE_LOG_FD + if $GREP 'Manifest Tool' conftest.out > /dev/null; then + lt_cv_path_mainfest_tool=yes + fi + rm -f conftest*]) +if test "x$lt_cv_path_mainfest_tool" != xyes; then + MANIFEST_TOOL=: +fi +_LT_DECL([], [MANIFEST_TOOL], [1], [Manifest tool])dnl +])# _LT_PATH_MANIFEST_TOOL + + +# LT_LIB_M +# -------- +# check for math library +AC_DEFUN([LT_LIB_M], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +LIBM= +case $host in +*-*-beos* | *-*-cegcc* | *-*-cygwin* | *-*-haiku* | *-*-pw32* | *-*-darwin*) + # These system don't have libm, or don't need it + ;; +*-ncr-sysv4.3*) + AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM="-lmw") + AC_CHECK_LIB(m, cos, LIBM="$LIBM -lm") + ;; +*) + AC_CHECK_LIB(m, cos, LIBM="-lm") + ;; +esac +AC_SUBST([LIBM]) +])# LT_LIB_M + +# Old name: +AU_ALIAS([AC_CHECK_LIBM], [LT_LIB_M]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_CHECK_LIBM], []) + + +# _LT_COMPILER_NO_RTTI([TAGNAME]) +# ------------------------------- +m4_defun([_LT_COMPILER_NO_RTTI], +[m4_require([_LT_TAG_COMPILER])dnl + +_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)= + +if test "$GCC" = yes; then + case $cc_basename in + nvcc*) + _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -Xcompiler -fno-builtin' ;; + *) + _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' ;; + esac + + _LT_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions], + lt_cv_prog_compiler_rtti_exceptions, + [-fno-rtti -fno-exceptions], [], + [_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)="$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) -fno-rtti -fno-exceptions"]) +fi +_LT_TAGDECL([no_builtin_flag], [lt_prog_compiler_no_builtin_flag], [1], + [Compiler flag to turn off builtin functions]) +])# _LT_COMPILER_NO_RTTI + + +# _LT_CMD_GLOBAL_SYMBOLS +# ---------------------- +m4_defun([_LT_CMD_GLOBAL_SYMBOLS], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +AC_REQUIRE([AC_PROG_CC])dnl +AC_REQUIRE([AC_PROG_AWK])dnl +AC_REQUIRE([LT_PATH_NM])dnl +AC_REQUIRE([LT_PATH_LD])dnl +m4_require([_LT_DECL_SED])dnl +m4_require([_LT_DECL_EGREP])dnl +m4_require([_LT_TAG_COMPILER])dnl + +# Check for command to grab the raw symbol name followed by C symbol from nm. +AC_MSG_CHECKING([command to parse $NM output from $compiler object]) +AC_CACHE_VAL([lt_cv_sys_global_symbol_pipe], +[ +# These are sane defaults that work on at least a few old systems. +# [They come from Ultrix. What could be older than Ultrix?!! ;)] + +# Character class describing NM global symbol codes. +symcode='[[BCDEGRST]]' + +# Regexp to match symbols that can be accessed directly from C. +sympat='\([[_A-Za-z]][[_A-Za-z0-9]]*\)' + +# Define system-specific variables. +case $host_os in +aix*) + symcode='[[BCDT]]' + ;; +cygwin* | mingw* | pw32* | cegcc*) + symcode='[[ABCDGISTW]]' + ;; +hpux*) + if test "$host_cpu" = ia64; then + symcode='[[ABCDEGRST]]' + fi + ;; +irix* | nonstopux*) + symcode='[[BCDEGRST]]' + ;; +osf*) + symcode='[[BCDEGQRST]]' + ;; +solaris*) + symcode='[[BDRT]]' + ;; +sco3.2v5*) + symcode='[[DT]]' + ;; +sysv4.2uw2*) + symcode='[[DT]]' + ;; +sysv5* | sco5v6* | unixware* | OpenUNIX*) + symcode='[[ABDT]]' + ;; +sysv4) + symcode='[[DFNSTU]]' + ;; +esac + +# If we're using GNU nm, then use its standard symbol codes. +case `$NM -V 2>&1` in +*GNU* | *'with BFD'*) + symcode='[[ABCDGIRSTW]]' ;; +esac + +# Transform an extracted symbol line into a proper C declaration. +# Some systems (esp. on ia64) link data and code symbols differently, +# so use this general approach. +lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" + +# Transform an extracted symbol line into symbol name and symbol address +lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\)[[ ]]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (void *) \&\2},/p'" +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([[^ ]]*\)[[ ]]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \(lib[[^ ]]*\)$/ {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"lib\2\", (void *) \&\2},/p'" + +# Handle CRLF in mingw tool chain +opt_cr= +case $build_os in +mingw*) + opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp + ;; +esac + +# Try without a prefix underscore, then with it. +for ac_symprfx in "" "_"; do + + # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol. + symxfrm="\\1 $ac_symprfx\\2 \\2" + + # Write the raw and C identifiers. + if test "$lt_cv_nm_interface" = "MS dumpbin"; then + # Fake it for dumpbin and say T for any non-static function + # and D for any global variable. + # Also find C++ and __fastcall symbols from MSVC++, + # which start with @ or ?. + lt_cv_sys_global_symbol_pipe="$AWK ['"\ +" {last_section=section; section=\$ 3};"\ +" /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ +" \$ 0!~/External *\|/{next};"\ +" / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ +" {if(hide[section]) next};"\ +" {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\ +" {split(\$ 0, a, /\||\r/); split(a[2], s)};"\ +" s[1]~/^[@?]/{print s[1], s[1]; next};"\ +" s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\ +" ' prfx=^$ac_symprfx]" + else + lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" + fi + lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'" + + # Check to see that the pipe works correctly. + pipe_works=no + + rm -f conftest* + cat > conftest.$ac_ext <<_LT_EOF +#ifdef __cplusplus +extern "C" { +#endif +char nm_test_var; +void nm_test_func(void); +void nm_test_func(void){} +#ifdef __cplusplus +} +#endif +int main(){nm_test_var='a';nm_test_func();return(0);} +_LT_EOF + + if AC_TRY_EVAL(ac_compile); then + # Now try to grab the symbols. + nlist=conftest.nm + if AC_TRY_EVAL(NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) && test -s "$nlist"; then + # Try sorting and uniquifying the output. + if sort "$nlist" | uniq > "$nlist"T; then + mv -f "$nlist"T "$nlist" + else + rm -f "$nlist"T + fi + + # Make sure that we snagged all the symbols we need. + if $GREP ' nm_test_var$' "$nlist" >/dev/null; then + if $GREP ' nm_test_func$' "$nlist" >/dev/null; then + cat <<_LT_EOF > conftest.$ac_ext +/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ +#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) +/* DATA imports from DLLs on WIN32 con't be const, because runtime + relocations are performed -- see ld's documentation on pseudo-relocs. */ +# define LT@&t@_DLSYM_CONST +#elif defined(__osf__) +/* This system does not cope well with relocations in const data. */ +# define LT@&t@_DLSYM_CONST +#else +# define LT@&t@_DLSYM_CONST const +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +_LT_EOF + # Now generate the symbol file. + eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext' + + cat <<_LT_EOF >> conftest.$ac_ext + +/* The mapping between symbol names and symbols. */ +LT@&t@_DLSYM_CONST struct { + const char *name; + void *address; +} +lt__PROGRAM__LTX_preloaded_symbols[[]] = +{ + { "@PROGRAM@", (void *) 0 }, +_LT_EOF + $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext + cat <<\_LT_EOF >> conftest.$ac_ext + {0, (void *) 0} +}; + +/* This works around a problem in FreeBSD linker */ +#ifdef FREEBSD_WORKAROUND +static const void *lt_preloaded_setup() { + return lt__PROGRAM__LTX_preloaded_symbols; +} +#endif + +#ifdef __cplusplus +} +#endif +_LT_EOF + # Now try linking the two files. + mv conftest.$ac_objext conftstm.$ac_objext + lt_globsym_save_LIBS=$LIBS + lt_globsym_save_CFLAGS=$CFLAGS + LIBS="conftstm.$ac_objext" + CFLAGS="$CFLAGS$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)" + if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext}; then + pipe_works=yes + fi + LIBS=$lt_globsym_save_LIBS + CFLAGS=$lt_globsym_save_CFLAGS + else + echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD + fi + else + echo "cannot find nm_test_var in $nlist" >&AS_MESSAGE_LOG_FD + fi + else + echo "cannot run $lt_cv_sys_global_symbol_pipe" >&AS_MESSAGE_LOG_FD + fi + else + echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD + cat conftest.$ac_ext >&5 + fi + rm -rf conftest* conftst* + + # Do not use the global_symbol_pipe unless it works. + if test "$pipe_works" = yes; then + break + else + lt_cv_sys_global_symbol_pipe= + fi +done +]) +if test -z "$lt_cv_sys_global_symbol_pipe"; then + lt_cv_sys_global_symbol_to_cdecl= +fi +if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then + AC_MSG_RESULT(failed) +else + AC_MSG_RESULT(ok) +fi + +# Response file support. +if test "$lt_cv_nm_interface" = "MS dumpbin"; then + nm_file_list_spec='@' +elif $NM --help 2>/dev/null | grep '[[@]]FILE' >/dev/null; then + nm_file_list_spec='@' +fi + +_LT_DECL([global_symbol_pipe], [lt_cv_sys_global_symbol_pipe], [1], + [Take the output of nm and produce a listing of raw symbols and C names]) +_LT_DECL([global_symbol_to_cdecl], [lt_cv_sys_global_symbol_to_cdecl], [1], + [Transform the output of nm in a proper C declaration]) +_LT_DECL([global_symbol_to_c_name_address], + [lt_cv_sys_global_symbol_to_c_name_address], [1], + [Transform the output of nm in a C name address pair]) +_LT_DECL([global_symbol_to_c_name_address_lib_prefix], + [lt_cv_sys_global_symbol_to_c_name_address_lib_prefix], [1], + [Transform the output of nm in a C name address pair when lib prefix is needed]) +_LT_DECL([], [nm_file_list_spec], [1], + [Specify filename containing input files for $NM]) +]) # _LT_CMD_GLOBAL_SYMBOLS + + +# _LT_COMPILER_PIC([TAGNAME]) +# --------------------------- +m4_defun([_LT_COMPILER_PIC], +[m4_require([_LT_TAG_COMPILER])dnl +_LT_TAGVAR(lt_prog_compiler_wl, $1)= +_LT_TAGVAR(lt_prog_compiler_pic, $1)= +_LT_TAGVAR(lt_prog_compiler_static, $1)= + +m4_if([$1], [CXX], [ + # C++ specific cases for pic, static, wl, etc. + if test "$GXX" = yes; then + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + + case $host_os in + aix*) + # All AIX code is PIC. + if test "$host_cpu" = ia64; then + # AIX 5 now supports IA64 processor + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + fi + ;; + + amigaos*) + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + m68k) + # FIXME: we need at least 68020 code to build shared libraries, but + # adding the `-m68020' flag to GCC prevents building anything better, + # like `-m68040'. + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4' + ;; + esac + ;; + + beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) + # PIC is the default for these OSes. + ;; + mingw* | cygwin* | os2* | pw32* | cegcc*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). + # Although the cygwin gcc ignores -fPIC, still need this for old-style + # (--disable-auto-import) libraries + m4_if([$1], [GCJ], [], + [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) + ;; + darwin* | rhapsody*) + # PIC is the default on this platform + # Common symbols not allowed in MH_DYLIB files + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' + ;; + *djgpp*) + # DJGPP does not support shared libraries at all + _LT_TAGVAR(lt_prog_compiler_pic, $1)= + ;; + haiku*) + # PIC is the default for Haiku. + # The "-static" flag exists, but is broken. + _LT_TAGVAR(lt_prog_compiler_static, $1)= + ;; + interix[[3-9]]*) + # Interix 3.x gcc -fpic/-fPIC options generate broken code. + # Instead, we relocate shared libraries at runtime. + ;; + sysv4*MP*) + if test -d /usr/nec; then + _LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic + fi + ;; + hpux*) + # PIC is the default for 64-bit PA HP-UX, but not for 32-bit + # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag + # sets the default TLS model and affects inlining. + case $host_cpu in + hppa*64*) + ;; + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + esac + ;; + *qnx* | *nto*) + # QNX uses GNU C++, but need to define -shared option too, otherwise + # it will coredump. + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' + ;; + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + esac + else + case $host_os in + aix[[4-9]]*) + # All AIX code is PIC. + if test "$host_cpu" = ia64; then + # AIX 5 now supports IA64 processor + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + else + _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' + fi + ;; + chorus*) + case $cc_basename in + cxch68*) + # Green Hills C++ Compiler + # _LT_TAGVAR(lt_prog_compiler_static, $1)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a" + ;; + esac + ;; + mingw* | cygwin* | os2* | pw32* | cegcc*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). + m4_if([$1], [GCJ], [], + [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) + ;; + dgux*) + case $cc_basename in + ec++*) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + ;; + ghcx*) + # Green Hills C++ Compiler + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' + ;; + *) + ;; + esac + ;; + freebsd* | dragonfly*) + # FreeBSD uses GNU C++ + ;; + hpux9* | hpux10* | hpux11*) + case $cc_basename in + CC*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' + if test "$host_cpu" != ia64; then + _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z' + fi + ;; + aCC*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' + case $host_cpu in + hppa*64*|ia64*) + # +Z the default + ;; + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z' + ;; + esac + ;; + *) + ;; + esac + ;; + interix*) + # This is c89, which is MS Visual C++ (no shared libs) + # Anyone wants to do a port? + ;; + irix5* | irix6* | nonstopux*) + case $cc_basename in + CC*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + # CC pic flag -KPIC is the default. + ;; + *) + ;; + esac + ;; + linux* | k*bsd*-gnu | kopensolaris*-gnu) + case $cc_basename in + KCC*) + # KAI C++ Compiler + _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + ecpc* ) + # old Intel C++ for x86_64 which still supported -KPIC. + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; + icpc* ) + # Intel C++, used to be incompatible with GCC. + # ICC 10 doesn't accept -KPIC any more. + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; + pgCC* | pgcpp*) + # Portland Group C++ compiler + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + cxx*) + # Compaq C++ + # Make sure the PIC flag is empty. It appears that all Alpha + # Linux and Compaq Tru64 Unix objects are PIC. + _LT_TAGVAR(lt_prog_compiler_pic, $1)= + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + ;; + xlc* | xlC* | bgxl[[cC]]* | mpixl[[cC]]*) + # IBM XL 8.0, 9.0 on PPC and BlueGene + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink' + ;; + *) + case `$CC -V 2>&1 | sed 5q` in + *Sun\ C*) + # Sun C++ 5.9 + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' + ;; + esac + ;; + esac + ;; + lynxos*) + ;; + m88k*) + ;; + mvs*) + case $cc_basename in + cxx*) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-W c,exportall' + ;; + *) + ;; + esac + ;; + netbsd*) + ;; + *qnx* | *nto*) + # QNX uses GNU C++, but need to define -shared option too, otherwise + # it will coredump. + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' + ;; + osf3* | osf4* | osf5*) + case $cc_basename in + KCC*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,' + ;; + RCC*) + # Rational C++ 2.4.1 + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' + ;; + cxx*) + # Digital/Compaq C++ + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + # Make sure the PIC flag is empty. It appears that all Alpha + # Linux and Compaq Tru64 Unix objects are PIC. + _LT_TAGVAR(lt_prog_compiler_pic, $1)= + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + ;; + *) + ;; + esac + ;; + psos*) + ;; + solaris*) + case $cc_basename in + CC* | sunCC*) + # Sun C++ 4.2, 5.x and Centerline C++ + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' + ;; + gcx*) + # Green Hills C++ Compiler + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' + ;; + *) + ;; + esac + ;; + sunos4*) + case $cc_basename in + CC*) + # Sun C++ 4.x + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + lcc*) + # Lucid + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' + ;; + *) + ;; + esac + ;; + sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) + case $cc_basename in + CC*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + esac + ;; + tandem*) + case $cc_basename in + NCC*) + # NonStop-UX NCC 3.20 + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + ;; + *) + ;; + esac + ;; + vxworks*) + ;; + *) + _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no + ;; + esac + fi +], +[ + if test "$GCC" = yes; then + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + + case $host_os in + aix*) + # All AIX code is PIC. + if test "$host_cpu" = ia64; then + # AIX 5 now supports IA64 processor + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + fi + ;; + + amigaos*) + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + m68k) + # FIXME: we need at least 68020 code to build shared libraries, but + # adding the `-m68020' flag to GCC prevents building anything better, + # like `-m68040'. + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4' + ;; + esac + ;; + + beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) + # PIC is the default for these OSes. + ;; + + mingw* | cygwin* | pw32* | os2* | cegcc*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). + # Although the cygwin gcc ignores -fPIC, still need this for old-style + # (--disable-auto-import) libraries + m4_if([$1], [GCJ], [], + [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) + ;; + + darwin* | rhapsody*) + # PIC is the default on this platform + # Common symbols not allowed in MH_DYLIB files + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' + ;; + + haiku*) + # PIC is the default for Haiku. + # The "-static" flag exists, but is broken. + _LT_TAGVAR(lt_prog_compiler_static, $1)= + ;; + + hpux*) + # PIC is the default for 64-bit PA HP-UX, but not for 32-bit + # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag + # sets the default TLS model and affects inlining. + case $host_cpu in + hppa*64*) + # +Z the default + ;; + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + esac + ;; + + interix[[3-9]]*) + # Interix 3.x gcc -fpic/-fPIC options generate broken code. + # Instead, we relocate shared libraries at runtime. + ;; + + msdosdjgpp*) + # Just because we use GCC doesn't mean we suddenly get shared libraries + # on systems that don't support them. + _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no + enable_shared=no + ;; + + *nto* | *qnx*) + # QNX uses GNU C++, but need to define -shared option too, otherwise + # it will coredump. + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' + ;; + + sysv4*MP*) + if test -d /usr/nec; then + _LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic + fi + ;; + + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + ;; + esac + + case $cc_basename in + nvcc*) # Cuda Compiler Driver 2.2 + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Xlinker ' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-Xcompiler -fPIC' + ;; + esac + else + # PORTME Check for flag to pass linker flags through the system compiler. + case $host_os in + aix*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + if test "$host_cpu" = ia64; then + # AIX 5 now supports IA64 processor + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + else + _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' + fi + ;; + + mingw* | cygwin* | pw32* | os2* | cegcc*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). + m4_if([$1], [GCJ], [], + [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) + ;; + + hpux9* | hpux10* | hpux11*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but + # not for PA HP-UX. + case $host_cpu in + hppa*64*|ia64*) + # +Z the default + ;; + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z' + ;; + esac + # Is there a better lt_prog_compiler_static that works with the bundled CC? + _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' + ;; + + irix5* | irix6* | nonstopux*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + # PIC (with -KPIC) is the default. + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + ;; + + linux* | k*bsd*-gnu | kopensolaris*-gnu) + case $cc_basename in + # old Intel for x86_64 which still supported -KPIC. + ecc*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; + # icc used to be incompatible with GCC. + # ICC 10 doesn't accept -KPIC any more. + icc* | ifort*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; + # Lahey Fortran 8.1. + lf95*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='--shared' + _LT_TAGVAR(lt_prog_compiler_static, $1)='--static' + ;; + nagfor*) + # NAG Fortran compiler + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,-Wl,,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*) + # Portland Group compilers (*not* the Pentium gcc compiler, + # which looks to be a dead project) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + ccc*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + # All Alpha code is PIC. + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + ;; + xl* | bgxl* | bgf* | mpixl*) + # IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink' + ;; + *) + case `$CC -V 2>&1 | sed 5q` in + *Sun\ F* | *Sun*Fortran*) + # Sun Fortran 8.3 passes all unrecognized flags to the linker + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + _LT_TAGVAR(lt_prog_compiler_wl, $1)='' + ;; + *Sun\ C*) + # Sun C 5.9 + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + ;; + esac + ;; + esac + ;; + + newsos6) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + + *nto* | *qnx*) + # QNX uses GNU C++, but need to define -shared option too, otherwise + # it will coredump. + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' + ;; + + osf3* | osf4* | osf5*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + # All OSF/1 code is PIC. + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + ;; + + rdos*) + _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' + ;; + + solaris*) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + case $cc_basename in + f77* | f90* | f95* | sunf77* | sunf90* | sunf95*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';; + *) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';; + esac + ;; + + sunos4*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + + sysv4 | sysv4.2uw2* | sysv4.3*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + + sysv4*MP*) + if test -d /usr/nec ;then + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-Kconform_pic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + fi + ;; + + sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + + unicos*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no + ;; + + uts4*) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; + + *) + _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no + ;; + esac + fi +]) +case $host_os in + # For platforms which do not support PIC, -DPIC is meaningless: + *djgpp*) + _LT_TAGVAR(lt_prog_compiler_pic, $1)= + ;; + *) + _LT_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])" + ;; +esac + +AC_CACHE_CHECK([for $compiler option to produce PIC], + [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)], + [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_prog_compiler_pic, $1)]) +_LT_TAGVAR(lt_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_cv_prog_compiler_pic, $1) + +# +# Check to make sure the PIC flag actually works. +# +if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then + _LT_COMPILER_OPTION([if $compiler PIC flag $_LT_TAGVAR(lt_prog_compiler_pic, $1) works], + [_LT_TAGVAR(lt_cv_prog_compiler_pic_works, $1)], + [$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])], [], + [case $_LT_TAGVAR(lt_prog_compiler_pic, $1) in + "" | " "*) ;; + *) _LT_TAGVAR(lt_prog_compiler_pic, $1)=" $_LT_TAGVAR(lt_prog_compiler_pic, $1)" ;; + esac], + [_LT_TAGVAR(lt_prog_compiler_pic, $1)= + _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no]) +fi +_LT_TAGDECL([pic_flag], [lt_prog_compiler_pic], [1], + [Additional compiler flags for building library objects]) + +_LT_TAGDECL([wl], [lt_prog_compiler_wl], [1], + [How to pass a linker flag through the compiler]) +# +# Check to make sure the static flag actually works. +# +wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_TAGVAR(lt_prog_compiler_static, $1)\" +_LT_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works], + _LT_TAGVAR(lt_cv_prog_compiler_static_works, $1), + $lt_tmp_static_flag, + [], + [_LT_TAGVAR(lt_prog_compiler_static, $1)=]) +_LT_TAGDECL([link_static_flag], [lt_prog_compiler_static], [1], + [Compiler flag to prevent dynamic linking]) +])# _LT_COMPILER_PIC + + +# _LT_LINKER_SHLIBS([TAGNAME]) +# ---------------------------- +# See if the linker supports building shared libraries. +m4_defun([_LT_LINKER_SHLIBS], +[AC_REQUIRE([LT_PATH_LD])dnl +AC_REQUIRE([LT_PATH_NM])dnl +m4_require([_LT_PATH_MANIFEST_TOOL])dnl +m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_DECL_EGREP])dnl +m4_require([_LT_DECL_SED])dnl +m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl +m4_require([_LT_TAG_COMPILER])dnl +AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) +m4_if([$1], [CXX], [ + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'] + case $host_os in + aix[[4-9]]*) + # If we're using GNU nm, then we don't want the "-C" option. + # -C means demangle to AIX nm, but means don't demangle with GNU nm + # Also, AIX nm treats weak defined symbols like other global defined + # symbols, whereas GNU nm marks them as "W". + if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then + _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' + else + _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' + fi + ;; + pw32*) + _LT_TAGVAR(export_symbols_cmds, $1)="$ltdll_cmds" + ;; + cygwin* | mingw* | cegcc*) + case $cc_basename in + cl*) ;; + *) + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' + _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'] + ;; + esac + ;; + *) + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + ;; + esac +], [ + runpath_var= + _LT_TAGVAR(allow_undefined_flag, $1)= + _LT_TAGVAR(always_export_symbols, $1)=no + _LT_TAGVAR(archive_cmds, $1)= + _LT_TAGVAR(archive_expsym_cmds, $1)= + _LT_TAGVAR(compiler_needs_object, $1)=no + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no + _LT_TAGVAR(export_dynamic_flag_spec, $1)= + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + _LT_TAGVAR(hardcode_automatic, $1)=no + _LT_TAGVAR(hardcode_direct, $1)=no + _LT_TAGVAR(hardcode_direct_absolute, $1)=no + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= + _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= + _LT_TAGVAR(hardcode_libdir_separator, $1)= + _LT_TAGVAR(hardcode_minus_L, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported + _LT_TAGVAR(inherit_rpath, $1)=no + _LT_TAGVAR(link_all_deplibs, $1)=unknown + _LT_TAGVAR(module_cmds, $1)= + _LT_TAGVAR(module_expsym_cmds, $1)= + _LT_TAGVAR(old_archive_from_new_cmds, $1)= + _LT_TAGVAR(old_archive_from_expsyms_cmds, $1)= + _LT_TAGVAR(thread_safe_flag_spec, $1)= + _LT_TAGVAR(whole_archive_flag_spec, $1)= + # include_expsyms should be a list of space-separated symbols to be *always* + # included in the symbol list + _LT_TAGVAR(include_expsyms, $1)= + # exclude_expsyms can be an extended regexp of symbols to exclude + # it will be wrapped by ` (' and `)$', so one must not match beginning or + # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', + # as well as any symbol that contains `d'. + _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'] + # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out + # platforms (ab)use it in PIC code, but their linkers get confused if + # the symbol is explicitly referenced. Since portable code cannot + # rely on this symbol name, it's probably fine to never include it in + # preloaded symbol tables. + # Exclude shared library initialization/finalization symbols. +dnl Note also adjust exclude_expsyms for C++ above. + extract_expsyms_cmds= + + case $host_os in + cygwin* | mingw* | pw32* | cegcc*) + # FIXME: the MSVC++ port hasn't been tested in a loooong time + # When not using gcc, we currently assume that we are using + # Microsoft Visual C++. + if test "$GCC" != yes; then + with_gnu_ld=no + fi + ;; + interix*) + # we just hope/assume this is gcc and not c89 (= MSVC++) + with_gnu_ld=yes + ;; + openbsd*) + with_gnu_ld=no + ;; + esac + + _LT_TAGVAR(ld_shlibs, $1)=yes + + # On some targets, GNU ld is compatible enough with the native linker + # that we're better off using the native interface for both. + lt_use_gnu_ld_interface=no + if test "$with_gnu_ld" = yes; then + case $host_os in + aix*) + # The AIX port of GNU ld has always aspired to compatibility + # with the native linker. However, as the warning in the GNU ld + # block says, versions before 2.19.5* couldn't really create working + # shared libraries, regardless of the interface used. + case `$LD -v 2>&1` in + *\ \(GNU\ Binutils\)\ 2.19.5*) ;; + *\ \(GNU\ Binutils\)\ 2.[[2-9]]*) ;; + *\ \(GNU\ Binutils\)\ [[3-9]]*) ;; + *) + lt_use_gnu_ld_interface=yes + ;; + esac + ;; + *) + lt_use_gnu_ld_interface=yes + ;; + esac + fi + + if test "$lt_use_gnu_ld_interface" = yes; then + # If archive_cmds runs LD, not CC, wlarc should be empty + wlarc='${wl}' + + # Set some defaults for GNU ld with shared library support. These + # are reset later if shared libraries are not supported. Putting them + # here allows them to be overridden if necessary. + runpath_var=LD_RUN_PATH + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + # ancient GNU ld didn't support --whole-archive et. al. + if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then + _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' + else + _LT_TAGVAR(whole_archive_flag_spec, $1)= + fi + supports_anon_versioning=no + case `$LD -v 2>&1` in + *GNU\ gold*) supports_anon_versioning=yes ;; + *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11 + *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... + *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... + *\ 2.11.*) ;; # other 2.11 versions + *) supports_anon_versioning=yes ;; + esac + + # See if GNU ld supports shared libraries. + case $host_os in + aix[[3-9]]*) + # On AIX/PPC, the GNU linker is very broken + if test "$host_cpu" != ia64; then + _LT_TAGVAR(ld_shlibs, $1)=no + cat <<_LT_EOF 1>&2 + +*** Warning: the GNU linker, at least up to release 2.19, is reported +*** to be unable to reliably create shared libraries on AIX. +*** Therefore, libtool is disabling shared libraries support. If you +*** really care for shared libraries, you may want to install binutils +*** 2.20 or above, or modify your PATH so that a non-GNU linker is found. +*** You will then need to restart the configuration process. + +_LT_EOF + fi + ;; + + amigaos*) + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='' + ;; + m68k) + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_minus_L, $1)=yes + ;; + esac + ;; + + beos*) + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + # Joseph Beckenbach says some releases of gcc + # support --undefined. This deserves some investigation. FIXME + _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + cygwin* | mingw* | pw32* | cegcc*) + # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, + # as there is no search path for DLLs. + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=no + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' + _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'] + + if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + # If the export-symbols file already is a .def file (1st line + # is EXPORTS), use it as is; otherwise, prepend... + _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + cp $export_symbols $output_objdir/$soname.def; + else + echo EXPORTS > $output_objdir/$soname.def; + cat $export_symbols >> $output_objdir/$soname.def; + fi~ + $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + haiku*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(link_all_deplibs, $1)=yes + ;; + + interix[[3-9]]*) + _LT_TAGVAR(hardcode_direct, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. + # Instead, shared libraries are loaded at an image base (0x10000000 by + # default) and relocated if they conflict, which is a slow very memory + # consuming and fragmenting process. To avoid this, we pick a random, + # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link + # time. Moving up from 0x10000000 also allows more sbrk(2) space. + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + ;; + + gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu) + tmp_diet=no + if test "$host_os" = linux-dietlibc; then + case $cc_basename in + diet\ *) tmp_diet=yes;; # linux-dietlibc with static linking (!diet-dyn) + esac + fi + if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \ + && test "$tmp_diet" = no + then + tmp_addflag=' $pic_flag' + tmp_sharedflag='-shared' + case $cc_basename,$host_cpu in + pgcc*) # Portland Group C compiler + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + tmp_addflag=' $pic_flag' + ;; + pgf77* | pgf90* | pgf95* | pgfortran*) + # Portland Group f77 and f90 compilers + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + tmp_addflag=' $pic_flag -Mnomain' ;; + ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 + tmp_addflag=' -i_dynamic' ;; + efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 + tmp_addflag=' -i_dynamic -nofor_main' ;; + ifc* | ifort*) # Intel Fortran compiler + tmp_addflag=' -nofor_main' ;; + lf95*) # Lahey Fortran 8.1 + _LT_TAGVAR(whole_archive_flag_spec, $1)= + tmp_sharedflag='--shared' ;; + xl[[cC]]* | bgxl[[cC]]* | mpixl[[cC]]*) # IBM XL C 8.0 on PPC (deal with xlf below) + tmp_sharedflag='-qmkshrobj' + tmp_addflag= ;; + nvcc*) # Cuda Compiler Driver 2.2 + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + _LT_TAGVAR(compiler_needs_object, $1)=yes + ;; + esac + case `$CC -V 2>&1 | sed 5q` in + *Sun\ C*) # Sun C 5.9 + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + _LT_TAGVAR(compiler_needs_object, $1)=yes + tmp_sharedflag='-G' ;; + *Sun\ F*) # Sun Fortran 8.3 + tmp_sharedflag='-G' ;; + esac + _LT_TAGVAR(archive_cmds, $1)='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + + if test "x$supports_anon_versioning" = xyes; then + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ + cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + echo "local: *; };" >> $output_objdir/$libname.ver~ + $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' + fi + + case $cc_basename in + xlf* | bgf* | bgxlf* | mpixlf*) + # IBM XL Fortran 10.1 on PPC cannot create shared libs itself + _LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= + _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir' + _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' + if test "x$supports_anon_versioning" = xyes; then + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ + cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + echo "local: *; };" >> $output_objdir/$libname.ver~ + $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib' + fi + ;; + esac + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' + wlarc= + else + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + fi + ;; + + solaris*) + if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then + _LT_TAGVAR(ld_shlibs, $1)=no + cat <<_LT_EOF 1>&2 + +*** Warning: The releases 2.8.* of the GNU linker cannot reliably +*** create shared libraries on Solaris systems. Therefore, libtool +*** is disabling shared libraries support. We urge you to upgrade GNU +*** binutils to release 2.9.1 or newer. Another option is to modify +*** your PATH or compiler configuration so that the native linker is +*** used, and then restart. + +_LT_EOF + elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) + case `$LD -v 2>&1` in + *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*) + _LT_TAGVAR(ld_shlibs, $1)=no + cat <<_LT_EOF 1>&2 + +*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not +*** reliably create shared libraries on SCO systems. Therefore, libtool +*** is disabling shared libraries support. We urge you to upgrade GNU +*** binutils to release 2.16.91.0.3 or newer. Another option is to modify +*** your PATH or compiler configuration so that the native linker is +*** used, and then restart. + +_LT_EOF + ;; + *) + # For security reasons, it is highly recommended that you always + # use absolute paths for naming shared libraries, and exclude the + # DT_RUNPATH tag from executables and libraries. But doing so + # requires that you compile everything twice, which is a pain. + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + ;; + + sunos4*) + _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' + wlarc= + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + *) + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + + if test "$_LT_TAGVAR(ld_shlibs, $1)" = no; then + runpath_var= + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= + _LT_TAGVAR(export_dynamic_flag_spec, $1)= + _LT_TAGVAR(whole_archive_flag_spec, $1)= + fi + else + # PORTME fill in a description of your system's linker (not GNU ld) + case $host_os in + aix3*) + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=yes + _LT_TAGVAR(archive_expsym_cmds, $1)='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' + # Note: this linker hardcodes the directories in LIBPATH if there + # are no directories specified by -L. + _LT_TAGVAR(hardcode_minus_L, $1)=yes + if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then + # Neither direct hardcoding nor static linking is supported with a + # broken collect2. + _LT_TAGVAR(hardcode_direct, $1)=unsupported + fi + ;; + + aix[[4-9]]*) + if test "$host_cpu" = ia64; then + # On IA64, the linker does run time linking by default, so we don't + # have to do anything special. + aix_use_runtimelinking=no + exp_sym_flag='-Bexport' + no_entry_flag="" + else + # If we're using GNU nm, then we don't want the "-C" option. + # -C means demangle to AIX nm, but means don't demangle with GNU nm + # Also, AIX nm treats weak defined symbols like other global + # defined symbols, whereas GNU nm marks them as "W". + if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then + _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' + else + _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' + fi + aix_use_runtimelinking=no + + # Test if we are trying to use run time linking or normal + # AIX style linking. If -brtl is somewhere in LDFLAGS, we + # need to do runtime linking. + case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*) + for ld_flag in $LDFLAGS; do + if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then + aix_use_runtimelinking=yes + break + fi + done + ;; + esac + + exp_sym_flag='-bexport' + no_entry_flag='-bnoentry' + fi + + # When large executables or shared objects are built, AIX ld can + # have problems creating the table of contents. If linking a library + # or program results in "error TOC overflow" add -mminimal-toc to + # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not + # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. + + _LT_TAGVAR(archive_cmds, $1)='' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + _LT_TAGVAR(hardcode_libdir_separator, $1)=':' + _LT_TAGVAR(link_all_deplibs, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='${wl}-f,' + + if test "$GCC" = yes; then + case $host_os in aix4.[[012]]|aix4.[[012]].*) + # We only want to do this on AIX 4.2 and lower, the check + # below for broken collect2 doesn't work under 4.3+ + collect2name=`${CC} -print-prog-name=collect2` + if test -f "$collect2name" && + strings "$collect2name" | $GREP resolve_lib_name >/dev/null + then + # We have reworked collect2 + : + else + # We have old collect2 + _LT_TAGVAR(hardcode_direct, $1)=unsupported + # It fails to find uninstalled libraries when the uninstalled + # path is not listed in the libpath. Setting hardcode_minus_L + # to unsupported forces relinking + _LT_TAGVAR(hardcode_minus_L, $1)=yes + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)= + fi + ;; + esac + shared_flag='-shared' + if test "$aix_use_runtimelinking" = yes; then + shared_flag="$shared_flag "'${wl}-G' + fi + else + # not using gcc + if test "$host_cpu" = ia64; then + # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release + # chokes on -Wl,-G. The following line is correct: + shared_flag='-G' + else + if test "$aix_use_runtimelinking" = yes; then + shared_flag='${wl}-G' + else + shared_flag='${wl}-bM:SRE' + fi + fi + fi + + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-bexpall' + # It seems that -bexpall does not export symbols beginning with + # underscore (_), so it is better to generate a list of symbols to export. + _LT_TAGVAR(always_export_symbols, $1)=yes + if test "$aix_use_runtimelinking" = yes; then + # Warning - without using the other runtime loading flags (-brtl), + # -berok will link without error, but may produce a broken library. + _LT_TAGVAR(allow_undefined_flag, $1)='-berok' + # Determine the default libpath from the value encoded in an + # empty executable. + _LT_SYS_MODULE_PATH_AIX([$1]) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" + else + if test "$host_cpu" = ia64; then + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib' + _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs" + _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" + else + # Determine the default libpath from the value encoded in an + # empty executable. + _LT_SYS_MODULE_PATH_AIX([$1]) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" + # Warning - without using the other run time loading flags, + # -berok will link without error, but may produce a broken library. + _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok' + _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok' + if test "$with_gnu_ld" = yes; then + # We only use this code for GNU lds that support --whole-archive. + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' + else + # Exported symbols can be pulled into shared objects from archives + _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience' + fi + _LT_TAGVAR(archive_cmds_need_lc, $1)=yes + # This is similar to how AIX traditionally builds its shared libraries. + _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' + fi + fi + ;; + + amigaos*) + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='' + ;; + m68k) + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_minus_L, $1)=yes + ;; + esac + ;; + + bsdi[[45]]*) + _LT_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic + ;; + + cygwin* | mingw* | pw32* | cegcc*) + # When not using gcc, we currently assume that we are using + # Microsoft Visual C++. + # hardcode_libdir_flag_spec is actually meaningless, as there is + # no search path for DLLs. + case $cc_basename in + cl*) + # Native MSVC + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='@' + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' + _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; + else + sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; + fi~ + $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ + linknames=' + # The linker will not automatically build a static lib if we build a DLL. + # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1,DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols' + # Don't use ranlib + _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib' + _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~ + lt_tool_outputfile="@TOOL_OUTPUT@"~ + case $lt_outputfile in + *.exe|*.EXE) ;; + *) + lt_outputfile="$lt_outputfile.exe" + lt_tool_outputfile="$lt_tool_outputfile.exe" + ;; + esac~ + if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then + $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; + $RM "$lt_outputfile.manifest"; + fi' + ;; + *) + # Assume MSVC wrapper + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + _LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames=' + # The linker will automatically build a .lib file if we build a DLL. + _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' + # FIXME: Should let the user specify the lib program. + _LT_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs' + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + ;; + esac + ;; + + darwin* | rhapsody*) + _LT_DARWIN_LINKER_FEATURES($1) + ;; + + dgux*) + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + freebsd1*) + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor + # support. Future versions do this automatically, but an explicit c++rt0.o + # does not break anything, and helps significantly (at the cost of a little + # extra space). + freebsd2.2*) + _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + # Unfortunately, older versions of FreeBSD 2 do not have this feature. + freebsd2*) + _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_minus_L, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + # FreeBSD 3 and greater uses gcc -shared to do shared libraries. + freebsd* | dragonfly*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + hpux9*) + if test "$GCC" = yes; then + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + else + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + fi + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + _LT_TAGVAR(hardcode_direct, $1)=yes + + # hardcode_minus_L: Not really in the search PATH, + # but as the default location of the library. + _LT_TAGVAR(hardcode_minus_L, $1)=yes + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + ;; + + hpux10*) + if test "$GCC" = yes && test "$with_gnu_ld" = no; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + else + _LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' + fi + if test "$with_gnu_ld" = no; then + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + # hardcode_minus_L: Not really in the search PATH, + # but as the default location of the library. + _LT_TAGVAR(hardcode_minus_L, $1)=yes + fi + ;; + + hpux11*) + if test "$GCC" = yes && test "$with_gnu_ld" = no; then + case $host_cpu in + hppa*64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' + ;; + ia64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + ;; + esac + else + case $host_cpu in + hppa*64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' + ;; + ia64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' + ;; + *) + m4_if($1, [], [ + # Older versions of the 11.00 compiler do not understand -b yet + # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does) + _LT_LINKER_OPTION([if $CC understands -b], + _LT_TAGVAR(lt_cv_prog_compiler__b, $1), [-b], + [_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'], + [_LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'])], + [_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags']) + ;; + esac + fi + if test "$with_gnu_ld" = no; then + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + + case $host_cpu in + hppa*64*|ia64*) + _LT_TAGVAR(hardcode_direct, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + *) + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + + # hardcode_minus_L: Not really in the search PATH, + # but as the default location of the library. + _LT_TAGVAR(hardcode_minus_L, $1)=yes + ;; + esac + fi + ;; + + irix5* | irix6* | nonstopux*) + if test "$GCC" = yes; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + # Try to use the -exported_symbol ld option, if it does not + # work, assume that -exports_file does not work either and + # implicitly export all symbols. + # This should be the same for all languages, so no per-tag cache variable. + AC_CACHE_CHECK([whether the $host_os linker accepts -exported_symbol], + [lt_cv_irix_exported_symbol], + [save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null" + AC_LINK_IFELSE( + [AC_LANG_SOURCE( + [AC_LANG_CASE([C], [[int foo (void) { return 0; }]], + [C++], [[int foo (void) { return 0; }]], + [Fortran 77], [[ + subroutine foo + end]], + [Fortran], [[ + subroutine foo + end]])])], + [lt_cv_irix_exported_symbol=yes], + [lt_cv_irix_exported_symbol=no]) + LDFLAGS="$save_LDFLAGS"]) + if test "$lt_cv_irix_exported_symbol" = yes; then + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib' + fi + else + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib' + fi + _LT_TAGVAR(archive_cmds_need_lc, $1)='no' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + _LT_TAGVAR(inherit_rpath, $1)=yes + _LT_TAGVAR(link_all_deplibs, $1)=yes + ;; + + netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out + else + _LT_TAGVAR(archive_cmds, $1)='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF + fi + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + newsos6) + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + *nto* | *qnx*) + ;; + + openbsd*) + if test -f /usr/libexec/ld.so; then + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + else + case $host_os in + openbsd[[01]].* | openbsd2.[[0-7]] | openbsd2.[[0-7]].*) + _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + ;; + esac + fi + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + os2*) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_minus_L, $1)=yes + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~echo DATA >> $output_objdir/$libname.def~echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' + _LT_TAGVAR(old_archive_from_new_cmds, $1)='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' + ;; + + osf3*) + if test "$GCC" = yes; then + _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + else + _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + fi + _LT_TAGVAR(archive_cmds_need_lc, $1)='no' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + ;; + + osf4* | osf5*) # as osf3* with the addition of -msym flag + if test "$GCC" = yes; then + _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + else + _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~ + $CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp' + + # Both c and cxx compiler support -rpath directly + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' + fi + _LT_TAGVAR(archive_cmds_need_lc, $1)='no' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + ;; + + solaris*) + _LT_TAGVAR(no_undefined_flag, $1)=' -z defs' + if test "$GCC" = yes; then + wlarc='${wl}' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' + else + case `$CC -V 2>&1` in + *"Compilers 5.0"*) + wlarc='' + _LT_TAGVAR(archive_cmds, $1)='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp' + ;; + *) + wlarc='${wl}' + _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' + ;; + esac + fi + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + case $host_os in + solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; + *) + # The compiler driver will combine and reorder linker options, + # but understands `-z linker_flag'. GCC discards it without `$wl', + # but is careful enough not to reorder. + # Supported since Solaris 2.6 (maybe 2.5.1?) + if test "$GCC" = yes; then + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract' + else + _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract' + fi + ;; + esac + _LT_TAGVAR(link_all_deplibs, $1)=yes + ;; + + sunos4*) + if test "x$host_vendor" = xsequent; then + # Use $CC to link under sequent, because it throws in some extra .o + # files that make .init and .fini sections work. + _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags' + else + _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' + fi + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_minus_L, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + sysv4) + case $host_vendor in + sni) + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_direct, $1)=yes # is this really true??? + ;; + siemens) + ## LD is ld it makes a PLAMLIB + ## CC just makes a GrossModule. + _LT_TAGVAR(archive_cmds, $1)='$LD -G -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(reload_cmds, $1)='$CC -r -o $output$reload_objs' + _LT_TAGVAR(hardcode_direct, $1)=no + ;; + motorola) + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_direct, $1)=no #Motorola manual says yes, but my tests say they lie + ;; + esac + runpath_var='LD_RUN_PATH' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + sysv4.3*) + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(export_dynamic_flag_spec, $1)='-Bexport' + ;; + + sysv4*MP*) + if test -d /usr/nec; then + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + runpath_var=LD_RUN_PATH + hardcode_runpath_var=yes + _LT_TAGVAR(ld_shlibs, $1)=yes + fi + ;; + + sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*) + _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + runpath_var='LD_RUN_PATH' + + if test "$GCC" = yes; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + else + _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + fi + ;; + + sysv5* | sco3.2v5* | sco5v6*) + # Note: We can NOT use -z defs as we might desire, because we do not + # link with -lc, and that would cause any symbols used from libc to + # always be unresolved, which means just about no library would + # ever link correctly. If we're not using GNU ld we use -z text + # though, which does catch some bad symbols but isn't as heavy-handed + # as -z defs. + _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' + _LT_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs' + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R,$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=':' + _LT_TAGVAR(link_all_deplibs, $1)=yes + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport' + runpath_var='LD_RUN_PATH' + + if test "$GCC" = yes; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + else + _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + fi + ;; + + uts4*) + _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + + *) + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + + if test x$host_vendor = xsni; then + case $host in + sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*) + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Blargedynsym' + ;; + esac + fi + fi +]) +AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)]) +test "$_LT_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no + +_LT_TAGVAR(with_gnu_ld, $1)=$with_gnu_ld + +_LT_DECL([], [libext], [0], [Old archive suffix (normally "a")])dnl +_LT_DECL([], [shrext_cmds], [1], [Shared library suffix (normally ".so")])dnl +_LT_DECL([], [extract_expsyms_cmds], [2], + [The commands to extract the exported symbol list from a shared archive]) + +# +# Do we need to explicitly link libc? +# +case "x$_LT_TAGVAR(archive_cmds_need_lc, $1)" in +x|xyes) + # Assume -lc should be added + _LT_TAGVAR(archive_cmds_need_lc, $1)=yes + + if test "$enable_shared" = yes && test "$GCC" = yes; then + case $_LT_TAGVAR(archive_cmds, $1) in + *'~'*) + # FIXME: we may have to deal with multi-command sequences. + ;; + '$CC '*) + # Test whether the compiler implicitly links with -lc since on some + # systems, -lgcc has to come before -lc. If gcc already passes -lc + # to ld, don't add -lc before -lgcc. + AC_CACHE_CHECK([whether -lc should be explicitly linked in], + [lt_cv_]_LT_TAGVAR(archive_cmds_need_lc, $1), + [$RM conftest* + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + + if AC_TRY_EVAL(ac_compile) 2>conftest.err; then + soname=conftest + lib=conftest + libobjs=conftest.$ac_objext + deplibs= + wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1) + pic_flag=$_LT_TAGVAR(lt_prog_compiler_pic, $1) + compiler_flags=-v + linker_flags=-v + verstring= + output_objdir=. + libname=conftest + lt_save_allow_undefined_flag=$_LT_TAGVAR(allow_undefined_flag, $1) + _LT_TAGVAR(allow_undefined_flag, $1)= + if AC_TRY_EVAL(_LT_TAGVAR(archive_cmds, $1) 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) + then + lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=no + else + lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=yes + fi + _LT_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag + else + cat conftest.err 1>&5 + fi + $RM conftest* + ]) + _LT_TAGVAR(archive_cmds_need_lc, $1)=$lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1) + ;; + esac + fi + ;; +esac + +_LT_TAGDECL([build_libtool_need_lc], [archive_cmds_need_lc], [0], + [Whether or not to add -lc for building shared libraries]) +_LT_TAGDECL([allow_libtool_libs_with_static_runtimes], + [enable_shared_with_static_runtimes], [0], + [Whether or not to disallow shared libs when runtime libs are static]) +_LT_TAGDECL([], [export_dynamic_flag_spec], [1], + [Compiler flag to allow reflexive dlopens]) +_LT_TAGDECL([], [whole_archive_flag_spec], [1], + [Compiler flag to generate shared objects directly from archives]) +_LT_TAGDECL([], [compiler_needs_object], [1], + [Whether the compiler copes with passing no objects directly]) +_LT_TAGDECL([], [old_archive_from_new_cmds], [2], + [Create an old-style archive from a shared archive]) +_LT_TAGDECL([], [old_archive_from_expsyms_cmds], [2], + [Create a temporary old-style archive to link instead of a shared archive]) +_LT_TAGDECL([], [archive_cmds], [2], [Commands used to build a shared archive]) +_LT_TAGDECL([], [archive_expsym_cmds], [2]) +_LT_TAGDECL([], [module_cmds], [2], + [Commands used to build a loadable module if different from building + a shared archive.]) +_LT_TAGDECL([], [module_expsym_cmds], [2]) +_LT_TAGDECL([], [with_gnu_ld], [1], + [Whether we are building with GNU ld or not]) +_LT_TAGDECL([], [allow_undefined_flag], [1], + [Flag that allows shared libraries with undefined symbols to be built]) +_LT_TAGDECL([], [no_undefined_flag], [1], + [Flag that enforces no undefined symbols]) +_LT_TAGDECL([], [hardcode_libdir_flag_spec], [1], + [Flag to hardcode $libdir into a binary during linking. + This must work even if $libdir does not exist]) +_LT_TAGDECL([], [hardcode_libdir_flag_spec_ld], [1], + [[If ld is used when linking, flag to hardcode $libdir into a binary + during linking. This must work even if $libdir does not exist]]) +_LT_TAGDECL([], [hardcode_libdir_separator], [1], + [Whether we need a single "-rpath" flag with a separated argument]) +_LT_TAGDECL([], [hardcode_direct], [0], + [Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes + DIR into the resulting binary]) +_LT_TAGDECL([], [hardcode_direct_absolute], [0], + [Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes + DIR into the resulting binary and the resulting library dependency is + "absolute", i.e impossible to change by setting ${shlibpath_var} if the + library is relocated]) +_LT_TAGDECL([], [hardcode_minus_L], [0], + [Set to "yes" if using the -LDIR flag during linking hardcodes DIR + into the resulting binary]) +_LT_TAGDECL([], [hardcode_shlibpath_var], [0], + [Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR + into the resulting binary]) +_LT_TAGDECL([], [hardcode_automatic], [0], + [Set to "yes" if building a shared library automatically hardcodes DIR + into the library and all subsequent libraries and executables linked + against it]) +_LT_TAGDECL([], [inherit_rpath], [0], + [Set to yes if linker adds runtime paths of dependent libraries + to runtime path list]) +_LT_TAGDECL([], [link_all_deplibs], [0], + [Whether libtool must link a program against all its dependency libraries]) +_LT_TAGDECL([], [always_export_symbols], [0], + [Set to "yes" if exported symbols are required]) +_LT_TAGDECL([], [export_symbols_cmds], [2], + [The commands to list exported symbols]) +_LT_TAGDECL([], [exclude_expsyms], [1], + [Symbols that should not be listed in the preloaded symbols]) +_LT_TAGDECL([], [include_expsyms], [1], + [Symbols that must always be exported]) +_LT_TAGDECL([], [prelink_cmds], [2], + [Commands necessary for linking programs (against libraries) with templates]) +_LT_TAGDECL([], [postlink_cmds], [2], + [Commands necessary for finishing linking programs]) +_LT_TAGDECL([], [file_list_spec], [1], + [Specify filename containing input files]) +dnl FIXME: Not yet implemented +dnl _LT_TAGDECL([], [thread_safe_flag_spec], [1], +dnl [Compiler flag to generate thread safe objects]) +])# _LT_LINKER_SHLIBS + + +# _LT_LANG_C_CONFIG([TAG]) +# ------------------------ +# Ensure that the configuration variables for a C compiler are suitably +# defined. These variables are subsequently used by _LT_CONFIG to write +# the compiler configuration to `libtool'. +m4_defun([_LT_LANG_C_CONFIG], +[m4_require([_LT_DECL_EGREP])dnl +lt_save_CC="$CC" +AC_LANG_PUSH(C) + +# Source file extension for C test sources. +ac_ext=c + +# Object file extension for compiled C test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# Code to be used in simple compile tests +lt_simple_compile_test_code="int some_variable = 0;" + +# Code to be used in simple link tests +lt_simple_link_test_code='int main(){return(0);}' + +_LT_TAG_COMPILER +# Save the default compiler, since it gets overwritten when the other +# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP. +compiler_DEFAULT=$CC + +# save warnings/boilerplate of simple test code +_LT_COMPILER_BOILERPLATE +_LT_LINKER_BOILERPLATE + +if test -n "$compiler"; then + _LT_COMPILER_NO_RTTI($1) + _LT_COMPILER_PIC($1) + _LT_COMPILER_C_O($1) + _LT_COMPILER_FILE_LOCKS($1) + _LT_LINKER_SHLIBS($1) + _LT_SYS_DYNAMIC_LINKER($1) + _LT_LINKER_HARDCODE_LIBPATH($1) + LT_SYS_DLOPEN_SELF + _LT_CMD_STRIPLIB + + # Report which library types will actually be built + AC_MSG_CHECKING([if libtool supports shared libraries]) + AC_MSG_RESULT([$can_build_shared]) + + AC_MSG_CHECKING([whether to build shared libraries]) + test "$can_build_shared" = "no" && enable_shared=no + + # On AIX, shared libraries and static libraries use the same namespace, and + # are all built from PIC. + case $host_os in + aix3*) + test "$enable_shared" = yes && enable_static=no + if test -n "$RANLIB"; then + archive_cmds="$archive_cmds~\$RANLIB \$lib" + postinstall_cmds='$RANLIB $lib' + fi + ;; + + aix[[4-9]]*) + if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then + test "$enable_shared" = yes && enable_static=no + fi + ;; + esac + AC_MSG_RESULT([$enable_shared]) + + AC_MSG_CHECKING([whether to build static libraries]) + # Make sure either enable_shared or enable_static is yes. + test "$enable_shared" = yes || enable_static=yes + AC_MSG_RESULT([$enable_static]) + + _LT_CONFIG($1) +fi +AC_LANG_POP +CC="$lt_save_CC" +])# _LT_LANG_C_CONFIG + + +# _LT_LANG_CXX_CONFIG([TAG]) +# -------------------------- +# Ensure that the configuration variables for a C++ compiler are suitably +# defined. These variables are subsequently used by _LT_CONFIG to write +# the compiler configuration to `libtool'. +m4_defun([_LT_LANG_CXX_CONFIG], +[m4_require([_LT_FILEUTILS_DEFAULTS])dnl +m4_require([_LT_DECL_EGREP])dnl +m4_require([_LT_PATH_MANIFEST_TOOL])dnl +if test -n "$CXX" && ( test "X$CXX" != "Xno" && + ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || + (test "X$CXX" != "Xg++"))) ; then + AC_PROG_CXXCPP +else + _lt_caught_CXX_error=yes +fi + +AC_LANG_PUSH(C++) +_LT_TAGVAR(archive_cmds_need_lc, $1)=no +_LT_TAGVAR(allow_undefined_flag, $1)= +_LT_TAGVAR(always_export_symbols, $1)=no +_LT_TAGVAR(archive_expsym_cmds, $1)= +_LT_TAGVAR(compiler_needs_object, $1)=no +_LT_TAGVAR(export_dynamic_flag_spec, $1)= +_LT_TAGVAR(hardcode_direct, $1)=no +_LT_TAGVAR(hardcode_direct_absolute, $1)=no +_LT_TAGVAR(hardcode_libdir_flag_spec, $1)= +_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= +_LT_TAGVAR(hardcode_libdir_separator, $1)= +_LT_TAGVAR(hardcode_minus_L, $1)=no +_LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported +_LT_TAGVAR(hardcode_automatic, $1)=no +_LT_TAGVAR(inherit_rpath, $1)=no +_LT_TAGVAR(module_cmds, $1)= +_LT_TAGVAR(module_expsym_cmds, $1)= +_LT_TAGVAR(link_all_deplibs, $1)=unknown +_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds +_LT_TAGVAR(reload_flag, $1)=$reload_flag +_LT_TAGVAR(reload_cmds, $1)=$reload_cmds +_LT_TAGVAR(no_undefined_flag, $1)= +_LT_TAGVAR(whole_archive_flag_spec, $1)= +_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no + +# Source file extension for C++ test sources. +ac_ext=cpp + +# Object file extension for compiled C++ test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# No sense in running all these tests if we already determined that +# the CXX compiler isn't working. Some variables (like enable_shared) +# are currently assumed to apply to all compilers on this platform, +# and will be corrupted by setting them based on a non-working compiler. +if test "$_lt_caught_CXX_error" != yes; then + # Code to be used in simple compile tests + lt_simple_compile_test_code="int some_variable = 0;" + + # Code to be used in simple link tests + lt_simple_link_test_code='int main(int, char *[[]]) { return(0); }' + + # ltmain only uses $CC for tagged configurations so make sure $CC is set. + _LT_TAG_COMPILER + + # save warnings/boilerplate of simple test code + _LT_COMPILER_BOILERPLATE + _LT_LINKER_BOILERPLATE + + # Allow CC to be a program name with arguments. + lt_save_CC=$CC + lt_save_CFLAGS=$CFLAGS + lt_save_LD=$LD + lt_save_GCC=$GCC + GCC=$GXX + lt_save_with_gnu_ld=$with_gnu_ld + lt_save_path_LD=$lt_cv_path_LD + if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then + lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx + else + $as_unset lt_cv_prog_gnu_ld + fi + if test -n "${lt_cv_path_LDCXX+set}"; then + lt_cv_path_LD=$lt_cv_path_LDCXX + else + $as_unset lt_cv_path_LD + fi + test -z "${LDCXX+set}" || LD=$LDCXX + CC=${CXX-"c++"} + CFLAGS=$CXXFLAGS + compiler=$CC + _LT_TAGVAR(compiler, $1)=$CC + _LT_CC_BASENAME([$compiler]) + + if test -n "$compiler"; then + # We don't want -fno-exception when compiling C++ code, so set the + # no_builtin_flag separately + if test "$GXX" = yes; then + _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' + else + _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)= + fi + + if test "$GXX" = yes; then + # Set up default GNU C++ configuration + + LT_PATH_LD + + # Check if GNU C++ uses GNU ld as the underlying linker, since the + # archiving commands below assume that GNU ld is being used. + if test "$with_gnu_ld" = yes; then + _LT_TAGVAR(archive_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + + # If archive_cmds runs LD, not CC, wlarc should be empty + # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to + # investigate it a little bit more. (MM) + wlarc='${wl}' + + # ancient GNU ld didn't support --whole-archive et. al. + if eval "`$CC -print-prog-name=ld` --help 2>&1" | + $GREP 'no-whole-archive' > /dev/null; then + _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' + else + _LT_TAGVAR(whole_archive_flag_spec, $1)= + fi + else + with_gnu_ld=no + wlarc= + + # A generic and very simple default shared library creation + # command for GNU C++ for the case where it uses the native + # linker, instead of GNU ld. If possible, this setting should + # overridden to take advantage of the native linker features on + # the platform it is being used on. + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' + fi + + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + + else + GXX=no + with_gnu_ld=no + wlarc= + fi + + # PORTME: fill in a description of your system's C++ link characteristics + AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) + _LT_TAGVAR(ld_shlibs, $1)=yes + case $host_os in + aix3*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + aix[[4-9]]*) + if test "$host_cpu" = ia64; then + # On IA64, the linker does run time linking by default, so we don't + # have to do anything special. + aix_use_runtimelinking=no + exp_sym_flag='-Bexport' + no_entry_flag="" + else + aix_use_runtimelinking=no + + # Test if we are trying to use run time linking or normal + # AIX style linking. If -brtl is somewhere in LDFLAGS, we + # need to do runtime linking. + case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*) + for ld_flag in $LDFLAGS; do + case $ld_flag in + *-brtl*) + aix_use_runtimelinking=yes + break + ;; + esac + done + ;; + esac + + exp_sym_flag='-bexport' + no_entry_flag='-bnoentry' + fi + + # When large executables or shared objects are built, AIX ld can + # have problems creating the table of contents. If linking a library + # or program results in "error TOC overflow" add -mminimal-toc to + # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not + # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. + + _LT_TAGVAR(archive_cmds, $1)='' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + _LT_TAGVAR(hardcode_libdir_separator, $1)=':' + _LT_TAGVAR(link_all_deplibs, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='${wl}-f,' + + if test "$GXX" = yes; then + case $host_os in aix4.[[012]]|aix4.[[012]].*) + # We only want to do this on AIX 4.2 and lower, the check + # below for broken collect2 doesn't work under 4.3+ + collect2name=`${CC} -print-prog-name=collect2` + if test -f "$collect2name" && + strings "$collect2name" | $GREP resolve_lib_name >/dev/null + then + # We have reworked collect2 + : + else + # We have old collect2 + _LT_TAGVAR(hardcode_direct, $1)=unsupported + # It fails to find uninstalled libraries when the uninstalled + # path is not listed in the libpath. Setting hardcode_minus_L + # to unsupported forces relinking + _LT_TAGVAR(hardcode_minus_L, $1)=yes + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)= + fi + esac + shared_flag='-shared' + if test "$aix_use_runtimelinking" = yes; then + shared_flag="$shared_flag "'${wl}-G' + fi + else + # not using gcc + if test "$host_cpu" = ia64; then + # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release + # chokes on -Wl,-G. The following line is correct: + shared_flag='-G' + else + if test "$aix_use_runtimelinking" = yes; then + shared_flag='${wl}-G' + else + shared_flag='${wl}-bM:SRE' + fi + fi + fi + + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-bexpall' + # It seems that -bexpall does not export symbols beginning with + # underscore (_), so it is better to generate a list of symbols to + # export. + _LT_TAGVAR(always_export_symbols, $1)=yes + if test "$aix_use_runtimelinking" = yes; then + # Warning - without using the other runtime loading flags (-brtl), + # -berok will link without error, but may produce a broken library. + _LT_TAGVAR(allow_undefined_flag, $1)='-berok' + # Determine the default libpath from the value encoded in an empty + # executable. + _LT_SYS_MODULE_PATH_AIX([$1]) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" + + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" + else + if test "$host_cpu" = ia64; then + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib' + _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs" + _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" + else + # Determine the default libpath from the value encoded in an + # empty executable. + _LT_SYS_MODULE_PATH_AIX([$1]) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" + # Warning - without using the other run time loading flags, + # -berok will link without error, but may produce a broken library. + _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok' + _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok' + if test "$with_gnu_ld" = yes; then + # We only use this code for GNU lds that support --whole-archive. + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' + else + # Exported symbols can be pulled into shared objects from archives + _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience' + fi + _LT_TAGVAR(archive_cmds_need_lc, $1)=yes + # This is similar to how AIX traditionally builds its shared + # libraries. + _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' + fi + fi + ;; + + beos*) + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + # Joseph Beckenbach says some releases of gcc + # support --undefined. This deserves some investigation. FIXME + _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + chorus*) + case $cc_basename in + *) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + ;; + + cygwin* | mingw* | pw32* | cegcc*) + case $GXX,$cc_basename in + ,cl* | no,cl*) + # Native MSVC + # hardcode_libdir_flag_spec is actually meaningless, as there is + # no search path for DLLs. + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='@' + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' + _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + $SED -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; + else + $SED -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; + fi~ + $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ + linknames=' + # The linker will not automatically build a static lib if we build a DLL. + # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + # Don't use ranlib + _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib' + _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~ + lt_tool_outputfile="@TOOL_OUTPUT@"~ + case $lt_outputfile in + *.exe|*.EXE) ;; + *) + lt_outputfile="$lt_outputfile.exe" + lt_tool_outputfile="$lt_tool_outputfile.exe" + ;; + esac~ + func_to_tool_file "$lt_outputfile"~ + if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then + $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; + $RM "$lt_outputfile.manifest"; + fi' + ;; + *) + # g++ + # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, + # as there is no search path for DLLs. + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=no + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + + if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + # If the export-symbols file already is a .def file (1st line + # is EXPORTS), use it as is; otherwise, prepend... + _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + cp $export_symbols $output_objdir/$soname.def; + else + echo EXPORTS > $output_objdir/$soname.def; + cat $export_symbols >> $output_objdir/$soname.def; + fi~ + $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + ;; + darwin* | rhapsody*) + _LT_DARWIN_LINKER_FEATURES($1) + ;; + + dgux*) + case $cc_basename in + ec++*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + ghcx*) + # Green Hills C++ Compiler + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + *) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + ;; + + freebsd[[12]]*) + # C++ shared libraries reported to be fairly broken before + # switch to ELF + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + freebsd-elf*) + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + ;; + + freebsd* | dragonfly*) + # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF + # conventions + _LT_TAGVAR(ld_shlibs, $1)=yes + ;; + + gnu*) + ;; + + haiku*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(link_all_deplibs, $1)=yes + ;; + + hpux9*) + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH, + # but as the default + # location of the library. + + case $cc_basename in + CC*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + aCC*) + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + # + # There doesn't appear to be a way to prevent this compiler from + # explicitly linking system object files so we need to strip them + # from the output so that they don't get included in the library + # dependencies. + output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + ;; + *) + if test "$GXX" = yes; then + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -nostdlib $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + else + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + ;; + + hpux10*|hpux11*) + if test $with_gnu_ld = no; then + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + + case $host_cpu in + hppa*64*|ia64*) + ;; + *) + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + ;; + esac + fi + case $host_cpu in + hppa*64*|ia64*) + _LT_TAGVAR(hardcode_direct, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + ;; + *) + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH, + # but as the default + # location of the library. + ;; + esac + + case $cc_basename in + CC*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + aCC*) + case $host_cpu in + hppa*64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + ;; + ia64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + ;; + esac + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + # + # There doesn't appear to be a way to prevent this compiler from + # explicitly linking system object files so we need to strip them + # from the output so that they don't get included in the library + # dependencies. + output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + ;; + *) + if test "$GXX" = yes; then + if test $with_gnu_ld = no; then + case $host_cpu in + hppa*64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + ;; + ia64*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + ;; + esac + fi + else + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + ;; + + interix[[3-9]]*) + _LT_TAGVAR(hardcode_direct, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. + # Instead, shared libraries are loaded at an image base (0x10000000 by + # default) and relocated if they conflict, which is a slow very memory + # consuming and fragmenting process. To avoid this, we pick a random, + # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link + # time. Moving up from 0x10000000 also allows more sbrk(2) space. + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + ;; + irix5* | irix6*) + case $cc_basename in + CC*) + # SGI C++ + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + + # Archives containing C++ object files must be created using + # "CC -ar", where "CC" is the IRIX C++ compiler. This is + # necessary to make sure instantiated templates are included + # in the archive. + _LT_TAGVAR(old_archive_cmds, $1)='$CC -ar -WR,-u -o $oldlib $oldobjs' + ;; + *) + if test "$GXX" = yes; then + if test "$with_gnu_ld" = no; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + else + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` -o $lib' + fi + fi + _LT_TAGVAR(link_all_deplibs, $1)=yes + ;; + esac + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + _LT_TAGVAR(inherit_rpath, $1)=yes + ;; + + linux* | k*bsd*-gnu | kopensolaris*-gnu) + case $cc_basename in + KCC*) + # Kuck and Associates, Inc. (KAI) C++ Compiler + + # KCC will only create a shared library if the output file + # ends with ".so" (or ".sl" for HP-UX), so rename the library + # to its proper name (with version) after linking. + _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib' + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + # + # There doesn't appear to be a way to prevent this compiler from + # explicitly linking system object files so we need to strip them + # from the output so that they don't get included in the library + # dependencies. + output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + + # Archives containing C++ object files must be created using + # "CC -Bstatic", where "CC" is the KAI C++ compiler. + _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' + ;; + icpc* | ecpc* ) + # Intel C++ + with_gnu_ld=yes + # version 8.0 and above of icpc choke on multiply defined symbols + # if we add $predep_objects and $postdep_objects, however 7.1 and + # earlier do not add the objects themselves. + case `$CC -V 2>&1` in + *"Version 7."*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + ;; + *) # Version 8.0 or newer + tmp_idyn= + case $host_cpu in + ia64*) tmp_idyn=' -i_dynamic';; + esac + _LT_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + ;; + esac + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' + ;; + pgCC* | pgcpp*) + # Portland Group C++ compiler + case `$CC -V` in + *pgCC\ [[1-5]].* | *pgcpp\ [[1-5]].*) + _LT_TAGVAR(prelink_cmds, $1)='tpldir=Template.dir~ + rm -rf $tpldir~ + $CC --prelink_objects --instantiation_dir $tpldir $objs $libobjs $compile_deplibs~ + compile_command="$compile_command `find $tpldir -name \*.o | sort | $NL2SP`"' + _LT_TAGVAR(old_archive_cmds, $1)='tpldir=Template.dir~ + rm -rf $tpldir~ + $CC --prelink_objects --instantiation_dir $tpldir $oldobjs$old_deplibs~ + $AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | sort | $NL2SP`~ + $RANLIB $oldlib' + _LT_TAGVAR(archive_cmds, $1)='tpldir=Template.dir~ + rm -rf $tpldir~ + $CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~ + $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='tpldir=Template.dir~ + rm -rf $tpldir~ + $CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~ + $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib' + ;; + *) # Version 6 and above use weak symbols + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib' + ;; + esac + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + ;; + cxx*) + # Compaq C++ + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib ${wl}-retain-symbols-file $wl$export_symbols' + + runpath_var=LD_RUN_PATH + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + # + # There doesn't appear to be a way to prevent this compiler from + # explicitly linking system object files so we need to strip them + # from the output so that they don't get included in the library + # dependencies. + output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "X$list" | $Xsed' + ;; + xl* | mpixl* | bgxl*) + # IBM XL 8.0 on PPC, with GNU ld + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + _LT_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + if test "x$supports_anon_versioning" = xyes; then + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ + cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + echo "local: *; };" >> $output_objdir/$libname.ver~ + $CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' + fi + ;; + *) + case `$CC -V 2>&1 | sed 5q` in + *Sun\ C*) + # Sun C++ 5.9 + _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs' + _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file ${wl}$export_symbols' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + _LT_TAGVAR(compiler_needs_object, $1)=yes + + # Not sure whether something based on + # $CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 + # would be better. + output_verbose_link_cmd='func_echo_all' + + # Archives containing C++ object files must be created using + # "CC -xar", where "CC" is the Sun C++ compiler. This is + # necessary to make sure instantiated templates are included + # in the archive. + _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs' + ;; + esac + ;; + esac + ;; + + lynxos*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + m88k*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + mvs*) + case $cc_basename in + cxx*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + *) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + ;; + + netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags' + wlarc= + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + fi + # Workaround some broken pre-1.5 toolchains + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"' + ;; + + *nto* | *qnx*) + _LT_TAGVAR(ld_shlibs, $1)=yes + ;; + + openbsd2*) + # C++ shared libraries are fairly broken + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + openbsd*) + if test -f /usr/libexec/ld.so; then + _LT_TAGVAR(hardcode_direct, $1)=yes + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(hardcode_direct_absolute, $1)=yes + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' + fi + output_verbose_link_cmd=func_echo_all + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + + osf3* | osf4* | osf5*) + case $cc_basename in + KCC*) + # Kuck and Associates, Inc. (KAI) C++ Compiler + + # KCC will only create a shared library if the output file + # ends with ".so" (or ".sl" for HP-UX), so rename the library + # to its proper name (with version) after linking. + _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo "$lib" | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + + # Archives containing C++ object files must be created using + # the KAI C++ compiler. + case $host in + osf3*) _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' ;; + *) _LT_TAGVAR(old_archive_cmds, $1)='$CC -o $oldlib $oldobjs' ;; + esac + ;; + RCC*) + # Rational C++ 2.4.1 + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + cxx*) + case $host in + osf3*) + _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && func_echo_all "${wl}-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + ;; + *) + _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~ + echo "-hidden">> $lib.exp~ + $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname ${wl}-input ${wl}$lib.exp `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~ + $RM $lib.exp' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' + ;; + esac + + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + # + # There doesn't appear to be a way to prevent this compiler from + # explicitly linking system object files so we need to strip them + # from the output so that they don't get included in the library + # dependencies. + output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + ;; + *) + if test "$GXX" = yes && test "$with_gnu_ld" = no; then + _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' + case $host in + osf3*) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + ;; + esac + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=: + + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + + else + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + ;; + + psos*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + sunos4*) + case $cc_basename in + CC*) + # Sun C++ 4.x + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + lcc*) + # Lucid + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + *) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + ;; + + solaris*) + case $cc_basename in + CC* | sunCC*) + # Sun C++ 4.2, 5.x and Centerline C++ + _LT_TAGVAR(archive_cmds_need_lc,$1)=yes + _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs' + _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + case $host_os in + solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; + *) + # The compiler driver will combine and reorder linker options, + # but understands `-z linker_flag'. + # Supported since Solaris 2.6 (maybe 2.5.1?) + _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract' + ;; + esac + _LT_TAGVAR(link_all_deplibs, $1)=yes + + output_verbose_link_cmd='func_echo_all' + + # Archives containing C++ object files must be created using + # "CC -xar", where "CC" is the Sun C++ compiler. This is + # necessary to make sure instantiated templates are included + # in the archive. + _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs' + ;; + gcx*) + # Green Hills C++ Compiler + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' + + # The C++ compiler must be used to create the archive. + _LT_TAGVAR(old_archive_cmds, $1)='$CC $LDFLAGS -archive -o $oldlib $oldobjs' + ;; + *) + # GNU C++ compiler with Solaris linker + if test "$GXX" = yes && test "$with_gnu_ld" = no; then + _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-z ${wl}defs' + if $CC --version | $GREP -v '^2\.7' > /dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -shared $pic_flag -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' + + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + else + # g++ 2.7 appears to require `-G' NOT `-shared' on this + # platform. + _LT_TAGVAR(archive_cmds, $1)='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' + + # Commands to make compiler produce verbose output that lists + # what "hidden" libraries, object files and flags are used when + # linking a shared library. + output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + fi + + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $wl$libdir' + case $host_os in + solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; + *) + _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract' + ;; + esac + fi + ;; + esac + ;; + + sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*) + _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + runpath_var='LD_RUN_PATH' + + case $cc_basename in + CC*) + _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + ;; + esac + ;; + + sysv5* | sco3.2v5* | sco5v6*) + # Note: We can NOT use -z defs as we might desire, because we do not + # link with -lc, and that would cause any symbols used from libc to + # always be unresolved, which means just about no library would + # ever link correctly. If we're not using GNU ld we use -z text + # though, which does catch some bad symbols but isn't as heavy-handed + # as -z defs. + _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' + _LT_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs' + _LT_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R,$libdir' + _LT_TAGVAR(hardcode_libdir_separator, $1)=':' + _LT_TAGVAR(link_all_deplibs, $1)=yes + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport' + runpath_var='LD_RUN_PATH' + + case $cc_basename in + CC*) + _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(old_archive_cmds, $1)='$CC -Tprelink_objects $oldobjs~ + '"$_LT_TAGVAR(old_archive_cmds, $1)" + _LT_TAGVAR(reload_cmds, $1)='$CC -Tprelink_objects $reload_objs~ + '"$_LT_TAGVAR(reload_cmds, $1)" + ;; + *) + _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + ;; + esac + ;; + + tandem*) + case $cc_basename in + NCC*) + # NonStop-UX NCC 3.20 + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + *) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + ;; + + vxworks*) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + + *) + # FIXME: insert proper C++ library support + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + esac + + AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)]) + test "$_LT_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no + + _LT_TAGVAR(GCC, $1)="$GXX" + _LT_TAGVAR(LD, $1)="$LD" + + ## CAVEAT EMPTOR: + ## There is no encapsulation within the following macros, do not change + ## the running order or otherwise move them around unless you know exactly + ## what you are doing... + _LT_SYS_HIDDEN_LIBDEPS($1) + _LT_COMPILER_PIC($1) + _LT_COMPILER_C_O($1) + _LT_COMPILER_FILE_LOCKS($1) + _LT_LINKER_SHLIBS($1) + _LT_SYS_DYNAMIC_LINKER($1) + _LT_LINKER_HARDCODE_LIBPATH($1) + + _LT_CONFIG($1) + fi # test -n "$compiler" + + CC=$lt_save_CC + CFLAGS=$lt_save_CFLAGS + LDCXX=$LD + LD=$lt_save_LD + GCC=$lt_save_GCC + with_gnu_ld=$lt_save_with_gnu_ld + lt_cv_path_LDCXX=$lt_cv_path_LD + lt_cv_path_LD=$lt_save_path_LD + lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld + lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld +fi # test "$_lt_caught_CXX_error" != yes + +AC_LANG_POP +])# _LT_LANG_CXX_CONFIG + + +# _LT_FUNC_STRIPNAME_CNF +# ---------------------- +# func_stripname_cnf prefix suffix name +# strip PREFIX and SUFFIX off of NAME. +# PREFIX and SUFFIX must not contain globbing or regex special +# characters, hashes, percent signs, but SUFFIX may contain a leading +# dot (in which case that matches only a dot). +# +# This function is identical to the (non-XSI) version of func_stripname, +# except this one can be used by m4 code that may be executed by configure, +# rather than the libtool script. +m4_defun([_LT_FUNC_STRIPNAME_CNF],[dnl +AC_REQUIRE([_LT_DECL_SED]) +AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH]) +func_stripname_cnf () +{ + case ${2} in + .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;; + *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;; + esac +} # func_stripname_cnf +])# _LT_FUNC_STRIPNAME_CNF + +# _LT_SYS_HIDDEN_LIBDEPS([TAGNAME]) +# --------------------------------- +# Figure out "hidden" library dependencies from verbose +# compiler output when linking a shared library. +# Parse the compiler output and extract the necessary +# objects, libraries and library flags. +m4_defun([_LT_SYS_HIDDEN_LIBDEPS], +[m4_require([_LT_FILEUTILS_DEFAULTS])dnl +AC_REQUIRE([_LT_FUNC_STRIPNAME_CNF])dnl +# Dependencies to place before and after the object being linked: +_LT_TAGVAR(predep_objects, $1)= +_LT_TAGVAR(postdep_objects, $1)= +_LT_TAGVAR(predeps, $1)= +_LT_TAGVAR(postdeps, $1)= +_LT_TAGVAR(compiler_lib_search_path, $1)= + +dnl we can't use the lt_simple_compile_test_code here, +dnl because it contains code intended for an executable, +dnl not a library. It's possible we should let each +dnl tag define a new lt_????_link_test_code variable, +dnl but it's only used here... +m4_if([$1], [], [cat > conftest.$ac_ext <<_LT_EOF +int a; +void foo (void) { a = 0; } +_LT_EOF +], [$1], [CXX], [cat > conftest.$ac_ext <<_LT_EOF +class Foo +{ +public: + Foo (void) { a = 0; } +private: + int a; +}; +_LT_EOF +], [$1], [F77], [cat > conftest.$ac_ext <<_LT_EOF + subroutine foo + implicit none + integer*4 a + a=0 + return + end +_LT_EOF +], [$1], [FC], [cat > conftest.$ac_ext <<_LT_EOF + subroutine foo + implicit none + integer a + a=0 + return + end +_LT_EOF +], [$1], [GCJ], [cat > conftest.$ac_ext <<_LT_EOF +public class foo { + private int a; + public void bar (void) { + a = 0; + } +}; +_LT_EOF +]) + +_lt_libdeps_save_CFLAGS=$CFLAGS +case "$CC $CFLAGS " in #( +*\ -flto*\ *) CFLAGS="$CFLAGS -fno-lto" ;; +*\ -fwhopr*\ *) CFLAGS="$CFLAGS -fno-whopr" ;; +esac + +dnl Parse the compiler output and extract the necessary +dnl objects, libraries and library flags. +if AC_TRY_EVAL(ac_compile); then + # Parse the compiler output and extract the necessary + # objects, libraries and library flags. + + # Sentinel used to keep track of whether or not we are before + # the conftest object file. + pre_test_object_deps_done=no + + for p in `eval "$output_verbose_link_cmd"`; do + case ${prev}${p} in + + -L* | -R* | -l*) + # Some compilers place space between "-{L,R}" and the path. + # Remove the space. + if test $p = "-L" || + test $p = "-R"; then + prev=$p + continue + fi + + # Expand the sysroot to ease extracting the directories later. + if test -z "$prev"; then + case $p in + -L*) func_stripname_cnf '-L' '' "$p"; prev=-L; p=$func_stripname_result ;; + -R*) func_stripname_cnf '-R' '' "$p"; prev=-R; p=$func_stripname_result ;; + -l*) func_stripname_cnf '-l' '' "$p"; prev=-l; p=$func_stripname_result ;; + esac + fi + case $p in + =*) func_stripname_cnf '=' '' "$p"; p=$lt_sysroot$func_stripname_result ;; + esac + if test "$pre_test_object_deps_done" = no; then + case ${prev} in + -L | -R) + # Internal compiler library paths should come after those + # provided the user. The postdeps already come after the + # user supplied libs so there is no need to process them. + if test -z "$_LT_TAGVAR(compiler_lib_search_path, $1)"; then + _LT_TAGVAR(compiler_lib_search_path, $1)="${prev}${p}" + else + _LT_TAGVAR(compiler_lib_search_path, $1)="${_LT_TAGVAR(compiler_lib_search_path, $1)} ${prev}${p}" + fi + ;; + # The "-l" case would never come before the object being + # linked, so don't bother handling this case. + esac + else + if test -z "$_LT_TAGVAR(postdeps, $1)"; then + _LT_TAGVAR(postdeps, $1)="${prev}${p}" + else + _LT_TAGVAR(postdeps, $1)="${_LT_TAGVAR(postdeps, $1)} ${prev}${p}" + fi + fi + prev= + ;; + + *.lto.$objext) ;; # Ignore GCC LTO objects + *.$objext) + # This assumes that the test object file only shows up + # once in the compiler output. + if test "$p" = "conftest.$objext"; then + pre_test_object_deps_done=yes + continue + fi + + if test "$pre_test_object_deps_done" = no; then + if test -z "$_LT_TAGVAR(predep_objects, $1)"; then + _LT_TAGVAR(predep_objects, $1)="$p" + else + _LT_TAGVAR(predep_objects, $1)="$_LT_TAGVAR(predep_objects, $1) $p" + fi + else + if test -z "$_LT_TAGVAR(postdep_objects, $1)"; then + _LT_TAGVAR(postdep_objects, $1)="$p" + else + _LT_TAGVAR(postdep_objects, $1)="$_LT_TAGVAR(postdep_objects, $1) $p" + fi + fi + ;; + + *) ;; # Ignore the rest. + + esac + done + + # Clean up. + rm -f a.out a.exe +else + echo "libtool.m4: error: problem compiling $1 test program" +fi + +$RM -f confest.$objext +CFLAGS=$_lt_libdeps_save_CFLAGS + +# PORTME: override above test on systems where it is broken +m4_if([$1], [CXX], +[case $host_os in +interix[[3-9]]*) + # Interix 3.5 installs completely hosed .la files for C++, so rather than + # hack all around it, let's just trust "g++" to DTRT. + _LT_TAGVAR(predep_objects,$1)= + _LT_TAGVAR(postdep_objects,$1)= + _LT_TAGVAR(postdeps,$1)= + ;; + +linux*) + case `$CC -V 2>&1 | sed 5q` in + *Sun\ C*) + # Sun C++ 5.9 + + # The more standards-conforming stlport4 library is + # incompatible with the Cstd library. Avoid specifying + # it if it's in CXXFLAGS. Ignore libCrun as + # -library=stlport4 depends on it. + case " $CXX $CXXFLAGS " in + *" -library=stlport4 "*) + solaris_use_stlport4=yes + ;; + esac + + if test "$solaris_use_stlport4" != yes; then + _LT_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun' + fi + ;; + esac + ;; + +solaris*) + case $cc_basename in + CC* | sunCC*) + # The more standards-conforming stlport4 library is + # incompatible with the Cstd library. Avoid specifying + # it if it's in CXXFLAGS. Ignore libCrun as + # -library=stlport4 depends on it. + case " $CXX $CXXFLAGS " in + *" -library=stlport4 "*) + solaris_use_stlport4=yes + ;; + esac + + # Adding this requires a known-good setup of shared libraries for + # Sun compiler versions before 5.6, else PIC objects from an old + # archive will be linked into the output, leading to subtle bugs. + if test "$solaris_use_stlport4" != yes; then + _LT_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun' + fi + ;; + esac + ;; +esac +]) + +case " $_LT_TAGVAR(postdeps, $1) " in +*" -lc "*) _LT_TAGVAR(archive_cmds_need_lc, $1)=no ;; +esac + _LT_TAGVAR(compiler_lib_search_dirs, $1)= +if test -n "${_LT_TAGVAR(compiler_lib_search_path, $1)}"; then + _LT_TAGVAR(compiler_lib_search_dirs, $1)=`echo " ${_LT_TAGVAR(compiler_lib_search_path, $1)}" | ${SED} -e 's! -L! !g' -e 's!^ !!'` +fi +_LT_TAGDECL([], [compiler_lib_search_dirs], [1], + [The directories searched by this compiler when creating a shared library]) +_LT_TAGDECL([], [predep_objects], [1], + [Dependencies to place before and after the objects being linked to + create a shared library]) +_LT_TAGDECL([], [postdep_objects], [1]) +_LT_TAGDECL([], [predeps], [1]) +_LT_TAGDECL([], [postdeps], [1]) +_LT_TAGDECL([], [compiler_lib_search_path], [1], + [The library search path used internally by the compiler when linking + a shared library]) +])# _LT_SYS_HIDDEN_LIBDEPS + + +# _LT_LANG_F77_CONFIG([TAG]) +# -------------------------- +# Ensure that the configuration variables for a Fortran 77 compiler are +# suitably defined. These variables are subsequently used by _LT_CONFIG +# to write the compiler configuration to `libtool'. +m4_defun([_LT_LANG_F77_CONFIG], +[AC_LANG_PUSH(Fortran 77) +if test -z "$F77" || test "X$F77" = "Xno"; then + _lt_disable_F77=yes +fi + +_LT_TAGVAR(archive_cmds_need_lc, $1)=no +_LT_TAGVAR(allow_undefined_flag, $1)= +_LT_TAGVAR(always_export_symbols, $1)=no +_LT_TAGVAR(archive_expsym_cmds, $1)= +_LT_TAGVAR(export_dynamic_flag_spec, $1)= +_LT_TAGVAR(hardcode_direct, $1)=no +_LT_TAGVAR(hardcode_direct_absolute, $1)=no +_LT_TAGVAR(hardcode_libdir_flag_spec, $1)= +_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= +_LT_TAGVAR(hardcode_libdir_separator, $1)= +_LT_TAGVAR(hardcode_minus_L, $1)=no +_LT_TAGVAR(hardcode_automatic, $1)=no +_LT_TAGVAR(inherit_rpath, $1)=no +_LT_TAGVAR(module_cmds, $1)= +_LT_TAGVAR(module_expsym_cmds, $1)= +_LT_TAGVAR(link_all_deplibs, $1)=unknown +_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds +_LT_TAGVAR(reload_flag, $1)=$reload_flag +_LT_TAGVAR(reload_cmds, $1)=$reload_cmds +_LT_TAGVAR(no_undefined_flag, $1)= +_LT_TAGVAR(whole_archive_flag_spec, $1)= +_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no + +# Source file extension for f77 test sources. +ac_ext=f + +# Object file extension for compiled f77 test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# No sense in running all these tests if we already determined that +# the F77 compiler isn't working. Some variables (like enable_shared) +# are currently assumed to apply to all compilers on this platform, +# and will be corrupted by setting them based on a non-working compiler. +if test "$_lt_disable_F77" != yes; then + # Code to be used in simple compile tests + lt_simple_compile_test_code="\ + subroutine t + return + end +" + + # Code to be used in simple link tests + lt_simple_link_test_code="\ + program t + end +" + + # ltmain only uses $CC for tagged configurations so make sure $CC is set. + _LT_TAG_COMPILER + + # save warnings/boilerplate of simple test code + _LT_COMPILER_BOILERPLATE + _LT_LINKER_BOILERPLATE + + # Allow CC to be a program name with arguments. + lt_save_CC="$CC" + lt_save_GCC=$GCC + lt_save_CFLAGS=$CFLAGS + CC=${F77-"f77"} + CFLAGS=$FFLAGS + compiler=$CC + _LT_TAGVAR(compiler, $1)=$CC + _LT_CC_BASENAME([$compiler]) + GCC=$G77 + if test -n "$compiler"; then + AC_MSG_CHECKING([if libtool supports shared libraries]) + AC_MSG_RESULT([$can_build_shared]) + + AC_MSG_CHECKING([whether to build shared libraries]) + test "$can_build_shared" = "no" && enable_shared=no + + # On AIX, shared libraries and static libraries use the same namespace, and + # are all built from PIC. + case $host_os in + aix3*) + test "$enable_shared" = yes && enable_static=no + if test -n "$RANLIB"; then + archive_cmds="$archive_cmds~\$RANLIB \$lib" + postinstall_cmds='$RANLIB $lib' + fi + ;; + aix[[4-9]]*) + if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then + test "$enable_shared" = yes && enable_static=no + fi + ;; + esac + AC_MSG_RESULT([$enable_shared]) + + AC_MSG_CHECKING([whether to build static libraries]) + # Make sure either enable_shared or enable_static is yes. + test "$enable_shared" = yes || enable_static=yes + AC_MSG_RESULT([$enable_static]) + + _LT_TAGVAR(GCC, $1)="$G77" + _LT_TAGVAR(LD, $1)="$LD" + + ## CAVEAT EMPTOR: + ## There is no encapsulation within the following macros, do not change + ## the running order or otherwise move them around unless you know exactly + ## what you are doing... + _LT_COMPILER_PIC($1) + _LT_COMPILER_C_O($1) + _LT_COMPILER_FILE_LOCKS($1) + _LT_LINKER_SHLIBS($1) + _LT_SYS_DYNAMIC_LINKER($1) + _LT_LINKER_HARDCODE_LIBPATH($1) + + _LT_CONFIG($1) + fi # test -n "$compiler" + + GCC=$lt_save_GCC + CC="$lt_save_CC" + CFLAGS="$lt_save_CFLAGS" +fi # test "$_lt_disable_F77" != yes + +AC_LANG_POP +])# _LT_LANG_F77_CONFIG + + +# _LT_LANG_FC_CONFIG([TAG]) +# ------------------------- +# Ensure that the configuration variables for a Fortran compiler are +# suitably defined. These variables are subsequently used by _LT_CONFIG +# to write the compiler configuration to `libtool'. +m4_defun([_LT_LANG_FC_CONFIG], +[AC_LANG_PUSH(Fortran) + +if test -z "$FC" || test "X$FC" = "Xno"; then + _lt_disable_FC=yes +fi + +_LT_TAGVAR(archive_cmds_need_lc, $1)=no +_LT_TAGVAR(allow_undefined_flag, $1)= +_LT_TAGVAR(always_export_symbols, $1)=no +_LT_TAGVAR(archive_expsym_cmds, $1)= +_LT_TAGVAR(export_dynamic_flag_spec, $1)= +_LT_TAGVAR(hardcode_direct, $1)=no +_LT_TAGVAR(hardcode_direct_absolute, $1)=no +_LT_TAGVAR(hardcode_libdir_flag_spec, $1)= +_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= +_LT_TAGVAR(hardcode_libdir_separator, $1)= +_LT_TAGVAR(hardcode_minus_L, $1)=no +_LT_TAGVAR(hardcode_automatic, $1)=no +_LT_TAGVAR(inherit_rpath, $1)=no +_LT_TAGVAR(module_cmds, $1)= +_LT_TAGVAR(module_expsym_cmds, $1)= +_LT_TAGVAR(link_all_deplibs, $1)=unknown +_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds +_LT_TAGVAR(reload_flag, $1)=$reload_flag +_LT_TAGVAR(reload_cmds, $1)=$reload_cmds +_LT_TAGVAR(no_undefined_flag, $1)= +_LT_TAGVAR(whole_archive_flag_spec, $1)= +_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no + +# Source file extension for fc test sources. +ac_ext=${ac_fc_srcext-f} + +# Object file extension for compiled fc test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# No sense in running all these tests if we already determined that +# the FC compiler isn't working. Some variables (like enable_shared) +# are currently assumed to apply to all compilers on this platform, +# and will be corrupted by setting them based on a non-working compiler. +if test "$_lt_disable_FC" != yes; then + # Code to be used in simple compile tests + lt_simple_compile_test_code="\ + subroutine t + return + end +" + + # Code to be used in simple link tests + lt_simple_link_test_code="\ + program t + end +" + + # ltmain only uses $CC for tagged configurations so make sure $CC is set. + _LT_TAG_COMPILER + + # save warnings/boilerplate of simple test code + _LT_COMPILER_BOILERPLATE + _LT_LINKER_BOILERPLATE + + # Allow CC to be a program name with arguments. + lt_save_CC="$CC" + lt_save_GCC=$GCC + lt_save_CFLAGS=$CFLAGS + CC=${FC-"f95"} + CFLAGS=$FCFLAGS + compiler=$CC + GCC=$ac_cv_fc_compiler_gnu + + _LT_TAGVAR(compiler, $1)=$CC + _LT_CC_BASENAME([$compiler]) + + if test -n "$compiler"; then + AC_MSG_CHECKING([if libtool supports shared libraries]) + AC_MSG_RESULT([$can_build_shared]) + + AC_MSG_CHECKING([whether to build shared libraries]) + test "$can_build_shared" = "no" && enable_shared=no + + # On AIX, shared libraries and static libraries use the same namespace, and + # are all built from PIC. + case $host_os in + aix3*) + test "$enable_shared" = yes && enable_static=no + if test -n "$RANLIB"; then + archive_cmds="$archive_cmds~\$RANLIB \$lib" + postinstall_cmds='$RANLIB $lib' + fi + ;; + aix[[4-9]]*) + if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then + test "$enable_shared" = yes && enable_static=no + fi + ;; + esac + AC_MSG_RESULT([$enable_shared]) + + AC_MSG_CHECKING([whether to build static libraries]) + # Make sure either enable_shared or enable_static is yes. + test "$enable_shared" = yes || enable_static=yes + AC_MSG_RESULT([$enable_static]) + + _LT_TAGVAR(GCC, $1)="$ac_cv_fc_compiler_gnu" + _LT_TAGVAR(LD, $1)="$LD" + + ## CAVEAT EMPTOR: + ## There is no encapsulation within the following macros, do not change + ## the running order or otherwise move them around unless you know exactly + ## what you are doing... + _LT_SYS_HIDDEN_LIBDEPS($1) + _LT_COMPILER_PIC($1) + _LT_COMPILER_C_O($1) + _LT_COMPILER_FILE_LOCKS($1) + _LT_LINKER_SHLIBS($1) + _LT_SYS_DYNAMIC_LINKER($1) + _LT_LINKER_HARDCODE_LIBPATH($1) + + _LT_CONFIG($1) + fi # test -n "$compiler" + + GCC=$lt_save_GCC + CC=$lt_save_CC + CFLAGS=$lt_save_CFLAGS +fi # test "$_lt_disable_FC" != yes + +AC_LANG_POP +])# _LT_LANG_FC_CONFIG + + +# _LT_LANG_GCJ_CONFIG([TAG]) +# -------------------------- +# Ensure that the configuration variables for the GNU Java Compiler compiler +# are suitably defined. These variables are subsequently used by _LT_CONFIG +# to write the compiler configuration to `libtool'. +m4_defun([_LT_LANG_GCJ_CONFIG], +[AC_REQUIRE([LT_PROG_GCJ])dnl +AC_LANG_SAVE + +# Source file extension for Java test sources. +ac_ext=java + +# Object file extension for compiled Java test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# Code to be used in simple compile tests +lt_simple_compile_test_code="class foo {}" + +# Code to be used in simple link tests +lt_simple_link_test_code='public class conftest { public static void main(String[[]] argv) {}; }' + +# ltmain only uses $CC for tagged configurations so make sure $CC is set. +_LT_TAG_COMPILER + +# save warnings/boilerplate of simple test code +_LT_COMPILER_BOILERPLATE +_LT_LINKER_BOILERPLATE + +# Allow CC to be a program name with arguments. +lt_save_CC=$CC +lt_save_CFLAGS=$CFLAGS +lt_save_GCC=$GCC +GCC=yes +CC=${GCJ-"gcj"} +CFLAGS=$GCJFLAGS +compiler=$CC +_LT_TAGVAR(compiler, $1)=$CC +_LT_TAGVAR(LD, $1)="$LD" +_LT_CC_BASENAME([$compiler]) + +# GCJ did not exist at the time GCC didn't implicitly link libc in. +_LT_TAGVAR(archive_cmds_need_lc, $1)=no + +_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds +_LT_TAGVAR(reload_flag, $1)=$reload_flag +_LT_TAGVAR(reload_cmds, $1)=$reload_cmds + +if test -n "$compiler"; then + _LT_COMPILER_NO_RTTI($1) + _LT_COMPILER_PIC($1) + _LT_COMPILER_C_O($1) + _LT_COMPILER_FILE_LOCKS($1) + _LT_LINKER_SHLIBS($1) + _LT_LINKER_HARDCODE_LIBPATH($1) + + _LT_CONFIG($1) +fi + +AC_LANG_RESTORE + +GCC=$lt_save_GCC +CC=$lt_save_CC +CFLAGS=$lt_save_CFLAGS +])# _LT_LANG_GCJ_CONFIG + + +# _LT_LANG_RC_CONFIG([TAG]) +# ------------------------- +# Ensure that the configuration variables for the Windows resource compiler +# are suitably defined. These variables are subsequently used by _LT_CONFIG +# to write the compiler configuration to `libtool'. +m4_defun([_LT_LANG_RC_CONFIG], +[AC_REQUIRE([LT_PROG_RC])dnl +AC_LANG_SAVE + +# Source file extension for RC test sources. +ac_ext=rc + +# Object file extension for compiled RC test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# Code to be used in simple compile tests +lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }' + +# Code to be used in simple link tests +lt_simple_link_test_code="$lt_simple_compile_test_code" + +# ltmain only uses $CC for tagged configurations so make sure $CC is set. +_LT_TAG_COMPILER + +# save warnings/boilerplate of simple test code +_LT_COMPILER_BOILERPLATE +_LT_LINKER_BOILERPLATE + +# Allow CC to be a program name with arguments. +lt_save_CC="$CC" +lt_save_CFLAGS=$CFLAGS +lt_save_GCC=$GCC +GCC= +CC=${RC-"windres"} +CFLAGS= +compiler=$CC +_LT_TAGVAR(compiler, $1)=$CC +_LT_CC_BASENAME([$compiler]) +_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes + +if test -n "$compiler"; then + : + _LT_CONFIG($1) +fi + +GCC=$lt_save_GCC +AC_LANG_RESTORE +CC=$lt_save_CC +CFLAGS=$lt_save_CFLAGS +])# _LT_LANG_RC_CONFIG + + +# LT_PROG_GCJ +# ----------- +AC_DEFUN([LT_PROG_GCJ], +[m4_ifdef([AC_PROG_GCJ], [AC_PROG_GCJ], + [m4_ifdef([A][M_PROG_GCJ], [A][M_PROG_GCJ], + [AC_CHECK_TOOL(GCJ, gcj,) + test "x${GCJFLAGS+set}" = xset || GCJFLAGS="-g -O2" + AC_SUBST(GCJFLAGS)])])[]dnl +]) + +# Old name: +AU_ALIAS([LT_AC_PROG_GCJ], [LT_PROG_GCJ]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([LT_AC_PROG_GCJ], []) + + +# LT_PROG_RC +# ---------- +AC_DEFUN([LT_PROG_RC], +[AC_CHECK_TOOL(RC, windres,) +]) + +# Old name: +AU_ALIAS([LT_AC_PROG_RC], [LT_PROG_RC]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([LT_AC_PROG_RC], []) + + +# _LT_DECL_EGREP +# -------------- +# If we don't have a new enough Autoconf to choose the best grep +# available, choose the one first in the user's PATH. +m4_defun([_LT_DECL_EGREP], +[AC_REQUIRE([AC_PROG_EGREP])dnl +AC_REQUIRE([AC_PROG_FGREP])dnl +test -z "$GREP" && GREP=grep +_LT_DECL([], [GREP], [1], [A grep program that handles long lines]) +_LT_DECL([], [EGREP], [1], [An ERE matcher]) +_LT_DECL([], [FGREP], [1], [A literal string matcher]) +dnl Non-bleeding-edge autoconf doesn't subst GREP, so do it here too +AC_SUBST([GREP]) +]) + + +# _LT_DECL_OBJDUMP +# -------------- +# If we don't have a new enough Autoconf to choose the best objdump +# available, choose the one first in the user's PATH. +m4_defun([_LT_DECL_OBJDUMP], +[AC_CHECK_TOOL(OBJDUMP, objdump, false) +test -z "$OBJDUMP" && OBJDUMP=objdump +_LT_DECL([], [OBJDUMP], [1], [An object symbol dumper]) +AC_SUBST([OBJDUMP]) +]) + +# _LT_DECL_DLLTOOL +# ---------------- +# Ensure DLLTOOL variable is set. +m4_defun([_LT_DECL_DLLTOOL], +[AC_CHECK_TOOL(DLLTOOL, dlltool, false) +test -z "$DLLTOOL" && DLLTOOL=dlltool +_LT_DECL([], [DLLTOOL], [1], [DLL creation program]) +AC_SUBST([DLLTOOL]) +]) + +# _LT_DECL_SED +# ------------ +# Check for a fully-functional sed program, that truncates +# as few characters as possible. Prefer GNU sed if found. +m4_defun([_LT_DECL_SED], +[AC_PROG_SED +test -z "$SED" && SED=sed +Xsed="$SED -e 1s/^X//" +_LT_DECL([], [SED], [1], [A sed program that does not truncate output]) +_LT_DECL([], [Xsed], ["\$SED -e 1s/^X//"], + [Sed that helps us avoid accidentally triggering echo(1) options like -n]) +])# _LT_DECL_SED + +m4_ifndef([AC_PROG_SED], [ +# NOTE: This macro has been submitted for inclusion into # +# GNU Autoconf as AC_PROG_SED. When it is available in # +# a released version of Autoconf we should remove this # +# macro and use it instead. # + +m4_defun([AC_PROG_SED], +[AC_MSG_CHECKING([for a sed that does not truncate output]) +AC_CACHE_VAL(lt_cv_path_SED, +[# Loop through the user's path and test for sed and gsed. +# Then use that list of sed's as ones to test for truncation. +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for lt_ac_prog in sed gsed; do + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then + lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext" + fi + done + done +done +IFS=$as_save_IFS +lt_ac_max=0 +lt_ac_count=0 +# Add /usr/xpg4/bin/sed as it is typically found on Solaris +# along with /bin/sed that truncates output. +for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do + test ! -f $lt_ac_sed && continue + cat /dev/null > conftest.in + lt_ac_count=0 + echo $ECHO_N "0123456789$ECHO_C" >conftest.in + # Check for GNU sed and select it if it is found. + if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then + lt_cv_path_SED=$lt_ac_sed + break + fi + while true; do + cat conftest.in conftest.in >conftest.tmp + mv conftest.tmp conftest.in + cp conftest.in conftest.nl + echo >>conftest.nl + $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break + cmp -s conftest.out conftest.nl || break + # 10000 chars as input seems more than enough + test $lt_ac_count -gt 10 && break + lt_ac_count=`expr $lt_ac_count + 1` + if test $lt_ac_count -gt $lt_ac_max; then + lt_ac_max=$lt_ac_count + lt_cv_path_SED=$lt_ac_sed + fi + done +done +]) +SED=$lt_cv_path_SED +AC_SUBST([SED]) +AC_MSG_RESULT([$SED]) +])#AC_PROG_SED +])#m4_ifndef + +# Old name: +AU_ALIAS([LT_AC_PROG_SED], [AC_PROG_SED]) +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([LT_AC_PROG_SED], []) + + +# _LT_CHECK_SHELL_FEATURES +# ------------------------ +# Find out whether the shell is Bourne or XSI compatible, +# or has some other useful features. +m4_defun([_LT_CHECK_SHELL_FEATURES], +[AC_MSG_CHECKING([whether the shell understands some XSI constructs]) +# Try some XSI features +xsi_shell=no +( _lt_dummy="a/b/c" + test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \ + = c,a/b,b/c, \ + && eval 'test $(( 1 + 1 )) -eq 2 \ + && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \ + && xsi_shell=yes +AC_MSG_RESULT([$xsi_shell]) +_LT_CONFIG_LIBTOOL_INIT([xsi_shell='$xsi_shell']) + +AC_MSG_CHECKING([whether the shell understands "+="]) +lt_shell_append=no +( foo=bar; set foo baz; eval "$[1]+=\$[2]" && test "$foo" = barbaz ) \ + >/dev/null 2>&1 \ + && lt_shell_append=yes +AC_MSG_RESULT([$lt_shell_append]) +_LT_CONFIG_LIBTOOL_INIT([lt_shell_append='$lt_shell_append']) + +if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then + lt_unset=unset +else + lt_unset=false +fi +_LT_DECL([], [lt_unset], [0], [whether the shell understands "unset"])dnl + +# test EBCDIC or ASCII +case `echo X|tr X '\101'` in + A) # ASCII based system + # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr + lt_SP2NL='tr \040 \012' + lt_NL2SP='tr \015\012 \040\040' + ;; + *) # EBCDIC based system + lt_SP2NL='tr \100 \n' + lt_NL2SP='tr \r\n \100\100' + ;; +esac +_LT_DECL([SP2NL], [lt_SP2NL], [1], [turn spaces into newlines])dnl +_LT_DECL([NL2SP], [lt_NL2SP], [1], [turn newlines into spaces])dnl +])# _LT_CHECK_SHELL_FEATURES + + +# _LT_PROG_FUNCTION_REPLACE (FUNCNAME, REPLACEMENT-BODY) +# ------------------------------------------------------ +# In `$cfgfile', look for function FUNCNAME delimited by `^FUNCNAME ()$' and +# '^} FUNCNAME ', and replace its body with REPLACEMENT-BODY. +m4_defun([_LT_PROG_FUNCTION_REPLACE], +[dnl { +sed -e '/^$1 ()$/,/^} # $1 /c\ +$1 ()\ +{\ +m4_bpatsubsts([$2], [$], [\\], [^\([ ]\)], [\\\1]) +} # Extended-shell $1 implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: +]) + + +# _LT_PROG_REPLACE_SHELLFNS +# ------------------------- +# Replace existing portable implementations of several shell functions with +# equivalent extended shell implementations where those features are available.. +m4_defun([_LT_PROG_REPLACE_SHELLFNS], +[if test x"$xsi_shell" = xyes; then + _LT_PROG_FUNCTION_REPLACE([func_dirname], [dnl + case ${1} in + */*) func_dirname_result="${1%/*}${2}" ;; + * ) func_dirname_result="${3}" ;; + esac]) + + _LT_PROG_FUNCTION_REPLACE([func_basename], [dnl + func_basename_result="${1##*/}"]) + + _LT_PROG_FUNCTION_REPLACE([func_dirname_and_basename], [dnl + case ${1} in + */*) func_dirname_result="${1%/*}${2}" ;; + * ) func_dirname_result="${3}" ;; + esac + func_basename_result="${1##*/}"]) + + _LT_PROG_FUNCTION_REPLACE([func_stripname], [dnl + # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are + # positional parameters, so assign one to ordinary parameter first. + func_stripname_result=${3} + func_stripname_result=${func_stripname_result#"${1}"} + func_stripname_result=${func_stripname_result%"${2}"}]) + + _LT_PROG_FUNCTION_REPLACE([func_split_long_opt], [dnl + func_split_long_opt_name=${1%%=*} + func_split_long_opt_arg=${1#*=}]) + + _LT_PROG_FUNCTION_REPLACE([func_split_short_opt], [dnl + func_split_short_opt_arg=${1#??} + func_split_short_opt_name=${1%"$func_split_short_opt_arg"}]) + + _LT_PROG_FUNCTION_REPLACE([func_lo2o], [dnl + case ${1} in + *.lo) func_lo2o_result=${1%.lo}.${objext} ;; + *) func_lo2o_result=${1} ;; + esac]) + + _LT_PROG_FUNCTION_REPLACE([func_xform], [ func_xform_result=${1%.*}.lo]) + + _LT_PROG_FUNCTION_REPLACE([func_arith], [ func_arith_result=$(( $[*] ))]) + + _LT_PROG_FUNCTION_REPLACE([func_len], [ func_len_result=${#1}]) +fi + +if test x"$lt_shell_append" = xyes; then + _LT_PROG_FUNCTION_REPLACE([func_append], [ eval "${1}+=\\${2}"]) + + _LT_PROG_FUNCTION_REPLACE([func_append_quoted], [dnl + func_quote_for_eval "${2}" +dnl m4 expansion turns \\\\ into \\, and then the shell eval turns that into \ + eval "${1}+=\\\\ \\$func_quote_for_eval_result"]) + + # Save a `func_append' function call where possible by direct use of '+=' + sed -e 's%func_append \([[a-zA-Z_]]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +else + # Save a `func_append' function call even when '+=' is not available + sed -e 's%func_append \([[a-zA-Z_]]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +fi + +if test x"$_lt_function_replace_fail" = x":"; then + AC_MSG_WARN([Unable to substitute extended shell functions in $ofile]) +fi +]) + +# _LT_PATH_CONVERSION_FUNCTIONS +# ----------------------------- +# Determine which file name conversion functions should be used by +# func_to_host_file (and, implicitly, by func_to_host_path). These are needed +# for certain cross-compile configurations and native mingw. +m4_defun([_LT_PATH_CONVERSION_FUNCTIONS], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +AC_REQUIRE([AC_CANONICAL_BUILD])dnl +AC_MSG_CHECKING([how to convert $build file names to $host format]) +AC_CACHE_VAL(lt_cv_to_host_file_cmd, +[case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32 + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32 + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32 + ;; + esac + ;; + *-*-cygwin* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin + ;; + esac + ;; + * ) # unhandled hosts (and "normal" native builds) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; +esac +]) +to_host_file_cmd=$lt_cv_to_host_file_cmd +AC_MSG_RESULT([$lt_cv_to_host_file_cmd]) +_LT_DECL([to_host_file_cmd], [lt_cv_to_host_file_cmd], + [0], [convert $build file names to $host format])dnl + +AC_MSG_CHECKING([how to convert $build file names to toolchain format]) +AC_CACHE_VAL(lt_cv_to_tool_file_cmd, +[#assume ordinary cross tools, or native build. +lt_cv_to_tool_file_cmd=func_convert_file_noop +case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32 + ;; + esac + ;; +esac +]) +to_tool_file_cmd=$lt_cv_to_tool_file_cmd +AC_MSG_RESULT([$lt_cv_to_tool_file_cmd]) +_LT_DECL([to_tool_file_cmd], [lt_cv_to_tool_file_cmd], + [0], [convert $build files to toolchain format])dnl +])# _LT_PATH_CONVERSION_FUNCTIONS + +# Helper functions for option handling. -*- Autoconf -*- +# +# Copyright (C) 2004, 2005, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# Written by Gary V. Vaughan, 2004 +# +# This file is free software; the Free Software Foundation gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. + +# serial 7 ltoptions.m4 + +# This is to help aclocal find these macros, as it can't see m4_define. +AC_DEFUN([LTOPTIONS_VERSION], [m4_if([1])]) + + +# _LT_MANGLE_OPTION(MACRO-NAME, OPTION-NAME) +# ------------------------------------------ +m4_define([_LT_MANGLE_OPTION], +[[_LT_OPTION_]m4_bpatsubst($1__$2, [[^a-zA-Z0-9_]], [_])]) + + +# _LT_SET_OPTION(MACRO-NAME, OPTION-NAME) +# --------------------------------------- +# Set option OPTION-NAME for macro MACRO-NAME, and if there is a +# matching handler defined, dispatch to it. Other OPTION-NAMEs are +# saved as a flag. +m4_define([_LT_SET_OPTION], +[m4_define(_LT_MANGLE_OPTION([$1], [$2]))dnl +m4_ifdef(_LT_MANGLE_DEFUN([$1], [$2]), + _LT_MANGLE_DEFUN([$1], [$2]), + [m4_warning([Unknown $1 option `$2'])])[]dnl +]) + + +# _LT_IF_OPTION(MACRO-NAME, OPTION-NAME, IF-SET, [IF-NOT-SET]) +# ------------------------------------------------------------ +# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. +m4_define([_LT_IF_OPTION], +[m4_ifdef(_LT_MANGLE_OPTION([$1], [$2]), [$3], [$4])]) + + +# _LT_UNLESS_OPTIONS(MACRO-NAME, OPTION-LIST, IF-NOT-SET) +# ------------------------------------------------------- +# Execute IF-NOT-SET unless all options in OPTION-LIST for MACRO-NAME +# are set. +m4_define([_LT_UNLESS_OPTIONS], +[m4_foreach([_LT_Option], m4_split(m4_normalize([$2])), + [m4_ifdef(_LT_MANGLE_OPTION([$1], _LT_Option), + [m4_define([$0_found])])])[]dnl +m4_ifdef([$0_found], [m4_undefine([$0_found])], [$3 +])[]dnl +]) + + +# _LT_SET_OPTIONS(MACRO-NAME, OPTION-LIST) +# ---------------------------------------- +# OPTION-LIST is a space-separated list of Libtool options associated +# with MACRO-NAME. If any OPTION has a matching handler declared with +# LT_OPTION_DEFINE, dispatch to that macro; otherwise complain about +# the unknown option and exit. +m4_defun([_LT_SET_OPTIONS], +[# Set options +m4_foreach([_LT_Option], m4_split(m4_normalize([$2])), + [_LT_SET_OPTION([$1], _LT_Option)]) + +m4_if([$1],[LT_INIT],[ + dnl + dnl Simply set some default values (i.e off) if boolean options were not + dnl specified: + _LT_UNLESS_OPTIONS([LT_INIT], [dlopen], [enable_dlopen=no + ]) + _LT_UNLESS_OPTIONS([LT_INIT], [win32-dll], [enable_win32_dll=no + ]) + dnl + dnl If no reference was made to various pairs of opposing options, then + dnl we run the default mode handler for the pair. For example, if neither + dnl `shared' nor `disable-shared' was passed, we enable building of shared + dnl archives by default: + _LT_UNLESS_OPTIONS([LT_INIT], [shared disable-shared], [_LT_ENABLE_SHARED]) + _LT_UNLESS_OPTIONS([LT_INIT], [static disable-static], [_LT_ENABLE_STATIC]) + _LT_UNLESS_OPTIONS([LT_INIT], [pic-only no-pic], [_LT_WITH_PIC]) + _LT_UNLESS_OPTIONS([LT_INIT], [fast-install disable-fast-install], + [_LT_ENABLE_FAST_INSTALL]) + ]) +])# _LT_SET_OPTIONS + + + +# _LT_MANGLE_DEFUN(MACRO-NAME, OPTION-NAME) +# ----------------------------------------- +m4_define([_LT_MANGLE_DEFUN], +[[_LT_OPTION_DEFUN_]m4_bpatsubst(m4_toupper([$1__$2]), [[^A-Z0-9_]], [_])]) + + +# LT_OPTION_DEFINE(MACRO-NAME, OPTION-NAME, CODE) +# ----------------------------------------------- +m4_define([LT_OPTION_DEFINE], +[m4_define(_LT_MANGLE_DEFUN([$1], [$2]), [$3])[]dnl +])# LT_OPTION_DEFINE + + +# dlopen +# ------ +LT_OPTION_DEFINE([LT_INIT], [dlopen], [enable_dlopen=yes +]) + +AU_DEFUN([AC_LIBTOOL_DLOPEN], +[_LT_SET_OPTION([LT_INIT], [dlopen]) +AC_DIAGNOSE([obsolete], +[$0: Remove this warning and the call to _LT_SET_OPTION when you +put the `dlopen' option into LT_INIT's first parameter.]) +]) + +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_DLOPEN], []) + + +# win32-dll +# --------- +# Declare package support for building win32 dll's. +LT_OPTION_DEFINE([LT_INIT], [win32-dll], +[enable_win32_dll=yes + +case $host in +*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*) + AC_CHECK_TOOL(AS, as, false) + AC_CHECK_TOOL(DLLTOOL, dlltool, false) + AC_CHECK_TOOL(OBJDUMP, objdump, false) + ;; +esac + +test -z "$AS" && AS=as +_LT_DECL([], [AS], [1], [Assembler program])dnl + +test -z "$DLLTOOL" && DLLTOOL=dlltool +_LT_DECL([], [DLLTOOL], [1], [DLL creation program])dnl + +test -z "$OBJDUMP" && OBJDUMP=objdump +_LT_DECL([], [OBJDUMP], [1], [Object dumper program])dnl +])# win32-dll + +AU_DEFUN([AC_LIBTOOL_WIN32_DLL], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +_LT_SET_OPTION([LT_INIT], [win32-dll]) +AC_DIAGNOSE([obsolete], +[$0: Remove this warning and the call to _LT_SET_OPTION when you +put the `win32-dll' option into LT_INIT's first parameter.]) +]) + +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_WIN32_DLL], []) + + +# _LT_ENABLE_SHARED([DEFAULT]) +# ---------------------------- +# implement the --enable-shared flag, and supports the `shared' and +# `disable-shared' LT_INIT options. +# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. +m4_define([_LT_ENABLE_SHARED], +[m4_define([_LT_ENABLE_SHARED_DEFAULT], [m4_if($1, no, no, yes)])dnl +AC_ARG_ENABLE([shared], + [AS_HELP_STRING([--enable-shared@<:@=PKGS@:>@], + [build shared libraries @<:@default=]_LT_ENABLE_SHARED_DEFAULT[@:>@])], + [p=${PACKAGE-default} + case $enableval in + yes) enable_shared=yes ;; + no) enable_shared=no ;; + *) + enable_shared=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_shared=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac], + [enable_shared=]_LT_ENABLE_SHARED_DEFAULT) + + _LT_DECL([build_libtool_libs], [enable_shared], [0], + [Whether or not to build shared libraries]) +])# _LT_ENABLE_SHARED + +LT_OPTION_DEFINE([LT_INIT], [shared], [_LT_ENABLE_SHARED([yes])]) +LT_OPTION_DEFINE([LT_INIT], [disable-shared], [_LT_ENABLE_SHARED([no])]) + +# Old names: +AC_DEFUN([AC_ENABLE_SHARED], +[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[shared]) +]) + +AC_DEFUN([AC_DISABLE_SHARED], +[_LT_SET_OPTION([LT_INIT], [disable-shared]) +]) + +AU_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)]) +AU_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)]) + +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AM_ENABLE_SHARED], []) +dnl AC_DEFUN([AM_DISABLE_SHARED], []) + + + +# _LT_ENABLE_STATIC([DEFAULT]) +# ---------------------------- +# implement the --enable-static flag, and support the `static' and +# `disable-static' LT_INIT options. +# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. +m4_define([_LT_ENABLE_STATIC], +[m4_define([_LT_ENABLE_STATIC_DEFAULT], [m4_if($1, no, no, yes)])dnl +AC_ARG_ENABLE([static], + [AS_HELP_STRING([--enable-static@<:@=PKGS@:>@], + [build static libraries @<:@default=]_LT_ENABLE_STATIC_DEFAULT[@:>@])], + [p=${PACKAGE-default} + case $enableval in + yes) enable_static=yes ;; + no) enable_static=no ;; + *) + enable_static=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_static=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac], + [enable_static=]_LT_ENABLE_STATIC_DEFAULT) + + _LT_DECL([build_old_libs], [enable_static], [0], + [Whether or not to build static libraries]) +])# _LT_ENABLE_STATIC + +LT_OPTION_DEFINE([LT_INIT], [static], [_LT_ENABLE_STATIC([yes])]) +LT_OPTION_DEFINE([LT_INIT], [disable-static], [_LT_ENABLE_STATIC([no])]) + +# Old names: +AC_DEFUN([AC_ENABLE_STATIC], +[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[static]) +]) + +AC_DEFUN([AC_DISABLE_STATIC], +[_LT_SET_OPTION([LT_INIT], [disable-static]) +]) + +AU_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)]) +AU_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)]) + +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AM_ENABLE_STATIC], []) +dnl AC_DEFUN([AM_DISABLE_STATIC], []) + + + +# _LT_ENABLE_FAST_INSTALL([DEFAULT]) +# ---------------------------------- +# implement the --enable-fast-install flag, and support the `fast-install' +# and `disable-fast-install' LT_INIT options. +# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. +m4_define([_LT_ENABLE_FAST_INSTALL], +[m4_define([_LT_ENABLE_FAST_INSTALL_DEFAULT], [m4_if($1, no, no, yes)])dnl +AC_ARG_ENABLE([fast-install], + [AS_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@], + [optimize for fast installation @<:@default=]_LT_ENABLE_FAST_INSTALL_DEFAULT[@:>@])], + [p=${PACKAGE-default} + case $enableval in + yes) enable_fast_install=yes ;; + no) enable_fast_install=no ;; + *) + enable_fast_install=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_fast_install=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac], + [enable_fast_install=]_LT_ENABLE_FAST_INSTALL_DEFAULT) + +_LT_DECL([fast_install], [enable_fast_install], [0], + [Whether or not to optimize for fast installation])dnl +])# _LT_ENABLE_FAST_INSTALL + +LT_OPTION_DEFINE([LT_INIT], [fast-install], [_LT_ENABLE_FAST_INSTALL([yes])]) +LT_OPTION_DEFINE([LT_INIT], [disable-fast-install], [_LT_ENABLE_FAST_INSTALL([no])]) + +# Old names: +AU_DEFUN([AC_ENABLE_FAST_INSTALL], +[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[fast-install]) +AC_DIAGNOSE([obsolete], +[$0: Remove this warning and the call to _LT_SET_OPTION when you put +the `fast-install' option into LT_INIT's first parameter.]) +]) + +AU_DEFUN([AC_DISABLE_FAST_INSTALL], +[_LT_SET_OPTION([LT_INIT], [disable-fast-install]) +AC_DIAGNOSE([obsolete], +[$0: Remove this warning and the call to _LT_SET_OPTION when you put +the `disable-fast-install' option into LT_INIT's first parameter.]) +]) + +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_ENABLE_FAST_INSTALL], []) +dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], []) + + +# _LT_WITH_PIC([MODE]) +# -------------------- +# implement the --with-pic flag, and support the `pic-only' and `no-pic' +# LT_INIT options. +# MODE is either `yes' or `no'. If omitted, it defaults to `both'. +m4_define([_LT_WITH_PIC], +[AC_ARG_WITH([pic], + [AS_HELP_STRING([--with-pic], + [try to use only PIC/non-PIC objects @<:@default=use both@:>@])], + [pic_mode="$withval"], + [pic_mode=default]) + +test -z "$pic_mode" && pic_mode=m4_default([$1], [default]) + +_LT_DECL([], [pic_mode], [0], [What type of objects to build])dnl +])# _LT_WITH_PIC + +LT_OPTION_DEFINE([LT_INIT], [pic-only], [_LT_WITH_PIC([yes])]) +LT_OPTION_DEFINE([LT_INIT], [no-pic], [_LT_WITH_PIC([no])]) + +# Old name: +AU_DEFUN([AC_LIBTOOL_PICMODE], +[_LT_SET_OPTION([LT_INIT], [pic-only]) +AC_DIAGNOSE([obsolete], +[$0: Remove this warning and the call to _LT_SET_OPTION when you +put the `pic-only' option into LT_INIT's first parameter.]) +]) + +dnl aclocal-1.4 backwards compatibility: +dnl AC_DEFUN([AC_LIBTOOL_PICMODE], []) + + +m4_define([_LTDL_MODE], []) +LT_OPTION_DEFINE([LTDL_INIT], [nonrecursive], + [m4_define([_LTDL_MODE], [nonrecursive])]) +LT_OPTION_DEFINE([LTDL_INIT], [recursive], + [m4_define([_LTDL_MODE], [recursive])]) +LT_OPTION_DEFINE([LTDL_INIT], [subproject], + [m4_define([_LTDL_MODE], [subproject])]) + +m4_define([_LTDL_TYPE], []) +LT_OPTION_DEFINE([LTDL_INIT], [installable], + [m4_define([_LTDL_TYPE], [installable])]) +LT_OPTION_DEFINE([LTDL_INIT], [convenience], + [m4_define([_LTDL_TYPE], [convenience])]) + +# ltsugar.m4 -- libtool m4 base layer. -*-Autoconf-*- +# +# Copyright (C) 2004, 2005, 2007, 2008 Free Software Foundation, Inc. +# Written by Gary V. Vaughan, 2004 +# +# This file is free software; the Free Software Foundation gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. + +# serial 6 ltsugar.m4 + +# This is to help aclocal find these macros, as it can't see m4_define. +AC_DEFUN([LTSUGAR_VERSION], [m4_if([0.1])]) + + +# lt_join(SEP, ARG1, [ARG2...]) +# ----------------------------- +# Produce ARG1SEPARG2...SEPARGn, omitting [] arguments and their +# associated separator. +# Needed until we can rely on m4_join from Autoconf 2.62, since all earlier +# versions in m4sugar had bugs. +m4_define([lt_join], +[m4_if([$#], [1], [], + [$#], [2], [[$2]], + [m4_if([$2], [], [], [[$2]_])$0([$1], m4_shift(m4_shift($@)))])]) +m4_define([_lt_join], +[m4_if([$#$2], [2], [], + [m4_if([$2], [], [], [[$1$2]])$0([$1], m4_shift(m4_shift($@)))])]) + + +# lt_car(LIST) +# lt_cdr(LIST) +# ------------ +# Manipulate m4 lists. +# These macros are necessary as long as will still need to support +# Autoconf-2.59 which quotes differently. +m4_define([lt_car], [[$1]]) +m4_define([lt_cdr], +[m4_if([$#], 0, [m4_fatal([$0: cannot be called without arguments])], + [$#], 1, [], + [m4_dquote(m4_shift($@))])]) +m4_define([lt_unquote], $1) + + +# lt_append(MACRO-NAME, STRING, [SEPARATOR]) +# ------------------------------------------ +# Redefine MACRO-NAME to hold its former content plus `SEPARATOR'`STRING'. +# Note that neither SEPARATOR nor STRING are expanded; they are appended +# to MACRO-NAME as is (leaving the expansion for when MACRO-NAME is invoked). +# No SEPARATOR is output if MACRO-NAME was previously undefined (different +# than defined and empty). +# +# This macro is needed until we can rely on Autoconf 2.62, since earlier +# versions of m4sugar mistakenly expanded SEPARATOR but not STRING. +m4_define([lt_append], +[m4_define([$1], + m4_ifdef([$1], [m4_defn([$1])[$3]])[$2])]) + + + +# lt_combine(SEP, PREFIX-LIST, INFIX, SUFFIX1, [SUFFIX2...]) +# ---------------------------------------------------------- +# Produce a SEP delimited list of all paired combinations of elements of +# PREFIX-LIST with SUFFIX1 through SUFFIXn. Each element of the list +# has the form PREFIXmINFIXSUFFIXn. +# Needed until we can rely on m4_combine added in Autoconf 2.62. +m4_define([lt_combine], +[m4_if(m4_eval([$# > 3]), [1], + [m4_pushdef([_Lt_sep], [m4_define([_Lt_sep], m4_defn([lt_car]))])]]dnl +[[m4_foreach([_Lt_prefix], [$2], + [m4_foreach([_Lt_suffix], + ]m4_dquote(m4_dquote(m4_shift(m4_shift(m4_shift($@)))))[, + [_Lt_sep([$1])[]m4_defn([_Lt_prefix])[$3]m4_defn([_Lt_suffix])])])])]) + + +# lt_if_append_uniq(MACRO-NAME, VARNAME, [SEPARATOR], [UNIQ], [NOT-UNIQ]) +# ----------------------------------------------------------------------- +# Iff MACRO-NAME does not yet contain VARNAME, then append it (delimited +# by SEPARATOR if supplied) and expand UNIQ, else NOT-UNIQ. +m4_define([lt_if_append_uniq], +[m4_ifdef([$1], + [m4_if(m4_index([$3]m4_defn([$1])[$3], [$3$2$3]), [-1], + [lt_append([$1], [$2], [$3])$4], + [$5])], + [lt_append([$1], [$2], [$3])$4])]) + + +# lt_dict_add(DICT, KEY, VALUE) +# ----------------------------- +m4_define([lt_dict_add], +[m4_define([$1($2)], [$3])]) + + +# lt_dict_add_subkey(DICT, KEY, SUBKEY, VALUE) +# -------------------------------------------- +m4_define([lt_dict_add_subkey], +[m4_define([$1($2:$3)], [$4])]) + + +# lt_dict_fetch(DICT, KEY, [SUBKEY]) +# ---------------------------------- +m4_define([lt_dict_fetch], +[m4_ifval([$3], + m4_ifdef([$1($2:$3)], [m4_defn([$1($2:$3)])]), + m4_ifdef([$1($2)], [m4_defn([$1($2)])]))]) + + +# lt_if_dict_fetch(DICT, KEY, [SUBKEY], VALUE, IF-TRUE, [IF-FALSE]) +# ----------------------------------------------------------------- +m4_define([lt_if_dict_fetch], +[m4_if(lt_dict_fetch([$1], [$2], [$3]), [$4], + [$5], + [$6])]) + + +# lt_dict_filter(DICT, [SUBKEY], VALUE, [SEPARATOR], KEY, [...]) +# -------------------------------------------------------------- +m4_define([lt_dict_filter], +[m4_if([$5], [], [], + [lt_join(m4_quote(m4_default([$4], [[, ]])), + lt_unquote(m4_split(m4_normalize(m4_foreach(_Lt_key, lt_car([m4_shiftn(4, $@)]), + [lt_if_dict_fetch([$1], _Lt_key, [$2], [$3], [_Lt_key ])])))))])[]dnl +]) + +# ltversion.m4 -- version numbers -*- Autoconf -*- +# +# Copyright (C) 2004 Free Software Foundation, Inc. +# Written by Scott James Remnant, 2004 +# +# This file is free software; the Free Software Foundation gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. + +# @configure_input@ + +# serial 3293 ltversion.m4 +# This file is part of GNU Libtool + +m4_define([LT_PACKAGE_VERSION], [2.4]) +m4_define([LT_PACKAGE_REVISION], [1.3293]) + +AC_DEFUN([LTVERSION_VERSION], +[macro_version='2.4' +macro_revision='1.3293' +_LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?]) +_LT_DECL(, macro_revision, 0) +]) + +# lt~obsolete.m4 -- aclocal satisfying obsolete definitions. -*-Autoconf-*- +# +# Copyright (C) 2004, 2005, 2007, 2009 Free Software Foundation, Inc. +# Written by Scott James Remnant, 2004. +# +# This file is free software; the Free Software Foundation gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. + +# serial 5 lt~obsolete.m4 + +# These exist entirely to fool aclocal when bootstrapping libtool. +# +# In the past libtool.m4 has provided macros via AC_DEFUN (or AU_DEFUN) +# which have later been changed to m4_define as they aren't part of the +# exported API, or moved to Autoconf or Automake where they belong. +# +# The trouble is, aclocal is a bit thick. It'll see the old AC_DEFUN +# in /usr/share/aclocal/libtool.m4 and remember it, then when it sees us +# using a macro with the same name in our local m4/libtool.m4 it'll +# pull the old libtool.m4 in (it doesn't see our shiny new m4_define +# and doesn't know about Autoconf macros at all.) +# +# So we provide this file, which has a silly filename so it's always +# included after everything else. This provides aclocal with the +# AC_DEFUNs it wants, but when m4 processes it, it doesn't do anything +# because those macros already exist, or will be overwritten later. +# We use AC_DEFUN over AU_DEFUN for compatibility with aclocal-1.6. +# +# Anytime we withdraw an AC_DEFUN or AU_DEFUN, remember to add it here. +# Yes, that means every name once taken will need to remain here until +# we give up compatibility with versions before 1.7, at which point +# we need to keep only those names which we still refer to. + +# This is to help aclocal find these macros, as it can't see m4_define. +AC_DEFUN([LTOBSOLETE_VERSION], [m4_if([1])]) + +m4_ifndef([AC_LIBTOOL_LINKER_OPTION], [AC_DEFUN([AC_LIBTOOL_LINKER_OPTION])]) +m4_ifndef([AC_PROG_EGREP], [AC_DEFUN([AC_PROG_EGREP])]) +m4_ifndef([_LT_AC_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH])]) +m4_ifndef([_LT_AC_SHELL_INIT], [AC_DEFUN([_LT_AC_SHELL_INIT])]) +m4_ifndef([_LT_AC_SYS_LIBPATH_AIX], [AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX])]) +m4_ifndef([_LT_PROG_LTMAIN], [AC_DEFUN([_LT_PROG_LTMAIN])]) +m4_ifndef([_LT_AC_TAGVAR], [AC_DEFUN([_LT_AC_TAGVAR])]) +m4_ifndef([AC_LTDL_ENABLE_INSTALL], [AC_DEFUN([AC_LTDL_ENABLE_INSTALL])]) +m4_ifndef([AC_LTDL_PREOPEN], [AC_DEFUN([AC_LTDL_PREOPEN])]) +m4_ifndef([_LT_AC_SYS_COMPILER], [AC_DEFUN([_LT_AC_SYS_COMPILER])]) +m4_ifndef([_LT_AC_LOCK], [AC_DEFUN([_LT_AC_LOCK])]) +m4_ifndef([AC_LIBTOOL_SYS_OLD_ARCHIVE], [AC_DEFUN([AC_LIBTOOL_SYS_OLD_ARCHIVE])]) +m4_ifndef([_LT_AC_TRY_DLOPEN_SELF], [AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF])]) +m4_ifndef([AC_LIBTOOL_PROG_CC_C_O], [AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O])]) +m4_ifndef([AC_LIBTOOL_SYS_HARD_LINK_LOCKS], [AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS])]) +m4_ifndef([AC_LIBTOOL_OBJDIR], [AC_DEFUN([AC_LIBTOOL_OBJDIR])]) +m4_ifndef([AC_LTDL_OBJDIR], [AC_DEFUN([AC_LTDL_OBJDIR])]) +m4_ifndef([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH], [AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH])]) +m4_ifndef([AC_LIBTOOL_SYS_LIB_STRIP], [AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP])]) +m4_ifndef([AC_PATH_MAGIC], [AC_DEFUN([AC_PATH_MAGIC])]) +m4_ifndef([AC_PROG_LD_GNU], [AC_DEFUN([AC_PROG_LD_GNU])]) +m4_ifndef([AC_PROG_LD_RELOAD_FLAG], [AC_DEFUN([AC_PROG_LD_RELOAD_FLAG])]) +m4_ifndef([AC_DEPLIBS_CHECK_METHOD], [AC_DEFUN([AC_DEPLIBS_CHECK_METHOD])]) +m4_ifndef([AC_LIBTOOL_PROG_COMPILER_NO_RTTI], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI])]) +m4_ifndef([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE], [AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE])]) +m4_ifndef([AC_LIBTOOL_PROG_COMPILER_PIC], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC])]) +m4_ifndef([AC_LIBTOOL_PROG_LD_SHLIBS], [AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS])]) +m4_ifndef([AC_LIBTOOL_POSTDEP_PREDEP], [AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP])]) +m4_ifndef([LT_AC_PROG_EGREP], [AC_DEFUN([LT_AC_PROG_EGREP])]) +m4_ifndef([LT_AC_PROG_SED], [AC_DEFUN([LT_AC_PROG_SED])]) +m4_ifndef([_LT_CC_BASENAME], [AC_DEFUN([_LT_CC_BASENAME])]) +m4_ifndef([_LT_COMPILER_BOILERPLATE], [AC_DEFUN([_LT_COMPILER_BOILERPLATE])]) +m4_ifndef([_LT_LINKER_BOILERPLATE], [AC_DEFUN([_LT_LINKER_BOILERPLATE])]) +m4_ifndef([_AC_PROG_LIBTOOL], [AC_DEFUN([_AC_PROG_LIBTOOL])]) +m4_ifndef([AC_LIBTOOL_SETUP], [AC_DEFUN([AC_LIBTOOL_SETUP])]) +m4_ifndef([_LT_AC_CHECK_DLFCN], [AC_DEFUN([_LT_AC_CHECK_DLFCN])]) +m4_ifndef([AC_LIBTOOL_SYS_DYNAMIC_LINKER], [AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER])]) +m4_ifndef([_LT_AC_TAGCONFIG], [AC_DEFUN([_LT_AC_TAGCONFIG])]) +m4_ifndef([AC_DISABLE_FAST_INSTALL], [AC_DEFUN([AC_DISABLE_FAST_INSTALL])]) +m4_ifndef([_LT_AC_LANG_CXX], [AC_DEFUN([_LT_AC_LANG_CXX])]) +m4_ifndef([_LT_AC_LANG_F77], [AC_DEFUN([_LT_AC_LANG_F77])]) +m4_ifndef([_LT_AC_LANG_GCJ], [AC_DEFUN([_LT_AC_LANG_GCJ])]) +m4_ifndef([AC_LIBTOOL_LANG_C_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG])]) +m4_ifndef([_LT_AC_LANG_C_CONFIG], [AC_DEFUN([_LT_AC_LANG_C_CONFIG])]) +m4_ifndef([AC_LIBTOOL_LANG_CXX_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG])]) +m4_ifndef([_LT_AC_LANG_CXX_CONFIG], [AC_DEFUN([_LT_AC_LANG_CXX_CONFIG])]) +m4_ifndef([AC_LIBTOOL_LANG_F77_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_F77_CONFIG])]) +m4_ifndef([_LT_AC_LANG_F77_CONFIG], [AC_DEFUN([_LT_AC_LANG_F77_CONFIG])]) +m4_ifndef([AC_LIBTOOL_LANG_GCJ_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_GCJ_CONFIG])]) +m4_ifndef([_LT_AC_LANG_GCJ_CONFIG], [AC_DEFUN([_LT_AC_LANG_GCJ_CONFIG])]) +m4_ifndef([AC_LIBTOOL_LANG_RC_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_RC_CONFIG])]) +m4_ifndef([_LT_AC_LANG_RC_CONFIG], [AC_DEFUN([_LT_AC_LANG_RC_CONFIG])]) +m4_ifndef([AC_LIBTOOL_CONFIG], [AC_DEFUN([AC_LIBTOOL_CONFIG])]) +m4_ifndef([_LT_AC_FILE_LTDLL_C], [AC_DEFUN([_LT_AC_FILE_LTDLL_C])]) +m4_ifndef([_LT_REQUIRED_DARWIN_CHECKS], [AC_DEFUN([_LT_REQUIRED_DARWIN_CHECKS])]) +m4_ifndef([_LT_AC_PROG_CXXCPP], [AC_DEFUN([_LT_AC_PROG_CXXCPP])]) +m4_ifndef([_LT_PREPARE_SED_QUOTE_VARS], [AC_DEFUN([_LT_PREPARE_SED_QUOTE_VARS])]) +m4_ifndef([_LT_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_PROG_ECHO_BACKSLASH])]) +m4_ifndef([_LT_PROG_F77], [AC_DEFUN([_LT_PROG_F77])]) +m4_ifndef([_LT_PROG_FC], [AC_DEFUN([_LT_PROG_FC])]) +m4_ifndef([_LT_PROG_CXX], [AC_DEFUN([_LT_PROG_CXX])]) + +# Copyright (C) 2002, 2003, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_AUTOMAKE_VERSION(VERSION) +# ---------------------------- +# Automake X.Y traces this macro to ensure aclocal.m4 has been +# generated from the m4 files accompanying Automake X.Y. +# (This private macro should not be called outside this file.) +AC_DEFUN([AM_AUTOMAKE_VERSION], +[am__api_version='1.11' +dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to +dnl require some minimum version. Point them to the right macro. +m4_if([$1], [1.11.1], [], + [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl +]) + +# _AM_AUTOCONF_VERSION(VERSION) +# ----------------------------- +# aclocal traces this macro to find the Autoconf version. +# This is a private macro too. Using m4_define simplifies +# the logic in aclocal, which can simply ignore this definition. +m4_define([_AM_AUTOCONF_VERSION], []) + +# AM_SET_CURRENT_AUTOMAKE_VERSION +# ------------------------------- +# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. +# This function is AC_REQUIREd by AM_INIT_AUTOMAKE. +AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], +[AM_AUTOMAKE_VERSION([1.11.1])dnl +m4_ifndef([AC_AUTOCONF_VERSION], + [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl +_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) + +# AM_AUX_DIR_EXPAND -*- Autoconf -*- + +# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets +# $ac_aux_dir to `$srcdir/foo'. In other projects, it is set to +# `$srcdir', `$srcdir/..', or `$srcdir/../..'. +# +# Of course, Automake must honor this variable whenever it calls a +# tool from the auxiliary directory. The problem is that $srcdir (and +# therefore $ac_aux_dir as well) can be either absolute or relative, +# depending on how configure is run. This is pretty annoying, since +# it makes $ac_aux_dir quite unusable in subdirectories: in the top +# source directory, any form will work fine, but in subdirectories a +# relative path needs to be adjusted first. +# +# $ac_aux_dir/missing +# fails when called from a subdirectory if $ac_aux_dir is relative +# $top_srcdir/$ac_aux_dir/missing +# fails if $ac_aux_dir is absolute, +# fails when called from a subdirectory in a VPATH build with +# a relative $ac_aux_dir +# +# The reason of the latter failure is that $top_srcdir and $ac_aux_dir +# are both prefixed by $srcdir. In an in-source build this is usually +# harmless because $srcdir is `.', but things will broke when you +# start a VPATH build or use an absolute $srcdir. +# +# So we could use something similar to $top_srcdir/$ac_aux_dir/missing, +# iff we strip the leading $srcdir from $ac_aux_dir. That would be: +# am_aux_dir='\$(top_srcdir)/'`expr "$ac_aux_dir" : "$srcdir//*\(.*\)"` +# and then we would define $MISSING as +# MISSING="\${SHELL} $am_aux_dir/missing" +# This will work as long as MISSING is not called from configure, because +# unfortunately $(top_srcdir) has no meaning in configure. +# However there are other variables, like CC, which are often used in +# configure, and could therefore not use this "fixed" $ac_aux_dir. +# +# Another solution, used here, is to always expand $ac_aux_dir to an +# absolute PATH. The drawback is that using absolute paths prevent a +# configured tree to be moved without reconfiguration. + +AC_DEFUN([AM_AUX_DIR_EXPAND], +[dnl Rely on autoconf to set up CDPATH properly. +AC_PREREQ([2.50])dnl +# expand $ac_aux_dir to an absolute path +am_aux_dir=`cd $ac_aux_dir && pwd` +]) + +# AM_CONDITIONAL -*- Autoconf -*- + +# Copyright (C) 1997, 2000, 2001, 2003, 2004, 2005, 2006, 2008 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 9 + +# AM_CONDITIONAL(NAME, SHELL-CONDITION) +# ------------------------------------- +# Define a conditional. +AC_DEFUN([AM_CONDITIONAL], +[AC_PREREQ(2.52)dnl + ifelse([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], + [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl +AC_SUBST([$1_TRUE])dnl +AC_SUBST([$1_FALSE])dnl +_AM_SUBST_NOTMAKE([$1_TRUE])dnl +_AM_SUBST_NOTMAKE([$1_FALSE])dnl +m4_define([_AM_COND_VALUE_$1], [$2])dnl +if $2; then + $1_TRUE= + $1_FALSE='#' +else + $1_TRUE='#' + $1_FALSE= +fi +AC_CONFIG_COMMANDS_PRE( +[if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then + AC_MSG_ERROR([[conditional "$1" was never defined. +Usually this means the macro was only invoked conditionally.]]) +fi])]) + +# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2009 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 10 + +# There are a few dirty hacks below to avoid letting `AC_PROG_CC' be +# written in clear, in which case automake, when reading aclocal.m4, +# will think it sees a *use*, and therefore will trigger all it's +# C support machinery. Also note that it means that autoscan, seeing +# CC etc. in the Makefile, will ask for an AC_PROG_CC use... + + +# _AM_DEPENDENCIES(NAME) +# ---------------------- +# See how the compiler implements dependency checking. +# NAME is "CC", "CXX", "GCJ", or "OBJC". +# We try a few techniques and use that to set a single cache variable. +# +# We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was +# modified to invoke _AM_DEPENDENCIES(CC); we would have a circular +# dependency, and given that the user is not expected to run this macro, +# just rely on AC_PROG_CC. +AC_DEFUN([_AM_DEPENDENCIES], +[AC_REQUIRE([AM_SET_DEPDIR])dnl +AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl +AC_REQUIRE([AM_MAKE_INCLUDE])dnl +AC_REQUIRE([AM_DEP_TRACK])dnl + +ifelse([$1], CC, [depcc="$CC" am_compiler_list=], + [$1], CXX, [depcc="$CXX" am_compiler_list=], + [$1], OBJC, [depcc="$OBJC" am_compiler_list='gcc3 gcc'], + [$1], UPC, [depcc="$UPC" am_compiler_list=], + [$1], GCJ, [depcc="$GCJ" am_compiler_list='gcc3 gcc'], + [depcc="$$1" am_compiler_list=]) + +AC_CACHE_CHECK([dependency style of $depcc], + [am_cv_$1_dependencies_compiler_type], +[if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then + # We make a subdir and do the tests there. Otherwise we can end up + # making bogus files that we don't know about and never remove. For + # instance it was reported that on HP-UX the gcc test will end up + # making a dummy file named `D' -- because `-MD' means `put the output + # in D'. + mkdir conftest.dir + # Copy depcomp to subdir because otherwise we won't find it if we're + # using a relative directory. + cp "$am_depcomp" conftest.dir + cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub + + am_cv_$1_dependencies_compiler_type=none + if test "$am_compiler_list" = ""; then + am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp` + fi + am__universal=false + m4_case([$1], [CC], + [case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac], + [CXX], + [case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac]) + + for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # + # We need to recreate these files for each test, as the compiler may + # overwrite some of them when testing with obscure command lines. + # This happens at least with the AIX C compiler. + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with + # Solaris 8's {/usr,}/bin/sh. + touch sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf + + # We check with `-c' and `-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle `-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" + case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; + nosideeffect) + # after this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested + if test "x$enable_dependency_tracking" = xyes; then + continue + else + break + fi + ;; + msvisualcpp | msvcmsys) + # This compiler won't grok `-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; + none) break ;; + esac + if depmode=$depmode \ + source=sub/conftest.c object=$am__obj \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && + ${MAKE-make} -s -f confmf > /dev/null 2>&1; then + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_$1_dependencies_compiler_type=$depmode + break + fi + fi + done + + cd .. + rm -rf conftest.dir +else + am_cv_$1_dependencies_compiler_type=none +fi +]) +AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type]) +AM_CONDITIONAL([am__fastdep$1], [ + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_$1_dependencies_compiler_type" = gcc3]) +]) + + +# AM_SET_DEPDIR +# ------------- +# Choose a directory name for dependency files. +# This macro is AC_REQUIREd in _AM_DEPENDENCIES +AC_DEFUN([AM_SET_DEPDIR], +[AC_REQUIRE([AM_SET_LEADING_DOT])dnl +AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl +]) + + +# AM_DEP_TRACK +# ------------ +AC_DEFUN([AM_DEP_TRACK], +[AC_ARG_ENABLE(dependency-tracking, +[ --disable-dependency-tracking speeds up one-time build + --enable-dependency-tracking do not reject slow dependency extractors]) +if test "x$enable_dependency_tracking" != xno; then + am_depcomp="$ac_aux_dir/depcomp" + AMDEPBACKSLASH='\' +fi +AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno]) +AC_SUBST([AMDEPBACKSLASH])dnl +_AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl +]) + +# Generate code to set up dependency tracking. -*- Autoconf -*- + +# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2008 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +#serial 5 + +# _AM_OUTPUT_DEPENDENCY_COMMANDS +# ------------------------------ +AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], +[{ + # Autoconf 2.62 quotes --file arguments for eval, but not when files + # are listed without --file. Let's play safe and only enable the eval + # if we detect the quoting. + case $CONFIG_FILES in + *\'*) eval set x "$CONFIG_FILES" ;; + *) set x $CONFIG_FILES ;; + esac + shift + for mf + do + # Strip MF so we end up with the name of the file. + mf=`echo "$mf" | sed -e 's/:.*$//'` + # Check whether this is an Automake generated Makefile or not. + # We used to match only the files named `Makefile.in', but + # some people rename them; so instead we look at the file content. + # Grep'ing the first line is not enough: some people post-process + # each Makefile.in and add a new line on top of each file to say so. + # Grep'ing the whole file is not good either: AIX grep has a line + # limit of 2048, but all sed's we know have understand at least 4000. + if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then + dirpart=`AS_DIRNAME("$mf")` + else + continue + fi + # Extract the definition of DEPDIR, am__include, and am__quote + # from the Makefile without running `make'. + DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` + test -z "$DEPDIR" && continue + am__include=`sed -n 's/^am__include = //p' < "$mf"` + test -z "am__include" && continue + am__quote=`sed -n 's/^am__quote = //p' < "$mf"` + # When using ansi2knr, U may be empty or an underscore; expand it + U=`sed -n 's/^U = //p' < "$mf"` + # Find all dependency output files, they are included files with + # $(DEPDIR) in their names. We invoke sed twice because it is the + # simplest approach to changing $(DEPDIR) to its actual value in the + # expansion. + for file in `sed -n " + s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ + sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do + # Make sure the directory exists. + test -f "$dirpart/$file" && continue + fdir=`AS_DIRNAME(["$file"])` + AS_MKDIR_P([$dirpart/$fdir]) + # echo "creating $dirpart/$file" + echo '# dummy' > "$dirpart/$file" + done + done +} +])# _AM_OUTPUT_DEPENDENCY_COMMANDS + + +# AM_OUTPUT_DEPENDENCY_COMMANDS +# ----------------------------- +# This macro should only be invoked once -- use via AC_REQUIRE. +# +# This code is only required when automatic dependency tracking +# is enabled. FIXME. This creates each `.P' file that we will +# need in order to bootstrap the dependency handling code. +AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], +[AC_CONFIG_COMMANDS([depfiles], + [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS], + [AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"]) +]) + +# Do all the work for Automake. -*- Autoconf -*- + +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, +# 2005, 2006, 2008, 2009 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 16 + +# This macro actually does too much. Some checks are only needed if +# your package does certain things. But this isn't really a big deal. + +# AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE]) +# AM_INIT_AUTOMAKE([OPTIONS]) +# ----------------------------------------------- +# The call with PACKAGE and VERSION arguments is the old style +# call (pre autoconf-2.50), which is being phased out. PACKAGE +# and VERSION should now be passed to AC_INIT and removed from +# the call to AM_INIT_AUTOMAKE. +# We support both call styles for the transition. After +# the next Automake release, Autoconf can make the AC_INIT +# arguments mandatory, and then we can depend on a new Autoconf +# release and drop the old call support. +AC_DEFUN([AM_INIT_AUTOMAKE], +[AC_PREREQ([2.62])dnl +dnl Autoconf wants to disallow AM_ names. We explicitly allow +dnl the ones we care about. +m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl +AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl +AC_REQUIRE([AC_PROG_INSTALL])dnl +if test "`cd $srcdir && pwd`" != "`pwd`"; then + # Use -I$(srcdir) only when $(srcdir) != ., so that make's output + # is not polluted with repeated "-I." + AC_SUBST([am__isrc], [' -I$(srcdir)'])_AM_SUBST_NOTMAKE([am__isrc])dnl + # test to see if srcdir already configured + if test -f $srcdir/config.status; then + AC_MSG_ERROR([source directory already configured; run "make distclean" there first]) + fi +fi + +# test whether we have cygpath +if test -z "$CYGPATH_W"; then + if (cygpath --version) >/dev/null 2>/dev/null; then + CYGPATH_W='cygpath -w' + else + CYGPATH_W=echo + fi +fi +AC_SUBST([CYGPATH_W]) + +# Define the identity of the package. +dnl Distinguish between old-style and new-style calls. +m4_ifval([$2], +[m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl + AC_SUBST([PACKAGE], [$1])dnl + AC_SUBST([VERSION], [$2])], +[_AM_SET_OPTIONS([$1])dnl +dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT. +m4_if(m4_ifdef([AC_PACKAGE_NAME], 1)m4_ifdef([AC_PACKAGE_VERSION], 1), 11,, + [m4_fatal([AC_INIT should be called with package and version arguments])])dnl + AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl + AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl + +_AM_IF_OPTION([no-define],, +[AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package]) + AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package])])dnl + +# Some tools Automake needs. +AC_REQUIRE([AM_SANITY_CHECK])dnl +AC_REQUIRE([AC_ARG_PROGRAM])dnl +AM_MISSING_PROG(ACLOCAL, aclocal-${am__api_version}) +AM_MISSING_PROG(AUTOCONF, autoconf) +AM_MISSING_PROG(AUTOMAKE, automake-${am__api_version}) +AM_MISSING_PROG(AUTOHEADER, autoheader) +AM_MISSING_PROG(MAKEINFO, makeinfo) +AC_REQUIRE([AM_PROG_INSTALL_SH])dnl +AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl +AC_REQUIRE([AM_PROG_MKDIR_P])dnl +# We need awk for the "check" target. The system "awk" is bad on +# some platforms. +AC_REQUIRE([AC_PROG_AWK])dnl +AC_REQUIRE([AC_PROG_MAKE_SET])dnl +AC_REQUIRE([AM_SET_LEADING_DOT])dnl +_AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])], + [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], + [_AM_PROG_TAR([v7])])]) +_AM_IF_OPTION([no-dependencies],, +[AC_PROVIDE_IFELSE([AC_PROG_CC], + [_AM_DEPENDENCIES(CC)], + [define([AC_PROG_CC], + defn([AC_PROG_CC])[_AM_DEPENDENCIES(CC)])])dnl +AC_PROVIDE_IFELSE([AC_PROG_CXX], + [_AM_DEPENDENCIES(CXX)], + [define([AC_PROG_CXX], + defn([AC_PROG_CXX])[_AM_DEPENDENCIES(CXX)])])dnl +AC_PROVIDE_IFELSE([AC_PROG_OBJC], + [_AM_DEPENDENCIES(OBJC)], + [define([AC_PROG_OBJC], + defn([AC_PROG_OBJC])[_AM_DEPENDENCIES(OBJC)])])dnl +]) +_AM_IF_OPTION([silent-rules], [AC_REQUIRE([AM_SILENT_RULES])])dnl +dnl The `parallel-tests' driver may need to know about EXEEXT, so add the +dnl `am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This macro +dnl is hooked onto _AC_COMPILER_EXEEXT early, see below. +AC_CONFIG_COMMANDS_PRE(dnl +[m4_provide_if([_AM_COMPILER_EXEEXT], + [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl +]) + +dnl Hook into `_AC_COMPILER_EXEEXT' early to learn its expansion. Do not +dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further +dnl mangled by Autoconf and run in a shell conditional statement. +m4_define([_AC_COMPILER_EXEEXT], +m4_defn([_AC_COMPILER_EXEEXT])[m4_provide([_AM_COMPILER_EXEEXT])]) + + +# When config.status generates a header, we must update the stamp-h file. +# This file resides in the same directory as the config header +# that is generated. The stamp files are numbered to have different names. + +# Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the +# loop where config.status creates the headers, so we can generate +# our stamp files there. +AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK], +[# Compute $1's index in $config_headers. +_am_arg=$1 +_am_stamp_count=1 +for _am_header in $config_headers :; do + case $_am_header in + $_am_arg | $_am_arg:* ) + break ;; + * ) + _am_stamp_count=`expr $_am_stamp_count + 1` ;; + esac +done +echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) + +# Copyright (C) 2001, 2003, 2005, 2008 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_PROG_INSTALL_SH +# ------------------ +# Define $install_sh. +AC_DEFUN([AM_PROG_INSTALL_SH], +[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +if test x"${install_sh}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; + *) + install_sh="\${SHELL} $am_aux_dir/install-sh" + esac +fi +AC_SUBST(install_sh)]) + +# Copyright (C) 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 2 + +# Check whether the underlying file-system supports filenames +# with a leading dot. For instance MS-DOS doesn't. +AC_DEFUN([AM_SET_LEADING_DOT], +[rm -rf .tst 2>/dev/null +mkdir .tst 2>/dev/null +if test -d .tst; then + am__leading_dot=. +else + am__leading_dot=_ +fi +rmdir .tst 2>/dev/null +AC_SUBST([am__leading_dot])]) + +# Check to see how 'make' treats includes. -*- Autoconf -*- + +# Copyright (C) 2001, 2002, 2003, 2005, 2009 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 4 + +# AM_MAKE_INCLUDE() +# ----------------- +# Check to see how make treats includes. +AC_DEFUN([AM_MAKE_INCLUDE], +[am_make=${MAKE-make} +cat > confinc << 'END' +am__doit: + @echo this is the am__doit target +.PHONY: am__doit +END +# If we don't find an include directive, just comment out the code. +AC_MSG_CHECKING([for style of include used by $am_make]) +am__include="#" +am__quote= +_am_result=none +# First try GNU make style include. +echo "include confinc" > confmf +# Ignore all kinds of additional output from `make'. +case `$am_make -s -f confmf 2> /dev/null` in #( +*the\ am__doit\ target*) + am__include=include + am__quote= + _am_result=GNU + ;; +esac +# Now try BSD make style include. +if test "$am__include" = "#"; then + echo '.include "confinc"' > confmf + case `$am_make -s -f confmf 2> /dev/null` in #( + *the\ am__doit\ target*) + am__include=.include + am__quote="\"" + _am_result=BSD + ;; + esac +fi +AC_SUBST([am__include]) +AC_SUBST([am__quote]) +AC_MSG_RESULT([$_am_result]) +rm -f confinc confmf +]) + +# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- + +# Copyright (C) 1997, 1999, 2000, 2001, 2003, 2004, 2005, 2008 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 6 + +# AM_MISSING_PROG(NAME, PROGRAM) +# ------------------------------ +AC_DEFUN([AM_MISSING_PROG], +[AC_REQUIRE([AM_MISSING_HAS_RUN]) +$1=${$1-"${am_missing_run}$2"} +AC_SUBST($1)]) + + +# AM_MISSING_HAS_RUN +# ------------------ +# Define MISSING if not defined so far and test if it supports --run. +# If it does, set am_missing_run to use it, otherwise, to nothing. +AC_DEFUN([AM_MISSING_HAS_RUN], +[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +AC_REQUIRE_AUX_FILE([missing])dnl +if test x"${MISSING+set}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; + *) + MISSING="\${SHELL} $am_aux_dir/missing" ;; + esac +fi +# Use eval to expand $SHELL +if eval "$MISSING --run true"; then + am_missing_run="$MISSING --run " +else + am_missing_run= + AC_MSG_WARN([`missing' script is too old or missing]) +fi +]) + +# Copyright (C) 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_PROG_MKDIR_P +# --------------- +# Check for `mkdir -p'. +AC_DEFUN([AM_PROG_MKDIR_P], +[AC_PREREQ([2.60])dnl +AC_REQUIRE([AC_PROG_MKDIR_P])dnl +dnl Automake 1.8 to 1.9.6 used to define mkdir_p. We now use MKDIR_P, +dnl while keeping a definition of mkdir_p for backward compatibility. +dnl @MKDIR_P@ is magic: AC_OUTPUT adjusts its value for each Makefile. +dnl However we cannot define mkdir_p as $(MKDIR_P) for the sake of +dnl Makefile.ins that do not define MKDIR_P, so we do our own +dnl adjustment using top_builddir (which is defined more often than +dnl MKDIR_P). +AC_SUBST([mkdir_p], ["$MKDIR_P"])dnl +case $mkdir_p in + [[\\/$]]* | ?:[[\\/]]*) ;; + */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;; +esac +]) + +# Helper functions for option handling. -*- Autoconf -*- + +# Copyright (C) 2001, 2002, 2003, 2005, 2008 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 4 + +# _AM_MANGLE_OPTION(NAME) +# ----------------------- +AC_DEFUN([_AM_MANGLE_OPTION], +[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])]) + +# _AM_SET_OPTION(NAME) +# ------------------------------ +# Set option NAME. Presently that only means defining a flag for this option. +AC_DEFUN([_AM_SET_OPTION], +[m4_define(_AM_MANGLE_OPTION([$1]), 1)]) + +# _AM_SET_OPTIONS(OPTIONS) +# ---------------------------------- +# OPTIONS is a space-separated list of Automake options. +AC_DEFUN([_AM_SET_OPTIONS], +[m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) + +# _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET]) +# ------------------------------------------- +# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. +AC_DEFUN([_AM_IF_OPTION], +[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) + +# Check to make sure that the build environment is sane. -*- Autoconf -*- + +# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005, 2008 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 5 + +# AM_SANITY_CHECK +# --------------- +AC_DEFUN([AM_SANITY_CHECK], +[AC_MSG_CHECKING([whether build environment is sane]) +# Just in case +sleep 1 +echo timestamp > conftest.file +# Reject unsafe characters in $srcdir or the absolute working directory +# name. Accept space and tab only in the latter. +am_lf=' +' +case `pwd` in + *[[\\\"\#\$\&\'\`$am_lf]]*) + AC_MSG_ERROR([unsafe absolute working directory name]);; +esac +case $srcdir in + *[[\\\"\#\$\&\'\`$am_lf\ \ ]]*) + AC_MSG_ERROR([unsafe srcdir value: `$srcdir']);; +esac + +# Do `set' in a subshell so we don't clobber the current shell's +# arguments. Must try -L first in case configure is actually a +# symlink; some systems play weird games with the mod time of symlinks +# (eg FreeBSD returns the mod time of the symlink's containing +# directory). +if ( + set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` + if test "$[*]" = "X"; then + # -L didn't work. + set X `ls -t "$srcdir/configure" conftest.file` + fi + rm -f conftest.file + if test "$[*]" != "X $srcdir/configure conftest.file" \ + && test "$[*]" != "X conftest.file $srcdir/configure"; then + + # If neither matched, then we have a broken ls. This can happen + # if, for instance, CONFIG_SHELL is bash and it inherits a + # broken ls alias from the environment. This has actually + # happened. Such a system could not be considered "sane". + AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken +alias in your environment]) + fi + + test "$[2]" = conftest.file + ) +then + # Ok. + : +else + AC_MSG_ERROR([newly created file is older than distributed files! +Check your system clock]) +fi +AC_MSG_RESULT(yes)]) + +# Copyright (C) 2009 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 1 + +# AM_SILENT_RULES([DEFAULT]) +# -------------------------- +# Enable less verbose build rules; with the default set to DEFAULT +# (`yes' being less verbose, `no' or empty being verbose). +AC_DEFUN([AM_SILENT_RULES], +[AC_ARG_ENABLE([silent-rules], +[ --enable-silent-rules less verbose build output (undo: `make V=1') + --disable-silent-rules verbose build output (undo: `make V=0')]) +case $enable_silent_rules in +yes) AM_DEFAULT_VERBOSITY=0;; +no) AM_DEFAULT_VERBOSITY=1;; +*) AM_DEFAULT_VERBOSITY=m4_if([$1], [yes], [0], [1]);; +esac +AC_SUBST([AM_DEFAULT_VERBOSITY])dnl +AM_BACKSLASH='\' +AC_SUBST([AM_BACKSLASH])dnl +_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl +]) + +# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_PROG_INSTALL_STRIP +# --------------------- +# One issue with vendor `install' (even GNU) is that you can't +# specify the program used to strip binaries. This is especially +# annoying in cross-compiling environments, where the build's strip +# is unlikely to handle the host's binaries. +# Fortunately install-sh will honor a STRIPPROG variable, so we +# always use install-sh in `make install-strip', and initialize +# STRIPPROG with the value of the STRIP variable (set by the user). +AC_DEFUN([AM_PROG_INSTALL_STRIP], +[AC_REQUIRE([AM_PROG_INSTALL_SH])dnl +# Installed binaries are usually stripped using `strip' when the user +# run `make install-strip'. However `strip' might not be the right +# tool to use in cross-compilation environments, therefore Automake +# will honor the `STRIP' environment variable to overrule this program. +dnl Don't test for $cross_compiling = yes, because it might be `maybe'. +if test "$cross_compiling" != no; then + AC_CHECK_TOOL([STRIP], [strip], :) +fi +INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" +AC_SUBST([INSTALL_STRIP_PROGRAM])]) + +# Copyright (C) 2006, 2008 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 2 + +# _AM_SUBST_NOTMAKE(VARIABLE) +# --------------------------- +# Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. +# This macro is traced by Automake. +AC_DEFUN([_AM_SUBST_NOTMAKE]) + +# AM_SUBST_NOTMAKE(VARIABLE) +# --------------------------- +# Public sister of _AM_SUBST_NOTMAKE. +AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)]) + +# Check how to create a tarball. -*- Autoconf -*- + +# Copyright (C) 2004, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 2 + +# _AM_PROG_TAR(FORMAT) +# -------------------- +# Check how to create a tarball in format FORMAT. +# FORMAT should be one of `v7', `ustar', or `pax'. +# +# Substitute a variable $(am__tar) that is a command +# writing to stdout a FORMAT-tarball containing the directory +# $tardir. +# tardir=directory && $(am__tar) > result.tar +# +# Substitute a variable $(am__untar) that extract such +# a tarball read from stdin. +# $(am__untar) < result.tar +AC_DEFUN([_AM_PROG_TAR], +[# Always define AMTAR for backward compatibility. +AM_MISSING_PROG([AMTAR], [tar]) +m4_if([$1], [v7], + [am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'], + [m4_case([$1], [ustar],, [pax],, + [m4_fatal([Unknown tar format])]) +AC_MSG_CHECKING([how to create a $1 tar archive]) +# Loop over all known methods to create a tar archive until one works. +_am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none' +_am_tools=${am_cv_prog_tar_$1-$_am_tools} +# Do not fold the above two line into one, because Tru64 sh and +# Solaris sh will not grok spaces in the rhs of `-'. +for _am_tool in $_am_tools +do + case $_am_tool in + gnutar) + for _am_tar in tar gnutar gtar; + do + AM_RUN_LOG([$_am_tar --version]) && break + done + am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' + am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' + am__untar="$_am_tar -xf -" + ;; + plaintar) + # Must skip GNU tar: if it does not support --format= it doesn't create + # ustar tarball either. + (tar --version) >/dev/null 2>&1 && continue + am__tar='tar chf - "$$tardir"' + am__tar_='tar chf - "$tardir"' + am__untar='tar xf -' + ;; + pax) + am__tar='pax -L -x $1 -w "$$tardir"' + am__tar_='pax -L -x $1 -w "$tardir"' + am__untar='pax -r' + ;; + cpio) + am__tar='find "$$tardir" -print | cpio -o -H $1 -L' + am__tar_='find "$tardir" -print | cpio -o -H $1 -L' + am__untar='cpio -i -H $1 -d' + ;; + none) + am__tar=false + am__tar_=false + am__untar=false + ;; + esac + + # If the value was cached, stop now. We just wanted to have am__tar + # and am__untar set. + test -n "${am_cv_prog_tar_$1}" && break + + # tar/untar a dummy directory, and stop if the command works + rm -rf conftest.dir + mkdir conftest.dir + echo GrepMe > conftest.dir/file + AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) + rm -rf conftest.dir + if test -s conftest.tar; then + AM_RUN_LOG([$am__untar /dev/null 2>&1 && break + fi +done +rm -rf conftest.dir + +AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) +AC_MSG_RESULT([$am_cv_prog_tar_$1])]) +AC_SUBST([am__tar]) +AC_SUBST([am__untar]) +]) # _AM_PROG_TAR + +m4_include([acinclude.m4]) diff --git a/lib/libedit/config.guess b/lib/libedit/config.guess new file mode 100755 index 000000000000..dc84c68ef798 --- /dev/null +++ b/lib/libedit/config.guess @@ -0,0 +1,1501 @@ +#! /bin/sh +# Attempt to guess a canonical system name. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 +# Free Software Foundation, Inc. + +timestamp='2009-11-20' + +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + + +# Originally written by Per Bothner. Please send patches (context +# diff format) to and include a ChangeLog +# entry. +# +# This script attempts to guess a canonical system name similar to +# config.sub. If it succeeds, it prints the system name on stdout, and +# exits with 0. Otherwise, it exits with 1. +# +# You can get the latest version of this script from: +# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] + +Output the configuration name of the system \`$me' is run on. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.guess ($timestamp) + +Originally written by Per Bothner. +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, +2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" >&2 + exit 1 ;; + * ) + break ;; + esac +done + +if test $# != 0; then + echo "$me: too many arguments$help" >&2 + exit 1 +fi + +trap 'exit 1' 1 2 15 + +# CC_FOR_BUILD -- compiler used by this script. Note that the use of a +# compiler to aid in system detection is discouraged as it requires +# temporary files to be created and, as you can see below, it is a +# headache to deal with in a portable fashion. + +# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still +# use `HOST_CC' if defined, but it is deprecated. + +# Portable tmp directory creation inspired by the Autoconf team. + +set_cc_for_build=' +trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; +trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; +: ${TMPDIR=/tmp} ; + { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || + { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || + { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; +dummy=$tmp/dummy ; +tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; +case $CC_FOR_BUILD,$HOST_CC,$CC in + ,,) echo "int x;" > $dummy.c ; + for c in cc gcc c89 c99 ; do + if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then + CC_FOR_BUILD="$c"; break ; + fi ; + done ; + if test x"$CC_FOR_BUILD" = x ; then + CC_FOR_BUILD=no_compiler_found ; + fi + ;; + ,,*) CC_FOR_BUILD=$CC ;; + ,*,*) CC_FOR_BUILD=$HOST_CC ;; +esac ; set_cc_for_build= ;' + +# This is needed to find uname on a Pyramid OSx when run in the BSD universe. +# (ghazi@noc.rutgers.edu 1994-08-24) +if (test -f /.attbin/uname) >/dev/null 2>&1 ; then + PATH=$PATH:/.attbin ; export PATH +fi + +UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown +UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown +UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown +UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown + +# Note: order is significant - the case branches are not exclusive. + +case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in + *:NetBSD:*:*) + # NetBSD (nbsd) targets should (where applicable) match one or + # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, + # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently + # switched to ELF, *-*-netbsd* would select the old + # object file format. This provides both forward + # compatibility and a consistent mechanism for selecting the + # object file format. + # + # Note: NetBSD doesn't particularly care about the vendor + # portion of the name. We always set it to "unknown". + sysctl="sysctl -n hw.machine_arch" + UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ + /usr/sbin/$sysctl 2>/dev/null || echo unknown)` + case "${UNAME_MACHINE_ARCH}" in + armeb) machine=armeb-unknown ;; + arm*) machine=arm-unknown ;; + sh3el) machine=shl-unknown ;; + sh3eb) machine=sh-unknown ;; + sh5el) machine=sh5le-unknown ;; + *) machine=${UNAME_MACHINE_ARCH}-unknown ;; + esac + # The Operating System including object format, if it has switched + # to ELF recently, or will in the future. + case "${UNAME_MACHINE_ARCH}" in + arm*|i386|m68k|ns32k|sh3*|sparc|vax) + eval $set_cc_for_build + if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ELF__ + then + # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). + # Return netbsd for either. FIX? + os=netbsd + else + os=netbsdelf + fi + ;; + *) + os=netbsd + ;; + esac + # The OS release + # Debian GNU/NetBSD machines have a different userland, and + # thus, need a distinct triplet. However, they do not need + # kernel version information, so it can be replaced with a + # suitable tag, in the style of linux-gnu. + case "${UNAME_VERSION}" in + Debian*) + release='-gnu' + ;; + *) + release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` + ;; + esac + # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: + # contains redundant information, the shorter form: + # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. + echo "${machine}-${os}${release}" + exit ;; + *:OpenBSD:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} + exit ;; + *:ekkoBSD:*:*) + echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} + exit ;; + *:SolidBSD:*:*) + echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} + exit ;; + macppc:MirBSD:*:*) + echo powerpc-unknown-mirbsd${UNAME_RELEASE} + exit ;; + *:MirBSD:*:*) + echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} + exit ;; + alpha:OSF1:*:*) + case $UNAME_RELEASE in + *4.0) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` + ;; + *5.*) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + ;; + esac + # According to Compaq, /usr/sbin/psrinfo has been available on + # OSF/1 and Tru64 systems produced since 1995. I hope that + # covers most systems running today. This code pipes the CPU + # types through head -n 1, so we only detect the type of CPU 0. + ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` + case "$ALPHA_CPU_TYPE" in + "EV4 (21064)") + UNAME_MACHINE="alpha" ;; + "EV4.5 (21064)") + UNAME_MACHINE="alpha" ;; + "LCA4 (21066/21068)") + UNAME_MACHINE="alpha" ;; + "EV5 (21164)") + UNAME_MACHINE="alphaev5" ;; + "EV5.6 (21164A)") + UNAME_MACHINE="alphaev56" ;; + "EV5.6 (21164PC)") + UNAME_MACHINE="alphapca56" ;; + "EV5.7 (21164PC)") + UNAME_MACHINE="alphapca57" ;; + "EV6 (21264)") + UNAME_MACHINE="alphaev6" ;; + "EV6.7 (21264A)") + UNAME_MACHINE="alphaev67" ;; + "EV6.8CB (21264C)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8AL (21264B)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8CX (21264D)") + UNAME_MACHINE="alphaev68" ;; + "EV6.9A (21264/EV69A)") + UNAME_MACHINE="alphaev69" ;; + "EV7 (21364)") + UNAME_MACHINE="alphaev7" ;; + "EV7.9 (21364A)") + UNAME_MACHINE="alphaev79" ;; + esac + # A Pn.n version is a patched version. + # A Vn.n version is a released version. + # A Tn.n version is a released field test version. + # A Xn.n version is an unreleased experimental baselevel. + # 1.2 uses "1.2" for uname -r. + echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + exit ;; + Alpha\ *:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # Should we change UNAME_MACHINE based on the output of uname instead + # of the specific Alpha model? + echo alpha-pc-interix + exit ;; + 21064:Windows_NT:50:3) + echo alpha-dec-winnt3.5 + exit ;; + Amiga*:UNIX_System_V:4.0:*) + echo m68k-unknown-sysv4 + exit ;; + *:[Aa]miga[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-amigaos + exit ;; + *:[Mm]orph[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-morphos + exit ;; + *:OS/390:*:*) + echo i370-ibm-openedition + exit ;; + *:z/VM:*:*) + echo s390-ibm-zvmoe + exit ;; + *:OS400:*:*) + echo powerpc-ibm-os400 + exit ;; + arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) + echo arm-acorn-riscix${UNAME_RELEASE} + exit ;; + arm:riscos:*:*|arm:RISCOS:*:*) + echo arm-unknown-riscos + exit ;; + SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) + echo hppa1.1-hitachi-hiuxmpp + exit ;; + Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) + # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. + if test "`(/bin/universe) 2>/dev/null`" = att ; then + echo pyramid-pyramid-sysv3 + else + echo pyramid-pyramid-bsd + fi + exit ;; + NILE*:*:*:dcosx) + echo pyramid-pyramid-svr4 + exit ;; + DRS?6000:unix:4.0:6*) + echo sparc-icl-nx6 + exit ;; + DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) + case `/usr/bin/uname -p` in + sparc) echo sparc-icl-nx7; exit ;; + esac ;; + s390x:SunOS:*:*) + echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4H:SunOS:5.*:*) + echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) + echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) + echo i386-pc-auroraux${UNAME_RELEASE} + exit ;; + i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) + eval $set_cc_for_build + SUN_ARCH="i386" + # If there is a compiler, see if it is configured for 64-bit objects. + # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. + # This test works for both compilers. + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + SUN_ARCH="x86_64" + fi + fi + echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:6*:*) + # According to config.sub, this is the proper way to canonicalize + # SunOS6. Hard to guess exactly what SunOS6 will be like, but + # it's likely to be more like Solaris than SunOS4. + echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:*:*) + case "`/usr/bin/arch -k`" in + Series*|S4*) + UNAME_RELEASE=`uname -v` + ;; + esac + # Japanese Language versions have a version number like `4.1.3-JL'. + echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` + exit ;; + sun3*:SunOS:*:*) + echo m68k-sun-sunos${UNAME_RELEASE} + exit ;; + sun*:*:4.2BSD:*) + UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` + test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 + case "`/bin/arch`" in + sun3) + echo m68k-sun-sunos${UNAME_RELEASE} + ;; + sun4) + echo sparc-sun-sunos${UNAME_RELEASE} + ;; + esac + exit ;; + aushp:SunOS:*:*) + echo sparc-auspex-sunos${UNAME_RELEASE} + exit ;; + # The situation for MiNT is a little confusing. The machine name + # can be virtually everything (everything which is not + # "atarist" or "atariste" at least should have a processor + # > m68000). The system name ranges from "MiNT" over "FreeMiNT" + # to the lowercase version "mint" (or "freemint"). Finally + # the system name "TOS" denotes a system which is actually not + # MiNT. But MiNT is downward compatible to TOS, so this should + # be no problem. + atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) + echo m68k-milan-mint${UNAME_RELEASE} + exit ;; + hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) + echo m68k-hades-mint${UNAME_RELEASE} + exit ;; + *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) + echo m68k-unknown-mint${UNAME_RELEASE} + exit ;; + m68k:machten:*:*) + echo m68k-apple-machten${UNAME_RELEASE} + exit ;; + powerpc:machten:*:*) + echo powerpc-apple-machten${UNAME_RELEASE} + exit ;; + RISC*:Mach:*:*) + echo mips-dec-mach_bsd4.3 + exit ;; + RISC*:ULTRIX:*:*) + echo mips-dec-ultrix${UNAME_RELEASE} + exit ;; + VAX*:ULTRIX*:*:*) + echo vax-dec-ultrix${UNAME_RELEASE} + exit ;; + 2020:CLIX:*:* | 2430:CLIX:*:*) + echo clipper-intergraph-clix${UNAME_RELEASE} + exit ;; + mips:*:*:UMIPS | mips:*:*:RISCos) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c +#ifdef __cplusplus +#include /* for printf() prototype */ + int main (int argc, char *argv[]) { +#else + int main (argc, argv) int argc; char *argv[]; { +#endif + #if defined (host_mips) && defined (MIPSEB) + #if defined (SYSTYPE_SYSV) + printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_SVR4) + printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) + printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); + #endif + #endif + exit (-1); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && + dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && + SYSTEM_NAME=`$dummy $dummyarg` && + { echo "$SYSTEM_NAME"; exit; } + echo mips-mips-riscos${UNAME_RELEASE} + exit ;; + Motorola:PowerMAX_OS:*:*) + echo powerpc-motorola-powermax + exit ;; + Motorola:*:4.3:PL8-*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:Power_UNIX:*:*) + echo powerpc-harris-powerunix + exit ;; + m88k:CX/UX:7*:*) + echo m88k-harris-cxux7 + exit ;; + m88k:*:4*:R4*) + echo m88k-motorola-sysv4 + exit ;; + m88k:*:3*:R3*) + echo m88k-motorola-sysv3 + exit ;; + AViiON:dgux:*:*) + # DG/UX returns AViiON for all architectures + UNAME_PROCESSOR=`/usr/bin/uname -p` + if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] + then + if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ + [ ${TARGET_BINARY_INTERFACE}x = x ] + then + echo m88k-dg-dgux${UNAME_RELEASE} + else + echo m88k-dg-dguxbcs${UNAME_RELEASE} + fi + else + echo i586-dg-dgux${UNAME_RELEASE} + fi + exit ;; + M88*:DolphinOS:*:*) # DolphinOS (SVR3) + echo m88k-dolphin-sysv3 + exit ;; + M88*:*:R3*:*) + # Delta 88k system running SVR3 + echo m88k-motorola-sysv3 + exit ;; + XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) + echo m88k-tektronix-sysv3 + exit ;; + Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) + echo m68k-tektronix-bsd + exit ;; + *:IRIX*:*:*) + echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` + exit ;; + ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. + echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id + exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + i*86:AIX:*:*) + echo i386-ibm-aix + exit ;; + ia64:AIX:*:*) + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} + exit ;; + *:AIX:2:3) + if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + + main() + { + if (!__power_pc()) + exit(1); + puts("powerpc-ibm-aix3.2.5"); + exit(0); + } +EOF + if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` + then + echo "$SYSTEM_NAME" + else + echo rs6000-ibm-aix3.2.5 + fi + elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then + echo rs6000-ibm-aix3.2.4 + else + echo rs6000-ibm-aix3.2 + fi + exit ;; + *:AIX:*:[456]) + IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` + if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then + IBM_ARCH=rs6000 + else + IBM_ARCH=powerpc + fi + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${IBM_ARCH}-ibm-aix${IBM_REV} + exit ;; + *:AIX:*:*) + echo rs6000-ibm-aix + exit ;; + ibmrt:4.4BSD:*|romp-ibm:BSD:*) + echo romp-ibm-bsd4.4 + exit ;; + ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and + echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to + exit ;; # report: romp-ibm BSD 4.3 + *:BOSX:*:*) + echo rs6000-bull-bosx + exit ;; + DPX/2?00:B.O.S.:*:*) + echo m68k-bull-sysv3 + exit ;; + 9000/[34]??:4.3bsd:1.*:*) + echo m68k-hp-bsd + exit ;; + hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) + echo m68k-hp-bsd4.4 + exit ;; + 9000/[34678]??:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + case "${UNAME_MACHINE}" in + 9000/31? ) HP_ARCH=m68000 ;; + 9000/[34]?? ) HP_ARCH=m68k ;; + 9000/[678][0-9][0-9]) + if [ -x /usr/bin/getconf ]; then + sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` + sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` + case "${sc_cpu_version}" in + 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 + 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 + 532) # CPU_PA_RISC2_0 + case "${sc_kernel_bits}" in + 32) HP_ARCH="hppa2.0n" ;; + 64) HP_ARCH="hppa2.0w" ;; + '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 + esac ;; + esac + fi + if [ "${HP_ARCH}" = "" ]; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + + #define _HPUX_SOURCE + #include + #include + + int main () + { + #if defined(_SC_KERNEL_BITS) + long bits = sysconf(_SC_KERNEL_BITS); + #endif + long cpu = sysconf (_SC_CPU_VERSION); + + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1"); break; + case CPU_PA_RISC2_0: + #if defined(_SC_KERNEL_BITS) + switch (bits) + { + case 64: puts ("hppa2.0w"); break; + case 32: puts ("hppa2.0n"); break; + default: puts ("hppa2.0"); break; + } break; + #else /* !defined(_SC_KERNEL_BITS) */ + puts ("hppa2.0"); break; + #endif + default: puts ("hppa1.0"); break; + } + exit (0); + } +EOF + (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` + test -z "$HP_ARCH" && HP_ARCH=hppa + fi ;; + esac + if [ ${HP_ARCH} = "hppa2.0w" ] + then + eval $set_cc_for_build + + # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating + # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler + # generating 64-bit code. GNU and HP use different nomenclature: + # + # $ CC_FOR_BUILD=cc ./config.guess + # => hppa2.0w-hp-hpux11.23 + # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess + # => hppa64-hp-hpux11.23 + + if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | + grep -q __LP64__ + then + HP_ARCH="hppa2.0w" + else + HP_ARCH="hppa64" + fi + fi + echo ${HP_ARCH}-hp-hpux${HPUX_REV} + exit ;; + ia64:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + echo ia64-hp-hpux${HPUX_REV} + exit ;; + 3050*:HI-UX:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + int + main () + { + long cpu = sysconf (_SC_CPU_VERSION); + /* The order matters, because CPU_IS_HP_MC68K erroneously returns + true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct + results, however. */ + if (CPU_IS_PA_RISC (cpu)) + { + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; + case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; + default: puts ("hppa-hitachi-hiuxwe2"); break; + } + } + else if (CPU_IS_HP_MC68K (cpu)) + puts ("m68k-hitachi-hiuxwe2"); + else puts ("unknown-hitachi-hiuxwe2"); + exit (0); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } + echo unknown-hitachi-hiuxwe2 + exit ;; + 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) + echo hppa1.1-hp-bsd + exit ;; + 9000/8??:4.3bsd:*:*) + echo hppa1.0-hp-bsd + exit ;; + *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) + echo hppa1.0-hp-mpeix + exit ;; + hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) + echo hppa1.1-hp-osf + exit ;; + hp8??:OSF1:*:*) + echo hppa1.0-hp-osf + exit ;; + i*86:OSF1:*:*) + if [ -x /usr/sbin/sysversion ] ; then + echo ${UNAME_MACHINE}-unknown-osf1mk + else + echo ${UNAME_MACHINE}-unknown-osf1 + fi + exit ;; + parisc*:Lites*:*:*) + echo hppa1.1-hp-lites + exit ;; + C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) + echo c1-convex-bsd + exit ;; + C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit ;; + C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) + echo c34-convex-bsd + exit ;; + C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) + echo c38-convex-bsd + exit ;; + C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) + echo c4-convex-bsd + exit ;; + CRAY*Y-MP:*:*:*) + echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*[A-Z]90:*:*:*) + echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ + | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ + -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ + -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*TS:*:*:*) + echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*T3E:*:*:*) + echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*SV1:*:*:*) + echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + *:UNICOS/mp:*:*) + echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) + FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` + echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; + 5000:UNIX_System_V:4.*:*) + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` + echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; + i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) + echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} + exit ;; + sparc*:BSD/OS:*:*) + echo sparc-unknown-bsdi${UNAME_RELEASE} + exit ;; + *:BSD/OS:*:*) + echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} + exit ;; + *:FreeBSD:*:*) + case ${UNAME_MACHINE} in + pc98) + echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + amd64) + echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + *) + echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + esac + exit ;; + i*:CYGWIN*:*) + echo ${UNAME_MACHINE}-pc-cygwin + exit ;; + *:MINGW*:*) + echo ${UNAME_MACHINE}-pc-mingw32 + exit ;; + i*:windows32*:*) + # uname -m includes "-pc" on this system. + echo ${UNAME_MACHINE}-mingw32 + exit ;; + i*:PW*:*) + echo ${UNAME_MACHINE}-pc-pw32 + exit ;; + *:Interix*:*) + case ${UNAME_MACHINE} in + x86) + echo i586-pc-interix${UNAME_RELEASE} + exit ;; + authenticamd | genuineintel | EM64T) + echo x86_64-unknown-interix${UNAME_RELEASE} + exit ;; + IA64) + echo ia64-unknown-interix${UNAME_RELEASE} + exit ;; + esac ;; + [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) + echo i${UNAME_MACHINE}-pc-mks + exit ;; + 8664:Windows_NT:*) + echo x86_64-pc-mks + exit ;; + i*:Windows_NT*:* | Pentium*:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we + # UNAME_MACHINE based on the output of uname instead of i386? + echo i586-pc-interix + exit ;; + i*:UWIN*:*) + echo ${UNAME_MACHINE}-pc-uwin + exit ;; + amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) + echo x86_64-unknown-cygwin + exit ;; + p*:CYGWIN*:*) + echo powerpcle-unknown-cygwin + exit ;; + prep*:SunOS:5.*:*) + echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + *:GNU:*:*) + # the GNU system + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + exit ;; + *:GNU/*:*:*) + # other systems with GNU libc and userland + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu + exit ;; + i*86:Minix:*:*) + echo ${UNAME_MACHINE}-pc-minix + exit ;; + alpha:Linux:*:*) + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + EV5) UNAME_MACHINE=alphaev5 ;; + EV56) UNAME_MACHINE=alphaev56 ;; + PCA56) UNAME_MACHINE=alphapca56 ;; + PCA57) UNAME_MACHINE=alphapca56 ;; + EV6) UNAME_MACHINE=alphaev6 ;; + EV67) UNAME_MACHINE=alphaev67 ;; + EV68*) UNAME_MACHINE=alphaev68 ;; + esac + objdump --private-headers /bin/sh | grep -q ld.so.1 + if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi + echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + exit ;; + arm*:Linux:*:*) + eval $set_cc_for_build + if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_EABI__ + then + echo ${UNAME_MACHINE}-unknown-linux-gnu + else + echo ${UNAME_MACHINE}-unknown-linux-gnueabi + fi + exit ;; + avr32*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + cris:Linux:*:*) + echo cris-axis-linux-gnu + exit ;; + crisv32:Linux:*:*) + echo crisv32-axis-linux-gnu + exit ;; + frv:Linux:*:*) + echo frv-unknown-linux-gnu + exit ;; + i*86:Linux:*:*) + LIBC=gnu + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #ifdef __dietlibc__ + LIBC=dietlibc + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` + echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + exit ;; + ia64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + m32r*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + m68*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + mips:Linux:*:* | mips64:Linux:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #undef CPU + #undef ${UNAME_MACHINE} + #undef ${UNAME_MACHINE}el + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) + CPU=${UNAME_MACHINE}el + #else + #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) + CPU=${UNAME_MACHINE} + #else + CPU= + #endif + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + ;; + or32:Linux:*:*) + echo or32-unknown-linux-gnu + exit ;; + padre:Linux:*:*) + echo sparc-unknown-linux-gnu + exit ;; + parisc64:Linux:*:* | hppa64:Linux:*:*) + echo hppa64-unknown-linux-gnu + exit ;; + parisc:Linux:*:* | hppa:Linux:*:*) + # Look for CPU level + case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in + PA7*) echo hppa1.1-unknown-linux-gnu ;; + PA8*) echo hppa2.0-unknown-linux-gnu ;; + *) echo hppa-unknown-linux-gnu ;; + esac + exit ;; + ppc64:Linux:*:*) + echo powerpc64-unknown-linux-gnu + exit ;; + ppc:Linux:*:*) + echo powerpc-unknown-linux-gnu + exit ;; + s390:Linux:*:* | s390x:Linux:*:*) + echo ${UNAME_MACHINE}-ibm-linux + exit ;; + sh64*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + sh*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + sparc:Linux:*:* | sparc64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + vax:Linux:*:*) + echo ${UNAME_MACHINE}-dec-linux-gnu + exit ;; + x86_64:Linux:*:*) + echo x86_64-unknown-linux-gnu + exit ;; + xtensa*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + i*86:DYNIX/ptx:4*:*) + # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. + # earlier versions are messed up and put the nodename in both + # sysname and nodename. + echo i386-sequent-sysv4 + exit ;; + i*86:UNIX_SV:4.2MP:2.*) + # Unixware is an offshoot of SVR4, but it has its own version + # number series starting with 2... + # I am not positive that other SVR4 systems won't match this, + # I just have to hope. -- rms. + # Use sysv4.2uw... so that sysv4* matches it. + echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} + exit ;; + i*86:OS/2:*:*) + # If we were able to find `uname', then EMX Unix compatibility + # is probably installed. + echo ${UNAME_MACHINE}-pc-os2-emx + exit ;; + i*86:XTS-300:*:STOP) + echo ${UNAME_MACHINE}-unknown-stop + exit ;; + i*86:atheos:*:*) + echo ${UNAME_MACHINE}-unknown-atheos + exit ;; + i*86:syllable:*:*) + echo ${UNAME_MACHINE}-pc-syllable + exit ;; + i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) + echo i386-unknown-lynxos${UNAME_RELEASE} + exit ;; + i*86:*DOS:*:*) + echo ${UNAME_MACHINE}-pc-msdosdjgpp + exit ;; + i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) + UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` + if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then + echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} + else + echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} + fi + exit ;; + i*86:*:5:[678]*) + # UnixWare 7.x, OpenUNIX and OpenServer 6. + case `/bin/uname -X | grep "^Machine"` in + *486*) UNAME_MACHINE=i486 ;; + *Pentium) UNAME_MACHINE=i586 ;; + *Pent*|*Celeron) UNAME_MACHINE=i686 ;; + esac + echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} + exit ;; + i*86:*:3.2:*) + if test -f /usr/options/cb.name; then + UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then + UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` + (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 + (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ + && UNAME_MACHINE=i586 + (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ + && UNAME_MACHINE=i686 + (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ + && UNAME_MACHINE=i686 + echo ${UNAME_MACHINE}-pc-sco$UNAME_REL + else + echo ${UNAME_MACHINE}-pc-sysv32 + fi + exit ;; + pc:*:*:*) + # Left here for compatibility: + # uname -m prints for DJGPP always 'pc', but it prints nothing about + # the processor, so we play safe by assuming i586. + # Note: whatever this is, it MUST be the same as what config.sub + # prints for the "djgpp" host, or else GDB configury will decide that + # this is a cross-build. + echo i586-pc-msdosdjgpp + exit ;; + Intel:Mach:3*:*) + echo i386-pc-mach3 + exit ;; + paragon:*:*:*) + echo i860-intel-osf1 + exit ;; + i860:*:4.*:*) # i860-SVR4 + if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then + echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 + else # Add other i860-SVR4 vendors below as they are discovered. + echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 + fi + exit ;; + mini*:CTIX:SYS*5:*) + # "miniframe" + echo m68010-convergent-sysv + exit ;; + mc68k:UNIX:SYSTEM5:3.51m) + echo m68k-convergent-sysv + exit ;; + M680?0:D-NIX:5.3:*) + echo m68k-diab-dnix + exit ;; + M68*:*:R3V[5678]*:*) + test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; + 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) + OS_REL='' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; + 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4; exit; } ;; + NCR*:*:4.2:* | MPRAS*:*:4.2:*) + OS_REL='.3' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; + m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) + echo m68k-unknown-lynxos${UNAME_RELEASE} + exit ;; + mc68030:UNIX_System_V:4.*:*) + echo m68k-atari-sysv4 + exit ;; + TSUNAMI:LynxOS:2.*:*) + echo sparc-unknown-lynxos${UNAME_RELEASE} + exit ;; + rs6000:LynxOS:2.*:*) + echo rs6000-unknown-lynxos${UNAME_RELEASE} + exit ;; + PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) + echo powerpc-unknown-lynxos${UNAME_RELEASE} + exit ;; + SM[BE]S:UNIX_SV:*:*) + echo mips-dde-sysv${UNAME_RELEASE} + exit ;; + RM*:ReliantUNIX-*:*:*) + echo mips-sni-sysv4 + exit ;; + RM*:SINIX-*:*:*) + echo mips-sni-sysv4 + exit ;; + *:SINIX-*:*:*) + if uname -p 2>/dev/null >/dev/null ; then + UNAME_MACHINE=`(uname -p) 2>/dev/null` + echo ${UNAME_MACHINE}-sni-sysv4 + else + echo ns32k-sni-sysv + fi + exit ;; + PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + # says + echo i586-unisys-sysv4 + exit ;; + *:UNIX_System_V:4*:FTX*) + # From Gerald Hewes . + # How about differentiating between stratus architectures? -djm + echo hppa1.1-stratus-sysv4 + exit ;; + *:*:*:FTX*) + # From seanf@swdc.stratus.com. + echo i860-stratus-sysv4 + exit ;; + i*86:VOS:*:*) + # From Paul.Green@stratus.com. + echo ${UNAME_MACHINE}-stratus-vos + exit ;; + *:VOS:*:*) + # From Paul.Green@stratus.com. + echo hppa1.1-stratus-vos + exit ;; + mc68*:A/UX:*:*) + echo m68k-apple-aux${UNAME_RELEASE} + exit ;; + news*:NEWS-OS:6*:*) + echo mips-sony-newsos6 + exit ;; + R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) + if [ -d /usr/nec ]; then + echo mips-nec-sysv${UNAME_RELEASE} + else + echo mips-unknown-sysv${UNAME_RELEASE} + fi + exit ;; + BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. + echo powerpc-be-beos + exit ;; + BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. + echo powerpc-apple-beos + exit ;; + BePC:BeOS:*:*) # BeOS running on Intel PC compatible. + echo i586-pc-beos + exit ;; + BePC:Haiku:*:*) # Haiku running on Intel PC compatible. + echo i586-pc-haiku + exit ;; + SX-4:SUPER-UX:*:*) + echo sx4-nec-superux${UNAME_RELEASE} + exit ;; + SX-5:SUPER-UX:*:*) + echo sx5-nec-superux${UNAME_RELEASE} + exit ;; + SX-6:SUPER-UX:*:*) + echo sx6-nec-superux${UNAME_RELEASE} + exit ;; + SX-7:SUPER-UX:*:*) + echo sx7-nec-superux${UNAME_RELEASE} + exit ;; + SX-8:SUPER-UX:*:*) + echo sx8-nec-superux${UNAME_RELEASE} + exit ;; + SX-8R:SUPER-UX:*:*) + echo sx8r-nec-superux${UNAME_RELEASE} + exit ;; + Power*:Rhapsody:*:*) + echo powerpc-apple-rhapsody${UNAME_RELEASE} + exit ;; + *:Rhapsody:*:*) + echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} + exit ;; + *:Darwin:*:*) + UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown + case $UNAME_PROCESSOR in + i386) + eval $set_cc_for_build + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + UNAME_PROCESSOR="x86_64" + fi + fi ;; + unknown) UNAME_PROCESSOR=powerpc ;; + esac + echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} + exit ;; + *:procnto*:*:* | *:QNX:[0123456789]*:*) + UNAME_PROCESSOR=`uname -p` + if test "$UNAME_PROCESSOR" = "x86"; then + UNAME_PROCESSOR=i386 + UNAME_MACHINE=pc + fi + echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} + exit ;; + *:QNX:*:4*) + echo i386-pc-qnx + exit ;; + NSE-?:NONSTOP_KERNEL:*:*) + echo nse-tandem-nsk${UNAME_RELEASE} + exit ;; + NSR-?:NONSTOP_KERNEL:*:*) + echo nsr-tandem-nsk${UNAME_RELEASE} + exit ;; + *:NonStop-UX:*:*) + echo mips-compaq-nonstopux + exit ;; + BS2000:POSIX*:*:*) + echo bs2000-siemens-sysv + exit ;; + DS/*:UNIX_System_V:*:*) + echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} + exit ;; + *:Plan9:*:*) + # "uname -m" is not consistent, so use $cputype instead. 386 + # is converted to i386 for consistency with other x86 + # operating systems. + if test "$cputype" = "386"; then + UNAME_MACHINE=i386 + else + UNAME_MACHINE="$cputype" + fi + echo ${UNAME_MACHINE}-unknown-plan9 + exit ;; + *:TOPS-10:*:*) + echo pdp10-unknown-tops10 + exit ;; + *:TENEX:*:*) + echo pdp10-unknown-tenex + exit ;; + KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) + echo pdp10-dec-tops20 + exit ;; + XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) + echo pdp10-xkl-tops20 + exit ;; + *:TOPS-20:*:*) + echo pdp10-unknown-tops20 + exit ;; + *:ITS:*:*) + echo pdp10-unknown-its + exit ;; + SEI:*:*:SEIUX) + echo mips-sei-seiux${UNAME_RELEASE} + exit ;; + *:DragonFly:*:*) + echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` + exit ;; + *:*VMS:*:*) + UNAME_MACHINE=`(uname -p) 2>/dev/null` + case "${UNAME_MACHINE}" in + A*) echo alpha-dec-vms ; exit ;; + I*) echo ia64-dec-vms ; exit ;; + V*) echo vax-dec-vms ; exit ;; + esac ;; + *:XENIX:*:SysV) + echo i386-pc-xenix + exit ;; + i*86:skyos:*:*) + echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' + exit ;; + i*86:rdos:*:*) + echo ${UNAME_MACHINE}-pc-rdos + exit ;; + i*86:AROS:*:*) + echo ${UNAME_MACHINE}-pc-aros + exit ;; +esac + +#echo '(No uname command or uname output not recognized.)' 1>&2 +#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 + +eval $set_cc_for_build +cat >$dummy.c < +# include +#endif +main () +{ +#if defined (sony) +#if defined (MIPSEB) + /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, + I don't know.... */ + printf ("mips-sony-bsd\n"); exit (0); +#else +#include + printf ("m68k-sony-newsos%s\n", +#ifdef NEWSOS4 + "4" +#else + "" +#endif + ); exit (0); +#endif +#endif + +#if defined (__arm) && defined (__acorn) && defined (__unix) + printf ("arm-acorn-riscix\n"); exit (0); +#endif + +#if defined (hp300) && !defined (hpux) + printf ("m68k-hp-bsd\n"); exit (0); +#endif + +#if defined (NeXT) +#if !defined (__ARCHITECTURE__) +#define __ARCHITECTURE__ "m68k" +#endif + int version; + version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; + if (version < 4) + printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); + else + printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); + exit (0); +#endif + +#if defined (MULTIMAX) || defined (n16) +#if defined (UMAXV) + printf ("ns32k-encore-sysv\n"); exit (0); +#else +#if defined (CMU) + printf ("ns32k-encore-mach\n"); exit (0); +#else + printf ("ns32k-encore-bsd\n"); exit (0); +#endif +#endif +#endif + +#if defined (__386BSD__) + printf ("i386-pc-bsd\n"); exit (0); +#endif + +#if defined (sequent) +#if defined (i386) + printf ("i386-sequent-dynix\n"); exit (0); +#endif +#if defined (ns32000) + printf ("ns32k-sequent-dynix\n"); exit (0); +#endif +#endif + +#if defined (_SEQUENT_) + struct utsname un; + + uname(&un); + + if (strncmp(un.version, "V2", 2) == 0) { + printf ("i386-sequent-ptx2\n"); exit (0); + } + if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ + printf ("i386-sequent-ptx1\n"); exit (0); + } + printf ("i386-sequent-ptx\n"); exit (0); + +#endif + +#if defined (vax) +# if !defined (ultrix) +# include +# if defined (BSD) +# if BSD == 43 + printf ("vax-dec-bsd4.3\n"); exit (0); +# else +# if BSD == 199006 + printf ("vax-dec-bsd4.3reno\n"); exit (0); +# else + printf ("vax-dec-bsd\n"); exit (0); +# endif +# endif +# else + printf ("vax-dec-bsd\n"); exit (0); +# endif +# else + printf ("vax-dec-ultrix\n"); exit (0); +# endif +#endif + +#if defined (alliant) && defined (i860) + printf ("i860-alliant-bsd\n"); exit (0); +#endif + + exit (1); +} +EOF + +$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } + +# Apollos put the system type in the environment. + +test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } + +# Convex versions that predate uname can use getsysinfo(1) + +if [ -x /usr/convex/getsysinfo ] +then + case `getsysinfo -f cpu_type` in + c1*) + echo c1-convex-bsd + exit ;; + c2*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit ;; + c34*) + echo c34-convex-bsd + exit ;; + c38*) + echo c38-convex-bsd + exit ;; + c4*) + echo c4-convex-bsd + exit ;; + esac +fi + +cat >&2 < in order to provide the needed +information to handle your system. + +config.guess timestamp = $timestamp + +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null` + +hostinfo = `(hostinfo) 2>/dev/null` +/bin/universe = `(/bin/universe) 2>/dev/null` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` +/bin/arch = `(/bin/arch) 2>/dev/null` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` + +UNAME_MACHINE = ${UNAME_MACHINE} +UNAME_RELEASE = ${UNAME_RELEASE} +UNAME_SYSTEM = ${UNAME_SYSTEM} +UNAME_VERSION = ${UNAME_VERSION} +EOF + +exit 1 + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff --git a/lib/libedit/config.h.in b/lib/libedit/config.h.in new file mode 100644 index 000000000000..df59ac31796d --- /dev/null +++ b/lib/libedit/config.h.in @@ -0,0 +1,278 @@ +/* config.h.in. Generated from configure.ac by autoheader. */ + +/* Define to 1 if the `closedir' function returns void instead of `int'. */ +#undef CLOSEDIR_VOID + +/* Define to one of `_getb67', `GETB67', `getb67' for Cray-2 and Cray-YMP + systems. This function is required for `alloca.c' support on those systems. + */ +#undef CRAY_STACKSEG_END + +/* Define to 1 if using `alloca.c'. */ +#undef C_ALLOCA + +/* Define to 1 if you have `alloca', as a function or macro. */ +#undef HAVE_ALLOCA + +/* Define to 1 if you have and it should be used (not on Ultrix). + */ +#undef HAVE_ALLOCA_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_CURSES_H + +/* Define to 1 if you have the header file, and it defines `DIR'. + */ +#undef HAVE_DIRENT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_DLFCN_H + +/* Define to 1 if you have the `endpwent' function. */ +#undef HAVE_ENDPWENT + +/* Define to 1 if you have the header file. */ +#undef HAVE_FCNTL_H + +/* Define to 1 if you have the `fork' function. */ +#undef HAVE_FORK + +/* Define to 1 if you have getpwnam_r and getpwuid_r that are draft POSIX.1 + versions. */ +#undef HAVE_GETPW_R_DRAFT + +/* Define to 1 if you have getpwnam_r and getpwuid_r that are POSIX.1 + compatible. */ +#undef HAVE_GETPW_R_POSIX + +/* Define to 1 if you have the header file. */ +#undef HAVE_INTTYPES_H + +/* Define to 1 if you have the `isascii' function. */ +#undef HAVE_ISASCII + +/* Define to 1 if you have the `issetugid' function. */ +#undef HAVE_ISSETUGID + +/* Define to 1 if you have the `curses' library (-lcurses). */ +#undef HAVE_LIBCURSES + +/* Define to 1 if you have the `ncurses' library (-lncurses). */ +#undef HAVE_LIBNCURSES + +/* Define to 1 if you have the header file. */ +#undef HAVE_LIMITS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_MALLOC_H + +/* Define to 1 if you have the `memchr' function. */ +#undef HAVE_MEMCHR + +/* Define to 1 if you have the header file. */ +#undef HAVE_MEMORY_H + +/* Define to 1 if you have the `memset' function. */ +#undef HAVE_MEMSET + +/* Define to 1 if you have the header file. */ +#undef HAVE_NCURSES_H + +/* Define to 1 if you have the header file, and it defines `DIR'. */ +#undef HAVE_NDIR_H + +/* Define to 1 if you have the `regcomp' function. */ +#undef HAVE_REGCOMP + +/* Define to 1 if you have the `re_comp' function. */ +#undef HAVE_RE_COMP + +/* Define to 1 if `stat' has the bug that it succeeds when given the + zero-length file name argument. */ +#undef HAVE_STAT_EMPTY_STRING_BUG + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDINT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDLIB_H + +/* Define to 1 if you have the `strcasecmp' function. */ +#undef HAVE_STRCASECMP + +/* Define to 1 if you have the `strchr' function. */ +#undef HAVE_STRCHR + +/* Define to 1 if you have the `strcspn' function. */ +#undef HAVE_STRCSPN + +/* Define to 1 if you have the `strdup' function. */ +#undef HAVE_STRDUP + +/* Define to 1 if you have the `strerror' function. */ +#undef HAVE_STRERROR + +/* Define to 1 if you have the header file. */ +#undef HAVE_STRINGS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STRING_H + +/* Define to 1 if you have the `strrchr' function. */ +#undef HAVE_STRRCHR + +/* Define to 1 if you have the `strstr' function. */ +#undef HAVE_STRSTR + +/* Define to 1 if you have the `strtol' function. */ +#undef HAVE_STRTOL + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_CDEFS_H + +/* Define to 1 if you have the header file, and it defines `DIR'. + */ +#undef HAVE_SYS_DIR_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_IOCTL_H + +/* Define to 1 if you have the header file, and it defines `DIR'. + */ +#undef HAVE_SYS_NDIR_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_PARAM_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_STAT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_TYPES_H + +/* Define to 1 if you have that is POSIX.1 compatible. */ +#undef HAVE_SYS_WAIT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_TERM_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_UNISTD_H + +/* Define to 1 if the system has the type `u_int32_t'. */ +#undef HAVE_U_INT32_T + +/* Define to 1 if you have the `vfork' function. */ +#undef HAVE_VFORK + +/* Define to 1 if you have the header file. */ +#undef HAVE_VFORK_H + +/* Define to 1 if you have the `wcsdup' function. */ +#undef HAVE_WCSDUP + +/* Define to 1 if `fork' works. */ +#undef HAVE_WORKING_FORK + +/* Define to 1 if `vfork' works. */ +#undef HAVE_WORKING_VFORK + +/* Define to 1 if `lstat' dereferences a symlink specified with a trailing + slash. */ +#undef LSTAT_FOLLOWS_SLASHED_SYMLINK + +/* Define to the sub-directory in which libtool stores uninstalled libraries. + */ +#undef LT_OBJDIR + +/* Name of package */ +#undef PACKAGE + +/* Define to the address where bug reports for this package should be sent. */ +#undef PACKAGE_BUGREPORT + +/* Define to the full name of this package. */ +#undef PACKAGE_NAME + +/* Define to the full name and version of this package. */ +#undef PACKAGE_STRING + +/* Define to the one symbol short name of this package. */ +#undef PACKAGE_TARNAME + +/* Define to the home page for this package. */ +#undef PACKAGE_URL + +/* Define to the version of this package. */ +#undef PACKAGE_VERSION + +/* Define as the return type of signal handlers (`int' or `void'). */ +#undef RETSIGTYPE + +/* If using the C implementation of alloca, define if you know the + direction of stack growth for your system; otherwise it will be + automatically deduced at runtime. + STACK_DIRECTION > 0 => grows toward higher addresses + STACK_DIRECTION < 0 => grows toward lower addresses + STACK_DIRECTION = 0 => direction of growth unknown */ +#undef STACK_DIRECTION + +/* Define to 1 if you have the ANSI C header files. */ +#undef STDC_HEADERS + +/* Enable extensions on AIX 3, Interix. */ +#ifndef _ALL_SOURCE +# undef _ALL_SOURCE +#endif +/* Enable GNU extensions on systems that have them. */ +#ifndef _GNU_SOURCE +# undef _GNU_SOURCE +#endif +/* Enable threading extensions on Solaris. */ +#ifndef _POSIX_PTHREAD_SEMANTICS +# undef _POSIX_PTHREAD_SEMANTICS +#endif +/* Enable extensions on HP NonStop. */ +#ifndef _TANDEM_SOURCE +# undef _TANDEM_SOURCE +#endif +/* Enable general extensions on Solaris. */ +#ifndef __EXTENSIONS__ +# undef __EXTENSIONS__ +#endif + + +/* Version number of package */ +#undef VERSION + +/* Define to 1 if you want wide-character code */ +#undef WIDECHAR + +/* Define to 1 if on MINIX. */ +#undef _MINIX + +/* Define to 2 if the system does not provide POSIX.1 features except with + this defined. */ +#undef _POSIX_1_SOURCE + +/* Define to 1 if you need to in order for `stat' and other things to work. */ +#undef _POSIX_SOURCE + +/* Define to empty if `const' does not conform to ANSI C. */ +#undef const + +/* Define to `int' if does not define. */ +#undef pid_t + +/* Define to `unsigned int' if does not define. */ +#undef size_t + +/* Define as `fork' if `vfork' does not work. */ +#undef vfork + + +#include "sys.h" +#define SCCSID +#undef LIBC_SCCS +#define lint + diff --git a/lib/libedit/config.sub b/lib/libedit/config.sub new file mode 100755 index 000000000000..2a55a50751c1 --- /dev/null +++ b/lib/libedit/config.sub @@ -0,0 +1,1705 @@ +#! /bin/sh +# Configuration validation subroutine script. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 +# Free Software Foundation, Inc. + +timestamp='2009-11-20' + +# This file is (in principle) common to ALL GNU software. +# The presence of a machine in this file suggests that SOME GNU software +# can handle that machine. It does not imply ALL GNU software can. +# +# This file is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + + +# Please send patches to . Submit a context +# diff and a properly formatted GNU ChangeLog entry. +# +# Configuration subroutine to validate and canonicalize a configuration type. +# Supply the specified configuration type as an argument. +# If it is invalid, we print an error message on stderr and exit with code 1. +# Otherwise, we print the canonical config type on stdout and succeed. + +# You can get the latest version of this script from: +# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD + +# This file is supposed to be the same for all GNU packages +# and recognize all the CPU types, system types and aliases +# that are meaningful with *any* GNU software. +# Each package is responsible for reporting which valid configurations +# it does not support. The user should be able to distinguish +# a failure to support a valid configuration from a meaningless +# configuration. + +# The goal of this file is to map all the various variations of a given +# machine specification into a single specification in the form: +# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM +# or in some cases, the newer four-part form: +# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM +# It is wrong to echo any other type of specification. + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] CPU-MFR-OPSYS + $0 [OPTION] ALIAS + +Canonicalize a configuration name. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.sub ($timestamp) + +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, +2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" + exit 1 ;; + + *local*) + # First pass through any local machine types. + echo $1 + exit ;; + + * ) + break ;; + esac +done + +case $# in + 0) echo "$me: missing argument$help" >&2 + exit 1;; + 1) ;; + *) echo "$me: too many arguments$help" >&2 + exit 1;; +esac + +# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). +# Here we must recognize all the valid KERNEL-OS combinations. +maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` +case $maybe_os in + nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ + uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ + kopensolaris*-gnu* | \ + storm-chaos* | os2-emx* | rtmk-nova*) + os=-$maybe_os + basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` + ;; + *) + basic_machine=`echo $1 | sed 's/-[^-]*$//'` + if [ $basic_machine != $1 ] + then os=`echo $1 | sed 's/.*-/-/'` + else os=; fi + ;; +esac + +### Let's recognize common machines as not being operating systems so +### that things like config.sub decstation-3100 work. We also +### recognize some manufacturers as not being operating systems, so we +### can provide default operating systems below. +case $os in + -sun*os*) + # Prevent following clause from handling this invalid input. + ;; + -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ + -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ + -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ + -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ + -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ + -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ + -apple | -axis | -knuth | -cray | -microblaze) + os= + basic_machine=$1 + ;; + -bluegene*) + os=-cnk + ;; + -sim | -cisco | -oki | -wec | -winbond) + os= + basic_machine=$1 + ;; + -scout) + ;; + -wrs) + os=-vxworks + basic_machine=$1 + ;; + -chorusos*) + os=-chorusos + basic_machine=$1 + ;; + -chorusrdb) + os=-chorusrdb + basic_machine=$1 + ;; + -hiux*) + os=-hiuxwe2 + ;; + -sco6) + os=-sco5v6 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco5) + os=-sco3.2v5 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco4) + os=-sco3.2v4 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2.[4-9]*) + os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2v[4-9]*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco5v6*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco*) + os=-sco3.2v2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -udk*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -isc) + os=-isc2.2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -clix*) + basic_machine=clipper-intergraph + ;; + -isc*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -lynx*) + os=-lynxos + ;; + -ptx*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` + ;; + -windowsnt*) + os=`echo $os | sed -e 's/windowsnt/winnt/'` + ;; + -psos*) + os=-psos + ;; + -mint | -mint[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; +esac + +# Decode aliases for certain CPU-COMPANY combinations. +case $basic_machine in + # Recognize the basic CPU types without company name. + # Some are omitted here because they have special meanings below. + 1750a | 580 \ + | a29k \ + | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ + | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ + | am33_2.0 \ + | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ + | bfin \ + | c4x | clipper \ + | d10v | d30v | dlx | dsp16xx \ + | fido | fr30 | frv \ + | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | i370 | i860 | i960 | ia64 \ + | ip2k | iq2000 \ + | lm32 \ + | m32c | m32r | m32rle | m68000 | m68k | m88k \ + | maxq | mb | microblaze | mcore | mep | metag \ + | mips | mipsbe | mipseb | mipsel | mipsle \ + | mips16 \ + | mips64 | mips64el \ + | mips64octeon | mips64octeonel \ + | mips64orion | mips64orionel \ + | mips64r5900 | mips64r5900el \ + | mips64vr | mips64vrel \ + | mips64vr4100 | mips64vr4100el \ + | mips64vr4300 | mips64vr4300el \ + | mips64vr5000 | mips64vr5000el \ + | mips64vr5900 | mips64vr5900el \ + | mipsisa32 | mipsisa32el \ + | mipsisa32r2 | mipsisa32r2el \ + | mipsisa64 | mipsisa64el \ + | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64sb1 | mipsisa64sb1el \ + | mipsisa64sr71k | mipsisa64sr71kel \ + | mipstx39 | mipstx39el \ + | mn10200 | mn10300 \ + | moxie \ + | mt \ + | msp430 \ + | nios | nios2 \ + | ns16k | ns32k \ + | or32 \ + | pdp10 | pdp11 | pj | pjl \ + | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ + | pyramid \ + | rx \ + | score \ + | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ + | sh64 | sh64le \ + | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ + | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ + | spu | strongarm \ + | tahoe | thumb | tic4x | tic80 | tron \ + | ubicom32 \ + | v850 | v850e \ + | we32k \ + | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ + | z8k | z80) + basic_machine=$basic_machine-unknown + ;; + m6811 | m68hc11 | m6812 | m68hc12 | picochip) + # Motorola 68HC11/12. + basic_machine=$basic_machine-unknown + os=-none + ;; + m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) + ;; + ms1) + basic_machine=mt-unknown + ;; + + # We use `pc' rather than `unknown' + # because (1) that's what they normally are, and + # (2) the word "unknown" tends to confuse beginning users. + i*86 | x86_64) + basic_machine=$basic_machine-pc + ;; + # Object if more than one company name word. + *-*-*) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; + # Recognize the basic CPU types with company name. + 580-* \ + | a29k-* \ + | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ + | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ + | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ + | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ + | avr-* | avr32-* \ + | bfin-* | bs2000-* \ + | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ + | clipper-* | craynv-* | cydra-* \ + | d10v-* | d30v-* | dlx-* \ + | elxsi-* \ + | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ + | h8300-* | h8500-* \ + | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ + | i*86-* | i860-* | i960-* | ia64-* \ + | ip2k-* | iq2000-* \ + | lm32-* \ + | m32c-* | m32r-* | m32rle-* \ + | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ + | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \ + | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ + | mips16-* \ + | mips64-* | mips64el-* \ + | mips64octeon-* | mips64octeonel-* \ + | mips64orion-* | mips64orionel-* \ + | mips64r5900-* | mips64r5900el-* \ + | mips64vr-* | mips64vrel-* \ + | mips64vr4100-* | mips64vr4100el-* \ + | mips64vr4300-* | mips64vr4300el-* \ + | mips64vr5000-* | mips64vr5000el-* \ + | mips64vr5900-* | mips64vr5900el-* \ + | mipsisa32-* | mipsisa32el-* \ + | mipsisa32r2-* | mipsisa32r2el-* \ + | mipsisa64-* | mipsisa64el-* \ + | mipsisa64r2-* | mipsisa64r2el-* \ + | mipsisa64sb1-* | mipsisa64sb1el-* \ + | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipstx39-* | mipstx39el-* \ + | mmix-* \ + | mt-* \ + | msp430-* \ + | nios-* | nios2-* \ + | none-* | np1-* | ns16k-* | ns32k-* \ + | orion-* \ + | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ + | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ + | pyramid-* \ + | romp-* | rs6000-* | rx-* \ + | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ + | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ + | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ + | sparclite-* \ + | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ + | tahoe-* | thumb-* \ + | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* | tile-* \ + | tron-* \ + | ubicom32-* \ + | v850-* | v850e-* | vax-* \ + | we32k-* \ + | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ + | xstormy16-* | xtensa*-* \ + | ymp-* \ + | z8k-* | z80-*) + ;; + # Recognize the basic CPU types without company name, with glob match. + xtensa*) + basic_machine=$basic_machine-unknown + ;; + # Recognize the various machine names and aliases which stand + # for a CPU type and a company and sometimes even an OS. + 386bsd) + basic_machine=i386-unknown + os=-bsd + ;; + 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) + basic_machine=m68000-att + ;; + 3b*) + basic_machine=we32k-att + ;; + a29khif) + basic_machine=a29k-amd + os=-udi + ;; + abacus) + basic_machine=abacus-unknown + ;; + adobe68k) + basic_machine=m68010-adobe + os=-scout + ;; + alliant | fx80) + basic_machine=fx80-alliant + ;; + altos | altos3068) + basic_machine=m68k-altos + ;; + am29k) + basic_machine=a29k-none + os=-bsd + ;; + amd64) + basic_machine=x86_64-pc + ;; + amd64-*) + basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + amdahl) + basic_machine=580-amdahl + os=-sysv + ;; + amiga | amiga-*) + basic_machine=m68k-unknown + ;; + amigaos | amigados) + basic_machine=m68k-unknown + os=-amigaos + ;; + amigaunix | amix) + basic_machine=m68k-unknown + os=-sysv4 + ;; + apollo68) + basic_machine=m68k-apollo + os=-sysv + ;; + apollo68bsd) + basic_machine=m68k-apollo + os=-bsd + ;; + aros) + basic_machine=i386-pc + os=-aros + ;; + aux) + basic_machine=m68k-apple + os=-aux + ;; + balance) + basic_machine=ns32k-sequent + os=-dynix + ;; + blackfin) + basic_machine=bfin-unknown + os=-linux + ;; + blackfin-*) + basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + bluegene*) + basic_machine=powerpc-ibm + os=-cnk + ;; + c90) + basic_machine=c90-cray + os=-unicos + ;; + cegcc) + basic_machine=arm-unknown + os=-cegcc + ;; + convex-c1) + basic_machine=c1-convex + os=-bsd + ;; + convex-c2) + basic_machine=c2-convex + os=-bsd + ;; + convex-c32) + basic_machine=c32-convex + os=-bsd + ;; + convex-c34) + basic_machine=c34-convex + os=-bsd + ;; + convex-c38) + basic_machine=c38-convex + os=-bsd + ;; + cray | j90) + basic_machine=j90-cray + os=-unicos + ;; + craynv) + basic_machine=craynv-cray + os=-unicosmp + ;; + cr16) + basic_machine=cr16-unknown + os=-elf + ;; + crds | unos) + basic_machine=m68k-crds + ;; + crisv32 | crisv32-* | etraxfs*) + basic_machine=crisv32-axis + ;; + cris | cris-* | etrax*) + basic_machine=cris-axis + ;; + crx) + basic_machine=crx-unknown + os=-elf + ;; + da30 | da30-*) + basic_machine=m68k-da30 + ;; + decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) + basic_machine=mips-dec + ;; + decsystem10* | dec10*) + basic_machine=pdp10-dec + os=-tops10 + ;; + decsystem20* | dec20*) + basic_machine=pdp10-dec + os=-tops20 + ;; + delta | 3300 | motorola-3300 | motorola-delta \ + | 3300-motorola | delta-motorola) + basic_machine=m68k-motorola + ;; + delta88) + basic_machine=m88k-motorola + os=-sysv3 + ;; + dicos) + basic_machine=i686-pc + os=-dicos + ;; + djgpp) + basic_machine=i586-pc + os=-msdosdjgpp + ;; + dpx20 | dpx20-*) + basic_machine=rs6000-bull + os=-bosx + ;; + dpx2* | dpx2*-bull) + basic_machine=m68k-bull + os=-sysv3 + ;; + ebmon29k) + basic_machine=a29k-amd + os=-ebmon + ;; + elxsi) + basic_machine=elxsi-elxsi + os=-bsd + ;; + encore | umax | mmax) + basic_machine=ns32k-encore + ;; + es1800 | OSE68k | ose68k | ose | OSE) + basic_machine=m68k-ericsson + os=-ose + ;; + fx2800) + basic_machine=i860-alliant + ;; + genix) + basic_machine=ns32k-ns + ;; + gmicro) + basic_machine=tron-gmicro + os=-sysv + ;; + go32) + basic_machine=i386-pc + os=-go32 + ;; + h3050r* | hiux*) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + h8300hms) + basic_machine=h8300-hitachi + os=-hms + ;; + h8300xray) + basic_machine=h8300-hitachi + os=-xray + ;; + h8500hms) + basic_machine=h8500-hitachi + os=-hms + ;; + harris) + basic_machine=m88k-harris + os=-sysv3 + ;; + hp300-*) + basic_machine=m68k-hp + ;; + hp300bsd) + basic_machine=m68k-hp + os=-bsd + ;; + hp300hpux) + basic_machine=m68k-hp + os=-hpux + ;; + hp3k9[0-9][0-9] | hp9[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k2[0-9][0-9] | hp9k31[0-9]) + basic_machine=m68000-hp + ;; + hp9k3[2-9][0-9]) + basic_machine=m68k-hp + ;; + hp9k6[0-9][0-9] | hp6[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k7[0-79][0-9] | hp7[0-79][0-9]) + basic_machine=hppa1.1-hp + ;; + hp9k78[0-9] | hp78[0-9]) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][13679] | hp8[0-9][13679]) + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][0-9] | hp8[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hppa-next) + os=-nextstep3 + ;; + hppaosf) + basic_machine=hppa1.1-hp + os=-osf + ;; + hppro) + basic_machine=hppa1.1-hp + os=-proelf + ;; + i370-ibm* | ibm*) + basic_machine=i370-ibm + ;; +# I'm not sure what "Sysv32" means. Should this be sysv3.2? + i*86v32) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv32 + ;; + i*86v4*) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv4 + ;; + i*86v) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv + ;; + i*86sol2) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-solaris2 + ;; + i386mach) + basic_machine=i386-mach + os=-mach + ;; + i386-vsta | vsta) + basic_machine=i386-unknown + os=-vsta + ;; + iris | iris4d) + basic_machine=mips-sgi + case $os in + -irix*) + ;; + *) + os=-irix4 + ;; + esac + ;; + isi68 | isi) + basic_machine=m68k-isi + os=-sysv + ;; + m68knommu) + basic_machine=m68k-unknown + os=-linux + ;; + m68knommu-*) + basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + m88k-omron*) + basic_machine=m88k-omron + ;; + magnum | m3230) + basic_machine=mips-mips + os=-sysv + ;; + merlin) + basic_machine=ns32k-utek + os=-sysv + ;; + microblaze) + basic_machine=microblaze-xilinx + ;; + mingw32) + basic_machine=i386-pc + os=-mingw32 + ;; + mingw32ce) + basic_machine=arm-unknown + os=-mingw32ce + ;; + miniframe) + basic_machine=m68000-convergent + ;; + *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; + mips3*-*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` + ;; + mips3*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown + ;; + monitor) + basic_machine=m68k-rom68k + os=-coff + ;; + morphos) + basic_machine=powerpc-unknown + os=-morphos + ;; + msdos) + basic_machine=i386-pc + os=-msdos + ;; + ms1-*) + basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` + ;; + mvs) + basic_machine=i370-ibm + os=-mvs + ;; + ncr3000) + basic_machine=i486-ncr + os=-sysv4 + ;; + netbsd386) + basic_machine=i386-unknown + os=-netbsd + ;; + netwinder) + basic_machine=armv4l-rebel + os=-linux + ;; + news | news700 | news800 | news900) + basic_machine=m68k-sony + os=-newsos + ;; + news1000) + basic_machine=m68030-sony + os=-newsos + ;; + news-3600 | risc-news) + basic_machine=mips-sony + os=-newsos + ;; + necv70) + basic_machine=v70-nec + os=-sysv + ;; + next | m*-next ) + basic_machine=m68k-next + case $os in + -nextstep* ) + ;; + -ns2*) + os=-nextstep2 + ;; + *) + os=-nextstep3 + ;; + esac + ;; + nh3000) + basic_machine=m68k-harris + os=-cxux + ;; + nh[45]000) + basic_machine=m88k-harris + os=-cxux + ;; + nindy960) + basic_machine=i960-intel + os=-nindy + ;; + mon960) + basic_machine=i960-intel + os=-mon960 + ;; + nonstopux) + basic_machine=mips-compaq + os=-nonstopux + ;; + np1) + basic_machine=np1-gould + ;; + nsr-tandem) + basic_machine=nsr-tandem + ;; + op50n-* | op60c-*) + basic_machine=hppa1.1-oki + os=-proelf + ;; + openrisc | openrisc-*) + basic_machine=or32-unknown + ;; + os400) + basic_machine=powerpc-ibm + os=-os400 + ;; + OSE68000 | ose68000) + basic_machine=m68000-ericsson + os=-ose + ;; + os68k) + basic_machine=m68k-none + os=-os68k + ;; + pa-hitachi) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + paragon) + basic_machine=i860-intel + os=-osf + ;; + parisc) + basic_machine=hppa-unknown + os=-linux + ;; + parisc-*) + basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + pbd) + basic_machine=sparc-tti + ;; + pbb) + basic_machine=m68k-tti + ;; + pc532 | pc532-*) + basic_machine=ns32k-pc532 + ;; + pc98) + basic_machine=i386-pc + ;; + pc98-*) + basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentium | p5 | k5 | k6 | nexgen | viac3) + basic_machine=i586-pc + ;; + pentiumpro | p6 | 6x86 | athlon | athlon_*) + basic_machine=i686-pc + ;; + pentiumii | pentium2 | pentiumiii | pentium3) + basic_machine=i686-pc + ;; + pentium4) + basic_machine=i786-pc + ;; + pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) + basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumpro-* | p6-* | 6x86-* | athlon-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentium4-*) + basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pn) + basic_machine=pn-gould + ;; + power) basic_machine=power-ibm + ;; + ppc) basic_machine=powerpc-unknown + ;; + ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppcle | powerpclittle | ppc-le | powerpc-little) + basic_machine=powerpcle-unknown + ;; + ppcle-* | powerpclittle-*) + basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64) basic_machine=powerpc64-unknown + ;; + ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64le | powerpc64little | ppc64-le | powerpc64-little) + basic_machine=powerpc64le-unknown + ;; + ppc64le-* | powerpc64little-*) + basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ps2) + basic_machine=i386-ibm + ;; + pw32) + basic_machine=i586-unknown + os=-pw32 + ;; + rdos) + basic_machine=i386-pc + os=-rdos + ;; + rom68k) + basic_machine=m68k-rom68k + os=-coff + ;; + rm[46]00) + basic_machine=mips-siemens + ;; + rtpc | rtpc-*) + basic_machine=romp-ibm + ;; + s390 | s390-*) + basic_machine=s390-ibm + ;; + s390x | s390x-*) + basic_machine=s390x-ibm + ;; + sa29200) + basic_machine=a29k-amd + os=-udi + ;; + sb1) + basic_machine=mipsisa64sb1-unknown + ;; + sb1el) + basic_machine=mipsisa64sb1el-unknown + ;; + sde) + basic_machine=mipsisa32-sde + os=-elf + ;; + sei) + basic_machine=mips-sei + os=-seiux + ;; + sequent) + basic_machine=i386-sequent + ;; + sh) + basic_machine=sh-hitachi + os=-hms + ;; + sh5el) + basic_machine=sh5le-unknown + ;; + sh64) + basic_machine=sh64-unknown + ;; + sparclite-wrs | simso-wrs) + basic_machine=sparclite-wrs + os=-vxworks + ;; + sps7) + basic_machine=m68k-bull + os=-sysv2 + ;; + spur) + basic_machine=spur-unknown + ;; + st2000) + basic_machine=m68k-tandem + ;; + stratus) + basic_machine=i860-stratus + os=-sysv4 + ;; + sun2) + basic_machine=m68000-sun + ;; + sun2os3) + basic_machine=m68000-sun + os=-sunos3 + ;; + sun2os4) + basic_machine=m68000-sun + os=-sunos4 + ;; + sun3os3) + basic_machine=m68k-sun + os=-sunos3 + ;; + sun3os4) + basic_machine=m68k-sun + os=-sunos4 + ;; + sun4os3) + basic_machine=sparc-sun + os=-sunos3 + ;; + sun4os4) + basic_machine=sparc-sun + os=-sunos4 + ;; + sun4sol2) + basic_machine=sparc-sun + os=-solaris2 + ;; + sun3 | sun3-*) + basic_machine=m68k-sun + ;; + sun4) + basic_machine=sparc-sun + ;; + sun386 | sun386i | roadrunner) + basic_machine=i386-sun + ;; + sv1) + basic_machine=sv1-cray + os=-unicos + ;; + symmetry) + basic_machine=i386-sequent + os=-dynix + ;; + t3e) + basic_machine=alphaev5-cray + os=-unicos + ;; + t90) + basic_machine=t90-cray + os=-unicos + ;; + tic54x | c54x*) + basic_machine=tic54x-unknown + os=-coff + ;; + tic55x | c55x*) + basic_machine=tic55x-unknown + os=-coff + ;; + tic6x | c6x*) + basic_machine=tic6x-unknown + os=-coff + ;; + tile*) + basic_machine=tile-unknown + os=-linux-gnu + ;; + tx39) + basic_machine=mipstx39-unknown + ;; + tx39el) + basic_machine=mipstx39el-unknown + ;; + toad1) + basic_machine=pdp10-xkl + os=-tops20 + ;; + tower | tower-32) + basic_machine=m68k-ncr + ;; + tpf) + basic_machine=s390x-ibm + os=-tpf + ;; + udi29k) + basic_machine=a29k-amd + os=-udi + ;; + ultra3) + basic_machine=a29k-nyu + os=-sym1 + ;; + v810 | necv810) + basic_machine=v810-nec + os=-none + ;; + vaxv) + basic_machine=vax-dec + os=-sysv + ;; + vms) + basic_machine=vax-dec + os=-vms + ;; + vpp*|vx|vx-*) + basic_machine=f301-fujitsu + ;; + vxworks960) + basic_machine=i960-wrs + os=-vxworks + ;; + vxworks68) + basic_machine=m68k-wrs + os=-vxworks + ;; + vxworks29k) + basic_machine=a29k-wrs + os=-vxworks + ;; + w65*) + basic_machine=w65-wdc + os=-none + ;; + w89k-*) + basic_machine=hppa1.1-winbond + os=-proelf + ;; + xbox) + basic_machine=i686-pc + os=-mingw32 + ;; + xps | xps100) + basic_machine=xps100-honeywell + ;; + ymp) + basic_machine=ymp-cray + os=-unicos + ;; + z8k-*-coff) + basic_machine=z8k-unknown + os=-sim + ;; + z80-*-coff) + basic_machine=z80-unknown + os=-sim + ;; + none) + basic_machine=none-none + os=-none + ;; + +# Here we handle the default manufacturer of certain CPU types. It is in +# some cases the only manufacturer, in others, it is the most popular. + w89k) + basic_machine=hppa1.1-winbond + ;; + op50n) + basic_machine=hppa1.1-oki + ;; + op60c) + basic_machine=hppa1.1-oki + ;; + romp) + basic_machine=romp-ibm + ;; + mmix) + basic_machine=mmix-knuth + ;; + rs6000) + basic_machine=rs6000-ibm + ;; + vax) + basic_machine=vax-dec + ;; + pdp10) + # there are many clones, so DEC is not a safe bet + basic_machine=pdp10-unknown + ;; + pdp11) + basic_machine=pdp11-dec + ;; + we32k) + basic_machine=we32k-att + ;; + sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) + basic_machine=sh-unknown + ;; + sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) + basic_machine=sparc-sun + ;; + cydra) + basic_machine=cydra-cydrome + ;; + orion) + basic_machine=orion-highlevel + ;; + orion105) + basic_machine=clipper-highlevel + ;; + mac | mpw | mac-mpw) + basic_machine=m68k-apple + ;; + pmac | pmac-mpw) + basic_machine=powerpc-apple + ;; + *-unknown) + # Make sure to match an already-canonicalized machine name. + ;; + *) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; +esac + +# Here we canonicalize certain aliases for manufacturers. +case $basic_machine in + *-digital*) + basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` + ;; + *-commodore*) + basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` + ;; + *) + ;; +esac + +# Decode manufacturer-specific aliases for certain operating systems. + +if [ x"$os" != x"" ] +then +case $os in + # First match some system type aliases + # that might get confused with valid system types. + # -solaris* is a basic system type, with this one exception. + -auroraux) + os=-auroraux + ;; + -solaris1 | -solaris1.*) + os=`echo $os | sed -e 's|solaris1|sunos4|'` + ;; + -solaris) + os=-solaris2 + ;; + -svr4*) + os=-sysv4 + ;; + -unixware*) + os=-sysv4.2uw + ;; + -gnu/linux*) + os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` + ;; + # First accept the basic system types. + # The portable systems comes first. + # Each alternative MUST END IN A *, to match a version number. + # -sysv* is not here because it comes later, after sysvr4. + -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ + | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ + | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ + | -sym* | -kopensolaris* \ + | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ + | -aos* | -aros* \ + | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ + | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ + | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ + | -openbsd* | -solidbsd* \ + | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ + | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ + | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ + | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ + | -chorusos* | -chorusrdb* | -cegcc* \ + | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ + | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ + | -uxpv* | -beos* | -mpeix* | -udk* \ + | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ + | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ + | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ + | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ + | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ + | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ + | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*) + # Remember, each alternative MUST END IN *, to match a version number. + ;; + -qnx*) + case $basic_machine in + x86-* | i*86-*) + ;; + *) + os=-nto$os + ;; + esac + ;; + -nto-qnx*) + ;; + -nto*) + os=`echo $os | sed -e 's|nto|nto-qnx|'` + ;; + -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ + | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ + | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) + ;; + -mac*) + os=`echo $os | sed -e 's|mac|macos|'` + ;; + -linux-dietlibc) + os=-linux-dietlibc + ;; + -linux*) + os=`echo $os | sed -e 's|linux|linux-gnu|'` + ;; + -sunos5*) + os=`echo $os | sed -e 's|sunos5|solaris2|'` + ;; + -sunos6*) + os=`echo $os | sed -e 's|sunos6|solaris3|'` + ;; + -opened*) + os=-openedition + ;; + -os400*) + os=-os400 + ;; + -wince*) + os=-wince + ;; + -osfrose*) + os=-osfrose + ;; + -osf*) + os=-osf + ;; + -utek*) + os=-bsd + ;; + -dynix*) + os=-bsd + ;; + -acis*) + os=-aos + ;; + -atheos*) + os=-atheos + ;; + -syllable*) + os=-syllable + ;; + -386bsd) + os=-bsd + ;; + -ctix* | -uts*) + os=-sysv + ;; + -nova*) + os=-rtmk-nova + ;; + -ns2 ) + os=-nextstep2 + ;; + -nsk*) + os=-nsk + ;; + # Preserve the version number of sinix5. + -sinix5.*) + os=`echo $os | sed -e 's|sinix|sysv|'` + ;; + -sinix*) + os=-sysv4 + ;; + -tpf*) + os=-tpf + ;; + -triton*) + os=-sysv3 + ;; + -oss*) + os=-sysv3 + ;; + -svr4) + os=-sysv4 + ;; + -svr3) + os=-sysv3 + ;; + -sysvr4) + os=-sysv4 + ;; + # This must come after -sysvr4. + -sysv*) + ;; + -ose*) + os=-ose + ;; + -es1800*) + os=-ose + ;; + -xenix) + os=-xenix + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + os=-mint + ;; + -aros*) + os=-aros + ;; + -kaos*) + os=-kaos + ;; + -zvmoe) + os=-zvmoe + ;; + -dicos*) + os=-dicos + ;; + -none) + ;; + *) + # Get rid of the `-' at the beginning of $os. + os=`echo $os | sed 's/[^-]*-//'` + echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 + exit 1 + ;; +esac +else + +# Here we handle the default operating systems that come with various machines. +# The value should be what the vendor currently ships out the door with their +# machine or put another way, the most popular os provided with the machine. + +# Note that if you're going to try to match "-MANUFACTURER" here (say, +# "-sun"), then you have to tell the case statement up towards the top +# that MANUFACTURER isn't an operating system. Otherwise, code above +# will signal an error saying that MANUFACTURER isn't an operating +# system, and we'll never get to this point. + +case $basic_machine in + score-*) + os=-elf + ;; + spu-*) + os=-elf + ;; + *-acorn) + os=-riscix1.2 + ;; + arm*-rebel) + os=-linux + ;; + arm*-semi) + os=-aout + ;; + c4x-* | tic4x-*) + os=-coff + ;; + # This must come before the *-dec entry. + pdp10-*) + os=-tops20 + ;; + pdp11-*) + os=-none + ;; + *-dec | vax-*) + os=-ultrix4.2 + ;; + m68*-apollo) + os=-domain + ;; + i386-sun) + os=-sunos4.0.2 + ;; + m68000-sun) + os=-sunos3 + # This also exists in the configure program, but was not the + # default. + # os=-sunos4 + ;; + m68*-cisco) + os=-aout + ;; + mep-*) + os=-elf + ;; + mips*-cisco) + os=-elf + ;; + mips*-*) + os=-elf + ;; + or32-*) + os=-coff + ;; + *-tti) # must be before sparc entry or we get the wrong os. + os=-sysv3 + ;; + sparc-* | *-sun) + os=-sunos4.1.1 + ;; + *-be) + os=-beos + ;; + *-haiku) + os=-haiku + ;; + *-ibm) + os=-aix + ;; + *-knuth) + os=-mmixware + ;; + *-wec) + os=-proelf + ;; + *-winbond) + os=-proelf + ;; + *-oki) + os=-proelf + ;; + *-hp) + os=-hpux + ;; + *-hitachi) + os=-hiux + ;; + i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) + os=-sysv + ;; + *-cbm) + os=-amigaos + ;; + *-dg) + os=-dgux + ;; + *-dolphin) + os=-sysv3 + ;; + m68k-ccur) + os=-rtu + ;; + m88k-omron*) + os=-luna + ;; + *-next ) + os=-nextstep + ;; + *-sequent) + os=-ptx + ;; + *-crds) + os=-unos + ;; + *-ns) + os=-genix + ;; + i370-*) + os=-mvs + ;; + *-next) + os=-nextstep3 + ;; + *-gould) + os=-sysv + ;; + *-highlevel) + os=-bsd + ;; + *-encore) + os=-bsd + ;; + *-sgi) + os=-irix + ;; + *-siemens) + os=-sysv4 + ;; + *-masscomp) + os=-rtu + ;; + f30[01]-fujitsu | f700-fujitsu) + os=-uxpv + ;; + *-rom68k) + os=-coff + ;; + *-*bug) + os=-coff + ;; + *-apple) + os=-macos + ;; + *-atari*) + os=-mint + ;; + *) + os=-none + ;; +esac +fi + +# Here we handle the case where we know the os, and the CPU type, but not the +# manufacturer. We pick the logical manufacturer. +vendor=unknown +case $basic_machine in + *-unknown) + case $os in + -riscix*) + vendor=acorn + ;; + -sunos*) + vendor=sun + ;; + -cnk*|-aix*) + vendor=ibm + ;; + -beos*) + vendor=be + ;; + -hpux*) + vendor=hp + ;; + -mpeix*) + vendor=hp + ;; + -hiux*) + vendor=hitachi + ;; + -unos*) + vendor=crds + ;; + -dgux*) + vendor=dg + ;; + -luna*) + vendor=omron + ;; + -genix*) + vendor=ns + ;; + -mvs* | -opened*) + vendor=ibm + ;; + -os400*) + vendor=ibm + ;; + -ptx*) + vendor=sequent + ;; + -tpf*) + vendor=ibm + ;; + -vxsim* | -vxworks* | -windiss*) + vendor=wrs + ;; + -aux*) + vendor=apple + ;; + -hms*) + vendor=hitachi + ;; + -mpw* | -macos*) + vendor=apple + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + vendor=atari + ;; + -vos*) + vendor=stratus + ;; + esac + basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` + ;; +esac + +echo $basic_machine$os +exit + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff --git a/lib/libedit/configure b/lib/libedit/configure new file mode 100755 index 000000000000..8c449328ea5d --- /dev/null +++ b/lib/libedit/configure @@ -0,0 +1,15262 @@ +#! /bin/sh +# Guess values for system-dependent variables and create Makefiles. +# Generated by GNU Autoconf 2.65 for libedit 3.0. +# +# +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, +# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# +# +# This configure script is free software; the Free Software Foundation +# gives unlimited permission to copy, distribute and modify it. +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +if test "x$CONFIG_SHELL" = x; then + as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which + # is contrary to our usage. Disable this feature. + alias -g '\${1+\"\$@\"}'='\"\$@\"' + setopt NO_GLOB_SUBST +else + case \`(set -o) 2>/dev/null\` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi +" + as_required="as_fn_return () { (exit \$1); } +as_fn_success () { as_fn_return 0; } +as_fn_failure () { as_fn_return 1; } +as_fn_ret_success () { return 0; } +as_fn_ret_failure () { return 1; } + +exitcode=0 +as_fn_success || { exitcode=1; echo as_fn_success failed.; } +as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } +as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } +as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } +if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : + +else + exitcode=1; echo positional parameters were not saved. +fi +test x\$exitcode = x0 || exit 1" + as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO + as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO + eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && + test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 +test \$(( 1 + 1 )) = 2 || exit 1 + + test -n \"\${ZSH_VERSION+set}\${BASH_VERSION+set}\" || ( + ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' + ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO + ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO + PATH=/empty FPATH=/empty; export PATH FPATH + test \"X\`printf %s \$ECHO\`\" = \"X\$ECHO\" \\ + || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" ) || exit 1" + if (eval "$as_required") 2>/dev/null; then : + as_have_required=yes +else + as_have_required=no +fi + if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : + +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_found=false +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + as_found=: + case $as_dir in #( + /*) + for as_base in sh bash ksh sh5; do + # Try only shells that exist, to save several forks. + as_shell=$as_dir/$as_base + if { test -f "$as_shell" || test -f "$as_shell.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : + CONFIG_SHELL=$as_shell as_have_required=yes + if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : + break 2 +fi +fi + done;; + esac + as_found=false +done +$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : + CONFIG_SHELL=$SHELL as_have_required=yes +fi; } +IFS=$as_save_IFS + + + if test "x$CONFIG_SHELL" != x; then : + # We cannot yet assume a decent shell, so we have to provide a + # neutralization value for shells without unset; and this also + # works around shells that cannot unset nonexistent variables. + BASH_ENV=/dev/null + ENV=/dev/null + (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV + export CONFIG_SHELL + exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"} +fi + + if test x$as_have_required = xno; then : + $as_echo "$0: This script requires a shell more modern than all" + $as_echo "$0: the shells that I found on your system." + if test x${ZSH_VERSION+set} = xset ; then + $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" + $as_echo "$0: be upgraded to zsh 4.3.4 or later." + else + $as_echo "$0: Please tell bug-autoconf@gnu.org about your system, +$0: including any error possibly output before this +$0: message. Then install a modern shell, or manually run +$0: the script under such a shell if you do have one." + fi + exit 1 +fi +fi +fi +SHELL=${CONFIG_SHELL-/bin/sh} +export SHELL +# Unset more variables known to interfere with behavior of common tools. +CLICOLOR_FORCE= GREP_OPTIONS= +unset CLICOLOR_FORCE GREP_OPTIONS + +## --------------------- ## +## M4sh Shell Functions. ## +## --------------------- ## +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error "cannot create directory $as_dir" + + +} # as_fn_mkdir_p +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +# as_fn_error ERROR [LINENO LOG_FD] +# --------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with status $?, using 1 if that was 0. +as_fn_error () +{ + as_status=$?; test $as_status -eq 0 && as_status=1 + if test "$3"; then + as_lineno=${as_lineno-"$2"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $1" >&$3 + fi + $as_echo "$as_me: error: $1" >&2 + as_fn_exit $as_status +} # as_fn_error + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + + + as_lineno_1=$LINENO as_lineno_1a=$LINENO + as_lineno_2=$LINENO as_lineno_2a=$LINENO + eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && + test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { + # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) + sed -n ' + p + /[$]LINENO/= + ' <$as_myself | + sed ' + s/[$]LINENO.*/&-/ + t lineno + b + :lineno + N + :loop + s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ + t loop + s/-\n.*// + ' >$as_me.lineno && + chmod +x "$as_me.lineno" || + { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensitive to this). + . "./$as_me.lineno" + # Exit status is that of the last command. + exit +} + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -p'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -p' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -p' + fi +else + as_ln_s='cp -p' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + +if test -x / >/dev/null 2>&1; then + as_test_x='test -x' +else + if ls -dL / >/dev/null 2>&1; then + as_ls_L_option=L + else + as_ls_L_option= + fi + as_test_x=' + eval sh -c '\'' + if test -d "$1"; then + test -d "$1/."; + else + case $1 in #( + -*)set "./$1";; + esac; + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( + ???[sx]*):;;*)false;;esac;fi + '\'' sh + ' +fi +as_executable_p=$as_test_x + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + +SHELL=${CONFIG_SHELL-/bin/sh} + + +test -n "$DJDIR" || exec 7<&0 &1 + +# Name of the host. +# hostname on some systems (SVR3.2, Linux) returns a bogus exit status, +# so uname gets run too. +ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` + +# +# Initializations. +# +ac_default_prefix=/usr/local +ac_clean_files= +ac_config_libobj_dir=. +LIBOBJS= +cross_compiling=no +subdirs= +MFLAGS= +MAKEFLAGS= + +# Identity of this package. +PACKAGE_NAME='libedit' +PACKAGE_TARNAME='libedit-20110730' +PACKAGE_VERSION='3.0' +PACKAGE_STRING='libedit 3.0' +PACKAGE_BUGREPORT='' +PACKAGE_URL='' + +ac_unique_file="src/strlcat.c" +# Factoring default headers for most tests. +ac_includes_default="\ +#include +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#ifdef HAVE_SYS_STAT_H +# include +#endif +#ifdef STDC_HEADERS +# include +# include +#else +# ifdef HAVE_STDLIB_H +# include +# endif +#endif +#ifdef HAVE_STRING_H +# if !defined STDC_HEADERS && defined HAVE_MEMORY_H +# include +# endif +# include +#endif +#ifdef HAVE_STRINGS_H +# include +#endif +#ifdef HAVE_INTTYPES_H +# include +#endif +#ifdef HAVE_STDINT_H +# include +#endif +#ifdef HAVE_UNISTD_H +# include +#endif" + +ac_subst_vars='am__EXEEXT_FALSE +am__EXEEXT_TRUE +LTLIBOBJS +LIBOBJS +ALLOCA +WIDECHAR_FALSE +WIDECHAR_TRUE +MANTYPE +NROFF +AM_BACKSLASH +AM_DEFAULT_VERBOSITY +LT_VERSION +OTOOL64 +OTOOL +LIPO +NMEDIT +DSYMUTIL +MANIFEST_TOOL +RANLIB +ac_ct_AR +AR +DLLTOOL +OBJDUMP +LN_S +NM +ac_ct_DUMPBIN +DUMPBIN +LD +FGREP +SED +host_os +host_vendor +host_cpu +host +build_os +build_vendor +build_cpu +build +LIBTOOL +am__fastdepCC_FALSE +am__fastdepCC_TRUE +CCDEPMODE +AMDEPBACKSLASH +AMDEP_FALSE +AMDEP_TRUE +am__quote +am__include +DEPDIR +am__untar +am__tar +AMTAR +am__leading_dot +SET_MAKE +AWK +mkdir_p +MKDIR_P +INSTALL_STRIP_PROGRAM +STRIP +install_sh +MAKEINFO +AUTOHEADER +AUTOMAKE +AUTOCONF +ACLOCAL +VERSION +PACKAGE +CYGPATH_W +am__isrc +INSTALL_DATA +INSTALL_SCRIPT +INSTALL_PROGRAM +EGREP +GREP +CPP +OBJEXT +EXEEXT +ac_ct_CC +CPPFLAGS +LDFLAGS +CFLAGS +CC +target_alias +host_alias +build_alias +LIBS +ECHO_T +ECHO_N +ECHO_C +DEFS +mandir +localedir +libdir +psdir +pdfdir +dvidir +htmldir +infodir +docdir +oldincludedir +includedir +localstatedir +sharedstatedir +sysconfdir +datadir +datarootdir +libexecdir +sbindir +bindir +program_transform_name +prefix +exec_prefix +PACKAGE_URL +PACKAGE_BUGREPORT +PACKAGE_STRING +PACKAGE_VERSION +PACKAGE_TARNAME +PACKAGE_NAME +PATH_SEPARATOR +SHELL' +ac_subst_files='' +ac_user_opts=' +enable_option_checking +enable_dependency_tracking +enable_shared +enable_static +with_pic +enable_fast_install +with_gnu_ld +with_sysroot +enable_libtool_lock +enable_silent_rules +enable_widec +' + ac_precious_vars='build_alias +host_alias +target_alias +CC +CFLAGS +LDFLAGS +LIBS +CPPFLAGS +CPP' + + +# Initialize some variables set by options. +ac_init_help= +ac_init_version=false +ac_unrecognized_opts= +ac_unrecognized_sep= +# The variables have the same names as the options, with +# dashes changed to underlines. +cache_file=/dev/null +exec_prefix=NONE +no_create= +no_recursion= +prefix=NONE +program_prefix=NONE +program_suffix=NONE +program_transform_name=s,x,x, +silent= +site= +srcdir= +verbose= +x_includes=NONE +x_libraries=NONE + +# Installation directory options. +# These are left unexpanded so users can "make install exec_prefix=/foo" +# and all the variables that are supposed to be based on exec_prefix +# by default will actually change. +# Use braces instead of parens because sh, perl, etc. also accept them. +# (The list follows the same order as the GNU Coding Standards.) +bindir='${exec_prefix}/bin' +sbindir='${exec_prefix}/sbin' +libexecdir='${exec_prefix}/libexec' +datarootdir='${prefix}/share' +datadir='${datarootdir}' +sysconfdir='${prefix}/etc' +sharedstatedir='${prefix}/com' +localstatedir='${prefix}/var' +includedir='${prefix}/include' +oldincludedir='/usr/include' +docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' +infodir='${datarootdir}/info' +htmldir='${docdir}' +dvidir='${docdir}' +pdfdir='${docdir}' +psdir='${docdir}' +libdir='${exec_prefix}/lib' +localedir='${datarootdir}/locale' +mandir='${datarootdir}/man' + +ac_prev= +ac_dashdash= +for ac_option +do + # If the previous option needs an argument, assign it. + if test -n "$ac_prev"; then + eval $ac_prev=\$ac_option + ac_prev= + continue + fi + + case $ac_option in + *=*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; + *) ac_optarg=yes ;; + esac + + # Accept the important Cygnus configure options, so we can diagnose typos. + + case $ac_dashdash$ac_option in + --) + ac_dashdash=yes ;; + + -bindir | --bindir | --bindi | --bind | --bin | --bi) + ac_prev=bindir ;; + -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) + bindir=$ac_optarg ;; + + -build | --build | --buil | --bui | --bu) + ac_prev=build_alias ;; + -build=* | --build=* | --buil=* | --bui=* | --bu=*) + build_alias=$ac_optarg ;; + + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) + cache_file=$ac_optarg ;; + + --config-cache | -C) + cache_file=config.cache ;; + + -datadir | --datadir | --datadi | --datad) + ac_prev=datadir ;; + -datadir=* | --datadir=* | --datadi=* | --datad=*) + datadir=$ac_optarg ;; + + -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ + | --dataroo | --dataro | --datar) + ac_prev=datarootdir ;; + -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ + | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) + datarootdir=$ac_optarg ;; + + -disable-* | --disable-*) + ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=no ;; + + -docdir | --docdir | --docdi | --doc | --do) + ac_prev=docdir ;; + -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) + docdir=$ac_optarg ;; + + -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) + ac_prev=dvidir ;; + -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) + dvidir=$ac_optarg ;; + + -enable-* | --enable-*) + ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=\$ac_optarg ;; + + -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ + | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ + | --exec | --exe | --ex) + ac_prev=exec_prefix ;; + -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ + | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ + | --exec=* | --exe=* | --ex=*) + exec_prefix=$ac_optarg ;; + + -gas | --gas | --ga | --g) + # Obsolete; use --with-gas. + with_gas=yes ;; + + -help | --help | --hel | --he | -h) + ac_init_help=long ;; + -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) + ac_init_help=recursive ;; + -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) + ac_init_help=short ;; + + -host | --host | --hos | --ho) + ac_prev=host_alias ;; + -host=* | --host=* | --hos=* | --ho=*) + host_alias=$ac_optarg ;; + + -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) + ac_prev=htmldir ;; + -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ + | --ht=*) + htmldir=$ac_optarg ;; + + -includedir | --includedir | --includedi | --included | --include \ + | --includ | --inclu | --incl | --inc) + ac_prev=includedir ;; + -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ + | --includ=* | --inclu=* | --incl=* | --inc=*) + includedir=$ac_optarg ;; + + -infodir | --infodir | --infodi | --infod | --info | --inf) + ac_prev=infodir ;; + -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) + infodir=$ac_optarg ;; + + -libdir | --libdir | --libdi | --libd) + ac_prev=libdir ;; + -libdir=* | --libdir=* | --libdi=* | --libd=*) + libdir=$ac_optarg ;; + + -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ + | --libexe | --libex | --libe) + ac_prev=libexecdir ;; + -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ + | --libexe=* | --libex=* | --libe=*) + libexecdir=$ac_optarg ;; + + -localedir | --localedir | --localedi | --localed | --locale) + ac_prev=localedir ;; + -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) + localedir=$ac_optarg ;; + + -localstatedir | --localstatedir | --localstatedi | --localstated \ + | --localstate | --localstat | --localsta | --localst | --locals) + ac_prev=localstatedir ;; + -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ + | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) + localstatedir=$ac_optarg ;; + + -mandir | --mandir | --mandi | --mand | --man | --ma | --m) + ac_prev=mandir ;; + -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) + mandir=$ac_optarg ;; + + -nfp | --nfp | --nf) + # Obsolete; use --without-fp. + with_fp=no ;; + + -no-create | --no-create | --no-creat | --no-crea | --no-cre \ + | --no-cr | --no-c | -n) + no_create=yes ;; + + -no-recursion | --no-recursion | --no-recursio | --no-recursi \ + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) + no_recursion=yes ;; + + -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ + | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ + | --oldin | --oldi | --old | --ol | --o) + ac_prev=oldincludedir ;; + -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ + | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ + | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) + oldincludedir=$ac_optarg ;; + + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + prefix=$ac_optarg ;; + + -program-prefix | --program-prefix | --program-prefi | --program-pref \ + | --program-pre | --program-pr | --program-p) + ac_prev=program_prefix ;; + -program-prefix=* | --program-prefix=* | --program-prefi=* \ + | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) + program_prefix=$ac_optarg ;; + + -program-suffix | --program-suffix | --program-suffi | --program-suff \ + | --program-suf | --program-su | --program-s) + ac_prev=program_suffix ;; + -program-suffix=* | --program-suffix=* | --program-suffi=* \ + | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) + program_suffix=$ac_optarg ;; + + -program-transform-name | --program-transform-name \ + | --program-transform-nam | --program-transform-na \ + | --program-transform-n | --program-transform- \ + | --program-transform | --program-transfor \ + | --program-transfo | --program-transf \ + | --program-trans | --program-tran \ + | --progr-tra | --program-tr | --program-t) + ac_prev=program_transform_name ;; + -program-transform-name=* | --program-transform-name=* \ + | --program-transform-nam=* | --program-transform-na=* \ + | --program-transform-n=* | --program-transform-=* \ + | --program-transform=* | --program-transfor=* \ + | --program-transfo=* | --program-transf=* \ + | --program-trans=* | --program-tran=* \ + | --progr-tra=* | --program-tr=* | --program-t=*) + program_transform_name=$ac_optarg ;; + + -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) + ac_prev=pdfdir ;; + -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) + pdfdir=$ac_optarg ;; + + -psdir | --psdir | --psdi | --psd | --ps) + ac_prev=psdir ;; + -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) + psdir=$ac_optarg ;; + + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + silent=yes ;; + + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) + ac_prev=sbindir ;; + -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ + | --sbi=* | --sb=*) + sbindir=$ac_optarg ;; + + -sharedstatedir | --sharedstatedir | --sharedstatedi \ + | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ + | --sharedst | --shareds | --shared | --share | --shar \ + | --sha | --sh) + ac_prev=sharedstatedir ;; + -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ + | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ + | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ + | --sha=* | --sh=*) + sharedstatedir=$ac_optarg ;; + + -site | --site | --sit) + ac_prev=site ;; + -site=* | --site=* | --sit=*) + site=$ac_optarg ;; + + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + srcdir=$ac_optarg ;; + + -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ + | --syscon | --sysco | --sysc | --sys | --sy) + ac_prev=sysconfdir ;; + -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ + | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) + sysconfdir=$ac_optarg ;; + + -target | --target | --targe | --targ | --tar | --ta | --t) + ac_prev=target_alias ;; + -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) + target_alias=$ac_optarg ;; + + -v | -verbose | --verbose | --verbos | --verbo | --verb) + verbose=yes ;; + + -version | --version | --versio | --versi | --vers | -V) + ac_init_version=: ;; + + -with-* | --with-*) + ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=\$ac_optarg ;; + + -without-* | --without-*) + ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=no ;; + + --x) + # Obsolete; use --with-x. + with_x=yes ;; + + -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ + | --x-incl | --x-inc | --x-in | --x-i) + ac_prev=x_includes ;; + -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ + | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) + x_includes=$ac_optarg ;; + + -x-libraries | --x-libraries | --x-librarie | --x-librari \ + | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) + ac_prev=x_libraries ;; + -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ + | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) + x_libraries=$ac_optarg ;; + + -*) as_fn_error "unrecognized option: \`$ac_option' +Try \`$0 --help' for more information." + ;; + + *=*) + ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` + # Reject names that are not valid shell variable names. + case $ac_envvar in #( + '' | [0-9]* | *[!_$as_cr_alnum]* ) + as_fn_error "invalid variable name: \`$ac_envvar'" ;; + esac + eval $ac_envvar=\$ac_optarg + export $ac_envvar ;; + + *) + # FIXME: should be removed in autoconf 3.0. + $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 + expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && + $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 + : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} + ;; + + esac +done + +if test -n "$ac_prev"; then + ac_option=--`echo $ac_prev | sed 's/_/-/g'` + as_fn_error "missing argument to $ac_option" +fi + +if test -n "$ac_unrecognized_opts"; then + case $enable_option_checking in + no) ;; + fatal) as_fn_error "unrecognized options: $ac_unrecognized_opts" ;; + *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; + esac +fi + +# Check all directory arguments for consistency. +for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ + datadir sysconfdir sharedstatedir localstatedir includedir \ + oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ + libdir localedir mandir +do + eval ac_val=\$$ac_var + # Remove trailing slashes. + case $ac_val in + */ ) + ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` + eval $ac_var=\$ac_val;; + esac + # Be sure to have absolute directory names. + case $ac_val in + [\\/$]* | ?:[\\/]* ) continue;; + NONE | '' ) case $ac_var in *prefix ) continue;; esac;; + esac + as_fn_error "expected an absolute directory name for --$ac_var: $ac_val" +done + +# There might be people who depend on the old broken behavior: `$host' +# used to hold the argument of --host etc. +# FIXME: To remove some day. +build=$build_alias +host=$host_alias +target=$target_alias + +# FIXME: To remove some day. +if test "x$host_alias" != x; then + if test "x$build_alias" = x; then + cross_compiling=maybe + $as_echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host. + If a cross compiler is detected then cross compile mode will be used." >&2 + elif test "x$build_alias" != "x$host_alias"; then + cross_compiling=yes + fi +fi + +ac_tool_prefix= +test -n "$host_alias" && ac_tool_prefix=$host_alias- + +test "$silent" = yes && exec 6>/dev/null + + +ac_pwd=`pwd` && test -n "$ac_pwd" && +ac_ls_di=`ls -di .` && +ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || + as_fn_error "working directory cannot be determined" +test "X$ac_ls_di" = "X$ac_pwd_ls_di" || + as_fn_error "pwd does not report name of working directory" + + +# Find the source files, if location was not specified. +if test -z "$srcdir"; then + ac_srcdir_defaulted=yes + # Try the directory containing this script, then the parent directory. + ac_confdir=`$as_dirname -- "$as_myself" || +$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_myself" : 'X\(//\)[^/]' \| \ + X"$as_myself" : 'X\(//\)$' \| \ + X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_myself" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + srcdir=$ac_confdir + if test ! -r "$srcdir/$ac_unique_file"; then + srcdir=.. + fi +else + ac_srcdir_defaulted=no +fi +if test ! -r "$srcdir/$ac_unique_file"; then + test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." + as_fn_error "cannot find sources ($ac_unique_file) in $srcdir" +fi +ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" +ac_abs_confdir=`( + cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error "$ac_msg" + pwd)` +# When building in place, set srcdir=. +if test "$ac_abs_confdir" = "$ac_pwd"; then + srcdir=. +fi +# Remove unnecessary trailing slashes from srcdir. +# Double slashes in file names in object file debugging info +# mess up M-x gdb in Emacs. +case $srcdir in +*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; +esac +for ac_var in $ac_precious_vars; do + eval ac_env_${ac_var}_set=\${${ac_var}+set} + eval ac_env_${ac_var}_value=\$${ac_var} + eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} + eval ac_cv_env_${ac_var}_value=\$${ac_var} +done + +# +# Report the --help message. +# +if test "$ac_init_help" = "long"; then + # Omit some internal or obsolete options to make the list less imposing. + # This message is too long to be a string in the A/UX 3.1 sh. + cat <<_ACEOF +\`configure' configures libedit 3.0 to adapt to many kinds of systems. + +Usage: $0 [OPTION]... [VAR=VALUE]... + +To assign environment variables (e.g., CC, CFLAGS...), specify them as +VAR=VALUE. See below for descriptions of some of the useful variables. + +Defaults for the options are specified in brackets. + +Configuration: + -h, --help display this help and exit + --help=short display options specific to this package + --help=recursive display the short help of all the included packages + -V, --version display version information and exit + -q, --quiet, --silent do not print \`checking...' messages + --cache-file=FILE cache test results in FILE [disabled] + -C, --config-cache alias for \`--cache-file=config.cache' + -n, --no-create do not create output files + --srcdir=DIR find the sources in DIR [configure dir or \`..'] + +Installation directories: + --prefix=PREFIX install architecture-independent files in PREFIX + [$ac_default_prefix] + --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX + [PREFIX] + +By default, \`make install' will install all the files in +\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify +an installation prefix other than \`$ac_default_prefix' using \`--prefix', +for instance \`--prefix=\$HOME'. + +For better control, use the options below. + +Fine tuning of the installation directories: + --bindir=DIR user executables [EPREFIX/bin] + --sbindir=DIR system admin executables [EPREFIX/sbin] + --libexecdir=DIR program executables [EPREFIX/libexec] + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] + --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] + --datadir=DIR read-only architecture-independent data [DATAROOTDIR] + --infodir=DIR info documentation [DATAROOTDIR/info] + --localedir=DIR locale-dependent data [DATAROOTDIR/locale] + --mandir=DIR man documentation [DATAROOTDIR/man] + --docdir=DIR documentation root + [DATAROOTDIR/doc/libedit-20110730] + --htmldir=DIR html documentation [DOCDIR] + --dvidir=DIR dvi documentation [DOCDIR] + --pdfdir=DIR pdf documentation [DOCDIR] + --psdir=DIR ps documentation [DOCDIR] +_ACEOF + + cat <<\_ACEOF + +Program names: + --program-prefix=PREFIX prepend PREFIX to installed program names + --program-suffix=SUFFIX append SUFFIX to installed program names + --program-transform-name=PROGRAM run sed PROGRAM on installed program names + +System types: + --build=BUILD configure for building on BUILD [guessed] + --host=HOST cross-compile to build programs to run on HOST [BUILD] +_ACEOF +fi + +if test -n "$ac_init_help"; then + case $ac_init_help in + short | recursive ) echo "Configuration of libedit 3.0:";; + esac + cat <<\_ACEOF + +Optional Features: + --disable-option-checking ignore unrecognized --enable/--with options + --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) + --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --disable-dependency-tracking speeds up one-time build + --enable-dependency-tracking do not reject slow dependency extractors + --enable-shared[=PKGS] build shared libraries [default=yes] + --enable-static[=PKGS] build static libraries [default=yes] + --enable-fast-install[=PKGS] + optimize for fast installation [default=yes] + --disable-libtool-lock avoid locking (might break parallel builds) + --enable-silent-rules less verbose build output (undo: `make V=1') + --disable-silent-rules verbose build output (undo: `make V=0') + --enable-widec compile with wide-char/UTF-8 code + +Optional Packages: + --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] + --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) + --with-pic try to use only PIC/non-PIC objects [default=use + both] + --with-gnu-ld assume the C compiler uses GNU ld [default=no] + --with-sysroot=DIR Search for dependent libraries within DIR + (or the compiler's sysroot if not specified). + +Some influential environment variables: + CC C compiler command + CFLAGS C compiler flags + LDFLAGS linker flags, e.g. -L if you have libraries in a + nonstandard directory + LIBS libraries to pass to the linker, e.g. -l + CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if + you have headers in a nonstandard directory + CPP C preprocessor + +Use these variables to override the choices made by `configure' or to help +it to find libraries and programs with nonstandard names/locations. + +Report bugs to the package provider. +_ACEOF +ac_status=$? +fi + +if test "$ac_init_help" = "recursive"; then + # If there are subdirs, report their specific --help. + for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue + test -d "$ac_dir" || + { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || + continue + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + cd "$ac_dir" || { ac_status=$?; continue; } + # Check for guested configure. + if test -f "$ac_srcdir/configure.gnu"; then + echo && + $SHELL "$ac_srcdir/configure.gnu" --help=recursive + elif test -f "$ac_srcdir/configure"; then + echo && + $SHELL "$ac_srcdir/configure" --help=recursive + else + $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + fi || ac_status=$? + cd "$ac_pwd" || { ac_status=$?; break; } + done +fi + +test -n "$ac_init_help" && exit $ac_status +if $ac_init_version; then + cat <<\_ACEOF +libedit configure 3.0 +generated by GNU Autoconf 2.65 + +Copyright (C) 2009 Free Software Foundation, Inc. +This configure script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it. +_ACEOF + exit +fi + +## ------------------------ ## +## Autoconf initialization. ## +## ------------------------ ## + +# ac_fn_c_try_compile LINENO +# -------------------------- +# Try to compile conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext + if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval + +} # ac_fn_c_try_compile + +# ac_fn_c_try_cpp LINENO +# ---------------------- +# Try to preprocess conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_cpp () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval + +} # ac_fn_c_try_cpp + +# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists, giving a warning if it cannot be compiled using +# the include files in INCLUDES and setting the cache variable VAR +# accordingly. +ac_fn_c_check_header_mongrel () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +else + # Is the header compilable? +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 +$as_echo_n "checking $2 usability... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_header_compiler=yes +else + ac_header_compiler=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 +$as_echo "$ac_header_compiler" >&6; } + +# Is the header present? +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 +$as_echo_n "checking $2 presence... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include <$2> +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + ac_header_preproc=yes +else + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 +$as_echo "$ac_header_preproc" >&6; } + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( + yes:no: ) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 +$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 +$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} + ;; + no:yes:* ) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 +$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 +$as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 +$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 +$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 +$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} + ;; +esac + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + eval "$3=\$ac_header_compiler" +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +fi + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + +} # ac_fn_c_check_header_mongrel + +# ac_fn_c_try_run LINENO +# ---------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes +# that executables *can* be run. +ac_fn_c_try_run () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then : + ac_retval=0 +else + $as_echo "$as_me: program exited with status $ac_status" >&5 + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=$ac_status +fi + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval + +} # ac_fn_c_try_run + +# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists and can be compiled using the include files in +# INCLUDES, setting the cache variable VAR accordingly. +ac_fn_c_check_header_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$3=yes" +else + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + +} # ac_fn_c_check_header_compile + +# ac_fn_c_try_link LINENO +# ----------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_link () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext conftest$ac_exeext + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && { + test "$cross_compiling" = yes || + $as_test_x conftest$ac_exeext + }; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information + # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would + # interfere with the next link command; also delete a directory that is + # left behind by Apple's compiler. We do this before executing the actions. + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + as_fn_set_status $ac_retval + +} # ac_fn_c_try_link + +# ac_fn_c_check_func LINENO FUNC VAR +# ---------------------------------- +# Tests whether FUNC exists, setting the cache variable VAR accordingly +ac_fn_c_check_func () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* Define $2 to an innocuous variant, in case declares $2. + For example, HP-UX 11i declares gettimeofday. */ +#define $2 innocuous_$2 + +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char $2 (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $2 + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char $2 (); +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined __stub_$2 || defined __stub___$2 +choke me +#endif + +int +main () +{ +return $2 (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + eval "$3=yes" +else + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + +} # ac_fn_c_check_func + +# ac_fn_c_check_type LINENO TYPE VAR INCLUDES +# ------------------------------------------- +# Tests whether TYPE exists after having included INCLUDES, setting cache +# variable VAR accordingly. +ac_fn_c_check_type () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + eval "$3=no" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +if (sizeof ($2)) + return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +if (sizeof (($2))) + return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +else + eval "$3=yes" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + +} # ac_fn_c_check_type +cat >config.log <<_ACEOF +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. + +It was created by libedit $as_me 3.0, which was +generated by GNU Autoconf 2.65. Invocation command line was + + $ $0 $@ + +_ACEOF +exec 5>>config.log +{ +cat <<_ASUNAME +## --------- ## +## Platform. ## +## --------- ## + +hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` + +/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` +/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` +/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` +/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` + +_ASUNAME + +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + $as_echo "PATH: $as_dir" + done +IFS=$as_save_IFS + +} >&5 + +cat >&5 <<_ACEOF + + +## ----------- ## +## Core tests. ## +## ----------- ## + +_ACEOF + + +# Keep a trace of the command line. +# Strip out --no-create and --no-recursion so they do not pile up. +# Strip out --silent because we don't want to record it for future runs. +# Also quote any args containing shell meta-characters. +# Make two passes to allow for proper duplicate-argument suppression. +ac_configure_args= +ac_configure_args0= +ac_configure_args1= +ac_must_keep_next=false +for ac_pass in 1 2 +do + for ac_arg + do + case $ac_arg in + -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + continue ;; + *\'*) + ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + case $ac_pass in + 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; + 2) + as_fn_append ac_configure_args1 " '$ac_arg'" + if test $ac_must_keep_next = true; then + ac_must_keep_next=false # Got value, back to normal. + else + case $ac_arg in + *=* | --config-cache | -C | -disable-* | --disable-* \ + | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ + | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ + | -with-* | --with-* | -without-* | --without-* | --x) + case "$ac_configure_args0 " in + "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; + esac + ;; + -* ) ac_must_keep_next=true ;; + esac + fi + as_fn_append ac_configure_args " '$ac_arg'" + ;; + esac + done +done +{ ac_configure_args0=; unset ac_configure_args0;} +{ ac_configure_args1=; unset ac_configure_args1;} + +# When interrupted or exit'd, cleanup temporary files, and complete +# config.log. We remove comments because anyway the quotes in there +# would cause problems or look ugly. +# WARNING: Use '\'' to represent an apostrophe within the trap. +# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. +trap 'exit_status=$? + # Save into config.log some information that might help in debugging. + { + echo + + cat <<\_ASBOX +## ---------------- ## +## Cache variables. ## +## ---------------- ## +_ASBOX + echo + # The following way of writing the cache mishandles newlines in values, +( + for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + (set) 2>&1 | + case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + sed -n \ + "s/'\''/'\''\\\\'\'''\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" + ;; #( + *) + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) + echo + + cat <<\_ASBOX +## ----------------- ## +## Output variables. ## +## ----------------- ## +_ASBOX + echo + for ac_var in $ac_subst_vars + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + + if test -n "$ac_subst_files"; then + cat <<\_ASBOX +## ------------------- ## +## File substitutions. ## +## ------------------- ## +_ASBOX + echo + for ac_var in $ac_subst_files + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + fi + + if test -s confdefs.h; then + cat <<\_ASBOX +## ----------- ## +## confdefs.h. ## +## ----------- ## +_ASBOX + echo + cat confdefs.h + echo + fi + test "$ac_signal" != 0 && + $as_echo "$as_me: caught signal $ac_signal" + $as_echo "$as_me: exit $exit_status" + } >&5 + rm -f core *.core core.conftest.* && + rm -f -r conftest* confdefs* conf$$* $ac_clean_files && + exit $exit_status +' 0 +for ac_signal in 1 2 13 15; do + trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal +done +ac_signal=0 + +# confdefs.h avoids OS command line length limits that DEFS can exceed. +rm -f -r conftest* confdefs.h + +$as_echo "/* confdefs.h */" > confdefs.h + +# Predefined preprocessor variables. + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_NAME "$PACKAGE_NAME" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_TARNAME "$PACKAGE_TARNAME" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_VERSION "$PACKAGE_VERSION" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_STRING "$PACKAGE_STRING" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_URL "$PACKAGE_URL" +_ACEOF + + +# Let the site file select an alternate cache file if it wants to. +# Prefer an explicitly selected file to automatically selected ones. +ac_site_file1=NONE +ac_site_file2=NONE +if test -n "$CONFIG_SITE"; then + ac_site_file1=$CONFIG_SITE +elif test "x$prefix" != xNONE; then + ac_site_file1=$prefix/share/config.site + ac_site_file2=$prefix/etc/config.site +else + ac_site_file1=$ac_default_prefix/share/config.site + ac_site_file2=$ac_default_prefix/etc/config.site +fi +for ac_site_file in "$ac_site_file1" "$ac_site_file2" +do + test "x$ac_site_file" = xNONE && continue + if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 +$as_echo "$as_me: loading site script $ac_site_file" >&6;} + sed 's/^/| /' "$ac_site_file" >&5 + . "$ac_site_file" + fi +done + +if test -r "$cache_file"; then + # Some versions of bash will fail to source /dev/null (special files + # actually), so we avoid doing that. DJGPP emulates it as a regular file. + if test /dev/null != "$cache_file" && test -f "$cache_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 +$as_echo "$as_me: loading cache $cache_file" >&6;} + case $cache_file in + [\\/]* | ?:[\\/]* ) . "$cache_file";; + *) . "./$cache_file";; + esac + fi +else + { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 +$as_echo "$as_me: creating cache $cache_file" >&6;} + >$cache_file +fi + +# Check that the precious variables saved in the cache have kept the same +# value. +ac_cache_corrupted=false +for ac_var in $ac_precious_vars; do + eval ac_old_set=\$ac_cv_env_${ac_var}_set + eval ac_new_set=\$ac_env_${ac_var}_set + eval ac_old_val=\$ac_cv_env_${ac_var}_value + eval ac_new_val=\$ac_env_${ac_var}_value + case $ac_old_set,$ac_new_set in + set,) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,set) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,);; + *) + if test "x$ac_old_val" != "x$ac_new_val"; then + # differences in whitespace do not lead to failure. + ac_old_val_w=`echo x $ac_old_val` + ac_new_val_w=`echo x $ac_new_val` + if test "$ac_old_val_w" != "$ac_new_val_w"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 +$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + ac_cache_corrupted=: + else + { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 +$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} + eval $ac_var=\$ac_old_val + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 +$as_echo "$as_me: former value: \`$ac_old_val'" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 +$as_echo "$as_me: current value: \`$ac_new_val'" >&2;} + fi;; + esac + # Pass precious variables to config.status. + if test "$ac_new_set" = set; then + case $ac_new_val in + *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *) ac_arg=$ac_var=$ac_new_val ;; + esac + case " $ac_configure_args " in + *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. + *) as_fn_append ac_configure_args " '$ac_arg'" ;; + esac + fi +done +if $ac_cache_corrupted; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 +$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} + as_fn_error "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 +fi +## -------------------- ## +## Main body of script. ## +## -------------------- ## + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + +ac_config_headers="$ac_config_headers config.h" + + +# features of Posix that are extensions to C (define _GNU_SOURCE) +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. +set dummy ${ac_tool_prefix}gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_CC="${ac_tool_prefix}gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_CC"; then + ac_ct_CC=$CC + # Extract the first word of "gcc", so it can be a program name with args. +set dummy gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_CC="gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +else + CC="$ac_cv_prog_CC" +fi + +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. +set dummy ${ac_tool_prefix}cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_CC="${ac_tool_prefix}cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + fi +fi +if test -z "$CC"; then + # Extract the first word of "cc", so it can be a program name with args. +set dummy cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + ac_prog_rejected=no +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then + ac_prog_rejected=yes + continue + fi + ac_cv_prog_CC="cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +if test $ac_prog_rejected = yes; then + # We found a bogon in the path, so make sure we never use it. + set dummy $ac_cv_prog_CC + shift + if test $# != 0; then + # We chose a different compiler from the bogus one. + # However, it has the same basename, so the bogon will be chosen + # first if we set CC to just the basename; use the full file name. + shift + ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" + fi +fi +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + for ac_prog in cl.exe + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_CC="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$CC" && break + done +fi +if test -z "$CC"; then + ac_ct_CC=$CC + for ac_prog in cl.exe +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_CC="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$ac_ct_CC" && break +done + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +fi + +fi + + +test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error "no acceptable C compiler found in \$PATH +See \`config.log' for more details." "$LINENO" 5; } + +# Provide some information about the compiler. +$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 +set X $ac_compile +ac_compiler=$2 +for ac_option in --version -v -V -qversion; do + { { ac_try="$ac_compiler $ac_option >&5" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compiler $ac_option >&5") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + sed '10a\ +... rest of stderr output deleted ... + 10q' conftest.err >conftest.er1 + cat conftest.er1 >&5 + fi + rm -f conftest.er1 conftest.err + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +done + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" +# Try to create an executable without -o first, disregard a.out. +# It will help us diagnose broken compilers, and finding out an intuition +# of exeext. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 +$as_echo_n "checking whether the C compiler works... " >&6; } +ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` + +# The possible output files: +ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" + +ac_rmfiles= +for ac_file in $ac_files +do + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + * ) ac_rmfiles="$ac_rmfiles $ac_file";; + esac +done +rm -f $ac_rmfiles + +if { { ac_try="$ac_link_default" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link_default") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. +# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' +# in a Makefile. We should not override ac_cv_exeext if it was cached, +# so that the user can short-circuit this test for compilers unknown to +# Autoconf. +for ac_file in $ac_files '' +do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) + ;; + [ab].out ) + # We found the default executable, but exeext='' is most + # certainly right. + break;; + *.* ) + if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; + then :; else + ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + fi + # We set ac_cv_exeext here because the later test for it is not + # safe: cross compilers may not add the suffix if given an `-o' + # argument, so we may need to know it at that point already. + # Even if this section looks crufty: it has the advantage of + # actually working. + break;; + * ) + break;; + esac +done +test "$ac_cv_exeext" = no && ac_cv_exeext= + +else + ac_file='' +fi +if test -z "$ac_file"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +$as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +{ as_fn_set_status 77 +as_fn_error "C compiler cannot create executables +See \`config.log' for more details." "$LINENO" 5; }; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 +$as_echo_n "checking for C compiler default output file name... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 +$as_echo "$ac_file" >&6; } +ac_exeext=$ac_cv_exeext + +rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out +ac_clean_files=$ac_clean_files_save +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 +$as_echo_n "checking for suffix of executables... " >&6; } +if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + # If both `conftest.exe' and `conftest' are `present' (well, observable) +# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will +# work properly (i.e., refer to `conftest.exe'), while it won't with +# `rm'. +for ac_file in conftest.exe conftest conftest.*; do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + break;; + * ) break;; + esac +done +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error "cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details." "$LINENO" 5; } +fi +rm -f conftest conftest$ac_cv_exeext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 +$as_echo "$ac_cv_exeext" >&6; } + +rm -f conftest.$ac_ext +EXEEXT=$ac_cv_exeext +ac_exeext=$EXEEXT +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +FILE *f = fopen ("conftest.out", "w"); + return ferror (f) || fclose (f) != 0; + + ; + return 0; +} +_ACEOF +ac_clean_files="$ac_clean_files conftest.out" +# Check that the compiler produces executables we can run. If not, either +# the compiler is broken, or we cross compile. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 +$as_echo_n "checking whether we are cross compiling... " >&6; } +if test "$cross_compiling" != yes; then + { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if { ac_try='./conftest$ac_cv_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then + cross_compiling=no + else + if test "$cross_compiling" = maybe; then + cross_compiling=yes + else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error "cannot run C compiled programs. +If you meant to cross compile, use \`--host'. +See \`config.log' for more details." "$LINENO" 5; } + fi + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 +$as_echo "$cross_compiling" >&6; } + +rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out +ac_clean_files=$ac_clean_files_save +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 +$as_echo_n "checking for suffix of object files... " >&6; } +if test "${ac_cv_objext+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.o conftest.obj +if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + for ac_file in conftest.o conftest.obj conftest.*; do + test -f "$ac_file" || continue; + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; + *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` + break;; + esac +done +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error "cannot compute suffix of object files: cannot compile +See \`config.log' for more details." "$LINENO" 5; } +fi +rm -f conftest.$ac_cv_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 +$as_echo "$ac_cv_objext" >&6; } +OBJEXT=$ac_cv_objext +ac_objext=$OBJEXT +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 +$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } +if test "${ac_cv_c_compiler_gnu+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ +#ifndef __GNUC__ + choke me +#endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_compiler_gnu=yes +else + ac_compiler_gnu=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +ac_cv_c_compiler_gnu=$ac_compiler_gnu + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 +$as_echo "$ac_cv_c_compiler_gnu" >&6; } +if test $ac_compiler_gnu = yes; then + GCC=yes +else + GCC= +fi +ac_test_CFLAGS=${CFLAGS+set} +ac_save_CFLAGS=$CFLAGS +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 +$as_echo_n "checking whether $CC accepts -g... " >&6; } +if test "${ac_cv_prog_cc_g+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_save_c_werror_flag=$ac_c_werror_flag + ac_c_werror_flag=yes + ac_cv_prog_cc_g=no + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes +else + CFLAGS="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +else + ac_c_werror_flag=$ac_save_c_werror_flag + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_c_werror_flag=$ac_save_c_werror_flag +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 +$as_echo "$ac_cv_prog_cc_g" >&6; } +if test "$ac_test_CFLAGS" = set; then + CFLAGS=$ac_save_CFLAGS +elif test $ac_cv_prog_cc_g = yes; then + if test "$GCC" = yes; then + CFLAGS="-g -O2" + else + CFLAGS="-g" + fi +else + if test "$GCC" = yes; then + CFLAGS="-O2" + else + CFLAGS= + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 +$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } +if test "${ac_cv_prog_cc_c89+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_prog_cc_c89=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#include +#include +/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ +struct buf { int x; }; +FILE * (*rcsopen) (struct buf *, struct stat *, int); +static char *e (p, i) + char **p; + int i; +{ + return p[i]; +} +static char *f (char * (*g) (char **, int), char **p, ...) +{ + char *s; + va_list v; + va_start (v,p); + s = g (p, va_arg (v,int)); + va_end (v); + return s; +} + +/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has + function prototypes and stuff, but not '\xHH' hex character constants. + These don't provoke an error unfortunately, instead are silently treated + as 'x'. The following induces an error, until -std is added to get + proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an + array size at least. It's necessary to write '\x00'==0 to get something + that's true only with -std. */ +int osf4_cc_array ['\x00' == 0 ? 1 : -1]; + +/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters + inside strings and character constants. */ +#define FOO(x) 'x' +int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; + +int test (int i, double x); +struct s1 {int (*f) (int a);}; +struct s2 {int (*f) (double a);}; +int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); +int argc; +char **argv; +int +main () +{ +return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; + ; + return 0; +} +_ACEOF +for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ + -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_c89=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext + test "x$ac_cv_prog_cc_c89" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC + +fi +# AC_CACHE_VAL +case "x$ac_cv_prog_cc_c89" in + x) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; + xno) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; + *) + CC="$CC $ac_cv_prog_cc_c89" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; +esac +if test "x$ac_cv_prog_cc_c89" != xno; then : + +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 +$as_echo_n "checking how to run the C preprocessor... " >&6; } +# On Suns, sometimes $CPP names a directory. +if test -n "$CPP" && test -d "$CPP"; then + CPP= +fi +if test -z "$CPP"; then + if test "${ac_cv_prog_CPP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + # Double quotes because CPP needs to be expanded + for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" + do + ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # Prefer to if __STDC__ is defined, since + # exists even on freestanding compilers. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __STDC__ +# include +#else +# include +#endif + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + +else + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + # Broken: success on invalid input. +continue +else + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.$ac_ext + +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.err conftest.$ac_ext +if $ac_preproc_ok; then : + break +fi + + done + ac_cv_prog_CPP=$CPP + +fi + CPP=$ac_cv_prog_CPP +else + ac_cv_prog_CPP=$CPP +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 +$as_echo "$CPP" >&6; } +ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # Prefer to if __STDC__ is defined, since + # exists even on freestanding compilers. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __STDC__ +# include +#else +# include +#endif + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + +else + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + # Broken: success on invalid input. +continue +else + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.$ac_ext + +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.err conftest.$ac_ext +if $ac_preproc_ok; then : + +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error "C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details." "$LINENO" 5; } +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 +$as_echo_n "checking for grep that handles long lines and -e... " >&6; } +if test "${ac_cv_path_GREP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$GREP"; then + ac_path_GREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in grep ggrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" + { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue +# Check for GNU ac_path_GREP and select it if it is found. + # Check for GNU $ac_path_GREP +case `"$ac_path_GREP" --version 2>&1` in +*GNU*) + ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo 'GREP' >> "conftest.nl" + "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_GREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_GREP="$ac_path_GREP" + ac_path_GREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_GREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_GREP"; then + as_fn_error "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi +else + ac_cv_path_GREP=$GREP +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 +$as_echo "$ac_cv_path_GREP" >&6; } + GREP="$ac_cv_path_GREP" + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 +$as_echo_n "checking for egrep... " >&6; } +if test "${ac_cv_path_EGREP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 + then ac_cv_path_EGREP="$GREP -E" + else + if test -z "$EGREP"; then + ac_path_EGREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in egrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" + { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue +# Check for GNU ac_path_EGREP and select it if it is found. + # Check for GNU $ac_path_EGREP +case `"$ac_path_EGREP" --version 2>&1` in +*GNU*) + ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo 'EGREP' >> "conftest.nl" + "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_EGREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_EGREP="$ac_path_EGREP" + ac_path_EGREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_EGREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_EGREP"; then + as_fn_error "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi +else + ac_cv_path_EGREP=$EGREP +fi + + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 +$as_echo "$ac_cv_path_EGREP" >&6; } + EGREP="$ac_cv_path_EGREP" + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 +$as_echo_n "checking for ANSI C header files... " >&6; } +if test "${ac_cv_header_stdc+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#include +#include + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_header_stdc=yes +else + ac_cv_header_stdc=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +if test $ac_cv_header_stdc = yes; then + # SunOS 4.x string.h does not declare mem*, contrary to ANSI. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "memchr" >/dev/null 2>&1; then : + +else + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "free" >/dev/null 2>&1; then : + +else + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. + if test "$cross_compiling" = yes; then : + : +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#if ((' ' & 0x0FF) == 0x020) +# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') +# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) +#else +# define ISLOWER(c) \ + (('a' <= (c) && (c) <= 'i') \ + || ('j' <= (c) && (c) <= 'r') \ + || ('s' <= (c) && (c) <= 'z')) +# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) +#endif + +#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) +int +main () +{ + int i; + for (i = 0; i < 256; i++) + if (XOR (islower (i), ISLOWER (i)) + || toupper (i) != TOUPPER (i)) + return 2; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + +else + ac_cv_header_stdc=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 +$as_echo "$ac_cv_header_stdc" >&6; } +if test $ac_cv_header_stdc = yes; then + +$as_echo "#define STDC_HEADERS 1" >>confdefs.h + +fi + +# On IRIX 5.3, sys/types and inttypes.h are conflicting. +for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ + inttypes.h stdint.h unistd.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default +" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + + + ac_fn_c_check_header_mongrel "$LINENO" "minix/config.h" "ac_cv_header_minix_config_h" "$ac_includes_default" +if test "x$ac_cv_header_minix_config_h" = x""yes; then : + MINIX=yes +else + MINIX= +fi + + + if test "$MINIX" = yes; then + +$as_echo "#define _POSIX_SOURCE 1" >>confdefs.h + + +$as_echo "#define _POSIX_1_SOURCE 2" >>confdefs.h + + +$as_echo "#define _MINIX 1" >>confdefs.h + + fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether it is safe to define __EXTENSIONS__" >&5 +$as_echo_n "checking whether it is safe to define __EXTENSIONS__... " >&6; } +if test "${ac_cv_safe_to_define___extensions__+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +# define __EXTENSIONS__ 1 + $ac_includes_default +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_safe_to_define___extensions__=yes +else + ac_cv_safe_to_define___extensions__=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_safe_to_define___extensions__" >&5 +$as_echo "$ac_cv_safe_to_define___extensions__" >&6; } + test $ac_cv_safe_to_define___extensions__ = yes && + $as_echo "#define __EXTENSIONS__ 1" >>confdefs.h + + $as_echo "#define _ALL_SOURCE 1" >>confdefs.h + + $as_echo "#define _GNU_SOURCE 1" >>confdefs.h + + $as_echo "#define _POSIX_PTHREAD_SEMANTICS 1" >>confdefs.h + + $as_echo "#define _TANDEM_SOURCE 1" >>confdefs.h + + + +am__api_version='1.11' + +ac_aux_dir= +for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do + for ac_t in install-sh install.sh shtool; do + if test -f "$ac_dir/$ac_t"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/$ac_t -c" + break 2 + fi + done +done +if test -z "$ac_aux_dir"; then + as_fn_error "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 +fi + +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. +ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. +ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. + + +# Find a good install program. We prefer a C program (faster), +# so one script is as good as another. But avoid the broken or +# incompatible versions: +# SysV /etc/install, /usr/sbin/install +# SunOS /usr/etc/install +# IRIX /sbin/install +# AIX /bin/install +# AmigaOS /C/install, which installs bootblocks on floppy discs +# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag +# AFS /usr/afsws/bin/install, which mishandles nonexistent args +# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" +# OS/2's system install, which has a completely different semantic +# ./install, which can be erroneously created by make from ./install.sh. +# Reject install programs that cannot install multiple files. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 +$as_echo_n "checking for a BSD-compatible install... " >&6; } +if test -z "$INSTALL"; then +if test "${ac_cv_path_install+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + # Account for people who put trailing slashes in PATH elements. +case $as_dir/ in #(( + ./ | .// | /[cC]/* | \ + /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ + ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ + /usr/ucb/* ) ;; + *) + # OSF1 and SCO ODT 3.0 have their own names for install. + # Don't use installbsd from OSF since it installs stuff as root + # by default. + for ac_prog in ginstall scoinst install; do + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then + if test $ac_prog = install && + grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # AIX install. It has an incompatible calling convention. + : + elif test $ac_prog = install && + grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # program-specific install script used by HP pwplus--don't use. + : + else + rm -rf conftest.one conftest.two conftest.dir + echo one > conftest.one + echo two > conftest.two + mkdir conftest.dir + if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && + test -s conftest.one && test -s conftest.two && + test -s conftest.dir/conftest.one && + test -s conftest.dir/conftest.two + then + ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" + break 3 + fi + fi + fi + done + done + ;; +esac + + done +IFS=$as_save_IFS + +rm -rf conftest.one conftest.two conftest.dir + +fi + if test "${ac_cv_path_install+set}" = set; then + INSTALL=$ac_cv_path_install + else + # As a last resort, use the slow shell script. Don't cache a + # value for INSTALL within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + INSTALL=$ac_install_sh + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 +$as_echo "$INSTALL" >&6; } + +# Use test -z because SunOS4 sh mishandles braces in ${var-val}. +# It thinks the first close brace ends the variable substitution. +test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' + +test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' + +test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5 +$as_echo_n "checking whether build environment is sane... " >&6; } +# Just in case +sleep 1 +echo timestamp > conftest.file +# Reject unsafe characters in $srcdir or the absolute working directory +# name. Accept space and tab only in the latter. +am_lf=' +' +case `pwd` in + *[\\\"\#\$\&\'\`$am_lf]*) + as_fn_error "unsafe absolute working directory name" "$LINENO" 5;; +esac +case $srcdir in + *[\\\"\#\$\&\'\`$am_lf\ \ ]*) + as_fn_error "unsafe srcdir value: \`$srcdir'" "$LINENO" 5;; +esac + +# Do `set' in a subshell so we don't clobber the current shell's +# arguments. Must try -L first in case configure is actually a +# symlink; some systems play weird games with the mod time of symlinks +# (eg FreeBSD returns the mod time of the symlink's containing +# directory). +if ( + set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` + if test "$*" = "X"; then + # -L didn't work. + set X `ls -t "$srcdir/configure" conftest.file` + fi + rm -f conftest.file + if test "$*" != "X $srcdir/configure conftest.file" \ + && test "$*" != "X conftest.file $srcdir/configure"; then + + # If neither matched, then we have a broken ls. This can happen + # if, for instance, CONFIG_SHELL is bash and it inherits a + # broken ls alias from the environment. This has actually + # happened. Such a system could not be considered "sane". + as_fn_error "ls -t appears to fail. Make sure there is not a broken +alias in your environment" "$LINENO" 5 + fi + + test "$2" = conftest.file + ) +then + # Ok. + : +else + as_fn_error "newly created file is older than distributed files! +Check your system clock" "$LINENO" 5 +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +test "$program_prefix" != NONE && + program_transform_name="s&^&$program_prefix&;$program_transform_name" +# Use a double $ so make ignores it. +test "$program_suffix" != NONE && + program_transform_name="s&\$&$program_suffix&;$program_transform_name" +# Double any \ or $. +# By default was `s,x,x', remove it if useless. +ac_script='s/[\\$]/&&/g;s/;s,x,x,$//' +program_transform_name=`$as_echo "$program_transform_name" | sed "$ac_script"` + +# expand $ac_aux_dir to an absolute path +am_aux_dir=`cd $ac_aux_dir && pwd` + +if test x"${MISSING+set}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; + *) + MISSING="\${SHELL} $am_aux_dir/missing" ;; + esac +fi +# Use eval to expand $SHELL +if eval "$MISSING --run true"; then + am_missing_run="$MISSING --run " +else + am_missing_run= + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \`missing' script is too old or missing" >&5 +$as_echo "$as_me: WARNING: \`missing' script is too old or missing" >&2;} +fi + +if test x"${install_sh}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; + *) + install_sh="\${SHELL} $am_aux_dir/install-sh" + esac +fi + +# Installed binaries are usually stripped using `strip' when the user +# run `make install-strip'. However `strip' might not be the right +# tool to use in cross-compilation environments, therefore Automake +# will honor the `STRIP' environment variable to overrule this program. +if test "$cross_compiling" != no; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. +set dummy ${ac_tool_prefix}strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_STRIP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$STRIP"; then + ac_cv_prog_STRIP="$STRIP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_STRIP="${ac_tool_prefix}strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +STRIP=$ac_cv_prog_STRIP +if test -n "$STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 +$as_echo "$STRIP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_STRIP"; then + ac_ct_STRIP=$STRIP + # Extract the first word of "strip", so it can be a program name with args. +set dummy strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_STRIP"; then + ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_STRIP="strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP +if test -n "$ac_ct_STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 +$as_echo "$ac_ct_STRIP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_STRIP" = x; then + STRIP=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + STRIP=$ac_ct_STRIP + fi +else + STRIP="$ac_cv_prog_STRIP" +fi + +fi +INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5 +$as_echo_n "checking for a thread-safe mkdir -p... " >&6; } +if test -z "$MKDIR_P"; then + if test "${ac_cv_path_mkdir+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in mkdir gmkdir; do + for ac_exec_ext in '' $ac_executable_extensions; do + { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; } || continue + case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( + 'mkdir (GNU coreutils) '* | \ + 'mkdir (coreutils) '* | \ + 'mkdir (fileutils) '4.1*) + ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext + break 3;; + esac + done + done + done +IFS=$as_save_IFS + +fi + + test -d ./--version && rmdir ./--version + if test "${ac_cv_path_mkdir+set}" = set; then + MKDIR_P="$ac_cv_path_mkdir -p" + else + # As a last resort, use the slow shell script. Don't cache a + # value for MKDIR_P within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + MKDIR_P="$ac_install_sh -d" + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 +$as_echo "$MKDIR_P" >&6; } + +mkdir_p="$MKDIR_P" +case $mkdir_p in + [\\/$]* | ?:[\\/]*) ;; + */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;; +esac + +for ac_prog in gawk mawk nawk awk +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_AWK+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$AWK"; then + ac_cv_prog_AWK="$AWK" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_AWK="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +AWK=$ac_cv_prog_AWK +if test -n "$AWK"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 +$as_echo "$AWK" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$AWK" && break +done + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 +$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } +set x ${MAKE-make} +ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` +if { as_var=ac_cv_prog_make_${ac_make}_set; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + cat >conftest.make <<\_ACEOF +SHELL = /bin/sh +all: + @echo '@@@%%%=$(MAKE)=@@@%%%' +_ACEOF +# GNU make sometimes prints "make[1]: Entering...", which would confuse us. +case `${MAKE-make} -f conftest.make 2>/dev/null` in + *@@@%%%=?*=@@@%%%*) + eval ac_cv_prog_make_${ac_make}_set=yes;; + *) + eval ac_cv_prog_make_${ac_make}_set=no;; +esac +rm -f conftest.make +fi +if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + SET_MAKE= +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + SET_MAKE="MAKE=${MAKE-make}" +fi + +rm -rf .tst 2>/dev/null +mkdir .tst 2>/dev/null +if test -d .tst; then + am__leading_dot=. +else + am__leading_dot=_ +fi +rmdir .tst 2>/dev/null + +DEPDIR="${am__leading_dot}deps" + +ac_config_commands="$ac_config_commands depfiles" + + +am_make=${MAKE-make} +cat > confinc << 'END' +am__doit: + @echo this is the am__doit target +.PHONY: am__doit +END +# If we don't find an include directive, just comment out the code. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for style of include used by $am_make" >&5 +$as_echo_n "checking for style of include used by $am_make... " >&6; } +am__include="#" +am__quote= +_am_result=none +# First try GNU make style include. +echo "include confinc" > confmf +# Ignore all kinds of additional output from `make'. +case `$am_make -s -f confmf 2> /dev/null` in #( +*the\ am__doit\ target*) + am__include=include + am__quote= + _am_result=GNU + ;; +esac +# Now try BSD make style include. +if test "$am__include" = "#"; then + echo '.include "confinc"' > confmf + case `$am_make -s -f confmf 2> /dev/null` in #( + *the\ am__doit\ target*) + am__include=.include + am__quote="\"" + _am_result=BSD + ;; + esac +fi + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $_am_result" >&5 +$as_echo "$_am_result" >&6; } +rm -f confinc confmf + +# Check whether --enable-dependency-tracking was given. +if test "${enable_dependency_tracking+set}" = set; then : + enableval=$enable_dependency_tracking; +fi + +if test "x$enable_dependency_tracking" != xno; then + am_depcomp="$ac_aux_dir/depcomp" + AMDEPBACKSLASH='\' +fi + if test "x$enable_dependency_tracking" != xno; then + AMDEP_TRUE= + AMDEP_FALSE='#' +else + AMDEP_TRUE='#' + AMDEP_FALSE= +fi + + +if test "`cd $srcdir && pwd`" != "`pwd`"; then + # Use -I$(srcdir) only when $(srcdir) != ., so that make's output + # is not polluted with repeated "-I." + am__isrc=' -I$(srcdir)' + # test to see if srcdir already configured + if test -f $srcdir/config.status; then + as_fn_error "source directory already configured; run \"make distclean\" there first" "$LINENO" 5 + fi +fi + +# test whether we have cygpath +if test -z "$CYGPATH_W"; then + if (cygpath --version) >/dev/null 2>/dev/null; then + CYGPATH_W='cygpath -w' + else + CYGPATH_W=echo + fi +fi + + +# Define the identity of the package. + PACKAGE='libedit-20110730' + VERSION='3.0' + + +cat >>confdefs.h <<_ACEOF +#define PACKAGE "$PACKAGE" +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define VERSION "$VERSION" +_ACEOF + +# Some tools Automake needs. + +ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"} + + +AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"} + + +AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"} + + +AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"} + + +MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} + +# We need awk for the "check" target. The system "awk" is bad on +# some platforms. +# Always define AMTAR for backward compatibility. + +AMTAR=${AMTAR-"${am_missing_run}tar"} + +am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -' + + + + +depcc="$CC" am_compiler_list= + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 +$as_echo_n "checking dependency style of $depcc... " >&6; } +if test "${am_cv_CC_dependencies_compiler_type+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then + # We make a subdir and do the tests there. Otherwise we can end up + # making bogus files that we don't know about and never remove. For + # instance it was reported that on HP-UX the gcc test will end up + # making a dummy file named `D' -- because `-MD' means `put the output + # in D'. + mkdir conftest.dir + # Copy depcomp to subdir because otherwise we won't find it if we're + # using a relative directory. + cp "$am_depcomp" conftest.dir + cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub + + am_cv_CC_dependencies_compiler_type=none + if test "$am_compiler_list" = ""; then + am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` + fi + am__universal=false + case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac + + for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # + # We need to recreate these files for each test, as the compiler may + # overwrite some of them when testing with obscure command lines. + # This happens at least with the AIX C compiler. + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with + # Solaris 8's {/usr,}/bin/sh. + touch sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf + + # We check with `-c' and `-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle `-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" + case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; + nosideeffect) + # after this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested + if test "x$enable_dependency_tracking" = xyes; then + continue + else + break + fi + ;; + msvisualcpp | msvcmsys) + # This compiler won't grok `-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; + none) break ;; + esac + if depmode=$depmode \ + source=sub/conftest.c object=$am__obj \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && + ${MAKE-make} -s -f confmf > /dev/null 2>&1; then + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_CC_dependencies_compiler_type=$depmode + break + fi + fi + done + + cd .. + rm -rf conftest.dir +else + am_cv_CC_dependencies_compiler_type=none +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 +$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } +CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type + + if + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then + am__fastdepCC_TRUE= + am__fastdepCC_FALSE='#' +else + am__fastdepCC_TRUE='#' + am__fastdepCC_FALSE= +fi + + + +case `pwd` in + *\ * | *\ *) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5 +$as_echo "$as_me: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&2;} ;; +esac + + + +macro_version='2.4' +macro_revision='1.3293' + + + + + + + + + + + + + +ltmain="$ac_aux_dir/ltmain.sh" + +# Make sure we can run config.sub. +$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || + as_fn_error "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 +$as_echo_n "checking build system type... " >&6; } +if test "${ac_cv_build+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_build_alias=$build_alias +test "x$ac_build_alias" = x && + ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` +test "x$ac_build_alias" = x && + as_fn_error "cannot guess build type; you must specify one" "$LINENO" 5 +ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || + as_fn_error "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 +$as_echo "$ac_cv_build" >&6; } +case $ac_cv_build in +*-*-*) ;; +*) as_fn_error "invalid value of canonical build" "$LINENO" 5;; +esac +build=$ac_cv_build +ac_save_IFS=$IFS; IFS='-' +set x $ac_cv_build +shift +build_cpu=$1 +build_vendor=$2 +shift; shift +# Remember, the first character of IFS is used to create $*, +# except with old shells: +build_os=$* +IFS=$ac_save_IFS +case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 +$as_echo_n "checking host system type... " >&6; } +if test "${ac_cv_host+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test "x$host_alias" = x; then + ac_cv_host=$ac_cv_build +else + ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || + as_fn_error "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 +$as_echo "$ac_cv_host" >&6; } +case $ac_cv_host in +*-*-*) ;; +*) as_fn_error "invalid value of canonical host" "$LINENO" 5;; +esac +host=$ac_cv_host +ac_save_IFS=$IFS; IFS='-' +set x $ac_cv_host +shift +host_cpu=$1 +host_vendor=$2 +shift; shift +# Remember, the first character of IFS is used to create $*, +# except with old shells: +host_os=$* +IFS=$ac_save_IFS +case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac + + +# Backslashify metacharacters that are still active within +# double-quoted strings. +sed_quote_subst='s/\(["`$\\]\)/\\\1/g' + +# Same as above, but do not quote variable references. +double_quote_subst='s/\(["`\\]\)/\\\1/g' + +# Sed substitution to delay expansion of an escaped shell variable in a +# double_quote_subst'ed string. +delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' + +# Sed substitution to delay expansion of an escaped single quote. +delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g' + +# Sed substitution to avoid accidental globbing in evaled expressions +no_glob_subst='s/\*/\\\*/g' + +ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO +ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to print strings" >&5 +$as_echo_n "checking how to print strings... " >&6; } +# Test print first, because it will be a builtin if present. +if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \ + test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then + ECHO='print -r --' +elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then + ECHO='printf %s\n' +else + # Use this function as a fallback that always works. + func_fallback_echo () + { + eval 'cat <<_LTECHO_EOF +$1 +_LTECHO_EOF' + } + ECHO='func_fallback_echo' +fi + +# func_echo_all arg... +# Invoke $ECHO with all args, space-separated. +func_echo_all () +{ + $ECHO "" +} + +case "$ECHO" in + printf*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: printf" >&5 +$as_echo "printf" >&6; } ;; + print*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: print -r" >&5 +$as_echo "print -r" >&6; } ;; + *) { $as_echo "$as_me:${as_lineno-$LINENO}: result: cat" >&5 +$as_echo "cat" >&6; } ;; +esac + + + + + + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a sed that does not truncate output" >&5 +$as_echo_n "checking for a sed that does not truncate output... " >&6; } +if test "${ac_cv_path_SED+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ + for ac_i in 1 2 3 4 5 6 7; do + ac_script="$ac_script$as_nl$ac_script" + done + echo "$ac_script" 2>/dev/null | sed 99q >conftest.sed + { ac_script=; unset ac_script;} + if test -z "$SED"; then + ac_path_SED_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in sed gsed; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_SED="$as_dir/$ac_prog$ac_exec_ext" + { test -f "$ac_path_SED" && $as_test_x "$ac_path_SED"; } || continue +# Check for GNU ac_path_SED and select it if it is found. + # Check for GNU $ac_path_SED +case `"$ac_path_SED" --version 2>&1` in +*GNU*) + ac_cv_path_SED="$ac_path_SED" ac_path_SED_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo '' >> "conftest.nl" + "$ac_path_SED" -f conftest.sed < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_SED_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_SED="$ac_path_SED" + ac_path_SED_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_SED_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_SED"; then + as_fn_error "no acceptable sed could be found in \$PATH" "$LINENO" 5 + fi +else + ac_cv_path_SED=$SED +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_SED" >&5 +$as_echo "$ac_cv_path_SED" >&6; } + SED="$ac_cv_path_SED" + rm -f conftest.sed + +test -z "$SED" && SED=sed +Xsed="$SED -e 1s/^X//" + + + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for fgrep" >&5 +$as_echo_n "checking for fgrep... " >&6; } +if test "${ac_cv_path_FGREP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if echo 'ab*c' | $GREP -F 'ab*c' >/dev/null 2>&1 + then ac_cv_path_FGREP="$GREP -F" + else + if test -z "$FGREP"; then + ac_path_FGREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in fgrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext" + { test -f "$ac_path_FGREP" && $as_test_x "$ac_path_FGREP"; } || continue +# Check for GNU ac_path_FGREP and select it if it is found. + # Check for GNU $ac_path_FGREP +case `"$ac_path_FGREP" --version 2>&1` in +*GNU*) + ac_cv_path_FGREP="$ac_path_FGREP" ac_path_FGREP_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo 'FGREP' >> "conftest.nl" + "$ac_path_FGREP" FGREP < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_FGREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_FGREP="$ac_path_FGREP" + ac_path_FGREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_FGREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_FGREP"; then + as_fn_error "no acceptable fgrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi +else + ac_cv_path_FGREP=$FGREP +fi + + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_FGREP" >&5 +$as_echo "$ac_cv_path_FGREP" >&6; } + FGREP="$ac_cv_path_FGREP" + + +test -z "$GREP" && GREP=grep + + + + + + + + + + + + + + + + + + + +# Check whether --with-gnu-ld was given. +if test "${with_gnu_ld+set}" = set; then : + withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes +else + with_gnu_ld=no +fi + +ac_prog=ld +if test "$GCC" = yes; then + # Check if gcc -print-prog-name=ld gives a path. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5 +$as_echo_n "checking for ld used by $CC... " >&6; } + case $host in + *-*-mingw*) + # gcc leaves a trailing carriage return which upsets mingw + ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; + *) + ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; + esac + case $ac_prog in + # Accept absolute paths. + [\\/]* | ?:[\\/]*) + re_direlt='/[^/][^/]*/\.\./' + # Canonicalize the pathname of ld + ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'` + while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do + ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"` + done + test -z "$LD" && LD="$ac_prog" + ;; + "") + # If it fails, then pretend we aren't using GCC. + ac_prog=ld + ;; + *) + # If it is relative, then search for the first ld in PATH. + with_gnu_ld=unknown + ;; + esac +elif test "$with_gnu_ld" = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 +$as_echo_n "checking for GNU ld... " >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 +$as_echo_n "checking for non-GNU ld... " >&6; } +fi +if test "${lt_cv_path_LD+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$LD"; then + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR + for ac_dir in $PATH; do + IFS="$lt_save_ifs" + test -z "$ac_dir" && ac_dir=. + if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then + lt_cv_path_LD="$ac_dir/$ac_prog" + # Check to see if the program is GNU ld. I'd rather use --version, + # but apparently some variants of GNU ld only accept -v. + # Break only if it was the GNU/non-GNU ld that we prefer. + case `"$lt_cv_path_LD" -v 2>&1 &5 +$as_echo "$LD" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi +test -z "$LD" && as_fn_error "no acceptable ld found in \$PATH" "$LINENO" 5 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 +$as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; } +if test "${lt_cv_prog_gnu_ld+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + # I'd rather use --version here, but apparently some GNU lds only accept -v. +case `$LD -v 2>&1 &5 +$as_echo "$lt_cv_prog_gnu_ld" >&6; } +with_gnu_ld=$lt_cv_prog_gnu_ld + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for BSD- or MS-compatible name lister (nm)" >&5 +$as_echo_n "checking for BSD- or MS-compatible name lister (nm)... " >&6; } +if test "${lt_cv_path_NM+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$NM"; then + # Let the user override the test. + lt_cv_path_NM="$NM" +else + lt_nm_to_check="${ac_tool_prefix}nm" + if test -n "$ac_tool_prefix" && test "$build" = "$host"; then + lt_nm_to_check="$lt_nm_to_check nm" + fi + for lt_tmp_nm in $lt_nm_to_check; do + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR + for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do + IFS="$lt_save_ifs" + test -z "$ac_dir" && ac_dir=. + tmp_nm="$ac_dir/$lt_tmp_nm" + if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then + # Check to see if the nm accepts a BSD-compat flag. + # Adding the `sed 1q' prevents false positives on HP-UX, which says: + # nm: unknown option "B" ignored + # Tru64's nm complains that /dev/null is an invalid object file + case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in + */dev/null* | *'Invalid file or object type'*) + lt_cv_path_NM="$tmp_nm -B" + break + ;; + *) + case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in + */dev/null*) + lt_cv_path_NM="$tmp_nm -p" + break + ;; + *) + lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but + continue # so that we can try to find one that supports BSD flags + ;; + esac + ;; + esac + fi + done + IFS="$lt_save_ifs" + done + : ${lt_cv_path_NM=no} +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_NM" >&5 +$as_echo "$lt_cv_path_NM" >&6; } +if test "$lt_cv_path_NM" != "no"; then + NM="$lt_cv_path_NM" +else + # Didn't find any BSD compatible name lister, look for dumpbin. + if test -n "$DUMPBIN"; then : + # Let the user override the test. + else + if test -n "$ac_tool_prefix"; then + for ac_prog in dumpbin "link -dump" + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_DUMPBIN+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$DUMPBIN"; then + ac_cv_prog_DUMPBIN="$DUMPBIN" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +DUMPBIN=$ac_cv_prog_DUMPBIN +if test -n "$DUMPBIN"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DUMPBIN" >&5 +$as_echo "$DUMPBIN" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$DUMPBIN" && break + done +fi +if test -z "$DUMPBIN"; then + ac_ct_DUMPBIN=$DUMPBIN + for ac_prog in dumpbin "link -dump" +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_DUMPBIN+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_DUMPBIN"; then + ac_cv_prog_ac_ct_DUMPBIN="$ac_ct_DUMPBIN" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_DUMPBIN="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_DUMPBIN=$ac_cv_prog_ac_ct_DUMPBIN +if test -n "$ac_ct_DUMPBIN"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DUMPBIN" >&5 +$as_echo "$ac_ct_DUMPBIN" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$ac_ct_DUMPBIN" && break +done + + if test "x$ac_ct_DUMPBIN" = x; then + DUMPBIN=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + DUMPBIN=$ac_ct_DUMPBIN + fi +fi + + case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in + *COFF*) + DUMPBIN="$DUMPBIN -symbols" + ;; + *) + DUMPBIN=: + ;; + esac + fi + + if test "$DUMPBIN" != ":"; then + NM="$DUMPBIN" + fi +fi +test -z "$NM" && NM=nm + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the name lister ($NM) interface" >&5 +$as_echo_n "checking the name lister ($NM) interface... " >&6; } +if test "${lt_cv_nm_interface+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_nm_interface="BSD nm" + echo "int some_variable = 0;" > conftest.$ac_ext + (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&5) + (eval "$ac_compile" 2>conftest.err) + cat conftest.err >&5 + (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&5) + (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) + cat conftest.err >&5 + (eval echo "\"\$as_me:$LINENO: output\"" >&5) + cat conftest.out >&5 + if $GREP 'External.*some_variable' conftest.out > /dev/null; then + lt_cv_nm_interface="MS dumpbin" + fi + rm -f conftest* +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_nm_interface" >&5 +$as_echo "$lt_cv_nm_interface" >&6; } + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5 +$as_echo_n "checking whether ln -s works... " >&6; } +LN_S=$as_ln_s +if test "$LN_S" = "ln -s"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5 +$as_echo "no, using $LN_S" >&6; } +fi + +# find the maximum length of command line arguments +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the maximum length of command line arguments" >&5 +$as_echo_n "checking the maximum length of command line arguments... " >&6; } +if test "${lt_cv_sys_max_cmd_len+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + i=0 + teststring="ABCD" + + case $build_os in + msdosdjgpp*) + # On DJGPP, this test can blow up pretty badly due to problems in libc + # (any single argument exceeding 2000 bytes causes a buffer overrun + # during glob expansion). Even if it were fixed, the result of this + # check would be larger than it should be. + lt_cv_sys_max_cmd_len=12288; # 12K is about right + ;; + + gnu*) + # Under GNU Hurd, this test is not required because there is + # no limit to the length of command line arguments. + # Libtool will interpret -1 as no limit whatsoever + lt_cv_sys_max_cmd_len=-1; + ;; + + cygwin* | mingw* | cegcc*) + # On Win9x/ME, this test blows up -- it succeeds, but takes + # about 5 minutes as the teststring grows exponentially. + # Worse, since 9x/ME are not pre-emptively multitasking, + # you end up with a "frozen" computer, even though with patience + # the test eventually succeeds (with a max line length of 256k). + # Instead, let's just punt: use the minimum linelength reported by + # all of the supported platforms: 8192 (on NT/2K/XP). + lt_cv_sys_max_cmd_len=8192; + ;; + + mint*) + # On MiNT this can take a long time and run out of memory. + lt_cv_sys_max_cmd_len=8192; + ;; + + amigaos*) + # On AmigaOS with pdksh, this test takes hours, literally. + # So we just punt and use a minimum line length of 8192. + lt_cv_sys_max_cmd_len=8192; + ;; + + netbsd* | freebsd* | openbsd* | darwin* | dragonfly*) + # This has been around since 386BSD, at least. Likely further. + if test -x /sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` + elif test -x /usr/sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` + else + lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs + fi + # And add a safety zone + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` + ;; + + interix*) + # We know the value 262144 and hardcode it with a safety zone (like BSD) + lt_cv_sys_max_cmd_len=196608 + ;; + + osf*) + # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure + # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not + # nice to cause kernel panics so lets avoid the loop below. + # First set a reasonable default. + lt_cv_sys_max_cmd_len=16384 + # + if test -x /sbin/sysconfig; then + case `/sbin/sysconfig -q proc exec_disable_arg_limit` in + *1*) lt_cv_sys_max_cmd_len=-1 ;; + esac + fi + ;; + sco3.2v5*) + lt_cv_sys_max_cmd_len=102400 + ;; + sysv5* | sco5v6* | sysv4.2uw2*) + kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` + if test -n "$kargmax"; then + lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[ ]//'` + else + lt_cv_sys_max_cmd_len=32768 + fi + ;; + *) + lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` + if test -n "$lt_cv_sys_max_cmd_len"; then + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` + else + # Make teststring a little bigger before we do anything with it. + # a 1K string should be a reasonable start. + for i in 1 2 3 4 5 6 7 8 ; do + teststring=$teststring$teststring + done + SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} + # If test is not a shell built-in, we'll probably end up computing a + # maximum length that is only half of the actual maximum length, but + # we can't tell. + while { test "X"`func_fallback_echo "$teststring$teststring" 2>/dev/null` \ + = "X$teststring$teststring"; } >/dev/null 2>&1 && + test $i != 17 # 1/2 MB should be enough + do + i=`expr $i + 1` + teststring=$teststring$teststring + done + # Only check the string length outside the loop. + lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1` + teststring= + # Add a significant safety factor because C++ compilers can tack on + # massive amounts of additional arguments before passing them to the + # linker. It appears as though 1/2 is a usable value. + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` + fi + ;; + esac + +fi + +if test -n $lt_cv_sys_max_cmd_len ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sys_max_cmd_len" >&5 +$as_echo "$lt_cv_sys_max_cmd_len" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none" >&5 +$as_echo "none" >&6; } +fi +max_cmd_len=$lt_cv_sys_max_cmd_len + + + + + + +: ${CP="cp -f"} +: ${MV="mv -f"} +: ${RM="rm -f"} + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the shell understands some XSI constructs" >&5 +$as_echo_n "checking whether the shell understands some XSI constructs... " >&6; } +# Try some XSI features +xsi_shell=no +( _lt_dummy="a/b/c" + test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \ + = c,a/b,b/c, \ + && eval 'test $(( 1 + 1 )) -eq 2 \ + && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \ + && xsi_shell=yes +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $xsi_shell" >&5 +$as_echo "$xsi_shell" >&6; } + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the shell understands \"+=\"" >&5 +$as_echo_n "checking whether the shell understands \"+=\"... " >&6; } +lt_shell_append=no +( foo=bar; set foo baz; eval "$1+=\$2" && test "$foo" = barbaz ) \ + >/dev/null 2>&1 \ + && lt_shell_append=yes +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_shell_append" >&5 +$as_echo "$lt_shell_append" >&6; } + + +if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then + lt_unset=unset +else + lt_unset=false +fi + + + + + +# test EBCDIC or ASCII +case `echo X|tr X '\101'` in + A) # ASCII based system + # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr + lt_SP2NL='tr \040 \012' + lt_NL2SP='tr \015\012 \040\040' + ;; + *) # EBCDIC based system + lt_SP2NL='tr \100 \n' + lt_NL2SP='tr \r\n \100\100' + ;; +esac + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to $host format" >&5 +$as_echo_n "checking how to convert $build file names to $host format... " >&6; } +if test "${lt_cv_to_host_file_cmd+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32 + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32 + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32 + ;; + esac + ;; + *-*-cygwin* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin + ;; + esac + ;; + * ) # unhandled hosts (and "normal" native builds) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; +esac + +fi + +to_host_file_cmd=$lt_cv_to_host_file_cmd +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_host_file_cmd" >&5 +$as_echo "$lt_cv_to_host_file_cmd" >&6; } + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to toolchain format" >&5 +$as_echo_n "checking how to convert $build file names to toolchain format... " >&6; } +if test "${lt_cv_to_tool_file_cmd+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + #assume ordinary cross tools, or native build. +lt_cv_to_tool_file_cmd=func_convert_file_noop +case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32 + ;; + esac + ;; +esac + +fi + +to_tool_file_cmd=$lt_cv_to_tool_file_cmd +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_tool_file_cmd" >&5 +$as_echo "$lt_cv_to_tool_file_cmd" >&6; } + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $LD option to reload object files" >&5 +$as_echo_n "checking for $LD option to reload object files... " >&6; } +if test "${lt_cv_ld_reload_flag+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_ld_reload_flag='-r' +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_reload_flag" >&5 +$as_echo "$lt_cv_ld_reload_flag" >&6; } +reload_flag=$lt_cv_ld_reload_flag +case $reload_flag in +"" | " "*) ;; +*) reload_flag=" $reload_flag" ;; +esac +reload_cmds='$LD$reload_flag -o $output$reload_objs' +case $host_os in + cygwin* | mingw* | pw32* | cegcc*) + if test "$GCC" != yes; then + reload_cmds=false + fi + ;; + darwin*) + if test "$GCC" = yes; then + reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs' + else + reload_cmds='$LD$reload_flag -o $output$reload_objs' + fi + ;; +esac + + + + + + + + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. +set dummy ${ac_tool_prefix}objdump; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_OBJDUMP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$OBJDUMP"; then + ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +OBJDUMP=$ac_cv_prog_OBJDUMP +if test -n "$OBJDUMP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 +$as_echo "$OBJDUMP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_OBJDUMP"; then + ac_ct_OBJDUMP=$OBJDUMP + # Extract the first word of "objdump", so it can be a program name with args. +set dummy objdump; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_OBJDUMP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_OBJDUMP"; then + ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_OBJDUMP="objdump" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP +if test -n "$ac_ct_OBJDUMP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 +$as_echo "$ac_ct_OBJDUMP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_OBJDUMP" = x; then + OBJDUMP="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OBJDUMP=$ac_ct_OBJDUMP + fi +else + OBJDUMP="$ac_cv_prog_OBJDUMP" +fi + +test -z "$OBJDUMP" && OBJDUMP=objdump + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to recognize dependent libraries" >&5 +$as_echo_n "checking how to recognize dependent libraries... " >&6; } +if test "${lt_cv_deplibs_check_method+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_file_magic_cmd='$MAGIC_CMD' +lt_cv_file_magic_test_file= +lt_cv_deplibs_check_method='unknown' +# Need to set the preceding variable on all platforms that support +# interlibrary dependencies. +# 'none' -- dependencies not supported. +# `unknown' -- same as none, but documents that we really don't know. +# 'pass_all' -- all dependencies passed with no checks. +# 'test_compile' -- check by making test program. +# 'file_magic [[regex]]' -- check by looking for files in library path +# which responds to the $file_magic_cmd with a given extended regex. +# If you have `file' or equivalent on your system and you're not sure +# whether `pass_all' will *always* work, you probably want this one. + +case $host_os in +aix[4-9]*) + lt_cv_deplibs_check_method=pass_all + ;; + +beos*) + lt_cv_deplibs_check_method=pass_all + ;; + +bsdi[45]*) + lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)' + lt_cv_file_magic_cmd='/usr/bin/file -L' + lt_cv_file_magic_test_file=/shlib/libc.so + ;; + +cygwin*) + # func_win32_libid is a shell function defined in ltmain.sh + lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' + lt_cv_file_magic_cmd='func_win32_libid' + ;; + +mingw* | pw32*) + # Base MSYS/MinGW do not provide the 'file' command needed by + # func_win32_libid shell function, so use a weaker test based on 'objdump', + # unless we find 'file', for example because we are cross-compiling. + # func_win32_libid assumes BSD nm, so disallow it if using MS dumpbin. + if ( test "$lt_cv_nm_interface" = "BSD nm" && file / ) >/dev/null 2>&1; then + lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' + lt_cv_file_magic_cmd='func_win32_libid' + else + # Keep this pattern in sync with the one in func_win32_libid. + lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' + lt_cv_file_magic_cmd='$OBJDUMP -f' + fi + ;; + +cegcc*) + # use the weaker test based on 'objdump'. See mingw*. + lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?' + lt_cv_file_magic_cmd='$OBJDUMP -f' + ;; + +darwin* | rhapsody*) + lt_cv_deplibs_check_method=pass_all + ;; + +freebsd* | dragonfly*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then + case $host_cpu in + i*86 ) + # Not sure whether the presence of OpenBSD here was a mistake. + # Let's accept both of them until this is cleared up. + lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library' + lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` + ;; + esac + else + lt_cv_deplibs_check_method=pass_all + fi + ;; + +gnu*) + lt_cv_deplibs_check_method=pass_all + ;; + +haiku*) + lt_cv_deplibs_check_method=pass_all + ;; + +hpux10.20* | hpux11*) + lt_cv_file_magic_cmd=/usr/bin/file + case $host_cpu in + ia64*) + lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64' + lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so + ;; + hppa*64*) + lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]' + lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl + ;; + *) + lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9]\.[0-9]) shared library' + lt_cv_file_magic_test_file=/usr/lib/libc.sl + ;; + esac + ;; + +interix[3-9]*) + # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|\.a)$' + ;; + +irix5* | irix6* | nonstopux*) + case $LD in + *-32|*"-32 ") libmagic=32-bit;; + *-n32|*"-n32 ") libmagic=N32;; + *-64|*"-64 ") libmagic=64-bit;; + *) libmagic=never-match;; + esac + lt_cv_deplibs_check_method=pass_all + ;; + +# This must be Linux ELF. +linux* | k*bsd*-gnu | kopensolaris*-gnu) + lt_cv_deplibs_check_method=pass_all + ;; + +netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' + else + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|_pic\.a)$' + fi + ;; + +newos6*) + lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)' + lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_test_file=/usr/lib/libnls.so + ;; + +*nto* | *qnx*) + lt_cv_deplibs_check_method=pass_all + ;; + +openbsd*) + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|\.so|_pic\.a)$' + else + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' + fi + ;; + +osf3* | osf4* | osf5*) + lt_cv_deplibs_check_method=pass_all + ;; + +rdos*) + lt_cv_deplibs_check_method=pass_all + ;; + +solaris*) + lt_cv_deplibs_check_method=pass_all + ;; + +sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) + lt_cv_deplibs_check_method=pass_all + ;; + +sysv4 | sysv4.3*) + case $host_vendor in + motorola) + lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib) M[0-9][0-9]* Version [0-9]' + lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` + ;; + ncr) + lt_cv_deplibs_check_method=pass_all + ;; + sequent) + lt_cv_file_magic_cmd='/bin/file' + lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )' + ;; + sni) + lt_cv_file_magic_cmd='/bin/file' + lt_cv_deplibs_check_method="file_magic ELF [0-9][0-9]*-bit [LM]SB dynamic lib" + lt_cv_file_magic_test_file=/lib/libc.so + ;; + siemens) + lt_cv_deplibs_check_method=pass_all + ;; + pc) + lt_cv_deplibs_check_method=pass_all + ;; + esac + ;; + +tpf*) + lt_cv_deplibs_check_method=pass_all + ;; +esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_deplibs_check_method" >&5 +$as_echo "$lt_cv_deplibs_check_method" >&6; } + +file_magic_glob= +want_nocaseglob=no +if test "$build" = "$host"; then + case $host_os in + mingw* | pw32*) + if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then + want_nocaseglob=yes + else + file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[\1]\/[\1]\/g;/g"` + fi + ;; + esac +fi + +file_magic_cmd=$lt_cv_file_magic_cmd +deplibs_check_method=$lt_cv_deplibs_check_method +test -z "$deplibs_check_method" && deplibs_check_method=unknown + + + + + + + + + + + + + + + + + + + + + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args. +set dummy ${ac_tool_prefix}dlltool; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_DLLTOOL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$DLLTOOL"; then + ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +DLLTOOL=$ac_cv_prog_DLLTOOL +if test -n "$DLLTOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5 +$as_echo "$DLLTOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_DLLTOOL"; then + ac_ct_DLLTOOL=$DLLTOOL + # Extract the first word of "dlltool", so it can be a program name with args. +set dummy dlltool; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_DLLTOOL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_DLLTOOL"; then + ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_DLLTOOL="dlltool" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL +if test -n "$ac_ct_DLLTOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5 +$as_echo "$ac_ct_DLLTOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_DLLTOOL" = x; then + DLLTOOL="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + DLLTOOL=$ac_ct_DLLTOOL + fi +else + DLLTOOL="$ac_cv_prog_DLLTOOL" +fi + +test -z "$DLLTOOL" && DLLTOOL=dlltool + + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to associate runtime and link libraries" >&5 +$as_echo_n "checking how to associate runtime and link libraries... " >&6; } +if test "${lt_cv_sharedlib_from_linklib_cmd+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_sharedlib_from_linklib_cmd='unknown' + +case $host_os in +cygwin* | mingw* | pw32* | cegcc*) + # two different shell functions defined in ltmain.sh + # decide which to use based on capabilities of $DLLTOOL + case `$DLLTOOL --help 2>&1` in + *--identify-strict*) + lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib + ;; + *) + lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback + ;; + esac + ;; +*) + # fallback: assume linklib IS sharedlib + lt_cv_sharedlib_from_linklib_cmd="$ECHO" + ;; +esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sharedlib_from_linklib_cmd" >&5 +$as_echo "$lt_cv_sharedlib_from_linklib_cmd" >&6; } +sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd +test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO + + + + + + + +if test -n "$ac_tool_prefix"; then + for ac_prog in ar + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_AR+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$AR"; then + ac_cv_prog_AR="$AR" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_AR="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +AR=$ac_cv_prog_AR +if test -n "$AR"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AR" >&5 +$as_echo "$AR" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$AR" && break + done +fi +if test -z "$AR"; then + ac_ct_AR=$AR + for ac_prog in ar +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_AR+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_AR"; then + ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_AR="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_AR=$ac_cv_prog_ac_ct_AR +if test -n "$ac_ct_AR"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5 +$as_echo "$ac_ct_AR" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$ac_ct_AR" && break +done + + if test "x$ac_ct_AR" = x; then + AR="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + AR=$ac_ct_AR + fi +fi + +: ${AR=ar} +: ${AR_FLAGS=cru} + + + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for archiver @FILE support" >&5 +$as_echo_n "checking for archiver @FILE support... " >&6; } +if test "${lt_cv_ar_at_file+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_ar_at_file=no + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + echo conftest.$ac_objext > conftest.lst + lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&5' + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5 + (eval $lt_ar_try) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if test "$ac_status" -eq 0; then + # Ensure the archiver fails upon bogus file names. + rm -f conftest.$ac_objext libconftest.a + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5 + (eval $lt_ar_try) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if test "$ac_status" -ne 0; then + lt_cv_ar_at_file=@ + fi + fi + rm -f conftest.* libconftest.a + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ar_at_file" >&5 +$as_echo "$lt_cv_ar_at_file" >&6; } + +if test "x$lt_cv_ar_at_file" = xno; then + archiver_list_spec= +else + archiver_list_spec=$lt_cv_ar_at_file +fi + + + + + + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. +set dummy ${ac_tool_prefix}strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_STRIP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$STRIP"; then + ac_cv_prog_STRIP="$STRIP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_STRIP="${ac_tool_prefix}strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +STRIP=$ac_cv_prog_STRIP +if test -n "$STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 +$as_echo "$STRIP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_STRIP"; then + ac_ct_STRIP=$STRIP + # Extract the first word of "strip", so it can be a program name with args. +set dummy strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_STRIP"; then + ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_STRIP="strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP +if test -n "$ac_ct_STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 +$as_echo "$ac_ct_STRIP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_STRIP" = x; then + STRIP=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + STRIP=$ac_ct_STRIP + fi +else + STRIP="$ac_cv_prog_STRIP" +fi + +test -z "$STRIP" && STRIP=: + + + + + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. +set dummy ${ac_tool_prefix}ranlib; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_RANLIB+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$RANLIB"; then + ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +RANLIB=$ac_cv_prog_RANLIB +if test -n "$RANLIB"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 +$as_echo "$RANLIB" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_RANLIB"; then + ac_ct_RANLIB=$RANLIB + # Extract the first word of "ranlib", so it can be a program name with args. +set dummy ranlib; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_RANLIB"; then + ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_RANLIB="ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB +if test -n "$ac_ct_RANLIB"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 +$as_echo "$ac_ct_RANLIB" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_RANLIB" = x; then + RANLIB=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + RANLIB=$ac_ct_RANLIB + fi +else + RANLIB="$ac_cv_prog_RANLIB" +fi + +test -z "$RANLIB" && RANLIB=: + + + + + + +# Determine commands to create old-style static archives. +old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs' +old_postinstall_cmds='chmod 644 $oldlib' +old_postuninstall_cmds= + +if test -n "$RANLIB"; then + case $host_os in + openbsd*) + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" + ;; + *) + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" + ;; + esac + old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" +fi + +case $host_os in + darwin*) + lock_old_archive_extraction=yes ;; + *) + lock_old_archive_extraction=no ;; +esac + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +# If no C compiler was specified, use CC. +LTCC=${LTCC-"$CC"} + +# If no C compiler flags were specified, use CFLAGS. +LTCFLAGS=${LTCFLAGS-"$CFLAGS"} + +# Allow CC to be a program name with arguments. +compiler=$CC + + +# Check for command to grab the raw symbol name followed by C symbol from nm. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking command to parse $NM output from $compiler object" >&5 +$as_echo_n "checking command to parse $NM output from $compiler object... " >&6; } +if test "${lt_cv_sys_global_symbol_pipe+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + +# These are sane defaults that work on at least a few old systems. +# [They come from Ultrix. What could be older than Ultrix?!! ;)] + +# Character class describing NM global symbol codes. +symcode='[BCDEGRST]' + +# Regexp to match symbols that can be accessed directly from C. +sympat='\([_A-Za-z][_A-Za-z0-9]*\)' + +# Define system-specific variables. +case $host_os in +aix*) + symcode='[BCDT]' + ;; +cygwin* | mingw* | pw32* | cegcc*) + symcode='[ABCDGISTW]' + ;; +hpux*) + if test "$host_cpu" = ia64; then + symcode='[ABCDEGRST]' + fi + ;; +irix* | nonstopux*) + symcode='[BCDEGRST]' + ;; +osf*) + symcode='[BCDEGQRST]' + ;; +solaris*) + symcode='[BDRT]' + ;; +sco3.2v5*) + symcode='[DT]' + ;; +sysv4.2uw2*) + symcode='[DT]' + ;; +sysv5* | sco5v6* | unixware* | OpenUNIX*) + symcode='[ABDT]' + ;; +sysv4) + symcode='[DFNSTU]' + ;; +esac + +# If we're using GNU nm, then use its standard symbol codes. +case `$NM -V 2>&1` in +*GNU* | *'with BFD'*) + symcode='[ABCDGIRSTW]' ;; +esac + +# Transform an extracted symbol line into a proper C declaration. +# Some systems (esp. on ia64) link data and code symbols differently, +# so use this general approach. +lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" + +# Transform an extracted symbol line into symbol name and symbol address +lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\)[ ]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (void *) \&\2},/p'" +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([^ ]*\)[ ]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \(lib[^ ]*\)$/ {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"lib\2\", (void *) \&\2},/p'" + +# Handle CRLF in mingw tool chain +opt_cr= +case $build_os in +mingw*) + opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp + ;; +esac + +# Try without a prefix underscore, then with it. +for ac_symprfx in "" "_"; do + + # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol. + symxfrm="\\1 $ac_symprfx\\2 \\2" + + # Write the raw and C identifiers. + if test "$lt_cv_nm_interface" = "MS dumpbin"; then + # Fake it for dumpbin and say T for any non-static function + # and D for any global variable. + # Also find C++ and __fastcall symbols from MSVC++, + # which start with @ or ?. + lt_cv_sys_global_symbol_pipe="$AWK '"\ +" {last_section=section; section=\$ 3};"\ +" /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ +" \$ 0!~/External *\|/{next};"\ +" / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ +" {if(hide[section]) next};"\ +" {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\ +" {split(\$ 0, a, /\||\r/); split(a[2], s)};"\ +" s[1]~/^[@?]/{print s[1], s[1]; next};"\ +" s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\ +" ' prfx=^$ac_symprfx" + else + lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" + fi + lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'" + + # Check to see that the pipe works correctly. + pipe_works=no + + rm -f conftest* + cat > conftest.$ac_ext <<_LT_EOF +#ifdef __cplusplus +extern "C" { +#endif +char nm_test_var; +void nm_test_func(void); +void nm_test_func(void){} +#ifdef __cplusplus +} +#endif +int main(){nm_test_var='a';nm_test_func();return(0);} +_LT_EOF + + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + # Now try to grab the symbols. + nlist=conftest.nm + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\""; } >&5 + (eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s "$nlist"; then + # Try sorting and uniquifying the output. + if sort "$nlist" | uniq > "$nlist"T; then + mv -f "$nlist"T "$nlist" + else + rm -f "$nlist"T + fi + + # Make sure that we snagged all the symbols we need. + if $GREP ' nm_test_var$' "$nlist" >/dev/null; then + if $GREP ' nm_test_func$' "$nlist" >/dev/null; then + cat <<_LT_EOF > conftest.$ac_ext +/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ +#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) +/* DATA imports from DLLs on WIN32 con't be const, because runtime + relocations are performed -- see ld's documentation on pseudo-relocs. */ +# define LT_DLSYM_CONST +#elif defined(__osf__) +/* This system does not cope well with relocations in const data. */ +# define LT_DLSYM_CONST +#else +# define LT_DLSYM_CONST const +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +_LT_EOF + # Now generate the symbol file. + eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext' + + cat <<_LT_EOF >> conftest.$ac_ext + +/* The mapping between symbol names and symbols. */ +LT_DLSYM_CONST struct { + const char *name; + void *address; +} +lt__PROGRAM__LTX_preloaded_symbols[] = +{ + { "@PROGRAM@", (void *) 0 }, +_LT_EOF + $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext + cat <<\_LT_EOF >> conftest.$ac_ext + {0, (void *) 0} +}; + +/* This works around a problem in FreeBSD linker */ +#ifdef FREEBSD_WORKAROUND +static const void *lt_preloaded_setup() { + return lt__PROGRAM__LTX_preloaded_symbols; +} +#endif + +#ifdef __cplusplus +} +#endif +_LT_EOF + # Now try linking the two files. + mv conftest.$ac_objext conftstm.$ac_objext + lt_globsym_save_LIBS=$LIBS + lt_globsym_save_CFLAGS=$CFLAGS + LIBS="conftstm.$ac_objext" + CFLAGS="$CFLAGS$lt_prog_compiler_no_builtin_flag" + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 + (eval $ac_link) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s conftest${ac_exeext}; then + pipe_works=yes + fi + LIBS=$lt_globsym_save_LIBS + CFLAGS=$lt_globsym_save_CFLAGS + else + echo "cannot find nm_test_func in $nlist" >&5 + fi + else + echo "cannot find nm_test_var in $nlist" >&5 + fi + else + echo "cannot run $lt_cv_sys_global_symbol_pipe" >&5 + fi + else + echo "$progname: failed program was:" >&5 + cat conftest.$ac_ext >&5 + fi + rm -rf conftest* conftst* + + # Do not use the global_symbol_pipe unless it works. + if test "$pipe_works" = yes; then + break + else + lt_cv_sys_global_symbol_pipe= + fi +done + +fi + +if test -z "$lt_cv_sys_global_symbol_pipe"; then + lt_cv_sys_global_symbol_to_cdecl= +fi +if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: failed" >&5 +$as_echo "failed" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok" >&5 +$as_echo "ok" >&6; } +fi + +# Response file support. +if test "$lt_cv_nm_interface" = "MS dumpbin"; then + nm_file_list_spec='@' +elif $NM --help 2>/dev/null | grep '[@]FILE' >/dev/null; then + nm_file_list_spec='@' +fi + + + + + + + + + + + + + + + + + + + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sysroot" >&5 +$as_echo_n "checking for sysroot... " >&6; } + +# Check whether --with-sysroot was given. +if test "${with_sysroot+set}" = set; then : + withval=$with_sysroot; +else + with_sysroot=no +fi + + +lt_sysroot= +case ${with_sysroot} in #( + yes) + if test "$GCC" = yes; then + lt_sysroot=`$CC --print-sysroot 2>/dev/null` + fi + ;; #( + /*) + lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` + ;; #( + no|'') + ;; #( + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${with_sysroot}" >&5 +$as_echo "${with_sysroot}" >&6; } + as_fn_error "The sysroot must be an absolute path." "$LINENO" 5 + ;; +esac + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${lt_sysroot:-no}" >&5 +$as_echo "${lt_sysroot:-no}" >&6; } + + + + + +# Check whether --enable-libtool-lock was given. +if test "${enable_libtool_lock+set}" = set; then : + enableval=$enable_libtool_lock; +fi + +test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes + +# Some flags need to be propagated to the compiler or linker for good +# libtool support. +case $host in +ia64-*-hpux*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + case `/usr/bin/file conftest.$ac_objext` in + *ELF-32*) + HPUX_IA64_MODE="32" + ;; + *ELF-64*) + HPUX_IA64_MODE="64" + ;; + esac + fi + rm -rf conftest* + ;; +*-*-irix6*) + # Find out which ABI we are using. + echo '#line '$LINENO' "configure"' > conftest.$ac_ext + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + if test "$lt_cv_prog_gnu_ld" = yes; then + case `/usr/bin/file conftest.$ac_objext` in + *32-bit*) + LD="${LD-ld} -melf32bsmip" + ;; + *N32*) + LD="${LD-ld} -melf32bmipn32" + ;; + *64-bit*) + LD="${LD-ld} -melf64bmip" + ;; + esac + else + case `/usr/bin/file conftest.$ac_objext` in + *32-bit*) + LD="${LD-ld} -32" + ;; + *N32*) + LD="${LD-ld} -n32" + ;; + *64-bit*) + LD="${LD-ld} -64" + ;; + esac + fi + fi + rm -rf conftest* + ;; + +x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ +s390*-*linux*|s390*-*tpf*|sparc*-*linux*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + case `/usr/bin/file conftest.o` in + *32-bit*) + case $host in + x86_64-*kfreebsd*-gnu) + LD="${LD-ld} -m elf_i386_fbsd" + ;; + x86_64-*linux*) + LD="${LD-ld} -m elf_i386" + ;; + ppc64-*linux*|powerpc64-*linux*) + LD="${LD-ld} -m elf32ppclinux" + ;; + s390x-*linux*) + LD="${LD-ld} -m elf_s390" + ;; + sparc64-*linux*) + LD="${LD-ld} -m elf32_sparc" + ;; + esac + ;; + *64-bit*) + case $host in + x86_64-*kfreebsd*-gnu) + LD="${LD-ld} -m elf_x86_64_fbsd" + ;; + x86_64-*linux*) + LD="${LD-ld} -m elf_x86_64" + ;; + ppc*-*linux*|powerpc*-*linux*) + LD="${LD-ld} -m elf64ppc" + ;; + s390*-*linux*|s390*-*tpf*) + LD="${LD-ld} -m elf64_s390" + ;; + sparc*-*linux*) + LD="${LD-ld} -m elf64_sparc" + ;; + esac + ;; + esac + fi + rm -rf conftest* + ;; + +*-*-sco3.2v5*) + # On SCO OpenServer 5, we need -belf to get full-featured binaries. + SAVE_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -belf" + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler needs -belf" >&5 +$as_echo_n "checking whether the C compiler needs -belf... " >&6; } +if test "${lt_cv_cc_needs_belf+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + lt_cv_cc_needs_belf=yes +else + lt_cv_cc_needs_belf=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_cc_needs_belf" >&5 +$as_echo "$lt_cv_cc_needs_belf" >&6; } + if test x"$lt_cv_cc_needs_belf" != x"yes"; then + # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf + CFLAGS="$SAVE_CFLAGS" + fi + ;; +sparc*-*solaris*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + case `/usr/bin/file conftest.o` in + *64-bit*) + case $lt_cv_prog_gnu_ld in + yes*) LD="${LD-ld} -m elf64_sparc" ;; + *) + if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then + LD="${LD-ld} -64" + fi + ;; + esac + ;; + esac + fi + rm -rf conftest* + ;; +esac + +need_locks="$enable_libtool_lock" + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}mt", so it can be a program name with args. +set dummy ${ac_tool_prefix}mt; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_MANIFEST_TOOL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$MANIFEST_TOOL"; then + ac_cv_prog_MANIFEST_TOOL="$MANIFEST_TOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +MANIFEST_TOOL=$ac_cv_prog_MANIFEST_TOOL +if test -n "$MANIFEST_TOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MANIFEST_TOOL" >&5 +$as_echo "$MANIFEST_TOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_MANIFEST_TOOL"; then + ac_ct_MANIFEST_TOOL=$MANIFEST_TOOL + # Extract the first word of "mt", so it can be a program name with args. +set dummy mt; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_MANIFEST_TOOL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_MANIFEST_TOOL"; then + ac_cv_prog_ac_ct_MANIFEST_TOOL="$ac_ct_MANIFEST_TOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_MANIFEST_TOOL="mt" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_MANIFEST_TOOL=$ac_cv_prog_ac_ct_MANIFEST_TOOL +if test -n "$ac_ct_MANIFEST_TOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_MANIFEST_TOOL" >&5 +$as_echo "$ac_ct_MANIFEST_TOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_MANIFEST_TOOL" = x; then + MANIFEST_TOOL=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + MANIFEST_TOOL=$ac_ct_MANIFEST_TOOL + fi +else + MANIFEST_TOOL="$ac_cv_prog_MANIFEST_TOOL" +fi + +test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $MANIFEST_TOOL is a manifest tool" >&5 +$as_echo_n "checking if $MANIFEST_TOOL is a manifest tool... " >&6; } +if test "${lt_cv_path_mainfest_tool+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_path_mainfest_tool=no + echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&5 + $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out + cat conftest.err >&5 + if $GREP 'Manifest Tool' conftest.out > /dev/null; then + lt_cv_path_mainfest_tool=yes + fi + rm -f conftest* +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_mainfest_tool" >&5 +$as_echo "$lt_cv_path_mainfest_tool" >&6; } +if test "x$lt_cv_path_mainfest_tool" != xyes; then + MANIFEST_TOOL=: +fi + + + + + + + case $host_os in + rhapsody* | darwin*) + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}dsymutil", so it can be a program name with args. +set dummy ${ac_tool_prefix}dsymutil; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_DSYMUTIL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$DSYMUTIL"; then + ac_cv_prog_DSYMUTIL="$DSYMUTIL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +DSYMUTIL=$ac_cv_prog_DSYMUTIL +if test -n "$DSYMUTIL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DSYMUTIL" >&5 +$as_echo "$DSYMUTIL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_DSYMUTIL"; then + ac_ct_DSYMUTIL=$DSYMUTIL + # Extract the first word of "dsymutil", so it can be a program name with args. +set dummy dsymutil; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_DSYMUTIL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_DSYMUTIL"; then + ac_cv_prog_ac_ct_DSYMUTIL="$ac_ct_DSYMUTIL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_DSYMUTIL="dsymutil" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_DSYMUTIL=$ac_cv_prog_ac_ct_DSYMUTIL +if test -n "$ac_ct_DSYMUTIL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DSYMUTIL" >&5 +$as_echo "$ac_ct_DSYMUTIL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_DSYMUTIL" = x; then + DSYMUTIL=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + DSYMUTIL=$ac_ct_DSYMUTIL + fi +else + DSYMUTIL="$ac_cv_prog_DSYMUTIL" +fi + + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}nmedit", so it can be a program name with args. +set dummy ${ac_tool_prefix}nmedit; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_NMEDIT+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$NMEDIT"; then + ac_cv_prog_NMEDIT="$NMEDIT" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +NMEDIT=$ac_cv_prog_NMEDIT +if test -n "$NMEDIT"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NMEDIT" >&5 +$as_echo "$NMEDIT" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_NMEDIT"; then + ac_ct_NMEDIT=$NMEDIT + # Extract the first word of "nmedit", so it can be a program name with args. +set dummy nmedit; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_NMEDIT+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_NMEDIT"; then + ac_cv_prog_ac_ct_NMEDIT="$ac_ct_NMEDIT" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_NMEDIT="nmedit" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_NMEDIT=$ac_cv_prog_ac_ct_NMEDIT +if test -n "$ac_ct_NMEDIT"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_NMEDIT" >&5 +$as_echo "$ac_ct_NMEDIT" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_NMEDIT" = x; then + NMEDIT=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + NMEDIT=$ac_ct_NMEDIT + fi +else + NMEDIT="$ac_cv_prog_NMEDIT" +fi + + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}lipo", so it can be a program name with args. +set dummy ${ac_tool_prefix}lipo; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_LIPO+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$LIPO"; then + ac_cv_prog_LIPO="$LIPO" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_LIPO="${ac_tool_prefix}lipo" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +LIPO=$ac_cv_prog_LIPO +if test -n "$LIPO"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIPO" >&5 +$as_echo "$LIPO" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_LIPO"; then + ac_ct_LIPO=$LIPO + # Extract the first word of "lipo", so it can be a program name with args. +set dummy lipo; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_LIPO+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_LIPO"; then + ac_cv_prog_ac_ct_LIPO="$ac_ct_LIPO" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_LIPO="lipo" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_LIPO=$ac_cv_prog_ac_ct_LIPO +if test -n "$ac_ct_LIPO"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_LIPO" >&5 +$as_echo "$ac_ct_LIPO" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_LIPO" = x; then + LIPO=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + LIPO=$ac_ct_LIPO + fi +else + LIPO="$ac_cv_prog_LIPO" +fi + + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}otool", so it can be a program name with args. +set dummy ${ac_tool_prefix}otool; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_OTOOL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$OTOOL"; then + ac_cv_prog_OTOOL="$OTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_OTOOL="${ac_tool_prefix}otool" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +OTOOL=$ac_cv_prog_OTOOL +if test -n "$OTOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OTOOL" >&5 +$as_echo "$OTOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_OTOOL"; then + ac_ct_OTOOL=$OTOOL + # Extract the first word of "otool", so it can be a program name with args. +set dummy otool; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_OTOOL+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_OTOOL"; then + ac_cv_prog_ac_ct_OTOOL="$ac_ct_OTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_OTOOL="otool" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_OTOOL=$ac_cv_prog_ac_ct_OTOOL +if test -n "$ac_ct_OTOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL" >&5 +$as_echo "$ac_ct_OTOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_OTOOL" = x; then + OTOOL=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OTOOL=$ac_ct_OTOOL + fi +else + OTOOL="$ac_cv_prog_OTOOL" +fi + + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}otool64", so it can be a program name with args. +set dummy ${ac_tool_prefix}otool64; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_OTOOL64+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$OTOOL64"; then + ac_cv_prog_OTOOL64="$OTOOL64" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +OTOOL64=$ac_cv_prog_OTOOL64 +if test -n "$OTOOL64"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OTOOL64" >&5 +$as_echo "$OTOOL64" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_OTOOL64"; then + ac_ct_OTOOL64=$OTOOL64 + # Extract the first word of "otool64", so it can be a program name with args. +set dummy otool64; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_ac_ct_OTOOL64+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_OTOOL64"; then + ac_cv_prog_ac_ct_OTOOL64="$ac_ct_OTOOL64" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_ac_ct_OTOOL64="otool64" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_OTOOL64=$ac_cv_prog_ac_ct_OTOOL64 +if test -n "$ac_ct_OTOOL64"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL64" >&5 +$as_echo "$ac_ct_OTOOL64" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_OTOOL64" = x; then + OTOOL64=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OTOOL64=$ac_ct_OTOOL64 + fi +else + OTOOL64="$ac_cv_prog_OTOOL64" +fi + + + + + + + + + + + + + + + + + + + + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -single_module linker flag" >&5 +$as_echo_n "checking for -single_module linker flag... " >&6; } +if test "${lt_cv_apple_cc_single_mod+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_apple_cc_single_mod=no + if test -z "${LT_MULTI_MODULE}"; then + # By default we will add the -single_module flag. You can override + # by either setting the environment variable LT_MULTI_MODULE + # non-empty at configure time, or by adding -multi_module to the + # link flags. + rm -rf libconftest.dylib* + echo "int foo(void){return 1;}" > conftest.c + echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ +-dynamiclib -Wl,-single_module conftest.c" >&5 + $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ + -dynamiclib -Wl,-single_module conftest.c 2>conftest.err + _lt_result=$? + if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then + lt_cv_apple_cc_single_mod=yes + else + cat conftest.err >&5 + fi + rm -rf libconftest.dylib* + rm -f conftest.* + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_apple_cc_single_mod" >&5 +$as_echo "$lt_cv_apple_cc_single_mod" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -exported_symbols_list linker flag" >&5 +$as_echo_n "checking for -exported_symbols_list linker flag... " >&6; } +if test "${lt_cv_ld_exported_symbols_list+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_ld_exported_symbols_list=no + save_LDFLAGS=$LDFLAGS + echo "_main" > conftest.sym + LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + lt_cv_ld_exported_symbols_list=yes +else + lt_cv_ld_exported_symbols_list=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS="$save_LDFLAGS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_exported_symbols_list" >&5 +$as_echo "$lt_cv_ld_exported_symbols_list" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -force_load linker flag" >&5 +$as_echo_n "checking for -force_load linker flag... " >&6; } +if test "${lt_cv_ld_force_load+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_ld_force_load=no + cat > conftest.c << _LT_EOF +int forced_loaded() { return 2;} +_LT_EOF + echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5 + $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5 + echo "$AR cru libconftest.a conftest.o" >&5 + $AR cru libconftest.a conftest.o 2>&5 + echo "$RANLIB libconftest.a" >&5 + $RANLIB libconftest.a 2>&5 + cat > conftest.c << _LT_EOF +int main() { return 0;} +_LT_EOF + echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&5 + $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err + _lt_result=$? + if test -f conftest && test ! -s conftest.err && test $_lt_result = 0 && $GREP forced_load conftest 2>&1 >/dev/null; then + lt_cv_ld_force_load=yes + else + cat conftest.err >&5 + fi + rm -f conftest.err libconftest.a conftest conftest.c + rm -rf conftest.dSYM + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_force_load" >&5 +$as_echo "$lt_cv_ld_force_load" >&6; } + case $host_os in + rhapsody* | darwin1.[012]) + _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;; + darwin1.*) + _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; + darwin*) # darwin 5.x on + # if running on 10.5 or later, the deployment target defaults + # to the OS version, if on x86, and 10.4, the deployment + # target defaults to 10.4. Don't you love it? + case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in + 10.0,*86*-darwin8*|10.0,*-darwin[91]*) + _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; + 10.[012]*) + _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; + 10.*) + _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; + esac + ;; + esac + if test "$lt_cv_apple_cc_single_mod" = "yes"; then + _lt_dar_single_mod='$single_module' + fi + if test "$lt_cv_ld_exported_symbols_list" = "yes"; then + _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym' + else + _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}' + fi + if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then + _lt_dsymutil='~$DSYMUTIL $lib || :' + else + _lt_dsymutil= + fi + ;; + esac + +for ac_header in dlfcn.h +do : + ac_fn_c_check_header_compile "$LINENO" "dlfcn.h" "ac_cv_header_dlfcn_h" "$ac_includes_default +" +if test "x$ac_cv_header_dlfcn_h" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_DLFCN_H 1 +_ACEOF + +fi + +done + + + + + +# Set options + + + + enable_dlopen=no + + + enable_win32_dll=no + + + # Check whether --enable-shared was given. +if test "${enable_shared+set}" = set; then : + enableval=$enable_shared; p=${PACKAGE-default} + case $enableval in + yes) enable_shared=yes ;; + no) enable_shared=no ;; + *) + enable_shared=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_shared=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac +else + enable_shared=yes +fi + + + + + + + + + + # Check whether --enable-static was given. +if test "${enable_static+set}" = set; then : + enableval=$enable_static; p=${PACKAGE-default} + case $enableval in + yes) enable_static=yes ;; + no) enable_static=no ;; + *) + enable_static=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_static=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac +else + enable_static=yes +fi + + + + + + + + + + +# Check whether --with-pic was given. +if test "${with_pic+set}" = set; then : + withval=$with_pic; pic_mode="$withval" +else + pic_mode=default +fi + + +test -z "$pic_mode" && pic_mode=default + + + + + + + + # Check whether --enable-fast-install was given. +if test "${enable_fast_install+set}" = set; then : + enableval=$enable_fast_install; p=${PACKAGE-default} + case $enableval in + yes) enable_fast_install=yes ;; + no) enable_fast_install=no ;; + *) + enable_fast_install=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_fast_install=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac +else + enable_fast_install=yes +fi + + + + + + + + + + + +# This can be used to rebuild libtool when needed +LIBTOOL_DEPS="$ltmain" + +# Always use our own libtool. +LIBTOOL='$(SHELL) $(top_builddir)/libtool' + + + + + + + + + + + + + + + + + + + + + + + + + + +test -z "$LN_S" && LN_S="ln -s" + + + + + + + + + + + + + + +if test -n "${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for objdir" >&5 +$as_echo_n "checking for objdir... " >&6; } +if test "${lt_cv_objdir+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + rm -f .libs 2>/dev/null +mkdir .libs 2>/dev/null +if test -d .libs; then + lt_cv_objdir=.libs +else + # MS-DOS does not allow filenames that begin with a dot. + lt_cv_objdir=_libs +fi +rmdir .libs 2>/dev/null +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_objdir" >&5 +$as_echo "$lt_cv_objdir" >&6; } +objdir=$lt_cv_objdir + + + + + +cat >>confdefs.h <<_ACEOF +#define LT_OBJDIR "$lt_cv_objdir/" +_ACEOF + + + + +case $host_os in +aix3*) + # AIX sometimes has problems with the GCC collect2 program. For some + # reason, if we set the COLLECT_NAMES environment variable, the problems + # vanish in a puff of smoke. + if test "X${COLLECT_NAMES+set}" != Xset; then + COLLECT_NAMES= + export COLLECT_NAMES + fi + ;; +esac + +# Global variables: +ofile=libtool +can_build_shared=yes + +# All known linkers require a `.a' archive for static linking (except MSVC, +# which needs '.lib'). +libext=a + +with_gnu_ld="$lt_cv_prog_gnu_ld" + +old_CC="$CC" +old_CFLAGS="$CFLAGS" + +# Set sane defaults for various variables +test -z "$CC" && CC=cc +test -z "$LTCC" && LTCC=$CC +test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS +test -z "$LD" && LD=ld +test -z "$ac_objext" && ac_objext=o + +for cc_temp in $compiler""; do + case $cc_temp in + compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; + distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; + \-*) ;; + *) break;; + esac +done +cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"` + + +# Only perform the check for file, if the check method requires it +test -z "$MAGIC_CMD" && MAGIC_CMD=file +case $deplibs_check_method in +file_magic*) + if test "$file_magic_cmd" = '$MAGIC_CMD'; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${ac_tool_prefix}file" >&5 +$as_echo_n "checking for ${ac_tool_prefix}file... " >&6; } +if test "${lt_cv_path_MAGIC_CMD+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + case $MAGIC_CMD in +[\\/*] | ?:[\\/]*) + lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path. + ;; +*) + lt_save_MAGIC_CMD="$MAGIC_CMD" + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR + ac_dummy="/usr/bin$PATH_SEPARATOR$PATH" + for ac_dir in $ac_dummy; do + IFS="$lt_save_ifs" + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/${ac_tool_prefix}file; then + lt_cv_path_MAGIC_CMD="$ac_dir/${ac_tool_prefix}file" + if test -n "$file_magic_test_file"; then + case $deplibs_check_method in + "file_magic "*) + file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"` + MAGIC_CMD="$lt_cv_path_MAGIC_CMD" + if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null | + $EGREP "$file_magic_regex" > /dev/null; then + : + else + cat <<_LT_EOF 1>&2 + +*** Warning: the command libtool uses to detect shared libraries, +*** $file_magic_cmd, produces output that libtool cannot recognize. +*** The result is that libtool may fail to recognize shared libraries +*** as such. This will affect the creation of libtool libraries that +*** depend on shared libraries, but programs linked with such libtool +*** libraries will work regardless of this problem. Nevertheless, you +*** may want to report the problem to your system manager and/or to +*** bug-libtool@gnu.org + +_LT_EOF + fi ;; + esac + fi + break + fi + done + IFS="$lt_save_ifs" + MAGIC_CMD="$lt_save_MAGIC_CMD" + ;; +esac +fi + +MAGIC_CMD="$lt_cv_path_MAGIC_CMD" +if test -n "$MAGIC_CMD"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5 +$as_echo "$MAGIC_CMD" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + + + +if test -z "$lt_cv_path_MAGIC_CMD"; then + if test -n "$ac_tool_prefix"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for file" >&5 +$as_echo_n "checking for file... " >&6; } +if test "${lt_cv_path_MAGIC_CMD+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + case $MAGIC_CMD in +[\\/*] | ?:[\\/]*) + lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path. + ;; +*) + lt_save_MAGIC_CMD="$MAGIC_CMD" + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR + ac_dummy="/usr/bin$PATH_SEPARATOR$PATH" + for ac_dir in $ac_dummy; do + IFS="$lt_save_ifs" + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/file; then + lt_cv_path_MAGIC_CMD="$ac_dir/file" + if test -n "$file_magic_test_file"; then + case $deplibs_check_method in + "file_magic "*) + file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"` + MAGIC_CMD="$lt_cv_path_MAGIC_CMD" + if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null | + $EGREP "$file_magic_regex" > /dev/null; then + : + else + cat <<_LT_EOF 1>&2 + +*** Warning: the command libtool uses to detect shared libraries, +*** $file_magic_cmd, produces output that libtool cannot recognize. +*** The result is that libtool may fail to recognize shared libraries +*** as such. This will affect the creation of libtool libraries that +*** depend on shared libraries, but programs linked with such libtool +*** libraries will work regardless of this problem. Nevertheless, you +*** may want to report the problem to your system manager and/or to +*** bug-libtool@gnu.org + +_LT_EOF + fi ;; + esac + fi + break + fi + done + IFS="$lt_save_ifs" + MAGIC_CMD="$lt_save_MAGIC_CMD" + ;; +esac +fi + +MAGIC_CMD="$lt_cv_path_MAGIC_CMD" +if test -n "$MAGIC_CMD"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5 +$as_echo "$MAGIC_CMD" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + else + MAGIC_CMD=: + fi +fi + + fi + ;; +esac + +# Use C for the default configuration in the libtool script + +lt_save_CC="$CC" +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +# Source file extension for C test sources. +ac_ext=c + +# Object file extension for compiled C test sources. +objext=o +objext=$objext + +# Code to be used in simple compile tests +lt_simple_compile_test_code="int some_variable = 0;" + +# Code to be used in simple link tests +lt_simple_link_test_code='int main(){return(0);}' + + + + + + + +# If no C compiler was specified, use CC. +LTCC=${LTCC-"$CC"} + +# If no C compiler flags were specified, use CFLAGS. +LTCFLAGS=${LTCFLAGS-"$CFLAGS"} + +# Allow CC to be a program name with arguments. +compiler=$CC + +# Save the default compiler, since it gets overwritten when the other +# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP. +compiler_DEFAULT=$CC + +# save warnings/boilerplate of simple test code +ac_outfile=conftest.$ac_objext +echo "$lt_simple_compile_test_code" >conftest.$ac_ext +eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err +_lt_compiler_boilerplate=`cat conftest.err` +$RM conftest* + +ac_outfile=conftest.$ac_objext +echo "$lt_simple_link_test_code" >conftest.$ac_ext +eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err +_lt_linker_boilerplate=`cat conftest.err` +$RM -r conftest* + + +if test -n "$compiler"; then + +lt_prog_compiler_no_builtin_flag= + +if test "$GCC" = yes; then + case $cc_basename in + nvcc*) + lt_prog_compiler_no_builtin_flag=' -Xcompiler -fno-builtin' ;; + *) + lt_prog_compiler_no_builtin_flag=' -fno-builtin' ;; + esac + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -fno-rtti -fno-exceptions" >&5 +$as_echo_n "checking if $compiler supports -fno-rtti -fno-exceptions... " >&6; } +if test "${lt_cv_prog_compiler_rtti_exceptions+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler_rtti_exceptions=no + ac_outfile=conftest.$ac_objext + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + lt_compiler_flag="-fno-rtti -fno-exceptions" + # Insert the option either (1) after the last *FLAGS variable, or + # (2) before a word containing "conftest.", or (3) at the end. + # Note that $ac_compile itself does not contain backslashes and begins + # with a dollar sign (not a hyphen), so the echo should work correctly. + # The option is referenced via a variable to avoid confusing sed. + lt_compile=`echo "$ac_compile" | $SED \ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` + (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5) + (eval "$lt_compile" 2>conftest.err) + ac_status=$? + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s "$ac_outfile"; then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings other than the usual output. + $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then + lt_cv_prog_compiler_rtti_exceptions=yes + fi + fi + $RM conftest* + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_rtti_exceptions" >&5 +$as_echo "$lt_cv_prog_compiler_rtti_exceptions" >&6; } + +if test x"$lt_cv_prog_compiler_rtti_exceptions" = xyes; then + lt_prog_compiler_no_builtin_flag="$lt_prog_compiler_no_builtin_flag -fno-rtti -fno-exceptions" +else + : +fi + +fi + + + + + + + lt_prog_compiler_wl= +lt_prog_compiler_pic= +lt_prog_compiler_static= + + + if test "$GCC" = yes; then + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_static='-static' + + case $host_os in + aix*) + # All AIX code is PIC. + if test "$host_cpu" = ia64; then + # AIX 5 now supports IA64 processor + lt_prog_compiler_static='-Bstatic' + fi + ;; + + amigaos*) + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + lt_prog_compiler_pic='-fPIC' + ;; + m68k) + # FIXME: we need at least 68020 code to build shared libraries, but + # adding the `-m68020' flag to GCC prevents building anything better, + # like `-m68040'. + lt_prog_compiler_pic='-m68020 -resident32 -malways-restore-a4' + ;; + esac + ;; + + beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) + # PIC is the default for these OSes. + ;; + + mingw* | cygwin* | pw32* | os2* | cegcc*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). + # Although the cygwin gcc ignores -fPIC, still need this for old-style + # (--disable-auto-import) libraries + lt_prog_compiler_pic='-DDLL_EXPORT' + ;; + + darwin* | rhapsody*) + # PIC is the default on this platform + # Common symbols not allowed in MH_DYLIB files + lt_prog_compiler_pic='-fno-common' + ;; + + haiku*) + # PIC is the default for Haiku. + # The "-static" flag exists, but is broken. + lt_prog_compiler_static= + ;; + + hpux*) + # PIC is the default for 64-bit PA HP-UX, but not for 32-bit + # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag + # sets the default TLS model and affects inlining. + case $host_cpu in + hppa*64*) + # +Z the default + ;; + *) + lt_prog_compiler_pic='-fPIC' + ;; + esac + ;; + + interix[3-9]*) + # Interix 3.x gcc -fpic/-fPIC options generate broken code. + # Instead, we relocate shared libraries at runtime. + ;; + + msdosdjgpp*) + # Just because we use GCC doesn't mean we suddenly get shared libraries + # on systems that don't support them. + lt_prog_compiler_can_build_shared=no + enable_shared=no + ;; + + *nto* | *qnx*) + # QNX uses GNU C++, but need to define -shared option too, otherwise + # it will coredump. + lt_prog_compiler_pic='-fPIC -shared' + ;; + + sysv4*MP*) + if test -d /usr/nec; then + lt_prog_compiler_pic=-Kconform_pic + fi + ;; + + *) + lt_prog_compiler_pic='-fPIC' + ;; + esac + + case $cc_basename in + nvcc*) # Cuda Compiler Driver 2.2 + lt_prog_compiler_wl='-Xlinker ' + lt_prog_compiler_pic='-Xcompiler -fPIC' + ;; + esac + else + # PORTME Check for flag to pass linker flags through the system compiler. + case $host_os in + aix*) + lt_prog_compiler_wl='-Wl,' + if test "$host_cpu" = ia64; then + # AIX 5 now supports IA64 processor + lt_prog_compiler_static='-Bstatic' + else + lt_prog_compiler_static='-bnso -bI:/lib/syscalls.exp' + fi + ;; + + mingw* | cygwin* | pw32* | os2* | cegcc*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). + lt_prog_compiler_pic='-DDLL_EXPORT' + ;; + + hpux9* | hpux10* | hpux11*) + lt_prog_compiler_wl='-Wl,' + # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but + # not for PA HP-UX. + case $host_cpu in + hppa*64*|ia64*) + # +Z the default + ;; + *) + lt_prog_compiler_pic='+Z' + ;; + esac + # Is there a better lt_prog_compiler_static that works with the bundled CC? + lt_prog_compiler_static='${wl}-a ${wl}archive' + ;; + + irix5* | irix6* | nonstopux*) + lt_prog_compiler_wl='-Wl,' + # PIC (with -KPIC) is the default. + lt_prog_compiler_static='-non_shared' + ;; + + linux* | k*bsd*-gnu | kopensolaris*-gnu) + case $cc_basename in + # old Intel for x86_64 which still supported -KPIC. + ecc*) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='-KPIC' + lt_prog_compiler_static='-static' + ;; + # icc used to be incompatible with GCC. + # ICC 10 doesn't accept -KPIC any more. + icc* | ifort*) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='-fPIC' + lt_prog_compiler_static='-static' + ;; + # Lahey Fortran 8.1. + lf95*) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='--shared' + lt_prog_compiler_static='--static' + ;; + nagfor*) + # NAG Fortran compiler + lt_prog_compiler_wl='-Wl,-Wl,,' + lt_prog_compiler_pic='-PIC' + lt_prog_compiler_static='-Bstatic' + ;; + pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*) + # Portland Group compilers (*not* the Pentium gcc compiler, + # which looks to be a dead project) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='-fpic' + lt_prog_compiler_static='-Bstatic' + ;; + ccc*) + lt_prog_compiler_wl='-Wl,' + # All Alpha code is PIC. + lt_prog_compiler_static='-non_shared' + ;; + xl* | bgxl* | bgf* | mpixl*) + # IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='-qpic' + lt_prog_compiler_static='-qstaticlink' + ;; + *) + case `$CC -V 2>&1 | sed 5q` in + *Sun\ F* | *Sun*Fortran*) + # Sun Fortran 8.3 passes all unrecognized flags to the linker + lt_prog_compiler_pic='-KPIC' + lt_prog_compiler_static='-Bstatic' + lt_prog_compiler_wl='' + ;; + *Sun\ C*) + # Sun C 5.9 + lt_prog_compiler_pic='-KPIC' + lt_prog_compiler_static='-Bstatic' + lt_prog_compiler_wl='-Wl,' + ;; + esac + ;; + esac + ;; + + newsos6) + lt_prog_compiler_pic='-KPIC' + lt_prog_compiler_static='-Bstatic' + ;; + + *nto* | *qnx*) + # QNX uses GNU C++, but need to define -shared option too, otherwise + # it will coredump. + lt_prog_compiler_pic='-fPIC -shared' + ;; + + osf3* | osf4* | osf5*) + lt_prog_compiler_wl='-Wl,' + # All OSF/1 code is PIC. + lt_prog_compiler_static='-non_shared' + ;; + + rdos*) + lt_prog_compiler_static='-non_shared' + ;; + + solaris*) + lt_prog_compiler_pic='-KPIC' + lt_prog_compiler_static='-Bstatic' + case $cc_basename in + f77* | f90* | f95* | sunf77* | sunf90* | sunf95*) + lt_prog_compiler_wl='-Qoption ld ';; + *) + lt_prog_compiler_wl='-Wl,';; + esac + ;; + + sunos4*) + lt_prog_compiler_wl='-Qoption ld ' + lt_prog_compiler_pic='-PIC' + lt_prog_compiler_static='-Bstatic' + ;; + + sysv4 | sysv4.2uw2* | sysv4.3*) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='-KPIC' + lt_prog_compiler_static='-Bstatic' + ;; + + sysv4*MP*) + if test -d /usr/nec ;then + lt_prog_compiler_pic='-Kconform_pic' + lt_prog_compiler_static='-Bstatic' + fi + ;; + + sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='-KPIC' + lt_prog_compiler_static='-Bstatic' + ;; + + unicos*) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_can_build_shared=no + ;; + + uts4*) + lt_prog_compiler_pic='-pic' + lt_prog_compiler_static='-Bstatic' + ;; + + *) + lt_prog_compiler_can_build_shared=no + ;; + esac + fi + +case $host_os in + # For platforms which do not support PIC, -DPIC is meaningless: + *djgpp*) + lt_prog_compiler_pic= + ;; + *) + lt_prog_compiler_pic="$lt_prog_compiler_pic -DPIC" + ;; +esac + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5 +$as_echo_n "checking for $compiler option to produce PIC... " >&6; } +if test "${lt_cv_prog_compiler_pic+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler_pic=$lt_prog_compiler_pic +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic" >&5 +$as_echo "$lt_cv_prog_compiler_pic" >&6; } +lt_prog_compiler_pic=$lt_cv_prog_compiler_pic + +# +# Check to make sure the PIC flag actually works. +# +if test -n "$lt_prog_compiler_pic"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5 +$as_echo_n "checking if $compiler PIC flag $lt_prog_compiler_pic works... " >&6; } +if test "${lt_cv_prog_compiler_pic_works+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler_pic_works=no + ac_outfile=conftest.$ac_objext + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + lt_compiler_flag="$lt_prog_compiler_pic -DPIC" + # Insert the option either (1) after the last *FLAGS variable, or + # (2) before a word containing "conftest.", or (3) at the end. + # Note that $ac_compile itself does not contain backslashes and begins + # with a dollar sign (not a hyphen), so the echo should work correctly. + # The option is referenced via a variable to avoid confusing sed. + lt_compile=`echo "$ac_compile" | $SED \ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` + (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5) + (eval "$lt_compile" 2>conftest.err) + ac_status=$? + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s "$ac_outfile"; then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings other than the usual output. + $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then + lt_cv_prog_compiler_pic_works=yes + fi + fi + $RM conftest* + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works" >&5 +$as_echo "$lt_cv_prog_compiler_pic_works" >&6; } + +if test x"$lt_cv_prog_compiler_pic_works" = xyes; then + case $lt_prog_compiler_pic in + "" | " "*) ;; + *) lt_prog_compiler_pic=" $lt_prog_compiler_pic" ;; + esac +else + lt_prog_compiler_pic= + lt_prog_compiler_can_build_shared=no +fi + +fi + + + + + + + + + + + +# +# Check to make sure the static flag actually works. +# +wl=$lt_prog_compiler_wl eval lt_tmp_static_flag=\"$lt_prog_compiler_static\" +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5 +$as_echo_n "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; } +if test "${lt_cv_prog_compiler_static_works+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler_static_works=no + save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $lt_tmp_static_flag" + echo "$lt_simple_link_test_code" > conftest.$ac_ext + if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then + # The linker can only warn and ignore the option if not recognized + # So say no if there are warnings + if test -s conftest.err; then + # Append any errors to the config.log. + cat conftest.err 1>&5 + $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if diff conftest.exp conftest.er2 >/dev/null; then + lt_cv_prog_compiler_static_works=yes + fi + else + lt_cv_prog_compiler_static_works=yes + fi + fi + $RM -r conftest* + LDFLAGS="$save_LDFLAGS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works" >&5 +$as_echo "$lt_cv_prog_compiler_static_works" >&6; } + +if test x"$lt_cv_prog_compiler_static_works" = xyes; then + : +else + lt_prog_compiler_static= +fi + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 +$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } +if test "${lt_cv_prog_compiler_c_o+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler_c_o=no + $RM -r conftest 2>/dev/null + mkdir conftest + cd conftest + mkdir out + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + + lt_compiler_flag="-o out/conftest2.$ac_objext" + # Insert the option either (1) after the last *FLAGS variable, or + # (2) before a word containing "conftest.", or (3) at the end. + # Note that $ac_compile itself does not contain backslashes and begins + # with a dollar sign (not a hyphen), so the echo should work correctly. + lt_compile=`echo "$ac_compile" | $SED \ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` + (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5) + (eval "$lt_compile" 2>out/conftest.err) + ac_status=$? + cat out/conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s out/conftest2.$ac_objext + then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings + $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp + $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 + if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then + lt_cv_prog_compiler_c_o=yes + fi + fi + chmod u+w . 2>&5 + $RM conftest* + # SGI C++ compiler will create directory out/ii_files/ for + # template instantiation + test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files + $RM out/* && rmdir out + cd .. + $RM -r conftest + $RM conftest* + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 +$as_echo "$lt_cv_prog_compiler_c_o" >&6; } + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 +$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } +if test "${lt_cv_prog_compiler_c_o+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler_c_o=no + $RM -r conftest 2>/dev/null + mkdir conftest + cd conftest + mkdir out + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + + lt_compiler_flag="-o out/conftest2.$ac_objext" + # Insert the option either (1) after the last *FLAGS variable, or + # (2) before a word containing "conftest.", or (3) at the end. + # Note that $ac_compile itself does not contain backslashes and begins + # with a dollar sign (not a hyphen), so the echo should work correctly. + lt_compile=`echo "$ac_compile" | $SED \ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` + (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5) + (eval "$lt_compile" 2>out/conftest.err) + ac_status=$? + cat out/conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s out/conftest2.$ac_objext + then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings + $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp + $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 + if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then + lt_cv_prog_compiler_c_o=yes + fi + fi + chmod u+w . 2>&5 + $RM conftest* + # SGI C++ compiler will create directory out/ii_files/ for + # template instantiation + test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files + $RM out/* && rmdir out + cd .. + $RM -r conftest + $RM conftest* + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 +$as_echo "$lt_cv_prog_compiler_c_o" >&6; } + + + + +hard_links="nottested" +if test "$lt_cv_prog_compiler_c_o" = no && test "$need_locks" != no; then + # do not overwrite the value of need_locks provided by the user + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we can lock with hard links" >&5 +$as_echo_n "checking if we can lock with hard links... " >&6; } + hard_links=yes + $RM conftest* + ln conftest.a conftest.b 2>/dev/null && hard_links=no + touch conftest.a + ln conftest.a conftest.b 2>&5 || hard_links=no + ln conftest.a conftest.b 2>/dev/null && hard_links=no + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $hard_links" >&5 +$as_echo "$hard_links" >&6; } + if test "$hard_links" = no; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 +$as_echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} + need_locks=warn + fi +else + need_locks=no +fi + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5 +$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; } + + runpath_var= + allow_undefined_flag= + always_export_symbols=no + archive_cmds= + archive_expsym_cmds= + compiler_needs_object=no + enable_shared_with_static_runtimes=no + export_dynamic_flag_spec= + export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + hardcode_automatic=no + hardcode_direct=no + hardcode_direct_absolute=no + hardcode_libdir_flag_spec= + hardcode_libdir_flag_spec_ld= + hardcode_libdir_separator= + hardcode_minus_L=no + hardcode_shlibpath_var=unsupported + inherit_rpath=no + link_all_deplibs=unknown + module_cmds= + module_expsym_cmds= + old_archive_from_new_cmds= + old_archive_from_expsyms_cmds= + thread_safe_flag_spec= + whole_archive_flag_spec= + # include_expsyms should be a list of space-separated symbols to be *always* + # included in the symbol list + include_expsyms= + # exclude_expsyms can be an extended regexp of symbols to exclude + # it will be wrapped by ` (' and `)$', so one must not match beginning or + # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', + # as well as any symbol that contains `d'. + exclude_expsyms='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*' + # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out + # platforms (ab)use it in PIC code, but their linkers get confused if + # the symbol is explicitly referenced. Since portable code cannot + # rely on this symbol name, it's probably fine to never include it in + # preloaded symbol tables. + # Exclude shared library initialization/finalization symbols. + extract_expsyms_cmds= + + case $host_os in + cygwin* | mingw* | pw32* | cegcc*) + # FIXME: the MSVC++ port hasn't been tested in a loooong time + # When not using gcc, we currently assume that we are using + # Microsoft Visual C++. + if test "$GCC" != yes; then + with_gnu_ld=no + fi + ;; + interix*) + # we just hope/assume this is gcc and not c89 (= MSVC++) + with_gnu_ld=yes + ;; + openbsd*) + with_gnu_ld=no + ;; + esac + + ld_shlibs=yes + + # On some targets, GNU ld is compatible enough with the native linker + # that we're better off using the native interface for both. + lt_use_gnu_ld_interface=no + if test "$with_gnu_ld" = yes; then + case $host_os in + aix*) + # The AIX port of GNU ld has always aspired to compatibility + # with the native linker. However, as the warning in the GNU ld + # block says, versions before 2.19.5* couldn't really create working + # shared libraries, regardless of the interface used. + case `$LD -v 2>&1` in + *\ \(GNU\ Binutils\)\ 2.19.5*) ;; + *\ \(GNU\ Binutils\)\ 2.[2-9]*) ;; + *\ \(GNU\ Binutils\)\ [3-9]*) ;; + *) + lt_use_gnu_ld_interface=yes + ;; + esac + ;; + *) + lt_use_gnu_ld_interface=yes + ;; + esac + fi + + if test "$lt_use_gnu_ld_interface" = yes; then + # If archive_cmds runs LD, not CC, wlarc should be empty + wlarc='${wl}' + + # Set some defaults for GNU ld with shared library support. These + # are reset later if shared libraries are not supported. Putting them + # here allows them to be overridden if necessary. + runpath_var=LD_RUN_PATH + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' + export_dynamic_flag_spec='${wl}--export-dynamic' + # ancient GNU ld didn't support --whole-archive et. al. + if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then + whole_archive_flag_spec="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' + else + whole_archive_flag_spec= + fi + supports_anon_versioning=no + case `$LD -v 2>&1` in + *GNU\ gold*) supports_anon_versioning=yes ;; + *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11 + *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... + *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... + *\ 2.11.*) ;; # other 2.11 versions + *) supports_anon_versioning=yes ;; + esac + + # See if GNU ld supports shared libraries. + case $host_os in + aix[3-9]*) + # On AIX/PPC, the GNU linker is very broken + if test "$host_cpu" != ia64; then + ld_shlibs=no + cat <<_LT_EOF 1>&2 + +*** Warning: the GNU linker, at least up to release 2.19, is reported +*** to be unable to reliably create shared libraries on AIX. +*** Therefore, libtool is disabling shared libraries support. If you +*** really care for shared libraries, you may want to install binutils +*** 2.20 or above, or modify your PATH so that a non-GNU linker is found. +*** You will then need to restart the configuration process. + +_LT_EOF + fi + ;; + + amigaos*) + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='' + ;; + m68k) + archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' + hardcode_libdir_flag_spec='-L$libdir' + hardcode_minus_L=yes + ;; + esac + ;; + + beos*) + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + allow_undefined_flag=unsupported + # Joseph Beckenbach says some releases of gcc + # support --undefined. This deserves some investigation. FIXME + archive_cmds='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + else + ld_shlibs=no + fi + ;; + + cygwin* | mingw* | pw32* | cegcc*) + # _LT_TAGVAR(hardcode_libdir_flag_spec, ) is actually meaningless, + # as there is no search path for DLLs. + hardcode_libdir_flag_spec='-L$libdir' + export_dynamic_flag_spec='${wl}--export-all-symbols' + allow_undefined_flag=unsupported + always_export_symbols=no + enable_shared_with_static_runtimes=yes + export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/;s/^.*[ ]__nm__\([^ ]*\)[ ][^ ]*/\1 DATA/;/^I[ ]/d;/^[AITW][ ]/s/.* //'\'' | sort | uniq > $export_symbols' + exclude_expsyms='[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname' + + if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then + archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + # If the export-symbols file already is a .def file (1st line + # is EXPORTS), use it as is; otherwise, prepend... + archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + cp $export_symbols $output_objdir/$soname.def; + else + echo EXPORTS > $output_objdir/$soname.def; + cat $export_symbols >> $output_objdir/$soname.def; + fi~ + $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + else + ld_shlibs=no + fi + ;; + + haiku*) + archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + link_all_deplibs=yes + ;; + + interix[3-9]*) + hardcode_direct=no + hardcode_shlibpath_var=no + hardcode_libdir_flag_spec='${wl}-rpath,$libdir' + export_dynamic_flag_spec='${wl}-E' + # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. + # Instead, shared libraries are loaded at an image base (0x10000000 by + # default) and relocated if they conflict, which is a slow very memory + # consuming and fragmenting process. To avoid this, we pick a random, + # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link + # time. Moving up from 0x10000000 also allows more sbrk(2) space. + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + archive_expsym_cmds='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + ;; + + gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu) + tmp_diet=no + if test "$host_os" = linux-dietlibc; then + case $cc_basename in + diet\ *) tmp_diet=yes;; # linux-dietlibc with static linking (!diet-dyn) + esac + fi + if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \ + && test "$tmp_diet" = no + then + tmp_addflag=' $pic_flag' + tmp_sharedflag='-shared' + case $cc_basename,$host_cpu in + pgcc*) # Portland Group C compiler + whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + tmp_addflag=' $pic_flag' + ;; + pgf77* | pgf90* | pgf95* | pgfortran*) + # Portland Group f77 and f90 compilers + whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + tmp_addflag=' $pic_flag -Mnomain' ;; + ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 + tmp_addflag=' -i_dynamic' ;; + efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 + tmp_addflag=' -i_dynamic -nofor_main' ;; + ifc* | ifort*) # Intel Fortran compiler + tmp_addflag=' -nofor_main' ;; + lf95*) # Lahey Fortran 8.1 + whole_archive_flag_spec= + tmp_sharedflag='--shared' ;; + xl[cC]* | bgxl[cC]* | mpixl[cC]*) # IBM XL C 8.0 on PPC (deal with xlf below) + tmp_sharedflag='-qmkshrobj' + tmp_addflag= ;; + nvcc*) # Cuda Compiler Driver 2.2 + whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + compiler_needs_object=yes + ;; + esac + case `$CC -V 2>&1 | sed 5q` in + *Sun\ C*) # Sun C 5.9 + whole_archive_flag_spec='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive' + compiler_needs_object=yes + tmp_sharedflag='-G' ;; + *Sun\ F*) # Sun Fortran 8.3 + tmp_sharedflag='-G' ;; + esac + archive_cmds='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + + if test "x$supports_anon_versioning" = xyes; then + archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~ + cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + echo "local: *; };" >> $output_objdir/$libname.ver~ + $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' + fi + + case $cc_basename in + xlf* | bgf* | bgxlf* | mpixlf*) + # IBM XL Fortran 10.1 on PPC cannot create shared libs itself + whole_archive_flag_spec='--whole-archive$convenience --no-whole-archive' + hardcode_libdir_flag_spec= + hardcode_libdir_flag_spec_ld='-rpath $libdir' + archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' + if test "x$supports_anon_versioning" = xyes; then + archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~ + cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + echo "local: *; };" >> $output_objdir/$libname.ver~ + $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib' + fi + ;; + esac + else + ld_shlibs=no + fi + ;; + + netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then + archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' + wlarc= + else + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + fi + ;; + + solaris*) + if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then + ld_shlibs=no + cat <<_LT_EOF 1>&2 + +*** Warning: The releases 2.8.* of the GNU linker cannot reliably +*** create shared libraries on Solaris systems. Therefore, libtool +*** is disabling shared libraries support. We urge you to upgrade GNU +*** binutils to release 2.9.1 or newer. Another option is to modify +*** your PATH or compiler configuration so that the native linker is +*** used, and then restart. + +_LT_EOF + elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + else + ld_shlibs=no + fi + ;; + + sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) + case `$LD -v 2>&1` in + *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*) + ld_shlibs=no + cat <<_LT_EOF 1>&2 + +*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not +*** reliably create shared libraries on SCO systems. Therefore, libtool +*** is disabling shared libraries support. We urge you to upgrade GNU +*** binutils to release 2.16.91.0.3 or newer. Another option is to modify +*** your PATH or compiler configuration so that the native linker is +*** used, and then restart. + +_LT_EOF + ;; + *) + # For security reasons, it is highly recommended that you always + # use absolute paths for naming shared libraries, and exclude the + # DT_RUNPATH tag from executables and libraries. But doing so + # requires that you compile everything twice, which is a pain. + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' + archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + else + ld_shlibs=no + fi + ;; + esac + ;; + + sunos4*) + archive_cmds='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' + wlarc= + hardcode_direct=yes + hardcode_shlibpath_var=no + ;; + + *) + if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + else + ld_shlibs=no + fi + ;; + esac + + if test "$ld_shlibs" = no; then + runpath_var= + hardcode_libdir_flag_spec= + export_dynamic_flag_spec= + whole_archive_flag_spec= + fi + else + # PORTME fill in a description of your system's linker (not GNU ld) + case $host_os in + aix3*) + allow_undefined_flag=unsupported + always_export_symbols=yes + archive_expsym_cmds='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' + # Note: this linker hardcodes the directories in LIBPATH if there + # are no directories specified by -L. + hardcode_minus_L=yes + if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then + # Neither direct hardcoding nor static linking is supported with a + # broken collect2. + hardcode_direct=unsupported + fi + ;; + + aix[4-9]*) + if test "$host_cpu" = ia64; then + # On IA64, the linker does run time linking by default, so we don't + # have to do anything special. + aix_use_runtimelinking=no + exp_sym_flag='-Bexport' + no_entry_flag="" + else + # If we're using GNU nm, then we don't want the "-C" option. + # -C means demangle to AIX nm, but means don't demangle with GNU nm + # Also, AIX nm treats weak defined symbols like other global + # defined symbols, whereas GNU nm marks them as "W". + if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then + export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' + else + export_symbols_cmds='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols' + fi + aix_use_runtimelinking=no + + # Test if we are trying to use run time linking or normal + # AIX style linking. If -brtl is somewhere in LDFLAGS, we + # need to do runtime linking. + case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*) + for ld_flag in $LDFLAGS; do + if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then + aix_use_runtimelinking=yes + break + fi + done + ;; + esac + + exp_sym_flag='-bexport' + no_entry_flag='-bnoentry' + fi + + # When large executables or shared objects are built, AIX ld can + # have problems creating the table of contents. If linking a library + # or program results in "error TOC overflow" add -mminimal-toc to + # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not + # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. + + archive_cmds='' + hardcode_direct=yes + hardcode_direct_absolute=yes + hardcode_libdir_separator=':' + link_all_deplibs=yes + file_list_spec='${wl}-f,' + + if test "$GCC" = yes; then + case $host_os in aix4.[012]|aix4.[012].*) + # We only want to do this on AIX 4.2 and lower, the check + # below for broken collect2 doesn't work under 4.3+ + collect2name=`${CC} -print-prog-name=collect2` + if test -f "$collect2name" && + strings "$collect2name" | $GREP resolve_lib_name >/dev/null + then + # We have reworked collect2 + : + else + # We have old collect2 + hardcode_direct=unsupported + # It fails to find uninstalled libraries when the uninstalled + # path is not listed in the libpath. Setting hardcode_minus_L + # to unsupported forces relinking + hardcode_minus_L=yes + hardcode_libdir_flag_spec='-L$libdir' + hardcode_libdir_separator= + fi + ;; + esac + shared_flag='-shared' + if test "$aix_use_runtimelinking" = yes; then + shared_flag="$shared_flag "'${wl}-G' + fi + else + # not using gcc + if test "$host_cpu" = ia64; then + # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release + # chokes on -Wl,-G. The following line is correct: + shared_flag='-G' + else + if test "$aix_use_runtimelinking" = yes; then + shared_flag='${wl}-G' + else + shared_flag='${wl}-bM:SRE' + fi + fi + fi + + export_dynamic_flag_spec='${wl}-bexpall' + # It seems that -bexpall does not export symbols beginning with + # underscore (_), so it is better to generate a list of symbols to export. + always_export_symbols=yes + if test "$aix_use_runtimelinking" = yes; then + # Warning - without using the other runtime loading flags (-brtl), + # -berok will link without error, but may produce a broken library. + allow_undefined_flag='-berok' + # Determine the default libpath from the value encoded in an + # empty executable. + if test "${lt_cv_aix_libpath+set}" = set; then + aix_libpath=$lt_cv_aix_libpath +else + if test "${lt_cv_aix_libpath_+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + + lt_aix_libpath_sed=' + /Import File Strings/,/^$/ { + /^0/ { + s/^0 *\([^ ]*\) *$/\1/ + p + } + }' + lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + # Check for a 64-bit object if we didn't find anything. + if test -z "$lt_cv_aix_libpath_"; then + lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + fi +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test -z "$lt_cv_aix_libpath_"; then + lt_cv_aix_libpath_="/usr/lib:/lib" + fi + +fi + + aix_libpath=$lt_cv_aix_libpath_ +fi + + hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" + archive_expsym_cmds='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" + else + if test "$host_cpu" = ia64; then + hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib' + allow_undefined_flag="-z nodefs" + archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" + else + # Determine the default libpath from the value encoded in an + # empty executable. + if test "${lt_cv_aix_libpath+set}" = set; then + aix_libpath=$lt_cv_aix_libpath +else + if test "${lt_cv_aix_libpath_+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + + lt_aix_libpath_sed=' + /Import File Strings/,/^$/ { + /^0/ { + s/^0 *\([^ ]*\) *$/\1/ + p + } + }' + lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + # Check for a 64-bit object if we didn't find anything. + if test -z "$lt_cv_aix_libpath_"; then + lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + fi +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test -z "$lt_cv_aix_libpath_"; then + lt_cv_aix_libpath_="/usr/lib:/lib" + fi + +fi + + aix_libpath=$lt_cv_aix_libpath_ +fi + + hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" + # Warning - without using the other run time loading flags, + # -berok will link without error, but may produce a broken library. + no_undefined_flag=' ${wl}-bernotok' + allow_undefined_flag=' ${wl}-berok' + if test "$with_gnu_ld" = yes; then + # We only use this code for GNU lds that support --whole-archive. + whole_archive_flag_spec='${wl}--whole-archive$convenience ${wl}--no-whole-archive' + else + # Exported symbols can be pulled into shared objects from archives + whole_archive_flag_spec='$convenience' + fi + archive_cmds_need_lc=yes + # This is similar to how AIX traditionally builds its shared libraries. + archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' + fi + fi + ;; + + amigaos*) + case $host_cpu in + powerpc) + # see comment about AmigaOS4 .so support + archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='' + ;; + m68k) + archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' + hardcode_libdir_flag_spec='-L$libdir' + hardcode_minus_L=yes + ;; + esac + ;; + + bsdi[45]*) + export_dynamic_flag_spec=-rdynamic + ;; + + cygwin* | mingw* | pw32* | cegcc*) + # When not using gcc, we currently assume that we are using + # Microsoft Visual C++. + # hardcode_libdir_flag_spec is actually meaningless, as there is + # no search path for DLLs. + case $cc_basename in + cl*) + # Native MSVC + hardcode_libdir_flag_spec=' ' + allow_undefined_flag=unsupported + always_export_symbols=yes + file_list_spec='@' + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + archive_cmds='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' + archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; + else + sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; + fi~ + $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ + linknames=' + # The linker will not automatically build a static lib if we build a DLL. + # _LT_TAGVAR(old_archive_from_new_cmds, )='true' + enable_shared_with_static_runtimes=yes + export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1,DATA/'\'' | $SED -e '\''/^[AITW][ ]/s/.*[ ]//'\'' | sort | uniq > $export_symbols' + # Don't use ranlib + old_postinstall_cmds='chmod 644 $oldlib' + postlink_cmds='lt_outputfile="@OUTPUT@"~ + lt_tool_outputfile="@TOOL_OUTPUT@"~ + case $lt_outputfile in + *.exe|*.EXE) ;; + *) + lt_outputfile="$lt_outputfile.exe" + lt_tool_outputfile="$lt_tool_outputfile.exe" + ;; + esac~ + if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then + $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; + $RM "$lt_outputfile.manifest"; + fi' + ;; + *) + # Assume MSVC wrapper + hardcode_libdir_flag_spec=' ' + allow_undefined_flag=unsupported + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + archive_cmds='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames=' + # The linker will automatically build a .lib file if we build a DLL. + old_archive_from_new_cmds='true' + # FIXME: Should let the user specify the lib program. + old_archive_cmds='lib -OUT:$oldlib$oldobjs$old_deplibs' + enable_shared_with_static_runtimes=yes + ;; + esac + ;; + + darwin* | rhapsody*) + + + archive_cmds_need_lc=no + hardcode_direct=no + hardcode_automatic=yes + hardcode_shlibpath_var=unsupported + if test "$lt_cv_ld_force_load" = "yes"; then + whole_archive_flag_spec='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' + else + whole_archive_flag_spec='' + fi + link_all_deplibs=yes + allow_undefined_flag="$_lt_dar_allow_undefined" + case $cc_basename in + ifort*) _lt_dar_can_shared=yes ;; + *) _lt_dar_can_shared=$GCC ;; + esac + if test "$_lt_dar_can_shared" = "yes"; then + output_verbose_link_cmd=func_echo_all + archive_cmds="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}" + module_cmds="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}" + archive_expsym_cmds="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}" + module_expsym_cmds="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}" + + else + ld_shlibs=no + fi + + ;; + + dgux*) + archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + hardcode_libdir_flag_spec='-L$libdir' + hardcode_shlibpath_var=no + ;; + + freebsd1*) + ld_shlibs=no + ;; + + # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor + # support. Future versions do this automatically, but an explicit c++rt0.o + # does not break anything, and helps significantly (at the cost of a little + # extra space). + freebsd2.2*) + archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' + hardcode_libdir_flag_spec='-R$libdir' + hardcode_direct=yes + hardcode_shlibpath_var=no + ;; + + # Unfortunately, older versions of FreeBSD 2 do not have this feature. + freebsd2*) + archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' + hardcode_direct=yes + hardcode_minus_L=yes + hardcode_shlibpath_var=no + ;; + + # FreeBSD 3 and greater uses gcc -shared to do shared libraries. + freebsd* | dragonfly*) + archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + hardcode_libdir_flag_spec='-R$libdir' + hardcode_direct=yes + hardcode_shlibpath_var=no + ;; + + hpux9*) + if test "$GCC" = yes; then + archive_cmds='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + else + archive_cmds='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + fi + hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' + hardcode_libdir_separator=: + hardcode_direct=yes + + # hardcode_minus_L: Not really in the search PATH, + # but as the default location of the library. + hardcode_minus_L=yes + export_dynamic_flag_spec='${wl}-E' + ;; + + hpux10*) + if test "$GCC" = yes && test "$with_gnu_ld" = no; then + archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + else + archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' + fi + if test "$with_gnu_ld" = no; then + hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' + hardcode_libdir_flag_spec_ld='+b $libdir' + hardcode_libdir_separator=: + hardcode_direct=yes + hardcode_direct_absolute=yes + export_dynamic_flag_spec='${wl}-E' + # hardcode_minus_L: Not really in the search PATH, + # but as the default location of the library. + hardcode_minus_L=yes + fi + ;; + + hpux11*) + if test "$GCC" = yes && test "$with_gnu_ld" = no; then + case $host_cpu in + hppa*64*) + archive_cmds='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' + ;; + ia64*) + archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' + ;; + *) + archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + ;; + esac + else + case $host_cpu in + hppa*64*) + archive_cmds='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' + ;; + ia64*) + archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' + ;; + *) + + # Older versions of the 11.00 compiler do not understand -b yet + # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC understands -b" >&5 +$as_echo_n "checking if $CC understands -b... " >&6; } +if test "${lt_cv_prog_compiler__b+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler__b=no + save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS -b" + echo "$lt_simple_link_test_code" > conftest.$ac_ext + if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then + # The linker can only warn and ignore the option if not recognized + # So say no if there are warnings + if test -s conftest.err; then + # Append any errors to the config.log. + cat conftest.err 1>&5 + $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if diff conftest.exp conftest.er2 >/dev/null; then + lt_cv_prog_compiler__b=yes + fi + else + lt_cv_prog_compiler__b=yes + fi + fi + $RM -r conftest* + LDFLAGS="$save_LDFLAGS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler__b" >&5 +$as_echo "$lt_cv_prog_compiler__b" >&6; } + +if test x"$lt_cv_prog_compiler__b" = xyes; then + archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' +else + archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' +fi + + ;; + esac + fi + if test "$with_gnu_ld" = no; then + hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' + hardcode_libdir_separator=: + + case $host_cpu in + hppa*64*|ia64*) + hardcode_direct=no + hardcode_shlibpath_var=no + ;; + *) + hardcode_direct=yes + hardcode_direct_absolute=yes + export_dynamic_flag_spec='${wl}-E' + + # hardcode_minus_L: Not really in the search PATH, + # but as the default location of the library. + hardcode_minus_L=yes + ;; + esac + fi + ;; + + irix5* | irix6* | nonstopux*) + if test "$GCC" = yes; then + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + # Try to use the -exported_symbol ld option, if it does not + # work, assume that -exports_file does not work either and + # implicitly export all symbols. + # This should be the same for all languages, so no per-tag cache variable. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $host_os linker accepts -exported_symbol" >&5 +$as_echo_n "checking whether the $host_os linker accepts -exported_symbol... " >&6; } +if test "${lt_cv_irix_exported_symbol+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int foo (void) { return 0; } +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + lt_cv_irix_exported_symbol=yes +else + lt_cv_irix_exported_symbol=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS="$save_LDFLAGS" +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_irix_exported_symbol" >&5 +$as_echo "$lt_cv_irix_exported_symbol" >&6; } + if test "$lt_cv_irix_exported_symbol" = yes; then + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib' + fi + else + archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib' + fi + archive_cmds_need_lc='no' + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' + hardcode_libdir_separator=: + inherit_rpath=yes + link_all_deplibs=yes + ;; + + netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then + archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out + else + archive_cmds='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF + fi + hardcode_libdir_flag_spec='-R$libdir' + hardcode_direct=yes + hardcode_shlibpath_var=no + ;; + + newsos6) + archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + hardcode_direct=yes + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' + hardcode_libdir_separator=: + hardcode_shlibpath_var=no + ;; + + *nto* | *qnx*) + ;; + + openbsd*) + if test -f /usr/libexec/ld.so; then + hardcode_direct=yes + hardcode_shlibpath_var=no + hardcode_direct_absolute=yes + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' + hardcode_libdir_flag_spec='${wl}-rpath,$libdir' + export_dynamic_flag_spec='${wl}-E' + else + case $host_os in + openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*) + archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' + hardcode_libdir_flag_spec='-R$libdir' + ;; + *) + archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + hardcode_libdir_flag_spec='${wl}-rpath,$libdir' + ;; + esac + fi + else + ld_shlibs=no + fi + ;; + + os2*) + hardcode_libdir_flag_spec='-L$libdir' + hardcode_minus_L=yes + allow_undefined_flag=unsupported + archive_cmds='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~echo DATA >> $output_objdir/$libname.def~echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' + old_archive_from_new_cmds='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' + ;; + + osf3*) + if test "$GCC" = yes; then + allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*' + archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + else + allow_undefined_flag=' -expect_unresolved \*' + archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + fi + archive_cmds_need_lc='no' + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' + hardcode_libdir_separator=: + ;; + + osf4* | osf5*) # as osf3* with the addition of -msym flag + if test "$GCC" = yes; then + allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*' + archive_cmds='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' + else + allow_undefined_flag=' -expect_unresolved \*' + archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' + archive_expsym_cmds='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~ + $CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp' + + # Both c and cxx compiler support -rpath directly + hardcode_libdir_flag_spec='-rpath $libdir' + fi + archive_cmds_need_lc='no' + hardcode_libdir_separator=: + ;; + + solaris*) + no_undefined_flag=' -z defs' + if test "$GCC" = yes; then + wlarc='${wl}' + archive_cmds='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' + else + case `$CC -V 2>&1` in + *"Compilers 5.0"*) + wlarc='' + archive_cmds='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' + archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp' + ;; + *) + wlarc='${wl}' + archive_cmds='$CC -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ + $CC -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' + ;; + esac + fi + hardcode_libdir_flag_spec='-R$libdir' + hardcode_shlibpath_var=no + case $host_os in + solaris2.[0-5] | solaris2.[0-5].*) ;; + *) + # The compiler driver will combine and reorder linker options, + # but understands `-z linker_flag'. GCC discards it without `$wl', + # but is careful enough not to reorder. + # Supported since Solaris 2.6 (maybe 2.5.1?) + if test "$GCC" = yes; then + whole_archive_flag_spec='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract' + else + whole_archive_flag_spec='-z allextract$convenience -z defaultextract' + fi + ;; + esac + link_all_deplibs=yes + ;; + + sunos4*) + if test "x$host_vendor" = xsequent; then + # Use $CC to link under sequent, because it throws in some extra .o + # files that make .init and .fini sections work. + archive_cmds='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags' + else + archive_cmds='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' + fi + hardcode_libdir_flag_spec='-L$libdir' + hardcode_direct=yes + hardcode_minus_L=yes + hardcode_shlibpath_var=no + ;; + + sysv4) + case $host_vendor in + sni) + archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + hardcode_direct=yes # is this really true??? + ;; + siemens) + ## LD is ld it makes a PLAMLIB + ## CC just makes a GrossModule. + archive_cmds='$LD -G -o $lib $libobjs $deplibs $linker_flags' + reload_cmds='$CC -r -o $output$reload_objs' + hardcode_direct=no + ;; + motorola) + archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + hardcode_direct=no #Motorola manual says yes, but my tests say they lie + ;; + esac + runpath_var='LD_RUN_PATH' + hardcode_shlibpath_var=no + ;; + + sysv4.3*) + archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + hardcode_shlibpath_var=no + export_dynamic_flag_spec='-Bexport' + ;; + + sysv4*MP*) + if test -d /usr/nec; then + archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + hardcode_shlibpath_var=no + runpath_var=LD_RUN_PATH + hardcode_runpath_var=yes + ld_shlibs=yes + fi + ;; + + sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7* | sco3.2v5.0.[024]*) + no_undefined_flag='${wl}-z,text' + archive_cmds_need_lc=no + hardcode_shlibpath_var=no + runpath_var='LD_RUN_PATH' + + if test "$GCC" = yes; then + archive_cmds='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + else + archive_cmds='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + fi + ;; + + sysv5* | sco3.2v5* | sco5v6*) + # Note: We can NOT use -z defs as we might desire, because we do not + # link with -lc, and that would cause any symbols used from libc to + # always be unresolved, which means just about no library would + # ever link correctly. If we're not using GNU ld we use -z text + # though, which does catch some bad symbols but isn't as heavy-handed + # as -z defs. + no_undefined_flag='${wl}-z,text' + allow_undefined_flag='${wl}-z,nodefs' + archive_cmds_need_lc=no + hardcode_shlibpath_var=no + hardcode_libdir_flag_spec='${wl}-R,$libdir' + hardcode_libdir_separator=':' + link_all_deplibs=yes + export_dynamic_flag_spec='${wl}-Bexport' + runpath_var='LD_RUN_PATH' + + if test "$GCC" = yes; then + archive_cmds='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + else + archive_cmds='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' + fi + ;; + + uts4*) + archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' + hardcode_libdir_flag_spec='-L$libdir' + hardcode_shlibpath_var=no + ;; + + *) + ld_shlibs=no + ;; + esac + + if test x$host_vendor = xsni; then + case $host in + sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*) + export_dynamic_flag_spec='${wl}-Blargedynsym' + ;; + esac + fi + fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs" >&5 +$as_echo "$ld_shlibs" >&6; } +test "$ld_shlibs" = no && can_build_shared=no + +with_gnu_ld=$with_gnu_ld + + + + + + + + + + + + + + + +# +# Do we need to explicitly link libc? +# +case "x$archive_cmds_need_lc" in +x|xyes) + # Assume -lc should be added + archive_cmds_need_lc=yes + + if test "$enable_shared" = yes && test "$GCC" = yes; then + case $archive_cmds in + *'~'*) + # FIXME: we may have to deal with multi-command sequences. + ;; + '$CC '*) + # Test whether the compiler implicitly links with -lc since on some + # systems, -lgcc has to come before -lc. If gcc already passes -lc + # to ld, don't add -lc before -lgcc. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5 +$as_echo_n "checking whether -lc should be explicitly linked in... " >&6; } +if test "${lt_cv_archive_cmds_need_lc+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + $RM conftest* + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } 2>conftest.err; then + soname=conftest + lib=conftest + libobjs=conftest.$ac_objext + deplibs= + wl=$lt_prog_compiler_wl + pic_flag=$lt_prog_compiler_pic + compiler_flags=-v + linker_flags=-v + verstring= + output_objdir=. + libname=conftest + lt_save_allow_undefined_flag=$allow_undefined_flag + allow_undefined_flag= + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5 + (eval $archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + then + lt_cv_archive_cmds_need_lc=no + else + lt_cv_archive_cmds_need_lc=yes + fi + allow_undefined_flag=$lt_save_allow_undefined_flag + else + cat conftest.err 1>&5 + fi + $RM conftest* + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc" >&5 +$as_echo "$lt_cv_archive_cmds_need_lc" >&6; } + archive_cmds_need_lc=$lt_cv_archive_cmds_need_lc + ;; + esac + fi + ;; +esac + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5 +$as_echo_n "checking dynamic linker characteristics... " >&6; } + +if test "$GCC" = yes; then + case $host_os in + darwin*) lt_awk_arg="/^libraries:/,/LR/" ;; + *) lt_awk_arg="/^libraries:/" ;; + esac + case $host_os in + mingw* | cegcc*) lt_sed_strip_eq="s,=\([A-Za-z]:\),\1,g" ;; + *) lt_sed_strip_eq="s,=/,/,g" ;; + esac + lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq` + case $lt_search_path_spec in + *\;*) + # if the path contains ";" then we assume it to be the separator + # otherwise default to the standard path separator (i.e. ":") - it is + # assumed that no part of a normal pathname contains ";" but that should + # okay in the real world where ";" in dirpaths is itself problematic. + lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'` + ;; + *) + lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"` + ;; + esac + # Ok, now we have the path, separated by spaces, we can step through it + # and add multilib dir if necessary. + lt_tmp_lt_search_path_spec= + lt_multi_os_dir=`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null` + for lt_sys_path in $lt_search_path_spec; do + if test -d "$lt_sys_path/$lt_multi_os_dir"; then + lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path/$lt_multi_os_dir" + else + test -d "$lt_sys_path" && \ + lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path" + fi + done + lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk ' +BEGIN {RS=" "; FS="/|\n";} { + lt_foo=""; + lt_count=0; + for (lt_i = NF; lt_i > 0; lt_i--) { + if ($lt_i != "" && $lt_i != ".") { + if ($lt_i == "..") { + lt_count++; + } else { + if (lt_count == 0) { + lt_foo="/" $lt_i lt_foo; + } else { + lt_count--; + } + } + } + } + if (lt_foo != "") { lt_freq[lt_foo]++; } + if (lt_freq[lt_foo] == 1) { print lt_foo; } +}'` + # AWK program above erroneously prepends '/' to C:/dos/paths + # for these hosts. + case $host_os in + mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\ + $SED 's,/\([A-Za-z]:\),\1,g'` ;; + esac + sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP` +else + sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" +fi +library_names_spec= +libname_spec='lib$name' +soname_spec= +shrext_cmds=".so" +postinstall_cmds= +postuninstall_cmds= +finish_cmds= +finish_eval= +shlibpath_var= +shlibpath_overrides_runpath=unknown +version_type=none +dynamic_linker="$host_os ld.so" +sys_lib_dlsearch_path_spec="/lib /usr/lib" +need_lib_prefix=unknown +hardcode_into_libs=no + +# when you set need_version to no, make sure it does not cause -set_version +# flags to be left without arguments +need_version=unknown + +case $host_os in +aix3*) + version_type=linux + library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' + shlibpath_var=LIBPATH + + # AIX 3 has no versioning support, so we append a major version to the name. + soname_spec='${libname}${release}${shared_ext}$major' + ;; + +aix[4-9]*) + version_type=linux + need_lib_prefix=no + need_version=no + hardcode_into_libs=yes + if test "$host_cpu" = ia64; then + # AIX 5 supports IA64 + library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + else + # With GCC up to 2.95.x, collect2 would create an import file + # for dependence libraries. The import file would start with + # the line `#! .'. This would cause the generated library to + # depend on `.', always an invalid library. This was fixed in + # development snapshots of GCC prior to 3.0. + case $host_os in + aix4 | aix4.[01] | aix4.[01].*) + if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' + echo ' yes ' + echo '#endif'; } | ${CC} -E - | $GREP yes > /dev/null; then + : + else + can_build_shared=no + fi + ;; + esac + # AIX (on Power*) has no versioning support, so currently we can not hardcode correct + # soname into executable. Probably we can add versioning support to + # collect2, so additional links can be useful in future. + if test "$aix_use_runtimelinking" = yes; then + # If using run time linking (on AIX 4.2 or later) use lib.so + # instead of lib.a to let people know that these are not + # typical AIX shared libraries. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + else + # We preserve .a as extension for shared libraries through AIX4.2 + # and later when we are not doing run time linking. + library_names_spec='${libname}${release}.a $libname.a' + soname_spec='${libname}${release}${shared_ext}$major' + fi + shlibpath_var=LIBPATH + fi + ;; + +amigaos*) + case $host_cpu in + powerpc) + # Since July 2007 AmigaOS4 officially supports .so libraries. + # When compiling the executable, add -use-dynld -Lsobjs: to the compileline. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + ;; + m68k) + library_names_spec='$libname.ixlibrary $libname.a' + # Create ${libname}_ixlibrary.a entries in /sys/libs. + finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' + ;; + esac + ;; + +beos*) + library_names_spec='${libname}${shared_ext}' + dynamic_linker="$host_os ld.so" + shlibpath_var=LIBRARY_PATH + ;; + +bsdi[45]*) + version_type=linux + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' + shlibpath_var=LD_LIBRARY_PATH + sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" + sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" + # the default ld.so.conf also contains /usr/contrib/lib and + # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow + # libtool to hard-code these into programs + ;; + +cygwin* | mingw* | pw32* | cegcc*) + version_type=windows + shrext_cmds=".dll" + need_version=no + need_lib_prefix=no + + case $GCC,$cc_basename in + yes,*) + # gcc + library_names_spec='$libname.dll.a' + # DLL is installed to $(libdir)/../bin by postinstall_cmds + postinstall_cmds='base_file=`basename \${file}`~ + dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ + dldir=$destdir/`dirname \$dlpath`~ + test -d \$dldir || mkdir -p \$dldir~ + $install_prog $dir/$dlname \$dldir/$dlname~ + chmod a+x \$dldir/$dlname~ + if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then + eval '\''$striplib \$dldir/$dlname'\'' || exit \$?; + fi' + postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ + dlpath=$dir/\$dldll~ + $RM \$dlpath' + shlibpath_overrides_runpath=yes + + case $host_os in + cygwin*) + # Cygwin DLLs use 'cyg' prefix rather than 'lib' + soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' + + sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api" + ;; + mingw* | cegcc*) + # MinGW DLLs use traditional 'lib' prefix + soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' + ;; + pw32*) + # pw32 DLLs use 'pw' prefix rather than 'lib' + library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' + ;; + esac + dynamic_linker='Win32 ld.exe' + ;; + + *,cl*) + # Native MSVC + libname_spec='$name' + soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' + library_names_spec='${libname}.dll.lib' + + case $build_os in + mingw*) + sys_lib_search_path_spec= + lt_save_ifs=$IFS + IFS=';' + for lt_path in $LIB + do + IFS=$lt_save_ifs + # Let DOS variable expansion print the short 8.3 style file name. + lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"` + sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path" + done + IFS=$lt_save_ifs + # Convert to MSYS style. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` + ;; + cygwin*) + # Convert to unix form, then to dos form, then back to unix form + # but this time dos style (no spaces!) so that the unix form looks + # like /cygdrive/c/PROGRA~1:/cygdr... + sys_lib_search_path_spec=`cygpath --path --unix "$LIB"` + sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null` + sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + ;; + *) + sys_lib_search_path_spec="$LIB" + if $ECHO "$sys_lib_search_path_spec" | $GREP ';[c-zC-Z]:/' >/dev/null; then + # It is most probably a Windows format PATH. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` + else + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + fi + # FIXME: find the short name or the path components, as spaces are + # common. (e.g. "Program Files" -> "PROGRA~1") + ;; + esac + + # DLL is installed to $(libdir)/../bin by postinstall_cmds + postinstall_cmds='base_file=`basename \${file}`~ + dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ + dldir=$destdir/`dirname \$dlpath`~ + test -d \$dldir || mkdir -p \$dldir~ + $install_prog $dir/$dlname \$dldir/$dlname' + postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ + dlpath=$dir/\$dldll~ + $RM \$dlpath' + shlibpath_overrides_runpath=yes + dynamic_linker='Win32 link.exe' + ;; + + *) + # Assume MSVC wrapper + library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib' + dynamic_linker='Win32 ld.exe' + ;; + esac + # FIXME: first we should search . and the directory the executable is in + shlibpath_var=PATH + ;; + +darwin* | rhapsody*) + dynamic_linker="$host_os dyld" + version_type=darwin + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext' + soname_spec='${libname}${release}${major}$shared_ext' + shlibpath_overrides_runpath=yes + shlibpath_var=DYLD_LIBRARY_PATH + shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' + + sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib" + sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' + ;; + +dgux*) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + ;; + +freebsd1*) + dynamic_linker=no + ;; + +freebsd* | dragonfly*) + # DragonFly does not have aout. When/if they implement a new + # versioning mechanism, adjust this. + if test -x /usr/bin/objformat; then + objformat=`/usr/bin/objformat` + else + case $host_os in + freebsd[123]*) objformat=aout ;; + *) objformat=elf ;; + esac + fi + version_type=freebsd-$objformat + case $version_type in + freebsd-elf*) + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' + need_version=no + need_lib_prefix=no + ;; + freebsd-*) + library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' + need_version=yes + ;; + esac + shlibpath_var=LD_LIBRARY_PATH + case $host_os in + freebsd2*) + shlibpath_overrides_runpath=yes + ;; + freebsd3.[01]* | freebsdelf3.[01]*) + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + ;; + freebsd3.[2-9]* | freebsdelf3.[2-9]* | \ + freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1) + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + ;; + *) # from 4.6 on, and DragonFly + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + ;; + esac + ;; + +gnu*) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + hardcode_into_libs=yes + ;; + +haiku*) + version_type=linux + need_lib_prefix=no + need_version=no + dynamic_linker="$host_os runtime_loader" + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LIBRARY_PATH + shlibpath_overrides_runpath=yes + sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib' + hardcode_into_libs=yes + ;; + +hpux9* | hpux10* | hpux11*) + # Give a soname corresponding to the major version so that dld.sl refuses to + # link against other versions. + version_type=sunos + need_lib_prefix=no + need_version=no + case $host_cpu in + ia64*) + shrext_cmds='.so' + hardcode_into_libs=yes + dynamic_linker="$host_os dld.so" + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + if test "X$HPUX_IA64_MODE" = X32; then + sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" + else + sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" + fi + sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec + ;; + hppa*64*) + shrext_cmds='.sl' + hardcode_into_libs=yes + dynamic_linker="$host_os dld.sl" + shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH + shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" + sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec + ;; + *) + shrext_cmds='.sl' + dynamic_linker="$host_os dld.sl" + shlibpath_var=SHLIB_PATH + shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + ;; + esac + # HP-UX runs *really* slowly unless shared libraries are mode 555, ... + postinstall_cmds='chmod 555 $lib' + # or fails outright, so override atomically: + install_override_mode=555 + ;; + +interix[3-9]*) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + ;; + +irix5* | irix6* | nonstopux*) + case $host_os in + nonstopux*) version_type=nonstopux ;; + *) + if test "$lt_cv_prog_gnu_ld" = yes; then + version_type=linux + else + version_type=irix + fi ;; + esac + need_lib_prefix=no + need_version=no + soname_spec='${libname}${release}${shared_ext}$major' + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' + case $host_os in + irix5* | nonstopux*) + libsuff= shlibsuff= + ;; + *) + case $LD in # libtool.m4 will add one of these switches to LD + *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") + libsuff= shlibsuff= libmagic=32-bit;; + *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") + libsuff=32 shlibsuff=N32 libmagic=N32;; + *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") + libsuff=64 shlibsuff=64 libmagic=64-bit;; + *) libsuff= shlibsuff= libmagic=never-match;; + esac + ;; + esac + shlibpath_var=LD_LIBRARY${shlibsuff}_PATH + shlibpath_overrides_runpath=no + sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" + sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" + hardcode_into_libs=yes + ;; + +# No shared lib support for Linux oldld, aout, or coff. +linux*oldld* | linux*aout* | linux*coff*) + dynamic_linker=no + ;; + +# This must be Linux ELF. +linux* | k*bsd*-gnu | kopensolaris*-gnu) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + + # Some binutils ld are patched to set DT_RUNPATH + if test "${lt_cv_shlibpath_overrides_runpath+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_shlibpath_overrides_runpath=no + save_LDFLAGS=$LDFLAGS + save_libdir=$libdir + eval "libdir=/foo; wl=\"$lt_prog_compiler_wl\"; \ + LDFLAGS=\"\$LDFLAGS $hardcode_libdir_flag_spec\"" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then : + lt_cv_shlibpath_overrides_runpath=yes +fi +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$save_LDFLAGS + libdir=$save_libdir + +fi + + shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath + + # This implies no fast_install, which is unacceptable. + # Some rework will be needed to allow for fast_install + # before this can be enabled. + hardcode_into_libs=yes + + # Append ld.so.conf contents to the search path + if test -f /etc/ld.so.conf; then + lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '` + sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" + fi + + # We used to test for /lib/ld.so.1 and disable shared libraries on + # powerpc, because MkLinux only supported shared libraries with the + # GNU dynamic linker. Since this was broken with cross compilers, + # most powerpc-linux boxes support dynamic linking these days and + # people can always --disable-shared, the test was removed, and we + # assume the GNU/Linux dynamic linker is in use. + dynamic_linker='GNU/Linux ld.so' + ;; + +netbsd*) + version_type=sunos + need_lib_prefix=no + need_version=no + if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' + finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' + dynamic_linker='NetBSD (a.out) ld.so' + else + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + dynamic_linker='NetBSD ld.elf_so' + fi + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + ;; + +newsos6) + version_type=linux + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + ;; + +*nto* | *qnx*) + version_type=qnx + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + dynamic_linker='ldqnx.so' + ;; + +openbsd*) + version_type=sunos + sys_lib_dlsearch_path_spec="/usr/lib" + need_lib_prefix=no + # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. + case $host_os in + openbsd3.3 | openbsd3.3.*) need_version=yes ;; + *) need_version=no ;; + esac + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' + finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' + shlibpath_var=LD_LIBRARY_PATH + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + case $host_os in + openbsd2.[89] | openbsd2.[89].*) + shlibpath_overrides_runpath=no + ;; + *) + shlibpath_overrides_runpath=yes + ;; + esac + else + shlibpath_overrides_runpath=yes + fi + ;; + +os2*) + libname_spec='$name' + shrext_cmds=".dll" + need_lib_prefix=no + library_names_spec='$libname${shared_ext} $libname.a' + dynamic_linker='OS/2 ld.exe' + shlibpath_var=LIBPATH + ;; + +osf3* | osf4* | osf5*) + version_type=osf + need_lib_prefix=no + need_version=no + soname_spec='${libname}${release}${shared_ext}$major' + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" + sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" + ;; + +rdos*) + dynamic_linker=no + ;; + +solaris*) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + # ldd complains unless libraries are executable + postinstall_cmds='chmod +x $lib' + ;; + +sunos4*) + version_type=sunos + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' + finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + if test "$with_gnu_ld" = yes; then + need_lib_prefix=no + fi + need_version=yes + ;; + +sysv4 | sysv4.3*) + version_type=linux + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + case $host_vendor in + sni) + shlibpath_overrides_runpath=no + need_lib_prefix=no + runpath_var=LD_RUN_PATH + ;; + siemens) + need_lib_prefix=no + ;; + motorola) + need_lib_prefix=no + need_version=no + shlibpath_overrides_runpath=no + sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' + ;; + esac + ;; + +sysv4*MP*) + if test -d /usr/nec ;then + version_type=linux + library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' + soname_spec='$libname${shared_ext}.$major' + shlibpath_var=LD_LIBRARY_PATH + fi + ;; + +sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) + version_type=freebsd-elf + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=yes + hardcode_into_libs=yes + if test "$with_gnu_ld" = yes; then + sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' + else + sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' + case $host_os in + sco3.2v5*) + sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" + ;; + esac + fi + sys_lib_dlsearch_path_spec='/usr/lib' + ;; + +tpf*) + # TPF is a cross-target only. Preferred cross-host = GNU/Linux. + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + ;; + +uts4*) + version_type=linux + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + ;; + +*) + dynamic_linker=no + ;; +esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $dynamic_linker" >&5 +$as_echo "$dynamic_linker" >&6; } +test "$dynamic_linker" = no && can_build_shared=no + +variables_saved_for_relink="PATH $shlibpath_var $runpath_var" +if test "$GCC" = yes; then + variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" +fi + +if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then + sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" +fi +if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then + sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" +fi + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5 +$as_echo_n "checking how to hardcode library paths into programs... " >&6; } +hardcode_action= +if test -n "$hardcode_libdir_flag_spec" || + test -n "$runpath_var" || + test "X$hardcode_automatic" = "Xyes" ; then + + # We can hardcode non-existent directories. + if test "$hardcode_direct" != no && + # If the only mechanism to avoid hardcoding is shlibpath_var, we + # have to relink, otherwise we might link with an installed library + # when we should be linking with a yet-to-be-installed one + ## test "$_LT_TAGVAR(hardcode_shlibpath_var, )" != no && + test "$hardcode_minus_L" != no; then + # Linking always hardcodes the temporary library directory. + hardcode_action=relink + else + # We can link without hardcoding, and we can hardcode nonexisting dirs. + hardcode_action=immediate + fi +else + # We cannot hardcode anything, or else we can only hardcode existing + # directories. + hardcode_action=unsupported +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $hardcode_action" >&5 +$as_echo "$hardcode_action" >&6; } + +if test "$hardcode_action" = relink || + test "$inherit_rpath" = yes; then + # Fast installation is not supported + enable_fast_install=no +elif test "$shlibpath_overrides_runpath" = yes || + test "$enable_shared" = no; then + # Fast installation is not necessary + enable_fast_install=needless +fi + + + + + + + if test "x$enable_dlopen" != xyes; then + enable_dlopen=unknown + enable_dlopen_self=unknown + enable_dlopen_self_static=unknown +else + lt_cv_dlopen=no + lt_cv_dlopen_libs= + + case $host_os in + beos*) + lt_cv_dlopen="load_add_on" + lt_cv_dlopen_libs= + lt_cv_dlopen_self=yes + ;; + + mingw* | pw32* | cegcc*) + lt_cv_dlopen="LoadLibrary" + lt_cv_dlopen_libs= + ;; + + cygwin*) + lt_cv_dlopen="dlopen" + lt_cv_dlopen_libs= + ;; + + darwin*) + # if libdl is installed we need to link against it + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 +$as_echo_n "checking for dlopen in -ldl... " >&6; } +if test "${ac_cv_lib_dl_dlopen+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-ldl $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char dlopen (); +int +main () +{ +return dlopen (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_dl_dlopen=yes +else + ac_cv_lib_dl_dlopen=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 +$as_echo "$ac_cv_lib_dl_dlopen" >&6; } +if test "x$ac_cv_lib_dl_dlopen" = x""yes; then : + lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl" +else + + lt_cv_dlopen="dyld" + lt_cv_dlopen_libs= + lt_cv_dlopen_self=yes + +fi + + ;; + + *) + ac_fn_c_check_func "$LINENO" "shl_load" "ac_cv_func_shl_load" +if test "x$ac_cv_func_shl_load" = x""yes; then : + lt_cv_dlopen="shl_load" +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for shl_load in -ldld" >&5 +$as_echo_n "checking for shl_load in -ldld... " >&6; } +if test "${ac_cv_lib_dld_shl_load+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-ldld $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char shl_load (); +int +main () +{ +return shl_load (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_dld_shl_load=yes +else + ac_cv_lib_dld_shl_load=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_shl_load" >&5 +$as_echo "$ac_cv_lib_dld_shl_load" >&6; } +if test "x$ac_cv_lib_dld_shl_load" = x""yes; then : + lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld" +else + ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen" +if test "x$ac_cv_func_dlopen" = x""yes; then : + lt_cv_dlopen="dlopen" +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 +$as_echo_n "checking for dlopen in -ldl... " >&6; } +if test "${ac_cv_lib_dl_dlopen+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-ldl $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char dlopen (); +int +main () +{ +return dlopen (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_dl_dlopen=yes +else + ac_cv_lib_dl_dlopen=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 +$as_echo "$ac_cv_lib_dl_dlopen" >&6; } +if test "x$ac_cv_lib_dl_dlopen" = x""yes; then : + lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl" +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -lsvld" >&5 +$as_echo_n "checking for dlopen in -lsvld... " >&6; } +if test "${ac_cv_lib_svld_dlopen+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lsvld $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char dlopen (); +int +main () +{ +return dlopen (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_svld_dlopen=yes +else + ac_cv_lib_svld_dlopen=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_svld_dlopen" >&5 +$as_echo "$ac_cv_lib_svld_dlopen" >&6; } +if test "x$ac_cv_lib_svld_dlopen" = x""yes; then : + lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld" +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dld_link in -ldld" >&5 +$as_echo_n "checking for dld_link in -ldld... " >&6; } +if test "${ac_cv_lib_dld_dld_link+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-ldld $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char dld_link (); +int +main () +{ +return dld_link (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_dld_dld_link=yes +else + ac_cv_lib_dld_dld_link=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_dld_link" >&5 +$as_echo "$ac_cv_lib_dld_dld_link" >&6; } +if test "x$ac_cv_lib_dld_dld_link" = x""yes; then : + lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld" +fi + + +fi + + +fi + + +fi + + +fi + + +fi + + ;; + esac + + if test "x$lt_cv_dlopen" != xno; then + enable_dlopen=yes + else + enable_dlopen=no + fi + + case $lt_cv_dlopen in + dlopen) + save_CPPFLAGS="$CPPFLAGS" + test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H" + + save_LDFLAGS="$LDFLAGS" + wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\" + + save_LIBS="$LIBS" + LIBS="$lt_cv_dlopen_libs $LIBS" + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a program can dlopen itself" >&5 +$as_echo_n "checking whether a program can dlopen itself... " >&6; } +if test "${lt_cv_dlopen_self+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + lt_cv_dlopen_self=cross +else + lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 + lt_status=$lt_dlunknown + cat > conftest.$ac_ext <<_LT_EOF +#line $LINENO "configure" +#include "confdefs.h" + +#if HAVE_DLFCN_H +#include +#endif + +#include + +#ifdef RTLD_GLOBAL +# define LT_DLGLOBAL RTLD_GLOBAL +#else +# ifdef DL_GLOBAL +# define LT_DLGLOBAL DL_GLOBAL +# else +# define LT_DLGLOBAL 0 +# endif +#endif + +/* We may have to define LT_DLLAZY_OR_NOW in the command line if we + find out it does not work in some platform. */ +#ifndef LT_DLLAZY_OR_NOW +# ifdef RTLD_LAZY +# define LT_DLLAZY_OR_NOW RTLD_LAZY +# else +# ifdef DL_LAZY +# define LT_DLLAZY_OR_NOW DL_LAZY +# else +# ifdef RTLD_NOW +# define LT_DLLAZY_OR_NOW RTLD_NOW +# else +# ifdef DL_NOW +# define LT_DLLAZY_OR_NOW DL_NOW +# else +# define LT_DLLAZY_OR_NOW 0 +# endif +# endif +# endif +# endif +#endif + +/* When -fvisbility=hidden is used, assume the code has been annotated + correspondingly for the symbols needed. */ +#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) +int fnord () __attribute__((visibility("default"))); +#endif + +int fnord () { return 42; } +int main () +{ + void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); + int status = $lt_dlunknown; + + if (self) + { + if (dlsym (self,"fnord")) status = $lt_dlno_uscore; + else + { + if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; + else puts (dlerror ()); + } + /* dlclose (self); */ + } + else + puts (dlerror ()); + + return status; +} +_LT_EOF + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 + (eval $ac_link) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s conftest${ac_exeext} 2>/dev/null; then + (./conftest; exit; ) >&5 2>/dev/null + lt_status=$? + case x$lt_status in + x$lt_dlno_uscore) lt_cv_dlopen_self=yes ;; + x$lt_dlneed_uscore) lt_cv_dlopen_self=yes ;; + x$lt_dlunknown|x*) lt_cv_dlopen_self=no ;; + esac + else : + # compilation failed + lt_cv_dlopen_self=no + fi +fi +rm -fr conftest* + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self" >&5 +$as_echo "$lt_cv_dlopen_self" >&6; } + + if test "x$lt_cv_dlopen_self" = xyes; then + wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\" + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a statically linked program can dlopen itself" >&5 +$as_echo_n "checking whether a statically linked program can dlopen itself... " >&6; } +if test "${lt_cv_dlopen_self_static+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + lt_cv_dlopen_self_static=cross +else + lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 + lt_status=$lt_dlunknown + cat > conftest.$ac_ext <<_LT_EOF +#line $LINENO "configure" +#include "confdefs.h" + +#if HAVE_DLFCN_H +#include +#endif + +#include + +#ifdef RTLD_GLOBAL +# define LT_DLGLOBAL RTLD_GLOBAL +#else +# ifdef DL_GLOBAL +# define LT_DLGLOBAL DL_GLOBAL +# else +# define LT_DLGLOBAL 0 +# endif +#endif + +/* We may have to define LT_DLLAZY_OR_NOW in the command line if we + find out it does not work in some platform. */ +#ifndef LT_DLLAZY_OR_NOW +# ifdef RTLD_LAZY +# define LT_DLLAZY_OR_NOW RTLD_LAZY +# else +# ifdef DL_LAZY +# define LT_DLLAZY_OR_NOW DL_LAZY +# else +# ifdef RTLD_NOW +# define LT_DLLAZY_OR_NOW RTLD_NOW +# else +# ifdef DL_NOW +# define LT_DLLAZY_OR_NOW DL_NOW +# else +# define LT_DLLAZY_OR_NOW 0 +# endif +# endif +# endif +# endif +#endif + +/* When -fvisbility=hidden is used, assume the code has been annotated + correspondingly for the symbols needed. */ +#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) +int fnord () __attribute__((visibility("default"))); +#endif + +int fnord () { return 42; } +int main () +{ + void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); + int status = $lt_dlunknown; + + if (self) + { + if (dlsym (self,"fnord")) status = $lt_dlno_uscore; + else + { + if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; + else puts (dlerror ()); + } + /* dlclose (self); */ + } + else + puts (dlerror ()); + + return status; +} +_LT_EOF + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 + (eval $ac_link) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s conftest${ac_exeext} 2>/dev/null; then + (./conftest; exit; ) >&5 2>/dev/null + lt_status=$? + case x$lt_status in + x$lt_dlno_uscore) lt_cv_dlopen_self_static=yes ;; + x$lt_dlneed_uscore) lt_cv_dlopen_self_static=yes ;; + x$lt_dlunknown|x*) lt_cv_dlopen_self_static=no ;; + esac + else : + # compilation failed + lt_cv_dlopen_self_static=no + fi +fi +rm -fr conftest* + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self_static" >&5 +$as_echo "$lt_cv_dlopen_self_static" >&6; } + fi + + CPPFLAGS="$save_CPPFLAGS" + LDFLAGS="$save_LDFLAGS" + LIBS="$save_LIBS" + ;; + esac + + case $lt_cv_dlopen_self in + yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;; + *) enable_dlopen_self=unknown ;; + esac + + case $lt_cv_dlopen_self_static in + yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;; + *) enable_dlopen_self_static=unknown ;; + esac +fi + + + + + + + + + + + + + + + + + +striplib= +old_striplib= +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stripping libraries is possible" >&5 +$as_echo_n "checking whether stripping libraries is possible... " >&6; } +if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then + test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" + test -z "$striplib" && striplib="$STRIP --strip-unneeded" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else +# FIXME - insert some real tests, host_os isn't really good enough + case $host_os in + darwin*) + if test -n "$STRIP" ; then + striplib="$STRIP -x" + old_striplib="$STRIP -S" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + fi + ;; + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + ;; + esac +fi + + + + + + + + + + + + + # Report which library types will actually be built + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if libtool supports shared libraries" >&5 +$as_echo_n "checking if libtool supports shared libraries... " >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $can_build_shared" >&5 +$as_echo "$can_build_shared" >&6; } + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build shared libraries" >&5 +$as_echo_n "checking whether to build shared libraries... " >&6; } + test "$can_build_shared" = "no" && enable_shared=no + + # On AIX, shared libraries and static libraries use the same namespace, and + # are all built from PIC. + case $host_os in + aix3*) + test "$enable_shared" = yes && enable_static=no + if test -n "$RANLIB"; then + archive_cmds="$archive_cmds~\$RANLIB \$lib" + postinstall_cmds='$RANLIB $lib' + fi + ;; + + aix[4-9]*) + if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then + test "$enable_shared" = yes && enable_static=no + fi + ;; + esac + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_shared" >&5 +$as_echo "$enable_shared" >&6; } + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build static libraries" >&5 +$as_echo_n "checking whether to build static libraries... " >&6; } + # Make sure either enable_shared or enable_static is yes. + test "$enable_shared" = yes || enable_static=yes + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_static" >&5 +$as_echo "$enable_static" >&6; } + + + + +fi +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +CC="$lt_save_CC" + + + + + + + + + + + + + + ac_config_commands="$ac_config_commands libtool" + + + + +# Only expand once: + + + +# libtool -version-info +LT_VERSION=0:36:0 + + +# Check whether --enable-silent-rules was given. +if test "${enable_silent_rules+set}" = set; then : + enableval=$enable_silent_rules; +fi + +case $enable_silent_rules in +yes) AM_DEFAULT_VERBOSITY=0;; +no) AM_DEFAULT_VERBOSITY=1;; +*) AM_DEFAULT_VERBOSITY=0;; +esac +AM_BACKSLASH='\' + + +# Checks for programs. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C99" >&5 +$as_echo_n "checking for $CC option to accept ISO C99... " >&6; } +if test "${ac_cv_prog_cc_c99+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_prog_cc_c99=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#include +#include +#include + +// Check varargs macros. These examples are taken from C99 6.10.3.5. +#define debug(...) fprintf (stderr, __VA_ARGS__) +#define showlist(...) puts (#__VA_ARGS__) +#define report(test,...) ((test) ? puts (#test) : printf (__VA_ARGS__)) +static void +test_varargs_macros (void) +{ + int x = 1234; + int y = 5678; + debug ("Flag"); + debug ("X = %d\n", x); + showlist (The first, second, and third items.); + report (x>y, "x is %d but y is %d", x, y); +} + +// Check long long types. +#define BIG64 18446744073709551615ull +#define BIG32 4294967295ul +#define BIG_OK (BIG64 / BIG32 == 4294967297ull && BIG64 % BIG32 == 0) +#if !BIG_OK + your preprocessor is broken; +#endif +#if BIG_OK +#else + your preprocessor is broken; +#endif +static long long int bignum = -9223372036854775807LL; +static unsigned long long int ubignum = BIG64; + +struct incomplete_array +{ + int datasize; + double data[]; +}; + +struct named_init { + int number; + const wchar_t *name; + double average; +}; + +typedef const char *ccp; + +static inline int +test_restrict (ccp restrict text) +{ + // See if C++-style comments work. + // Iterate through items via the restricted pointer. + // Also check for declarations in for loops. + for (unsigned int i = 0; *(text+i) != '\0'; ++i) + continue; + return 0; +} + +// Check varargs and va_copy. +static void +test_varargs (const char *format, ...) +{ + va_list args; + va_start (args, format); + va_list args_copy; + va_copy (args_copy, args); + + const char *str; + int number; + float fnumber; + + while (*format) + { + switch (*format++) + { + case 's': // string + str = va_arg (args_copy, const char *); + break; + case 'd': // int + number = va_arg (args_copy, int); + break; + case 'f': // float + fnumber = va_arg (args_copy, double); + break; + default: + break; + } + } + va_end (args_copy); + va_end (args); +} + +int +main () +{ + + // Check bool. + _Bool success = false; + + // Check restrict. + if (test_restrict ("String literal") == 0) + success = true; + char *restrict newvar = "Another string"; + + // Check varargs. + test_varargs ("s, d' f .", "string", 65, 34.234); + test_varargs_macros (); + + // Check flexible array members. + struct incomplete_array *ia = + malloc (sizeof (struct incomplete_array) + (sizeof (double) * 10)); + ia->datasize = 10; + for (int i = 0; i < ia->datasize; ++i) + ia->data[i] = i * 1.234; + + // Check named initializers. + struct named_init ni = { + .number = 34, + .name = L"Test wide string", + .average = 543.34343, + }; + + ni.number = 58; + + int dynamic_array[ni.number]; + dynamic_array[ni.number - 1] = 543; + + // work around unused variable warnings + return (!success || bignum == 0LL || ubignum == 0uLL || newvar[0] == 'x' + || dynamic_array[ni.number - 1] != 543); + + ; + return 0; +} +_ACEOF +for ac_arg in '' -std=gnu99 -std=c99 -c99 -AC99 -xc99=all -qlanglvl=extc99 +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_c99=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext + test "x$ac_cv_prog_cc_c99" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC + +fi +# AC_CACHE_VAL +case "x$ac_cv_prog_cc_c99" in + x) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; + xno) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; + *) + CC="$CC $ac_cv_prog_cc_c99" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5 +$as_echo "$ac_cv_prog_cc_c99" >&6; } ;; +esac +if test "x$ac_cv_prog_cc_c99" != xno; then : + +fi + + +#AC_PROG_CC +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5 +$as_echo_n "checking whether ln -s works... " >&6; } +LN_S=$as_ln_s +if test "$LN_S" = "ln -s"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5 +$as_echo "no, using $LN_S" >&6; } +fi + +for ac_prog in gawk mawk nawk awk +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_prog_AWK+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$AWK"; then + ac_cv_prog_AWK="$AWK" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_prog_AWK="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +AWK=$ac_cv_prog_AWK +if test -n "$AWK"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 +$as_echo "$AWK" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$AWK" && break +done + + + MANTYPE= + TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" + for ac_prog in nroff awf +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if test "${ac_cv_path_NROFF+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + case $NROFF in + [\\/]* | ?:[\\/]*) + ac_cv_path_NROFF="$NROFF" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $TestPath +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_NROFF="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +NROFF=$ac_cv_path_NROFF +if test -n "$NROFF"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NROFF" >&5 +$as_echo "$NROFF" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$NROFF" && break +done +test -n "$NROFF" || NROFF="/bin/false" + + if ${NROFF} -mdoc ${srcdir}/doc/editrc.5.roff >/dev/null 2>&1; then + MANTYPE=mdoc + fi + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for tgetent in -lcurses" >&5 +$as_echo_n "checking for tgetent in -lcurses... " >&6; } +if test "${ac_cv_lib_curses_tgetent+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lcurses $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char tgetent (); +int +main () +{ +return tgetent (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_curses_tgetent=yes +else + ac_cv_lib_curses_tgetent=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_curses_tgetent" >&5 +$as_echo "$ac_cv_lib_curses_tgetent" >&6; } +if test "x$ac_cv_lib_curses_tgetent" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LIBCURSES 1 +_ACEOF + + LIBS="-lcurses $LIBS" + +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for tgetent in -lncurses" >&5 +$as_echo_n "checking for tgetent in -lncurses... " >&6; } +if test "${ac_cv_lib_ncurses_tgetent+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lncurses $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char tgetent (); +int +main () +{ +return tgetent (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_ncurses_tgetent=yes +else + ac_cv_lib_ncurses_tgetent=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ncurses_tgetent" >&5 +$as_echo "$ac_cv_lib_ncurses_tgetent" >&6; } +if test "x$ac_cv_lib_ncurses_tgetent" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LIBNCURSES 1 +_ACEOF + + LIBS="-lncurses $LIBS" + +else + as_fn_error "libcurses or libncurses are required!" "$LINENO" 5 +fi + +fi + + + +### use option --enable-widec to turn on use of wide-character support + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if you want wide-character code" >&5 +$as_echo_n "checking if you want wide-character code... " >&6; } + # Check whether --enable-widec was given. +if test "${enable_widec+set}" = set; then : + enableval=$enable_widec; with_widec=$enableval +else + with_widec=no +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $with_widec" >&5 +$as_echo "$with_widec" >&6; } + if test "$with_widec" = yes ; then + +$as_echo "#define WIDECHAR 1" >>confdefs.h + + fi + if test "$with_widec" = yes; then + WIDECHAR_TRUE= + WIDECHAR_FALSE='#' +else + WIDECHAR_TRUE='#' + WIDECHAR_FALSE= +fi + + + +# Checks for header files. +# The Ultrix 4.2 mips builtin alloca declared by alloca.h only works +# for constant arguments. Useless! +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for working alloca.h" >&5 +$as_echo_n "checking for working alloca.h... " >&6; } +if test "${ac_cv_working_alloca_h+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +char *p = (char *) alloca (2 * sizeof (int)); + if (p) return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_working_alloca_h=yes +else + ac_cv_working_alloca_h=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_working_alloca_h" >&5 +$as_echo "$ac_cv_working_alloca_h" >&6; } +if test $ac_cv_working_alloca_h = yes; then + +$as_echo "#define HAVE_ALLOCA_H 1" >>confdefs.h + +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for alloca" >&5 +$as_echo_n "checking for alloca... " >&6; } +if test "${ac_cv_func_alloca_works+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __GNUC__ +# define alloca __builtin_alloca +#else +# ifdef _MSC_VER +# include +# define alloca _alloca +# else +# ifdef HAVE_ALLOCA_H +# include +# else +# ifdef _AIX + #pragma alloca +# else +# ifndef alloca /* predefined by HP cc +Olibcalls */ +char *alloca (); +# endif +# endif +# endif +# endif +#endif + +int +main () +{ +char *p = (char *) alloca (1); + if (p) return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_func_alloca_works=yes +else + ac_cv_func_alloca_works=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_alloca_works" >&5 +$as_echo "$ac_cv_func_alloca_works" >&6; } + +if test $ac_cv_func_alloca_works = yes; then + +$as_echo "#define HAVE_ALLOCA 1" >>confdefs.h + +else + # The SVR3 libPW and SVR4 libucb both contain incompatible functions +# that cause trouble. Some versions do not even contain alloca or +# contain a buggy version. If you still want to use their alloca, +# use ar to extract alloca.o from them instead of compiling alloca.c. + +ALLOCA=\${LIBOBJDIR}alloca.$ac_objext + +$as_echo "#define C_ALLOCA 1" >>confdefs.h + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether \`alloca.c' needs Cray hooks" >&5 +$as_echo_n "checking whether \`alloca.c' needs Cray hooks... " >&6; } +if test "${ac_cv_os_cray+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#if defined CRAY && ! defined CRAY2 +webecray +#else +wenotbecray +#endif + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "webecray" >/dev/null 2>&1; then : + ac_cv_os_cray=yes +else + ac_cv_os_cray=no +fi +rm -f conftest* + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_os_cray" >&5 +$as_echo "$ac_cv_os_cray" >&6; } +if test $ac_cv_os_cray = yes; then + for ac_func in _getb67 GETB67 getb67; do + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +eval as_val=\$$as_ac_var + if test "x$as_val" = x""yes; then : + +cat >>confdefs.h <<_ACEOF +#define CRAY_STACKSEG_END $ac_func +_ACEOF + + break +fi + + done +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking stack direction for C alloca" >&5 +$as_echo_n "checking stack direction for C alloca... " >&6; } +if test "${ac_cv_c_stack_direction+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + ac_cv_c_stack_direction=0 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +int +find_stack_direction () +{ + static char *addr = 0; + auto char dummy; + if (addr == 0) + { + addr = &dummy; + return find_stack_direction (); + } + else + return (&dummy > addr) ? 1 : -1; +} + +int +main () +{ + return find_stack_direction () < 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_c_stack_direction=1 +else + ac_cv_c_stack_direction=-1 +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_stack_direction" >&5 +$as_echo "$ac_cv_c_stack_direction" >&6; } +cat >>confdefs.h <<_ACEOF +#define STACK_DIRECTION $ac_cv_c_stack_direction +_ACEOF + + +fi + +ac_header_dirent=no +for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h; do + as_ac_Header=`$as_echo "ac_cv_header_dirent_$ac_hdr" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_hdr that defines DIR" >&5 +$as_echo_n "checking for $ac_hdr that defines DIR... " >&6; } +if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include <$ac_hdr> + +int +main () +{ +if ((DIR *) 0) +return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_ac_Header=yes" +else + eval "$as_ac_Header=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +eval ac_res=\$$as_ac_Header + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_hdr" | $as_tr_cpp` 1 +_ACEOF + +ac_header_dirent=$ac_hdr; break +fi + +done +# Two versions of opendir et al. are in -ldir and -lx on SCO Xenix. +if test $ac_header_dirent = dirent.h; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing opendir" >&5 +$as_echo_n "checking for library containing opendir... " >&6; } +if test "${ac_cv_search_opendir+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char opendir (); +int +main () +{ +return opendir (); + ; + return 0; +} +_ACEOF +for ac_lib in '' dir; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_opendir=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if test "${ac_cv_search_opendir+set}" = set; then : + break +fi +done +if test "${ac_cv_search_opendir+set}" = set; then : + +else + ac_cv_search_opendir=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_opendir" >&5 +$as_echo "$ac_cv_search_opendir" >&6; } +ac_res=$ac_cv_search_opendir +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing opendir" >&5 +$as_echo_n "checking for library containing opendir... " >&6; } +if test "${ac_cv_search_opendir+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char opendir (); +int +main () +{ +return opendir (); + ; + return 0; +} +_ACEOF +for ac_lib in '' x; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_opendir=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if test "${ac_cv_search_opendir+set}" = set; then : + break +fi +done +if test "${ac_cv_search_opendir+set}" = set; then : + +else + ac_cv_search_opendir=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_opendir" >&5 +$as_echo "$ac_cv_search_opendir" >&6; } +ac_res=$ac_cv_search_opendir +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 +$as_echo_n "checking for ANSI C header files... " >&6; } +if test "${ac_cv_header_stdc+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#include +#include + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_header_stdc=yes +else + ac_cv_header_stdc=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +if test $ac_cv_header_stdc = yes; then + # SunOS 4.x string.h does not declare mem*, contrary to ANSI. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "memchr" >/dev/null 2>&1; then : + +else + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "free" >/dev/null 2>&1; then : + +else + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. + if test "$cross_compiling" = yes; then : + : +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#if ((' ' & 0x0FF) == 0x020) +# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') +# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) +#else +# define ISLOWER(c) \ + (('a' <= (c) && (c) <= 'i') \ + || ('j' <= (c) && (c) <= 'r') \ + || ('s' <= (c) && (c) <= 'z')) +# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) +#endif + +#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) +int +main () +{ + int i; + for (i = 0; i < 256; i++) + if (XOR (islower (i), ISLOWER (i)) + || toupper (i) != TOUPPER (i)) + return 2; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + +else + ac_cv_header_stdc=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 +$as_echo "$ac_cv_header_stdc" >&6; } +if test $ac_cv_header_stdc = yes; then + +$as_echo "#define STDC_HEADERS 1" >>confdefs.h + +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sys/wait.h that is POSIX.1 compatible" >&5 +$as_echo_n "checking for sys/wait.h that is POSIX.1 compatible... " >&6; } +if test "${ac_cv_header_sys_wait_h+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#ifndef WEXITSTATUS +# define WEXITSTATUS(stat_val) ((unsigned int) (stat_val) >> 8) +#endif +#ifndef WIFEXITED +# define WIFEXITED(stat_val) (((stat_val) & 255) == 0) +#endif + +int +main () +{ + int s; + wait (&s); + s = WIFEXITED (s) ? WEXITSTATUS (s) : 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_header_sys_wait_h=yes +else + ac_cv_header_sys_wait_h=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_sys_wait_h" >&5 +$as_echo "$ac_cv_header_sys_wait_h" >&6; } +if test $ac_cv_header_sys_wait_h = yes; then + +$as_echo "#define HAVE_SYS_WAIT_H 1" >>confdefs.h + +fi + +for ac_header in fcntl.h limits.h malloc.h stdlib.h string.h sys/ioctl.h sys/param.h unistd.h curses.h ncurses.h sys/cdefs.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +eval as_val=\$$as_ac_Header + if test "x$as_val" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + +ac_fn_c_check_header_mongrel "$LINENO" "termios.h" "ac_cv_header_termios_h" "$ac_includes_default" +if test "x$ac_cv_header_termios_h" = x""yes; then : + +else + as_fn_error "termios.h is required!" "$LINENO" 5 +fi + + + +## include curses.h to prevent "Present But Cannot Be Compiled" +for ac_header in term.h +do : + ac_fn_c_check_header_compile "$LINENO" "term.h" "ac_cv_header_term_h" "#if HAVE_CURSES_H +# include +#elif HAVE_NCURSES_H +# include +#endif + +" +if test "x$ac_cv_header_term_h" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_TERM_H 1 +_ACEOF + +fi + +done + + +# Checks for typedefs, structures, and compiler characteristics. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5 +$as_echo_n "checking for an ANSI C-conforming const... " >&6; } +if test "${ac_cv_c_const+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ +/* FIXME: Include the comments suggested by Paul. */ +#ifndef __cplusplus + /* Ultrix mips cc rejects this. */ + typedef int charset[2]; + const charset cs; + /* SunOS 4.1.1 cc rejects this. */ + char const *const *pcpcc; + char **ppc; + /* NEC SVR4.0.2 mips cc rejects this. */ + struct point {int x, y;}; + static struct point const zero = {0,0}; + /* AIX XL C 1.02.0.0 rejects this. + It does not let you subtract one const X* pointer from another in + an arm of an if-expression whose if-part is not a constant + expression */ + const char *g = "string"; + pcpcc = &g + (g ? g-g : 0); + /* HPUX 7.0 cc rejects these. */ + ++pcpcc; + ppc = (char**) pcpcc; + pcpcc = (char const *const *) ppc; + { /* SCO 3.2v4 cc rejects this. */ + char *t; + char const *s = 0 ? (char *) 0 : (char const *) 0; + + *t++ = 0; + if (s) return 0; + } + { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ + int x[] = {25, 17}; + const int *foo = &x[0]; + ++foo; + } + { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ + typedef const int *iptr; + iptr p = 0; + ++p; + } + { /* AIX XL C 1.02.0.0 rejects this saying + "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ + struct s { int j; const int *ap[3]; }; + struct s *b; b->j = 5; + } + { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ + const int foo = 10; + if (!foo) return 0; + } + return !cs[0] && !zero.x; +#endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_c_const=yes +else + ac_cv_c_const=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5 +$as_echo "$ac_cv_c_const" >&6; } +if test $ac_cv_c_const = no; then + +$as_echo "#define const /**/" >>confdefs.h + +fi + +ac_fn_c_check_type "$LINENO" "pid_t" "ac_cv_type_pid_t" "$ac_includes_default" +if test "x$ac_cv_type_pid_t" = x""yes; then : + +else + +cat >>confdefs.h <<_ACEOF +#define pid_t int +_ACEOF + +fi + +ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" +if test "x$ac_cv_type_size_t" = x""yes; then : + +else + +cat >>confdefs.h <<_ACEOF +#define size_t unsigned int +_ACEOF + +fi + +ac_fn_c_check_type "$LINENO" "u_int32_t" "ac_cv_type_u_int32_t" "$ac_includes_default" +if test "x$ac_cv_type_u_int32_t" = x""yes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_U_INT32_T 1 +_ACEOF + + +fi + + +# Checks for library functions. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether closedir returns void" >&5 +$as_echo_n "checking whether closedir returns void... " >&6; } +if test "${ac_cv_func_closedir_void+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + ac_cv_func_closedir_void=yes +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +#include <$ac_header_dirent> +#ifndef __cplusplus +int closedir (); +#endif + +int +main () +{ +return closedir (opendir (".")) != 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_func_closedir_void=no +else + ac_cv_func_closedir_void=yes +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_closedir_void" >&5 +$as_echo "$ac_cv_func_closedir_void" >&6; } +if test $ac_cv_func_closedir_void = yes; then + +$as_echo "#define CLOSEDIR_VOID 1" >>confdefs.h + +fi + +for ac_header in vfork.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "vfork.h" "ac_cv_header_vfork_h" "$ac_includes_default" +if test "x$ac_cv_header_vfork_h" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_VFORK_H 1 +_ACEOF + +fi + +done + +for ac_func in fork vfork +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +eval as_val=\$$as_ac_var + if test "x$as_val" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + +if test "x$ac_cv_func_fork" = xyes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working fork" >&5 +$as_echo_n "checking for working fork... " >&6; } +if test "${ac_cv_func_fork_works+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + ac_cv_func_fork_works=cross +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +int +main () +{ + + /* By Ruediger Kuhlmann. */ + return fork () < 0; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_func_fork_works=yes +else + ac_cv_func_fork_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_fork_works" >&5 +$as_echo "$ac_cv_func_fork_works" >&6; } + +else + ac_cv_func_fork_works=$ac_cv_func_fork +fi +if test "x$ac_cv_func_fork_works" = xcross; then + case $host in + *-*-amigaos* | *-*-msdosdjgpp*) + # Override, as these systems have only a dummy fork() stub + ac_cv_func_fork_works=no + ;; + *) + ac_cv_func_fork_works=yes + ;; + esac + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: result $ac_cv_func_fork_works guessed because of cross compilation" >&5 +$as_echo "$as_me: WARNING: result $ac_cv_func_fork_works guessed because of cross compilation" >&2;} +fi +ac_cv_func_vfork_works=$ac_cv_func_vfork +if test "x$ac_cv_func_vfork" = xyes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working vfork" >&5 +$as_echo_n "checking for working vfork... " >&6; } +if test "${ac_cv_func_vfork_works+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + ac_cv_func_vfork_works=cross +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* Thanks to Paul Eggert for this test. */ +$ac_includes_default +#include +#ifdef HAVE_VFORK_H +# include +#endif +/* On some sparc systems, changes by the child to local and incoming + argument registers are propagated back to the parent. The compiler + is told about this with #include , but some compilers + (e.g. gcc -O) don't grok . Test for this by using a + static variable whose address is put into a register that is + clobbered by the vfork. */ +static void +#ifdef __cplusplus +sparc_address_test (int arg) +# else +sparc_address_test (arg) int arg; +#endif +{ + static pid_t child; + if (!child) { + child = vfork (); + if (child < 0) { + perror ("vfork"); + _exit(2); + } + if (!child) { + arg = getpid(); + write(-1, "", 0); + _exit (arg); + } + } +} + +int +main () +{ + pid_t parent = getpid (); + pid_t child; + + sparc_address_test (0); + + child = vfork (); + + if (child == 0) { + /* Here is another test for sparc vfork register problems. This + test uses lots of local variables, at least as many local + variables as main has allocated so far including compiler + temporaries. 4 locals are enough for gcc 1.40.3 on a Solaris + 4.1.3 sparc, but we use 8 to be safe. A buggy compiler should + reuse the register of parent for one of the local variables, + since it will think that parent can't possibly be used any more + in this routine. Assigning to the local variable will thus + munge parent in the parent process. */ + pid_t + p = getpid(), p1 = getpid(), p2 = getpid(), p3 = getpid(), + p4 = getpid(), p5 = getpid(), p6 = getpid(), p7 = getpid(); + /* Convince the compiler that p..p7 are live; otherwise, it might + use the same hardware register for all 8 local variables. */ + if (p != p1 || p != p2 || p != p3 || p != p4 + || p != p5 || p != p6 || p != p7) + _exit(1); + + /* On some systems (e.g. IRIX 3.3), vfork doesn't separate parent + from child file descriptors. If the child closes a descriptor + before it execs or exits, this munges the parent's descriptor + as well. Test for this by closing stdout in the child. */ + _exit(close(fileno(stdout)) != 0); + } else { + int status; + struct stat st; + + while (wait(&status) != child) + ; + return ( + /* Was there some problem with vforking? */ + child < 0 + + /* Did the child fail? (This shouldn't happen.) */ + || status + + /* Did the vfork/compiler bug occur? */ + || parent != getpid() + + /* Did the file descriptor bug occur? */ + || fstat(fileno(stdout), &st) != 0 + ); + } +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_func_vfork_works=yes +else + ac_cv_func_vfork_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_vfork_works" >&5 +$as_echo "$ac_cv_func_vfork_works" >&6; } + +fi; +if test "x$ac_cv_func_fork_works" = xcross; then + ac_cv_func_vfork_works=$ac_cv_func_vfork + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: result $ac_cv_func_vfork_works guessed because of cross compilation" >&5 +$as_echo "$as_me: WARNING: result $ac_cv_func_vfork_works guessed because of cross compilation" >&2;} +fi + +if test "x$ac_cv_func_vfork_works" = xyes; then + +$as_echo "#define HAVE_WORKING_VFORK 1" >>confdefs.h + +else + +$as_echo "#define vfork fork" >>confdefs.h + +fi +if test "x$ac_cv_func_fork_works" = xyes; then + +$as_echo "#define HAVE_WORKING_FORK 1" >>confdefs.h + +fi + +if test $ac_cv_c_compiler_gnu = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC needs -traditional" >&5 +$as_echo_n "checking whether $CC needs -traditional... " >&6; } +if test "${ac_cv_prog_gcc_traditional+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + ac_pattern="Autoconf.*'x'" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +Autoconf TIOCGETP +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "$ac_pattern" >/dev/null 2>&1; then : + ac_cv_prog_gcc_traditional=yes +else + ac_cv_prog_gcc_traditional=no +fi +rm -f conftest* + + + if test $ac_cv_prog_gcc_traditional = no; then + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +Autoconf TCGETA +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "$ac_pattern" >/dev/null 2>&1; then : + ac_cv_prog_gcc_traditional=yes +fi +rm -f conftest* + + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_gcc_traditional" >&5 +$as_echo "$ac_cv_prog_gcc_traditional" >&6; } + if test $ac_cv_prog_gcc_traditional = yes; then + CC="$CC -traditional" + fi +fi + +## _AIX is offended by rpl_malloc and rpl_realloc +#AC_FUNC_MALLOC +#AC_FUNC_REALLOC +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of signal handlers" >&5 +$as_echo_n "checking return type of signal handlers... " >&6; } +if test "${ac_cv_type_signal+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include + +int +main () +{ +return *(signal (0, 0)) (0) == 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_type_signal=int +else + ac_cv_type_signal=void +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_signal" >&5 +$as_echo "$ac_cv_type_signal" >&6; } + +cat >>confdefs.h <<_ACEOF +#define RETSIGTYPE $ac_cv_type_signal +_ACEOF + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether lstat correctly handles trailing slash" >&5 +$as_echo_n "checking whether lstat correctly handles trailing slash... " >&6; } +if test "${ac_cv_func_lstat_dereferences_slashed_symlink+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + rm -f conftest.sym conftest.file +echo >conftest.file +if test "$as_ln_s" = "ln -s" && ln -s conftest.file conftest.sym; then + if test "$cross_compiling" = yes; then : + ac_cv_func_lstat_dereferences_slashed_symlink=no +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +int +main () +{ +struct stat sbuf; + /* Linux will dereference the symlink and fail, as required by POSIX. + That is better in the sense that it means we will not + have to compile and use the lstat wrapper. */ + return lstat ("conftest.sym/", &sbuf) == 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_func_lstat_dereferences_slashed_symlink=yes +else + ac_cv_func_lstat_dereferences_slashed_symlink=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +else + # If the `ln -s' command failed, then we probably don't even + # have an lstat function. + ac_cv_func_lstat_dereferences_slashed_symlink=no +fi +rm -f conftest.sym conftest.file + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_lstat_dereferences_slashed_symlink" >&5 +$as_echo "$ac_cv_func_lstat_dereferences_slashed_symlink" >&6; } + +test $ac_cv_func_lstat_dereferences_slashed_symlink = yes && + +cat >>confdefs.h <<_ACEOF +#define LSTAT_FOLLOWS_SLASHED_SYMLINK 1 +_ACEOF + + +if test "x$ac_cv_func_lstat_dereferences_slashed_symlink" = xno; then + case " $LIBOBJS " in + *" lstat.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS lstat.$ac_objext" + ;; +esac + +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stat accepts an empty string" >&5 +$as_echo_n "checking whether stat accepts an empty string... " >&6; } +if test "${ac_cv_func_stat_empty_string_bug+set}" = set; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + ac_cv_func_stat_empty_string_bug=yes +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +int +main () +{ +struct stat sbuf; + return stat ("", &sbuf) == 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_func_stat_empty_string_bug=no +else + ac_cv_func_stat_empty_string_bug=yes +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_stat_empty_string_bug" >&5 +$as_echo "$ac_cv_func_stat_empty_string_bug" >&6; } +if test $ac_cv_func_stat_empty_string_bug = yes; then + case " $LIBOBJS " in + *" stat.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS stat.$ac_objext" + ;; +esac + + +cat >>confdefs.h <<_ACEOF +#define HAVE_STAT_EMPTY_STRING_BUG 1 +_ACEOF + +fi + +for ac_func in endpwent isascii memchr memset re_comp regcomp strcasecmp strchr strcspn strdup strerror strrchr strstr strtol issetugid wcsdup +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +eval as_val=\$$as_ac_var + if test "x$as_val" = x""yes; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether getpwnam_r and getpwuid_r are posix like" >&5 +$as_echo_n "checking whether getpwnam_r and getpwuid_r are posix like... " >&6; } + # The prototype for the POSIX version is: + # int getpwnam_r(char *, struct passwd *, char *, size_t, struct passwd **) + # int getpwuid_r(uid_t, struct passwd *, char *, size_t, struct passwd **); + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include + #include +int +main () +{ +getpwnam_r(NULL, NULL, NULL, (size_t)0, NULL); + getpwuid_r((uid_t)0, NULL, NULL, (size_t)0, NULL); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + +$as_echo "#define HAVE_GETPW_R_POSIX 1" >>confdefs.h + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether getpwnam_r and getpwuid_r are posix _draft_ like" >&5 +$as_echo_n "checking whether getpwnam_r and getpwuid_r are posix _draft_ like... " >&6; } + # The prototype for the POSIX draft version is: + # struct passwd *getpwuid_r(uid_t, struct passwd *, char *, int); + # struct passwd *getpwnam_r(char *, struct passwd *, char *, int); + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include + #include +int +main () +{ +getpwnam_r(NULL, NULL, NULL, (size_t)0); + getpwuid_r((uid_t)0, NULL, NULL, (size_t)0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + +$as_echo "#define HAVE_GETPW_R_DRAFT 1" >>confdefs.h + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + + + + + +ac_config_files="$ac_config_files Makefile src/Makefile" + +cat >confcache <<\_ACEOF +# This file is a shell script that caches the results of configure +# tests run on this system so they can be shared between configure +# scripts and configure runs, see configure's option --config-cache. +# It is not useful on other systems. If it contains results you don't +# want to keep, you may remove or edit it. +# +# config.status only pays attention to the cache file if you give it +# the --recheck option to rerun configure. +# +# `ac_cv_env_foo' variables (set or unset) will be overridden when +# loading this file, other *unset* `ac_cv_foo' will be assigned the +# following values. + +_ACEOF + +# The following way of writing the cache mishandles newlines in values, +# but we know of no workaround that is simple, portable, and efficient. +# So, we kill variables containing newlines. +# Ultrix sh set writes to stderr and can't be redirected directly, +# and sets the high bit in the cache file unless we assign to the vars. +( + for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + + (set) 2>&1 | + case $as_nl`(ac_space=' '; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + # `set' does not quote correctly, so add quotes: double-quote + # substitution turns \\\\ into \\, and sed turns \\ into \. + sed -n \ + "s/'/'\\\\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" + ;; #( + *) + # `set' quotes correctly as required by POSIX, so do not add quotes. + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) | + sed ' + /^ac_cv_env_/b end + t clear + :clear + s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ + t end + s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ + :end' >>confcache +if diff "$cache_file" confcache >/dev/null 2>&1; then :; else + if test -w "$cache_file"; then + test "x$cache_file" != "x/dev/null" && + { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 +$as_echo "$as_me: updating cache $cache_file" >&6;} + cat confcache >$cache_file + else + { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 +$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} + fi +fi +rm -f confcache + +test "x$prefix" = xNONE && prefix=$ac_default_prefix +# Let make expand exec_prefix. +test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' + +DEFS=-DHAVE_CONFIG_H + +ac_libobjs= +ac_ltlibobjs= +for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue + # 1. Remove the extension, and $U if already installed. + ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' + ac_i=`$as_echo "$ac_i" | sed "$ac_script"` + # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR + # will be set to the directory where LIBOBJS objects are built. + as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" + as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' +done +LIBOBJS=$ac_libobjs + +LTLIBOBJS=$ac_ltlibobjs + + +if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then + as_fn_error "conditional \"AMDEP\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then + as_fn_error "conditional \"am__fastdepCC\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi + if test -n "$EXEEXT"; then + am__EXEEXT_TRUE= + am__EXEEXT_FALSE='#' +else + am__EXEEXT_TRUE='#' + am__EXEEXT_FALSE= +fi + +if test -z "${WIDECHAR_TRUE}" && test -z "${WIDECHAR_FALSE}"; then + as_fn_error "conditional \"WIDECHAR\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi + +: ${CONFIG_STATUS=./config.status} +ac_write_fail=0 +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files $CONFIG_STATUS" +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 +$as_echo "$as_me: creating $CONFIG_STATUS" >&6;} +as_write_fail=0 +cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 +#! $SHELL +# Generated by $as_me. +# Run this file to recreate the current configuration. +# Compiler output produced by configure, useful for debugging +# configure, is in config.log if it exists. + +debug=false +ac_cs_recheck=false +ac_cs_silent=false + +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + + +# as_fn_error ERROR [LINENO LOG_FD] +# --------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with status $?, using 1 if that was 0. +as_fn_error () +{ + as_status=$?; test $as_status -eq 0 && as_status=1 + if test "$3"; then + as_lineno=${as_lineno-"$2"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $1" >&$3 + fi + $as_echo "$as_me: error: $1" >&2 + as_fn_exit $as_status +} # as_fn_error + + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -p'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -p' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -p' + fi +else + as_ln_s='cp -p' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error "cannot create directory $as_dir" + + +} # as_fn_mkdir_p +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + +if test -x / >/dev/null 2>&1; then + as_test_x='test -x' +else + if ls -dL / >/dev/null 2>&1; then + as_ls_L_option=L + else + as_ls_L_option= + fi + as_test_x=' + eval sh -c '\'' + if test -d "$1"; then + test -d "$1/."; + else + case $1 in #( + -*)set "./$1";; + esac; + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( + ???[sx]*):;;*)false;;esac;fi + '\'' sh + ' +fi +as_executable_p=$as_test_x + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +exec 6>&1 +## ----------------------------------- ## +## Main body of $CONFIG_STATUS script. ## +## ----------------------------------- ## +_ASEOF +test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# Save the log message, to keep $0 and so on meaningful, and to +# report actual input values of CONFIG_FILES etc. instead of their +# values after options handling. +ac_log=" +This file was extended by libedit $as_me 3.0, which was +generated by GNU Autoconf 2.65. Invocation command line was + + CONFIG_FILES = $CONFIG_FILES + CONFIG_HEADERS = $CONFIG_HEADERS + CONFIG_LINKS = $CONFIG_LINKS + CONFIG_COMMANDS = $CONFIG_COMMANDS + $ $0 $@ + +on `(hostname || uname -n) 2>/dev/null | sed 1q` +" + +_ACEOF + +case $ac_config_files in *" +"*) set x $ac_config_files; shift; ac_config_files=$*;; +esac + +case $ac_config_headers in *" +"*) set x $ac_config_headers; shift; ac_config_headers=$*;; +esac + + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +# Files that config.status was made for. +config_files="$ac_config_files" +config_headers="$ac_config_headers" +config_commands="$ac_config_commands" + +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +ac_cs_usage="\ +\`$as_me' instantiates files and other configuration actions +from templates according to the current configuration. Unless the files +and actions are specified as TAGs, all are instantiated by default. + +Usage: $0 [OPTION]... [TAG]... + + -h, --help print this help, then exit + -V, --version print version number and configuration settings, then exit + --config print configuration, then exit + -q, --quiet, --silent + do not print progress messages + -d, --debug don't remove temporary files + --recheck update $as_me by reconfiguring in the same conditions + --file=FILE[:TEMPLATE] + instantiate the configuration file FILE + --header=FILE[:TEMPLATE] + instantiate the configuration header FILE + +Configuration files: +$config_files + +Configuration headers: +$config_headers + +Configuration commands: +$config_commands + +Report bugs to the package provider." + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" +ac_cs_version="\\ +libedit config.status 3.0 +configured by $0, generated by GNU Autoconf 2.65, + with options \\"\$ac_cs_config\\" + +Copyright (C) 2009 Free Software Foundation, Inc. +This config.status script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it." + +ac_pwd='$ac_pwd' +srcdir='$srcdir' +INSTALL='$INSTALL' +MKDIR_P='$MKDIR_P' +AWK='$AWK' +test -n "\$AWK" || AWK=awk +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# The default lists apply if the user does not specify any file. +ac_need_defaults=: +while test $# != 0 +do + case $1 in + --*=*) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` + ac_shift=: + ;; + *) + ac_option=$1 + ac_optarg=$2 + ac_shift=shift + ;; + esac + + case $ac_option in + # Handling of the options. + -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) + ac_cs_recheck=: ;; + --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) + $as_echo "$ac_cs_version"; exit ;; + --config | --confi | --conf | --con | --co | --c ) + $as_echo "$ac_cs_config"; exit ;; + --debug | --debu | --deb | --de | --d | -d ) + debug=: ;; + --file | --fil | --fi | --f ) + $ac_shift + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + as_fn_append CONFIG_FILES " '$ac_optarg'" + ac_need_defaults=false;; + --header | --heade | --head | --hea ) + $ac_shift + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + as_fn_append CONFIG_HEADERS " '$ac_optarg'" + ac_need_defaults=false;; + --he | --h) + # Conflict between --help and --header + as_fn_error "ambiguous option: \`$1' +Try \`$0 --help' for more information.";; + --help | --hel | -h ) + $as_echo "$ac_cs_usage"; exit ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil | --si | --s) + ac_cs_silent=: ;; + + # This is an error. + -*) as_fn_error "unrecognized option: \`$1' +Try \`$0 --help' for more information." ;; + + *) as_fn_append ac_config_targets " $1" + ac_need_defaults=false ;; + + esac + shift +done + +ac_configure_extra_args= + +if $ac_cs_silent; then + exec 6>/dev/null + ac_configure_extra_args="$ac_configure_extra_args --silent" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +if \$ac_cs_recheck; then + set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + shift + \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 + CONFIG_SHELL='$SHELL' + export CONFIG_SHELL + exec "\$@" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +exec 5>>config.log +{ + echo + sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX +## Running $as_me. ## +_ASBOX + $as_echo "$ac_log" +} >&5 + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +# +# INIT-COMMANDS +# +AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir" + + +# The HP-UX ksh and POSIX shell print the target directory to stdout +# if CDPATH is set. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +sed_quote_subst='$sed_quote_subst' +double_quote_subst='$double_quote_subst' +delay_variable_subst='$delay_variable_subst' +macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`' +macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`' +enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`' +enable_static='`$ECHO "$enable_static" | $SED "$delay_single_quote_subst"`' +pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`' +enable_fast_install='`$ECHO "$enable_fast_install" | $SED "$delay_single_quote_subst"`' +SHELL='`$ECHO "$SHELL" | $SED "$delay_single_quote_subst"`' +ECHO='`$ECHO "$ECHO" | $SED "$delay_single_quote_subst"`' +host_alias='`$ECHO "$host_alias" | $SED "$delay_single_quote_subst"`' +host='`$ECHO "$host" | $SED "$delay_single_quote_subst"`' +host_os='`$ECHO "$host_os" | $SED "$delay_single_quote_subst"`' +build_alias='`$ECHO "$build_alias" | $SED "$delay_single_quote_subst"`' +build='`$ECHO "$build" | $SED "$delay_single_quote_subst"`' +build_os='`$ECHO "$build_os" | $SED "$delay_single_quote_subst"`' +SED='`$ECHO "$SED" | $SED "$delay_single_quote_subst"`' +Xsed='`$ECHO "$Xsed" | $SED "$delay_single_quote_subst"`' +GREP='`$ECHO "$GREP" | $SED "$delay_single_quote_subst"`' +EGREP='`$ECHO "$EGREP" | $SED "$delay_single_quote_subst"`' +FGREP='`$ECHO "$FGREP" | $SED "$delay_single_quote_subst"`' +LD='`$ECHO "$LD" | $SED "$delay_single_quote_subst"`' +NM='`$ECHO "$NM" | $SED "$delay_single_quote_subst"`' +LN_S='`$ECHO "$LN_S" | $SED "$delay_single_quote_subst"`' +max_cmd_len='`$ECHO "$max_cmd_len" | $SED "$delay_single_quote_subst"`' +ac_objext='`$ECHO "$ac_objext" | $SED "$delay_single_quote_subst"`' +exeext='`$ECHO "$exeext" | $SED "$delay_single_quote_subst"`' +lt_unset='`$ECHO "$lt_unset" | $SED "$delay_single_quote_subst"`' +lt_SP2NL='`$ECHO "$lt_SP2NL" | $SED "$delay_single_quote_subst"`' +lt_NL2SP='`$ECHO "$lt_NL2SP" | $SED "$delay_single_quote_subst"`' +lt_cv_to_host_file_cmd='`$ECHO "$lt_cv_to_host_file_cmd" | $SED "$delay_single_quote_subst"`' +lt_cv_to_tool_file_cmd='`$ECHO "$lt_cv_to_tool_file_cmd" | $SED "$delay_single_quote_subst"`' +reload_flag='`$ECHO "$reload_flag" | $SED "$delay_single_quote_subst"`' +reload_cmds='`$ECHO "$reload_cmds" | $SED "$delay_single_quote_subst"`' +OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`' +deplibs_check_method='`$ECHO "$deplibs_check_method" | $SED "$delay_single_quote_subst"`' +file_magic_cmd='`$ECHO "$file_magic_cmd" | $SED "$delay_single_quote_subst"`' +file_magic_glob='`$ECHO "$file_magic_glob" | $SED "$delay_single_quote_subst"`' +want_nocaseglob='`$ECHO "$want_nocaseglob" | $SED "$delay_single_quote_subst"`' +DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`' +sharedlib_from_linklib_cmd='`$ECHO "$sharedlib_from_linklib_cmd" | $SED "$delay_single_quote_subst"`' +AR='`$ECHO "$AR" | $SED "$delay_single_quote_subst"`' +AR_FLAGS='`$ECHO "$AR_FLAGS" | $SED "$delay_single_quote_subst"`' +archiver_list_spec='`$ECHO "$archiver_list_spec" | $SED "$delay_single_quote_subst"`' +STRIP='`$ECHO "$STRIP" | $SED "$delay_single_quote_subst"`' +RANLIB='`$ECHO "$RANLIB" | $SED "$delay_single_quote_subst"`' +old_postinstall_cmds='`$ECHO "$old_postinstall_cmds" | $SED "$delay_single_quote_subst"`' +old_postuninstall_cmds='`$ECHO "$old_postuninstall_cmds" | $SED "$delay_single_quote_subst"`' +old_archive_cmds='`$ECHO "$old_archive_cmds" | $SED "$delay_single_quote_subst"`' +lock_old_archive_extraction='`$ECHO "$lock_old_archive_extraction" | $SED "$delay_single_quote_subst"`' +CC='`$ECHO "$CC" | $SED "$delay_single_quote_subst"`' +CFLAGS='`$ECHO "$CFLAGS" | $SED "$delay_single_quote_subst"`' +compiler='`$ECHO "$compiler" | $SED "$delay_single_quote_subst"`' +GCC='`$ECHO "$GCC" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_pipe='`$ECHO "$lt_cv_sys_global_symbol_pipe" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_to_cdecl='`$ECHO "$lt_cv_sys_global_symbol_to_cdecl" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_to_c_name_address='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address_lib_prefix" | $SED "$delay_single_quote_subst"`' +nm_file_list_spec='`$ECHO "$nm_file_list_spec" | $SED "$delay_single_quote_subst"`' +lt_sysroot='`$ECHO "$lt_sysroot" | $SED "$delay_single_quote_subst"`' +objdir='`$ECHO "$objdir" | $SED "$delay_single_quote_subst"`' +MAGIC_CMD='`$ECHO "$MAGIC_CMD" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_no_builtin_flag='`$ECHO "$lt_prog_compiler_no_builtin_flag" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_pic='`$ECHO "$lt_prog_compiler_pic" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_wl='`$ECHO "$lt_prog_compiler_wl" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_static='`$ECHO "$lt_prog_compiler_static" | $SED "$delay_single_quote_subst"`' +lt_cv_prog_compiler_c_o='`$ECHO "$lt_cv_prog_compiler_c_o" | $SED "$delay_single_quote_subst"`' +need_locks='`$ECHO "$need_locks" | $SED "$delay_single_quote_subst"`' +MANIFEST_TOOL='`$ECHO "$MANIFEST_TOOL" | $SED "$delay_single_quote_subst"`' +DSYMUTIL='`$ECHO "$DSYMUTIL" | $SED "$delay_single_quote_subst"`' +NMEDIT='`$ECHO "$NMEDIT" | $SED "$delay_single_quote_subst"`' +LIPO='`$ECHO "$LIPO" | $SED "$delay_single_quote_subst"`' +OTOOL='`$ECHO "$OTOOL" | $SED "$delay_single_quote_subst"`' +OTOOL64='`$ECHO "$OTOOL64" | $SED "$delay_single_quote_subst"`' +libext='`$ECHO "$libext" | $SED "$delay_single_quote_subst"`' +shrext_cmds='`$ECHO "$shrext_cmds" | $SED "$delay_single_quote_subst"`' +extract_expsyms_cmds='`$ECHO "$extract_expsyms_cmds" | $SED "$delay_single_quote_subst"`' +archive_cmds_need_lc='`$ECHO "$archive_cmds_need_lc" | $SED "$delay_single_quote_subst"`' +enable_shared_with_static_runtimes='`$ECHO "$enable_shared_with_static_runtimes" | $SED "$delay_single_quote_subst"`' +export_dynamic_flag_spec='`$ECHO "$export_dynamic_flag_spec" | $SED "$delay_single_quote_subst"`' +whole_archive_flag_spec='`$ECHO "$whole_archive_flag_spec" | $SED "$delay_single_quote_subst"`' +compiler_needs_object='`$ECHO "$compiler_needs_object" | $SED "$delay_single_quote_subst"`' +old_archive_from_new_cmds='`$ECHO "$old_archive_from_new_cmds" | $SED "$delay_single_quote_subst"`' +old_archive_from_expsyms_cmds='`$ECHO "$old_archive_from_expsyms_cmds" | $SED "$delay_single_quote_subst"`' +archive_cmds='`$ECHO "$archive_cmds" | $SED "$delay_single_quote_subst"`' +archive_expsym_cmds='`$ECHO "$archive_expsym_cmds" | $SED "$delay_single_quote_subst"`' +module_cmds='`$ECHO "$module_cmds" | $SED "$delay_single_quote_subst"`' +module_expsym_cmds='`$ECHO "$module_expsym_cmds" | $SED "$delay_single_quote_subst"`' +with_gnu_ld='`$ECHO "$with_gnu_ld" | $SED "$delay_single_quote_subst"`' +allow_undefined_flag='`$ECHO "$allow_undefined_flag" | $SED "$delay_single_quote_subst"`' +no_undefined_flag='`$ECHO "$no_undefined_flag" | $SED "$delay_single_quote_subst"`' +hardcode_libdir_flag_spec='`$ECHO "$hardcode_libdir_flag_spec" | $SED "$delay_single_quote_subst"`' +hardcode_libdir_flag_spec_ld='`$ECHO "$hardcode_libdir_flag_spec_ld" | $SED "$delay_single_quote_subst"`' +hardcode_libdir_separator='`$ECHO "$hardcode_libdir_separator" | $SED "$delay_single_quote_subst"`' +hardcode_direct='`$ECHO "$hardcode_direct" | $SED "$delay_single_quote_subst"`' +hardcode_direct_absolute='`$ECHO "$hardcode_direct_absolute" | $SED "$delay_single_quote_subst"`' +hardcode_minus_L='`$ECHO "$hardcode_minus_L" | $SED "$delay_single_quote_subst"`' +hardcode_shlibpath_var='`$ECHO "$hardcode_shlibpath_var" | $SED "$delay_single_quote_subst"`' +hardcode_automatic='`$ECHO "$hardcode_automatic" | $SED "$delay_single_quote_subst"`' +inherit_rpath='`$ECHO "$inherit_rpath" | $SED "$delay_single_quote_subst"`' +link_all_deplibs='`$ECHO "$link_all_deplibs" | $SED "$delay_single_quote_subst"`' +always_export_symbols='`$ECHO "$always_export_symbols" | $SED "$delay_single_quote_subst"`' +export_symbols_cmds='`$ECHO "$export_symbols_cmds" | $SED "$delay_single_quote_subst"`' +exclude_expsyms='`$ECHO "$exclude_expsyms" | $SED "$delay_single_quote_subst"`' +include_expsyms='`$ECHO "$include_expsyms" | $SED "$delay_single_quote_subst"`' +prelink_cmds='`$ECHO "$prelink_cmds" | $SED "$delay_single_quote_subst"`' +postlink_cmds='`$ECHO "$postlink_cmds" | $SED "$delay_single_quote_subst"`' +file_list_spec='`$ECHO "$file_list_spec" | $SED "$delay_single_quote_subst"`' +variables_saved_for_relink='`$ECHO "$variables_saved_for_relink" | $SED "$delay_single_quote_subst"`' +need_lib_prefix='`$ECHO "$need_lib_prefix" | $SED "$delay_single_quote_subst"`' +need_version='`$ECHO "$need_version" | $SED "$delay_single_quote_subst"`' +version_type='`$ECHO "$version_type" | $SED "$delay_single_quote_subst"`' +runpath_var='`$ECHO "$runpath_var" | $SED "$delay_single_quote_subst"`' +shlibpath_var='`$ECHO "$shlibpath_var" | $SED "$delay_single_quote_subst"`' +shlibpath_overrides_runpath='`$ECHO "$shlibpath_overrides_runpath" | $SED "$delay_single_quote_subst"`' +libname_spec='`$ECHO "$libname_spec" | $SED "$delay_single_quote_subst"`' +library_names_spec='`$ECHO "$library_names_spec" | $SED "$delay_single_quote_subst"`' +soname_spec='`$ECHO "$soname_spec" | $SED "$delay_single_quote_subst"`' +install_override_mode='`$ECHO "$install_override_mode" | $SED "$delay_single_quote_subst"`' +postinstall_cmds='`$ECHO "$postinstall_cmds" | $SED "$delay_single_quote_subst"`' +postuninstall_cmds='`$ECHO "$postuninstall_cmds" | $SED "$delay_single_quote_subst"`' +finish_cmds='`$ECHO "$finish_cmds" | $SED "$delay_single_quote_subst"`' +finish_eval='`$ECHO "$finish_eval" | $SED "$delay_single_quote_subst"`' +hardcode_into_libs='`$ECHO "$hardcode_into_libs" | $SED "$delay_single_quote_subst"`' +sys_lib_search_path_spec='`$ECHO "$sys_lib_search_path_spec" | $SED "$delay_single_quote_subst"`' +sys_lib_dlsearch_path_spec='`$ECHO "$sys_lib_dlsearch_path_spec" | $SED "$delay_single_quote_subst"`' +hardcode_action='`$ECHO "$hardcode_action" | $SED "$delay_single_quote_subst"`' +enable_dlopen='`$ECHO "$enable_dlopen" | $SED "$delay_single_quote_subst"`' +enable_dlopen_self='`$ECHO "$enable_dlopen_self" | $SED "$delay_single_quote_subst"`' +enable_dlopen_self_static='`$ECHO "$enable_dlopen_self_static" | $SED "$delay_single_quote_subst"`' +old_striplib='`$ECHO "$old_striplib" | $SED "$delay_single_quote_subst"`' +striplib='`$ECHO "$striplib" | $SED "$delay_single_quote_subst"`' + +LTCC='$LTCC' +LTCFLAGS='$LTCFLAGS' +compiler='$compiler_DEFAULT' + +# A function that is used when there is no print builtin or printf. +func_fallback_echo () +{ + eval 'cat <<_LTECHO_EOF +\$1 +_LTECHO_EOF' +} + +# Quote evaled strings. +for var in SHELL \ +ECHO \ +SED \ +GREP \ +EGREP \ +FGREP \ +LD \ +NM \ +LN_S \ +lt_SP2NL \ +lt_NL2SP \ +reload_flag \ +OBJDUMP \ +deplibs_check_method \ +file_magic_cmd \ +file_magic_glob \ +want_nocaseglob \ +DLLTOOL \ +sharedlib_from_linklib_cmd \ +AR \ +AR_FLAGS \ +archiver_list_spec \ +STRIP \ +RANLIB \ +CC \ +CFLAGS \ +compiler \ +lt_cv_sys_global_symbol_pipe \ +lt_cv_sys_global_symbol_to_cdecl \ +lt_cv_sys_global_symbol_to_c_name_address \ +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix \ +nm_file_list_spec \ +lt_prog_compiler_no_builtin_flag \ +lt_prog_compiler_pic \ +lt_prog_compiler_wl \ +lt_prog_compiler_static \ +lt_cv_prog_compiler_c_o \ +need_locks \ +MANIFEST_TOOL \ +DSYMUTIL \ +NMEDIT \ +LIPO \ +OTOOL \ +OTOOL64 \ +shrext_cmds \ +export_dynamic_flag_spec \ +whole_archive_flag_spec \ +compiler_needs_object \ +with_gnu_ld \ +allow_undefined_flag \ +no_undefined_flag \ +hardcode_libdir_flag_spec \ +hardcode_libdir_flag_spec_ld \ +hardcode_libdir_separator \ +exclude_expsyms \ +include_expsyms \ +file_list_spec \ +variables_saved_for_relink \ +libname_spec \ +library_names_spec \ +soname_spec \ +install_override_mode \ +finish_eval \ +old_striplib \ +striplib; do + case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in + *[\\\\\\\`\\"\\\$]*) + eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" + ;; + *) + eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" + ;; + esac +done + +# Double-quote double-evaled strings. +for var in reload_cmds \ +old_postinstall_cmds \ +old_postuninstall_cmds \ +old_archive_cmds \ +extract_expsyms_cmds \ +old_archive_from_new_cmds \ +old_archive_from_expsyms_cmds \ +archive_cmds \ +archive_expsym_cmds \ +module_cmds \ +module_expsym_cmds \ +export_symbols_cmds \ +prelink_cmds \ +postlink_cmds \ +postinstall_cmds \ +postuninstall_cmds \ +finish_cmds \ +sys_lib_search_path_spec \ +sys_lib_dlsearch_path_spec; do + case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in + *[\\\\\\\`\\"\\\$]*) + eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" + ;; + *) + eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" + ;; + esac +done + +ac_aux_dir='$ac_aux_dir' +xsi_shell='$xsi_shell' +lt_shell_append='$lt_shell_append' + +# See if we are running on zsh, and set the options which allow our +# commands through without removal of \ escapes INIT. +if test -n "\${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST +fi + + + PACKAGE='$PACKAGE' + VERSION='$VERSION' + TIMESTAMP='$TIMESTAMP' + RM='$RM' + ofile='$ofile' + + + + +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + +# Handling of arguments. +for ac_config_target in $ac_config_targets +do + case $ac_config_target in + "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; + "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;; + "libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;; + "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; + "src/Makefile") CONFIG_FILES="$CONFIG_FILES src/Makefile" ;; + + *) as_fn_error "invalid argument: \`$ac_config_target'" "$LINENO" 5;; + esac +done + + +# If the user did not use the arguments to specify the items to instantiate, +# then the envvar interface is used. Set only those that are not. +# We use the long form for the default assignment because of an extremely +# bizarre bug on SunOS 4.1.3. +if $ac_need_defaults; then + test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files + test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers + test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands +fi + +# Have a temporary directory for convenience. Make it in the build tree +# simply because there is no reason against having it here, and in addition, +# creating and moving files from /tmp can sometimes cause problems. +# Hook for its removal unless debugging. +# Note that there is a small window in which the directory will not be cleaned: +# after its creation but before its name has been assigned to `$tmp'. +$debug || +{ + tmp= + trap 'exit_status=$? + { test -z "$tmp" || test ! -d "$tmp" || rm -fr "$tmp"; } && exit $exit_status +' 0 + trap 'as_fn_exit 1' 1 2 13 15 +} +# Create a (secure) tmp directory for tmp files. + +{ + tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && + test -n "$tmp" && test -d "$tmp" +} || +{ + tmp=./conf$$-$RANDOM + (umask 077 && mkdir "$tmp") +} || as_fn_error "cannot create a temporary directory in ." "$LINENO" 5 + +# Set up the scripts for CONFIG_FILES section. +# No need to generate them if there are no CONFIG_FILES. +# This happens for instance with `./config.status config.h'. +if test -n "$CONFIG_FILES"; then + + +ac_cr=`echo X | tr X '\015'` +# On cygwin, bash can eat \r inside `` if the user requested igncr. +# But we know of no other shell where ac_cr would be empty at this +# point, so we can use a bashism as a fallback. +if test "x$ac_cr" = x; then + eval ac_cr=\$\'\\r\' +fi +ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` +if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then + ac_cs_awk_cr='\r' +else + ac_cs_awk_cr=$ac_cr +fi + +echo 'BEGIN {' >"$tmp/subs1.awk" && +_ACEOF + + +{ + echo "cat >conf$$subs.awk <<_ACEOF" && + echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && + echo "_ACEOF" +} >conf$$subs.sh || + as_fn_error "could not make $CONFIG_STATUS" "$LINENO" 5 +ac_delim_num=`echo "$ac_subst_vars" | grep -c '$'` +ac_delim='%!_!# ' +for ac_last_try in false false false false false :; do + . ./conf$$subs.sh || + as_fn_error "could not make $CONFIG_STATUS" "$LINENO" 5 + + ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` + if test $ac_delim_n = $ac_delim_num; then + break + elif $ac_last_try; then + as_fn_error "could not make $CONFIG_STATUS" "$LINENO" 5 + else + ac_delim="$ac_delim!$ac_delim _$ac_delim!! " + fi +done +rm -f conf$$subs.sh + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +cat >>"\$tmp/subs1.awk" <<\\_ACAWK && +_ACEOF +sed -n ' +h +s/^/S["/; s/!.*/"]=/ +p +g +s/^[^!]*!// +:repl +t repl +s/'"$ac_delim"'$// +t delim +:nl +h +s/\(.\{148\}\)..*/\1/ +t more1 +s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ +p +n +b repl +:more1 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t nl +:delim +h +s/\(.\{148\}\)..*/\1/ +t more2 +s/["\\]/\\&/g; s/^/"/; s/$/"/ +p +b +:more2 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t delim +' >$CONFIG_STATUS || ac_write_fail=1 +rm -f conf$$subs.awk +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACAWK +cat >>"\$tmp/subs1.awk" <<_ACAWK && + for (key in S) S_is_set[key] = 1 + FS = "" + +} +{ + line = $ 0 + nfields = split(line, field, "@") + substed = 0 + len = length(field[1]) + for (i = 2; i < nfields; i++) { + key = field[i] + keylen = length(key) + if (S_is_set[key]) { + value = S[key] + line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) + len += length(value) + length(field[++i]) + substed = 1 + } else + len += 1 + keylen + } + + print line +} + +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then + sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" +else + cat +fi < "$tmp/subs1.awk" > "$tmp/subs.awk" \ + || as_fn_error "could not setup config files machinery" "$LINENO" 5 +_ACEOF + +# VPATH may cause trouble with some makes, so we remove $(srcdir), +# ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and +# trailing colons and then remove the whole line if VPATH becomes empty +# (actually we leave an empty line to preserve line numbers). +if test "x$srcdir" = x.; then + ac_vpsub='/^[ ]*VPATH[ ]*=/{ +s/:*\$(srcdir):*/:/ +s/:*\${srcdir}:*/:/ +s/:*@srcdir@:*/:/ +s/^\([^=]*=[ ]*\):*/\1/ +s/:*$// +s/^[^=]*=[ ]*$// +}' +fi + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +fi # test -n "$CONFIG_FILES" + +# Set up the scripts for CONFIG_HEADERS section. +# No need to generate them if there are no CONFIG_HEADERS. +# This happens for instance with `./config.status Makefile'. +if test -n "$CONFIG_HEADERS"; then +cat >"$tmp/defines.awk" <<\_ACAWK || +BEGIN { +_ACEOF + +# Transform confdefs.h into an awk script `defines.awk', embedded as +# here-document in config.status, that substitutes the proper values into +# config.h.in to produce config.h. + +# Create a delimiter string that does not exist in confdefs.h, to ease +# handling of long lines. +ac_delim='%!_!# ' +for ac_last_try in false false :; do + ac_t=`sed -n "/$ac_delim/p" confdefs.h` + if test -z "$ac_t"; then + break + elif $ac_last_try; then + as_fn_error "could not make $CONFIG_HEADERS" "$LINENO" 5 + else + ac_delim="$ac_delim!$ac_delim _$ac_delim!! " + fi +done + +# For the awk script, D is an array of macro values keyed by name, +# likewise P contains macro parameters if any. Preserve backslash +# newline sequences. + +ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* +sed -n ' +s/.\{148\}/&'"$ac_delim"'/g +t rset +:rset +s/^[ ]*#[ ]*define[ ][ ]*/ / +t def +d +:def +s/\\$// +t bsnl +s/["\\]/\\&/g +s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ +D["\1"]=" \3"/p +s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p +d +:bsnl +s/["\\]/\\&/g +s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ +D["\1"]=" \3\\\\\\n"\\/p +t cont +s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p +t cont +d +:cont +n +s/.\{148\}/&'"$ac_delim"'/g +t clear +:clear +s/\\$// +t bsnlc +s/["\\]/\\&/g; s/^/"/; s/$/"/p +d +:bsnlc +s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p +b cont +' >$CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + for (key in D) D_is_set[key] = 1 + FS = "" +} +/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { + line = \$ 0 + split(line, arg, " ") + if (arg[1] == "#") { + defundef = arg[2] + mac1 = arg[3] + } else { + defundef = substr(arg[1], 2) + mac1 = arg[2] + } + split(mac1, mac2, "(") #) + macro = mac2[1] + prefix = substr(line, 1, index(line, defundef) - 1) + if (D_is_set[macro]) { + # Preserve the white space surrounding the "#". + print prefix "define", macro P[macro] D[macro] + next + } else { + # Replace #undef with comments. This is necessary, for example, + # in the case of _POSIX_SOURCE, which is predefined and required + # on some systems where configure will not decide to define it. + if (defundef == "undef") { + print "/*", prefix defundef, macro, "*/" + next + } + } +} +{ print } +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + as_fn_error "could not setup config headers machinery" "$LINENO" 5 +fi # test -n "$CONFIG_HEADERS" + + +eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS" +shift +for ac_tag +do + case $ac_tag in + :[FHLC]) ac_mode=$ac_tag; continue;; + esac + case $ac_mode$ac_tag in + :[FHL]*:*);; + :L* | :C*:*) as_fn_error "invalid tag \`$ac_tag'" "$LINENO" 5;; + :[FH]-) ac_tag=-:-;; + :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; + esac + ac_save_IFS=$IFS + IFS=: + set x $ac_tag + IFS=$ac_save_IFS + shift + ac_file=$1 + shift + + case $ac_mode in + :L) ac_source=$1;; + :[FH]) + ac_file_inputs= + for ac_f + do + case $ac_f in + -) ac_f="$tmp/stdin";; + *) # Look for the file first in the build tree, then in the source tree + # (if the path is not absolute). The absolute path cannot be DOS-style, + # because $ac_f cannot contain `:'. + test -f "$ac_f" || + case $ac_f in + [\\/$]*) false;; + *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; + esac || + as_fn_error "cannot find input file: \`$ac_f'" "$LINENO" 5;; + esac + case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac + as_fn_append ac_file_inputs " '$ac_f'" + done + + # Let's still pretend it is `configure' which instantiates (i.e., don't + # use $as_me), people would be surprised to read: + # /* config.h. Generated by config.status. */ + configure_input='Generated from '` + $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' + `' by configure.' + if test x"$ac_file" != x-; then + configure_input="$ac_file. $configure_input" + { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 +$as_echo "$as_me: creating $ac_file" >&6;} + fi + # Neutralize special characters interpreted by sed in replacement strings. + case $configure_input in #( + *\&* | *\|* | *\\* ) + ac_sed_conf_input=`$as_echo "$configure_input" | + sed 's/[\\\\&|]/\\\\&/g'`;; #( + *) ac_sed_conf_input=$configure_input;; + esac + + case $ac_tag in + *:-:* | *:-) cat >"$tmp/stdin" \ + || as_fn_error "could not create $ac_file" "$LINENO" 5 ;; + esac + ;; + esac + + ac_dir=`$as_dirname -- "$ac_file" || +$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$ac_file" : 'X\(//\)[^/]' \| \ + X"$ac_file" : 'X\(//\)$' \| \ + X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$ac_file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + as_dir="$ac_dir"; as_fn_mkdir_p + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + + case $ac_mode in + :F) + # + # CONFIG_FILE + # + + case $INSTALL in + [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; + *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; + esac + ac_MKDIR_P=$MKDIR_P + case $MKDIR_P in + [\\/$]* | ?:[\\/]* ) ;; + */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;; + esac +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# If the template does not know about datarootdir, expand it. +# FIXME: This hack should be removed a few years after 2.60. +ac_datarootdir_hack=; ac_datarootdir_seen= +ac_sed_dataroot=' +/datarootdir/ { + p + q +} +/@datadir@/p +/@docdir@/p +/@infodir@/p +/@localedir@/p +/@mandir@/p' +case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in +*datarootdir*) ac_datarootdir_seen=yes;; +*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 +$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + ac_datarootdir_hack=' + s&@datadir@&$datadir&g + s&@docdir@&$docdir&g + s&@infodir@&$infodir&g + s&@localedir@&$localedir&g + s&@mandir@&$mandir&g + s&\\\${datarootdir}&$datarootdir&g' ;; +esac +_ACEOF + +# Neutralize VPATH when `$srcdir' = `.'. +# Shell code in configure.ac might set extrasub. +# FIXME: do we really want to maintain this feature? +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_sed_extra="$ac_vpsub +$extrasub +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +:t +/@[a-zA-Z_][a-zA-Z_0-9]*@/!b +s|@configure_input@|$ac_sed_conf_input|;t t +s&@top_builddir@&$ac_top_builddir_sub&;t t +s&@top_build_prefix@&$ac_top_build_prefix&;t t +s&@srcdir@&$ac_srcdir&;t t +s&@abs_srcdir@&$ac_abs_srcdir&;t t +s&@top_srcdir@&$ac_top_srcdir&;t t +s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t +s&@builddir@&$ac_builddir&;t t +s&@abs_builddir@&$ac_abs_builddir&;t t +s&@abs_top_builddir@&$ac_abs_top_builddir&;t t +s&@INSTALL@&$ac_INSTALL&;t t +s&@MKDIR_P@&$ac_MKDIR_P&;t t +$ac_datarootdir_hack +" +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$tmp/subs.awk" >$tmp/out \ + || as_fn_error "could not create $ac_file" "$LINENO" 5 + +test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && + { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } && + { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } && + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined." >&5 +$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined." >&2;} + + rm -f "$tmp/stdin" + case $ac_file in + -) cat "$tmp/out" && rm -f "$tmp/out";; + *) rm -f "$ac_file" && mv "$tmp/out" "$ac_file";; + esac \ + || as_fn_error "could not create $ac_file" "$LINENO" 5 + ;; + :H) + # + # CONFIG_HEADER + # + if test x"$ac_file" != x-; then + { + $as_echo "/* $configure_input */" \ + && eval '$AWK -f "$tmp/defines.awk"' "$ac_file_inputs" + } >"$tmp/config.h" \ + || as_fn_error "could not create $ac_file" "$LINENO" 5 + if diff "$ac_file" "$tmp/config.h" >/dev/null 2>&1; then + { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 +$as_echo "$as_me: $ac_file is unchanged" >&6;} + else + rm -f "$ac_file" + mv "$tmp/config.h" "$ac_file" \ + || as_fn_error "could not create $ac_file" "$LINENO" 5 + fi + else + $as_echo "/* $configure_input */" \ + && eval '$AWK -f "$tmp/defines.awk"' "$ac_file_inputs" \ + || as_fn_error "could not create -" "$LINENO" 5 + fi +# Compute "$ac_file"'s index in $config_headers. +_am_arg="$ac_file" +_am_stamp_count=1 +for _am_header in $config_headers :; do + case $_am_header in + $_am_arg | $_am_arg:* ) + break ;; + * ) + _am_stamp_count=`expr $_am_stamp_count + 1` ;; + esac +done +echo "timestamp for $_am_arg" >`$as_dirname -- "$_am_arg" || +$as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$_am_arg" : 'X\(//\)[^/]' \| \ + X"$_am_arg" : 'X\(//\)$' \| \ + X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$_am_arg" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'`/stamp-h$_am_stamp_count + ;; + + :C) { $as_echo "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5 +$as_echo "$as_me: executing $ac_file commands" >&6;} + ;; + esac + + + case $ac_file$ac_mode in + "depfiles":C) test x"$AMDEP_TRUE" != x"" || { + # Autoconf 2.62 quotes --file arguments for eval, but not when files + # are listed without --file. Let's play safe and only enable the eval + # if we detect the quoting. + case $CONFIG_FILES in + *\'*) eval set x "$CONFIG_FILES" ;; + *) set x $CONFIG_FILES ;; + esac + shift + for mf + do + # Strip MF so we end up with the name of the file. + mf=`echo "$mf" | sed -e 's/:.*$//'` + # Check whether this is an Automake generated Makefile or not. + # We used to match only the files named `Makefile.in', but + # some people rename them; so instead we look at the file content. + # Grep'ing the first line is not enough: some people post-process + # each Makefile.in and add a new line on top of each file to say so. + # Grep'ing the whole file is not good either: AIX grep has a line + # limit of 2048, but all sed's we know have understand at least 4000. + if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then + dirpart=`$as_dirname -- "$mf" || +$as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$mf" : 'X\(//\)[^/]' \| \ + X"$mf" : 'X\(//\)$' \| \ + X"$mf" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$mf" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + else + continue + fi + # Extract the definition of DEPDIR, am__include, and am__quote + # from the Makefile without running `make'. + DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` + test -z "$DEPDIR" && continue + am__include=`sed -n 's/^am__include = //p' < "$mf"` + test -z "am__include" && continue + am__quote=`sed -n 's/^am__quote = //p' < "$mf"` + # When using ansi2knr, U may be empty or an underscore; expand it + U=`sed -n 's/^U = //p' < "$mf"` + # Find all dependency output files, they are included files with + # $(DEPDIR) in their names. We invoke sed twice because it is the + # simplest approach to changing $(DEPDIR) to its actual value in the + # expansion. + for file in `sed -n " + s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ + sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do + # Make sure the directory exists. + test -f "$dirpart/$file" && continue + fdir=`$as_dirname -- "$file" || +$as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$file" : 'X\(//\)[^/]' \| \ + X"$file" : 'X\(//\)$' \| \ + X"$file" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + as_dir=$dirpart/$fdir; as_fn_mkdir_p + # echo "creating $dirpart/$file" + echo '# dummy' > "$dirpart/$file" + done + done +} + ;; + "libtool":C) + + # See if we are running on zsh, and set the options which allow our + # commands through without removal of \ escapes. + if test -n "${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST + fi + + cfgfile="${ofile}T" + trap "$RM \"$cfgfile\"; exit 1" 1 2 15 + $RM "$cfgfile" + + cat <<_LT_EOF >> "$cfgfile" +#! $SHELL + +# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services. +# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION +# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: +# NOTE: Changes made to this file will be lost: look at ltmain.sh. +# +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, +# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, +# Inc. +# Written by Gordon Matzigkeit, 1996 +# +# This file is part of GNU Libtool. +# +# GNU Libtool is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of +# the License, or (at your option) any later version. +# +# As a special exception to the GNU General Public License, +# if you distribute this file as part of a program or library that +# is built using GNU Libtool, you may include this file under the +# same distribution terms that you use for the rest of that program. +# +# GNU Libtool is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GNU Libtool; see the file COPYING. If not, a copy +# can be downloaded from http://www.gnu.org/licenses/gpl.html, or +# obtained by writing to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + + +# The names of the tagged configurations supported by this script. +available_tags="" + +# ### BEGIN LIBTOOL CONFIG + +# Which release of libtool.m4 was used? +macro_version=$macro_version +macro_revision=$macro_revision + +# Whether or not to build shared libraries. +build_libtool_libs=$enable_shared + +# Whether or not to build static libraries. +build_old_libs=$enable_static + +# What type of objects to build. +pic_mode=$pic_mode + +# Whether or not to optimize for fast installation. +fast_install=$enable_fast_install + +# Shell to use when invoking shell scripts. +SHELL=$lt_SHELL + +# An echo program that protects backslashes. +ECHO=$lt_ECHO + +# The host system. +host_alias=$host_alias +host=$host +host_os=$host_os + +# The build system. +build_alias=$build_alias +build=$build +build_os=$build_os + +# A sed program that does not truncate output. +SED=$lt_SED + +# Sed that helps us avoid accidentally triggering echo(1) options like -n. +Xsed="\$SED -e 1s/^X//" + +# A grep program that handles long lines. +GREP=$lt_GREP + +# An ERE matcher. +EGREP=$lt_EGREP + +# A literal string matcher. +FGREP=$lt_FGREP + +# A BSD- or MS-compatible name lister. +NM=$lt_NM + +# Whether we need soft or hard links. +LN_S=$lt_LN_S + +# What is the maximum length of a command? +max_cmd_len=$max_cmd_len + +# Object file suffix (normally "o"). +objext=$ac_objext + +# Executable file suffix (normally ""). +exeext=$exeext + +# whether the shell understands "unset". +lt_unset=$lt_unset + +# turn spaces into newlines. +SP2NL=$lt_lt_SP2NL + +# turn newlines into spaces. +NL2SP=$lt_lt_NL2SP + +# convert \$build file names to \$host format. +to_host_file_cmd=$lt_cv_to_host_file_cmd + +# convert \$build files to toolchain format. +to_tool_file_cmd=$lt_cv_to_tool_file_cmd + +# An object symbol dumper. +OBJDUMP=$lt_OBJDUMP + +# Method to check whether dependent libraries are shared objects. +deplibs_check_method=$lt_deplibs_check_method + +# Command to use when deplibs_check_method = "file_magic". +file_magic_cmd=$lt_file_magic_cmd + +# How to find potential files when deplibs_check_method = "file_magic". +file_magic_glob=$lt_file_magic_glob + +# Find potential files using nocaseglob when deplibs_check_method = "file_magic". +want_nocaseglob=$lt_want_nocaseglob + +# DLL creation program. +DLLTOOL=$lt_DLLTOOL + +# Command to associate shared and link libraries. +sharedlib_from_linklib_cmd=$lt_sharedlib_from_linklib_cmd + +# The archiver. +AR=$lt_AR + +# Flags to create an archive. +AR_FLAGS=$lt_AR_FLAGS + +# How to feed a file listing to the archiver. +archiver_list_spec=$lt_archiver_list_spec + +# A symbol stripping program. +STRIP=$lt_STRIP + +# Commands used to install an old-style archive. +RANLIB=$lt_RANLIB +old_postinstall_cmds=$lt_old_postinstall_cmds +old_postuninstall_cmds=$lt_old_postuninstall_cmds + +# Whether to use a lock for old archive extraction. +lock_old_archive_extraction=$lock_old_archive_extraction + +# A C compiler. +LTCC=$lt_CC + +# LTCC compiler flags. +LTCFLAGS=$lt_CFLAGS + +# Take the output of nm and produce a listing of raw symbols and C names. +global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe + +# Transform the output of nm in a proper C declaration. +global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl + +# Transform the output of nm in a C name address pair. +global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address + +# Transform the output of nm in a C name address pair when lib prefix is needed. +global_symbol_to_c_name_address_lib_prefix=$lt_lt_cv_sys_global_symbol_to_c_name_address_lib_prefix + +# Specify filename containing input files for \$NM. +nm_file_list_spec=$lt_nm_file_list_spec + +# The root where to search for dependent libraries,and in which our libraries should be installed. +lt_sysroot=$lt_sysroot + +# The name of the directory that contains temporary libtool files. +objdir=$objdir + +# Used to examine libraries when file_magic_cmd begins with "file". +MAGIC_CMD=$MAGIC_CMD + +# Must we lock files when doing compilation? +need_locks=$lt_need_locks + +# Manifest tool. +MANIFEST_TOOL=$lt_MANIFEST_TOOL + +# Tool to manipulate archived DWARF debug symbol files on Mac OS X. +DSYMUTIL=$lt_DSYMUTIL + +# Tool to change global to local symbols on Mac OS X. +NMEDIT=$lt_NMEDIT + +# Tool to manipulate fat objects and archives on Mac OS X. +LIPO=$lt_LIPO + +# ldd/readelf like tool for Mach-O binaries on Mac OS X. +OTOOL=$lt_OTOOL + +# ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4. +OTOOL64=$lt_OTOOL64 + +# Old archive suffix (normally "a"). +libext=$libext + +# Shared library suffix (normally ".so"). +shrext_cmds=$lt_shrext_cmds + +# The commands to extract the exported symbol list from a shared archive. +extract_expsyms_cmds=$lt_extract_expsyms_cmds + +# Variables whose values should be saved in libtool wrapper scripts and +# restored at link time. +variables_saved_for_relink=$lt_variables_saved_for_relink + +# Do we need the "lib" prefix for modules? +need_lib_prefix=$need_lib_prefix + +# Do we need a version for libraries? +need_version=$need_version + +# Library versioning type. +version_type=$version_type + +# Shared library runtime path variable. +runpath_var=$runpath_var + +# Shared library path variable. +shlibpath_var=$shlibpath_var + +# Is shlibpath searched before the hard-coded library search path? +shlibpath_overrides_runpath=$shlibpath_overrides_runpath + +# Format of library name prefix. +libname_spec=$lt_libname_spec + +# List of archive names. First name is the real one, the rest are links. +# The last name is the one that the linker finds with -lNAME +library_names_spec=$lt_library_names_spec + +# The coded name of the library, if different from the real name. +soname_spec=$lt_soname_spec + +# Permission mode override for installation of shared libraries. +install_override_mode=$lt_install_override_mode + +# Command to use after installation of a shared archive. +postinstall_cmds=$lt_postinstall_cmds + +# Command to use after uninstallation of a shared archive. +postuninstall_cmds=$lt_postuninstall_cmds + +# Commands used to finish a libtool library installation in a directory. +finish_cmds=$lt_finish_cmds + +# As "finish_cmds", except a single script fragment to be evaled but +# not shown. +finish_eval=$lt_finish_eval + +# Whether we should hardcode library paths into libraries. +hardcode_into_libs=$hardcode_into_libs + +# Compile-time system search path for libraries. +sys_lib_search_path_spec=$lt_sys_lib_search_path_spec + +# Run-time system search path for libraries. +sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec + +# Whether dlopen is supported. +dlopen_support=$enable_dlopen + +# Whether dlopen of programs is supported. +dlopen_self=$enable_dlopen_self + +# Whether dlopen of statically linked programs is supported. +dlopen_self_static=$enable_dlopen_self_static + +# Commands to strip libraries. +old_striplib=$lt_old_striplib +striplib=$lt_striplib + + +# The linker used to build libraries. +LD=$lt_LD + +# How to create reloadable object files. +reload_flag=$lt_reload_flag +reload_cmds=$lt_reload_cmds + +# Commands used to build an old-style archive. +old_archive_cmds=$lt_old_archive_cmds + +# A language specific compiler. +CC=$lt_compiler + +# Is the compiler the GNU compiler? +with_gcc=$GCC + +# Compiler flag to turn off builtin functions. +no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag + +# Additional compiler flags for building library objects. +pic_flag=$lt_lt_prog_compiler_pic + +# How to pass a linker flag through the compiler. +wl=$lt_lt_prog_compiler_wl + +# Compiler flag to prevent dynamic linking. +link_static_flag=$lt_lt_prog_compiler_static + +# Does compiler simultaneously support -c and -o options? +compiler_c_o=$lt_lt_cv_prog_compiler_c_o + +# Whether or not to add -lc for building shared libraries. +build_libtool_need_lc=$archive_cmds_need_lc + +# Whether or not to disallow shared libs when runtime libs are static. +allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes + +# Compiler flag to allow reflexive dlopens. +export_dynamic_flag_spec=$lt_export_dynamic_flag_spec + +# Compiler flag to generate shared objects directly from archives. +whole_archive_flag_spec=$lt_whole_archive_flag_spec + +# Whether the compiler copes with passing no objects directly. +compiler_needs_object=$lt_compiler_needs_object + +# Create an old-style archive from a shared archive. +old_archive_from_new_cmds=$lt_old_archive_from_new_cmds + +# Create a temporary old-style archive to link instead of a shared archive. +old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds + +# Commands used to build a shared archive. +archive_cmds=$lt_archive_cmds +archive_expsym_cmds=$lt_archive_expsym_cmds + +# Commands used to build a loadable module if different from building +# a shared archive. +module_cmds=$lt_module_cmds +module_expsym_cmds=$lt_module_expsym_cmds + +# Whether we are building with GNU ld or not. +with_gnu_ld=$lt_with_gnu_ld + +# Flag that allows shared libraries with undefined symbols to be built. +allow_undefined_flag=$lt_allow_undefined_flag + +# Flag that enforces no undefined symbols. +no_undefined_flag=$lt_no_undefined_flag + +# Flag to hardcode \$libdir into a binary during linking. +# This must work even if \$libdir does not exist +hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec + +# If ld is used when linking, flag to hardcode \$libdir into a binary +# during linking. This must work even if \$libdir does not exist. +hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld + +# Whether we need a single "-rpath" flag with a separated argument. +hardcode_libdir_separator=$lt_hardcode_libdir_separator + +# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes +# DIR into the resulting binary. +hardcode_direct=$hardcode_direct + +# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes +# DIR into the resulting binary and the resulting library dependency is +# "absolute",i.e impossible to change by setting \${shlibpath_var} if the +# library is relocated. +hardcode_direct_absolute=$hardcode_direct_absolute + +# Set to "yes" if using the -LDIR flag during linking hardcodes DIR +# into the resulting binary. +hardcode_minus_L=$hardcode_minus_L + +# Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR +# into the resulting binary. +hardcode_shlibpath_var=$hardcode_shlibpath_var + +# Set to "yes" if building a shared library automatically hardcodes DIR +# into the library and all subsequent libraries and executables linked +# against it. +hardcode_automatic=$hardcode_automatic + +# Set to yes if linker adds runtime paths of dependent libraries +# to runtime path list. +inherit_rpath=$inherit_rpath + +# Whether libtool must link a program against all its dependency libraries. +link_all_deplibs=$link_all_deplibs + +# Set to "yes" if exported symbols are required. +always_export_symbols=$always_export_symbols + +# The commands to list exported symbols. +export_symbols_cmds=$lt_export_symbols_cmds + +# Symbols that should not be listed in the preloaded symbols. +exclude_expsyms=$lt_exclude_expsyms + +# Symbols that must always be exported. +include_expsyms=$lt_include_expsyms + +# Commands necessary for linking programs (against libraries) with templates. +prelink_cmds=$lt_prelink_cmds + +# Commands necessary for finishing linking programs. +postlink_cmds=$lt_postlink_cmds + +# Specify filename containing input files. +file_list_spec=$lt_file_list_spec + +# How to hardcode a shared library path into an executable. +hardcode_action=$hardcode_action + +# ### END LIBTOOL CONFIG + +_LT_EOF + + case $host_os in + aix3*) + cat <<\_LT_EOF >> "$cfgfile" +# AIX sometimes has problems with the GCC collect2 program. For some +# reason, if we set the COLLECT_NAMES environment variable, the problems +# vanish in a puff of smoke. +if test "X${COLLECT_NAMES+set}" != Xset; then + COLLECT_NAMES= + export COLLECT_NAMES +fi +_LT_EOF + ;; + esac + + +ltmain="$ac_aux_dir/ltmain.sh" + + + # We use sed instead of cat because bash on DJGPP gets confused if + # if finds mixed CR/LF and LF-only lines. Since sed operates in + # text mode, it properly converts lines to CR/LF. This bash problem + # is reportedly fixed, but why not run on old versions too? + sed '$q' "$ltmain" >> "$cfgfile" \ + || (rm -f "$cfgfile"; exit 1) + + if test x"$xsi_shell" = xyes; then + sed -e '/^func_dirname ()$/,/^} # func_dirname /c\ +func_dirname ()\ +{\ +\ case ${1} in\ +\ */*) func_dirname_result="${1%/*}${2}" ;;\ +\ * ) func_dirname_result="${3}" ;;\ +\ esac\ +} # Extended-shell func_dirname implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_basename ()$/,/^} # func_basename /c\ +func_basename ()\ +{\ +\ func_basename_result="${1##*/}"\ +} # Extended-shell func_basename implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_dirname_and_basename ()$/,/^} # func_dirname_and_basename /c\ +func_dirname_and_basename ()\ +{\ +\ case ${1} in\ +\ */*) func_dirname_result="${1%/*}${2}" ;;\ +\ * ) func_dirname_result="${3}" ;;\ +\ esac\ +\ func_basename_result="${1##*/}"\ +} # Extended-shell func_dirname_and_basename implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_stripname ()$/,/^} # func_stripname /c\ +func_stripname ()\ +{\ +\ # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are\ +\ # positional parameters, so assign one to ordinary parameter first.\ +\ func_stripname_result=${3}\ +\ func_stripname_result=${func_stripname_result#"${1}"}\ +\ func_stripname_result=${func_stripname_result%"${2}"}\ +} # Extended-shell func_stripname implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_split_long_opt ()$/,/^} # func_split_long_opt /c\ +func_split_long_opt ()\ +{\ +\ func_split_long_opt_name=${1%%=*}\ +\ func_split_long_opt_arg=${1#*=}\ +} # Extended-shell func_split_long_opt implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_split_short_opt ()$/,/^} # func_split_short_opt /c\ +func_split_short_opt ()\ +{\ +\ func_split_short_opt_arg=${1#??}\ +\ func_split_short_opt_name=${1%"$func_split_short_opt_arg"}\ +} # Extended-shell func_split_short_opt implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_lo2o ()$/,/^} # func_lo2o /c\ +func_lo2o ()\ +{\ +\ case ${1} in\ +\ *.lo) func_lo2o_result=${1%.lo}.${objext} ;;\ +\ *) func_lo2o_result=${1} ;;\ +\ esac\ +} # Extended-shell func_lo2o implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_xform ()$/,/^} # func_xform /c\ +func_xform ()\ +{\ + func_xform_result=${1%.*}.lo\ +} # Extended-shell func_xform implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_arith ()$/,/^} # func_arith /c\ +func_arith ()\ +{\ + func_arith_result=$(( $* ))\ +} # Extended-shell func_arith implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_len ()$/,/^} # func_len /c\ +func_len ()\ +{\ + func_len_result=${#1}\ +} # Extended-shell func_len implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + +fi + +if test x"$lt_shell_append" = xyes; then + sed -e '/^func_append ()$/,/^} # func_append /c\ +func_append ()\ +{\ + eval "${1}+=\\${2}"\ +} # Extended-shell func_append implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_append_quoted ()$/,/^} # func_append_quoted /c\ +func_append_quoted ()\ +{\ +\ func_quote_for_eval "${2}"\ +\ eval "${1}+=\\\\ \\$func_quote_for_eval_result"\ +} # Extended-shell func_append_quoted implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + # Save a `func_append' function call where possible by direct use of '+=' + sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +else + # Save a `func_append' function call even when '+=' is not available + sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +fi + +if test x"$_lt_function_replace_fail" = x":"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Unable to substitute extended shell functions in $ofile" >&5 +$as_echo "$as_me: WARNING: Unable to substitute extended shell functions in $ofile" >&2;} +fi + + + mv -f "$cfgfile" "$ofile" || + (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") + chmod +x "$ofile" + + ;; + + esac +done # for ac_tag + + +as_fn_exit 0 +_ACEOF +ac_clean_files=$ac_clean_files_save + +test $ac_write_fail = 0 || + as_fn_error "write failure creating $CONFIG_STATUS" "$LINENO" 5 + + +# configure is writing to config.log, and then calls config.status. +# config.status does its own redirection, appending to config.log. +# Unfortunately, on DOS this fails, as config.log is still kept open +# by configure, so config.status won't be able to write to it; its +# output is simply discarded. So we exec the FD to /dev/null, +# effectively closing config.log, so it can be properly (re)opened and +# appended to by config.status. When coming back to configure, we +# need to make the FD available again. +if test "$no_create" != yes; then + ac_cs_success=: + ac_config_status_args= + test "$silent" = yes && + ac_config_status_args="$ac_config_status_args --quiet" + exec 5>/dev/null + $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false + exec 5>>config.log + # Use ||, not &&, to avoid exiting from the if with $? = 1, which + # would make configure fail if this is the last instruction. + $ac_cs_success || as_fn_exit $? +fi +if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 +$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} +fi + diff --git a/lib/libedit/configure.ac b/lib/libedit/configure.ac new file mode 100644 index 000000000000..08591bab1398 --- /dev/null +++ b/lib/libedit/configure.ac @@ -0,0 +1,92 @@ +# -*- Autoconf -*- +# Process this file with autoconf to produce a configure script. +# +# Compile with debug symbols: +# CFLAGS="-ggdb -pedandic -O0" ./configure +# CFLAGS="-ggdb -Wall -Wextra -pedantic -O0" ./configure +# +# Verbose output can be enabled with +# "./configure --disable-silent-rules" or "make V=1" +# + +AC_PREREQ(2.61) +AC_INIT(libedit, [EL_RELEASE],, libedit-[EL_TIMESTAMP]) +AC_CONFIG_SRCDIR([src/strlcat.c]) +AC_CONFIG_HEADER([config.h]) + +# features of Posix that are extensions to C (define _GNU_SOURCE) +AC_USE_SYSTEM_EXTENSIONS + +AM_INIT_AUTOMAKE +AC_PROG_LIBTOOL + +# libtool -version-info +AC_SUBST(LT_VERSION, [0:36:0]) + +m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) + +# Checks for programs. +AC_PROG_CC_C99 +#AC_PROG_CC +AC_PROG_LN_S +AC_PROG_AWK +EL_MANTYPE + + +AC_CHECK_LIB(curses, tgetent,, + [AC_CHECK_LIB(ncurses, tgetent,, + [AC_MSG_ERROR([libcurses or libncurses are required!])] )] ) + + +### use option --enable-widec to turn on use of wide-character support +EL_ENABLE_WIDEC + +# Checks for header files. +AC_FUNC_ALLOCA +AC_HEADER_DIRENT +AC_HEADER_STDC +AC_HEADER_SYS_WAIT +AC_CHECK_HEADERS([fcntl.h limits.h malloc.h stdlib.h string.h sys/ioctl.h sys/param.h unistd.h curses.h ncurses.h sys/cdefs.h]) + +AC_CHECK_HEADER([termios.h], [], [AC_MSG_ERROR([termios.h is required!])],[]) + +## include curses.h to prevent "Present But Cannot Be Compiled" +AC_CHECK_HEADERS([term.h],,, +[[#if HAVE_CURSES_H +# include +#elif HAVE_NCURSES_H +# include +#endif +]]) + +# Checks for typedefs, structures, and compiler characteristics. +AC_C_CONST +AC_TYPE_PID_T +AC_TYPE_SIZE_T +AC_CHECK_TYPES([u_int32_t]) + +# Checks for library functions. +AC_FUNC_CLOSEDIR_VOID +AC_FUNC_FORK +AC_PROG_GCC_TRADITIONAL +## _AIX is offended by rpl_malloc and rpl_realloc +#AC_FUNC_MALLOC +#AC_FUNC_REALLOC +AC_TYPE_SIGNAL +AC_FUNC_STAT +AC_CHECK_FUNCS([endpwent isascii memchr memset re_comp regcomp strcasecmp strchr strcspn strdup strerror strrchr strstr strtol issetugid wcsdup]) +EL_GETPW_R_POSIX +EL_GETPW_R_DRAFT + + +AH_BOTTOM([ +#include "sys.h" +#define SCCSID +#undef LIBC_SCCS +#define lint +]) + +AC_CONFIG_FILES([Makefile + src/Makefile +]) +AC_OUTPUT diff --git a/lib/libedit/depcomp b/lib/libedit/depcomp new file mode 100755 index 000000000000..df8eea7e4ce8 --- /dev/null +++ b/lib/libedit/depcomp @@ -0,0 +1,630 @@ +#! /bin/sh +# depcomp - compile a program generating dependencies as side-effects + +scriptversion=2009-04-28.21; # UTC + +# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007, 2009 Free +# Software Foundation, Inc. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# Originally written by Alexandre Oliva . + +case $1 in + '') + echo "$0: No command. Try \`$0 --help' for more information." 1>&2 + exit 1; + ;; + -h | --h*) + cat <<\EOF +Usage: depcomp [--help] [--version] PROGRAM [ARGS] + +Run PROGRAMS ARGS to compile a file, generating dependencies +as side-effects. + +Environment variables: + depmode Dependency tracking mode. + source Source file read by `PROGRAMS ARGS'. + object Object file output by `PROGRAMS ARGS'. + DEPDIR directory where to store dependencies. + depfile Dependency file to output. + tmpdepfile Temporary file to use when outputing dependencies. + libtool Whether libtool is used (yes/no). + +Report bugs to . +EOF + exit $? + ;; + -v | --v*) + echo "depcomp $scriptversion" + exit $? + ;; +esac + +if test -z "$depmode" || test -z "$source" || test -z "$object"; then + echo "depcomp: Variables source, object and depmode must be set" 1>&2 + exit 1 +fi + +# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po. +depfile=${depfile-`echo "$object" | + sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`} +tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`} + +rm -f "$tmpdepfile" + +# Some modes work just like other modes, but use different flags. We +# parameterize here, but still list the modes in the big case below, +# to make depend.m4 easier to write. Note that we *cannot* use a case +# here, because this file can only contain one case statement. +if test "$depmode" = hp; then + # HP compiler uses -M and no extra arg. + gccflag=-M + depmode=gcc +fi + +if test "$depmode" = dashXmstdout; then + # This is just like dashmstdout with a different argument. + dashmflag=-xM + depmode=dashmstdout +fi + +cygpath_u="cygpath -u -f -" +if test "$depmode" = msvcmsys; then + # This is just like msvisualcpp but w/o cygpath translation. + # Just convert the backslash-escaped backslashes to single forward + # slashes to satisfy depend.m4 + cygpath_u="sed s,\\\\\\\\,/,g" + depmode=msvisualcpp +fi + +case "$depmode" in +gcc3) +## gcc 3 implements dependency tracking that does exactly what +## we want. Yay! Note: for some reason libtool 1.4 doesn't like +## it if -MD -MP comes after the -MF stuff. Hmm. +## Unfortunately, FreeBSD c89 acceptance of flags depends upon +## the command line argument order; so add the flags where they +## appear in depend2.am. Note that the slowdown incurred here +## affects only configure: in makefiles, %FASTDEP% shortcuts this. + for arg + do + case $arg in + -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;; + *) set fnord "$@" "$arg" ;; + esac + shift # fnord + shift # $arg + done + "$@" + stat=$? + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile" + exit $stat + fi + mv "$tmpdepfile" "$depfile" + ;; + +gcc) +## There are various ways to get dependency output from gcc. Here's +## why we pick this rather obscure method: +## - Don't want to use -MD because we'd like the dependencies to end +## up in a subdir. Having to rename by hand is ugly. +## (We might end up doing this anyway to support other compilers.) +## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like +## -MM, not -M (despite what the docs say). +## - Using -M directly means running the compiler twice (even worse +## than renaming). + if test -z "$gccflag"; then + gccflag=-MD, + fi + "$@" -Wp,"$gccflag$tmpdepfile" + stat=$? + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + echo "$object : \\" > "$depfile" + alpha=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz +## The second -e expression handles DOS-style file names with drive letters. + sed -e 's/^[^:]*: / /' \ + -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile" +## This next piece of magic avoids the `deleted header file' problem. +## The problem is that when a header file which appears in a .P file +## is deleted, the dependency causes make to die (because there is +## typically no way to rebuild the header). We avoid this by adding +## dummy dependencies for each header file. Too bad gcc doesn't do +## this for us directly. + tr ' ' ' +' < "$tmpdepfile" | +## Some versions of gcc put a space before the `:'. On the theory +## that the space means something, we add a space to the output as +## well. +## Some versions of the HPUX 10.20 sed can't process this invocation +## correctly. Breaking it into two sed invocations is a workaround. + sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +hp) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + +sgi) + if test "$libtool" = yes; then + "$@" "-Wp,-MDupdate,$tmpdepfile" + else + "$@" -MDupdate "$tmpdepfile" + fi + stat=$? + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + + if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files + echo "$object : \\" > "$depfile" + + # Clip off the initial element (the dependent). Don't try to be + # clever and replace this with sed code, as IRIX sed won't handle + # lines with more than a fixed number of characters (4096 in + # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines; + # the IRIX cc adds comments like `#:fec' to the end of the + # dependency line. + tr ' ' ' +' < "$tmpdepfile" \ + | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' | \ + tr ' +' ' ' >> "$depfile" + echo >> "$depfile" + + # The second pass generates a dummy entry for each header file. + tr ' ' ' +' < "$tmpdepfile" \ + | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ + >> "$depfile" + else + # The sourcefile does not contain any dependencies, so just + # store a dummy comment line, to avoid errors with the Makefile + # "include basename.Plo" scheme. + echo "#dummy" > "$depfile" + fi + rm -f "$tmpdepfile" + ;; + +aix) + # The C for AIX Compiler uses -M and outputs the dependencies + # in a .u file. In older versions, this file always lives in the + # current directory. Also, the AIX compiler puts `$object:' at the + # start of each line; $object doesn't have directory information. + # Version 6 uses the directory in both cases. + dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` + test "x$dir" = "x$object" && dir= + base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` + if test "$libtool" = yes; then + tmpdepfile1=$dir$base.u + tmpdepfile2=$base.u + tmpdepfile3=$dir.libs/$base.u + "$@" -Wc,-M + else + tmpdepfile1=$dir$base.u + tmpdepfile2=$dir$base.u + tmpdepfile3=$dir$base.u + "$@" -M + fi + stat=$? + + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + do + test -f "$tmpdepfile" && break + done + if test -f "$tmpdepfile"; then + # Each line is of the form `foo.o: dependent.h'. + # Do two passes, one to just change these to + # `$object: dependent.h' and one to simply `dependent.h:'. + sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile" + # That's a tab and a space in the []. + sed -e 's,^.*\.[a-z]*:[ ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile" + else + # The sourcefile does not contain any dependencies, so just + # store a dummy comment line, to avoid errors with the Makefile + # "include basename.Plo" scheme. + echo "#dummy" > "$depfile" + fi + rm -f "$tmpdepfile" + ;; + +icc) + # Intel's C compiler understands `-MD -MF file'. However on + # icc -MD -MF foo.d -c -o sub/foo.o sub/foo.c + # ICC 7.0 will fill foo.d with something like + # foo.o: sub/foo.c + # foo.o: sub/foo.h + # which is wrong. We want: + # sub/foo.o: sub/foo.c + # sub/foo.o: sub/foo.h + # sub/foo.c: + # sub/foo.h: + # ICC 7.1 will output + # foo.o: sub/foo.c sub/foo.h + # and will wrap long lines using \ : + # foo.o: sub/foo.c ... \ + # sub/foo.h ... \ + # ... + + "$@" -MD -MF "$tmpdepfile" + stat=$? + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + # Each line is of the form `foo.o: dependent.h', + # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'. + # Do two passes, one to just change these to + # `$object: dependent.h' and one to simply `dependent.h:'. + sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile" + # Some versions of the HPUX 10.20 sed can't process this invocation + # correctly. Breaking it into two sed invocations is a workaround. + sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" | + sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +hp2) + # The "hp" stanza above does not work with aCC (C++) and HP's ia64 + # compilers, which have integrated preprocessors. The correct option + # to use with these is +Maked; it writes dependencies to a file named + # 'foo.d', which lands next to the object file, wherever that + # happens to be. + # Much of this is similar to the tru64 case; see comments there. + dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` + test "x$dir" = "x$object" && dir= + base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` + if test "$libtool" = yes; then + tmpdepfile1=$dir$base.d + tmpdepfile2=$dir.libs/$base.d + "$@" -Wc,+Maked + else + tmpdepfile1=$dir$base.d + tmpdepfile2=$dir$base.d + "$@" +Maked + fi + stat=$? + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile1" "$tmpdepfile2" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" + do + test -f "$tmpdepfile" && break + done + if test -f "$tmpdepfile"; then + sed -e "s,^.*\.[a-z]*:,$object:," "$tmpdepfile" > "$depfile" + # Add `dependent.h:' lines. + sed -ne '2,${ + s/^ *// + s/ \\*$// + s/$/:/ + p + }' "$tmpdepfile" >> "$depfile" + else + echo "#dummy" > "$depfile" + fi + rm -f "$tmpdepfile" "$tmpdepfile2" + ;; + +tru64) + # The Tru64 compiler uses -MD to generate dependencies as a side + # effect. `cc -MD -o foo.o ...' puts the dependencies into `foo.o.d'. + # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put + # dependencies in `foo.d' instead, so we check for that too. + # Subdirectories are respected. + dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` + test "x$dir" = "x$object" && dir= + base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` + + if test "$libtool" = yes; then + # With Tru64 cc, shared objects can also be used to make a + # static library. This mechanism is used in libtool 1.4 series to + # handle both shared and static libraries in a single compilation. + # With libtool 1.4, dependencies were output in $dir.libs/$base.lo.d. + # + # With libtool 1.5 this exception was removed, and libtool now + # generates 2 separate objects for the 2 libraries. These two + # compilations output dependencies in $dir.libs/$base.o.d and + # in $dir$base.o.d. We have to check for both files, because + # one of the two compilations can be disabled. We should prefer + # $dir$base.o.d over $dir.libs/$base.o.d because the latter is + # automatically cleaned when .libs/ is deleted, while ignoring + # the former would cause a distcleancheck panic. + tmpdepfile1=$dir.libs/$base.lo.d # libtool 1.4 + tmpdepfile2=$dir$base.o.d # libtool 1.5 + tmpdepfile3=$dir.libs/$base.o.d # libtool 1.5 + tmpdepfile4=$dir.libs/$base.d # Compaq CCC V6.2-504 + "$@" -Wc,-MD + else + tmpdepfile1=$dir$base.o.d + tmpdepfile2=$dir$base.d + tmpdepfile3=$dir$base.d + tmpdepfile4=$dir$base.d + "$@" -MD + fi + + stat=$? + if test $stat -eq 0; then : + else + rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4" + do + test -f "$tmpdepfile" && break + done + if test -f "$tmpdepfile"; then + sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile" + # That's a tab and a space in the []. + sed -e 's,^.*\.[a-z]*:[ ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile" + else + echo "#dummy" > "$depfile" + fi + rm -f "$tmpdepfile" + ;; + +#nosideeffect) + # This comment above is used by automake to tell side-effect + # dependency tracking mechanisms from slower ones. + +dashmstdout) + # Important note: in order to support this mode, a compiler *must* + # always write the preprocessed file to stdout, regardless of -o. + "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + + # Remove `-o $object'. + IFS=" " + for arg + do + case $arg in + -o) + shift + ;; + $object) + shift + ;; + *) + set fnord "$@" "$arg" + shift # fnord + shift # $arg + ;; + esac + done + + test -z "$dashmflag" && dashmflag=-M + # Require at least two characters before searching for `:' + # in the target name. This is to cope with DOS-style filenames: + # a dependency such as `c:/foo/bar' could be seen as target `c' otherwise. + "$@" $dashmflag | + sed 's:^[ ]*[^: ][^:][^:]*\:[ ]*:'"$object"'\: :' > "$tmpdepfile" + rm -f "$depfile" + cat < "$tmpdepfile" > "$depfile" + tr ' ' ' +' < "$tmpdepfile" | \ +## Some versions of the HPUX 10.20 sed can't process this invocation +## correctly. Breaking it into two sed invocations is a workaround. + sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +dashXmstdout) + # This case only exists to satisfy depend.m4. It is never actually + # run, as this mode is specially recognized in the preamble. + exit 1 + ;; + +makedepend) + "$@" || exit $? + # Remove any Libtool call + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + # X makedepend + shift + cleared=no eat=no + for arg + do + case $cleared in + no) + set ""; shift + cleared=yes ;; + esac + if test $eat = yes; then + eat=no + continue + fi + case "$arg" in + -D*|-I*) + set fnord "$@" "$arg"; shift ;; + # Strip any option that makedepend may not understand. Remove + # the object too, otherwise makedepend will parse it as a source file. + -arch) + eat=yes ;; + -*|$object) + ;; + *) + set fnord "$@" "$arg"; shift ;; + esac + done + obj_suffix=`echo "$object" | sed 's/^.*\././'` + touch "$tmpdepfile" + ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@" + rm -f "$depfile" + cat < "$tmpdepfile" > "$depfile" + sed '1,2d' "$tmpdepfile" | tr ' ' ' +' | \ +## Some versions of the HPUX 10.20 sed can't process this invocation +## correctly. Breaking it into two sed invocations is a workaround. + sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" "$tmpdepfile".bak + ;; + +cpp) + # Important note: in order to support this mode, a compiler *must* + # always write the preprocessed file to stdout. + "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + + # Remove `-o $object'. + IFS=" " + for arg + do + case $arg in + -o) + shift + ;; + $object) + shift + ;; + *) + set fnord "$@" "$arg" + shift # fnord + shift # $arg + ;; + esac + done + + "$@" -E | + sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ + -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' | + sed '$ s: \\$::' > "$tmpdepfile" + rm -f "$depfile" + echo "$object : \\" > "$depfile" + cat < "$tmpdepfile" >> "$depfile" + sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +msvisualcpp) + # Important note: in order to support this mode, a compiler *must* + # always write the preprocessed file to stdout. + "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + + IFS=" " + for arg + do + case "$arg" in + -o) + shift + ;; + $object) + shift + ;; + "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI") + set fnord "$@" + shift + shift + ;; + *) + set fnord "$@" "$arg" + shift + shift + ;; + esac + done + "$@" -E 2>/dev/null | + sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile" + rm -f "$depfile" + echo "$object : \\" > "$depfile" + sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s:: \1 \\:p' >> "$depfile" + echo " " >> "$depfile" + sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +msvcmsys) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + +none) + exec "$@" + ;; + +*) + echo "Unknown depmode $depmode" 1>&2 + exit 1 + ;; +esac + +exit 0 + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/lib/libedit/install-sh b/lib/libedit/install-sh new file mode 100755 index 000000000000..6781b987bdbc --- /dev/null +++ b/lib/libedit/install-sh @@ -0,0 +1,520 @@ +#!/bin/sh +# install - install a program, script, or datafile + +scriptversion=2009-04-28.21; # UTC + +# This originates from X11R5 (mit/util/scripts/install.sh), which was +# later released in X11R6 (xc/config/util/install.sh) with the +# following copyright and license. +# +# Copyright (C) 1994 X Consortium +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to +# deal in the Software without restriction, including without limitation the +# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or +# sell copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC- +# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +# +# Except as contained in this notice, the name of the X Consortium shall not +# be used in advertising or otherwise to promote the sale, use or other deal- +# ings in this Software without prior written authorization from the X Consor- +# tium. +# +# +# FSF changes to this file are in the public domain. +# +# Calling this script install-sh is preferred over install.sh, to prevent +# `make' implicit rules from creating a file called install from it +# when there is no Makefile. +# +# This script is compatible with the BSD install script, but was written +# from scratch. + +nl=' +' +IFS=" "" $nl" + +# set DOITPROG to echo to test this script + +# Don't use :- since 4.3BSD and earlier shells don't like it. +doit=${DOITPROG-} +if test -z "$doit"; then + doit_exec=exec +else + doit_exec=$doit +fi + +# Put in absolute file names if you don't have them in your path; +# or use environment vars. + +chgrpprog=${CHGRPPROG-chgrp} +chmodprog=${CHMODPROG-chmod} +chownprog=${CHOWNPROG-chown} +cmpprog=${CMPPROG-cmp} +cpprog=${CPPROG-cp} +mkdirprog=${MKDIRPROG-mkdir} +mvprog=${MVPROG-mv} +rmprog=${RMPROG-rm} +stripprog=${STRIPPROG-strip} + +posix_glob='?' +initialize_posix_glob=' + test "$posix_glob" != "?" || { + if (set -f) 2>/dev/null; then + posix_glob= + else + posix_glob=: + fi + } +' + +posix_mkdir= + +# Desired mode of installed file. +mode=0755 + +chgrpcmd= +chmodcmd=$chmodprog +chowncmd= +mvcmd=$mvprog +rmcmd="$rmprog -f" +stripcmd= + +src= +dst= +dir_arg= +dst_arg= + +copy_on_change=false +no_target_directory= + +usage="\ +Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE + or: $0 [OPTION]... SRCFILES... DIRECTORY + or: $0 [OPTION]... -t DIRECTORY SRCFILES... + or: $0 [OPTION]... -d DIRECTORIES... + +In the 1st form, copy SRCFILE to DSTFILE. +In the 2nd and 3rd, copy all SRCFILES to DIRECTORY. +In the 4th, create DIRECTORIES. + +Options: + --help display this help and exit. + --version display version info and exit. + + -c (ignored) + -C install only if different (preserve the last data modification time) + -d create directories instead of installing files. + -g GROUP $chgrpprog installed files to GROUP. + -m MODE $chmodprog installed files to MODE. + -o USER $chownprog installed files to USER. + -s $stripprog installed files. + -t DIRECTORY install into DIRECTORY. + -T report an error if DSTFILE is a directory. + +Environment variables override the default commands: + CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG + RMPROG STRIPPROG +" + +while test $# -ne 0; do + case $1 in + -c) ;; + + -C) copy_on_change=true;; + + -d) dir_arg=true;; + + -g) chgrpcmd="$chgrpprog $2" + shift;; + + --help) echo "$usage"; exit $?;; + + -m) mode=$2 + case $mode in + *' '* | *' '* | *' +'* | *'*'* | *'?'* | *'['*) + echo "$0: invalid mode: $mode" >&2 + exit 1;; + esac + shift;; + + -o) chowncmd="$chownprog $2" + shift;; + + -s) stripcmd=$stripprog;; + + -t) dst_arg=$2 + shift;; + + -T) no_target_directory=true;; + + --version) echo "$0 $scriptversion"; exit $?;; + + --) shift + break;; + + -*) echo "$0: invalid option: $1" >&2 + exit 1;; + + *) break;; + esac + shift +done + +if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then + # When -d is used, all remaining arguments are directories to create. + # When -t is used, the destination is already specified. + # Otherwise, the last argument is the destination. Remove it from $@. + for arg + do + if test -n "$dst_arg"; then + # $@ is not empty: it contains at least $arg. + set fnord "$@" "$dst_arg" + shift # fnord + fi + shift # arg + dst_arg=$arg + done +fi + +if test $# -eq 0; then + if test -z "$dir_arg"; then + echo "$0: no input file specified." >&2 + exit 1 + fi + # It's OK to call `install-sh -d' without argument. + # This can happen when creating conditional directories. + exit 0 +fi + +if test -z "$dir_arg"; then + trap '(exit $?); exit' 1 2 13 15 + + # Set umask so as not to create temps with too-generous modes. + # However, 'strip' requires both read and write access to temps. + case $mode in + # Optimize common cases. + *644) cp_umask=133;; + *755) cp_umask=22;; + + *[0-7]) + if test -z "$stripcmd"; then + u_plus_rw= + else + u_plus_rw='% 200' + fi + cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;; + *) + if test -z "$stripcmd"; then + u_plus_rw= + else + u_plus_rw=,u+rw + fi + cp_umask=$mode$u_plus_rw;; + esac +fi + +for src +do + # Protect names starting with `-'. + case $src in + -*) src=./$src;; + esac + + if test -n "$dir_arg"; then + dst=$src + dstdir=$dst + test -d "$dstdir" + dstdir_status=$? + else + + # Waiting for this to be detected by the "$cpprog $src $dsttmp" command + # might cause directories to be created, which would be especially bad + # if $src (and thus $dsttmp) contains '*'. + if test ! -f "$src" && test ! -d "$src"; then + echo "$0: $src does not exist." >&2 + exit 1 + fi + + if test -z "$dst_arg"; then + echo "$0: no destination specified." >&2 + exit 1 + fi + + dst=$dst_arg + # Protect names starting with `-'. + case $dst in + -*) dst=./$dst;; + esac + + # If destination is a directory, append the input filename; won't work + # if double slashes aren't ignored. + if test -d "$dst"; then + if test -n "$no_target_directory"; then + echo "$0: $dst_arg: Is a directory" >&2 + exit 1 + fi + dstdir=$dst + dst=$dstdir/`basename "$src"` + dstdir_status=0 + else + # Prefer dirname, but fall back on a substitute if dirname fails. + dstdir=` + (dirname "$dst") 2>/dev/null || + expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$dst" : 'X\(//\)[^/]' \| \ + X"$dst" : 'X\(//\)$' \| \ + X"$dst" : 'X\(/\)' \| . 2>/dev/null || + echo X"$dst" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q' + ` + + test -d "$dstdir" + dstdir_status=$? + fi + fi + + obsolete_mkdir_used=false + + if test $dstdir_status != 0; then + case $posix_mkdir in + '') + # Create intermediate dirs using mode 755 as modified by the umask. + # This is like FreeBSD 'install' as of 1997-10-28. + umask=`umask` + case $stripcmd.$umask in + # Optimize common cases. + *[2367][2367]) mkdir_umask=$umask;; + .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;; + + *[0-7]) + mkdir_umask=`expr $umask + 22 \ + - $umask % 100 % 40 + $umask % 20 \ + - $umask % 10 % 4 + $umask % 2 + `;; + *) mkdir_umask=$umask,go-w;; + esac + + # With -d, create the new directory with the user-specified mode. + # Otherwise, rely on $mkdir_umask. + if test -n "$dir_arg"; then + mkdir_mode=-m$mode + else + mkdir_mode= + fi + + posix_mkdir=false + case $umask in + *[123567][0-7][0-7]) + # POSIX mkdir -p sets u+wx bits regardless of umask, which + # is incompatible with FreeBSD 'install' when (umask & 300) != 0. + ;; + *) + tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$ + trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0 + + if (umask $mkdir_umask && + exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1 + then + if test -z "$dir_arg" || { + # Check for POSIX incompatibilities with -m. + # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or + # other-writeable bit of parent directory when it shouldn't. + # FreeBSD 6.1 mkdir -m -p sets mode of existing directory. + ls_ld_tmpdir=`ls -ld "$tmpdir"` + case $ls_ld_tmpdir in + d????-?r-*) different_mode=700;; + d????-?--*) different_mode=755;; + *) false;; + esac && + $mkdirprog -m$different_mode -p -- "$tmpdir" && { + ls_ld_tmpdir_1=`ls -ld "$tmpdir"` + test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1" + } + } + then posix_mkdir=: + fi + rmdir "$tmpdir/d" "$tmpdir" + else + # Remove any dirs left behind by ancient mkdir implementations. + rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null + fi + trap '' 0;; + esac;; + esac + + if + $posix_mkdir && ( + umask $mkdir_umask && + $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir" + ) + then : + else + + # The umask is ridiculous, or mkdir does not conform to POSIX, + # or it failed possibly due to a race condition. Create the + # directory the slow way, step by step, checking for races as we go. + + case $dstdir in + /*) prefix='/';; + -*) prefix='./';; + *) prefix='';; + esac + + eval "$initialize_posix_glob" + + oIFS=$IFS + IFS=/ + $posix_glob set -f + set fnord $dstdir + shift + $posix_glob set +f + IFS=$oIFS + + prefixes= + + for d + do + test -z "$d" && continue + + prefix=$prefix$d + if test -d "$prefix"; then + prefixes= + else + if $posix_mkdir; then + (umask=$mkdir_umask && + $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break + # Don't fail if two instances are running concurrently. + test -d "$prefix" || exit 1 + else + case $prefix in + *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;; + *) qprefix=$prefix;; + esac + prefixes="$prefixes '$qprefix'" + fi + fi + prefix=$prefix/ + done + + if test -n "$prefixes"; then + # Don't fail if two instances are running concurrently. + (umask $mkdir_umask && + eval "\$doit_exec \$mkdirprog $prefixes") || + test -d "$dstdir" || exit 1 + obsolete_mkdir_used=true + fi + fi + fi + + if test -n "$dir_arg"; then + { test -z "$chowncmd" || $doit $chowncmd "$dst"; } && + { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } && + { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false || + test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1 + else + + # Make a couple of temp file names in the proper directory. + dsttmp=$dstdir/_inst.$$_ + rmtmp=$dstdir/_rm.$$_ + + # Trap to clean up those temp files at exit. + trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0 + + # Copy the file name to the temp name. + (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") && + + # and set any options; do chmod last to preserve setuid bits. + # + # If any of these fail, we abort the whole thing. If we want to + # ignore errors from any of these, just make sure not to ignore + # errors from the above "$doit $cpprog $src $dsttmp" command. + # + { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } && + { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } && + { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } && + { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && + + # If -C, don't bother to copy if it wouldn't change the file. + if $copy_on_change && + old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` && + new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` && + + eval "$initialize_posix_glob" && + $posix_glob set -f && + set X $old && old=:$2:$4:$5:$6 && + set X $new && new=:$2:$4:$5:$6 && + $posix_glob set +f && + + test "$old" = "$new" && + $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1 + then + rm -f "$dsttmp" + else + # Rename the file to the real destination. + $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null || + + # The rename failed, perhaps because mv can't rename something else + # to itself, or perhaps because mv is so ancient that it does not + # support -f. + { + # Now remove or move aside any old file at destination location. + # We try this two ways since rm can't unlink itself on some + # systems and the destination file might be busy for other + # reasons. In this case, the final cleanup might fail but the new + # file should still install successfully. + { + test ! -f "$dst" || + $doit $rmcmd -f "$dst" 2>/dev/null || + { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null && + { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; } + } || + { echo "$0: cannot unlink or rename $dst" >&2 + (exit 1); exit 1 + } + } && + + # Now rename the file to the real destination. + $doit $mvcmd "$dsttmp" "$dst" + } + fi || exit 1 + + trap '' 0 + fi +done + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/lib/libedit/ltmain.sh b/lib/libedit/ltmain.sh new file mode 100755 index 000000000000..3061e3c5a2f7 --- /dev/null +++ b/lib/libedit/ltmain.sh @@ -0,0 +1,9636 @@ + +# libtool (GNU libtool) 2.4 +# Written by Gordon Matzigkeit , 1996 + +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, +# 2007, 2008, 2009, 2010 Free Software Foundation, Inc. +# This is free software; see the source for copying conditions. There is NO +# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +# GNU Libtool is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# As a special exception to the GNU General Public License, +# if you distribute this file as part of a program or library that +# is built using GNU Libtool, you may include this file under the +# same distribution terms that you use for the rest of that program. +# +# GNU Libtool is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GNU Libtool; see the file COPYING. If not, a copy +# can be downloaded from http://www.gnu.org/licenses/gpl.html, +# or obtained by writing to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +# Usage: $progname [OPTION]... [MODE-ARG]... +# +# Provide generalized library-building support services. +# +# --config show all configuration variables +# --debug enable verbose shell tracing +# -n, --dry-run display commands without modifying any files +# --features display basic configuration information and exit +# --mode=MODE use operation mode MODE +# --preserve-dup-deps don't remove duplicate dependency libraries +# --quiet, --silent don't print informational messages +# --no-quiet, --no-silent +# print informational messages (default) +# --tag=TAG use configuration variables from tag TAG +# -v, --verbose print more informational messages than default +# --no-verbose don't print the extra informational messages +# --version print version information +# -h, --help, --help-all print short, long, or detailed help message +# +# MODE must be one of the following: +# +# clean remove files from the build directory +# compile compile a source file into a libtool object +# execute automatically set library path, then run a program +# finish complete the installation of libtool libraries +# install install libraries or executables +# link create a library or an executable +# uninstall remove libraries from an installed directory +# +# MODE-ARGS vary depending on the MODE. When passed as first option, +# `--mode=MODE' may be abbreviated as `MODE' or a unique abbreviation of that. +# Try `$progname --help --mode=MODE' for a more detailed description of MODE. +# +# When reporting a bug, please describe a test case to reproduce it and +# include the following information: +# +# host-triplet: $host +# shell: $SHELL +# compiler: $LTCC +# compiler flags: $LTCFLAGS +# linker: $LD (gnu? $with_gnu_ld) +# $progname: (GNU libtool) 2.4 +# automake: $automake_version +# autoconf: $autoconf_version +# +# Report bugs to . +# GNU libtool home page: . +# General help using GNU software: . + +PROGRAM=libtool +PACKAGE=libtool +VERSION=2.4 +TIMESTAMP="" +package_revision=1.3293 + +# Be Bourne compatible +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then + emulate sh + NULLCMD=: + # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac +fi +BIN_SH=xpg4; export BIN_SH # for Tru64 +DUALCASE=1; export DUALCASE # for MKS sh + +# A function that is used when there is no print builtin or printf. +func_fallback_echo () +{ + eval 'cat <<_LTECHO_EOF +$1 +_LTECHO_EOF' +} + +# NLS nuisances: We save the old values to restore during execute mode. +lt_user_locale= +lt_safe_locale= +for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES +do + eval "if test \"\${$lt_var+set}\" = set; then + save_$lt_var=\$$lt_var + $lt_var=C + export $lt_var + lt_user_locale=\"$lt_var=\\\$save_\$lt_var; \$lt_user_locale\" + lt_safe_locale=\"$lt_var=C; \$lt_safe_locale\" + fi" +done +LC_ALL=C +LANGUAGE=C +export LANGUAGE LC_ALL + +$lt_unset CDPATH + + +# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh +# is ksh but when the shell is invoked as "sh" and the current value of +# the _XPG environment variable is not equal to 1 (one), the special +# positional parameter $0, within a function call, is the name of the +# function. +progpath="$0" + + + +: ${CP="cp -f"} +test "${ECHO+set}" = set || ECHO=${as_echo-'printf %s\n'} +: ${EGREP="grep -E"} +: ${FGREP="grep -F"} +: ${GREP="grep"} +: ${LN_S="ln -s"} +: ${MAKE="make"} +: ${MKDIR="mkdir"} +: ${MV="mv -f"} +: ${RM="rm -f"} +: ${SED="sed"} +: ${SHELL="${CONFIG_SHELL-/bin/sh}"} +: ${Xsed="$SED -e 1s/^X//"} + +# Global variables: +EXIT_SUCCESS=0 +EXIT_FAILURE=1 +EXIT_MISMATCH=63 # $? = 63 is used to indicate version mismatch to missing. +EXIT_SKIP=77 # $? = 77 is used to indicate a skipped test to automake. + +exit_status=$EXIT_SUCCESS + +# Make sure IFS has a sensible default +lt_nl=' +' +IFS=" $lt_nl" + +dirname="s,/[^/]*$,," +basename="s,^.*/,," + +# func_dirname file append nondir_replacement +# Compute the dirname of FILE. If nonempty, add APPEND to the result, +# otherwise set result to NONDIR_REPLACEMENT. +func_dirname () +{ + func_dirname_result=`$ECHO "${1}" | $SED "$dirname"` + if test "X$func_dirname_result" = "X${1}"; then + func_dirname_result="${3}" + else + func_dirname_result="$func_dirname_result${2}" + fi +} # func_dirname may be replaced by extended shell implementation + + +# func_basename file +func_basename () +{ + func_basename_result=`$ECHO "${1}" | $SED "$basename"` +} # func_basename may be replaced by extended shell implementation + + +# func_dirname_and_basename file append nondir_replacement +# perform func_basename and func_dirname in a single function +# call: +# dirname: Compute the dirname of FILE. If nonempty, +# add APPEND to the result, otherwise set result +# to NONDIR_REPLACEMENT. +# value returned in "$func_dirname_result" +# basename: Compute filename of FILE. +# value retuned in "$func_basename_result" +# Implementation must be kept synchronized with func_dirname +# and func_basename. For efficiency, we do not delegate to +# those functions but instead duplicate the functionality here. +func_dirname_and_basename () +{ + # Extract subdirectory from the argument. + func_dirname_result=`$ECHO "${1}" | $SED -e "$dirname"` + if test "X$func_dirname_result" = "X${1}"; then + func_dirname_result="${3}" + else + func_dirname_result="$func_dirname_result${2}" + fi + func_basename_result=`$ECHO "${1}" | $SED -e "$basename"` +} # func_dirname_and_basename may be replaced by extended shell implementation + + +# func_stripname prefix suffix name +# strip PREFIX and SUFFIX off of NAME. +# PREFIX and SUFFIX must not contain globbing or regex special +# characters, hashes, percent signs, but SUFFIX may contain a leading +# dot (in which case that matches only a dot). +# func_strip_suffix prefix name +func_stripname () +{ + case ${2} in + .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;; + *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;; + esac +} # func_stripname may be replaced by extended shell implementation + + +# These SED scripts presuppose an absolute path with a trailing slash. +pathcar='s,^/\([^/]*\).*$,\1,' +pathcdr='s,^/[^/]*,,' +removedotparts=':dotsl + s@/\./@/@g + t dotsl + s,/\.$,/,' +collapseslashes='s@/\{1,\}@/@g' +finalslash='s,/*$,/,' + +# func_normal_abspath PATH +# Remove doubled-up and trailing slashes, "." path components, +# and cancel out any ".." path components in PATH after making +# it an absolute path. +# value returned in "$func_normal_abspath_result" +func_normal_abspath () +{ + # Start from root dir and reassemble the path. + func_normal_abspath_result= + func_normal_abspath_tpath=$1 + func_normal_abspath_altnamespace= + case $func_normal_abspath_tpath in + "") + # Empty path, that just means $cwd. + func_stripname '' '/' "`pwd`" + func_normal_abspath_result=$func_stripname_result + return + ;; + # The next three entries are used to spot a run of precisely + # two leading slashes without using negated character classes; + # we take advantage of case's first-match behaviour. + ///*) + # Unusual form of absolute path, do nothing. + ;; + //*) + # Not necessarily an ordinary path; POSIX reserves leading '//' + # and for example Cygwin uses it to access remote file shares + # over CIFS/SMB, so we conserve a leading double slash if found. + func_normal_abspath_altnamespace=/ + ;; + /*) + # Absolute path, do nothing. + ;; + *) + # Relative path, prepend $cwd. + func_normal_abspath_tpath=`pwd`/$func_normal_abspath_tpath + ;; + esac + # Cancel out all the simple stuff to save iterations. We also want + # the path to end with a slash for ease of parsing, so make sure + # there is one (and only one) here. + func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ + -e "$removedotparts" -e "$collapseslashes" -e "$finalslash"` + while :; do + # Processed it all yet? + if test "$func_normal_abspath_tpath" = / ; then + # If we ascended to the root using ".." the result may be empty now. + if test -z "$func_normal_abspath_result" ; then + func_normal_abspath_result=/ + fi + break + fi + func_normal_abspath_tcomponent=`$ECHO "$func_normal_abspath_tpath" | $SED \ + -e "$pathcar"` + func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ + -e "$pathcdr"` + # Figure out what to do with it + case $func_normal_abspath_tcomponent in + "") + # Trailing empty path component, ignore it. + ;; + ..) + # Parent dir; strip last assembled component from result. + func_dirname "$func_normal_abspath_result" + func_normal_abspath_result=$func_dirname_result + ;; + *) + # Actual path component, append it. + func_normal_abspath_result=$func_normal_abspath_result/$func_normal_abspath_tcomponent + ;; + esac + done + # Restore leading double-slash if one was found on entry. + func_normal_abspath_result=$func_normal_abspath_altnamespace$func_normal_abspath_result +} + +# func_relative_path SRCDIR DSTDIR +# generates a relative path from SRCDIR to DSTDIR, with a trailing +# slash if non-empty, suitable for immediately appending a filename +# without needing to append a separator. +# value returned in "$func_relative_path_result" +func_relative_path () +{ + func_relative_path_result= + func_normal_abspath "$1" + func_relative_path_tlibdir=$func_normal_abspath_result + func_normal_abspath "$2" + func_relative_path_tbindir=$func_normal_abspath_result + + # Ascend the tree starting from libdir + while :; do + # check if we have found a prefix of bindir + case $func_relative_path_tbindir in + $func_relative_path_tlibdir) + # found an exact match + func_relative_path_tcancelled= + break + ;; + $func_relative_path_tlibdir*) + # found a matching prefix + func_stripname "$func_relative_path_tlibdir" '' "$func_relative_path_tbindir" + func_relative_path_tcancelled=$func_stripname_result + if test -z "$func_relative_path_result"; then + func_relative_path_result=. + fi + break + ;; + *) + func_dirname $func_relative_path_tlibdir + func_relative_path_tlibdir=${func_dirname_result} + if test "x$func_relative_path_tlibdir" = x ; then + # Have to descend all the way to the root! + func_relative_path_result=../$func_relative_path_result + func_relative_path_tcancelled=$func_relative_path_tbindir + break + fi + func_relative_path_result=../$func_relative_path_result + ;; + esac + done + + # Now calculate path; take care to avoid doubling-up slashes. + func_stripname '' '/' "$func_relative_path_result" + func_relative_path_result=$func_stripname_result + func_stripname '/' '/' "$func_relative_path_tcancelled" + if test "x$func_stripname_result" != x ; then + func_relative_path_result=${func_relative_path_result}/${func_stripname_result} + fi + + # Normalisation. If bindir is libdir, return empty string, + # else relative path ending with a slash; either way, target + # file name can be directly appended. + if test ! -z "$func_relative_path_result"; then + func_stripname './' '' "$func_relative_path_result/" + func_relative_path_result=$func_stripname_result + fi +} + +# The name of this program: +func_dirname_and_basename "$progpath" +progname=$func_basename_result + +# Make sure we have an absolute path for reexecution: +case $progpath in + [\\/]*|[A-Za-z]:\\*) ;; + *[\\/]*) + progdir=$func_dirname_result + progdir=`cd "$progdir" && pwd` + progpath="$progdir/$progname" + ;; + *) + save_IFS="$IFS" + IFS=: + for progdir in $PATH; do + IFS="$save_IFS" + test -x "$progdir/$progname" && break + done + IFS="$save_IFS" + test -n "$progdir" || progdir=`pwd` + progpath="$progdir/$progname" + ;; +esac + +# Sed substitution that helps us do robust quoting. It backslashifies +# metacharacters that are still active within double-quoted strings. +Xsed="${SED}"' -e 1s/^X//' +sed_quote_subst='s/\([`"$\\]\)/\\\1/g' + +# Same as above, but do not quote variable references. +double_quote_subst='s/\(["`\\]\)/\\\1/g' + +# Sed substitution that turns a string into a regex matching for the +# string literally. +sed_make_literal_regex='s,[].[^$\\*\/],\\&,g' + +# Sed substitution that converts a w32 file name or path +# which contains forward slashes, into one that contains +# (escaped) backslashes. A very naive implementation. +lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g' + +# Re-`\' parameter expansions in output of double_quote_subst that were +# `\'-ed in input to the same. If an odd number of `\' preceded a '$' +# in input to double_quote_subst, that '$' was protected from expansion. +# Since each input `\' is now two `\'s, look for any number of runs of +# four `\'s followed by two `\'s and then a '$'. `\' that '$'. +bs='\\' +bs2='\\\\' +bs4='\\\\\\\\' +dollar='\$' +sed_double_backslash="\ + s/$bs4/&\\ +/g + s/^$bs2$dollar/$bs&/ + s/\\([^$bs]\\)$bs2$dollar/\\1$bs2$bs$dollar/g + s/\n//g" + +# Standard options: +opt_dry_run=false +opt_help=false +opt_quiet=false +opt_verbose=false +opt_warning=: + +# func_echo arg... +# Echo program name prefixed message, along with the current mode +# name if it has been set yet. +func_echo () +{ + $ECHO "$progname: ${opt_mode+$opt_mode: }$*" +} + +# func_verbose arg... +# Echo program name prefixed message in verbose mode only. +func_verbose () +{ + $opt_verbose && func_echo ${1+"$@"} + + # A bug in bash halts the script if the last line of a function + # fails when set -e is in force, so we need another command to + # work around that: + : +} + +# func_echo_all arg... +# Invoke $ECHO with all args, space-separated. +func_echo_all () +{ + $ECHO "$*" +} + +# func_error arg... +# Echo program name prefixed message to standard error. +func_error () +{ + $ECHO "$progname: ${opt_mode+$opt_mode: }"${1+"$@"} 1>&2 +} + +# func_warning arg... +# Echo program name prefixed warning message to standard error. +func_warning () +{ + $opt_warning && $ECHO "$progname: ${opt_mode+$opt_mode: }warning: "${1+"$@"} 1>&2 + + # bash bug again: + : +} + +# func_fatal_error arg... +# Echo program name prefixed message to standard error, and exit. +func_fatal_error () +{ + func_error ${1+"$@"} + exit $EXIT_FAILURE +} + +# func_fatal_help arg... +# Echo program name prefixed message to standard error, followed by +# a help hint, and exit. +func_fatal_help () +{ + func_error ${1+"$@"} + func_fatal_error "$help" +} +help="Try \`$progname --help' for more information." ## default + + +# func_grep expression filename +# Check whether EXPRESSION matches any line of FILENAME, without output. +func_grep () +{ + $GREP "$1" "$2" >/dev/null 2>&1 +} + + +# func_mkdir_p directory-path +# Make sure the entire path to DIRECTORY-PATH is available. +func_mkdir_p () +{ + my_directory_path="$1" + my_dir_list= + + if test -n "$my_directory_path" && test "$opt_dry_run" != ":"; then + + # Protect directory names starting with `-' + case $my_directory_path in + -*) my_directory_path="./$my_directory_path" ;; + esac + + # While some portion of DIR does not yet exist... + while test ! -d "$my_directory_path"; do + # ...make a list in topmost first order. Use a colon delimited + # list incase some portion of path contains whitespace. + my_dir_list="$my_directory_path:$my_dir_list" + + # If the last portion added has no slash in it, the list is done + case $my_directory_path in */*) ;; *) break ;; esac + + # ...otherwise throw away the child directory and loop + my_directory_path=`$ECHO "$my_directory_path" | $SED -e "$dirname"` + done + my_dir_list=`$ECHO "$my_dir_list" | $SED 's,:*$,,'` + + save_mkdir_p_IFS="$IFS"; IFS=':' + for my_dir in $my_dir_list; do + IFS="$save_mkdir_p_IFS" + # mkdir can fail with a `File exist' error if two processes + # try to create one of the directories concurrently. Don't + # stop in that case! + $MKDIR "$my_dir" 2>/dev/null || : + done + IFS="$save_mkdir_p_IFS" + + # Bail out if we (or some other process) failed to create a directory. + test -d "$my_directory_path" || \ + func_fatal_error "Failed to create \`$1'" + fi +} + + +# func_mktempdir [string] +# Make a temporary directory that won't clash with other running +# libtool processes, and avoids race conditions if possible. If +# given, STRING is the basename for that directory. +func_mktempdir () +{ + my_template="${TMPDIR-/tmp}/${1-$progname}" + + if test "$opt_dry_run" = ":"; then + # Return a directory name, but don't create it in dry-run mode + my_tmpdir="${my_template}-$$" + else + + # If mktemp works, use that first and foremost + my_tmpdir=`mktemp -d "${my_template}-XXXXXXXX" 2>/dev/null` + + if test ! -d "$my_tmpdir"; then + # Failing that, at least try and use $RANDOM to avoid a race + my_tmpdir="${my_template}-${RANDOM-0}$$" + + save_mktempdir_umask=`umask` + umask 0077 + $MKDIR "$my_tmpdir" + umask $save_mktempdir_umask + fi + + # If we're not in dry-run mode, bomb out on failure + test -d "$my_tmpdir" || \ + func_fatal_error "cannot create temporary directory \`$my_tmpdir'" + fi + + $ECHO "$my_tmpdir" +} + + +# func_quote_for_eval arg +# Aesthetically quote ARG to be evaled later. +# This function returns two values: FUNC_QUOTE_FOR_EVAL_RESULT +# is double-quoted, suitable for a subsequent eval, whereas +# FUNC_QUOTE_FOR_EVAL_UNQUOTED_RESULT has merely all characters +# which are still active within double quotes backslashified. +func_quote_for_eval () +{ + case $1 in + *[\\\`\"\$]*) + func_quote_for_eval_unquoted_result=`$ECHO "$1" | $SED "$sed_quote_subst"` ;; + *) + func_quote_for_eval_unquoted_result="$1" ;; + esac + + case $func_quote_for_eval_unquoted_result in + # Double-quote args containing shell metacharacters to delay + # word splitting, command substitution and and variable + # expansion for a subsequent eval. + # Many Bourne shells cannot handle close brackets correctly + # in scan sets, so we specify it separately. + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + func_quote_for_eval_result="\"$func_quote_for_eval_unquoted_result\"" + ;; + *) + func_quote_for_eval_result="$func_quote_for_eval_unquoted_result" + esac +} + + +# func_quote_for_expand arg +# Aesthetically quote ARG to be evaled later; same as above, +# but do not quote variable references. +func_quote_for_expand () +{ + case $1 in + *[\\\`\"]*) + my_arg=`$ECHO "$1" | $SED \ + -e "$double_quote_subst" -e "$sed_double_backslash"` ;; + *) + my_arg="$1" ;; + esac + + case $my_arg in + # Double-quote args containing shell metacharacters to delay + # word splitting and command substitution for a subsequent eval. + # Many Bourne shells cannot handle close brackets correctly + # in scan sets, so we specify it separately. + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + my_arg="\"$my_arg\"" + ;; + esac + + func_quote_for_expand_result="$my_arg" +} + + +# func_show_eval cmd [fail_exp] +# Unless opt_silent is true, then output CMD. Then, if opt_dryrun is +# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP +# is given, then evaluate it. +func_show_eval () +{ + my_cmd="$1" + my_fail_exp="${2-:}" + + ${opt_silent-false} || { + func_quote_for_expand "$my_cmd" + eval "func_echo $func_quote_for_expand_result" + } + + if ${opt_dry_run-false}; then :; else + eval "$my_cmd" + my_status=$? + if test "$my_status" -eq 0; then :; else + eval "(exit $my_status); $my_fail_exp" + fi + fi +} + + +# func_show_eval_locale cmd [fail_exp] +# Unless opt_silent is true, then output CMD. Then, if opt_dryrun is +# not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP +# is given, then evaluate it. Use the saved locale for evaluation. +func_show_eval_locale () +{ + my_cmd="$1" + my_fail_exp="${2-:}" + + ${opt_silent-false} || { + func_quote_for_expand "$my_cmd" + eval "func_echo $func_quote_for_expand_result" + } + + if ${opt_dry_run-false}; then :; else + eval "$lt_user_locale + $my_cmd" + my_status=$? + eval "$lt_safe_locale" + if test "$my_status" -eq 0; then :; else + eval "(exit $my_status); $my_fail_exp" + fi + fi +} + +# func_tr_sh +# Turn $1 into a string suitable for a shell variable name. +# Result is stored in $func_tr_sh_result. All characters +# not in the set a-zA-Z0-9_ are replaced with '_'. Further, +# if $1 begins with a digit, a '_' is prepended as well. +func_tr_sh () +{ + case $1 in + [0-9]* | *[!a-zA-Z0-9_]*) + func_tr_sh_result=`$ECHO "$1" | $SED 's/^\([0-9]\)/_\1/; s/[^a-zA-Z0-9_]/_/g'` + ;; + * ) + func_tr_sh_result=$1 + ;; + esac +} + + +# func_version +# Echo version message to standard output and exit. +func_version () +{ + $opt_debug + + $SED -n '/(C)/!b go + :more + /\./!{ + N + s/\n# / / + b more + } + :go + /^# '$PROGRAM' (GNU /,/# warranty; / { + s/^# // + s/^# *$// + s/\((C)\)[ 0-9,-]*\( [1-9][0-9]*\)/\1\2/ + p + }' < "$progpath" + exit $? +} + +# func_usage +# Echo short help message to standard output and exit. +func_usage () +{ + $opt_debug + + $SED -n '/^# Usage:/,/^# *.*--help/ { + s/^# // + s/^# *$// + s/\$progname/'$progname'/ + p + }' < "$progpath" + echo + $ECHO "run \`$progname --help | more' for full usage" + exit $? +} + +# func_help [NOEXIT] +# Echo long help message to standard output and exit, +# unless 'noexit' is passed as argument. +func_help () +{ + $opt_debug + + $SED -n '/^# Usage:/,/# Report bugs to/ { + :print + s/^# // + s/^# *$// + s*\$progname*'$progname'* + s*\$host*'"$host"'* + s*\$SHELL*'"$SHELL"'* + s*\$LTCC*'"$LTCC"'* + s*\$LTCFLAGS*'"$LTCFLAGS"'* + s*\$LD*'"$LD"'* + s/\$with_gnu_ld/'"$with_gnu_ld"'/ + s/\$automake_version/'"`(automake --version) 2>/dev/null |$SED 1q`"'/ + s/\$autoconf_version/'"`(autoconf --version) 2>/dev/null |$SED 1q`"'/ + p + d + } + /^# .* home page:/b print + /^# General help using/b print + ' < "$progpath" + ret=$? + if test -z "$1"; then + exit $ret + fi +} + +# func_missing_arg argname +# Echo program name prefixed message to standard error and set global +# exit_cmd. +func_missing_arg () +{ + $opt_debug + + func_error "missing argument for $1." + exit_cmd=exit +} + + +# func_split_short_opt shortopt +# Set func_split_short_opt_name and func_split_short_opt_arg shell +# variables after splitting SHORTOPT after the 2nd character. +func_split_short_opt () +{ + my_sed_short_opt='1s/^\(..\).*$/\1/;q' + my_sed_short_rest='1s/^..\(.*\)$/\1/;q' + + func_split_short_opt_name=`$ECHO "$1" | $SED "$my_sed_short_opt"` + func_split_short_opt_arg=`$ECHO "$1" | $SED "$my_sed_short_rest"` +} # func_split_short_opt may be replaced by extended shell implementation + + +# func_split_long_opt longopt +# Set func_split_long_opt_name and func_split_long_opt_arg shell +# variables after splitting LONGOPT at the `=' sign. +func_split_long_opt () +{ + my_sed_long_opt='1s/^\(--[^=]*\)=.*/\1/;q' + my_sed_long_arg='1s/^--[^=]*=//' + + func_split_long_opt_name=`$ECHO "$1" | $SED "$my_sed_long_opt"` + func_split_long_opt_arg=`$ECHO "$1" | $SED "$my_sed_long_arg"` +} # func_split_long_opt may be replaced by extended shell implementation + +exit_cmd=: + + + + + +magic="%%%MAGIC variable%%%" +magic_exe="%%%MAGIC EXE variable%%%" + +# Global variables. +nonopt= +preserve_args= +lo2o="s/\\.lo\$/.${objext}/" +o2lo="s/\\.${objext}\$/.lo/" +extracted_archives= +extracted_serial=0 + +# If this variable is set in any of the actions, the command in it +# will be execed at the end. This prevents here-documents from being +# left over by shells. +exec_cmd= + +# func_append var value +# Append VALUE to the end of shell variable VAR. +func_append () +{ + eval "${1}=\$${1}\${2}" +} # func_append may be replaced by extended shell implementation + +# func_append_quoted var value +# Quote VALUE and append to the end of shell variable VAR, separated +# by a space. +func_append_quoted () +{ + func_quote_for_eval "${2}" + eval "${1}=\$${1}\\ \$func_quote_for_eval_result" +} # func_append_quoted may be replaced by extended shell implementation + + +# func_arith arithmetic-term... +func_arith () +{ + func_arith_result=`expr "${@}"` +} # func_arith may be replaced by extended shell implementation + + +# func_len string +# STRING may not start with a hyphen. +func_len () +{ + func_len_result=`expr "${1}" : ".*" 2>/dev/null || echo $max_cmd_len` +} # func_len may be replaced by extended shell implementation + + +# func_lo2o object +func_lo2o () +{ + func_lo2o_result=`$ECHO "${1}" | $SED "$lo2o"` +} # func_lo2o may be replaced by extended shell implementation + + +# func_xform libobj-or-source +func_xform () +{ + func_xform_result=`$ECHO "${1}" | $SED 's/\.[^.]*$/.lo/'` +} # func_xform may be replaced by extended shell implementation + + +# func_fatal_configuration arg... +# Echo program name prefixed message to standard error, followed by +# a configuration failure hint, and exit. +func_fatal_configuration () +{ + func_error ${1+"$@"} + func_error "See the $PACKAGE documentation for more information." + func_fatal_error "Fatal configuration error." +} + + +# func_config +# Display the configuration for all the tags in this script. +func_config () +{ + re_begincf='^# ### BEGIN LIBTOOL' + re_endcf='^# ### END LIBTOOL' + + # Default configuration. + $SED "1,/$re_begincf CONFIG/d;/$re_endcf CONFIG/,\$d" < "$progpath" + + # Now print the configurations for the tags. + for tagname in $taglist; do + $SED -n "/$re_begincf TAG CONFIG: $tagname\$/,/$re_endcf TAG CONFIG: $tagname\$/p" < "$progpath" + done + + exit $? +} + +# func_features +# Display the features supported by this script. +func_features () +{ + echo "host: $host" + if test "$build_libtool_libs" = yes; then + echo "enable shared libraries" + else + echo "disable shared libraries" + fi + if test "$build_old_libs" = yes; then + echo "enable static libraries" + else + echo "disable static libraries" + fi + + exit $? +} + +# func_enable_tag tagname +# Verify that TAGNAME is valid, and either flag an error and exit, or +# enable the TAGNAME tag. We also add TAGNAME to the global $taglist +# variable here. +func_enable_tag () +{ + # Global variable: + tagname="$1" + + re_begincf="^# ### BEGIN LIBTOOL TAG CONFIG: $tagname\$" + re_endcf="^# ### END LIBTOOL TAG CONFIG: $tagname\$" + sed_extractcf="/$re_begincf/,/$re_endcf/p" + + # Validate tagname. + case $tagname in + *[!-_A-Za-z0-9,/]*) + func_fatal_error "invalid tag name: $tagname" + ;; + esac + + # Don't test for the "default" C tag, as we know it's + # there but not specially marked. + case $tagname in + CC) ;; + *) + if $GREP "$re_begincf" "$progpath" >/dev/null 2>&1; then + taglist="$taglist $tagname" + + # Evaluate the configuration. Be careful to quote the path + # and the sed script, to avoid splitting on whitespace, but + # also don't use non-portable quotes within backquotes within + # quotes we have to do it in 2 steps: + extractedcf=`$SED -n -e "$sed_extractcf" < "$progpath"` + eval "$extractedcf" + else + func_error "ignoring unknown tag $tagname" + fi + ;; + esac +} + +# func_check_version_match +# Ensure that we are using m4 macros, and libtool script from the same +# release of libtool. +func_check_version_match () +{ + if test "$package_revision" != "$macro_revision"; then + if test "$VERSION" != "$macro_version"; then + if test -z "$macro_version"; then + cat >&2 <<_LT_EOF +$progname: Version mismatch error. This is $PACKAGE $VERSION, but the +$progname: definition of this LT_INIT comes from an older release. +$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION +$progname: and run autoconf again. +_LT_EOF + else + cat >&2 <<_LT_EOF +$progname: Version mismatch error. This is $PACKAGE $VERSION, but the +$progname: definition of this LT_INIT comes from $PACKAGE $macro_version. +$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION +$progname: and run autoconf again. +_LT_EOF + fi + else + cat >&2 <<_LT_EOF +$progname: Version mismatch error. This is $PACKAGE $VERSION, revision $package_revision, +$progname: but the definition of this LT_INIT comes from revision $macro_revision. +$progname: You should recreate aclocal.m4 with macros from revision $package_revision +$progname: of $PACKAGE $VERSION and run autoconf again. +_LT_EOF + fi + + exit $EXIT_MISMATCH + fi +} + + +# Shorthand for --mode=foo, only valid as the first argument +case $1 in +clean|clea|cle|cl) + shift; set dummy --mode clean ${1+"$@"}; shift + ;; +compile|compil|compi|comp|com|co|c) + shift; set dummy --mode compile ${1+"$@"}; shift + ;; +execute|execut|execu|exec|exe|ex|e) + shift; set dummy --mode execute ${1+"$@"}; shift + ;; +finish|finis|fini|fin|fi|f) + shift; set dummy --mode finish ${1+"$@"}; shift + ;; +install|instal|insta|inst|ins|in|i) + shift; set dummy --mode install ${1+"$@"}; shift + ;; +link|lin|li|l) + shift; set dummy --mode link ${1+"$@"}; shift + ;; +uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u) + shift; set dummy --mode uninstall ${1+"$@"}; shift + ;; +esac + + + +# Option defaults: +opt_debug=: +opt_dry_run=false +opt_config=false +opt_preserve_dup_deps=false +opt_features=false +opt_finish=false +opt_help=false +opt_help_all=false +opt_silent=: +opt_verbose=: +opt_silent=false +opt_verbose=false + + +# Parse options once, thoroughly. This comes as soon as possible in the +# script to make things like `--version' happen as quickly as we can. +{ + # this just eases exit handling + while test $# -gt 0; do + opt="$1" + shift + case $opt in + --debug|-x) opt_debug='set -x' + func_echo "enabling shell trace mode" + $opt_debug + ;; + --dry-run|--dryrun|-n) + opt_dry_run=: + ;; + --config) + opt_config=: +func_config + ;; + --dlopen|-dlopen) + optarg="$1" + opt_dlopen="${opt_dlopen+$opt_dlopen +}$optarg" + shift + ;; + --preserve-dup-deps) + opt_preserve_dup_deps=: + ;; + --features) + opt_features=: +func_features + ;; + --finish) + opt_finish=: +set dummy --mode finish ${1+"$@"}; shift + ;; + --help) + opt_help=: + ;; + --help-all) + opt_help_all=: +opt_help=': help-all' + ;; + --mode) + test $# = 0 && func_missing_arg $opt && break + optarg="$1" + opt_mode="$optarg" +case $optarg in + # Valid mode arguments: + clean|compile|execute|finish|install|link|relink|uninstall) ;; + + # Catch anything else as an error + *) func_error "invalid argument for $opt" + exit_cmd=exit + break + ;; +esac + shift + ;; + --no-silent|--no-quiet) + opt_silent=false +func_append preserve_args " $opt" + ;; + --no-verbose) + opt_verbose=false +func_append preserve_args " $opt" + ;; + --silent|--quiet) + opt_silent=: +func_append preserve_args " $opt" + opt_verbose=false + ;; + --verbose|-v) + opt_verbose=: +func_append preserve_args " $opt" +opt_silent=false + ;; + --tag) + test $# = 0 && func_missing_arg $opt && break + optarg="$1" + opt_tag="$optarg" +func_append preserve_args " $opt $optarg" +func_enable_tag "$optarg" + shift + ;; + + -\?|-h) func_usage ;; + --help) func_help ;; + --version) func_version ;; + + # Separate optargs to long options: + --*=*) + func_split_long_opt "$opt" + set dummy "$func_split_long_opt_name" "$func_split_long_opt_arg" ${1+"$@"} + shift + ;; + + # Separate non-argument short options: + -\?*|-h*|-n*|-v*) + func_split_short_opt "$opt" + set dummy "$func_split_short_opt_name" "-$func_split_short_opt_arg" ${1+"$@"} + shift + ;; + + --) break ;; + -*) func_fatal_help "unrecognized option \`$opt'" ;; + *) set dummy "$opt" ${1+"$@"}; shift; break ;; + esac + done + + # Validate options: + + # save first non-option argument + if test "$#" -gt 0; then + nonopt="$opt" + shift + fi + + # preserve --debug + test "$opt_debug" = : || func_append preserve_args " --debug" + + case $host in + *cygwin* | *mingw* | *pw32* | *cegcc*) + # don't eliminate duplications in $postdeps and $predeps + opt_duplicate_compiler_generated_deps=: + ;; + *) + opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps + ;; + esac + + $opt_help || { + # Sanity checks first: + func_check_version_match + + if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then + func_fatal_configuration "not configured to build any kind of library" + fi + + # Darwin sucks + eval std_shrext=\"$shrext_cmds\" + + # Only execute mode is allowed to have -dlopen flags. + if test -n "$opt_dlopen" && test "$opt_mode" != execute; then + func_error "unrecognized option \`-dlopen'" + $ECHO "$help" 1>&2 + exit $EXIT_FAILURE + fi + + # Change the help message to a mode-specific one. + generic_help="$help" + help="Try \`$progname --help --mode=$opt_mode' for more information." + } + + + # Bail if the options were screwed + $exit_cmd $EXIT_FAILURE +} + + + + +## ----------- ## +## Main. ## +## ----------- ## + +# func_lalib_p file +# True iff FILE is a libtool `.la' library or `.lo' object file. +# This function is only a basic sanity check; it will hardly flush out +# determined imposters. +func_lalib_p () +{ + test -f "$1" && + $SED -e 4q "$1" 2>/dev/null \ + | $GREP "^# Generated by .*$PACKAGE" > /dev/null 2>&1 +} + +# func_lalib_unsafe_p file +# True iff FILE is a libtool `.la' library or `.lo' object file. +# This function implements the same check as func_lalib_p without +# resorting to external programs. To this end, it redirects stdin and +# closes it afterwards, without saving the original file descriptor. +# As a safety measure, use it only where a negative result would be +# fatal anyway. Works if `file' does not exist. +func_lalib_unsafe_p () +{ + lalib_p=no + if test -f "$1" && test -r "$1" && exec 5<&0 <"$1"; then + for lalib_p_l in 1 2 3 4 + do + read lalib_p_line + case "$lalib_p_line" in + \#\ Generated\ by\ *$PACKAGE* ) lalib_p=yes; break;; + esac + done + exec 0<&5 5<&- + fi + test "$lalib_p" = yes +} + +# func_ltwrapper_script_p file +# True iff FILE is a libtool wrapper script +# This function is only a basic sanity check; it will hardly flush out +# determined imposters. +func_ltwrapper_script_p () +{ + func_lalib_p "$1" +} + +# func_ltwrapper_executable_p file +# True iff FILE is a libtool wrapper executable +# This function is only a basic sanity check; it will hardly flush out +# determined imposters. +func_ltwrapper_executable_p () +{ + func_ltwrapper_exec_suffix= + case $1 in + *.exe) ;; + *) func_ltwrapper_exec_suffix=.exe ;; + esac + $GREP "$magic_exe" "$1$func_ltwrapper_exec_suffix" >/dev/null 2>&1 +} + +# func_ltwrapper_scriptname file +# Assumes file is an ltwrapper_executable +# uses $file to determine the appropriate filename for a +# temporary ltwrapper_script. +func_ltwrapper_scriptname () +{ + func_dirname_and_basename "$1" "" "." + func_stripname '' '.exe' "$func_basename_result" + func_ltwrapper_scriptname_result="$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper" +} + +# func_ltwrapper_p file +# True iff FILE is a libtool wrapper script or wrapper executable +# This function is only a basic sanity check; it will hardly flush out +# determined imposters. +func_ltwrapper_p () +{ + func_ltwrapper_script_p "$1" || func_ltwrapper_executable_p "$1" +} + + +# func_execute_cmds commands fail_cmd +# Execute tilde-delimited COMMANDS. +# If FAIL_CMD is given, eval that upon failure. +# FAIL_CMD may read-access the current command in variable CMD! +func_execute_cmds () +{ + $opt_debug + save_ifs=$IFS; IFS='~' + for cmd in $1; do + IFS=$save_ifs + eval cmd=\"$cmd\" + func_show_eval "$cmd" "${2-:}" + done + IFS=$save_ifs +} + + +# func_source file +# Source FILE, adding directory component if necessary. +# Note that it is not necessary on cygwin/mingw to append a dot to +# FILE even if both FILE and FILE.exe exist: automatic-append-.exe +# behavior happens only for exec(3), not for open(2)! Also, sourcing +# `FILE.' does not work on cygwin managed mounts. +func_source () +{ + $opt_debug + case $1 in + */* | *\\*) . "$1" ;; + *) . "./$1" ;; + esac +} + + +# func_resolve_sysroot PATH +# Replace a leading = in PATH with a sysroot. Store the result into +# func_resolve_sysroot_result +func_resolve_sysroot () +{ + func_resolve_sysroot_result=$1 + case $func_resolve_sysroot_result in + =*) + func_stripname '=' '' "$func_resolve_sysroot_result" + func_resolve_sysroot_result=$lt_sysroot$func_stripname_result + ;; + esac +} + +# func_replace_sysroot PATH +# If PATH begins with the sysroot, replace it with = and +# store the result into func_replace_sysroot_result. +func_replace_sysroot () +{ + case "$lt_sysroot:$1" in + ?*:"$lt_sysroot"*) + func_stripname "$lt_sysroot" '' "$1" + func_replace_sysroot_result="=$func_stripname_result" + ;; + *) + # Including no sysroot. + func_replace_sysroot_result=$1 + ;; + esac +} + +# func_infer_tag arg +# Infer tagged configuration to use if any are available and +# if one wasn't chosen via the "--tag" command line option. +# Only attempt this if the compiler in the base compile +# command doesn't match the default compiler. +# arg is usually of the form 'gcc ...' +func_infer_tag () +{ + $opt_debug + if test -n "$available_tags" && test -z "$tagname"; then + CC_quoted= + for arg in $CC; do + func_append_quoted CC_quoted "$arg" + done + CC_expanded=`func_echo_all $CC` + CC_quoted_expanded=`func_echo_all $CC_quoted` + case $@ in + # Blanks in the command may have been stripped by the calling shell, + # but not from the CC environment variable when configure was run. + " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \ + " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*) ;; + # Blanks at the start of $base_compile will cause this to fail + # if we don't check for them as well. + *) + for z in $available_tags; do + if $GREP "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$progpath" > /dev/null; then + # Evaluate the configuration. + eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`" + CC_quoted= + for arg in $CC; do + # Double-quote args containing other shell metacharacters. + func_append_quoted CC_quoted "$arg" + done + CC_expanded=`func_echo_all $CC` + CC_quoted_expanded=`func_echo_all $CC_quoted` + case "$@ " in + " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \ + " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*) + # The compiler in the base compile command matches + # the one in the tagged configuration. + # Assume this is the tagged configuration we want. + tagname=$z + break + ;; + esac + fi + done + # If $tagname still isn't set, then no tagged configuration + # was found and let the user know that the "--tag" command + # line option must be used. + if test -z "$tagname"; then + func_echo "unable to infer tagged configuration" + func_fatal_error "specify a tag with \`--tag'" +# else +# func_verbose "using $tagname tagged configuration" + fi + ;; + esac + fi +} + + + +# func_write_libtool_object output_name pic_name nonpic_name +# Create a libtool object file (analogous to a ".la" file), +# but don't create it if we're doing a dry run. +func_write_libtool_object () +{ + write_libobj=${1} + if test "$build_libtool_libs" = yes; then + write_lobj=\'${2}\' + else + write_lobj=none + fi + + if test "$build_old_libs" = yes; then + write_oldobj=\'${3}\' + else + write_oldobj=none + fi + + $opt_dry_run || { + cat >${write_libobj}T </dev/null` + if test "$?" -eq 0 && test -n "${func_convert_core_file_wine_to_w32_tmp}"; then + func_convert_core_file_wine_to_w32_result=`$ECHO "$func_convert_core_file_wine_to_w32_tmp" | + $SED -e "$lt_sed_naive_backslashify"` + else + func_convert_core_file_wine_to_w32_result= + fi + fi +} +# end: func_convert_core_file_wine_to_w32 + + +# func_convert_core_path_wine_to_w32 ARG +# Helper function used by path conversion functions when $build is *nix, and +# $host is mingw, cygwin, or some other w32 environment. Relies on a correctly +# configured wine environment available, with the winepath program in $build's +# $PATH. Assumes ARG has no leading or trailing path separator characters. +# +# ARG is path to be converted from $build format to win32. +# Result is available in $func_convert_core_path_wine_to_w32_result. +# Unconvertible file (directory) names in ARG are skipped; if no directory names +# are convertible, then the result may be empty. +func_convert_core_path_wine_to_w32 () +{ + $opt_debug + # unfortunately, winepath doesn't convert paths, only file names + func_convert_core_path_wine_to_w32_result="" + if test -n "$1"; then + oldIFS=$IFS + IFS=: + for func_convert_core_path_wine_to_w32_f in $1; do + IFS=$oldIFS + func_convert_core_file_wine_to_w32 "$func_convert_core_path_wine_to_w32_f" + if test -n "$func_convert_core_file_wine_to_w32_result" ; then + if test -z "$func_convert_core_path_wine_to_w32_result"; then + func_convert_core_path_wine_to_w32_result="$func_convert_core_file_wine_to_w32_result" + else + func_append func_convert_core_path_wine_to_w32_result ";$func_convert_core_file_wine_to_w32_result" + fi + fi + done + IFS=$oldIFS + fi +} +# end: func_convert_core_path_wine_to_w32 + + +# func_cygpath ARGS... +# Wrapper around calling the cygpath program via LT_CYGPATH. This is used when +# when (1) $build is *nix and Cygwin is hosted via a wine environment; or (2) +# $build is MSYS and $host is Cygwin, or (3) $build is Cygwin. In case (1) or +# (2), returns the Cygwin file name or path in func_cygpath_result (input +# file name or path is assumed to be in w32 format, as previously converted +# from $build's *nix or MSYS format). In case (3), returns the w32 file name +# or path in func_cygpath_result (input file name or path is assumed to be in +# Cygwin format). Returns an empty string on error. +# +# ARGS are passed to cygpath, with the last one being the file name or path to +# be converted. +# +# Specify the absolute *nix (or w32) name to cygpath in the LT_CYGPATH +# environment variable; do not put it in $PATH. +func_cygpath () +{ + $opt_debug + if test -n "$LT_CYGPATH" && test -f "$LT_CYGPATH"; then + func_cygpath_result=`$LT_CYGPATH "$@" 2>/dev/null` + if test "$?" -ne 0; then + # on failure, ensure result is empty + func_cygpath_result= + fi + else + func_cygpath_result= + func_error "LT_CYGPATH is empty or specifies non-existent file: \`$LT_CYGPATH'" + fi +} +#end: func_cygpath + + +# func_convert_core_msys_to_w32 ARG +# Convert file name or path ARG from MSYS format to w32 format. Return +# result in func_convert_core_msys_to_w32_result. +func_convert_core_msys_to_w32 () +{ + $opt_debug + # awkward: cmd appends spaces to result + func_convert_core_msys_to_w32_result=`( cmd //c echo "$1" ) 2>/dev/null | + $SED -e 's/[ ]*$//' -e "$lt_sed_naive_backslashify"` +} +#end: func_convert_core_msys_to_w32 + + +# func_convert_file_check ARG1 ARG2 +# Verify that ARG1 (a file name in $build format) was converted to $host +# format in ARG2. Otherwise, emit an error message, but continue (resetting +# func_to_host_file_result to ARG1). +func_convert_file_check () +{ + $opt_debug + if test -z "$2" && test -n "$1" ; then + func_error "Could not determine host file name corresponding to" + func_error " \`$1'" + func_error "Continuing, but uninstalled executables may not work." + # Fallback: + func_to_host_file_result="$1" + fi +} +# end func_convert_file_check + + +# func_convert_path_check FROM_PATHSEP TO_PATHSEP FROM_PATH TO_PATH +# Verify that FROM_PATH (a path in $build format) was converted to $host +# format in TO_PATH. Otherwise, emit an error message, but continue, resetting +# func_to_host_file_result to a simplistic fallback value (see below). +func_convert_path_check () +{ + $opt_debug + if test -z "$4" && test -n "$3"; then + func_error "Could not determine the host path corresponding to" + func_error " \`$3'" + func_error "Continuing, but uninstalled executables may not work." + # Fallback. This is a deliberately simplistic "conversion" and + # should not be "improved". See libtool.info. + if test "x$1" != "x$2"; then + lt_replace_pathsep_chars="s|$1|$2|g" + func_to_host_path_result=`echo "$3" | + $SED -e "$lt_replace_pathsep_chars"` + else + func_to_host_path_result="$3" + fi + fi +} +# end func_convert_path_check + + +# func_convert_path_front_back_pathsep FRONTPAT BACKPAT REPL ORIG +# Modifies func_to_host_path_result by prepending REPL if ORIG matches FRONTPAT +# and appending REPL if ORIG matches BACKPAT. +func_convert_path_front_back_pathsep () +{ + $opt_debug + case $4 in + $1 ) func_to_host_path_result="$3$func_to_host_path_result" + ;; + esac + case $4 in + $2 ) func_append func_to_host_path_result "$3" + ;; + esac +} +# end func_convert_path_front_back_pathsep + + +################################################## +# $build to $host FILE NAME CONVERSION FUNCTIONS # +################################################## +# invoked via `$to_host_file_cmd ARG' +# +# In each case, ARG is the path to be converted from $build to $host format. +# Result will be available in $func_to_host_file_result. + + +# func_to_host_file ARG +# Converts the file name ARG from $build format to $host format. Return result +# in func_to_host_file_result. +func_to_host_file () +{ + $opt_debug + $to_host_file_cmd "$1" +} +# end func_to_host_file + + +# func_to_tool_file ARG LAZY +# converts the file name ARG from $build format to toolchain format. Return +# result in func_to_tool_file_result. If the conversion in use is listed +# in (the comma separated) LAZY, no conversion takes place. +func_to_tool_file () +{ + $opt_debug + case ,$2, in + *,"$to_tool_file_cmd",*) + func_to_tool_file_result=$1 + ;; + *) + $to_tool_file_cmd "$1" + func_to_tool_file_result=$func_to_host_file_result + ;; + esac +} +# end func_to_tool_file + + +# func_convert_file_noop ARG +# Copy ARG to func_to_host_file_result. +func_convert_file_noop () +{ + func_to_host_file_result="$1" +} +# end func_convert_file_noop + + +# func_convert_file_msys_to_w32 ARG +# Convert file name ARG from (mingw) MSYS to (mingw) w32 format; automatic +# conversion to w32 is not available inside the cwrapper. Returns result in +# func_to_host_file_result. +func_convert_file_msys_to_w32 () +{ + $opt_debug + func_to_host_file_result="$1" + if test -n "$1"; then + func_convert_core_msys_to_w32 "$1" + func_to_host_file_result="$func_convert_core_msys_to_w32_result" + fi + func_convert_file_check "$1" "$func_to_host_file_result" +} +# end func_convert_file_msys_to_w32 + + +# func_convert_file_cygwin_to_w32 ARG +# Convert file name ARG from Cygwin to w32 format. Returns result in +# func_to_host_file_result. +func_convert_file_cygwin_to_w32 () +{ + $opt_debug + func_to_host_file_result="$1" + if test -n "$1"; then + # because $build is cygwin, we call "the" cygpath in $PATH; no need to use + # LT_CYGPATH in this case. + func_to_host_file_result=`cygpath -m "$1"` + fi + func_convert_file_check "$1" "$func_to_host_file_result" +} +# end func_convert_file_cygwin_to_w32 + + +# func_convert_file_nix_to_w32 ARG +# Convert file name ARG from *nix to w32 format. Requires a wine environment +# and a working winepath. Returns result in func_to_host_file_result. +func_convert_file_nix_to_w32 () +{ + $opt_debug + func_to_host_file_result="$1" + if test -n "$1"; then + func_convert_core_file_wine_to_w32 "$1" + func_to_host_file_result="$func_convert_core_file_wine_to_w32_result" + fi + func_convert_file_check "$1" "$func_to_host_file_result" +} +# end func_convert_file_nix_to_w32 + + +# func_convert_file_msys_to_cygwin ARG +# Convert file name ARG from MSYS to Cygwin format. Requires LT_CYGPATH set. +# Returns result in func_to_host_file_result. +func_convert_file_msys_to_cygwin () +{ + $opt_debug + func_to_host_file_result="$1" + if test -n "$1"; then + func_convert_core_msys_to_w32 "$1" + func_cygpath -u "$func_convert_core_msys_to_w32_result" + func_to_host_file_result="$func_cygpath_result" + fi + func_convert_file_check "$1" "$func_to_host_file_result" +} +# end func_convert_file_msys_to_cygwin + + +# func_convert_file_nix_to_cygwin ARG +# Convert file name ARG from *nix to Cygwin format. Requires Cygwin installed +# in a wine environment, working winepath, and LT_CYGPATH set. Returns result +# in func_to_host_file_result. +func_convert_file_nix_to_cygwin () +{ + $opt_debug + func_to_host_file_result="$1" + if test -n "$1"; then + # convert from *nix to w32, then use cygpath to convert from w32 to cygwin. + func_convert_core_file_wine_to_w32 "$1" + func_cygpath -u "$func_convert_core_file_wine_to_w32_result" + func_to_host_file_result="$func_cygpath_result" + fi + func_convert_file_check "$1" "$func_to_host_file_result" +} +# end func_convert_file_nix_to_cygwin + + +############################################# +# $build to $host PATH CONVERSION FUNCTIONS # +############################################# +# invoked via `$to_host_path_cmd ARG' +# +# In each case, ARG is the path to be converted from $build to $host format. +# The result will be available in $func_to_host_path_result. +# +# Path separators are also converted from $build format to $host format. If +# ARG begins or ends with a path separator character, it is preserved (but +# converted to $host format) on output. +# +# All path conversion functions are named using the following convention: +# file name conversion function : func_convert_file_X_to_Y () +# path conversion function : func_convert_path_X_to_Y () +# where, for any given $build/$host combination the 'X_to_Y' value is the +# same. If conversion functions are added for new $build/$host combinations, +# the two new functions must follow this pattern, or func_init_to_host_path_cmd +# will break. + + +# func_init_to_host_path_cmd +# Ensures that function "pointer" variable $to_host_path_cmd is set to the +# appropriate value, based on the value of $to_host_file_cmd. +to_host_path_cmd= +func_init_to_host_path_cmd () +{ + $opt_debug + if test -z "$to_host_path_cmd"; then + func_stripname 'func_convert_file_' '' "$to_host_file_cmd" + to_host_path_cmd="func_convert_path_${func_stripname_result}" + fi +} + + +# func_to_host_path ARG +# Converts the path ARG from $build format to $host format. Return result +# in func_to_host_path_result. +func_to_host_path () +{ + $opt_debug + func_init_to_host_path_cmd + $to_host_path_cmd "$1" +} +# end func_to_host_path + + +# func_convert_path_noop ARG +# Copy ARG to func_to_host_path_result. +func_convert_path_noop () +{ + func_to_host_path_result="$1" +} +# end func_convert_path_noop + + +# func_convert_path_msys_to_w32 ARG +# Convert path ARG from (mingw) MSYS to (mingw) w32 format; automatic +# conversion to w32 is not available inside the cwrapper. Returns result in +# func_to_host_path_result. +func_convert_path_msys_to_w32 () +{ + $opt_debug + func_to_host_path_result="$1" + if test -n "$1"; then + # Remove leading and trailing path separator characters from ARG. MSYS + # behavior is inconsistent here; cygpath turns them into '.;' and ';.'; + # and winepath ignores them completely. + func_stripname : : "$1" + func_to_host_path_tmp1=$func_stripname_result + func_convert_core_msys_to_w32 "$func_to_host_path_tmp1" + func_to_host_path_result="$func_convert_core_msys_to_w32_result" + func_convert_path_check : ";" \ + "$func_to_host_path_tmp1" "$func_to_host_path_result" + func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" + fi +} +# end func_convert_path_msys_to_w32 + + +# func_convert_path_cygwin_to_w32 ARG +# Convert path ARG from Cygwin to w32 format. Returns result in +# func_to_host_file_result. +func_convert_path_cygwin_to_w32 () +{ + $opt_debug + func_to_host_path_result="$1" + if test -n "$1"; then + # See func_convert_path_msys_to_w32: + func_stripname : : "$1" + func_to_host_path_tmp1=$func_stripname_result + func_to_host_path_result=`cygpath -m -p "$func_to_host_path_tmp1"` + func_convert_path_check : ";" \ + "$func_to_host_path_tmp1" "$func_to_host_path_result" + func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" + fi +} +# end func_convert_path_cygwin_to_w32 + + +# func_convert_path_nix_to_w32 ARG +# Convert path ARG from *nix to w32 format. Requires a wine environment and +# a working winepath. Returns result in func_to_host_file_result. +func_convert_path_nix_to_w32 () +{ + $opt_debug + func_to_host_path_result="$1" + if test -n "$1"; then + # See func_convert_path_msys_to_w32: + func_stripname : : "$1" + func_to_host_path_tmp1=$func_stripname_result + func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1" + func_to_host_path_result="$func_convert_core_path_wine_to_w32_result" + func_convert_path_check : ";" \ + "$func_to_host_path_tmp1" "$func_to_host_path_result" + func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" + fi +} +# end func_convert_path_nix_to_w32 + + +# func_convert_path_msys_to_cygwin ARG +# Convert path ARG from MSYS to Cygwin format. Requires LT_CYGPATH set. +# Returns result in func_to_host_file_result. +func_convert_path_msys_to_cygwin () +{ + $opt_debug + func_to_host_path_result="$1" + if test -n "$1"; then + # See func_convert_path_msys_to_w32: + func_stripname : : "$1" + func_to_host_path_tmp1=$func_stripname_result + func_convert_core_msys_to_w32 "$func_to_host_path_tmp1" + func_cygpath -u -p "$func_convert_core_msys_to_w32_result" + func_to_host_path_result="$func_cygpath_result" + func_convert_path_check : : \ + "$func_to_host_path_tmp1" "$func_to_host_path_result" + func_convert_path_front_back_pathsep ":*" "*:" : "$1" + fi +} +# end func_convert_path_msys_to_cygwin + + +# func_convert_path_nix_to_cygwin ARG +# Convert path ARG from *nix to Cygwin format. Requires Cygwin installed in a +# a wine environment, working winepath, and LT_CYGPATH set. Returns result in +# func_to_host_file_result. +func_convert_path_nix_to_cygwin () +{ + $opt_debug + func_to_host_path_result="$1" + if test -n "$1"; then + # Remove leading and trailing path separator characters from + # ARG. msys behavior is inconsistent here, cygpath turns them + # into '.;' and ';.', and winepath ignores them completely. + func_stripname : : "$1" + func_to_host_path_tmp1=$func_stripname_result + func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1" + func_cygpath -u -p "$func_convert_core_path_wine_to_w32_result" + func_to_host_path_result="$func_cygpath_result" + func_convert_path_check : : \ + "$func_to_host_path_tmp1" "$func_to_host_path_result" + func_convert_path_front_back_pathsep ":*" "*:" : "$1" + fi +} +# end func_convert_path_nix_to_cygwin + + +# func_mode_compile arg... +func_mode_compile () +{ + $opt_debug + # Get the compilation command and the source file. + base_compile= + srcfile="$nonopt" # always keep a non-empty value in "srcfile" + suppress_opt=yes + suppress_output= + arg_mode=normal + libobj= + later= + pie_flag= + + for arg + do + case $arg_mode in + arg ) + # do not "continue". Instead, add this to base_compile + lastarg="$arg" + arg_mode=normal + ;; + + target ) + libobj="$arg" + arg_mode=normal + continue + ;; + + normal ) + # Accept any command-line options. + case $arg in + -o) + test -n "$libobj" && \ + func_fatal_error "you cannot specify \`-o' more than once" + arg_mode=target + continue + ;; + + -pie | -fpie | -fPIE) + func_append pie_flag " $arg" + continue + ;; + + -shared | -static | -prefer-pic | -prefer-non-pic) + func_append later " $arg" + continue + ;; + + -no-suppress) + suppress_opt=no + continue + ;; + + -Xcompiler) + arg_mode=arg # the next one goes into the "base_compile" arg list + continue # The current "srcfile" will either be retained or + ;; # replaced later. I would guess that would be a bug. + + -Wc,*) + func_stripname '-Wc,' '' "$arg" + args=$func_stripname_result + lastarg= + save_ifs="$IFS"; IFS=',' + for arg in $args; do + IFS="$save_ifs" + func_append_quoted lastarg "$arg" + done + IFS="$save_ifs" + func_stripname ' ' '' "$lastarg" + lastarg=$func_stripname_result + + # Add the arguments to base_compile. + func_append base_compile " $lastarg" + continue + ;; + + *) + # Accept the current argument as the source file. + # The previous "srcfile" becomes the current argument. + # + lastarg="$srcfile" + srcfile="$arg" + ;; + esac # case $arg + ;; + esac # case $arg_mode + + # Aesthetically quote the previous argument. + func_append_quoted base_compile "$lastarg" + done # for arg + + case $arg_mode in + arg) + func_fatal_error "you must specify an argument for -Xcompile" + ;; + target) + func_fatal_error "you must specify a target with \`-o'" + ;; + *) + # Get the name of the library object. + test -z "$libobj" && { + func_basename "$srcfile" + libobj="$func_basename_result" + } + ;; + esac + + # Recognize several different file suffixes. + # If the user specifies -o file.o, it is replaced with file.lo + case $libobj in + *.[cCFSifmso] | \ + *.ada | *.adb | *.ads | *.asm | \ + *.c++ | *.cc | *.ii | *.class | *.cpp | *.cxx | \ + *.[fF][09]? | *.for | *.java | *.obj | *.sx | *.cu | *.cup) + func_xform "$libobj" + libobj=$func_xform_result + ;; + esac + + case $libobj in + *.lo) func_lo2o "$libobj"; obj=$func_lo2o_result ;; + *) + func_fatal_error "cannot determine name of library object from \`$libobj'" + ;; + esac + + func_infer_tag $base_compile + + for arg in $later; do + case $arg in + -shared) + test "$build_libtool_libs" != yes && \ + func_fatal_configuration "can not build a shared library" + build_old_libs=no + continue + ;; + + -static) + build_libtool_libs=no + build_old_libs=yes + continue + ;; + + -prefer-pic) + pic_mode=yes + continue + ;; + + -prefer-non-pic) + pic_mode=no + continue + ;; + esac + done + + func_quote_for_eval "$libobj" + test "X$libobj" != "X$func_quote_for_eval_result" \ + && $ECHO "X$libobj" | $GREP '[]~#^*{};<>?"'"'"' &()|`$[]' \ + && func_warning "libobj name \`$libobj' may not contain shell special characters." + func_dirname_and_basename "$obj" "/" "" + objname="$func_basename_result" + xdir="$func_dirname_result" + lobj=${xdir}$objdir/$objname + + test -z "$base_compile" && \ + func_fatal_help "you must specify a compilation command" + + # Delete any leftover library objects. + if test "$build_old_libs" = yes; then + removelist="$obj $lobj $libobj ${libobj}T" + else + removelist="$lobj $libobj ${libobj}T" + fi + + # On Cygwin there's no "real" PIC flag so we must build both object types + case $host_os in + cygwin* | mingw* | pw32* | os2* | cegcc*) + pic_mode=default + ;; + esac + if test "$pic_mode" = no && test "$deplibs_check_method" != pass_all; then + # non-PIC code in shared libraries is not supported + pic_mode=default + fi + + # Calculate the filename of the output object if compiler does + # not support -o with -c + if test "$compiler_c_o" = no; then + output_obj=`$ECHO "$srcfile" | $SED 's%^.*/%%; s%\.[^.]*$%%'`.${objext} + lockfile="$output_obj.lock" + else + output_obj= + need_locks=no + lockfile= + fi + + # Lock this critical section if it is needed + # We use this script file to make the link, it avoids creating a new file + if test "$need_locks" = yes; then + until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do + func_echo "Waiting for $lockfile to be removed" + sleep 2 + done + elif test "$need_locks" = warn; then + if test -f "$lockfile"; then + $ECHO "\ +*** ERROR, $lockfile exists and contains: +`cat $lockfile 2>/dev/null` + +This indicates that another process is trying to use the same +temporary object file, and libtool could not work around it because +your compiler does not support \`-c' and \`-o' together. If you +repeat this compilation, it may succeed, by chance, but you had better +avoid parallel builds (make -j) in this platform, or get a better +compiler." + + $opt_dry_run || $RM $removelist + exit $EXIT_FAILURE + fi + func_append removelist " $output_obj" + $ECHO "$srcfile" > "$lockfile" + fi + + $opt_dry_run || $RM $removelist + func_append removelist " $lockfile" + trap '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' 1 2 15 + + func_to_tool_file "$srcfile" func_convert_file_msys_to_w32 + srcfile=$func_to_tool_file_result + func_quote_for_eval "$srcfile" + qsrcfile=$func_quote_for_eval_result + + # Only build a PIC object if we are building libtool libraries. + if test "$build_libtool_libs" = yes; then + # Without this assignment, base_compile gets emptied. + fbsd_hideous_sh_bug=$base_compile + + if test "$pic_mode" != no; then + command="$base_compile $qsrcfile $pic_flag" + else + # Don't build PIC code + command="$base_compile $qsrcfile" + fi + + func_mkdir_p "$xdir$objdir" + + if test -z "$output_obj"; then + # Place PIC objects in $objdir + func_append command " -o $lobj" + fi + + func_show_eval_locale "$command" \ + 'test -n "$output_obj" && $RM $removelist; exit $EXIT_FAILURE' + + if test "$need_locks" = warn && + test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then + $ECHO "\ +*** ERROR, $lockfile contains: +`cat $lockfile 2>/dev/null` + +but it should contain: +$srcfile + +This indicates that another process is trying to use the same +temporary object file, and libtool could not work around it because +your compiler does not support \`-c' and \`-o' together. If you +repeat this compilation, it may succeed, by chance, but you had better +avoid parallel builds (make -j) in this platform, or get a better +compiler." + + $opt_dry_run || $RM $removelist + exit $EXIT_FAILURE + fi + + # Just move the object if needed, then go on to compile the next one + if test -n "$output_obj" && test "X$output_obj" != "X$lobj"; then + func_show_eval '$MV "$output_obj" "$lobj"' \ + 'error=$?; $opt_dry_run || $RM $removelist; exit $error' + fi + + # Allow error messages only from the first compilation. + if test "$suppress_opt" = yes; then + suppress_output=' >/dev/null 2>&1' + fi + fi + + # Only build a position-dependent object if we build old libraries. + if test "$build_old_libs" = yes; then + if test "$pic_mode" != yes; then + # Don't build PIC code + command="$base_compile $qsrcfile$pie_flag" + else + command="$base_compile $qsrcfile $pic_flag" + fi + if test "$compiler_c_o" = yes; then + func_append command " -o $obj" + fi + + # Suppress compiler output if we already did a PIC compilation. + func_append command "$suppress_output" + func_show_eval_locale "$command" \ + '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' + + if test "$need_locks" = warn && + test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then + $ECHO "\ +*** ERROR, $lockfile contains: +`cat $lockfile 2>/dev/null` + +but it should contain: +$srcfile + +This indicates that another process is trying to use the same +temporary object file, and libtool could not work around it because +your compiler does not support \`-c' and \`-o' together. If you +repeat this compilation, it may succeed, by chance, but you had better +avoid parallel builds (make -j) in this platform, or get a better +compiler." + + $opt_dry_run || $RM $removelist + exit $EXIT_FAILURE + fi + + # Just move the object if needed + if test -n "$output_obj" && test "X$output_obj" != "X$obj"; then + func_show_eval '$MV "$output_obj" "$obj"' \ + 'error=$?; $opt_dry_run || $RM $removelist; exit $error' + fi + fi + + $opt_dry_run || { + func_write_libtool_object "$libobj" "$objdir/$objname" "$objname" + + # Unlock the critical section if it was locked + if test "$need_locks" != no; then + removelist=$lockfile + $RM "$lockfile" + fi + } + + exit $EXIT_SUCCESS +} + +$opt_help || { + test "$opt_mode" = compile && func_mode_compile ${1+"$@"} +} + +func_mode_help () +{ + # We need to display help for each of the modes. + case $opt_mode in + "") + # Generic help is extracted from the usage comments + # at the start of this file. + func_help + ;; + + clean) + $ECHO \ +"Usage: $progname [OPTION]... --mode=clean RM [RM-OPTION]... FILE... + +Remove files from the build directory. + +RM is the name of the program to use to delete files associated with each FILE +(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed +to RM. + +If FILE is a libtool library, object or program, all the files associated +with it are deleted. Otherwise, only FILE itself is deleted using RM." + ;; + + compile) + $ECHO \ +"Usage: $progname [OPTION]... --mode=compile COMPILE-COMMAND... SOURCEFILE + +Compile a source file into a libtool library object. + +This mode accepts the following additional options: + + -o OUTPUT-FILE set the output file name to OUTPUT-FILE + -no-suppress do not suppress compiler output for multiple passes + -prefer-pic try to build PIC objects only + -prefer-non-pic try to build non-PIC objects only + -shared do not build a \`.o' file suitable for static linking + -static only build a \`.o' file suitable for static linking + -Wc,FLAG pass FLAG directly to the compiler + +COMPILE-COMMAND is a command to be used in creating a \`standard' object file +from the given SOURCEFILE. + +The output file name is determined by removing the directory component from +SOURCEFILE, then substituting the C source code suffix \`.c' with the +library object suffix, \`.lo'." + ;; + + execute) + $ECHO \ +"Usage: $progname [OPTION]... --mode=execute COMMAND [ARGS]... + +Automatically set library path, then run a program. + +This mode accepts the following additional options: + + -dlopen FILE add the directory containing FILE to the library path + +This mode sets the library path environment variable according to \`-dlopen' +flags. + +If any of the ARGS are libtool executable wrappers, then they are translated +into their corresponding uninstalled binary, and any of their required library +directories are added to the library path. + +Then, COMMAND is executed, with ARGS as arguments." + ;; + + finish) + $ECHO \ +"Usage: $progname [OPTION]... --mode=finish [LIBDIR]... + +Complete the installation of libtool libraries. + +Each LIBDIR is a directory that contains libtool libraries. + +The commands that this mode executes may require superuser privileges. Use +the \`--dry-run' option if you just want to see what would be executed." + ;; + + install) + $ECHO \ +"Usage: $progname [OPTION]... --mode=install INSTALL-COMMAND... + +Install executables or libraries. + +INSTALL-COMMAND is the installation command. The first component should be +either the \`install' or \`cp' program. + +The following components of INSTALL-COMMAND are treated specially: + + -inst-prefix-dir PREFIX-DIR Use PREFIX-DIR as a staging area for installation + +The rest of the components are interpreted as arguments to that command (only +BSD-compatible install options are recognized)." + ;; + + link) + $ECHO \ +"Usage: $progname [OPTION]... --mode=link LINK-COMMAND... + +Link object files or libraries together to form another library, or to +create an executable program. + +LINK-COMMAND is a command using the C compiler that you would use to create +a program from several object files. + +The following components of LINK-COMMAND are treated specially: + + -all-static do not do any dynamic linking at all + -avoid-version do not add a version suffix if possible + -bindir BINDIR specify path to binaries directory (for systems where + libraries must be found in the PATH setting at runtime) + -dlopen FILE \`-dlpreopen' FILE if it cannot be dlopened at runtime + -dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols + -export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3) + -export-symbols SYMFILE + try to export only the symbols listed in SYMFILE + -export-symbols-regex REGEX + try to export only the symbols matching REGEX + -LLIBDIR search LIBDIR for required installed libraries + -lNAME OUTPUT-FILE requires the installed library libNAME + -module build a library that can dlopened + -no-fast-install disable the fast-install mode + -no-install link a not-installable executable + -no-undefined declare that a library does not refer to external symbols + -o OUTPUT-FILE create OUTPUT-FILE from the specified objects + -objectlist FILE Use a list of object files found in FILE to specify objects + -precious-files-regex REGEX + don't remove output files matching REGEX + -release RELEASE specify package release information + -rpath LIBDIR the created library will eventually be installed in LIBDIR + -R[ ]LIBDIR add LIBDIR to the runtime path of programs and libraries + -shared only do dynamic linking of libtool libraries + -shrext SUFFIX override the standard shared library file extension + -static do not do any dynamic linking of uninstalled libtool libraries + -static-libtool-libs + do not do any dynamic linking of libtool libraries + -version-info CURRENT[:REVISION[:AGE]] + specify library version info [each variable defaults to 0] + -weak LIBNAME declare that the target provides the LIBNAME interface + -Wc,FLAG + -Xcompiler FLAG pass linker-specific FLAG directly to the compiler + -Wl,FLAG + -Xlinker FLAG pass linker-specific FLAG directly to the linker + -XCClinker FLAG pass link-specific FLAG to the compiler driver (CC) + +All other options (arguments beginning with \`-') are ignored. + +Every other argument is treated as a filename. Files ending in \`.la' are +treated as uninstalled libtool libraries, other files are standard or library +object files. + +If the OUTPUT-FILE ends in \`.la', then a libtool library is created, +only library objects (\`.lo' files) may be specified, and \`-rpath' is +required, except when creating a convenience library. + +If OUTPUT-FILE ends in \`.a' or \`.lib', then a standard library is created +using \`ar' and \`ranlib', or on Windows using \`lib'. + +If OUTPUT-FILE ends in \`.lo' or \`.${objext}', then a reloadable object file +is created, otherwise an executable program is created." + ;; + + uninstall) + $ECHO \ +"Usage: $progname [OPTION]... --mode=uninstall RM [RM-OPTION]... FILE... + +Remove libraries from an installation directory. + +RM is the name of the program to use to delete files associated with each FILE +(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed +to RM. + +If FILE is a libtool library, all the files associated with it are deleted. +Otherwise, only FILE itself is deleted using RM." + ;; + + *) + func_fatal_help "invalid operation mode \`$opt_mode'" + ;; + esac + + echo + $ECHO "Try \`$progname --help' for more information about other modes." +} + +# Now that we've collected a possible --mode arg, show help if necessary +if $opt_help; then + if test "$opt_help" = :; then + func_mode_help + else + { + func_help noexit + for opt_mode in compile link execute install finish uninstall clean; do + func_mode_help + done + } | sed -n '1p; 2,$s/^Usage:/ or: /p' + { + func_help noexit + for opt_mode in compile link execute install finish uninstall clean; do + echo + func_mode_help + done + } | + sed '1d + /^When reporting/,/^Report/{ + H + d + } + $x + /information about other modes/d + /more detailed .*MODE/d + s/^Usage:.*--mode=\([^ ]*\) .*/Description of \1 mode:/' + fi + exit $? +fi + + +# func_mode_execute arg... +func_mode_execute () +{ + $opt_debug + # The first argument is the command name. + cmd="$nonopt" + test -z "$cmd" && \ + func_fatal_help "you must specify a COMMAND" + + # Handle -dlopen flags immediately. + for file in $opt_dlopen; do + test -f "$file" \ + || func_fatal_help "\`$file' is not a file" + + dir= + case $file in + *.la) + func_resolve_sysroot "$file" + file=$func_resolve_sysroot_result + + # Check to see that this really is a libtool archive. + func_lalib_unsafe_p "$file" \ + || func_fatal_help "\`$lib' is not a valid libtool archive" + + # Read the libtool library. + dlname= + library_names= + func_source "$file" + + # Skip this library if it cannot be dlopened. + if test -z "$dlname"; then + # Warn if it was a shared library. + test -n "$library_names" && \ + func_warning "\`$file' was not linked with \`-export-dynamic'" + continue + fi + + func_dirname "$file" "" "." + dir="$func_dirname_result" + + if test -f "$dir/$objdir/$dlname"; then + func_append dir "/$objdir" + else + if test ! -f "$dir/$dlname"; then + func_fatal_error "cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'" + fi + fi + ;; + + *.lo) + # Just add the directory containing the .lo file. + func_dirname "$file" "" "." + dir="$func_dirname_result" + ;; + + *) + func_warning "\`-dlopen' is ignored for non-libtool libraries and objects" + continue + ;; + esac + + # Get the absolute pathname. + absdir=`cd "$dir" && pwd` + test -n "$absdir" && dir="$absdir" + + # Now add the directory to shlibpath_var. + if eval "test -z \"\$$shlibpath_var\""; then + eval "$shlibpath_var=\"\$dir\"" + else + eval "$shlibpath_var=\"\$dir:\$$shlibpath_var\"" + fi + done + + # This variable tells wrapper scripts just to set shlibpath_var + # rather than running their programs. + libtool_execute_magic="$magic" + + # Check if any of the arguments is a wrapper script. + args= + for file + do + case $file in + -* | *.la | *.lo ) ;; + *) + # Do a test to see if this is really a libtool program. + if func_ltwrapper_script_p "$file"; then + func_source "$file" + # Transform arg to wrapped name. + file="$progdir/$program" + elif func_ltwrapper_executable_p "$file"; then + func_ltwrapper_scriptname "$file" + func_source "$func_ltwrapper_scriptname_result" + # Transform arg to wrapped name. + file="$progdir/$program" + fi + ;; + esac + # Quote arguments (to preserve shell metacharacters). + func_append_quoted args "$file" + done + + if test "X$opt_dry_run" = Xfalse; then + if test -n "$shlibpath_var"; then + # Export the shlibpath_var. + eval "export $shlibpath_var" + fi + + # Restore saved environment variables + for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES + do + eval "if test \"\${save_$lt_var+set}\" = set; then + $lt_var=\$save_$lt_var; export $lt_var + else + $lt_unset $lt_var + fi" + done + + # Now prepare to actually exec the command. + exec_cmd="\$cmd$args" + else + # Display what would be done. + if test -n "$shlibpath_var"; then + eval "\$ECHO \"\$shlibpath_var=\$$shlibpath_var\"" + echo "export $shlibpath_var" + fi + $ECHO "$cmd$args" + exit $EXIT_SUCCESS + fi +} + +test "$opt_mode" = execute && func_mode_execute ${1+"$@"} + + +# func_mode_finish arg... +func_mode_finish () +{ + $opt_debug + libs= + libdirs= + admincmds= + + for opt in "$nonopt" ${1+"$@"} + do + if test -d "$opt"; then + func_append libdirs " $opt" + + elif test -f "$opt"; then + if func_lalib_unsafe_p "$opt"; then + func_append libs " $opt" + else + func_warning "\`$opt' is not a valid libtool archive" + fi + + else + func_fatal_error "invalid argument \`$opt'" + fi + done + + if test -n "$libs"; then + if test -n "$lt_sysroot"; then + sysroot_regex=`$ECHO "$lt_sysroot" | $SED "$sed_make_literal_regex"` + sysroot_cmd="s/\([ ']\)$sysroot_regex/\1/g;" + else + sysroot_cmd= + fi + + # Remove sysroot references + if $opt_dry_run; then + for lib in $libs; do + echo "removing references to $lt_sysroot and \`=' prefixes from $lib" + done + else + tmpdir=`func_mktempdir` + for lib in $libs; do + sed -e "${sysroot_cmd} s/\([ ']-[LR]\)=/\1/g; s/\([ ']\)=/\1/g" $lib \ + > $tmpdir/tmp-la + mv -f $tmpdir/tmp-la $lib + done + ${RM}r "$tmpdir" + fi + fi + + if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then + for libdir in $libdirs; do + if test -n "$finish_cmds"; then + # Do each command in the finish commands. + func_execute_cmds "$finish_cmds" 'admincmds="$admincmds +'"$cmd"'"' + fi + if test -n "$finish_eval"; then + # Do the single finish_eval. + eval cmds=\"$finish_eval\" + $opt_dry_run || eval "$cmds" || func_append admincmds " + $cmds" + fi + done + fi + + # Exit here if they wanted silent mode. + $opt_silent && exit $EXIT_SUCCESS + + if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then + echo "----------------------------------------------------------------------" + echo "Libraries have been installed in:" + for libdir in $libdirs; do + $ECHO " $libdir" + done + echo + echo "If you ever happen to want to link against installed libraries" + echo "in a given directory, LIBDIR, you must either use libtool, and" + echo "specify the full pathname of the library, or use the \`-LLIBDIR'" + echo "flag during linking and do at least one of the following:" + if test -n "$shlibpath_var"; then + echo " - add LIBDIR to the \`$shlibpath_var' environment variable" + echo " during execution" + fi + if test -n "$runpath_var"; then + echo " - add LIBDIR to the \`$runpath_var' environment variable" + echo " during linking" + fi + if test -n "$hardcode_libdir_flag_spec"; then + libdir=LIBDIR + eval flag=\"$hardcode_libdir_flag_spec\" + + $ECHO " - use the \`$flag' linker flag" + fi + if test -n "$admincmds"; then + $ECHO " - have your system administrator run these commands:$admincmds" + fi + if test -f /etc/ld.so.conf; then + echo " - have your system administrator add LIBDIR to \`/etc/ld.so.conf'" + fi + echo + + echo "See any operating system documentation about shared libraries for" + case $host in + solaris2.[6789]|solaris2.1[0-9]) + echo "more information, such as the ld(1), crle(1) and ld.so(8) manual" + echo "pages." + ;; + *) + echo "more information, such as the ld(1) and ld.so(8) manual pages." + ;; + esac + echo "----------------------------------------------------------------------" + fi + exit $EXIT_SUCCESS +} + +test "$opt_mode" = finish && func_mode_finish ${1+"$@"} + + +# func_mode_install arg... +func_mode_install () +{ + $opt_debug + # There may be an optional sh(1) argument at the beginning of + # install_prog (especially on Windows NT). + if test "$nonopt" = "$SHELL" || test "$nonopt" = /bin/sh || + # Allow the use of GNU shtool's install command. + case $nonopt in *shtool*) :;; *) false;; esac; then + # Aesthetically quote it. + func_quote_for_eval "$nonopt" + install_prog="$func_quote_for_eval_result " + arg=$1 + shift + else + install_prog= + arg=$nonopt + fi + + # The real first argument should be the name of the installation program. + # Aesthetically quote it. + func_quote_for_eval "$arg" + func_append install_prog "$func_quote_for_eval_result" + install_shared_prog=$install_prog + case " $install_prog " in + *[\\\ /]cp\ *) install_cp=: ;; + *) install_cp=false ;; + esac + + # We need to accept at least all the BSD install flags. + dest= + files= + opts= + prev= + install_type= + isdir=no + stripme= + no_mode=: + for arg + do + arg2= + if test -n "$dest"; then + func_append files " $dest" + dest=$arg + continue + fi + + case $arg in + -d) isdir=yes ;; + -f) + if $install_cp; then :; else + prev=$arg + fi + ;; + -g | -m | -o) + prev=$arg + ;; + -s) + stripme=" -s" + continue + ;; + -*) + ;; + *) + # If the previous option needed an argument, then skip it. + if test -n "$prev"; then + if test "x$prev" = x-m && test -n "$install_override_mode"; then + arg2=$install_override_mode + no_mode=false + fi + prev= + else + dest=$arg + continue + fi + ;; + esac + + # Aesthetically quote the argument. + func_quote_for_eval "$arg" + func_append install_prog " $func_quote_for_eval_result" + if test -n "$arg2"; then + func_quote_for_eval "$arg2" + fi + func_append install_shared_prog " $func_quote_for_eval_result" + done + + test -z "$install_prog" && \ + func_fatal_help "you must specify an install program" + + test -n "$prev" && \ + func_fatal_help "the \`$prev' option requires an argument" + + if test -n "$install_override_mode" && $no_mode; then + if $install_cp; then :; else + func_quote_for_eval "$install_override_mode" + func_append install_shared_prog " -m $func_quote_for_eval_result" + fi + fi + + if test -z "$files"; then + if test -z "$dest"; then + func_fatal_help "no file or destination specified" + else + func_fatal_help "you must specify a destination" + fi + fi + + # Strip any trailing slash from the destination. + func_stripname '' '/' "$dest" + dest=$func_stripname_result + + # Check to see that the destination is a directory. + test -d "$dest" && isdir=yes + if test "$isdir" = yes; then + destdir="$dest" + destname= + else + func_dirname_and_basename "$dest" "" "." + destdir="$func_dirname_result" + destname="$func_basename_result" + + # Not a directory, so check to see that there is only one file specified. + set dummy $files; shift + test "$#" -gt 1 && \ + func_fatal_help "\`$dest' is not a directory" + fi + case $destdir in + [\\/]* | [A-Za-z]:[\\/]*) ;; + *) + for file in $files; do + case $file in + *.lo) ;; + *) + func_fatal_help "\`$destdir' must be an absolute directory name" + ;; + esac + done + ;; + esac + + # This variable tells wrapper scripts just to set variables rather + # than running their programs. + libtool_install_magic="$magic" + + staticlibs= + future_libdirs= + current_libdirs= + for file in $files; do + + # Do each installation. + case $file in + *.$libext) + # Do the static libraries later. + func_append staticlibs " $file" + ;; + + *.la) + func_resolve_sysroot "$file" + file=$func_resolve_sysroot_result + + # Check to see that this really is a libtool archive. + func_lalib_unsafe_p "$file" \ + || func_fatal_help "\`$file' is not a valid libtool archive" + + library_names= + old_library= + relink_command= + func_source "$file" + + # Add the libdir to current_libdirs if it is the destination. + if test "X$destdir" = "X$libdir"; then + case "$current_libdirs " in + *" $libdir "*) ;; + *) func_append current_libdirs " $libdir" ;; + esac + else + # Note the libdir as a future libdir. + case "$future_libdirs " in + *" $libdir "*) ;; + *) func_append future_libdirs " $libdir" ;; + esac + fi + + func_dirname "$file" "/" "" + dir="$func_dirname_result" + func_append dir "$objdir" + + if test -n "$relink_command"; then + # Determine the prefix the user has applied to our future dir. + inst_prefix_dir=`$ECHO "$destdir" | $SED -e "s%$libdir\$%%"` + + # Don't allow the user to place us outside of our expected + # location b/c this prevents finding dependent libraries that + # are installed to the same prefix. + # At present, this check doesn't affect windows .dll's that + # are installed into $libdir/../bin (currently, that works fine) + # but it's something to keep an eye on. + test "$inst_prefix_dir" = "$destdir" && \ + func_fatal_error "error: cannot install \`$file' to a directory not ending in $libdir" + + if test -n "$inst_prefix_dir"; then + # Stick the inst_prefix_dir data into the link command. + relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"` + else + relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%%"` + fi + + func_warning "relinking \`$file'" + func_show_eval "$relink_command" \ + 'func_fatal_error "error: relink \`$file'\'' with the above command before installing it"' + fi + + # See the names of the shared library. + set dummy $library_names; shift + if test -n "$1"; then + realname="$1" + shift + + srcname="$realname" + test -n "$relink_command" && srcname="$realname"T + + # Install the shared library and build the symlinks. + func_show_eval "$install_shared_prog $dir/$srcname $destdir/$realname" \ + 'exit $?' + tstripme="$stripme" + case $host_os in + cygwin* | mingw* | pw32* | cegcc*) + case $realname in + *.dll.a) + tstripme="" + ;; + esac + ;; + esac + if test -n "$tstripme" && test -n "$striplib"; then + func_show_eval "$striplib $destdir/$realname" 'exit $?' + fi + + if test "$#" -gt 0; then + # Delete the old symlinks, and create new ones. + # Try `ln -sf' first, because the `ln' binary might depend on + # the symlink we replace! Solaris /bin/ln does not understand -f, + # so we also need to try rm && ln -s. + for linkname + do + test "$linkname" != "$realname" \ + && func_show_eval "(cd $destdir && { $LN_S -f $realname $linkname || { $RM $linkname && $LN_S $realname $linkname; }; })" + done + fi + + # Do each command in the postinstall commands. + lib="$destdir/$realname" + func_execute_cmds "$postinstall_cmds" 'exit $?' + fi + + # Install the pseudo-library for information purposes. + func_basename "$file" + name="$func_basename_result" + instname="$dir/$name"i + func_show_eval "$install_prog $instname $destdir/$name" 'exit $?' + + # Maybe install the static library, too. + test -n "$old_library" && func_append staticlibs " $dir/$old_library" + ;; + + *.lo) + # Install (i.e. copy) a libtool object. + + # Figure out destination file name, if it wasn't already specified. + if test -n "$destname"; then + destfile="$destdir/$destname" + else + func_basename "$file" + destfile="$func_basename_result" + destfile="$destdir/$destfile" + fi + + # Deduce the name of the destination old-style object file. + case $destfile in + *.lo) + func_lo2o "$destfile" + staticdest=$func_lo2o_result + ;; + *.$objext) + staticdest="$destfile" + destfile= + ;; + *) + func_fatal_help "cannot copy a libtool object to \`$destfile'" + ;; + esac + + # Install the libtool object if requested. + test -n "$destfile" && \ + func_show_eval "$install_prog $file $destfile" 'exit $?' + + # Install the old object if enabled. + if test "$build_old_libs" = yes; then + # Deduce the name of the old-style object file. + func_lo2o "$file" + staticobj=$func_lo2o_result + func_show_eval "$install_prog \$staticobj \$staticdest" 'exit $?' + fi + exit $EXIT_SUCCESS + ;; + + *) + # Figure out destination file name, if it wasn't already specified. + if test -n "$destname"; then + destfile="$destdir/$destname" + else + func_basename "$file" + destfile="$func_basename_result" + destfile="$destdir/$destfile" + fi + + # If the file is missing, and there is a .exe on the end, strip it + # because it is most likely a libtool script we actually want to + # install + stripped_ext="" + case $file in + *.exe) + if test ! -f "$file"; then + func_stripname '' '.exe' "$file" + file=$func_stripname_result + stripped_ext=".exe" + fi + ;; + esac + + # Do a test to see if this is really a libtool program. + case $host in + *cygwin* | *mingw*) + if func_ltwrapper_executable_p "$file"; then + func_ltwrapper_scriptname "$file" + wrapper=$func_ltwrapper_scriptname_result + else + func_stripname '' '.exe' "$file" + wrapper=$func_stripname_result + fi + ;; + *) + wrapper=$file + ;; + esac + if func_ltwrapper_script_p "$wrapper"; then + notinst_deplibs= + relink_command= + + func_source "$wrapper" + + # Check the variables that should have been set. + test -z "$generated_by_libtool_version" && \ + func_fatal_error "invalid libtool wrapper script \`$wrapper'" + + finalize=yes + for lib in $notinst_deplibs; do + # Check to see that each library is installed. + libdir= + if test -f "$lib"; then + func_source "$lib" + fi + libfile="$libdir/"`$ECHO "$lib" | $SED 's%^.*/%%g'` ### testsuite: skip nested quoting test + if test -n "$libdir" && test ! -f "$libfile"; then + func_warning "\`$lib' has not been installed in \`$libdir'" + finalize=no + fi + done + + relink_command= + func_source "$wrapper" + + outputname= + if test "$fast_install" = no && test -n "$relink_command"; then + $opt_dry_run || { + if test "$finalize" = yes; then + tmpdir=`func_mktempdir` + func_basename "$file$stripped_ext" + file="$func_basename_result" + outputname="$tmpdir/$file" + # Replace the output file specification. + relink_command=`$ECHO "$relink_command" | $SED 's%@OUTPUT@%'"$outputname"'%g'` + + $opt_silent || { + func_quote_for_expand "$relink_command" + eval "func_echo $func_quote_for_expand_result" + } + if eval "$relink_command"; then : + else + func_error "error: relink \`$file' with the above command before installing it" + $opt_dry_run || ${RM}r "$tmpdir" + continue + fi + file="$outputname" + else + func_warning "cannot relink \`$file'" + fi + } + else + # Install the binary that we compiled earlier. + file=`$ECHO "$file$stripped_ext" | $SED "s%\([^/]*\)$%$objdir/\1%"` + fi + fi + + # remove .exe since cygwin /usr/bin/install will append another + # one anyway + case $install_prog,$host in + */usr/bin/install*,*cygwin*) + case $file:$destfile in + *.exe:*.exe) + # this is ok + ;; + *.exe:*) + destfile=$destfile.exe + ;; + *:*.exe) + func_stripname '' '.exe' "$destfile" + destfile=$func_stripname_result + ;; + esac + ;; + esac + func_show_eval "$install_prog\$stripme \$file \$destfile" 'exit $?' + $opt_dry_run || if test -n "$outputname"; then + ${RM}r "$tmpdir" + fi + ;; + esac + done + + for file in $staticlibs; do + func_basename "$file" + name="$func_basename_result" + + # Set up the ranlib parameters. + oldlib="$destdir/$name" + + func_show_eval "$install_prog \$file \$oldlib" 'exit $?' + + if test -n "$stripme" && test -n "$old_striplib"; then + func_show_eval "$old_striplib $oldlib" 'exit $?' + fi + + # Do each command in the postinstall commands. + func_execute_cmds "$old_postinstall_cmds" 'exit $?' + done + + test -n "$future_libdirs" && \ + func_warning "remember to run \`$progname --finish$future_libdirs'" + + if test -n "$current_libdirs"; then + # Maybe just do a dry run. + $opt_dry_run && current_libdirs=" -n$current_libdirs" + exec_cmd='$SHELL $progpath $preserve_args --finish$current_libdirs' + else + exit $EXIT_SUCCESS + fi +} + +test "$opt_mode" = install && func_mode_install ${1+"$@"} + + +# func_generate_dlsyms outputname originator pic_p +# Extract symbols from dlprefiles and create ${outputname}S.o with +# a dlpreopen symbol table. +func_generate_dlsyms () +{ + $opt_debug + my_outputname="$1" + my_originator="$2" + my_pic_p="${3-no}" + my_prefix=`$ECHO "$my_originator" | sed 's%[^a-zA-Z0-9]%_%g'` + my_dlsyms= + + if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then + if test -n "$NM" && test -n "$global_symbol_pipe"; then + my_dlsyms="${my_outputname}S.c" + else + func_error "not configured to extract global symbols from dlpreopened files" + fi + fi + + if test -n "$my_dlsyms"; then + case $my_dlsyms in + "") ;; + *.c) + # Discover the nlist of each of the dlfiles. + nlist="$output_objdir/${my_outputname}.nm" + + func_show_eval "$RM $nlist ${nlist}S ${nlist}T" + + # Parse the name list into a source file. + func_verbose "creating $output_objdir/$my_dlsyms" + + $opt_dry_run || $ECHO > "$output_objdir/$my_dlsyms" "\ +/* $my_dlsyms - symbol resolution table for \`$my_outputname' dlsym emulation. */ +/* Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION */ + +#ifdef __cplusplus +extern \"C\" { +#endif + +#if defined(__GNUC__) && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4)) || (__GNUC__ > 4)) +#pragma GCC diagnostic ignored \"-Wstrict-prototypes\" +#endif + +/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ +#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) +/* DATA imports from DLLs on WIN32 con't be const, because runtime + relocations are performed -- see ld's documentation on pseudo-relocs. */ +# define LT_DLSYM_CONST +#elif defined(__osf__) +/* This system does not cope well with relocations in const data. */ +# define LT_DLSYM_CONST +#else +# define LT_DLSYM_CONST const +#endif + +/* External symbol declarations for the compiler. */\ +" + + if test "$dlself" = yes; then + func_verbose "generating symbol list for \`$output'" + + $opt_dry_run || echo ': @PROGRAM@ ' > "$nlist" + + # Add our own program objects to the symbol list. + progfiles=`$ECHO "$objs$old_deplibs" | $SP2NL | $SED "$lo2o" | $NL2SP` + for progfile in $progfiles; do + func_to_tool_file "$progfile" func_convert_file_msys_to_w32 + func_verbose "extracting global C symbols from \`$func_to_tool_file_result'" + $opt_dry_run || eval "$NM $func_to_tool_file_result | $global_symbol_pipe >> '$nlist'" + done + + if test -n "$exclude_expsyms"; then + $opt_dry_run || { + eval '$EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T' + eval '$MV "$nlist"T "$nlist"' + } + fi + + if test -n "$export_symbols_regex"; then + $opt_dry_run || { + eval '$EGREP -e "$export_symbols_regex" "$nlist" > "$nlist"T' + eval '$MV "$nlist"T "$nlist"' + } + fi + + # Prepare the list of exported symbols + if test -z "$export_symbols"; then + export_symbols="$output_objdir/$outputname.exp" + $opt_dry_run || { + $RM $export_symbols + eval "${SED} -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"' + case $host in + *cygwin* | *mingw* | *cegcc* ) + eval "echo EXPORTS "'> "$output_objdir/$outputname.def"' + eval 'cat "$export_symbols" >> "$output_objdir/$outputname.def"' + ;; + esac + } + else + $opt_dry_run || { + eval "${SED} -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"' + eval '$GREP -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T' + eval '$MV "$nlist"T "$nlist"' + case $host in + *cygwin* | *mingw* | *cegcc* ) + eval "echo EXPORTS "'> "$output_objdir/$outputname.def"' + eval 'cat "$nlist" >> "$output_objdir/$outputname.def"' + ;; + esac + } + fi + fi + + for dlprefile in $dlprefiles; do + func_verbose "extracting global C symbols from \`$dlprefile'" + func_basename "$dlprefile" + name="$func_basename_result" + case $host in + *cygwin* | *mingw* | *cegcc* ) + # if an import library, we need to obtain dlname + if func_win32_import_lib_p "$dlprefile"; then + func_tr_sh "$dlprefile" + eval "curr_lafile=\$libfile_$func_tr_sh_result" + dlprefile_dlbasename="" + if test -n "$curr_lafile" && func_lalib_p "$curr_lafile"; then + # Use subshell, to avoid clobbering current variable values + dlprefile_dlname=`source "$curr_lafile" && echo "$dlname"` + if test -n "$dlprefile_dlname" ; then + func_basename "$dlprefile_dlname" + dlprefile_dlbasename="$func_basename_result" + else + # no lafile. user explicitly requested -dlpreopen . + $sharedlib_from_linklib_cmd "$dlprefile" + dlprefile_dlbasename=$sharedlib_from_linklib_result + fi + fi + $opt_dry_run || { + if test -n "$dlprefile_dlbasename" ; then + eval '$ECHO ": $dlprefile_dlbasename" >> "$nlist"' + else + func_warning "Could not compute DLL name from $name" + eval '$ECHO ": $name " >> "$nlist"' + fi + func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32 + eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe | + $SED -e '/I __imp/d' -e 's/I __nm_/D /;s/_nm__//' >> '$nlist'" + } + else # not an import lib + $opt_dry_run || { + eval '$ECHO ": $name " >> "$nlist"' + func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32 + eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'" + } + fi + ;; + *) + $opt_dry_run || { + eval '$ECHO ": $name " >> "$nlist"' + func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32 + eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'" + } + ;; + esac + done + + $opt_dry_run || { + # Make sure we have at least an empty file. + test -f "$nlist" || : > "$nlist" + + if test -n "$exclude_expsyms"; then + $EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T + $MV "$nlist"T "$nlist" + fi + + # Try sorting and uniquifying the output. + if $GREP -v "^: " < "$nlist" | + if sort -k 3 /dev/null 2>&1; then + sort -k 3 + else + sort +2 + fi | + uniq > "$nlist"S; then + : + else + $GREP -v "^: " < "$nlist" > "$nlist"S + fi + + if test -f "$nlist"S; then + eval "$global_symbol_to_cdecl"' < "$nlist"S >> "$output_objdir/$my_dlsyms"' + else + echo '/* NONE */' >> "$output_objdir/$my_dlsyms" + fi + + echo >> "$output_objdir/$my_dlsyms" "\ + +/* The mapping between symbol names and symbols. */ +typedef struct { + const char *name; + void *address; +} lt_dlsymlist; +extern LT_DLSYM_CONST lt_dlsymlist +lt_${my_prefix}_LTX_preloaded_symbols[]; +LT_DLSYM_CONST lt_dlsymlist +lt_${my_prefix}_LTX_preloaded_symbols[] = +{\ + { \"$my_originator\", (void *) 0 }," + + case $need_lib_prefix in + no) + eval "$global_symbol_to_c_name_address" < "$nlist" >> "$output_objdir/$my_dlsyms" + ;; + *) + eval "$global_symbol_to_c_name_address_lib_prefix" < "$nlist" >> "$output_objdir/$my_dlsyms" + ;; + esac + echo >> "$output_objdir/$my_dlsyms" "\ + {0, (void *) 0} +}; + +/* This works around a problem in FreeBSD linker */ +#ifdef FREEBSD_WORKAROUND +static const void *lt_preloaded_setup() { + return lt_${my_prefix}_LTX_preloaded_symbols; +} +#endif + +#ifdef __cplusplus +} +#endif\ +" + } # !$opt_dry_run + + pic_flag_for_symtable= + case "$compile_command " in + *" -static "*) ;; + *) + case $host in + # compiling the symbol table file with pic_flag works around + # a FreeBSD bug that causes programs to crash when -lm is + # linked before any other PIC object. But we must not use + # pic_flag when linking with -static. The problem exists in + # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1. + *-*-freebsd2*|*-*-freebsd3.0*|*-*-freebsdelf3.0*) + pic_flag_for_symtable=" $pic_flag -DFREEBSD_WORKAROUND" ;; + *-*-hpux*) + pic_flag_for_symtable=" $pic_flag" ;; + *) + if test "X$my_pic_p" != Xno; then + pic_flag_for_symtable=" $pic_flag" + fi + ;; + esac + ;; + esac + symtab_cflags= + for arg in $LTCFLAGS; do + case $arg in + -pie | -fpie | -fPIE) ;; + *) func_append symtab_cflags " $arg" ;; + esac + done + + # Now compile the dynamic symbol file. + func_show_eval '(cd $output_objdir && $LTCC$symtab_cflags -c$no_builtin_flag$pic_flag_for_symtable "$my_dlsyms")' 'exit $?' + + # Clean up the generated files. + func_show_eval '$RM "$output_objdir/$my_dlsyms" "$nlist" "${nlist}S" "${nlist}T"' + + # Transform the symbol file into the correct name. + symfileobj="$output_objdir/${my_outputname}S.$objext" + case $host in + *cygwin* | *mingw* | *cegcc* ) + if test -f "$output_objdir/$my_outputname.def"; then + compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"` + finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"` + else + compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"` + finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"` + fi + ;; + *) + compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"` + finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"` + ;; + esac + ;; + *) + func_fatal_error "unknown suffix for \`$my_dlsyms'" + ;; + esac + else + # We keep going just in case the user didn't refer to + # lt_preloaded_symbols. The linker will fail if global_symbol_pipe + # really was required. + + # Nullify the symbol file. + compile_command=`$ECHO "$compile_command" | $SED "s% @SYMFILE@%%"` + finalize_command=`$ECHO "$finalize_command" | $SED "s% @SYMFILE@%%"` + fi +} + +# func_win32_libid arg +# return the library type of file 'arg' +# +# Need a lot of goo to handle *both* DLLs and import libs +# Has to be a shell function in order to 'eat' the argument +# that is supplied when $file_magic_command is called. +# Despite the name, also deal with 64 bit binaries. +func_win32_libid () +{ + $opt_debug + win32_libid_type="unknown" + win32_fileres=`file -L $1 2>/dev/null` + case $win32_fileres in + *ar\ archive\ import\ library*) # definitely import + win32_libid_type="x86 archive import" + ;; + *ar\ archive*) # could be an import, or static + # Keep the egrep pattern in sync with the one in _LT_CHECK_MAGIC_METHOD. + if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null | + $EGREP 'file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' >/dev/null; then + func_to_tool_file "$1" func_convert_file_msys_to_w32 + win32_nmres=`eval $NM -f posix -A \"$func_to_tool_file_result\" | + $SED -n -e ' + 1,100{ + / I /{ + s,.*,import, + p + q + } + }'` + case $win32_nmres in + import*) win32_libid_type="x86 archive import";; + *) win32_libid_type="x86 archive static";; + esac + fi + ;; + *DLL*) + win32_libid_type="x86 DLL" + ;; + *executable*) # but shell scripts are "executable" too... + case $win32_fileres in + *MS\ Windows\ PE\ Intel*) + win32_libid_type="x86 DLL" + ;; + esac + ;; + esac + $ECHO "$win32_libid_type" +} + +# func_cygming_dll_for_implib ARG +# +# Platform-specific function to extract the +# name of the DLL associated with the specified +# import library ARG. +# Invoked by eval'ing the libtool variable +# $sharedlib_from_linklib_cmd +# Result is available in the variable +# $sharedlib_from_linklib_result +func_cygming_dll_for_implib () +{ + $opt_debug + sharedlib_from_linklib_result=`$DLLTOOL --identify-strict --identify "$1"` +} + +# func_cygming_dll_for_implib_fallback_core SECTION_NAME LIBNAMEs +# +# The is the core of a fallback implementation of a +# platform-specific function to extract the name of the +# DLL associated with the specified import library LIBNAME. +# +# SECTION_NAME is either .idata$6 or .idata$7, depending +# on the platform and compiler that created the implib. +# +# Echos the name of the DLL associated with the +# specified import library. +func_cygming_dll_for_implib_fallback_core () +{ + $opt_debug + match_literal=`$ECHO "$1" | $SED "$sed_make_literal_regex"` + $OBJDUMP -s --section "$1" "$2" 2>/dev/null | + $SED '/^Contents of section '"$match_literal"':/{ + # Place marker at beginning of archive member dllname section + s/.*/====MARK====/ + p + d + } + # These lines can sometimes be longer than 43 characters, but + # are always uninteresting + /:[ ]*file format pe[i]\{,1\}-/d + /^In archive [^:]*:/d + # Ensure marker is printed + /^====MARK====/p + # Remove all lines with less than 43 characters + /^.\{43\}/!d + # From remaining lines, remove first 43 characters + s/^.\{43\}//' | + $SED -n ' + # Join marker and all lines until next marker into a single line + /^====MARK====/ b para + H + $ b para + b + :para + x + s/\n//g + # Remove the marker + s/^====MARK====// + # Remove trailing dots and whitespace + s/[\. \t]*$// + # Print + /./p' | + # we now have a list, one entry per line, of the stringified + # contents of the appropriate section of all members of the + # archive which possess that section. Heuristic: eliminate + # all those which have a first or second character that is + # a '.' (that is, objdump's representation of an unprintable + # character.) This should work for all archives with less than + # 0x302f exports -- but will fail for DLLs whose name actually + # begins with a literal '.' or a single character followed by + # a '.'. + # + # Of those that remain, print the first one. + $SED -e '/^\./d;/^.\./d;q' +} + +# func_cygming_gnu_implib_p ARG +# This predicate returns with zero status (TRUE) if +# ARG is a GNU/binutils-style import library. Returns +# with nonzero status (FALSE) otherwise. +func_cygming_gnu_implib_p () +{ + $opt_debug + func_to_tool_file "$1" func_convert_file_msys_to_w32 + func_cygming_gnu_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $EGREP ' (_head_[A-Za-z0-9_]+_[ad]l*|[A-Za-z0-9_]+_[ad]l*_iname)$'` + test -n "$func_cygming_gnu_implib_tmp" +} + +# func_cygming_ms_implib_p ARG +# This predicate returns with zero status (TRUE) if +# ARG is an MS-style import library. Returns +# with nonzero status (FALSE) otherwise. +func_cygming_ms_implib_p () +{ + $opt_debug + func_to_tool_file "$1" func_convert_file_msys_to_w32 + func_cygming_ms_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $GREP '_NULL_IMPORT_DESCRIPTOR'` + test -n "$func_cygming_ms_implib_tmp" +} + +# func_cygming_dll_for_implib_fallback ARG +# Platform-specific function to extract the +# name of the DLL associated with the specified +# import library ARG. +# +# This fallback implementation is for use when $DLLTOOL +# does not support the --identify-strict option. +# Invoked by eval'ing the libtool variable +# $sharedlib_from_linklib_cmd +# Result is available in the variable +# $sharedlib_from_linklib_result +func_cygming_dll_for_implib_fallback () +{ + $opt_debug + if func_cygming_gnu_implib_p "$1" ; then + # binutils import library + sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$7' "$1"` + elif func_cygming_ms_implib_p "$1" ; then + # ms-generated import library + sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$6' "$1"` + else + # unknown + sharedlib_from_linklib_result="" + fi +} + + +# func_extract_an_archive dir oldlib +func_extract_an_archive () +{ + $opt_debug + f_ex_an_ar_dir="$1"; shift + f_ex_an_ar_oldlib="$1" + if test "$lock_old_archive_extraction" = yes; then + lockfile=$f_ex_an_ar_oldlib.lock + until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do + func_echo "Waiting for $lockfile to be removed" + sleep 2 + done + fi + func_show_eval "(cd \$f_ex_an_ar_dir && $AR x \"\$f_ex_an_ar_oldlib\")" \ + 'stat=$?; rm -f "$lockfile"; exit $stat' + if test "$lock_old_archive_extraction" = yes; then + $opt_dry_run || rm -f "$lockfile" + fi + if ($AR t "$f_ex_an_ar_oldlib" | sort | sort -uc >/dev/null 2>&1); then + : + else + func_fatal_error "object name conflicts in archive: $f_ex_an_ar_dir/$f_ex_an_ar_oldlib" + fi +} + + +# func_extract_archives gentop oldlib ... +func_extract_archives () +{ + $opt_debug + my_gentop="$1"; shift + my_oldlibs=${1+"$@"} + my_oldobjs="" + my_xlib="" + my_xabs="" + my_xdir="" + + for my_xlib in $my_oldlibs; do + # Extract the objects. + case $my_xlib in + [\\/]* | [A-Za-z]:[\\/]*) my_xabs="$my_xlib" ;; + *) my_xabs=`pwd`"/$my_xlib" ;; + esac + func_basename "$my_xlib" + my_xlib="$func_basename_result" + my_xlib_u=$my_xlib + while :; do + case " $extracted_archives " in + *" $my_xlib_u "*) + func_arith $extracted_serial + 1 + extracted_serial=$func_arith_result + my_xlib_u=lt$extracted_serial-$my_xlib ;; + *) break ;; + esac + done + extracted_archives="$extracted_archives $my_xlib_u" + my_xdir="$my_gentop/$my_xlib_u" + + func_mkdir_p "$my_xdir" + + case $host in + *-darwin*) + func_verbose "Extracting $my_xabs" + # Do not bother doing anything if just a dry run + $opt_dry_run || { + darwin_orig_dir=`pwd` + cd $my_xdir || exit $? + darwin_archive=$my_xabs + darwin_curdir=`pwd` + darwin_base_archive=`basename "$darwin_archive"` + darwin_arches=`$LIPO -info "$darwin_archive" 2>/dev/null | $GREP Architectures 2>/dev/null || true` + if test -n "$darwin_arches"; then + darwin_arches=`$ECHO "$darwin_arches" | $SED -e 's/.*are://'` + darwin_arch= + func_verbose "$darwin_base_archive has multiple architectures $darwin_arches" + for darwin_arch in $darwin_arches ; do + func_mkdir_p "unfat-$$/${darwin_base_archive}-${darwin_arch}" + $LIPO -thin $darwin_arch -output "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" "${darwin_archive}" + cd "unfat-$$/${darwin_base_archive}-${darwin_arch}" + func_extract_an_archive "`pwd`" "${darwin_base_archive}" + cd "$darwin_curdir" + $RM "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" + done # $darwin_arches + ## Okay now we've a bunch of thin objects, gotta fatten them up :) + darwin_filelist=`find unfat-$$ -type f -name \*.o -print -o -name \*.lo -print | $SED -e "$basename" | sort -u` + darwin_file= + darwin_files= + for darwin_file in $darwin_filelist; do + darwin_files=`find unfat-$$ -name $darwin_file -print | sort | $NL2SP` + $LIPO -create -output "$darwin_file" $darwin_files + done # $darwin_filelist + $RM -rf unfat-$$ + cd "$darwin_orig_dir" + else + cd $darwin_orig_dir + func_extract_an_archive "$my_xdir" "$my_xabs" + fi # $darwin_arches + } # !$opt_dry_run + ;; + *) + func_extract_an_archive "$my_xdir" "$my_xabs" + ;; + esac + my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | sort | $NL2SP` + done + + func_extract_archives_result="$my_oldobjs" +} + + +# func_emit_wrapper [arg=no] +# +# Emit a libtool wrapper script on stdout. +# Don't directly open a file because we may want to +# incorporate the script contents within a cygwin/mingw +# wrapper executable. Must ONLY be called from within +# func_mode_link because it depends on a number of variables +# set therein. +# +# ARG is the value that the WRAPPER_SCRIPT_BELONGS_IN_OBJDIR +# variable will take. If 'yes', then the emitted script +# will assume that the directory in which it is stored is +# the $objdir directory. This is a cygwin/mingw-specific +# behavior. +func_emit_wrapper () +{ + func_emit_wrapper_arg1=${1-no} + + $ECHO "\ +#! $SHELL + +# $output - temporary wrapper script for $objdir/$outputname +# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION +# +# The $output program cannot be directly executed until all the libtool +# libraries that it depends on are installed. +# +# This wrapper script should never be moved out of the build directory. +# If it is, it will not operate correctly. + +# Sed substitution that helps us do robust quoting. It backslashifies +# metacharacters that are still active within double-quoted strings. +sed_quote_subst='$sed_quote_subst' + +# Be Bourne compatible +if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then + emulate sh + NULLCMD=: + # Zsh 3.x and 4.x performs word splitting on \${1+\"\$@\"}, which + # is contrary to our usage. Disable this feature. + alias -g '\${1+\"\$@\"}'='\"\$@\"' + setopt NO_GLOB_SUBST +else + case \`(set -o) 2>/dev/null\` in *posix*) set -o posix;; esac +fi +BIN_SH=xpg4; export BIN_SH # for Tru64 +DUALCASE=1; export DUALCASE # for MKS sh + +# The HP-UX ksh and POSIX shell print the target directory to stdout +# if CDPATH is set. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +relink_command=\"$relink_command\" + +# This environment variable determines our operation mode. +if test \"\$libtool_install_magic\" = \"$magic\"; then + # install mode needs the following variables: + generated_by_libtool_version='$macro_version' + notinst_deplibs='$notinst_deplibs' +else + # When we are sourced in execute mode, \$file and \$ECHO are already set. + if test \"\$libtool_execute_magic\" != \"$magic\"; then + file=\"\$0\"" + + qECHO=`$ECHO "$ECHO" | $SED "$sed_quote_subst"` + $ECHO "\ + +# A function that is used when there is no print builtin or printf. +func_fallback_echo () +{ + eval 'cat <<_LTECHO_EOF +\$1 +_LTECHO_EOF' +} + ECHO=\"$qECHO\" + fi + +# Very basic option parsing. These options are (a) specific to +# the libtool wrapper, (b) are identical between the wrapper +# /script/ and the wrapper /executable/ which is used only on +# windows platforms, and (c) all begin with the string "--lt-" +# (application programs are unlikely to have options which match +# this pattern). +# +# There are only two supported options: --lt-debug and +# --lt-dump-script. There is, deliberately, no --lt-help. +# +# The first argument to this parsing function should be the +# script's $0 value, followed by "$@". +lt_option_debug= +func_parse_lt_options () +{ + lt_script_arg0=\$0 + shift + for lt_opt + do + case \"\$lt_opt\" in + --lt-debug) lt_option_debug=1 ;; + --lt-dump-script) + lt_dump_D=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%/[^/]*$%%'\` + test \"X\$lt_dump_D\" = \"X\$lt_script_arg0\" && lt_dump_D=. + lt_dump_F=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%^.*/%%'\` + cat \"\$lt_dump_D/\$lt_dump_F\" + exit 0 + ;; + --lt-*) + \$ECHO \"Unrecognized --lt- option: '\$lt_opt'\" 1>&2 + exit 1 + ;; + esac + done + + # Print the debug banner immediately: + if test -n \"\$lt_option_debug\"; then + echo \"${outputname}:${output}:\${LINENO}: libtool wrapper (GNU $PACKAGE$TIMESTAMP) $VERSION\" 1>&2 + fi +} + +# Used when --lt-debug. Prints its arguments to stdout +# (redirection is the responsibility of the caller) +func_lt_dump_args () +{ + lt_dump_args_N=1; + for lt_arg + do + \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[\$lt_dump_args_N]: \$lt_arg\" + lt_dump_args_N=\`expr \$lt_dump_args_N + 1\` + done +} + +# Core function for launching the target application +func_exec_program_core () +{ +" + case $host in + # Backslashes separate directories on plain windows + *-*-mingw | *-*-os2* | *-cegcc*) + $ECHO "\ + if test -n \"\$lt_option_debug\"; then + \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir\\\\\$program\" 1>&2 + func_lt_dump_args \${1+\"\$@\"} 1>&2 + fi + exec \"\$progdir\\\\\$program\" \${1+\"\$@\"} +" + ;; + + *) + $ECHO "\ + if test -n \"\$lt_option_debug\"; then + \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir/\$program\" 1>&2 + func_lt_dump_args \${1+\"\$@\"} 1>&2 + fi + exec \"\$progdir/\$program\" \${1+\"\$@\"} +" + ;; + esac + $ECHO "\ + \$ECHO \"\$0: cannot exec \$program \$*\" 1>&2 + exit 1 +} + +# A function to encapsulate launching the target application +# Strips options in the --lt-* namespace from \$@ and +# launches target application with the remaining arguments. +func_exec_program () +{ + for lt_wr_arg + do + case \$lt_wr_arg in + --lt-*) ;; + *) set x \"\$@\" \"\$lt_wr_arg\"; shift;; + esac + shift + done + func_exec_program_core \${1+\"\$@\"} +} + + # Parse options + func_parse_lt_options \"\$0\" \${1+\"\$@\"} + + # Find the directory that this script lives in. + thisdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*$%%'\` + test \"x\$thisdir\" = \"x\$file\" && thisdir=. + + # Follow symbolic links until we get to the real thisdir. + file=\`ls -ld \"\$file\" | $SED -n 's/.*-> //p'\` + while test -n \"\$file\"; do + destdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*\$%%'\` + + # If there was a directory component, then change thisdir. + if test \"x\$destdir\" != \"x\$file\"; then + case \"\$destdir\" in + [\\\\/]* | [A-Za-z]:[\\\\/]*) thisdir=\"\$destdir\" ;; + *) thisdir=\"\$thisdir/\$destdir\" ;; + esac + fi + + file=\`\$ECHO \"\$file\" | $SED 's%^.*/%%'\` + file=\`ls -ld \"\$thisdir/\$file\" | $SED -n 's/.*-> //p'\` + done + + # Usually 'no', except on cygwin/mingw when embedded into + # the cwrapper. + WRAPPER_SCRIPT_BELONGS_IN_OBJDIR=$func_emit_wrapper_arg1 + if test \"\$WRAPPER_SCRIPT_BELONGS_IN_OBJDIR\" = \"yes\"; then + # special case for '.' + if test \"\$thisdir\" = \".\"; then + thisdir=\`pwd\` + fi + # remove .libs from thisdir + case \"\$thisdir\" in + *[\\\\/]$objdir ) thisdir=\`\$ECHO \"\$thisdir\" | $SED 's%[\\\\/][^\\\\/]*$%%'\` ;; + $objdir ) thisdir=. ;; + esac + fi + + # Try to get the absolute directory name. + absdir=\`cd \"\$thisdir\" && pwd\` + test -n \"\$absdir\" && thisdir=\"\$absdir\" +" + + if test "$fast_install" = yes; then + $ECHO "\ + program=lt-'$outputname'$exeext + progdir=\"\$thisdir/$objdir\" + + if test ! -f \"\$progdir/\$program\" || + { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | ${SED} 1q\`; \\ + test \"X\$file\" != \"X\$progdir/\$program\"; }; then + + file=\"\$\$-\$program\" + + if test ! -d \"\$progdir\"; then + $MKDIR \"\$progdir\" + else + $RM \"\$progdir/\$file\" + fi" + + $ECHO "\ + + # relink executable if necessary + if test -n \"\$relink_command\"; then + if relink_command_output=\`eval \$relink_command 2>&1\`; then : + else + $ECHO \"\$relink_command_output\" >&2 + $RM \"\$progdir/\$file\" + exit 1 + fi + fi + + $MV \"\$progdir/\$file\" \"\$progdir/\$program\" 2>/dev/null || + { $RM \"\$progdir/\$program\"; + $MV \"\$progdir/\$file\" \"\$progdir/\$program\"; } + $RM \"\$progdir/\$file\" + fi" + else + $ECHO "\ + program='$outputname' + progdir=\"\$thisdir/$objdir\" +" + fi + + $ECHO "\ + + if test -f \"\$progdir/\$program\"; then" + + # fixup the dll searchpath if we need to. + # + # Fix the DLL searchpath if we need to. Do this before prepending + # to shlibpath, because on Windows, both are PATH and uninstalled + # libraries must come first. + if test -n "$dllsearchpath"; then + $ECHO "\ + # Add the dll search path components to the executable PATH + PATH=$dllsearchpath:\$PATH +" + fi + + # Export our shlibpath_var if we have one. + if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then + $ECHO "\ + # Add our own library path to $shlibpath_var + $shlibpath_var=\"$temp_rpath\$$shlibpath_var\" + + # Some systems cannot cope with colon-terminated $shlibpath_var + # The second colon is a workaround for a bug in BeOS R4 sed + $shlibpath_var=\`\$ECHO \"\$$shlibpath_var\" | $SED 's/::*\$//'\` + + export $shlibpath_var +" + fi + + $ECHO "\ + if test \"\$libtool_execute_magic\" != \"$magic\"; then + # Run the actual program with our arguments. + func_exec_program \${1+\"\$@\"} + fi + else + # The program doesn't exist. + \$ECHO \"\$0: error: \\\`\$progdir/\$program' does not exist\" 1>&2 + \$ECHO \"This script is just a wrapper for \$program.\" 1>&2 + \$ECHO \"See the $PACKAGE documentation for more information.\" 1>&2 + exit 1 + fi +fi\ +" +} + + +# func_emit_cwrapperexe_src +# emit the source code for a wrapper executable on stdout +# Must ONLY be called from within func_mode_link because +# it depends on a number of variable set therein. +func_emit_cwrapperexe_src () +{ + cat < +#include +#ifdef _MSC_VER +# include +# include +# include +#else +# include +# include +# ifdef __CYGWIN__ +# include +# endif +#endif +#include +#include +#include +#include +#include +#include +#include +#include + +/* declarations of non-ANSI functions */ +#if defined(__MINGW32__) +# ifdef __STRICT_ANSI__ +int _putenv (const char *); +# endif +#elif defined(__CYGWIN__) +# ifdef __STRICT_ANSI__ +char *realpath (const char *, char *); +int putenv (char *); +int setenv (const char *, const char *, int); +# endif +/* #elif defined (other platforms) ... */ +#endif + +/* portability defines, excluding path handling macros */ +#if defined(_MSC_VER) +# define setmode _setmode +# define stat _stat +# define chmod _chmod +# define getcwd _getcwd +# define putenv _putenv +# define S_IXUSR _S_IEXEC +# ifndef _INTPTR_T_DEFINED +# define _INTPTR_T_DEFINED +# define intptr_t int +# endif +#elif defined(__MINGW32__) +# define setmode _setmode +# define stat _stat +# define chmod _chmod +# define getcwd _getcwd +# define putenv _putenv +#elif defined(__CYGWIN__) +# define HAVE_SETENV +# define FOPEN_WB "wb" +/* #elif defined (other platforms) ... */ +#endif + +#if defined(PATH_MAX) +# define LT_PATHMAX PATH_MAX +#elif defined(MAXPATHLEN) +# define LT_PATHMAX MAXPATHLEN +#else +# define LT_PATHMAX 1024 +#endif + +#ifndef S_IXOTH +# define S_IXOTH 0 +#endif +#ifndef S_IXGRP +# define S_IXGRP 0 +#endif + +/* path handling portability macros */ +#ifndef DIR_SEPARATOR +# define DIR_SEPARATOR '/' +# define PATH_SEPARATOR ':' +#endif + +#if defined (_WIN32) || defined (__MSDOS__) || defined (__DJGPP__) || \ + defined (__OS2__) +# define HAVE_DOS_BASED_FILE_SYSTEM +# define FOPEN_WB "wb" +# ifndef DIR_SEPARATOR_2 +# define DIR_SEPARATOR_2 '\\' +# endif +# ifndef PATH_SEPARATOR_2 +# define PATH_SEPARATOR_2 ';' +# endif +#endif + +#ifndef DIR_SEPARATOR_2 +# define IS_DIR_SEPARATOR(ch) ((ch) == DIR_SEPARATOR) +#else /* DIR_SEPARATOR_2 */ +# define IS_DIR_SEPARATOR(ch) \ + (((ch) == DIR_SEPARATOR) || ((ch) == DIR_SEPARATOR_2)) +#endif /* DIR_SEPARATOR_2 */ + +#ifndef PATH_SEPARATOR_2 +# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR) +#else /* PATH_SEPARATOR_2 */ +# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR_2) +#endif /* PATH_SEPARATOR_2 */ + +#ifndef FOPEN_WB +# define FOPEN_WB "w" +#endif +#ifndef _O_BINARY +# define _O_BINARY 0 +#endif + +#define XMALLOC(type, num) ((type *) xmalloc ((num) * sizeof(type))) +#define XFREE(stale) do { \ + if (stale) { free ((void *) stale); stale = 0; } \ +} while (0) + +#if defined(LT_DEBUGWRAPPER) +static int lt_debug = 1; +#else +static int lt_debug = 0; +#endif + +const char *program_name = "libtool-wrapper"; /* in case xstrdup fails */ + +void *xmalloc (size_t num); +char *xstrdup (const char *string); +const char *base_name (const char *name); +char *find_executable (const char *wrapper); +char *chase_symlinks (const char *pathspec); +int make_executable (const char *path); +int check_executable (const char *path); +char *strendzap (char *str, const char *pat); +void lt_debugprintf (const char *file, int line, const char *fmt, ...); +void lt_fatal (const char *file, int line, const char *message, ...); +static const char *nonnull (const char *s); +static const char *nonempty (const char *s); +void lt_setenv (const char *name, const char *value); +char *lt_extend_str (const char *orig_value, const char *add, int to_end); +void lt_update_exe_path (const char *name, const char *value); +void lt_update_lib_path (const char *name, const char *value); +char **prepare_spawn (char **argv); +void lt_dump_script (FILE *f); +EOF + + cat <= 0) + && (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))) + return 1; + else + return 0; +} + +int +make_executable (const char *path) +{ + int rval = 0; + struct stat st; + + lt_debugprintf (__FILE__, __LINE__, "(make_executable): %s\n", + nonempty (path)); + if ((!path) || (!*path)) + return 0; + + if (stat (path, &st) >= 0) + { + rval = chmod (path, st.st_mode | S_IXOTH | S_IXGRP | S_IXUSR); + } + return rval; +} + +/* Searches for the full path of the wrapper. Returns + newly allocated full path name if found, NULL otherwise + Does not chase symlinks, even on platforms that support them. +*/ +char * +find_executable (const char *wrapper) +{ + int has_slash = 0; + const char *p; + const char *p_next; + /* static buffer for getcwd */ + char tmp[LT_PATHMAX + 1]; + int tmp_len; + char *concat_name; + + lt_debugprintf (__FILE__, __LINE__, "(find_executable): %s\n", + nonempty (wrapper)); + + if ((wrapper == NULL) || (*wrapper == '\0')) + return NULL; + + /* Absolute path? */ +#if defined (HAVE_DOS_BASED_FILE_SYSTEM) + if (isalpha ((unsigned char) wrapper[0]) && wrapper[1] == ':') + { + concat_name = xstrdup (wrapper); + if (check_executable (concat_name)) + return concat_name; + XFREE (concat_name); + } + else + { +#endif + if (IS_DIR_SEPARATOR (wrapper[0])) + { + concat_name = xstrdup (wrapper); + if (check_executable (concat_name)) + return concat_name; + XFREE (concat_name); + } +#if defined (HAVE_DOS_BASED_FILE_SYSTEM) + } +#endif + + for (p = wrapper; *p; p++) + if (*p == '/') + { + has_slash = 1; + break; + } + if (!has_slash) + { + /* no slashes; search PATH */ + const char *path = getenv ("PATH"); + if (path != NULL) + { + for (p = path; *p; p = p_next) + { + const char *q; + size_t p_len; + for (q = p; *q; q++) + if (IS_PATH_SEPARATOR (*q)) + break; + p_len = q - p; + p_next = (*q == '\0' ? q : q + 1); + if (p_len == 0) + { + /* empty path: current directory */ + if (getcwd (tmp, LT_PATHMAX) == NULL) + lt_fatal (__FILE__, __LINE__, "getcwd failed: %s", + nonnull (strerror (errno))); + tmp_len = strlen (tmp); + concat_name = + XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1); + memcpy (concat_name, tmp, tmp_len); + concat_name[tmp_len] = '/'; + strcpy (concat_name + tmp_len + 1, wrapper); + } + else + { + concat_name = + XMALLOC (char, p_len + 1 + strlen (wrapper) + 1); + memcpy (concat_name, p, p_len); + concat_name[p_len] = '/'; + strcpy (concat_name + p_len + 1, wrapper); + } + if (check_executable (concat_name)) + return concat_name; + XFREE (concat_name); + } + } + /* not found in PATH; assume curdir */ + } + /* Relative path | not found in path: prepend cwd */ + if (getcwd (tmp, LT_PATHMAX) == NULL) + lt_fatal (__FILE__, __LINE__, "getcwd failed: %s", + nonnull (strerror (errno))); + tmp_len = strlen (tmp); + concat_name = XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1); + memcpy (concat_name, tmp, tmp_len); + concat_name[tmp_len] = '/'; + strcpy (concat_name + tmp_len + 1, wrapper); + + if (check_executable (concat_name)) + return concat_name; + XFREE (concat_name); + return NULL; +} + +char * +chase_symlinks (const char *pathspec) +{ +#ifndef S_ISLNK + return xstrdup (pathspec); +#else + char buf[LT_PATHMAX]; + struct stat s; + char *tmp_pathspec = xstrdup (pathspec); + char *p; + int has_symlinks = 0; + while (strlen (tmp_pathspec) && !has_symlinks) + { + lt_debugprintf (__FILE__, __LINE__, + "checking path component for symlinks: %s\n", + tmp_pathspec); + if (lstat (tmp_pathspec, &s) == 0) + { + if (S_ISLNK (s.st_mode) != 0) + { + has_symlinks = 1; + break; + } + + /* search backwards for last DIR_SEPARATOR */ + p = tmp_pathspec + strlen (tmp_pathspec) - 1; + while ((p > tmp_pathspec) && (!IS_DIR_SEPARATOR (*p))) + p--; + if ((p == tmp_pathspec) && (!IS_DIR_SEPARATOR (*p))) + { + /* no more DIR_SEPARATORS left */ + break; + } + *p = '\0'; + } + else + { + lt_fatal (__FILE__, __LINE__, + "error accessing file \"%s\": %s", + tmp_pathspec, nonnull (strerror (errno))); + } + } + XFREE (tmp_pathspec); + + if (!has_symlinks) + { + return xstrdup (pathspec); + } + + tmp_pathspec = realpath (pathspec, buf); + if (tmp_pathspec == 0) + { + lt_fatal (__FILE__, __LINE__, + "could not follow symlinks for %s", pathspec); + } + return xstrdup (tmp_pathspec); +#endif +} + +char * +strendzap (char *str, const char *pat) +{ + size_t len, patlen; + + assert (str != NULL); + assert (pat != NULL); + + len = strlen (str); + patlen = strlen (pat); + + if (patlen <= len) + { + str += len - patlen; + if (strcmp (str, pat) == 0) + *str = '\0'; + } + return str; +} + +void +lt_debugprintf (const char *file, int line, const char *fmt, ...) +{ + va_list args; + if (lt_debug) + { + (void) fprintf (stderr, "%s:%s:%d: ", program_name, file, line); + va_start (args, fmt); + (void) vfprintf (stderr, fmt, args); + va_end (args); + } +} + +static void +lt_error_core (int exit_status, const char *file, + int line, const char *mode, + const char *message, va_list ap) +{ + fprintf (stderr, "%s:%s:%d: %s: ", program_name, file, line, mode); + vfprintf (stderr, message, ap); + fprintf (stderr, ".\n"); + + if (exit_status >= 0) + exit (exit_status); +} + +void +lt_fatal (const char *file, int line, const char *message, ...) +{ + va_list ap; + va_start (ap, message); + lt_error_core (EXIT_FAILURE, file, line, "FATAL", message, ap); + va_end (ap); +} + +static const char * +nonnull (const char *s) +{ + return s ? s : "(null)"; +} + +static const char * +nonempty (const char *s) +{ + return (s && !*s) ? "(empty)" : nonnull (s); +} + +void +lt_setenv (const char *name, const char *value) +{ + lt_debugprintf (__FILE__, __LINE__, + "(lt_setenv) setting '%s' to '%s'\n", + nonnull (name), nonnull (value)); + { +#ifdef HAVE_SETENV + /* always make a copy, for consistency with !HAVE_SETENV */ + char *str = xstrdup (value); + setenv (name, str, 1); +#else + int len = strlen (name) + 1 + strlen (value) + 1; + char *str = XMALLOC (char, len); + sprintf (str, "%s=%s", name, value); + if (putenv (str) != EXIT_SUCCESS) + { + XFREE (str); + } +#endif + } +} + +char * +lt_extend_str (const char *orig_value, const char *add, int to_end) +{ + char *new_value; + if (orig_value && *orig_value) + { + int orig_value_len = strlen (orig_value); + int add_len = strlen (add); + new_value = XMALLOC (char, add_len + orig_value_len + 1); + if (to_end) + { + strcpy (new_value, orig_value); + strcpy (new_value + orig_value_len, add); + } + else + { + strcpy (new_value, add); + strcpy (new_value + add_len, orig_value); + } + } + else + { + new_value = xstrdup (add); + } + return new_value; +} + +void +lt_update_exe_path (const char *name, const char *value) +{ + lt_debugprintf (__FILE__, __LINE__, + "(lt_update_exe_path) modifying '%s' by prepending '%s'\n", + nonnull (name), nonnull (value)); + + if (name && *name && value && *value) + { + char *new_value = lt_extend_str (getenv (name), value, 0); + /* some systems can't cope with a ':'-terminated path #' */ + int len = strlen (new_value); + while (((len = strlen (new_value)) > 0) && IS_PATH_SEPARATOR (new_value[len-1])) + { + new_value[len-1] = '\0'; + } + lt_setenv (name, new_value); + XFREE (new_value); + } +} + +void +lt_update_lib_path (const char *name, const char *value) +{ + lt_debugprintf (__FILE__, __LINE__, + "(lt_update_lib_path) modifying '%s' by prepending '%s'\n", + nonnull (name), nonnull (value)); + + if (name && *name && value && *value) + { + char *new_value = lt_extend_str (getenv (name), value, 0); + lt_setenv (name, new_value); + XFREE (new_value); + } +} + +EOF + case $host_os in + mingw*) + cat <<"EOF" + +/* Prepares an argument vector before calling spawn(). + Note that spawn() does not by itself call the command interpreter + (getenv ("COMSPEC") != NULL ? getenv ("COMSPEC") : + ({ OSVERSIONINFO v; v.dwOSVersionInfoSize = sizeof(OSVERSIONINFO); + GetVersionEx(&v); + v.dwPlatformId == VER_PLATFORM_WIN32_NT; + }) ? "cmd.exe" : "command.com"). + Instead it simply concatenates the arguments, separated by ' ', and calls + CreateProcess(). We must quote the arguments since Win32 CreateProcess() + interprets characters like ' ', '\t', '\\', '"' (but not '<' and '>') in a + special way: + - Space and tab are interpreted as delimiters. They are not treated as + delimiters if they are surrounded by double quotes: "...". + - Unescaped double quotes are removed from the input. Their only effect is + that within double quotes, space and tab are treated like normal + characters. + - Backslashes not followed by double quotes are not special. + - But 2*n+1 backslashes followed by a double quote become + n backslashes followed by a double quote (n >= 0): + \" -> " + \\\" -> \" + \\\\\" -> \\" + */ +#define SHELL_SPECIAL_CHARS "\"\\ \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037" +#define SHELL_SPACE_CHARS " \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037" +char ** +prepare_spawn (char **argv) +{ + size_t argc; + char **new_argv; + size_t i; + + /* Count number of arguments. */ + for (argc = 0; argv[argc] != NULL; argc++) + ; + + /* Allocate new argument vector. */ + new_argv = XMALLOC (char *, argc + 1); + + /* Put quoted arguments into the new argument vector. */ + for (i = 0; i < argc; i++) + { + const char *string = argv[i]; + + if (string[0] == '\0') + new_argv[i] = xstrdup ("\"\""); + else if (strpbrk (string, SHELL_SPECIAL_CHARS) != NULL) + { + int quote_around = (strpbrk (string, SHELL_SPACE_CHARS) != NULL); + size_t length; + unsigned int backslashes; + const char *s; + char *quoted_string; + char *p; + + length = 0; + backslashes = 0; + if (quote_around) + length++; + for (s = string; *s != '\0'; s++) + { + char c = *s; + if (c == '"') + length += backslashes + 1; + length++; + if (c == '\\') + backslashes++; + else + backslashes = 0; + } + if (quote_around) + length += backslashes + 1; + + quoted_string = XMALLOC (char, length + 1); + + p = quoted_string; + backslashes = 0; + if (quote_around) + *p++ = '"'; + for (s = string; *s != '\0'; s++) + { + char c = *s; + if (c == '"') + { + unsigned int j; + for (j = backslashes + 1; j > 0; j--) + *p++ = '\\'; + } + *p++ = c; + if (c == '\\') + backslashes++; + else + backslashes = 0; + } + if (quote_around) + { + unsigned int j; + for (j = backslashes; j > 0; j--) + *p++ = '\\'; + *p++ = '"'; + } + *p = '\0'; + + new_argv[i] = quoted_string; + } + else + new_argv[i] = (char *) string; + } + new_argv[argc] = NULL; + + return new_argv; +} +EOF + ;; + esac + + cat <<"EOF" +void lt_dump_script (FILE* f) +{ +EOF + func_emit_wrapper yes | + $SED -e 's/\([\\"]\)/\\\1/g' \ + -e 's/^/ fputs ("/' -e 's/$/\\n", f);/' + + cat <<"EOF" +} +EOF +} +# end: func_emit_cwrapperexe_src + +# func_win32_import_lib_p ARG +# True if ARG is an import lib, as indicated by $file_magic_cmd +func_win32_import_lib_p () +{ + $opt_debug + case `eval $file_magic_cmd \"\$1\" 2>/dev/null | $SED -e 10q` in + *import*) : ;; + *) false ;; + esac +} + +# func_mode_link arg... +func_mode_link () +{ + $opt_debug + case $host in + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) + # It is impossible to link a dll without this setting, and + # we shouldn't force the makefile maintainer to figure out + # which system we are compiling for in order to pass an extra + # flag for every libtool invocation. + # allow_undefined=no + + # FIXME: Unfortunately, there are problems with the above when trying + # to make a dll which has undefined symbols, in which case not + # even a static library is built. For now, we need to specify + # -no-undefined on the libtool link line when we can be certain + # that all symbols are satisfied, otherwise we get a static library. + allow_undefined=yes + ;; + *) + allow_undefined=yes + ;; + esac + libtool_args=$nonopt + base_compile="$nonopt $@" + compile_command=$nonopt + finalize_command=$nonopt + + compile_rpath= + finalize_rpath= + compile_shlibpath= + finalize_shlibpath= + convenience= + old_convenience= + deplibs= + old_deplibs= + compiler_flags= + linker_flags= + dllsearchpath= + lib_search_path=`pwd` + inst_prefix_dir= + new_inherited_linker_flags= + + avoid_version=no + bindir= + dlfiles= + dlprefiles= + dlself=no + export_dynamic=no + export_symbols= + export_symbols_regex= + generated= + libobjs= + ltlibs= + module=no + no_install=no + objs= + non_pic_objects= + precious_files_regex= + prefer_static_libs=no + preload=no + prev= + prevarg= + release= + rpath= + xrpath= + perm_rpath= + temp_rpath= + thread_safe=no + vinfo= + vinfo_number=no + weak_libs= + single_module="${wl}-single_module" + func_infer_tag $base_compile + + # We need to know -static, to get the right output filenames. + for arg + do + case $arg in + -shared) + test "$build_libtool_libs" != yes && \ + func_fatal_configuration "can not build a shared library" + build_old_libs=no + break + ;; + -all-static | -static | -static-libtool-libs) + case $arg in + -all-static) + if test "$build_libtool_libs" = yes && test -z "$link_static_flag"; then + func_warning "complete static linking is impossible in this configuration" + fi + if test -n "$link_static_flag"; then + dlopen_self=$dlopen_self_static + fi + prefer_static_libs=yes + ;; + -static) + if test -z "$pic_flag" && test -n "$link_static_flag"; then + dlopen_self=$dlopen_self_static + fi + prefer_static_libs=built + ;; + -static-libtool-libs) + if test -z "$pic_flag" && test -n "$link_static_flag"; then + dlopen_self=$dlopen_self_static + fi + prefer_static_libs=yes + ;; + esac + build_libtool_libs=no + build_old_libs=yes + break + ;; + esac + done + + # See if our shared archives depend on static archives. + test -n "$old_archive_from_new_cmds" && build_old_libs=yes + + # Go through the arguments, transforming them on the way. + while test "$#" -gt 0; do + arg="$1" + shift + func_quote_for_eval "$arg" + qarg=$func_quote_for_eval_unquoted_result + func_append libtool_args " $func_quote_for_eval_result" + + # If the previous option needs an argument, assign it. + if test -n "$prev"; then + case $prev in + output) + func_append compile_command " @OUTPUT@" + func_append finalize_command " @OUTPUT@" + ;; + esac + + case $prev in + bindir) + bindir="$arg" + prev= + continue + ;; + dlfiles|dlprefiles) + if test "$preload" = no; then + # Add the symbol object into the linking commands. + func_append compile_command " @SYMFILE@" + func_append finalize_command " @SYMFILE@" + preload=yes + fi + case $arg in + *.la | *.lo) ;; # We handle these cases below. + force) + if test "$dlself" = no; then + dlself=needless + export_dynamic=yes + fi + prev= + continue + ;; + self) + if test "$prev" = dlprefiles; then + dlself=yes + elif test "$prev" = dlfiles && test "$dlopen_self" != yes; then + dlself=yes + else + dlself=needless + export_dynamic=yes + fi + prev= + continue + ;; + *) + if test "$prev" = dlfiles; then + func_append dlfiles " $arg" + else + func_append dlprefiles " $arg" + fi + prev= + continue + ;; + esac + ;; + expsyms) + export_symbols="$arg" + test -f "$arg" \ + || func_fatal_error "symbol file \`$arg' does not exist" + prev= + continue + ;; + expsyms_regex) + export_symbols_regex="$arg" + prev= + continue + ;; + framework) + case $host in + *-*-darwin*) + case "$deplibs " in + *" $qarg.ltframework "*) ;; + *) func_append deplibs " $qarg.ltframework" # this is fixed later + ;; + esac + ;; + esac + prev= + continue + ;; + inst_prefix) + inst_prefix_dir="$arg" + prev= + continue + ;; + objectlist) + if test -f "$arg"; then + save_arg=$arg + moreargs= + for fil in `cat "$save_arg"` + do +# func_append moreargs " $fil" + arg=$fil + # A libtool-controlled object. + + # Check to see that this really is a libtool object. + if func_lalib_unsafe_p "$arg"; then + pic_object= + non_pic_object= + + # Read the .lo file + func_source "$arg" + + if test -z "$pic_object" || + test -z "$non_pic_object" || + test "$pic_object" = none && + test "$non_pic_object" = none; then + func_fatal_error "cannot find name of object for \`$arg'" + fi + + # Extract subdirectory from the argument. + func_dirname "$arg" "/" "" + xdir="$func_dirname_result" + + if test "$pic_object" != none; then + # Prepend the subdirectory the object is found in. + pic_object="$xdir$pic_object" + + if test "$prev" = dlfiles; then + if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then + func_append dlfiles " $pic_object" + prev= + continue + else + # If libtool objects are unsupported, then we need to preload. + prev=dlprefiles + fi + fi + + # CHECK ME: I think I busted this. -Ossama + if test "$prev" = dlprefiles; then + # Preload the old-style object. + func_append dlprefiles " $pic_object" + prev= + fi + + # A PIC object. + func_append libobjs " $pic_object" + arg="$pic_object" + fi + + # Non-PIC object. + if test "$non_pic_object" != none; then + # Prepend the subdirectory the object is found in. + non_pic_object="$xdir$non_pic_object" + + # A standard non-PIC object + func_append non_pic_objects " $non_pic_object" + if test -z "$pic_object" || test "$pic_object" = none ; then + arg="$non_pic_object" + fi + else + # If the PIC object exists, use it instead. + # $xdir was prepended to $pic_object above. + non_pic_object="$pic_object" + func_append non_pic_objects " $non_pic_object" + fi + else + # Only an error if not doing a dry-run. + if $opt_dry_run; then + # Extract subdirectory from the argument. + func_dirname "$arg" "/" "" + xdir="$func_dirname_result" + + func_lo2o "$arg" + pic_object=$xdir$objdir/$func_lo2o_result + non_pic_object=$xdir$func_lo2o_result + func_append libobjs " $pic_object" + func_append non_pic_objects " $non_pic_object" + else + func_fatal_error "\`$arg' is not a valid libtool object" + fi + fi + done + else + func_fatal_error "link input file \`$arg' does not exist" + fi + arg=$save_arg + prev= + continue + ;; + precious_regex) + precious_files_regex="$arg" + prev= + continue + ;; + release) + release="-$arg" + prev= + continue + ;; + rpath | xrpath) + # We need an absolute path. + case $arg in + [\\/]* | [A-Za-z]:[\\/]*) ;; + *) + func_fatal_error "only absolute run-paths are allowed" + ;; + esac + if test "$prev" = rpath; then + case "$rpath " in + *" $arg "*) ;; + *) func_append rpath " $arg" ;; + esac + else + case "$xrpath " in + *" $arg "*) ;; + *) func_append xrpath " $arg" ;; + esac + fi + prev= + continue + ;; + shrext) + shrext_cmds="$arg" + prev= + continue + ;; + weak) + func_append weak_libs " $arg" + prev= + continue + ;; + xcclinker) + func_append linker_flags " $qarg" + func_append compiler_flags " $qarg" + prev= + func_append compile_command " $qarg" + func_append finalize_command " $qarg" + continue + ;; + xcompiler) + func_append compiler_flags " $qarg" + prev= + func_append compile_command " $qarg" + func_append finalize_command " $qarg" + continue + ;; + xlinker) + func_append linker_flags " $qarg" + func_append compiler_flags " $wl$qarg" + prev= + func_append compile_command " $wl$qarg" + func_append finalize_command " $wl$qarg" + continue + ;; + *) + eval "$prev=\"\$arg\"" + prev= + continue + ;; + esac + fi # test -n "$prev" + + prevarg="$arg" + + case $arg in + -all-static) + if test -n "$link_static_flag"; then + # See comment for -static flag below, for more details. + func_append compile_command " $link_static_flag" + func_append finalize_command " $link_static_flag" + fi + continue + ;; + + -allow-undefined) + # FIXME: remove this flag sometime in the future. + func_fatal_error "\`-allow-undefined' must not be used because it is the default" + ;; + + -avoid-version) + avoid_version=yes + continue + ;; + + -bindir) + prev=bindir + continue + ;; + + -dlopen) + prev=dlfiles + continue + ;; + + -dlpreopen) + prev=dlprefiles + continue + ;; + + -export-dynamic) + export_dynamic=yes + continue + ;; + + -export-symbols | -export-symbols-regex) + if test -n "$export_symbols" || test -n "$export_symbols_regex"; then + func_fatal_error "more than one -exported-symbols argument is not allowed" + fi + if test "X$arg" = "X-export-symbols"; then + prev=expsyms + else + prev=expsyms_regex + fi + continue + ;; + + -framework) + prev=framework + continue + ;; + + -inst-prefix-dir) + prev=inst_prefix + continue + ;; + + # The native IRIX linker understands -LANG:*, -LIST:* and -LNO:* + # so, if we see these flags be careful not to treat them like -L + -L[A-Z][A-Z]*:*) + case $with_gcc/$host in + no/*-*-irix* | /*-*-irix*) + func_append compile_command " $arg" + func_append finalize_command " $arg" + ;; + esac + continue + ;; + + -L*) + func_stripname "-L" '' "$arg" + if test -z "$func_stripname_result"; then + if test "$#" -gt 0; then + func_fatal_error "require no space between \`-L' and \`$1'" + else + func_fatal_error "need path for \`-L' option" + fi + fi + func_resolve_sysroot "$func_stripname_result" + dir=$func_resolve_sysroot_result + # We need an absolute path. + case $dir in + [\\/]* | [A-Za-z]:[\\/]*) ;; + *) + absdir=`cd "$dir" && pwd` + test -z "$absdir" && \ + func_fatal_error "cannot determine absolute directory name of \`$dir'" + dir="$absdir" + ;; + esac + case "$deplibs " in + *" -L$dir "* | *" $arg "*) + # Will only happen for absolute or sysroot arguments + ;; + *) + # Preserve sysroot, but never include relative directories + case $dir in + [\\/]* | [A-Za-z]:[\\/]* | =*) func_append deplibs " $arg" ;; + *) func_append deplibs " -L$dir" ;; + esac + func_append lib_search_path " $dir" + ;; + esac + case $host in + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) + testbindir=`$ECHO "$dir" | $SED 's*/lib$*/bin*'` + case :$dllsearchpath: in + *":$dir:"*) ;; + ::) dllsearchpath=$dir;; + *) func_append dllsearchpath ":$dir";; + esac + case :$dllsearchpath: in + *":$testbindir:"*) ;; + ::) dllsearchpath=$testbindir;; + *) func_append dllsearchpath ":$testbindir";; + esac + ;; + esac + continue + ;; + + -l*) + if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then + case $host in + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos* | *-cegcc* | *-*-haiku*) + # These systems don't actually have a C or math library (as such) + continue + ;; + *-*-os2*) + # These systems don't actually have a C library (as such) + test "X$arg" = "X-lc" && continue + ;; + *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) + # Do not include libc due to us having libc/libc_r. + test "X$arg" = "X-lc" && continue + ;; + *-*-rhapsody* | *-*-darwin1.[012]) + # Rhapsody C and math libraries are in the System framework + func_append deplibs " System.ltframework" + continue + ;; + *-*-sco3.2v5* | *-*-sco5v6*) + # Causes problems with __ctype + test "X$arg" = "X-lc" && continue + ;; + *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*) + # Compiler inserts libc in the correct place for threads to work + test "X$arg" = "X-lc" && continue + ;; + esac + elif test "X$arg" = "X-lc_r"; then + case $host in + *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) + # Do not include libc_r directly, use -pthread flag. + continue + ;; + esac + fi + func_append deplibs " $arg" + continue + ;; + + -module) + module=yes + continue + ;; + + # Tru64 UNIX uses -model [arg] to determine the layout of C++ + # classes, name mangling, and exception handling. + # Darwin uses the -arch flag to determine output architecture. + -model|-arch|-isysroot|--sysroot) + func_append compiler_flags " $arg" + func_append compile_command " $arg" + func_append finalize_command " $arg" + prev=xcompiler + continue + ;; + + -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe|-threads) + func_append compiler_flags " $arg" + func_append compile_command " $arg" + func_append finalize_command " $arg" + case "$new_inherited_linker_flags " in + *" $arg "*) ;; + * ) func_append new_inherited_linker_flags " $arg" ;; + esac + continue + ;; + + -multi_module) + single_module="${wl}-multi_module" + continue + ;; + + -no-fast-install) + fast_install=no + continue + ;; + + -no-install) + case $host in + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-darwin* | *-cegcc*) + # The PATH hackery in wrapper scripts is required on Windows + # and Darwin in order for the loader to find any dlls it needs. + func_warning "\`-no-install' is ignored for $host" + func_warning "assuming \`-no-fast-install' instead" + fast_install=no + ;; + *) no_install=yes ;; + esac + continue + ;; + + -no-undefined) + allow_undefined=no + continue + ;; + + -objectlist) + prev=objectlist + continue + ;; + + -o) prev=output ;; + + -precious-files-regex) + prev=precious_regex + continue + ;; + + -release) + prev=release + continue + ;; + + -rpath) + prev=rpath + continue + ;; + + -R) + prev=xrpath + continue + ;; + + -R*) + func_stripname '-R' '' "$arg" + dir=$func_stripname_result + # We need an absolute path. + case $dir in + [\\/]* | [A-Za-z]:[\\/]*) ;; + =*) + func_stripname '=' '' "$dir" + dir=$lt_sysroot$func_stripname_result + ;; + *) + func_fatal_error "only absolute run-paths are allowed" + ;; + esac + case "$xrpath " in + *" $dir "*) ;; + *) func_append xrpath " $dir" ;; + esac + continue + ;; + + -shared) + # The effects of -shared are defined in a previous loop. + continue + ;; + + -shrext) + prev=shrext + continue + ;; + + -static | -static-libtool-libs) + # The effects of -static are defined in a previous loop. + # We used to do the same as -all-static on platforms that + # didn't have a PIC flag, but the assumption that the effects + # would be equivalent was wrong. It would break on at least + # Digital Unix and AIX. + continue + ;; + + -thread-safe) + thread_safe=yes + continue + ;; + + -version-info) + prev=vinfo + continue + ;; + + -version-number) + prev=vinfo + vinfo_number=yes + continue + ;; + + -weak) + prev=weak + continue + ;; + + -Wc,*) + func_stripname '-Wc,' '' "$arg" + args=$func_stripname_result + arg= + save_ifs="$IFS"; IFS=',' + for flag in $args; do + IFS="$save_ifs" + func_quote_for_eval "$flag" + func_append arg " $func_quote_for_eval_result" + func_append compiler_flags " $func_quote_for_eval_result" + done + IFS="$save_ifs" + func_stripname ' ' '' "$arg" + arg=$func_stripname_result + ;; + + -Wl,*) + func_stripname '-Wl,' '' "$arg" + args=$func_stripname_result + arg= + save_ifs="$IFS"; IFS=',' + for flag in $args; do + IFS="$save_ifs" + func_quote_for_eval "$flag" + func_append arg " $wl$func_quote_for_eval_result" + func_append compiler_flags " $wl$func_quote_for_eval_result" + func_append linker_flags " $func_quote_for_eval_result" + done + IFS="$save_ifs" + func_stripname ' ' '' "$arg" + arg=$func_stripname_result + ;; + + -Xcompiler) + prev=xcompiler + continue + ;; + + -Xlinker) + prev=xlinker + continue + ;; + + -XCClinker) + prev=xcclinker + continue + ;; + + # -msg_* for osf cc + -msg_*) + func_quote_for_eval "$arg" + arg="$func_quote_for_eval_result" + ;; + + # Flags to be passed through unchanged, with rationale: + # -64, -mips[0-9] enable 64-bit mode for the SGI compiler + # -r[0-9][0-9]* specify processor for the SGI compiler + # -xarch=*, -xtarget=* enable 64-bit mode for the Sun compiler + # +DA*, +DD* enable 64-bit mode for the HP compiler + # -q* compiler args for the IBM compiler + # -m*, -t[45]*, -txscale* architecture-specific flags for GCC + # -F/path path to uninstalled frameworks, gcc on darwin + # -p, -pg, --coverage, -fprofile-* profiling flags for GCC + # @file GCC response files + # -tp=* Portland pgcc target processor selection + # --sysroot=* for sysroot support + # -O*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization + -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \ + -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \ + -O*|-flto*|-fwhopr*|-fuse-linker-plugin) + func_quote_for_eval "$arg" + arg="$func_quote_for_eval_result" + func_append compile_command " $arg" + func_append finalize_command " $arg" + func_append compiler_flags " $arg" + continue + ;; + + # Some other compiler flag. + -* | +*) + func_quote_for_eval "$arg" + arg="$func_quote_for_eval_result" + ;; + + *.$objext) + # A standard object. + func_append objs " $arg" + ;; + + *.lo) + # A libtool-controlled object. + + # Check to see that this really is a libtool object. + if func_lalib_unsafe_p "$arg"; then + pic_object= + non_pic_object= + + # Read the .lo file + func_source "$arg" + + if test -z "$pic_object" || + test -z "$non_pic_object" || + test "$pic_object" = none && + test "$non_pic_object" = none; then + func_fatal_error "cannot find name of object for \`$arg'" + fi + + # Extract subdirectory from the argument. + func_dirname "$arg" "/" "" + xdir="$func_dirname_result" + + if test "$pic_object" != none; then + # Prepend the subdirectory the object is found in. + pic_object="$xdir$pic_object" + + if test "$prev" = dlfiles; then + if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then + func_append dlfiles " $pic_object" + prev= + continue + else + # If libtool objects are unsupported, then we need to preload. + prev=dlprefiles + fi + fi + + # CHECK ME: I think I busted this. -Ossama + if test "$prev" = dlprefiles; then + # Preload the old-style object. + func_append dlprefiles " $pic_object" + prev= + fi + + # A PIC object. + func_append libobjs " $pic_object" + arg="$pic_object" + fi + + # Non-PIC object. + if test "$non_pic_object" != none; then + # Prepend the subdirectory the object is found in. + non_pic_object="$xdir$non_pic_object" + + # A standard non-PIC object + func_append non_pic_objects " $non_pic_object" + if test -z "$pic_object" || test "$pic_object" = none ; then + arg="$non_pic_object" + fi + else + # If the PIC object exists, use it instead. + # $xdir was prepended to $pic_object above. + non_pic_object="$pic_object" + func_append non_pic_objects " $non_pic_object" + fi + else + # Only an error if not doing a dry-run. + if $opt_dry_run; then + # Extract subdirectory from the argument. + func_dirname "$arg" "/" "" + xdir="$func_dirname_result" + + func_lo2o "$arg" + pic_object=$xdir$objdir/$func_lo2o_result + non_pic_object=$xdir$func_lo2o_result + func_append libobjs " $pic_object" + func_append non_pic_objects " $non_pic_object" + else + func_fatal_error "\`$arg' is not a valid libtool object" + fi + fi + ;; + + *.$libext) + # An archive. + func_append deplibs " $arg" + func_append old_deplibs " $arg" + continue + ;; + + *.la) + # A libtool-controlled library. + + func_resolve_sysroot "$arg" + if test "$prev" = dlfiles; then + # This library was specified with -dlopen. + func_append dlfiles " $func_resolve_sysroot_result" + prev= + elif test "$prev" = dlprefiles; then + # The library was specified with -dlpreopen. + func_append dlprefiles " $func_resolve_sysroot_result" + prev= + else + func_append deplibs " $func_resolve_sysroot_result" + fi + continue + ;; + + # Some other compiler argument. + *) + # Unknown arguments in both finalize_command and compile_command need + # to be aesthetically quoted because they are evaled later. + func_quote_for_eval "$arg" + arg="$func_quote_for_eval_result" + ;; + esac # arg + + # Now actually substitute the argument into the commands. + if test -n "$arg"; then + func_append compile_command " $arg" + func_append finalize_command " $arg" + fi + done # argument parsing loop + + test -n "$prev" && \ + func_fatal_help "the \`$prevarg' option requires an argument" + + if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then + eval arg=\"$export_dynamic_flag_spec\" + func_append compile_command " $arg" + func_append finalize_command " $arg" + fi + + oldlibs= + # calculate the name of the file, without its directory + func_basename "$output" + outputname="$func_basename_result" + libobjs_save="$libobjs" + + if test -n "$shlibpath_var"; then + # get the directories listed in $shlibpath_var + eval shlib_search_path=\`\$ECHO \"\${$shlibpath_var}\" \| \$SED \'s/:/ /g\'\` + else + shlib_search_path= + fi + eval sys_lib_search_path=\"$sys_lib_search_path_spec\" + eval sys_lib_dlsearch_path=\"$sys_lib_dlsearch_path_spec\" + + func_dirname "$output" "/" "" + output_objdir="$func_dirname_result$objdir" + func_to_tool_file "$output_objdir/" + tool_output_objdir=$func_to_tool_file_result + # Create the object directory. + func_mkdir_p "$output_objdir" + + # Determine the type of output + case $output in + "") + func_fatal_help "you must specify an output file" + ;; + *.$libext) linkmode=oldlib ;; + *.lo | *.$objext) linkmode=obj ;; + *.la) linkmode=lib ;; + *) linkmode=prog ;; # Anything else should be a program. + esac + + specialdeplibs= + + libs= + # Find all interdependent deplibs by searching for libraries + # that are linked more than once (e.g. -la -lb -la) + for deplib in $deplibs; do + if $opt_preserve_dup_deps ; then + case "$libs " in + *" $deplib "*) func_append specialdeplibs " $deplib" ;; + esac + fi + func_append libs " $deplib" + done + + if test "$linkmode" = lib; then + libs="$predeps $libs $compiler_lib_search_path $postdeps" + + # Compute libraries that are listed more than once in $predeps + # $postdeps and mark them as special (i.e., whose duplicates are + # not to be eliminated). + pre_post_deps= + if $opt_duplicate_compiler_generated_deps; then + for pre_post_dep in $predeps $postdeps; do + case "$pre_post_deps " in + *" $pre_post_dep "*) func_append specialdeplibs " $pre_post_deps" ;; + esac + func_append pre_post_deps " $pre_post_dep" + done + fi + pre_post_deps= + fi + + deplibs= + newdependency_libs= + newlib_search_path= + need_relink=no # whether we're linking any uninstalled libtool libraries + notinst_deplibs= # not-installed libtool libraries + notinst_path= # paths that contain not-installed libtool libraries + + case $linkmode in + lib) + passes="conv dlpreopen link" + for file in $dlfiles $dlprefiles; do + case $file in + *.la) ;; + *) + func_fatal_help "libraries can \`-dlopen' only libtool libraries: $file" + ;; + esac + done + ;; + prog) + compile_deplibs= + finalize_deplibs= + alldeplibs=no + newdlfiles= + newdlprefiles= + passes="conv scan dlopen dlpreopen link" + ;; + *) passes="conv" + ;; + esac + + for pass in $passes; do + # The preopen pass in lib mode reverses $deplibs; put it back here + # so that -L comes before libs that need it for instance... + if test "$linkmode,$pass" = "lib,link"; then + ## FIXME: Find the place where the list is rebuilt in the wrong + ## order, and fix it there properly + tmp_deplibs= + for deplib in $deplibs; do + tmp_deplibs="$deplib $tmp_deplibs" + done + deplibs="$tmp_deplibs" + fi + + if test "$linkmode,$pass" = "lib,link" || + test "$linkmode,$pass" = "prog,scan"; then + libs="$deplibs" + deplibs= + fi + if test "$linkmode" = prog; then + case $pass in + dlopen) libs="$dlfiles" ;; + dlpreopen) libs="$dlprefiles" ;; + link) libs="$deplibs %DEPLIBS% $dependency_libs" ;; + esac + fi + if test "$linkmode,$pass" = "lib,dlpreopen"; then + # Collect and forward deplibs of preopened libtool libs + for lib in $dlprefiles; do + # Ignore non-libtool-libs + dependency_libs= + func_resolve_sysroot "$lib" + case $lib in + *.la) func_source "$func_resolve_sysroot_result" ;; + esac + + # Collect preopened libtool deplibs, except any this library + # has declared as weak libs + for deplib in $dependency_libs; do + func_basename "$deplib" + deplib_base=$func_basename_result + case " $weak_libs " in + *" $deplib_base "*) ;; + *) func_append deplibs " $deplib" ;; + esac + done + done + libs="$dlprefiles" + fi + if test "$pass" = dlopen; then + # Collect dlpreopened libraries + save_deplibs="$deplibs" + deplibs= + fi + + for deplib in $libs; do + lib= + found=no + case $deplib in + -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe|-threads) + if test "$linkmode,$pass" = "prog,link"; then + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + else + func_append compiler_flags " $deplib" + if test "$linkmode" = lib ; then + case "$new_inherited_linker_flags " in + *" $deplib "*) ;; + * ) func_append new_inherited_linker_flags " $deplib" ;; + esac + fi + fi + continue + ;; + -l*) + if test "$linkmode" != lib && test "$linkmode" != prog; then + func_warning "\`-l' is ignored for archives/objects" + continue + fi + func_stripname '-l' '' "$deplib" + name=$func_stripname_result + if test "$linkmode" = lib; then + searchdirs="$newlib_search_path $lib_search_path $compiler_lib_search_dirs $sys_lib_search_path $shlib_search_path" + else + searchdirs="$newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path" + fi + for searchdir in $searchdirs; do + for search_ext in .la $std_shrext .so .a; do + # Search the libtool library + lib="$searchdir/lib${name}${search_ext}" + if test -f "$lib"; then + if test "$search_ext" = ".la"; then + found=yes + else + found=no + fi + break 2 + fi + done + done + if test "$found" != yes; then + # deplib doesn't seem to be a libtool library + if test "$linkmode,$pass" = "prog,link"; then + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + else + deplibs="$deplib $deplibs" + test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs" + fi + continue + else # deplib is a libtool library + # If $allow_libtool_libs_with_static_runtimes && $deplib is a stdlib, + # We need to do some special things here, and not later. + if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + case " $predeps $postdeps " in + *" $deplib "*) + if func_lalib_p "$lib"; then + library_names= + old_library= + func_source "$lib" + for l in $old_library $library_names; do + ll="$l" + done + if test "X$ll" = "X$old_library" ; then # only static version available + found=no + func_dirname "$lib" "" "." + ladir="$func_dirname_result" + lib=$ladir/$old_library + if test "$linkmode,$pass" = "prog,link"; then + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + else + deplibs="$deplib $deplibs" + test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs" + fi + continue + fi + fi + ;; + *) ;; + esac + fi + fi + ;; # -l + *.ltframework) + if test "$linkmode,$pass" = "prog,link"; then + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + else + deplibs="$deplib $deplibs" + if test "$linkmode" = lib ; then + case "$new_inherited_linker_flags " in + *" $deplib "*) ;; + * ) func_append new_inherited_linker_flags " $deplib" ;; + esac + fi + fi + continue + ;; + -L*) + case $linkmode in + lib) + deplibs="$deplib $deplibs" + test "$pass" = conv && continue + newdependency_libs="$deplib $newdependency_libs" + func_stripname '-L' '' "$deplib" + func_resolve_sysroot "$func_stripname_result" + func_append newlib_search_path " $func_resolve_sysroot_result" + ;; + prog) + if test "$pass" = conv; then + deplibs="$deplib $deplibs" + continue + fi + if test "$pass" = scan; then + deplibs="$deplib $deplibs" + else + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + fi + func_stripname '-L' '' "$deplib" + func_resolve_sysroot "$func_stripname_result" + func_append newlib_search_path " $func_resolve_sysroot_result" + ;; + *) + func_warning "\`-L' is ignored for archives/objects" + ;; + esac # linkmode + continue + ;; # -L + -R*) + if test "$pass" = link; then + func_stripname '-R' '' "$deplib" + func_resolve_sysroot "$func_stripname_result" + dir=$func_resolve_sysroot_result + # Make sure the xrpath contains only unique directories. + case "$xrpath " in + *" $dir "*) ;; + *) func_append xrpath " $dir" ;; + esac + fi + deplibs="$deplib $deplibs" + continue + ;; + *.la) + func_resolve_sysroot "$deplib" + lib=$func_resolve_sysroot_result + ;; + *.$libext) + if test "$pass" = conv; then + deplibs="$deplib $deplibs" + continue + fi + case $linkmode in + lib) + # Linking convenience modules into shared libraries is allowed, + # but linking other static libraries is non-portable. + case " $dlpreconveniencelibs " in + *" $deplib "*) ;; + *) + valid_a_lib=no + case $deplibs_check_method in + match_pattern*) + set dummy $deplibs_check_method; shift + match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"` + if eval "\$ECHO \"$deplib\"" 2>/dev/null | $SED 10q \ + | $EGREP "$match_pattern_regex" > /dev/null; then + valid_a_lib=yes + fi + ;; + pass_all) + valid_a_lib=yes + ;; + esac + if test "$valid_a_lib" != yes; then + echo + $ECHO "*** Warning: Trying to link with static lib archive $deplib." + echo "*** I have the capability to make that library automatically link in when" + echo "*** you link to this library. But I can only do this if you have a" + echo "*** shared version of the library, which you do not appear to have" + echo "*** because the file extensions .$libext of this argument makes me believe" + echo "*** that it is just a static archive that I should not use here." + else + echo + $ECHO "*** Warning: Linking the shared library $output against the" + $ECHO "*** static library $deplib is not portable!" + deplibs="$deplib $deplibs" + fi + ;; + esac + continue + ;; + prog) + if test "$pass" != link; then + deplibs="$deplib $deplibs" + else + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + fi + continue + ;; + esac # linkmode + ;; # *.$libext + *.lo | *.$objext) + if test "$pass" = conv; then + deplibs="$deplib $deplibs" + elif test "$linkmode" = prog; then + if test "$pass" = dlpreopen || test "$dlopen_support" != yes || test "$build_libtool_libs" = no; then + # If there is no dlopen support or we're linking statically, + # we need to preload. + func_append newdlprefiles " $deplib" + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + else + func_append newdlfiles " $deplib" + fi + fi + continue + ;; + %DEPLIBS%) + alldeplibs=yes + continue + ;; + esac # case $deplib + + if test "$found" = yes || test -f "$lib"; then : + else + func_fatal_error "cannot find the library \`$lib' or unhandled argument \`$deplib'" + fi + + # Check to see that this really is a libtool archive. + func_lalib_unsafe_p "$lib" \ + || func_fatal_error "\`$lib' is not a valid libtool archive" + + func_dirname "$lib" "" "." + ladir="$func_dirname_result" + + dlname= + dlopen= + dlpreopen= + libdir= + library_names= + old_library= + inherited_linker_flags= + # If the library was installed with an old release of libtool, + # it will not redefine variables installed, or shouldnotlink + installed=yes + shouldnotlink=no + avoidtemprpath= + + + # Read the .la file + func_source "$lib" + + # Convert "-framework foo" to "foo.ltframework" + if test -n "$inherited_linker_flags"; then + tmp_inherited_linker_flags=`$ECHO "$inherited_linker_flags" | $SED 's/-framework \([^ $]*\)/\1.ltframework/g'` + for tmp_inherited_linker_flag in $tmp_inherited_linker_flags; do + case " $new_inherited_linker_flags " in + *" $tmp_inherited_linker_flag "*) ;; + *) func_append new_inherited_linker_flags " $tmp_inherited_linker_flag";; + esac + done + fi + dependency_libs=`$ECHO " $dependency_libs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` + if test "$linkmode,$pass" = "lib,link" || + test "$linkmode,$pass" = "prog,scan" || + { test "$linkmode" != prog && test "$linkmode" != lib; }; then + test -n "$dlopen" && func_append dlfiles " $dlopen" + test -n "$dlpreopen" && func_append dlprefiles " $dlpreopen" + fi + + if test "$pass" = conv; then + # Only check for convenience libraries + deplibs="$lib $deplibs" + if test -z "$libdir"; then + if test -z "$old_library"; then + func_fatal_error "cannot find name of link library for \`$lib'" + fi + # It is a libtool convenience library, so add in its objects. + func_append convenience " $ladir/$objdir/$old_library" + func_append old_convenience " $ladir/$objdir/$old_library" + elif test "$linkmode" != prog && test "$linkmode" != lib; then + func_fatal_error "\`$lib' is not a convenience library" + fi + tmp_libs= + for deplib in $dependency_libs; do + deplibs="$deplib $deplibs" + if $opt_preserve_dup_deps ; then + case "$tmp_libs " in + *" $deplib "*) func_append specialdeplibs " $deplib" ;; + esac + fi + func_append tmp_libs " $deplib" + done + continue + fi # $pass = conv + + + # Get the name of the library we link against. + linklib= + if test -n "$old_library" && + { test "$prefer_static_libs" = yes || + test "$prefer_static_libs,$installed" = "built,no"; }; then + linklib=$old_library + else + for l in $old_library $library_names; do + linklib="$l" + done + fi + if test -z "$linklib"; then + func_fatal_error "cannot find name of link library for \`$lib'" + fi + + # This library was specified with -dlopen. + if test "$pass" = dlopen; then + if test -z "$libdir"; then + func_fatal_error "cannot -dlopen a convenience library: \`$lib'" + fi + if test -z "$dlname" || + test "$dlopen_support" != yes || + test "$build_libtool_libs" = no; then + # If there is no dlname, no dlopen support or we're linking + # statically, we need to preload. We also need to preload any + # dependent libraries so libltdl's deplib preloader doesn't + # bomb out in the load deplibs phase. + func_append dlprefiles " $lib $dependency_libs" + else + func_append newdlfiles " $lib" + fi + continue + fi # $pass = dlopen + + # We need an absolute path. + case $ladir in + [\\/]* | [A-Za-z]:[\\/]*) abs_ladir="$ladir" ;; + *) + abs_ladir=`cd "$ladir" && pwd` + if test -z "$abs_ladir"; then + func_warning "cannot determine absolute directory name of \`$ladir'" + func_warning "passing it literally to the linker, although it might fail" + abs_ladir="$ladir" + fi + ;; + esac + func_basename "$lib" + laname="$func_basename_result" + + # Find the relevant object directory and library name. + if test "X$installed" = Xyes; then + if test ! -f "$lt_sysroot$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then + func_warning "library \`$lib' was moved." + dir="$ladir" + absdir="$abs_ladir" + libdir="$abs_ladir" + else + dir="$lt_sysroot$libdir" + absdir="$lt_sysroot$libdir" + fi + test "X$hardcode_automatic" = Xyes && avoidtemprpath=yes + else + if test ! -f "$ladir/$objdir/$linklib" && test -f "$abs_ladir/$linklib"; then + dir="$ladir" + absdir="$abs_ladir" + # Remove this search path later + func_append notinst_path " $abs_ladir" + else + dir="$ladir/$objdir" + absdir="$abs_ladir/$objdir" + # Remove this search path later + func_append notinst_path " $abs_ladir" + fi + fi # $installed = yes + func_stripname 'lib' '.la' "$laname" + name=$func_stripname_result + + # This library was specified with -dlpreopen. + if test "$pass" = dlpreopen; then + if test -z "$libdir" && test "$linkmode" = prog; then + func_fatal_error "only libraries may -dlpreopen a convenience library: \`$lib'" + fi + case "$host" in + # special handling for platforms with PE-DLLs. + *cygwin* | *mingw* | *cegcc* ) + # Linker will automatically link against shared library if both + # static and shared are present. Therefore, ensure we extract + # symbols from the import library if a shared library is present + # (otherwise, the dlopen module name will be incorrect). We do + # this by putting the import library name into $newdlprefiles. + # We recover the dlopen module name by 'saving' the la file + # name in a special purpose variable, and (later) extracting the + # dlname from the la file. + if test -n "$dlname"; then + func_tr_sh "$dir/$linklib" + eval "libfile_$func_tr_sh_result=\$abs_ladir/\$laname" + func_append newdlprefiles " $dir/$linklib" + else + func_append newdlprefiles " $dir/$old_library" + # Keep a list of preopened convenience libraries to check + # that they are being used correctly in the link pass. + test -z "$libdir" && \ + func_append dlpreconveniencelibs " $dir/$old_library" + fi + ;; + * ) + # Prefer using a static library (so that no silly _DYNAMIC symbols + # are required to link). + if test -n "$old_library"; then + func_append newdlprefiles " $dir/$old_library" + # Keep a list of preopened convenience libraries to check + # that they are being used correctly in the link pass. + test -z "$libdir" && \ + func_append dlpreconveniencelibs " $dir/$old_library" + # Otherwise, use the dlname, so that lt_dlopen finds it. + elif test -n "$dlname"; then + func_append newdlprefiles " $dir/$dlname" + else + func_append newdlprefiles " $dir/$linklib" + fi + ;; + esac + fi # $pass = dlpreopen + + if test -z "$libdir"; then + # Link the convenience library + if test "$linkmode" = lib; then + deplibs="$dir/$old_library $deplibs" + elif test "$linkmode,$pass" = "prog,link"; then + compile_deplibs="$dir/$old_library $compile_deplibs" + finalize_deplibs="$dir/$old_library $finalize_deplibs" + else + deplibs="$lib $deplibs" # used for prog,scan pass + fi + continue + fi + + + if test "$linkmode" = prog && test "$pass" != link; then + func_append newlib_search_path " $ladir" + deplibs="$lib $deplibs" + + linkalldeplibs=no + if test "$link_all_deplibs" != no || test -z "$library_names" || + test "$build_libtool_libs" = no; then + linkalldeplibs=yes + fi + + tmp_libs= + for deplib in $dependency_libs; do + case $deplib in + -L*) func_stripname '-L' '' "$deplib" + func_resolve_sysroot "$func_stripname_result" + func_append newlib_search_path " $func_resolve_sysroot_result" + ;; + esac + # Need to link against all dependency_libs? + if test "$linkalldeplibs" = yes; then + deplibs="$deplib $deplibs" + else + # Need to hardcode shared library paths + # or/and link against static libraries + newdependency_libs="$deplib $newdependency_libs" + fi + if $opt_preserve_dup_deps ; then + case "$tmp_libs " in + *" $deplib "*) func_append specialdeplibs " $deplib" ;; + esac + fi + func_append tmp_libs " $deplib" + done # for deplib + continue + fi # $linkmode = prog... + + if test "$linkmode,$pass" = "prog,link"; then + if test -n "$library_names" && + { { test "$prefer_static_libs" = no || + test "$prefer_static_libs,$installed" = "built,yes"; } || + test -z "$old_library"; }; then + # We need to hardcode the library path + if test -n "$shlibpath_var" && test -z "$avoidtemprpath" ; then + # Make sure the rpath contains only unique directories. + case "$temp_rpath:" in + *"$absdir:"*) ;; + *) func_append temp_rpath "$absdir:" ;; + esac + fi + + # Hardcode the library path. + # Skip directories that are in the system default run-time + # search path. + case " $sys_lib_dlsearch_path " in + *" $absdir "*) ;; + *) + case "$compile_rpath " in + *" $absdir "*) ;; + *) func_append compile_rpath " $absdir" ;; + esac + ;; + esac + case " $sys_lib_dlsearch_path " in + *" $libdir "*) ;; + *) + case "$finalize_rpath " in + *" $libdir "*) ;; + *) func_append finalize_rpath " $libdir" ;; + esac + ;; + esac + fi # $linkmode,$pass = prog,link... + + if test "$alldeplibs" = yes && + { test "$deplibs_check_method" = pass_all || + { test "$build_libtool_libs" = yes && + test -n "$library_names"; }; }; then + # We only need to search for static libraries + continue + fi + fi + + link_static=no # Whether the deplib will be linked statically + use_static_libs=$prefer_static_libs + if test "$use_static_libs" = built && test "$installed" = yes; then + use_static_libs=no + fi + if test -n "$library_names" && + { test "$use_static_libs" = no || test -z "$old_library"; }; then + case $host in + *cygwin* | *mingw* | *cegcc*) + # No point in relinking DLLs because paths are not encoded + func_append notinst_deplibs " $lib" + need_relink=no + ;; + *) + if test "$installed" = no; then + func_append notinst_deplibs " $lib" + need_relink=yes + fi + ;; + esac + # This is a shared library + + # Warn about portability, can't link against -module's on some + # systems (darwin). Don't bleat about dlopened modules though! + dlopenmodule="" + for dlpremoduletest in $dlprefiles; do + if test "X$dlpremoduletest" = "X$lib"; then + dlopenmodule="$dlpremoduletest" + break + fi + done + if test -z "$dlopenmodule" && test "$shouldnotlink" = yes && test "$pass" = link; then + echo + if test "$linkmode" = prog; then + $ECHO "*** Warning: Linking the executable $output against the loadable module" + else + $ECHO "*** Warning: Linking the shared library $output against the loadable module" + fi + $ECHO "*** $linklib is not portable!" + fi + if test "$linkmode" = lib && + test "$hardcode_into_libs" = yes; then + # Hardcode the library path. + # Skip directories that are in the system default run-time + # search path. + case " $sys_lib_dlsearch_path " in + *" $absdir "*) ;; + *) + case "$compile_rpath " in + *" $absdir "*) ;; + *) func_append compile_rpath " $absdir" ;; + esac + ;; + esac + case " $sys_lib_dlsearch_path " in + *" $libdir "*) ;; + *) + case "$finalize_rpath " in + *" $libdir "*) ;; + *) func_append finalize_rpath " $libdir" ;; + esac + ;; + esac + fi + + if test -n "$old_archive_from_expsyms_cmds"; then + # figure out the soname + set dummy $library_names + shift + realname="$1" + shift + libname=`eval "\\$ECHO \"$libname_spec\""` + # use dlname if we got it. it's perfectly good, no? + if test -n "$dlname"; then + soname="$dlname" + elif test -n "$soname_spec"; then + # bleh windows + case $host in + *cygwin* | mingw* | *cegcc*) + func_arith $current - $age + major=$func_arith_result + versuffix="-$major" + ;; + esac + eval soname=\"$soname_spec\" + else + soname="$realname" + fi + + # Make a new name for the extract_expsyms_cmds to use + soroot="$soname" + func_basename "$soroot" + soname="$func_basename_result" + func_stripname 'lib' '.dll' "$soname" + newlib=libimp-$func_stripname_result.a + + # If the library has no export list, then create one now + if test -f "$output_objdir/$soname-def"; then : + else + func_verbose "extracting exported symbol list from \`$soname'" + func_execute_cmds "$extract_expsyms_cmds" 'exit $?' + fi + + # Create $newlib + if test -f "$output_objdir/$newlib"; then :; else + func_verbose "generating import library for \`$soname'" + func_execute_cmds "$old_archive_from_expsyms_cmds" 'exit $?' + fi + # make sure the library variables are pointing to the new library + dir=$output_objdir + linklib=$newlib + fi # test -n "$old_archive_from_expsyms_cmds" + + if test "$linkmode" = prog || test "$opt_mode" != relink; then + add_shlibpath= + add_dir= + add= + lib_linked=yes + case $hardcode_action in + immediate | unsupported) + if test "$hardcode_direct" = no; then + add="$dir/$linklib" + case $host in + *-*-sco3.2v5.0.[024]*) add_dir="-L$dir" ;; + *-*-sysv4*uw2*) add_dir="-L$dir" ;; + *-*-sysv5OpenUNIX* | *-*-sysv5UnixWare7.[01].[10]* | \ + *-*-unixware7*) add_dir="-L$dir" ;; + *-*-darwin* ) + # if the lib is a (non-dlopened) module then we can not + # link against it, someone is ignoring the earlier warnings + if /usr/bin/file -L $add 2> /dev/null | + $GREP ": [^:]* bundle" >/dev/null ; then + if test "X$dlopenmodule" != "X$lib"; then + $ECHO "*** Warning: lib $linklib is a module, not a shared library" + if test -z "$old_library" ; then + echo + echo "*** And there doesn't seem to be a static archive available" + echo "*** The link will probably fail, sorry" + else + add="$dir/$old_library" + fi + elif test -n "$old_library"; then + add="$dir/$old_library" + fi + fi + esac + elif test "$hardcode_minus_L" = no; then + case $host in + *-*-sunos*) add_shlibpath="$dir" ;; + esac + add_dir="-L$dir" + add="-l$name" + elif test "$hardcode_shlibpath_var" = no; then + add_shlibpath="$dir" + add="-l$name" + else + lib_linked=no + fi + ;; + relink) + if test "$hardcode_direct" = yes && + test "$hardcode_direct_absolute" = no; then + add="$dir/$linklib" + elif test "$hardcode_minus_L" = yes; then + add_dir="-L$dir" + # Try looking first in the location we're being installed to. + if test -n "$inst_prefix_dir"; then + case $libdir in + [\\/]*) + func_append add_dir " -L$inst_prefix_dir$libdir" + ;; + esac + fi + add="-l$name" + elif test "$hardcode_shlibpath_var" = yes; then + add_shlibpath="$dir" + add="-l$name" + else + lib_linked=no + fi + ;; + *) lib_linked=no ;; + esac + + if test "$lib_linked" != yes; then + func_fatal_configuration "unsupported hardcode properties" + fi + + if test -n "$add_shlibpath"; then + case :$compile_shlibpath: in + *":$add_shlibpath:"*) ;; + *) func_append compile_shlibpath "$add_shlibpath:" ;; + esac + fi + if test "$linkmode" = prog; then + test -n "$add_dir" && compile_deplibs="$add_dir $compile_deplibs" + test -n "$add" && compile_deplibs="$add $compile_deplibs" + else + test -n "$add_dir" && deplibs="$add_dir $deplibs" + test -n "$add" && deplibs="$add $deplibs" + if test "$hardcode_direct" != yes && + test "$hardcode_minus_L" != yes && + test "$hardcode_shlibpath_var" = yes; then + case :$finalize_shlibpath: in + *":$libdir:"*) ;; + *) func_append finalize_shlibpath "$libdir:" ;; + esac + fi + fi + fi + + if test "$linkmode" = prog || test "$opt_mode" = relink; then + add_shlibpath= + add_dir= + add= + # Finalize command for both is simple: just hardcode it. + if test "$hardcode_direct" = yes && + test "$hardcode_direct_absolute" = no; then + add="$libdir/$linklib" + elif test "$hardcode_minus_L" = yes; then + add_dir="-L$libdir" + add="-l$name" + elif test "$hardcode_shlibpath_var" = yes; then + case :$finalize_shlibpath: in + *":$libdir:"*) ;; + *) func_append finalize_shlibpath "$libdir:" ;; + esac + add="-l$name" + elif test "$hardcode_automatic" = yes; then + if test -n "$inst_prefix_dir" && + test -f "$inst_prefix_dir$libdir/$linklib" ; then + add="$inst_prefix_dir$libdir/$linklib" + else + add="$libdir/$linklib" + fi + else + # We cannot seem to hardcode it, guess we'll fake it. + add_dir="-L$libdir" + # Try looking first in the location we're being installed to. + if test -n "$inst_prefix_dir"; then + case $libdir in + [\\/]*) + func_append add_dir " -L$inst_prefix_dir$libdir" + ;; + esac + fi + add="-l$name" + fi + + if test "$linkmode" = prog; then + test -n "$add_dir" && finalize_deplibs="$add_dir $finalize_deplibs" + test -n "$add" && finalize_deplibs="$add $finalize_deplibs" + else + test -n "$add_dir" && deplibs="$add_dir $deplibs" + test -n "$add" && deplibs="$add $deplibs" + fi + fi + elif test "$linkmode" = prog; then + # Here we assume that one of hardcode_direct or hardcode_minus_L + # is not unsupported. This is valid on all known static and + # shared platforms. + if test "$hardcode_direct" != unsupported; then + test -n "$old_library" && linklib="$old_library" + compile_deplibs="$dir/$linklib $compile_deplibs" + finalize_deplibs="$dir/$linklib $finalize_deplibs" + else + compile_deplibs="-l$name -L$dir $compile_deplibs" + finalize_deplibs="-l$name -L$dir $finalize_deplibs" + fi + elif test "$build_libtool_libs" = yes; then + # Not a shared library + if test "$deplibs_check_method" != pass_all; then + # We're trying link a shared library against a static one + # but the system doesn't support it. + + # Just print a warning and add the library to dependency_libs so + # that the program can be linked against the static library. + echo + $ECHO "*** Warning: This system can not link to static lib archive $lib." + echo "*** I have the capability to make that library automatically link in when" + echo "*** you link to this library. But I can only do this if you have a" + echo "*** shared version of the library, which you do not appear to have." + if test "$module" = yes; then + echo "*** But as you try to build a module library, libtool will still create " + echo "*** a static module, that should work as long as the dlopening application" + echo "*** is linked with the -dlopen flag to resolve symbols at runtime." + if test -z "$global_symbol_pipe"; then + echo + echo "*** However, this would only work if libtool was able to extract symbol" + echo "*** lists from a program, using \`nm' or equivalent, but libtool could" + echo "*** not find such a program. So, this module is probably useless." + echo "*** \`nm' from GNU binutils and a full rebuild may help." + fi + if test "$build_old_libs" = no; then + build_libtool_libs=module + build_old_libs=yes + else + build_libtool_libs=no + fi + fi + else + deplibs="$dir/$old_library $deplibs" + link_static=yes + fi + fi # link shared/static library? + + if test "$linkmode" = lib; then + if test -n "$dependency_libs" && + { test "$hardcode_into_libs" != yes || + test "$build_old_libs" = yes || + test "$link_static" = yes; }; then + # Extract -R from dependency_libs + temp_deplibs= + for libdir in $dependency_libs; do + case $libdir in + -R*) func_stripname '-R' '' "$libdir" + temp_xrpath=$func_stripname_result + case " $xrpath " in + *" $temp_xrpath "*) ;; + *) func_append xrpath " $temp_xrpath";; + esac;; + *) func_append temp_deplibs " $libdir";; + esac + done + dependency_libs="$temp_deplibs" + fi + + func_append newlib_search_path " $absdir" + # Link against this library + test "$link_static" = no && newdependency_libs="$abs_ladir/$laname $newdependency_libs" + # ... and its dependency_libs + tmp_libs= + for deplib in $dependency_libs; do + newdependency_libs="$deplib $newdependency_libs" + case $deplib in + -L*) func_stripname '-L' '' "$deplib" + func_resolve_sysroot "$func_stripname_result";; + *) func_resolve_sysroot "$deplib" ;; + esac + if $opt_preserve_dup_deps ; then + case "$tmp_libs " in + *" $func_resolve_sysroot_result "*) + func_append specialdeplibs " $func_resolve_sysroot_result" ;; + esac + fi + func_append tmp_libs " $func_resolve_sysroot_result" + done + + if test "$link_all_deplibs" != no; then + # Add the search paths of all dependency libraries + for deplib in $dependency_libs; do + path= + case $deplib in + -L*) path="$deplib" ;; + *.la) + func_resolve_sysroot "$deplib" + deplib=$func_resolve_sysroot_result + func_dirname "$deplib" "" "." + dir=$func_dirname_result + # We need an absolute path. + case $dir in + [\\/]* | [A-Za-z]:[\\/]*) absdir="$dir" ;; + *) + absdir=`cd "$dir" && pwd` + if test -z "$absdir"; then + func_warning "cannot determine absolute directory name of \`$dir'" + absdir="$dir" + fi + ;; + esac + if $GREP "^installed=no" $deplib > /dev/null; then + case $host in + *-*-darwin*) + depdepl= + eval deplibrary_names=`${SED} -n -e 's/^library_names=\(.*\)$/\1/p' $deplib` + if test -n "$deplibrary_names" ; then + for tmp in $deplibrary_names ; do + depdepl=$tmp + done + if test -f "$absdir/$objdir/$depdepl" ; then + depdepl="$absdir/$objdir/$depdepl" + darwin_install_name=`${OTOOL} -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` + if test -z "$darwin_install_name"; then + darwin_install_name=`${OTOOL64} -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` + fi + func_append compiler_flags " ${wl}-dylib_file ${wl}${darwin_install_name}:${depdepl}" + func_append linker_flags " -dylib_file ${darwin_install_name}:${depdepl}" + path= + fi + fi + ;; + *) + path="-L$absdir/$objdir" + ;; + esac + else + eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` + test -z "$libdir" && \ + func_fatal_error "\`$deplib' is not a valid libtool archive" + test "$absdir" != "$libdir" && \ + func_warning "\`$deplib' seems to be moved" + + path="-L$absdir" + fi + ;; + esac + case " $deplibs " in + *" $path "*) ;; + *) deplibs="$path $deplibs" ;; + esac + done + fi # link_all_deplibs != no + fi # linkmode = lib + done # for deplib in $libs + if test "$pass" = link; then + if test "$linkmode" = "prog"; then + compile_deplibs="$new_inherited_linker_flags $compile_deplibs" + finalize_deplibs="$new_inherited_linker_flags $finalize_deplibs" + else + compiler_flags="$compiler_flags "`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` + fi + fi + dependency_libs="$newdependency_libs" + if test "$pass" = dlpreopen; then + # Link the dlpreopened libraries before other libraries + for deplib in $save_deplibs; do + deplibs="$deplib $deplibs" + done + fi + if test "$pass" != dlopen; then + if test "$pass" != conv; then + # Make sure lib_search_path contains only unique directories. + lib_search_path= + for dir in $newlib_search_path; do + case "$lib_search_path " in + *" $dir "*) ;; + *) func_append lib_search_path " $dir" ;; + esac + done + newlib_search_path= + fi + + if test "$linkmode,$pass" != "prog,link"; then + vars="deplibs" + else + vars="compile_deplibs finalize_deplibs" + fi + for var in $vars dependency_libs; do + # Add libraries to $var in reverse order + eval tmp_libs=\"\$$var\" + new_libs= + for deplib in $tmp_libs; do + # FIXME: Pedantically, this is the right thing to do, so + # that some nasty dependency loop isn't accidentally + # broken: + #new_libs="$deplib $new_libs" + # Pragmatically, this seems to cause very few problems in + # practice: + case $deplib in + -L*) new_libs="$deplib $new_libs" ;; + -R*) ;; + *) + # And here is the reason: when a library appears more + # than once as an explicit dependence of a library, or + # is implicitly linked in more than once by the + # compiler, it is considered special, and multiple + # occurrences thereof are not removed. Compare this + # with having the same library being listed as a + # dependency of multiple other libraries: in this case, + # we know (pedantically, we assume) the library does not + # need to be listed more than once, so we keep only the + # last copy. This is not always right, but it is rare + # enough that we require users that really mean to play + # such unportable linking tricks to link the library + # using -Wl,-lname, so that libtool does not consider it + # for duplicate removal. + case " $specialdeplibs " in + *" $deplib "*) new_libs="$deplib $new_libs" ;; + *) + case " $new_libs " in + *" $deplib "*) ;; + *) new_libs="$deplib $new_libs" ;; + esac + ;; + esac + ;; + esac + done + tmp_libs= + for deplib in $new_libs; do + case $deplib in + -L*) + case " $tmp_libs " in + *" $deplib "*) ;; + *) func_append tmp_libs " $deplib" ;; + esac + ;; + *) func_append tmp_libs " $deplib" ;; + esac + done + eval $var=\"$tmp_libs\" + done # for var + fi + # Last step: remove runtime libs from dependency_libs + # (they stay in deplibs) + tmp_libs= + for i in $dependency_libs ; do + case " $predeps $postdeps $compiler_lib_search_path " in + *" $i "*) + i="" + ;; + esac + if test -n "$i" ; then + func_append tmp_libs " $i" + fi + done + dependency_libs=$tmp_libs + done # for pass + if test "$linkmode" = prog; then + dlfiles="$newdlfiles" + fi + if test "$linkmode" = prog || test "$linkmode" = lib; then + dlprefiles="$newdlprefiles" + fi + + case $linkmode in + oldlib) + if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then + func_warning "\`-dlopen' is ignored for archives" + fi + + case " $deplibs" in + *\ -l* | *\ -L*) + func_warning "\`-l' and \`-L' are ignored for archives" ;; + esac + + test -n "$rpath" && \ + func_warning "\`-rpath' is ignored for archives" + + test -n "$xrpath" && \ + func_warning "\`-R' is ignored for archives" + + test -n "$vinfo" && \ + func_warning "\`-version-info/-version-number' is ignored for archives" + + test -n "$release" && \ + func_warning "\`-release' is ignored for archives" + + test -n "$export_symbols$export_symbols_regex" && \ + func_warning "\`-export-symbols' is ignored for archives" + + # Now set the variables for building old libraries. + build_libtool_libs=no + oldlibs="$output" + func_append objs "$old_deplibs" + ;; + + lib) + # Make sure we only generate libraries of the form `libNAME.la'. + case $outputname in + lib*) + func_stripname 'lib' '.la' "$outputname" + name=$func_stripname_result + eval shared_ext=\"$shrext_cmds\" + eval libname=\"$libname_spec\" + ;; + *) + test "$module" = no && \ + func_fatal_help "libtool library \`$output' must begin with \`lib'" + + if test "$need_lib_prefix" != no; then + # Add the "lib" prefix for modules if required + func_stripname '' '.la' "$outputname" + name=$func_stripname_result + eval shared_ext=\"$shrext_cmds\" + eval libname=\"$libname_spec\" + else + func_stripname '' '.la' "$outputname" + libname=$func_stripname_result + fi + ;; + esac + + if test -n "$objs"; then + if test "$deplibs_check_method" != pass_all; then + func_fatal_error "cannot build libtool library \`$output' from non-libtool objects on this host:$objs" + else + echo + $ECHO "*** Warning: Linking the shared library $output against the non-libtool" + $ECHO "*** objects $objs is not portable!" + func_append libobjs " $objs" + fi + fi + + test "$dlself" != no && \ + func_warning "\`-dlopen self' is ignored for libtool libraries" + + set dummy $rpath + shift + test "$#" -gt 1 && \ + func_warning "ignoring multiple \`-rpath's for a libtool library" + + install_libdir="$1" + + oldlibs= + if test -z "$rpath"; then + if test "$build_libtool_libs" = yes; then + # Building a libtool convenience library. + # Some compilers have problems with a `.al' extension so + # convenience libraries should have the same extension an + # archive normally would. + oldlibs="$output_objdir/$libname.$libext $oldlibs" + build_libtool_libs=convenience + build_old_libs=yes + fi + + test -n "$vinfo" && \ + func_warning "\`-version-info/-version-number' is ignored for convenience libraries" + + test -n "$release" && \ + func_warning "\`-release' is ignored for convenience libraries" + else + + # Parse the version information argument. + save_ifs="$IFS"; IFS=':' + set dummy $vinfo 0 0 0 + shift + IFS="$save_ifs" + + test -n "$7" && \ + func_fatal_help "too many parameters to \`-version-info'" + + # convert absolute version numbers to libtool ages + # this retains compatibility with .la files and attempts + # to make the code below a bit more comprehensible + + case $vinfo_number in + yes) + number_major="$1" + number_minor="$2" + number_revision="$3" + # + # There are really only two kinds -- those that + # use the current revision as the major version + # and those that subtract age and use age as + # a minor version. But, then there is irix + # which has an extra 1 added just for fun + # + case $version_type in + darwin|linux|osf|windows|none) + func_arith $number_major + $number_minor + current=$func_arith_result + age="$number_minor" + revision="$number_revision" + ;; + freebsd-aout|freebsd-elf|qnx|sunos) + current="$number_major" + revision="$number_minor" + age="0" + ;; + irix|nonstopux) + func_arith $number_major + $number_minor + current=$func_arith_result + age="$number_minor" + revision="$number_minor" + lt_irix_increment=no + ;; + esac + ;; + no) + current="$1" + revision="$2" + age="$3" + ;; + esac + + # Check that each of the things are valid numbers. + case $current in + 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; + *) + func_error "CURRENT \`$current' must be a nonnegative integer" + func_fatal_error "\`$vinfo' is not valid version information" + ;; + esac + + case $revision in + 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; + *) + func_error "REVISION \`$revision' must be a nonnegative integer" + func_fatal_error "\`$vinfo' is not valid version information" + ;; + esac + + case $age in + 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; + *) + func_error "AGE \`$age' must be a nonnegative integer" + func_fatal_error "\`$vinfo' is not valid version information" + ;; + esac + + if test "$age" -gt "$current"; then + func_error "AGE \`$age' is greater than the current interface number \`$current'" + func_fatal_error "\`$vinfo' is not valid version information" + fi + + # Calculate the version variables. + major= + versuffix= + verstring= + case $version_type in + none) ;; + + darwin) + # Like Linux, but with the current version available in + # verstring for coding it into the library header + func_arith $current - $age + major=.$func_arith_result + versuffix="$major.$age.$revision" + # Darwin ld doesn't like 0 for these options... + func_arith $current + 1 + minor_current=$func_arith_result + xlcverstring="${wl}-compatibility_version ${wl}$minor_current ${wl}-current_version ${wl}$minor_current.$revision" + verstring="-compatibility_version $minor_current -current_version $minor_current.$revision" + ;; + + freebsd-aout) + major=".$current" + versuffix=".$current.$revision"; + ;; + + freebsd-elf) + major=".$current" + versuffix=".$current" + ;; + + irix | nonstopux) + if test "X$lt_irix_increment" = "Xno"; then + func_arith $current - $age + else + func_arith $current - $age + 1 + fi + major=$func_arith_result + + case $version_type in + nonstopux) verstring_prefix=nonstopux ;; + *) verstring_prefix=sgi ;; + esac + verstring="$verstring_prefix$major.$revision" + + # Add in all the interfaces that we are compatible with. + loop=$revision + while test "$loop" -ne 0; do + func_arith $revision - $loop + iface=$func_arith_result + func_arith $loop - 1 + loop=$func_arith_result + verstring="$verstring_prefix$major.$iface:$verstring" + done + + # Before this point, $major must not contain `.'. + major=.$major + versuffix="$major.$revision" + ;; + + linux) + func_arith $current - $age + major=.$func_arith_result + versuffix="$major.$age.$revision" + ;; + + osf) + func_arith $current - $age + major=.$func_arith_result + versuffix=".$current.$age.$revision" + verstring="$current.$age.$revision" + + # Add in all the interfaces that we are compatible with. + loop=$age + while test "$loop" -ne 0; do + func_arith $current - $loop + iface=$func_arith_result + func_arith $loop - 1 + loop=$func_arith_result + verstring="$verstring:${iface}.0" + done + + # Make executables depend on our current version. + func_append verstring ":${current}.0" + ;; + + qnx) + major=".$current" + versuffix=".$current" + ;; + + sunos) + major=".$current" + versuffix=".$current.$revision" + ;; + + windows) + # Use '-' rather than '.', since we only want one + # extension on DOS 8.3 filesystems. + func_arith $current - $age + major=$func_arith_result + versuffix="-$major" + ;; + + *) + func_fatal_configuration "unknown library version type \`$version_type'" + ;; + esac + + # Clear the version info if we defaulted, and they specified a release. + if test -z "$vinfo" && test -n "$release"; then + major= + case $version_type in + darwin) + # we can't check for "0.0" in archive_cmds due to quoting + # problems, so we reset it completely + verstring= + ;; + *) + verstring="0.0" + ;; + esac + if test "$need_version" = no; then + versuffix= + else + versuffix=".0.0" + fi + fi + + # Remove version info from name if versioning should be avoided + if test "$avoid_version" = yes && test "$need_version" = no; then + major= + versuffix= + verstring="" + fi + + # Check to see if the archive will have undefined symbols. + if test "$allow_undefined" = yes; then + if test "$allow_undefined_flag" = unsupported; then + func_warning "undefined symbols not allowed in $host shared libraries" + build_libtool_libs=no + build_old_libs=yes + fi + else + # Don't allow undefined symbols. + allow_undefined_flag="$no_undefined_flag" + fi + + fi + + func_generate_dlsyms "$libname" "$libname" "yes" + func_append libobjs " $symfileobj" + test "X$libobjs" = "X " && libobjs= + + if test "$opt_mode" != relink; then + # Remove our outputs, but don't remove object files since they + # may have been created when compiling PIC objects. + removelist= + tempremovelist=`$ECHO "$output_objdir/*"` + for p in $tempremovelist; do + case $p in + *.$objext | *.gcno) + ;; + $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/${libname}${release}.*) + if test "X$precious_files_regex" != "X"; then + if $ECHO "$p" | $EGREP -e "$precious_files_regex" >/dev/null 2>&1 + then + continue + fi + fi + func_append removelist " $p" + ;; + *) ;; + esac + done + test -n "$removelist" && \ + func_show_eval "${RM}r \$removelist" + fi + + # Now set the variables for building old libraries. + if test "$build_old_libs" = yes && test "$build_libtool_libs" != convenience ; then + func_append oldlibs " $output_objdir/$libname.$libext" + + # Transform .lo files to .o files. + oldobjs="$objs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; $lo2o" | $NL2SP` + fi + + # Eliminate all temporary directories. + #for path in $notinst_path; do + # lib_search_path=`$ECHO "$lib_search_path " | $SED "s% $path % %g"` + # deplibs=`$ECHO "$deplibs " | $SED "s% -L$path % %g"` + # dependency_libs=`$ECHO "$dependency_libs " | $SED "s% -L$path % %g"` + #done + + if test -n "$xrpath"; then + # If the user specified any rpath flags, then add them. + temp_xrpath= + for libdir in $xrpath; do + func_replace_sysroot "$libdir" + func_append temp_xrpath " -R$func_replace_sysroot_result" + case "$finalize_rpath " in + *" $libdir "*) ;; + *) func_append finalize_rpath " $libdir" ;; + esac + done + if test "$hardcode_into_libs" != yes || test "$build_old_libs" = yes; then + dependency_libs="$temp_xrpath $dependency_libs" + fi + fi + + # Make sure dlfiles contains only unique files that won't be dlpreopened + old_dlfiles="$dlfiles" + dlfiles= + for lib in $old_dlfiles; do + case " $dlprefiles $dlfiles " in + *" $lib "*) ;; + *) func_append dlfiles " $lib" ;; + esac + done + + # Make sure dlprefiles contains only unique files + old_dlprefiles="$dlprefiles" + dlprefiles= + for lib in $old_dlprefiles; do + case "$dlprefiles " in + *" $lib "*) ;; + *) func_append dlprefiles " $lib" ;; + esac + done + + if test "$build_libtool_libs" = yes; then + if test -n "$rpath"; then + case $host in + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos* | *-cegcc* | *-*-haiku*) + # these systems don't actually have a c library (as such)! + ;; + *-*-rhapsody* | *-*-darwin1.[012]) + # Rhapsody C library is in the System framework + func_append deplibs " System.ltframework" + ;; + *-*-netbsd*) + # Don't link with libc until the a.out ld.so is fixed. + ;; + *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) + # Do not include libc due to us having libc/libc_r. + ;; + *-*-sco3.2v5* | *-*-sco5v6*) + # Causes problems with __ctype + ;; + *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*) + # Compiler inserts libc in the correct place for threads to work + ;; + *) + # Add libc to deplibs on all other systems if necessary. + if test "$build_libtool_need_lc" = "yes"; then + func_append deplibs " -lc" + fi + ;; + esac + fi + + # Transform deplibs into only deplibs that can be linked in shared. + name_save=$name + libname_save=$libname + release_save=$release + versuffix_save=$versuffix + major_save=$major + # I'm not sure if I'm treating the release correctly. I think + # release should show up in the -l (ie -lgmp5) so we don't want to + # add it in twice. Is that correct? + release="" + versuffix="" + major="" + newdeplibs= + droppeddeps=no + case $deplibs_check_method in + pass_all) + # Don't check for shared/static. Everything works. + # This might be a little naive. We might want to check + # whether the library exists or not. But this is on + # osf3 & osf4 and I'm not really sure... Just + # implementing what was already the behavior. + newdeplibs=$deplibs + ;; + test_compile) + # This code stresses the "libraries are programs" paradigm to its + # limits. Maybe even breaks it. We compile a program, linking it + # against the deplibs as a proxy for the library. Then we can check + # whether they linked in statically or dynamically with ldd. + $opt_dry_run || $RM conftest.c + cat > conftest.c </dev/null` + $nocaseglob + else + potential_libs=`ls $i/$libnameglob[.-]* 2>/dev/null` + fi + for potent_lib in $potential_libs; do + # Follow soft links. + if ls -lLd "$potent_lib" 2>/dev/null | + $GREP " -> " >/dev/null; then + continue + fi + # The statement above tries to avoid entering an + # endless loop below, in case of cyclic links. + # We might still enter an endless loop, since a link + # loop can be closed while we follow links, + # but so what? + potlib="$potent_lib" + while test -h "$potlib" 2>/dev/null; do + potliblink=`ls -ld $potlib | ${SED} 's/.* -> //'` + case $potliblink in + [\\/]* | [A-Za-z]:[\\/]*) potlib="$potliblink";; + *) potlib=`$ECHO "$potlib" | $SED 's,[^/]*$,,'`"$potliblink";; + esac + done + if eval $file_magic_cmd \"\$potlib\" 2>/dev/null | + $SED -e 10q | + $EGREP "$file_magic_regex" > /dev/null; then + func_append newdeplibs " $a_deplib" + a_deplib="" + break 2 + fi + done + done + fi + if test -n "$a_deplib" ; then + droppeddeps=yes + echo + $ECHO "*** Warning: linker path does not have real file for library $a_deplib." + echo "*** I have the capability to make that library automatically link in when" + echo "*** you link to this library. But I can only do this if you have a" + echo "*** shared version of the library, which you do not appear to have" + echo "*** because I did check the linker path looking for a file starting" + if test -z "$potlib" ; then + $ECHO "*** with $libname but no candidates were found. (...for file magic test)" + else + $ECHO "*** with $libname and none of the candidates passed a file format test" + $ECHO "*** using a file magic. Last file checked: $potlib" + fi + fi + ;; + *) + # Add a -L argument. + func_append newdeplibs " $a_deplib" + ;; + esac + done # Gone through all deplibs. + ;; + match_pattern*) + set dummy $deplibs_check_method; shift + match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"` + for a_deplib in $deplibs; do + case $a_deplib in + -l*) + func_stripname -l '' "$a_deplib" + name=$func_stripname_result + if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + case " $predeps $postdeps " in + *" $a_deplib "*) + func_append newdeplibs " $a_deplib" + a_deplib="" + ;; + esac + fi + if test -n "$a_deplib" ; then + libname=`eval "\\$ECHO \"$libname_spec\""` + for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do + potential_libs=`ls $i/$libname[.-]* 2>/dev/null` + for potent_lib in $potential_libs; do + potlib="$potent_lib" # see symlink-check above in file_magic test + if eval "\$ECHO \"$potent_lib\"" 2>/dev/null | $SED 10q | \ + $EGREP "$match_pattern_regex" > /dev/null; then + func_append newdeplibs " $a_deplib" + a_deplib="" + break 2 + fi + done + done + fi + if test -n "$a_deplib" ; then + droppeddeps=yes + echo + $ECHO "*** Warning: linker path does not have real file for library $a_deplib." + echo "*** I have the capability to make that library automatically link in when" + echo "*** you link to this library. But I can only do this if you have a" + echo "*** shared version of the library, which you do not appear to have" + echo "*** because I did check the linker path looking for a file starting" + if test -z "$potlib" ; then + $ECHO "*** with $libname but no candidates were found. (...for regex pattern test)" + else + $ECHO "*** with $libname and none of the candidates passed a file format test" + $ECHO "*** using a regex pattern. Last file checked: $potlib" + fi + fi + ;; + *) + # Add a -L argument. + func_append newdeplibs " $a_deplib" + ;; + esac + done # Gone through all deplibs. + ;; + none | unknown | *) + newdeplibs="" + tmp_deplibs=`$ECHO " $deplibs" | $SED 's/ -lc$//; s/ -[LR][^ ]*//g'` + if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then + for i in $predeps $postdeps ; do + # can't use Xsed below, because $i might contain '/' + tmp_deplibs=`$ECHO " $tmp_deplibs" | $SED "s,$i,,"` + done + fi + case $tmp_deplibs in + *[!\ \ ]*) + echo + if test "X$deplibs_check_method" = "Xnone"; then + echo "*** Warning: inter-library dependencies are not supported in this platform." + else + echo "*** Warning: inter-library dependencies are not known to be supported." + fi + echo "*** All declared inter-library dependencies are being dropped." + droppeddeps=yes + ;; + esac + ;; + esac + versuffix=$versuffix_save + major=$major_save + release=$release_save + libname=$libname_save + name=$name_save + + case $host in + *-*-rhapsody* | *-*-darwin1.[012]) + # On Rhapsody replace the C library with the System framework + newdeplibs=`$ECHO " $newdeplibs" | $SED 's/ -lc / System.ltframework /'` + ;; + esac + + if test "$droppeddeps" = yes; then + if test "$module" = yes; then + echo + echo "*** Warning: libtool could not satisfy all declared inter-library" + $ECHO "*** dependencies of module $libname. Therefore, libtool will create" + echo "*** a static module, that should work as long as the dlopening" + echo "*** application is linked with the -dlopen flag." + if test -z "$global_symbol_pipe"; then + echo + echo "*** However, this would only work if libtool was able to extract symbol" + echo "*** lists from a program, using \`nm' or equivalent, but libtool could" + echo "*** not find such a program. So, this module is probably useless." + echo "*** \`nm' from GNU binutils and a full rebuild may help." + fi + if test "$build_old_libs" = no; then + oldlibs="$output_objdir/$libname.$libext" + build_libtool_libs=module + build_old_libs=yes + else + build_libtool_libs=no + fi + else + echo "*** The inter-library dependencies that have been dropped here will be" + echo "*** automatically added whenever a program is linked with this library" + echo "*** or is declared to -dlopen it." + + if test "$allow_undefined" = no; then + echo + echo "*** Since this library must not contain undefined symbols," + echo "*** because either the platform does not support them or" + echo "*** it was explicitly requested with -no-undefined," + echo "*** libtool will only create a static version of it." + if test "$build_old_libs" = no; then + oldlibs="$output_objdir/$libname.$libext" + build_libtool_libs=module + build_old_libs=yes + else + build_libtool_libs=no + fi + fi + fi + fi + # Done checking deplibs! + deplibs=$newdeplibs + fi + # Time to change all our "foo.ltframework" stuff back to "-framework foo" + case $host in + *-*-darwin*) + newdeplibs=`$ECHO " $newdeplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` + new_inherited_linker_flags=`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` + deplibs=`$ECHO " $deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` + ;; + esac + + # move library search paths that coincide with paths to not yet + # installed libraries to the beginning of the library search list + new_libs= + for path in $notinst_path; do + case " $new_libs " in + *" -L$path/$objdir "*) ;; + *) + case " $deplibs " in + *" -L$path/$objdir "*) + func_append new_libs " -L$path/$objdir" ;; + esac + ;; + esac + done + for deplib in $deplibs; do + case $deplib in + -L*) + case " $new_libs " in + *" $deplib "*) ;; + *) func_append new_libs " $deplib" ;; + esac + ;; + *) func_append new_libs " $deplib" ;; + esac + done + deplibs="$new_libs" + + # All the library-specific variables (install_libdir is set above). + library_names= + old_library= + dlname= + + # Test again, we may have decided not to build it any more + if test "$build_libtool_libs" = yes; then + if test "$hardcode_into_libs" = yes; then + # Hardcode the library paths + hardcode_libdirs= + dep_rpath= + rpath="$finalize_rpath" + test "$opt_mode" != relink && rpath="$compile_rpath$rpath" + for libdir in $rpath; do + if test -n "$hardcode_libdir_flag_spec"; then + if test -n "$hardcode_libdir_separator"; then + func_replace_sysroot "$libdir" + libdir=$func_replace_sysroot_result + if test -z "$hardcode_libdirs"; then + hardcode_libdirs="$libdir" + else + # Just accumulate the unique libdirs. + case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in + *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) + ;; + *) + func_append hardcode_libdirs "$hardcode_libdir_separator$libdir" + ;; + esac + fi + else + eval flag=\"$hardcode_libdir_flag_spec\" + func_append dep_rpath " $flag" + fi + elif test -n "$runpath_var"; then + case "$perm_rpath " in + *" $libdir "*) ;; + *) func_apped perm_rpath " $libdir" ;; + esac + fi + done + # Substitute the hardcoded libdirs into the rpath. + if test -n "$hardcode_libdir_separator" && + test -n "$hardcode_libdirs"; then + libdir="$hardcode_libdirs" + if test -n "$hardcode_libdir_flag_spec_ld"; then + eval dep_rpath=\"$hardcode_libdir_flag_spec_ld\" + else + eval dep_rpath=\"$hardcode_libdir_flag_spec\" + fi + fi + if test -n "$runpath_var" && test -n "$perm_rpath"; then + # We should set the runpath_var. + rpath= + for dir in $perm_rpath; do + func_append rpath "$dir:" + done + eval "$runpath_var='$rpath\$$runpath_var'; export $runpath_var" + fi + test -n "$dep_rpath" && deplibs="$dep_rpath $deplibs" + fi + + shlibpath="$finalize_shlibpath" + test "$opt_mode" != relink && shlibpath="$compile_shlibpath$shlibpath" + if test -n "$shlibpath"; then + eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var" + fi + + # Get the real and link names of the library. + eval shared_ext=\"$shrext_cmds\" + eval library_names=\"$library_names_spec\" + set dummy $library_names + shift + realname="$1" + shift + + if test -n "$soname_spec"; then + eval soname=\"$soname_spec\" + else + soname="$realname" + fi + if test -z "$dlname"; then + dlname=$soname + fi + + lib="$output_objdir/$realname" + linknames= + for link + do + func_append linknames " $link" + done + + # Use standard objects if they are pic + test -z "$pic_flag" && libobjs=`$ECHO "$libobjs" | $SP2NL | $SED "$lo2o" | $NL2SP` + test "X$libobjs" = "X " && libobjs= + + delfiles= + if test -n "$export_symbols" && test -n "$include_expsyms"; then + $opt_dry_run || cp "$export_symbols" "$output_objdir/$libname.uexp" + export_symbols="$output_objdir/$libname.uexp" + func_append delfiles " $export_symbols" + fi + + orig_export_symbols= + case $host_os in + cygwin* | mingw* | cegcc*) + if test -n "$export_symbols" && test -z "$export_symbols_regex"; then + # exporting using user supplied symfile + if test "x`$SED 1q $export_symbols`" != xEXPORTS; then + # and it's NOT already a .def file. Must figure out + # which of the given symbols are data symbols and tag + # them as such. So, trigger use of export_symbols_cmds. + # export_symbols gets reassigned inside the "prepare + # the list of exported symbols" if statement, so the + # include_expsyms logic still works. + orig_export_symbols="$export_symbols" + export_symbols= + always_export_symbols=yes + fi + fi + ;; + esac + + # Prepare the list of exported symbols + if test -z "$export_symbols"; then + if test "$always_export_symbols" = yes || test -n "$export_symbols_regex"; then + func_verbose "generating symbol list for \`$libname.la'" + export_symbols="$output_objdir/$libname.exp" + $opt_dry_run || $RM $export_symbols + cmds=$export_symbols_cmds + save_ifs="$IFS"; IFS='~' + for cmd1 in $cmds; do + IFS="$save_ifs" + # Take the normal branch if the nm_file_list_spec branch + # doesn't work or if tool conversion is not needed. + case $nm_file_list_spec~$to_tool_file_cmd in + *~func_convert_file_noop | *~func_convert_file_msys_to_w32 | ~*) + try_normal_branch=yes + eval cmd=\"$cmd1\" + func_len " $cmd" + len=$func_len_result + ;; + *) + try_normal_branch=no + ;; + esac + if test "$try_normal_branch" = yes \ + && { test "$len" -lt "$max_cmd_len" \ + || test "$max_cmd_len" -le -1; } + then + func_show_eval "$cmd" 'exit $?' + skipped_export=false + elif test -n "$nm_file_list_spec"; then + func_basename "$output" + output_la=$func_basename_result + save_libobjs=$libobjs + save_output=$output + output=${output_objdir}/${output_la}.nm + func_to_tool_file "$output" + libobjs=$nm_file_list_spec$func_to_tool_file_result + func_append delfiles " $output" + func_verbose "creating $NM input file list: $output" + for obj in $save_libobjs; do + func_to_tool_file "$obj" + $ECHO "$func_to_tool_file_result" + done > "$output" + eval cmd=\"$cmd1\" + func_show_eval "$cmd" 'exit $?' + output=$save_output + libobjs=$save_libobjs + skipped_export=false + else + # The command line is too long to execute in one step. + func_verbose "using reloadable object file for export list..." + skipped_export=: + # Break out early, otherwise skipped_export may be + # set to false by a later but shorter cmd. + break + fi + done + IFS="$save_ifs" + if test -n "$export_symbols_regex" && test "X$skipped_export" != "X:"; then + func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"' + func_show_eval '$MV "${export_symbols}T" "$export_symbols"' + fi + fi + fi + + if test -n "$export_symbols" && test -n "$include_expsyms"; then + tmp_export_symbols="$export_symbols" + test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols" + $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"' + fi + + if test "X$skipped_export" != "X:" && test -n "$orig_export_symbols"; then + # The given exports_symbols file has to be filtered, so filter it. + func_verbose "filter symbol list for \`$libname.la' to tag DATA exports" + # FIXME: $output_objdir/$libname.filter potentially contains lots of + # 's' commands which not all seds can handle. GNU sed should be fine + # though. Also, the filter scales superlinearly with the number of + # global variables. join(1) would be nice here, but unfortunately + # isn't a blessed tool. + $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter + func_append delfiles " $export_symbols $output_objdir/$libname.filter" + export_symbols=$output_objdir/$libname.def + $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols + fi + + tmp_deplibs= + for test_deplib in $deplibs; do + case " $convenience " in + *" $test_deplib "*) ;; + *) + func_append tmp_deplibs " $test_deplib" + ;; + esac + done + deplibs="$tmp_deplibs" + + if test -n "$convenience"; then + if test -n "$whole_archive_flag_spec" && + test "$compiler_needs_object" = yes && + test -z "$libobjs"; then + # extract the archives, so we have objects to list. + # TODO: could optimize this to just extract one archive. + whole_archive_flag_spec= + fi + if test -n "$whole_archive_flag_spec"; then + save_libobjs=$libobjs + eval libobjs=\"\$libobjs $whole_archive_flag_spec\" + test "X$libobjs" = "X " && libobjs= + else + gentop="$output_objdir/${outputname}x" + func_append generated " $gentop" + + func_extract_archives $gentop $convenience + func_append libobjs " $func_extract_archives_result" + test "X$libobjs" = "X " && libobjs= + fi + fi + + if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then + eval flag=\"$thread_safe_flag_spec\" + func_append linker_flags " $flag" + fi + + # Make a backup of the uninstalled library when relinking + if test "$opt_mode" = relink; then + $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}U && $MV $realname ${realname}U)' || exit $? + fi + + # Do each of the archive commands. + if test "$module" = yes && test -n "$module_cmds" ; then + if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then + eval test_cmds=\"$module_expsym_cmds\" + cmds=$module_expsym_cmds + else + eval test_cmds=\"$module_cmds\" + cmds=$module_cmds + fi + else + if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then + eval test_cmds=\"$archive_expsym_cmds\" + cmds=$archive_expsym_cmds + else + eval test_cmds=\"$archive_cmds\" + cmds=$archive_cmds + fi + fi + + if test "X$skipped_export" != "X:" && + func_len " $test_cmds" && + len=$func_len_result && + test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then + : + else + # The command line is too long to link in one step, link piecewise + # or, if using GNU ld and skipped_export is not :, use a linker + # script. + + # Save the value of $output and $libobjs because we want to + # use them later. If we have whole_archive_flag_spec, we + # want to use save_libobjs as it was before + # whole_archive_flag_spec was expanded, because we can't + # assume the linker understands whole_archive_flag_spec. + # This may have to be revisited, in case too many + # convenience libraries get linked in and end up exceeding + # the spec. + if test -z "$convenience" || test -z "$whole_archive_flag_spec"; then + save_libobjs=$libobjs + fi + save_output=$output + func_basename "$output" + output_la=$func_basename_result + + # Clear the reloadable object creation command queue and + # initialize k to one. + test_cmds= + concat_cmds= + objlist= + last_robj= + k=1 + + if test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "$with_gnu_ld" = yes; then + output=${output_objdir}/${output_la}.lnkscript + func_verbose "creating GNU ld script: $output" + echo 'INPUT (' > $output + for obj in $save_libobjs + do + func_to_tool_file "$obj" + $ECHO "$func_to_tool_file_result" >> $output + done + echo ')' >> $output + func_append delfiles " $output" + func_to_tool_file "$output" + output=$func_to_tool_file_result + elif test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "X$file_list_spec" != X; then + output=${output_objdir}/${output_la}.lnk + func_verbose "creating linker input file list: $output" + : > $output + set x $save_libobjs + shift + firstobj= + if test "$compiler_needs_object" = yes; then + firstobj="$1 " + shift + fi + for obj + do + func_to_tool_file "$obj" + $ECHO "$func_to_tool_file_result" >> $output + done + func_append delfiles " $output" + func_to_tool_file "$output" + output=$firstobj\"$file_list_spec$func_to_tool_file_result\" + else + if test -n "$save_libobjs"; then + func_verbose "creating reloadable object files..." + output=$output_objdir/$output_la-${k}.$objext + eval test_cmds=\"$reload_cmds\" + func_len " $test_cmds" + len0=$func_len_result + len=$len0 + + # Loop over the list of objects to be linked. + for obj in $save_libobjs + do + func_len " $obj" + func_arith $len + $func_len_result + len=$func_arith_result + if test "X$objlist" = X || + test "$len" -lt "$max_cmd_len"; then + func_append objlist " $obj" + else + # The command $test_cmds is almost too long, add a + # command to the queue. + if test "$k" -eq 1 ; then + # The first file doesn't have a previous command to add. + reload_objs=$objlist + eval concat_cmds=\"$reload_cmds\" + else + # All subsequent reloadable object files will link in + # the last one created. + reload_objs="$objlist $last_robj" + eval concat_cmds=\"\$concat_cmds~$reload_cmds~\$RM $last_robj\" + fi + last_robj=$output_objdir/$output_la-${k}.$objext + func_arith $k + 1 + k=$func_arith_result + output=$output_objdir/$output_la-${k}.$objext + objlist=" $obj" + func_len " $last_robj" + func_arith $len0 + $func_len_result + len=$func_arith_result + fi + done + # Handle the remaining objects by creating one last + # reloadable object file. All subsequent reloadable object + # files will link in the last one created. + test -z "$concat_cmds" || concat_cmds=$concat_cmds~ + reload_objs="$objlist $last_robj" + eval concat_cmds=\"\${concat_cmds}$reload_cmds\" + if test -n "$last_robj"; then + eval concat_cmds=\"\${concat_cmds}~\$RM $last_robj\" + fi + func_append delfiles " $output" + + else + output= + fi + + if ${skipped_export-false}; then + func_verbose "generating symbol list for \`$libname.la'" + export_symbols="$output_objdir/$libname.exp" + $opt_dry_run || $RM $export_symbols + libobjs=$output + # Append the command to create the export file. + test -z "$concat_cmds" || concat_cmds=$concat_cmds~ + eval concat_cmds=\"\$concat_cmds$export_symbols_cmds\" + if test -n "$last_robj"; then + eval concat_cmds=\"\$concat_cmds~\$RM $last_robj\" + fi + fi + + test -n "$save_libobjs" && + func_verbose "creating a temporary reloadable object file: $output" + + # Loop through the commands generated above and execute them. + save_ifs="$IFS"; IFS='~' + for cmd in $concat_cmds; do + IFS="$save_ifs" + $opt_silent || { + func_quote_for_expand "$cmd" + eval "func_echo $func_quote_for_expand_result" + } + $opt_dry_run || eval "$cmd" || { + lt_exit=$? + + # Restore the uninstalled library and exit + if test "$opt_mode" = relink; then + ( cd "$output_objdir" && \ + $RM "${realname}T" && \ + $MV "${realname}U" "$realname" ) + fi + + exit $lt_exit + } + done + IFS="$save_ifs" + + if test -n "$export_symbols_regex" && ${skipped_export-false}; then + func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"' + func_show_eval '$MV "${export_symbols}T" "$export_symbols"' + fi + fi + + if ${skipped_export-false}; then + if test -n "$export_symbols" && test -n "$include_expsyms"; then + tmp_export_symbols="$export_symbols" + test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols" + $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"' + fi + + if test -n "$orig_export_symbols"; then + # The given exports_symbols file has to be filtered, so filter it. + func_verbose "filter symbol list for \`$libname.la' to tag DATA exports" + # FIXME: $output_objdir/$libname.filter potentially contains lots of + # 's' commands which not all seds can handle. GNU sed should be fine + # though. Also, the filter scales superlinearly with the number of + # global variables. join(1) would be nice here, but unfortunately + # isn't a blessed tool. + $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter + func_append delfiles " $export_symbols $output_objdir/$libname.filter" + export_symbols=$output_objdir/$libname.def + $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols + fi + fi + + libobjs=$output + # Restore the value of output. + output=$save_output + + if test -n "$convenience" && test -n "$whole_archive_flag_spec"; then + eval libobjs=\"\$libobjs $whole_archive_flag_spec\" + test "X$libobjs" = "X " && libobjs= + fi + # Expand the library linking commands again to reset the + # value of $libobjs for piecewise linking. + + # Do each of the archive commands. + if test "$module" = yes && test -n "$module_cmds" ; then + if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then + cmds=$module_expsym_cmds + else + cmds=$module_cmds + fi + else + if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then + cmds=$archive_expsym_cmds + else + cmds=$archive_cmds + fi + fi + fi + + if test -n "$delfiles"; then + # Append the command to remove temporary files to $cmds. + eval cmds=\"\$cmds~\$RM $delfiles\" + fi + + # Add any objects from preloaded convenience libraries + if test -n "$dlprefiles"; then + gentop="$output_objdir/${outputname}x" + func_append generated " $gentop" + + func_extract_archives $gentop $dlprefiles + func_append libobjs " $func_extract_archives_result" + test "X$libobjs" = "X " && libobjs= + fi + + save_ifs="$IFS"; IFS='~' + for cmd in $cmds; do + IFS="$save_ifs" + eval cmd=\"$cmd\" + $opt_silent || { + func_quote_for_expand "$cmd" + eval "func_echo $func_quote_for_expand_result" + } + $opt_dry_run || eval "$cmd" || { + lt_exit=$? + + # Restore the uninstalled library and exit + if test "$opt_mode" = relink; then + ( cd "$output_objdir" && \ + $RM "${realname}T" && \ + $MV "${realname}U" "$realname" ) + fi + + exit $lt_exit + } + done + IFS="$save_ifs" + + # Restore the uninstalled library and exit + if test "$opt_mode" = relink; then + $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}T && $MV $realname ${realname}T && $MV ${realname}U $realname)' || exit $? + + if test -n "$convenience"; then + if test -z "$whole_archive_flag_spec"; then + func_show_eval '${RM}r "$gentop"' + fi + fi + + exit $EXIT_SUCCESS + fi + + # Create links to the real library. + for linkname in $linknames; do + if test "$realname" != "$linkname"; then + func_show_eval '(cd "$output_objdir" && $RM "$linkname" && $LN_S "$realname" "$linkname")' 'exit $?' + fi + done + + # If -module or -export-dynamic was specified, set the dlname. + if test "$module" = yes || test "$export_dynamic" = yes; then + # On all known operating systems, these are identical. + dlname="$soname" + fi + fi + ;; + + obj) + if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then + func_warning "\`-dlopen' is ignored for objects" + fi + + case " $deplibs" in + *\ -l* | *\ -L*) + func_warning "\`-l' and \`-L' are ignored for objects" ;; + esac + + test -n "$rpath" && \ + func_warning "\`-rpath' is ignored for objects" + + test -n "$xrpath" && \ + func_warning "\`-R' is ignored for objects" + + test -n "$vinfo" && \ + func_warning "\`-version-info' is ignored for objects" + + test -n "$release" && \ + func_warning "\`-release' is ignored for objects" + + case $output in + *.lo) + test -n "$objs$old_deplibs" && \ + func_fatal_error "cannot build library object \`$output' from non-libtool objects" + + libobj=$output + func_lo2o "$libobj" + obj=$func_lo2o_result + ;; + *) + libobj= + obj="$output" + ;; + esac + + # Delete the old objects. + $opt_dry_run || $RM $obj $libobj + + # Objects from convenience libraries. This assumes + # single-version convenience libraries. Whenever we create + # different ones for PIC/non-PIC, this we'll have to duplicate + # the extraction. + reload_conv_objs= + gentop= + # reload_cmds runs $LD directly, so let us get rid of + # -Wl from whole_archive_flag_spec and hope we can get by with + # turning comma into space.. + wl= + + if test -n "$convenience"; then + if test -n "$whole_archive_flag_spec"; then + eval tmp_whole_archive_flags=\"$whole_archive_flag_spec\" + reload_conv_objs=$reload_objs\ `$ECHO "$tmp_whole_archive_flags" | $SED 's|,| |g'` + else + gentop="$output_objdir/${obj}x" + func_append generated " $gentop" + + func_extract_archives $gentop $convenience + reload_conv_objs="$reload_objs $func_extract_archives_result" + fi + fi + + # If we're not building shared, we need to use non_pic_objs + test "$build_libtool_libs" != yes && libobjs="$non_pic_objects" + + # Create the old-style object. + reload_objs="$objs$old_deplibs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; /\.lib$/d; $lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test + + output="$obj" + func_execute_cmds "$reload_cmds" 'exit $?' + + # Exit if we aren't doing a library object file. + if test -z "$libobj"; then + if test -n "$gentop"; then + func_show_eval '${RM}r "$gentop"' + fi + + exit $EXIT_SUCCESS + fi + + if test "$build_libtool_libs" != yes; then + if test -n "$gentop"; then + func_show_eval '${RM}r "$gentop"' + fi + + # Create an invalid libtool object if no PIC, so that we don't + # accidentally link it into a program. + # $show "echo timestamp > $libobj" + # $opt_dry_run || eval "echo timestamp > $libobj" || exit $? + exit $EXIT_SUCCESS + fi + + if test -n "$pic_flag" || test "$pic_mode" != default; then + # Only do commands if we really have different PIC objects. + reload_objs="$libobjs $reload_conv_objs" + output="$libobj" + func_execute_cmds "$reload_cmds" 'exit $?' + fi + + if test -n "$gentop"; then + func_show_eval '${RM}r "$gentop"' + fi + + exit $EXIT_SUCCESS + ;; + + prog) + case $host in + *cygwin*) func_stripname '' '.exe' "$output" + output=$func_stripname_result.exe;; + esac + test -n "$vinfo" && \ + func_warning "\`-version-info' is ignored for programs" + + test -n "$release" && \ + func_warning "\`-release' is ignored for programs" + + test "$preload" = yes \ + && test "$dlopen_support" = unknown \ + && test "$dlopen_self" = unknown \ + && test "$dlopen_self_static" = unknown && \ + func_warning "\`LT_INIT([dlopen])' not used. Assuming no dlopen support." + + case $host in + *-*-rhapsody* | *-*-darwin1.[012]) + # On Rhapsody replace the C library is the System framework + compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's/ -lc / System.ltframework /'` + finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's/ -lc / System.ltframework /'` + ;; + esac + + case $host in + *-*-darwin*) + # Don't allow lazy linking, it breaks C++ global constructors + # But is supposedly fixed on 10.4 or later (yay!). + if test "$tagname" = CXX ; then + case ${MACOSX_DEPLOYMENT_TARGET-10.0} in + 10.[0123]) + func_append compile_command " ${wl}-bind_at_load" + func_append finalize_command " ${wl}-bind_at_load" + ;; + esac + fi + # Time to change all our "foo.ltframework" stuff back to "-framework foo" + compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` + finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` + ;; + esac + + + # move library search paths that coincide with paths to not yet + # installed libraries to the beginning of the library search list + new_libs= + for path in $notinst_path; do + case " $new_libs " in + *" -L$path/$objdir "*) ;; + *) + case " $compile_deplibs " in + *" -L$path/$objdir "*) + func_append new_libs " -L$path/$objdir" ;; + esac + ;; + esac + done + for deplib in $compile_deplibs; do + case $deplib in + -L*) + case " $new_libs " in + *" $deplib "*) ;; + *) func_append new_libs " $deplib" ;; + esac + ;; + *) func_append new_libs " $deplib" ;; + esac + done + compile_deplibs="$new_libs" + + + func_append compile_command " $compile_deplibs" + func_append finalize_command " $finalize_deplibs" + + if test -n "$rpath$xrpath"; then + # If the user specified any rpath flags, then add them. + for libdir in $rpath $xrpath; do + # This is the magic to use -rpath. + case "$finalize_rpath " in + *" $libdir "*) ;; + *) func_append finalize_rpath " $libdir" ;; + esac + done + fi + + # Now hardcode the library paths + rpath= + hardcode_libdirs= + for libdir in $compile_rpath $finalize_rpath; do + if test -n "$hardcode_libdir_flag_spec"; then + if test -n "$hardcode_libdir_separator"; then + if test -z "$hardcode_libdirs"; then + hardcode_libdirs="$libdir" + else + # Just accumulate the unique libdirs. + case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in + *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) + ;; + *) + func_append hardcode_libdirs "$hardcode_libdir_separator$libdir" + ;; + esac + fi + else + eval flag=\"$hardcode_libdir_flag_spec\" + func_append rpath " $flag" + fi + elif test -n "$runpath_var"; then + case "$perm_rpath " in + *" $libdir "*) ;; + *) func_append perm_rpath " $libdir" ;; + esac + fi + case $host in + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) + testbindir=`${ECHO} "$libdir" | ${SED} -e 's*/lib$*/bin*'` + case :$dllsearchpath: in + *":$libdir:"*) ;; + ::) dllsearchpath=$libdir;; + *) func_append dllsearchpath ":$libdir";; + esac + case :$dllsearchpath: in + *":$testbindir:"*) ;; + ::) dllsearchpath=$testbindir;; + *) func_append dllsearchpath ":$testbindir";; + esac + ;; + esac + done + # Substitute the hardcoded libdirs into the rpath. + if test -n "$hardcode_libdir_separator" && + test -n "$hardcode_libdirs"; then + libdir="$hardcode_libdirs" + eval rpath=\" $hardcode_libdir_flag_spec\" + fi + compile_rpath="$rpath" + + rpath= + hardcode_libdirs= + for libdir in $finalize_rpath; do + if test -n "$hardcode_libdir_flag_spec"; then + if test -n "$hardcode_libdir_separator"; then + if test -z "$hardcode_libdirs"; then + hardcode_libdirs="$libdir" + else + # Just accumulate the unique libdirs. + case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in + *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) + ;; + *) + func_append hardcode_libdirs "$hardcode_libdir_separator$libdir" + ;; + esac + fi + else + eval flag=\"$hardcode_libdir_flag_spec\" + func_append rpath " $flag" + fi + elif test -n "$runpath_var"; then + case "$finalize_perm_rpath " in + *" $libdir "*) ;; + *) func_append finalize_perm_rpath " $libdir" ;; + esac + fi + done + # Substitute the hardcoded libdirs into the rpath. + if test -n "$hardcode_libdir_separator" && + test -n "$hardcode_libdirs"; then + libdir="$hardcode_libdirs" + eval rpath=\" $hardcode_libdir_flag_spec\" + fi + finalize_rpath="$rpath" + + if test -n "$libobjs" && test "$build_old_libs" = yes; then + # Transform all the library objects into standard objects. + compile_command=`$ECHO "$compile_command" | $SP2NL | $SED "$lo2o" | $NL2SP` + finalize_command=`$ECHO "$finalize_command" | $SP2NL | $SED "$lo2o" | $NL2SP` + fi + + func_generate_dlsyms "$outputname" "@PROGRAM@" "no" + + # template prelinking step + if test -n "$prelink_cmds"; then + func_execute_cmds "$prelink_cmds" 'exit $?' + fi + + wrappers_required=yes + case $host in + *cegcc* | *mingw32ce*) + # Disable wrappers for cegcc and mingw32ce hosts, we are cross compiling anyway. + wrappers_required=no + ;; + *cygwin* | *mingw* ) + if test "$build_libtool_libs" != yes; then + wrappers_required=no + fi + ;; + *) + if test "$need_relink" = no || test "$build_libtool_libs" != yes; then + wrappers_required=no + fi + ;; + esac + if test "$wrappers_required" = no; then + # Replace the output file specification. + compile_command=`$ECHO "$compile_command" | $SED 's%@OUTPUT@%'"$output"'%g'` + link_command="$compile_command$compile_rpath" + + # We have no uninstalled library dependencies, so finalize right now. + exit_status=0 + func_show_eval "$link_command" 'exit_status=$?' + + if test -n "$postlink_cmds"; then + func_to_tool_file "$output" + postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'` + func_execute_cmds "$postlink_cmds" 'exit $?' + fi + + # Delete the generated files. + if test -f "$output_objdir/${outputname}S.${objext}"; then + func_show_eval '$RM "$output_objdir/${outputname}S.${objext}"' + fi + + exit $exit_status + fi + + if test -n "$compile_shlibpath$finalize_shlibpath"; then + compile_command="$shlibpath_var=\"$compile_shlibpath$finalize_shlibpath\$$shlibpath_var\" $compile_command" + fi + if test -n "$finalize_shlibpath"; then + finalize_command="$shlibpath_var=\"$finalize_shlibpath\$$shlibpath_var\" $finalize_command" + fi + + compile_var= + finalize_var= + if test -n "$runpath_var"; then + if test -n "$perm_rpath"; then + # We should set the runpath_var. + rpath= + for dir in $perm_rpath; do + func_append rpath "$dir:" + done + compile_var="$runpath_var=\"$rpath\$$runpath_var\" " + fi + if test -n "$finalize_perm_rpath"; then + # We should set the runpath_var. + rpath= + for dir in $finalize_perm_rpath; do + func_append rpath "$dir:" + done + finalize_var="$runpath_var=\"$rpath\$$runpath_var\" " + fi + fi + + if test "$no_install" = yes; then + # We don't need to create a wrapper script. + link_command="$compile_var$compile_command$compile_rpath" + # Replace the output file specification. + link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output"'%g'` + # Delete the old output file. + $opt_dry_run || $RM $output + # Link the executable and exit + func_show_eval "$link_command" 'exit $?' + + if test -n "$postlink_cmds"; then + func_to_tool_file "$output" + postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'` + func_execute_cmds "$postlink_cmds" 'exit $?' + fi + + exit $EXIT_SUCCESS + fi + + if test "$hardcode_action" = relink; then + # Fast installation is not supported + link_command="$compile_var$compile_command$compile_rpath" + relink_command="$finalize_var$finalize_command$finalize_rpath" + + func_warning "this platform does not like uninstalled shared libraries" + func_warning "\`$output' will be relinked during installation" + else + if test "$fast_install" != no; then + link_command="$finalize_var$compile_command$finalize_rpath" + if test "$fast_install" = yes; then + relink_command=`$ECHO "$compile_var$compile_command$compile_rpath" | $SED 's%@OUTPUT@%\$progdir/\$file%g'` + else + # fast_install is set to needless + relink_command= + fi + else + link_command="$compile_var$compile_command$compile_rpath" + relink_command="$finalize_var$finalize_command$finalize_rpath" + fi + fi + + # Replace the output file specification. + link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'` + + # Delete the old output files. + $opt_dry_run || $RM $output $output_objdir/$outputname $output_objdir/lt-$outputname + + func_show_eval "$link_command" 'exit $?' + + if test -n "$postlink_cmds"; then + func_to_tool_file "$output_objdir/$outputname" + postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'` + func_execute_cmds "$postlink_cmds" 'exit $?' + fi + + # Now create the wrapper script. + func_verbose "creating $output" + + # Quote the relink command for shipping. + if test -n "$relink_command"; then + # Preserve any variables that may affect compiler behavior + for var in $variables_saved_for_relink; do + if eval test -z \"\${$var+set}\"; then + relink_command="{ test -z \"\${$var+set}\" || $lt_unset $var || { $var=; export $var; }; }; $relink_command" + elif eval var_value=\$$var; test -z "$var_value"; then + relink_command="$var=; export $var; $relink_command" + else + func_quote_for_eval "$var_value" + relink_command="$var=$func_quote_for_eval_result; export $var; $relink_command" + fi + done + relink_command="(cd `pwd`; $relink_command)" + relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"` + fi + + # Only actually do things if not in dry run mode. + $opt_dry_run || { + # win32 will think the script is a binary if it has + # a .exe suffix, so we strip it off here. + case $output in + *.exe) func_stripname '' '.exe' "$output" + output=$func_stripname_result ;; + esac + # test for cygwin because mv fails w/o .exe extensions + case $host in + *cygwin*) + exeext=.exe + func_stripname '' '.exe' "$outputname" + outputname=$func_stripname_result ;; + *) exeext= ;; + esac + case $host in + *cygwin* | *mingw* ) + func_dirname_and_basename "$output" "" "." + output_name=$func_basename_result + output_path=$func_dirname_result + cwrappersource="$output_path/$objdir/lt-$output_name.c" + cwrapper="$output_path/$output_name.exe" + $RM $cwrappersource $cwrapper + trap "$RM $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15 + + func_emit_cwrapperexe_src > $cwrappersource + + # The wrapper executable is built using the $host compiler, + # because it contains $host paths and files. If cross- + # compiling, it, like the target executable, must be + # executed on the $host or under an emulation environment. + $opt_dry_run || { + $LTCC $LTCFLAGS -o $cwrapper $cwrappersource + $STRIP $cwrapper + } + + # Now, create the wrapper script for func_source use: + func_ltwrapper_scriptname $cwrapper + $RM $func_ltwrapper_scriptname_result + trap "$RM $func_ltwrapper_scriptname_result; exit $EXIT_FAILURE" 1 2 15 + $opt_dry_run || { + # note: this script will not be executed, so do not chmod. + if test "x$build" = "x$host" ; then + $cwrapper --lt-dump-script > $func_ltwrapper_scriptname_result + else + func_emit_wrapper no > $func_ltwrapper_scriptname_result + fi + } + ;; + * ) + $RM $output + trap "$RM $output; exit $EXIT_FAILURE" 1 2 15 + + func_emit_wrapper no > $output + chmod +x $output + ;; + esac + } + exit $EXIT_SUCCESS + ;; + esac + + # See if we need to build an old-fashioned archive. + for oldlib in $oldlibs; do + + if test "$build_libtool_libs" = convenience; then + oldobjs="$libobjs_save $symfileobj" + addlibs="$convenience" + build_libtool_libs=no + else + if test "$build_libtool_libs" = module; then + oldobjs="$libobjs_save" + build_libtool_libs=no + else + oldobjs="$old_deplibs $non_pic_objects" + if test "$preload" = yes && test -f "$symfileobj"; then + func_append oldobjs " $symfileobj" + fi + fi + addlibs="$old_convenience" + fi + + if test -n "$addlibs"; then + gentop="$output_objdir/${outputname}x" + func_append generated " $gentop" + + func_extract_archives $gentop $addlibs + func_append oldobjs " $func_extract_archives_result" + fi + + # Do each command in the archive commands. + if test -n "$old_archive_from_new_cmds" && test "$build_libtool_libs" = yes; then + cmds=$old_archive_from_new_cmds + else + + # Add any objects from preloaded convenience libraries + if test -n "$dlprefiles"; then + gentop="$output_objdir/${outputname}x" + func_append generated " $gentop" + + func_extract_archives $gentop $dlprefiles + func_append oldobjs " $func_extract_archives_result" + fi + + # POSIX demands no paths to be encoded in archives. We have + # to avoid creating archives with duplicate basenames if we + # might have to extract them afterwards, e.g., when creating a + # static archive out of a convenience library, or when linking + # the entirety of a libtool archive into another (currently + # not supported by libtool). + if (for obj in $oldobjs + do + func_basename "$obj" + $ECHO "$func_basename_result" + done | sort | sort -uc >/dev/null 2>&1); then + : + else + echo "copying selected object files to avoid basename conflicts..." + gentop="$output_objdir/${outputname}x" + func_append generated " $gentop" + func_mkdir_p "$gentop" + save_oldobjs=$oldobjs + oldobjs= + counter=1 + for obj in $save_oldobjs + do + func_basename "$obj" + objbase="$func_basename_result" + case " $oldobjs " in + " ") oldobjs=$obj ;; + *[\ /]"$objbase "*) + while :; do + # Make sure we don't pick an alternate name that also + # overlaps. + newobj=lt$counter-$objbase + func_arith $counter + 1 + counter=$func_arith_result + case " $oldobjs " in + *[\ /]"$newobj "*) ;; + *) if test ! -f "$gentop/$newobj"; then break; fi ;; + esac + done + func_show_eval "ln $obj $gentop/$newobj || cp $obj $gentop/$newobj" + func_append oldobjs " $gentop/$newobj" + ;; + *) func_append oldobjs " $obj" ;; + esac + done + fi + eval cmds=\"$old_archive_cmds\" + + func_len " $cmds" + len=$func_len_result + if test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then + cmds=$old_archive_cmds + elif test -n "$archiver_list_spec"; then + func_verbose "using command file archive linking..." + for obj in $oldobjs + do + func_to_tool_file "$obj" + $ECHO "$func_to_tool_file_result" + done > $output_objdir/$libname.libcmd + func_to_tool_file "$output_objdir/$libname.libcmd" + oldobjs=" $archiver_list_spec$func_to_tool_file_result" + cmds=$old_archive_cmds + else + # the command line is too long to link in one step, link in parts + func_verbose "using piecewise archive linking..." + save_RANLIB=$RANLIB + RANLIB=: + objlist= + concat_cmds= + save_oldobjs=$oldobjs + oldobjs= + # Is there a better way of finding the last object in the list? + for obj in $save_oldobjs + do + last_oldobj=$obj + done + eval test_cmds=\"$old_archive_cmds\" + func_len " $test_cmds" + len0=$func_len_result + len=$len0 + for obj in $save_oldobjs + do + func_len " $obj" + func_arith $len + $func_len_result + len=$func_arith_result + func_append objlist " $obj" + if test "$len" -lt "$max_cmd_len"; then + : + else + # the above command should be used before it gets too long + oldobjs=$objlist + if test "$obj" = "$last_oldobj" ; then + RANLIB=$save_RANLIB + fi + test -z "$concat_cmds" || concat_cmds=$concat_cmds~ + eval concat_cmds=\"\${concat_cmds}$old_archive_cmds\" + objlist= + len=$len0 + fi + done + RANLIB=$save_RANLIB + oldobjs=$objlist + if test "X$oldobjs" = "X" ; then + eval cmds=\"\$concat_cmds\" + else + eval cmds=\"\$concat_cmds~\$old_archive_cmds\" + fi + fi + fi + func_execute_cmds "$cmds" 'exit $?' + done + + test -n "$generated" && \ + func_show_eval "${RM}r$generated" + + # Now create the libtool archive. + case $output in + *.la) + old_library= + test "$build_old_libs" = yes && old_library="$libname.$libext" + func_verbose "creating $output" + + # Preserve any variables that may affect compiler behavior + for var in $variables_saved_for_relink; do + if eval test -z \"\${$var+set}\"; then + relink_command="{ test -z \"\${$var+set}\" || $lt_unset $var || { $var=; export $var; }; }; $relink_command" + elif eval var_value=\$$var; test -z "$var_value"; then + relink_command="$var=; export $var; $relink_command" + else + func_quote_for_eval "$var_value" + relink_command="$var=$func_quote_for_eval_result; export $var; $relink_command" + fi + done + # Quote the link command for shipping. + relink_command="(cd `pwd`; $SHELL $progpath $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" + relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"` + if test "$hardcode_automatic" = yes ; then + relink_command= + fi + + # Only create the output if not a dry run. + $opt_dry_run || { + for installed in no yes; do + if test "$installed" = yes; then + if test -z "$install_libdir"; then + break + fi + output="$output_objdir/$outputname"i + # Replace all uninstalled libtool libraries with the installed ones + newdependency_libs= + for deplib in $dependency_libs; do + case $deplib in + *.la) + func_basename "$deplib" + name="$func_basename_result" + eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` + test -z "$libdir" && \ + func_fatal_error "\`$deplib' is not a valid libtool archive" + func_append newdependency_libs " ${lt_sysroot:+=}$libdir/$name" + ;; + -L*) + func_stripname -L '' "$deplib" + func_replace_sysroot "$func_stripname_result" + func_append newdependency_libs " -L$func_replace_sysroot_result" + ;; + -R*) + func_stripname -R '' "$deplib" + func_replace_sysroot "$func_stripname_result" + func_append newdependency_libs " -R$func_replace_sysroot_result" + ;; + *) func_append newdependency_libs " $deplib" ;; + esac + done + dependency_libs="$newdependency_libs" + newdlfiles= + + for lib in $dlfiles; do + case $lib in + *.la) + func_basename "$lib" + name="$func_basename_result" + eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` + test -z "$libdir" && \ + func_fatal_error "\`$lib' is not a valid libtool archive" + func_append newdlfiles " ${lt_sysroot:+=}$libdir/$name" + ;; + *) func_append newdlfiles " $lib" ;; + esac + done + dlfiles="$newdlfiles" + newdlprefiles= + for lib in $dlprefiles; do + case $lib in + *.la) + # Only pass preopened files to the pseudo-archive (for + # eventual linking with the app. that links it) if we + # didn't already link the preopened objects directly into + # the library: + func_basename "$lib" + name="$func_basename_result" + eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` + test -z "$libdir" && \ + func_fatal_error "\`$lib' is not a valid libtool archive" + func_append newdlprefiles " ${lt_sysroot:+=}$libdir/$name" + ;; + esac + done + dlprefiles="$newdlprefiles" + else + newdlfiles= + for lib in $dlfiles; do + case $lib in + [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; + *) abs=`pwd`"/$lib" ;; + esac + func_append newdlfiles " $abs" + done + dlfiles="$newdlfiles" + newdlprefiles= + for lib in $dlprefiles; do + case $lib in + [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; + *) abs=`pwd`"/$lib" ;; + esac + func_append newdlprefiles " $abs" + done + dlprefiles="$newdlprefiles" + fi + $RM $output + # place dlname in correct position for cygwin + # In fact, it would be nice if we could use this code for all target + # systems that can't hard-code library paths into their executables + # and that have no shared library path variable independent of PATH, + # but it turns out we can't easily determine that from inspecting + # libtool variables, so we have to hard-code the OSs to which it + # applies here; at the moment, that means platforms that use the PE + # object format with DLL files. See the long comment at the top of + # tests/bindir.at for full details. + tdlname=$dlname + case $host,$output,$installed,$module,$dlname in + *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll | *cegcc*,*lai,yes,no,*.dll) + # If a -bindir argument was supplied, place the dll there. + if test "x$bindir" != x ; + then + func_relative_path "$install_libdir" "$bindir" + tdlname=$func_relative_path_result$dlname + else + # Otherwise fall back on heuristic. + tdlname=../bin/$dlname + fi + ;; + esac + $ECHO > $output "\ +# $outputname - a libtool library file +# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION +# +# Please DO NOT delete this file! +# It is necessary for linking the library. + +# The name that we can dlopen(3). +dlname='$tdlname' + +# Names of this library. +library_names='$library_names' + +# The name of the static archive. +old_library='$old_library' + +# Linker flags that can not go in dependency_libs. +inherited_linker_flags='$new_inherited_linker_flags' + +# Libraries that this one depends upon. +dependency_libs='$dependency_libs' + +# Names of additional weak libraries provided by this library +weak_library_names='$weak_libs' + +# Version information for $libname. +current=$current +age=$age +revision=$revision + +# Is this an already installed library? +installed=$installed + +# Should we warn about portability when linking against -modules? +shouldnotlink=$module + +# Files to dlopen/dlpreopen +dlopen='$dlfiles' +dlpreopen='$dlprefiles' + +# Directory that this library needs to be installed in: +libdir='$install_libdir'" + if test "$installed" = no && test "$need_relink" = yes; then + $ECHO >> $output "\ +relink_command=\"$relink_command\"" + fi + done + } + + # Do a symbolic link so that the libtool archive can be found in + # LD_LIBRARY_PATH before the program is installed. + func_show_eval '( cd "$output_objdir" && $RM "$outputname" && $LN_S "../$outputname" "$outputname" )' 'exit $?' + ;; + esac + exit $EXIT_SUCCESS +} + +{ test "$opt_mode" = link || test "$opt_mode" = relink; } && + func_mode_link ${1+"$@"} + + +# func_mode_uninstall arg... +func_mode_uninstall () +{ + $opt_debug + RM="$nonopt" + files= + rmforce= + exit_status=0 + + # This variable tells wrapper scripts just to set variables rather + # than running their programs. + libtool_install_magic="$magic" + + for arg + do + case $arg in + -f) func_append RM " $arg"; rmforce=yes ;; + -*) func_append RM " $arg" ;; + *) func_append files " $arg" ;; + esac + done + + test -z "$RM" && \ + func_fatal_help "you must specify an RM program" + + rmdirs= + + for file in $files; do + func_dirname "$file" "" "." + dir="$func_dirname_result" + if test "X$dir" = X.; then + odir="$objdir" + else + odir="$dir/$objdir" + fi + func_basename "$file" + name="$func_basename_result" + test "$opt_mode" = uninstall && odir="$dir" + + # Remember odir for removal later, being careful to avoid duplicates + if test "$opt_mode" = clean; then + case " $rmdirs " in + *" $odir "*) ;; + *) func_append rmdirs " $odir" ;; + esac + fi + + # Don't error if the file doesn't exist and rm -f was used. + if { test -L "$file"; } >/dev/null 2>&1 || + { test -h "$file"; } >/dev/null 2>&1 || + test -f "$file"; then + : + elif test -d "$file"; then + exit_status=1 + continue + elif test "$rmforce" = yes; then + continue + fi + + rmfiles="$file" + + case $name in + *.la) + # Possibly a libtool archive, so verify it. + if func_lalib_p "$file"; then + func_source $dir/$name + + # Delete the libtool libraries and symlinks. + for n in $library_names; do + func_append rmfiles " $odir/$n" + done + test -n "$old_library" && func_append rmfiles " $odir/$old_library" + + case "$opt_mode" in + clean) + case " $library_names " in + *" $dlname "*) ;; + *) test -n "$dlname" && func_append rmfiles " $odir/$dlname" ;; + esac + test -n "$libdir" && func_append rmfiles " $odir/$name $odir/${name}i" + ;; + uninstall) + if test -n "$library_names"; then + # Do each command in the postuninstall commands. + func_execute_cmds "$postuninstall_cmds" 'test "$rmforce" = yes || exit_status=1' + fi + + if test -n "$old_library"; then + # Do each command in the old_postuninstall commands. + func_execute_cmds "$old_postuninstall_cmds" 'test "$rmforce" = yes || exit_status=1' + fi + # FIXME: should reinstall the best remaining shared library. + ;; + esac + fi + ;; + + *.lo) + # Possibly a libtool object, so verify it. + if func_lalib_p "$file"; then + + # Read the .lo file + func_source $dir/$name + + # Add PIC object to the list of files to remove. + if test -n "$pic_object" && + test "$pic_object" != none; then + func_append rmfiles " $dir/$pic_object" + fi + + # Add non-PIC object to the list of files to remove. + if test -n "$non_pic_object" && + test "$non_pic_object" != none; then + func_append rmfiles " $dir/$non_pic_object" + fi + fi + ;; + + *) + if test "$opt_mode" = clean ; then + noexename=$name + case $file in + *.exe) + func_stripname '' '.exe' "$file" + file=$func_stripname_result + func_stripname '' '.exe' "$name" + noexename=$func_stripname_result + # $file with .exe has already been added to rmfiles, + # add $file without .exe + func_append rmfiles " $file" + ;; + esac + # Do a test to see if this is a libtool program. + if func_ltwrapper_p "$file"; then + if func_ltwrapper_executable_p "$file"; then + func_ltwrapper_scriptname "$file" + relink_command= + func_source $func_ltwrapper_scriptname_result + func_append rmfiles " $func_ltwrapper_scriptname_result" + else + relink_command= + func_source $dir/$noexename + fi + + # note $name still contains .exe if it was in $file originally + # as does the version of $file that was added into $rmfiles + func_append rmfiles " $odir/$name $odir/${name}S.${objext}" + if test "$fast_install" = yes && test -n "$relink_command"; then + func_append rmfiles " $odir/lt-$name" + fi + if test "X$noexename" != "X$name" ; then + func_append rmfiles " $odir/lt-${noexename}.c" + fi + fi + fi + ;; + esac + func_show_eval "$RM $rmfiles" 'exit_status=1' + done + + # Try to remove the ${objdir}s in the directories where we deleted files + for dir in $rmdirs; do + if test -d "$dir"; then + func_show_eval "rmdir $dir >/dev/null 2>&1" + fi + done + + exit $exit_status +} + +{ test "$opt_mode" = uninstall || test "$opt_mode" = clean; } && + func_mode_uninstall ${1+"$@"} + +test -z "$opt_mode" && { + help="$generic_help" + func_fatal_help "you must specify a MODE" +} + +test -z "$exec_cmd" && \ + func_fatal_help "invalid operation mode \`$opt_mode'" + +if test -n "$exec_cmd"; then + eval exec "$exec_cmd" + exit $EXIT_FAILURE +fi + +exit $exit_status + + +# The TAGs below are defined such that we never get into a situation +# in which we disable both kinds of libraries. Given conflicting +# choices, we go for a static library, that is the most portable, +# since we can't tell whether shared libraries were disabled because +# the user asked for that or because the platform doesn't support +# them. This is particularly important on AIX, because we don't +# support having both static and shared libraries enabled at the same +# time on that platform, so we default to a shared-only configuration. +# If a disable-shared tag is given, we'll fallback to a static-only +# configuration. But we'll never go from static-only to shared-only. + +# ### BEGIN LIBTOOL TAG CONFIG: disable-shared +build_libtool_libs=no +build_old_libs=yes +# ### END LIBTOOL TAG CONFIG: disable-shared + +# ### BEGIN LIBTOOL TAG CONFIG: disable-static +build_old_libs=`case $build_libtool_libs in yes) echo no;; *) echo yes;; esac` +# ### END LIBTOOL TAG CONFIG: disable-static + +# Local Variables: +# mode:shell-script +# sh-indentation:2 +# End: +# vi:sw=2 + diff --git a/lib/libedit/missing b/lib/libedit/missing new file mode 100755 index 000000000000..28055d2ae6f2 --- /dev/null +++ b/lib/libedit/missing @@ -0,0 +1,376 @@ +#! /bin/sh +# Common stub for a few missing GNU programs while installing. + +scriptversion=2009-04-28.21; # UTC + +# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006, +# 2008, 2009 Free Software Foundation, Inc. +# Originally by Fran,cois Pinard , 1996. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +if test $# -eq 0; then + echo 1>&2 "Try \`$0 --help' for more information" + exit 1 +fi + +run=: +sed_output='s/.* --output[ =]\([^ ]*\).*/\1/p' +sed_minuso='s/.* -o \([^ ]*\).*/\1/p' + +# In the cases where this matters, `missing' is being run in the +# srcdir already. +if test -f configure.ac; then + configure_ac=configure.ac +else + configure_ac=configure.in +fi + +msg="missing on your system" + +case $1 in +--run) + # Try to run requested program, and just exit if it succeeds. + run= + shift + "$@" && exit 0 + # Exit code 63 means version mismatch. This often happens + # when the user try to use an ancient version of a tool on + # a file that requires a minimum version. In this case we + # we should proceed has if the program had been absent, or + # if --run hadn't been passed. + if test $? = 63; then + run=: + msg="probably too old" + fi + ;; + + -h|--h|--he|--hel|--help) + echo "\ +$0 [OPTION]... PROGRAM [ARGUMENT]... + +Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an +error status if there is no known handling for PROGRAM. + +Options: + -h, --help display this help and exit + -v, --version output version information and exit + --run try to run the given command, and emulate it if it fails + +Supported PROGRAM values: + aclocal touch file \`aclocal.m4' + autoconf touch file \`configure' + autoheader touch file \`config.h.in' + autom4te touch the output file, or create a stub one + automake touch all \`Makefile.in' files + bison create \`y.tab.[ch]', if possible, from existing .[ch] + flex create \`lex.yy.c', if possible, from existing .c + help2man touch the output file + lex create \`lex.yy.c', if possible, from existing .c + makeinfo touch the output file + tar try tar, gnutar, gtar, then tar without non-portable flags + yacc create \`y.tab.[ch]', if possible, from existing .[ch] + +Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and +\`g' are ignored when checking the name. + +Send bug reports to ." + exit $? + ;; + + -v|--v|--ve|--ver|--vers|--versi|--versio|--version) + echo "missing $scriptversion (GNU Automake)" + exit $? + ;; + + -*) + echo 1>&2 "$0: Unknown \`$1' option" + echo 1>&2 "Try \`$0 --help' for more information" + exit 1 + ;; + +esac + +# normalize program name to check for. +program=`echo "$1" | sed ' + s/^gnu-//; t + s/^gnu//; t + s/^g//; t'` + +# Now exit if we have it, but it failed. Also exit now if we +# don't have it and --version was passed (most likely to detect +# the program). This is about non-GNU programs, so use $1 not +# $program. +case $1 in + lex*|yacc*) + # Not GNU programs, they don't have --version. + ;; + + tar*) + if test -n "$run"; then + echo 1>&2 "ERROR: \`tar' requires --run" + exit 1 + elif test "x$2" = "x--version" || test "x$2" = "x--help"; then + exit 1 + fi + ;; + + *) + if test -z "$run" && ($1 --version) > /dev/null 2>&1; then + # We have it, but it failed. + exit 1 + elif test "x$2" = "x--version" || test "x$2" = "x--help"; then + # Could not run --version or --help. This is probably someone + # running `$TOOL --version' or `$TOOL --help' to check whether + # $TOOL exists and not knowing $TOOL uses missing. + exit 1 + fi + ;; +esac + +# If it does not exist, or fails to run (possibly an outdated version), +# try to emulate it. +case $program in + aclocal*) + echo 1>&2 "\ +WARNING: \`$1' is $msg. You should only need it if + you modified \`acinclude.m4' or \`${configure_ac}'. You might want + to install the \`Automake' and \`Perl' packages. Grab them from + any GNU archive site." + touch aclocal.m4 + ;; + + autoconf*) + echo 1>&2 "\ +WARNING: \`$1' is $msg. You should only need it if + you modified \`${configure_ac}'. You might want to install the + \`Autoconf' and \`GNU m4' packages. Grab them from any GNU + archive site." + touch configure + ;; + + autoheader*) + echo 1>&2 "\ +WARNING: \`$1' is $msg. You should only need it if + you modified \`acconfig.h' or \`${configure_ac}'. You might want + to install the \`Autoconf' and \`GNU m4' packages. Grab them + from any GNU archive site." + files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}` + test -z "$files" && files="config.h" + touch_files= + for f in $files; do + case $f in + *:*) touch_files="$touch_files "`echo "$f" | + sed -e 's/^[^:]*://' -e 's/:.*//'`;; + *) touch_files="$touch_files $f.in";; + esac + done + touch $touch_files + ;; + + automake*) + echo 1>&2 "\ +WARNING: \`$1' is $msg. You should only need it if + you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'. + You might want to install the \`Automake' and \`Perl' packages. + Grab them from any GNU archive site." + find . -type f -name Makefile.am -print | + sed 's/\.am$/.in/' | + while read f; do touch "$f"; done + ;; + + autom4te*) + echo 1>&2 "\ +WARNING: \`$1' is needed, but is $msg. + You might have modified some files without having the + proper tools for further handling them. + You can get \`$1' as part of \`Autoconf' from any GNU + archive site." + + file=`echo "$*" | sed -n "$sed_output"` + test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` + if test -f "$file"; then + touch $file + else + test -z "$file" || exec >$file + echo "#! /bin/sh" + echo "# Created by GNU Automake missing as a replacement of" + echo "# $ $@" + echo "exit 0" + chmod +x $file + exit 1 + fi + ;; + + bison*|yacc*) + echo 1>&2 "\ +WARNING: \`$1' $msg. You should only need it if + you modified a \`.y' file. You may need the \`Bison' package + in order for those modifications to take effect. You can get + \`Bison' from any GNU archive site." + rm -f y.tab.c y.tab.h + if test $# -ne 1; then + eval LASTARG="\${$#}" + case $LASTARG in + *.y) + SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` + if test -f "$SRCFILE"; then + cp "$SRCFILE" y.tab.c + fi + SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'` + if test -f "$SRCFILE"; then + cp "$SRCFILE" y.tab.h + fi + ;; + esac + fi + if test ! -f y.tab.h; then + echo >y.tab.h + fi + if test ! -f y.tab.c; then + echo 'main() { return 0; }' >y.tab.c + fi + ;; + + lex*|flex*) + echo 1>&2 "\ +WARNING: \`$1' is $msg. You should only need it if + you modified a \`.l' file. You may need the \`Flex' package + in order for those modifications to take effect. You can get + \`Flex' from any GNU archive site." + rm -f lex.yy.c + if test $# -ne 1; then + eval LASTARG="\${$#}" + case $LASTARG in + *.l) + SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` + if test -f "$SRCFILE"; then + cp "$SRCFILE" lex.yy.c + fi + ;; + esac + fi + if test ! -f lex.yy.c; then + echo 'main() { return 0; }' >lex.yy.c + fi + ;; + + help2man*) + echo 1>&2 "\ +WARNING: \`$1' is $msg. You should only need it if + you modified a dependency of a manual page. You may need the + \`Help2man' package in order for those modifications to take + effect. You can get \`Help2man' from any GNU archive site." + + file=`echo "$*" | sed -n "$sed_output"` + test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` + if test -f "$file"; then + touch $file + else + test -z "$file" || exec >$file + echo ".ab help2man is required to generate this page" + exit $? + fi + ;; + + makeinfo*) + echo 1>&2 "\ +WARNING: \`$1' is $msg. You should only need it if + you modified a \`.texi' or \`.texinfo' file, or any other file + indirectly affecting the aspect of the manual. The spurious + call might also be the consequence of using a buggy \`make' (AIX, + DU, IRIX). You might want to install the \`Texinfo' package or + the \`GNU make' package. Grab either from any GNU archive site." + # The file to touch is that specified with -o ... + file=`echo "$*" | sed -n "$sed_output"` + test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` + if test -z "$file"; then + # ... or it is the one specified with @setfilename ... + infile=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'` + file=`sed -n ' + /^@setfilename/{ + s/.* \([^ ]*\) *$/\1/ + p + q + }' $infile` + # ... or it is derived from the source name (dir/f.texi becomes f.info) + test -z "$file" && file=`echo "$infile" | sed 's,.*/,,;s,.[^.]*$,,'`.info + fi + # If the file does not exist, the user really needs makeinfo; + # let's fail without touching anything. + test -f $file || exit 1 + touch $file + ;; + + tar*) + shift + + # We have already tried tar in the generic part. + # Look for gnutar/gtar before invocation to avoid ugly error + # messages. + if (gnutar --version > /dev/null 2>&1); then + gnutar "$@" && exit 0 + fi + if (gtar --version > /dev/null 2>&1); then + gtar "$@" && exit 0 + fi + firstarg="$1" + if shift; then + case $firstarg in + *o*) + firstarg=`echo "$firstarg" | sed s/o//` + tar "$firstarg" "$@" && exit 0 + ;; + esac + case $firstarg in + *h*) + firstarg=`echo "$firstarg" | sed s/h//` + tar "$firstarg" "$@" && exit 0 + ;; + esac + fi + + echo 1>&2 "\ +WARNING: I can't seem to be able to run \`tar' with the given arguments. + You may want to install GNU tar or Free paxutils, or check the + command line arguments." + exit 1 + ;; + + *) + echo 1>&2 "\ +WARNING: \`$1' is needed, and is $msg. + You might have modified some files without having the + proper tools for further handling them. Check the \`README' file, + it often tells you about the needed prerequisites for installing + this package. You may also peek at any GNU archive site, in case + some other package would contain this missing \`$1' program." + exit 1 + ;; +esac + +exit 0 + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/lib/libedit/src/Makefile.am b/lib/libedit/src/Makefile.am new file mode 100644 index 000000000000..47e8a50265b7 --- /dev/null +++ b/lib/libedit/src/Makefile.am @@ -0,0 +1,58 @@ + +BUILT_SOURCES = vi.h emacs.h common.h fcns.h help.h fcns.c help.c +if WIDECHAR +BUILT_SOURCES += tokenizern.c historyn.c +endif + +AHDR= vi.h emacs.h common.h +ASRC= $(srcdir)/vi.c $(srcdir)/emacs.c $(srcdir)/common.c + +vi.h: Makefile $(srcdir)/vi.c + AWK=$(AWK) sh $(srcdir)/makelist -h $(srcdir)/vi.c > $@ + +emacs.h: Makefile $(srcdir)/emacs.c + AWK=$(AWK) sh $(srcdir)/makelist -h $(srcdir)/emacs.c > $@ + +common.h: Makefile $(srcdir)/common.c + AWK=$(AWK) sh $(srcdir)/makelist -h $(srcdir)/common.c > $@ + +fcns.h: Makefile $(AHDR) + AWK=$(AWK) sh $(srcdir)/makelist -fh $(AHDR) > $@ + +help.h: Makefile $(ASRC) + AWK=$(AWK) sh $(srcdir)/makelist -bh $(ASRC) > $@ + +fcns.c: Makefile $(AHDR) + AWK=$(AWK) sh $(srcdir)/makelist -fc $(AHDR) > $@ + +help.c: Makefile $(ASRC) + AWK=$(AWK) sh $(srcdir)/makelist -bc $(ASRC) > $@ + +tokenizern.c: Makefile $(srcdir)/tokenizer.c + AWK=$(AWK) sh $(srcdir)/makelist -n $(srcdir)/tokenizer.c > $@ + +historyn.c: Makefile $(srcdir)/history.c + AWK=$(AWK) sh $(srcdir)/makelist -n $(srcdir)/history.c > $@ + +CLEANFILES = $(BUILT_SOURCES) + +lib_LTLIBRARIES = libheimedit.la +libheimedit_la_SOURCES = chared.c common.c el.c emacs.c hist.c key.c map.c chartype.c parse.c \ + prompt.c read.c refresh.c search.c sig.c term.c tty.c vi.c \ + fgetln.c strlcat.c strlcpy.c unvis.c vis.c wcsdup.c tokenizer.c \ + history.c filecomplete.c readline.c chared.h el.h hist.h \ + histedit.h key.h map.h chartype.h parse.h prompt.h read.h refresh.h \ + search.h sig.h sys.h el_term.h tty.h vis.h filecomplete.h \ + editline/readline.h +if WIDECHAR +libheimedit_la_SOURCES += eln.c +endif + +EXTRA_DIST = makelist shlib_version +#nobase_include_HEADERS = histedit.h editline/readline.h +EXTRA_DIST += histedit.h editline/readline.h + +nodist_libheimedit_la_SOURCES = $(BUILT_SOURCES) + +libheimedit_la_LDFLAGS = -no-undefined -version-info $(LT_VERSION) + diff --git a/lib/libedit/src/Makefile.in b/lib/libedit/src/Makefile.in new file mode 100644 index 000000000000..f68759ee7727 --- /dev/null +++ b/lib/libedit/src/Makefile.in @@ -0,0 +1,639 @@ +# Makefile.in generated by automake 1.11.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +@WIDECHAR_TRUE@am__append_1 = tokenizern.c historyn.c +@WIDECHAR_TRUE@am__append_2 = eln.c +subdir = src +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__installdirs = "$(DESTDIR)$(libdir)" +LTLIBRARIES = $(lib_LTLIBRARIES) +libheimedit_la_LIBADD = +am__libheimedit_la_SOURCES_DIST = chared.c common.c el.c emacs.c \ + hist.c key.c map.c chartype.c parse.c prompt.c read.c \ + refresh.c search.c sig.c term.c tty.c vi.c fgetln.c strlcat.c \ + strlcpy.c unvis.c vis.c wcsdup.c tokenizer.c history.c \ + filecomplete.c readline.c chared.h el.h hist.h histedit.h \ + key.h map.h chartype.h parse.h prompt.h read.h refresh.h \ + search.h sig.h sys.h el_term.h tty.h vis.h filecomplete.h \ + editline/readline.h eln.c +@WIDECHAR_TRUE@am__objects_1 = eln.lo +am_libheimedit_la_OBJECTS = chared.lo common.lo el.lo emacs.lo hist.lo \ + key.lo map.lo chartype.lo parse.lo prompt.lo read.lo \ + refresh.lo search.lo sig.lo term.lo tty.lo vi.lo fgetln.lo \ + strlcat.lo strlcpy.lo unvis.lo vis.lo wcsdup.lo tokenizer.lo \ + history.lo filecomplete.lo readline.lo $(am__objects_1) +@WIDECHAR_TRUE@am__objects_2 = tokenizern.lo historyn.lo +am__objects_3 = fcns.lo help.lo $(am__objects_2) +nodist_libheimedit_la_OBJECTS = $(am__objects_3) +libheimedit_la_OBJECTS = $(am_libheimedit_la_OBJECTS) \ + $(nodist_libheimedit_la_OBJECTS) +AM_V_lt = $(am__v_lt_$(V)) +am__v_lt_ = $(am__v_lt_$(AM_DEFAULT_VERBOSITY)) +am__v_lt_0 = --silent +libheimedit_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) $(libheimedit_la_LDFLAGS) $(LDFLAGS) -o \ + $@ +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_$(V)) +am__v_CC_ = $(am__v_CC_$(AM_DEFAULT_VERBOSITY)) +am__v_CC_0 = @echo " CC " $@; +AM_V_at = $(am__v_at_$(V)) +am__v_at_ = $(am__v_at_$(AM_DEFAULT_VERBOSITY)) +am__v_at_0 = @ +CCLD = $(CC) +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_$(V)) +am__v_CCLD_ = $(am__v_CCLD_$(AM_DEFAULT_VERBOSITY)) +am__v_CCLD_0 = @echo " CCLD " $@; +AM_V_GEN = $(am__v_GEN_$(V)) +am__v_GEN_ = $(am__v_GEN_$(AM_DEFAULT_VERBOSITY)) +am__v_GEN_0 = @echo " GEN " $@; +SOURCES = $(libheimedit_la_SOURCES) $(nodist_libheimedit_la_SOURCES) +DIST_SOURCES = $(am__libheimedit_la_SOURCES_DIST) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +ALLOCA = @ALLOCA@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +LT_VERSION = @LT_VERSION@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MANTYPE = @MANTYPE@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +BUILT_SOURCES = vi.h emacs.h common.h fcns.h help.h fcns.c help.c \ + $(am__append_1) +AHDR = vi.h emacs.h common.h +ASRC = $(srcdir)/vi.c $(srcdir)/emacs.c $(srcdir)/common.c +CLEANFILES = $(BUILT_SOURCES) +lib_LTLIBRARIES = libheimedit.la +libheimedit_la_SOURCES = chared.c common.c el.c emacs.c hist.c key.c \ + map.c chartype.c parse.c prompt.c read.c refresh.c search.c \ + sig.c term.c tty.c vi.c fgetln.c strlcat.c strlcpy.c unvis.c \ + vis.c wcsdup.c tokenizer.c history.c filecomplete.c readline.c \ + chared.h el.h hist.h histedit.h key.h map.h chartype.h parse.h \ + prompt.h read.h refresh.h search.h sig.h sys.h el_term.h tty.h \ + vis.h filecomplete.h editline/readline.h $(am__append_2) +#nobase_include_HEADERS = histedit.h editline/readline.h +EXTRA_DIST = makelist shlib_version histedit.h editline/readline.h +nodist_libheimedit_la_SOURCES = $(BUILT_SOURCES) +libheimedit_la_LDFLAGS = -no-undefined -version-info $(LT_VERSION) +all: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ + if test -f $$p; then \ + list2="$$list2 $$p"; \ + else :; fi; \ + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ + done + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libheimedit.la: $(libheimedit_la_OBJECTS) $(libheimedit_la_DEPENDENCIES) + $(AM_V_CCLD)$(libheimedit_la_LINK) -rpath $(libdir) $(libheimedit_la_OBJECTS) $(libheimedit_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chared.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chartype.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/common.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/el.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/eln.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/emacs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fcns.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fgetln.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/filecomplete.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/help.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hist.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/history.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/historyn.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/key.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/map.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parse.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/prompt.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/read.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/readline.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/refresh.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/search.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sig.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strlcat.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strlcpy.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/term.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tokenizer.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tokenizern.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tty.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unvis.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vis.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/wcsdup.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) check-am +all-am: Makefile $(LTLIBRARIES) +installdirs: + for dir in "$(DESTDIR)$(libdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." + -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) +clean: clean-am + +clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: install-libLTLIBRARIES + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-libLTLIBRARIES + +.MAKE: all check install install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-libLTLIBRARIES clean-libtool ctags distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am \ + install-libLTLIBRARIES install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags uninstall uninstall-am uninstall-libLTLIBRARIES + + +vi.h: Makefile $(srcdir)/vi.c + AWK=$(AWK) sh $(srcdir)/makelist -h $(srcdir)/vi.c > $@ + +emacs.h: Makefile $(srcdir)/emacs.c + AWK=$(AWK) sh $(srcdir)/makelist -h $(srcdir)/emacs.c > $@ + +common.h: Makefile $(srcdir)/common.c + AWK=$(AWK) sh $(srcdir)/makelist -h $(srcdir)/common.c > $@ + +fcns.h: Makefile $(AHDR) + AWK=$(AWK) sh $(srcdir)/makelist -fh $(AHDR) > $@ + +help.h: Makefile $(ASRC) + AWK=$(AWK) sh $(srcdir)/makelist -bh $(ASRC) > $@ + +fcns.c: Makefile $(AHDR) + AWK=$(AWK) sh $(srcdir)/makelist -fc $(AHDR) > $@ + +help.c: Makefile $(ASRC) + AWK=$(AWK) sh $(srcdir)/makelist -bc $(ASRC) > $@ + +tokenizern.c: Makefile $(srcdir)/tokenizer.c + AWK=$(AWK) sh $(srcdir)/makelist -n $(srcdir)/tokenizer.c > $@ + +historyn.c: Makefile $(srcdir)/history.c + AWK=$(AWK) sh $(srcdir)/makelist -n $(srcdir)/history.c > $@ + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/lib/libedit/src/chared.c b/lib/libedit/src/chared.c new file mode 100644 index 000000000000..ec600a7bd389 --- /dev/null +++ b/lib/libedit/src/chared.c @@ -0,0 +1,796 @@ +/* $NetBSD: chared.c,v 1.29 2010/08/28 15:44:59 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)chared.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: chared.c,v 1.29 2010/08/28 15:44:59 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * chared.c: Character editor utilities + */ +#include +#include "el.h" + +private void ch__clearmacro (EditLine *); + +/* value to leave unused in line buffer */ +#define EL_LEAVE 2 + +/* cv_undo(): + * Handle state for the vi undo command + */ +protected void +cv_undo(EditLine *el) +{ + c_undo_t *vu = &el->el_chared.c_undo; + c_redo_t *r = &el->el_chared.c_redo; + size_t size; + + /* Save entire line for undo */ + size = el->el_line.lastchar - el->el_line.buffer; + vu->len = size; + vu->cursor = (int)(el->el_line.cursor - el->el_line.buffer); + (void)memcpy(vu->buf, el->el_line.buffer, size * sizeof(*vu->buf)); + + /* save command info for redo */ + r->count = el->el_state.doingarg ? el->el_state.argument : 0; + r->action = el->el_chared.c_vcmd.action; + r->pos = r->buf; + r->cmd = el->el_state.thiscmd; + r->ch = el->el_state.thisch; +} + +/* cv_yank(): + * Save yank/delete data for paste + */ +protected void +cv_yank(EditLine *el, const Char *ptr, int size) +{ + c_kill_t *k = &el->el_chared.c_kill; + + (void)memcpy(k->buf, ptr, size * sizeof(*k->buf)); + k->last = k->buf + size; +} + + +/* c_insert(): + * Insert num characters + */ +protected void +c_insert(EditLine *el, int num) +{ + Char *cp; + + if (el->el_line.lastchar + num >= el->el_line.limit) { + if (!ch_enlargebufs(el, (size_t)num)) + return; /* can't go past end of buffer */ + } + + if (el->el_line.cursor < el->el_line.lastchar) { + /* if I must move chars */ + for (cp = el->el_line.lastchar; cp >= el->el_line.cursor; cp--) + cp[num] = *cp; + } + el->el_line.lastchar += num; +} + + +/* c_delafter(): + * Delete num characters after the cursor + */ +protected void +c_delafter(EditLine *el, int num) +{ + + if (el->el_line.cursor + num > el->el_line.lastchar) + num = (int)(el->el_line.lastchar - el->el_line.cursor); + + if (el->el_map.current != el->el_map.emacs) { + cv_undo(el); + cv_yank(el, el->el_line.cursor, num); + } + + if (num > 0) { + Char *cp; + + for (cp = el->el_line.cursor; cp <= el->el_line.lastchar; cp++) + *cp = cp[num]; + + el->el_line.lastchar -= num; + } +} + + +/* c_delafter1(): + * Delete the character after the cursor, do not yank + */ +protected void +c_delafter1(EditLine *el) +{ + Char *cp; + + for (cp = el->el_line.cursor; cp <= el->el_line.lastchar; cp++) + *cp = cp[1]; + + el->el_line.lastchar--; +} + + +/* c_delbefore(): + * Delete num characters before the cursor + */ +protected void +c_delbefore(EditLine *el, int num) +{ + + if (el->el_line.cursor - num < el->el_line.buffer) + num = (int)(el->el_line.cursor - el->el_line.buffer); + + if (el->el_map.current != el->el_map.emacs) { + cv_undo(el); + cv_yank(el, el->el_line.cursor - num, num); + } + + if (num > 0) { + Char *cp; + + for (cp = el->el_line.cursor - num; + cp <= el->el_line.lastchar; + cp++) + *cp = cp[num]; + + el->el_line.lastchar -= num; + } +} + + +/* c_delbefore1(): + * Delete the character before the cursor, do not yank + */ +protected void +c_delbefore1(EditLine *el) +{ + Char *cp; + + for (cp = el->el_line.cursor - 1; cp <= el->el_line.lastchar; cp++) + *cp = cp[1]; + + el->el_line.lastchar--; +} + + +/* ce__isword(): + * Return if p is part of a word according to emacs + */ +protected int +ce__isword(Int p) +{ + return (Isalnum(p) || Strchr(STR("*?_-.[]~="), p) != NULL); +} + + +/* cv__isword(): + * Return if p is part of a word according to vi + */ +protected int +cv__isword(Int p) +{ + if (Isalnum(p) || p == '_') + return 1; + if (Isgraph(p)) + return 2; + return 0; +} + + +/* cv__isWord(): + * Return if p is part of a big word according to vi + */ +protected int +cv__isWord(Int p) +{ + return (!Isspace(p)); +} + + +/* c__prev_word(): + * Find the previous word + */ +protected Char * +c__prev_word(Char *p, Char *low, int n, int (*wtest)(Int)) +{ + p--; + + while (n--) { + while ((p >= low) && !(*wtest)(*p)) + p--; + while ((p >= low) && (*wtest)(*p)) + p--; + } + + /* cp now points to one character before the word */ + p++; + if (p < low) + p = low; + /* cp now points where we want it */ + return (p); +} + + +/* c__next_word(): + * Find the next word + */ +protected Char * +c__next_word(Char *p, Char *high, int n, int (*wtest)(Int)) +{ + while (n--) { + while ((p < high) && !(*wtest)(*p)) + p++; + while ((p < high) && (*wtest)(*p)) + p++; + } + if (p > high) + p = high; + /* p now points where we want it */ + return (p); +} + +/* cv_next_word(): + * Find the next word vi style + */ +protected Char * +cv_next_word(EditLine *el, Char *p, Char *high, int n, int (*wtest)(Int)) +{ + int test; + + while (n--) { + test = (*wtest)(*p); + while ((p < high) && (*wtest)(*p) == test) + p++; + /* + * vi historically deletes with cw only the word preserving the + * trailing whitespace! This is not what 'w' does.. + */ + if (n || el->el_chared.c_vcmd.action != (DELETE|INSERT)) + while ((p < high) && Isspace(*p)) + p++; + } + + /* p now points where we want it */ + if (p > high) + return (high); + else + return (p); +} + + +/* cv_prev_word(): + * Find the previous word vi style + */ +protected Char * +cv_prev_word(Char *p, Char *low, int n, int (*wtest)(Int)) +{ + int test; + + p--; + while (n--) { + while ((p > low) && Isspace(*p)) + p--; + test = (*wtest)(*p); + while ((p >= low) && (*wtest)(*p) == test) + p--; + } + p++; + + /* p now points where we want it */ + if (p < low) + return (low); + else + return (p); +} + + +#ifdef notdef +/* c__number(): + * Ignore character p points to, return number appearing after that. + * A '$' by itself means a big number; "$-" is for negative; '^' means 1. + * Return p pointing to last char used. + */ +protected Char * +c__number( + Char *p, /* character position */ + int *num, /* Return value */ + int dval) /* dval is the number to subtract from like $-3 */ +{ + int i; + int sign = 1; + + if (*++p == '^') { + *num = 1; + return (p); + } + if (*p == '$') { + if (*++p != '-') { + *num = 0x7fffffff; /* Handle $ */ + return (--p); + } + sign = -1; /* Handle $- */ + ++p; + } + /* XXX: this assumes ASCII compatible digits */ + for (i = 0; Isdigit(*p); i = 10 * i + *p++ - '0') + continue; + *num = (sign < 0 ? dval - i : i); + return (--p); +} +#endif + +/* cv_delfini(): + * Finish vi delete action + */ +protected void +cv_delfini(EditLine *el) +{ + int size; + int action = el->el_chared.c_vcmd.action; + + if (action & INSERT) + el->el_map.current = el->el_map.key; + + if (el->el_chared.c_vcmd.pos == 0) + /* sanity */ + return; + + size = (int)(el->el_line.cursor - el->el_chared.c_vcmd.pos); + if (size == 0) + size = 1; + el->el_line.cursor = el->el_chared.c_vcmd.pos; + if (action & YANK) { + if (size > 0) + cv_yank(el, el->el_line.cursor, size); + else + cv_yank(el, el->el_line.cursor + size, -size); + } else { + if (size > 0) { + c_delafter(el, size); + re_refresh_cursor(el); + } else { + c_delbefore(el, -size); + el->el_line.cursor += size; + } + } + el->el_chared.c_vcmd.action = NOP; +} + + +#ifdef notdef +/* ce__endword(): + * Go to the end of this word according to emacs + */ +protected Char * +ce__endword(Char *p, Char *high, int n) +{ + p++; + + while (n--) { + while ((p < high) && Isspace(*p)) + p++; + while ((p < high) && !Isspace(*p)) + p++; + } + + p--; + return (p); +} +#endif + + +/* cv__endword(): + * Go to the end of this word according to vi + */ +protected Char * +cv__endword(Char *p, Char *high, int n, int (*wtest)(Int)) +{ + int test; + + p++; + + while (n--) { + while ((p < high) && Isspace(*p)) + p++; + + test = (*wtest)(*p); + while ((p < high) && (*wtest)(*p) == test) + p++; + } + p--; + return (p); +} + +/* ch_init(): + * Initialize the character editor + */ +protected int +ch_init(EditLine *el) +{ + c_macro_t *ma = &el->el_chared.c_macro; + + el->el_line.buffer = el_malloc(EL_BUFSIZ * + sizeof(*el->el_line.buffer)); + if (el->el_line.buffer == NULL) + return (-1); + + (void) memset(el->el_line.buffer, 0, EL_BUFSIZ * + sizeof(*el->el_line.buffer)); + el->el_line.cursor = el->el_line.buffer; + el->el_line.lastchar = el->el_line.buffer; + el->el_line.limit = &el->el_line.buffer[EL_BUFSIZ - EL_LEAVE]; + + el->el_chared.c_undo.buf = el_malloc(EL_BUFSIZ * + sizeof(*el->el_chared.c_undo.buf)); + if (el->el_chared.c_undo.buf == NULL) + return (-1); + (void) memset(el->el_chared.c_undo.buf, 0, EL_BUFSIZ * + sizeof(*el->el_chared.c_undo.buf)); + el->el_chared.c_undo.len = -1; + el->el_chared.c_undo.cursor = 0; + el->el_chared.c_redo.buf = el_malloc(EL_BUFSIZ * + sizeof(*el->el_chared.c_redo.buf)); + if (el->el_chared.c_redo.buf == NULL) + return (-1); + el->el_chared.c_redo.pos = el->el_chared.c_redo.buf; + el->el_chared.c_redo.lim = el->el_chared.c_redo.buf + EL_BUFSIZ; + el->el_chared.c_redo.cmd = ED_UNASSIGNED; + + el->el_chared.c_vcmd.action = NOP; + el->el_chared.c_vcmd.pos = el->el_line.buffer; + + el->el_chared.c_kill.buf = el_malloc(EL_BUFSIZ * + sizeof(*el->el_chared.c_kill.buf)); + if (el->el_chared.c_kill.buf == NULL) + return (-1); + (void) memset(el->el_chared.c_kill.buf, 0, EL_BUFSIZ * + sizeof(*el->el_chared.c_kill.buf)); + el->el_chared.c_kill.mark = el->el_line.buffer; + el->el_chared.c_kill.last = el->el_chared.c_kill.buf; + el->el_chared.c_resizefun = NULL; + el->el_chared.c_resizearg = NULL; + + el->el_map.current = el->el_map.key; + + el->el_state.inputmode = MODE_INSERT; /* XXX: save a default */ + el->el_state.doingarg = 0; + el->el_state.metanext = 0; + el->el_state.argument = 1; + el->el_state.lastcmd = ED_UNASSIGNED; + + ma->level = -1; + ma->offset = 0; + ma->macro = el_malloc(EL_MAXMACRO * sizeof(*ma->macro)); + if (ma->macro == NULL) + return (-1); + return (0); +} + +/* ch_reset(): + * Reset the character editor + */ +protected void +ch_reset(EditLine *el, int mclear) +{ + el->el_line.cursor = el->el_line.buffer; + el->el_line.lastchar = el->el_line.buffer; + + el->el_chared.c_undo.len = -1; + el->el_chared.c_undo.cursor = 0; + + el->el_chared.c_vcmd.action = NOP; + el->el_chared.c_vcmd.pos = el->el_line.buffer; + + el->el_chared.c_kill.mark = el->el_line.buffer; + + el->el_map.current = el->el_map.key; + + el->el_state.inputmode = MODE_INSERT; /* XXX: save a default */ + el->el_state.doingarg = 0; + el->el_state.metanext = 0; + el->el_state.argument = 1; + el->el_state.lastcmd = ED_UNASSIGNED; + + el->el_history.eventno = 0; + + if (mclear) + ch__clearmacro(el); +} + +private void +ch__clearmacro(EditLine *el) +{ + c_macro_t *ma = &el->el_chared.c_macro; + while (ma->level >= 0) + el_free((ptr_t)ma->macro[ma->level--]); +} + +/* ch_enlargebufs(): + * Enlarge line buffer to be able to hold twice as much characters. + * Returns 1 if successful, 0 if not. + */ +protected int +ch_enlargebufs(EditLine *el, size_t addlen) +{ + size_t sz, newsz; + Char *newbuffer, *oldbuf, *oldkbuf; + + sz = el->el_line.limit - el->el_line.buffer + EL_LEAVE; + newsz = sz * 2; + /* + * If newly required length is longer than current buffer, we need + * to make the buffer big enough to hold both old and new stuff. + */ + if (addlen > sz) { + while(newsz - sz < addlen) + newsz *= 2; + } + + /* + * Reallocate line buffer. + */ + newbuffer = el_realloc(el->el_line.buffer, newsz * sizeof(*newbuffer)); + if (!newbuffer) + return 0; + + /* zero the newly added memory, leave old data in */ + (void) memset(&newbuffer[sz], 0, (newsz - sz) * sizeof(*newbuffer)); + + oldbuf = el->el_line.buffer; + + el->el_line.buffer = newbuffer; + el->el_line.cursor = newbuffer + (el->el_line.cursor - oldbuf); + el->el_line.lastchar = newbuffer + (el->el_line.lastchar - oldbuf); + /* don't set new size until all buffers are enlarged */ + el->el_line.limit = &newbuffer[sz - EL_LEAVE]; + + /* + * Reallocate kill buffer. + */ + newbuffer = el_realloc(el->el_chared.c_kill.buf, newsz * sizeof(*newbuffer)); + if (!newbuffer) + return 0; + + /* zero the newly added memory, leave old data in */ + (void) memset(&newbuffer[sz], 0, (newsz - sz) * sizeof(*newbuffer)); + + oldkbuf = el->el_chared.c_kill.buf; + + el->el_chared.c_kill.buf = newbuffer; + el->el_chared.c_kill.last = newbuffer + + (el->el_chared.c_kill.last - oldkbuf); + el->el_chared.c_kill.mark = el->el_line.buffer + + (el->el_chared.c_kill.mark - oldbuf); + + /* + * Reallocate undo buffer. + */ + newbuffer = el_realloc(el->el_chared.c_undo.buf, + newsz * sizeof(*newbuffer)); + if (!newbuffer) + return 0; + + /* zero the newly added memory, leave old data in */ + (void) memset(&newbuffer[sz], 0, (newsz - sz) * sizeof(*newbuffer)); + el->el_chared.c_undo.buf = newbuffer; + + newbuffer = el_realloc(el->el_chared.c_redo.buf, + newsz * sizeof(*newbuffer)); + if (!newbuffer) + return 0; + el->el_chared.c_redo.pos = newbuffer + + (el->el_chared.c_redo.pos - el->el_chared.c_redo.buf); + el->el_chared.c_redo.lim = newbuffer + + (el->el_chared.c_redo.lim - el->el_chared.c_redo.buf); + el->el_chared.c_redo.buf = newbuffer; + + if (!hist_enlargebuf(el, sz, newsz)) + return 0; + + /* Safe to set enlarged buffer size */ + el->el_line.limit = &el->el_line.buffer[newsz - EL_LEAVE]; + if (el->el_chared.c_resizefun) + (*el->el_chared.c_resizefun)(el, el->el_chared.c_resizearg); + return 1; +} + +/* ch_end(): + * Free the data structures used by the editor + */ +protected void +ch_end(EditLine *el) +{ + el_free((ptr_t) el->el_line.buffer); + el->el_line.buffer = NULL; + el->el_line.limit = NULL; + el_free((ptr_t) el->el_chared.c_undo.buf); + el->el_chared.c_undo.buf = NULL; + el_free((ptr_t) el->el_chared.c_redo.buf); + el->el_chared.c_redo.buf = NULL; + el->el_chared.c_redo.pos = NULL; + el->el_chared.c_redo.lim = NULL; + el->el_chared.c_redo.cmd = ED_UNASSIGNED; + el_free((ptr_t) el->el_chared.c_kill.buf); + el->el_chared.c_kill.buf = NULL; + ch_reset(el, 1); + el_free((ptr_t) el->el_chared.c_macro.macro); + el->el_chared.c_macro.macro = NULL; +} + + +/* el_insertstr(): + * Insert string at cursorI + */ +public int +FUN(el,insertstr)(EditLine *el, const Char *s) +{ + size_t len; + + if ((len = Strlen(s)) == 0) + return (-1); + if (el->el_line.lastchar + len >= el->el_line.limit) { + if (!ch_enlargebufs(el, len)) + return (-1); + } + + c_insert(el, (int)len); + while (*s) + *el->el_line.cursor++ = *s++; + return (0); +} + + +/* el_deletestr(): + * Delete num characters before the cursor + */ +public void +el_deletestr(EditLine *el, int n) +{ + if (n <= 0) + return; + + if (el->el_line.cursor < &el->el_line.buffer[n]) + return; + + c_delbefore(el, n); /* delete before dot */ + el->el_line.cursor -= n; + if (el->el_line.cursor < el->el_line.buffer) + el->el_line.cursor = el->el_line.buffer; +} + +/* c_gets(): + * Get a string + */ +protected int +c_gets(EditLine *el, Char *buf, const Char *prompt) +{ + Char ch; + ssize_t len; + Char *cp = el->el_line.buffer; + + if (prompt) { + len = Strlen(prompt); + (void)memcpy(cp, prompt, len * sizeof(*cp)); + cp += len; + } + len = 0; + + for (;;) { + el->el_line.cursor = cp; + *cp = ' '; + el->el_line.lastchar = cp + 1; + re_refresh(el); + + if (FUN(el,getc)(el, &ch) != 1) { + ed_end_of_file(el, 0); + len = -1; + break; + } + + switch (ch) { + + case 0010: /* Delete and backspace */ + case 0177: + if (len == 0) { + len = -1; + break; + } + cp--; + continue; + + case 0033: /* ESC */ + case '\r': /* Newline */ + case '\n': + buf[len] = ch; + break; + + default: + if (len >= EL_BUFSIZ - 16) + term_beep(el); + else { + buf[len++] = ch; + *cp++ = ch; + } + continue; + } + break; + } + + el->el_line.buffer[0] = '\0'; + el->el_line.lastchar = el->el_line.buffer; + el->el_line.cursor = el->el_line.buffer; + return (int)len; +} + + +/* c_hpos(): + * Return the current horizontal position of the cursor + */ +protected int +c_hpos(EditLine *el) +{ + Char *ptr; + + /* + * Find how many characters till the beginning of this line. + */ + if (el->el_line.cursor == el->el_line.buffer) + return (0); + else { + for (ptr = el->el_line.cursor - 1; + ptr >= el->el_line.buffer && *ptr != '\n'; + ptr--) + continue; + return (int)(el->el_line.cursor - ptr - 1); + } +} + +protected int +ch_resizefun(EditLine *el, el_zfunc_t f, void *a) +{ + el->el_chared.c_resizefun = f; + el->el_chared.c_resizearg = a; + return 0; +} diff --git a/lib/libedit/src/chared.h b/lib/libedit/src/chared.h new file mode 100644 index 000000000000..176475ac8f05 --- /dev/null +++ b/lib/libedit/src/chared.h @@ -0,0 +1,171 @@ +/* $NetBSD: chared.h,v 1.21 2010/08/28 15:44:59 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)chared.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * el.chared.h: Character editor interface + */ +#ifndef _h_el_chared +#define _h_el_chared + +#include +#include + +#include "histedit.h" + +#define EL_MAXMACRO 10 + +/* + * This is an issue of basic "vi" look-and-feel. Defining VI_MOVE works + * like real vi: i.e. the transition from command<->insert modes moves + * the cursor. + * + * On the other hand we really don't want to move the cursor, because + * all the editing commands don't include the character under the cursor. + * Probably the best fix is to make all the editing commands aware of + * this fact. + */ +#define VI_MOVE + + +typedef struct c_macro_t { + int level; + int offset; + Char **macro; +} c_macro_t; + +/* + * Undo information for vi - no undo in emacs (yet) + */ +typedef struct c_undo_t { + ssize_t len; /* length of saved line */ + int cursor; /* position of saved cursor */ + Char *buf; /* full saved text */ +} c_undo_t; + +/* redo for vi */ +typedef struct c_redo_t { + Char *buf; /* redo insert key sequence */ + Char *pos; + Char *lim; + el_action_t cmd; /* command to redo */ + Char ch; /* char that invoked it */ + int count; + int action; /* from cv_action() */ +} c_redo_t; + +/* + * Current action information for vi + */ +typedef struct c_vcmd_t { + int action; + Char *pos; +} c_vcmd_t; + +/* + * Kill buffer for emacs + */ +typedef struct c_kill_t { + Char *buf; + Char *last; + Char *mark; +} c_kill_t; + +typedef void (*el_zfunc_t)(EditLine *, void *); + +/* + * Note that we use both data structures because the user can bind + * commands from both editors! + */ +typedef struct el_chared_t { + c_undo_t c_undo; + c_kill_t c_kill; + c_redo_t c_redo; + c_vcmd_t c_vcmd; + c_macro_t c_macro; + el_zfunc_t c_resizefun; + void * c_resizearg; +} el_chared_t; + + +#define STRQQ "\"\"" + +#define isglob(a) (strchr("*[]?", (a)) != NULL) + +#define NOP 0x00 +#define DELETE 0x01 +#define INSERT 0x02 +#define YANK 0x04 + +#define CHAR_FWD (+1) +#define CHAR_BACK (-1) + +#define MODE_INSERT 0 +#define MODE_REPLACE 1 +#define MODE_REPLACE_1 2 + +#include "common.h" +#include "vi.h" +#include "emacs.h" +#include "search.h" +#include "fcns.h" + + +protected int cv__isword(Int); +protected int cv__isWord(Int); +protected void cv_delfini(EditLine *); +protected Char *cv__endword(Char *, Char *, int, int (*)(Int)); +protected int ce__isword(Int); +protected void cv_undo(EditLine *); +protected void cv_yank(EditLine *, const Char *, int); +protected Char *cv_next_word(EditLine*, Char *, Char *, int, int (*)(Int)); +protected Char *cv_prev_word(Char *, Char *, int, int (*)(Int)); +protected Char *c__next_word(Char *, Char *, int, int (*)(Int)); +protected Char *c__prev_word(Char *, Char *, int, int (*)(Int)); +protected void c_insert(EditLine *, int); +protected void c_delbefore(EditLine *, int); +protected void c_delbefore1(EditLine *); +protected void c_delafter(EditLine *, int); +protected void c_delafter1(EditLine *); +protected int c_gets(EditLine *, Char *, const Char *); +protected int c_hpos(EditLine *); + +protected int ch_init(EditLine *); +protected void ch_reset(EditLine *, int); +protected int ch_resizefun(EditLine *, el_zfunc_t, void *); +protected int ch_enlargebufs(EditLine *, size_t); +protected void ch_end(EditLine *); + +#endif /* _h_el_chared */ diff --git a/lib/libedit/src/chartype.c b/lib/libedit/src/chartype.c new file mode 100644 index 000000000000..a0adde6f6087 --- /dev/null +++ b/lib/libedit/src/chartype.c @@ -0,0 +1,360 @@ +/* $NetBSD: chartype.c,v 1.4 2010/04/15 00:55:57 christos Exp $ */ + +/*- + * Copyright (c) 2009 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the NetBSD + * Foundation, Inc. and its contributors. + * 4. Neither the name of The NetBSD Foundation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * chartype.c: character classification and meta information + */ +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +__RCSID("$NetBSD: chartype.c,v 1.4 2010/04/15 00:55:57 christos Exp $"); +#endif /* not lint && not SCCSID */ +#include "el.h" +#include + +#define CT_BUFSIZ 1024 + +#ifdef WIDECHAR +protected void +ct_conv_buff_resize(ct_buffer_t *conv, size_t mincsize, size_t minwsize) +{ + void *p; + if (mincsize > conv->csize) { + conv->csize = mincsize; + p = el_realloc(conv->cbuff, conv->csize); + if (p == NULL) { + conv->csize = 0; + el_free(conv->cbuff); + conv->cbuff = NULL; + } else + conv->cbuff = p; + } + + if (minwsize > conv->wsize) { + conv->wsize = minwsize; + p = el_realloc(conv->wbuff, conv->wsize); + if (p == NULL) { + conv->wsize = 0; + el_free(conv->wbuff); + conv->wbuff = NULL; + } else + conv->wbuff = p; + } +} + + +public char * +ct_encode_string(const Char *s, ct_buffer_t *conv) +{ + char *dst; + ssize_t used = 0; + + if (!s) + return NULL; + if (!conv->cbuff) + ct_conv_buff_resize(conv, CT_BUFSIZ, 0); + if (!conv->cbuff) + return NULL; + + dst = conv->cbuff; + while (*s) { + used = ct_encode_char(dst, (int)(conv->csize - + (dst - conv->cbuff)), *s); + if (used == -1) { /* failed to encode, need more buffer space */ + used = dst - conv->cbuff; + ct_conv_buff_resize(conv, conv->csize + CT_BUFSIZ, 0); + if (!conv->cbuff) + return NULL; + dst = conv->cbuff + used; + /* don't increment s here - we want to retry it! */ + } + else + ++s; + dst += used; + } + if (dst >= (conv->cbuff + conv->csize)) { + used = dst - conv->cbuff; + ct_conv_buff_resize(conv, conv->csize + 1, 0); + if (!conv->cbuff) + return NULL; + dst = conv->cbuff + used; + } + *dst = '\0'; + return conv->cbuff; +} + +public Char * +ct_decode_string(const char *s, ct_buffer_t *conv) +{ + size_t len = 0; + + if (!s) + return NULL; + if (!conv->wbuff) + ct_conv_buff_resize(conv, 0, CT_BUFSIZ); + if (!conv->wbuff) + return NULL; + + len = ct_mbstowcs(0, s, 0); + if (len > conv->wsize) + ct_conv_buff_resize(conv, 0, len + 1); + if (!conv->wbuff) + return NULL; + ct_mbstowcs(conv->wbuff, s, conv->wsize); + return conv->wbuff; +} + + +protected Char ** +ct_decode_argv(int argc, const char *argv[], ct_buffer_t *conv) +{ + size_t bufspace; + int i; + Char *p; + Char **wargv; + ssize_t bytes; + + /* Make sure we have enough space in the conversion buffer to store all + * the argv strings. */ + for (i = 0, bufspace = 0; i < argc; ++i) + bufspace += argv[i] ? strlen(argv[i]) + 1 : 0; + ct_conv_buff_resize(conv, 0, bufspace); + if (!conv->wsize) + return NULL; + + wargv = el_malloc(argc * sizeof(*wargv)); + + for (i = 0, p = conv->wbuff; i < argc; ++i) { + if (!argv[i]) { /* don't pass null pointers to mbstowcs */ + wargv[i] = NULL; + continue; + } else { + wargv[i] = p; + bytes = mbstowcs(p, argv[i], bufspace); + } + if (bytes == -1) { + el_free(wargv); + return NULL; + } else + bytes++; /* include '\0' in the count */ + bufspace -= bytes; + p += bytes; + } + + return wargv; +} + + +protected size_t +ct_enc_width(Char c) +{ + /* UTF-8 encoding specific values */ + if (c < 0x80) + return 1; + else if (c < 0x0800) + return 2; + else if (c < 0x10000) + return 3; + else if (c < 0x110000) + return 4; + else + return 0; /* not a valid codepoint */ +} + +protected ssize_t +ct_encode_char(char *dst, size_t len, Char c) +{ + ssize_t l = 0; + if (len < ct_enc_width(c)) + return -1; + l = ct_wctomb(dst, c); + + if (l < 0) { + ct_wctomb_reset; + l = 0; + } + return l; +} +#endif + +protected const Char * +ct_visual_string(const Char *s) +{ + static Char *buff = NULL; + static size_t buffsize = 0; + void *p; + Char *dst; + ssize_t used = 0; + + if (!s) + return NULL; + if (!buff) { + buffsize = CT_BUFSIZ; + buff = el_malloc(buffsize * sizeof(*buff)); + } + dst = buff; + while (*s) { + used = ct_visual_char(dst, buffsize - (dst - buff), *s); + if (used == -1) { /* failed to encode, need more buffer space */ + used = dst - buff; + buffsize += CT_BUFSIZ; + p = el_realloc(buff, buffsize * sizeof(*buff)); + if (p == NULL) + goto out; + buff = p; + dst = buff + used; + /* don't increment s here - we want to retry it! */ + } + else + ++s; + dst += used; + } + if (dst >= (buff + buffsize)) { /* sigh */ + buffsize += 1; + p = el_realloc(buff, buffsize * sizeof(*buff)); + if (p == NULL) + goto out; + buff = p; + dst = buff + buffsize - 1; + } + *dst = 0; + return buff; +out: + el_free(buff); + buffsize = 0; + return NULL; +} + + + +protected int +ct_visual_width(Char c) +{ + int t = ct_chr_class(c); + switch (t) { + case CHTYPE_ASCIICTL: + return 2; /* ^@ ^? etc. */ + case CHTYPE_TAB: + return 1; /* Hmm, this really need to be handled outside! */ + case CHTYPE_NL: + return 0; /* Should this be 1 instead? */ +#ifdef WIDECHAR + case CHTYPE_PRINT: + return wcwidth(c); + case CHTYPE_NONPRINT: + if (c > 0xffff) /* prefer standard 4-byte display over 5-byte */ + return 8; /* \U+12345 */ + else + return 7; /* \U+1234 */ +#else + case CHTYPE_PRINT: + return 1; + case CHTYPE_NONPRINT: + return 4; /* \123 */ +#endif + default: + return 0; /* should not happen */ + } +} + + +protected ssize_t +ct_visual_char(Char *dst, size_t len, Char c) +{ + int t = ct_chr_class(c); + switch (t) { + case CHTYPE_TAB: + case CHTYPE_NL: + case CHTYPE_ASCIICTL: + if (len < 2) + return -1; /* insufficient space */ + *dst++ = '^'; + if (c == '\177') + *dst = '?'; /* DEL -> ^? */ + else + *dst = c | 0100; /* uncontrolify it */ + return 2; + case CHTYPE_PRINT: + if (len < 1) + return -1; /* insufficient space */ + *dst = c; + return 1; + case CHTYPE_NONPRINT: + /* we only use single-width glyphs for display, + * so this is right */ + if ((ssize_t)len < ct_visual_width(c)) + return -1; /* insufficient space */ +#ifdef WIDECHAR + *dst++ = '\\'; + *dst++ = 'U'; + *dst++ = '+'; +#define tohexdigit(v) "0123456789ABCDEF"[v] + if (c > 0xffff) /* prefer standard 4-byte display over 5-byte */ + *dst++ = tohexdigit(((unsigned int) c >> 16) & 0xf); + *dst++ = tohexdigit(((unsigned int) c >> 12) & 0xf); + *dst++ = tohexdigit(((unsigned int) c >> 8) & 0xf); + *dst++ = tohexdigit(((unsigned int) c >> 4) & 0xf); + *dst = tohexdigit(((unsigned int) c ) & 0xf); + return (c > 0xffff) ? 8 : 7; +#else + *dst++ = '\\'; +#define tooctaldigit(v) ((v) + '0') + *dst++ = tooctaldigit(((unsigned int) c >> 6) & 0x7); + *dst++ = tooctaldigit(((unsigned int) c >> 3) & 0x7); + *dst++ = tooctaldigit(((unsigned int) c ) & 0x7); +#endif + /*FALLTHROUGH*/ + /* these two should be handled outside this function */ + default: /* we should never hit the default */ + return 0; + } +} + + + + +protected int +ct_chr_class(Char c) +{ + if (c == '\t') + return CHTYPE_TAB; + else if (c == '\n') + return CHTYPE_NL; + else if (IsASCII(c) && Iscntrl(c)) + return CHTYPE_ASCIICTL; + else if (Isprint(c)) + return CHTYPE_PRINT; + else + return CHTYPE_NONPRINT; +} diff --git a/lib/libedit/src/chartype.h b/lib/libedit/src/chartype.h new file mode 100644 index 000000000000..df65b02c00f9 --- /dev/null +++ b/lib/libedit/src/chartype.h @@ -0,0 +1,249 @@ +/* $NetBSD: chartype.h,v 1.7 2010/12/16 17:42:28 wiz Exp $ */ + +/*- + * Copyright (c) 2009 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the NetBSD + * Foundation, Inc. and its contributors. + * 4. Neither the name of The NetBSD Foundation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef _h_chartype_f +#define _h_chartype_f + + + +#ifdef WIDECHAR + +/* Ideally we should also test the value of the define to see if it + * supports non-BMP code points without requiring UTF-16, but nothing + * seems to actually advertise this properly, despite Unicode 3.1 having + * been around since 2001... */ +#if !defined(__NetBSD__) && !defined(__sun) && !(defined(__APPLE__) && defined(__MACH__)) +#ifndef __STDC_ISO_10646__ +/* In many places it is assumed that the first 127 code points are ASCII + * compatible, so ensure wchar_t indeed does ISO 10646 and not some other + * funky encoding that could break us in weird and wonderful ways. */ + #error wchar_t must store ISO 10646 characters +#endif +#endif + +/* Oh for a with char32_t and __STDC_UTF_32__ in it... + * ref: ISO/IEC DTR 19769 + */ +#if WCHAR_MAX < INT32_MAX +#warning Build environment does not support non-BMP characters +#endif + +#ifndef HAVE_WCSDUP +wchar_t *wcsdup(const wchar_t *s); +#endif + +#define ct_mbtowc mbtowc +#define ct_mbtowc_reset mbtowc(0,0,0) +#define ct_wctomb wctomb +#define ct_wctomb_reset wctomb(0,0) +#define ct_wcstombs wcstombs +#define ct_mbstowcs mbstowcs + +#define Char wchar_t +#define Int wint_t +#define FUN(prefix,rest) prefix ## _w ## rest +#define FUNW(type) type ## _w +#define TYPE(type) type ## W +#define FSTR "%ls" +#define STR(x) L ## x +#define UC(c) c +#define Isalpha(x) iswalpha(x) +#define Isalnum(x) iswalnum(x) +#define Isgraph(x) iswgraph(x) +#define Isspace(x) iswspace(x) +#define Isdigit(x) iswdigit(x) +#define Iscntrl(x) iswcntrl(x) +#define Isprint(x) iswprint(x) + +#define Isupper(x) iswupper(x) +#define Islower(x) iswlower(x) +#define Toupper(x) towupper(x) +#define Tolower(x) towlower(x) + +#define IsASCII(x) (x < 0x100) + +#define Strlen(x) wcslen(x) +#define Strchr(s,c) wcschr(s,c) +#define Strrchr(s,c) wcsrchr(s,c) +#define Strstr(s,v) wcsstr(s,v) +#define Strdup(x) wcsdup(x) +#define Strcpy(d,s) wcscpy(d,s) +#define Strncpy(d,s,n) wcsncpy(d,s,n) +#define Strncat(d,s,n) wcsncat(d,s,n) + +#define Strcmp(s,v) wcscmp(s,v) +#define Strncmp(s,v,n) wcsncmp(s,v,n) +#define Strcspn(s,r) wcscspn(s,r) + +#define Strtol(p,e,b) wcstol(p,e,b) + +#define Width(c) wcwidth(c) + +#else /* NARROW */ + +#define ct_mbtowc error +#define ct_mbtowc_reset +#define ct_wctomb error +#define ct_wctomb_reset +#define ct_wcstombs(a, b, c) (strncpy(a, b, c), strlen(a)) +#define ct_mbstowcs(a, b, c) (strncpy(a, b, c), strlen(a)) + +#define Char char +#define Int int +#define FUN(prefix,rest) prefix ## _ ## rest +#define FUNW(type) type +#define TYPE(type) type +#define FSTR "%s" +#define STR(x) x +#define UC(c) (unsigned char)(c) + +#define Isalpha(x) isalpha((unsigned char)x) +#define Isalnum(x) isalnum((unsigned char)x) +#define Isgraph(x) isgraph((unsigned char)x) +#define Isspace(x) isspace((unsigned char)x) +#define Isdigit(x) isdigit((unsigned char)x) +#define Iscntrl(x) iscntrl((unsigned char)x) +#define Isprint(x) isprint((unsigned char)x) + +#define Isupper(x) isupper((unsigned char)x) +#define Islower(x) islower((unsigned char)x) +#define Toupper(x) toupper((unsigned char)x) +#define Tolower(x) tolower((unsigned char)x) + +#define IsASCII(x) isascii((unsigned char)x) + +#define Strlen(x) strlen(x) +#define Strchr(s,c) strchr(s,c) +#define Strrchr(s,c) strrchr(s,c) +#define Strstr(s,v) strstr(s,v) +#define Strdup(x) strdup(x) +#define Strcpy(d,s) strcpy(d,s) +#define Strncpy(d,s,n) strncpy(d,s,n) +#define Strncat(d,s,n) strncat(d,s,n) + +#define Strcmp(s,v) strcmp(s,v) +#define Strncmp(s,v,n) strncmp(s,v,n) +#define Strcspn(s,r) strcspn(s,r) + +#define Strtol(p,e,b) strtol(p,e,b) + +#define Width(c) 1 + +#endif + + +#ifdef WIDECHAR +/* + * Conversion buffer + */ +typedef struct ct_buffer_t { + char *cbuff; + size_t csize; + Char *wbuff; + size_t wsize; +} ct_buffer_t; + +#define ct_encode_string __ct_encode_string +/* Encode a wide-character string and return the UTF-8 encoded result. */ +public char *ct_encode_string(const Char *, ct_buffer_t *); + +#define ct_decode_string __ct_decode_string +/* Decode a (multi)?byte string and return the wide-character string result. */ +public Char *ct_decode_string(const char *, ct_buffer_t *); + +/* Decode a (multi)?byte argv string array. + * The pointer returned must be free()d when done. */ +protected Char **ct_decode_argv(int, const char *[], ct_buffer_t *); + +/* Resizes the conversion buffer(s) if needed. */ +protected void ct_conv_buff_resize(ct_buffer_t *, size_t, size_t); +protected ssize_t ct_encode_char(char *, size_t, Char); +protected size_t ct_enc_width(Char); + +#define ct_free_argv(s) el_free(s) + +#else +#define ct_encode_string(s, b) (s) +#define ct_decode_string(s, b) (s) +#define ct_decode_argv(l, s, b) (s) +#define ct_conv_buff_resize(b, os, ns) +#define ct_encode_char(d, l, s) (*d = s, 1) +#define ct_free_argv(s) +#endif + +#ifndef NARROWCHAR +/* Encode a characted into the destination buffer, provided there is sufficent + * buffer space available. Returns the number of bytes used up (zero if the + * character cannot be encoded, -1 if there was not enough space available). */ + +/* The maximum buffer size to hold the most unwieldly visual representation, + * in this case \U+nnnnn. */ +#define VISUAL_WIDTH_MAX 8 + +/* The terminal is thought of in terms of X columns by Y lines. In the cases + * where a wide character takes up more than one column, the adjacent + * occupied column entries will contain this faux character. */ +#define MB_FILL_CHAR ((Char)-1) + +/* Visual width of character c, taking into account ^? , \0177 and \U+nnnnn + * style visual expansions. */ +protected int ct_visual_width(Char); + +/* Turn the given character into the appropriate visual format, matching + * the width given by ct_visual_width(). Returns the number of characters used + * up, or -1 if insufficient space. Buffer length is in count of Char's. */ +protected ssize_t ct_visual_char(Char *, size_t, Char); + +/* Convert the given string into visual format, using the ct_visual_char() + * function. Uses a static buffer, so not threadsafe. */ +protected const Char *ct_visual_string(const Char *); + + +/* printable character, use ct_visual_width() to find out display width */ +#define CHTYPE_PRINT ( 0) +/* control character found inside the ASCII portion of the charset */ +#define CHTYPE_ASCIICTL (-1) +/* a \t */ +#define CHTYPE_TAB (-2) +/* a \n */ +#define CHTYPE_NL (-3) +/* non-printable character */ +#define CHTYPE_NONPRINT (-4) +/* classification of character c, as one of the above defines */ +protected int ct_chr_class(Char c); +#endif + + +#endif /* _chartype_f */ diff --git a/lib/libedit/src/common.c b/lib/libedit/src/common.c new file mode 100644 index 000000000000..c4d21aa93286 --- /dev/null +++ b/lib/libedit/src/common.c @@ -0,0 +1,921 @@ +/* $NetBSD: common.c,v 1.24 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)common.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: common.c,v 1.24 2009/12/30 22:37:40 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * common.c: Common Editor functions + */ +#include "el.h" + +/* ed_end_of_file(): + * Indicate end of file + * [^D] + */ +protected el_action_t +/*ARGSUSED*/ +ed_end_of_file(EditLine *el, Int c __attribute__((__unused__))) +{ + + re_goto_bottom(el); + *el->el_line.lastchar = '\0'; + return (CC_EOF); +} + + +/* ed_insert(): + * Add character to the line + * Insert a character [bound to all insert keys] + */ +protected el_action_t +ed_insert(EditLine *el, Int c) +{ + int count = el->el_state.argument; + + if (c == '\0') + return (CC_ERROR); + + if (el->el_line.lastchar + el->el_state.argument >= + el->el_line.limit) { + /* end of buffer space, try to allocate more */ + if (!ch_enlargebufs(el, (size_t) count)) + return CC_ERROR; /* error allocating more */ + } + + if (count == 1) { + if (el->el_state.inputmode == MODE_INSERT + || el->el_line.cursor >= el->el_line.lastchar) + c_insert(el, 1); + + *el->el_line.cursor++ = c; + re_fastaddc(el); /* fast refresh for one char. */ + } else { + if (el->el_state.inputmode != MODE_REPLACE_1) + c_insert(el, el->el_state.argument); + + while (count-- && el->el_line.cursor < el->el_line.lastchar) + *el->el_line.cursor++ = c; + re_refresh(el); + } + + if (el->el_state.inputmode == MODE_REPLACE_1) + return vi_command_mode(el, 0); + + return (CC_NORM); +} + + +/* ed_delete_prev_word(): + * Delete from beginning of current word to cursor + * [M-^?] [^W] + */ +protected el_action_t +/*ARGSUSED*/ +ed_delete_prev_word(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *cp, *p, *kp; + + if (el->el_line.cursor == el->el_line.buffer) + return (CC_ERROR); + + cp = c__prev_word(el->el_line.cursor, el->el_line.buffer, + el->el_state.argument, ce__isword); + + for (p = cp, kp = el->el_chared.c_kill.buf; p < el->el_line.cursor; p++) + *kp++ = *p; + el->el_chared.c_kill.last = kp; + + c_delbefore(el, (int)(el->el_line.cursor - cp));/* delete before dot */ + el->el_line.cursor = cp; + if (el->el_line.cursor < el->el_line.buffer) + el->el_line.cursor = el->el_line.buffer; /* bounds check */ + return (CC_REFRESH); +} + + +/* ed_delete_next_char(): + * Delete character under cursor + * [^D] [x] + */ +protected el_action_t +/*ARGSUSED*/ +ed_delete_next_char(EditLine *el, Int c) +{ +#ifdef notdef /* XXX */ +#define EL el->el_line + (void) fprintf(el->el_errlfile, + "\nD(b: %x(%s) c: %x(%s) last: %x(%s) limit: %x(%s)\n", + EL.buffer, EL.buffer, EL.cursor, EL.cursor, EL.lastchar, + EL.lastchar, EL.limit, EL.limit); +#endif + if (el->el_line.cursor == el->el_line.lastchar) { + /* if I'm at the end */ + if (el->el_map.type == MAP_VI) { + if (el->el_line.cursor == el->el_line.buffer) { + /* if I'm also at the beginning */ +#ifdef KSHVI + return (CC_ERROR); +#else + /* then do an EOF */ + term_writec(el, c); + return (CC_EOF); +#endif + } else { +#ifdef KSHVI + el->el_line.cursor--; +#else + return (CC_ERROR); +#endif + } + } else { + if (el->el_line.cursor != el->el_line.buffer) + el->el_line.cursor--; + else + return (CC_ERROR); + } + } + c_delafter(el, el->el_state.argument); /* delete after dot */ + if (el->el_line.cursor >= el->el_line.lastchar && + el->el_line.cursor > el->el_line.buffer) + /* bounds check */ + el->el_line.cursor = el->el_line.lastchar - 1; + return (CC_REFRESH); +} + + +/* ed_kill_line(): + * Cut to the end of line + * [^K] [^K] + */ +protected el_action_t +/*ARGSUSED*/ +ed_kill_line(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *kp, *cp; + + cp = el->el_line.cursor; + kp = el->el_chared.c_kill.buf; + while (cp < el->el_line.lastchar) + *kp++ = *cp++; /* copy it */ + el->el_chared.c_kill.last = kp; + /* zap! -- delete to end */ + el->el_line.lastchar = el->el_line.cursor; + return (CC_REFRESH); +} + + +/* ed_move_to_end(): + * Move cursor to the end of line + * [^E] [^E] + */ +protected el_action_t +/*ARGSUSED*/ +ed_move_to_end(EditLine *el, Int c __attribute__((__unused__))) +{ + + el->el_line.cursor = el->el_line.lastchar; + if (el->el_map.type == MAP_VI) { + if (el->el_chared.c_vcmd.action != NOP) { + cv_delfini(el); + return (CC_REFRESH); + } +#ifdef VI_MOVE + el->el_line.cursor--; +#endif + } + return (CC_CURSOR); +} + + +/* ed_move_to_beg(): + * Move cursor to the beginning of line + * [^A] [^A] + */ +protected el_action_t +/*ARGSUSED*/ +ed_move_to_beg(EditLine *el, Int c __attribute__((__unused__))) +{ + + el->el_line.cursor = el->el_line.buffer; + + if (el->el_map.type == MAP_VI) { + /* We want FIRST non space character */ + while (Isspace(*el->el_line.cursor)) + el->el_line.cursor++; + if (el->el_chared.c_vcmd.action != NOP) { + cv_delfini(el); + return (CC_REFRESH); + } + } + return (CC_CURSOR); +} + + +/* ed_transpose_chars(): + * Exchange the character to the left of the cursor with the one under it + * [^T] [^T] + */ +protected el_action_t +ed_transpose_chars(EditLine *el, Int c) +{ + + if (el->el_line.cursor < el->el_line.lastchar) { + if (el->el_line.lastchar <= &el->el_line.buffer[1]) + return (CC_ERROR); + else + el->el_line.cursor++; + } + if (el->el_line.cursor > &el->el_line.buffer[1]) { + /* must have at least two chars entered */ + c = el->el_line.cursor[-2]; + el->el_line.cursor[-2] = el->el_line.cursor[-1]; + el->el_line.cursor[-1] = c; + return (CC_REFRESH); + } else + return (CC_ERROR); +} + + +/* ed_next_char(): + * Move to the right one character + * [^F] [^F] + */ +protected el_action_t +/*ARGSUSED*/ +ed_next_char(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *lim = el->el_line.lastchar; + + if (el->el_line.cursor >= lim || + (el->el_line.cursor == lim - 1 && + el->el_map.type == MAP_VI && + el->el_chared.c_vcmd.action == NOP)) + return (CC_ERROR); + + el->el_line.cursor += el->el_state.argument; + if (el->el_line.cursor > lim) + el->el_line.cursor = lim; + + if (el->el_map.type == MAP_VI) + if (el->el_chared.c_vcmd.action != NOP) { + cv_delfini(el); + return (CC_REFRESH); + } + return (CC_CURSOR); +} + + +/* ed_prev_word(): + * Move to the beginning of the current word + * [M-b] [b] + */ +protected el_action_t +/*ARGSUSED*/ +ed_prev_word(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_line.cursor == el->el_line.buffer) + return (CC_ERROR); + + el->el_line.cursor = c__prev_word(el->el_line.cursor, + el->el_line.buffer, + el->el_state.argument, + ce__isword); + + if (el->el_map.type == MAP_VI) + if (el->el_chared.c_vcmd.action != NOP) { + cv_delfini(el); + return (CC_REFRESH); + } + return (CC_CURSOR); +} + + +/* ed_prev_char(): + * Move to the left one character + * [^B] [^B] + */ +protected el_action_t +/*ARGSUSED*/ +ed_prev_char(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_line.cursor > el->el_line.buffer) { + el->el_line.cursor -= el->el_state.argument; + if (el->el_line.cursor < el->el_line.buffer) + el->el_line.cursor = el->el_line.buffer; + + if (el->el_map.type == MAP_VI) + if (el->el_chared.c_vcmd.action != NOP) { + cv_delfini(el); + return (CC_REFRESH); + } + return (CC_CURSOR); + } else + return (CC_ERROR); +} + + +/* ed_quoted_insert(): + * Add the next character typed verbatim + * [^V] [^V] + */ +protected el_action_t +ed_quoted_insert(EditLine *el, Int c) +{ + int num; + Char tc; + + tty_quotemode(el); + num = FUN(el,getc)(el, &tc); + c = tc; + tty_noquotemode(el); + if (num == 1) + return (ed_insert(el, c)); + else + return (ed_end_of_file(el, 0)); +} + + +/* ed_digit(): + * Adds to argument or enters a digit + */ +protected el_action_t +ed_digit(EditLine *el, Int c) +{ + + if (!Isdigit(c)) + return (CC_ERROR); + + if (el->el_state.doingarg) { + /* if doing an arg, add this in... */ + if (el->el_state.lastcmd == EM_UNIVERSAL_ARGUMENT) + el->el_state.argument = c - '0'; + else { + if (el->el_state.argument > 1000000) + return (CC_ERROR); + el->el_state.argument = + (el->el_state.argument * 10) + (c - '0'); + } + return (CC_ARGHACK); + } + + return ed_insert(el, c); +} + + +/* ed_argument_digit(): + * Digit that starts argument + * For ESC-n + */ +protected el_action_t +ed_argument_digit(EditLine *el, Int c) +{ + + if (!Isdigit(c)) + return (CC_ERROR); + + if (el->el_state.doingarg) { + if (el->el_state.argument > 1000000) + return (CC_ERROR); + el->el_state.argument = (el->el_state.argument * 10) + + (c - '0'); + } else { /* else starting an argument */ + el->el_state.argument = c - '0'; + el->el_state.doingarg = 1; + } + return (CC_ARGHACK); +} + + +/* ed_unassigned(): + * Indicates unbound character + * Bound to keys that are not assigned + */ +protected el_action_t +/*ARGSUSED*/ +ed_unassigned(EditLine *el, Int c __attribute__((__unused__))) +{ + + return (CC_ERROR); +} + + +/** + ** TTY key handling. + **/ + +/* ed_tty_sigint(): + * Tty interrupt character + * [^C] + */ +protected el_action_t +/*ARGSUSED*/ +ed_tty_sigint(EditLine *el __attribute__((__unused__)), + Int c __attribute__((__unused__))) +{ + + return (CC_NORM); +} + + +/* ed_tty_dsusp(): + * Tty delayed suspend character + * [^Y] + */ +protected el_action_t +/*ARGSUSED*/ +ed_tty_dsusp(EditLine *el __attribute__((__unused__)), + Int c __attribute__((__unused__))) +{ + + return (CC_NORM); +} + + +/* ed_tty_flush_output(): + * Tty flush output characters + * [^O] + */ +protected el_action_t +/*ARGSUSED*/ +ed_tty_flush_output(EditLine *el __attribute__((__unused__)), + Int c __attribute__((__unused__))) +{ + + return (CC_NORM); +} + + +/* ed_tty_sigquit(): + * Tty quit character + * [^\] + */ +protected el_action_t +/*ARGSUSED*/ +ed_tty_sigquit(EditLine *el __attribute__((__unused__)), + Int c __attribute__((__unused__))) +{ + + return (CC_NORM); +} + + +/* ed_tty_sigtstp(): + * Tty suspend character + * [^Z] + */ +protected el_action_t +/*ARGSUSED*/ +ed_tty_sigtstp(EditLine *el __attribute__((__unused__)), + Int c __attribute__((__unused__))) +{ + + return (CC_NORM); +} + + +/* ed_tty_stop_output(): + * Tty disallow output characters + * [^S] + */ +protected el_action_t +/*ARGSUSED*/ +ed_tty_stop_output(EditLine *el __attribute__((__unused__)), + Int c __attribute__((__unused__))) +{ + + return (CC_NORM); +} + + +/* ed_tty_start_output(): + * Tty allow output characters + * [^Q] + */ +protected el_action_t +/*ARGSUSED*/ +ed_tty_start_output(EditLine *el __attribute__((__unused__)), + Int c __attribute__((__unused__))) +{ + + return (CC_NORM); +} + + +/* ed_newline(): + * Execute command + * [^J] + */ +protected el_action_t +/*ARGSUSED*/ +ed_newline(EditLine *el, Int c __attribute__((__unused__))) +{ + + re_goto_bottom(el); + *el->el_line.lastchar++ = '\n'; + *el->el_line.lastchar = '\0'; + return (CC_NEWLINE); +} + + +/* ed_delete_prev_char(): + * Delete the character to the left of the cursor + * [^?] + */ +protected el_action_t +/*ARGSUSED*/ +ed_delete_prev_char(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_line.cursor <= el->el_line.buffer) + return (CC_ERROR); + + c_delbefore(el, el->el_state.argument); + el->el_line.cursor -= el->el_state.argument; + if (el->el_line.cursor < el->el_line.buffer) + el->el_line.cursor = el->el_line.buffer; + return (CC_REFRESH); +} + + +/* ed_clear_screen(): + * Clear screen leaving current line at the top + * [^L] + */ +protected el_action_t +/*ARGSUSED*/ +ed_clear_screen(EditLine *el, Int c __attribute__((__unused__))) +{ + + term_clear_screen(el); /* clear the whole real screen */ + re_clear_display(el); /* reset everything */ + return (CC_REFRESH); +} + + +/* ed_redisplay(): + * Redisplay everything + * ^R + */ +protected el_action_t +/*ARGSUSED*/ +ed_redisplay(EditLine *el __attribute__((__unused__)), + Int c __attribute__((__unused__))) +{ + + return (CC_REDISPLAY); +} + + +/* ed_start_over(): + * Erase current line and start from scratch + * [^G] + */ +protected el_action_t +/*ARGSUSED*/ +ed_start_over(EditLine *el, Int c __attribute__((__unused__))) +{ + + ch_reset(el, 0); + return (CC_REFRESH); +} + + +/* ed_sequence_lead_in(): + * First character in a bound sequence + * Placeholder for external keys + */ +protected el_action_t +/*ARGSUSED*/ +ed_sequence_lead_in(EditLine *el __attribute__((__unused__)), + Int c __attribute__((__unused__))) +{ + + return (CC_NORM); +} + + +/* ed_prev_history(): + * Move to the previous history line + * [^P] [k] + */ +protected el_action_t +/*ARGSUSED*/ +ed_prev_history(EditLine *el, Int c __attribute__((__unused__))) +{ + char beep = 0; + int sv_event = el->el_history.eventno; + + el->el_chared.c_undo.len = -1; + *el->el_line.lastchar = '\0'; /* just in case */ + + if (el->el_history.eventno == 0) { /* save the current buffer + * away */ + (void) Strncpy(el->el_history.buf, el->el_line.buffer, + EL_BUFSIZ); + el->el_history.last = el->el_history.buf + + (el->el_line.lastchar - el->el_line.buffer); + } + el->el_history.eventno += el->el_state.argument; + + if (hist_get(el) == CC_ERROR) { + if (el->el_map.type == MAP_VI) { + el->el_history.eventno = sv_event; + + } + beep = 1; + /* el->el_history.eventno was fixed by first call */ + (void) hist_get(el); + } + if (beep) + return CC_REFRESH_BEEP; + return CC_REFRESH; +} + + +/* ed_next_history(): + * Move to the next history line + * [^N] [j] + */ +protected el_action_t +/*ARGSUSED*/ +ed_next_history(EditLine *el, Int c __attribute__((__unused__))) +{ + el_action_t beep = CC_REFRESH, rval; + + el->el_chared.c_undo.len = -1; + *el->el_line.lastchar = '\0'; /* just in case */ + + el->el_history.eventno -= el->el_state.argument; + + if (el->el_history.eventno < 0) { + el->el_history.eventno = 0; + beep = CC_REFRESH_BEEP; + } + rval = hist_get(el); + if (rval == CC_REFRESH) + return beep; + return rval; + +} + + +/* ed_search_prev_history(): + * Search previous in history for a line matching the current + * next search history [M-P] [K] + */ +protected el_action_t +/*ARGSUSED*/ +ed_search_prev_history(EditLine *el, Int c __attribute__((__unused__))) +{ + const Char *hp; + int h; + bool_t found = 0; + + el->el_chared.c_vcmd.action = NOP; + el->el_chared.c_undo.len = -1; + *el->el_line.lastchar = '\0'; /* just in case */ + if (el->el_history.eventno < 0) { +#ifdef DEBUG_EDIT + (void) fprintf(el->el_errfile, + "e_prev_search_hist(): eventno < 0;\n"); +#endif + el->el_history.eventno = 0; + return (CC_ERROR); + } + if (el->el_history.eventno == 0) { + (void) Strncpy(el->el_history.buf, el->el_line.buffer, + EL_BUFSIZ); + el->el_history.last = el->el_history.buf + + (el->el_line.lastchar - el->el_line.buffer); + } + if (el->el_history.ref == NULL) + return (CC_ERROR); + + hp = HIST_FIRST(el); + if (hp == NULL) + return (CC_ERROR); + + c_setpat(el); /* Set search pattern !! */ + + for (h = 1; h <= el->el_history.eventno; h++) + hp = HIST_NEXT(el); + + while (hp != NULL) { +#ifdef SDEBUG + (void) fprintf(el->el_errfile, "Comparing with \"%s\"\n", hp); +#endif + if ((Strncmp(hp, el->el_line.buffer, (size_t) + (el->el_line.lastchar - el->el_line.buffer)) || + hp[el->el_line.lastchar - el->el_line.buffer]) && + c_hmatch(el, hp)) { + found++; + break; + } + h++; + hp = HIST_NEXT(el); + } + + if (!found) { +#ifdef SDEBUG + (void) fprintf(el->el_errfile, "not found\n"); +#endif + return (CC_ERROR); + } + el->el_history.eventno = h; + + return (hist_get(el)); +} + + +/* ed_search_next_history(): + * Search next in history for a line matching the current + * [M-N] [J] + */ +protected el_action_t +/*ARGSUSED*/ +ed_search_next_history(EditLine *el, Int c __attribute__((__unused__))) +{ + const Char *hp; + int h; + bool_t found = 0; + + el->el_chared.c_vcmd.action = NOP; + el->el_chared.c_undo.len = -1; + *el->el_line.lastchar = '\0'; /* just in case */ + + if (el->el_history.eventno == 0) + return (CC_ERROR); + + if (el->el_history.ref == NULL) + return (CC_ERROR); + + hp = HIST_FIRST(el); + if (hp == NULL) + return (CC_ERROR); + + c_setpat(el); /* Set search pattern !! */ + + for (h = 1; h < el->el_history.eventno && hp; h++) { +#ifdef SDEBUG + (void) fprintf(el->el_errfile, "Comparing with \"%s\"\n", hp); +#endif + if ((Strncmp(hp, el->el_line.buffer, (size_t) + (el->el_line.lastchar - el->el_line.buffer)) || + hp[el->el_line.lastchar - el->el_line.buffer]) && + c_hmatch(el, hp)) + found = h; + hp = HIST_NEXT(el); + } + + if (!found) { /* is it the current history number? */ + if (!c_hmatch(el, el->el_history.buf)) { +#ifdef SDEBUG + (void) fprintf(el->el_errfile, "not found\n"); +#endif + return (CC_ERROR); + } + } + el->el_history.eventno = found; + + return (hist_get(el)); +} + + +/* ed_prev_line(): + * Move up one line + * Could be [k] [^p] + */ +protected el_action_t +/*ARGSUSED*/ +ed_prev_line(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *ptr; + int nchars = c_hpos(el); + + /* + * Move to the line requested + */ + if (*(ptr = el->el_line.cursor) == '\n') + ptr--; + + for (; ptr >= el->el_line.buffer; ptr--) + if (*ptr == '\n' && --el->el_state.argument <= 0) + break; + + if (el->el_state.argument > 0) + return (CC_ERROR); + + /* + * Move to the beginning of the line + */ + for (ptr--; ptr >= el->el_line.buffer && *ptr != '\n'; ptr--) + continue; + + /* + * Move to the character requested + */ + for (ptr++; + nchars-- > 0 && ptr < el->el_line.lastchar && *ptr != '\n'; + ptr++) + continue; + + el->el_line.cursor = ptr; + return (CC_CURSOR); +} + + +/* ed_next_line(): + * Move down one line + * Could be [j] [^n] + */ +protected el_action_t +/*ARGSUSED*/ +ed_next_line(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *ptr; + int nchars = c_hpos(el); + + /* + * Move to the line requested + */ + for (ptr = el->el_line.cursor; ptr < el->el_line.lastchar; ptr++) + if (*ptr == '\n' && --el->el_state.argument <= 0) + break; + + if (el->el_state.argument > 0) + return (CC_ERROR); + + /* + * Move to the character requested + */ + for (ptr++; + nchars-- > 0 && ptr < el->el_line.lastchar && *ptr != '\n'; + ptr++) + continue; + + el->el_line.cursor = ptr; + return (CC_CURSOR); +} + + +/* ed_command(): + * Editline extended command + * [M-X] [:] + */ +protected el_action_t +/*ARGSUSED*/ +ed_command(EditLine *el, Int c __attribute__((__unused__))) +{ + Char tmpbuf[EL_BUFSIZ]; + int tmplen; + + tmplen = c_gets(el, tmpbuf, STR("\n: ")); + term__putc(el, '\n'); + + if (tmplen < 0 || (tmpbuf[tmplen] = 0, parse_line(el, tmpbuf)) == -1) + term_beep(el); + + el->el_map.current = el->el_map.key; + re_clear_display(el); + return CC_REFRESH; +} diff --git a/lib/libedit/src/editline/readline.h b/lib/libedit/src/editline/readline.h new file mode 100644 index 000000000000..b36d405e0ab3 --- /dev/null +++ b/lib/libedit/src/editline/readline.h @@ -0,0 +1,221 @@ +/* $NetBSD: readline.h,v 1.32 2010/09/16 20:08:52 christos Exp $ */ + +/*- + * Copyright (c) 1997 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Jaromir Dolecek. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _READLINE_H_ +#define _READLINE_H_ + +#include +#include + +/* list of readline stuff supported by editline library's readline wrapper */ + +/* typedefs */ +typedef int Function(const char *, int); +typedef void VFunction(void); +typedef void VCPFunction(char *); +typedef char *CPFunction(const char *, int); +typedef char **CPPFunction(const char *, int, int); +typedef char *rl_compentry_func_t(const char *, int); +typedef int rl_command_func_t(int, int); + +/* only supports length */ +typedef struct { + int length; +} HISTORY_STATE; + +typedef void *histdata_t; + +typedef struct _hist_entry { + const char *line; + histdata_t data; +} HIST_ENTRY; + +typedef struct _keymap_entry { + char type; +#define ISFUNC 0 +#define ISKMAP 1 +#define ISMACR 2 + Function *function; +} KEYMAP_ENTRY; + +#define KEYMAP_SIZE 256 + +typedef KEYMAP_ENTRY KEYMAP_ENTRY_ARRAY[KEYMAP_SIZE]; +typedef KEYMAP_ENTRY *Keymap; + +#define control_character_threshold 0x20 +#define control_character_bit 0x40 + +#ifndef CTRL +#include +#if !defined(__sun) && !defined(__hpux) && !defined(_AIX) +#include +#endif +#ifndef CTRL +#define CTRL(c) ((c) & 037) +#endif +#endif +#ifndef UNCTRL +#define UNCTRL(c) (((c) - 'a' + 'A')|control_character_bit) +#endif + +#define RUBOUT 0x7f +#define ABORT_CHAR CTRL('G') +#define RL_READLINE_VERSION 0x0402 +#define RL_PROMPT_START_IGNORE '\1' +#define RL_PROMPT_END_IGNORE '\2' + +/* global variables used by readline enabled applications */ +#ifdef __cplusplus +extern "C" { +#endif +extern const char *rl_library_version; +extern int rl_readline_version; +extern char *rl_readline_name; +extern FILE *rl_instream; +extern FILE *rl_outstream; +extern char *rl_line_buffer; +extern int rl_point, rl_end; +extern int history_base, history_length; +extern int max_input_history; +extern char *rl_basic_word_break_characters; +extern char *rl_completer_word_break_characters; +extern char *rl_completer_quote_characters; +extern Function *rl_completion_entry_function; +extern CPPFunction *rl_attempted_completion_function; +extern int rl_attempted_completion_over; +extern int rl_completion_type; +extern int rl_completion_query_items; +extern char *rl_special_prefixes; +extern int rl_completion_append_character; +extern int rl_inhibit_completion; +extern Function *rl_pre_input_hook; +extern Function *rl_startup_hook; +extern char *rl_terminal_name; +extern int rl_already_prompted; +extern char *rl_prompt; +/* + * The following is not implemented + */ +extern KEYMAP_ENTRY_ARRAY emacs_standard_keymap, + emacs_meta_keymap, + emacs_ctlx_keymap; +extern int rl_filename_completion_desired; +extern int rl_ignore_completion_duplicates; +extern int (*rl_getc_function)(FILE *); +extern VFunction *rl_redisplay_function; +extern VFunction *rl_completion_display_matches_hook; +extern VFunction *rl_prep_term_function; +extern VFunction *rl_deprep_term_function; +extern int readline_echoing_p; +extern int _rl_print_completions_horizontally; + +/* supported functions */ +char *readline(const char *); +int rl_initialize(void); + +void using_history(void); +int add_history(const char *); +void clear_history(void); +void stifle_history(int); +int unstifle_history(void); +int history_is_stifled(void); +int where_history(void); +HIST_ENTRY *current_history(void); +HIST_ENTRY *history_get(int); +HIST_ENTRY *remove_history(int); +HIST_ENTRY *replace_history_entry(int, const char *, histdata_t); +int history_total_bytes(void); +int history_set_pos(int); +HIST_ENTRY *previous_history(void); +HIST_ENTRY *next_history(void); +int history_search(const char *, int); +int history_search_prefix(const char *, int); +int history_search_pos(const char *, int, int); +int read_history(const char *); +int write_history(const char *); +int history_truncate_file (const char *, int); +int history_expand(char *, char **); +char **history_tokenize(const char *); +const char *get_history_event(const char *, int *, int); +char *history_arg_extract(int, int, const char *); + +char *tilde_expand(char *); +char *filename_completion_function(const char *, int); +char *username_completion_function(const char *, int); +int rl_complete(int, int); +int rl_read_key(void); +char **completion_matches(const char *, CPFunction *); +void rl_display_match_list(char **, int, int); + +int rl_insert(int, int); +int rl_insert_text(const char *); +void rl_reset_terminal(const char *); +int rl_bind_key(int, rl_command_func_t *); +int rl_newline(int, int); +void rl_callback_read_char(void); +void rl_callback_handler_install(const char *, VCPFunction *); +void rl_callback_handler_remove(void); +void rl_redisplay(void); +int rl_get_previous_history(int, int); +void rl_prep_terminal(int); +void rl_deprep_terminal(void); +int rl_read_init_file(const char *); +int rl_parse_and_bind(const char *); +int rl_variable_bind(const char *, const char *); +void rl_stuff_char(int); +int rl_add_defun(const char *, Function *, int); +HISTORY_STATE *history_get_history_state(void); +void rl_get_screen_size(int *, int *); +void rl_set_screen_size(int, int); +char *rl_filename_completion_function (const char *, int); +int _rl_abort_internal(void); +int _rl_qsort_string_compare(char **, char **); +char **rl_completion_matches(const char *, rl_compentry_func_t *); +void rl_forced_update_display(void); +int rl_set_prompt(const char *); +int rl_on_new_line(void); + +/* + * The following are not implemented + */ +int rl_kill_text(int, int); +Keymap rl_get_keymap(void); +void rl_set_keymap(Keymap); +Keymap rl_make_bare_keymap(void); +int rl_generic_bind(int, const char *, const char *, Keymap); +int rl_bind_key_in_map(int, rl_command_func_t *, Keymap); +void rl_cleanup_after_signal(void); +void rl_free_line_state(void); +#ifdef __cplusplus +} +#endif + +#endif /* _READLINE_H_ */ diff --git a/lib/libedit/src/el.c b/lib/libedit/src/el.c new file mode 100644 index 000000000000..168734cec6f7 --- /dev/null +++ b/lib/libedit/src/el.c @@ -0,0 +1,618 @@ +/* $NetBSD: el.c,v 1.61 2011/01/27 23:11:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)el.c 8.2 (Berkeley) 1/3/94"; +#else +__RCSID("$NetBSD: el.c,v 1.61 2011/01/27 23:11:40 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +#ifndef MAXPATHLEN +#define MAXPATHLEN 4096 +#endif + +/* + * el.c: EditLine interface functions + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include "el.h" + +/* el_init(): + * Initialize editline and set default parameters. + */ +public EditLine * +el_init(const char *prog, FILE *fin, FILE *fout, FILE *ferr) +{ + EditLine *el = (EditLine *) el_malloc(sizeof(EditLine)); + + if (el == NULL) + return (NULL); + + memset(el, 0, sizeof(EditLine)); + + el->el_infile = fin; + el->el_outfile = fout; + el->el_errfile = ferr; + + el->el_infd = fileno(fin); + el->el_outfd = fileno(fout); + el->el_errfd = fileno(ferr); + + el->el_prog = Strdup(ct_decode_string(prog, &el->el_scratch)); + if (el->el_prog == NULL) { + el_free(el); + return NULL; + } + + /* + * Initialize all the modules. Order is important!!! + */ + el->el_flags = 0; +#ifdef WIDECHAR + if (setlocale(LC_CTYPE, NULL) != NULL){ + if (strcmp(nl_langinfo(CODESET), "UTF-8") == 0) + el->el_flags |= CHARSET_IS_UTF8; + } +#endif + + if (term_init(el) == -1) { + el_free(el->el_prog); + el_free(el); + return NULL; + } + (void) key_init(el); + (void) map_init(el); + if (tty_init(el) == -1) + el->el_flags |= NO_TTY; + (void) ch_init(el); + (void) search_init(el); + (void) hist_init(el); + (void) prompt_init(el); + (void) sig_init(el); + (void) read_init(el); + + return (el); +} + + +/* el_end(): + * Clean up. + */ +public void +el_end(EditLine *el) +{ + + if (el == NULL) + return; + + el_reset(el); + + term_end(el); + key_end(el); + map_end(el); + tty_end(el); + ch_end(el); + search_end(el); + hist_end(el); + prompt_end(el); + sig_end(el); + + el_free((ptr_t) el->el_prog); + el_free((ptr_t) el); +#ifdef WIDECHAR + el_free((ptr_t) el->el_scratch.cbuff); + el_free((ptr_t) el->el_scratch.wbuff); + el_free((ptr_t) el->el_lgcyconv.cbuff); + el_free((ptr_t) el->el_lgcyconv.wbuff); +#endif +} + + +/* el_reset(): + * Reset the tty and the parser + */ +public void +el_reset(EditLine *el) +{ + + tty_cookedmode(el); + ch_reset(el, 0); /* XXX: Do we want that? */ +} + + +/* el_set(): + * set the editline parameters + */ +public int +FUN(el,set)(EditLine *el, int op, ...) +{ + va_list ap; + int rv = 0; + + if (el == NULL) + return (-1); + va_start(ap, op); + + switch (op) { + case EL_PROMPT: + case EL_RPROMPT: { + el_pfunc_t p = va_arg(ap, el_pfunc_t); + + rv = prompt_set(el, p, 0, op, 1); + break; + } + + case EL_RESIZE: { + el_zfunc_t p = va_arg(ap, el_zfunc_t); + void *arg = va_arg(ap, void *); + rv = ch_resizefun(el, p, arg); + break; + } + + case EL_PROMPT_ESC: + case EL_RPROMPT_ESC: { + el_pfunc_t p = va_arg(ap, el_pfunc_t); + int c = va_arg(ap, int); + + rv = prompt_set(el, p, c, op, 1); + break; + } + + case EL_TERMINAL: + rv = term_set(el, va_arg(ap, char *)); + break; + + case EL_EDITOR: + rv = map_set_editor(el, va_arg(ap, Char *)); + break; + + case EL_SIGNAL: + if (va_arg(ap, int)) + el->el_flags |= HANDLE_SIGNALS; + else + el->el_flags &= ~HANDLE_SIGNALS; + break; + + case EL_BIND: + case EL_TELLTC: + case EL_SETTC: + case EL_ECHOTC: + case EL_SETTY: + { + const Char *argv[20]; + int i; + + for (i = 1; i < 20; i++) + if ((argv[i] = va_arg(ap, Char *)) == NULL) + break; + + switch (op) { + case EL_BIND: + argv[0] = STR("bind"); + rv = map_bind(el, i, argv); + break; + + case EL_TELLTC: + argv[0] = STR("telltc"); + rv = term_telltc(el, i, argv); + break; + + case EL_SETTC: + argv[0] = STR("settc"); + rv = term_settc(el, i, argv); + break; + + case EL_ECHOTC: + argv[0] = STR("echotc"); + rv = term_echotc(el, i, argv); + break; + + case EL_SETTY: + argv[0] = STR("setty"); + rv = tty_stty(el, i, argv); + break; + + default: + rv = -1; + EL_ABORT((el->el_errfile, "Bad op %d\n", op)); + break; + } + break; + } + + case EL_ADDFN: + { + Char *name = va_arg(ap, Char *); + Char *help = va_arg(ap, Char *); + el_func_t func = va_arg(ap, el_func_t); + + rv = map_addfunc(el, name, help, func); + break; + } + + case EL_HIST: + { + hist_fun_t func = va_arg(ap, hist_fun_t); + ptr_t ptr = va_arg(ap, ptr_t); + + rv = hist_set(el, func, ptr); + if (!(el->el_flags & CHARSET_IS_UTF8)) + el->el_flags &= ~NARROW_HISTORY; + break; + } + + case EL_EDITMODE: + if (va_arg(ap, int)) + el->el_flags &= ~EDIT_DISABLED; + else + el->el_flags |= EDIT_DISABLED; + rv = 0; + break; + + case EL_GETCFN: + { + el_rfunc_t rc = va_arg(ap, el_rfunc_t); + rv = el_read_setfn(el, rc); + el->el_flags &= ~NARROW_READ; + break; + } + + case EL_CLIENTDATA: + el->el_data = va_arg(ap, void *); + break; + + case EL_UNBUFFERED: + rv = va_arg(ap, int); + if (rv && !(el->el_flags & UNBUFFERED)) { + el->el_flags |= UNBUFFERED; + read_prepare(el); + } else if (!rv && (el->el_flags & UNBUFFERED)) { + el->el_flags &= ~UNBUFFERED; + read_finish(el); + } + rv = 0; + break; + + case EL_PREP_TERM: + rv = va_arg(ap, int); + if (rv) + (void) tty_rawmode(el); + else + (void) tty_cookedmode(el); + rv = 0; + break; + + case EL_SETFP: + { + FILE *fp; + int what; + + what = va_arg(ap, int); + fp = va_arg(ap, FILE *); + + rv = 0; + switch (what) { + case 0: + el->el_infile = fp; + el->el_infd = fileno(fp); + break; + case 1: + el->el_outfile = fp; + el->el_outfd = fileno(fp); + break; + case 2: + el->el_errfile = fp; + el->el_errfd = fileno(fp); + break; + default: + rv = -1; + break; + } + break; + } + + case EL_REFRESH: + re_clear_display(el); + re_refresh(el); + term__flush(el); + break; + + default: + rv = -1; + break; + } + + va_end(ap); + return (rv); +} + + +/* el_get(): + * retrieve the editline parameters + */ +public int +FUN(el,get)(EditLine *el, int op, ...) +{ + va_list ap; + int rv; + + if (el == NULL) + return -1; + + va_start(ap, op); + + switch (op) { + case EL_PROMPT: + case EL_RPROMPT: { + el_pfunc_t *p = va_arg(ap, el_pfunc_t *); + rv = prompt_get(el, p, 0, op); + break; + } + case EL_PROMPT_ESC: + case EL_RPROMPT_ESC: { + el_pfunc_t *p = va_arg(ap, el_pfunc_t *); + Char *c = va_arg(ap, Char *); + + rv = prompt_get(el, p, c, op); + break; + } + + case EL_EDITOR: + rv = map_get_editor(el, va_arg(ap, const Char **)); + break; + + case EL_SIGNAL: + *va_arg(ap, int *) = (el->el_flags & HANDLE_SIGNALS); + rv = 0; + break; + + case EL_EDITMODE: + *va_arg(ap, int *) = !(el->el_flags & EDIT_DISABLED); + rv = 0; + break; + + case EL_TERMINAL: + term_get(el, va_arg(ap, const char **)); + rv = 0; + break; + + case EL_GETTC: + { + static char name[] = "gettc"; + char *argv[20]; + int i; + + for (i = 1; i < (int)(sizeof(argv) / sizeof(argv[0])); i++) + if ((argv[i] = va_arg(ap, char *)) == NULL) + break; + + switch (op) { + case EL_GETTC: + argv[0] = name; + rv = term_gettc(el, i, argv); + break; + + default: + rv = -1; + EL_ABORT((el->el_errfile, "Bad op %d\n", op)); + break; + } + break; + } + + case EL_GETCFN: + *va_arg(ap, el_rfunc_t *) = el_read_getfn(el); + rv = 0; + break; + + case EL_CLIENTDATA: + *va_arg(ap, void **) = el->el_data; + rv = 0; + break; + + case EL_UNBUFFERED: + *va_arg(ap, int *) = (!(el->el_flags & UNBUFFERED)); + rv = 0; + break; + + case EL_GETFP: + { + int what; + FILE **fpp; + + what = va_arg(ap, int); + fpp = va_arg(ap, FILE **); + rv = 0; + switch (what) { + case 0: + *fpp = el->el_infile; + break; + case 1: + *fpp = el->el_outfile; + break; + case 2: + *fpp = el->el_errfile; + break; + default: + rv = -1; + break; + } + break; + } + default: + rv = -1; + break; + } + va_end(ap); + + return (rv); +} + + +/* el_line(): + * Return editing info + */ +public const TYPE(LineInfo) * +FUN(el,line)(EditLine *el) +{ + + return (const TYPE(LineInfo) *) (void *) &el->el_line; +} + + +/* el_source(): + * Source a file + */ +public int +el_source(EditLine *el, const char *fname) +{ + FILE *fp; + size_t len; + char *ptr; + char path[MAXPATHLEN]; + const Char *dptr; + + fp = NULL; + if (fname == NULL) { + static const char elpath[] = "/.editrc"; + +#ifdef HAVE_ISSETUGID + if (issetugid()) + return (-1); +#endif + if ((ptr = getenv("HOME")) == NULL) + return (-1); + if (strlcpy(path, ptr, sizeof(path)) >= sizeof(path)) + return (-1); + if (strlcat(path, elpath, sizeof(path)) >= sizeof(path)) + return (-1); + fname = path; + } + if (fp == NULL) + fp = fopen(fname, "r"); + if (fp == NULL) + return (-1); + + while ((ptr = fgetln(fp, &len)) != NULL) { + dptr = ct_decode_string(ptr, &el->el_scratch); + if (!dptr) + continue; + if (len > 0 && dptr[len - 1] == '\n') + --len; + + /* loop until first non-space char or EOL */ + while (*dptr != '\0' && Isspace(*dptr)) + dptr++; + if (*dptr == '#') + continue; /* ignore, this is a comment line */ + if (parse_line(el, dptr) == -1) { + (void) fclose(fp); + return (-1); + } + } + + (void) fclose(fp); + return (0); +} + + +/* el_resize(): + * Called from program when terminal is resized + */ +public void +el_resize(EditLine *el) +{ + int lins, cols; + sigset_t oset, nset; + + (void) sigemptyset(&nset); + (void) sigaddset(&nset, SIGWINCH); + (void) sigprocmask(SIG_BLOCK, &nset, &oset); + + /* get the correct window size */ + if (term_get_size(el, &lins, &cols)) + term_change_size(el, lins, cols); + + (void) sigprocmask(SIG_SETMASK, &oset, NULL); +} + + +/* el_beep(): + * Called from the program to beep + */ +public void +el_beep(EditLine *el) +{ + + term_beep(el); +} + + +/* el_editmode() + * Set the state of EDIT_DISABLED from the `edit' command. + */ +protected int +/*ARGSUSED*/ +el_editmode(EditLine *el, int argc, const Char **argv) +{ + const Char *how; + + if (argv == NULL || argc != 2 || argv[1] == NULL) + return (-1); + + how = argv[1]; + if (Strcmp(how, STR("on")) == 0) { + el->el_flags &= ~EDIT_DISABLED; + tty_rawmode(el); + } else if (Strcmp(how, STR("off")) == 0) { + tty_cookedmode(el); + el->el_flags |= EDIT_DISABLED; + } + else { + (void) fprintf(el->el_errfile, "edit: Bad value `" FSTR "'.\n", + how); + return (-1); + } + return (0); +} diff --git a/lib/libedit/src/el.h b/lib/libedit/src/el.h new file mode 100644 index 000000000000..da07b3061a3c --- /dev/null +++ b/lib/libedit/src/el.h @@ -0,0 +1,163 @@ +/* $NetBSD: el.h,v 1.22 2011/01/27 23:11:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)el.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * el.h: Internal structures. + */ +#ifndef _h_el +#define _h_el +/* + * Local defaults + */ +#define KSHVI +#define VIDEFAULT +#define ANCHOR + +#include "histedit.h" +#include "chartype.h" +#include +#include + +#define EL_BUFSIZ 1024 /* Maximum line size */ + +#define HANDLE_SIGNALS 0x01 +#define NO_TTY 0x02 +#define EDIT_DISABLED 0x04 +#define UNBUFFERED 0x08 +#define CHARSET_IS_UTF8 0x10 +#define IGNORE_EXTCHARS 0x20 /* Ignore characters read > 0xff */ +#define NARROW_HISTORY 0x40 +#define NARROW_READ 0x80 + +typedef int bool_t; /* True or not */ + +typedef unsigned char el_action_t; /* Index to command array */ + +typedef struct coord_t { /* Position on the screen */ + int h; + int v; +} coord_t; + +typedef struct el_line_t { + Char *buffer; /* Input line */ + Char *cursor; /* Cursor position */ + Char *lastchar; /* Last character */ + const Char *limit; /* Max position */ +} el_line_t; + +/* + * Editor state + */ +typedef struct el_state_t { + int inputmode; /* What mode are we in? */ + int doingarg; /* Are we getting an argument? */ + int argument; /* Numeric argument */ + int metanext; /* Is the next char a meta char */ + el_action_t lastcmd; /* Previous command */ + el_action_t thiscmd; /* this command */ + Char thisch; /* char that generated it */ +} el_state_t; + +/* + * Until we come up with something better... + */ +#define el_malloc(a) malloc(a) +#define el_realloc(a,b) realloc(a, b) +#define el_free(a) free(a) + +#include "tty.h" +#include "prompt.h" +#include "key.h" +#include "el_term.h" +#include "refresh.h" +#include "chared.h" +#include "common.h" +#include "search.h" +#include "hist.h" +#include "map.h" +#include "parse.h" +#include "sig.h" +#include "help.h" +#include "read.h" + +struct editline { + Char *el_prog; /* the program name */ + FILE *el_infile; /* Stdio stuff */ + FILE *el_outfile; /* Stdio stuff */ + FILE *el_errfile; /* Stdio stuff */ + int el_infd; /* Input file descriptor */ + int el_outfd; /* Output file descriptor */ + int el_errfd; /* Error file descriptor */ + int el_flags; /* Various flags. */ + int el_errno; /* Local copy of errno */ + coord_t el_cursor; /* Cursor location */ + Char **el_display; /* Real screen image = what is there */ + Char **el_vdisplay; /* Virtual screen image = what we see */ + void *el_data; /* Client data */ + el_line_t el_line; /* The current line information */ + el_state_t el_state; /* Current editor state */ + el_term_t el_term; /* Terminal dependent stuff */ + el_tty_t el_tty; /* Tty dependent stuff */ + el_refresh_t el_refresh; /* Refresh stuff */ + el_prompt_t el_prompt; /* Prompt stuff */ + el_prompt_t el_rprompt; /* Prompt stuff */ + el_chared_t el_chared; /* Characted editor stuff */ + el_map_t el_map; /* Key mapping stuff */ + el_key_t el_key; /* Key binding stuff */ + el_history_t el_history; /* History stuff */ + el_search_t el_search; /* Search stuff */ + el_signal_t el_signal; /* Signal handling stuff */ + el_read_t el_read; /* Character reading stuff */ +#ifdef WIDECHAR + ct_buffer_t el_scratch; /* Scratch conversion buffer */ + ct_buffer_t el_lgcyconv; /* Buffer for legacy wrappers */ + LineInfo el_lgcylinfo; /* Legacy LineInfo buffer */ +#endif +}; + +protected int el_editmode(EditLine *, int, const Char **); + +#ifdef DEBUG +#define EL_ABORT(a) do { \ + fprintf(el->el_errfile, "%s, %d: ", \ + __FILE__, __LINE__); \ + fprintf a; \ + abort(); \ + } while( /*CONSTCOND*/0); +#else +#define EL_ABORT(a) abort() +#endif +#endif /* _h_el */ diff --git a/lib/libedit/src/el_term.h b/lib/libedit/src/el_term.h new file mode 100644 index 000000000000..c8572075f528 --- /dev/null +++ b/lib/libedit/src/el_term.h @@ -0,0 +1,134 @@ +/* $NetBSD: term.h,v 1.21 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)term.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * el.term.h: Termcap header + */ +#ifndef _h_el_term +#define _h_el_term + +#include "histedit.h" + +typedef struct { /* Symbolic function key bindings */ + const Char *name; /* name of the key */ + int key; /* Index in termcap table */ + key_value_t fun; /* Function bound to it */ + int type; /* Type of function */ +} fkey_t; + +typedef struct { + const char *t_name; /* the terminal name */ + coord_t t_size; /* # lines and cols */ + int t_flags; +#define TERM_CAN_INSERT 0x001 /* Has insert cap */ +#define TERM_CAN_DELETE 0x002 /* Has delete cap */ +#define TERM_CAN_CEOL 0x004 /* Has CEOL cap */ +#define TERM_CAN_TAB 0x008 /* Can use tabs */ +#define TERM_CAN_ME 0x010 /* Can turn all attrs. */ +#define TERM_CAN_UP 0x020 /* Can move up */ +#define TERM_HAS_META 0x040 /* Has a meta key */ +#define TERM_HAS_AUTO_MARGINS 0x080 /* Has auto margins */ +#define TERM_HAS_MAGIC_MARGINS 0x100 /* Has magic margins */ + char *t_buf; /* Termcap buffer */ + int t_loc; /* location used */ + char **t_str; /* termcap strings */ + int *t_val; /* termcap values */ + char *t_cap; /* Termcap buffer */ + fkey_t *t_fkey; /* Array of keys */ +} el_term_t; + +/* + * fKey indexes + */ +#define A_K_DN 0 +#define A_K_UP 1 +#define A_K_LT 2 +#define A_K_RT 3 +#define A_K_HO 4 +#define A_K_EN 5 +#define A_K_NKEYS 6 + +#ifdef __sun +extern int tgetent(char *, const char *); +extern int tgetflag(char *); +extern int tgetnum(char *); +extern int tputs(const char *, int, int (*)(int)); +extern char* tgoto(const char*, int, int); +extern char* tgetstr(char*, char**); +#endif + +protected void term_move_to_line(EditLine *, int); +protected void term_move_to_char(EditLine *, int); +protected void term_clear_EOL(EditLine *, int); +protected void term_overwrite(EditLine *, const Char *, size_t); +protected void term_insertwrite(EditLine *, Char *, int); +protected void term_deletechars(EditLine *, int); +protected void term_clear_screen(EditLine *); +protected void term_beep(EditLine *); +protected int term_change_size(EditLine *, int, int); +protected int term_get_size(EditLine *, int *, int *); +protected int term_init(EditLine *); +protected void term_bind_arrow(EditLine *); +protected void term_print_arrow(EditLine *, const Char *); +protected int term_clear_arrow(EditLine *, const Char *); +protected int term_set_arrow(EditLine *, const Char *, key_value_t *, int); +protected void term_end(EditLine *); +protected void term_get(EditLine *, const char **); +protected int term_set(EditLine *, const char *); +protected int term_settc(EditLine *, int, const Char **); +protected int term_gettc(EditLine *, int, char **); +protected int term_telltc(EditLine *, int, const Char **); +protected int term_echotc(EditLine *, int, const Char **); +protected void term_writec(EditLine *, Int); +protected int term__putc(EditLine *, Int); +protected void term__flush(EditLine *); + +/* + * Easy access macros + */ +#define EL_FLAGS (el)->el_term.t_flags + +#define EL_CAN_INSERT (EL_FLAGS & TERM_CAN_INSERT) +#define EL_CAN_DELETE (EL_FLAGS & TERM_CAN_DELETE) +#define EL_CAN_CEOL (EL_FLAGS & TERM_CAN_CEOL) +#define EL_CAN_TAB (EL_FLAGS & TERM_CAN_TAB) +#define EL_CAN_ME (EL_FLAGS & TERM_CAN_ME) +#define EL_CAN_UP (EL_FLAGS & TERM_CAN_UP) +#define EL_HAS_META (EL_FLAGS & TERM_HAS_META) +#define EL_HAS_AUTO_MARGINS (EL_FLAGS & TERM_HAS_AUTO_MARGINS) +#define EL_HAS_MAGIC_MARGINS (EL_FLAGS & TERM_HAS_MAGIC_MARGINS) + +#endif /* _h_el_term */ diff --git a/lib/libedit/src/eln.c b/lib/libedit/src/eln.c new file mode 100644 index 000000000000..04e992fbad2b --- /dev/null +++ b/lib/libedit/src/eln.c @@ -0,0 +1,371 @@ +/* $NetBSD: eln.c,v 1.9 2010/11/04 13:53:12 christos Exp $ */ + +/*- + * Copyright (c) 2009 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the NetBSD + * Foundation, Inc. and its contributors. + * 4. Neither the name of The NetBSD Foundation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +__RCSID("$NetBSD: eln.c,v 1.9 2010/11/04 13:53:12 christos Exp $"); +#endif /* not lint && not SCCSID */ + +#include "histedit.h" +#include "el.h" +#include "read.h" +#include +#include +#include + +public int +el_getc(EditLine *el, char *cp) +{ + int num_read; + wchar_t wc = 0; + + if (!(el->el_flags & CHARSET_IS_UTF8)) + el->el_flags |= IGNORE_EXTCHARS; + num_read = el_wgetc (el, &wc); + if (!(el->el_flags & CHARSET_IS_UTF8)) + el->el_flags &= ~IGNORE_EXTCHARS; + + if (num_read > 0) + *cp = (unsigned char)wc; + return num_read; +} + + +public void +el_push(EditLine *el, const char *str) +{ + /* Using multibyte->wide string decoding works fine under single-byte + * character sets too, and Does The Right Thing. */ + el_wpush(el, ct_decode_string(str, &el->el_lgcyconv)); +} + + +public const char * +el_gets(EditLine *el, int *nread) +{ + const wchar_t *tmp; + + el->el_flags |= IGNORE_EXTCHARS; + tmp = el_wgets(el, nread); + el->el_flags &= ~IGNORE_EXTCHARS; + return ct_encode_string(tmp, &el->el_lgcyconv); +} + + +public int +el_parse(EditLine *el, int argc, const char *argv[]) +{ + int ret; + const wchar_t **wargv; + + wargv = (const wchar_t **) + ct_decode_argv(argc, argv, &el->el_lgcyconv); + if (!wargv) + return -1; + ret = el_wparse(el, argc, wargv); + ct_free_argv(wargv); + + return ret; +} + + +public int +el_set(EditLine *el, int op, ...) +{ + va_list ap; + int ret; + + if (!el) + return -1; + va_start(ap, op); + + switch (op) { + case EL_PROMPT: /* el_pfunc_t */ + case EL_RPROMPT: { + el_pfunc_t p = va_arg(ap, el_pfunc_t); + ret = prompt_set(el, p, 0, op, 0); + break; + } + + case EL_RESIZE: { + el_zfunc_t p = va_arg(ap, el_zfunc_t); + void *arg = va_arg(ap, void *); + ret = ch_resizefun(el, p, arg); + break; + } + + case EL_TERMINAL: /* const char * */ + ret = el_wset(el, op, va_arg(ap, char *)); + break; + + case EL_EDITOR: /* const wchar_t * */ + ret = el_wset(el, op, ct_decode_string(va_arg(ap, char *), + &el->el_lgcyconv)); + break; + + case EL_SIGNAL: /* int */ + case EL_EDITMODE: + case EL_UNBUFFERED: + case EL_PREP_TERM: + ret = el_wset(el, op, va_arg(ap, int)); + break; + + case EL_BIND: /* const char * list -> const wchar_t * list */ + case EL_TELLTC: + case EL_SETTC: + case EL_ECHOTC: + case EL_SETTY: { + const char *argv[20]; + int i; + const wchar_t **wargv; + for (i = 1; i < (int)__arraycount(argv); ++i) + if ((argv[i] = va_arg(ap, char *)) == NULL) + break; + argv[0] = NULL; + wargv = (const wchar_t **) + ct_decode_argv(i, argv, &el->el_lgcyconv); + if (!wargv) { + ret = -1; + goto out; + } + /* + * AFAIK we can't portably pass through our new wargv to + * el_wset(), so we have to reimplement the body of + * el_wset() for these ops. + */ + switch (op) { + case EL_BIND: + wargv[0] = STR("bind"); + ret = map_bind(el, i, wargv); + break; + case EL_TELLTC: + wargv[0] = STR("telltc"); + ret = term_telltc(el, i, wargv); + break; + case EL_SETTC: + wargv[0] = STR("settc"); + ret = term_settc(el, i, wargv); + break; + case EL_ECHOTC: + wargv[0] = STR("echotc"); + ret = term_echotc(el, i, wargv); + break; + case EL_SETTY: + wargv[0] = STR("setty"); + ret = tty_stty(el, i, wargv); + break; + default: + ret = -1; + } + ct_free_argv(wargv); + break; + } + + /* XXX: do we need to change el_func_t too? */ + case EL_ADDFN: { /* const char *, const char *, el_func_t */ + const char *args[2]; + el_func_t func; + wchar_t **wargv; + + args[0] = va_arg(ap, const char *); + args[1] = va_arg(ap, const char *); + func = va_arg(ap, el_func_t); + + wargv = ct_decode_argv(2, args, &el->el_lgcyconv); + if (!wargv) { + ret = -1; + goto out; + } + // XXX: The two strdup's leak + ret = map_addfunc(el, Strdup(wargv[0]), Strdup(wargv[1]), + func); + ct_free_argv(wargv); + break; + } + case EL_HIST: { /* hist_fun_t, const char * */ + hist_fun_t fun = va_arg(ap, hist_fun_t); + ptr_t ptr = va_arg(ap, ptr_t); + ret = hist_set(el, fun, ptr); + el->el_flags |= NARROW_HISTORY; + break; + } + /* XXX: do we need to change el_rfunc_t? */ + case EL_GETCFN: /* el_rfunc_t */ + ret = el_wset(el, op, va_arg(ap, el_rfunc_t)); + el->el_flags |= NARROW_READ; + break; + case EL_CLIENTDATA: /* void * */ + ret = el_wset(el, op, va_arg(ap, void *)); + break; + case EL_SETFP: { /* int, FILE * */ + int what = va_arg(ap, int); + FILE *fp = va_arg(ap, FILE *); + ret = el_wset(el, op, what, fp); + break; + } + case EL_PROMPT_ESC: /* el_pfunc_t, char */ + case EL_RPROMPT_ESC: { + el_pfunc_t p = va_arg(ap, el_pfunc_t); + char c = va_arg(ap, int); + ret = prompt_set(el, p, c, op, 0); + break; + } + default: + ret = -1; + break; + } + +out: + va_end(ap); + return ret; +} + + +public int +el_get(EditLine *el, int op, ...) +{ + va_list ap; + int ret; + + if (!el) + return -1; + + va_start(ap, op); + + switch (op) { + case EL_PROMPT: /* el_pfunc_t * */ + case EL_RPROMPT: { + el_pfunc_t *p = va_arg(ap, el_pfunc_t *); + ret = prompt_get(el, p, 0, op); + break; + } + + case EL_PROMPT_ESC: /* el_pfunc_t *, char **/ + case EL_RPROMPT_ESC: { + el_pfunc_t *p = va_arg(ap, el_pfunc_t *); + char *c = va_arg(ap, char *); + wchar_t wc; + ret = prompt_get(el, p, &wc, op); + *c = (unsigned char)wc; + break; + } + + case EL_EDITOR: { + const char **p = va_arg(ap, const char **); + const wchar_t *pw; + ret = el_wget(el, op, &pw); + *p = ct_encode_string(pw, &el->el_lgcyconv); + if (!el->el_lgcyconv.csize) + ret = -1; + break; + } + + case EL_TERMINAL: /* const char ** */ + ret = el_wget(el, op, va_arg(ap, const char **)); + break; + + case EL_SIGNAL: /* int * */ + case EL_EDITMODE: + case EL_UNBUFFERED: + case EL_PREP_TERM: + ret = el_wget(el, op, va_arg(ap, int *)); + break; + + case EL_GETTC: { + char *argv[20]; + static char gettc[] = "gettc"; + int i; + for (i = 1; i < (int)__arraycount(argv); ++i) + if ((argv[i] = va_arg(ap, char *)) == NULL) + break; + argv[0] = gettc; + ret = term_gettc(el, i, argv); + break; + } + + /* XXX: do we need to change el_rfunc_t? */ + case EL_GETCFN: /* el_rfunc_t */ + ret = el_wget(el, op, va_arg(ap, el_rfunc_t *)); + break; + + case EL_CLIENTDATA: /* void ** */ + ret = el_wget(el, op, va_arg(ap, void **)); + break; + + case EL_GETFP: { /* int, FILE ** */ + int what = va_arg(ap, int); + FILE **fpp = va_arg(ap, FILE **); + ret = el_wget(el, op, what, fpp); + break; + } + + default: + ret = -1; + break; + } + + va_end(ap); + return ret; +} + + +const LineInfo * +el_line(EditLine *el) +{ + const LineInfoW *winfo = el_wline(el); + LineInfo *info = &el->el_lgcylinfo; + size_t offset; + const Char *p; + + info->buffer = ct_encode_string(winfo->buffer, &el->el_lgcyconv); + + offset = 0; + for (p = winfo->buffer; p < winfo->cursor; p++) + offset += ct_enc_width(*p); + info->cursor = info->buffer + offset; + + offset = 0; + for (p = winfo->buffer; p < winfo->lastchar; p++) + offset += ct_enc_width(*p); + info->lastchar = info->buffer + offset; + + return info; +} + + +int +el_insertstr(EditLine *el, const char *str) +{ + return el_winsertstr(el, ct_decode_string(str, &el->el_lgcyconv)); +} diff --git a/lib/libedit/src/emacs.c b/lib/libedit/src/emacs.c new file mode 100644 index 000000000000..8fb6f4b50ae0 --- /dev/null +++ b/lib/libedit/src/emacs.c @@ -0,0 +1,508 @@ +/* $NetBSD: emacs.c,v 1.23 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)emacs.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: emacs.c,v 1.23 2009/12/30 22:37:40 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * emacs.c: Emacs functions + */ +#include "el.h" + +/* em_delete_or_list(): + * Delete character under cursor or list completions if at end of line + * [^D] + */ +protected el_action_t +/*ARGSUSED*/ +em_delete_or_list(EditLine *el, Int c) +{ + + if (el->el_line.cursor == el->el_line.lastchar) { + /* if I'm at the end */ + if (el->el_line.cursor == el->el_line.buffer) { + /* and the beginning */ + term_writec(el, c); /* then do an EOF */ + return (CC_EOF); + } else { + /* + * Here we could list completions, but it is an + * error right now + */ + term_beep(el); + return (CC_ERROR); + } + } else { + if (el->el_state.doingarg) + c_delafter(el, el->el_state.argument); + else + c_delafter1(el); + if (el->el_line.cursor > el->el_line.lastchar) + el->el_line.cursor = el->el_line.lastchar; + /* bounds check */ + return (CC_REFRESH); + } +} + + +/* em_delete_next_word(): + * Cut from cursor to end of current word + * [M-d] + */ +protected el_action_t +/*ARGSUSED*/ +em_delete_next_word(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *cp, *p, *kp; + + if (el->el_line.cursor == el->el_line.lastchar) + return (CC_ERROR); + + cp = c__next_word(el->el_line.cursor, el->el_line.lastchar, + el->el_state.argument, ce__isword); + + for (p = el->el_line.cursor, kp = el->el_chared.c_kill.buf; p < cp; p++) + /* save the text */ + *kp++ = *p; + el->el_chared.c_kill.last = kp; + + c_delafter(el, (int)(cp - el->el_line.cursor)); /* delete after dot */ + if (el->el_line.cursor > el->el_line.lastchar) + el->el_line.cursor = el->el_line.lastchar; + /* bounds check */ + return (CC_REFRESH); +} + + +/* em_yank(): + * Paste cut buffer at cursor position + * [^Y] + */ +protected el_action_t +/*ARGSUSED*/ +em_yank(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *kp, *cp; + + if (el->el_chared.c_kill.last == el->el_chared.c_kill.buf) + return (CC_NORM); + + if (el->el_line.lastchar + + (el->el_chared.c_kill.last - el->el_chared.c_kill.buf) >= + el->el_line.limit) + return (CC_ERROR); + + el->el_chared.c_kill.mark = el->el_line.cursor; + cp = el->el_line.cursor; + + /* open the space, */ + c_insert(el, + (int)(el->el_chared.c_kill.last - el->el_chared.c_kill.buf)); + /* copy the chars */ + for (kp = el->el_chared.c_kill.buf; kp < el->el_chared.c_kill.last; kp++) + *cp++ = *kp; + + /* if an arg, cursor at beginning else cursor at end */ + if (el->el_state.argument == 1) + el->el_line.cursor = cp; + + return (CC_REFRESH); +} + + +/* em_kill_line(): + * Cut the entire line and save in cut buffer + * [^U] + */ +protected el_action_t +/*ARGSUSED*/ +em_kill_line(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *kp, *cp; + + cp = el->el_line.buffer; + kp = el->el_chared.c_kill.buf; + while (cp < el->el_line.lastchar) + *kp++ = *cp++; /* copy it */ + el->el_chared.c_kill.last = kp; + /* zap! -- delete all of it */ + el->el_line.lastchar = el->el_line.buffer; + el->el_line.cursor = el->el_line.buffer; + return (CC_REFRESH); +} + + +/* em_kill_region(): + * Cut area between mark and cursor and save in cut buffer + * [^W] + */ +protected el_action_t +/*ARGSUSED*/ +em_kill_region(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *kp, *cp; + + if (!el->el_chared.c_kill.mark) + return (CC_ERROR); + + if (el->el_chared.c_kill.mark > el->el_line.cursor) { + cp = el->el_line.cursor; + kp = el->el_chared.c_kill.buf; + while (cp < el->el_chared.c_kill.mark) + *kp++ = *cp++; /* copy it */ + el->el_chared.c_kill.last = kp; + c_delafter(el, (int)(cp - el->el_line.cursor)); + } else { /* mark is before cursor */ + cp = el->el_chared.c_kill.mark; + kp = el->el_chared.c_kill.buf; + while (cp < el->el_line.cursor) + *kp++ = *cp++; /* copy it */ + el->el_chared.c_kill.last = kp; + c_delbefore(el, (int)(cp - el->el_chared.c_kill.mark)); + el->el_line.cursor = el->el_chared.c_kill.mark; + } + return (CC_REFRESH); +} + + +/* em_copy_region(): + * Copy area between mark and cursor to cut buffer + * [M-W] + */ +protected el_action_t +/*ARGSUSED*/ +em_copy_region(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *kp, *cp; + + if (!el->el_chared.c_kill.mark) + return (CC_ERROR); + + if (el->el_chared.c_kill.mark > el->el_line.cursor) { + cp = el->el_line.cursor; + kp = el->el_chared.c_kill.buf; + while (cp < el->el_chared.c_kill.mark) + *kp++ = *cp++; /* copy it */ + el->el_chared.c_kill.last = kp; + } else { + cp = el->el_chared.c_kill.mark; + kp = el->el_chared.c_kill.buf; + while (cp < el->el_line.cursor) + *kp++ = *cp++; /* copy it */ + el->el_chared.c_kill.last = kp; + } + return (CC_NORM); +} + + +/* em_gosmacs_transpose(): + * Exchange the two characters before the cursor + * Gosling emacs transpose chars [^T] + */ +protected el_action_t +em_gosmacs_transpose(EditLine *el, Int c) +{ + + if (el->el_line.cursor > &el->el_line.buffer[1]) { + /* must have at least two chars entered */ + c = el->el_line.cursor[-2]; + el->el_line.cursor[-2] = el->el_line.cursor[-1]; + el->el_line.cursor[-1] = c; + return (CC_REFRESH); + } else + return (CC_ERROR); +} + + +/* em_next_word(): + * Move next to end of current word + * [M-f] + */ +protected el_action_t +/*ARGSUSED*/ +em_next_word(EditLine *el, Int c __attribute__((__unused__))) +{ + if (el->el_line.cursor == el->el_line.lastchar) + return (CC_ERROR); + + el->el_line.cursor = c__next_word(el->el_line.cursor, + el->el_line.lastchar, + el->el_state.argument, + ce__isword); + + if (el->el_map.type == MAP_VI) + if (el->el_chared.c_vcmd.action != NOP) { + cv_delfini(el); + return (CC_REFRESH); + } + return (CC_CURSOR); +} + + +/* em_upper_case(): + * Uppercase the characters from cursor to end of current word + * [M-u] + */ +protected el_action_t +/*ARGSUSED*/ +em_upper_case(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *cp, *ep; + + ep = c__next_word(el->el_line.cursor, el->el_line.lastchar, + el->el_state.argument, ce__isword); + + for (cp = el->el_line.cursor; cp < ep; cp++) + if (Islower(*cp)) + *cp = Toupper(*cp); + + el->el_line.cursor = ep; + if (el->el_line.cursor > el->el_line.lastchar) + el->el_line.cursor = el->el_line.lastchar; + return (CC_REFRESH); +} + + +/* em_capitol_case(): + * Capitalize the characters from cursor to end of current word + * [M-c] + */ +protected el_action_t +/*ARGSUSED*/ +em_capitol_case(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *cp, *ep; + + ep = c__next_word(el->el_line.cursor, el->el_line.lastchar, + el->el_state.argument, ce__isword); + + for (cp = el->el_line.cursor; cp < ep; cp++) { + if (Isalpha(*cp)) { + if (Islower(*cp)) + *cp = Toupper(*cp); + cp++; + break; + } + } + for (; cp < ep; cp++) + if (Isupper(*cp)) + *cp = Tolower(*cp); + + el->el_line.cursor = ep; + if (el->el_line.cursor > el->el_line.lastchar) + el->el_line.cursor = el->el_line.lastchar; + return (CC_REFRESH); +} + + +/* em_lower_case(): + * Lowercase the characters from cursor to end of current word + * [M-l] + */ +protected el_action_t +/*ARGSUSED*/ +em_lower_case(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *cp, *ep; + + ep = c__next_word(el->el_line.cursor, el->el_line.lastchar, + el->el_state.argument, ce__isword); + + for (cp = el->el_line.cursor; cp < ep; cp++) + if (Isupper(*cp)) + *cp = Tolower(*cp); + + el->el_line.cursor = ep; + if (el->el_line.cursor > el->el_line.lastchar) + el->el_line.cursor = el->el_line.lastchar; + return (CC_REFRESH); +} + + +/* em_set_mark(): + * Set the mark at cursor + * [^@] + */ +protected el_action_t +/*ARGSUSED*/ +em_set_mark(EditLine *el, Int c __attribute__((__unused__))) +{ + + el->el_chared.c_kill.mark = el->el_line.cursor; + return (CC_NORM); +} + + +/* em_exchange_mark(): + * Exchange the cursor and mark + * [^X^X] + */ +protected el_action_t +/*ARGSUSED*/ +em_exchange_mark(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *cp; + + cp = el->el_line.cursor; + el->el_line.cursor = el->el_chared.c_kill.mark; + el->el_chared.c_kill.mark = cp; + return (CC_CURSOR); +} + + +/* em_universal_argument(): + * Universal argument (argument times 4) + * [^U] + */ +protected el_action_t +/*ARGSUSED*/ +em_universal_argument(EditLine *el, Int c __attribute__((__unused__))) +{ /* multiply current argument by 4 */ + + if (el->el_state.argument > 1000000) + return (CC_ERROR); + el->el_state.doingarg = 1; + el->el_state.argument *= 4; + return (CC_ARGHACK); +} + + +/* em_meta_next(): + * Add 8th bit to next character typed + * [] + */ +protected el_action_t +/*ARGSUSED*/ +em_meta_next(EditLine *el, Int c __attribute__((__unused__))) +{ + + el->el_state.metanext = 1; + return (CC_ARGHACK); +} + + +/* em_toggle_overwrite(): + * Switch from insert to overwrite mode or vice versa + */ +protected el_action_t +/*ARGSUSED*/ +em_toggle_overwrite(EditLine *el, Int c __attribute__((__unused__))) +{ + + el->el_state.inputmode = (el->el_state.inputmode == MODE_INSERT) ? + MODE_REPLACE : MODE_INSERT; + return (CC_NORM); +} + + +/* em_copy_prev_word(): + * Copy current word to cursor + */ +protected el_action_t +/*ARGSUSED*/ +em_copy_prev_word(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *cp, *oldc, *dp; + + if (el->el_line.cursor == el->el_line.buffer) + return (CC_ERROR); + + oldc = el->el_line.cursor; + /* does a bounds check */ + cp = c__prev_word(el->el_line.cursor, el->el_line.buffer, + el->el_state.argument, ce__isword); + + c_insert(el, (int)(oldc - cp)); + for (dp = oldc; cp < oldc && dp < el->el_line.lastchar; cp++) + *dp++ = *cp; + + el->el_line.cursor = dp;/* put cursor at end */ + + return (CC_REFRESH); +} + + +/* em_inc_search_next(): + * Emacs incremental next search + */ +protected el_action_t +/*ARGSUSED*/ +em_inc_search_next(EditLine *el, Int c __attribute__((__unused__))) +{ + + el->el_search.patlen = 0; + return (ce_inc_search(el, ED_SEARCH_NEXT_HISTORY)); +} + + +/* em_inc_search_prev(): + * Emacs incremental reverse search + */ +protected el_action_t +/*ARGSUSED*/ +em_inc_search_prev(EditLine *el, Int c __attribute__((__unused__))) +{ + + el->el_search.patlen = 0; + return (ce_inc_search(el, ED_SEARCH_PREV_HISTORY)); +} + + +/* em_delete_prev_char(): + * Delete the character to the left of the cursor + * [^?] + */ +protected el_action_t +/*ARGSUSED*/ +em_delete_prev_char(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_line.cursor <= el->el_line.buffer) + return (CC_ERROR); + + if (el->el_state.doingarg) + c_delbefore(el, el->el_state.argument); + else + c_delbefore1(el); + el->el_line.cursor -= el->el_state.argument; + if (el->el_line.cursor < el->el_line.buffer) + el->el_line.cursor = el->el_line.buffer; + return (CC_REFRESH); +} diff --git a/lib/libedit/src/fgetln.c b/lib/libedit/src/fgetln.c new file mode 100644 index 000000000000..6c4f320c12ca --- /dev/null +++ b/lib/libedit/src/fgetln.c @@ -0,0 +1,107 @@ +/* $NetBSD: fgetln.c,v 1.9 2008/04/29 06:53:03 martin Exp $ */ + +/*- + * Copyright (c) 1998 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifdef HAVE_NBTOOL_CONFIG_H +#include "nbtool_config.h" +#endif + +#if !HAVE_FGETLN +#include "config.h" +#include +#ifndef HAVE_NBTOOL_CONFIG_H +/* These headers are required, but included from nbtool_config.h */ +#include +#include +#include +#include +#endif + +char * +fgetln(FILE *fp, size_t *len) +{ + static char *buf = NULL; + static size_t bufsiz = 0; + char *ptr; + + + if (buf == NULL) { + bufsiz = BUFSIZ; + if ((buf = malloc(bufsiz)) == NULL) + return NULL; + } + + if (fgets(buf, bufsiz, fp) == NULL) + return NULL; + + *len = 0; + while ((ptr = strchr(&buf[*len], '\n')) == NULL) { + size_t nbufsiz = bufsiz + BUFSIZ; + char *nbuf = realloc(buf, nbufsiz); + + if (nbuf == NULL) { + int oerrno = errno; + free(buf); + errno = oerrno; + buf = NULL; + return NULL; + } else + buf = nbuf; + + if (fgets(&buf[bufsiz], BUFSIZ, fp) == NULL) { + buf[bufsiz] = '\0'; + *len = strlen(buf); + return buf; + } + + *len = bufsiz; + bufsiz = nbufsiz; + } + + *len = (ptr - buf) + 1; + return buf; +} + +#endif + +#ifdef TEST +int +main(int argc, char *argv[]) +{ + char *p; + size_t len; + + while ((p = fgetln(stdin, &len)) != NULL) { + (void)printf("%zu %s", len, p); + free(p); + } + return 0; +} +#endif diff --git a/lib/libedit/src/filecomplete.c b/lib/libedit/src/filecomplete.c new file mode 100644 index 000000000000..1dcf75bd992b --- /dev/null +++ b/lib/libedit/src/filecomplete.c @@ -0,0 +1,589 @@ +/* $NetBSD: filecomplete.c,v 1.23 2010/12/06 00:05:38 dholland Exp $ */ + +/*- + * Copyright (c) 1997 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Jaromir Dolecek. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/* AIX requires this to be the first thing in the file. */ +#if defined (_AIX) && !defined (__GNUC__) + #pragma alloca +#endif + +#include "config.h" + +#ifdef __GNUC__ +# undef alloca +# define alloca(n) __builtin_alloca (n) +#else +# ifdef HAVE_ALLOCA_H +# include +# else +# ifndef _AIX +extern char *alloca (); +# endif +# endif +#endif + +#if !defined(lint) && !defined(SCCSID) +__RCSID("$NetBSD: filecomplete.c,v 1.23 2010/12/06 00:05:38 dholland Exp $"); +#endif /* not lint && not SCCSID */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "el.h" +#include "fcns.h" /* for EL_NUM_FCNS */ +#include "histedit.h" +#include "filecomplete.h" + +static const Char break_chars[] = { ' ', '\t', '\n', '"', '\\', '\'', '`', '@', + '$', '>', '<', '=', ';', '|', '&', '{', '(', '\0' }; + + +/********************************/ +/* completion functions */ + +/* + * does tilde expansion of strings of type ``~user/foo'' + * if ``user'' isn't valid user name or ``txt'' doesn't start + * w/ '~', returns pointer to strdup()ed copy of ``txt'' + * + * it's callers's responsibility to free() returned string + */ +char * +fn_tilde_expand(const char *txt) +{ + struct passwd pwres, *pass; + char *temp; + size_t len = 0; + char pwbuf[1024]; + + if (txt[0] != '~') + return (strdup(txt)); + + temp = strchr(txt + 1, '/'); + if (temp == NULL) { + temp = strdup(txt + 1); + if (temp == NULL) + return NULL; + } else { + len = temp - txt + 1; /* text until string after slash */ + temp = malloc(len); + if (temp == NULL) + return NULL; + (void)strncpy(temp, txt + 1, len - 2); + temp[len - 2] = '\0'; + } + if (temp[0] == 0) { +#ifdef HAVE_GETPW_R_POSIX + if (getpwuid_r(getuid(), &pwres, pwbuf, sizeof(pwbuf), &pass) != 0) + pass = NULL; +#elif HAVE_GETPW_R_DRAFT + pass = getpwuid_r(getuid(), &pwres, pwbuf, sizeof(pwbuf)); +#else + pass = getpwuid(getuid()); +#endif + } else { +#ifdef HAVE_GETPW_R_POSIX + if (getpwnam_r(temp, &pwres, pwbuf, sizeof(pwbuf), &pass) != 0) + pass = NULL; +#elif HAVE_GETPW_R_DRAFT + pass = getpwnam_r(temp, &pwres, pwbuf, sizeof(pwbuf)); +#else + pass = getpwnam(temp); +#endif + } + free(temp); /* value no more needed */ + if (pass == NULL) + return (strdup(txt)); + + /* update pointer txt to point at string immedially following */ + /* first slash */ + txt += len; + + temp = malloc(strlen(pass->pw_dir) + 1 + strlen(txt) + 1); + if (temp == NULL) + return NULL; + (void)sprintf(temp, "%s/%s", pass->pw_dir, txt); + + return (temp); +} + + +/* + * return first found file name starting by the ``text'' or NULL if no + * such file can be found + * value of ``state'' is ignored + * + * it's caller's responsibility to free returned string + */ +char * +fn_filename_completion_function(const char *text, int state) +{ + static DIR *dir = NULL; + static char *filename = NULL, *dirname = NULL, *dirpath = NULL; + static size_t filename_len = 0; + struct dirent *entry; + char *temp; + size_t len; + + if (state == 0 || dir == NULL) { + temp = strrchr(text, '/'); + if (temp) { + char *nptr; + temp++; + nptr = realloc(filename, strlen(temp) + 1); + if (nptr == NULL) { + free(filename); + filename = NULL; + return NULL; + } + filename = nptr; + (void)strcpy(filename, temp); + len = temp - text; /* including last slash */ + + nptr = realloc(dirname, len + 1); + if (nptr == NULL) { + free(dirname); + dirname = NULL; + return NULL; + } + dirname = nptr; + (void)strncpy(dirname, text, len); + dirname[len] = '\0'; + } else { + free(filename); + if (*text == 0) + filename = NULL; + else { + filename = strdup(text); + if (filename == NULL) + return NULL; + } + free(dirname); + dirname = NULL; + } + + if (dir != NULL) { + (void)closedir(dir); + dir = NULL; + } + + /* support for ``~user'' syntax */ + + free(dirpath); + dirpath = NULL; + if (dirname == NULL) { + if ((dirname = strdup("")) == NULL) + return NULL; + dirpath = strdup("./"); + } else if (*dirname == '~') + dirpath = fn_tilde_expand(dirname); + else + dirpath = strdup(dirname); + + if (dirpath == NULL) + return NULL; + + dir = opendir(dirpath); + if (!dir) + return (NULL); /* cannot open the directory */ + + /* will be used in cycle */ + filename_len = filename ? strlen(filename) : 0; + } + + /* find the match */ + while ((entry = readdir(dir)) != NULL) { + /* skip . and .. */ + if (entry->d_name[0] == '.' && (!entry->d_name[1] + || (entry->d_name[1] == '.' && !entry->d_name[2]))) + continue; + if (filename_len == 0) + break; + /* otherwise, get first entry where first */ + /* filename_len characters are equal */ + if (entry->d_name[0] == filename[0] + /* Some dirents have d_namlen, but it is not portable. */ + && strlen(entry->d_name) >= filename_len + && strncmp(entry->d_name, filename, + filename_len) == 0) + break; + } + + if (entry) { /* match found */ + + /* Some dirents have d_namlen, but it is not portable. */ + len = strlen(entry->d_name); + + temp = malloc(strlen(dirname) + len + 1); + if (temp == NULL) + return NULL; + (void)sprintf(temp, "%s%s", dirname, entry->d_name); + } else { + (void)closedir(dir); + dir = NULL; + temp = NULL; + } + + return (temp); +} + + +static const char * +append_char_function(const char *name) +{ + struct stat stbuf; + char *expname = *name == '~' ? fn_tilde_expand(name) : NULL; + const char *rs = " "; + + if (stat(expname ? expname : name, &stbuf) == -1) + goto out; + if (S_ISDIR(stbuf.st_mode)) + rs = "/"; +out: + if (expname) + free(expname); + return rs; +} +/* + * returns list of completions for text given + * non-static for readline. + */ +char ** completion_matches(const char *, char *(*)(const char *, int)); +char ** +completion_matches(const char *text, char *(*genfunc)(const char *, int)) +{ + char **match_list = NULL, *retstr, *prevstr; + size_t match_list_len, max_equal, which, i; + size_t matches; + + matches = 0; + match_list_len = 1; + while ((retstr = (*genfunc) (text, (int)matches)) != NULL) { + /* allow for list terminator here */ + if (matches + 3 >= match_list_len) { + char **nmatch_list; + while (matches + 3 >= match_list_len) + match_list_len <<= 1; + nmatch_list = realloc(match_list, + match_list_len * sizeof(char *)); + if (nmatch_list == NULL) { + free(match_list); + return NULL; + } + match_list = nmatch_list; + + } + match_list[++matches] = retstr; + } + + if (!match_list) + return NULL; /* nothing found */ + + /* find least denominator and insert it to match_list[0] */ + which = 2; + prevstr = match_list[1]; + max_equal = strlen(prevstr); + for (; which <= matches; which++) { + for (i = 0; i < max_equal && + prevstr[i] == match_list[which][i]; i++) + continue; + max_equal = i; + } + + retstr = malloc(max_equal + 1); + if (retstr == NULL) { + free(match_list); + return NULL; + } + (void)strncpy(retstr, match_list[1], max_equal); + retstr[max_equal] = '\0'; + match_list[0] = retstr; + + /* add NULL as last pointer to the array */ + match_list[matches + 1] = (char *) NULL; + + return (match_list); +} + +/* + * Sort function for qsort(). Just wrapper around strcasecmp(). + */ +static int +_fn_qsort_string_compare(const void *i1, const void *i2) +{ + const char *s1 = ((const char * const *)i1)[0]; + const char *s2 = ((const char * const *)i2)[0]; + + return strcasecmp(s1, s2); +} + +/* + * Display list of strings in columnar format on readline's output stream. + * 'matches' is list of strings, 'num' is number of strings in 'matches', + * 'width' is maximum length of string in 'matches'. + * + * matches[0] is not one of the match strings, but it is counted in + * num, so the strings are matches[1] *through* matches[num-1]. + */ +void +fn_display_match_list (EditLine *el, char **matches, size_t num, size_t width) +{ + size_t line, lines, col, cols, thisguy; + int screenwidth = el->el_term.t_size.h; + + /* Ignore matches[0]. Avoid 1-based array logic below. */ + matches++; + num--; + + /* + * Find out how many entries can be put on one line; count + * with one space between strings the same way it's printed. + */ + cols = screenwidth / (width + 1); + if (cols == 0) + cols = 1; + + /* how many lines of output, rounded up */ + lines = (num + cols - 1) / cols; + + /* Sort the items. */ + qsort(matches, num, sizeof(char *), _fn_qsort_string_compare); + + /* + * On the ith line print elements i, i+lines, i+lines*2, etc. + */ + for (line = 0; line < lines; line++) { + for (col = 0; col < cols; col++) { + thisguy = line + col * lines; + if (thisguy >= num) + break; + (void)fprintf(el->el_outfile, "%s%-*s", + col == 0 ? "" : " ", (int)width, matches[thisguy]); + } + (void)fprintf(el->el_outfile, "\n"); + } +} + +/* + * Complete the word at or before point, + * 'what_to_do' says what to do with the completion. + * \t means do standard completion. + * `?' means list the possible completions. + * `*' means insert all of the possible completions. + * `!' means to do standard completion, and list all possible completions if + * there is more than one. + * + * Note: '*' support is not implemented + * '!' could never be invoked + */ +int +fn_complete(EditLine *el, + char *(*complet_func)(const char *, int), + char **(*attempted_completion_function)(const char *, int, int), + const Char *word_break, const Char *special_prefixes, + const char *(*app_func)(const char *), size_t query_items, + int *completion_type, int *over, int *point, int *end) +{ + const TYPE(LineInfo) *li; + Char *temp; + char **matches; + const Char *ctemp; + size_t len; + int what_to_do = '\t'; + int retval = CC_NORM; + + if (el->el_state.lastcmd == el->el_state.thiscmd) + what_to_do = '?'; + + /* readline's rl_complete() has to be told what we did... */ + if (completion_type != NULL) + *completion_type = what_to_do; + + if (!complet_func) + complet_func = fn_filename_completion_function; + if (!app_func) + app_func = append_char_function; + + /* We now look backwards for the start of a filename/variable word */ + li = FUN(el,line)(el); + ctemp = li->cursor; + while (ctemp > li->buffer + && !Strchr(word_break, ctemp[-1]) + && (!special_prefixes || !Strchr(special_prefixes, ctemp[-1]) ) ) + ctemp--; + + len = li->cursor - ctemp; +#if defined(__SSP__) || defined(__SSP_ALL__) + temp = malloc(sizeof(*temp) * (len + 1)); +#else + temp = alloca(sizeof(*temp) * (len + 1)); +#endif + (void)Strncpy(temp, ctemp, len); + temp[len] = '\0'; + + /* these can be used by function called in completion_matches() */ + /* or (*attempted_completion_function)() */ + if (point != 0) + *point = (int)(li->cursor - li->buffer); + if (end != NULL) + *end = (int)(li->lastchar - li->buffer); + + if (attempted_completion_function) { + int cur_off = (int)(li->cursor - li->buffer); + matches = (*attempted_completion_function) (ct_encode_string(temp, &el->el_scratch), + (int)(cur_off - len), cur_off); + } else + matches = 0; + if (!attempted_completion_function || + (over != NULL && !*over && !matches)) + matches = completion_matches(ct_encode_string(temp, &el->el_scratch), complet_func); + + if (over != NULL) + *over = 0; + + if (matches) { + int i; + size_t matches_num, maxlen, match_len, match_display=1; + + retval = CC_REFRESH; + /* + * Only replace the completed string with common part of + * possible matches if there is possible completion. + */ + if (matches[0][0] != '\0') { + el_deletestr(el, (int) len); + FUN(el,insertstr)(el, + ct_decode_string(matches[0], &el->el_scratch)); + } + + if (what_to_do == '?') + goto display_matches; + + if (matches[2] == NULL && strcmp(matches[0], matches[1]) == 0) { + /* + * We found exact match. Add a space after + * it, unless we do filename completion and the + * object is a directory. + */ + FUN(el,insertstr)(el, + ct_decode_string((*app_func)(matches[0]), + &el->el_scratch)); + } else if (what_to_do == '!') { + display_matches: + /* + * More than one match and requested to list possible + * matches. + */ + + for(i = 1, maxlen = 0; matches[i]; i++) { + match_len = strlen(matches[i]); + if (match_len > maxlen) + maxlen = match_len; + } + /* matches[1] through matches[i-1] are available */ + matches_num = i - 1; + + /* newline to get on next line from command line */ + (void)fprintf(el->el_outfile, "\n"); + + /* + * If there are too many items, ask user for display + * confirmation. + */ + if (matches_num > query_items) { + (void)fprintf(el->el_outfile, + "Display all %zu possibilities? (y or n) ", + matches_num); + (void)fflush(el->el_outfile); + if (getc(stdin) != 'y') + match_display = 0; + (void)fprintf(el->el_outfile, "\n"); + } + + if (match_display) { + /* + * Interface of this function requires the + * strings be matches[1..num-1] for compat. + * We have matches_num strings not counting + * the prefix in matches[0], so we need to + * add 1 to matches_num for the call. + */ + fn_display_match_list(el, matches, + matches_num+1, maxlen); + } + retval = CC_REDISPLAY; + } else if (matches[0][0]) { + /* + * There was some common match, but the name was + * not complete enough. Next tab will print possible + * completions. + */ + el_beep(el); + } else { + /* lcd is not a valid object - further specification */ + /* is needed */ + el_beep(el); + retval = CC_NORM; + } + + /* free elements of array and the array itself */ + for (i = 0; matches[i]; i++) + free(matches[i]); + free(matches); + matches = NULL; + } +#if defined(__SSP__) || defined(__SSP_ALL__) + free(temp); +#endif + return retval; +} + +/* + * el-compatible wrapper around rl_complete; needed for key binding + */ +/* ARGSUSED */ +unsigned char +_el_fn_complete(EditLine *el, int ch __attribute__((__unused__))) +{ + return (unsigned char)fn_complete(el, NULL, NULL, + break_chars, NULL, NULL, 100, + NULL, NULL, NULL, NULL); +} diff --git a/lib/libedit/src/filecomplete.h b/lib/libedit/src/filecomplete.h new file mode 100644 index 000000000000..971e6e059391 --- /dev/null +++ b/lib/libedit/src/filecomplete.h @@ -0,0 +1,44 @@ +/* $NetBSD: filecomplete.h,v 1.9 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1997 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Jaromir Dolecek. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _FILECOMPLETE_H_ +#define _FILECOMPLETE_H_ + +int fn_complete(EditLine *, + char *(*)(const char *, int), + char **(*)(const char *, int, int), + const Char *, const Char *, const char *(*)(const char *), size_t, + int *, int *, int *, int *); + +void fn_display_match_list(EditLine *, char **, size_t, size_t); +char *fn_tilde_expand(const char *); +char *fn_filename_completion_function(const char *, int); + +#endif diff --git a/lib/libedit/src/hist.c b/lib/libedit/src/hist.c new file mode 100644 index 000000000000..e12bfb9b9b4a --- /dev/null +++ b/lib/libedit/src/hist.c @@ -0,0 +1,223 @@ +/* $NetBSD: hist.c,v 1.17 2009/12/30 23:54:52 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)hist.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: hist.c,v 1.17 2009/12/30 23:54:52 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * hist.c: History access functions + */ +#include +#include "el.h" + +/* hist_init(): + * Initialization function. + */ +protected int +hist_init(EditLine *el) +{ + + el->el_history.fun = NULL; + el->el_history.ref = NULL; + el->el_history.buf = el_malloc(EL_BUFSIZ * sizeof(*el->el_history.buf)); + el->el_history.sz = EL_BUFSIZ; + if (el->el_history.buf == NULL) + return (-1); + el->el_history.last = el->el_history.buf; + return (0); +} + + +/* hist_end(): + * clean up history; + */ +protected void +hist_end(EditLine *el) +{ + + el_free((ptr_t) el->el_history.buf); + el->el_history.buf = NULL; +} + + +/* hist_set(): + * Set new history interface + */ +protected int +hist_set(EditLine *el, hist_fun_t fun, ptr_t ptr) +{ + + el->el_history.ref = ptr; + el->el_history.fun = fun; + return (0); +} + + +/* hist_get(): + * Get a history line and update it in the buffer. + * eventno tells us the event to get. + */ +protected el_action_t +hist_get(EditLine *el) +{ + const Char *hp; + int h; + + if (el->el_history.eventno == 0) { /* if really the current line */ + (void) Strncpy(el->el_line.buffer, el->el_history.buf, + el->el_history.sz); + el->el_line.lastchar = el->el_line.buffer + + (el->el_history.last - el->el_history.buf); + +#ifdef KSHVI + if (el->el_map.type == MAP_VI) + el->el_line.cursor = el->el_line.buffer; + else +#endif /* KSHVI */ + el->el_line.cursor = el->el_line.lastchar; + + return (CC_REFRESH); + } + if (el->el_history.ref == NULL) + return (CC_ERROR); + + hp = HIST_FIRST(el); + + if (hp == NULL) + return (CC_ERROR); + + for (h = 1; h < el->el_history.eventno; h++) + if ((hp = HIST_NEXT(el)) == NULL) { + el->el_history.eventno = h; + return (CC_ERROR); + } + (void) Strncpy(el->el_line.buffer, hp, + (size_t)(el->el_line.limit - el->el_line.buffer)); + el->el_line.buffer[el->el_line.limit - el->el_line.buffer - 1] = '\0'; + el->el_line.lastchar = el->el_line.buffer + Strlen(el->el_line.buffer); + + if (el->el_line.lastchar > el->el_line.buffer + && el->el_line.lastchar[-1] == '\n') + el->el_line.lastchar--; + if (el->el_line.lastchar > el->el_line.buffer + && el->el_line.lastchar[-1] == ' ') + el->el_line.lastchar--; +#ifdef KSHVI + if (el->el_map.type == MAP_VI) + el->el_line.cursor = el->el_line.buffer; + else +#endif /* KSHVI */ + el->el_line.cursor = el->el_line.lastchar; + + return (CC_REFRESH); +} + + +/* hist_command() + * process a history command + */ +protected int +hist_command(EditLine *el, int argc, const Char **argv) +{ + const Char *str; + int num; + HistEvent ev; + + if (el->el_history.ref == NULL) + return (-1); + + if (argc == 1 || Strcmp(argv[1], STR("list")) == 0) { + /* List history entries */ + + for (str = HIST_LAST(el); str != NULL; str = HIST_PREV(el)) + (void) fprintf(el->el_outfile, "%d %s", + el->el_history.ev.num, ct_encode_string(str, &el->el_scratch)); + return (0); + } + + if (argc != 3) + return (-1); + + num = (int)Strtol(argv[2], NULL, 0); + + if (Strcmp(argv[1], STR("size")) == 0) + return history(el->el_history.ref, &ev, H_SETSIZE, num); + + if (Strcmp(argv[1], STR("unique")) == 0) + return history(el->el_history.ref, &ev, H_SETUNIQUE, num); + + return -1; +} + +/* hist_enlargebuf() + * Enlarge history buffer to specified value. Called from el_enlargebufs(). + * Return 0 for failure, 1 for success. + */ +protected int +/*ARGSUSED*/ +hist_enlargebuf(EditLine *el, size_t oldsz, size_t newsz) +{ + Char *newbuf; + + newbuf = el_realloc(el->el_history.buf, newsz * sizeof(*newbuf)); + if (!newbuf) + return 0; + + (void) memset(&newbuf[oldsz], '\0', (newsz - oldsz) * sizeof(*newbuf)); + + el->el_history.last = newbuf + + (el->el_history.last - el->el_history.buf); + el->el_history.buf = newbuf; + el->el_history.sz = newsz; + + return 1; +} + +#ifdef WIDECHAR +protected wchar_t * +hist_convert(EditLine *el, int fn, ptr_t arg) +{ + HistEventW ev; + if ((*(el)->el_history.fun)((el)->el_history.ref, &ev, fn, arg) == -1) + return NULL; + return ct_decode_string((const char *)(const void *)ev.str, + &el->el_scratch); +} +#endif diff --git a/lib/libedit/src/hist.h b/lib/libedit/src/hist.h new file mode 100644 index 000000000000..8c3af40bf868 --- /dev/null +++ b/lib/libedit/src/hist.h @@ -0,0 +1,87 @@ +/* $NetBSD: hist.h,v 1.12 2009/12/30 23:54:52 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)hist.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * el.hist.c: History functions + */ +#ifndef _h_el_hist +#define _h_el_hist + +#include "histedit.h" + +typedef int (*hist_fun_t)(ptr_t, TYPE(HistEvent) *, int, ...); + +typedef struct el_history_t { + Char *buf; /* The history buffer */ + size_t sz; /* Size of history buffer */ + Char *last; /* The last character */ + int eventno; /* Event we are looking for */ + ptr_t ref; /* Argument for history fcns */ + hist_fun_t fun; /* Event access */ + TYPE(HistEvent) ev; /* Event cookie */ +} el_history_t; + +#define HIST_FUN_INTERNAL(el, fn, arg) \ + ((((*(el)->el_history.fun) ((el)->el_history.ref, &(el)->el_history.ev, \ + fn, arg)) == -1) ? NULL : (el)->el_history.ev.str) +#ifdef WIDECHAR +#define HIST_FUN(el, fn, arg) \ + (((el)->el_flags & NARROW_HISTORY) ? hist_convert(el, fn, arg) : \ + HIST_FUN_INTERNAL(el, fn, arg)) +#else +#define HIST_FUN(el, fn, arg) HIST_FUN_INTERNAL(el, fn, arg) +#endif + + +#define HIST_NEXT(el) HIST_FUN(el, H_NEXT, NULL) +#define HIST_FIRST(el) HIST_FUN(el, H_FIRST, NULL) +#define HIST_LAST(el) HIST_FUN(el, H_LAST, NULL) +#define HIST_PREV(el) HIST_FUN(el, H_PREV, NULL) +#define HIST_SET(el, num) HIST_FUN(el, H_SET, num) +#define HIST_LOAD(el, fname) HIST_FUN(el, H_LOAD fname) +#define HIST_SAVE(el, fname) HIST_FUN(el, H_SAVE fname) + +protected int hist_init(EditLine *); +protected void hist_end(EditLine *); +protected el_action_t hist_get(EditLine *); +protected int hist_set(EditLine *, hist_fun_t, ptr_t); +protected int hist_command(EditLine *, int, const Char **); +protected int hist_enlargebuf(EditLine *, size_t, size_t); +#ifdef WIDECHAR +protected wchar_t *hist_convert(EditLine *, int, ptr_t); +#endif + +#endif /* _h_el_hist */ diff --git a/lib/libedit/src/histedit.h b/lib/libedit/src/histedit.h new file mode 100644 index 000000000000..5009feec62c0 --- /dev/null +++ b/lib/libedit/src/histedit.h @@ -0,0 +1,319 @@ +/* $NetBSD: histedit.h,v 1.47 2010/08/28 15:44:59 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)histedit.h 8.2 (Berkeley) 1/3/94 + */ + +/* + * histedit.h: Line editor and history interface. + */ +#ifndef _HISTEDIT_H_ +#define _HISTEDIT_H_ + +#define LIBEDIT_MAJOR 2 +#define LIBEDIT_MINOR 11 + +#include + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * ==== Editing ==== + */ + +typedef struct editline EditLine; + +/* + * For user-defined function interface + */ +typedef struct lineinfo { + const char *buffer; + const char *cursor; + const char *lastchar; +} LineInfo; + +/* + * EditLine editor function return codes. + * For user-defined function interface + */ +#define CC_NORM 0 +#define CC_NEWLINE 1 +#define CC_EOF 2 +#define CC_ARGHACK 3 +#define CC_REFRESH 4 +#define CC_CURSOR 5 +#define CC_ERROR 6 +#define CC_FATAL 7 +#define CC_REDISPLAY 8 +#define CC_REFRESH_BEEP 9 + +/* + * Initialization, cleanup, and resetting + */ +EditLine *el_init(const char *, FILE *, FILE *, FILE *); +void el_end(EditLine *); +void el_reset(EditLine *); + +/* + * Get a line, a character or push a string back in the input queue + */ +const char *el_gets(EditLine *, int *); +int el_getc(EditLine *, char *); +void el_push(EditLine *, const char *); + +/* + * Beep! + */ +void el_beep(EditLine *); + +/* + * High level function internals control + * Parses argc, argv array and executes builtin editline commands + */ +int el_parse(EditLine *, int, const char **); + +/* + * Low level editline access functions + */ +int el_set(EditLine *, int, ...); +int el_get(EditLine *, int, ...); +unsigned char _el_fn_complete(EditLine *, int); + +/* + * el_set/el_get parameters + * + * When using el_wset/el_wget (as opposed to el_set/el_get): + * Char is wchar_t, otherwise it is char. + * prompt_func is el_wpfunc_t, otherwise it is el_pfunc_t . + + * Prompt function prototypes are: + * typedef char *(*el_pfunct_t) (EditLine *); + * typedef wchar_t *(*el_wpfunct_t) (EditLine *); + * + * For operations that support set or set/get, the argument types listed are for + * the "set" operation. For "get", each listed type must be a pointer. + * E.g. EL_EDITMODE takes an int when set, but an int* when get. + * + * Operations that only support "get" have the correct argument types listed. + */ +#define EL_PROMPT 0 /* , prompt_func); set/get */ +#define EL_TERMINAL 1 /* , const char *); set/get */ +#define EL_EDITOR 2 /* , const Char *); set/get */ +#define EL_SIGNAL 3 /* , int); set/get */ +#define EL_BIND 4 /* , const Char *, ..., NULL); set */ +#define EL_TELLTC 5 /* , const Char *, ..., NULL); set */ +#define EL_SETTC 6 /* , const Char *, ..., NULL); set */ +#define EL_ECHOTC 7 /* , const Char *, ..., NULL); set */ +#define EL_SETTY 8 /* , const Char *, ..., NULL); set */ +#define EL_ADDFN 9 /* , const Char *, const Char, set */ + /* el_func_t); */ +#define EL_HIST 10 /* , hist_fun_t, const ptr_t); set */ +#define EL_EDITMODE 11 /* , int); set/get */ +#define EL_RPROMPT 12 /* , prompt_func); set/get */ +#define EL_GETCFN 13 /* , el_rfunc_t); set/get */ +#define EL_CLIENTDATA 14 /* , void *); set/get */ +#define EL_UNBUFFERED 15 /* , int); set/get */ +#define EL_PREP_TERM 16 /* , int); set */ +#define EL_GETTC 17 /* , const Char *, ..., NULL); get */ +#define EL_GETFP 18 /* , int, FILE **); get */ +#define EL_SETFP 19 /* , int, FILE *); set */ +#define EL_REFRESH 20 /* , void); set */ +#define EL_PROMPT_ESC 21 /* , prompt_func, Char); set/get */ +#define EL_RPROMPT_ESC 22 /* , prompt_func, Char); set/get */ +#define EL_RESIZE 23 /* , el_zfunc_t, void *); set */ + +#define EL_BUILTIN_GETCFN (NULL) + +/* + * Source named file or $PWD/.editrc or $HOME/.editrc + */ +int el_source(EditLine *, const char *); + +/* + * Must be called when the terminal changes size; If EL_SIGNAL + * is set this is done automatically otherwise it is the responsibility + * of the application + */ +void el_resize(EditLine *); + +/* + * User-defined function interface. + */ +const LineInfo *el_line(EditLine *); +int el_insertstr(EditLine *, const char *); +void el_deletestr(EditLine *, int); + + +/* + * ==== History ==== + */ + +typedef struct history History; + +typedef struct HistEvent { + int num; + const char *str; +} HistEvent; + +/* + * History access functions. + */ +History * history_init(void); +void history_end(History *); + +int history(History *, HistEvent *, int, ...); + +#define H_FUNC 0 /* , UTSL */ +#define H_SETSIZE 1 /* , const int); */ +#define H_GETSIZE 2 /* , void); */ +#define H_FIRST 3 /* , void); */ +#define H_LAST 4 /* , void); */ +#define H_PREV 5 /* , void); */ +#define H_NEXT 6 /* , void); */ +#define H_CURR 8 /* , const int); */ +#define H_SET 7 /* , int); */ +#define H_ADD 9 /* , const wchar_t *); */ +#define H_ENTER 10 /* , const wchar_t *); */ +#define H_APPEND 11 /* , const wchar_t *); */ +#define H_END 12 /* , void); */ +#define H_NEXT_STR 13 /* , const wchar_t *); */ +#define H_PREV_STR 14 /* , const wchar_t *); */ +#define H_NEXT_EVENT 15 /* , const int); */ +#define H_PREV_EVENT 16 /* , const int); */ +#define H_LOAD 17 /* , const char *); */ +#define H_SAVE 18 /* , const char *); */ +#define H_CLEAR 19 /* , void); */ +#define H_SETUNIQUE 20 /* , int); */ +#define H_GETUNIQUE 21 /* , void); */ +#define H_DEL 22 /* , int); */ +#define H_NEXT_EVDATA 23 /* , const int, histdata_t *); */ +#define H_DELDATA 24 /* , int, histdata_t *);*/ +#define H_REPLACE 25 /* , const char *, histdata_t); */ + + + +/* + * ==== Tokenization ==== + */ + +typedef struct tokenizer Tokenizer; + +/* + * String tokenization functions, using simplified sh(1) quoting rules + */ +Tokenizer *tok_init(const char *); +void tok_end(Tokenizer *); +void tok_reset(Tokenizer *); +int tok_line(Tokenizer *, const LineInfo *, + int *, const char ***, int *, int *); +int tok_str(Tokenizer *, const char *, + int *, const char ***); + +/* + * Begin Wide Character Support + */ +#ifdef __linux__ +/* Apparently we need _GNU_SOURCE defined to get access to wcsdup on Linux */ +#ifndef _GNU_SOURCE +#define _GNU_SOURCE +#endif +#endif + +#include +#include + +/* + * Wide character versions + */ + +/* + * ==== Editing ==== + */ +typedef struct lineinfow { + const wchar_t *buffer; + const wchar_t *cursor; + const wchar_t *lastchar; +} LineInfoW; + +const wchar_t *el_wgets(EditLine *, int *); +int el_wgetc(EditLine *, wchar_t *); +void el_wpush(EditLine *, const wchar_t *); + +int el_wparse(EditLine *, int, const wchar_t **); + +int el_wset(EditLine *, int, ...); +int el_wget(EditLine *, int, ...); + +const LineInfoW *el_wline(EditLine *); +int el_winsertstr(EditLine *, const wchar_t *); +#define el_wdeletestr el_deletestr + +/* + * ==== History ==== + */ +typedef struct histeventW { + int num; + const wchar_t *str; +} HistEventW; + +typedef struct historyW HistoryW; + +HistoryW * history_winit(void); +void history_wend(HistoryW *); + +int history_w(HistoryW *, HistEventW *, int, ...); + +/* + * ==== Tokenization ==== + */ +typedef struct tokenizerW TokenizerW; + +/* Wide character tokenizer support */ +TokenizerW *tok_winit(const wchar_t *); +void tok_wend(TokenizerW *); +void tok_wreset(TokenizerW *); +int tok_wline(TokenizerW *, const LineInfoW *, + int *, const wchar_t ***, int *, int *); +int tok_wstr(TokenizerW *, const wchar_t *, + int *, const wchar_t ***); + +#ifdef __cplusplus +} +#endif + +#endif /* _HISTEDIT_H_ */ diff --git a/lib/libedit/src/history.c b/lib/libedit/src/history.c new file mode 100644 index 000000000000..3ec16a77bc02 --- /dev/null +++ b/lib/libedit/src/history.c @@ -0,0 +1,1097 @@ +/* $NetBSD: history.c,v 1.38 2011/01/16 03:05:51 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef NARROWCHAR +#include "config.h" +#endif + +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)history.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: history.c,v 1.38 2011/01/16 03:05:51 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * hist.c: TYPE(History) access functions + */ +#include +#include +#include +#include +#include + +static const char hist_cookie[] = "_HiStOrY_V2_\n"; + +#include "histedit.h" +#include "chartype.h" + +typedef int (*history_gfun_t)(ptr_t, TYPE(HistEvent) *); +typedef int (*history_efun_t)(ptr_t, TYPE(HistEvent) *, const Char *); +typedef void (*history_vfun_t)(ptr_t, TYPE(HistEvent) *); +typedef int (*history_sfun_t)(ptr_t, TYPE(HistEvent) *, const int); + +struct TYPE(history) { + ptr_t h_ref; /* Argument for history fcns */ + int h_ent; /* Last entry point for history */ + history_gfun_t h_first; /* Get the first element */ + history_gfun_t h_next; /* Get the next element */ + history_gfun_t h_last; /* Get the last element */ + history_gfun_t h_prev; /* Get the previous element */ + history_gfun_t h_curr; /* Get the current element */ + history_sfun_t h_set; /* Set the current element */ + history_sfun_t h_del; /* Set the given element */ + history_vfun_t h_clear; /* Clear the history list */ + history_efun_t h_enter; /* Add an element */ + history_efun_t h_add; /* Append to an element */ +}; + +#define HNEXT(h, ev) (*(h)->h_next)((h)->h_ref, ev) +#define HFIRST(h, ev) (*(h)->h_first)((h)->h_ref, ev) +#define HPREV(h, ev) (*(h)->h_prev)((h)->h_ref, ev) +#define HLAST(h, ev) (*(h)->h_last)((h)->h_ref, ev) +#define HCURR(h, ev) (*(h)->h_curr)((h)->h_ref, ev) +#define HSET(h, ev, n) (*(h)->h_set)((h)->h_ref, ev, n) +#define HCLEAR(h, ev) (*(h)->h_clear)((h)->h_ref, ev) +#define HENTER(h, ev, str) (*(h)->h_enter)((h)->h_ref, ev, str) +#define HADD(h, ev, str) (*(h)->h_add)((h)->h_ref, ev, str) +#define HDEL(h, ev, n) (*(h)->h_del)((h)->h_ref, ev, n) + +#define h_strdup(a) Strdup(a) +#define h_malloc(a) malloc(a) +#define h_realloc(a, b) realloc((a), (b)) +#define h_free(a) free(a) + +typedef struct { + int num; + Char *str; +} HistEventPrivate; + + + +private int history_setsize(TYPE(History) *, TYPE(HistEvent) *, int); +private int history_getsize(TYPE(History) *, TYPE(HistEvent) *); +private int history_setunique(TYPE(History) *, TYPE(HistEvent) *, int); +private int history_getunique(TYPE(History) *, TYPE(HistEvent) *); +private int history_set_fun(TYPE(History) *, TYPE(History) *); +private int history_load(TYPE(History) *, const char *); +private int history_save(TYPE(History) *, const char *); +private int history_prev_event(TYPE(History) *, TYPE(HistEvent) *, int); +private int history_next_event(TYPE(History) *, TYPE(HistEvent) *, int); +private int history_next_string(TYPE(History) *, TYPE(HistEvent) *, const Char *); +private int history_prev_string(TYPE(History) *, TYPE(HistEvent) *, const Char *); + + +/***********************************************************************/ + +/* + * Builtin- history implementation + */ +typedef struct hentry_t { + TYPE(HistEvent) ev; /* What we return */ + void *data; /* data */ + struct hentry_t *next; /* Next entry */ + struct hentry_t *prev; /* Previous entry */ +} hentry_t; + +typedef struct history_t { + hentry_t list; /* Fake list header element */ + hentry_t *cursor; /* Current element in the list */ + int max; /* Maximum number of events */ + int cur; /* Current number of events */ + int eventid; /* For generation of unique event id */ + int flags; /* TYPE(History) flags */ +#define H_UNIQUE 1 /* Store only unique elements */ +} history_t; + +private int history_def_next(ptr_t, TYPE(HistEvent) *); +private int history_def_first(ptr_t, TYPE(HistEvent) *); +private int history_def_prev(ptr_t, TYPE(HistEvent) *); +private int history_def_last(ptr_t, TYPE(HistEvent) *); +private int history_def_curr(ptr_t, TYPE(HistEvent) *); +private int history_def_set(ptr_t, TYPE(HistEvent) *, const int); +private void history_def_clear(ptr_t, TYPE(HistEvent) *); +private int history_def_enter(ptr_t, TYPE(HistEvent) *, const Char *); +private int history_def_add(ptr_t, TYPE(HistEvent) *, const Char *); +private int history_def_del(ptr_t, TYPE(HistEvent) *, const int); + +private int history_def_init(ptr_t *, TYPE(HistEvent) *, int); +private int history_def_insert(history_t *, TYPE(HistEvent) *, const Char *); +private void history_def_delete(history_t *, TYPE(HistEvent) *, hentry_t *); + +private int history_deldata_nth(history_t *, TYPE(HistEvent) *, int, void **); +private int history_set_nth(ptr_t, TYPE(HistEvent) *, int); + +#define history_def_setsize(p, num)(void) (((history_t *)p)->max = (num)) +#define history_def_getsize(p) (((history_t *)p)->cur) +#define history_def_getunique(p) (((((history_t *)p)->flags) & H_UNIQUE) != 0) +#define history_def_setunique(p, uni) \ + if (uni) \ + (((history_t *)p)->flags) |= H_UNIQUE; \ + else \ + (((history_t *)p)->flags) &= ~H_UNIQUE + +#define he_strerror(code) he_errlist[code] +#define he_seterrev(evp, code) {\ + evp->num = code;\ + evp->str = he_strerror(code);\ + } + +/* error messages */ +static const Char *const he_errlist[] = { + STR("OK"), + STR("unknown error"), + STR("malloc() failed"), + STR("first event not found"), + STR("last event not found"), + STR("empty list"), + STR("no next event"), + STR("no previous event"), + STR("current event is invalid"), + STR("event not found"), + STR("can't read history from file"), + STR("can't write history"), + STR("required parameter(s) not supplied"), + STR("history size negative"), + STR("function not allowed with other history-functions-set the default"), + STR("bad parameters") +}; +/* error codes */ +#define _HE_OK 0 +#define _HE_UNKNOWN 1 +#define _HE_MALLOC_FAILED 2 +#define _HE_FIRST_NOTFOUND 3 +#define _HE_LAST_NOTFOUND 4 +#define _HE_EMPTY_LIST 5 +#define _HE_END_REACHED 6 +#define _HE_START_REACHED 7 +#define _HE_CURR_INVALID 8 +#define _HE_NOT_FOUND 9 +#define _HE_HIST_READ 10 +#define _HE_HIST_WRITE 11 +#define _HE_PARAM_MISSING 12 +#define _HE_SIZE_NEGATIVE 13 +#define _HE_NOT_ALLOWED 14 +#define _HE_BAD_PARAM 15 + +/* history_def_first(): + * Default function to return the first event in the history. + */ +private int +history_def_first(ptr_t p, TYPE(HistEvent) *ev) +{ + history_t *h = (history_t *) p; + + h->cursor = h->list.next; + if (h->cursor != &h->list) + *ev = h->cursor->ev; + else { + he_seterrev(ev, _HE_FIRST_NOTFOUND); + return (-1); + } + + return (0); +} + + +/* history_def_last(): + * Default function to return the last event in the history. + */ +private int +history_def_last(ptr_t p, TYPE(HistEvent) *ev) +{ + history_t *h = (history_t *) p; + + h->cursor = h->list.prev; + if (h->cursor != &h->list) + *ev = h->cursor->ev; + else { + he_seterrev(ev, _HE_LAST_NOTFOUND); + return (-1); + } + + return (0); +} + + +/* history_def_next(): + * Default function to return the next event in the history. + */ +private int +history_def_next(ptr_t p, TYPE(HistEvent) *ev) +{ + history_t *h = (history_t *) p; + + if (h->cursor == &h->list) { + he_seterrev(ev, _HE_EMPTY_LIST); + return (-1); + } + + if (h->cursor->next == &h->list) { + he_seterrev(ev, _HE_END_REACHED); + return (-1); + } + + h->cursor = h->cursor->next; + *ev = h->cursor->ev; + + return (0); +} + + +/* history_def_prev(): + * Default function to return the previous event in the history. + */ +private int +history_def_prev(ptr_t p, TYPE(HistEvent) *ev) +{ + history_t *h = (history_t *) p; + + if (h->cursor == &h->list) { + he_seterrev(ev, + (h->cur > 0) ? _HE_END_REACHED : _HE_EMPTY_LIST); + return (-1); + } + + if (h->cursor->prev == &h->list) { + he_seterrev(ev, _HE_START_REACHED); + return (-1); + } + + h->cursor = h->cursor->prev; + *ev = h->cursor->ev; + + return (0); +} + + +/* history_def_curr(): + * Default function to return the current event in the history. + */ +private int +history_def_curr(ptr_t p, TYPE(HistEvent) *ev) +{ + history_t *h = (history_t *) p; + + if (h->cursor != &h->list) + *ev = h->cursor->ev; + else { + he_seterrev(ev, + (h->cur > 0) ? _HE_CURR_INVALID : _HE_EMPTY_LIST); + return (-1); + } + + return (0); +} + + +/* history_def_set(): + * Default function to set the current event in the history to the + * given one. + */ +private int +history_def_set(ptr_t p, TYPE(HistEvent) *ev, const int n) +{ + history_t *h = (history_t *) p; + + if (h->cur == 0) { + he_seterrev(ev, _HE_EMPTY_LIST); + return (-1); + } + if (h->cursor == &h->list || h->cursor->ev.num != n) { + for (h->cursor = h->list.next; h->cursor != &h->list; + h->cursor = h->cursor->next) + if (h->cursor->ev.num == n) + break; + } + if (h->cursor == &h->list) { + he_seterrev(ev, _HE_NOT_FOUND); + return (-1); + } + return (0); +} + + +/* history_set_nth(): + * Default function to set the current event in the history to the + * n-th one. + */ +private int +history_set_nth(ptr_t p, TYPE(HistEvent) *ev, int n) +{ + history_t *h = (history_t *) p; + + if (h->cur == 0) { + he_seterrev(ev, _HE_EMPTY_LIST); + return (-1); + } + for (h->cursor = h->list.prev; h->cursor != &h->list; + h->cursor = h->cursor->prev) + if (n-- <= 0) + break; + if (h->cursor == &h->list) { + he_seterrev(ev, _HE_NOT_FOUND); + return (-1); + } + return (0); +} + + +/* history_def_add(): + * Append string to element + */ +private int +history_def_add(ptr_t p, TYPE(HistEvent) *ev, const Char *str) +{ + history_t *h = (history_t *) p; + size_t len; + Char *s; + HistEventPrivate *evp = (void *)&h->cursor->ev; + + if (h->cursor == &h->list) + return (history_def_enter(p, ev, str)); + len = Strlen(evp->str) + Strlen(str) + 1; + s = h_malloc(len * sizeof(*s)); + if (s == NULL) { + he_seterrev(ev, _HE_MALLOC_FAILED); + return (-1); + } + (void) Strncpy(s, h->cursor->ev.str, len); + s[len - 1] = '\0'; + (void) Strncat(s, str, len - Strlen(s) - 1); + h_free((ptr_t)evp->str); + evp->str = s; + *ev = h->cursor->ev; + return (0); +} + + +private int +history_deldata_nth(history_t *h, TYPE(HistEvent) *ev, + int num, void **data) +{ + if (history_set_nth(h, ev, num) != 0) + return (-1); + /* magic value to skip delete (just set to n-th history) */ + if (data == (void **)-1) + return (0); + ev->str = Strdup(h->cursor->ev.str); + ev->num = h->cursor->ev.num; + if (data) + *data = h->cursor->data; + history_def_delete(h, ev, h->cursor); + return (0); +} + + +/* history_def_del(): + * Delete element hp of the h list + */ +/* ARGSUSED */ +private int +history_def_del(ptr_t p, TYPE(HistEvent) *ev __attribute__((__unused__)), + const int num) +{ + history_t *h = (history_t *) p; + if (history_def_set(h, ev, num) != 0) + return (-1); + ev->str = Strdup(h->cursor->ev.str); + ev->num = h->cursor->ev.num; + history_def_delete(h, ev, h->cursor); + return (0); +} + + +/* history_def_delete(): + * Delete element hp of the h list + */ +/* ARGSUSED */ +private void +history_def_delete(history_t *h, + TYPE(HistEvent) *ev __attribute__((__unused__)), hentry_t *hp) +{ + HistEventPrivate *evp = (void *)&hp->ev; + if (hp == &h->list) + abort(); + if (h->cursor == hp) { + h->cursor = hp->prev; + if (h->cursor == &h->list) + h->cursor = hp->next; + } + hp->prev->next = hp->next; + hp->next->prev = hp->prev; + h_free((ptr_t) evp->str); + h_free(hp); + h->cur--; +} + + +/* history_def_insert(): + * Insert element with string str in the h list + */ +private int +history_def_insert(history_t *h, TYPE(HistEvent) *ev, const Char *str) +{ + + h->cursor = (hentry_t *) h_malloc(sizeof(hentry_t)); + if (h->cursor == NULL) + goto oomem; + if ((h->cursor->ev.str = h_strdup(str)) == NULL) { + h_free((ptr_t)h->cursor); + goto oomem; + } + h->cursor->data = NULL; + h->cursor->ev.num = ++h->eventid; + h->cursor->next = h->list.next; + h->cursor->prev = &h->list; + h->list.next->prev = h->cursor; + h->list.next = h->cursor; + h->cur++; + + *ev = h->cursor->ev; + return (0); +oomem: + he_seterrev(ev, _HE_MALLOC_FAILED); + return (-1); +} + + +/* history_def_enter(): + * Default function to enter an item in the history + */ +private int +history_def_enter(ptr_t p, TYPE(HistEvent) *ev, const Char *str) +{ + history_t *h = (history_t *) p; + + if ((h->flags & H_UNIQUE) != 0 && h->list.next != &h->list && + Strcmp(h->list.next->ev.str, str) == 0) + return (0); + + if (history_def_insert(h, ev, str) == -1) + return (-1); /* error, keep error message */ + + /* + * Always keep at least one entry. + * This way we don't have to check for the empty list. + */ + while (h->cur > h->max && h->cur > 0) + history_def_delete(h, ev, h->list.prev); + + return (1); +} + + +/* history_def_init(): + * Default history initialization function + */ +/* ARGSUSED */ +private int +history_def_init(ptr_t *p, TYPE(HistEvent) *ev __attribute__((__unused__)), int n) +{ + history_t *h = (history_t *) h_malloc(sizeof(history_t)); + if (h == NULL) + return -1; + + if (n <= 0) + n = 0; + h->eventid = 0; + h->cur = 0; + h->max = n; + h->list.next = h->list.prev = &h->list; + h->list.ev.str = NULL; + h->list.ev.num = 0; + h->cursor = &h->list; + h->flags = 0; + *p = (ptr_t) h; + return 0; +} + + +/* history_def_clear(): + * Default history cleanup function + */ +private void +history_def_clear(ptr_t p, TYPE(HistEvent) *ev) +{ + history_t *h = (history_t *) p; + + while (h->list.prev != &h->list) + history_def_delete(h, ev, h->list.prev); + h->eventid = 0; + h->cur = 0; +} + + + + +/************************************************************************/ + +/* history_init(): + * Initialization function. + */ +public TYPE(History) * +FUN(history,init)(void) +{ + TYPE(HistEvent) ev; + TYPE(History) *h = (TYPE(History) *) h_malloc(sizeof(TYPE(History))); + if (h == NULL) + return NULL; + + if (history_def_init(&h->h_ref, &ev, 0) == -1) { + h_free((ptr_t)h); + return NULL; + } + h->h_ent = -1; + h->h_next = history_def_next; + h->h_first = history_def_first; + h->h_last = history_def_last; + h->h_prev = history_def_prev; + h->h_curr = history_def_curr; + h->h_set = history_def_set; + h->h_clear = history_def_clear; + h->h_enter = history_def_enter; + h->h_add = history_def_add; + h->h_del = history_def_del; + + return (h); +} + + +/* history_end(): + * clean up history; + */ +public void +FUN(history,end)(TYPE(History) *h) +{ + TYPE(HistEvent) ev; + + if (h->h_next == history_def_next) + history_def_clear(h->h_ref, &ev); + h_free(h->h_ref); + h_free(h); +} + + + +/* history_setsize(): + * Set history number of events + */ +private int +history_setsize(TYPE(History) *h, TYPE(HistEvent) *ev, int num) +{ + + if (h->h_next != history_def_next) { + he_seterrev(ev, _HE_NOT_ALLOWED); + return (-1); + } + if (num < 0) { + he_seterrev(ev, _HE_BAD_PARAM); + return (-1); + } + history_def_setsize(h->h_ref, num); + return (0); +} + + +/* history_getsize(): + * Get number of events currently in history + */ +private int +history_getsize(TYPE(History) *h, TYPE(HistEvent) *ev) +{ + if (h->h_next != history_def_next) { + he_seterrev(ev, _HE_NOT_ALLOWED); + return (-1); + } + ev->num = history_def_getsize(h->h_ref); + if (ev->num < -1) { + he_seterrev(ev, _HE_SIZE_NEGATIVE); + return (-1); + } + return (0); +} + + +/* history_setunique(): + * Set if adjacent equal events should not be entered in history. + */ +private int +history_setunique(TYPE(History) *h, TYPE(HistEvent) *ev, int uni) +{ + + if (h->h_next != history_def_next) { + he_seterrev(ev, _HE_NOT_ALLOWED); + return (-1); + } + history_def_setunique(h->h_ref, uni); + return (0); +} + + +/* history_getunique(): + * Get if adjacent equal events should not be entered in history. + */ +private int +history_getunique(TYPE(History) *h, TYPE(HistEvent) *ev) +{ + if (h->h_next != history_def_next) { + he_seterrev(ev, _HE_NOT_ALLOWED); + return (-1); + } + ev->num = history_def_getunique(h->h_ref); + return (0); +} + + +/* history_set_fun(): + * Set history functions + */ +private int +history_set_fun(TYPE(History) *h, TYPE(History) *nh) +{ + TYPE(HistEvent) ev; + + if (nh->h_first == NULL || nh->h_next == NULL || nh->h_last == NULL || + nh->h_prev == NULL || nh->h_curr == NULL || nh->h_set == NULL || + nh->h_enter == NULL || nh->h_add == NULL || nh->h_clear == NULL || + nh->h_del == NULL || nh->h_ref == NULL) { + if (h->h_next != history_def_next) { + history_def_init(&h->h_ref, &ev, 0); + h->h_first = history_def_first; + h->h_next = history_def_next; + h->h_last = history_def_last; + h->h_prev = history_def_prev; + h->h_curr = history_def_curr; + h->h_set = history_def_set; + h->h_clear = history_def_clear; + h->h_enter = history_def_enter; + h->h_add = history_def_add; + h->h_del = history_def_del; + } + return (-1); + } + if (h->h_next == history_def_next) + history_def_clear(h->h_ref, &ev); + + h->h_ent = -1; + h->h_first = nh->h_first; + h->h_next = nh->h_next; + h->h_last = nh->h_last; + h->h_prev = nh->h_prev; + h->h_curr = nh->h_curr; + h->h_set = nh->h_set; + h->h_clear = nh->h_clear; + h->h_enter = nh->h_enter; + h->h_add = nh->h_add; + h->h_del = nh->h_del; + + return (0); +} + + +/* history_load(): + * TYPE(History) load function + */ +private int +history_load(TYPE(History) *h, const char *fname) +{ + FILE *fp; + char *line; + size_t sz, max_size; + char *ptr; + int i = -1; + TYPE(HistEvent) ev; +#ifdef WIDECHAR + static ct_buffer_t conv; +#endif + + if ((fp = fopen(fname, "r")) == NULL) + return (i); + + if ((line = fgetln(fp, &sz)) == NULL) + goto done; + + if (strncmp(line, hist_cookie, sz) != 0) + goto done; + + ptr = h_malloc(max_size = 1024); + if (ptr == NULL) + goto done; + for (i = 0; (line = fgetln(fp, &sz)) != NULL; i++) { + char c = line[sz]; + + if (sz != 0 && line[sz - 1] == '\n') + line[--sz] = '\0'; + else + line[sz] = '\0'; + + if (max_size < sz) { + char *nptr; + max_size = (sz + 1024) & ~1023; + nptr = h_realloc(ptr, max_size); + if (nptr == NULL) { + i = -1; + goto oomem; + } + ptr = nptr; + } + (void) strunvis(ptr, line); + line[sz] = c; + if (HENTER(h, &ev, ct_decode_string(ptr, &conv)) == -1) { + i = -1; + goto oomem; + } + } +oomem: + h_free((ptr_t)ptr); +done: + (void) fclose(fp); + return (i); +} + + +/* history_save(): + * TYPE(History) save function + */ +private int +history_save(TYPE(History) *h, const char *fname) +{ + FILE *fp; + TYPE(HistEvent) ev; + int i = -1, retval; + size_t len, max_size; + char *ptr; +#ifdef WIDECHAR + static ct_buffer_t conv; +#endif + + if ((fp = fopen(fname, "w")) == NULL) + return (-1); + + if (fchmod(fileno(fp), S_IRUSR|S_IWUSR) == -1) + goto done; + if (fputs(hist_cookie, fp) == EOF) + goto done; + ptr = h_malloc(max_size = 1024); + if (ptr == NULL) + goto done; + for (i = 0, retval = HLAST(h, &ev); + retval != -1; + retval = HPREV(h, &ev), i++) { + len = Strlen(ev.str) * 4; + if (len >= max_size) { + char *nptr; + max_size = (len + 1024) & ~1023; + nptr = h_realloc(ptr, max_size); + if (nptr == NULL) { + i = -1; + goto oomem; + } + ptr = nptr; + } + (void) strvis(ptr, ct_encode_string(ev.str, &conv), VIS_WHITE); + (void) fprintf(fp, "%s\n", ptr); + } +oomem: + h_free((ptr_t)ptr); +done: + (void) fclose(fp); + return (i); +} + + +/* history_prev_event(): + * Find the previous event, with number given + */ +private int +history_prev_event(TYPE(History) *h, TYPE(HistEvent) *ev, int num) +{ + int retval; + + for (retval = HCURR(h, ev); retval != -1; retval = HPREV(h, ev)) + if (ev->num == num) + return (0); + + he_seterrev(ev, _HE_NOT_FOUND); + return (-1); +} + + +private int +history_next_evdata(TYPE(History) *h, TYPE(HistEvent) *ev, int num, void **d) +{ + int retval; + + for (retval = HCURR(h, ev); retval != -1; retval = HPREV(h, ev)) + if (ev->num == num) { + if (d) + *d = ((history_t *)h->h_ref)->cursor->data; + return (0); + } + + he_seterrev(ev, _HE_NOT_FOUND); + return (-1); +} + + +/* history_next_event(): + * Find the next event, with number given + */ +private int +history_next_event(TYPE(History) *h, TYPE(HistEvent) *ev, int num) +{ + int retval; + + for (retval = HCURR(h, ev); retval != -1; retval = HNEXT(h, ev)) + if (ev->num == num) + return (0); + + he_seterrev(ev, _HE_NOT_FOUND); + return (-1); +} + + +/* history_prev_string(): + * Find the previous event beginning with string + */ +private int +history_prev_string(TYPE(History) *h, TYPE(HistEvent) *ev, const Char *str) +{ + size_t len = Strlen(str); + int retval; + + for (retval = HCURR(h, ev); retval != -1; retval = HNEXT(h, ev)) + if (Strncmp(str, ev->str, len) == 0) + return (0); + + he_seterrev(ev, _HE_NOT_FOUND); + return (-1); +} + + +/* history_next_string(): + * Find the next event beginning with string + */ +private int +history_next_string(TYPE(History) *h, TYPE(HistEvent) *ev, const Char *str) +{ + size_t len = Strlen(str); + int retval; + + for (retval = HCURR(h, ev); retval != -1; retval = HPREV(h, ev)) + if (Strncmp(str, ev->str, len) == 0) + return (0); + + he_seterrev(ev, _HE_NOT_FOUND); + return (-1); +} + + +/* history(): + * User interface to history functions. + */ +int +FUNW(history)(TYPE(History) *h, TYPE(HistEvent) *ev, int fun, ...) +{ + va_list va; + const Char *str; + int retval; + + va_start(va, fun); + + he_seterrev(ev, _HE_OK); + + switch (fun) { + case H_GETSIZE: + retval = history_getsize(h, ev); + break; + + case H_SETSIZE: + retval = history_setsize(h, ev, va_arg(va, int)); + break; + + case H_GETUNIQUE: + retval = history_getunique(h, ev); + break; + + case H_SETUNIQUE: + retval = history_setunique(h, ev, va_arg(va, int)); + break; + + case H_ADD: + str = va_arg(va, const Char *); + retval = HADD(h, ev, str); + break; + + case H_DEL: + retval = HDEL(h, ev, va_arg(va, const int)); + break; + + case H_ENTER: + str = va_arg(va, const Char *); + if ((retval = HENTER(h, ev, str)) != -1) + h->h_ent = ev->num; + break; + + case H_APPEND: + str = va_arg(va, const Char *); + if ((retval = HSET(h, ev, h->h_ent)) != -1) + retval = HADD(h, ev, str); + break; + + case H_FIRST: + retval = HFIRST(h, ev); + break; + + case H_NEXT: + retval = HNEXT(h, ev); + break; + + case H_LAST: + retval = HLAST(h, ev); + break; + + case H_PREV: + retval = HPREV(h, ev); + break; + + case H_CURR: + retval = HCURR(h, ev); + break; + + case H_SET: + retval = HSET(h, ev, va_arg(va, const int)); + break; + + case H_CLEAR: + HCLEAR(h, ev); + retval = 0; + break; + + case H_LOAD: + retval = history_load(h, va_arg(va, const char *)); + if (retval == -1) + he_seterrev(ev, _HE_HIST_READ); + break; + + case H_SAVE: + retval = history_save(h, va_arg(va, const char *)); + if (retval == -1) + he_seterrev(ev, _HE_HIST_WRITE); + break; + + case H_PREV_EVENT: + retval = history_prev_event(h, ev, va_arg(va, int)); + break; + + case H_NEXT_EVENT: + retval = history_next_event(h, ev, va_arg(va, int)); + break; + + case H_PREV_STR: + retval = history_prev_string(h, ev, va_arg(va, const Char *)); + break; + + case H_NEXT_STR: + retval = history_next_string(h, ev, va_arg(va, const Char *)); + break; + + case H_FUNC: + { + TYPE(History) hf; + + hf.h_ref = va_arg(va, ptr_t); + h->h_ent = -1; + hf.h_first = va_arg(va, history_gfun_t); + hf.h_next = va_arg(va, history_gfun_t); + hf.h_last = va_arg(va, history_gfun_t); + hf.h_prev = va_arg(va, history_gfun_t); + hf.h_curr = va_arg(va, history_gfun_t); + hf.h_set = va_arg(va, history_sfun_t); + hf.h_clear = va_arg(va, history_vfun_t); + hf.h_enter = va_arg(va, history_efun_t); + hf.h_add = va_arg(va, history_efun_t); + hf.h_del = va_arg(va, history_sfun_t); + + if ((retval = history_set_fun(h, &hf)) == -1) + he_seterrev(ev, _HE_PARAM_MISSING); + break; + } + + case H_END: + FUN(history,end)(h); + retval = 0; + break; + + case H_NEXT_EVDATA: + { + int num = va_arg(va, int); + void **d = va_arg(va, void **); + retval = history_next_evdata(h, ev, num, d); + break; + } + + case H_DELDATA: + { + int num = va_arg(va, int); + void **d = va_arg(va, void **); + retval = history_deldata_nth((history_t *)h->h_ref, ev, num, d); + break; + } + + case H_REPLACE: /* only use after H_NEXT_EVDATA */ + { + const Char *line = va_arg(va, const Char *); + void *d = va_arg(va, void *); + const Char *s; + if(!line || !(s = Strdup(line))) { + retval = -1; + break; + } + ((history_t *)h->h_ref)->cursor->ev.str = s; + ((history_t *)h->h_ref)->cursor->data = d; + retval = 0; + break; + } + + default: + retval = -1; + he_seterrev(ev, _HE_UNKNOWN); + break; + } + va_end(va); + return retval; +} diff --git a/lib/libedit/src/key.c b/lib/libedit/src/key.c new file mode 100644 index 000000000000..daf679fd5bb0 --- /dev/null +++ b/lib/libedit/src/key.c @@ -0,0 +1,665 @@ +/* $NetBSD: key.c,v 1.23 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)key.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: key.c,v 1.23 2009/12/30 22:37:40 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * key.c: This module contains the procedures for maintaining + * the extended-key map. + * + * An extended-key (key) is a sequence of keystrokes introduced + * with a sequence introducer and consisting of an arbitrary + * number of characters. This module maintains a map (the el->el_key.map) + * to convert these extended-key sequences into input strs + * (XK_STR), editor functions (XK_CMD), or unix commands (XK_EXE). + * + * Warning: + * If key is a substr of some other keys, then the longer + * keys are lost!! That is, if the keys "abcd" and "abcef" + * are in el->el_key.map, adding the key "abc" will cause the first two + * definitions to be lost. + * + * Restrictions: + * ------------- + * 1) It is not possible to have one key that is a + * substr of another. + */ +#include +#include + +#include "el.h" + +/* + * The Nodes of the el->el_key.map. The el->el_key.map is a linked list + * of these node elements + */ +struct key_node_t { + Char ch; /* single character of key */ + int type; /* node type */ + key_value_t val; /* command code or pointer to str, */ + /* if this is a leaf */ + struct key_node_t *next; /* ptr to next char of this key */ + struct key_node_t *sibling; /* ptr to another key with same prefix*/ +}; + +private int node_trav(EditLine *, key_node_t *, Char *, + key_value_t *); +private int node__try(EditLine *, key_node_t *, const Char *, + key_value_t *, int); +private key_node_t *node__get(Int); +private void node__free(key_node_t *); +private void node__put(EditLine *, key_node_t *); +private int node__delete(EditLine *, key_node_t **, const Char *); +private int node_lookup(EditLine *, const Char *, key_node_t *, + size_t); +private int node_enum(EditLine *, key_node_t *, size_t); + +#define KEY_BUFSIZ EL_BUFSIZ + + +/* key_init(): + * Initialize the key maps + */ +protected int +key_init(EditLine *el) +{ + + el->el_key.buf = el_malloc(KEY_BUFSIZ * sizeof(*el->el_key.buf)); + if (el->el_key.buf == NULL) + return (-1); + el->el_key.map = NULL; + key_reset(el); + return (0); +} + +/* key_end(): + * Free the key maps + */ +protected void +key_end(EditLine *el) +{ + + el_free((ptr_t) el->el_key.buf); + el->el_key.buf = NULL; + node__free(el->el_key.map); +} + + +/* key_map_cmd(): + * Associate cmd with a key value + */ +protected key_value_t * +key_map_cmd(EditLine *el, int cmd) +{ + + el->el_key.val.cmd = (el_action_t) cmd; + return (&el->el_key.val); +} + + +/* key_map_str(): + * Associate str with a key value + */ +protected key_value_t * +key_map_str(EditLine *el, Char *str) +{ + + el->el_key.val.str = str; + return (&el->el_key.val); +} + + +/* key_reset(): + * Takes all nodes on el->el_key.map and puts them on free list. Then + * initializes el->el_key.map with arrow keys + * [Always bind the ansi arrow keys?] + */ +protected void +key_reset(EditLine *el) +{ + + node__put(el, el->el_key.map); + el->el_key.map = NULL; + return; +} + + +/* key_get(): + * Calls the recursive function with entry point el->el_key.map + * Looks up *ch in map and then reads characters until a + * complete match is found or a mismatch occurs. Returns the + * type of the match found (XK_STR, XK_CMD, or XK_EXE). + * Returns NULL in val.str and XK_STR for no match. + * The last character read is returned in *ch. + */ +protected int +key_get(EditLine *el, Char *ch, key_value_t *val) +{ + + return (node_trav(el, el->el_key.map, ch, val)); +} + + +/* key_add(): + * Adds key to the el->el_key.map and associates the value in val with it. + * If key is already is in el->el_key.map, the new code is applied to the + * existing key. Ntype specifies if code is a command, an + * out str or a unix command. + */ +protected void +key_add(EditLine *el, const Char *key, key_value_t *val, int ntype) +{ + + if (key[0] == '\0') { + (void) fprintf(el->el_errfile, + "key_add: Null extended-key not allowed.\n"); + return; + } + if (ntype == XK_CMD && val->cmd == ED_SEQUENCE_LEAD_IN) { + (void) fprintf(el->el_errfile, + "key_add: sequence-lead-in command not allowed\n"); + return; + } + if (el->el_key.map == NULL) + /* tree is initially empty. Set up new node to match key[0] */ + el->el_key.map = node__get(key[0]); + /* it is properly initialized */ + + /* Now recurse through el->el_key.map */ + (void) node__try(el, el->el_key.map, key, val, ntype); + return; +} + + +/* key_clear(): + * + */ +protected void +key_clear(EditLine *el, el_action_t *map, const Char *in) +{ +#ifdef WIDECHAR + if (*in > N_KEYS) /* can't be in the map */ + return; +#endif + if ((map[(unsigned char)*in] == ED_SEQUENCE_LEAD_IN) && + ((map == el->el_map.key && + el->el_map.alt[(unsigned char)*in] != ED_SEQUENCE_LEAD_IN) || + (map == el->el_map.alt && + el->el_map.key[(unsigned char)*in] != ED_SEQUENCE_LEAD_IN))) + (void) key_delete(el, in); +} + + +/* key_delete(): + * Delete the key and all longer keys staring with key, if + * they exists. + */ +protected int +key_delete(EditLine *el, const Char *key) +{ + + if (key[0] == '\0') { + (void) fprintf(el->el_errfile, + "key_delete: Null extended-key not allowed.\n"); + return (-1); + } + if (el->el_key.map == NULL) + return (0); + + (void) node__delete(el, &el->el_key.map, key); + return (0); +} + + +/* key_print(): + * Print the binding associated with key key. + * Print entire el->el_key.map if null + */ +protected void +key_print(EditLine *el, const Char *key) +{ + + /* do nothing if el->el_key.map is empty and null key specified */ + if (el->el_key.map == NULL && *key == 0) + return; + + el->el_key.buf[0] = '"'; + if (node_lookup(el, key, el->el_key.map, 1) <= -1) + /* key is not bound */ + (void) fprintf(el->el_errfile, "Unbound extended key \"" FSTR "\"\n", + key); + return; +} + + +/* node_trav(): + * recursively traverses node in tree until match or mismatch is + * found. May read in more characters. + */ +private int +node_trav(EditLine *el, key_node_t *ptr, Char *ch, key_value_t *val) +{ + + if (ptr->ch == *ch) { + /* match found */ + if (ptr->next) { + /* key not complete so get next char */ + if (FUN(el,getc)(el, ch) != 1) {/* if EOF or error */ + val->cmd = ED_END_OF_FILE; + return (XK_CMD); + /* PWP: Pretend we just read an end-of-file */ + } + return (node_trav(el, ptr->next, ch, val)); + } else { + *val = ptr->val; + if (ptr->type != XK_CMD) + *ch = '\0'; + return (ptr->type); + } + } else { + /* no match found here */ + if (ptr->sibling) { + /* try next sibling */ + return (node_trav(el, ptr->sibling, ch, val)); + } else { + /* no next sibling -- mismatch */ + val->str = NULL; + return (XK_STR); + } + } +} + + +/* node__try(): + * Find a node that matches *str or allocate a new one + */ +private int +node__try(EditLine *el, key_node_t *ptr, const Char *str, key_value_t *val, int ntype) +{ + + if (ptr->ch != *str) { + key_node_t *xm; + + for (xm = ptr; xm->sibling != NULL; xm = xm->sibling) + if (xm->sibling->ch == *str) + break; + if (xm->sibling == NULL) + xm->sibling = node__get(*str); /* setup new node */ + ptr = xm->sibling; + } + if (*++str == '\0') { + /* we're there */ + if (ptr->next != NULL) { + node__put(el, ptr->next); + /* lose longer keys with this prefix */ + ptr->next = NULL; + } + switch (ptr->type) { + case XK_CMD: + case XK_NOD: + break; + case XK_STR: + case XK_EXE: + if (ptr->val.str) + el_free((ptr_t) ptr->val.str); + break; + default: + EL_ABORT((el->el_errfile, "Bad XK_ type %d\n", + ptr->type)); + break; + } + + switch (ptr->type = ntype) { + case XK_CMD: + ptr->val = *val; + break; + case XK_STR: + case XK_EXE: + if ((ptr->val.str = Strdup(val->str)) == NULL) + return -1; + break; + default: + EL_ABORT((el->el_errfile, "Bad XK_ type %d\n", ntype)); + break; + } + } else { + /* still more chars to go */ + if (ptr->next == NULL) + ptr->next = node__get(*str); /* setup new node */ + (void) node__try(el, ptr->next, str, val, ntype); + } + return (0); +} + + +/* node__delete(): + * Delete node that matches str + */ +private int +node__delete(EditLine *el, key_node_t **inptr, const Char *str) +{ + key_node_t *ptr; + key_node_t *prev_ptr = NULL; + + ptr = *inptr; + + if (ptr->ch != *str) { + key_node_t *xm; + + for (xm = ptr; xm->sibling != NULL; xm = xm->sibling) + if (xm->sibling->ch == *str) + break; + if (xm->sibling == NULL) + return (0); + prev_ptr = xm; + ptr = xm->sibling; + } + if (*++str == '\0') { + /* we're there */ + if (prev_ptr == NULL) + *inptr = ptr->sibling; + else + prev_ptr->sibling = ptr->sibling; + ptr->sibling = NULL; + node__put(el, ptr); + return (1); + } else if (ptr->next != NULL && + node__delete(el, &ptr->next, str) == 1) { + if (ptr->next != NULL) + return (0); + if (prev_ptr == NULL) + *inptr = ptr->sibling; + else + prev_ptr->sibling = ptr->sibling; + ptr->sibling = NULL; + node__put(el, ptr); + return (1); + } else { + return (0); + } +} + + +/* node__put(): + * Puts a tree of nodes onto free list using free(3). + */ +private void +node__put(EditLine *el, key_node_t *ptr) +{ + if (ptr == NULL) + return; + + if (ptr->next != NULL) { + node__put(el, ptr->next); + ptr->next = NULL; + } + node__put(el, ptr->sibling); + + switch (ptr->type) { + case XK_CMD: + case XK_NOD: + break; + case XK_EXE: + case XK_STR: + if (ptr->val.str != NULL) + el_free((ptr_t) ptr->val.str); + break; + default: + EL_ABORT((el->el_errfile, "Bad XK_ type %d\n", ptr->type)); + break; + } + el_free((ptr_t) ptr); +} + + +/* node__get(): + * Returns pointer to a key_node_t for ch. + */ +private key_node_t * +node__get(Int ch) +{ + key_node_t *ptr; + + ptr = (key_node_t *) el_malloc((size_t) sizeof(key_node_t)); + if (ptr == NULL) + return NULL; + ptr->ch = ch; + ptr->type = XK_NOD; + ptr->val.str = NULL; + ptr->next = NULL; + ptr->sibling = NULL; + return (ptr); +} + +private void +node__free(key_node_t *k) +{ + if (k == NULL) + return; + node__free(k->sibling); + node__free(k->next); + el_free((ptr_t) k); +} + +/* node_lookup(): + * look for the str starting at node ptr. + * Print if last node + */ +private int +node_lookup(EditLine *el, const Char *str, key_node_t *ptr, size_t cnt) +{ + ssize_t used; + + if (ptr == NULL) + return (-1); /* cannot have null ptr */ + + if (!str || *str == 0) { + /* no more chars in str. node_enum from here. */ + (void) node_enum(el, ptr, cnt); + return (0); + } else { + /* If match put this char into el->el_key.buf. Recurse */ + if (ptr->ch == *str) { + /* match found */ + used = ct_visual_char(el->el_key.buf + cnt, + KEY_BUFSIZ - cnt, ptr->ch); + if (used == -1) + return (-1); /* ran out of buffer space */ + if (ptr->next != NULL) + /* not yet at leaf */ + return (node_lookup(el, str + 1, ptr->next, + used + cnt)); + else { + /* next node is null so key should be complete */ + if (str[1] == 0) { + el->el_key.buf[cnt + used ] = '"'; + el->el_key.buf[cnt + used + 1] = '\0'; + key_kprint(el, el->el_key.buf, + &ptr->val, ptr->type); + return (0); + } else + return (-1); + /* mismatch -- str still has chars */ + } + } else { + /* no match found try sibling */ + if (ptr->sibling) + return (node_lookup(el, str, ptr->sibling, + cnt)); + else + return (-1); + } + } +} + + +/* node_enum(): + * Traverse the node printing the characters it is bound in buffer + */ +private int +node_enum(EditLine *el, key_node_t *ptr, size_t cnt) +{ + ssize_t used; + + if (cnt >= KEY_BUFSIZ - 5) { /* buffer too small */ + el->el_key.buf[++cnt] = '"'; + el->el_key.buf[++cnt] = '\0'; + (void) fprintf(el->el_errfile, + "Some extended keys too long for internal print buffer"); + (void) fprintf(el->el_errfile, " \"" FSTR "...\"\n", el->el_key.buf); + return (0); + } + if (ptr == NULL) { +#ifdef DEBUG_EDIT + (void) fprintf(el->el_errfile, + "node_enum: BUG!! Null ptr passed\n!"); +#endif + return (-1); + } + /* put this char at end of str */ + used = ct_visual_char(el->el_key.buf + cnt, KEY_BUFSIZ - cnt, ptr->ch); + if (ptr->next == NULL) { + /* print this key and function */ + el->el_key.buf[cnt + used ] = '"'; + el->el_key.buf[cnt + used + 1] = '\0'; + key_kprint(el, el->el_key.buf, &ptr->val, ptr->type); + } else + (void) node_enum(el, ptr->next, cnt + used); + + /* go to sibling if there is one */ + if (ptr->sibling) + (void) node_enum(el, ptr->sibling, cnt); + return (0); +} + + +/* key_kprint(): + * Print the specified key and its associated + * function specified by val + */ +protected void +key_kprint(EditLine *el, const Char *key, key_value_t *val, int ntype) +{ + el_bindings_t *fp; + char unparsbuf[EL_BUFSIZ]; + static const char fmt[] = "%-15s-> %s\n"; + + if (val != NULL) + switch (ntype) { + case XK_STR: + case XK_EXE: + (void) key__decode_str(val->str, unparsbuf, + sizeof(unparsbuf), + ntype == XK_STR ? "\"\"" : "[]"); + (void) fprintf(el->el_outfile, fmt, + ct_encode_string(key, &el->el_scratch), unparsbuf); + break; + case XK_CMD: + for (fp = el->el_map.help; fp->name; fp++) + if (val->cmd == fp->func) { + ct_wcstombs(unparsbuf, fp->name, sizeof(unparsbuf)); + unparsbuf[sizeof(unparsbuf) -1] = '\0'; + (void) fprintf(el->el_outfile, fmt, + ct_encode_string(key, &el->el_scratch), unparsbuf); + break; + } +#ifdef DEBUG_KEY + if (fp->name == NULL) + (void) fprintf(el->el_outfile, + "BUG! Command not found.\n"); +#endif + + break; + default: + EL_ABORT((el->el_errfile, "Bad XK_ type %d\n", ntype)); + break; + } + else + (void) fprintf(el->el_outfile, fmt, ct_encode_string(key, + &el->el_scratch), "no input"); +} + + +#define ADDC(c) \ + if (b < eb) \ + *b++ = c; \ + else \ + b++ +/* key__decode_str(): + * Make a printable version of the ey + */ +protected size_t +key__decode_str(const Char *str, char *buf, size_t len, const char *sep) +{ + char *b = buf, *eb = b + len; + const Char *p; + + b = buf; + if (sep[0] != '\0') { + ADDC(sep[0]); + } + if (*str == '\0') { + ADDC('^'); + ADDC('@'); + goto add_endsep; + } + for (p = str; *p != 0; p++) { + Char dbuf[VISUAL_WIDTH_MAX]; + Char *p2 = dbuf; + ssize_t l = ct_visual_char(dbuf, VISUAL_WIDTH_MAX, *p); + while (l-- > 0) { + ssize_t n = ct_encode_char(b, (size_t)(eb - b), *p2++); + if (n == -1) /* ran out of space */ + goto add_endsep; + else + b += n; + } + } +add_endsep: + if (sep[0] != '\0' && sep[1] != '\0') { + ADDC(sep[1]); + } + ADDC('\0'); + if ((size_t)(b - buf) >= len) + buf[len - 1] = '\0'; + return (size_t)(b - buf); +} + diff --git a/lib/libedit/src/key.h b/lib/libedit/src/key.h new file mode 100644 index 000000000000..8f067a0647c8 --- /dev/null +++ b/lib/libedit/src/key.h @@ -0,0 +1,80 @@ +/* $NetBSD: key.h,v 1.13 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)key.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * el.key.h: Key macro header + */ +#ifndef _h_el_key +#define _h_el_key + +typedef union key_value_t { + el_action_t cmd; /* If it is a command the # */ + Char *str; /* If it is a string... */ +} key_value_t; + +typedef struct key_node_t key_node_t; + +typedef struct el_key_t { + Char *buf; /* Key print buffer */ + key_node_t *map; /* Key map */ + key_value_t val; /* Local conversion buffer */ +} el_key_t; + +#define XK_CMD 0 +#define XK_STR 1 +#define XK_NOD 2 +#define XK_EXE 3 + +#undef key_end +#undef key_clear +#undef key_print + +protected int key_init(EditLine *); +protected void key_end(EditLine *); +protected key_value_t *key_map_cmd(EditLine *, int); +protected key_value_t *key_map_str(EditLine *, Char *); +protected void key_reset(EditLine *); +protected int key_get(EditLine *, Char *, key_value_t *); +protected void key_add(EditLine *, const Char *, key_value_t *, int); +protected void key_clear(EditLine *, el_action_t *, const Char *); +protected int key_delete(EditLine *, const Char *); +protected void key_print(EditLine *, const Char *); +protected void key_kprint(EditLine *, const Char *, key_value_t *, + int); +protected size_t key__decode_str(const Char *, char *, size_t, + const char *); + +#endif /* _h_el_key */ diff --git a/lib/libedit/src/makelist b/lib/libedit/src/makelist new file mode 100644 index 000000000000..662bc0704b4a --- /dev/null +++ b/lib/libedit/src/makelist @@ -0,0 +1,258 @@ +#!/bin/sh - +# $NetBSD: makelist,v 1.16 2010/04/18 21:17:05 christos Exp $ +# +# Copyright (c) 1992, 1993 +# The Regents of the University of California. All rights reserved. +# +# This code is derived from software contributed to Berkeley by +# Christos Zoulas of Cornell University. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# 3. Neither the name of the University nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# @(#)makelist 5.3 (Berkeley) 6/4/93 + +# makelist.sh: Automatically generate header files... + +USAGE="Usage: $0 -n|-h|-e|-fc|-fh|-bc|-bh|-m " + +if [ "x$1" = "x" ] +then + echo $USAGE 1>&2 + exit 1 +fi + +FLAG="$1" +shift + +FILES="$@" + +case $FLAG in + +# generate foo.h file from foo.c +# +-n) + cat << _EOF +#include "config.h" +#undef WIDECHAR +#define NARROWCHAR +#include "${FILES}" +_EOF + ;; + +-h) + set - `echo $FILES | sed -e 's/\\./_/g'` + hdr="_h_`basename $1`" + cat $FILES | $AWK ' + BEGIN { + printf("/* Automatically generated file, do not edit */\n"); + printf("#ifndef %s\n#define %s\n", "'$hdr'", "'$hdr'"); + } + /\(\):/ { + pr = substr($2, 1, 2); + if (pr == "vi" || pr == "em" || pr == "ed") { + name = substr($2, 1, length($2) - 3); +# +# XXX: need a space between name and prototype so that -fc and -fh +# parsing is much easier +# + printf("protected el_action_t\t%s (EditLine *, Int);\n", name); + } + } + END { + printf("#endif /* %s */\n", "'$hdr'"); + }' + ;; + +# generate help.c from various .c files +# +-bc) + cat $FILES | $AWK ' + BEGIN { + printf("/* Automatically generated file, do not edit */\n"); + printf("#include \"config.h\"\n#include \"el.h\"\n"); + printf("#include \"chartype.h\"\n"); + printf("private const struct el_bindings_t el_func_help[] = {\n"); + low = "abcdefghijklmnopqrstuvwxyz_"; + high = "ABCDEFGHIJKLMNOPQRSTUVWXYZ_"; + for (i = 1; i <= length(low); i++) + tr[substr(low, i, 1)] = substr(high, i, 1); + } + /\(\):/ { + pr = substr($2, 1, 2); + if (pr == "vi" || pr == "em" || pr == "ed") { + name = substr($2, 1, length($2) - 3); + uname = ""; + fname = ""; + for (i = 1; i <= length(name); i++) { + s = substr(name, i, 1); + uname = uname tr[s]; + if (s == "_") + s = "-"; + fname = fname s; + } + + printf(" { %-30.30s %-30.30s\n","STR(\"" fname "\"),", uname ","); + ok = 1; + } + } + /^ \*/ { + if (ok) { + printf(" STR(\""); + for (i = 2; i < NF; i++) + printf("%s ", $i); + printf("%s\") },\n", $i); + ok = 0; + } + } + END { + printf("};\n"); + printf("\nprotected const el_bindings_t* help__get()"); + printf("{ return el_func_help; }\n"); + }' + ;; + +# generate help.h from various .c files +# +-bh) + $AWK ' + BEGIN { + printf("/* Automatically generated file, do not edit */\n"); + printf("#ifndef _h_help_c\n#define _h_help_c\n"); + printf("protected const el_bindings_t *help__get(void);\n"); + printf("#endif /* _h_help_c */\n"); + }' /dev/null + ;; + +# generate fcns.h from various .h files +# +-fh) + cat $FILES | $AWK '/el_action_t/ { print $3 }' | \ + sort | tr '[a-z]' '[A-Z]' | $AWK ' + BEGIN { + printf("/* Automatically generated file, do not edit */\n"); + printf("#ifndef _h_fcns_c\n#define _h_fcns_c\n"); + count = 0; + } + { + printf("#define\t%-30.30s\t%3d\n", $1, count++); + } + END { + printf("#define\t%-30.30s\t%3d\n", "EL_NUM_FCNS", count); + + printf("typedef el_action_t (*el_func_t)(EditLine *, Int);"); + printf("\nprotected const el_func_t* func__get(void);\n"); + printf("#endif /* _h_fcns_c */\n"); + }' + ;; + +# generate fcns.c from various .h files +# +-fc) + cat $FILES | $AWK '/el_action_t/ { print $3 }' | sort | $AWK ' + BEGIN { + printf("/* Automatically generated file, do not edit */\n"); + printf("#include \"config.h\"\n#include \"el.h\"\n"); + printf("private const el_func_t el_func[] = {"); + maxlen = 80; + needn = 1; + len = 0; + } + { + clen = 25 + 2; + len += clen; + if (len >= maxlen) + needn = 1; + if (needn) { + printf("\n "); + needn = 0; + len = 4 + clen; + } + s = $1 ","; + printf("%-26.26s ", s); + } + END { + printf("\n};\n"); + printf("\nprotected const el_func_t* func__get() { return el_func; }\n"); + }' + ;; + +# generate editline.c from various .c files +# +-e) + echo "$FILES" | tr ' ' '\012' | $AWK ' + BEGIN { + printf("/* Automatically generated file, do not edit */\n"); + printf("#define protected static\n"); + printf("#define SCCSID\n"); + } + { + printf("#include \"%s\"\n", $1); + }' + ;; + +# generate man page fragment from various .c files +# +-m) + cat $FILES | $AWK ' + BEGIN { + printf(".\\\" Section automatically generated with makelist\n"); + printf(".Bl -tag -width 4n\n"); + } + /\(\):/ { + pr = substr($2, 1, 2); + if (pr == "vi" || pr == "em" || pr == "ed") { + name = substr($2, 1, length($2) - 3); + fname = ""; + for (i = 1; i <= length(name); i++) { + s = substr(name, i, 1); + if (s == "_") + s = "-"; + fname = fname s; + } + + printf(".It Ic %s\n", fname); + ok = 1; + } + } + /^ \*/ { + if (ok) { + for (i = 2; i < NF; i++) + printf("%s ", $i); + printf("%s.\n", $i); + ok = 0; + } + } + END { + printf(".El\n"); + printf(".\\\" End of section automatically generated with makelist\n"); + }' + ;; + +*) + echo $USAGE 1>&2 + exit 1 + ;; + +esac diff --git a/lib/libedit/src/map.c b/lib/libedit/src/map.c new file mode 100644 index 000000000000..e622060faff1 --- /dev/null +++ b/lib/libedit/src/map.c @@ -0,0 +1,1421 @@ +/* $NetBSD: map.c,v 1.25 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)map.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: map.c,v 1.25 2009/12/30 22:37:40 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * map.c: Editor function definitions + */ +#include +#include "el.h" + +private void map_print_key(EditLine *, el_action_t *, const Char *); +private void map_print_some_keys(EditLine *, el_action_t *, Int, Int); +private void map_print_all_keys(EditLine *); +private void map_init_nls(EditLine *); +private void map_init_meta(EditLine *); + +/* keymap tables ; should be N_KEYS*sizeof(KEYCMD) bytes long */ + + +private const el_action_t el_map_emacs[] = { + /* 0 */ EM_SET_MARK, /* ^@ */ + /* 1 */ ED_MOVE_TO_BEG, /* ^A */ + /* 2 */ ED_PREV_CHAR, /* ^B */ + /* 3 */ ED_TTY_SIGINT, /* ^C */ + /* 4 */ EM_DELETE_OR_LIST, /* ^D */ + /* 5 */ ED_MOVE_TO_END, /* ^E */ + /* 6 */ ED_NEXT_CHAR, /* ^F */ + /* 7 */ ED_UNASSIGNED, /* ^G */ + /* 8 */ EM_DELETE_PREV_CHAR, /* ^H */ + /* 9 */ ED_UNASSIGNED, /* ^I */ + /* 10 */ ED_NEWLINE, /* ^J */ + /* 11 */ ED_KILL_LINE, /* ^K */ + /* 12 */ ED_CLEAR_SCREEN, /* ^L */ + /* 13 */ ED_NEWLINE, /* ^M */ + /* 14 */ ED_NEXT_HISTORY, /* ^N */ + /* 15 */ ED_TTY_FLUSH_OUTPUT, /* ^O */ + /* 16 */ ED_PREV_HISTORY, /* ^P */ + /* 17 */ ED_TTY_START_OUTPUT, /* ^Q */ + /* 18 */ ED_REDISPLAY, /* ^R */ + /* 19 */ ED_TTY_STOP_OUTPUT, /* ^S */ + /* 20 */ ED_TRANSPOSE_CHARS, /* ^T */ + /* 21 */ EM_KILL_LINE, /* ^U */ + /* 22 */ ED_QUOTED_INSERT, /* ^V */ + /* 23 */ EM_KILL_REGION, /* ^W */ + /* 24 */ ED_SEQUENCE_LEAD_IN, /* ^X */ + /* 25 */ EM_YANK, /* ^Y */ + /* 26 */ ED_TTY_SIGTSTP, /* ^Z */ + /* 27 */ EM_META_NEXT, /* ^[ */ + /* 28 */ ED_TTY_SIGQUIT, /* ^\ */ + /* 29 */ ED_TTY_DSUSP, /* ^] */ + /* 30 */ ED_UNASSIGNED, /* ^^ */ + /* 31 */ ED_UNASSIGNED, /* ^_ */ + /* 32 */ ED_INSERT, /* SPACE */ + /* 33 */ ED_INSERT, /* ! */ + /* 34 */ ED_INSERT, /* " */ + /* 35 */ ED_INSERT, /* # */ + /* 36 */ ED_INSERT, /* $ */ + /* 37 */ ED_INSERT, /* % */ + /* 38 */ ED_INSERT, /* & */ + /* 39 */ ED_INSERT, /* ' */ + /* 40 */ ED_INSERT, /* ( */ + /* 41 */ ED_INSERT, /* ) */ + /* 42 */ ED_INSERT, /* * */ + /* 43 */ ED_INSERT, /* + */ + /* 44 */ ED_INSERT, /* , */ + /* 45 */ ED_INSERT, /* - */ + /* 46 */ ED_INSERT, /* . */ + /* 47 */ ED_INSERT, /* / */ + /* 48 */ ED_DIGIT, /* 0 */ + /* 49 */ ED_DIGIT, /* 1 */ + /* 50 */ ED_DIGIT, /* 2 */ + /* 51 */ ED_DIGIT, /* 3 */ + /* 52 */ ED_DIGIT, /* 4 */ + /* 53 */ ED_DIGIT, /* 5 */ + /* 54 */ ED_DIGIT, /* 6 */ + /* 55 */ ED_DIGIT, /* 7 */ + /* 56 */ ED_DIGIT, /* 8 */ + /* 57 */ ED_DIGIT, /* 9 */ + /* 58 */ ED_INSERT, /* : */ + /* 59 */ ED_INSERT, /* ; */ + /* 60 */ ED_INSERT, /* < */ + /* 61 */ ED_INSERT, /* = */ + /* 62 */ ED_INSERT, /* > */ + /* 63 */ ED_INSERT, /* ? */ + /* 64 */ ED_INSERT, /* @ */ + /* 65 */ ED_INSERT, /* A */ + /* 66 */ ED_INSERT, /* B */ + /* 67 */ ED_INSERT, /* C */ + /* 68 */ ED_INSERT, /* D */ + /* 69 */ ED_INSERT, /* E */ + /* 70 */ ED_INSERT, /* F */ + /* 71 */ ED_INSERT, /* G */ + /* 72 */ ED_INSERT, /* H */ + /* 73 */ ED_INSERT, /* I */ + /* 74 */ ED_INSERT, /* J */ + /* 75 */ ED_INSERT, /* K */ + /* 76 */ ED_INSERT, /* L */ + /* 77 */ ED_INSERT, /* M */ + /* 78 */ ED_INSERT, /* N */ + /* 79 */ ED_INSERT, /* O */ + /* 80 */ ED_INSERT, /* P */ + /* 81 */ ED_INSERT, /* Q */ + /* 82 */ ED_INSERT, /* R */ + /* 83 */ ED_INSERT, /* S */ + /* 84 */ ED_INSERT, /* T */ + /* 85 */ ED_INSERT, /* U */ + /* 86 */ ED_INSERT, /* V */ + /* 87 */ ED_INSERT, /* W */ + /* 88 */ ED_INSERT, /* X */ + /* 89 */ ED_INSERT, /* Y */ + /* 90 */ ED_INSERT, /* Z */ + /* 91 */ ED_INSERT, /* [ */ + /* 92 */ ED_INSERT, /* \ */ + /* 93 */ ED_INSERT, /* ] */ + /* 94 */ ED_INSERT, /* ^ */ + /* 95 */ ED_INSERT, /* _ */ + /* 96 */ ED_INSERT, /* ` */ + /* 97 */ ED_INSERT, /* a */ + /* 98 */ ED_INSERT, /* b */ + /* 99 */ ED_INSERT, /* c */ + /* 100 */ ED_INSERT, /* d */ + /* 101 */ ED_INSERT, /* e */ + /* 102 */ ED_INSERT, /* f */ + /* 103 */ ED_INSERT, /* g */ + /* 104 */ ED_INSERT, /* h */ + /* 105 */ ED_INSERT, /* i */ + /* 106 */ ED_INSERT, /* j */ + /* 107 */ ED_INSERT, /* k */ + /* 108 */ ED_INSERT, /* l */ + /* 109 */ ED_INSERT, /* m */ + /* 110 */ ED_INSERT, /* n */ + /* 111 */ ED_INSERT, /* o */ + /* 112 */ ED_INSERT, /* p */ + /* 113 */ ED_INSERT, /* q */ + /* 114 */ ED_INSERT, /* r */ + /* 115 */ ED_INSERT, /* s */ + /* 116 */ ED_INSERT, /* t */ + /* 117 */ ED_INSERT, /* u */ + /* 118 */ ED_INSERT, /* v */ + /* 119 */ ED_INSERT, /* w */ + /* 120 */ ED_INSERT, /* x */ + /* 121 */ ED_INSERT, /* y */ + /* 122 */ ED_INSERT, /* z */ + /* 123 */ ED_INSERT, /* { */ + /* 124 */ ED_INSERT, /* | */ + /* 125 */ ED_INSERT, /* } */ + /* 126 */ ED_INSERT, /* ~ */ + /* 127 */ EM_DELETE_PREV_CHAR, /* ^? */ + /* 128 */ ED_UNASSIGNED, /* M-^@ */ + /* 129 */ ED_UNASSIGNED, /* M-^A */ + /* 130 */ ED_UNASSIGNED, /* M-^B */ + /* 131 */ ED_UNASSIGNED, /* M-^C */ + /* 132 */ ED_UNASSIGNED, /* M-^D */ + /* 133 */ ED_UNASSIGNED, /* M-^E */ + /* 134 */ ED_UNASSIGNED, /* M-^F */ + /* 135 */ ED_UNASSIGNED, /* M-^G */ + /* 136 */ ED_DELETE_PREV_WORD, /* M-^H */ + /* 137 */ ED_UNASSIGNED, /* M-^I */ + /* 138 */ ED_UNASSIGNED, /* M-^J */ + /* 139 */ ED_UNASSIGNED, /* M-^K */ + /* 140 */ ED_CLEAR_SCREEN, /* M-^L */ + /* 141 */ ED_UNASSIGNED, /* M-^M */ + /* 142 */ ED_UNASSIGNED, /* M-^N */ + /* 143 */ ED_UNASSIGNED, /* M-^O */ + /* 144 */ ED_UNASSIGNED, /* M-^P */ + /* 145 */ ED_UNASSIGNED, /* M-^Q */ + /* 146 */ ED_UNASSIGNED, /* M-^R */ + /* 147 */ ED_UNASSIGNED, /* M-^S */ + /* 148 */ ED_UNASSIGNED, /* M-^T */ + /* 149 */ ED_UNASSIGNED, /* M-^U */ + /* 150 */ ED_UNASSIGNED, /* M-^V */ + /* 151 */ ED_UNASSIGNED, /* M-^W */ + /* 152 */ ED_UNASSIGNED, /* M-^X */ + /* 153 */ ED_UNASSIGNED, /* M-^Y */ + /* 154 */ ED_UNASSIGNED, /* M-^Z */ + /* 155 */ ED_UNASSIGNED, /* M-^[ */ + /* 156 */ ED_UNASSIGNED, /* M-^\ */ + /* 157 */ ED_UNASSIGNED, /* M-^] */ + /* 158 */ ED_UNASSIGNED, /* M-^^ */ + /* 159 */ EM_COPY_PREV_WORD, /* M-^_ */ + /* 160 */ ED_UNASSIGNED, /* M-SPACE */ + /* 161 */ ED_UNASSIGNED, /* M-! */ + /* 162 */ ED_UNASSIGNED, /* M-" */ + /* 163 */ ED_UNASSIGNED, /* M-# */ + /* 164 */ ED_UNASSIGNED, /* M-$ */ + /* 165 */ ED_UNASSIGNED, /* M-% */ + /* 166 */ ED_UNASSIGNED, /* M-& */ + /* 167 */ ED_UNASSIGNED, /* M-' */ + /* 168 */ ED_UNASSIGNED, /* M-( */ + /* 169 */ ED_UNASSIGNED, /* M-) */ + /* 170 */ ED_UNASSIGNED, /* M-* */ + /* 171 */ ED_UNASSIGNED, /* M-+ */ + /* 172 */ ED_UNASSIGNED, /* M-, */ + /* 173 */ ED_UNASSIGNED, /* M-- */ + /* 174 */ ED_UNASSIGNED, /* M-. */ + /* 175 */ ED_UNASSIGNED, /* M-/ */ + /* 176 */ ED_ARGUMENT_DIGIT, /* M-0 */ + /* 177 */ ED_ARGUMENT_DIGIT, /* M-1 */ + /* 178 */ ED_ARGUMENT_DIGIT, /* M-2 */ + /* 179 */ ED_ARGUMENT_DIGIT, /* M-3 */ + /* 180 */ ED_ARGUMENT_DIGIT, /* M-4 */ + /* 181 */ ED_ARGUMENT_DIGIT, /* M-5 */ + /* 182 */ ED_ARGUMENT_DIGIT, /* M-6 */ + /* 183 */ ED_ARGUMENT_DIGIT, /* M-7 */ + /* 184 */ ED_ARGUMENT_DIGIT, /* M-8 */ + /* 185 */ ED_ARGUMENT_DIGIT, /* M-9 */ + /* 186 */ ED_UNASSIGNED, /* M-: */ + /* 187 */ ED_UNASSIGNED, /* M-; */ + /* 188 */ ED_UNASSIGNED, /* M-< */ + /* 189 */ ED_UNASSIGNED, /* M-= */ + /* 190 */ ED_UNASSIGNED, /* M-> */ + /* 191 */ ED_UNASSIGNED, /* M-? */ + /* 192 */ ED_UNASSIGNED, /* M-@ */ + /* 193 */ ED_UNASSIGNED, /* M-A */ + /* 194 */ ED_PREV_WORD, /* M-B */ + /* 195 */ EM_CAPITOL_CASE, /* M-C */ + /* 196 */ EM_DELETE_NEXT_WORD, /* M-D */ + /* 197 */ ED_UNASSIGNED, /* M-E */ + /* 198 */ EM_NEXT_WORD, /* M-F */ + /* 199 */ ED_UNASSIGNED, /* M-G */ + /* 200 */ ED_UNASSIGNED, /* M-H */ + /* 201 */ ED_UNASSIGNED, /* M-I */ + /* 202 */ ED_UNASSIGNED, /* M-J */ + /* 203 */ ED_UNASSIGNED, /* M-K */ + /* 204 */ EM_LOWER_CASE, /* M-L */ + /* 205 */ ED_UNASSIGNED, /* M-M */ + /* 206 */ ED_SEARCH_NEXT_HISTORY, /* M-N */ + /* 207 */ ED_SEQUENCE_LEAD_IN, /* M-O */ + /* 208 */ ED_SEARCH_PREV_HISTORY, /* M-P */ + /* 209 */ ED_UNASSIGNED, /* M-Q */ + /* 210 */ ED_UNASSIGNED, /* M-R */ + /* 211 */ ED_UNASSIGNED, /* M-S */ + /* 212 */ ED_UNASSIGNED, /* M-T */ + /* 213 */ EM_UPPER_CASE, /* M-U */ + /* 214 */ ED_UNASSIGNED, /* M-V */ + /* 215 */ EM_COPY_REGION, /* M-W */ + /* 216 */ ED_COMMAND, /* M-X */ + /* 217 */ ED_UNASSIGNED, /* M-Y */ + /* 218 */ ED_UNASSIGNED, /* M-Z */ + /* 219 */ ED_SEQUENCE_LEAD_IN, /* M-[ */ + /* 220 */ ED_UNASSIGNED, /* M-\ */ + /* 221 */ ED_UNASSIGNED, /* M-] */ + /* 222 */ ED_UNASSIGNED, /* M-^ */ + /* 223 */ ED_UNASSIGNED, /* M-_ */ + /* 223 */ ED_UNASSIGNED, /* M-` */ + /* 224 */ ED_UNASSIGNED, /* M-a */ + /* 225 */ ED_PREV_WORD, /* M-b */ + /* 226 */ EM_CAPITOL_CASE, /* M-c */ + /* 227 */ EM_DELETE_NEXT_WORD, /* M-d */ + /* 228 */ ED_UNASSIGNED, /* M-e */ + /* 229 */ EM_NEXT_WORD, /* M-f */ + /* 230 */ ED_UNASSIGNED, /* M-g */ + /* 231 */ ED_UNASSIGNED, /* M-h */ + /* 232 */ ED_UNASSIGNED, /* M-i */ + /* 233 */ ED_UNASSIGNED, /* M-j */ + /* 234 */ ED_UNASSIGNED, /* M-k */ + /* 235 */ EM_LOWER_CASE, /* M-l */ + /* 236 */ ED_UNASSIGNED, /* M-m */ + /* 237 */ ED_SEARCH_NEXT_HISTORY, /* M-n */ + /* 238 */ ED_UNASSIGNED, /* M-o */ + /* 239 */ ED_SEARCH_PREV_HISTORY, /* M-p */ + /* 240 */ ED_UNASSIGNED, /* M-q */ + /* 241 */ ED_UNASSIGNED, /* M-r */ + /* 242 */ ED_UNASSIGNED, /* M-s */ + /* 243 */ ED_UNASSIGNED, /* M-t */ + /* 244 */ EM_UPPER_CASE, /* M-u */ + /* 245 */ ED_UNASSIGNED, /* M-v */ + /* 246 */ EM_COPY_REGION, /* M-w */ + /* 247 */ ED_COMMAND, /* M-x */ + /* 248 */ ED_UNASSIGNED, /* M-y */ + /* 249 */ ED_UNASSIGNED, /* M-z */ + /* 250 */ ED_UNASSIGNED, /* M-{ */ + /* 251 */ ED_UNASSIGNED, /* M-| */ + /* 252 */ ED_UNASSIGNED, /* M-} */ + /* 253 */ ED_UNASSIGNED, /* M-~ */ + /* 254 */ ED_DELETE_PREV_WORD /* M-^? */ + /* 255 */ +}; + + +/* + * keymap table for vi. Each index into above tbl; should be + * N_KEYS entries long. Vi mode uses a sticky-extend to do command mode: + * insert mode characters are in the normal keymap, and command mode + * in the extended keymap. + */ +private const el_action_t el_map_vi_insert[] = { +#ifdef KSHVI + /* 0 */ ED_UNASSIGNED, /* ^@ */ + /* 1 */ ED_INSERT, /* ^A */ + /* 2 */ ED_INSERT, /* ^B */ + /* 3 */ ED_INSERT, /* ^C */ + /* 4 */ VI_LIST_OR_EOF, /* ^D */ + /* 5 */ ED_INSERT, /* ^E */ + /* 6 */ ED_INSERT, /* ^F */ + /* 7 */ ED_INSERT, /* ^G */ + /* 8 */ VI_DELETE_PREV_CHAR, /* ^H */ /* BackSpace key */ + /* 9 */ ED_INSERT, /* ^I */ /* Tab Key */ + /* 10 */ ED_NEWLINE, /* ^J */ + /* 11 */ ED_INSERT, /* ^K */ + /* 12 */ ED_INSERT, /* ^L */ + /* 13 */ ED_NEWLINE, /* ^M */ + /* 14 */ ED_INSERT, /* ^N */ + /* 15 */ ED_INSERT, /* ^O */ + /* 16 */ ED_INSERT, /* ^P */ + /* 17 */ ED_TTY_START_OUTPUT, /* ^Q */ + /* 18 */ ED_INSERT, /* ^R */ + /* 19 */ ED_TTY_STOP_OUTPUT, /* ^S */ + /* 20 */ ED_INSERT, /* ^T */ + /* 21 */ VI_KILL_LINE_PREV, /* ^U */ + /* 22 */ ED_QUOTED_INSERT, /* ^V */ + /* 23 */ ED_DELETE_PREV_WORD, /* ^W */ + /* ED_DELETE_PREV_WORD: Only until strt edit pos */ + /* 24 */ ED_INSERT, /* ^X */ + /* 25 */ ED_INSERT, /* ^Y */ + /* 26 */ ED_INSERT, /* ^Z */ + /* 27 */ VI_COMMAND_MODE, /* ^[ */ /* [ Esc ] key */ + /* 28 */ ED_TTY_SIGQUIT, /* ^\ */ + /* 29 */ ED_INSERT, /* ^] */ + /* 30 */ ED_INSERT, /* ^^ */ + /* 31 */ ED_INSERT, /* ^_ */ +#else /* !KSHVI */ + /* + * NOTE: These mappings do NOT Correspond well + * to the KSH VI editing assignments. + * On the other and they are convenient and + * many people have have gotten used to them. + */ + /* 0 */ ED_UNASSIGNED, /* ^@ */ + /* 1 */ ED_MOVE_TO_BEG, /* ^A */ + /* 2 */ ED_PREV_CHAR, /* ^B */ + /* 3 */ ED_TTY_SIGINT, /* ^C */ + /* 4 */ VI_LIST_OR_EOF, /* ^D */ + /* 5 */ ED_MOVE_TO_END, /* ^E */ + /* 6 */ ED_NEXT_CHAR, /* ^F */ + /* 7 */ ED_UNASSIGNED, /* ^G */ + /* 8 */ VI_DELETE_PREV_CHAR, /* ^H */ /* BackSpace key */ + /* 9 */ ED_UNASSIGNED, /* ^I */ /* Tab Key */ + /* 10 */ ED_NEWLINE, /* ^J */ + /* 11 */ ED_KILL_LINE, /* ^K */ + /* 12 */ ED_CLEAR_SCREEN, /* ^L */ + /* 13 */ ED_NEWLINE, /* ^M */ + /* 14 */ ED_NEXT_HISTORY, /* ^N */ + /* 15 */ ED_TTY_FLUSH_OUTPUT, /* ^O */ + /* 16 */ ED_PREV_HISTORY, /* ^P */ + /* 17 */ ED_TTY_START_OUTPUT, /* ^Q */ + /* 18 */ ED_REDISPLAY, /* ^R */ + /* 19 */ ED_TTY_STOP_OUTPUT, /* ^S */ + /* 20 */ ED_TRANSPOSE_CHARS, /* ^T */ + /* 21 */ VI_KILL_LINE_PREV, /* ^U */ + /* 22 */ ED_QUOTED_INSERT, /* ^V */ + /* 23 */ ED_DELETE_PREV_WORD, /* ^W */ + /* 24 */ ED_UNASSIGNED, /* ^X */ + /* 25 */ ED_TTY_DSUSP, /* ^Y */ + /* 26 */ ED_TTY_SIGTSTP, /* ^Z */ + /* 27 */ VI_COMMAND_MODE, /* ^[ */ + /* 28 */ ED_TTY_SIGQUIT, /* ^\ */ + /* 29 */ ED_UNASSIGNED, /* ^] */ + /* 30 */ ED_UNASSIGNED, /* ^^ */ + /* 31 */ ED_UNASSIGNED, /* ^_ */ +#endif /* KSHVI */ + /* 32 */ ED_INSERT, /* SPACE */ + /* 33 */ ED_INSERT, /* ! */ + /* 34 */ ED_INSERT, /* " */ + /* 35 */ ED_INSERT, /* # */ + /* 36 */ ED_INSERT, /* $ */ + /* 37 */ ED_INSERT, /* % */ + /* 38 */ ED_INSERT, /* & */ + /* 39 */ ED_INSERT, /* ' */ + /* 40 */ ED_INSERT, /* ( */ + /* 41 */ ED_INSERT, /* ) */ + /* 42 */ ED_INSERT, /* * */ + /* 43 */ ED_INSERT, /* + */ + /* 44 */ ED_INSERT, /* , */ + /* 45 */ ED_INSERT, /* - */ + /* 46 */ ED_INSERT, /* . */ + /* 47 */ ED_INSERT, /* / */ + /* 48 */ ED_INSERT, /* 0 */ + /* 49 */ ED_INSERT, /* 1 */ + /* 50 */ ED_INSERT, /* 2 */ + /* 51 */ ED_INSERT, /* 3 */ + /* 52 */ ED_INSERT, /* 4 */ + /* 53 */ ED_INSERT, /* 5 */ + /* 54 */ ED_INSERT, /* 6 */ + /* 55 */ ED_INSERT, /* 7 */ + /* 56 */ ED_INSERT, /* 8 */ + /* 57 */ ED_INSERT, /* 9 */ + /* 58 */ ED_INSERT, /* : */ + /* 59 */ ED_INSERT, /* ; */ + /* 60 */ ED_INSERT, /* < */ + /* 61 */ ED_INSERT, /* = */ + /* 62 */ ED_INSERT, /* > */ + /* 63 */ ED_INSERT, /* ? */ + /* 64 */ ED_INSERT, /* @ */ + /* 65 */ ED_INSERT, /* A */ + /* 66 */ ED_INSERT, /* B */ + /* 67 */ ED_INSERT, /* C */ + /* 68 */ ED_INSERT, /* D */ + /* 69 */ ED_INSERT, /* E */ + /* 70 */ ED_INSERT, /* F */ + /* 71 */ ED_INSERT, /* G */ + /* 72 */ ED_INSERT, /* H */ + /* 73 */ ED_INSERT, /* I */ + /* 74 */ ED_INSERT, /* J */ + /* 75 */ ED_INSERT, /* K */ + /* 76 */ ED_INSERT, /* L */ + /* 77 */ ED_INSERT, /* M */ + /* 78 */ ED_INSERT, /* N */ + /* 79 */ ED_INSERT, /* O */ + /* 80 */ ED_INSERT, /* P */ + /* 81 */ ED_INSERT, /* Q */ + /* 82 */ ED_INSERT, /* R */ + /* 83 */ ED_INSERT, /* S */ + /* 84 */ ED_INSERT, /* T */ + /* 85 */ ED_INSERT, /* U */ + /* 86 */ ED_INSERT, /* V */ + /* 87 */ ED_INSERT, /* W */ + /* 88 */ ED_INSERT, /* X */ + /* 89 */ ED_INSERT, /* Y */ + /* 90 */ ED_INSERT, /* Z */ + /* 91 */ ED_INSERT, /* [ */ + /* 92 */ ED_INSERT, /* \ */ + /* 93 */ ED_INSERT, /* ] */ + /* 94 */ ED_INSERT, /* ^ */ + /* 95 */ ED_INSERT, /* _ */ + /* 96 */ ED_INSERT, /* ` */ + /* 97 */ ED_INSERT, /* a */ + /* 98 */ ED_INSERT, /* b */ + /* 99 */ ED_INSERT, /* c */ + /* 100 */ ED_INSERT, /* d */ + /* 101 */ ED_INSERT, /* e */ + /* 102 */ ED_INSERT, /* f */ + /* 103 */ ED_INSERT, /* g */ + /* 104 */ ED_INSERT, /* h */ + /* 105 */ ED_INSERT, /* i */ + /* 106 */ ED_INSERT, /* j */ + /* 107 */ ED_INSERT, /* k */ + /* 108 */ ED_INSERT, /* l */ + /* 109 */ ED_INSERT, /* m */ + /* 110 */ ED_INSERT, /* n */ + /* 111 */ ED_INSERT, /* o */ + /* 112 */ ED_INSERT, /* p */ + /* 113 */ ED_INSERT, /* q */ + /* 114 */ ED_INSERT, /* r */ + /* 115 */ ED_INSERT, /* s */ + /* 116 */ ED_INSERT, /* t */ + /* 117 */ ED_INSERT, /* u */ + /* 118 */ ED_INSERT, /* v */ + /* 119 */ ED_INSERT, /* w */ + /* 120 */ ED_INSERT, /* x */ + /* 121 */ ED_INSERT, /* y */ + /* 122 */ ED_INSERT, /* z */ + /* 123 */ ED_INSERT, /* { */ + /* 124 */ ED_INSERT, /* | */ + /* 125 */ ED_INSERT, /* } */ + /* 126 */ ED_INSERT, /* ~ */ + /* 127 */ VI_DELETE_PREV_CHAR, /* ^? */ + /* 128 */ ED_INSERT, /* M-^@ */ + /* 129 */ ED_INSERT, /* M-^A */ + /* 130 */ ED_INSERT, /* M-^B */ + /* 131 */ ED_INSERT, /* M-^C */ + /* 132 */ ED_INSERT, /* M-^D */ + /* 133 */ ED_INSERT, /* M-^E */ + /* 134 */ ED_INSERT, /* M-^F */ + /* 135 */ ED_INSERT, /* M-^G */ + /* 136 */ ED_INSERT, /* M-^H */ + /* 137 */ ED_INSERT, /* M-^I */ + /* 138 */ ED_INSERT, /* M-^J */ + /* 139 */ ED_INSERT, /* M-^K */ + /* 140 */ ED_INSERT, /* M-^L */ + /* 141 */ ED_INSERT, /* M-^M */ + /* 142 */ ED_INSERT, /* M-^N */ + /* 143 */ ED_INSERT, /* M-^O */ + /* 144 */ ED_INSERT, /* M-^P */ + /* 145 */ ED_INSERT, /* M-^Q */ + /* 146 */ ED_INSERT, /* M-^R */ + /* 147 */ ED_INSERT, /* M-^S */ + /* 148 */ ED_INSERT, /* M-^T */ + /* 149 */ ED_INSERT, /* M-^U */ + /* 150 */ ED_INSERT, /* M-^V */ + /* 151 */ ED_INSERT, /* M-^W */ + /* 152 */ ED_INSERT, /* M-^X */ + /* 153 */ ED_INSERT, /* M-^Y */ + /* 154 */ ED_INSERT, /* M-^Z */ + /* 155 */ ED_INSERT, /* M-^[ */ + /* 156 */ ED_INSERT, /* M-^\ */ + /* 157 */ ED_INSERT, /* M-^] */ + /* 158 */ ED_INSERT, /* M-^^ */ + /* 159 */ ED_INSERT, /* M-^_ */ + /* 160 */ ED_INSERT, /* M-SPACE */ + /* 161 */ ED_INSERT, /* M-! */ + /* 162 */ ED_INSERT, /* M-" */ + /* 163 */ ED_INSERT, /* M-# */ + /* 164 */ ED_INSERT, /* M-$ */ + /* 165 */ ED_INSERT, /* M-% */ + /* 166 */ ED_INSERT, /* M-& */ + /* 167 */ ED_INSERT, /* M-' */ + /* 168 */ ED_INSERT, /* M-( */ + /* 169 */ ED_INSERT, /* M-) */ + /* 170 */ ED_INSERT, /* M-* */ + /* 171 */ ED_INSERT, /* M-+ */ + /* 172 */ ED_INSERT, /* M-, */ + /* 173 */ ED_INSERT, /* M-- */ + /* 174 */ ED_INSERT, /* M-. */ + /* 175 */ ED_INSERT, /* M-/ */ + /* 176 */ ED_INSERT, /* M-0 */ + /* 177 */ ED_INSERT, /* M-1 */ + /* 178 */ ED_INSERT, /* M-2 */ + /* 179 */ ED_INSERT, /* M-3 */ + /* 180 */ ED_INSERT, /* M-4 */ + /* 181 */ ED_INSERT, /* M-5 */ + /* 182 */ ED_INSERT, /* M-6 */ + /* 183 */ ED_INSERT, /* M-7 */ + /* 184 */ ED_INSERT, /* M-8 */ + /* 185 */ ED_INSERT, /* M-9 */ + /* 186 */ ED_INSERT, /* M-: */ + /* 187 */ ED_INSERT, /* M-; */ + /* 188 */ ED_INSERT, /* M-< */ + /* 189 */ ED_INSERT, /* M-= */ + /* 190 */ ED_INSERT, /* M-> */ + /* 191 */ ED_INSERT, /* M-? */ + /* 192 */ ED_INSERT, /* M-@ */ + /* 193 */ ED_INSERT, /* M-A */ + /* 194 */ ED_INSERT, /* M-B */ + /* 195 */ ED_INSERT, /* M-C */ + /* 196 */ ED_INSERT, /* M-D */ + /* 197 */ ED_INSERT, /* M-E */ + /* 198 */ ED_INSERT, /* M-F */ + /* 199 */ ED_INSERT, /* M-G */ + /* 200 */ ED_INSERT, /* M-H */ + /* 201 */ ED_INSERT, /* M-I */ + /* 202 */ ED_INSERT, /* M-J */ + /* 203 */ ED_INSERT, /* M-K */ + /* 204 */ ED_INSERT, /* M-L */ + /* 205 */ ED_INSERT, /* M-M */ + /* 206 */ ED_INSERT, /* M-N */ + /* 207 */ ED_INSERT, /* M-O */ + /* 208 */ ED_INSERT, /* M-P */ + /* 209 */ ED_INSERT, /* M-Q */ + /* 210 */ ED_INSERT, /* M-R */ + /* 211 */ ED_INSERT, /* M-S */ + /* 212 */ ED_INSERT, /* M-T */ + /* 213 */ ED_INSERT, /* M-U */ + /* 214 */ ED_INSERT, /* M-V */ + /* 215 */ ED_INSERT, /* M-W */ + /* 216 */ ED_INSERT, /* M-X */ + /* 217 */ ED_INSERT, /* M-Y */ + /* 218 */ ED_INSERT, /* M-Z */ + /* 219 */ ED_INSERT, /* M-[ */ + /* 220 */ ED_INSERT, /* M-\ */ + /* 221 */ ED_INSERT, /* M-] */ + /* 222 */ ED_INSERT, /* M-^ */ + /* 223 */ ED_INSERT, /* M-_ */ + /* 224 */ ED_INSERT, /* M-` */ + /* 225 */ ED_INSERT, /* M-a */ + /* 226 */ ED_INSERT, /* M-b */ + /* 227 */ ED_INSERT, /* M-c */ + /* 228 */ ED_INSERT, /* M-d */ + /* 229 */ ED_INSERT, /* M-e */ + /* 230 */ ED_INSERT, /* M-f */ + /* 231 */ ED_INSERT, /* M-g */ + /* 232 */ ED_INSERT, /* M-h */ + /* 233 */ ED_INSERT, /* M-i */ + /* 234 */ ED_INSERT, /* M-j */ + /* 235 */ ED_INSERT, /* M-k */ + /* 236 */ ED_INSERT, /* M-l */ + /* 237 */ ED_INSERT, /* M-m */ + /* 238 */ ED_INSERT, /* M-n */ + /* 239 */ ED_INSERT, /* M-o */ + /* 240 */ ED_INSERT, /* M-p */ + /* 241 */ ED_INSERT, /* M-q */ + /* 242 */ ED_INSERT, /* M-r */ + /* 243 */ ED_INSERT, /* M-s */ + /* 244 */ ED_INSERT, /* M-t */ + /* 245 */ ED_INSERT, /* M-u */ + /* 246 */ ED_INSERT, /* M-v */ + /* 247 */ ED_INSERT, /* M-w */ + /* 248 */ ED_INSERT, /* M-x */ + /* 249 */ ED_INSERT, /* M-y */ + /* 250 */ ED_INSERT, /* M-z */ + /* 251 */ ED_INSERT, /* M-{ */ + /* 252 */ ED_INSERT, /* M-| */ + /* 253 */ ED_INSERT, /* M-} */ + /* 254 */ ED_INSERT, /* M-~ */ + /* 255 */ ED_INSERT /* M-^? */ +}; + +private const el_action_t el_map_vi_command[] = { + /* 0 */ ED_UNASSIGNED, /* ^@ */ + /* 1 */ ED_MOVE_TO_BEG, /* ^A */ + /* 2 */ ED_UNASSIGNED, /* ^B */ + /* 3 */ ED_TTY_SIGINT, /* ^C */ + /* 4 */ ED_UNASSIGNED, /* ^D */ + /* 5 */ ED_MOVE_TO_END, /* ^E */ + /* 6 */ ED_UNASSIGNED, /* ^F */ + /* 7 */ ED_UNASSIGNED, /* ^G */ + /* 8 */ ED_DELETE_PREV_CHAR, /* ^H */ + /* 9 */ ED_UNASSIGNED, /* ^I */ + /* 10 */ ED_NEWLINE, /* ^J */ + /* 11 */ ED_KILL_LINE, /* ^K */ + /* 12 */ ED_CLEAR_SCREEN, /* ^L */ + /* 13 */ ED_NEWLINE, /* ^M */ + /* 14 */ ED_NEXT_HISTORY, /* ^N */ + /* 15 */ ED_TTY_FLUSH_OUTPUT, /* ^O */ + /* 16 */ ED_PREV_HISTORY, /* ^P */ + /* 17 */ ED_TTY_START_OUTPUT, /* ^Q */ + /* 18 */ ED_REDISPLAY, /* ^R */ + /* 19 */ ED_TTY_STOP_OUTPUT, /* ^S */ + /* 20 */ ED_UNASSIGNED, /* ^T */ + /* 21 */ VI_KILL_LINE_PREV, /* ^U */ + /* 22 */ ED_UNASSIGNED, /* ^V */ + /* 23 */ ED_DELETE_PREV_WORD, /* ^W */ + /* 24 */ ED_UNASSIGNED, /* ^X */ + /* 25 */ ED_UNASSIGNED, /* ^Y */ + /* 26 */ ED_UNASSIGNED, /* ^Z */ + /* 27 */ EM_META_NEXT, /* ^[ */ + /* 28 */ ED_TTY_SIGQUIT, /* ^\ */ + /* 29 */ ED_UNASSIGNED, /* ^] */ + /* 30 */ ED_UNASSIGNED, /* ^^ */ + /* 31 */ ED_UNASSIGNED, /* ^_ */ + /* 32 */ ED_NEXT_CHAR, /* SPACE */ + /* 33 */ ED_UNASSIGNED, /* ! */ + /* 34 */ ED_UNASSIGNED, /* " */ + /* 35 */ VI_COMMENT_OUT, /* # */ + /* 36 */ ED_MOVE_TO_END, /* $ */ + /* 37 */ VI_MATCH, /* % */ + /* 38 */ ED_UNASSIGNED, /* & */ + /* 39 */ ED_UNASSIGNED, /* ' */ + /* 40 */ ED_UNASSIGNED, /* ( */ + /* 41 */ ED_UNASSIGNED, /* ) */ + /* 42 */ ED_UNASSIGNED, /* * */ + /* 43 */ ED_NEXT_HISTORY, /* + */ + /* 44 */ VI_REPEAT_PREV_CHAR, /* , */ + /* 45 */ ED_PREV_HISTORY, /* - */ + /* 46 */ VI_REDO, /* . */ + /* 47 */ VI_SEARCH_PREV, /* / */ + /* 48 */ VI_ZERO, /* 0 */ + /* 49 */ ED_ARGUMENT_DIGIT, /* 1 */ + /* 50 */ ED_ARGUMENT_DIGIT, /* 2 */ + /* 51 */ ED_ARGUMENT_DIGIT, /* 3 */ + /* 52 */ ED_ARGUMENT_DIGIT, /* 4 */ + /* 53 */ ED_ARGUMENT_DIGIT, /* 5 */ + /* 54 */ ED_ARGUMENT_DIGIT, /* 6 */ + /* 55 */ ED_ARGUMENT_DIGIT, /* 7 */ + /* 56 */ ED_ARGUMENT_DIGIT, /* 8 */ + /* 57 */ ED_ARGUMENT_DIGIT, /* 9 */ + /* 58 */ ED_COMMAND, /* : */ + /* 59 */ VI_REPEAT_NEXT_CHAR, /* ; */ + /* 60 */ ED_UNASSIGNED, /* < */ + /* 61 */ ED_UNASSIGNED, /* = */ + /* 62 */ ED_UNASSIGNED, /* > */ + /* 63 */ VI_SEARCH_NEXT, /* ? */ + /* 64 */ VI_ALIAS, /* @ */ + /* 65 */ VI_ADD_AT_EOL, /* A */ + /* 66 */ VI_PREV_BIG_WORD, /* B */ + /* 67 */ VI_CHANGE_TO_EOL, /* C */ + /* 68 */ ED_KILL_LINE, /* D */ + /* 69 */ VI_END_BIG_WORD, /* E */ + /* 70 */ VI_PREV_CHAR, /* F */ + /* 71 */ VI_TO_HISTORY_LINE, /* G */ + /* 72 */ ED_UNASSIGNED, /* H */ + /* 73 */ VI_INSERT_AT_BOL, /* I */ + /* 74 */ ED_SEARCH_NEXT_HISTORY, /* J */ + /* 75 */ ED_SEARCH_PREV_HISTORY, /* K */ + /* 76 */ ED_UNASSIGNED, /* L */ + /* 77 */ ED_UNASSIGNED, /* M */ + /* 78 */ VI_REPEAT_SEARCH_PREV, /* N */ + /* 79 */ ED_SEQUENCE_LEAD_IN, /* O */ + /* 80 */ VI_PASTE_PREV, /* P */ + /* 81 */ ED_UNASSIGNED, /* Q */ + /* 82 */ VI_REPLACE_MODE, /* R */ + /* 83 */ VI_SUBSTITUTE_LINE, /* S */ + /* 84 */ VI_TO_PREV_CHAR, /* T */ + /* 85 */ VI_UNDO_LINE, /* U */ + /* 86 */ ED_UNASSIGNED, /* V */ + /* 87 */ VI_NEXT_BIG_WORD, /* W */ + /* 88 */ ED_DELETE_PREV_CHAR, /* X */ + /* 89 */ VI_YANK_END, /* Y */ + /* 90 */ ED_UNASSIGNED, /* Z */ + /* 91 */ ED_SEQUENCE_LEAD_IN, /* [ */ + /* 92 */ ED_UNASSIGNED, /* \ */ + /* 93 */ ED_UNASSIGNED, /* ] */ + /* 94 */ ED_MOVE_TO_BEG, /* ^ */ + /* 95 */ VI_HISTORY_WORD, /* _ */ + /* 96 */ ED_UNASSIGNED, /* ` */ + /* 97 */ VI_ADD, /* a */ + /* 98 */ VI_PREV_WORD, /* b */ + /* 99 */ VI_CHANGE_META, /* c */ + /* 100 */ VI_DELETE_META, /* d */ + /* 101 */ VI_END_WORD, /* e */ + /* 102 */ VI_NEXT_CHAR, /* f */ + /* 103 */ ED_UNASSIGNED, /* g */ + /* 104 */ ED_PREV_CHAR, /* h */ + /* 105 */ VI_INSERT, /* i */ + /* 106 */ ED_NEXT_HISTORY, /* j */ + /* 107 */ ED_PREV_HISTORY, /* k */ + /* 108 */ ED_NEXT_CHAR, /* l */ + /* 109 */ ED_UNASSIGNED, /* m */ + /* 110 */ VI_REPEAT_SEARCH_NEXT, /* n */ + /* 111 */ ED_UNASSIGNED, /* o */ + /* 112 */ VI_PASTE_NEXT, /* p */ + /* 113 */ ED_UNASSIGNED, /* q */ + /* 114 */ VI_REPLACE_CHAR, /* r */ + /* 115 */ VI_SUBSTITUTE_CHAR, /* s */ + /* 116 */ VI_TO_NEXT_CHAR, /* t */ + /* 117 */ VI_UNDO, /* u */ + /* 118 */ VI_HISTEDIT, /* v */ + /* 119 */ VI_NEXT_WORD, /* w */ + /* 120 */ ED_DELETE_NEXT_CHAR, /* x */ + /* 121 */ VI_YANK, /* y */ + /* 122 */ ED_UNASSIGNED, /* z */ + /* 123 */ ED_UNASSIGNED, /* { */ + /* 124 */ VI_TO_COLUMN, /* | */ + /* 125 */ ED_UNASSIGNED, /* } */ + /* 126 */ VI_CHANGE_CASE, /* ~ */ + /* 127 */ ED_DELETE_PREV_CHAR, /* ^? */ + /* 128 */ ED_UNASSIGNED, /* M-^@ */ + /* 129 */ ED_UNASSIGNED, /* M-^A */ + /* 130 */ ED_UNASSIGNED, /* M-^B */ + /* 131 */ ED_UNASSIGNED, /* M-^C */ + /* 132 */ ED_UNASSIGNED, /* M-^D */ + /* 133 */ ED_UNASSIGNED, /* M-^E */ + /* 134 */ ED_UNASSIGNED, /* M-^F */ + /* 135 */ ED_UNASSIGNED, /* M-^G */ + /* 136 */ ED_UNASSIGNED, /* M-^H */ + /* 137 */ ED_UNASSIGNED, /* M-^I */ + /* 138 */ ED_UNASSIGNED, /* M-^J */ + /* 139 */ ED_UNASSIGNED, /* M-^K */ + /* 140 */ ED_UNASSIGNED, /* M-^L */ + /* 141 */ ED_UNASSIGNED, /* M-^M */ + /* 142 */ ED_UNASSIGNED, /* M-^N */ + /* 143 */ ED_UNASSIGNED, /* M-^O */ + /* 144 */ ED_UNASSIGNED, /* M-^P */ + /* 145 */ ED_UNASSIGNED, /* M-^Q */ + /* 146 */ ED_UNASSIGNED, /* M-^R */ + /* 147 */ ED_UNASSIGNED, /* M-^S */ + /* 148 */ ED_UNASSIGNED, /* M-^T */ + /* 149 */ ED_UNASSIGNED, /* M-^U */ + /* 150 */ ED_UNASSIGNED, /* M-^V */ + /* 151 */ ED_UNASSIGNED, /* M-^W */ + /* 152 */ ED_UNASSIGNED, /* M-^X */ + /* 153 */ ED_UNASSIGNED, /* M-^Y */ + /* 154 */ ED_UNASSIGNED, /* M-^Z */ + /* 155 */ ED_UNASSIGNED, /* M-^[ */ + /* 156 */ ED_UNASSIGNED, /* M-^\ */ + /* 157 */ ED_UNASSIGNED, /* M-^] */ + /* 158 */ ED_UNASSIGNED, /* M-^^ */ + /* 159 */ ED_UNASSIGNED, /* M-^_ */ + /* 160 */ ED_UNASSIGNED, /* M-SPACE */ + /* 161 */ ED_UNASSIGNED, /* M-! */ + /* 162 */ ED_UNASSIGNED, /* M-" */ + /* 163 */ ED_UNASSIGNED, /* M-# */ + /* 164 */ ED_UNASSIGNED, /* M-$ */ + /* 165 */ ED_UNASSIGNED, /* M-% */ + /* 166 */ ED_UNASSIGNED, /* M-& */ + /* 167 */ ED_UNASSIGNED, /* M-' */ + /* 168 */ ED_UNASSIGNED, /* M-( */ + /* 169 */ ED_UNASSIGNED, /* M-) */ + /* 170 */ ED_UNASSIGNED, /* M-* */ + /* 171 */ ED_UNASSIGNED, /* M-+ */ + /* 172 */ ED_UNASSIGNED, /* M-, */ + /* 173 */ ED_UNASSIGNED, /* M-- */ + /* 174 */ ED_UNASSIGNED, /* M-. */ + /* 175 */ ED_UNASSIGNED, /* M-/ */ + /* 176 */ ED_UNASSIGNED, /* M-0 */ + /* 177 */ ED_UNASSIGNED, /* M-1 */ + /* 178 */ ED_UNASSIGNED, /* M-2 */ + /* 179 */ ED_UNASSIGNED, /* M-3 */ + /* 180 */ ED_UNASSIGNED, /* M-4 */ + /* 181 */ ED_UNASSIGNED, /* M-5 */ + /* 182 */ ED_UNASSIGNED, /* M-6 */ + /* 183 */ ED_UNASSIGNED, /* M-7 */ + /* 184 */ ED_UNASSIGNED, /* M-8 */ + /* 185 */ ED_UNASSIGNED, /* M-9 */ + /* 186 */ ED_UNASSIGNED, /* M-: */ + /* 187 */ ED_UNASSIGNED, /* M-; */ + /* 188 */ ED_UNASSIGNED, /* M-< */ + /* 189 */ ED_UNASSIGNED, /* M-= */ + /* 190 */ ED_UNASSIGNED, /* M-> */ + /* 191 */ ED_UNASSIGNED, /* M-? */ + /* 192 */ ED_UNASSIGNED, /* M-@ */ + /* 193 */ ED_UNASSIGNED, /* M-A */ + /* 194 */ ED_UNASSIGNED, /* M-B */ + /* 195 */ ED_UNASSIGNED, /* M-C */ + /* 196 */ ED_UNASSIGNED, /* M-D */ + /* 197 */ ED_UNASSIGNED, /* M-E */ + /* 198 */ ED_UNASSIGNED, /* M-F */ + /* 199 */ ED_UNASSIGNED, /* M-G */ + /* 200 */ ED_UNASSIGNED, /* M-H */ + /* 201 */ ED_UNASSIGNED, /* M-I */ + /* 202 */ ED_UNASSIGNED, /* M-J */ + /* 203 */ ED_UNASSIGNED, /* M-K */ + /* 204 */ ED_UNASSIGNED, /* M-L */ + /* 205 */ ED_UNASSIGNED, /* M-M */ + /* 206 */ ED_UNASSIGNED, /* M-N */ + /* 207 */ ED_SEQUENCE_LEAD_IN, /* M-O */ + /* 208 */ ED_UNASSIGNED, /* M-P */ + /* 209 */ ED_UNASSIGNED, /* M-Q */ + /* 210 */ ED_UNASSIGNED, /* M-R */ + /* 211 */ ED_UNASSIGNED, /* M-S */ + /* 212 */ ED_UNASSIGNED, /* M-T */ + /* 213 */ ED_UNASSIGNED, /* M-U */ + /* 214 */ ED_UNASSIGNED, /* M-V */ + /* 215 */ ED_UNASSIGNED, /* M-W */ + /* 216 */ ED_UNASSIGNED, /* M-X */ + /* 217 */ ED_UNASSIGNED, /* M-Y */ + /* 218 */ ED_UNASSIGNED, /* M-Z */ + /* 219 */ ED_SEQUENCE_LEAD_IN, /* M-[ */ + /* 220 */ ED_UNASSIGNED, /* M-\ */ + /* 221 */ ED_UNASSIGNED, /* M-] */ + /* 222 */ ED_UNASSIGNED, /* M-^ */ + /* 223 */ ED_UNASSIGNED, /* M-_ */ + /* 224 */ ED_UNASSIGNED, /* M-` */ + /* 225 */ ED_UNASSIGNED, /* M-a */ + /* 226 */ ED_UNASSIGNED, /* M-b */ + /* 227 */ ED_UNASSIGNED, /* M-c */ + /* 228 */ ED_UNASSIGNED, /* M-d */ + /* 229 */ ED_UNASSIGNED, /* M-e */ + /* 230 */ ED_UNASSIGNED, /* M-f */ + /* 231 */ ED_UNASSIGNED, /* M-g */ + /* 232 */ ED_UNASSIGNED, /* M-h */ + /* 233 */ ED_UNASSIGNED, /* M-i */ + /* 234 */ ED_UNASSIGNED, /* M-j */ + /* 235 */ ED_UNASSIGNED, /* M-k */ + /* 236 */ ED_UNASSIGNED, /* M-l */ + /* 237 */ ED_UNASSIGNED, /* M-m */ + /* 238 */ ED_UNASSIGNED, /* M-n */ + /* 239 */ ED_UNASSIGNED, /* M-o */ + /* 240 */ ED_UNASSIGNED, /* M-p */ + /* 241 */ ED_UNASSIGNED, /* M-q */ + /* 242 */ ED_UNASSIGNED, /* M-r */ + /* 243 */ ED_UNASSIGNED, /* M-s */ + /* 244 */ ED_UNASSIGNED, /* M-t */ + /* 245 */ ED_UNASSIGNED, /* M-u */ + /* 246 */ ED_UNASSIGNED, /* M-v */ + /* 247 */ ED_UNASSIGNED, /* M-w */ + /* 248 */ ED_UNASSIGNED, /* M-x */ + /* 249 */ ED_UNASSIGNED, /* M-y */ + /* 250 */ ED_UNASSIGNED, /* M-z */ + /* 251 */ ED_UNASSIGNED, /* M-{ */ + /* 252 */ ED_UNASSIGNED, /* M-| */ + /* 253 */ ED_UNASSIGNED, /* M-} */ + /* 254 */ ED_UNASSIGNED, /* M-~ */ + /* 255 */ ED_UNASSIGNED /* M-^? */ +}; + + +/* map_init(): + * Initialize and allocate the maps + */ +protected int +map_init(EditLine *el) +{ + + /* + * Make sure those are correct before starting. + */ +#ifdef MAP_DEBUG + if (sizeof(el_map_emacs) != N_KEYS * sizeof(el_action_t)) + EL_ABORT((el->errfile, "Emacs map incorrect\n")); + if (sizeof(el_map_vi_command) != N_KEYS * sizeof(el_action_t)) + EL_ABORT((el->errfile, "Vi command map incorrect\n")); + if (sizeof(el_map_vi_insert) != N_KEYS * sizeof(el_action_t)) + EL_ABORT((el->errfile, "Vi insert map incorrect\n")); +#endif + + el->el_map.alt = (el_action_t *)el_malloc(sizeof(el_action_t) * N_KEYS); + if (el->el_map.alt == NULL) + return (-1); + el->el_map.key = (el_action_t *)el_malloc(sizeof(el_action_t) * N_KEYS); + if (el->el_map.key == NULL) + return (-1); + el->el_map.emacs = el_map_emacs; + el->el_map.vic = el_map_vi_command; + el->el_map.vii = el_map_vi_insert; + el->el_map.help = (el_bindings_t *) el_malloc(sizeof(el_bindings_t) * + EL_NUM_FCNS); + if (el->el_map.help == NULL) + return (-1); + (void) memcpy(el->el_map.help, help__get(), + sizeof(el_bindings_t) * EL_NUM_FCNS); + el->el_map.func = (el_func_t *)el_malloc(sizeof(el_func_t) * + EL_NUM_FCNS); + if (el->el_map.func == NULL) + return (-1); + memcpy(el->el_map.func, func__get(), sizeof(el_func_t) * EL_NUM_FCNS); + el->el_map.nfunc = EL_NUM_FCNS; + +#ifdef VIDEFAULT + map_init_vi(el); +#else + map_init_emacs(el); +#endif /* VIDEFAULT */ + return (0); +} + + +/* map_end(): + * Free the space taken by the editor maps + */ +protected void +map_end(EditLine *el) +{ + + el_free((ptr_t) el->el_map.alt); + el->el_map.alt = NULL; + el_free((ptr_t) el->el_map.key); + el->el_map.key = NULL; + el->el_map.emacs = NULL; + el->el_map.vic = NULL; + el->el_map.vii = NULL; + el_free((ptr_t) el->el_map.help); + el->el_map.help = NULL; + el_free((ptr_t) el->el_map.func); + el->el_map.func = NULL; +} + + +/* map_init_nls(): + * Find all the printable keys and bind them to self insert + */ +private void +map_init_nls(EditLine *el) +{ + int i; + + el_action_t *map = el->el_map.key; + + for (i = 0200; i <= 0377; i++) + if (Isprint(i)) + map[i] = ED_INSERT; +} + + +/* map_init_meta(): + * Bind all the meta keys to the appropriate ESC- sequence + */ +private void +map_init_meta(EditLine *el) +{ + Char buf[3]; + int i; + el_action_t *map = el->el_map.key; + el_action_t *alt = el->el_map.alt; + + for (i = 0; i <= 0377 && map[i] != EM_META_NEXT; i++) + continue; + + if (i > 0377) { + for (i = 0; i <= 0377 && alt[i] != EM_META_NEXT; i++) + continue; + if (i > 0377) { + i = 033; + if (el->el_map.type == MAP_VI) + map = alt; + } else + map = alt; + } + buf[0] = (Char) i; + buf[2] = 0; + for (i = 0200; i <= 0377; i++) + switch (map[i]) { + case ED_INSERT: + case ED_UNASSIGNED: + case ED_SEQUENCE_LEAD_IN: + break; + default: + buf[1] = i & 0177; + key_add(el, buf, key_map_cmd(el, (int) map[i]), XK_CMD); + break; + } + map[(int) buf[0]] = ED_SEQUENCE_LEAD_IN; +} + + +/* map_init_vi(): + * Initialize the vi bindings + */ +protected void +map_init_vi(EditLine *el) +{ + int i; + el_action_t *key = el->el_map.key; + el_action_t *alt = el->el_map.alt; + const el_action_t *vii = el->el_map.vii; + const el_action_t *vic = el->el_map.vic; + + el->el_map.type = MAP_VI; + el->el_map.current = el->el_map.key; + + key_reset(el); + + for (i = 0; i < N_KEYS; i++) { + key[i] = vii[i]; + alt[i] = vic[i]; + } + + map_init_meta(el); + map_init_nls(el); + + tty_bind_char(el, 1); + term_bind_arrow(el); +} + + +/* map_init_emacs(): + * Initialize the emacs bindings + */ +protected void +map_init_emacs(EditLine *el) +{ + int i; + Char buf[3]; + el_action_t *key = el->el_map.key; + el_action_t *alt = el->el_map.alt; + const el_action_t *emacs = el->el_map.emacs; + + el->el_map.type = MAP_EMACS; + el->el_map.current = el->el_map.key; + key_reset(el); + + for (i = 0; i < N_KEYS; i++) { + key[i] = emacs[i]; + alt[i] = ED_UNASSIGNED; + } + + map_init_meta(el); + map_init_nls(el); + + buf[0] = CONTROL('X'); + buf[1] = CONTROL('X'); + buf[2] = 0; + key_add(el, buf, key_map_cmd(el, EM_EXCHANGE_MARK), XK_CMD); + + tty_bind_char(el, 1); + term_bind_arrow(el); +} + + +/* map_set_editor(): + * Set the editor + */ +protected int +map_set_editor(EditLine *el, Char *editor) +{ + + if (Strcmp(editor, STR("emacs")) == 0) { + map_init_emacs(el); + return (0); + } + if (Strcmp(editor, STR("vi")) == 0) { + map_init_vi(el); + return (0); + } + return (-1); +} + + +/* map_get_editor(): + * Retrieve the editor + */ +protected int +map_get_editor(EditLine *el, const Char **editor) +{ + + if (editor == NULL) + return (-1); + switch (el->el_map.type) { + case MAP_EMACS: + *editor = STR("emacs"); + return (0); + case MAP_VI: + *editor = STR("vi"); + return (0); + } + return (-1); +} + + +/* map_print_key(): + * Print the function description for 1 key + */ +private void +map_print_key(EditLine *el, el_action_t *map, const Char *in) +{ + char outbuf[EL_BUFSIZ]; + el_bindings_t *bp, *ep; + + if (in[0] == '\0' || in[1] == '\0') { + (void) key__decode_str(in, outbuf, sizeof(outbuf), ""); + ep = &el->el_map.help[el->el_map.nfunc]; + for (bp = el->el_map.help; bp < ep; bp++) + if (bp->func == map[(unsigned char) *in]) { + (void) fprintf(el->el_outfile, + "%s\t->\t" FSTR "\n", outbuf, bp->name); + return; + } + } else + key_print(el, in); +} + + +/* map_print_some_keys(): + * Print keys from first to last + */ +private void +map_print_some_keys(EditLine *el, el_action_t *map, Int first, Int last) +{ + el_bindings_t *bp, *ep; + Char firstbuf[2], lastbuf[2]; + char unparsbuf[EL_BUFSIZ], extrabuf[EL_BUFSIZ]; + + firstbuf[0] = first; + firstbuf[1] = 0; + lastbuf[0] = last; + lastbuf[1] = 0; + if (map[first] == ED_UNASSIGNED) { + if (first == last) { + (void) key__decode_str(firstbuf, unparsbuf, + sizeof(unparsbuf), STRQQ); + (void) fprintf(el->el_outfile, + "%-15s-> is undefined\n", unparsbuf); + } + return; + } + ep = &el->el_map.help[el->el_map.nfunc]; + for (bp = el->el_map.help; bp < ep; bp++) { + if (bp->func == map[first]) { + if (first == last) { + (void) key__decode_str(firstbuf, unparsbuf, + sizeof(unparsbuf), STRQQ); + (void) fprintf(el->el_outfile, "%-15s-> " FSTR "\n", + unparsbuf, bp->name); + } else { + (void) key__decode_str(firstbuf, unparsbuf, + sizeof(unparsbuf), STRQQ); + (void) key__decode_str(lastbuf, extrabuf, + sizeof(extrabuf), STRQQ); + (void) fprintf(el->el_outfile, + "%-4s to %-7s-> " FSTR "\n", + unparsbuf, extrabuf, bp->name); + } + return; + } + } +#ifdef MAP_DEBUG + if (map == el->el_map.key) { + (void) key__decode_str(firstbuf, unparsbuf, + sizeof(unparsbuf), STRQQ); + (void) fprintf(el->el_outfile, + "BUG!!! %s isn't bound to anything.\n", unparsbuf); + (void) fprintf(el->el_outfile, "el->el_map.key[%d] == %d\n", + first, el->el_map.key[first]); + } else { + (void) key__decode_str(firstbuf, unparsbuf, + sizeof(unparsbuf), STRQQ); + (void) fprintf(el->el_outfile, + "BUG!!! %s isn't bound to anything.\n", unparsbuf); + (void) fprintf(el->el_outfile, "el->el_map.alt[%d] == %d\n", + first, el->el_map.alt[first]); + } +#endif + EL_ABORT((el->el_errfile, "Error printing keys\n")); +} + + +/* map_print_all_keys(): + * Print the function description for all keys. + */ +private void +map_print_all_keys(EditLine *el) +{ + int prev, i; + + (void) fprintf(el->el_outfile, "Standard key bindings\n"); + prev = 0; + for (i = 0; i < N_KEYS; i++) { + if (el->el_map.key[prev] == el->el_map.key[i]) + continue; + map_print_some_keys(el, el->el_map.key, prev, i - 1); + prev = i; + } + map_print_some_keys(el, el->el_map.key, prev, i - 1); + + (void) fprintf(el->el_outfile, "Alternative key bindings\n"); + prev = 0; + for (i = 0; i < N_KEYS; i++) { + if (el->el_map.alt[prev] == el->el_map.alt[i]) + continue; + map_print_some_keys(el, el->el_map.alt, prev, i - 1); + prev = i; + } + map_print_some_keys(el, el->el_map.alt, prev, i - 1); + + (void) fprintf(el->el_outfile, "Multi-character bindings\n"); + key_print(el, STR("")); + (void) fprintf(el->el_outfile, "Arrow key bindings\n"); + term_print_arrow(el, STR("")); +} + + +/* map_bind(): + * Add/remove/change bindings + */ +protected int +map_bind(EditLine *el, int argc, const Char **argv) +{ + el_action_t *map; + int ntype, rem; + const Char *p; + Char inbuf[EL_BUFSIZ]; + Char outbuf[EL_BUFSIZ]; + const Char *in = NULL; + Char *out = NULL; + el_bindings_t *bp, *ep; + int cmd; + int key; + + if (argv == NULL) + return (-1); + + map = el->el_map.key; + ntype = XK_CMD; + key = rem = 0; + for (argc = 1; (p = argv[argc]) != NULL; argc++) + if (p[0] == '-') + switch (p[1]) { + case 'a': + map = el->el_map.alt; + break; + + case 's': + ntype = XK_STR; + break; +#ifdef notyet + case 'c': + ntype = XK_EXE; + break; +#endif + case 'k': + key = 1; + break; + + case 'r': + rem = 1; + break; + + case 'v': + map_init_vi(el); + return (0); + + case 'e': + map_init_emacs(el); + return (0); + + case 'l': + ep = &el->el_map.help[el->el_map.nfunc]; + for (bp = el->el_map.help; bp < ep; bp++) + (void) fprintf(el->el_outfile, + "" FSTR "\n\t" FSTR "\n", + bp->name, bp->description); + return (0); + default: + (void) fprintf(el->el_errfile, + "" FSTR ": Invalid switch `%c'.\n", + argv[0], p[1]); + } + else + break; + + if (argv[argc] == NULL) { + map_print_all_keys(el); + return (0); + } + if (key) + in = argv[argc++]; + else if ((in = parse__string(inbuf, argv[argc++])) == NULL) { + (void) fprintf(el->el_errfile, + "" FSTR ": Invalid \\ or ^ in instring.\n", + argv[0]); + return (-1); + } + if (rem) { + if (key) { + (void) term_clear_arrow(el, in); + return (-1); + } + if (in[1]) + (void) key_delete(el, in); + else if (map[(unsigned char) *in] == ED_SEQUENCE_LEAD_IN) + (void) key_delete(el, in); + else + map[(unsigned char) *in] = ED_UNASSIGNED; + return (0); + } + if (argv[argc] == NULL) { + if (key) + term_print_arrow(el, in); + else + map_print_key(el, map, in); + return (0); + } +#ifdef notyet + if (argv[argc + 1] != NULL) { + bindkey_usage(); + return (-1); + } +#endif + + switch (ntype) { + case XK_STR: + case XK_EXE: + if ((out = parse__string(outbuf, argv[argc])) == NULL) { + (void) fprintf(el->el_errfile, + "" FSTR ": Invalid \\ or ^ in outstring.\n", argv[0]); + return (-1); + } + if (key) + term_set_arrow(el, in, key_map_str(el, out), ntype); + else + key_add(el, in, key_map_str(el, out), ntype); + map[(unsigned char) *in] = ED_SEQUENCE_LEAD_IN; + break; + + case XK_CMD: + if ((cmd = parse_cmd(el, argv[argc])) == -1) { + (void) fprintf(el->el_errfile, + "" FSTR ": Invalid command `" FSTR "'.\n", + argv[0], argv[argc]); + return (-1); + } + if (key) + term_set_arrow(el, in, key_map_str(el, out), ntype); + else { + if (in[1]) { + key_add(el, in, key_map_cmd(el, cmd), ntype); + map[(unsigned char) *in] = ED_SEQUENCE_LEAD_IN; + } else { + key_clear(el, map, in); + map[(unsigned char) *in] = cmd; + } + } + break; + + default: + EL_ABORT((el->el_errfile, "Bad XK_ type %d\n", ntype)); + break; + } + return (0); +} + + +/* map_addfunc(): + * add a user defined function + */ +protected int +map_addfunc(EditLine *el, const Char *name, const Char *help, el_func_t func) +{ + void *p; + int nf = el->el_map.nfunc + 1; + + if (name == NULL || help == NULL || func == NULL) + return (-1); + + if ((p = el_realloc(el->el_map.func, nf * sizeof(el_func_t))) == NULL) + return (-1); + el->el_map.func = (el_func_t *) p; + if ((p = el_realloc(el->el_map.help, nf * sizeof(el_bindings_t))) + == NULL) + return (-1); + el->el_map.help = (el_bindings_t *) p; + + nf = el->el_map.nfunc; + el->el_map.func[nf] = func; + + el->el_map.help[nf].name = name; + el->el_map.help[nf].func = nf; + el->el_map.help[nf].description = help; + el->el_map.nfunc++; + + return (0); +} diff --git a/lib/libedit/src/map.h b/lib/libedit/src/map.h new file mode 100644 index 000000000000..8e0c7e4eaa11 --- /dev/null +++ b/lib/libedit/src/map.h @@ -0,0 +1,77 @@ +/* $NetBSD: map.h,v 1.9 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)map.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * el.map.h: Editor maps + */ +#ifndef _h_el_map +#define _h_el_map + +typedef struct el_bindings_t { /* for the "bind" shell command */ + const Char *name; /* function name for bind command */ + int func; /* function numeric value */ + const Char *description; /* description of function */ +} el_bindings_t; + + +typedef struct el_map_t { + el_action_t *alt; /* The current alternate key map */ + el_action_t *key; /* The current normal key map */ + el_action_t *current; /* The keymap we are using */ + const el_action_t *emacs; /* The default emacs key map */ + const el_action_t *vic; /* The vi command mode key map */ + const el_action_t *vii; /* The vi insert mode key map */ + int type; /* Emacs or vi */ + el_bindings_t *help; /* The help for the editor functions */ + el_func_t *func; /* List of available functions */ + int nfunc; /* The number of functions/help items */ +} el_map_t; + +#define MAP_EMACS 0 +#define MAP_VI 1 + +#define N_KEYS 256 + +protected int map_bind(EditLine *, int, const Char **); +protected int map_init(EditLine *); +protected void map_end(EditLine *); +protected void map_init_vi(EditLine *); +protected void map_init_emacs(EditLine *); +protected int map_set_editor(EditLine *, Char *); +protected int map_get_editor(EditLine *, const Char **); +protected int map_addfunc(EditLine *, const Char *, const Char *, el_func_t); + +#endif /* _h_el_map */ diff --git a/lib/libedit/src/parse.c b/lib/libedit/src/parse.c new file mode 100644 index 000000000000..9983fa750372 --- /dev/null +++ b/lib/libedit/src/parse.c @@ -0,0 +1,285 @@ +/* $NetBSD: parse.c,v 1.23 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)parse.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: parse.c,v 1.23 2009/12/30 22:37:40 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * parse.c: parse an editline extended command + * + * commands are: + * + * bind + * echotc + * edit + * gettc + * history + * settc + * setty + */ +#include "el.h" +#include + +private const struct { + const Char *name; + int (*func)(EditLine *, int, const Char **); +} cmds[] = { + { STR("bind"), map_bind }, + { STR("echotc"), term_echotc }, + { STR("edit"), el_editmode }, + { STR("history"), hist_command }, + { STR("telltc"), term_telltc }, + { STR("settc"), term_settc }, + { STR("setty"), tty_stty }, + { NULL, NULL } +}; + + +/* parse_line(): + * Parse a line and dispatch it + */ +protected int +parse_line(EditLine *el, const Char *line) +{ + const Char **argv; + int argc; + TYPE(Tokenizer) *tok; + + tok = FUN(tok,init)(NULL); + FUN(tok,str)(tok, line, &argc, &argv); + argc = FUN(el,parse)(el, argc, argv); + FUN(tok,end)(tok); + return (argc); +} + + +/* el_parse(): + * Command dispatcher + */ +public int +FUN(el,parse)(EditLine *el, int argc, const Char *argv[]) +{ + const Char *ptr; + int i; + + if (argc < 1) + return (-1); + ptr = Strchr(argv[0], ':'); + if (ptr != NULL) { + Char *tprog; + size_t l; + + if (ptr == argv[0]) + return (0); + l = ptr - argv[0] - 1; + tprog = el_malloc((l + 1) * sizeof(*tprog)); + if (tprog == NULL) + return (0); + (void) Strncpy(tprog, argv[0], l); + tprog[l] = '\0'; + ptr++; + l = el_match(el->el_prog, tprog); + el_free(tprog); + if (!l) + return (0); + } else + ptr = argv[0]; + + for (i = 0; cmds[i].name != NULL; i++) + if (Strcmp(cmds[i].name, ptr) == 0) { + i = (*cmds[i].func) (el, argc, argv); + return (-i); + } + return (-1); +} + + +/* parse__escape(): + * Parse a string of the form ^ \ \ \U+xxxx and return + * the appropriate character or -1 if the escape is not valid + */ +protected int +parse__escape(const Char **ptr) +{ + const Char *p; + Int c; + + p = *ptr; + + if (p[1] == 0) + return (-1); + + if (*p == '\\') { + p++; + switch (*p) { + case 'a': + c = '\007'; /* Bell */ + break; + case 'b': + c = '\010'; /* Backspace */ + break; + case 't': + c = '\011'; /* Horizontal Tab */ + break; + case 'n': + c = '\012'; /* New Line */ + break; + case 'v': + c = '\013'; /* Vertical Tab */ + break; + case 'f': + c = '\014'; /* Form Feed */ + break; + case 'r': + c = '\015'; /* Carriage Return */ + break; + case 'e': + c = '\033'; /* Escape */ + break; + case 'U': /* Unicode \U+xxxx or \U+xxxxx format */ + { + int i; + const Char hex[] = STR("0123456789ABCDEF"); + const Char *h; + ++p; + if (*p++ != '+') + return (-1); + c = 0; + for (i = 0; i < 5; ++i) { + h = Strchr(hex, *p++); + if (!h && i < 4) + return (-1); + else if (h) + c = (c << 4) | ((int)(h - hex)); + else + --p; + } + if (c > 0x10FFFF) /* outside valid character range */ + return -1; + break; + } + case '0': + case '1': + case '2': + case '3': + case '4': + case '5': + case '6': + case '7': + { + int cnt, ch; + + for (cnt = 0, c = 0; cnt < 3; cnt++) { + ch = *p++; + if (ch < '0' || ch > '7') { + p--; + break; + } + c = (c << 3) | (ch - '0'); + } + if ((c & 0xffffff00) != 0) + return (-1); + --p; + break; + } + default: + c = *p; + break; + } + } else if (*p == '^') { + p++; + c = (*p == '?') ? '\177' : (*p & 0237); + } else + c = *p; + *ptr = ++p; + return (c); +} + +/* parse__string(): + * Parse the escapes from in and put the raw string out + */ +protected Char * +parse__string(Char *out, const Char *in) +{ + Char *rv = out; + int n; + + for (;;) + switch (*in) { + case '\0': + *out = '\0'; + return (rv); + + case '\\': + case '^': + if ((n = parse__escape(&in)) == -1) + return (NULL); + *out++ = n; + break; + + case 'M': + if (in[1] == '-' && in[2] != '\0') { + *out++ = '\033'; + in += 2; + break; + } + /*FALLTHROUGH*/ + + default: + *out++ = *in++; + break; + } +} + + +/* parse_cmd(): + * Return the command number for the command string given + * or -1 if one is not found + */ +protected int +parse_cmd(EditLine *el, const Char *cmd) +{ + el_bindings_t *b; + + for (b = el->el_map.help; b->name != NULL; b++) + if (Strcmp(b->name, cmd) == 0) + return (b->func); + return (-1); +} diff --git a/lib/libedit/src/parse.h b/lib/libedit/src/parse.h new file mode 100644 index 000000000000..ec04051bc27e --- /dev/null +++ b/lib/libedit/src/parse.h @@ -0,0 +1,48 @@ +/* $NetBSD: parse.h,v 1.7 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)parse.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * el.parse.h: Parser functions + */ +#ifndef _h_el_parse +#define _h_el_parse + +protected int parse_line(EditLine *, const Char *); +protected int parse__escape(const Char **); +protected Char *parse__string(Char *, const Char *); +protected int parse_cmd(EditLine *, const Char *); + +#endif /* _h_el_parse */ diff --git a/lib/libedit/src/prompt.c b/lib/libedit/src/prompt.c new file mode 100644 index 000000000000..acfb4372e4a1 --- /dev/null +++ b/lib/libedit/src/prompt.c @@ -0,0 +1,199 @@ +/* $NetBSD: prompt.c,v 1.18 2009/12/31 15:58:26 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)prompt.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: prompt.c,v 1.18 2009/12/31 15:58:26 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * prompt.c: Prompt printing functions + */ +#include +#include "el.h" + +private Char *prompt_default(EditLine *); +private Char *prompt_default_r(EditLine *); + +/* prompt_default(): + * Just a default prompt, in case the user did not provide one + */ +private Char * +/*ARGSUSED*/ +prompt_default(EditLine *el __attribute__((__unused__))) +{ + static Char a[3] = {'?', ' ', '\0'}; + + return (a); +} + + +/* prompt_default_r(): + * Just a default rprompt, in case the user did not provide one + */ +private Char * +/*ARGSUSED*/ +prompt_default_r(EditLine *el __attribute__((__unused__))) +{ + static Char a[1] = {'\0'}; + + return (a); +} + + +/* prompt_print(): + * Print the prompt and update the prompt position. + */ +protected void +prompt_print(EditLine *el, int op) +{ + el_prompt_t *elp; + Char *p; + int ignore = 0; + + if (op == EL_PROMPT) + elp = &el->el_prompt; + else + elp = &el->el_rprompt; + + if (elp->p_wide) + p = (*elp->p_func)(el); + else + p = ct_decode_string((char *)(void *)(*elp->p_func)(el), + &el->el_scratch); + + for (; *p; p++) { + if (elp->p_ignore == *p) { + ignore = !ignore; + continue; + } + if (ignore) + term__putc(el, *p); + else + re_putc(el, *p, 1); + } + + elp->p_pos.v = el->el_refresh.r_cursor.v; + elp->p_pos.h = el->el_refresh.r_cursor.h; +} + + +/* prompt_init(): + * Initialize the prompt stuff + */ +protected int +prompt_init(EditLine *el) +{ + + el->el_prompt.p_func = prompt_default; + el->el_prompt.p_pos.v = 0; + el->el_prompt.p_pos.h = 0; + el->el_prompt.p_ignore = '\0'; + el->el_rprompt.p_func = prompt_default_r; + el->el_rprompt.p_pos.v = 0; + el->el_rprompt.p_pos.h = 0; + el->el_rprompt.p_ignore = '\0'; + return 0; +} + + +/* prompt_end(): + * Clean up the prompt stuff + */ +protected void +/*ARGSUSED*/ +prompt_end(EditLine *el __attribute__((__unused__))) +{ +} + + +/* prompt_set(): + * Install a prompt printing function + */ +protected int +prompt_set(EditLine *el, el_pfunc_t prf, Char c, int op, int wide) +{ + el_prompt_t *p; + + if (op == EL_PROMPT || op == EL_PROMPT_ESC) + p = &el->el_prompt; + else + p = &el->el_rprompt; + + if (prf == NULL) { + if (op == EL_PROMPT || op == EL_PROMPT_ESC) + p->p_func = prompt_default; + else + p->p_func = prompt_default_r; + } else { + p->p_func = prf; + } + + p->p_ignore = c; + + p->p_pos.v = 0; + p->p_pos.h = 0; + p->p_wide = wide; + + return 0; +} + + +/* prompt_get(): + * Retrieve the prompt printing function + */ +protected int +prompt_get(EditLine *el, el_pfunc_t *prf, Char *c, int op) +{ + el_prompt_t *p; + + if (prf == NULL) + return -1; + + if (op == EL_PROMPT) + p = &el->el_prompt; + else + p = &el->el_rprompt; + + if (prf) + *prf = p->p_func; + if (c) + *c = p->p_ignore; + + return 0; +} diff --git a/lib/libedit/src/prompt.h b/lib/libedit/src/prompt.h new file mode 100644 index 000000000000..cde7462859ba --- /dev/null +++ b/lib/libedit/src/prompt.h @@ -0,0 +1,60 @@ +/* $NetBSD: prompt.h,v 1.10 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)prompt.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * el.prompt.h: Prompt printing stuff + */ +#ifndef _h_el_prompt +#define _h_el_prompt + +#include "histedit.h" + +typedef Char *(*el_pfunc_t)(EditLine *); + +typedef struct el_prompt_t { + el_pfunc_t p_func; /* Function to return the prompt */ + coord_t p_pos; /* position in the line after prompt */ + Char p_ignore; /* character to start/end literal */ + int p_wide; +} el_prompt_t; + +protected void prompt_print(EditLine *, int); +protected int prompt_set(EditLine *, el_pfunc_t, Char, int, int); +protected int prompt_get(EditLine *, el_pfunc_t *, Char *, int); +protected int prompt_init(EditLine *); +protected void prompt_end(EditLine *); + +#endif /* _h_el_prompt */ diff --git a/lib/libedit/src/read.c b/lib/libedit/src/read.c new file mode 100644 index 000000000000..094977f72671 --- /dev/null +++ b/lib/libedit/src/read.c @@ -0,0 +1,718 @@ +/* $NetBSD: read.c,v 1.58 2011/02/18 20:53:05 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)read.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: read.c,v 1.58 2011/02/18 20:53:05 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * read.c: Clean this junk up! This is horrible code. + * Terminal read functions + */ +#include +#include +#include +#include +#include +#include "el.h" + +#define OKCMD -1 /* must be -1! */ + +private int read__fixio(int, int); +private int read_preread(EditLine *); +private int read_char(EditLine *, Char *); +private int read_getcmd(EditLine *, el_action_t *, Char *); +private void read_pop(c_macro_t *); + +/* read_init(): + * Initialize the read stuff + */ +protected int +read_init(EditLine *el) +{ + /* builtin read_char */ + el->el_read.read_char = read_char; + return 0; +} + + +/* el_read_setfn(): + * Set the read char function to the one provided. + * If it is set to EL_BUILTIN_GETCFN, then reset to the builtin one. + */ +protected int +el_read_setfn(EditLine *el, el_rfunc_t rc) +{ + el->el_read.read_char = (rc == EL_BUILTIN_GETCFN) ? read_char : rc; + return 0; +} + + +/* el_read_getfn(): + * return the current read char function, or EL_BUILTIN_GETCFN + * if it is the default one + */ +protected el_rfunc_t +el_read_getfn(EditLine *el) +{ + return (el->el_read.read_char == read_char) ? + EL_BUILTIN_GETCFN : el->el_read.read_char; +} + + +#ifndef MIN +#define MIN(A,B) ((A) < (B) ? (A) : (B)) +#endif + +#ifdef DEBUG_EDIT +private void +read_debug(EditLine *el) +{ + + if (el->el_line.cursor > el->el_line.lastchar) + (void) fprintf(el->el_errfile, "cursor > lastchar\r\n"); + if (el->el_line.cursor < el->el_line.buffer) + (void) fprintf(el->el_errfile, "cursor < buffer\r\n"); + if (el->el_line.cursor > el->el_line.limit) + (void) fprintf(el->el_errfile, "cursor > limit\r\n"); + if (el->el_line.lastchar > el->el_line.limit) + (void) fprintf(el->el_errfile, "lastchar > limit\r\n"); + if (el->el_line.limit != &el->el_line.buffer[EL_BUFSIZ - 2]) + (void) fprintf(el->el_errfile, "limit != &buffer[EL_BUFSIZ-2]\r\n"); +} +#endif /* DEBUG_EDIT */ + + +/* read__fixio(): + * Try to recover from a read error + */ +/* ARGSUSED */ +private int +read__fixio(int fd __attribute__((__unused__)), int e) +{ + + switch (e) { + case -1: /* Make sure that the code is reachable */ + +#ifdef EWOULDBLOCK + case EWOULDBLOCK: +#ifndef TRY_AGAIN +#define TRY_AGAIN +#endif +#endif /* EWOULDBLOCK */ + +#if defined(POSIX) && defined(EAGAIN) +#if defined(EWOULDBLOCK) && EWOULDBLOCK != EAGAIN + case EAGAIN: +#ifndef TRY_AGAIN +#define TRY_AGAIN +#endif +#endif /* EWOULDBLOCK && EWOULDBLOCK != EAGAIN */ +#endif /* POSIX && EAGAIN */ + + e = 0; +#ifdef TRY_AGAIN +#if defined(F_SETFL) && defined(O_NDELAY) + if ((e = fcntl(fd, F_GETFL, 0)) == -1) + return (-1); + + if (fcntl(fd, F_SETFL, e & ~O_NDELAY) == -1) + return (-1); + else + e = 1; +#endif /* F_SETFL && O_NDELAY */ + +#ifdef FIONBIO + { + int zero = 0; + + if (ioctl(fd, FIONBIO, (ioctl_t) & zero) == -1) + return (-1); + else + e = 1; + } +#endif /* FIONBIO */ + +#endif /* TRY_AGAIN */ + return (e ? 0 : -1); + + case EINTR: + return (0); + + default: + return (-1); + } +} + + +/* read_preread(): + * Try to read the stuff in the input queue; + */ +private int +read_preread(EditLine *el) +{ + int chrs = 0; + + if (el->el_tty.t_mode == ED_IO) + return (0); + +#ifndef WIDECHAR +/* FIONREAD attempts to buffer up multiple bytes, and to make that work + * properly with partial wide/UTF-8 characters would need some careful work. */ +#ifdef FIONREAD + (void) ioctl(el->el_infd, FIONREAD, (ioctl_t) & chrs); + if (chrs > 0) { + char buf[EL_BUFSIZ]; + + chrs = read(el->el_infd, buf, + (size_t) MIN(chrs, EL_BUFSIZ - 1)); + if (chrs > 0) { + buf[chrs] = '\0'; + el_push(el, buf); + } + } +#endif /* FIONREAD */ +#endif + return (chrs > 0); +} + + +/* el_push(): + * Push a macro + */ +public void +FUN(el,push)(EditLine *el, const Char *str) +{ + c_macro_t *ma = &el->el_chared.c_macro; + + if (str != NULL && ma->level + 1 < EL_MAXMACRO) { + ma->level++; + if ((ma->macro[ma->level] = Strdup(str)) != NULL) + return; + ma->level--; + } + term_beep(el); + term__flush(el); +} + + +/* read_getcmd(): + * Return next command from the input stream. + * Character values > 255 are not looked up in the map, but inserted. + */ +private int +read_getcmd(EditLine *el, el_action_t *cmdnum, Char *ch) +{ + el_action_t cmd; + int num; + + el->el_errno = 0; + do { + if ((num = FUN(el,getc)(el, ch)) != 1) {/* if EOF or error */ + el->el_errno = num == 0 ? 0 : errno; + return (num); + } + +#ifdef KANJI + if ((*ch & 0200)) { + el->el_state.metanext = 0; + cmd = CcViMap[' ']; + break; + } else +#endif /* KANJI */ + + if (el->el_state.metanext) { + el->el_state.metanext = 0; + *ch |= 0200; + } +#ifdef WIDECHAR + if (*ch >= N_KEYS) + cmd = ED_INSERT; + else +#endif + cmd = el->el_map.current[(unsigned char) *ch]; + if (cmd == ED_SEQUENCE_LEAD_IN) { + key_value_t val; + switch (key_get(el, ch, &val)) { + case XK_CMD: + cmd = val.cmd; + break; + case XK_STR: + FUN(el,push)(el, val.str); + break; +#ifdef notyet + case XK_EXE: + /* XXX: In the future to run a user function */ + RunCommand(val.str); + break; +#endif + default: + EL_ABORT((el->el_errfile, "Bad XK_ type \n")); + break; + } + } + if (el->el_map.alt == NULL) + el->el_map.current = el->el_map.key; + } while (cmd == ED_SEQUENCE_LEAD_IN); + *cmdnum = cmd; + return (OKCMD); +} + +#ifdef WIDECHAR +/* utf8_islead(): + * Test whether a byte is a leading byte of a UTF-8 sequence. + */ +private int +utf8_islead(unsigned char c) +{ + return (c < 0x80) || /* single byte char */ + (c >= 0xc2 && c <= 0xf4); /* start of multibyte sequence */ +} +#endif + +/* read_char(): + * Read a character from the tty. + */ +private int +read_char(EditLine *el, Char *cp) +{ + ssize_t num_read; + int tried = 0; + char cbuf[MB_LEN_MAX]; + int cbp = 0; + int bytes = 0; + + again: + el->el_signal->sig_no = 0; + while ((num_read = read(el->el_infd, cbuf + cbp, 1)) == -1) { + switch (el->el_signal->sig_no) { + case SIGCONT: + el_set(el, EL_REFRESH); + /*FALLTHROUGH*/ + case SIGWINCH: + sig_set(el); + goto again; + default: + break; + } + if (!tried && read__fixio(el->el_infd, errno) == 0) + tried = 1; + else { + *cp = '\0'; + return (-1); + } + } + +#ifdef WIDECHAR + if (el->el_flags & CHARSET_IS_UTF8) { + if (!utf8_islead((unsigned char)cbuf[0])) + goto again; /* discard the byte we read and try again */ + ++cbp; + if ((bytes = ct_mbtowc(cp, cbuf, cbp)) == -1) { + ct_mbtowc_reset; + if (cbp >= MB_LEN_MAX) { /* "shouldn't happen" */ + *cp = '\0'; + return (-1); + } + goto again; + } + } else /* we don't support other multibyte charsets */ +#endif + *cp = (unsigned char)cbuf[0]; + + if ((el->el_flags & IGNORE_EXTCHARS) && bytes > 1) { + cbp = 0; /* skip this character */ + goto again; + } + + return (int)num_read; +} + +/* read_pop(): + * Pop a macro from the stack + */ +private void +read_pop(c_macro_t *ma) +{ + int i; + + el_free(ma->macro[0]); + for (i = 0; i < ma->level; i++) + ma->macro[i] = ma->macro[i + 1]; + ma->level--; + ma->offset = 0; +} + +/* el_getc(): + * Read a character + */ +public int +FUN(el,getc)(EditLine *el, Char *cp) +{ + int num_read; + c_macro_t *ma = &el->el_chared.c_macro; + + term__flush(el); + for (;;) { + if (ma->level < 0) { + if (!read_preread(el)) + break; + } + + if (ma->level < 0) + break; + + if (ma->macro[0][ma->offset] == '\0') { + read_pop(ma); + continue; + } + + *cp = ma->macro[0][ma->offset++]; + + if (ma->macro[0][ma->offset] == '\0') { + /* Needed for QuoteMode On */ + read_pop(ma); + } + + return (1); + } + +#ifdef DEBUG_READ + (void) fprintf(el->el_errfile, "Turning raw mode on\n"); +#endif /* DEBUG_READ */ + if (tty_rawmode(el) < 0)/* make sure the tty is set up correctly */ + return (0); + +#ifdef DEBUG_READ + (void) fprintf(el->el_errfile, "Reading a character\n"); +#endif /* DEBUG_READ */ + num_read = (*el->el_read.read_char)(el, cp); +#ifdef WIDECHAR + if (el->el_flags & NARROW_READ) + *cp = *(char *)(void *)cp; +#endif +#ifdef DEBUG_READ + (void) fprintf(el->el_errfile, "Got it %c\n", *cp); +#endif /* DEBUG_READ */ + return (num_read); +} + +protected void +read_prepare(EditLine *el) +{ + if (el->el_flags & HANDLE_SIGNALS) + sig_set(el); + if (el->el_flags & NO_TTY) + return; + if ((el->el_flags & (UNBUFFERED|EDIT_DISABLED)) == UNBUFFERED) + tty_rawmode(el); + + /* This is relatively cheap, and things go terribly wrong if + we have the wrong size. */ + el_resize(el); + re_clear_display(el); /* reset the display stuff */ + ch_reset(el, 0); + re_refresh(el); /* print the prompt */ + + if (el->el_flags & UNBUFFERED) + term__flush(el); +} + +protected void +read_finish(EditLine *el) +{ + if ((el->el_flags & UNBUFFERED) == 0) + (void) tty_cookedmode(el); + if (el->el_flags & HANDLE_SIGNALS) + sig_clr(el); +} + +public const Char * +FUN(el,gets)(EditLine *el, int *nread) +{ + int retval; + el_action_t cmdnum = 0; + int num; /* how many chars we have read at NL */ + Char ch, *cp; + int crlf = 0; + int nrb; +#ifdef FIONREAD + c_macro_t *ma = &el->el_chared.c_macro; +#endif /* FIONREAD */ + + if (nread == NULL) + nread = &nrb; + *nread = 0; + + if (el->el_flags & NO_TTY) { + size_t idx; + + cp = el->el_line.buffer; + while ((num = (*el->el_read.read_char)(el, cp)) == 1) { + /* make sure there is space for next character */ + if (cp + 1 >= el->el_line.limit) { + idx = (cp - el->el_line.buffer); + if (!ch_enlargebufs(el, 2)) + break; + cp = &el->el_line.buffer[idx]; + } + cp++; + if (el->el_flags & UNBUFFERED) + break; + if (cp[-1] == '\r' || cp[-1] == '\n') + break; + } + if (num == -1) { + if (errno == EINTR) + cp = el->el_line.buffer; + el->el_errno = errno; + } + + goto noedit; + } + + +#ifdef FIONREAD + if (el->el_tty.t_mode == EX_IO && ma->level < 0) { + long chrs = 0; + + (void) ioctl(el->el_infd, FIONREAD, (ioctl_t) & chrs); + if (chrs == 0) { + if (tty_rawmode(el) < 0) { + errno = 0; + *nread = 0; + return (NULL); + } + } + } +#endif /* FIONREAD */ + + if ((el->el_flags & UNBUFFERED) == 0) + read_prepare(el); + + if (el->el_flags & EDIT_DISABLED) { + size_t idx; + + if ((el->el_flags & UNBUFFERED) == 0) + cp = el->el_line.buffer; + else + cp = el->el_line.lastchar; + + term__flush(el); + + while ((num = (*el->el_read.read_char)(el, cp)) == 1) { + /* make sure there is space next character */ + if (cp + 1 >= el->el_line.limit) { + idx = (cp - el->el_line.buffer); + if (!ch_enlargebufs(el, 2)) + break; + cp = &el->el_line.buffer[idx]; + } + cp++; + crlf = cp[-1] == '\r' || cp[-1] == '\n'; + if (el->el_flags & UNBUFFERED) + break; + if (crlf) + break; + } + + if (num == -1) { + if (errno == EINTR) + cp = el->el_line.buffer; + el->el_errno = errno; + } + + goto noedit; + } + + for (num = OKCMD; num == OKCMD;) { /* while still editing this + * line */ +#ifdef DEBUG_EDIT + read_debug(el); +#endif /* DEBUG_EDIT */ + /* if EOF or error */ + if ((num = read_getcmd(el, &cmdnum, &ch)) != OKCMD) { +#ifdef DEBUG_READ + (void) fprintf(el->el_errfile, + "Returning from el_gets %d\n", num); +#endif /* DEBUG_READ */ + break; + } + if (el->el_errno == EINTR) { + el->el_line.buffer[0] = '\0'; + el->el_line.lastchar = + el->el_line.cursor = el->el_line.buffer; + break; + } + if ((unsigned int)cmdnum >= (unsigned int)el->el_map.nfunc) { /* BUG CHECK command */ +#ifdef DEBUG_EDIT + (void) fprintf(el->el_errfile, + "ERROR: illegal command from key 0%o\r\n", ch); +#endif /* DEBUG_EDIT */ + continue; /* try again */ + } + /* now do the real command */ +#ifdef DEBUG_READ + { + el_bindings_t *b; + for (b = el->el_map.help; b->name; b++) + if (b->func == cmdnum) + break; + if (b->name) + (void) fprintf(el->el_errfile, + "Executing %s\n", b->name); + else + (void) fprintf(el->el_errfile, + "Error command = %d\n", cmdnum); + } +#endif /* DEBUG_READ */ + /* vi redo needs these way down the levels... */ + el->el_state.thiscmd = cmdnum; + el->el_state.thisch = ch; + if (el->el_map.type == MAP_VI && + el->el_map.current == el->el_map.key && + el->el_chared.c_redo.pos < el->el_chared.c_redo.lim) { + if (cmdnum == VI_DELETE_PREV_CHAR && + el->el_chared.c_redo.pos != el->el_chared.c_redo.buf + && Isprint(el->el_chared.c_redo.pos[-1])) + el->el_chared.c_redo.pos--; + else + *el->el_chared.c_redo.pos++ = ch; + } + retval = (*el->el_map.func[cmdnum]) (el, ch); +#ifdef DEBUG_READ + (void) fprintf(el->el_errfile, + "Returned state %d\n", retval ); +#endif /* DEBUG_READ */ + + /* save the last command here */ + el->el_state.lastcmd = cmdnum; + + /* use any return value */ + switch (retval) { + case CC_CURSOR: + re_refresh_cursor(el); + break; + + case CC_REDISPLAY: + re_clear_lines(el); + re_clear_display(el); + /* FALLTHROUGH */ + + case CC_REFRESH: + re_refresh(el); + break; + + case CC_REFRESH_BEEP: + re_refresh(el); + term_beep(el); + break; + + case CC_NORM: /* normal char */ + break; + + case CC_ARGHACK: /* Suggested by Rich Salz */ + /* */ + continue; /* keep going... */ + + case CC_EOF: /* end of file typed */ + if ((el->el_flags & UNBUFFERED) == 0) + num = 0; + else if (num == -1) { + *el->el_line.lastchar++ = CONTROL('d'); + el->el_line.cursor = el->el_line.lastchar; + num = 1; + } + break; + + case CC_NEWLINE: /* normal end of line */ + num = (int)(el->el_line.lastchar - el->el_line.buffer); + break; + + case CC_FATAL: /* fatal error, reset to known state */ +#ifdef DEBUG_READ + (void) fprintf(el->el_errfile, + "*** editor fatal ERROR ***\r\n\n"); +#endif /* DEBUG_READ */ + /* put (real) cursor in a known place */ + re_clear_display(el); /* reset the display stuff */ + ch_reset(el, 1); /* reset the input pointers */ + re_refresh(el); /* print the prompt again */ + break; + + case CC_ERROR: + default: /* functions we don't know about */ +#ifdef DEBUG_READ + (void) fprintf(el->el_errfile, + "*** editor ERROR ***\r\n\n"); +#endif /* DEBUG_READ */ + term_beep(el); + term__flush(el); + break; + } + el->el_state.argument = 1; + el->el_state.doingarg = 0; + el->el_chared.c_vcmd.action = NOP; + if (el->el_flags & UNBUFFERED) + break; + } + + term__flush(el); /* flush any buffered output */ + /* make sure the tty is set up correctly */ + if ((el->el_flags & UNBUFFERED) == 0) { + read_finish(el); + *nread = num != -1 ? num : 0; + } else { + *nread = (int)(el->el_line.lastchar - el->el_line.buffer); + } + goto done; +noedit: + el->el_line.cursor = el->el_line.lastchar = cp; + *cp = '\0'; + *nread = (int)(el->el_line.cursor - el->el_line.buffer); +done: + if (*nread == 0) { + if (num == -1) { + *nread = -1; + errno = el->el_errno; + } + return NULL; + } else + return el->el_line.buffer; +} diff --git a/lib/libedit/src/read.h b/lib/libedit/src/read.h new file mode 100644 index 000000000000..1ded7c1cf2a0 --- /dev/null +++ b/lib/libedit/src/read.h @@ -0,0 +1,50 @@ +/* $NetBSD: read.h,v 1.7 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 2001 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Anthony Mallet. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * el.read.h: Character reading functions + */ +#ifndef _h_el_read +#define _h_el_read + +typedef int (*el_rfunc_t)(EditLine *, Char *); + +typedef struct el_read_t { + el_rfunc_t read_char; /* Function to read a character */ +} el_read_t; + +protected int read_init(EditLine *); +protected void read_prepare(EditLine *); +protected void read_finish(EditLine *); +protected int el_read_setfn(EditLine *, el_rfunc_t); +protected el_rfunc_t el_read_getfn(EditLine *); + +#endif /* _h_el_read */ diff --git a/lib/libedit/src/readline.c b/lib/libedit/src/readline.c new file mode 100644 index 000000000000..aeb6c46f41e5 --- /dev/null +++ b/lib/libedit/src/readline.c @@ -0,0 +1,2243 @@ +/* $NetBSD: readline.c,v 1.92 2010/09/16 20:08:51 christos Exp $ */ + +/*- + * Copyright (c) 1997 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Jaromir Dolecek. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +__RCSID("$NetBSD: readline.c,v 1.92 2010/09/16 20:08:51 christos Exp $"); +#endif /* not lint && not SCCSID */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "editline/readline.h" +#include "el.h" +#include "fcns.h" /* for EL_NUM_FCNS */ +#include "histedit.h" +#include "filecomplete.h" + +#if !defined(SIZE_T_MAX) +# define SIZE_T_MAX (size_t)(-1) +#endif + +void rl_prep_terminal(int); +void rl_deprep_terminal(void); + +/* for rl_complete() */ +#define TAB '\r' + +/* see comment at the #ifdef for sense of this */ +/* #define GDB_411_HACK */ + +/* readline compatibility stuff - look at readline sources/documentation */ +/* to see what these variables mean */ +const char *rl_library_version = "EditLine wrapper"; +int rl_readline_version = RL_READLINE_VERSION; +static char empty[] = { '\0' }; +static char expand_chars[] = { ' ', '\t', '\n', '=', '(', '\0' }; +static char break_chars[] = { ' ', '\t', '\n', '"', '\\', '\'', '`', '@', '$', + '>', '<', '=', ';', '|', '&', '{', '(', '\0' }; +char *rl_readline_name = empty; +FILE *rl_instream = NULL; +FILE *rl_outstream = NULL; +int rl_point = 0; +int rl_end = 0; +char *rl_line_buffer = NULL; +VCPFunction *rl_linefunc = NULL; +int rl_done = 0; +VFunction *rl_event_hook = NULL; +KEYMAP_ENTRY_ARRAY emacs_standard_keymap, + emacs_meta_keymap, + emacs_ctlx_keymap; + +int history_base = 1; /* probably never subject to change */ +int history_length = 0; +int max_input_history = 0; +char history_expansion_char = '!'; +char history_subst_char = '^'; +char *history_no_expand_chars = expand_chars; +Function *history_inhibit_expansion_function = NULL; +char *history_arg_extract(int start, int end, const char *str); + +int rl_inhibit_completion = 0; +int rl_attempted_completion_over = 0; +char *rl_basic_word_break_characters = break_chars; +char *rl_completer_word_break_characters = NULL; +char *rl_completer_quote_characters = NULL; +Function *rl_completion_entry_function = NULL; +CPPFunction *rl_attempted_completion_function = NULL; +Function *rl_pre_input_hook = NULL; +Function *rl_startup1_hook = NULL; +int (*rl_getc_function)(FILE *) = NULL; +char *rl_terminal_name = NULL; +int rl_already_prompted = 0; +int rl_filename_completion_desired = 0; +int rl_ignore_completion_duplicates = 0; +int rl_catch_signals = 1; +int readline_echoing_p = 1; +int _rl_print_completions_horizontally = 0; +VFunction *rl_redisplay_function = NULL; +Function *rl_startup_hook = NULL; +VFunction *rl_completion_display_matches_hook = NULL; +VFunction *rl_prep_term_function = (VFunction *)rl_prep_terminal; +VFunction *rl_deprep_term_function = (VFunction *)rl_deprep_terminal; +KEYMAP_ENTRY_ARRAY emacs_meta_keymap; + +/* + * The current prompt string. + */ +char *rl_prompt = NULL; +/* + * This is set to character indicating type of completion being done by + * rl_complete_internal(); this is available for application completion + * functions. + */ +int rl_completion_type = 0; + +/* + * If more than this number of items results from query for possible + * completions, we ask user if they are sure to really display the list. + */ +int rl_completion_query_items = 100; + +/* + * List of characters which are word break characters, but should be left + * in the parsed text when it is passed to the completion function. + * Shell uses this to help determine what kind of completing to do. + */ +char *rl_special_prefixes = NULL; + +/* + * This is the character appended to the completed words if at the end of + * the line. Default is ' ' (a space). + */ +int rl_completion_append_character = ' '; + +/* stuff below is used internally by libedit for readline emulation */ + +static History *h = NULL; +static EditLine *e = NULL; +static Function *map[256]; +static jmp_buf topbuf; + +/* internal functions */ +static unsigned char _el_rl_complete(EditLine *, int); +static unsigned char _el_rl_tstp(EditLine *, int); +static char *_get_prompt(EditLine *); +static int _getc_function(EditLine *, char *); +static HIST_ENTRY *_move_history(int); +static int _history_expand_command(const char *, size_t, size_t, + char **); +static char *_rl_compat_sub(const char *, const char *, + const char *, int); +static int _rl_event_read_char(EditLine *, char *); +static void _rl_update_pos(void); + + +/* ARGSUSED */ +static char * +_get_prompt(EditLine *el __attribute__((__unused__))) +{ + rl_already_prompted = 1; + return (rl_prompt); +} + + +/* + * generic function for moving around history + */ +static HIST_ENTRY * +_move_history(int op) +{ + HistEvent ev; + static HIST_ENTRY rl_he; + + if (history(h, &ev, op) != 0) + return (HIST_ENTRY *) NULL; + + rl_he.line = ev.str; + rl_he.data = NULL; + + return (&rl_he); +} + + +/* + * read one key from user defined input function + */ +static int +/*ARGSUSED*/ +_getc_function(EditLine *el, char *c) +{ + int i; + + i = (*rl_getc_function)(NULL); + if (i == -1) + return 0; + *c = i; + return 1; +} + +static void +_resize_fun(EditLine *el, void *a) +{ + const LineInfo *li; + char **ap = a; + + li = el_line(el); + /* a cheesy way to get rid of const cast. */ + *ap = memchr(li->buffer, *li->buffer, 1); +} + +static const char _dothistory[] = "/.history"; + +static const char * +_default_history_file(void) +{ + struct passwd *p; + static char path[PATH_MAX]; + + if (*path) + return path; + if ((p = getpwuid(getuid())) == NULL) + return NULL; + strlcpy(path, p->pw_dir, PATH_MAX); + strlcat(path, _dothistory, PATH_MAX); + return path; +} + +/* + * READLINE compatibility stuff + */ + +/* + * Set the prompt + */ +int +rl_set_prompt(const char *prompt) +{ + char *p; + + if (!prompt) + prompt = ""; + if (rl_prompt != NULL && strcmp(rl_prompt, prompt) == 0) + return 0; + if (rl_prompt) + free(rl_prompt); + rl_prompt = strdup(prompt); + if (rl_prompt == NULL) + return -1; + + while ((p = strchr(rl_prompt, RL_PROMPT_END_IGNORE)) != NULL) + *p = RL_PROMPT_START_IGNORE; + + return 0; +} + +/* + * initialize rl compat stuff + */ +int +rl_initialize(void) +{ + HistEvent ev; + int editmode = 1; + struct termios t; + + if (e != NULL) + el_end(e); + if (h != NULL) + history_end(h); + + if (!rl_instream) + rl_instream = stdin; + if (!rl_outstream) + rl_outstream = stdout; + + /* + * See if we don't really want to run the editor + */ + if (tcgetattr(fileno(rl_instream), &t) != -1 && (t.c_lflag & ECHO) == 0) + editmode = 0; + + e = el_init(rl_readline_name, rl_instream, rl_outstream, stderr); + + if (!editmode) + el_set(e, EL_EDITMODE, 0); + + h = history_init(); + if (!e || !h) + return (-1); + + history(h, &ev, H_SETSIZE, INT_MAX); /* unlimited */ + history_length = 0; + max_input_history = INT_MAX; + el_set(e, EL_HIST, history, h); + + /* Setup resize function */ + el_set(e, EL_RESIZE, _resize_fun, &rl_line_buffer); + + /* setup getc function if valid */ + if (rl_getc_function) + el_set(e, EL_GETCFN, _getc_function); + + /* for proper prompt printing in readline() */ + if (rl_set_prompt("") == -1) { + history_end(h); + el_end(e); + return -1; + } + el_set(e, EL_PROMPT, _get_prompt, RL_PROMPT_START_IGNORE); + el_set(e, EL_SIGNAL, rl_catch_signals); + + /* set default mode to "emacs"-style and read setting afterwards */ + /* so this can be overriden */ + el_set(e, EL_EDITOR, "emacs"); + if (rl_terminal_name != NULL) + el_set(e, EL_TERMINAL, rl_terminal_name); + else + el_get(e, EL_TERMINAL, &rl_terminal_name); + + /* + * Word completion - this has to go AFTER rebinding keys + * to emacs-style. + */ + el_set(e, EL_ADDFN, "rl_complete", + "ReadLine compatible completion function", + _el_rl_complete); + el_set(e, EL_BIND, "^I", "rl_complete", NULL); + + /* + * Send TSTP when ^Z is pressed. + */ + el_set(e, EL_ADDFN, "rl_tstp", + "ReadLine compatible suspend function", + _el_rl_tstp); + el_set(e, EL_BIND, "^Z", "rl_tstp", NULL); + + /* read settings from configuration file */ + el_source(e, NULL); + + /* + * Unfortunately, some applications really do use rl_point + * and rl_line_buffer directly. + */ + _resize_fun(e, &rl_line_buffer); + _rl_update_pos(); + + if (rl_startup_hook) + (*rl_startup_hook)(NULL, 0); + + return (0); +} + + +/* + * read one line from input stream and return it, chomping + * trailing newline (if there is any) + */ +char * +readline(const char *p) +{ + HistEvent ev; + const char * volatile prompt = p; + int count; + const char *ret; + char *buf; + static int used_event_hook; + + if (e == NULL || h == NULL) + rl_initialize(); + + rl_done = 0; + + (void)setjmp(topbuf); + + /* update prompt accordingly to what has been passed */ + if (rl_set_prompt(prompt) == -1) + return NULL; + + if (rl_pre_input_hook) + (*rl_pre_input_hook)(NULL, 0); + + if (rl_event_hook && !(e->el_flags&NO_TTY)) { + el_set(e, EL_GETCFN, _rl_event_read_char); + used_event_hook = 1; + } + + if (!rl_event_hook && used_event_hook) { + el_set(e, EL_GETCFN, EL_BUILTIN_GETCFN); + used_event_hook = 0; + } + + rl_already_prompted = 0; + + /* get one line from input stream */ + ret = el_gets(e, &count); + + if (ret && count > 0) { + int lastidx; + + buf = strdup(ret); + if (buf == NULL) + return NULL; + lastidx = count - 1; + if (buf[lastidx] == '\n') + buf[lastidx] = '\0'; + } else + buf = NULL; + + history(h, &ev, H_GETSIZE); + history_length = ev.num; + + return buf; +} + +/* + * history functions + */ + +/* + * is normally called before application starts to use + * history expansion functions + */ +void +using_history(void) +{ + if (h == NULL || e == NULL) + rl_initialize(); +} + + +/* + * substitute ``what'' with ``with'', returning resulting string; if + * globally == 1, substitutes all occurrences of what, otherwise only the + * first one + */ +static char * +_rl_compat_sub(const char *str, const char *what, const char *with, + int globally) +{ + const char *s; + char *r, *result; + size_t len, with_len, what_len; + + len = strlen(str); + with_len = strlen(with); + what_len = strlen(what); + + /* calculate length we need for result */ + s = str; + while (*s) { + if (*s == *what && !strncmp(s, what, what_len)) { + len += with_len - what_len; + if (!globally) + break; + s += what_len; + } else + s++; + } + r = result = malloc(len + 1); + if (result == NULL) + return NULL; + s = str; + while (*s) { + if (*s == *what && !strncmp(s, what, what_len)) { + (void)strncpy(r, with, with_len); + r += with_len; + s += what_len; + if (!globally) { + (void)strcpy(r, s); + return(result); + } + } else + *r++ = *s++; + } + *r = '\0'; + return(result); +} + +static char *last_search_pat; /* last !?pat[?] search pattern */ +static char *last_search_match; /* last !?pat[?] that matched */ + +const char * +get_history_event(const char *cmd, int *cindex, int qchar) +{ + int idx, sign, sub, num, begin, ret; + size_t len; + char *pat; + const char *rptr; + HistEvent ev; + + idx = *cindex; + if (cmd[idx++] != history_expansion_char) + return(NULL); + + /* find out which event to take */ + if (cmd[idx] == history_expansion_char || cmd[idx] == '\0') { + if (history(h, &ev, H_FIRST) != 0) + return(NULL); + *cindex = cmd[idx]? (idx + 1):idx; + return ev.str; + } + sign = 0; + if (cmd[idx] == '-') { + sign = 1; + idx++; + } + + if ('0' <= cmd[idx] && cmd[idx] <= '9') { + HIST_ENTRY *rl_he; + + num = 0; + while (cmd[idx] && '0' <= cmd[idx] && cmd[idx] <= '9') { + num = num * 10 + cmd[idx] - '0'; + idx++; + } + if (sign) + num = history_length - num + 1; + + if (!(rl_he = history_get(num))) + return(NULL); + + *cindex = idx; + return(rl_he->line); + } + sub = 0; + if (cmd[idx] == '?') { + sub = 1; + idx++; + } + begin = idx; + while (cmd[idx]) { + if (cmd[idx] == '\n') + break; + if (sub && cmd[idx] == '?') + break; + if (!sub && (cmd[idx] == ':' || cmd[idx] == ' ' + || cmd[idx] == '\t' || cmd[idx] == qchar)) + break; + idx++; + } + len = idx - begin; + if (sub && cmd[idx] == '?') + idx++; + if (sub && len == 0 && last_search_pat && *last_search_pat) + pat = last_search_pat; + else if (len == 0) + return(NULL); + else { + if ((pat = malloc(len + 1)) == NULL) + return NULL; + (void)strncpy(pat, cmd + begin, len); + pat[len] = '\0'; + } + + if (history(h, &ev, H_CURR) != 0) { + if (pat != last_search_pat) + free(pat); + return (NULL); + } + num = ev.num; + + if (sub) { + if (pat != last_search_pat) { + if (last_search_pat) + free(last_search_pat); + last_search_pat = pat; + } + ret = history_search(pat, -1); + } else + ret = history_search_prefix(pat, -1); + + if (ret == -1) { + /* restore to end of list on failed search */ + history(h, &ev, H_FIRST); + (void)fprintf(rl_outstream, "%s: Event not found\n", pat); + if (pat != last_search_pat) + free(pat); + return(NULL); + } + + if (sub && len) { + if (last_search_match && last_search_match != pat) + free(last_search_match); + last_search_match = pat; + } + + if (pat != last_search_pat) + free(pat); + + if (history(h, &ev, H_CURR) != 0) + return(NULL); + *cindex = idx; + rptr = ev.str; + + /* roll back to original position */ + (void)history(h, &ev, H_SET, num); + + return rptr; +} + +/* + * the real function doing history expansion - takes as argument command + * to do and data upon which the command should be executed + * does expansion the way I've understood readline documentation + * + * returns 0 if data was not modified, 1 if it was and 2 if the string + * should be only printed and not executed; in case of error, + * returns -1 and *result points to NULL + * it's callers responsibility to free() string returned in *result + */ +static int +_history_expand_command(const char *command, size_t offs, size_t cmdlen, + char **result) +{ + char *tmp, *search = NULL, *aptr; + const char *ptr, *cmd; + static char *from = NULL, *to = NULL; + int start, end, idx, has_mods = 0; + int p_on = 0, g_on = 0; + + *result = NULL; + aptr = NULL; + ptr = NULL; + + /* First get event specifier */ + idx = 0; + + if (strchr(":^*$", command[offs + 1])) { + char str[4]; + /* + * "!:" is shorthand for "!!:". + * "!^", "!*" and "!$" are shorthand for + * "!!:^", "!!:*" and "!!:$" respectively. + */ + str[0] = str[1] = '!'; + str[2] = '0'; + ptr = get_history_event(str, &idx, 0); + idx = (command[offs + 1] == ':')? 1:0; + has_mods = 1; + } else { + if (command[offs + 1] == '#') { + /* use command so far */ + if ((aptr = malloc(offs + 1)) == NULL) + return -1; + (void)strncpy(aptr, command, offs); + aptr[offs] = '\0'; + idx = 1; + } else { + int qchar; + + qchar = (offs > 0 && command[offs - 1] == '"')? '"':0; + ptr = get_history_event(command + offs, &idx, qchar); + } + has_mods = command[offs + idx] == ':'; + } + + if (ptr == NULL && aptr == NULL) + return(-1); + + if (!has_mods) { + *result = strdup(aptr ? aptr : ptr); + if (aptr) + free(aptr); + if (*result == NULL) + return -1; + return(1); + } + + cmd = command + offs + idx + 1; + + /* Now parse any word designators */ + + if (*cmd == '%') /* last word matched by ?pat? */ + tmp = strdup(last_search_match? last_search_match:""); + else if (strchr("^*$-0123456789", *cmd)) { + start = end = -1; + if (*cmd == '^') + start = end = 1, cmd++; + else if (*cmd == '$') + start = -1, cmd++; + else if (*cmd == '*') + start = 1, cmd++; + else if (*cmd == '-' || isdigit((unsigned char) *cmd)) { + start = 0; + while (*cmd && '0' <= *cmd && *cmd <= '9') + start = start * 10 + *cmd++ - '0'; + + if (*cmd == '-') { + if (isdigit((unsigned char) cmd[1])) { + cmd++; + end = 0; + while (*cmd && '0' <= *cmd && *cmd <= '9') + end = end * 10 + *cmd++ - '0'; + } else if (cmd[1] == '$') { + cmd += 2; + end = -1; + } else { + cmd++; + end = -2; + } + } else if (*cmd == '*') + end = -1, cmd++; + else + end = start; + } + tmp = history_arg_extract(start, end, aptr? aptr:ptr); + if (tmp == NULL) { + (void)fprintf(rl_outstream, "%s: Bad word specifier", + command + offs + idx); + if (aptr) + free(aptr); + return(-1); + } + } else + tmp = strdup(aptr? aptr:ptr); + + if (aptr) + free(aptr); + + if (*cmd == '\0' || ((size_t)(cmd - (command + offs)) >= cmdlen)) { + *result = tmp; + return(1); + } + + for (; *cmd; cmd++) { + if (*cmd == ':') + continue; + else if (*cmd == 'h') { /* remove trailing path */ + if ((aptr = strrchr(tmp, '/')) != NULL) + *aptr = '\0'; + } else if (*cmd == 't') { /* remove leading path */ + if ((aptr = strrchr(tmp, '/')) != NULL) { + aptr = strdup(aptr + 1); + free(tmp); + tmp = aptr; + } + } else if (*cmd == 'r') { /* remove trailing suffix */ + if ((aptr = strrchr(tmp, '.')) != NULL) + *aptr = '\0'; + } else if (*cmd == 'e') { /* remove all but suffix */ + if ((aptr = strrchr(tmp, '.')) != NULL) { + aptr = strdup(aptr); + free(tmp); + tmp = aptr; + } + } else if (*cmd == 'p') /* print only */ + p_on = 1; + else if (*cmd == 'g') + g_on = 2; + else if (*cmd == 's' || *cmd == '&') { + char *what, *with, delim; + size_t len, from_len; + size_t size; + + if (*cmd == '&' && (from == NULL || to == NULL)) + continue; + else if (*cmd == 's') { + delim = *(++cmd), cmd++; + size = 16; + what = realloc(from, size); + if (what == NULL) { + free(from); + free(tmp); + return 0; + } + len = 0; + for (; *cmd && *cmd != delim; cmd++) { + if (*cmd == '\\' && cmd[1] == delim) + cmd++; + if (len >= size) { + char *nwhat; + nwhat = realloc(what, + (size <<= 1)); + if (nwhat == NULL) { + free(what); + free(tmp); + return 0; + } + what = nwhat; + } + what[len++] = *cmd; + } + what[len] = '\0'; + from = what; + if (*what == '\0') { + free(what); + if (search) { + from = strdup(search); + if (from == NULL) { + free(tmp); + return 0; + } + } else { + from = NULL; + free(tmp); + return (-1); + } + } + cmd++; /* shift after delim */ + if (!*cmd) + continue; + + size = 16; + with = realloc(to, size); + if (with == NULL) { + free(to); + free(tmp); + return -1; + } + len = 0; + from_len = strlen(from); + for (; *cmd && *cmd != delim; cmd++) { + if (len + from_len + 1 >= size) { + char *nwith; + size += from_len + 1; + nwith = realloc(with, size); + if (nwith == NULL) { + free(with); + free(tmp); + return -1; + } + with = nwith; + } + if (*cmd == '&') { + /* safe */ + (void)strcpy(&with[len], from); + len += from_len; + continue; + } + if (*cmd == '\\' + && (*(cmd + 1) == delim + || *(cmd + 1) == '&')) + cmd++; + with[len++] = *cmd; + } + with[len] = '\0'; + to = with; + } + + aptr = _rl_compat_sub(tmp, from, to, g_on); + if (aptr) { + free(tmp); + tmp = aptr; + } + g_on = 0; + } + } + *result = tmp; + return (p_on? 2:1); +} + + +/* + * csh-style history expansion + */ +int +history_expand(char *str, char **output) +{ + int ret = 0; + size_t idx, i, size; + char *tmp, *result; + + if (h == NULL || e == NULL) + rl_initialize(); + + if (history_expansion_char == 0) { + *output = strdup(str); + return(0); + } + + *output = NULL; + if (str[0] == history_subst_char) { + /* ^foo^foo2^ is equivalent to !!:s^foo^foo2^ */ + *output = malloc(strlen(str) + 4 + 1); + if (*output == NULL) + return 0; + (*output)[0] = (*output)[1] = history_expansion_char; + (*output)[2] = ':'; + (*output)[3] = 's'; + (void)strcpy((*output) + 4, str); + str = *output; + } else { + *output = strdup(str); + if (*output == NULL) + return 0; + } + +#define ADD_STRING(what, len, fr) \ + { \ + if (idx + len + 1 > size) { \ + char *nresult = realloc(result, (size += len + 1));\ + if (nresult == NULL) { \ + free(*output); \ + if (/*CONSTCOND*/fr) \ + free(tmp); \ + return 0; \ + } \ + result = nresult; \ + } \ + (void)strncpy(&result[idx], what, len); \ + idx += len; \ + result[idx] = '\0'; \ + } + + result = NULL; + size = idx = 0; + tmp = NULL; + for (i = 0; str[i];) { + int qchar, loop_again; + size_t len, start, j; + + qchar = 0; + loop_again = 1; + start = j = i; +loop: + for (; str[j]; j++) { + if (str[j] == '\\' && + str[j + 1] == history_expansion_char) { + (void)strcpy(&str[j], &str[j + 1]); + continue; + } + if (!loop_again) { + if (isspace((unsigned char) str[j]) + || str[j] == qchar) + break; + } + if (str[j] == history_expansion_char + && !strchr(history_no_expand_chars, str[j + 1]) + && (!history_inhibit_expansion_function || + (*history_inhibit_expansion_function)(str, + (int)j) == 0)) + break; + } + + if (str[j] && loop_again) { + i = j; + qchar = (j > 0 && str[j - 1] == '"' )? '"':0; + j++; + if (str[j] == history_expansion_char) + j++; + loop_again = 0; + goto loop; + } + len = i - start; + ADD_STRING(&str[start], len, 0); + + if (str[i] == '\0' || str[i] != history_expansion_char) { + len = j - i; + ADD_STRING(&str[i], len, 0); + if (start == 0) + ret = 0; + else + ret = 1; + break; + } + ret = _history_expand_command (str, i, (j - i), &tmp); + if (ret > 0 && tmp) { + len = strlen(tmp); + ADD_STRING(tmp, len, 1); + } + if (tmp) { + free(tmp); + tmp = NULL; + } + i = j; + } + + /* ret is 2 for "print only" option */ + if (ret == 2) { + add_history(result); +#ifdef GDB_411_HACK + /* gdb 4.11 has been shipped with readline, where */ + /* history_expand() returned -1 when the line */ + /* should not be executed; in readline 2.1+ */ + /* it should return 2 in such a case */ + ret = -1; +#endif + } + free(*output); + *output = result; + + return (ret); +} + +/* +* Return a string consisting of arguments of "str" from "start" to "end". +*/ +char * +history_arg_extract(int start, int end, const char *str) +{ + size_t i, len, max; + char **arr, *result = NULL; + + arr = history_tokenize(str); + if (!arr) + return NULL; + if (arr && *arr == NULL) + goto out; + + for (max = 0; arr[max]; max++) + continue; + max--; + + if (start == '$') + start = (int)max; + if (end == '$') + end = (int)max; + if (end < 0) + end = (int)max + end + 1; + if (start < 0) + start = end; + + if (start < 0 || end < 0 || (size_t)start > max || + (size_t)end > max || start > end) + goto out; + + for (i = start, len = 0; i <= (size_t)end; i++) + len += strlen(arr[i]) + 1; + len++; + result = malloc(len); + if (result == NULL) + goto out; + + for (i = start, len = 0; i <= (size_t)end; i++) { + (void)strcpy(result + len, arr[i]); + len += strlen(arr[i]); + if (i < (size_t)end) + result[len++] = ' '; + } + result[len] = '\0'; + +out: + for (i = 0; arr[i]; i++) + free(arr[i]); + free(arr); + + return result; +} + +/* + * Parse the string into individual tokens, + * similar to how shell would do it. + */ +char ** +history_tokenize(const char *str) +{ + int size = 1, idx = 0, i, start; + size_t len; + char **result = NULL, *temp, delim = '\0'; + + for (i = 0; str[i];) { + while (isspace((unsigned char) str[i])) + i++; + start = i; + for (; str[i];) { + if (str[i] == '\\') { + if (str[i+1] != '\0') + i++; + } else if (str[i] == delim) + delim = '\0'; + else if (!delim && + (isspace((unsigned char) str[i]) || + strchr("()<>;&|$", str[i]))) + break; + else if (!delim && strchr("'`\"", str[i])) + delim = str[i]; + if (str[i]) + i++; + } + + if (idx + 2 >= size) { + char **nresult; + size <<= 1; + nresult = realloc(result, size * sizeof(char *)); + if (nresult == NULL) { + free(result); + return NULL; + } + result = nresult; + } + len = i - start; + temp = malloc(len + 1); + if (temp == NULL) { + for (i = 0; i < idx; i++) + free(result[i]); + free(result); + return NULL; + } + (void)strncpy(temp, &str[start], len); + temp[len] = '\0'; + result[idx++] = temp; + result[idx] = NULL; + if (str[i]) + i++; + } + return (result); +} + + +/* + * limit size of history record to ``max'' events + */ +void +stifle_history(int max) +{ + HistEvent ev; + + if (h == NULL || e == NULL) + rl_initialize(); + + if (history(h, &ev, H_SETSIZE, max) == 0) + max_input_history = max; +} + + +/* + * "unlimit" size of history - set the limit to maximum allowed int value + */ +int +unstifle_history(void) +{ + HistEvent ev; + int omax; + + history(h, &ev, H_SETSIZE, INT_MAX); + omax = max_input_history; + max_input_history = INT_MAX; + return (omax); /* some value _must_ be returned */ +} + + +int +history_is_stifled(void) +{ + + /* cannot return true answer */ + return (max_input_history != INT_MAX); +} + +static const char _history_tmp_template[] = "/tmp/.historyXXXXXX"; + +int +history_truncate_file (const char *filename, int nlines) +{ + int ret = 0; + FILE *fp, *tp; + char template[sizeof(_history_tmp_template)]; + char buf[4096]; + int fd; + char *cp; + off_t off; + int count = 0; + ssize_t left = 0; + + if (filename == NULL && (filename = _default_history_file()) == NULL) + return errno; + if ((fp = fopen(filename, "r+")) == NULL) + return errno; + strcpy(template, _history_tmp_template); + if ((fd = mkstemp(template)) == -1) { + ret = errno; + goto out1; + } + + if ((tp = fdopen(fd, "r+")) == NULL) { + close(fd); + ret = errno; + goto out2; + } + + for(;;) { + if (fread(buf, sizeof(buf), 1, fp) != 1) { + if (ferror(fp)) { + ret = errno; + break; + } + if (fseeko(fp, (off_t)sizeof(buf) * count, SEEK_SET) == + (off_t)-1) { + ret = errno; + break; + } + left = fread(buf, 1, sizeof(buf), fp); + if (ferror(fp)) { + ret = errno; + break; + } + if (left == 0) { + count--; + left = sizeof(buf); + } else if (fwrite(buf, (size_t)left, 1, tp) != 1) { + ret = errno; + break; + } + fflush(tp); + break; + } + if (fwrite(buf, sizeof(buf), 1, tp) != 1) { + ret = errno; + break; + } + count++; + } + if (ret) + goto out3; + cp = buf + left - 1; + if(*cp != '\n') + cp++; + for(;;) { + while (--cp >= buf) { + if (*cp == '\n') { + if (--nlines == 0) { + if (++cp >= buf + sizeof(buf)) { + count++; + cp = buf; + } + break; + } + } + } + if (nlines <= 0 || count == 0) + break; + count--; + if (fseeko(tp, (off_t)sizeof(buf) * count, SEEK_SET) < 0) { + ret = errno; + break; + } + if (fread(buf, sizeof(buf), 1, tp) != 1) { + if (ferror(tp)) { + ret = errno; + break; + } + ret = EAGAIN; + break; + } + cp = buf + sizeof(buf); + } + + if (ret || nlines > 0) + goto out3; + + if (fseeko(fp, 0, SEEK_SET) == (off_t)-1) { + ret = errno; + goto out3; + } + + if (fseeko(tp, (off_t)sizeof(buf) * count + (cp - buf), SEEK_SET) == + (off_t)-1) { + ret = errno; + goto out3; + } + + for(;;) { + if ((left = fread(buf, 1, sizeof(buf), tp)) == 0) { + if (ferror(fp)) + ret = errno; + break; + } + if (fwrite(buf, (size_t)left, 1, fp) != 1) { + ret = errno; + break; + } + } + fflush(fp); + if((off = ftello(fp)) > 0) + (void)ftruncate(fileno(fp), off); +out3: + fclose(tp); +out2: + unlink(template); +out1: + fclose(fp); + + return ret; +} + + +/* + * read history from a file given + */ +int +read_history(const char *filename) +{ + HistEvent ev; + + if (h == NULL || e == NULL) + rl_initialize(); + if (filename == NULL && (filename = _default_history_file()) == NULL) + return errno; + return (history(h, &ev, H_LOAD, filename) == -1 ? + (errno ? errno : EINVAL) : 0); +} + + +/* + * write history to a file given + */ +int +write_history(const char *filename) +{ + HistEvent ev; + + if (h == NULL || e == NULL) + rl_initialize(); + if (filename == NULL && (filename = _default_history_file()) == NULL) + return errno; + return (history(h, &ev, H_SAVE, filename) == -1 ? + (errno ? errno : EINVAL) : 0); +} + + +/* + * returns history ``num''th event + * + * returned pointer points to static variable + */ +HIST_ENTRY * +history_get(int num) +{ + static HIST_ENTRY she; + HistEvent ev; + int curr_num; + + if (h == NULL || e == NULL) + rl_initialize(); + + /* save current position */ + if (history(h, &ev, H_CURR) != 0) + return (NULL); + curr_num = ev.num; + + /* start from the oldest */ + if (history(h, &ev, H_LAST) != 0) + return (NULL); /* error */ + + /* look forwards for event matching specified offset */ + if (history(h, &ev, H_NEXT_EVDATA, num, &she.data)) + return (NULL); + + she.line = ev.str; + + /* restore pointer to where it was */ + (void)history(h, &ev, H_SET, curr_num); + + return (&she); +} + + +/* + * add the line to history table + */ +int +add_history(const char *line) +{ + HistEvent ev; + + if (h == NULL || e == NULL) + rl_initialize(); + + (void)history(h, &ev, H_ENTER, line); + if (history(h, &ev, H_GETSIZE) == 0) + history_length = ev.num; + + return (!(history_length > 0)); /* return 0 if all is okay */ +} + + +/* + * remove the specified entry from the history list and return it. + */ +HIST_ENTRY * +remove_history(int num) +{ + HIST_ENTRY *he; + HistEvent ev; + + if (h == NULL || e == NULL) + rl_initialize(); + + if ((he = malloc(sizeof(*he))) == NULL) + return NULL; + + if (history(h, &ev, H_DELDATA, num, &he->data) != 0) { + free(he); + return NULL; + } + + he->line = ev.str; + if (history(h, &ev, H_GETSIZE) == 0) + history_length = ev.num; + + return he; +} + + +/* + * replace the line and data of the num-th entry + */ +HIST_ENTRY * +replace_history_entry(int num, const char *line, histdata_t data) +{ + HIST_ENTRY *he; + HistEvent ev; + int curr_num; + + if (h == NULL || e == NULL) + rl_initialize(); + + /* save current position */ + if (history(h, &ev, H_CURR) != 0) + return NULL; + curr_num = ev.num; + + /* start from the oldest */ + if (history(h, &ev, H_LAST) != 0) + return NULL; /* error */ + + if ((he = malloc(sizeof(*he))) == NULL) + return NULL; + + /* look forwards for event matching specified offset */ + if (history(h, &ev, H_NEXT_EVDATA, num, &he->data)) + goto out; + + he->line = strdup(ev.str); + if (he->line == NULL) + goto out; + + if (history(h, &ev, H_REPLACE, line, data)) + goto out; + + /* restore pointer to where it was */ + if (history(h, &ev, H_SET, curr_num)) + goto out; + + return he; +out: + free(he); + return NULL; +} + +/* + * clear the history list - delete all entries + */ +void +clear_history(void) +{ + HistEvent ev; + + (void)history(h, &ev, H_CLEAR); + history_length = 0; +} + + +/* + * returns offset of the current history event + */ +int +where_history(void) +{ + HistEvent ev; + int curr_num, off; + + if (history(h, &ev, H_CURR) != 0) + return (0); + curr_num = ev.num; + + (void)history(h, &ev, H_FIRST); + off = 1; + while (ev.num != curr_num && history(h, &ev, H_NEXT) == 0) + off++; + + return (off); +} + + +/* + * returns current history event or NULL if there is no such event + */ +HIST_ENTRY * +current_history(void) +{ + + return (_move_history(H_CURR)); +} + + +/* + * returns total number of bytes history events' data are using + */ +int +history_total_bytes(void) +{ + HistEvent ev; + int curr_num; + size_t size; + + if (history(h, &ev, H_CURR) != 0) + return (-1); + curr_num = ev.num; + + (void)history(h, &ev, H_FIRST); + size = 0; + do + size += strlen(ev.str) * sizeof(*ev.str); + while (history(h, &ev, H_NEXT) == 0); + + /* get to the same position as before */ + history(h, &ev, H_PREV_EVENT, curr_num); + + return (int)(size); +} + + +/* + * sets the position in the history list to ``pos'' + */ +int +history_set_pos(int pos) +{ + HistEvent ev; + int curr_num; + + if (pos >= history_length || pos < 0) + return (-1); + + (void)history(h, &ev, H_CURR); + curr_num = ev.num; + + /* + * use H_DELDATA to set to nth history (without delete) by passing + * (void **)-1 + */ + if (history(h, &ev, H_DELDATA, pos, (void **)-1)) { + (void)history(h, &ev, H_SET, curr_num); + return(-1); + } + return (0); +} + + +/* + * returns previous event in history and shifts pointer accordingly + */ +HIST_ENTRY * +previous_history(void) +{ + + return (_move_history(H_PREV)); +} + + +/* + * returns next event in history and shifts pointer accordingly + */ +HIST_ENTRY * +next_history(void) +{ + + return (_move_history(H_NEXT)); +} + + +/* + * searches for first history event containing the str + */ +int +history_search(const char *str, int direction) +{ + HistEvent ev; + const char *strp; + int curr_num; + + if (history(h, &ev, H_CURR) != 0) + return (-1); + curr_num = ev.num; + + for (;;) { + if ((strp = strstr(ev.str, str)) != NULL) + return (int) (strp - ev.str); + if (history(h, &ev, direction < 0 ? H_NEXT:H_PREV) != 0) + break; + } + (void)history(h, &ev, H_SET, curr_num); + return (-1); +} + + +/* + * searches for first history event beginning with str + */ +int +history_search_prefix(const char *str, int direction) +{ + HistEvent ev; + + return (history(h, &ev, direction < 0 ? + H_PREV_STR : H_NEXT_STR, str)); +} + + +/* + * search for event in history containing str, starting at offset + * abs(pos); continue backward, if pos<0, forward otherwise + */ +/* ARGSUSED */ +int +history_search_pos(const char *str, + int direction __attribute__((__unused__)), int pos) +{ + HistEvent ev; + int curr_num, off; + + off = (pos > 0) ? pos : -pos; + pos = (pos > 0) ? 1 : -1; + + if (history(h, &ev, H_CURR) != 0) + return (-1); + curr_num = ev.num; + + if (history_set_pos(off) != 0 || history(h, &ev, H_CURR) != 0) + return (-1); + + for (;;) { + if (strstr(ev.str, str)) + return (off); + if (history(h, &ev, (pos < 0) ? H_PREV : H_NEXT) != 0) + break; + } + + /* set "current" pointer back to previous state */ + (void)history(h, &ev, + pos < 0 ? H_NEXT_EVENT : H_PREV_EVENT, curr_num); + + return (-1); +} + + +/********************************/ +/* completion functions */ + +char * +tilde_expand(char *name) +{ + return fn_tilde_expand(name); +} + +char * +filename_completion_function(const char *name, int state) +{ + return fn_filename_completion_function(name, state); +} + +/* + * a completion generator for usernames; returns _first_ username + * which starts with supplied text + * text contains a partial username preceded by random character + * (usually '~'); state is ignored + * it's callers responsibility to free returned value + */ +char * +username_completion_function(const char *text, int state) +{ + struct passwd *pwd; + + if (text[0] == '\0') + return (NULL); + + if (*text == '~') + text++; + + if (state == 0) + setpwent(); + + while ((pwd = getpwent()) + && pwd != NULL && text[0] == pwd->pw_name[0] + && strcmp(text, pwd->pw_name) == 0); + + if (pwd == NULL) { + endpwent(); + return NULL; + } + return strdup(pwd->pw_name); +} + + +/* + * el-compatible wrapper to send TSTP on ^Z + */ +/* ARGSUSED */ +static unsigned char +_el_rl_tstp(EditLine *el __attribute__((__unused__)), int ch __attribute__((__unused__))) +{ + (void)kill(0, SIGTSTP); + return CC_NORM; +} + +/* + * Display list of strings in columnar format on readline's output stream. + * 'matches' is list of strings, 'len' is number of strings in 'matches', + * 'max' is maximum length of string in 'matches'. + */ +void +rl_display_match_list(char **matches, int len, int max) +{ + + fn_display_match_list(e, matches, (size_t)len, (size_t)max); +} + +static const char * +/*ARGSUSED*/ +_rl_completion_append_character_function(const char *dummy + __attribute__((__unused__))) +{ + static char buf[2]; + buf[0] = rl_completion_append_character; + buf[1] = '\0'; + return buf; +} + + +/* + * complete word at current point + */ +/* ARGSUSED */ +int +rl_complete(int ignore __attribute__((__unused__)), int invoking_key) +{ +#ifdef WIDECHAR + static ct_buffer_t wbreak_conv, sprefix_conv; +#endif + + if (h == NULL || e == NULL) + rl_initialize(); + + if (rl_inhibit_completion) { + char arr[2]; + arr[0] = (char)invoking_key; + arr[1] = '\0'; + el_insertstr(e, arr); + return (CC_REFRESH); + } + + /* Just look at how many global variables modify this operation! */ + return fn_complete(e, + (CPFunction *)rl_completion_entry_function, + rl_attempted_completion_function, + ct_decode_string(rl_basic_word_break_characters, &wbreak_conv), + ct_decode_string(rl_special_prefixes, &sprefix_conv), + _rl_completion_append_character_function, + (size_t)rl_completion_query_items, + &rl_completion_type, &rl_attempted_completion_over, + &rl_point, &rl_end); + + +} + + +/* ARGSUSED */ +static unsigned char +_el_rl_complete(EditLine *el __attribute__((__unused__)), int ch) +{ + return (unsigned char)rl_complete(0, ch); +} + +/* + * misc other functions + */ + +/* + * bind key c to readline-type function func + */ +int +rl_bind_key(int c, rl_command_func_t *func) +{ + int retval = -1; + + if (h == NULL || e == NULL) + rl_initialize(); + + if (func == rl_insert) { + /* XXX notice there is no range checking of ``c'' */ + e->el_map.key[c] = ED_INSERT; + retval = 0; + } + return (retval); +} + + +/* + * read one key from input - handles chars pushed back + * to input stream also + */ +int +rl_read_key(void) +{ + char fooarr[2 * sizeof(int)]; + + if (e == NULL || h == NULL) + rl_initialize(); + + return (el_getc(e, fooarr)); +} + + +/* + * reset the terminal + */ +/* ARGSUSED */ +void +rl_reset_terminal(const char *p __attribute__((__unused__))) +{ + + if (h == NULL || e == NULL) + rl_initialize(); + el_reset(e); +} + + +/* + * insert character ``c'' back into input stream, ``count'' times + */ +int +rl_insert(int count, int c) +{ + char arr[2]; + + if (h == NULL || e == NULL) + rl_initialize(); + + /* XXX - int -> char conversion can lose on multichars */ + arr[0] = c; + arr[1] = '\0'; + + for (; count > 0; count--) + el_push(e, arr); + + return (0); +} + +int +rl_insert_text(const char *text) +{ + if (!text || *text == 0) + return (0); + + if (h == NULL || e == NULL) + rl_initialize(); + + if (el_insertstr(e, text) < 0) + return (0); + return (int)strlen(text); +} + +/*ARGSUSED*/ +int +rl_newline(int count, int c) +{ + /* + * Readline-4.0 appears to ignore the args. + */ + return rl_insert(1, '\n'); +} + +/*ARGSUSED*/ +static unsigned char +rl_bind_wrapper(EditLine *el, unsigned char c) +{ + if (map[c] == NULL) + return CC_ERROR; + + _rl_update_pos(); + + (*map[c])(NULL, c); + + /* If rl_done was set by the above call, deal with it here */ + if (rl_done) + return CC_EOF; + + return CC_NORM; +} + +int +rl_add_defun(const char *name, Function *fun, int c) +{ + char dest[8]; + if ((size_t)c >= sizeof(map) / sizeof(map[0]) || c < 0) + return -1; + map[(unsigned char)c] = fun; + el_set(e, EL_ADDFN, name, name, rl_bind_wrapper); + vis(dest, c, VIS_WHITE|VIS_NOSLASH, 0); + el_set(e, EL_BIND, dest, name); + return 0; +} + +void +rl_callback_read_char() +{ + int count = 0, done = 0; + const char *buf = el_gets(e, &count); + char *wbuf; + + if (buf == NULL || count-- <= 0) + return; + if (count == 0 && buf[0] == e->el_tty.t_c[TS_IO][C_EOF]) + done = 1; + if (buf[count] == '\n' || buf[count] == '\r') + done = 2; + + if (done && rl_linefunc != NULL) { + el_set(e, EL_UNBUFFERED, 0); + if (done == 2) { + if ((wbuf = strdup(buf)) != NULL) + wbuf[count] = '\0'; + } else + wbuf = NULL; + (*(void (*)(const char *))rl_linefunc)(wbuf); + //el_set(e, EL_UNBUFFERED, 1); + } +} + +void +rl_callback_handler_install(const char *prompt, VCPFunction *linefunc) +{ + if (e == NULL) { + rl_initialize(); + } + (void)rl_set_prompt(prompt); + rl_linefunc = linefunc; + el_set(e, EL_UNBUFFERED, 1); +} + +void +rl_callback_handler_remove(void) +{ + el_set(e, EL_UNBUFFERED, 0); + rl_linefunc = NULL; +} + +void +rl_redisplay(void) +{ + char a[2]; + a[0] = e->el_tty.t_c[TS_IO][C_REPRINT]; + a[1] = '\0'; + el_push(e, a); +} + +int +rl_get_previous_history(int count, int key) +{ + char a[2]; + a[0] = key; + a[1] = '\0'; + while (count--) + el_push(e, a); + return 0; +} + +void +/*ARGSUSED*/ +rl_prep_terminal(int meta_flag) +{ + el_set(e, EL_PREP_TERM, 1); +} + +void +rl_deprep_terminal(void) +{ + el_set(e, EL_PREP_TERM, 0); +} + +int +rl_read_init_file(const char *s) +{ + return(el_source(e, s)); +} + +int +rl_parse_and_bind(const char *line) +{ + const char **argv; + int argc; + Tokenizer *tok; + + tok = tok_init(NULL); + tok_str(tok, line, &argc, &argv); + argc = el_parse(e, argc, argv); + tok_end(tok); + return (argc ? 1 : 0); +} + +int +rl_variable_bind(const char *var, const char *value) +{ + /* + * The proper return value is undocument, but this is what the + * readline source seems to do. + */ + return ((el_set(e, EL_BIND, "", var, value) == -1) ? 1 : 0); +} + +void +rl_stuff_char(int c) +{ + char buf[2]; + + buf[0] = c; + buf[1] = '\0'; + el_insertstr(e, buf); +} + +static int +_rl_event_read_char(EditLine *el, char *cp) +{ + int n; + ssize_t num_read = 0; + + *cp = '\0'; + while (rl_event_hook) { + + (*rl_event_hook)(); + +#if defined(FIONREAD) + if (ioctl(el->el_infd, FIONREAD, &n) < 0) + return(-1); + if (n) + num_read = read(el->el_infd, cp, 1); + else + num_read = 0; +#elif defined(F_SETFL) && defined(O_NDELAY) + if ((n = fcntl(el->el_infd, F_GETFL, 0)) < 0) + return(-1); + if (fcntl(el->el_infd, F_SETFL, n|O_NDELAY) < 0) + return(-1); + num_read = read(el->el_infd, cp, 1); + if (fcntl(el->el_infd, F_SETFL, n)) + return(-1); +#else + /* not non-blocking, but what you gonna do? */ + num_read = read(el->el_infd, cp, 1); + return(-1); +#endif + + if (num_read < 0 && errno == EAGAIN) + continue; + if (num_read == 0) + continue; + break; + } + if (!rl_event_hook) + el_set(el, EL_GETCFN, EL_BUILTIN_GETCFN); + return (int)num_read; +} + +static void +_rl_update_pos(void) +{ + const LineInfo *li = el_line(e); + + rl_point = (int)(li->cursor - li->buffer); + rl_end = (int)(li->lastchar - li->buffer); +} + +void +rl_get_screen_size(int *rows, int *cols) +{ + if (rows) + el_get(e, EL_GETTC, "li", rows); + if (cols) + el_get(e, EL_GETTC, "co", cols); +} + +void +rl_set_screen_size(int rows, int cols) +{ + char buf[64]; + (void)snprintf(buf, sizeof(buf), "%d", rows); + el_set(e, EL_SETTC, "li", buf); + (void)snprintf(buf, sizeof(buf), "%d", cols); + el_set(e, EL_SETTC, "co", buf); +} + +char ** +rl_completion_matches(const char *str, rl_compentry_func_t *fun) +{ + size_t len, max, i, j, min; + char **list, *match, *a, *b; + + len = 1; + max = 10; + if ((list = malloc(max * sizeof(*list))) == NULL) + return NULL; + + while ((match = (*fun)(str, (int)(len - 1))) != NULL) { + list[len++] = match; + if (len == max) { + char **nl; + max += 10; + if ((nl = realloc(list, max * sizeof(*nl))) == NULL) + goto out; + list = nl; + } + } + if (len == 1) + goto out; + list[len] = NULL; + if (len == 2) { + if ((list[0] = strdup(list[1])) == NULL) + goto out; + return list; + } + qsort(&list[1], len - 1, sizeof(*list), + (int (*)(const void *, const void *)) strcmp); + min = SIZE_T_MAX; + for (i = 1, a = list[i]; i < len - 1; i++, a = b) { + b = list[i + 1]; + for (j = 0; a[j] && a[j] == b[j]; j++) + continue; + if (min > j) + min = j; + } + if (min == 0 && *str) { + if ((list[0] = strdup(str)) == NULL) + goto out; + } else { + if ((list[0] = malloc(min + 1)) == NULL) + goto out; + (void)memcpy(list[0], list[1], min); + list[0][min] = '\0'; + } + return list; + +out: + free(list); + return NULL; +} + +char * +rl_filename_completion_function (const char *text, int state) +{ + return fn_filename_completion_function(text, state); +} + +void +rl_forced_update_display(void) +{ + el_set(e, EL_REFRESH); +} + +int +_rl_abort_internal(void) +{ + el_beep(e); + longjmp(topbuf, 1); + /*NOTREACHED*/ +} + +int +_rl_qsort_string_compare(char **s1, char **s2) +{ + return strcoll(*s1, *s2); +} + +HISTORY_STATE * +history_get_history_state(void) +{ + HISTORY_STATE *hs; + + if ((hs = malloc(sizeof(HISTORY_STATE))) == NULL) + return (NULL); + hs->length = history_length; + return (hs); +} + +int +/*ARGSUSED*/ +rl_kill_text(int from, int to) +{ + return 0; +} + +Keymap +rl_make_bare_keymap(void) +{ + return NULL; +} + +Keymap +rl_get_keymap(void) +{ + return NULL; +} + +void +/*ARGSUSED*/ +rl_set_keymap(Keymap k) +{ +} + +int +/*ARGSUSED*/ +rl_generic_bind(int type, const char * keyseq, const char * data, Keymap k) +{ + return 0; +} + +int +/*ARGSUSED*/ +rl_bind_key_in_map(int key, rl_command_func_t *fun, Keymap k) +{ + return 0; +} + +/* unsupported, but needed by python */ +void +rl_cleanup_after_signal(void) +{ +} + +int +rl_on_new_line(void) +{ + return 0; +} diff --git a/lib/libedit/src/refresh.c b/lib/libedit/src/refresh.c new file mode 100644 index 000000000000..7f35ce1536bb --- /dev/null +++ b/lib/libedit/src/refresh.c @@ -0,0 +1,1183 @@ +/* $NetBSD: refresh.c,v 1.35 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)refresh.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: refresh.c,v 1.35 2009/12/30 22:37:40 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * refresh.c: Lower level screen refreshing functions + */ +#include +#include +#include +#include + +#include "el.h" + +private void re_nextline(EditLine *); +private void re_addc(EditLine *, Int); +private void re_update_line(EditLine *, Char *, Char *, int); +private void re_insert (EditLine *, Char *, int, int, Char *, int); +private void re_delete(EditLine *, Char *, int, int, int); +private void re_fastputc(EditLine *, Int); +private void re_clear_eol(EditLine *, int, int, int); +private void re__strncopy(Char *, Char *, size_t); +private void re__copy_and_pad(Char *, const Char *, size_t); + +#ifdef DEBUG_REFRESH +private void re_printstr(EditLine *, const char *, char *, char *); +#define __F el->el_errfile +#define ELRE_ASSERT(a, b, c) do \ + if (/*CONSTCOND*/ a) { \ + (void) fprintf b; \ + c; \ + } \ + while (/*CONSTCOND*/0) +#define ELRE_DEBUG(a, b) ELRE_ASSERT(a,b,;) + +/* re_printstr(): + * Print a string on the debugging pty + */ +private void +re_printstr(EditLine *el, const char *str, char *f, char *t) +{ + + ELRE_DEBUG(1, (__F, "%s:\"", str)); + while (f < t) + ELRE_DEBUG(1, (__F, "%c", *f++ & 0177)); + ELRE_DEBUG(1, (__F, "\"\r\n")); +} +#else +#define ELRE_ASSERT(a, b, c) +#define ELRE_DEBUG(a, b) +#endif + +/* re_nextline(): + * Move to the next line or scroll + */ +private void +re_nextline(EditLine *el) +{ + el->el_refresh.r_cursor.h = 0; /* reset it. */ + + /* + * If we would overflow (input is longer than terminal size), + * emulate scroll by dropping first line and shuffling the rest. + * We do this via pointer shuffling - it's safe in this case + * and we avoid memcpy(). + */ + if (el->el_refresh.r_cursor.v + 1 >= el->el_term.t_size.v) { + int i, lins = el->el_term.t_size.v; + Char *firstline = el->el_vdisplay[0]; + + for(i = 1; i < lins; i++) + el->el_vdisplay[i - 1] = el->el_vdisplay[i]; + + firstline[0] = '\0'; /* empty the string */ + el->el_vdisplay[i - 1] = firstline; + } else + el->el_refresh.r_cursor.v++; + + ELRE_ASSERT(el->el_refresh.r_cursor.v >= el->el_term.t_size.v, + (__F, "\r\nre_putc: overflow! r_cursor.v == %d > %d\r\n", + el->el_refresh.r_cursor.v, el->el_term.t_size.v), + abort()); +} + +/* re_addc(): + * Draw c, expanding tabs, control chars etc. + */ +private void +re_addc(EditLine *el, Int c) +{ + switch (ct_chr_class((Char)c)) { + case CHTYPE_TAB: /* expand the tab */ + for (;;) { + re_putc(el, ' ', 1); + if ((el->el_refresh.r_cursor.h & 07) == 0) + break; /* go until tab stop */ + } + break; + case CHTYPE_NL: { + int oldv = el->el_refresh.r_cursor.v; + re_putc(el, '\0', 0); /* assure end of line */ + if (oldv == el->el_refresh.r_cursor.v) /* XXX */ + re_nextline(el); + break; + } + case CHTYPE_PRINT: + re_putc(el, c, 1); + break; + default: { + Char visbuf[VISUAL_WIDTH_MAX]; + ssize_t i, n = + ct_visual_char(visbuf, VISUAL_WIDTH_MAX, (Char)c); + for (i = 0; n-- > 0; ++i) + re_putc(el, visbuf[i], 1); + break; + } + } +} + + +/* re_putc(): + * Draw the character given + */ +protected void +re_putc(EditLine *el, Int c, int shift) +{ + int i, w = Width(c); + ELRE_DEBUG(1, (__F, "printing %5x '%c'\r\n", c, c)); + + while (shift && (el->el_refresh.r_cursor.h + w > el->el_term.t_size.h)) + re_putc(el, ' ', 1); + + el->el_vdisplay[el->el_refresh.r_cursor.v] + [el->el_refresh.r_cursor.h] = c; + /* assumes !shift is only used for single-column chars */ + i = w; + while (--i > 0) + el->el_vdisplay[el->el_refresh.r_cursor.v] + [el->el_refresh.r_cursor.h + i] = MB_FILL_CHAR; + + if (!shift) + return; + + el->el_refresh.r_cursor.h += w; /* advance to next place */ + if (el->el_refresh.r_cursor.h >= el->el_term.t_size.h) { + /* assure end of line */ + el->el_vdisplay[el->el_refresh.r_cursor.v][el->el_term.t_size.h] + = '\0'; + re_nextline(el); + } +} + + +/* re_refresh(): + * draws the new virtual screen image from the current input + * line, then goes line-by-line changing the real image to the new + * virtual image. The routine to re-draw a line can be replaced + * easily in hopes of a smarter one being placed there. + */ +protected void +re_refresh(EditLine *el) +{ + int i, rhdiff; + Char *cp, *st; + coord_t cur; +#ifdef notyet + size_t termsz; +#endif + + ELRE_DEBUG(1, (__F, "el->el_line.buffer = :%s:\r\n", + el->el_line.buffer)); + + /* reset the Drawing cursor */ + el->el_refresh.r_cursor.h = 0; + el->el_refresh.r_cursor.v = 0; + + /* temporarily draw rprompt to calculate its size */ + prompt_print(el, EL_RPROMPT); + + /* reset the Drawing cursor */ + el->el_refresh.r_cursor.h = 0; + el->el_refresh.r_cursor.v = 0; + + if (el->el_line.cursor >= el->el_line.lastchar) { + if (el->el_map.current == el->el_map.alt + && el->el_line.lastchar != el->el_line.buffer) + el->el_line.cursor = el->el_line.lastchar - 1; + else + el->el_line.cursor = el->el_line.lastchar; + } + + cur.h = -1; /* set flag in case I'm not set */ + cur.v = 0; + + prompt_print(el, EL_PROMPT); + + /* draw the current input buffer */ +#if notyet + termsz = el->el_term.t_size.h * el->el_term.t_size.v; + if (el->el_line.lastchar - el->el_line.buffer > termsz) { + /* + * If line is longer than terminal, process only part + * of line which would influence display. + */ + size_t rem = (el->el_line.lastchar-el->el_line.buffer)%termsz; + + st = el->el_line.lastchar - rem + - (termsz - (((rem / el->el_term.t_size.v) - 1) + * el->el_term.t_size.v)); + } else +#endif + st = el->el_line.buffer; + + for (cp = st; cp < el->el_line.lastchar; cp++) { + if (cp == el->el_line.cursor) { + int w = Width(*cp); + /* save for later */ + cur.h = el->el_refresh.r_cursor.h; + cur.v = el->el_refresh.r_cursor.v; + /* handle being at a linebroken doublewidth char */ + if (w > 1 && el->el_refresh.r_cursor.h + w > + el->el_term.t_size.h) { + cur.h = 0; + cur.v++; + } + } + re_addc(el, *cp); + } + + if (cur.h == -1) { /* if I haven't been set yet, I'm at the end */ + cur.h = el->el_refresh.r_cursor.h; + cur.v = el->el_refresh.r_cursor.v; + } + rhdiff = el->el_term.t_size.h - el->el_refresh.r_cursor.h - + el->el_rprompt.p_pos.h; + if (el->el_rprompt.p_pos.h && !el->el_rprompt.p_pos.v && + !el->el_refresh.r_cursor.v && rhdiff > 1) { + /* + * have a right-hand side prompt that will fit + * on the end of the first line with at least + * one character gap to the input buffer. + */ + while (--rhdiff > 0) /* pad out with spaces */ + re_putc(el, ' ', 1); + prompt_print(el, EL_RPROMPT); + } else { + el->el_rprompt.p_pos.h = 0; /* flag "not using rprompt" */ + el->el_rprompt.p_pos.v = 0; + } + + re_putc(el, '\0', 0); /* make line ended with NUL, no cursor shift */ + + el->el_refresh.r_newcv = el->el_refresh.r_cursor.v; + + ELRE_DEBUG(1, (__F, + "term.h=%d vcur.h=%d vcur.v=%d vdisplay[0]=\r\n:%80.80s:\r\n", + el->el_term.t_size.h, el->el_refresh.r_cursor.h, + el->el_refresh.r_cursor.v, ct_encode_string(el->el_vdisplay[0]))); + + ELRE_DEBUG(1, (__F, "updating %d lines.\r\n", el->el_refresh.r_newcv)); + for (i = 0; i <= el->el_refresh.r_newcv; i++) { + /* NOTE THAT re_update_line MAY CHANGE el_display[i] */ + re_update_line(el, el->el_display[i], el->el_vdisplay[i], i); + + /* + * Copy the new line to be the current one, and pad out with + * spaces to the full width of the terminal so that if we try + * moving the cursor by writing the character that is at the + * end of the screen line, it won't be a NUL or some old + * leftover stuff. + */ + re__copy_and_pad(el->el_display[i], el->el_vdisplay[i], + (size_t) el->el_term.t_size.h); + } + ELRE_DEBUG(1, (__F, + "\r\nel->el_refresh.r_cursor.v=%d,el->el_refresh.r_oldcv=%d i=%d\r\n", + el->el_refresh.r_cursor.v, el->el_refresh.r_oldcv, i)); + + if (el->el_refresh.r_oldcv > el->el_refresh.r_newcv) + for (; i <= el->el_refresh.r_oldcv; i++) { + term_move_to_line(el, i); + term_move_to_char(el, 0); + /* This Strlen should be safe even with MB_FILL_CHARs */ + term_clear_EOL(el, (int) Strlen(el->el_display[i])); +#ifdef DEBUG_REFRESH + term_overwrite(el, "C\b", (size_t)2); +#endif /* DEBUG_REFRESH */ + el->el_display[i][0] = '\0'; + } + + el->el_refresh.r_oldcv = el->el_refresh.r_newcv; /* set for next time */ + ELRE_DEBUG(1, (__F, + "\r\ncursor.h = %d, cursor.v = %d, cur.h = %d, cur.v = %d\r\n", + el->el_refresh.r_cursor.h, el->el_refresh.r_cursor.v, + cur.h, cur.v)); + term_move_to_line(el, cur.v); /* go to where the cursor is */ + term_move_to_char(el, cur.h); +} + + +/* re_goto_bottom(): + * used to go to last used screen line + */ +protected void +re_goto_bottom(EditLine *el) +{ + + term_move_to_line(el, el->el_refresh.r_oldcv); + term__putc(el, '\n'); + re_clear_display(el); + term__flush(el); +} + + +/* re_insert(): + * insert num characters of s into d (in front of the character) + * at dat, maximum length of d is dlen + */ +private void +/*ARGSUSED*/ +re_insert(EditLine *el __attribute__((__unused__)), + Char *d, int dat, int dlen, Char *s, int num) +{ + Char *a, *b; + + if (num <= 0) + return; + if (num > dlen - dat) + num = dlen - dat; + + ELRE_DEBUG(1, + (__F, "re_insert() starting: %d at %d max %d, d == \"%s\"\n", + num, dat, dlen, ct_encode_string(d))); + ELRE_DEBUG(1, (__F, "s == \"%s\"\n", ct_encode_string(s))); + + /* open up the space for num chars */ + if (num > 0) { + b = d + dlen - 1; + a = b - num; + while (a >= &d[dat]) + *b-- = *a--; + d[dlen] = '\0'; /* just in case */ + } + + ELRE_DEBUG(1, (__F, + "re_insert() after insert: %d at %d max %d, d == \"%s\"\n", + num, dat, dlen, ct_encode_string(d))); + ELRE_DEBUG(1, (__F, "s == \"%s\"\n", ct_encode_string(s))); + + /* copy the characters */ + for (a = d + dat; (a < d + dlen) && (num > 0); num--) + *a++ = *s++; + +#ifdef notyet + /* ct_encode_string() uses a static buffer, so we can't conveniently + * encode both d & s here */ + ELRE_DEBUG(1, + (__F, "re_insert() after copy: %d at %d max %d, %s == \"%s\"\n", + num, dat, dlen, d, s)); + ELRE_DEBUG(1, (__F, "s == \"%s\"\n", s)); +#endif +} + + +/* re_delete(): + * delete num characters d at dat, maximum length of d is dlen + */ +private void +/*ARGSUSED*/ +re_delete(EditLine *el __attribute__((__unused__)), + Char *d, int dat, int dlen, int num) +{ + Char *a, *b; + + if (num <= 0) + return; + if (dat + num >= dlen) { + d[dat] = '\0'; + return; + } + ELRE_DEBUG(1, + (__F, "re_delete() starting: %d at %d max %d, d == \"%s\"\n", + num, dat, dlen, ct_encode_string(d))); + + /* open up the space for num chars */ + if (num > 0) { + b = d + dat; + a = b + num; + while (a < &d[dlen]) + *b++ = *a++; + d[dlen] = '\0'; /* just in case */ + } + ELRE_DEBUG(1, + (__F, "re_delete() after delete: %d at %d max %d, d == \"%s\"\n", + num, dat, dlen, ct_encode_string(d))); +} + + +/* re__strncopy(): + * Like strncpy without padding. + */ +private void +re__strncopy(Char *a, Char *b, size_t n) +{ + + while (n-- && *b) + *a++ = *b++; +} + +/* re_clear_eol(): + * Find the number of characters we need to clear till the end of line + * in order to make sure that we have cleared the previous contents of + * the line. fx and sx is the number of characters inserted or deleted + * in the first or second diff, diff is the difference between the + * number of characters between the new and old line. + */ +private void +re_clear_eol(EditLine *el, int fx, int sx, int diff) +{ + + ELRE_DEBUG(1, (__F, "re_clear_eol sx %d, fx %d, diff %d\n", + sx, fx, diff)); + + if (fx < 0) + fx = -fx; + if (sx < 0) + sx = -sx; + if (fx > diff) + diff = fx; + if (sx > diff) + diff = sx; + + ELRE_DEBUG(1, (__F, "re_clear_eol %d\n", diff)); + term_clear_EOL(el, diff); +} + +/***************************************************************** + re_update_line() is based on finding the middle difference of each line + on the screen; vis: + + /old first difference + /beginning of line | /old last same /old EOL + v v v v +old: eddie> Oh, my little gruntle-buggy is to me, as lurgid as +new: eddie> Oh, my little buggy says to me, as lurgid as + ^ ^ ^ ^ + \beginning of line | \new last same \new end of line + \new first difference + + all are character pointers for the sake of speed. Special cases for + no differences, as well as for end of line additions must be handled. +**************************************************************** */ + +/* Minimum at which doing an insert it "worth it". This should be about + * half the "cost" of going into insert mode, inserting a character, and + * going back out. This should really be calculated from the termcap + * data... For the moment, a good number for ANSI terminals. + */ +#define MIN_END_KEEP 4 + +private void +re_update_line(EditLine *el, Char *old, Char *new, int i) +{ + Char *o, *n, *p, c; + Char *ofd, *ols, *oe, *nfd, *nls, *ne; + Char *osb, *ose, *nsb, *nse; + int fx, sx; + size_t len; + + /* + * find first diff + */ + for (o = old, n = new; *o && (*o == *n); o++, n++) + continue; + ofd = o; + nfd = n; + + /* + * Find the end of both old and new + */ + while (*o) + o++; + /* + * Remove any trailing blanks off of the end, being careful not to + * back up past the beginning. + */ + while (ofd < o) { + if (o[-1] != ' ') + break; + o--; + } + oe = o; + *oe = '\0'; + + while (*n) + n++; + + /* remove blanks from end of new */ + while (nfd < n) { + if (n[-1] != ' ') + break; + n--; + } + ne = n; + *ne = '\0'; + + /* + * if no diff, continue to next line of redraw + */ + if (*ofd == '\0' && *nfd == '\0') { + ELRE_DEBUG(1, (__F, "no difference.\r\n")); + return; + } + /* + * find last same pointer + */ + while ((o > ofd) && (n > nfd) && (*--o == *--n)) + continue; + ols = ++o; + nls = ++n; + + /* + * find same begining and same end + */ + osb = ols; + nsb = nls; + ose = ols; + nse = nls; + + /* + * case 1: insert: scan from nfd to nls looking for *ofd + */ + if (*ofd) { + for (c = *ofd, n = nfd; n < nls; n++) { + if (c == *n) { + for (o = ofd, p = n; + p < nls && o < ols && *o == *p; + o++, p++) + continue; + /* + * if the new match is longer and it's worth + * keeping, then we take it + */ + if (((nse - nsb) < (p - n)) && + (2 * (p - n) > n - nfd)) { + nsb = n; + nse = p; + osb = ofd; + ose = o; + } + } + } + } + /* + * case 2: delete: scan from ofd to ols looking for *nfd + */ + if (*nfd) { + for (c = *nfd, o = ofd; o < ols; o++) { + if (c == *o) { + for (n = nfd, p = o; + p < ols && n < nls && *p == *n; + p++, n++) + continue; + /* + * if the new match is longer and it's worth + * keeping, then we take it + */ + if (((ose - osb) < (p - o)) && + (2 * (p - o) > o - ofd)) { + nsb = nfd; + nse = n; + osb = o; + ose = p; + } + } + } + } + /* + * Pragmatics I: If old trailing whitespace or not enough characters to + * save to be worth it, then don't save the last same info. + */ + if ((oe - ols) < MIN_END_KEEP) { + ols = oe; + nls = ne; + } + /* + * Pragmatics II: if the terminal isn't smart enough, make the data + * dumber so the smart update doesn't try anything fancy + */ + + /* + * fx is the number of characters we need to insert/delete: in the + * beginning to bring the two same begins together + */ + fx = (int)((nsb - nfd) - (osb - ofd)); + /* + * sx is the number of characters we need to insert/delete: in the + * end to bring the two same last parts together + */ + sx = (int)((nls - nse) - (ols - ose)); + + if (!EL_CAN_INSERT) { + if (fx > 0) { + osb = ols; + ose = ols; + nsb = nls; + nse = nls; + } + if (sx > 0) { + ols = oe; + nls = ne; + } + if ((ols - ofd) < (nls - nfd)) { + ols = oe; + nls = ne; + } + } + if (!EL_CAN_DELETE) { + if (fx < 0) { + osb = ols; + ose = ols; + nsb = nls; + nse = nls; + } + if (sx < 0) { + ols = oe; + nls = ne; + } + if ((ols - ofd) > (nls - nfd)) { + ols = oe; + nls = ne; + } + } + /* + * Pragmatics III: make sure the middle shifted pointers are correct if + * they don't point to anything (we may have moved ols or nls). + */ + /* if the change isn't worth it, don't bother */ + /* was: if (osb == ose) */ + if ((ose - osb) < MIN_END_KEEP) { + osb = ols; + ose = ols; + nsb = nls; + nse = nls; + } + /* + * Now that we are done with pragmatics we recompute fx, sx + */ + fx = (int)((nsb - nfd) - (osb - ofd)); + sx = (int)((nls - nse) - (ols - ose)); + + ELRE_DEBUG(1, (__F, "fx %d, sx %d\n", fx, sx)); + ELRE_DEBUG(1, (__F, "ofd %d, osb %d, ose %d, ols %d, oe %d\n", + ofd - old, osb - old, ose - old, ols - old, oe - old)); + ELRE_DEBUG(1, (__F, "nfd %d, nsb %d, nse %d, nls %d, ne %d\n", + nfd - new, nsb - new, nse - new, nls - new, ne - new)); + ELRE_DEBUG(1, (__F, + "xxx-xxx:\"00000000001111111111222222222233333333334\"\r\n")); + ELRE_DEBUG(1, (__F, + "xxx-xxx:\"01234567890123456789012345678901234567890\"\r\n")); +#ifdef DEBUG_REFRESH + re_printstr(el, "old- oe", old, oe); + re_printstr(el, "new- ne", new, ne); + re_printstr(el, "old-ofd", old, ofd); + re_printstr(el, "new-nfd", new, nfd); + re_printstr(el, "ofd-osb", ofd, osb); + re_printstr(el, "nfd-nsb", nfd, nsb); + re_printstr(el, "osb-ose", osb, ose); + re_printstr(el, "nsb-nse", nsb, nse); + re_printstr(el, "ose-ols", ose, ols); + re_printstr(el, "nse-nls", nse, nls); + re_printstr(el, "ols- oe", ols, oe); + re_printstr(el, "nls- ne", nls, ne); +#endif /* DEBUG_REFRESH */ + + /* + * el_cursor.v to this line i MUST be in this routine so that if we + * don't have to change the line, we don't move to it. el_cursor.h to + * first diff char + */ + term_move_to_line(el, i); + + /* + * at this point we have something like this: + * + * /old /ofd /osb /ose /ols /oe + * v.....................v v..................v v........v + * eddie> Oh, my fredded gruntle-buggy is to me, as foo var lurgid as + * eddie> Oh, my fredded quiux buggy is to me, as gruntle-lurgid as + * ^.....................^ ^..................^ ^........^ + * \new \nfd \nsb \nse \nls \ne + * + * fx is the difference in length between the chars between nfd and + * nsb, and the chars between ofd and osb, and is thus the number of + * characters to delete if < 0 (new is shorter than old, as above), + * or insert (new is longer than short). + * + * sx is the same for the second differences. + */ + + /* + * if we have a net insert on the first difference, AND inserting the + * net amount ((nsb-nfd) - (osb-ofd)) won't push the last useful + * character (which is ne if nls != ne, otherwise is nse) off the edge + * of the screen (el->el_term.t_size.h) else we do the deletes first + * so that we keep everything we need to. + */ + + /* + * if the last same is the same like the end, there is no last same + * part, otherwise we want to keep the last same part set p to the + * last useful old character + */ + p = (ols != oe) ? oe : ose; + + /* + * if (There is a diffence in the beginning) && (we need to insert + * characters) && (the number of characters to insert is less than + * the term width) + * We need to do an insert! + * else if (we need to delete characters) + * We need to delete characters! + * else + * No insert or delete + */ + if ((nsb != nfd) && fx > 0 && + ((p - old) + fx <= el->el_term.t_size.h)) { + ELRE_DEBUG(1, + (__F, "first diff insert at %d...\r\n", nfd - new)); + /* + * Move to the first char to insert, where the first diff is. + */ + term_move_to_char(el, (int)(nfd - new)); + /* + * Check if we have stuff to keep at end + */ + if (nsb != ne) { + ELRE_DEBUG(1, (__F, "with stuff to keep at end\r\n")); + /* + * insert fx chars of new starting at nfd + */ + if (fx > 0) { + ELRE_DEBUG(!EL_CAN_INSERT, (__F, + "ERROR: cannot insert in early first diff\n")); + term_insertwrite(el, nfd, fx); + re_insert(el, old, (int)(ofd - old), + el->el_term.t_size.h, nfd, fx); + } + /* + * write (nsb-nfd) - fx chars of new starting at + * (nfd + fx) + */ + len = (size_t) ((nsb - nfd) - fx); + term_overwrite(el, (nfd + fx), len); + re__strncopy(ofd + fx, nfd + fx, len); + } else { + ELRE_DEBUG(1, (__F, "without anything to save\r\n")); + len = (size_t)(nsb - nfd); + term_overwrite(el, nfd, len); + re__strncopy(ofd, nfd, len); + /* + * Done + */ + return; + } + } else if (fx < 0) { + ELRE_DEBUG(1, + (__F, "first diff delete at %d...\r\n", ofd - old)); + /* + * move to the first char to delete where the first diff is + */ + term_move_to_char(el, (int)(ofd - old)); + /* + * Check if we have stuff to save + */ + if (osb != oe) { + ELRE_DEBUG(1, (__F, "with stuff to save at end\r\n")); + /* + * fx is less than zero *always* here but we check + * for code symmetry + */ + if (fx < 0) { + ELRE_DEBUG(!EL_CAN_DELETE, (__F, + "ERROR: cannot delete in first diff\n")); + term_deletechars(el, -fx); + re_delete(el, old, (int)(ofd - old), + el->el_term.t_size.h, -fx); + } + /* + * write (nsb-nfd) chars of new starting at nfd + */ + len = (size_t) (nsb - nfd); + term_overwrite(el, nfd, len); + re__strncopy(ofd, nfd, len); + + } else { + ELRE_DEBUG(1, (__F, + "but with nothing left to save\r\n")); + /* + * write (nsb-nfd) chars of new starting at nfd + */ + term_overwrite(el, nfd, (size_t)(nsb - nfd)); + re_clear_eol(el, fx, sx, + (int)((oe - old) - (ne - new))); + /* + * Done + */ + return; + } + } else + fx = 0; + + if (sx < 0 && (ose - old) + fx < el->el_term.t_size.h) { + ELRE_DEBUG(1, (__F, + "second diff delete at %d...\r\n", (ose - old) + fx)); + /* + * Check if we have stuff to delete + */ + /* + * fx is the number of characters inserted (+) or deleted (-) + */ + + term_move_to_char(el, (int)((ose - old) + fx)); + /* + * Check if we have stuff to save + */ + if (ols != oe) { + ELRE_DEBUG(1, (__F, "with stuff to save at end\r\n")); + /* + * Again a duplicate test. + */ + if (sx < 0) { + ELRE_DEBUG(!EL_CAN_DELETE, (__F, + "ERROR: cannot delete in second diff\n")); + term_deletechars(el, -sx); + } + /* + * write (nls-nse) chars of new starting at nse + */ + term_overwrite(el, nse, (size_t)(nls - nse)); + } else { + ELRE_DEBUG(1, (__F, + "but with nothing left to save\r\n")); + term_overwrite(el, nse, (size_t)(nls - nse)); + re_clear_eol(el, fx, sx, + (int)((oe - old) - (ne - new))); + } + } + /* + * if we have a first insert AND WE HAVEN'T ALREADY DONE IT... + */ + if ((nsb != nfd) && (osb - ofd) <= (nsb - nfd) && (fx == 0)) { + ELRE_DEBUG(1, (__F, "late first diff insert at %d...\r\n", + nfd - new)); + + term_move_to_char(el, (int)(nfd - new)); + /* + * Check if we have stuff to keep at the end + */ + if (nsb != ne) { + ELRE_DEBUG(1, (__F, "with stuff to keep at end\r\n")); + /* + * We have to recalculate fx here because we set it + * to zero above as a flag saying that we hadn't done + * an early first insert. + */ + fx = (int)((nsb - nfd) - (osb - ofd)); + if (fx > 0) { + /* + * insert fx chars of new starting at nfd + */ + ELRE_DEBUG(!EL_CAN_INSERT, (__F, + "ERROR: cannot insert in late first diff\n")); + term_insertwrite(el, nfd, fx); + re_insert(el, old, (int)(ofd - old), + el->el_term.t_size.h, nfd, fx); + } + /* + * write (nsb-nfd) - fx chars of new starting at + * (nfd + fx) + */ + len = (size_t) ((nsb - nfd) - fx); + term_overwrite(el, (nfd + fx), len); + re__strncopy(ofd + fx, nfd + fx, len); + } else { + ELRE_DEBUG(1, (__F, "without anything to save\r\n")); + len = (size_t) (nsb - nfd); + term_overwrite(el, nfd, len); + re__strncopy(ofd, nfd, len); + } + } + /* + * line is now NEW up to nse + */ + if (sx >= 0) { + ELRE_DEBUG(1, (__F, + "second diff insert at %d...\r\n", (int)(nse - new))); + term_move_to_char(el, (int)(nse - new)); + if (ols != oe) { + ELRE_DEBUG(1, (__F, "with stuff to keep at end\r\n")); + if (sx > 0) { + /* insert sx chars of new starting at nse */ + ELRE_DEBUG(!EL_CAN_INSERT, (__F, + "ERROR: cannot insert in second diff\n")); + term_insertwrite(el, nse, sx); + } + /* + * write (nls-nse) - sx chars of new starting at + * (nse + sx) + */ + term_overwrite(el, (nse + sx), + (size_t)((nls - nse) - sx)); + } else { + ELRE_DEBUG(1, (__F, "without anything to save\r\n")); + term_overwrite(el, nse, (size_t)(nls - nse)); + + /* + * No need to do a clear-to-end here because we were + * doing a second insert, so we will have over + * written all of the old string. + */ + } + } + ELRE_DEBUG(1, (__F, "done.\r\n")); +} + + +/* re__copy_and_pad(): + * Copy string and pad with spaces + */ +private void +re__copy_and_pad(Char *dst, const Char *src, size_t width) +{ + size_t i; + + for (i = 0; i < width; i++) { + if (*src == '\0') + break; + *dst++ = *src++; + } + + for (; i < width; i++) + *dst++ = ' '; + + *dst = '\0'; +} + + +/* re_refresh_cursor(): + * Move to the new cursor position + */ +protected void +re_refresh_cursor(EditLine *el) +{ + Char *cp; + int h, v, th, w; + + if (el->el_line.cursor >= el->el_line.lastchar) { + if (el->el_map.current == el->el_map.alt + && el->el_line.lastchar != el->el_line.buffer) + el->el_line.cursor = el->el_line.lastchar - 1; + else + el->el_line.cursor = el->el_line.lastchar; + } + + /* first we must find where the cursor is... */ + h = el->el_prompt.p_pos.h; + v = el->el_prompt.p_pos.v; + th = el->el_term.t_size.h; /* optimize for speed */ + + /* do input buffer to el->el_line.cursor */ + for (cp = el->el_line.buffer; cp < el->el_line.cursor; cp++) { + switch (ct_chr_class(*cp)) { + case CHTYPE_NL: /* handle newline in data part too */ + h = 0; + v++; + break; + case CHTYPE_TAB: /* if a tab, to next tab stop */ + while (++h & 07) + continue; + break; + default: + w = Width(*cp); + if (w > 1 && h + w > th) { /* won't fit on line */ + h = 0; + v++; + } + h += ct_visual_width(*cp); + break; + } + + if (h >= th) { /* check, extra long tabs picked up here also */ + h -= th; + v++; + } + } + /* if we have a next character, and it's a doublewidth one, we need to + * check whether we need to linebreak for it to fit */ + if (cp < el->el_line.lastchar && (w = Width(*cp)) > 1) + if (h + w > th) { + h = 0; + v++; + } + + /* now go there */ + term_move_to_line(el, v); + term_move_to_char(el, h); + term__flush(el); +} + + +/* re_fastputc(): + * Add a character fast. + */ +private void +re_fastputc(EditLine *el, Int c) +{ + int w = Width((Char)c); + while (w > 1 && el->el_cursor.h + w > el->el_term.t_size.h) + re_fastputc(el, ' '); + + term__putc(el, c); + el->el_display[el->el_cursor.v][el->el_cursor.h++] = c; + while (--w > 0) + el->el_display[el->el_cursor.v][el->el_cursor.h++] + = MB_FILL_CHAR; + + if (el->el_cursor.h >= el->el_term.t_size.h) { + /* if we must overflow */ + el->el_cursor.h = 0; + + /* + * If we would overflow (input is longer than terminal size), + * emulate scroll by dropping first line and shuffling the rest. + * We do this via pointer shuffling - it's safe in this case + * and we avoid memcpy(). + */ + if (el->el_cursor.v + 1 >= el->el_term.t_size.v) { + int i, lins = el->el_term.t_size.v; + Char *firstline = el->el_display[0]; + + for(i = 1; i < lins; i++) + el->el_display[i - 1] = el->el_display[i]; + + re__copy_and_pad(firstline, STR(""), 0); + el->el_display[i - 1] = firstline; + } else { + el->el_cursor.v++; + el->el_refresh.r_oldcv++; + } + if (EL_HAS_AUTO_MARGINS) { + if (EL_HAS_MAGIC_MARGINS) { + term__putc(el, ' '); + term__putc(el, '\b'); + } + } else { + term__putc(el, '\r'); + term__putc(el, '\n'); + } + } +} + + +/* re_fastaddc(): + * we added just one char, handle it fast. + * Assumes that screen cursor == real cursor + */ +protected void +re_fastaddc(EditLine *el) +{ + Char c; + int rhdiff; + + c = el->el_line.cursor[-1]; + + if (c == '\t' || el->el_line.cursor != el->el_line.lastchar) { + re_refresh(el); /* too hard to handle */ + return; + } + rhdiff = el->el_term.t_size.h - el->el_cursor.h - + el->el_rprompt.p_pos.h; + if (el->el_rprompt.p_pos.h && rhdiff < 3) { + re_refresh(el); /* clear out rprompt if less than 1 char gap */ + return; + } /* else (only do at end of line, no TAB) */ + switch (ct_chr_class(c)) { + case CHTYPE_TAB: /* already handled, should never happen here */ + break; + case CHTYPE_NL: + case CHTYPE_PRINT: + re_fastputc(el, c); + break; + case CHTYPE_ASCIICTL: + case CHTYPE_NONPRINT: { + Char visbuf[VISUAL_WIDTH_MAX]; + ssize_t i, n = + ct_visual_char(visbuf, VISUAL_WIDTH_MAX, (Char)c); + for (i = 0; n-- > 0; ++i) + re_fastputc(el, visbuf[i]); + break; + } + } + term__flush(el); +} + + +/* re_clear_display(): + * clear the screen buffers so that new new prompt starts fresh. + */ +protected void +re_clear_display(EditLine *el) +{ + int i; + + el->el_cursor.v = 0; + el->el_cursor.h = 0; + for (i = 0; i < el->el_term.t_size.v; i++) + el->el_display[i][0] = '\0'; + el->el_refresh.r_oldcv = 0; +} + + +/* re_clear_lines(): + * Make sure all lines are *really* blank + */ +protected void +re_clear_lines(EditLine *el) +{ + + if (EL_CAN_CEOL) { + int i; + for (i = el->el_refresh.r_oldcv; i >= 0; i--) { + /* for each line on the screen */ + term_move_to_line(el, i); + term_move_to_char(el, 0); + term_clear_EOL(el, el->el_term.t_size.h); + } + } else { + term_move_to_line(el, el->el_refresh.r_oldcv); + /* go to last line */ + term__putc(el, '\r'); /* go to BOL */ + term__putc(el, '\n'); /* go to new line */ + } +} diff --git a/lib/libedit/src/refresh.h b/lib/libedit/src/refresh.h new file mode 100644 index 000000000000..f80be4635456 --- /dev/null +++ b/lib/libedit/src/refresh.h @@ -0,0 +1,59 @@ +/* $NetBSD: refresh.h,v 1.6 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)refresh.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * el.refresh.h: Screen refresh functions + */ +#ifndef _h_el_refresh +#define _h_el_refresh + +#include "histedit.h" + +typedef struct { + coord_t r_cursor; /* Refresh cursor position */ + int r_oldcv; /* Vertical locations */ + int r_newcv; +} el_refresh_t; + +protected void re_putc(EditLine *, Int, int); +protected void re_clear_lines(EditLine *); +protected void re_clear_display(EditLine *); +protected void re_refresh(EditLine *); +protected void re_refresh_cursor(EditLine *); +protected void re_fastaddc(EditLine *); +protected void re_goto_bottom(EditLine *); + +#endif /* _h_el_refresh */ diff --git a/lib/libedit/src/search.c b/lib/libedit/src/search.c new file mode 100644 index 000000000000..59bbd1add0be --- /dev/null +++ b/lib/libedit/src/search.c @@ -0,0 +1,639 @@ +/* $NetBSD: search.c,v 1.24 2010/04/15 00:57:33 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)search.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: search.c,v 1.24 2010/04/15 00:57:33 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * search.c: History and character search functions + */ +#include +#include +#if defined(REGEX) +#include +#elif defined(REGEXP) +#include +#endif +#include "el.h" + +/* + * Adjust cursor in vi mode to include the character under it + */ +#define EL_CURSOR(el) \ + ((el)->el_line.cursor + (((el)->el_map.type == MAP_VI) && \ + ((el)->el_map.current == (el)->el_map.alt))) + +/* search_init(): + * Initialize the search stuff + */ +protected int +search_init(EditLine *el) +{ + + el->el_search.patbuf = el_malloc(EL_BUFSIZ * + sizeof(*el->el_search.patbuf)); + if (el->el_search.patbuf == NULL) + return (-1); + el->el_search.patlen = 0; + el->el_search.patdir = -1; + el->el_search.chacha = '\0'; + el->el_search.chadir = CHAR_FWD; + el->el_search.chatflg = 0; + return (0); +} + + +/* search_end(): + * Initialize the search stuff + */ +protected void +search_end(EditLine *el) +{ + + el_free((ptr_t) el->el_search.patbuf); + el->el_search.patbuf = NULL; +} + + +#ifdef REGEXP +/* regerror(): + * Handle regular expression errors + */ +public void +/*ARGSUSED*/ +regerror(const char *msg) +{ +} +#endif + + +/* el_match(): + * Return if string matches pattern + */ +protected int +el_match(const Char *str, const Char *pat) +{ +#ifdef WIDECHAR + static ct_buffer_t conv; +#endif +#if defined (REGEX) + regex_t re; + int rv; +#elif defined (REGEXP) + regexp *rp; + int rv; +#else + extern char *re_comp(const char *); + extern int re_exec(const char *); +#endif + + if (Strstr(str, pat) != 0) + return (1); + +#if defined(REGEX) + if (regcomp(&re, ct_encode_string(pat, &conv), 0) == 0) { + rv = regexec(&re, ct_encode_string(str, &conv), 0, NULL, 0) == 0; + regfree(&re); + } else { + rv = 0; + } + return (rv); +#elif defined(REGEXP) + if ((re = regcomp(ct_encode_string(pat, &conv))) != NULL) { + rv = regexec(re, ct_encode_string(str, &conv)); + free((ptr_t) re); + } else { + rv = 0; + } + return (rv); +#else + if (re_comp(ct_encode_string(pat, &conv)) != NULL) + return (0); + else + return (re_exec(ct_encode_string(str, &conv)) == 1); +#endif +} + + +/* c_hmatch(): + * return True if the pattern matches the prefix + */ +protected int +c_hmatch(EditLine *el, const Char *str) +{ +#ifdef SDEBUG + (void) fprintf(el->el_errfile, "match `%s' with `%s'\n", + el->el_search.patbuf, str); +#endif /* SDEBUG */ + + return (el_match(str, el->el_search.patbuf)); +} + + +/* c_setpat(): + * Set the history seatch pattern + */ +protected void +c_setpat(EditLine *el) +{ + if (el->el_state.lastcmd != ED_SEARCH_PREV_HISTORY && + el->el_state.lastcmd != ED_SEARCH_NEXT_HISTORY) { + el->el_search.patlen = EL_CURSOR(el) - el->el_line.buffer; + if (el->el_search.patlen >= EL_BUFSIZ) + el->el_search.patlen = EL_BUFSIZ - 1; + if (el->el_search.patlen != 0) { + (void) Strncpy(el->el_search.patbuf, el->el_line.buffer, + el->el_search.patlen); + el->el_search.patbuf[el->el_search.patlen] = '\0'; + } else + el->el_search.patlen = Strlen(el->el_search.patbuf); + } +#ifdef SDEBUG + (void) fprintf(el->el_errfile, "\neventno = %d\n", + el->el_history.eventno); + (void) fprintf(el->el_errfile, "patlen = %d\n", el->el_search.patlen); + (void) fprintf(el->el_errfile, "patbuf = \"%s\"\n", + el->el_search.patbuf); + (void) fprintf(el->el_errfile, "cursor %d lastchar %d\n", + EL_CURSOR(el) - el->el_line.buffer, + el->el_line.lastchar - el->el_line.buffer); +#endif +} + + +/* ce_inc_search(): + * Emacs incremental search + */ +protected el_action_t +ce_inc_search(EditLine *el, int dir) +{ + static const Char STRfwd[] = {'f', 'w', 'd', '\0'}, + STRbck[] = {'b', 'c', 'k', '\0'}; + static Char pchar = ':';/* ':' = normal, '?' = failed */ + static Char endcmd[2] = {'\0', '\0'}; + Char ch, *ocursor = el->el_line.cursor, oldpchar = pchar; + const Char *cp; + + el_action_t ret = CC_NORM; + + int ohisteventno = el->el_history.eventno; + size_t oldpatlen = el->el_search.patlen; + int newdir = dir; + int done, redo; + + if (el->el_line.lastchar + sizeof(STRfwd) / + sizeof(*el->el_line.lastchar) + 2 + + el->el_search.patlen >= el->el_line.limit) + return (CC_ERROR); + + for (;;) { + + if (el->el_search.patlen == 0) { /* first round */ + pchar = ':'; +#ifdef ANCHOR +#define LEN 2 + el->el_search.patbuf[el->el_search.patlen++] = '.'; + el->el_search.patbuf[el->el_search.patlen++] = '*'; +#else +#define LEN 0 +#endif + } + done = redo = 0; + *el->el_line.lastchar++ = '\n'; + for (cp = (newdir == ED_SEARCH_PREV_HISTORY) ? STRbck : STRfwd; + *cp; *el->el_line.lastchar++ = *cp++) + continue; + *el->el_line.lastchar++ = pchar; + for (cp = &el->el_search.patbuf[LEN]; + cp < &el->el_search.patbuf[el->el_search.patlen]; + *el->el_line.lastchar++ = *cp++) + continue; + *el->el_line.lastchar = '\0'; + re_refresh(el); + + if (FUN(el,getc)(el, &ch) != 1) + return (ed_end_of_file(el, 0)); + + switch (el->el_map.current[(unsigned char) ch]) { + case ED_INSERT: + case ED_DIGIT: + if (el->el_search.patlen >= EL_BUFSIZ - LEN) + term_beep(el); + else { + el->el_search.patbuf[el->el_search.patlen++] = + ch; + *el->el_line.lastchar++ = ch; + *el->el_line.lastchar = '\0'; + re_refresh(el); + } + break; + + case EM_INC_SEARCH_NEXT: + newdir = ED_SEARCH_NEXT_HISTORY; + redo++; + break; + + case EM_INC_SEARCH_PREV: + newdir = ED_SEARCH_PREV_HISTORY; + redo++; + break; + + case EM_DELETE_PREV_CHAR: + case ED_DELETE_PREV_CHAR: + if (el->el_search.patlen > LEN) + done++; + else + term_beep(el); + break; + + default: + switch (ch) { + case 0007: /* ^G: Abort */ + ret = CC_ERROR; + done++; + break; + + case 0027: /* ^W: Append word */ + /* No can do if globbing characters in pattern */ + for (cp = &el->el_search.patbuf[LEN];; cp++) + if (cp >= &el->el_search.patbuf[ + el->el_search.patlen]) { + el->el_line.cursor += + el->el_search.patlen - LEN - 1; + cp = c__next_word(el->el_line.cursor, + el->el_line.lastchar, 1, + ce__isword); + while (el->el_line.cursor < cp && + *el->el_line.cursor != '\n') { + if (el->el_search.patlen >= + EL_BUFSIZ - LEN) { + term_beep(el); + break; + } + el->el_search.patbuf[el->el_search.patlen++] = + *el->el_line.cursor; + *el->el_line.lastchar++ = + *el->el_line.cursor++; + } + el->el_line.cursor = ocursor; + *el->el_line.lastchar = '\0'; + re_refresh(el); + break; + } else if (isglob(*cp)) { + term_beep(el); + break; + } + break; + + default: /* Terminate and execute cmd */ + endcmd[0] = ch; + FUN(el,push)(el, endcmd); + /* FALLTHROUGH */ + + case 0033: /* ESC: Terminate */ + ret = CC_REFRESH; + done++; + break; + } + break; + } + + while (el->el_line.lastchar > el->el_line.buffer && + *el->el_line.lastchar != '\n') + *el->el_line.lastchar-- = '\0'; + *el->el_line.lastchar = '\0'; + + if (!done) { + + /* Can't search if unmatched '[' */ + for (cp = &el->el_search.patbuf[el->el_search.patlen-1], + ch = ']'; + cp >= &el->el_search.patbuf[LEN]; + cp--) + if (*cp == '[' || *cp == ']') { + ch = *cp; + break; + } + if (el->el_search.patlen > LEN && ch != '[') { + if (redo && newdir == dir) { + if (pchar == '?') { /* wrap around */ + el->el_history.eventno = + newdir == ED_SEARCH_PREV_HISTORY ? 0 : 0x7fffffff; + if (hist_get(el) == CC_ERROR) + /* el->el_history.event + * no was fixed by + * first call */ + (void) hist_get(el); + el->el_line.cursor = newdir == + ED_SEARCH_PREV_HISTORY ? + el->el_line.lastchar : + el->el_line.buffer; + } else + el->el_line.cursor += + newdir == + ED_SEARCH_PREV_HISTORY ? + -1 : 1; + } +#ifdef ANCHOR + el->el_search.patbuf[el->el_search.patlen++] = + '.'; + el->el_search.patbuf[el->el_search.patlen++] = + '*'; +#endif + el->el_search.patbuf[el->el_search.patlen] = + '\0'; + if (el->el_line.cursor < el->el_line.buffer || + el->el_line.cursor > el->el_line.lastchar || + (ret = ce_search_line(el, newdir)) + == CC_ERROR) { + /* avoid c_setpat */ + el->el_state.lastcmd = + (el_action_t) newdir; + ret = newdir == ED_SEARCH_PREV_HISTORY ? + ed_search_prev_history(el, 0) : + ed_search_next_history(el, 0); + if (ret != CC_ERROR) { + el->el_line.cursor = newdir == + ED_SEARCH_PREV_HISTORY ? + el->el_line.lastchar : + el->el_line.buffer; + (void) ce_search_line(el, + newdir); + } + } + el->el_search.patlen -= LEN; + el->el_search.patbuf[el->el_search.patlen] = + '\0'; + if (ret == CC_ERROR) { + term_beep(el); + if (el->el_history.eventno != + ohisteventno) { + el->el_history.eventno = + ohisteventno; + if (hist_get(el) == CC_ERROR) + return (CC_ERROR); + } + el->el_line.cursor = ocursor; + pchar = '?'; + } else { + pchar = ':'; + } + } + ret = ce_inc_search(el, newdir); + + if (ret == CC_ERROR && pchar == '?' && oldpchar == ':') + /* + * break abort of failed search at last + * non-failed + */ + ret = CC_NORM; + + } + if (ret == CC_NORM || (ret == CC_ERROR && oldpatlen == 0)) { + /* restore on normal return or error exit */ + pchar = oldpchar; + el->el_search.patlen = oldpatlen; + if (el->el_history.eventno != ohisteventno) { + el->el_history.eventno = ohisteventno; + if (hist_get(el) == CC_ERROR) + return (CC_ERROR); + } + el->el_line.cursor = ocursor; + if (ret == CC_ERROR) + re_refresh(el); + } + if (done || ret != CC_NORM) + return (ret); + } +} + + +/* cv_search(): + * Vi search. + */ +protected el_action_t +cv_search(EditLine *el, int dir) +{ + Char ch; + Char tmpbuf[EL_BUFSIZ]; + int tmplen; + +#ifdef ANCHOR + tmpbuf[0] = '.'; + tmpbuf[1] = '*'; +#endif + tmplen = LEN; + + el->el_search.patdir = dir; + + tmplen = c_gets(el, &tmpbuf[LEN], + dir == ED_SEARCH_PREV_HISTORY ? STR("\n/") : STR("\n?") ); + if (tmplen == -1) + return CC_REFRESH; + + tmplen += LEN; + ch = tmpbuf[tmplen]; + tmpbuf[tmplen] = '\0'; + + if (tmplen == LEN) { + /* + * Use the old pattern, but wild-card it. + */ + if (el->el_search.patlen == 0) { + re_refresh(el); + return (CC_ERROR); + } +#ifdef ANCHOR + if (el->el_search.patbuf[0] != '.' && + el->el_search.patbuf[0] != '*') { + (void) Strncpy(tmpbuf, el->el_search.patbuf, + sizeof(tmpbuf) / sizeof(*tmpbuf) - 1); + el->el_search.patbuf[0] = '.'; + el->el_search.patbuf[1] = '*'; + (void) Strncpy(&el->el_search.patbuf[2], tmpbuf, + EL_BUFSIZ - 3); + el->el_search.patlen++; + el->el_search.patbuf[el->el_search.patlen++] = '.'; + el->el_search.patbuf[el->el_search.patlen++] = '*'; + el->el_search.patbuf[el->el_search.patlen] = '\0'; + } +#endif + } else { +#ifdef ANCHOR + tmpbuf[tmplen++] = '.'; + tmpbuf[tmplen++] = '*'; +#endif + tmpbuf[tmplen] = '\0'; + (void) Strncpy(el->el_search.patbuf, tmpbuf, EL_BUFSIZ - 1); + el->el_search.patlen = tmplen; + } + el->el_state.lastcmd = (el_action_t) dir; /* avoid c_setpat */ + el->el_line.cursor = el->el_line.lastchar = el->el_line.buffer; + if ((dir == ED_SEARCH_PREV_HISTORY ? ed_search_prev_history(el, 0) : + ed_search_next_history(el, 0)) == CC_ERROR) { + re_refresh(el); + return (CC_ERROR); + } + if (ch == 0033) { + re_refresh(el); + return ed_newline(el, 0); + } + return (CC_REFRESH); +} + + +/* ce_search_line(): + * Look for a pattern inside a line + */ +protected el_action_t +ce_search_line(EditLine *el, int dir) +{ + Char *cp = el->el_line.cursor; + Char *pattern = el->el_search.patbuf; + Char oc, *ocp; +#ifdef ANCHOR + ocp = &pattern[1]; + oc = *ocp; + *ocp = '^'; +#else + ocp = pattern; + oc = *ocp; +#endif + + if (dir == ED_SEARCH_PREV_HISTORY) { + for (; cp >= el->el_line.buffer; cp--) { + if (el_match(cp, ocp)) { + *ocp = oc; + el->el_line.cursor = cp; + return (CC_NORM); + } + } + *ocp = oc; + return (CC_ERROR); + } else { + for (; *cp != '\0' && cp < el->el_line.limit; cp++) { + if (el_match(cp, ocp)) { + *ocp = oc; + el->el_line.cursor = cp; + return (CC_NORM); + } + } + *ocp = oc; + return (CC_ERROR); + } +} + + +/* cv_repeat_srch(): + * Vi repeat search + */ +protected el_action_t +cv_repeat_srch(EditLine *el, Int c) +{ + +#ifdef SDEBUG + (void) fprintf(el->el_errfile, "dir %d patlen %d patbuf %s\n", + c, el->el_search.patlen, ct_encode_string(el->el_search.patbuf)); +#endif + + el->el_state.lastcmd = (el_action_t) c; /* Hack to stop c_setpat */ + el->el_line.lastchar = el->el_line.buffer; + + switch (c) { + case ED_SEARCH_NEXT_HISTORY: + return (ed_search_next_history(el, 0)); + case ED_SEARCH_PREV_HISTORY: + return (ed_search_prev_history(el, 0)); + default: + return (CC_ERROR); + } +} + + +/* cv_csearch(): + * Vi character search + */ +protected el_action_t +cv_csearch(EditLine *el, int direction, Int ch, int count, int tflag) +{ + Char *cp; + + if (ch == 0) + return CC_ERROR; + + if (ch == -1) { + Char c; + if (FUN(el,getc)(el, &c) != 1) + return ed_end_of_file(el, 0); + ch = c; + } + + /* Save for ';' and ',' commands */ + el->el_search.chacha = ch; + el->el_search.chadir = direction; + el->el_search.chatflg = tflag; + + cp = el->el_line.cursor; + while (count--) { + if (*cp == ch) + cp += direction; + for (;;cp += direction) { + if (cp >= el->el_line.lastchar) + return CC_ERROR; + if (cp < el->el_line.buffer) + return CC_ERROR; + if (*cp == ch) + break; + } + } + + if (tflag) + cp -= direction; + + el->el_line.cursor = cp; + + if (el->el_chared.c_vcmd.action != NOP) { + if (direction > 0) + el->el_line.cursor++; + cv_delfini(el); + return CC_REFRESH; + } + return CC_CURSOR; +} diff --git a/lib/libedit/src/search.h b/lib/libedit/src/search.h new file mode 100644 index 000000000000..d9f27e561854 --- /dev/null +++ b/lib/libedit/src/search.h @@ -0,0 +1,66 @@ +/* $NetBSD: search.h,v 1.9 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)search.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * el.search.h: Line and history searching utilities + */ +#ifndef _h_el_search +#define _h_el_search + +#include "histedit.h" + +typedef struct el_search_t { + Char *patbuf; /* The pattern buffer */ + size_t patlen; /* Length of the pattern buffer */ + int patdir; /* Direction of the last search */ + int chadir; /* Character search direction */ + Char chacha; /* Character we are looking for */ + char chatflg; /* 0 if f, 1 if t */ +} el_search_t; + + +protected int el_match(const Char *, const Char *); +protected int search_init(EditLine *); +protected void search_end(EditLine *); +protected int c_hmatch(EditLine *, const Char *); +protected void c_setpat(EditLine *); +protected el_action_t ce_inc_search(EditLine *, int); +protected el_action_t cv_search(EditLine *, int); +protected el_action_t ce_search_line(EditLine *, int); +protected el_action_t cv_repeat_srch(EditLine *, Int); +protected el_action_t cv_csearch(EditLine *, int, Int, int, int); + +#endif /* _h_el_search */ diff --git a/lib/libedit/src/shlib_version b/lib/libedit/src/shlib_version new file mode 100644 index 000000000000..778486cf30d9 --- /dev/null +++ b/lib/libedit/src/shlib_version @@ -0,0 +1,5 @@ +# $NetBSD: shlib_version,v 1.18 2009/01/11 03:07:48 christos Exp $ +# Remember to update distrib/sets/lists/base/shl.* when changing +# +major=3 +minor=0 diff --git a/lib/libedit/src/sig.c b/lib/libedit/src/sig.c new file mode 100644 index 000000000000..1ea319faa063 --- /dev/null +++ b/lib/libedit/src/sig.c @@ -0,0 +1,200 @@ +/* $NetBSD: sig.c,v 1.15 2009/02/19 15:20:22 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)sig.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: sig.c,v 1.15 2009/02/19 15:20:22 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * sig.c: Signal handling stuff. + * our policy is to trap all signals, set a good state + * and pass the ball to our caller. + */ +#include "el.h" +#include + +private EditLine *sel = NULL; + +private const int sighdl[] = { +#define _DO(a) (a), + ALLSIGS +#undef _DO + - 1 +}; + +private void sig_handler(int); + +/* sig_handler(): + * This is the handler called for all signals + * XXX: we cannot pass any data so we just store the old editline + * state in a private variable + */ +private void +sig_handler(int signo) +{ + int i; + sigset_t nset, oset; + + (void) sigemptyset(&nset); + (void) sigaddset(&nset, signo); + (void) sigprocmask(SIG_BLOCK, &nset, &oset); + + sel->el_signal->sig_no = signo; + + switch (signo) { + case SIGCONT: + tty_rawmode(sel); + if (ed_redisplay(sel, 0) == CC_REFRESH) + re_refresh(sel); + term__flush(sel); + break; + + case SIGWINCH: + el_resize(sel); + break; + + default: + tty_cookedmode(sel); + break; + } + + for (i = 0; sighdl[i] != -1; i++) + if (signo == sighdl[i]) + break; + + (void) sigaction(signo, &sel->el_signal->sig_action[i], NULL); + sel->el_signal->sig_action[i].sa_handler = SIG_ERR; + sel->el_signal->sig_action[i].sa_flags = 0; + sigemptyset(&sel->el_signal->sig_action[i].sa_mask); + (void) sigprocmask(SIG_SETMASK, &oset, NULL); + (void) kill(0, signo); +} + + +/* sig_init(): + * Initialize all signal stuff + */ +protected int +sig_init(EditLine *el) +{ + size_t i; + sigset_t *nset, oset; + + el->el_signal = el_malloc(sizeof(*el->el_signal)); + if (el->el_signal == NULL) + return -1; + + nset = &el->el_signal->sig_set; + (void) sigemptyset(nset); +#define _DO(a) (void) sigaddset(nset, a); + ALLSIGS +#undef _DO + (void) sigprocmask(SIG_BLOCK, nset, &oset); + + for (i = 0; sighdl[i] != -1; i++) { + el->el_signal->sig_action[i].sa_handler = SIG_ERR; + el->el_signal->sig_action[i].sa_flags = 0; + sigemptyset(&el->el_signal->sig_action[i].sa_mask); + } + + (void) sigprocmask(SIG_SETMASK, &oset, NULL); + + return 0; +} + + +/* sig_end(): + * Clear all signal stuff + */ +protected void +sig_end(EditLine *el) +{ + + el_free((ptr_t) el->el_signal); + el->el_signal = NULL; +} + + +/* sig_set(): + * set all the signal handlers + */ +protected void +sig_set(EditLine *el) +{ + size_t i; + sigset_t oset; + struct sigaction osa, nsa; + + nsa.sa_handler = sig_handler; + nsa.sa_flags = 0; + sigemptyset(&nsa.sa_mask); + + (void) sigprocmask(SIG_BLOCK, &el->el_signal->sig_set, &oset); + + for (i = 0; sighdl[i] != -1; i++) { + /* This could happen if we get interrupted */ + if (sigaction(sighdl[i], &nsa, &osa) != -1 && + osa.sa_handler != sig_handler) + el->el_signal->sig_action[i] = osa; + } + sel = el; + (void) sigprocmask(SIG_SETMASK, &oset, NULL); +} + + +/* sig_clr(): + * clear all the signal handlers + */ +protected void +sig_clr(EditLine *el) +{ + size_t i; + sigset_t oset; + + (void) sigprocmask(SIG_BLOCK, &el->el_signal->sig_set, &oset); + + for (i = 0; sighdl[i] != -1; i++) + if (el->el_signal->sig_action[i].sa_handler != SIG_ERR) + (void)sigaction(sighdl[i], + &el->el_signal->sig_action[i], NULL); + + sel = NULL; /* we are going to die if the handler is + * called */ + (void)sigprocmask(SIG_SETMASK, &oset, NULL); +} diff --git a/lib/libedit/src/sig.h b/lib/libedit/src/sig.h new file mode 100644 index 000000000000..c957cfdf5a72 --- /dev/null +++ b/lib/libedit/src/sig.h @@ -0,0 +1,72 @@ +/* $NetBSD: sig.h,v 1.8 2009/02/19 15:20:22 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)sig.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * el.sig.h: Signal handling functions + */ +#ifndef _h_el_sig +#define _h_el_sig + +#include + +#include "histedit.h" + +/* + * Define here all the signals we are going to handle + * The _DO macro is used to iterate in the source code + */ +#define ALLSIGS \ + _DO(SIGINT) \ + _DO(SIGTSTP) \ + _DO(SIGQUIT) \ + _DO(SIGHUP) \ + _DO(SIGTERM) \ + _DO(SIGCONT) \ + _DO(SIGWINCH) +#define ALLSIGSNO 7 + +typedef struct { + struct sigaction sig_action[ALLSIGSNO]; + sigset_t sig_set; + volatile sig_atomic_t sig_no; +} *el_signal_t; + +protected void sig_end(EditLine*); +protected int sig_init(EditLine*); +protected void sig_set(EditLine*); +protected void sig_clr(EditLine*); + +#endif /* _h_el_sig */ diff --git a/lib/libedit/src/strlcat.c b/lib/libedit/src/strlcat.c new file mode 100644 index 000000000000..1a92fc5fa9ad --- /dev/null +++ b/lib/libedit/src/strlcat.c @@ -0,0 +1,74 @@ +/* $NetBSD: strlcat.c,v 1.3 2007/06/04 18:19:27 christos Exp $ */ +/* $OpenBSD: strlcat.c,v 1.10 2003/04/12 21:56:39 millert Exp $ */ + +/* + * Copyright (c) 1998 Todd C. Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND TODD C. MILLER DISCLAIMS ALL + * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL TODD C. MILLER BE LIABLE + * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include "config.h" + +#if defined(LIBC_SCCS) && !defined(lint) +__RCSID("$NetBSD: strlcat.c,v 1.3 2007/06/04 18:19:27 christos Exp $"); +#endif /* LIBC_SCCS and not lint */ + +#include +#include +#include + +#ifdef _LIBC +# ifdef __weak_alias +__weak_alias(strlcat, _strlcat) +# endif +#endif + +#if !HAVE_STRLCAT +/* + * Appends src to string dst of size siz (unlike strncat, siz is the + * full size of dst, not space left). At most siz-1 characters + * will be copied. Always NUL terminates (unless siz <= strlen(dst)). + * Returns strlen(src) + MIN(siz, strlen(initial dst)). + * If retval >= siz, truncation occurred. + */ +size_t +strlcat(char *dst, const char *src, size_t siz) +{ + char *d = dst; + const char *s = src; + size_t n = siz; + size_t dlen; + + _DIAGASSERT(dst != NULL); + _DIAGASSERT(src != NULL); + + /* Find the end of dst and adjust bytes left but don't go past end */ + while (n-- != 0 && *d != '\0') + d++; + dlen = d - dst; + n = siz - dlen; + + if (n == 0) + return(dlen + strlen(s)); + while (*s != '\0') { + if (n != 1) { + *d++ = *s; + n--; + } + s++; + } + *d = '\0'; + + return(dlen + (s - src)); /* count does not include NUL */ +} +#endif diff --git a/lib/libedit/src/strlcpy.c b/lib/libedit/src/strlcpy.c new file mode 100644 index 000000000000..8b3dfad211fa --- /dev/null +++ b/lib/libedit/src/strlcpy.c @@ -0,0 +1,70 @@ +/* $NetBSD: strlcpy.c,v 1.3 2007/06/04 18:19:27 christos Exp $ */ +/* $OpenBSD: strlcpy.c,v 1.7 2003/04/12 21:56:39 millert Exp $ */ + +/* + * Copyright (c) 1998 Todd C. Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND TODD C. MILLER DISCLAIMS ALL + * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL TODD C. MILLER BE LIABLE + * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include "config.h" + +#if defined(LIBC_SCCS) && !defined(lint) +__RCSID("$NetBSD: strlcpy.c,v 1.3 2007/06/04 18:19:27 christos Exp $"); +#endif /* LIBC_SCCS and not lint */ + +#include +#include +#include + +#ifdef _LIBC +# ifdef __weak_alias +__weak_alias(strlcpy, _strlcpy) +# endif +#endif + +#if !HAVE_STRLCPY +/* + * Copy src to string dst of size siz. At most siz-1 characters + * will be copied. Always NUL terminates (unless siz == 0). + * Returns strlen(src); if retval >= siz, truncation occurred. + */ +size_t +strlcpy(char *dst, const char *src, size_t siz) +{ + char *d = dst; + const char *s = src; + size_t n = siz; + + _DIAGASSERT(dst != NULL); + _DIAGASSERT(src != NULL); + + /* Copy as many bytes as will fit */ + if (n != 0 && --n != 0) { + do { + if ((*d++ = *s++) == 0) + break; + } while (--n != 0); + } + + /* Not enough room in dst, add NUL and traverse rest of src */ + if (n == 0) { + if (siz != 0) + *d = '\0'; /* NUL-terminate dst */ + while (*s++) + ; + } + + return(s - src - 1); /* count does not include NUL */ +} +#endif diff --git a/lib/libedit/src/sys.h b/lib/libedit/src/sys.h new file mode 100644 index 000000000000..87c90df4e4a2 --- /dev/null +++ b/lib/libedit/src/sys.h @@ -0,0 +1,161 @@ +/* $NetBSD: sys.h,v 1.13 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)sys.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * sys.h: Put all the stupid compiler and system dependencies here... + */ +#ifndef _h_sys +#define _h_sys + +#ifdef HAVE_SYS_CDEFS_H +#include +#endif + +#if !defined(__attribute__) && (defined(__cplusplus) || !defined(__GNUC__) || __GNUC__ == 2 && __GNUC_MINOR__ < 8) +# define __attribute__(A) +#endif + +#ifndef _DIAGASSERT +# define _DIAGASSERT(x) +#endif + +#ifndef __BEGIN_DECLS +# ifdef __cplusplus +# define __BEGIN_DECLS extern "C" { +# define __END_DECLS } +# else +# define __BEGIN_DECLS +# define __END_DECLS +# endif +#endif + +#ifndef public +# define public /* Externally visible functions/variables */ +#endif + +#ifndef private +# define private static /* Always hidden internals */ +#endif + +#ifndef protected +# define protected /* Redefined from elsewhere to "static" */ + /* When we want to hide everything */ +#endif + +#ifndef __arraycount +# define __arraycount(a) (sizeof(a) / sizeof(*(a))) +#endif + +#ifndef HAVE_U_INT32_T +typedef unsigned int u_int32_t; +#endif + +#ifndef _PTR_T +# define _PTR_T +typedef void *ptr_t; +#endif + +#ifndef _IOCTL_T +# define _IOCTL_T +typedef void *ioctl_t; +#endif + +#include + +#ifndef HAVE_STRLCAT +#define strlcat libedit_strlcat +size_t strlcat(char *dst, const char *src, size_t size); +#endif + +#ifndef HAVE_STRLCPY +#define strlcpy libedit_strlcpy +size_t strlcpy(char *dst, const char *src, size_t size); +#endif + +#ifndef HAVE_FGETLN +#define fgetln libedit_fgetln +char *fgetln(FILE *fp, size_t *len); +#endif + +#define REGEX /* Use POSIX.2 regular expression functions */ +#undef REGEXP /* Use UNIX V8 regular expression functions */ + +#if defined(__sun) +extern int tgetent(char *, const char *); +extern int tgetflag(char *); +extern int tgetnum(char *); +extern int tputs(const char *, int, int (*)(int)); +extern char* tgoto(const char*, int, int); +extern char* tgetstr(char*, char**); +#endif + +#ifdef notdef +# undef REGEX +# undef REGEXP +# include +# ifdef __GNUC__ +/* + * Broken hdrs. + */ +extern int tgetent(const char *bp, char *name); +extern int tgetflag(const char *id); +extern int tgetnum(const char *id); +extern char *tgetstr(const char *id, char **area); +extern char *tgoto(const char *cap, int col, int row); +extern int tputs(const char *str, int affcnt, int (*putc)(int)); +extern char *getenv(const char *); +extern int fprintf(FILE *, const char *, ...); +extern int sigsetmask(int); +extern int sigblock(int); +extern int fputc(int, FILE *); +extern int fgetc(FILE *); +extern int fflush(FILE *); +extern int tolower(int); +extern int toupper(int); +extern int errno, sys_nerr; +extern char *sys_errlist[]; +extern void perror(const char *); +# include +# define strerror(e) sys_errlist[e] +# endif +# ifdef SABER +extern ptr_t memcpy(ptr_t, const ptr_t, size_t); +extern ptr_t memset(ptr_t, int, size_t); +# endif +extern char *fgetline(FILE *, int *); +#endif + +#endif /* _h_sys */ diff --git a/lib/libedit/src/term.c b/lib/libedit/src/term.c new file mode 100644 index 000000000000..3a1b5e739ed0 --- /dev/null +++ b/lib/libedit/src/term.c @@ -0,0 +1,1745 @@ +/* $NetBSD: term.c,v 1.57 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)term.c 8.2 (Berkeley) 4/30/95"; +#else +__RCSID("$NetBSD: term.c,v 1.57 2009/12/30 22:37:40 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * term.c: Editor/termcap-curses interface + * We have to declare a static variable here, since the + * termcap putchar routine does not take an argument! + */ +#include +#include +#include +#include +#include +#include +#ifdef HAVE_TERMCAP_H +#include +#endif +#ifdef HAVE_CURSES_H +#include +#elif HAVE_NCURSES_H +#include +#endif +/* Solaris's term.h does horrid things. */ + +#if defined(HAVE_TERM_H) && !defined(__sun) +#include +#endif +#include +#include + +#ifdef _REENTRANT +#include +#endif + +#include "el.h" + +/* + * IMPORTANT NOTE: these routines are allowed to look at the current screen + * and the current position assuming that it is correct. If this is not + * true, then the update will be WRONG! This is (should be) a valid + * assumption... + */ + +#define TC_BUFSIZE 2048 + +#define GoodStr(a) (el->el_term.t_str[a] != NULL && \ + el->el_term.t_str[a][0] != '\0') +#define Str(a) el->el_term.t_str[a] +#define Val(a) el->el_term.t_val[a] + +#ifdef notdef +private const struct { + const char *b_name; + int b_rate; +} baud_rate[] = { +#ifdef B0 + { "0", B0 }, +#endif +#ifdef B50 + { "50", B50 }, +#endif +#ifdef B75 + { "75", B75 }, +#endif +#ifdef B110 + { "110", B110 }, +#endif +#ifdef B134 + { "134", B134 }, +#endif +#ifdef B150 + { "150", B150 }, +#endif +#ifdef B200 + { "200", B200 }, +#endif +#ifdef B300 + { "300", B300 }, +#endif +#ifdef B600 + { "600", B600 }, +#endif +#ifdef B900 + { "900", B900 }, +#endif +#ifdef B1200 + { "1200", B1200 }, +#endif +#ifdef B1800 + { "1800", B1800 }, +#endif +#ifdef B2400 + { "2400", B2400 }, +#endif +#ifdef B3600 + { "3600", B3600 }, +#endif +#ifdef B4800 + { "4800", B4800 }, +#endif +#ifdef B7200 + { "7200", B7200 }, +#endif +#ifdef B9600 + { "9600", B9600 }, +#endif +#ifdef EXTA + { "19200", EXTA }, +#endif +#ifdef B19200 + { "19200", B19200 }, +#endif +#ifdef EXTB + { "38400", EXTB }, +#endif +#ifdef B38400 + { "38400", B38400 }, +#endif + { NULL, 0 } +}; +#endif + +private const struct termcapstr { + const char *name; + const char *long_name; +} tstr[] = { +#define T_al 0 + { "al", "add new blank line" }, +#define T_bl 1 + { "bl", "audible bell" }, +#define T_cd 2 + { "cd", "clear to bottom" }, +#define T_ce 3 + { "ce", "clear to end of line" }, +#define T_ch 4 + { "ch", "cursor to horiz pos" }, +#define T_cl 5 + { "cl", "clear screen" }, +#define T_dc 6 + { "dc", "delete a character" }, +#define T_dl 7 + { "dl", "delete a line" }, +#define T_dm 8 + { "dm", "start delete mode" }, +#define T_ed 9 + { "ed", "end delete mode" }, +#define T_ei 10 + { "ei", "end insert mode" }, +#define T_fs 11 + { "fs", "cursor from status line" }, +#define T_ho 12 + { "ho", "home cursor" }, +#define T_ic 13 + { "ic", "insert character" }, +#define T_im 14 + { "im", "start insert mode" }, +#define T_ip 15 + { "ip", "insert padding" }, +#define T_kd 16 + { "kd", "sends cursor down" }, +#define T_kl 17 + { "kl", "sends cursor left" }, +#define T_kr 18 + { "kr", "sends cursor right" }, +#define T_ku 19 + { "ku", "sends cursor up" }, +#define T_md 20 + { "md", "begin bold" }, +#define T_me 21 + { "me", "end attributes" }, +#define T_nd 22 + { "nd", "non destructive space" }, +#define T_se 23 + { "se", "end standout" }, +#define T_so 24 + { "so", "begin standout" }, +#define T_ts 25 + { "ts", "cursor to status line" }, +#define T_up 26 + { "up", "cursor up one" }, +#define T_us 27 + { "us", "begin underline" }, +#define T_ue 28 + { "ue", "end underline" }, +#define T_vb 29 + { "vb", "visible bell" }, +#define T_DC 30 + { "DC", "delete multiple chars" }, +#define T_DO 31 + { "DO", "cursor down multiple" }, +#define T_IC 32 + { "IC", "insert multiple chars" }, +#define T_LE 33 + { "LE", "cursor left multiple" }, +#define T_RI 34 + { "RI", "cursor right multiple" }, +#define T_UP 35 + { "UP", "cursor up multiple" }, +#define T_kh 36 + { "kh", "send cursor home" }, +#define T_at7 37 + { "@7", "send cursor end" }, +#define T_str 38 + { NULL, NULL } +}; + +private const struct termcapval { + const char *name; + const char *long_name; +} tval[] = { +#define T_am 0 + { "am", "has automatic margins" }, +#define T_pt 1 + { "pt", "has physical tabs" }, +#define T_li 2 + { "li", "Number of lines" }, +#define T_co 3 + { "co", "Number of columns" }, +#define T_km 4 + { "km", "Has meta key" }, +#define T_xt 5 + { "xt", "Tab chars destructive" }, +#define T_xn 6 + { "xn", "newline ignored at right margin" }, +#define T_MT 7 + { "MT", "Has meta key" }, /* XXX? */ +#define T_val 8 + { NULL, NULL, } +}; +/* do two or more of the attributes use me */ + +private void term_setflags(EditLine *); +private int term_rebuffer_display(EditLine *); +private void term_free_display(EditLine *); +private int term_alloc_display(EditLine *); +private void term_alloc(EditLine *, const struct termcapstr *, const char *); +private void term_init_arrow(EditLine *); +private void term_reset_arrow(EditLine *); +private int term_putc(int); +private void term_tputs(EditLine *, const char *, int); + +#ifdef _REENTRANT +private pthread_mutex_t term_mutex = PTHREAD_MUTEX_INITIALIZER; +#endif +private FILE *term_outfile = NULL; + + +/* term_setflags(): + * Set the terminal capability flags + */ +private void +term_setflags(EditLine *el) +{ + EL_FLAGS = 0; + if (el->el_tty.t_tabs) + EL_FLAGS |= (Val(T_pt) && !Val(T_xt)) ? TERM_CAN_TAB : 0; + + EL_FLAGS |= (Val(T_km) || Val(T_MT)) ? TERM_HAS_META : 0; + EL_FLAGS |= GoodStr(T_ce) ? TERM_CAN_CEOL : 0; + EL_FLAGS |= (GoodStr(T_dc) || GoodStr(T_DC)) ? TERM_CAN_DELETE : 0; + EL_FLAGS |= (GoodStr(T_im) || GoodStr(T_ic) || GoodStr(T_IC)) ? + TERM_CAN_INSERT : 0; + EL_FLAGS |= (GoodStr(T_up) || GoodStr(T_UP)) ? TERM_CAN_UP : 0; + EL_FLAGS |= Val(T_am) ? TERM_HAS_AUTO_MARGINS : 0; + EL_FLAGS |= Val(T_xn) ? TERM_HAS_MAGIC_MARGINS : 0; + + if (GoodStr(T_me) && GoodStr(T_ue)) + EL_FLAGS |= (strcmp(Str(T_me), Str(T_ue)) == 0) ? + TERM_CAN_ME : 0; + else + EL_FLAGS &= ~TERM_CAN_ME; + if (GoodStr(T_me) && GoodStr(T_se)) + EL_FLAGS |= (strcmp(Str(T_me), Str(T_se)) == 0) ? + TERM_CAN_ME : 0; + + +#ifdef DEBUG_SCREEN + if (!EL_CAN_UP) { + (void) fprintf(el->el_errfile, + "WARNING: Your terminal cannot move up.\n"); + (void) fprintf(el->el_errfile, + "Editing may be odd for long lines.\n"); + } + if (!EL_CAN_CEOL) + (void) fprintf(el->el_errfile, "no clear EOL capability.\n"); + if (!EL_CAN_DELETE) + (void) fprintf(el->el_errfile, "no delete char capability.\n"); + if (!EL_CAN_INSERT) + (void) fprintf(el->el_errfile, "no insert char capability.\n"); +#endif /* DEBUG_SCREEN */ +} + +/* term_init(): + * Initialize the terminal stuff + */ +protected int +term_init(EditLine *el) +{ + + el->el_term.t_buf = (char *) el_malloc(TC_BUFSIZE); + if (el->el_term.t_buf == NULL) + return (-1); + el->el_term.t_cap = (char *) el_malloc(TC_BUFSIZE); + if (el->el_term.t_cap == NULL) + return (-1); + el->el_term.t_fkey = (fkey_t *) el_malloc(A_K_NKEYS * sizeof(fkey_t)); + if (el->el_term.t_fkey == NULL) + return (-1); + el->el_term.t_loc = 0; + el->el_term.t_str = (char **) el_malloc(T_str * sizeof(char *)); + if (el->el_term.t_str == NULL) + return (-1); + (void) memset(el->el_term.t_str, 0, T_str * sizeof(char *)); + el->el_term.t_val = (int *) el_malloc(T_val * sizeof(int)); + if (el->el_term.t_val == NULL) + return (-1); + (void) memset(el->el_term.t_val, 0, T_val * sizeof(int)); + (void) term_set(el, NULL); + term_init_arrow(el); + return (0); +} + +/* term_end(): + * Clean up the terminal stuff + */ +protected void +term_end(EditLine *el) +{ + + el_free((ptr_t) el->el_term.t_buf); + el->el_term.t_buf = NULL; + el_free((ptr_t) el->el_term.t_cap); + el->el_term.t_cap = NULL; + el->el_term.t_loc = 0; + el_free((ptr_t) el->el_term.t_str); + el->el_term.t_str = NULL; + el_free((ptr_t) el->el_term.t_val); + el->el_term.t_val = NULL; + el_free((ptr_t) el->el_term.t_fkey); + el->el_term.t_fkey = NULL; + term_free_display(el); +} + + +/* term_alloc(): + * Maintain a string pool for termcap strings + */ +private void +term_alloc(EditLine *el, const struct termcapstr *t, const char *cap) +{ + char termbuf[TC_BUFSIZE]; + size_t tlen, clen; + char **tlist = el->el_term.t_str; + char **tmp, **str = &tlist[t - tstr]; + + if (cap == NULL || *cap == '\0') { + *str = NULL; + return; + } else + clen = strlen(cap); + + tlen = *str == NULL ? 0 : strlen(*str); + + /* + * New string is shorter; no need to allocate space + */ + if (clen <= tlen) { + if (*str) + (void) strcpy(*str, cap); /* XXX strcpy is safe */ + return; + } + /* + * New string is longer; see if we have enough space to append + */ + if (el->el_term.t_loc + 3 < TC_BUFSIZE) { + /* XXX strcpy is safe */ + (void) strcpy(*str = &el->el_term.t_buf[el->el_term.t_loc], + cap); + el->el_term.t_loc += (int)clen + 1; /* one for \0 */ + return; + } + /* + * Compact our buffer; no need to check compaction, cause we know it + * fits... + */ + tlen = 0; + for (tmp = tlist; tmp < &tlist[T_str]; tmp++) + if (*tmp != NULL && *tmp != '\0' && *tmp != *str) { + char *ptr; + + for (ptr = *tmp; *ptr != '\0'; termbuf[tlen++] = *ptr++) + continue; + termbuf[tlen++] = '\0'; + } + memcpy(el->el_term.t_buf, termbuf, TC_BUFSIZE); + el->el_term.t_loc = (int)tlen; + if (el->el_term.t_loc + 3 >= TC_BUFSIZE) { + (void) fprintf(el->el_errfile, + "Out of termcap string space.\n"); + return; + } + /* XXX strcpy is safe */ + (void) strcpy(*str = &el->el_term.t_buf[el->el_term.t_loc], cap); + el->el_term.t_loc += (int)clen + 1; /* one for \0 */ + return; +} + + +/* term_rebuffer_display(): + * Rebuffer the display after the screen changed size + */ +private int +term_rebuffer_display(EditLine *el) +{ + coord_t *c = &el->el_term.t_size; + + term_free_display(el); + + c->h = Val(T_co); + c->v = Val(T_li); + + if (term_alloc_display(el) == -1) + return (-1); + return (0); +} + + +/* term_alloc_display(): + * Allocate a new display. + */ +private int +term_alloc_display(EditLine *el) +{ + int i; + Char **b; + coord_t *c = &el->el_term.t_size; + + b = el_malloc(sizeof(*b) * (c->v + 1)); + if (b == NULL) + return (-1); + for (i = 0; i < c->v; i++) { + b[i] = el_malloc(sizeof(**b) * (c->h + 1)); + if (b[i] == NULL) { + while (--i >= 0) + el_free((ptr_t) b[i]); + el_free((ptr_t) b); + return (-1); + } + } + b[c->v] = NULL; + el->el_display = b; + + b = el_malloc(sizeof(*b) * (c->v + 1)); + if (b == NULL) + return (-1); + for (i = 0; i < c->v; i++) { + b[i] = el_malloc(sizeof(**b) * (c->h + 1)); + if (b[i] == NULL) { + while (--i >= 0) + el_free((ptr_t) b[i]); + el_free((ptr_t) b); + return (-1); + } + } + b[c->v] = NULL; + el->el_vdisplay = b; + return (0); +} + + +/* term_free_display(): + * Free the display buffers + */ +private void +term_free_display(EditLine *el) +{ + Char **b; + Char **bufp; + + b = el->el_display; + el->el_display = NULL; + if (b != NULL) { + for (bufp = b; *bufp != NULL; bufp++) + el_free((ptr_t) *bufp); + el_free((ptr_t) b); + } + b = el->el_vdisplay; + el->el_vdisplay = NULL; + if (b != NULL) { + for (bufp = b; *bufp != NULL; bufp++) + el_free((ptr_t) *bufp); + el_free((ptr_t) b); + } +} + + +/* term_move_to_line(): + * move to line (first line == 0) + * as efficiently as possible + */ +protected void +term_move_to_line(EditLine *el, int where) +{ + int del; + + if (where == el->el_cursor.v) + return; + + if (where > el->el_term.t_size.v) { +#ifdef DEBUG_SCREEN + (void) fprintf(el->el_errfile, + "term_move_to_line: where is ridiculous: %d\r\n", where); +#endif /* DEBUG_SCREEN */ + return; + } + if ((del = where - el->el_cursor.v) > 0) { + while (del > 0) { + if (EL_HAS_AUTO_MARGINS && + el->el_display[el->el_cursor.v][0] != '\0') { + size_t h = el->el_term.t_size.h - 1; +#ifdef WIDECHAR + for (; h > 0 && + el->el_display[el->el_cursor.v][h] == + MB_FILL_CHAR; + h--) + continue; +#endif + /* move without newline */ + term_move_to_char(el, (int)h); + term_overwrite(el, &el->el_display + [el->el_cursor.v][el->el_cursor.h], + (size_t)(el->el_term.t_size.h - + el->el_cursor.h)); + /* updates Cursor */ + del--; + } else { + if ((del > 1) && GoodStr(T_DO)) { + term_tputs(el, tgoto(Str(T_DO), del, + del), del); + del = 0; + } else { + for (; del > 0; del--) + term__putc(el, '\n'); + /* because the \n will become \r\n */ + el->el_cursor.h = 0; + } + } + } + } else { /* del < 0 */ + if (GoodStr(T_UP) && (-del > 1 || !GoodStr(T_up))) + term_tputs(el, tgoto(Str(T_UP), -del, -del), -del); + else { + if (GoodStr(T_up)) + for (; del < 0; del++) + term_tputs(el, Str(T_up), 1); + } + } + el->el_cursor.v = where;/* now where is here */ +} + + +/* term_move_to_char(): + * Move to the character position specified + */ +protected void +term_move_to_char(EditLine *el, int where) +{ + int del, i; + +mc_again: + if (where == el->el_cursor.h) + return; + + if (where > el->el_term.t_size.h) { +#ifdef DEBUG_SCREEN + (void) fprintf(el->el_errfile, + "term_move_to_char: where is riduculous: %d\r\n", where); +#endif /* DEBUG_SCREEN */ + return; + } + if (!where) { /* if where is first column */ + term__putc(el, '\r'); /* do a CR */ + el->el_cursor.h = 0; + return; + } + del = where - el->el_cursor.h; + + if ((del < -4 || del > 4) && GoodStr(T_ch)) + /* go there directly */ + term_tputs(el, tgoto(Str(T_ch), where, where), where); + else { + if (del > 0) { /* moving forward */ + if ((del > 4) && GoodStr(T_RI)) + term_tputs(el, tgoto(Str(T_RI), del, del), del); + else { + /* if I can do tabs, use them */ + if (EL_CAN_TAB) { + if ((el->el_cursor.h & 0370) != + (where & ~0x7) +#ifdef WIDECHAR + && (el->el_display[ + el->el_cursor.v][where & 0370] != + MB_FILL_CHAR) +#endif + ) { + /* if not within tab stop */ + for (i = + (el->el_cursor.h & 0370); + i < (where & ~0x7); + i += 8) + term__putc(el, '\t'); + /* then tab over */ + el->el_cursor.h = where & ~0x7; + } + } + /* + * it's usually cheaper to just write the + * chars, so we do. + */ + /* + * NOTE THAT term_overwrite() WILL CHANGE + * el->el_cursor.h!!! + */ + term_overwrite(el, &el->el_display[ + el->el_cursor.v][el->el_cursor.h], + (size_t)(where - el->el_cursor.h)); + + } + } else { /* del < 0 := moving backward */ + if ((-del > 4) && GoodStr(T_LE)) + term_tputs(el, tgoto(Str(T_LE), -del, -del), + -del); + else { /* can't go directly there */ + /* + * if the "cost" is greater than the "cost" + * from col 0 + */ + if (EL_CAN_TAB ? + ((unsigned int)-del > + (((unsigned int) where >> 3) + + (where & 07))) + : (-del > where)) { + term__putc(el, '\r'); /* do a CR */ + el->el_cursor.h = 0; + goto mc_again; /* and try again */ + } + for (i = 0; i < -del; i++) + term__putc(el, '\b'); + } + } + } + el->el_cursor.h = where; /* now where is here */ +} + + +/* term_overwrite(): + * Overstrike num characters + * Assumes MB_FILL_CHARs are present to keep the column count correct + */ +protected void +term_overwrite(EditLine *el, const Char *cp, size_t n) +{ + if (n == 0) + return; + + if (n > (size_t)el->el_term.t_size.h) { +#ifdef DEBUG_SCREEN + (void) fprintf(el->el_errfile, + "term_overwrite: n is riduculous: %d\r\n", n); +#endif /* DEBUG_SCREEN */ + return; + } + + do { + /* term__putc() ignores any MB_FILL_CHARs */ + term__putc(el, *cp++); + el->el_cursor.h++; + } while (--n); + + if (el->el_cursor.h >= el->el_term.t_size.h) { /* wrap? */ + if (EL_HAS_AUTO_MARGINS) { /* yes */ + el->el_cursor.h = 0; + el->el_cursor.v++; + if (EL_HAS_MAGIC_MARGINS) { + /* force the wrap to avoid the "magic" + * situation */ + Char c; + if ((c = el->el_display[el->el_cursor.v] + [el->el_cursor.h]) != '\0') { + term_overwrite(el, &c, 1); +#ifdef WIDECHAR + while (el->el_display[el->el_cursor.v] + [el->el_cursor.h] == MB_FILL_CHAR) + el->el_cursor.h++; +#endif + } else { + term__putc(el, ' '); + el->el_cursor.h = 1; + } + } + } else /* no wrap, but cursor stays on screen */ + el->el_cursor.h = el->el_term.t_size.h - 1; + } +} + + +/* term_deletechars(): + * Delete num characters + */ +protected void +term_deletechars(EditLine *el, int num) +{ + if (num <= 0) + return; + + if (!EL_CAN_DELETE) { +#ifdef DEBUG_EDIT + (void) fprintf(el->el_errfile, " ERROR: cannot delete \n"); +#endif /* DEBUG_EDIT */ + return; + } + if (num > el->el_term.t_size.h) { +#ifdef DEBUG_SCREEN + (void) fprintf(el->el_errfile, + "term_deletechars: num is riduculous: %d\r\n", num); +#endif /* DEBUG_SCREEN */ + return; + } + if (GoodStr(T_DC)) /* if I have multiple delete */ + if ((num > 1) || !GoodStr(T_dc)) { /* if dc would be more + * expen. */ + term_tputs(el, tgoto(Str(T_DC), num, num), num); + return; + } + if (GoodStr(T_dm)) /* if I have delete mode */ + term_tputs(el, Str(T_dm), 1); + + if (GoodStr(T_dc)) /* else do one at a time */ + while (num--) + term_tputs(el, Str(T_dc), 1); + + if (GoodStr(T_ed)) /* if I have delete mode */ + term_tputs(el, Str(T_ed), 1); +} + + +/* term_insertwrite(): + * Puts terminal in insert character mode or inserts num + * characters in the line + * Assumes MB_FILL_CHARs are present to keep column count correct + */ +protected void +term_insertwrite(EditLine *el, Char *cp, int num) +{ + if (num <= 0) + return; + if (!EL_CAN_INSERT) { +#ifdef DEBUG_EDIT + (void) fprintf(el->el_errfile, " ERROR: cannot insert \n"); +#endif /* DEBUG_EDIT */ + return; + } + if (num > el->el_term.t_size.h) { +#ifdef DEBUG_SCREEN + (void) fprintf(el->el_errfile, + "StartInsert: num is riduculous: %d\r\n", num); +#endif /* DEBUG_SCREEN */ + return; + } + if (GoodStr(T_IC)) /* if I have multiple insert */ + if ((num > 1) || !GoodStr(T_ic)) { + /* if ic would be more expensive */ + term_tputs(el, tgoto(Str(T_IC), num, num), num); + term_overwrite(el, cp, (size_t)num); + /* this updates el_cursor.h */ + return; + } + if (GoodStr(T_im) && GoodStr(T_ei)) { /* if I have insert mode */ + term_tputs(el, Str(T_im), 1); + + el->el_cursor.h += num; + do + term__putc(el, *cp++); + while (--num); + + if (GoodStr(T_ip)) /* have to make num chars insert */ + term_tputs(el, Str(T_ip), 1); + + term_tputs(el, Str(T_ei), 1); + return; + } + do { + if (GoodStr(T_ic)) /* have to make num chars insert */ + term_tputs(el, Str(T_ic), 1); + + term__putc(el, *cp++); + + el->el_cursor.h++; + + if (GoodStr(T_ip)) /* have to make num chars insert */ + term_tputs(el, Str(T_ip), 1); + /* pad the inserted char */ + + } while (--num); +} + + +/* term_clear_EOL(): + * clear to end of line. There are num characters to clear + */ +protected void +term_clear_EOL(EditLine *el, int num) +{ + int i; + + if (EL_CAN_CEOL && GoodStr(T_ce)) + term_tputs(el, Str(T_ce), 1); + else { + for (i = 0; i < num; i++) + term__putc(el, ' '); + el->el_cursor.h += num; /* have written num spaces */ + } +} + + +/* term_clear_screen(): + * Clear the screen + */ +protected void +term_clear_screen(EditLine *el) +{ /* clear the whole screen and home */ + + if (GoodStr(T_cl)) + /* send the clear screen code */ + term_tputs(el, Str(T_cl), Val(T_li)); + else if (GoodStr(T_ho) && GoodStr(T_cd)) { + term_tputs(el, Str(T_ho), Val(T_li)); /* home */ + /* clear to bottom of screen */ + term_tputs(el, Str(T_cd), Val(T_li)); + } else { + term__putc(el, '\r'); + term__putc(el, '\n'); + } +} + + +/* term_beep(): + * Beep the way the terminal wants us + */ +protected void +term_beep(EditLine *el) +{ + if (GoodStr(T_bl)) + /* what termcap says we should use */ + term_tputs(el, Str(T_bl), 1); + else + term__putc(el, '\007'); /* an ASCII bell; ^G */ +} + + +#ifdef notdef +/* term_clear_to_bottom(): + * Clear to the bottom of the screen + */ +protected void +term_clear_to_bottom(EditLine *el) +{ + if (GoodStr(T_cd)) + term_tputs(el, Str(T_cd), Val(T_li)); + else if (GoodStr(T_ce)) + term_tputs(el, Str(T_ce), Val(T_li)); +} +#endif + +protected void +term_get(EditLine *el, const char **term) +{ + *term = el->el_term.t_name; +} + + +/* term_set(): + * Read in the terminal capabilities from the requested terminal + */ +protected int +term_set(EditLine *el, const char *term) +{ + int i; + char buf[TC_BUFSIZE]; + char *area; + const struct termcapstr *t; + sigset_t oset, nset; + int lins, cols; + + (void) sigemptyset(&nset); + (void) sigaddset(&nset, SIGWINCH); + (void) sigprocmask(SIG_BLOCK, &nset, &oset); + + area = buf; + + + if (term == NULL) + term = getenv("TERM"); + + if (!term || !term[0]) + term = "dumb"; + + if (strcmp(term, "emacs") == 0) + el->el_flags |= EDIT_DISABLED; + + memset(el->el_term.t_cap, 0, TC_BUFSIZE); + + i = tgetent(el->el_term.t_cap, term); + + if (i <= 0) { + if (i == -1) + (void) fprintf(el->el_errfile, + "Cannot read termcap database;\n"); + else if (i == 0) + (void) fprintf(el->el_errfile, + "No entry for terminal type \"%s\";\n", term); + (void) fprintf(el->el_errfile, + "using dumb terminal settings.\n"); + Val(T_co) = 80; /* do a dumb terminal */ + Val(T_pt) = Val(T_km) = Val(T_li) = 0; + Val(T_xt) = Val(T_MT); + for (t = tstr; t->name != NULL; t++) + term_alloc(el, t, NULL); + } else { + /* auto/magic margins */ + Val(T_am) = tgetflag("am"); + Val(T_xn) = tgetflag("xn"); + /* Can we tab */ + Val(T_pt) = tgetflag("pt"); + Val(T_xt) = tgetflag("xt"); + /* do we have a meta? */ + Val(T_km) = tgetflag("km"); + Val(T_MT) = tgetflag("MT"); + /* Get the size */ + Val(T_co) = tgetnum("co"); + Val(T_li) = tgetnum("li"); + for (t = tstr; t->name != NULL; t++) { + /* XXX: some systems' tgetstr needs non const */ + term_alloc(el, t, tgetstr(strchr(t->name, *t->name), + &area)); + } + } + + if (Val(T_co) < 2) + Val(T_co) = 80; /* just in case */ + if (Val(T_li) < 1) + Val(T_li) = 24; + + el->el_term.t_size.v = Val(T_co); + el->el_term.t_size.h = Val(T_li); + + term_setflags(el); + + /* get the correct window size */ + (void) term_get_size(el, &lins, &cols); + if (term_change_size(el, lins, cols) == -1) + return (-1); + (void) sigprocmask(SIG_SETMASK, &oset, NULL); + term_bind_arrow(el); + el->el_term.t_name = term; + return (i <= 0 ? -1 : 0); +} + + +/* term_get_size(): + * Return the new window size in lines and cols, and + * true if the size was changed. + */ +protected int +term_get_size(EditLine *el, int *lins, int *cols) +{ + + *cols = Val(T_co); + *lins = Val(T_li); + +#ifdef TIOCGWINSZ + { + struct winsize ws; + if (ioctl(el->el_infd, TIOCGWINSZ, (ioctl_t) & ws) != -1) { + if (ws.ws_col) + *cols = ws.ws_col; + if (ws.ws_row) + *lins = ws.ws_row; + } + } +#endif +#ifdef TIOCGSIZE + { + struct ttysize ts; + if (ioctl(el->el_infd, TIOCGSIZE, (ioctl_t) & ts) != -1) { + if (ts.ts_cols) + *cols = ts.ts_cols; + if (ts.ts_lines) + *lins = ts.ts_lines; + } + } +#endif + return (Val(T_co) != *cols || Val(T_li) != *lins); +} + + +/* term_change_size(): + * Change the size of the terminal + */ +protected int +term_change_size(EditLine *el, int lins, int cols) +{ + /* + * Just in case + */ + Val(T_co) = (cols < 2) ? 80 : cols; + Val(T_li) = (lins < 1) ? 24 : lins; + + /* re-make display buffers */ + if (term_rebuffer_display(el) == -1) + return (-1); + re_clear_display(el); + return (0); +} + + +/* term_init_arrow(): + * Initialize the arrow key bindings from termcap + */ +private void +term_init_arrow(EditLine *el) +{ + fkey_t *arrow = el->el_term.t_fkey; + + arrow[A_K_DN].name = STR("down"); + arrow[A_K_DN].key = T_kd; + arrow[A_K_DN].fun.cmd = ED_NEXT_HISTORY; + arrow[A_K_DN].type = XK_CMD; + + arrow[A_K_UP].name = STR("up"); + arrow[A_K_UP].key = T_ku; + arrow[A_K_UP].fun.cmd = ED_PREV_HISTORY; + arrow[A_K_UP].type = XK_CMD; + + arrow[A_K_LT].name = STR("left"); + arrow[A_K_LT].key = T_kl; + arrow[A_K_LT].fun.cmd = ED_PREV_CHAR; + arrow[A_K_LT].type = XK_CMD; + + arrow[A_K_RT].name = STR("right"); + arrow[A_K_RT].key = T_kr; + arrow[A_K_RT].fun.cmd = ED_NEXT_CHAR; + arrow[A_K_RT].type = XK_CMD; + + arrow[A_K_HO].name = STR("home"); + arrow[A_K_HO].key = T_kh; + arrow[A_K_HO].fun.cmd = ED_MOVE_TO_BEG; + arrow[A_K_HO].type = XK_CMD; + + arrow[A_K_EN].name = STR("end"); + arrow[A_K_EN].key = T_at7; + arrow[A_K_EN].fun.cmd = ED_MOVE_TO_END; + arrow[A_K_EN].type = XK_CMD; +} + + +/* term_reset_arrow(): + * Reset arrow key bindings + */ +private void +term_reset_arrow(EditLine *el) +{ + fkey_t *arrow = el->el_term.t_fkey; + static const Char strA[] = {033, '[', 'A', '\0'}; + static const Char strB[] = {033, '[', 'B', '\0'}; + static const Char strC[] = {033, '[', 'C', '\0'}; + static const Char strD[] = {033, '[', 'D', '\0'}; + static const Char strH[] = {033, '[', 'H', '\0'}; + static const Char strF[] = {033, '[', 'F', '\0'}; + static const Char stOA[] = {033, 'O', 'A', '\0'}; + static const Char stOB[] = {033, 'O', 'B', '\0'}; + static const Char stOC[] = {033, 'O', 'C', '\0'}; + static const Char stOD[] = {033, 'O', 'D', '\0'}; + static const Char stOH[] = {033, 'O', 'H', '\0'}; + static const Char stOF[] = {033, 'O', 'F', '\0'}; + + key_add(el, strA, &arrow[A_K_UP].fun, arrow[A_K_UP].type); + key_add(el, strB, &arrow[A_K_DN].fun, arrow[A_K_DN].type); + key_add(el, strC, &arrow[A_K_RT].fun, arrow[A_K_RT].type); + key_add(el, strD, &arrow[A_K_LT].fun, arrow[A_K_LT].type); + key_add(el, strH, &arrow[A_K_HO].fun, arrow[A_K_HO].type); + key_add(el, strF, &arrow[A_K_EN].fun, arrow[A_K_EN].type); + key_add(el, stOA, &arrow[A_K_UP].fun, arrow[A_K_UP].type); + key_add(el, stOB, &arrow[A_K_DN].fun, arrow[A_K_DN].type); + key_add(el, stOC, &arrow[A_K_RT].fun, arrow[A_K_RT].type); + key_add(el, stOD, &arrow[A_K_LT].fun, arrow[A_K_LT].type); + key_add(el, stOH, &arrow[A_K_HO].fun, arrow[A_K_HO].type); + key_add(el, stOF, &arrow[A_K_EN].fun, arrow[A_K_EN].type); + + if (el->el_map.type == MAP_VI) { + key_add(el, &strA[1], &arrow[A_K_UP].fun, arrow[A_K_UP].type); + key_add(el, &strB[1], &arrow[A_K_DN].fun, arrow[A_K_DN].type); + key_add(el, &strC[1], &arrow[A_K_RT].fun, arrow[A_K_RT].type); + key_add(el, &strD[1], &arrow[A_K_LT].fun, arrow[A_K_LT].type); + key_add(el, &strH[1], &arrow[A_K_HO].fun, arrow[A_K_HO].type); + key_add(el, &strF[1], &arrow[A_K_EN].fun, arrow[A_K_EN].type); + key_add(el, &stOA[1], &arrow[A_K_UP].fun, arrow[A_K_UP].type); + key_add(el, &stOB[1], &arrow[A_K_DN].fun, arrow[A_K_DN].type); + key_add(el, &stOC[1], &arrow[A_K_RT].fun, arrow[A_K_RT].type); + key_add(el, &stOD[1], &arrow[A_K_LT].fun, arrow[A_K_LT].type); + key_add(el, &stOH[1], &arrow[A_K_HO].fun, arrow[A_K_HO].type); + key_add(el, &stOF[1], &arrow[A_K_EN].fun, arrow[A_K_EN].type); + } +} + + +/* term_set_arrow(): + * Set an arrow key binding + */ +protected int +term_set_arrow(EditLine *el, const Char *name, key_value_t *fun, int type) +{ + fkey_t *arrow = el->el_term.t_fkey; + int i; + + for (i = 0; i < A_K_NKEYS; i++) + if (Strcmp(name, arrow[i].name) == 0) { + arrow[i].fun = *fun; + arrow[i].type = type; + return (0); + } + return (-1); +} + + +/* term_clear_arrow(): + * Clear an arrow key binding + */ +protected int +term_clear_arrow(EditLine *el, const Char *name) +{ + fkey_t *arrow = el->el_term.t_fkey; + int i; + + for (i = 0; i < A_K_NKEYS; i++) + if (Strcmp(name, arrow[i].name) == 0) { + arrow[i].type = XK_NOD; + return (0); + } + return (-1); +} + + +/* term_print_arrow(): + * Print the arrow key bindings + */ +protected void +term_print_arrow(EditLine *el, const Char *name) +{ + int i; + fkey_t *arrow = el->el_term.t_fkey; + + for (i = 0; i < A_K_NKEYS; i++) + if (*name == '\0' || Strcmp(name, arrow[i].name) == 0) + if (arrow[i].type != XK_NOD) + key_kprint(el, arrow[i].name, &arrow[i].fun, + arrow[i].type); +} + + +/* term_bind_arrow(): + * Bind the arrow keys + */ +protected void +term_bind_arrow(EditLine *el) +{ + el_action_t *map; + const el_action_t *dmap; + int i, j; + char *p; + fkey_t *arrow = el->el_term.t_fkey; + + /* Check if the components needed are initialized */ + if (el->el_term.t_buf == NULL || el->el_map.key == NULL) + return; + + map = el->el_map.type == MAP_VI ? el->el_map.alt : el->el_map.key; + dmap = el->el_map.type == MAP_VI ? el->el_map.vic : el->el_map.emacs; + + term_reset_arrow(el); + + for (i = 0; i < A_K_NKEYS; i++) { + Char wt_str[VISUAL_WIDTH_MAX]; + Char *px; + size_t n; + + p = el->el_term.t_str[arrow[i].key]; + if (!p || !*p) + continue; + for (n = 0; n < VISUAL_WIDTH_MAX && p[n]; ++n) + wt_str[n] = p[n]; + while (n < VISUAL_WIDTH_MAX) + wt_str[n++] = '\0'; + px = wt_str; + j = (unsigned char) *p; + /* + * Assign the arrow keys only if: + * + * 1. They are multi-character arrow keys and the user + * has not re-assigned the leading character, or + * has re-assigned the leading character to be + * ED_SEQUENCE_LEAD_IN + * 2. They are single arrow keys pointing to an + * unassigned key. + */ + if (arrow[i].type == XK_NOD) + key_clear(el, map, px); + else { + if (p[1] && (dmap[j] == map[j] || + map[j] == ED_SEQUENCE_LEAD_IN)) { + key_add(el, px, &arrow[i].fun, + arrow[i].type); + map[j] = ED_SEQUENCE_LEAD_IN; + } else if (map[j] == ED_UNASSIGNED) { + key_clear(el, map, px); + if (arrow[i].type == XK_CMD) + map[j] = arrow[i].fun.cmd; + else + key_add(el, px, &arrow[i].fun, + arrow[i].type); + } + } + } +} + +/* term_putc(): + * Add a character + */ +private int +term_putc(int c) +{ + if (term_outfile == NULL) + return -1; + return fputc(c, term_outfile); +} + +private void +term_tputs(EditLine *el, const char *cap, int affcnt) +{ +#ifdef _REENTRANT + pthread_mutex_lock(&term_mutex); +#endif + term_outfile = el->el_outfile; + (void)tputs(cap, affcnt, term_putc); +#ifdef _REENTRANT + pthread_mutex_unlock(&term_mutex); +#endif +} + +/* term__putc(): + * Add a character + */ +protected int +term__putc(EditLine *el, Int c) +{ + char buf[MB_LEN_MAX +1]; + ssize_t i; + if (c == MB_FILL_CHAR) + return 0; + i = ct_encode_char(buf, MB_LEN_MAX, c); + if (i <= 0) + return (int)i; + buf[i] = '\0'; + return fputs(buf, el->el_outfile); +} + +/* term__flush(): + * Flush output + */ +protected void +term__flush(EditLine *el) +{ + + (void) fflush(el->el_outfile); +} + +/* term_writec(): + * Write the given character out, in a human readable form + */ +protected void +term_writec(EditLine *el, Int c) +{ + Char visbuf[VISUAL_WIDTH_MAX +1]; + ssize_t vcnt = ct_visual_char(visbuf, VISUAL_WIDTH_MAX, c); + visbuf[vcnt] = '\0'; + term_overwrite(el, visbuf, (size_t)vcnt); + term__flush(el); +} + + +/* term_telltc(): + * Print the current termcap characteristics + */ +protected int +/*ARGSUSED*/ +term_telltc(EditLine *el, int argc __attribute__((__unused__)), + const Char **argv __attribute__((__unused__))) +{ + const struct termcapstr *t; + char **ts; + + (void) fprintf(el->el_outfile, "\n\tYour terminal has the\n"); + (void) fprintf(el->el_outfile, "\tfollowing characteristics:\n\n"); + (void) fprintf(el->el_outfile, "\tIt has %d columns and %d lines\n", + Val(T_co), Val(T_li)); + (void) fprintf(el->el_outfile, + "\tIt has %s meta key\n", EL_HAS_META ? "a" : "no"); + (void) fprintf(el->el_outfile, + "\tIt can%suse tabs\n", EL_CAN_TAB ? " " : "not "); + (void) fprintf(el->el_outfile, "\tIt %s automatic margins\n", + EL_HAS_AUTO_MARGINS ? "has" : "does not have"); + if (EL_HAS_AUTO_MARGINS) + (void) fprintf(el->el_outfile, "\tIt %s magic margins\n", + EL_HAS_MAGIC_MARGINS ? "has" : "does not have"); + + for (t = tstr, ts = el->el_term.t_str; t->name != NULL; t++, ts++) { + const char *ub; + if (*ts && **ts) { + ub = ct_encode_string(ct_visual_string( + ct_decode_string(*ts, &el->el_scratch)), + &el->el_scratch); + } else { + ub = "(empty)"; + } + (void) fprintf(el->el_outfile, "\t%25s (%s) == %s\n", + t->long_name, t->name, ub); + } + (void) fputc('\n', el->el_outfile); + return (0); +} + + +/* term_settc(): + * Change the current terminal characteristics + */ +protected int +/*ARGSUSED*/ +term_settc(EditLine *el, int argc __attribute__((__unused__)), + const Char **argv) +{ + const struct termcapstr *ts; + const struct termcapval *tv; + char what[8], how[8]; + + if (argv == NULL || argv[1] == NULL || argv[2] == NULL) + return -1; + + strncpy(what, ct_encode_string(argv[1], &el->el_scratch), sizeof(what)); + what[sizeof(what) - 1] = '\0'; + strncpy(how, ct_encode_string(argv[2], &el->el_scratch), sizeof(how)); + how[sizeof(how) - 1] = '\0'; + + /* + * Do the strings first + */ + for (ts = tstr; ts->name != NULL; ts++) + if (strcmp(ts->name, what) == 0) + break; + + if (ts->name != NULL) { + term_alloc(el, ts, how); + term_setflags(el); + return 0; + } + /* + * Do the numeric ones second + */ + for (tv = tval; tv->name != NULL; tv++) + if (strcmp(tv->name, what) == 0) + break; + + if (tv->name != NULL) + return -1; + + if (tv == &tval[T_pt] || tv == &tval[T_km] || + tv == &tval[T_am] || tv == &tval[T_xn]) { + if (strcmp(how, "yes") == 0) + el->el_term.t_val[tv - tval] = 1; + else if (strcmp(how, "no") == 0) + el->el_term.t_val[tv - tval] = 0; + else { + (void) fprintf(el->el_errfile, + "" FSTR ": Bad value `%s'.\n", argv[0], how); + return -1; + } + term_setflags(el); + if (term_change_size(el, Val(T_li), Val(T_co)) == -1) + return -1; + return 0; + } else { + long i; + char *ep; + + i = strtol(how, &ep, 10); + if (*ep != '\0') { + (void) fprintf(el->el_errfile, + "" FSTR ": Bad value `%s'.\n", argv[0], how); + return -1; + } + el->el_term.t_val[tv - tval] = (int) i; + el->el_term.t_size.v = Val(T_co); + el->el_term.t_size.h = Val(T_li); + if (tv == &tval[T_co] || tv == &tval[T_li]) + if (term_change_size(el, Val(T_li), Val(T_co)) + == -1) + return -1; + return 0; + } +} + + +/* term_gettc(): + * Get the current terminal characteristics + */ +protected int +/*ARGSUSED*/ +term_gettc(EditLine *el, int argc __attribute__((__unused__)), char **argv) +{ + const struct termcapstr *ts; + const struct termcapval *tv; + char *what; + void *how; + + if (argv == NULL || argv[1] == NULL || argv[2] == NULL) + return (-1); + + what = argv[1]; + how = argv[2]; + + /* + * Do the strings first + */ + for (ts = tstr; ts->name != NULL; ts++) + if (strcmp(ts->name, what) == 0) + break; + + if (ts->name != NULL) { + *(char **)how = el->el_term.t_str[ts - tstr]; + return 0; + } + /* + * Do the numeric ones second + */ + for (tv = tval; tv->name != NULL; tv++) + if (strcmp(tv->name, what) == 0) + break; + + if (tv->name == NULL) + return -1; + + if (tv == &tval[T_pt] || tv == &tval[T_km] || + tv == &tval[T_am] || tv == &tval[T_xn]) { + static char yes[] = "yes"; + static char no[] = "no"; + if (el->el_term.t_val[tv - tval]) + *(char **)how = yes; + else + *(char **)how = no; + return 0; + } else { + *(int *)how = el->el_term.t_val[tv - tval]; + return 0; + } +} + +/* term_echotc(): + * Print the termcap string out with variable substitution + */ +protected int +/*ARGSUSED*/ +term_echotc(EditLine *el, int argc __attribute__((__unused__)), + const Char **argv) +{ + char *cap, *scap; + Char *ep; + int arg_need, arg_cols, arg_rows; + int verbose = 0, silent = 0; + char *area; + static const char fmts[] = "%s\n", fmtd[] = "%d\n"; + const struct termcapstr *t; + char buf[TC_BUFSIZE]; + long i; + + area = buf; + + if (argv == NULL || argv[1] == NULL) + return (-1); + argv++; + + if (argv[0][0] == '-') { + switch (argv[0][1]) { + case 'v': + verbose = 1; + break; + case 's': + silent = 1; + break; + default: + /* stderror(ERR_NAME | ERR_TCUSAGE); */ + break; + } + argv++; + } + if (!*argv || *argv[0] == '\0') + return (0); + if (Strcmp(*argv, STR("tabs")) == 0) { + (void) fprintf(el->el_outfile, fmts, EL_CAN_TAB ? "yes" : "no"); + return (0); + } else if (Strcmp(*argv, STR("meta")) == 0) { + (void) fprintf(el->el_outfile, fmts, Val(T_km) ? "yes" : "no"); + return (0); + } else if (Strcmp(*argv, STR("xn")) == 0) { + (void) fprintf(el->el_outfile, fmts, EL_HAS_MAGIC_MARGINS ? + "yes" : "no"); + return (0); + } else if (Strcmp(*argv, STR("am")) == 0) { + (void) fprintf(el->el_outfile, fmts, EL_HAS_AUTO_MARGINS ? + "yes" : "no"); + return (0); + } else if (Strcmp(*argv, STR("baud")) == 0) { +#ifdef notdef + int i; + + for (i = 0; baud_rate[i].b_name != NULL; i++) + if (el->el_tty.t_speed == baud_rate[i].b_rate) { + (void) fprintf(el->el_outfile, fmts, + baud_rate[i].b_name); + return (0); + } + (void) fprintf(el->el_outfile, fmtd, 0); +#else + (void) fprintf(el->el_outfile, fmtd, (int)el->el_tty.t_speed); +#endif + return (0); + } else if (Strcmp(*argv, STR("rows")) == 0 || + Strcmp(*argv, STR("lines")) == 0) { + (void) fprintf(el->el_outfile, fmtd, Val(T_li)); + return (0); + } else if (Strcmp(*argv, STR("cols")) == 0) { + (void) fprintf(el->el_outfile, fmtd, Val(T_co)); + return (0); + } + /* + * Try to use our local definition first + */ + scap = NULL; + for (t = tstr; t->name != NULL; t++) + if (strcmp(t->name, + ct_encode_string(*argv, &el->el_scratch)) == 0) { + scap = el->el_term.t_str[t - tstr]; + break; + } + if (t->name == NULL) { + /* XXX: some systems' tgetstr needs non const */ + scap = tgetstr(ct_encode_string(*argv, &el->el_scratch), &area); + } + if (!scap || scap[0] == '\0') { + if (!silent) + (void) fprintf(el->el_errfile, + "echotc: Termcap parameter `" FSTR "' not found.\n", + *argv); + return (-1); + } + /* + * Count home many values we need for this capability. + */ + for (cap = scap, arg_need = 0; *cap; cap++) + if (*cap == '%') + switch (*++cap) { + case 'd': + case '2': + case '3': + case '.': + case '+': + arg_need++; + break; + case '%': + case '>': + case 'i': + case 'r': + case 'n': + case 'B': + case 'D': + break; + default: + /* + * hpux has lot's of them... + */ + if (verbose) + (void) fprintf(el->el_errfile, + "echotc: Warning: unknown termcap %% `%c'.\n", + *cap); + /* This is bad, but I won't complain */ + break; + } + + switch (arg_need) { + case 0: + argv++; + if (*argv && *argv[0]) { + if (!silent) + (void) fprintf(el->el_errfile, + "echotc: Warning: Extra argument `" FSTR "'.\n", + *argv); + return (-1); + } + term_tputs(el, scap, 1); + break; + case 1: + argv++; + if (!*argv || *argv[0] == '\0') { + if (!silent) + (void) fprintf(el->el_errfile, + "echotc: Warning: Missing argument.\n"); + return (-1); + } + arg_cols = 0; + i = Strtol(*argv, &ep, 10); + if (*ep != '\0' || i < 0) { + if (!silent) + (void) fprintf(el->el_errfile, + "echotc: Bad value `" FSTR "' for rows.\n", + *argv); + return (-1); + } + arg_rows = (int) i; + argv++; + if (*argv && *argv[0]) { + if (!silent) + (void) fprintf(el->el_errfile, + "echotc: Warning: Extra argument `" FSTR "'.\n", + *argv); + return (-1); + } + term_tputs(el, tgoto(scap, arg_cols, arg_rows), 1); + break; + default: + /* This is wrong, but I will ignore it... */ + if (verbose) + (void) fprintf(el->el_errfile, + "echotc: Warning: Too many required arguments (%d).\n", + arg_need); + /* FALLTHROUGH */ + case 2: + argv++; + if (!*argv || *argv[0] == '\0') { + if (!silent) + (void) fprintf(el->el_errfile, + "echotc: Warning: Missing argument.\n"); + return (-1); + } + i = Strtol(*argv, &ep, 10); + if (*ep != '\0' || i < 0) { + if (!silent) + (void) fprintf(el->el_errfile, + "echotc: Bad value `" FSTR "' for cols.\n", + *argv); + return (-1); + } + arg_cols = (int) i; + argv++; + if (!*argv || *argv[0] == '\0') { + if (!silent) + (void) fprintf(el->el_errfile, + "echotc: Warning: Missing argument.\n"); + return (-1); + } + i = Strtol(*argv, &ep, 10); + if (*ep != '\0' || i < 0) { + if (!silent) + (void) fprintf(el->el_errfile, + "echotc: Bad value `" FSTR "' for rows.\n", + *argv); + return (-1); + } + arg_rows = (int) i; + if (*ep != '\0') { + if (!silent) + (void) fprintf(el->el_errfile, + "echotc: Bad value `" FSTR "'.\n", *argv); + return (-1); + } + argv++; + if (*argv && *argv[0]) { + if (!silent) + (void) fprintf(el->el_errfile, + "echotc: Warning: Extra argument `" FSTR "'.\n", + *argv); + return (-1); + } + term_tputs(el, tgoto(scap, arg_cols, arg_rows), arg_rows); + break; + } + return (0); +} diff --git a/lib/libedit/src/tokenizer.c b/lib/libedit/src/tokenizer.c new file mode 100644 index 000000000000..b1d5278d26cf --- /dev/null +++ b/lib/libedit/src/tokenizer.c @@ -0,0 +1,453 @@ +/* $NetBSD: tokenizer.c,v 1.18 2010/01/03 18:27:10 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef NARROWCHAR +#include "config.h" +#endif + +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)tokenizer.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: tokenizer.c,v 1.18 2010/01/03 18:27:10 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* We build this file twice, once as NARROW, once as WIDE. */ +/* + * tokenize.c: Bourne shell like tokenizer + */ +#include +#include +#include "histedit.h" +#include "chartype.h" + +typedef enum { + Q_none, Q_single, Q_double, Q_one, Q_doubleone +} quote_t; + +#define TOK_KEEP 1 +#define TOK_EAT 2 + +#define WINCR 20 +#define AINCR 10 + +#define IFS STR("\t \n") + +#define tok_malloc(a) malloc(a) +#define tok_free(a) free(a) +#define tok_realloc(a, b) realloc(a, b) +#define tok_strdup(a) Strdup(a) + + +struct TYPE(tokenizer) { + Char *ifs; /* In field separator */ + int argc, amax; /* Current and maximum number of args */ + Char **argv; /* Argument list */ + Char *wptr, *wmax; /* Space and limit on the word buffer */ + Char *wstart; /* Beginning of next word */ + Char *wspace; /* Space of word buffer */ + quote_t quote; /* Quoting state */ + int flags; /* flags; */ +}; + + +private void FUN(tok,finish)(TYPE(Tokenizer) *); + + +/* FUN(tok,finish)(): + * Finish a word in the tokenizer. + */ +private void +FUN(tok,finish)(TYPE(Tokenizer) *tok) +{ + + *tok->wptr = '\0'; + if ((tok->flags & TOK_KEEP) || tok->wptr != tok->wstart) { + tok->argv[tok->argc++] = tok->wstart; + tok->argv[tok->argc] = NULL; + tok->wstart = ++tok->wptr; + } + tok->flags &= ~TOK_KEEP; +} + + +/* FUN(tok,init)(): + * Initialize the tokenizer + */ +public TYPE(Tokenizer) * +FUN(tok,init)(const Char *ifs) +{ + TYPE(Tokenizer) *tok = tok_malloc(sizeof(TYPE(Tokenizer))); + + if (tok == NULL) + return NULL; + tok->ifs = tok_strdup(ifs ? ifs : IFS); + if (tok->ifs == NULL) { + tok_free((ptr_t)tok); + return NULL; + } + tok->argc = 0; + tok->amax = AINCR; + tok->argv = tok_malloc(sizeof(*tok->argv) * tok->amax); + if (tok->argv == NULL) { + tok_free((ptr_t)tok->ifs); + tok_free((ptr_t)tok); + return NULL; + } + tok->argv[0] = NULL; + tok->wspace = tok_malloc(WINCR * sizeof(*tok->wspace)); + if (tok->wspace == NULL) { + tok_free((ptr_t)tok->argv); + tok_free((ptr_t)tok->ifs); + tok_free((ptr_t)tok); + return NULL; + } + tok->wmax = tok->wspace + WINCR; + tok->wstart = tok->wspace; + tok->wptr = tok->wspace; + tok->flags = 0; + tok->quote = Q_none; + + return (tok); +} + + +/* FUN(tok,reset)(): + * Reset the tokenizer + */ +public void +FUN(tok,reset)(TYPE(Tokenizer) *tok) +{ + + tok->argc = 0; + tok->wstart = tok->wspace; + tok->wptr = tok->wspace; + tok->flags = 0; + tok->quote = Q_none; +} + + +/* FUN(tok,end)(): + * Clean up + */ +public void +FUN(tok,end)(TYPE(Tokenizer) *tok) +{ + + tok_free((ptr_t) tok->ifs); + tok_free((ptr_t) tok->wspace); + tok_free((ptr_t) tok->argv); + tok_free((ptr_t) tok); +} + + + +/* FUN(tok,line)(): + * Bourne shell (sh(1)) like tokenizing + * Arguments: + * tok current tokenizer state (setup with FUN(tok,init)()) + * line line to parse + * Returns: + * -1 Internal error + * 3 Quoted return + * 2 Unmatched double quote + * 1 Unmatched single quote + * 0 Ok + * Modifies (if return value is 0): + * argc number of arguments + * argv argument array + * cursorc if !NULL, argv element containing cursor + * cursorv if !NULL, offset in argv[cursorc] of cursor + */ +public int +FUN(tok,line)(TYPE(Tokenizer) *tok, const TYPE(LineInfo) *line, + int *argc, const Char ***argv, int *cursorc, int *cursoro) +{ + const Char *ptr; + int cc, co; + + cc = co = -1; + ptr = line->buffer; + for (ptr = line->buffer; ;ptr++) { + if (ptr >= line->lastchar) + ptr = STR(""); + if (ptr == line->cursor) { + cc = tok->argc; + co = (int)(tok->wptr - tok->wstart); + } + switch (*ptr) { + case '\'': + tok->flags |= TOK_KEEP; + tok->flags &= ~TOK_EAT; + switch (tok->quote) { + case Q_none: + tok->quote = Q_single; /* Enter single quote + * mode */ + break; + + case Q_single: /* Exit single quote mode */ + tok->quote = Q_none; + break; + + case Q_one: /* Quote this ' */ + tok->quote = Q_none; + *tok->wptr++ = *ptr; + break; + + case Q_double: /* Stay in double quote mode */ + *tok->wptr++ = *ptr; + break; + + case Q_doubleone: /* Quote this ' */ + tok->quote = Q_double; + *tok->wptr++ = *ptr; + break; + + default: + return (-1); + } + break; + + case '"': + tok->flags &= ~TOK_EAT; + tok->flags |= TOK_KEEP; + switch (tok->quote) { + case Q_none: /* Enter double quote mode */ + tok->quote = Q_double; + break; + + case Q_double: /* Exit double quote mode */ + tok->quote = Q_none; + break; + + case Q_one: /* Quote this " */ + tok->quote = Q_none; + *tok->wptr++ = *ptr; + break; + + case Q_single: /* Stay in single quote mode */ + *tok->wptr++ = *ptr; + break; + + case Q_doubleone: /* Quote this " */ + tok->quote = Q_double; + *tok->wptr++ = *ptr; + break; + + default: + return (-1); + } + break; + + case '\\': + tok->flags |= TOK_KEEP; + tok->flags &= ~TOK_EAT; + switch (tok->quote) { + case Q_none: /* Quote next character */ + tok->quote = Q_one; + break; + + case Q_double: /* Quote next character */ + tok->quote = Q_doubleone; + break; + + case Q_one: /* Quote this, restore state */ + *tok->wptr++ = *ptr; + tok->quote = Q_none; + break; + + case Q_single: /* Stay in single quote mode */ + *tok->wptr++ = *ptr; + break; + + case Q_doubleone: /* Quote this \ */ + tok->quote = Q_double; + *tok->wptr++ = *ptr; + break; + + default: + return (-1); + } + break; + + case '\n': + tok->flags &= ~TOK_EAT; + switch (tok->quote) { + case Q_none: + goto tok_line_outok; + + case Q_single: + case Q_double: + *tok->wptr++ = *ptr; /* Add the return */ + break; + + case Q_doubleone: /* Back to double, eat the '\n' */ + tok->flags |= TOK_EAT; + tok->quote = Q_double; + break; + + case Q_one: /* No quote, more eat the '\n' */ + tok->flags |= TOK_EAT; + tok->quote = Q_none; + break; + + default: + return (0); + } + break; + + case '\0': + switch (tok->quote) { + case Q_none: + /* Finish word and return */ + if (tok->flags & TOK_EAT) { + tok->flags &= ~TOK_EAT; + return (3); + } + goto tok_line_outok; + + case Q_single: + return (1); + + case Q_double: + return (2); + + case Q_doubleone: + tok->quote = Q_double; + *tok->wptr++ = *ptr; + break; + + case Q_one: + tok->quote = Q_none; + *tok->wptr++ = *ptr; + break; + + default: + return (-1); + } + break; + + default: + tok->flags &= ~TOK_EAT; + switch (tok->quote) { + case Q_none: + if (Strchr(tok->ifs, *ptr) != NULL) + FUN(tok,finish)(tok); + else + *tok->wptr++ = *ptr; + break; + + case Q_single: + case Q_double: + *tok->wptr++ = *ptr; + break; + + + case Q_doubleone: + *tok->wptr++ = '\\'; + tok->quote = Q_double; + *tok->wptr++ = *ptr; + break; + + case Q_one: + tok->quote = Q_none; + *tok->wptr++ = *ptr; + break; + + default: + return (-1); + + } + break; + } + + if (tok->wptr >= tok->wmax - 4) { + size_t size = tok->wmax - tok->wspace + WINCR; + Char *s = tok_realloc(tok->wspace, + size * sizeof(*s)); + if (s == NULL) + return (-1); + + if (s != tok->wspace) { + int i; + for (i = 0; i < tok->argc; i++) { + tok->argv[i] = + (tok->argv[i] - tok->wspace) + s; + } + tok->wptr = (tok->wptr - tok->wspace) + s; + tok->wstart = (tok->wstart - tok->wspace) + s; + tok->wspace = s; + } + tok->wmax = s + size; + } + if (tok->argc >= tok->amax - 4) { + Char **p; + tok->amax += AINCR; + p = tok_realloc(tok->argv, tok->amax * sizeof(*p)); + if (p == NULL) + return (-1); + tok->argv = p; + } + } + tok_line_outok: + if (cc == -1 && co == -1) { + cc = tok->argc; + co = (int)(tok->wptr - tok->wstart); + } + if (cursorc != NULL) + *cursorc = cc; + if (cursoro != NULL) + *cursoro = co; + FUN(tok,finish)(tok); + *argv = (const Char **)tok->argv; + *argc = tok->argc; + return (0); +} + +/* FUN(tok,str)(): + * Simpler version of tok_line, taking a NUL terminated line + * and splitting into words, ignoring cursor state. + */ +public int +FUN(tok,str)(TYPE(Tokenizer) *tok, const Char *line, int *argc, + const Char ***argv) +{ + TYPE(LineInfo) li; + + memset(&li, 0, sizeof(li)); + li.buffer = line; + li.cursor = li.lastchar = Strchr(line, '\0'); + return (FUN(tok,line)(tok, &li, argc, argv, NULL, NULL)); +} diff --git a/lib/libedit/src/tty.c b/lib/libedit/src/tty.c new file mode 100644 index 000000000000..94d23de23599 --- /dev/null +++ b/lib/libedit/src/tty.c @@ -0,0 +1,1357 @@ +/* $NetBSD: tty.c,v 1.35 2011/01/28 03:41:52 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)tty.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: tty.c,v 1.35 2011/01/28 03:41:52 christos Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * tty.c: tty interface stuff + */ +#include +#include +#include /* for isatty */ +#include /* for ffs */ +#include "el.h" +#include "tty.h" + +typedef struct ttymodes_t { + const char *m_name; + unsigned int m_value; + int m_type; +} ttymodes_t; + +typedef struct ttymap_t { + Int nch, och; /* Internal and termio rep of chars */ + el_action_t bind[3]; /* emacs, vi, and vi-cmd */ +} ttymap_t; + + +private const ttyperm_t ttyperm = { + { + {"iflag:", ICRNL, (INLCR | IGNCR)}, + {"oflag:", (OPOST | ONLCR), ONLRET}, + {"cflag:", 0, 0}, + {"lflag:", (ISIG | ICANON | ECHO | ECHOE | ECHOCTL | IEXTEN), + (NOFLSH | ECHONL | EXTPROC | FLUSHO)}, + {"chars:", 0, 0}, + }, + { + {"iflag:", (INLCR | ICRNL), IGNCR}, + {"oflag:", (OPOST | ONLCR), ONLRET}, + {"cflag:", 0, 0}, + {"lflag:", ISIG, + (NOFLSH | ICANON | ECHO | ECHOK | ECHONL | EXTPROC | IEXTEN | FLUSHO)}, + {"chars:", (C_SH(C_MIN) | C_SH(C_TIME) | C_SH(C_SWTCH) | C_SH(C_DSWTCH) | + C_SH(C_SUSP) | C_SH(C_DSUSP) | C_SH(C_EOL) | C_SH(C_DISCARD) | + C_SH(C_PGOFF) | C_SH(C_PAGE) | C_SH(C_STATUS)), 0} + }, + { + {"iflag:", 0, IXON | IXOFF | INLCR | ICRNL}, + {"oflag:", 0, 0}, + {"cflag:", 0, 0}, + {"lflag:", 0, ISIG | IEXTEN}, + {"chars:", 0, 0}, + } +}; + +private const ttychar_t ttychar = { + { + CINTR, CQUIT, CERASE, CKILL, + CEOF, CEOL, CEOL2, CSWTCH, + CDSWTCH, CERASE2, CSTART, CSTOP, + CWERASE, CSUSP, CDSUSP, CREPRINT, + CDISCARD, CLNEXT, CSTATUS, CPAGE, + CPGOFF, CKILL2, CBRK, CMIN, + CTIME + }, + { + CINTR, CQUIT, CERASE, CKILL, + _POSIX_VDISABLE, _POSIX_VDISABLE, _POSIX_VDISABLE, _POSIX_VDISABLE, + _POSIX_VDISABLE, CERASE2, CSTART, CSTOP, + _POSIX_VDISABLE, CSUSP, _POSIX_VDISABLE, _POSIX_VDISABLE, + CDISCARD, _POSIX_VDISABLE, _POSIX_VDISABLE, _POSIX_VDISABLE, + _POSIX_VDISABLE, _POSIX_VDISABLE, _POSIX_VDISABLE, 1, + 0 + }, + { + 0, 0, 0, 0, + 0, 0, 0, 0, + 0, 0, 0, 0, + 0, 0, 0, 0, + 0, 0, 0, 0, + 0, 0, 0, 0, + 0 + } +}; + +private const ttymap_t tty_map[] = { +#ifdef VERASE + {C_ERASE, VERASE, + {EM_DELETE_PREV_CHAR, VI_DELETE_PREV_CHAR, ED_PREV_CHAR}}, +#endif /* VERASE */ +#ifdef VERASE2 + {C_ERASE2, VERASE2, + {EM_DELETE_PREV_CHAR, VI_DELETE_PREV_CHAR, ED_PREV_CHAR}}, +#endif /* VERASE2 */ +#ifdef VKILL + {C_KILL, VKILL, + {EM_KILL_LINE, VI_KILL_LINE_PREV, ED_UNASSIGNED}}, +#endif /* VKILL */ +#ifdef VKILL2 + {C_KILL2, VKILL2, + {EM_KILL_LINE, VI_KILL_LINE_PREV, ED_UNASSIGNED}}, +#endif /* VKILL2 */ +#ifdef VEOF + {C_EOF, VEOF, + {EM_DELETE_OR_LIST, VI_LIST_OR_EOF, ED_UNASSIGNED}}, +#endif /* VEOF */ +#ifdef VWERASE + {C_WERASE, VWERASE, + {ED_DELETE_PREV_WORD, ED_DELETE_PREV_WORD, ED_PREV_WORD}}, +#endif /* VWERASE */ +#ifdef VREPRINT + {C_REPRINT, VREPRINT, + {ED_REDISPLAY, ED_INSERT, ED_REDISPLAY}}, +#endif /* VREPRINT */ +#ifdef VLNEXT + {C_LNEXT, VLNEXT, + {ED_QUOTED_INSERT, ED_QUOTED_INSERT, ED_UNASSIGNED}}, +#endif /* VLNEXT */ + {-1, -1, + {ED_UNASSIGNED, ED_UNASSIGNED, ED_UNASSIGNED}} +}; + +private const ttymodes_t ttymodes[] = { +#ifdef IGNBRK + {"ignbrk", IGNBRK, MD_INP}, +#endif /* IGNBRK */ +#ifdef BRKINT + {"brkint", BRKINT, MD_INP}, +#endif /* BRKINT */ +#ifdef IGNPAR + {"ignpar", IGNPAR, MD_INP}, +#endif /* IGNPAR */ +#ifdef PARMRK + {"parmrk", PARMRK, MD_INP}, +#endif /* PARMRK */ +#ifdef INPCK + {"inpck", INPCK, MD_INP}, +#endif /* INPCK */ +#ifdef ISTRIP + {"istrip", ISTRIP, MD_INP}, +#endif /* ISTRIP */ +#ifdef INLCR + {"inlcr", INLCR, MD_INP}, +#endif /* INLCR */ +#ifdef IGNCR + {"igncr", IGNCR, MD_INP}, +#endif /* IGNCR */ +#ifdef ICRNL + {"icrnl", ICRNL, MD_INP}, +#endif /* ICRNL */ +#ifdef IUCLC + {"iuclc", IUCLC, MD_INP}, +#endif /* IUCLC */ +#ifdef IXON + {"ixon", IXON, MD_INP}, +#endif /* IXON */ +#ifdef IXANY + {"ixany", IXANY, MD_INP}, +#endif /* IXANY */ +#ifdef IXOFF + {"ixoff", IXOFF, MD_INP}, +#endif /* IXOFF */ +#ifdef IMAXBEL + {"imaxbel", IMAXBEL, MD_INP}, +#endif /* IMAXBEL */ + +#ifdef OPOST + {"opost", OPOST, MD_OUT}, +#endif /* OPOST */ +#ifdef OLCUC + {"olcuc", OLCUC, MD_OUT}, +#endif /* OLCUC */ +#ifdef ONLCR + {"onlcr", ONLCR, MD_OUT}, +#endif /* ONLCR */ +#ifdef OCRNL + {"ocrnl", OCRNL, MD_OUT}, +#endif /* OCRNL */ +#ifdef ONOCR + {"onocr", ONOCR, MD_OUT}, +#endif /* ONOCR */ +#ifdef ONOEOT + {"onoeot", ONOEOT, MD_OUT}, +#endif /* ONOEOT */ +#ifdef ONLRET + {"onlret", ONLRET, MD_OUT}, +#endif /* ONLRET */ +#ifdef OFILL + {"ofill", OFILL, MD_OUT}, +#endif /* OFILL */ +#ifdef OFDEL + {"ofdel", OFDEL, MD_OUT}, +#endif /* OFDEL */ +#ifdef NLDLY + {"nldly", NLDLY, MD_OUT}, +#endif /* NLDLY */ +#ifdef CRDLY + {"crdly", CRDLY, MD_OUT}, +#endif /* CRDLY */ +#ifdef TABDLY + {"tabdly", TABDLY, MD_OUT}, +#endif /* TABDLY */ +#ifdef XTABS + {"xtabs", XTABS, MD_OUT}, +#endif /* XTABS */ +#ifdef BSDLY + {"bsdly", BSDLY, MD_OUT}, +#endif /* BSDLY */ +#ifdef VTDLY + {"vtdly", VTDLY, MD_OUT}, +#endif /* VTDLY */ +#ifdef FFDLY + {"ffdly", FFDLY, MD_OUT}, +#endif /* FFDLY */ +#ifdef PAGEOUT + {"pageout", PAGEOUT, MD_OUT}, +#endif /* PAGEOUT */ +#ifdef WRAP + {"wrap", WRAP, MD_OUT}, +#endif /* WRAP */ + +#ifdef CIGNORE + {"cignore", CIGNORE, MD_CTL}, +#endif /* CBAUD */ +#ifdef CBAUD + {"cbaud", CBAUD, MD_CTL}, +#endif /* CBAUD */ +#ifdef CSTOPB + {"cstopb", CSTOPB, MD_CTL}, +#endif /* CSTOPB */ +#ifdef CREAD + {"cread", CREAD, MD_CTL}, +#endif /* CREAD */ +#ifdef PARENB + {"parenb", PARENB, MD_CTL}, +#endif /* PARENB */ +#ifdef PARODD + {"parodd", PARODD, MD_CTL}, +#endif /* PARODD */ +#ifdef HUPCL + {"hupcl", HUPCL, MD_CTL}, +#endif /* HUPCL */ +#ifdef CLOCAL + {"clocal", CLOCAL, MD_CTL}, +#endif /* CLOCAL */ +#ifdef LOBLK + {"loblk", LOBLK, MD_CTL}, +#endif /* LOBLK */ +#ifdef CIBAUD + {"cibaud", CIBAUD, MD_CTL}, +#endif /* CIBAUD */ +#ifdef CRTSCTS +#ifdef CCTS_OFLOW + {"ccts_oflow", CCTS_OFLOW, MD_CTL}, +#else + {"crtscts", CRTSCTS, MD_CTL}, +#endif /* CCTS_OFLOW */ +#endif /* CRTSCTS */ +#ifdef CRTS_IFLOW + {"crts_iflow", CRTS_IFLOW, MD_CTL}, +#endif /* CRTS_IFLOW */ +#ifdef CDTRCTS + {"cdtrcts", CDTRCTS, MD_CTL}, +#endif /* CDTRCTS */ +#ifdef MDMBUF + {"mdmbuf", MDMBUF, MD_CTL}, +#endif /* MDMBUF */ +#ifdef RCV1EN + {"rcv1en", RCV1EN, MD_CTL}, +#endif /* RCV1EN */ +#ifdef XMT1EN + {"xmt1en", XMT1EN, MD_CTL}, +#endif /* XMT1EN */ + +#ifdef ISIG + {"isig", ISIG, MD_LIN}, +#endif /* ISIG */ +#ifdef ICANON + {"icanon", ICANON, MD_LIN}, +#endif /* ICANON */ +#ifdef XCASE + {"xcase", XCASE, MD_LIN}, +#endif /* XCASE */ +#ifdef ECHO + {"echo", ECHO, MD_LIN}, +#endif /* ECHO */ +#ifdef ECHOE + {"echoe", ECHOE, MD_LIN}, +#endif /* ECHOE */ +#ifdef ECHOK + {"echok", ECHOK, MD_LIN}, +#endif /* ECHOK */ +#ifdef ECHONL + {"echonl", ECHONL, MD_LIN}, +#endif /* ECHONL */ +#ifdef NOFLSH + {"noflsh", NOFLSH, MD_LIN}, +#endif /* NOFLSH */ +#ifdef TOSTOP + {"tostop", TOSTOP, MD_LIN}, +#endif /* TOSTOP */ +#ifdef ECHOCTL + {"echoctl", ECHOCTL, MD_LIN}, +#endif /* ECHOCTL */ +#ifdef ECHOPRT + {"echoprt", ECHOPRT, MD_LIN}, +#endif /* ECHOPRT */ +#ifdef ECHOKE + {"echoke", ECHOKE, MD_LIN}, +#endif /* ECHOKE */ +#ifdef DEFECHO + {"defecho", DEFECHO, MD_LIN}, +#endif /* DEFECHO */ +#ifdef FLUSHO + {"flusho", FLUSHO, MD_LIN}, +#endif /* FLUSHO */ +#ifdef PENDIN + {"pendin", PENDIN, MD_LIN}, +#endif /* PENDIN */ +#ifdef IEXTEN + {"iexten", IEXTEN, MD_LIN}, +#endif /* IEXTEN */ +#ifdef NOKERNINFO + {"nokerninfo", NOKERNINFO, MD_LIN}, +#endif /* NOKERNINFO */ +#ifdef ALTWERASE + {"altwerase", ALTWERASE, MD_LIN}, +#endif /* ALTWERASE */ +#ifdef EXTPROC + {"extproc", EXTPROC, MD_LIN}, +#endif /* EXTPROC */ + +#if defined(VINTR) + {"intr", C_SH(C_INTR), MD_CHAR}, +#endif /* VINTR */ +#if defined(VQUIT) + {"quit", C_SH(C_QUIT), MD_CHAR}, +#endif /* VQUIT */ +#if defined(VERASE) + {"erase", C_SH(C_ERASE), MD_CHAR}, +#endif /* VERASE */ +#if defined(VKILL) + {"kill", C_SH(C_KILL), MD_CHAR}, +#endif /* VKILL */ +#if defined(VEOF) + {"eof", C_SH(C_EOF), MD_CHAR}, +#endif /* VEOF */ +#if defined(VEOL) + {"eol", C_SH(C_EOL), MD_CHAR}, +#endif /* VEOL */ +#if defined(VEOL2) + {"eol2", C_SH(C_EOL2), MD_CHAR}, +#endif /* VEOL2 */ +#if defined(VSWTCH) + {"swtch", C_SH(C_SWTCH), MD_CHAR}, +#endif /* VSWTCH */ +#if defined(VDSWTCH) + {"dswtch", C_SH(C_DSWTCH), MD_CHAR}, +#endif /* VDSWTCH */ +#if defined(VERASE2) + {"erase2", C_SH(C_ERASE2), MD_CHAR}, +#endif /* VERASE2 */ +#if defined(VSTART) + {"start", C_SH(C_START), MD_CHAR}, +#endif /* VSTART */ +#if defined(VSTOP) + {"stop", C_SH(C_STOP), MD_CHAR}, +#endif /* VSTOP */ +#if defined(VWERASE) + {"werase", C_SH(C_WERASE), MD_CHAR}, +#endif /* VWERASE */ +#if defined(VSUSP) + {"susp", C_SH(C_SUSP), MD_CHAR}, +#endif /* VSUSP */ +#if defined(VDSUSP) + {"dsusp", C_SH(C_DSUSP), MD_CHAR}, +#endif /* VDSUSP */ +#if defined(VREPRINT) + {"reprint", C_SH(C_REPRINT), MD_CHAR}, +#endif /* VREPRINT */ +#if defined(VDISCARD) + {"discard", C_SH(C_DISCARD), MD_CHAR}, +#endif /* VDISCARD */ +#if defined(VLNEXT) + {"lnext", C_SH(C_LNEXT), MD_CHAR}, +#endif /* VLNEXT */ +#if defined(VSTATUS) + {"status", C_SH(C_STATUS), MD_CHAR}, +#endif /* VSTATUS */ +#if defined(VPAGE) + {"page", C_SH(C_PAGE), MD_CHAR}, +#endif /* VPAGE */ +#if defined(VPGOFF) + {"pgoff", C_SH(C_PGOFF), MD_CHAR}, +#endif /* VPGOFF */ +#if defined(VKILL2) + {"kill2", C_SH(C_KILL2), MD_CHAR}, +#endif /* VKILL2 */ +#if defined(VBRK) + {"brk", C_SH(C_BRK), MD_CHAR}, +#endif /* VBRK */ +#if defined(VMIN) + {"min", C_SH(C_MIN), MD_CHAR}, +#endif /* VMIN */ +#if defined(VTIME) + {"time", C_SH(C_TIME), MD_CHAR}, +#endif /* VTIME */ + {NULL, 0, -1}, +}; + + + +#define tty__gettabs(td) ((((td)->c_oflag & TAB3) == TAB3) ? 0 : 1) +#define tty__geteightbit(td) (((td)->c_cflag & CSIZE) == CS8) +#define tty__cooked_mode(td) ((td)->c_lflag & ICANON) + +private int tty_getty(EditLine *, struct termios *); +private int tty_setty(EditLine *, int, const struct termios *); +private int tty__getcharindex(int); +private void tty__getchar(struct termios *, unsigned char *); +private void tty__setchar(struct termios *, unsigned char *); +private speed_t tty__getspeed(struct termios *); +private int tty_setup(EditLine *); + +#define t_qu t_ts + +/* tty_getty(): + * Wrapper for tcgetattr to handle EINTR + */ +private int +tty_getty(EditLine *el, struct termios *t) +{ + int rv; + while ((rv = tcgetattr(el->el_infd, t)) == -1 && errno == EINTR) + continue; + return rv; +} + +/* tty_setty(): + * Wrapper for tcsetattr to handle EINTR + */ +private int +tty_setty(EditLine *el, int action, const struct termios *t) +{ + int rv; + while ((rv = tcsetattr(el->el_infd, action, t)) == -1 && errno == EINTR) + continue; + return rv; +} + +/* tty_setup(): + * Get the tty parameters and initialize the editing state + */ +private int +tty_setup(EditLine *el) +{ + int rst = 1; + + if (el->el_flags & EDIT_DISABLED) + return (0); + + if (!isatty(el->el_outfd)) { +#ifdef DEBUG_TTY + (void) fprintf(el->el_errfile, + "tty_setup: isatty: %s\n", strerror(errno)); +#endif /* DEBUG_TTY */ + return (-1); + } + if (tty_getty(el, &el->el_tty.t_ed) == -1) { +#ifdef DEBUG_TTY + (void) fprintf(el->el_errfile, + "tty_setup: tty_getty: %s\n", strerror(errno)); +#endif /* DEBUG_TTY */ + return (-1); + } + el->el_tty.t_ts = el->el_tty.t_ex = el->el_tty.t_ed; + + el->el_tty.t_speed = tty__getspeed(&el->el_tty.t_ex); + el->el_tty.t_tabs = tty__gettabs(&el->el_tty.t_ex); + el->el_tty.t_eight = tty__geteightbit(&el->el_tty.t_ex); + + el->el_tty.t_ex.c_iflag &= ~el->el_tty.t_t[EX_IO][MD_INP].t_clrmask; + el->el_tty.t_ex.c_iflag |= el->el_tty.t_t[EX_IO][MD_INP].t_setmask; + + el->el_tty.t_ex.c_oflag &= ~el->el_tty.t_t[EX_IO][MD_OUT].t_clrmask; + el->el_tty.t_ex.c_oflag |= el->el_tty.t_t[EX_IO][MD_OUT].t_setmask; + + el->el_tty.t_ex.c_cflag &= ~el->el_tty.t_t[EX_IO][MD_CTL].t_clrmask; + el->el_tty.t_ex.c_cflag |= el->el_tty.t_t[EX_IO][MD_CTL].t_setmask; + + el->el_tty.t_ex.c_lflag &= ~el->el_tty.t_t[EX_IO][MD_LIN].t_clrmask; + el->el_tty.t_ex.c_lflag |= el->el_tty.t_t[EX_IO][MD_LIN].t_setmask; + + /* + * Reset the tty chars to reasonable defaults + * If they are disabled, then enable them. + */ + if (rst) { + if (tty__cooked_mode(&el->el_tty.t_ts)) { + tty__getchar(&el->el_tty.t_ts, el->el_tty.t_c[TS_IO]); + /* + * Don't affect CMIN and CTIME for the editor mode + */ + for (rst = 0; rst < C_NCC - 2; rst++) + if (el->el_tty.t_c[TS_IO][rst] != + el->el_tty.t_vdisable + && el->el_tty.t_c[ED_IO][rst] != + el->el_tty.t_vdisable) + el->el_tty.t_c[ED_IO][rst] = + el->el_tty.t_c[TS_IO][rst]; + for (rst = 0; rst < C_NCC; rst++) + if (el->el_tty.t_c[TS_IO][rst] != + el->el_tty.t_vdisable) + el->el_tty.t_c[EX_IO][rst] = + el->el_tty.t_c[TS_IO][rst]; + } + tty__setchar(&el->el_tty.t_ex, el->el_tty.t_c[EX_IO]); + if (tty_setty(el, TCSADRAIN, &el->el_tty.t_ex) == -1) { +#ifdef DEBUG_TTY + (void) fprintf(el->el_errfile, + "tty_setup: tty_setty: %s\n", + strerror(errno)); +#endif /* DEBUG_TTY */ + return (-1); + } + } +#ifdef notdef + else + tty__setchar(&el->el_tty.t_ex, el->el_tty.t_c[EX_IO]); +#endif + + el->el_tty.t_ed.c_iflag &= ~el->el_tty.t_t[ED_IO][MD_INP].t_clrmask; + el->el_tty.t_ed.c_iflag |= el->el_tty.t_t[ED_IO][MD_INP].t_setmask; + + el->el_tty.t_ed.c_oflag &= ~el->el_tty.t_t[ED_IO][MD_OUT].t_clrmask; + el->el_tty.t_ed.c_oflag |= el->el_tty.t_t[ED_IO][MD_OUT].t_setmask; + + el->el_tty.t_ed.c_cflag &= ~el->el_tty.t_t[ED_IO][MD_CTL].t_clrmask; + el->el_tty.t_ed.c_cflag |= el->el_tty.t_t[ED_IO][MD_CTL].t_setmask; + + el->el_tty.t_ed.c_lflag &= ~el->el_tty.t_t[ED_IO][MD_LIN].t_clrmask; + el->el_tty.t_ed.c_lflag |= el->el_tty.t_t[ED_IO][MD_LIN].t_setmask; + + tty__setchar(&el->el_tty.t_ed, el->el_tty.t_c[ED_IO]); + tty_bind_char(el, 1); + return (0); +} + +protected int +tty_init(EditLine *el) +{ + + el->el_tty.t_mode = EX_IO; + el->el_tty.t_vdisable = _POSIX_VDISABLE; + (void) memcpy(el->el_tty.t_t, ttyperm, sizeof(ttyperm_t)); + (void) memcpy(el->el_tty.t_c, ttychar, sizeof(ttychar_t)); + return (tty_setup(el)); +} + + +/* tty_end(): + * Restore the tty to its original settings + */ +protected void +/*ARGSUSED*/ +tty_end(EditLine *el __attribute__((__unused__))) +{ + + /* XXX: Maybe reset to an initial state? */ +} + + +/* tty__getspeed(): + * Get the tty speed + */ +private speed_t +tty__getspeed(struct termios *td) +{ + speed_t spd; + + if ((spd = cfgetispeed(td)) == 0) + spd = cfgetospeed(td); + return (spd); +} + +/* tty__getspeed(): + * Return the index of the asked char in the c_cc array + */ +private int +tty__getcharindex(int i) +{ + switch (i) { +#ifdef VINTR + case C_INTR: + return VINTR; +#endif /* VINTR */ +#ifdef VQUIT + case C_QUIT: + return VQUIT; +#endif /* VQUIT */ +#ifdef VERASE + case C_ERASE: + return VERASE; +#endif /* VERASE */ +#ifdef VKILL + case C_KILL: + return VKILL; +#endif /* VKILL */ +#ifdef VEOF + case C_EOF: + return VEOF; +#endif /* VEOF */ +#ifdef VEOL + case C_EOL: + return VEOL; +#endif /* VEOL */ +#ifdef VEOL2 + case C_EOL2: + return VEOL2; +#endif /* VEOL2 */ +#ifdef VSWTCH + case C_SWTCH: + return VSWTCH; +#endif /* VSWTCH */ +#ifdef VDSWTCH + case C_DSWTCH: + return VDSWTCH; +#endif /* VDSWTCH */ +#ifdef VERASE2 + case C_ERASE2: + return VERASE2; +#endif /* VERASE2 */ +#ifdef VSTART + case C_START: + return VSTART; +#endif /* VSTART */ +#ifdef VSTOP + case C_STOP: + return VSTOP; +#endif /* VSTOP */ +#ifdef VWERASE + case C_WERASE: + return VWERASE; +#endif /* VWERASE */ +#ifdef VSUSP + case C_SUSP: + return VSUSP; +#endif /* VSUSP */ +#ifdef VDSUSP + case C_DSUSP: + return VDSUSP; +#endif /* VDSUSP */ +#ifdef VREPRINT + case C_REPRINT: + return VREPRINT; +#endif /* VREPRINT */ +#ifdef VDISCARD + case C_DISCARD: + return VDISCARD; +#endif /* VDISCARD */ +#ifdef VLNEXT + case C_LNEXT: + return VLNEXT; +#endif /* VLNEXT */ +#ifdef VSTATUS + case C_STATUS: + return VSTATUS; +#endif /* VSTATUS */ +#ifdef VPAGE + case C_PAGE: + return VPAGE; +#endif /* VPAGE */ +#ifdef VPGOFF + case C_PGOFF: + return VPGOFF; +#endif /* VPGOFF */ +#ifdef VKILL2 + case C_KILL2: + return VKILL2; +#endif /* KILL2 */ +#ifdef VMIN + case C_MIN: + return VMIN; +#endif /* VMIN */ +#ifdef VTIME + case C_TIME: + return VTIME; +#endif /* VTIME */ + default: + return -1; + } +} + +/* tty__getchar(): + * Get the tty characters + */ +private void +tty__getchar(struct termios *td, unsigned char *s) +{ + +#ifdef VINTR + s[C_INTR] = td->c_cc[VINTR]; +#endif /* VINTR */ +#ifdef VQUIT + s[C_QUIT] = td->c_cc[VQUIT]; +#endif /* VQUIT */ +#ifdef VERASE + s[C_ERASE] = td->c_cc[VERASE]; +#endif /* VERASE */ +#ifdef VKILL + s[C_KILL] = td->c_cc[VKILL]; +#endif /* VKILL */ +#ifdef VEOF + s[C_EOF] = td->c_cc[VEOF]; +#endif /* VEOF */ +#ifdef VEOL + s[C_EOL] = td->c_cc[VEOL]; +#endif /* VEOL */ +#ifdef VEOL2 + s[C_EOL2] = td->c_cc[VEOL2]; +#endif /* VEOL2 */ +#ifdef VSWTCH + s[C_SWTCH] = td->c_cc[VSWTCH]; +#endif /* VSWTCH */ +#ifdef VDSWTCH + s[C_DSWTCH] = td->c_cc[VDSWTCH]; +#endif /* VDSWTCH */ +#ifdef VERASE2 + s[C_ERASE2] = td->c_cc[VERASE2]; +#endif /* VERASE2 */ +#ifdef VSTART + s[C_START] = td->c_cc[VSTART]; +#endif /* VSTART */ +#ifdef VSTOP + s[C_STOP] = td->c_cc[VSTOP]; +#endif /* VSTOP */ +#ifdef VWERASE + s[C_WERASE] = td->c_cc[VWERASE]; +#endif /* VWERASE */ +#ifdef VSUSP + s[C_SUSP] = td->c_cc[VSUSP]; +#endif /* VSUSP */ +#ifdef VDSUSP + s[C_DSUSP] = td->c_cc[VDSUSP]; +#endif /* VDSUSP */ +#ifdef VREPRINT + s[C_REPRINT] = td->c_cc[VREPRINT]; +#endif /* VREPRINT */ +#ifdef VDISCARD + s[C_DISCARD] = td->c_cc[VDISCARD]; +#endif /* VDISCARD */ +#ifdef VLNEXT + s[C_LNEXT] = td->c_cc[VLNEXT]; +#endif /* VLNEXT */ +#ifdef VSTATUS + s[C_STATUS] = td->c_cc[VSTATUS]; +#endif /* VSTATUS */ +#ifdef VPAGE + s[C_PAGE] = td->c_cc[VPAGE]; +#endif /* VPAGE */ +#ifdef VPGOFF + s[C_PGOFF] = td->c_cc[VPGOFF]; +#endif /* VPGOFF */ +#ifdef VKILL2 + s[C_KILL2] = td->c_cc[VKILL2]; +#endif /* KILL2 */ +#ifdef VMIN + s[C_MIN] = td->c_cc[VMIN]; +#endif /* VMIN */ +#ifdef VTIME + s[C_TIME] = td->c_cc[VTIME]; +#endif /* VTIME */ +} /* tty__getchar */ + + +/* tty__setchar(): + * Set the tty characters + */ +private void +tty__setchar(struct termios *td, unsigned char *s) +{ + +#ifdef VINTR + td->c_cc[VINTR] = s[C_INTR]; +#endif /* VINTR */ +#ifdef VQUIT + td->c_cc[VQUIT] = s[C_QUIT]; +#endif /* VQUIT */ +#ifdef VERASE + td->c_cc[VERASE] = s[C_ERASE]; +#endif /* VERASE */ +#ifdef VKILL + td->c_cc[VKILL] = s[C_KILL]; +#endif /* VKILL */ +#ifdef VEOF + td->c_cc[VEOF] = s[C_EOF]; +#endif /* VEOF */ +#ifdef VEOL + td->c_cc[VEOL] = s[C_EOL]; +#endif /* VEOL */ +#ifdef VEOL2 + td->c_cc[VEOL2] = s[C_EOL2]; +#endif /* VEOL2 */ +#ifdef VSWTCH + td->c_cc[VSWTCH] = s[C_SWTCH]; +#endif /* VSWTCH */ +#ifdef VDSWTCH + td->c_cc[VDSWTCH] = s[C_DSWTCH]; +#endif /* VDSWTCH */ +#ifdef VERASE2 + td->c_cc[VERASE2] = s[C_ERASE2]; +#endif /* VERASE2 */ +#ifdef VSTART + td->c_cc[VSTART] = s[C_START]; +#endif /* VSTART */ +#ifdef VSTOP + td->c_cc[VSTOP] = s[C_STOP]; +#endif /* VSTOP */ +#ifdef VWERASE + td->c_cc[VWERASE] = s[C_WERASE]; +#endif /* VWERASE */ +#ifdef VSUSP + td->c_cc[VSUSP] = s[C_SUSP]; +#endif /* VSUSP */ +#ifdef VDSUSP + td->c_cc[VDSUSP] = s[C_DSUSP]; +#endif /* VDSUSP */ +#ifdef VREPRINT + td->c_cc[VREPRINT] = s[C_REPRINT]; +#endif /* VREPRINT */ +#ifdef VDISCARD + td->c_cc[VDISCARD] = s[C_DISCARD]; +#endif /* VDISCARD */ +#ifdef VLNEXT + td->c_cc[VLNEXT] = s[C_LNEXT]; +#endif /* VLNEXT */ +#ifdef VSTATUS + td->c_cc[VSTATUS] = s[C_STATUS]; +#endif /* VSTATUS */ +#ifdef VPAGE + td->c_cc[VPAGE] = s[C_PAGE]; +#endif /* VPAGE */ +#ifdef VPGOFF + td->c_cc[VPGOFF] = s[C_PGOFF]; +#endif /* VPGOFF */ +#ifdef VKILL2 + td->c_cc[VKILL2] = s[C_KILL2]; +#endif /* VKILL2 */ +#ifdef VMIN + td->c_cc[VMIN] = s[C_MIN]; +#endif /* VMIN */ +#ifdef VTIME + td->c_cc[VTIME] = s[C_TIME]; +#endif /* VTIME */ +} /* tty__setchar */ + + +/* tty_bind_char(): + * Rebind the editline functions + */ +protected void +tty_bind_char(EditLine *el, int force) +{ + + unsigned char *t_n = el->el_tty.t_c[ED_IO]; + unsigned char *t_o = el->el_tty.t_ed.c_cc; + Char new[2], old[2]; + const ttymap_t *tp; + el_action_t *map, *alt; + const el_action_t *dmap, *dalt; + new[1] = old[1] = '\0'; + + map = el->el_map.key; + alt = el->el_map.alt; + if (el->el_map.type == MAP_VI) { + dmap = el->el_map.vii; + dalt = el->el_map.vic; + } else { + dmap = el->el_map.emacs; + dalt = NULL; + } + + for (tp = tty_map; tp->nch != -1; tp++) { + new[0] = t_n[tp->nch]; + old[0] = t_o[tp->och]; + if (new[0] == old[0] && !force) + continue; + /* Put the old default binding back, and set the new binding */ + key_clear(el, map, old); + map[UC(old[0])] = dmap[UC(old[0])]; + key_clear(el, map, new); + /* MAP_VI == 1, MAP_EMACS == 0... */ + map[UC(new[0])] = tp->bind[el->el_map.type]; + if (dalt) { + key_clear(el, alt, old); + alt[UC(old[0])] = dalt[UC(old[0])]; + key_clear(el, alt, new); + alt[UC(new[0])] = tp->bind[el->el_map.type + 1]; + } + } +} + + +/* tty_rawmode(): + * Set terminal into 1 character at a time mode. + */ +protected int +tty_rawmode(EditLine *el) +{ + + if (el->el_tty.t_mode == ED_IO || el->el_tty.t_mode == QU_IO) + return (0); + + if (el->el_flags & EDIT_DISABLED) + return (0); + + if (tty_getty(el, &el->el_tty.t_ts) == -1) { +#ifdef DEBUG_TTY + (void) fprintf(el->el_errfile, "tty_rawmode: tty_getty: %s\n", + strerror(errno)); +#endif /* DEBUG_TTY */ + return (-1); + } + /* + * We always keep up with the eight bit setting and the speed of the + * tty. But we only believe changes that are made to cooked mode! + */ + el->el_tty.t_eight = tty__geteightbit(&el->el_tty.t_ts); + el->el_tty.t_speed = tty__getspeed(&el->el_tty.t_ts); + + if (tty__getspeed(&el->el_tty.t_ex) != el->el_tty.t_speed || + tty__getspeed(&el->el_tty.t_ed) != el->el_tty.t_speed) { + (void) cfsetispeed(&el->el_tty.t_ex, el->el_tty.t_speed); + (void) cfsetospeed(&el->el_tty.t_ex, el->el_tty.t_speed); + (void) cfsetispeed(&el->el_tty.t_ed, el->el_tty.t_speed); + (void) cfsetospeed(&el->el_tty.t_ed, el->el_tty.t_speed); + } + if (tty__cooked_mode(&el->el_tty.t_ts)) { + if (el->el_tty.t_ts.c_cflag != el->el_tty.t_ex.c_cflag) { + el->el_tty.t_ex.c_cflag = + el->el_tty.t_ts.c_cflag; + el->el_tty.t_ex.c_cflag &= + ~el->el_tty.t_t[EX_IO][MD_CTL].t_clrmask; + el->el_tty.t_ex.c_cflag |= + el->el_tty.t_t[EX_IO][MD_CTL].t_setmask; + + el->el_tty.t_ed.c_cflag = + el->el_tty.t_ts.c_cflag; + el->el_tty.t_ed.c_cflag &= + ~el->el_tty.t_t[ED_IO][MD_CTL].t_clrmask; + el->el_tty.t_ed.c_cflag |= + el->el_tty.t_t[ED_IO][MD_CTL].t_setmask; + } + if ((el->el_tty.t_ts.c_lflag != el->el_tty.t_ex.c_lflag) && + (el->el_tty.t_ts.c_lflag != el->el_tty.t_ed.c_lflag)) { + el->el_tty.t_ex.c_lflag = + el->el_tty.t_ts.c_lflag; + el->el_tty.t_ex.c_lflag &= + ~el->el_tty.t_t[EX_IO][MD_LIN].t_clrmask; + el->el_tty.t_ex.c_lflag |= + el->el_tty.t_t[EX_IO][MD_LIN].t_setmask; + + el->el_tty.t_ed.c_lflag = + el->el_tty.t_ts.c_lflag; + el->el_tty.t_ed.c_lflag &= + ~el->el_tty.t_t[ED_IO][MD_LIN].t_clrmask; + el->el_tty.t_ed.c_lflag |= + el->el_tty.t_t[ED_IO][MD_LIN].t_setmask; + } + if ((el->el_tty.t_ts.c_iflag != el->el_tty.t_ex.c_iflag) && + (el->el_tty.t_ts.c_iflag != el->el_tty.t_ed.c_iflag)) { + el->el_tty.t_ex.c_iflag = + el->el_tty.t_ts.c_iflag; + el->el_tty.t_ex.c_iflag &= + ~el->el_tty.t_t[EX_IO][MD_INP].t_clrmask; + el->el_tty.t_ex.c_iflag |= + el->el_tty.t_t[EX_IO][MD_INP].t_setmask; + + el->el_tty.t_ed.c_iflag = + el->el_tty.t_ts.c_iflag; + el->el_tty.t_ed.c_iflag &= + ~el->el_tty.t_t[ED_IO][MD_INP].t_clrmask; + el->el_tty.t_ed.c_iflag |= + el->el_tty.t_t[ED_IO][MD_INP].t_setmask; + } + if ((el->el_tty.t_ts.c_oflag != el->el_tty.t_ex.c_oflag) && + (el->el_tty.t_ts.c_oflag != el->el_tty.t_ed.c_oflag)) { + el->el_tty.t_ex.c_oflag = + el->el_tty.t_ts.c_oflag; + el->el_tty.t_ex.c_oflag &= + ~el->el_tty.t_t[EX_IO][MD_OUT].t_clrmask; + el->el_tty.t_ex.c_oflag |= + el->el_tty.t_t[EX_IO][MD_OUT].t_setmask; + + el->el_tty.t_ed.c_oflag = + el->el_tty.t_ts.c_oflag; + el->el_tty.t_ed.c_oflag &= + ~el->el_tty.t_t[ED_IO][MD_OUT].t_clrmask; + el->el_tty.t_ed.c_oflag |= + el->el_tty.t_t[ED_IO][MD_OUT].t_setmask; + } + if (tty__gettabs(&el->el_tty.t_ex) == 0) + el->el_tty.t_tabs = 0; + else + el->el_tty.t_tabs = EL_CAN_TAB ? 1 : 0; + + { + int i; + + tty__getchar(&el->el_tty.t_ts, el->el_tty.t_c[TS_IO]); + /* + * Check if the user made any changes. + * If he did, then propagate the changes to the + * edit and execute data structures. + */ + for (i = 0; i < C_NCC; i++) + if (el->el_tty.t_c[TS_IO][i] != + el->el_tty.t_c[EX_IO][i]) + break; + + if (i != C_NCC) { + /* + * Propagate changes only to the unprotected + * chars that have been modified just now. + */ + for (i = 0; i < C_NCC; i++) { + if (!((el->el_tty.t_t[ED_IO][MD_CHAR].t_setmask & C_SH(i))) + && (el->el_tty.t_c[TS_IO][i] != el->el_tty.t_c[EX_IO][i])) + el->el_tty.t_c[ED_IO][i] = el->el_tty.t_c[TS_IO][i]; + if (el->el_tty.t_t[ED_IO][MD_CHAR].t_clrmask & C_SH(i)) + el->el_tty.t_c[ED_IO][i] = el->el_tty.t_vdisable; + } + tty_bind_char(el, 0); + tty__setchar(&el->el_tty.t_ed, el->el_tty.t_c[ED_IO]); + + for (i = 0; i < C_NCC; i++) { + if (!((el->el_tty.t_t[EX_IO][MD_CHAR].t_setmask & C_SH(i))) + && (el->el_tty.t_c[TS_IO][i] != el->el_tty.t_c[EX_IO][i])) + el->el_tty.t_c[EX_IO][i] = el->el_tty.t_c[TS_IO][i]; + if (el->el_tty.t_t[EX_IO][MD_CHAR].t_clrmask & C_SH(i)) + el->el_tty.t_c[EX_IO][i] = el->el_tty.t_vdisable; + } + tty__setchar(&el->el_tty.t_ex, el->el_tty.t_c[EX_IO]); + } + } + } + if (tty_setty(el, TCSADRAIN, &el->el_tty.t_ed) == -1) { +#ifdef DEBUG_TTY + (void) fprintf(el->el_errfile, "tty_rawmode: tty_setty: %s\n", + strerror(errno)); +#endif /* DEBUG_TTY */ + return (-1); + } + el->el_tty.t_mode = ED_IO; + return (0); +} + + +/* tty_cookedmode(): + * Set the tty back to normal mode + */ +protected int +tty_cookedmode(EditLine *el) +{ /* set tty in normal setup */ + + if (el->el_tty.t_mode == EX_IO) + return (0); + + if (el->el_flags & EDIT_DISABLED) + return (0); + + if (tty_setty(el, TCSADRAIN, &el->el_tty.t_ex) == -1) { +#ifdef DEBUG_TTY + (void) fprintf(el->el_errfile, + "tty_cookedmode: tty_setty: %s\n", + strerror(errno)); +#endif /* DEBUG_TTY */ + return (-1); + } + el->el_tty.t_mode = EX_IO; + return (0); +} + + +/* tty_quotemode(): + * Turn on quote mode + */ +protected int +tty_quotemode(EditLine *el) +{ + if (el->el_tty.t_mode == QU_IO) + return (0); + + el->el_tty.t_qu = el->el_tty.t_ed; + + el->el_tty.t_qu.c_iflag &= ~el->el_tty.t_t[QU_IO][MD_INP].t_clrmask; + el->el_tty.t_qu.c_iflag |= el->el_tty.t_t[QU_IO][MD_INP].t_setmask; + + el->el_tty.t_qu.c_oflag &= ~el->el_tty.t_t[QU_IO][MD_OUT].t_clrmask; + el->el_tty.t_qu.c_oflag |= el->el_tty.t_t[QU_IO][MD_OUT].t_setmask; + + el->el_tty.t_qu.c_cflag &= ~el->el_tty.t_t[QU_IO][MD_CTL].t_clrmask; + el->el_tty.t_qu.c_cflag |= el->el_tty.t_t[QU_IO][MD_CTL].t_setmask; + + el->el_tty.t_qu.c_lflag &= ~el->el_tty.t_t[QU_IO][MD_LIN].t_clrmask; + el->el_tty.t_qu.c_lflag |= el->el_tty.t_t[QU_IO][MD_LIN].t_setmask; + + if (tty_setty(el, TCSADRAIN, &el->el_tty.t_qu) == -1) { +#ifdef DEBUG_TTY + (void) fprintf(el->el_errfile, "QuoteModeOn: tty_setty: %s\n", + strerror(errno)); +#endif /* DEBUG_TTY */ + return (-1); + } + el->el_tty.t_mode = QU_IO; + return (0); +} + + +/* tty_noquotemode(): + * Turn off quote mode + */ +protected int +tty_noquotemode(EditLine *el) +{ + + if (el->el_tty.t_mode != QU_IO) + return (0); + if (tty_setty(el, TCSADRAIN, &el->el_tty.t_ed) == -1) { +#ifdef DEBUG_TTY + (void) fprintf(el->el_errfile, "QuoteModeOff: tty_setty: %s\n", + strerror(errno)); +#endif /* DEBUG_TTY */ + return (-1); + } + el->el_tty.t_mode = ED_IO; + return (0); +} + + +/* tty_stty(): + * Stty builtin + */ +protected int +/*ARGSUSED*/ +tty_stty(EditLine *el, int argc __attribute__((__unused__)), const Char **argv) +{ + const ttymodes_t *m; + char x; + int aflag = 0; + const Char *s, *d; + char name[EL_BUFSIZ]; + struct termios *tios = &el->el_tty.t_ex; + int z = EX_IO; + + if (argv == NULL) + return (-1); + strncpy(name, ct_encode_string(*argv++, &el->el_scratch), sizeof(name)); + name[sizeof(name) - 1] = '\0'; + + while (argv && *argv && argv[0][0] == '-' && argv[0][2] == '\0') + switch (argv[0][1]) { + case 'a': + aflag++; + argv++; + break; + case 'd': + argv++; + tios = &el->el_tty.t_ed; + z = ED_IO; + break; + case 'x': + argv++; + tios = &el->el_tty.t_ex; + z = EX_IO; + break; + case 'q': + argv++; + tios = &el->el_tty.t_ts; + z = QU_IO; + break; + default: + (void) fprintf(el->el_errfile, + "%s: Unknown switch `%c'.\n", + name, argv[0][1]); + return (-1); + } + + if (!argv || !*argv) { + int i = -1; + size_t len = 0, st = 0, cu; + for (m = ttymodes; m->m_name; m++) { + if (m->m_type != i) { + (void) fprintf(el->el_outfile, "%s%s", + i != -1 ? "\n" : "", + el->el_tty.t_t[z][m->m_type].t_name); + i = m->m_type; + st = len = + strlen(el->el_tty.t_t[z][m->m_type].t_name); + } + if (i != -1) { + x = (el->el_tty.t_t[z][i].t_setmask & m->m_value) + ? '+' : '\0'; + x = (el->el_tty.t_t[z][i].t_clrmask & m->m_value) + ? '-' : x; + } else { + x = '\0'; + } + + if (x != '\0' || aflag) { + + cu = strlen(m->m_name) + (x != '\0') + 1; + + if (len + cu >= (size_t)el->el_term.t_size.h) { + (void) fprintf(el->el_outfile, "\n%*s", + (int)st, ""); + len = st + cu; + } else + len += cu; + + if (x != '\0') + (void) fprintf(el->el_outfile, "%c%s ", + x, m->m_name); + else + (void) fprintf(el->el_outfile, "%s ", + m->m_name); + } + } + (void) fprintf(el->el_outfile, "\n"); + return (0); + } + while (argv && (s = *argv++)) { + const Char *p; + switch (*s) { + case '+': + case '-': + x = *s++; + break; + default: + x = '\0'; + break; + } + d = s; + p = Strchr(s, '='); + for (m = ttymodes; m->m_name; m++) + if ((p ? strncmp(m->m_name, ct_encode_string(d, &el->el_scratch), (size_t)(p - d)) : + strcmp(m->m_name, ct_encode_string(d, &el->el_scratch))) == 0 && + (p == NULL || m->m_type == MD_CHAR)) + break; + + if (!m->m_name) { + (void) fprintf(el->el_errfile, + "%s: Invalid argument `" FSTR "'.\n", name, d); + return (-1); + } + if (p) { + int c = ffs((int)m->m_value); + int v = *++p ? parse__escape(&p) : + el->el_tty.t_vdisable; + assert(c != 0); + c--; + c = tty__getcharindex(c); + assert(c != -1); + tios->c_cc[c] = v; + continue; + } + switch (x) { + case '+': + el->el_tty.t_t[z][m->m_type].t_setmask |= m->m_value; + el->el_tty.t_t[z][m->m_type].t_clrmask &= ~m->m_value; + break; + case '-': + el->el_tty.t_t[z][m->m_type].t_setmask &= ~m->m_value; + el->el_tty.t_t[z][m->m_type].t_clrmask |= m->m_value; + break; + default: + el->el_tty.t_t[z][m->m_type].t_setmask &= ~m->m_value; + el->el_tty.t_t[z][m->m_type].t_clrmask &= ~m->m_value; + break; + } + } + + if (el->el_tty.t_mode == z) { + if (tty_setty(el, TCSADRAIN, tios) == -1) { +#ifdef DEBUG_TTY + (void) fprintf(el->el_errfile, + "tty_stty: tty_setty: %s\n", strerror(errno)); +#endif /* DEBUG_TTY */ + return (-1); + } + } + + return (0); +} + + +#ifdef notyet +/* tty_printchar(): + * DEbugging routine to print the tty characters + */ +private void +tty_printchar(EditLine *el, unsigned char *s) +{ + ttyperm_t *m; + int i; + + for (i = 0; i < C_NCC; i++) { + for (m = el->el_tty.t_t; m->m_name; m++) + if (m->m_type == MD_CHAR && C_SH(i) == m->m_value) + break; + if (m->m_name) + (void) fprintf(el->el_errfile, "%s ^%c ", + m->m_name, s[i] + 'A' - 1); + if (i % 5 == 0) + (void) fprintf(el->el_errfile, "\n"); + } + (void) fprintf(el->el_errfile, "\n"); +} +#endif /* notyet */ diff --git a/lib/libedit/src/tty.h b/lib/libedit/src/tty.h new file mode 100644 index 000000000000..f4b4d42a5eee --- /dev/null +++ b/lib/libedit/src/tty.h @@ -0,0 +1,481 @@ +/* $NetBSD: tty.h,v 1.12 2009/12/30 22:37:40 christos Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)tty.h 8.1 (Berkeley) 6/4/93 + */ + +/* + * el.tty.h: Local terminal header + */ +#ifndef _h_el_tty +#define _h_el_tty + +#include "sys.h" +#include "histedit.h" +#include +#include + +/* Define our own since everyone gets it wrong! */ +#define CONTROL(A) ((A) & 037) + +/* + * Aix compatible names + */ +# if defined(VWERSE) && !defined(VWERASE) +# define VWERASE VWERSE +# endif /* VWERSE && !VWERASE */ + +# if defined(VDISCRD) && !defined(VDISCARD) +# define VDISCARD VDISCRD +# endif /* VDISCRD && !VDISCARD */ + +# if defined(VFLUSHO) && !defined(VDISCARD) +# define VDISCARD VFLUSHO +# endif /* VFLUSHO && VDISCARD */ + +# if defined(VSTRT) && !defined(VSTART) +# define VSTART VSTRT +# endif /* VSTRT && ! VSTART */ + +# if defined(VSTAT) && !defined(VSTATUS) +# define VSTATUS VSTAT +# endif /* VSTAT && ! VSTATUS */ + +# ifndef ONLRET +# define ONLRET 0 +# endif /* ONLRET */ + +# ifndef TAB3 +# ifdef OXTABS +# define TAB3 OXTABS +# else +# define TAB3 0 +# endif /* OXTABS */ +# endif /* !TAB3 */ + +# if defined(OXTABS) && !defined(XTABS) +# define XTABS OXTABS +# endif /* OXTABS && !XTABS */ + +# ifndef ONLCR +# define ONLCR 0 +# endif /* ONLCR */ + +# ifndef IEXTEN +# define IEXTEN 0 +# endif /* IEXTEN */ + +# ifndef ECHOCTL +# define ECHOCTL 0 +# endif /* ECHOCTL */ + +# ifndef PARENB +# define PARENB 0 +# endif /* PARENB */ + +# ifndef EXTPROC +# define EXTPROC 0 +# endif /* EXTPROC */ + +# ifndef FLUSHO +# define FLUSHO 0 +# endif /* FLUSHO */ + + +# if defined(VDISABLE) && !defined(_POSIX_VDISABLE) +# define _POSIX_VDISABLE VDISABLE +# endif /* VDISABLE && ! _POSIX_VDISABLE */ + +/* + * Work around ISC's definition of IEXTEN which is + * XCASE! + */ +# ifdef ISC +# if defined(IEXTEN) && defined(XCASE) +# if IEXTEN == XCASE +# undef IEXTEN +# define IEXTEN 0 +# endif /* IEXTEN == XCASE */ +# endif /* IEXTEN && XCASE */ +# if defined(IEXTEN) && !defined(XCASE) +# define XCASE IEXTEN +# undef IEXTEN +# define IEXTEN 0 +# endif /* IEXTEN && !XCASE */ +# endif /* ISC */ + +/* + * Work around convex weirdness where turning off IEXTEN makes us + * lose all postprocessing! + */ +#if defined(convex) || defined(__convex__) +# if defined(IEXTEN) && IEXTEN != 0 +# undef IEXTEN +# define IEXTEN 0 +# endif /* IEXTEN != 0 */ +#endif /* convex || __convex__ */ + +/* + * So that we don't lose job control. + */ +#ifdef __SVR4 +# undef CSWTCH +#endif + +#ifndef _POSIX_VDISABLE +# define _POSIX_VDISABLE ((unsigned char) -1) +#endif /* _POSIX_VDISABLE */ + +#if !defined(CREPRINT) && defined(CRPRNT) +# define CREPRINT CRPRNT +#endif /* !CREPRINT && CRPRNT */ +#if !defined(CDISCARD) && defined(CFLUSH) +# define CDISCARD CFLUSH +#endif /* !CDISCARD && CFLUSH */ + +#ifndef CINTR +# define CINTR CONTROL('c') +#endif /* CINTR */ +#ifndef CQUIT +# define CQUIT 034 /* ^\ */ +#endif /* CQUIT */ +#ifndef CERASE +# define CERASE 0177 /* ^? */ +#endif /* CERASE */ +#ifndef CKILL +# define CKILL CONTROL('u') +#endif /* CKILL */ +#ifndef CEOF +# define CEOF CONTROL('d') +#endif /* CEOF */ +#ifndef CEOL +# define CEOL _POSIX_VDISABLE +#endif /* CEOL */ +#ifndef CEOL2 +# define CEOL2 _POSIX_VDISABLE +#endif /* CEOL2 */ +#ifndef CSWTCH +# define CSWTCH _POSIX_VDISABLE +#endif /* CSWTCH */ +#ifndef CDSWTCH +# define CDSWTCH _POSIX_VDISABLE +#endif /* CDSWTCH */ +#ifndef CERASE2 +# define CERASE2 _POSIX_VDISABLE +#endif /* CERASE2 */ +#ifndef CSTART +# define CSTART CONTROL('q') +#endif /* CSTART */ +#ifndef CSTOP +# define CSTOP CONTROL('s') +#endif /* CSTOP */ +#ifndef CSUSP +# define CSUSP CONTROL('z') +#endif /* CSUSP */ +#ifndef CDSUSP +# define CDSUSP CONTROL('y') +#endif /* CDSUSP */ + +#ifdef hpux + +# ifndef CREPRINT +# define CREPRINT _POSIX_VDISABLE +# endif /* CREPRINT */ +# ifndef CDISCARD +# define CDISCARD _POSIX_VDISABLE +# endif /* CDISCARD */ +# ifndef CLNEXT +# define CLNEXT _POSIX_VDISABLE +# endif /* CLNEXT */ +# ifndef CWERASE +# define CWERASE _POSIX_VDISABLE +# endif /* CWERASE */ + +#else /* !hpux */ + +# ifndef CREPRINT +# define CREPRINT CONTROL('r') +# endif /* CREPRINT */ +# ifndef CDISCARD +# define CDISCARD CONTROL('o') +# endif /* CDISCARD */ +# ifndef CLNEXT +# define CLNEXT CONTROL('v') +# endif /* CLNEXT */ +# ifndef CWERASE +# define CWERASE CONTROL('w') +# endif /* CWERASE */ + +#endif /* hpux */ + +#ifndef CSTATUS +# define CSTATUS CONTROL('t') +#endif /* CSTATUS */ +#ifndef CPAGE +# define CPAGE ' ' +#endif /* CPAGE */ +#ifndef CPGOFF +# define CPGOFF CONTROL('m') +#endif /* CPGOFF */ +#ifndef CKILL2 +# define CKILL2 _POSIX_VDISABLE +#endif /* CKILL2 */ +#ifndef CBRK +# ifndef masscomp +# define CBRK 0377 +# else +# define CBRK '\0' +# endif /* masscomp */ +#endif /* CBRK */ +#ifndef CMIN +# define CMIN CEOF +#endif /* CMIN */ +#ifndef CTIME +# define CTIME CEOL +#endif /* CTIME */ + +/* + * Fix for sun inconsistency. On termio VSUSP and the rest of the + * ttychars > NCC are defined. So we undefine them. + */ +#if defined(TERMIO) || defined(POSIX) +# if defined(POSIX) && defined(NCCS) +# define NUMCC NCCS +# else +# ifdef NCC +# define NUMCC NCC +# endif /* NCC */ +# endif /* POSIX && NCCS */ +# ifdef NUMCC +# ifdef VINTR +# if NUMCC <= VINTR +# undef VINTR +# endif /* NUMCC <= VINTR */ +# endif /* VINTR */ +# ifdef VQUIT +# if NUMCC <= VQUIT +# undef VQUIT +# endif /* NUMCC <= VQUIT */ +# endif /* VQUIT */ +# ifdef VERASE +# if NUMCC <= VERASE +# undef VERASE +# endif /* NUMCC <= VERASE */ +# endif /* VERASE */ +# ifdef VKILL +# if NUMCC <= VKILL +# undef VKILL +# endif /* NUMCC <= VKILL */ +# endif /* VKILL */ +# ifdef VEOF +# if NUMCC <= VEOF +# undef VEOF +# endif /* NUMCC <= VEOF */ +# endif /* VEOF */ +# ifdef VEOL +# if NUMCC <= VEOL +# undef VEOL +# endif /* NUMCC <= VEOL */ +# endif /* VEOL */ +# ifdef VEOL2 +# if NUMCC <= VEOL2 +# undef VEOL2 +# endif /* NUMCC <= VEOL2 */ +# endif /* VEOL2 */ +# ifdef VSWTCH +# if NUMCC <= VSWTCH +# undef VSWTCH +# endif /* NUMCC <= VSWTCH */ +# endif /* VSWTCH */ +# ifdef VDSWTCH +# if NUMCC <= VDSWTCH +# undef VDSWTCH +# endif /* NUMCC <= VDSWTCH */ +# endif /* VDSWTCH */ +# ifdef VERASE2 +# if NUMCC <= VERASE2 +# undef VERASE2 +# endif /* NUMCC <= VERASE2 */ +# endif /* VERASE2 */ +# ifdef VSTART +# if NUMCC <= VSTART +# undef VSTART +# endif /* NUMCC <= VSTART */ +# endif /* VSTART */ +# ifdef VSTOP +# if NUMCC <= VSTOP +# undef VSTOP +# endif /* NUMCC <= VSTOP */ +# endif /* VSTOP */ +# ifdef VWERASE +# if NUMCC <= VWERASE +# undef VWERASE +# endif /* NUMCC <= VWERASE */ +# endif /* VWERASE */ +# ifdef VSUSP +# if NUMCC <= VSUSP +# undef VSUSP +# endif /* NUMCC <= VSUSP */ +# endif /* VSUSP */ +# ifdef VDSUSP +# if NUMCC <= VDSUSP +# undef VDSUSP +# endif /* NUMCC <= VDSUSP */ +# endif /* VDSUSP */ +# ifdef VREPRINT +# if NUMCC <= VREPRINT +# undef VREPRINT +# endif /* NUMCC <= VREPRINT */ +# endif /* VREPRINT */ +# ifdef VDISCARD +# if NUMCC <= VDISCARD +# undef VDISCARD +# endif /* NUMCC <= VDISCARD */ +# endif /* VDISCARD */ +# ifdef VLNEXT +# if NUMCC <= VLNEXT +# undef VLNEXT +# endif /* NUMCC <= VLNEXT */ +# endif /* VLNEXT */ +# ifdef VSTATUS +# if NUMCC <= VSTATUS +# undef VSTATUS +# endif /* NUMCC <= VSTATUS */ +# endif /* VSTATUS */ +# ifdef VPAGE +# if NUMCC <= VPAGE +# undef VPAGE +# endif /* NUMCC <= VPAGE */ +# endif /* VPAGE */ +# ifdef VPGOFF +# if NUMCC <= VPGOFF +# undef VPGOFF +# endif /* NUMCC <= VPGOFF */ +# endif /* VPGOFF */ +# ifdef VKILL2 +# if NUMCC <= VKILL2 +# undef VKILL2 +# endif /* NUMCC <= VKILL2 */ +# endif /* VKILL2 */ +# ifdef VBRK +# if NUMCC <= VBRK +# undef VBRK +# endif /* NUMCC <= VBRK */ +# endif /* VBRK */ +# ifdef VMIN +# if NUMCC <= VMIN +# undef VMIN +# endif /* NUMCC <= VMIN */ +# endif /* VMIN */ +# ifdef VTIME +# if NUMCC <= VTIME +# undef VTIME +# endif /* NUMCC <= VTIME */ +# endif /* VTIME */ +# endif /* NUMCC */ +#endif /* !POSIX */ + +#define C_INTR 0 +#define C_QUIT 1 +#define C_ERASE 2 +#define C_KILL 3 +#define C_EOF 4 +#define C_EOL 5 +#define C_EOL2 6 +#define C_SWTCH 7 +#define C_DSWTCH 8 +#define C_ERASE2 9 +#define C_START 10 +#define C_STOP 11 +#define C_WERASE 12 +#define C_SUSP 13 +#define C_DSUSP 14 +#define C_REPRINT 15 +#define C_DISCARD 16 +#define C_LNEXT 17 +#define C_STATUS 18 +#define C_PAGE 19 +#define C_PGOFF 20 +#define C_KILL2 21 +#define C_BRK 22 +#define C_MIN 23 +#define C_TIME 24 +#define C_NCC 25 +#define C_SH(A) (1 << (A)) + +/* + * Terminal dependend data structures + */ +#define EX_IO 0 /* while we are executing */ +#define ED_IO 1 /* while we are editing */ +#define TS_IO 2 /* new mode from terminal */ +#define QU_IO 2 /* used only for quoted chars */ +#define NN_IO 3 /* The number of entries */ + +#define MD_INP 0 +#define MD_OUT 1 +#define MD_CTL 2 +#define MD_LIN 3 +#define MD_CHAR 4 +#define MD_NN 5 + +typedef struct { + const char *t_name; + unsigned int t_setmask; + unsigned int t_clrmask; +} ttyperm_t[NN_IO][MD_NN]; + +typedef unsigned char ttychar_t[NN_IO][C_NCC]; + +protected int tty_init(EditLine *); +protected void tty_end(EditLine *); +protected int tty_stty(EditLine *, int, const Char **); +protected int tty_rawmode(EditLine *); +protected int tty_cookedmode(EditLine *); +protected int tty_quotemode(EditLine *); +protected int tty_noquotemode(EditLine *); +protected void tty_bind_char(EditLine *, int); + +typedef struct { + ttyperm_t t_t; + ttychar_t t_c; + struct termios t_ex, t_ed, t_ts; + int t_tabs; + int t_eight; + speed_t t_speed; + int t_mode; + unsigned char t_vdisable; +} el_tty_t; + + +#endif /* _h_el_tty */ diff --git a/lib/libedit/src/unvis.c b/lib/libedit/src/unvis.c new file mode 100644 index 000000000000..c20a67f4c29d --- /dev/null +++ b/lib/libedit/src/unvis.c @@ -0,0 +1,514 @@ +/* $NetBSD: unvis.c,v 1.32 2010/11/27 21:22:11 christos Exp $ */ + +/*- + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#if defined(LIBC_SCCS) && !defined(lint) +#if 0 +static char sccsid[] = "@(#)unvis.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: unvis.c,v 1.32 2010/11/27 21:22:11 christos Exp $"); +#endif +#endif /* LIBC_SCCS and not lint */ + +#include +#include + +#include +#include +#include +#include + +#ifdef __weak_alias +__weak_alias(strunvis,_strunvis) +#endif + +#if !HAVE_VIS +/* + * decode driven by state machine + */ +#define S_GROUND 0 /* haven't seen escape char */ +#define S_START 1 /* start decoding special sequence */ +#define S_META 2 /* metachar started (M) */ +#define S_META1 3 /* metachar more, regular char (-) */ +#define S_CTRL 4 /* control char started (^) */ +#define S_OCTAL2 5 /* octal digit 2 */ +#define S_OCTAL3 6 /* octal digit 3 */ +#define S_HEX1 7 /* http hex digit */ +#define S_HEX2 8 /* http hex digit 2 */ +#define S_MIME1 9 /* mime hex digit 1 */ +#define S_MIME2 10 /* mime hex digit 2 */ +#define S_EATCRNL 11 /* mime eating CRNL */ +#define S_AMP 12 /* seen & */ +#define S_NUMBER 13 /* collecting number */ +#define S_STRING 14 /* collecting string */ + +#define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') +#define xtod(c) (isdigit(c) ? (c - '0') : ((tolower(c) - 'a') + 10)) +#define XTOD(c) (isdigit(c) ? (c - '0') : ((c - 'A') + 10)) + +/* + * RFC 1866 + */ +static const struct nv { + const char *name; + uint8_t value; +} nv[] = { + { "AElig", 198 }, /* capital AE diphthong (ligature) */ + { "Aacute", 193 }, /* capital A, acute accent */ + { "Acirc", 194 }, /* capital A, circumflex accent */ + { "Agrave", 192 }, /* capital A, grave accent */ + { "Aring", 197 }, /* capital A, ring */ + { "Atilde", 195 }, /* capital A, tilde */ + { "Auml", 196 }, /* capital A, dieresis or umlaut mark */ + { "Ccedil", 199 }, /* capital C, cedilla */ + { "ETH", 208 }, /* capital Eth, Icelandic */ + { "Eacute", 201 }, /* capital E, acute accent */ + { "Ecirc", 202 }, /* capital E, circumflex accent */ + { "Egrave", 200 }, /* capital E, grave accent */ + { "Euml", 203 }, /* capital E, dieresis or umlaut mark */ + { "Iacute", 205 }, /* capital I, acute accent */ + { "Icirc", 206 }, /* capital I, circumflex accent */ + { "Igrave", 204 }, /* capital I, grave accent */ + { "Iuml", 207 }, /* capital I, dieresis or umlaut mark */ + { "Ntilde", 209 }, /* capital N, tilde */ + { "Oacute", 211 }, /* capital O, acute accent */ + { "Ocirc", 212 }, /* capital O, circumflex accent */ + { "Ograve", 210 }, /* capital O, grave accent */ + { "Oslash", 216 }, /* capital O, slash */ + { "Otilde", 213 }, /* capital O, tilde */ + { "Ouml", 214 }, /* capital O, dieresis or umlaut mark */ + { "THORN", 222 }, /* capital THORN, Icelandic */ + { "Uacute", 218 }, /* capital U, acute accent */ + { "Ucirc", 219 }, /* capital U, circumflex accent */ + { "Ugrave", 217 }, /* capital U, grave accent */ + { "Uuml", 220 }, /* capital U, dieresis or umlaut mark */ + { "Yacute", 221 }, /* capital Y, acute accent */ + { "aacute", 225 }, /* small a, acute accent */ + { "acirc", 226 }, /* small a, circumflex accent */ + { "acute", 180 }, /* acute accent */ + { "aelig", 230 }, /* small ae diphthong (ligature) */ + { "agrave", 224 }, /* small a, grave accent */ + { "amp", 38 }, /* ampersand */ + { "aring", 229 }, /* small a, ring */ + { "atilde", 227 }, /* small a, tilde */ + { "auml", 228 }, /* small a, dieresis or umlaut mark */ + { "brvbar", 166 }, /* broken (vertical) bar */ + { "ccedil", 231 }, /* small c, cedilla */ + { "cedil", 184 }, /* cedilla */ + { "cent", 162 }, /* cent sign */ + { "copy", 169 }, /* copyright sign */ + { "curren", 164 }, /* general currency sign */ + { "deg", 176 }, /* degree sign */ + { "divide", 247 }, /* divide sign */ + { "eacute", 233 }, /* small e, acute accent */ + { "ecirc", 234 }, /* small e, circumflex accent */ + { "egrave", 232 }, /* small e, grave accent */ + { "eth", 240 }, /* small eth, Icelandic */ + { "euml", 235 }, /* small e, dieresis or umlaut mark */ + { "frac12", 189 }, /* fraction one-half */ + { "frac14", 188 }, /* fraction one-quarter */ + { "frac34", 190 }, /* fraction three-quarters */ + { "gt", 62 }, /* greater than */ + { "iacute", 237 }, /* small i, acute accent */ + { "icirc", 238 }, /* small i, circumflex accent */ + { "iexcl", 161 }, /* inverted exclamation mark */ + { "igrave", 236 }, /* small i, grave accent */ + { "iquest", 191 }, /* inverted question mark */ + { "iuml", 239 }, /* small i, dieresis or umlaut mark */ + { "laquo", 171 }, /* angle quotation mark, left */ + { "lt", 60 }, /* less than */ + { "macr", 175 }, /* macron */ + { "micro", 181 }, /* micro sign */ + { "middot", 183 }, /* middle dot */ + { "nbsp", 160 }, /* no-break space */ + { "not", 172 }, /* not sign */ + { "ntilde", 241 }, /* small n, tilde */ + { "oacute", 243 }, /* small o, acute accent */ + { "ocirc", 244 }, /* small o, circumflex accent */ + { "ograve", 242 }, /* small o, grave accent */ + { "ordf", 170 }, /* ordinal indicator, feminine */ + { "ordm", 186 }, /* ordinal indicator, masculine */ + { "oslash", 248 }, /* small o, slash */ + { "otilde", 245 }, /* small o, tilde */ + { "ouml", 246 }, /* small o, dieresis or umlaut mark */ + { "para", 182 }, /* pilcrow (paragraph sign) */ + { "plusmn", 177 }, /* plus-or-minus sign */ + { "pound", 163 }, /* pound sterling sign */ + { "quot", 34 }, /* double quote */ + { "raquo", 187 }, /* angle quotation mark, right */ + { "reg", 174 }, /* registered sign */ + { "sect", 167 }, /* section sign */ + { "shy", 173 }, /* soft hyphen */ + { "sup1", 185 }, /* superscript one */ + { "sup2", 178 }, /* superscript two */ + { "sup3", 179 }, /* superscript three */ + { "szlig", 223 }, /* small sharp s, German (sz ligature) */ + { "thorn", 254 }, /* small thorn, Icelandic */ + { "times", 215 }, /* multiply sign */ + { "uacute", 250 }, /* small u, acute accent */ + { "ucirc", 251 }, /* small u, circumflex accent */ + { "ugrave", 249 }, /* small u, grave accent */ + { "uml", 168 }, /* umlaut (dieresis) */ + { "uuml", 252 }, /* small u, dieresis or umlaut mark */ + { "yacute", 253 }, /* small y, acute accent */ + { "yen", 165 }, /* yen sign */ + { "yuml", 255 }, /* small y, dieresis or umlaut mark */ +}; + +/* + * unvis - decode characters previously encoded by vis + */ +int +unvis(char *cp, int c, int *astate, int flag) +{ + unsigned char uc = (unsigned char)c; + unsigned char st, ia, is, lc; + +/* + * Bottom 8 bits of astate hold the state machine state. + * Top 8 bits hold the current character in the http 1866 nv string decoding + */ +#define GS(a) ((a) & 0xff) +#define SS(a, b) (((uint32_t)(a) << 24) | (b)) +#define GI(a) ((uint32_t)(a) >> 24) + + _DIAGASSERT(cp != NULL); + _DIAGASSERT(astate != NULL); + st = GS(*astate); + + if (flag & UNVIS_END) { + switch (st) { + case S_OCTAL2: + case S_OCTAL3: + case S_HEX2: + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + case S_GROUND: + return UNVIS_NOCHAR; + default: + return UNVIS_SYNBAD; + } + } + + switch (st) { + + case S_GROUND: + *cp = 0; + if ((flag & VIS_NOESCAPE) == 0 && c == '\\') { + *astate = SS(0, S_START); + return UNVIS_NOCHAR; + } + if ((flag & VIS_HTTP1808) && c == '%') { + *astate = SS(0, S_HEX1); + return UNVIS_NOCHAR; + } + if ((flag & VIS_HTTP1866) && c == '&') { + *astate = SS(0, S_AMP); + return UNVIS_NOCHAR; + } + if ((flag & VIS_MIMESTYLE) && c == '=') { + *astate = SS(0, S_MIME1); + return UNVIS_NOCHAR; + } + *cp = c; + return UNVIS_VALID; + + case S_START: + switch(c) { + case '\\': + *cp = c; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + case '0': case '1': case '2': case '3': + case '4': case '5': case '6': case '7': + *cp = (c - '0'); + *astate = SS(0, S_OCTAL2); + return UNVIS_NOCHAR; + case 'M': + *cp = (char)0200; + *astate = SS(0, S_META); + return UNVIS_NOCHAR; + case '^': + *astate = SS(0, S_CTRL); + return UNVIS_NOCHAR; + case 'n': + *cp = '\n'; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + case 'r': + *cp = '\r'; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + case 'b': + *cp = '\b'; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + case 'a': + *cp = '\007'; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + case 'v': + *cp = '\v'; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + case 't': + *cp = '\t'; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + case 'f': + *cp = '\f'; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + case 's': + *cp = ' '; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + case 'E': + *cp = '\033'; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + case '\n': + /* + * hidden newline + */ + *astate = SS(0, S_GROUND); + return UNVIS_NOCHAR; + case '$': + /* + * hidden marker + */ + *astate = SS(0, S_GROUND); + return UNVIS_NOCHAR; + } + goto bad; + + case S_META: + if (c == '-') + *astate = SS(0, S_META1); + else if (c == '^') + *astate = SS(0, S_CTRL); + else + goto bad; + return UNVIS_NOCHAR; + + case S_META1: + *astate = SS(0, S_GROUND); + *cp |= c; + return UNVIS_VALID; + + case S_CTRL: + if (c == '?') + *cp |= 0177; + else + *cp |= c & 037; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + + case S_OCTAL2: /* second possible octal digit */ + if (isoctal(uc)) { + /* + * yes - and maybe a third + */ + *cp = (*cp << 3) + (c - '0'); + *astate = SS(0, S_OCTAL3); + return UNVIS_NOCHAR; + } + /* + * no - done with current sequence, push back passed char + */ + *astate = SS(0, S_GROUND); + return UNVIS_VALIDPUSH; + + case S_OCTAL3: /* third possible octal digit */ + *astate = SS(0, S_GROUND); + if (isoctal(uc)) { + *cp = (*cp << 3) + (c - '0'); + return UNVIS_VALID; + } + /* + * we were done, push back passed char + */ + return UNVIS_VALIDPUSH; + + case S_HEX1: + if (isxdigit(uc)) { + *cp = xtod(uc); + *astate = SS(0, S_HEX2); + return UNVIS_NOCHAR; + } + /* + * no - done with current sequence, push back passed char + */ + *astate = SS(0, S_GROUND); + return UNVIS_VALIDPUSH; + + case S_HEX2: + *astate = S_GROUND; + if (isxdigit(uc)) { + *cp = xtod(uc) | (*cp << 4); + return UNVIS_VALID; + } + return UNVIS_VALIDPUSH; + + case S_MIME1: + if (uc == '\n' || uc == '\r') { + *astate = SS(0, S_EATCRNL); + return UNVIS_NOCHAR; + } + if (isxdigit(uc) && (isdigit(uc) || isupper(uc))) { + *cp = XTOD(uc); + *astate = SS(0, S_MIME2); + return UNVIS_NOCHAR; + } + goto bad; + + case S_MIME2: + if (isxdigit(uc) && (isdigit(uc) || isupper(uc))) { + *astate = SS(0, S_GROUND); + *cp = XTOD(uc) | (*cp << 4); + return UNVIS_VALID; + } + goto bad; + + case S_EATCRNL: + switch (uc) { + case '\r': + case '\n': + return UNVIS_NOCHAR; + case '=': + *astate = SS(0, S_MIME1); + return UNVIS_NOCHAR; + default: + *cp = uc; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + } + + case S_AMP: + *cp = 0; + if (uc == '#') { + *astate = SS(0, S_NUMBER); + return UNVIS_NOCHAR; + } + *astate = SS(0, S_STRING); + /*FALLTHROUGH*/ + + case S_STRING: + ia = *cp; /* index in the array */ + is = GI(*astate); /* index in the string */ + lc = is == 0 ? 0 : nv[ia].name[is - 1]; /* last character */ + + if (uc == ';') + uc = '\0'; + + for (; ia < __arraycount(nv); ia++) { + if (is != 0 && nv[ia].name[is - 1] != lc) + goto bad; + if (nv[ia].name[is] == uc) + break; + } + + if (*cp == __arraycount(nv)) + goto bad; + + if (uc != 0) { + *cp = ia; + *astate = SS(is + 1, S_STRING); + return UNVIS_NOCHAR; + } + + *cp = nv[ia].value; + *astate = SS(0, S_GROUND); + return UNVIS_VALID; + + case S_NUMBER: + if (uc == ';') + return UNVIS_VALID; + if (!isdigit(uc)) + goto bad; + *cp += (*cp * 10) + uc - '0'; + return UNVIS_NOCHAR; + + default: + bad: + /* + * decoder in unknown state - (probably uninitialized) + */ + *astate = SS(0, S_GROUND); + return UNVIS_SYNBAD; + } +} + +/* + * strunvis - decode src into dst + * + * Number of chars decoded into dst is returned, -1 on error. + * Dst is null terminated. + */ + +int +strunvisx(char *dst, const char *src, int flag) +{ + char c; + char *start = dst; + int state = 0; + + _DIAGASSERT(src != NULL); + _DIAGASSERT(dst != NULL); + + while ((c = *src++) != '\0') { + again: + switch (unvis(dst, c, &state, flag)) { + case UNVIS_VALID: + dst++; + break; + case UNVIS_VALIDPUSH: + dst++; + goto again; + case 0: + case UNVIS_NOCHAR: + break; + default: + return (-1); + } + } + if (unvis(dst, c, &state, UNVIS_END) == UNVIS_VALID) + dst++; + *dst = '\0'; + return (int)(dst - start); +} + +int +strunvis(char *dst, const char *src) +{ + return strunvisx(dst, src, 0); +} +#endif diff --git a/lib/libedit/src/vi.c b/lib/libedit/src/vi.c new file mode 100644 index 000000000000..fb8ee720362c --- /dev/null +++ b/lib/libedit/src/vi.c @@ -0,0 +1,1162 @@ +/* $NetBSD: vi.c,v 1.34 2011/02/22 05:45:08 joerg Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Christos Zoulas of Cornell University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" +#include +#include +#include +#include + +#if !defined(lint) && !defined(SCCSID) +#if 0 +static char sccsid[] = "@(#)vi.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: vi.c,v 1.34 2011/02/22 05:45:08 joerg Exp $"); +#endif +#endif /* not lint && not SCCSID */ + +/* + * vi.c: Vi mode commands. + */ +#include "el.h" + +private el_action_t cv_action(EditLine *, Int); +private el_action_t cv_paste(EditLine *, Int); + +/* cv_action(): + * Handle vi actions. + */ +private el_action_t +cv_action(EditLine *el, Int c) +{ + + if (el->el_chared.c_vcmd.action != NOP) { + /* 'cc', 'dd' and (possibly) friends */ + if (c != el->el_chared.c_vcmd.action) + return CC_ERROR; + + if (!(c & YANK)) + cv_undo(el); + cv_yank(el, el->el_line.buffer, + (int)(el->el_line.lastchar - el->el_line.buffer)); + el->el_chared.c_vcmd.action = NOP; + el->el_chared.c_vcmd.pos = 0; + if (!(c & YANK)) { + el->el_line.lastchar = el->el_line.buffer; + el->el_line.cursor = el->el_line.buffer; + } + if (c & INSERT) + el->el_map.current = el->el_map.key; + + return (CC_REFRESH); + } + el->el_chared.c_vcmd.pos = el->el_line.cursor; + el->el_chared.c_vcmd.action = c; + return (CC_ARGHACK); +} + +/* cv_paste(): + * Paste previous deletion before or after the cursor + */ +private el_action_t +cv_paste(EditLine *el, Int c) +{ + c_kill_t *k = &el->el_chared.c_kill; + size_t len = (size_t)(k->last - k->buf); + + if (k->buf == NULL || len == 0) + return (CC_ERROR); +#ifdef DEBUG_PASTE + (void) fprintf(el->el_errfile, "Paste: \"%.*s\"\n", (int)len, k->buf); +#endif + + cv_undo(el); + + if (!c && el->el_line.cursor < el->el_line.lastchar) + el->el_line.cursor++; + + c_insert(el, (int)len); + if (el->el_line.cursor + len > el->el_line.lastchar) + return (CC_ERROR); + (void) memcpy(el->el_line.cursor, k->buf, len * + sizeof(*el->el_line.cursor)); + + return (CC_REFRESH); +} + + +/* vi_paste_next(): + * Vi paste previous deletion to the right of the cursor + * [p] + */ +protected el_action_t +/*ARGSUSED*/ +vi_paste_next(EditLine *el, Int c __attribute__((__unused__))) +{ + + return (cv_paste(el, 0)); +} + + +/* vi_paste_prev(): + * Vi paste previous deletion to the left of the cursor + * [P] + */ +protected el_action_t +/*ARGSUSED*/ +vi_paste_prev(EditLine *el, Int c __attribute__((__unused__))) +{ + + return (cv_paste(el, 1)); +} + + +/* vi_prev_big_word(): + * Vi move to the previous space delimited word + * [B] + */ +protected el_action_t +/*ARGSUSED*/ +vi_prev_big_word(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_line.cursor == el->el_line.buffer) + return (CC_ERROR); + + el->el_line.cursor = cv_prev_word(el->el_line.cursor, + el->el_line.buffer, + el->el_state.argument, + cv__isWord); + + if (el->el_chared.c_vcmd.action != NOP) { + cv_delfini(el); + return (CC_REFRESH); + } + return (CC_CURSOR); +} + + +/* vi_prev_word(): + * Vi move to the previous word + * [b] + */ +protected el_action_t +/*ARGSUSED*/ +vi_prev_word(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_line.cursor == el->el_line.buffer) + return (CC_ERROR); + + el->el_line.cursor = cv_prev_word(el->el_line.cursor, + el->el_line.buffer, + el->el_state.argument, + cv__isword); + + if (el->el_chared.c_vcmd.action != NOP) { + cv_delfini(el); + return (CC_REFRESH); + } + return (CC_CURSOR); +} + + +/* vi_next_big_word(): + * Vi move to the next space delimited word + * [W] + */ +protected el_action_t +/*ARGSUSED*/ +vi_next_big_word(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_line.cursor >= el->el_line.lastchar - 1) + return (CC_ERROR); + + el->el_line.cursor = cv_next_word(el, el->el_line.cursor, + el->el_line.lastchar, el->el_state.argument, cv__isWord); + + if (el->el_map.type == MAP_VI) + if (el->el_chared.c_vcmd.action != NOP) { + cv_delfini(el); + return (CC_REFRESH); + } + return (CC_CURSOR); +} + + +/* vi_next_word(): + * Vi move to the next word + * [w] + */ +protected el_action_t +/*ARGSUSED*/ +vi_next_word(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_line.cursor >= el->el_line.lastchar - 1) + return (CC_ERROR); + + el->el_line.cursor = cv_next_word(el, el->el_line.cursor, + el->el_line.lastchar, el->el_state.argument, cv__isword); + + if (el->el_map.type == MAP_VI) + if (el->el_chared.c_vcmd.action != NOP) { + cv_delfini(el); + return (CC_REFRESH); + } + return (CC_CURSOR); +} + + +/* vi_change_case(): + * Vi change case of character under the cursor and advance one character + * [~] + */ +protected el_action_t +vi_change_case(EditLine *el, Int c) +{ + int i; + + if (el->el_line.cursor >= el->el_line.lastchar) + return (CC_ERROR); + cv_undo(el); + for (i = 0; i < el->el_state.argument; i++) { + + c = *el->el_line.cursor; + if (Isupper(c)) + *el->el_line.cursor = Tolower(c); + else if (Islower(c)) + *el->el_line.cursor = Toupper(c); + + if (++el->el_line.cursor >= el->el_line.lastchar) { + el->el_line.cursor--; + re_fastaddc(el); + break; + } + re_fastaddc(el); + } + return CC_NORM; +} + + +/* vi_change_meta(): + * Vi change prefix command + * [c] + */ +protected el_action_t +/*ARGSUSED*/ +vi_change_meta(EditLine *el, Int c __attribute__((__unused__))) +{ + + /* + * Delete with insert == change: first we delete and then we leave in + * insert mode. + */ + return (cv_action(el, DELETE | INSERT)); +} + + +/* vi_insert_at_bol(): + * Vi enter insert mode at the beginning of line + * [I] + */ +protected el_action_t +/*ARGSUSED*/ +vi_insert_at_bol(EditLine *el, Int c __attribute__((__unused__))) +{ + + el->el_line.cursor = el->el_line.buffer; + cv_undo(el); + el->el_map.current = el->el_map.key; + return (CC_CURSOR); +} + + +/* vi_replace_char(): + * Vi replace character under the cursor with the next character typed + * [r] + */ +protected el_action_t +/*ARGSUSED*/ +vi_replace_char(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_line.cursor >= el->el_line.lastchar) + return CC_ERROR; + + el->el_map.current = el->el_map.key; + el->el_state.inputmode = MODE_REPLACE_1; + cv_undo(el); + return (CC_ARGHACK); +} + + +/* vi_replace_mode(): + * Vi enter replace mode + * [R] + */ +protected el_action_t +/*ARGSUSED*/ +vi_replace_mode(EditLine *el, Int c __attribute__((__unused__))) +{ + + el->el_map.current = el->el_map.key; + el->el_state.inputmode = MODE_REPLACE; + cv_undo(el); + return (CC_NORM); +} + + +/* vi_substitute_char(): + * Vi replace character under the cursor and enter insert mode + * [s] + */ +protected el_action_t +/*ARGSUSED*/ +vi_substitute_char(EditLine *el, Int c __attribute__((__unused__))) +{ + + c_delafter(el, el->el_state.argument); + el->el_map.current = el->el_map.key; + return (CC_REFRESH); +} + + +/* vi_substitute_line(): + * Vi substitute entire line + * [S] + */ +protected el_action_t +/*ARGSUSED*/ +vi_substitute_line(EditLine *el, Int c __attribute__((__unused__))) +{ + + cv_undo(el); + cv_yank(el, el->el_line.buffer, + (int)(el->el_line.lastchar - el->el_line.buffer)); + (void) em_kill_line(el, 0); + el->el_map.current = el->el_map.key; + return (CC_REFRESH); +} + + +/* vi_change_to_eol(): + * Vi change to end of line + * [C] + */ +protected el_action_t +/*ARGSUSED*/ +vi_change_to_eol(EditLine *el, Int c __attribute__((__unused__))) +{ + + cv_undo(el); + cv_yank(el, el->el_line.cursor, + (int)(el->el_line.lastchar - el->el_line.cursor)); + (void) ed_kill_line(el, 0); + el->el_map.current = el->el_map.key; + return (CC_REFRESH); +} + + +/* vi_insert(): + * Vi enter insert mode + * [i] + */ +protected el_action_t +/*ARGSUSED*/ +vi_insert(EditLine *el, Int c __attribute__((__unused__))) +{ + + el->el_map.current = el->el_map.key; + cv_undo(el); + return (CC_NORM); +} + + +/* vi_add(): + * Vi enter insert mode after the cursor + * [a] + */ +protected el_action_t +/*ARGSUSED*/ +vi_add(EditLine *el, Int c __attribute__((__unused__))) +{ + int ret; + + el->el_map.current = el->el_map.key; + if (el->el_line.cursor < el->el_line.lastchar) { + el->el_line.cursor++; + if (el->el_line.cursor > el->el_line.lastchar) + el->el_line.cursor = el->el_line.lastchar; + ret = CC_CURSOR; + } else + ret = CC_NORM; + + cv_undo(el); + + return (ret); +} + + +/* vi_add_at_eol(): + * Vi enter insert mode at end of line + * [A] + */ +protected el_action_t +/*ARGSUSED*/ +vi_add_at_eol(EditLine *el, Int c __attribute__((__unused__))) +{ + + el->el_map.current = el->el_map.key; + el->el_line.cursor = el->el_line.lastchar; + cv_undo(el); + return (CC_CURSOR); +} + + +/* vi_delete_meta(): + * Vi delete prefix command + * [d] + */ +protected el_action_t +/*ARGSUSED*/ +vi_delete_meta(EditLine *el, Int c __attribute__((__unused__))) +{ + + return (cv_action(el, DELETE)); +} + + +/* vi_end_big_word(): + * Vi move to the end of the current space delimited word + * [E] + */ +protected el_action_t +/*ARGSUSED*/ +vi_end_big_word(EditLine *el, Int c) +{ + + if (el->el_line.cursor == el->el_line.lastchar) + return (CC_ERROR); + + el->el_line.cursor = cv__endword(el->el_line.cursor, + el->el_line.lastchar, el->el_state.argument, cv__isWord); + + if (el->el_chared.c_vcmd.action != NOP) { + el->el_line.cursor++; + cv_delfini(el); + return (CC_REFRESH); + } + return (CC_CURSOR); +} + + +/* vi_end_word(): + * Vi move to the end of the current word + * [e] + */ +protected el_action_t +/*ARGSUSED*/ +vi_end_word(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_line.cursor == el->el_line.lastchar) + return (CC_ERROR); + + el->el_line.cursor = cv__endword(el->el_line.cursor, + el->el_line.lastchar, el->el_state.argument, cv__isword); + + if (el->el_chared.c_vcmd.action != NOP) { + el->el_line.cursor++; + cv_delfini(el); + return (CC_REFRESH); + } + return (CC_CURSOR); +} + + +/* vi_undo(): + * Vi undo last change + * [u] + */ +protected el_action_t +/*ARGSUSED*/ +vi_undo(EditLine *el, Int c __attribute__((__unused__))) +{ + c_undo_t un = el->el_chared.c_undo; + + if (un.len == -1) + return CC_ERROR; + + /* switch line buffer and undo buffer */ + el->el_chared.c_undo.buf = el->el_line.buffer; + el->el_chared.c_undo.len = el->el_line.lastchar - el->el_line.buffer; + el->el_chared.c_undo.cursor = + (int)(el->el_line.cursor - el->el_line.buffer); + el->el_line.limit = un.buf + (el->el_line.limit - el->el_line.buffer); + el->el_line.buffer = un.buf; + el->el_line.cursor = un.buf + un.cursor; + el->el_line.lastchar = un.buf + un.len; + + return (CC_REFRESH); +} + + +/* vi_command_mode(): + * Vi enter command mode (use alternative key bindings) + * [] + */ +protected el_action_t +/*ARGSUSED*/ +vi_command_mode(EditLine *el, Int c __attribute__((__unused__))) +{ + + /* [Esc] cancels pending action */ + el->el_chared.c_vcmd.action = NOP; + el->el_chared.c_vcmd.pos = 0; + + el->el_state.doingarg = 0; + + el->el_state.inputmode = MODE_INSERT; + el->el_map.current = el->el_map.alt; +#ifdef VI_MOVE + if (el->el_line.cursor > el->el_line.buffer) + el->el_line.cursor--; +#endif + return (CC_CURSOR); +} + + +/* vi_zero(): + * Vi move to the beginning of line + * [0] + */ +protected el_action_t +vi_zero(EditLine *el, Int c) +{ + + if (el->el_state.doingarg) + return ed_argument_digit(el, c); + + el->el_line.cursor = el->el_line.buffer; + if (el->el_chared.c_vcmd.action != NOP) { + cv_delfini(el); + return (CC_REFRESH); + } + return (CC_CURSOR); +} + + +/* vi_delete_prev_char(): + * Vi move to previous character (backspace) + * [^H] in insert mode only + */ +protected el_action_t +/*ARGSUSED*/ +vi_delete_prev_char(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_line.cursor <= el->el_line.buffer) + return (CC_ERROR); + + c_delbefore1(el); + el->el_line.cursor--; + return (CC_REFRESH); +} + + +/* vi_list_or_eof(): + * Vi list choices for completion or indicate end of file if empty line + * [^D] + */ +protected el_action_t +/*ARGSUSED*/ +vi_list_or_eof(EditLine *el, Int c) +{ + + if (el->el_line.cursor == el->el_line.lastchar) { + if (el->el_line.cursor == el->el_line.buffer) { + term_writec(el, c); /* then do a EOF */ + return (CC_EOF); + } else { + /* + * Here we could list completions, but it is an + * error right now + */ + term_beep(el); + return (CC_ERROR); + } + } else { +#ifdef notyet + re_goto_bottom(el); + *el->el_line.lastchar = '\0'; /* just in case */ + return (CC_LIST_CHOICES); +#else + /* + * Just complain for now. + */ + term_beep(el); + return (CC_ERROR); +#endif + } +} + + +/* vi_kill_line_prev(): + * Vi cut from beginning of line to cursor + * [^U] + */ +protected el_action_t +/*ARGSUSED*/ +vi_kill_line_prev(EditLine *el, Int c __attribute__((__unused__))) +{ + Char *kp, *cp; + + cp = el->el_line.buffer; + kp = el->el_chared.c_kill.buf; + while (cp < el->el_line.cursor) + *kp++ = *cp++; /* copy it */ + el->el_chared.c_kill.last = kp; + c_delbefore(el, (int)(el->el_line.cursor - el->el_line.buffer)); + el->el_line.cursor = el->el_line.buffer; /* zap! */ + return (CC_REFRESH); +} + + +/* vi_search_prev(): + * Vi search history previous + * [?] + */ +protected el_action_t +/*ARGSUSED*/ +vi_search_prev(EditLine *el, Int c __attribute__((__unused__))) +{ + + return (cv_search(el, ED_SEARCH_PREV_HISTORY)); +} + + +/* vi_search_next(): + * Vi search history next + * [/] + */ +protected el_action_t +/*ARGSUSED*/ +vi_search_next(EditLine *el, Int c __attribute__((__unused__))) +{ + + return (cv_search(el, ED_SEARCH_NEXT_HISTORY)); +} + + +/* vi_repeat_search_next(): + * Vi repeat current search in the same search direction + * [n] + */ +protected el_action_t +/*ARGSUSED*/ +vi_repeat_search_next(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_search.patlen == 0) + return (CC_ERROR); + else + return (cv_repeat_srch(el, el->el_search.patdir)); +} + + +/* vi_repeat_search_prev(): + * Vi repeat current search in the opposite search direction + * [N] + */ +/*ARGSUSED*/ +protected el_action_t +vi_repeat_search_prev(EditLine *el, Int c __attribute__((__unused__))) +{ + + if (el->el_search.patlen == 0) + return (CC_ERROR); + else + return (cv_repeat_srch(el, + el->el_search.patdir == ED_SEARCH_PREV_HISTORY ? + ED_SEARCH_NEXT_HISTORY : ED_SEARCH_PREV_HISTORY)); +} + + +/* vi_next_char(): + * Vi move to the character specified next + * [f] + */ +protected el_action_t +/*ARGSUSED*/ +vi_next_char(EditLine *el, Int c __attribute__((__unused__))) +{ + return cv_csearch(el, CHAR_FWD, -1, el->el_state.argument, 0); +} + + +/* vi_prev_char(): + * Vi move to the character specified previous + * [F] + */ +protected el_action_t +/*ARGSUSED*/ +vi_prev_char(EditLine *el, Int c __attribute__((__unused__))) +{ + return cv_csearch(el, CHAR_BACK, -1, el->el_state.argument, 0); +} + + +/* vi_to_next_char(): + * Vi move up to the character specified next + * [t] + */ +protected el_action_t +/*ARGSUSED*/ +vi_to_next_char(EditLine *el, Int c __attribute__((__unused__))) +{ + return cv_csearch(el, CHAR_FWD, -1, el->el_state.argument, 1); +} + + +/* vi_to_prev_char(): + * Vi move up to the character specified previous + * [T] + */ +protected el_action_t +/*ARGSUSED*/ +vi_to_prev_char(EditLine *el, Int c __attribute__((__unused__))) +{ + return cv_csearch(el, CHAR_BACK, -1, el->el_state.argument, 1); +} + + +/* vi_repeat_next_char(): + * Vi repeat current character search in the same search direction + * [;] + */ +protected el_action_t +/*ARGSUSED*/ +vi_repeat_next_char(EditLine *el, Int c __attribute__((__unused__))) +{ + + return cv_csearch(el, el->el_search.chadir, el->el_search.chacha, + el->el_state.argument, el->el_search.chatflg); +} + + +/* vi_repeat_prev_char(): + * Vi repeat current character search in the opposite search direction + * [,] + */ +protected el_action_t +/*ARGSUSED*/ +vi_repeat_prev_char(EditLine *el, Int c __attribute__((__unused__))) +{ + el_action_t r; + int dir = el->el_search.chadir; + + r = cv_csearch(el, -dir, el->el_search.chacha, + el->el_state.argument, el->el_search.chatflg); + el->el_search.chadir = dir; + return r; +} + + +/* vi_match(): + * Vi go to matching () {} or [] + * [%] + */ +protected el_action_t +/*ARGSUSED*/ +vi_match(EditLine *el, Int c) +{ + const Char match_chars[] = STR("()[]{}"); + Char *cp; + size_t delta, i, count; + Char o_ch, c_ch; + + *el->el_line.lastchar = '\0'; /* just in case */ + + i = Strcspn(el->el_line.cursor, match_chars); + o_ch = el->el_line.cursor[i]; + if (o_ch == 0) + return CC_ERROR; + delta = Strchr(match_chars, o_ch) - match_chars; + c_ch = match_chars[delta ^ 1]; + count = 1; + delta = 1 - (delta & 1) * 2; + + for (cp = &el->el_line.cursor[i]; count; ) { + cp += delta; + if (cp < el->el_line.buffer || cp >= el->el_line.lastchar) + return CC_ERROR; + if (*cp == o_ch) + count++; + else if (*cp == c_ch) + count--; + } + + el->el_line.cursor = cp; + + if (el->el_chared.c_vcmd.action != NOP) { + /* NB posix says char under cursor should NOT be deleted + for -ve delta - this is different to netbsd vi. */ + if (delta > 0) + el->el_line.cursor++; + cv_delfini(el); + return (CC_REFRESH); + } + return (CC_CURSOR); +} + +/* vi_undo_line(): + * Vi undo all changes to line + * [U] + */ +protected el_action_t +/*ARGSUSED*/ +vi_undo_line(EditLine *el, Int c) +{ + + cv_undo(el); + return hist_get(el); +} + +/* vi_to_column(): + * Vi go to specified column + * [|] + * NB netbsd vi goes to screen column 'n', posix says nth character + */ +protected el_action_t +/*ARGSUSED*/ +vi_to_column(EditLine *el, Int c) +{ + + el->el_line.cursor = el->el_line.buffer; + el->el_state.argument--; + return ed_next_char(el, 0); +} + +/* vi_yank_end(): + * Vi yank to end of line + * [Y] + */ +protected el_action_t +/*ARGSUSED*/ +vi_yank_end(EditLine *el, Int c) +{ + + cv_yank(el, el->el_line.cursor, + (int)(el->el_line.lastchar - el->el_line.cursor)); + return CC_REFRESH; +} + +/* vi_yank(): + * Vi yank + * [y] + */ +protected el_action_t +/*ARGSUSED*/ +vi_yank(EditLine *el, Int c) +{ + + return cv_action(el, YANK); +} + +/* vi_comment_out(): + * Vi comment out current command + * [#] + */ +protected el_action_t +/*ARGSUSED*/ +vi_comment_out(EditLine *el, Int c) +{ + + el->el_line.cursor = el->el_line.buffer; + c_insert(el, 1); + *el->el_line.cursor = '#'; + re_refresh(el); + return ed_newline(el, 0); +} + +/* vi_alias(): + * Vi include shell alias + * [@] + * NB: posix implies that we should enter insert mode, however + * this is against historical precedent... + */ +#undef __weak_reference /* __weak_reference is different on freebsd */ +#ifdef __weak_reference +__weakref_visible char *my_get_alias_text(const char *) + __weak_reference(get_alias_text); +#endif +protected el_action_t +/*ARGSUSED*/ +vi_alias(EditLine *el, Int c) +{ +#ifdef __weak_reference + char alias_name[3]; + char *alias_text; + + if (my_get_alias_text == 0) { + return CC_ERROR; + } + + alias_name[0] = '_'; + alias_name[2] = 0; + if (el_getc(el, &alias_name[1]) != 1) + return CC_ERROR; + + alias_text = my_get_alias_text(alias_name); + if (alias_text != NULL) + FUN(el,push)(el, ct_decode_string(alias_text, &el->el_scratch)); + return CC_NORM; +#else + return CC_ERROR; +#endif +} + +/* vi_to_history_line(): + * Vi go to specified history file line. + * [G] + */ +protected el_action_t +/*ARGSUSED*/ +vi_to_history_line(EditLine *el, Int c) +{ + int sv_event_no = el->el_history.eventno; + el_action_t rval; + + + if (el->el_history.eventno == 0) { + (void) Strncpy(el->el_history.buf, el->el_line.buffer, + EL_BUFSIZ); + el->el_history.last = el->el_history.buf + + (el->el_line.lastchar - el->el_line.buffer); + } + + /* Lack of a 'count' means oldest, not 1 */ + if (!el->el_state.doingarg) { + el->el_history.eventno = 0x7fffffff; + hist_get(el); + } else { + /* This is brain dead, all the rest of this code counts + * upwards going into the past. Here we need count in the + * other direction (to match the output of fc -l). + * I could change the world, but this seems to suffice. + */ + el->el_history.eventno = 1; + if (hist_get(el) == CC_ERROR) + return CC_ERROR; + el->el_history.eventno = 1 + el->el_history.ev.num + - el->el_state.argument; + if (el->el_history.eventno < 0) { + el->el_history.eventno = sv_event_no; + return CC_ERROR; + } + } + rval = hist_get(el); + if (rval == CC_ERROR) + el->el_history.eventno = sv_event_no; + return rval; +} + +/* vi_histedit(): + * Vi edit history line with vi + * [v] + */ +protected el_action_t +/*ARGSUSED*/ +vi_histedit(EditLine *el, Int c) +{ + int fd; + pid_t pid; + ssize_t st; + int status; + char tempfile[] = "/tmp/histedit.XXXXXXXXXX"; + char *cp; + size_t len; + Char *line; + + if (el->el_state.doingarg) { + if (vi_to_history_line(el, 0) == CC_ERROR) + return CC_ERROR; + } + + fd = mkstemp(tempfile); + if (fd < 0) + return CC_ERROR; + len = (size_t)(el->el_line.lastchar - el->el_line.buffer); +#define TMP_BUFSIZ (EL_BUFSIZ * MB_LEN_MAX) + cp = el_malloc(TMP_BUFSIZ); + if (cp == NULL) { + unlink(tempfile); + close(fd); + return CC_ERROR; + } + line = el_malloc(len * sizeof(*line)); + if (line == NULL) { + el_free((ptr_t)cp); + return CC_ERROR; + } + Strncpy(line, el->el_line.buffer, len); + line[len] = '\0'; + ct_wcstombs(cp, line, TMP_BUFSIZ - 1); + cp[TMP_BUFSIZ - 1] = '\0'; + len = strlen(cp); + write(fd, cp, len); + write(fd, "\n", 1); + pid = fork(); + switch (pid) { + case -1: + close(fd); + unlink(tempfile); + el_free(cp); + el_free(line); + return CC_ERROR; + case 0: + close(fd); + execlp("vi", "vi", tempfile, (char *)NULL); + exit(0); + /*NOTREACHED*/ + default: + while (waitpid(pid, &status, 0) != pid) + continue; + lseek(fd, (off_t)0, SEEK_SET); + st = read(fd, cp, TMP_BUFSIZ); + if (st > 0) { + len = (size_t)(el->el_line.lastchar - + el->el_line.buffer); + len = ct_mbstowcs(el->el_line.buffer, cp, len); + if (len > 0 && el->el_line.buffer[len -1] == '\n') + --len; + } + else + len = 0; + el->el_line.cursor = el->el_line.buffer; + el->el_line.lastchar = el->el_line.buffer + len; + el_free(cp); + el_free(line); + break; + } + + close(fd); + unlink(tempfile); + /* return CC_REFRESH; */ + return ed_newline(el, 0); +} + +/* vi_history_word(): + * Vi append word from previous input line + * [_] + * Who knows where this one came from! + * '_' in vi means 'entire current line', so 'cc' is a synonym for 'c_' + */ +protected el_action_t +/*ARGSUSED*/ +vi_history_word(EditLine *el, Int c) +{ + const Char *wp = HIST_FIRST(el); + const Char *wep, *wsp; + int len; + Char *cp; + const Char *lim; + + if (wp == NULL) + return CC_ERROR; + + wep = wsp = 0; + do { + while (Isspace(*wp)) + wp++; + if (*wp == 0) + break; + wsp = wp; + while (*wp && !Isspace(*wp)) + wp++; + wep = wp; + } while ((!el->el_state.doingarg || --el->el_state.argument > 0) + && *wp != 0); + + if (wsp == 0 || (el->el_state.doingarg && el->el_state.argument != 0)) + return CC_ERROR; + + cv_undo(el); + len = (int)(wep - wsp); + if (el->el_line.cursor < el->el_line.lastchar) + el->el_line.cursor++; + c_insert(el, len + 1); + cp = el->el_line.cursor; + lim = el->el_line.limit; + if (cp < lim) + *cp++ = ' '; + while (wsp < wep && cp < lim) + *cp++ = *wsp++; + el->el_line.cursor = cp; + + el->el_map.current = el->el_map.key; + return CC_REFRESH; +} + +/* vi_redo(): + * Vi redo last non-motion command + * [.] + */ +protected el_action_t +/*ARGSUSED*/ +vi_redo(EditLine *el, Int c) +{ + c_redo_t *r = &el->el_chared.c_redo; + + if (!el->el_state.doingarg && r->count) { + el->el_state.doingarg = 1; + el->el_state.argument = r->count; + } + + el->el_chared.c_vcmd.pos = el->el_line.cursor; + el->el_chared.c_vcmd.action = r->action; + if (r->pos != r->buf) { + if (r->pos + 1 > r->lim) + /* sanity */ + r->pos = r->lim - 1; + r->pos[0] = 0; + FUN(el,push)(el, r->buf); + } + + el->el_state.thiscmd = r->cmd; + el->el_state.thisch = r->ch; + return (*el->el_map.func[r->cmd])(el, r->ch); +} diff --git a/lib/libedit/src/vis.c b/lib/libedit/src/vis.c new file mode 100644 index 000000000000..2641c4a9f675 --- /dev/null +++ b/lib/libedit/src/vis.c @@ -0,0 +1,423 @@ +/* $NetBSD: vis.c,v 1.41 2009/11/23 10:08:47 plunky Exp $ */ + +/*- + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/*- + * Copyright (c) 1999, 2005 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" + +#if defined(LIBC_SCCS) && !defined(lint) +__RCSID("$NetBSD: vis.c,v 1.41 2009/11/23 10:08:47 plunky Exp $"); +#endif /* LIBC_SCCS and not lint */ + +#include + +#include +#include +#include + +#ifdef __weak_alias +__weak_alias(strsvis,_strsvis) +__weak_alias(strsvisx,_strsvisx) +__weak_alias(strvis,_strvis) +__weak_alias(strvisx,_strvisx) +__weak_alias(svis,_svis) +__weak_alias(vis,_vis) +#endif + +#if !HAVE_VIS || !HAVE_SVIS +#include +#include +#include +#include + +static char *do_svis(char *, int, int, int, const char *); + +#undef BELL +#define BELL '\a' + +#define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') +#define iswhite(c) (c == ' ' || c == '\t' || c == '\n') +#define issafe(c) (c == '\b' || c == BELL || c == '\r') +#define xtoa(c) "0123456789abcdef"[c] +#define XTOA(c) "0123456789ABCDEF"[c] + +#define MAXEXTRAS 5 + +#define MAKEEXTRALIST(flag, extra, orig_str) \ +do { \ + const char *orig = orig_str; \ + const char *o = orig; \ + char *e; \ + while (*o++) \ + continue; \ + extra = malloc((size_t)((o - orig) + MAXEXTRAS)); \ + if (!extra) break; \ + for (o = orig, e = extra; (*e++ = *o++) != '\0';) \ + continue; \ + e--; \ + if (flag & VIS_SP) *e++ = ' '; \ + if (flag & VIS_TAB) *e++ = '\t'; \ + if (flag & VIS_NL) *e++ = '\n'; \ + if ((flag & VIS_NOSLASH) == 0) *e++ = '\\'; \ + *e = '\0'; \ +} while (/*CONSTCOND*/0) + +/* + * This is do_hvis, for HTTP style (RFC 1808) + */ +static char * +do_hvis(char *dst, int c, int flag, int nextc, const char *extra) +{ + + if ((isascii(c) && isalnum(c)) + /* safe */ + || c == '$' || c == '-' || c == '_' || c == '.' || c == '+' + /* extra */ + || c == '!' || c == '*' || c == '\'' || c == '(' || c == ')' + || c == ',') { + dst = do_svis(dst, c, flag, nextc, extra); + } else { + *dst++ = '%'; + *dst++ = xtoa(((unsigned int)c >> 4) & 0xf); + *dst++ = xtoa((unsigned int)c & 0xf); + } + + return dst; +} + +/* + * This is do_mvis, for Quoted-Printable MIME (RFC 2045) + * NB: No handling of long lines or CRLF. + */ +static char * +do_mvis(char *dst, int c, int flag, int nextc, const char *extra) +{ + if ((c != '\n') && + /* Space at the end of the line */ + ((isspace(c) && (nextc == '\r' || nextc == '\n')) || + /* Out of range */ + (!isspace(c) && (c < 33 || (c > 60 && c < 62) || c > 126)) || + /* Specific char to be escaped */ + strchr("#$@[\\]^`{|}~", c) != NULL)) { + *dst++ = '='; + *dst++ = XTOA(((unsigned int)c >> 4) & 0xf); + *dst++ = XTOA((unsigned int)c & 0xf); + } else { + dst = do_svis(dst, c, flag, nextc, extra); + } + return dst; +} + +/* + * This is do_vis, the central code of vis. + * dst: Pointer to the destination buffer + * c: Character to encode + * flag: Flag word + * nextc: The character following 'c' + * extra: Pointer to the list of extra characters to be + * backslash-protected. + */ +static char * +do_svis(char *dst, int c, int flag, int nextc, const char *extra) +{ + int isextra; + isextra = strchr(extra, c) != NULL; + if (!isextra && isascii(c) && (isgraph(c) || iswhite(c) || + ((flag & VIS_SAFE) && issafe(c)))) { + *dst++ = c; + return dst; + } + if (flag & VIS_CSTYLE) { + switch (c) { + case '\n': + *dst++ = '\\'; *dst++ = 'n'; + return dst; + case '\r': + *dst++ = '\\'; *dst++ = 'r'; + return dst; + case '\b': + *dst++ = '\\'; *dst++ = 'b'; + return dst; + case BELL: + *dst++ = '\\'; *dst++ = 'a'; + return dst; + case '\v': + *dst++ = '\\'; *dst++ = 'v'; + return dst; + case '\t': + *dst++ = '\\'; *dst++ = 't'; + return dst; + case '\f': + *dst++ = '\\'; *dst++ = 'f'; + return dst; + case ' ': + *dst++ = '\\'; *dst++ = 's'; + return dst; + case '\0': + *dst++ = '\\'; *dst++ = '0'; + if (isoctal(nextc)) { + *dst++ = '0'; + *dst++ = '0'; + } + return dst; + default: + if (isgraph(c)) { + *dst++ = '\\'; *dst++ = c; + return dst; + } + } + } + if (isextra || ((c & 0177) == ' ') || (flag & VIS_OCTAL)) { + *dst++ = '\\'; + *dst++ = (u_char)(((u_int32_t)(u_char)c >> 6) & 03) + '0'; + *dst++ = (u_char)(((u_int32_t)(u_char)c >> 3) & 07) + '0'; + *dst++ = (c & 07) + '0'; + } else { + if ((flag & VIS_NOSLASH) == 0) *dst++ = '\\'; + if (c & 0200) { + c &= 0177; *dst++ = 'M'; + } + if (iscntrl(c)) { + *dst++ = '^'; + if (c == 0177) + *dst++ = '?'; + else + *dst++ = c + '@'; + } else { + *dst++ = '-'; *dst++ = c; + } + } + return dst; +} + +typedef char *(*visfun_t)(char *, int, int, int, const char *); + +/* + * Return the appropriate encoding function depending on the flags given. + */ +static visfun_t +getvisfun(int flag) +{ + if (flag & VIS_HTTPSTYLE) + return do_hvis; + if (flag & VIS_MIMESTYLE) + return do_mvis; + return do_svis; +} + +/* + * svis - visually encode characters, also encoding the characters + * pointed to by `extra' + */ +char * +svis(char *dst, int c, int flag, int nextc, const char *extra) +{ + char *nextra = NULL; + visfun_t f; + + _DIAGASSERT(dst != NULL); + _DIAGASSERT(extra != NULL); + MAKEEXTRALIST(flag, nextra, extra); + if (!nextra) { + *dst = '\0'; /* can't create nextra, return "" */ + return dst; + } + f = getvisfun(flag); + dst = (*f)(dst, c, flag, nextc, nextra); + free(nextra); + *dst = '\0'; + return dst; +} + + +/* + * strsvis, strsvisx - visually encode characters from src into dst + * + * Extra is a pointer to a \0-terminated list of characters to + * be encoded, too. These functions are useful e. g. to + * encode strings in such a way so that they are not interpreted + * by a shell. + * + * Dst must be 4 times the size of src to account for possible + * expansion. The length of dst, not including the trailing NULL, + * is returned. + * + * Strsvisx encodes exactly len bytes from src into dst. + * This is useful for encoding a block of data. + */ +int +strsvis(char *dst, const char *csrc, int flag, const char *extra) +{ + int c; + char *start; + char *nextra = NULL; + const unsigned char *src = (const unsigned char *)csrc; + visfun_t f; + + _DIAGASSERT(dst != NULL); + _DIAGASSERT(src != NULL); + _DIAGASSERT(extra != NULL); + MAKEEXTRALIST(flag, nextra, extra); + if (!nextra) { + *dst = '\0'; /* can't create nextra, return "" */ + return 0; + } + f = getvisfun(flag); + for (start = dst; (c = *src++) != '\0'; /* empty */) + dst = (*f)(dst, c, flag, *src, nextra); + free(nextra); + *dst = '\0'; + return (int)(dst - start); +} + + +int +strsvisx(char *dst, const char *csrc, size_t len, int flag, const char *extra) +{ + unsigned char c; + char *start; + char *nextra = NULL; + const unsigned char *src = (const unsigned char *)csrc; + visfun_t f; + + _DIAGASSERT(dst != NULL); + _DIAGASSERT(src != NULL); + _DIAGASSERT(extra != NULL); + MAKEEXTRALIST(flag, nextra, extra); + if (! nextra) { + *dst = '\0'; /* can't create nextra, return "" */ + return 0; + } + + f = getvisfun(flag); + for (start = dst; len > 0; len--) { + c = *src++; + dst = (*f)(dst, c, flag, len > 1 ? *src : '\0', nextra); + } + free(nextra); + *dst = '\0'; + return (int)(dst - start); +} +#endif + +#if !HAVE_VIS +/* + * vis - visually encode characters + */ +char * +vis(char *dst, int c, int flag, int nextc) +{ + char *extra = NULL; + unsigned char uc = (unsigned char)c; + visfun_t f; + + _DIAGASSERT(dst != NULL); + + MAKEEXTRALIST(flag, extra, ""); + if (! extra) { + *dst = '\0'; /* can't create extra, return "" */ + return dst; + } + f = getvisfun(flag); + dst = (*f)(dst, uc, flag, nextc, extra); + free(extra); + *dst = '\0'; + return dst; +} + + +/* + * strvis, strvisx - visually encode characters from src into dst + * + * Dst must be 4 times the size of src to account for possible + * expansion. The length of dst, not including the trailing NULL, + * is returned. + * + * Strvisx encodes exactly len bytes from src into dst. + * This is useful for encoding a block of data. + */ +int +strvis(char *dst, const char *src, int flag) +{ + char *extra = NULL; + int rv; + + MAKEEXTRALIST(flag, extra, ""); + if (!extra) { + *dst = '\0'; /* can't create extra, return "" */ + return 0; + } + rv = strsvis(dst, src, flag, extra); + free(extra); + return rv; +} + + +int +strvisx(char *dst, const char *src, size_t len, int flag) +{ + char *extra = NULL; + int rv; + + MAKEEXTRALIST(flag, extra, ""); + if (!extra) { + *dst = '\0'; /* can't create extra, return "" */ + return 0; + } + rv = strsvisx(dst, src, len, flag, extra); + free(extra); + return rv; +} +#endif diff --git a/lib/roken/vis.h b/lib/libedit/src/vis.h similarity index 59% rename from lib/roken/vis.h rename to lib/libedit/src/vis.h index 224870b00af1..23fc0d8e6d01 100644 --- a/lib/roken/vis.h +++ b/lib/libedit/src/vis.h @@ -1,5 +1,4 @@ -/* $NetBSD: vis.h,v 1.11 1999/11/25 16:55:50 wennmach Exp $ */ -/* $Id: vis.hin 19341 2006-12-15 11:53:09Z lha $ */ +/* $NetBSD: vis.h,v 1.18 2010/11/27 19:44:54 christos Exp $ */ /*- * Copyright (c) 1990, 1993 @@ -35,34 +34,31 @@ #ifndef _VIS_H_ #define _VIS_H_ -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - /* * to select alternate encoding format */ -#define VIS_OCTAL 0x01 /* use octal \ddd format */ -#define VIS_CSTYLE 0x02 /* use \[nrft0..] where appropiate */ +#define VIS_OCTAL 0x001 /* use octal \ddd format */ +#define VIS_CSTYLE 0x002 /* use \[nrft0..] where appropiate */ /* * to alter set of characters encoded (default is to encode all * non-graphic except space, tab, and newline). */ -#define VIS_SP 0x04 /* also encode space */ -#define VIS_TAB 0x08 /* also encode tab */ -#define VIS_NL 0x10 /* also encode newline */ +#define VIS_SP 0x004 /* also encode space */ +#define VIS_TAB 0x008 /* also encode tab */ +#define VIS_NL 0x010 /* also encode newline */ #define VIS_WHITE (VIS_SP | VIS_TAB | VIS_NL) -#define VIS_SAFE 0x20 /* only encode "unsafe" characters */ +#define VIS_SAFE 0x020 /* only encode "unsafe" characters */ /* * other */ -#define VIS_NOSLASH 0x40 /* inhibit printing '\' */ +#define VIS_NOSLASH 0x040 /* inhibit printing '\' */ +#define VIS_HTTP1808 0x080 /* http-style escape % hex hex */ +#define VIS_HTTPSTYLE 0x080 /* http-style escape % hex hex */ +#define VIS_MIMESTYLE 0x100 /* mime-style escape = HEX HEX */ +#define VIS_HTTP1866 0x200 /* http-style &#num; or &string; */ +#define VIS_NOESCAPE 0x400 /* don't decode `\' */ /* * unvis return codes @@ -78,38 +74,18 @@ */ #define UNVIS_END 1 /* no more characters */ -char ROKEN_LIB_FUNCTION - *rk_vis (char *, int, int, int); -char ROKEN_LIB_FUNCTION - *rk_svis (char *, int, int, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strvis (char *, const char *, int); -int ROKEN_LIB_FUNCTION - rk_strsvis (char *, const char *, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strvisx (char *, const char *, size_t, int); -int ROKEN_LIB_FUNCTION - rk_strsvisx (char *, const char *, size_t, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strunvis (char *, const char *); -int ROKEN_LIB_FUNCTION - rk_unvis (char *, int, int *, int); - -#undef vis -#define vis(a,b,c,d) rk_vis(a,b,c,d) -#undef svis -#define svis(a,b,c,d,e) rk_svis(a,b,c,d,e) -#undef strvis -#define strvis(a,b,c) rk_strvis(a,b,c) -#undef strsvis -#define strsvis(a,b,c,d) rk_strsvis(a,b,c,d) -#undef strvisx -#define strvisx(a,b,c,d) rk_strvisx(a,b,c,d) -#undef strsvisx -#define strsvisx(a,b,c,d,e) rk_strsvisx(a,b,c,d,e) -#undef strunvis -#define strunvis(a,b) rk_strunvis(a,b) -#undef unvis -#define unvis(a,b,c,d) rk_unvis(a,b,c,d) +__BEGIN_DECLS +char *vis(char *, int, int, int); +char *svis(char *, int, int, int, const char *); +int strvis(char *, const char *, int); +int strsvis(char *, const char *, int, const char *); +int strvisx(char *, const char *, size_t, int); +int strsvisx(char *, const char *, size_t, int, const char *); +int strunvis(char *, const char *); +int strunvisx(char *, const char *, int); +#ifndef __LIBC12_SOURCE__ +int unvis(char *, int, int *, int); +#endif +__END_DECLS #endif /* !_VIS_H_ */ diff --git a/lib/libedit/src/wcsdup.c b/lib/libedit/src/wcsdup.c new file mode 100644 index 000000000000..5cf7b5919e07 --- /dev/null +++ b/lib/libedit/src/wcsdup.c @@ -0,0 +1,43 @@ +/* $NetBSD: wcsdup.c,v 1.3 2008/05/26 13:17:48 haad Exp $ */ + +/* + * Copyright (C) 2006 Aleksey Cheusov + * + * This material is provided "as is", with absolutely no warranty expressed + * or implied. Any use is at your own risk. + * + * Permission to use or copy this software for any purpose is hereby granted + * without fee. Permission to modify the code and to distribute modified + * code is also granted without any restrictions. + */ + +#ifndef HAVE_WCSDUP + +#include "config.h" + +#if defined(LIBC_SCCS) && !defined(lint) +__RCSID("$NetBSD: wcsdup.c,v 1.3 2008/05/26 13:17:48 haad Exp $"); +#endif /* LIBC_SCCS and not lint */ + +#include +#include +#include + +wchar_t * +wcsdup(const wchar_t *str) +{ + wchar_t *copy; + size_t len; + + _DIAGASSERT(str != NULL); + + len = wcslen(str) + 1; + copy = malloc(len * sizeof (wchar_t)); + + if (!copy) + return NULL; + + return wmemcpy(copy, str, len); +} + +#endif diff --git a/lib/ntlm/ChangeLog b/lib/ntlm/ChangeLog index b38ae91c4606..b2e151ac4752 100644 --- a/lib/ntlm/ChangeLog +++ b/lib/ntlm/ChangeLog @@ -1,11 +1,19 @@ -2007-12-28 Love Hörnquist Åstrand +2008-05-14 Love Hornquist Astrand + + * ntlm.c: replace hashes with keys. + +2008-04-27 Love Hörnquist Ã…strand + + * ntlm.c: Use DES_set_key_unchecked(). + +2007-12-28 Love Hörnquist Ã…strand * heimntlm.h: Add NTLM_TARGET_* * ntlm.c: Make heim_ntlm_decode_type3 more useful and provide a username. From Ming Yang. -2007-11-11 Love Hörnquist Åstrand +2007-11-11 Love Hörnquist Ã…strand * move doxygen into the main file @@ -13,18 +21,18 @@ * export heim_ntlm_free_buf, start doxygen documentation -2007-07-17 Love Hörnquist Åstrand +2007-07-17 Love Hörnquist Ã…strand * ntlm.c: Use unsigned char * as argument to HMAC_Update to please OpenSSL and gcc. * test_ntlm.c: more verbose what we are testing. -2007-07-10 Love Hörnquist Åstrand +2007-07-10 Love Hörnquist Ã…strand * Makefile.am: New library version. -2007-06-20 Love Hörnquist Åstrand +2007-06-20 Love Hörnquist Ã…strand * test_ntlm.c: heim_ntlm_calculate_ntlm2_sess_resp @@ -47,31 +55,31 @@ * test_ntlm.c: Test heim_ntlm_calculate_ntlm2_sess_resp from Puneet Mehra. -2007-06-08 Love Hörnquist Åstrand +2007-06-08 Love Hörnquist Ã…strand * Makefile.am: EXTRA_DIST += version-script.map. -2007-06-03 Love Hörnquist Åstrand +2007-06-03 Love Hörnquist Ã…strand * test_ntlm.c: Free memory diffrently. * ntlm.c: Make free functions free memory. -2007-04-22 Love Hörnquist Åstrand +2007-04-22 Love Hörnquist Ã…strand * Makefile.am: symbol versioning. * version-script.map: symbol versioning. -2007-01-31 Love Hörnquist Åstrand +2007-01-31 Love Hörnquist Ã…strand * test_ntlm.c: No need to include . -2007-01-04 Love Hörnquist Åstrand +2007-01-04 Love Hörnquist Ã…strand * Makefile.am: add LIB_roken for test_ntlm -2006-12-26 Love Hörnquist Åstrand +2006-12-26 Love Hörnquist Ã…strand * test_ntlm.c: Verify infotarget. @@ -83,7 +91,7 @@ * ntlm.c: Include . -2006-12-20 Love Hörnquist Åstrand +2006-12-20 Love Hörnquist Ã…strand * test_ntlm.c: add some new tests. @@ -93,17 +101,17 @@ * heimntlm.h: Add NTLM_NEG_NTLM2_SESSION, NTLMv2 session security. -2006-12-19 Love Hörnquist Åstrand +2006-12-19 Love Hörnquist Ã…strand * ntlm.c (heim_ntlm_build_ntlm1_master): return session master key. -2006-12-18 Love Hörnquist Åstrand +2006-12-18 Love Hörnquist Ã…strand * ntlm.c (heim_ntlm_build_ntlm1_master): calculate the ntlm version 1 "master" key. -2006-12-13 Love Hörnquist Åstrand +2006-12-13 Love Hörnquist Ã…strand * test_ntlm.c: Add simple parser test app. diff --git a/lib/ntlm/Makefile.am b/lib/ntlm/Makefile.am index 8d6214168933..8b36bbc14e48 100644 --- a/lib/ntlm/Makefile.am +++ b/lib/ntlm/Makefile.am @@ -1,12 +1,18 @@ -# $Id: Makefile.am 22045 2007-11-11 08:57:47Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common -lib_LTLIBRARIES = libheimntlm.la +AM_CPPFLAGS += $(INCLUDE_hcrypto) -include_HEADERS = heimntlm.h heimntlm-protos.h +lib_LTLIBRARIES = libheimntlm.la -libheimntlm_la_SOURCES = ntlm.c heimntlm.h +dist_include_HEADERS = heimntlm.h heimntlm-protos.h + +nodist_include_HEADERS = ntlm_err.h + +dist_libheimntlm_la_SOURCES = ntlm.c heimntlm.h + +nodist_libheimntlm_la_SOURCES = ntlm_err.c libheimntlm_la_LDFLAGS = -version-info 1:0:1 @@ -17,13 +23,13 @@ $(libheimntlm_la_OBJECTS): $(srcdir)/version-script.map libheimntlm_la_LIBADD = \ ../krb5/libkrb5.la \ + $(LIB_hcrypto) \ $(LIBADD_roken) $(srcdir)/heimntlm-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o heimntlm-protos.h $(libheimntlm_la_SOURCES) || rm -f heimntlm-protos.h - -$(libheimntlm_la_OBJECTS): $(srcdir)/heimntlm-protos.h + cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o heimntlm-protos.h $(dist_libheimntlm_la_SOURCES) || rm -f heimntlm-protos.h +$(libheimntlm_la_OBJECTS): $(srcdir)/heimntlm-protos.h ntlm_err.h TESTS = test_ntlm @@ -31,4 +37,14 @@ check_PROGRAMS = test_ntlm LDADD = libheimntlm.la $(LIB_roken) -EXTRA_DIST = version-script.map +EXTRA_DIST = \ + NTMakefile \ + libheimntlm-version.rc \ + libheimntlm-exports.def \ + version-script.map \ + ntlm_err.et + +CLEANFILES = \ + ntlm_err.c ntlm_err.h + +ntlm_err.h: ntlm_err.et diff --git a/lib/ntlm/Makefile.in b/lib/ntlm/Makefile.in index b5c614f89425..f033c982259f 100644 --- a/lib/ntlm/Makefile.in +++ b/lib/ntlm/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,17 +15,18 @@ @SET_MAKE@ -# $Id: Makefile.am 22045 2007-11-11 08:57:47Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -39,7 +41,7 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ +DIST_COMMON = $(dist_include_HEADERS) $(srcdir)/Makefile.am \ $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ $(top_srcdir)/cf/Makefile.am.common ChangeLog @versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map @@ -48,7 +50,7 @@ check_PROGRAMS = test_ntlm$(EXEEXT) subdir = lib/ntlm ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -63,7 +65,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -77,9 +79,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -87,25 +92,44 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" \ + "$(DESTDIR)$(includedir)" LTLIBRARIES = $(lib_LTLIBRARIES) am__DEPENDENCIES_1 = -libheimntlm_la_DEPENDENCIES = ../krb5/libkrb5.la $(am__DEPENDENCIES_1) -am_libheimntlm_la_OBJECTS = ntlm.lo -libheimntlm_la_OBJECTS = $(am_libheimntlm_la_OBJECTS) +libheimntlm_la_DEPENDENCIES = ../krb5/libkrb5.la $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) +dist_libheimntlm_la_OBJECTS = ntlm.lo +nodist_libheimntlm_la_OBJECTS = ntlm_err.lo +libheimntlm_la_OBJECTS = $(dist_libheimntlm_la_OBJECTS) \ + $(nodist_libheimntlm_la_OBJECTS) libheimntlm_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libheimntlm_la_LDFLAGS) $(LDFLAGS) -o $@ @@ -113,9 +137,9 @@ test_ntlm_SOURCES = test_ntlm.c test_ntlm_OBJECTS = test_ntlm.$(OBJEXT) test_ntlm_LDADD = $(LDADD) test_ntlm_DEPENDENCIES = libheimntlm.la $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -125,60 +149,71 @@ CCLD = $(CC) LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ -SOURCES = $(libheimntlm_la_SOURCES) test_ntlm.c -DIST_SOURCES = $(libheimntlm_la_SOURCES) test_ntlm.c -includeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(include_HEADERS) +SOURCES = $(dist_libheimntlm_la_SOURCES) \ + $(nodist_libheimntlm_la_SOURCES) test_ntlm.c +DIST_SOURCES = $(dist_libheimntlm_la_SOURCES) test_ntlm.c +HEADERS = $(dist_include_HEADERS) $(nodist_include_HEADERS) ETAGS = etags CTAGS = ctags +am__tty_colors = \ +red=; grn=; lgn=; blu=; std= DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -202,10 +237,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -222,6 +258,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -237,31 +275,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -276,10 +328,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -320,56 +374,73 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_hcrypto) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la lib_LTLIBRARIES = libheimntlm.la -include_HEADERS = heimntlm.h heimntlm-protos.h -libheimntlm_la_SOURCES = ntlm.c heimntlm.h +dist_include_HEADERS = heimntlm.h heimntlm-protos.h +nodist_include_HEADERS = ntlm_err.h +dist_libheimntlm_la_SOURCES = ntlm.c heimntlm.h +nodist_libheimntlm_la_SOURCES = ntlm_err.c libheimntlm_la_LDFLAGS = -version-info 1:0:1 $(am__append_1) libheimntlm_la_LIBADD = \ ../krb5/libkrb5.la \ + $(LIB_hcrypto) \ $(LIBADD_roken) LDADD = libheimntlm.la $(LIB_roken) -EXTRA_DIST = version-script.map +EXTRA_DIST = \ + NTMakefile \ + libheimntlm-version.rc \ + libheimntlm-exports.def \ + version-script.map \ + ntlm_err.et + +CLEANFILES = \ + ntlm_err.c ntlm_err.h + all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/ntlm/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/ntlm/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/ntlm/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/ntlm/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -387,23 +458,28 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -418,11 +494,13 @@ libheimntlm.la: $(libheimntlm_la_OBJECTS) $(libheimntlm_la_DEPENDENCIES) $(libheimntlm_la_LINK) -rpath $(libdir) $(libheimntlm_la_OBJECTS) $(libheimntlm_la_LIBADD) $(LIBS) clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list test_ntlm$(EXEEXT): $(test_ntlm_OBJECTS) $(test_ntlm_DEPENDENCIES) @rm -f test_ntlm$(EXEEXT) $(LINK) $(test_ntlm_OBJECTS) $(test_ntlm_LDADD) $(LIBS) @@ -433,90 +511,134 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntlm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntlm_err.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_ntlm.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-includeHEADERS: $(include_HEADERS) +install-dist_includeHEADERS: $(dist_include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ + @list='$(dist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done -uninstall-includeHEADERS: +uninstall-dist_includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ + @list='$(dist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files +install-nodist_includeHEADERS: $(nodist_include_HEADERS) + @$(NORMAL_INSTALL) + test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done +uninstall-nodist_includeHEADERS: + @$(NORMAL_UNINSTALL) + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files + ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ srcdir=$(srcdir); export srcdir; \ list=' $(TESTS) '; \ + $(am__tty_colors); \ if test -n "$$list"; then \ for tst in $$list; do \ if test -f ./$$tst; then dir=./; \ @@ -525,49 +647,63 @@ check-TESTS: $(TESTS) if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xpass=`expr $$xpass + 1`; \ failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ + col=$$red; res=XPASS; \ ;; \ *) \ - echo "PASS: $$tst"; \ + col=$$grn; res=PASS; \ ;; \ esac; \ elif test $$? -ne 77; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ + col=$$lgn; res=XFAIL; \ ;; \ *) \ failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ + col=$$red; res=FAIL; \ ;; \ esac; \ else \ skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ + col=$$blu; res=SKIP; \ fi; \ + echo "$${col}$$res$${std}: $$tst"; \ done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ if test "$$failed" -eq 0; then \ if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ + banner="$$All$$all $$tests passed"; \ else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ fi; \ else \ if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ + banner="$$failed of $$all $$tests failed"; \ else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ fi; \ fi; \ dashes="$$banner"; \ skipped=""; \ if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ dashes="$$skipped"; \ fi; \ @@ -578,11 +714,15 @@ check-TESTS: $(TESTS) dashes="$$report"; \ fi; \ dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ + if test "$$failed" -eq 0; then \ + echo "$$grn$$dashes"; \ + else \ + echo "$$red$$dashes"; \ + fi; \ echo "$$banner"; \ test -z "$$skipped" || echo "$$skipped"; \ test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ + echo "$$dashes$$std"; \ test "$$failed" -eq 0; \ else :; fi @@ -602,13 +742,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -621,7 +765,7 @@ check-am: all-am check: check-am all-am: Makefile $(LTLIBRARIES) $(HEADERS) all-local installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)"; do \ + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am @@ -641,9 +785,11 @@ install-strip: mostlyclean-generic: clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -654,6 +800,7 @@ clean-am: clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -664,33 +811,45 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: -install-data-am: install-includeHEADERS +install-data-am: install-dist_includeHEADERS \ + install-nodist_includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -707,12 +866,12 @@ ps: ps-am ps-am: -uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES +uninstall-am: uninstall-dist_includeHEADERS uninstall-libLTLIBRARIES \ + uninstall-nodist_includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ check-local clean clean-checkPROGRAMS clean-generic \ @@ -720,16 +879,18 @@ uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES distclean-compile distclean-generic distclean-libtool \ distclean-tags distdir dvi dvi-am html html-am info info-am \ install install-am install-data install-data-am \ - install-data-hook install-dvi install-dvi-am install-exec \ - install-exec-am install-exec-hook install-html install-html-am \ - install-includeHEADERS install-info install-info-am \ - install-libLTLIBRARIES install-man install-pdf install-pdf-am \ + install-data-hook install-dist_includeHEADERS install-dvi \ + install-dvi-am install-exec install-exec-am install-exec-hook \ + install-html install-html-am install-info install-info-am \ + install-libLTLIBRARIES install-man \ + install-nodist_includeHEADERS install-pdf install-pdf-am \ install-ps install-ps-am install-strip installcheck \ installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-hook \ - uninstall-includeHEADERS uninstall-libLTLIBRARIES + tags uninstall uninstall-am uninstall-dist_includeHEADERS \ + uninstall-hook uninstall-libLTLIBRARIES \ + uninstall-nodist_includeHEADERS install-suid-programs: @@ -800,6 +961,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -885,7 +1049,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -901,9 +1065,12 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) $(libheimntlm_la_OBJECTS): $(srcdir)/version-script.map $(srcdir)/heimntlm-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o heimntlm-protos.h $(libheimntlm_la_SOURCES) || rm -f heimntlm-protos.h + cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o heimntlm-protos.h $(dist_libheimntlm_la_SOURCES) || rm -f heimntlm-protos.h + +$(libheimntlm_la_OBJECTS): $(srcdir)/heimntlm-protos.h ntlm_err.h + +ntlm_err.h: ntlm_err.et -$(libheimntlm_la_OBJECTS): $(srcdir)/heimntlm-protos.h # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/ntlm/NTMakefile b/lib/ntlm/NTMakefile new file mode 100644 index 000000000000..40ed64449572 --- /dev/null +++ b/lib/ntlm/NTMakefile @@ -0,0 +1,90 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\ntlm + +!include ../../windows/NTMakefile.w32 + +INCFILES= \ + $(INCDIR)\heimntlm.h \ + $(INCDIR)\heimntlm-protos.h \ + $(INCDIR)\ntlm_err.h + +libheimntlm_la_SOURCES = ntlm.c heimntlm.h + +$(OBJ)\heimntlm-protos.h: $(libheimntlm_la_SOURCES) + $(PERL) ../../cf/make-proto.pl -q -P remove -o $(OBJ)\heimntlm-protos.h $(libheimntlm_la_SOURCES) + +$(OBJ)\ntlm_err.c $(OBJ)\ntlm_err.h: ntlm_err.et + cd $(OBJ) + $(BINDIR)\compile_et.exe $(SRCDIR)\ntlm_err.et + cd $(SRCDIR) + +!ifndef STATICLIBS + +RES=$(OBJ)\libheimntlm-version.res + +$(LIBHEIMNTLM): $(BINDIR)\heimntlm.dll + +$(BINDIR)\heimntlm.dll: $(OBJ)\ntlm.obj $(OBJ)\ntlm_err.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBCOMERR) $(RES) + $(DLLGUILINK) -def:libheimntlm-exports.def -implib:$(LIBHEIMNTLM) + $(DLLPREP_NODIST) + +clean:: + -$(RM) $(BINDIR)\heimntlm.* + +!else + +$(LIBHEIMNTLM): $(OBJ)\ntlm.obj $(OBJ)\ntlm_err.obj + $(LIBCON) + +!endif + +all:: $(INCFILES) $(LIBHEIMNTLM) + + +test-binaries: $(OBJ)\test_ntlm.exe + +test-run: + cd $(OBJ) + test_ntlm.exe + cd $(SRCDIR) + +$(OBJ)\test_ntlm.exe: $(OBJ)\test_ntlm.obj $(LIBHEIMNTLM) $(LIBHEIMDAL) $(LIBVERS) $(LIBROKEN) + $(EXECONLINK) + $(EXEPREP_NODIST) + +test:: test-binaries test-run + +test-exports: + $(PERL) ..\..\cf\w32-check-exported-symbols.pl --vs version-script.map --def libheimntlm-exports.def + +test:: test-exports diff --git a/lib/ntlm/heimntlm-protos.h b/lib/ntlm/heimntlm-protos.h index bc64791b4396..5f56536ffc3b 100644 --- a/lib/ntlm/heimntlm-protos.h +++ b/lib/ntlm/heimntlm-protos.h @@ -15,11 +15,29 @@ heim_ntlm_build_ntlm1_master ( struct ntlm_buf */*session*/, struct ntlm_buf */*master*/); +int +heim_ntlm_build_ntlm2_master ( + void */*key*/, + size_t /*len*/, + struct ntlm_buf */*blob*/, + struct ntlm_buf */*session*/, + struct ntlm_buf */*master*/); + +int +heim_ntlm_calculate_lm2 ( + const void */*key*/, + size_t /*len*/, + const char */*username*/, + const char */*target*/, + const unsigned char serverchallenge[8], + unsigned char ntlmv2[16], + struct ntlm_buf */*answer*/); + int heim_ntlm_calculate_ntlm1 ( void */*key*/, size_t /*len*/, - unsigned char challange[8], + unsigned char challenge[8], struct ntlm_buf */*answer*/); int @@ -28,7 +46,7 @@ heim_ntlm_calculate_ntlm2 ( size_t /*len*/, const char */*username*/, const char */*target*/, - const unsigned char serverchallange[8], + const unsigned char serverchallenge[8], const struct ntlm_buf */*infotarget*/, unsigned char ntlmv2[16], struct ntlm_buf */*answer*/); @@ -41,6 +59,12 @@ heim_ntlm_calculate_ntlm2_sess ( struct ntlm_buf */*lm*/, struct ntlm_buf */*ntlm*/); +int +heim_ntlm_calculate_ntlm2_sess_hash ( + const unsigned char clnt_nonce[8], + const unsigned char svr_chal[8], + unsigned char verifier[8]); + int heim_ntlm_decode_targetinfo ( const struct ntlm_buf */*data*/, @@ -63,6 +87,14 @@ heim_ntlm_decode_type3 ( int /*ucs2*/, struct ntlm_type3 */*type3*/); +void +heim_ntlm_derive_ntlm2_sess ( + const unsigned char sessionkey[16], + const unsigned char */*clnt_nonce*/, + size_t /*clnt_nonce_length*/, + const unsigned char svr_chal[8], + unsigned char derivedkey[16]); + int heim_ntlm_encode_targetinfo ( const struct ntlm_targetinfo */*ti*/, @@ -99,12 +131,24 @@ heim_ntlm_free_type2 (struct ntlm_type2 */*data*/); void heim_ntlm_free_type3 (struct ntlm_type3 */*data*/); +int +heim_ntlm_keyex_unwrap ( + struct ntlm_buf */*baseKey*/, + struct ntlm_buf */*encryptedSession*/, + struct ntlm_buf */*session*/); + +int +heim_ntlm_keyex_wrap ( + struct ntlm_buf */*base_session*/, + struct ntlm_buf */*session*/, + struct ntlm_buf */*encryptedSession*/); + int heim_ntlm_nt_key ( const char */*password*/, struct ntlm_buf */*key*/); -void +int heim_ntlm_ntlmv2_key ( const void */*key*/, size_t /*len*/, @@ -112,6 +156,25 @@ heim_ntlm_ntlmv2_key ( const char */*target*/, unsigned char ntlmv2[16]); +size_t +heim_ntlm_unparse_flags ( + uint32_t /*flags*/, + char */*s*/, + size_t /*len*/); + +int +heim_ntlm_v1_base_session ( + void */*key*/, + size_t /*len*/, + struct ntlm_buf */*session*/); + +int +heim_ntlm_v2_base_session ( + void */*key*/, + size_t /*len*/, + struct ntlm_buf */*ntlmResponse*/, + struct ntlm_buf */*session*/); + int heim_ntlm_verify_ntlm2 ( const void */*key*/, @@ -119,7 +182,7 @@ heim_ntlm_verify_ntlm2 ( const char */*username*/, const char */*target*/, time_t /*now*/, - const unsigned char serverchallange[8], + const unsigned char serverchallenge[8], const struct ntlm_buf */*answer*/, struct ntlm_buf */*infotarget*/, unsigned char ntlmv2[16]); diff --git a/lib/ntlm/heimntlm.h b/lib/ntlm/heimntlm.h index 09d2205fd213..22e2142df88f 100644 --- a/lib/ntlm/heimntlm.h +++ b/lib/ntlm/heimntlm.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: heimntlm.h 22376 2007-12-28 18:38:23Z lha $ */ +/* $Id$ */ #ifndef HEIM_NTLM_H #define HEIM_NTLM_H @@ -46,32 +46,64 @@ struct ntlm_buf { }; #define NTLM_NEG_UNICODE 0x00000001 +#define NTLM_NEG_OEM 0x00000002 #define NTLM_NEG_TARGET 0x00000004 +#define NTLM_MBZ9 0x00000008 + #define NTLM_NEG_SIGN 0x00000010 #define NTLM_NEG_SEAL 0x00000020 +#define NTLM_NEG_DATAGRAM 0x00000040 +#define NTLM_NEG_LM_KEY 0x00000080 #define NTLM_NEG_NTLM 0x00000200 +#define NTLM_NEG_ANONYMOUS 0x00000800 -#define NTLM_SUPPLIED_DOMAIN 0x00001000 -#define NTLM_SUPPLIED_WORKSTAION 0x00002000 +#define NTLM_MBZ8 0x00000100 +#define NTLM_NEG_NTLM 0x00000200 +#define NTLM_NEG_NT_ONLY 0x00000400 +#define NTLM_MBZ7 0x00000800 /* anon ? */ +#define NTLM_OEM_SUPPLIED_DOMAIN 0x00001000 +#define NTLM_OEM_SUPPLIED_WORKSTATION 0x00002000 +#define NTLM_MBZ6 0x00004000 /* local call ? */ #define NTLM_NEG_ALWAYS_SIGN 0x00008000 -#define NTLM_NEG_NTLM2_SESSION 0x00080000 #define NTLM_TARGET_DOMAIN 0x00010000 #define NTLM_TARGET_SERVER 0x00020000 + +#define NTLM_TARGET_SHARE 0x00040000 +#define NTLM_NEG_NTLM2_SESSION 0x00080000 +#define NTLM_NEG_NTLM2 0x00080000 + +#define NTLM_NEG_IDENTIFY 0x00100000 +#define NTLM_MBZ5 0x00200000 +#define NTLM_NON_NT_SESSION_KEY 0x00400000 +#define NTLM_NEG_TARGET_INFO 0x00800000 + +#define NTLM_MBZ4 0x01000000 +#define NTLM_NEG_VERSION 0x02000000 +#define NTLM_MBZ3 0x04000000 +#define NTLM_MBZ2 0x08000000 + +#define NTLM_MBZ1 0x10000000 #define NTLM_ENC_128 0x20000000 #define NTLM_NEG_KEYEX 0x40000000 +#define NTLM_ENC_56 0x80000000 /** * Struct for the NTLM target info, the strings is assumed to be in * UTF8. When filled in by the library it should be freed with * heim_ntlm_free_targetinfo(). */ + +#define NTLM_TI_AV_FLAG_GUEST 0x00000001 + struct ntlm_targetinfo { char *servername; /**< */ char *domainname; /**< */ char *dnsdomainname; /**< */ char *dnsservername; /**< */ + char *dnstreename; /**< */ + uint32_t avflags; /**< */ }; /** @@ -97,7 +129,7 @@ struct ntlm_type2 { uint32_t flags; /**< */ char *targetname; /**< */ struct ntlm_buf targetinfo; /**< */ - unsigned char challange[8]; /**< */ + unsigned char challenge[8]; /**< */ uint32_t context[2]; /**< */ uint32_t os[2]; /**< */ }; @@ -119,6 +151,7 @@ struct ntlm_type3 { uint32_t os[2]; /**< */ }; +#include #include #endif /* NTLM_NTLM_H */ diff --git a/lib/ntlm/libheimntlm-exports.def b/lib/ntlm/libheimntlm-exports.def new file mode 100644 index 000000000000..33ac09e70b32 --- /dev/null +++ b/lib/ntlm/libheimntlm-exports.def @@ -0,0 +1,24 @@ +EXPORTS + heim_ntlm_build_ntlm1_master + heim_ntlm_calculate_lm2 + heim_ntlm_calculate_ntlm1 + heim_ntlm_calculate_ntlm2 + heim_ntlm_calculate_ntlm2_sess + heim_ntlm_decode_targetinfo + heim_ntlm_decode_type1 + heim_ntlm_decode_type2 + heim_ntlm_decode_type3 + heim_ntlm_encode_targetinfo + heim_ntlm_encode_type1 + heim_ntlm_encode_type2 + heim_ntlm_encode_type3 + heim_ntlm_free_buf + heim_ntlm_free_targetinfo + heim_ntlm_free_type1 + heim_ntlm_free_type2 + heim_ntlm_free_type3 + heim_ntlm_nt_key + heim_ntlm_ntlmv2_key + heim_ntlm_verify_ntlm2 + heim_ntlm_unparse_flags + initialize_ntlm_error_table_r diff --git a/lib/ntlm/libheimntlm-version.rc b/lib/ntlm/libheimntlm-version.rc new file mode 100644 index 000000000000..2055c9d67166 --- /dev/null +++ b/lib/ntlm/libheimntlm-version.rc @@ -0,0 +1,36 @@ +/*********************************************************************** + * Copyright (c) 2010, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +#define RC_FILE_TYPE VFT_DLL +#define RC_FILE_DESC_0409 "Heimdal NTLM Support Library" +#define RC_FILE_ORIG_0409 "libheimntlm.dll" + +#include "../../windows/version.rc" diff --git a/lib/ntlm/ntlm.c b/lib/ntlm/ntlm.c index f3dccfaca165..7aafc8c0aa7a 100644 --- a/lib/ntlm/ntlm.c +++ b/lib/ntlm/ntlm.c @@ -1,40 +1,40 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Portions Copyright (c) 2010 Apple Inc. All rights reserved. * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include -RCSID("$Id: ntlm.c 22370 2007-12-28 16:12:01Z lha $"); - #include #include #include @@ -43,8 +43,11 @@ RCSID("$Id: ntlm.c 22370 2007-12-28 16:12:01Z lha $"); #include #include -#include #include +#include +#include + +#define HC_DEPRECATED_CRYPTO #include "krb5-types.h" #include "crypto-headers.h" @@ -59,7 +62,7 @@ RCSID("$Id: ntlm.c 22370 2007-12-28 16:12:01Z lha $"); * protocol, both version 1 and 2. The GSS-API mech that uses this * library adds support for transport encryption and integrity * checking. - * + * * NTLM is a protocol for mutual authentication, its still used in * many protocol where Kerberos is not support, one example is * EAP/X802.1x mechanism LEAP from Microsoft and Cisco. @@ -68,16 +71,25 @@ RCSID("$Id: ntlm.c 22370 2007-12-28 16:12:01Z lha $"); * Heimdal to implement and GSS-API mechanism. There is also support * in the KDC to do remote digest authenticiation, this to allow * services to authenticate users w/o direct access to the users ntlm - * hashes (same as Kerberos arcfour enctype hashes). + * hashes (same as Kerberos arcfour enctype keys). * * More information about the NTLM protocol can found here * http://davenport.sourceforge.net/ntlm.html . - * + * * The Heimdal projects web page: http://www.h5l.org/ + * + * @section ntlm_example NTLM Example + * + * Example to to use @ref test_ntlm.c . + * + * @example test_ntlm.c + * + * Example how to use the NTLM primitives. + * */ -/** @defgroup ntlm_core Heimdal NTLM library - * +/** @defgroup ntlm_core Heimdal NTLM library + * * The NTLM core functions implement the string2key generation * function, message encode and decode function, and the hash function * functions. @@ -96,7 +108,58 @@ static const unsigned char ntlmsigature[8] = "NTLMSSP\x00"; */ #define CHECK(f, e) \ - do { ret = f ; if (ret != (e)) { ret = EINVAL; goto out; } } while(0) + do { \ + ret = f; \ + if (ret != (ssize_t)(e)) { \ + ret = HNTLM_ERR_DECODE; \ + goto out; \ + } \ + } while(/*CONSTCOND*/0) + +static struct units ntlm_flag_units[] = { +#define ntlm_flag(x) { #x, NTLM_##x } + ntlm_flag(ENC_56), + ntlm_flag(NEG_KEYEX), + ntlm_flag(ENC_128), + ntlm_flag(MBZ1), + ntlm_flag(MBZ2), + ntlm_flag(MBZ3), + ntlm_flag(NEG_VERSION), + ntlm_flag(MBZ4), + ntlm_flag(NEG_TARGET_INFO), + ntlm_flag(NON_NT_SESSION_KEY), + ntlm_flag(MBZ5), + ntlm_flag(NEG_IDENTIFY), + ntlm_flag(NEG_NTLM2), + ntlm_flag(TARGET_SHARE), + ntlm_flag(TARGET_SERVER), + ntlm_flag(TARGET_DOMAIN), + ntlm_flag(NEG_ALWAYS_SIGN), + ntlm_flag(MBZ6), + ntlm_flag(OEM_SUPPLIED_WORKSTATION), + ntlm_flag(OEM_SUPPLIED_DOMAIN), + ntlm_flag(NEG_ANONYMOUS), + ntlm_flag(NEG_NT_ONLY), + ntlm_flag(NEG_NTLM), + ntlm_flag(MBZ8), + ntlm_flag(NEG_LM_KEY), + ntlm_flag(NEG_DATAGRAM), + ntlm_flag(NEG_SEAL), + ntlm_flag(NEG_SIGN), + ntlm_flag(MBZ9), + ntlm_flag(NEG_TARGET), + ntlm_flag(NEG_OEM), + ntlm_flag(NEG_UNICODE), +#undef ntlm_flag + {NULL, 0} +}; + +size_t +heim_ntlm_unparse_flags(uint32_t flags, char *s, size_t len) +{ + return unparse_flags(flags, ntlm_flag_units, s, len); +} + /** * heim_ntlm_free_buf frees the ntlm buffer @@ -114,7 +177,7 @@ heim_ntlm_free_buf(struct ntlm_buf *p) p->data = NULL; p->length = 0; } - + static int ascii2ucs2le(const char *string, int up, struct ntlm_buf *buf) @@ -188,19 +251,25 @@ len_string(int ucs2, const char *s) return len; } +/* + * + */ + static krb5_error_code -ret_string(krb5_storage *sp, int ucs2, struct sec_buffer *desc, char **s) +ret_string(krb5_storage *sp, int ucs2, size_t len, char **s) { krb5_error_code ret; - *s = malloc(desc->length + 1); - CHECK(krb5_storage_seek(sp, desc->offset, SEEK_SET), desc->offset); - CHECK(krb5_storage_read(sp, *s, desc->length), desc->length); - (*s)[desc->length] = '\0'; + *s = malloc(len + 1); + if (*s == NULL) + return ENOMEM; + CHECK(krb5_storage_read(sp, *s, len), len); + + (*s)[len] = '\0'; if (ucs2) { size_t i; - for (i = 0; i < desc->length / 2; i++) { + for (i = 0; i < len / 2; i++) { (*s)[i] = (*s)[i * 2]; if ((*s)[i * 2 + 1]) { free(*s); @@ -211,10 +280,20 @@ ret_string(krb5_storage *sp, int ucs2, struct sec_buffer *desc, char **s) (*s)[i] = '\0'; } ret = 0; -out: + out: return ret; +} - return 0; + + +static krb5_error_code +ret_sec_string(krb5_storage *sp, int ucs2, struct sec_buffer *desc, char **s) +{ + krb5_error_code ret = 0; + CHECK(krb5_storage_seek(sp, desc->offset, SEEK_SET), desc->offset); + CHECK(ret_string(sp, ucs2, desc->length, s), 0); + out: + return ret; } static krb5_error_code @@ -283,11 +362,12 @@ heim_ntlm_free_targetinfo(struct ntlm_targetinfo *ti) free(ti->domainname); free(ti->dnsdomainname); free(ti->dnsservername); + free(ti->dnstreename); memset(ti, 0, sizeof(*ti)); } static int -encode_ti_blob(krb5_storage *out, uint16_t type, int ucs2, char *s) +encode_ti_string(krb5_storage *out, uint16_t type, int ucs2, char *s) { krb5_error_code ret; CHECK(krb5_store_uint16(out, type), 0); @@ -301,7 +381,7 @@ encode_ti_blob(krb5_storage *out, uint16_t type, int ucs2, char *s) * Encodes a ntlm_targetinfo message. * * @param ti the ntlm_targetinfo message to encode. - * @param ucs2 if the strings should be encoded with ucs2 (selected by flag in message). + * @param ucs2 ignored * @param data is the return buffer with the encoded message, should be * freed with heim_ntlm_free_buf(). * @@ -313,7 +393,7 @@ encode_ti_blob(krb5_storage *out, uint16_t type, int ucs2, char *s) int heim_ntlm_encode_targetinfo(const struct ntlm_targetinfo *ti, - int ucs2, + int ucs2, struct ntlm_buf *data) { krb5_error_code ret; @@ -326,14 +406,23 @@ heim_ntlm_encode_targetinfo(const struct ntlm_targetinfo *ti, if (out == NULL) return ENOMEM; + krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE); + if (ti->servername) - CHECK(encode_ti_blob(out, 1, ucs2, ti->servername), 0); + CHECK(encode_ti_string(out, 1, ucs2, ti->servername), 0); if (ti->domainname) - CHECK(encode_ti_blob(out, 2, ucs2, ti->domainname), 0); + CHECK(encode_ti_string(out, 2, ucs2, ti->domainname), 0); if (ti->dnsservername) - CHECK(encode_ti_blob(out, 3, ucs2, ti->dnsservername), 0); + CHECK(encode_ti_string(out, 3, ucs2, ti->dnsservername), 0); if (ti->dnsdomainname) - CHECK(encode_ti_blob(out, 4, ucs2, ti->dnsdomainname), 0); + CHECK(encode_ti_string(out, 4, ucs2, ti->dnsdomainname), 0); + if (ti->dnstreename) + CHECK(encode_ti_string(out, 5, ucs2, ti->dnstreename), 0); + if (ti->avflags) { + CHECK(krb5_store_uint16(out, 6), 0); + CHECK(krb5_store_uint16(out, 4), 0); + CHECK(krb5_store_uint32(out, ti->avflags), 0); + } /* end tag */ CHECK(krb5_store_int16(out, 0), 0); @@ -368,8 +457,55 @@ heim_ntlm_decode_targetinfo(const struct ntlm_buf *data, int ucs2, struct ntlm_targetinfo *ti) { + uint16_t type, len; + krb5_storage *in; + int ret = 0, done = 0; + memset(ti, 0, sizeof(*ti)); - return 0; + + if (data->length == 0) + return 0; + + in = krb5_storage_from_readonly_mem(data->data, data->length); + if (in == NULL) + return ENOMEM; + krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE); + + while (!done) { + CHECK(krb5_ret_uint16(in, &type), 0); + CHECK(krb5_ret_uint16(in, &len), 0); + + switch (type) { + case 0: + done = 1; + break; + case 1: + CHECK(ret_string(in, ucs2, len, &ti->servername), 0); + break; + case 2: + CHECK(ret_string(in, ucs2, len, &ti->domainname), 0); + break; + case 3: + CHECK(ret_string(in, ucs2, len, &ti->dnsservername), 0); + break; + case 4: + CHECK(ret_string(in, ucs2, len, &ti->dnsdomainname), 0); + break; + case 5: + CHECK(ret_string(in, ucs2, len, &ti->dnstreename), 0); + break; + case 6: + CHECK(krb5_ret_uint32(in, &ti->avflags), 0); + break; + default: + krb5_storage_seek(in, len, SEEK_CUR); + break; + } + } + out: + if (in) + krb5_storage_free(in); + return ret; } /** @@ -398,12 +534,12 @@ heim_ntlm_decode_type1(const struct ntlm_buf *buf, struct ntlm_type1 *data) uint32_t type; struct sec_buffer domain, hostname; krb5_storage *in; - + memset(data, 0, sizeof(*data)); in = krb5_storage_from_readonly_mem(buf->data, buf->length); if (in == NULL) { - ret = EINVAL; + ret = ENOMEM; goto out; } krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE); @@ -413,9 +549,9 @@ heim_ntlm_decode_type1(const struct ntlm_buf *buf, struct ntlm_type1 *data) CHECK(krb5_ret_uint32(in, &type), 0); CHECK(type, 1); CHECK(krb5_ret_uint32(in, &data->flags), 0); - if (data->flags & NTLM_SUPPLIED_DOMAIN) + if (data->flags & NTLM_OEM_SUPPLIED_DOMAIN) CHECK(ret_sec_buffer(in, &domain), 0); - if (data->flags & NTLM_SUPPLIED_WORKSTAION) + if (data->flags & NTLM_OEM_SUPPLIED_WORKSTATION) CHECK(ret_sec_buffer(in, &hostname), 0); #if 0 if (domain.offset > 32) { @@ -423,13 +559,14 @@ heim_ntlm_decode_type1(const struct ntlm_buf *buf, struct ntlm_type1 *data) CHECK(krb5_ret_uint32(in, &data->os[1]), 0); } #endif - if (data->flags & NTLM_SUPPLIED_DOMAIN) - CHECK(ret_string(in, 0, &domain, &data->domain), 0); - if (data->flags & NTLM_SUPPLIED_WORKSTAION) - CHECK(ret_string(in, 0, &hostname, &data->hostname), 0); + if (data->flags & NTLM_OEM_SUPPLIED_DOMAIN) + CHECK(ret_sec_string(in, 0, &domain, &data->domain), 0); + if (data->flags & NTLM_OEM_SUPPLIED_WORKSTATION) + CHECK(ret_sec_string(in, 0, &hostname, &data->hostname), 0); out: - krb5_storage_free(in); + if (in) + krb5_storage_free(in); if (ret) heim_ntlm_free_type1(data); @@ -456,30 +593,37 @@ heim_ntlm_encode_type1(const struct ntlm_type1 *type1, struct ntlm_buf *data) struct sec_buffer domain, hostname; krb5_storage *out; uint32_t base, flags; - + flags = type1->flags; base = 16; if (type1->domain) { base += 8; - flags |= NTLM_SUPPLIED_DOMAIN; + flags |= NTLM_OEM_SUPPLIED_DOMAIN; } if (type1->hostname) { base += 8; - flags |= NTLM_SUPPLIED_WORKSTAION; + flags |= NTLM_OEM_SUPPLIED_WORKSTATION; } if (type1->os[0]) base += 8; + domain.offset = base; if (type1->domain) { - domain.offset = base; domain.length = len_string(0, type1->domain); domain.allocated = domain.length; + } else { + domain.length = 0; + domain.allocated = 0; } + + hostname.offset = domain.allocated + domain.offset; if (type1->hostname) { - hostname.offset = domain.allocated + domain.offset; hostname.length = len_string(0, type1->hostname); hostname.allocated = hostname.length; + } else { + hostname.length = 0; + hostname.allocated = 0; } out = krb5_storage_emem(); @@ -487,19 +631,17 @@ heim_ntlm_encode_type1(const struct ntlm_type1 *type1, struct ntlm_buf *data) return ENOMEM; krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE); - CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)), + CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)), sizeof(ntlmsigature)); CHECK(krb5_store_uint32(out, 1), 0); CHECK(krb5_store_uint32(out, flags), 0); - - if (type1->domain) - CHECK(store_sec_buffer(out, &domain), 0); - if (type1->hostname) - CHECK(store_sec_buffer(out, &hostname), 0); - if (type1->os[0]) { + + CHECK(store_sec_buffer(out, &domain), 0); + CHECK(store_sec_buffer(out, &hostname), 0); +#if 0 CHECK(krb5_store_uint32(out, type1->os[0]), 0); CHECK(krb5_store_uint32(out, type1->os[1]), 0); - } +#endif if (type1->domain) CHECK(put_string(out, 0, type1->domain), 0); if (type1->hostname) @@ -543,12 +685,12 @@ heim_ntlm_decode_type2(const struct ntlm_buf *buf, struct ntlm_type2 *type2) struct sec_buffer targetname, targetinfo; krb5_storage *in; int ucs2 = 0; - + memset(type2, 0, sizeof(*type2)); in = krb5_storage_from_readonly_mem(buf->data, buf->length); if (in == NULL) { - ret = EINVAL; + ret = ENOMEM; goto out; } krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE); @@ -562,23 +704,24 @@ heim_ntlm_decode_type2(const struct ntlm_buf *buf, struct ntlm_type2 *type2) CHECK(krb5_ret_uint32(in, &type2->flags), 0); if (type2->flags & NTLM_NEG_UNICODE) ucs2 = 1; - CHECK(krb5_storage_read(in, type2->challange, sizeof(type2->challange)), - sizeof(type2->challange)); + CHECK(krb5_storage_read(in, type2->challenge, sizeof(type2->challenge)), + sizeof(type2->challenge)); CHECK(krb5_ret_uint32(in, &ctx[0]), 0); /* context */ CHECK(krb5_ret_uint32(in, &ctx[1]), 0); CHECK(ret_sec_buffer(in, &targetinfo), 0); /* os version */ -#if 0 - CHECK(krb5_ret_uint32(in, &type2->os[0]), 0); - CHECK(krb5_ret_uint32(in, &type2->os[1]), 0); -#endif + if (type2->flags & NTLM_NEG_VERSION) { + CHECK(krb5_ret_uint32(in, &type2->os[0]), 0); + CHECK(krb5_ret_uint32(in, &type2->os[1]), 0); + } - CHECK(ret_string(in, ucs2, &targetname, &type2->targetname), 0); + CHECK(ret_sec_string(in, ucs2, &targetname, &type2->targetname), 0); CHECK(ret_buf(in, &targetinfo, &type2->targetinfo), 0); ret = 0; out: - krb5_storage_free(in); + if (in) + krb5_storage_free(in); if (ret) heim_ntlm_free_type2(type2); @@ -607,10 +750,10 @@ heim_ntlm_encode_type2(const struct ntlm_type2 *type2, struct ntlm_buf *data) uint32_t base; int ucs2 = 0; - if (type2->os[0]) - base = 56; - else - base = 48; + base = 48; + + if (type2->flags & NTLM_NEG_VERSION) + base += 8; if (type2->flags & NTLM_NEG_UNICODE) ucs2 = 1; @@ -628,26 +771,26 @@ heim_ntlm_encode_type2(const struct ntlm_type2 *type2, struct ntlm_buf *data) return ENOMEM; krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE); - CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)), + CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)), sizeof(ntlmsigature)); CHECK(krb5_store_uint32(out, 2), 0); CHECK(store_sec_buffer(out, &targetname), 0); CHECK(krb5_store_uint32(out, type2->flags), 0); - CHECK(krb5_storage_write(out, type2->challange, sizeof(type2->challange)), - sizeof(type2->challange)); + CHECK(krb5_storage_write(out, type2->challenge, sizeof(type2->challenge)), + sizeof(type2->challenge)); CHECK(krb5_store_uint32(out, 0), 0); /* context */ CHECK(krb5_store_uint32(out, 0), 0); CHECK(store_sec_buffer(out, &targetinfo), 0); /* os version */ - if (type2->os[0]) { + if (type2->flags & NTLM_NEG_VERSION) { CHECK(krb5_store_uint32(out, type2->os[0]), 0); CHECK(krb5_store_uint32(out, type2->os[1]), 0); } CHECK(put_string(out, ucs2, type2->targetname), 0); - CHECK(krb5_storage_write(out, type2->targetinfo.data, + CHECK(krb5_storage_write(out, type2->targetinfo.data, type2->targetinfo.length), type2->targetinfo.length); - + { krb5_data d; ret = krb5_storage_to_data(out, &d); @@ -698,13 +841,14 @@ heim_ntlm_decode_type3(const struct ntlm_buf *buf, uint32_t type; krb5_storage *in; struct sec_buffer lm, ntlm, target, username, sessionkey, ws; + uint32_t min_offset = 72; memset(type3, 0, sizeof(*type3)); memset(&sessionkey, 0, sizeof(sessionkey)); in = krb5_storage_from_readonly_mem(buf->data, buf->length); if (in == NULL) { - ret = EINVAL; + ret = ENOMEM; goto out; } krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE); @@ -714,30 +858,41 @@ heim_ntlm_decode_type3(const struct ntlm_buf *buf, CHECK(krb5_ret_uint32(in, &type), 0); CHECK(type, 3); CHECK(ret_sec_buffer(in, &lm), 0); + if (lm.allocated) + min_offset = min(min_offset, lm.offset); CHECK(ret_sec_buffer(in, &ntlm), 0); + if (ntlm.allocated) + min_offset = min(min_offset, ntlm.offset); CHECK(ret_sec_buffer(in, &target), 0); + if (target.allocated) + min_offset = min(min_offset, target.offset); CHECK(ret_sec_buffer(in, &username), 0); + if (username.allocated) + min_offset = min(min_offset, username.offset); CHECK(ret_sec_buffer(in, &ws), 0); - if (lm.offset >= 60) { + if (ws.allocated) + min_offset = min(min_offset, ws.offset); + + if (min_offset > 52) { CHECK(ret_sec_buffer(in, &sessionkey), 0); - } - if (lm.offset >= 64) { + min_offset = max(min_offset, sessionkey.offset); CHECK(krb5_ret_uint32(in, &type3->flags), 0); } - if (lm.offset >= 72) { + if (min_offset > 52 + 8 + 4 + 8) { CHECK(krb5_ret_uint32(in, &type3->os[0]), 0); CHECK(krb5_ret_uint32(in, &type3->os[1]), 0); } CHECK(ret_buf(in, &lm, &type3->lm), 0); CHECK(ret_buf(in, &ntlm, &type3->ntlm), 0); - CHECK(ret_string(in, ucs2, &target, &type3->targetname), 0); - CHECK(ret_string(in, ucs2, &username, &type3->username), 0); - CHECK(ret_string(in, ucs2, &ws, &type3->ws), 0); + CHECK(ret_sec_string(in, ucs2, &target, &type3->targetname), 0); + CHECK(ret_sec_string(in, ucs2, &username, &type3->username), 0); + CHECK(ret_sec_string(in, ucs2, &ws, &type3->ws), 0); if (sessionkey.offset) CHECK(ret_buf(in, &sessionkey, &type3->sessionkey), 0); out: - krb5_storage_free(in); + if (in) + krb5_storage_free(in); if (ret) heim_ntlm_free_type3(type3); @@ -774,10 +929,10 @@ heim_ntlm_encode_type3(const struct ntlm_type3 *type3, struct ntlm_buf *data) memset(&sessionkey, 0, sizeof(sessionkey)); base = 52; - if (type3->sessionkey.length) { - base += 8; /* sessionkey sec buf */ - base += 4; /* flags */ - } + + base += 8; /* sessionkey sec buf */ + base += 4; /* flags */ + if (type3->os[0]) { base += 8; } @@ -785,15 +940,7 @@ heim_ntlm_encode_type3(const struct ntlm_type3 *type3, struct ntlm_buf *data) if (type3->flags & NTLM_NEG_UNICODE) ucs2 = 1; - lm.offset = base; - lm.length = type3->lm.length; - lm.allocated = type3->lm.length; - - ntlm.offset = lm.offset + lm.allocated; - ntlm.length = type3->ntlm.length; - ntlm.allocated = ntlm.length; - - target.offset = ntlm.offset + ntlm.allocated; + target.offset = base; target.length = len_string(ucs2, type3->targetname); target.allocated = target.length; @@ -805,7 +952,15 @@ heim_ntlm_encode_type3(const struct ntlm_type3 *type3, struct ntlm_buf *data) ws.length = len_string(ucs2, type3->ws); ws.allocated = ws.length; - sessionkey.offset = ws.offset + ws.allocated; + lm.offset = ws.offset + ws.allocated; + lm.length = type3->lm.length; + lm.allocated = type3->lm.length; + + ntlm.offset = lm.offset + lm.allocated; + ntlm.length = type3->ntlm.length; + ntlm.allocated = ntlm.length; + + sessionkey.offset = ntlm.offset + ntlm.allocated; sessionkey.length = type3->sessionkey.length; sessionkey.allocated = type3->sessionkey.length; @@ -814,7 +969,7 @@ heim_ntlm_encode_type3(const struct ntlm_type3 *type3, struct ntlm_buf *data) return ENOMEM; krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE); - CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)), + CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)), sizeof(ntlmsigature)); CHECK(krb5_store_uint32(out, 3), 0); @@ -823,23 +978,21 @@ heim_ntlm_encode_type3(const struct ntlm_type3 *type3, struct ntlm_buf *data) CHECK(store_sec_buffer(out, &target), 0); CHECK(store_sec_buffer(out, &username), 0); CHECK(store_sec_buffer(out, &ws), 0); - /* optional */ - if (type3->sessionkey.length) { - CHECK(store_sec_buffer(out, &sessionkey), 0); - CHECK(krb5_store_uint32(out, type3->flags), 0); - } + CHECK(store_sec_buffer(out, &sessionkey), 0); + CHECK(krb5_store_uint32(out, type3->flags), 0); + #if 0 CHECK(krb5_store_uint32(out, 0), 0); /* os0 */ CHECK(krb5_store_uint32(out, 0), 0); /* os1 */ #endif - CHECK(put_buf(out, &type3->lm), 0); - CHECK(put_buf(out, &type3->ntlm), 0); CHECK(put_string(out, ucs2, type3->targetname), 0); CHECK(put_string(out, ucs2, type3->username), 0); CHECK(put_string(out, ucs2, type3->ws), 0); + CHECK(put_buf(out, &type3->lm), 0); + CHECK(put_buf(out, &type3->ntlm), 0); CHECK(put_buf(out, &type3->sessionkey), 0); - + { krb5_data d; ret = krb5_storage_to_data(out, &d); @@ -859,26 +1012,27 @@ heim_ntlm_encode_type3(const struct ntlm_type3 *type3, struct ntlm_buf *data) */ static void -splitandenc(unsigned char *hash, - unsigned char *challange, +splitandenc(unsigned char *hash, + unsigned char *challenge, unsigned char *answer) { - DES_cblock key; - DES_key_schedule sched; + EVP_CIPHER_CTX ctx; + unsigned char key[8]; - ((unsigned char*)key)[0] = hash[0]; - ((unsigned char*)key)[1] = (hash[0] << 7) | (hash[1] >> 1); - ((unsigned char*)key)[2] = (hash[1] << 6) | (hash[2] >> 2); - ((unsigned char*)key)[3] = (hash[2] << 5) | (hash[3] >> 3); - ((unsigned char*)key)[4] = (hash[3] << 4) | (hash[4] >> 4); - ((unsigned char*)key)[5] = (hash[4] << 3) | (hash[5] >> 5); - ((unsigned char*)key)[6] = (hash[5] << 2) | (hash[6] >> 6); - ((unsigned char*)key)[7] = (hash[6] << 1); + key[0] = hash[0]; + key[1] = (hash[0] << 7) | (hash[1] >> 1); + key[2] = (hash[1] << 6) | (hash[2] >> 2); + key[3] = (hash[2] << 5) | (hash[3] >> 3); + key[4] = (hash[3] << 4) | (hash[4] >> 4); + key[5] = (hash[4] << 3) | (hash[5] >> 5); + key[6] = (hash[5] << 2) | (hash[6] >> 6); + key[7] = (hash[6] << 1); - DES_set_odd_parity(&key); - DES_set_key(&key, &sched); - DES_ecb_encrypt((DES_cblock *)challange, (DES_cblock *)answer, &sched, 1); - memset(&sched, 0, sizeof(sched)); + EVP_CIPHER_CTX_init(&ctx); + + EVP_CipherInit_ex(&ctx, EVP_des_cbc(), NULL, key, NULL, 1); + EVP_Cipher(&ctx, answer, challenge, 8); + EVP_CIPHER_CTX_cleanup(&ctx); memset(key, 0, sizeof(key)); } @@ -898,7 +1052,7 @@ int heim_ntlm_nt_key(const char *password, struct ntlm_buf *key) { struct ntlm_buf buf; - MD4_CTX ctx; + EVP_MD_CTX *m; int ret; key->data = malloc(MD5_DIGEST_LENGTH); @@ -911,9 +1065,19 @@ heim_ntlm_nt_key(const char *password, struct ntlm_buf *key) heim_ntlm_free_buf(key); return ret; } - MD4_Init(&ctx); - MD4_Update(&ctx, buf.data, buf.length); - MD4_Final(key->data, &ctx); + + m = EVP_MD_CTX_create(); + if (m == NULL) { + heim_ntlm_free_buf(key); + heim_ntlm_free_buf(&buf); + return ENOMEM; + } + + EVP_DigestInit_ex(m, EVP_md4(), NULL); + EVP_DigestUpdate(m, buf.data, buf.length); + EVP_DigestFinal_ex(m, key->data, NULL); + EVP_MD_CTX_destroy(m); + heim_ntlm_free_buf(&buf); return 0; } @@ -923,7 +1087,7 @@ heim_ntlm_nt_key(const char *password, struct ntlm_buf *key) * * @param key the ntlm v1 key * @param len length of key - * @param challange sent by the server + * @param challenge sent by the server * @param answer calculated answer, should be freed with heim_ntlm_free_buf(). * * @return In case of success 0 is return, an errors, a errno in what @@ -934,13 +1098,13 @@ heim_ntlm_nt_key(const char *password, struct ntlm_buf *key) int heim_ntlm_calculate_ntlm1(void *key, size_t len, - unsigned char challange[8], + unsigned char challenge[8], struct ntlm_buf *answer) { unsigned char res[21]; if (len != MD4_DIGEST_LENGTH) - return EINVAL; + return HNTLM_ERR_INVALID_LENGTH; memcpy(res, key, len); memset(&res[MD4_DIGEST_LENGTH], 0, sizeof(res) - MD4_DIGEST_LENGTH); @@ -950,13 +1114,116 @@ heim_ntlm_calculate_ntlm1(void *key, size_t len, return ENOMEM; answer->length = 24; - splitandenc(&res[0], challange, ((unsigned char *)answer->data) + 0); - splitandenc(&res[7], challange, ((unsigned char *)answer->data) + 8); - splitandenc(&res[14], challange, ((unsigned char *)answer->data) + 16); + splitandenc(&res[0], challenge, ((unsigned char *)answer->data) + 0); + splitandenc(&res[7], challenge, ((unsigned char *)answer->data) + 8); + splitandenc(&res[14], challenge, ((unsigned char *)answer->data) + 16); return 0; } +int +heim_ntlm_v1_base_session(void *key, size_t len, + struct ntlm_buf *session) +{ + EVP_MD_CTX *m; + + session->length = MD4_DIGEST_LENGTH; + session->data = malloc(session->length); + if (session->data == NULL) { + session->length = 0; + return ENOMEM; + } + + m = EVP_MD_CTX_create(); + if (m == NULL) { + heim_ntlm_free_buf(session); + return ENOMEM; + } + EVP_DigestInit_ex(m, EVP_md4(), NULL); + EVP_DigestUpdate(m, key, len); + EVP_DigestFinal_ex(m, session->data, NULL); + EVP_MD_CTX_destroy(m); + + return 0; +} + +int +heim_ntlm_v2_base_session(void *key, size_t len, + struct ntlm_buf *ntlmResponse, + struct ntlm_buf *session) +{ + unsigned int hmaclen; + HMAC_CTX c; + + if (ntlmResponse->length <= 16) + return HNTLM_ERR_INVALID_LENGTH; + + session->data = malloc(16); + if (session->data == NULL) + return ENOMEM; + session->length = 16; + + /* Note: key is the NTLMv2 key */ + HMAC_CTX_init(&c); + HMAC_Init_ex(&c, key, len, EVP_md5(), NULL); + HMAC_Update(&c, ntlmResponse->data, 16); + HMAC_Final(&c, session->data, &hmaclen); + HMAC_CTX_cleanup(&c); + + return 0; +} + + +int +heim_ntlm_keyex_wrap(struct ntlm_buf *base_session, + struct ntlm_buf *session, + struct ntlm_buf *encryptedSession) +{ + EVP_CIPHER_CTX c; + int ret; + + session->length = MD4_DIGEST_LENGTH; + session->data = malloc(session->length); + if (session->data == NULL) { + session->length = 0; + return ENOMEM; + } + encryptedSession->length = MD4_DIGEST_LENGTH; + encryptedSession->data = malloc(encryptedSession->length); + if (encryptedSession->data == NULL) { + heim_ntlm_free_buf(session); + encryptedSession->length = 0; + return ENOMEM; + } + + EVP_CIPHER_CTX_init(&c); + + ret = EVP_CipherInit_ex(&c, EVP_rc4(), NULL, base_session->data, NULL, 1); + if (ret != 1) { + EVP_CIPHER_CTX_cleanup(&c); + heim_ntlm_free_buf(encryptedSession); + heim_ntlm_free_buf(session); + return HNTLM_ERR_CRYPTO; + } + + if (RAND_bytes(session->data, session->length) != 1) { + EVP_CIPHER_CTX_cleanup(&c); + heim_ntlm_free_buf(encryptedSession); + heim_ntlm_free_buf(session); + return HNTLM_ERR_RAND; + } + + EVP_Cipher(&c, encryptedSession->data, session->data, encryptedSession->length); + EVP_CIPHER_CTX_cleanup(&c); + + return 0; + + + +} + + + /** * Generates an NTLMv1 session random with assosited session master key. * @@ -976,51 +1243,100 @@ heim_ntlm_build_ntlm1_master(void *key, size_t len, struct ntlm_buf *session, struct ntlm_buf *master) { - RC4_KEY rc4; + struct ntlm_buf sess; + int ret; + + ret = heim_ntlm_v1_base_session(key, len, &sess); + if (ret) + return ret; + + ret = heim_ntlm_keyex_wrap(&sess, session, master); + heim_ntlm_free_buf(&sess); + + return ret; +} + +/** + * Generates an NTLMv2 session random with associated session master key. + * + * @param key the NTLMv2 key + * @param len length of key + * @param blob the NTLMv2 "blob" + * @param session generated session nonce, should be freed with heim_ntlm_free_buf(). + * @param master calculated session master key, should be freed with heim_ntlm_free_buf(). + * + * @return In case of success 0 is return, an errors, a errno in what + * went wrong. + * + * @ingroup ntlm_core + */ + + +int +heim_ntlm_build_ntlm2_master(void *key, size_t len, + struct ntlm_buf *blob, + struct ntlm_buf *session, + struct ntlm_buf *master) +{ + struct ntlm_buf sess; + int ret; + + ret = heim_ntlm_v2_base_session(key, len, blob, &sess); + if (ret) + return ret; + + ret = heim_ntlm_keyex_wrap(&sess, session, master); + heim_ntlm_free_buf(&sess); + + return ret; +} + +/** + * Given a key and encrypted session, unwrap the session key + * + * @param baseKey the sessionBaseKey + * @param encryptedSession encrypted session, type3.session field. + * @param session generated session nonce, should be freed with heim_ntlm_free_buf(). + * + * @return In case of success 0 is return, an errors, a errno in what + * went wrong. + * + * @ingroup ntlm_core + */ + +int +heim_ntlm_keyex_unwrap(struct ntlm_buf *baseKey, + struct ntlm_buf *encryptedSession, + struct ntlm_buf *session) +{ + EVP_CIPHER_CTX c; - memset(master, 0, sizeof(*master)); memset(session, 0, sizeof(*session)); - if (len != MD4_DIGEST_LENGTH) - return EINVAL; - + if (baseKey->length != MD4_DIGEST_LENGTH) + return HNTLM_ERR_INVALID_LENGTH; + session->length = MD4_DIGEST_LENGTH; session->data = malloc(session->length); if (session->data == NULL) { session->length = 0; - return EINVAL; - } - master->length = MD4_DIGEST_LENGTH; - master->data = malloc(master->length); - if (master->data == NULL) { - heim_ntlm_free_buf(master); + return ENOMEM; + } + EVP_CIPHER_CTX_init(&c); + + if (EVP_CipherInit_ex(&c, EVP_rc4(), NULL, baseKey->data, NULL, 0) != 1) { + EVP_CIPHER_CTX_cleanup(&c); heim_ntlm_free_buf(session); - return EINVAL; + return HNTLM_ERR_CRYPTO; } - - { - unsigned char sessionkey[MD4_DIGEST_LENGTH]; - MD4_CTX ctx; - - MD4_Init(&ctx); - MD4_Update(&ctx, key, len); - MD4_Final(sessionkey, &ctx); - - RC4_set_key(&rc4, sizeof(sessionkey), sessionkey); - } - - if (RAND_bytes(session->data, session->length) != 1) { - heim_ntlm_free_buf(master); - heim_ntlm_free_buf(session); - return EINVAL; - } - - RC4(&rc4, master->length, session->data, master->data); - memset(&rc4, 0, sizeof(rc4)); - + + EVP_Cipher(&c, session->data, encryptedSession->data, session->length); + EVP_CIPHER_CTX_cleanup(&c); + return 0; } + /** * Generates an NTLMv2 session key. * @@ -1030,15 +1346,18 @@ heim_ntlm_build_ntlm1_master(void *key, size_t len, * @param target the name of the target, assumed to be in UTF8. * @param ntlmv2 the ntlmv2 session key * + * @return 0 on success, or an error code on failure. + * * @ingroup ntlm_core */ -void +int heim_ntlm_ntlmv2_key(const void *key, size_t len, const char *username, const char *target, unsigned char ntlmv2[16]) { + int ret; unsigned int hmaclen; HMAC_CTX c; @@ -1046,18 +1365,24 @@ heim_ntlm_ntlmv2_key(const void *key, size_t len, HMAC_Init_ex(&c, key, len, EVP_md5(), NULL); { struct ntlm_buf buf; - /* uppercase username and turn it inte ucs2-le */ - ascii2ucs2le(username, 1, &buf); + /* uppercase username and turn it into ucs2-le */ + ret = ascii2ucs2le(username, 1, &buf); + if (ret) + goto out; HMAC_Update(&c, buf.data, buf.length); free(buf.data); /* uppercase target and turn into ucs2-le */ - ascii2ucs2le(target, 1, &buf); + ret = ascii2ucs2le(target, 1, &buf); + if (ret) + goto out; HMAC_Update(&c, buf.data, buf.length); free(buf.data); } HMAC_Final(&c, ntlmv2, &hmaclen); + out: HMAC_CTX_cleanup(&c); + return ret; } /* @@ -1078,11 +1403,58 @@ static time_t nt2unixtime(uint64_t t) { t = ((t - (uint64_t)NTTIME_EPOCH) / (uint64_t)10000000); - if (t > (((time_t)(~(uint64_t)0)) >> 1)) + if (t > (((uint64_t)(time_t)(~(uint64_t)0)) >> 1)) return 0; return (time_t)t; } +/** + * Calculate LMv2 response + * + * @param key the ntlm key + * @param len length of key + * @param username name of the user, as sent in the message, assumed to be in UTF8. + * @param target the name of the target, assumed to be in UTF8. + * @param serverchallenge challenge as sent by the server in the type2 message. + * @param ntlmv2 calculated session key + * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf(). + * + * @return In case of success 0 is return, an errors, a errno in what + * went wrong. + * + * @ingroup ntlm_core + */ + +int +heim_ntlm_calculate_lm2(const void *key, size_t len, + const char *username, + const char *target, + const unsigned char serverchallenge[8], + unsigned char ntlmv2[16], + struct ntlm_buf *answer) +{ + unsigned char clientchallenge[8]; + + if (RAND_bytes(clientchallenge, sizeof(clientchallenge)) != 1) + return HNTLM_ERR_RAND; + + /* calculate ntlmv2 key */ + + heim_ntlm_ntlmv2_key(key, len, username, target, ntlmv2); + + answer->data = malloc(24); + if (answer->data == NULL) + return ENOMEM; + answer->length = 24; + + heim_ntlm_derive_ntlm2_sess(ntlmv2, clientchallenge, 8, + serverchallenge, answer->data); + + memcpy(((uint8_t *)answer->data) + 16, clientchallenge, 8); + + return 0; +} + /** * Calculate NTLMv2 response @@ -1091,7 +1463,7 @@ nt2unixtime(uint64_t t) * @param len length of key * @param username name of the user, as sent in the message, assumed to be in UTF8. * @param target the name of the target, assumed to be in UTF8. - * @param serverchallange challange as sent by the server in the type2 message. + * @param serverchallenge challenge as sent by the server in the type2 message. * @param infotarget infotarget as sent by the server in the type2 message. * @param ntlmv2 calculated session key * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf(). @@ -1106,25 +1478,23 @@ int heim_ntlm_calculate_ntlm2(const void *key, size_t len, const char *username, const char *target, - const unsigned char serverchallange[8], + const unsigned char serverchallenge[8], const struct ntlm_buf *infotarget, unsigned char ntlmv2[16], struct ntlm_buf *answer) { krb5_error_code ret; krb5_data data; - unsigned int hmaclen; unsigned char ntlmv2answer[16]; krb5_storage *sp; - unsigned char clientchallange[8]; - HMAC_CTX c; + unsigned char clientchallenge[8]; uint64_t t; - + t = unix2nttime(time(NULL)); - if (RAND_bytes(clientchallange, sizeof(clientchallange)) != 1) - return EINVAL; - + if (RAND_bytes(clientchallenge, sizeof(clientchallenge)) != 1) + return HNTLM_ERR_RAND; + /* calculate ntlmv2 key */ heim_ntlm_ntlmv2_key(key, len, username, target, ntlmv2); @@ -1142,23 +1512,18 @@ heim_ntlm_calculate_ntlm2(const void *key, size_t len, CHECK(krb5_store_uint32(sp, t & 0xffffffff), 0); CHECK(krb5_store_uint32(sp, t >> 32), 0); - CHECK(krb5_storage_write(sp, clientchallange, 8), 8); + CHECK(krb5_storage_write(sp, clientchallenge, 8), 8); CHECK(krb5_store_uint32(sp, 0), 0); /* unknown but zero will work */ - CHECK(krb5_storage_write(sp, infotarget->data, infotarget->length), + CHECK(krb5_storage_write(sp, infotarget->data, infotarget->length), infotarget->length); CHECK(krb5_store_uint32(sp, 0), 0); /* unknown but zero will work */ - + CHECK(krb5_storage_to_data(sp, &data), 0); krb5_storage_free(sp); sp = NULL; - HMAC_CTX_init(&c); - HMAC_Init_ex(&c, ntlmv2, 16, EVP_md5(), NULL); - HMAC_Update(&c, serverchallange, 8); - HMAC_Update(&c, data.data, data.length); - HMAC_Final(&c, ntlmv2answer, &hmaclen); - HMAC_CTX_cleanup(&c); + heim_ntlm_derive_ntlm2_sess(ntlmv2, data.data, data.length, serverchallenge, ntlmv2answer); sp = krb5_storage_emem(); if (sp == NULL) { @@ -1169,7 +1534,7 @@ heim_ntlm_calculate_ntlm2(const void *key, size_t len, CHECK(krb5_storage_write(sp, ntlmv2answer, 16), 16); CHECK(krb5_storage_write(sp, data.data, data.length), data.length); krb5_data_free(&data); - + CHECK(krb5_storage_to_data(sp, &data), 0); krb5_storage_free(sp); sp = NULL; @@ -1194,7 +1559,7 @@ static const int authtimediff = 3600 * 2; /* 2 hours */ * @param username name of the user, as sent in the message, assumed to be in UTF8. * @param target the name of the target, assumed to be in UTF8. * @param now the time now (0 if the library should pick it up itself) - * @param serverchallange challange as sent by the server in the type2 message. + * @param serverchallenge challenge as sent by the server in the type2 message. * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf(). * @param infotarget infotarget as sent by the server in the type2 message. * @param ntlmv2 calculated session key @@ -1210,27 +1575,25 @@ heim_ntlm_verify_ntlm2(const void *key, size_t len, const char *username, const char *target, time_t now, - const unsigned char serverchallange[8], + const unsigned char serverchallenge[8], const struct ntlm_buf *answer, struct ntlm_buf *infotarget, unsigned char ntlmv2[16]) { krb5_error_code ret; - unsigned int hmaclen; unsigned char clientanswer[16]; unsigned char clientnonce[8]; unsigned char serveranswer[16]; krb5_storage *sp; - HMAC_CTX c; - uint64_t t; time_t authtime; uint32_t temp; + uint64_t t; - infotarget->length = 0; - infotarget->data = NULL; + infotarget->length = 0; + infotarget->data = NULL; if (answer->length < 16) - return EINVAL; + return HNTLM_ERR_INVALID_LENGTH; if (now == 0) now = time(NULL); @@ -1261,11 +1624,11 @@ heim_ntlm_verify_ntlm2(const void *key, size_t len, authtime = nt2unixtime(t); if (abs((int)(authtime - now)) > authtimediff) { - ret = EINVAL; + ret = HNTLM_ERR_TIME_SKEW; goto out; } - /* client challange */ + /* client challenge */ CHECK(krb5_storage_read(sp, clientnonce, 8), 8); CHECK(krb5_ret_uint32(sp, &temp), 0); /* unknown */ @@ -1277,22 +1640,25 @@ heim_ntlm_verify_ntlm2(const void *key, size_t len, ret = ENOMEM; goto out; } - CHECK(krb5_storage_read(sp, infotarget->data, infotarget->length), + CHECK(krb5_storage_read(sp, infotarget->data, infotarget->length), infotarget->length); /* XXX remove the unknown ?? */ krb5_storage_free(sp); sp = NULL; - HMAC_CTX_init(&c); - HMAC_Init_ex(&c, ntlmv2, 16, EVP_md5(), NULL); - HMAC_Update(&c, serverchallange, 8); - HMAC_Update(&c, ((unsigned char *)answer->data) + 16, answer->length - 16); - HMAC_Final(&c, serveranswer, &hmaclen); - HMAC_CTX_cleanup(&c); + if (answer->length < 16) { + ret = HNTLM_ERR_INVALID_LENGTH; + goto out; + } + + heim_ntlm_derive_ntlm2_sess(ntlmv2, + ((unsigned char *)answer->data) + 16, answer->length - 16, + serverchallenge, + serveranswer); if (memcmp(serveranswer, clientanswer, 16) != 0) { heim_ntlm_free_buf(infotarget); - return EINVAL; + return HNTLM_ERR_AUTH; } return 0; @@ -1326,13 +1692,20 @@ heim_ntlm_calculate_ntlm2_sess(const unsigned char clnt_nonce[8], struct ntlm_buf *lm, struct ntlm_buf *ntlm) { - unsigned char ntlm2_sess_hash[MD5_DIGEST_LENGTH]; + unsigned char ntlm2_sess_hash[8]; unsigned char res[21], *resp; - MD5_CTX md5; + int code; + + code = heim_ntlm_calculate_ntlm2_sess_hash(clnt_nonce, svr_chal, + ntlm2_sess_hash); + if (code) { + return code; + } lm->data = malloc(24); - if (lm->data == NULL) + if (lm->data == NULL) { return ENOMEM; + } lm->length = 24; ntlm->data = malloc(24); @@ -1347,11 +1720,6 @@ heim_ntlm_calculate_ntlm2_sess(const unsigned char clnt_nonce[8], memset(lm->data, 0, 24); memcpy(lm->data, clnt_nonce, 8); - MD5_Init(&md5); - MD5_Update(&md5, svr_chal, 8); /* session nonce part 1 */ - MD5_Update(&md5, clnt_nonce, 8); /* session nonce part 2 */ - MD5_Final(ntlm2_sess_hash, &md5); /* will only use first 8 bytes */ - memset(res, 0, sizeof(res)); memcpy(res, ntlm_hash, 16); @@ -1362,3 +1730,74 @@ heim_ntlm_calculate_ntlm2_sess(const unsigned char clnt_nonce[8], return 0; } + + +/* + * Calculate the NTLM2 Session "Verifier" + * + * @param clnt_nonce client nonce + * @param svr_chal server challage + * @param hash The NTLM session verifier + * + * @return In case of success 0 is return, an errors, a errno in what + * went wrong. + * + * @ingroup ntlm_core + */ + +int +heim_ntlm_calculate_ntlm2_sess_hash(const unsigned char clnt_nonce[8], + const unsigned char svr_chal[8], + unsigned char verifier[8]) +{ + unsigned char ntlm2_sess_hash[MD5_DIGEST_LENGTH]; + EVP_MD_CTX *m; + + m = EVP_MD_CTX_create(); + if (m == NULL) + return ENOMEM; + + EVP_DigestInit_ex(m, EVP_md5(), NULL); + EVP_DigestUpdate(m, svr_chal, 8); /* session nonce part 1 */ + EVP_DigestUpdate(m, clnt_nonce, 8); /* session nonce part 2 */ + EVP_DigestFinal_ex(m, ntlm2_sess_hash, NULL); /* will only use first 8 bytes */ + EVP_MD_CTX_destroy(m); + + memcpy(verifier, ntlm2_sess_hash, 8); + + return 0; +} + + +/* + * Derive a NTLM2 session key + * + * @param sessionkey session key from domain controller + * @param clnt_nonce client nonce + * @param svr_chal server challenge + * @param derivedkey salted session key + * + * @return In case of success 0 is return, an errors, a errno in what + * went wrong. + * + * @ingroup ntlm_core + */ + +void +heim_ntlm_derive_ntlm2_sess(const unsigned char sessionkey[16], + const unsigned char *clnt_nonce, size_t clnt_nonce_length, + const unsigned char svr_chal[8], + unsigned char derivedkey[16]) +{ + unsigned int hmaclen; + HMAC_CTX c; + + /* HMAC(Ksession, serverchallenge || clientchallenge) */ + HMAC_CTX_init(&c); + HMAC_Init_ex(&c, sessionkey, 16, EVP_md5(), NULL); + HMAC_Update(&c, svr_chal, 8); + HMAC_Update(&c, clnt_nonce, clnt_nonce_length); + HMAC_Final(&c, derivedkey, &hmaclen); + HMAC_CTX_cleanup(&c); +} + diff --git a/lib/ntlm/ntlm_err.et b/lib/ntlm/ntlm_err.et new file mode 100644 index 000000000000..0fd6e00a21c7 --- /dev/null +++ b/lib/ntlm/ntlm_err.et @@ -0,0 +1,24 @@ +# +# Error messages for the ntlm library +# +# This might look like a com_err file, but is not +# + +error_table ntlm + +prefix HNTLM_ERR +error_code DECODE, "Failed to decode packet" +error_code INVALID_LENGTH, "Input length invalid" +error_code CRYPTO, "Failed crypto primitive" +error_code RAND, "Random generator failed" +error_code AUTH, "NTLM authentication failed" +error_code TIME_SKEW, "Client time skewed to server" +error_code OEM, "Client set OEM string" +error_code MISSING_NAME_SEPARATOR, "missing @ or \ in name" +error_code MISSING_BUFFER, "missing expected buffer" +error_code INVALID_APOP, "Invalid APOP response" +error_code INVALID_CRAM_MD5, "Invalid CRAM-MD5 response" +error_code INVALID_DIGEST_MD5, "Invalid DIGEST-MD5 response" +error_code INVALID_DIGEST_MD5_RSPAUTH, "Invalid DIGEST-MD5 rspauth" + +end diff --git a/lib/ntlm/test_ntlm.c b/lib/ntlm/test_ntlm.c index 11eceb01cc6d..5a995adae48b 100644 --- a/lib/ntlm/test_ntlm.c +++ b/lib/ntlm/test_ntlm.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -38,15 +38,13 @@ #include #include -RCSID("$Id: test_ntlm.c 22377 2007-12-28 18:38:53Z lha $"); - -#include +#include /* or */ #include static int test_parse(void) { - const char *user = "foo", + const char *user = "foo", *domain = "mydomain", *password = "digestpassword", *target = "DOMAIN"; @@ -54,9 +52,8 @@ test_parse(void) struct ntlm_type2 type2; struct ntlm_type3 type3; struct ntlm_buf data; - krb5_error_code ret; - int flags; - + int ret, flags; + memset(&type1, 0, sizeof(type1)); type1.flags = NTLM_NEG_UNICODE|NTLM_NEG_TARGET|NTLM_NEG_NTLM; @@ -87,7 +84,7 @@ test_parse(void) flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN; type2.flags = flags; - memset(type2.challange, 0x7f, sizeof(type2.challange)); + memset(type2.challenge, 0x7f, sizeof(type2.challenge)); type2.targetname = rk_UNCONST(target); type2.targetinfo.data = NULL; type2.targetinfo.length = 0; @@ -121,7 +118,7 @@ test_parse(void) heim_ntlm_nt_key(password, &key); heim_ntlm_calculate_ntlm1(key.data, key.length, - type2.challange, + type2.challenge, &type3.ntlm); free(key.data); } @@ -160,7 +157,7 @@ test_parse(void) flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN; type2.flags = flags; - memset(type2.challange, 0x7f, sizeof(type2.challange)); + memset(type2.challenge, 0x7f, sizeof(type2.challenge)); type2.targetname = rk_UNCONST(target); type2.targetinfo.data = "\x00\x00"; type2.targetinfo.length = 2; @@ -188,12 +185,12 @@ test_keys(void) *username = "test", *password = "test1234", *target = "TESTNT"; - const unsigned char - serverchallange[8] = "\x67\x7f\x1c\x55\x7a\x5e\xe9\x6c"; + const unsigned char + serverchallenge[8] = "\x67\x7f\x1c\x55\x7a\x5e\xe9\x6c"; struct ntlm_buf infotarget, infotarget2, answer, key; unsigned char ntlmv2[16], ntlmv2_1[16]; int ret; - + infotarget.length = 70; infotarget.data = "\x02\x00\x0c\x00\x54\x00\x45\x00\x53\x00\x54\x00\x4e\x00\x54\x00" @@ -212,7 +209,7 @@ test_keys(void) key.length, username, target, - serverchallange, + serverchallenge, &infotarget, ntlmv2, &answer); @@ -224,7 +221,7 @@ test_keys(void) username, target, 0, - serverchallange, + serverchallenge, &answer, &infotarget2, ntlmv2_1); @@ -253,18 +250,18 @@ test_ntlm2_session_resp(void) int ret; struct ntlm_buf lm, ntlm; - const unsigned char lm_resp[24] = + const unsigned char lm_resp[24] = "\xff\xff\xff\x00\x11\x22\x33\x44" "\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00"; - const unsigned char ntlm2_sess_resp[24] = + const unsigned char ntlm2_sess_resp[24] = "\x10\xd5\x50\x83\x2d\x12\xb2\xcc" "\xb7\x9d\x5a\xd1\xf4\xee\xd3\xdf" "\x82\xac\xa4\xc3\x68\x1d\xd4\x55"; - + const unsigned char client_nonce[8] = "\xff\xff\xff\x00\x11\x22\x33\x44"; - const unsigned char server_challange[8] = + const unsigned char server_challenge[8] = "\x01\x23\x45\x67\x89\xab\xcd\xef"; const unsigned char ntlm_hash[16] = @@ -272,7 +269,7 @@ test_ntlm2_session_resp(void) "\x1d\x33\xb7\x48\x5a\x2e\xd8\x08"; ret = heim_ntlm_calculate_ntlm2_sess(client_nonce, - server_challange, + server_challenge, ntlm_hash, &lm, &ntlm); @@ -283,7 +280,7 @@ test_ntlm2_session_resp(void) errx(1, "lm_resp wrong"); if (ntlm.length != 24 || memcmp(ntlm.data, ntlm2_sess_resp, 24) != 0) errx(1, "ntlm2_sess_resp wrong"); - + free(lm.data); free(ntlm.data); @@ -291,10 +288,45 @@ test_ntlm2_session_resp(void) return 0; } +static int +test_targetinfo(void) +{ + struct ntlm_targetinfo ti; + struct ntlm_buf buf; + const char *dnsservername = "dnsservername"; + int ret; + + memset(&ti, 0, sizeof(ti)); + + ti.dnsservername = rk_UNCONST(dnsservername); + ti.avflags = 1; + ret = heim_ntlm_encode_targetinfo(&ti, 1, &buf); + if (ret) + return ret; + + memset(&ti, 0, sizeof(ti)); + + ret = heim_ntlm_decode_targetinfo(&buf, 1, &ti); + if (ret) + return ret; + + if (ti.dnsservername == NULL || + strcmp(ti.dnsservername, dnsservername) != 0) + errx(1, "ti.dnshostname != %s", dnsservername); + if (ti.avflags != 1) + errx(1, "ti.avflags != 1"); + + heim_ntlm_free_targetinfo(&ti); + + return 0; +} + +static int verbose_flag = 0; static int version_flag = 0; static int help_flag = 0; static struct getargs args[] = { + {"verbose", 0, arg_flag, &verbose_flag, "verbose printing", NULL }, {"version", 0, arg_flag, &version_flag, "print version", NULL }, {"help", 0, arg_flag, &help_flag, NULL, NULL } }; @@ -316,7 +348,7 @@ main(int argc, char **argv) if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) usage(1); - + if (help_flag) usage (0); @@ -328,12 +360,21 @@ main(int argc, char **argv) argc -= optind; argv += optind; - printf("test_parse\n"); + if (verbose_flag) + printf("test_parse\n"); + ret += test_parse(); - printf("test_keys\n"); + if (verbose_flag) + printf("test_keys\n"); + ret += test_keys(); - printf("test_ntlm2_session_resp\n"); + if (verbose_flag) + printf("test_ntlm2_session_resp\n"); ret += test_ntlm2_session_resp(); - return 0; + if (verbose_flag) + printf("test_targetinfo\n"); + ret += test_targetinfo(); + + return ret; } diff --git a/lib/ntlm/version-script.map b/lib/ntlm/version-script.map index 654a630cec15..6fe67a618fe0 100644 --- a/lib/ntlm/version-script.map +++ b/lib/ntlm/version-script.map @@ -1,8 +1,9 @@ -# $Id: version-script.map 22041 2007-11-11 07:43:27Z lha $ +# $Id$ HEIMDAL_NTLM_1.0 { global: heim_ntlm_build_ntlm1_master; + heim_ntlm_calculate_lm2; heim_ntlm_calculate_ntlm1; heim_ntlm_calculate_ntlm2; heim_ntlm_calculate_ntlm2_sess; @@ -22,6 +23,8 @@ HEIMDAL_NTLM_1.0 { heim_ntlm_nt_key; heim_ntlm_ntlmv2_key; heim_ntlm_verify_ntlm2; + heim_ntlm_unparse_flags; + initialize_ntlm_error_table_r; local: *; }; diff --git a/lib/otp/ChangeLog b/lib/otp/ChangeLog new file mode 100644 index 000000000000..d4fda44ba950 --- /dev/null +++ b/lib/otp/ChangeLog @@ -0,0 +1,128 @@ +2007-07-17 Love Hörnquist Ã…strand + + * Makefile.am: split source files in dist and nodist. + +2007-07-10 Love Hörnquist Ã…strand + + * Makefile.am: New library version + +2007-06-07 Assar Westerlund + + * otp_parse.c: NIIL should be NIL + +2006-05-08 Love Hörnquist Ã…strand + + * otp_parse.c: Less "pointer targets in passing argument differ in + signedness" warnings. + +2005-07-09 Love Hörnquist Ã…strand + + * otp.h: remove parameter names to avoid shadow warnings + +2005-07-07 Love Hörnquist Ã…strand + + * otp_parse.c (parse_words): avoid const warnings by making a + (shorter) copy of the string instead of truncating it + +2005-01-09 Love Hörnquist Ã…strand + + * otp_parse.c: cast argument to tolower to unsigned char + +2003-04-16 Love Hörnquist Ã…strand + + * roken_rename.h: rename strlcat, strlcpy + * Makefile.am: (ES): add strlcpy.c and strlcat.c + * otp_db.c: use strlcpy, from openbsd + * otp_md.c: use strlcat/strlcpy, from openbsd + * otp_challenge.c: do strdup again, we desupport ultrix + +2002-09-10 Johan Danielsson + + * otp_md.c: if we only have old hash names, we need to include + functions here that do the work + +2002-05-20 Johan Danielsson + + * otp_db.c: fix ndbm test + +2002-05-17 Johan Danielsson + + * Makefile.am: add hooks for ndbm_wrap + + * otp_db.c: use ndbm_wrap + +2001-07-12 Assar Westerlund + + * Makefile.am: add required library dependencies + +2001-01-30 Assar Westerlund + + * Makefile.am (libotp_la_LDFLAGS): bump version to 1:2:1 + +2001-01-29 Assar Westerlund + + * otp_md.c: update to new md4/md5/sha API + +2000-12-11 Assar Westerlund + + * Makefile.am (INCLUDES): add krb4 includes here, which are + somewhat bogusly used when linking against libdes supplied by krb4 + +2000-07-25 Johan Danielsson + + * Makefile.am: bump version to 1:1:1 + +2000-07-01 Assar Westerlund + + * const-ify + +2000-02-07 Assar Westerlund + + * Makefile.am: update version to 1:0:1 + +2000-01-26 Assar Westerlund + + * otp_md.c: update to pseudo-standard APIs for md4,md5,sha. + * otp_md.c: start using the pseudo-standard APIs for the hash + functions + +1999-10-20 Assar Westerlund + + * Makefile.am: set version to 0:1:0 + +Fri Mar 19 14:52:48 1999 Johan Danielsson + + * Makefile.am: add version-info + +Thu Mar 18 11:24:19 1999 Johan Danielsson + + * Makefile.am: include Makefile.am.common + +Sat Mar 13 22:27:10 1999 Assar Westerlund + + * otp_parse.c: unsigned-ify + +Sun Nov 22 10:44:16 1998 Assar Westerlund + + * Makefile.in (WFLAGS): set + +Mon May 25 05:27:07 1998 Assar Westerlund + + * Makefile.in (clean): try to remove shared library debris + +Sat May 23 20:54:28 1998 Assar Westerlund + + * Makefile.am: link with DBLIB + +Sun Apr 19 09:59:46 1998 Assar Westerlund + + * Makefile.in: add symlink magic for linux + +Sat Feb 7 07:27:18 1998 Assar Westerlund + + * otp_db.c (otp_put): make sure we don't overrun `buf' + +Sun Nov 9 07:14:59 1997 Assar Westerlund + + * otp_locl.h: use xdbm.h + diff --git a/lib/otp/Makefile.am b/lib/otp/Makefile.am new file mode 100644 index 000000000000..9a54e538418b --- /dev/null +++ b/lib/otp/Makefile.am @@ -0,0 +1,87 @@ +# $Id$ + +include $(top_srcdir)/Makefile.am.common + +AM_CPPFLAGS += $(INCLUDE_hcrypto) $(ROKEN_RENAME) + +noinst_PROGRAMS = otptest + +check_PROGRAMS = otptest + +otptest_LDADD = libotp.la + +include_HEADERS = otp.h + +lib_LTLIBRARIES = libotp.la +libotp_la_LDFLAGS = -version-info 1:5:1 +libotp_la_LIBADD = $(LIB_hcrypto) $(LIB_roken) + +if HAVE_DB1 +ndbm_wrap = ndbm_wrap.c ndbm_wrap.h +libotp_la_LIBADD += $(LIB_db_create) +else +if HAVE_DB3 +ndbm_wrap = ndbm_wrap.c ndbm_wrap.h +libotp_la_LIBADD += $(LIB_db_create) +else +ndbm_wrap = +libotp_la_LIBADD += $(LIB_NDBM) +endif +endif + +dist_libotp_la_SOURCES = \ + otp.c \ + otp_challenge.c \ + otp_db.c \ + otp_md.c \ + otp_parse.c \ + otp_print.c \ + otp_verify.c \ + otp_locl.h \ + otp_md.h \ + roken_rename.h + +nodist_libotp_la_SOURCES = $(ndbm_wrap) $(ROKEN_SRCS) + +libotp_la_DEPENDENCIES = version-script.map + +if do_roken_rename +ROKEN_SRCS = snprintf.c strcasecmp.c strncasecmp.c strlwr.c strlcpy.c strlcat.c +endif + +if versionscript +libotp_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map +endif + +$(libotp_la_OBJECTS): $(ndbm_wrap) + +ndbm_wrap.c: + $(LN_S) $(srcdir)/../roken/ndbm_wrap.c . +ndbm_wrap.h: + (echo '#define dbm_rename(X) __otp_ ## X'; cat $(srcdir)/../roken/ndbm_wrap.h) > ndbm_wrap.h + + +snprintf.c: + $(LN_S) $(srcdir)/../roken/snprintf.c . +strcasecmp.c: + $(LN_S) $(srcdir)/../roken/strcasecmp.c . +strncasecmp.c: + $(LN_S) $(srcdir)/../roken/strncasecmp.c . +strlwr.c: + $(LN_S) $(srcdir)/../roken/strlwr.c . +strlcpy.c: + $(LN_S) $(srcdir)/../roken/strlcpy.c . +strlcat.c: + $(LN_S) $(srcdir)/../roken/strlcat.c . + +CLEANFILES = \ + ndbm_wrap.c \ + ndbm_wrap.h \ + snprintf.c \ + strcasecmp.c \ + strlcat.c \ + strlcpy.c \ + strlwr.c \ + strncasecmp.c + +EXTRA_DIST = NTMakefile version-script.map diff --git a/lib/otp/Makefile.in b/lib/otp/Makefile.in new file mode 100644 index 000000000000..dabdcf799cf8 --- /dev/null +++ b/lib/otp/Makefile.in @@ -0,0 +1,1016 @@ +# Makefile.in generated by automake 1.11.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# $Id$ + +# $Id$ + +# $Id$ + + + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ + $(top_srcdir)/cf/Makefile.am.common ChangeLog +noinst_PROGRAMS = otptest$(EXEEXT) +check_PROGRAMS = otptest$(EXEEXT) +@HAVE_DB1_TRUE@am__append_1 = $(LIB_db_create) +@HAVE_DB1_FALSE@@HAVE_DB3_TRUE@am__append_2 = $(LIB_db_create) +@HAVE_DB1_FALSE@@HAVE_DB3_FALSE@am__append_3 = $(LIB_NDBM) +@versionscript_TRUE@am__append_4 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map +subdir = lib/otp +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ + $(top_srcdir)/cf/broken-getaddrinfo.m4 \ + $(top_srcdir)/cf/broken-glob.m4 \ + $(top_srcdir)/cf/broken-realloc.m4 \ + $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ + $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ + $(top_srcdir)/cf/capabilities.m4 \ + $(top_srcdir)/cf/check-compile-et.m4 \ + $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ + $(top_srcdir)/cf/check-man.m4 \ + $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ + $(top_srcdir)/cf/check-type-extra.m4 \ + $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ + $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ + $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/find-func-no-libs.m4 \ + $(top_srcdir)/cf/find-func-no-libs2.m4 \ + $(top_srcdir)/cf/find-func.m4 \ + $(top_srcdir)/cf/find-if-not-broken.m4 \ + $(top_srcdir)/cf/framework-security.m4 \ + $(top_srcdir)/cf/have-struct-field.m4 \ + $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ + $(top_srcdir)/cf/krb-bigendian.m4 \ + $(top_srcdir)/cf/krb-func-getlogin.m4 \ + $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ + $(top_srcdir)/cf/krb-readline.m4 \ + $(top_srcdir)/cf/krb-struct-spwd.m4 \ + $(top_srcdir)/cf/krb-struct-winsize.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ + $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ + $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ + $(top_srcdir)/cf/roken-frag.m4 \ + $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ + $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ + $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ + $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/include/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" +LTLIBRARIES = $(lib_LTLIBRARIES) +am__DEPENDENCIES_1 = +@HAVE_DB1_TRUE@am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1) +@HAVE_DB1_FALSE@@HAVE_DB3_TRUE@am__DEPENDENCIES_3 = \ +@HAVE_DB1_FALSE@@HAVE_DB3_TRUE@ $(am__DEPENDENCIES_1) +@HAVE_DB1_FALSE@@HAVE_DB3_FALSE@am__DEPENDENCIES_4 = \ +@HAVE_DB1_FALSE@@HAVE_DB3_FALSE@ $(am__DEPENDENCIES_1) +dist_libotp_la_OBJECTS = otp.lo otp_challenge.lo otp_db.lo otp_md.lo \ + otp_parse.lo otp_print.lo otp_verify.lo +@HAVE_DB1_FALSE@@HAVE_DB3_TRUE@am__objects_1 = ndbm_wrap.lo +@HAVE_DB1_TRUE@am__objects_1 = ndbm_wrap.lo +@do_roken_rename_TRUE@am__objects_2 = snprintf.lo strcasecmp.lo \ +@do_roken_rename_TRUE@ strncasecmp.lo strlwr.lo strlcpy.lo \ +@do_roken_rename_TRUE@ strlcat.lo +nodist_libotp_la_OBJECTS = $(am__objects_1) $(am__objects_2) +libotp_la_OBJECTS = $(dist_libotp_la_OBJECTS) \ + $(nodist_libotp_la_OBJECTS) +libotp_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libotp_la_LDFLAGS) $(LDFLAGS) -o $@ +PROGRAMS = $(noinst_PROGRAMS) +otptest_SOURCES = otptest.c +otptest_OBJECTS = otptest.$(OBJEXT) +otptest_DEPENDENCIES = libotp.la +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(dist_libotp_la_SOURCES) $(nodist_libotp_la_SOURCES) \ + otptest.c +DIST_SOURCES = $(dist_libotp_la_SOURCES) otptest.c +HEADERS = $(include_HEADERS) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMTAR = @AMTAR@ +AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +COMPILE_ET = @COMPILE_ET@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ +DBLIB = @DBLIB@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DIR_com_err = @DIR_com_err@ +DIR_hcrypto = @DIR_hcrypto@ +DIR_hdbdir = @DIR_hdbdir@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GREP = @GREP@ +GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ +INCLUDE_hcrypto = @INCLUDE_hcrypto@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ +INCLUDE_openldap = @INCLUDE_openldap@ +INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBADD_roken = @LIBADD_roken@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_NDBM = @LIB_NDBM@ +LIB_XauFileName = @LIB_XauFileName@ +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_XauWriteAuth = @LIB_XauWriteAuth@ +LIB_bswap16 = @LIB_bswap16@ +LIB_bswap32 = @LIB_bswap32@ +LIB_com_err = @LIB_com_err@ +LIB_com_err_a = @LIB_com_err_a@ +LIB_com_err_so = @LIB_com_err_so@ +LIB_crypt = @LIB_crypt@ +LIB_db_create = @LIB_db_create@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ +LIB_door_create = @LIB_door_create@ +LIB_freeaddrinfo = @LIB_freeaddrinfo@ +LIB_gai_strerror = @LIB_gai_strerror@ +LIB_getaddrinfo = @LIB_getaddrinfo@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_gethostbyname2 = @LIB_gethostbyname2@ +LIB_getnameinfo = @LIB_getnameinfo@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_hcrypto = @LIB_hcrypto@ +LIB_hcrypto_a = @LIB_hcrypto_a@ +LIB_hcrypto_appl = @LIB_hcrypto_appl@ +LIB_hcrypto_so = @LIB_hcrypto_so@ +LIB_hesiod = @LIB_hesiod@ +LIB_hstrerror = @LIB_hstrerror@ +LIB_kdb = @LIB_kdb@ +LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ +LIB_loadquery = @LIB_loadquery@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_openldap = @LIB_openldap@ +LIB_openpty = @LIB_openpty@ +LIB_otp = @LIB_otp@ +LIB_pidfile = @LIB_pidfile@ +LIB_readline = @LIB_readline@ +LIB_res_ndestroy = @LIB_res_ndestroy@ +LIB_res_nsearch = @LIB_res_nsearch@ +LIB_res_search = @LIB_res_search@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ +STRIP = @STRIP@ +VERSION = @VERSION@ +VERSIONING = @VERSIONING@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +XMKMF = @XMKMF@ +X_CFLAGS = @X_CFLAGS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_LIBS = @X_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dpagaix_cflags = @dpagaix_cflags@ +dpagaix_ldadd = @dpagaix_ldadd@ +dpagaix_ldflags = @dpagaix_ldflags@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +subdirs = @subdirs@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(INCLUDE_hcrypto) $(ROKEN_RENAME) +@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME +AM_CFLAGS = $(WFLAGS) +CP = cp +buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_setpcred = @LIB_setpcred@ +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal +NROFF_MAN = groff -mandoc -Tascii +LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la + +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la +@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la +otptest_LDADD = libotp.la +include_HEADERS = otp.h +lib_LTLIBRARIES = libotp.la +libotp_la_LDFLAGS = -version-info 1:5:1 $(am__append_4) +libotp_la_LIBADD = $(LIB_hcrypto) $(LIB_roken) $(am__append_1) \ + $(am__append_2) $(am__append_3) +@HAVE_DB1_FALSE@@HAVE_DB3_FALSE@ndbm_wrap = +@HAVE_DB1_FALSE@@HAVE_DB3_TRUE@ndbm_wrap = ndbm_wrap.c ndbm_wrap.h +@HAVE_DB1_TRUE@ndbm_wrap = ndbm_wrap.c ndbm_wrap.h +dist_libotp_la_SOURCES = \ + otp.c \ + otp_challenge.c \ + otp_db.c \ + otp_md.c \ + otp_parse.c \ + otp_print.c \ + otp_verify.c \ + otp_locl.h \ + otp_md.h \ + roken_rename.h + +nodist_libotp_la_SOURCES = $(ndbm_wrap) $(ROKEN_SRCS) +libotp_la_DEPENDENCIES = version-script.map +@do_roken_rename_TRUE@ROKEN_SRCS = snprintf.c strcasecmp.c strncasecmp.c strlwr.c strlcpy.c strlcat.c +CLEANFILES = \ + ndbm_wrap.c \ + ndbm_wrap.h \ + snprintf.c \ + strcasecmp.c \ + strlcat.c \ + strlcpy.c \ + strlwr.c \ + strncasecmp.c + +EXTRA_DIST = NTMakefile version-script.map +all: all-am + +.SUFFIXES: +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/otp/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/otp/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ + if test -f $$p; then \ + list2="$$list2 $$p"; \ + else :; fi; \ + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ + done + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libotp.la: $(libotp_la_OBJECTS) $(libotp_la_DEPENDENCIES) + $(libotp_la_LINK) -rpath $(libdir) $(libotp_la_OBJECTS) $(libotp_la_LIBADD) $(LIBS) + +clean-checkPROGRAMS: + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list + +clean-noinstPROGRAMS: + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +otptest$(EXEEXT): $(otptest_OBJECTS) $(otptest_DEPENDENCIES) + @rm -f otptest$(EXEEXT) + $(LINK) $(otptest_OBJECTS) $(otptest_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ndbm_wrap.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otp_challenge.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otp_db.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otp_md.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otp_parse.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otp_print.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otp_verify.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/otptest.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/snprintf.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strcasecmp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strlcat.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strlcpy.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strlwr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strncasecmp.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-includeHEADERS: $(include_HEADERS) + @$(NORMAL_INSTALL) + test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ + done + +uninstall-includeHEADERS: + @$(NORMAL_UNINSTALL) + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$(top_distdir)" distdir="$(distdir)" \ + dist-hook +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local +installdirs: + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ + clean-libtool clean-noinstPROGRAMS mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-includeHEADERS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-data-hook +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: install-libLTLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) uninstall-hook +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am + +.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ + clean clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ + clean-libtool clean-noinstPROGRAMS ctags dist-hook distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am \ + install-data-hook install-dvi install-dvi-am install-exec \ + install-exec-am install-exec-hook install-html install-html-am \ + install-includeHEADERS install-info install-info-am \ + install-libLTLIBRARIES install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags uninstall uninstall-am uninstall-hook \ + uninstall-includeHEADERS uninstall-libLTLIBRARIES + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) + @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done ; \ + foo='$(nobase_include_HEADERS)'; \ + for f in $$foo; do \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers + +check-local:: + @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ + foo=''; elif test '$(CHECK_LOCAL)'; then \ + foo='$(CHECK_LOCAL)'; else \ + foo='$(PROGRAMS)'; fi; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0 || exit 1; \ + fi + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +uninstall-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +install-data-hook: install-cat-mans +uninstall-hook: uninstall-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +# +# Useful target for debugging +# + +check-valgrind: + tobjdir=`cd $(top_builddir) && pwd` ; \ + tsrcdir=`cd $(top_srcdir) && pwd` ; \ + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check + +# +# Target to please samba build farm, builds distfiles in-tree. +# Will break when automake changes... +# + +distdir-in-tree: $(DISTFILES) $(INFO_DEPS) + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" != .; then \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ + fi ; \ + done + +$(libotp_la_OBJECTS): $(ndbm_wrap) + +ndbm_wrap.c: + $(LN_S) $(srcdir)/../roken/ndbm_wrap.c . +ndbm_wrap.h: + (echo '#define dbm_rename(X) __otp_ ## X'; cat $(srcdir)/../roken/ndbm_wrap.h) > ndbm_wrap.h + +snprintf.c: + $(LN_S) $(srcdir)/../roken/snprintf.c . +strcasecmp.c: + $(LN_S) $(srcdir)/../roken/strcasecmp.c . +strncasecmp.c: + $(LN_S) $(srcdir)/../roken/strncasecmp.c . +strlwr.c: + $(LN_S) $(srcdir)/../roken/strlwr.c . +strlcpy.c: + $(LN_S) $(srcdir)/../roken/strlcpy.c . +strlcat.c: + $(LN_S) $(srcdir)/../roken/strlcat.c . + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/lib/otp/NTMakefile b/lib/otp/NTMakefile new file mode 100644 index 000000000000..a531c8b3fd0b --- /dev/null +++ b/lib/otp/NTMakefile @@ -0,0 +1,35 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\otp + +!include ../../windows/NTMakefile.w32 + diff --git a/lib/otp/otp.c b/lib/otp/otp.c new file mode 100644 index 000000000000..906f72cd6f05 --- /dev/null +++ b/lib/otp/otp.c @@ -0,0 +1,63 @@ +/* + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +RCSID("$Id$"); +#endif + +#include "otp_locl.h" +#include "otp_md.h" + +static OtpAlgorithm algorithms[] = { + {OTP_ALG_MD4, "md4", 16, otp_md4_hash, otp_md4_init, otp_md4_next}, + {OTP_ALG_MD5, "md5", 16, otp_md5_hash, otp_md5_init, otp_md5_next}, + {OTP_ALG_SHA, "sha", 20, otp_sha_hash, otp_sha_init, otp_sha_next} +}; + +OtpAlgorithm * +otp_find_alg (char *name) +{ + int i; + + for (i = 0; i < sizeof(algorithms)/sizeof(*algorithms); ++i) + if (strcmp (name, algorithms[i].name) == 0) + return &algorithms[i]; + return NULL; +} + +char * +otp_error (OtpContext *o) +{ + return o->err; +} diff --git a/lib/otp/otp.h b/lib/otp/otp.h new file mode 100644 index 000000000000..3a4e5494919a --- /dev/null +++ b/lib/otp/otp.h @@ -0,0 +1,101 @@ +/* + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef _OTP_H +#define _OTP_H + +#include +#include + +enum {OTPKEYSIZE = 8}; + +typedef unsigned char OtpKey[OTPKEYSIZE]; + +#define OTP_MIN_PASSPHRASE 10 +#define OTP_MAX_PASSPHRASE 63 + +#define OTP_USER_TIMEOUT 120 +#define OTP_DB_TIMEOUT 60 + +#define OTP_HEXPREFIX "hex:" +#define OTP_WORDPREFIX "word:" + +typedef enum { OTP_ALG_MD4, OTP_ALG_MD5, OTP_ALG_SHA } OtpAlgID; + +#define OTP_ALG_DEFAULT "md5" + +typedef struct { + OtpAlgID id; + char *name; + int hashsize; + int (*hash)(const char *, size_t, unsigned char *); + int (*init)(OtpKey, const char *, const char *); + int (*next)(OtpKey); +} OtpAlgorithm; + +typedef struct { + char *user; + OtpAlgorithm *alg; + unsigned n; + char seed[17]; + OtpKey key; + int challengep; + time_t lock_time; + char *err; +} OtpContext; + +OtpAlgorithm *otp_find_alg (char *); +void otp_print_stddict (OtpKey, char *, size_t); +void otp_print_hex (OtpKey, char *, size_t); +void otp_print_stddict_extended (OtpKey, char *, size_t); +void otp_print_hex_extended (OtpKey, char *, size_t); +unsigned otp_checksum (OtpKey); +int otp_parse_hex (OtpKey, const char *); +int otp_parse_stddict (OtpKey, const char *); +int otp_parse_altdict (OtpKey, const char *, OtpAlgorithm *); +int otp_parse (OtpKey, const char *, OtpAlgorithm *); +int otp_challenge (OtpContext *, char *, char *, size_t); +int otp_verify_user (OtpContext *, const char *); +int otp_verify_user_1 (OtpContext *, const char *); +char *otp_error (OtpContext *); + +void *otp_db_open (void); +void otp_db_close (void *); +int otp_put (void *, OtpContext *); +int otp_get (void *, OtpContext *); +int otp_simple_get (void *, OtpContext *); +int otp_delete (void *, OtpContext *); + +#endif /* _OTP_H */ diff --git a/lib/otp/otp_challenge.c b/lib/otp/otp_challenge.c new file mode 100644 index 000000000000..76b3768c463d --- /dev/null +++ b/lib/otp/otp_challenge.c @@ -0,0 +1,68 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +RCSID("$Id$"); +#endif + +#include "otp_locl.h" + +int +otp_challenge (OtpContext *ctx, char *user, char *str, size_t len) +{ + void *dbm; + int ret; + + ctx->challengep = 0; + ctx->err = NULL; + ctx->user = strdup(user); + if (ctx->user == NULL) { + ctx->err = "Out of memory"; + return -1; + } + dbm = otp_db_open (); + if (dbm == NULL) { + ctx->err = "Cannot open database"; + return -1; + } + ret = otp_get (dbm, ctx); + otp_db_close (dbm); + if (ret) + return ret; + snprintf (str, len, + "[ otp-%s %u %s ]", + ctx->alg->name, ctx->n-1, ctx->seed); + ctx->challengep = 1; + return 0; +} diff --git a/lib/otp/otp_db.c b/lib/otp/otp_db.c new file mode 100644 index 000000000000..76daa870aa25 --- /dev/null +++ b/lib/otp/otp_db.c @@ -0,0 +1,233 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +RCSID("$Id$"); +#endif + +#include "otp_locl.h" + +#if !defined(HAVE_NDBM) && !defined(HAVE_DB_NDBM) +#include "ndbm_wrap.h" +#endif + +#define RETRIES 5 + +void * +otp_db_open (void) +{ + int lock; + int i; + void *ret; + + for(i = 0; i < RETRIES; ++i) { + struct stat statbuf; + + lock = open (OTP_DB_LOCK, O_WRONLY | O_CREAT | O_EXCL, 0666); + if (lock >= 0) { + close(lock); + break; + } + if (stat (OTP_DB_LOCK, &statbuf) == 0) { + if (time(NULL) - statbuf.st_mtime > OTP_DB_TIMEOUT) + unlink (OTP_DB_LOCK); + else + sleep (1); + } + } + if (i == RETRIES) + return NULL; + ret = dbm_open (OTP_DB, O_RDWR | O_CREAT, 0600); + if (ret == NULL) + unlink (OTP_DB_LOCK); + return ret; +} + +void +otp_db_close (void *dbm) +{ + dbm_close ((DBM *)dbm); + unlink (OTP_DB_LOCK); +} + +/* + * Remove this entry from the database. + * return 0 if ok. + */ + +int +otp_delete (void *v, OtpContext *ctx) +{ + DBM *dbm = (DBM *)v; + datum key; + + key.dsize = strlen(ctx->user); + key.dptr = ctx->user; + + return dbm_delete(dbm, key); +} + +/* + * Read this entry from the database and lock it if lockp. + */ + +static int +otp_get_internal (void *v, OtpContext *ctx, int lockp) +{ + DBM *dbm = (DBM *)v; + datum dat, key; + char *p; + time_t now, then; + + key.dsize = strlen(ctx->user); + key.dptr = ctx->user; + + dat = dbm_fetch (dbm, key); + if (dat.dptr == NULL) { + ctx->err = "Entry not found"; + return -1; + } + p = dat.dptr; + + memcpy (&then, p, sizeof(then)); + ctx->lock_time = then; + if (lockp) { + time(&now); + if (then && now - then < OTP_USER_TIMEOUT) { + ctx->err = "Entry locked"; + return -1; + } + memcpy (p, &now, sizeof(now)); + } + p += sizeof(now); + ctx->alg = otp_find_alg (p); + if (ctx->alg == NULL) { + ctx->err = "Bad algorithm"; + return -1; + } + p += strlen(p) + 1; + { + unsigned char *up = (unsigned char *)p; + ctx->n = (up[0] << 24) | (up[1] << 16) | (up[2] << 8) | up[3]; + } + p += 4; + memcpy (ctx->key, p, OTPKEYSIZE); + p += OTPKEYSIZE; + strlcpy (ctx->seed, p, sizeof(ctx->seed)); + if (lockp) + return dbm_store (dbm, key, dat, DBM_REPLACE); + else + return 0; +} + +/* + * Get and lock. + */ + +int +otp_get (void *v, OtpContext *ctx) +{ + return otp_get_internal (v, ctx, 1); +} + +/* + * Get and don't lock. + */ + +int +otp_simple_get (void *v, OtpContext *ctx) +{ + return otp_get_internal (v, ctx, 0); +} + +/* + * Write this entry to the database. + */ + +int +otp_put (void *v, OtpContext *ctx) +{ + DBM *dbm = (DBM *)v; + datum dat, key; + char buf[1024], *p; + time_t zero = 0; + size_t len, rem; + + key.dsize = strlen(ctx->user); + key.dptr = ctx->user; + + p = buf; + rem = sizeof(buf); + + if (rem < sizeof(zero)) + return -1; + memcpy (p, &zero, sizeof(zero)); + p += sizeof(zero); + rem -= sizeof(zero); + len = strlen(ctx->alg->name) + 1; + + if (rem < len) + return -1; + strlcpy (p, ctx->alg->name, rem); + p += len; + rem -= len; + + if (rem < 4) + return -1; + { + unsigned char *up = (unsigned char *)p; + *up++ = (ctx->n >> 24) & 0xFF; + *up++ = (ctx->n >> 16) & 0xFF; + *up++ = (ctx->n >> 8) & 0xFF; + *up++ = (ctx->n >> 0) & 0xFF; + } + p += 4; + rem -= 4; + + if (rem < OTPKEYSIZE) + return -1; + memcpy (p, ctx->key, OTPKEYSIZE); + p += OTPKEYSIZE; + rem -= OTPKEYSIZE; + + len = strlen(ctx->seed) + 1; + if (rem < len) + return -1; + strlcpy (p, ctx->seed, rem); + p += len; + rem -= len; + dat.dptr = buf; + dat.dsize = p - buf; + return dbm_store (dbm, key, dat, DBM_REPLACE); +} diff --git a/lib/vers/make-print-version.c b/lib/otp/otp_locl.h similarity index 54% rename from lib/vers/make-print-version.c rename to lib/otp/otp_locl.h index 6601b040f070..29b455eca424 100644 --- a/lib/vers/make-print-version.c +++ b/lib/otp/otp_locl.h @@ -1,76 +1,70 @@ /* - * Copyright (c) 1998 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: make-print-version.c 18765 2006-10-21 17:37:32Z lha $"); -#endif +/* $Id$ */ #include +#include +#include #include +#include +#include +#ifdef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_SYS_STAT_H +#include +#endif +#ifdef HAVE_PWD_H +#include +#endif +#ifdef HAVE_FCNTL_H +#include +#endif +#ifdef HAVE_UNISTD_H +#include +#endif +#ifdef HAVE_IO_H +#include +#endif -#ifdef KRB5 -extern const char *heimdal_version; -#endif -#ifdef KRB4 -extern const char *krb4_version; -#endif -#include +#include -int -main(int argc, char **argv) -{ - FILE *f; - if(argc != 2) - return 1; - if (strcmp(argv[1], "--version") == 0) { - printf("some version"); - return 0; - } - f = fopen(argv[1], "w"); - if(f == NULL) - return 1; - fprintf(f, "#define VERSIONLIST \""); -#ifdef KRB5 - fprintf(f, "%s", heimdal_version); -#endif -#ifdef KRB4 -#ifdef KRB5 - fprintf(f, ", "); -#endif - fprintf(f, "%s", krb4_version); -#endif - fprintf(f, "\"\n"); - fclose(f); - return 0; -} +#include + +#include + +#define OTPKEYS "/.otpkeys" + +#define OTP_DB SYSCONFDIR "/otp" +#define OTP_DB_LOCK SYSCONFDIR "/otp-lock" diff --git a/lib/otp/otp_md.c b/lib/otp/otp_md.c new file mode 100644 index 000000000000..1d6fe9594373 --- /dev/null +++ b/lib/otp/otp_md.c @@ -0,0 +1,231 @@ +/* + * Copyright (c) 1995 - 2003 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#define HC_DEPRECATED_CRYPTO + +#include "config.h" + +#include "otp_locl.h" + +#include "otp_md.h" +#include "crypto-headers.h" + +/* + * Compress len bytes from md into key + */ + +static void +compressmd (OtpKey key, unsigned char *md, size_t len) +{ + u_char *p = key; + + memset (p, 0, OTPKEYSIZE); + while(len) { + *p++ ^= *md++; + *p++ ^= *md++; + *p++ ^= *md++; + *p++ ^= *md++; + len -= 4; + if (p == key + OTPKEYSIZE) + p = key; + } +} + +/* + * For histerical reasons, in the OTP definition it's said that + * the result from SHA must be stored in little-endian order. See + * draft-ietf-otp-01.txt. + */ + +static void +little_endian(unsigned char *res, size_t len) +{ + unsigned char t; + size_t i; + + for (i = 0; i < len; i += 4) { + t = res[i + 0]; res[i + 0] = res[i + 3]; res[i + 3] = t; + t = res[i + 1]; res[i + 1] = res[i + 2]; res[i + 2] = t; + } +} + +static int +otp_md_init (OtpKey key, + const char *pwd, + const char *seed, + const EVP_MD *md, + int le, + unsigned char *res, + size_t ressz) +{ + EVP_MD_CTX *ctx; + char *p; + int len; + + ctx = EVP_MD_CTX_create(); + + len = strlen(pwd) + strlen(seed); + p = malloc (len + 1); + if (p == NULL) + return -1; + strlcpy (p, seed, len + 1); + strlwr (p); + strlcat (p, pwd, len + 1); + + EVP_DigestInit_ex(ctx, md, NULL); + EVP_DigestUpdate(ctx, p, len); + EVP_DigestFinal_ex(ctx, res, NULL); + + EVP_MD_CTX_destroy(ctx); + + if (le) + little_endian(res, ressz); + + free (p); + compressmd (key, res, ressz); + return 0; +} + +static int +otp_md_next (OtpKey key, + const EVP_MD *md, + int le, + unsigned char *res, + size_t ressz) +{ + EVP_MD_CTX *ctx; + + ctx = EVP_MD_CTX_create(); + + EVP_DigestInit_ex(ctx, md, NULL); + EVP_DigestUpdate(ctx, key, OTPKEYSIZE); + EVP_DigestFinal_ex(ctx, res, NULL); + + EVP_MD_CTX_destroy(ctx); + + if (le) + little_endian(res, ressz); + + compressmd (key, res, ressz); + return 0; +} + +static int +otp_md_hash (const char *data, + size_t len, + const EVP_MD *md, + int le, + unsigned char *res, + size_t ressz) +{ + EVP_MD_CTX *ctx; + ctx = EVP_MD_CTX_create(); + + EVP_DigestInit_ex(ctx, md, NULL); + EVP_DigestUpdate(ctx, data, len); + EVP_DigestFinal_ex(ctx, res, NULL); + + EVP_MD_CTX_destroy(ctx); + + if (le) + little_endian(res, ressz); + + return 0; +} + +int +otp_md4_init (OtpKey key, const char *pwd, const char *seed) +{ + unsigned char res[16]; + return otp_md_init (key, pwd, seed, EVP_md4(), 0, res, sizeof(res)); +} + +int +otp_md4_hash (const char *data, + size_t len, + unsigned char *res) +{ + return otp_md_hash (data, len, EVP_md4(), 0, res, 16); +} + +int +otp_md4_next (OtpKey key) +{ + unsigned char res[16]; + return otp_md_next (key, EVP_md4(), 0, res, sizeof(res)); +} + + +int +otp_md5_init (OtpKey key, const char *pwd, const char *seed) +{ + unsigned char res[16]; + return otp_md_init (key, pwd, seed, EVP_md5(), 0, res, sizeof(res)); +} + +int +otp_md5_hash (const char *data, + size_t len, + unsigned char *res) +{ + return otp_md_hash (data, len, EVP_md5(), 0, res, 16); +} + +int +otp_md5_next (OtpKey key) +{ + unsigned char res[16]; + return otp_md_next (key, EVP_md5(), 0, res, sizeof(res)); +} + +int +otp_sha_init (OtpKey key, const char *pwd, const char *seed) +{ + unsigned char res[20]; + return otp_md_init (key, pwd, seed, EVP_sha1(), 1, res, sizeof(res)); +} + +int +otp_sha_hash (const char *data, + size_t len, + unsigned char *res) +{ + return otp_md_hash (data, len, EVP_sha1(), 1, res, 20); +} + +int +otp_sha_next (OtpKey key) +{ + unsigned char res[20]; + return otp_md_next (key, EVP_sha1(), 1, res, sizeof(res)); +} diff --git a/lib/otp/otp_md.h b/lib/otp/otp_md.h new file mode 100644 index 000000000000..645ac1afde1b --- /dev/null +++ b/lib/otp/otp_md.h @@ -0,0 +1,46 @@ +/* + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +int otp_md4_init (OtpKey key, const char *pwd, const char *seed); +int otp_md4_hash (const char *, size_t, unsigned char *res); +int otp_md4_next (OtpKey key); + +int otp_md5_init (OtpKey key, const char *pwd, const char *seed); +int otp_md5_hash (const char *, size_t, unsigned char *res); +int otp_md5_next (OtpKey key); + +int otp_sha_init (OtpKey key, const char *pwd, const char *seed); +int otp_sha_hash (const char *, size_t, unsigned char *res); +int otp_sha_next (OtpKey key); diff --git a/lib/otp/otp_parse.c b/lib/otp/otp_parse.c new file mode 100644 index 000000000000..385f04351dad --- /dev/null +++ b/lib/otp/otp_parse.c @@ -0,0 +1,2522 @@ +/* + * Copyright (c) 1995-2000, 2005-2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +RCSID("$Id$"); +#endif + +#include "otp_locl.h" + +struct e { + const char *s; + unsigned n; +}; + +extern const struct e inv_std_dict[2048]; + +static int +cmp(const void *a, const void *b) +{ + const struct e *e1, *e2; + + e1 = (const struct e *)a; + e2 = (const struct e *)b; + return strcasecmp (e1->s, e2->s); +} + +static int +get_stdword (const char *s, void *v) +{ + struct e e, *r; + + e.s = s; + e.n = -1; + r = (struct e *) bsearch (&e, inv_std_dict, + sizeof(inv_std_dict)/sizeof(*inv_std_dict), + sizeof(*inv_std_dict), cmp); + if (r) + return r->n; + else + return -1; +} + +static void +compress (OtpKey key, unsigned wn[]) +{ + key[0] = wn[0] >> 3; + key[1] = ((wn[0] & 0x07) << 5) | (wn[1] >> 6); + key[2] = ((wn[1] & 0x3F) << 2) | (wn[2] >> 9); + key[3] = ((wn[2] >> 1) & 0xFF); + key[4] = ((wn[2] & 0x01) << 7) | (wn[3] >> 4); + key[5] = ((wn[3] & 0x0F) << 4) | (wn[4] >> 7); + key[6] = ((wn[4] & 0x7F) << 1) | (wn[5] >> 10); + key[7] = ((wn[5] >> 2) & 0xFF); +} + +static int +get_altword (const char *s, void *a) +{ + OtpAlgorithm *alg = (OtpAlgorithm *)a; + int ret; + unsigned char *res = malloc(alg->hashsize); + + if (res == NULL) + return -1; + alg->hash (s, strlen(s), res); + ret = (unsigned)(res[alg->hashsize - 1]) | + ((res[alg->hashsize - 2] & 0x03) << 8); + free (res); + return ret; +} + +static int +parse_words(unsigned wn[], + const char *str, + int (*convert)(const char *, void *), + void *arg) +{ + const unsigned char *w, *wend; + char *wcopy; + int i; + int tmp; + + w = (const unsigned char *)str; + for (i = 0; i < 6; ++i) { + while (isspace(*w)) + ++w; + wend = w; + while (isalpha (*wend)) + ++wend; + + tmp = wend - w; + wcopy = malloc(tmp + 1); + if (wcopy == NULL) + return -1; + memcpy(wcopy, w, tmp); + wcopy[tmp] = '\0'; + + tmp = (*convert)(wcopy, arg); + free(wcopy); + w = wend; + if (tmp < 0) + return -1; + wn[i] = tmp; + } + return 0; +} + +static int +otp_parse_internal (OtpKey key, const char *str, + OtpAlgorithm *alg, + int (*convert)(const char *, void *)) +{ + unsigned wn[6]; + + if (parse_words (wn, str, convert, alg)) + return -1; + compress (key, wn); + if (otp_checksum (key) != (wn[5] & 0x03)) + return -1; + return 0; +} + +int +otp_parse_stddict (OtpKey key, const char *str) +{ + return otp_parse_internal (key, str, NULL, get_stdword); +} + +int +otp_parse_altdict (OtpKey key, const char *str, OtpAlgorithm *alg) +{ + return otp_parse_internal (key, str, alg, get_altword); +} + +int +otp_parse_hex (OtpKey key, const char *s) +{ + char buf[17], *b; + int is[8]; + int i; + + b = buf; + while (*s) { + if (strchr ("0123456789ABCDEFabcdef", *s)) { + if (b - buf >= 16) + return -1; + else + *b++ = tolower((unsigned char)*s); + } + s++; + } + *b = '\0'; + if (sscanf (buf, "%2x%2x%2x%2x%2x%2x%2x%2x", + &is[0], &is[1], &is[2], &is[3], &is[4], + &is[5], &is[6], &is[7]) != 8) + return -1; + for (i = 0; i < OTPKEYSIZE; ++i) + key[i] = is[i]; + return 0; +} + +int +otp_parse (OtpKey key, const char *s, OtpAlgorithm *alg) +{ + int ret; + int dohex = 1; + + if (strncmp (s, OTP_HEXPREFIX, strlen(OTP_HEXPREFIX)) == 0) + return otp_parse_hex (key, s + strlen(OTP_HEXPREFIX)); + if (strncmp (s, OTP_WORDPREFIX, strlen(OTP_WORDPREFIX)) == 0) { + s += strlen(OTP_WORDPREFIX); + dohex = 0; + } + + ret = otp_parse_stddict (key, s); + if (ret) + ret = otp_parse_altdict (key, s, alg); + if (ret && dohex) + ret = otp_parse_hex (key, s); + return ret; +} + +const char *const std_dict[2048] = +{ "A", "ABE", "ACE", "ACT", "AD", "ADA", "ADD", +"AGO", "AID", "AIM", "AIR", "ALL", "ALP", "AM", "AMY", +"AN", "ANA", "AND", "ANN", "ANT", "ANY", "APE", "APS", +"APT", "ARC", "ARE", "ARK", "ARM", "ART", "AS", "ASH", +"ASK", "AT", "ATE", "AUG", "AUK", "AVE", "AWE", "AWK", +"AWL", "AWN", "AX", "AYE", "BAD", "BAG", "BAH", "BAM", +"BAN", "BAR", "BAT", "BAY", "BE", "BED", "BEE", "BEG", +"BEN", "BET", "BEY", "BIB", "BID", "BIG", "BIN", "BIT", +"BOB", "BOG", "BON", "BOO", "BOP", "BOW", "BOY", "BUB", +"BUD", "BUG", "BUM", "BUN", "BUS", "BUT", "BUY", "BY", +"BYE", "CAB", "CAL", "CAM", "CAN", "CAP", "CAR", "CAT", +"CAW", "COD", "COG", "COL", "CON", "COO", "COP", "COT", +"COW", "COY", "CRY", "CUB", "CUE", "CUP", "CUR", "CUT", +"DAB", "DAD", "DAM", "DAN", "DAR", "DAY", "DEE", "DEL", +"DEN", "DES", "DEW", "DID", "DIE", "DIG", "DIN", "DIP", +"DO", "DOE", "DOG", "DON", "DOT", "DOW", "DRY", "DUB", +"DUD", "DUE", "DUG", "DUN", "EAR", "EAT", "ED", "EEL", +"EGG", "EGO", "ELI", "ELK", "ELM", "ELY", "EM", "END", +"EST", "ETC", "EVA", "EVE", "EWE", "EYE", "FAD", "FAN", +"FAR", "FAT", "FAY", "FED", "FEE", "FEW", "FIB", "FIG", +"FIN", "FIR", "FIT", "FLO", "FLY", "FOE", "FOG", "FOR", +"FRY", "FUM", "FUN", "FUR", "GAB", "GAD", "GAG", "GAL", +"GAM", "GAP", "GAS", "GAY", "GEE", "GEL", "GEM", "GET", +"GIG", "GIL", "GIN", "GO", "GOT", "GUM", "GUN", "GUS", +"GUT", "GUY", "GYM", "GYP", "HA", "HAD", "HAL", "HAM", +"HAN", "HAP", "HAS", "HAT", "HAW", "HAY", "HE", "HEM", +"HEN", "HER", "HEW", "HEY", "HI", "HID", "HIM", "HIP", +"HIS", "HIT", "HO", "HOB", "HOC", "HOE", "HOG", "HOP", +"HOT", "HOW", "HUB", "HUE", "HUG", "HUH", "HUM", "HUT", +"I", "ICY", "IDA", "IF", "IKE", "ILL", "INK", "INN", +"IO", "ION", "IQ", "IRA", "IRE", "IRK", "IS", "IT", +"ITS", "IVY", "JAB", "JAG", "JAM", "JAN", "JAR", "JAW", +"JAY", "JET", "JIG", "JIM", "JO", "JOB", "JOE", "JOG", +"JOT", "JOY", "JUG", "JUT", "KAY", "KEG", "KEN", "KEY", +"KID", "KIM", "KIN", "KIT", "LA", "LAB", "LAC", "LAD", +"LAG", "LAM", "LAP", "LAW", "LAY", "LEA", "LED", "LEE", +"LEG", "LEN", "LEO", "LET", "LEW", "LID", "LIE", "LIN", +"LIP", "LIT", "LO", "LOB", "LOG", "LOP", "LOS", "LOT", +"LOU", "LOW", "LOY", "LUG", "LYE", "MA", "MAC", "MAD", +"MAE", "MAN", "MAO", "MAP", "MAT", "MAW", "MAY", "ME", +"MEG", "MEL", "MEN", "MET", "MEW", "MID", "MIN", "MIT", +"MOB", "MOD", "MOE", "MOO", "MOP", "MOS", "MOT", "MOW", +"MUD", "MUG", "MUM", "MY", "NAB", "NAG", "NAN", "NAP", +"NAT", "NAY", "NE", "NED", "NEE", "NET", "NEW", "NIB", +"NIL", "NIP", "NIT", "NO", "NOB", "NOD", "NON", "NOR", +"NOT", "NOV", "NOW", "NU", "NUN", "NUT", "O", "OAF", +"OAK", "OAR", "OAT", "ODD", "ODE", "OF", "OFF", "OFT", +"OH", "OIL", "OK", "OLD", "ON", "ONE", "OR", "ORB", +"ORE", "ORR", "OS", "OTT", "OUR", "OUT", "OVA", "OW", +"OWE", "OWL", "OWN", "OX", "PA", "PAD", "PAL", "PAM", +"PAN", "PAP", "PAR", "PAT", "PAW", "PAY", "PEA", "PEG", +"PEN", "PEP", "PER", "PET", "PEW", "PHI", "PI", "PIE", +"PIN", "PIT", "PLY", "PO", "POD", "POE", "POP", "POT", +"POW", "PRO", "PRY", "PUB", "PUG", "PUN", "PUP", "PUT", +"QUO", "RAG", "RAM", "RAN", "RAP", "RAT", "RAW", "RAY", +"REB", "RED", "REP", "RET", "RIB", "RID", "RIG", "RIM", +"RIO", "RIP", "ROB", "ROD", "ROE", "RON", "ROT", "ROW", +"ROY", "RUB", "RUE", "RUG", "RUM", "RUN", "RYE", "SAC", +"SAD", "SAG", "SAL", "SAM", "SAN", "SAP", "SAT", "SAW", +"SAY", "SEA", "SEC", "SEE", "SEN", "SET", "SEW", "SHE", +"SHY", "SIN", "SIP", "SIR", "SIS", "SIT", "SKI", "SKY", +"SLY", "SO", "SOB", "SOD", "SON", "SOP", "SOW", "SOY", +"SPA", "SPY", "SUB", "SUD", "SUE", "SUM", "SUN", "SUP", +"TAB", "TAD", "TAG", "TAN", "TAP", "TAR", "TEA", "TED", +"TEE", "TEN", "THE", "THY", "TIC", "TIE", "TIM", "TIN", +"TIP", "TO", "TOE", "TOG", "TOM", "TON", "TOO", "TOP", +"TOW", "TOY", "TRY", "TUB", "TUG", "TUM", "TUN", "TWO", +"UN", "UP", "US", "USE", "VAN", "VAT", "VET", "VIE", +"WAD", "WAG", "WAR", "WAS", "WAY", "WE", "WEB", "WED", +"WEE", "WET", "WHO", "WHY", "WIN", "WIT", "WOK", "WON", +"WOO", "WOW", "WRY", "WU", "YAM", "YAP", "YAW", "YE", +"YEA", "YES", "YET", "YOU", "ABED", "ABEL", "ABET", "ABLE", +"ABUT", "ACHE", "ACID", "ACME", "ACRE", "ACTA", "ACTS", "ADAM", +"ADDS", "ADEN", "AFAR", "AFRO", "AGEE", "AHEM", "AHOY", "AIDA", +"AIDE", "AIDS", "AIRY", "AJAR", "AKIN", "ALAN", "ALEC", "ALGA", +"ALIA", "ALLY", "ALMA", "ALOE", "ALSO", "ALTO", "ALUM", "ALVA", +"AMEN", "AMES", "AMID", "AMMO", "AMOK", "AMOS", "AMRA", "ANDY", +"ANEW", "ANNA", "ANNE", "ANTE", "ANTI", "AQUA", "ARAB", "ARCH", +"AREA", "ARGO", "ARID", "ARMY", "ARTS", "ARTY", "ASIA", "ASKS", +"ATOM", "AUNT", "AURA", "AUTO", "AVER", "AVID", "AVIS", "AVON", +"AVOW", "AWAY", "AWRY", "BABE", "BABY", "BACH", "BACK", "BADE", +"BAIL", "BAIT", "BAKE", "BALD", "BALE", "BALI", "BALK", "BALL", +"BALM", "BAND", "BANE", "BANG", "BANK", "BARB", "BARD", "BARE", +"BARK", "BARN", "BARR", "BASE", "BASH", "BASK", "BASS", "BATE", +"BATH", "BAWD", "BAWL", "BEAD", "BEAK", "BEAM", "BEAN", "BEAR", +"BEAT", "BEAU", "BECK", "BEEF", "BEEN", "BEER", "BEET", "BELA", +"BELL", "BELT", "BEND", "BENT", "BERG", "BERN", "BERT", "BESS", +"BEST", "BETA", "BETH", "BHOY", "BIAS", "BIDE", "BIEN", "BILE", +"BILK", "BILL", "BIND", "BING", "BIRD", "BITE", "BITS", "BLAB", +"BLAT", "BLED", "BLEW", "BLOB", "BLOC", "BLOT", "BLOW", "BLUE", +"BLUM", "BLUR", "BOAR", "BOAT", "BOCA", "BOCK", "BODE", "BODY", +"BOGY", "BOHR", "BOIL", "BOLD", "BOLO", "BOLT", "BOMB", "BONA", +"BOND", "BONE", "BONG", "BONN", "BONY", "BOOK", "BOOM", "BOON", +"BOOT", "BORE", "BORG", "BORN", "BOSE", "BOSS", "BOTH", "BOUT", +"BOWL", "BOYD", "BRAD", "BRAE", "BRAG", "BRAN", "BRAY", "BRED", +"BREW", "BRIG", "BRIM", "BROW", "BUCK", "BUDD", "BUFF", "BULB", +"BULK", "BULL", "BUNK", "BUNT", "BUOY", "BURG", "BURL", "BURN", +"BURR", "BURT", "BURY", "BUSH", "BUSS", "BUST", "BUSY", "BYTE", +"CADY", "CAFE", "CAGE", "CAIN", "CAKE", "CALF", "CALL", "CALM", +"CAME", "CANE", "CANT", "CARD", "CARE", "CARL", "CARR", "CART", +"CASE", "CASH", "CASK", "CAST", "CAVE", "CEIL", "CELL", "CENT", +"CERN", "CHAD", "CHAR", "CHAT", "CHAW", "CHEF", "CHEN", "CHEW", +"CHIC", "CHIN", "CHOU", "CHOW", "CHUB", "CHUG", "CHUM", "CITE", +"CITY", "CLAD", "CLAM", "CLAN", "CLAW", "CLAY", "CLOD", "CLOG", +"CLOT", "CLUB", "CLUE", "COAL", "COAT", "COCA", "COCK", "COCO", +"CODA", "CODE", "CODY", "COED", "COIL", "COIN", "COKE", "COLA", +"COLD", "COLT", "COMA", "COMB", "COME", "COOK", "COOL", "COON", +"COOT", "CORD", "CORE", "CORK", "CORN", "COST", "COVE", "COWL", +"CRAB", "CRAG", "CRAM", "CRAY", "CREW", "CRIB", "CROW", "CRUD", +"CUBA", "CUBE", "CUFF", "CULL", "CULT", "CUNY", "CURB", "CURD", +"CURE", "CURL", "CURT", "CUTS", "DADE", "DALE", "DAME", "DANA", +"DANE", "DANG", "DANK", "DARE", "DARK", "DARN", "DART", "DASH", +"DATA", "DATE", "DAVE", "DAVY", "DAWN", "DAYS", "DEAD", "DEAF", +"DEAL", "DEAN", "DEAR", "DEBT", "DECK", "DEED", "DEEM", "DEER", +"DEFT", "DEFY", "DELL", "DENT", "DENY", "DESK", "DIAL", "DICE", +"DIED", "DIET", "DIME", "DINE", "DING", "DINT", "DIRE", "DIRT", +"DISC", "DISH", "DISK", "DIVE", "DOCK", "DOES", "DOLE", "DOLL", +"DOLT", "DOME", "DONE", "DOOM", "DOOR", "DORA", "DOSE", "DOTE", +"DOUG", "DOUR", "DOVE", "DOWN", "DRAB", "DRAG", "DRAM", "DRAW", +"DREW", "DRUB", "DRUG", "DRUM", "DUAL", "DUCK", "DUCT", "DUEL", +"DUET", "DUKE", "DULL", "DUMB", "DUNE", "DUNK", "DUSK", "DUST", +"DUTY", "EACH", "EARL", "EARN", "EASE", "EAST", "EASY", "EBEN", +"ECHO", "EDDY", "EDEN", "EDGE", "EDGY", "EDIT", "EDNA", "EGAN", +"ELAN", "ELBA", "ELLA", "ELSE", "EMIL", "EMIT", "EMMA", "ENDS", +"ERIC", "EROS", "EVEN", "EVER", "EVIL", "EYED", "FACE", "FACT", +"FADE", "FAIL", "FAIN", "FAIR", "FAKE", "FALL", "FAME", "FANG", +"FARM", "FAST", "FATE", "FAWN", "FEAR", "FEAT", "FEED", "FEEL", +"FEET", "FELL", "FELT", "FEND", "FERN", "FEST", "FEUD", "FIEF", +"FIGS", "FILE", "FILL", "FILM", "FIND", "FINE", "FINK", "FIRE", +"FIRM", "FISH", "FISK", "FIST", "FITS", "FIVE", "FLAG", "FLAK", +"FLAM", "FLAT", "FLAW", "FLEA", "FLED", "FLEW", "FLIT", "FLOC", +"FLOG", "FLOW", "FLUB", "FLUE", "FOAL", "FOAM", "FOGY", "FOIL", +"FOLD", "FOLK", "FOND", "FONT", "FOOD", "FOOL", "FOOT", "FORD", +"FORE", "FORK", "FORM", "FORT", "FOSS", "FOUL", "FOUR", "FOWL", +"FRAU", "FRAY", "FRED", "FREE", "FRET", "FREY", "FROG", "FROM", +"FUEL", "FULL", "FUME", "FUND", "FUNK", "FURY", "FUSE", "FUSS", +"GAFF", "GAGE", "GAIL", "GAIN", "GAIT", "GALA", "GALE", "GALL", +"GALT", "GAME", "GANG", "GARB", "GARY", "GASH", "GATE", "GAUL", +"GAUR", "GAVE", "GAWK", "GEAR", "GELD", "GENE", "GENT", "GERM", +"GETS", "GIBE", "GIFT", "GILD", "GILL", "GILT", "GINA", "GIRD", +"GIRL", "GIST", "GIVE", "GLAD", "GLEE", "GLEN", "GLIB", "GLOB", +"GLOM", "GLOW", "GLUE", "GLUM", "GLUT", "GOAD", "GOAL", "GOAT", +"GOER", "GOES", "GOLD", "GOLF", "GONE", "GONG", "GOOD", "GOOF", +"GORE", "GORY", "GOSH", "GOUT", "GOWN", "GRAB", "GRAD", "GRAY", +"GREG", "GREW", "GREY", "GRID", "GRIM", "GRIN", "GRIT", "GROW", +"GRUB", "GULF", "GULL", "GUNK", "GURU", "GUSH", "GUST", "GWEN", +"GWYN", "HAAG", "HAAS", "HACK", "HAIL", "HAIR", "HALE", "HALF", +"HALL", "HALO", "HALT", "HAND", "HANG", "HANK", "HANS", "HARD", +"HARK", "HARM", "HART", "HASH", "HAST", "HATE", "HATH", "HAUL", +"HAVE", "HAWK", "HAYS", "HEAD", "HEAL", "HEAR", "HEAT", "HEBE", +"HECK", "HEED", "HEEL", "HEFT", "HELD", "HELL", "HELM", "HERB", +"HERD", "HERE", "HERO", "HERS", "HESS", "HEWN", "HICK", "HIDE", +"HIGH", "HIKE", "HILL", "HILT", "HIND", "HINT", "HIRE", "HISS", +"HIVE", "HOBO", "HOCK", "HOFF", "HOLD", "HOLE", "HOLM", "HOLT", +"HOME", "HONE", "HONK", "HOOD", "HOOF", "HOOK", "HOOT", "HORN", +"HOSE", "HOST", "HOUR", "HOVE", "HOWE", "HOWL", "HOYT", "HUCK", +"HUED", "HUFF", "HUGE", "HUGH", "HUGO", "HULK", "HULL", "HUNK", +"HUNT", "HURD", "HURL", "HURT", "HUSH", "HYDE", "HYMN", "IBIS", +"ICON", "IDEA", "IDLE", "IFFY", "INCA", "INCH", "INTO", "IONS", +"IOTA", "IOWA", "IRIS", "IRMA", "IRON", "ISLE", "ITCH", "ITEM", +"IVAN", "JACK", "JADE", "JAIL", "JAKE", "JANE", "JAVA", "JEAN", +"JEFF", "JERK", "JESS", "JEST", "JIBE", "JILL", "JILT", "JIVE", +"JOAN", "JOBS", "JOCK", "JOEL", "JOEY", "JOHN", "JOIN", "JOKE", +"JOLT", "JOVE", "JUDD", "JUDE", "JUDO", "JUDY", "JUJU", "JUKE", +"JULY", "JUNE", "JUNK", "JUNO", "JURY", "JUST", "JUTE", "KAHN", +"KALE", "KANE", "KANT", "KARL", "KATE", "KEEL", "KEEN", "KENO", +"KENT", "KERN", "KERR", "KEYS", "KICK", "KILL", "KIND", "KING", +"KIRK", "KISS", "KITE", "KLAN", "KNEE", "KNEW", "KNIT", "KNOB", +"KNOT", "KNOW", "KOCH", "KONG", "KUDO", "KURD", "KURT", "KYLE", +"LACE", "LACK", "LACY", "LADY", "LAID", "LAIN", "LAIR", "LAKE", +"LAMB", "LAME", "LAND", "LANE", "LANG", "LARD", "LARK", "LASS", +"LAST", "LATE", "LAUD", "LAVA", "LAWN", "LAWS", "LAYS", "LEAD", +"LEAF", "LEAK", "LEAN", "LEAR", "LEEK", "LEER", "LEFT", "LEND", +"LENS", "LENT", "LEON", "LESK", "LESS", "LEST", "LETS", "LIAR", +"LICE", "LICK", "LIED", "LIEN", "LIES", "LIEU", "LIFE", "LIFT", +"LIKE", "LILA", "LILT", "LILY", "LIMA", "LIMB", "LIME", "LIND", +"LINE", "LINK", "LINT", "LION", "LISA", "LIST", "LIVE", "LOAD", +"LOAF", "LOAM", "LOAN", "LOCK", "LOFT", "LOGE", "LOIS", "LOLA", +"LONE", "LONG", "LOOK", "LOON", "LOOT", "LORD", "LORE", "LOSE", +"LOSS", "LOST", "LOUD", "LOVE", "LOWE", "LUCK", "LUCY", "LUGE", +"LUKE", "LULU", "LUND", "LUNG", "LURA", "LURE", "LURK", "LUSH", +"LUST", "LYLE", "LYNN", "LYON", "LYRA", "MACE", "MADE", "MAGI", +"MAID", "MAIL", "MAIN", "MAKE", "MALE", "MALI", "MALL", "MALT", +"MANA", "MANN", "MANY", "MARC", "MARE", "MARK", "MARS", "MART", +"MARY", "MASH", "MASK", "MASS", "MAST", "MATE", "MATH", "MAUL", +"MAYO", "MEAD", "MEAL", "MEAN", "MEAT", "MEEK", "MEET", "MELD", +"MELT", "MEMO", "MEND", "MENU", "MERT", "MESH", "MESS", "MICE", +"MIKE", "MILD", "MILE", "MILK", "MILL", "MILT", "MIMI", "MIND", +"MINE", "MINI", "MINK", "MINT", "MIRE", "MISS", "MIST", "MITE", +"MITT", "MOAN", "MOAT", "MOCK", "MODE", "MOLD", "MOLE", "MOLL", +"MOLT", "MONA", "MONK", "MONT", "MOOD", "MOON", "MOOR", "MOOT", +"MORE", "MORN", "MORT", "MOSS", "MOST", "MOTH", "MOVE", "MUCH", +"MUCK", "MUDD", "MUFF", "MULE", "MULL", "MURK", "MUSH", "MUST", +"MUTE", "MUTT", "MYRA", "MYTH", "NAGY", "NAIL", "NAIR", "NAME", +"NARY", "NASH", "NAVE", "NAVY", "NEAL", "NEAR", "NEAT", "NECK", +"NEED", "NEIL", "NELL", "NEON", "NERO", "NESS", "NEST", "NEWS", +"NEWT", "NIBS", "NICE", "NICK", "NILE", "NINA", "NINE", "NOAH", +"NODE", "NOEL", "NOLL", "NONE", "NOOK", "NOON", "NORM", "NOSE", +"NOTE", "NOUN", "NOVA", "NUDE", "NULL", "NUMB", "OATH", "OBEY", +"OBOE", "ODIN", "OHIO", "OILY", "OINT", "OKAY", "OLAF", "OLDY", +"OLGA", "OLIN", "OMAN", "OMEN", "OMIT", "ONCE", "ONES", "ONLY", +"ONTO", "ONUS", "ORAL", "ORGY", "OSLO", "OTIS", "OTTO", "OUCH", +"OUST", "OUTS", "OVAL", "OVEN", "OVER", "OWLY", "OWNS", "QUAD", +"QUIT", "QUOD", "RACE", "RACK", "RACY", "RAFT", "RAGE", "RAID", +"RAIL", "RAIN", "RAKE", "RANK", "RANT", "RARE", "RASH", "RATE", +"RAVE", "RAYS", "READ", "REAL", "REAM", "REAR", "RECK", "REED", +"REEF", "REEK", "REEL", "REID", "REIN", "RENA", "REND", "RENT", +"REST", "RICE", "RICH", "RICK", "RIDE", "RIFT", "RILL", "RIME", +"RING", "RINK", "RISE", "RISK", "RITE", "ROAD", "ROAM", "ROAR", +"ROBE", "ROCK", "RODE", "ROIL", "ROLL", "ROME", "ROOD", "ROOF", +"ROOK", "ROOM", "ROOT", "ROSA", "ROSE", "ROSS", "ROSY", "ROTH", +"ROUT", "ROVE", "ROWE", "ROWS", "RUBE", "RUBY", "RUDE", "RUDY", +"RUIN", "RULE", "RUNG", "RUNS", "RUNT", "RUSE", "RUSH", "RUSK", +"RUSS", "RUST", "RUTH", "SACK", "SAFE", "SAGE", "SAID", "SAIL", +"SALE", "SALK", "SALT", "SAME", "SAND", "SANE", "SANG", "SANK", +"SARA", "SAUL", "SAVE", "SAYS", "SCAN", "SCAR", "SCAT", "SCOT", +"SEAL", "SEAM", "SEAR", "SEAT", "SEED", "SEEK", "SEEM", "SEEN", +"SEES", "SELF", "SELL", "SEND", "SENT", "SETS", "SEWN", "SHAG", +"SHAM", "SHAW", "SHAY", "SHED", "SHIM", "SHIN", "SHOD", "SHOE", +"SHOT", "SHOW", "SHUN", "SHUT", "SICK", "SIDE", "SIFT", "SIGH", +"SIGN", "SILK", "SILL", "SILO", "SILT", "SINE", "SING", "SINK", +"SIRE", "SITE", "SITS", "SITU", "SKAT", "SKEW", "SKID", "SKIM", +"SKIN", "SKIT", "SLAB", "SLAM", "SLAT", "SLAY", "SLED", "SLEW", +"SLID", "SLIM", "SLIT", "SLOB", "SLOG", "SLOT", "SLOW", "SLUG", +"SLUM", "SLUR", "SMOG", "SMUG", "SNAG", "SNOB", "SNOW", "SNUB", +"SNUG", "SOAK", "SOAR", "SOCK", "SODA", "SOFA", "SOFT", "SOIL", +"SOLD", "SOME", "SONG", "SOON", "SOOT", "SORE", "SORT", "SOUL", +"SOUR", "SOWN", "STAB", "STAG", "STAN", "STAR", "STAY", "STEM", +"STEW", "STIR", "STOW", "STUB", "STUN", "SUCH", "SUDS", "SUIT", +"SULK", "SUMS", "SUNG", "SUNK", "SURE", "SURF", "SWAB", "SWAG", +"SWAM", "SWAN", "SWAT", "SWAY", "SWIM", "SWUM", "TACK", "TACT", +"TAIL", "TAKE", "TALE", "TALK", "TALL", "TANK", "TASK", "TATE", +"TAUT", "TEAL", "TEAM", "TEAR", "TECH", "TEEM", "TEEN", "TEET", +"TELL", "TEND", "TENT", "TERM", "TERN", "TESS", "TEST", "THAN", +"THAT", "THEE", "THEM", "THEN", "THEY", "THIN", "THIS", "THUD", +"THUG", "TICK", "TIDE", "TIDY", "TIED", "TIER", "TILE", "TILL", +"TILT", "TIME", "TINA", "TINE", "TINT", "TINY", "TIRE", "TOAD", +"TOGO", "TOIL", "TOLD", "TOLL", "TONE", "TONG", "TONY", "TOOK", +"TOOL", "TOOT", "TORE", "TORN", "TOTE", "TOUR", "TOUT", "TOWN", +"TRAG", "TRAM", "TRAY", "TREE", "TREK", "TRIG", "TRIM", "TRIO", +"TROD", "TROT", "TROY", "TRUE", "TUBA", "TUBE", "TUCK", "TUFT", +"TUNA", "TUNE", "TUNG", "TURF", "TURN", "TUSK", "TWIG", "TWIN", +"TWIT", "ULAN", "UNIT", "URGE", "USED", "USER", "USES", "UTAH", +"VAIL", "VAIN", "VALE", "VARY", "VASE", "VAST", "VEAL", "VEDA", +"VEIL", "VEIN", "VEND", "VENT", "VERB", "VERY", "VETO", "VICE", +"VIEW", "VINE", "VISE", "VOID", "VOLT", "VOTE", "WACK", "WADE", +"WAGE", "WAIL", "WAIT", "WAKE", "WALE", "WALK", "WALL", "WALT", +"WAND", "WANE", "WANG", "WANT", "WARD", "WARM", "WARN", "WART", +"WASH", "WAST", "WATS", "WATT", "WAVE", "WAVY", "WAYS", "WEAK", +"WEAL", "WEAN", "WEAR", "WEED", "WEEK", "WEIR", "WELD", "WELL", +"WELT", "WENT", "WERE", "WERT", "WEST", "WHAM", "WHAT", "WHEE", +"WHEN", "WHET", "WHOA", "WHOM", "WICK", "WIFE", "WILD", "WILL", +"WIND", "WINE", "WING", "WINK", "WINO", "WIRE", "WISE", "WISH", +"WITH", "WOLF", "WONT", "WOOD", "WOOL", "WORD", "WORE", "WORK", +"WORM", "WORN", "WOVE", "WRIT", "WYNN", "YALE", "YANG", "YANK", +"YARD", "YARN", "YAWL", "YAWN", "YEAH", "YEAR", "YELL", "YOGA", +"YOKE" }; + +const struct e inv_std_dict[2048] = { +{"A", 0}, +{"ABE", 1}, +{"ABED", 571}, +{"ABEL", 572}, +{"ABET", 573}, +{"ABLE", 574}, +{"ABUT", 575}, +{"ACE", 2}, +{"ACHE", 576}, +{"ACID", 577}, +{"ACME", 578}, +{"ACRE", 579}, +{"ACT", 3}, +{"ACTA", 580}, +{"ACTS", 581}, +{"AD", 4}, +{"ADA", 5}, +{"ADAM", 582}, +{"ADD", 6}, +{"ADDS", 583}, +{"ADEN", 584}, +{"AFAR", 585}, +{"AFRO", 586}, +{"AGEE", 587}, +{"AGO", 7}, +{"AHEM", 588}, +{"AHOY", 589}, +{"AID", 8}, +{"AIDA", 590}, +{"AIDE", 591}, +{"AIDS", 592}, +{"AIM", 9}, +{"AIR", 10}, +{"AIRY", 593}, +{"AJAR", 594}, +{"AKIN", 595}, +{"ALAN", 596}, +{"ALEC", 597}, +{"ALGA", 598}, +{"ALIA", 599}, +{"ALL", 11}, +{"ALLY", 600}, +{"ALMA", 601}, +{"ALOE", 602}, +{"ALP", 12}, +{"ALSO", 603}, +{"ALTO", 604}, +{"ALUM", 605}, +{"ALVA", 606}, +{"AM", 13}, +{"AMEN", 607}, +{"AMES", 608}, +{"AMID", 609}, +{"AMMO", 610}, +{"AMOK", 611}, +{"AMOS", 612}, +{"AMRA", 613}, +{"AMY", 14}, +{"AN", 15}, +{"ANA", 16}, +{"AND", 17}, +{"ANDY", 614}, +{"ANEW", 615}, +{"ANN", 18}, +{"ANNA", 616}, +{"ANNE", 617}, +{"ANT", 19}, +{"ANTE", 618}, +{"ANTI", 619}, +{"ANY", 20}, +{"APE", 21}, +{"APS", 22}, +{"APT", 23}, +{"AQUA", 620}, +{"ARAB", 621}, +{"ARC", 24}, +{"ARCH", 622}, +{"ARE", 25}, +{"AREA", 623}, +{"ARGO", 624}, +{"ARID", 625}, +{"ARK", 26}, +{"ARM", 27}, +{"ARMY", 626}, +{"ART", 28}, +{"ARTS", 627}, +{"ARTY", 628}, +{"AS", 29}, +{"ASH", 30}, +{"ASIA", 629}, +{"ASK", 31}, +{"ASKS", 630}, +{"AT", 32}, +{"ATE", 33}, +{"ATOM", 631}, +{"AUG", 34}, +{"AUK", 35}, +{"AUNT", 632}, +{"AURA", 633}, +{"AUTO", 634}, +{"AVE", 36}, +{"AVER", 635}, +{"AVID", 636}, +{"AVIS", 637}, +{"AVON", 638}, +{"AVOW", 639}, +{"AWAY", 640}, +{"AWE", 37}, +{"AWK", 38}, +{"AWL", 39}, +{"AWN", 40}, +{"AWRY", 641}, +{"AX", 41}, +{"AYE", 42}, +{"BABE", 642}, +{"BABY", 643}, +{"BACH", 644}, +{"BACK", 645}, +{"BAD", 43}, +{"BADE", 646}, +{"BAG", 44}, +{"BAH", 45}, +{"BAIL", 647}, +{"BAIT", 648}, +{"BAKE", 649}, +{"BALD", 650}, +{"BALE", 651}, +{"BALI", 652}, +{"BALK", 653}, +{"BALL", 654}, +{"BALM", 655}, +{"BAM", 46}, +{"BAN", 47}, +{"BAND", 656}, +{"BANE", 657}, +{"BANG", 658}, +{"BANK", 659}, +{"BAR", 48}, +{"BARB", 660}, +{"BARD", 661}, +{"BARE", 662}, +{"BARK", 663}, +{"BARN", 664}, +{"BARR", 665}, +{"BASE", 666}, +{"BASH", 667}, +{"BASK", 668}, +{"BASS", 669}, +{"BAT", 49}, +{"BATE", 670}, +{"BATH", 671}, +{"BAWD", 672}, +{"BAWL", 673}, +{"BAY", 50}, +{"BE", 51}, +{"BEAD", 674}, +{"BEAK", 675}, +{"BEAM", 676}, +{"BEAN", 677}, +{"BEAR", 678}, +{"BEAT", 679}, +{"BEAU", 680}, +{"BECK", 681}, +{"BED", 52}, +{"BEE", 53}, +{"BEEF", 682}, +{"BEEN", 683}, +{"BEER", 684}, +{"BEET", 685}, +{"BEG", 54}, +{"BELA", 686}, +{"BELL", 687}, +{"BELT", 688}, +{"BEN", 55}, +{"BEND", 689}, +{"BENT", 690}, +{"BERG", 691}, +{"BERN", 692}, +{"BERT", 693}, +{"BESS", 694}, +{"BEST", 695}, +{"BET", 56}, +{"BETA", 696}, +{"BETH", 697}, +{"BEY", 57}, +{"BHOY", 698}, +{"BIAS", 699}, +{"BIB", 58}, +{"BID", 59}, +{"BIDE", 700}, +{"BIEN", 701}, +{"BIG", 60}, +{"BILE", 702}, +{"BILK", 703}, +{"BILL", 704}, +{"BIN", 61}, +{"BIND", 705}, +{"BING", 706}, +{"BIRD", 707}, +{"BIT", 62}, +{"BITE", 708}, +{"BITS", 709}, +{"BLAB", 710}, +{"BLAT", 711}, +{"BLED", 712}, +{"BLEW", 713}, +{"BLOB", 714}, +{"BLOC", 715}, +{"BLOT", 716}, +{"BLOW", 717}, +{"BLUE", 718}, +{"BLUM", 719}, +{"BLUR", 720}, +{"BOAR", 721}, +{"BOAT", 722}, +{"BOB", 63}, +{"BOCA", 723}, +{"BOCK", 724}, +{"BODE", 725}, +{"BODY", 726}, +{"BOG", 64}, +{"BOGY", 727}, +{"BOHR", 728}, +{"BOIL", 729}, +{"BOLD", 730}, +{"BOLO", 731}, +{"BOLT", 732}, +{"BOMB", 733}, +{"BON", 65}, +{"BONA", 734}, +{"BOND", 735}, +{"BONE", 736}, +{"BONG", 737}, +{"BONN", 738}, +{"BONY", 739}, +{"BOO", 66}, +{"BOOK", 740}, +{"BOOM", 741}, +{"BOON", 742}, +{"BOOT", 743}, +{"BOP", 67}, +{"BORE", 744}, +{"BORG", 745}, +{"BORN", 746}, +{"BOSE", 747}, +{"BOSS", 748}, +{"BOTH", 749}, +{"BOUT", 750}, +{"BOW", 68}, +{"BOWL", 751}, +{"BOY", 69}, +{"BOYD", 752}, +{"BRAD", 753}, +{"BRAE", 754}, +{"BRAG", 755}, +{"BRAN", 756}, +{"BRAY", 757}, +{"BRED", 758}, +{"BREW", 759}, +{"BRIG", 760}, +{"BRIM", 761}, +{"BROW", 762}, +{"BUB", 70}, +{"BUCK", 763}, +{"BUD", 71}, +{"BUDD", 764}, +{"BUFF", 765}, +{"BUG", 72}, +{"BULB", 766}, +{"BULK", 767}, +{"BULL", 768}, +{"BUM", 73}, +{"BUN", 74}, +{"BUNK", 769}, +{"BUNT", 770}, +{"BUOY", 771}, +{"BURG", 772}, +{"BURL", 773}, +{"BURN", 774}, +{"BURR", 775}, +{"BURT", 776}, +{"BURY", 777}, +{"BUS", 75}, +{"BUSH", 778}, +{"BUSS", 779}, +{"BUST", 780}, +{"BUSY", 781}, +{"BUT", 76}, +{"BUY", 77}, +{"BY", 78}, +{"BYE", 79}, +{"BYTE", 782}, +{"CAB", 80}, +{"CADY", 783}, +{"CAFE", 784}, +{"CAGE", 785}, +{"CAIN", 786}, +{"CAKE", 787}, +{"CAL", 81}, +{"CALF", 788}, +{"CALL", 789}, +{"CALM", 790}, +{"CAM", 82}, +{"CAME", 791}, +{"CAN", 83}, +{"CANE", 792}, +{"CANT", 793}, +{"CAP", 84}, +{"CAR", 85}, +{"CARD", 794}, +{"CARE", 795}, +{"CARL", 796}, +{"CARR", 797}, +{"CART", 798}, +{"CASE", 799}, +{"CASH", 800}, +{"CASK", 801}, +{"CAST", 802}, +{"CAT", 86}, +{"CAVE", 803}, +{"CAW", 87}, +{"CEIL", 804}, +{"CELL", 805}, +{"CENT", 806}, +{"CERN", 807}, +{"CHAD", 808}, +{"CHAR", 809}, +{"CHAT", 810}, +{"CHAW", 811}, +{"CHEF", 812}, +{"CHEN", 813}, +{"CHEW", 814}, +{"CHIC", 815}, +{"CHIN", 816}, +{"CHOU", 817}, +{"CHOW", 818}, +{"CHUB", 819}, +{"CHUG", 820}, +{"CHUM", 821}, +{"CITE", 822}, +{"CITY", 823}, +{"CLAD", 824}, +{"CLAM", 825}, +{"CLAN", 826}, +{"CLAW", 827}, +{"CLAY", 828}, +{"CLOD", 829}, +{"CLOG", 830}, +{"CLOT", 831}, +{"CLUB", 832}, +{"CLUE", 833}, +{"COAL", 834}, +{"COAT", 835}, +{"COCA", 836}, +{"COCK", 837}, +{"COCO", 838}, +{"COD", 88}, +{"CODA", 839}, +{"CODE", 840}, +{"CODY", 841}, +{"COED", 842}, +{"COG", 89}, +{"COIL", 843}, +{"COIN", 844}, +{"COKE", 845}, +{"COL", 90}, +{"COLA", 846}, +{"COLD", 847}, +{"COLT", 848}, +{"COMA", 849}, +{"COMB", 850}, +{"COME", 851}, +{"CON", 91}, +{"COO", 92}, +{"COOK", 852}, +{"COOL", 853}, +{"COON", 854}, +{"COOT", 855}, +{"COP", 93}, +{"CORD", 856}, +{"CORE", 857}, +{"CORK", 858}, +{"CORN", 859}, +{"COST", 860}, +{"COT", 94}, +{"COVE", 861}, +{"COW", 95}, +{"COWL", 862}, +{"COY", 96}, +{"CRAB", 863}, +{"CRAG", 864}, +{"CRAM", 865}, +{"CRAY", 866}, +{"CREW", 867}, +{"CRIB", 868}, +{"CROW", 869}, +{"CRUD", 870}, +{"CRY", 97}, +{"CUB", 98}, +{"CUBA", 871}, +{"CUBE", 872}, +{"CUE", 99}, +{"CUFF", 873}, +{"CULL", 874}, +{"CULT", 875}, +{"CUNY", 876}, +{"CUP", 100}, +{"CUR", 101}, +{"CURB", 877}, +{"CURD", 878}, +{"CURE", 879}, +{"CURL", 880}, +{"CURT", 881}, +{"CUT", 102}, +{"CUTS", 882}, +{"DAB", 103}, +{"DAD", 104}, +{"DADE", 883}, +{"DALE", 884}, +{"DAM", 105}, +{"DAME", 885}, +{"DAN", 106}, +{"DANA", 886}, +{"DANE", 887}, +{"DANG", 888}, +{"DANK", 889}, +{"DAR", 107}, +{"DARE", 890}, +{"DARK", 891}, +{"DARN", 892}, +{"DART", 893}, +{"DASH", 894}, +{"DATA", 895}, +{"DATE", 896}, +{"DAVE", 897}, +{"DAVY", 898}, +{"DAWN", 899}, +{"DAY", 108}, +{"DAYS", 900}, +{"DEAD", 901}, +{"DEAF", 902}, +{"DEAL", 903}, +{"DEAN", 904}, +{"DEAR", 905}, +{"DEBT", 906}, +{"DECK", 907}, +{"DEE", 109}, +{"DEED", 908}, +{"DEEM", 909}, +{"DEER", 910}, +{"DEFT", 911}, +{"DEFY", 912}, +{"DEL", 110}, +{"DELL", 913}, +{"DEN", 111}, +{"DENT", 914}, +{"DENY", 915}, +{"DES", 112}, +{"DESK", 916}, +{"DEW", 113}, +{"DIAL", 917}, +{"DICE", 918}, +{"DID", 114}, +{"DIE", 115}, +{"DIED", 919}, +{"DIET", 920}, +{"DIG", 116}, +{"DIME", 921}, +{"DIN", 117}, +{"DINE", 922}, +{"DING", 923}, +{"DINT", 924}, +{"DIP", 118}, +{"DIRE", 925}, +{"DIRT", 926}, +{"DISC", 927}, +{"DISH", 928}, +{"DISK", 929}, +{"DIVE", 930}, +{"DO", 119}, +{"DOCK", 931}, +{"DOE", 120}, +{"DOES", 932}, +{"DOG", 121}, +{"DOLE", 933}, +{"DOLL", 934}, +{"DOLT", 935}, +{"DOME", 936}, +{"DON", 122}, +{"DONE", 937}, +{"DOOM", 938}, +{"DOOR", 939}, +{"DORA", 940}, +{"DOSE", 941}, +{"DOT", 123}, +{"DOTE", 942}, +{"DOUG", 943}, +{"DOUR", 944}, +{"DOVE", 945}, +{"DOW", 124}, +{"DOWN", 946}, +{"DRAB", 947}, +{"DRAG", 948}, +{"DRAM", 949}, +{"DRAW", 950}, +{"DREW", 951}, +{"DRUB", 952}, +{"DRUG", 953}, +{"DRUM", 954}, +{"DRY", 125}, +{"DUAL", 955}, +{"DUB", 126}, +{"DUCK", 956}, +{"DUCT", 957}, +{"DUD", 127}, +{"DUE", 128}, +{"DUEL", 958}, +{"DUET", 959}, +{"DUG", 129}, +{"DUKE", 960}, +{"DULL", 961}, +{"DUMB", 962}, +{"DUN", 130}, +{"DUNE", 963}, +{"DUNK", 964}, +{"DUSK", 965}, +{"DUST", 966}, +{"DUTY", 967}, +{"EACH", 968}, +{"EAR", 131}, +{"EARL", 969}, +{"EARN", 970}, +{"EASE", 971}, +{"EAST", 972}, +{"EASY", 973}, +{"EAT", 132}, +{"EBEN", 974}, +{"ECHO", 975}, +{"ED", 133}, +{"EDDY", 976}, +{"EDEN", 977}, +{"EDGE", 978}, +{"EDGY", 979}, +{"EDIT", 980}, +{"EDNA", 981}, +{"EEL", 134}, +{"EGAN", 982}, +{"EGG", 135}, +{"EGO", 136}, +{"ELAN", 983}, +{"ELBA", 984}, +{"ELI", 137}, +{"ELK", 138}, +{"ELLA", 985}, +{"ELM", 139}, +{"ELSE", 986}, +{"ELY", 140}, +{"EM", 141}, +{"EMIL", 987}, +{"EMIT", 988}, +{"EMMA", 989}, +{"END", 142}, +{"ENDS", 990}, +{"ERIC", 991}, +{"EROS", 992}, +{"EST", 143}, +{"ETC", 144}, +{"EVA", 145}, +{"EVE", 146}, +{"EVEN", 993}, +{"EVER", 994}, +{"EVIL", 995}, +{"EWE", 147}, +{"EYE", 148}, +{"EYED", 996}, +{"FACE", 997}, +{"FACT", 998}, +{"FAD", 149}, +{"FADE", 999}, +{"FAIL", 1000}, +{"FAIN", 1001}, +{"FAIR", 1002}, +{"FAKE", 1003}, +{"FALL", 1004}, +{"FAME", 1005}, +{"FAN", 150}, +{"FANG", 1006}, +{"FAR", 151}, +{"FARM", 1007}, +{"FAST", 1008}, +{"FAT", 152}, +{"FATE", 1009}, +{"FAWN", 1010}, +{"FAY", 153}, +{"FEAR", 1011}, +{"FEAT", 1012}, +{"FED", 154}, +{"FEE", 155}, +{"FEED", 1013}, +{"FEEL", 1014}, +{"FEET", 1015}, +{"FELL", 1016}, +{"FELT", 1017}, +{"FEND", 1018}, +{"FERN", 1019}, +{"FEST", 1020}, +{"FEUD", 1021}, +{"FEW", 156}, +{"FIB", 157}, +{"FIEF", 1022}, +{"FIG", 158}, +{"FIGS", 1023}, +{"FILE", 1024}, +{"FILL", 1025}, +{"FILM", 1026}, +{"FIN", 159}, +{"FIND", 1027}, +{"FINE", 1028}, +{"FINK", 1029}, +{"FIR", 160}, +{"FIRE", 1030}, +{"FIRM", 1031}, +{"FISH", 1032}, +{"FISK", 1033}, +{"FIST", 1034}, +{"FIT", 161}, +{"FITS", 1035}, +{"FIVE", 1036}, +{"FLAG", 1037}, +{"FLAK", 1038}, +{"FLAM", 1039}, +{"FLAT", 1040}, +{"FLAW", 1041}, +{"FLEA", 1042}, +{"FLED", 1043}, +{"FLEW", 1044}, +{"FLIT", 1045}, +{"FLO", 162}, +{"FLOC", 1046}, +{"FLOG", 1047}, +{"FLOW", 1048}, +{"FLUB", 1049}, +{"FLUE", 1050}, +{"FLY", 163}, +{"FOAL", 1051}, +{"FOAM", 1052}, +{"FOE", 164}, +{"FOG", 165}, +{"FOGY", 1053}, +{"FOIL", 1054}, +{"FOLD", 1055}, +{"FOLK", 1056}, +{"FOND", 1057}, +{"FONT", 1058}, +{"FOOD", 1059}, +{"FOOL", 1060}, +{"FOOT", 1061}, +{"FOR", 166}, +{"FORD", 1062}, +{"FORE", 1063}, +{"FORK", 1064}, +{"FORM", 1065}, +{"FORT", 1066}, +{"FOSS", 1067}, +{"FOUL", 1068}, +{"FOUR", 1069}, +{"FOWL", 1070}, +{"FRAU", 1071}, +{"FRAY", 1072}, +{"FRED", 1073}, +{"FREE", 1074}, +{"FRET", 1075}, +{"FREY", 1076}, +{"FROG", 1077}, +{"FROM", 1078}, +{"FRY", 167}, +{"FUEL", 1079}, +{"FULL", 1080}, +{"FUM", 168}, +{"FUME", 1081}, +{"FUN", 169}, +{"FUND", 1082}, +{"FUNK", 1083}, +{"FUR", 170}, +{"FURY", 1084}, +{"FUSE", 1085}, +{"FUSS", 1086}, +{"GAB", 171}, +{"GAD", 172}, +{"GAFF", 1087}, +{"GAG", 173}, +{"GAGE", 1088}, +{"GAIL", 1089}, +{"GAIN", 1090}, +{"GAIT", 1091}, +{"GAL", 174}, +{"GALA", 1092}, +{"GALE", 1093}, +{"GALL", 1094}, +{"GALT", 1095}, +{"GAM", 175}, +{"GAME", 1096}, +{"GANG", 1097}, +{"GAP", 176}, +{"GARB", 1098}, +{"GARY", 1099}, +{"GAS", 177}, +{"GASH", 1100}, +{"GATE", 1101}, +{"GAUL", 1102}, +{"GAUR", 1103}, +{"GAVE", 1104}, +{"GAWK", 1105}, +{"GAY", 178}, +{"GEAR", 1106}, +{"GEE", 179}, +{"GEL", 180}, +{"GELD", 1107}, +{"GEM", 181}, +{"GENE", 1108}, +{"GENT", 1109}, +{"GERM", 1110}, +{"GET", 182}, +{"GETS", 1111}, +{"GIBE", 1112}, +{"GIFT", 1113}, +{"GIG", 183}, +{"GIL", 184}, +{"GILD", 1114}, +{"GILL", 1115}, +{"GILT", 1116}, +{"GIN", 185}, +{"GINA", 1117}, +{"GIRD", 1118}, +{"GIRL", 1119}, +{"GIST", 1120}, +{"GIVE", 1121}, +{"GLAD", 1122}, +{"GLEE", 1123}, +{"GLEN", 1124}, +{"GLIB", 1125}, +{"GLOB", 1126}, +{"GLOM", 1127}, +{"GLOW", 1128}, +{"GLUE", 1129}, +{"GLUM", 1130}, +{"GLUT", 1131}, +{"GO", 186}, +{"GOAD", 1132}, +{"GOAL", 1133}, +{"GOAT", 1134}, +{"GOER", 1135}, +{"GOES", 1136}, +{"GOLD", 1137}, +{"GOLF", 1138}, +{"GONE", 1139}, +{"GONG", 1140}, +{"GOOD", 1141}, +{"GOOF", 1142}, +{"GORE", 1143}, +{"GORY", 1144}, +{"GOSH", 1145}, +{"GOT", 187}, +{"GOUT", 1146}, +{"GOWN", 1147}, +{"GRAB", 1148}, +{"GRAD", 1149}, +{"GRAY", 1150}, +{"GREG", 1151}, +{"GREW", 1152}, +{"GREY", 1153}, +{"GRID", 1154}, +{"GRIM", 1155}, +{"GRIN", 1156}, +{"GRIT", 1157}, +{"GROW", 1158}, +{"GRUB", 1159}, +{"GULF", 1160}, +{"GULL", 1161}, +{"GUM", 188}, +{"GUN", 189}, +{"GUNK", 1162}, +{"GURU", 1163}, +{"GUS", 190}, +{"GUSH", 1164}, +{"GUST", 1165}, +{"GUT", 191}, +{"GUY", 192}, +{"GWEN", 1166}, +{"GWYN", 1167}, +{"GYM", 193}, +{"GYP", 194}, +{"HA", 195}, +{"HAAG", 1168}, +{"HAAS", 1169}, +{"HACK", 1170}, +{"HAD", 196}, +{"HAIL", 1171}, +{"HAIR", 1172}, +{"HAL", 197}, +{"HALE", 1173}, +{"HALF", 1174}, +{"HALL", 1175}, +{"HALO", 1176}, +{"HALT", 1177}, +{"HAM", 198}, +{"HAN", 199}, +{"HAND", 1178}, +{"HANG", 1179}, +{"HANK", 1180}, +{"HANS", 1181}, +{"HAP", 200}, +{"HARD", 1182}, +{"HARK", 1183}, +{"HARM", 1184}, +{"HART", 1185}, +{"HAS", 201}, +{"HASH", 1186}, +{"HAST", 1187}, +{"HAT", 202}, +{"HATE", 1188}, +{"HATH", 1189}, +{"HAUL", 1190}, +{"HAVE", 1191}, +{"HAW", 203}, +{"HAWK", 1192}, +{"HAY", 204}, +{"HAYS", 1193}, +{"HE", 205}, +{"HEAD", 1194}, +{"HEAL", 1195}, +{"HEAR", 1196}, +{"HEAT", 1197}, +{"HEBE", 1198}, +{"HECK", 1199}, +{"HEED", 1200}, +{"HEEL", 1201}, +{"HEFT", 1202}, +{"HELD", 1203}, +{"HELL", 1204}, +{"HELM", 1205}, +{"HEM", 206}, +{"HEN", 207}, +{"HER", 208}, +{"HERB", 1206}, +{"HERD", 1207}, +{"HERE", 1208}, +{"HERO", 1209}, +{"HERS", 1210}, +{"HESS", 1211}, +{"HEW", 209}, +{"HEWN", 1212}, +{"HEY", 210}, +{"HI", 211}, +{"HICK", 1213}, +{"HID", 212}, +{"HIDE", 1214}, +{"HIGH", 1215}, +{"HIKE", 1216}, +{"HILL", 1217}, +{"HILT", 1218}, +{"HIM", 213}, +{"HIND", 1219}, +{"HINT", 1220}, +{"HIP", 214}, +{"HIRE", 1221}, +{"HIS", 215}, +{"HISS", 1222}, +{"HIT", 216}, +{"HIVE", 1223}, +{"HO", 217}, +{"HOB", 218}, +{"HOBO", 1224}, +{"HOC", 219}, +{"HOCK", 1225}, +{"HOE", 220}, +{"HOFF", 1226}, +{"HOG", 221}, +{"HOLD", 1227}, +{"HOLE", 1228}, +{"HOLM", 1229}, +{"HOLT", 1230}, +{"HOME", 1231}, +{"HONE", 1232}, +{"HONK", 1233}, +{"HOOD", 1234}, +{"HOOF", 1235}, +{"HOOK", 1236}, +{"HOOT", 1237}, +{"HOP", 222}, +{"HORN", 1238}, +{"HOSE", 1239}, +{"HOST", 1240}, +{"HOT", 223}, +{"HOUR", 1241}, +{"HOVE", 1242}, +{"HOW", 224}, +{"HOWE", 1243}, +{"HOWL", 1244}, +{"HOYT", 1245}, +{"HUB", 225}, +{"HUCK", 1246}, +{"HUE", 226}, +{"HUED", 1247}, +{"HUFF", 1248}, +{"HUG", 227}, +{"HUGE", 1249}, +{"HUGH", 1250}, +{"HUGO", 1251}, +{"HUH", 228}, +{"HULK", 1252}, +{"HULL", 1253}, +{"HUM", 229}, +{"HUNK", 1254}, +{"HUNT", 1255}, +{"HURD", 1256}, +{"HURL", 1257}, +{"HURT", 1258}, +{"HUSH", 1259}, +{"HUT", 230}, +{"HYDE", 1260}, +{"HYMN", 1261}, +{"I", 231}, +{"IBIS", 1262}, +{"ICON", 1263}, +{"ICY", 232}, +{"IDA", 233}, +{"IDEA", 1264}, +{"IDLE", 1265}, +{"IF", 234}, +{"IFFY", 1266}, +{"IKE", 235}, +{"ILL", 236}, +{"INCA", 1267}, +{"INCH", 1268}, +{"INK", 237}, +{"INN", 238}, +{"INTO", 1269}, +{"IO", 239}, +{"ION", 240}, +{"IONS", 1270}, +{"IOTA", 1271}, +{"IOWA", 1272}, +{"IQ", 241}, +{"IRA", 242}, +{"IRE", 243}, +{"IRIS", 1273}, +{"IRK", 244}, +{"IRMA", 1274}, +{"IRON", 1275}, +{"IS", 245}, +{"ISLE", 1276}, +{"IT", 246}, +{"ITCH", 1277}, +{"ITEM", 1278}, +{"ITS", 247}, +{"IVAN", 1279}, +{"IVY", 248}, +{"JAB", 249}, +{"JACK", 1280}, +{"JADE", 1281}, +{"JAG", 250}, +{"JAIL", 1282}, +{"JAKE", 1283}, +{"JAM", 251}, +{"JAN", 252}, +{"JANE", 1284}, +{"JAR", 253}, +{"JAVA", 1285}, +{"JAW", 254}, +{"JAY", 255}, +{"JEAN", 1286}, +{"JEFF", 1287}, +{"JERK", 1288}, +{"JESS", 1289}, +{"JEST", 1290}, +{"JET", 256}, +{"JIBE", 1291}, +{"JIG", 257}, +{"JILL", 1292}, +{"JILT", 1293}, +{"JIM", 258}, +{"JIVE", 1294}, +{"JO", 259}, +{"JOAN", 1295}, +{"JOB", 260}, +{"JOBS", 1296}, +{"JOCK", 1297}, +{"JOE", 261}, +{"JOEL", 1298}, +{"JOEY", 1299}, +{"JOG", 262}, +{"JOHN", 1300}, +{"JOIN", 1301}, +{"JOKE", 1302}, +{"JOLT", 1303}, +{"JOT", 263}, +{"JOVE", 1304}, +{"JOY", 264}, +{"JUDD", 1305}, +{"JUDE", 1306}, +{"JUDO", 1307}, +{"JUDY", 1308}, +{"JUG", 265}, +{"JUJU", 1309}, +{"JUKE", 1310}, +{"JULY", 1311}, +{"JUNE", 1312}, +{"JUNK", 1313}, +{"JUNO", 1314}, +{"JURY", 1315}, +{"JUST", 1316}, +{"JUT", 266}, +{"JUTE", 1317}, +{"KAHN", 1318}, +{"KALE", 1319}, +{"KANE", 1320}, +{"KANT", 1321}, +{"KARL", 1322}, +{"KATE", 1323}, +{"KAY", 267}, +{"KEEL", 1324}, +{"KEEN", 1325}, +{"KEG", 268}, +{"KEN", 269}, +{"KENO", 1326}, +{"KENT", 1327}, +{"KERN", 1328}, +{"KERR", 1329}, +{"KEY", 270}, +{"KEYS", 1330}, +{"KICK", 1331}, +{"KID", 271}, +{"KILL", 1332}, +{"KIM", 272}, +{"KIN", 273}, +{"KIND", 1333}, +{"KING", 1334}, +{"KIRK", 1335}, +{"KISS", 1336}, +{"KIT", 274}, +{"KITE", 1337}, +{"KLAN", 1338}, +{"KNEE", 1339}, +{"KNEW", 1340}, +{"KNIT", 1341}, +{"KNOB", 1342}, +{"KNOT", 1343}, +{"KNOW", 1344}, +{"KOCH", 1345}, +{"KONG", 1346}, +{"KUDO", 1347}, +{"KURD", 1348}, +{"KURT", 1349}, +{"KYLE", 1350}, +{"LA", 275}, +{"LAB", 276}, +{"LAC", 277}, +{"LACE", 1351}, +{"LACK", 1352}, +{"LACY", 1353}, +{"LAD", 278}, +{"LADY", 1354}, +{"LAG", 279}, +{"LAID", 1355}, +{"LAIN", 1356}, +{"LAIR", 1357}, +{"LAKE", 1358}, +{"LAM", 280}, +{"LAMB", 1359}, +{"LAME", 1360}, +{"LAND", 1361}, +{"LANE", 1362}, +{"LANG", 1363}, +{"LAP", 281}, +{"LARD", 1364}, +{"LARK", 1365}, +{"LASS", 1366}, +{"LAST", 1367}, +{"LATE", 1368}, +{"LAUD", 1369}, +{"LAVA", 1370}, +{"LAW", 282}, +{"LAWN", 1371}, +{"LAWS", 1372}, +{"LAY", 283}, +{"LAYS", 1373}, +{"LEA", 284}, +{"LEAD", 1374}, +{"LEAF", 1375}, +{"LEAK", 1376}, +{"LEAN", 1377}, +{"LEAR", 1378}, +{"LED", 285}, +{"LEE", 286}, +{"LEEK", 1379}, +{"LEER", 1380}, +{"LEFT", 1381}, +{"LEG", 287}, +{"LEN", 288}, +{"LEND", 1382}, +{"LENS", 1383}, +{"LENT", 1384}, +{"LEO", 289}, +{"LEON", 1385}, +{"LESK", 1386}, +{"LESS", 1387}, +{"LEST", 1388}, +{"LET", 290}, +{"LETS", 1389}, +{"LEW", 291}, +{"LIAR", 1390}, +{"LICE", 1391}, +{"LICK", 1392}, +{"LID", 292}, +{"LIE", 293}, +{"LIED", 1393}, +{"LIEN", 1394}, +{"LIES", 1395}, +{"LIEU", 1396}, +{"LIFE", 1397}, +{"LIFT", 1398}, +{"LIKE", 1399}, +{"LILA", 1400}, +{"LILT", 1401}, +{"LILY", 1402}, +{"LIMA", 1403}, +{"LIMB", 1404}, +{"LIME", 1405}, +{"LIN", 294}, +{"LIND", 1406}, +{"LINE", 1407}, +{"LINK", 1408}, +{"LINT", 1409}, +{"LION", 1410}, +{"LIP", 295}, +{"LISA", 1411}, +{"LIST", 1412}, +{"LIT", 296}, +{"LIVE", 1413}, +{"LO", 297}, +{"LOAD", 1414}, +{"LOAF", 1415}, +{"LOAM", 1416}, +{"LOAN", 1417}, +{"LOB", 298}, +{"LOCK", 1418}, +{"LOFT", 1419}, +{"LOG", 299}, +{"LOGE", 1420}, +{"LOIS", 1421}, +{"LOLA", 1422}, +{"LONE", 1423}, +{"LONG", 1424}, +{"LOOK", 1425}, +{"LOON", 1426}, +{"LOOT", 1427}, +{"LOP", 300}, +{"LORD", 1428}, +{"LORE", 1429}, +{"LOS", 301}, +{"LOSE", 1430}, +{"LOSS", 1431}, +{"LOST", 1432}, +{"LOT", 302}, +{"LOU", 303}, +{"LOUD", 1433}, +{"LOVE", 1434}, +{"LOW", 304}, +{"LOWE", 1435}, +{"LOY", 305}, +{"LUCK", 1436}, +{"LUCY", 1437}, +{"LUG", 306}, +{"LUGE", 1438}, +{"LUKE", 1439}, +{"LULU", 1440}, +{"LUND", 1441}, +{"LUNG", 1442}, +{"LURA", 1443}, +{"LURE", 1444}, +{"LURK", 1445}, +{"LUSH", 1446}, +{"LUST", 1447}, +{"LYE", 307}, +{"LYLE", 1448}, +{"LYNN", 1449}, +{"LYON", 1450}, +{"LYRA", 1451}, +{"MA", 308}, +{"MAC", 309}, +{"MACE", 1452}, +{"MAD", 310}, +{"MADE", 1453}, +{"MAE", 311}, +{"MAGI", 1454}, +{"MAID", 1455}, +{"MAIL", 1456}, +{"MAIN", 1457}, +{"MAKE", 1458}, +{"MALE", 1459}, +{"MALI", 1460}, +{"MALL", 1461}, +{"MALT", 1462}, +{"MAN", 312}, +{"MANA", 1463}, +{"MANN", 1464}, +{"MANY", 1465}, +{"MAO", 313}, +{"MAP", 314}, +{"MARC", 1466}, +{"MARE", 1467}, +{"MARK", 1468}, +{"MARS", 1469}, +{"MART", 1470}, +{"MARY", 1471}, +{"MASH", 1472}, +{"MASK", 1473}, +{"MASS", 1474}, +{"MAST", 1475}, +{"MAT", 315}, +{"MATE", 1476}, +{"MATH", 1477}, +{"MAUL", 1478}, +{"MAW", 316}, +{"MAY", 317}, +{"MAYO", 1479}, +{"ME", 318}, +{"MEAD", 1480}, +{"MEAL", 1481}, +{"MEAN", 1482}, +{"MEAT", 1483}, +{"MEEK", 1484}, +{"MEET", 1485}, +{"MEG", 319}, +{"MEL", 320}, +{"MELD", 1486}, +{"MELT", 1487}, +{"MEMO", 1488}, +{"MEN", 321}, +{"MEND", 1489}, +{"MENU", 1490}, +{"MERT", 1491}, +{"MESH", 1492}, +{"MESS", 1493}, +{"MET", 322}, +{"MEW", 323}, +{"MICE", 1494}, +{"MID", 324}, +{"MIKE", 1495}, +{"MILD", 1496}, +{"MILE", 1497}, +{"MILK", 1498}, +{"MILL", 1499}, +{"MILT", 1500}, +{"MIMI", 1501}, +{"MIN", 325}, +{"MIND", 1502}, +{"MINE", 1503}, +{"MINI", 1504}, +{"MINK", 1505}, +{"MINT", 1506}, +{"MIRE", 1507}, +{"MISS", 1508}, +{"MIST", 1509}, +{"MIT", 326}, +{"MITE", 1510}, +{"MITT", 1511}, +{"MOAN", 1512}, +{"MOAT", 1513}, +{"MOB", 327}, +{"MOCK", 1514}, +{"MOD", 328}, +{"MODE", 1515}, +{"MOE", 329}, +{"MOLD", 1516}, +{"MOLE", 1517}, +{"MOLL", 1518}, +{"MOLT", 1519}, +{"MONA", 1520}, +{"MONK", 1521}, +{"MONT", 1522}, +{"MOO", 330}, +{"MOOD", 1523}, +{"MOON", 1524}, +{"MOOR", 1525}, +{"MOOT", 1526}, +{"MOP", 331}, +{"MORE", 1527}, +{"MORN", 1528}, +{"MORT", 1529}, +{"MOS", 332}, +{"MOSS", 1530}, +{"MOST", 1531}, +{"MOT", 333}, +{"MOTH", 1532}, +{"MOVE", 1533}, +{"MOW", 334}, +{"MUCH", 1534}, +{"MUCK", 1535}, +{"MUD", 335}, +{"MUDD", 1536}, +{"MUFF", 1537}, +{"MUG", 336}, +{"MULE", 1538}, +{"MULL", 1539}, +{"MUM", 337}, +{"MURK", 1540}, +{"MUSH", 1541}, +{"MUST", 1542}, +{"MUTE", 1543}, +{"MUTT", 1544}, +{"MY", 338}, +{"MYRA", 1545}, +{"MYTH", 1546}, +{"NAB", 339}, +{"NAG", 340}, +{"NAGY", 1547}, +{"NAIL", 1548}, +{"NAIR", 1549}, +{"NAME", 1550}, +{"NAN", 341}, +{"NAP", 342}, +{"NARY", 1551}, +{"NASH", 1552}, +{"NAT", 343}, +{"NAVE", 1553}, +{"NAVY", 1554}, +{"NAY", 344}, +{"NE", 345}, +{"NEAL", 1555}, +{"NEAR", 1556}, +{"NEAT", 1557}, +{"NECK", 1558}, +{"NED", 346}, +{"NEE", 347}, +{"NEED", 1559}, +{"NEIL", 1560}, +{"NELL", 1561}, +{"NEON", 1562}, +{"NERO", 1563}, +{"NESS", 1564}, +{"NEST", 1565}, +{"NET", 348}, +{"NEW", 349}, +{"NEWS", 1566}, +{"NEWT", 1567}, +{"NIB", 350}, +{"NIBS", 1568}, +{"NICE", 1569}, +{"NICK", 1570}, +{"NIL", 351}, +{"NILE", 1571}, +{"NINA", 1572}, +{"NINE", 1573}, +{"NIP", 352}, +{"NIT", 353}, +{"NO", 354}, +{"NOAH", 1574}, +{"NOB", 355}, +{"NOD", 356}, +{"NODE", 1575}, +{"NOEL", 1576}, +{"NOLL", 1577}, +{"NON", 357}, +{"NONE", 1578}, +{"NOOK", 1579}, +{"NOON", 1580}, +{"NOR", 358}, +{"NORM", 1581}, +{"NOSE", 1582}, +{"NOT", 359}, +{"NOTE", 1583}, +{"NOUN", 1584}, +{"NOV", 360}, +{"NOVA", 1585}, +{"NOW", 361}, +{"NU", 362}, +{"NUDE", 1586}, +{"NULL", 1587}, +{"NUMB", 1588}, +{"NUN", 363}, +{"NUT", 364}, +{"O", 365}, +{"OAF", 366}, +{"OAK", 367}, +{"OAR", 368}, +{"OAT", 369}, +{"OATH", 1589}, +{"OBEY", 1590}, +{"OBOE", 1591}, +{"ODD", 370}, +{"ODE", 371}, +{"ODIN", 1592}, +{"OF", 372}, +{"OFF", 373}, +{"OFT", 374}, +{"OH", 375}, +{"OHIO", 1593}, +{"OIL", 376}, +{"OILY", 1594}, +{"OINT", 1595}, +{"OK", 377}, +{"OKAY", 1596}, +{"OLAF", 1597}, +{"OLD", 378}, +{"OLDY", 1598}, +{"OLGA", 1599}, +{"OLIN", 1600}, +{"OMAN", 1601}, +{"OMEN", 1602}, +{"OMIT", 1603}, +{"ON", 379}, +{"ONCE", 1604}, +{"ONE", 380}, +{"ONES", 1605}, +{"ONLY", 1606}, +{"ONTO", 1607}, +{"ONUS", 1608}, +{"OR", 381}, +{"ORAL", 1609}, +{"ORB", 382}, +{"ORE", 383}, +{"ORGY", 1610}, +{"ORR", 384}, +{"OS", 385}, +{"OSLO", 1611}, +{"OTIS", 1612}, +{"OTT", 386}, +{"OTTO", 1613}, +{"OUCH", 1614}, +{"OUR", 387}, +{"OUST", 1615}, +{"OUT", 388}, +{"OUTS", 1616}, +{"OVA", 389}, +{"OVAL", 1617}, +{"OVEN", 1618}, +{"OVER", 1619}, +{"OW", 390}, +{"OWE", 391}, +{"OWL", 392}, +{"OWLY", 1620}, +{"OWN", 393}, +{"OWNS", 1621}, +{"OX", 394}, +{"PA", 395}, +{"PAD", 396}, +{"PAL", 397}, +{"PAM", 398}, +{"PAN", 399}, +{"PAP", 400}, +{"PAR", 401}, +{"PAT", 402}, +{"PAW", 403}, +{"PAY", 404}, +{"PEA", 405}, +{"PEG", 406}, +{"PEN", 407}, +{"PEP", 408}, +{"PER", 409}, +{"PET", 410}, +{"PEW", 411}, +{"PHI", 412}, +{"PI", 413}, +{"PIE", 414}, +{"PIN", 415}, +{"PIT", 416}, +{"PLY", 417}, +{"PO", 418}, +{"POD", 419}, +{"POE", 420}, +{"POP", 421}, +{"POT", 422}, +{"POW", 423}, +{"PRO", 424}, +{"PRY", 425}, +{"PUB", 426}, +{"PUG", 427}, +{"PUN", 428}, +{"PUP", 429}, +{"PUT", 430}, +{"QUAD", 1622}, +{"QUIT", 1623}, +{"QUO", 431}, +{"QUOD", 1624}, +{"RACE", 1625}, +{"RACK", 1626}, +{"RACY", 1627}, +{"RAFT", 1628}, +{"RAG", 432}, +{"RAGE", 1629}, +{"RAID", 1630}, +{"RAIL", 1631}, +{"RAIN", 1632}, +{"RAKE", 1633}, +{"RAM", 433}, +{"RAN", 434}, +{"RANK", 1634}, +{"RANT", 1635}, +{"RAP", 435}, +{"RARE", 1636}, +{"RASH", 1637}, +{"RAT", 436}, +{"RATE", 1638}, +{"RAVE", 1639}, +{"RAW", 437}, +{"RAY", 438}, +{"RAYS", 1640}, +{"READ", 1641}, +{"REAL", 1642}, +{"REAM", 1643}, +{"REAR", 1644}, +{"REB", 439}, +{"RECK", 1645}, +{"RED", 440}, +{"REED", 1646}, +{"REEF", 1647}, +{"REEK", 1648}, +{"REEL", 1649}, +{"REID", 1650}, +{"REIN", 1651}, +{"RENA", 1652}, +{"REND", 1653}, +{"RENT", 1654}, +{"REP", 441}, +{"REST", 1655}, +{"RET", 442}, +{"RIB", 443}, +{"RICE", 1656}, +{"RICH", 1657}, +{"RICK", 1658}, +{"RID", 444}, +{"RIDE", 1659}, +{"RIFT", 1660}, +{"RIG", 445}, +{"RILL", 1661}, +{"RIM", 446}, +{"RIME", 1662}, +{"RING", 1663}, +{"RINK", 1664}, +{"RIO", 447}, +{"RIP", 448}, +{"RISE", 1665}, +{"RISK", 1666}, +{"RITE", 1667}, +{"ROAD", 1668}, +{"ROAM", 1669}, +{"ROAR", 1670}, +{"ROB", 449}, +{"ROBE", 1671}, +{"ROCK", 1672}, +{"ROD", 450}, +{"RODE", 1673}, +{"ROE", 451}, +{"ROIL", 1674}, +{"ROLL", 1675}, +{"ROME", 1676}, +{"RON", 452}, +{"ROOD", 1677}, +{"ROOF", 1678}, +{"ROOK", 1679}, +{"ROOM", 1680}, +{"ROOT", 1681}, +{"ROSA", 1682}, +{"ROSE", 1683}, +{"ROSS", 1684}, +{"ROSY", 1685}, +{"ROT", 453}, +{"ROTH", 1686}, +{"ROUT", 1687}, +{"ROVE", 1688}, +{"ROW", 454}, +{"ROWE", 1689}, +{"ROWS", 1690}, +{"ROY", 455}, +{"RUB", 456}, +{"RUBE", 1691}, +{"RUBY", 1692}, +{"RUDE", 1693}, +{"RUDY", 1694}, +{"RUE", 457}, +{"RUG", 458}, +{"RUIN", 1695}, +{"RULE", 1696}, +{"RUM", 459}, +{"RUN", 460}, +{"RUNG", 1697}, +{"RUNS", 1698}, +{"RUNT", 1699}, +{"RUSE", 1700}, +{"RUSH", 1701}, +{"RUSK", 1702}, +{"RUSS", 1703}, +{"RUST", 1704}, +{"RUTH", 1705}, +{"RYE", 461}, +{"SAC", 462}, +{"SACK", 1706}, +{"SAD", 463}, +{"SAFE", 1707}, +{"SAG", 464}, +{"SAGE", 1708}, +{"SAID", 1709}, +{"SAIL", 1710}, +{"SAL", 465}, +{"SALE", 1711}, +{"SALK", 1712}, +{"SALT", 1713}, +{"SAM", 466}, +{"SAME", 1714}, +{"SAN", 467}, +{"SAND", 1715}, +{"SANE", 1716}, +{"SANG", 1717}, +{"SANK", 1718}, +{"SAP", 468}, +{"SARA", 1719}, +{"SAT", 469}, +{"SAUL", 1720}, +{"SAVE", 1721}, +{"SAW", 470}, +{"SAY", 471}, +{"SAYS", 1722}, +{"SCAN", 1723}, +{"SCAR", 1724}, +{"SCAT", 1725}, +{"SCOT", 1726}, +{"SEA", 472}, +{"SEAL", 1727}, +{"SEAM", 1728}, +{"SEAR", 1729}, +{"SEAT", 1730}, +{"SEC", 473}, +{"SEE", 474}, +{"SEED", 1731}, +{"SEEK", 1732}, +{"SEEM", 1733}, +{"SEEN", 1734}, +{"SEES", 1735}, +{"SELF", 1736}, +{"SELL", 1737}, +{"SEN", 475}, +{"SEND", 1738}, +{"SENT", 1739}, +{"SET", 476}, +{"SETS", 1740}, +{"SEW", 477}, +{"SEWN", 1741}, +{"SHAG", 1742}, +{"SHAM", 1743}, +{"SHAW", 1744}, +{"SHAY", 1745}, +{"SHE", 478}, +{"SHED", 1746}, +{"SHIM", 1747}, +{"SHIN", 1748}, +{"SHOD", 1749}, +{"SHOE", 1750}, +{"SHOT", 1751}, +{"SHOW", 1752}, +{"SHUN", 1753}, +{"SHUT", 1754}, +{"SHY", 479}, +{"SICK", 1755}, +{"SIDE", 1756}, +{"SIFT", 1757}, +{"SIGH", 1758}, +{"SIGN", 1759}, +{"SILK", 1760}, +{"SILL", 1761}, +{"SILO", 1762}, +{"SILT", 1763}, +{"SIN", 480}, +{"SINE", 1764}, +{"SING", 1765}, +{"SINK", 1766}, +{"SIP", 481}, +{"SIR", 482}, +{"SIRE", 1767}, +{"SIS", 483}, +{"SIT", 484}, +{"SITE", 1768}, +{"SITS", 1769}, +{"SITU", 1770}, +{"SKAT", 1771}, +{"SKEW", 1772}, +{"SKI", 485}, +{"SKID", 1773}, +{"SKIM", 1774}, +{"SKIN", 1775}, +{"SKIT", 1776}, +{"SKY", 486}, +{"SLAB", 1777}, +{"SLAM", 1778}, +{"SLAT", 1779}, +{"SLAY", 1780}, +{"SLED", 1781}, +{"SLEW", 1782}, +{"SLID", 1783}, +{"SLIM", 1784}, +{"SLIT", 1785}, +{"SLOB", 1786}, +{"SLOG", 1787}, +{"SLOT", 1788}, +{"SLOW", 1789}, +{"SLUG", 1790}, +{"SLUM", 1791}, +{"SLUR", 1792}, +{"SLY", 487}, +{"SMOG", 1793}, +{"SMUG", 1794}, +{"SNAG", 1795}, +{"SNOB", 1796}, +{"SNOW", 1797}, +{"SNUB", 1798}, +{"SNUG", 1799}, +{"SO", 488}, +{"SOAK", 1800}, +{"SOAR", 1801}, +{"SOB", 489}, +{"SOCK", 1802}, +{"SOD", 490}, +{"SODA", 1803}, +{"SOFA", 1804}, +{"SOFT", 1805}, +{"SOIL", 1806}, +{"SOLD", 1807}, +{"SOME", 1808}, +{"SON", 491}, +{"SONG", 1809}, +{"SOON", 1810}, +{"SOOT", 1811}, +{"SOP", 492}, +{"SORE", 1812}, +{"SORT", 1813}, +{"SOUL", 1814}, +{"SOUR", 1815}, +{"SOW", 493}, +{"SOWN", 1816}, +{"SOY", 494}, +{"SPA", 495}, +{"SPY", 496}, +{"STAB", 1817}, +{"STAG", 1818}, +{"STAN", 1819}, +{"STAR", 1820}, +{"STAY", 1821}, +{"STEM", 1822}, +{"STEW", 1823}, +{"STIR", 1824}, +{"STOW", 1825}, +{"STUB", 1826}, +{"STUN", 1827}, +{"SUB", 497}, +{"SUCH", 1828}, +{"SUD", 498}, +{"SUDS", 1829}, +{"SUE", 499}, +{"SUIT", 1830}, +{"SULK", 1831}, +{"SUM", 500}, +{"SUMS", 1832}, +{"SUN", 501}, +{"SUNG", 1833}, +{"SUNK", 1834}, +{"SUP", 502}, +{"SURE", 1835}, +{"SURF", 1836}, +{"SWAB", 1837}, +{"SWAG", 1838}, +{"SWAM", 1839}, +{"SWAN", 1840}, +{"SWAT", 1841}, +{"SWAY", 1842}, +{"SWIM", 1843}, +{"SWUM", 1844}, +{"TAB", 503}, +{"TACK", 1845}, +{"TACT", 1846}, +{"TAD", 504}, +{"TAG", 505}, +{"TAIL", 1847}, +{"TAKE", 1848}, +{"TALE", 1849}, +{"TALK", 1850}, +{"TALL", 1851}, +{"TAN", 506}, +{"TANK", 1852}, +{"TAP", 507}, +{"TAR", 508}, +{"TASK", 1853}, +{"TATE", 1854}, +{"TAUT", 1855}, +{"TEA", 509}, +{"TEAL", 1856}, +{"TEAM", 1857}, +{"TEAR", 1858}, +{"TECH", 1859}, +{"TED", 510}, +{"TEE", 511}, +{"TEEM", 1860}, +{"TEEN", 1861}, +{"TEET", 1862}, +{"TELL", 1863}, +{"TEN", 512}, +{"TEND", 1864}, +{"TENT", 1865}, +{"TERM", 1866}, +{"TERN", 1867}, +{"TESS", 1868}, +{"TEST", 1869}, +{"THAN", 1870}, +{"THAT", 1871}, +{"THE", 513}, +{"THEE", 1872}, +{"THEM", 1873}, +{"THEN", 1874}, +{"THEY", 1875}, +{"THIN", 1876}, +{"THIS", 1877}, +{"THUD", 1878}, +{"THUG", 1879}, +{"THY", 514}, +{"TIC", 515}, +{"TICK", 1880}, +{"TIDE", 1881}, +{"TIDY", 1882}, +{"TIE", 516}, +{"TIED", 1883}, +{"TIER", 1884}, +{"TILE", 1885}, +{"TILL", 1886}, +{"TILT", 1887}, +{"TIM", 517}, +{"TIME", 1888}, +{"TIN", 518}, +{"TINA", 1889}, +{"TINE", 1890}, +{"TINT", 1891}, +{"TINY", 1892}, +{"TIP", 519}, +{"TIRE", 1893}, +{"TO", 520}, +{"TOAD", 1894}, +{"TOE", 521}, +{"TOG", 522}, +{"TOGO", 1895}, +{"TOIL", 1896}, +{"TOLD", 1897}, +{"TOLL", 1898}, +{"TOM", 523}, +{"TON", 524}, +{"TONE", 1899}, +{"TONG", 1900}, +{"TONY", 1901}, +{"TOO", 525}, +{"TOOK", 1902}, +{"TOOL", 1903}, +{"TOOT", 1904}, +{"TOP", 526}, +{"TORE", 1905}, +{"TORN", 1906}, +{"TOTE", 1907}, +{"TOUR", 1908}, +{"TOUT", 1909}, +{"TOW", 527}, +{"TOWN", 1910}, +{"TOY", 528}, +{"TRAG", 1911}, +{"TRAM", 1912}, +{"TRAY", 1913}, +{"TREE", 1914}, +{"TREK", 1915}, +{"TRIG", 1916}, +{"TRIM", 1917}, +{"TRIO", 1918}, +{"TROD", 1919}, +{"TROT", 1920}, +{"TROY", 1921}, +{"TRUE", 1922}, +{"TRY", 529}, +{"TUB", 530}, +{"TUBA", 1923}, +{"TUBE", 1924}, +{"TUCK", 1925}, +{"TUFT", 1926}, +{"TUG", 531}, +{"TUM", 532}, +{"TUN", 533}, +{"TUNA", 1927}, +{"TUNE", 1928}, +{"TUNG", 1929}, +{"TURF", 1930}, +{"TURN", 1931}, +{"TUSK", 1932}, +{"TWIG", 1933}, +{"TWIN", 1934}, +{"TWIT", 1935}, +{"TWO", 534}, +{"ULAN", 1936}, +{"UN", 535}, +{"UNIT", 1937}, +{"UP", 536}, +{"URGE", 1938}, +{"US", 537}, +{"USE", 538}, +{"USED", 1939}, +{"USER", 1940}, +{"USES", 1941}, +{"UTAH", 1942}, +{"VAIL", 1943}, +{"VAIN", 1944}, +{"VALE", 1945}, +{"VAN", 539}, +{"VARY", 1946}, +{"VASE", 1947}, +{"VAST", 1948}, +{"VAT", 540}, +{"VEAL", 1949}, +{"VEDA", 1950}, +{"VEIL", 1951}, +{"VEIN", 1952}, +{"VEND", 1953}, +{"VENT", 1954}, +{"VERB", 1955}, +{"VERY", 1956}, +{"VET", 541}, +{"VETO", 1957}, +{"VICE", 1958}, +{"VIE", 542}, +{"VIEW", 1959}, +{"VINE", 1960}, +{"VISE", 1961}, +{"VOID", 1962}, +{"VOLT", 1963}, +{"VOTE", 1964}, +{"WACK", 1965}, +{"WAD", 543}, +{"WADE", 1966}, +{"WAG", 544}, +{"WAGE", 1967}, +{"WAIL", 1968}, +{"WAIT", 1969}, +{"WAKE", 1970}, +{"WALE", 1971}, +{"WALK", 1972}, +{"WALL", 1973}, +{"WALT", 1974}, +{"WAND", 1975}, +{"WANE", 1976}, +{"WANG", 1977}, +{"WANT", 1978}, +{"WAR", 545}, +{"WARD", 1979}, +{"WARM", 1980}, +{"WARN", 1981}, +{"WART", 1982}, +{"WAS", 546}, +{"WASH", 1983}, +{"WAST", 1984}, +{"WATS", 1985}, +{"WATT", 1986}, +{"WAVE", 1987}, +{"WAVY", 1988}, +{"WAY", 547}, +{"WAYS", 1989}, +{"WE", 548}, +{"WEAK", 1990}, +{"WEAL", 1991}, +{"WEAN", 1992}, +{"WEAR", 1993}, +{"WEB", 549}, +{"WED", 550}, +{"WEE", 551}, +{"WEED", 1994}, +{"WEEK", 1995}, +{"WEIR", 1996}, +{"WELD", 1997}, +{"WELL", 1998}, +{"WELT", 1999}, +{"WENT", 2000}, +{"WERE", 2001}, +{"WERT", 2002}, +{"WEST", 2003}, +{"WET", 552}, +{"WHAM", 2004}, +{"WHAT", 2005}, +{"WHEE", 2006}, +{"WHEN", 2007}, +{"WHET", 2008}, +{"WHO", 553}, +{"WHOA", 2009}, +{"WHOM", 2010}, +{"WHY", 554}, +{"WICK", 2011}, +{"WIFE", 2012}, +{"WILD", 2013}, +{"WILL", 2014}, +{"WIN", 555}, +{"WIND", 2015}, +{"WINE", 2016}, +{"WING", 2017}, +{"WINK", 2018}, +{"WINO", 2019}, +{"WIRE", 2020}, +{"WISE", 2021}, +{"WISH", 2022}, +{"WIT", 556}, +{"WITH", 2023}, +{"WOK", 557}, +{"WOLF", 2024}, +{"WON", 558}, +{"WONT", 2025}, +{"WOO", 559}, +{"WOOD", 2026}, +{"WOOL", 2027}, +{"WORD", 2028}, +{"WORE", 2029}, +{"WORK", 2030}, +{"WORM", 2031}, +{"WORN", 2032}, +{"WOVE", 2033}, +{"WOW", 560}, +{"WRIT", 2034}, +{"WRY", 561}, +{"WU", 562}, +{"WYNN", 2035}, +{"YALE", 2036}, +{"YAM", 563}, +{"YANG", 2037}, +{"YANK", 2038}, +{"YAP", 564}, +{"YARD", 2039}, +{"YARN", 2040}, +{"YAW", 565}, +{"YAWL", 2041}, +{"YAWN", 2042}, +{"YE", 566}, +{"YEA", 567}, +{"YEAH", 2043}, +{"YEAR", 2044}, +{"YELL", 2045}, +{"YES", 568}, +{"YET", 569}, +{"YOGA", 2046}, +{"YOKE", 2047}, +{"YOU", 570} +}; diff --git a/lib/otp/otp_print.c b/lib/otp/otp_print.c new file mode 100644 index 000000000000..372ddcf465d2 --- /dev/null +++ b/lib/otp/otp_print.c @@ -0,0 +1,99 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +RCSID("$Id$"); +#endif + +#include "otp_locl.h" + +extern const char *const std_dict[]; + +unsigned +otp_checksum (OtpKey key) +{ + int i; + unsigned sum = 0; + + for (i = 0; i < OTPKEYSIZE; ++i) + sum += ((key[i] >> 0) & 0x03) + + ((key[i] >> 2) & 0x03) + + ((key[i] >> 4) & 0x03) + + ((key[i] >> 6) & 0x03); + sum &= 0x03; + return sum; +} + +void +otp_print_stddict (OtpKey key, char *str, size_t sz) +{ + unsigned sum; + + sum = otp_checksum (key); + snprintf (str, sz, + "%s %s %s %s %s %s", + std_dict[(key[0] << 3) | (key[1] >> 5)], + std_dict[((key[1] & 0x1F) << 6) | (key[2] >> 2)], + std_dict[((key[2] & 0x03) << 9) | (key[3] << 1) | (key[4] >> 7)], + std_dict[((key[4] & 0x7F) << 4) | (key[5] >> 4)], + std_dict[((key[5] & 0x0F) << 7) | (key[6] >> 1)], + std_dict[((key[6] & 0x01) << 10) | (key[7] << 2) | sum]); +} + +void +otp_print_hex (OtpKey key, char *str, size_t sz) +{ + snprintf (str, sz, + "%02x%02x%02x%02x%02x%02x%02x%02x", + key[0], key[1], key[2], key[3], + key[4], key[5], key[6], key[7]); +} + +void +otp_print_hex_extended (OtpKey key, char *str, size_t sz) +{ + strlcpy (str, OTP_HEXPREFIX, sz); + otp_print_hex (key, + str + strlen(OTP_HEXPREFIX), + sz - strlen(OTP_HEXPREFIX)); +} + +void +otp_print_stddict_extended (OtpKey key, char *str, size_t sz) +{ + strlcpy (str, OTP_WORDPREFIX, sz); + otp_print_stddict (key, + str + strlen(OTP_WORDPREFIX), + sz - strlen(OTP_WORDPREFIX)); +} diff --git a/lib/otp/otp_verify.c b/lib/otp/otp_verify.c new file mode 100644 index 000000000000..8a1c743cc830 --- /dev/null +++ b/lib/otp/otp_verify.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +RCSID("$Id$"); +#endif + +#include "otp_locl.h" + +int +otp_verify_user_1 (OtpContext *ctx, const char *passwd) +{ + OtpKey key1, key2; + + if (otp_parse (key1, passwd, ctx->alg)) { + ctx->err = "Syntax error in reply"; + return -1; + } + memcpy (key2, key1, sizeof(key1)); + ctx->alg->next (key2); + if (memcmp (ctx->key, key2, sizeof(key2)) == 0) { + --ctx->n; + memcpy (ctx->key, key1, sizeof(key1)); + return 0; + } else + return -1; +} + +int +otp_verify_user (OtpContext *ctx, const char *passwd) +{ + void *dbm; + int ret; + + if (!ctx->challengep) + return -1; + ret = otp_verify_user_1 (ctx, passwd); + dbm = otp_db_open (); + if (dbm == NULL) { + free(ctx->user); + return -1; + } + otp_put (dbm, ctx); + free(ctx->user); + otp_db_close (dbm); + return ret; +} diff --git a/lib/otp/otptest.c b/lib/otp/otptest.c new file mode 100644 index 000000000000..869f8742155c --- /dev/null +++ b/lib/otp/otptest.c @@ -0,0 +1,142 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + +#include +#include +#include + +static int +test_one(OtpKey key1, char *name, char *val, + void (*print)(OtpKey,char*, size_t), + OtpAlgorithm *alg) +{ + char buf[256]; + OtpKey key2; + + (*print)(key1, buf, sizeof(buf)); + printf ("%s: %s, ", name, buf); + if (strcmp (buf, val) != 0) { + printf ("failed(*%s* != *%s*)\n", buf, val); + return 1; + } + if (otp_parse (key2, buf, alg)) { + printf ("parse of %s failed\n", name); + return 1; + } + if (memcmp (key1, key2, OTPKEYSIZE) != 0) { + printf ("key1 != key2, "); + } + printf ("success\n"); + return 0; +} + +static int +test (void) +{ + struct test { + char *alg; + char *passphrase; + char *seed; + int count; + char *hex; + char *word; + } tests[] = { + + /* md4 */ + {"md4", "This is a test.", "TeSt", 0, "d1854218ebbb0b51", "ROME MUG FRED SCAN LIVE LACE"}, + {"md4", "This is a test.", "TeSt", 1, "63473ef01cd0b444", "CARD SAD MINI RYE COL KIN"}, + {"md4", "This is a test.", "TeSt", 99, "c5e612776e6c237a", "NOTE OUT IBIS SINK NAVE MODE"}, + {"md4", "AbCdEfGhIjK", "alpha1", 0, "50076f47eb1ade4e", "AWAY SEN ROOK SALT LICE MAP"}, + {"md4", "AbCdEfGhIjK", "alpha1", 1, "65d20d1949b5f7ab", "CHEW GRIM WU HANG BUCK SAID"}, + {"md4", "AbCdEfGhIjK", "alpha1", 99, "d150c82cce6f62d1", "ROIL FREE COG HUNK WAIT COCA"}, + {"md4", "OTP's are good", "correct", 0, "849c79d4f6f55388", "FOOL STEM DONE TOOL BECK NILE"}, + {"md4", "OTP's are good", "correct", 1, "8c0992fb250847b1", "GIST AMOS MOOT AIDS FOOD SEEM"}, + {"md4", "OTP's are good", "correct",99, "3f3bf4b4145fd74b", "TAG SLOW NOV MIN WOOL KENO"}, + + + /* md5 */ + {"md5", "This is a test.", "TeSt", 0, "9e876134d90499dd", "INCH SEA ANNE LONG AHEM TOUR"}, + {"md5", "This is a test.", "TeSt", 1, "7965e05436f5029f", "EASE OIL FUM CURE AWRY AVIS"}, + {"md5", "This is a test.", "TeSt", 99, "50fe1962c4965880", "BAIL TUFT BITS GANG CHEF THY"}, + {"md5", "AbCdEfGhIjK", "alpha1", 0, "87066dd9644bf206", "FULL PEW DOWN ONCE MORT ARC"}, + {"md5", "AbCdEfGhIjK", "alpha1", 1, "7cd34c1040add14b", "FACT HOOF AT FIST SITE KENT"}, + {"md5", "AbCdEfGhIjK", "alpha1", 99, "5aa37a81f212146c", "BODE HOP JAKE STOW JUT RAP"}, + {"md5", "OTP's are good", "correct", 0, "f205753943de4cf9", "ULAN NEW ARMY FUSE SUIT EYED"}, + {"md5", "OTP's are good", "correct", 1, "ddcdac956f234937", "SKIM CULT LOB SLAM POE HOWL"}, + {"md5", "OTP's are good", "correct",99, "b203e28fa525be47", "LONG IVY JULY AJAR BOND LEE"}, + + /* sha */ + {"sha", "This is a test.", "TeSt", 0, "bb9e6ae1979d8ff4", "MILT VARY MAST OK SEES WENT"}, + {"sha", "This is a test.", "TeSt", 1, "63d936639734385b", "CART OTTO HIVE ODE VAT NUT"}, + {"sha", "This is a test.", "TeSt", 99, "87fec7768b73ccf9", "GAFF WAIT SKID GIG SKY EYED"}, + {"sha", "AbCdEfGhIjK", "alpha1", 0, "ad85f658ebe383c9", "LEST OR HEEL SCOT ROB SUIT"}, + {"sha", "AbCdEfGhIjK", "alpha1", 1, "d07ce229b5cf119b", "RITE TAKE GELD COST TUNE RECK"}, + {"sha", "AbCdEfGhIjK", "alpha1", 99, "27bc71035aaf3dc6", "MAY STAR TIN LYON VEDA STAN"}, + {"sha", "OTP's are good", "correct", 0, "d51f3e99bf8e6f0b", "RUST WELT KICK FELL TAIL FRAU"}, + {"sha", "OTP's are good", "correct", 1, "82aeb52d943774e4", "FLIT DOSE ALSO MEW DRUM DEFY"}, + {"sha", "OTP's are good", "correct", 99, "4f296a74fe1567ec", "AURA ALOE HURL WING BERG WAIT"}, + {NULL} + }; + + struct test *t; + int sum = 0; + + for(t = tests; t->alg; ++t) { + int i; + OtpAlgorithm *alg = otp_find_alg (t->alg); + OtpKey key; + + if (alg == NULL) { + printf ("Could not find alg %s\n", t->alg); + return 1; + } + if(alg->init (key, t->passphrase, t->seed)) + return 1; + for (i = 0; i < t->count; ++i) { + if (alg->next (key)) + return 1; + } + sum += test_one (key, "hexadecimal", t->hex, otp_print_hex, + alg) + + test_one (key, "standard_word", t->word, otp_print_stddict, alg); + } + return sum; +} + +int +main (void) +{ + return test (); +} diff --git a/lib/otp/roken_rename.h b/lib/otp/roken_rename.h new file mode 100644 index 000000000000..07c324977c27 --- /dev/null +++ b/lib/otp/roken_rename.h @@ -0,0 +1,73 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id$ */ + +#ifndef __roken_rename_h__ +#define __roken_rename_h__ + +#ifndef HAVE_SNPRINTF +#define rk_snprintf _otp_snprintf +#endif +#ifndef HAVE_ASPRINTF +#define rk_asprintf _otp_asprintf +#endif +#ifndef HAVE_ASNPRINTF +#define rk_asnprintf _otp_asnprintf +#endif +#ifndef HAVE_VASPRINTF +#define rk_vasprintf _otp_vasprintf +#endif +#ifndef HAVE_VASNPRINTF +#define rk_vasnprintf _otp_vasnprintf +#endif +#ifndef HAVE_VSNPRINTF +#define rk_vsnprintf _otp_vsnprintf +#endif +#ifndef HAVE_STRCASECMP +#define rk_strcasecmp _otp_strcasecmp +#endif +#ifndef HAVE_STRNCASECMP +#define rk_strncasecmp _otp_strncasecmp +#endif +#ifndef HAVE_STRLWR +#define rk_strlwr _otp_strlwr +#endif +#ifndef HAVE_STRLCAT +#define rk_strlcat _otp_strlcat +#endif +#ifndef HAVE_STRLCPY +#define rk_strlcpy _otp_strlcpy +#endif + +#endif /* __roken_rename_h__ */ diff --git a/lib/otp/version-script.map b/lib/otp/version-script.map new file mode 100644 index 000000000000..499943f29fbb --- /dev/null +++ b/lib/otp/version-script.map @@ -0,0 +1,25 @@ +HEIMDAL_OTP_1.0 { + global: + otp_challenge; + otp_checksum; + otp_db_close; + otp_db_open; + otp_delete; + otp_error; + otp_find_alg; + otp_get; + otp_parse; + otp_parse_altdict; + otp_parse_hex; + otp_parse_stddict; + otp_print_hex; + otp_print_hex_extended; + otp_print_stddict; + otp_print_stddict_extended; + otp_put; + otp_simple_get; + otp_verify_user; + otp_verify_user_1; + local: + *; +}; diff --git a/lib/roken/ChangeLog b/lib/roken/ChangeLog index 6a9abe72078e..518987b26ab9 100644 --- a/lib/roken/ChangeLog +++ b/lib/roken/ChangeLog @@ -1,8 +1,41 @@ -2008-01-12 Love Hörnquist Åstrand +2008-07-12 Love Hörnquist Ã…strand + + * rkpty.c: Always print output for status. + +2008-04-27 Love Hörnquist Ã…strand + + * getaddrinfo-test.c: drop ) + + * Makefile.am: Add rkpty. + + * rkpty.c: More includes. + + * rkpty.c: Add timeout, add password command, add diffrent + verbosity levels. + +2008-04-26 Love Hörnquist Ã…strand + + * rkpty.c: pty testing application + +2008-04-07 Love Hörnquist Ã…strand + + * resolve.c: Use unsigned where appropriate. + +2008-02-23 Love Hörnquist Ã…strand + + * Makefile.am: make AM_CPPFLAGS += + +2008-02-22 Love Hörnquist Ã…strand + + * Makefile.am: Use AM_CPPFLAGS instead, not really right, but + definatly better then CPPFLAGS. Thanks to Mike Whitton for + pointing this out. + +2008-01-12 Love Hörnquist Ã…strand * Makefile.am: add missing files. -2007-08-09 Love Hörnquist Åstrand +2007-08-09 Love Hörnquist Ã…strand * strftime.c: rewrite str[pf]time for testing. @@ -10,7 +43,7 @@ * Makefile.am: add TEST_STRPFTIME -2007-07-17 Love Hörnquist Åstrand +2007-07-17 Love Hörnquist Ã…strand * ndbm_wrap.c (dbm_get): set dsize to 0 on failure. @@ -18,7 +51,7 @@ * ndbm_wrap.c (dbm_fetch): set dsize to 0 on failure. -2007-07-16 Love Hörnquist Åstrand +2007-07-16 Love Hörnquist Ã…strand * socket_wrapper.c: Implement swrap_dup too. @@ -26,19 +59,19 @@ * socket_wrapper.h: Add dup(dummy stub) and dup2(real). -2007-07-10 Love Hörnquist Åstrand +2007-07-10 Love Hörnquist Ã…strand * Makefile.am: New library version. -2007-06-19 Love Hörnquist Åstrand +2007-06-19 Love Hörnquist Ã…strand * roken_gethostby.c: set proxy_port to 0 to pacify BEAM. -2007-06-07 Love Hörnquist Åstrand +2007-06-07 Love Hörnquist Ã…strand * use "roken.h" consitantly -2007-06-03 Love Hörnquist Åstrand +2007-06-03 Love Hörnquist Ã…strand * test-readenv.c: Free environment. @@ -48,20 +81,20 @@ * roken-common.h (free_environment): free result of read_environment(). -2007-05-10 Love Hörnquist Åstrand +2007-05-10 Love Hörnquist Ã…strand * fnmatch.c: Do recursive call to rk_fnmatch -2007-01-12 Love Hörnquist Åstrand +2007-01-12 Love Hörnquist Ã…strand * resolve.c: Try harder to call res_ndestroy(). -2006-12-27 Love Hörnquist Åstrand +2006-12-27 Love Hörnquist Ã…strand * Makefile.am: make sure built headers are copied to the ${build_topdir}/include -2006-12-15 Love Hörnquist Åstrand +2006-12-15 Love Hörnquist Ã…strand * unvis.c: Use internal version of rk_unvis @@ -73,11 +106,11 @@ * unvis.c: prefix unvis functions with rk_, and prototypes. -2006-12-13 Love Hörnquist Åstrand +2006-12-13 Love Hörnquist Ã…strand * vis.c: Provide some prototypes for the rk_vis functions. -2006-12-11 Love Hörnquist Åstrand +2006-12-11 Love Hörnquist Ã…strand * ifaddrs.hin: Prefix getifaddrs functions with rk_ and do symbol renaming. @@ -93,11 +126,11 @@ * Makefile.am: Install extra posix headers in to avoid dup headers. -2006-11-09 Love Hörnquist Åstrand +2006-11-09 Love Hörnquist Ã…strand * socket_wrapper.c (swrap_sendto): fail on to unknown si->type -2006-11-06 Love Hörnquist Åstrand +2006-11-06 Love Hörnquist Ã…strand * socket_wrapper.c: A few fixes to have Heimdal pass the make check under socket_wrapper. The first is a missing 'break' before @@ -107,11 +140,11 @@ unix stream sockets, but not for TCP sockets. The alternate fix would be to have the KDC use 'send()' in this case. Andrew Bartlett. -2006-10-20 Love Hörnquist Åstrand +2006-10-20 Love Hörnquist Ã…strand * Makefile.am: split dist and nondist HEADERS -2006-10-19 Love Hörnquist Åstrand +2006-10-19 Love Hörnquist Ã…strand * roken.h.in: Add timegm glue. @@ -123,7 +156,7 @@ * socket_wrapper.c: Maybe include and/or maybe include . -2006-10-17 Love Hörnquist Åstrand +2006-10-17 Love Hörnquist Ã…strand * roken.h.in: Revert prevois for now, the problem is that we have to include symbols unconditionally, even for those that just needs @@ -133,7 +166,7 @@ * socket_wrapper.c: Maybe include . -2006-10-10 Love Hörnquist Åstrand +2006-10-10 Love Hörnquist Ã…strand * socket_wrapper.c: more consitity check, remove dead code, add socket length code, add missing break, make diffrent chars of type @@ -145,7 +178,7 @@ * socket_wrapper.c: Force no socket wrapper for socket_wrapper itself. -2006-10-09 Love Hörnquist Åstrand +2006-10-09 Love Hörnquist Ã…strand * socket_wrapper.c: Maybe include . @@ -158,7 +191,7 @@ * socket_wrapper.[ch]: Include socket wrapper from samba4 (rev 19179). -2006-10-07 Love Hörnquist Åstrand +2006-10-07 Love Hörnquist Ã…strand * Makefile.am: Add build_HEADERZ to EXTRA_DIST @@ -166,13 +199,13 @@ * Makefile.am: Add to all objects BUILD_ROKEN_LIB. -2006-09-16 Love Hörnquist Åstrand +2006-09-16 Love Hörnquist Ã…strand * roken.h.in: Add samba socket wrapper fragment. * Makefile.am: Add samba socket wrapper fragment. -2006-09-05 Love Hörnquist Åstrand +2006-09-05 Love Hörnquist Ã…strand * snprintf.c: reapply patch that went away in last commit @@ -182,7 +215,7 @@ * snprintf-test.c: add tests for size_t printf formater -2006-06-30 Love Hörnquist Åstrand +2006-06-30 Love Hörnquist Ã…strand * rtbl.h: Add extern "C" for C++. @@ -190,7 +223,7 @@ * rtbl.h: Add rtbl_add_column_entryv functions, printf like -2006-06-22 Love Hörnquist Åstrand +2006-06-22 Love Hörnquist Ã…strand * glob.hin: Add extern "C" for C++. From joerg at britannica dot bec dot de @@ -198,18 +231,18 @@ * fnmatch.hin: Add extern "C" for C++. From joerg at britannica dot bec dot de -2006-04-20 Love Hörnquist Åstrand +2006-04-20 Love Hörnquist Ã…strand * fnmatch.hin (fnmatch): CPP rename to rk_fnmatch -2006-04-14 Love Hörnquist Åstrand +2006-04-14 Love Hörnquist Ã…strand * resolve.c (dns_srv_order): change a if (ptr == NULL) continue into a assert(ptr != NULL) since it could never happen, found by the IBM code checker (beam). Thanks to Florian Krohm for explaining it. -2006-04-02 Love Hörnquist Åstrand +2006-04-02 Love Hörnquist Ã…strand * roken_gethostby.c (roken_gethostby): make addr_list one larger to avoid a off-by-one error. Found by IBM checker. @@ -217,11 +250,11 @@ * resolve.c: Plug memory leak found by IBM checker (and try to please it). -2006-02-06 Love Hörnquist Åstrand +2006-02-06 Love Hörnquist Ã…strand * resolve.c: Spelling, from Alexey Dobriyan, via Jason McIntyre -2006-01-13 Love Hörnquist Åstrand +2006-01-13 Love Hörnquist Ã…strand * getcap.c: Don't use db support unless its build into libc but we dont check for that now, so just disable the code. This removes @@ -231,7 +264,7 @@ application calls getpwnamn() and it linked to roken, it craches in the nss functions. -2006-01-09 Love Hörnquist Åstrand +2006-01-09 Love Hörnquist Ã…strand * hex.c (hex_decode): support decoding odd number of characters, in the odd len case, the first character ends up in the first byte @@ -239,12 +272,12 @@ * hex-test.c: Check that we can decode single character hex chars. -2005-12-12 Love Hörnquist Åstrand +2005-12-12 Love Hörnquist Ã…strand * getifaddrs.c: Try handle HP/UX 11.nn, its diffrent from Solaris large SIOCGIFCONF. -2005-09-28 Love Hörnquist Åstrand +2005-09-28 Love Hörnquist Ã…strand * roken-common.h: Move rk_UNCONST to roken.h.in since it might use uintptr_t depending on avaibility. @@ -252,46 +285,46 @@ * roken.h.in: Include if it exists. If avaiable, use uintptr_t to define rk_UNCONST. -2005-09-22 Love Hörnquist Åstrand +2005-09-22 Love Hörnquist Ã…strand * roken-common.h: Add rk_dumpdata. * dumpdata.c: Add rk_dumpdata() that write a chunk of data into a file for later processing by some other tool (like asn1_print). -2005-09-13 Love Hörnquist Åstrand +2005-09-13 Love Hörnquist Ã…strand * strptime.c: cast to unsigned char to make sure its not negative when passing it to is* functions -2005-09-01 Love Hörnquist Åstrand +2005-09-01 Love Hörnquist Ã…strand * socket.c: Add socket_set_ipv6only. * roken-common.h: Add socket_set_ipv6only, remove some argument names. -2005-08-25 Love Hörnquist Åstrand +2005-08-25 Love Hörnquist Ã…strand * strpool.c (rk_strpoolprintf): remove debug printf, plug memory leak -2005-08-23 Love Hörnquist Åstrand +2005-08-23 Love Hörnquist Ã…strand * setprogname.c (setprogname): const poision * print_version.c: Removed, moved to libvers. -2005-08-22 Love Hörnquist Åstrand +2005-08-22 Love Hörnquist Ã…strand * resolve.c (dns_lookup_int): if we have res_ndestroy, prefeer that before res_nclose -2005-08-12 Love Hörnquist Åstrand +2005-08-12 Love Hörnquist Ã…strand * getaddrinfo-test.c: Rename optind to optidx to avoid shadowing. -2005-08-05 Love Hörnquist Åstrand +2005-08-05 Love Hörnquist Ã…strand * gai_strerror.c: sprinkel more const @@ -299,21 +332,21 @@ const to match SUSv3. Prompted by Stefan Metzmacher change to Samba. -2005-07-19 Love Hörnquist Åstrand +2005-07-19 Love Hörnquist Ã…strand * roken.h.in: Remove parameter names to avoid shadow warnings. -2005-07-13 Love Hörnquist Åstrand +2005-07-13 Love Hörnquist Ã…strand * getifaddrs.c (nl_getlist): poll to get messages from kernel, and retry if the message was lost (free_nlmsglist): free all linked elements, not just the first one -2005-07-08 Love Hörnquist Åstrand +2005-07-08 Love Hörnquist Ã…strand * snprintf-test.c: Check a very simple format string -2005-07-07 Love Hörnquist Åstrand +2005-07-07 Love Hörnquist Ã…strand * roken.h.in: If we have include it, its needed for strcasecmp() on those platforms that are SUS3/iso c99 strict (like @@ -321,15 +354,15 @@ * roken-common.h: remove duplicate ; -2005-07-06 Love Hörnquist Åstrand +2005-07-06 Love Hörnquist Ã…strand * roken-common.h: rk_strpoolprintf first variable identifier is 3 -2005-06-30 Love Hörnquist Åstrand +2005-06-30 Love Hörnquist Ã…strand * base64.h: remove variable names -2005-06-29 Love Hörnquist Åstrand +2005-06-29 Love Hörnquist Ã…strand * roken-common.h: fix format attribute @@ -341,11 +374,11 @@ * strpool.c: add strpool, a printf collector to make it eaiser to collect strings into one string -2005-06-23 Love Hörnquist Åstrand +2005-06-23 Love Hörnquist Ã…strand * base64.c: Add const, from Andrew Abartlet -2005-06-21 Love Hörnquist Åstrand +2005-06-21 Love Hörnquist Ã…strand * strpftime-test.c: test for "%Y%m" @@ -355,7 +388,7 @@ to limit that amount of numbers used, with this strptime can handle strptime("200505", "%Y%m", &tm); -2005-06-16 Love Hörnquist Åstrand +2005-06-16 Love Hörnquist Ã…strand * getaddrinfo.c: avoid shadowing sin @@ -376,13 +409,13 @@ * environment.c: rename index to idx to avoid shadowing -2005-05-29 Love Hörnquist Åstrand +2005-05-29 Love Hörnquist Ã…strand * parse_reply-test.c: avoid signedness warnings * test-mem.c: avoid signedness warnings -2005-05-27 Love Hörnquist Åstrand +2005-05-27 Love Hörnquist Ã…strand * hex.c: include "roken.h" to avoid undefined size_t/ssize_t @@ -390,12 +423,12 @@ * Makefile.am (snprintf_test_SOURCES): Add snprintf-test.h. -2005-05-20 Love Hörnquist Åstrand +2005-05-20 Love Hörnquist Ã…strand * environment.c (rk_read_env_file): move assignment to later to make pre c99 compiler happy -2005-05-18 Love Hörnquist Åstrand +2005-05-18 Love Hörnquist Ã…strand * strptime.c: use english spelling of March @@ -409,7 +442,7 @@ * environment.c: eliminate duplicates -2005-05-13 Love Hörnquist Åstrand +2005-05-13 Love Hörnquist Ã…strand * issuid.c (issuid): change the #ifdef order to avoid unreachable code warning. @@ -432,7 +465,7 @@ * test-mem.c: Add member fd to map. (rk_test_mem_alloc, rk_test_mem_free): Use it. -2005-04-30 Love Hörnquist Åstrand +2005-04-30 Love Hörnquist Ã…strand * getifaddrs.c: add break on default: statements, from Douglas E. Engert @@ -445,7 +478,7 @@ * parse_time-test.c: Include . -2005-04-27 Love Hörnquist Åstrand +2005-04-27 Love Hörnquist Ã…strand * parse_time-test.c: improve testing @@ -459,7 +492,7 @@ * getusershell.c: Include roken.h -2005-04-18 Love Hörnquist Åstrand +2005-04-18 Love Hörnquist Ã…strand * unvis.c: cast to unsigned char to make sure its not negative when passing it to is* functions @@ -467,7 +500,7 @@ * strptime.c: cast to unsigned char to make sure its not negative when passing it to to* functions -2005-04-13 Love Hörnquist Åstrand +2005-04-13 Love Hörnquist Ã…strand * simple_exec.c: don't close stderr, close all fd that is num 3 and larger @@ -476,19 +509,19 @@ * add closefrom -2005-04-12 Love Hörnquist Åstrand +2005-04-12 Love Hörnquist Ã…strand * add ROKEN_LIB_FUNCTION to all exported functions -2005-04-10 Love Hörnquist Åstrand +2005-04-10 Love Hörnquist Ã…strand * resolve-test.c: print DS -2005-04-07 Love Hörnquist Åstrand +2005-04-07 Love Hörnquist Ã…strand * parse_time-test.c: remove unused variable -2005-04-04 Love Hörnquist Åstrand +2005-04-04 Love Hörnquist Ã…strand * strpftime-test.c: print size_t by casting to unsigned long @@ -498,12 +531,12 @@ * resolve-test.c: print size_t by casting to unsigned long -2005-04-01 Love Hörnquist Åstrand +2005-04-01 Love Hörnquist Ã…strand * snprintf-test.c (try): reset va_list argument between reuse, from Peter Kruty -2005-03-30 Love Hörnquist Åstrand +2005-03-30 Love Hörnquist Ã…strand * roken_gethostby.c (roken_gethostby): s/sin/addr/ to avoid shadowing @@ -512,20 +545,20 @@ * parse_units.c: avoid shadowing div -2005-03-26 Love Hörnquist Åstrand +2005-03-26 Love Hörnquist Ã…strand * snprintf.c: use defined(TEST_SNPRINTF) like on all other places in the same file -2005-03-21 Love Hörnquist Åstrand +2005-03-21 Love Hörnquist Ã…strand * hex.c: check for overflows -2005-03-18 Love Hörnquist Åstrand +2005-03-18 Love Hörnquist Ã…strand * vis.c: use RCSID instead of __RCSID -2005-03-06 Love Hörnquist Åstrand +2005-03-06 Love Hörnquist Ã…strand * Makefile.am: check_PROGRAMS += hex-test @@ -534,13 +567,13 @@ * hex.c: fix decodeing, it processed to much data and thus returned the wrong length -2005-03-04 Love Hörnquist Åstrand +2005-03-04 Love Hörnquist Ã…strand * Makefile.am: add hex.[ch] * hex.c: add hex encoder/decoder -2005-03-02 Love Hörnquist Åstrand +2005-03-02 Love Hörnquist Ã…strand * daemon.c fnmatch.c fnmatch.hin getcap.c getopt.c getusershell.c glob.c glob.hin iruserok.c unvis.c vis.hin: @@ -556,7 +589,7 @@ * vis.c: Update new revision from NetBSD (copyright update) -2005-02-24 Love Hörnquist Åstrand +2005-02-24 Love Hörnquist Ã…strand * Makefile.am: bump version to 17:0:1 @@ -565,7 +598,7 @@ * getusershell.c: Include ctype.h, cast argument to isspace to unsigned char. -2004-10-31 Love Hörnquist Åstrand +2004-10-31 Love Hörnquist Ã…strand * parse_time.3, parse_units.c: Change the behavior of the parse_unit code to return the number of bytes needed to print the @@ -574,7 +607,7 @@ * parse_time-test.c Makefile.am test-mem.c test-mem.h: test parse_time -2004-10-16 Love Hörnquist Åstrand +2004-10-16 Love Hörnquist Ã…strand * resolve.c: put dns_type_to_string and dns_string_to_type in the abi @@ -583,20 +616,20 @@ * resolve.h: add ds_record -2004-10-06 Love Hörnquist Åstrand +2004-10-06 Love Hörnquist Ã…strand * ndbm_wrap.c: undefine open so this works on solaris with large file support From netbsd's pkgsrc via Gavan Fantom -2004-09-13 Love Hörnquist Åstrand +2004-09-13 Love Hörnquist Ã…strand * resolve-test.c: add --version/--help -2004-09-12 Love Hörnquist Åstrand +2004-09-12 Love Hörnquist Ã…strand * Makefile.am: make resolve-test a noinst program -2004-09-11 Love Hörnquist Åstrand +2004-09-11 Love Hörnquist Ã…strand * resolve-test.c: test program for libroken resolve from resolve.c @@ -614,7 +647,7 @@ * Makefile.am: always clean generated headers -2004-06-26 Love Hörnquist Åstrand +2004-06-26 Love Hörnquist Ã…strand * rtbl.3: use .In for header, remove trailing space @@ -630,20 +663,20 @@ - ability to end a row - don't extend last column to full width -2004-06-20 Love Hörnquist Åstrand +2004-06-20 Love Hörnquist Ã…strand * resolve.[ch]: add and use and bind9 version of rr type (rk_ns_t_XXX) instead of the old bind4 version (T_XXX) -2004-05-25 Love Hörnquist Åstrand +2004-05-25 Love Hörnquist Ã…strand * resolve.c (stot): add AAAA -2004-02-17 Love Hörnquist Åstrand +2004-02-17 Love Hörnquist Ã…strand * getarg.c (add_string): catch error from realloc -2004-02-12 Love Hörnquist Åstrand +2004-02-12 Love Hörnquist Ã…strand * roken-common.h: add simple_execve_timed @@ -651,11 +684,11 @@ * simple_exec.c: add timed simple_exec -2004-01-05 Love Hörnquist Åstrand +2004-01-05 Love Hörnquist Ã…strand * gai_strerror.c: correct ifdef for EAI_ADDRFAMILY -2003-12-14 Love Hörnquist Åstrand +2003-12-14 Love Hörnquist Ã…strand * resolve.c: parse dns header, add support for SSHFP @@ -663,35 +696,35 @@ * resolve.h: add SSHFP, clean up the the dns_header -2003-12-14 Love Hörnquist Åstrand +2003-12-14 Love Hörnquist Ã…strand * resolve.h: remove HEADER (only used for crays) * resolve.c: number-of fields no longer stored in network order -2003-12-13 Love Hörnquist Åstrand +2003-12-13 Love Hörnquist Ã…strand * resolve.c: remove depency on c99 types in resolv.h * resolve.h: remove depency on c99 types -2003-12-06 Love Hörnquist Åstrand +2003-12-06 Love Hörnquist Ã…strand * resolv.h: add more T_ types and inline the dns headers, all this for bind9 resolvers -2003-12-02 Love Hörnquist Åstrand +2003-12-02 Love Hörnquist Ã…strand * gai_strerror.c: EAI_ADDRFAMILY and EAI_NODATA is deprecated * roken-common.h: use EAI_NONAME instead of EAI_ADDRFAMILY to check for if we need EAI_ macros -2003-10-04 Love Hörnquist Åstrand +2003-10-04 Love Hörnquist Ã…strand * strptime.c: let t and n match zero or more whitespaces -2003-08-29 Love Hörnquist Åstrand +2003-08-29 Love Hörnquist Ã…strand * ndbm_wrap.c: patch for working with DB4 on heimdal-discuss From: Luke Howard diff --git a/lib/roken/Makefile.am b/lib/roken/Makefile.am index b1a4251fcddc..e723288107c7 100644 --- a/lib/roken/Makefile.am +++ b/lib/roken/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 22409 2008-01-12 05:53:37Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -7,34 +7,41 @@ ACLOCAL_AMFLAGS = -I ../../cf CLEANFILES = roken.h make-roken.c $(XHEADERS) lib_LTLIBRARIES = libroken.la + libroken_la_LDFLAGS = -version-info 19:0:1 libroken_la_CPPFLAGS = -DBUILD_ROKEN_LIB -# XXX this is needed for the LIBOBJS objects -CPPFLAGS = $(libroken_la_CPPFLAGS) +if versionscript +libroken_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map +endif -noinst_PROGRAMS = make-roken snprintf-test resolve-test +AM_CPPFLAGS += $(libroken_la_CPPFLAGS) +if HAVE_DBHEADER +AM_CPPFLAGS += -I$(DBHEADER) +endif -nodist_make_roken_SOURCES = make-roken.c +noinst_PROGRAMS = snprintf-test resolve-test rkpty check_PROGRAMS = \ base64-test \ getaddrinfo-test \ + getifaddrs-test \ hex-test \ test-readenv \ parse_bytes-test \ parse_reply-test \ parse_time-test \ snprintf-test \ - strpftime-test + strpftime-test \ + tsearch-test TESTS = $(check_PROGRAMS) -LDADD = libroken.la $(LIB_crypt) +LDADD = libroken.la make_roken_LDADD = noinst_LTLIBRARIES = libtest.la -libtest_la_SOURCES = strftime.c strptime.c snprintf.c +libtest_la_SOURCES = strftime.c strptime.c snprintf.c tsearch.c libtest_la_CFLAGS = -DTEST_SNPRINTF -DTEST_STRPFTIME parse_reply_test_SOURCES = parse_reply-test.c resolve.c @@ -42,14 +49,19 @@ parse_reply_test_CFLAGS = -DTEST_RESOLVE test_readenv_SOURCES = test-readenv.c test-mem.c +rkpty_LDADD = $(LIB_openpty) $(LDADD) + parse_time_test_SOURCES = parse_time-test.c test-mem.c strpftime_test_SOURCES = strpftime-test.c strpftime-test.h strpftime_test_LDADD = libtest.la $(LDADD) strpftime_test_CFLAGS = -DTEST_STRPFTIME -snprintf_test_SOURCES = snprintf-test.c snprintf-test.h +snprintf_test_SOURCES = snprintf-test.c snprintf_test_LDADD = libtest.la $(LDADD) snprintf_test_CFLAGS = -DTEST_SNPRINTF +tsearch_test_SOURCES = tsearch-test.c +tsearch_test_LDADD = libtest.la $(LDADD) +tsearch_test_CFLAGS = -DTEST_TSEARCH resolve_test_SOURCES = resolve-test.c @@ -57,6 +69,9 @@ libroken_la_SOURCES = \ base64.c \ bswap.c \ concat.c \ + cloexec.c \ + ct.c \ + doxygen.c \ dumpdata.c \ environment.c \ eread.c \ @@ -80,6 +95,8 @@ libroken_la_SOURCES = \ parse_bytes.c \ parse_time.c \ parse_units.c \ + qsort.c \ + rand.c \ realloc.c \ resolve.c \ roken_gethostby.c \ @@ -91,15 +108,16 @@ libroken_la_SOURCES = \ snprintf.c \ socket.c \ strcollect.c \ + strerror_r.c \ strpool.c \ timeval.c \ tm2time.c \ unvis.c \ verify.c \ vis.c \ - vis.h \ warnerr.c \ write_pid.c \ + xfree.c \ xdbm.h EXTRA_libroken_la_SOURCES = \ @@ -107,13 +125,14 @@ EXTRA_libroken_la_SOURCES = \ glob.hin \ fnmatch.hin \ ifaddrs.hin \ + search.hin \ vis.hin -libroken_la_LIBADD = @LTLIBOBJS@ +libroken_la_LIBADD = @LTLIBOBJS@ $(LIB_crypt) $(LTLIBOBJS) $(libroken_la_OBJECTS): roken.h $(XHEADERS) -BUILT_SOURCES = make-roken.c roken.h +BUILT_SOURCES = roken.h if have_err_h err_h = @@ -139,6 +158,12 @@ else ifaddrs_h = ifaddrs.h endif +if have_search_h +search_h = +else +search_h = search.h +endif + if have_vis_h vis_h = else @@ -146,8 +171,8 @@ vis_h = vis.h endif ## these are controlled by configure -XHEADERS = $(err_h) $(fnmatch_h) $(glob_h) $(ifaddrs_h) $(vis_h) -CLEANFILES += err.h fnmatch.h glob.h ifaddrs.h vis.h +XHEADERS = $(err_h) $(fnmatch_h) $(glob_h) $(ifaddrs_h) $(search_h) $(vis_h) +CLEANFILES += err.h fnmatch.h glob.h ifaddrs.h search.h vis.h dist_include_HEADERS = \ base64.h \ @@ -178,6 +203,14 @@ SUFFIXES += .hin .hin.h: cp $< $@ +# Make make-roken deprecated in 1.4 when we know that roken-h-process.pl works +if !CROSS_COMPILE + +noinst_PROGRAMS += make-roken +BUILT_SOURCES += make-roken.c + +nodist_make_roken_SOURCES = make-roken.c + roken.h: make-roken$(EXEEXT) @./make-roken$(EXEEXT) > tmp.h ;\ if [ -f roken.h ] && cmp -s tmp.h roken.h ; then rm -f tmp.h ; \ @@ -186,9 +219,21 @@ roken.h: make-roken$(EXEEXT) make-roken.c: roken.h.in roken.awk $(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c +else + +roken.h: $(top_srcdir)/cf/roken-h-process.pl roken.h.in + perl $(top_srcdir)/cf/roken-h-process.pl \ + -c $(top_builddir)/include/config.h \ + -p $(srcdir)/roken.h.in -o roken.h + +endif + + EXTRA_DIST = \ + NTMakefile \ roken.awk roken.h.in \ $(man_MANS) \ test-mem.h \ ndbm_wrap.c \ - ndbm_wrap.h + ndbm_wrap.h \ + version-script.map diff --git a/lib/roken/Makefile.in b/lib/roken/Makefile.in index 0398523aae57..9c05b08a404b 100644 --- a/lib/roken/Makefile.in +++ b/lib/roken/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,18 +15,19 @@ @SET_MAKE@ -# $Id: Makefile.am 22409 2008-01-12 05:53:37Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -56,21 +58,28 @@ DIST_COMMON = $(am__dist_include_HEADERS_DIST) $(srcdir)/Makefile.am \ seteuid.c strcasecmp.c strdup.c strerror.c strftime.c \ strlcat.c strlcpy.c strlwr.c strncasecmp.c strndup.c strnlen.c \ strptime.c strsep.c strsep_copy.c strtok_r.c strupr.c swab.c \ - timegm.c unsetenv.c verr.c verrx.c vsyslog.c vwarn.c vwarnx.c \ - warn.c warnx.c writev.c -noinst_PROGRAMS = make-roken$(EXEEXT) snprintf-test$(EXEEXT) \ - resolve-test$(EXEEXT) + timegm.c tsearch.c unsetenv.c verr.c verrx.c vsyslog.c vwarn.c \ + vwarnx.c warn.c warnx.c writev.c +@versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map +@HAVE_DBHEADER_TRUE@am__append_2 = -I$(DBHEADER) +noinst_PROGRAMS = snprintf-test$(EXEEXT) resolve-test$(EXEEXT) \ + rkpty$(EXEEXT) $(am__EXEEXT_1) check_PROGRAMS = base64-test$(EXEEXT) getaddrinfo-test$(EXEEXT) \ - hex-test$(EXEEXT) test-readenv$(EXEEXT) \ - parse_bytes-test$(EXEEXT) parse_reply-test$(EXEEXT) \ - parse_time-test$(EXEEXT) snprintf-test$(EXEEXT) \ - strpftime-test$(EXEEXT) -@have_socket_wrapper_TRUE@am__append_1 = socket_wrapper.c socket_wrapper.h -@have_socket_wrapper_TRUE@am__append_2 = socket_wrapper.h + getifaddrs-test$(EXEEXT) hex-test$(EXEEXT) \ + test-readenv$(EXEEXT) parse_bytes-test$(EXEEXT) \ + parse_reply-test$(EXEEXT) parse_time-test$(EXEEXT) \ + snprintf-test$(EXEEXT) strpftime-test$(EXEEXT) \ + tsearch-test$(EXEEXT) +@have_socket_wrapper_TRUE@am__append_3 = socket_wrapper.c socket_wrapper.h +@have_socket_wrapper_TRUE@am__append_4 = socket_wrapper.h + +# Make make-roken deprecated in 1.4 when we know that roken-h-process.pl works +@CROSS_COMPILE_FALSE@am__append_5 = make-roken +@CROSS_COMPILE_FALSE@am__append_6 = make-roken.c subdir = lib/roken ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -85,7 +94,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -99,9 +108,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -109,39 +121,57 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(man3dir)" \ "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)" \ "$(DESTDIR)$(rokenincludedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) $(noinst_LTLIBRARIES) -libroken_la_DEPENDENCIES = @LTLIBOBJS@ -am__libroken_la_SOURCES_DIST = base64.c bswap.c concat.c dumpdata.c \ - environment.c eread.c esetenv.c ewrite.c \ - getaddrinfo_hostspec.c get_default_username.c \ +am__DEPENDENCIES_1 = +libroken_la_DEPENDENCIES = @LTLIBOBJS@ $(am__DEPENDENCIES_1) +am__libroken_la_SOURCES_DIST = base64.c bswap.c concat.c cloexec.c \ + ct.c doxygen.c dumpdata.c environment.c eread.c esetenv.c \ + ewrite.c getaddrinfo_hostspec.c get_default_username.c \ get_window_size.c getarg.c getnameinfo_verified.c \ getprogname.c h_errno.c hex.c hostent_find_fqdn.c issuid.c \ k_getpwnam.c k_getpwuid.c mini_inetd.c net_read.c net_write.c \ - parse_bytes.c parse_time.c parse_units.c realloc.c resolve.c \ - roken_gethostby.c rtbl.c rtbl.h setprogname.c signal.c \ - simple_exec.c snprintf.c socket.c strcollect.c strpool.c \ - timeval.c tm2time.c unvis.c verify.c vis.c vis.h warnerr.c \ - write_pid.c xdbm.h socket_wrapper.c socket_wrapper.h + parse_bytes.c parse_time.c parse_units.c qsort.c rand.c \ + realloc.c resolve.c roken_gethostby.c rtbl.c rtbl.h \ + setprogname.c signal.c simple_exec.c snprintf.c socket.c \ + strcollect.c strerror_r.c strpool.c timeval.c tm2time.c \ + unvis.c verify.c vis.c warnerr.c write_pid.c xfree.c xdbm.h \ + socket_wrapper.c socket_wrapper.h @have_socket_wrapper_TRUE@am__objects_1 = \ @have_socket_wrapper_TRUE@ libroken_la-socket_wrapper.lo am_libroken_la_OBJECTS = libroken_la-base64.lo libroken_la-bswap.lo \ - libroken_la-concat.lo libroken_la-dumpdata.lo \ + libroken_la-concat.lo libroken_la-cloexec.lo libroken_la-ct.lo \ + libroken_la-doxygen.lo libroken_la-dumpdata.lo \ libroken_la-environment.lo libroken_la-eread.lo \ libroken_la-esetenv.lo libroken_la-ewrite.lo \ libroken_la-getaddrinfo_hostspec.lo \ @@ -154,54 +184,59 @@ am_libroken_la_OBJECTS = libroken_la-base64.lo libroken_la-bswap.lo \ libroken_la-mini_inetd.lo libroken_la-net_read.lo \ libroken_la-net_write.lo libroken_la-parse_bytes.lo \ libroken_la-parse_time.lo libroken_la-parse_units.lo \ + libroken_la-qsort.lo libroken_la-rand.lo \ libroken_la-realloc.lo libroken_la-resolve.lo \ libroken_la-roken_gethostby.lo libroken_la-rtbl.lo \ libroken_la-setprogname.lo libroken_la-signal.lo \ libroken_la-simple_exec.lo libroken_la-snprintf.lo \ libroken_la-socket.lo libroken_la-strcollect.lo \ - libroken_la-strpool.lo libroken_la-timeval.lo \ - libroken_la-tm2time.lo libroken_la-unvis.lo \ - libroken_la-verify.lo libroken_la-vis.lo \ + libroken_la-strerror_r.lo libroken_la-strpool.lo \ + libroken_la-timeval.lo libroken_la-tm2time.lo \ + libroken_la-unvis.lo libroken_la-verify.lo libroken_la-vis.lo \ libroken_la-warnerr.lo libroken_la-write_pid.lo \ - $(am__objects_1) + libroken_la-xfree.lo $(am__objects_1) libroken_la_OBJECTS = $(am_libroken_la_OBJECTS) libroken_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libroken_la_LDFLAGS) $(LDFLAGS) -o $@ libtest_la_LIBADD = am_libtest_la_OBJECTS = libtest_la-strftime.lo libtest_la-strptime.lo \ - libtest_la-snprintf.lo + libtest_la-snprintf.lo libtest_la-tsearch.lo libtest_la_OBJECTS = $(am_libtest_la_OBJECTS) libtest_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(libtest_la_CFLAGS) \ $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +@CROSS_COMPILE_FALSE@am__EXEEXT_1 = make-roken$(EXEEXT) PROGRAMS = $(noinst_PROGRAMS) base64_test_SOURCES = base64-test.c base64_test_OBJECTS = base64-test.$(OBJEXT) base64_test_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -base64_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) +base64_test_DEPENDENCIES = libroken.la getaddrinfo_test_SOURCES = getaddrinfo-test.c getaddrinfo_test_OBJECTS = getaddrinfo-test.$(OBJEXT) getaddrinfo_test_LDADD = $(LDADD) -getaddrinfo_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) +getaddrinfo_test_DEPENDENCIES = libroken.la +getifaddrs_test_SOURCES = getifaddrs-test.c +getifaddrs_test_OBJECTS = getifaddrs-test.$(OBJEXT) +getifaddrs_test_LDADD = $(LDADD) +getifaddrs_test_DEPENDENCIES = libroken.la hex_test_SOURCES = hex-test.c hex_test_OBJECTS = hex-test.$(OBJEXT) hex_test_LDADD = $(LDADD) -hex_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) -nodist_make_roken_OBJECTS = make-roken.$(OBJEXT) +hex_test_DEPENDENCIES = libroken.la +@CROSS_COMPILE_FALSE@nodist_make_roken_OBJECTS = make-roken.$(OBJEXT) make_roken_OBJECTS = $(nodist_make_roken_OBJECTS) make_roken_DEPENDENCIES = parse_bytes_test_SOURCES = parse_bytes-test.c parse_bytes_test_OBJECTS = parse_bytes-test.$(OBJEXT) parse_bytes_test_LDADD = $(LDADD) -parse_bytes_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) +parse_bytes_test_DEPENDENCIES = libroken.la am_parse_reply_test_OBJECTS = \ parse_reply_test-parse_reply-test.$(OBJEXT) \ parse_reply_test-resolve.$(OBJEXT) parse_reply_test_OBJECTS = $(am_parse_reply_test_OBJECTS) parse_reply_test_LDADD = $(LDADD) -parse_reply_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) +parse_reply_test_DEPENDENCIES = libroken.la parse_reply_test_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(parse_reply_test_CFLAGS) \ $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ @@ -209,31 +244,39 @@ am_parse_time_test_OBJECTS = parse_time-test.$(OBJEXT) \ test-mem.$(OBJEXT) parse_time_test_OBJECTS = $(am_parse_time_test_OBJECTS) parse_time_test_LDADD = $(LDADD) -parse_time_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) +parse_time_test_DEPENDENCIES = libroken.la am_resolve_test_OBJECTS = resolve-test.$(OBJEXT) resolve_test_OBJECTS = $(am_resolve_test_OBJECTS) resolve_test_LDADD = $(LDADD) -resolve_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) +resolve_test_DEPENDENCIES = libroken.la +rkpty_SOURCES = rkpty.c +rkpty_OBJECTS = rkpty.$(OBJEXT) +rkpty_DEPENDENCIES = $(am__DEPENDENCIES_1) $(LDADD) am_snprintf_test_OBJECTS = snprintf_test-snprintf-test.$(OBJEXT) snprintf_test_OBJECTS = $(am_snprintf_test_OBJECTS) -am__DEPENDENCIES_2 = libroken.la $(am__DEPENDENCIES_1) -snprintf_test_DEPENDENCIES = libtest.la $(am__DEPENDENCIES_2) +snprintf_test_DEPENDENCIES = libtest.la $(LDADD) snprintf_test_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(snprintf_test_CFLAGS) \ $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ am_strpftime_test_OBJECTS = strpftime_test-strpftime-test.$(OBJEXT) strpftime_test_OBJECTS = $(am_strpftime_test_OBJECTS) -strpftime_test_DEPENDENCIES = libtest.la $(am__DEPENDENCIES_2) +strpftime_test_DEPENDENCIES = libtest.la $(LDADD) strpftime_test_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(strpftime_test_CFLAGS) \ $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ am_test_readenv_OBJECTS = test-readenv.$(OBJEXT) test-mem.$(OBJEXT) test_readenv_OBJECTS = $(am_test_readenv_OBJECTS) test_readenv_LDADD = $(LDADD) -test_readenv_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +test_readenv_DEPENDENCIES = libroken.la +am_tsearch_test_OBJECTS = tsearch_test-tsearch-test.$(OBJEXT) +tsearch_test_OBJECTS = $(am_tsearch_test_OBJECTS) +tsearch_test_DEPENDENCIES = libtest.la $(LDADD) +tsearch_test_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(tsearch_test_CFLAGS) \ + $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -245,78 +288,86 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) \ $(libtest_la_SOURCES) base64-test.c getaddrinfo-test.c \ - hex-test.c $(nodist_make_roken_SOURCES) parse_bytes-test.c \ - $(parse_reply_test_SOURCES) $(parse_time_test_SOURCES) \ - $(resolve_test_SOURCES) $(snprintf_test_SOURCES) \ - $(strpftime_test_SOURCES) $(test_readenv_SOURCES) + getifaddrs-test.c hex-test.c $(nodist_make_roken_SOURCES) \ + parse_bytes-test.c $(parse_reply_test_SOURCES) \ + $(parse_time_test_SOURCES) $(resolve_test_SOURCES) rkpty.c \ + $(snprintf_test_SOURCES) $(strpftime_test_SOURCES) \ + $(test_readenv_SOURCES) $(tsearch_test_SOURCES) DIST_SOURCES = $(am__libroken_la_SOURCES_DIST) \ $(EXTRA_libroken_la_SOURCES) $(libtest_la_SOURCES) \ - base64-test.c getaddrinfo-test.c hex-test.c parse_bytes-test.c \ - $(parse_reply_test_SOURCES) $(parse_time_test_SOURCES) \ - $(resolve_test_SOURCES) $(snprintf_test_SOURCES) \ - $(strpftime_test_SOURCES) $(test_readenv_SOURCES) + base64-test.c getaddrinfo-test.c getifaddrs-test.c hex-test.c \ + parse_bytes-test.c $(parse_reply_test_SOURCES) \ + $(parse_time_test_SOURCES) $(resolve_test_SOURCES) rkpty.c \ + $(snprintf_test_SOURCES) $(strpftime_test_SOURCES) \ + $(test_readenv_SOURCES) $(tsearch_test_SOURCES) man3dir = $(mandir)/man3 MANS = $(man_MANS) am__dist_include_HEADERS_DIST = base64.h getarg.h hex.h parse_bytes.h \ parse_time.h parse_units.h resolve.h roken-common.h rtbl.h \ xdbm.h socket_wrapper.h -dist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -nodist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -nodist_rokenincludeHEADERS_INSTALL = $(INSTALL_HEADER) HEADERS = $(dist_include_HEADERS) $(nodist_include_HEADERS) \ $(nodist_rokeninclude_HEADERS) ETAGS = etags CTAGS = ctags +am__tty_colors = \ +red=; grn=; lgn=; blu=; std= DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ - -# XXX this is needed for the LIBOBJS objects -CPPFLAGS = $(libroken_la_CPPFLAGS) -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ +CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -340,10 +391,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -360,6 +412,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -375,31 +429,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -414,10 +482,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -458,74 +528,85 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .hin -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .hin +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(libroken_la_CPPFLAGS) \ + $(am__append_2) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la ACLOCAL_AMFLAGS = -I ../../cf CLEANFILES = roken.h make-roken.c $(XHEADERS) err.h fnmatch.h glob.h \ - ifaddrs.h vis.h + ifaddrs.h search.h vis.h lib_LTLIBRARIES = libroken.la -libroken_la_LDFLAGS = -version-info 19:0:1 +libroken_la_LDFLAGS = -version-info 19:0:1 $(am__append_1) libroken_la_CPPFLAGS = -DBUILD_ROKEN_LIB -nodist_make_roken_SOURCES = make-roken.c TESTS = $(check_PROGRAMS) -LDADD = libroken.la $(LIB_crypt) +LDADD = libroken.la make_roken_LDADD = noinst_LTLIBRARIES = libtest.la -libtest_la_SOURCES = strftime.c strptime.c snprintf.c +libtest_la_SOURCES = strftime.c strptime.c snprintf.c tsearch.c libtest_la_CFLAGS = -DTEST_SNPRINTF -DTEST_STRPFTIME parse_reply_test_SOURCES = parse_reply-test.c resolve.c parse_reply_test_CFLAGS = -DTEST_RESOLVE test_readenv_SOURCES = test-readenv.c test-mem.c +rkpty_LDADD = $(LIB_openpty) $(LDADD) parse_time_test_SOURCES = parse_time-test.c test-mem.c strpftime_test_SOURCES = strpftime-test.c strpftime-test.h strpftime_test_LDADD = libtest.la $(LDADD) strpftime_test_CFLAGS = -DTEST_STRPFTIME -snprintf_test_SOURCES = snprintf-test.c snprintf-test.h +snprintf_test_SOURCES = snprintf-test.c snprintf_test_LDADD = libtest.la $(LDADD) snprintf_test_CFLAGS = -DTEST_SNPRINTF +tsearch_test_SOURCES = tsearch-test.c +tsearch_test_LDADD = libtest.la $(LDADD) +tsearch_test_CFLAGS = -DTEST_TSEARCH resolve_test_SOURCES = resolve-test.c -libroken_la_SOURCES = base64.c bswap.c concat.c dumpdata.c \ - environment.c eread.c esetenv.c ewrite.c \ +libroken_la_SOURCES = base64.c bswap.c concat.c cloexec.c ct.c \ + doxygen.c dumpdata.c environment.c eread.c esetenv.c ewrite.c \ getaddrinfo_hostspec.c get_default_username.c \ get_window_size.c getarg.c getnameinfo_verified.c \ getprogname.c h_errno.c hex.c hostent_find_fqdn.c issuid.c \ k_getpwnam.c k_getpwuid.c mini_inetd.c net_read.c net_write.c \ - parse_bytes.c parse_time.c parse_units.c realloc.c resolve.c \ - roken_gethostby.c rtbl.c rtbl.h setprogname.c signal.c \ - simple_exec.c snprintf.c socket.c strcollect.c strpool.c \ - timeval.c tm2time.c unvis.c verify.c vis.c vis.h warnerr.c \ - write_pid.c xdbm.h $(am__append_1) + parse_bytes.c parse_time.c parse_units.c qsort.c rand.c \ + realloc.c resolve.c roken_gethostby.c rtbl.c rtbl.h \ + setprogname.c signal.c simple_exec.c snprintf.c socket.c \ + strcollect.c strerror_r.c strpool.c timeval.c tm2time.c \ + unvis.c verify.c vis.c warnerr.c write_pid.c xfree.c xdbm.h \ + $(am__append_3) EXTRA_libroken_la_SOURCES = \ err.hin \ glob.hin \ fnmatch.hin \ ifaddrs.hin \ + search.hin \ vis.hin -libroken_la_LIBADD = @LTLIBOBJS@ -BUILT_SOURCES = make-roken.c roken.h +libroken_la_LIBADD = @LTLIBOBJS@ $(LIB_crypt) +BUILT_SOURCES = roken.h $(am__append_6) @have_err_h_FALSE@err_h = err.h @have_err_h_TRUE@err_h = @have_fnmatch_h_FALSE@fnmatch_h = fnmatch.h @@ -534,41 +615,46 @@ BUILT_SOURCES = make-roken.c roken.h @have_glob_h_TRUE@glob_h = @have_ifaddrs_h_FALSE@ifaddrs_h = ifaddrs.h @have_ifaddrs_h_TRUE@ifaddrs_h = +@have_search_h_FALSE@search_h = search.h +@have_search_h_TRUE@search_h = @have_vis_h_FALSE@vis_h = vis.h @have_vis_h_TRUE@vis_h = -XHEADERS = $(err_h) $(fnmatch_h) $(glob_h) $(ifaddrs_h) $(vis_h) +XHEADERS = $(err_h) $(fnmatch_h) $(glob_h) $(ifaddrs_h) $(search_h) $(vis_h) dist_include_HEADERS = base64.h getarg.h hex.h parse_bytes.h \ parse_time.h parse_units.h resolve.h roken-common.h rtbl.h \ - xdbm.h $(am__append_2) + xdbm.h $(am__append_4) build_HEADERZ = test-mem.h $(XHEADERS) nodist_include_HEADERS = roken.h rokenincludedir = $(includedir)/roken nodist_rokeninclude_HEADERS = $(XHEADERS) man_MANS = getarg.3 parse_time.3 rtbl.3 ecalloc.3 +@CROSS_COMPILE_FALSE@nodist_make_roken_SOURCES = make-roken.c EXTRA_DIST = \ + NTMakefile \ roken.awk roken.h.in \ $(man_MANS) \ test-mem.h \ ndbm_wrap.c \ - ndbm_wrap.h + ndbm_wrap.h \ + version-script.map all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .hin .c .lo .o .obj +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .hin .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/roken/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/roken/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/roken/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/roken/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -586,23 +672,28 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -628,24 +719,31 @@ libtest.la: $(libtest_la_OBJECTS) $(libtest_la_DEPENDENCIES) $(libtest_la_LINK) $(libtest_la_OBJECTS) $(libtest_la_LIBADD) $(LIBS) clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list base64-test$(EXEEXT): $(base64_test_OBJECTS) $(base64_test_DEPENDENCIES) @rm -f base64-test$(EXEEXT) $(LINK) $(base64_test_OBJECTS) $(base64_test_LDADD) $(LIBS) getaddrinfo-test$(EXEEXT): $(getaddrinfo_test_OBJECTS) $(getaddrinfo_test_DEPENDENCIES) @rm -f getaddrinfo-test$(EXEEXT) $(LINK) $(getaddrinfo_test_OBJECTS) $(getaddrinfo_test_LDADD) $(LIBS) +getifaddrs-test$(EXEEXT): $(getifaddrs_test_OBJECTS) $(getifaddrs_test_DEPENDENCIES) + @rm -f getifaddrs-test$(EXEEXT) + $(LINK) $(getifaddrs_test_OBJECTS) $(getifaddrs_test_LDADD) $(LIBS) hex-test$(EXEEXT): $(hex_test_OBJECTS) $(hex_test_DEPENDENCIES) @rm -f hex-test$(EXEEXT) $(LINK) $(hex_test_OBJECTS) $(hex_test_LDADD) $(LIBS) @@ -664,6 +762,9 @@ parse_time-test$(EXEEXT): $(parse_time_test_OBJECTS) $(parse_time_test_DEPENDENC resolve-test$(EXEEXT): $(resolve_test_OBJECTS) $(resolve_test_DEPENDENCIES) @rm -f resolve-test$(EXEEXT) $(LINK) $(resolve_test_OBJECTS) $(resolve_test_LDADD) $(LIBS) +rkpty$(EXEEXT): $(rkpty_OBJECTS) $(rkpty_DEPENDENCIES) + @rm -f rkpty$(EXEEXT) + $(LINK) $(rkpty_OBJECTS) $(rkpty_LDADD) $(LIBS) snprintf-test$(EXEEXT): $(snprintf_test_OBJECTS) $(snprintf_test_DEPENDENCIES) @rm -f snprintf-test$(EXEEXT) $(snprintf_test_LINK) $(snprintf_test_OBJECTS) $(snprintf_test_LDADD) $(LIBS) @@ -673,6 +774,9 @@ strpftime-test$(EXEEXT): $(strpftime_test_OBJECTS) $(strpftime_test_DEPENDENCIES test-readenv$(EXEEXT): $(test_readenv_OBJECTS) $(test_readenv_DEPENDENCIES) @rm -f test-readenv$(EXEEXT) $(LINK) $(test_readenv_OBJECTS) $(test_readenv_LDADD) $(LIBS) +tsearch-test$(EXEEXT): $(tsearch_test_OBJECTS) $(tsearch_test_DEPENDENCIES) + @rm -f tsearch-test$(EXEEXT) + $(tsearch_test_LINK) $(tsearch_test_OBJECTS) $(tsearch_test_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -680,337 +784,802 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/chown.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/closefrom.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/copyhostent.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/daemon.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ecalloc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/emalloc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/erealloc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/err.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/errx.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/estrdup.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/fchown.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/flock.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/fnmatch.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/freeaddrinfo.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/freehostent.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/gai_strerror.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getaddrinfo.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getcap.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getcwd.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getdtablesize.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getegid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/geteuid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getgid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/gethostname.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getifaddrs.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getipnodebyaddr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getipnodebyname.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getnameinfo.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getopt.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/gettimeofday.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getuid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/getusershell.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/glob.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/hstrerror.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/inet_aton.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/inet_ntop.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/inet_pton.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/initgroups.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/innetgr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/iruserok.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/localtime_r.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/lstat.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/memmove.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/mkstemp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/putenv.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/rcmd.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/readv.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/recvmsg.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/sendmsg.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/setegid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/setenv.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/seteuid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strcasecmp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strdup.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strerror.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strftime.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strlcat.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strlcpy.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strlwr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strncasecmp.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strndup.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strnlen.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strptime.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strsep.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strsep_copy.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strtok_r.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strupr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/swab.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/timegm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/tsearch.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/unsetenv.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/verr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/verrx.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/vsyslog.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/vwarn.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/vwarnx.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/warn.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/warnx.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/writev.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/base64-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getaddrinfo-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getifaddrs-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hex-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-base64.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-bswap.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-cloexec.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-concat.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-ct.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-doxygen.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-dumpdata.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-environment.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-eread.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-esetenv.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-ewrite.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-get_default_username.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-get_window_size.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-getaddrinfo_hostspec.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-getarg.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-getnameinfo_verified.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-getprogname.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-h_errno.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-hex.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-hostent_find_fqdn.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-issuid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-k_getpwnam.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-k_getpwuid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-mini_inetd.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-net_read.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-net_write.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-parse_bytes.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-parse_time.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-parse_units.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-qsort.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-rand.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-realloc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-resolve.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-roken_gethostby.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-rtbl.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-setprogname.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-signal.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-simple_exec.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-snprintf.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-socket.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-socket_wrapper.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-strcollect.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-strerror_r.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-strpool.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-timeval.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-tm2time.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-unvis.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-verify.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-vis.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-warnerr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-write_pid.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libroken_la-xfree.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtest_la-snprintf.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtest_la-strftime.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtest_la-strptime.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtest_la-tsearch.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/make-roken.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parse_bytes-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parse_reply_test-parse_reply-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parse_reply_test-resolve.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parse_time-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/resolve-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rkpty.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/snprintf_test-snprintf-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strpftime_test-strpftime-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test-mem.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test-readenv.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tsearch_test-tsearch-test.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< libroken_la-base64.lo: base64.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-base64.lo `test -f 'base64.c' || echo '$(srcdir)/'`base64.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-base64.lo -MD -MP -MF $(DEPDIR)/libroken_la-base64.Tpo -c -o libroken_la-base64.lo `test -f 'base64.c' || echo '$(srcdir)/'`base64.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-base64.Tpo $(DEPDIR)/libroken_la-base64.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='base64.c' object='libroken_la-base64.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-base64.lo `test -f 'base64.c' || echo '$(srcdir)/'`base64.c libroken_la-bswap.lo: bswap.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-bswap.lo `test -f 'bswap.c' || echo '$(srcdir)/'`bswap.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-bswap.lo -MD -MP -MF $(DEPDIR)/libroken_la-bswap.Tpo -c -o libroken_la-bswap.lo `test -f 'bswap.c' || echo '$(srcdir)/'`bswap.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-bswap.Tpo $(DEPDIR)/libroken_la-bswap.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bswap.c' object='libroken_la-bswap.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-bswap.lo `test -f 'bswap.c' || echo '$(srcdir)/'`bswap.c libroken_la-concat.lo: concat.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-concat.lo `test -f 'concat.c' || echo '$(srcdir)/'`concat.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-concat.lo -MD -MP -MF $(DEPDIR)/libroken_la-concat.Tpo -c -o libroken_la-concat.lo `test -f 'concat.c' || echo '$(srcdir)/'`concat.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-concat.Tpo $(DEPDIR)/libroken_la-concat.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='concat.c' object='libroken_la-concat.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-concat.lo `test -f 'concat.c' || echo '$(srcdir)/'`concat.c + +libroken_la-cloexec.lo: cloexec.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-cloexec.lo -MD -MP -MF $(DEPDIR)/libroken_la-cloexec.Tpo -c -o libroken_la-cloexec.lo `test -f 'cloexec.c' || echo '$(srcdir)/'`cloexec.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-cloexec.Tpo $(DEPDIR)/libroken_la-cloexec.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='cloexec.c' object='libroken_la-cloexec.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-cloexec.lo `test -f 'cloexec.c' || echo '$(srcdir)/'`cloexec.c + +libroken_la-ct.lo: ct.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-ct.lo -MD -MP -MF $(DEPDIR)/libroken_la-ct.Tpo -c -o libroken_la-ct.lo `test -f 'ct.c' || echo '$(srcdir)/'`ct.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-ct.Tpo $(DEPDIR)/libroken_la-ct.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ct.c' object='libroken_la-ct.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-ct.lo `test -f 'ct.c' || echo '$(srcdir)/'`ct.c + +libroken_la-doxygen.lo: doxygen.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-doxygen.lo -MD -MP -MF $(DEPDIR)/libroken_la-doxygen.Tpo -c -o libroken_la-doxygen.lo `test -f 'doxygen.c' || echo '$(srcdir)/'`doxygen.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-doxygen.Tpo $(DEPDIR)/libroken_la-doxygen.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='doxygen.c' object='libroken_la-doxygen.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-doxygen.lo `test -f 'doxygen.c' || echo '$(srcdir)/'`doxygen.c libroken_la-dumpdata.lo: dumpdata.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-dumpdata.lo `test -f 'dumpdata.c' || echo '$(srcdir)/'`dumpdata.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-dumpdata.lo -MD -MP -MF $(DEPDIR)/libroken_la-dumpdata.Tpo -c -o libroken_la-dumpdata.lo `test -f 'dumpdata.c' || echo '$(srcdir)/'`dumpdata.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-dumpdata.Tpo $(DEPDIR)/libroken_la-dumpdata.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='dumpdata.c' object='libroken_la-dumpdata.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-dumpdata.lo `test -f 'dumpdata.c' || echo '$(srcdir)/'`dumpdata.c libroken_la-environment.lo: environment.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-environment.lo `test -f 'environment.c' || echo '$(srcdir)/'`environment.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-environment.lo -MD -MP -MF $(DEPDIR)/libroken_la-environment.Tpo -c -o libroken_la-environment.lo `test -f 'environment.c' || echo '$(srcdir)/'`environment.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-environment.Tpo $(DEPDIR)/libroken_la-environment.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='environment.c' object='libroken_la-environment.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-environment.lo `test -f 'environment.c' || echo '$(srcdir)/'`environment.c libroken_la-eread.lo: eread.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-eread.lo `test -f 'eread.c' || echo '$(srcdir)/'`eread.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-eread.lo -MD -MP -MF $(DEPDIR)/libroken_la-eread.Tpo -c -o libroken_la-eread.lo `test -f 'eread.c' || echo '$(srcdir)/'`eread.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-eread.Tpo $(DEPDIR)/libroken_la-eread.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='eread.c' object='libroken_la-eread.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-eread.lo `test -f 'eread.c' || echo '$(srcdir)/'`eread.c libroken_la-esetenv.lo: esetenv.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-esetenv.lo `test -f 'esetenv.c' || echo '$(srcdir)/'`esetenv.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-esetenv.lo -MD -MP -MF $(DEPDIR)/libroken_la-esetenv.Tpo -c -o libroken_la-esetenv.lo `test -f 'esetenv.c' || echo '$(srcdir)/'`esetenv.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-esetenv.Tpo $(DEPDIR)/libroken_la-esetenv.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='esetenv.c' object='libroken_la-esetenv.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-esetenv.lo `test -f 'esetenv.c' || echo '$(srcdir)/'`esetenv.c libroken_la-ewrite.lo: ewrite.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-ewrite.lo `test -f 'ewrite.c' || echo '$(srcdir)/'`ewrite.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-ewrite.lo -MD -MP -MF $(DEPDIR)/libroken_la-ewrite.Tpo -c -o libroken_la-ewrite.lo `test -f 'ewrite.c' || echo '$(srcdir)/'`ewrite.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-ewrite.Tpo $(DEPDIR)/libroken_la-ewrite.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ewrite.c' object='libroken_la-ewrite.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-ewrite.lo `test -f 'ewrite.c' || echo '$(srcdir)/'`ewrite.c libroken_la-getaddrinfo_hostspec.lo: getaddrinfo_hostspec.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-getaddrinfo_hostspec.lo `test -f 'getaddrinfo_hostspec.c' || echo '$(srcdir)/'`getaddrinfo_hostspec.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-getaddrinfo_hostspec.lo -MD -MP -MF $(DEPDIR)/libroken_la-getaddrinfo_hostspec.Tpo -c -o libroken_la-getaddrinfo_hostspec.lo `test -f 'getaddrinfo_hostspec.c' || echo '$(srcdir)/'`getaddrinfo_hostspec.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-getaddrinfo_hostspec.Tpo $(DEPDIR)/libroken_la-getaddrinfo_hostspec.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='getaddrinfo_hostspec.c' object='libroken_la-getaddrinfo_hostspec.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-getaddrinfo_hostspec.lo `test -f 'getaddrinfo_hostspec.c' || echo '$(srcdir)/'`getaddrinfo_hostspec.c libroken_la-get_default_username.lo: get_default_username.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-get_default_username.lo `test -f 'get_default_username.c' || echo '$(srcdir)/'`get_default_username.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-get_default_username.lo -MD -MP -MF $(DEPDIR)/libroken_la-get_default_username.Tpo -c -o libroken_la-get_default_username.lo `test -f 'get_default_username.c' || echo '$(srcdir)/'`get_default_username.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-get_default_username.Tpo $(DEPDIR)/libroken_la-get_default_username.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='get_default_username.c' object='libroken_la-get_default_username.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-get_default_username.lo `test -f 'get_default_username.c' || echo '$(srcdir)/'`get_default_username.c libroken_la-get_window_size.lo: get_window_size.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-get_window_size.lo `test -f 'get_window_size.c' || echo '$(srcdir)/'`get_window_size.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-get_window_size.lo -MD -MP -MF $(DEPDIR)/libroken_la-get_window_size.Tpo -c -o libroken_la-get_window_size.lo `test -f 'get_window_size.c' || echo '$(srcdir)/'`get_window_size.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-get_window_size.Tpo $(DEPDIR)/libroken_la-get_window_size.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='get_window_size.c' object='libroken_la-get_window_size.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-get_window_size.lo `test -f 'get_window_size.c' || echo '$(srcdir)/'`get_window_size.c libroken_la-getarg.lo: getarg.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-getarg.lo `test -f 'getarg.c' || echo '$(srcdir)/'`getarg.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-getarg.lo -MD -MP -MF $(DEPDIR)/libroken_la-getarg.Tpo -c -o libroken_la-getarg.lo `test -f 'getarg.c' || echo '$(srcdir)/'`getarg.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-getarg.Tpo $(DEPDIR)/libroken_la-getarg.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='getarg.c' object='libroken_la-getarg.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-getarg.lo `test -f 'getarg.c' || echo '$(srcdir)/'`getarg.c libroken_la-getnameinfo_verified.lo: getnameinfo_verified.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-getnameinfo_verified.lo `test -f 'getnameinfo_verified.c' || echo '$(srcdir)/'`getnameinfo_verified.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-getnameinfo_verified.lo -MD -MP -MF $(DEPDIR)/libroken_la-getnameinfo_verified.Tpo -c -o libroken_la-getnameinfo_verified.lo `test -f 'getnameinfo_verified.c' || echo '$(srcdir)/'`getnameinfo_verified.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-getnameinfo_verified.Tpo $(DEPDIR)/libroken_la-getnameinfo_verified.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='getnameinfo_verified.c' object='libroken_la-getnameinfo_verified.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-getnameinfo_verified.lo `test -f 'getnameinfo_verified.c' || echo '$(srcdir)/'`getnameinfo_verified.c libroken_la-getprogname.lo: getprogname.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-getprogname.lo `test -f 'getprogname.c' || echo '$(srcdir)/'`getprogname.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-getprogname.lo -MD -MP -MF $(DEPDIR)/libroken_la-getprogname.Tpo -c -o libroken_la-getprogname.lo `test -f 'getprogname.c' || echo '$(srcdir)/'`getprogname.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-getprogname.Tpo $(DEPDIR)/libroken_la-getprogname.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='getprogname.c' object='libroken_la-getprogname.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-getprogname.lo `test -f 'getprogname.c' || echo '$(srcdir)/'`getprogname.c libroken_la-h_errno.lo: h_errno.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-h_errno.lo `test -f 'h_errno.c' || echo '$(srcdir)/'`h_errno.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-h_errno.lo -MD -MP -MF $(DEPDIR)/libroken_la-h_errno.Tpo -c -o libroken_la-h_errno.lo `test -f 'h_errno.c' || echo '$(srcdir)/'`h_errno.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-h_errno.Tpo $(DEPDIR)/libroken_la-h_errno.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='h_errno.c' object='libroken_la-h_errno.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-h_errno.lo `test -f 'h_errno.c' || echo '$(srcdir)/'`h_errno.c libroken_la-hex.lo: hex.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-hex.lo `test -f 'hex.c' || echo '$(srcdir)/'`hex.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-hex.lo -MD -MP -MF $(DEPDIR)/libroken_la-hex.Tpo -c -o libroken_la-hex.lo `test -f 'hex.c' || echo '$(srcdir)/'`hex.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-hex.Tpo $(DEPDIR)/libroken_la-hex.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='hex.c' object='libroken_la-hex.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-hex.lo `test -f 'hex.c' || echo '$(srcdir)/'`hex.c libroken_la-hostent_find_fqdn.lo: hostent_find_fqdn.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-hostent_find_fqdn.lo `test -f 'hostent_find_fqdn.c' || echo '$(srcdir)/'`hostent_find_fqdn.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-hostent_find_fqdn.lo -MD -MP -MF $(DEPDIR)/libroken_la-hostent_find_fqdn.Tpo -c -o libroken_la-hostent_find_fqdn.lo `test -f 'hostent_find_fqdn.c' || echo '$(srcdir)/'`hostent_find_fqdn.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-hostent_find_fqdn.Tpo $(DEPDIR)/libroken_la-hostent_find_fqdn.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='hostent_find_fqdn.c' object='libroken_la-hostent_find_fqdn.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-hostent_find_fqdn.lo `test -f 'hostent_find_fqdn.c' || echo '$(srcdir)/'`hostent_find_fqdn.c libroken_la-issuid.lo: issuid.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-issuid.lo `test -f 'issuid.c' || echo '$(srcdir)/'`issuid.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-issuid.lo -MD -MP -MF $(DEPDIR)/libroken_la-issuid.Tpo -c -o libroken_la-issuid.lo `test -f 'issuid.c' || echo '$(srcdir)/'`issuid.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-issuid.Tpo $(DEPDIR)/libroken_la-issuid.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='issuid.c' object='libroken_la-issuid.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-issuid.lo `test -f 'issuid.c' || echo '$(srcdir)/'`issuid.c libroken_la-k_getpwnam.lo: k_getpwnam.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-k_getpwnam.lo `test -f 'k_getpwnam.c' || echo '$(srcdir)/'`k_getpwnam.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-k_getpwnam.lo -MD -MP -MF $(DEPDIR)/libroken_la-k_getpwnam.Tpo -c -o libroken_la-k_getpwnam.lo `test -f 'k_getpwnam.c' || echo '$(srcdir)/'`k_getpwnam.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-k_getpwnam.Tpo $(DEPDIR)/libroken_la-k_getpwnam.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='k_getpwnam.c' object='libroken_la-k_getpwnam.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-k_getpwnam.lo `test -f 'k_getpwnam.c' || echo '$(srcdir)/'`k_getpwnam.c libroken_la-k_getpwuid.lo: k_getpwuid.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-k_getpwuid.lo `test -f 'k_getpwuid.c' || echo '$(srcdir)/'`k_getpwuid.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-k_getpwuid.lo -MD -MP -MF $(DEPDIR)/libroken_la-k_getpwuid.Tpo -c -o libroken_la-k_getpwuid.lo `test -f 'k_getpwuid.c' || echo '$(srcdir)/'`k_getpwuid.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-k_getpwuid.Tpo $(DEPDIR)/libroken_la-k_getpwuid.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='k_getpwuid.c' object='libroken_la-k_getpwuid.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-k_getpwuid.lo `test -f 'k_getpwuid.c' || echo '$(srcdir)/'`k_getpwuid.c libroken_la-mini_inetd.lo: mini_inetd.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-mini_inetd.lo `test -f 'mini_inetd.c' || echo '$(srcdir)/'`mini_inetd.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-mini_inetd.lo -MD -MP -MF $(DEPDIR)/libroken_la-mini_inetd.Tpo -c -o libroken_la-mini_inetd.lo `test -f 'mini_inetd.c' || echo '$(srcdir)/'`mini_inetd.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-mini_inetd.Tpo $(DEPDIR)/libroken_la-mini_inetd.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='mini_inetd.c' object='libroken_la-mini_inetd.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-mini_inetd.lo `test -f 'mini_inetd.c' || echo '$(srcdir)/'`mini_inetd.c libroken_la-net_read.lo: net_read.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-net_read.lo `test -f 'net_read.c' || echo '$(srcdir)/'`net_read.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-net_read.lo -MD -MP -MF $(DEPDIR)/libroken_la-net_read.Tpo -c -o libroken_la-net_read.lo `test -f 'net_read.c' || echo '$(srcdir)/'`net_read.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-net_read.Tpo $(DEPDIR)/libroken_la-net_read.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='net_read.c' object='libroken_la-net_read.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-net_read.lo `test -f 'net_read.c' || echo '$(srcdir)/'`net_read.c libroken_la-net_write.lo: net_write.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-net_write.lo `test -f 'net_write.c' || echo '$(srcdir)/'`net_write.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-net_write.lo -MD -MP -MF $(DEPDIR)/libroken_la-net_write.Tpo -c -o libroken_la-net_write.lo `test -f 'net_write.c' || echo '$(srcdir)/'`net_write.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-net_write.Tpo $(DEPDIR)/libroken_la-net_write.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='net_write.c' object='libroken_la-net_write.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-net_write.lo `test -f 'net_write.c' || echo '$(srcdir)/'`net_write.c libroken_la-parse_bytes.lo: parse_bytes.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-parse_bytes.lo `test -f 'parse_bytes.c' || echo '$(srcdir)/'`parse_bytes.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-parse_bytes.lo -MD -MP -MF $(DEPDIR)/libroken_la-parse_bytes.Tpo -c -o libroken_la-parse_bytes.lo `test -f 'parse_bytes.c' || echo '$(srcdir)/'`parse_bytes.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-parse_bytes.Tpo $(DEPDIR)/libroken_la-parse_bytes.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='parse_bytes.c' object='libroken_la-parse_bytes.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-parse_bytes.lo `test -f 'parse_bytes.c' || echo '$(srcdir)/'`parse_bytes.c libroken_la-parse_time.lo: parse_time.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-parse_time.lo `test -f 'parse_time.c' || echo '$(srcdir)/'`parse_time.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-parse_time.lo -MD -MP -MF $(DEPDIR)/libroken_la-parse_time.Tpo -c -o libroken_la-parse_time.lo `test -f 'parse_time.c' || echo '$(srcdir)/'`parse_time.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-parse_time.Tpo $(DEPDIR)/libroken_la-parse_time.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='parse_time.c' object='libroken_la-parse_time.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-parse_time.lo `test -f 'parse_time.c' || echo '$(srcdir)/'`parse_time.c libroken_la-parse_units.lo: parse_units.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-parse_units.lo `test -f 'parse_units.c' || echo '$(srcdir)/'`parse_units.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-parse_units.lo -MD -MP -MF $(DEPDIR)/libroken_la-parse_units.Tpo -c -o libroken_la-parse_units.lo `test -f 'parse_units.c' || echo '$(srcdir)/'`parse_units.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-parse_units.Tpo $(DEPDIR)/libroken_la-parse_units.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='parse_units.c' object='libroken_la-parse_units.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-parse_units.lo `test -f 'parse_units.c' || echo '$(srcdir)/'`parse_units.c + +libroken_la-qsort.lo: qsort.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-qsort.lo -MD -MP -MF $(DEPDIR)/libroken_la-qsort.Tpo -c -o libroken_la-qsort.lo `test -f 'qsort.c' || echo '$(srcdir)/'`qsort.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-qsort.Tpo $(DEPDIR)/libroken_la-qsort.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='qsort.c' object='libroken_la-qsort.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-qsort.lo `test -f 'qsort.c' || echo '$(srcdir)/'`qsort.c + +libroken_la-rand.lo: rand.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-rand.lo -MD -MP -MF $(DEPDIR)/libroken_la-rand.Tpo -c -o libroken_la-rand.lo `test -f 'rand.c' || echo '$(srcdir)/'`rand.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-rand.Tpo $(DEPDIR)/libroken_la-rand.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rand.c' object='libroken_la-rand.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-rand.lo `test -f 'rand.c' || echo '$(srcdir)/'`rand.c libroken_la-realloc.lo: realloc.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-realloc.lo `test -f 'realloc.c' || echo '$(srcdir)/'`realloc.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-realloc.lo -MD -MP -MF $(DEPDIR)/libroken_la-realloc.Tpo -c -o libroken_la-realloc.lo `test -f 'realloc.c' || echo '$(srcdir)/'`realloc.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-realloc.Tpo $(DEPDIR)/libroken_la-realloc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='realloc.c' object='libroken_la-realloc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-realloc.lo `test -f 'realloc.c' || echo '$(srcdir)/'`realloc.c libroken_la-resolve.lo: resolve.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-resolve.lo `test -f 'resolve.c' || echo '$(srcdir)/'`resolve.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-resolve.lo -MD -MP -MF $(DEPDIR)/libroken_la-resolve.Tpo -c -o libroken_la-resolve.lo `test -f 'resolve.c' || echo '$(srcdir)/'`resolve.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-resolve.Tpo $(DEPDIR)/libroken_la-resolve.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='resolve.c' object='libroken_la-resolve.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-resolve.lo `test -f 'resolve.c' || echo '$(srcdir)/'`resolve.c libroken_la-roken_gethostby.lo: roken_gethostby.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-roken_gethostby.lo `test -f 'roken_gethostby.c' || echo '$(srcdir)/'`roken_gethostby.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-roken_gethostby.lo -MD -MP -MF $(DEPDIR)/libroken_la-roken_gethostby.Tpo -c -o libroken_la-roken_gethostby.lo `test -f 'roken_gethostby.c' || echo '$(srcdir)/'`roken_gethostby.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-roken_gethostby.Tpo $(DEPDIR)/libroken_la-roken_gethostby.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='roken_gethostby.c' object='libroken_la-roken_gethostby.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-roken_gethostby.lo `test -f 'roken_gethostby.c' || echo '$(srcdir)/'`roken_gethostby.c libroken_la-rtbl.lo: rtbl.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-rtbl.lo `test -f 'rtbl.c' || echo '$(srcdir)/'`rtbl.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-rtbl.lo -MD -MP -MF $(DEPDIR)/libroken_la-rtbl.Tpo -c -o libroken_la-rtbl.lo `test -f 'rtbl.c' || echo '$(srcdir)/'`rtbl.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-rtbl.Tpo $(DEPDIR)/libroken_la-rtbl.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='rtbl.c' object='libroken_la-rtbl.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-rtbl.lo `test -f 'rtbl.c' || echo '$(srcdir)/'`rtbl.c libroken_la-setprogname.lo: setprogname.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-setprogname.lo `test -f 'setprogname.c' || echo '$(srcdir)/'`setprogname.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-setprogname.lo -MD -MP -MF $(DEPDIR)/libroken_la-setprogname.Tpo -c -o libroken_la-setprogname.lo `test -f 'setprogname.c' || echo '$(srcdir)/'`setprogname.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-setprogname.Tpo $(DEPDIR)/libroken_la-setprogname.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='setprogname.c' object='libroken_la-setprogname.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-setprogname.lo `test -f 'setprogname.c' || echo '$(srcdir)/'`setprogname.c libroken_la-signal.lo: signal.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-signal.lo `test -f 'signal.c' || echo '$(srcdir)/'`signal.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-signal.lo -MD -MP -MF $(DEPDIR)/libroken_la-signal.Tpo -c -o libroken_la-signal.lo `test -f 'signal.c' || echo '$(srcdir)/'`signal.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-signal.Tpo $(DEPDIR)/libroken_la-signal.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='signal.c' object='libroken_la-signal.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-signal.lo `test -f 'signal.c' || echo '$(srcdir)/'`signal.c libroken_la-simple_exec.lo: simple_exec.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-simple_exec.lo `test -f 'simple_exec.c' || echo '$(srcdir)/'`simple_exec.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-simple_exec.lo -MD -MP -MF $(DEPDIR)/libroken_la-simple_exec.Tpo -c -o libroken_la-simple_exec.lo `test -f 'simple_exec.c' || echo '$(srcdir)/'`simple_exec.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-simple_exec.Tpo $(DEPDIR)/libroken_la-simple_exec.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='simple_exec.c' object='libroken_la-simple_exec.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-simple_exec.lo `test -f 'simple_exec.c' || echo '$(srcdir)/'`simple_exec.c libroken_la-snprintf.lo: snprintf.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-snprintf.lo -MD -MP -MF $(DEPDIR)/libroken_la-snprintf.Tpo -c -o libroken_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-snprintf.Tpo $(DEPDIR)/libroken_la-snprintf.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='snprintf.c' object='libroken_la-snprintf.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c libroken_la-socket.lo: socket.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-socket.lo `test -f 'socket.c' || echo '$(srcdir)/'`socket.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-socket.lo -MD -MP -MF $(DEPDIR)/libroken_la-socket.Tpo -c -o libroken_la-socket.lo `test -f 'socket.c' || echo '$(srcdir)/'`socket.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-socket.Tpo $(DEPDIR)/libroken_la-socket.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='socket.c' object='libroken_la-socket.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-socket.lo `test -f 'socket.c' || echo '$(srcdir)/'`socket.c libroken_la-strcollect.lo: strcollect.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-strcollect.lo `test -f 'strcollect.c' || echo '$(srcdir)/'`strcollect.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-strcollect.lo -MD -MP -MF $(DEPDIR)/libroken_la-strcollect.Tpo -c -o libroken_la-strcollect.lo `test -f 'strcollect.c' || echo '$(srcdir)/'`strcollect.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-strcollect.Tpo $(DEPDIR)/libroken_la-strcollect.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='strcollect.c' object='libroken_la-strcollect.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-strcollect.lo `test -f 'strcollect.c' || echo '$(srcdir)/'`strcollect.c + +libroken_la-strerror_r.lo: strerror_r.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-strerror_r.lo -MD -MP -MF $(DEPDIR)/libroken_la-strerror_r.Tpo -c -o libroken_la-strerror_r.lo `test -f 'strerror_r.c' || echo '$(srcdir)/'`strerror_r.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-strerror_r.Tpo $(DEPDIR)/libroken_la-strerror_r.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='strerror_r.c' object='libroken_la-strerror_r.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-strerror_r.lo `test -f 'strerror_r.c' || echo '$(srcdir)/'`strerror_r.c libroken_la-strpool.lo: strpool.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-strpool.lo `test -f 'strpool.c' || echo '$(srcdir)/'`strpool.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-strpool.lo -MD -MP -MF $(DEPDIR)/libroken_la-strpool.Tpo -c -o libroken_la-strpool.lo `test -f 'strpool.c' || echo '$(srcdir)/'`strpool.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-strpool.Tpo $(DEPDIR)/libroken_la-strpool.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='strpool.c' object='libroken_la-strpool.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-strpool.lo `test -f 'strpool.c' || echo '$(srcdir)/'`strpool.c libroken_la-timeval.lo: timeval.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-timeval.lo `test -f 'timeval.c' || echo '$(srcdir)/'`timeval.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-timeval.lo -MD -MP -MF $(DEPDIR)/libroken_la-timeval.Tpo -c -o libroken_la-timeval.lo `test -f 'timeval.c' || echo '$(srcdir)/'`timeval.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-timeval.Tpo $(DEPDIR)/libroken_la-timeval.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='timeval.c' object='libroken_la-timeval.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-timeval.lo `test -f 'timeval.c' || echo '$(srcdir)/'`timeval.c libroken_la-tm2time.lo: tm2time.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-tm2time.lo `test -f 'tm2time.c' || echo '$(srcdir)/'`tm2time.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-tm2time.lo -MD -MP -MF $(DEPDIR)/libroken_la-tm2time.Tpo -c -o libroken_la-tm2time.lo `test -f 'tm2time.c' || echo '$(srcdir)/'`tm2time.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-tm2time.Tpo $(DEPDIR)/libroken_la-tm2time.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tm2time.c' object='libroken_la-tm2time.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-tm2time.lo `test -f 'tm2time.c' || echo '$(srcdir)/'`tm2time.c libroken_la-unvis.lo: unvis.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-unvis.lo `test -f 'unvis.c' || echo '$(srcdir)/'`unvis.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-unvis.lo -MD -MP -MF $(DEPDIR)/libroken_la-unvis.Tpo -c -o libroken_la-unvis.lo `test -f 'unvis.c' || echo '$(srcdir)/'`unvis.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-unvis.Tpo $(DEPDIR)/libroken_la-unvis.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='unvis.c' object='libroken_la-unvis.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-unvis.lo `test -f 'unvis.c' || echo '$(srcdir)/'`unvis.c libroken_la-verify.lo: verify.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-verify.lo `test -f 'verify.c' || echo '$(srcdir)/'`verify.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-verify.lo -MD -MP -MF $(DEPDIR)/libroken_la-verify.Tpo -c -o libroken_la-verify.lo `test -f 'verify.c' || echo '$(srcdir)/'`verify.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-verify.Tpo $(DEPDIR)/libroken_la-verify.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='verify.c' object='libroken_la-verify.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-verify.lo `test -f 'verify.c' || echo '$(srcdir)/'`verify.c libroken_la-vis.lo: vis.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-vis.lo `test -f 'vis.c' || echo '$(srcdir)/'`vis.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-vis.lo -MD -MP -MF $(DEPDIR)/libroken_la-vis.Tpo -c -o libroken_la-vis.lo `test -f 'vis.c' || echo '$(srcdir)/'`vis.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-vis.Tpo $(DEPDIR)/libroken_la-vis.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='vis.c' object='libroken_la-vis.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-vis.lo `test -f 'vis.c' || echo '$(srcdir)/'`vis.c libroken_la-warnerr.lo: warnerr.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-warnerr.lo `test -f 'warnerr.c' || echo '$(srcdir)/'`warnerr.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-warnerr.lo -MD -MP -MF $(DEPDIR)/libroken_la-warnerr.Tpo -c -o libroken_la-warnerr.lo `test -f 'warnerr.c' || echo '$(srcdir)/'`warnerr.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-warnerr.Tpo $(DEPDIR)/libroken_la-warnerr.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='warnerr.c' object='libroken_la-warnerr.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-warnerr.lo `test -f 'warnerr.c' || echo '$(srcdir)/'`warnerr.c libroken_la-write_pid.lo: write_pid.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-write_pid.lo `test -f 'write_pid.c' || echo '$(srcdir)/'`write_pid.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-write_pid.lo -MD -MP -MF $(DEPDIR)/libroken_la-write_pid.Tpo -c -o libroken_la-write_pid.lo `test -f 'write_pid.c' || echo '$(srcdir)/'`write_pid.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-write_pid.Tpo $(DEPDIR)/libroken_la-write_pid.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='write_pid.c' object='libroken_la-write_pid.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-write_pid.lo `test -f 'write_pid.c' || echo '$(srcdir)/'`write_pid.c + +libroken_la-xfree.lo: xfree.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-xfree.lo -MD -MP -MF $(DEPDIR)/libroken_la-xfree.Tpo -c -o libroken_la-xfree.lo `test -f 'xfree.c' || echo '$(srcdir)/'`xfree.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-xfree.Tpo $(DEPDIR)/libroken_la-xfree.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='xfree.c' object='libroken_la-xfree.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-xfree.lo `test -f 'xfree.c' || echo '$(srcdir)/'`xfree.c libroken_la-socket_wrapper.lo: socket_wrapper.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-socket_wrapper.lo `test -f 'socket_wrapper.c' || echo '$(srcdir)/'`socket_wrapper.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libroken_la-socket_wrapper.lo -MD -MP -MF $(DEPDIR)/libroken_la-socket_wrapper.Tpo -c -o libroken_la-socket_wrapper.lo `test -f 'socket_wrapper.c' || echo '$(srcdir)/'`socket_wrapper.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libroken_la-socket_wrapper.Tpo $(DEPDIR)/libroken_la-socket_wrapper.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='socket_wrapper.c' object='libroken_la-socket_wrapper.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-socket_wrapper.lo `test -f 'socket_wrapper.c' || echo '$(srcdir)/'`socket_wrapper.c libtest_la-strftime.lo: strftime.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-strftime.lo `test -f 'strftime.c' || echo '$(srcdir)/'`strftime.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -MT libtest_la-strftime.lo -MD -MP -MF $(DEPDIR)/libtest_la-strftime.Tpo -c -o libtest_la-strftime.lo `test -f 'strftime.c' || echo '$(srcdir)/'`strftime.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libtest_la-strftime.Tpo $(DEPDIR)/libtest_la-strftime.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='strftime.c' object='libtest_la-strftime.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-strftime.lo `test -f 'strftime.c' || echo '$(srcdir)/'`strftime.c libtest_la-strptime.lo: strptime.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-strptime.lo `test -f 'strptime.c' || echo '$(srcdir)/'`strptime.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -MT libtest_la-strptime.lo -MD -MP -MF $(DEPDIR)/libtest_la-strptime.Tpo -c -o libtest_la-strptime.lo `test -f 'strptime.c' || echo '$(srcdir)/'`strptime.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libtest_la-strptime.Tpo $(DEPDIR)/libtest_la-strptime.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='strptime.c' object='libtest_la-strptime.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-strptime.lo `test -f 'strptime.c' || echo '$(srcdir)/'`strptime.c libtest_la-snprintf.lo: snprintf.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -MT libtest_la-snprintf.lo -MD -MP -MF $(DEPDIR)/libtest_la-snprintf.Tpo -c -o libtest_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libtest_la-snprintf.Tpo $(DEPDIR)/libtest_la-snprintf.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='snprintf.c' object='libtest_la-snprintf.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c + +libtest_la-tsearch.lo: tsearch.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -MT libtest_la-tsearch.lo -MD -MP -MF $(DEPDIR)/libtest_la-tsearch.Tpo -c -o libtest_la-tsearch.lo `test -f 'tsearch.c' || echo '$(srcdir)/'`tsearch.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/libtest_la-tsearch.Tpo $(DEPDIR)/libtest_la-tsearch.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tsearch.c' object='libtest_la-tsearch.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-tsearch.lo `test -f 'tsearch.c' || echo '$(srcdir)/'`tsearch.c parse_reply_test-parse_reply-test.o: parse_reply-test.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-parse_reply-test.o `test -f 'parse_reply-test.c' || echo '$(srcdir)/'`parse_reply-test.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -MT parse_reply_test-parse_reply-test.o -MD -MP -MF $(DEPDIR)/parse_reply_test-parse_reply-test.Tpo -c -o parse_reply_test-parse_reply-test.o `test -f 'parse_reply-test.c' || echo '$(srcdir)/'`parse_reply-test.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/parse_reply_test-parse_reply-test.Tpo $(DEPDIR)/parse_reply_test-parse_reply-test.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='parse_reply-test.c' object='parse_reply_test-parse_reply-test.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-parse_reply-test.o `test -f 'parse_reply-test.c' || echo '$(srcdir)/'`parse_reply-test.c parse_reply_test-parse_reply-test.obj: parse_reply-test.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-parse_reply-test.obj `if test -f 'parse_reply-test.c'; then $(CYGPATH_W) 'parse_reply-test.c'; else $(CYGPATH_W) '$(srcdir)/parse_reply-test.c'; fi` +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -MT parse_reply_test-parse_reply-test.obj -MD -MP -MF $(DEPDIR)/parse_reply_test-parse_reply-test.Tpo -c -o parse_reply_test-parse_reply-test.obj `if test -f 'parse_reply-test.c'; then $(CYGPATH_W) 'parse_reply-test.c'; else $(CYGPATH_W) '$(srcdir)/parse_reply-test.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/parse_reply_test-parse_reply-test.Tpo $(DEPDIR)/parse_reply_test-parse_reply-test.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='parse_reply-test.c' object='parse_reply_test-parse_reply-test.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-parse_reply-test.obj `if test -f 'parse_reply-test.c'; then $(CYGPATH_W) 'parse_reply-test.c'; else $(CYGPATH_W) '$(srcdir)/parse_reply-test.c'; fi` parse_reply_test-resolve.o: resolve.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-resolve.o `test -f 'resolve.c' || echo '$(srcdir)/'`resolve.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -MT parse_reply_test-resolve.o -MD -MP -MF $(DEPDIR)/parse_reply_test-resolve.Tpo -c -o parse_reply_test-resolve.o `test -f 'resolve.c' || echo '$(srcdir)/'`resolve.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/parse_reply_test-resolve.Tpo $(DEPDIR)/parse_reply_test-resolve.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='resolve.c' object='parse_reply_test-resolve.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-resolve.o `test -f 'resolve.c' || echo '$(srcdir)/'`resolve.c parse_reply_test-resolve.obj: resolve.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-resolve.obj `if test -f 'resolve.c'; then $(CYGPATH_W) 'resolve.c'; else $(CYGPATH_W) '$(srcdir)/resolve.c'; fi` +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -MT parse_reply_test-resolve.obj -MD -MP -MF $(DEPDIR)/parse_reply_test-resolve.Tpo -c -o parse_reply_test-resolve.obj `if test -f 'resolve.c'; then $(CYGPATH_W) 'resolve.c'; else $(CYGPATH_W) '$(srcdir)/resolve.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/parse_reply_test-resolve.Tpo $(DEPDIR)/parse_reply_test-resolve.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='resolve.c' object='parse_reply_test-resolve.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-resolve.obj `if test -f 'resolve.c'; then $(CYGPATH_W) 'resolve.c'; else $(CYGPATH_W) '$(srcdir)/resolve.c'; fi` snprintf_test-snprintf-test.o: snprintf-test.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(snprintf_test_CFLAGS) $(CFLAGS) -c -o snprintf_test-snprintf-test.o `test -f 'snprintf-test.c' || echo '$(srcdir)/'`snprintf-test.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(snprintf_test_CFLAGS) $(CFLAGS) -MT snprintf_test-snprintf-test.o -MD -MP -MF $(DEPDIR)/snprintf_test-snprintf-test.Tpo -c -o snprintf_test-snprintf-test.o `test -f 'snprintf-test.c' || echo '$(srcdir)/'`snprintf-test.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/snprintf_test-snprintf-test.Tpo $(DEPDIR)/snprintf_test-snprintf-test.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='snprintf-test.c' object='snprintf_test-snprintf-test.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(snprintf_test_CFLAGS) $(CFLAGS) -c -o snprintf_test-snprintf-test.o `test -f 'snprintf-test.c' || echo '$(srcdir)/'`snprintf-test.c snprintf_test-snprintf-test.obj: snprintf-test.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(snprintf_test_CFLAGS) $(CFLAGS) -c -o snprintf_test-snprintf-test.obj `if test -f 'snprintf-test.c'; then $(CYGPATH_W) 'snprintf-test.c'; else $(CYGPATH_W) '$(srcdir)/snprintf-test.c'; fi` +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(snprintf_test_CFLAGS) $(CFLAGS) -MT snprintf_test-snprintf-test.obj -MD -MP -MF $(DEPDIR)/snprintf_test-snprintf-test.Tpo -c -o snprintf_test-snprintf-test.obj `if test -f 'snprintf-test.c'; then $(CYGPATH_W) 'snprintf-test.c'; else $(CYGPATH_W) '$(srcdir)/snprintf-test.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/snprintf_test-snprintf-test.Tpo $(DEPDIR)/snprintf_test-snprintf-test.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='snprintf-test.c' object='snprintf_test-snprintf-test.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(snprintf_test_CFLAGS) $(CFLAGS) -c -o snprintf_test-snprintf-test.obj `if test -f 'snprintf-test.c'; then $(CYGPATH_W) 'snprintf-test.c'; else $(CYGPATH_W) '$(srcdir)/snprintf-test.c'; fi` strpftime_test-strpftime-test.o: strpftime-test.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(strpftime_test_CFLAGS) $(CFLAGS) -c -o strpftime_test-strpftime-test.o `test -f 'strpftime-test.c' || echo '$(srcdir)/'`strpftime-test.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(strpftime_test_CFLAGS) $(CFLAGS) -MT strpftime_test-strpftime-test.o -MD -MP -MF $(DEPDIR)/strpftime_test-strpftime-test.Tpo -c -o strpftime_test-strpftime-test.o `test -f 'strpftime-test.c' || echo '$(srcdir)/'`strpftime-test.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/strpftime_test-strpftime-test.Tpo $(DEPDIR)/strpftime_test-strpftime-test.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='strpftime-test.c' object='strpftime_test-strpftime-test.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(strpftime_test_CFLAGS) $(CFLAGS) -c -o strpftime_test-strpftime-test.o `test -f 'strpftime-test.c' || echo '$(srcdir)/'`strpftime-test.c strpftime_test-strpftime-test.obj: strpftime-test.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(strpftime_test_CFLAGS) $(CFLAGS) -c -o strpftime_test-strpftime-test.obj `if test -f 'strpftime-test.c'; then $(CYGPATH_W) 'strpftime-test.c'; else $(CYGPATH_W) '$(srcdir)/strpftime-test.c'; fi` +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(strpftime_test_CFLAGS) $(CFLAGS) -MT strpftime_test-strpftime-test.obj -MD -MP -MF $(DEPDIR)/strpftime_test-strpftime-test.Tpo -c -o strpftime_test-strpftime-test.obj `if test -f 'strpftime-test.c'; then $(CYGPATH_W) 'strpftime-test.c'; else $(CYGPATH_W) '$(srcdir)/strpftime-test.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/strpftime_test-strpftime-test.Tpo $(DEPDIR)/strpftime_test-strpftime-test.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='strpftime-test.c' object='strpftime_test-strpftime-test.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(strpftime_test_CFLAGS) $(CFLAGS) -c -o strpftime_test-strpftime-test.obj `if test -f 'strpftime-test.c'; then $(CYGPATH_W) 'strpftime-test.c'; else $(CYGPATH_W) '$(srcdir)/strpftime-test.c'; fi` + +tsearch_test-tsearch-test.o: tsearch-test.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tsearch_test_CFLAGS) $(CFLAGS) -MT tsearch_test-tsearch-test.o -MD -MP -MF $(DEPDIR)/tsearch_test-tsearch-test.Tpo -c -o tsearch_test-tsearch-test.o `test -f 'tsearch-test.c' || echo '$(srcdir)/'`tsearch-test.c +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/tsearch_test-tsearch-test.Tpo $(DEPDIR)/tsearch_test-tsearch-test.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tsearch-test.c' object='tsearch_test-tsearch-test.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tsearch_test_CFLAGS) $(CFLAGS) -c -o tsearch_test-tsearch-test.o `test -f 'tsearch-test.c' || echo '$(srcdir)/'`tsearch-test.c + +tsearch_test-tsearch-test.obj: tsearch-test.c +@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tsearch_test_CFLAGS) $(CFLAGS) -MT tsearch_test-tsearch-test.obj -MD -MP -MF $(DEPDIR)/tsearch_test-tsearch-test.Tpo -c -o tsearch_test-tsearch-test.obj `if test -f 'tsearch-test.c'; then $(CYGPATH_W) 'tsearch-test.c'; else $(CYGPATH_W) '$(srcdir)/tsearch-test.c'; fi` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/tsearch_test-tsearch-test.Tpo $(DEPDIR)/tsearch_test-tsearch-test.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tsearch-test.c' object='tsearch_test-tsearch-test.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tsearch_test_CFLAGS) $(CFLAGS) -c -o tsearch_test-tsearch-test.obj `if test -f 'tsearch-test.c'; then $(CYGPATH_W) 'tsearch-test.c'; else $(CYGPATH_W) '$(srcdir)/tsearch-test.c'; fi` mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs -install-man3: $(man3_MANS) $(man_MANS) +install-man3: $(man_MANS) @$(NORMAL_INSTALL) test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)" - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ + @list=''; test -n "$(man3dir)" || exit 0; \ + { for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.3[a-z]*$$/p'; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ + fi; \ done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \ - done + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ + done; } + uninstall-man3: @$(NORMAL_UNINSTALL) - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man3dir)/$$inst"; \ - done + @list=''; test -n "$(man3dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.3[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + test -z "$$files" || { \ + echo " ( cd '$(DESTDIR)$(man3dir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(man3dir)" && rm -f $$files; } install-dist_includeHEADERS: $(dist_include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(dist_include_HEADERS)'; for p in $$list; do \ + @list='$(dist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(dist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(dist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-dist_includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(dist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(dist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files install-nodist_includeHEADERS: $(nodist_include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nodist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-nodist_includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files install-nodist_rokenincludeHEADERS: $(nodist_rokeninclude_HEADERS) @$(NORMAL_INSTALL) test -z "$(rokenincludedir)" || $(MKDIR_P) "$(DESTDIR)$(rokenincludedir)" - @list='$(nodist_rokeninclude_HEADERS)'; for p in $$list; do \ + @list='$(nodist_rokeninclude_HEADERS)'; test -n "$(rokenincludedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_rokenincludeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(rokenincludedir)/$$f'"; \ - $(nodist_rokenincludeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(rokenincludedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(rokenincludedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(rokenincludedir)" || exit $$?; \ done uninstall-nodist_rokenincludeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(nodist_rokeninclude_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(rokenincludedir)/$$f'"; \ - rm -f "$(DESTDIR)$(rokenincludedir)/$$f"; \ - done + @list='$(nodist_rokeninclude_HEADERS)'; test -n "$(rokenincludedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(rokenincludedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(rokenincludedir)" && rm -f $$files ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ srcdir=$(srcdir); export srcdir; \ list=' $(TESTS) '; \ + $(am__tty_colors); \ if test -n "$$list"; then \ for tst in $$list; do \ if test -f ./$$tst; then dir=./; \ @@ -1019,49 +1588,63 @@ check-TESTS: $(TESTS) if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xpass=`expr $$xpass + 1`; \ failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ + col=$$red; res=XPASS; \ ;; \ *) \ - echo "PASS: $$tst"; \ + col=$$grn; res=PASS; \ ;; \ esac; \ elif test $$? -ne 77; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ + col=$$lgn; res=XFAIL; \ ;; \ *) \ failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ + col=$$red; res=FAIL; \ ;; \ esac; \ else \ skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ + col=$$blu; res=SKIP; \ fi; \ + echo "$${col}$$res$${std}: $$tst"; \ done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ if test "$$failed" -eq 0; then \ if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ + banner="$$All$$all $$tests passed"; \ else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ fi; \ else \ if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ + banner="$$failed of $$all $$tests failed"; \ else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ fi; \ fi; \ dashes="$$banner"; \ skipped=""; \ if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ dashes="$$skipped"; \ fi; \ @@ -1072,15 +1655,32 @@ check-TESTS: $(TESTS) dashes="$$report"; \ fi; \ dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ + if test "$$failed" -eq 0; then \ + echo "$$grn$$dashes"; \ + else \ + echo "$$red$$dashes"; \ + fi; \ echo "$$banner"; \ test -z "$$skipped" || echo "$$skipped"; \ test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ + echo "$$dashes$$std"; \ test "$$failed" -eq 0; \ else :; fi distdir: $(DISTFILES) + @list='$(MANS)'; if test -n "$$list"; then \ + list=`for p in $$list; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ + if test -n "$$list" && \ + grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ + echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ + grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ + echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ + echo " typically \`make maintainer-clean' will remove them" >&2; \ + exit 1; \ + else :; fi; \ + else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -1096,13 +1696,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -1142,6 +1746,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -1154,6 +1759,7 @@ clean-am: clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ mostlyclean-am distclean: distclean-am + -rm -rf $(DEPDIR) ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -1164,6 +1770,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -1173,26 +1781,35 @@ install-data-am: install-dist_includeHEADERS install-man \ install-nodist_rokenincludeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-man3 install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf $(DEPDIR) ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -1214,11 +1831,10 @@ uninstall-am: uninstall-dist_includeHEADERS uninstall-libLTLIBRARIES \ uninstall-nodist_rokenincludeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - uninstall-man: uninstall-man3 -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: all check check-am install install-am install-data-am \ + install-exec-am install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ check-local clean clean-checkPROGRAMS clean-generic \ @@ -1311,6 +1927,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -1396,7 +2015,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -1414,13 +2033,19 @@ $(LTLIBOBJS) $(libroken_la_OBJECTS): roken.h $(XHEADERS) .hin.h: cp $< $@ -roken.h: make-roken$(EXEEXT) - @./make-roken$(EXEEXT) > tmp.h ;\ - if [ -f roken.h ] && cmp -s tmp.h roken.h ; then rm -f tmp.h ; \ - else rm -f roken.h; mv tmp.h roken.h; fi +@CROSS_COMPILE_FALSE@roken.h: make-roken$(EXEEXT) +@CROSS_COMPILE_FALSE@ @./make-roken$(EXEEXT) > tmp.h ;\ +@CROSS_COMPILE_FALSE@ if [ -f roken.h ] && cmp -s tmp.h roken.h ; then rm -f tmp.h ; \ +@CROSS_COMPILE_FALSE@ else rm -f roken.h; mv tmp.h roken.h; fi + +@CROSS_COMPILE_FALSE@make-roken.c: roken.h.in roken.awk +@CROSS_COMPILE_FALSE@ $(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c + +@CROSS_COMPILE_TRUE@roken.h: $(top_srcdir)/cf/roken-h-process.pl roken.h.in +@CROSS_COMPILE_TRUE@ perl $(top_srcdir)/cf/roken-h-process.pl \ +@CROSS_COMPILE_TRUE@ -c $(top_builddir)/include/config.h \ +@CROSS_COMPILE_TRUE@ -p $(srcdir)/roken.h.in -o roken.h -make-roken.c: roken.h.in roken.awk - $(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/roken/NTMakefile b/lib/roken/NTMakefile new file mode 100644 index 000000000000..fab0a0cc0fd7 --- /dev/null +++ b/lib/roken/NTMakefile @@ -0,0 +1,274 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\roken + +!include ../../windows/NTMakefile.w32 + +libroken_la_OBJS = \ + $(OBJ)\base64.obj \ + $(OBJ)\bswap.obj \ + $(OBJ)\concat.obj \ + $(OBJ)\cloexec.obj \ + $(OBJ)\ct.obj \ + $(OBJ)\dirent.obj \ + $(OBJ)\dlfcn_w32.obj \ + $(OBJ)\dumpdata.obj \ + $(OBJ)\ecalloc.obj \ + $(OBJ)\emalloc.obj \ + $(OBJ)\environment.obj \ + $(OBJ)\eread.obj \ + $(OBJ)\erealloc.obj \ + $(OBJ)\err.obj \ + $(OBJ)\errx.obj \ + $(OBJ)\esetenv.obj \ + $(OBJ)\estrdup.obj \ + $(OBJ)\ewrite.obj \ + $(OBJ)\flock.obj \ + $(OBJ)\fnmatch.obj \ + $(OBJ)\getaddrinfo_hostspec.obj \ + $(OBJ)\get_default_username.obj \ + $(OBJ)\get_window_size.obj \ + $(OBJ)\getarg.obj \ + $(OBJ)\getifaddrs_w32.obj \ + $(OBJ)\getnameinfo_verified.obj \ + $(OBJ)\getopt.obj \ + $(OBJ)\getprogname.obj \ + $(OBJ)\gettimeofday.obj \ + $(OBJ)\hex.obj \ + $(OBJ)\hostent_find_fqdn.obj \ + $(OBJ)\inet_aton.obj \ + $(OBJ)\issuid.obj \ + $(OBJ)\localtime_r.obj \ + $(OBJ)\lstat.obj \ + $(OBJ)\mini_inetd.obj \ + $(OBJ)\mkstemp.obj \ + $(OBJ)\net_read.obj \ + $(OBJ)\net_write.obj \ + $(OBJ)\parse_bytes.obj \ + $(OBJ)\parse_time.obj \ + $(OBJ)\parse_units.obj \ + $(OBJ)\realloc.obj \ + $(OBJ)\rename.obj \ + $(OBJ)\resolve.obj \ + $(OBJ)\rand.obj \ + $(OBJ)\roken_gethostby.obj \ + $(OBJ)\rtbl.obj \ + $(OBJ)\sendmsg.obj \ + $(OBJ)\setenv.obj \ + $(OBJ)\setprogname.obj \ + $(OBJ)\simple_exec_w32.obj \ + $(OBJ)\sleep.obj \ + $(OBJ)\snprintf.obj \ + $(OBJ)\socket.obj \ + $(OBJ)\sockstartup_w32.obj \ + $(OBJ)\strcollect.obj \ + $(OBJ)\strerror_r.obj \ + $(OBJ)\strlcat.obj \ + $(OBJ)\strlcpy.obj \ + $(OBJ)\strpool.obj \ + $(OBJ)\strptime.obj \ + $(OBJ)\strsep.obj \ + $(OBJ)\strsep_copy.obj \ + $(OBJ)\strtok_r.obj \ + $(OBJ)\syslogc.obj \ + $(OBJ)\timegm.obj \ + $(OBJ)\timeval.obj \ + $(OBJ)\tm2time.obj \ + $(OBJ)\tsearch.obj \ + $(OBJ)\unvis.obj \ + $(OBJ)\verr.obj \ + $(OBJ)\verrx.obj \ + $(OBJ)\vis.obj \ + $(OBJ)\vwarn.obj \ + $(OBJ)\vwarnx.obj \ + $(OBJ)\warn.obj \ + $(OBJ)\warnerr.obj \ + $(OBJ)\warnx.obj \ + $(OBJ)\xfree.obj + +!if $(NMAKE_WINVER) < 0x0600 +libroken_la_OBJS=$(libroken_la_OBJS) \ + $(OBJ)\inet_ntop.obj \ + $(OBJ)\inet_pton.obj +!endif + +{}.c{$(OBJ)}.obj:: + $(C2OBJ_P) -DBUILD_ROKEN_LIB + +$(LIBROKEN): $(libroken_la_OBJS) + $(LIBCON_C) -out:$@ @<< +$(**: = +) +<< + +$(OBJ)\make-roken.exe: $(OBJ)\make-roken.obj + $(EXECONLINK) + +$(OBJ)\make-roken.c: roken.h.in roken.awk $(INCDIR)\config.h + $(AWK) -f roken.awk roken.h.in > $(OBJ)\make-roken.c || $(RM) $(OBJ)\make-roken.c + +$(INCDIR)\roken.h: $(OBJ)\make-roken.exe + $(OBJ)\make-roken.exe > $@ || $(RM) $@ + +INCFILES = \ + $(INCDIR)\base64.h \ + $(INCDIR)\dirent.h \ + $(INCDIR)\dlfcn.h \ + $(INCDIR)\err.h \ + $(INCDIR)\fnmatch.h \ + $(INCDIR)\getarg.h \ + $(INCDIR)\glob.h \ + $(INCDIR)\hex.h \ + $(INCDIR)\ifaddrs.h \ + $(INCDIR)\parse_bytes.h \ + $(INCDIR)\parse_time.h \ + $(INCDIR)\parse_units.h \ + $(INCDIR)\resolve.h \ + $(INCDIR)\roken.h \ + $(INCDIR)\roken-common.h \ + $(INCDIR)\rtbl.h \ + $(INCDIR)\search.h \ + $(INCDIR)\stdbool.h \ + $(INCDIR)\syslog.h \ + $(INCDIR)\vis.h \ + $(INCDIR)\xdbm.h + +clean:: + -$(RM) $(XHEADERS) + +all:: $(INCFILES) $(LIBROKEN) + +clean:: + -$(RM) $(LIBROKEN) + +TMP_PROGS = $(OBJ)\snprintf-test.exe $(OBJ)\resolve-test.exe + +# Tests + +TEST_PROGS = \ + $(OBJ)\base64-test.exe \ + $(OBJ)\getaddrinfo-test.exe \ + $(OBJ)\getifaddrs-test.exe \ + $(OBJ)\hex-test.exe \ + $(OBJ)\test-readenv.exe \ + $(OBJ)\parse_bytes-test.exe \ + $(OBJ)\parse_reply-test.exe \ + $(OBJ)\parse_time-test.exe \ + $(OBJ)\snprintf-test.exe \ + $(OBJ)\strpftime-test.exe \ + $(OBJ)\dirent-test.exe \ + $(OBJ)\test-mini_inetd.exe + +$(OBJ)\strftime_test.obj: strftime.c + $(C2OBJ) -DTEST_SNPRINTF -DTEST_STRPFTIME -DBUILD_ROKEN_LIB + +$(OBJ)\strptime_test.obj: strptime.c + $(C2OBJ) -DTEST_SNPRINTF -DTEST_STRPFTIME -DBUILD_ROKEN_LIB + +$(OBJ)\snprintf_test.obj: snprintf.c + $(C2OBJ) -DTEST_SNPRINTF -DTEST_STRPFTIME -DBUILD_ROKEN_LIB + +$(OBJ)\libtest.lib: $(OBJ)\strftime_test.obj $(OBJ)\strptime_test.obj $(OBJ)\snprintf_test.obj + $(LIBCON) + +$(OBJ)\parse_reply-test.obj: parse_reply-test.c + $(C2OBJ) -DTEST_RESOLVE -DBUILD_ROKEN_LIB + +$(OBJ)\resolve_test.obj: resolve.c + $(C2OBJ) -DTEST_RESOLVE -DBUILD_ROKEN_LIB + +$(OBJ)\parse_reply-test.exe: $(OBJ)\parse_reply-test.obj $(OBJ)\resolve_test.obj $(LIBROKEN) + $(EXECONLINK) DnsAPI.lib + +$(OBJ)\test-readenv.exe: $(OBJ)\test-readenv.obj $(OBJ)\test-mem.obj $(LIBROKEN) + $(EXECONLINK) + +$(OBJ)\parse_time-test.exe: $(OBJ)\parse_time-test.obj $(OBJ)\test-mem.obj $(LIBROKEN) + $(EXECONLINK) + +$(OBJ)\strpftime-test.obj: strpftime-test.c + $(C2OBJ) -DTEST_STRPFTIME -DBUILD_ROKEN_LIB + +$(OBJ)\strpftime-test.exe: $(OBJ)\strpftime-test.obj $(OBJ)\libtest.lib $(LIBROKEN) + $(EXECONLINK) + +$(OBJ)\snprintf-test.obj: snprintf-test.c + $(C2OBJ) -DTEST_SNPRINTF -DBUILD_ROKEN_LIB + +$(OBJ)\snprintf-test.exe: $(OBJ)\snprintf-test.obj $(OBJ)\libtest.lib $(LIBROKEN) + $(EXECONLINK) + +$(OBJ)\resolve-test.exe: $(OBJ)\resolve-test.obj $(LIBROKEN) + $(EXECONLINK) DnsAPI.lib + +$(OBJ)\base64-test.exe: $(OBJ)\base64-test.obj $(OBJ)\base64.obj + $(EXECONLINK) + +$(OBJ)\getaddrinfo-test.exe: $(OBJ)\getaddrinfo-test.obj $(LIBROKEN) + $(EXECONLINK) + +$(OBJ)\hex-test.exe: $(OBJ)\hex-test.obj $(LIBROKEN) + $(EXECONLINK) + +$(OBJ)\parse_bytes-test.exe: $(OBJ)\parse_bytes-test.obj $(LIBROKEN) + $(EXECONLINK) + +$(OBJ)\dirent-test.exe: $(OBJ)\dirent-test.obj $(LIBROKEN) + $(EXECONLINK) + +$(OBJ)\getifaddrs-test.exe: $(OBJ)\getifaddrs-test.obj $(LIBROKEN) + $(EXECONLINK) + +$(OBJ)\test-mini_inetd.exe: $(OBJ)\test-mini_inetd.obj $(LIBROKEN) + $(EXECONLINK) + +test-binaries: $(TEST_PROGS) $(TMP_PROGS) + +test-run: + cd $(OBJ) + test-mini_inetd.exe + dirent-test.exe + base64-test.exe + getaddrinfo-test.exe + getifaddrs-test.exe + hex-test.exe + test-readenv.exe + parse_bytes-test.exe +# Need to rewrite this test: +# parse_reply-test.exe + parse_time-test.exe + snprintf-test.exe + strpftime-test.exe + cd $(SRCDIR) + +test:: test-binaries test-run + diff --git a/lib/roken/base64-test.c b/lib/roken/base64-test.c index 435e41b1832a..e9a2835e85e1 100644 --- a/lib/roken/base64-test.c +++ b/lib/roken/base64-test.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: base64-test.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include "roken.h" #include @@ -63,7 +60,7 @@ main(int argc, char **argv) int len; len = base64_encode(t->data, t->len, &str); if(strcmp(str, t->result) != 0) { - fprintf(stderr, "failed test %d: %s != %s\n", numtest, + fprintf(stderr, "failed test %d: %s != %s\n", numtest, str, t->result); numerr++; } @@ -85,12 +82,12 @@ main(int argc, char **argv) { char str[32]; if(base64_decode("M=M=", str) != -1) { - fprintf(stderr, "failed test %d: successful decode of `M=M='\n", + fprintf(stderr, "failed test %d: successful decode of `M=M='\n", numtest++); numerr++; } if(base64_decode("MQ===", str) != -1) { - fprintf(stderr, "failed test %d: successful decode of `MQ==='\n", + fprintf(stderr, "failed test %d: successful decode of `MQ==='\n", numtest++); numerr++; } diff --git a/lib/roken/base64.c b/lib/roken/base64.c index daf7fc567161..394e9841c78d 100644 --- a/lib/roken/base64.c +++ b/lib/roken/base64.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995-2001 Kungliga Tekniska Högskolan + * Copyright (c) 1995-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,18 +31,17 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: base64.c 15506 2005-06-23 10:47:57Z lha $"); -#endif + #include #include +#include #include "base64.h" -static const char base64_chars[] = +static const char base64_chars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; -static int +static int pos(char c) { const char *p; @@ -52,7 +51,7 @@ pos(char c) return -1; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL base64_encode(const void *data, int size, char **str) { char *s, *p; @@ -60,11 +59,18 @@ base64_encode(const void *data, int size, char **str) int c; const unsigned char *q; - p = s = (char *) malloc(size * 4 / 3 + 4); - if (p == NULL) + if (size > INT_MAX/4 || size < 0) { + *str = NULL; return -1; + } + + p = s = (char *) malloc(size * 4 / 3 + 4); + if (p == NULL) { + *str = NULL; + return -1; + } q = (const unsigned char *) data; - i = 0; + for (i = 0; i < size;) { c = q[i++]; c *= 256; @@ -87,7 +93,7 @@ base64_encode(const void *data, int size, char **str) } *p = 0; *str = s; - return strlen(s); + return (int) strlen(s); } #define DECODE_ERROR 0xffffffff @@ -114,7 +120,7 @@ token_decode(const char *token) return (marker << 24) | val; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL base64_decode(const char *str, void *data) { const char *p; diff --git a/lib/roken/base64.h b/lib/roken/base64.h index 09aadffe7c41..dfae4c13b324 100644 --- a/lib/roken/base64.h +++ b/lib/roken/base64.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,23 +31,25 @@ * SUCH DAMAGE. */ -/* $Id: base64.h 15535 2005-06-30 07:13:33Z lha $ */ +/* $Id$ */ #ifndef _BASE64_H_ #define _BASE64_H_ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL base64_encode(const void *, int, char **); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL base64_decode(const char *, void *); #endif diff --git a/lib/roken/bswap.c b/lib/roken/bswap.c index e669eb2e4c0b..7f8c1c22b1b7 100644 --- a/lib/roken/bswap.c +++ b/lib/roken/bswap.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2001 Kungliga Tekniska Högskolan + * Copyright (c) 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,16 +31,12 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #include "roken.h" -RCSID("$Id: bswap.c 14773 2005-04-12 11:29:18Z lha $"); - #ifndef HAVE_BSWAP32 -unsigned int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION unsigned int ROKEN_LIB_CALL bswap32 (unsigned int val) { return (val & 0xff) << 24 | @@ -52,7 +48,7 @@ bswap32 (unsigned int val) #ifndef HAVE_BSWAP16 -unsigned short ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION unsigned short ROKEN_LIB_CALL bswap16 (unsigned short val) { return (val & 0xff) << 8 | diff --git a/lib/roken/chown.c b/lib/roken/chown.c index 5eb9c92c806d..90a82d958ec2 100644 --- a/lib/roken/chown.c +++ b/lib/roken/chown.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: chown.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL chown(const char *path, uid_t owner, gid_t group) { return 0; diff --git a/lib/roken/cloexec.c b/lib/roken/cloexec.c new file mode 100644 index 000000000000..2d1fe033f2d1 --- /dev/null +++ b/lib/roken/cloexec.c @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include "roken.h" + +void ROKEN_LIB_FUNCTION +rk_cloexec(int fd) +{ +#ifdef HAVE_FCNTL + int ret; + + ret = fcntl(fd, F_GETFD); + if (ret == -1) + return; + if (fcntl(fd, F_SETFD, ret | FD_CLOEXEC) == -1) + return; +#endif +} + +void ROKEN_LIB_FUNCTION +rk_cloexec_file(FILE *f) +{ +#ifdef HAVE_FCNTL + rk_cloexec(fileno(f)); +#endif +} + +void ROKEN_LIB_FUNCTION +rk_cloexec_dir(DIR * d) +{ +#ifndef _WIN32 + rk_cloexec(dirfd(d)); +#endif +} diff --git a/lib/roken/closefrom.c b/lib/roken/closefrom.c index f56e556a81d9..770eb2c67ac1 100644 --- a/lib/roken/closefrom.c +++ b/lib/roken/closefrom.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: closefrom.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #ifdef HAVE_SYS_TYPES_H #include @@ -45,7 +42,7 @@ RCSID("$Id: closefrom.c 21005 2007-06-08 01:54:35Z lha $"); #include "roken.h" -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL closefrom(int fd) { int num = getdtablesize(); diff --git a/lib/roken/concat.c b/lib/roken/concat.c index 94e0fcc31103..0b4ac46824c4 100644 --- a/lib/roken/concat.c +++ b/lib/roken/concat.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,13 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: concat.c 14773 2005-04-12 11:29:18Z lha $"); -#endif + #include "roken.h" -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL roken_concat (char *s, size_t len, ...) { int ret; @@ -49,7 +47,7 @@ roken_concat (char *s, size_t len, ...) return ret; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL roken_vconcat (char *s, size_t len, va_list args) { const char *a; @@ -67,7 +65,7 @@ roken_vconcat (char *s, size_t len, va_list args) return 0; } -size_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL roken_vmconcat (char **s, size_t max_len, va_list args) { const char *a; @@ -80,7 +78,7 @@ roken_vmconcat (char **s, size_t max_len, va_list args) len = 1; while ((a = va_arg(args, const char*))) { size_t n = strlen (a); - + if(max_len && len + n > max_len){ free(p); return 0; @@ -99,10 +97,10 @@ roken_vmconcat (char **s, size_t max_len, va_list args) return len; } -size_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL roken_mconcat (char **s, size_t max_len, ...) { - int ret; + size_t ret; va_list args; va_start(args, max_len); diff --git a/lib/roken/copyhostent.c b/lib/roken/copyhostent.c index 6410449ffbe6..4ed630210fc8 100644 --- a/lib/roken/copyhostent.c +++ b/lib/roken/copyhostent.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: copyhostent.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" @@ -42,7 +39,7 @@ RCSID("$Id: copyhostent.c 14773 2005-04-12 11:29:18Z lha $"); * return a malloced copy of `h' */ -struct hostent * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION struct hostent * ROKEN_LIB_CALL copyhostent (const struct hostent *h) { struct hostent *res; diff --git a/lib/roken/ct.c b/lib/roken/ct.c new file mode 100644 index 000000000000..0778c2d47499 --- /dev/null +++ b/lib/roken/ct.c @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include "roken.h" + +/** + * Constant time compare to memory regions. The reason for making it + * constant time is to make sure that timeing information leak from + * where in the function the diffrence is. + * + * ct_memcmp() can't be used to order memory regions like memcmp(), + * for example, use ct_memcmp() with qsort(). + * + * @param p1 memory region 1 to compare + * @param p2 memory region 2 to compare + * @param len length of memory + * + * @return 0 when the memory regions are equal, non zero if not + * + * @ingroup roken + */ + +int +ct_memcmp(const void *p1, const void *p2, size_t len) +{ + const unsigned char *s1 = p1, *s2 = p2; + size_t i; + int r = 0; + + for (i = 0; i < len; i++) + r |= (s1[i] ^ s2[i]); + return !!r; +} diff --git a/lib/roken/daemon.c b/lib/roken/daemon.c index 2bc2350054c8..591a9a9532fb 100644 --- a/lib/roken/daemon.c +++ b/lib/roken/daemon.c @@ -31,11 +31,7 @@ static char sccsid[] = "@(#)daemon.c 8.1 (Berkeley) 6/4/93"; #endif /* LIBC_SCCS and not lint */ -#ifdef HAVE_CONFIG_H #include -#endif - -RCSID("$Id: daemon.c 14773 2005-04-12 11:29:18Z lha $"); #ifndef HAVE_DAEMON @@ -51,7 +47,7 @@ RCSID("$Id: daemon.c 14773 2005-04-12 11:29:18Z lha $"); #include "roken.h" -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL daemon(int nochdir, int noclose) { int fd; diff --git a/lib/roken/doxygen.c b/lib/roken/doxygen.c new file mode 100644 index 000000000000..0d30a47a2c83 --- /dev/null +++ b/lib/roken/doxygen.c @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/*! @mainpage Heimdal Roken support library + * + * @section intro Introduction + * + * Heimdal's roken implememnts missing functions and make it easier to + * work with almost unixies like cygwin and AIX. + * + * The project web page: http://www.h5l.org/ + */ + +/** @defgroup roken Heimdal roken library */ diff --git a/lib/roken/dumpdata.c b/lib/roken/dumpdata.c index 4750cac1a5bb..844360187f87 100644 --- a/lib/roken/dumpdata.c +++ b/lib/roken/dumpdata.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan + * Copyright (c) 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,12 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: dumpdata.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include #include "roken.h" @@ -44,7 +39,7 @@ RCSID("$Id: dumpdata.c 21005 2007-06-08 01:54:35Z lha $"); * Write datablob to a filename, don't care about errors. */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rk_dumpdata (const char *filename, const void *buf, size_t size) { int fd; @@ -55,3 +50,45 @@ rk_dumpdata (const char *filename, const void *buf, size_t size) net_write(fd, buf, size); close(fd); } + +/* + * Read all data from a filename, care about errors. + */ + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_undumpdata(const char *filename, void **buf, size_t *size) +{ + struct stat sb; + int fd, ret; + ssize_t sret; + + *buf = NULL; + + fd = open(filename, O_RDONLY, 0); + if (fd < 0) + return errno; + if (fstat(fd, &sb) != 0){ + ret = errno; + goto out; + } + *buf = malloc(sb.st_size); + if (*buf == NULL) { + ret = ENOMEM; + goto out; + } + *size = sb.st_size; + + sret = net_read(fd, *buf, *size); + if (sret < 0) + ret = errno; + else if (sret != (ssize_t)*size) { + ret = EINVAL; + free(*buf); + *buf = NULL; + } else + ret = 0; + + out: + close(fd); + return ret; +} diff --git a/lib/roken/ecalloc.3 b/lib/roken/ecalloc.3 index 194ad271cf9a..a2863df4317a 100644 --- a/lib/roken/ecalloc.3 +++ b/lib/roken/ecalloc.3 @@ -1,34 +1,34 @@ -.\" Copyright (c) 2001, 2003 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2001, 2003 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" $Id: ecalloc.3 12527 2003-08-15 12:28:14Z joda $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" $Id$ .\" .Dd August 14, 2003 .Dt ECALLOC 3 @@ -61,13 +61,13 @@ The roken library (libroken, -lroken) .Ft ssize_t .Fn ewrite "int fd" "const void *buf" "size_t nbytes" .Sh DESCRIPTION -These functions do the same as the ones without the +These functions do the same as the ones without the .Dq e -prefix, but if there is an error they will print a message with +prefix, but if there is an error they will print a message with .Xr errx 3 , and exit. For .Nm eread -and +and .Nm ewrite this is also true for partial data. .Pp diff --git a/lib/roken/ecalloc.c b/lib/roken/ecalloc.c index c5ef4a7b2450..04b37330c9b9 100644 --- a/lib/roken/ecalloc.c +++ b/lib/roken/ecalloc.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: ecalloc.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #include @@ -45,7 +42,7 @@ RCSID("$Id: ecalloc.c 21005 2007-06-08 01:54:35Z lha $"); * Like calloc but never fails. */ -void * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL ecalloc (size_t number, size_t size) { void *tmp = calloc (number, size); diff --git a/lib/roken/ecalloc.cat3 b/lib/roken/ecalloc.cat3 new file mode 100644 index 000000000000..550cf3f223cd --- /dev/null +++ b/lib/roken/ecalloc.cat3 @@ -0,0 +1,47 @@ + +ECALLOC(3) BSD Library Functions Manual ECALLOC(3) + +NNAAMMEE + eeccaalllloocc, eemmaalllloocc, eerreeaadd, eerreeaalllloocc, eesseetteennvv, eessttrrdduupp, eewwrriittee -- exit-on- + failure wrapper functions + +LLIIBBRRAARRYY + The roken library (libroken, -lroken) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _v_o_i_d _* + eeccaalllloocc(_s_i_z_e___t _n_u_m_b_e_r, _s_i_z_e___t _s_i_z_e); + + _v_o_i_d _* + eemmaalllloocc(_s_i_z_e___t _s_z); + + _s_s_i_z_e___t + eerreeaadd(_i_n_t _f_d, _v_o_i_d _*_b_u_f, _s_i_z_e___t _n_b_y_t_e_s); + + _v_o_i_d _* + eerreeaalllloocc(_v_o_i_d _*_p_t_r, _s_i_z_e___t _s_z); + + _v_o_i_d + eesseetteennvv(_c_o_n_s_t _c_h_a_r _*_v_a_r, _c_o_n_s_t _c_h_a_r _*_v_a_l, _i_n_t _r_e_w_r_i_t_e); + + _c_h_a_r _* + eessttrrdduupp(_c_o_n_s_t _c_h_a_r _*_s_t_r); + + _s_s_i_z_e___t + eewwrriittee(_i_n_t _f_d, _c_o_n_s_t _v_o_i_d _*_b_u_f, _s_i_z_e___t _n_b_y_t_e_s); + +DDEESSCCRRIIPPTTIIOONN + These functions do the same as the ones without the ``e'' prefix, but if + there is an error they will print a message with errx(3), and exit. For + eerreeaadd and eewwrriittee this is also true for partial data. + + This is useful in applications when there is no need for a more advanced + failure mode. + +SSEEEE AALLSSOO + read(2), write(2), calloc(3), errx(3), malloc(3), realloc(3), setenv(3), + strdup(3) + +HEIMDAL August 14, 2003 HEIMDAL diff --git a/lib/roken/emalloc.c b/lib/roken/emalloc.c index a39fcc0d22bf..2520230a3548 100644 --- a/lib/roken/emalloc.c +++ b/lib/roken/emalloc.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: emalloc.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #include @@ -45,7 +42,7 @@ RCSID("$Id: emalloc.c 21005 2007-06-08 01:54:35Z lha $"); * Like malloc but never fails. */ -void * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL emalloc (size_t sz) { void *tmp = malloc (sz); diff --git a/lib/roken/environment.c b/lib/roken/environment.c index 3822e4c6ffe5..64c354d62bbd 100644 --- a/lib/roken/environment.c +++ b/lib/roken/environment.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2000, 2005 Kungliga Tekniska Högskolan + * Copyright (c) 2000, 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -32,10 +32,7 @@ */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: environment.c 20866 2007-06-03 21:00:29Z lha $"); -#endif #include #include @@ -43,7 +40,7 @@ RCSID("$Id: environment.c 20866 2007-06-03 21:00:29Z lha $"); #include "roken.h" /* find assignment in env list; len is length of variable including - * equal + * equal */ static int @@ -63,7 +60,7 @@ find_var(char **env, char *assignment, size_t len) */ static int -rk_read_env_file(FILE *F, char ***env, int *assigned) +read_env_file(FILE *F, char ***env, int *assigned) { int idx = 0; int i; @@ -126,11 +123,11 @@ rk_read_env_file(FILE *F, char ***env, int *assigned) } /* - * return count of environment assignments from file and + * return count of environment assignments from file and * list of malloced strings in `env' */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL read_environment(const char *file, char ***env) { int assigned; @@ -139,12 +136,12 @@ read_environment(const char *file, char ***env) if ((F = fopen(file, "r")) == NULL) return 0; - rk_read_env_file(F, env, &assigned); + read_env_file(F, env, &assigned); fclose(F); return assigned; } -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL free_environment(char **env) { int i; diff --git a/lib/roken/eread.c b/lib/roken/eread.c index ec4eed412e10..ba30f0230c51 100644 --- a/lib/roken/eread.c +++ b/lib/roken/eread.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,13 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: eread.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include #include "roken.h" @@ -45,7 +39,7 @@ RCSID("$Id: eread.c 21005 2007-06-08 01:54:35Z lha $"); * Like read but never fails (and never returns partial data). */ -ssize_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL eread (int fd, void *buf, size_t nbytes) { ssize_t ret; diff --git a/lib/roken/erealloc.c b/lib/roken/erealloc.c index c38236085cb1..1c30ecc60bfb 100644 --- a/lib/roken/erealloc.c +++ b/lib/roken/erealloc.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: erealloc.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #include @@ -45,7 +42,7 @@ RCSID("$Id: erealloc.c 21005 2007-06-08 01:54:35Z lha $"); * Like realloc but never fails. */ -void * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL erealloc (void *ptr, size_t sz) { void *tmp = realloc (ptr, sz); diff --git a/lib/roken/err.c b/lib/roken/err.c index dcb820bba6b5..5fbe84fdf761 100644 --- a/lib/roken/err.c +++ b/lib/roken/err.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: err.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "err.h" -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL err(int eval, const char *fmt, ...) { va_list ap; diff --git a/lib/roken/err.hin b/lib/roken/err.hin index 2f1232d3e7f8..96fe5cf8515f 100644 --- a/lib/roken/err.hin +++ b/lib/roken/err.hin @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995 - 2004 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: err.hin 14773 2005-04-12 11:29:18Z lha $ */ +/* $Id$ */ #ifndef __ERR_H__ #define __ERR_H__ @@ -48,40 +48,42 @@ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL verr(int eval, const char *fmt, va_list ap) __attribute__ ((noreturn, format (printf, 2, 0))); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL err(int eval, const char *fmt, ...) __attribute__ ((noreturn, format (printf, 2, 3))); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL verrx(int eval, const char *fmt, va_list ap) __attribute__ ((noreturn, format (printf, 2, 0))); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL errx(int eval, const char *fmt, ...) __attribute__ ((noreturn, format (printf, 2, 3))); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL vwarn(const char *fmt, va_list ap) __attribute__ ((format (printf, 1, 0))); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL warn(const char *fmt, ...) __attribute__ ((format (printf, 1, 2))); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL vwarnx(const char *fmt, va_list ap) __attribute__ ((format (printf, 1, 0))); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL warnx(const char *fmt, ...) __attribute__ ((format (printf, 1, 2))); diff --git a/lib/roken/errx.c b/lib/roken/errx.c index 1090ac79d029..f75ad0179e3b 100644 --- a/lib/roken/errx.c +++ b/lib/roken/errx.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: errx.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "err.h" -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL errx(int eval, const char *fmt, ...) { va_list ap; diff --git a/lib/roken/esetenv.c b/lib/roken/esetenv.c index e92f04ab32f0..3cbf5ed365e0 100644 --- a/lib/roken/esetenv.c +++ b/lib/roken/esetenv.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2000, 2001 Kungliga Tekniska Högskolan + * Copyright (c) 2000, 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,16 +31,13 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: esetenv.c 15502 2005-06-21 18:56:15Z lha $"); -#endif #include "roken.h" #include -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL esetenv(const char *var, const char *val, int rewrite) { if (setenv (rk_UNCONST(var), rk_UNCONST(val), rewrite)) diff --git a/lib/roken/estrdup.c b/lib/roken/estrdup.c index 262412bd35e8..d275a2830b08 100644 --- a/lib/roken/estrdup.c +++ b/lib/roken/estrdup.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: estrdup.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #include @@ -45,7 +42,7 @@ RCSID("$Id: estrdup.c 21005 2007-06-08 01:54:35Z lha $"); * Like strdup but never fails. */ -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL estrdup (const char *str) { char *tmp = strdup (str); diff --git a/lib/roken/ewrite.c b/lib/roken/ewrite.c index a2323d6ffd9e..fce570529225 100644 --- a/lib/roken/ewrite.c +++ b/lib/roken/ewrite.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,13 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: ewrite.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include #include "roken.h" @@ -45,7 +39,7 @@ RCSID("$Id: ewrite.c 21005 2007-06-08 01:54:35Z lha $"); * Like write but never fails (and never returns partial data). */ -ssize_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL ewrite (int fd, const void *buf, size_t nbytes) { ssize_t ret; diff --git a/lib/roken/fchown.c b/lib/roken/fchown.c index 87a205179f2d..050c2dd3be75 100644 --- a/lib/roken/fchown.c +++ b/lib/roken/fchown.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: fchown.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL fchown(int fd, uid_t owner, gid_t group) { return 0; diff --git a/lib/roken/flock.c b/lib/roken/flock.c index 911d5ff31ed3..068d09929e1c 100644 --- a/lib/roken/flock.c +++ b/lib/roken/flock.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,25 +31,22 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #ifndef HAVE_FLOCK -RCSID("$Id: flock.c 14773 2005-04-12 11:29:18Z lha $"); #include "roken.h" - #define OP_MASK (LOCK_SH | LOCK_EX | LOCK_UN) -int ROKEN_LIB_FUNCTION -flock(int fd, int operation) + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_flock(int fd, int operation) { #if defined(HAVE_FCNTL) && defined(F_SETLK) struct flock arg; int code, cmd; - + arg.l_whence = SEEK_SET; arg.l_start = 0; arg.l_len = 0; /* means to EOF */ @@ -78,6 +75,76 @@ flock(int fd, int operation) break; } return code; + +#elif defined(_WIN32) + /* Windows */ + +#define FLOCK_OFFSET_LOW 0 +#define FLOCK_OFFSET_HIGH 0 +#define FLOCK_LENGTH_LOW 0x00000000 +#define FLOCK_LENGTH_HIGH 0x80000000 + + HANDLE hFile; + OVERLAPPED ov; + BOOL rv = FALSE; + DWORD f = 0; + + hFile = (HANDLE) _get_osfhandle(fd); + if (hFile == NULL || hFile == INVALID_HANDLE_VALUE) { + _set_errno(EBADF); + return -1; + } + + ZeroMemory(&ov, sizeof(ov)); + ov.hEvent = NULL; + ov.Offset = FLOCK_OFFSET_LOW; + ov.OffsetHigh = FLOCK_OFFSET_HIGH; + + if (operation & LOCK_NB) + f = LOCKFILE_FAIL_IMMEDIATELY; + + switch (operation & OP_MASK) { + case LOCK_UN: /* Unlock */ + rv = UnlockFileEx(hFile, 0, + FLOCK_LENGTH_LOW, FLOCK_LENGTH_HIGH, &ov); + break; + + case LOCK_SH: /* Shared lock */ + rv = LockFileEx(hFile, f, 0, + FLOCK_LENGTH_LOW, FLOCK_LENGTH_HIGH, &ov); + break; + + case LOCK_EX: /* Exclusive lock */ + rv = LockFileEx(hFile, f|LOCKFILE_EXCLUSIVE_LOCK, 0, + FLOCK_LENGTH_LOW, FLOCK_LENGTH_HIGH, + &ov); + break; + + default: + _set_errno(EINVAL); + return -1; + } + + if (!rv) { + switch (GetLastError()) { + case ERROR_SHARING_VIOLATION: + case ERROR_LOCK_VIOLATION: + case ERROR_IO_PENDING: + _set_errno(EWOULDBLOCK); + break; + + case ERROR_ACCESS_DENIED: + _set_errno(EACCES); + break; + + default: + _set_errno(ENOLCK); + } + return -1; + } + + return 0; + #else return -1; #endif diff --git a/lib/roken/fnmatch.c b/lib/roken/fnmatch.c index 126949a8e08d..7dfe492179d1 100644 --- a/lib/roken/fnmatch.c +++ b/lib/roken/fnmatch.c @@ -45,6 +45,12 @@ static char rcsid[] = "$NetBSD: fnmatch.c,v 1.11 1995/02/27 03:43:06 cgd Exp $"; * Compares a filename or pathname to a pattern. */ +#ifdef HAVE_CONFIG_H +#include +#endif + +#include + #include #include @@ -52,7 +58,7 @@ static char rcsid[] = "$NetBSD: fnmatch.c,v 1.11 1995/02/27 03:43:06 cgd Exp $"; static const char *rangematch (const char *, int, int); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_fnmatch(const char *pattern, const char *string, int flags) { const char *stringstart; @@ -147,13 +153,13 @@ rangematch(const char *pattern, int test, int flags) */ if (negate = (*pattern == '!' || *pattern == '^')) ++pattern; - + for (ok = 0; (c = *pattern++) != ']';) { if (c == '\\' && !(flags & FNM_NOESCAPE)) c = *pattern++; if (c == EOS) return (NULL); - if (*pattern == '-' + if (*pattern == '-' && (c2 = *(pattern+1)) != EOS && c2 != ']') { pattern += 2; if (c2 == '\\' && !(flags & FNM_NOESCAPE)) diff --git a/lib/roken/fnmatch.hin b/lib/roken/fnmatch.hin index d5d54a56225e..fd96656de85f 100644 --- a/lib/roken/fnmatch.hin +++ b/lib/roken/fnmatch.hin @@ -36,9 +36,11 @@ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __stdcall #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif diff --git a/lib/roken/freeaddrinfo.c b/lib/roken/freeaddrinfo.c index a61536ddf881..7132e95dd38d 100644 --- a/lib/roken/freeaddrinfo.c +++ b/lib/roken/freeaddrinfo.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: freeaddrinfo.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" @@ -42,7 +39,7 @@ RCSID("$Id: freeaddrinfo.c 14773 2005-04-12 11:29:18Z lha $"); * free the list of `struct addrinfo' starting at `ai' */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL freeaddrinfo(struct addrinfo *ai) { struct addrinfo *tofree; diff --git a/lib/roken/freehostent.c b/lib/roken/freehostent.c index 54fc49532b20..61fbb223b5ec 100644 --- a/lib/roken/freehostent.c +++ b/lib/roken/freehostent.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: freehostent.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" @@ -42,7 +39,7 @@ RCSID("$Id: freehostent.c 14773 2005-04-12 11:29:18Z lha $"); * free a malloced hostent */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL freehostent (struct hostent *h) { char **p; diff --git a/lib/roken/gai_strerror.c b/lib/roken/gai_strerror.c index c86274358b66..1e326bee3677 100644 --- a/lib/roken/gai_strerror.c +++ b/lib/roken/gai_strerror.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: gai_strerror.c 15837 2005-08-05 09:31:35Z lha $"); -#endif #include "roken.h" @@ -65,7 +62,7 @@ static struct gai_error { * */ -const char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL gai_strerror(int ecode) { struct gai_error *g; diff --git a/lib/roken/get_default_username.c b/lib/roken/get_default_username.c index 754b60d2a8b1..da6806b15b40 100644 --- a/lib/roken/get_default_username.c +++ b/lib/roken/get_default_username.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: get_default_username.c 14773 2005-04-12 11:29:18Z lha $"); -#endif /* HAVE_CONFIG_H */ #include "roken.h" @@ -43,7 +40,7 @@ RCSID("$Id: get_default_username.c 14773 2005-04-12 11:29:18Z lha $"); * NULL if we can't guess at all. */ -const char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL get_default_username (void) { const char *user; @@ -76,5 +73,11 @@ get_default_username (void) return pwd->pw_name; } #endif +#ifdef _WIN32 + /* TODO: We can call GetUserNameEx() and figure out a + username. However, callers do not free the return value of this + function. */ +#endif + return user; } diff --git a/lib/roken/get_window_size.c b/lib/roken/get_window_size.c index 7fa91d652270..5a4a1753fef5 100644 --- a/lib/roken/get_window_size.c +++ b/lib/roken/get_window_size.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: get_window_size.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #ifdef HAVE_UNISTD_H @@ -60,43 +57,76 @@ RCSID("$Id: get_window_size.c 21005 2007-06-08 01:54:35Z lha $"); #include "roken.h" -int ROKEN_LIB_FUNCTION -get_window_size(int fd, struct winsize *wp) +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +get_window_size(int fd, int *lines, int *columns) { - int ret = -1; - - memset(wp, 0, sizeof(*wp)); + char *s; #if defined(TIOCGWINSZ) - ret = ioctl(fd, TIOCGWINSZ, wp); + { + struct winsize ws; + int ret; + ret = ioctl(fd, TIOCGWINSZ, &ws); + if (ret != -1) { + if (lines) + *lines = ws.ws_row; + if (columns) + *columns = ws.ws_col; + return 0; + } + } #elif defined(TIOCGSIZE) { struct ttysize ts; - + int ret; ret = ioctl(fd, TIOCGSIZE, &ts); - if(ret == 0) { - wp->ws_row = ts.ts_lines; - wp->ws_col = ts.ts_cols; - } + if (ret != -1) { + if (lines) + *lines = ts.ws_lines; + if (columns) + *columns = ts.ts_cols; + return 0; + } } #elif defined(HAVE__SCRSIZE) { int dst[2]; - - _scrsize(dst); - wp->ws_row = dst[1]; - wp->ws_col = dst[0]; - ret = 0; + + _scrsize(dst); + if (lines) + *lines = dst[1]; + if (columns) + *columns = dst[0]; + return 0; + } +#elif defined(_WIN32) + { + intptr_t fh = 0; + CONSOLE_SCREEN_BUFFER_INFO sb_info; + + fh = _get_osfhandle(fd); + if (fh != (intptr_t) INVALID_HANDLE_VALUE && + GetConsoleScreenBufferInfo((HANDLE) fh, &sb_info)) { + if (lines) + *lines = 1 + sb_info.srWindow.Bottom - sb_info.srWindow.Top; + if (columns) + *columns = 1 + sb_info.srWindow.Right - sb_info.srWindow.Left; + + return 0; + } } #endif - if (ret != 0) { - char *s; - if((s = getenv("COLUMNS"))) - wp->ws_col = atoi(s); - if((s = getenv("LINES"))) - wp->ws_row = atoi(s); - if(wp->ws_col > 0 && wp->ws_row > 0) - ret = 0; + if (columns) { + if ((s = getenv("COLUMNS"))) + *columns = atoi(s); + else + return -1; } - return ret; + if (lines) { + if ((s = getenv("LINES"))) + *lines = atoi(s); + else + return -1; + } + return 0; } diff --git a/lib/roken/getaddrinfo-test.c b/lib/roken/getaddrinfo-test.c index 027e32a742c8..a2b726f9a2d2 100644 --- a/lib/roken/getaddrinfo-test.c +++ b/lib/roken/getaddrinfo-test.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: getaddrinfo-test.c 15930 2005-08-12 13:42:17Z lha $"); -#endif #include "roken.h" #include "getarg.h" @@ -43,10 +40,12 @@ static int flags; static int family; static int socktype; +static int verbose_counter; static int version_flag; static int help_flag; static struct getargs args[] = { + {"verbose", 0, arg_counter, &verbose_counter,"verbose", NULL}, {"flags", 0, arg_integer, &flags, "flags", NULL}, {"family", 0, arg_integer, &family, "family", NULL}, {"socktype",0, arg_integer, &socktype, "socktype", NULL}, @@ -71,7 +70,8 @@ doit (const char *nodename, const char *servname) struct addrinfo *res, *r; int ret; - printf ("(%s,%s)... ", nodename ? nodename : "null", servname); + if (verbose_counter) + printf ("(%s,%s)... ", nodename ? nodename : "null", servname); memset (&hints, 0, sizeof(hints)); hints.ai_flags = flags; @@ -79,29 +79,32 @@ doit (const char *nodename, const char *servname) hints.ai_socktype = socktype; ret = getaddrinfo (nodename, servname, &hints, &res); - if (ret) { - printf ("error: %s\n", gai_strerror(ret)); - return; - } - printf ("\n"); + if (ret) + errx(1, "error: %s\n", gai_strerror(ret)); + + if (verbose_counter) + printf ("\n"); for (r = res; r != NULL; r = r->ai_next) { char addrstr[256]; - if (inet_ntop (r->ai_family, + if (inet_ntop (r->ai_family, socket_get_address (r->ai_addr), addrstr, sizeof(addrstr)) == NULL) { - printf ("\tbad address?\n"); + if (verbose_counter) + printf ("\tbad address?\n"); continue; - } - printf ("\tfamily = %d, socktype = %d, protocol = %d, " - "address = \"%s\", port = %d", - r->ai_family, r->ai_socktype, r->ai_protocol, - addrstr, - ntohs(socket_get_port (r->ai_addr))); - if (r->ai_canonname) - printf (", canonname = \"%s\"", r->ai_canonname); - printf ("\n"); + } + if (verbose_counter) { + printf ("\tfamily = %d, socktype = %d, protocol = %d, " + "address = \"%s\", port = %d", + r->ai_family, r->ai_socktype, r->ai_protocol, + addrstr, + ntohs(socket_get_port (r->ai_addr))); + if (r->ai_canonname) + printf (", canonname = \"%s\"", r->ai_canonname); + printf ("\n"); + } } freeaddrinfo (res); } @@ -122,7 +125,7 @@ main(int argc, char **argv) usage (0); if (version_flag) { - fprintf (stderr, "%s from %s-%s)\n", getprogname(), PACKAGE, VERSION); + fprintf (stderr, "%s from %s-%s\n", getprogname(), PACKAGE, VERSION); return 0; } diff --git a/lib/roken/getaddrinfo.c b/lib/roken/getaddrinfo.c index f9ffcd865142..c8ed95413fe3 100644 --- a/lib/roken/getaddrinfo.c +++ b/lib/roken/getaddrinfo.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: getaddrinfo.c 15417 2005-06-16 17:49:29Z lha $"); -#endif #include "roken.h" @@ -368,7 +365,7 @@ get_nodes (const char *nodename, * }; */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL getaddrinfo(const char *nodename, const char *servname, const struct addrinfo *hints, diff --git a/lib/roken/getaddrinfo_hostspec.c b/lib/roken/getaddrinfo_hostspec.c index 29eae31e4caa..454121992d34 100644 --- a/lib/roken/getaddrinfo_hostspec.c +++ b/lib/roken/getaddrinfo_hostspec.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2000 Kungliga Tekniska Högskolan + * Copyright (c) 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,17 +31,14 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: getaddrinfo_hostspec.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" /* getaddrinfo via string specifying host and port */ -int ROKEN_LIB_FUNCTION -roken_getaddrinfo_hostspec2(const char *hostspec, +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +roken_getaddrinfo_hostspec2(const char *hostspec, int socktype, int port, struct addrinfo **ai) @@ -60,15 +57,15 @@ roken_getaddrinfo_hostspec2(const char *hostspec, } *hstp, hst[] = { { "http://", SOCK_STREAM, IPPROTO_TCP, 80 }, { "http/", SOCK_STREAM, IPPROTO_TCP, 80 }, - { "tcp/", SOCK_STREAM, IPPROTO_TCP }, - { "udp/", SOCK_DGRAM, IPPROTO_UDP }, - { NULL } + { "tcp/", SOCK_STREAM, IPPROTO_TCP, 0 }, + { "udp/", SOCK_DGRAM, IPPROTO_UDP, 0 }, + { NULL, 0, 0, 0 } }; memset(&hints, 0, sizeof(hints)); hints.ai_socktype = socktype; - + for(hstp = hst; hstp->prefix; hstp++) { if(strncmp(hostspec, hstp->prefix, strlen(hstp->prefix)) == 0) { hints.ai_socktype = hstp->socktype; @@ -79,7 +76,7 @@ roken_getaddrinfo_hostspec2(const char *hostspec, break; } } - + p = strchr (hostspec, ':'); if (p != NULL) { char *end; @@ -90,13 +87,13 @@ roken_getaddrinfo_hostspec2(const char *hostspec, hostspec_len = strlen(hostspec); } snprintf (portstr, sizeof(portstr), "%u", port); - + snprintf (host, sizeof(host), "%.*s", hostspec_len, hostspec); return getaddrinfo (host, portstr, &hints, ai); } -int ROKEN_LIB_FUNCTION -roken_getaddrinfo_hostspec(const char *hostspec, +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +roken_getaddrinfo_hostspec(const char *hostspec, int port, struct addrinfo **ai) { diff --git a/lib/roken/getarg.3 b/lib/roken/getarg.3 index fd5ed3de0e82..dda6e7dbf3d3 100644 --- a/lib/roken/getarg.3 +++ b/lib/roken/getarg.3 @@ -1,35 +1,35 @@ -.\" Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: getarg.3 13380 2004-02-17 12:04:59Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ .Dd September 24, 1999 .Dt GETARG 3 .Os ROKEN @@ -246,20 +246,20 @@ or .Pp Long option names are prefixed with -- (double dash), and the value with a = (equal), -.Fl -foo= Ns Ar bar . +.Fl Fl foo= Ns Ar bar . Long option flags can either be specified as they are -.Pf ( Fl -help ) , +.Pf ( Fl Fl help ) , or with an (boolean parsable) option -.Pf ( Fl -help= Ns Ar yes , -.Fl -help= Ns Ar true , +.Pf ( Fl Fl help= Ns Ar yes , +.Fl Fl help= Ns Ar true , or similar), or they can also be negated -.Pf ( Fl -no-help +.Pf ( Fl Fl no-help is the same as -.Fl -help= Ns no ) , +.Fl Fl help= Ns no ) , and if you're really confused you can do it multiple times -.Pf ( Fl -no-no-help= Ns Ar false , +.Pf ( Fl Fl no-no-help= Ns Ar false , or even -.Fl -no-no-help= Ns Ar maybe ) . +.Fl Fl no-no-help= Ns Ar maybe ) . .Sh EXAMPLE .Bd -literal #include diff --git a/lib/roken/getarg.c b/lib/roken/getarg.c index c732d2fd43a5..d6a504868959 100644 --- a/lib/roken/getarg.c +++ b/lib/roken/getarg.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: getarg.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #include @@ -45,7 +42,12 @@ RCSID("$Id: getarg.c 21005 2007-06-08 01:54:35Z lha $"); #define ISFLAG(X) ((X).type == arg_flag || (X).type == arg_negative_flag) static size_t -print_arg (char *string, size_t len, int mdoc, int longp, struct getargs *arg) +print_arg (char *string, + size_t len, + int mdoc, + int longp, + struct getargs *arg, + char *(i18n)(const char *)) { const char *s; @@ -66,7 +68,7 @@ print_arg (char *string, size_t len, int mdoc, int longp, struct getargs *arg) } if (arg->arg_help) - s = arg->arg_help; + s = (*i18n)(arg->arg_help); else if (arg->type == arg_integer || arg->type == arg_counter) s = "integer"; else if (arg->type == arg_string) @@ -86,9 +88,10 @@ static void mandoc_template(struct getargs *args, size_t num_args, const char *progname, - const char *extra_string) + const char *extra_string, + char *(i18n)(const char *)) { - int i; + size_t i; char timestr[64], cmd[64]; char buf[128]; const char *p; @@ -106,40 +109,39 @@ mandoc_template(struct getargs *args, if(p) p++; else p = progname; strlcpy(cmd, p, sizeof(cmd)); strupr(cmd); - + printf(".Dt %s SECTION\n", cmd); printf(".Os OPERATING_SYSTEM\n"); printf(".Sh NAME\n"); printf(".Nm %s\n", p); - printf(".Nd\n"); - printf("in search of a description\n"); + printf(".Nd in search of a description\n"); printf(".Sh SYNOPSIS\n"); printf(".Nm\n"); for(i = 0; i < num_args; i++){ /* we seem to hit a limit on number of arguments if doing short and long flags with arguments -- split on two lines */ - if(ISFLAG(args[i]) || + if(ISFLAG(args[i]) || args[i].short_name == 0 || args[i].long_name == NULL) { printf(".Op "); if(args[i].short_name) { - print_arg(buf, sizeof(buf), 1, 0, args + i); + print_arg(buf, sizeof(buf), 1, 0, args + i, i18n); printf("Fl %c%s", args[i].short_name, buf); if(args[i].long_name) printf(" | "); } if(args[i].long_name) { - print_arg(buf, sizeof(buf), 1, 1, args + i); - printf("Fl -%s%s%s", + print_arg(buf, sizeof(buf), 1, 1, args + i, i18n); + printf("Fl Fl %s%s%s", args[i].type == arg_negative_flag ? "no-" : "", args[i].long_name, buf); } printf("\n"); } else { - print_arg(buf, sizeof(buf), 1, 0, args + i); + print_arg(buf, sizeof(buf), 1, 0, args + i, i18n); printf(".Oo Fl %c%s \\*(Ba Xo\n", args[i].short_name, buf); - print_arg(buf, sizeof(buf), 1, 1, args + i); - printf(".Fl -%s%s\n.Xc\n.Oc\n", args[i].long_name, buf); + print_arg(buf, sizeof(buf), 1, 1, args + i, i18n); + printf(".Fl Fl %s%s\n.Xc\n.Oc\n", args[i].long_name, buf); } /* if(args[i].type == arg_strings) @@ -155,17 +157,17 @@ mandoc_template(struct getargs *args, printf(".It Xo\n"); if(args[i].short_name){ printf(".Fl %c", args[i].short_name); - print_arg(buf, sizeof(buf), 1, 0, args + i); + print_arg(buf, sizeof(buf), 1, 0, args + i, i18n); printf("%s", buf); if(args[i].long_name) printf(" ,"); printf("\n"); } if(args[i].long_name){ - printf(".Fl -%s%s", + printf(".Fl Fl %s%s", args[i].type == arg_negative_flag ? "no-" : "", args[i].long_name); - print_arg(buf, sizeof(buf), 1, 1, args + i); + print_arg(buf, sizeof(buf), 1, 1, args + i, i18n); printf("%s\n", buf); } printf(".Xc\n"); @@ -198,31 +200,48 @@ check_column(FILE *f, int col, int len, int columns) return col; } -void ROKEN_LIB_FUNCTION +static char * +builtin_i18n(const char *str) +{ + return rk_UNCONST(str); +} + +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL arg_printusage (struct getargs *args, size_t num_args, const char *progname, const char *extra_string) { - int i; - size_t max_len = 0; + arg_printusage_i18n(args, num_args, "Usage", + progname, extra_string, builtin_i18n); +} + +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +arg_printusage_i18n (struct getargs *args, + size_t num_args, + const char *usage, + const char *progname, + const char *extra_string, + char *(*i18n)(const char *)) +{ + size_t i, max_len = 0; char buf[128]; int col = 0, columns; - struct winsize ws; if (progname == NULL) progname = getprogname(); + if (i18n == NULL) + i18n = builtin_i18n; + if(getenv("GETARGMANDOC")){ - mandoc_template(args, num_args, progname, extra_string); + mandoc_template(args, num_args, progname, extra_string, i18n); return; } - if(get_window_size(2, &ws) == 0) - columns = ws.ws_col; - else + if(get_window_size(2, NULL, &columns) == -1) columns = 80; col = 0; - col += fprintf (stderr, "Usage: %s", progname); + col += fprintf (stderr, "%s: %s", usage, progname); buf[0] = '\0'; for (i = 0; i < num_args; ++i) { if(args[i].short_name && ISFLAG(args[i])) { @@ -253,8 +272,8 @@ arg_printusage (struct getargs *args, } strlcat(buf, args[i].long_name, sizeof(buf)); len += strlen(args[i].long_name); - len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), - 0, 1, &args[i]); + len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), + 0, 1, &args[i], i18n); strlcat(buf, "]", sizeof(buf)); if(args[i].type == arg_strings) strlcat(buf, "...", sizeof(buf)); @@ -264,8 +283,8 @@ arg_printusage (struct getargs *args, if (args[i].short_name && !ISFLAG(args[i])) { snprintf(buf, sizeof(buf), "[-%c", args[i].short_name); len += 2; - len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), - 0, 0, &args[i]); + len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), + 0, 0, &args[i], i18n); strlcat(buf, "]", sizeof(buf)); if(args[i].type == arg_strings) strlcat(buf, "...", sizeof(buf)); @@ -277,7 +296,7 @@ arg_printusage (struct getargs *args, max_len = max(max_len, len); } if (extra_string) { - col = check_column(stderr, col, strlen(extra_string) + 1, columns); + check_column(stderr, col, strlen(extra_string) + 1, columns); fprintf (stderr, " %s\n", extra_string); } else fprintf (stderr, "\n"); @@ -287,7 +306,7 @@ arg_printusage (struct getargs *args, if (args[i].short_name) { count += fprintf (stderr, "-%c", args[i].short_name); - print_arg (buf, sizeof(buf), 0, 0, &args[i]); + print_arg (buf, sizeof(buf), 0, 0, &args[i], i18n); count += fprintf(stderr, "%s", buf); } if (args[i].short_name && args[i].long_name) @@ -297,12 +316,12 @@ arg_printusage (struct getargs *args, if (args[i].type == arg_negative_flag) count += fprintf (stderr, "no-"); count += fprintf (stderr, "%s", args[i].long_name); - print_arg (buf, sizeof(buf), 0, 1, &args[i]); + print_arg (buf, sizeof(buf), 0, 1, &args[i], i18n); count += fprintf(stderr, "%s", buf); } while(count++ <= max_len) putc (' ', stderr); - fprintf (stderr, "%s\n", args[i].help); + fprintf (stderr, "%s\n", (*i18n)(args[i].help)); } } } @@ -329,7 +348,7 @@ static int arg_match_long(struct getargs *args, size_t num_args, char *argv, int argc, char **rargv, int *goptind) { - int i; + size_t i; char *goptarg = NULL; int negate = 0; int partial_match = 0; @@ -378,7 +397,7 @@ arg_match_long(struct getargs *args, size_t num_args, else return ARG_ERR_NO_MATCH; } - + if(*goptarg == '\0' && !ISFLAG(*current) && current->type != arg_collect @@ -407,16 +426,12 @@ arg_match_long(struct getargs *args, size_t num_args, { int *flag = current->value; if(*goptarg == '\0' || - strcmp(goptarg + 1, "yes") == 0 || + strcmp(goptarg + 1, "yes") == 0 || strcmp(goptarg + 1, "true") == 0){ *flag = !negate; return 0; } else if (*goptarg && strcmp(goptarg + 1, "maybe") == 0) { -#ifdef HAVE_RANDOM - *flag = random() & 1; -#else - *flag = rand() & 1; -#endif + *flag = rk_random() & 1; } else { *flag = negate; return 0; @@ -450,6 +465,7 @@ arg_match_long(struct getargs *args, size_t num_args, default: abort (); + UNREACHABLE(return 0); } } @@ -457,7 +473,7 @@ static int arg_match_short (struct getargs *args, size_t num_args, char *argv, int argc, char **rargv, int *goptind) { - int j, k; + size_t j, k; for(j = 1; j > 0 && j < strlen(rargv[*goptind]); j++) { for(k = 0; k < num_args; k++) { @@ -473,16 +489,18 @@ arg_match_short (struct getargs *args, size_t num_args, if(args[k].type == arg_negative_flag) { *(int*)args[k].value = 0; break; - } + } if(args[k].type == arg_counter) { ++*(int *)args[k].value; break; } if(args[k].type == arg_collect) { struct getarg_collect_info *c = args[k].value; + int a = (int)j; - if((*c->func)(TRUE, argc, rargv, goptind, &j, c->data)) + if((*c->func)(TRUE, argc, rargv, goptind, &a, c->data)) return ARG_ERR_BAD_ARG; + j = a; break; } @@ -523,20 +541,14 @@ arg_match_short (struct getargs *args, size_t num_args, return 0; } -int ROKEN_LIB_FUNCTION -getarg(struct getargs *args, size_t num_args, +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +getarg(struct getargs *args, size_t num_args, int argc, char **argv, int *goptind) { int i; int ret = 0; -#if defined(HAVE_SRANDOMDEV) - srandomdev(); -#elif defined(HAVE_RANDOM) - srandom(time(NULL)); -#else - srand (time(NULL)); -#endif + rk_random_init(); (*goptind)++; for(i = *goptind; i < argc; i++) { if(argv[i][0] != '-') @@ -546,7 +558,7 @@ getarg(struct getargs *args, size_t num_args, i++; break; } - ret = arg_match_long (args, num_args, argv[i] + 2, + ret = arg_match_long (args, num_args, argv[i] + 2, argc, argv, &i); } else { ret = arg_match_short (args, num_args, argv[i], @@ -559,7 +571,7 @@ getarg(struct getargs *args, size_t num_args, return ret; } -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL free_getarg_strings (getarg_strings *s) { free (s->strings); @@ -585,9 +597,9 @@ int main(int argc, char **argv) int goptind = 0; while(getarg(args, 5, argc, argv, &goptind)) printf("Bad arg: %s\n", argv[goptind]); - printf("flag1 = %d\n", flag1); - printf("flag2 = %d\n", flag2); - printf("foo_flag = %d\n", foo_flag); + printf("flag1 = %d\n", flag1); + printf("flag2 = %d\n", flag2); + printf("foo_flag = %d\n", foo_flag); printf("bar_int = %d\n", bar_int); printf("baz_flag = %s\n", baz_string); arg_printusage (args, 5, argv[0], "nothing here"); diff --git a/lib/roken/getarg.cat3 b/lib/roken/getarg.cat3 new file mode 100644 index 000000000000..d9eddffd8bfc --- /dev/null +++ b/lib/roken/getarg.cat3 @@ -0,0 +1,231 @@ + +GETARG(3) BSD Library Functions Manual GETARG(3) + +NNAAMMEE + ggeettaarrgg, aarrgg__pprriinnttuussaaggee -- collect command line options + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _i_n_t + ggeettaarrgg(_s_t_r_u_c_t _g_e_t_a_r_g_s _*_a_r_g_s, _s_i_z_e___t _n_u_m___a_r_g_s, _i_n_t _a_r_g_c, _c_h_a_r _*_*_a_r_g_v, + _i_n_t _*_o_p_t_i_n_d); + + _v_o_i_d + aarrgg__pprriinnttuussaaggee(_s_t_r_u_c_t _g_e_t_a_r_g_s _*_a_r_g_s, _s_i_z_e___t _n_u_m___a_r_g_s, + _c_o_n_s_t _c_h_a_r _*_p_r_o_g_n_a_m_e, _c_o_n_s_t _c_h_a_r _*_e_x_t_r_a___s_t_r_i_n_g); + +DDEESSCCRRIIPPTTIIOONN + ggeettaarrgg() collects any command line options given to a program in an eas- + ily used way. aarrgg__pprriinnttuussaaggee() pretty-prints the available options, with + a short help text. + + _a_r_g_s is the option specification to use, and it's an array of _s_t_r_u_c_t + _g_e_t_a_r_g_s elements. _n_u_m___a_r_g_s is the size of _a_r_g_s (in elements). _a_r_g_c and + _a_r_g_v are the argument count and argument vector to extract option from. + _o_p_t_i_n_d is a pointer to an integer where the index to the last processed + argument is stored, it must be initialised to the first index (minus one) + to process (normally 0) before the first call. + + _a_r_g___p_r_i_n_t_u_s_a_g_e take the same _a_r_g_s and _n_u_m___a_r_g_s as getarg; _p_r_o_g_n_a_m_e is the + name of the program (to be used in the help text), and _e_x_t_r_a___s_t_r_i_n_g is a + string to print after the actual options to indicate more arguments. The + usefulness of this function is realised only be people who has used pro- + grams that has help strings that doesn't match what the code does. + + The _g_e_t_a_r_g_s struct has the following elements. + + struct getargs{ + const char *long_name; + char short_name; + enum { arg_integer, + arg_string, + arg_flag, + arg_negative_flag, + arg_strings, + arg_double, + arg_collect + } type; + void *value; + const char *help; + const char *arg_help; + }; + + _l_o_n_g___n_a_m_e is the long name of the option, it can be NULL, if you don't + want a long name. _s_h_o_r_t___n_a_m_e is the characted to use as short option, it + can be zero. If the option has a value the _v_a_l_u_e field gets filled in + with that value interpreted as specified by the _t_y_p_e field. _h_e_l_p is a + longer help string for the option as a whole, if it's NULL the help text + for the option is omitted (but it's still displayed in the synopsis). + _a_r_g___h_e_l_p is a description of the argument, if NULL a default value will + be used, depending on the type of the option: + + arg_integer the argument is a signed integer, and _v_a_l_u_e should + point to an _i_n_t. + + _a_r_g___s_t_r_i_n_g the argument is a string, and _v_a_l_u_e should point to a + _c_h_a_r_*. + + _a_r_g___f_l_a_g the argument is a flag, and _v_a_l_u_e should point to a + _i_n_t. It gets filled in with either zero or one, + depending on how the option is given, the normal case + being one. Note that if the option isn't given, the + value isn't altered, so it should be initialised to + some useful default. + + _a_r_g___n_e_g_a_t_i_v_e___f_l_a_g this is the same as _a_r_g___f_l_a_g but it reverses the mean- + ing of the flag (a given short option clears the + flag), and the synopsis of a long option is negated. + + _a_r_g___s_t_r_i_n_g_s the argument can be given multiple times, and the val- + ues are collected in an array; _v_a_l_u_e should be a + pointer to a _s_t_r_u_c_t _g_e_t_a_r_g___s_t_r_i_n_g_s structure, which + holds a length and a string pointer. + + _a_r_g___d_o_u_b_l_e argument is a double precision floating point value, + and _v_a_l_u_e should point to a _d_o_u_b_l_e. + + _a_r_g___c_o_l_l_e_c_t allows more fine-grained control of the option parsing + process. _v_a_l_u_e should be a pointer to a + _g_e_t_a_r_g___c_o_l_l_e_c_t___i_n_f_o structure: + + typedef int (*getarg_collect_func)(int short_opt, + int argc, + char **argv, + int *optind, + int *optarg, + void *data); + + typedef struct getarg_collect_info { + getarg_collect_func func; + void *data; + } getarg_collect_info; + + With the _f_u_n_c member set to a function to call, and + _d_a_t_a to some application specific data. The parameters + to the collect function are: + + _s_h_o_r_t___f_l_a_g non-zero if this call is via a short option + flag, zero otherwise + + _a_r_g_c, _a_r_g_v the whole argument list + + _o_p_t_i_n_d pointer to the index in argv where the flag is + + _o_p_t_a_r_g pointer to the index in argv[*optind] where the + flag name starts + + _d_a_t_a application specific data + + You can modify _*_o_p_t_i_n_d, and _*_o_p_t_a_r_g, but to do this + correct you (more or less) have to know about the + inner workings of getarg. + + You can skip parts of arguments by increasing _*_o_p_t_a_r_g + (you could implement the --zz_3 set of flags from ggzziipp + with this), or whole argument strings by increasing + _*_o_p_t_i_n_d (let's say you want a flag --cc _x _y _z to specify + a coordinate); if you also have to set _*_o_p_t_a_r_g to a + sane value. + + The collect function should return one of + ARG_ERR_NO_MATCH, ARG_ERR_BAD_ARG, ARG_ERR_NO_ARG, + ENOMEM on error, zero otherwise. + + For your convenience there is a function, + ggeettaarrgg__ooppttaarrgg(), that returns the traditional argument + string, and you pass it all arguments, sans data, that + where given to the collection function. + + Don't use this more this unless you absolutely have + to. + + Option parsing is similar to what getopt uses. Short options without + arguments can be compressed (--xxyyzz is the same as --xx --yy --zz), and short + options with arguments take these as either the rest of the argv-string + or as the next option (--oo_f_o_o, or --oo _f_o_o). + + Long option names are prefixed with -- (double dash), and the value with + a = (equal), ----ffoooo==_b_a_r. Long option flags can either be specified as + they are (----hheellpp), or with an (boolean parsable) option (----hheellpp==_y_e_s, + ----hheellpp==_t_r_u_e, or similar), or they can also be negated (----nnoo--hheellpp is the + same as ----hheellpp==no), and if you're really confused you can do it multiple + times (----nnoo--nnoo--hheellpp==_f_a_l_s_e, or even ----nnoo--nnoo--hheellpp==_m_a_y_b_e). + +EEXXAAMMPPLLEE + #include + #include + #include + + char *source = "Ouagadougou"; + char *destination; + int weight; + int include_catalog = 1; + int help_flag; + + struct getargs args[] = { + { "source", 's', arg_string, &source, + "source of shippment", "city" }, + { "destination", 'd', arg_string, &destination, + "destination of shippment", "city" }, + { "weight", 'w', arg_integer, &weight, + "weight of shippment", "tons" }, + { "catalog", 'c', arg_negative_flag, &include_catalog, + "include product catalog" }, + { "help", 'h', arg_flag, &help_flag } + }; + + int num_args = sizeof(args) / sizeof(args[0]); /* number of elements in args */ + + const char *progname = "ship++"; + + int + main(int argc, char **argv) + { + int optind = 0; + if (getarg(args, num_args, argc, argv, &optind)) { + arg_printusage(args, num_args, progname, "stuff..."); + exit (1); + } + if (help_flag) { + arg_printusage(args, num_args, progname, "stuff..."); + exit (0); + } + if (destination == NULL) { + fprintf(stderr, "%s: must specify destination\n", progname); + exit(1); + } + if (strcmp(source, destination) == 0) { + fprintf(stderr, "%s: destination must be different from source\n"); + exit(1); + } + /* include more stuff here ... */ + exit(2); + } + + The output help output from this program looks like this: + + $ ship++ --help + Usage: ship++ [--source=city] [-s city] [--destination=city] [-d city] + [--weight=tons] [-w tons] [--no-catalog] [-c] [--help] [-h] stuff... + -s city, --source=city source of shippment + -d city, --destination=city destination of shippment + -w tons, --weight=tons weight of shippment + -c, --no-catalog include product catalog + +BBUUGGSS + It should be more flexible, so it would be possible to use other more + complicated option syntaxes, such as what ps(1), and tar(1), uses, or the + AFS model where you can skip the flag names as long as the options come + in the correct order. + + Options with multiple arguments should be handled better. + + Should be integreated with SL. + + It's very confusing that the struct you pass in is called getargS. + +SSEEEE AALLSSOO + getopt(3) + +ROKEN September 24, 1999 ROKEN diff --git a/lib/roken/getarg.h b/lib/roken/getarg.h index 62d1b6687c36..1065c7c661af 100644 --- a/lib/roken/getarg.h +++ b/lib/roken/getarg.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: getarg.h 14776 2005-04-13 05:52:27Z lha $ */ +/* $Id$ */ #ifndef __GETARG_H__ #define __GETARG_H__ @@ -40,19 +40,21 @@ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif struct getargs{ const char *long_name; char short_name; - enum { arg_integer, - arg_string, - arg_flag, - arg_negative_flag, + enum { arg_integer, + arg_string, + arg_flag, + arg_negative_flag, arg_strings, arg_double, arg_collect, @@ -86,17 +88,25 @@ typedef struct getarg_collect_info { void *data; } getarg_collect_info; -int ROKEN_LIB_FUNCTION -getarg(struct getargs *args, size_t num_args, +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +getarg(struct getargs *args, size_t num_args, int argc, char **argv, int *goptind); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL arg_printusage (struct getargs *args, size_t num_args, const char *progname, const char *extra_string); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +arg_printusage_i18n (struct getargs *args, + size_t num_args, + const char *usage, + const char *progname, + const char *extra_string, + char *(*i18n)(const char *)); + +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL free_getarg_strings (getarg_strings *); #endif /* __GETARG_H__ */ diff --git a/lib/roken/getcap.c b/lib/roken/getcap.c index a4e3a7de5d98..42f8dc07d80d 100644 --- a/lib/roken/getcap.c +++ b/lib/roken/getcap.c @@ -32,11 +32,9 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif + #include "roken.h" -RCSID("$Id: getcap.c 22071 2007-11-14 20:04:50Z lha $"); #include #include @@ -45,7 +43,7 @@ RCSID("$Id: getcap.c 22071 2007-11-14 20:04:50Z lha $"); #elif defined(HAVE_DB_H) #include #endif -#include +#include #include #include #include @@ -85,24 +83,24 @@ static int getent (char **, size_t *, char **, int, const char *, int, char *); static int nfcmp (char *, char *); -int ROKEN_LIB_FUNCTION cgetset(const char *ent); -char *ROKEN_LIB_FUNCTION cgetcap(char *buf, const char *cap, int type); -int ROKEN_LIB_FUNCTION cgetent(char **buf, char **db_array, const char *name); -int ROKEN_LIB_FUNCTION cgetmatch(const char *buf, const char *name); -int ROKEN_LIB_FUNCTION cgetclose(void); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetset(const char *ent); +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL cgetcap(char *buf, const char *cap, int type); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetent(char **buf, char **db_array, const char *name); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetmatch(const char *buf, const char *name); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetclose(void); #if 0 int cgetfirst(char **buf, char **db_array); int cgetnext(char **bp, char **db_array); #endif -int ROKEN_LIB_FUNCTION cgetstr(char *buf, const char *cap, char **str); -int ROKEN_LIB_FUNCTION cgetustr(char *buf, const char *cap, char **str); -int ROKEN_LIB_FUNCTION cgetnum(char *buf, const char *cap, long *num); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetstr(char *buf, const char *cap, char **str); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetustr(char *buf, const char *cap, char **str); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetnum(char *buf, const char *cap, long *num); /* * Cgetset() allows the addition of a user specified buffer to be added * to the database array, in effect "pushing" the buffer on top of the * virtual database. 0 is returned on success, -1 on failure. */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetset(const char *ent) { const char *source, *check; @@ -155,7 +153,7 @@ cgetset(const char *ent) * If (cap, '@') or (cap, terminator, '@') is found before (cap, terminator) * return NULL. */ -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL cgetcap(char *buf, const char *cap, int type) { char *bp; @@ -206,7 +204,7 @@ cgetcap(char *buf, const char *cap, int type) * encountered (couldn't open/read a file, etc.), and -3 if a potential * reference loop is detected. */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetent(char **buf, char **db_array, const char *name) { size_t dummy; @@ -233,14 +231,14 @@ cgetent(char **buf, char **db_array, const char *name) * MAX_RECURSION. */ static int -getent(char **cap, size_t *len, char **db_array, int fd, +getent(char **cap, size_t *len, char **db_array, int fd, const char *name, int depth, char *nfield) { char *r_end, *rp = NULL, **db_p; /* pacify gcc */ int myfd = 0, eof, foundit; char *record; int tc_not_resolved; - + /* * Return with ``loop detected'' error if we've recursed more than * MAX_RECURSION times. @@ -358,7 +356,7 @@ getent(char **cap, size_t *len, char **db_array, int fd, for (;;) { if (bp >= b_end) { int n; - + n = read(fd, buf, sizeof(buf)); if (n <= 0) { if (myfd) @@ -375,7 +373,7 @@ getent(char **cap, size_t *len, char **db_array, int fd, b_end = buf+n; bp = buf; } - + c = *bp++; if (c == '\n') { if (slash) { @@ -412,7 +410,7 @@ getent(char **cap, size_t *len, char **db_array, int fd, *rp++ = c; /* - * Enforce loop invariant: if no room + * Enforce loop invariant: if no room * left in record buffer, try to get * some more. */ @@ -444,13 +442,13 @@ getent(char **cap, size_t *len, char **db_array, int fd, */ if (eof) break; - + /* * Toss blank lines and comments. */ if (*record == '\0' || *record == '#') continue; - + /* * See if this is the record we want ... */ @@ -510,7 +508,7 @@ getent(char **cap, size_t *len, char **db_array, int fd, tclen = s - tcstart; tcend = s; - iret = getent(&icap, &ilen, db_p, fd, tc, depth+1, + iret = getent(&icap, &ilen, db_p, fd, tc, depth+1, NULL); newicap = icap; /* Put into a register. */ newilen = ilen; @@ -526,11 +524,11 @@ getent(char **cap, size_t *len, char **db_array, int fd, tc_not_resolved = 1; /* couldn't resolve tc */ if (iret == -1) { - *(s - 1) = ':'; + *(s - 1) = ':'; scan = s - 1; tc_not_resolved = 1; continue; - + } } /* not interested in name field of tc'ed record */ @@ -593,7 +591,7 @@ getent(char **cap, size_t *len, char **db_array, int fd, */ scan = s-1; } - + } /* * Close file (if we opened it), give back any extra memory, and @@ -603,17 +601,17 @@ getent(char **cap, size_t *len, char **db_array, int fd, (void)close(fd); *len = rp - record - 1; /* don't count NUL */ if (r_end > rp) - if ((record = + if ((record = realloc(record, (size_t)(rp - record))) == NULL) { errno = ENOMEM; return (-2); } - + *cap = record; if (tc_not_resolved) return (1); return (0); -} +} #ifdef USE_DB static int @@ -642,7 +640,7 @@ cdbget(DB *capdbp, char **bp, const char *name) key.data = (char *)data.data + 1; key.size = data.size - 1; } - + *bp = (char *)data.data + 1; return (((char *)(data.data))[0] == TCERR ? 1 : 0); } @@ -702,7 +700,7 @@ static FILE *pfp; static int slash; static char **dbp; -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetclose(void) { if (pfp != NULL) { @@ -717,7 +715,7 @@ cgetclose(void) #if 0 /* - * Cgetnext() gets either the first or next entry in the logical database + * Cgetnext() gets either the first or next entry in the logical database * specified by db_array. It returns 0 upon completion of the database, 1 * upon returning an entry with more remaining, and -1 if an error occurs. */ @@ -777,10 +775,10 @@ cgetnext(char **bp, char **db_array) slash = 1; else slash = 0; - } + } - /* + /* * Line points to a name line. */ done = 0; @@ -822,12 +820,12 @@ cgetnext(char **bp, char **db_array) *rp++ = *cp; *rp = '\0'; - /* - * XXX + /* + * XXX * Last argument of getent here should be nbuf if we want true - * sequential access in the case of duplicates. + * sequential access in the case of duplicates. * With NULL, getent will return the first entry found - * rather than the duplicate entry record. This is a + * rather than the duplicate entry record. This is a * matter of semantics that should be resolved. */ status = getent(bp, &dummy, db_array, -1, buf, 0, NULL); @@ -849,14 +847,16 @@ cgetnext(char **bp, char **db_array) * couldn't be found, -2 if a system error was encountered (storage * allocation failure). */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetstr(char *buf, const char *cap, char **str) { u_int m_room; const char *bp; char *mp; int len; - char *mem; + char *mem, *nmem; + + *str = NULL; /* * Find string capability cap @@ -943,8 +943,11 @@ cgetstr(char *buf, const char *cap, char **str) if (m_room == 0) { size_t size = mp - mem; - if ((mem = realloc(mem, size + SFRAG)) == NULL) + if ((nmem = realloc(mem, size + SFRAG)) == NULL) { + free(mem); return (-2); + } + mem = nmem; m_room = SFRAG; mp = mem + size; } @@ -956,9 +959,13 @@ cgetstr(char *buf, const char *cap, char **str) /* * Give back any extra memory and return value and success. */ - if (m_room != 0) - if ((mem = realloc(mem, (size_t)(mp - mem))) == NULL) + if (m_room != 0) { + if ((nmem = realloc(mem, (size_t)(mp - mem))) == NULL) { + free(mem); return (-2); + } + mem = nmem; + } *str = mem; return (len); } @@ -967,13 +974,13 @@ cgetstr(char *buf, const char *cap, char **str) * Cgetustr retrieves the value of the string capability cap from the * capability record pointed to by buf. The difference between cgetustr() * and cgetstr() is that cgetustr does not decode escapes but rather treats - * all characters literally. A pointer to a NUL terminated malloc'd - * copy of the string is returned in the char pointed to by str. The + * all characters literally. A pointer to a NUL terminated malloc'd + * copy of the string is returned in the char pointed to by str. The * length of the string not including the trailing NUL is returned on success, - * -1 if the requested string capability couldn't be found, -2 if a system + * -1 if the requested string capability couldn't be found, -2 if a system * error was encountered (storage allocation failure). */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetustr(char *buf, const char *cap, char **str) { u_int m_room; @@ -1042,7 +1049,7 @@ cgetustr(char *buf, const char *cap, char **str) * the long pointed to by num. 0 is returned on success, -1 if the requested * numeric capability couldn't be found. */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetnum(char *buf, const char *cap, long *num) { long n; @@ -1109,10 +1116,10 @@ nfcmp(char *nf, char *rec) { char *cp, tmp; int ret; - + for (cp = rec; *cp != ':'; cp++) ; - + tmp = *(cp + 1); *(cp + 1) = '\0'; ret = strcmp(nf, rec); diff --git a/lib/roken/getcwd.c b/lib/roken/getcwd.c index a32149c21294..f8917b245b4a 100644 --- a/lib/roken/getcwd.c +++ b/lib/roken/getcwd.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: getcwd.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #ifdef HAVE_UNISTD_H #include @@ -45,7 +42,7 @@ RCSID("$Id: getcwd.c 14773 2005-04-12 11:29:18Z lha $"); #include "roken.h" -char* ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char* ROKEN_LIB_CALL getcwd(char *path, size_t size) { char xxx[MaxPathLen]; diff --git a/lib/roken/getdtablesize.c b/lib/roken/getdtablesize.c index a6ef38b2957f..08c0661faa11 100644 --- a/lib/roken/getdtablesize.c +++ b/lib/roken/getdtablesize.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995-2001 Kungliga Tekniska Högskolan + * Copyright (c) 1995-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: getdtablesize.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" @@ -64,7 +61,7 @@ RCSID("$Id: getdtablesize.c 14773 2005-04-12 11:29:18Z lha $"); #include #endif -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL getdtablesize(void) { int files = -1; @@ -79,7 +76,7 @@ getdtablesize(void) #if defined(HAVE_SYSCTL) && defined(CTL_KERN) && defined(KERN_MAXFILES) int mib[2]; size_t len; - + mib[0] = CTL_KERN; mib[1] = KERN_MAXFILES; len = sizeof(files); @@ -96,7 +93,7 @@ getdtablesize(void) #ifdef NOFILE if (files < 0) files = NOFILE; -#endif - +#endif + return files; } diff --git a/lib/roken/getegid.c b/lib/roken/getegid.c index 57ea19857388..663fb1df1be6 100644 --- a/lib/roken/getegid.c +++ b/lib/roken/getegid.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,16 +31,13 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif + #include "roken.h" #ifndef HAVE_GETEGID -RCSID("$Id: getegid.c 14773 2005-04-12 11:29:18Z lha $"); - -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL getegid(void) { return getgid(); diff --git a/lib/roken/geteuid.c b/lib/roken/geteuid.c index f2f771ede073..598a73929fd0 100644 --- a/lib/roken/geteuid.c +++ b/lib/roken/geteuid.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,16 +31,13 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif + #include "roken.h" #ifndef HAVE_GETEUID -RCSID("$Id: geteuid.c 14773 2005-04-12 11:29:18Z lha $"); - -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL geteuid(void) { return getuid(); diff --git a/lib/roken/getgid.c b/lib/roken/getgid.c index fbe4f6d1d272..b24ceebc892f 100644 --- a/lib/roken/getgid.c +++ b/lib/roken/getgid.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,16 +31,12 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #include "roken.h" #ifndef HAVE_GETGID -RCSID("$Id: getgid.c 14773 2005-04-12 11:29:18Z lha $"); - -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL getgid(void) { return 17; diff --git a/lib/roken/gethostname.c b/lib/roken/gethostname.c index f291ce2cb77c..838909140280 100644 --- a/lib/roken/gethostname.c +++ b/lib/roken/gethostname.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,9 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #include "roken.h" #ifndef HAVE_GETHOSTNAME @@ -49,7 +47,7 @@ * interface is identical to gethostname(2).) */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL gethostname(char *name, int namelen) { #if defined(HAVE_UNAME) diff --git a/lib/roken/getifaddrs-test.c b/lib/roken/getifaddrs-test.c new file mode 100644 index 000000000000..8d0725a68f91 --- /dev/null +++ b/lib/roken/getifaddrs-test.c @@ -0,0 +1,137 @@ +/* + * Copyright (c) 2009 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2009, Secure Endpoints Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include +#include "getarg.h" + +#include "roken.h" + +#include + +static int verbose_counter; +static int version_flag; +static int help_flag; + +static struct getargs args[] = { + {"verbose", 0, arg_counter, &verbose_counter,"verbose", NULL}, + {"version", 0, arg_flag, &version_flag, "print version",NULL}, + {"help", 0, arg_flag, &help_flag, NULL, NULL} +}; + +static void +usage(int ret) +{ + arg_printusage (args, + sizeof(args) / sizeof(args[0]), + NULL, ""); + exit (ret); +} + + +static void +print_addr(const char *s, struct sockaddr *sa) +{ + int i; + printf(" %s=%d/", s, sa->sa_family); +#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN + for(i = 0; i < sa->sa_len - ((long)sa->sa_data - (long)&sa->sa_family); i++) + printf("%02x", ((unsigned char*)sa->sa_data)[i]); +#else + for(i = 0; i < sizeof(sa->sa_data); i++) + printf("%02x", ((unsigned char*)sa->sa_data)[i]); +#endif + printf("\n"); +} + +static void +print_ifaddrs(struct ifaddrs *x) +{ + struct ifaddrs *p; + + for(p = x; p; p = p->ifa_next) { + if (verbose_counter) { + printf("%s\n", p->ifa_name); + printf(" flags=%x\n", p->ifa_flags); + if(p->ifa_addr) + print_addr("addr", p->ifa_addr); + if(p->ifa_dstaddr) + print_addr("dstaddr", p->ifa_dstaddr); + if(p->ifa_netmask) + print_addr("netmask", p->ifa_netmask); + printf(" %p\n", p->ifa_data); + } + } +} + +int +main(int argc, char **argv) +{ + struct ifaddrs *addrs = NULL; + int ret, optidx = 0; + + setprogname (argv[0]); + + if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, + &optidx)) + usage (1); + + if (help_flag) + usage (0); + + if (version_flag) { + fprintf (stderr, "%s from %s-%s\n", getprogname(), PACKAGE, VERSION); + return 0; + } + + if (rk_SOCK_INIT()) + errx(1, "Couldn't initialize sockets. Err=%d\n", rk_SOCK_ERRNO); + + ret = getifaddrs(&addrs); + if (ret != 0) + err(1, "getifaddrs"); + + if (addrs == NULL) + errx(1, "address == NULL"); + + print_ifaddrs(addrs); + + /* Check that freeifaddrs doesn't crash */ + freeifaddrs(addrs); + + rk_SOCK_EXIT(); + + return 0; +} diff --git a/lib/roken/getifaddrs.c b/lib/roken/getifaddrs.c index 485c0d622215..cc949b0b1a89 100644 --- a/lib/roken/getifaddrs.c +++ b/lib/roken/getifaddrs.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2000 - 2002, 2005 Kungliga Tekniska Högskolan + * Copyright (c) 2000 - 2002, 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: getifaddrs.c 21745 2007-07-31 16:11:25Z lha $"); -#endif #include "roken.h" #ifdef __osf__ @@ -95,7 +92,7 @@ struct mbuf; * 3. Neither the name of the author nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -193,9 +190,9 @@ ifa_sa_len(sa_family_t family, int len) return size; } -static void -ifa_make_sockaddr(sa_family_t family, - struct sockaddr *sa, +static void +ifa_make_sockaddr(sa_family_t family, + struct sockaddr *sa, void *p, size_t len, uint32_t scope, uint32_t scopeid) { @@ -227,8 +224,8 @@ ifa_make_sockaddr(sa_family_t family, #ifndef IFA_NETMASK static struct sockaddr * -ifa_make_sockaddr_mask(sa_family_t family, - struct sockaddr *sa, +ifa_make_sockaddr_mask(sa_family_t family, + struct sockaddr *sa, uint32_t prefixlen) { int i; @@ -274,7 +271,7 @@ ifa_make_sockaddr_mask(sa_family_t family, #endif /* ====================================================================== */ -static int +static int nl_sendreq(int sd, int request, int flags, int *seq) { char reqbuf[NLMSG_ALIGN(sizeof(struct nlmsghdr)) + @@ -300,9 +297,9 @@ nl_sendreq(int sd, int request, int flags, int *seq) (struct sockaddr *)&nladdr, sizeof(nladdr))); } -static int -nl_recvmsg(int sd, int request, int seq, - void *buf, size_t buflen, +static int +nl_recvmsg(int sd, int request, int seq, + void *buf, size_t buflen, int *flags) { struct msghdr msg; @@ -327,8 +324,8 @@ nl_recvmsg(int sd, int request, int seq, return read_len; } -static int -nl_getmsg(int sd, int request, int seq, +static int +nl_getmsg(int sd, int request, int seq, struct nlmsghdr **nlhp, int *done) { @@ -447,7 +444,7 @@ nl_getlist(int sd, int seq, } /* ---------------------------------------------------------------------- */ -static void +static void free_nlmsglist(struct nlmsg_list *nlm0) { struct nlmsg_list *nlm, *nlm_next; @@ -464,7 +461,7 @@ free_nlmsglist(struct nlmsg_list *nlm0) __set_errno(saved_errno); } -static void +static void free_data(void *data, void *ifdata) { int saved_errno = errno; @@ -474,7 +471,7 @@ free_data(void *data, void *ifdata) } /* ---------------------------------------------------------------------- */ -static void +static void nl_close(int sd) { int saved_errno = errno; @@ -483,7 +480,7 @@ nl_close(int sd) } /* ---------------------------------------------------------------------- */ -static int +static int nl_open(void) { struct sockaddr_nl nladdr; @@ -501,7 +498,7 @@ nl_open(void) } /* ====================================================================== */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_getifaddrs(struct ifaddrs **ifap) { int sd; @@ -561,7 +558,7 @@ rk_getifaddrs(struct ifaddrs **ifap) NLMSG_ALIGN(sizeof(struct ifaddrs[icnt])) + dlen + xlen + nlen); ifa = (struct ifaddrs *)data; - ifdata = calloc(1, + ifdata = calloc(1, NLMSG_ALIGN(sizeof(char *[max_ifindex+1])) + NLMSG_ALIGN(sizeof(uint16_t [max_ifindex+1]))); if (ifap != NULL) @@ -588,8 +585,8 @@ rk_getifaddrs(struct ifaddrs **ifap) int nlmlen = nlm->size; if (!(nlh0 = nlm->nlh)) continue; - for (nlh = nlh0; - NLMSG_OK(nlh, nlmlen); + for (nlh = nlh0; + NLMSG_OK(nlh, nlmlen); nlh=NLMSG_NEXT(nlh,nlmlen)){ struct ifinfomsg *ifim = NULL; struct ifaddrmsg *ifam = NULL; @@ -635,7 +632,7 @@ rk_getifaddrs(struct ifaddrs **ifap) default: continue; } - + if (!build){ if (max_ifindex < nlm_index) max_ifindex = nlm_index; @@ -826,8 +823,8 @@ rk_getifaddrs(struct ifaddrs **ifap) if (ifa->ifa_name == NULL) ifa->ifa_name = iflist[nlm_index]; #ifndef IFA_NETMASK - if (ifa->ifa_addr && - ifa->ifa_addr->sa_family != AF_UNSPEC && + if (ifa->ifa_addr && + ifa->ifa_addr->sa_family != AF_UNSPEC && ifa->ifa_addr->sa_family != AF_PACKET){ ifa->ifa_netmask = (struct sockaddr *)data; ifa_make_sockaddr_mask(ifa->ifa_addr->sa_family, ifa->ifa_netmask, nlm_prefixlen); @@ -856,6 +853,13 @@ rk_getifaddrs(struct ifaddrs **ifap) return 0; } +void ROKEN_LIB_FUNCTION +rk_freeifaddrs(struct ifaddrs *ifp) +{ + /* AF_NETLINK method uses a single allocation for all interfaces */ + free(ifp); +} + #else /* !AF_NETLINK */ /* @@ -863,7 +867,7 @@ rk_getifaddrs(struct ifaddrs **ifap) */ static int -getifaddrs2(struct ifaddrs **ifap, +getifaddrs2(struct ifaddrs **ifap, int af, int siocgifconf, int siocgifflags, size_t ifreq_sz) { @@ -970,7 +974,7 @@ getifaddrs2(struct ifaddrs **ifap, ret = ENOMEM; goto error_out; } - memcpy((*end)->ifa_broadaddr, &ifr->ifr_broadaddr, + memcpy((*end)->ifa_broadaddr, &ifr->ifr_broadaddr, sizeof(ifr->ifr_broadaddr)); } else if(ifreq.ifr_flags & IFF_POINTOPOINT) { (*end)->ifa_dstaddr = malloc(sizeof(ifr->ifr_dstaddr)); @@ -978,7 +982,7 @@ getifaddrs2(struct ifaddrs **ifap, ret = ENOMEM; goto error_out; } - memcpy((*end)->ifa_dstaddr, &ifr->ifr_dstaddr, + memcpy((*end)->ifa_dstaddr, &ifr->ifr_dstaddr, sizeof(ifr->ifr_dstaddr)); } else (*end)->ifa_dstaddr = NULL; @@ -989,7 +993,7 @@ getifaddrs2(struct ifaddrs **ifap, (*end)->ifa_data = NULL; end = &(*end)->ifa_next; - + } *ifap = start; close(fd); @@ -1005,7 +1009,7 @@ getifaddrs2(struct ifaddrs **ifap, #if defined(HAVE_IPV6) && defined(SIOCGLIFCONF) && defined(SIOCGLIFFLAGS) static int -getlifaddrs2(struct ifaddrs **ifap, +getlifaddrs2(struct ifaddrs **ifap, int af, int siocgifconf, int siocgifflags, size_t ifreq_sz) { @@ -1035,7 +1039,7 @@ getlifaddrs2(struct ifaddrs **ifap, goto error_out; } #ifndef __hpux - ifconf.lifc_family = AF_UNSPEC; + ifconf.lifc_family = af; ifconf.lifc_flags = 0; #endif ifconf.lifc_len = buf_size; @@ -1116,7 +1120,7 @@ getlifaddrs2(struct ifaddrs **ifap, ret = ENOMEM; goto error_out; } - memcpy((*end)->ifa_broadaddr, &ifr->ifr_broadaddr, + memcpy((*end)->ifa_broadaddr, &ifr->ifr_broadaddr, sizeof(ifr->ifr_broadaddr)); } else if(ifreq.ifr_flags & IFF_POINTOPOINT) { (*end)->ifa_dstaddr = malloc(sizeof(ifr->ifr_dstaddr)); @@ -1124,7 +1128,7 @@ getlifaddrs2(struct ifaddrs **ifap, ret = ENOMEM; goto error_out; } - memcpy((*end)->ifa_dstaddr, &ifr->ifr_dstaddr, + memcpy((*end)->ifa_dstaddr, &ifr->ifr_dstaddr, sizeof(ifr->ifr_dstaddr)); } else (*end)->ifa_dstaddr = NULL; @@ -1135,7 +1139,7 @@ getlifaddrs2(struct ifaddrs **ifap, (*end)->ifa_data = NULL; end = &(*end)->ifa_next; - + } *ifap = start; close(fd); @@ -1150,8 +1154,29 @@ getlifaddrs2(struct ifaddrs **ifap, } #endif /* defined(HAVE_IPV6) && defined(SIOCGLIFCONF) && defined(SIOCGLIFFLAGS) */ -int ROKEN_LIB_FUNCTION -rk_getifaddrs(struct ifaddrs **ifap) +/** + * Join two struct ifaddrs lists by appending supp to base. + * Either may be NULL. The new list head (usually base) will be + * returned. + */ +static struct ifaddrs * +append_ifaddrs(struct ifaddrs *base, struct ifaddrs *supp) { + if (!base) + return supp; + + if (!supp) + return base; + + while (base->ifa_next) + base = base->ifa_next; + + base->ifa_next = supp; + + return base; +} + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_getifaddrs(struct ifaddrs **ifap) { int ret = -1; errno = ENXIO; @@ -1161,9 +1186,43 @@ rk_getifaddrs(struct ifaddrs **ifap) sizeof(struct in6_ifreq)); #endif #if defined(HAVE_IPV6) && defined(SIOCGLIFCONF) && defined(SIOCGLIFFLAGS) - if (ret) - ret = getlifaddrs2 (ifap, AF_INET6, SIOCGLIFCONF, SIOCGLIFFLAGS, + /* Do IPv6 and IPv4 queries separately then join the result. + * + * HP-UX only returns IPv6 addresses using SIOCGLIFCONF, + * SIOCGIFCONF has to be used for IPv4 addresses. The result is then + * merged. + * + * Solaris needs particular care, because a SIOCGLIFCONF lookup using + * AF_UNSPEC can fail in a Zone requiring an AF_INET lookup, so we just + * do them separately the same as for HP-UX. See + * http://repo.or.cz/w/heimdal.git/commitdiff/76afc31e9ba2f37e64c70adc006ade9e37e9ef73 + */ + if (ret) { + int v6err, v4err; + struct ifaddrs *v6addrs, *v4addrs; + + v6err = getlifaddrs2 (&v6addrs, AF_INET6, SIOCGLIFCONF, SIOCGLIFFLAGS, sizeof(struct lifreq)); + v4err = getifaddrs2 (&v4addrs, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, + sizeof(struct ifreq)); + if (v6err) + v6addrs = NULL; + if (v4err) + v4addrs = NULL; + + if (v6addrs) { + if (v4addrs) + *ifap = append_ifaddrs(v6addrs, v4addrs); + else + *ifap = v6addrs; + } else if (v4addrs) { + *ifap = v4addrs; + } else { + *ifap = NULL; + } + + ret = (v6err || v4err) ? -1 : 0; + } #endif #if defined(HAVE_IPV6) && defined(SIOCGIFCONF) if (ret) @@ -1178,20 +1237,18 @@ rk_getifaddrs(struct ifaddrs **ifap) return ret; } -#endif /* !AF_NETLINK */ - -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rk_freeifaddrs(struct ifaddrs *ifp) { struct ifaddrs *p, *q; - + for(p = ifp; p; ) { free(p->ifa_name); if(p->ifa_addr) free(p->ifa_addr); - if(p->ifa_dstaddr) + if(p->ifa_dstaddr) free(p->ifa_dstaddr); - if(p->ifa_netmask) + if(p->ifa_netmask) free(p->ifa_netmask); if(p->ifa_data) free(p->ifa_data); @@ -1201,6 +1258,8 @@ rk_freeifaddrs(struct ifaddrs *ifp) } } +#endif /* !AF_NETLINK */ + #ifdef TEST void @@ -1212,25 +1271,25 @@ print_addr(const char *s, struct sockaddr *sa) for(i = 0; i < sa->sa_len - ((long)sa->sa_data - (long)&sa->sa_family); i++) printf("%02x", ((unsigned char*)sa->sa_data)[i]); #else - for(i = 0; i < sizeof(sa->sa_data); i++) + for(i = 0; i < sizeof(sa->sa_data); i++) printf("%02x", ((unsigned char*)sa->sa_data)[i]); #endif printf("\n"); } -void +void print_ifaddrs(struct ifaddrs *x) { struct ifaddrs *p; - + for(p = x; p; p = p->ifa_next) { printf("%s\n", p->ifa_name); printf(" flags=%x\n", p->ifa_flags); if(p->ifa_addr) print_addr("addr", p->ifa_addr); - if(p->ifa_dstaddr) + if(p->ifa_dstaddr) print_addr("dstaddr", p->ifa_dstaddr); - if(p->ifa_netmask) + if(p->ifa_netmask) print_addr("netmask", p->ifa_netmask); printf(" %p\n", p->ifa_data); } diff --git a/lib/roken/getipnodebyaddr.c b/lib/roken/getipnodebyaddr.c index 56ae860aff15..7d4095f1d840 100644 --- a/lib/roken/getipnodebyaddr.c +++ b/lib/roken/getipnodebyaddr.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: getipnodebyaddr.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" @@ -43,7 +40,7 @@ RCSID("$Id: getipnodebyaddr.c 14773 2005-04-12 11:29:18Z lha $"); * to a malloced struct hostent or NULL. */ -struct hostent * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION struct hostent * ROKEN_LIB_CALL getipnodebyaddr (const void *src, size_t len, int af, int *error_num) { struct hostent *tmp; diff --git a/lib/roken/getipnodebyname.c b/lib/roken/getipnodebyname.c index 739b329e21a2..2ff282707c23 100644 --- a/lib/roken/getipnodebyname.c +++ b/lib/roken/getipnodebyname.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: getipnodebyname.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" @@ -47,7 +44,7 @@ static int h_errno = NO_RECOVERY; * to a malloced struct hostent or NULL. */ -struct hostent * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION struct hostent * ROKEN_LIB_CALL getipnodebyname (const char *name, int af, int flags, int *error_num) { struct hostent *tmp; diff --git a/lib/roken/getnameinfo.c b/lib/roken/getnameinfo.c index 4f820f0a74a0..b23ad01ebdd9 100644 --- a/lib/roken/getnameinfo.c +++ b/lib/roken/getnameinfo.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: getnameinfo.c 15412 2005-06-16 16:53:09Z lha $"); -#endif #include "roken.h" @@ -94,7 +91,7 @@ doit (int af, * */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL getnameinfo(const struct sockaddr *sa, socklen_t salen, char *host, size_t hostlen, char *serv, size_t servlen, diff --git a/lib/roken/getnameinfo_verified.c b/lib/roken/getnameinfo_verified.c index 91f938a8b22a..6175291e4575 100644 --- a/lib/roken/getnameinfo_verified.c +++ b/lib/roken/getnameinfo_verified.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: getnameinfo_verified.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" @@ -46,7 +43,7 @@ RCSID("$Id: getnameinfo_verified.c 14773 2005-04-12 11:29:18Z lha $"); * NI_NAMEREQD flag is set or return the numeric address as a string. */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL getnameinfo_verified(const struct sockaddr *sa, socklen_t salen, char *host, size_t hostlen, char *serv, size_t servlen, @@ -56,6 +53,8 @@ getnameinfo_verified(const struct sockaddr *sa, socklen_t salen, struct addrinfo *ai, *a; char servbuf[NI_MAXSERV]; struct addrinfo hints; + void *saaddr; + size_t sasize; if (host == NULL) return EAI_NONAME; @@ -75,9 +74,12 @@ getnameinfo_verified(const struct sockaddr *sa, socklen_t salen, ret = getaddrinfo (host, serv, &hints, &ai); if (ret) goto fail; + + saaddr = socket_get_address(sa); + sasize = socket_addr_size(sa); for (a = ai; a != NULL; a = a->ai_next) { - if (a->ai_addrlen == salen - && memcmp (a->ai_addr, sa, salen) == 0) { + if (sasize == socket_addr_size(a->ai_addr) && + memcmp(saaddr, socket_get_address(a->ai_addr), sasize) == 0) { freeaddrinfo (ai); return 0; } diff --git a/lib/roken/getopt.c b/lib/roken/getopt.c index 12bf138d0263..f035f749747b 100644 --- a/lib/roken/getopt.c +++ b/lib/roken/getopt.c @@ -34,6 +34,9 @@ static char sccsid[] = "@(#)getopt.c 8.1 (Berkeley) 6/4/93"; #ifndef __STDC__ #define const #endif +#include +#include "roken.h" + #include #include #include @@ -41,21 +44,18 @@ static char sccsid[] = "@(#)getopt.c 8.1 (Berkeley) 6/4/93"; /* * get option letter from argument vector */ -int opterr = 1, /* if error message should be printed */ - optind = 1, /* index into parent argv vector */ - optopt, /* character checked for validity */ - optreset; /* reset getopt */ -char *optarg; /* argument associated with option */ +ROKEN_LIB_VARIABLE int opterr = 1; /* if error message should be printed */ +ROKEN_LIB_VARIABLE int optind = 1; /* index into parent argv vector */ +ROKEN_LIB_VARIABLE int optopt; /* character checked for validity */ +int optreset; /* reset getopt */ +ROKEN_LIB_VARIABLE char *optarg; /* argument associated with option */ #define BADCH (int)'?' #define BADARG (int)':' #define EMSG "" -int ROKEN_LIB_FUNCTION -getopt(nargc, nargv, ostr) - int nargc; - char * const *nargv; - const char *ostr; +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +getopt(int nargc, char * const *nargv, const char *ostr) { static char *place = EMSG; /* option letter processing */ char *oli; /* option letter list index */ diff --git a/lib/roken/getprogname.c b/lib/roken/getprogname.c index 6d0bfeec9ba1..a310208a8439 100644 --- a/lib/roken/getprogname.c +++ b/lib/roken/getprogname.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1995-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: getprogname.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" @@ -43,7 +40,7 @@ const char *__progname; #endif #ifndef HAVE_GETPROGNAME -const char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL getprogname(void) { return __progname; diff --git a/lib/roken/gettimeofday.c b/lib/roken/gettimeofday.c index d8e4e750026a..a53b96f4f525 100644 --- a/lib/roken/gettimeofday.c +++ b/lib/roken/gettimeofday.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,25 +31,48 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #include "roken.h" #ifndef HAVE_GETTIMEOFDAY -RCSID("$Id: gettimeofday.c 14773 2005-04-12 11:29:18Z lha $"); +#ifdef _WIN32 + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +gettimeofday (struct timeval *tp, void *ignore) +{ + FILETIME ft; + ULARGE_INTEGER li; + ULONGLONG ull; + + GetSystemTimeAsFileTime(&ft); + li.LowPart = ft.dwLowDateTime; + li.HighPart = ft.dwHighDateTime; + ull = li.QuadPart; + + ull -= 116444736000000000i64; + ull /= 10i64; /* ull is now in microseconds */ + + tp->tv_usec = (ull % 1000000i64); + tp->tv_sec = (ull / 1000000i64); + + return 0; +} + +#else /* * Simple gettimeofday that only returns seconds. */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL gettimeofday (struct timeval *tp, void *ignore) { time_t t; t = time(NULL); - tp->tv_sec = t; + tp->tv_sec = (long) t; tp->tv_usec = 0; return 0; } + +#endif /* !_WIN32 */ #endif diff --git a/lib/roken/getuid.c b/lib/roken/getuid.c index f558ab6815dd..63fdec19d8f8 100644 --- a/lib/roken/getuid.c +++ b/lib/roken/getuid.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,16 +31,12 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #include "roken.h" #ifndef HAVE_GETUID -RCSID("$Id: getuid.c 14773 2005-04-12 11:29:18Z lha $"); - -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL getuid(void) { return 17; diff --git a/lib/roken/getusershell.c b/lib/roken/getusershell.c index 8def1ca10f8a..6f7145d52b02 100644 --- a/lib/roken/getusershell.c +++ b/lib/roken/getusershell.c @@ -27,11 +27,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif - -RCSID("$Id: getusershell.c 21005 2007-06-08 01:54:35Z lha $"); #ifndef HAVE_GETUSERSHELL @@ -85,7 +81,7 @@ static char **initshells (void); /* * Get a list of shells from _PATH_SHELLS, if it exists. */ -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL getusershell() { char *ret; @@ -98,7 +94,7 @@ getusershell() return (ret); } -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL endusershell() { if (shells != NULL) @@ -110,7 +106,7 @@ endusershell() curshell = NULL; } -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL setusershell() { curshell = initshells(); diff --git a/lib/roken/glob.c b/lib/roken/glob.c index 803eda17d1e7..5a7ed65af809 100644 --- a/lib/roken/glob.c +++ b/lib/roken/glob.c @@ -50,14 +50,12 @@ * GLOB_TILDE: * expand ~user/foo to the /home/dir/of/user/foo * GLOB_BRACE: - * expand {1,2}{a,b} to 1a 1b 2a 2b + * expand {1,2}{a,b} to 1a 1b 2a 2b * gl_matchc: * Number of matches in the current invocation of glob. */ -#ifdef HAVE_CONFIG_H #include -#endif #ifdef HAVE_SYS_PARAM_H #include @@ -166,10 +164,10 @@ static int match (Char *, Char *, Char *); static void qprintf (const char *, Char *); #endif -int ROKEN_LIB_FUNCTION -glob(const char *pattern, - int flags, - int (*errfunc)(const char *, int), +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +glob(const char *pattern, + int flags, + int (*errfunc)(const char *, int), glob_t *pglob) { const u_char *patnext; @@ -191,7 +189,7 @@ glob(const char *pattern, bufend = bufnext + MaxPathLen; if (flags & GLOB_QUOTE) { /* Protect the quoted characters. */ - while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) + while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) if (c == CHAR_QUOTE) { if ((c = *patnext++) == CHAR_EOS) { c = CHAR_QUOTE; @@ -202,8 +200,8 @@ glob(const char *pattern, else *bufnext++ = c; } - else - while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) + else + while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) *bufnext++ = c; *bufnext = CHAR_EOS; @@ -240,7 +238,7 @@ static int globexp1(const Char *pattern, glob_t *pglob) * If it succeeds then it invokes globexp1 with the new pattern. * If it fails then it tries to glob the rest of the pattern and returns. */ -static int globexp2(const Char *ptr, const Char *pattern, +static int globexp2(const Char *ptr, const Char *pattern, glob_t *pglob, int *rv) { int i; @@ -260,7 +258,7 @@ static int globexp2(const Char *ptr, const Char *pattern, for (pm = pe++; *pe != CHAR_RBRACKET && *pe != CHAR_EOS; pe++) continue; if (*pe == CHAR_EOS) { - /* + /* * We could not find a matching CHAR_RBRACKET. * Ignore and just look for CHAR_RBRACE */ @@ -288,7 +286,7 @@ static int globexp2(const Char *ptr, const Char *pattern, for (pl = pm++; *pm != CHAR_RBRACKET && *pm != CHAR_EOS; pm++) continue; if (*pm == CHAR_EOS) { - /* + /* * We could not find a matching CHAR_RBRACKET. * Ignore and just look for CHAR_RBRACE */ @@ -313,7 +311,7 @@ static int globexp2(const Char *ptr, const Char *pattern, /* Append the current string */ for (lm = ls; (pl < pm); *lm++ = *pl++) continue; - /* + /* * Append the rest of the pattern after the * closing brace */ @@ -355,15 +353,15 @@ globtilde(const Char *pattern, Char *patbuf, glob_t *pglob) return pattern; /* Copy up to the end of the string or / */ - for (p = pattern + 1, h = (char *) patbuf; *p && *p != CHAR_SLASH; + for (p = pattern + 1, h = (char *) patbuf; *p && *p != CHAR_SLASH; *h++ = *p++) continue; *h = CHAR_EOS; if (((char *) patbuf)[0] == CHAR_EOS) { - /* - * handle a plain ~ or ~/ by expanding $HOME + /* + * handle a plain ~ or ~/ by expanding $HOME * first and then trying the password file */ if ((h = getenv("HOME")) == NULL) { @@ -386,14 +384,14 @@ globtilde(const Char *pattern, Char *patbuf, glob_t *pglob) /* Copy the home directory */ for (b = patbuf; *h; *b++ = *h++) continue; - + /* Append the rest of the pattern */ while ((*b++ = *p++) != CHAR_EOS) continue; return patbuf; } - + /* * The main glob() routine: compiles the pattern (optionally processing @@ -450,7 +448,7 @@ glob0(const Char *pattern, glob_t *pglob) break; case CHAR_STAR: pglob->gl_flags |= GLOB_MAGCHAR; - /* collapse adjacent stars to one, + /* collapse adjacent stars to one, * to avoid exponential behavior */ if (bufnext == patbuf || bufnext[-1] != M_ALL) @@ -470,17 +468,17 @@ glob0(const Char *pattern, glob_t *pglob) return(err); /* - * If there was no match we are going to append the pattern + * If there was no match we are going to append the pattern * if GLOB_NOCHECK was specified or if GLOB_NOMAGIC was specified * and the pattern did not contain any magic characters * GLOB_NOMAGIC is there just for compatibility with csh. */ - if (pglob->gl_pathc == oldpathc && - ((pglob->gl_flags & GLOB_NOCHECK) || + if (pglob->gl_pathc == oldpathc && + ((pglob->gl_flags & GLOB_NOCHECK) || ((pglob->gl_flags & GLOB_NOMAGIC) && !(pglob->gl_flags & GLOB_MAGCHAR)))) return(globextend(pattern, pglob, &limit)); - else if (!(pglob->gl_flags & GLOB_NOSORT)) + else if (!(pglob->gl_flags & GLOB_NOSORT)) qsort(pglob->gl_pathv + pglob->gl_offs + oldpathc, pglob->gl_pathc - oldpathc, sizeof(char *), compare); return(0); @@ -534,7 +532,7 @@ glob2(Char *pathbuf, Char *pathend, Char *pattern, glob_t *pglob, *pathend = CHAR_EOS; if (g_lstat(pathbuf, &sb, pglob)) return(0); - + if (((pglob->gl_flags & GLOB_MARK) && pathend[-1] != CHAR_SEP) && (S_ISDIR(sb.st_mode) || (S_ISLNK(sb.st_mode) && @@ -569,7 +567,7 @@ glob2(Char *pathbuf, Char *pathend, Char *pattern, glob_t *pglob, } static int -glob3(Char *pathbuf, Char *pathend, Char *pattern, Char *restpattern, +glob3(Char *pathbuf, Char *pathend, Char *pattern, Char *restpattern, glob_t *pglob, size_t *limit) { struct dirent *dp; @@ -587,7 +585,7 @@ glob3(Char *pathbuf, Char *pathend, Char *pattern, Char *restpattern, *pathend = CHAR_EOS; errno = 0; - + if ((dirp = g_opendir(pathbuf, pglob)) == NULL) { /* TODO: don't call for ENOENT or ENOTDIR? */ if (pglob->gl_errfunc) { @@ -613,7 +611,7 @@ glob3(Char *pathbuf, Char *pathend, Char *pattern, Char *restpattern, /* Initial CHAR_DOT must be matched literally. */ if (dp->d_name[0] == CHAR_DOT && *pattern != CHAR_DOT) continue; - for (sc = (u_char *) dp->d_name, dc = pathend; + for (sc = (u_char *) dp->d_name, dc = pathend; (*dc++ = *sc++) != CHAR_EOS;) continue; if (!match(pathend, pattern, restpattern)) { @@ -657,7 +655,7 @@ globextend(const Char *path, glob_t *pglob, size_t *limit) const Char *p; newsize = sizeof(*pathv) * (2 + pglob->gl_pathc + pglob->gl_offs); - pathv = pglob->gl_pathv ? + pathv = pglob->gl_pathv ? realloc(pglob->gl_pathv, newsize) : malloc(newsize); if (pathv == NULL) @@ -706,7 +704,7 @@ match(Char *name, Char *pat, Char *patend) case M_ALL: if (pat == patend) return(1); - do + do if (match(name, pat, patend)) return(1); while (*name++ != CHAR_EOS); @@ -741,7 +739,7 @@ match(Char *name, Char *pat, Char *patend) } /* Free allocated data belonging to a glob_t structure. */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL globfree(glob_t *pglob) { int i; @@ -831,7 +829,7 @@ g_Ctoc(const Char *str, char *buf) } #ifdef DEBUG -static void +static void qprintf(const Char *str, Char *s) { Char *p; diff --git a/lib/roken/glob.hin b/lib/roken/glob.hin index ffb6081046fe..a4f16ce5e5d7 100644 --- a/lib/roken/glob.hin +++ b/lib/roken/glob.hin @@ -37,9 +37,11 @@ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL _stdcall #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif diff --git a/lib/roken/h_errno.c b/lib/roken/h_errno.c index 11dcb08ac243..7e49f8008f9a 100644 --- a/lib/roken/h_errno.c +++ b/lib/roken/h_errno.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2001 Kungliga Tekniska Högskolan + * Copyright (c) 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: h_errno.c 10442 2001-08-08 03:47:23Z assar $"); -#endif #ifndef HAVE_H_ERRNO int h_errno = -17; /* Some magic number */ diff --git a/lib/roken/hex-test.c b/lib/roken/hex-test.c index 72aea1ed7135..9a3d10f2870b 100644 --- a/lib/roken/hex-test.c +++ b/lib/roken/hex-test.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2001, 2005 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2001, 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,12 +31,8 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: hex-test.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - #include "roken.h" #include @@ -66,7 +62,7 @@ main(int argc, char **argv) int len; len = hex_encode(t->data, t->len, &str); if(strcmp(str, t->result) != 0) { - fprintf(stderr, "failed test %d: %s != %s\n", numtest, + fprintf(stderr, "failed test %d: %s != %s\n", numtest, str, t->result); numerr++; } diff --git a/lib/roken/hex.c b/lib/roken/hex.c index 89fb0e116ef0..c66b324f7900 100644 --- a/lib/roken/hex.c +++ b/lib/roken/hex.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004-2005 Kungliga Tekniska Högskolan + * Copyright (c) 2004-2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,17 +31,15 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H + #include -RCSID("$Id: hex.c 16504 2006-01-09 17:09:29Z lha $"); -#endif #include "roken.h" #include #include "hex.h" -const static char hexchar[] = "0123456789ABCDEF"; +static const char hexchar[16] = "0123456789ABCDEF"; -static int +static int pos(char c) { const char *p; @@ -52,7 +50,7 @@ pos(char c) return -1; } -ssize_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL hex_encode(const void *data, size_t size, char **str) { const unsigned char *q = data; @@ -60,13 +58,17 @@ hex_encode(const void *data, size_t size, char **str) char *p; /* check for overflow */ - if (size * 2 < size) + if (size * 2 < size) { + *str = NULL; return -1; + } p = malloc(size * 2 + 1); - if (p == NULL) + if (p == NULL) { + *str = NULL; return -1; - + } + for (i = 0; i < size; i++) { p[i * 2] = hexchar[(*q >> 4) & 0xf]; p[i * 2 + 1] = hexchar[*q & 0xf]; @@ -78,20 +80,19 @@ hex_encode(const void *data, size_t size, char **str) return i * 2; } -ssize_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL hex_decode(const char *str, void *data, size_t len) { size_t l; unsigned char *p = data; size_t i; - + l = strlen(str); - + /* check for overflow, same as (l+1)/2 but overflow safe */ if ((l/2) + (l&1) > len) return -1; - i = 0; if (l & 1) { p[0] = pos(str[0]); str++; diff --git a/lib/roken/hex.h b/lib/roken/hex.h index 4c4b8508ed4d..c266268ea088 100644 --- a/lib/roken/hex.h +++ b/lib/roken/hex.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan + * Copyright (c) 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,25 +31,27 @@ * SUCH DAMAGE. */ -/* $Id: hex.h 14773 2005-04-12 11:29:18Z lha $ */ +/* $Id$ */ #ifndef _rk_HEX_H_ #define _rk_HEX_H_ 1 #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif #define hex_encode rk_hex_encode #define hex_decode rk_hex_decode -ssize_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL hex_encode(const void *, size_t, char **); -ssize_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL hex_decode(const char *, void *, size_t); #endif /* _rk_HEX_H_ */ diff --git a/lib/roken/hostent_find_fqdn.c b/lib/roken/hostent_find_fqdn.c index 299ed6d38b46..dc3c17ff22ab 100644 --- a/lib/roken/hostent_find_fqdn.c +++ b/lib/roken/hostent_find_fqdn.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: hostent_find_fqdn.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" @@ -42,7 +39,7 @@ RCSID("$Id: hostent_find_fqdn.c 14773 2005-04-12 11:29:18Z lha $"); * Try to find a fqdn (with `.') in he if possible, else return h_name */ -const char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL hostent_find_fqdn (const struct hostent *he) { const char *ret = he->h_name; diff --git a/lib/roken/hstrerror.c b/lib/roken/hstrerror.c index 32dab23f13d3..70b63016e90a 100644 --- a/lib/roken/hstrerror.c +++ b/lib/roken/hstrerror.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: hstrerror.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #ifndef HAVE_HSTRERROR @@ -67,7 +64,7 @@ extern int h_nerr; #endif -const char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL hstrerror(int herr) { if (0 <= herr && herr < h_nerr) diff --git a/lib/roken/ifaddrs.hin b/lib/roken/ifaddrs.hin index 0951c8cbc1b2..ef00b63bad6d 100644 --- a/lib/roken/ifaddrs.hin +++ b/lib/roken/ifaddrs.hin @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 Kungliga Tekniska Högskolan + * Copyright (c) 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,16 +31,18 @@ * SUCH DAMAGE. */ -/* $Id: ifaddrs.hin 19309 2006-12-11 18:58:15Z lha $ */ +/* $Id$ */ #ifndef __ifaddrs_h__ #define __ifaddrs_h__ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL _stdcall #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif diff --git a/lib/roken/inet_aton.c b/lib/roken/inet_aton.c index 3010935045f2..31644a0cd36c 100644 --- a/lib/roken/inet_aton.c +++ b/lib/roken/inet_aton.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,17 +31,14 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: inet_aton.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" /* Minimal implementation of inet_aton. * Cannot distinguish between failure and a local broadcast address. */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL inet_aton(const char *cp, struct in_addr *addr) { addr->s_addr = inet_addr(cp); diff --git a/lib/roken/inet_ntop.c b/lib/roken/inet_ntop.c index 7433c3725e28..b3c327cc3e58 100644 --- a/lib/roken/inet_ntop.c +++ b/lib/roken/inet_ntop.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: inet_ntop.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include "roken.h" @@ -86,6 +83,7 @@ inet_ntop_v6 (const void *src, char *dst, size_t size) const struct in6_addr *addr = (struct in6_addr *)src; const u_char *ptr = addr->s6_addr; const char *orig_dst = dst; + int compressed = 0; if (size < INET6_ADDRSTRLEN) { errno = ENOSPC; @@ -94,6 +92,26 @@ inet_ntop_v6 (const void *src, char *dst, size_t size) for (i = 0; i < 8; ++i) { int non_zerop = 0; + if (compressed == 0 && + ptr[0] == 0 && ptr[1] == 0 && + i <= 5 && + ptr[2] == 0 && ptr[3] == 0 && + ptr[4] == 0 && ptr[5] == 0) { + + compressed = 1; + + if (i == 0) + *dst++ = ':'; + *dst++ = ':'; + + for (ptr += 6, i += 3; + i < 8 && ptr[0] == 0 && ptr[1] == 0; + ++i, ptr += 2); + + if (i >= 8) + break; + } + if (non_zerop || (ptr[0] >> 4)) { *dst++ = xdigits[ptr[0] >> 4]; non_zerop = 1; @@ -116,7 +134,7 @@ inet_ntop_v6 (const void *src, char *dst, size_t size) } #endif /* HAVE_IPV6 */ -const char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL inet_ntop(int af, const void *src, char *dst, size_t size) { switch (af) { diff --git a/lib/roken/inet_pton.c b/lib/roken/inet_pton.c index 390233a72d01..e44fb1925ad9 100644 --- a/lib/roken/inet_pton.c +++ b/lib/roken/inet_pton.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,79 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: inet_pton.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include "roken.h" -int ROKEN_LIB_FUNCTION +#ifdef HAVE_WINSOCK + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +inet_pton(int af, const char *csrc, void *dst) +{ + char * src; + + if (csrc == NULL || (src = strdup(csrc)) == NULL) { + _set_errno( ENOMEM ); + return 0; + } + + switch (af) { + case AF_INET: + { + struct sockaddr_in si4; + INT r; + INT s = sizeof(si4); + + si4.sin_family = AF_INET; + r = WSAStringToAddress(src, AF_INET, NULL, (LPSOCKADDR) &si4, &s); + free(src); + src = NULL; + + if (r == 0) { + memcpy(dst, &si4.sin_addr, sizeof(si4.sin_addr)); + return 1; + } + } + break; + + case AF_INET6: + { + struct sockaddr_in6 si6; + INT r; + INT s = sizeof(si6); + + si6.sin6_family = AF_INET6; + r = WSAStringToAddress(src, AF_INET6, NULL, (LPSOCKADDR) &si6, &s); + free(src); + src = NULL; + + if (r == 0) { + memcpy(dst, &si6.sin6_addr, sizeof(si6.sin6_addr)); + return 1; + } + } + break; + + default: + _set_errno( EAFNOSUPPORT ); + return -1; + } + + /* the call failed */ + { + int le = WSAGetLastError(); + + if (le == WSAEINVAL) + return 0; + + _set_errno(le); + return -1; + } +} + +#else /* !HAVE_WINSOCK */ + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL inet_pton(int af, const char *src, void *dst) { if (af != AF_INET) { @@ -47,3 +112,5 @@ inet_pton(int af, const char *src, void *dst) } return inet_aton (src, dst); } + +#endif diff --git a/lib/roken/initgroups.c b/lib/roken/initgroups.c index f326e5f1fd2d..2ba944c1ac04 100644 --- a/lib/roken/initgroups.c +++ b/lib/roken/initgroups.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: initgroups.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL initgroups(const char *name, gid_t basegid) { return 0; diff --git a/lib/roken/innetgr.c b/lib/roken/innetgr.c index 598bad21c2ac..e1783bbfb4cd 100644 --- a/lib/roken/innetgr.c +++ b/lib/roken/innetgr.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -30,17 +30,13 @@ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #include "roken.h" #ifndef HAVE_INNETGR -RCSID("$Id: innetgr.c 14773 2005-04-12 11:29:18Z lha $"); - -int ROKEN_LIB_FUNCTION -innetgr(const char *netgroup, const char *machine, +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +innetgr(const char *netgroup, const char *machine, const char *user, const char *domain) { return 0; diff --git a/lib/roken/iruserok.c b/lib/roken/iruserok.c index ca93e1cc5eb5..95f654681ec8 100644 --- a/lib/roken/iruserok.c +++ b/lib/roken/iruserok.c @@ -27,10 +27,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: iruserok.c 17879 2006-08-08 21:50:40Z lha $"); -#endif #include #include @@ -217,7 +214,7 @@ __ivaliduser(FILE *hostf, unsigned raddr, const char *luser, * * Returns 0 if ok, -1 if not ok. */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL iruserok(unsigned raddr, int superuser, const char *ruser, const char *luser) { char *cp; diff --git a/lib/roken/issuid.c b/lib/roken/issuid.c index 46bde77b7854..ea0db803e2e5 100644 --- a/lib/roken/issuid.c +++ b/lib/roken/issuid.c @@ -1,44 +1,41 @@ /* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: issuid.c 15131 2005-05-13 07:42:03Z lha $"); -#endif #include "roken.h" -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL issuid(void) { #if defined(HAVE_ISSETUGID) diff --git a/lib/roken/k_getpwnam.c b/lib/roken/k_getpwnam.c index 81eba2869206..c0db757c43a0 100644 --- a/lib/roken/k_getpwnam.c +++ b/lib/roken/k_getpwnam.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,17 +31,14 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: k_getpwnam.c 14773 2005-04-12 11:29:18Z lha $"); -#endif /* HAVE_CONFIG_H */ #include "roken.h" #ifdef HAVE_SHADOW_H #include #endif -struct passwd * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION struct passwd * ROKEN_LIB_CALL k_getpwnam (const char *user) { struct passwd *p; diff --git a/lib/roken/k_getpwuid.c b/lib/roken/k_getpwuid.c index 7fe03b98f8cf..d533738d9d09 100644 --- a/lib/roken/k_getpwuid.c +++ b/lib/roken/k_getpwuid.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,17 +31,14 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: k_getpwuid.c 14773 2005-04-12 11:29:18Z lha $"); -#endif /* HAVE_CONFIG_H */ #include "roken.h" #ifdef HAVE_SHADOW_H #include #endif -struct passwd * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION struct passwd * ROKEN_LIB_CALL k_getpwuid (uid_t uid) { struct passwd *p; diff --git a/lib/roken/localtime_r.c b/lib/roken/localtime_r.c index ad515c146566..fa3d1269d64a 100644 --- a/lib/roken/localtime_r.c +++ b/lib/roken/localtime_r.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2000 Kungliga Tekniska Högskolan + * Copyright (c) 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: localtime_r.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include #include @@ -42,16 +39,22 @@ RCSID("$Id: localtime_r.c 14773 2005-04-12 11:29:18Z lha $"); #ifndef HAVE_LOCALTIME_R -struct tm * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION struct tm * ROKEN_LIB_CALL localtime_r(const time_t *timer, struct tm *result) { +#ifdef _MSC_VER + + return (localtime_s(result, timer) == 0)? result : NULL; + +#else struct tm *tm; - + tm = localtime((time_t *)timer); if (tm == NULL) return NULL; *result = *tm; return result; +#endif } #endif diff --git a/lib/roken/lstat.c b/lib/roken/lstat.c index 9357e1234587..469258850626 100644 --- a/lib/roken/lstat.c +++ b/lib/roken/lstat.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: lstat.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL lstat(const char *path, struct stat *buf) { return stat(path, buf); diff --git a/lib/roken/memmove.c b/lib/roken/memmove.c index 5f78ac293fdd..1825d7eb3c68 100644 --- a/lib/roken/memmove.c +++ b/lib/roken/memmove.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,20 +31,17 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: memmove.c 14773 2005-04-12 11:29:18Z lha $"); -#endif -/* - * memmove for systems that doesn't have it +/* + * memmove for systems that doesn't have it */ #ifdef HAVE_SYS_TYPES_H #include #endif -void* ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void* ROKEN_LIB_CALL memmove(void *s1, const void *s2, size_t n) { char *s=(char*)s2, *d=(char*)s1; diff --git a/lib/roken/mini_inetd.c b/lib/roken/mini_inetd.c index 9eb114d74e7f..a9398f4fdac3 100644 --- a/lib/roken/mini_inetd.c +++ b/lib/roken/mini_inetd.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: mini_inetd.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include #include "roken.h" @@ -44,62 +41,93 @@ RCSID("$Id: mini_inetd.c 14773 2005-04-12 11:29:18Z lha $"); */ static void -accept_it (int s) +accept_it (rk_socket_t s, rk_socket_t *ret_socket) { - int s2; + rk_socket_t as; - s2 = accept(s, NULL, NULL); - if(s2 < 0) + as = accept(s, NULL, NULL); + if(rk_IS_BAD_SOCKET(as)) err (1, "accept"); - close(s); - dup2(s2, STDIN_FILENO); - dup2(s2, STDOUT_FILENO); - /* dup2(s2, STDERR_FILENO); */ - close(s2); + + if (ret_socket) { + + *ret_socket = as; + + } else { + int fd = socket_to_fd(as, 0); + + /* We would use _O_RDONLY for the socket_to_fd() call for + STDIN, but there are instances where we assume that STDIN + is a r/w socket. */ + + dup2(fd, STDIN_FILENO); + dup2(fd, STDOUT_FILENO); + + rk_closesocket(as); + } } -/* - * Listen on a specified port, emulating inetd. +/** + * Listen on a specified addresses + * + * Listens on the specified addresses for incoming connections. If + * the \a ret_socket parameter is \a NULL, on return STDIN and STDOUT + * will be connected to an accepted socket. If the \a ret_socket + * parameter is non-NULL, the accepted socket will be returned in + * *ret_socket. In the latter case, STDIN and STDOUT will be left + * unmodified. + * + * This function does not return if there is an error or if no + * connection is established. + * + * @param[in] ai Addresses to listen on + * @param[out] ret_socket If non-NULL receives the accepted socket. + * + * @see mini_inetd() */ - -void ROKEN_LIB_FUNCTION -mini_inetd_addrinfo (struct addrinfo *ai) +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +mini_inetd_addrinfo (struct addrinfo *ai, rk_socket_t *ret_socket) { int ret; struct addrinfo *a; int n, nalloc, i; - int *fds; + rk_socket_t *fds; fd_set orig_read_set, read_set; - int max_fd = -1; + rk_socket_t max_fd = (rk_socket_t)-1; for (nalloc = 0, a = ai; a != NULL; a = a->ai_next) ++nalloc; fds = malloc (nalloc * sizeof(*fds)); - if (fds == NULL) + if (fds == NULL) { errx (1, "mini_inetd: out of memory"); + UNREACHABLE(return); + } FD_ZERO(&orig_read_set); for (i = 0, a = ai; a != NULL; a = a->ai_next) { fds[i] = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (fds[i] < 0) { - warn ("socket af = %d", a->ai_family); + if (rk_IS_BAD_SOCKET(fds[i])) continue; - } socket_set_reuseaddr (fds[i], 1); - if (bind (fds[i], a->ai_addr, a->ai_addrlen) < 0) { + socket_set_ipv6only(fds[i], 1); + if (rk_IS_SOCKET_ERROR(bind (fds[i], a->ai_addr, a->ai_addrlen))) { warn ("bind af = %d", a->ai_family); - close(fds[i]); + rk_closesocket(fds[i]); + fds[i] = rk_INVALID_SOCKET; continue; } - if (listen (fds[i], SOMAXCONN) < 0) { + if (rk_IS_SOCKET_ERROR(listen (fds[i], SOMAXCONN))) { warn ("listen af = %d", a->ai_family); - close(fds[i]); + rk_closesocket(fds[i]); + fds[i] = rk_INVALID_SOCKET; continue; } +#ifndef NO_LIMIT_FD_SETSIZE if (fds[i] >= FD_SETSIZE) errx (1, "fd too large"); +#endif FD_SET(fds[i], &orig_read_set); max_fd = max(max_fd, fds[i]); ++i; @@ -112,20 +140,40 @@ mini_inetd_addrinfo (struct addrinfo *ai) read_set = orig_read_set; ret = select (max_fd + 1, &read_set, NULL, NULL, NULL); - if (ret < 0 && errno != EINTR) + if (rk_IS_SOCKET_ERROR(ret) && rk_SOCK_ERRNO != EINTR) err (1, "select"); } while (ret <= 0); for (i = 0; i < n; ++i) if (FD_ISSET (fds[i], &read_set)) { - accept_it (fds[i]); + accept_it (fds[i], ret_socket); + for (i = 0; i < n; ++i) + rk_closesocket(fds[i]); + free(fds); return; } abort (); } -void ROKEN_LIB_FUNCTION -mini_inetd (int port) +/** + * Listen on a specified port + * + * Listens on the specified port for incoming connections. If the \a + * ret_socket parameter is \a NULL, on return STDIN and STDOUT will be + * connected to an accepted socket. If the \a ret_socket parameter is + * non-NULL, the accepted socket will be returned in *ret_socket. In + * the latter case, STDIN and STDOUT will be left unmodified. + * + * This function does not return if there is an error or if no + * connection is established. + * + * @param[in] port Port to listen on + * @param[out] ret_socket If non-NULL receives the accepted socket. + * + * @see mini_inetd_addrinfo() + */ +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +mini_inetd(int port, rk_socket_t * ret_socket) { int error; struct addrinfo *ai, hints; @@ -142,7 +190,8 @@ mini_inetd (int port) if (error) errx (1, "getaddrinfo: %s", gai_strerror (error)); - mini_inetd_addrinfo(ai); - + mini_inetd_addrinfo(ai, ret_socket); + freeaddrinfo(ai); } + diff --git a/lib/roken/mkstemp.c b/lib/roken/mkstemp.c index ccb2e700b895..a3ca6c717f05 100644 --- a/lib/roken/mkstemp.c +++ b/lib/roken/mkstemp.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,9 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #include #ifdef HAVE_UNISTD_H @@ -44,11 +42,11 @@ #endif #include -RCSID("$Id: mkstemp.c 14773 2005-04-12 11:29:18Z lha $"); +#include #ifndef HAVE_MKSTEMP -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL mkstemp(char *template) { int start, i; @@ -60,7 +58,7 @@ mkstemp(char *template) val /= 10; start--; } - + do{ int fd; fd = open(template, O_RDWR | O_CREAT | O_EXCL, 0600); diff --git a/lib/roken/ndbm_wrap.c b/lib/roken/ndbm_wrap.c index 8bc5d93e48fe..73a3726d0f02 100644 --- a/lib/roken/ndbm_wrap.c +++ b/lib/roken/ndbm_wrap.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2002 Kungliga Tekniska Högskolan + * Copyright (c) 2002 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,13 +31,14 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: ndbm_wrap.c 21634 2007-07-17 11:30:36Z lha $"); -#endif #include "ndbm_wrap.h" -#if defined(HAVE_DB4_DB_H) +#if defined(HAVE_DBHEADER) +#include +#elif defined(HAVE_DB5_DB_H) +#include +#elif defined(HAVE_DB4_DB_H) #include #elif defined(HAVE_DB3_DB_H) #include @@ -63,7 +64,7 @@ static DBC *cursor; #define D(X) ((DB*)(X)) -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL dbm_close (DBM *db) { #ifdef HAVE_DB3 @@ -74,7 +75,7 @@ dbm_close (DBM *db) #endif } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL dbm_delete (DBM *db, datum dkey) { DBT key; @@ -92,9 +93,9 @@ dbm_fetch (DBM *db, datum dkey) datum dvalue; DBT key, value; DATUM2DBT(&dkey, &key); - if(D(db)->get(D(db), + if(D(db)->get(D(db), #ifdef HAVE_DB3 - NULL, + NULL, #endif &key, &value, 0) != 0) { dvalue.dptr = NULL; @@ -112,15 +113,16 @@ dbm_get (DB *db, int flags) DBT key, value; datum datum; #ifdef HAVE_DB3 - if(cursor == NULL) + if(cursor == NULL) db->cursor(db, NULL, &cursor, 0); if(cursor->c_get(cursor, &key, &value, flags) != 0) { datum.dptr = NULL; datum.dsize = 0; - } else + } else DBT2DATUM(&value, &datum); #else db->seq(db, &key, &value, flags); + DBT2DATUM(&value, &datum); #endif return datum; } @@ -132,23 +134,25 @@ dbm_get (DB *db, int flags) #define DB_KEYEXIST 1 #endif -datum ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION datum ROKEN_LIB_CALL dbm_firstkey (DBM *db) { return dbm_get(D(db), DB_FIRST); } -datum ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION datum ROKEN_LIB_CALL dbm_nextkey (DBM *db) { return dbm_get(D(db), DB_NEXT); } -DBM* ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION DBM* ROKEN_LIB_CALL dbm_open (const char *file, int flags, mode_t mode) { - DB *db; +#ifdef HAVE_DB3 int myflags = 0; +#endif + DB *db; char *fn = malloc(strlen(file) + 4); if(fn == NULL) return NULL; @@ -187,7 +191,7 @@ dbm_open (const char *file, int flags, mode_t mode) return (DBM*)db; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL dbm_store (DBM *db, datum dkey, datum dvalue, int flags) { int ret; @@ -196,10 +200,10 @@ dbm_store (DBM *db, datum dkey, datum dvalue, int flags) if((flags & DBM_REPLACE) == 0) myflags |= DB_NOOVERWRITE; DATUM2DBT(&dkey, &key); - DATUM2DBT(&dvalue, &value); - ret = D(db)->put(D(db), + DATUM2DBT(&dvalue, &value); + ret = D(db)->put(D(db), #ifdef HAVE_DB3 - NULL, + NULL, #endif &key, &value, myflags); if(ret == DB_KEYEXIST) @@ -207,13 +211,13 @@ dbm_store (DBM *db, datum dkey, datum dvalue, int flags) RETURN(ret); } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL dbm_error (DBM *db) { return 0; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL dbm_clearerr (DBM *db) { return 0; diff --git a/lib/roken/ndbm_wrap.h b/lib/roken/ndbm_wrap.h index 414940249dba..a2ec4f20609b 100644 --- a/lib/roken/ndbm_wrap.h +++ b/lib/roken/ndbm_wrap.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 2002 Kungliga Tekniska Högskolan + * Copyright (c) 2002 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: ndbm_wrap.h 14773 2005-04-12 11:29:18Z lha $ */ +/* $Id$ */ #ifndef __ndbm_wrap_h__ #define __ndbm_wrap_h__ @@ -41,9 +41,11 @@ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif @@ -78,14 +80,14 @@ typedef struct { } DBM; #endif -int ROKEN_LIB_FUNCTION dbm_clearerr (DBM*); -void ROKEN_LIB_FUNCTION dbm_close (DBM*); -int ROKEN_LIB_FUNCTION dbm_delete (DBM*, datum); -int ROKEN_LIB_FUNCTION dbm_error (DBM*); -datum ROKEN_LIB_FUNCTION dbm_fetch (DBM*, datum); -datum ROKEN_LIB_FUNCTION dbm_firstkey (DBM*); -datum ROKEN_LIB_FUNCTION dbm_nextkey (DBM*); -DBM* ROKEN_LIB_FUNCTION dbm_open (const char*, int, mode_t); -int ROKEN_LIB_FUNCTION dbm_store (DBM*, datum, datum, int); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL dbm_clearerr (DBM*); +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL dbm_close (DBM*); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL dbm_delete (DBM*, datum); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL dbm_error (DBM*); +ROKEN_LIB_FUNCTION datum ROKEN_LIB_CALL dbm_fetch (DBM*, datum); +ROKEN_LIB_FUNCTION datum ROKEN_LIB_CALL dbm_firstkey (DBM*); +ROKEN_LIB_FUNCTION datum ROKEN_LIB_CALL dbm_nextkey (DBM*); +ROKEN_LIB_FUNCTION DBM* ROKEN_LIB_CALL dbm_open (const char*, int, mode_t); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL dbm_store (DBM*, datum, datum, int); #endif /* __ndbm_wrap_h__ */ diff --git a/lib/roken/net_read.c b/lib/roken/net_read.c index effc00112b7d..df1ac53def10 100644 --- a/lib/roken/net_read.c +++ b/lib/roken/net_read.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: net_read.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include -#include #include "roken.h" @@ -46,19 +39,17 @@ RCSID("$Id: net_read.c 21005 2007-06-08 01:54:35Z lha $"); * Like read but never return partial data. */ -ssize_t ROKEN_LIB_FUNCTION -net_read (int fd, void *buf, size_t nbytes) +#ifndef _WIN32 + +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL +net_read (rk_socket_t fd, void *buf, size_t nbytes) { char *cbuf = (char *)buf; ssize_t count; size_t rem = nbytes; while (rem > 0) { -#ifdef WIN32 - count = recv (fd, cbuf, rem, 0); -#else count = read (fd, cbuf, rem); -#endif if (count < 0) { if (errno == EINTR) continue; @@ -72,3 +63,56 @@ net_read (int fd, void *buf, size_t nbytes) } return nbytes; } + +#else + +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL +net_read(rk_socket_t sock, void *buf, size_t nbytes) +{ + char *cbuf = (char *)buf; + ssize_t count; + size_t rem = nbytes; + +#ifdef SOCKET_IS_NOT_AN_FD + int use_read = 0; +#endif + + while (rem > 0) { +#ifdef SOCKET_IS_NOT_AN_FD + if (use_read) + count = _read (sock, cbuf, rem); + else + count = recv (sock, cbuf, rem, 0); + + if (use_read == 0 && + rk_IS_SOCKET_ERROR(count) && + (rk_SOCK_ERRNO == WSANOTINITIALISED || + rk_SOCK_ERRNO == WSAENOTSOCK)) { + use_read = 1; + + count = _read (sock, cbuf, rem); + } +#else + count = recv (sock, cbuf, rem, 0); +#endif + if (count < 0) { + + /* With WinSock, the error EINTR (WSAEINTR), is used to + indicate that a blocking call was cancelled using + WSACancelBlockingCall(). */ + +#ifndef HAVE_WINSOCK + if (rk_SOCK_ERRNO == EINTR) + continue; +#endif + return count; + } else if (count == 0) { + return count; + } + cbuf += count; + rem -= count; + } + return nbytes; +} + +#endif diff --git a/lib/roken/net_write.c b/lib/roken/net_write.c index a68317f61247..e1cfa99074ee 100644 --- a/lib/roken/net_write.c +++ b/lib/roken/net_write.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: net_write.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include -#include #include "roken.h" @@ -46,18 +39,58 @@ RCSID("$Id: net_write.c 21005 2007-06-08 01:54:35Z lha $"); * Like write but never return partial data. */ -ssize_t ROKEN_LIB_FUNCTION -net_write (int fd, const void *buf, size_t nbytes) +#ifndef _WIN32 + +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL +net_write (rk_socket_t fd, const void *buf, size_t nbytes) { const char *cbuf = (const char *)buf; ssize_t count; size_t rem = nbytes; while (rem > 0) { -#ifdef WIN32 - count = send (fd, cbuf, rem, 0); -#else count = write (fd, cbuf, rem); + if (count < 0) { + if (errno == EINTR) + continue; + else + return count; + } + cbuf += count; + rem -= count; + } + return nbytes; +} + +#else + +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL +net_write(rk_socket_t sock, const void *buf, size_t nbytes) +{ + const char *cbuf = (const char *)buf; + ssize_t count; + size_t rem = nbytes; +#ifdef SOCKET_IS_NOT_AN_FD + int use_write = 0; +#endif + + while (rem > 0) { +#ifdef SOCKET_IS_NOT_AN_FD + if (use_write) + count = _write (sock, cbuf, rem); + else + count = send (sock, cbuf, rem, 0); + + if (use_write == 0 && + rk_IS_SOCKET_ERROR(count) && + (rk_SOCK_ERRNO == WSANOTINITIALISED || + rk_SOCK_ERRNO == WSAENOTSOCK)) { + use_write = 1; + + count = _write (sock, cbuf, rem); + } +#else + count = send (sock, cbuf, rem, 0); #endif if (count < 0) { if (errno == EINTR) @@ -70,3 +103,5 @@ net_write (int fd, const void *buf, size_t nbytes) } return nbytes; } + +#endif diff --git a/lib/roken/parse_bytes-test.c b/lib/roken/parse_bytes-test.c index 5e55b307c163..3c42cb1827cb 100644 --- a/lib/roken/parse_bytes-test.c +++ b/lib/roken/parse_bytes-test.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: parse_bytes-test.c 10655 2001-09-04 09:56:00Z assar $"); -#endif #include "roken.h" #include "parse_bytes.h" @@ -82,7 +79,7 @@ main(int argc, char **argv) tests[i].val, buf, tests[i].str); ++ret; } - } + } } if (ret) { printf ("%d errors\n", ret); diff --git a/lib/roken/parse_bytes.c b/lib/roken/parse_bytes.c index 4ab02b41557c..561079afc027 100644 --- a/lib/roken/parse_bytes.c +++ b/lib/roken/parse_bytes.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: parse_bytes.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include #include "parse_bytes.h" @@ -59,19 +56,19 @@ static struct units bytes_short_units[] = { { NULL, 0 } }; -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL parse_bytes (const char *s, const char *def_unit) { return parse_units (s, bytes_units, def_unit); } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unparse_bytes (int t, char *s, size_t len) { return unparse_units (t, bytes_units, s, len); } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unparse_bytes_short (int t, char *s, size_t len) { return unparse_units_approx (t, bytes_short_units, s, len); diff --git a/lib/roken/parse_bytes.h b/lib/roken/parse_bytes.h index 1998f70736ad..8a88eca49b1d 100644 --- a/lib/roken/parse_bytes.h +++ b/lib/roken/parse_bytes.h @@ -1,56 +1,58 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: parse_bytes.h 14787 2005-04-13 13:19:07Z lha $ */ +/* $Id$ */ #ifndef __PARSE_BYTES_H__ #define __PARSE_BYTES_H__ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL parse_bytes (const char *s, const char *def_unit); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unparse_bytes (int t, char *s, size_t len); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unparse_bytes_short (int t, char *s, size_t len); #endif /* __PARSE_BYTES_H__ */ diff --git a/lib/roken/parse_reply-test.c b/lib/roken/parse_reply-test.c index f6342efd7e35..5e40b8185021 100644 --- a/lib/roken/parse_reply-test.c +++ b/lib/roken/parse_reply-test.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: parse_reply-test.c 15287 2005-05-29 21:21:12Z lha $"); -#endif #include #ifdef HAVE_SYS_MMAN_H diff --git a/lib/roken/parse_time-test.c b/lib/roken/parse_time-test.c index 0ce7063b381f..851764d28e56 100644 --- a/lib/roken/parse_time-test.c +++ b/lib/roken/parse_time-test.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: parse_time-test.c 15028 2005-04-30 14:48:29Z lha $"); -#endif #include "roken.h" #include "parse_time.h" @@ -43,8 +40,8 @@ RCSID("$Id: parse_time-test.c 15028 2005-04-30 14:48:29Z lha $"); static struct testcase { size_t size; - time_t val; - char *str; + int val; + char *str; } tests[] = { { 8, 1, "1 second" }, { 17, 61, "1 minute 1 second" }, @@ -69,7 +66,7 @@ main(int argc, char **argv) if (sz != tests[i].size) errx(1, "sz (%lu) != tests[%d].size (%lu)", (unsigned long)sz, i, (unsigned long)tests[i].size); - + for (buf_sz = 0; buf_sz < tests[i].size + 2; buf_sz++) { buf = rk_test_mem_alloc(RK_TM_OVERRUN, "overrun", @@ -77,7 +74,7 @@ main(int argc, char **argv) sz = unparse_time(tests[i].val, buf, buf_sz); if (sz != tests[i].size) errx(1, "sz (%lu) != tests[%d].size (%lu) with in size %lu", - (unsigned long)sz, i, + (unsigned long)sz, i, (unsigned long)tests[i].size, (unsigned long)buf_sz); if (buf_sz > 0 && memcmp(buf, tests[i].str, buf_sz - 1) != 0) @@ -86,20 +83,21 @@ main(int argc, char **argv) errx(1, "test %i not zero terminated", i); rk_test_mem_free("overrun"); - buf = rk_test_mem_alloc(RK_TM_UNDERRUN, "underrun", + buf = rk_test_mem_alloc(RK_TM_UNDERRUN, "underrun", NULL, tests[i].size); - sz = unparse_time(tests[i].val, buf, buf_sz); + sz = unparse_time(tests[i].val, buf, min(buf_sz, tests[i].size)); if (sz != tests[i].size) errx(1, "sz (%lu) != tests[%d].size (%lu) with insize %lu", (unsigned long)sz, i, (unsigned long)tests[i].size, (unsigned long)buf_sz); - if (buf_sz > 0 && strncmp(buf, tests[i].str, buf_sz - 1) != 0) + if (buf_sz > 0 && strncmp(buf, tests[i].str, min(buf_sz, tests[i].size) - 1) != 0) errx(1, "test %i wrong result %s vs %s", i, buf, tests[i].str); - if (buf_sz > 0 && buf[buf_sz - 1] != '\0') + if (buf_sz > 0 && buf[min(buf_sz, tests[i].size) - 1] != '\0') errx(1, "test %i not zero terminated", i); rk_test_mem_free("underrun"); } + buf = rk_test_mem_alloc(RK_TM_OVERRUN, "overrun", tests[i].str, tests[i].size + 1); j = parse_time(buf, "s"); @@ -113,6 +111,7 @@ main(int argc, char **argv) if (j != tests[i].val) errx(1, "parse_time failed for test %d", i); rk_test_mem_free("underrun"); + } return 0; } diff --git a/lib/roken/parse_time.3 b/lib/roken/parse_time.3 index f7a801b51f69..da326cb3bc21 100644 --- a/lib/roken/parse_time.3 +++ b/lib/roken/parse_time.3 @@ -1,34 +1,34 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. +.\" Copyright (c) 2004 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. .\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: .\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. .\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. .\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. .\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" $Id: parse_time.3 14325 2004-10-30 22:34:28Z lha $ +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" $Id$ .\" .Dd October 31, 2004 .Dt PARSE_TIME 3 @@ -52,13 +52,13 @@ The roken library (libroken, -lroken) .Ft size_t .Fn unparse_time_approx "int seconds" "char *buf" "size_t len" .Sh DESCRIPTION -The +The .Fn parse_time function converts a the period of time specified in into a number of seconds. -The +The .Fa timespec -can be any number of +can be any number of .Aq number unit pairs separated by comma and whitespace. The number can be negative. Number without explicit units are taken as being @@ -68,12 +68,12 @@ The .Fn unparse_time and .Fn unparse_time_approx -does the opposite of +does the opposite of .Fn parse_time , that is they take a number of seconds and express that as human -readable string. +readable string. .Fa unparse_time -produces an exact time, while +produces an exact time, while .Fa unparse_time_approx restricts the result to only include one units. .Pp @@ -99,13 +99,13 @@ Units names can be arbitrarily abbreviated (as long as they are unique). .Sh RETURN VALUES .Fn parse_time -returns the number of seconds that represents the expression in +returns the number of seconds that represents the expression in .Fa timespec or -1 on error. .Fn unparse_time -and -.Fn unparse_time_approx -return the number of characters written to +and +.Fn unparse_time_approx +return the number of characters written to .Fa buf . if the return value is greater than or equal to the .Fa len @@ -140,7 +140,7 @@ main(int argc, char **argv) } .Ed .Bd -literal -$ ./a.out "1 minute 30 seconds" "90 s" "1 y -1 s" +$ ./a.out "1 minute 30 seconds" "90 s" "1 y -1 s" 1 year = 365 days 1 month = 30 days 1 week = 7 days diff --git a/lib/roken/parse_time.c b/lib/roken/parse_time.c index 1c39bde4e8a0..febd6a5d2bf6 100644 --- a/lib/roken/parse_time.c +++ b/lib/roken/parse_time.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: parse_time.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include #include "parse_time.h" @@ -53,25 +50,25 @@ static struct units time_units[] = { {NULL, 0}, }; -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL parse_time (const char *s, const char *def_unit) { return parse_units (s, time_units, def_unit); } -size_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL unparse_time (int t, char *s, size_t len) { return unparse_units (t, time_units, s, len); } -size_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL unparse_time_approx (int t, char *s, size_t len) { return unparse_units_approx (t, time_units, s, len); } -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL print_time_table (FILE *f) { print_units_table (time_units, f); diff --git a/lib/roken/parse_time.cat3 b/lib/roken/parse_time.cat3 new file mode 100644 index 000000000000..c2c2e6125ffd --- /dev/null +++ b/lib/roken/parse_time.cat3 @@ -0,0 +1,112 @@ + +PARSE_TIME(3) BSD Library Functions Manual PARSE_TIME(3) + +NNAAMMEE + ppaarrssee__ttiimmee, pprriinntt__ttiimmee__ttaabbllee, uunnppaarrssee__ttiimmee, uunnppaarrssee__ttiimmee__aapppprrooxx, -- parse + and unparse time intervals + +LLIIBBRRAARRYY + The roken library (libroken, -lroken) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _i_n_t + ppaarrssee__ttiimmee(_c_o_n_s_t _c_h_a_r _*_t_i_m_e_s_p_e_c, _c_o_n_s_t _c_h_a_r _*_d_e_f___u_n_i_t); + + _v_o_i_d + pprriinntt__ttiimmee__ttaabbllee(_F_I_L_E _*_f); + + _s_i_z_e___t + uunnppaarrssee__ttiimmee(_i_n_t _s_e_c_o_n_d_s, _c_h_a_r _*_b_u_f, _s_i_z_e___t _l_e_n); + + _s_i_z_e___t + uunnppaarrssee__ttiimmee__aapppprrooxx(_i_n_t _s_e_c_o_n_d_s, _c_h_a_r _*_b_u_f, _s_i_z_e___t _l_e_n); + +DDEESSCCRRIIPPTTIIOONN + The ppaarrssee__ttiimmee() function converts a the period of time specified in into + a number of seconds. The _t_i_m_e_s_p_e_c can be any number of + pairs separated by comma and whitespace. The number can be negative. Num- + ber without explicit units are taken as being _d_e_f___u_n_i_t. + + The uunnppaarrssee__ttiimmee() and uunnppaarrssee__ttiimmee__aapppprrooxx() does the opposite of + ppaarrssee__ttiimmee(), that is they take a number of seconds and express that as + human readable string. _u_n_p_a_r_s_e___t_i_m_e produces an exact time, while + _u_n_p_a_r_s_e___t_i_m_e___a_p_p_r_o_x restricts the result to only include one units. + + pprriinntt__ttiimmee__ttaabbllee() prints a descriptive list of available units on the + passed file descriptor. + + The possible units include: + second, s + minute, m + hour, h + day + week seven days + month 30 days + year 365 days + + Units names can be arbitrarily abbreviated (as long as they are unique). + +RREETTUURRNN VVAALLUUEESS + ppaarrssee__ttiimmee() returns the number of seconds that represents the expression + in _t_i_m_e_s_p_e_c or -1 on error. uunnppaarrssee__ttiimmee() and uunnppaarrssee__ttiimmee__aapppprrooxx() + return the number of characters written to _b_u_f. if the return value is + greater than or equal to the _l_e_n argument, the string was too short and + some of the printed characters were discarded. + +EEXXAAMMPPLLEESS + #include + #include + + int + main(int argc, char **argv) + { + int i; + int result; + char buf[128]; + print_time_table(stdout); + for (i = 1; i < argc; i++) { + result = parse_time(argv[i], "second"); + if(result == -1) { + fprintf(stderr, "%s: parse error\n", argv[i]); + continue; + } + printf("--\n"); + printf("parse_time = %d\n", result); + unparse_time(result, buf, sizeof(buf)); + printf("unparse_time = %s\n", buf); + unparse_time_approx(result, buf, sizeof(buf)); + printf("unparse_time_approx = %s\n", buf); + } + return 0; + } + + $ ./a.out "1 minute 30 seconds" "90 s" "1 y -1 s" + 1 year = 365 days + 1 month = 30 days + 1 week = 7 days + 1 day = 24 hours + 1 hour = 60 minutes + 1 minute = 60 seconds + 1 second + -- + parse_time = 90 + unparse_time = 1 minute 30 seconds + unparse_time_approx = 1 minute + -- + parse_time = 90 + unparse_time = 1 minute 30 seconds + unparse_time_approx = 1 minute + -- + parse_time = 31535999 + unparse_time = 12 months 4 days 23 hours 59 minutes 59 seconds + unparse_time_approx = 12 months + +BBUUGGSS + Since ppaarrssee__ttiimmee() returns -1 on error there is no way to parse "minus + one second". Currently "s" at the end of units is ignored. This is a + hack for English plural forms. If these functions are ever localised, + this scheme will have to change. + +HEIMDAL October 31, 2004 HEIMDAL diff --git a/lib/roken/parse_time.h b/lib/roken/parse_time.h index 4dc2da08bcb2..dabcefd81a7e 100644 --- a/lib/roken/parse_time.h +++ b/lib/roken/parse_time.h @@ -1,59 +1,61 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: parse_time.h 14773 2005-04-12 11:29:18Z lha $ */ +/* $Id$ */ #ifndef __PARSE_TIME_H__ #define __PARSE_TIME_H__ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif -int +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL parse_time (const char *s, const char *def_unit); -size_t +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL unparse_time (int t, char *s, size_t len); -size_t +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL unparse_time_approx (int t, char *s, size_t len); -void +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL print_time_table (FILE *f); #endif /* __PARSE_TIME_H__ */ diff --git a/lib/roken/parse_units.c b/lib/roken/parse_units.c index 1960beca0710..8b3cdf40e59e 100644 --- a/lib/roken/parse_units.c +++ b/lib/roken/parse_units.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: parse_units.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #include @@ -73,7 +70,7 @@ parse_something (const char *s, const struct units *units, p = s; while (*p) { - double val; + int val; char *next; const struct units *u, *partial_unit; size_t u_len; @@ -83,7 +80,7 @@ parse_something (const char *s, const struct units *units, while(isspace((unsigned char)*p) || *p == ',') ++p; - val = strtod (p, &next); /* strtol(p, &next, 0); */ + val = strtol(p, &next, 0); if (p == next) { val = 0; if(!accept_no_val_p) @@ -152,7 +149,7 @@ acc_units(int res, int val, unsigned mult) return res + val * mult; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL parse_units (const char *s, const struct units *units, const char *def_unit) { @@ -178,7 +175,7 @@ acc_flags(int res, int val, unsigned mult) return -1; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL parse_flags (const char *s, const struct units *units, int orig) { @@ -211,7 +208,7 @@ unparse_something (int num, const struct units *units, char *s, size_t len, tmp = (*print) (s, len, divisor, u->name, num); if (tmp < 0) return tmp; - if (tmp > len) { + if (tmp > (int) len) { len = 0; s = NULL; } else { @@ -248,7 +245,7 @@ update_unit_approx (int in, unsigned mult) return update_unit (in, mult); } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unparse_units (int num, const struct units *units, char *s, size_t len) { return unparse_something (num, units, s, len, @@ -257,7 +254,7 @@ unparse_units (int num, const struct units *units, char *s, size_t len) "0"); } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unparse_units_approx (int num, const struct units *units, char *s, size_t len) { return unparse_something (num, units, s, len, @@ -266,11 +263,11 @@ unparse_units_approx (int num, const struct units *units, char *s, size_t len) "0"); } -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL print_units_table (const struct units *units, FILE *f) { const struct units *u, *u2; - unsigned max_sz = 0; + size_t max_sz = 0; for (u = units; u->name; ++u) { max_sz = max(max_sz, strlen(u->name)); @@ -291,7 +288,7 @@ print_units_table (const struct units *units, FILE *f) if (u2->name == NULL) --u2; unparse_units (u->mult, u2, buf, sizeof(buf)); - fprintf (f, "1 %*s = %s\n", max_sz, u->name, buf); + fprintf (f, "1 %*s = %s\n", (int)max_sz, u->name, buf); } else { fprintf (f, "1 %s\n", u->name); } @@ -311,7 +308,7 @@ update_flag (int in, unsigned mult) return in - mult; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unparse_flags (int num, const struct units *units, char *s, size_t len) { return unparse_something (num, units, s, len, @@ -320,7 +317,7 @@ unparse_flags (int num, const struct units *units, char *s, size_t len) ""); } -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL print_flags_table (const struct units *units, FILE *f) { const struct units *u; diff --git a/lib/roken/parse_units.h b/lib/roken/parse_units.h index a42154d4869f..2d1c28690682 100644 --- a/lib/roken/parse_units.h +++ b/lib/roken/parse_units.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: parse_units.h 14773 2005-04-12 11:29:18Z lha $ */ +/* $Id$ */ #ifndef __PARSE_UNITS_H__ #define __PARSE_UNITS_H__ @@ -41,9 +41,11 @@ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif @@ -52,28 +54,28 @@ struct units { unsigned mult; }; -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL parse_units (const char *s, const struct units *units, const char *def_unit); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL print_units_table (const struct units *units, FILE *f); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL parse_flags (const char *s, const struct units *units, int orig); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unparse_units (int num, const struct units *units, char *s, size_t len); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unparse_units_approx (int num, const struct units *units, char *s, size_t len); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unparse_flags (int num, const struct units *units, char *s, size_t len); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL print_flags_table (const struct units *units, FILE *f); #endif /* __PARSE_UNITS_H__ */ diff --git a/lib/roken/putenv.c b/lib/roken/putenv.c index 5e501dcc0f27..647eb7a348b5 100644 --- a/lib/roken/putenv.c +++ b/lib/roken/putenv.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,13 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: putenv.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include +#if !HAVE_DECL_ENVIRON extern char **environ; +#endif /* * putenv -- @@ -48,13 +47,13 @@ extern char **environ; * value by altering an existing variable or creating a new one. */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL putenv(const char *string) { int i; const char *eq = (const char *)strchr(string, '='); int len; - + if (eq == NULL) return 1; len = eq - string; diff --git a/lib/roken/qsort.c b/lib/roken/qsort.c new file mode 100644 index 000000000000..768981334f25 --- /dev/null +++ b/lib/roken/qsort.c @@ -0,0 +1,203 @@ +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if 0 +#if defined(LIBC_SCCS) && !defined(lint) +static char sccsid[] = "@(#)qsort.c 8.1 (Berkeley) 6/4/93"; +#endif /* LIBC_SCCS and not lint */ +#include +__FBSDID("$FreeBSD$"); +#endif + +#include + +#ifdef NEED_QSORT + +#include "roken.h" + +#include + +#ifdef I_AM_QSORT_R +typedef int cmp_t(void *, const void *, const void *); +#else +typedef int cmp_t(const void *, const void *); +#endif +static inline char *med3(char *, char *, char *, cmp_t *, void *); +static inline void swapfunc(char *, char *, int, int); + +/* + * Qsort routine from Bentley & McIlroy's "Engineering a Sort Function". + */ +#define swapcode(TYPE, parmi, parmj, n) { \ + long i = (n) / sizeof (TYPE); \ + TYPE *pi = (TYPE *) (parmi); \ + TYPE *pj = (TYPE *) (parmj); \ + do { \ + TYPE t = *pi; \ + *pi++ = *pj; \ + *pj++ = t; \ + } while (--i > 0); \ +} + +#define SWAPINIT(a, es) swaptype = ((char *)a - (char *)0) % sizeof(long) || \ + es % sizeof(long) ? 2 : es == sizeof(long)? 0 : 1; + +static inline void +swapfunc(a, b, n, swaptype) + char *a, *b; + int n, swaptype; +{ + if(swaptype <= 1) + swapcode(long, a, b, n) + else + swapcode(char, a, b, n) +} + +#define swap(a, b) \ + if (swaptype == 0) { \ + long t = *(long *)(a); \ + *(long *)(a) = *(long *)(b); \ + *(long *)(b) = t; \ + } else \ + swapfunc(a, b, es, swaptype) + +#define vecswap(a, b, n) if ((n) > 0) swapfunc(a, b, n, swaptype) + +#ifdef I_AM_QSORT_R +#define CMP(t, x, y) (cmp((t), (x), (y))) +#else +#define CMP(t, x, y) (cmp((x), (y))) +#endif + +static inline char * +med3(char *a, char *b, char *c, cmp_t *cmp, void *thunk +#ifndef I_AM_QSORT_R +/* __unused */ +#endif +) +{ + return CMP(thunk, a, b) < 0 ? + (CMP(thunk, b, c) < 0 ? b : (CMP(thunk, a, c) < 0 ? c : a )) + :(CMP(thunk, b, c) > 0 ? b : (CMP(thunk, a, c) < 0 ? a : c )); +} + +#ifdef I_AM_QSORT_R +void +rk_qsort_r(void *a, size_t n, size_t es, void *thunk, cmp_t *cmp) +#else +#define thunk NULL +void +rk_qsort(void *a, size_t n, size_t es, cmp_t *cmp) +#endif +{ + char *pa, *pb, *pc, *pd, *pl, *pm, *pn; + size_t d, r; + int cmp_result; + int swaptype, swap_cnt; + +loop: SWAPINIT(a, es); + swap_cnt = 0; + if (n < 7) { + for (pm = (char *)a + es; pm < (char *)a + n * es; pm += es) + for (pl = pm; + pl > (char *)a && CMP(thunk, pl - es, pl) > 0; + pl -= es) + swap(pl, pl - es); + return; + } + pm = (char *)a + (n / 2) * es; + if (n > 7) { + pl = a; + pn = (char *)a + (n - 1) * es; + if (n > 40) { + d = (n / 8) * es; + pl = med3(pl, pl + d, pl + 2 * d, cmp, thunk); + pm = med3(pm - d, pm, pm + d, cmp, thunk); + pn = med3(pn - 2 * d, pn - d, pn, cmp, thunk); + } + pm = med3(pl, pm, pn, cmp, thunk); + } + swap(a, pm); + pa = pb = (char *)a + es; + + pc = pd = (char *)a + (n - 1) * es; + for (;;) { + while (pb <= pc && (cmp_result = CMP(thunk, pb, a)) <= 0) { + if (cmp_result == 0) { + swap_cnt = 1; + swap(pa, pb); + pa += es; + } + pb += es; + } + while (pb <= pc && (cmp_result = CMP(thunk, pc, a)) >= 0) { + if (cmp_result == 0) { + swap_cnt = 1; + swap(pc, pd); + pd -= es; + } + pc -= es; + } + if (pb > pc) + break; + swap(pb, pc); + swap_cnt = 1; + pb += es; + pc -= es; + } + if (swap_cnt == 0) { /* Switch to insertion sort */ + for (pm = (char *)a + es; pm < (char *)a + n * es; pm += es) + for (pl = pm; + pl > (char *)a && CMP(thunk, pl - es, pl) > 0; + pl -= es) + swap(pl, pl - es); + return; + } + + pn = (char *)a + n * es; + r = min(pa - (char *)a, pb - pa); + vecswap(a, pb - r, r); + r = min(pd - pc, pn - pd - es); + vecswap(pb, pn - r, r); + if ((r = pb - pa) > es) +#ifdef I_AM_QSORT_R + rk_qsort_r(a, r / es, es, thunk, cmp); +#else + rk_qsort(a, r / es, es, cmp); +#endif + if ((r = pd - pc) > es) { + /* Iterate rather than recurse to save stack space */ + a = pn - r; + n = r / es; + goto loop; + } +/* rk_qsort(pn - r, r / es, es, cmp);*/ +} + +#endif /* NEED_QSORT */ diff --git a/lib/roken/rand.c b/lib/roken/rand.c new file mode 100644 index 000000000000..ef92c2052b78 --- /dev/null +++ b/lib/roken/rand.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "roken.h" + +void ROKEN_LIB_FUNCTION +rk_random_init(void) +{ +#if defined(HAVE_ARC4RANDOM) + arc4random_stir(); +#elif defined(HAVE_SRANDOMDEV) + srandomdev(); +#elif defined(HAVE_RANDOM) + srandom(time(NULL)); +#else + srand (time(NULL)); +#endif +} diff --git a/lib/roken/rcmd.c b/lib/roken/rcmd.c index e732fe3c2a86..7fa85a35b4a8 100644 --- a/lib/roken/rcmd.c +++ b/lib/roken/rcmd.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,15 +31,12 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: rcmd.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" #include -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rcmd(char **ahost, unsigned short inport, const char *locuser, diff --git a/lib/roken/readv.c b/lib/roken/readv.c index b49890ebd6ed..a15601589917 100644 --- a/lib/roken/readv.c +++ b/lib/roken/readv.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: readv.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" -ssize_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL readv(int d, const struct iovec *iov, int iovcnt) { ssize_t ret, nb; diff --git a/lib/roken/realloc.c b/lib/roken/realloc.c index 33e898c34302..8cbc0d63e06d 100644 --- a/lib/roken/realloc.c +++ b/lib/roken/realloc.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan + * Copyright (c) 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,17 +31,13 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include #undef realloc -#endif + #include #include "roken.h" -RCSID("$Id"); - - -void * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL rk_realloc(void *ptr, size_t size) { if (ptr == NULL) diff --git a/lib/roken/recvmsg.c b/lib/roken/recvmsg.c index d92186c1b9f6..aba298b90813 100644 --- a/lib/roken/recvmsg.c +++ b/lib/roken/recvmsg.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: recvmsg.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" -ssize_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL recvmsg(int s, struct msghdr *msg, int flags) { ssize_t ret, nb; diff --git a/lib/roken/resolve-test.c b/lib/roken/resolve-test.c index 106cfd71b3e7..c2ced0054903 100644 --- a/lib/roken/resolve-test.c +++ b/lib/roken/resolve-test.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2004 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,9 +31,9 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H + #include -#endif + #include "roken.h" #include "getarg.h" #ifdef HAVE_ARPA_NAMESER_H @@ -44,8 +44,6 @@ #endif #include "resolve.h" -RCSID("$Id: resolve-test.c 15415 2005-06-16 16:58:45Z lha $"); - static int version_flag = 0; static int help_flag = 0; @@ -69,15 +67,15 @@ usage (int ret) int main(int argc, char **argv) { - struct dns_reply *r; - struct resource_record *rr; + struct rk_dns_reply *r; + struct rk_resource_record *rr; int optidx = 0; setprogname (argv[0]); if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) usage(1); - + if (help_flag) usage (0); @@ -92,16 +90,16 @@ main(int argc, char **argv) if (argc != 2) usage(1); - r = dns_lookup(argv[0], argv[1]); + r = rk_dns_lookup(argv[0], argv[1]); if(r == NULL){ printf("No reply.\n"); return 1; } if(r->q.type == rk_ns_t_srv) - dns_srv_order(r); + rk_dns_srv_order(r); for(rr = r->head; rr;rr=rr->next){ - printf("%-30s %-5s %-6d ", rr->domain, dns_type_to_string(rr->type), rr->ttl); + printf("%-30s %-5s %-6d ", rr->domain, rk_dns_type_to_string(rr->type), rr->ttl); switch(rr->type){ case rk_ns_t_ns: case rk_ns_t_cname: @@ -117,8 +115,8 @@ main(int argc, char **argv) break; } case rk_ns_t_srv:{ - struct srv_record *srv = rr->u.srv; - printf("%d %d %d %s\n", srv->priority, srv->weight, + struct rk_srv_record *srv = rr->u.srv; + printf("%d %d %d %s\n", srv->priority, srv->weight, srv->port, srv->target); break; } @@ -127,8 +125,8 @@ main(int argc, char **argv) break; } case rk_ns_t_sig : { - struct sig_record *sig = rr->u.sig; - const char *type_string = dns_type_to_string (sig->type); + struct rk_sig_record *sig = rr->u.sig; + const char *type_string = rk_dns_type_to_string (sig->type); printf ("type %u (%s), algorithm %u, labels %u, orig_ttl %u, sig_expiration %u, sig_inception %u, key_tag %u, signer %s\n", sig->type, type_string ? type_string : "", @@ -138,17 +136,17 @@ main(int argc, char **argv) break; } case rk_ns_t_key : { - struct key_record *key = rr->u.key; + struct rk_key_record *key = rr->u.key; printf ("flags %u, protocol %u, algorithm %u\n", key->flags, key->protocol, key->algorithm); break; } case rk_ns_t_sshfp : { - struct sshfp_record *sshfp = rr->u.sshfp; - int i; + struct rk_sshfp_record *sshfp = rr->u.sshfp; + size_t i; - printf ("alg %u type %u length %lu data ", sshfp->algorithm, + printf ("alg %u type %u length %lu data ", sshfp->algorithm, sshfp->type, (unsigned long)sshfp->sshfp_len); for (i = 0; i < sshfp->sshfp_len; i++) printf("%02X", sshfp->sshfp_data[i]); @@ -157,12 +155,12 @@ main(int argc, char **argv) break; } case rk_ns_t_ds : { - struct ds_record *ds = rr->u.ds; - int i; + struct rk_ds_record *ds = rr->u.ds; + size_t i; - printf ("key tag %u alg %u type %u length %u data ", - ds->key_tag, ds->algorithm, ds->digest_type, - ds->digest_len); + printf ("key tag %u alg %u type %u length %lu data ", + ds->key_tag, ds->algorithm, ds->digest_type, + (unsigned long)ds->digest_len); for (i = 0; i < ds->digest_len; i++) printf("%02X", ds->digest_data[i]); printf("\n"); @@ -174,6 +172,6 @@ main(int argc, char **argv) break; } } - + return 0; } diff --git a/lib/roken/resolve.c b/lib/roken/resolve.c index 8f8fec7657e4..b27f37a6d6d1 100644 --- a/lib/roken/resolve.c +++ b/lib/roken/resolve.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2006 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2006 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,9 +31,9 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H + #include -#endif + #include "roken.h" #ifdef HAVE_ARPA_NAMESER_H #include @@ -41,12 +41,13 @@ #ifdef HAVE_RESOLV_H #include #endif +#ifdef HAVE_DNS_H +#include +#endif #include "resolve.h" #include -RCSID("$Id: resolve.c 19869 2007-01-12 16:03:14Z lha $"); - #ifdef _AIX /* AIX have broken res_nsearch() in 5.1 (5.0 also ?) */ #undef HAVE_RES_NSEARCH #endif @@ -77,8 +78,8 @@ static struct stot{ int _resolve_debug = 0; -int ROKEN_LIB_FUNCTION -dns_string_to_type(const char *name) +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_dns_string_to_type(const char *name) { struct stot *p = stot; for(p = stot; p->name; p++) @@ -87,8 +88,8 @@ dns_string_to_type(const char *name) return -1; } -const char * ROKEN_LIB_FUNCTION -dns_type_to_string(int type) +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL +rk_dns_type_to_string(int type) { struct stot *p = stot; for(p = stot; p->name; p++) @@ -97,10 +98,10 @@ dns_type_to_string(int type) return NULL; } -#if (defined(HAVE_RES_SEARCH) || defined(HAVE_RES_NSEARCH)) && defined(HAVE_DN_EXPAND) +#if ((defined(HAVE_RES_SEARCH) || defined(HAVE_RES_NSEARCH)) && defined(HAVE_DN_EXPAND)) || defined(HAVE_WINDNS) static void -dns_free_rr(struct resource_record *rr) +dns_free_rr(struct rk_resource_record *rr) { if(rr->domain) free(rr->domain); @@ -109,26 +110,29 @@ dns_free_rr(struct resource_record *rr) free(rr); } -void ROKEN_LIB_FUNCTION -dns_free_data(struct dns_reply *r) +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +rk_dns_free_data(struct rk_dns_reply *r) { - struct resource_record *rr; + struct rk_resource_record *rr; if(r->q.domain) free(r->q.domain); for(rr = r->head; rr;){ - struct resource_record *tmp = rr; + struct rk_resource_record *tmp = rr; rr = rr->next; dns_free_rr(tmp); } free (r); } +#ifndef HAVE_WINDNS + static int -parse_record(const unsigned char *data, const unsigned char *end_data, - const unsigned char **pp, struct resource_record **ret_rr) +parse_record(const unsigned char *data, const unsigned char *end_data, + const unsigned char **pp, struct rk_resource_record **ret_rr) { - struct resource_record *rr; - int type, class, ttl, size; + struct rk_resource_record *rr; + int type, class, ttl; + unsigned size; int status; char host[MAXDNAME]; const unsigned char *p = *pp; @@ -136,7 +140,7 @@ parse_record(const unsigned char *data, const unsigned char *end_data, *ret_rr = NULL; status = dn_expand(data, end_data, p, host, sizeof(host)); - if(status < 0) + if(status < 0) return -1; if (p + status + 10 > end_data) return -1; @@ -155,7 +159,7 @@ parse_record(const unsigned char *data, const unsigned char *end_data, return -1; rr = calloc(1, sizeof(*rr)); - if(rr == NULL) + if(rr == NULL) return -1; rr->domain = strdup(host); if(rr->domain == NULL) { @@ -190,13 +194,13 @@ parse_record(const unsigned char *data, const unsigned char *end_data, dns_free_rr(rr); return -1; } - if (status + 2 > size) { + if ((size_t)status + 2 > size) { dns_free_rr(rr); return -1; } hostlen = strlen(host); - rr->u.mx = (struct mx_record*)malloc(sizeof(struct mx_record) + + rr->u.mx = (struct mx_record*)malloc(sizeof(struct mx_record) + hostlen); if(rr->u.mx == NULL) { dns_free_rr(rr); @@ -213,14 +217,14 @@ parse_record(const unsigned char *data, const unsigned char *end_data, dns_free_rr(rr); return -1; } - if (status + 6 > size) { + if ((size_t)status + 6 > size) { dns_free_rr(rr); return -1; } hostlen = strlen(host); - rr->u.srv = - (struct srv_record*)malloc(sizeof(struct srv_record) + + rr->u.srv = + (struct srv_record*)malloc(sizeof(struct srv_record) + hostlen); if(rr->u.srv == NULL) { dns_free_rr(rr); @@ -233,7 +237,7 @@ parse_record(const unsigned char *data, const unsigned char *end_data, break; } case rk_ns_t_txt:{ - if(size == 0 || size < *p + 1) { + if(size == 0 || size < (unsigned)(*p + 1)) { dns_free_rr(rr); return -1; } @@ -280,7 +284,7 @@ parse_record(const unsigned char *data, const unsigned char *end_data, dns_free_rr(rr); return -1; } - if (status + 18 > size) { + if ((size_t)status + 18 > size) { dns_free_rr(rr); return -1; } @@ -400,17 +404,17 @@ parse_record(const unsigned char *data, const unsigned char *end_data, #ifndef TEST_RESOLVE static #endif -struct dns_reply* +struct rk_dns_reply* parse_reply(const unsigned char *data, size_t len) { const unsigned char *p; int status; - int i; + size_t i; char host[MAXDNAME]; const unsigned char *end_data = data + len; - struct dns_reply *r; - struct resource_record **rr; - + struct rk_dns_reply *r; + struct rk_resource_record **rr; + r = calloc(1, sizeof(*r)); if (r == NULL) return NULL; @@ -448,16 +452,16 @@ parse_reply(const unsigned char *data, size_t len) } status = dn_expand(data, end_data, p, host, sizeof(host)); if(status < 0){ - dns_free_data(r); + rk_dns_free_data(r); return NULL; } r->q.domain = strdup(host); if(r->q.domain == NULL) { - dns_free_data(r); + rk_dns_free_data(r); return NULL; } if (p + status + 4 > end_data) { - dns_free_data(r); + rk_dns_free_data(r); return NULL; } p += status; @@ -465,25 +469,25 @@ parse_reply(const unsigned char *data, size_t len) p += 2; r->q.class = (p[0] << 8 | p[1]); p += 2; - + rr = &r->head; for(i = 0; i < r->h.ancount; i++) { if(parse_record(data, end_data, &p, rr) != 0) { - dns_free_data(r); + rk_dns_free_data(r); return NULL; } rr = &(*rr)->next; } for(i = 0; i < r->h.nscount; i++) { if(parse_record(data, end_data, &p, rr) != 0) { - dns_free_data(r); + rk_dns_free_data(r); return NULL; } rr = &(*rr)->next; } for(i = 0; i < r->h.arcount; i++) { if(parse_record(data, end_data, &p, rr) != 0) { - dns_free_data(r); + rk_dns_free_data(r); return NULL; } rr = &(*rr)->next; @@ -500,71 +504,87 @@ parse_reply(const unsigned char *data, size_t len) #endif #endif -static struct dns_reply * +#if defined(HAVE_DNS_SEARCH) +#define resolve_search(h,n,c,t,r,l) \ + ((int)dns_search(h,n,c,t,r,l,(struct sockaddr *)&from,&fromsize)) +#define resolve_free_handle(h) dns_free(h) +#elif defined(HAVE_RES_NSEARCH) +#define resolve_search(h,n,c,t,r,l) res_nsearch(h,n,c,t,r,l) +#define resolve_free_handle(h) rk_res_free(h); +#else +#define resolve_search(h,n,c,t,r,l) res_search(n,c,t,r,l) +#define handle 0 +#define resolve_free_handle(h) +#endif + + +static struct rk_dns_reply * dns_lookup_int(const char *domain, int rr_class, int rr_type) { - struct dns_reply *r; - unsigned char *reply = NULL; - int size; - int len; -#ifdef HAVE_RES_NSEARCH + struct rk_dns_reply *r; + void *reply = NULL; + int size, len; +#if defined(HAVE_DNS_SEARCH) + struct sockaddr_storage from; + uint32_t fromsize = sizeof(from); + dns_handle_t handle; + + handle = dns_open(NULL); + if (handle == NULL) + return NULL; +#elif defined(HAVE_RES_NSEARCH) struct __res_state state; + struct __res_state *handle = &state; + memset(&state, 0, sizeof(state)); - if(res_ninit(&state)) + if(res_ninit(handle)) return NULL; /* is this the best we can do? */ -#elif defined(HAVE__RES) - u_long old_options = 0; #endif - - size = 0; - len = 1000; - do { + + len = 1500; + while(1) { if (reply) { free(reply); reply = NULL; } - if (size <= len) - size = len; if (_resolve_debug) { -#ifdef HAVE_RES_NSEARCH +#if defined(HAVE_DNS_SEARCH) + dns_set_debug(handle, 1); +#elif defined(HAVE_RES_NSEARCH) state.options |= RES_DEBUG; -#elif defined(HAVE__RES) - old_options = _res.options; - _res.options |= RES_DEBUG; #endif fprintf(stderr, "dns_lookup(%s, %d, %s), buffer size %d\n", domain, - rr_class, dns_type_to_string(rr_type), size); + rr_class, rk_dns_type_to_string(rr_type), len); } - reply = malloc(size); + reply = malloc(len); if (reply == NULL) { -#ifdef HAVE_RES_NSEARCH - rk_res_free(&state); -#endif + resolve_free_handle(handle); return NULL; } -#ifdef HAVE_RES_NSEARCH - len = res_nsearch(&state, domain, rr_class, rr_type, reply, size); -#else - len = res_search(domain, rr_class, rr_type, reply, size); -#endif + + size = resolve_search(handle, domain, rr_class, rr_type, reply, len); + if (_resolve_debug) { -#if defined(HAVE__RES) && !defined(HAVE_RES_NSEARCH) - _res.options = old_options; -#endif fprintf(stderr, "dns_lookup(%s, %d, %s) --> %d\n", - domain, rr_class, dns_type_to_string(rr_type), len); + domain, rr_class, rk_dns_type_to_string(rr_type), size); } - if (len < 0) { -#ifdef HAVE_RES_NSEARCH - rk_res_free(&state); -#endif + if (size > len) { + /* resolver thinks it know better, go for it */ + len = size; + } else if (size > 0) { + /* got a good reply */ + break; + } else if (size <= 0 && len < rk_DNS_MAX_PACKET_SIZE) { + len *= 2; + if (len > rk_DNS_MAX_PACKET_SIZE) + len = rk_DNS_MAX_PACKET_SIZE; + } else { + /* the end, leave */ + resolve_free_handle(handle); free(reply); return NULL; } - } while (size < len && len < rk_DNS_MAX_PACKET_SIZE); -#ifdef HAVE_RES_NSEARCH - rk_res_free(&state); -#endif + } len = min(len, size); r = parse_reply(reply, len); @@ -572,41 +592,39 @@ dns_lookup_int(const char *domain, int rr_class, int rr_type) return r; } -struct dns_reply * ROKEN_LIB_FUNCTION -dns_lookup(const char *domain, const char *type_name) +ROKEN_LIB_FUNCTION struct rk_dns_reply * ROKEN_LIB_CALL +rk_dns_lookup(const char *domain, const char *type_name) { int type; - - type = dns_string_to_type(type_name); + + type = rk_dns_string_to_type(type_name); if(type == -1) { if(_resolve_debug) - fprintf(stderr, "dns_lookup: unknown resource type: `%s'\n", + fprintf(stderr, "dns_lookup: unknown resource type: `%s'\n", type_name); return NULL; } - return dns_lookup_int(domain, C_IN, type); + return dns_lookup_int(domain, rk_ns_c_in, type); } +#endif /* !HAVE_WINDNS */ + static int compare_srv(const void *a, const void *b) { - const struct resource_record *const* aa = a, *const* bb = b; + const struct rk_resource_record *const* aa = a, *const* bb = b; if((*aa)->u.srv->priority == (*bb)->u.srv->priority) return ((*aa)->u.srv->weight - (*bb)->u.srv->weight); return ((*aa)->u.srv->priority - (*bb)->u.srv->priority); } -#ifndef HAVE_RANDOM -#define random() rand() -#endif - /* try to rearrange the srv-records by the algorithm in RFC2782 */ -void ROKEN_LIB_FUNCTION -dns_srv_order(struct dns_reply *r) +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +rk_dns_srv_order(struct rk_dns_reply *r) { - struct resource_record **srvs, **ss, **headp; - struct resource_record *rr; + struct rk_resource_record **srvs, **ss, **headp; + struct rk_resource_record *rr; int num_srv = 0; #if defined(HAVE_INITSTATE) && defined(HAVE_SETSTATE) @@ -614,7 +632,9 @@ dns_srv_order(struct dns_reply *r) char *oldstate; #endif - for(rr = r->head; rr; rr = rr->next) + rk_random_init(); + + for(rr = r->head; rr; rr = rr->next) if(rr->type == rk_ns_t_srv) num_srv++; @@ -624,7 +644,7 @@ dns_srv_order(struct dns_reply *r) srvs = malloc(num_srv * sizeof(*srvs)); if(srvs == NULL) return; /* XXX not much to do here */ - + /* unlink all srv-records from the linked list and put them in a vector */ for(ss = srvs, headp = &r->head; *headp; ) @@ -635,7 +655,7 @@ dns_srv_order(struct dns_reply *r) ss++; } else headp = &(*headp)->next; - + /* sort them by priority and weight */ qsort(srvs, num_srv, sizeof(*srvs), compare_srv); @@ -644,10 +664,10 @@ dns_srv_order(struct dns_reply *r) #endif headp = &r->head; - + for(ss = srvs; ss < srvs + num_srv; ) { int sum, rnd, count; - struct resource_record **ee, **tt; + struct rk_resource_record **ee, **tt; /* find the last record with the same priority and count the sum of all weights */ for(sum = 0, tt = ss; tt < srvs + num_srv; tt++) { @@ -660,7 +680,7 @@ dns_srv_order(struct dns_reply *r) /* ss is now the first record of this priority and ee is the first of the next */ while(ss < ee) { - rnd = random() % (sum + 1); + rnd = rk_random() % (sum + 1); for(count = 0, tt = ss; ; tt++) { if(*tt == NULL) continue; @@ -682,7 +702,7 @@ dns_srv_order(struct dns_reply *r) ss++; } } - + #if defined(HAVE_INITSTATE) && defined(HAVE_SETSTATE) setstate(oldstate); #endif @@ -690,21 +710,233 @@ dns_srv_order(struct dns_reply *r) return; } +#ifdef HAVE_WINDNS + +#include + +static struct rk_resource_record * +parse_dns_record(PDNS_RECORD pRec) +{ + struct rk_resource_record * rr; + + if (pRec == NULL) + return NULL; + + rr = calloc(1, sizeof(*rr)); + + rr->domain = strdup(pRec->pName); + rr->type = pRec->wType; + rr->class = 0; + rr->ttl = pRec->dwTtl; + rr->size = 0; + + switch (rr->type) { + case rk_ns_t_ns: + case rk_ns_t_cname: + case rk_ns_t_ptr: + rr->u.txt = strdup(pRec->Data.NS.pNameHost); + if(rr->u.txt == NULL) { + dns_free_rr(rr); + return NULL; + } + break; + + case rk_ns_t_mx: + case rk_ns_t_afsdb:{ + size_t hostlen = strnlen(pRec->Data.MX.pNameExchange, DNS_MAX_NAME_LENGTH); + + rr->u.mx = (struct mx_record *)malloc(sizeof(struct mx_record) + + hostlen); + if (rr->u.mx == NULL) { + dns_free_rr(rr); + return NULL; + } + + strcpy_s(rr->u.mx->domain, hostlen + 1, pRec->Data.MX.pNameExchange); + rr->u.mx->preference = pRec->Data.MX.wPreference; + break; + } + + case rk_ns_t_srv:{ + size_t hostlen = strnlen(pRec->Data.SRV.pNameTarget, DNS_MAX_NAME_LENGTH); + + rr->u.srv = + (struct srv_record*)malloc(sizeof(struct srv_record) + + hostlen); + if(rr->u.srv == NULL) { + dns_free_rr(rr); + return NULL; + } + + rr->u.srv->priority = pRec->Data.SRV.wPriority; + rr->u.srv->weight = pRec->Data.SRV.wWeight; + rr->u.srv->port = pRec->Data.SRV.wPort; + strcpy_s(rr->u.srv->target, hostlen + 1, pRec->Data.SRV.pNameTarget); + + break; + } + + case rk_ns_t_txt:{ + size_t len; + + if (pRec->Data.TXT.dwStringCount == 0) { + rr->u.txt = strdup(""); + break; + } + + len = strnlen(pRec->Data.TXT.pStringArray[0], DNS_MAX_TEXT_STRING_LENGTH); + + rr->u.txt = (char *)malloc(len + 1); + strcpy_s(rr->u.txt, len + 1, pRec->Data.TXT.pStringArray[0]); + + break; + } + + case rk_ns_t_key : { + size_t key_len; + + if (pRec->wDataLength < 4) { + dns_free_rr(rr); + return NULL; + } + + key_len = pRec->wDataLength - 4; + rr->u.key = malloc (sizeof(*rr->u.key) + key_len - 1); + if (rr->u.key == NULL) { + dns_free_rr(rr); + return NULL; + } + + rr->u.key->flags = pRec->Data.KEY.wFlags; + rr->u.key->protocol = pRec->Data.KEY.chProtocol; + rr->u.key->algorithm = pRec->Data.KEY.chAlgorithm; + rr->u.key->key_len = key_len; + memcpy_s (rr->u.key->key_data, key_len, + pRec->Data.KEY.Key, key_len); + break; + } + + case rk_ns_t_sig : { + size_t sig_len, hostlen; + + if(pRec->wDataLength <= 18) { + dns_free_rr(rr); + return NULL; + } + + sig_len = pRec->wDataLength; + + hostlen = strnlen(pRec->Data.SIG.pNameSigner, DNS_MAX_NAME_LENGTH); + + rr->u.sig = malloc(sizeof(*rr->u.sig) + + hostlen + sig_len); + if (rr->u.sig == NULL) { + dns_free_rr(rr); + return NULL; + } + rr->u.sig->type = pRec->Data.SIG.wTypeCovered; + rr->u.sig->algorithm = pRec->Data.SIG.chAlgorithm; + rr->u.sig->labels = pRec->Data.SIG.chLabelCount; + rr->u.sig->orig_ttl = pRec->Data.SIG.dwOriginalTtl; + rr->u.sig->sig_expiration = pRec->Data.SIG.dwExpiration; + rr->u.sig->sig_inception = pRec->Data.SIG.dwTimeSigned; + rr->u.sig->key_tag = pRec->Data.SIG.wKeyTag; + rr->u.sig->sig_len = sig_len; + memcpy_s (rr->u.sig->sig_data, sig_len, + pRec->Data.SIG.Signature, sig_len); + rr->u.sig->signer = &rr->u.sig->sig_data[sig_len]; + strcpy_s(rr->u.sig->signer, hostlen + 1, pRec->Data.SIG.pNameSigner); + break; + } + +#ifdef DNS_TYPE_DS + case rk_ns_t_ds: { + rr->u.ds = malloc (sizeof(*rr->u.ds) + pRec->Data.DS.wDigestLength - 1); + if (rr->u.ds == NULL) { + dns_free_rr(rr); + return NULL; + } + + rr->u.ds->key_tag = pRec->Data.DS.wKeyTag; + rr->u.ds->algorithm = pRec->Data.DS.chAlgorithm; + rr->u.ds->digest_type = pRec->Data.DS.chDigestType; + rr->u.ds->digest_len = pRec->Data.DS.wDigestLength; + memcpy_s (rr->u.ds->digest_data, pRec->Data.DS.wDigestLength, + pRec->Data.DS.Digest, pRec->Data.DS.wDigestLength); + break; + } +#endif + + default: + dns_free_rr(rr); + return NULL; + } + + rr->next = parse_dns_record(pRec->pNext); + return rr; +} + +ROKEN_LIB_FUNCTION struct rk_dns_reply * ROKEN_LIB_CALL +rk_dns_lookup(const char *domain, const char *type_name) +{ + DNS_STATUS status; + int type; + PDNS_RECORD pRec = NULL; + struct rk_dns_reply * r = NULL; + + __try { + + type = rk_dns_string_to_type(type_name); + if(type == -1) { + if(_resolve_debug) + fprintf(stderr, "dns_lookup: unknown resource type: `%s'\n", + type_name); + return NULL; + } + + status = DnsQuery_UTF8(domain, type, DNS_QUERY_STANDARD, NULL, + &pRec, NULL); + if (status != ERROR_SUCCESS) + return NULL; + + r = calloc(1, sizeof(*r)); + r->q.domain = strdup(domain); + r->q.type = type; + r->q.class = 0; + + r->head = parse_dns_record(pRec); + + if (r->head == NULL) { + rk_dns_free_data(r); + return NULL; + } else { + return r; + } + + } __finally { + + if (pRec) + DnsRecordListFree(pRec, DnsFreeRecordList); + + } +} +#endif /* HAVE_WINDNS */ + #else /* NOT defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) */ -struct dns_reply * ROKEN_LIB_FUNCTION -dns_lookup(const char *domain, const char *type_name) +ROKEN_LIB_FUNCTION struct rk_dns_reply * ROKEN_LIB_CALL +rk_dns_lookup(const char *domain, const char *type_name) { return NULL; } -void ROKEN_LIB_FUNCTION -dns_free_data(struct dns_reply *r) +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +rk_dns_free_data(struct rk_dns_reply *r) { } -void ROKEN_LIB_FUNCTION -dns_srv_order(struct dns_reply *r) +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +rk_dns_srv_order(struct rk_dns_reply *r) { } diff --git a/lib/roken/resolve.h b/lib/roken/resolve.h index fe83115b1ec2..fc1e97fc63b5 100644 --- a/lib/roken/resolve.h +++ b/lib/roken/resolve.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,20 +31,26 @@ * SUCH DAMAGE. */ -/* $Id: resolve.h 14773 2005-04-12 11:29:18Z lha $ */ +/* $Id$ */ #ifndef __RESOLVE_H__ #define __RESOLVE_H__ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif -typedef enum { +enum { + rk_ns_c_in = 1 +}; + +enum { rk_ns_t_invalid = 0, /* Cookie. */ rk_ns_t_a = 1, /* Host address. */ rk_ns_t_ns = 2, /* Authoritative server. */ @@ -99,99 +105,38 @@ typedef enum { rk_ns_t_any = 255, /* Wildcard match. */ rk_ns_t_zxfr = 256, /* BIND-specific, nonstandard. */ rk_ns_t_max = 65536 -} rk_ns_type; - -/* We use these, but they are not always present in */ - -#ifndef C_IN -#define C_IN 1 -#endif - -#ifndef T_A -#define T_A 1 -#endif -#ifndef T_NS -#define T_NS 2 -#endif -#ifndef T_CNAME -#define T_CNAME 5 -#endif -#ifndef T_SOA -#define T_SOA 5 -#endif -#ifndef T_PTR -#define T_PTR 12 -#endif -#ifndef T_MX -#define T_MX 15 -#endif -#ifndef T_TXT -#define T_TXT 16 -#endif -#ifndef T_AFSDB -#define T_AFSDB 18 -#endif -#ifndef T_SIG -#define T_SIG 24 -#endif -#ifndef T_KEY -#define T_KEY 25 -#endif -#ifndef T_AAAA -#define T_AAAA 28 -#endif -#ifndef T_SRV -#define T_SRV 33 -#endif -#ifndef T_NAPTR -#define T_NAPTR 35 -#endif -#ifndef T_CERT -#define T_CERT 37 -#endif -#ifndef T_SSHFP -#define T_SSHFP 44 -#endif +}; #ifndef MAXDNAME #define MAXDNAME 1025 #endif -#define dns_query rk_dns_query #define mx_record rk_mx_record #define srv_record rk_srv_record #define key_record rk_key_record #define sig_record rk_sig_record #define cert_record rk_cert_record #define sshfp_record rk_sshfp_record -#define resource_record rk_resource_record -#define dns_reply rk_dns_reply -#define dns_lookup rk_dns_lookup -#define dns_free_data rk_dns_free_data -#define dns_string_to_type rk_dns_string_to_type -#define dns_type_to_string rk_dns_type_to_string -#define dns_srv_order rk_dns_srv_order - -struct dns_query{ +struct rk_dns_query{ char *domain; unsigned type; unsigned class; }; -struct mx_record{ +struct rk_mx_record{ unsigned preference; char domain[1]; }; -struct srv_record{ +struct rk_srv_record{ unsigned priority; unsigned weight; unsigned port; char target[1]; }; -struct key_record { +struct rk_key_record { unsigned flags; unsigned protocol; unsigned algorithm; @@ -199,7 +144,7 @@ struct key_record { u_char key_data[1]; }; -struct sig_record { +struct rk_sig_record { unsigned type; unsigned algorithm; unsigned labels; @@ -208,11 +153,11 @@ struct sig_record { unsigned sig_inception; unsigned key_tag; char *signer; - unsigned sig_len; + size_t sig_len; char sig_data[1]; /* also includes signer */ }; -struct cert_record { +struct rk_cert_record { unsigned type; unsigned tag; unsigned algorithm; @@ -220,22 +165,22 @@ struct cert_record { u_char cert_data[1]; }; -struct sshfp_record { +struct rk_sshfp_record { unsigned algorithm; unsigned type; size_t sshfp_len; u_char sshfp_data[1]; }; -struct ds_record { +struct rk_ds_record { unsigned key_tag; unsigned algorithm; unsigned digest_type; - unsigned digest_len; + size_t digest_len; u_char digest_data[1]; }; -struct resource_record{ +struct rk_resource_record{ char *domain; unsigned type; unsigned class; @@ -243,23 +188,23 @@ struct resource_record{ unsigned size; union { void *data; - struct mx_record *mx; - struct mx_record *afsdb; /* mx and afsdb are identical */ - struct srv_record *srv; + struct rk_mx_record *mx; + struct rk_mx_record *afsdb; /* mx and afsdb are identical */ + struct rk_srv_record *srv; struct in_addr *a; char *txt; - struct key_record *key; - struct cert_record *cert; - struct sig_record *sig; - struct sshfp_record *sshfp; - struct ds_record *ds; + struct rk_key_record *key; + struct rk_cert_record *cert; + struct rk_sig_record *sig; + struct rk_sshfp_record *sshfp; + struct rk_ds_record *ds; }u; - struct resource_record *next; + struct rk_resource_record *next; }; #define rk_DNS_MAX_PACKET_SIZE 0xffff -struct dns_header { +struct rk_dns_header { unsigned id; unsigned flags; #define rk_DNS_HEADER_RESPONSE_FLAG 1 @@ -277,22 +222,30 @@ struct dns_header { unsigned arcount; }; -struct dns_reply{ - struct dns_header h; - struct dns_query q; - struct resource_record *head; +struct rk_dns_reply{ + struct rk_dns_header h; + struct rk_dns_query q; + struct rk_resource_record *head; }; -struct dns_reply* ROKEN_LIB_FUNCTION - dns_lookup(const char *, const char *); -void ROKEN_LIB_FUNCTION - dns_free_data(struct dns_reply *); -int ROKEN_LIB_FUNCTION - dns_string_to_type(const char *name); -const char *ROKEN_LIB_FUNCTION - dns_type_to_string(int type); -void ROKEN_LIB_FUNCTION - dns_srv_order(struct dns_reply*); +#ifdef __cplusplus +extern "C" { +#endif + +ROKEN_LIB_FUNCTION struct rk_dns_reply* ROKEN_LIB_CALL + rk_dns_lookup(const char *, const char *); +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL + rk_dns_free_data(struct rk_dns_reply *); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_dns_string_to_type(const char *name); +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL + rk_dns_type_to_string(int type); +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL + rk_dns_srv_order(struct rk_dns_reply*); + +#ifdef __cplusplus +} +#endif #endif /* __RESOLVE_H__ */ diff --git a/lib/roken/rkpty.c b/lib/roken/rkpty.c new file mode 100644 index 000000000000..f2c62f23f39c --- /dev/null +++ b/lib/roken/rkpty.c @@ -0,0 +1,381 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "config.h" + +#ifndef HAVE_SYS_TYPES_H +#include +#endif +#ifdef HAVE_SYS_WAIT_H +#include +#endif +#include +#include +#ifdef HAVE_UNISTD_H +#include +#endif +#ifdef HAVE_PTY_H +#include +#endif +#ifdef HAVE_UTIL_H +#include +#endif +#ifdef HAVE_LIBUTIL_H +#include +#endif + +#ifdef STREAMSPTY +#include +#endif /* STREAMPTY */ + +#include "roken.h" +#include + +struct command { + enum { CMD_EXPECT = 0, CMD_SEND, CMD_PASSWORD } type; + unsigned int lineno; + char *str; + struct command *next; +}; + +/* + * + */ + +static struct command *commands, **next = &commands; + +static sig_atomic_t alarmset = 0; + +static int timeout = 10; +static int verbose; +static int help_flag; +static int version_flag; + +static int master; +static int slave; +static char line[256] = { 0 }; + +static void +caught_signal(int signo) +{ + alarmset = signo; +} + + +static void +open_pty(void) +{ +#ifdef _AIX + printf("implement open_pty\n"); + exit(77); +#endif +#if defined(HAVE_OPENPTY) || defined(__linux) || defined(__osf__) /* XXX */ + if(openpty(&master, &slave, line, 0, 0) == 0) + return; +#endif /* HAVE_OPENPTY .... */ +#ifdef STREAMSPTY + { + char *clone[] = { + "/dev/ptc", + "/dev/ptmx", + "/dev/ptm", + "/dev/ptym/clone", + NULL + }; + char **q; + + for(q = clone; *q; q++){ + master = open(*q, O_RDWR); + if(master >= 0){ +#ifdef HAVE_GRANTPT + grantpt(master); +#endif +#ifdef HAVE_UNLOCKPT + unlockpt(master); +#endif + strlcpy(line, ptsname(master), sizeof(line)); + slave = open(line, O_RDWR); + if (slave < 0) + errx(1, "failed to open slave when using %s", *q); + ioctl(slave, I_PUSH, "ptem"); + ioctl(slave, I_PUSH, "ldterm"); + + return; + } + } + } +#endif /* STREAMSPTY */ + + /* more cases, like open /dev/ptmx, etc */ + + exit(77); +} + +/* + * + */ + +static char * +iscmd(const char *buf, const char *s) +{ + size_t len = strlen(s); + if (strncmp(buf, s, len) != 0) + return NULL; + return estrdup(buf + len); +} + +static void +parse_configuration(const char *fn) +{ + struct command *c; + char s[1024]; + char *str; + unsigned int lineno = 0; + FILE *cmd; + + cmd = fopen(fn, "r"); + if (cmd == NULL) + err(1, "open: %s", fn); + + while (fgets(s, sizeof(s), cmd) != NULL) { + + s[strcspn(s, "#\n")] = '\0'; + lineno++; + + c = calloc(1, sizeof(*c)); + if (c == NULL) + errx(1, "malloc"); + + c->lineno = lineno; + (*next) = c; + next = &(c->next); + + if ((str = iscmd(s, "expect ")) != NULL) { + c->type = CMD_EXPECT; + c->str = str; + } else if ((str = iscmd(s, "send ")) != NULL) { + c->type = CMD_SEND; + c->str = str; + } else if ((str = iscmd(s, "password ")) != NULL) { + c->type = CMD_PASSWORD; + c->str = str; + } else + errx(1, "Invalid command on line %d: %s", lineno, s); + } + + fclose(cmd); +} + + +/* + * + */ + +static int +eval_parent(pid_t pid) +{ + struct command *c; + char in; + size_t len = 0; + ssize_t sret; + + for (c = commands; c != NULL; c = c->next) { + switch(c->type) { + case CMD_EXPECT: + if (verbose) + printf("[expecting %s]", c->str); + len = 0; + alarm(timeout); + while((sret = read(master, &in, sizeof(in))) > 0) { + alarm(timeout); + printf("%c", in); + if (c->str[len] != in) { + len = 0; + continue; + } + len++; + if (c->str[len] == '\0') + break; + } + alarm(0); + if (alarmset == SIGALRM) + errx(1, "timeout waiting for %s (line %u)", + c->str, c->lineno); + else if (alarmset) + errx(1, "got a signal %d waiting for %s (line %u)", + alarmset, c->str, c->lineno); + if (sret <= 0) + errx(1, "end command while waiting for %s (line %u)", + c->str, c->lineno); + break; + case CMD_SEND: + case CMD_PASSWORD: { + size_t i = 0; + const char *msg = (c->type == CMD_PASSWORD) ? "****" : c->str; + + if (verbose) + printf("[send %s]", msg); + + len = strlen(c->str); + + while (i < len) { + if (c->str[i] == '\\' && i < len - 1) { + char ctrl; + i++; + switch(c->str[i]) { + case 'n': ctrl = '\n'; break; + case 'r': ctrl = '\r'; break; + case 't': ctrl = '\t'; break; + default: + errx(1, "unknown control char %c (line %u)", + c->str[i], c->lineno); + } + if (net_write(master, &ctrl, 1) != 1) + errx(1, "command refused input (line %u)", c->lineno); + } else { + if (net_write(master, &c->str[i], 1) != 1) + errx(1, "command refused input (line %u)", c->lineno); + } + i++; + } + break; + } + default: + abort(); + } + } + while(read(master, &in, sizeof(in)) > 0) + printf("%c", in); + + if (verbose) + printf("[end of program]\n"); + + /* + * Fetch status from child + */ + { + int ret, status; + + ret = waitpid(pid, &status, 0); + if (ret == -1) + err(1, "waitpid"); + if (WIFEXITED(status) && WEXITSTATUS(status)) + return WEXITSTATUS(status); + else if (WIFSIGNALED(status)) { + printf("killed by signal: %d\n", WTERMSIG(status)); + return 1; + } + } + return 0; +} + +/* + * + */ + +static struct getargs args[] = { + { "timeout", 't', arg_integer, &timeout, "timout", "seconds" }, + { "verbose", 'v', arg_counter, &verbose, "verbose debugging" }, + { "version", 0, arg_flag, &version_flag, "print version" }, + { "help", 0, arg_flag, &help_flag, NULL } +}; + +static void +usage(int ret) +{ + arg_printusage (args, sizeof(args)/sizeof(*args), NULL, "infile command.."); + exit (ret); +} + +int +main(int argc, char **argv) +{ + int optidx = 0; + pid_t pid; + + setprogname(argv[0]); + + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) + usage(1); + + if (help_flag) + usage (0); + + if (version_flag) { + fprintf (stderr, "%s from %s-%s\n", getprogname(), PACKAGE, VERSION); + return 0; + } + + argv += optidx; + argc -= optidx; + + if (argc < 2) + usage(1); + + parse_configuration(argv[0]); + + argv += 1; + + open_pty(); + + pid = fork(); + switch (pid) { + case -1: + err(1, "Failed to fork"); + case 0: + + if(setsid()<0) + err(1, "setsid"); + + dup2(slave, STDIN_FILENO); + dup2(slave, STDOUT_FILENO); + dup2(slave, STDERR_FILENO); + closefrom(STDERR_FILENO + 1); + + execvp(argv[0], argv); /* add NULL to end of array ? */ + err(1, "Failed to exec: %s", argv[0]); + default: + close(slave); + { + struct sigaction sa; + + sa.sa_handler = caught_signal; + sa.sa_flags = 0; + sigemptyset (&sa.sa_mask); + + sigaction(SIGALRM, &sa, NULL); + } + + return eval_parent(pid); + } +} diff --git a/lib/roken/roken-common.h b/lib/roken/roken-common.h index b835e880a249..a819d510d031 100644 --- a/lib/roken/roken-common.h +++ b/lib/roken/roken-common.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2005 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,16 +31,18 @@ * SUCH DAMAGE. */ -/* $Id: roken-common.h 20867 2007-06-03 21:00:45Z lha $ */ +/* $Id$ */ #ifndef __ROKEN_COMMON_H__ #define __ROKEN_COMMON_H__ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif @@ -120,6 +122,8 @@ #define O_ACCMODE 003 #endif +#ifndef _WIN32 + #ifndef _PATH_DEV #define _PATH_DEV "/dev/" #endif @@ -144,6 +148,16 @@ #define MAXPATHLEN (1024+4) #endif +#endif /* !_WIN32 */ + +#ifndef PATH_MAX +#define PATH_MAX MAX_PATH +#endif + +#ifndef RETSIGTYPE +#define RETSIGTYPE void +#endif + #ifndef SIG_ERR #define SIG_ERR ((RETSIGTYPE (*)(int))-1) #endif @@ -207,6 +221,10 @@ #define AI_NUMERICHOST 0x04 #endif +#ifndef AI_NUMERICSERV +#define AI_NUMERICSERV 0x08 +#endif + /* flags for getnameinfo() */ #ifndef NI_DGRAM @@ -261,145 +279,220 @@ ROKEN_CPP_START #ifndef IRIX4 /* fix for compiler bug */ +#ifndef _WIN32 #ifdef RETSIGTYPE typedef RETSIGTYPE (*SigAction)(int); SigAction signal(int iSig, SigAction pAction); /* BSD compatible */ #endif #endif +#endif -int ROKEN_LIB_FUNCTION +#define SE_E_UNSPECIFIED (-1) +#define SE_E_FORKFAILED (-2) +#define SE_E_WAITPIDFAILED (-3) +#define SE_E_EXECTIMEOUT (-4) +#define SE_E_NOEXEC 126 +#define SE_E_NOTFOUND 127 + +#define SE_PROCSTATUS(st) (((st) >= 0 && (st) < 126)? st: -1) +#define SE_PROCSIGNAL(st) (((st) >= 128)? (st) - 128: -1) +#define SE_IS_ERROR(st) ((st) < 0 || (st) >= 126) + + +#define simple_execve rk_simple_execve +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL simple_execve(const char*, char*const[], char*const[]); -int ROKEN_LIB_FUNCTION -simple_execve_timed(const char *, char *const[], - char *const [], time_t (*)(void *), +#define simple_execve_timed rk_simple_execve_timed +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +simple_execve_timed(const char *, char *const[], + char *const [], time_t (*)(void *), void *, time_t); -int ROKEN_LIB_FUNCTION + +#define simple_execvp rk_simple_execvp +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL simple_execvp(const char*, char *const[]); -int ROKEN_LIB_FUNCTION -simple_execvp_timed(const char *, char *const[], +#define simple_execvp_timed rk_simple_execvp_timed +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +simple_execvp_timed(const char *, char *const[], time_t (*)(void *), void *, time_t); -int ROKEN_LIB_FUNCTION + +#define simple_execlp rk_simple_execlp +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL simple_execlp(const char*, ...); -int ROKEN_LIB_FUNCTION +#define simple_execle rk_simple_execle +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL simple_execle(const char*, ...); -int ROKEN_LIB_FUNCTION -simple_execl(const char *file, ...); - -int ROKEN_LIB_FUNCTION +#define wait_for_process rk_wait_for_process +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL wait_for_process(pid_t); -int ROKEN_LIB_FUNCTION -wait_for_process_timed(pid_t, time_t (*)(void *), - void *, time_t); -int ROKEN_LIB_FUNCTION +#define wait_for_process_timed rk_wait_for_process_timed +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +wait_for_process_timed(pid_t, time_t (*)(void *), + void *, time_t); + +#define pipe_execv rk_pipe_execv +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL pipe_execv(FILE**, FILE**, FILE**, const char*, ...); -void ROKEN_LIB_FUNCTION +#define print_version rk_print_version +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL print_version(const char *); -ssize_t ROKEN_LIB_FUNCTION +#define eread rk_eread +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL eread (int fd, void *buf, size_t nbytes); -ssize_t ROKEN_LIB_FUNCTION +#define ewrite rk_ewrite +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL ewrite (int fd, const void *buf, size_t nbytes); struct hostent; -const char * ROKEN_LIB_FUNCTION +#define hostent_find_fqdn rk_hostent_find_fqdn +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL hostent_find_fqdn (const struct hostent *); -void ROKEN_LIB_FUNCTION +#define esetenv rk_esetenv +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL esetenv(const char *, const char *, int); -void ROKEN_LIB_FUNCTION +#define socket_set_address_and_port rk_socket_set_address_and_port +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL socket_set_address_and_port (struct sockaddr *, const void *, int); -size_t ROKEN_LIB_FUNCTION +#define socket_addr_size rk_socket_addr_size +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL socket_addr_size (const struct sockaddr *); -void ROKEN_LIB_FUNCTION +#define socket_set_any rk_socket_set_any +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL socket_set_any (struct sockaddr *, int); -size_t ROKEN_LIB_FUNCTION +#define socket_sockaddr_size rk_socket_sockaddr_size +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL socket_sockaddr_size (const struct sockaddr *); -void * ROKEN_LIB_FUNCTION -socket_get_address (struct sockaddr *); +#define socket_get_address rk_socket_get_address +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL +socket_get_address (const struct sockaddr *); -int ROKEN_LIB_FUNCTION +#define socket_get_port rk_socket_get_port +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL socket_get_port (const struct sockaddr *); -void ROKEN_LIB_FUNCTION +#define socket_set_port rk_socket_set_port +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL socket_set_port (struct sockaddr *, int); -void ROKEN_LIB_FUNCTION -socket_set_portrange (int, int, int); +#define socket_set_portrange rk_socket_set_portrange +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +socket_set_portrange (rk_socket_t, int, int); -void ROKEN_LIB_FUNCTION -socket_set_debug (int); +#define socket_set_debug rk_socket_set_debug +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +socket_set_debug (rk_socket_t); -void ROKEN_LIB_FUNCTION -socket_set_tos (int, int); +#define socket_set_tos rk_socket_set_tos +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +socket_set_tos (rk_socket_t, int); -void ROKEN_LIB_FUNCTION -socket_set_reuseaddr (int, int); +#define socket_set_reuseaddr rk_socket_set_reuseaddr +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +socket_set_reuseaddr (rk_socket_t, int); -void ROKEN_LIB_FUNCTION -socket_set_ipv6only (int, int); +#define socket_set_ipv6only rk_socket_set_ipv6only +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +socket_set_ipv6only (rk_socket_t, int); -char ** ROKEN_LIB_FUNCTION +#define socket_to_fd rk_socket_to_fd +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +socket_to_fd(rk_socket_t, int); + +#define vstrcollect rk_vstrcollect +ROKEN_LIB_FUNCTION char ** ROKEN_LIB_CALL vstrcollect(va_list *ap); -char ** ROKEN_LIB_FUNCTION +#define strcollect rk_strcollect +ROKEN_LIB_FUNCTION char ** ROKEN_LIB_CALL strcollect(char *first, ...); -void ROKEN_LIB_FUNCTION +#define timevalfix rk_timevalfix +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL timevalfix(struct timeval *t1); -void ROKEN_LIB_FUNCTION +#define timevaladd rk_timevaladd +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL timevaladd(struct timeval *t1, const struct timeval *t2); -void ROKEN_LIB_FUNCTION +#define timevalsub rk_timevalsub +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL timevalsub(struct timeval *t1, const struct timeval *t2); -char *ROKEN_LIB_FUNCTION +#define pid_file_write rk_pid_file_write +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL pid_file_write (const char *progname); -void ROKEN_LIB_FUNCTION +#define pid_file_delete rk_pid_file_delete +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL pid_file_delete (char **); -int ROKEN_LIB_FUNCTION +#define read_environment rk_read_environment +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL read_environment(const char *file, char ***env); -void ROKEN_LIB_FUNCTION +#define free_environment rk_free_environment +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL free_environment(char **); -void ROKEN_LIB_FUNCTION -warnerr(int doerrno, const char *fmt, va_list ap) +#define warnerr rk_warnerr +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +rk_warnerr(int doerrno, const char *fmt, va_list ap) __attribute__ ((format (printf, 2, 0))); -void * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL rk_realloc(void *, size_t); struct rk_strpool; -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL rk_strpoolcollect(struct rk_strpool *); -struct rk_strpool * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION struct rk_strpool * ROKEN_LIB_CALL rk_strpoolprintf(struct rk_strpool *, const char *, ...) __attribute__ ((format (printf, 2, 3))); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rk_strpoolfree(struct rk_strpool *); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rk_dumpdata (const char *, const void *, size_t); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_undumpdata (const char *, void **, size_t *); + +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +rk_xfree (void *); + +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +rk_cloexec(int); + +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +rk_cloexec_file(FILE *); + +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +rk_cloexec_dir(DIR *); + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +ct_memcmp(const void *, const void *, size_t); + +void ROKEN_LIB_FUNCTION +rk_random_init(void); + ROKEN_CPP_END #endif /* __ROKEN_COMMON_H__ */ diff --git a/lib/roken/roken.awk b/lib/roken/roken.awk index e0c19d7823af..47ae1960a4cb 100644 --- a/lib/roken/roken.awk +++ b/lib/roken/roken.awk @@ -1,10 +1,14 @@ -# $Id: roken.awk 15409 2005-06-16 16:29:58Z lha $ +# $Id$ BEGIN { - print "#ifdef HAVE_CONFIG_H" print "#include " - print "#endif" print "#include " + print "#ifdef HAVE_SYS_TYPES_H" + print "#include " + print "#endif" + print "#ifdef HAVE_SYS_SOCKET_H" + print "#include " + print "#endif" print "" print "int main(int argc, char **argv)" print "{" @@ -32,7 +36,6 @@ $1 == "#ifdef" || $1 == "#ifndef" || $1 == "#if" || $1 == "#else" || $1 == "#eli } END { - print "puts(\"#define ROKEN_VERSION \" VERSION );" print "puts(\"\");" print "puts(\"#endif /* __ROKEN_H__ */\");" print "return 0;" diff --git a/lib/roken/roken.h.in b/lib/roken/roken.h.in index cf2ee9ed7bdb..a6299aee8e55 100644 --- a/lib/roken/roken.h.in +++ b/lib/roken/roken.h.in @@ -1,6 +1,6 @@ /* -*- C -*- */ /* - * Copyright (c) 1995-2005 Kungliga Tekniska Högskolan + * Copyright (c) 1995-2005 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,8 +32,6 @@ * SUCH DAMAGE. */ -/* $Id: roken.h.in 18612 2006-10-19 16:35:16Z lha $ */ - #include #include #include @@ -43,6 +41,135 @@ #include #include +#ifndef ROKEN_LIB_FUNCTION +#ifdef _WIN32 +# define ROKEN_LIB_CALL __cdecl +# ifdef ROKEN_LIB_DYNAMIC +# define ROKEN_LIB_FUNCTION __declspec(dllimport) +# define ROKEN_LIB_VARIABLE __declspec(dllimport) +# else +# define ROKEN_LIB_FUNCTION +# define ROKEN_LIB_VARIABLE +# endif +#else +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL +#define ROKEN_LIB_VARIABLE +#endif +#endif + +#ifdef HAVE_WINSOCK +/* Declarations for Microsoft Windows */ + +#include +#include + +/* + * error codes for inet_ntop/inet_pton + */ +#define EAFNOSUPPORT WSAEAFNOSUPPORT + +typedef SOCKET rk_socket_t; + +#define rk_closesocket(x) closesocket(x) +#define rk_INVALID_SOCKET INVALID_SOCKET +#define rk_IS_BAD_SOCKET(s) ((s) == INVALID_SOCKET) +#define rk_IS_SOCKET_ERROR(rv) ((rv) == SOCKET_ERROR) +#define rk_SOCK_ERRNO WSAGetLastError() + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_SOCK_IOCTL(SOCKET s, long cmd, int * argp); + +#define ETIMEDOUT WSAETIMEDOUT +#define EWOULDBLOCK WSAEWOULDBLOCK +#define ENOTSOCK WSAENOTSOCK + +#define rk_SOCK_INIT() rk_WSAStartup() +#define rk_SOCK_EXIT() rk_WSACleanup() + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_WSAStartup(void); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_WSACleanup(void); + +#else /* not WinSock */ + +typedef int rk_socket_t; + +#define rk_closesocket(x) close(x) +#define rk_SOCK_IOCTL(s,c,a) ioctl((s),(c),(a)) +#define rk_IS_BAD_SOCKET(s) ((s) < 0) +#define rk_IS_SOCKET_ERROR(rv) ((rv) < 0) +#define rk_SOCK_ERRNO errno +#define rk_INVALID_SOCKET (-1) + +#define rk_SOCK_INIT() 0 +#define rk_SOCK_EXIT() do { } while(0) + +#endif + +#ifndef IN_LOOPBACKNET +#define IN_LOOPBACKNET 127 +#endif + +#ifdef _MSC_VER +/* Declarations for Microsoft Visual C runtime on Windows */ + +#include + +#include + +#ifndef __BIT_TYPES_DEFINED__ +#define __BIT_TYPES_DEFINED__ + +typedef __int8 int8_t; +typedef __int16 int16_t; +typedef __int32 int32_t; +typedef __int64 int64_t; +typedef unsigned __int8 uint8_t; +typedef unsigned __int16 uint16_t; +typedef unsigned __int32 uint32_t; +typedef unsigned __int64 uint64_t; +typedef uint8_t u_int8_t; +typedef uint16_t u_int16_t; +typedef uint32_t u_int32_t; +typedef uint64_t u_int64_t; + +#endif /* __BIT_TYPES_DEFINED__ */ + +#define UNREACHABLE(x) x +#define UNUSED_ARGUMENT(x) ((void) x) + +#define RETSIGTYPE void + +#define VOID_RETSIGTYPE 1 + +#ifdef VOID_RETSIGTYPE +#define SIGRETURN(x) return +#else +#define SIGRETURN(x) return (RETSIGTYPE)(x) +#endif + +#ifndef CPP_ONLY + +typedef int pid_t; + +typedef unsigned int gid_t; + +typedef unsigned int uid_t; + +typedef unsigned short mode_t; + +#endif + +#ifndef __cplusplus +#define inline __inline +#endif + +#else + +#define UNREACHABLE(x) +#define UNUSED_ARGUMENT(x) + +#endif + #ifdef _AIX struct ether_addr; struct sockaddr_dl; @@ -114,7 +241,7 @@ struct sockaddr_dl; #ifdef HAVE_TERMIOS_H #include #endif -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 +#ifdef HAVE_SYS_IOCTL_H #include #endif #ifdef TIME_WITH_SYS_TIME @@ -125,17 +252,32 @@ struct sockaddr_dl; #else #include #endif -#ifdef HAVE_STRINGS_H -#include -#endif #ifdef HAVE_PATHS_H #include #endif +#ifdef HAVE_DIRENT_H +#include +#endif + +#ifdef BACKSLASH_PATH_DELIM +#define rk_PATH_DELIM '\\' +#endif + #ifndef HAVE_SSIZE_T +#ifndef SSIZE_T_DEFINED +#ifdef ssize_t +#undef ssize_t +#endif +#ifdef _WIN64 +typedef __int64 ssize_t; +#else typedef int ssize_t; #endif +#define SSIZE_T_DEFINED +#endif /* SSIZE_T_DEFINED */ +#endif /* HAVE_SSIZE_T */ #include @@ -151,118 +293,264 @@ ROKEN_CPP_START #define setsid _setsid #endif +#ifdef _MSC_VER +/* Additional macros for Visual C/C++ runtime */ + +#define close _close + +#define getpid _getpid + +#define open _open + +#define chdir _chdir + +#define fsync _commit + +/* The MSVC implementation of snprintf is not C99 compliant. */ +#define snprintf rk_snprintf +#define vsnprintf rk_vsnprintf +#define vasnprintf rk_vasnprintf +#define vasprintf rk_vasprintf +#define asnprintf rk_asnprintf +#define asprintf rk_asprintf + +#define _PIPE_BUFFER_SZ 8192 +#define pipe(fds) _pipe((fds), _PIPE_BUFFER_SZ, O_BINARY); + +#define ftruncate(fd, sz) _chsize((fd), (sz)) + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_snprintf (char *str, size_t sz, const char *format, ...); + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_asprintf (char **ret, const char *format, ...); + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_asnprintf (char **ret, size_t max_sz, const char *format, ...); + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_vasprintf (char **ret, const char *format, va_list args); + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_vasnprintf (char **ret, size_t max_sz, const char *format, va_list args); + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_vsnprintf (char *str, size_t sz, const char *format, va_list args); + +/* missing stat.h predicates */ + +#define S_ISREG(m) (((m) & _S_IFREG) == _S_IFREG) + +#define S_ISDIR(m) (((m) & _S_IFDIR) == _S_IFDIR) + +#define S_ISCHR(m) (((m) & _S_IFCHR) == _S_IFCHR) + +#define S_ISFIFO(m) (((m) & _S_IFIFO) == _S_IFIFO) + +/* The following are not implemented: + + S_ISLNK(m) + S_ISSOCK(m) + S_ISBLK(m) +*/ + +#endif /* _MSC_VER */ + +#ifdef HAVE_WINSOCK + +/* While we are at it, define WinSock specific scatter gather socket + I/O. */ + +#define iovec _WSABUF +#define iov_base buf +#define iov_len len + +struct msghdr { + void *msg_name; + socklen_t msg_namelen; + struct iovec *msg_iov; + size_t msg_iovlen; + void *msg_control; + socklen_t msg_controllen; + int msg_flags; +}; + +#define sendmsg sendmsg_w32 + +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL +sendmsg_w32(rk_socket_t s, const struct msghdr * msg, int flags); + +#endif /* HAVE_WINSOCK */ + #ifndef HAVE_PUTENV -int ROKEN_LIB_FUNCTION putenv(const char *); +#define putenv rk_putenv +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL putenv(const char *); #endif #if !defined(HAVE_SETENV) || defined(NEED_SETENV_PROTO) -int ROKEN_LIB_FUNCTION setenv(const char *, const char *, int); +#ifndef HAVE_SETENV +#define setenv rk_setenv +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL setenv(const char *, const char *, int); #endif #if !defined(HAVE_UNSETENV) || defined(NEED_UNSETENV_PROTO) -void ROKEN_LIB_FUNCTION unsetenv(const char *); +#ifndef HAVE_UNSETENV +#define unsetenv rk_unsetenv +#endif +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL unsetenv(const char *); #endif #if !defined(HAVE_GETUSERSHELL) || defined(NEED_GETUSERSHELL_PROTO) -char * ROKEN_LIB_FUNCTION getusershell(void); -void ROKEN_LIB_FUNCTION endusershell(void); +#ifndef HAVE_GETUSERSHELL +#define getusershell rk_getusershell +#define endusershell rk_endusershell +#endif +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL getusershell(void); +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL endusershell(void); #endif #if !defined(HAVE_SNPRINTF) || defined(NEED_SNPRINTF_PROTO) -int ROKEN_LIB_FUNCTION snprintf (char *, size_t, const char *, ...) +#ifndef HAVE_SNPRINTF +#define snprintf rk_snprintf +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_snprintf (char *, size_t, const char *, ...) __attribute__ ((format (printf, 3, 4))); #endif #if !defined(HAVE_VSNPRINTF) || defined(NEED_VSNPRINTF_PROTO) -int ROKEN_LIB_FUNCTION - vsnprintf (char *, size_t, const char *, va_list) +#ifndef HAVE_VSNPRINTF +#define vsnprintf rk_vsnprintf +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_vsnprintf (char *, size_t, const char *, va_list) __attribute__((format (printf, 3, 0))); #endif #if !defined(HAVE_ASPRINTF) || defined(NEED_ASPRINTF_PROTO) -int ROKEN_LIB_FUNCTION - asprintf (char **, const char *, ...) +#ifndef HAVE_ASPRINTF +#define asprintf rk_asprintf +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_asprintf (char **, const char *, ...) __attribute__ ((format (printf, 2, 3))); #endif #if !defined(HAVE_VASPRINTF) || defined(NEED_VASPRINTF_PROTO) -int ROKEN_LIB_FUNCTION - vasprintf (char **, const char *, va_list) +#ifndef HAVE_VASPRINTF +#define vasprintf rk_vasprintf +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_vasprintf (char **, const char *, va_list) __attribute__((format (printf, 2, 0))); #endif #if !defined(HAVE_ASNPRINTF) || defined(NEED_ASNPRINTF_PROTO) -int ROKEN_LIB_FUNCTION - asnprintf (char **, size_t, const char *, ...) +#ifndef HAVE_ASNPRINTF +#define asnprintf rk_asnprintf +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_asnprintf (char **, size_t, const char *, ...) __attribute__ ((format (printf, 3, 4))); #endif #if !defined(HAVE_VASNPRINTF) || defined(NEED_VASNPRINTF_PROTO) -int ROKEN_LIB_FUNCTION +#ifndef HAVE_VASNPRINTF +#define vasnprintf rk_vasnprintf +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL vasnprintf (char **, size_t, const char *, va_list) __attribute__((format (printf, 3, 0))); #endif #ifndef HAVE_STRDUP -char * ROKEN_LIB_FUNCTION strdup(const char *); +#define strdup rk_strdup +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strdup(const char *); #endif #if !defined(HAVE_STRNDUP) || defined(NEED_STRNDUP_PROTO) -char * ROKEN_LIB_FUNCTION strndup(const char *, size_t); +#ifndef HAVE_STRNDUP +#define strndup rk_strndup +#endif +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strndup(const char *, size_t); #endif #ifndef HAVE_STRLWR -char * ROKEN_LIB_FUNCTION strlwr(char *); +#define strlwr rk_strlwr +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strlwr(char *); #endif #ifndef HAVE_STRNLEN -size_t ROKEN_LIB_FUNCTION strnlen(const char*, size_t); +#define strnlen rk_strnlen +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL strnlen(const char*, size_t); #endif #if !defined(HAVE_STRSEP) || defined(NEED_STRSEP_PROTO) -char * ROKEN_LIB_FUNCTION strsep(char**, const char*); +#ifndef HAVE_STRSEP +#define strsep rk_strsep +#endif +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strsep(char**, const char*); #endif #if !defined(HAVE_STRSEP_COPY) || defined(NEED_STRSEP_COPY_PROTO) -ssize_t ROKEN_LIB_FUNCTION strsep_copy(const char**, const char*, char*, size_t); +#ifndef HAVE_STRSEP_COPY +#define strsep_copy rk_strsep_copy +#endif +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL strsep_copy(const char**, const char*, char*, size_t); #endif #ifndef HAVE_STRCASECMP -int ROKEN_LIB_FUNCTION strcasecmp(const char *, const char *); +#define strcasecmp rk_strcasecmp +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL strcasecmp(const char *, const char *); #endif #ifdef NEED_FCLOSE_PROTO -int ROKEN_LIB_FUNCTION fclose(FILE *); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL fclose(FILE *); #endif #ifdef NEED_STRTOK_R_PROTO -char * ROKEN_LIB_FUNCTION strtok_r(char *, const char *, char **); +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strtok_r(char *, const char *, char **); #endif #ifndef HAVE_STRUPR -char * ROKEN_LIB_FUNCTION strupr(char *); +#define strupr rk_strupr +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strupr(char *); #endif #ifndef HAVE_STRLCPY -size_t ROKEN_LIB_FUNCTION strlcpy (char *, const char *, size_t); +#define strlcpy rk_strlcpy +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL strlcpy (char *, const char *, size_t); #endif #ifndef HAVE_STRLCAT -size_t ROKEN_LIB_FUNCTION strlcat (char *, const char *, size_t); +#define strlcat rk_strlcat +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL strlcat (char *, const char *, size_t); #endif #ifndef HAVE_GETDTABLESIZE -int ROKEN_LIB_FUNCTION getdtablesize(void); +#define getdtablesize rk_getdtablesize +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL getdtablesize(void); #endif #if !defined(HAVE_STRERROR) && !defined(strerror) -char * ROKEN_LIB_FUNCTION strerror(int); +#define strerror rk_strerror +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strerror(int); +#endif + +#if (!defined(HAVE_STRERROR_R) && !defined(strerror_r)) || (!defined(STRERROR_R_PROTO_COMPATIBLE) && defined(HAVE_STRERROR_R)) +int ROKEN_LIB_FUNCTION rk_strerror_r(int, char *, size_t); +#else +#define rk_strerror_r strerror_r #endif #if !defined(HAVE_HSTRERROR) || defined(NEED_HSTRERROR_PROTO) +#ifndef HAVE_HSTRERROR +#define hstrerror rk_hstrerror +#endif /* This causes a fatal error under Psoriasis */ -#if !(defined(SunOS) && (SunOS >= 50)) -const char * ROKEN_LIB_FUNCTION hstrerror(int); +#ifndef SunOS +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL hstrerror(int); #endif #endif @@ -271,118 +559,151 @@ extern int h_errno; #endif #if !defined(HAVE_INET_ATON) || defined(NEED_INET_ATON_PROTO) -int ROKEN_LIB_FUNCTION inet_aton(const char *, struct in_addr *); +#ifndef HAVE_INET_ATON +#define inet_aton rk_inet_aton +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL inet_aton(const char *, struct in_addr *); #endif #ifndef HAVE_INET_NTOP -const char * ROKEN_LIB_FUNCTION +#define inet_ntop rk_inet_ntop +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL inet_ntop(int af, const void *src, char *dst, size_t size); #endif #ifndef HAVE_INET_PTON -int ROKEN_LIB_FUNCTION +#define inet_pton rk_inet_pton +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL inet_pton(int, const char *, void *); #endif -#if !defined(HAVE_GETCWD) -char* ROKEN_LIB_FUNCTION getcwd(char *, size_t); +#ifndef HAVE_GETCWD +#define getcwd rk_getcwd +ROKEN_LIB_FUNCTION char* ROKEN_LIB_CALL getcwd(char *, size_t); #endif #ifdef HAVE_PWD_H #include -struct passwd * ROKEN_LIB_FUNCTION k_getpwnam (const char *); -struct passwd * ROKEN_LIB_FUNCTION k_getpwuid (uid_t); +ROKEN_LIB_FUNCTION struct passwd * ROKEN_LIB_CALL k_getpwnam (const char *); +ROKEN_LIB_FUNCTION struct passwd * ROKEN_LIB_CALL k_getpwuid (uid_t); #endif -const char * ROKEN_LIB_FUNCTION get_default_username (void); +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL get_default_username (void); #ifndef HAVE_SETEUID -int ROKEN_LIB_FUNCTION seteuid(uid_t); +#define seteuid rk_seteuid +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL seteuid(uid_t); #endif #ifndef HAVE_SETEGID -int ROKEN_LIB_FUNCTION setegid(gid_t); +#define setegid rk_setegid +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL setegid(gid_t); #endif #ifndef HAVE_LSTAT -int ROKEN_LIB_FUNCTION lstat(const char *, struct stat *); +#define lstat rk_lstat +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL lstat(const char *, struct stat *); #endif #if !defined(HAVE_MKSTEMP) || defined(NEED_MKSTEMP_PROTO) -int ROKEN_LIB_FUNCTION mkstemp(char *); +#ifndef HAVE_MKSTEMP +#define mkstemp rk_mkstemp +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL mkstemp(char *); #endif #ifndef HAVE_CGETENT -int ROKEN_LIB_FUNCTION cgetent(char **, char **, const char *); -int ROKEN_LIB_FUNCTION cgetstr(char *, const char *, char **); +#define cgetent rk_cgetent +#define cgetstr rk_cgetstr +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetent(char **, char **, const char *); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL cgetstr(char *, const char *, char **); #endif #ifndef HAVE_INITGROUPS -int ROKEN_LIB_FUNCTION initgroups(const char *, gid_t); +#define initgroups rk_initgroups +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL initgroups(const char *, gid_t); #endif #ifndef HAVE_FCHOWN -int ROKEN_LIB_FUNCTION fchown(int, uid_t, gid_t); +#define fchown rk_fchown +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL fchown(int, uid_t, gid_t); +#endif + +#ifdef RENAME_DOES_NOT_UNLINK +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_rename(const char *, const char *); +#else +#define rk_rename(__rk_rn_from,__rk_rn_to) rename(__rk_rn_from,__rk_rn_to) #endif #if !defined(HAVE_DAEMON) || defined(NEED_DAEMON_PROTO) -int ROKEN_LIB_FUNCTION daemon(int, int); +#ifndef HAVE_DAEMON +#define daemon rk_daemon #endif - -#ifndef HAVE_INNETGR -int ROKEN_LIB_FUNCTION innetgr(const char *, const char *, - const char *, const char *); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL daemon(int, int); #endif #ifndef HAVE_CHOWN -int ROKEN_LIB_FUNCTION chown(const char *, uid_t, gid_t); +#define chown rk_chown +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL chown(const char *, uid_t, gid_t); #endif #ifndef HAVE_RCMD -int ROKEN_LIB_FUNCTION +#define rcmd rk_rcmd +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rcmd(char **, unsigned short, const char *, const char *, const char *, int *); #endif #if !defined(HAVE_INNETGR) || defined(NEED_INNETGR_PROTO) -int ROKEN_LIB_FUNCTION innetgr(const char*, const char*, +#ifndef HAVE_INNETGR +#define innetgr rk_innetgr +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL innetgr(const char*, const char*, const char*, const char*); #endif #ifndef HAVE_IRUSEROK -int ROKEN_LIB_FUNCTION iruserok(unsigned, int, +#define iruserok rk_iruserok +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL iruserok(unsigned, int, const char *, const char *); #endif #if !defined(HAVE_GETHOSTNAME) || defined(NEED_GETHOSTNAME_PROTO) -int ROKEN_LIB_FUNCTION gethostname(char *, int); +#ifndef HAVE_GETHOSTNAME +#define gethostname rk_gethostname +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL gethostname(char *, int); #endif #ifndef HAVE_WRITEV -ssize_t ROKEN_LIB_FUNCTION +#define writev rk_writev +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL writev(int, const struct iovec *, int); #endif #ifndef HAVE_READV -ssize_t ROKEN_LIB_FUNCTION +#define readv rk_readv +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL readv(int, const struct iovec *, int); #endif -#ifndef HAVE_MKSTEMP -int ROKEN_LIB_FUNCTION -mkstemp(char *); -#endif - #ifndef HAVE_PIDFILE -void ROKEN_LIB_FUNCTION pidfile (const char*); +#ifdef NO_PIDFILES +#define pidfile(x) ((void) 0) +#else +#define pidfile rk_pidfile +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL pidfile (const char*); +#endif #endif #ifndef HAVE_BSWAP32 -unsigned int ROKEN_LIB_FUNCTION bswap32(unsigned int); +#define bswap32 rk_bswap32 +ROKEN_LIB_FUNCTION unsigned int ROKEN_LIB_CALL bswap32(unsigned int); #endif #ifndef HAVE_BSWAP16 -unsigned short ROKEN_LIB_FUNCTION bswap16(unsigned short); +#define bswap16 rk_bswap16 +ROKEN_LIB_FUNCTION unsigned short ROKEN_LIB_CALL bswap16(unsigned short); #endif #ifndef HAVE_FLOCK @@ -399,27 +720,41 @@ unsigned short ROKEN_LIB_FUNCTION bswap16(unsigned short); #define LOCK_UN 8 /* Unlock */ #endif -int flock(int fd, int operation); +#define flock(_x,_y) rk_flock(_x,_y) +int rk_flock(int fd, int operation); #endif /* HAVE_FLOCK */ -time_t ROKEN_LIB_FUNCTION tm2time (struct tm, int); +#ifndef HAVE_DIRFD +#ifdef HAVE_DIR_DD_FD +#define dirfd(x) ((x)->dd_fd) +#else +#ifndef _WIN32 /* Windows code never calls dirfd */ +#error Missing dirfd() and ->dd_fd +#endif +#endif +#endif -int ROKEN_LIB_FUNCTION unix_verify_user(char *, char *); +ROKEN_LIB_FUNCTION time_t ROKEN_LIB_CALL tm2time (struct tm, int); -int ROKEN_LIB_FUNCTION roken_concat (char *, size_t, ...); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unix_verify_user(char *, char *); -size_t ROKEN_LIB_FUNCTION roken_mconcat (char **, size_t, ...); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL roken_concat (char *, size_t, ...); -int ROKEN_LIB_FUNCTION roken_vconcat (char *, size_t, va_list); +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL roken_mconcat (char **, size_t, ...); -size_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL roken_vconcat (char *, size_t, va_list); + +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL roken_vmconcat (char **, size_t, va_list); -ssize_t ROKEN_LIB_FUNCTION net_write (int, const void *, size_t); +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL + net_write (rk_socket_t, const void *, size_t); -ssize_t ROKEN_LIB_FUNCTION net_read (int, void *, size_t); +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL + net_read (rk_socket_t, void *, size_t); -int ROKEN_LIB_FUNCTION issuid(void); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + issuid(void); #ifndef HAVE_STRUCT_WINSIZE struct winsize { @@ -428,43 +763,53 @@ struct winsize { }; #endif -int ROKEN_LIB_FUNCTION get_window_size(int fd, struct winsize *); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL get_window_size(int fd, int *, int *); #ifndef HAVE_VSYSLOG -void ROKEN_LIB_FUNCTION vsyslog(int, const char *, va_list); +#define vsyslog rk_vsyslog +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL vsyslog(int, const char *, va_list); +#endif + +#ifndef HAVE_GETOPT +#define getopt rk_getopt +#define optarg rk_optarg +#define optind rk_optind +#define opterr rk_opterr +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +getopt(int nargc, char * const *nargv, const char *ostr); #endif #if !HAVE_DECL_OPTARG -extern char *optarg; +ROKEN_LIB_VARIABLE extern char *optarg; #endif #if !HAVE_DECL_OPTIND -extern int optind; +ROKEN_LIB_VARIABLE extern int optind; #endif #if !HAVE_DECL_OPTERR -extern int opterr; -#endif - -#if !HAVE_DECL_ENVIRON -extern char **environ; +ROKEN_LIB_VARIABLE extern int opterr; #endif #ifndef HAVE_GETIPNODEBYNAME -struct hostent * ROKEN_LIB_FUNCTION +#define getipnodebyname rk_getipnodebyname +ROKEN_LIB_FUNCTION struct hostent * ROKEN_LIB_CALL getipnodebyname (const char *, int, int, int *); #endif #ifndef HAVE_GETIPNODEBYADDR -struct hostent * ROKEN_LIB_FUNCTION +#define getipnodebyaddr rk_getipnodebyaddr +ROKEN_LIB_FUNCTION struct hostent * ROKEN_LIB_CALL getipnodebyaddr (const void *, size_t, int, int *); #endif #ifndef HAVE_FREEHOSTENT -void ROKEN_LIB_FUNCTION +#define freehostent rk_freehostent +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL freehostent (struct hostent *); #endif #ifndef HAVE_COPYHOSTENT -struct hostent * ROKEN_LIB_FUNCTION +#define copyhostent rk_copyhostent +ROKEN_LIB_FUNCTION struct hostent * ROKEN_LIB_CALL copyhostent (const struct hostent *); #endif @@ -531,7 +876,8 @@ struct addrinfo { #endif #ifndef HAVE_GETADDRINFO -int ROKEN_LIB_FUNCTION +#define getaddrinfo rk_getaddrinfo +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL getaddrinfo(const char *, const char *, const struct addrinfo *, @@ -539,7 +885,8 @@ getaddrinfo(const char *, #endif #ifndef HAVE_GETNAMEINFO -int ROKEN_LIB_FUNCTION +#define getnameinfo rk_getnameinfo +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL getnameinfo(const struct sockaddr *, socklen_t, char *, size_t, char *, size_t, @@ -547,73 +894,80 @@ getnameinfo(const struct sockaddr *, socklen_t, #endif #ifndef HAVE_FREEADDRINFO -void ROKEN_LIB_FUNCTION +#define freeaddrinfo rk_freeaddrinfo +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL freeaddrinfo(struct addrinfo *); #endif #ifndef HAVE_GAI_STRERROR -const char * ROKEN_LIB_FUNCTION +#define gai_strerror rk_gai_strerror +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL gai_strerror(int); #endif -int ROKEN_LIB_FUNCTION +#ifdef NO_SLEEP + +ROKEN_LIB_FUNCTION unsigned int ROKEN_LIB_CALL +sleep(unsigned int seconds); + +#endif + +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL getnameinfo_verified(const struct sockaddr *, socklen_t, char *, size_t, char *, size_t, int); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL roken_getaddrinfo_hostspec(const char *, int, struct addrinfo **); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL roken_getaddrinfo_hostspec2(const char *, int, int, struct addrinfo **); #ifndef HAVE_STRFTIME -size_t ROKEN_LIB_FUNCTION +#define strftime rk_strftime +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL strftime (char *, size_t, const char *, const struct tm *); #endif #ifndef HAVE_STRPTIME -char * ROKEN_LIB_FUNCTION +#define strptime rk_strptime +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strptime (const char *, const char *, struct tm *); #endif +#ifndef HAVE_GETTIMEOFDAY +#define gettimeofday rk_gettimeofday +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +gettimeofday (struct timeval *, void *); +#endif + #ifndef HAVE_EMALLOC -void * ROKEN_LIB_FUNCTION emalloc (size_t); +#define emalloc rk_emalloc +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL emalloc (size_t); #endif #ifndef HAVE_ECALLOC -void * ROKEN_LIB_FUNCTION ecalloc(size_t, size_t); +#define ecalloc rk_ecalloc +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL ecalloc(size_t, size_t); #endif #ifndef HAVE_EREALLOC -void * ROKEN_LIB_FUNCTION erealloc (void *, size_t); +#define erealloc rk_erealloc +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL erealloc (void *, size_t); #endif #ifndef HAVE_ESTRDUP -char * ROKEN_LIB_FUNCTION estrdup (const char *); +#define estrdup rk_estrdup +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL estrdup (const char *); #endif /* * kludges and such */ -#if 1 -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL roken_gethostby_setup(const char*, const char*); -struct hostent* ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION struct hostent* ROKEN_LIB_CALL roken_gethostbyname(const char*); -struct hostent* ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION struct hostent* ROKEN_LIB_CALL roken_gethostbyaddr(const void*, size_t, int); -#else -#ifdef GETHOSTBYNAME_PROTO_COMPATIBLE -#define roken_gethostbyname(x) gethostbyname(x) -#else -#define roken_gethostbyname(x) gethostbyname((char *)x) -#endif - -#ifdef GETHOSTBYADDR_PROTO_COMPATIBLE -#define roken_gethostbyaddr(a, l, t) gethostbyaddr(a, l, t) -#else -#define roken_gethostbyaddr(a, l, t) gethostbyaddr((char *)a, l, t) -#endif -#endif #ifdef GETSERVBYNAME_PROTO_COMPATIBLE #define roken_getservbyname(x,y) getservbyname(x,y) @@ -634,71 +988,140 @@ roken_gethostbyaddr(const void*, size_t, int); #endif #ifndef HAVE_SETPROGNAME -void ROKEN_LIB_FUNCTION setprogname(const char *); +#define setprogname rk_setprogname +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL setprogname(const char *); #endif #ifndef HAVE_GETPROGNAME -const char * ROKEN_LIB_FUNCTION getprogname(void); +#define getprogname rk_getprogname +ROKEN_LIB_FUNCTION const char * ROKEN_LIB_CALL getprogname(void); #endif #if !defined(HAVE_SETPROGNAME) && !defined(HAVE_GETPROGNAME) && !HAVE_DECL___PROGNAME extern const char *__progname; #endif -void ROKEN_LIB_FUNCTION mini_inetd_addrinfo (struct addrinfo*); -void ROKEN_LIB_FUNCTION mini_inetd (int); +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +mini_inetd_addrinfo (struct addrinfo*, rk_socket_t *); + +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +mini_inetd (int, rk_socket_t *); #ifndef HAVE_LOCALTIME_R -struct tm * ROKEN_LIB_FUNCTION +#define localtime_r rk_localtime_r +ROKEN_LIB_FUNCTION struct tm * ROKEN_LIB_CALL localtime_r(const time_t *, struct tm *); #endif #if !defined(HAVE_STRSVIS) || defined(NEED_STRSVIS_PROTO) -int ROKEN_LIB_FUNCTION +#ifndef HAVE_STRSVIS +#define strsvis rk_strsvis +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL strsvis(char *, const char *, int, const char *); #endif +#if !defined(HAVE_STRSVISX) || defined(NEED_STRSVISX_PROTO) +#ifndef HAVE_STRSVISX +#define strsvisx rk_strsvisx +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +strsvisx(char *, const char *, size_t, int, const char *); +#endif + #if !defined(HAVE_STRUNVIS) || defined(NEED_STRUNVIS_PROTO) -int ROKEN_LIB_FUNCTION +#ifndef HAVE_STRUNVIS +#define strunvis rk_strunvis +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL strunvis(char *, const char *); #endif #if !defined(HAVE_STRVIS) || defined(NEED_STRVIS_PROTO) -int ROKEN_LIB_FUNCTION +#ifndef HAVE_STRVIS +#define strvis rk_strvis +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL strvis(char *, const char *, int); #endif #if !defined(HAVE_STRVISX) || defined(NEED_STRVISX_PROTO) -int ROKEN_LIB_FUNCTION +#ifndef HAVE_STRVISX +#define strvisx rk_strvisx +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL strvisx(char *, const char *, size_t, int); #endif #if !defined(HAVE_SVIS) || defined(NEED_SVIS_PROTO) -char * ROKEN_LIB_FUNCTION +#ifndef HAVE_SVIS +#define svis rk_svis +#endif +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL svis(char *, int, int, int, const char *); #endif #if !defined(HAVE_UNVIS) || defined(NEED_UNVIS_PROTO) -int ROKEN_LIB_FUNCTION +#ifndef HAVE_UNVIS +#define unvis rk_unvis +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unvis(char *, int, int *, int); #endif #if !defined(HAVE_VIS) || defined(NEED_VIS_PROTO) -char * ROKEN_LIB_FUNCTION +#ifndef HAVE_VIS +#define vis rk_vis +#endif +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL vis(char *, int, int, int); #endif #if !defined(HAVE_CLOSEFROM) -int ROKEN_LIB_FUNCTION +#define closefrom rk_closefrom +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL closefrom(int); #endif #if !defined(HAVE_TIMEGM) #define timegm rk_timegm -time_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION time_t ROKEN_LIB_CALL rk_timegm(struct tm *tm); #endif +#ifdef NEED_QSORT +#define qsort rk_qsort +void +rk_qsort(void *, size_t, size_t, int (*)(const void *, const void *)); +#endif + +#if defined(HAVE_ARC4RANDOM) +#define rk_random() arc4random() +#elif defined(HAVE_RANDOM) +#define rk_random() random() +#else +#define rk_random() rand() +#endif + +#ifndef HAVE_TDELETE +#define tdelete(a,b,c) rk_tdelete(a,b,c) +#endif +#ifndef HAVE_TFIND +#define tfind(a,b,c) rk_tfind(a,b,c) +#endif +#ifndef HAVE_TSEARCH +#define tsearch(a,b,c) rk_tsearch(a,b,c) +#endif +#ifndef HAVE_TWALK +#define twalk(a,b) rk_twalk(a,b) +#endif + +#if defined(__linux__) && defined(SOCK_CLOEXEC) && !defined(SOCKET_WRAPPER_REPLACE) && !defined(__SOCKET_WRAPPER_H__) +#undef socket +#define socket(_fam,_type,_prot) rk_socket(_fam,_type,_prot) +int ROKEN_LIB_FUNCTION rk_socket(int, int, int); +#endif + #ifdef SOCKET_WRAPPER_REPLACE #include #endif diff --git a/lib/roken/roken_gethostby.c b/lib/roken/roken_gethostby.c index ff0af86ef4c1..1bb560d3baf4 100644 --- a/lib/roken/roken_gethostby.c +++ b/lib/roken/roken_gethostby.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: roken_gethostby.c 21157 2007-06-18 22:03:13Z lha $"); -#endif #include "roken.h" @@ -69,11 +66,13 @@ setup_int(const char *proxy_host, short proxy_port, memset(&dns_addr, 0, sizeof(dns_addr)); if(dns_req) free(dns_req); + dns_req = NULL; if(proxy_host) { if(make_address(proxy_host, &dns_addr.sin_addr) != 0) return -1; dns_addr.sin_port = htons(proxy_port); - asprintf(&dns_req, "http://%s:%d%s", dns_host, dns_port, dns_path); + if (asprintf(&dns_req, "http://%s:%d%s", dns_host, dns_port, dns_path) < 0) + return -1; } else { if(make_address(dns_host, &dns_addr.sin_addr) != 0) return -1; @@ -98,25 +97,25 @@ split_spec(const char *spec, char **host, int *port, char **path, int def_port) *port = def_port; p = strchr(p ? p : *host, '/'); if(p) { - if(path) + if(path) *path = strdup(p); *p = '\0'; }else - if(path) + if(path) *path = NULL; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL roken_gethostby_setup(const char *proxy_spec, const char *dns_spec) { char *proxy_host = NULL; int proxy_port = 0; char *dns_host, *dns_path; int dns_port; - + int ret = -1; - + split_spec(dns_spec, &dns_host, &dns_port, &dns_path, 80); if(dns_path == NULL) goto out; @@ -129,7 +128,7 @@ roken_gethostby_setup(const char *proxy_spec, const char *dns_spec) free(dns_path); return ret; } - + /* Try to lookup a name or an ip-address using http as transport mechanism. See the end of this file for an example program. */ @@ -138,16 +137,18 @@ roken_gethostby(const char *hostname) { int s; struct sockaddr_in addr; - char *request; + char *request = NULL; char buf[1024]; int offset = 0; int n; char *p, *foo; - + size_t len; + if(dns_addr.sin_family == 0) return NULL; /* no configured host */ addr = dns_addr; - asprintf(&request, "GET %s?%s HTTP/1.0\r\n\r\n", dns_req, hostname); + if (asprintf(&request, "GET %s?%s HTTP/1.0\r\n\r\n", dns_req, hostname) < 0) + return NULL; if(request == NULL) return NULL; s = socket(AF_INET, SOCK_STREAM, 0); @@ -160,7 +161,9 @@ roken_gethostby(const char *hostname) free(request); return NULL; } - if(write(s, request, strlen(request)) != strlen(request)) { + + len = strlen(request); + if(write(s, request, len) != (ssize_t)len) { close(s); free(request); return NULL; @@ -188,12 +191,12 @@ roken_gethostby(const char *hostname) static char addrs[4 * MAX_ADDRS]; static char *addr_list[MAX_ADDRS + 1]; int num_addrs = 0; - + he.h_name = p; he.h_aliases = NULL; he.h_addrtype = AF_INET; he.h_length = 4; - + while((p = strtok_r(NULL, " \t\r\n", &foo)) && num_addrs < MAX_ADDRS) { struct in_addr ip; inet_aton(p, &ip); @@ -210,7 +213,7 @@ roken_gethostby(const char *hostname) } } -struct hostent* +ROKEN_LIB_FUNCTION struct hostent* ROKEN_LIB_CALL roken_gethostbyname(const char *hostname) { struct hostent *he; @@ -220,7 +223,7 @@ roken_gethostbyname(const char *hostname) return roken_gethostby(hostname); } -struct hostent* ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION struct hostent* ROKEN_LIB_CALL roken_gethostbyaddr(const void *addr, size_t len, int type) { struct in_addr a; @@ -253,7 +256,7 @@ main(int argc, char **argv) char host[MAXHOSTNAMELEN]; int i; struct hostent *he; - + printf("Content-type: text/plain\n\n"); if(query == NULL) exit(0); diff --git a/lib/roken/rtbl.3 b/lib/roken/rtbl.3 index ccdc73f77a31..0d70918836f2 100644 --- a/lib/roken/rtbl.3 +++ b/lib/roken/rtbl.3 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan +.\" Copyright (c) 2004 Kungliga Tekniska Högskolan .\" (Royal Institute of Technology, Stockholm, Sweden). .\" All rights reserved. .\" @@ -28,7 +28,7 @@ .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. -.\" $Id: rtbl.3 22088 2007-11-25 14:10:15Z lha $ +.\" $Id$ .\" .Dd June 26, 2004 .Dt RTBL 3 @@ -89,7 +89,7 @@ would be output from tools such as or .Xr netstat 1 , where you have a fixed number of columns, but don't know the column -widthds before hand. +widths before hand. .Pp A table is created with .Fn rtbl_create diff --git a/lib/roken/rtbl.c b/lib/roken/rtbl.c index dd4328f36208..fe0fde662b86 100644 --- a/lib/roken/rtbl.c +++ b/lib/roken/rtbl.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 2000, 2002, 2004 Kungliga Tekniska Högskolan + * Copyright (c) 2000, 2002, 2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,8 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID ("$Id: rtbl.c 17758 2006-06-30 13:41:40Z lha $"); -#endif + #include "roken.h" #include "rtbl.h" @@ -61,19 +59,19 @@ struct rtbl_data { char *column_separator; }; -rtbl_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION rtbl_t ROKEN_LIB_CALL rtbl_create (void) { return calloc (1, sizeof (struct rtbl_data)); } -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rtbl_set_flags (rtbl_t table, unsigned int flags) { table->flags = flags; } -unsigned int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION unsigned int ROKEN_LIB_CALL rtbl_get_flags (rtbl_t table) { return table->flags; @@ -82,7 +80,7 @@ rtbl_get_flags (rtbl_t table) static struct column_data * rtbl_get_column_by_id (rtbl_t table, unsigned int id) { - int i; + size_t i; for(i = 0; i < table->num_columns; i++) if(table->columns[i]->column_id == id) return table->columns[i]; @@ -92,17 +90,17 @@ rtbl_get_column_by_id (rtbl_t table, unsigned int id) static struct column_data * rtbl_get_column (rtbl_t table, const char *column) { - int i; + size_t i; for(i = 0; i < table->num_columns; i++) if(strcmp(table->columns[i]->header, column) == 0) return table->columns[i]; return NULL; } -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rtbl_destroy (rtbl_t table) { - int i, j; + size_t i, j; for (i = 0; i < table->num_columns; i++) { struct column_data *c = table->columns[i]; @@ -121,8 +119,8 @@ rtbl_destroy (rtbl_t table) free (table); } -int ROKEN_LIB_FUNCTION -rtbl_add_column_by_id (rtbl_t table, unsigned int id, +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rtbl_add_column_by_id (rtbl_t table, unsigned int id, const char *header, unsigned int flags) { struct column_data *col, **tmp; @@ -150,13 +148,13 @@ rtbl_add_column_by_id (rtbl_t table, unsigned int id, return 0; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_add_column (rtbl_t table, const char *header, unsigned int flags) { return rtbl_add_column_by_id(table, 0, header, flags); } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_new_row(rtbl_t table) { size_t max_rows = 0; @@ -169,7 +167,7 @@ rtbl_new_row(rtbl_t table) if(table->columns[c]->num_rows == max_rows) continue; - tmp = realloc(table->columns[c]->rows, + tmp = realloc(table->columns[c]->rows, max_rows * sizeof(table->columns[c]->rows)); if(tmp == NULL) return ENOMEM; @@ -185,18 +183,18 @@ rtbl_new_row(rtbl_t table) static void column_compute_width (rtbl_t table, struct column_data *column) { - int i; + size_t i; if(table->flags & RTBL_HEADER_STYLE_NONE) column->width = 0; else column->width = strlen (column->header); for (i = 0; i < column->num_rows; i++) - column->width = max (column->width, strlen (column->rows[i].data)); + column->width = max (column->width, (int) strlen (column->rows[i].data)); } /* DEPRECATED */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_set_prefix (rtbl_t table, const char *prefix) { if (table->column_prefix) @@ -207,7 +205,7 @@ rtbl_set_prefix (rtbl_t table, const char *prefix) return 0; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_set_separator (rtbl_t table, const char *separator) { if (table->column_separator) @@ -218,7 +216,7 @@ rtbl_set_separator (rtbl_t table, const char *separator) return 0; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_set_column_prefix (rtbl_t table, const char *column, const char *prefix) { @@ -234,7 +232,7 @@ rtbl_set_column_prefix (rtbl_t table, const char *column, return 0; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_set_column_affix_by_id(rtbl_t table, unsigned int id, const char *prefix, const char *suffix) { @@ -303,7 +301,7 @@ add_column_entry (struct column_data *c, const char *data) return 0; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_add_column_entry_by_id (rtbl_t table, unsigned int id, const char *data) { struct column_data *c = rtbl_get_column_by_id (table, id); @@ -314,7 +312,7 @@ rtbl_add_column_entry_by_id (rtbl_t table, unsigned int id, const char *data) return add_column_entry(c, data); } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_add_column_entryv_by_id (rtbl_t table, unsigned int id, const char *fmt, ...) { @@ -332,7 +330,7 @@ rtbl_add_column_entryv_by_id (rtbl_t table, unsigned int id, return ret; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_add_column_entry (rtbl_t table, const char *column, const char *data) { struct column_data *c = rtbl_get_column (table, column); @@ -343,7 +341,7 @@ rtbl_add_column_entry (rtbl_t table, const char *column, const char *data) return add_column_entry(c, data); } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_add_column_entryv (rtbl_t table, const char *column, const char *fmt, ...) { va_list ap; @@ -361,10 +359,10 @@ rtbl_add_column_entryv (rtbl_t table, const char *column, const char *fmt, ...) } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_format (rtbl_t table, FILE * f) { - int i, j; + size_t i, j; for (i = 0; i < table->num_columns; i++) column_compute_width (table, table->columns[i]); diff --git a/lib/roken/rtbl.cat3 b/lib/roken/rtbl.cat3 new file mode 100644 index 000000000000..3862cd5936e6 --- /dev/null +++ b/lib/roken/rtbl.cat3 @@ -0,0 +1,151 @@ + +RTBL(3) BSD Library Functions Manual RTBL(3) + +NNAAMMEE + rrttbbll__ccrreeaattee, rrttbbll__ddeessttrrooyy, rrttbbll__sseett__ffllaaggss, rrttbbll__ggeett__ffllaaggss, + rrttbbll__sseett__pprreeffiixx, rrttbbll__sseett__sseeppaarraattoorr, rrttbbll__sseett__ccoolluummnn__pprreeffiixx, + rrttbbll__sseett__ccoolluummnn__aaffffiixx__bbyy__iidd, rrttbbll__aadddd__ccoolluummnn, rrttbbll__aadddd__ccoolluummnn__bbyy__iidd, + rrttbbll__aadddd__ccoolluummnn__eennttrryy, rrttbbll__aadddd__ccoolluummnn__eennttrryy__bbyy__iidd, rrttbbll__nneeww__rrooww, + rrttbbll__ffoorrmmaatt -- format data in simple tables + +LLIIBBRRAARRYY + The roken library (libroken, -lroken) + +SSYYNNOOPPSSIISS + ##iinncclluuddee <> + + _i_n_t + rrttbbll__aadddd__ccoolluummnn(_r_t_b_l___t _t_a_b_l_e, _c_o_n_s_t _c_h_a_r _*_c_o_l_u_m_n___n_a_m_e, + _u_n_s_i_g_n_e_d _i_n_t _f_l_a_g_s); + + _i_n_t + rrttbbll__aadddd__ccoolluummnn__bbyy__iidd(_r_t_b_l___t _t_a_b_l_e, _u_n_s_i_g_n_e_d _i_n_t _c_o_l_u_m_n___i_d, + _c_o_n_s_t _c_h_a_r _*_c_o_l_u_m_n___h_e_a_d_e_r, _u_n_s_i_g_n_e_d _i_n_t _f_l_a_g_s); + + _i_n_t + rrttbbll__aadddd__ccoolluummnn__eennttrryy(_r_t_b_l___t _t_a_b_l_e, _c_o_n_s_t _c_h_a_r _*_c_o_l_u_m_n___n_a_m_e, + _c_o_n_s_t _c_h_a_r _*_c_e_l_l___e_n_t_r_y); + + _i_n_t + rrttbbll__aadddd__ccoolluummnn__eennttrryy__bbyy__iidd(_r_t_b_l___t _t_a_b_l_e, _u_n_s_i_g_n_e_d _i_n_t _c_o_l_u_m_n___i_d, + _c_o_n_s_t _c_h_a_r _*_c_e_l_l___e_n_t_r_y); + + _r_t_b_l___t + rrttbbll__ccrreeaattee(_v_o_i_d); + + _v_o_i_d + rrttbbll__ddeessttrrooyy(_r_t_b_l___t _t_a_b_l_e); + + _i_n_t + rrttbbll__nneeww__rrooww(_r_t_b_l___t _t_a_b_l_e); + + _i_n_t + rrttbbll__sseett__ccoolluummnn__aaffffiixx__bbyy__iidd(_r_t_b_l___t _t_a_b_l_e, _u_n_s_i_g_n_e_d _i_n_t _c_o_l_u_m_n___i_d, _c_o_n_s_t, + _c_h_a_r, _*_p_r_e_f_i_x_", _c_o_n_s_t _c_h_a_r _*_s_u_f_f_i_x); + + _i_n_t + rrttbbll__sseett__ccoolluummnn__pprreeffiixx(_r_t_b_l___t _t_a_b_l_e, _c_o_n_s_t _c_h_a_r _*_c_o_l_u_m_n___n_a_m_e, + _c_o_n_s_t _c_h_a_r _*_p_r_e_f_i_x); + + _u_n_s_i_g_n_e_d _i_n_t + rrttbbll__ggeett__ffllaaggss(_r_t_b_l___t _t_a_b_l_e); + + _v_o_i_d + rrttbbll__sseett__ffllaaggss(_r_t_b_l___t _t_a_b_l_e, _u_n_s_i_g_n_e_d _i_n_t _f_l_a_g_s); + + _i_n_t + rrttbbll__sseett__pprreeffiixx(_r_t_b_l___t _t_a_b_l_e, _c_o_n_s_t _c_h_a_r _*_p_r_e_f_i_x); + + _i_n_t + rrttbbll__sseett__sseeppaarraattoorr(_r_t_b_l___t _t_a_b_l_e, _c_o_n_s_t _c_h_a_r _*_s_e_p_a_r_a_t_o_r); + + _i_n_t + rrttbbll__ffoorrmmaatt(_r_t_b_l___t _t_a_b_l_e, _F_I_L_E, _*_f_i_l_e_"); + +DDEESSCCRRIIPPTTIIOONN + This set of functions assemble a simple table consisting of rows and col- + umns, allowing it to be printed with certain options. Typical use would + be output from tools such as ls(1) or netstat(1), where you have a fixed + number of columns, but don't know the column widths before hand. + + A table is created with rrttbbll__ccrreeaattee() and destroyed with rrttbbll__ddeessttrrooyy(). + + Global flags on the table are set with _r_t_b_l___s_e_t___f_l_a_g_s and retrieved with + _r_t_b_l___g_e_t___f_l_a_g_s. At present the only defined flag is + RTBL_HEADER_STYLE_NONE which suppresses printing the header. + + Before adding data to the table, one or more columns need to be created. + This would normally be done with rrttbbll__aadddd__ccoolluummnn__bbyy__iidd(), _c_o_l_u_m_n___i_d is + any number of your choice (it's used only to identify columns), + _c_o_l_u_m_n___h_e_a_d_e_r is the header to print at the top of the column, and _f_l_a_g_s + are flags specific to this column. Currently the only defined flag is + RTBL_ALIGN_RIGHT, aligning column entries to the right. Columns are + printed in the order they are added. + + There's also a way to add columns by column name with rrttbbll__aadddd__ccoolluummnn(), + but this is less flexible (you need unique header names), and is consid- + ered deprecated. + + To add data to a column you use rrttbbll__aadddd__ccoolluummnn__eennttrryy__bbyy__iidd(), where the + _c_o_l_u_m_n___i_d is the same as when the column was added (adding data to a non- + existent column is undefined), and _c_e_l_l___e_n_t_r_y is whatever string you wish + to include in that cell. It should not include newlines. For columns + added with rrttbbll__aadddd__ccoolluummnn() you must use rrttbbll__aadddd__ccoolluummnn__eennttrryy() + instead. + + rrttbbll__nneeww__rrooww() fills all columns with blank entries until they all have + the same number of rows. + + Each column can have a separate prefix and suffix, set with + _r_t_b_l___s_e_t___c_o_l_u_m_n___a_f_f_i_x___b_y___i_d; _r_t_b_l___s_e_t___c_o_l_u_m_n___p_r_e_f_i_x allows setting the + prefix only by column name. In addition to this, columns may be separated + by a string set with _r_t_b_l___s_e_t___s_e_p_a_r_a_t_o_r (by default columns are not + seprated by anything). + + The finished table is printed to _f_i_l_e with _r_t_b_l___f_o_r_m_a_t. + +EEXXAAMMPPLLEESS + This program: + + #include + #include + int + main(int argc, char **argv) + { + rtbl_t table; + table = rtbl_create(); + rtbl_set_separator(table, " "); + rtbl_add_column_by_id(table, 0, "Column A", 0); + rtbl_add_column_by_id(table, 1, "Column B", RTBL_ALIGN_RIGHT); + rtbl_add_column_by_id(table, 2, "Column C", 0); + rtbl_add_column_entry_by_id(table, 0, "A-1"); + rtbl_add_column_entry_by_id(table, 0, "A-2"); + rtbl_add_column_entry_by_id(table, 0, "A-3"); + rtbl_add_column_entry_by_id(table, 1, "B-1"); + rtbl_add_column_entry_by_id(table, 2, "C-1"); + rtbl_add_column_entry_by_id(table, 2, "C-2"); + rtbl_add_column_entry_by_id(table, 1, "B-2"); + rtbl_add_column_entry_by_id(table, 1, "B-3"); + rtbl_add_column_entry_by_id(table, 2, "C-3"); + rtbl_add_column_entry_by_id(table, 0, "A-4"); + rtbl_new_row(table); + rtbl_add_column_entry_by_id(table, 1, "B-4"); + rtbl_new_row(table); + rtbl_add_column_entry_by_id(table, 2, "C-4"); + rtbl_new_row(table); + rtbl_format(table, stdout); + rtbl_destroy(table); + return 0; + } + + will output the following: + + Column A Column B Column C + A-1 B-1 C-1 + A-2 B-2 C-2 + A-3 B-3 C-3 + A-4 + B-4 + C-4 + +HEIMDAL June 26, 2004 HEIMDAL diff --git a/lib/roken/rtbl.h b/lib/roken/rtbl.h index 9b168c7e7306..549d3a8aa415 100644 --- a/lib/roken/rtbl.h +++ b/lib/roken/rtbl.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 2000,2004 Kungliga Tekniska Högskolan + * Copyright (c) 2000,2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -30,16 +30,18 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ -/* $Id: rtbl.h 17760 2006-06-30 13:42:39Z lha $ */ +/* $Id$ */ #ifndef __rtbl_h__ #define __rtbl_h__ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif @@ -60,55 +62,55 @@ typedef struct rtbl_data *rtbl_t; /* flags */ #define RTBL_HEADER_STYLE_NONE 1 -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_add_column (rtbl_t, const char*, unsigned int); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_add_column_by_id (rtbl_t, unsigned int, const char*, unsigned int); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_add_column_entryv_by_id (rtbl_t table, unsigned int id, const char *fmt, ...) __attribute__ ((format (printf, 3, 0))); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_add_column_entry (rtbl_t, const char*, const char*); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_add_column_entryv (rtbl_t, const char*, const char*, ...) __attribute__ ((format (printf, 3, 0))); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_add_column_entry_by_id (rtbl_t, unsigned int, const char*); -rtbl_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION rtbl_t ROKEN_LIB_CALL rtbl_create (void); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rtbl_destroy (rtbl_t); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_format (rtbl_t, FILE*); -unsigned int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION unsigned int ROKEN_LIB_CALL rtbl_get_flags (rtbl_t); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_new_row (rtbl_t); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_set_column_affix_by_id (rtbl_t, unsigned int, const char*, const char*); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_set_column_prefix (rtbl_t, const char*, const char*); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rtbl_set_flags (rtbl_t, unsigned int); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_set_prefix (rtbl_t, const char*); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rtbl_set_separator (rtbl_t, const char*); #ifdef __cplusplus diff --git a/lib/roken/search.hin b/lib/roken/search.hin new file mode 100644 index 000000000000..b4edcffbb157 --- /dev/null +++ b/lib/roken/search.hin @@ -0,0 +1,44 @@ +/*- + * Written by J.T. Conklin + * Public domain. + * + * $NetBSD: search.h,v 1.12 1999/02/22 10:34:28 christos Exp $ + */ + +#ifndef _rk_SEARCH_H_ +#define _rk_SEARCH_H_ 1 + +#ifndef ROKEN_LIB_FUNCTION +#ifdef _WIN32 +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl +#else +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL +#endif +#endif + +#ifndef _WIN32 +#include +#endif +#include + +typedef enum { + preorder, + postorder, + endorder, + leaf +} VISIT; + +ROKEN_CPP_START + +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL rk_tdelete(const void * __restrict, void ** __restrict, + int (*)(const void *, const void *)); +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL rk_tfind(const void *, void * const *, + int (*)(const void *, const void *)); +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL rk_tsearch(const void *, void **, int (*)(const void *, const void *)); +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rk_twalk(const void *, void (*)(const void *, VISIT, int)); + +ROKEN_CPP_END + +#endif /* !_rk_SEARCH_H_ */ diff --git a/lib/roken/sendmsg.c b/lib/roken/sendmsg.c index e7478bfe2d69..c6853772ad78 100644 --- a/lib/roken/sendmsg.c +++ b/lib/roken/sendmsg.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,15 +31,14 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: sendmsg.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" -ssize_t ROKEN_LIB_FUNCTION -sendmsg(int s, const struct msghdr *msg, int flags) +#ifndef _WIN32 + +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL +sendmsg(rk_socket_t s, const struct msghdr *msg, int flags) { ssize_t ret; size_t tot = 0; @@ -63,3 +62,87 @@ sendmsg(int s, const struct msghdr *msg, int flags) free (buf); return ret; } + +#else /* _WIN32 */ + +/*********************************************************************** + * Copyright (c) 2009, Secure Endpoints Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * - Neither the name of Secure Endpoints Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + **********************************************************************/ + +/** + * Implementation of sendmsg() for WIN32 + * + * We are using a contrived definition of msghdr which actually uses + * an array of ::_WSABUF structures instead of ::iovec . This allows + * us to call WSASend directly using the given ::msghdr instead of + * having to allocate another array of ::_WSABUF and copying data for + * each call. + * + * Limitations: + * + * - msg->msg_name is ignored. So is msg->control. + * - WSASend() only supports ::MSG_DONTROUTE, ::MSG_OOB and + * ::MSG_PARTIAL. + * + * @param[in] s The socket to use. + * @param[in] msg The message + * @param[in] flags Flags. A combination of ::MSG_DONTROUTE, + * ::MSG_OOB and ::MSG_PARTIAL + * + * @return The number of bytes sent, on success. Or -1 on error. + */ +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL +sendmsg_w32(rk_socket_t s, const struct msghdr * msg, int flags) +{ + int srv; + DWORD num_bytes_sent = 0; + + /* TODO: For _WIN32_WINNT >= 0x0600 we can use WSASendMsg using + WSAMSG which is a much more direct analogue to sendmsg(). */ + + srv = WSASend(s, msg->msg_iov, msg->msg_iovlen, + &num_bytes_sent, flags, NULL, NULL); + + if (srv == 0) + return (int) num_bytes_sent; + + /* srv == SOCKET_ERROR and WSAGetLastError() == WSA_IO_PENDING + indicates that a non-blocking transfer has been scheduled. + We'll have to check for that if we ever support non-blocking + I/O. */ + + return -1; +} + +#endif /* !_WIN32 */ diff --git a/lib/roken/setegid.c b/lib/roken/setegid.c index 14d99eecb86a..d9aef122ddb8 100644 --- a/lib/roken/setegid.c +++ b/lib/roken/setegid.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: setegid.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #ifdef HAVE_UNISTD_H #include @@ -42,7 +39,7 @@ RCSID("$Id: setegid.c 14773 2005-04-12 11:29:18Z lha $"); #include "roken.h" -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL setegid(gid_t egid) { #ifdef HAVE_SETREGID diff --git a/lib/roken/setenv.c b/lib/roken/setenv.c index 2bf09bec9d83..b4dbefef26fa 100644 --- a/lib/roken/setenv.c +++ b/lib/roken/setenv.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: setenv.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" @@ -47,20 +44,31 @@ RCSID("$Id: setenv.c 14773 2005-04-12 11:29:18Z lha $"); * anyway. */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL setenv(const char *var, const char *val, int rewrite) { - char *t; +#ifndef _WIN32 + char *t = NULL; if (!rewrite && getenv(var) != 0) return 0; - - asprintf (&t, "%s=%s", var, val); - if (t == NULL) + + if (asprintf (&t, "%s=%s", var, val) < 0 || t == NULL) return -1; if (putenv(t) == 0) return 0; else return -1; +#else /* Win32 */ + char dummy[8]; + + if (!rewrite && GetEnvironmentVariable(var, dummy, sizeof(dummy)/sizeof(char)) != 0) + return 0; + + if (SetEnvironmentVariable(var, val) == 0) + return -1; + else + return 0; +#endif } diff --git a/lib/roken/seteuid.c b/lib/roken/seteuid.c index 4f786bbf4715..2d8c14829e7a 100644 --- a/lib/roken/seteuid.c +++ b/lib/roken/seteuid.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: seteuid.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #ifdef HAVE_UNISTD_H #include @@ -42,7 +39,7 @@ RCSID("$Id: seteuid.c 14773 2005-04-12 11:29:18Z lha $"); #include "roken.h" -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL seteuid(uid_t euid) { #ifdef HAVE_SETREUID diff --git a/lib/roken/setprogname.c b/lib/roken/setprogname.c index b24c785b1bc6..88a5f9bb4491 100644 --- a/lib/roken/setprogname.c +++ b/lib/roken/setprogname.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1995-2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: setprogname.c 15955 2005-08-23 10:19:20Z lha $"); -#endif #include "roken.h" @@ -43,19 +40,52 @@ extern const char *__progname; #endif #ifndef HAVE_SETPROGNAME -void ROKEN_LIB_FUNCTION + +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL setprogname(const char *argv0) { + #ifndef HAVE___PROGNAME + const char *p; if(argv0 == NULL) return; p = strrchr(argv0, '/'); + +#ifdef BACKSLASH_PATH_DELIM + { + const char * pb; + + pb = strrchr((p != NULL)? p : argv0, '\\'); + if (pb != NULL) + p = pb; + } +#endif + if(p == NULL) p = argv0; else p++; + +#ifdef _WIN32 + { + char * fn = strdup(p); + char * ext; + + strlwr(fn); + ext = strrchr(fn, '.'); + if (ext != NULL && !strcmp(ext, ".exe")) + *ext = '\0'; + + __progname = fn; + } +#else + __progname = p; + #endif + +#endif /* HAVE___PROGNAME */ } + #endif /* HAVE_SETPROGNAME */ diff --git a/lib/roken/signal.c b/lib/roken/signal.c index e18439040f91..284f1e792610 100644 --- a/lib/roken/signal.c +++ b/lib/roken/signal.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: signal.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include #include "roken.h" @@ -50,7 +47,7 @@ RCSID("$Id: signal.c 14773 2005-04-12 11:29:18Z lha $"); * Do we need any extra hacks for SIGCLD and/or SIGCHLD? */ -SigAction ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION SigAction ROKEN_LIB_CALL signal(int iSig, SigAction pAction) { struct sigaction saNew, saOld; diff --git a/lib/roken/simple_exec.c b/lib/roken/simple_exec.c index 447b5bfd0270..97679d7e4175 100644 --- a/lib/roken/simple_exec.c +++ b/lib/roken/simple_exec.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1998 - 2001, 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2001, 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: simple_exec.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #include @@ -55,13 +52,13 @@ RCSID("$Id: simple_exec.c 21005 2007-06-08 01:54:35Z lha $"); #define EX_NOTFOUND 127 /* return values: - -1 on `unspecified' system errors - -2 on fork failures - -3 on waitpid errors - -4 exec timeout + SE_E_UNSPECIFIED on `unspecified' system errors + SE_E_FORKFAILED on fork failures + SE_E_WAITPIDFAILED on waitpid errors + SE_E_EXECTIMEOUT exec timeout 0- is return value from subprocess - 126 if the program couldn't be executed - 127 if the program couldn't be found + SE_E_NOEXEC if the program couldn't be executed + SE_E_NOTFOUND if the program couldn't be found 128- is 128 + signal that killed subprocess possible values `func' can return: @@ -81,8 +78,8 @@ sigtimeout(int sig) SIGRETURN(0); } -int ROKEN_LIB_FUNCTION -wait_for_process_timed(pid_t pid, time_t (*func)(void *), +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +wait_for_process_timed(pid_t pid, time_t (*func)(void *), void *ptr, time_t timeout) { RETSIGTYPE (*old_func)(int sig) = NULL; @@ -101,7 +98,7 @@ wait_for_process_timed(pid_t pid, time_t (*func)(void *), while(waitpid(pid, &status, 0) < 0) { if (errno != EINTR) { - ret = -3; + ret = SE_E_WAITPIDFAILED; goto out; } if (func == NULL) @@ -113,7 +110,7 @@ wait_for_process_timed(pid_t pid, time_t (*func)(void *), kill(pid, SIGTERM); continue; } else if (timeout == (time_t)-2) { - ret = -4; + ret = SE_E_EXECTIMEOUT; goto out; } alarm(timeout); @@ -137,14 +134,14 @@ wait_for_process_timed(pid_t pid, time_t (*func)(void *), return ret; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL wait_for_process(pid_t pid) { return wait_for_process_timed(pid, NULL, NULL, 0); } -int ROKEN_LIB_FUNCTION -pipe_execv(FILE **stdin_fd, FILE **stdout_fd, FILE **stderr_fd, +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +pipe_execv(FILE **stdin_fd, FILE **stdout_fd, FILE **stderr_fd, const char *file, ...) { int in_fd[2], out_fd[2], err_fd[2]; @@ -214,7 +211,7 @@ pipe_execv(FILE **stdin_fd, FILE **stdout_fd, FILE **stderr_fd, close(err_fd[0]); close(err_fd[1]); } - return -2; + return SE_E_FORKFAILED; default: if(stdin_fd != NULL) { close(in_fd[0]); @@ -232,52 +229,52 @@ pipe_execv(FILE **stdin_fd, FILE **stdout_fd, FILE **stderr_fd, return pid; } -int ROKEN_LIB_FUNCTION -simple_execvp_timed(const char *file, char *const args[], +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +simple_execvp_timed(const char *file, char *const args[], time_t (*func)(void *), void *ptr, time_t timeout) { pid_t pid = fork(); switch(pid){ case -1: - return -2; + return SE_E_FORKFAILED; case 0: execvp(file, args); exit((errno == ENOENT) ? EX_NOTFOUND : EX_NOEXEC); - default: + default: return wait_for_process_timed(pid, func, ptr, timeout); } } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL simple_execvp(const char *file, char *const args[]) { return simple_execvp_timed(file, args, NULL, NULL, 0); } /* gee, I'd like a execvpe */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL simple_execve_timed(const char *file, char *const args[], char *const envp[], time_t (*func)(void *), void *ptr, time_t timeout) { pid_t pid = fork(); switch(pid){ case -1: - return -2; + return SE_E_FORKFAILED; case 0: execve(file, args, envp); exit((errno == ENOENT) ? EX_NOTFOUND : EX_NOEXEC); - default: + default: return wait_for_process_timed(pid, func, ptr, timeout); } } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL simple_execve(const char *file, char *const args[], char *const envp[]) { return simple_execve_timed(file, args, envp, NULL, NULL, 0); } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL simple_execlp(const char *file, ...) { va_list ap; @@ -288,13 +285,13 @@ simple_execlp(const char *file, ...) argv = vstrcollect(&ap); va_end(ap); if(argv == NULL) - return -1; + return SE_E_UNSPECIFIED; ret = simple_execvp(file, argv); free(argv); return ret; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL simple_execle(const char *file, ... /* ,char *const envp[] */) { va_list ap; @@ -307,25 +304,8 @@ simple_execle(const char *file, ... /* ,char *const envp[] */) envp = va_arg(ap, char **); va_end(ap); if(argv == NULL) - return -1; + return SE_E_UNSPECIFIED; ret = simple_execve(file, argv, envp); free(argv); return ret; } - -int ROKEN_LIB_FUNCTION -simple_execl(const char *file, ...) -{ - va_list ap; - char **argv; - int ret; - - va_start(ap, file); - argv = vstrcollect(&ap); - va_end(ap); - if(argv == NULL) - return -1; - ret = simple_execve(file, argv, environ); - free(argv); - return ret; -} diff --git a/lib/roken/snprintf-test.c b/lib/roken/snprintf-test.c index 047d54b63ffd..adfcb713f614 100644 --- a/lib/roken/snprintf-test.c +++ b/lib/roken/snprintf-test.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -30,15 +30,10 @@ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif -#include "snprintf-test.h" #include "roken.h" #include -RCSID("$Id: snprintf-test.c 21627 2007-07-17 10:53:17Z lha $"); - static int try (const char *format, ...) { @@ -47,7 +42,7 @@ try (const char *format, ...) char buf1[256], buf2[256]; va_start (ap, format); - ret = vsnprintf (buf1, sizeof(buf1), format, ap); + ret = rk_vsnprintf (buf1, sizeof(buf1), format, ap); if (ret >= sizeof(buf1)) errx (1, "increase buf and try again"); va_end (ap); @@ -224,7 +219,7 @@ cmp_with_sprintf_float (void) static int test_null (void) { - return snprintf (NULL, 0, "foo") != 3; + return rk_snprintf (NULL, 0, "foo") != 3; } static int @@ -242,7 +237,7 @@ test_sizet (void) tot += try("%zX", sizet_values[i]); #else char buf[256]; - snprintf(buf, sizeof(buf), "%zu", sizet_values[i]); + rk_snprintf(buf, sizeof(buf), "%zu", sizet_values[i]); if (strcmp(buf, result[i]) != 0) { printf("%s != %s", buf, result[i]); tot++; diff --git a/lib/roken/snprintf-test.h b/lib/roken/snprintf-test.h deleted file mode 100644 index d672873679bc..000000000000 --- a/lib/roken/snprintf-test.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* $Id: snprintf-test.h 10377 2001-07-19 18:39:14Z assar $ */ - -#ifndef __SNPRINTF_TEST_H__ -#define __SNPRINTF_TEST_H__ - -/* - * we cannot use the real names of the functions when testing, since - * they might have different prototypes as the system functions, hence - * these evil hacks - */ - -#define snprintf test_snprintf -#define asprintf test_asprintf -#define asnprintf test_asnprintf -#define vasprintf test_vasprintf -#define vasnprintf test_vasnprintf -#define vsnprintf test_vsnprintf - -#endif /* __SNPRINTF_TEST_H__ */ diff --git a/lib/roken/snprintf.c b/lib/roken/snprintf.c index 6b3352f96b89..88e996c671f1 100644 --- a/lib/roken/snprintf.c +++ b/lib/roken/snprintf.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995-2003 Kungliga Tekniska Högskolan + * Copyright (c) 1995-2003 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,13 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: snprintf.c 21005 2007-06-08 01:54:35Z lha $"); -#endif -#if defined(TEST_SNPRINTF) -#include "snprintf-test.h" -#endif /* TEST_SNPRINTF */ #include #include #include @@ -125,10 +119,10 @@ typedef long longest; -static int +static size_t pad(struct snprintf_state *state, int width, char c) { - int len = 0; + size_t len = 0; while(width-- > 0){ (*state->append_char)(state, c); ++len; @@ -186,9 +180,9 @@ append_number(struct snprintf_state *state, signchar = ' '; else signchar = '\0'; - + if((flags & alternate_flag) && base == 8) { - /* if necessary, increase the precision to + /* if necessary, increase the precision to make first digit a zero */ /* XXX C99 claims (regarding # and %o) that "if the value and @@ -196,7 +190,7 @@ append_number(struct snprintf_state *state, no such wording for %x. This would mean that %#.o would output "0", but %#.x "". This does not make sense, and is also not what other printf implementations are doing. */ - + if(prec <= nlen && nstr[nstart] != '0' && nstr[nstart] != '\0') prec = nlen + 1; } @@ -214,13 +208,13 @@ append_number(struct snprintf_state *state, width -= prec; else width -= nlen; - + if(use_alternative(flags, num, base)) width -= 2; - + if(signchar != '\0') width--; - + /* pad to width */ len += pad(state, width, ' '); } @@ -242,12 +236,12 @@ append_number(struct snprintf_state *state, } else /* pad to prec with zeros */ len += pad(state, prec - nlen, '0'); - + while(nstr[nstart] != '\0') { (*state->append_char)(state, nstr[nstart++]); ++len; } - + if(flags & minus_flag) len += pad(state, width - len, ' '); @@ -258,14 +252,14 @@ append_number(struct snprintf_state *state, * return length */ -static int +static size_t append_string (struct snprintf_state *state, const unsigned char *arg, int width, int prec, int flags) { - int len = 0; + size_t len = 0; if(arg == NULL) arg = (const unsigned char*)"(null)"; @@ -350,12 +344,12 @@ else \ * zyxprintf - return length, as snprintf */ -static int +static size_t xyzprintf (struct snprintf_state *state, const char *char_format, va_list ap) { const unsigned char *format = (const unsigned char *)char_format; unsigned char c; - int len = 0; + size_t len = 0; while((c = *format++)) { if (c == '%') { @@ -384,7 +378,7 @@ xyzprintf (struct snprintf_state *state, const char *char_format, va_list ap) else break; } - + if((flags & space_flag) && (flags & plus_flag)) flags ^= space_flag; @@ -446,7 +440,7 @@ xyzprintf (struct snprintf_state *state, const char *char_format, va_list ap) len += append_string(state, va_arg(ap, unsigned char*), width, - prec, + prec, flags); break; case 'd' : @@ -504,7 +498,7 @@ xyzprintf (struct snprintf_state *state, const char *char_format, va_list ap) break; } case 'p' : { - unsigned long arg = (unsigned long)va_arg(ap, void*); + u_longest arg = (u_longest)va_arg(ap, void*); len += append_number (state, arg, 0x10, "0123456789ABCDEF", width, prec, flags, 0); @@ -537,8 +531,8 @@ xyzprintf (struct snprintf_state *state, const char *char_format, va_list ap) } #if !defined(HAVE_SNPRINTF) || defined(TEST_SNPRINTF) -int ROKEN_LIB_FUNCTION -snprintf (char *str, size_t sz, const char *format, ...) +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_snprintf (char *str, size_t sz, const char *format, ...) { va_list args; int ret; @@ -570,8 +564,8 @@ snprintf (char *str, size_t sz, const char *format, ...) #endif #if !defined(HAVE_ASPRINTF) || defined(TEST_SNPRINTF) -int ROKEN_LIB_FUNCTION -asprintf (char **ret, const char *format, ...) +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_asprintf (char **ret, const char *format, ...) { va_list args; int val; @@ -602,8 +596,8 @@ asprintf (char **ret, const char *format, ...) #endif #if !defined(HAVE_ASNPRINTF) || defined(TEST_SNPRINTF) -int ROKEN_LIB_FUNCTION -asnprintf (char **ret, size_t max_sz, const char *format, ...) +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_asnprintf (char **ret, size_t max_sz, const char *format, ...) { va_list args; int val; @@ -632,8 +626,8 @@ asnprintf (char **ret, size_t max_sz, const char *format, ...) #endif #if !defined(HAVE_VASPRINTF) || defined(TEST_SNPRINTF) -int ROKEN_LIB_FUNCTION -vasprintf (char **ret, const char *format, va_list args) +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_vasprintf (char **ret, const char *format, va_list args) { return vasnprintf (ret, 0, format, args); } @@ -641,10 +635,10 @@ vasprintf (char **ret, const char *format, va_list args) #if !defined(HAVE_VASNPRINTF) || defined(TEST_SNPRINTF) -int ROKEN_LIB_FUNCTION -vasnprintf (char **ret, size_t max_sz, const char *format, va_list args) +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_vasnprintf (char **ret, size_t max_sz, const char *format, va_list args) { - int st; + size_t st; struct snprintf_state state; state.max_sz = max_sz; @@ -680,8 +674,8 @@ vasnprintf (char **ret, size_t max_sz, const char *format, va_list args) #endif #if !defined(HAVE_VSNPRINTF) || defined(TEST_SNPRINTF) -int ROKEN_LIB_FUNCTION -vsnprintf (char *str, size_t sz, const char *format, va_list args) +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_vsnprintf (char *str, size_t sz, const char *format, va_list args) { struct snprintf_state state; int ret; diff --git a/lib/roken/socket.c b/lib/roken/socket.c index a82dd0186c92..017d6252ea16 100644 --- a/lib/roken/socket.c +++ b/lib/roken/socket.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: socket.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include "roken.h" #include @@ -43,7 +40,7 @@ RCSID("$Id: socket.c 21005 2007-06-08 01:54:35Z lha $"); * Set `sa' to the unitialized address of address family `af' */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL socket_set_any (struct sockaddr *sa, int af) { switch (af) { @@ -77,7 +74,7 @@ socket_set_any (struct sockaddr *sa, int af) * set `sa' to (`ptr', `port') */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL socket_set_address_and_port (struct sockaddr *sa, const void *ptr, int port) { switch (sa->sa_family) { @@ -111,7 +108,7 @@ socket_set_address_and_port (struct sockaddr *sa, const void *ptr, int port) * Return the size of an address of the type in `sa' */ -size_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL socket_addr_size (const struct sockaddr *sa) { switch (sa->sa_family) { @@ -122,8 +119,7 @@ socket_addr_size (const struct sockaddr *sa) return sizeof(struct in6_addr); #endif default : - errx (1, "unknown address family %d", sa->sa_family); - break; + return 0; } } @@ -131,7 +127,7 @@ socket_addr_size (const struct sockaddr *sa) * Return the size of a `struct sockaddr' in `sa'. */ -size_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL socket_sockaddr_size (const struct sockaddr *sa) { switch (sa->sa_family) { @@ -141,9 +137,8 @@ socket_sockaddr_size (const struct sockaddr *sa) case AF_INET6 : return sizeof(struct sockaddr_in6); #endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; + default: + return 0; } } @@ -151,23 +146,22 @@ socket_sockaddr_size (const struct sockaddr *sa) * Return the binary address of `sa'. */ -void * ROKEN_LIB_FUNCTION -socket_get_address (struct sockaddr *sa) +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL +socket_get_address (const struct sockaddr *sa) { switch (sa->sa_family) { case AF_INET : { - struct sockaddr_in *sin4 = (struct sockaddr_in *)sa; - return &sin4->sin_addr; + const struct sockaddr_in *sin4 = (const struct sockaddr_in *)sa; + return rk_UNCONST(&sin4->sin_addr); } #ifdef HAVE_IPV6 case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - return &sin6->sin6_addr; + const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; + return rk_UNCONST(&sin6->sin6_addr); } #endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; + default: + return NULL; } } @@ -175,7 +169,7 @@ socket_get_address (struct sockaddr *sa) * Return the port number from `sa'. */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL socket_get_port (const struct sockaddr *sa) { switch (sa->sa_family) { @@ -190,8 +184,7 @@ socket_get_port (const struct sockaddr *sa) } #endif default : - errx (1, "unknown address family %d", sa->sa_family); - break; + return 0; } } @@ -199,7 +192,7 @@ socket_get_port (const struct sockaddr *sa) * Set the port in `sa' to `port'. */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL socket_set_port (struct sockaddr *sa, int port) { switch (sa->sa_family) { @@ -224,40 +217,33 @@ socket_set_port (struct sockaddr *sa, int port) /* * Set the range of ports to use when binding with port = 0. */ -void ROKEN_LIB_FUNCTION -socket_set_portrange (int sock, int restr, int af) +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +socket_set_portrange (rk_socket_t sock, int restr, int af) { #if defined(IP_PORTRANGE) if (af == AF_INET) { int on = restr ? IP_PORTRANGE_HIGH : IP_PORTRANGE_DEFAULT; - if (setsockopt (sock, IPPROTO_IP, IP_PORTRANGE, &on, - sizeof(on)) < 0) - warn ("setsockopt IP_PORTRANGE (ignored)"); + setsockopt (sock, IPPROTO_IP, IP_PORTRANGE, &on, sizeof(on)); } #endif #if defined(IPV6_PORTRANGE) if (af == AF_INET6) { - int on = restr ? IPV6_PORTRANGE_HIGH : - IPV6_PORTRANGE_DEFAULT; - if (setsockopt (sock, IPPROTO_IPV6, IPV6_PORTRANGE, &on, - sizeof(on)) < 0) - warn ("setsockopt IPV6_PORTRANGE (ignored)"); + int on = restr ? IPV6_PORTRANGE_HIGH : IPV6_PORTRANGE_DEFAULT; + setsockopt (sock, IPPROTO_IPV6, IPV6_PORTRANGE, &on, sizeof(on)); } #endif } - + /* * Enable debug on `sock'. */ -void ROKEN_LIB_FUNCTION -socket_set_debug (int sock) +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +socket_set_debug (rk_socket_t sock) { #if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT) int on = 1; - - if (setsockopt (sock, SOL_SOCKET, SO_DEBUG, (void *) &on, sizeof (on)) < 0) - warn ("setsockopt SO_DEBUG (ignored)"); + setsockopt (sock, SOL_SOCKET, SO_DEBUG, (void *) &on, sizeof (on)); #endif } @@ -265,13 +251,11 @@ socket_set_debug (int sock) * Set the type-of-service of `sock' to `tos'. */ -void ROKEN_LIB_FUNCTION -socket_set_tos (int sock, int tos) +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +socket_set_tos (rk_socket_t sock, int tos) { #if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - if (setsockopt (sock, IPPROTO_IP, IP_TOS, (void *) &tos, sizeof (int)) < 0) - if (errno != EINVAL) - warn ("setsockopt TOS (ignored)"); + setsockopt (sock, IPPROTO_IP, IP_TOS, (void *) &tos, sizeof(int)); #endif } @@ -279,13 +263,11 @@ socket_set_tos (int sock, int tos) * set the reuse of addresses on `sock' to `val'. */ -void ROKEN_LIB_FUNCTION -socket_set_reuseaddr (int sock, int val) +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +socket_set_reuseaddr (rk_socket_t sock, int val) { #if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT) - if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&val, - sizeof(val)) < 0) - err (1, "setsockopt SO_REUSEADDR"); + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&val, sizeof(val)); #endif } @@ -293,10 +275,62 @@ socket_set_reuseaddr (int sock, int val) * Set the that the `sock' should bind to only IPv6 addresses. */ -void ROKEN_LIB_FUNCTION -socket_set_ipv6only (int sock, int val) +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +socket_set_ipv6only (rk_socket_t sock, int val) { #if defined(IPV6_V6ONLY) && defined(HAVE_SETSOCKOPT) setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, (void *)&val, sizeof(val)); #endif } + +/** + * Create a file descriptor from a socket + * + * While the socket handle in \a sock can be used with WinSock + * functions after calling socket_to_fd(), it should not be closed + * with rk_closesocket(). The socket will be closed when the associated + * file descriptor is closed. + */ +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +socket_to_fd(rk_socket_t sock, int flags) +{ +#ifndef _WIN32 + return sock; +#else + return _open_osfhandle((intptr_t) sock, flags); +#endif +} + +#ifdef HAVE_WINSOCK +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_SOCK_IOCTL(SOCKET s, long cmd, int * argp) { + u_long ul = (argp)? *argp : 0; + int rv; + + rv = ioctlsocket(s, cmd, &ul); + if (argp) + *argp = (int) ul; + return rv; +} +#endif + +#ifndef HEIMDAL_SMALLER +#undef socket + +int rk_socket(int, int, int); + +int +rk_socket(int domain, int type, int protocol) +{ + int s; + s = socket (domain, type, protocol); +#ifdef SOCK_CLOEXEC + if ((SOCK_CLOEXEC & type) && s < 0 && errno == EINVAL) { + type &= ~SOCK_CLOEXEC; + s = socket (domain, type, protocol); + } +#endif + return s; +} + +#endif /* HEIMDAL_SMALLER */ diff --git a/lib/roken/socket_wrapper.c b/lib/roken/socket_wrapper.c index 9e6bfdd09811..94389494b191 100644 --- a/lib/roken/socket_wrapper.c +++ b/lib/roken/socket_wrapper.c @@ -3,22 +3,22 @@ * Copyright (C) Stefan Metzmacher 2006 * * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the author nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -59,9 +59,7 @@ #else /* _SAMBA_BUILD_ */ -#ifdef HAVE_CONFIG_H #include -#endif #undef SOCKET_WRAPPER_REPLACE #include @@ -131,7 +129,7 @@ /* LD_PRELOAD doesn't work yet, so REWRITE_CALLS is all we support * for now */ -#define REWRITE_CALLS +#define REWRITE_CALLS #ifdef REWRITE_CALLS #define real_accept accept @@ -161,8 +159,8 @@ /* we need to use a very terse format here as IRIX 6.4 silently truncates names to 16 chars, so if we use a longer name then we - can't tell which port a packet came from with recvfrom() - + can't tell which port a packet came from with recvfrom() + with this format we have 8 chars left for the directory name */ #define SOCKET_FORMAT "%c%02X%04X" @@ -298,7 +296,7 @@ static int convert_un_in(const struct sockaddr_un *un, struct sockaddr *in, sock case SOCKET_TYPE_CHAR_TCP: case SOCKET_TYPE_CHAR_UDP: { struct sockaddr_in *in2 = (struct sockaddr_in *)in; - + if ((*len) < sizeof(*in2)) { errno = EINVAL; return -1; @@ -316,7 +314,7 @@ static int convert_un_in(const struct sockaddr_un *un, struct sockaddr *in, sock case SOCKET_TYPE_CHAR_TCP_V6: case SOCKET_TYPE_CHAR_UDP_V6: { struct sockaddr_in6 *in2 = (struct sockaddr_in6 *)in; - + if ((*len) < sizeof(*in2)) { errno = EINVAL; return -1; @@ -351,7 +349,7 @@ static int convert_in_un_remote(struct socket_info *si, const struct sockaddr *i switch (si->family) { case AF_INET: { - const struct sockaddr_in *in = + const struct sockaddr_in *in = (const struct sockaddr_in *)inaddr; unsigned int addr = ntohl(in->sin_addr.s_addr); char u_type = '\0'; @@ -394,7 +392,7 @@ static int convert_in_un_remote(struct socket_info *si, const struct sockaddr *i } #ifdef HAVE_IPV6 case AF_INET6: { - const struct sockaddr_in6 *in = + const struct sockaddr_in6 *in = (const struct sockaddr_in6 *)inaddr; switch (si->type) { @@ -410,7 +408,7 @@ static int convert_in_un_remote(struct socket_info *si, const struct sockaddr *i prt = ntohs(in->sin6_port); iface = SW_IPV6_ADDRESS; - + break; } #endif @@ -425,13 +423,13 @@ static int convert_in_un_remote(struct socket_info *si, const struct sockaddr *i } if (is_bcast) { - snprintf(un->sun_path, sizeof(un->sun_path), "%s/EINVAL", + snprintf(un->sun_path, sizeof(un->sun_path), "%s/EINVAL", socket_wrapper_dir()); /* the caller need to do more processing */ return 0; } - snprintf(un->sun_path, sizeof(un->sun_path), "%s/"SOCKET_FORMAT, + snprintf(un->sun_path, sizeof(un->sun_path), "%s/"SOCKET_FORMAT, socket_wrapper_dir(), type, iface, prt); return 0; @@ -450,7 +448,7 @@ static int convert_in_un_alloc(struct socket_info *si, const struct sockaddr *in switch (si->family) { case AF_INET: { - const struct sockaddr_in *in = + const struct sockaddr_in *in = (const struct sockaddr_in *)inaddr; unsigned int addr = ntohl(in->sin_addr.s_addr); char u_type = '\0'; @@ -501,7 +499,7 @@ static int convert_in_un_alloc(struct socket_info *si, const struct sockaddr *in } #ifdef HAVE_IPV6 case AF_INET6: { - const struct sockaddr_in6 *in = + const struct sockaddr_in6 *in = (const struct sockaddr_in6 *)inaddr; switch (si->type) { @@ -517,7 +515,7 @@ static int convert_in_un_alloc(struct socket_info *si, const struct sockaddr *in prt = ntohs(in->sin6_port); iface = SW_IPV6_ADDRESS; - + break; } #endif @@ -532,7 +530,7 @@ static int convert_in_un_alloc(struct socket_info *si, const struct sockaddr *in if (prt == 0) { /* handle auto-allocation of ephemeral ports */ for (prt = 5001; prt < 10000; prt++) { - snprintf(un->sun_path, sizeof(un->sun_path), "%s/"SOCKET_FORMAT, + snprintf(un->sun_path, sizeof(un->sun_path), "%s/"SOCKET_FORMAT, socket_wrapper_dir(), type, iface, prt); if (stat(un->sun_path, &st) == 0) continue; @@ -540,7 +538,7 @@ static int convert_in_un_alloc(struct socket_info *si, const struct sockaddr *in } } - snprintf(un->sun_path, sizeof(un->sun_path), "%s/"SOCKET_FORMAT, + snprintf(un->sun_path, sizeof(un->sun_path), "%s/"SOCKET_FORMAT, socket_wrapper_dir(), type, iface, prt); return 0; } @@ -549,14 +547,14 @@ static struct socket_info *find_socket_info(int fd) { struct socket_info *i; for (i = sockets; i; i = i->next) { - if (i->fd == fd) + if (i->fd == fd) return i; } return NULL; } -static int sockaddr_convert_to_un(struct socket_info *si, const struct sockaddr *in_addr, socklen_t in_len, +static int sockaddr_convert_to_un(struct socket_info *si, const struct sockaddr *in_addr, socklen_t in_len, struct sockaddr_un *out_addr, int alloc_sock, int *bcast) { if (!out_addr) @@ -585,19 +583,19 @@ static int sockaddr_convert_to_un(struct socket_info *si, const struct sockaddr default: break; } - + errno = EAFNOSUPPORT; return -1; } -static int sockaddr_convert_from_un(const struct socket_info *si, - const struct sockaddr_un *in_addr, +static int sockaddr_convert_from_un(const struct socket_info *si, + const struct sockaddr_un *in_addr, socklen_t un_addrlen, int family, struct sockaddr *out_addr, socklen_t *out_addrlen) { - if (out_addr == NULL || out_addrlen == NULL) + if (out_addr == NULL || out_addrlen == NULL) return 0; if (un_addrlen == 0) { @@ -650,7 +648,7 @@ enum swrap_packet_type { struct swrap_file_hdr { unsigned long magic; - unsigned short version_major; + unsigned short version_major; unsigned short version_minor; long timezone; unsigned long sigfigs; @@ -732,7 +730,7 @@ static const char *socket_wrapper_pcap_file(void) /* * TODO: don't use the structs use plain buffer offsets * and PUSH_U8(), PUSH_U16() and PUSH_U32() - * + * * for now make sure we disable PCAP support * if the struct has alignment! */ @@ -913,7 +911,7 @@ static int swrap_get_pcap_fd(const char *fname) if (fd != -1) { struct swrap_file_hdr file_hdr; file_hdr.magic = 0xA1B2C3D4; - file_hdr.version_major = 0x0002; + file_hdr.version_major = 0x0002; file_hdr.version_minor = 0x0004; file_hdr.timezone = 0x00000000; file_hdr.sigfigs = 0x00000000; @@ -1284,7 +1282,7 @@ _PUBLIC_ int swrap_accept(int s, struct sockaddr *addr, socklen_t *addrlen) return real_accept(s, addr, addrlen); } - /* + /* * assume out sockaddr have the same size as the in parent * socket family */ @@ -1412,7 +1410,7 @@ static int swrap_auto_bind(struct socket_info *si) memset(&in, 0, sizeof(in)); in.sin_family = AF_INET; - in.sin_addr.s_addr = htonl(127<<24 | + in.sin_addr.s_addr = htonl(127<<24 | socket_wrapper_default_iface()); si->myname_len = sizeof(in); @@ -1454,11 +1452,11 @@ static int swrap_auto_bind(struct socket_info *si) for (i=0;i<1000;i++) { port = autobind_start + i; - snprintf(un_addr.sun_path, sizeof(un_addr.sun_path), + snprintf(un_addr.sun_path, sizeof(un_addr.sun_path), "%s/"SOCKET_FORMAT, socket_wrapper_dir(), type, socket_wrapper_default_iface(), port); if (stat(un_addr.sun_path, &st) == 0) continue; - + ret = real_bind(si->fd, (struct sockaddr *)&un_addr, sizeof(un_addr)); if (ret == -1) return ret; @@ -1503,7 +1501,7 @@ _PUBLIC_ int swrap_connect(int s, const struct sockaddr *serv_addr, socklen_t ad swrap_dump_packet(si, serv_addr, SWRAP_CONNECT_SEND, NULL, 0); - ret = real_connect(s, (struct sockaddr *)&un_addr, + ret = real_connect(s, (struct sockaddr *)&un_addr, sizeof(struct sockaddr_un)); /* to give better errors */ @@ -1610,7 +1608,7 @@ _PUBLIC_ int swrap_getsockopt(int s, int level, int optname, void *optval, sockl if (level == SOL_SOCKET) { return real_getsockopt(s, level, optname, optval, optlen); - } + } errno = ENOPROTOOPT; return -1; @@ -1651,7 +1649,7 @@ _PUBLIC_ ssize_t swrap_recvfrom(int s, void *buf, size_t len, int flags, struct /* irix 6.4 forgets to null terminate the sun_path string :-( */ memset(&un_addr, 0, sizeof(un_addr)); ret = real_recvfrom(s, buf, len, flags, (struct sockaddr *)&un_addr, &un_addrlen); - if (ret == -1) + if (ret == -1) return ret; if (sockaddr_convert_from_un(si, &un_addr, un_addrlen, @@ -1685,32 +1683,32 @@ _PUBLIC_ ssize_t swrap_sendto(int s, const void *buf, size_t len, int flags, con ret = swrap_auto_bind(si); if (ret == -1) return -1; } - + ret = sockaddr_convert_to_un(si, to, tolen, &un_addr, 0, &bcast); if (ret == -1) return -1; - + if (bcast) { struct stat st; unsigned int iface; unsigned int prt = ntohs(((const struct sockaddr_in *)to)->sin_port); char type; - + type = SOCKET_TYPE_CHAR_UDP; - + for(iface=0; iface <= MAX_WRAPPED_INTERFACES; iface++) { - snprintf(un_addr.sun_path, sizeof(un_addr.sun_path), "%s/"SOCKET_FORMAT, + snprintf(un_addr.sun_path, sizeof(un_addr.sun_path), "%s/"SOCKET_FORMAT, socket_wrapper_dir(), type, iface, prt); if (stat(un_addr.sun_path, &st) != 0) continue; - + /* ignore the any errors in broadcast sends */ real_sendto(s, buf, len, flags, (struct sockaddr *)&un_addr, sizeof(un_addr)); } - + swrap_dump_packet(si, to, SWRAP_SENDTO, buf, len); - + return len; } - + ret = real_sendto(s, buf, len, flags, (struct sockaddr *)&un_addr, sizeof(un_addr)); break; default: @@ -1718,7 +1716,7 @@ _PUBLIC_ ssize_t swrap_sendto(int s, const void *buf, size_t len, int flags, con errno = EHOSTUNREACH; break; } - + /* to give better errors */ if (ret == -1 && errno == ENOENT) { errno = EHOSTUNREACH; @@ -1858,7 +1856,7 @@ dup_internal(const struct socket_info *si_oldd, int fd) si_newd->myname = sockaddr_dup(si_oldd->myname, si_oldd->myname_len); si_newd->myname_len = si_oldd->myname_len; - si_newd->peername = + si_newd->peername = sockaddr_dup(si_oldd->peername, si_oldd->peername_len); si_newd->peername_len = si_oldd->peername_len; diff --git a/lib/roken/socket_wrapper.h b/lib/roken/socket_wrapper.h index 316b024326b1..06fd63305d9e 100644 --- a/lib/roken/socket_wrapper.h +++ b/lib/roken/socket_wrapper.h @@ -3,22 +3,22 @@ * Copyright (C) Stefan Metzmacher 2006 * * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the author nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE diff --git a/lib/roken/strcasecmp.c b/lib/roken/strcasecmp.c index 4788d4fb5126..00a0a8ef023b 100644 --- a/lib/roken/strcasecmp.c +++ b/lib/roken/strcasecmp.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strcasecmp.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include #include @@ -43,7 +40,7 @@ RCSID("$Id: strcasecmp.c 14773 2005-04-12 11:29:18Z lha $"); #ifndef HAVE_STRCASECMP -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL strcasecmp(const char *s1, const char *s2) { while(toupper((unsigned char)*s1) == toupper((unsigned char)*s2)) { diff --git a/lib/roken/strcollect.c b/lib/roken/strcollect.c index f29189159e16..0afc3f0c62e5 100644 --- a/lib/roken/strcollect.c +++ b/lib/roken/strcollect.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strcollect.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #include @@ -69,7 +66,7 @@ sub (char **argv, int i, int argc, va_list *ap) * terminated by NULL. */ -char ** ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char ** ROKEN_LIB_CALL vstrcollect(va_list *ap) { return sub (NULL, 0, 0, ap); @@ -79,7 +76,7 @@ vstrcollect(va_list *ap) * */ -char ** ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char ** ROKEN_LIB_CALL strcollect(char *first, ...) { va_list ap; diff --git a/lib/roken/strdup.c b/lib/roken/strdup.c index a832120da259..ce004562f0fe 100644 --- a/lib/roken/strdup.c +++ b/lib/roken/strdup.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,15 +31,12 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strdup.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include #include #ifndef HAVE_STRDUP -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strdup(const char *old) { char *t = malloc(strlen(old)+1); diff --git a/lib/roken/strerror.c b/lib/roken/strerror.c index ca152f46b56c..b5ec6918e69a 100644 --- a/lib/roken/strerror.c +++ b/lib/roken/strerror.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strerror.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include #include @@ -43,7 +40,7 @@ RCSID("$Id: strerror.c 14773 2005-04-12 11:29:18Z lha $"); extern int sys_nerr; extern char *sys_errlist[]; -char* ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char* ROKEN_LIB_CALL strerror(int eno) { static char emsg[1024]; diff --git a/lib/roken/strerror_r.c b/lib/roken/strerror_r.c new file mode 100644 index 000000000000..85271ecaf5c9 --- /dev/null +++ b/lib/roken/strerror_r.c @@ -0,0 +1,84 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#if (!defined(HAVE_STRERROR_R) && !defined(strerror_r)) || (!defined(STRERROR_R_PROTO_COMPATIBLE) && defined(HAVE_STRERROR_R)) + +#include +#include +#include +#include "roken.h" + +#ifdef _MSC_VER + +int ROKEN_LIB_FUNCTION +rk_strerror_r(int eno, char * strerrbuf, size_t buflen) +{ + errno_t err; + + err = strerror_s(strerrbuf, buflen, eno); + if (err != 0) { + int code; + code = sprintf_s(strerrbuf, buflen, "Error % occurred.", eno); + err = ((code != 0)? errno : 0); + } + + return err; +} + +#else /* _MSC_VER */ + +int ROKEN_LIB_FUNCTION +rk_strerror_r(int eno, char *strerrbuf, size_t buflen) +{ + /* Assume is the linux broken strerror_r (returns the a buffer (char *) if the input buffer wasn't use */ +#ifdef HAVE_STRERROR_R + const char *str; + str = strerror_r(eno, strerrbuf, buflen); + if (str != strerrbuf) + if (strlcpy(strerrbuf, str, buflen) >= buflen) + return ERANGE; + return 0; +#else + int ret; + ret = strlcpy(strerrbuf, strerror(eno), buflen); + if (ret > buflen) + return ERANGE; + return 0; +#endif +} + +#endif /* !_MSC_VER */ + +#endif diff --git a/lib/roken/strftime.c b/lib/roken/strftime.c index b7176b60b7bd..447c1554337f 100644 --- a/lib/roken/strftime.c +++ b/lib/roken/strftime.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -30,15 +30,11 @@ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif +#include "roken.h" #ifdef TEST_STRPFTIME #include "strpftime-test.h" #endif -#include "roken.h" - -RCSID("$Id: strftime.c 21896 2007-08-09 08:46:08Z lha $"); static const char *abb_weekdays[] = { "Sun", @@ -155,7 +151,7 @@ week_number_mon4 (const struct tm *tm) int wday = (tm->tm_wday + 6) % 7; int w1day = (wday - tm->tm_yday % 7 + 7) % 7; int ret; - + ret = (tm->tm_yday + w1day) / 7; if (w1day >= 4) --ret; @@ -170,7 +166,7 @@ week_number_mon4 (const struct tm *tm) * */ -size_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL strftime (char *buf, size_t maxsize, const char *format, const struct tm *tm) { @@ -290,7 +286,7 @@ strftime (char *buf, size_t maxsize, const char *format, "%02d:%02d", tm->tm_hour, tm->tm_min); - + break; case 's' : ret = snprintf (buf, maxsize - n, "%d", (int)mktime(rk_UNCONST(tm))); @@ -358,7 +354,7 @@ strftime (char *buf, size_t maxsize, const char *format, (long)timezone #else #error Where in timezone chaos are you? -#endif +#endif ); break; case 'Z' : @@ -386,7 +382,7 @@ strftime (char *buf, size_t maxsize, const char *format, "%%%c", *format); break; } - if (ret < 0 || ret >= maxsize - n) + if (ret < 0 || ret >= (int)(maxsize - n)) return 0; n += ret; buf += ret; @@ -396,6 +392,6 @@ strftime (char *buf, size_t maxsize, const char *format, ++n; } } - *buf++ = '\0'; + *buf = '\0'; return n; } diff --git a/lib/roken/strlcat.c b/lib/roken/strlcat.c index 3f9c085210c8..e8fe1b781c67 100644 --- a/lib/roken/strlcat.c +++ b/lib/roken/strlcat.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995-2002 Kungliga Tekniska Högskolan + * Copyright (c) 1995-2002 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,21 +31,24 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #include "roken.h" -RCSID("$Id: strlcat.c 14773 2005-04-12 11:29:18Z lha $"); - #ifndef HAVE_STRLCAT -size_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL strlcat (char *dst, const char *src, size_t dst_sz) { - size_t len = strlen(dst); + size_t len; +#if defined(_MSC_VER) && _MSC_VER >= 1400 + len = strnlen_s(dst, dst_sz); +#elif defined(HAVE_STRNLEN) + len = strnlen(dst, dst_sz); +#else + len = strlen(dst); +#endif - if (dst_sz < len) + if (dst_sz <= len) /* the total size of dst is less than the string it contains; this could be considered bad input, but we might as well handle it */ @@ -53,4 +56,5 @@ strlcat (char *dst, const char *src, size_t dst_sz) return len + strlcpy (dst + len, src, dst_sz - len); } + #endif diff --git a/lib/roken/strlcpy.c b/lib/roken/strlcpy.c index 6797317bf40b..0fe2b97fccb2 100644 --- a/lib/roken/strlcpy.c +++ b/lib/roken/strlcpy.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995-2002 Kungliga Tekniska Högskolan + * Copyright (c) 1995-2002 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,16 +31,27 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #include "roken.h" -RCSID("$Id: strlcpy.c 14773 2005-04-12 11:29:18Z lha $"); - #ifndef HAVE_STRLCPY -size_t ROKEN_LIB_FUNCTION +#if defined(_MSC_VER) && _MSC_VER >= 1400 + +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL +strlcpy (char *dst, const char *src, size_t dst_cch) +{ + errno_t e; + + if (dst_cch > 0) + e = strncpy_s(dst, dst_cch, src, _TRUNCATE); + + return strlen (src); +} + +#else + +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL strlcpy (char *dst, const char *src, size_t dst_sz) { size_t n; @@ -58,3 +69,5 @@ strlcpy (char *dst, const char *src, size_t dst_sz) } #endif + +#endif diff --git a/lib/roken/strlwr.c b/lib/roken/strlwr.c index 9e5e9739fc1c..68bd4edad3fc 100644 --- a/lib/roken/strlwr.c +++ b/lib/roken/strlwr.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,17 +31,14 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strlwr.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #include #include "roken.h" #ifndef HAVE_STRLWR -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strlwr(char *str) { char *s; diff --git a/lib/roken/strncasecmp.c b/lib/roken/strncasecmp.c index e534393c7d56..f244fb582f74 100644 --- a/lib/roken/strncasecmp.c +++ b/lib/roken/strncasecmp.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strncasecmp.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include #include @@ -42,10 +39,10 @@ RCSID("$Id: strncasecmp.c 14773 2005-04-12 11:29:18Z lha $"); #ifndef HAVE_STRNCASECMP -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL strncasecmp(const char *s1, const char *s2, size_t n) { - while(n > 0 + while(n > 0 && toupper((unsigned char)*s1) == toupper((unsigned char)*s2)) { if(*s1 == '\0') diff --git a/lib/roken/strndup.c b/lib/roken/strndup.c index 1960fd28c2aa..e67c9983a4ab 100644 --- a/lib/roken/strndup.c +++ b/lib/roken/strndup.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,17 +31,14 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strndup.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #include #include "roken.h" #ifndef HAVE_STRNDUP -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strndup(const char *old, size_t sz) { size_t len = strnlen (old, sz); diff --git a/lib/roken/strnlen.c b/lib/roken/strnlen.c index 3ba61a582318..f26cd8451432 100644 --- a/lib/roken/strnlen.c +++ b/lib/roken/strnlen.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strnlen.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" -size_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL strnlen(const char *s, size_t len) { size_t i; diff --git a/lib/roken/strpftime-test.c b/lib/roken/strpftime-test.c index a1c13f3dced2..8524ff5eeeb2 100644 --- a/lib/roken/strpftime-test.c +++ b/lib/roken/strpftime-test.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -30,15 +30,11 @@ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif +#include #ifdef TEST_STRPFTIME #include "strpftime-test.h" #endif -#include "roken.h" - -RCSID("$Id: strpftime-test.c 21897 2007-08-09 08:46:34Z lha $"); enum { MAXSIZE = 26 }; diff --git a/lib/roken/strpftime-test.h b/lib/roken/strpftime-test.h index 546e5529539a..5f9b23fda9db 100644 --- a/lib/roken/strpftime-test.h +++ b/lib/roken/strpftime-test.h @@ -1,18 +1,18 @@ /* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -45,4 +45,11 @@ #define strftime test_strftime #define strptime test_strptime +ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL +strftime (char *buf, size_t maxsize, const char *format, + const struct tm *tm); + +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL +strptime (const char *buf, const char *format, struct tm *timeptr); + #endif /* __STRFTIME_TEST_H__ */ diff --git a/lib/roken/strpool.c b/lib/roken/strpool.c index 6ebe0ce6c4b8..6e6a737bc630 100644 --- a/lib/roken/strpool.c +++ b/lib/roken/strpool.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strpool.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #include @@ -49,7 +46,7 @@ struct rk_strpool { * */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rk_strpoolfree(struct rk_strpool *p) { if (p->str) { @@ -63,7 +60,7 @@ rk_strpoolfree(struct rk_strpool *p) * */ -struct rk_strpool * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION struct rk_strpool * ROKEN_LIB_CALL rk_strpoolprintf(struct rk_strpool *p, const char *fmt, ...) { va_list ap; @@ -100,10 +97,13 @@ rk_strpoolprintf(struct rk_strpool *p, const char *fmt, ...) * */ -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL rk_strpoolcollect(struct rk_strpool *p) { - char *str = p->str; + char *str; + if (p == NULL) + return strdup(""); + str = p->str; p->str = NULL; free(p); return str; diff --git a/lib/roken/strptime.c b/lib/roken/strptime.c index 9cd133357a56..75c27a328773 100644 --- a/lib/roken/strptime.c +++ b/lib/roken/strptime.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 1999, 2003, 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999, 2003, 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -30,16 +30,12 @@ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif +#include "roken.h" #ifdef TEST_STRPFTIME #include "strpftime-test.h" #endif #include -#include "roken.h" - -RCSID("$Id: strptime.c 21895 2007-08-09 08:45:54Z lha $"); static const char *abb_weekdays[] = { "Sun", @@ -181,7 +177,7 @@ first_day (int year) int ret = 4; for (; year > 1970; --year) - ret = (ret + 365 + is_leap_year (year) ? 1 : 0) % 7; + ret = (ret + (is_leap_year (year) ? 366 : 365)) % 7; return ret; } @@ -241,7 +237,7 @@ set_week_number_mon4 (struct tm *timeptr, int wnum) * */ -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strptime (const char *buf, const char *format, struct tm *timeptr) { char c; diff --git a/lib/roken/strsep.c b/lib/roken/strsep.c index dd191c402298..76b447c373de 100644 --- a/lib/roken/strsep.c +++ b/lib/roken/strsep.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strsep.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include @@ -42,7 +39,7 @@ RCSID("$Id: strsep.c 14773 2005-04-12 11:29:18Z lha $"); #ifndef HAVE_STRSEP -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strsep(char **str, const char *delim) { char *save = *str; diff --git a/lib/roken/strsep_copy.c b/lib/roken/strsep_copy.c index 4a0a8b05333a..1228f1a45048 100644 --- a/lib/roken/strsep_copy.c +++ b/lib/roken/strsep_copy.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 2000, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2000, 2002 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strsep_copy.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include @@ -44,7 +41,7 @@ RCSID("$Id: strsep_copy.c 14773 2005-04-12 11:29:18Z lha $"); /* strsep, but with const stringp, so return string in buf */ -ssize_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL strsep_copy(const char **stringp, const char *delim, char *buf, size_t len) { const char *save = *stringp; @@ -52,7 +49,7 @@ strsep_copy(const char **stringp, const char *delim, char *buf, size_t len) if(save == NULL) return -1; *stringp = *stringp + strcspn(*stringp, delim); - l = min(len, *stringp - save); + l = min(len, (size_t)(*stringp - save)); if(len > 0) { memcpy(buf, save, l); buf[l] = '\0'; diff --git a/lib/roken/strtok_r.c b/lib/roken/strtok_r.c index fb72f5dc7728..16a9daf24622 100644 --- a/lib/roken/strtok_r.c +++ b/lib/roken/strtok_r.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strtok_r.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include @@ -42,7 +39,7 @@ RCSID("$Id: strtok_r.c 14773 2005-04-12 11:29:18Z lha $"); #ifndef HAVE_STRTOK_R -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strtok_r(char *s1, const char *s2, char **lasts) { char *ret; diff --git a/lib/roken/strupr.c b/lib/roken/strupr.c index 2a5322677f5c..fdff7f44a890 100644 --- a/lib/roken/strupr.c +++ b/lib/roken/strupr.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,17 +31,14 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: strupr.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include #include #include "roken.h" #ifndef HAVE_STRUPR -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL strupr(char *str) { char *s; diff --git a/lib/roken/swab.c b/lib/roken/swab.c index 20744ca02ff9..9b8d1d1f98ab 100644 --- a/lib/roken/swab.c +++ b/lib/roken/swab.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,16 +31,12 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif #include "roken.h" #ifndef HAVE_SWAB -RCSID("$Id: swab.c 14773 2005-04-12 11:29:18Z lha $"); - -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL swab (char *from, char *to, int nbytes) { while(nbytes >= 2) { diff --git a/lib/roken/test-mem.c b/lib/roken/test-mem.c index d955c1a489fc..2ce961e06340 100644 --- a/lib/roken/test-mem.c +++ b/lib/roken/test-mem.c @@ -1,39 +1,38 @@ /* - * Copyright (c) 1999 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -#endif + #ifdef HAVE_SYS_MMAN_H #include #endif @@ -44,8 +43,6 @@ #include "test-mem.h" -RCSID("$Id: test-mem.c 21005 2007-06-08 01:54:35Z lha $"); - /* #undef HAVE_MMAP */ struct { @@ -57,8 +54,16 @@ struct { int fd; } map; +#ifdef HAVE_SIGACTION + struct sigaction sa, osa; +#else + +void (* osigh)(int); + +#endif + char *testname; static RETSIGTYPE @@ -66,12 +71,12 @@ segv_handler(int sig) { int fd; char msg[] = "SIGSEGV i current test: "; - + fd = open("/dev/stdout", O_WRONLY, 0600); if (fd >= 0) { - write(fd, msg, sizeof(msg) - 1); - write(fd, testname, strlen(testname)); - write(fd, "\n", 1); + (void)write(fd, msg, sizeof(msg) - 1); + (void)write(fd, testname, strlen(testname)); + (void)write(fd, "\n", 1); close(fd); } _exit(1); @@ -85,13 +90,13 @@ segv_handler(int sig) errx(1, "malloc"); -void * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL rk_test_mem_alloc(enum rk_test_mem_type type, const char *name, void *buf, size_t size) { #ifndef HAVE_MMAP unsigned char *p; - + TESTREC(); p = malloc(size + 2); @@ -101,7 +106,7 @@ rk_test_mem_alloc(enum rk_test_mem_type type, const char *name, map.start = p; map.size = size + 2; p[0] = 0xff; - p[map.size] = 0xff; + p[map.size-1] = 0xff; map.data_start = p + 1; #else unsigned char *p; @@ -152,6 +157,7 @@ rk_test_mem_alloc(enum rk_test_mem_type type, const char *name, abort(); } #endif +#ifdef HAVE_SIGACTION sigemptyset (&sa.sa_mask); sa.sa_flags = 0; #ifdef SA_RESETHAND @@ -159,6 +165,9 @@ rk_test_mem_alloc(enum rk_test_mem_type type, const char *name, #endif sa.sa_handler = segv_handler; sigaction (SIGSEGV, &sa, &osa); +#else + osigh = signal(SIGSEGV, segv_handler); +#endif map.data_size = size; if (buf) @@ -166,23 +175,23 @@ rk_test_mem_alloc(enum rk_test_mem_type type, const char *name, return map.data_start; } -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rk_test_mem_free(const char *map_name) { #ifndef HAVE_MMAP unsigned char *p = map.start; - + if (testname == NULL) errx(1, "test_mem_free call on no free"); if (p[0] != 0xff) errx(1, "%s: %s underrun %x\n", testname, map_name, p[0]); - if (p[map.size] != 0xff) + if (p[map.size-1] != 0xff) errx(1, "%s: %s overrun %x\n", testname, map_name, p[map.size - 1]); free(map.start); #else int ret; - + if (testname == NULL) errx(1, "test_mem_free call on no free"); @@ -195,5 +204,9 @@ rk_test_mem_free(const char *map_name) free(testname); testname = NULL; +#ifdef HAVE_SIGACTION sigaction (SIGSEGV, &osa, NULL); +#else + signal (SIGSEGV, osigh); +#endif } diff --git a/lib/roken/test-mem.h b/lib/roken/test-mem.h index 896222f8d76f..4d900b4a6a30 100644 --- a/lib/roken/test-mem.h +++ b/lib/roken/test-mem.h @@ -1,39 +1,39 @@ /* - * Copyright (c) 1999 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ enum rk_test_mem_type { RK_TM_OVERRUN, RK_TM_UNDERRUN }; -void * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void * ROKEN_LIB_CALL rk_test_mem_alloc(enum rk_test_mem_type, const char *, void *, size_t); -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rk_test_mem_free(const char *); diff --git a/lib/roken/test-readenv.c b/lib/roken/test-readenv.c index 2cbf8166716b..24a666184b91 100644 --- a/lib/roken/test-readenv.c +++ b/lib/roken/test-readenv.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: test-readenv.c 20868 2007-06-03 21:02:04Z lha $"); -#endif #include "roken.h" #include "test-mem.h" @@ -112,7 +109,7 @@ main(int argc, char **argv) error++; } free_environment(env); - - + + return error; } diff --git a/lib/roken/timegm.c b/lib/roken/timegm.c index 41eb48716d12..e6c8992ad21e 100644 --- a/lib/roken/timegm.c +++ b/lib/roken/timegm.c @@ -1,40 +1,37 @@ /* - * Copyright (c) 1997, 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997, 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: timegm.c 18606 2006-10-19 16:19:10Z lha $"); -#endif #include "roken.h" @@ -45,7 +42,7 @@ is_leap(unsigned y) return (y % 4) == 0 && ((y % 100) != 0 || (y % 400) == 0); } -/* +/* * XXX This is a simplifed version of timegm, it needs to support out of * bounds values. */ @@ -59,17 +56,17 @@ rk_timegm (struct tm *tm) time_t res = 0; unsigned i; - if (tm->tm_year < 0) + if (tm->tm_year < 0) return -1; - if (tm->tm_mon < 0 || tm->tm_mon > 11) + if (tm->tm_mon < 0 || tm->tm_mon > 11) return -1; if (tm->tm_mday < 1 || tm->tm_mday > ndays[is_leap(tm->tm_year)][tm->tm_mon]) return -1; - if (tm->tm_hour < 0 || tm->tm_hour > 23) + if (tm->tm_hour < 0 || tm->tm_hour > 23) return -1; - if (tm->tm_min < 0 || tm->tm_min > 59) + if (tm->tm_min < 0 || tm->tm_min > 59) return -1; - if (tm->tm_sec < 0 || tm->tm_sec > 59) + if (tm->tm_sec < 0 || tm->tm_sec > 59) return -1; for (i = 70; i < tm->tm_year; ++i) diff --git a/lib/roken/timeval.c b/lib/roken/timeval.c index b72e2023f00b..38b1f7ce9c34 100644 --- a/lib/roken/timeval.c +++ b/lib/roken/timeval.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -35,10 +35,7 @@ * Timeval stuff */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: timeval.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" @@ -46,7 +43,7 @@ RCSID("$Id: timeval.c 14773 2005-04-12 11:29:18Z lha $"); * Make `t1' consistent. */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL timevalfix(struct timeval *t1) { if (t1->tv_usec < 0) { @@ -58,24 +55,24 @@ timevalfix(struct timeval *t1) t1->tv_usec -= 1000000; } } - + /* * t1 += t2 */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL timevaladd(struct timeval *t1, const struct timeval *t2) { t1->tv_sec += t2->tv_sec; t1->tv_usec += t2->tv_usec; timevalfix(t1); } - + /* * t1 -= t2 */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL timevalsub(struct timeval *t1, const struct timeval *t2) { t1->tv_sec -= t2->tv_sec; diff --git a/lib/roken/tm2time.c b/lib/roken/tm2time.c index 7bcba8379ca4..ba69a0487934 100644 --- a/lib/roken/tm2time.c +++ b/lib/roken/tm2time.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 2004 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: tm2time.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #ifdef TIME_WITH_SYS_TIME #include @@ -46,7 +43,7 @@ RCSID("$Id: tm2time.c 14773 2005-04-12 11:29:18Z lha $"); #endif #include "roken.h" -time_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION time_t ROKEN_LIB_CALL tm2time (struct tm tm, int local) { time_t t; diff --git a/lib/roken/tsearch-test.c b/lib/roken/tsearch-test.c new file mode 100644 index 000000000000..cc5b9a95b604 --- /dev/null +++ b/lib/roken/tsearch-test.c @@ -0,0 +1,125 @@ +/* + * Tree search generalized from Knuth (6.2.2) Algorithm T just like + * the AT&T man page says. + * + * The node_t structure is for internal use only, lint doesn't grok it. + * + * Written by reading the System V Interface Definition, not the code. + * + * Totally public domain. + */ + +#include + +#include "roken.h" +#include "search.h" + +struct node { + char *string; + int order; +}; + +extern void *rk_tdelete(const void * __restrict, void ** __restrict, + int (*)(const void *, const void *)); +extern void *rk_tfind(const void *, void * const *, + int (*)(const void *, const void *)); +extern void *rk_tsearch(const void *, void **, int (*)(const void *, const void *)); +extern void rk_twalk(const void *, void (*)(const void *, VISIT, int)); + +void *rootnode = NULL; +int numerr = 0; + +/* + * This routine compares two nodes, based on an + * alphabetical ordering of the string field. + */ +int +node_compare(const void *node1, const void *node2) +{ + return strcmp(((const struct node *) node1)->string, + ((const struct node *) node2)->string); +} + +static int walkorder = -1; + +void +list_node(const void *ptr, VISIT order, int level) +{ + const struct node *p = *(const struct node **) ptr; + + if (order == postorder || order == leaf) { + walkorder++; + if (p->order != walkorder) { + warnx("sort failed: expected %d next, got %d\n", walkorder, + p->order); + numerr++; + } + } +} + +int +main(int argc, char **argv) +{ + int numtest = 1; + struct node *t, *p, tests[] = { + { "", 0 }, + { "ab", 3 }, + { "abc", 4 }, + { "abcdefg", 8 }, + { "abcd", 5 }, + { "a", 2 }, + { "abcdef", 7 }, + { "abcde", 6 }, + { "=", 1 }, + { NULL } + }; + + for(t = tests; t->string; t++) { + /* Better not be there */ + p = (struct node *)rk_tfind((void *)t, (void **)&rootnode, + node_compare); + + if (p) { + warnx("erroneous list: found %d\n", p->order); + numerr++; + } + + /* Put node into the tree. */ + p = (struct node *) rk_tsearch((void *)t, (void **)&rootnode, + node_compare); + + if (!p) { + warnx("erroneous list: missing %d\n", t->order); + numerr++; + } + } + + rk_twalk(rootnode, list_node); + + for(t = tests; t->string; t++) { + /* Better be there */ + p = (struct node *) rk_tfind((void *)t, (void **)&rootnode, + node_compare); + + if (!p) { + warnx("erroneous list: missing %d\n", t->order); + numerr++; + } + + /* pull out node */ + (void) rk_tdelete((void *)t, (void **)&rootnode, + node_compare); + + /* Better not be there */ + p = (struct node *) rk_tfind((void *)t, (void **)&rootnode, + node_compare); + + if (p) { + warnx("erroneous list: found %d\n", p->order); + numerr++; + } + + } + + return numerr; +} diff --git a/lib/roken/tsearch.c b/lib/roken/tsearch.c new file mode 100644 index 000000000000..c51a643398af --- /dev/null +++ b/lib/roken/tsearch.c @@ -0,0 +1,180 @@ +/* + * Tree search generalized from Knuth (6.2.2) Algorithm T just like + * the AT&T man page says. + * + * The node_t structure is for internal use only, lint doesn't grok it. + * + * Written by reading the System V Interface Definition, not the code. + * + * Totally public domain. + * + * $NetBSD: tsearch.c,v 1.3 1999/09/16 11:45:37 lukem Exp $ + * $NetBSD: twalk.c,v 1.1 1999/02/22 10:33:16 christos Exp $ + * $NetBSD: tdelete.c,v 1.2 1999/09/16 11:45:37 lukem Exp $ + * $NetBSD: tfind.c,v 1.2 1999/09/16 11:45:37 lukem Exp $ + */ + +#include +#include "roken.h" +#include "search.h" +#include + +typedef struct node { + char *key; + struct node *llink, *rlink; +} node_t; + +#ifndef __DECONST +#define __DECONST(type, var) ((type)(uintptr_t)(const void *)(var)) +#endif + +/* + * find or insert datum into search tree + * + * Parameters: + * vkey: key to be located + * vrootp: address of tree root + */ + +ROKEN_LIB_FUNCTION void * +rk_tsearch(const void *vkey, void **vrootp, + int (*compar)(const void *, const void *)) +{ + node_t *q; + node_t **rootp = (node_t **)vrootp; + + if (rootp == NULL) + return NULL; + + while (*rootp != NULL) { /* Knuth's T1: */ + int r; + + if ((r = (*compar)(vkey, (*rootp)->key)) == 0) /* T2: */ + return *rootp; /* we found it! */ + + rootp = (r < 0) ? + &(*rootp)->llink : /* T3: follow left branch */ + &(*rootp)->rlink; /* T4: follow right branch */ + } + + q = malloc(sizeof(node_t)); /* T5: key not found */ + if (q != 0) { /* make new node */ + *rootp = q; /* link new node to old */ + /* LINTED const castaway ok */ + q->key = __DECONST(void *, vkey); /* initialize new node */ + q->llink = q->rlink = NULL; + } + return q; +} + +/* + * Walk the nodes of a tree + * + * Parameters: + * root: Root of the tree to be walked + */ +static void +trecurse(const node_t *root, void (*action)(const void *, VISIT, int), + int level) +{ + + if (root->llink == NULL && root->rlink == NULL) + (*action)(root, leaf, level); + else { + (*action)(root, preorder, level); + if (root->llink != NULL) + trecurse(root->llink, action, level + 1); + (*action)(root, postorder, level); + if (root->rlink != NULL) + trecurse(root->rlink, action, level + 1); + (*action)(root, endorder, level); + } +} + +/* + * Walk the nodes of a tree + * + * Parameters: + * vroot: Root of the tree to be walked + */ +ROKEN_LIB_FUNCTION void +rk_twalk(const void *vroot, + void (*action)(const void *, VISIT, int)) +{ + if (vroot != NULL && action != NULL) + trecurse(vroot, action, 0); +} + +/* + * delete node with given key + * + * vkey: key to be deleted + * vrootp: address of the root of the tree + * compar: function to carry out node comparisons + */ +ROKEN_LIB_FUNCTION void * +rk_tdelete(const void * __restrict vkey, void ** __restrict vrootp, + int (*compar)(const void *, const void *)) +{ + node_t **rootp = (node_t **)vrootp; + node_t *p, *q, *r; + int cmp; + + if (rootp == NULL || (p = *rootp) == NULL) + return NULL; + + while ((cmp = (*compar)(vkey, (*rootp)->key)) != 0) { + p = *rootp; + rootp = (cmp < 0) ? + &(*rootp)->llink : /* follow llink branch */ + &(*rootp)->rlink; /* follow rlink branch */ + if (*rootp == NULL) + return NULL; /* key not found */ + } + r = (*rootp)->rlink; /* D1: */ + if ((q = (*rootp)->llink) == NULL) /* Left NULL? */ + q = r; + else if (r != NULL) { /* Right link is NULL? */ + if (r->llink == NULL) { /* D2: Find successor */ + r->llink = q; + q = r; + } else { /* D3: Find NULL link */ + for (q = r->llink; q->llink != NULL; q = r->llink) + r = q; + r->llink = q->rlink; + q->llink = (*rootp)->llink; + q->rlink = (*rootp)->rlink; + } + } + free(*rootp); /* D4: Free node */ + *rootp = q; /* link parent to new node */ + return p; +} + +/* + * find a node, or return 0 + * + * Parameters: + * vkey: key to be found + * vrootp: address of the tree root + */ +ROKEN_LIB_FUNCTION void * +rk_tfind(const void *vkey, void * const *vrootp, + int (*compar)(const void *, const void *)) +{ + node_t **rootp = (node_t **)vrootp; + + if (rootp == NULL) + return NULL; + + while (*rootp != NULL) { /* T1: */ + int r; + + if ((r = (*compar)(vkey, (*rootp)->key)) == 0) /* T2: */ + return *rootp; /* key found */ + rootp = (r < 0) ? + &(*rootp)->llink : /* T3: follow left branch */ + &(*rootp)->rlink; /* T4: follow right branch */ + } + return NULL; +} diff --git a/lib/roken/unsetenv.c b/lib/roken/unsetenv.c index 54cf7b77dc90..55ba5e36d9e9 100644 --- a/lib/roken/unsetenv.c +++ b/lib/roken/unsetenv.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,22 +31,21 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: unsetenv.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include #include #include "roken.h" +#if !HAVE_DECL_ENVIRON extern char **environ; +#endif /* * unsetenv -- */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL unsetenv(const char *name) { int len; @@ -59,7 +58,7 @@ unsetenv(const char *name) for (np = name; *np && *np != '='; np++) /* nop */; len = np - name; - + for (p = environ; *p != 0; p++) if (strncmp(*p, name, len) == 0 && (*p)[len] == '=') break; diff --git a/lib/roken/unvis.c b/lib/roken/unvis.c index 72d5f161b083..6ceda4aa2c2e 100644 --- a/lib/roken/unvis.c +++ b/lib/roken/unvis.c @@ -30,10 +30,7 @@ */ #if 1 -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: unvis.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include "roken.h" #ifndef _DIAGASSERT #define _DIAGASSERT(X) @@ -82,16 +79,16 @@ __warn_references(unvis, #define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_strunvis (char *, const char *); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_unvis (char *, int, int *, int); /* * unvis - decode characters previously encoded by vis */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_unvis(char *cp, int c, int *astate, int flag) { @@ -102,7 +99,7 @@ rk_unvis(char *cp, int c, int *astate, int flag) if (*astate == S_OCTAL2 || *astate == S_OCTAL3) { *astate = S_GROUND; return (UNVIS_VALID); - } + } return (*astate == S_GROUND ? UNVIS_NOCHAR : UNVIS_SYNBAD); } @@ -113,7 +110,7 @@ rk_unvis(char *cp, int c, int *astate, int flag) if (c == '\\') { *astate = S_START; return (0); - } + } *cp = c; return (UNVIS_VALID); @@ -129,7 +126,7 @@ rk_unvis(char *cp, int c, int *astate, int flag) *astate = S_OCTAL2; return (0); case 'M': - *cp = (char)0200; + *cp = (u_char)0200; *astate = S_META; return (0); case '^': @@ -186,7 +183,7 @@ rk_unvis(char *cp, int c, int *astate, int flag) } *astate = S_GROUND; return (UNVIS_SYNBAD); - + case S_META: if (c == '-') *astate = S_META1; @@ -197,12 +194,12 @@ rk_unvis(char *cp, int c, int *astate, int flag) return (UNVIS_SYNBAD); } return (0); - + case S_META1: *astate = S_GROUND; *cp |= c; return (UNVIS_VALID); - + case S_CTRL: if (c == '?') *cp |= 0177; @@ -213,15 +210,15 @@ rk_unvis(char *cp, int c, int *astate, int flag) case S_OCTAL2: /* second possible octal digit */ if (isoctal(c)) { - /* - * yes - and maybe a third + /* + * yes - and maybe a third */ *cp = (*cp << 3) + (c - '0'); - *astate = S_OCTAL3; + *astate = S_OCTAL3; return (0); - } - /* - * no - done with current sequence, push back passed char + } + /* + * no - done with current sequence, push back passed char */ *astate = S_GROUND; return (UNVIS_VALIDPUSH); @@ -236,10 +233,10 @@ rk_unvis(char *cp, int c, int *astate, int flag) * we were done, push back passed char */ return (UNVIS_VALIDPUSH); - - default: - /* - * decoder in unknown state - (probably uninitialized) + + default: + /* + * decoder in unknown state - (probably uninitialized) */ *astate = S_GROUND; return (UNVIS_SYNBAD); @@ -247,13 +244,13 @@ rk_unvis(char *cp, int c, int *astate, int flag) } /* - * strunvis - decode src into dst + * strunvis - decode src into dst * * Number of chars decoded into dst is returned, -1 on error. * Dst is null terminated. */ -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_strunvis(char *dst, const char *src) { char c; diff --git a/lib/roken/verify.c b/lib/roken/verify.c index 54ad814e9827..fc8fc57b6f40 100644 --- a/lib/roken/verify.c +++ b/lib/roken/verify.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: verify.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include #ifdef HAVE_UNISTD_H @@ -45,11 +42,11 @@ RCSID("$Id: verify.c 14773 2005-04-12 11:29:18Z lha $"); #endif #include "roken.h" -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL unix_verify_user(char *user, char *password) { struct passwd *pw; - + pw = k_getpwnam(user); if(pw == NULL) return -1; diff --git a/lib/roken/verr.c b/lib/roken/verr.c index 3db3c1c37c09..cd3cdf35ea6a 100644 --- a/lib/roken/verr.c +++ b/lib/roken/verr.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,17 +31,14 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: verr.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" #include -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL verr(int eval, const char *fmt, va_list ap) { - warnerr(1, fmt, ap); + rk_warnerr(1, fmt, ap); exit(eval); } diff --git a/lib/roken/verrx.c b/lib/roken/verrx.c index a3a59d02b130..84645181c873 100644 --- a/lib/roken/verrx.c +++ b/lib/roken/verrx.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,17 +31,14 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: verrx.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" #include -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL verrx(int eval, const char *fmt, va_list ap) { - warnerr(0, fmt, ap); + rk_warnerr(0, fmt, ap); exit(eval); } diff --git a/lib/roken/version-script.map b/lib/roken/version-script.map new file mode 100644 index 000000000000..9229a373cd7d --- /dev/null +++ b/lib/roken/version-script.map @@ -0,0 +1,203 @@ +HEIMDAL_ROKEN_1.0 { + global: + arg_printusage; + arg_printusage_i18n; + base64_decode; + base64_encode; + cgetcap; + cgetclose; + cgetmatch; + cgetnum; + cgetset; + cgetustr; + ct_memcmp; + err; + errx; + free_getarg_strings; + get_default_username; + get_window_size; + getarg; + getnameinfo_verified; + hex_decode; + hex_encode; + issuid; + k_getpwnam; + k_getpwuid; + mini_inetd; + mini_inetd_addrinfo; + net_read; + net_write; + parse_bytes; + parse_flags; + parse_time; + parse_units; + print_flags_table; + print_time_table; + print_units_table; + rk_asnprintf; + rk_asprintf; + rk_bswap16; + rk_bswap32; + rk_cgetent; + rk_cgetstr; + rk_cloexec; + rk_cloexec_file; + rk_cloexec_dir; + rk_closefrom; + rk_copyhostent; + rk_dns_free_data; + rk_dns_lookup; + rk_dns_srv_order; + rk_dns_string_to_type; + rk_dns_type_to_string; + rk_dumpdata; + rk_ecalloc; + rk_emalloc; + rk_eread; + rk_erealloc; + rk_esetenv; + rk_estrdup; + rk_ewrite; + rk_flock; + rk_fnmatch; + rk_free_environment; + rk_freeaddrinfo; + rk_freehostent; + rk_freeifaddrs; + rk_gai_strerror; + rk_getaddrinfo; + rk_getifaddrs; + rk_getipnodebyaddr; + rk_getipnodebyname; + rk_getnameinfo; + rk_getprogname; + rk_glob; + rk_globfree; + rk_hex_decode; + rk_hex_encode; + rk_hostent_find_fqdn; + rk_inet_ntop; + rk_inet_pton; + rk_localtime_r; + rk_mkstemp; + rk_pid_file_delete; + rk_pid_file_write; + rk_pidfile; + rk_pipe_execv; + rk_random_init; + rk_read_environment; + rk_readv; + rk_realloc; + rk_strerror; + rk_strerror_r; + rk_setprogname; + rk_simple_execle; + rk_simple_execlp; + rk_simple_execve; + rk_simple_execve_timed; + rk_simple_execvp; + rk_simple_execvp_timed; + rk_socket; + rk_socket_addr_size; + rk_socket_get_address; + rk_socket_get_port; + rk_socket_set_address_and_port; + rk_socket_set_any; + rk_socket_set_debug; + rk_socket_set_ipv6only; + rk_socket_set_port; + rk_socket_set_portrange; + rk_socket_set_reuseaddr; + rk_socket_set_tos; + rk_socket_sockaddr_size; + rk_strcollect; + rk_strftime; + rk_strlcat; + rk_strlcpy; + rk_strlwr; + rk_strndup; + rk_strnlen; + rk_strpoolcollect; + rk_strpoolfree; + rk_strpoolprintf; + rk_strptime; + rk_strsep_copy; + rk_strsvis; + rk_strsvis; + rk_strsvisx; + rk_strunvis; + rk_strunvis; + rk_strunvisx; + rk_strupr; + rk_strvis; + rk_strvis; + rk_strvisx; + rk_strvisx; + rk_svis; + rk_svis; + rk_timegm; + rk_timevaladd; + rk_timevalfix; + rk_timevalsub; + rk_tdelete; + rk_tfind; + rk_tsearch; + rk_twalk; + rk_undumpdata; + rk_unvis; + rk_vasnprintf; + rk_vasprintf; + rk_vis; + rk_vis; + rk_vsnprintf; + rk_vstrcollect; + rk_wait_for_process; + rk_wait_for_process_timed; + rk_warnerr; + rk_xfree; + roken_concat; + roken_getaddrinfo_hostspec2; + roken_getaddrinfo_hostspec; + roken_gethostby_setup; + roken_gethostbyaddr; + roken_gethostbyname; + roken_mconcat; + roken_vconcat; + roken_vmconcat; + rtbl_add_column; + rtbl_add_column_by_id; + rtbl_add_column_entry; + rtbl_add_column_entry_by_id; + rtbl_add_column_entryv; + rtbl_add_column_entryv_by_id; + rtbl_create; + rtbl_destroy; + rtbl_format; + rtbl_get_flags; + rtbl_new_row; + rtbl_set_column_affix_by_id; + rtbl_set_column_prefix; + rtbl_set_flags; + rtbl_set_prefix; + rtbl_set_separator; + signal; + simple_execl; + tm2time; + unix_verify_user; + unparse_bytes; + unparse_bytes_short; + unparse_flags; + unparse_time; + unparse_time_approx; + unparse_units; + unparse_units_approx; + verr; + verrx; + vwarn; + vwarnx; + warn; + warnx; + writev; + local: + *; +}; diff --git a/lib/roken/vis.c b/lib/roken/vis.c index 1114223a2974..19ff29d95ca8 100644 --- a/lib/roken/vis.c +++ b/lib/roken/vis.c @@ -1,4 +1,4 @@ -/* $NetBSD: vis.c,v 1.4 2003/08/07 09:15:32 agc Exp $ */ +/* $NetBSD: vis.c,v 1.37 2008/07/25 22:29:23 dsl Exp $ */ /*- * Copyright (c) 1989, 1993 @@ -30,7 +30,8 @@ */ /*- - * Copyright (c) 1999 The NetBSD Foundation, Inc. + * Copyright (c) 1999, 2005 The NetBSD Foundation, Inc. + * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -40,47 +41,35 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. */ - #if 1 -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: vis.c 21005 2007-06-08 01:54:35Z lha $"); -#endif #include "roken.h" #ifndef _DIAGASSERT #define _DIAGASSERT(X) #endif -#else +#else /* heimdal */ #include -#if !defined(lint) -__RCSID("$NetBSD: vis.c,v 1.4 2003/08/07 09:15:32 agc Exp $"); -#endif /* not lint */ -#endif +#if defined(LIBC_SCCS) && !defined(lint) +__RCSID("$NetBSD: vis.c,v 1.37 2008/07/25 22:29:23 dsl Exp $"); +#endif /* LIBC_SCCS and not lint */ -#if 0 #include "namespace.h" -#endif +#endif /* heimdal */ + #include #include @@ -89,6 +78,7 @@ __RCSID("$NetBSD: vis.c,v 1.4 2003/08/07 09:15:32 agc Exp $"); #include #include #include +#include #if 0 #ifdef __weak_alias @@ -101,6 +91,14 @@ __weak_alias(vis,_vis) #endif #endif +#if !HAVE_VIS || !HAVE_SVIS +#include +#include +#include +#include + +static char *do_svis(char *, int, int, int, const char *); + #undef BELL #if defined(__STDC__) #define BELL '\a' @@ -108,39 +106,64 @@ __weak_alias(vis,_vis) #define BELL '\007' #endif -char ROKEN_LIB_FUNCTION - *rk_vis (char *, int, int, int); -char ROKEN_LIB_FUNCTION - *rk_svis (char *, int, int, int, const char *); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL + rk_vis (char *, int, int, int); +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL + rk_svis (char *, int, int, int, const char *); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_strvis (char *, const char *, int); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_strsvis (char *, const char *, int, const char *); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_strvisx (char *, const char *, size_t, int); -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_strsvisx (char *, const char *, size_t, int, const char *); #define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') #define iswhite(c) (c == ' ' || c == '\t' || c == '\n') #define issafe(c) (c == '\b' || c == BELL || c == '\r') +#define xtoa(c) "0123456789abcdef"[c] -#define MAXEXTRAS 5 +#define MAXEXTRAS 5 - -#define MAKEEXTRALIST(flag, extra) \ +#define MAKEEXTRALIST(flag, extra, orig_str) \ do { \ - char *pextra = extra; \ - if (flag & VIS_SP) *pextra++ = ' '; \ - if (flag & VIS_TAB) *pextra++ = '\t'; \ - if (flag & VIS_NL) *pextra++ = '\n'; \ - if ((flag & VIS_NOSLASH) == 0) *pextra++ = '\\'; \ - *pextra = '\0'; \ + const char *orig = orig_str; \ + const char *o = orig; \ + char *e; \ + while (*o++) \ + continue; \ + extra = malloc((size_t)((o - orig) + MAXEXTRAS)); \ + if (!extra) break; \ + for (o = orig, e = extra; (*e++ = *o++) != '\0';) \ + continue; \ + e--; \ + if (flag & VIS_SP) *e++ = ' '; \ + if (flag & VIS_TAB) *e++ = '\t'; \ + if (flag & VIS_NL) *e++ = '\n'; \ + if ((flag & VIS_NOSLASH) == 0) *e++ = '\\'; \ + *e = '\0'; \ } while (/*CONSTCOND*/0) /* - * This is SVIS, the central macro of vis. + * This is do_hvis, for HTTP style (RFC 1808) + */ +static char * +do_hvis(char *dst, int c, int flag, int nextc, const char *extra) +{ + if (!isascii(c) || !isalnum(c) || strchr("$-_.+!*'(),", c) != NULL) { + *dst++ = '%'; + *dst++ = xtoa(((unsigned int)c >> 4) & 0xf); + *dst++ = xtoa((unsigned int)c & 0xf); + } else { + dst = do_svis(dst, c, flag, nextc, extra); + } + return dst; +} + +/* + * This is do_vis, the central code of vis. * dst: Pointer to the destination buffer * c: Character to encode * flag: Flag word @@ -148,90 +171,103 @@ do { \ * extra: Pointer to the list of extra characters to be * backslash-protected. */ -#define SVIS(dst, c, flag, nextc, extra) \ -do { \ - int isextra, isc; \ - isextra = strchr(extra, c) != NULL; \ - if (!isextra && \ - isascii((unsigned char)c) && \ - (isgraph((unsigned char)c) || iswhite(c) || \ - ((flag & VIS_SAFE) && issafe(c)))) { \ - *dst++ = c; \ - break; \ - } \ - isc = 0; \ - if (flag & VIS_CSTYLE) { \ - switch (c) { \ - case '\n': \ - isc = 1; *dst++ = '\\'; *dst++ = 'n'; \ - break; \ - case '\r': \ - isc = 1; *dst++ = '\\'; *dst++ = 'r'; \ - break; \ - case '\b': \ - isc = 1; *dst++ = '\\'; *dst++ = 'b'; \ - break; \ - case BELL: \ - isc = 1; *dst++ = '\\'; *dst++ = 'a'; \ - break; \ - case '\v': \ - isc = 1; *dst++ = '\\'; *dst++ = 'v'; \ - break; \ - case '\t': \ - isc = 1; *dst++ = '\\'; *dst++ = 't'; \ - break; \ - case '\f': \ - isc = 1; *dst++ = '\\'; *dst++ = 'f'; \ - break; \ - case ' ': \ - isc = 1; *dst++ = '\\'; *dst++ = 's'; \ - break; \ - case '\0': \ - isc = 1; *dst++ = '\\'; *dst++ = '0'; \ - if (isoctal(nextc)) { \ - *dst++ = '0'; \ - *dst++ = '0'; \ - } \ - } \ - } \ - if (isc) break; \ - if (isextra || ((c & 0177) == ' ') || (flag & VIS_OCTAL)) { \ - *dst++ = '\\'; \ - *dst++ = (u_char)(((unsigned)(u_char)c >> 6) & 03) + '0'; \ - *dst++ = (u_char)(((unsigned)(u_char)c >> 3) & 07) + '0'; \ - *dst++ = (c & 07) + '0'; \ - } else { \ - if ((flag & VIS_NOSLASH) == 0) *dst++ = '\\'; \ - if (c & 0200) { \ - c &= 0177; *dst++ = 'M'; \ - } \ - if (iscntrl((unsigned char)c)) { \ - *dst++ = '^'; \ - if (c == 0177) \ - *dst++ = '?'; \ - else \ - *dst++ = c + '@'; \ - } else { \ - *dst++ = '-'; *dst++ = c; \ - } \ - } \ -} while (/*CONSTCOND*/0) +static char * +do_svis(char *dst, int c, int flag, int nextc, const char *extra) +{ + int isextra; + isextra = strchr(extra, c) != NULL; + if (!isextra && isascii(c) && (isgraph(c) || iswhite(c) || + ((flag & VIS_SAFE) && issafe(c)))) { + *dst++ = c; + return dst; + } + if (flag & VIS_CSTYLE) { + switch (c) { + case '\n': + *dst++ = '\\'; *dst++ = 'n'; + return dst; + case '\r': + *dst++ = '\\'; *dst++ = 'r'; + return dst; + case '\b': + *dst++ = '\\'; *dst++ = 'b'; + return dst; + case BELL: + *dst++ = '\\'; *dst++ = 'a'; + return dst; + case '\v': + *dst++ = '\\'; *dst++ = 'v'; + return dst; + case '\t': + *dst++ = '\\'; *dst++ = 't'; + return dst; + case '\f': + *dst++ = '\\'; *dst++ = 'f'; + return dst; + case ' ': + *dst++ = '\\'; *dst++ = 's'; + return dst; + case '\0': + *dst++ = '\\'; *dst++ = '0'; + if (isoctal(nextc)) { + *dst++ = '0'; + *dst++ = '0'; + } + return dst; + default: + if (isgraph(c)) { + *dst++ = '\\'; *dst++ = c; + return dst; + } + } + } + if (isextra || ((c & 0177) == ' ') || (flag & VIS_OCTAL)) { + *dst++ = '\\'; + *dst++ = (u_char)(((unsigned int)(u_char)c >> 6) & 03) + '0'; + *dst++ = (u_char)(((unsigned int)(u_char)c >> 3) & 07) + '0'; + *dst++ = (u_char)( c & 07) + '0'; + } else { + if ((flag & VIS_NOSLASH) == 0) *dst++ = '\\'; + if (c & 0200) { + c &= 0177; *dst++ = 'M'; + } + if (iscntrl(c)) { + *dst++ = '^'; + if (c == 0177) + *dst++ = '?'; + else + *dst++ = c + '@'; + } else { + *dst++ = '-'; *dst++ = c; + } + } + return dst; +} /* * svis - visually encode characters, also encoding the characters - * pointed to by `extra' + * pointed to by `extra' */ - -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL rk_svis(char *dst, int c, int flag, int nextc, const char *extra) { + char *nextra = NULL; + _DIAGASSERT(dst != NULL); _DIAGASSERT(extra != NULL); - - SVIS(dst, c, flag, nextc, extra); + MAKEEXTRALIST(flag, nextra, extra); + if (!nextra) { + *dst = '\0'; /* can't create nextra, return "" */ + return dst; + } + if (flag & VIS_HTTPSTYLE) + dst = do_hvis(dst, c, flag, nextc, nextra); + else + dst = do_svis(dst, c, flag, nextc, nextra); + free(nextra); *dst = '\0'; - return(dst); + return dst; } @@ -242,94 +278,145 @@ rk_svis(char *dst, int c, int flag, int nextc, const char *extra) * be encoded, too. These functions are useful e. g. to * encode strings in such a way so that they are not interpreted * by a shell. - * + * * Dst must be 4 times the size of src to account for possible * expansion. The length of dst, not including the trailing NULL, - * is returned. + * is returned. * * Strsvisx encodes exactly len bytes from src into dst. * This is useful for encoding a block of data. */ -int ROKEN_LIB_FUNCTION -rk_strsvis(char *dst, const char *src, int flag, const char *extra) +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_strsvis(char *dst, const char *csrc, int flag, const char *extra) { - char c; + int c; char *start; + char *nextra = NULL; + const unsigned char *src = (const unsigned char *)csrc; _DIAGASSERT(dst != NULL); _DIAGASSERT(src != NULL); _DIAGASSERT(extra != NULL); - - for (start = dst; (c = *src++) != '\0'; /* empty */) - SVIS(dst, c, flag, *src, extra); - *dst = '\0'; - return (dst - start); -} - - -int ROKEN_LIB_FUNCTION -rk_strsvisx(char *dst, const char *src, size_t len, int flag, const char *extra) -{ - char c; - char *start; - - _DIAGASSERT(dst != NULL); - _DIAGASSERT(src != NULL); - _DIAGASSERT(extra != NULL); - - for (start = dst; len > 0; len--) { - c = *src++; - SVIS(dst, c, flag, len ? *src : '\0', extra); + MAKEEXTRALIST(flag, nextra, extra); + if (!nextra) { + *dst = '\0'; /* can't create nextra, return "" */ + return 0; } + if (flag & VIS_HTTPSTYLE) { + for (start = dst; (c = *src++) != '\0'; /* empty */) + dst = do_hvis(dst, c, flag, *src, nextra); + } else { + for (start = dst; (c = *src++) != '\0'; /* empty */) + dst = do_svis(dst, c, flag, *src, nextra); + } + free(nextra); *dst = '\0'; return (dst - start); } +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +rk_strsvisx(char *dst, const char *csrc, size_t len, int flag, const char *extra) +{ + unsigned char c; + char *start; + char *nextra = NULL; + const unsigned char *src = (const unsigned char *)csrc; + + _DIAGASSERT(dst != NULL); + _DIAGASSERT(src != NULL); + _DIAGASSERT(extra != NULL); + MAKEEXTRALIST(flag, nextra, extra); + if (! nextra) { + *dst = '\0'; /* can't create nextra, return "" */ + return 0; + } + + if (flag & VIS_HTTPSTYLE) { + for (start = dst; len > 0; len--) { + c = *src++; + dst = do_hvis(dst, c, flag, len ? *src : '\0', nextra); + } + } else { + for (start = dst; len > 0; len--) { + c = *src++; + dst = do_svis(dst, c, flag, len ? *src : '\0', nextra); + } + } + free(nextra); + *dst = '\0'; + return (dst - start); +} +#endif + +#if !HAVE_VIS /* * vis - visually encode characters */ -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL rk_vis(char *dst, int c, int flag, int nextc) { - char extra[MAXEXTRAS]; + char *extra = NULL; + unsigned char uc = (unsigned char)c; _DIAGASSERT(dst != NULL); - MAKEEXTRALIST(flag, extra); - SVIS(dst, c, flag, nextc, extra); + MAKEEXTRALIST(flag, extra, ""); + if (! extra) { + *dst = '\0'; /* can't create extra, return "" */ + return dst; + } + if (flag & VIS_HTTPSTYLE) + dst = do_hvis(dst, uc, flag, nextc, extra); + else + dst = do_svis(dst, uc, flag, nextc, extra); + free(extra); *dst = '\0'; - return (dst); + return dst; } /* * strvis, strvisx - visually encode characters from src into dst - * + * * Dst must be 4 times the size of src to account for possible * expansion. The length of dst, not including the trailing NULL, - * is returned. + * is returned. * * Strvisx encodes exactly len bytes from src into dst. * This is useful for encoding a block of data. */ - -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_strvis(char *dst, const char *src, int flag) { - char extra[MAXEXTRAS]; + char *extra = NULL; + int rv; - MAKEEXTRALIST(flag, extra); - return (rk_strsvis(dst, src, flag, extra)); + MAKEEXTRALIST(flag, extra, ""); + if (!extra) { + *dst = '\0'; /* can't create extra, return "" */ + return 0; + } + rv = strsvis(dst, src, flag, extra); + free(extra); + return rv; } -int ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_strvisx(char *dst, const char *src, size_t len, int flag) { - char extra[MAXEXTRAS]; + char *extra = NULL; + int rv; - MAKEEXTRALIST(flag, extra); - return (rk_strsvisx(dst, src, len, flag, extra)); + MAKEEXTRALIST(flag, extra, ""); + if (!extra) { + *dst = '\0'; /* can't create extra, return "" */ + return 0; + } + rv = strsvisx(dst, src, len, flag, extra); + free(extra); + return rv; } +#endif diff --git a/lib/roken/vis.hin b/lib/roken/vis.hin index 224870b00af1..25d662a98022 100644 --- a/lib/roken/vis.hin +++ b/lib/roken/vis.hin @@ -1,5 +1,4 @@ -/* $NetBSD: vis.h,v 1.11 1999/11/25 16:55:50 wennmach Exp $ */ -/* $Id: vis.hin 19341 2006-12-15 11:53:09Z lha $ */ +/* $NetBSD: vis.h,v 1.16 2005/09/13 01:44:32 christos Exp $ */ /*- * Copyright (c) 1990, 1993 @@ -37,12 +36,18 @@ #ifndef ROKEN_LIB_FUNCTION #ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall +#define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL __cdecl #else #define ROKEN_LIB_FUNCTION +#define ROKEN_LIB_CALL #endif #endif +#include + +#include + /* * to select alternate encoding format */ @@ -63,6 +68,7 @@ * other */ #define VIS_NOSLASH 0x40 /* inhibit printing '\' */ +#define VIS_HTTPSTYLE 0x80 /* http-style escape % HEX HEX */ /* * unvis return codes @@ -78,38 +84,68 @@ */ #define UNVIS_END 1 /* no more characters */ -char ROKEN_LIB_FUNCTION - *rk_vis (char *, int, int, int); -char ROKEN_LIB_FUNCTION - *rk_svis (char *, int, int, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strvis (char *, const char *, int); -int ROKEN_LIB_FUNCTION - rk_strsvis (char *, const char *, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strvisx (char *, const char *, size_t, int); -int ROKEN_LIB_FUNCTION - rk_strsvisx (char *, const char *, size_t, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strunvis (char *, const char *); -int ROKEN_LIB_FUNCTION - rk_unvis (char *, int, int *, int); +ROKEN_CPP_START +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL + rk_vis(char *, int, int, int); +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL + rk_svis(char *, int, int, int, const char *); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_strvis(char *, const char *, int); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_strsvis(char *, const char *, int, const char *); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_strvisx(char *, const char *, size_t, int); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_strsvisx(char *, const char *, size_t, int, const char *); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_strunvis(char *, const char *); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_strunvisx(char *, const char *, int); +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL + rk_unvis(char *, int, int *, int); + +ROKEN_CPP_END + +#ifndef HAVE_VIS #undef vis #define vis(a,b,c,d) rk_vis(a,b,c,d) +#endif + +#ifndef HAVE_SVIS #undef svis #define svis(a,b,c,d,e) rk_svis(a,b,c,d,e) +#endif + +#ifndef HAVE_STRVIS #undef strvis #define strvis(a,b,c) rk_strvis(a,b,c) +#endif + +#ifndef HAVE_STRSVIS #undef strsvis #define strsvis(a,b,c,d) rk_strsvis(a,b,c,d) +#endif + +#ifndef HAVE_STRVISX #undef strvisx #define strvisx(a,b,c,d) rk_strvisx(a,b,c,d) +#endif + +#ifndef HAVE_STRSVISX #undef strsvisx #define strsvisx(a,b,c,d,e) rk_strsvisx(a,b,c,d,e) +#endif + +#ifndef HAVE_STRUNVIS #undef strunvis #define strunvis(a,b) rk_strunvis(a,b) +#endif + + +#ifndef HAVE_UNVIS #undef unvis #define unvis(a,b,c,d) rk_unvis(a,b,c,d) +#endif #endif /* !_VIS_H_ */ diff --git a/lib/roken/vsyslog.c b/lib/roken/vsyslog.c index 690eb7dc075a..aea7086d7121 100644 --- a/lib/roken/vsyslog.c +++ b/lib/roken/vsyslog.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: vsyslog.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #ifndef HAVE_VSYSLOG @@ -61,12 +58,13 @@ simple_vsyslog(int pri, const char *fmt, va_list ap) * do like syslog but with a `va_list' */ -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL vsyslog(int pri, const char *fmt, va_list ap) { char *fmt2; const char *p; char *p2; + int ret; int saved_errno = errno; int fmt_len = strlen (fmt); int fmt2_len = fmt_len; @@ -103,9 +101,9 @@ vsyslog(int pri, const char *fmt, va_list ap) } *p2 = '\0'; - vasprintf (&buf, fmt2, ap); + ret = vasprintf (&buf, fmt2, ap); free (fmt2); - if (buf == NULL) { + if (ret < 0 || buf == NULL) { simple_vsyslog (pri, fmt, ap); return; } diff --git a/lib/roken/vwarn.c b/lib/roken/vwarn.c index c25ca629ca22..8f1706d4ab53 100644 --- a/lib/roken/vwarn.c +++ b/lib/roken/vwarn.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,16 +31,13 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: vwarn.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" #include -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL vwarn(const char *fmt, va_list ap) { - warnerr(1, fmt, ap); + rk_warnerr(1, fmt, ap); } diff --git a/lib/roken/vwarnx.c b/lib/roken/vwarnx.c index e35c0deb09b8..6fb1d8c87455 100644 --- a/lib/roken/vwarnx.c +++ b/lib/roken/vwarnx.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,17 +31,14 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: vwarnx.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" #include -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL vwarnx(const char *fmt, va_list ap) { - warnerr(0, fmt, ap); + rk_warnerr(0, fmt, ap); } diff --git a/lib/roken/warn.c b/lib/roken/warn.c index 0924880e4cb6..09b9cf82e72c 100644 --- a/lib/roken/warn.c +++ b/lib/roken/warn.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: warn.c 7463 1999-12-02 16:58:55Z joda $"); -#endif #include "err.h" diff --git a/lib/roken/warnerr.c b/lib/roken/warnerr.c index 6dee466bc670..9e670239a1b9 100644 --- a/lib/roken/warnerr.c +++ b/lib/roken/warnerr.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,16 +31,13 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: warnerr.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" #include "err.h" -void ROKEN_LIB_FUNCTION -warnerr(int doerrno, const char *fmt, va_list ap) +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL +rk_warnerr(int doerrno, const char *fmt, va_list ap) { int sverrno = errno; const char *progname = getprogname(); diff --git a/lib/roken/warnx.c b/lib/roken/warnx.c index 7e1de7acc1b6..cf33939b247c 100644 --- a/lib/roken/warnx.c +++ b/lib/roken/warnx.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: warnx.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "err.h" -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL warnx(const char *fmt, ...) { va_list ap; diff --git a/lib/roken/write_pid.c b/lib/roken/write_pid.c index edadf5ceb33e..5059369847af 100644 --- a/lib/roken/write_pid.c +++ b/lib/roken/write_pid.c @@ -1,56 +1,47 @@ /* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: write_pid.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include -#include -#include "roken.h" #include "roken.h" -char * ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL pid_file_write (const char *progname) { + char *ret = NULL; FILE *fp; - char *ret; - asprintf (&ret, "%s%s.pid", _PATH_VARRUN, progname); - if (ret == NULL) + if (asprintf (&ret, "%s%s.pid", _PATH_VARRUN, progname) < 0 || ret == NULL) return NULL; fp = fopen (ret, "w"); if (fp == NULL) { @@ -62,7 +53,7 @@ pid_file_write (const char *progname) return ret; } -void ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL pid_file_delete (char **filename) { if (*filename != NULL) { @@ -82,7 +73,7 @@ pidfile_cleanup(void) pid_file_delete(&pidfile_path); } -void +ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL pidfile(const char *basename) { if(pidfile_path != NULL) diff --git a/lib/roken/writev.c b/lib/roken/writev.c index 2500e6d28f0d..80945e95da46 100644 --- a/lib/roken/writev.c +++ b/lib/roken/writev.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,14 +31,11 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: writev.c 14773 2005-04-12 11:29:18Z lha $"); -#endif #include "roken.h" -ssize_t ROKEN_LIB_FUNCTION +ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL writev(int d, const struct iovec *iov, int iovcnt) { ssize_t ret; diff --git a/lib/roken/xdbm.h b/lib/roken/xdbm.h index 618e074d1e66..c2c6c28b45eb 100644 --- a/lib/roken/xdbm.h +++ b/lib/roken/xdbm.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: xdbm.h 10986 2002-05-17 16:02:22Z joda $ */ +/* $Id$ */ /* Generic *dbm include file */ diff --git a/lib/roken/xfree.c b/lib/roken/xfree.c new file mode 100644 index 000000000000..c7e30daf85e2 --- /dev/null +++ b/lib/roken/xfree.c @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +#include "roken.h" + +void ROKEN_LIB_FUNCTION +rk_xfree (void *buf) +{ + free(buf); +} diff --git a/lib/sl/ChangeLog b/lib/sl/ChangeLog index 3937232b063c..485e1dc3ff37 100644 --- a/lib/sl/ChangeLog +++ b/lib/sl/ChangeLog @@ -1,14 +1,18 @@ -2007-07-17 Love Hörnquist Åstrand +2008-05-05 Love Hörnquist Ã…strand + + * drop libss and make_cmds + +2007-07-17 Love Hörnquist Ã…strand * Makefile.am: roken_rename.h is a dist_ source k * Makefile.am: split source files in dist and nodist. -2007-07-10 Love Hörnquist Åstrand +2007-07-10 Love Hörnquist Ã…strand * Makefile.am: New library version. -2007-06-18 Love Hörnquist Åstrand +2007-06-18 Love Hörnquist Ã…strand * sl.c: make compile. @@ -17,25 +21,25 @@ * sl.c (sl_make_argv): use memmove since we are dealing with overlapping strings. -2007-06-09 Love Hörnquist Åstrand +2007-06-09 Love Hörnquist Ã…strand * Makefile.am: don't clean yacc/lex files in CLEANFILES, maintainers clean will do that for us. -2007-06-01 Love Hörnquist Åstrand +2007-06-01 Love Hörnquist Ã…strand * slc-gram.y (main): also fclose yyin. -2007-04-20 Love Hörnquist Åstrand +2007-04-20 Love Hörnquist Ã…strand * Makefile.am: Add dependency on slc-gram.h for slc-lex.c, breaks in disttree with make -j -2006-12-29 Love Hörnquist Åstrand +2006-12-29 Love Hörnquist Ã…strand * test_sl.c: Fix caseing for case-sensitive filesystems -2006-12-27 Love Hörnquist Åstrand +2006-12-27 Love Hörnquist Ã…strand * test_sl.c: catch test that should fail but didn't @@ -47,32 +51,32 @@ * sl.c (sl_make_argv): Add quoting support (both "" and \ style). -2006-12-05 Love Hörnquist Åstrand +2006-12-05 Love Hörnquist Ã…strand * sl.c: Use strcspn to remove \n from fgets result. Prompted by - change by Ray Lai of OpenBSD via Björn Sandell. + change by Ray Lai of OpenBSD via Björn Sandell. -2006-10-19 Love Hörnquist Åstrand +2006-10-19 Love Hörnquist Ã…strand * Makefile.am (ES): add roken_rename.h -2006-08-30 Love Hörnquist Åstrand +2006-08-30 Love Hörnquist Ã…strand * sl.c (sl_slc_help): remove return -2006-08-28 Love Hörnquist Åstrand +2006-08-28 Love Hörnquist Ã…strand * sl.h: Add sl_slc_help. * sl.c: Add sl_slc_help. -2005-07-27 Love Hörnquist Åstrand +2005-07-27 Love Hörnquist Ã…strand * slc-gram.y (gen_wrapper): use the generated version of name for function, if no function is is used, also use the generated name for the structure name. -2005-06-16 Love Hörnquist Åstrand +2005-06-16 Love Hörnquist Ã…strand * slc-gram.y: fix a merge error @@ -90,7 +94,7 @@ * slc-lex.l: Include . -2005-05-09 Love Hörnquist Åstrand +2005-05-09 Love Hörnquist Ã…strand * sl.c (sl_command_loop): new return code -2 for EOF (sl_loop): treat all return value from sl_command_loop >= 0 as ok, and @@ -100,7 +104,7 @@ * Makefile.am (LDADD): Add libsl.la. -2005-04-19 Love Hörnquist Åstrand +2005-04-19 Love Hörnquist Ã…strand * slc-gram.y: include since defines _GNU_SOURCE if needed, avoid asprintf warning @@ -109,7 +113,7 @@ * slc-gram.y: include -2005-01-09 Love Hörnquist Åstrand +2005-01-09 Love Hörnquist Ã…strand * slc-gram.y: cast argument to isalnum to unsigned char @@ -122,11 +126,11 @@ * slc-gram.y: add min_args/max_args checking -2004-06-21 Love Hörnquist Åstrand +2004-06-21 Love Hörnquist Ã…strand * slc-gram.y: pull in and to avoid warnings -2004-03-02 Love Hörnquist Åstrand +2004-03-02 Love Hörnquist Ã…strand * sl.h: make it possible to use libsl from c++ From: Mattias Amnefelt diff --git a/lib/sl/Makefile.am b/lib/sl/Makefile.am index 9c1b2dcebfab..c49353f8847b 100644 --- a/lib/sl/Makefile.am +++ b/lib/sl/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am 21625 2007-07-17 07:48:26Z lha $ +# $Id$ include $(top_srcdir)/Makefile.am.common @@ -12,42 +12,28 @@ YFLAGS = -d include_HEADERS = sl.h -lib_LTLIBRARIES = libsl.la libss.la +lib_LTLIBRARIES = libsl.la libsl_la_LDFLAGS = -version-info 2:1:2 -libss_la_LDFLAGS = -version-info 1:6:1 libsl_la_LIBADD = @LIB_readline@ -libss_la_LIBADD = @LIB_readline@ @LIB_com_err@ dist_libsl_la_SOURCES = sl_locl.h sl.c roken_rename.h nodist_libsl_la_SOURCES = $(ES) -dist_libss_la_SOURCES = $(dist_libsl_la_SOURCES) ss.c ss.h -nodist_libss_la_SOURCES = $(ES) TESTS = test_sl check_PROGRAMS = $(TESTS) # install these? -bin_PROGRAMS = mk_cmds -noinst_PROGRAMS = slc - -mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l -mk_cmds_LDADD = libsl.la $(LDADD) +libexec_heimdal_PROGRAMS = slc slc_SOURCES = slc-gram.y slc-lex.l slc.h -ssincludedir = $(includedir)/ss -ssinclude_HEADERS = ss.h +CLEANFILES = snprintf.c strtok_r.c strdup.c strupr.c getprogname.c slc-lex.c -CLEANFILES = snprintf.c strtok_r.c strdup.c strupr.c getprogname.c +LDADD = libsl.la $(LIB_roken) -$(mk_cmds_OBJECTS): parse.h parse.c - -LDADD = \ - libsl.la \ - $(LIB_roken) \ - $(LEXLIB) +slc_LDADD = $(LEXLIB) $(LDADD) strtok_r.c: $(LN_S) $(srcdir)/../roken/strtok_r.c . @@ -61,3 +47,5 @@ getprogname.c: $(LN_S) $(srcdir)/../roken/getprogname.c . slc-lex.c: slc-gram.h + +EXTRA_DIST = NTMakefile diff --git a/lib/sl/Makefile.in b/lib/sl/Makefile.in index 0814375a7b9e..cb44b91af156 100644 --- a/lib/sl/Makefile.in +++ b/lib/sl/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,18 +15,19 @@ @SET_MAKE@ -# $Id: Makefile.am 21625 2007-07-17 07:48:26Z lha $ +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ +# $Id$ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ +# $Id$ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -41,18 +43,16 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(ssinclude_HEADERS) \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog lex.c parse.c \ - parse.h slc-gram.c slc-gram.h slc-lex.c + $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ + $(top_srcdir)/cf/Makefile.am.common ChangeLog slc-gram.c \ + slc-gram.h slc-lex.c TESTS = test_sl$(EXEEXT) check_PROGRAMS = $(am__EXEEXT_1) -bin_PROGRAMS = mk_cmds$(EXEEXT) -noinst_PROGRAMS = slc$(EXEEXT) +libexec_heimdal_PROGRAMS = slc$(EXEEXT) subdir = lib/sl ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -67,7 +67,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -81,9 +81,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -91,21 +94,36 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ - "$(DESTDIR)$(includedir)" "$(DESTDIR)$(ssincludedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__installdirs = "$(DESTDIR)$(libdir)" \ + "$(DESTDIR)$(libexec_heimdaldir)" "$(DESTDIR)$(includedir)" LTLIBRARIES = $(lib_LTLIBRARIES) libsl_la_DEPENDENCIES = dist_libsl_la_OBJECTS = sl.lo @@ -116,36 +134,20 @@ libsl_la_OBJECTS = $(dist_libsl_la_OBJECTS) $(nodist_libsl_la_OBJECTS) libsl_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(libsl_la_LDFLAGS) \ $(LDFLAGS) -o $@ -libss_la_DEPENDENCIES = -am__objects_2 = sl.lo -dist_libss_la_OBJECTS = $(am__objects_2) ss.lo -nodist_libss_la_OBJECTS = $(am__objects_1) -libss_la_OBJECTS = $(dist_libss_la_OBJECTS) $(nodist_libss_la_OBJECTS) -libss_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(libss_la_LDFLAGS) \ - $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) am__EXEEXT_1 = test_sl$(EXEEXT) -PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) -am_mk_cmds_OBJECTS = make_cmds.$(OBJEXT) parse.$(OBJEXT) lex.$(OBJEXT) -mk_cmds_OBJECTS = $(am_mk_cmds_OBJECTS) -am__DEPENDENCIES_1 = -am__DEPENDENCIES_2 = libsl.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -mk_cmds_DEPENDENCIES = libsl.la $(am__DEPENDENCIES_2) +PROGRAMS = $(libexec_heimdal_PROGRAMS) am_slc_OBJECTS = slc-gram.$(OBJEXT) slc-lex.$(OBJEXT) slc_OBJECTS = $(am_slc_OBJECTS) -slc_LDADD = $(LDADD) -slc_DEPENDENCIES = libsl.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) +am__DEPENDENCIES_1 = +am__DEPENDENCIES_2 = libsl.la $(am__DEPENDENCIES_1) +slc_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_2) test_sl_SOURCES = test_sl.c test_sl_OBJECTS = test_sl.$(OBJEXT) test_sl_LDADD = $(LDADD) -test_sl_DEPENDENCIES = libsl.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = +test_sl_DEPENDENCIES = libsl.la $(am__DEPENDENCIES_1) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -165,63 +167,70 @@ YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS) LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=compile $(YACC) $(YFLAGS) $(AM_YFLAGS) SOURCES = $(dist_libsl_la_SOURCES) $(nodist_libsl_la_SOURCES) \ - $(dist_libss_la_SOURCES) $(nodist_libss_la_SOURCES) \ - $(mk_cmds_SOURCES) $(slc_SOURCES) test_sl.c -DIST_SOURCES = $(dist_libsl_la_SOURCES) $(dist_libss_la_SOURCES) \ - $(mk_cmds_SOURCES) $(slc_SOURCES) test_sl.c -includeHEADERS_INSTALL = $(INSTALL_HEADER) -ssincludeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(include_HEADERS) $(ssinclude_HEADERS) + $(slc_SOURCES) test_sl.c +DIST_SOURCES = $(dist_libsl_la_SOURCES) $(slc_SOURCES) test_sl.c +HEADERS = $(include_HEADERS) ETAGS = etags CTAGS = ctags +am__tty_colors = \ +red=; grn=; lgn=; blu=; std= DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -245,10 +254,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -265,6 +275,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -280,31 +292,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -319,10 +345,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -363,69 +391,63 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(ROKEN_RENAME) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) $(ROKEN_RENAME) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la @do_roken_rename_TRUE@ES = strtok_r.c snprintf.c strdup.c strupr.c getprogname.c include_HEADERS = sl.h -lib_LTLIBRARIES = libsl.la libss.la +lib_LTLIBRARIES = libsl.la libsl_la_LDFLAGS = -version-info 2:1:2 -libss_la_LDFLAGS = -version-info 1:6:1 libsl_la_LIBADD = @LIB_readline@ -libss_la_LIBADD = @LIB_readline@ @LIB_com_err@ dist_libsl_la_SOURCES = sl_locl.h sl.c roken_rename.h nodist_libsl_la_SOURCES = $(ES) -dist_libss_la_SOURCES = $(dist_libsl_la_SOURCES) ss.c ss.h -nodist_libss_la_SOURCES = $(ES) -mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l -mk_cmds_LDADD = libsl.la $(LDADD) slc_SOURCES = slc-gram.y slc-lex.l slc.h -ssincludedir = $(includedir)/ss -ssinclude_HEADERS = ss.h -CLEANFILES = snprintf.c strtok_r.c strdup.c strupr.c getprogname.c -LDADD = \ - libsl.la \ - $(LIB_roken) \ - $(LEXLIB) - +CLEANFILES = snprintf.c strtok_r.c strdup.c strupr.c getprogname.c slc-lex.c +LDADD = libsl.la $(LIB_roken) +slc_LDADD = $(LEXLIB) $(LDADD) +EXTRA_DIST = NTMakefile all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .l .lo .o .obj .y +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .l .lo .o .obj .y $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/sl/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/sl/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/sl/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/sl/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -443,23 +465,28 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -472,58 +499,58 @@ clean-libLTLIBRARIES: done libsl.la: $(libsl_la_OBJECTS) $(libsl_la_DEPENDENCIES) $(libsl_la_LINK) -rpath $(libdir) $(libsl_la_OBJECTS) $(libsl_la_LIBADD) $(LIBS) -libss.la: $(libss_la_OBJECTS) $(libss_la_DEPENDENCIES) - $(libss_la_LINK) -rpath $(libdir) $(libss_la_OBJECTS) $(libss_la_LIBADD) $(LIBS) -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +install-libexec_heimdalPROGRAMS: $(libexec_heimdal_PROGRAMS) + @$(NORMAL_INSTALL) + test -z "$(libexec_heimdaldir)" || $(MKDIR_P) "$(DESTDIR)$(libexec_heimdaldir)" + @list='$(libexec_heimdal_PROGRAMS)'; test -n "$(libexec_heimdaldir)" || list=; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p || test -f $$p1; \ + then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexec_heimdaldir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexec_heimdaldir)$$dir" || exit $$?; \ + } \ + ; done -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -parse.h: parse.c - @if test ! -f $@; then \ - rm -f parse.c; \ - $(MAKE) $(AM_MAKEFLAGS) parse.c; \ - else :; fi -mk_cmds$(EXEEXT): $(mk_cmds_OBJECTS) $(mk_cmds_DEPENDENCIES) - @rm -f mk_cmds$(EXEEXT) - $(LINK) $(mk_cmds_OBJECTS) $(mk_cmds_LDADD) $(LIBS) +uninstall-libexec_heimdalPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(libexec_heimdal_PROGRAMS)'; test -n "$(libexec_heimdaldir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(libexec_heimdaldir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(libexec_heimdaldir)" && rm -f $$files + +clean-libexec_heimdalPROGRAMS: + @list='$(libexec_heimdal_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list slc-gram.h: slc-gram.c @if test ! -f $@; then \ rm -f slc-gram.c; \ @@ -542,14 +569,36 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getprogname.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sl.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/slc-gram.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/slc-lex.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/snprintf.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strdup.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strtok_r.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strupr.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_sl.Po@am__quote@ + .c.o: - $(COMPILE) -c $< +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: - $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< .l.c: $(am__skiplex) $(SHELL) $(YLWRAP) $< $(LEX_OUTPUT_ROOT).c $@ -- $(LEXCOMPILE) @@ -565,90 +614,81 @@ clean-libtool: install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done -install-ssincludeHEADERS: $(ssinclude_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(ssincludedir)" || $(MKDIR_P) "$(DESTDIR)$(ssincludedir)" - @list='$(ssinclude_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(ssincludeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(ssincludedir)/$$f'"; \ - $(ssincludeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(ssincludedir)/$$f"; \ - done - -uninstall-ssincludeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(ssinclude_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(ssincludedir)/$$f'"; \ - rm -f "$(DESTDIR)$(ssincludedir)/$$f"; \ - done + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ srcdir=$(srcdir); export srcdir; \ list=' $(TESTS) '; \ + $(am__tty_colors); \ if test -n "$$list"; then \ for tst in $$list; do \ if test -f ./$$tst; then dir=./; \ @@ -657,49 +697,63 @@ check-TESTS: $(TESTS) if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xpass=`expr $$xpass + 1`; \ failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ + col=$$red; res=XPASS; \ ;; \ *) \ - echo "PASS: $$tst"; \ + col=$$grn; res=PASS; \ ;; \ esac; \ elif test $$? -ne 77; then \ all=`expr $$all + 1`; \ case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ + *[\ \ ]$$tst[\ \ ]*) \ xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ + col=$$lgn; res=XFAIL; \ ;; \ *) \ failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ + col=$$red; res=FAIL; \ ;; \ esac; \ else \ skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ + col=$$blu; res=SKIP; \ fi; \ + echo "$${col}$$res$${std}: $$tst"; \ done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ if test "$$failed" -eq 0; then \ if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ + banner="$$All$$all $$tests passed"; \ else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ fi; \ else \ if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ + banner="$$failed of $$all $$tests failed"; \ else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ fi; \ fi; \ dashes="$$banner"; \ skipped=""; \ if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ dashes="$$skipped"; \ fi; \ @@ -710,11 +764,15 @@ check-TESTS: $(TESTS) dashes="$$report"; \ fi; \ dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ + if test "$$failed" -eq 0; then \ + echo "$$grn$$dashes"; \ + else \ + echo "$$red$$dashes"; \ + fi; \ echo "$$banner"; \ test -z "$$skipped" || echo "$$skipped"; \ test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ + echo "$$dashes$$std"; \ test "$$failed" -eq 0; \ else :; fi @@ -734,13 +792,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -752,10 +814,8 @@ check-am: all-am $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local check: check-am all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local -install-binPROGRAMS: install-libLTLIBRARIES - installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(ssincludedir)"; do \ + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(libexec_heimdaldir)" "$(DESTDIR)$(includedir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am @@ -779,23 +839,21 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." - -rm -f lex.c - -rm -f parse.c - -rm -f parse.h -rm -f slc-gram.c -rm -f slc-gram.h -rm -f slc-lex.c clean: clean-am -clean-am: clean-binPROGRAMS clean-checkPROGRAMS clean-generic \ - clean-libLTLIBRARIES clean-libtool clean-noinstPROGRAMS \ - mostlyclean-am +clean-am: clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ + clean-libexec_heimdalPROGRAMS clean-libtool mostlyclean-am distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -806,33 +864,45 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: -install-data-am: install-includeHEADERS install-ssincludeHEADERS +install-data-am: install-includeHEADERS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook - install-dvi: install-dvi-am -install-exec-am: install-binPROGRAMS install-libLTLIBRARIES +install-dvi-am: + +install-exec-am: install-libLTLIBRARIES \ + install-libexec_heimdalPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -849,33 +919,31 @@ ps: ps-am ps-am: -uninstall-am: uninstall-binPROGRAMS uninstall-includeHEADERS \ - uninstall-libLTLIBRARIES uninstall-ssincludeHEADERS +uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES \ + uninstall-libexec_heimdalPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am .PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ - check-local clean clean-binPROGRAMS clean-checkPROGRAMS \ - clean-generic clean-libLTLIBRARIES clean-libtool \ - clean-noinstPROGRAMS ctags dist-hook distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-binPROGRAMS install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-includeHEADERS install-info \ - install-info-am install-libLTLIBRARIES install-man install-pdf \ - install-pdf-am install-ps install-ps-am \ - install-ssincludeHEADERS install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ + check-local clean clean-checkPROGRAMS clean-generic \ + clean-libLTLIBRARIES clean-libexec_heimdalPROGRAMS \ + clean-libtool ctags dist-hook distclean distclean-compile \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-data-hook install-dvi \ + install-dvi-am install-exec install-exec-am install-exec-hook \ + install-html install-html-am install-includeHEADERS \ + install-info install-info-am install-libLTLIBRARIES \ + install-libexec_heimdalPROGRAMS install-man install-pdf \ + install-pdf-am install-ps install-ps-am install-strip \ + installcheck installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-hook uninstall-includeHEADERS \ - uninstall-libLTLIBRARIES uninstall-ssincludeHEADERS + tags uninstall uninstall-am uninstall-hook \ + uninstall-includeHEADERS uninstall-libLTLIBRARIES \ + uninstall-libexec_heimdalPROGRAMS install-suid-programs: @@ -946,6 +1014,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -1031,7 +1102,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -1045,8 +1116,6 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) fi ; \ done -$(mk_cmds_OBJECTS): parse.h parse.c - strtok_r.c: $(LN_S) $(srcdir)/../roken/strtok_r.c . snprintf.c: @@ -1059,6 +1128,7 @@ getprogname.c: $(LN_S) $(srcdir)/../roken/getprogname.c . slc-lex.c: slc-gram.h + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/sl/NTMakefile b/lib/sl/NTMakefile new file mode 100644 index 000000000000..285c5d7f1296 --- /dev/null +++ b/lib/sl/NTMakefile @@ -0,0 +1,74 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\sl + +!include ../../windows/NTMakefile.w32 + +INCFILES=$(INCDIR)\sl.h + +$(LIBSL): $(OBJ)\sl.obj + $(LIBCON) + +$(BINDIR)\slc.exe: $(OBJ)\slc-gram.obj $(OBJ)\slc-lex.obj + $(EXECONLINK) $(LIBROKEN) $(LIBVERS) + $(EXEPREP_NOHEIM) + +$(OBJ)\slc-gram.c: slc-gram.y + $(YACC) -o $@ --defines=$(@R).h slc-gram.y + +$(OBJ)\slc-gram.obj: $(OBJ)\slc-gram.c + $(C2OBJ) -I$(SRC)\$(RELDIR) + +$(OBJ)\slc-lex.c: slc-lex.l + $(LEX) -o$@ slc-lex.l + +$(OBJ)\slc-lex.obj: $(OBJ)\slc-lex.c + $(C2OBJ) -I$(SRC)\$(RELDIR) -DYY_NO_UNISTD_H + +$(OBJ)\test_sl.exe: $(OBJ)\test_sl.obj + $(EXECONLINK) $(LIBSL) $(LIBVERS) $(LIBROKEN) + $(EXEPREP_NODIST) + +all:: $(INCFILES) $(LIBSL) $(BINDIR)\slc.exe + +clean:: + -$(RM) $(LIBSL) + -$(RM) $(BINDIR)\slc.* + +test-binaries: $(OBJ)\test_sl.exe + +test-run: + cd $(OBJ) + test_sl.exe + cd $(SRC)\$(RELDIR) + +test:: test-binaries test-run diff --git a/lib/sl/lex.l b/lib/sl/lex.l deleted file mode 100644 index b4f8a2cdbcf4..000000000000 --- a/lib/sl/lex.l +++ /dev/null @@ -1,119 +0,0 @@ -%{ -/* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#undef ECHO - -#include "make_cmds.h" -#include "parse.h" - -RCSID("$Id: lex.l 10703 2001-09-16 23:10:10Z assar $"); - -static unsigned lineno = 1; -static int getstring(void); - -#define YY_NO_UNPUT - -#undef ECHO - -%} - - -%% -command_table { return TABLE; } -request { return REQUEST; } -unknown { return UNKNOWN; } -unimplemented { return UNIMPLEMENTED; } -end { return END; } -#[^\n]* ; -[ \t] ; -\n { lineno++; } -\" { return getstring(); } -[a-zA-Z0-9_]+ { yylval.string = strdup(yytext); return STRING; } -. { return *yytext; } -%% - -#ifndef yywrap /* XXX */ -int -yywrap () -{ - return 1; -} -#endif - -static int -getstring(void) -{ - char x[128]; - int i = 0; - int c; - int backslash = 0; - while((c = input()) != EOF){ - if(backslash) { - if(c == 'n') - c = '\n'; - else if(c == 't') - c = '\t'; - x[i++] = c; - backslash = 0; - continue; - } - if(c == '\n'){ - error_message("unterminated string"); - lineno++; - break; - } - if(c == '\\'){ - backslash++; - continue; - } - if(c == '\"') - break; - x[i++] = c; - } - x[i] = '\0'; - yylval.string = strdup(x); - return STRING; -} - -void -error_message (const char *format, ...) -{ - va_list args; - - va_start (args, format); - fprintf (stderr, "%s:%d: ", filename, lineno); - vfprintf (stderr, format, args); - va_end (args); - numerror++; -} diff --git a/lib/sl/make_cmds.c b/lib/sl/make_cmds.c deleted file mode 100644 index c39be2136c97..000000000000 --- a/lib/sl/make_cmds.c +++ /dev/null @@ -1,239 +0,0 @@ -/* - * Copyright (c) 1998-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "make_cmds.h" -#include - -RCSID("$Id: make_cmds.c 15430 2005-06-16 19:25:45Z lha $"); - -#include -#include -#include "parse.h" - -int numerror; -extern FILE *yyin; -FILE *c_file; - -extern void yyparse(void); - -#ifdef YYDEBUG -extern int yydebug = 1; -#endif - -char *filename; -char *table_name; - -static struct command_list *commands; - -void -add_command(char *function, - char *help, - struct string_list *aliases, - unsigned flags) -{ - struct command_list *cl = malloc(sizeof(*cl)); - - if (cl == NULL) - err (1, "malloc"); - cl->function = function; - cl->help = help; - cl->aliases = aliases; - cl->flags = flags; - cl->next = NULL; - if(commands) { - *commands->tail = cl; - commands->tail = &cl->next; - return; - } - cl->tail = &cl->next; - commands = cl; -} - -static char * -quote(const char *str) -{ - char buf[1024]; /* XXX */ - const char *p; - char *q; - q = buf; - - *q++ = '\"'; - for(p = str; *p != '\0'; p++) { - if(*p == '\n') { - *q++ = '\\'; - *q++ = 'n'; - continue; - } - if(*p == '\t') { - *q++ = '\\'; - *q++ = 't'; - continue; - } - if(*p == '\"' || *p == '\\') - *q++ = '\\'; - *q++ = *p; - } - *q++ = '\"'; - *q++ = '\0'; - return strdup(buf); -} - -static void -generate_commands(void) -{ - char *base; - char *cfn; - char *p, *q; - - p = strrchr(table_name, '/'); - if(p == NULL) - p = table_name; - else - p++; - - base = strdup (p); - if (base == NULL) - err (1, "strdup"); - - p = strrchr(base, '.'); - if(p) - *p = '\0'; - - asprintf(&cfn, "%s.c", base); - if (cfn == NULL) - err (1, "asprintf"); - - c_file = fopen(cfn, "w"); - if (c_file == NULL) - err (1, "cannot fopen %s", cfn); - - fprintf(c_file, "/* Generated from %s */\n", filename); - fprintf(c_file, "\n"); - fprintf(c_file, "#include \n"); - fprintf(c_file, "#include \n"); - fprintf(c_file, "\n"); - - { - struct command_list *cl, *xl; - - for(cl = commands; cl; cl = cl->next) { - for(xl = commands; xl != cl; xl = xl->next) - if(strcmp(cl->function, xl->function) == 0) - break; - if(xl != cl) - continue; - /* XXX hack for ss_quit */ - if(strcmp(cl->function, "ss_quit") == 0) { - fprintf(c_file, "int %s (int, char**);\n", cl->function); - fprintf(c_file, "#define _ss_quit_wrap ss_quit\n\n"); - continue; - } - fprintf(c_file, "void %s (int, char**);\n", cl->function); - fprintf(c_file, "static int _%s_wrap (int argc, char **argv)\n", - cl->function); - fprintf(c_file, "{\n"); - fprintf(c_file, " %s (argc, argv);\n", cl->function); - fprintf(c_file, " return 0;\n"); - fprintf(c_file, "}\n\n"); - } - - fprintf(c_file, "SL_cmd %s[] = {\n", table_name); - for(cl = commands; cl; cl = cl->next) { - struct string_list *sl; - sl = cl->aliases; - p = quote(sl->string); - q = quote(cl->help); - fprintf(c_file, " { %s, _%s_wrap, %s },\n", p, cl->function, q); - free(p); - free(q); - - for(sl = sl->next; sl; sl = sl->next) { - p = quote(sl->string); - fprintf(c_file, " { %s },\n", p); - free(p); - } - } - fprintf(c_file, " { NULL },\n"); - fprintf(c_file, "};\n"); - fprintf(c_file, "\n"); - } - fclose(c_file); - free(base); - free(cfn); -} - -int version_flag; -int help_flag; -struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, "command-table"); - exit(code); -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - - setprogname(argv[0]); - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(argc == optidx) - usage(1); - filename = argv[optidx]; - yyin = fopen(filename, "r"); - if(yyin == NULL) - err(1, "%s", filename); - - yyparse(); - - generate_commands(); - - if(numerror) - return 1; - return 0; -} diff --git a/lib/sl/parse.y b/lib/sl/parse.y deleted file mode 100644 index b08c19306db1..000000000000 --- a/lib/sl/parse.y +++ /dev/null @@ -1,169 +0,0 @@ -%{ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "make_cmds.h" -RCSID("$Id: parse.y 21745 2007-07-31 16:11:25Z lha $"); - -static void yyerror (char *s); - -struct string_list* append_string(struct string_list*, char*); -void free_string_list(struct string_list *list); -unsigned string_to_flag(const char *); - -/* This is for bison */ - -#if !defined(alloca) && !defined(HAVE_ALLOCA) -#define alloca(x) malloc(x) -#endif - -%} - -%union { - char *string; - unsigned number; - struct string_list *list; -} - -%token TABLE REQUEST UNKNOWN UNIMPLEMENTED END -%token STRING -%type flag flags -%type aliases - -%% - -file : /* */ - | statements - ; - -statements : statement - | statements statement - ; - -statement : TABLE STRING ';' - { - table_name = $2; - } - | REQUEST STRING ',' STRING ',' aliases ',' '(' flags ')' ';' - { - add_command($2, $4, $6, $9); - } - | REQUEST STRING ',' STRING ',' aliases ';' - { - add_command($2, $4, $6, 0); - } - | UNIMPLEMENTED STRING ',' STRING ',' aliases ';' - { - free($2); - free($4); - free_string_list($6); - } - | UNKNOWN aliases ';' - { - free_string_list($2); - } - | END ';' - { - YYACCEPT; - } - ; - -aliases : STRING - { - $$ = append_string(NULL, $1); - } - | aliases ',' STRING - { - $$ = append_string($1, $3); - } - ; - -flags : flag - { - $$ = $1; - } - | flags ',' flag - { - $$ = $1 | $3; - } - ; -flag : STRING - { - $$ = string_to_flag($1); - free($1); - } - ; - - - -%% - -static void -yyerror (char *s) -{ - error_message ("%s\n", s); -} - -struct string_list* -append_string(struct string_list *list, char *str) -{ - struct string_list *sl = malloc(sizeof(*sl)); - if (sl == NULL) - return sl; - sl->string = str; - sl->next = NULL; - if(list) { - *list->tail = sl; - list->tail = &sl->next; - return list; - } - sl->tail = &sl->next; - return sl; -} - -void -free_string_list(struct string_list *list) -{ - while(list) { - struct string_list *sl = list->next; - free(list->string); - free(list); - list = sl; - } -} - -unsigned -string_to_flag(const char *string) -{ - return 0; -} diff --git a/lib/sl/roken_rename.h b/lib/sl/roken_rename.h index 88ec0f82f0e0..a198efcfa44d 100644 --- a/lib/sl/roken_rename.h +++ b/lib/sl/roken_rename.h @@ -1,67 +1,67 @@ /* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: roken_rename.h 9842 2001-05-06 21:47:54Z assar $ */ +/* $Id$ */ #ifndef __roken_rename_h__ #define __roken_rename_h__ #ifndef HAVE_STRTOK_R -#define strtok_r _sl_strtok_r +#define rk_strtok_r _sl_strtok_r #endif #ifndef HAVE_SNPRINTF -#define snprintf _sl_snprintf +#define rk_snprintf _sl_snprintf #endif #ifndef HAVE_ASPRINTF -#define asprintf _sl_asprintf +#define rk_asprintf _sl_asprintf #endif #ifndef HAVE_ASNPRINTF -#define asnprintf _sl_asnprintf +#define rk_asnprintf _sl_asnprintf #endif #ifndef HAVE_VASPRINTF -#define vasprintf _sl_vasprintf +#define rk_vasprintf _sl_vasprintf #endif #ifndef HAVE_VASNPRINTF -#define vasnprintf _sl_vasnprintf +#define rk_vasnprintf _sl_vasnprintf #endif #ifndef HAVE_VSNPRINTF -#define vsnprintf _sl_vsnprintf +#define rk_vsnprintf _sl_vsnprintf #endif #ifndef HAVE_STRUPR -#define strupr _sl_strupr +#define rk_strupr _sl_strupr #endif #ifndef HAVE_STRDUP -#define strdup _sl_strdup +#define rk_strdup _sl_strdup #endif #endif /* __roken_rename_h__ */ diff --git a/lib/sl/sl.c b/lib/sl/sl.c index 8f604e89b84b..30f69436dd2e 100644 --- a/lib/sl/sl.c +++ b/lib/sl/sl.c @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2006 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2006 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,10 +31,7 @@ * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: sl.c 21160 2007-06-18 22:58:21Z lha $"); -#endif #include "sl_locl.h" #include @@ -61,7 +58,7 @@ mandoc_template(SL_cmd *cmds, strncpy(cmd, p, sizeof(cmd)); cmd[sizeof(cmd)-1] = '\0'; strupr(cmd); - + printf(".Dt %s SECTION\n", cmd); printf(".Os OPERATING_SYSTEM\n"); printf(".Sh NAME\n"); @@ -75,7 +72,7 @@ mandoc_template(SL_cmd *cmds, continue; */ printf(".Op Fl %s", c->name); printf("\n"); - + } if (extra_string && *extra_string) printf (".Ar %s\n", extra_string); @@ -156,7 +153,7 @@ sl_help (SL_cmd *cmds, int argc, char **argv) if(prev_c) printf ("\n\t%s%s", prev_c->usage ? prev_c->usage : "", prev_c->usage ? "\n" : ""); - } else { + } else { c = sl_match (cmds, argv[1], 0); if (c == NULL) printf ("No such command: %s. " @@ -224,7 +221,7 @@ sl_make_argv(char *line, int *ret_argc, char ***ret_argv) int argc, nargv; char **argv; int quote = 0; - + nargv = 10; argv = malloc(nargv * sizeof(*argv)); if(argv == NULL) @@ -302,7 +299,7 @@ static char *sl_readline(const char *prompt) return s; } -/* return values: +/* return values: * 0 on success, * -1 on fatal error, * -2 if EOF, or @@ -314,8 +311,7 @@ sl_command_loop(SL_cmd *cmds, const char *prompt, void **data) char *buf; int argc; char **argv; - - ret = 0; + buf = sl_readline(prompt); if(buf == NULL) return -2; @@ -340,7 +336,7 @@ sl_command_loop(SL_cmd *cmds, const char *prompt, void **data) return ret; } -int +int sl_loop(SL_cmd *cmds, const char *prompt) { void *data = NULL; @@ -375,8 +371,11 @@ sl_slc_help (SL_cmd *cmds, int argc, char **argv) argv[0]); } else { if(c->func) { - char *fake[] = { NULL, "--help", NULL }; + static char help[] = "--help"; + char *fake[3]; fake[0] = argv[0]; + fake[1] = help; + fake[2] = NULL; (*c->func)(2, fake); fprintf(stderr, "\n"); } diff --git a/lib/sl/sl.h b/lib/sl/sl.h index 8798ee8628e4..09225b0a537c 100644 --- a/lib/sl/sl.h +++ b/lib/sl/sl.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995 - 2004 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2004 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: sl.h 17948 2006-08-28 14:16:43Z lha $ */ +/* $Id$ */ #ifndef _SL_H #define _SL_H @@ -41,10 +41,10 @@ typedef int (*cmd_func)(int, char **); struct sl_cmd { - char *name; + const char *name; cmd_func func; - char *usage; - char *help; + const char *usage; + const char *help; }; typedef struct sl_cmd SL_cmd; diff --git a/lib/sl/sl_locl.h b/lib/sl/sl_locl.h index a7bc843dc966..50eeadec1d81 100644 --- a/lib/sl/sl_locl.h +++ b/lib/sl/sl_locl.h @@ -1,23 +1,23 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * + * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -31,11 +31,9 @@ * SUCH DAMAGE. */ -/* $Id: sl_locl.h 19517 2006-12-27 20:27:00Z lha $ */ +/* $Id$ */ -#ifdef HAVE_CONFIG_H #include -#endif #include #include #include diff --git a/lib/sl/slc-gram.c b/lib/sl/slc-gram.c index 1ab243bd2795..e44c7110bbd2 100644 --- a/lib/sl/slc-gram.c +++ b/lib/sl/slc-gram.c @@ -81,42 +81,39 @@ #line 1 "slc-gram.y" /* - * Copyright (c) 2004-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: slc-gram.y 20767 2007-06-01 11:24:52Z lha $"); -#endif #include #include @@ -131,6 +128,12 @@ RCSID("$Id: slc-gram.y 20767 2007-06-01 11:24:52Z lha $"); extern FILE *yyin; extern struct assignment *assignment; +/* Declarations for Bison: + */ +#define YYMALLOC malloc +#define YYFREE free + + /* Enabling traces. */ #ifndef YYDEBUG @@ -152,13 +155,13 @@ extern struct assignment *assignment; #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE -#line 54 "slc-gram.y" +#line 57 "slc-gram.y" { char *string; struct assignment *assignment; } /* Line 193 of yacc.c. */ -#line 162 "slc-gram.c" +#line 165 "slc-gram.c" YYSTYPE; # define yystype YYSTYPE /* obsolescent; will be withdrawn */ # define YYSTYPE_IS_DECLARED 1 @@ -171,7 +174,7 @@ typedef union YYSTYPE /* Line 216 of yacc.c. */ -#line 175 "slc-gram.c" +#line 178 "slc-gram.c" #ifdef short # undef short @@ -453,7 +456,7 @@ static const yytype_int8 yyrhs[] = /* YYRLINE[YYN] -- source line where rule number YYN was defined. */ static const yytype_uint8 yyrline[] = { - 0, 67, 67, 73, 78, 81, 90 + 0, 70, 70, 76, 81, 84, 93 }; #endif @@ -1353,14 +1356,14 @@ yyparse () switch (yyn) { case 2: -#line 68 "slc-gram.y" +#line 71 "slc-gram.y" { assignment = (yyvsp[(1) - (1)].assignment); } break; case 3: -#line 74 "slc-gram.y" +#line 77 "slc-gram.y" { (yyvsp[(1) - (2)].assignment)->next = (yyvsp[(2) - (2)].assignment); (yyval.assignment) = (yyvsp[(1) - (2)].assignment); @@ -1368,7 +1371,7 @@ yyparse () break; case 5: -#line 82 "slc-gram.y" +#line 85 "slc-gram.y" { (yyval.assignment) = malloc(sizeof(*(yyval.assignment))); (yyval.assignment)->name = (yyvsp[(1) - (3)].string); @@ -1380,7 +1383,7 @@ yyparse () break; case 6: -#line 91 "slc-gram.y" +#line 94 "slc-gram.y" { (yyval.assignment) = malloc(sizeof(*(yyval.assignment))); (yyval.assignment)->name = (yyvsp[(1) - (5)].string); @@ -1393,7 +1396,7 @@ yyparse () /* Line 1267 of yacc.c. */ -#line 1397 "slc-gram.c" +#line 1400 "slc-gram.c" default: break; } YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); @@ -1607,7 +1610,7 @@ yyparse () } -#line 101 "slc-gram.y" +#line 104 "slc-gram.y" char *filename; FILE *cfile, *hfile; @@ -1633,6 +1636,7 @@ check_option(struct assignment *as) { struct assignment *a; int seen_long = 0; + int seen_name = 0; int seen_short = 0; int seen_type = 0; int seen_argument = 0; @@ -1645,6 +1649,8 @@ check_option(struct assignment *as) seen_long++; else if(strcmp(a->name, "short") == 0) seen_short++; + else if(strcmp(a->name, "name") == 0) + seen_name++; else if(strcmp(a->name, "type") == 0) seen_type++; else if(strcmp(a->name, "argument") == 0) @@ -1654,7 +1660,7 @@ check_option(struct assignment *as) else if(strcmp(a->name, "default") == 0) seen_default++; else { - ex(a, "unknown name"); + ex(a, "unknown name %s", a->name); ret++; } } @@ -1662,6 +1668,10 @@ check_option(struct assignment *as) ex(as, "neither long nor short option"); ret++; } + if (seen_long == 0 && seen_name == 0) { + ex(as, "either of long or name option must be used"); + ret++; + } if(seen_long > 1) { ex(as, "multiple long options"); ret++; @@ -1716,7 +1726,7 @@ check_command(struct assignment *as) } else if(strcmp(a->name, "max_args") == 0) { seen_maxargs++; } else { - ex(a, "unknown name"); + ex(a, "unknown name: %s", a->name); ret++; } } @@ -1744,7 +1754,7 @@ check_command(struct assignment *as) ex(as, "multiple max_args strings"); ret++; } - + return ret; } @@ -1866,7 +1876,7 @@ make_name(struct assignment *as) lopt = find(as, "name"); if(lopt == NULL) return NULL; - + type = find(as, "type"); if(strcmp(type->u.value, "-flag") == 0) asprintf(&s, "%s_flag", lopt->u.value); @@ -1884,10 +1894,17 @@ static void defval_int(const char *name, struct assignment *defval) else cprint(1, "opt.%s = 0;\n", name); } -static void defval_string(const char *name, struct assignment *defval) +static void defval_neg_flag(const char *name, struct assignment *defval) { if(defval != NULL) - cprint(1, "opt.%s = \"%s\";\n", name, defval->u.value); + cprint(1, "opt.%s = %s;\n", name, defval->u.value); + else + cprint(1, "opt.%s = 1;\n", name); +} +static void defval_string(const char *name, struct assignment *defval) +{ + if(defval != NULL) + cprint(1, "opt.%s = (char *)(unsigned long)\"%s\";\n", name, defval->u.value); else cprint(1, "opt.%s = NULL;\n", name); } @@ -1936,7 +1953,7 @@ struct type_handler { { "-flag", "int", "arg_negative_flag", - defval_int, + defval_neg_flag, NULL }, { NULL } @@ -1959,13 +1976,13 @@ gen_options(struct assignment *opt1, const char *name) hprint(0, "struct %s_options {\n", name); - for(tmp = opt1; - tmp != NULL; + for(tmp = opt1; + tmp != NULL; tmp = find_next(tmp, "option")) { struct assignment *type; struct type_handler *th; char *s; - + s = make_name(tmp->u.assignment); type = find(tmp->u.assignment, "type"); th = find_handler(type); @@ -1985,19 +2002,22 @@ gen_wrapper(struct assignment *as) struct assignment *tmp; char *n, *f; int nargs = 0; + int narguments = 0; name = find(as, "name"); n = strdup(name->u.value); gen_name(n); arg = find(as, "argument"); + if (arg) + narguments++; opt1 = find(as, "option"); function = find(as, "function"); if(function) f = function->u.value; else f = n; - - + + if(opt1 != NULL) { gen_options(opt1, n); hprint(0, "int %s(struct %s_options*, int, char **);\n", f, n); @@ -2013,8 +2033,8 @@ gen_wrapper(struct assignment *as) cprint(1, "int ret;\n"); cprint(1, "int optidx = 0;\n"); cprint(1, "struct getargs args[] = {\n"); - for(tmp = find(as, "option"); - tmp != NULL; + for(tmp = find(as, "option"); + tmp != NULL; tmp = find_next(tmp, "option")) { struct assignment *type = find(tmp->u.assignment, "type"); struct assignment *lopt = find(tmp->u.assignment, "long"); @@ -2023,7 +2043,7 @@ gen_wrapper(struct assignment *as) struct assignment *help = find(tmp->u.assignment, "help"); struct type_handler *th; - + cprint(2, "{ "); if(lopt) fprintf(cfile, "\"%s\", ", lopt->u.value); @@ -2040,9 +2060,10 @@ gen_wrapper(struct assignment *as) fprintf(cfile, "\"%s\", ", help->u.value); else fprintf(cfile, "NULL, "); - if(aarg) + if(aarg) { fprintf(cfile, "\"%s\"", aarg->u.value); - else + narguments++; + } else fprintf(cfile, "NULL"); fprintf(cfile, " },\n"); } @@ -2050,8 +2071,8 @@ gen_wrapper(struct assignment *as) cprint(1, "};\n"); cprint(1, "int help_flag = 0;\n"); - for(tmp = find(as, "option"); - tmp != NULL; + for(tmp = find(as, "option"); + tmp != NULL; tmp = find_next(tmp, "option")) { char *s; struct assignment *type = find(tmp->u.assignment, "type"); @@ -2059,15 +2080,15 @@ gen_wrapper(struct assignment *as) struct assignment *defval = find(tmp->u.assignment, "default"); struct type_handler *th; - + s = make_name(tmp->u.assignment); th = find_handler(type); (*th->defval)(s, defval); free(s); } - for(tmp = find(as, "option"); - tmp != NULL; + for(tmp = find(as, "option"); + tmp != NULL; tmp = find_next(tmp, "option")) { char *s; s = make_name(tmp->u.assignment); @@ -2082,7 +2103,7 @@ gen_wrapper(struct assignment *as) int min_args = -1; int max_args = -1; char *end; - if(arg == NULL) { + if(narguments == 0) { max_args = 0; } else { if((tmp = find(as, "min_args")) != NULL) { @@ -2110,7 +2131,7 @@ gen_wrapper(struct assignment *as) } if(min_args != -1 || max_args != -1) { if(min_args == max_args) { - cprint(1, "if(argc - optidx != %d) {\n", + cprint(1, "if(argc - optidx != %d) {\n", min_args); cprint(2, "fprintf(stderr, \"Need exactly %u parameters (%%u given).\\n\\n\", argc - optidx);\n", min_args); cprint(2, "goto usage;\n"); @@ -2131,16 +2152,16 @@ gen_wrapper(struct assignment *as) } } } - + cprint(1, "if(help_flag)\n"); cprint(2, "goto usage;\n"); - cprint(1, "ret = %s(%s, argc - optidx, argv + optidx);\n", + cprint(1, "ret = %s(%s, argc - optidx, argv + optidx);\n", f, opt1 ? "&opt": "NULL"); - + /* free allocated data */ - for(tmp = find(as, "option"); - tmp != NULL; + for(tmp = find(as, "option"); + tmp != NULL; tmp = find_next(tmp, "option")) { char *s; struct assignment *type = find(tmp->u.assignment, "type"); @@ -2155,11 +2176,11 @@ gen_wrapper(struct assignment *as) cprint(1, "return ret;\n"); cprint(0, "usage:\n"); - cprint(1, "arg_printusage (args, %d, \"%s\", \"%s\");\n", nargs, + cprint(1, "arg_printusage (args, %d, \"%s\", \"%s\");\n", nargs, name->u.value, arg ? arg->u.value : ""); /* free allocated data */ - for(tmp = find(as, "option"); - tmp != NULL; + for(tmp = find(as, "option"); + tmp != NULL; tmp = find_next(tmp, "option")) { char *s; struct assignment *type = find(tmp->u.assignment, "type"); @@ -2236,7 +2257,7 @@ main(int argc, char **argv) print_version(NULL); exit(0); } - + if(argc == optidx) usage(1); diff --git a/lib/sl/slc-gram.h b/lib/sl/slc-gram.h index 1d50c2a66984..b6b16419ded2 100644 --- a/lib/sl/slc-gram.h +++ b/lib/sl/slc-gram.h @@ -52,7 +52,7 @@ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE -#line 54 "slc-gram.y" +#line 57 "slc-gram.y" { char *string; struct assignment *assignment; diff --git a/lib/sl/slc-gram.y b/lib/sl/slc-gram.y index 7d9fadcb55bd..530b1a344776 100644 --- a/lib/sl/slc-gram.y +++ b/lib/sl/slc-gram.y @@ -1,41 +1,38 @@ %{ /* - * Copyright (c) 2004-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004-2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -#ifdef HAVE_CONFIG_H #include -RCSID("$Id: slc-gram.y 20767 2007-06-01 11:24:52Z lha $"); -#endif #include #include @@ -49,6 +46,12 @@ RCSID("$Id: slc-gram.y 20767 2007-06-01 11:24:52Z lha $"); #include "slc.h" extern FILE *yyin; extern struct assignment *assignment; + +/* Declarations for Bison: + */ +#define YYMALLOC malloc +#define YYFREE free + %} %union { @@ -123,6 +126,7 @@ check_option(struct assignment *as) { struct assignment *a; int seen_long = 0; + int seen_name = 0; int seen_short = 0; int seen_type = 0; int seen_argument = 0; @@ -135,6 +139,8 @@ check_option(struct assignment *as) seen_long++; else if(strcmp(a->name, "short") == 0) seen_short++; + else if(strcmp(a->name, "name") == 0) + seen_name++; else if(strcmp(a->name, "type") == 0) seen_type++; else if(strcmp(a->name, "argument") == 0) @@ -144,7 +150,7 @@ check_option(struct assignment *as) else if(strcmp(a->name, "default") == 0) seen_default++; else { - ex(a, "unknown name"); + ex(a, "unknown name %s", a->name); ret++; } } @@ -152,6 +158,10 @@ check_option(struct assignment *as) ex(as, "neither long nor short option"); ret++; } + if (seen_long == 0 && seen_name == 0) { + ex(as, "either of long or name option must be used"); + ret++; + } if(seen_long > 1) { ex(as, "multiple long options"); ret++; @@ -206,7 +216,7 @@ check_command(struct assignment *as) } else if(strcmp(a->name, "max_args") == 0) { seen_maxargs++; } else { - ex(a, "unknown name"); + ex(a, "unknown name: %s", a->name); ret++; } } @@ -234,7 +244,7 @@ check_command(struct assignment *as) ex(as, "multiple max_args strings"); ret++; } - + return ret; } @@ -356,7 +366,7 @@ make_name(struct assignment *as) lopt = find(as, "name"); if(lopt == NULL) return NULL; - + type = find(as, "type"); if(strcmp(type->u.value, "-flag") == 0) asprintf(&s, "%s_flag", lopt->u.value); @@ -374,10 +384,17 @@ static void defval_int(const char *name, struct assignment *defval) else cprint(1, "opt.%s = 0;\n", name); } -static void defval_string(const char *name, struct assignment *defval) +static void defval_neg_flag(const char *name, struct assignment *defval) { if(defval != NULL) - cprint(1, "opt.%s = \"%s\";\n", name, defval->u.value); + cprint(1, "opt.%s = %s;\n", name, defval->u.value); + else + cprint(1, "opt.%s = 1;\n", name); +} +static void defval_string(const char *name, struct assignment *defval) +{ + if(defval != NULL) + cprint(1, "opt.%s = (char *)(unsigned long)\"%s\";\n", name, defval->u.value); else cprint(1, "opt.%s = NULL;\n", name); } @@ -426,7 +443,7 @@ struct type_handler { { "-flag", "int", "arg_negative_flag", - defval_int, + defval_neg_flag, NULL }, { NULL } @@ -449,13 +466,13 @@ gen_options(struct assignment *opt1, const char *name) hprint(0, "struct %s_options {\n", name); - for(tmp = opt1; - tmp != NULL; + for(tmp = opt1; + tmp != NULL; tmp = find_next(tmp, "option")) { struct assignment *type; struct type_handler *th; char *s; - + s = make_name(tmp->u.assignment); type = find(tmp->u.assignment, "type"); th = find_handler(type); @@ -475,19 +492,22 @@ gen_wrapper(struct assignment *as) struct assignment *tmp; char *n, *f; int nargs = 0; + int narguments = 0; name = find(as, "name"); n = strdup(name->u.value); gen_name(n); arg = find(as, "argument"); + if (arg) + narguments++; opt1 = find(as, "option"); function = find(as, "function"); if(function) f = function->u.value; else f = n; - - + + if(opt1 != NULL) { gen_options(opt1, n); hprint(0, "int %s(struct %s_options*, int, char **);\n", f, n); @@ -503,8 +523,8 @@ gen_wrapper(struct assignment *as) cprint(1, "int ret;\n"); cprint(1, "int optidx = 0;\n"); cprint(1, "struct getargs args[] = {\n"); - for(tmp = find(as, "option"); - tmp != NULL; + for(tmp = find(as, "option"); + tmp != NULL; tmp = find_next(tmp, "option")) { struct assignment *type = find(tmp->u.assignment, "type"); struct assignment *lopt = find(tmp->u.assignment, "long"); @@ -513,7 +533,7 @@ gen_wrapper(struct assignment *as) struct assignment *help = find(tmp->u.assignment, "help"); struct type_handler *th; - + cprint(2, "{ "); if(lopt) fprintf(cfile, "\"%s\", ", lopt->u.value); @@ -530,9 +550,10 @@ gen_wrapper(struct assignment *as) fprintf(cfile, "\"%s\", ", help->u.value); else fprintf(cfile, "NULL, "); - if(aarg) + if(aarg) { fprintf(cfile, "\"%s\"", aarg->u.value); - else + narguments++; + } else fprintf(cfile, "NULL"); fprintf(cfile, " },\n"); } @@ -540,8 +561,8 @@ gen_wrapper(struct assignment *as) cprint(1, "};\n"); cprint(1, "int help_flag = 0;\n"); - for(tmp = find(as, "option"); - tmp != NULL; + for(tmp = find(as, "option"); + tmp != NULL; tmp = find_next(tmp, "option")) { char *s; struct assignment *type = find(tmp->u.assignment, "type"); @@ -549,15 +570,15 @@ gen_wrapper(struct assignment *as) struct assignment *defval = find(tmp->u.assignment, "default"); struct type_handler *th; - + s = make_name(tmp->u.assignment); th = find_handler(type); (*th->defval)(s, defval); free(s); } - for(tmp = find(as, "option"); - tmp != NULL; + for(tmp = find(as, "option"); + tmp != NULL; tmp = find_next(tmp, "option")) { char *s; s = make_name(tmp->u.assignment); @@ -572,7 +593,7 @@ gen_wrapper(struct assignment *as) int min_args = -1; int max_args = -1; char *end; - if(arg == NULL) { + if(narguments == 0) { max_args = 0; } else { if((tmp = find(as, "min_args")) != NULL) { @@ -600,7 +621,7 @@ gen_wrapper(struct assignment *as) } if(min_args != -1 || max_args != -1) { if(min_args == max_args) { - cprint(1, "if(argc - optidx != %d) {\n", + cprint(1, "if(argc - optidx != %d) {\n", min_args); cprint(2, "fprintf(stderr, \"Need exactly %u parameters (%%u given).\\n\\n\", argc - optidx);\n", min_args); cprint(2, "goto usage;\n"); @@ -621,16 +642,16 @@ gen_wrapper(struct assignment *as) } } } - + cprint(1, "if(help_flag)\n"); cprint(2, "goto usage;\n"); - cprint(1, "ret = %s(%s, argc - optidx, argv + optidx);\n", + cprint(1, "ret = %s(%s, argc - optidx, argv + optidx);\n", f, opt1 ? "&opt": "NULL"); - + /* free allocated data */ - for(tmp = find(as, "option"); - tmp != NULL; + for(tmp = find(as, "option"); + tmp != NULL; tmp = find_next(tmp, "option")) { char *s; struct assignment *type = find(tmp->u.assignment, "type"); @@ -645,11 +666,11 @@ gen_wrapper(struct assignment *as) cprint(1, "return ret;\n"); cprint(0, "usage:\n"); - cprint(1, "arg_printusage (args, %d, \"%s\", \"%s\");\n", nargs, + cprint(1, "arg_printusage (args, %d, \"%s\", \"%s\");\n", nargs, name->u.value, arg ? arg->u.value : ""); /* free allocated data */ - for(tmp = find(as, "option"); - tmp != NULL; + for(tmp = find(as, "option"); + tmp != NULL; tmp = find_next(tmp, "option")) { char *s; struct assignment *type = find(tmp->u.assignment, "type"); @@ -726,7 +747,7 @@ main(int argc, char **argv) print_version(NULL); exit(0); } - + if(argc == optidx) usage(1); diff --git a/lib/sl/slc-lex.c b/lib/sl/slc-lex.c index d89b39c1f03b..7bba1531a13d 100644 --- a/lib/sl/slc-lex.c +++ b/lib/sl/slc-lex.c @@ -8,7 +8,7 @@ #define FLEX_SCANNER #define YY_FLEX_MAJOR_VERSION 2 #define YY_FLEX_MINOR_VERSION 5 -#define YY_FLEX_SUBMINOR_VERSION 33 +#define YY_FLEX_SUBMINOR_VERSION 35 #if YY_FLEX_SUBMINOR_VERSION > 0 #define FLEX_BETA #endif @@ -30,7 +30,7 @@ /* C99 systems have . Non-C99 systems may or may not. */ -#if __STDC_VERSION__ >= 199901L +#if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L /* C99 says to define __STDC_LIMIT_MACROS before including stdint.h, * if you want the limit (max/min) macros for int types. @@ -93,11 +93,12 @@ typedef unsigned int flex_uint32_t; #else /* ! __cplusplus */ -#if __STDC__ +/* C99 requires __STDC__ to be defined as 1. */ +#if defined (__STDC__) #define YY_USE_CONST -#endif /* __STDC__ */ +#endif /* defined (__STDC__) */ #endif /* ! __cplusplus */ #ifdef YY_USE_CONST @@ -151,7 +152,12 @@ typedef unsigned int flex_uint32_t; typedef struct yy_buffer_state *YY_BUFFER_STATE; #endif -extern int yyleng; +#ifndef YY_TYPEDEF_YY_SIZE_T +#define YY_TYPEDEF_YY_SIZE_T +typedef size_t yy_size_t; +#endif + +extern yy_size_t yyleng; extern FILE *yyin, *yyout; @@ -177,16 +183,6 @@ extern FILE *yyin, *yyout; #define unput(c) yyunput( c, (yytext_ptr) ) -/* The following is because we cannot portably get our hands on size_t - * (without autoconf's help, which isn't available because we want - * flex-generated scanners to compile on their own). - */ - -#ifndef YY_TYPEDEF_YY_SIZE_T -#define YY_TYPEDEF_YY_SIZE_T -typedef unsigned int yy_size_t; -#endif - #ifndef YY_STRUCT_YY_BUFFER_STATE #define YY_STRUCT_YY_BUFFER_STATE struct yy_buffer_state @@ -204,7 +200,7 @@ struct yy_buffer_state /* Number of characters read into yy_ch_buf, not including EOB * characters. */ - int yy_n_chars; + yy_size_t yy_n_chars; /* Whether we "own" the buffer - i.e., we know we created it, * and can realloc() it to grow it, and should free() it to @@ -274,8 +270,8 @@ static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */ /* yy_hold_char holds the character lost when yytext is formed. */ static char yy_hold_char; -static int yy_n_chars; /* number of characters read into yy_ch_buf */ -int yyleng; +static yy_size_t yy_n_chars; /* number of characters read into yy_ch_buf */ +yy_size_t yyleng; /* Points to current character in buffer. */ static char *yy_c_buf_p = (char *) 0; @@ -303,7 +299,7 @@ static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file ); YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size ); YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str ); -YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,int len ); +YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,yy_size_t len ); void *yyalloc (yy_size_t ); void *yyrealloc (void *,yy_size_t ); @@ -458,39 +454,39 @@ char *yytext; #line 1 "slc-lex.l" #line 2 "slc-lex.l" /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: slc-lex.l 15118 2005-05-10 22:19:01Z lha $ */ +/* $Id$ */ #undef ECHO @@ -509,7 +505,7 @@ static char * handle_string(void); #undef ECHO -#line 513 "slc-lex.c" +#line 509 "slc-lex.c" #define INITIAL 0 @@ -527,6 +523,35 @@ static char * handle_string(void); static int yy_init_globals (void ); +/* Accessor methods to globals. + These are made visible to non-reentrant scanners for convenience. */ + +int yylex_destroy (void ); + +int yyget_debug (void ); + +void yyset_debug (int debug_flag ); + +YY_EXTRA_TYPE yyget_extra (void ); + +void yyset_extra (YY_EXTRA_TYPE user_defined ); + +FILE *yyget_in (void ); + +void yyset_in (FILE * in_str ); + +FILE *yyget_out (void ); + +void yyset_out (FILE * out_str ); + +yy_size_t yyget_leng (void ); + +char *yyget_text (void ); + +int yyget_lineno (void ); + +void yyset_lineno (int line_number ); + /* Macros after this point can all be overridden by user definitions in * section 1. */ @@ -539,8 +564,6 @@ extern int yywrap (void ); #endif #endif - static void yyunput (int c,char *buf_ptr ); - #ifndef yytext_ptr static void yy_flex_strncpy (char *,yyconst char *,int ); #endif @@ -569,7 +592,7 @@ static int input (void ); /* This used to be an fputs(), but since the string might contain NUL's, * we now use fwrite(). */ -#define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) +#define ECHO fwrite( yytext, yyleng, 1, yyout ) #endif /* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, @@ -580,7 +603,7 @@ static int input (void ); if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \ { \ int c = '*'; \ - size_t n; \ + yy_size_t n; \ for ( n = 0; n < max_size && \ (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ buf[n] = (char) c; \ @@ -662,9 +685,9 @@ YY_DECL register char *yy_cp, *yy_bp; register int yy_act; -#line 55 "slc-lex.l" +#line 58 "slc-lex.l" -#line 668 "slc-lex.c" +#line 691 "slc-lex.c" if ( !(yy_init) ) { @@ -749,7 +772,7 @@ YY_DECL case 1: YY_RULE_SETUP -#line 56 "slc-lex.l" +#line 59 "slc-lex.l" { yylval.string = strdup ((const char *)yytext); return LITERAL; @@ -757,36 +780,36 @@ YY_RULE_SETUP YY_BREAK case 2: YY_RULE_SETUP -#line 60 "slc-lex.l" +#line 63 "slc-lex.l" { yylval.string = handle_string(); return STRING; } YY_BREAK case 3: /* rule 3 can match eol */ YY_RULE_SETUP -#line 61 "slc-lex.l" +#line 64 "slc-lex.l" { ++lineno; } YY_BREAK case 4: YY_RULE_SETUP -#line 62 "slc-lex.l" +#line 65 "slc-lex.l" { handle_comment(); } YY_BREAK case 5: YY_RULE_SETUP -#line 63 "slc-lex.l" +#line 66 "slc-lex.l" { return *yytext; } YY_BREAK case 6: YY_RULE_SETUP -#line 64 "slc-lex.l" +#line 67 "slc-lex.l" ; YY_BREAK case 7: YY_RULE_SETUP -#line 65 "slc-lex.l" +#line 68 "slc-lex.l" ECHO; YY_BREAK -#line 790 "slc-lex.c" +#line 813 "slc-lex.c" case YY_STATE_EOF(INITIAL): yyterminate(); @@ -972,7 +995,7 @@ static int yy_get_next_buffer (void) else { - int num_to_read = + yy_size_t num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; while ( num_to_read <= 0 ) @@ -986,7 +1009,7 @@ static int yy_get_next_buffer (void) if ( b->yy_is_our_buffer ) { - int new_size = b->yy_buf_size * 2; + yy_size_t new_size = b->yy_buf_size * 2; if ( new_size <= 0 ) b->yy_buf_size += b->yy_buf_size / 8; @@ -1041,6 +1064,14 @@ static int yy_get_next_buffer (void) else ret_val = EOB_ACT_CONTINUE_SCAN; + if ((yy_size_t) ((yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) { + /* Extend the array by 50%, plus the number we really need. */ + yy_size_t new_size = (yy_n_chars) + number_to_move + ((yy_n_chars) >> 1); + YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) yyrealloc((void *) YY_CURRENT_BUFFER_LVALUE->yy_ch_buf,new_size ); + if ( ! YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) + YY_FATAL_ERROR( "out of dynamic memory in yy_get_next_buffer()" ); + } + (yy_n_chars) += number_to_move; YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR; YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR; @@ -1107,43 +1138,6 @@ static int yy_get_next_buffer (void) return yy_is_jam ? 0 : yy_current_state; } - static void yyunput (int c, register char * yy_bp ) -{ - register char *yy_cp; - - yy_cp = (yy_c_buf_p); - - /* undo effects of setting up yytext */ - *yy_cp = (yy_hold_char); - - if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) - { /* need to shift things up to make room */ - /* +2 for EOB chars. */ - register int number_to_move = (yy_n_chars) + 2; - register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[ - YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2]; - register char *source = - &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]; - - while ( source > YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) - *--dest = *--source; - - yy_cp += (int) (dest - source); - yy_bp += (int) (dest - source); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_buf_size; - - if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) - YY_FATAL_ERROR( "flex scanner push-back overflow" ); - } - - *--yy_cp = (char) c; - - (yytext_ptr) = yy_bp; - (yy_hold_char) = *yy_cp; - (yy_c_buf_p) = yy_cp; -} - #ifndef YY_NO_INPUT #ifdef __cplusplus static int yyinput (void) @@ -1168,7 +1162,7 @@ static int yy_get_next_buffer (void) else { /* need more input */ - int offset = (yy_c_buf_p) - (yytext_ptr); + yy_size_t offset = (yy_c_buf_p) - (yytext_ptr); ++(yy_c_buf_p); switch ( yy_get_next_buffer( ) ) @@ -1444,7 +1438,7 @@ void yypop_buffer_state (void) */ static void yyensure_buffer_stack (void) { - int num_to_alloc; + yy_size_t num_to_alloc; if (!(yy_buffer_stack)) { @@ -1456,7 +1450,9 @@ static void yyensure_buffer_stack (void) (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc (num_to_alloc * sizeof(struct yy_buffer_state*) ); - + if ( ! (yy_buffer_stack) ) + YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); + memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*)); (yy_buffer_stack_max) = num_to_alloc; @@ -1474,6 +1470,8 @@ static void yyensure_buffer_stack (void) ((yy_buffer_stack), num_to_alloc * sizeof(struct yy_buffer_state*) ); + if ( ! (yy_buffer_stack) ) + YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); /* zero only the new slots.*/ memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*)); @@ -1518,7 +1516,7 @@ YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size ) /** Setup the input buffer state to scan a string. The next call to yylex() will * scan from a @e copy of @a str. - * @param str a NUL-terminated string to scan + * @param yystr a NUL-terminated string to scan * * @return the newly allocated buffer state object. * @note If you want to scan bytes that may contain NUL values, then use @@ -1537,12 +1535,11 @@ YY_BUFFER_STATE yy_scan_string (yyconst char * yystr ) * * @return the newly allocated buffer state object. */ -YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, int _yybytes_len ) +YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, yy_size_t _yybytes_len ) { YY_BUFFER_STATE b; char *buf; - yy_size_t n; - int i; + yy_size_t n, i; /* Get memory for full buffer, including space for trailing EOB's. */ n = _yybytes_len + 2; @@ -1624,7 +1621,7 @@ FILE *yyget_out (void) /** Get the length of the current token. * */ -int yyget_leng (void) +yy_size_t yyget_leng (void) { return yyleng; } @@ -1772,7 +1769,7 @@ void yyfree (void * ptr ) #define YYTABLES_NAME "yytables" -#line 65 "slc-lex.l" +#line 68 "slc-lex.l" @@ -1812,19 +1809,12 @@ handle_comment(void) } seen_slash = 1; continue; - } - if(seen_star && c == '/') { - if(--level == 0) - return; - seen_star = 0; - continue; - } - if(c == '*') { + } else if(c == '*') { if(seen_slash) { level++; seen_star = seen_slash = 0; continue; - } + } seen_star = 1; continue; } @@ -1870,7 +1860,7 @@ handle_string(void) } int -yywrap () +yywrap () { return 1; } diff --git a/lib/sl/slc-lex.l b/lib/sl/slc-lex.l index b810b12737b0..1099ede32b8c 100644 --- a/lib/sl/slc-lex.l +++ b/lib/sl/slc-lex.l @@ -1,38 +1,38 @@ %{ /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: slc-lex.l 15118 2005-05-10 22:19:01Z lha $ */ +/* $Id$ */ #undef ECHO @@ -52,6 +52,9 @@ static char * handle_string(void); #undef ECHO %} + +%option nounput + %% [A-Za-z][-A-Za-z0-9_]* { yylval.string = strdup ((const char *)yytext); @@ -100,19 +103,12 @@ handle_comment(void) } seen_slash = 1; continue; - } - if(seen_star && c == '/') { - if(--level == 0) - return; - seen_star = 0; - continue; - } - if(c == '*') { + } else if(c == '*') { if(seen_slash) { level++; seen_star = seen_slash = 0; continue; - } + } seen_star = 1; continue; } @@ -158,7 +154,7 @@ handle_string(void) } int -yywrap () +yywrap () { return 1; } diff --git a/lib/sl/slc.h b/lib/sl/slc.h index 2b05813e4b08..6e45ed2f1524 100644 --- a/lib/sl/slc.h +++ b/lib/sl/slc.h @@ -1,37 +1,37 @@ /* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ -/* $Id: slc.h 13969 2004-06-21 19:10:59Z joda $ */ +/* $Id$ */ #include #include #include diff --git a/lib/sl/ss.c b/lib/sl/ss.c deleted file mode 100644 index f2f3cbc0a2a3..000000000000 --- a/lib/sl/ss.c +++ /dev/null @@ -1,162 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "sl_locl.h" -#include -#include "ss.h" - -RCSID("$Id: ss.c 15429 2005-06-16 19:24:11Z lha $"); - -struct ss_subst { - char *name; - char *version; - char *info; - ss_request_table *table; -}; - -static struct ss_subst subsystems[2]; -static int num_subsystems; - -int -ss_create_invocation(const char *subsystem, - const char *version, - const char *info, - ss_request_table *table, - int *code) -{ - struct ss_subst *ss; - - if(num_subsystems >= sizeof(subsystems) / sizeof(subsystems[0])) { - *code = 17; - return 0; - } - ss = &subsystems[num_subsystems]; - ss->name = ss->version = ss->info = NULL; - if (subsystem != NULL) { - ss->name = strdup (subsystem); - if (ss->name == NULL) { - *code = ENOMEM; - return 0; - } - } - if (version != NULL) { - ss->version = strdup (version); - if (ss->version == NULL) { - *code = ENOMEM; - return 0; - } - } - if (info != NULL) { - ss->info = strdup (info); - if (ss->info == NULL) { - *code = ENOMEM; - return 0; - } - } - ss->table = table; - *code = 0; - return num_subsystems++; -} - -void -ss_error (int idx, long code, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - com_err_va (subsystems[idx].name, code, fmt, ap); - va_end(ap); -} - -void -ss_perror (int idx, long code, const char *msg) -{ - ss_error(idx, code, "%s", msg); -} - -int -ss_execute_command(int idx, char **argv) -{ - int argc = 0; - int ret; - - while(argv[argc++]); - ret = sl_command(subsystems[idx].table, argc, argv); - if (ret == SL_BADCOMMAND) - return SS_ET_COMMAND_NOT_FOUND; - return 0; -} - -int -ss_execute_line (int idx, const char *line) -{ - char *buf = strdup(line); - int argc; - char **argv; - int ret; - - if (buf == NULL) - return ENOMEM; - sl_make_argv(buf, &argc, &argv); - ret = sl_command(subsystems[idx].table, argc, argv); - free(buf); - if (ret == SL_BADCOMMAND) - return SS_ET_COMMAND_NOT_FOUND; - return 0; -} - -int -ss_listen (int idx) -{ - char *prompt = malloc(strlen(subsystems[idx].name) + 3); - if (prompt == NULL) - return ENOMEM; - - strcpy(prompt, subsystems[idx].name); - strcat(prompt, ": "); - sl_loop(subsystems[idx].table, prompt); - free(prompt); - return 0; -} - -int -ss_list_requests(int argc, char **argv /* , int idx, void *info */) -{ - sl_help(subsystems[0 /* idx */].table, argc, argv); - return 0; -} - -int -ss_quit(int argc, char **argv) -{ - return 1; -} diff --git a/lib/sl/test_sl.c b/lib/sl/test_sl.c index 06105591f4f3..91140125ec91 100644 --- a/lib/sl/test_sl.c +++ b/lib/sl/test_sl.c @@ -1,18 +1,18 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * * 3. Neither the name of KTH nor the names of its contributors may be * used to endorse or promote products derived from this software without @@ -32,8 +32,6 @@ #include "sl_locl.h" -RCSID("$Id: test_sl.c 19555 2006-12-28 23:40:17Z lha $"); - struct { int ok; const char *line; @@ -82,7 +80,7 @@ main(int argc, char **argv) } else if (!lines[i].ok) errx(1, "sl_make_argv passed test %d when it shouldn't", i); if (rargc != lines[i].argc) - errx(1, "result argc (%d) != should be argc (%d) for test %d", + errx(1, "result argc (%d) != should be argc (%d) for test %d", rargc, lines[i].argc, i); for (j = 0; j < rargc; j++) if (strcmp(rargv[j], lines[i].argv[j]) != 0) diff --git a/lib/sqlite/Makefile.am b/lib/sqlite/Makefile.am new file mode 100644 index 000000000000..2ca8bfd64af6 --- /dev/null +++ b/lib/sqlite/Makefile.am @@ -0,0 +1,13 @@ +# $Id$ + +include $(top_srcdir)/Makefile.am.common + +lib_LTLIBRARIES = libheimsqlite.la + +noinst_HEADERS = sqlite3.h sqlite3ext.h + +libheimsqlite_la_SOURCES = sqlite3.c + +libheimsqlite_la_LIBADD = $(PTHREAD_LIBADD) + +EXTRA_DIST = NTMakefile diff --git a/lib/auth/Makefile.in b/lib/sqlite/Makefile.in similarity index 61% rename from lib/auth/Makefile.in rename to lib/sqlite/Makefile.in index d7200ce6a3b9..e5df2eb7f2db 100644 --- a/lib/auth/Makefile.in +++ b/lib/sqlite/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,15 +15,18 @@ @SET_MAKE@ -# $Id: Makefile.am 5683 1999-03-21 17:11:08Z joda $ +# $Id$ + +# $Id$ + +# $Id$ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -37,13 +41,13 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -subdir = lib/auth +DIST_COMMON = $(noinst_HEADERS) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ + $(top_srcdir)/cf/Makefile.am.common +subdir = lib/sqlite ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ + $(top_srcdir)/cf/auth-modules.m4 \ $(top_srcdir)/cf/broken-getaddrinfo.m4 \ $(top_srcdir)/cf/broken-glob.m4 \ $(top_srcdir)/cf/broken-realloc.m4 \ @@ -58,7 +62,7 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ + $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \ $(top_srcdir)/cf/find-func-no-libs.m4 \ $(top_srcdir)/cf/find-func-no-libs2.m4 \ $(top_srcdir)/cf/find-func.m4 \ @@ -72,9 +76,12 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/krb-readline.m4 \ $(top_srcdir)/cf/krb-struct-spwd.m4 \ $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ + $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \ + $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \ + $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \ + $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \ + $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \ + $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ $(top_srcdir)/cf/roken-frag.m4 \ @@ -82,25 +89,55 @@ am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in + $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/include/config.h CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ - html-recursive info-recursive install-data-recursive \ - install-dvi-recursive install-exec-recursive \ - install-html-recursive install-info-recursive \ - install-pdf-recursive install-ps-recursive install-recursive \ - installcheck-recursive installdirs-recursive pdf-recursive \ - ps-recursive uninstall-recursive -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive +CONFIG_CLEAN_VPATH_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__installdirs = "$(DESTDIR)$(libdir)" +LTLIBRARIES = $(lib_LTLIBRARIES) +am__DEPENDENCIES_1 = +libheimsqlite_la_DEPENDENCIES = $(am__DEPENDENCIES_1) +am_libheimsqlite_la_OBJECTS = sqlite3.lo +libheimsqlite_la_OBJECTS = $(am_libheimsqlite_la_OBJECTS) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(libheimsqlite_la_SOURCES) +DIST_SOURCES = $(libheimsqlite_la_SOURCES) +HEADERS = $(noinst_HEADERS) ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -108,49 +145,58 @@ ACLOCAL = @ACLOCAL@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ AMTAR = @AMTAR@ AR = @AR@ +ASN1_COMPILE = @ASN1_COMPILE@ +ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ +CAPNG_CFLAGS = @CAPNG_CFLAGS@ +CAPNG_LIBS = @CAPNG_LIBS@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ +DBHEADER = @DBHEADER@ DBLIB = @DBLIB@ DEFS = @DEFS@ +DEPDIR = @DEPDIR@ DIR_com_err = @DIR_com_err@ DIR_hcrypto = @DIR_hcrypto@ DIR_hdbdir = @DIR_hdbdir@ DIR_roken = @DIR_roken@ -ECHO = @ECHO@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GREP = @GREP@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_hcrypto = @INCLUDE_hcrypto@ INCLUDE_hesiod = @INCLUDE_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ +INCLUDE_libedit = @INCLUDE_libedit@ +INCLUDE_libintl = @INCLUDE_libintl@ INCLUDE_openldap = @INCLUDE_openldap@ INCLUDE_readline = @INCLUDE_readline@ +INCLUDE_sqlite3 = @INCLUDE_sqlite3@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ LEX = @LEX@ @@ -174,10 +220,11 @@ LIB_crypt = @LIB_crypt@ LIB_db_create = @LIB_db_create@ LIB_dbm_firstkey = @LIB_dbm_firstkey@ LIB_dbopen = @LIB_dbopen@ +LIB_dispatch_async_f = @LIB_dispatch_async_f@ LIB_dlopen = @LIB_dlopen@ LIB_dn_expand = @LIB_dn_expand@ +LIB_dns_search = @LIB_dns_search@ LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ LIB_freeaddrinfo = @LIB_freeaddrinfo@ LIB_gai_strerror = @LIB_gai_strerror@ LIB_getaddrinfo = @LIB_getaddrinfo@ @@ -194,6 +241,8 @@ LIB_hesiod = @LIB_hesiod@ LIB_hstrerror = @LIB_hstrerror@ LIB_kdb = @LIB_kdb@ LIB_krb4 = @LIB_krb4@ +LIB_libedit = @LIB_libedit@ +LIB_libintl = @LIB_libintl@ LIB_loadquery = @LIB_loadquery@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ @@ -209,31 +258,45 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LIB_setsockopt = @LIB_setsockopt@ LIB_socket = @LIB_socket@ +LIB_sqlite3 = @LIB_sqlite3@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NO_AFS = @NO_AFS@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ +PTHREAD_LDADD = @PTHREAD_LDADD@ +PTHREAD_LIBADD = @PTHREAD_LIBADD@ RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SLC = @SLC@ +SLC_DEP = @SLC_DEP@ STRIP = @STRIP@ VERSION = @VERSION@ VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ @@ -248,10 +311,12 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ @@ -292,48 +357,56 @@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ +subdirs = @subdirs@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) +SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +AM_CPPFLAGS = $(INCLUDES_roken) @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME AM_CFLAGS = $(WFLAGS) CP = cp buildinclude = $(top_builddir)/include +LIB_el_init = @LIB_el_init@ LIB_getattr = @LIB_getattr@ LIB_getpwent_r = @LIB_getpwent_r@ LIB_odm_initialize = @LIB_odm_initialize@ LIB_setpcred = @LIB_setpcred@ HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ +libexec_heimdaldir = $(libexecdir)/heimdal NROFF_MAN = groff -mandoc -Tascii LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la +LIB_heimbase = $(top_builddir)/base/libheimbase.la @DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SUBDIRS = @LIB_AUTH_SUBDIRS@ -DIST_SUBDIRS = afskauthlib pam sia -all: all-recursive +lib_LTLIBRARIES = libheimsqlite.la +noinst_HEADERS = sqlite3.h sqlite3ext.h +libheimsqlite_la_SOURCES = sqlite3.c +libheimsqlite_la_LIBADD = $(PTHREAD_LIBADD) +EXTRA_DIST = NTMakefile +all: all-am .SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c +.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/auth/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/auth/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/sqlite/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/sqlite/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -351,6 +424,69 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ + if test -f $$p; then \ + list2="$$list2 $$p"; \ + else :; fi; \ + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ + done + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libheimsqlite.la: $(libheimsqlite_la_OBJECTS) $(libheimsqlite_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libheimsqlite_la_OBJECTS) $(libheimsqlite_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sqlite3.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo @@ -358,133 +494,54 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs -# This directory's subdirectories are mostly independent; you can cd -# into them and run `make' without going through this Makefile. -# To change the values of `make' variables: instead of editing Makefiles, -# (1) if the variable is set in `config.status', edit `config.status' -# (which will cause the Makefiles to be regenerated when you run `make'); -# (2) otherwise, pass the desired values on the `make' command line. -$(RECURSIVE_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" -tags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ - done -ctags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ - done - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS -TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS -CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -505,51 +562,40 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - distdir) \ - || exit 1; \ - fi; \ - done $(MAKE) $(AM_MAKEFLAGS) \ top_distdir="$(top_distdir)" distdir="$(distdir)" \ dist-hook check-am: all-am $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-recursive -all-am: Makefile all-local -installdirs: installdirs-recursive -installdirs-am: -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive +check: check-am +all-am: Makefile $(LTLIBRARIES) $(HEADERS) all-local +installdirs: + for dir in "$(DESTDIR)$(libdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am -installcheck: installcheck-recursive +installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ @@ -561,87 +607,103 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive +clean: clean-am -clean-am: clean-generic clean-libtool mostlyclean-am +clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ + mostlyclean-am -distclean: distclean-recursive +distclean: distclean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-tags +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags -dvi: dvi-recursive +dvi: dvi-am dvi-am: -html: html-recursive +html: html-am -info: info-recursive +html-am: + +info: info-am info-am: install-data-am: @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook +install-dvi: install-dvi-am -install-dvi: install-dvi-recursive +install-dvi-am: -install-exec-am: +install-exec-am: install-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-html: install-html-am -install-html: install-html-recursive +install-html-am: -install-info: install-info-recursive +install-info: install-info-am + +install-info-am: install-man: -install-pdf: install-pdf-recursive +install-pdf: install-pdf-am -install-ps: install-ps-recursive +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: installcheck-am: -maintainer-clean: maintainer-clean-recursive +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic -mostlyclean: mostlyclean-recursive +mostlyclean: mostlyclean-am -mostlyclean-am: mostlyclean-generic mostlyclean-libtool +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool -pdf: pdf-recursive +pdf: pdf-am pdf-am: -ps: ps-recursive +ps: ps-am ps-am: -uninstall-am: +uninstall-am: uninstall-libLTLIBRARIES @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) uninstall-hook +.MAKE: check-am install-am install-data-am install-exec-am \ + install-strip uninstall-am -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am - -.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ - all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool ctags ctags-recursive dist-hook \ - distclean distclean-generic distclean-libtool distclean-tags \ - distdir dvi dvi-am html html-am info info-am install \ - install-am install-data install-data-am install-data-hook \ - install-dvi install-dvi-am install-exec install-exec-am \ - install-exec-hook install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ +.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ + clean clean-generic clean-libLTLIBRARIES clean-libtool ctags \ + dist-hook distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-data-hook install-dvi install-dvi-am \ + install-exec install-exec-am install-exec-hook install-html \ + install-html-am install-info install-info-am \ + install-libLTLIBRARIES install-man install-pdf install-pdf-am \ install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ - uninstall uninstall-am uninstall-hook + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags uninstall uninstall-am uninstall-hook \ + uninstall-libLTLIBRARIES install-suid-programs: @@ -712,6 +774,9 @@ check-local:: .x.c: @cmp -s $< $@ 2> /dev/null || cp $< $@ + +.hx.h: + @cmp -s $< $@ 2> /dev/null || cp $< $@ #NROFF_MAN = nroff -man .1.cat1: $(NROFF_MAN) $< > $@ @@ -797,7 +862,7 @@ uninstall-hook: uninstall-cat-mans check-valgrind: tobjdir=`cd $(top_builddir) && pwd` ; \ tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check + env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check # # Target to please samba build farm, builds distfiles in-tree. @@ -810,6 +875,7 @@ distdir-in-tree: $(DISTFILES) $(INFO_DEPS) (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ fi ; \ done + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/lib/sqlite/NTMakefile b/lib/sqlite/NTMakefile new file mode 100644 index 000000000000..f9e90fb77ff0 --- /dev/null +++ b/lib/sqlite/NTMakefile @@ -0,0 +1,47 @@ +######################################################################## +# +# Copyright (c) 2009, Secure Endpoints Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# - Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +RELDIR=lib\sqlite + +!include ../../windows/NTMakefile.w32 + +INCFILES= \ + $(INCDIR)\sqlite3.h \ + $(INCDIR)\sqlite3ext.h + +$(LIBSQLITE): $(OBJ)\sqlite3.obj + $(LIBCON) + +all:: $(INCFILES) $(LIBSQLITE) + +clean:: + -$(RM) $(LIBSQLITE) + -$(RM) $(INCFILES) diff --git a/lib/sqlite/sqlite3.c b/lib/sqlite/sqlite3.c new file mode 100644 index 000000000000..efe31d888c1d --- /dev/null +++ b/lib/sqlite/sqlite3.c @@ -0,0 +1,112444 @@ +/****************************************************************************** +** This file is an amalgamation of many separate C source files from SQLite +** version 3.6.23.1. By combining all the individual C code files into this +** single large file, the entire code can be compiled as a one translation +** unit. This allows many compilers to do optimizations that would not be +** possible if the files were compiled separately. Performance improvements +** of 5% are more are commonly seen when SQLite is compiled as a single +** translation unit. +** +** This file is all you need to compile SQLite. To use SQLite in other +** programs, you need this file and the "sqlite3.h" header file that defines +** the programming interface to the SQLite library. (If you do not have +** the "sqlite3.h" header file at hand, you will find a copy embedded within +** the text of this file. Search for "Begin file sqlite3.h" to find the start +** of the embedded sqlite3.h header file.) Additional code files may be needed +** if you want a wrapper to interface SQLite with your choice of programming +** language. The code for the "sqlite3" command-line shell is also in a +** separate file. This file contains only code for the core SQLite library. +*/ +#define SQLITE_CORE 1 +#define SQLITE_AMALGAMATION 1 +#ifndef SQLITE_PRIVATE +# define SQLITE_PRIVATE static +#endif +#ifndef SQLITE_API +# define SQLITE_API +#endif +/************** Begin file sqliteInt.h ***************************************/ +/* +** 2001 September 15 +** +** The author disclaims copyright to this source code. In place of +** a legal notice, here is a blessing: +** +** May you do good and not evil. +** May you find forgiveness for yourself and forgive others. +** May you share freely, never taking more than you give. +** +************************************************************************* +** Internal interface definitions for SQLite. +** +*/ +#ifndef _SQLITEINT_H_ +#define _SQLITEINT_H_ + +/* +** These #defines should enable >2GB file support on POSIX if the +** underlying operating system supports it. If the OS lacks +** large file support, or if the OS is windows, these should be no-ops. +** +** Ticket #2739: The _LARGEFILE_SOURCE macro must appear before any +** system #includes. Hence, this block of code must be the very first +** code in all source files. +** +** Large file support can be disabled using the -DSQLITE_DISABLE_LFS switch +** on the compiler command line. This is necessary if you are compiling +** on a recent machine (ex: Red Hat 7.2) but you want your code to work +** on an older machine (ex: Red Hat 6.0). If you compile on Red Hat 7.2 +** without this option, LFS is enable. But LFS does not exist in the kernel +** in Red Hat 6.0, so the code won't work. Hence, for maximum binary +** portability you should omit LFS. +** +** Similar is true for Mac OS X. LFS is only supported on Mac OS X 9 and later. +*/ +#ifndef SQLITE_DISABLE_LFS +# define _LARGE_FILE 1 +# ifndef _FILE_OFFSET_BITS +# define _FILE_OFFSET_BITS 64 +# endif +# define _LARGEFILE_SOURCE 1 +#endif + +/* +** Include the configuration header output by 'configure' if we're using the +** autoconf-based build +*/ +#ifdef _HAVE_SQLITE_CONFIG_H +#include "config.h" +#endif + +/************** Include sqliteLimit.h in the middle of sqliteInt.h ***********/ +/************** Begin file sqliteLimit.h *************************************/ +/* +** 2007 May 7 +** +** The author disclaims copyright to this source code. In place of +** a legal notice, here is a blessing: +** +** May you do good and not evil. +** May you find forgiveness for yourself and forgive others. +** May you share freely, never taking more than you give. +** +************************************************************************* +** +** This file defines various limits of what SQLite can process. +*/ + +/* +** The maximum length of a TEXT or BLOB in bytes. This also +** limits the size of a row in a table or index. +** +** The hard limit is the ability of a 32-bit signed integer +** to count the size: 2^31-1 or 2147483647. +*/ +#ifndef SQLITE_MAX_LENGTH +# define SQLITE_MAX_LENGTH 1000000000 +#endif + +/* +** This is the maximum number of +** +** * Columns in a table +** * Columns in an index +** * Columns in a view +** * Terms in the SET clause of an UPDATE statement +** * Terms in the result set of a SELECT statement +** * Terms in the GROUP BY or ORDER BY clauses of a SELECT statement. +** * Terms in the VALUES clause of an INSERT statement +** +** The hard upper limit here is 32676. Most database people will +** tell you that in a well-normalized database, you usually should +** not have more than a dozen or so columns in any table. And if +** that is the case, there is no point in having more than a few +** dozen values in any of the other situations described above. +*/ +#ifndef SQLITE_MAX_COLUMN +# define SQLITE_MAX_COLUMN 2000 +#endif + +/* +** The maximum length of a single SQL statement in bytes. +** +** It used to be the case that setting this value to zero would +** turn the limit off. That is no longer true. It is not possible +** to turn this limit off. +*/ +#ifndef SQLITE_MAX_SQL_LENGTH +# define SQLITE_MAX_SQL_LENGTH 1000000000 +#endif + +/* +** The maximum depth of an expression tree. This is limited to +** some extent by SQLITE_MAX_SQL_LENGTH. But sometime you might +** want to place more severe limits on the complexity of an +** expression. +** +** A value of 0 used to mean that the limit was not enforced. +** But that is no longer true. The limit is now strictly enforced +** at all times. +*/ +#ifndef SQLITE_MAX_EXPR_DEPTH +# define SQLITE_MAX_EXPR_DEPTH 1000 +#endif + +/* +** The maximum number of terms in a compound SELECT statement. +** The code generator for compound SELECT statements does one +** level of recursion for each term. A stack overflow can result +** if the number of terms is too large. In practice, most SQL +** never has more than 3 or 4 terms. Use a value of 0 to disable +** any limit on the number of terms in a compount SELECT. +*/ +#ifndef SQLITE_MAX_COMPOUND_SELECT +# define SQLITE_MAX_COMPOUND_SELECT 500 +#endif + +/* +** The maximum number of opcodes in a VDBE program. +** Not currently enforced. +*/ +#ifndef SQLITE_MAX_VDBE_OP +# define SQLITE_MAX_VDBE_OP 25000 +#endif + +/* +** The maximum number of arguments to an SQL function. +*/ +#ifndef SQLITE_MAX_FUNCTION_ARG +# define SQLITE_MAX_FUNCTION_ARG 127 +#endif + +/* +** The maximum number of in-memory pages to use for the main database +** table and for temporary tables. The SQLITE_DEFAULT_CACHE_SIZE +*/ +#ifndef SQLITE_DEFAULT_CACHE_SIZE +# define SQLITE_DEFAULT_CACHE_SIZE 2000 +#endif +#ifndef SQLITE_DEFAULT_TEMP_CACHE_SIZE +# define SQLITE_DEFAULT_TEMP_CACHE_SIZE 500 +#endif + +/* +** The maximum number of attached databases. This must be between 0 +** and 30. The upper bound on 30 is because a 32-bit integer bitmap +** is used internally to track attached databases. +*/ +#ifndef SQLITE_MAX_ATTACHED +# define SQLITE_MAX_ATTACHED 10 +#endif + + +/* +** The maximum value of a ?nnn wildcard that the parser will accept. +*/ +#ifndef SQLITE_MAX_VARIABLE_NUMBER +# define SQLITE_MAX_VARIABLE_NUMBER 999 +#endif + +/* Maximum page size. The upper bound on this value is 32768. This a limit +** imposed by the necessity of storing the value in a 2-byte unsigned integer +** and the fact that the page size must be a power of 2. +** +** If this limit is changed, then the compiled library is technically +** incompatible with an SQLite library compiled with a different limit. If +** a process operating on a database with a page-size of 65536 bytes +** crashes, then an instance of SQLite compiled with the default page-size +** limit will not be able to rollback the aborted transaction. This could +** lead to database corruption. +*/ +#ifndef SQLITE_MAX_PAGE_SIZE +# define SQLITE_MAX_PAGE_SIZE 32768 +#endif + + +/* +** The default size of a database page. +*/ +#ifndef SQLITE_DEFAULT_PAGE_SIZE +# define SQLITE_DEFAULT_PAGE_SIZE 1024 +#endif +#if SQLITE_DEFAULT_PAGE_SIZE>SQLITE_MAX_PAGE_SIZE +# undef SQLITE_DEFAULT_PAGE_SIZE +# define SQLITE_DEFAULT_PAGE_SIZE SQLITE_MAX_PAGE_SIZE +#endif + +/* +** Ordinarily, if no value is explicitly provided, SQLite creates databases +** with page size SQLITE_DEFAULT_PAGE_SIZE. However, based on certain +** device characteristics (sector-size and atomic write() support), +** SQLite may choose a larger value. This constant is the maximum value +** SQLite will choose on its own. +*/ +#ifndef SQLITE_MAX_DEFAULT_PAGE_SIZE +# define SQLITE_MAX_DEFAULT_PAGE_SIZE 8192 +#endif +#if SQLITE_MAX_DEFAULT_PAGE_SIZE>SQLITE_MAX_PAGE_SIZE +# undef SQLITE_MAX_DEFAULT_PAGE_SIZE +# define SQLITE_MAX_DEFAULT_PAGE_SIZE SQLITE_MAX_PAGE_SIZE +#endif + + +/* +** Maximum number of pages in one database file. +** +** This is really just the default value for the max_page_count pragma. +** This value can be lowered (or raised) at run-time using that the +** max_page_count macro. +*/ +#ifndef SQLITE_MAX_PAGE_COUNT +# define SQLITE_MAX_PAGE_COUNT 1073741823 +#endif + +/* +** Maximum length (in bytes) of the pattern in a LIKE or GLOB +** operator. +*/ +#ifndef SQLITE_MAX_LIKE_PATTERN_LENGTH +# define SQLITE_MAX_LIKE_PATTERN_LENGTH 50000 +#endif + +/* +** Maximum depth of recursion for triggers. +** +** A value of 1 means that a trigger program will not be able to itself +** fire any triggers. A value of 0 means that no trigger programs at all +** may be executed. +*/ +#ifndef SQLITE_MAX_TRIGGER_DEPTH +# define SQLITE_MAX_TRIGGER_DEPTH 1000 +#endif + +/************** End of sqliteLimit.h *****************************************/ +/************** Continuing where we left off in sqliteInt.h ******************/ + +/* Disable nuisance warnings on Borland compilers */ +#if defined(__BORLANDC__) +#pragma warn -rch /* unreachable code */ +#pragma warn -ccc /* Condition is always true or false */ +#pragma warn -aus /* Assigned value is never used */ +#pragma warn -csu /* Comparing signed and unsigned */ +#pragma warn -spa /* Suspicious pointer arithmetic */ +#endif + +/* Needed for various definitions... */ +#ifndef _GNU_SOURCE +# define _GNU_SOURCE +#endif + +/* +** Include standard header files as necessary +*/ +#ifdef HAVE_STDINT_H +#include +#endif +#ifdef HAVE_INTTYPES_H +#include +#endif + +/* +** The number of samples of an index that SQLite takes in order to +** construct a histogram of the table content when running ANALYZE +** and with SQLITE_ENABLE_STAT2 +*/ +#define SQLITE_INDEX_SAMPLES 10 + +/* +** The following macros are used to cast pointers to integers and +** integers to pointers. The way you do this varies from one compiler +** to the next, so we have developed the following set of #if statements +** to generate appropriate macros for a wide range of compilers. +** +** The correct "ANSI" way to do this is to use the intptr_t type. +** Unfortunately, that typedef is not available on all compilers, or +** if it is available, it requires an #include of specific headers +** that very from one machine to the next. +** +** Ticket #3860: The llvm-gcc-4.2 compiler from Apple chokes on +** the ((void*)&((char*)0)[X]) construct. But MSVC chokes on ((void*)(X)). +** So we have to define the macros in different ways depending on the +** compiler. +*/ +#if defined(__PTRDIFF_TYPE__) /* This case should work for GCC */ +# define SQLITE_INT_TO_PTR(X) ((void*)(__PTRDIFF_TYPE__)(X)) +# define SQLITE_PTR_TO_INT(X) ((int)(__PTRDIFF_TYPE__)(X)) +#elif !defined(__GNUC__) /* Works for compilers other than LLVM */ +# define SQLITE_INT_TO_PTR(X) ((void*)&((char*)0)[X]) +# define SQLITE_PTR_TO_INT(X) ((int)(((char*)X)-(char*)0)) +#elif defined(HAVE_STDINT_H) /* Use this case if we have ANSI headers */ +# define SQLITE_INT_TO_PTR(X) ((void*)(intptr_t)(X)) +# define SQLITE_PTR_TO_INT(X) ((int)(intptr_t)(X)) +#else /* Generates a warning - but it always works */ +# define SQLITE_INT_TO_PTR(X) ((void*)(X)) +# define SQLITE_PTR_TO_INT(X) ((int)(X)) +#endif + +/* +** The SQLITE_THREADSAFE macro must be defined as either 0 or 1. +** Older versions of SQLite used an optional THREADSAFE macro. +** We support that for legacy +*/ +#if !defined(SQLITE_THREADSAFE) +#if defined(THREADSAFE) +# define SQLITE_THREADSAFE THREADSAFE +#else +# define SQLITE_THREADSAFE 1 +#endif +#endif + +/* +** The SQLITE_DEFAULT_MEMSTATUS macro must be defined as either 0 or 1. +** It determines whether or not the features related to +** SQLITE_CONFIG_MEMSTATUS are available by default or not. This value can +** be overridden at runtime using the sqlite3_config() API. +*/ +#if !defined(SQLITE_DEFAULT_MEMSTATUS) +# define SQLITE_DEFAULT_MEMSTATUS 1 +#endif + +/* +** Exactly one of the following macros must be defined in order to +** specify which memory allocation subsystem to use. +** +** SQLITE_SYSTEM_MALLOC // Use normal system malloc() +** SQLITE_MEMDEBUG // Debugging version of system malloc() +** +** (Historical note: There used to be several other options, but we've +** pared it down to just these two.) +** +** If none of the above are defined, then set SQLITE_SYSTEM_MALLOC as +** the default. +*/ +#if defined(SQLITE_SYSTEM_MALLOC)+defined(SQLITE_MEMDEBUG)>1 +# error "At most one of the following compile-time configuration options\ + is allows: SQLITE_SYSTEM_MALLOC, SQLITE_MEMDEBUG" +#endif +#if defined(SQLITE_SYSTEM_MALLOC)+defined(SQLITE_MEMDEBUG)==0 +# define SQLITE_SYSTEM_MALLOC 1 +#endif + +/* +** If SQLITE_MALLOC_SOFT_LIMIT is not zero, then try to keep the +** sizes of memory allocations below this value where possible. +*/ +#if !defined(SQLITE_MALLOC_SOFT_LIMIT) +# define SQLITE_MALLOC_SOFT_LIMIT 1024 +#endif + +/* +** We need to define _XOPEN_SOURCE as follows in order to enable +** recursive mutexes on most Unix systems. But Mac OS X is different. +** The _XOPEN_SOURCE define causes problems for Mac OS X we are told, +** so it is omitted there. See ticket #2673. +** +** Later we learn that _XOPEN_SOURCE is poorly or incorrectly +** implemented on some systems. So we avoid defining it at all +** if it is already defined or if it is unneeded because we are +** not doing a threadsafe build. Ticket #2681. +** +** See also ticket #2741. +*/ +#if !defined(_XOPEN_SOURCE) && !defined(__DARWIN__) && !defined(__APPLE__) && SQLITE_THREADSAFE +# define _XOPEN_SOURCE 500 /* Needed to enable pthread recursive mutexes */ +#endif + +/* +** The TCL headers are only needed when compiling the TCL bindings. +*/ +#if defined(SQLITE_TCL) || defined(TCLSH) +# include +#endif + +/* +** Many people are failing to set -DNDEBUG=1 when compiling SQLite. +** Setting NDEBUG makes the code smaller and run faster. So the following +** lines are added to automatically set NDEBUG unless the -DSQLITE_DEBUG=1 +** option is set. Thus NDEBUG becomes an opt-in rather than an opt-out +** feature. +*/ +#if !defined(NDEBUG) && !defined(SQLITE_DEBUG) +# define NDEBUG 1 +#endif + +/* +** The testcase() macro is used to aid in coverage testing. When +** doing coverage testing, the condition inside the argument to +** testcase() must be evaluated both true and false in order to +** get full branch coverage. The testcase() macro is inserted +** to help ensure adequate test coverage in places where simple +** condition/decision coverage is inadequate. For example, testcase() +** can be used to make sure boundary values are tested. For +** bitmask tests, testcase() can be used to make sure each bit +** is significant and used at least once. On switch statements +** where multiple cases go to the same block of code, testcase() +** can insure that all cases are evaluated. +** +*/ +#ifdef SQLITE_COVERAGE_TEST +SQLITE_PRIVATE void sqlite3Coverage(int); +# define testcase(X) if( X ){ sqlite3Coverage(__LINE__); } +#else +# define testcase(X) +#endif + +/* +** The TESTONLY macro is used to enclose variable declarations or +** other bits of code that are needed to support the arguments +** within testcase() and assert() macros. +*/ +#if !defined(NDEBUG) || defined(SQLITE_COVERAGE_TEST) +# define TESTONLY(X) X +#else +# define TESTONLY(X) +#endif + +/* +** Sometimes we need a small amount of code such as a variable initialization +** to setup for a later assert() statement. We do not want this code to +** appear when assert() is disabled. The following macro is therefore +** used to contain that setup code. The "VVA" acronym stands for +** "Verification, Validation, and Accreditation". In other words, the +** code within VVA_ONLY() will only run during verification processes. +*/ +#ifndef NDEBUG +# define VVA_ONLY(X) X +#else +# define VVA_ONLY(X) +#endif + +/* +** The ALWAYS and NEVER macros surround boolean expressions which +** are intended to always be true or false, respectively. Such +** expressions could be omitted from the code completely. But they +** are included in a few cases in order to enhance the resilience +** of SQLite to unexpected behavior - to make the code "self-healing" +** or "ductile" rather than being "brittle" and crashing at the first +** hint of unplanned behavior. +** +** In other words, ALWAYS and NEVER are added for defensive code. +** +** When doing coverage testing ALWAYS and NEVER are hard-coded to +** be true and false so that the unreachable code then specify will +** not be counted as untested code. +*/ +#if defined(SQLITE_COVERAGE_TEST) +# define ALWAYS(X) (1) +# define NEVER(X) (0) +#elif !defined(NDEBUG) +# define ALWAYS(X) ((X)?1:(assert(0),0)) +# define NEVER(X) ((X)?(assert(0),1):0) +#else +# define ALWAYS(X) (X) +# define NEVER(X) (X) +#endif + +/* +** The macro unlikely() is a hint that surrounds a boolean +** expression that is usually false. Macro likely() surrounds +** a boolean expression that is usually true. GCC is able to +** use these hints to generate better code, sometimes. +*/ +#if defined(__GNUC__) && 0 +# define likely(X) __builtin_expect((X),1) +# define unlikely(X) __builtin_expect((X),0) +#else +# define likely(X) !!(X) +# define unlikely(X) !!(X) +#endif + +/************** Include sqlite3.h in the middle of sqliteInt.h ***************/ +/************** Begin file sqlite3.h *****************************************/ +/* +** 2001 September 15 +** +** The author disclaims copyright to this source code. In place of +** a legal notice, here is a blessing: +** +** May you do good and not evil. +** May you find forgiveness for yourself and forgive others. +** May you share freely, never taking more than you give. +** +************************************************************************* +** This header file defines the interface that the SQLite library +** presents to client programs. If a C-function, structure, datatype, +** or constant definition does not appear in this file, then it is +** not a published API of SQLite, is subject to change without +** notice, and should not be referenced by programs that use SQLite. +** +** Some of the definitions that are in this file are marked as +** "experimental". Experimental interfaces are normally new +** features recently added to SQLite. We do not anticipate changes +** to experimental interfaces but reserve the right to make minor changes +** if experience from use "in the wild" suggest such changes are prudent. +** +** The official C-language API documentation for SQLite is derived +** from comments in this file. This file is the authoritative source +** on how SQLite interfaces are suppose to operate. +** +** The name of this file under configuration management is "sqlite.h.in". +** The makefile makes some minor changes to this file (such as inserting +** the version number) and changes its name to "sqlite3.h" as +** part of the build process. +*/ +#ifndef _SQLITE3_H_ +#define _SQLITE3_H_ +#include /* Needed for the definition of va_list */ + +/* +** Make sure we can call this stuff from C++. +*/ +#if 0 +extern "C" { +#endif + + +/* +** Add the ability to override 'extern' +*/ +#ifndef SQLITE_EXTERN +# define SQLITE_EXTERN extern +#endif + +#ifndef SQLITE_API +# define SQLITE_API +#endif + + +/* +** These no-op macros are used in front of interfaces to mark those +** interfaces as either deprecated or experimental. New applications +** should not use deprecated interfaces - they are support for backwards +** compatibility only. Application writers should be aware that +** experimental interfaces are subject to change in point releases. +** +** These macros used to resolve to various kinds of compiler magic that +** would generate warning messages when they were used. But that +** compiler magic ended up generating such a flurry of bug reports +** that we have taken it all out and gone back to using simple +** noop macros. +*/ +#define SQLITE_DEPRECATED +#define SQLITE_EXPERIMENTAL + +/* +** Ensure these symbols were not defined by some previous header file. +*/ +#ifdef SQLITE_VERSION +# undef SQLITE_VERSION +#endif +#ifdef SQLITE_VERSION_NUMBER +# undef SQLITE_VERSION_NUMBER +#endif + +/* +** CAPI3REF: Compile-Time Library Version Numbers +** +** ^(The [SQLITE_VERSION] C preprocessor macro in the sqlite3.h header +** evaluates to a string literal that is the SQLite version in the +** format "X.Y.Z" where X is the major version number (always 3 for +** SQLite3) and Y is the minor version number and Z is the release number.)^ +** ^(The [SQLITE_VERSION_NUMBER] C preprocessor macro resolves to an integer +** with the value (X*1000000 + Y*1000 + Z) where X, Y, and Z are the same +** numbers used in [SQLITE_VERSION].)^ +** The SQLITE_VERSION_NUMBER for any given release of SQLite will also +** be larger than the release from which it is derived. Either Y will +** be held constant and Z will be incremented or else Y will be incremented +** and Z will be reset to zero. +** +** Since version 3.6.18, SQLite source code has been stored in the +** Fossil configuration management +** system. ^The SQLITE_SOURCE_ID macro evalutes to +** a string which identifies a particular check-in of SQLite +** within its configuration management system. ^The SQLITE_SOURCE_ID +** string contains the date and time of the check-in (UTC) and an SHA1 +** hash of the entire source tree. +** +** See also: [sqlite3_libversion()], +** [sqlite3_libversion_number()], [sqlite3_sourceid()], +** [sqlite_version()] and [sqlite_source_id()]. +*/ +#define SQLITE_VERSION "3.6.23.1" +#define SQLITE_VERSION_NUMBER 3006023 +#define SQLITE_SOURCE_ID "2010-03-26 22:28:06 b078b588d617e07886ad156e9f54ade6d823568e" + +/* +** CAPI3REF: Run-Time Library Version Numbers +** KEYWORDS: sqlite3_version, sqlite3_sourceid +** +** These interfaces provide the same information as the [SQLITE_VERSION], +** [SQLITE_VERSION_NUMBER], and [SQLITE_SOURCE_ID] C preprocessor macros +** but are associated with the library instead of the header file. ^(Cautious +** programmers might include assert() statements in their application to +** verify that values returned by these interfaces match the macros in +** the header, and thus insure that the application is +** compiled with matching library and header files. +** +** 
+** assert( sqlite3_libversion_number()==SQLITE_VERSION_NUMBER );
+** assert( strcmp(sqlite3_sourceid(),SQLITE_SOURCE_ID)==0 );
+** assert( strcmp(sqlite3_libversion(),SQLITE_VERSION)==0 );
+**
)^ +** +** ^The sqlite3_version[] string constant contains the text of [SQLITE_VERSION] +** macro. ^The sqlite3_libversion() function returns a pointer to the +** to the sqlite3_version[] string constant. The sqlite3_libversion() +** function is provided for use in DLLs since DLL users usually do not have +** direct access to string constants within the DLL. ^The +** sqlite3_libversion_number() function returns an integer equal to +** [SQLITE_VERSION_NUMBER]. ^The sqlite3_sourceid() function returns +** a pointer to a string constant whose value is the same as the +** [SQLITE_SOURCE_ID] C preprocessor macro. +** +** See also: [sqlite_version()] and [sqlite_source_id()]. +*/ +SQLITE_API const char sqlite3_version[] = SQLITE_VERSION; +SQLITE_API const char *sqlite3_libversion(void); +SQLITE_API const char *sqlite3_sourceid(void); +SQLITE_API int sqlite3_libversion_number(void); + +#ifndef SQLITE_OMIT_COMPILEOPTION_DIAGS +/* +** CAPI3REF: Run-Time Library Compilation Options Diagnostics +** +** ^The sqlite3_compileoption_used() function returns 0 or 1 +** indicating whether the specified option was defined at +** compile time. ^The SQLITE_ prefix may be omitted from the +** option name passed to sqlite3_compileoption_used(). +** +** ^The sqlite3_compileoption_get() function allows interating +** over the list of options that were defined at compile time by +** returning the N-th compile time option string. ^If N is out of range, +** sqlite3_compileoption_get() returns a NULL pointer. ^The SQLITE_ +** prefix is omitted from any strings returned by +** sqlite3_compileoption_get(). +** +** ^Support for the diagnostic functions sqlite3_compileoption_used() +** and sqlite3_compileoption_get() may be omitted by specifing the +** [SQLITE_OMIT_COMPILEOPTION_DIAGS] option at compile time. +** +** See also: SQL functions [sqlite_compileoption_used()] and +** [sqlite_compileoption_get()] and the [compile_options pragma]. +*/ +SQLITE_API int sqlite3_compileoption_used(const char *zOptName); +SQLITE_API const char *sqlite3_compileoption_get(int N); +#endif /* SQLITE_OMIT_COMPILEOPTION_DIAGS */ + +/* +** CAPI3REF: Test To See If The Library Is Threadsafe +** +** ^The sqlite3_threadsafe() function returns zero if and only if +** SQLite was compiled mutexing code omitted due to the +** [SQLITE_THREADSAFE] compile-time option being set to 0. +** +** SQLite can be compiled with or without mutexes. When +** the [SQLITE_THREADSAFE] C preprocessor macro is 1 or 2, mutexes +** are enabled and SQLite is threadsafe. When the +** [SQLITE_THREADSAFE] macro is 0, +** the mutexes are omitted. Without the mutexes, it is not safe +** to use SQLite concurrently from more than one thread. +** +** Enabling mutexes incurs a measurable performance penalty. +** So if speed is of utmost importance, it makes sense to disable +** the mutexes. But for maximum safety, mutexes should be enabled. +** ^The default behavior is for mutexes to be enabled. +** +** This interface can be used by an application to make sure that the +** version of SQLite that it is linking against was compiled with +** the desired setting of the [SQLITE_THREADSAFE] macro. +** +** This interface only reports on the compile-time mutex setting +** of the [SQLITE_THREADSAFE] flag. If SQLite is compiled with +** SQLITE_THREADSAFE=1 or =2 then mutexes are enabled by default but +** can be fully or partially disabled using a call to [sqlite3_config()] +** with the verbs [SQLITE_CONFIG_SINGLETHREAD], [SQLITE_CONFIG_MULTITHREAD], +** or [SQLITE_CONFIG_MUTEX]. ^(The return value of the +** sqlite3_threadsafe() function shows only the compile-time setting of +** thread safety, not any run-time changes to that setting made by +** sqlite3_config(). In other words, the return value from sqlite3_threadsafe() +** is unchanged by calls to sqlite3_config().)^ +** +** See the [threading mode] documentation for additional information. +*/ +SQLITE_API int sqlite3_threadsafe(void); + +/* +** CAPI3REF: Database Connection Handle +** KEYWORDS: {database connection} {database connections} +** +** Each open SQLite database is represented by a pointer to an instance of +** the opaque structure named "sqlite3". It is useful to think of an sqlite3 +** pointer as an object. The [sqlite3_open()], [sqlite3_open16()], and +** [sqlite3_open_v2()] interfaces are its constructors, and [sqlite3_close()] +** is its destructor. There are many other interfaces (such as +** [sqlite3_prepare_v2()], [sqlite3_create_function()], and +** [sqlite3_busy_timeout()] to name but three) that are methods on an +** sqlite3 object. +*/ +typedef struct sqlite3 sqlite3; + +/* +** CAPI3REF: 64-Bit Integer Types +** KEYWORDS: sqlite_int64 sqlite_uint64 +** +** Because there is no cross-platform way to specify 64-bit integer types +** SQLite includes typedefs for 64-bit signed and unsigned integers. +** +** The sqlite3_int64 and sqlite3_uint64 are the preferred type definitions. +** The sqlite_int64 and sqlite_uint64 types are supported for backwards +** compatibility only. +** +** ^The sqlite3_int64 and sqlite_int64 types can store integer values +** between -9223372036854775808 and +9223372036854775807 inclusive. ^The +** sqlite3_uint64 and sqlite_uint64 types can store integer values +** between 0 and +18446744073709551615 inclusive. +*/ +#ifdef SQLITE_INT64_TYPE + typedef SQLITE_INT64_TYPE sqlite_int64; + typedef unsigned SQLITE_INT64_TYPE sqlite_uint64; +#elif defined(_MSC_VER) || defined(__BORLANDC__) + typedef __int64 sqlite_int64; + typedef unsigned __int64 sqlite_uint64; +#else + typedef long long int sqlite_int64; + typedef unsigned long long int sqlite_uint64; +#endif +typedef sqlite_int64 sqlite3_int64; +typedef sqlite_uint64 sqlite3_uint64; + +/* +** If compiling for a processor that lacks floating point support, +** substitute integer for floating-point. +*/ +#ifdef SQLITE_OMIT_FLOATING_POINT +# define double sqlite3_int64 +#endif + +/* +** CAPI3REF: Closing A Database Connection +** +** ^The sqlite3_close() routine is the destructor for the [sqlite3] object. +** ^Calls to sqlite3_close() return SQLITE_OK if the [sqlite3] object is +** successfullly destroyed and all associated resources are deallocated. +** +** Applications must [sqlite3_finalize | finalize] all [prepared statements] +** and [sqlite3_blob_close | close] all [BLOB handles] associated with +** the [sqlite3] object prior to attempting to close the object. ^If +** sqlite3_close() is called on a [database connection] that still has +** outstanding [prepared statements] or [BLOB handles], then it returns +** SQLITE_BUSY. +** +** ^If [sqlite3_close()] is invoked while a transaction is open, +** the transaction is automatically rolled back. +** +** The C parameter to [sqlite3_close(C)] must be either a NULL +** pointer or an [sqlite3] object pointer obtained +** from [sqlite3_open()], [sqlite3_open16()], or +** [sqlite3_open_v2()], and not previously closed. +** ^Calling sqlite3_close() with a NULL pointer argument is a +** harmless no-op. +*/ +SQLITE_API int sqlite3_close(sqlite3 *); + +/* +** The type for a callback function. +** This is legacy and deprecated. It is included for historical +** compatibility and is not documented. +*/ +typedef int (*sqlite3_callback)(void*,int,char**, char**); + +/* +** CAPI3REF: One-Step Query Execution Interface +** +** The sqlite3_exec() interface is a convenience wrapper around +** [sqlite3_prepare_v2()], [sqlite3_step()], and [sqlite3_finalize()], +** that allows an application to run multiple statements of SQL +** without having to use a lot of C code. +** +** ^The sqlite3_exec() interface runs zero or more UTF-8 encoded, +** semicolon-separate SQL statements passed into its 2nd argument, +** in the context of the [database connection] passed in as its 1st +** argument. ^If the callback function of the 3rd argument to +** sqlite3_exec() is not NULL, then it is invoked for each result row +** coming out of the evaluated SQL statements. ^The 4th argument to +** to sqlite3_exec() is relayed through to the 1st argument of each +** callback invocation. ^If the callback pointer to sqlite3_exec() +** is NULL, then no callback is ever invoked and result rows are +** ignored. +** +** ^If an error occurs while evaluating the SQL statements passed into +** sqlite3_exec(), then execution of the current statement stops and +** subsequent statements are skipped. ^If the 5th parameter to sqlite3_exec() +** is not NULL then any error message is written into memory obtained +** from [sqlite3_malloc()] and passed back through the 5th parameter. +** To avoid memory leaks, the application should invoke [sqlite3_free()] +** on error message strings returned through the 5th parameter of +** of sqlite3_exec() after the error message string is no longer needed. +** ^If the 5th parameter to sqlite3_exec() is not NULL and no errors +** occur, then sqlite3_exec() sets the pointer in its 5th parameter to +** NULL before returning. +** +** ^If an sqlite3_exec() callback returns non-zero, the sqlite3_exec() +** routine returns SQLITE_ABORT without invoking the callback again and +** without running any subsequent SQL statements. +** +** ^The 2nd argument to the sqlite3_exec() callback function is the +** number of columns in the result. ^The 3rd argument to the sqlite3_exec() +** callback is an array of pointers to strings obtained as if from +** [sqlite3_column_text()], one for each column. ^If an element of a +** result row is NULL then the corresponding string pointer for the +** sqlite3_exec() callback is a NULL pointer. ^The 4th argument to the +** sqlite3_exec() callback is an array of pointers to strings where each +** entry represents the name of corresponding result column as obtained +** from [sqlite3_column_name()]. +** +** ^If the 2nd parameter to sqlite3_exec() is a NULL pointer, a pointer +** to an empty string, or a pointer that contains only whitespace and/or +** SQL comments, then no SQL statements are evaluated and the database +** is not changed. +** +** Restrictions: +** +**
    +**
  • The application must insure that the 1st parameter to sqlite3_exec() +** is a valid and open [database connection]. +**
  • The application must not close [database connection] specified by +** the 1st parameter to sqlite3_exec() while sqlite3_exec() is running. +**
  • The application must not modify the SQL statement text passed into +** the 2nd parameter of sqlite3_exec() while sqlite3_exec() is running. +**
+*/ +SQLITE_API int sqlite3_exec( + sqlite3*, /* An open database */ + const char *sql, /* SQL to be evaluated */ + int (*callback)(void*,int,char**,char**), /* Callback function */ + void *, /* 1st argument to callback */ + char **errmsg /* Error msg written here */ +); + +/* +** CAPI3REF: Result Codes +** KEYWORDS: SQLITE_OK {error code} {error codes} +** KEYWORDS: {result code} {result codes} +** +** Many SQLite functions return an integer result code from the set shown +** here in order to indicates success or failure. +** +** New error codes may be added in future versions of SQLite. +** +** See also: [SQLITE_IOERR_READ | extended result codes] +*/ +#define SQLITE_OK 0 /* Successful result */ +/* beginning-of-error-codes */ +#define SQLITE_ERROR 1 /* SQL error or missing database */ +#define SQLITE_INTERNAL 2 /* Internal logic error in SQLite */ +#define SQLITE_PERM 3 /* Access permission denied */ +#define SQLITE_ABORT 4 /* Callback routine requested an abort */ +#define SQLITE_BUSY 5 /* The database file is locked */ +#define SQLITE_LOCKED 6 /* A table in the database is locked */ +#define SQLITE_NOMEM 7 /* A malloc() failed */ +#define SQLITE_READONLY 8 /* Attempt to write a readonly database */ +#define SQLITE_INTERRUPT 9 /* Operation terminated by sqlite3_interrupt()*/ +#define SQLITE_IOERR 10 /* Some kind of disk I/O error occurred */ +#define SQLITE_CORRUPT 11 /* The database disk image is malformed */ +#define SQLITE_NOTFOUND 12 /* NOT USED. Table or record not found */ +#define SQLITE_FULL 13 /* Insertion failed because database is full */ +#define SQLITE_CANTOPEN 14 /* Unable to open the database file */ +#define SQLITE_PROTOCOL 15 /* NOT USED. Database lock protocol error */ +#define SQLITE_EMPTY 16 /* Database is empty */ +#define SQLITE_SCHEMA 17 /* The database schema changed */ +#define SQLITE_TOOBIG 18 /* String or BLOB exceeds size limit */ +#define SQLITE_CONSTRAINT 19 /* Abort due to constraint violation */ +#define SQLITE_MISMATCH 20 /* Data type mismatch */ +#define SQLITE_MISUSE 21 /* Library used incorrectly */ +#define SQLITE_NOLFS 22 /* Uses OS features not supported on host */ +#define SQLITE_AUTH 23 /* Authorization denied */ +#define SQLITE_FORMAT 24 /* Auxiliary database format error */ +#define SQLITE_RANGE 25 /* 2nd parameter to sqlite3_bind out of range */ +#define SQLITE_NOTADB 26 /* File opened that is not a database file */ +#define SQLITE_ROW 100 /* sqlite3_step() has another row ready */ +#define SQLITE_DONE 101 /* sqlite3_step() has finished executing */ +/* end-of-error-codes */ + +/* +** CAPI3REF: Extended Result Codes +** KEYWORDS: {extended error code} {extended error codes} +** KEYWORDS: {extended result code} {extended result codes} +** +** In its default configuration, SQLite API routines return one of 26 integer +** [SQLITE_OK | result codes]. However, experience has shown that many of +** these result codes are too coarse-grained. They do not provide as +** much information about problems as programmers might like. In an effort to +** address this, newer versions of SQLite (version 3.3.8 and later) include +** support for additional result codes that provide more detailed information +** about errors. The extended result codes are enabled or disabled +** on a per database connection basis using the +** [sqlite3_extended_result_codes()] API. +** +** Some of the available extended result codes are listed here. +** One may expect the number of extended result codes will be expand +** over time. Software that uses extended result codes should expect +** to see new result codes in future releases of SQLite. +** +** The SQLITE_OK result code will never be extended. It will always +** be exactly zero. +*/ +#define SQLITE_IOERR_READ (SQLITE_IOERR | (1<<8)) +#define SQLITE_IOERR_SHORT_READ (SQLITE_IOERR | (2<<8)) +#define SQLITE_IOERR_WRITE (SQLITE_IOERR | (3<<8)) +#define SQLITE_IOERR_FSYNC (SQLITE_IOERR | (4<<8)) +#define SQLITE_IOERR_DIR_FSYNC (SQLITE_IOERR | (5<<8)) +#define SQLITE_IOERR_TRUNCATE (SQLITE_IOERR | (6<<8)) +#define SQLITE_IOERR_FSTAT (SQLITE_IOERR | (7<<8)) +#define SQLITE_IOERR_UNLOCK (SQLITE_IOERR | (8<<8)) +#define SQLITE_IOERR_RDLOCK (SQLITE_IOERR | (9<<8)) +#define SQLITE_IOERR_DELETE (SQLITE_IOERR | (10<<8)) +#define SQLITE_IOERR_BLOCKED (SQLITE_IOERR | (11<<8)) +#define SQLITE_IOERR_NOMEM (SQLITE_IOERR | (12<<8)) +#define SQLITE_IOERR_ACCESS (SQLITE_IOERR | (13<<8)) +#define SQLITE_IOERR_CHECKRESERVEDLOCK (SQLITE_IOERR | (14<<8)) +#define SQLITE_IOERR_LOCK (SQLITE_IOERR | (15<<8)) +#define SQLITE_IOERR_CLOSE (SQLITE_IOERR | (16<<8)) +#define SQLITE_IOERR_DIR_CLOSE (SQLITE_IOERR | (17<<8)) +#define SQLITE_LOCKED_SHAREDCACHE (SQLITE_LOCKED | (1<<8) ) + +/* +** CAPI3REF: Flags For File Open Operations +** +** These bit values are intended for use in the +** 3rd parameter to the [sqlite3_open_v2()] interface and +** in the 4th parameter to the xOpen method of the +** [sqlite3_vfs] object. +*/ +#define SQLITE_OPEN_READONLY 0x00000001 /* Ok for sqlite3_open_v2() */ +#define SQLITE_OPEN_READWRITE 0x00000002 /* Ok for sqlite3_open_v2() */ +#define SQLITE_OPEN_CREATE 0x00000004 /* Ok for sqlite3_open_v2() */ +#define SQLITE_OPEN_DELETEONCLOSE 0x00000008 /* VFS only */ +#define SQLITE_OPEN_EXCLUSIVE 0x00000010 /* VFS only */ +#define SQLITE_OPEN_AUTOPROXY 0x00000020 /* VFS only */ +#define SQLITE_OPEN_MAIN_DB 0x00000100 /* VFS only */ +#define SQLITE_OPEN_TEMP_DB 0x00000200 /* VFS only */ +#define SQLITE_OPEN_TRANSIENT_DB 0x00000400 /* VFS only */ +#define SQLITE_OPEN_MAIN_JOURNAL 0x00000800 /* VFS only */ +#define SQLITE_OPEN_TEMP_JOURNAL 0x00001000 /* VFS only */ +#define SQLITE_OPEN_SUBJOURNAL 0x00002000 /* VFS only */ +#define SQLITE_OPEN_MASTER_JOURNAL 0x00004000 /* VFS only */ +#define SQLITE_OPEN_NOMUTEX 0x00008000 /* Ok for sqlite3_open_v2() */ +#define SQLITE_OPEN_FULLMUTEX 0x00010000 /* Ok for sqlite3_open_v2() */ +#define SQLITE_OPEN_SHAREDCACHE 0x00020000 /* Ok for sqlite3_open_v2() */ +#define SQLITE_OPEN_PRIVATECACHE 0x00040000 /* Ok for sqlite3_open_v2() */ + +/* +** CAPI3REF: Device Characteristics +** +** The xDeviceCapabilities method of the [sqlite3_io_methods] +** object returns an integer which is a vector of the these +** bit values expressing I/O characteristics of the mass storage +** device that holds the file that the [sqlite3_io_methods] +** refers to. +** +** The SQLITE_IOCAP_ATOMIC property means that all writes of +** any size are atomic. The SQLITE_IOCAP_ATOMICnnn values +** mean that writes of blocks that are nnn bytes in size and +** are aligned to an address which is an integer multiple of +** nnn are atomic. The SQLITE_IOCAP_SAFE_APPEND value means +** that when data is appended to a file, the data is appended +** first then the size of the file is extended, never the other +** way around. The SQLITE_IOCAP_SEQUENTIAL property means that +** information is written to disk in the same order as calls +** to xWrite(). +*/ +#define SQLITE_IOCAP_ATOMIC 0x00000001 +#define SQLITE_IOCAP_ATOMIC512 0x00000002 +#define SQLITE_IOCAP_ATOMIC1K 0x00000004 +#define SQLITE_IOCAP_ATOMIC2K 0x00000008 +#define SQLITE_IOCAP_ATOMIC4K 0x00000010 +#define SQLITE_IOCAP_ATOMIC8K 0x00000020 +#define SQLITE_IOCAP_ATOMIC16K 0x00000040 +#define SQLITE_IOCAP_ATOMIC32K 0x00000080 +#define SQLITE_IOCAP_ATOMIC64K 0x00000100 +#define SQLITE_IOCAP_SAFE_APPEND 0x00000200 +#define SQLITE_IOCAP_SEQUENTIAL 0x00000400 + +/* +** CAPI3REF: File Locking Levels +** +** SQLite uses one of these integer values as the second +** argument to calls it makes to the xLock() and xUnlock() methods +** of an [sqlite3_io_methods] object. +*/ +#define SQLITE_LOCK_NONE 0 +#define SQLITE_LOCK_SHARED 1 +#define SQLITE_LOCK_RESERVED 2 +#define SQLITE_LOCK_PENDING 3 +#define SQLITE_LOCK_EXCLUSIVE 4 + +/* +** CAPI3REF: Synchronization Type Flags +** +** When SQLite invokes the xSync() method of an +** [sqlite3_io_methods] object it uses a combination of +** these integer values as the second argument. +** +** When the SQLITE_SYNC_DATAONLY flag is used, it means that the +** sync operation only needs to flush data to mass storage. Inode +** information need not be flushed. If the lower four bits of the flag +** equal SQLITE_SYNC_NORMAL, that means to use normal fsync() semantics. +** If the lower four bits equal SQLITE_SYNC_FULL, that means +** to use Mac OS X style fullsync instead of fsync(). +*/ +#define SQLITE_SYNC_NORMAL 0x00002 +#define SQLITE_SYNC_FULL 0x00003 +#define SQLITE_SYNC_DATAONLY 0x00010 + +/* +** CAPI3REF: OS Interface Open File Handle +** +** An [sqlite3_file] object represents an open file in the +** [sqlite3_vfs | OS interface layer]. Individual OS interface +** implementations will +** want to subclass this object by appending additional fields +** for their own use. The pMethods entry is a pointer to an +** [sqlite3_io_methods] object that defines methods for performing +** I/O operations on the open file. +*/ +typedef struct sqlite3_file sqlite3_file; +struct sqlite3_file { + const struct sqlite3_io_methods *pMethods; /* Methods for an open file */ +}; + +/* +** CAPI3REF: OS Interface File Virtual Methods Object +** +** Every file opened by the [sqlite3_vfs] xOpen method populates an +** [sqlite3_file] object (or, more commonly, a subclass of the +** [sqlite3_file] object) with a pointer to an instance of this object. +** This object defines the methods used to perform various operations +** against the open file represented by the [sqlite3_file] object. +** +** If the xOpen method sets the sqlite3_file.pMethods element +** to a non-NULL pointer, then the sqlite3_io_methods.xClose method +** may be invoked even if the xOpen reported that it failed. The +** only way to prevent a call to xClose following a failed xOpen +** is for the xOpen to set the sqlite3_file.pMethods element to NULL. +** +** The flags argument to xSync may be one of [SQLITE_SYNC_NORMAL] or +** [SQLITE_SYNC_FULL]. The first choice is the normal fsync(). +** The second choice is a Mac OS X style fullsync. The [SQLITE_SYNC_DATAONLY] +** flag may be ORed in to indicate that only the data of the file +** and not its inode needs to be synced. +** +** The integer values to xLock() and xUnlock() are one of +**
    +**
  • [SQLITE_LOCK_NONE], +**
  • [SQLITE_LOCK_SHARED], +**
  • [SQLITE_LOCK_RESERVED], +**
  • [SQLITE_LOCK_PENDING], or +**
  • [SQLITE_LOCK_EXCLUSIVE]. +**
+** xLock() increases the lock. xUnlock() decreases the lock. +** The xCheckReservedLock() method checks whether any database connection, +** either in this process or in some other process, is holding a RESERVED, +** PENDING, or EXCLUSIVE lock on the file. It returns true +** if such a lock exists and false otherwise. +** +** The xFileControl() method is a generic interface that allows custom +** VFS implementations to directly control an open file using the +** [sqlite3_file_control()] interface. The second "op" argument is an +** integer opcode. The third argument is a generic pointer intended to +** point to a structure that may contain arguments or space in which to +** write return values. Potential uses for xFileControl() might be +** functions to enable blocking locks with timeouts, to change the +** locking strategy (for example to use dot-file locks), to inquire +** about the status of a lock, or to break stale locks. The SQLite +** core reserves all opcodes less than 100 for its own use. +** A [SQLITE_FCNTL_LOCKSTATE | list of opcodes] less than 100 is available. +** Applications that define a custom xFileControl method should use opcodes +** greater than 100 to avoid conflicts. +** +** The xSectorSize() method returns the sector size of the +** device that underlies the file. The sector size is the +** minimum write that can be performed without disturbing +** other bytes in the file. The xDeviceCharacteristics() +** method returns a bit vector describing behaviors of the +** underlying device: +** +**
    +**
  • [SQLITE_IOCAP_ATOMIC] +**
  • [SQLITE_IOCAP_ATOMIC512] +**
  • [SQLITE_IOCAP_ATOMIC1K] +**
  • [SQLITE_IOCAP_ATOMIC2K] +**
  • [SQLITE_IOCAP_ATOMIC4K] +**
  • [SQLITE_IOCAP_ATOMIC8K] +**
  • [SQLITE_IOCAP_ATOMIC16K] +**
  • [SQLITE_IOCAP_ATOMIC32K] +**
  • [SQLITE_IOCAP_ATOMIC64K] +**
  • [SQLITE_IOCAP_SAFE_APPEND] +**
  • [SQLITE_IOCAP_SEQUENTIAL] +**
+** +** The SQLITE_IOCAP_ATOMIC property means that all writes of +** any size are atomic. The SQLITE_IOCAP_ATOMICnnn values +** mean that writes of blocks that are nnn bytes in size and +** are aligned to an address which is an integer multiple of +** nnn are atomic. The SQLITE_IOCAP_SAFE_APPEND value means +** that when data is appended to a file, the data is appended +** first then the size of the file is extended, never the other +** way around. The SQLITE_IOCAP_SEQUENTIAL property means that +** information is written to disk in the same order as calls +** to xWrite(). +** +** If xRead() returns SQLITE_IOERR_SHORT_READ it must also fill +** in the unread portions of the buffer with zeros. A VFS that +** fails to zero-fill short reads might seem to work. However, +** failure to zero-fill short reads will eventually lead to +** database corruption. +*/ +typedef struct sqlite3_io_methods sqlite3_io_methods; +struct sqlite3_io_methods { + int iVersion; + int (*xClose)(sqlite3_file*); + int (*xRead)(sqlite3_file*, void*, int iAmt, sqlite3_int64 iOfst); + int (*xWrite)(sqlite3_file*, const void*, int iAmt, sqlite3_int64 iOfst); + int (*xTruncate)(sqlite3_file*, sqlite3_int64 size); + int (*xSync)(sqlite3_file*, int flags); + int (*xFileSize)(sqlite3_file*, sqlite3_int64 *pSize); + int (*xLock)(sqlite3_file*, int); + int (*xUnlock)(sqlite3_file*, int); + int (*xCheckReservedLock)(sqlite3_file*, int *pResOut); + int (*xFileControl)(sqlite3_file*, int op, void *pArg); + int (*xSectorSize)(sqlite3_file*); + int (*xDeviceCharacteristics)(sqlite3_file*); + /* Additional methods may be added in future releases */ +}; + +/* +** CAPI3REF: Standard File Control Opcodes +** +** These integer constants are opcodes for the xFileControl method +** of the [sqlite3_io_methods] object and for the [sqlite3_file_control()] +** interface. +** +** The [SQLITE_FCNTL_LOCKSTATE] opcode is used for debugging. This +** opcode causes the xFileControl method to write the current state of +** the lock (one of [SQLITE_LOCK_NONE], [SQLITE_LOCK_SHARED], +** [SQLITE_LOCK_RESERVED], [SQLITE_LOCK_PENDING], or [SQLITE_LOCK_EXCLUSIVE]) +** into an integer that the pArg argument points to. This capability +** is used during testing and only needs to be supported when SQLITE_TEST +** is defined. +*/ +#define SQLITE_FCNTL_LOCKSTATE 1 +#define SQLITE_GET_LOCKPROXYFILE 2 +#define SQLITE_SET_LOCKPROXYFILE 3 +#define SQLITE_LAST_ERRNO 4 + +/* +** CAPI3REF: Mutex Handle +** +** The mutex module within SQLite defines [sqlite3_mutex] to be an +** abstract type for a mutex object. The SQLite core never looks +** at the internal representation of an [sqlite3_mutex]. It only +** deals with pointers to the [sqlite3_mutex] object. +** +** Mutexes are created using [sqlite3_mutex_alloc()]. +*/ +typedef struct sqlite3_mutex sqlite3_mutex; + +/* +** CAPI3REF: OS Interface Object +** +** An instance of the sqlite3_vfs object defines the interface between +** the SQLite core and the underlying operating system. The "vfs" +** in the name of the object stands for "virtual file system". +** +** The value of the iVersion field is initially 1 but may be larger in +** future versions of SQLite. Additional fields may be appended to this +** object when the iVersion value is increased. Note that the structure +** of the sqlite3_vfs object changes in the transaction between +** SQLite version 3.5.9 and 3.6.0 and yet the iVersion field was not +** modified. +** +** The szOsFile field is the size of the subclassed [sqlite3_file] +** structure used by this VFS. mxPathname is the maximum length of +** a pathname in this VFS. +** +** Registered sqlite3_vfs objects are kept on a linked list formed by +** the pNext pointer. The [sqlite3_vfs_register()] +** and [sqlite3_vfs_unregister()] interfaces manage this list +** in a thread-safe way. The [sqlite3_vfs_find()] interface +** searches the list. Neither the application code nor the VFS +** implementation should use the pNext pointer. +** +** The pNext field is the only field in the sqlite3_vfs +** structure that SQLite will ever modify. SQLite will only access +** or modify this field while holding a particular static mutex. +** The application should never modify anything within the sqlite3_vfs +** object once the object has been registered. +** +** The zName field holds the name of the VFS module. The name must +** be unique across all VFS modules. +** +** SQLite will guarantee that the zFilename parameter to xOpen +** is either a NULL pointer or string obtained +** from xFullPathname(). SQLite further guarantees that +** the string will be valid and unchanged until xClose() is +** called. Because of the previous sentence, +** the [sqlite3_file] can safely store a pointer to the +** filename if it needs to remember the filename for some reason. +** If the zFilename parameter is xOpen is a NULL pointer then xOpen +** must invent its own temporary name for the file. Whenever the +** xFilename parameter is NULL it will also be the case that the +** flags parameter will include [SQLITE_OPEN_DELETEONCLOSE]. +** +** The flags argument to xOpen() includes all bits set in +** the flags argument to [sqlite3_open_v2()]. Or if [sqlite3_open()] +** or [sqlite3_open16()] is used, then flags includes at least +** [SQLITE_OPEN_READWRITE] | [SQLITE_OPEN_CREATE]. +** If xOpen() opens a file read-only then it sets *pOutFlags to +** include [SQLITE_OPEN_READONLY]. Other bits in *pOutFlags may be set. +** +** SQLite will also add one of the following flags to the xOpen() +** call, depending on the object being opened: +** +**
    +**
  • [SQLITE_OPEN_MAIN_DB] +**
  • [SQLITE_OPEN_MAIN_JOURNAL] +**
  • [SQLITE_OPEN_TEMP_DB] +**
  • [SQLITE_OPEN_TEMP_JOURNAL] +**
  • [SQLITE_OPEN_TRANSIENT_DB] +**
  • [SQLITE_OPEN_SUBJOURNAL] +**
  • [SQLITE_OPEN_MASTER_JOURNAL] +**
+** +** The file I/O implementation can use the object type flags to +** change the way it deals with files. For example, an application +** that does not care about crash recovery or rollback might make +** the open of a journal file a no-op. Writes to this journal would +** also be no-ops, and any attempt to read the journal would return +** SQLITE_IOERR. Or the implementation might recognize that a database +** file will be doing page-aligned sector reads and writes in a random +** order and set up its I/O subsystem accordingly. +** +** SQLite might also add one of the following flags to the xOpen method: +** +**
    +**
  • [SQLITE_OPEN_DELETEONCLOSE] +**
  • [SQLITE_OPEN_EXCLUSIVE] +**
+** +** The [SQLITE_OPEN_DELETEONCLOSE] flag means the file should be +** deleted when it is closed. The [SQLITE_OPEN_DELETEONCLOSE] +** will be set for TEMP databases, journals and for subjournals. +** +** The [SQLITE_OPEN_EXCLUSIVE] flag is always used in conjunction +** with the [SQLITE_OPEN_CREATE] flag, which are both directly +** analogous to the O_EXCL and O_CREAT flags of the POSIX open() +** API. The SQLITE_OPEN_EXCLUSIVE flag, when paired with the +** SQLITE_OPEN_CREATE, is used to indicate that file should always +** be created, and that it is an error if it already exists. +** It is not used to indicate the file should be opened +** for exclusive access. +** +** At least szOsFile bytes of memory are allocated by SQLite +** to hold the [sqlite3_file] structure passed as the third +** argument to xOpen. The xOpen method does not have to +** allocate the structure; it should just fill it in. Note that +** the xOpen method must set the sqlite3_file.pMethods to either +** a valid [sqlite3_io_methods] object or to NULL. xOpen must do +** this even if the open fails. SQLite expects that the sqlite3_file.pMethods +** element will be valid after xOpen returns regardless of the success +** or failure of the xOpen call. +** +** The flags argument to xAccess() may be [SQLITE_ACCESS_EXISTS] +** to test for the existence of a file, or [SQLITE_ACCESS_READWRITE] to +** test whether a file is readable and writable, or [SQLITE_ACCESS_READ] +** to test whether a file is at least readable. The file can be a +** directory. +** +** SQLite will always allocate at least mxPathname+1 bytes for the +** output buffer xFullPathname. The exact size of the output buffer +** is also passed as a parameter to both methods. If the output buffer +** is not large enough, [SQLITE_CANTOPEN] should be returned. Since this is +** handled as a fatal error by SQLite, vfs implementations should endeavor +** to prevent this by setting mxPathname to a sufficiently large value. +** +** The xRandomness(), xSleep(), and xCurrentTime() interfaces +** are not strictly a part of the filesystem, but they are +** included in the VFS structure for completeness. +** The xRandomness() function attempts to return nBytes bytes +** of good-quality randomness into zOut. The return value is +** the actual number of bytes of randomness obtained. +** The xSleep() method causes the calling thread to sleep for at +** least the number of microseconds given. The xCurrentTime() +** method returns a Julian Day Number for the current date and time. +** +*/ +typedef struct sqlite3_vfs sqlite3_vfs; +struct sqlite3_vfs { + int iVersion; /* Structure version number */ + int szOsFile; /* Size of subclassed sqlite3_file */ + int mxPathname; /* Maximum file pathname length */ + sqlite3_vfs *pNext; /* Next registered VFS */ + const char *zName; /* Name of this virtual file system */ + void *pAppData; /* Pointer to application-specific data */ + int (*xOpen)(sqlite3_vfs*, const char *zName, sqlite3_file*, + int flags, int *pOutFlags); + int (*xDelete)(sqlite3_vfs*, const char *zName, int syncDir); + int (*xAccess)(sqlite3_vfs*, const char *zName, int flags, int *pResOut); + int (*xFullPathname)(sqlite3_vfs*, const char *zName, int nOut, char *zOut); + void *(*xDlOpen)(sqlite3_vfs*, const char *zFilename); + void (*xDlError)(sqlite3_vfs*, int nByte, char *zErrMsg); + void (*(*xDlSym)(sqlite3_vfs*,void*, const char *zSymbol))(void); + void (*xDlClose)(sqlite3_vfs*, void*); + int (*xRandomness)(sqlite3_vfs*, int nByte, char *zOut); + int (*xSleep)(sqlite3_vfs*, int microseconds); + int (*xCurrentTime)(sqlite3_vfs*, double*); + int (*xGetLastError)(sqlite3_vfs*, int, char *); + /* New fields may be appended in figure versions. The iVersion + ** value will increment whenever this happens. */ +}; + +/* +** CAPI3REF: Flags for the xAccess VFS method +** +** These integer constants can be used as the third parameter to +** the xAccess method of an [sqlite3_vfs] object. They determine +** what kind of permissions the xAccess method is looking for. +** With SQLITE_ACCESS_EXISTS, the xAccess method +** simply checks whether the file exists. +** With SQLITE_ACCESS_READWRITE, the xAccess method +** checks whether the file is both readable and writable. +** With SQLITE_ACCESS_READ, the xAccess method +** checks whether the file is readable. +*/ +#define SQLITE_ACCESS_EXISTS 0 +#define SQLITE_ACCESS_READWRITE 1 +#define SQLITE_ACCESS_READ 2 + +/* +** CAPI3REF: Initialize The SQLite Library +** +** ^The sqlite3_initialize() routine initializes the +** SQLite library. ^The sqlite3_shutdown() routine +** deallocates any resources that were allocated by sqlite3_initialize(). +** These routines are designed to aid in process initialization and +** shutdown on embedded systems. Workstation applications using +** SQLite normally do not need to invoke either of these routines. +** +** A call to sqlite3_initialize() is an "effective" call if it is +** the first time sqlite3_initialize() is invoked during the lifetime of +** the process, or if it is the first time sqlite3_initialize() is invoked +** following a call to sqlite3_shutdown(). ^(Only an effective call +** of sqlite3_initialize() does any initialization. All other calls +** are harmless no-ops.)^ +** +** A call to sqlite3_shutdown() is an "effective" call if it is the first +** call to sqlite3_shutdown() since the last sqlite3_initialize(). ^(Only +** an effective call to sqlite3_shutdown() does any deinitialization. +** All other valid calls to sqlite3_shutdown() are harmless no-ops.)^ +** +** The sqlite3_initialize() interface is threadsafe, but sqlite3_shutdown() +** is not. The sqlite3_shutdown() interface must only be called from a +** single thread. All open [database connections] must be closed and all +** other SQLite resources must be deallocated prior to invoking +** sqlite3_shutdown(). +** +** Among other things, ^sqlite3_initialize() will invoke +** sqlite3_os_init(). Similarly, ^sqlite3_shutdown() +** will invoke sqlite3_os_end(). +** +** ^The sqlite3_initialize() routine returns [SQLITE_OK] on success. +** ^If for some reason, sqlite3_initialize() is unable to initialize +** the library (perhaps it is unable to allocate a needed resource such +** as a mutex) it returns an [error code] other than [SQLITE_OK]. +** +** ^The sqlite3_initialize() routine is called internally by many other +** SQLite interfaces so that an application usually does not need to +** invoke sqlite3_initialize() directly. For example, [sqlite3_open()] +** calls sqlite3_initialize() so the SQLite library will be automatically +** initialized when [sqlite3_open()] is called if it has not be initialized +** already. ^However, if SQLite is compiled with the [SQLITE_OMIT_AUTOINIT] +** compile-time option, then the automatic calls to sqlite3_initialize() +** are omitted and the application must call sqlite3_initialize() directly +** prior to using any other SQLite interface. For maximum portability, +** it is recommended that applications always invoke sqlite3_initialize() +** directly prior to using any other SQLite interface. Future releases +** of SQLite may require this. In other words, the behavior exhibited +** when SQLite is compiled with [SQLITE_OMIT_AUTOINIT] might become the +** default behavior in some future release of SQLite. +** +** The sqlite3_os_init() routine does operating-system specific +** initialization of the SQLite library. The sqlite3_os_end() +** routine undoes the effect of sqlite3_os_init(). Typical tasks +** performed by these routines include allocation or deallocation +** of static resources, initialization of global variables, +** setting up a default [sqlite3_vfs] module, or setting up +** a default configuration using [sqlite3_config()]. +** +** The application should never invoke either sqlite3_os_init() +** or sqlite3_os_end() directly. The application should only invoke +** sqlite3_initialize() and sqlite3_shutdown(). The sqlite3_os_init() +** interface is called automatically by sqlite3_initialize() and +** sqlite3_os_end() is called by sqlite3_shutdown(). Appropriate +** implementations for sqlite3_os_init() and sqlite3_os_end() +** are built into SQLite when it is compiled for Unix, Windows, or OS/2. +** When [custom builds | built for other platforms] +** (using the [SQLITE_OS_OTHER=1] compile-time +** option) the application must supply a suitable implementation for +** sqlite3_os_init() and sqlite3_os_end(). An application-supplied +** implementation of sqlite3_os_init() or sqlite3_os_end() +** must return [SQLITE_OK] on success and some other [error code] upon +** failure. +*/ +SQLITE_API int sqlite3_initialize(void); +SQLITE_API int sqlite3_shutdown(void); +SQLITE_API int sqlite3_os_init(void); +SQLITE_API int sqlite3_os_end(void); + +/* +** CAPI3REF: Configuring The SQLite Library +** +** The sqlite3_config() interface is used to make global configuration +** changes to SQLite in order to tune SQLite to the specific needs of +** the application. The default configuration is recommended for most +** applications and so this routine is usually not necessary. It is +** provided to support rare applications with unusual needs. +** +** The sqlite3_config() interface is not threadsafe. The application +** must insure that no other SQLite interfaces are invoked by other +** threads while sqlite3_config() is running. Furthermore, sqlite3_config() +** may only be invoked prior to library initialization using +** [sqlite3_initialize()] or after shutdown by [sqlite3_shutdown()]. +** ^If sqlite3_config() is called after [sqlite3_initialize()] and before +** [sqlite3_shutdown()] then it will return SQLITE_MISUSE. +** Note, however, that ^sqlite3_config() can be called as part of the +** implementation of an application-defined [sqlite3_os_init()]. +** +** The first argument to sqlite3_config() is an integer +** [SQLITE_CONFIG_SINGLETHREAD | configuration option] that determines +** what property of SQLite is to be configured. Subsequent arguments +** vary depending on the [SQLITE_CONFIG_SINGLETHREAD | configuration option] +** in the first argument. +** +** ^When a configuration option is set, sqlite3_config() returns [SQLITE_OK]. +** ^If the option is unknown or SQLite is unable to set the option +** then this routine returns a non-zero [error code]. +*/ +SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_config(int, ...); + +/* +** CAPI3REF: Configure database connections +** EXPERIMENTAL +** +** The sqlite3_db_config() interface is used to make configuration +** changes to a [database connection]. The interface is similar to +** [sqlite3_config()] except that the changes apply to a single +** [database connection] (specified in the first argument). The +** sqlite3_db_config() interface should only be used immediately after +** the database connection is created using [sqlite3_open()], +** [sqlite3_open16()], or [sqlite3_open_v2()]. +** +** The second argument to sqlite3_db_config(D,V,...) is the +** configuration verb - an integer code that indicates what +** aspect of the [database connection] is being configured. +** The only choice for this value is [SQLITE_DBCONFIG_LOOKASIDE]. +** New verbs are likely to be added in future releases of SQLite. +** Additional arguments depend on the verb. +** +** ^Calls to sqlite3_db_config() return SQLITE_OK if and only if +** the call is considered successful. +*/ +SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_db_config(sqlite3*, int op, ...); + +/* +** CAPI3REF: Memory Allocation Routines +** EXPERIMENTAL +** +** An instance of this object defines the interface between SQLite +** and low-level memory allocation routines. +** +** This object is used in only one place in the SQLite interface. +** A pointer to an instance of this object is the argument to +** [sqlite3_config()] when the configuration option is +** [SQLITE_CONFIG_MALLOC] or [SQLITE_CONFIG_GETMALLOC]. +** By creating an instance of this object +** and passing it to [sqlite3_config]([SQLITE_CONFIG_MALLOC]) +** during configuration, an application can specify an alternative +** memory allocation subsystem for SQLite to use for all of its +** dynamic memory needs. +** +** Note that SQLite comes with several [built-in memory allocators] +** that are perfectly adequate for the overwhelming majority of applications +** and that this object is only useful to a tiny minority of applications +** with specialized memory allocation requirements. This object is +** also used during testing of SQLite in order to specify an alternative +** memory allocator that simulates memory out-of-memory conditions in +** order to verify that SQLite recovers gracefully from such +** conditions. +** +** The xMalloc and xFree methods must work like the +** malloc() and free() functions from the standard C library. +** The xRealloc method must work like realloc() from the standard C library +** with the exception that if the second argument to xRealloc is zero, +** xRealloc must be a no-op - it must not perform any allocation or +** deallocation. ^SQLite guarantees that the second argument to +** xRealloc is always a value returned by a prior call to xRoundup. +** And so in cases where xRoundup always returns a positive number, +** xRealloc can perform exactly as the standard library realloc() and +** still be in compliance with this specification. +** +** xSize should return the allocated size of a memory allocation +** previously obtained from xMalloc or xRealloc. The allocated size +** is always at least as big as the requested size but may be larger. +** +** The xRoundup method returns what would be the allocated size of +** a memory allocation given a particular requested size. Most memory +** allocators round up memory allocations at least to the next multiple +** of 8. Some allocators round up to a larger multiple or to a power of 2. +** Every memory allocation request coming in through [sqlite3_malloc()] +** or [sqlite3_realloc()] first calls xRoundup. If xRoundup returns 0, +** that causes the corresponding memory allocation to fail. +** +** The xInit method initializes the memory allocator. (For example, +** it might allocate any require mutexes or initialize internal data +** structures. The xShutdown method is invoked (indirectly) by +** [sqlite3_shutdown()] and should deallocate any resources acquired +** by xInit. The pAppData pointer is used as the only parameter to +** xInit and xShutdown. +** +** SQLite holds the [SQLITE_MUTEX_STATIC_MASTER] mutex when it invokes +** the xInit method, so the xInit method need not be threadsafe. The +** xShutdown method is only called from [sqlite3_shutdown()] so it does +** not need to be threadsafe either. For all other methods, SQLite +** holds the [SQLITE_MUTEX_STATIC_MEM] mutex as long as the +** [SQLITE_CONFIG_MEMSTATUS] configuration option is turned on (which +** it is by default) and so the methods are automatically serialized. +** However, if [SQLITE_CONFIG_MEMSTATUS] is disabled, then the other +** methods must be threadsafe or else make their own arrangements for +** serialization. +** +** SQLite will never invoke xInit() more than once without an intervening +** call to xShutdown(). +*/ +typedef struct sqlite3_mem_methods sqlite3_mem_methods; +struct sqlite3_mem_methods { + void *(*xMalloc)(int); /* Memory allocation function */ + void (*xFree)(void*); /* Free a prior allocation */ + void *(*xRealloc)(void*,int); /* Resize an allocation */ + int (*xSize)(void*); /* Return the size of an allocation */ + int (*xRoundup)(int); /* Round up request size to allocation size */ + int (*xInit)(void*); /* Initialize the memory allocator */ + void (*xShutdown)(void*); /* Deinitialize the memory allocator */ + void *pAppData; /* Argument to xInit() and xShutdown() */ +}; + +/* +** CAPI3REF: Configuration Options +** EXPERIMENTAL +** +** These constants are the available integer configuration options that +** can be passed as the first argument to the [sqlite3_config()] interface. +** +** New configuration options may be added in future releases of SQLite. +** Existing configuration options might be discontinued. Applications +** should check the return code from [sqlite3_config()] to make sure that +** the call worked. The [sqlite3_config()] interface will return a +** non-zero [error code] if a discontinued or unsupported configuration option +** is invoked. +** +**
+**
SQLITE_CONFIG_SINGLETHREAD
+**
There are no arguments to this option. ^This option sets the +** [threading mode] to Single-thread. In other words, it disables +** all mutexing and puts SQLite into a mode where it can only be used +** by a single thread. ^If SQLite is compiled with +** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then +** it is not possible to change the [threading mode] from its default +** value of Single-thread and so [sqlite3_config()] will return +** [SQLITE_ERROR] if called with the SQLITE_CONFIG_SINGLETHREAD +** configuration option.
+** +**
SQLITE_CONFIG_MULTITHREAD
+**
There are no arguments to this option. ^This option sets the +** [threading mode] to Multi-thread. In other words, it disables +** mutexing on [database connection] and [prepared statement] objects. +** The application is responsible for serializing access to +** [database connections] and [prepared statements]. But other mutexes +** are enabled so that SQLite will be safe to use in a multi-threaded +** environment as long as no two threads attempt to use the same +** [database connection] at the same time. ^If SQLite is compiled with +** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then +** it is not possible to set the Multi-thread [threading mode] and +** [sqlite3_config()] will return [SQLITE_ERROR] if called with the +** SQLITE_CONFIG_MULTITHREAD configuration option.
+** +**
SQLITE_CONFIG_SERIALIZED
+**
There are no arguments to this option. ^This option sets the +** [threading mode] to Serialized. In other words, this option enables +** all mutexes including the recursive +** mutexes on [database connection] and [prepared statement] objects. +** In this mode (which is the default when SQLite is compiled with +** [SQLITE_THREADSAFE=1]) the SQLite library will itself serialize access +** to [database connections] and [prepared statements] so that the +** application is free to use the same [database connection] or the +** same [prepared statement] in different threads at the same time. +** ^If SQLite is compiled with +** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then +** it is not possible to set the Serialized [threading mode] and +** [sqlite3_config()] will return [SQLITE_ERROR] if called with the +** SQLITE_CONFIG_SERIALIZED configuration option.
+** +**
SQLITE_CONFIG_MALLOC
+**
^(This option takes a single argument which is a pointer to an +** instance of the [sqlite3_mem_methods] structure. The argument specifies +** alternative low-level memory allocation routines to be used in place of +** the memory allocation routines built into SQLite.)^ ^SQLite makes +** its own private copy of the content of the [sqlite3_mem_methods] structure +** before the [sqlite3_config()] call returns.
+** +**
SQLITE_CONFIG_GETMALLOC
+**
^(This option takes a single argument which is a pointer to an +** instance of the [sqlite3_mem_methods] structure. The [sqlite3_mem_methods] +** structure is filled with the currently defined memory allocation routines.)^ +** This option can be used to overload the default memory allocation +** routines with a wrapper that simulations memory allocation failure or +** tracks memory usage, for example.
+** +**
SQLITE_CONFIG_MEMSTATUS
+**
^This option takes single argument of type int, interpreted as a +** boolean, which enables or disables the collection of memory allocation +** statistics. ^(When memory allocation statistics are disabled, the +** following SQLite interfaces become non-operational: +**
    +**
  • [sqlite3_memory_used()] +**
  • [sqlite3_memory_highwater()] +**
  • [sqlite3_soft_heap_limit()] +**
  • [sqlite3_status()] +**
)^ +** ^Memory allocation statistics are enabled by default unless SQLite is +** compiled with [SQLITE_DEFAULT_MEMSTATUS]=0 in which case memory +** allocation statistics are disabled by default. +**
+** +**
SQLITE_CONFIG_SCRATCH
+**
^This option specifies a static memory buffer that SQLite can use for +** scratch memory. There are three arguments: A pointer an 8-byte +** aligned memory buffer from which the scrach allocations will be +** drawn, the size of each scratch allocation (sz), +** and the maximum number of scratch allocations (N). The sz +** argument must be a multiple of 16. The sz parameter should be a few bytes +** larger than the actual scratch space required due to internal overhead. +** The first argument must be a pointer to an 8-byte aligned buffer +** of at least sz*N bytes of memory. +** ^SQLite will use no more than one scratch buffer per thread. So +** N should be set to the expected maximum number of threads. ^SQLite will +** never require a scratch buffer that is more than 6 times the database +** page size. ^If SQLite needs needs additional scratch memory beyond +** what is provided by this configuration option, then +** [sqlite3_malloc()] will be used to obtain the memory needed.
+** +**
SQLITE_CONFIG_PAGECACHE
+**
^This option specifies a static memory buffer that SQLite can use for +** the database page cache with the default page cache implemenation. +** This configuration should not be used if an application-define page +** cache implementation is loaded using the SQLITE_CONFIG_PCACHE option. +** There are three arguments to this option: A pointer to 8-byte aligned +** memory, the size of each page buffer (sz), and the number of pages (N). +** The sz argument should be the size of the largest database page +** (a power of two between 512 and 32768) plus a little extra for each +** page header. ^The page header size is 20 to 40 bytes depending on +** the host architecture. ^It is harmless, apart from the wasted memory, +** to make sz a little too large. The first +** argument should point to an allocation of at least sz*N bytes of memory. +** ^SQLite will use the memory provided by the first argument to satisfy its +** memory needs for the first N pages that it adds to cache. ^If additional +** page cache memory is needed beyond what is provided by this option, then +** SQLite goes to [sqlite3_malloc()] for the additional storage space. +** ^The implementation might use one or more of the N buffers to hold +** memory accounting information. The pointer in the first argument must +** be aligned to an 8-byte boundary or subsequent behavior of SQLite +** will be undefined.
+** +**
SQLITE_CONFIG_HEAP
+**
^This option specifies a static memory buffer that SQLite will use +** for all of its dynamic memory allocation needs beyond those provided +** for by [SQLITE_CONFIG_SCRATCH] and [SQLITE_CONFIG_PAGECACHE]. +** There are three arguments: An 8-byte aligned pointer to the memory, +** the number of bytes in the memory buffer, and the minimum allocation size. +** ^If the first pointer (the memory pointer) is NULL, then SQLite reverts +** to using its default memory allocator (the system malloc() implementation), +** undoing any prior invocation of [SQLITE_CONFIG_MALLOC]. ^If the +** memory pointer is not NULL and either [SQLITE_ENABLE_MEMSYS3] or +** [SQLITE_ENABLE_MEMSYS5] are defined, then the alternative memory +** allocator is engaged to handle all of SQLites memory allocation needs. +** The first pointer (the memory pointer) must be aligned to an 8-byte +** boundary or subsequent behavior of SQLite will be undefined.
+** +**
SQLITE_CONFIG_MUTEX
+**
^(This option takes a single argument which is a pointer to an +** instance of the [sqlite3_mutex_methods] structure. The argument specifies +** alternative low-level mutex routines to be used in place +** the mutex routines built into SQLite.)^ ^SQLite makes a copy of the +** content of the [sqlite3_mutex_methods] structure before the call to +** [sqlite3_config()] returns. ^If SQLite is compiled with +** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then +** the entire mutexing subsystem is omitted from the build and hence calls to +** [sqlite3_config()] with the SQLITE_CONFIG_MUTEX configuration option will +** return [SQLITE_ERROR].
+** +**
SQLITE_CONFIG_GETMUTEX
+**
^(This option takes a single argument which is a pointer to an +** instance of the [sqlite3_mutex_methods] structure. The +** [sqlite3_mutex_methods] +** structure is filled with the currently defined mutex routines.)^ +** This option can be used to overload the default mutex allocation +** routines with a wrapper used to track mutex usage for performance +** profiling or testing, for example. ^If SQLite is compiled with +** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then +** the entire mutexing subsystem is omitted from the build and hence calls to +** [sqlite3_config()] with the SQLITE_CONFIG_GETMUTEX configuration option will +** return [SQLITE_ERROR].
+** +**
SQLITE_CONFIG_LOOKASIDE
+**
^(This option takes two arguments that determine the default +** memory allocation for the lookaside memory allocator on each +** [database connection]. The first argument is the +** size of each lookaside buffer slot and the second is the number of +** slots allocated to each database connection.)^ ^(This option sets the +** default lookaside size. The [SQLITE_DBCONFIG_LOOKASIDE] +** verb to [sqlite3_db_config()] can be used to change the lookaside +** configuration on individual connections.)^
+** +**
SQLITE_CONFIG_PCACHE
+**
^(This option takes a single argument which is a pointer to +** an [sqlite3_pcache_methods] object. This object specifies the interface +** to a custom page cache implementation.)^ ^SQLite makes a copy of the +** object and uses it for page cache memory allocations.
+** +**
SQLITE_CONFIG_GETPCACHE
+**
^(This option takes a single argument which is a pointer to an +** [sqlite3_pcache_methods] object. SQLite copies of the current +** page cache implementation into that object.)^
+** +**
+*/ +#define SQLITE_CONFIG_SINGLETHREAD 1 /* nil */ +#define SQLITE_CONFIG_MULTITHREAD 2 /* nil */ +#define SQLITE_CONFIG_SERIALIZED 3 /* nil */ +#define SQLITE_CONFIG_MALLOC 4 /* sqlite3_mem_methods* */ +#define SQLITE_CONFIG_GETMALLOC 5 /* sqlite3_mem_methods* */ +#define SQLITE_CONFIG_SCRATCH 6 /* void*, int sz, int N */ +#define SQLITE_CONFIG_PAGECACHE 7 /* void*, int sz, int N */ +#define SQLITE_CONFIG_HEAP 8 /* void*, int nByte, int min */ +#define SQLITE_CONFIG_MEMSTATUS 9 /* boolean */ +#define SQLITE_CONFIG_MUTEX 10 /* sqlite3_mutex_methods* */ +#define SQLITE_CONFIG_GETMUTEX 11 /* sqlite3_mutex_methods* */ +/* previously SQLITE_CONFIG_CHUNKALLOC 12 which is now unused. */ +#define SQLITE_CONFIG_LOOKASIDE 13 /* int int */ +#define SQLITE_CONFIG_PCACHE 14 /* sqlite3_pcache_methods* */ +#define SQLITE_CONFIG_GETPCACHE 15 /* sqlite3_pcache_methods* */ +#define SQLITE_CONFIG_LOG 16 /* xFunc, void* */ + +/* +** CAPI3REF: Configuration Options +** EXPERIMENTAL +** +** These constants are the available integer configuration options that +** can be passed as the second argument to the [sqlite3_db_config()] interface. +** +** New configuration options may be added in future releases of SQLite. +** Existing configuration options might be discontinued. Applications +** should check the return code from [sqlite3_db_config()] to make sure that +** the call worked. ^The [sqlite3_db_config()] interface will return a +** non-zero [error code] if a discontinued or unsupported configuration option +** is invoked. +** +**
+**
SQLITE_DBCONFIG_LOOKASIDE
+**
^This option takes three additional arguments that determine the +** [lookaside memory allocator] configuration for the [database connection]. +** ^The first argument (the third parameter to [sqlite3_db_config()] is a +** pointer to an memory buffer to use for lookaside memory. +** ^The first argument after the SQLITE_DBCONFIG_LOOKASIDE verb +** may be NULL in which case SQLite will allocate the +** lookaside buffer itself using [sqlite3_malloc()]. ^The second argument is the +** size of each lookaside buffer slot. ^The third argument is the number of +** slots. The size of the buffer in the first argument must be greater than +** or equal to the product of the second and third arguments. The buffer +** must be aligned to an 8-byte boundary. ^If the second argument to +** SQLITE_DBCONFIG_LOOKASIDE is not a multiple of 8, it is internally +** rounded down to the next smaller +** multiple of 8. See also: [SQLITE_CONFIG_LOOKASIDE]
+** +**
+*/ +#define SQLITE_DBCONFIG_LOOKASIDE 1001 /* void* int int */ + + +/* +** CAPI3REF: Enable Or Disable Extended Result Codes +** +** ^The sqlite3_extended_result_codes() routine enables or disables the +** [extended result codes] feature of SQLite. ^The extended result +** codes are disabled by default for historical compatibility. +*/ +SQLITE_API int sqlite3_extended_result_codes(sqlite3*, int onoff); + +/* +** CAPI3REF: Last Insert Rowid +** +** ^Each entry in an SQLite table has a unique 64-bit signed +** integer key called the [ROWID | "rowid"]. ^The rowid is always available +** as an undeclared column named ROWID, OID, or _ROWID_ as long as those +** names are not also used by explicitly declared columns. ^If +** the table has a column of type [INTEGER PRIMARY KEY] then that column +** is another alias for the rowid. +** +** ^This routine returns the [rowid] of the most recent +** successful [INSERT] into the database from the [database connection] +** in the first argument. ^If no successful [INSERT]s +** have ever occurred on that database connection, zero is returned. +** +** ^(If an [INSERT] occurs within a trigger, then the [rowid] of the inserted +** row is returned by this routine as long as the trigger is running. +** But once the trigger terminates, the value returned by this routine +** reverts to the last value inserted before the trigger fired.)^ +** +** ^An [INSERT] that fails due to a constraint violation is not a +** successful [INSERT] and does not change the value returned by this +** routine. ^Thus INSERT OR FAIL, INSERT OR IGNORE, INSERT OR ROLLBACK, +** and INSERT OR ABORT make no changes to the return value of this +** routine when their insertion fails. ^(When INSERT OR REPLACE +** encounters a constraint violation, it does not fail. The +** INSERT continues to completion after deleting rows that caused +** the constraint problem so INSERT OR REPLACE will always change +** the return value of this interface.)^ +** +** ^For the purposes of this routine, an [INSERT] is considered to +** be successful even if it is subsequently rolled back. +** +** This function is accessible to SQL statements via the +** [last_insert_rowid() SQL function]. +** +** If a separate thread performs a new [INSERT] on the same +** database connection while the [sqlite3_last_insert_rowid()] +** function is running and thus changes the last insert [rowid], +** then the value returned by [sqlite3_last_insert_rowid()] is +** unpredictable and might not equal either the old or the new +** last insert [rowid]. +*/ +SQLITE_API sqlite3_int64 sqlite3_last_insert_rowid(sqlite3*); + +/* +** CAPI3REF: Count The Number Of Rows Modified +** +** ^This function returns the number of database rows that were changed +** or inserted or deleted by the most recently completed SQL statement +** on the [database connection] specified by the first parameter. +** ^(Only changes that are directly specified by the [INSERT], [UPDATE], +** or [DELETE] statement are counted. Auxiliary changes caused by +** triggers or [foreign key actions] are not counted.)^ Use the +** [sqlite3_total_changes()] function to find the total number of changes +** including changes caused by triggers and foreign key actions. +** +** ^Changes to a view that are simulated by an [INSTEAD OF trigger] +** are not counted. Only real table changes are counted. +** +** ^(A "row change" is a change to a single row of a single table +** caused by an INSERT, DELETE, or UPDATE statement. Rows that +** are changed as side effects of [REPLACE] constraint resolution, +** rollback, ABORT processing, [DROP TABLE], or by any other +** mechanisms do not count as direct row changes.)^ +** +** A "trigger context" is a scope of execution that begins and +** ends with the script of a [CREATE TRIGGER | trigger]. +** Most SQL statements are +** evaluated outside of any trigger. This is the "top level" +** trigger context. If a trigger fires from the top level, a +** new trigger context is entered for the duration of that one +** trigger. Subtriggers create subcontexts for their duration. +** +** ^Calling [sqlite3_exec()] or [sqlite3_step()] recursively does +** not create a new trigger context. +** +** ^This function returns the number of direct row changes in the +** most recent INSERT, UPDATE, or DELETE statement within the same +** trigger context. +** +** ^Thus, when called from the top level, this function returns the +** number of changes in the most recent INSERT, UPDATE, or DELETE +** that also occurred at the top level. ^(Within the body of a trigger, +** the sqlite3_changes() interface can be called to find the number of +** changes in the most recently completed INSERT, UPDATE, or DELETE +** statement within the body of the same trigger. +** However, the number returned does not include changes +** caused by subtriggers since those have their own context.)^ +** +** See also the [sqlite3_total_changes()] interface, the +** [count_changes pragma], and the [changes() SQL function]. +** +** If a separate thread makes changes on the same database connection +** while [sqlite3_changes()] is running then the value returned +** is unpredictable and not meaningful. +*/ +SQLITE_API int sqlite3_changes(sqlite3*); + +/* +** CAPI3REF: Total Number Of Rows Modified +** +** ^This function returns the number of row changes caused by [INSERT], +** [UPDATE] or [DELETE] statements since the [database connection] was opened. +** ^(The count returned by sqlite3_total_changes() includes all changes +** from all [CREATE TRIGGER | trigger] contexts and changes made by +** [foreign key actions]. However, +** the count does not include changes used to implement [REPLACE] constraints, +** do rollbacks or ABORT processing, or [DROP TABLE] processing. The +** count does not include rows of views that fire an [INSTEAD OF trigger], +** though if the INSTEAD OF trigger makes changes of its own, those changes +** are counted.)^ +** ^The sqlite3_total_changes() function counts the changes as soon as +** the statement that makes them is completed (when the statement handle +** is passed to [sqlite3_reset()] or [sqlite3_finalize()]). +** +** See also the [sqlite3_changes()] interface, the +** [count_changes pragma], and the [total_changes() SQL function]. +** +** If a separate thread makes changes on the same database connection +** while [sqlite3_total_changes()] is running then the value +** returned is unpredictable and not meaningful. +*/ +SQLITE_API int sqlite3_total_changes(sqlite3*); + +/* +** CAPI3REF: Interrupt A Long-Running Query +** +** ^This function causes any pending database operation to abort and +** return at its earliest opportunity. This routine is typically +** called in response to a user action such as pressing "Cancel" +** or Ctrl-C where the user wants a long query operation to halt +** immediately. +** +** ^It is safe to call this routine from a thread different from the +** thread that is currently running the database operation. But it +** is not safe to call this routine with a [database connection] that +** is closed or might close before sqlite3_interrupt() returns. +** +** ^If an SQL operation is very nearly finished at the time when +** sqlite3_interrupt() is called, then it might not have an opportunity +** to be interrupted and might continue to completion. +** +** ^An SQL operation that is interrupted will return [SQLITE_INTERRUPT]. +** ^If the interrupted SQL operation is an INSERT, UPDATE, or DELETE +** that is inside an explicit transaction, then the entire transaction +** will be rolled back automatically. +** +** ^The sqlite3_interrupt(D) call is in effect until all currently running +** SQL statements on [database connection] D complete. ^Any new SQL statements +** that are started after the sqlite3_interrupt() call and before the +** running statements reaches zero are interrupted as if they had been +** running prior to the sqlite3_interrupt() call. ^New SQL statements +** that are started after the running statement count reaches zero are +** not effected by the sqlite3_interrupt(). +** ^A call to sqlite3_interrupt(D) that occurs when there are no running +** SQL statements is a no-op and has no effect on SQL statements +** that are started after the sqlite3_interrupt() call returns. +** +** If the database connection closes while [sqlite3_interrupt()] +** is running then bad things will likely happen. +*/ +SQLITE_API void sqlite3_interrupt(sqlite3*); + +/* +** CAPI3REF: Determine If An SQL Statement Is Complete +** +** These routines are useful during command-line input to determine if the +** currently entered text seems to form a complete SQL statement or +** if additional input is needed before sending the text into +** SQLite for parsing. ^These routines return 1 if the input string +** appears to be a complete SQL statement. ^A statement is judged to be +** complete if it ends with a semicolon token and is not a prefix of a +** well-formed CREATE TRIGGER statement. ^Semicolons that are embedded within +** string literals or quoted identifier names or comments are not +** independent tokens (they are part of the token in which they are +** embedded) and thus do not count as a statement terminator. ^Whitespace +** and comments that follow the final semicolon are ignored. +** +** ^These routines return 0 if the statement is incomplete. ^If a +** memory allocation fails, then SQLITE_NOMEM is returned. +** +** ^These routines do not parse the SQL statements thus +** will not detect syntactically incorrect SQL. +** +** ^(If SQLite has not been initialized using [sqlite3_initialize()] prior +** to invoking sqlite3_complete16() then sqlite3_initialize() is invoked +** automatically by sqlite3_complete16(). If that initialization fails, +** then the return value from sqlite3_complete16() will be non-zero +** regardless of whether or not the input SQL is complete.)^ +** +** The input to [sqlite3_complete()] must be a zero-terminated +** UTF-8 string. +** +** The input to [sqlite3_complete16()] must be a zero-terminated +** UTF-16 string in native byte order. +*/ +SQLITE_API int sqlite3_complete(const char *sql); +SQLITE_API int sqlite3_complete16(const void *sql); + +/* +** CAPI3REF: Register A Callback To Handle SQLITE_BUSY Errors +** +** ^This routine sets a callback function that might be invoked whenever +** an attempt is made to open a database table that another thread +** or process has locked. +** +** ^If the busy callback is NULL, then [SQLITE_BUSY] or [SQLITE_IOERR_BLOCKED] +** is returned immediately upon encountering the lock. ^If the busy callback +** is not NULL, then the callback might be invoked with two arguments. +** +** ^The first argument to the busy handler is a copy of the void* pointer which +** is the third argument to sqlite3_busy_handler(). ^The second argument to +** the busy handler callback is the number of times that the busy handler has +** been invoked for this locking event. ^If the +** busy callback returns 0, then no additional attempts are made to +** access the database and [SQLITE_BUSY] or [SQLITE_IOERR_BLOCKED] is returned. +** ^If the callback returns non-zero, then another attempt +** is made to open the database for reading and the cycle repeats. +** +** The presence of a busy handler does not guarantee that it will be invoked +** when there is lock contention. ^If SQLite determines that invoking the busy +** handler could result in a deadlock, it will go ahead and return [SQLITE_BUSY] +** or [SQLITE_IOERR_BLOCKED] instead of invoking the busy handler. +** Consider a scenario where one process is holding a read lock that +** it is trying to promote to a reserved lock and +** a second process is holding a reserved lock that it is trying +** to promote to an exclusive lock. The first process cannot proceed +** because it is blocked by the second and the second process cannot +** proceed because it is blocked by the first. If both processes +** invoke the busy handlers, neither will make any progress. Therefore, +** SQLite returns [SQLITE_BUSY] for the first process, hoping that this +** will induce the first process to release its read lock and allow +** the second process to proceed. +** +** ^The default busy callback is NULL. +** +** ^The [SQLITE_BUSY] error is converted to [SQLITE_IOERR_BLOCKED] +** when SQLite is in the middle of a large transaction where all the +** changes will not fit into the in-memory cache. SQLite will +** already hold a RESERVED lock on the database file, but it needs +** to promote this lock to EXCLUSIVE so that it can spill cache +** pages into the database file without harm to concurrent +** readers. ^If it is unable to promote the lock, then the in-memory +** cache will be left in an inconsistent state and so the error +** code is promoted from the relatively benign [SQLITE_BUSY] to +** the more severe [SQLITE_IOERR_BLOCKED]. ^This error code promotion +** forces an automatic rollback of the changes. See the +** +** CorruptionFollowingBusyError wiki page for a discussion of why +** this is important. +** +** ^(There can only be a single busy handler defined for each +** [database connection]. Setting a new busy handler clears any +** previously set handler.)^ ^Note that calling [sqlite3_busy_timeout()] +** will also set or clear the busy handler. +** +** The busy callback should not take any actions which modify the +** database connection that invoked the busy handler. Any such actions +** result in undefined behavior. +** +** A busy handler must not close the database connection +** or [prepared statement] that invoked the busy handler. +*/ +SQLITE_API int sqlite3_busy_handler(sqlite3*, int(*)(void*,int), void*); + +/* +** CAPI3REF: Set A Busy Timeout +** +** ^This routine sets a [sqlite3_busy_handler | busy handler] that sleeps +** for a specified amount of time when a table is locked. ^The handler +** will sleep multiple times until at least "ms" milliseconds of sleeping +** have accumulated. ^After at least "ms" milliseconds of sleeping, +** the handler returns 0 which causes [sqlite3_step()] to return +** [SQLITE_BUSY] or [SQLITE_IOERR_BLOCKED]. +** +** ^Calling this routine with an argument less than or equal to zero +** turns off all busy handlers. +** +** ^(There can only be a single busy handler for a particular +** [database connection] any any given moment. If another busy handler +** was defined (using [sqlite3_busy_handler()]) prior to calling +** this routine, that other busy handler is cleared.)^ +*/ +SQLITE_API int sqlite3_busy_timeout(sqlite3*, int ms); + +/* +** CAPI3REF: Convenience Routines For Running Queries +** +** Definition: A result table is memory data structure created by the +** [sqlite3_get_table()] interface. A result table records the +** complete query results from one or more queries. +** +** The table conceptually has a number of rows and columns. But +** these numbers are not part of the result table itself. These +** numbers are obtained separately. Let N be the number of rows +** and M be the number of columns. +** +** A result table is an array of pointers to zero-terminated UTF-8 strings. +** There are (N+1)*M elements in the array. The first M pointers point +** to zero-terminated strings that contain the names of the columns. +** The remaining entries all point to query results. NULL values result +** in NULL pointers. All other values are in their UTF-8 zero-terminated +** string representation as returned by [sqlite3_column_text()]. +** +** A result table might consist of one or more memory allocations. +** It is not safe to pass a result table directly to [sqlite3_free()]. +** A result table should be deallocated using [sqlite3_free_table()]. +** +** As an example of the result table format, suppose a query result +** is as follows: +** +** 
+**        Name        | Age
+**        -----------------------
+**        Alice       | 43
+**        Bob         | 28
+**        Cindy       | 21
+**
+** +** There are two column (M==2) and three rows (N==3). Thus the +** result table has 8 entries. Suppose the result table is stored +** in an array names azResult. Then azResult holds this content: +** +** 
+**        azResult[0] = "Name";
+**        azResult[1] = "Age";
+**        azResult[2] = "Alice";
+**        azResult[3] = "43";
+**        azResult[4] = "Bob";
+**        azResult[5] = "28";
+**        azResult[6] = "Cindy";
+**        azResult[7] = "21";
+**
+** +** ^The sqlite3_get_table() function evaluates one or more +** semicolon-separated SQL statements in the zero-terminated UTF-8 +** string of its 2nd parameter and returns a result table to the +** pointer given in its 3rd parameter. +** +** After the application has finished with the result from sqlite3_get_table(), +** it should pass the result table pointer to sqlite3_free_table() in order to +** release the memory that was malloced. Because of the way the +** [sqlite3_malloc()] happens within sqlite3_get_table(), the calling +** function must not try to call [sqlite3_free()] directly. Only +** [sqlite3_free_table()] is able to release the memory properly and safely. +** +** ^(The sqlite3_get_table() interface is implemented as a wrapper around +** [sqlite3_exec()]. The sqlite3_get_table() routine does not have access +** to any internal data structures of SQLite. It uses only the public +** interface defined here. As a consequence, errors that occur in the +** wrapper layer outside of the internal [sqlite3_exec()] call are not +** reflected in subsequent calls to [sqlite3_errcode()] or +** [sqlite3_errmsg()].)^ +*/ +SQLITE_API int sqlite3_get_table( + sqlite3 *db, /* An open database */ + const char *zSql, /* SQL to be evaluated */ + char ***pazResult, /* Results of the query */ + int *pnRow, /* Number of result rows written here */ + int *pnColumn, /* Number of result columns written here */ + char **pzErrmsg /* Error msg written here */ +); +SQLITE_API void sqlite3_free_table(char **result); + +/* +** CAPI3REF: Formatted String Printing Functions +** +** These routines are work-alikes of the "printf()" family of functions +** from the standard C library. +** +** ^The sqlite3_mprintf() and sqlite3_vmprintf() routines write their +** results into memory obtained from [sqlite3_malloc()]. +** The strings returned by these two routines should be +** released by [sqlite3_free()]. ^Both routines return a +** NULL pointer if [sqlite3_malloc()] is unable to allocate enough +** memory to hold the resulting string. +** +** ^(In sqlite3_snprintf() routine is similar to "snprintf()" from +** the standard C library. The result is written into the +** buffer supplied as the second parameter whose size is given by +** the first parameter. Note that the order of the +** first two parameters is reversed from snprintf().)^ This is an +** historical accident that cannot be fixed without breaking +** backwards compatibility. ^(Note also that sqlite3_snprintf() +** returns a pointer to its buffer instead of the number of +** characters actually written into the buffer.)^ We admit that +** the number of characters written would be a more useful return +** value but we cannot change the implementation of sqlite3_snprintf() +** now without breaking compatibility. +** +** ^As long as the buffer size is greater than zero, sqlite3_snprintf() +** guarantees that the buffer is always zero-terminated. ^The first +** parameter "n" is the total size of the buffer, including space for +** the zero terminator. So the longest string that can be completely +** written will be n-1 characters. +** +** These routines all implement some additional formatting +** options that are useful for constructing SQL statements. +** All of the usual printf() formatting options apply. In addition, there +** is are "%q", "%Q", and "%z" options. +** +** ^(The %q option works like %s in that it substitutes a null-terminated +** string from the argument list. But %q also doubles every '\'' character. +** %q is designed for use inside a string literal.)^ By doubling each '\'' +** character it escapes that character and allows it to be inserted into +** the string. +** +** For example, assume the string variable zText contains text as follows: +** +** 
+**  char *zText = "It's a happy day!";
+**
+** +** One can use this text in an SQL statement as follows: +** +** 
+**  char *zSQL = sqlite3_mprintf("INSERT INTO table VALUES('%q')", zText);
+**  sqlite3_exec(db, zSQL, 0, 0, 0);
+**  sqlite3_free(zSQL);
+**
+** +** Because the %q format string is used, the '\'' character in zText +** is escaped and the SQL generated is as follows: +** +** 
+**  INSERT INTO table1 VALUES('It''s a happy day!')
+**
+** +** This is correct. Had we used %s instead of %q, the generated SQL +** would have looked like this: +** +** 
+**  INSERT INTO table1 VALUES('It's a happy day!');
+**
+** +** This second example is an SQL syntax error. As a general rule you should +** always use %q instead of %s when inserting text into a string literal. +** +** ^(The %Q option works like %q except it also adds single quotes around +** the outside of the total string. Additionally, if the parameter in the +** argument list is a NULL pointer, %Q substitutes the text "NULL" (without +** single quotes).)^ So, for example, one could say: +** +** 
+**  char *zSQL = sqlite3_mprintf("INSERT INTO table VALUES(%Q)", zText);
+**  sqlite3_exec(db, zSQL, 0, 0, 0);
+**  sqlite3_free(zSQL);
+**
+** +** The code above will render a correct SQL statement in the zSQL +** variable even if the zText variable is a NULL pointer. +** +** ^(The "%z" formatting option works like "%s" but with the +** addition that after the string has been read and copied into +** the result, [sqlite3_free()] is called on the input string.)^ +*/ +SQLITE_API char *sqlite3_mprintf(const char*,...); +SQLITE_API char *sqlite3_vmprintf(const char*, va_list); +SQLITE_API char *sqlite3_snprintf(int,char*,const char*, ...); + +/* +** CAPI3REF: Memory Allocation Subsystem +** +** The SQLite core uses these three routines for all of its own +** internal memory allocation needs. "Core" in the previous sentence +** does not include operating-system specific VFS implementation. The +** Windows VFS uses native malloc() and free() for some operations. +** +** ^The sqlite3_malloc() routine returns a pointer to a block +** of memory at least N bytes in length, where N is the parameter. +** ^If sqlite3_malloc() is unable to obtain sufficient free +** memory, it returns a NULL pointer. ^If the parameter N to +** sqlite3_malloc() is zero or negative then sqlite3_malloc() returns +** a NULL pointer. +** +** ^Calling sqlite3_free() with a pointer previously returned +** by sqlite3_malloc() or sqlite3_realloc() releases that memory so +** that it might be reused. ^The sqlite3_free() routine is +** a no-op if is called with a NULL pointer. Passing a NULL pointer +** to sqlite3_free() is harmless. After being freed, memory +** should neither be read nor written. Even reading previously freed +** memory might result in a segmentation fault or other severe error. +** Memory corruption, a segmentation fault, or other severe error +** might result if sqlite3_free() is called with a non-NULL pointer that +** was not obtained from sqlite3_malloc() or sqlite3_realloc(). +** +** ^(The sqlite3_realloc() interface attempts to resize a +** prior memory allocation to be at least N bytes, where N is the +** second parameter. The memory allocation to be resized is the first +** parameter.)^ ^ If the first parameter to sqlite3_realloc() +** is a NULL pointer then its behavior is identical to calling +** sqlite3_malloc(N) where N is the second parameter to sqlite3_realloc(). +** ^If the second parameter to sqlite3_realloc() is zero or +** negative then the behavior is exactly the same as calling +** sqlite3_free(P) where P is the first parameter to sqlite3_realloc(). +** ^sqlite3_realloc() returns a pointer to a memory allocation +** of at least N bytes in size or NULL if sufficient memory is unavailable. +** ^If M is the size of the prior allocation, then min(N,M) bytes +** of the prior allocation are copied into the beginning of buffer returned +** by sqlite3_realloc() and the prior allocation is freed. +** ^If sqlite3_realloc() returns NULL, then the prior allocation +** is not freed. +** +** ^The memory returned by sqlite3_malloc() and sqlite3_realloc() +** is always aligned to at least an 8 byte boundary. +** +** In SQLite version 3.5.0 and 3.5.1, it was possible to define +** the SQLITE_OMIT_MEMORY_ALLOCATION which would cause the built-in +** implementation of these routines to be omitted. That capability +** is no longer provided. Only built-in memory allocators can be used. +** +** The Windows OS interface layer calls +** the system malloc() and free() directly when converting +** filenames between the UTF-8 encoding used by SQLite +** and whatever filename encoding is used by the particular Windows +** installation. Memory allocation errors are detected, but +** they are reported back as [SQLITE_CANTOPEN] or +** [SQLITE_IOERR] rather than [SQLITE_NOMEM]. +** +** The pointer arguments to [sqlite3_free()] and [sqlite3_realloc()] +** must be either NULL or else pointers obtained from a prior +** invocation of [sqlite3_malloc()] or [sqlite3_realloc()] that have +** not yet been released. +** +** The application must not read or write any part of +** a block of memory after it has been released using +** [sqlite3_free()] or [sqlite3_realloc()]. +*/ +SQLITE_API void *sqlite3_malloc(int); +SQLITE_API void *sqlite3_realloc(void*, int); +SQLITE_API void sqlite3_free(void*); + +/* +** CAPI3REF: Memory Allocator Statistics +** +** SQLite provides these two interfaces for reporting on the status +** of the [sqlite3_malloc()], [sqlite3_free()], and [sqlite3_realloc()] +** routines, which form the built-in memory allocation subsystem. +** +** ^The [sqlite3_memory_used()] routine returns the number of bytes +** of memory currently outstanding (malloced but not freed). +** ^The [sqlite3_memory_highwater()] routine returns the maximum +** value of [sqlite3_memory_used()] since the high-water mark +** was last reset. ^The values returned by [sqlite3_memory_used()] and +** [sqlite3_memory_highwater()] include any overhead +** added by SQLite in its implementation of [sqlite3_malloc()], +** but not overhead added by the any underlying system library +** routines that [sqlite3_malloc()] may call. +** +** ^The memory high-water mark is reset to the current value of +** [sqlite3_memory_used()] if and only if the parameter to +** [sqlite3_memory_highwater()] is true. ^The value returned +** by [sqlite3_memory_highwater(1)] is the high-water mark +** prior to the reset. +*/ +SQLITE_API sqlite3_int64 sqlite3_memory_used(void); +SQLITE_API sqlite3_int64 sqlite3_memory_highwater(int resetFlag); + +/* +** CAPI3REF: Pseudo-Random Number Generator +** +** SQLite contains a high-quality pseudo-random number generator (PRNG) used to +** select random [ROWID | ROWIDs] when inserting new records into a table that +** already uses the largest possible [ROWID]. The PRNG is also used for +** the build-in random() and randomblob() SQL functions. This interface allows +** applications to access the same PRNG for other purposes. +** +** ^A call to this routine stores N bytes of randomness into buffer P. +** +** ^The first time this routine is invoked (either internally or by +** the application) the PRNG is seeded using randomness obtained +** from the xRandomness method of the default [sqlite3_vfs] object. +** ^On all subsequent invocations, the pseudo-randomness is generated +** internally and without recourse to the [sqlite3_vfs] xRandomness +** method. +*/ +SQLITE_API void sqlite3_randomness(int N, void *P); + +/* +** CAPI3REF: Compile-Time Authorization Callbacks +** +** ^This routine registers a authorizer callback with a particular +** [database connection], supplied in the first argument. +** ^The authorizer callback is invoked as SQL statements are being compiled +** by [sqlite3_prepare()] or its variants [sqlite3_prepare_v2()], +** [sqlite3_prepare16()] and [sqlite3_prepare16_v2()]. ^At various +** points during the compilation process, as logic is being created +** to perform various actions, the authorizer callback is invoked to +** see if those actions are allowed. ^The authorizer callback should +** return [SQLITE_OK] to allow the action, [SQLITE_IGNORE] to disallow the +** specific action but allow the SQL statement to continue to be +** compiled, or [SQLITE_DENY] to cause the entire SQL statement to be +** rejected with an error. ^If the authorizer callback returns +** any value other than [SQLITE_IGNORE], [SQLITE_OK], or [SQLITE_DENY] +** then the [sqlite3_prepare_v2()] or equivalent call that triggered +** the authorizer will fail with an error message. +** +** When the callback returns [SQLITE_OK], that means the operation +** requested is ok. ^When the callback returns [SQLITE_DENY], the +** [sqlite3_prepare_v2()] or equivalent call that triggered the +** authorizer will fail with an error message explaining that +** access is denied. +** +** ^The first parameter to the authorizer callback is a copy of the third +** parameter to the sqlite3_set_authorizer() interface. ^The second parameter +** to the callback is an integer [SQLITE_COPY | action code] that specifies +** the particular action to be authorized. ^The third through sixth parameters +** to the callback are zero-terminated strings that contain additional +** details about the action to be authorized. +** +** ^If the action code is [SQLITE_READ] +** and the callback returns [SQLITE_IGNORE] then the +** [prepared statement] statement is constructed to substitute +** a NULL value in place of the table column that would have +** been read if [SQLITE_OK] had been returned. The [SQLITE_IGNORE] +** return can be used to deny an untrusted user access to individual +** columns of a table. +** ^If the action code is [SQLITE_DELETE] and the callback returns +** [SQLITE_IGNORE] then the [DELETE] operation proceeds but the +** [truncate optimization] is disabled and all rows are deleted individually. +** +** An authorizer is used when [sqlite3_prepare | preparing] +** SQL statements from an untrusted source, to ensure that the SQL statements +** do not try to access data they are not allowed to see, or that they do not +** try to execute malicious statements that damage the database. For +** example, an application may allow a user to enter arbitrary +** SQL queries for evaluation by a database. But the application does +** not want the user to be able to make arbitrary changes to the +** database. An authorizer could then be put in place while the +** user-entered SQL is being [sqlite3_prepare | prepared] that +** disallows everything except [SELECT] statements. +** +** Applications that need to process SQL from untrusted sources +** might also consider lowering resource limits using [sqlite3_limit()] +** and limiting database size using the [max_page_count] [PRAGMA] +** in addition to using an authorizer. +** +** ^(Only a single authorizer can be in place on a database connection +** at a time. Each call to sqlite3_set_authorizer overrides the +** previous call.)^ ^Disable the authorizer by installing a NULL callback. +** The authorizer is disabled by default. +** +** The authorizer callback must not do anything that will modify +** the database connection that invoked the authorizer callback. +** Note that [sqlite3_prepare_v2()] and [sqlite3_step()] both modify their +** database connections for the meaning of "modify" in this paragraph. +** +** ^When [sqlite3_prepare_v2()] is used to prepare a statement, the +** statement might be re-prepared during [sqlite3_step()] due to a +** schema change. Hence, the application should ensure that the +** correct authorizer callback remains in place during the [sqlite3_step()]. +** +** ^Note that the authorizer callback is invoked only during +** [sqlite3_prepare()] or its variants. Authorization is not +** performed during statement evaluation in [sqlite3_step()], unless +** as stated in the previous paragraph, sqlite3_step() invokes +** sqlite3_prepare_v2() to reprepare a statement after a schema change. +*/ +SQLITE_API int sqlite3_set_authorizer( + sqlite3*, + int (*xAuth)(void*,int,const char*,const char*,const char*,const char*), + void *pUserData +); + +/* +** CAPI3REF: Authorizer Return Codes +** +** The [sqlite3_set_authorizer | authorizer callback function] must +** return either [SQLITE_OK] or one of these two constants in order +** to signal SQLite whether or not the action is permitted. See the +** [sqlite3_set_authorizer | authorizer documentation] for additional +** information. +*/ +#define SQLITE_DENY 1 /* Abort the SQL statement with an error */ +#define SQLITE_IGNORE 2 /* Don't allow access, but don't generate an error */ + +/* +** CAPI3REF: Authorizer Action Codes +** +** The [sqlite3_set_authorizer()] interface registers a callback function +** that is invoked to authorize certain SQL statement actions. The +** second parameter to the callback is an integer code that specifies +** what action is being authorized. These are the integer action codes that +** the authorizer callback may be passed. +** +** These action code values signify what kind of operation is to be +** authorized. The 3rd and 4th parameters to the authorization +** callback function will be parameters or NULL depending on which of these +** codes is used as the second parameter. ^(The 5th parameter to the +** authorizer callback is the name of the database ("main", "temp", +** etc.) if applicable.)^ ^The 6th parameter to the authorizer callback +** is the name of the inner-most trigger or view that is responsible for +** the access attempt or NULL if this access attempt is directly from +** top-level SQL code. +*/ +/******************************************* 3rd ************ 4th ***********/ +#define SQLITE_CREATE_INDEX 1 /* Index Name Table Name */ +#define SQLITE_CREATE_TABLE 2 /* Table Name NULL */ +#define SQLITE_CREATE_TEMP_INDEX 3 /* Index Name Table Name */ +#define SQLITE_CREATE_TEMP_TABLE 4 /* Table Name NULL */ +#define SQLITE_CREATE_TEMP_TRIGGER 5 /* Trigger Name Table Name */ +#define SQLITE_CREATE_TEMP_VIEW 6 /* View Name NULL */ +#define SQLITE_CREATE_TRIGGER 7 /* Trigger Name Table Name */ +#define SQLITE_CREATE_VIEW 8 /* View Name NULL */ +#define SQLITE_DELETE 9 /* Table Name NULL */ +#define SQLITE_DROP_INDEX 10 /* Index Name Table Name */ +#define SQLITE_DROP_TABLE 11 /* Table Name NULL */ +#define SQLITE_DROP_TEMP_INDEX 12 /* Index Name Table Name */ +#define SQLITE_DROP_TEMP_TABLE 13 /* Table Name NULL */ +#define SQLITE_DROP_TEMP_TRIGGER 14 /* Trigger Name Table Name */ +#define SQLITE_DROP_TEMP_VIEW 15 /* View Name NULL */ +#define SQLITE_DROP_TRIGGER 16 /* Trigger Name Table Name */ +#define SQLITE_DROP_VIEW 17 /* View Name NULL */ +#define SQLITE_INSERT 18 /* Table Name NULL */ +#define SQLITE_PRAGMA 19 /* Pragma Name 1st arg or NULL */ +#define SQLITE_READ 20 /* Table Name Column Name */ +#define SQLITE_SELECT 21 /* NULL NULL */ +#define SQLITE_TRANSACTION 22 /* Operation NULL */ +#define SQLITE_UPDATE 23 /* Table Name Column Name */ +#define SQLITE_ATTACH 24 /* Filename NULL */ +#define SQLITE_DETACH 25 /* Database Name NULL */ +#define SQLITE_ALTER_TABLE 26 /* Database Name Table Name */ +#define SQLITE_REINDEX 27 /* Index Name NULL */ +#define SQLITE_ANALYZE 28 /* Table Name NULL */ +#define SQLITE_CREATE_VTABLE 29 /* Table Name Module Name */ +#define SQLITE_DROP_VTABLE 30 /* Table Name Module Name */ +#define SQLITE_FUNCTION 31 /* NULL Function Name */ +#define SQLITE_SAVEPOINT 32 /* Operation Savepoint Name */ +#define SQLITE_COPY 0 /* No longer used */ + +/* +** CAPI3REF: Tracing And Profiling Functions +** EXPERIMENTAL +** +** These routines register callback functions that can be used for +** tracing and profiling the execution of SQL statements. +** +** ^The callback function registered by sqlite3_trace() is invoked at +** various times when an SQL statement is being run by [sqlite3_step()]. +** ^The sqlite3_trace() callback is invoked with a UTF-8 rendering of the +** SQL statement text as the statement first begins executing. +** ^(Additional sqlite3_trace() callbacks might occur +** as each triggered subprogram is entered. The callbacks for triggers +** contain a UTF-8 SQL comment that identifies the trigger.)^ +** +** ^The callback function registered by sqlite3_profile() is invoked +** as each SQL statement finishes. ^The profile callback contains +** the original statement text and an estimate of wall-clock time +** of how long that statement took to run. +*/ +SQLITE_API SQLITE_EXPERIMENTAL void *sqlite3_trace(sqlite3*, void(*xTrace)(void*,const char*), void*); +SQLITE_API SQLITE_EXPERIMENTAL void *sqlite3_profile(sqlite3*, + void(*xProfile)(void*,const char*,sqlite3_uint64), void*); + +/* +** CAPI3REF: Query Progress Callbacks +** +** ^This routine configures a callback function - the +** progress callback - that is invoked periodically during long +** running calls to [sqlite3_exec()], [sqlite3_step()] and +** [sqlite3_get_table()]. An example use for this +** interface is to keep a GUI updated during a large query. +** +** ^If the progress callback returns non-zero, the operation is +** interrupted. This feature can be used to implement a +** "Cancel" button on a GUI progress dialog box. +** +** The progress handler must not do anything that will modify +** the database connection that invoked the progress handler. +** Note that [sqlite3_prepare_v2()] and [sqlite3_step()] both modify their +** database connections for the meaning of "modify" in this paragraph. +** +*/ +SQLITE_API void sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*); + +/* +** CAPI3REF: Opening A New Database Connection +** +** ^These routines open an SQLite database file whose name is given by the +** filename argument. ^The filename argument is interpreted as UTF-8 for +** sqlite3_open() and sqlite3_open_v2() and as UTF-16 in the native byte +** order for sqlite3_open16(). ^(A [database connection] handle is usually +** returned in *ppDb, even if an error occurs. The only exception is that +** if SQLite is unable to allocate memory to hold the [sqlite3] object, +** a NULL will be written into *ppDb instead of a pointer to the [sqlite3] +** object.)^ ^(If the database is opened (and/or created) successfully, then +** [SQLITE_OK] is returned. Otherwise an [error code] is returned.)^ ^The +** [sqlite3_errmsg()] or [sqlite3_errmsg16()] routines can be used to obtain +** an English language description of the error following a failure of any +** of the sqlite3_open() routines. +** +** ^The default encoding for the database will be UTF-8 if +** sqlite3_open() or sqlite3_open_v2() is called and +** UTF-16 in the native byte order if sqlite3_open16() is used. +** +** Whether or not an error occurs when it is opened, resources +** associated with the [database connection] handle should be released by +** passing it to [sqlite3_close()] when it is no longer required. +** +** The sqlite3_open_v2() interface works like sqlite3_open() +** except that it accepts two additional parameters for additional control +** over the new database connection. ^(The flags parameter to +** sqlite3_open_v2() can take one of +** the following three values, optionally combined with the +** [SQLITE_OPEN_NOMUTEX], [SQLITE_OPEN_FULLMUTEX], [SQLITE_OPEN_SHAREDCACHE], +** and/or [SQLITE_OPEN_PRIVATECACHE] flags:)^ +** +**
+** ^(
[SQLITE_OPEN_READONLY]
+**
The database is opened in read-only mode. If the database does not +** already exist, an error is returned.
)^ +** +** ^(
[SQLITE_OPEN_READWRITE]
+**
The database is opened for reading and writing if possible, or reading +** only if the file is write protected by the operating system. In either +** case the database must already exist, otherwise an error is returned.
)^ +** +** ^(
[SQLITE_OPEN_READWRITE] | [SQLITE_OPEN_CREATE]
+**
The database is opened for reading and writing, and is creates it if +** it does not already exist. This is the behavior that is always used for +** sqlite3_open() and sqlite3_open16().
)^ +**
+** +** If the 3rd parameter to sqlite3_open_v2() is not one of the +** combinations shown above or one of the combinations shown above combined +** with the [SQLITE_OPEN_NOMUTEX], [SQLITE_OPEN_FULLMUTEX], +** [SQLITE_OPEN_SHAREDCACHE] and/or [SQLITE_OPEN_SHAREDCACHE] flags, +** then the behavior is undefined. +** +** ^If the [SQLITE_OPEN_NOMUTEX] flag is set, then the database connection +** opens in the multi-thread [threading mode] as long as the single-thread +** mode has not been set at compile-time or start-time. ^If the +** [SQLITE_OPEN_FULLMUTEX] flag is set then the database connection opens +** in the serialized [threading mode] unless single-thread was +** previously selected at compile-time or start-time. +** ^The [SQLITE_OPEN_SHAREDCACHE] flag causes the database connection to be +** eligible to use [shared cache mode], regardless of whether or not shared +** cache is enabled using [sqlite3_enable_shared_cache()]. ^The +** [SQLITE_OPEN_PRIVATECACHE] flag causes the database connection to not +** participate in [shared cache mode] even if it is enabled. +** +** ^If the filename is ":memory:", then a private, temporary in-memory database +** is created for the connection. ^This in-memory database will vanish when +** the database connection is closed. Future versions of SQLite might +** make use of additional special filenames that begin with the ":" character. +** It is recommended that when a database filename actually does begin with +** a ":" character you should prefix the filename with a pathname such as +** "./" to avoid ambiguity. +** +** ^If the filename is an empty string, then a private, temporary +** on-disk database will be created. ^This private database will be +** automatically deleted as soon as the database connection is closed. +** +** ^The fourth parameter to sqlite3_open_v2() is the name of the +** [sqlite3_vfs] object that defines the operating system interface that +** the new database connection should use. ^If the fourth parameter is +** a NULL pointer then the default [sqlite3_vfs] object is used. +** +** Note to Windows users: The encoding used for the filename argument +** of sqlite3_open() and sqlite3_open_v2() must be UTF-8, not whatever +** codepage is currently defined. Filenames containing international +** characters must be converted to UTF-8 prior to passing them into +** sqlite3_open() or sqlite3_open_v2(). +*/ +SQLITE_API int sqlite3_open( + const char *filename, /* Database filename (UTF-8) */ + sqlite3 **ppDb /* OUT: SQLite db handle */ +); +SQLITE_API int sqlite3_open16( + const void *filename, /* Database filename (UTF-16) */ + sqlite3 **ppDb /* OUT: SQLite db handle */ +); +SQLITE_API int sqlite3_open_v2( + const char *filename, /* Database filename (UTF-8) */ + sqlite3 **ppDb, /* OUT: SQLite db handle */ + int flags, /* Flags */ + const char *zVfs /* Name of VFS module to use */ +); + +/* +** CAPI3REF: Error Codes And Messages +** +** ^The sqlite3_errcode() interface returns the numeric [result code] or +** [extended result code] for the most recent failed sqlite3_* API call +** associated with a [database connection]. If a prior API call failed +** but the most recent API call succeeded, the return value from +** sqlite3_errcode() is undefined. ^The sqlite3_extended_errcode() +** interface is the same except that it always returns the +** [extended result code] even when extended result codes are +** disabled. +** +** ^The sqlite3_errmsg() and sqlite3_errmsg16() return English-language +** text that describes the error, as either UTF-8 or UTF-16 respectively. +** ^(Memory to hold the error message string is managed internally. +** The application does not need to worry about freeing the result. +** However, the error string might be overwritten or deallocated by +** subsequent calls to other SQLite interface functions.)^ +** +** When the serialized [threading mode] is in use, it might be the +** case that a second error occurs on a separate thread in between +** the time of the first error and the call to these interfaces. +** When that happens, the second error will be reported since these +** interfaces always report the most recent result. To avoid +** this, each thread can obtain exclusive use of the [database connection] D +** by invoking [sqlite3_mutex_enter]([sqlite3_db_mutex](D)) before beginning +** to use D and invoking [sqlite3_mutex_leave]([sqlite3_db_mutex](D)) after +** all calls to the interfaces listed here are completed. +** +** If an interface fails with SQLITE_MISUSE, that means the interface +** was invoked incorrectly by the application. In that case, the +** error code and message may or may not be set. +*/ +SQLITE_API int sqlite3_errcode(sqlite3 *db); +SQLITE_API int sqlite3_extended_errcode(sqlite3 *db); +SQLITE_API const char *sqlite3_errmsg(sqlite3*); +SQLITE_API const void *sqlite3_errmsg16(sqlite3*); + +/* +** CAPI3REF: SQL Statement Object +** KEYWORDS: {prepared statement} {prepared statements} +** +** An instance of this object represents a single SQL statement. +** This object is variously known as a "prepared statement" or a +** "compiled SQL statement" or simply as a "statement". +** +** The life of a statement object goes something like this: +** +**
    +**
  1. Create the object using [sqlite3_prepare_v2()] or a related +** function. +**
  2. Bind values to [host parameters] using the sqlite3_bind_*() +** interfaces. +**
  3. Run the SQL by calling [sqlite3_step()] one or more times. +**
  4. Reset the statement using [sqlite3_reset()] then go back +** to step 2. Do this zero or more times. +**
  5. Destroy the object using [sqlite3_finalize()]. +**
+** +** Refer to documentation on individual methods above for additional +** information. +*/ +typedef struct sqlite3_stmt sqlite3_stmt; + +/* +** CAPI3REF: Run-time Limits +** +** ^(This interface allows the size of various constructs to be limited +** on a connection by connection basis. The first parameter is the +** [database connection] whose limit is to be set or queried. The +** second parameter is one of the [limit categories] that define a +** class of constructs to be size limited. The third parameter is the +** new limit for that construct. The function returns the old limit.)^ +** +** ^If the new limit is a negative number, the limit is unchanged. +** ^(For the limit category of SQLITE_LIMIT_XYZ there is a +** [limits | hard upper bound] +** set by a compile-time C preprocessor macro named +** [limits | SQLITE_MAX_XYZ]. +** (The "_LIMIT_" in the name is changed to "_MAX_".))^ +** ^Attempts to increase a limit above its hard upper bound are +** silently truncated to the hard upper bound. +** +** Run-time limits are intended for use in applications that manage +** both their own internal database and also databases that are controlled +** by untrusted external sources. An example application might be a +** web browser that has its own databases for storing history and +** separate databases controlled by JavaScript applications downloaded +** off the Internet. The internal databases can be given the +** large, default limits. Databases managed by external sources can +** be given much smaller limits designed to prevent a denial of service +** attack. Developers might also want to use the [sqlite3_set_authorizer()] +** interface to further control untrusted SQL. The size of the database +** created by an untrusted script can be contained using the +** [max_page_count] [PRAGMA]. +** +** New run-time limit categories may be added in future releases. +*/ +SQLITE_API int sqlite3_limit(sqlite3*, int id, int newVal); + +/* +** CAPI3REF: Run-Time Limit Categories +** KEYWORDS: {limit category} {*limit categories} +** +** These constants define various performance limits +** that can be lowered at run-time using [sqlite3_limit()]. +** The synopsis of the meanings of the various limits is shown below. +** Additional information is available at [limits | Limits in SQLite]. +** +**
+** ^(
SQLITE_LIMIT_LENGTH
+**
The maximum size of any string or BLOB or table row.
)^ +** +** ^(
SQLITE_LIMIT_SQL_LENGTH
+**
The maximum length of an SQL statement, in bytes.
)^ +** +** ^(
SQLITE_LIMIT_COLUMN
+**
The maximum number of columns in a table definition or in the +** result set of a [SELECT] or the maximum number of columns in an index +** or in an ORDER BY or GROUP BY clause.
)^ +** +** ^(
SQLITE_LIMIT_EXPR_DEPTH
+**
The maximum depth of the parse tree on any expression.
)^ +** +** ^(
SQLITE_LIMIT_COMPOUND_SELECT
+**
The maximum number of terms in a compound SELECT statement.
)^ +** +** ^(
SQLITE_LIMIT_VDBE_OP
+**
The maximum number of instructions in a virtual machine program +** used to implement an SQL statement.
)^ +** +** ^(
SQLITE_LIMIT_FUNCTION_ARG
+**
The maximum number of arguments on a function.
)^ +** +** ^(
SQLITE_LIMIT_ATTACHED
+**
The maximum number of [ATTACH | attached databases].)^
+** +** ^(
SQLITE_LIMIT_LIKE_PATTERN_LENGTH
+**
The maximum length of the pattern argument to the [LIKE] or +** [GLOB] operators.
)^ +** +** ^(
SQLITE_LIMIT_VARIABLE_NUMBER
+**
The maximum number of variables in an SQL statement that can +** be bound.
)^ +** +** ^(
SQLITE_LIMIT_TRIGGER_DEPTH
+**
The maximum depth of recursion for triggers.
)^ +**
+*/ +#define SQLITE_LIMIT_LENGTH 0 +#define SQLITE_LIMIT_SQL_LENGTH 1 +#define SQLITE_LIMIT_COLUMN 2 +#define SQLITE_LIMIT_EXPR_DEPTH 3 +#define SQLITE_LIMIT_COMPOUND_SELECT 4 +#define SQLITE_LIMIT_VDBE_OP 5 +#define SQLITE_LIMIT_FUNCTION_ARG 6 +#define SQLITE_LIMIT_ATTACHED 7 +#define SQLITE_LIMIT_LIKE_PATTERN_LENGTH 8 +#define SQLITE_LIMIT_VARIABLE_NUMBER 9 +#define SQLITE_LIMIT_TRIGGER_DEPTH 10 + +/* +** CAPI3REF: Compiling An SQL Statement +** KEYWORDS: {SQL statement compiler} +** +** To execute an SQL query, it must first be compiled into a byte-code +** program using one of these routines. +** +** The first argument, "db", is a [database connection] obtained from a +** prior successful call to [sqlite3_open()], [sqlite3_open_v2()] or +** [sqlite3_open16()]. The database connection must not have been closed. +** +** The second argument, "zSql", is the statement to be compiled, encoded +** as either UTF-8 or UTF-16. The sqlite3_prepare() and sqlite3_prepare_v2() +** interfaces use UTF-8, and sqlite3_prepare16() and sqlite3_prepare16_v2() +** use UTF-16. +** +** ^If the nByte argument is less than zero, then zSql is read up to the +** first zero terminator. ^If nByte is non-negative, then it is the maximum +** number of bytes read from zSql. ^When nByte is non-negative, the +** zSql string ends at either the first '\000' or '\u0000' character or +** the nByte-th byte, whichever comes first. If the caller knows +** that the supplied string is nul-terminated, then there is a small +** performance advantage to be gained by passing an nByte parameter that +** is equal to the number of bytes in the input string including +** the nul-terminator bytes. +** +** ^If pzTail is not NULL then *pzTail is made to point to the first byte +** past the end of the first SQL statement in zSql. These routines only +** compile the first statement in zSql, so *pzTail is left pointing to +** what remains uncompiled. +** +** ^*ppStmt is left pointing to a compiled [prepared statement] that can be +** executed using [sqlite3_step()]. ^If there is an error, *ppStmt is set +** to NULL. ^If the input text contains no SQL (if the input is an empty +** string or a comment) then *ppStmt is set to NULL. +** The calling procedure is responsible for deleting the compiled +** SQL statement using [sqlite3_finalize()] after it has finished with it. +** ppStmt may not be NULL. +** +** ^On success, the sqlite3_prepare() family of routines return [SQLITE_OK]; +** otherwise an [error code] is returned. +** +** The sqlite3_prepare_v2() and sqlite3_prepare16_v2() interfaces are +** recommended for all new programs. The two older interfaces are retained +** for backwards compatibility, but their use is discouraged. +** ^In the "v2" interfaces, the prepared statement +** that is returned (the [sqlite3_stmt] object) contains a copy of the +** original SQL text. This causes the [sqlite3_step()] interface to +** behave differently in three ways: +** +**
    +**
  1. +** ^If the database schema changes, instead of returning [SQLITE_SCHEMA] as it +** always used to do, [sqlite3_step()] will automatically recompile the SQL +** statement and try to run it again. ^If the schema has changed in +** a way that makes the statement no longer valid, [sqlite3_step()] will still +** return [SQLITE_SCHEMA]. But unlike the legacy behavior, [SQLITE_SCHEMA] is +** now a fatal error. Calling [sqlite3_prepare_v2()] again will not make the +** error go away. Note: use [sqlite3_errmsg()] to find the text +** of the parsing error that results in an [SQLITE_SCHEMA] return. +**
    2. +** +**
  2. +** ^When an error occurs, [sqlite3_step()] will return one of the detailed +** [error codes] or [extended error codes]. ^The legacy behavior was that +** [sqlite3_step()] would only return a generic [SQLITE_ERROR] result code +** and the application would have to make a second call to [sqlite3_reset()] +** in order to find the underlying cause of the problem. With the "v2" prepare +** interfaces, the underlying reason for the error is returned immediately. +**
    3. +** +**
  3. +** ^If the value of a [parameter | host parameter] in the WHERE clause might +** change the query plan for a statement, then the statement may be +** automatically recompiled (as if there had been a schema change) on the first +** [sqlite3_step()] call following any change to the +** [sqlite3_bind_text | bindings] of the [parameter]. +**
    4. +**
+*/ +SQLITE_API int sqlite3_prepare( + sqlite3 *db, /* Database handle */ + const char *zSql, /* SQL statement, UTF-8 encoded */ + int nByte, /* Maximum length of zSql in bytes. */ + sqlite3_stmt **ppStmt, /* OUT: Statement handle */ + const char **pzTail /* OUT: Pointer to unused portion of zSql */ +); +SQLITE_API int sqlite3_prepare_v2( + sqlite3 *db, /* Database handle */ + const char *zSql, /* SQL statement, UTF-8 encoded */ + int nByte, /* Maximum length of zSql in bytes. */ + sqlite3_stmt **ppStmt, /* OUT: Statement handle */ + const char **pzTail /* OUT: Pointer to unused portion of zSql */ +); +SQLITE_API int sqlite3_prepare16( + sqlite3 *db, /* Database handle */ + const void *zSql, /* SQL statement, UTF-16 encoded */ + int nByte, /* Maximum length of zSql in bytes. */ + sqlite3_stmt **ppStmt, /* OUT: Statement handle */ + const void **pzTail /* OUT: Pointer to unused portion of zSql */ +); +SQLITE_API int sqlite3_prepare16_v2( + sqlite3 *db, /* Database handle */ + const void *zSql, /* SQL statement, UTF-16 encoded */ + int nByte, /* Maximum length of zSql in bytes. */ + sqlite3_stmt **ppStmt, /* OUT: Statement handle */ + const void **pzTail /* OUT: Pointer to unused portion of zSql */ +); + +/* +** CAPI3REF: Retrieving Statement SQL +** +** ^This interface can be used to retrieve a saved copy of the original +** SQL text used to create a [prepared statement] if that statement was +** compiled using either [sqlite3_prepare_v2()] or [sqlite3_prepare16_v2()]. +*/ +SQLITE_API const char *sqlite3_sql(sqlite3_stmt *pStmt); + +/* +** CAPI3REF: Dynamically Typed Value Object +** KEYWORDS: {protected sqlite3_value} {unprotected sqlite3_value} +** +** SQLite uses the sqlite3_value object to represent all values +** that can be stored in a database table. SQLite uses dynamic typing +** for the values it stores. ^Values stored in sqlite3_value objects +** can be integers, floating point values, strings, BLOBs, or NULL. +** +** An sqlite3_value object may be either "protected" or "unprotected". +** Some interfaces require a protected sqlite3_value. Other interfaces +** will accept either a protected or an unprotected sqlite3_value. +** Every interface that accepts sqlite3_value arguments specifies +** whether or not it requires a protected sqlite3_value. +** +** The terms "protected" and "unprotected" refer to whether or not +** a mutex is held. A internal mutex is held for a protected +** sqlite3_value object but no mutex is held for an unprotected +** sqlite3_value object. If SQLite is compiled to be single-threaded +** (with [SQLITE_THREADSAFE=0] and with [sqlite3_threadsafe()] returning 0) +** or if SQLite is run in one of reduced mutex modes +** [SQLITE_CONFIG_SINGLETHREAD] or [SQLITE_CONFIG_MULTITHREAD] +** then there is no distinction between protected and unprotected +** sqlite3_value objects and they can be used interchangeably. However, +** for maximum code portability it is recommended that applications +** still make the distinction between between protected and unprotected +** sqlite3_value objects even when not strictly required. +** +** ^The sqlite3_value objects that are passed as parameters into the +** implementation of [application-defined SQL functions] are protected. +** ^The sqlite3_value object returned by +** [sqlite3_column_value()] is unprotected. +** Unprotected sqlite3_value objects may only be used with +** [sqlite3_result_value()] and [sqlite3_bind_value()]. +** The [sqlite3_value_blob | sqlite3_value_type()] family of +** interfaces require protected sqlite3_value objects. +*/ +typedef struct Mem sqlite3_value; + +/* +** CAPI3REF: SQL Function Context Object +** +** The context in which an SQL function executes is stored in an +** sqlite3_context object. ^A pointer to an sqlite3_context object +** is always first parameter to [application-defined SQL functions]. +** The application-defined SQL function implementation will pass this +** pointer through into calls to [sqlite3_result_int | sqlite3_result()], +** [sqlite3_aggregate_context()], [sqlite3_user_data()], +** [sqlite3_context_db_handle()], [sqlite3_get_auxdata()], +** and/or [sqlite3_set_auxdata()]. +*/ +typedef struct sqlite3_context sqlite3_context; + +/* +** CAPI3REF: Binding Values To Prepared Statements +** KEYWORDS: {host parameter} {host parameters} {host parameter name} +** KEYWORDS: {SQL parameter} {SQL parameters} {parameter binding} +** +** ^(In the SQL statement text input to [sqlite3_prepare_v2()] and its variants, +** literals may be replaced by a [parameter] that matches one of following +** templates: +** +**
    +**
  • ? +**
  • ?NNN +**
  • :VVV +**
  • @VVV +**
  • $VVV +**
+** +** In the templates above, NNN represents an integer literal, +** and VVV represents an alphanumeric identifer.)^ ^The values of these +** parameters (also called "host parameter names" or "SQL parameters") +** can be set using the sqlite3_bind_*() routines defined here. +** +** ^The first argument to the sqlite3_bind_*() routines is always +** a pointer to the [sqlite3_stmt] object returned from +** [sqlite3_prepare_v2()] or its variants. +** +** ^The second argument is the index of the SQL parameter to be set. +** ^The leftmost SQL parameter has an index of 1. ^When the same named +** SQL parameter is used more than once, second and subsequent +** occurrences have the same index as the first occurrence. +** ^The index for named parameters can be looked up using the +** [sqlite3_bind_parameter_index()] API if desired. ^The index +** for "?NNN" parameters is the value of NNN. +** ^The NNN value must be between 1 and the [sqlite3_limit()] +** parameter [SQLITE_LIMIT_VARIABLE_NUMBER] (default value: 999). +** +** ^The third argument is the value to bind to the parameter. +** +** ^(In those routines that have a fourth argument, its value is the +** number of bytes in the parameter. To be clear: the value is the +** number of bytes in the value, not the number of characters.)^ +** ^If the fourth parameter is negative, the length of the string is +** the number of bytes up to the first zero terminator. +** +** ^The fifth argument to sqlite3_bind_blob(), sqlite3_bind_text(), and +** sqlite3_bind_text16() is a destructor used to dispose of the BLOB or +** string after SQLite has finished with it. ^If the fifth argument is +** the special value [SQLITE_STATIC], then SQLite assumes that the +** information is in static, unmanaged space and does not need to be freed. +** ^If the fifth argument has the value [SQLITE_TRANSIENT], then +** SQLite makes its own private copy of the data immediately, before +** the sqlite3_bind_*() routine returns. +** +** ^The sqlite3_bind_zeroblob() routine binds a BLOB of length N that +** is filled with zeroes. ^A zeroblob uses a fixed amount of memory +** (just an integer to hold its size) while it is being processed. +** Zeroblobs are intended to serve as placeholders for BLOBs whose +** content is later written using +** [sqlite3_blob_open | incremental BLOB I/O] routines. +** ^A negative value for the zeroblob results in a zero-length BLOB. +** +** ^If any of the sqlite3_bind_*() routines are called with a NULL pointer +** for the [prepared statement] or with a prepared statement for which +** [sqlite3_step()] has been called more recently than [sqlite3_reset()], +** then the call will return [SQLITE_MISUSE]. If any sqlite3_bind_() +** routine is passed a [prepared statement] that has been finalized, the +** result is undefined and probably harmful. +** +** ^Bindings are not cleared by the [sqlite3_reset()] routine. +** ^Unbound parameters are interpreted as NULL. +** +** ^The sqlite3_bind_* routines return [SQLITE_OK] on success or an +** [error code] if anything goes wrong. +** ^[SQLITE_RANGE] is returned if the parameter +** index is out of range. ^[SQLITE_NOMEM] is returned if malloc() fails. +** +** See also: [sqlite3_bind_parameter_count()], +** [sqlite3_bind_parameter_name()], and [sqlite3_bind_parameter_index()]. +*/ +SQLITE_API int sqlite3_bind_blob(sqlite3_stmt*, int, const void*, int n, void(*)(void*)); +SQLITE_API int sqlite3_bind_double(sqlite3_stmt*, int, double); +SQLITE_API int sqlite3_bind_int(sqlite3_stmt*, int, int); +SQLITE_API int sqlite3_bind_int64(sqlite3_stmt*, int, sqlite3_int64); +SQLITE_API int sqlite3_bind_null(sqlite3_stmt*, int); +SQLITE_API int sqlite3_bind_text(sqlite3_stmt*, int, const char*, int n, void(*)(void*)); +SQLITE_API int sqlite3_bind_text16(sqlite3_stmt*, int, const void*, int, void(*)(void*)); +SQLITE_API int sqlite3_bind_value(sqlite3_stmt*, int, const sqlite3_value*); +SQLITE_API int sqlite3_bind_zeroblob(sqlite3_stmt*, int, int n); + +/* +** CAPI3REF: Number Of SQL Parameters +** +** ^This routine can be used to find the number of [SQL parameters] +** in a [prepared statement]. SQL parameters are tokens of the +** form "?", "?NNN", ":AAA", "$AAA", or "@AAA" that serve as +** placeholders for values that are [sqlite3_bind_blob | bound] +** to the parameters at a later time. +** +** ^(This routine actually returns the index of the largest (rightmost) +** parameter. For all forms except ?NNN, this will correspond to the +** number of unique parameters. If parameters of the ?NNN form are used, +** there may be gaps in the list.)^ +** +** See also: [sqlite3_bind_blob|sqlite3_bind()], +** [sqlite3_bind_parameter_name()], and +** [sqlite3_bind_parameter_index()]. +*/ +SQLITE_API int sqlite3_bind_parameter_count(sqlite3_stmt*); + +/* +** CAPI3REF: Name Of A Host Parameter +** +** ^The sqlite3_bind_parameter_name(P,N) interface returns +** the name of the N-th [SQL parameter] in the [prepared statement] P. +** ^(SQL parameters of the form "?NNN" or ":AAA" or "@AAA" or "$AAA" +** have a name which is the string "?NNN" or ":AAA" or "@AAA" or "$AAA" +** respectively. +** In other words, the initial ":" or "$" or "@" or "?" +** is included as part of the name.)^ +** ^Parameters of the form "?" without a following integer have no name +** and are referred to as "nameless" or "anonymous parameters". +** +** ^The first host parameter has an index of 1, not 0. +** +** ^If the value N is out of range or if the N-th parameter is +** nameless, then NULL is returned. ^The returned string is +** always in UTF-8 encoding even if the named parameter was +** originally specified as UTF-16 in [sqlite3_prepare16()] or +** [sqlite3_prepare16_v2()]. +** +** See also: [sqlite3_bind_blob|sqlite3_bind()], +** [sqlite3_bind_parameter_count()], and +** [sqlite3_bind_parameter_index()]. +*/ +SQLITE_API const char *sqlite3_bind_parameter_name(sqlite3_stmt*, int); + +/* +** CAPI3REF: Index Of A Parameter With A Given Name +** +** ^Return the index of an SQL parameter given its name. ^The +** index value returned is suitable for use as the second +** parameter to [sqlite3_bind_blob|sqlite3_bind()]. ^A zero +** is returned if no matching parameter is found. ^The parameter +** name must be given in UTF-8 even if the original statement +** was prepared from UTF-16 text using [sqlite3_prepare16_v2()]. +** +** See also: [sqlite3_bind_blob|sqlite3_bind()], +** [sqlite3_bind_parameter_count()], and +** [sqlite3_bind_parameter_index()]. +*/ +SQLITE_API int sqlite3_bind_parameter_index(sqlite3_stmt*, const char *zName); + +/* +** CAPI3REF: Reset All Bindings On A Prepared Statement +** +** ^Contrary to the intuition of many, [sqlite3_reset()] does not reset +** the [sqlite3_bind_blob | bindings] on a [prepared statement]. +** ^Use this routine to reset all host parameters to NULL. +*/ +SQLITE_API int sqlite3_clear_bindings(sqlite3_stmt*); + +/* +** CAPI3REF: Number Of Columns In A Result Set +** +** ^Return the number of columns in the result set returned by the +** [prepared statement]. ^This routine returns 0 if pStmt is an SQL +** statement that does not return data (for example an [UPDATE]). +*/ +SQLITE_API int sqlite3_column_count(sqlite3_stmt *pStmt); + +/* +** CAPI3REF: Column Names In A Result Set +** +** ^These routines return the name assigned to a particular column +** in the result set of a [SELECT] statement. ^The sqlite3_column_name() +** interface returns a pointer to a zero-terminated UTF-8 string +** and sqlite3_column_name16() returns a pointer to a zero-terminated +** UTF-16 string. ^The first parameter is the [prepared statement] +** that implements the [SELECT] statement. ^The second parameter is the +** column number. ^The leftmost column is number 0. +** +** ^The returned string pointer is valid until either the [prepared statement] +** is destroyed by [sqlite3_finalize()] or until the next call to +** sqlite3_column_name() or sqlite3_column_name16() on the same column. +** +** ^If sqlite3_malloc() fails during the processing of either routine +** (for example during a conversion from UTF-8 to UTF-16) then a +** NULL pointer is returned. +** +** ^The name of a result column is the value of the "AS" clause for +** that column, if there is an AS clause. If there is no AS clause +** then the name of the column is unspecified and may change from +** one release of SQLite to the next. +*/ +SQLITE_API const char *sqlite3_column_name(sqlite3_stmt*, int N); +SQLITE_API const void *sqlite3_column_name16(sqlite3_stmt*, int N); + +/* +** CAPI3REF: Source Of Data In A Query Result +** +** ^These routines provide a means to determine the database, table, and +** table column that is the origin of a particular result column in +** [SELECT] statement. +** ^The name of the database or table or column can be returned as +** either a UTF-8 or UTF-16 string. ^The _database_ routines return +** the database name, the _table_ routines return the table name, and +** the origin_ routines return the column name. +** ^The returned string is valid until the [prepared statement] is destroyed +** using [sqlite3_finalize()] or until the same information is requested +** again in a different encoding. +** +** ^The names returned are the original un-aliased names of the +** database, table, and column. +** +** ^The first argument to these interfaces is a [prepared statement]. +** ^These functions return information about the Nth result column returned by +** the statement, where N is the second function argument. +** ^The left-most column is column 0 for these routines. +** +** ^If the Nth column returned by the statement is an expression or +** subquery and is not a column value, then all of these functions return +** NULL. ^These routine might also return NULL if a memory allocation error +** occurs. ^Otherwise, they return the name of the attached database, table, +** or column that query result column was extracted from. +** +** ^As with all other SQLite APIs, those whose names end with "16" return +** UTF-16 encoded strings and the other functions return UTF-8. +** +** ^These APIs are only available if the library was compiled with the +** [SQLITE_ENABLE_COLUMN_METADATA] C-preprocessor symbol. +** +** If two or more threads call one or more of these routines against the same +** prepared statement and column at the same time then the results are +** undefined. +** +** If two or more threads call one or more +** [sqlite3_column_database_name | column metadata interfaces] +** for the same [prepared statement] and result column +** at the same time then the results are undefined. +*/ +SQLITE_API const char *sqlite3_column_database_name(sqlite3_stmt*,int); +SQLITE_API const void *sqlite3_column_database_name16(sqlite3_stmt*,int); +SQLITE_API const char *sqlite3_column_table_name(sqlite3_stmt*,int); +SQLITE_API const void *sqlite3_column_table_name16(sqlite3_stmt*,int); +SQLITE_API const char *sqlite3_column_origin_name(sqlite3_stmt*,int); +SQLITE_API const void *sqlite3_column_origin_name16(sqlite3_stmt*,int); + +/* +** CAPI3REF: Declared Datatype Of A Query Result +** +** ^(The first parameter is a [prepared statement]. +** If this statement is a [SELECT] statement and the Nth column of the +** returned result set of that [SELECT] is a table column (not an +** expression or subquery) then the declared type of the table +** column is returned.)^ ^If the Nth column of the result set is an +** expression or subquery, then a NULL pointer is returned. +** ^The returned string is always UTF-8 encoded. +** +** ^(For example, given the database schema: +** +** CREATE TABLE t1(c1 VARIANT); +** +** and the following statement to be compiled: +** +** SELECT c1 + 1, c1 FROM t1; +** +** this routine would return the string "VARIANT" for the second result +** column (i==1), and a NULL pointer for the first result column (i==0).)^ +** +** ^SQLite uses dynamic run-time typing. ^So just because a column +** is declared to contain a particular type does not mean that the +** data stored in that column is of the declared type. SQLite is +** strongly typed, but the typing is dynamic not static. ^Type +** is associated with individual values, not with the containers +** used to hold those values. +*/ +SQLITE_API const char *sqlite3_column_decltype(sqlite3_stmt*,int); +SQLITE_API const void *sqlite3_column_decltype16(sqlite3_stmt*,int); + +/* +** CAPI3REF: Evaluate An SQL Statement +** +** After a [prepared statement] has been prepared using either +** [sqlite3_prepare_v2()] or [sqlite3_prepare16_v2()] or one of the legacy +** interfaces [sqlite3_prepare()] or [sqlite3_prepare16()], this function +** must be called one or more times to evaluate the statement. +** +** The details of the behavior of the sqlite3_step() interface depend +** on whether the statement was prepared using the newer "v2" interface +** [sqlite3_prepare_v2()] and [sqlite3_prepare16_v2()] or the older legacy +** interface [sqlite3_prepare()] and [sqlite3_prepare16()]. The use of the +** new "v2" interface is recommended for new applications but the legacy +** interface will continue to be supported. +** +** ^In the legacy interface, the return value will be either [SQLITE_BUSY], +** [SQLITE_DONE], [SQLITE_ROW], [SQLITE_ERROR], or [SQLITE_MISUSE]. +** ^With the "v2" interface, any of the other [result codes] or +** [extended result codes] might be returned as well. +** +** ^[SQLITE_BUSY] means that the database engine was unable to acquire the +** database locks it needs to do its job. ^If the statement is a [COMMIT] +** or occurs outside of an explicit transaction, then you can retry the +** statement. If the statement is not a [COMMIT] and occurs within a +** explicit transaction then you should rollback the transaction before +** continuing. +** +** ^[SQLITE_DONE] means that the statement has finished executing +** successfully. sqlite3_step() should not be called again on this virtual +** machine without first calling [sqlite3_reset()] to reset the virtual +** machine back to its initial state. +** +** ^If the SQL statement being executed returns any data, then [SQLITE_ROW] +** is returned each time a new row of data is ready for processing by the +** caller. The values may be accessed using the [column access functions]. +** sqlite3_step() is called again to retrieve the next row of data. +** +** ^[SQLITE_ERROR] means that a run-time error (such as a constraint +** violation) has occurred. sqlite3_step() should not be called again on +** the VM. More information may be found by calling [sqlite3_errmsg()]. +** ^With the legacy interface, a more specific error code (for example, +** [SQLITE_INTERRUPT], [SQLITE_SCHEMA], [SQLITE_CORRUPT], and so forth) +** can be obtained by calling [sqlite3_reset()] on the +** [prepared statement]. ^In the "v2" interface, +** the more specific error code is returned directly by sqlite3_step(). +** +** [SQLITE_MISUSE] means that the this routine was called inappropriately. +** Perhaps it was called on a [prepared statement] that has +** already been [sqlite3_finalize | finalized] or on one that had +** previously returned [SQLITE_ERROR] or [SQLITE_DONE]. Or it could +** be the case that the same database connection is being used by two or +** more threads at the same moment in time. +** +** Goofy Interface Alert: In the legacy interface, the sqlite3_step() +** API always returns a generic error code, [SQLITE_ERROR], following any +** error other than [SQLITE_BUSY] and [SQLITE_MISUSE]. You must call +** [sqlite3_reset()] or [sqlite3_finalize()] in order to find one of the +** specific [error codes] that better describes the error. +** We admit that this is a goofy design. The problem has been fixed +** with the "v2" interface. If you prepare all of your SQL statements +** using either [sqlite3_prepare_v2()] or [sqlite3_prepare16_v2()] instead +** of the legacy [sqlite3_prepare()] and [sqlite3_prepare16()] interfaces, +** then the more specific [error codes] are returned directly +** by sqlite3_step(). The use of the "v2" interface is recommended. +*/ +SQLITE_API int sqlite3_step(sqlite3_stmt*); + +/* +** CAPI3REF: Number of columns in a result set +** +** ^The sqlite3_data_count(P) the number of columns in the +** of the result set of [prepared statement] P. +*/ +SQLITE_API int sqlite3_data_count(sqlite3_stmt *pStmt); + +/* +** CAPI3REF: Fundamental Datatypes +** KEYWORDS: SQLITE_TEXT +** +** ^(Every value in SQLite has one of five fundamental datatypes: +** +**
    +**
  • 64-bit signed integer +**
  • 64-bit IEEE floating point number +**
  • string +**
  • BLOB +**
  • NULL +**
)^ +** +** These constants are codes for each of those types. +** +** Note that the SQLITE_TEXT constant was also used in SQLite version 2 +** for a completely different meaning. Software that links against both +** SQLite version 2 and SQLite version 3 should use SQLITE3_TEXT, not +** SQLITE_TEXT. +*/ +#define SQLITE_INTEGER 1 +#define SQLITE_FLOAT 2 +#define SQLITE_BLOB 4 +#define SQLITE_NULL 5 +#ifdef SQLITE_TEXT +# undef SQLITE_TEXT +#else +# define SQLITE_TEXT 3 +#endif +#define SQLITE3_TEXT 3 + +/* +** CAPI3REF: Result Values From A Query +** KEYWORDS: {column access functions} +** +** These routines form the "result set" interface. +** +** ^These routines return information about a single column of the current +** result row of a query. ^In every case the first argument is a pointer +** to the [prepared statement] that is being evaluated (the [sqlite3_stmt*] +** that was returned from [sqlite3_prepare_v2()] or one of its variants) +** and the second argument is the index of the column for which information +** should be returned. ^The leftmost column of the result set has the index 0. +** ^The number of columns in the result can be determined using +** [sqlite3_column_count()]. +** +** If the SQL statement does not currently point to a valid row, or if the +** column index is out of range, the result is undefined. +** These routines may only be called when the most recent call to +** [sqlite3_step()] has returned [SQLITE_ROW] and neither +** [sqlite3_reset()] nor [sqlite3_finalize()] have been called subsequently. +** If any of these routines are called after [sqlite3_reset()] or +** [sqlite3_finalize()] or after [sqlite3_step()] has returned +** something other than [SQLITE_ROW], the results are undefined. +** If [sqlite3_step()] or [sqlite3_reset()] or [sqlite3_finalize()] +** are called from a different thread while any of these routines +** are pending, then the results are undefined. +** +** ^The sqlite3_column_type() routine returns the +** [SQLITE_INTEGER | datatype code] for the initial data type +** of the result column. ^The returned value is one of [SQLITE_INTEGER], +** [SQLITE_FLOAT], [SQLITE_TEXT], [SQLITE_BLOB], or [SQLITE_NULL]. The value +** returned by sqlite3_column_type() is only meaningful if no type +** conversions have occurred as described below. After a type conversion, +** the value returned by sqlite3_column_type() is undefined. Future +** versions of SQLite may change the behavior of sqlite3_column_type() +** following a type conversion. +** +** ^If the result is a BLOB or UTF-8 string then the sqlite3_column_bytes() +** routine returns the number of bytes in that BLOB or string. +** ^If the result is a UTF-16 string, then sqlite3_column_bytes() converts +** the string to UTF-8 and then returns the number of bytes. +** ^If the result is a numeric value then sqlite3_column_bytes() uses +** [sqlite3_snprintf()] to convert that value to a UTF-8 string and returns +** the number of bytes in that string. +** ^The value returned does not include the zero terminator at the end +** of the string. ^For clarity: the value returned is the number of +** bytes in the string, not the number of characters. +** +** ^Strings returned by sqlite3_column_text() and sqlite3_column_text16(), +** even empty strings, are always zero terminated. ^The return +** value from sqlite3_column_blob() for a zero-length BLOB is an arbitrary +** pointer, possibly even a NULL pointer. +** +** ^The sqlite3_column_bytes16() routine is similar to sqlite3_column_bytes() +** but leaves the result in UTF-16 in native byte order instead of UTF-8. +** ^The zero terminator is not included in this count. +** +** ^The object returned by [sqlite3_column_value()] is an +** [unprotected sqlite3_value] object. An unprotected sqlite3_value object +** may only be used with [sqlite3_bind_value()] and [sqlite3_result_value()]. +** If the [unprotected sqlite3_value] object returned by +** [sqlite3_column_value()] is used in any other way, including calls +** to routines like [sqlite3_value_int()], [sqlite3_value_text()], +** or [sqlite3_value_bytes()], then the behavior is undefined. +** +** These routines attempt to convert the value where appropriate. ^For +** example, if the internal representation is FLOAT and a text result +** is requested, [sqlite3_snprintf()] is used internally to perform the +** conversion automatically. ^(The following table details the conversions +** that are applied: +** +**
+** +**
Internal
Type 		Requested
Type 		Conversion +** +**
NULL INTEGER Result is 0 +**
NULL FLOAT Result is 0.0 +**
NULL TEXT Result is NULL pointer +**
NULL BLOB Result is NULL pointer +**
INTEGER FLOAT Convert from integer to float +**
INTEGER TEXT ASCII rendering of the integer +**
INTEGER BLOB Same as INTEGER->TEXT +**
FLOAT INTEGER Convert from float to integer +**
FLOAT TEXT ASCII rendering of the float +**
FLOAT BLOB Same as FLOAT->TEXT +**
TEXT INTEGER Use atoi() +**
TEXT FLOAT Use atof() +**
TEXT BLOB No change +**
BLOB INTEGER Convert to TEXT then use atoi() +**
BLOB FLOAT Convert to TEXT then use atof() +**
BLOB TEXT Add a zero terminator if needed +**
+**
)^ +** +** The table above makes reference to standard C library functions atoi() +** and atof(). SQLite does not really use these functions. It has its +** own equivalent internal routines. The atoi() and atof() names are +** used in the table for brevity and because they are familiar to most +** C programmers. +** +** ^Note that when type conversions occur, pointers returned by prior +** calls to sqlite3_column_blob(), sqlite3_column_text(), and/or +** sqlite3_column_text16() may be invalidated. +** ^(Type conversions and pointer invalidations might occur +** in the following cases: +** +**
    +**
  • The initial content is a BLOB and sqlite3_column_text() or +** sqlite3_column_text16() is called. A zero-terminator might +** need to be added to the string.
    • +**
  • The initial content is UTF-8 text and sqlite3_column_bytes16() or +** sqlite3_column_text16() is called. The content must be converted +** to UTF-16.
    • +**
  • The initial content is UTF-16 text and sqlite3_column_bytes() or +** sqlite3_column_text() is called. The content must be converted +** to UTF-8.
    • +**
)^ +** +** ^Conversions between UTF-16be and UTF-16le are always done in place and do +** not invalidate a prior pointer, though of course the content of the buffer +** that the prior pointer points to will have been modified. Other kinds +** of conversion are done in place when it is possible, but sometimes they +** are not possible and in those cases prior pointers are invalidated. +** +** ^(The safest and easiest to remember policy is to invoke these routines +** in one of the following ways: +** +**
    +**
  • sqlite3_column_text() followed by sqlite3_column_bytes()
    • +**
  • sqlite3_column_blob() followed by sqlite3_column_bytes()
    • +**
  • sqlite3_column_text16() followed by sqlite3_column_bytes16()
    • +**
)^ +** +** In other words, you should call sqlite3_column_text(), +** sqlite3_column_blob(), or sqlite3_column_text16() first to force the result +** into the desired format, then invoke sqlite3_column_bytes() or +** sqlite3_column_bytes16() to find the size of the result. Do not mix calls +** to sqlite3_column_text() or sqlite3_column_blob() with calls to +** sqlite3_column_bytes16(), and do not mix calls to sqlite3_column_text16() +** with calls to sqlite3_column_bytes(). +** +** ^The pointers returned are valid until a type conversion occurs as +** described above, or until [sqlite3_step()] or [sqlite3_reset()] or +** [sqlite3_finalize()] is called. ^The memory space used to hold strings +** and BLOBs is freed automatically. Do not pass the pointers returned +** [sqlite3_column_blob()], [sqlite3_column_text()], etc. into +** [sqlite3_free()]. +** +** ^(If a memory allocation error occurs during the evaluation of any +** of these routines, a default value is returned. The default value +** is either the integer 0, the floating point number 0.0, or a NULL +** pointer. Subsequent calls to [sqlite3_errcode()] will return +** [SQLITE_NOMEM].)^ +*/ +SQLITE_API const void *sqlite3_column_blob(sqlite3_stmt*, int iCol); +SQLITE_API int sqlite3_column_bytes(sqlite3_stmt*, int iCol); +SQLITE_API int sqlite3_column_bytes16(sqlite3_stmt*, int iCol); +SQLITE_API double sqlite3_column_double(sqlite3_stmt*, int iCol); +SQLITE_API int sqlite3_column_int(sqlite3_stmt*, int iCol); +SQLITE_API sqlite3_int64 sqlite3_column_int64(sqlite3_stmt*, int iCol); +SQLITE_API const unsigned char *sqlite3_column_text(sqlite3_stmt*, int iCol); +SQLITE_API const void *sqlite3_column_text16(sqlite3_stmt*, int iCol); +SQLITE_API int sqlite3_column_type(sqlite3_stmt*, int iCol); +SQLITE_API sqlite3_value *sqlite3_column_value(sqlite3_stmt*, int iCol); + +/* +** CAPI3REF: Destroy A Prepared Statement Object +** +** ^The sqlite3_finalize() function is called to delete a [prepared statement]. +** ^If the statement was executed successfully or not executed at all, then +** SQLITE_OK is returned. ^If execution of the statement failed then an +** [error code] or [extended error code] is returned. +** +** ^This routine can be called at any point during the execution of the +** [prepared statement]. ^If the virtual machine has not +** completed execution when this routine is called, that is like +** encountering an error or an [sqlite3_interrupt | interrupt]. +** ^Incomplete updates may be rolled back and transactions canceled, +** depending on the circumstances, and the +** [error code] returned will be [SQLITE_ABORT]. +*/ +SQLITE_API int sqlite3_finalize(sqlite3_stmt *pStmt); + +/* +** CAPI3REF: Reset A Prepared Statement Object +** +** The sqlite3_reset() function is called to reset a [prepared statement] +** object back to its initial state, ready to be re-executed. +** ^Any SQL statement variables that had values bound to them using +** the [sqlite3_bind_blob | sqlite3_bind_*() API] retain their values. +** Use [sqlite3_clear_bindings()] to reset the bindings. +** +** ^The [sqlite3_reset(S)] interface resets the [prepared statement] S +** back to the beginning of its program. +** +** ^If the most recent call to [sqlite3_step(S)] for the +** [prepared statement] S returned [SQLITE_ROW] or [SQLITE_DONE], +** or if [sqlite3_step(S)] has never before been called on S, +** then [sqlite3_reset(S)] returns [SQLITE_OK]. +** +** ^If the most recent call to [sqlite3_step(S)] for the +** [prepared statement] S indicated an error, then +** [sqlite3_reset(S)] returns an appropriate [error code]. +** +** ^The [sqlite3_reset(S)] interface does not change the values +** of any [sqlite3_bind_blob|bindings] on the [prepared statement] S. +*/ +SQLITE_API int sqlite3_reset(sqlite3_stmt *pStmt); + +/* +** CAPI3REF: Create Or Redefine SQL Functions +** KEYWORDS: {function creation routines} +** KEYWORDS: {application-defined SQL function} +** KEYWORDS: {application-defined SQL functions} +** +** ^These two functions (collectively known as "function creation routines") +** are used to add SQL functions or aggregates or to redefine the behavior +** of existing SQL functions or aggregates. The only difference between the +** two is that the second parameter, the name of the (scalar) function or +** aggregate, is encoded in UTF-8 for sqlite3_create_function() and UTF-16 +** for sqlite3_create_function16(). +** +** ^The first parameter is the [database connection] to which the SQL +** function is to be added. ^If an application uses more than one database +** connection then application-defined SQL functions must be added +** to each database connection separately. +** +** The second parameter is the name of the SQL function to be created or +** redefined. ^The length of the name is limited to 255 bytes, exclusive of +** the zero-terminator. Note that the name length limit is in bytes, not +** characters. ^Any attempt to create a function with a longer name +** will result in [SQLITE_ERROR] being returned. +** +** ^The third parameter (nArg) +** is the number of arguments that the SQL function or +** aggregate takes. ^If this parameter is -1, then the SQL function or +** aggregate may take any number of arguments between 0 and the limit +** set by [sqlite3_limit]([SQLITE_LIMIT_FUNCTION_ARG]). If the third +** parameter is less than -1 or greater than 127 then the behavior is +** undefined. +** +** The fourth parameter, eTextRep, specifies what +** [SQLITE_UTF8 | text encoding] this SQL function prefers for +** its parameters. Any SQL function implementation should be able to work +** work with UTF-8, UTF-16le, or UTF-16be. But some implementations may be +** more efficient with one encoding than another. ^An application may +** invoke sqlite3_create_function() or sqlite3_create_function16() multiple +** times with the same function but with different values of eTextRep. +** ^When multiple implementations of the same function are available, SQLite +** will pick the one that involves the least amount of data conversion. +** If there is only a single implementation which does not care what text +** encoding is used, then the fourth argument should be [SQLITE_ANY]. +** +** ^(The fifth parameter is an arbitrary pointer. The implementation of the +** function can gain access to this pointer using [sqlite3_user_data()].)^ +** +** The seventh, eighth and ninth parameters, xFunc, xStep and xFinal, are +** pointers to C-language functions that implement the SQL function or +** aggregate. ^A scalar SQL function requires an implementation of the xFunc +** callback only; NULL pointers should be passed as the xStep and xFinal +** parameters. ^An aggregate SQL function requires an implementation of xStep +** and xFinal and NULL should be passed for xFunc. ^To delete an existing +** SQL function or aggregate, pass NULL for all three function callbacks. +** +** ^It is permitted to register multiple implementations of the same +** functions with the same name but with either differing numbers of +** arguments or differing preferred text encodings. ^SQLite will use +** the implementation that most closely matches the way in which the +** SQL function is used. ^A function implementation with a non-negative +** nArg parameter is a better match than a function implementation with +** a negative nArg. ^A function where the preferred text encoding +** matches the database encoding is a better +** match than a function where the encoding is different. +** ^A function where the encoding difference is between UTF16le and UTF16be +** is a closer match than a function where the encoding difference is +** between UTF8 and UTF16. +** +** ^Built-in functions may be overloaded by new application-defined functions. +** ^The first application-defined function with a given name overrides all +** built-in functions in the same [database connection] with the same name. +** ^Subsequent application-defined functions of the same name only override +** prior application-defined functions that are an exact match for the +** number of parameters and preferred encoding. +** +** ^An application-defined function is permitted to call other +** SQLite interfaces. However, such calls must not +** close the database connection nor finalize or reset the prepared +** statement in which the function is running. +*/ +SQLITE_API int sqlite3_create_function( + sqlite3 *db, + const char *zFunctionName, + int nArg, + int eTextRep, + void *pApp, + void (*xFunc)(sqlite3_context*,int,sqlite3_value**), + void (*xStep)(sqlite3_context*,int,sqlite3_value**), + void (*xFinal)(sqlite3_context*) +); +SQLITE_API int sqlite3_create_function16( + sqlite3 *db, + const void *zFunctionName, + int nArg, + int eTextRep, + void *pApp, + void (*xFunc)(sqlite3_context*,int,sqlite3_value**), + void (*xStep)(sqlite3_context*,int,sqlite3_value**), + void (*xFinal)(sqlite3_context*) +); + +/* +** CAPI3REF: Text Encodings +** +** These constant define integer codes that represent the various +** text encodings supported by SQLite. +*/ +#define SQLITE_UTF8 1 +#define SQLITE_UTF16LE 2 +#define SQLITE_UTF16BE 3 +#define SQLITE_UTF16 4 /* Use native byte order */ +#define SQLITE_ANY 5 /* sqlite3_create_function only */ +#define SQLITE_UTF16_ALIGNED 8 /* sqlite3_create_collation only */ + +/* +** CAPI3REF: Deprecated Functions +** DEPRECATED +** +** These functions are [deprecated]. In order to maintain +** backwards compatibility with older code, these functions continue +** to be supported. However, new applications should avoid +** the use of these functions. To help encourage people to avoid +** using these functions, we are not going to tell you what they do. +*/ +#ifndef SQLITE_OMIT_DEPRECATED +SQLITE_API SQLITE_DEPRECATED int sqlite3_aggregate_count(sqlite3_context*); +SQLITE_API SQLITE_DEPRECATED int sqlite3_expired(sqlite3_stmt*); +SQLITE_API SQLITE_DEPRECATED int sqlite3_transfer_bindings(sqlite3_stmt*, sqlite3_stmt*); +SQLITE_API SQLITE_DEPRECATED int sqlite3_global_recover(void); +SQLITE_API SQLITE_DEPRECATED void sqlite3_thread_cleanup(void); +SQLITE_API SQLITE_DEPRECATED int sqlite3_memory_alarm(void(*)(void*,sqlite3_int64,int),void*,sqlite3_int64); +#endif + +/* +** CAPI3REF: Obtaining SQL Function Parameter Values +** +** The C-language implementation of SQL functions and aggregates uses +** this set of interface routines to access the parameter values on +** the function or aggregate. +** +** The xFunc (for scalar functions) or xStep (for aggregates) parameters +** to [sqlite3_create_function()] and [sqlite3_create_function16()] +** define callbacks that implement the SQL functions and aggregates. +** The 4th parameter to these callbacks is an array of pointers to +** [protected sqlite3_value] objects. There is one [sqlite3_value] object for +** each parameter to the SQL function. These routines are used to +** extract values from the [sqlite3_value] objects. +** +** These routines work only with [protected sqlite3_value] objects. +** Any attempt to use these routines on an [unprotected sqlite3_value] +** object results in undefined behavior. +** +** ^These routines work just like the corresponding [column access functions] +** except that these routines take a single [protected sqlite3_value] object +** pointer instead of a [sqlite3_stmt*] pointer and an integer column number. +** +** ^The sqlite3_value_text16() interface extracts a UTF-16 string +** in the native byte-order of the host machine. ^The +** sqlite3_value_text16be() and sqlite3_value_text16le() interfaces +** extract UTF-16 strings as big-endian and little-endian respectively. +** +** ^(The sqlite3_value_numeric_type() interface attempts to apply +** numeric affinity to the value. This means that an attempt is +** made to convert the value to an integer or floating point. If +** such a conversion is possible without loss of information (in other +** words, if the value is a string that looks like a number) +** then the conversion is performed. Otherwise no conversion occurs. +** The [SQLITE_INTEGER | datatype] after conversion is returned.)^ +** +** Please pay particular attention to the fact that the pointer returned +** from [sqlite3_value_blob()], [sqlite3_value_text()], or +** [sqlite3_value_text16()] can be invalidated by a subsequent call to +** [sqlite3_value_bytes()], [sqlite3_value_bytes16()], [sqlite3_value_text()], +** or [sqlite3_value_text16()]. +** +** These routines must be called from the same thread as +** the SQL function that supplied the [sqlite3_value*] parameters. +*/ +SQLITE_API const void *sqlite3_value_blob(sqlite3_value*); +SQLITE_API int sqlite3_value_bytes(sqlite3_value*); +SQLITE_API int sqlite3_value_bytes16(sqlite3_value*); +SQLITE_API double sqlite3_value_double(sqlite3_value*); +SQLITE_API int sqlite3_value_int(sqlite3_value*); +SQLITE_API sqlite3_int64 sqlite3_value_int64(sqlite3_value*); +SQLITE_API const unsigned char *sqlite3_value_text(sqlite3_value*); +SQLITE_API const void *sqlite3_value_text16(sqlite3_value*); +SQLITE_API const void *sqlite3_value_text16le(sqlite3_value*); +SQLITE_API const void *sqlite3_value_text16be(sqlite3_value*); +SQLITE_API int sqlite3_value_type(sqlite3_value*); +SQLITE_API int sqlite3_value_numeric_type(sqlite3_value*); + +/* +** CAPI3REF: Obtain Aggregate Function Context +** +** Implementions of aggregate SQL functions use this +** routine to allocate memory for storing their state. +** +** ^The first time the sqlite3_aggregate_context(C,N) routine is called +** for a particular aggregate function, SQLite +** allocates N of memory, zeroes out that memory, and returns a pointer +** to the new memory. ^On second and subsequent calls to +** sqlite3_aggregate_context() for the same aggregate function instance, +** the same buffer is returned. Sqlite3_aggregate_context() is normally +** called once for each invocation of the xStep callback and then one +** last time when the xFinal callback is invoked. ^(When no rows match +** an aggregate query, the xStep() callback of the aggregate function +** implementation is never called and xFinal() is called exactly once. +** In those cases, sqlite3_aggregate_context() might be called for the +** first time from within xFinal().)^ +** +** ^The sqlite3_aggregate_context(C,N) routine returns a NULL pointer if N is +** less than or equal to zero or if a memory allocate error occurs. +** +** ^(The amount of space allocated by sqlite3_aggregate_context(C,N) is +** determined by the N parameter on first successful call. Changing the +** value of N in subsequent call to sqlite3_aggregate_context() within +** the same aggregate function instance will not resize the memory +** allocation.)^ +** +** ^SQLite automatically frees the memory allocated by +** sqlite3_aggregate_context() when the aggregate query concludes. +** +** The first parameter must be a copy of the +** [sqlite3_context | SQL function context] that is the first parameter +** to the xStep or xFinal callback routine that implements the aggregate +** function. +** +** This routine must be called from the same thread in which +** the aggregate SQL function is running. +*/ +SQLITE_API void *sqlite3_aggregate_context(sqlite3_context*, int nBytes); + +/* +** CAPI3REF: User Data For Functions +** +** ^The sqlite3_user_data() interface returns a copy of +** the pointer that was the pUserData parameter (the 5th parameter) +** of the [sqlite3_create_function()] +** and [sqlite3_create_function16()] routines that originally +** registered the application defined function. +** +** This routine must be called from the same thread in which +** the application-defined function is running. +*/ +SQLITE_API void *sqlite3_user_data(sqlite3_context*); + +/* +** CAPI3REF: Database Connection For Functions +** +** ^The sqlite3_context_db_handle() interface returns a copy of +** the pointer to the [database connection] (the 1st parameter) +** of the [sqlite3_create_function()] +** and [sqlite3_create_function16()] routines that originally +** registered the application defined function. +*/ +SQLITE_API sqlite3 *sqlite3_context_db_handle(sqlite3_context*); + +/* +** CAPI3REF: Function Auxiliary Data +** +** The following two functions may be used by scalar SQL functions to +** associate metadata with argument values. If the same value is passed to +** multiple invocations of the same SQL function during query execution, under +** some circumstances the associated metadata may be preserved. This may +** be used, for example, to add a regular-expression matching scalar +** function. The compiled version of the regular expression is stored as +** metadata associated with the SQL value passed as the regular expression +** pattern. The compiled regular expression can be reused on multiple +** invocations of the same function so that the original pattern string +** does not need to be recompiled on each invocation. +** +** ^The sqlite3_get_auxdata() interface returns a pointer to the metadata +** associated by the sqlite3_set_auxdata() function with the Nth argument +** value to the application-defined function. ^If no metadata has been ever +** been set for the Nth argument of the function, or if the corresponding +** function parameter has changed since the meta-data was set, +** then sqlite3_get_auxdata() returns a NULL pointer. +** +** ^The sqlite3_set_auxdata() interface saves the metadata +** pointed to by its 3rd parameter as the metadata for the N-th +** argument of the application-defined function. Subsequent +** calls to sqlite3_get_auxdata() might return this data, if it has +** not been destroyed. +** ^If it is not NULL, SQLite will invoke the destructor +** function given by the 4th parameter to sqlite3_set_auxdata() on +** the metadata when the corresponding function parameter changes +** or when the SQL statement completes, whichever comes first. +** +** SQLite is free to call the destructor and drop metadata on any +** parameter of any function at any time. ^The only guarantee is that +** the destructor will be called before the metadata is dropped. +** +** ^(In practice, metadata is preserved between function calls for +** expressions that are constant at compile time. This includes literal +** values and [parameters].)^ +** +** These routines must be called from the same thread in which +** the SQL function is running. +*/ +SQLITE_API void *sqlite3_get_auxdata(sqlite3_context*, int N); +SQLITE_API void sqlite3_set_auxdata(sqlite3_context*, int N, void*, void (*)(void*)); + + +/* +** CAPI3REF: Constants Defining Special Destructor Behavior +** +** These are special values for the destructor that is passed in as the +** final argument to routines like [sqlite3_result_blob()]. ^If the destructor +** argument is SQLITE_STATIC, it means that the content pointer is constant +** and will never change. It does not need to be destroyed. ^The +** SQLITE_TRANSIENT value means that the content will likely change in +** the near future and that SQLite should make its own private copy of +** the content before returning. +** +** The typedef is necessary to work around problems in certain +** C++ compilers. See ticket #2191. +*/ +typedef void (*sqlite3_destructor_type)(void*); +#define SQLITE_STATIC ((sqlite3_destructor_type)0) +#define SQLITE_TRANSIENT ((sqlite3_destructor_type)-1) + +/* +** CAPI3REF: Setting The Result Of An SQL Function +** +** These routines are used by the xFunc or xFinal callbacks that +** implement SQL functions and aggregates. See +** [sqlite3_create_function()] and [sqlite3_create_function16()] +** for additional information. +** +** These functions work very much like the [parameter binding] family of +** functions used to bind values to host parameters in prepared statements. +** Refer to the [SQL parameter] documentation for additional information. +** +** ^The sqlite3_result_blob() interface sets the result from +** an application-defined function to be the BLOB whose content is pointed +** to by the second parameter and which is N bytes long where N is the +** third parameter. +** +** ^The sqlite3_result_zeroblob() interfaces set the result of +** the application-defined function to be a BLOB containing all zero +** bytes and N bytes in size, where N is the value of the 2nd parameter. +** +** ^The sqlite3_result_double() interface sets the result from +** an application-defined function to be a floating point value specified +** by its 2nd argument. +** +** ^The sqlite3_result_error() and sqlite3_result_error16() functions +** cause the implemented SQL function to throw an exception. +** ^SQLite uses the string pointed to by the +** 2nd parameter of sqlite3_result_error() or sqlite3_result_error16() +** as the text of an error message. ^SQLite interprets the error +** message string from sqlite3_result_error() as UTF-8. ^SQLite +** interprets the string from sqlite3_result_error16() as UTF-16 in native +** byte order. ^If the third parameter to sqlite3_result_error() +** or sqlite3_result_error16() is negative then SQLite takes as the error +** message all text up through the first zero character. +** ^If the third parameter to sqlite3_result_error() or +** sqlite3_result_error16() is non-negative then SQLite takes that many +** bytes (not characters) from the 2nd parameter as the error message. +** ^The sqlite3_result_error() and sqlite3_result_error16() +** routines make a private copy of the error message text before +** they return. Hence, the calling function can deallocate or +** modify the text after they return without harm. +** ^The sqlite3_result_error_code() function changes the error code +** returned by SQLite as a result of an error in a function. ^By default, +** the error code is SQLITE_ERROR. ^A subsequent call to sqlite3_result_error() +** or sqlite3_result_error16() resets the error code to SQLITE_ERROR. +** +** ^The sqlite3_result_toobig() interface causes SQLite to throw an error +** indicating that a string or BLOB is too long to represent. +** +** ^The sqlite3_result_nomem() interface causes SQLite to throw an error +** indicating that a memory allocation failed. +** +** ^The sqlite3_result_int() interface sets the return value +** of the application-defined function to be the 32-bit signed integer +** value given in the 2nd argument. +** ^The sqlite3_result_int64() interface sets the return value +** of the application-defined function to be the 64-bit signed integer +** value given in the 2nd argument. +** +** ^The sqlite3_result_null() interface sets the return value +** of the application-defined function to be NULL. +** +** ^The sqlite3_result_text(), sqlite3_result_text16(), +** sqlite3_result_text16le(), and sqlite3_result_text16be() interfaces +** set the return value of the application-defined function to be +** a text string which is represented as UTF-8, UTF-16 native byte order, +** UTF-16 little endian, or UTF-16 big endian, respectively. +** ^SQLite takes the text result from the application from +** the 2nd parameter of the sqlite3_result_text* interfaces. +** ^If the 3rd parameter to the sqlite3_result_text* interfaces +** is negative, then SQLite takes result text from the 2nd parameter +** through the first zero character. +** ^If the 3rd parameter to the sqlite3_result_text* interfaces +** is non-negative, then as many bytes (not characters) of the text +** pointed to by the 2nd parameter are taken as the application-defined +** function result. +** ^If the 4th parameter to the sqlite3_result_text* interfaces +** or sqlite3_result_blob is a non-NULL pointer, then SQLite calls that +** function as the destructor on the text or BLOB result when it has +** finished using that result. +** ^If the 4th parameter to the sqlite3_result_text* interfaces or to +** sqlite3_result_blob is the special constant SQLITE_STATIC, then SQLite +** assumes that the text or BLOB result is in constant space and does not +** copy the content of the parameter nor call a destructor on the content +** when it has finished using that result. +** ^If the 4th parameter to the sqlite3_result_text* interfaces +** or sqlite3_result_blob is the special constant SQLITE_TRANSIENT +** then SQLite makes a copy of the result into space obtained from +** from [sqlite3_malloc()] before it returns. +** +** ^The sqlite3_result_value() interface sets the result of +** the application-defined function to be a copy the +** [unprotected sqlite3_value] object specified by the 2nd parameter. ^The +** sqlite3_result_value() interface makes a copy of the [sqlite3_value] +** so that the [sqlite3_value] specified in the parameter may change or +** be deallocated after sqlite3_result_value() returns without harm. +** ^A [protected sqlite3_value] object may always be used where an +** [unprotected sqlite3_value] object is required, so either +** kind of [sqlite3_value] object can be used with this interface. +** +** If these routines are called from within the different thread +** than the one containing the application-defined function that received +** the [sqlite3_context] pointer, the results are undefined. +*/ +SQLITE_API void sqlite3_result_blob(sqlite3_context*, const void*, int, void(*)(void*)); +SQLITE_API void sqlite3_result_double(sqlite3_context*, double); +SQLITE_API void sqlite3_result_error(sqlite3_context*, const char*, int); +SQLITE_API void sqlite3_result_error16(sqlite3_context*, const void*, int); +SQLITE_API void sqlite3_result_error_toobig(sqlite3_context*); +SQLITE_API void sqlite3_result_error_nomem(sqlite3_context*); +SQLITE_API void sqlite3_result_error_code(sqlite3_context*, int); +SQLITE_API void sqlite3_result_int(sqlite3_context*, int); +SQLITE_API void sqlite3_result_int64(sqlite3_context*, sqlite3_int64); +SQLITE_API void sqlite3_result_null(sqlite3_context*); +SQLITE_API void sqlite3_result_text(sqlite3_context*, const char*, int, void(*)(void*)); +SQLITE_API void sqlite3_result_text16(sqlite3_context*, const void*, int, void(*)(void*)); +SQLITE_API void sqlite3_result_text16le(sqlite3_context*, const void*, int,void(*)(void*)); +SQLITE_API void sqlite3_result_text16be(sqlite3_context*, const void*, int,void(*)(void*)); +SQLITE_API void sqlite3_result_value(sqlite3_context*, sqlite3_value*); +SQLITE_API void sqlite3_result_zeroblob(sqlite3_context*, int n); + +/* +** CAPI3REF: Define New Collating Sequences +** +** These functions are used to add new collation sequences to the +** [database connection] specified as the first argument. +** +** ^The name of the new collation sequence is specified as a UTF-8 string +** for sqlite3_create_collation() and sqlite3_create_collation_v2() +** and a UTF-16 string for sqlite3_create_collation16(). ^In all cases +** the name is passed as the second function argument. +** +** ^The third argument may be one of the constants [SQLITE_UTF8], +** [SQLITE_UTF16LE], or [SQLITE_UTF16BE], indicating that the user-supplied +** routine expects to be passed pointers to strings encoded using UTF-8, +** UTF-16 little-endian, or UTF-16 big-endian, respectively. ^The +** third argument might also be [SQLITE_UTF16] to indicate that the routine +** expects pointers to be UTF-16 strings in the native byte order, or the +** argument can be [SQLITE_UTF16_ALIGNED] if the +** the routine expects pointers to 16-bit word aligned strings +** of UTF-16 in the native byte order. +** +** A pointer to the user supplied routine must be passed as the fifth +** argument. ^If it is NULL, this is the same as deleting the collation +** sequence (so that SQLite cannot call it anymore). +** ^Each time the application supplied function is invoked, it is passed +** as its first parameter a copy of the void* passed as the fourth argument +** to sqlite3_create_collation() or sqlite3_create_collation16(). +** +** ^The remaining arguments to the application-supplied routine are two strings, +** each represented by a (length, data) pair and encoded in the encoding +** that was passed as the third argument when the collation sequence was +** registered. The application defined collation routine should +** return negative, zero or positive if the first string is less than, +** equal to, or greater than the second string. i.e. (STRING1 - STRING2). +** +** ^The sqlite3_create_collation_v2() works like sqlite3_create_collation() +** except that it takes an extra argument which is a destructor for +** the collation. ^The destructor is called when the collation is +** destroyed and is passed a copy of the fourth parameter void* pointer +** of the sqlite3_create_collation_v2(). +** ^Collations are destroyed when they are overridden by later calls to the +** collation creation functions or when the [database connection] is closed +** using [sqlite3_close()]. +** +** See also: [sqlite3_collation_needed()] and [sqlite3_collation_needed16()]. +*/ +SQLITE_API int sqlite3_create_collation( + sqlite3*, + const char *zName, + int eTextRep, + void*, + int(*xCompare)(void*,int,const void*,int,const void*) +); +SQLITE_API int sqlite3_create_collation_v2( + sqlite3*, + const char *zName, + int eTextRep, + void*, + int(*xCompare)(void*,int,const void*,int,const void*), + void(*xDestroy)(void*) +); +SQLITE_API int sqlite3_create_collation16( + sqlite3*, + const void *zName, + int eTextRep, + void*, + int(*xCompare)(void*,int,const void*,int,const void*) +); + +/* +** CAPI3REF: Collation Needed Callbacks +** +** ^To avoid having to register all collation sequences before a database +** can be used, a single callback function may be registered with the +** [database connection] to be invoked whenever an undefined collation +** sequence is required. +** +** ^If the function is registered using the sqlite3_collation_needed() API, +** then it is passed the names of undefined collation sequences as strings +** encoded in UTF-8. ^If sqlite3_collation_needed16() is used, +** the names are passed as UTF-16 in machine native byte order. +** ^A call to either function replaces the existing collation-needed callback. +** +** ^(When the callback is invoked, the first argument passed is a copy +** of the second argument to sqlite3_collation_needed() or +** sqlite3_collation_needed16(). The second argument is the database +** connection. The third argument is one of [SQLITE_UTF8], [SQLITE_UTF16BE], +** or [SQLITE_UTF16LE], indicating the most desirable form of the collation +** sequence function required. The fourth parameter is the name of the +** required collation sequence.)^ +** +** The callback function should register the desired collation using +** [sqlite3_create_collation()], [sqlite3_create_collation16()], or +** [sqlite3_create_collation_v2()]. +*/ +SQLITE_API int sqlite3_collation_needed( + sqlite3*, + void*, + void(*)(void*,sqlite3*,int eTextRep,const char*) +); +SQLITE_API int sqlite3_collation_needed16( + sqlite3*, + void*, + void(*)(void*,sqlite3*,int eTextRep,const void*) +); + +#if SQLITE_HAS_CODEC +/* +** Specify the key for an encrypted database. This routine should be +** called right after sqlite3_open(). +** +** The code to implement this API is not available in the public release +** of SQLite. +*/ +SQLITE_API int sqlite3_key( + sqlite3 *db, /* Database to be rekeyed */ + const void *pKey, int nKey /* The key */ +); + +/* +** Change the key on an open database. If the current database is not +** encrypted, this routine will encrypt it. If pNew==0 or nNew==0, the +** database is decrypted. +** +** The code to implement this API is not available in the public release +** of SQLite. +*/ +SQLITE_API int sqlite3_rekey( + sqlite3 *db, /* Database to be rekeyed */ + const void *pKey, int nKey /* The new key */ +); + +/* +** Specify the activation key for a SEE database. Unless +** activated, none of the SEE routines will work. +*/ +SQLITE_API void sqlite3_activate_see( + const char *zPassPhrase /* Activation phrase */ +); +#endif + +#ifdef SQLITE_ENABLE_CEROD +/* +** Specify the activation key for a CEROD database. Unless +** activated, none of the CEROD routines will work. +*/ +SQLITE_API void sqlite3_activate_cerod( + const char *zPassPhrase /* Activation phrase */ +); +#endif + +/* +** CAPI3REF: Suspend Execution For A Short Time +** +** ^The sqlite3_sleep() function causes the current thread to suspend execution +** for at least a number of milliseconds specified in its parameter. +** +** ^If the operating system does not support sleep requests with +** millisecond time resolution, then the time will be rounded up to +** the nearest second. ^The number of milliseconds of sleep actually +** requested from the operating system is returned. +** +** ^SQLite implements this interface by calling the xSleep() +** method of the default [sqlite3_vfs] object. +*/ +SQLITE_API int sqlite3_sleep(int); + +/* +** CAPI3REF: Name Of The Folder Holding Temporary Files +** +** ^(If this global variable is made to point to a string which is +** the name of a folder (a.k.a. directory), then all temporary files +** created by SQLite when using a built-in [sqlite3_vfs | VFS] +** will be placed in that directory.)^ ^If this variable +** is a NULL pointer, then SQLite performs a search for an appropriate +** temporary file directory. +** +** It is not safe to read or modify this variable in more than one +** thread at a time. It is not safe to read or modify this variable +** if a [database connection] is being used at the same time in a separate +** thread. +** It is intended that this variable be set once +** as part of process initialization and before any SQLite interface +** routines have been called and that this variable remain unchanged +** thereafter. +** +** ^The [temp_store_directory pragma] may modify this variable and cause +** it to point to memory obtained from [sqlite3_malloc]. ^Furthermore, +** the [temp_store_directory pragma] always assumes that any string +** that this variable points to is held in memory obtained from +** [sqlite3_malloc] and the pragma may attempt to free that memory +** using [sqlite3_free]. +** Hence, if this variable is modified directly, either it should be +** made NULL or made to point to memory obtained from [sqlite3_malloc] +** or else the use of the [temp_store_directory pragma] should be avoided. +*/ +SQLITE_API char *sqlite3_temp_directory; + +/* +** CAPI3REF: Test For Auto-Commit Mode +** KEYWORDS: {autocommit mode} +** +** ^The sqlite3_get_autocommit() interface returns non-zero or +** zero if the given database connection is or is not in autocommit mode, +** respectively. ^Autocommit mode is on by default. +** ^Autocommit mode is disabled by a [BEGIN] statement. +** ^Autocommit mode is re-enabled by a [COMMIT] or [ROLLBACK]. +** +** If certain kinds of errors occur on a statement within a multi-statement +** transaction (errors including [SQLITE_FULL], [SQLITE_IOERR], +** [SQLITE_NOMEM], [SQLITE_BUSY], and [SQLITE_INTERRUPT]) then the +** transaction might be rolled back automatically. The only way to +** find out whether SQLite automatically rolled back the transaction after +** an error is to use this function. +** +** If another thread changes the autocommit status of the database +** connection while this routine is running, then the return value +** is undefined. +*/ +SQLITE_API int sqlite3_get_autocommit(sqlite3*); + +/* +** CAPI3REF: Find The Database Handle Of A Prepared Statement +** +** ^The sqlite3_db_handle interface returns the [database connection] handle +** to which a [prepared statement] belongs. ^The [database connection] +** returned by sqlite3_db_handle is the same [database connection] +** that was the first argument +** to the [sqlite3_prepare_v2()] call (or its variants) that was used to +** create the statement in the first place. +*/ +SQLITE_API sqlite3 *sqlite3_db_handle(sqlite3_stmt*); + +/* +** CAPI3REF: Find the next prepared statement +** +** ^This interface returns a pointer to the next [prepared statement] after +** pStmt associated with the [database connection] pDb. ^If pStmt is NULL +** then this interface returns a pointer to the first prepared statement +** associated with the database connection pDb. ^If no prepared statement +** satisfies the conditions of this routine, it returns NULL. +** +** The [database connection] pointer D in a call to +** [sqlite3_next_stmt(D,S)] must refer to an open database +** connection and in particular must not be a NULL pointer. +*/ +SQLITE_API sqlite3_stmt *sqlite3_next_stmt(sqlite3 *pDb, sqlite3_stmt *pStmt); + +/* +** CAPI3REF: Commit And Rollback Notification Callbacks +** +** ^The sqlite3_commit_hook() interface registers a callback +** function to be invoked whenever a transaction is [COMMIT | committed]. +** ^Any callback set by a previous call to sqlite3_commit_hook() +** for the same database connection is overridden. +** ^The sqlite3_rollback_hook() interface registers a callback +** function to be invoked whenever a transaction is [ROLLBACK | rolled back]. +** ^Any callback set by a previous call to sqlite3_rollback_hook() +** for the same database connection is overridden. +** ^The pArg argument is passed through to the callback. +** ^If the callback on a commit hook function returns non-zero, +** then the commit is converted into a rollback. +** +** ^The sqlite3_commit_hook(D,C,P) and sqlite3_rollback_hook(D,C,P) functions +** return the P argument from the previous call of the same function +** on the same [database connection] D, or NULL for +** the first call for each function on D. +** +** The callback implementation must not do anything that will modify +** the database connection that invoked the callback. Any actions +** to modify the database connection must be deferred until after the +** completion of the [sqlite3_step()] call that triggered the commit +** or rollback hook in the first place. +** Note that [sqlite3_prepare_v2()] and [sqlite3_step()] both modify their +** database connections for the meaning of "modify" in this paragraph. +** +** ^Registering a NULL function disables the callback. +** +** ^When the commit hook callback routine returns zero, the [COMMIT] +** operation is allowed to continue normally. ^If the commit hook +** returns non-zero, then the [COMMIT] is converted into a [ROLLBACK]. +** ^The rollback hook is invoked on a rollback that results from a commit +** hook returning non-zero, just as it would be with any other rollback. +** +** ^For the purposes of this API, a transaction is said to have been +** rolled back if an explicit "ROLLBACK" statement is executed, or +** an error or constraint causes an implicit rollback to occur. +** ^The rollback callback is not invoked if a transaction is +** automatically rolled back because the database connection is closed. +** ^The rollback callback is not invoked if a transaction is +** rolled back because a commit callback returned non-zero. +** +** See also the [sqlite3_update_hook()] interface. +*/ +SQLITE_API void *sqlite3_commit_hook(sqlite3*, int(*)(void*), void*); +SQLITE_API void *sqlite3_rollback_hook(sqlite3*, void(*)(void *), void*); + +/* +** CAPI3REF: Data Change Notification Callbacks +** +** ^The sqlite3_update_hook() interface registers a callback function +** with the [database connection] identified by the first argument +** to be invoked whenever a row is updated, inserted or deleted. +** ^Any callback set by a previous call to this function +** for the same database connection is overridden. +** +** ^The second argument is a pointer to the function to invoke when a +** row is updated, inserted or deleted. +** ^The first argument to the callback is a copy of the third argument +** to sqlite3_update_hook(). +** ^The second callback argument is one of [SQLITE_INSERT], [SQLITE_DELETE], +** or [SQLITE_UPDATE], depending on the operation that caused the callback +** to be invoked. +** ^The third and fourth arguments to the callback contain pointers to the +** database and table name containing the affected row. +** ^The final callback parameter is the [rowid] of the row. +** ^In the case of an update, this is the [rowid] after the update takes place. +** +** ^(The update hook is not invoked when internal system tables are +** modified (i.e. sqlite_master and sqlite_sequence).)^ +** +** ^In the current implementation, the update hook +** is not invoked when duplication rows are deleted because of an +** [ON CONFLICT | ON CONFLICT REPLACE] clause. ^Nor is the update hook +** invoked when rows are deleted using the [truncate optimization]. +** The exceptions defined in this paragraph might change in a future +** release of SQLite. +** +** The update hook implementation must not do anything that will modify +** the database connection that invoked the update hook. Any actions +** to modify the database connection must be deferred until after the +** completion of the [sqlite3_step()] call that triggered the update hook. +** Note that [sqlite3_prepare_v2()] and [sqlite3_step()] both modify their +** database connections for the meaning of "modify" in this paragraph. +** +** ^The sqlite3_update_hook(D,C,P) function +** returns the P argument from the previous call +** on the same [database connection] D, or NULL for +** the first call on D. +** +** See also the [sqlite3_commit_hook()] and [sqlite3_rollback_hook()] +** interfaces. +*/ +SQLITE_API void *sqlite3_update_hook( + sqlite3*, + void(*)(void *,int ,char const *,char const *,sqlite3_int64), + void* +); + +/* +** CAPI3REF: Enable Or Disable Shared Pager Cache +** KEYWORDS: {shared cache} +** +** ^(This routine enables or disables the sharing of the database cache +** and schema data structures between [database connection | connections] +** to the same database. Sharing is enabled if the argument is true +** and disabled if the argument is false.)^ +** +** ^Cache sharing is enabled and disabled for an entire process. +** This is a change as of SQLite version 3.5.0. In prior versions of SQLite, +** sharing was enabled or disabled for each thread separately. +** +** ^(The cache sharing mode set by this interface effects all subsequent +** calls to [sqlite3_open()], [sqlite3_open_v2()], and [sqlite3_open16()]. +** Existing database connections continue use the sharing mode +** that was in effect at the time they were opened.)^ +** +** ^(This routine returns [SQLITE_OK] if shared cache was enabled or disabled +** successfully. An [error code] is returned otherwise.)^ +** +** ^Shared cache is disabled by default. But this might change in +** future releases of SQLite. Applications that care about shared +** cache setting should set it explicitly. +** +** See Also: [SQLite Shared-Cache Mode] +*/ +SQLITE_API int sqlite3_enable_shared_cache(int); + +/* +** CAPI3REF: Attempt To Free Heap Memory +** +** ^The sqlite3_release_memory() interface attempts to free N bytes +** of heap memory by deallocating non-essential memory allocations +** held by the database library. Memory used to cache database +** pages to improve performance is an example of non-essential memory. +** ^sqlite3_release_memory() returns the number of bytes actually freed, +** which might be more or less than the amount requested. +*/ +SQLITE_API int sqlite3_release_memory(int); + +/* +** CAPI3REF: Impose A Limit On Heap Size +** +** ^The sqlite3_soft_heap_limit() interface places a "soft" limit +** on the amount of heap memory that may be allocated by SQLite. +** ^If an internal allocation is requested that would exceed the +** soft heap limit, [sqlite3_release_memory()] is invoked one or +** more times to free up some space before the allocation is performed. +** +** ^The limit is called "soft" because if [sqlite3_release_memory()] +** cannot free sufficient memory to prevent the limit from being exceeded, +** the memory is allocated anyway and the current operation proceeds. +** +** ^A negative or zero value for N means that there is no soft heap limit and +** [sqlite3_release_memory()] will only be called when memory is exhausted. +** ^The default value for the soft heap limit is zero. +** +** ^(SQLite makes a best effort to honor the soft heap limit. +** But if the soft heap limit cannot be honored, execution will +** continue without error or notification.)^ This is why the limit is +** called a "soft" limit. It is advisory only. +** +** Prior to SQLite version 3.5.0, this routine only constrained the memory +** allocated by a single thread - the same thread in which this routine +** runs. Beginning with SQLite version 3.5.0, the soft heap limit is +** applied to all threads. The value specified for the soft heap limit +** is an upper bound on the total memory allocation for all threads. In +** version 3.5.0 there is no mechanism for limiting the heap usage for +** individual threads. +*/ +SQLITE_API void sqlite3_soft_heap_limit(int); + +/* +** CAPI3REF: Extract Metadata About A Column Of A Table +** +** ^This routine returns metadata about a specific column of a specific +** database table accessible using the [database connection] handle +** passed as the first function argument. +** +** ^The column is identified by the second, third and fourth parameters to +** this function. ^The second parameter is either the name of the database +** (i.e. "main", "temp", or an attached database) containing the specified +** table or NULL. ^If it is NULL, then all attached databases are searched +** for the table using the same algorithm used by the database engine to +** resolve unqualified table references. +** +** ^The third and fourth parameters to this function are the table and column +** name of the desired column, respectively. Neither of these parameters +** may be NULL. +** +** ^Metadata is returned by writing to the memory locations passed as the 5th +** and subsequent parameters to this function. ^Any of these arguments may be +** NULL, in which case the corresponding element of metadata is omitted. +** +** ^(
+** +**
Parameter Output
Type 		Description +** +**
5th const char* Data type +**
6th const char* Name of default collation sequence +**
7th int True if column has a NOT NULL constraint +**
8th int True if column is part of the PRIMARY KEY +**
9th int True if column is [AUTOINCREMENT] +**
+**
)^ +** +** ^The memory pointed to by the character pointers returned for the +** declaration type and collation sequence is valid only until the next +** call to any SQLite API function. +** +** ^If the specified table is actually a view, an [error code] is returned. +** +** ^If the specified column is "rowid", "oid" or "_rowid_" and an +** [INTEGER PRIMARY KEY] column has been explicitly declared, then the output +** parameters are set for the explicitly declared column. ^(If there is no +** explicitly declared [INTEGER PRIMARY KEY] column, then the output +** parameters are set as follows: +** +** 
+**     data type: "INTEGER"
+**     collation sequence: "BINARY"
+**     not null: 0
+**     primary key: 1
+**     auto increment: 0
+**
)^ +** +** ^(This function may load one or more schemas from database files. If an +** error occurs during this process, or if the requested table or column +** cannot be found, an [error code] is returned and an error message left +** in the [database connection] (to be retrieved using sqlite3_errmsg()).)^ +** +** ^This API is only available if the library was compiled with the +** [SQLITE_ENABLE_COLUMN_METADATA] C-preprocessor symbol defined. +*/ +SQLITE_API int sqlite3_table_column_metadata( + sqlite3 *db, /* Connection handle */ + const char *zDbName, /* Database name or NULL */ + const char *zTableName, /* Table name */ + const char *zColumnName, /* Column name */ + char const **pzDataType, /* OUTPUT: Declared data type */ + char const **pzCollSeq, /* OUTPUT: Collation sequence name */ + int *pNotNull, /* OUTPUT: True if NOT NULL constraint exists */ + int *pPrimaryKey, /* OUTPUT: True if column part of PK */ + int *pAutoinc /* OUTPUT: True if column is auto-increment */ +); + +/* +** CAPI3REF: Load An Extension +** +** ^This interface loads an SQLite extension library from the named file. +** +** ^The sqlite3_load_extension() interface attempts to load an +** SQLite extension library contained in the file zFile. +** +** ^The entry point is zProc. +** ^zProc may be 0, in which case the name of the entry point +** defaults to "sqlite3_extension_init". +** ^The sqlite3_load_extension() interface returns +** [SQLITE_OK] on success and [SQLITE_ERROR] if something goes wrong. +** ^If an error occurs and pzErrMsg is not 0, then the +** [sqlite3_load_extension()] interface shall attempt to +** fill *pzErrMsg with error message text stored in memory +** obtained from [sqlite3_malloc()]. The calling function +** should free this memory by calling [sqlite3_free()]. +** +** ^Extension loading must be enabled using +** [sqlite3_enable_load_extension()] prior to calling this API, +** otherwise an error will be returned. +** +** See also the [load_extension() SQL function]. +*/ +SQLITE_API int sqlite3_load_extension( + sqlite3 *db, /* Load the extension into this database connection */ + const char *zFile, /* Name of the shared library containing extension */ + const char *zProc, /* Entry point. Derived from zFile if 0 */ + char **pzErrMsg /* Put error message here if not 0 */ +); + +/* +** CAPI3REF: Enable Or Disable Extension Loading +** +** ^So as not to open security holes in older applications that are +** unprepared to deal with extension loading, and as a means of disabling +** extension loading while evaluating user-entered SQL, the following API +** is provided to turn the [sqlite3_load_extension()] mechanism on and off. +** +** ^Extension loading is off by default. See ticket #1863. +** ^Call the sqlite3_enable_load_extension() routine with onoff==1 +** to turn extension loading on and call it with onoff==0 to turn +** it back off again. +*/ +SQLITE_API int sqlite3_enable_load_extension(sqlite3 *db, int onoff); + +/* +** CAPI3REF: Automatically Load An Extensions +** +** ^This API can be invoked at program startup in order to register +** one or more statically linked extensions that will be available +** to all new [database connections]. +** +** ^(This routine stores a pointer to the extension entry point +** in an array that is obtained from [sqlite3_malloc()]. That memory +** is deallocated by [sqlite3_reset_auto_extension()].)^ +** +** ^This function registers an extension entry point that is +** automatically invoked whenever a new [database connection] +** is opened using [sqlite3_open()], [sqlite3_open16()], +** or [sqlite3_open_v2()]. +** ^Duplicate extensions are detected so calling this routine +** multiple times with the same extension is harmless. +** ^Automatic extensions apply across all threads. +*/ +SQLITE_API int sqlite3_auto_extension(void (*xEntryPoint)(void)); + +/* +** CAPI3REF: Reset Automatic Extension Loading +** +** ^(This function disables all previously registered automatic +** extensions. It undoes the effect of all prior +** [sqlite3_auto_extension()] calls.)^ +** +** ^This function disables automatic extensions in all threads. +*/ +SQLITE_API void sqlite3_reset_auto_extension(void); + +/* +****** EXPERIMENTAL - subject to change without notice ************** +** +** The interface to the virtual-table mechanism is currently considered +** to be experimental. The interface might change in incompatible ways. +** If this is a problem for you, do not use the interface at this time. +** +** When the virtual-table mechanism stabilizes, we will declare the +** interface fixed, support it indefinitely, and remove this comment. +*/ + +/* +** Structures used by the virtual table interface +*/ +typedef struct sqlite3_vtab sqlite3_vtab; +typedef struct sqlite3_index_info sqlite3_index_info; +typedef struct sqlite3_vtab_cursor sqlite3_vtab_cursor; +typedef struct sqlite3_module sqlite3_module; + +/* +** CAPI3REF: Virtual Table Object +** KEYWORDS: sqlite3_module {virtual table module} +** EXPERIMENTAL +** +** This structure, sometimes called a a "virtual table module", +** defines the implementation of a [virtual tables]. +** This structure consists mostly of methods for the module. +** +** ^A virtual table module is created by filling in a persistent +** instance of this structure and passing a pointer to that instance +** to [sqlite3_create_module()] or [sqlite3_create_module_v2()]. +** ^The registration remains valid until it is replaced by a different +** module or until the [database connection] closes. The content +** of this structure must not change while it is registered with +** any database connection. +*/ +struct sqlite3_module { + int iVersion; + int (*xCreate)(sqlite3*, void *pAux, + int argc, const char *const*argv, + sqlite3_vtab **ppVTab, char**); + int (*xConnect)(sqlite3*, void *pAux, + int argc, const char *const*argv, + sqlite3_vtab **ppVTab, char**); + int (*xBestIndex)(sqlite3_vtab *pVTab, sqlite3_index_info*); + int (*xDisconnect)(sqlite3_vtab *pVTab); + int (*xDestroy)(sqlite3_vtab *pVTab); + int (*xOpen)(sqlite3_vtab *pVTab, sqlite3_vtab_cursor **ppCursor); + int (*xClose)(sqlite3_vtab_cursor*); + int (*xFilter)(sqlite3_vtab_cursor*, int idxNum, const char *idxStr, + int argc, sqlite3_value **argv); + int (*xNext)(sqlite3_vtab_cursor*); + int (*xEof)(sqlite3_vtab_cursor*); + int (*xColumn)(sqlite3_vtab_cursor*, sqlite3_context*, int); + int (*xRowid)(sqlite3_vtab_cursor*, sqlite3_int64 *pRowid); + int (*xUpdate)(sqlite3_vtab *, int, sqlite3_value **, sqlite3_int64 *); + int (*xBegin)(sqlite3_vtab *pVTab); + int (*xSync)(sqlite3_vtab *pVTab); + int (*xCommit)(sqlite3_vtab *pVTab); + int (*xRollback)(sqlite3_vtab *pVTab); + int (*xFindFunction)(sqlite3_vtab *pVtab, int nArg, const char *zName, + void (**pxFunc)(sqlite3_context*,int,sqlite3_value**), + void **ppArg); + int (*xRename)(sqlite3_vtab *pVtab, const char *zNew); +}; + +/* +** CAPI3REF: Virtual Table Indexing Information +** KEYWORDS: sqlite3_index_info +** EXPERIMENTAL +** +** The sqlite3_index_info structure and its substructures is used to +** pass information into and receive the reply from the [xBestIndex] +** method of a [virtual table module]. The fields under **Inputs** are the +** inputs to xBestIndex and are read-only. xBestIndex inserts its +** results into the **Outputs** fields. +** +** ^(The aConstraint[] array records WHERE clause constraints of the form: +** +** 
column OP expr
+** +** where OP is =, <, <=, >, or >=.)^ ^(The particular operator is +** stored in aConstraint[].op.)^ ^(The index of the column is stored in +** aConstraint[].iColumn.)^ ^(aConstraint[].usable is TRUE if the +** expr on the right-hand side can be evaluated (and thus the constraint +** is usable) and false if it cannot.)^ +** +** ^The optimizer automatically inverts terms of the form "expr OP column" +** and makes other simplifications to the WHERE clause in an attempt to +** get as many WHERE clause terms into the form shown above as possible. +** ^The aConstraint[] array only reports WHERE clause terms that are +** relevant to the particular virtual table being queried. +** +** ^Information about the ORDER BY clause is stored in aOrderBy[]. +** ^Each term of aOrderBy records a column of the ORDER BY clause. +** +** The [xBestIndex] method must fill aConstraintUsage[] with information +** about what parameters to pass to xFilter. ^If argvIndex>0 then +** the right-hand side of the corresponding aConstraint[] is evaluated +** and becomes the argvIndex-th entry in argv. ^(If aConstraintUsage[].omit +** is true, then the constraint is assumed to be fully handled by the +** virtual table and is not checked again by SQLite.)^ +** +** ^The idxNum and idxPtr values are recorded and passed into the +** [xFilter] method. +** ^[sqlite3_free()] is used to free idxPtr if and only if +** needToFreeIdxPtr is true. +** +** ^The orderByConsumed means that output from [xFilter]/[xNext] will occur in +** the correct order to satisfy the ORDER BY clause so that no separate +** sorting step is required. +** +** ^The estimatedCost value is an estimate of the cost of doing the +** particular lookup. A full scan of a table with N entries should have +** a cost of N. A binary search of a table of N entries should have a +** cost of approximately log(N). +*/ +struct sqlite3_index_info { + /* Inputs */ + int nConstraint; /* Number of entries in aConstraint */ + struct sqlite3_index_constraint { + int iColumn; /* Column on left-hand side of constraint */ + unsigned char op; /* Constraint operator */ + unsigned char usable; /* True if this constraint is usable */ + int iTermOffset; /* Used internally - xBestIndex should ignore */ + } *aConstraint; /* Table of WHERE clause constraints */ + int nOrderBy; /* Number of terms in the ORDER BY clause */ + struct sqlite3_index_orderby { + int iColumn; /* Column number */ + unsigned char desc; /* True for DESC. False for ASC. */ + } *aOrderBy; /* The ORDER BY clause */ + /* Outputs */ + struct sqlite3_index_constraint_usage { + int argvIndex; /* if >0, constraint is part of argv to xFilter */ + unsigned char omit; /* Do not code a test for this constraint */ + } *aConstraintUsage; + int idxNum; /* Number used to identify the index */ + char *idxStr; /* String, possibly obtained from sqlite3_malloc */ + int needToFreeIdxStr; /* Free idxStr using sqlite3_free() if true */ + int orderByConsumed; /* True if output is already ordered */ + double estimatedCost; /* Estimated cost of using this index */ +}; +#define SQLITE_INDEX_CONSTRAINT_EQ 2 +#define SQLITE_INDEX_CONSTRAINT_GT 4 +#define SQLITE_INDEX_CONSTRAINT_LE 8 +#define SQLITE_INDEX_CONSTRAINT_LT 16 +#define SQLITE_INDEX_CONSTRAINT_GE 32 +#define SQLITE_INDEX_CONSTRAINT_MATCH 64 + +/* +** CAPI3REF: Register A Virtual Table Implementation +** EXPERIMENTAL +** +** ^These routines are used to register a new [virtual table module] name. +** ^Module names must be registered before +** creating a new [virtual table] using the module and before using a +** preexisting [virtual table] for the module. +** +** ^The module name is registered on the [database connection] specified +** by the first parameter. ^The name of the module is given by the +** second parameter. ^The third parameter is a pointer to +** the implementation of the [virtual table module]. ^The fourth +** parameter is an arbitrary client data pointer that is passed through +** into the [xCreate] and [xConnect] methods of the virtual table module +** when a new virtual table is be being created or reinitialized. +** +** ^The sqlite3_create_module_v2() interface has a fifth parameter which +** is a pointer to a destructor for the pClientData. ^SQLite will +** invoke the destructor function (if it is not NULL) when SQLite +** no longer needs the pClientData pointer. ^The sqlite3_create_module() +** interface is equivalent to sqlite3_create_module_v2() with a NULL +** destructor. +*/ +SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_create_module( + sqlite3 *db, /* SQLite connection to register module with */ + const char *zName, /* Name of the module */ + const sqlite3_module *p, /* Methods for the module */ + void *pClientData /* Client data for xCreate/xConnect */ +); +SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_create_module_v2( + sqlite3 *db, /* SQLite connection to register module with */ + const char *zName, /* Name of the module */ + const sqlite3_module *p, /* Methods for the module */ + void *pClientData, /* Client data for xCreate/xConnect */ + void(*xDestroy)(void*) /* Module destructor function */ +); + +/* +** CAPI3REF: Virtual Table Instance Object +** KEYWORDS: sqlite3_vtab +** EXPERIMENTAL +** +** Every [virtual table module] implementation uses a subclass +** of this object to describe a particular instance +** of the [virtual table]. Each subclass will +** be tailored to the specific needs of the module implementation. +** The purpose of this superclass is to define certain fields that are +** common to all module implementations. +** +** ^Virtual tables methods can set an error message by assigning a +** string obtained from [sqlite3_mprintf()] to zErrMsg. The method should +** take care that any prior string is freed by a call to [sqlite3_free()] +** prior to assigning a new string to zErrMsg. ^After the error message +** is delivered up to the client application, the string will be automatically +** freed by sqlite3_free() and the zErrMsg field will be zeroed. +*/ +struct sqlite3_vtab { + const sqlite3_module *pModule; /* The module for this virtual table */ + int nRef; /* NO LONGER USED */ + char *zErrMsg; /* Error message from sqlite3_mprintf() */ + /* Virtual table implementations will typically add additional fields */ +}; + +/* +** CAPI3REF: Virtual Table Cursor Object +** KEYWORDS: sqlite3_vtab_cursor {virtual table cursor} +** EXPERIMENTAL +** +** Every [virtual table module] implementation uses a subclass of the +** following structure to describe cursors that point into the +** [virtual table] and are used +** to loop through the virtual table. Cursors are created using the +** [sqlite3_module.xOpen | xOpen] method of the module and are destroyed +** by the [sqlite3_module.xClose | xClose] method. Cursors are used +** by the [xFilter], [xNext], [xEof], [xColumn], and [xRowid] methods +** of the module. Each module implementation will define +** the content of a cursor structure to suit its own needs. +** +** This superclass exists in order to define fields of the cursor that +** are common to all implementations. +*/ +struct sqlite3_vtab_cursor { + sqlite3_vtab *pVtab; /* Virtual table of this cursor */ + /* Virtual table implementations will typically add additional fields */ +}; + +/* +** CAPI3REF: Declare The Schema Of A Virtual Table +** EXPERIMENTAL +** +** ^The [xCreate] and [xConnect] methods of a +** [virtual table module] call this interface +** to declare the format (the names and datatypes of the columns) of +** the virtual tables they implement. +*/ +SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_declare_vtab(sqlite3*, const char *zSQL); + +/* +** CAPI3REF: Overload A Function For A Virtual Table +** EXPERIMENTAL +** +** ^(Virtual tables can provide alternative implementations of functions +** using the [xFindFunction] method of the [virtual table module]. +** But global versions of those functions +** must exist in order to be overloaded.)^ +** +** ^(This API makes sure a global version of a function with a particular +** name and number of parameters exists. If no such function exists +** before this API is called, a new function is created.)^ ^The implementation +** of the new function always causes an exception to be thrown. So +** the new function is not good for anything by itself. Its only +** purpose is to be a placeholder function that can be overloaded +** by a [virtual table]. +*/ +SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_overload_function(sqlite3*, const char *zFuncName, int nArg); + +/* +** The interface to the virtual-table mechanism defined above (back up +** to a comment remarkably similar to this one) is currently considered +** to be experimental. The interface might change in incompatible ways. +** If this is a problem for you, do not use the interface at this time. +** +** When the virtual-table mechanism stabilizes, we will declare the +** interface fixed, support it indefinitely, and remove this comment. +** +****** EXPERIMENTAL - subject to change without notice ************** +*/ + +/* +** CAPI3REF: A Handle To An Open BLOB +** KEYWORDS: {BLOB handle} {BLOB handles} +** +** An instance of this object represents an open BLOB on which +** [sqlite3_blob_open | incremental BLOB I/O] can be performed. +** ^Objects of this type are created by [sqlite3_blob_open()] +** and destroyed by [sqlite3_blob_close()]. +** ^The [sqlite3_blob_read()] and [sqlite3_blob_write()] interfaces +** can be used to read or write small subsections of the BLOB. +** ^The [sqlite3_blob_bytes()] interface returns the size of the BLOB in bytes. +*/ +typedef struct sqlite3_blob sqlite3_blob; + +/* +** CAPI3REF: Open A BLOB For Incremental I/O +** +** ^(This interfaces opens a [BLOB handle | handle] to the BLOB located +** in row iRow, column zColumn, table zTable in database zDb; +** in other words, the same BLOB that would be selected by: +** +** 
+**     SELECT zColumn FROM zDb.zTable WHERE [rowid] = iRow;
+**
)^ +** +** ^If the flags parameter is non-zero, then the BLOB is opened for read +** and write access. ^If it is zero, the BLOB is opened for read access. +** ^It is not possible to open a column that is part of an index or primary +** key for writing. ^If [foreign key constraints] are enabled, it is +** not possible to open a column that is part of a [child key] for writing. +** +** ^Note that the database name is not the filename that contains +** the database but rather the symbolic name of the database that +** appears after the AS keyword when the database is connected using [ATTACH]. +** ^For the main database file, the database name is "main". +** ^For TEMP tables, the database name is "temp". +** +** ^(On success, [SQLITE_OK] is returned and the new [BLOB handle] is written +** to *ppBlob. Otherwise an [error code] is returned and *ppBlob is set +** to be a null pointer.)^ +** ^This function sets the [database connection] error code and message +** accessible via [sqlite3_errcode()] and [sqlite3_errmsg()] and related +** functions. ^Note that the *ppBlob variable is always initialized in a +** way that makes it safe to invoke [sqlite3_blob_close()] on *ppBlob +** regardless of the success or failure of this routine. +** +** ^(If the row that a BLOB handle points to is modified by an +** [UPDATE], [DELETE], or by [ON CONFLICT] side-effects +** then the BLOB handle is marked as "expired". +** This is true if any column of the row is changed, even a column +** other than the one the BLOB handle is open on.)^ +** ^Calls to [sqlite3_blob_read()] and [sqlite3_blob_write()] for +** a expired BLOB handle fail with an return code of [SQLITE_ABORT]. +** ^(Changes written into a BLOB prior to the BLOB expiring are not +** rolled back by the expiration of the BLOB. Such changes will eventually +** commit if the transaction continues to completion.)^ +** +** ^Use the [sqlite3_blob_bytes()] interface to determine the size of +** the opened blob. ^The size of a blob may not be changed by this +** interface. Use the [UPDATE] SQL command to change the size of a +** blob. +** +** ^The [sqlite3_bind_zeroblob()] and [sqlite3_result_zeroblob()] interfaces +** and the built-in [zeroblob] SQL function can be used, if desired, +** to create an empty, zero-filled blob in which to read or write using +** this interface. +** +** To avoid a resource leak, every open [BLOB handle] should eventually +** be released by a call to [sqlite3_blob_close()]. +*/ +SQLITE_API int sqlite3_blob_open( + sqlite3*, + const char *zDb, + const char *zTable, + const char *zColumn, + sqlite3_int64 iRow, + int flags, + sqlite3_blob **ppBlob +); + +/* +** CAPI3REF: Close A BLOB Handle +** +** ^Closes an open [BLOB handle]. +** +** ^Closing a BLOB shall cause the current transaction to commit +** if there are no other BLOBs, no pending prepared statements, and the +** database connection is in [autocommit mode]. +** ^If any writes were made to the BLOB, they might be held in cache +** until the close operation if they will fit. +** +** ^(Closing the BLOB often forces the changes +** out to disk and so if any I/O errors occur, they will likely occur +** at the time when the BLOB is closed. Any errors that occur during +** closing are reported as a non-zero return value.)^ +** +** ^(The BLOB is closed unconditionally. Even if this routine returns +** an error code, the BLOB is still closed.)^ +** +** ^Calling this routine with a null pointer (such as would be returned +** by a failed call to [sqlite3_blob_open()]) is a harmless no-op. +*/ +SQLITE_API int sqlite3_blob_close(sqlite3_blob *); + +/* +** CAPI3REF: Return The Size Of An Open BLOB +** +** ^Returns the size in bytes of the BLOB accessible via the +** successfully opened [BLOB handle] in its only argument. ^The +** incremental blob I/O routines can only read or overwriting existing +** blob content; they cannot change the size of a blob. +** +** This routine only works on a [BLOB handle] which has been created +** by a prior successful call to [sqlite3_blob_open()] and which has not +** been closed by [sqlite3_blob_close()]. Passing any other pointer in +** to this routine results in undefined and probably undesirable behavior. +*/ +SQLITE_API int sqlite3_blob_bytes(sqlite3_blob *); + +/* +** CAPI3REF: Read Data From A BLOB Incrementally +** +** ^(This function is used to read data from an open [BLOB handle] into a +** caller-supplied buffer. N bytes of data are copied into buffer Z +** from the open BLOB, starting at offset iOffset.)^ +** +** ^If offset iOffset is less than N bytes from the end of the BLOB, +** [SQLITE_ERROR] is returned and no data is read. ^If N or iOffset is +** less than zero, [SQLITE_ERROR] is returned and no data is read. +** ^The size of the blob (and hence the maximum value of N+iOffset) +** can be determined using the [sqlite3_blob_bytes()] interface. +** +** ^An attempt to read from an expired [BLOB handle] fails with an +** error code of [SQLITE_ABORT]. +** +** ^(On success, sqlite3_blob_read() returns SQLITE_OK. +** Otherwise, an [error code] or an [extended error code] is returned.)^ +** +** This routine only works on a [BLOB handle] which has been created +** by a prior successful call to [sqlite3_blob_open()] and which has not +** been closed by [sqlite3_blob_close()]. Passing any other pointer in +** to this routine results in undefined and probably undesirable behavior. +** +** See also: [sqlite3_blob_write()]. +*/ +SQLITE_API int sqlite3_blob_read(sqlite3_blob *, void *Z, int N, int iOffset); + +/* +** CAPI3REF: Write Data Into A BLOB Incrementally +** +** ^This function is used to write data into an open [BLOB handle] from a +** caller-supplied buffer. ^N bytes of data are copied from the buffer Z +** into the open BLOB, starting at offset iOffset. +** +** ^If the [BLOB handle] passed as the first argument was not opened for +** writing (the flags parameter to [sqlite3_blob_open()] was zero), +** this function returns [SQLITE_READONLY]. +** +** ^This function may only modify the contents of the BLOB; it is +** not possible to increase the size of a BLOB using this API. +** ^If offset iOffset is less than N bytes from the end of the BLOB, +** [SQLITE_ERROR] is returned and no data is written. ^If N is +** less than zero [SQLITE_ERROR] is returned and no data is written. +** The size of the BLOB (and hence the maximum value of N+iOffset) +** can be determined using the [sqlite3_blob_bytes()] interface. +** +** ^An attempt to write to an expired [BLOB handle] fails with an +** error code of [SQLITE_ABORT]. ^Writes to the BLOB that occurred +** before the [BLOB handle] expired are not rolled back by the +** expiration of the handle, though of course those changes might +** have been overwritten by the statement that expired the BLOB handle +** or by other independent statements. +** +** ^(On success, sqlite3_blob_write() returns SQLITE_OK. +** Otherwise, an [error code] or an [extended error code] is returned.)^ +** +** This routine only works on a [BLOB handle] which has been created +** by a prior successful call to [sqlite3_blob_open()] and which has not +** been closed by [sqlite3_blob_close()]. Passing any other pointer in +** to this routine results in undefined and probably undesirable behavior. +** +** See also: [sqlite3_blob_read()]. +*/ +SQLITE_API int sqlite3_blob_write(sqlite3_blob *, const void *z, int n, int iOffset); + +/* +** CAPI3REF: Virtual File System Objects +** +** A virtual filesystem (VFS) is an [sqlite3_vfs] object +** that SQLite uses to interact +** with the underlying operating system. Most SQLite builds come with a +** single default VFS that is appropriate for the host computer. +** New VFSes can be registered and existing VFSes can be unregistered. +** The following interfaces are provided. +** +** ^The sqlite3_vfs_find() interface returns a pointer to a VFS given its name. +** ^Names are case sensitive. +** ^Names are zero-terminated UTF-8 strings. +** ^If there is no match, a NULL pointer is returned. +** ^If zVfsName is NULL then the default VFS is returned. +** +** ^New VFSes are registered with sqlite3_vfs_register(). +** ^Each new VFS becomes the default VFS if the makeDflt flag is set. +** ^The same VFS can be registered multiple times without injury. +** ^To make an existing VFS into the default VFS, register it again +** with the makeDflt flag set. If two different VFSes with the +** same name are registered, the behavior is undefined. If a +** VFS is registered with a name that is NULL or an empty string, +** then the behavior is undefined. +** +** ^Unregister a VFS with the sqlite3_vfs_unregister() interface. +** ^(If the default VFS is unregistered, another VFS is chosen as +** the default. The choice for the new VFS is arbitrary.)^ +*/ +SQLITE_API sqlite3_vfs *sqlite3_vfs_find(const char *zVfsName); +SQLITE_API int sqlite3_vfs_register(sqlite3_vfs*, int makeDflt); +SQLITE_API int sqlite3_vfs_unregister(sqlite3_vfs*); + +/* +** CAPI3REF: Mutexes +** +** The SQLite core uses these routines for thread +** synchronization. Though they are intended for internal +** use by SQLite, code that links against SQLite is +** permitted to use any of these routines. +** +** The SQLite source code contains multiple implementations +** of these mutex routines. An appropriate implementation +** is selected automatically at compile-time. ^(The following +** implementations are available in the SQLite core: +** +**
    +**
  • SQLITE_MUTEX_OS2 +**
  • SQLITE_MUTEX_PTHREAD +**
  • SQLITE_MUTEX_W32 +**
  • SQLITE_MUTEX_NOOP +**
)^ +** +** ^The SQLITE_MUTEX_NOOP implementation is a set of routines +** that does no real locking and is appropriate for use in +** a single-threaded application. ^The SQLITE_MUTEX_OS2, +** SQLITE_MUTEX_PTHREAD, and SQLITE_MUTEX_W32 implementations +** are appropriate for use on OS/2, Unix, and Windows. +** +** ^(If SQLite is compiled with the SQLITE_MUTEX_APPDEF preprocessor +** macro defined (with "-DSQLITE_MUTEX_APPDEF=1"), then no mutex +** implementation is included with the library. In this case the +** application must supply a custom mutex implementation using the +** [SQLITE_CONFIG_MUTEX] option of the sqlite3_config() function +** before calling sqlite3_initialize() or any other public sqlite3_ +** function that calls sqlite3_initialize().)^ +** +** ^The sqlite3_mutex_alloc() routine allocates a new +** mutex and returns a pointer to it. ^If it returns NULL +** that means that a mutex could not be allocated. ^SQLite +** will unwind its stack and return an error. ^(The argument +** to sqlite3_mutex_alloc() is one of these integer constants: +** +**
    +**
  • SQLITE_MUTEX_FAST +**
  • SQLITE_MUTEX_RECURSIVE +**
  • SQLITE_MUTEX_STATIC_MASTER +**
  • SQLITE_MUTEX_STATIC_MEM +**
  • SQLITE_MUTEX_STATIC_MEM2 +**
  • SQLITE_MUTEX_STATIC_PRNG +**
  • SQLITE_MUTEX_STATIC_LRU +**
  • SQLITE_MUTEX_STATIC_LRU2 +**
)^ +** +** ^The first two constants (SQLITE_MUTEX_FAST and SQLITE_MUTEX_RECURSIVE) +** cause sqlite3_mutex_alloc() to create +** a new mutex. ^The new mutex is recursive when SQLITE_MUTEX_RECURSIVE +** is used but not necessarily so when SQLITE_MUTEX_FAST is used. +** The mutex implementation does not need to make a distinction +** between SQLITE_MUTEX_RECURSIVE and SQLITE_MUTEX_FAST if it does +** not want to. ^SQLite will only request a recursive mutex in +** cases where it really needs one. ^If a faster non-recursive mutex +** implementation is available on the host platform, the mutex subsystem +** might return such a mutex in response to SQLITE_MUTEX_FAST. +** +** ^The other allowed parameters to sqlite3_mutex_alloc() (anything other +** than SQLITE_MUTEX_FAST and SQLITE_MUTEX_RECURSIVE) each return +** a pointer to a static preexisting mutex. ^Six static mutexes are +** used by the current version of SQLite. Future versions of SQLite +** may add additional static mutexes. Static mutexes are for internal +** use by SQLite only. Applications that use SQLite mutexes should +** use only the dynamic mutexes returned by SQLITE_MUTEX_FAST or +** SQLITE_MUTEX_RECURSIVE. +** +** ^Note that if one of the dynamic mutex parameters (SQLITE_MUTEX_FAST +** or SQLITE_MUTEX_RECURSIVE) is used then sqlite3_mutex_alloc() +** returns a different mutex on every call. ^But for the static +** mutex types, the same mutex is returned on every call that has +** the same type number. +** +** ^The sqlite3_mutex_free() routine deallocates a previously +** allocated dynamic mutex. ^SQLite is careful to deallocate every +** dynamic mutex that it allocates. The dynamic mutexes must not be in +** use when they are deallocated. Attempting to deallocate a static +** mutex results in undefined behavior. ^SQLite never deallocates +** a static mutex. +** +** ^The sqlite3_mutex_enter() and sqlite3_mutex_try() routines attempt +** to enter a mutex. ^If another thread is already within the mutex, +** sqlite3_mutex_enter() will block and sqlite3_mutex_try() will return +** SQLITE_BUSY. ^The sqlite3_mutex_try() interface returns [SQLITE_OK] +** upon successful entry. ^(Mutexes created using +** SQLITE_MUTEX_RECURSIVE can be entered multiple times by the same thread. +** In such cases the, +** mutex must be exited an equal number of times before another thread +** can enter.)^ ^(If the same thread tries to enter any other +** kind of mutex more than once, the behavior is undefined. +** SQLite will never exhibit +** such behavior in its own use of mutexes.)^ +** +** ^(Some systems (for example, Windows 95) do not support the operation +** implemented by sqlite3_mutex_try(). On those systems, sqlite3_mutex_try() +** will always return SQLITE_BUSY. The SQLite core only ever uses +** sqlite3_mutex_try() as an optimization so this is acceptable behavior.)^ +** +** ^The sqlite3_mutex_leave() routine exits a mutex that was +** previously entered by the same thread. ^(The behavior +** is undefined if the mutex is not currently entered by the +** calling thread or is not currently allocated. SQLite will +** never do either.)^ +** +** ^If the argument to sqlite3_mutex_enter(), sqlite3_mutex_try(), or +** sqlite3_mutex_leave() is a NULL pointer, then all three routines +** behave as no-ops. +** +** See also: [sqlite3_mutex_held()] and [sqlite3_mutex_notheld()]. +*/ +SQLITE_API sqlite3_mutex *sqlite3_mutex_alloc(int); +SQLITE_API void sqlite3_mutex_free(sqlite3_mutex*); +SQLITE_API void sqlite3_mutex_enter(sqlite3_mutex*); +SQLITE_API int sqlite3_mutex_try(sqlite3_mutex*); +SQLITE_API void sqlite3_mutex_leave(sqlite3_mutex*); + +/* +** CAPI3REF: Mutex Methods Object +** EXPERIMENTAL +** +** An instance of this structure defines the low-level routines +** used to allocate and use mutexes. +** +** Usually, the default mutex implementations provided by SQLite are +** sufficient, however the user has the option of substituting a custom +** implementation for specialized deployments or systems for which SQLite +** does not provide a suitable implementation. In this case, the user +** creates and populates an instance of this structure to pass +** to sqlite3_config() along with the [SQLITE_CONFIG_MUTEX] option. +** Additionally, an instance of this structure can be used as an +** output variable when querying the system for the current mutex +** implementation, using the [SQLITE_CONFIG_GETMUTEX] option. +** +** ^The xMutexInit method defined by this structure is invoked as +** part of system initialization by the sqlite3_initialize() function. +** ^The xMutexInit routine is calle by SQLite exactly once for each +** effective call to [sqlite3_initialize()]. +** +** ^The xMutexEnd method defined by this structure is invoked as +** part of system shutdown by the sqlite3_shutdown() function. The +** implementation of this method is expected to release all outstanding +** resources obtained by the mutex methods implementation, especially +** those obtained by the xMutexInit method. ^The xMutexEnd() +** interface is invoked exactly once for each call to [sqlite3_shutdown()]. +** +** ^(The remaining seven methods defined by this structure (xMutexAlloc, +** xMutexFree, xMutexEnter, xMutexTry, xMutexLeave, xMutexHeld and +** xMutexNotheld) implement the following interfaces (respectively): +** +**
    +**
  • [sqlite3_mutex_alloc()]
    • +**
  • [sqlite3_mutex_free()]
    • +**
  • [sqlite3_mutex_enter()]
    • +**
  • [sqlite3_mutex_try()]
    • +**
  • [sqlite3_mutex_leave()]
    • +**
  • [sqlite3_mutex_held()]
    • +**
  • [sqlite3_mutex_notheld()]
    • +**
)^ +** +** The only difference is that the public sqlite3_XXX functions enumerated +** above silently ignore any invocations that pass a NULL pointer instead +** of a valid mutex handle. The implementations of the methods defined +** by this structure are not required to handle this case, the results +** of passing a NULL pointer instead of a valid mutex handle are undefined +** (i.e. it is acceptable to provide an implementation that segfaults if +** it is passed a NULL pointer). +** +** The xMutexInit() method must be threadsafe. ^It must be harmless to +** invoke xMutexInit() mutiple times within the same process and without +** intervening calls to xMutexEnd(). Second and subsequent calls to +** xMutexInit() must be no-ops. +** +** ^xMutexInit() must not use SQLite memory allocation ([sqlite3_malloc()] +** and its associates). ^Similarly, xMutexAlloc() must not use SQLite memory +** allocation for a static mutex. ^However xMutexAlloc() may use SQLite +** memory allocation for a fast or recursive mutex. +** +** ^SQLite will invoke the xMutexEnd() method when [sqlite3_shutdown()] is +** called, but only if the prior call to xMutexInit returned SQLITE_OK. +** If xMutexInit fails in any way, it is expected to clean up after itself +** prior to returning. +*/ +typedef struct sqlite3_mutex_methods sqlite3_mutex_methods; +struct sqlite3_mutex_methods { + int (*xMutexInit)(void); + int (*xMutexEnd)(void); + sqlite3_mutex *(*xMutexAlloc)(int); + void (*xMutexFree)(sqlite3_mutex *); + void (*xMutexEnter)(sqlite3_mutex *); + int (*xMutexTry)(sqlite3_mutex *); + void (*xMutexLeave)(sqlite3_mutex *); + int (*xMutexHeld)(sqlite3_mutex *); + int (*xMutexNotheld)(sqlite3_mutex *); +}; + +/* +** CAPI3REF: Mutex Verification Routines +** +** The sqlite3_mutex_held() and sqlite3_mutex_notheld() routines +** are intended for use inside assert() statements. ^The SQLite core +** never uses these routines except inside an assert() and applications +** are advised to follow the lead of the core. ^The SQLite core only +** provides implementations for these routines when it is compiled +** with the SQLITE_DEBUG flag. ^External mutex implementations +** are only required to provide these routines if SQLITE_DEBUG is +** defined and if NDEBUG is not defined. +** +** ^These routines should return true if the mutex in their argument +** is held or not held, respectively, by the calling thread. +** +** ^The implementation is not required to provided versions of these +** routines that actually work. If the implementation does not provide working +** versions of these routines, it should at least provide stubs that always +** return true so that one does not get spurious assertion failures. +** +** ^If the argument to sqlite3_mutex_held() is a NULL pointer then +** the routine should return 1. This seems counter-intuitive since +** clearly the mutex cannot be held if it does not exist. But the +** the reason the mutex does not exist is because the build is not +** using mutexes. And we do not want the assert() containing the +** call to sqlite3_mutex_held() to fail, so a non-zero return is +** the appropriate thing to do. ^The sqlite3_mutex_notheld() +** interface should also return 1 when given a NULL pointer. +*/ +#ifndef NDEBUG +SQLITE_API int sqlite3_mutex_held(sqlite3_mutex*); +SQLITE_API int sqlite3_mutex_notheld(sqlite3_mutex*); +#endif + +/* +** CAPI3REF: Mutex Types +** +** The [sqlite3_mutex_alloc()] interface takes a single argument +** which is one of these integer constants. +** +** The set of static mutexes may change from one SQLite release to the +** next. Applications that override the built-in mutex logic must be +** prepared to accommodate additional static mutexes. +*/ +#define SQLITE_MUTEX_FAST 0 +#define SQLITE_MUTEX_RECURSIVE 1 +#define SQLITE_MUTEX_STATIC_MASTER 2 +#define SQLITE_MUTEX_STATIC_MEM 3 /* sqlite3_malloc() */ +#define SQLITE_MUTEX_STATIC_MEM2 4 /* NOT USED */ +#define SQLITE_MUTEX_STATIC_OPEN 4 /* sqlite3BtreeOpen() */ +#define SQLITE_MUTEX_STATIC_PRNG 5 /* sqlite3_random() */ +#define SQLITE_MUTEX_STATIC_LRU 6 /* lru page list */ +#define SQLITE_MUTEX_STATIC_LRU2 7 /* lru page list */ + +/* +** CAPI3REF: Retrieve the mutex for a database connection +** +** ^This interface returns a pointer the [sqlite3_mutex] object that +** serializes access to the [database connection] given in the argument +** when the [threading mode] is Serialized. +** ^If the [threading mode] is Single-thread or Multi-thread then this +** routine returns a NULL pointer. +*/ +SQLITE_API sqlite3_mutex *sqlite3_db_mutex(sqlite3*); + +/* +** CAPI3REF: Low-Level Control Of Database Files +** +** ^The [sqlite3_file_control()] interface makes a direct call to the +** xFileControl method for the [sqlite3_io_methods] object associated +** with a particular database identified by the second argument. ^The +** name of the database "main" for the main database or "temp" for the +** TEMP database, or the name that appears after the AS keyword for +** databases that are added using the [ATTACH] SQL command. +** ^A NULL pointer can be used in place of "main" to refer to the +** main database file. +** ^The third and fourth parameters to this routine +** are passed directly through to the second and third parameters of +** the xFileControl method. ^The return value of the xFileControl +** method becomes the return value of this routine. +** +** ^If the second parameter (zDbName) does not match the name of any +** open database file, then SQLITE_ERROR is returned. ^This error +** code is not remembered and will not be recalled by [sqlite3_errcode()] +** or [sqlite3_errmsg()]. The underlying xFileControl method might +** also return SQLITE_ERROR. There is no way to distinguish between +** an incorrect zDbName and an SQLITE_ERROR return from the underlying +** xFileControl method. +** +** See also: [SQLITE_FCNTL_LOCKSTATE] +*/ +SQLITE_API int sqlite3_file_control(sqlite3*, const char *zDbName, int op, void*); + +/* +** CAPI3REF: Testing Interface +** +** ^The sqlite3_test_control() interface is used to read out internal +** state of SQLite and to inject faults into SQLite for testing +** purposes. ^The first parameter is an operation code that determines +** the number, meaning, and operation of all subsequent parameters. +** +** This interface is not for use by applications. It exists solely +** for verifying the correct operation of the SQLite library. Depending +** on how the SQLite library is compiled, this interface might not exist. +** +** The details of the operation codes, their meanings, the parameters +** they take, and what they do are all subject to change without notice. +** Unlike most of the SQLite API, this function is not guaranteed to +** operate consistently from one release to the next. +*/ +SQLITE_API int sqlite3_test_control(int op, ...); + +/* +** CAPI3REF: Testing Interface Operation Codes +** +** These constants are the valid operation code parameters used +** as the first argument to [sqlite3_test_control()]. +** +** These parameters and their meanings are subject to change +** without notice. These values are for testing purposes only. +** Applications should not use any of these parameters or the +** [sqlite3_test_control()] interface. +*/ +#define SQLITE_TESTCTRL_FIRST 5 +#define SQLITE_TESTCTRL_PRNG_SAVE 5 +#define SQLITE_TESTCTRL_PRNG_RESTORE 6 +#define SQLITE_TESTCTRL_PRNG_RESET 7 +#define SQLITE_TESTCTRL_BITVEC_TEST 8 +#define SQLITE_TESTCTRL_FAULT_INSTALL 9 +#define SQLITE_TESTCTRL_BENIGN_MALLOC_HOOKS 10 +#define SQLITE_TESTCTRL_PENDING_BYTE 11 +#define SQLITE_TESTCTRL_ASSERT 12 +#define SQLITE_TESTCTRL_ALWAYS 13 +#define SQLITE_TESTCTRL_RESERVE 14 +#define SQLITE_TESTCTRL_OPTIMIZATIONS 15 +#define SQLITE_TESTCTRL_ISKEYWORD 16 +#define SQLITE_TESTCTRL_LAST 16 + +/* +** CAPI3REF: SQLite Runtime Status +** EXPERIMENTAL +** +** ^This interface is used to retrieve runtime status information +** about the preformance of SQLite, and optionally to reset various +** highwater marks. ^The first argument is an integer code for +** the specific parameter to measure. ^(Recognized integer codes +** are of the form [SQLITE_STATUS_MEMORY_USED | SQLITE_STATUS_...].)^ +** ^The current value of the parameter is returned into *pCurrent. +** ^The highest recorded value is returned in *pHighwater. ^If the +** resetFlag is true, then the highest record value is reset after +** *pHighwater is written. ^(Some parameters do not record the highest +** value. For those parameters +** nothing is written into *pHighwater and the resetFlag is ignored.)^ +** ^(Other parameters record only the highwater mark and not the current +** value. For these latter parameters nothing is written into *pCurrent.)^ +** +** ^The sqlite3_db_status() routine returns SQLITE_OK on success and a +** non-zero [error code] on failure. +** +** This routine is threadsafe but is not atomic. This routine can be +** called while other threads are running the same or different SQLite +** interfaces. However the values returned in *pCurrent and +** *pHighwater reflect the status of SQLite at different points in time +** and it is possible that another thread might change the parameter +** in between the times when *pCurrent and *pHighwater are written. +** +** See also: [sqlite3_db_status()] +*/ +SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_status(int op, int *pCurrent, int *pHighwater, int resetFlag); + + +/* +** CAPI3REF: Status Parameters +** EXPERIMENTAL +** +** These integer constants designate various run-time status parameters +** that can be returned by [sqlite3_status()]. +** +**
+** ^(
SQLITE_STATUS_MEMORY_USED
+**
This parameter is the current amount of memory checked out +** using [sqlite3_malloc()], either directly or indirectly. The +** figure includes calls made to [sqlite3_malloc()] by the application +** and internal memory usage by the SQLite library. Scratch memory +** controlled by [SQLITE_CONFIG_SCRATCH] and auxiliary page-cache +** memory controlled by [SQLITE_CONFIG_PAGECACHE] is not included in +** this parameter. The amount returned is the sum of the allocation +** sizes as reported by the xSize method in [sqlite3_mem_methods].
)^ +** +** ^(
SQLITE_STATUS_MALLOC_SIZE
+**
This parameter records the largest memory allocation request +** handed to [sqlite3_malloc()] or [sqlite3_realloc()] (or their +** internal equivalents). Only the value returned in the +** *pHighwater parameter to [sqlite3_status()] is of interest. +** The value written into the *pCurrent parameter is undefined.
)^ +** +** ^(
SQLITE_STATUS_PAGECACHE_USED
+**
This parameter returns the number of pages used out of the +** [pagecache memory allocator] that was configured using +** [SQLITE_CONFIG_PAGECACHE]. The +** value returned is in pages, not in bytes.
)^ +** +** ^(
SQLITE_STATUS_PAGECACHE_OVERFLOW
+**
This parameter returns the number of bytes of page cache +** allocation which could not be statisfied by the [SQLITE_CONFIG_PAGECACHE] +** buffer and where forced to overflow to [sqlite3_malloc()]. The +** returned value includes allocations that overflowed because they +** where too large (they were larger than the "sz" parameter to +** [SQLITE_CONFIG_PAGECACHE]) and allocations that overflowed because +** no space was left in the page cache.
)^ +** +** ^(
SQLITE_STATUS_PAGECACHE_SIZE
+**
This parameter records the largest memory allocation request +** handed to [pagecache memory allocator]. Only the value returned in the +** *pHighwater parameter to [sqlite3_status()] is of interest. +** The value written into the *pCurrent parameter is undefined.
)^ +** +** ^(
SQLITE_STATUS_SCRATCH_USED
+**
This parameter returns the number of allocations used out of the +** [scratch memory allocator] configured using +** [SQLITE_CONFIG_SCRATCH]. The value returned is in allocations, not +** in bytes. Since a single thread may only have one scratch allocation +** outstanding at time, this parameter also reports the number of threads +** using scratch memory at the same time.
)^ +** +** ^(
SQLITE_STATUS_SCRATCH_OVERFLOW
+**
This parameter returns the number of bytes of scratch memory +** allocation which could not be statisfied by the [SQLITE_CONFIG_SCRATCH] +** buffer and where forced to overflow to [sqlite3_malloc()]. The values +** returned include overflows because the requested allocation was too +** larger (that is, because the requested allocation was larger than the +** "sz" parameter to [SQLITE_CONFIG_SCRATCH]) and because no scratch buffer +** slots were available. +**
)^ +** +** ^(
SQLITE_STATUS_SCRATCH_SIZE
+**
This parameter records the largest memory allocation request +** handed to [scratch memory allocator]. Only the value returned in the +** *pHighwater parameter to [sqlite3_status()] is of interest. +** The value written into the *pCurrent parameter is undefined.
)^ +** +** ^(
SQLITE_STATUS_PARSER_STACK
+**
This parameter records the deepest parser stack. It is only +** meaningful if SQLite is compiled with [YYTRACKMAXSTACKDEPTH].
)^ +**
+** +** New status parameters may be added from time to time. +*/ +#define SQLITE_STATUS_MEMORY_USED 0 +#define SQLITE_STATUS_PAGECACHE_USED 1 +#define SQLITE_STATUS_PAGECACHE_OVERFLOW 2 +#define SQLITE_STATUS_SCRATCH_USED 3 +#define SQLITE_STATUS_SCRATCH_OVERFLOW 4 +#define SQLITE_STATUS_MALLOC_SIZE 5 +#define SQLITE_STATUS_PARSER_STACK 6 +#define SQLITE_STATUS_PAGECACHE_SIZE 7 +#define SQLITE_STATUS_SCRATCH_SIZE 8 + +/* +** CAPI3REF: Database Connection Status +** EXPERIMENTAL +** +** ^This interface is used to retrieve runtime status information +** about a single [database connection]. ^The first argument is the +** database connection object to be interrogated. ^The second argument +** is the parameter to interrogate. ^Currently, the only allowed value +** for the second parameter is [SQLITE_DBSTATUS_LOOKASIDE_USED]. +** Additional options will likely appear in future releases of SQLite. +** +** ^The current value of the requested parameter is written into *pCur +** and the highest instantaneous value is written into *pHiwtr. ^If +** the resetFlg is true, then the highest instantaneous value is +** reset back down to the current value. +** +** See also: [sqlite3_status()] and [sqlite3_stmt_status()]. +*/ +SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_db_status(sqlite3*, int op, int *pCur, int *pHiwtr, int resetFlg); + +/* +** CAPI3REF: Status Parameters for database connections +** EXPERIMENTAL +** +** These constants are the available integer "verbs" that can be passed as +** the second argument to the [sqlite3_db_status()] interface. +** +** New verbs may be added in future releases of SQLite. Existing verbs +** might be discontinued. Applications should check the return code from +** [sqlite3_db_status()] to make sure that the call worked. +** The [sqlite3_db_status()] interface will return a non-zero error code +** if a discontinued or unsupported verb is invoked. +** +**
+** ^(
SQLITE_DBSTATUS_LOOKASIDE_USED
+**
This parameter returns the number of lookaside memory slots currently +** checked out.
)^ +**
+*/ +#define SQLITE_DBSTATUS_LOOKASIDE_USED 0 + + +/* +** CAPI3REF: Prepared Statement Status +** EXPERIMENTAL +** +** ^(Each prepared statement maintains various +** [SQLITE_STMTSTATUS_SORT | counters] that measure the number +** of times it has performed specific operations.)^ These counters can +** be used to monitor the performance characteristics of the prepared +** statements. For example, if the number of table steps greatly exceeds +** the number of table searches or result rows, that would tend to indicate +** that the prepared statement is using a full table scan rather than +** an index. +** +** ^(This interface is used to retrieve and reset counter values from +** a [prepared statement]. The first argument is the prepared statement +** object to be interrogated. The second argument +** is an integer code for a specific [SQLITE_STMTSTATUS_SORT | counter] +** to be interrogated.)^ +** ^The current value of the requested counter is returned. +** ^If the resetFlg is true, then the counter is reset to zero after this +** interface call returns. +** +** See also: [sqlite3_status()] and [sqlite3_db_status()]. +*/ +SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_stmt_status(sqlite3_stmt*, int op,int resetFlg); + +/* +** CAPI3REF: Status Parameters for prepared statements +** EXPERIMENTAL +** +** These preprocessor macros define integer codes that name counter +** values associated with the [sqlite3_stmt_status()] interface. +** The meanings of the various counters are as follows: +** +**
+**
SQLITE_STMTSTATUS_FULLSCAN_STEP
+**
^This is the number of times that SQLite has stepped forward in +** a table as part of a full table scan. Large numbers for this counter +** may indicate opportunities for performance improvement through +** careful use of indices.
+** +**
SQLITE_STMTSTATUS_SORT
+**
^This is the number of sort operations that have occurred. +** A non-zero value in this counter may indicate an opportunity to +** improvement performance through careful use of indices.
+** +**
+*/ +#define SQLITE_STMTSTATUS_FULLSCAN_STEP 1 +#define SQLITE_STMTSTATUS_SORT 2 + +/* +** CAPI3REF: Custom Page Cache Object +** EXPERIMENTAL +** +** The sqlite3_pcache type is opaque. It is implemented by +** the pluggable module. The SQLite core has no knowledge of +** its size or internal structure and never deals with the +** sqlite3_pcache object except by holding and passing pointers +** to the object. +** +** See [sqlite3_pcache_methods] for additional information. +*/ +typedef struct sqlite3_pcache sqlite3_pcache; + +/* +** CAPI3REF: Application Defined Page Cache. +** KEYWORDS: {page cache} +** EXPERIMENTAL +** +** ^(The [sqlite3_config]([SQLITE_CONFIG_PCACHE], ...) interface can +** register an alternative page cache implementation by passing in an +** instance of the sqlite3_pcache_methods structure.)^ The majority of the +** heap memory used by SQLite is used by the page cache to cache data read +** from, or ready to be written to, the database file. By implementing a +** custom page cache using this API, an application can control more +** precisely the amount of memory consumed by SQLite, the way in which +** that memory is allocated and released, and the policies used to +** determine exactly which parts of a database file are cached and for +** how long. +** +** ^(The contents of the sqlite3_pcache_methods structure are copied to an +** internal buffer by SQLite within the call to [sqlite3_config]. Hence +** the application may discard the parameter after the call to +** [sqlite3_config()] returns.)^ +** +** ^The xInit() method is called once for each call to [sqlite3_initialize()] +** (usually only once during the lifetime of the process). ^(The xInit() +** method is passed a copy of the sqlite3_pcache_methods.pArg value.)^ +** ^The xInit() method can set up up global structures and/or any mutexes +** required by the custom page cache implementation. +** +** ^The xShutdown() method is called from within [sqlite3_shutdown()], +** if the application invokes this API. It can be used to clean up +** any outstanding resources before process shutdown, if required. +** +** ^SQLite holds a [SQLITE_MUTEX_RECURSIVE] mutex when it invokes +** the xInit method, so the xInit method need not be threadsafe. ^The +** xShutdown method is only called from [sqlite3_shutdown()] so it does +** not need to be threadsafe either. All other methods must be threadsafe +** in multithreaded applications. +** +** ^SQLite will never invoke xInit() more than once without an intervening +** call to xShutdown(). +** +** ^The xCreate() method is used to construct a new cache instance. SQLite +** will typically create one cache instance for each open database file, +** though this is not guaranteed. ^The +** first parameter, szPage, is the size in bytes of the pages that must +** be allocated by the cache. ^szPage will not be a power of two. ^szPage +** will the page size of the database file that is to be cached plus an +** increment (here called "R") of about 100 or 200. ^SQLite will use the +** extra R bytes on each page to store metadata about the underlying +** database page on disk. The value of R depends +** on the SQLite version, the target platform, and how SQLite was compiled. +** ^R is constant for a particular build of SQLite. ^The second argument to +** xCreate(), bPurgeable, is true if the cache being created will +** be used to cache database pages of a file stored on disk, or +** false if it is used for an in-memory database. ^The cache implementation +** does not have to do anything special based with the value of bPurgeable; +** it is purely advisory. ^On a cache where bPurgeable is false, SQLite will +** never invoke xUnpin() except to deliberately delete a page. +** ^In other words, a cache created with bPurgeable set to false will +** never contain any unpinned pages. +** +** ^(The xCachesize() method may be called at any time by SQLite to set the +** suggested maximum cache-size (number of pages stored by) the cache +** instance passed as the first argument. This is the value configured using +** the SQLite "[PRAGMA cache_size]" command.)^ ^As with the bPurgeable +** parameter, the implementation is not required to do anything with this +** value; it is advisory only. +** +** ^The xPagecount() method should return the number of pages currently +** stored in the cache. +** +** ^The xFetch() method is used to fetch a page and return a pointer to it. +** ^A 'page', in this context, is a buffer of szPage bytes aligned at an +** 8-byte boundary. ^The page to be fetched is determined by the key. ^The +** mimimum key value is 1. After it has been retrieved using xFetch, the page +** is considered to be "pinned". +** +** ^If the requested page is already in the page cache, then the page cache +** implementation must return a pointer to the page buffer with its content +** intact. ^(If the requested page is not already in the cache, then the +** behavior of the cache implementation is determined by the value of the +** createFlag parameter passed to xFetch, according to the following table: +** +** +**
createFlag Behaviour when page is not already in cache +**
0 Do not allocate a new page. Return NULL. +**
1 Allocate a new page if it easy and convenient to do so. +** Otherwise return NULL. +**
2 Make every effort to allocate a new page. Only return +** NULL if allocating a new page is effectively impossible. +**
)^ +** +** SQLite will normally invoke xFetch() with a createFlag of 0 or 1. If +** a call to xFetch() with createFlag==1 returns NULL, then SQLite will +** attempt to unpin one or more cache pages by spilling the content of +** pinned pages to disk and synching the operating system disk cache. After +** attempting to unpin pages, the xFetch() method will be invoked again with +** a createFlag of 2. +** +** ^xUnpin() is called by SQLite with a pointer to a currently pinned page +** as its second argument. ^(If the third parameter, discard, is non-zero, +** then the page should be evicted from the cache. In this case SQLite +** assumes that the next time the page is retrieved from the cache using +** the xFetch() method, it will be zeroed.)^ ^If the discard parameter is +** zero, then the page is considered to be unpinned. ^The cache implementation +** may choose to evict unpinned pages at any time. +** +** ^(The cache is not required to perform any reference counting. A single +** call to xUnpin() unpins the page regardless of the number of prior calls +** to xFetch().)^ +** +** ^The xRekey() method is used to change the key value associated with the +** page passed as the second argument from oldKey to newKey. ^If the cache +** previously contains an entry associated with newKey, it should be +** discarded. ^Any prior cache entry associated with newKey is guaranteed not +** to be pinned. +** +** ^When SQLite calls the xTruncate() method, the cache must discard all +** existing cache entries with page numbers (keys) greater than or equal +** to the value of the iLimit parameter passed to xTruncate(). ^If any +** of these pages are pinned, they are implicitly unpinned, meaning that +** they can be safely discarded. +** +** ^The xDestroy() method is used to delete a cache allocated by xCreate(). +** All resources associated with the specified cache should be freed. ^After +** calling the xDestroy() method, SQLite considers the [sqlite3_pcache*] +** handle invalid, and will not use it with any other sqlite3_pcache_methods +** functions. +*/ +typedef struct sqlite3_pcache_methods sqlite3_pcache_methods; +struct sqlite3_pcache_methods { + void *pArg; + int (*xInit)(void*); + void (*xShutdown)(void*); + sqlite3_pcache *(*xCreate)(int szPage, int bPurgeable); + void (*xCachesize)(sqlite3_pcache*, int nCachesize); + int (*xPagecount)(sqlite3_pcache*); + void *(*xFetch)(sqlite3_pcache*, unsigned key, int createFlag); + void (*xUnpin)(sqlite3_pcache*, void*, int discard); + void (*xRekey)(sqlite3_pcache*, void*, unsigned oldKey, unsigned newKey); + void (*xTruncate)(sqlite3_pcache*, unsigned iLimit); + void (*xDestroy)(sqlite3_pcache*); +}; + +/* +** CAPI3REF: Online Backup Object +** EXPERIMENTAL +** +** The sqlite3_backup object records state information about an ongoing +** online backup operation. ^The sqlite3_backup object is created by +** a call to [sqlite3_backup_init()] and is destroyed by a call to +** [sqlite3_backup_finish()]. +** +** See Also: [Using the SQLite Online Backup API] +*/ +typedef struct sqlite3_backup sqlite3_backup; + +/* +** CAPI3REF: Online Backup API. +** EXPERIMENTAL +** +** The backup API copies the content of one database into another. +** It is useful either for creating backups of databases or +** for copying in-memory databases to or from persistent files. +** +** See Also: [Using the SQLite Online Backup API] +** +** ^Exclusive access is required to the destination database for the +** duration of the operation. ^However the source database is only +** read-locked while it is actually being read; it is not locked +** continuously for the entire backup operation. ^Thus, the backup may be +** performed on a live source database without preventing other users from +** reading or writing to the source database while the backup is underway. +** +** ^(To perform a backup operation: +**
    +**
  1. sqlite3_backup_init() is called once to initialize the +** backup, +**
  2. sqlite3_backup_step() is called one or more times to transfer +** the data between the two databases, and finally +**
  3. sqlite3_backup_finish() is called to release all resources +** associated with the backup operation. +**
)^ +** There should be exactly one call to sqlite3_backup_finish() for each +** successful call to sqlite3_backup_init(). +** +** sqlite3_backup_init() +** +** ^The D and N arguments to sqlite3_backup_init(D,N,S,M) are the +** [database connection] associated with the destination database +** and the database name, respectively. +** ^The database name is "main" for the main database, "temp" for the +** temporary database, or the name specified after the AS keyword in +** an [ATTACH] statement for an attached database. +** ^The S and M arguments passed to +** sqlite3_backup_init(D,N,S,M) identify the [database connection] +** and database name of the source database, respectively. +** ^The source and destination [database connections] (parameters S and D) +** must be different or else sqlite3_backup_init(D,N,S,M) will file with +** an error. +** +** ^If an error occurs within sqlite3_backup_init(D,N,S,M), then NULL is +** returned and an error code and error message are store3d in the +** destination [database connection] D. +** ^The error code and message for the failed call to sqlite3_backup_init() +** can be retrieved using the [sqlite3_errcode()], [sqlite3_errmsg()], and/or +** [sqlite3_errmsg16()] functions. +** ^A successful call to sqlite3_backup_init() returns a pointer to an +** [sqlite3_backup] object. +** ^The [sqlite3_backup] object may be used with the sqlite3_backup_step() and +** sqlite3_backup_finish() functions to perform the specified backup +** operation. +** +** sqlite3_backup_step() +** +** ^Function sqlite3_backup_step(B,N) will copy up to N pages between +** the source and destination databases specified by [sqlite3_backup] object B. +** ^If N is negative, all remaining source pages are copied. +** ^If sqlite3_backup_step(B,N) successfully copies N pages and there +** are still more pages to be copied, then the function resturns [SQLITE_OK]. +** ^If sqlite3_backup_step(B,N) successfully finishes copying all pages +** from source to destination, then it returns [SQLITE_DONE]. +** ^If an error occurs while running sqlite3_backup_step(B,N), +** then an [error code] is returned. ^As well as [SQLITE_OK] and +** [SQLITE_DONE], a call to sqlite3_backup_step() may return [SQLITE_READONLY], +** [SQLITE_NOMEM], [SQLITE_BUSY], [SQLITE_LOCKED], or an +** [SQLITE_IOERR_ACCESS | SQLITE_IOERR_XXX] extended error code. +** +** ^The sqlite3_backup_step() might return [SQLITE_READONLY] if the destination +** database was opened read-only or if +** the destination is an in-memory database with a different page size +** from the source database. +** +** ^If sqlite3_backup_step() cannot obtain a required file-system lock, then +** the [sqlite3_busy_handler | busy-handler function] +** is invoked (if one is specified). ^If the +** busy-handler returns non-zero before the lock is available, then +** [SQLITE_BUSY] is returned to the caller. ^In this case the call to +** sqlite3_backup_step() can be retried later. ^If the source +** [database connection] +** is being used to write to the source database when sqlite3_backup_step() +** is called, then [SQLITE_LOCKED] is returned immediately. ^Again, in this +** case the call to sqlite3_backup_step() can be retried later on. ^(If +** [SQLITE_IOERR_ACCESS | SQLITE_IOERR_XXX], [SQLITE_NOMEM], or +** [SQLITE_READONLY] is returned, then +** there is no point in retrying the call to sqlite3_backup_step(). These +** errors are considered fatal.)^ The application must accept +** that the backup operation has failed and pass the backup operation handle +** to the sqlite3_backup_finish() to release associated resources. +** +** ^The first call to sqlite3_backup_step() obtains an exclusive lock +** on the destination file. ^The exclusive lock is not released until either +** sqlite3_backup_finish() is called or the backup operation is complete +** and sqlite3_backup_step() returns [SQLITE_DONE]. ^Every call to +** sqlite3_backup_step() obtains a [shared lock] on the source database that +** lasts for the duration of the sqlite3_backup_step() call. +** ^Because the source database is not locked between calls to +** sqlite3_backup_step(), the source database may be modified mid-way +** through the backup process. ^If the source database is modified by an +** external process or via a database connection other than the one being +** used by the backup operation, then the backup will be automatically +** restarted by the next call to sqlite3_backup_step(). ^If the source +** database is modified by the using the same database connection as is used +** by the backup operation, then the backup database is automatically +** updated at the same time. +** +** sqlite3_backup_finish() +** +** When sqlite3_backup_step() has returned [SQLITE_DONE], or when the +** application wishes to abandon the backup operation, the application +** should destroy the [sqlite3_backup] by passing it to sqlite3_backup_finish(). +** ^The sqlite3_backup_finish() interfaces releases all +** resources associated with the [sqlite3_backup] object. +** ^If sqlite3_backup_step() has not yet returned [SQLITE_DONE], then any +** active write-transaction on the destination database is rolled back. +** The [sqlite3_backup] object is invalid +** and may not be used following a call to sqlite3_backup_finish(). +** +** ^The value returned by sqlite3_backup_finish is [SQLITE_OK] if no +** sqlite3_backup_step() errors occurred, regardless or whether or not +** sqlite3_backup_step() completed. +** ^If an out-of-memory condition or IO error occurred during any prior +** sqlite3_backup_step() call on the same [sqlite3_backup] object, then +** sqlite3_backup_finish() returns the corresponding [error code]. +** +** ^A return of [SQLITE_BUSY] or [SQLITE_LOCKED] from sqlite3_backup_step() +** is not a permanent error and does not affect the return value of +** sqlite3_backup_finish(). +** +** sqlite3_backup_remaining(), sqlite3_backup_pagecount() +** +** ^Each call to sqlite3_backup_step() sets two values inside +** the [sqlite3_backup] object: the number of pages still to be backed +** up and the total number of pages in the source databae file. +** The sqlite3_backup_remaining() and sqlite3_backup_pagecount() interfaces +** retrieve these two values, respectively. +** +** ^The values returned by these functions are only updated by +** sqlite3_backup_step(). ^If the source database is modified during a backup +** operation, then the values are not updated to account for any extra +** pages that need to be updated or the size of the source database file +** changing. +** +** Concurrent Usage of Database Handles +** +** ^The source [database connection] may be used by the application for other +** purposes while a backup operation is underway or being initialized. +** ^If SQLite is compiled and configured to support threadsafe database +** connections, then the source database connection may be used concurrently +** from within other threads. +** +** However, the application must guarantee that the destination +** [database connection] is not passed to any other API (by any thread) after +** sqlite3_backup_init() is called and before the corresponding call to +** sqlite3_backup_finish(). SQLite does not currently check to see +** if the application incorrectly accesses the destination [database connection] +** and so no error code is reported, but the operations may malfunction +** nevertheless. Use of the destination database connection while a +** backup is in progress might also also cause a mutex deadlock. +** +** If running in [shared cache mode], the application must +** guarantee that the shared cache used by the destination database +** is not accessed while the backup is running. In practice this means +** that the application must guarantee that the disk file being +** backed up to is not accessed by any connection within the process, +** not just the specific connection that was passed to sqlite3_backup_init(). +** +** The [sqlite3_backup] object itself is partially threadsafe. Multiple +** threads may safely make multiple concurrent calls to sqlite3_backup_step(). +** However, the sqlite3_backup_remaining() and sqlite3_backup_pagecount() +** APIs are not strictly speaking threadsafe. If they are invoked at the +** same time as another thread is invoking sqlite3_backup_step() it is +** possible that they return invalid values. +*/ +SQLITE_API sqlite3_backup *sqlite3_backup_init( + sqlite3 *pDest, /* Destination database handle */ + const char *zDestName, /* Destination database name */ + sqlite3 *pSource, /* Source database handle */ + const char *zSourceName /* Source database name */ +); +SQLITE_API int sqlite3_backup_step(sqlite3_backup *p, int nPage); +SQLITE_API int sqlite3_backup_finish(sqlite3_backup *p); +SQLITE_API int sqlite3_backup_remaining(sqlite3_backup *p); +SQLITE_API int sqlite3_backup_pagecount(sqlite3_backup *p); + +/* +** CAPI3REF: Unlock Notification +** EXPERIMENTAL +** +** ^When running in shared-cache mode, a database operation may fail with +** an [SQLITE_LOCKED] error if the required locks on the shared-cache or +** individual tables within the shared-cache cannot be obtained. See +** [SQLite Shared-Cache Mode] for a description of shared-cache locking. +** ^This API may be used to register a callback that SQLite will invoke +** when the connection currently holding the required lock relinquishes it. +** ^This API is only available if the library was compiled with the +** [SQLITE_ENABLE_UNLOCK_NOTIFY] C-preprocessor symbol defined. +** +** See Also: [Using the SQLite Unlock Notification Feature]. +** +** ^Shared-cache locks are released when a database connection concludes +** its current transaction, either by committing it or rolling it back. +** +** ^When a connection (known as the blocked connection) fails to obtain a +** shared-cache lock and SQLITE_LOCKED is returned to the caller, the +** identity of the database connection (the blocking connection) that +** has locked the required resource is stored internally. ^After an +** application receives an SQLITE_LOCKED error, it may call the +** sqlite3_unlock_notify() method with the blocked connection handle as +** the first argument to register for a callback that will be invoked +** when the blocking connections current transaction is concluded. ^The +** callback is invoked from within the [sqlite3_step] or [sqlite3_close] +** call that concludes the blocking connections transaction. +** +** ^(If sqlite3_unlock_notify() is called in a multi-threaded application, +** there is a chance that the blocking connection will have already +** concluded its transaction by the time sqlite3_unlock_notify() is invoked. +** If this happens, then the specified callback is invoked immediately, +** from within the call to sqlite3_unlock_notify().)^ +** +** ^If the blocked connection is attempting to obtain a write-lock on a +** shared-cache table, and more than one other connection currently holds +** a read-lock on the same table, then SQLite arbitrarily selects one of +** the other connections to use as the blocking connection. +** +** ^(There may be at most one unlock-notify callback registered by a +** blocked connection. If sqlite3_unlock_notify() is called when the +** blocked connection already has a registered unlock-notify callback, +** then the new callback replaces the old.)^ ^If sqlite3_unlock_notify() is +** called with a NULL pointer as its second argument, then any existing +** unlock-notify callback is cancelled. ^The blocked connections +** unlock-notify callback may also be canceled by closing the blocked +** connection using [sqlite3_close()]. +** +** The unlock-notify callback is not reentrant. If an application invokes +** any sqlite3_xxx API functions from within an unlock-notify callback, a +** crash or deadlock may be the result. +** +** ^Unless deadlock is detected (see below), sqlite3_unlock_notify() always +** returns SQLITE_OK. +** +** Callback Invocation Details +** +** When an unlock-notify callback is registered, the application provides a +** single void* pointer that is passed to the callback when it is invoked. +** However, the signature of the callback function allows SQLite to pass +** it an array of void* context pointers. The first argument passed to +** an unlock-notify callback is a pointer to an array of void* pointers, +** and the second is the number of entries in the array. +** +** When a blocking connections transaction is concluded, there may be +** more than one blocked connection that has registered for an unlock-notify +** callback. ^If two or more such blocked connections have specified the +** same callback function, then instead of invoking the callback function +** multiple times, it is invoked once with the set of void* context pointers +** specified by the blocked connections bundled together into an array. +** This gives the application an opportunity to prioritize any actions +** related to the set of unblocked database connections. +** +** Deadlock Detection +** +** Assuming that after registering for an unlock-notify callback a +** database waits for the callback to be issued before taking any further +** action (a reasonable assumption), then using this API may cause the +** application to deadlock. For example, if connection X is waiting for +** connection Y's transaction to be concluded, and similarly connection +** Y is waiting on connection X's transaction, then neither connection +** will proceed and the system may remain deadlocked indefinitely. +** +** To avoid this scenario, the sqlite3_unlock_notify() performs deadlock +** detection. ^If a given call to sqlite3_unlock_notify() would put the +** system in a deadlocked state, then SQLITE_LOCKED is returned and no +** unlock-notify callback is registered. The system is said to be in +** a deadlocked state if connection A has registered for an unlock-notify +** callback on the conclusion of connection B's transaction, and connection +** B has itself registered for an unlock-notify callback when connection +** A's transaction is concluded. ^Indirect deadlock is also detected, so +** the system is also considered to be deadlocked if connection B has +** registered for an unlock-notify callback on the conclusion of connection +** C's transaction, where connection C is waiting on connection A. ^Any +** number of levels of indirection are allowed. +** +** The "DROP TABLE" Exception +** +** When a call to [sqlite3_step()] returns SQLITE_LOCKED, it is almost +** always appropriate to call sqlite3_unlock_notify(). There is however, +** one exception. When executing a "DROP TABLE" or "DROP INDEX" statement, +** SQLite checks if there are any currently executing SELECT statements +** that belong to the same connection. If there are, SQLITE_LOCKED is +** returned. In this case there is no "blocking connection", so invoking +** sqlite3_unlock_notify() results in the unlock-notify callback being +** invoked immediately. If the application then re-attempts the "DROP TABLE" +** or "DROP INDEX" query, an infinite loop might be the result. +** +** One way around this problem is to check the extended error code returned +** by an sqlite3_step() call. ^(If there is a blocking connection, then the +** extended error code is set to SQLITE_LOCKED_SHAREDCACHE. Otherwise, in +** the special "DROP TABLE/INDEX" case, the extended error code is just +** SQLITE_LOCKED.)^ +*/ +SQLITE_API int sqlite3_unlock_notify( + sqlite3 *pBlocked, /* Waiting connection */ + void (*xNotify)(void **apArg, int nArg), /* Callback function to invoke */ + void *pNotifyArg /* Argument to pass to xNotify */ +); + + +/* +** CAPI3REF: String Comparison +** EXPERIMENTAL +** +** ^The [sqlite3_strnicmp()] API allows applications and extensions to +** compare the contents of two buffers containing UTF-8 strings in a +** case-indendent fashion, using the same definition of case independence +** that SQLite uses internally when comparing identifiers. +*/ +SQLITE_API int sqlite3_strnicmp(const char *, const char *, int); + +/* +** CAPI3REF: Error Logging Interface +** EXPERIMENTAL +** +** ^The [sqlite3_log()] interface writes a message into the error log +** established by the [SQLITE_CONFIG_LOG] option to [sqlite3_config()]. +** ^If logging is enabled, the zFormat string and subsequent arguments are +** passed through to [sqlite3_vmprintf()] to generate the final output string. +** +** The sqlite3_log() interface is intended for use by extensions such as +** virtual tables, collating functions, and SQL functions. While there is +** nothing to prevent an application from calling sqlite3_log(), doing so +** is considered bad form. +** +** The zFormat string must not be NULL. +** +** To avoid deadlocks and other threading problems, the sqlite3_log() routine +** will not use dynamically allocated memory. The log message is stored in +** a fixed-length buffer on the stack. If the log message is longer than +** a few hundred characters, it will be truncated to the length of the +** buffer. +*/ +SQLITE_API void sqlite3_log(int iErrCode, const char *zFormat, ...); + +/* +** Undo the hack that converts floating point types to integer for +** builds on processors without floating point support. +*/ +#ifdef SQLITE_OMIT_FLOATING_POINT +# undef double +#endif + +#if 0 +} /* End of the 'extern "C"' block */ +#endif +#endif + + +/************** End of sqlite3.h *********************************************/ +/************** Continuing where we left off in sqliteInt.h ******************/ +/************** Include hash.h in the middle of sqliteInt.h ******************/ +/************** Begin file hash.h ********************************************/ +/* +** 2001 September 22 +** +** The author disclaims copyright to this source code. In place of +** a legal notice, here is a blessing: +** +** May you do good and not evil. +** May you find forgiveness for yourself and forgive others. +** May you share freely, never taking more than you give. +** +************************************************************************* +** This is the header file for the generic hash-table implemenation +** used in SQLite. +*/ +#ifndef _SQLITE_HASH_H_ +#define _SQLITE_HASH_H_ + +/* Forward declarations of structures. */ +typedef struct Hash Hash; +typedef struct HashElem HashElem; + +/* A complete hash table is an instance of the following structure. +** The internals of this structure are intended to be opaque -- client +** code should not attempt to access or modify the fields of this structure +** directly. Change this structure only by using the routines below. +** However, some of the "procedures" and "functions" for modifying and +** accessing this structure are really macros, so we can't really make +** this structure opaque. +** +** All elements of the hash table are on a single doubly-linked list. +** Hash.first points to the head of this list. +** +** There are Hash.htsize buckets. Each bucket points to a spot in +** the global doubly-linked list. The contents of the bucket are the +** element pointed to plus the next _ht.count-1 elements in the list. +** +** Hash.htsize and Hash.ht may be zero. In that case lookup is done +** by a linear search of the global list. For small tables, the +** Hash.ht table is never allocated because if there are few elements +** in the table, it is faster to do a linear search than to manage +** the hash table. +*/ +struct Hash { + unsigned int htsize; /* Number of buckets in the hash table */ + unsigned int count; /* Number of entries in this table */ + HashElem *first; /* The first element of the array */ + struct _ht { /* the hash table */ + int count; /* Number of entries with this hash */ + HashElem *chain; /* Pointer to first entry with this hash */ + } *ht; +}; + +/* Each element in the hash table is an instance of the following +** structure. All elements are stored on a single doubly-linked list. +** +** Again, this structure is intended to be opaque, but it can't really +** be opaque because it is used by macros. +*/ +struct HashElem { + HashElem *next, *prev; /* Next and previous elements in the table */ + void *data; /* Data associated with this element */ + const char *pKey; int nKey; /* Key associated with this element */ +}; + +/* +** Access routines. To delete, insert a NULL pointer. +*/ +SQLITE_PRIVATE void sqlite3HashInit(Hash*); +SQLITE_PRIVATE void *sqlite3HashInsert(Hash*, const char *pKey, int nKey, void *pData); +SQLITE_PRIVATE void *sqlite3HashFind(const Hash*, const char *pKey, int nKey); +SQLITE_PRIVATE void sqlite3HashClear(Hash*); + +/* +** Macros for looping over all elements of a hash table. The idiom is +** like this: +** +** Hash h; +** HashElem *p; +** ... +** for(p=sqliteHashFirst(&h); p; p=sqliteHashNext(p)){ +** SomeStructure *pData = sqliteHashData(p); +** // do something with pData +** } +*/ +#define sqliteHashFirst(H) ((H)->first) +#define sqliteHashNext(E) ((E)->next) +#define sqliteHashData(E) ((E)->data) +/* #define sqliteHashKey(E) ((E)->pKey) // NOT USED */ +/* #define sqliteHashKeysize(E) ((E)->nKey) // NOT USED */ + +/* +** Number of entries in a hash table +*/ +/* #define sqliteHashCount(H) ((H)->count) // NOT USED */ + +#endif /* _SQLITE_HASH_H_ */ + +/************** End of hash.h ************************************************/ +/************** Continuing where we left off in sqliteInt.h ******************/ +/************** Include parse.h in the middle of sqliteInt.h *****************/ +/************** Begin file parse.h *******************************************/ +#define TK_SEMI 1 +#define TK_EXPLAIN 2 +#define TK_QUERY 3 +#define TK_PLAN 4 +#define TK_BEGIN 5 +#define TK_TRANSACTION 6 +#define TK_DEFERRED 7 +#define TK_IMMEDIATE 8 +#define TK_EXCLUSIVE 9 +#define TK_COMMIT 10 +#define TK_END 11 +#define TK_ROLLBACK 12 +#define TK_SAVEPOINT 13 +#define TK_RELEASE 14 +#define TK_TO 15 +#define TK_TABLE 16 +#define TK_CREATE 17 +#define TK_IF 18 +#define TK_NOT 19 +#define TK_EXISTS 20 +#define TK_TEMP 21 +#define TK_LP 22 +#define TK_RP 23 +#define TK_AS 24 +#define TK_COMMA 25 +#define TK_ID 26 +#define TK_INDEXED 27 +#define TK_ABORT 28 +#define TK_ACTION 29 +#define TK_AFTER 30 +#define TK_ANALYZE 31 +#define TK_ASC 32 +#define TK_ATTACH 33 +#define TK_BEFORE 34 +#define TK_BY 35 +#define TK_CASCADE 36 +#define TK_CAST 37 +#define TK_COLUMNKW 38 +#define TK_CONFLICT 39 +#define TK_DATABASE 40 +#define TK_DESC 41 +#define TK_DETACH 42 +#define TK_EACH 43 +#define TK_FAIL 44 +#define TK_FOR 45 +#define TK_IGNORE 46 +#define TK_INITIALLY 47 +#define TK_INSTEAD 48 +#define TK_LIKE_KW 49 +#define TK_MATCH 50 +#define TK_NO 51 +#define TK_KEY 52 +#define TK_OF 53 +#define TK_OFFSET 54 +#define TK_PRAGMA 55 +#define TK_RAISE 56 +#define TK_REPLACE 57 +#define TK_RESTRICT 58 +#define TK_ROW 59 +#define TK_TRIGGER 60 +#define TK_VACUUM 61 +#define TK_VIEW 62 +#define TK_VIRTUAL 63 +#define TK_REINDEX 64 +#define TK_RENAME 65 +#define TK_CTIME_KW 66 +#define TK_ANY 67 +#define TK_OR 68 +#define TK_AND 69 +#define TK_IS 70 +#define TK_BETWEEN 71 +#define TK_IN 72 +#define TK_ISNULL 73 +#define TK_NOTNULL 74 +#define TK_NE 75 +#define TK_EQ 76 +#define TK_GT 77 +#define TK_LE 78 +#define TK_LT 79 +#define TK_GE 80 +#define TK_ESCAPE 81 +#define TK_BITAND 82 +#define TK_BITOR 83 +#define TK_LSHIFT 84 +#define TK_RSHIFT 85 +#define TK_PLUS 86 +#define TK_MINUS 87 +#define TK_STAR 88 +#define TK_SLASH 89 +#define TK_REM 90 +#define TK_CONCAT 91 +#define TK_COLLATE 92 +#define TK_BITNOT 93 +#define TK_STRING 94 +#define TK_JOIN_KW 95 +#define TK_CONSTRAINT 96 +#define TK_DEFAULT 97 +#define TK_NULL 98 +#define TK_PRIMARY 99 +#define TK_UNIQUE 100 +#define TK_CHECK 101 +#define TK_REFERENCES 102 +#define TK_AUTOINCR 103 +#define TK_ON 104 +#define TK_INSERT 105 +#define TK_DELETE 106 +#define TK_UPDATE 107 +#define TK_SET 108 +#define TK_DEFERRABLE 109 +#define TK_FOREIGN 110 +#define TK_DROP 111 +#define TK_UNION 112 +#define TK_ALL 113 +#define TK_EXCEPT 114 +#define TK_INTERSECT 115 +#define TK_SELECT 116 +#define TK_DISTINCT 117 +#define TK_DOT 118 +#define TK_FROM 119 +#define TK_JOIN 120 +#define TK_USING 121 +#define TK_ORDER 122 +#define TK_GROUP 123 +#define TK_HAVING 124 +#define TK_LIMIT 125 +#define TK_WHERE 126 +#define TK_INTO 127 +#define TK_VALUES 128 +#define TK_INTEGER 129 +#define TK_FLOAT 130 +#define TK_BLOB 131 +#define TK_REGISTER 132 +#define TK_VARIABLE 133 +#define TK_CASE 134 +#define TK_WHEN 135 +#define TK_THEN 136 +#define TK_ELSE 137 +#define TK_INDEX 138 +#define TK_ALTER 139 +#define TK_ADD 140 +#define TK_TO_TEXT 141 +#define TK_TO_BLOB 142 +#define TK_TO_NUMERIC 143 +#define TK_TO_INT 144 +#define TK_TO_REAL 145 +#define TK_ISNOT 146 +#define TK_END_OF_FILE 147 +#define TK_ILLEGAL 148 +#define TK_SPACE 149 +#define TK_UNCLOSED_STRING 150 +#define TK_FUNCTION 151 +#define TK_COLUMN 152 +#define TK_AGG_FUNCTION 153 +#define TK_AGG_COLUMN 154 +#define TK_CONST_FUNC 155 +#define TK_UMINUS 156 +#define TK_UPLUS 157 + +/************** End of parse.h ***********************************************/ +/************** Continuing where we left off in sqliteInt.h ******************/ +#include +#include +#include +#include +#include + +/* +** If compiling for a processor that lacks floating point support, +** substitute integer for floating-point +*/ +#ifdef SQLITE_OMIT_FLOATING_POINT +# define double sqlite_int64 +# define LONGDOUBLE_TYPE sqlite_int64 +# ifndef SQLITE_BIG_DBL +# define SQLITE_BIG_DBL (((sqlite3_int64)1)<<50) +# endif +# define SQLITE_OMIT_DATETIME_FUNCS 1 +# define SQLITE_OMIT_TRACE 1 +# undef SQLITE_MIXED_ENDIAN_64BIT_FLOAT +# undef SQLITE_HAVE_ISNAN +#endif +#ifndef SQLITE_BIG_DBL +# define SQLITE_BIG_DBL (1e99) +#endif + +/* +** OMIT_TEMPDB is set to 1 if SQLITE_OMIT_TEMPDB is defined, or 0 +** afterward. Having this macro allows us to cause the C compiler +** to omit code used by TEMP tables without messy #ifndef statements. +*/ +#ifdef SQLITE_OMIT_TEMPDB +#define OMIT_TEMPDB 1 +#else +#define OMIT_TEMPDB 0 +#endif + +/* +** The "file format" number is an integer that is incremented whenever +** the VDBE-level file format changes. The following macros define the +** the default file format for new databases and the maximum file format +** that the library can read. +*/ +#define SQLITE_MAX_FILE_FORMAT 4 +#ifndef SQLITE_DEFAULT_FILE_FORMAT +# define SQLITE_DEFAULT_FILE_FORMAT 1 +#endif + +/* +** Determine whether triggers are recursive by default. This can be +** changed at run-time using a pragma. +*/ +#ifndef SQLITE_DEFAULT_RECURSIVE_TRIGGERS +# define SQLITE_DEFAULT_RECURSIVE_TRIGGERS 0 +#endif + +/* +** Provide a default value for SQLITE_TEMP_STORE in case it is not specified +** on the command-line +*/ +#ifndef SQLITE_TEMP_STORE +# define SQLITE_TEMP_STORE 1 +#endif + +/* +** GCC does not define the offsetof() macro so we'll have to do it +** ourselves. +*/ +#ifndef offsetof +#define offsetof(STRUCTURE,FIELD) ((int)((char*)&((STRUCTURE*)0)->FIELD)) +#endif + +/* +** Check to see if this machine uses EBCDIC. (Yes, believe it or +** not, there are still machines out there that use EBCDIC.) +*/ +#if 'A' == '\301' +# define SQLITE_EBCDIC 1 +#else +# define SQLITE_ASCII 1 +#endif + +/* +** Integers of known sizes. These typedefs might change for architectures +** where the sizes very. Preprocessor macros are available so that the +** types can be conveniently redefined at compile-type. Like this: +** +** cc '-DUINTPTR_TYPE=long long int' ... +*/ +#ifndef UINT32_TYPE +# ifdef HAVE_UINT32_T +# define UINT32_TYPE uint32_t +# else +# define UINT32_TYPE unsigned int +# endif +#endif +#ifndef UINT16_TYPE +# ifdef HAVE_UINT16_T +# define UINT16_TYPE uint16_t +# else +# define UINT16_TYPE unsigned short int +# endif +#endif +#ifndef INT16_TYPE +# ifdef HAVE_INT16_T +# define INT16_TYPE int16_t +# else +# define INT16_TYPE short int +# endif +#endif +#ifndef UINT8_TYPE +# ifdef HAVE_UINT8_T +# define UINT8_TYPE uint8_t +# else +# define UINT8_TYPE unsigned char +# endif +#endif +#ifndef INT8_TYPE +# ifdef HAVE_INT8_T +# define INT8_TYPE int8_t +# else +# define INT8_TYPE signed char +# endif +#endif +#ifndef LONGDOUBLE_TYPE +# define LONGDOUBLE_TYPE long double +#endif +typedef sqlite_int64 i64; /* 8-byte signed integer */ +typedef sqlite_uint64 u64; /* 8-byte unsigned integer */ +typedef UINT32_TYPE u32; /* 4-byte unsigned integer */ +typedef UINT16_TYPE u16; /* 2-byte unsigned integer */ +typedef INT16_TYPE i16; /* 2-byte signed integer */ +typedef UINT8_TYPE u8; /* 1-byte unsigned integer */ +typedef INT8_TYPE i8; /* 1-byte signed integer */ + +/* +** SQLITE_MAX_U32 is a u64 constant that is the maximum u64 value +** that can be stored in a u32 without loss of data. The value +** is 0x00000000ffffffff. But because of quirks of some compilers, we +** have to specify the value in the less intuitive manner shown: +*/ +#define SQLITE_MAX_U32 ((((u64)1)<<32)-1) + +/* +** Macros to determine whether the machine is big or little endian, +** evaluated at runtime. +*/ +#ifdef SQLITE_AMALGAMATION +SQLITE_PRIVATE const int sqlite3one = 1; +#else +SQLITE_PRIVATE const int sqlite3one; +#endif +#if defined(i386) || defined(__i386__) || defined(_M_IX86)\ + || defined(__x86_64) || defined(__x86_64__) +# define SQLITE_BIGENDIAN 0 +# define SQLITE_LITTLEENDIAN 1 +# define SQLITE_UTF16NATIVE SQLITE_UTF16LE +#else +# define SQLITE_BIGENDIAN (*(char *)(&sqlite3one)==0) +# define SQLITE_LITTLEENDIAN (*(char *)(&sqlite3one)==1) +# define SQLITE_UTF16NATIVE (SQLITE_BIGENDIAN?SQLITE_UTF16BE:SQLITE_UTF16LE) +#endif + +/* +** Constants for the largest and smallest possible 64-bit signed integers. +** These macros are designed to work correctly on both 32-bit and 64-bit +** compilers. +*/ +#define LARGEST_INT64 (0xffffffff|(((i64)0x7fffffff)<<32)) +#define SMALLEST_INT64 (((i64)-1) - LARGEST_INT64) + +/* +** Round up a number to the next larger multiple of 8. This is used +** to force 8-byte alignment on 64-bit architectures. +*/ +#define ROUND8(x) (((x)+7)&~7) + +/* +** Round down to the nearest multiple of 8 +*/ +#define ROUNDDOWN8(x) ((x)&~7) + +/* +** Assert that the pointer X is aligned to an 8-byte boundary. This +** macro is used only within assert() to verify that the code gets +** all alignment restrictions correct. +** +** Except, if SQLITE_4_BYTE_ALIGNED_MALLOC is defined, then the +** underlying malloc() implemention might return us 4-byte aligned +** pointers. In that case, only verify 4-byte alignment. +*/ +#ifdef SQLITE_4_BYTE_ALIGNED_MALLOC +# define EIGHT_BYTE_ALIGNMENT(X) ((((char*)(X) - (char*)0)&3)==0) +#else +# define EIGHT_BYTE_ALIGNMENT(X) ((((char*)(X) - (char*)0)&7)==0) +#endif + + +/* +** An instance of the following structure is used to store the busy-handler +** callback for a given sqlite handle. +** +** The sqlite.busyHandler member of the sqlite struct contains the busy +** callback for the database handle. Each pager opened via the sqlite +** handle is passed a pointer to sqlite.busyHandler. The busy-handler +** callback is currently invoked only from within pager.c. +*/ +typedef struct BusyHandler BusyHandler; +struct BusyHandler { + int (*xFunc)(void *,int); /* The busy callback */ + void *pArg; /* First arg to busy callback */ + int nBusy; /* Incremented with each busy call */ +}; + +/* +** Name of the master database table. The master database table +** is a special table that holds the names and attributes of all +** user tables and indices. +*/ +#define MASTER_NAME "sqlite_master" +#define TEMP_MASTER_NAME "sqlite_temp_master" + +/* +** The root-page of the master database table. +*/ +#define MASTER_ROOT 1 + +/* +** The name of the schema table. +*/ +#define SCHEMA_TABLE(x) ((!OMIT_TEMPDB)&&(x==1)?TEMP_MASTER_NAME:MASTER_NAME) + +/* +** A convenience macro that returns the number of elements in +** an array. +*/ +#define ArraySize(X) ((int)(sizeof(X)/sizeof(X[0]))) + +/* +** The following value as a destructor means to use sqlite3DbFree(). +** This is an internal extension to SQLITE_STATIC and SQLITE_TRANSIENT. +*/ +#define SQLITE_DYNAMIC ((sqlite3_destructor_type)sqlite3DbFree) + +/* +** When SQLITE_OMIT_WSD is defined, it means that the target platform does +** not support Writable Static Data (WSD) such as global and static variables. +** All variables must either be on the stack or dynamically allocated from +** the heap. When WSD is unsupported, the variable declarations scattered +** throughout the SQLite code must become constants instead. The SQLITE_WSD +** macro is used for this purpose. And instead of referencing the variable +** directly, we use its constant as a key to lookup the run-time allocated +** buffer that holds real variable. The constant is also the initializer +** for the run-time allocated buffer. +** +** In the usual case where WSD is supported, the SQLITE_WSD and GLOBAL +** macros become no-ops and have zero performance impact. +*/ +#ifdef SQLITE_OMIT_WSD + #define SQLITE_WSD const + #define GLOBAL(t,v) (*(t*)sqlite3_wsd_find((void*)&(v), sizeof(v))) + #define sqlite3GlobalConfig GLOBAL(struct Sqlite3Config, sqlite3Config) +SQLITE_API int sqlite3_wsd_init(int N, int J); +SQLITE_API void *sqlite3_wsd_find(void *K, int L); +#else + #define SQLITE_WSD + #define GLOBAL(t,v) v + #define sqlite3GlobalConfig sqlite3Config +#endif + +/* +** The following macros are used to suppress compiler warnings and to +** make it clear to human readers when a function parameter is deliberately +** left unused within the body of a function. This usually happens when +** a function is called via a function pointer. For example the +** implementation of an SQL aggregate step callback may not use the +** parameter indicating the number of arguments passed to the aggregate, +** if it knows that this is enforced elsewhere. +** +** When a function parameter is not used at all within the body of a function, +** it is generally named "NotUsed" or "NotUsed2" to make things even clearer. +** However, these macros may also be used to suppress warnings related to +** parameters that may or may not be used depending on compilation options. +** For example those parameters only used in assert() statements. In these +** cases the parameters are named as per the usual conventions. +*/ +#define UNUSED_PARAMETER(x) (void)(x) +#define UNUSED_PARAMETER2(x,y) UNUSED_PARAMETER(x),UNUSED_PARAMETER(y) + +/* +** Forward references to structures +*/ +typedef struct AggInfo AggInfo; +typedef struct AuthContext AuthContext; +typedef struct AutoincInfo AutoincInfo; +typedef struct Bitvec Bitvec; +typedef struct CollSeq CollSeq; +typedef struct Column Column; +typedef struct Db Db; +typedef struct Schema Schema; +typedef struct Expr Expr; +typedef struct ExprList ExprList; +typedef struct ExprSpan ExprSpan; +typedef struct FKey FKey; +typedef struct FuncDef FuncDef; +typedef struct FuncDefHash FuncDefHash; +typedef struct IdList IdList; +typedef struct Index Index; +typedef struct IndexSample IndexSample; +typedef struct KeyClass KeyClass; +typedef struct KeyInfo KeyInfo; +typedef struct Lookaside Lookaside; +typedef struct LookasideSlot LookasideSlot; +typedef struct Module Module; +typedef struct NameContext NameContext; +typedef struct Parse Parse; +typedef struct RowSet RowSet; +typedef struct Savepoint Savepoint; +typedef struct Select Select; +typedef struct SrcList SrcList; +typedef struct StrAccum StrAccum; +typedef struct Table Table; +typedef struct TableLock TableLock; +typedef struct Token Token; +typedef struct Trigger Trigger; +typedef struct TriggerPrg TriggerPrg; +typedef struct TriggerStep TriggerStep; +typedef struct UnpackedRecord UnpackedRecord; +typedef struct VTable VTable; +typedef struct Walker Walker; +typedef struct WherePlan WherePlan; +typedef struct WhereInfo WhereInfo; +typedef struct WhereLevel WhereLevel; + +/* +** Defer sourcing vdbe.h and btree.h until after the "u8" and +** "BusyHandler" typedefs. vdbe.h also requires a few of the opaque +** pointer types (i.e. FuncDef) defined above. +*/ +/************** Include btree.h in the middle of sqliteInt.h *****************/ +/************** Begin file btree.h *******************************************/ +/* +** 2001 September 15 +** +** The author disclaims copyright to this source code. In place of +** a legal notice, here is a blessing: +** +** May you do good and not evil. +** May you find forgiveness for yourself and forgive others. +** May you share freely, never taking more than you give. +** +************************************************************************* +** This header file defines the interface that the sqlite B-Tree file +** subsystem. See comments in the source code for a detailed description +** of what each interface routine does. +*/ +#ifndef _BTREE_H_ +#define _BTREE_H_ + +/* TODO: This definition is just included so other modules compile. It +** needs to be revisited. +*/ +#define SQLITE_N_BTREE_META 10 + +/* +** If defined as non-zero, auto-vacuum is enabled by default. Otherwise +** it must be turned on for each database using "PRAGMA auto_vacuum = 1". +*/ +#ifndef SQLITE_DEFAULT_AUTOVACUUM + #define SQLITE_DEFAULT_AUTOVACUUM 0 +#endif + +#define BTREE_AUTOVACUUM_NONE 0 /* Do not do auto-vacuum */ +#define BTREE_AUTOVACUUM_FULL 1 /* Do full auto-vacuum */ +#define BTREE_AUTOVACUUM_INCR 2 /* Incremental vacuum */ + +/* +** Forward declarations of structure +*/ +typedef struct Btree Btree; +typedef struct BtCursor BtCursor; +typedef struct BtShared BtShared; +typedef struct BtreeMutexArray BtreeMutexArray; + +/* +** This structure records all of the Btrees that need to hold +** a mutex before we enter sqlite3VdbeExec(). The Btrees are +** are placed in aBtree[] in order of aBtree[]->pBt. That way, +** we can always lock and unlock them all quickly. +*/ +struct BtreeMutexArray { + int nMutex; + Btree *aBtree[SQLITE_MAX_ATTACHED+1]; +}; + + +SQLITE_PRIVATE int sqlite3BtreeOpen( + const char *zFilename, /* Name of database file to open */ + sqlite3 *db, /* Associated database connection */ + Btree **ppBtree, /* Return open Btree* here */ + int flags, /* Flags */ + int vfsFlags /* Flags passed through to VFS open */ +); + +/* The flags parameter to sqlite3BtreeOpen can be the bitwise or of the +** following values. +** +** NOTE: These values must match the corresponding PAGER_ values in +** pager.h. +*/ +#define BTREE_OMIT_JOURNAL 1 /* Do not use journal. No argument */ +#define BTREE_NO_READLOCK 2 /* Omit readlocks on readonly files */ +#define BTREE_MEMORY 4 /* In-memory DB. No argument */ +#define BTREE_READONLY 8 /* Open the database in read-only mode */ +#define BTREE_READWRITE 16 /* Open for both reading and writing */ +#define BTREE_CREATE 32 /* Create the database if it does not exist */ + +SQLITE_PRIVATE int sqlite3BtreeClose(Btree*); +SQLITE_PRIVATE int sqlite3BtreeSetCacheSize(Btree*,int); +SQLITE_PRIVATE int sqlite3BtreeSetSafetyLevel(Btree*,int,int); +SQLITE_PRIVATE int sqlite3BtreeSyncDisabled(Btree*); +SQLITE_PRIVATE int sqlite3BtreeSetPageSize(Btree *p, int nPagesize, int nReserve, int eFix); +SQLITE_PRIVATE int sqlite3BtreeGetPageSize(Btree*); +SQLITE_PRIVATE int sqlite3BtreeMaxPageCount(Btree*,int); +SQLITE_PRIVATE int sqlite3BtreeSecureDelete(Btree*,int); +SQLITE_PRIVATE int sqlite3BtreeGetReserve(Btree*); +SQLITE_PRIVATE int sqlite3BtreeSetAutoVacuum(Btree *, int); +SQLITE_PRIVATE int sqlite3BtreeGetAutoVacuum(Btree *); +SQLITE_PRIVATE int sqlite3BtreeBeginTrans(Btree*,int); +SQLITE_PRIVATE int sqlite3BtreeCommitPhaseOne(Btree*, const char *zMaster); +SQLITE_PRIVATE int sqlite3BtreeCommitPhaseTwo(Btree*); +SQLITE_PRIVATE int sqlite3BtreeCommit(Btree*); +SQLITE_PRIVATE int sqlite3BtreeRollback(Btree*); +SQLITE_PRIVATE int sqlite3BtreeBeginStmt(Btree*,int); +SQLITE_PRIVATE int sqlite3BtreeCreateTable(Btree*, int*, int flags); +SQLITE_PRIVATE int sqlite3BtreeIsInTrans(Btree*); +SQLITE_PRIVATE int sqlite3BtreeIsInReadTrans(Btree*); +SQLITE_PRIVATE int sqlite3BtreeIsInBackup(Btree*); +SQLITE_PRIVATE void *sqlite3BtreeSchema(Btree *, int, void(*)(void *)); +SQLITE_PRIVATE int sqlite3BtreeSchemaLocked(Btree *pBtree); +SQLITE_PRIVATE int sqlite3BtreeLockTable(Btree *pBtree, int iTab, u8 isWriteLock); +SQLITE_PRIVATE int sqlite3BtreeSavepoint(Btree *, int, int); + +SQLITE_PRIVATE const char *sqlite3BtreeGetFilename(Btree *); +SQLITE_PRIVATE const char *sqlite3BtreeGetJournalname(Btree *); +SQLITE_PRIVATE int sqlite3BtreeCopyFile(Btree *, Btree *); + +SQLITE_PRIVATE int sqlite3BtreeIncrVacuum(Btree *); + +/* The flags parameter to sqlite3BtreeCreateTable can be the bitwise OR +** of the following flags: +*/ +#define BTREE_INTKEY 1 /* Table has only 64-bit signed integer keys */ +#define BTREE_ZERODATA 2 /* Table has keys only - no data */ +#define BTREE_LEAFDATA 4 /* Data stored in leaves only. Implies INTKEY */ + +SQLITE_PRIVATE int sqlite3BtreeDropTable(Btree*, int, int*); +SQLITE_PRIVATE int sqlite3BtreeClearTable(Btree*, int, int*); +SQLITE_PRIVATE void sqlite3BtreeTripAllCursors(Btree*, int); + +SQLITE_PRIVATE void sqlite3BtreeGetMeta(Btree *pBtree, int idx, u32 *pValue); +SQLITE_PRIVATE int sqlite3BtreeUpdateMeta(Btree*, int idx, u32 value); + +/* +** The second parameter to sqlite3BtreeGetMeta or sqlite3BtreeUpdateMeta +** should be one of the following values. The integer values are assigned +** to constants so that the offset of the corresponding field in an +** SQLite database header may be found using the following formula: +** +** offset = 36 + (idx * 4) +** +** For example, the free-page-count field is located at byte offset 36 of +** the database file header. The incr-vacuum-flag field is located at +** byte offset 64 (== 36+4*7). +*/ +#define BTREE_FREE_PAGE_COUNT 0 +#define BTREE_SCHEMA_VERSION 1 +#define BTREE_FILE_FORMAT 2 +#define BTREE_DEFAULT_CACHE_SIZE 3 +#define BTREE_LARGEST_ROOT_PAGE 4 +#define BTREE_TEXT_ENCODING 5 +#define BTREE_USER_VERSION 6 +#define BTREE_INCR_VACUUM 7 + +SQLITE_PRIVATE int sqlite3BtreeCursor( + Btree*, /* BTree containing table to open */ + int iTable, /* Index of root page */ + int wrFlag, /* 1 for writing. 0 for read-only */ + struct KeyInfo*, /* First argument to compare function */ + BtCursor *pCursor /* Space to write cursor structure */ +); +SQLITE_PRIVATE int sqlite3BtreeCursorSize(void); +SQLITE_PRIVATE void sqlite3BtreeCursorZero(BtCursor*); + +SQLITE_PRIVATE int sqlite3BtreeCloseCursor(BtCursor*); +SQLITE_PRIVATE int sqlite3BtreeMovetoUnpacked( + BtCursor*, + UnpackedRecord *pUnKey, + i64 intKey, + int bias, + int *pRes +); +SQLITE_PRIVATE int sqlite3BtreeCursorHasMoved(BtCursor*, int*); +SQLITE_PRIVATE int sqlite3BtreeDelete(BtCursor*); +SQLITE_PRIVATE int sqlite3BtreeInsert(BtCursor*, const void *pKey, i64 nKey, + const void *pData, int nData, + int nZero, int bias, int seekResult); +SQLITE_PRIVATE int sqlite3BtreeFirst(BtCursor*, int *pRes); +SQLITE_PRIVATE int sqlite3BtreeLast(BtCursor*, int *pRes); +SQLITE_PRIVATE int sqlite3BtreeNext(BtCursor*, int *pRes); +SQLITE_PRIVATE int sqlite3BtreeEof(BtCursor*); +SQLITE_PRIVATE int sqlite3BtreePrevious(BtCursor*, int *pRes); +SQLITE_PRIVATE int sqlite3BtreeKeySize(BtCursor*, i64 *pSize); +SQLITE_PRIVATE int sqlite3BtreeKey(BtCursor*, u32 offset, u32 amt, void*); +SQLITE_PRIVATE const void *sqlite3BtreeKeyFetch(BtCursor*, int *pAmt); +SQLITE_PRIVATE const void *sqlite3BtreeDataFetch(BtCursor*, int *pAmt); +SQLITE_PRIVATE int sqlite3BtreeDataSize(BtCursor*, u32 *pSize); +SQLITE_PRIVATE int sqlite3BtreeData(BtCursor*, u32 offset, u32 amt, void*); +SQLITE_PRIVATE void sqlite3BtreeSetCachedRowid(BtCursor*, sqlite3_int64); +SQLITE_PRIVATE sqlite3_int64 sqlite3BtreeGetCachedRowid(BtCursor*); + +SQLITE_PRIVATE char *sqlite3BtreeIntegrityCheck(Btree*, int *aRoot, int nRoot, int, int*); +SQLITE_PRIVATE struct Pager *sqlite3BtreePager(Btree*); + +SQLITE_PRIVATE int sqlite3BtreePutData(BtCursor*, u32 offset, u32 amt, void*); +SQLITE_PRIVATE void sqlite3BtreeCacheOverflow(BtCursor *); +SQLITE_PRIVATE void sqlite3BtreeClearCursor(BtCursor *); + +#ifndef NDEBUG +SQLITE_PRIVATE int sqlite3BtreeCursorIsValid(BtCursor*); +#endif + +#ifndef SQLITE_OMIT_BTREECOUNT +SQLITE_PRIVATE int sqlite3BtreeCount(BtCursor *, i64 *); +#endif + +#ifdef SQLITE_TEST +SQLITE_PRIVATE int sqlite3BtreeCursorInfo(BtCursor*, int*, int); +SQLITE_PRIVATE void sqlite3BtreeCursorList(Btree*); +#endif + +/* +** If we are not using shared cache, then there is no need to +** use mutexes to access the BtShared structures. So make the +** Enter and Leave procedures no-ops. +*/ +#ifndef SQLITE_OMIT_SHARED_CACHE +SQLITE_PRIVATE void sqlite3BtreeEnter(Btree*); +SQLITE_PRIVATE void sqlite3BtreeEnterAll(sqlite3*); +#else +# define sqlite3BtreeEnter(X) +# define sqlite3BtreeEnterAll(X) +#endif + +#if !defined(SQLITE_OMIT_SHARED_CACHE) && SQLITE_THREADSAFE +SQLITE_PRIVATE void sqlite3BtreeLeave(Btree*); +SQLITE_PRIVATE void sqlite3BtreeEnterCursor(BtCursor*); +SQLITE_PRIVATE void sqlite3BtreeLeaveCursor(BtCursor*); +SQLITE_PRIVATE void sqlite3BtreeLeaveAll(sqlite3*); +SQLITE_PRIVATE void sqlite3BtreeMutexArrayEnter(BtreeMutexArray*); +SQLITE_PRIVATE void sqlite3BtreeMutexArrayLeave(BtreeMutexArray*); +SQLITE_PRIVATE void sqlite3BtreeMutexArrayInsert(BtreeMutexArray*, Btree*); +#ifndef NDEBUG + /* These routines are used inside assert() statements only. */ +SQLITE_PRIVATE int sqlite3BtreeHoldsMutex(Btree*); +SQLITE_PRIVATE int sqlite3BtreeHoldsAllMutexes(sqlite3*); +#endif +#else + +# define sqlite3BtreeLeave(X) +# define sqlite3BtreeEnterCursor(X) +# define sqlite3BtreeLeaveCursor(X) +# define sqlite3BtreeLeaveAll(X) +# define sqlite3BtreeMutexArrayEnter(X) +# define sqlite3BtreeMutexArrayLeave(X) +# define sqlite3BtreeMutexArrayInsert(X,Y) + +# define sqlite3BtreeHoldsMutex(X) 1 +# define sqlite3BtreeHoldsAllMutexes(X) 1 +#endif + + +#endif /* _BTREE_H_ */ + +/************** End of btree.h ***********************************************/ +/************** Continuing where we left off in sqliteInt.h ******************/ +/************** Include vdbe.h in the middle of sqliteInt.h ******************/ +/************** Begin file vdbe.h ********************************************/ +/* +** 2001 September 15 +** +** The author disclaims copyright to this source code. In place of +** a legal notice, here is a blessing: +** +** May you do good and not evil. +** May you find forgiveness for yourself and forgive others. +** May you share freely, never taking more than you give. +** +************************************************************************* +** Header file for the Virtual DataBase Engine (VDBE) +** +** This header defines the interface to the virtual database engine +** or VDBE. The VDBE implements an abstract machine that runs a +** simple program to access and modify the underlying database. +*/ +#ifndef _SQLITE_VDBE_H_ +#define _SQLITE_VDBE_H_ + +/* +** A single VDBE is an opaque structure named "Vdbe". Only routines +** in the source file sqliteVdbe.c are allowed to see the insides +** of this structure. +*/ +typedef struct Vdbe Vdbe; + +/* +** The names of the following types declared in vdbeInt.h are required +** for the VdbeOp definition. +*/ +typedef struct VdbeFunc VdbeFunc; +typedef struct Mem Mem; +typedef struct SubProgram SubProgram; + +/* +** A single instruction of the virtual machine has an opcode +** and as many as three operands. The instruction is recorded +** as an instance of the following structure: +*/ +struct VdbeOp { + u8 opcode; /* What operation to perform */ + signed char p4type; /* One of the P4_xxx constants for p4 */ + u8 opflags; /* Mask of the OPFLG_* flags in opcodes.h */ + u8 p5; /* Fifth parameter is an unsigned character */ + int p1; /* First operand */ + int p2; /* Second parameter (often the jump destination) */ + int p3; /* The third parameter */ + union { /* fourth parameter */ + int i; /* Integer value if p4type==P4_INT32 */ + void *p; /* Generic pointer */ + char *z; /* Pointer to data for string (char array) types */ + i64 *pI64; /* Used when p4type is P4_INT64 */ + double *pReal; /* Used when p4type is P4_REAL */ + FuncDef *pFunc; /* Used when p4type is P4_FUNCDEF */ + VdbeFunc *pVdbeFunc; /* Used when p4type is P4_VDBEFUNC */ + CollSeq *pColl; /* Used when p4type is P4_COLLSEQ */ + Mem *pMem; /* Used when p4type is P4_MEM */ + VTable *pVtab; /* Used when p4type is P4_VTAB */ + KeyInfo *pKeyInfo; /* Used when p4type is P4_KEYINFO */ + int *ai; /* Used when p4type is P4_INTARRAY */ + SubProgram *pProgram; /* Used when p4type is P4_SUBPROGRAM */ + } p4; +#ifdef SQLITE_DEBUG + char *zComment; /* Comment to improve readability */ +#endif +#ifdef VDBE_PROFILE + int cnt; /* Number of times this instruction was executed */ + u64 cycles; /* Total time spent executing this instruction */ +#endif +}; +typedef struct VdbeOp VdbeOp; + + +/* +** A sub-routine used to implement a trigger program. +*/ +struct SubProgram { + VdbeOp *aOp; /* Array of opcodes for sub-program */ + int nOp; /* Elements in aOp[] */ + int nMem; /* Number of memory cells required */ + int nCsr; /* Number of cursors required */ + int nRef; /* Number of pointers to this structure */ + void *token; /* id that may be used to recursive triggers */ +}; + +/* +** A smaller version of VdbeOp used for the VdbeAddOpList() function because +** it takes up less space. +*/ +struct VdbeOpList { + u8 opcode; /* What operation to perform */ + signed char p1; /* First operand */ + signed char p2; /* Second parameter (often the jump destination) */ + signed char p3; /* Third parameter */ +}; +typedef struct VdbeOpList VdbeOpList; + +/* +** Allowed values of VdbeOp.p4type +*/ +#define P4_NOTUSED 0 /* The P4 parameter is not used */ +#define P4_DYNAMIC (-1) /* Pointer to a string obtained from sqliteMalloc() */ +#define P4_STATIC (-2) /* Pointer to a static string */ +#define P4_COLLSEQ (-4) /* P4 is a pointer to a CollSeq structure */ +#define P4_FUNCDEF (-5) /* P4 is a pointer to a FuncDef structure */ +#define P4_KEYINFO (-6) /* P4 is a pointer to a KeyInfo structure */ +#define P4_VDBEFUNC (-7) /* P4 is a pointer to a VdbeFunc structure */ +#define P4_MEM (-8) /* P4 is a pointer to a Mem* structure */ +#define P4_TRANSIENT (-9) /* P4 is a pointer to a transient string */ +#define P4_VTAB (-10) /* P4 is a pointer to an sqlite3_vtab structure */ +#define P4_MPRINTF (-11) /* P4 is a string obtained from sqlite3_mprintf() */ +#define P4_REAL (-12) /* P4 is a 64-bit floating point value */ +#define P4_INT64 (-13) /* P4 is a 64-bit signed integer */ +#define P4_INT32 (-14) /* P4 is a 32-bit signed integer */ +#define P4_INTARRAY (-15) /* P4 is a vector of 32-bit integers */ +#define P4_SUBPROGRAM (-18) /* P4 is a pointer to a SubProgram structure */ + +/* When adding a P4 argument using P4_KEYINFO, a copy of the KeyInfo structure +** is made. That copy is freed when the Vdbe is finalized. But if the +** argument is P4_KEYINFO_HANDOFF, the passed in pointer is used. It still +** gets freed when the Vdbe is finalized so it still should be obtained +** from a single sqliteMalloc(). But no copy is made and the calling +** function should *not* try to free the KeyInfo. +*/ +#define P4_KEYINFO_HANDOFF (-16) +#define P4_KEYINFO_STATIC (-17) + +/* +** The Vdbe.aColName array contains 5n Mem structures, where n is the +** number of columns of data returned by the statement. +*/ +#define COLNAME_NAME 0 +#define COLNAME_DECLTYPE 1 +#define COLNAME_DATABASE 2 +#define COLNAME_TABLE 3 +#define COLNAME_COLUMN 4 +#ifdef SQLITE_ENABLE_COLUMN_METADATA +# define COLNAME_N 5 /* Number of COLNAME_xxx symbols */ +#else +# ifdef SQLITE_OMIT_DECLTYPE +# define COLNAME_N 1 /* Store only the name */ +# else +# define COLNAME_N 2 /* Store the name and decltype */ +# endif +#endif + +/* +** The following macro converts a relative address in the p2 field +** of a VdbeOp structure into a negative number so that +** sqlite3VdbeAddOpList() knows that the address is relative. Calling +** the macro again restores the address. +*/ +#define ADDR(X) (-1-(X)) + +/* +** The makefile scans the vdbe.c source file and creates the "opcodes.h" +** header file that defines a number for each opcode used by the VDBE. +*/ +/************** Include opcodes.h in the middle of vdbe.h ********************/ +/************** Begin file opcodes.h *****************************************/ +/* Automatically generated. Do not edit */ +/* See the mkopcodeh.awk script for details */ +#define OP_Goto 1 +#define OP_Gosub 2 +#define OP_Return 3 +#define OP_Yield 4 +#define OP_HaltIfNull 5 +#define OP_Halt 6 +#define OP_Integer 7 +#define OP_Int64 8 +#define OP_Real 130 /* same as TK_FLOAT */ +#define OP_String8 94 /* same as TK_STRING */ +#define OP_String 9 +#define OP_Null 10 +#define OP_Blob 11 +#define OP_Variable 12 +#define OP_Move 13 +#define OP_Copy 14 +#define OP_SCopy 15 +#define OP_ResultRow 16 +#define OP_Concat 91 /* same as TK_CONCAT */ +#define OP_Add 86 /* same as TK_PLUS */ +#define OP_Subtract 87 /* same as TK_MINUS */ +#define OP_Multiply 88 /* same as TK_STAR */ +#define OP_Divide 89 /* same as TK_SLASH */ +#define OP_Remainder 90 /* same as TK_REM */ +#define OP_CollSeq 17 +#define OP_Function 18 +#define OP_BitAnd 82 /* same as TK_BITAND */ +#define OP_BitOr 83 /* same as TK_BITOR */ +#define OP_ShiftLeft 84 /* same as TK_LSHIFT */ +#define OP_ShiftRight 85 /* same as TK_RSHIFT */ +#define OP_AddImm 20 +#define OP_MustBeInt 21 +#define OP_RealAffinity 22 +#define OP_ToText 141 /* same as TK_TO_TEXT */ +#define OP_ToBlob 142 /* same as TK_TO_BLOB */ +#define OP_ToNumeric 143 /* same as TK_TO_NUMERIC*/ +#define OP_ToInt 144 /* same as TK_TO_INT */ +#define OP_ToReal 145 /* same as TK_TO_REAL */ +#define OP_Eq 76 /* same as TK_EQ */ +#define OP_Ne 75 /* same as TK_NE */ +#define OP_Lt 79 /* same as TK_LT */ +#define OP_Le 78 /* same as TK_LE */ +#define OP_Gt 77 /* same as TK_GT */ +#define OP_Ge 80 /* same as TK_GE */ +#define OP_Permutation 23 +#define OP_Compare 24 +#define OP_Jump 25 +#define OP_And 69 /* same as TK_AND */ +#define OP_Or 68 /* same as TK_OR */ +#define OP_Not 19 /* same as TK_NOT */ +#define OP_BitNot 93 /* same as TK_BITNOT */ +#define OP_If 26 +#define OP_IfNot 27 +#define OP_IsNull 73 /* same as TK_ISNULL */ +#define OP_NotNull 74 /* same as TK_NOTNULL */ +#define OP_Column 28 +#define OP_Affinity 29 +#define OP_MakeRecord 30 +#define OP_Count 31 +#define OP_Savepoint 32 +#define OP_AutoCommit 33 +#define OP_Transaction 34 +#define OP_ReadCookie 35 +#define OP_SetCookie 36 +#define OP_VerifyCookie 37 +#define OP_OpenRead 38 +#define OP_OpenWrite 39 +#define OP_OpenEphemeral 40 +#define OP_OpenPseudo 41 +#define OP_Close 42 +#define OP_SeekLt 43 +#define OP_SeekLe 44 +#define OP_SeekGe 45 +#define OP_SeekGt 46 +#define OP_Seek 47 +#define OP_NotFound 48 +#define OP_Found 49 +#define OP_IsUnique 50 +#define OP_NotExists 51 +#define OP_Sequence 52 +#define OP_NewRowid 53 +#define OP_Insert 54 +#define OP_InsertInt 55 +#define OP_Delete 56 +#define OP_ResetCount 57 +#define OP_RowKey 58 +#define OP_RowData 59 +#define OP_Rowid 60 +#define OP_NullRow 61 +#define OP_Last 62 +#define OP_Sort 63 +#define OP_Rewind 64 +#define OP_Prev 65 +#define OP_Next 66 +#define OP_IdxInsert 67 +#define OP_IdxDelete 70 +#define OP_IdxRowid 71 +#define OP_IdxLT 72 +#define OP_IdxGE 81 +#define OP_Destroy 92 +#define OP_Clear 95 +#define OP_CreateIndex 96 +#define OP_CreateTable 97 +#define OP_ParseSchema 98 +#define OP_LoadAnalysis 99 +#define OP_DropTable 100 +#define OP_DropIndex 101 +#define OP_DropTrigger 102 +#define OP_IntegrityCk 103 +#define OP_RowSetAdd 104 +#define OP_RowSetRead 105 +#define OP_RowSetTest 106 +#define OP_Program 107 +#define OP_Param 108 +#define OP_FkCounter 109 +#define OP_FkIfZero 110 +#define OP_MemMax 111 +#define OP_IfPos 112 +#define OP_IfNeg 113 +#define OP_IfZero 114 +#define OP_AggStep 115 +#define OP_AggFinal 116 +#define OP_Vacuum 117 +#define OP_IncrVacuum 118 +#define OP_Expire 119 +#define OP_TableLock 120 +#define OP_VBegin 121 +#define OP_VCreate 122 +#define OP_VDestroy 123 +#define OP_VOpen 124 +#define OP_VFilter 125 +#define OP_VColumn 126 +#define OP_VNext 127 +#define OP_VRename 128 +#define OP_VUpdate 129 +#define OP_Pagecount 131 +#define OP_Trace 132 +#define OP_Noop 133 +#define OP_Explain 134 + +/* The following opcode values are never used */ +#define OP_NotUsed_135 135 +#define OP_NotUsed_136 136 +#define OP_NotUsed_137 137 +#define OP_NotUsed_138 138 +#define OP_NotUsed_139 139 +#define OP_NotUsed_140 140 + + +/* Properties such as "out2" or "jump" that are specified in +** comments following the "case" for each opcode in the vdbe.c +** are encoded into bitvectors as follows: +*/ +#define OPFLG_JUMP 0x0001 /* jump: P2 holds jmp target */ +#define OPFLG_OUT2_PRERELEASE 0x0002 /* out2-prerelease: */ +#define OPFLG_IN1 0x0004 /* in1: P1 is an input */ +#define OPFLG_IN2 0x0008 /* in2: P2 is an input */ +#define OPFLG_IN3 0x0010 /* in3: P3 is an input */ +#define OPFLG_OUT2 0x0020 /* out2: P2 is an output */ +#define OPFLG_OUT3 0x0040 /* out3: P3 is an output */ +#define OPFLG_INITIALIZER {\ +/* 0 */ 0x00, 0x01, 0x05, 0x04, 0x04, 0x10, 0x00, 0x02,\ +/* 8 */ 0x02, 0x02, 0x02, 0x02, 0x00, 0x00, 0x24, 0x24,\ +/* 16 */ 0x00, 0x00, 0x00, 0x24, 0x04, 0x05, 0x04, 0x00,\ +/* 24 */ 0x00, 0x01, 0x05, 0x05, 0x00, 0x00, 0x00, 0x02,\ +/* 32 */ 0x00, 0x00, 0x00, 0x02, 0x10, 0x00, 0x00, 0x00,\ +/* 40 */ 0x00, 0x00, 0x00, 0x11, 0x11, 0x11, 0x11, 0x08,\ +/* 48 */ 0x11, 0x11, 0x11, 0x11, 0x02, 0x02, 0x00, 0x00,\ +/* 56 */ 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x01, 0x01,\ +/* 64 */ 0x01, 0x01, 0x01, 0x08, 0x4c, 0x4c, 0x00, 0x02,\ +/* 72 */ 0x01, 0x05, 0x05, 0x15, 0x15, 0x15, 0x15, 0x15,\ +/* 80 */ 0x15, 0x01, 0x4c, 0x4c, 0x4c, 0x4c, 0x4c, 0x4c,\ +/* 88 */ 0x4c, 0x4c, 0x4c, 0x4c, 0x02, 0x24, 0x02, 0x00,\ +/* 96 */ 0x02, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\ +/* 104 */ 0x0c, 0x45, 0x15, 0x01, 0x02, 0x00, 0x01, 0x08,\ +/* 112 */ 0x05, 0x05, 0x05, 0x00, 0x00, 0x00, 0x01, 0x00,\ +/* 120 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01,\ +/* 128 */ 0x00, 0x00, 0x02, 0x02, 0x00, 0x00, 0x00, 0x00,\ +/* 136 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x04, 0x04,\ +/* 144 */ 0x04, 0x04,} + +/************** End of opcodes.h *********************************************/ +/************** Continuing where we left off in vdbe.h ***********************/ + +/* +** Prototypes for the VDBE interface. See comments on the implementation +** for a description of what each of these routines does. +*/ +SQLITE_PRIVATE Vdbe *sqlite3VdbeCreate(sqlite3*); +SQLITE_PRIVATE int sqlite3VdbeAddOp0(Vdbe*,int); +SQLITE_PRIVATE int sqlite3VdbeAddOp1(Vdbe*,int,int); +SQLITE_PRIVATE int sqlite3VdbeAddOp2(Vdbe*,int,int,int); +SQLITE_PRIVATE int sqlite3VdbeAddOp3(Vdbe*,int,int,int,int); +SQLITE_PRIVATE int sqlite3VdbeAddOp4(Vdbe*,int,int,int,int,const char *zP4,int); +SQLITE_PRIVATE int sqlite3VdbeAddOp4Int(Vdbe*,int,int,int,int,int); +SQLITE_PRIVATE int sqlite3VdbeAddOpList(Vdbe*, int nOp, VdbeOpList const *aOp); +SQLITE_PRIVATE void sqlite3VdbeChangeP1(Vdbe*, int addr, int P1); +SQLITE_PRIVATE void sqlite3VdbeChangeP2(Vdbe*, int addr, int P2); +SQLITE_PRIVATE void sqlite3VdbeChangeP3(Vdbe*, int addr, int P3); +SQLITE_PRIVATE void sqlite3VdbeChangeP5(Vdbe*, u8 P5); +SQLITE_PRIVATE void sqlite3VdbeJumpHere(Vdbe*, int addr); +SQLITE_PRIVATE void sqlite3VdbeChangeToNoop(Vdbe*, int addr, int N); +SQLITE_PRIVATE void sqlite3VdbeChangeP4(Vdbe*, int addr, const char *zP4, int N); +SQLITE_PRIVATE void sqlite3VdbeUsesBtree(Vdbe*, int); +SQLITE_PRIVATE VdbeOp *sqlite3VdbeGetOp(Vdbe*, int); +SQLITE_PRIVATE int sqlite3VdbeMakeLabel(Vdbe*); +SQLITE_PRIVATE void sqlite3VdbeRunOnlyOnce(Vdbe*); +SQLITE_PRIVATE void sqlite3VdbeDelete(Vdbe*); +SQLITE_PRIVATE void sqlite3VdbeMakeReady(Vdbe*,int,int,int,int,int,int); +SQLITE_PRIVATE int sqlite3VdbeFinalize(Vdbe*); +SQLITE_PRIVATE void sqlite3VdbeResolveLabel(Vdbe*, int); +SQLITE_PRIVATE int sqlite3VdbeCurrentAddr(Vdbe*); +#ifdef SQLITE_DEBUG +SQLITE_PRIVATE int sqlite3VdbeAssertMayAbort(Vdbe *, int); +SQLITE_PRIVATE void sqlite3VdbeTrace(Vdbe*,FILE*); +#endif +SQLITE_PRIVATE void sqlite3VdbeResetStepResult(Vdbe*); +SQLITE_PRIVATE int sqlite3VdbeReset(Vdbe*); +SQLITE_PRIVATE void sqlite3VdbeSetNumCols(Vdbe*,int); +SQLITE_PRIVATE int sqlite3VdbeSetColName(Vdbe*, int, int, const char *, void(*)(void*)); +SQLITE_PRIVATE void sqlite3VdbeCountChanges(Vdbe*); +SQLITE_PRIVATE sqlite3 *sqlite3VdbeDb(Vdbe*); +SQLITE_PRIVATE void sqlite3VdbeSetSql(Vdbe*, const char *z, int n, int); +SQLITE_PRIVATE void sqlite3VdbeSwap(Vdbe*,Vdbe*); +SQLITE_PRIVATE VdbeOp *sqlite3VdbeTakeOpArray(Vdbe*, int*, int*); +SQLITE_PRIVATE void sqlite3VdbeProgramDelete(sqlite3 *, SubProgram *, int); +SQLITE_PRIVATE sqlite3_value *sqlite3VdbeGetValue(Vdbe*, int, u8); +SQLITE_PRIVATE void sqlite3VdbeSetVarmask(Vdbe*, int); +#ifndef SQLITE_OMIT_TRACE +SQLITE_PRIVATE char *sqlite3VdbeExpandSql(Vdbe*, const char*); +#endif + +SQLITE_PRIVATE UnpackedRecord *sqlite3VdbeRecordUnpack(KeyInfo*,int,const void*,char*,int); +SQLITE_PRIVATE void sqlite3VdbeDeleteUnpackedRecord(UnpackedRecord*); +SQLITE_PRIVATE int sqlite3VdbeRecordCompare(int,const void*,UnpackedRecord*); + + +#ifndef NDEBUG +SQLITE_PRIVATE void sqlite3VdbeComment(Vdbe*, const char*, ...); +# define VdbeComment(X) sqlite3VdbeComment X +SQLITE_PRIVATE void sqlite3VdbeNoopComment(Vdbe*, const char*, ...); +# define VdbeNoopComment(X) sqlite3VdbeNoopComment X +#else +# define VdbeComment(X) +# define VdbeNoopComment(X) +#endif + +#endif + +/************** End of vdbe.h ************************************************/ +/************** Continuing where we left off in sqliteInt.h ******************/ +/************** Include pager.h in the middle of sqliteInt.h *****************/ +/************** Begin file pager.h *******************************************/ +/* +** 2001 September 15 +** +** The author disclaims copyright to this source code. In place of +** a legal notice, here is a blessing: +** +** May you do good and not evil. +** May you find forgiveness for yourself and forgive others. +** May you share freely, never taking more than you give. +** +************************************************************************* +** This header file defines the interface that the sqlite page cache +** subsystem. The page cache subsystem reads and writes a file a page +** at a time and provides a journal for rollback. +*/ + +#ifndef _PAGER_H_ +#define _PAGER_H_ + +/* +** Default maximum size for persistent journal files. A negative +** value means no limit. This value may be overridden using the +** sqlite3PagerJournalSizeLimit() API. See also "PRAGMA journal_size_limit". +*/ +#ifndef SQLITE_DEFAULT_JOURNAL_SIZE_LIMIT + #define SQLITE_DEFAULT_JOURNAL_SIZE_LIMIT -1 +#endif + +/* +** The type used to represent a page number. The first page in a file +** is called page 1. 0 is used to represent "not a page". +*/ +typedef u32 Pgno; + +/* +** Each open file is managed by a separate instance of the "Pager" structure. +*/ +typedef struct Pager Pager; + +/* +** Handle type for pages. +*/ +typedef struct PgHdr DbPage; + +/* +** Page number PAGER_MJ_PGNO is never used in an SQLite database (it is +** reserved for working around a windows/posix incompatibility). It is +** used in the journal to signify that the remainder of the journal file +** is devoted to storing a master journal name - there are no more pages to +** roll back. See comments for function writeMasterJournal() in pager.c +** for details. +*/ +#define PAGER_MJ_PGNO(x) ((Pgno)((PENDING_BYTE/((x)->pageSize))+1)) + +/* +** Allowed values for the flags parameter to sqlite3PagerOpen(). +** +** NOTE: These values must match the corresponding BTREE_ values in btree.h. +*/ +#define PAGER_OMIT_JOURNAL 0x0001 /* Do not use a rollback journal */ +#define PAGER_NO_READLOCK 0x0002 /* Omit readlocks on readonly files */ + +/* +** Valid values for the second argument to sqlite3PagerLockingMode(). +*/ +#define PAGER_LOCKINGMODE_QUERY -1 +#define PAGER_LOCKINGMODE_NORMAL 0 +#define PAGER_LOCKINGMODE_EXCLUSIVE 1 + +/* +** Valid values for the second argument to sqlite3PagerJournalMode(). +*/ +#define PAGER_JOURNALMODE_QUERY -1 +#define PAGER_JOURNALMODE_DELETE 0 /* Commit by deleting journal file */ +#define PAGER_JOURNALMODE_PERSIST 1 /* Commit by zeroing journal header */ +#define PAGER_JOURNALMODE_OFF 2 /* Journal omitted. */ +#define PAGER_JOURNALMODE_TRUNCATE 3 /* Commit by truncating journal */ +#define PAGER_JOURNALMODE_MEMORY 4 /* In-memory journal file */ + +/* +** The remainder of this file contains the declarations of the functions +** that make up the Pager sub-system API. See source code comments for +** a detailed description of each routine. +*/ + +/* Open and close a Pager connection. */ +SQLITE_PRIVATE int sqlite3PagerOpen( + sqlite3_vfs*, + Pager **ppPager, + const char*, + int, + int, + int, + void(*)(DbPage*) +); +SQLITE_PRIVATE int sqlite3PagerClose(Pager *pPager); +SQLITE_PRIVATE int sqlite3PagerReadFileheader(Pager*, int, unsigned char*); + +/* Functions used to configure a Pager object. */ +SQLITE_PRIVATE void sqlite3PagerSetBusyhandler(Pager*, int(*)(void *), void *); +SQLITE_PRIVATE int sqlite3PagerSetPagesize(Pager*, u16*, int); +SQLITE_PRIVATE int sqlite3PagerMaxPageCount(Pager*, int); +SQLITE_PRIVATE void sqlite3PagerSetCachesize(Pager*, int); +SQLITE_PRIVATE void sqlite3PagerSetSafetyLevel(Pager*,int,int); +SQLITE_PRIVATE int sqlite3PagerLockingMode(Pager *, int); +SQLITE_PRIVATE int sqlite3PagerJournalMode(Pager *, int); +SQLITE_PRIVATE i64 sqlite3PagerJournalSizeLimit(Pager *, i64); +SQLITE_PRIVATE sqlite3_backup **sqlite3PagerBackupPtr(Pager*); + +/* Functions used to obtain and release page references. */ +SQLITE_PRIVATE int sqlite3PagerAcquire(Pager *pPager, Pgno pgno, DbPage **ppPage, int clrFlag); +#define sqlite3PagerGet(A,B,C) sqlite3PagerAcquire(A,B,C,0) +SQLITE_PRIVATE DbPage *sqlite3PagerLookup(Pager *pPager, Pgno pgno); +SQLITE_PRIVATE void sqlite3PagerRef(DbPage*); +SQLITE_PRIVATE void sqlite3PagerUnref(DbPage*); + +/* Operations on page references. */ +SQLITE_PRIVATE int sqlite3PagerWrite(DbPage*); +SQLITE_PRIVATE void sqlite3PagerDontWrite(DbPage*); +SQLITE_PRIVATE int sqlite3PagerMovepage(Pager*,DbPage*,Pgno,int); +SQLITE_PRIVATE int sqlite3PagerPageRefcount(DbPage*); +SQLITE_PRIVATE void *sqlite3PagerGetData(DbPage *); +SQLITE_PRIVATE void *sqlite3PagerGetExtra(DbPage *); + +/* Functions used to manage pager transactions and savepoints. */ +SQLITE_PRIVATE int sqlite3PagerPagecount(Pager*, int*); +SQLITE_PRIVATE int sqlite3PagerBegin(Pager*, int exFlag, int); +SQLITE_PRIVATE int sqlite3PagerCommitPhaseOne(Pager*,const char *zMaster, int); +SQLITE_PRIVATE int sqlite3PagerSync(Pager *pPager); +SQLITE_PRIVATE int sqlite3PagerCommitPhaseTwo(Pager*); +SQLITE_PRIVATE int sqlite3PagerRollback(Pager*); +SQLITE_PRIVATE int sqlite3PagerOpenSavepoint(Pager *pPager, int n); +SQLITE_PRIVATE int sqlite3PagerSavepoint(Pager *pPager, int op, int iSavepoint); +SQLITE_PRIVATE int sqlite3PagerSharedLock(Pager *pPager); + +/* Functions used to query pager state and configuration. */ +SQLITE_PRIVATE u8 sqlite3PagerIsreadonly(Pager*); +SQLITE_PRIVATE int sqlite3PagerRefcount(Pager*); +SQLITE_PRIVATE const char *sqlite3PagerFilename(Pager*); +SQLITE_PRIVATE const sqlite3_vfs *sqlite3PagerVfs(Pager*); +SQLITE_PRIVATE sqlite3_file *sqlite3PagerFile(Pager*); +SQLITE_PRIVATE const char *sqlite3PagerJournalname(Pager*); +SQLITE_PRIVATE int sqlite3PagerNosync(Pager*); +SQLITE_PRIVATE void *sqlite3PagerTempSpace(Pager*); +SQLITE_PRIVATE int sqlite3PagerIsMemdb(Pager*); + +/* Functions used to truncate the database file. */ +SQLITE_PRIVATE void sqlite3PagerTruncateImage(Pager*,Pgno); + +/* Functions to support testing and debugging. */ +#if !defined(NDEBUG) || defined(SQLITE_TEST) +SQLITE_PRIVATE Pgno sqlite3PagerPagenumber(DbPage*); +SQLITE_PRIVATE int sqlite3PagerIswriteable(DbPage*); +#endif +#ifdef SQLITE_TEST +SQLITE_PRIVATE int *sqlite3PagerStats(Pager*); +SQLITE_PRIVATE void sqlite3PagerRefdump(Pager*); + void disable_simulated_io_errors(void); + void enable_simulated_io_errors(void); +#else +# define disable_simulated_io_errors() +# define enable_simulated_io_errors() +#endif + +#endif /* _PAGER_H_ */ + +/************** End of pager.h ***********************************************/ +/************** Continuing where we left off in sqliteInt.h ******************/ +/************** Include pcache.h in the middle of sqliteInt.h ****************/ +/************** Begin file pcache.h ******************************************/ +/* +** 2008 August 05 +** +** The author disclaims copyright to this source code. In place of +** a legal notice, here is a blessing: +** +** May you do good and not evil. +** May you find forgiveness for yourself and forgive others. +** May you share freely, never taking more than you give. +** +************************************************************************* +** This header file defines the interface that the sqlite page cache +** subsystem. +*/ + +#ifndef _PCACHE_H_ + +typedef struct PgHdr PgHdr; +typedef struct PCache PCache; + +/* +** Every page in the cache is controlled by an instance of the following +** structure. +*/ +struct PgHdr { + void *pData; /* Content of this page */ + void *pExtra; /* Extra content */ + PgHdr *pDirty; /* Transient list of dirty pages */ + Pgno pgno; /* Page number for this page */ + Pager *pPager; /* The pager this page is part of */ +#ifdef SQLITE_CHECK_PAGES + u32 pageHash; /* Hash of page content */ +#endif + u16 flags; /* PGHDR flags defined below */ + + /********************************************************************** + ** Elements above are public. All that follows is private to pcache.c + ** and should not be accessed by other modules. + */ + i16 nRef; /* Number of users of this page */ + PCache *pCache; /* Cache that owns this page */ + + PgHdr *pDirtyNext; /* Next element in list of dirty pages */ + PgHdr *pDirtyPrev; /* Previous element in list of dirty pages */ +}; + +/* Bit values for PgHdr.flags */ +#define PGHDR_DIRTY 0x002 /* Page has changed */ +#define PGHDR_NEED_SYNC 0x004 /* Fsync the rollback journal before + ** writing this page to the database */ +#define PGHDR_NEED_READ 0x008 /* Content is unread */ +#define PGHDR_REUSE_UNLIKELY 0x010 /* A hint that reuse is unlikely */ +#define PGHDR_DONT_WRITE 0x020 /* Do not write content to disk */ + +/* Initialize and shutdown the page cache subsystem */ +SQLITE_PRIVATE int sqlite3PcacheInitialize(void); +SQLITE_PRIVATE void sqlite3PcacheShutdown(void); + +/* Page cache buffer management: +** These routines implement SQLITE_CONFIG_PAGECACHE. +*/ +SQLITE_PRIVATE void sqlite3PCacheBufferSetup(void *, int sz, int n); + +/* Create a new pager cache. +** Under memory stress, invoke xStress to try to make pages clean. +** Only clean and unpinned pages can be reclaimed. +*/ +SQLITE_PRIVATE void sqlite3PcacheOpen( + int szPage, /* Size of every page */ + int szExtra, /* Extra space associated with each page */ + int bPurgeable, /* True if pages are on backing store */ + int (*xStress)(void*, PgHdr*), /* Call to try to make pages clean */ + void *pStress, /* Argument to xStress */ + PCache *pToInit /* Preallocated space for the PCache */ +); + +/* Modify the page-size after the cache has been created. */ +SQLITE_PRIVATE void sqlite3PcacheSetPageSize(PCache *, int); + +/* Return the size in bytes of a PCache object. Used to preallocate +** storage space. +*/ +SQLITE_PRIVATE int sqlite3PcacheSize(void); + +/* One release per successful fetch. Page is pinned until released. +** Reference counted. +*/ +SQLITE_PRIVATE int sqlite3PcacheFetch(PCache*, Pgno, int createFlag, PgHdr**); +SQLITE_PRIVATE void sqlite3PcacheRelease(PgHdr*); + +SQLITE_PRIVATE void sqlite3PcacheDrop(PgHdr*); /* Remove page from cache */ +SQLITE_PRIVATE void sqlite3PcacheMakeDirty(PgHdr*); /* Make sure page is marked dirty */ +SQLITE_PRIVATE void sqlite3PcacheMakeClean(PgHdr*); /* Mark a single page as clean */ +SQLITE_PRIVATE void sqlite3PcacheCleanAll(PCache*); /* Mark all dirty list pages as clean */ + +/* Change a page number. Used by incr-vacuum. */ +SQLITE_PRIVATE void sqlite3PcacheMove(PgHdr*, Pgno); + +/* Remove all pages with pgno>x. Reset the cache if x==0 */ +SQLITE_PRIVATE void sqlite3PcacheTruncate(PCache*, Pgno x); + +/* Get a list of all dirty pages in the cache, sorted by page number */ +SQLITE_PRIVATE PgHdr *sqlite3PcacheDirtyList(PCache*); + +/* Reset and close the cache object */ +SQLITE_PRIVATE void sqlite3PcacheClose(PCache*); + +/* Clear flags from pages of the page cache */ +SQLITE_PRIVATE void sqlite3PcacheClearSyncFlags(PCache *); + +/* Discard the contents of the cache */ +SQLITE_PRIVATE void sqlite3PcacheClear(PCache*); + +/* Return the total number of outstanding page references */ +SQLITE_PRIVATE int sqlite3PcacheRefCount(PCache*); + +/* Increment the reference count of an existing page */ +SQLITE_PRIVATE void sqlite3PcacheRef(PgHdr*); + +SQLITE_PRIVATE int sqlite3PcachePageRefcount(PgHdr*); + +/* Return the total number of pages stored in the cache */ +SQLITE_PRIVATE int sqlite3PcachePagecount(PCache*); + +#if defined(SQLITE_CHECK_PAGES) || defined(SQLITE_DEBUG) +/* Iterate through all dirty pages currently stored in the cache. This +** interface is only available if SQLITE_CHECK_PAGES is defined when the +** library is built. +*/ +SQLITE_PRIVATE void sqlite3PcacheIterateDirty(PCache *pCache, void (*xIter)(PgHdr *)); +#endif + +/* Set and get the suggested cache-size for the specified pager-cache. +** +** If no global maximum is configured, then the system attempts to limit +** the total number of pages cached by purgeable pager-caches to the sum +** of the suggested cache-sizes. +*/ +SQLITE_PRIVATE void sqlite3PcacheSetCachesize(PCache *, int); +#ifdef SQLITE_TEST +SQLITE_PRIVATE int sqlite3PcacheGetCachesize(PCache *); +#endif + +#ifdef SQLITE_ENABLE_MEMORY_MANAGEMENT +/* Try to return memory used by the pcache module to the main memory heap */ +SQLITE_PRIVATE int sqlite3PcacheReleaseMemory(int); +#endif + +#ifdef SQLITE_TEST +SQLITE_PRIVATE void sqlite3PcacheStats(int*,int*,int*,int*); +#endif + +SQLITE_PRIVATE void sqlite3PCacheSetDefault(void); + +#endif /* _PCACHE_H_ */ + +/************** End of pcache.h **********************************************/ +/************** Continuing where we left off in sqliteInt.h ******************/ + +/************** Include os.h in the middle of sqliteInt.h ********************/ +/************** Begin file os.h **********************************************/ +/* +** 2001 September 16 +** +** The author disclaims copyright to this source code. In place of +** a legal notice, here is a blessing: +** +** May you do good and not evil. +** May you find forgiveness for yourself and forgive others. +** May you share freely, never taking more than you give. +** +****************************************************************************** +** +** This header file (together with is companion C source-code file +** "os.c") attempt to abstract the underlying operating system so that +** the SQLite library will work on both POSIX and windows systems. +** +** This header file is #include-ed by sqliteInt.h and thus ends up +** being included by every source file. +*/ +#ifndef _SQLITE_OS_H_ +#define _SQLITE_OS_H_ + +/* +** Figure out if we are dealing with Unix, Windows, or some other +** operating system. After the following block of preprocess macros, +** all of SQLITE_OS_UNIX, SQLITE_OS_WIN, SQLITE_OS_OS2, and SQLITE_OS_OTHER +** will defined to either 1 or 0. One of the four will be 1. The other +** three will be 0. +*/ +#if defined(SQLITE_OS_OTHER) +# if SQLITE_OS_OTHER==1 +# undef SQLITE_OS_UNIX +# define SQLITE_OS_UNIX 0 +# undef SQLITE_OS_WIN +# define SQLITE_OS_WIN 0 +# undef SQLITE_OS_OS2 +# define SQLITE_OS_OS2 0 +# else +# undef SQLITE_OS_OTHER +# endif +#endif +#if !defined(SQLITE_OS_UNIX) && !defined(SQLITE_OS_OTHER) +# define SQLITE_OS_OTHER 0 +# ifndef SQLITE_OS_WIN +# if defined(_WIN32) || defined(WIN32) || defined(__CYGWIN__) || defined(__MINGW32__) || defined(__BORLANDC__) +# define SQLITE_OS_WIN 1 +# define SQLITE_OS_UNIX 0 +# define SQLITE_OS_OS2 0 +# elif defined(__EMX__) || defined(_OS2) || defined(OS2) || defined(_OS2_) || defined(__OS2__) +# define SQLITE_OS_WIN 0 +# define SQLITE_OS_UNIX 0 +# define SQLITE_OS_OS2 1 +# else +# define SQLITE_OS_WIN 0 +# define SQLITE_OS_UNIX 1 +# define SQLITE_OS_OS2 0 +# endif +# else +# define SQLITE_OS_UNIX 0 +# define SQLITE_OS_OS2 0 +# endif +#else +# ifndef SQLITE_OS_WIN +# define SQLITE_OS_WIN 0 +# endif +#endif + +/* +** Determine if we are dealing with WindowsCE - which has a much +** reduced API. +*/ +#if defined(_WIN32_WCE) +# define SQLITE_OS_WINCE 1 +#else +# define SQLITE_OS_WINCE 0 +#endif + + +/* +** Define the maximum size of a temporary filename +*/ +#if SQLITE_OS_WIN +# include +# define SQLITE_TEMPNAME_SIZE (MAX_PATH+50) +#elif SQLITE_OS_OS2 +# if (__GNUC__ > 3 || __GNUC__ == 3 && __GNUC_MINOR__ >= 3) && defined(OS2_HIGH_MEMORY) +# include /* has to be included before os2.h for linking to work */ +# endif +# define INCL_DOSDATETIME +# define INCL_DOSFILEMGR +# define INCL_DOSERRORS +# define INCL_DOSMISC +# define INCL_DOSPROCESS +# define INCL_DOSMODULEMGR +# define INCL_DOSSEMAPHORES +# include +# include +# define SQLITE_TEMPNAME_SIZE (CCHMAXPATHCOMP) +#else +# define SQLITE_TEMPNAME_SIZE 200 +#endif + +/* If the SET_FULLSYNC macro is not defined above, then make it +** a no-op +*/ +#ifndef SET_FULLSYNC +# define SET_FULLSYNC(x,y) +#endif + +/* +** The default size of a disk sector +*/ +#ifndef SQLITE_DEFAULT_SECTOR_SIZE +# define SQLITE_DEFAULT_SECTOR_SIZE 512 +#endif + +/* +** Temporary files are named starting with this prefix followed by 16 random +** alphanumeric characters, and no file extension. They are stored in the +** OS's standard temporary file directory, and are deleted prior to exit. +** If sqlite is being embedded in another program, you may wish to change the +** prefix to reflect your program's name, so that if your program exits +** prematurely, old temporary files can be easily identified. This can be done +** using -DSQLITE_TEMP_FILE_PREFIX=myprefix_ on the compiler command line. +** +** 2006-10-31: The default prefix used to be "sqlite_". But then +** Mcafee started using SQLite in their anti-virus product and it +** started putting files with the "sqlite" name in the c:/temp folder. +** This annoyed many windows users. Those users would then do a +** Google search for "sqlite", find the telephone numbers of the +** developers and call to wake them up at night and complain. +** For this reason, the default name prefix is changed to be "sqlite" +** spelled backwards. So the temp files are still identified, but +** anybody smart enough to figure out the code is also likely smart +** enough to know that calling the developer will not help get rid +** of the file. +*/ +#ifndef SQLITE_TEMP_FILE_PREFIX +# define SQLITE_TEMP_FILE_PREFIX "etilqs_" +#endif + +/* +** The following values may be passed as the second argument to +** sqlite3OsLock(). The various locks exhibit the following semantics: +** +** SHARED: Any number of processes may hold a SHARED lock simultaneously. +** RESERVED: A single process may hold a RESERVED lock on a file at +** any time. Other processes may hold and obtain new SHARED locks. +** PENDING: A single process may hold a PENDING lock on a file at +** any one time. Existing SHARED locks may persist, but no new +** SHARED locks may be obtained by other processes. +** EXCLUSIVE: An EXCLUSIVE lock precludes all other locks. +** +** PENDING_LOCK may not be passed directly to sqlite3OsLock(). Instead, a +** process that requests an EXCLUSIVE lock may actually obtain a PENDING +** lock. This can be upgraded to an EXCLUSIVE lock by a subsequent call to +** sqlite3OsLock(). +*/ +#define NO_LOCK 0 +#define SHARED_LOCK 1 +#define RESERVED_LOCK 2 +#define PENDING_LOCK 3 +#define EXCLUSIVE_LOCK 4 + +/* +** File Locking Notes: (Mostly about windows but also some info for Unix) +** +** We cannot use LockFileEx() or UnlockFileEx() on Win95/98/ME because +** those functions are not available. So we use only LockFile() and +** UnlockFile(). +** +** LockFile() prevents not just writing but also reading by other processes. +** A SHARED_LOCK is obtained by locking a single randomly-chosen +** byte out of a specific range of bytes. The lock byte is obtained at +** random so two separate readers can probably access the file at the +** same time, unless they are unlucky and choose the same lock byte. +** An EXCLUSIVE_LOCK is obtained by locking all bytes in the range. +** There can only be one writer. A RESERVED_LOCK is obtained by locking +** a single byte of the file that is designated as the reserved lock byte. +** A PENDING_LOCK is obtained by locking a designated byte different from +** the RESERVED_LOCK byte. +** +** On WinNT/2K/XP systems, LockFileEx() and UnlockFileEx() are available, +** which means we can use reader/writer locks. When reader/writer locks +** are used, the lock is placed on the same range of bytes that is used +** for probabilistic locking in Win95/98/ME. Hence, the locking scheme +** will support two or more Win95 readers or two or more WinNT readers. +** But a single Win95 reader will lock out all WinNT readers and a single +** WinNT reader will lock out all other Win95 readers. +** +** The following #defines specify the range of bytes used for locking. +** SHARED_SIZE is the number of bytes available in the pool from which +** a random byte is selected for a shared lock. The pool of bytes for +** shared locks begins at SHARED_FIRST. +** +** The same locking strategy and +** byte ranges are used for Unix. This leaves open the possiblity of having +** clients on win95, winNT, and unix all talking to the same shared file +** and all locking correctly. To do so would require that samba (or whatever +** tool is being used for file sharing) implements locks correctly between +** windows and unix. I'm guessing that isn't likely to happen, but by +** using the same locking range we are at least open to the possibility. +** +** Locking in windows is manditory. For this reason, we cannot store +** actual data in the bytes used for locking. The pager never allocates +** the pages involved in locking therefore. SHARED_SIZE is selected so +** that all locks will fit on a single page even at the minimum page size. +** PENDING_BYTE defines the beginning of the locks. By default PENDING_BYTE +** is set high so that we don't have to allocate an unused page except +** for very large databases. But one should test the page skipping logic +** by setting PENDING_BYTE low and running the entire regression suite. +** +** Changing the value of PENDING_BYTE results in a subtly incompatible +** file format. Depending on how it is changed, you might not notice +** the incompatibility right away, even running a full regression test. +** The default location of PENDING_BYTE is the first byte past the +** 1GB boundary. +** +*/ +#define PENDING_BYTE sqlite3PendingByte +#define RESERVED_BYTE (PENDING_BYTE+1) +#define SHARED_FIRST (PENDING_BYTE+2) +#define SHARED_SIZE 510 + +/* +** Wrapper around OS specific sqlite3_os_init() function. +*/ +SQLITE_PRIVATE int sqlite3OsInit(void); + +/* +** Functions for accessing sqlite3_file methods +*/ +SQLITE_PRIVATE int sqlite3OsClose(sqlite3_file*); +SQLITE_PRIVATE int sqlite3OsRead(sqlite3_file*, void*, int amt, i64 offset); +SQLITE_PRIVATE int sqlite3OsWrite(sqlite3_file*, const void*, int amt, i64 offset); +SQLITE_PRIVATE int sqlite3OsTruncate(sqlite3_file*, i64 size); +SQLITE_PRIVATE int sqlite3OsSync(sqlite3_file*, int); +SQLITE_PRIVATE int sqlite3OsFileSize(sqlite3_file*, i64 *pSize); +SQLITE_PRIVATE int sqlite3OsLock(sqlite3_file*, int); +SQLITE_PRIVATE int sqlite3OsUnlock(sqlite3_file*, int); +SQLITE_PRIVATE int sqlite3OsCheckReservedLock(sqlite3_file *id, int *pResOut); +SQLITE_PRIVATE int sqlite3OsFileControl(sqlite3_file*,int,void*); +#define SQLITE_FCNTL_DB_UNCHANGED 0xca093fa0 +SQLITE_PRIVATE int sqlite3OsSectorSize(sqlite3_file *id); +SQLITE_PRIVATE int sqlite3OsDeviceCharacteristics(sqlite3_file *id); + +/* +** Functions for accessing sqlite3_vfs methods +*/ +SQLITE_PRIVATE int sqlite3OsOpen(sqlite3_vfs *, const char *, sqlite3_file*, int, int *); +SQLITE_PRIVATE int sqlite3OsDelete(sqlite3_vfs *, const char *, int); +SQLITE_PRIVATE int sqlite3OsAccess(sqlite3_vfs *, const char *, int, int *pResOut); +SQLITE_PRIVATE int sqlite3OsFullPathname(sqlite3_vfs *, const char *, int, char *); +#ifndef SQLITE_OMIT_LOAD_EXTENSION +SQLITE_PRIVATE void *sqlite3OsDlOpen(sqlite3_vfs *, const char *); +SQLITE_PRIVATE void sqlite3OsDlError(sqlite3_vfs *, int, char *); +SQLITE_PRIVATE void (*sqlite3OsDlSym(sqlite3_vfs *, void *, const char *))(void); +SQLITE_PRIVATE void sqlite3OsDlClose(sqlite3_vfs *, void *); +#endif /* SQLITE_OMIT_LOAD_EXTENSION */ +SQLITE_PRIVATE int sqlite3OsRandomness(sqlite3_vfs *, int, char *); +SQLITE_PRIVATE int sqlite3OsSleep(sqlite3_vfs *, int); +SQLITE_PRIVATE int sqlite3OsCurrentTime(sqlite3_vfs *, double*); + +/* +** Convenience functions for opening and closing files using +** sqlite3_malloc() to obtain space for the file-handle structure. +*/ +SQLITE_PRIVATE int sqlite3OsOpenMalloc(sqlite3_vfs *, const char *, sqlite3_file **, int,int*); +SQLITE_PRIVATE int sqlite3OsCloseFree(sqlite3_file *); + +#endif /* _SQLITE_OS_H_ */ + +/************** End of os.h **************************************************/ +/************** Continuing where we left off in sqliteInt.h ******************/ +/************** Include mutex.h in the middle of sqliteInt.h *****************/ +/************** Begin file mutex.h *******************************************/ +/* +** 2007 August 28 +** +** The author disclaims copyright to this source code. In place of +** a legal notice, here is a blessing: +** +** May you do good and not evil. +** May you find forgiveness for yourself and forgive others. +** May you share freely, never taking more than you give. +** +************************************************************************* +** +** This file contains the common header for all mutex implementations. +** The sqliteInt.h header #includes this file so that it is available +** to all source files. We break it out in an effort to keep the code +** better organized. +** +** NOTE: source files should *not* #include this header file directly. +** Source files should #include the sqliteInt.h file and let that file +** include this one indirectly. +*/ + + +/* +** Figure out what version of the code to use. The choices are +** +** SQLITE_MUTEX_OMIT No mutex logic. Not even stubs. The +** mutexes implemention cannot be overridden +** at start-time. +** +** SQLITE_MUTEX_NOOP For single-threaded applications. No +** mutual exclusion is provided. But this +** implementation can be overridden at +** start-time. +** +** SQLITE_MUTEX_PTHREADS For multi-threaded applications on Unix. +** +** SQLITE_MUTEX_W32 For multi-threaded applications on Win32. +** +** SQLITE_MUTEX_OS2 For multi-threaded applications on OS/2. +*/ +#if !SQLITE_THREADSAFE +# define SQLITE_MUTEX_OMIT +#endif +#if SQLITE_THREADSAFE && !defined(SQLITE_MUTEX_NOOP) +# if SQLITE_OS_UNIX +# define SQLITE_MUTEX_PTHREADS +# elif SQLITE_OS_WIN +# define SQLITE_MUTEX_W32 +# elif SQLITE_OS_OS2 +# define SQLITE_MUTEX_OS2 +# else +# define SQLITE_MUTEX_NOOP +# endif +#endif + +#ifdef SQLITE_MUTEX_OMIT +/* +** If this is a no-op implementation, implement everything as macros. +*/ +#define sqlite3_mutex_alloc(X) ((sqlite3_mutex*)8) +#define sqlite3_mutex_free(X) +#define sqlite3_mutex_enter(X) +#define sqlite3_mutex_try(X) SQLITE_OK +#define sqlite3_mutex_leave(X) +#define sqlite3_mutex_held(X) 1 +#define sqlite3_mutex_notheld(X) 1 +#define sqlite3MutexAlloc(X) ((sqlite3_mutex*)8) +#define sqlite3MutexInit() SQLITE_OK +#define sqlite3MutexEnd() +#endif /* defined(SQLITE_MUTEX_OMIT) */ + +/************** End of mutex.h ***********************************************/ +/************** Continuing where we left off in sqliteInt.h ******************/ + + +/* +** Each database file to be accessed by the system is an instance +** of the following structure. There are normally two of these structures +** in the sqlite.aDb[] array. aDb[0] is the main database file and +** aDb[1] is the database file used to hold temporary tables. Additional +** databases may be attached. +*/ +struct Db { + char *zName; /* Name of this database */ + Btree *pBt; /* The B*Tree structure for this database file */ + u8 inTrans; /* 0: not writable. 1: Transaction. 2: Checkpoint */ + u8 safety_level; /* How aggressive at syncing data to disk */ + Schema *pSchema; /* Pointer to database schema (possibly shared) */ +}; + +/* +** An instance of the following structure stores a database schema. +** +** If there are no virtual tables configured in this schema, the +** Schema.db variable is set to NULL. After the first virtual table +** has been added, it is set to point to the database connection +** used to create the connection. Once a virtual table has been +** added to the Schema structure and the Schema.db variable populated, +** only that database connection may use the Schema to prepare +** statements. +*/ +struct Schema { + int schema_cookie; /* Database schema version number for this file */ + Hash tblHash; /* All tables indexed by name */ + Hash idxHash; /* All (named) indices indexed by name */ + Hash trigHash; /* All triggers indexed by name */ + Hash fkeyHash; /* All foreign keys by referenced table name */ + Table *pSeqTab; /* The sqlite_sequence table used by AUTOINCREMENT */ + u8 file_format; /* Schema format version for this file */ + u8 enc; /* Text encoding used by this database */ + u16 flags; /* Flags associated with this schema */ + int cache_size; /* Number of pages to use in the cache */ +#ifndef SQLITE_OMIT_VIRTUALTABLE + sqlite3 *db; /* "Owner" connection. See comment above */ +#endif +}; + +/* +** These macros can be used to test, set, or clear bits in the +** Db.pSchema->flags field. +*/ +#define DbHasProperty(D,I,P) (((D)->aDb[I].pSchema->flags&(P))==(P)) +#define DbHasAnyProperty(D,I,P) (((D)->aDb[I].pSchema->flags&(P))!=0) +#define DbSetProperty(D,I,P) (D)->aDb[I].pSchema->flags|=(P) +#define DbClearProperty(D,I,P) (D)->aDb[I].pSchema->flags&=~(P) + +/* +** Allowed values for the DB.pSchema->flags field. +** +** The DB_SchemaLoaded flag is set after the database schema has been +** read into internal hash tables. +** +** DB_UnresetViews means that one or more views have column names that +** have been filled out. If the schema changes, these column names might +** changes and so the view will need to be reset. +*/ +#define DB_SchemaLoaded 0x0001 /* The schema has been loaded */ +#define DB_UnresetViews 0x0002 /* Some views have defined column names */ +#define DB_Empty 0x0004 /* The file is empty (length 0 bytes) */ + +/* +** The number of different kinds of things that can be limited +** using the sqlite3_limit() interface. +*/ +#define SQLITE_N_LIMIT (SQLITE_LIMIT_TRIGGER_DEPTH+1) + +/* +** Lookaside malloc is a set of fixed-size buffers that can be used +** to satisfy small transient memory allocation requests for objects +** associated with a particular database connection. The use of +** lookaside malloc provides a significant performance enhancement +** (approx 10%) by avoiding numerous malloc/free requests while parsing +** SQL statements. +** +** The Lookaside structure holds configuration information about the +** lookaside malloc subsystem. Each available memory allocation in +** the lookaside subsystem is stored on a linked list of LookasideSlot +** objects. +** +** Lookaside allocations are only allowed for objects that are associated +** with a particular database connection. Hence, schema information cannot +** be stored in lookaside because in shared cache mode the schema information +** is shared by multiple database connections. Therefore, while parsing +** schema information, the Lookaside.bEnabled flag is cleared so that +** lookaside allocations are not used to construct the schema objects. +*/ +struct Lookaside { + u16 sz; /* Size of each buffer in bytes */ + u8 bEnabled; /* False to disable new lookaside allocations */ + u8 bMalloced; /* True if pStart obtained from sqlite3_malloc() */ + int nOut; /* Number of buffers currently checked out */ + int mxOut; /* Highwater mark for nOut */ + LookasideSlot *pFree; /* List of available buffers */ + void *pStart; /* First byte of available memory space */ + void *pEnd; /* First byte past end of available space */ +}; +struct LookasideSlot { + LookasideSlot *pNext; /* Next buffer in the list of free buffers */ +}; + +/* +** A hash table for function definitions. +** +** Hash each FuncDef structure into one of the FuncDefHash.a[] slots. +** Collisions are on the FuncDef.pHash chain. +*/ +struct FuncDefHash { + FuncDef *a[23]; /* Hash table for functions */ +}; + +/* +** Each database connection is an instance of the following structure. +** +** The sqlite.lastRowid records the last insert rowid generated by an +** insert statement. Inserts on views do not affect its value. Each +** trigger has its own context, so that lastRowid can be updated inside +** triggers as usual. The previous value will be restored once the trigger +** exits. Upon entering a before or instead of trigger, lastRowid is no +** longer (since after version 2.8.12) reset to -1. +** +** The sqlite.nChange does not count changes within triggers and keeps no +** context. It is reset at start of sqlite3_exec. +** The sqlite.lsChange represents the number of changes made by the last +** insert, update, or delete statement. It remains constant throughout the +** length of a statement and is then updated by OP_SetCounts. It keeps a +** context stack just like lastRowid so that the count of changes +** within a trigger is not seen outside the trigger. Changes to views do not +** affect the value of lsChange. +** The sqlite.csChange keeps track of the number of current changes (since +** the last statement) and is used to update sqlite_lsChange. +** +** The member variables sqlite.errCode, sqlite.zErrMsg and sqlite.zErrMsg16 +** store the most recent error code and, if applicable, string. The +** internal function sqlite3Error() is used to set these variables +** consistently. +*/ +struct sqlite3 { + sqlite3_vfs *pVfs; /* OS Interface */ + int nDb; /* Number of backends currently in use */ + Db *aDb; /* All backends */ + int flags; /* Miscellaneous flags. See below */ + int openFlags; /* Flags passed to sqlite3_vfs.xOpen() */ + int errCode; /* Most recent error code (SQLITE_*) */ + int errMask; /* & result codes with this before returning */ + u8 autoCommit; /* The auto-commit flag. */ + u8 temp_store; /* 1: file 2: memory 0: default */ + u8 mallocFailed; /* True if we have seen a malloc failure */ + u8 dfltLockMode; /* Default locking-mode for attached dbs */ + u8 dfltJournalMode; /* Default journal mode for attached dbs */ + signed char nextAutovac; /* Autovac setting after VACUUM if >=0 */ + u8 suppressErr; /* Do not issue error messages if true */ + int nextPagesize; /* Pagesize after VACUUM if >0 */ + int nTable; /* Number of tables in the database */ + CollSeq *pDfltColl; /* The default collating sequence (BINARY) */ + i64 lastRowid; /* ROWID of most recent insert (see above) */ + u32 magic; /* Magic number for detect library misuse */ + int nChange; /* Value returned by sqlite3_changes() */ + int nTotalChange; /* Value returned by sqlite3_total_changes() */ + sqlite3_mutex *mutex; /* Connection mutex */ + int aLimit[SQLITE_N_LIMIT]; /* Limits */ + struct sqlite3InitInfo { /* Information used during initialization */ + int iDb; /* When back is being initialized */ + int newTnum; /* Rootpage of table being initialized */ + u8 busy; /* TRUE if currently initializing */ + u8 orphanTrigger; /* Last statement is orphaned TEMP trigger */ + } init; + int nExtension; /* Number of loaded extensions */ + void **aExtension; /* Array of shared library handles */ + struct Vdbe *pVdbe; /* List of active virtual machines */ + int activeVdbeCnt; /* Number of VDBEs currently executing */ + int writeVdbeCnt; /* Number of active VDBEs that are writing */ + void (*xTrace)(void*,const char*); /* Trace function */ + void *pTraceArg; /* Argument to the trace function */ + void (*xProfile)(void*,const char*,u64); /* Profiling function */ + void *pProfileArg; /* Argument to profile function */ + void *pCommitArg; /* Argument to xCommitCallback() */ + int (*xCommitCallback)(void*); /* Invoked at every commit. */ + void *pRollbackArg; /* Argument to xRollbackCallback() */ + void (*xRollbackCallback)(void*); /* Invoked at every commit. */ + void *pUpdateArg; + void (*xUpdateCallback)(void*,int, const char*,const char*,sqlite_int64); + void(*xCollNeeded)(void*,sqlite3*,int eTextRep,const char*); + void(*xCollNeeded16)(void*,sqlite3*,int eTextRep,const void*); + void *pCollNeededArg; + sqlite3_value *pErr; /* Most recent error message */ + char *zErrMsg; /* Most recent error message (UTF-8 encoded) */ + char *zErrMsg16; /* Most recent error message (UTF-16 encoded) */ + union { + volatile int isInterrupted; /* True if sqlite3_interrupt has been called */ + double notUsed1; /* Spacer */ + } u1; + Lookaside lookaside; /* Lookaside malloc configuration */ +#ifndef SQLITE_OMIT_AUTHORIZATION + int (*xAuth)(void*,int,const char*,const char*,const char*,const char*); + /* Access authorization function */ + void *pAuthArg; /* 1st argument to the access auth function */ +#endif +#ifndef SQLITE_OMIT_PROGRESS_CALLBACK + int (*xProgress)(void *); /* The progress callback */ + void *pProgressArg; /* Argument to the progress callback */ + int nProgressOps; /* Number of opcodes for progress callback */ +#endif +#ifndef SQLITE_OMIT_VIRTUALTABLE + Hash aModule; /* populated by sqlite3_create_module() */ + Table *pVTab; /* vtab with active Connect/Create method */ + VTable **aVTrans; /* Virtual tables with open transactions */ + int nVTrans; /* Allocated size of aVTrans */ + VTable *pDisconnect; /* Disconnect these in next sqlite3_prepare() */ +#endif + FuncDefHash aFunc; /* Hash table of connection functions */ + Hash aCollSeq; /* All collating sequences */ + BusyHandler busyHandler; /* Busy callback */ + int busyTimeout; /* Busy handler timeout, in msec */ + Db aDbStatic[2]; /* Static space for the 2 default backends */ + Savepoint *pSavepoint; /* List of active savepoints */ + int nSavepoint; /* Number of non-transaction savepoints */ + int nStatement; /* Number of nested statement-transactions */ + u8 isTransactionSavepoint; /* True if the outermost savepoint is a TS */ + i64 nDeferredCons; /* Net deferred constraints this transaction. */ + +#ifdef SQLITE_ENABLE_UNLOCK_NOTIFY + /* The following variables are all protected by the STATIC_MASTER + ** mutex, not by sqlite3.mutex. They are used by code in notify.c. + ** + ** When X.pUnlockConnection==Y, that means that X is waiting for Y to + ** unlock so that it can proceed. + ** + ** When X.pBlockingConnection==Y, that means that something that X tried + ** tried to do recently failed with an SQLITE_LOCKED error due to locks + ** held by Y. + */ + sqlite3 *pBlockingConnection; /* Connection that caused SQLITE_LOCKED */ + sqlite3 *pUnlockConnection; /* Connection to watch for unlock */ + void *pUnlockArg; /* Argument to xUnlockNotify */ + void (*xUnlockNotify)(void **, int); /* Unlock notify callback */ + sqlite3 *pNextBlocked; /* Next in list of all blocked connections */ +#endif +}; + +/* +** A macro to discover the encoding of a database. +*/ +#define ENC(db) ((db)->aDb[0].pSchema->enc) + +/* +** Possible values for the sqlite3.flags. +*/ +#define SQLITE_VdbeTrace 0x00000100 /* True to trace VDBE execution */ +#define SQLITE_InternChanges 0x00000200 /* Uncommitted Hash table changes */ +#define SQLITE_FullColNames 0x00000400 /* Show full column names on SELECT */ +#define SQLITE_ShortColNames 0x00000800 /* Show short columns names */ +#define SQLITE_CountRows 0x00001000 /* Count rows changed by INSERT, */ + /* DELETE, or UPDATE and return */ + /* the count using a callback. */ +#define SQLITE_NullCallback 0x00002000 /* Invoke the callback once if the */ + /* result set is empty */ +#define SQLITE_SqlTrace 0x00004000 /* Debug print SQL as it executes */ +#define SQLITE_VdbeListing 0x00008000 /* Debug listings of VDBE programs */ +#define SQLITE_WriteSchema 0x00010000 /* OK to update SQLITE_MASTER */ +#define SQLITE_NoReadlock 0x00020000 /* Readlocks are omitted when + ** accessing read-only databases */ +#define SQLITE_IgnoreChecks 0x00040000 /* Do not enforce check constraints */ +#define SQLITE_ReadUncommitted 0x0080000 /* For shared-cache mode */ +#define SQLITE_LegacyFileFmt 0x00100000 /* Create new databases in format 1 */ +#define SQLITE_FullFSync 0x00200000 /* Use full fsync on the backend */ +#define SQLITE_LoadExtension 0x00400000 /* Enable load_extension */ +#define SQLITE_RecoveryMode 0x00800000 /* Ignore schema errors */ +#define SQLITE_ReverseOrder 0x01000000 /* Reverse unordered SELECTs */ +#define SQLITE_RecTriggers 0x02000000 /* Enable recursive triggers */ +#define SQLITE_ForeignKeys 0x04000000 /* Enforce foreign key constraints */ + +/* +** Bits of the sqlite3.flags field that are used by the +** sqlite3_test_control(SQLITE_TESTCTRL_OPTIMIZATIONS,...) interface. +** These must be the low-order bits of the flags field. +*/ +#define SQLITE_QueryFlattener 0x01 /* Disable query flattening */ +#define SQLITE_ColumnCache 0x02 /* Disable the column cache */ +#define SQLITE_IndexSort 0x04 /* Disable indexes for sorting */ +#define SQLITE_IndexSearch 0x08 /* Disable indexes for searching */ +#define SQLITE_IndexCover 0x10 /* Disable index covering table */ +#define SQLITE_OptMask 0x1f /* Mask of all disablable opts */ + +/* +** Possible values for the sqlite.magic field. +** The numbers are obtained at random and have no special meaning, other +** than being distinct from one another. +*/ +#define SQLITE_MAGIC_OPEN 0xa029a697 /* Database is open */ +#define SQLITE_MAGIC_CLOSED 0x9f3c2d33 /* Database is closed */ +#define SQLITE_MAGIC_SICK 0x4b771290 /* Error and awaiting close */ +#define SQLITE_MAGIC_BUSY 0xf03b7906 /* Database currently in use */ +#define SQLITE_MAGIC_ERROR 0xb5357930 /* An SQLITE_MISUSE error occurred */ + +/* +** Each SQL function is defined by an instance of the following +** structure. A pointer to this structure is stored in the sqlite.aFunc +** hash table. When multiple functions have the same name, the hash table +** points to a linked list of these structures. +*/ +struct FuncDef { + i16 nArg; /* Number of arguments. -1 means unlimited */ + u8 iPrefEnc; /* Preferred text encoding (SQLITE_UTF8, 16LE, 16BE) */ + u8 flags; /* Some combination of SQLITE_FUNC_* */ + void *pUserData; /* User data parameter */ + FuncDef *pNext; /* Next function with same name */ + void (*xFunc)(sqlite3_context*,int,sqlite3_value**); /* Regular function */ + void (*xStep)(sqlite3_context*,int,sqlite3_value**); /* Aggregate step */ + void (*xFinalize)(sqlite3_context*); /* Aggregate finalizer */ + char *zName; /* SQL name of the function. */ + FuncDef *pHash; /* Next with a different name but the same hash */ +}; + +/* +** Possible values for FuncDef.flags +*/ +#define SQLITE_FUNC_LIKE 0x01 /* Candidate for the LIKE optimization */ +#define SQLITE_FUNC_CASE 0x02 /* Case-sensitive LIKE-type function */ +#define SQLITE_FUNC_EPHEM 0x04 /* Ephemeral. Delete with VDBE */ +#define SQLITE_FUNC_NEEDCOLL 0x08 /* sqlite3GetFuncCollSeq() might be called */ +#define SQLITE_FUNC_PRIVATE 0x10 /* Allowed for internal use only */ +#define SQLITE_FUNC_COUNT 0x20 /* Built-in count(*) aggregate */ +#define SQLITE_FUNC_COALESCE 0x40 /* Built-in coalesce() or ifnull() function */ + +/* +** The following three macros, FUNCTION(), LIKEFUNC() and AGGREGATE() are +** used to create the initializers for the FuncDef structures. +** +** FUNCTION(zName, nArg, iArg, bNC, xFunc) +** Used to create a scalar function definition of a function zName +** implemented by C function xFunc that accepts nArg arguments. The +** value passed as iArg is cast to a (void*) and made available +** as the user-data (sqlite3_user_data()) for the function. If +** argument bNC is true, then the SQLITE_FUNC_NEEDCOLL flag is set. +** +** AGGREGATE(zName, nArg, iArg, bNC, xStep, xFinal) +** Used to create an aggregate function definition implemented by +** the C functions xStep and xFinal. The first four parameters +** are interpreted in the same way as the first 4 parameters to +** FUNCTION(). +** +** LIKEFUNC(zName, nArg, pArg, flags) +** Used to create a scalar function definition of a function zName +** that accepts nArg arguments and is implemented by a call to C +** function likeFunc. Argument pArg is cast to a (void *) and made +** available as the function user-data (sqlite3_user_data()). The +** FuncDef.flags variable is set to the value passed as the flags +** parameter. +*/ +#define FUNCTION(zName, nArg, iArg, bNC, xFunc) \ + {nArg, SQLITE_UTF8, bNC*SQLITE_FUNC_NEEDCOLL, \ + SQLITE_INT_TO_PTR(iArg), 0, xFunc, 0, 0, #zName, 0} +#define STR_FUNCTION(zName, nArg, pArg, bNC, xFunc) \ + {nArg, SQLITE_UTF8, bNC*SQLITE_FUNC_NEEDCOLL, \ + pArg, 0, xFunc, 0, 0, #zName, 0} +#define LIKEFUNC(zName, nArg, arg, flags) \ + {nArg, SQLITE_UTF8, flags, (void *)arg, 0, likeFunc, 0, 0, #zName, 0} +#define AGGREGATE(zName, nArg, arg, nc, xStep, xFinal) \ + {nArg, SQLITE_UTF8, nc*SQLITE_FUNC_NEEDCOLL, \ + SQLITE_INT_TO_PTR(arg), 0, 0, xStep,xFinal,#zName,0} + +/* +** All current savepoints are stored in a linked list starting at +** sqlite3.pSavepoint. The first element in the list is the most recently +** opened savepoint. Savepoints are added to the list by the vdbe +** OP_Savepoint instruction. +*/ +struct Savepoint { + char *zName; /* Savepoint name (nul-terminated) */ + i64 nDeferredCons; /* Number of deferred fk violations */ + Savepoint *pNext; /* Parent savepoint (if any) */ +}; + +/* +** The following are used as the second parameter to sqlite3Savepoint(), +** and as the P1 argument to the OP_Savepoint instruction. +*/ +#define SAVEPOINT_BEGIN 0 +#define SAVEPOINT_RELEASE 1 +#define SAVEPOINT_ROLLBACK 2 + + +/* +** Each SQLite module (virtual table definition) is defined by an +** instance of the following structure, stored in the sqlite3.aModule +** hash table. +*/ +struct Module { + const sqlite3_module *pModule; /* Callback pointers */ + const char *zName; /* Name passed to create_module() */ + void *pAux; /* pAux passed to create_module() */ + void (*xDestroy)(void *); /* Module destructor function */ +}; + +/* +** information about each column of an SQL table is held in an instance +** of this structure. +*/ +struct Column { + char *zName; /* Name of this column */ + Expr *pDflt; /* Default value of this column */ + char *zDflt; /* Original text of the default value */ + char *zType; /* Data type for this column */ + char *zColl; /* Collating sequence. If NULL, use the default */ + u8 notNull; /* True if there is a NOT NULL constraint */ + u8 isPrimKey; /* True if this column is part of the PRIMARY KEY */ + char affinity; /* One of the SQLITE_AFF_... values */ +#ifndef SQLITE_OMIT_VIRTUALTABLE + u8 isHidden; /* True if this column is 'hidden' */ +#endif +}; + +/* +** A "Collating Sequence" is defined by an instance of the following +** structure. Conceptually, a collating sequence consists of a name and +** a comparison routine that defines the order of that sequence. +** +** There may two separate implementations of the collation function, one +** that processes text in UTF-8 encoding (CollSeq.xCmp) and another that +** processes text encoded in UTF-16 (CollSeq.xCmp16), using the machine +** native byte order. When a collation sequence is invoked, SQLite selects +** the version that will require the least expensive encoding +** translations, if any. +** +** The CollSeq.pUser member variable is an extra parameter that passed in +** as the first argument to the UTF-8 comparison function, xCmp. +** CollSeq.pUser16 is the equivalent for the UTF-16 comparison function, +** xCmp16. +** +** If both CollSeq.xCmp and CollSeq.xCmp16 are NULL, it means that the +** collating sequence is undefined. Indices built on an undefined +** collating sequence may not be read or written. +*/ +struct CollSeq { + char *zName; /* Name of the collating sequence, UTF-8 encoded */ + u8 enc; /* Text encoding handled by xCmp() */ + u8 type; /* One of the SQLITE_COLL_... values below */ + void *pUser; /* First argument to xCmp() */ + int (*xCmp)(void*,int, const void*, int, const void*); + void (*xDel)(void*); /* Destructor for pUser */ +}; + +/* +** Allowed values of CollSeq.type: +*/ +#define SQLITE_COLL_BINARY 1 /* The default memcmp() collating sequence */ +#define SQLITE_COLL_NOCASE 2 /* The built-in NOCASE collating sequence */ +#define SQLITE_COLL_REVERSE 3 /* The built-in REVERSE collating sequence */ +#define SQLITE_COLL_USER 0 /* Any other user-defined collating sequence */ + +/* +** A sort order can be either ASC or DESC. +*/ +#define SQLITE_SO_ASC 0 /* Sort in ascending order */ +#define SQLITE_SO_DESC 1 /* Sort in ascending order */ + +/* +** Column affinity types. +** +** These used to have mnemonic name like 'i' for SQLITE_AFF_INTEGER and +** 't' for SQLITE_AFF_TEXT. But we can save a little space and improve +** the speed a little by numbering the values consecutively. +** +** But rather than start with 0 or 1, we begin with 'a'. That way, +** when multiple affinity types are concatenated into a string and +** used as the P4 operand, they will be more readable. +** +** Note also that the numeric types are grouped together so that testing +** for a numeric type is a single comparison. +*/ +#define SQLITE_AFF_TEXT 'a' +#define SQLITE_AFF_NONE 'b' +#define SQLITE_AFF_NUMERIC 'c' +#define SQLITE_AFF_INTEGER 'd' +#define SQLITE_AFF_REAL 'e' + +#define sqlite3IsNumericAffinity(X) ((X)>=SQLITE_AFF_NUMERIC) + +/* +** The SQLITE_AFF_MASK values masks off the significant bits of an +** affinity value. +*/ +#define SQLITE_AFF_MASK 0x67 + +/* +** Additional bit values that can be ORed with an affinity without +** changing the affinity. +*/ +#define SQLITE_JUMPIFNULL 0x08 /* jumps if either operand is NULL */ +#define SQLITE_STOREP2 0x10 /* Store result in reg[P2] rather than jump */ +#define SQLITE_NULLEQ 0x80 /* NULL=NULL */ + +/* +** An object of this type is created for each virtual table present in +** the database schema. +** +** If the database schema is shared, then there is one instance of this +** structure for each database connection (sqlite3*) that uses the shared +** schema. This is because each database connection requires its own unique +** instance of the sqlite3_vtab* handle used to access the virtual table +** implementation. sqlite3_vtab* handles can not be shared between +** database connections, even when the rest of the in-memory database +** schema is shared, as the implementation often stores the database +** connection handle passed to it via the xConnect() or xCreate() method +** during initialization internally. This database connection handle may +** then used by the virtual table implementation to access real tables +** within the database. So that they appear as part of the callers +** transaction, these accesses need to be made via the same database +** connection as that used to execute SQL operations on the virtual table. +** +** All VTable objects that correspond to a single table in a shared +** database schema are initially stored in a linked-list pointed to by +** the Table.pVTable member variable of the corresponding Table object. +** When an sqlite3_prepare() operation is required to access the virtual +** table, it searches the list for the VTable that corresponds to the +** database connection doing the preparing so as to use the correct +** sqlite3_vtab* handle in the compiled query. +** +** When an in-memory Table object is deleted (for example when the +** schema is being reloaded for some reason), the VTable objects are not +** deleted and the sqlite3_vtab* handles are not xDisconnect()ed +** immediately. Instead, they are moved from the Table.pVTable list to +** another linked list headed by the sqlite3.pDisconnect member of the +** corresponding sqlite3 structure. They are then deleted/xDisconnected +** next time a statement is prepared using said sqlite3*. This is done +** to avoid deadlock issues involving multiple sqlite3.mutex mutexes. +** Refer to comments above function sqlite3VtabUnlockList() for an +** explanation as to why it is safe to add an entry to an sqlite3.pDisconnect +** list without holding the corresponding sqlite3.mutex mutex. +** +** The memory for objects of this type is always allocated by +** sqlite3DbMalloc(), using the connection handle stored in VTable.db as +** the first argument. +*/ +struct VTable { + sqlite3 *db; /* Database connection associated with this table */ + Module *pMod; /* Pointer to module implementation */ + sqlite3_vtab *pVtab; /* Pointer to vtab instance */ + int nRef; /* Number of pointers to this structure */ + VTable *pNext; /* Next in linked list (see above) */ +}; + +/* +** Each SQL table is represented in memory by an instance of the +** following structure. +** +** Table.zName is the name of the table. The case of the original +** CREATE TABLE statement is stored, but case is not significant for +** comparisons. +** +** Table.nCol is the number of columns in this table. Table.aCol is a +** pointer to an array of Column structures, one for each column. +** +** If the table has an INTEGER PRIMARY KEY, then Table.iPKey is the index of +** the column that is that key. Otherwise Table.iPKey is negative. Note +** that the datatype of the PRIMARY KEY must be INTEGER for this field to +** be set. An INTEGER PRIMARY KEY is used as the rowid for each row of +** the table. If a table has no INTEGER PRIMARY KEY, then a random rowid +** is generated for each row of the table. TF_HasPrimaryKey is set if +** the table has any PRIMARY KEY, INTEGER or otherwise. +** +** Table.tnum is the page number for the root BTree page of the table in the +** database file. If Table.iDb is the index of the database table backend +** in sqlite.aDb[]. 0 is for the main database and 1 is for the file that +** holds temporary tables and indices. If TF_Ephemeral is set +** then the table is stored in a file that is automatically deleted +** when the VDBE cursor to the table is closed. In this case Table.tnum +** refers VDBE cursor number that holds the table open, not to the root +** page number. Transient tables are used to hold the results of a +** sub-query that appears instead of a real table name in the FROM clause +** of a SELECT statement. +*/ +struct Table { + sqlite3 *dbMem; /* DB connection used for lookaside allocations. */ + char *zName; /* Name of the table or view */ + int iPKey; /* If not negative, use aCol[iPKey] as the primary key */ + int nCol; /* Number of columns in this table */ + Column *aCol; /* Information about each column */ + Index *pIndex; /* List of SQL indexes on this table. */ + int tnum; /* Root BTree node for this table (see note above) */ + Select *pSelect; /* NULL for tables. Points to definition if a view. */ + u16 nRef; /* Number of pointers to this Table */ + u8 tabFlags; /* Mask of TF_* values */ + u8 keyConf; /* What to do in case of uniqueness conflict on iPKey */ + FKey *pFKey; /* Linked list of all foreign keys in this table */ + char *zColAff; /* String defining the affinity of each column */ +#ifndef SQLITE_OMIT_CHECK + Expr *pCheck; /* The AND of all CHECK constraints */ +#endif +#ifndef SQLITE_OMIT_ALTERTABLE + int addColOffset; /* Offset in CREATE TABLE stmt to add a new column */ +#endif +#ifndef SQLITE_OMIT_VIRTUALTABLE + VTable *pVTable; /* List of VTable objects. */ + int nModuleArg; /* Number of arguments to the module */ + char **azModuleArg; /* Text of all module args. [0] is module name */ +#endif + Trigger *pTrigger; /* List of triggers stored in pSchema */ + Schema *pSchema; /* Schema that contains this table */ + Table *pNextZombie; /* Next on the Parse.pZombieTab list */ +}; + +/* +** Allowed values for Tabe.tabFlags. +*/ +#define TF_Readonly 0x01 /* Read-only system table */ +#define TF_Ephemeral 0x02 /* An ephemeral table */ +#define TF_HasPrimaryKey 0x04 /* Table has a primary key */ +#define TF_Autoincrement 0x08 /* Integer primary key is autoincrement */ +#define TF_Virtual 0x10 /* Is a virtual table */ +#define TF_NeedMetadata 0x20 /* aCol[].zType and aCol[].pColl missing */ + + + +/* +** Test to see whether or not a table is a virtual table. This is +** done as a macro so that it will be optimized out when virtual +** table support is omitted from the build. +*/ +#ifndef SQLITE_OMIT_VIRTUALTABLE +# define IsVirtual(X) (((X)->tabFlags & TF_Virtual)!=0) +# define IsHiddenColumn(X) ((X)->isHidden) +#else +# define IsVirtual(X) 0 +# define IsHiddenColumn(X) 0 +#endif + +/* +** Each foreign key constraint is an instance of the following structure. +** +** A foreign key is associated with two tables. The "from" table is +** the table that contains the REFERENCES clause that creates the foreign +** key. The "to" table is the table that is named in the REFERENCES clause. +** Consider this example: +** +** CREATE TABLE ex1( +** a INTEGER PRIMARY KEY, +** b INTEGER CONSTRAINT fk1 REFERENCES ex2(x) +** ); +** +** For foreign key "fk1", the from-table is "ex1" and the to-table is "ex2". +** +** Each REFERENCES clause generates an instance of the following structure +** which is attached to the from-table. The to-table need not exist when +** the from-table is created. The existence of the to-table is not checked. +*/ +struct FKey { + Table *pFrom; /* Table containing the REFERENCES clause (aka: Child) */ + FKey *pNextFrom; /* Next foreign key in pFrom */ + char *zTo; /* Name of table that the key points to (aka: Parent) */ + FKey *pNextTo; /* Next foreign key on table named zTo */ + FKey *pPrevTo; /* Previous foreign key on table named zTo */ + int nCol; /* Number of columns in this key */ + /* EV: R-30323-21917 */ + u8 isDeferred; /* True if constraint checking is deferred till COMMIT */ + u8 aAction[2]; /* ON DELETE and ON UPDATE actions, respectively */ + Trigger *apTrigger[2]; /* Triggers for aAction[] actions */ + struct sColMap { /* Mapping of columns in pFrom to columns in zTo */ + int iFrom; /* Index of column in pFrom */ + char *zCol; /* Name of column in zTo. If 0 use PRIMARY KEY */ + } aCol[1]; /* One entry for each of nCol column s */ +}; + +/* +** SQLite supports many different ways to resolve a constraint +** error. ROLLBACK processing means that a constraint violation +** causes the operation in process to fail and for the current transaction +** to be rolled back. ABORT processing means the operation in process +** fails and any prior changes from that one operation are backed out, +** but the transaction is not rolled back. FAIL processing means that +** the operation in progress stops and returns an error code. But prior +** changes due to the same operation are not backed out and no rollback +** occurs. IGNORE means that the particular row that caused the constraint +** error is not inserted or updated. Processing continues and no error +** is returned. REPLACE means that preexisting database rows that caused +** a UNIQUE constraint violation are removed so that the new insert or +** update can proceed. Processing continues and no error is reported. +** +** RESTRICT, SETNULL, and CASCADE actions apply only to foreign keys. +** RESTRICT is the same as ABORT for IMMEDIATE foreign keys and the +** same as ROLLBACK for DEFERRED keys. SETNULL means that the foreign +** key is set to NULL. CASCADE means that a DELETE or UPDATE of the +** referenced table row is propagated into the row that holds the +** foreign key. +** +** The following symbolic values are used to record which type +** of action to take. +*/ +#define OE_None 0 /* There is no constraint to check */ +#define OE_Rollback 1 /* Fail the operation and rollback the transaction */ +#define OE_Abort 2 /* Back out changes but do no rollback transaction */ +#define OE_Fail 3 /* Stop the operation but leave all prior changes */ +#define OE_Ignore 4 /* Ignore the error. Do not do the INSERT or UPDATE */ +#define OE_Replace 5 /* Delete existing record, then do INSERT or UPDATE */ + +#define OE_Restrict 6 /* OE_Abort for IMMEDIATE, OE_Rollback for DEFERRED */ +#define OE_SetNull 7 /* Set the foreign key value to NULL */ +#define OE_SetDflt 8 /* Set the foreign key value to its default */ +#define OE_Cascade 9 /* Cascade the changes */ + +#define OE_Default 99 /* Do whatever the default action is */ + + +/* +** An instance of the following structure is passed as the first +** argument to sqlite3VdbeKeyCompare and is used to control the +** comparison of the two index keys. +*/ +struct KeyInfo { + sqlite3 *db; /* The database connection */ + u8 enc; /* Text encoding - one of the TEXT_Utf* values */ + u16 nField; /* Number of entries in aColl[] */ + u8 *aSortOrder; /* If defined an aSortOrder[i] is true, sort DESC */ + CollSeq *aColl[1]; /* Collating sequence for each term of the key */ +}; + +/* +** An instance of the following structure holds information about a +** single index record that has already been parsed out into individual +** values. +** +** A record is an object that contains one or more fields of data. +** Records are used to store the content of a table row and to store +** the key of an index. A blob encoding of a record is created by +** the OP_MakeRecord opcode of the VDBE and is disassembled by the +** OP_Column opcode. +** +** This structure holds a record that has already been disassembled +** into its constituent fields. +*/ +struct UnpackedRecord { + KeyInfo *pKeyInfo; /* Collation and sort-order information */ + u16 nField; /* Number of entries in apMem[] */ + u16 flags; /* Boolean settings. UNPACKED_... below */ + i64 rowid; /* Used by UNPACKED_PREFIX_SEARCH */ + Mem *aMem; /* Values */ +}; + +/* +** Allowed values of UnpackedRecord.flags +*/ +#define UNPACKED_NEED_FREE 0x0001 /* Memory is from sqlite3Malloc() */ +#define UNPACKED_NEED_DESTROY 0x0002 /* apMem[]s should all be destroyed */ +#define UNPACKED_IGNORE_ROWID 0x0004 /* Ignore trailing rowid on key1 */ +#define UNPACKED_INCRKEY 0x0008 /* Make this key an epsilon larger */ +#define UNPACKED_PREFIX_MATCH 0x0010 /* A prefix match is considered OK */ +#define UNPACKED_PREFIX_SEARCH 0x0020 /* A prefix match is considered OK */ + +/* +** Each SQL index is represented in memory by an +** instance of the following structure. +** +** The columns of the table that are to be indexed are described +** by the aiColumn[] field of this structure. For example, suppose +** we have the following table and index: +** +** CREATE TABLE Ex1(c1 int, c2 int, c3 text); +** CREATE INDEX Ex2 ON Ex1(c3,c1); +** +** In the Table structure describing Ex1, nCol==3 because there are +** three columns in the table. In the Index structure describing +** Ex2, nColumn==2 since 2 of the 3 columns of Ex1 are indexed. +** The value of aiColumn is {2, 0}. aiColumn[0]==2 because the +** first column to be indexed (c3) has an index of 2 in Ex1.aCol[]. +** The second column to be indexed (c1) has an index of 0 in +** Ex1.aCol[], hence Ex2.aiColumn[1]==0. +** +** The Index.onError field determines whether or not the indexed columns +** must be unique and what to do if they are not. When Index.onError=OE_None, +** it means this is not a unique index. Otherwise it is a unique index +** and the value of Index.onError indicate the which conflict resolution +** algorithm to employ whenever an attempt is made to insert a non-unique +** element. +*/ +struct Index { + char *zName; /* Name of this index */ + int nColumn; /* Number of columns in the table used by this index */ + int *aiColumn; /* Which columns are used by this index. 1st is 0 */ + unsigned *aiRowEst; /* Result of ANALYZE: Est. rows selected by each column */ + Table *pTable; /* The SQL table being indexed */ + int tnum; /* Page containing root of this index in database file */ + u8 onError; /* OE_Abort, OE_Ignore, OE_Replace, or OE_None */ + u8 autoIndex; /* True if is automatically created (ex: by UNIQUE) */ + char *zColAff; /* String defining the affinity of each column */ + Index *pNext; /* The next index associated with the same table */ + Schema *pSchema; /* Schema containing this index */ + u8 *aSortOrder; /* Array of size Index.nColumn. True==DESC, False==ASC */ + char **azColl; /* Array of collation sequence names for index */ + IndexSample *aSample; /* Array of SQLITE_INDEX_SAMPLES samples */ +}; + +/* +** Each sample stored in the sqlite_stat2 table is represented in memory +** using a structure of this type. +*/ +struct IndexSample { + union { + char *z; /* Value if eType is SQLITE_TEXT or SQLITE_BLOB */ + double r; /* Value if eType is SQLITE_FLOAT or SQLITE_INTEGER */ + } u; + u8 eType; /* SQLITE_NULL, SQLITE_INTEGER ... etc. */ + u8 nByte; /* Size in byte of text or blob. */ +}; + +/* +** Each token coming out of the lexer is an instance of +** this structure. Tokens are also used as part of an expression. +** +** Note if Token.z==0 then Token.dyn and Token.n are undefined and +** may contain random values. Do not make any assumptions about Token.dyn +** and Token.n when Token.z==0. +*/ +struct Token { + const char *z; /* Text of the token. Not NULL-terminated! */ + unsigned int n; /* Number of characters in this token */ +}; + +/* +** An instance of this structure contains information needed to generate +** code for a SELECT that contains aggregate functions. +** +** If Expr.op==TK_AGG_COLUMN or TK_AGG_FUNCTION then Expr.pAggInfo is a +** pointer to this structure. The Expr.iColumn field is the index in +** AggInfo.aCol[] or AggInfo.aFunc[] of information needed to generate +** code for that node. +** +** AggInfo.pGroupBy and AggInfo.aFunc.pExpr point to fields within the +** original Select structure that describes the SELECT statement. These +** fields do not need to be freed when deallocating the AggInfo structure. +*/ +struct AggInfo { + u8 directMode; /* Direct rendering mode means take data directly + ** from source tables rather than from accumulators */ + u8 useSortingIdx; /* In direct mode, reference the sorting index rather + ** than the source table */ + int sortingIdx; /* Cursor number of the sorting index */ + ExprList *pGroupBy; /* The group by clause */ + int nSortingColumn; /* Number of columns in the sorting index */ + struct AggInfo_col { /* For each column used in source tables */ + Table *pTab; /* Source table */ + int iTable; /* Cursor number of the source table */ + int iColumn; /* Column number within the source table */ + int iSorterColumn; /* Column number in the sorting index */ + int iMem; /* Memory location that acts as accumulator */ + Expr *pExpr; /* The original expression */ + } *aCol; + int nColumn; /* Number of used entries in aCol[] */ + int nColumnAlloc; /* Number of slots allocated for aCol[] */ + int nAccumulator; /* Number of columns that show through to the output. + ** Additional columns are used only as parameters to + ** aggregate functions */ + struct AggInfo_func { /* For each aggregate function */ + Expr *pExpr; /* Expression encoding the function */ + FuncDef *pFunc; /* The aggregate function implementation */ + int iMem; /* Memory location that acts as accumulator */ + int iDistinct; /* Ephemeral table used to enforce DISTINCT */ + } *aFunc; + int nFunc; /* Number of entries in aFunc[] */ + int nFuncAlloc; /* Number of slots allocated for aFunc[] */ +}; + +/* +** The datatype ynVar is a signed integer, either 16-bit or 32-bit. +** Usually it is 16-bits. But if SQLITE_MAX_VARIABLE_NUMBER is greater +** than 32767 we have to make it 32-bit. 16-bit is preferred because +** it uses less memory in the Expr object, which is a big memory user +** in systems with lots of prepared statements. And few applications +** need more than about 10 or 20 variables. But some extreme users want +** to have prepared statements with over 32767 variables, and for them +** the option is available (at compile-time). +*/ +#if SQLITE_MAX_VARIABLE_NUMBER<=32767 +typedef i16 ynVar; +#else +typedef int ynVar; +#endif + +/* +** Each node of an expression in the parse tree is an instance +** of this structure. +** +** Expr.op is the opcode. The integer parser token codes are reused +** as opcodes here. For example, the parser defines TK_GE to be an integer +** code representing the ">=" operator. This same integer code is reused +** to represent the greater-than-or-equal-to operator in the expression +** tree. +** +** If the expression is an SQL literal (TK_INTEGER, TK_FLOAT, TK_BLOB, +** or TK_STRING), then Expr.token contains the text of the SQL literal. If +** the expression is a variable (TK_VARIABLE), then Expr.token contains the +** variable name. Finally, if the expression is an SQL function (TK_FUNCTION), +** then Expr.token contains the name of the function. +** +** Expr.pRight and Expr.pLeft are the left and right subexpressions of a +** binary operator. Either or both may be NULL. +** +** Expr.x.pList is a list of arguments if the expression is an SQL function, +** a CASE expression or an IN expression of the form " IN (, ...)". +** Expr.x.pSelect is used if the expression is a sub-select or an expression of +** the form " IN (SELECT ...)". If the EP_xIsSelect bit is set in the +** Expr.flags mask, then Expr.x.pSelect is valid. Otherwise, Expr.x.pList is +** valid. +** +** An expression of the form ID or ID.ID refers to a column in a table. +** For such expressions, Expr.op is set to TK_COLUMN and Expr.iTable is +** the integer cursor number of a VDBE cursor pointing to that table and +** Expr.iColumn is the column number for the specific column. If the +** expression is used as a result in an aggregate SELECT, then the +** value is also stored in the Expr.iAgg column in the aggregate so that +** it can be accessed after all aggregates are computed. +** +** If the expression is an unbound variable marker (a question mark +** character '?' in the original SQL) then the Expr.iTable holds the index +** number for that variable. +** +** If the expression is a subquery then Expr.iColumn holds an integer +** register number containing the result of the subquery. If the +** subquery gives a constant result, then iTable is -1. If the subquery +** gives a different answer at different times during statement processing +** then iTable is the address of a subroutine that computes the subquery. +** +** If the Expr is of type OP_Column, and the table it is selecting from +** is a disk table or the "old.*" pseudo-table, then pTab points to the +** corresponding table definition. +** +** ALLOCATION NOTES: +** +** Expr objects can use a lot of memory space in database schema. To +** help reduce memory requirements, sometimes an Expr object will be +** truncated. And to reduce the number of memory allocations, sometimes +** two or more Expr objects will be stored in a single memory allocation, +** together with Expr.zToken strings. +** +** If the EP_Reduced and EP_TokenOnly flags are set when +** an Expr object is truncated. When EP_Reduced is set, then all +** the child Expr objects in the Expr.pLeft and Expr.pRight subtrees +** are contained within the same memory allocation. Note, however, that +** the subtrees in Expr.x.pList or Expr.x.pSelect are always separately +** allocated, regardless of whether or not EP_Reduced is set. +*/ +struct Expr { + u8 op; /* Operation performed by this node */ + char affinity; /* The affinity of the column or 0 if not a column */ + u16 flags; /* Various flags. EP_* See below */ + union { + char *zToken; /* Token value. Zero terminated and dequoted */ + int iValue; /* Integer value if EP_IntValue */ + } u; + + /* If the EP_TokenOnly flag is set in the Expr.flags mask, then no + ** space is allocated for the fields below this point. An attempt to + ** access them will result in a segfault or malfunction. + *********************************************************************/ + + Expr *pLeft; /* Left subnode */ + Expr *pRight; /* Right subnode */ + union { + ExprList *pList; /* Function arguments or in " IN ( IN (